commit 8600b2ad191dc3038badc155c98af3f706202107 Author: overweight <5324761+overweight@user.noreply.gitee.com> Date: Mon Sep 30 10:36:31 2019 -0400 Package init diff --git a/0003-Prevent-double-free-of-RC4-context.patch b/0003-Prevent-double-free-of-RC4-context.patch new file mode 100644 index 0000000..3e1e338 --- /dev/null +++ b/0003-Prevent-double-free-of-RC4-context.patch @@ -0,0 +1,34 @@ +From ca6c587cc9da51235b125a97e841fa786aaad7ff Mon Sep 17 00:00:00 2001 +From: Simo Sorce +Date: Tue, 16 Apr 2019 10:18:43 -0400 +Subject: [PATCH 3/3] Prevent double free of RC4 context + +Signed-off-by: Simo Sorce +--- + plugins/digestmd5.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/plugins/digestmd5.c b/plugins/digestmd5.c +index f184c16..df35093 100644 +--- a/plugins/digestmd5.c ++++ b/plugins/digestmd5.c +@@ -1224,8 +1224,14 @@ static void free_rc4(context_t *text) + { + /* free rc4 context structures */ + +- if(text->cipher_enc_context) text->utils->free(text->cipher_enc_context); +- if(text->cipher_dec_context) text->utils->free(text->cipher_dec_context); ++ if (text->cipher_enc_context) { ++ text->utils->free(text->cipher_enc_context); ++ text->cipher_enc_context = NULL; ++ } ++ if (text->cipher_dec_context) { ++ text->utils->free(text->cipher_dec_context); ++ text->cipher_dec_context = NULL; ++ } + } + + static int init_rc4(context_t *text, +-- +2.7.4 + diff --git a/autogen.sh b/autogen.sh new file mode 100644 index 0000000..38e3be2 --- /dev/null +++ b/autogen.sh @@ -0,0 +1,37 @@ +#!/bin/sh +# Run this to generate all the initial makefiles, etc. +test -n "$srcdir" || srcdir=`dirname "$0"` +test -n "$srcdir" || srcdir=. + +olddir=`pwd` + +cd $srcdir + +(test -f configure.ac) || { + echo "*** ERROR: Directory "\`$srcdir\'" does not look like the top-level project directory ***" + exit 1 +} + +PKG_NAME=`autoconf --trace 'AC_INIT:$1' configure.ac` + +if [ "$#" = 0 -a "x$NOCONFIGURE" = "x" ]; then + echo "*** WARNING: I am going to run \`configure' with no arguments." >&2 + echo "*** If you wish to pass any to it, please specify them on the" >&2 + echo "*** \`$0\' command line." >&2 + echo "" >&2 +fi + +aclocal --install || exit 1 +autoreconf --verbose --force --install -Wno-portability || exit 1 + +cd $olddir +if [ "$NOCONFIGURE" = "" ]; then + $srcdir/configure "$@" || exit 1 + + if [ "$1" = "--help" ]; then exit 0 else + echo "Now type \`make\' to compile $PKG_NAME" || exit 1 + fi +else + echo "Skipping configure process." +fi + diff --git a/cyrus-sasl-2.1.20-saslauthd.conf-path.patch b/cyrus-sasl-2.1.20-saslauthd.conf-path.patch new file mode 100644 index 0000000..1e414ff --- /dev/null +++ b/cyrus-sasl-2.1.20-saslauthd.conf-path.patch @@ -0,0 +1,26 @@ +diff -up cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc.path cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc +--- cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc.path 2015-10-15 15:44:43.000000000 +0200 ++++ cyrus-sasl-2.1.27/saslauthd/saslauthd.mdoc 2015-11-20 15:05:30.421377527 +0100 +@@ -221,7 +221,7 @@ instead. + .Em (All platforms that support OpenLDAP 2.0 or higher) + .Pp + Authenticate against an ldap server. The ldap configuration parameters are +-read from /usr/local/etc/saslauthd.conf. The location of this file can be ++read from /etc/saslauthd.conf. The location of this file can be + changed with the -O parameter. See the LDAP_SASLAUTHD file included with the + distribution for the list of available parameters. + .It Li sia +@@ -251,10 +251,10 @@ these ticket files can cause serious per + servers. (Kerberos + was never intended to be used in this manner, anyway.) + .Sh FILES +-.Bl -tag -width "/var/run/saslauthd/mux" +-.It Pa /var/run/saslauthd/mux ++.Bl -tag -width "/run/saslauthd/mux" ++.It Pa /run/saslauthd/mux + The default communications socket. +-.It Pa /usr/local/etc/saslauthd.conf ++.It Pa /etc/saslauthd.conf + The default configuration file for ldap support. + .El + .Sh SEE ALSO diff --git a/cyrus-sasl-2.1.21-sizes.patch b/cyrus-sasl-2.1.21-sizes.patch new file mode 100644 index 0000000..6373924 --- /dev/null +++ b/cyrus-sasl-2.1.21-sizes.patch @@ -0,0 +1,119 @@ +diff -up cyrus-sasl-2.1.27/configure.ac.sizes cyrus-sasl-2.1.27/configure.ac +--- cyrus-sasl-2.1.27/configure.ac.sizes 2015-11-18 09:46:24.000000000 +0100 ++++ cyrus-sasl-2.1.27/configure.ac 2015-11-20 15:11:20.474588247 +0100 +@@ -1312,6 +1312,10 @@ AC_HEADER_STDC + AC_HEADER_DIRENT + AC_HEADER_SYS_WAIT + AC_CHECK_HEADERS(crypt.h des.h dlfcn.h fcntl.h limits.h malloc.h paths.h strings.h sys/file.h sys/time.h syslog.h unistd.h inttypes.h sys/uio.h sys/param.h sysexits.h stdarg.h varargs.h krb5.h) ++AC_CHECK_TYPES([long long, int8_t, uint8_t, int16_t, uint16_t, int32_t, uint32_t, int64_t, uint64_t],,,[ ++#ifdef HAVE_INTTYPES_H ++#include ++#endif]) + + IPv6_CHECK_SS_FAMILY() + IPv6_CHECK_SA_LEN() +diff -up cyrus-sasl-2.1.27/include/makemd5.c.sizes cyrus-sasl-2.1.27/include/makemd5.c +--- cyrus-sasl-2.1.27/include/makemd5.c.sizes 2015-10-15 15:44:43.000000000 +0200 ++++ cyrus-sasl-2.1.27/include/makemd5.c 2015-11-20 15:11:20.477588240 +0100 +@@ -82,12 +82,19 @@ + */ + + ++#ifdef HAVE_CONFIG_H ++#include "../config.h" ++#endif + + #include + #include + #include + #include + ++#ifdef HAVE_INTTYPES_H ++#include ++#endif ++ + + static void + my_strupr(char *s) +@@ -122,6 +129,18 @@ my_strupr(char *s) + static void + try_signed(FILE *f, int len) + { ++#ifdef HAVE_INT8_T ++ BITSIZE(int8_t); ++#endif ++#ifdef HAVE_INT16_T ++ BITSIZE(int16_t); ++#endif ++#ifdef HAVE_INT32_T ++ BITSIZE(int32_t); ++#endif ++#ifdef HAVE_INT64_T ++ BITSIZE(int64_t); ++#endif + BITSIZE(signed char); + BITSIZE(short); + BITSIZE(int); +@@ -135,6 +154,18 @@ try_signed(FILE *f, int len) + static void + try_unsigned(FILE *f, int len) + { ++#ifdef HAVE_UINT8_T ++ BITSIZE(uint8_t); ++#endif ++#ifdef HAVE_UINT16_T ++ BITSIZE(uint16_t); ++#endif ++#ifdef HAVE_UINT32_T ++ BITSIZE(uint32_t); ++#endif ++#ifdef HAVE_UINT64_T ++ BITSIZE(uint64_t); ++#endif + BITSIZE(unsigned char); + BITSIZE(unsigned short); + BITSIZE(unsigned int); +@@ -165,6 +196,11 @@ static int print_pre(FILE *f) + "/* POINTER defines a generic pointer type */\n" + "typedef unsigned char *POINTER;\n" + "\n" ++#ifdef HAVE_INTTYPES_H ++ "/* We try to define integer types for our use */\n" ++ "#include \n" ++ "\n" ++#endif + ); + return 1; + } +@@ -212,31 +248,15 @@ int main(int argc, char **argv) + + print_pre(f); + +-#ifndef HAVE_INT8_T + try_signed (f, 8); +-#endif /* HAVE_INT8_T */ +-#ifndef HAVE_INT16_T + try_signed (f, 16); +-#endif /* HAVE_INT16_T */ +-#ifndef HAVE_INT32_T + try_signed (f, 32); +-#endif /* HAVE_INT32_T */ +-#ifndef HAVE_INT64_T + try_signed (f, 64); +-#endif /* HAVE_INT64_T */ + +-#ifndef HAVE_U_INT8_T + try_unsigned (f, 8); +-#endif /* HAVE_INT8_T */ +-#ifndef HAVE_U_INT16_T + try_unsigned (f, 16); +-#endif /* HAVE_U_INT16_T */ +-#ifndef HAVE_U_INT32_T + try_unsigned (f, 32); +-#endif /* HAVE_U_INT32_T */ +-#ifndef HAVE_U_INT64_T + try_unsigned (f, 64); +-#endif /* HAVE_U_INT64_T */ + + print_post(f); + diff --git a/cyrus-sasl-2.1.23-man.patch b/cyrus-sasl-2.1.23-man.patch new file mode 100644 index 0000000..21c63cd --- /dev/null +++ b/cyrus-sasl-2.1.23-man.patch @@ -0,0 +1,24 @@ +diff -up cyrus-sasl-2.1.26/saslauthd/testsaslauthd.8.man cyrus-sasl-2.1.26/saslauthd/testsaslauthd.8 +--- cyrus-sasl-2.1.26/saslauthd/testsaslauthd.8.man 2013-09-03 15:25:26.818042047 +0200 ++++ cyrus-sasl-2.1.26/saslauthd/testsaslauthd.8 2013-09-03 15:25:26.818042047 +0200 +@@ -0,0 +1,20 @@ ++.\" Hey, EMACS: -*- nroff -*- ++.TH TESTSASLAUTHD 8 "14 October 2006" ++.SH NAME ++testsaslauthd \- test utility for the SASL authentication server ++.SH SYNOPSIS ++.B testsaslauthd ++.RI "[ " \(hyr " " realm " ] [ " \(hys " " servicename " ] [ " \(hyf " " socket " " path " ] [ " \(hyR " " repeatnum " ]" ++.SH DESCRIPTION ++This manual page documents briefly the ++.B testsaslauthd ++command. ++.PP ++.SH SEE ALSO ++.BR saslauthd (8). ++.br ++.SH AUTHOR ++testsaslauthd was written by Carnegie Mellon University. ++.PP ++This manual page was written by Roberto C. Sanchez , ++for the Debian project (but may be used by others). diff --git a/cyrus-sasl-2.1.25-no_rpath.patch b/cyrus-sasl-2.1.25-no_rpath.patch new file mode 100644 index 0000000..3ff180c --- /dev/null +++ b/cyrus-sasl-2.1.25-no_rpath.patch @@ -0,0 +1,20 @@ +diff -up cyrus-sasl-2.1.25/m4/cyrus.m4.no_rpath cyrus-sasl-2.1.25/m4/cyrus.m4 +--- cyrus-sasl-2.1.25/m4/cyrus.m4.no_rpath 2010-01-22 16:12:01.000000000 +0100 ++++ cyrus-sasl-2.1.25/m4/cyrus.m4 2012-12-06 14:59:47.956102057 +0100 +@@ -32,14 +32,5 @@ AC_DEFUN([CMU_ADD_LIBPATH_TO], [ + dnl runpath initialization + AC_DEFUN([CMU_GUESS_RUNPATH_SWITCH], [ + # CMU GUESS RUNPATH SWITCH +- AC_CACHE_CHECK(for runpath switch, andrew_cv_runpath_switch, [ +- # first, try -R +- SAVE_LDFLAGS="${LDFLAGS}" +- LDFLAGS="-R /usr/lib" +- AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-R"], [ +- LDFLAGS="-Wl,-rpath,/usr/lib" +- AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-Wl,-rpath,"], +- [andrew_cv_runpath_switch="none"]) +- ]) +- LDFLAGS="${SAVE_LDFLAGS}" +- ])]) ++ andrew_runpath_switch="none" ++ ]) diff --git a/cyrus-sasl-2.1.26-md5global.patch b/cyrus-sasl-2.1.26-md5global.patch new file mode 100644 index 0000000..605c8ec --- /dev/null +++ b/cyrus-sasl-2.1.26-md5global.patch @@ -0,0 +1,24 @@ +diff -up cyrus-sasl-2.1.27/include/Makefile.am.md5global.h cyrus-sasl-2.1.27/include/Makefile.am +--- cyrus-sasl-2.1.27/include/Makefile.am.md5global.h 2018-05-17 13:33:49.588368350 +0200 ++++ cyrus-sasl-2.1.27/include/Makefile.am 2018-05-17 13:38:19.377316869 +0200 +@@ -49,20 +49,7 @@ saslinclude_HEADERS = hmac-md5.h md5.h m + + noinst_PROGRAMS = makemd5 + +-makemd5_SOURCES = makemd5.c +- +-makemd5$(BUILD_EXEEXT) $(makemd5_OBJECTS): CC=$(CC_FOR_BUILD) +-makemd5$(BUILD_EXEEXT) $(makemd5_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD) +-makemd5$(BUILD_EXEEXT): LDFLAGS=$(LDFLAGS_FOR_BUILD) +- +-md5global.h: makemd5$(BUILD_EXEEXT) Makefile +- -rm -f $@ +- ./$< $@ +- +-BUILT_SOURCES = md5global.h +- + EXTRA_DIST = NTMakefile +-DISTCLEANFILES = md5global.h + + if MACOSX + framedir = /Library/Frameworks/SASL2.framework diff --git a/cyrus-sasl-2.1.27-nodlcompatorsrp.tar.gz b/cyrus-sasl-2.1.27-nodlcompatorsrp.tar.gz new file mode 100644 index 0000000..20d088e Binary files /dev/null and b/cyrus-sasl-2.1.27-nodlcompatorsrp.tar.gz differ diff --git a/cyrus-sasl.spec b/cyrus-sasl.spec new file mode 100644 index 0000000..38cc315 --- /dev/null +++ b/cyrus-sasl.spec @@ -0,0 +1,271 @@ +%global username saslauth +%global hint Saslauthd user +%global homedir /run/saslauthd + +%global bootstrap_cyrus_sasl 0 + +Name: cyrus-sasl +Version: 2.1.27 +Release: 5 +Summary: The Cyrus SASL API Implementation + +License: BSD with advertising +URL: https://www.cyrusimap.org/sasl/ +Source0: cyrus-sasl-%{version}-nodlcompatorsrp.tar.gz +Source5: saslauthd.service +Source7: sasl-mechlist.c +Source9: saslauthd.sysconfig +Source10: make-no-dlcompatorsrp-tarball.sh +Source11: autogen.sh + +Patch11: cyrus-sasl-2.1.25-no_rpath.patch +Patch15: cyrus-sasl-2.1.20-saslauthd.conf-path.patch +Patch23: cyrus-sasl-2.1.23-man.patch +Patch24: cyrus-sasl-2.1.21-sizes.patch +Patch49: cyrus-sasl-2.1.26-md5global.patch +Patch6000: 0003-Prevent-double-free-of-RC4-context.patch + +BuildRequires: autoconf, automake, libtool, gdbm-devel, groff +BuildRequires: krb5-devel >= 1.2.2, openssl-devel, pam-devel, pkgconfig +BuildRequires: mariadb-connector-c-devel, postgresql-devel, zlib-devel +BuildRequires: libdb-devel +%if ! %{bootstrap_cyrus_sasl} +BuildRequires: openldap-devel +%endif +%{?systemd_requires} + +Requires(pre): /usr/sbin/useradd /usr/sbin/groupadd +Requires(postun): /usr/sbin/userdel /usr/sbin/groupdel +Requires: /sbin/nologin +Requires: systemd >= 211 + +Provides: user(%username) +Provides: group(%username) +Provides: %{name}-lib %{name}-lib%{?_isa} +Provides: %{name}-gssapi %{name}-gssapi%{?_isa} +Provides: %{name}-plain %{name}-md5 %{name}-ntlm +Provides: %{name}-sql %{name}-ldap %{name}-scram %{name}-gs2 +Obsoletes: %{name}-lib %{name}-lib%{?_isa} +Obsoletes: %{name}-gssapi %{name}-gssapi%{?_isa} +Obsoletes: %{name}-plain %{name}-md5 %{name}-ntlm +Obsoletes: %{name}-sql %{name}-ldap %{name}-scram %{name}-gs2 + +%description +The %{name} package contains the Cyrus implementation of SASL. +SASL is the Simple Authentication and Security Layer, a method for +adding authentication support to connection-based protocols. + +%package devel +Summary: Development files for %{name} +Requires: %{name} = %{version}-%{release} +Requires: pkgconf + +%description devel +The %{name}-devel package contains files needed for developing and +compiling applications which use the Cyrus SASL library. + +%package sql +Summary: SQL auxprop support for Cyrus SASL +Requires: %{name} = %{version}-%{release} + +%description sql +The %{name}-sql package contains the Cyrus SASL plugin which supports +using a RDBMS for storing shared secrets. + +%package_help + +%prep +%autosetup -n %{name}-%{version} -p1 + +%build +cp %{SOURCE11} ./ +rm configure aclocal.m4 config/ltmain.sh Makefile.in +export NOCONFIGURE=yes +sh autogen.sh + +krb5_prefix=`krb5-config --prefix` +if test x$krb5_prefix = x%{_prefix} ; then + krb5_prefix= +else + CPPFLAGS="-I${krb5_prefix}/include $CPPFLAGS"; export CPPFLAGS + LDFLAGS="-L${krb5_prefix}/%{_lib} $LDFLAGS"; export LDFLAGS +fi + +LIBS="-lcrypt"; export LIBS +if pkg-config openssl ; then + CPPFLAGS="`pkg-config --cflags-only-I openssl` $CPPFLAGS"; export CPPFLAGS + LDFLAGS="`pkg-config --libs-only-L openssl` $LDFLAGS"; export LDFLAGS +fi + +INC_DIR="`mysql_config --include`" +if test x"$INC_DIR" != "x-I%{_includedir}"; then + CPPFLAGS="$INC_DIR $CPPFLAGS"; export CPPFLAGS +fi +LIB_DIR="`mysql_config --libs | sed -e 's,-[^L][^ ]*,,g' -e 's,^ *,,' -e 's, *$,,' -e 's, *, ,g'`" +if test x"$LIB_DIR" != "x-L%{_libdir}"; then + LDFLAGS="$LIB_DIR $LDFLAGS"; export LDFLAGS +fi + +INC_DIR="-I`pg_config --includedir`" +if test x"$INC_DIR" != "x-I%{_includedir}"; then + CPPFLAGS="$INC_DIR $CPPFLAGS"; export CPPFLAGS +fi +LIB_DIR="-L`pg_config --libdir`" +if test x"$LIB_DIR" != "x-L%{_libdir}"; then + LDFLAGS="$LIB_DIR $LDFLAGS"; export LDFLAGS +fi + +CFLAGS="$RPM_OPT_FLAGS $CFLAGS $CPPFLAGS -fPIC -pie -Wl,-z,relro -Wl,-z,now"; export CFLAGS + +echo "$CFLAGS" +echo "$CPPFLAGS" +echo "$LDFLAGS" + +%configure \ + --enable-shared --disable-static \ + --disable-java \ + --with-plugindir=%{_libdir}/sasl2 \ + --with-configdir=%{_libdir}/sasl2:%{_sysconfdir}/sasl2 \ + --disable-krb4 \ + --enable-gssapi${krb5_prefix:+=${krb5_prefix}} \ + --with-gss_impl=mit \ + --with-rc4 \ + --with-dblib=berkeley \ + --with-bdb=db \ + --with-saslauthd=/run/saslauthd --without-pwcheck \ +%if ! %{bootstrap_cyrus_sasl} + --with-ldap \ +%endif + --with-devrandom=/dev/urandom \ + --enable-anon \ + --enable-cram \ + --enable-digest \ + --enable-ntlm \ + --enable-plain \ + --enable-login \ + --enable-alwaystrue \ + --enable-httpform \ + --disable-otp \ +%if ! %{bootstrap_cyrus_sasl} + --enable-ldapdb \ +%endif + --enable-sql --with-mysql=yes --with-pgsql=yes \ + --without-sqlite \ + "$@" +make sasldir=%{_libdir}/sasl2 +make -C saslauthd testsaslauthd +make -C sample + +pushd lib +../libtool --mode=link %{__cc} -o sasl2-shared-mechlist -I../include $CFLAGS %{SOURCE7} $LDFLAGS ./libsasl2.la + + +%install +test "$RPM_BUILD_ROOT" != "/" && rm -rf $RPM_BUILD_ROOT + +make install DESTDIR=$RPM_BUILD_ROOT sasldir=%{_libdir}/sasl2 +make install DESTDIR=$RPM_BUILD_ROOT sasldir=%{_libdir}/sasl2 -C plugins + +install -m755 -d $RPM_BUILD_ROOT%{_bindir} +./libtool --mode=install \ +install -m755 sample/client $RPM_BUILD_ROOT%{_bindir}/sasl2-sample-client +./libtool --mode=install \ +install -m755 sample/server $RPM_BUILD_ROOT%{_bindir}/sasl2-sample-server +./libtool --mode=install \ +install -m755 saslauthd/testsaslauthd $RPM_BUILD_ROOT%{_sbindir}/testsaslauthd +install -m755 -d $RPM_BUILD_ROOT%{_mandir}/man8/ +install -m644 -p saslauthd/saslauthd.mdoc $RPM_BUILD_ROOT%{_mandir}/man8/saslauthd.8 +install -m644 -p saslauthd/testsaslauthd.8 $RPM_BUILD_ROOT%{_mandir}/man8/testsaslauthd.8 +install -d -m755 $RPM_BUILD_ROOT/%{_unitdir} $RPM_BUILD_ROOT/etc/sysconfig +install -m644 -p %{SOURCE5} $RPM_BUILD_ROOT/%{_unitdir}/saslauthd.service +install -m644 -p %{SOURCE9} $RPM_BUILD_ROOT/etc/sysconfig/saslauthd +install -m755 -d $RPM_BUILD_ROOT/%{_sysconfdir}/sasl2 +install -m755 -d $RPM_BUILD_ROOT/%{_libdir}/sasl2 + +./libtool --mode=install \ +install -m755 lib/sasl2-shared-mechlist $RPM_BUILD_ROOT/%{_sbindir}/ + +rm -f $RPM_BUILD_ROOT%{_libdir}/sasl2/libotp.* +rm -f $RPM_BUILD_ROOT%{_mandir}/cat8/saslauthd.8 +%delete_la_and_a + +%check +make check + +%pre +getent group %{username} >/dev/null || groupadd -g 76 -r %{username} +getent passwd %{username} >/dev/null || useradd -r -g %{username} -d %{homedir} -s /sbin/nologin -c "%{hint}" %{username} + +%post +%systemd_post saslauthd.service + +%preun +%systemd_preun saslauthd.service + +%postun +%systemd_postun_with_restart saslauthd.service + +%files +%defattr(-,root,root) +%license COPYING +%doc AUTHORS +%config(noreplace) /etc/sysconfig/saslauthd +%dir %{_sysconfdir}/sasl2 +%{_sbindir}/pluginviewer +%{_sbindir}/saslauthd +%{_sbindir}/testsaslauthd +%{_sbindir}/saslpasswd2 +%{_sbindir}/sasldblistusers2 +%{_sbindir}/sasl2-shared-mechlist +%{_libdir}/libsasl*.so.* +%dir %{_libdir}/sasl2/ +%{_libdir}/sasl2/*anonymous*.so* +%{_libdir}/sasl2/*sasldb*.so* +%{_libdir}/sasl2/*plain*.so* +%{_libdir}/sasl2/*login*.so* +%if ! %{bootstrap_cyrus_sasl} +%{_libdir}/sasl2/*ldapdb*.so* +%endif +%{_libdir}/sasl2/*crammd5*.so* +%{_libdir}/sasl2/*digestmd5*.so* +%{_libdir}/sasl2/*ntlm*.so* +%{_libdir}/sasl2/*gssapi*.so* +%{_libdir}/sasl2/libscram.so* +%{_libdir}/sasl2/libgs2.so* +%{_unitdir}/saslauthd.service +%ghost /run/saslauthd + +%files devel +%defattr(-,root,root) +%{_bindir}/sasl2-sample-client +%{_bindir}/sasl2-sample-server +%{_includedir}/* +%{_libdir}/libsasl*.*so +%{_libdir}/pkgconfig/*.pc + +%files sql +%defattr(-,root,root) +%{_libdir}/sasl2/*sql*.so* + +%files help +%defattr(-,root,root) +%doc doc/html/*.html saslauthd/LDAP_SASLAUTHD +%{_mandir}/man3/* +%{_mandir}/man8/* + + +%changelog +* Tue Sep 24 2019 openEuler Buildteam - 2.1.27-5 +- Require adjust + +* Mon Sep 23 2019 openEuler Buildteam - 2.1.27-4 +- Add cyrus-sasl-sql package + +* Mon Sep 23 2019 openEuler Buildteam - 2.1.27-3 +- Fix libpq dependency problems + +* Mon Sep 23 2019 openEuler Buildteam - 2.1.27-2 +- Fix cyrus-sasl-gssapi dependency problems + +* Thu Sep 19 2019 openEuler Buildteam - 2.1.27-1 +- Package init diff --git a/make-no-dlcompatorsrp-tarball.sh b/make-no-dlcompatorsrp-tarball.sh new file mode 100755 index 0000000..a0a3245 --- /dev/null +++ b/make-no-dlcompatorsrp-tarball.sh @@ -0,0 +1,41 @@ +#!/bin/bash -e +# +# See ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/ for unmodified sources. +# + +tmppath=`mktemp -d ${TMPDIR:-/tmp}/make-no-dlcompat-tarball-XXXXXX` +if test -z "$tmppath" ; then + echo Error creating temporary directory. + exit 1 +fi +trap "rm -fr $tmppath" EXIT + +initialdir=`pwd` + +for tarball in ${initialdir}/cyrus-sasl-*.tar.{gz,bz2} ; do + if ! test -s "$tarball" ; then + continue + fi + rm -fr $tmppath/* + pushd $tmppath > /dev/null + case "$tarball" in + *nodlcompat*) + : Do nothing. + ;; + *.gz) + gzip -dc "$tarball" | tar xf - + rm -fr cyrus-sasl-*/dlcompat* + rm -fr cyrus-sasl-*/plugins/srp* + tar cf - * | gzip -9c > \ + $initialdir/`basename $tarball .tar.gz`-nodlcompatorsrp.tar.gz + ;; + *.bz2) + bzip2 -dc "$tarball" | tar xf - + rm -fr cyrus-sasl-*/dlcompat* + rm -fr cyrus-sasl-*/plugins/srp* + tar cf - * | bzip2 -9c > \ + $initialdir/`basename $tarball .tar.bz2`-nodlcompatorsrp.tar.bz2 + ;; + esac + popd > /dev/null +done diff --git a/sasl-mechlist.c b/sasl-mechlist.c new file mode 100644 index 0000000..680e983 --- /dev/null +++ b/sasl-mechlist.c @@ -0,0 +1,99 @@ +#include +#include +#include +#include + +#include "sasl.h" + +static int +my_getopt(void *context, const char *plugin_name, + const char *option, const char **result, unsigned *len) +{ + if (result) { + *result = NULL; +#if 0 + fprintf(stderr, "Getopt plugin=%s%s%s/option=%s%s%s -> ", + plugin_name ? "\"" : "", + plugin_name ? plugin_name : "(null)", + plugin_name ? "\"" : "", + option ? "\"" : "", + option ? option : "(null)", + option ? "\"" : ""); + fprintf(stderr, "'%s'.\n", *result ? *result : ""); +#endif + } + if (len) { + *len = 0; + } + return 0; +} + +int +main(int argc, char **argv) +{ + int ret, i; + const char *mechs, **globals; + sasl_callback_t callbacks[] = { + {SASL_CB_GETOPT, my_getopt, NULL}, + {SASL_CB_LIST_END}, + }; + sasl_conn_t *connection; + char hostname[512]; + + if ((argc > 1) && (argv[1][0] == '-')) { + fprintf(stderr, "Usage: %s [appname [hostname] ]\n", argv[0]); + return 0; + } + + ret = sasl_server_init(callbacks, argc > 1 ? argv[1] : "sasl-mechlist"); + if (ret != SASL_OK) { + fprintf(stderr, "Error in sasl_server_init(): %s\n", + sasl_errstring(ret, NULL, NULL)); + } + + connection = NULL; + strcpy(hostname, "localhost"); + gethostname(hostname, sizeof(hostname)); + ret = sasl_server_new(argc > 2 ? argv[2] : "host", + hostname, + NULL, + NULL, + NULL, + callbacks, + 0, + &connection); + if (ret != SASL_OK) { + fprintf(stderr, "Error in sasl_server_new(): %s\n", + sasl_errstring(ret, NULL, NULL)); + } + + ret = sasl_listmech(connection, + getenv("USER") ? getenv("USER") : "root", + "Available mechanisms: ", + ",", + "\n", + &mechs, + NULL, + NULL); + if (ret != SASL_OK) { + fprintf(stderr, "Error in sasl_listmechs(): %s\n", + sasl_errstring(ret, NULL, NULL)); + } else { + fprintf(stdout, "%s", mechs); + } + + globals = sasl_global_listmech(); + for (i = 0; (globals != NULL) && (globals[i] != NULL); i++) { + if (i == 0) { + fprintf(stdout, "Library supports: "); + } + fprintf(stdout, "%s", globals[i]); + if (globals[i + 1] != NULL) { + fprintf(stdout, ","); + } else { + fprintf(stdout, "\n"); + } + } + + return 0; +} diff --git a/saslauthd.service b/saslauthd.service new file mode 100644 index 0000000..c7c7eca --- /dev/null +++ b/saslauthd.service @@ -0,0 +1,12 @@ +[Unit] +Description=SASL authentication daemon. + +[Service] +Type=forking +PIDFile=/run/saslauthd/saslauthd.pid +EnvironmentFile=/etc/sysconfig/saslauthd +ExecStart=/usr/sbin/saslauthd -m $SOCKETDIR -a $MECH $FLAGS +RuntimeDirectory=saslauthd + +[Install] +WantedBy=multi-user.target diff --git a/saslauthd.sysconfig b/saslauthd.sysconfig new file mode 100644 index 0000000..5413c36 --- /dev/null +++ b/saslauthd.sysconfig @@ -0,0 +1,11 @@ +# Directory in which to place saslauthd's listening socket, pid file, and so +# on. This directory must already exist. +SOCKETDIR=/run/saslauthd + +# Mechanism to use when checking passwords. Run "saslauthd -v" to get a list +# of which mechanism your installation was compiled with the ablity to use. +MECH=pam + +# Additional flags to pass to saslauthd on the command line. See saslauthd(8) +# for the list of accepted flags. +FLAGS=