update to 2.1.26

cyrus-sasl-2.1.23-null-crypt.patch

@@ -1,86 +0,0 @@
-diff -Naur cyrus-sasl-2.1.23-orig/pwcheck/pwcheck_getpwnam.c cyrus-sasl-2.1.23/pwcheck/pwcheck_getpwnam.c
---- cyrus-sasl-2.1.23-orig/pwcheck/pwcheck_getpwnam.c	1999-08-26 12:22:43.000000000 -0400
-+++ cyrus-sasl-2.1.23/pwcheck/pwcheck_getpwnam.c	2012-04-25 10:16:04.240783975 -0400
-@@ -31,7 +31,7 @@
- char *userid;
- char *password;
- {
--    char* r;
-+    char* r, *cryptbuf;
-     struct passwd *pwd;
- 
-     pwd = getpwnam(userid);
-@@ -41,11 +41,13 @@
-     else if (pwd->pw_passwd[0] == '*') {
- 	r = "Account disabled";
-     }
--    else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) {
--	r = "Incorrect password";
--    }
-     else {
--	r = "OK";
-+	cryptbuf = crypt(password, pwd->pw_passwd);
-+	if((cryptbuf == NULL) || (strcmp(pwd->pw_passwd, cryptbuf) != 0)) {
-+	   r = "Incorrect password";
-+	} else {
-+	   r = "OK";
-+	}
-     }
- 
-     endpwent();
-diff -Naur cyrus-sasl-2.1.23-orig/saslauthd/auth_getpwent.c cyrus-sasl-2.1.23/saslauthd/auth_getpwent.c
---- cyrus-sasl-2.1.23-orig/saslauthd/auth_getpwent.c	2009-04-28 11:09:18.000000000 -0400
-+++ cyrus-sasl-2.1.23/saslauthd/auth_getpwent.c	2012-04-25 10:06:01.329748386 -0400
-@@ -70,6 +70,7 @@
- {
-     /* VARIABLES */
-     struct passwd *pw;			/* pointer to passwd file entry */
-+    char *cryptbuf;
-     /* END VARIABLES */
-   
-     pw = getpwnam(login);
-@@ -79,7 +80,8 @@
- 	RETURN("NO");
-     }
- 
--    if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) {
-+    cryptbuf = crypt(password, pw->pw_passwd);
-+    if( (cryptbuf == NULL) || strcmp(pw->pw_passwd, cryptbuf)) {
- 	RETURN("NO");
-     }
- 
-diff -Naur cyrus-sasl-2.1.23-orig/saslauthd/auth_shadow.c cyrus-sasl-2.1.23/saslauthd/auth_shadow.c
---- cyrus-sasl-2.1.23-orig/saslauthd/auth_shadow.c	2012-04-25 10:02:23.777487508 -0400
-+++ cyrus-sasl-2.1.23/saslauthd/auth_shadow.c	2012-04-25 10:12:53.727866162 -0400
-@@ -184,16 +184,16 @@
-      * not returning any information about a login until we have validated
-      * the password.
-      */
--    cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
-+    cpw = crypt(password, sp->sp_pwdp);
-+    if(cpw == NULL)
-+	RETURN("NO");
-     if (strcmp(sp->sp_pwdp, cpw)) {
- 	if (flags & VERBOSE) {
- 	    syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'",
- 		   sp->sp_pwdp, cpw);
- 	}
--	free(cpw);
- 	RETURN("NO");
-     }
--    free(cpw);
- 
-     /*
-      * The following fields will be set to -1 if:
-@@ -254,8 +254,9 @@
- 	}
- 	RETURN("NO");
-     }
--  
--    if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) {
-+
-+    cpw =  crypt(password, upw->upw_passwd);
-+    if((cpw == NULL) || (strcmp(upw->upw_passwd, cpw) != 0)) {
- 	if (flags & VERBOSE) {
- 	    syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s",
- 		   password, upw->upw_passwd);

cyrus-sasl-2.1.25-release-server_creds.patch

@@ -1,15 +0,0 @@
-diff -up cyrus-sasl-2.1.25/plugins/gssapi.c.release-server_creds cyrus-sasl-2.1.25/plugins/gssapi.c
---- cyrus-sasl-2.1.25/plugins/gssapi.c.release-server_creds	2012-12-07 12:57:14.000000000 +0100
-+++ cyrus-sasl-2.1.25/plugins/gssapi.c	2012-12-07 12:58:11.122533870 +0100
-@@ -829,6 +829,11 @@ gssapi_server_mech_step(void *conn_conte
- 	}
- 
- 	if (maj_stat == GSS_S_COMPLETE) {
-+	    /* Release server creds which are no longer needed */
-+            if ( text->server_creds != GSS_C_NO_CREDENTIAL) {
-+	        maj_stat = gss_release_cred(&min_stat, &text->server_creds);
-+	        text->server_creds = GSS_C_NO_CREDENTIAL;
-+            }
- 	    /* Switch to ssf negotiation */
- 	    text->state = SASL_GSSAPI_STATE_SSFCAP;
- 

cyrus-sasl-2.1.25-warnings.patch

@@ -1,62 +0,0 @@
-diff -up cyrus-sasl-2.1.25/lib/server.c.warnings cyrus-sasl-2.1.25/lib/server.c
---- cyrus-sasl-2.1.25/lib/server.c.warnings	2011-09-02 14:58:01.000000000 +0200
-+++ cyrus-sasl-2.1.25/lib/server.c	2012-12-06 16:21:07.705102996 +0100
-@@ -646,7 +646,7 @@ static int load_config(const sasl_callba
-             goto done;
-         }
- 
--        snprintf(config_filename, len, "%.*s%c%s.conf", path_len, path_to_config, 
-+        snprintf(config_filename, len, "%.*s%c%s.conf", (int)path_len, path_to_config, 
- 	        HIER_DELIMITER, global_callbacks.appname);
- 
-         /* Ask the application if it's safe to use this file */
-diff -up cyrus-sasl-2.1.25/plugins/gssapi.c.warnings cyrus-sasl-2.1.25/plugins/gssapi.c
---- cyrus-sasl-2.1.25/plugins/gssapi.c.warnings	2011-05-11 21:25:55.000000000 +0200
-+++ cyrus-sasl-2.1.25/plugins/gssapi.c	2012-12-06 16:24:30.223307272 +0100
-@@ -196,7 +196,8 @@ sasl_gss_seterror_(const sasl_utils_t *u
-     OM_uint32 msg_ctx;
-     int ret;
-     char *out = NULL;
--    size_t len, curlen = 0;
-+    size_t len;
-+    unsigned curlen = 0;
-     const char prefix[] = "GSSAPI Error: ";
- 
-     if (!utils) return SASL_OK;
-diff -up cyrus-sasl-2.1.25/plugins/ldapdb.c.warnings cyrus-sasl-2.1.25/plugins/ldapdb.c
---- cyrus-sasl-2.1.25/plugins/ldapdb.c.warnings	2011-05-11 21:25:55.000000000 +0200
-+++ cyrus-sasl-2.1.25/plugins/ldapdb.c	2012-12-06 16:21:07.706102988 +0100
-@@ -22,6 +22,7 @@
- 
- #include "plugin_common.h"
- 
-+#define LDAP_DEPRECATED 1
- #include <ldap.h>
- 
- static char ldapdb[] = "ldapdb";
-diff -up cyrus-sasl-2.1.25/saslauthd/auth_httpform.c.warnings cyrus-sasl-2.1.25/saslauthd/auth_httpform.c
---- cyrus-sasl-2.1.25/saslauthd/auth_httpform.c.warnings	2006-04-20 16:30:14.000000000 +0200
-+++ cyrus-sasl-2.1.25/saslauthd/auth_httpform.c	2012-12-06 16:21:10.520091567 +0100
-@@ -552,7 +552,7 @@ auth_httpform (
-               "Content-Type: application/x-www-form-urlencoded" CRLF
-               "Content-Length: %d" TWO_CRLF
-               "%s",
--              r_uri, r_host, r_port, strlen(escreq), escreq);
-+              r_uri, r_host, r_port, (int)strlen(escreq), escreq);
- 
-     if (flags & VERBOSE) {
-         syslog(LOG_DEBUG, "auth_httpform: sending %s %s %s",
-diff -up cyrus-sasl-2.1.25/saslauthd/auth_shadow.c.warnings cyrus-sasl-2.1.25/saslauthd/auth_shadow.c
---- cyrus-sasl-2.1.25/saslauthd/auth_shadow.c.warnings	2009-12-03 20:07:03.000000000 +0100
-+++ cyrus-sasl-2.1.25/saslauthd/auth_shadow.c	2012-12-06 16:21:10.521091564 +0100
-@@ -68,6 +68,10 @@
- #  include <shadow.h>
- # endif /* ! HAVE_GETUSERPW */
- 
-+# ifdef HAVE_CRYPT_H
-+#  include <crypt.h>
-+# endif
-+
- # include "auth_shadow.h"
- # include "globals.h"
- /* END PUBLIC DEPENDENCIES */

cyrus-sasl-2.1.26-null-crypt.patch

@@ -0,0 +1,86 @@
+diff -up cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c.null-crypt cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c
+--- cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c.null-crypt	2012-01-28 00:31:36.000000000 +0100
++++ cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c	2012-12-20 17:00:14.614580310 +0100
+@@ -31,7 +31,7 @@ char *pwcheck(userid, password)
+ char *userid;
+ char *password;
+ {
+-    char* r;
++    char* r, *cryptbuf;
+     struct passwd *pwd;
+ 
+     pwd = getpwnam(userid);
+@@ -41,11 +41,13 @@ char *password;
+     else if (pwd->pw_passwd[0] == '*') {
+ 	r = "Account disabled";
+     }
+-    else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) {
+-	r = "Incorrect password";
+-    }
+     else {
+-	r = "OK";
++	cryptbuf = crypt(password, pwd->pw_passwd);
++	if((cryptbuf == NULL) || (strcmp(pwd->pw_passwd, cryptbuf) != 0)) {
++	   r = "Incorrect password";
++	} else {
++	   r = "OK";
++	}
+     }
+ 
+     endpwent();
+diff -up cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c.null-crypt cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c
+--- cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c.null-crypt	2012-10-12 16:05:48.000000000 +0200
++++ cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c	2012-12-20 17:03:17.940793653 +0100
+@@ -78,6 +78,7 @@ auth_getpwent (
+     /* VARIABLES */
+     struct passwd *pw;			/* pointer to passwd file entry */
+     int errnum;
++    char *cryptbuf;
+     /* END VARIABLES */
+   
+     errno = 0;
+@@ -105,7 +106,8 @@ auth_getpwent (
+ 	}
+     }
+ 
+-    if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) {
++    cryptbuf = crypt(password, pw->pw_passwd);
++    if ((cryptbuf == NULL) || strcmp(pw->pw_passwd, cryptbuf)) {
+ 	if (flags & VERBOSE) {
+ 	    syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login);
+ 	}
+diff -up cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.null-crypt cyrus-sasl-2.1.26/saslauthd/auth_shadow.c
+--- cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.null-crypt	2012-12-20 17:00:14.000000000 +0100
++++ cyrus-sasl-2.1.26/saslauthd/auth_shadow.c	2012-12-20 17:16:44.190360006 +0100
+@@ -214,8 +214,8 @@ auth_shadow (
+ 	RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)");
+     }
+ 
+-    cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
+-    if (strcmp(sp->sp_pwdp, cpw)) {
++    cpw = crypt(password, sp->sp_pwdp);
++    if ((cpw == NULL) || strcmp(sp->sp_pwdp, cpw)) {
+ 	if (flags & VERBOSE) {
+ 	    /*
+ 	     * This _should_ reveal the SHADOW_PW_LOCKED prefix to an
+@@ -225,10 +225,8 @@ auth_shadow (
+ 	    syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'",
+ 		   sp->sp_pwdp, cpw);
+ 	}
+-	free(cpw);
+ 	RETURN("NO Incorrect password");
+     }
+-    free(cpw);
+ 
+     /*
+      * The following fields will be set to -1 if:
+@@ -290,7 +288,8 @@ auth_shadow (
+ 	RETURN("NO Invalid username");
+     }
+   
+-    if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) {
++    cpw = crypt(password, upw->upw_passwd);
++    if ((cpw == NULL) || strcmp(upw->upw_passwd, cpw) != 0) {
+ 	if (flags & VERBOSE) {
+ 	    syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s",
+ 		   password, upw->upw_passwd);

cyrus-sasl-2.1.26-release-server_creds.patch

@@ -0,0 +1,16 @@
+diff -up cyrus-sasl-2.1.26/plugins/gssapi.c.release-server_creds cyrus-sasl-2.1.26/plugins/gssapi.c
+--- cyrus-sasl-2.1.26/plugins/gssapi.c.release-server_creds	2012-12-20 17:17:37.000000000 +0100
++++ cyrus-sasl-2.1.26/plugins/gssapi.c	2012-12-20 17:42:11.498138999 +0100
+@@ -945,6 +945,12 @@ gssapi_server_mech_authneg(context_t *te
+ 	ret = SASL_CONTINUE;
+     }
+ 
++    /* Release server creds which are no longer needed */
++     if ( text->server_creds != GSS_C_NO_CREDENTIAL) {
++        maj_stat = gss_release_cred(&min_stat, &text->server_creds);
++        text->server_creds = GSS_C_NO_CREDENTIAL;
++     }
++
+   cleanup:
+     if (client_name_MN) {
+ 	GSS_LOCK_MUTEX(params->utils);

cyrus-sasl-2.1.26-relro.patch

@@ -1,7 +1,7 @@
-diff -up cyrus-sasl-2.1.25/lib/Makefile.am.relro cyrus-sasl-2.1.25/lib/Makefile.am
---- cyrus-sasl-2.1.25/lib/Makefile.am.relro	2011-09-05 16:18:10.000000000 +0200
-+++ cyrus-sasl-2.1.25/lib/Makefile.am	2012-12-07 12:49:13.693026807 +0100
-@@ -62,7 +62,7 @@ LIB_DOOR= @LIB_DOOR@
+diff -up cyrus-sasl-2.1.26/lib/Makefile.am.relro cyrus-sasl-2.1.26/lib/Makefile.am
+--- cyrus-sasl-2.1.26/lib/Makefile.am.relro	2012-10-12 16:05:48.000000000 +0200
++++ cyrus-sasl-2.1.26/lib/Makefile.am	2012-12-20 16:57:51.245192138 +0100
+@@ -64,7 +64,7 @@ LIB_DOOR= @LIB_DOOR@
  lib_LTLIBRARIES = libsasl2.la
  
  libsasl2_la_SOURCES = $(common_sources) $(common_headers)
@@ -10,11 +10,11 @@ diff -up cyrus-sasl-2.1.25/lib/Makefile.am.relro cyrus-sasl-2.1.25/lib/Makefile.
  libsasl2_la_DEPENDENCIES = $(LTLIBOBJS)
  libsasl2_la_LIBADD = $(LTLIBOBJS) $(SASL_DL_LIB) $(LIB_SOCKET) $(LIB_DOOR)
  
-diff -up cyrus-sasl-2.1.25/plugins/Makefile.am.relro cyrus-sasl-2.1.25/plugins/Makefile.am
---- cyrus-sasl-2.1.25/plugins/Makefile.am.relro	2011-09-05 16:18:10.000000000 +0200
-+++ cyrus-sasl-2.1.25/plugins/Makefile.am	2012-12-07 12:56:16.916231903 +0100
-@@ -49,7 +49,7 @@
- plugin_version = 2:25:0
+diff -up cyrus-sasl-2.1.26/plugins/Makefile.am.relro cyrus-sasl-2.1.26/plugins/Makefile.am
+--- cyrus-sasl-2.1.26/plugins/Makefile.am.relro	2012-10-12 16:05:48.000000000 +0200
++++ cyrus-sasl-2.1.26/plugins/Makefile.am	2012-12-20 16:59:01.932901285 +0100
+@@ -50,7 +50,7 @@
+ plugin_version = 3:0:0
  
  INCLUDES=-I$(top_srcdir)/include -I$(top_srcdir)/lib -I$(top_srcdir)/sasldb -I$(top_builddir)/include
 -AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir) -version-info $(plugin_version)

cyrus-sasl-2.1.26-warnings.patch

@@ -0,0 +1,62 @@
+diff -up cyrus-sasl-2.1.26/lib/server.c.warnings cyrus-sasl-2.1.26/lib/server.c
+--- cyrus-sasl-2.1.26/lib/server.c.warnings	2012-10-12 16:05:48.000000000 +0200
++++ cyrus-sasl-2.1.26/lib/server.c	2012-12-20 17:49:39.620254792 +0100
+@@ -650,7 +650,7 @@ static int load_config(const sasl_callba
+             goto done;
+         }
+ 
+-        snprintf(config_filename, len, "%.*s%c%s.conf", path_len, path_to_config, 
++        snprintf(config_filename, len, "%.*s%c%s.conf", (int)path_len, path_to_config, 
+ 	        HIER_DELIMITER, global_callbacks.appname);
+ 
+         /* Ask the application if it's safe to use this file */
+diff -up cyrus-sasl-2.1.26/plugins/gssapi.c.warnings cyrus-sasl-2.1.26/plugins/gssapi.c
+--- cyrus-sasl-2.1.26/plugins/gssapi.c.warnings	2012-01-28 00:31:36.000000000 +0100
++++ cyrus-sasl-2.1.26/plugins/gssapi.c	2012-12-20 17:49:39.620254792 +0100
+@@ -202,7 +202,8 @@ sasl_gss_seterror_(const sasl_utils_t *u
+     OM_uint32 msg_ctx;
+     int ret;
+     char *out = NULL;
+-    size_t len, curlen = 0;
++    size_t len;
++    unsigned curlen = 0;
+     const char prefix[] = "GSSAPI Error: ";
+ 
+     if (!utils) return SASL_OK;
+diff -up cyrus-sasl-2.1.26/plugins/ldapdb.c.warnings cyrus-sasl-2.1.26/plugins/ldapdb.c
+--- cyrus-sasl-2.1.26/plugins/ldapdb.c.warnings	2012-01-28 00:31:36.000000000 +0100
++++ cyrus-sasl-2.1.26/plugins/ldapdb.c	2012-12-20 17:49:39.621254788 +0100
+@@ -22,6 +22,7 @@
+ 
+ #include "plugin_common.h"
+ 
++#define LDAP_DEPRECATED 1
+ #include <ldap.h>
+ 
+ static char ldapdb[] = "ldapdb";
+diff -up cyrus-sasl-2.1.26/saslauthd/auth_httpform.c.warnings cyrus-sasl-2.1.26/saslauthd/auth_httpform.c
+--- cyrus-sasl-2.1.26/saslauthd/auth_httpform.c.warnings	2012-10-12 16:05:48.000000000 +0200
++++ cyrus-sasl-2.1.26/saslauthd/auth_httpform.c	2012-12-20 17:50:13.247110021 +0100
+@@ -574,7 +574,7 @@ auth_httpform (
+               "Content-Type: application/x-www-form-urlencoded" CRLF
+               "Content-Length: %d" TWO_CRLF
+               "%s",
+-              r_uri, r_host, r_port, strlen(req), req);
++              r_uri, r_host, r_port, (int)strlen(req), req);
+ 
+     if (flags & VERBOSE) {
+         syslog(LOG_DEBUG, "auth_httpform: sending %s %s %s",
+diff -up cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.warnings cyrus-sasl-2.1.26/saslauthd/auth_shadow.c
+--- cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.warnings	2012-10-12 16:05:48.000000000 +0200
++++ cyrus-sasl-2.1.26/saslauthd/auth_shadow.c	2012-12-20 17:49:39.621254788 +0100
+@@ -70,6 +70,10 @@
+ #  include <shadow.h>
+ # endif /* ! HAVE_GETUSERPW */
+ 
++# ifdef HAVE_CRYPT_H
++#  include <crypt.h>
++# endif
++
+ # include "auth_shadow.h"
+ # include "globals.h"
+ /* END PUBLIC DEPENDENCIES */

cyrus-sasl.spec

@@ -7,8 +7,8 @@
 
 Summary: The Cyrus SASL library
 Name: cyrus-sasl
-Version: 2.1.25
-Release: 2%{?dist}
+Version: 2.1.26
+Release: 1%{?dist}
 License: BSD with advertising
 Group: System Environment/Libraries
 # Source0 originally comes from ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/;
@@ -30,18 +30,15 @@ Patch24: cyrus-sasl-2.1.21-sizes.patch
 Patch27: cyrus-sasl-2.1.22-automake-1.10.patch
 Patch28: cyrus-sasl-2.1.21-keytab.patch
 Patch31: cyrus-sasl-2.1.22-kerberos4.patch
-Patch32: cyrus-sasl-2.1.25-warnings.patch
+Patch32: cyrus-sasl-2.1.26-warnings.patch
 Patch33: cyrus-sasl-2.1.25-current-db.patch
 Patch34: cyrus-sasl-2.1.22-ldap-timeout.patch
-Patch37: cyrus-sasl-2.1.23-race.patch
 # removed due to #759334
 #Patch38: cyrus-sasl-2.1.23-pam_rhosts.patch
-Patch40: cyrus-sasl-2.1.23-rimap2.patch
-Patch41: cyrus-sasl-2.1.23-db5.patch
-Patch42: cyrus-sasl-2.1.25-relro.patch
+Patch42: cyrus-sasl-2.1.26-relro.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=816250
-Patch43: cyrus-sasl-2.1.23-null-crypt.patch
-Patch44: cyrus-sasl-2.1.25-release-server_creds.patch
+Patch43: cyrus-sasl-2.1.26-null-crypt.patch
+Patch44: cyrus-sasl-2.1.26-release-server_creds.patch
 
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: autoconf, automake, libtool, gdbm-devel, groff
@@ -75,6 +72,7 @@ applications which use the Cyrus SASL library.
 %package devel
 Requires: %{name}-lib = %{version}-%{release}
 Requires: %{name} = %{version}-%{release}
+Requires: pkgconfig
 Group: Development/Libraries
 Summary: Files needed for developing applications with Cyrus SASL
 
@@ -174,9 +172,6 @@ chmod -x include/*.h
 %patch32 -p1 -b .warnings
 %patch33 -p1 -b .current-db
 %patch34 -p1 -b .ldap-timeout
-%patch37 -p1 -b .race
-%patch40 -p1 -b .rimap2
-%patch41 -p1 -b .db5
 %patch42 -p1 -b .relro
 %patch43 -p1 -b .null-crypt
 %patch44 -p1 -b .release-server_creds
@@ -424,10 +419,15 @@ getent passwd %{username} >/dev/null || useradd -r -g %{username} -d %{homedir}
 %{_bindir}/sasl2-sample-server
 %{_includedir}/*
 %{_libdir}/libsasl*.*so
+%{_libdir}/pkgconfig/*.pc
 %{_mandir}/man3/*
 %{_sbindir}/sasl2-shared-mechlist
 
 %changelog
+* Thu Dec 20 2012 Petr Lautrbach <plautrba@redhat.com> 2.1.26-1
+- update to 2.1.26
+- fix segfaults in sasl_gss_encode (#886140)
+
 * Mon Dec 10 2012 Petr Lautrbach <plautrba@redhat.com> 2.1.25-2
 - always use the current external Berkeley DB when linking
 

sasl-mechlist.c

@@ -1,9 +1,10 @@
-#include "sasl.h"
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 
+#include "sasl.h"
+
 static int
 my_getopt(void *context, const char *plugin_name,
 	  const char *option, const char **result, unsigned *len)