Remove patches already in upstream
This commit is contained in:
parent
8f2d1e1810
commit
db035e1fec
@ -1,15 +1,3 @@
|
|||||||
diff -up cyrus-sasl-2.1.27/saslauthd/saslauthd.8.path cyrus-sasl-2.1.27/saslauthd/saslauthd.8
|
|
||||||
--- cyrus-sasl-2.1.27/saslauthd/saslauthd.8.path 2015-11-20 15:05:30.421377527 +0100
|
|
||||||
+++ cyrus-sasl-2.1.27/saslauthd/saslauthd.8 2015-11-20 15:06:58.779178999 +0100
|
|
||||||
@@ -179,7 +179,7 @@ SASLAUTHD(8) BSD System Man
|
|
||||||
anyway.)
|
|
||||||
|
|
||||||
[1mFILES[0m
|
|
||||||
- /var/run/saslauthd/mux The default communications socket.
|
|
||||||
+ /run/saslauthd/mux The default communications socket.
|
|
||||||
|
|
||||||
/usr/local/etc/saslauthd.conf
|
|
||||||
The default configuration file for ldap support.
|
|
||||||
diff -up cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc.path cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc
|
diff -up cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc.path cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc
|
||||||
--- cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc.path 2015-10-15 15:44:43.000000000 +0200
|
--- cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc.path 2015-10-15 15:44:43.000000000 +0200
|
||||||
+++ cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc 2015-11-20 15:05:30.421377527 +0100
|
+++ cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc 2015-11-20 15:05:30.421377527 +0100
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
diff -up cyrus-sasl-2.1.27/configure.ac.sizes cyrus-sasl-2.1.27/configure.ac
|
diff -up cyrus-sasl-2.1.27/configure.ac.sizes cyrus-sasl-2.1.27/configure.ac
|
||||||
--- cyrus-sasl-2.1.27/configure.ac.sizes 2015-11-18 09:46:24.000000000 +0100
|
--- cyrus-sasl-2.1.27/configure.ac.sizes 2015-11-18 09:46:24.000000000 +0100
|
||||||
+++ cyrus-sasl-2.1.27/configure.ac 2015-11-20 15:11:20.474588247 +0100
|
+++ cyrus-sasl-2.1.27/configure.ac 2015-11-20 15:11:20.474588247 +0100
|
||||||
@@ -1197,6 +1197,10 @@ AC_HEADER_STDC
|
@@ -1312,6 +1312,10 @@ AC_HEADER_STDC
|
||||||
AC_HEADER_DIRENT
|
AC_HEADER_DIRENT
|
||||||
AC_HEADER_SYS_WAIT
|
AC_HEADER_SYS_WAIT
|
||||||
AC_CHECK_HEADERS(des.h dlfcn.h fcntl.h limits.h malloc.h paths.h strings.h sys/file.h sys/time.h syslog.h unistd.h inttypes.h sys/uio.h sys/param.h sysexits.h stdarg.h varargs.h)
|
AC_CHECK_HEADERS(crypt.h des.h dlfcn.h fcntl.h limits.h malloc.h paths.h strings.h sys/file.h sys/time.h syslog.h unistd.h inttypes.h sys/uio.h sys/param.h sysexits.h stdarg.h varargs.h krb5.h)
|
||||||
+AC_CHECK_TYPES([long long, int8_t, uint8_t, int16_t, uint16_t, int32_t, uint32_t, int64_t, uint64_t],,,[
|
+AC_CHECK_TYPES([long long, int8_t, uint8_t, int16_t, uint16_t, int32_t, uint32_t, int64_t, uint64_t],,,[
|
||||||
+#ifdef HAVE_INTTYPES_H
|
+#ifdef HAVE_INTTYPES_H
|
||||||
+#include <inttypes.h>
|
+#include <inttypes.h>
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
diff -up cyrus-sasl-2.1.25/cmulocal/cyrus.m4.no_rpath cyrus-sasl-2.1.25/cmulocal/cyrus.m4
|
diff -up cyrus-sasl-2.1.25/m4/cyrus.m4.no_rpath cyrus-sasl-2.1.25/m4/cyrus.m4
|
||||||
--- cyrus-sasl-2.1.25/cmulocal/cyrus.m4.no_rpath 2010-01-22 16:12:01.000000000 +0100
|
--- cyrus-sasl-2.1.25/m4/cyrus.m4.no_rpath 2010-01-22 16:12:01.000000000 +0100
|
||||||
+++ cyrus-sasl-2.1.25/cmulocal/cyrus.m4 2012-12-06 14:59:47.956102057 +0100
|
+++ cyrus-sasl-2.1.25/m4/cyrus.m4 2012-12-06 14:59:47.956102057 +0100
|
||||||
@@ -32,14 +32,5 @@ AC_DEFUN([CMU_ADD_LIBPATH_TO], [
|
@@ -32,14 +32,5 @@ AC_DEFUN([CMU_ADD_LIBPATH_TO], [
|
||||||
dnl runpath initialization
|
dnl runpath initialization
|
||||||
AC_DEFUN([CMU_GUESS_RUNPATH_SWITCH], [
|
AC_DEFUN([CMU_GUESS_RUNPATH_SWITCH], [
|
||||||
|
@ -1,36 +0,0 @@
|
|||||||
diff --git a/cmulocal/sasl2.m4 b/cmulocal/sasl2.m4
|
|
||||||
index 3c2841a..b086b8f 100644
|
|
||||||
--- a/cmulocal/sasl2.m4
|
|
||||||
+++ b/cmulocal/sasl2.m4
|
|
||||||
@@ -269,6 +269,18 @@ if test "$gssapi" != no; then
|
|
||||||
cmu_save_LIBS="$LIBS"
|
|
||||||
LIBS="$LIBS $GSSAPIBASE_LIBS"
|
|
||||||
AC_CHECK_FUNCS(gsskrb5_register_acceptor_identity)
|
|
||||||
+ if test "$ac_cv_func_gsskrb5_register_acceptor_identity" = no ; then
|
|
||||||
+ AC_CHECK_HEADERS(gssapi/gssapi_krb5.h)
|
|
||||||
+ if test "$ac_cv_header_gssapi_gssapi_krb5_h" = "yes"; then
|
|
||||||
+ AC_CHECK_DECL(gsskrb5_register_acceptor_identity,
|
|
||||||
+ [AC_DEFINE(HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY,1,
|
|
||||||
+ [Define if your GSSAPI implementation defines gsskrb5_register_acceptor_identity])],,
|
|
||||||
+ [
|
|
||||||
+ AC_INCLUDES_DEFAULT
|
|
||||||
+ #include <gssapi/gssapi_krb5.h>
|
|
||||||
+ ])
|
|
||||||
+ fi
|
|
||||||
+ fi
|
|
||||||
AC_CHECK_FUNCS(gss_decapsulate_token)
|
|
||||||
AC_CHECK_FUNCS(gss_encapsulate_token)
|
|
||||||
AC_CHECK_FUNCS(gss_oid_equal)
|
|
||||||
diff --git a/plugins/gssapi.c b/plugins/gssapi.c
|
|
||||||
index 6be9d23..e6fcf46 100644
|
|
||||||
--- a/plugins/gssapi.c
|
|
||||||
+++ b/plugins/gssapi.c
|
|
||||||
@@ -51,6 +51,8 @@
|
|
||||||
#include <gssapi/gssapi.h>
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+#include <gssapi/gssapi_krb5.h>
|
|
||||||
+
|
|
||||||
#ifdef WIN32
|
|
||||||
# include <winsock2.h>
|
|
||||||
|
|
@ -1,16 +0,0 @@
|
|||||||
diff -up cyrus-sasl-2.1.27/plugins/gssapi.c.release-server_creds cyrus-sasl-2.1.27/plugins/gssapi.c
|
|
||||||
--- cyrus-sasl-2.1.27/plugins/gssapi.c.release-server_creds 2015-11-20 15:24:57.706740573 +0100
|
|
||||||
+++ cyrus-sasl-2.1.27/plugins/gssapi.c 2015-11-20 15:26:00.310597014 +0100
|
|
||||||
@@ -945,6 +945,12 @@ gssapi_server_mech_authneg(context_t *te
|
|
||||||
ret = SASL_CONTINUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ /* Release server creds which are no longer needed */
|
|
||||||
+ if ( text->server_creds != GSS_C_NO_CREDENTIAL) {
|
|
||||||
+ maj_stat = gss_release_cred(&min_stat, &text->server_creds);
|
|
||||||
+ text->server_creds = GSS_C_NO_CREDENTIAL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
cleanup:
|
|
||||||
if (text->server_creds != GSS_C_NO_CREDENTIAL) {
|
|
||||||
GSS_LOCK_MUTEX(params->utils);
|
|
@ -1,12 +0,0 @@
|
|||||||
diff -up cyrus-sasl-2.1.26/include/sasl.h.size_t cyrus-sasl-2.1.26/include/sasl.h
|
|
||||||
--- cyrus-sasl-2.1.26/include/sasl.h.size_t 2012-10-12 09:05:48.000000000 -0500
|
|
||||||
+++ cyrus-sasl-2.1.26/include/sasl.h 2013-01-31 13:21:04.007739327 -0600
|
|
||||||
@@ -223,6 +223,8 @@ extern "C" {
|
|
||||||
* they must be called before all other SASL functions:
|
|
||||||
*/
|
|
||||||
|
|
||||||
+#include <sys/types.h>
|
|
||||||
+
|
|
||||||
/* memory allocation functions which may optionally be replaced:
|
|
||||||
*/
|
|
||||||
typedef void *sasl_malloc_t(size_t);
|
|
@ -1,60 +0,0 @@
|
|||||||
diff -up cyrus-sasl-2.1.27/configure.ac.sql cyrus-sasl-2.1.27/configure.ac
|
|
||||||
--- cyrus-sasl-2.1.27/configure.ac.sql 2015-11-20 15:36:43.343122451 +0100
|
|
||||||
+++ cyrus-sasl-2.1.27/configure.ac 2015-11-20 15:37:01.409081023 +0100
|
|
||||||
@@ -730,7 +730,18 @@ LIB_MYSQL=""
|
|
||||||
|
|
||||||
case "$with_mysql" in
|
|
||||||
no) true;;
|
|
||||||
- notfound) AC_WARN([MySQL Library not found]); true;;
|
|
||||||
+ notfound)
|
|
||||||
+ save_LDFLAGS=$LDFLAGS
|
|
||||||
+ LIB_MYSQL=`mysql_config --libs`
|
|
||||||
+ LIB_MYSQL="-lmysqlclient"
|
|
||||||
+ LDFLAGS="$LDFLAGS $LIB_MYSQL"
|
|
||||||
+ # CPPFLAGS="${CPPFLAGS} `mysql_config --include`"
|
|
||||||
+ AC_CHECK_LIB(mysqlclient, mysql_select_db,
|
|
||||||
+ AC_DEFINE(HAVE_MYSQL, [], [Do we have mysql support?]),
|
|
||||||
+ [AC_WARN([MySQL library mysqlclient does not work])
|
|
||||||
+ with_mysql=no])
|
|
||||||
+ LDFLAGS=$save_LDFLAGS
|
|
||||||
+ ;;
|
|
||||||
*)
|
|
||||||
if test -d ${with_mysql}/lib/mysql; then
|
|
||||||
CMU_ADD_LIBPATH_TO(${with_mysql}/lib/mysql, LIB_MYSQL)
|
|
||||||
@@ -751,6 +762,8 @@ case "$with_mysql" in
|
|
||||||
CPPFLAGS="${CPPFLAGS} -I${with_mysql}/mysql/include"
|
|
||||||
elif test -d ${with_mysql}/include; then
|
|
||||||
CPPFLAGS="${CPPFLAGS} -I${with_mysql}/include"
|
|
||||||
+ elif test -d ${prefix}/include/mysql; then
|
|
||||||
+ CPPFLAGS="${CPPFLAGS} -I${prefix}/include/mysql"
|
|
||||||
else
|
|
||||||
CPPFLAGS="${CPPFLAGS} -I${with_mysql}"
|
|
||||||
fi
|
|
||||||
@@ -794,7 +807,17 @@ LIB_PGSQL=""
|
|
||||||
|
|
||||||
case "$with_pgsql" in
|
|
||||||
no) true;;
|
|
||||||
- notfound) AC_WARN([PostgreSQL Library not found]); true;;
|
|
||||||
+ notfound)
|
|
||||||
+ LIB_PGSQL="-lpq"
|
|
||||||
+ # CPPFLAGS="${CPPFLAGS} -I`pg_config --includedir`"
|
|
||||||
+ save_LDFLAGS=$LDFLAGS
|
|
||||||
+ LDFLAGS="$LDFLAGS $LIB_PGSQL"
|
|
||||||
+ AC_CHECK_LIB(pq, PQsetdbLogin, AC_DEFINE(HAVE_PGSQL,[],
|
|
||||||
+ [Do we have Postgres support?]),
|
|
||||||
+ [AC_WARN([PostgreSQL Library pq does not work])
|
|
||||||
+ with_pgsql=no])
|
|
||||||
+ LDFLAGS=$save_LDFLAGS
|
|
||||||
+ ;;
|
|
||||||
*)
|
|
||||||
if test -d ${with_pgsql}/lib/pgsql; then
|
|
||||||
CMU_ADD_LIBPATH_TO(${with_pgsql}/lib/pgsql, LIB_PGSQL)
|
|
||||||
@@ -815,6 +838,8 @@ case "$with_pgsql" in
|
|
||||||
CPPFLAGS="${CPPFLAGS} -I${with_pgsql}/pgsql/include"
|
|
||||||
elif test -d ${with_pgsql}/include; then
|
|
||||||
CPPFLAGS="${CPPFLAGS} -I${with_pgsql}/include"
|
|
||||||
+ elif test -d ${prefix}/include; then
|
|
||||||
+ CPPFLAGS="${CPPFLAGS} -I${prefix}/include"
|
|
||||||
else
|
|
||||||
CPPFLAGS="${CPPFLAGS} -I${with_pgsql}"
|
|
||||||
fi
|
|
@ -1,74 +0,0 @@
|
|||||||
diff -up cyrus-sasl-2.1.26/lib/server.c.warnings cyrus-sasl-2.1.26/lib/server.c
|
|
||||||
--- cyrus-sasl-2.1.26/lib/server.c.warnings 2012-10-12 16:05:48.000000000 +0200
|
|
||||||
+++ cyrus-sasl-2.1.26/lib/server.c 2012-12-20 17:49:39.620254792 +0100
|
|
||||||
@@ -650,7 +650,7 @@ static int load_config(const sasl_callba
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
- snprintf(config_filename, len, "%.*s%c%s.conf", path_len, path_to_config,
|
|
||||||
+ snprintf(config_filename, len, "%.*s%c%s.conf", (int)path_len, path_to_config,
|
|
||||||
HIER_DELIMITER, global_callbacks.appname);
|
|
||||||
|
|
||||||
/* Ask the application if it's safe to use this file */
|
|
||||||
diff -up cyrus-sasl-2.1.26/plugins/gssapi.c.warnings cyrus-sasl-2.1.26/plugins/gssapi.c
|
|
||||||
--- cyrus-sasl-2.1.26/plugins/gssapi.c.warnings 2012-01-28 00:31:36.000000000 +0100
|
|
||||||
+++ cyrus-sasl-2.1.26/plugins/gssapi.c 2012-12-20 17:49:39.620254792 +0100
|
|
||||||
@@ -202,7 +202,8 @@ sasl_gss_seterror_(const sasl_utils_t *u
|
|
||||||
OM_uint32 msg_ctx;
|
|
||||||
int ret;
|
|
||||||
char *out = NULL;
|
|
||||||
- size_t len, curlen = 0;
|
|
||||||
+ size_t len;
|
|
||||||
+ unsigned curlen = 0;
|
|
||||||
const char prefix[] = "GSSAPI Error: ";
|
|
||||||
|
|
||||||
if (!utils) return SASL_OK;
|
|
||||||
diff -up cyrus-sasl-2.1.26/plugins/ldapdb.c.warnings cyrus-sasl-2.1.26/plugins/ldapdb.c
|
|
||||||
--- cyrus-sasl-2.1.26/plugins/ldapdb.c.warnings 2012-01-28 00:31:36.000000000 +0100
|
|
||||||
+++ cyrus-sasl-2.1.26/plugins/ldapdb.c 2012-12-20 17:49:39.621254788 +0100
|
|
||||||
@@ -22,6 +22,7 @@
|
|
||||||
|
|
||||||
#include "plugin_common.h"
|
|
||||||
|
|
||||||
+#define LDAP_DEPRECATED 1
|
|
||||||
#include <ldap.h>
|
|
||||||
|
|
||||||
static char ldapdb[] = "ldapdb";
|
|
||||||
diff -up cyrus-sasl-2.1.26/plugins/plugin_common.c.warnings cyrus-sasl-2.1.26/plugins/plugin_common.c
|
|
||||||
--- cyrus-sasl-2.1.26/plugins/plugin_common.c.warnings 2013-09-03 14:40:35.181455452 +0200
|
|
||||||
+++ cyrus-sasl-2.1.26/plugins/plugin_common.c 2013-09-03 14:40:38.320441024 +0200
|
|
||||||
@@ -94,7 +94,7 @@ static void sockaddr_unmapped(
|
|
||||||
if (!IN6_IS_ADDR_V4MAPPED((&sin6->sin6_addr)))
|
|
||||||
return;
|
|
||||||
sin4 = (struct sockaddr_in *)sa;
|
|
||||||
- addr = *(uint32_t *)&sin6->sin6_addr.s6_addr[12];
|
|
||||||
+ addr = *(uint32_t *)&sin6->sin6_addr.s6_addr32[3];
|
|
||||||
port = sin6->sin6_port;
|
|
||||||
memset(sin4, 0, sizeof(struct sockaddr_in));
|
|
||||||
sin4->sin_addr.s_addr = addr;
|
|
||||||
diff -up cyrus-sasl-2.1.26/saslauthd/auth_httpform.c.warnings cyrus-sasl-2.1.26/saslauthd/auth_httpform.c
|
|
||||||
--- cyrus-sasl-2.1.26/saslauthd/auth_httpform.c.warnings 2012-10-12 16:05:48.000000000 +0200
|
|
||||||
+++ cyrus-sasl-2.1.26/saslauthd/auth_httpform.c 2013-09-03 14:39:25.411776109 +0200
|
|
||||||
@@ -574,7 +574,7 @@ auth_httpform (
|
|
||||||
"Content-Type: application/x-www-form-urlencoded" CRLF
|
|
||||||
"Content-Length: %d" TWO_CRLF
|
|
||||||
"%s",
|
|
||||||
- r_uri, r_host, r_port, strlen(req), req);
|
|
||||||
+ r_uri, r_host, r_port, (int)strlen(req), req);
|
|
||||||
|
|
||||||
if (flags & VERBOSE) {
|
|
||||||
syslog(LOG_DEBUG, "auth_httpform: sending %s %s %s",
|
|
||||||
diff -up cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.warnings cyrus-sasl-2.1.26/saslauthd/auth_shadow.c
|
|
||||||
--- cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.warnings 2012-10-12 16:05:48.000000000 +0200
|
|
||||||
+++ cyrus-sasl-2.1.26/saslauthd/auth_shadow.c 2012-12-20 17:49:39.621254788 +0100
|
|
||||||
@@ -70,6 +70,10 @@
|
|
||||||
# include <shadow.h>
|
|
||||||
# endif /* ! HAVE_GETUSERPW */
|
|
||||||
|
|
||||||
+# ifdef HAVE_CRYPT_H
|
|
||||||
+# include <crypt.h>
|
|
||||||
+# endif
|
|
||||||
+
|
|
||||||
# include "auth_shadow.h"
|
|
||||||
# include "globals.h"
|
|
||||||
/* END PUBLIC DEPENDENCIES */
|
|
@ -1,435 +0,0 @@
|
|||||||
diff -up cyrus-sasl-2.1.26/plugins/ntlm.c.openssl110 cyrus-sasl-2.1.26/plugins/ntlm.c
|
|
||||||
--- cyrus-sasl-2.1.26/plugins/ntlm.c.openssl110 2012-01-28 00:31:36.000000000 +0100
|
|
||||||
+++ cyrus-sasl-2.1.26/plugins/ntlm.c 2016-11-07 16:15:57.498259304 +0100
|
|
||||||
@@ -417,6 +417,29 @@ static unsigned char *P24(unsigned char
|
|
||||||
return P24;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static HMAC_CTX *_plug_HMAC_CTX_new(const sasl_utils_t *utils)
|
|
||||||
+{
|
|
||||||
+ utils->log(NULL, SASL_LOG_DEBUG, "_plug_HMAC_CTX_new()");
|
|
||||||
+
|
|
||||||
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
||||||
+ return HMAC_CTX_new();
|
|
||||||
+#else
|
|
||||||
+ return utils->malloc(sizeof(HMAC_CTX));
|
|
||||||
+#endif
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static void _plug_HMAC_CTX_free(HMAC_CTX *ctx, const sasl_utils_t *utils)
|
|
||||||
+{
|
|
||||||
+ utils->log(NULL, SASL_LOG_DEBUG, "_plug_HMAC_CTX_free()");
|
|
||||||
+
|
|
||||||
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
||||||
+ HMAC_CTX_free(ctx);
|
|
||||||
+#else
|
|
||||||
+ HMAC_cleanup(ctx);
|
|
||||||
+ utils->free(ctx);
|
|
||||||
+#endif
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static unsigned char *V2(unsigned char *V2, sasl_secret_t *passwd,
|
|
||||||
const char *authid, const char *target,
|
|
||||||
const unsigned char *challenge,
|
|
||||||
@@ -424,7 +447,7 @@ static unsigned char *V2(unsigned char *
|
|
||||||
const sasl_utils_t *utils,
|
|
||||||
char **buf, unsigned *buflen, int *result)
|
|
||||||
{
|
|
||||||
- HMAC_CTX ctx;
|
|
||||||
+ HMAC_CTX *ctx = NULL;
|
|
||||||
unsigned char hash[EVP_MAX_MD_SIZE];
|
|
||||||
char *upper;
|
|
||||||
unsigned int len;
|
|
||||||
@@ -435,6 +458,10 @@ static unsigned char *V2(unsigned char *
|
|
||||||
SETERROR(utils, "cannot allocate NTLMv2 hash");
|
|
||||||
*result = SASL_NOMEM;
|
|
||||||
}
|
|
||||||
+ else if ((ctx = _plug_HMAC_CTX_new(utils)) == NULL) {
|
|
||||||
+ SETERROR(utils, "cannot allocate HMAC CTX");
|
|
||||||
+ *result = SASL_NOMEM;
|
|
||||||
+ }
|
|
||||||
else {
|
|
||||||
/* NTLMv2hash = HMAC-MD5(NTLMhash, unicode(ucase(authid + domain))) */
|
|
||||||
P16_nt(hash, passwd, utils, buf, buflen, result);
|
|
||||||
@@ -449,17 +476,18 @@ static unsigned char *V2(unsigned char *
|
|
||||||
HMAC(EVP_md5(), hash, MD4_DIGEST_LENGTH, *buf, 2 * len, hash, &len);
|
|
||||||
|
|
||||||
/* V2 = HMAC-MD5(NTLMv2hash, challenge + blob) + blob */
|
|
||||||
- HMAC_Init(&ctx, hash, len, EVP_md5());
|
|
||||||
- HMAC_Update(&ctx, challenge, NTLM_NONCE_LENGTH);
|
|
||||||
- HMAC_Update(&ctx, blob, bloblen);
|
|
||||||
- HMAC_Final(&ctx, V2, &len);
|
|
||||||
- HMAC_cleanup(&ctx);
|
|
||||||
+ HMAC_Init_ex(ctx, hash, len, EVP_md5(), NULL);
|
|
||||||
+ HMAC_Update(ctx, challenge, NTLM_NONCE_LENGTH);
|
|
||||||
+ HMAC_Update(ctx, blob, bloblen);
|
|
||||||
+ HMAC_Final(ctx, V2, &len);
|
|
||||||
|
|
||||||
/* the blob is concatenated outside of this function */
|
|
||||||
|
|
||||||
*result = SASL_OK;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ if (ctx) _plug_HMAC_CTX_free(ctx, utils);
|
|
||||||
+
|
|
||||||
return V2;
|
|
||||||
}
|
|
||||||
|
|
||||||
diff -up cyrus-sasl-2.1.26/plugins/otp.c.openssl110 cyrus-sasl-2.1.26/plugins/otp.c
|
|
||||||
--- cyrus-sasl-2.1.26/plugins/otp.c.openssl110 2012-10-12 16:05:48.000000000 +0200
|
|
||||||
+++ cyrus-sasl-2.1.26/plugins/otp.c 2016-11-07 16:13:54.374327601 +0100
|
|
||||||
@@ -96,6 +96,28 @@ static algorithm_option_t algorithm_opti
|
|
||||||
{NULL, 0, NULL}
|
|
||||||
};
|
|
||||||
|
|
||||||
+static EVP_MD_CTX *_plug_EVP_MD_CTX_new(const sasl_utils_t *utils)
|
|
||||||
+{
|
|
||||||
+ utils->log(NULL, SASL_LOG_DEBUG, "_plug_EVP_MD_CTX_new()");
|
|
||||||
+
|
|
||||||
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
||||||
+ return EVP_MD_CTX_new();
|
|
||||||
+#else
|
|
||||||
+ return utils->malloc(sizeof(EVP_MD_CTX));
|
|
||||||
+#endif
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static void _plug_EVP_MD_CTX_free(EVP_MD_CTX *ctx, const sasl_utils_t *utils)
|
|
||||||
+{
|
|
||||||
+ utils->log(NULL, SASL_LOG_DEBUG, "_plug_EVP_MD_CTX_free()");
|
|
||||||
+
|
|
||||||
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
||||||
+ EVP_MD_CTX_free(ctx);
|
|
||||||
+#else
|
|
||||||
+ utils->free(ctx);
|
|
||||||
+#endif
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
/* Convert the binary data into ASCII hex */
|
|
||||||
void bin2hex(unsigned char *bin, int binlen, char *hex)
|
|
||||||
{
|
|
||||||
@@ -116,17 +138,16 @@ void bin2hex(unsigned char *bin, int bin
|
|
||||||
* swabbing bytes if necessary.
|
|
||||||
*/
|
|
||||||
static void otp_hash(const EVP_MD *md, char *in, size_t inlen,
|
|
||||||
- unsigned char *out, int swab)
|
|
||||||
+ unsigned char *out, int swab, EVP_MD_CTX *mdctx)
|
|
||||||
{
|
|
||||||
- EVP_MD_CTX mdctx;
|
|
||||||
- char hash[EVP_MAX_MD_SIZE];
|
|
||||||
+ unsigned char hash[EVP_MAX_MD_SIZE];
|
|
||||||
unsigned int i;
|
|
||||||
int j;
|
|
||||||
unsigned hashlen;
|
|
||||||
|
|
||||||
- EVP_DigestInit(&mdctx, md);
|
|
||||||
- EVP_DigestUpdate(&mdctx, in, inlen);
|
|
||||||
- EVP_DigestFinal(&mdctx, hash, &hashlen);
|
|
||||||
+ EVP_DigestInit(mdctx, md);
|
|
||||||
+ EVP_DigestUpdate(mdctx, in, inlen);
|
|
||||||
+ EVP_DigestFinal(mdctx, hash, &hashlen);
|
|
||||||
|
|
||||||
/* Fold the result into 64 bits */
|
|
||||||
for (i = OTP_HASH_SIZE; i < hashlen; i++) {
|
|
||||||
@@ -149,7 +170,9 @@ static int generate_otp(const sasl_utils
|
|
||||||
char *secret, char *otp)
|
|
||||||
{
|
|
||||||
const EVP_MD *md;
|
|
||||||
- char *key;
|
|
||||||
+ EVP_MD_CTX *mdctx = NULL;
|
|
||||||
+ char *key = NULL;
|
|
||||||
+ int r = SASL_OK;
|
|
||||||
|
|
||||||
if (!(md = EVP_get_digestbyname(alg->evp_name))) {
|
|
||||||
utils->seterror(utils->conn, 0,
|
|
||||||
@@ -157,23 +180,32 @@ static int generate_otp(const sasl_utils
|
|
||||||
return SASL_FAIL;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ if ((mdctx = _plug_EVP_MD_CTX_new(utils)) == NULL) {
|
|
||||||
+ SETERROR(utils, "cannot allocate MD CTX");
|
|
||||||
+ r = SASL_NOMEM;
|
|
||||||
+ goto done;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if ((key = utils->malloc(strlen(seed) + strlen(secret) + 1)) == NULL) {
|
|
||||||
SETERROR(utils, "cannot allocate OTP key");
|
|
||||||
- return SASL_NOMEM;
|
|
||||||
+ r = SASL_NOMEM;
|
|
||||||
+ goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* initial step */
|
|
||||||
strcpy(key, seed);
|
|
||||||
strcat(key, secret);
|
|
||||||
- otp_hash(md, key, strlen(key), otp, alg->swab);
|
|
||||||
+ otp_hash(md, key, strlen(key), otp, alg->swab, mdctx);
|
|
||||||
|
|
||||||
/* computation step */
|
|
||||||
while (seq-- > 0)
|
|
||||||
- otp_hash(md, otp, OTP_HASH_SIZE, otp, alg->swab);
|
|
||||||
-
|
|
||||||
- utils->free(key);
|
|
||||||
+ otp_hash(md, otp, OTP_HASH_SIZE, otp, alg->swab, mdctx);
|
|
||||||
+
|
|
||||||
+ done:
|
|
||||||
+ if (key) utils->free(key);
|
|
||||||
+ if (mdctx) _plug_EVP_MD_CTX_free(mdctx, utils);
|
|
||||||
|
|
||||||
- return SASL_OK;
|
|
||||||
+ return r;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int parse_challenge(const sasl_utils_t *utils,
|
|
||||||
@@ -693,7 +725,8 @@ static int strptrcasecmp(const void *arg
|
|
||||||
|
|
||||||
/* Convert the 6 words into binary data */
|
|
||||||
static int word2bin(const sasl_utils_t *utils,
|
|
||||||
- char *words, unsigned char *bin, const EVP_MD *md)
|
|
||||||
+ char *words, unsigned char *bin, const EVP_MD *md,
|
|
||||||
+ EVP_MD_CTX *mdctx)
|
|
||||||
{
|
|
||||||
int i, j;
|
|
||||||
char *c, *word, buf[OTP_RESPONSE_MAX+1];
|
|
||||||
@@ -752,13 +785,12 @@ static int word2bin(const sasl_utils_t *
|
|
||||||
|
|
||||||
/* alternate dictionary */
|
|
||||||
if (alt_dict) {
|
|
||||||
- EVP_MD_CTX mdctx;
|
|
||||||
- char hash[EVP_MAX_MD_SIZE];
|
|
||||||
- int hashlen;
|
|
||||||
+ unsigned char hash[EVP_MAX_MD_SIZE];
|
|
||||||
+ unsigned hashlen;
|
|
||||||
|
|
||||||
- EVP_DigestInit(&mdctx, md);
|
|
||||||
- EVP_DigestUpdate(&mdctx, word, strlen(word));
|
|
||||||
- EVP_DigestFinal(&mdctx, hash, &hashlen);
|
|
||||||
+ EVP_DigestInit(mdctx, md);
|
|
||||||
+ EVP_DigestUpdate(mdctx, word, strlen(word));
|
|
||||||
+ EVP_DigestFinal(mdctx, hash, &hashlen);
|
|
||||||
|
|
||||||
/* use lowest 11 bits */
|
|
||||||
x = ((hash[hashlen-2] & 0x7) << 8) | hash[hashlen-1];
|
|
||||||
@@ -802,6 +834,7 @@ static int verify_response(server_contex
|
|
||||||
char *response)
|
|
||||||
{
|
|
||||||
const EVP_MD *md;
|
|
||||||
+ EVP_MD_CTX *mdctx = NULL;
|
|
||||||
char *c;
|
|
||||||
int do_init = 0;
|
|
||||||
unsigned char cur_otp[OTP_HASH_SIZE], prev_otp[OTP_HASH_SIZE];
|
|
||||||
@@ -815,6 +848,11 @@ static int verify_response(server_contex
|
|
||||||
return SASL_FAIL;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ if ((mdctx = _plug_EVP_MD_CTX_new(utils)) == NULL) {
|
|
||||||
+ SETERROR(utils, "cannot allocate MD CTX");
|
|
||||||
+ return SASL_NOMEM;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
/* eat leading whitespace */
|
|
||||||
c = response;
|
|
||||||
while (isspace((int) *c)) c++;
|
|
||||||
@@ -824,7 +862,7 @@ static int verify_response(server_contex
|
|
||||||
r = hex2bin(c+strlen(OTP_HEX_TYPE), cur_otp, OTP_HASH_SIZE);
|
|
||||||
}
|
|
||||||
else if (!strncasecmp(c, OTP_WORD_TYPE, strlen(OTP_WORD_TYPE))) {
|
|
||||||
- r = word2bin(utils, c+strlen(OTP_WORD_TYPE), cur_otp, md);
|
|
||||||
+ r = word2bin(utils, c+strlen(OTP_WORD_TYPE), cur_otp, md, mdctx);
|
|
||||||
}
|
|
||||||
else if (!strncasecmp(c, OTP_INIT_HEX_TYPE,
|
|
||||||
strlen(OTP_INIT_HEX_TYPE))) {
|
|
||||||
@@ -834,7 +872,7 @@ static int verify_response(server_contex
|
|
||||||
else if (!strncasecmp(c, OTP_INIT_WORD_TYPE,
|
|
||||||
strlen(OTP_INIT_WORD_TYPE))) {
|
|
||||||
do_init = 1;
|
|
||||||
- r = word2bin(utils, c+strlen(OTP_INIT_WORD_TYPE), cur_otp, md);
|
|
||||||
+ r = word2bin(utils, c+strlen(OTP_INIT_WORD_TYPE), cur_otp, md, mdctx);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
SETERROR(utils, "unknown OTP extended response type");
|
|
||||||
@@ -843,14 +881,15 @@ static int verify_response(server_contex
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
/* standard response, try word first, and then hex */
|
|
||||||
- r = word2bin(utils, c, cur_otp, md);
|
|
||||||
+ r = word2bin(utils, c, cur_otp, md, mdctx);
|
|
||||||
if (r != SASL_OK)
|
|
||||||
r = hex2bin(c, cur_otp, OTP_HASH_SIZE);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (r == SASL_OK) {
|
|
||||||
/* do one more hash (previous otp) and compare to stored otp */
|
|
||||||
- otp_hash(md, cur_otp, OTP_HASH_SIZE, prev_otp, text->alg->swab);
|
|
||||||
+ otp_hash(md, (char *) cur_otp, OTP_HASH_SIZE,
|
|
||||||
+ prev_otp, text->alg->swab, mdctx);
|
|
||||||
|
|
||||||
if (!memcmp(prev_otp, text->otp, OTP_HASH_SIZE)) {
|
|
||||||
/* update the secret with this seq/otp */
|
|
||||||
@@ -879,23 +918,28 @@ static int verify_response(server_contex
|
|
||||||
*new_resp++ = '\0';
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (!(new_chal && new_resp))
|
|
||||||
- return SASL_BADAUTH;
|
|
||||||
+ if (!(new_chal && new_resp)) {
|
|
||||||
+ r = SASL_BADAUTH;
|
|
||||||
+ goto done;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
if ((r = parse_challenge(utils, new_chal, &alg, &seq, seed, 1))
|
|
||||||
!= SASL_OK) {
|
|
||||||
- return r;
|
|
||||||
+ goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (seq < 1 || !strcasecmp(seed, text->seed))
|
|
||||||
- return SASL_BADAUTH;
|
|
||||||
+ if (seq < 1 || !strcasecmp(seed, text->seed)) {
|
|
||||||
+ r = SASL_BADAUTH;
|
|
||||||
+ goto done;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
/* find the MDA */
|
|
||||||
if (!(md = EVP_get_digestbyname(alg->evp_name))) {
|
|
||||||
utils->seterror(utils->conn, 0,
|
|
||||||
"OTP algorithm %s is not available",
|
|
||||||
alg->evp_name);
|
|
||||||
- return SASL_BADAUTH;
|
|
||||||
+ r = SASL_BADAUTH;
|
|
||||||
+ goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!strncasecmp(c, OTP_INIT_HEX_TYPE, strlen(OTP_INIT_HEX_TYPE))) {
|
|
||||||
@@ -903,7 +947,7 @@ static int verify_response(server_contex
|
|
||||||
}
|
|
||||||
else if (!strncasecmp(c, OTP_INIT_WORD_TYPE,
|
|
||||||
strlen(OTP_INIT_WORD_TYPE))) {
|
|
||||||
- r = word2bin(utils, new_resp, new_otp, md);
|
|
||||||
+ r = word2bin(utils, new_resp, new_otp, md, mdctx);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (r == SASL_OK) {
|
|
||||||
@@ -914,7 +958,10 @@ static int verify_response(server_contex
|
|
||||||
memcpy(text->otp, new_otp, OTP_HASH_SIZE);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
-
|
|
||||||
+
|
|
||||||
+ done:
|
|
||||||
+ if (mdctx) _plug_EVP_MD_CTX_free(mdctx, utils);
|
|
||||||
+
|
|
||||||
return r;
|
|
||||||
}
|
|
||||||
|
|
||||||
diff -up cyrus-sasl-2.1.26/saslauthd/lak.c.openssl110 cyrus-sasl-2.1.26/saslauthd/lak.c
|
|
||||||
--- cyrus-sasl-2.1.26/saslauthd/lak.c.openssl110 2016-11-07 16:13:54.347327616 +0100
|
|
||||||
+++ cyrus-sasl-2.1.26/saslauthd/lak.c 2016-11-07 16:18:42.283167898 +0100
|
|
||||||
@@ -61,6 +61,35 @@
|
|
||||||
#include <sasl.h>
|
|
||||||
#include "lak.h"
|
|
||||||
|
|
||||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
||||||
+static EVP_MD_CTX *EVP_MD_CTX_new(void)
|
|
||||||
+{
|
|
||||||
+ return EVP_MD_CTX_create();
|
|
||||||
+}
|
|
||||||
+static void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
|
|
||||||
+{
|
|
||||||
+ if (ctx == NULL)
|
|
||||||
+ return;
|
|
||||||
+
|
|
||||||
+ EVP_MD_CTX_destroy(ctx);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void)
|
|
||||||
+{
|
|
||||||
+ EVP_ENCODE_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
|
|
||||||
+
|
|
||||||
+ if (ctx != NULL) {
|
|
||||||
+ memset(ctx, 0, sizeof(*ctx));
|
|
||||||
+ }
|
|
||||||
+ return ctx;
|
|
||||||
+}
|
|
||||||
+static void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx)
|
|
||||||
+{
|
|
||||||
+ OPENSSL_free(ctx);
|
|
||||||
+ return;
|
|
||||||
+}
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
typedef struct lak_auth_method {
|
|
||||||
int method;
|
|
||||||
int (*check) (LAK *lak, const char *user, const char *service, const char *realm, const char *password) ;
|
|
||||||
@@ -1720,20 +1749,28 @@ static int lak_base64_decode(
|
|
||||||
|
|
||||||
int rc, i, tlen = 0;
|
|
||||||
char *text;
|
|
||||||
- EVP_ENCODE_CTX EVP_ctx;
|
|
||||||
+ EVP_ENCODE_CTX *enc_ctx = EVP_ENCODE_CTX_new();
|
|
||||||
|
|
||||||
- text = (char *)malloc(((strlen(src)+3)/4 * 3) + 1);
|
|
||||||
if (text == NULL)
|
|
||||||
return LAK_NOMEM;
|
|
||||||
|
|
||||||
- EVP_DecodeInit(&EVP_ctx);
|
|
||||||
- rc = EVP_DecodeUpdate(&EVP_ctx, text, &i, (char *)src, strlen(src));
|
|
||||||
+ text = (char *)malloc(((strlen(src)+3)/4 * 3) + 1);
|
|
||||||
+ if (text == NULL) {
|
|
||||||
+ EVP_ENCODE_CTX_free(enc_ctx);
|
|
||||||
+ return LAK_NOMEM;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ EVP_DecodeInit(enc_ctx);
|
|
||||||
+ rc = EVP_DecodeUpdate(enc_ctx, (unsigned char *) text, &i, (const unsigned char *)src, strlen(src));
|
|
||||||
if (rc < 0) {
|
|
||||||
+ EVP_ENCODE_CTX_free(enc_ctx);
|
|
||||||
free(text);
|
|
||||||
return LAK_FAIL;
|
|
||||||
}
|
|
||||||
tlen += i;
|
|
||||||
- EVP_DecodeFinal(&EVP_ctx, text, &i);
|
|
||||||
+ EVP_DecodeFinal(enc_ctx, (unsigned char *) text, &i);
|
|
||||||
+
|
|
||||||
+ EVP_ENCODE_CTX_free(enc_ctx);
|
|
||||||
|
|
||||||
*ret = text;
|
|
||||||
if (rlen != NULL)
|
|
||||||
@@ -1749,7 +1786,7 @@ static int lak_check_hashed(
|
|
||||||
{
|
|
||||||
int rc, clen;
|
|
||||||
LAK_HASH_ROCK *hrock = (LAK_HASH_ROCK *) rock;
|
|
||||||
- EVP_MD_CTX mdctx;
|
|
||||||
+ EVP_MD_CTX *mdctx;
|
|
||||||
const EVP_MD *md;
|
|
||||||
unsigned char digest[EVP_MAX_MD_SIZE];
|
|
||||||
char *cred;
|
|
||||||
@@ -1758,17 +1795,24 @@ static int lak_check_hashed(
|
|
||||||
if (!md)
|
|
||||||
return LAK_FAIL;
|
|
||||||
|
|
||||||
+ mdctx = EVP_MD_CTX_new();
|
|
||||||
+ if (!mdctx)
|
|
||||||
+ return LAK_NOMEM;
|
|
||||||
+
|
|
||||||
rc = lak_base64_decode(hash, &cred, &clen);
|
|
||||||
- if (rc != LAK_OK)
|
|
||||||
+ if (rc != LAK_OK) {
|
|
||||||
+ EVP_MD_CTX_free(mdctx);
|
|
||||||
return rc;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
- EVP_DigestInit(&mdctx, md);
|
|
||||||
- EVP_DigestUpdate(&mdctx, passwd, strlen(passwd));
|
|
||||||
+ EVP_DigestInit(mdctx, md);
|
|
||||||
+ EVP_DigestUpdate(mdctx, passwd, strlen(passwd));
|
|
||||||
if (hrock->salted) {
|
|
||||||
- EVP_DigestUpdate(&mdctx, &cred[EVP_MD_size(md)],
|
|
||||||
+ EVP_DigestUpdate(mdctx, &cred[EVP_MD_size(md)],
|
|
||||||
clen - EVP_MD_size(md));
|
|
||||||
}
|
|
||||||
- EVP_DigestFinal(&mdctx, digest, NULL);
|
|
||||||
+ EVP_DigestFinal(mdctx, digest, NULL);
|
|
||||||
+ EVP_MD_CTX_free(mdctx);
|
|
||||||
|
|
||||||
rc = memcmp((char *)cred, (char *)digest, EVP_MD_size(md));
|
|
||||||
free(cred);
|
|
@ -27,27 +27,20 @@ Patch15: cyrus-sasl-2.1.20-saslauthd.conf-path.patch
|
|||||||
Patch23: cyrus-sasl-2.1.23-man.patch
|
Patch23: cyrus-sasl-2.1.23-man.patch
|
||||||
Patch24: cyrus-sasl-2.1.21-sizes.patch
|
Patch24: cyrus-sasl-2.1.21-sizes.patch
|
||||||
Patch31: cyrus-sasl-2.1.22-kerberos4.patch
|
Patch31: cyrus-sasl-2.1.22-kerberos4.patch
|
||||||
Patch32: cyrus-sasl-2.1.26-warnings.patch
|
|
||||||
Patch34: cyrus-sasl-2.1.22-ldap-timeout.patch
|
Patch34: cyrus-sasl-2.1.22-ldap-timeout.patch
|
||||||
# removed due to #759334
|
# removed due to #759334
|
||||||
#Patch38: cyrus-sasl-2.1.23-pam_rhosts.patch
|
#Patch38: cyrus-sasl-2.1.23-pam_rhosts.patch
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=816250
|
# https://bugzilla.redhat.com/show_bug.cgi?id=816250
|
||||||
Patch43: cyrus-sasl-2.1.26-null-crypt.patch
|
Patch43: cyrus-sasl-2.1.26-null-crypt.patch
|
||||||
Patch44: cyrus-sasl-2.1.26-release-server_creds.patch
|
|
||||||
# AM_CONFIG_HEADER is obsolete, use AC_CONFIG_HEADERS instead
|
# AM_CONFIG_HEADER is obsolete, use AC_CONFIG_HEADERS instead
|
||||||
Patch45: cyrus-sasl-2.1.26-obsolete-macro.patch
|
Patch45: cyrus-sasl-2.1.26-obsolete-macro.patch
|
||||||
# missing size_t declaration in sasl.h
|
|
||||||
Patch46: cyrus-sasl-2.1.26-size_t.patch
|
|
||||||
# disable incorrect check for MkLinux
|
# disable incorrect check for MkLinux
|
||||||
Patch47: cyrus-sasl-2.1.26-ppc.patch
|
Patch47: cyrus-sasl-2.1.26-ppc.patch
|
||||||
# detect gsskrb5_register_acceptor_identity macro (#976538)
|
# detect gsskrb5_register_acceptor_identity macro (#976538)
|
||||||
Patch48: cyrus-sasl-2.1.26-keytab.patch
|
#Patch49: cyrus-sasl-2.1.26-md5global.patch
|
||||||
Patch49: cyrus-sasl-2.1.26-md5global.patch
|
|
||||||
# revert upstream commit 080e51c7fa0421eb2f0210d34cf0ac48a228b1e9 (#984079)
|
# revert upstream commit 080e51c7fa0421eb2f0210d34cf0ac48a228b1e9 (#984079)
|
||||||
# https://bugzilla.cyrusimap.org/show_bug.cgi?id=3480
|
# https://bugzilla.cyrusimap.org/show_bug.cgi?id=3480
|
||||||
Patch50: cyrus-sasl-2.1.26-revert-upstream-080e51c7fa0421eb2f0210d34cf0ac48a228b1e9.patch
|
Patch50: cyrus-sasl-2.1.26-revert-upstream-080e51c7fa0421eb2f0210d34cf0ac48a228b1e9.patch
|
||||||
# improve sql libraries detection
|
|
||||||
Patch51: cyrus-sasl-2.1.26-sql.patch
|
|
||||||
# improve configuration error message
|
# improve configuration error message
|
||||||
Patch52: cyrus-sasl-2.1.26-config-error.patch
|
Patch52: cyrus-sasl-2.1.26-config-error.patch
|
||||||
# Treat SCRAM-SHA-1/DIGEST-MD5 as more secure than PLAIN (#970718)
|
# Treat SCRAM-SHA-1/DIGEST-MD5 as more secure than PLAIN (#970718)
|
||||||
@ -198,17 +191,12 @@ chmod -x include/*.h
|
|||||||
%patch23 -p1 -b .man
|
%patch23 -p1 -b .man
|
||||||
%patch24 -p1 -b .sizes
|
%patch24 -p1 -b .sizes
|
||||||
#%patch31 -p1 -b .krb4
|
#%patch31 -p1 -b .krb4
|
||||||
%patch32 -p1 -b .warnings
|
|
||||||
#%patch34 -p1 -b .ldap-timeout
|
#%patch34 -p1 -b .ldap-timeout
|
||||||
#%patch43 -p1 -b .null-crypt
|
#%patch43 -p1 -b .null-crypt
|
||||||
%patch44 -p1 -b .release-server_creds
|
|
||||||
#%patch45 -p1 -b .obsolete-macro
|
#%patch45 -p1 -b .obsolete-macro
|
||||||
%patch46 -p1 -b .size_t
|
|
||||||
#%patch47 -p1 -b .ppc
|
#%patch47 -p1 -b .ppc
|
||||||
%patch48 -p1 -b .keytab
|
#%patch49 -p1 -b .md5global.h
|
||||||
%patch49 -p1 -b .md5global.h
|
|
||||||
%patch50 -p1 -b .gssapi
|
%patch50 -p1 -b .gssapi
|
||||||
%patch51 -p1 -b .sql
|
|
||||||
#%patch52 -p1 -b .configerr
|
#%patch52 -p1 -b .configerr
|
||||||
#%patch53 -p1 -b .sha1vsplain
|
#%patch53 -p1 -b .sha1vsplain
|
||||||
#%patch54 -p1 -b .leak
|
#%patch54 -p1 -b .leak
|
||||||
|
Loading…
Reference in New Issue
Block a user