public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/, dev-libs/cyrus-sasl/files/
@ 2018-10-24 12:30 Lars Wendler
  0 siblings, 0 replies; 9+ messages in thread
From: Lars Wendler @ 2018-10-24 12:30 UTC (permalink / raw
  To: gentoo-commits

commit:     ab9cb2adf29b582afb8541b4ceb5a3185c82ba30
Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Wed Oct 24 12:30:31 2018 +0000
Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Wed Oct 24 12:30:31 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ab9cb2ad

dev-libs/cyrus-sasl: Fixed build with openssl-1.1

Bumped to EAPI-6 and did some ebuild cleanup.

Closes: https://bugs.gentoo.org/592528
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11

 dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r11.ebuild   | 111 ++++---
 ...us-sasl-2.1.23-gss_c_nt_hostbased_service.patch |   4 +-
 .../files/cyrus-sasl-2.1.25-fix_heimdal.patch      |   8 +-
 .../files/cyrus-sasl-2.1.25-missing_header.patch   |   4 +-
 .../files/cyrus-sasl-2.1.25-service_keytabs.patch  |   8 +-
 ...us-sasl-2.1.26-fix_dovecot_authentication.patch |   8 +-
 .../files/cyrus-sasl-2.1.26-missing-size_t.patch   |   4 +-
 .../files/cyrus-sasl-2.1.26-openssl-1.1.patch      | 353 +++++++++++++++++++++
 8 files changed, 425 insertions(+), 75 deletions(-)

diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r11.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r11.ebuild
index 582c8463da1..f7cccc351ba 100644
--- a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r11.ebuild
+++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r11.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=5
+EAPI=6
 
-inherit eutils flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd
+inherit flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd
 
 SASLAUTHD_CONF_VER="2.1.26"
 
@@ -58,6 +58,7 @@ PATCHES=(
 	"${FILESDIR}/${PN}-2.1.26-send-imap-logout.patch"
 	"${FILESDIR}/${PN}-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch"
 	"${FILESDIR}/${PN}-2.1.26-fix_dovecot_authentication.patch"
+	"${FILESDIR}/${PN}-2.1.26-openssl-1.1.patch" #592528
 )
 
 pkg_setup() {
@@ -65,7 +66,7 @@ pkg_setup() {
 }
 
 src_prepare() {
-	epatch "${PATCHES[@]}"
+	default
 
 	# Get rid of the -R switch (runpath_switch for Sun)
 	# >=gcc-4.6 errors out with unknown option
@@ -103,73 +104,66 @@ multilib_src_configure() {
 	# Java support.
 	multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}"
 
-	local myconf=()
-
-	# Add authdaemond support (bug #56523).
-	if use authdaemond ; then
-		myconf+=( --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket )
-	fi
-
-	# Fix for bug #59634.
-	if ! use ssl ; then
-		myconf+=( --without-des )
-	fi
+	local myeconfargs=(
+		--enable-login
+		--enable-ntlm
+		--enable-auth-sasldb
+		--disable-cmulocal
+		--disable-krb4
+		--disable-macos-framework
+		--enable-otp
+		--without-sqlite
+		--with-saslauthd="${EPREFIX}"/run/saslauthd
+		--with-pwcheck="${EPREFIX}"/run/saslauthd
+		--with-configdir="${EPREFIX}"/etc/sasl2
+		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sasl2
+		--with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2
+		$(use_with ssl openssl)
+		$(use_with pam)
+		$(use_with openldap ldap)
+		$(use_enable ldapdb)
+		$(multilib_native_use_enable sample)
+		$(use_enable kerberos gssapi)
+		$(multilib_native_use_enable java)
+		$(multilib_native_use_with java javahome ${JAVA_HOME})
+		$(multilib_native_use_with mysql mysql "${EPREFIX}"/usr)
+		$(multilib_native_use_with postgres pgsql)
+		$(use_with sqlite sqlite3 "${EPREFIX}"/usr/$(get_libdir))
+		$(use_enable srp)
+		$(use_enable static-libs static)
+
+		# Add authdaemond support (bug #56523).
+		$(usex authdaemond --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket '')
+
+		# Fix for bug #59634.
+		$(usex ssl '' --without-des)
+
+		# Use /dev/urandom instead of /dev/random (bug #46038).
+		$(usex urandom --with-devrandom=/dev/urandom '')
+	)
 
 	if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then
-		myconf+=( --enable-sql )
+		myeconfargs+=( --enable-sql )
 	else
-		myconf+=( --disable-sql )
+		myeconfargs+=( --disable-sql )
 	fi
 
 	# Default to GDBM if both 'gdbm' and 'berkdb' are present.
 	if use gdbm ; then
 		einfo "Building with GNU DB as database backend for your SASLdb"
-		myconf+=( --with-dblib=gdbm )
+		myeconfargs+=( --with-dblib=gdbm )
 	elif use berkdb ; then
 		einfo "Building with BerkeleyDB as database backend for your SASLdb"
-		myconf+=(
+		myeconfargs+=(
 			--with-dblib=berkeley
 			--with-bdb-incdir="$(db_includedir)"
 		)
 	else
 		einfo "Building without SASLdb support"
-		myconf+=( --with-dblib=none )
-	fi
-
-	# Use /dev/urandom instead of /dev/random (bug #46038).
-	if use urandom ; then
-		myconf+=( --with-devrandom=/dev/urandom )
+		myeconfargs+=( --with-dblib=none )
 	fi
 
-	ECONF_SOURCE=${S} \
-	econf \
-		--enable-login \
-		--enable-ntlm \
-		--enable-auth-sasldb \
-		--disable-cmulocal \
-		--disable-krb4 \
-		--disable-macos-framework \
-		--enable-otp \
-		--without-sqlite \
-		--with-saslauthd="${EPREFIX}"/run/saslauthd \
-		--with-pwcheck="${EPREFIX}"/run/saslauthd \
-		--with-configdir="${EPREFIX}"/etc/sasl2 \
-		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sasl2 \
-		--with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2 \
-		$(use_with ssl openssl) \
-		$(use_with pam) \
-		$(use_with openldap ldap) \
-		$(use_enable ldapdb) \
-		$(multilib_native_use_enable sample) \
-		$(use_enable kerberos gssapi) \
-		$(multilib_native_use_enable java) \
-		$(multilib_native_use_with java javahome ${JAVA_HOME}) \
-		$(multilib_native_use_with mysql mysql "${EPREFIX}"/usr) \
-		$(multilib_native_use_with postgres pgsql) \
-		$(use_with sqlite sqlite3 "${EPREFIX}"/usr/$(get_libdir)) \
-		$(use_enable srp) \
-		$(use_enable static-libs static) \
-		"${myconf[@]}"
+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
 }
 
 multilib_src_compile() {
@@ -215,7 +209,9 @@ multilib_src_install_all() {
 
 	dodoc AUTHORS ChangeLog NEWS README doc/TODO doc/*.txt
 	newdoc pwcheck/README README.pwcheck
-	dohtml doc/*.html
+
+	docinto html
+	dodoc doc/*.html
 
 	docinto "saslauthd"
 	dodoc saslauthd/{AUTHORS,ChangeLog,LDAP_SASLAUTHD,NEWS,README}
@@ -233,8 +229,9 @@ multilib_src_install_all() {
 	# The get_modname bit is important: do not remove the .la files on
 	# platforms where the lib isn't called .so for cyrus searches the .la to
 	# figure out what the name is supposed to be instead
-	use static-libs || [[ $(get_modname) != .so ]] || \
-		prune_libtool_files --modules
+	if ! use static-libs && [[ $(get_modname) == .so ]] ; then
+		find "${ED}" -name "*.la" -delete || die
+	fi
 }
 
 pkg_postinst () {

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch
index 9eeab1b42ff..beea8eb28d1 100644
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch
@@ -1,6 +1,6 @@
 Gentoo bug #389349
---- cmulocal/sasl2.m4	2009-04-28 17:09:13.000000000 +0200
-+++ cmulocal/sasl2.m4	2011-11-02 17:55:24.000000000 +0100
+--- a/cmulocal/sasl2.m4
++++ b/cmulocal/sasl2.m4
 @@ -217,7 +217,11 @@
                   [AC_WARN([Cybersafe define not found])])
  

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-fix_heimdal.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-fix_heimdal.patch
index abf0df2568c..92be2600348 100644
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-fix_heimdal.patch
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-fix_heimdal.patch
@@ -1,7 +1,7 @@
 Fix compiling against heimdal
 
---- sample/server.c	2010-12-01 14:52:55.000000000 +0000
-+++ sample/server.c	2011-11-30 14:54:42.000000000 +0000
+--- a/sample/server.c
++++ b/sample/server.c
 @@ -85,8 +85,10 @@
  
  #ifdef HAVE_GSS_GET_NAME_ATTRIBUTE
@@ -13,8 +13,8 @@ Fix compiling against heimdal
  
  #include "common.h"
  
---- plugins/gssapi.c	2011-05-11 19:25:55.000000000 +0000
-+++ plugins/gssapi.c	2011-11-30 14:54:33.000000000 +0000
+--- a/plugins/gssapi.c
++++ b/plugins/gssapi.c
 @@ -50,6 +50,9 @@
  #else
  #include <gssapi/gssapi.h>

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-missing_header.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-missing_header.patch
index 597d45a7679..a413e00bf42 100644
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-missing_header.patch
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-missing_header.patch
@@ -1,5 +1,5 @@
---- pwcheck/pwcheck_getspnam.c	1999-08-26 19:22:44.000000000 +0300
-+++ pwcheck/pwcheck_getspnam.c	2011-11-30 13:22:24.601023316 +0200
+--- a/pwcheck/pwcheck_getspnam.c
++++ b/pwcheck/pwcheck_getspnam.c
 @@ -24,6 +24,7 @@
  ******************************************************************/
  

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-service_keytabs.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-service_keytabs.patch
index 117e8eb8880..43b6162a66f 100644
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-service_keytabs.patch
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-service_keytabs.patch
@@ -1,6 +1,6 @@
 Bug #445932
---- cmulocal/sasl2.m4	2011-09-02 12:58:00.000000000 +0000
-+++ cmulocal/sasl2.m4	2012-12-05 08:37:16.425811319 +0000
+--- a/cmulocal/sasl2.m4
++++ b/cmulocal/sasl2.m4
 @@ -268,7 +268,11 @@
  
    cmu_save_LIBS="$LIBS"
@@ -14,8 +14,8 @@ Bug #445932
    AC_CHECK_FUNCS(gss_decapsulate_token)
    AC_CHECK_FUNCS(gss_encapsulate_token)
    AC_CHECK_FUNCS(gss_oid_equal)
---- plugins/gssapi.c	2012-12-05 09:03:31.000220161 +0000
-+++ plugins/gssapi.c	2012-12-05 09:01:55.043380204 +0000
+--- a/plugins/gssapi.c
++++ b/plugins/gssapi.c
 @@ -50,7 +50,7 @@
  #else
  #include <gssapi/gssapi.h>

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-fix_dovecot_authentication.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-fix_dovecot_authentication.patch
index 46bbdd1ca1a..6fc9de80287 100644
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-fix_dovecot_authentication.patch
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-fix_dovecot_authentication.patch
@@ -1,6 +1,6 @@
 Bug #510320
---- saslauthd/auth_rimap.c	2012-10-12 14:05:48.000000000 +0000
-+++ saslauthd/auth_rimap.c	2014-05-15 05:23:02.000000000 +0000
+--- a/saslauthd/auth_rimap.c
++++ b/saslauthd/auth_rimap.c
 @@ -371,7 +371,7 @@
      if ( rc>0 ) {
          /* check if there is more to read */
@@ -65,8 +65,8 @@ Bug #510320
                   rc += ret;
                }
             }
---- lib/checkpw.c	2012-01-27 23:31:36.000000000 +0000
-+++ lib/checkpw.c	2014-05-15 05:19:35.000000000 +0000
+--- a/lib/checkpw.c
++++ b/lib/checkpw.c
 @@ -587,16 +587,14 @@
  	    /* Timeout. */
  	    errno = ETIMEDOUT;

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-missing-size_t.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-missing-size_t.patch
index 42f20fb8096..0177b52567f 100644
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-missing-size_t.patch
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-missing-size_t.patch
@@ -1,6 +1,6 @@
 Gentoo bug #458790
---- include/sasl.h	2012-10-12 17:05:48.000000000 +0300
-+++ include/sasl.h	2013-02-23 16:56:44.648786268 +0200
+--- a/include/sasl.h
++++ b/include/sasl.h
 @@ -121,6 +121,9 @@
  #ifndef SASL_H
  #define SASL_H 1

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-openssl-1.1.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-openssl-1.1.patch
new file mode 100644
index 00000000000..3b0ffac24f0
--- /dev/null
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-openssl-1.1.patch
@@ -0,0 +1,353 @@
+diff --git a/plugins/ntlm.c b/plugins/ntlm.c
+index 79ea47c..554a00d 100644
+--- a/plugins/ntlm.c
++++ b/plugins/ntlm.c
+@@ -417,6 +417,29 @@ static unsigned char *P24(unsigned char *P24, unsigned char *P21,
+     return P24;
+ }
+ 
++static HMAC_CTX *_plug_HMAC_CTX_new(const sasl_utils_t *utils)
++{
++    utils->log(NULL, SASL_LOG_DEBUG, "_plug_HMAC_CTX_new()");
++
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++    return HMAC_CTX_new();
++#else
++    return utils->malloc(sizeof(EVP_MD_CTX));
++#endif
++}
++
++static void _plug_HMAC_CTX_free(HMAC_CTX *ctx, const sasl_utils_t *utils)
++{
++    utils->log(NULL, SASL_LOG_DEBUG, "_plug_HMAC_CTX_free()");
++
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++    HMAC_CTX_free(ctx);
++#else
++    HMAC_cleanup(ctx);
++    utils->free(ctx);
++#endif
++}
++
+ static unsigned char *V2(unsigned char *V2, sasl_secret_t *passwd,
+ 			 const char *authid, const char *target,
+ 			 const unsigned char *challenge,
+@@ -424,7 +447,7 @@ static unsigned char *V2(unsigned char *V2, sasl_secret_t *passwd,
+ 			 const sasl_utils_t *utils,
+ 			 char **buf, unsigned *buflen, int *result)
+ {
+-    HMAC_CTX ctx;
++    HMAC_CTX *ctx = NULL;
+     unsigned char hash[EVP_MAX_MD_SIZE];
+     char *upper;
+     unsigned int len;
+@@ -435,6 +458,10 @@ static unsigned char *V2(unsigned char *V2, sasl_secret_t *passwd,
+ 	SETERROR(utils, "cannot allocate NTLMv2 hash");
+ 	*result = SASL_NOMEM;
+     }
++    else if ((ctx = _plug_HMAC_CTX_new(utils)) == NULL) {
++        SETERROR(utils, "cannot allocate HMAC CTX");
++        *result = SASL_NOMEM;
++    }
+     else {
+ 	/* NTLMv2hash = HMAC-MD5(NTLMhash, unicode(ucase(authid + domain))) */
+ 	P16_nt(hash, passwd, utils, buf, buflen, result);
+@@ -449,17 +476,18 @@ static unsigned char *V2(unsigned char *V2, sasl_secret_t *passwd,
+ 	HMAC(EVP_md5(), hash, MD4_DIGEST_LENGTH, *buf, 2 * len, hash, &len);
+ 
+ 	/* V2 = HMAC-MD5(NTLMv2hash, challenge + blob) + blob */
+-	HMAC_Init(&ctx, hash, len, EVP_md5());
+-	HMAC_Update(&ctx, challenge, NTLM_NONCE_LENGTH);
+-	HMAC_Update(&ctx, blob, bloblen);
+-	HMAC_Final(&ctx, V2, &len);
+-	HMAC_cleanup(&ctx);
++	HMAC_Init_ex(ctx, hash, len, EVP_md5(), NULL);
++	HMAC_Update(ctx, challenge, NTLM_NONCE_LENGTH);
++	HMAC_Update(ctx, blob, bloblen);
++	HMAC_Final(ctx, V2, &len);
+ 
+ 	/* the blob is concatenated outside of this function */
+ 
+ 	*result = SASL_OK;
+     }
+ 
++    if (ctx) _plug_HMAC_CTX_free(ctx, utils);
++
+     return V2;
+ }
+ 
+diff --git a/plugins/otp.c b/plugins/otp.c
+index dd73065..d1e9bf4 100644
+--- a/plugins/otp.c
++++ b/plugins/otp.c
+@@ -96,6 +96,28 @@ static algorithm_option_t algorithm_options[] = {
+     {NULL,	0,	NULL}
+ };
+ 
++static EVP_MD_CTX *_plug_EVP_MD_CTX_new(const sasl_utils_t *utils)
++{
++    utils->log(NULL, SASL_LOG_DEBUG, "_plug_EVP_MD_CTX_new()");
++
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++    return EVP_MD_CTX_new();
++#else
++    return utils->malloc(sizeof(EVP_MD_CTX));
++#endif
++}
++
++static void _plug_EVP_MD_CTX_free(EVP_MD_CTX *ctx, const sasl_utils_t *utils)
++{
++    utils->log(NULL, SASL_LOG_DEBUG, "_plug_EVP_MD_CTX_free()");
++
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++    EVP_MD_CTX_free(ctx);
++#else
++    utils->free(ctx);
++#endif
++}
++
+ /* Convert the binary data into ASCII hex */
+ void bin2hex(unsigned char *bin, int binlen, char *hex)
+ {
+@@ -116,17 +138,16 @@ void bin2hex(unsigned char *bin, int binlen, char *hex)
+  * swabbing bytes if necessary.
+  */
+ static void otp_hash(const EVP_MD *md, char *in, size_t inlen,
+-		     unsigned char *out, int swab)
++		     unsigned char *out, int swab, EVP_MD_CTX *mdctx)
+ {
+-    EVP_MD_CTX mdctx;
+     char hash[EVP_MAX_MD_SIZE];
+     unsigned int i;
+     int j;
+     unsigned hashlen;
+     
+-    EVP_DigestInit(&mdctx, md);
+-    EVP_DigestUpdate(&mdctx, in, inlen);
+-    EVP_DigestFinal(&mdctx, hash, &hashlen);
++    EVP_DigestInit(mdctx, md);
++    EVP_DigestUpdate(mdctx, in, inlen);
++    EVP_DigestFinal(mdctx, hash, &hashlen);
+     
+     /* Fold the result into 64 bits */
+     for (i = OTP_HASH_SIZE; i < hashlen; i++) {
+@@ -149,7 +170,9 @@ static int generate_otp(const sasl_utils_t *utils,
+ 			char *secret, char *otp)
+ {
+     const EVP_MD *md;
+-    char *key;
++    EVP_MD_CTX *mdctx = NULL;
++    char *key = NULL;
++    int r = SASL_OK;
+     
+     if (!(md = EVP_get_digestbyname(alg->evp_name))) {
+ 	utils->seterror(utils->conn, 0,
+@@ -157,23 +180,32 @@ static int generate_otp(const sasl_utils_t *utils,
+ 	return SASL_FAIL;
+     }
+     
++    if ((mdctx = _plug_EVP_MD_CTX_new(utils)) == NULL) {
++	SETERROR(utils, "cannot allocate MD CTX");
++	r = SASL_NOMEM;
++        goto done;
++    }
++    
+     if ((key = utils->malloc(strlen(seed) + strlen(secret) + 1)) == NULL) {
+ 	SETERROR(utils, "cannot allocate OTP key");
+-	return SASL_NOMEM;
++	r = SASL_NOMEM;
++        goto done;
+     }
+     
+     /* initial step */
+     strcpy(key, seed);
+     strcat(key, secret);
+-    otp_hash(md, key, strlen(key), otp, alg->swab);
++    otp_hash(md, key, strlen(key), otp, alg->swab, mdctx);
+     
+     /* computation step */
+     while (seq-- > 0)
+-	otp_hash(md, otp, OTP_HASH_SIZE, otp, alg->swab);
++	otp_hash(md, otp, OTP_HASH_SIZE, otp, alg->swab, mdctx);
+     
+-    utils->free(key);
++  done:
++    if (key) utils->free(key);
++    if (mdctx) _plug_EVP_MD_CTX_free(mdctx, utils);
+     
+-    return SASL_OK;
++    return r;
+ }
+ 
+ static int parse_challenge(const sasl_utils_t *utils,
+@@ -693,7 +725,8 @@ static int strptrcasecmp(const void *arg1, const void *arg2)
+ 
+ /* Convert the 6 words into binary data */
+ static int word2bin(const sasl_utils_t *utils,
+-		    char *words, unsigned char *bin, const EVP_MD *md)
++		    char *words, unsigned char *bin, const EVP_MD *md,
++                     EVP_MD_CTX *mdctx)
+ {
+     int i, j;
+     char *c, *word, buf[OTP_RESPONSE_MAX+1];
+@@ -752,13 +785,12 @@ static int word2bin(const sasl_utils_t *utils,
+ 	
+ 	/* alternate dictionary */
+ 	if (alt_dict) {
+-	    EVP_MD_CTX mdctx;
+ 	    char hash[EVP_MAX_MD_SIZE];
+ 	    int hashlen;
+ 	    
+-	    EVP_DigestInit(&mdctx, md);
+-	    EVP_DigestUpdate(&mdctx, word, strlen(word));
+-	    EVP_DigestFinal(&mdctx, hash, &hashlen);
++	    EVP_DigestInit(mdctx, md);
++	    EVP_DigestUpdate(mdctx, word, strlen(word));
++	    EVP_DigestFinal(mdctx, hash, &hashlen);
+ 	    
+ 	    /* use lowest 11 bits */
+ 	    x = ((hash[hashlen-2] & 0x7) << 8) | hash[hashlen-1];
+@@ -802,6 +834,7 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils,
+ 			   char *response)
+ {
+     const EVP_MD *md;
++    EVP_MD_CTX *mdctx = NULL;
+     char *c;
+     int do_init = 0;
+     unsigned char cur_otp[OTP_HASH_SIZE], prev_otp[OTP_HASH_SIZE];
+@@ -815,6 +848,11 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils,
+ 	return SASL_FAIL;
+     }
+     
++    if ((mdctx = _plug_EVP_MD_CTX_new(utils)) == NULL) {
++	SETERROR(utils, "cannot allocate MD CTX");
++	return SASL_NOMEM;
++    }
++    
+     /* eat leading whitespace */
+     c = response;
+     while (isspace((int) *c)) c++;
+@@ -824,7 +862,7 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils,
+ 	    r = hex2bin(c+strlen(OTP_HEX_TYPE), cur_otp, OTP_HASH_SIZE);
+ 	}
+ 	else if (!strncasecmp(c, OTP_WORD_TYPE, strlen(OTP_WORD_TYPE))) {
+-	    r = word2bin(utils, c+strlen(OTP_WORD_TYPE), cur_otp, md);
++	    r = word2bin(utils, c+strlen(OTP_WORD_TYPE), cur_otp, md, mdctx);
+ 	}
+ 	else if (!strncasecmp(c, OTP_INIT_HEX_TYPE,
+ 			      strlen(OTP_INIT_HEX_TYPE))) {
+@@ -834,7 +872,7 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils,
+ 	else if (!strncasecmp(c, OTP_INIT_WORD_TYPE,
+ 			      strlen(OTP_INIT_WORD_TYPE))) {
+ 	    do_init = 1;
+-	    r = word2bin(utils, c+strlen(OTP_INIT_WORD_TYPE), cur_otp, md);
++	    r = word2bin(utils, c+strlen(OTP_INIT_WORD_TYPE), cur_otp, md, mdctx);
+ 	}
+ 	else {
+ 	    SETERROR(utils, "unknown OTP extended response type");
+@@ -843,14 +881,14 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils,
+     }
+     else {
+ 	/* standard response, try word first, and then hex */
+-	r = word2bin(utils, c, cur_otp, md);
++	r = word2bin(utils, c, cur_otp, md, mdctx);
+ 	if (r != SASL_OK)
+ 	    r = hex2bin(c, cur_otp, OTP_HASH_SIZE);
+     }
+     
+     if (r == SASL_OK) {
+ 	/* do one more hash (previous otp) and compare to stored otp */
+-	otp_hash(md, cur_otp, OTP_HASH_SIZE, prev_otp, text->alg->swab);
++	otp_hash(md, cur_otp, OTP_HASH_SIZE, prev_otp, text->alg->swab, mdctx);
+ 	
+ 	if (!memcmp(prev_otp, text->otp, OTP_HASH_SIZE)) {
+ 	    /* update the secret with this seq/otp */
+@@ -879,23 +917,28 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils,
+ 		*new_resp++ = '\0';
+ 	}
+ 	
+-	if (!(new_chal && new_resp))
+-	    return SASL_BADAUTH;
++	if (!(new_chal && new_resp)) {
++	    r = SASL_BADAUTH;
++            goto done;
++        }
+ 	
+ 	if ((r = parse_challenge(utils, new_chal, &alg, &seq, seed, 1))
+ 	    != SASL_OK) {
+-	    return r;
++            goto done;
+ 	}
+ 	
+-	if (seq < 1 || !strcasecmp(seed, text->seed))
+-	    return SASL_BADAUTH;
++	if (seq < 1 || !strcasecmp(seed, text->seed)) {
++	    r = SASL_BADAUTH;
++            goto done;
++        }
+ 	
+ 	/* find the MDA */
+ 	if (!(md = EVP_get_digestbyname(alg->evp_name))) {
+ 	    utils->seterror(utils->conn, 0,
+ 			    "OTP algorithm %s is not available",
+ 			    alg->evp_name);
+-	    return SASL_BADAUTH;
++	    r = SASL_BADAUTH;
++            goto done;
+ 	}
+ 	
+ 	if (!strncasecmp(c, OTP_INIT_HEX_TYPE, strlen(OTP_INIT_HEX_TYPE))) {
+@@ -903,7 +946,7 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils,
+ 	}
+ 	else if (!strncasecmp(c, OTP_INIT_WORD_TYPE,
+ 			      strlen(OTP_INIT_WORD_TYPE))) {
+-	    r = word2bin(utils, new_resp, new_otp, md);
++	    r = word2bin(utils, new_resp, new_otp, md, mdctx);
+ 	}
+ 	
+ 	if (r == SASL_OK) {
+@@ -914,7 +957,10 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils,
+ 	    memcpy(text->otp, new_otp, OTP_HASH_SIZE);
+ 	}
+     }
+-    
++
++  done:
++    if (mdctx) _plug_EVP_MD_CTX_free(mdctx, utils);
++
+     return r;
+ }
+ 
+@@ -1443,8 +1489,10 @@ int otp_server_plug_init(const sasl_utils_t *utils,
+     *pluglist = otp_server_plugins;
+     *plugcount = 1;  
+     
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+     /* Add all digests */
+     OpenSSL_add_all_digests();
++#endif
+     
+     return SASL_OK;
+ }
+@@ -1844,8 +1892,10 @@ int otp_client_plug_init(sasl_utils_t *utils,
+     *pluglist = otp_client_plugins;
+     *plugcount = 1;
+     
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+     /* Add all digests */
+     OpenSSL_add_all_digests();
++#endif
+     
+     return SASL_OK;
+ }
+--- a/saslauthd/lak.c
++++ b/saslauthd/lak.c
+@@ -729,7 +729,7 @@ int lak_init(
+ 		return rc;
+ 	}
+ 
+-#ifdef HAVE_OPENSSL
++#if defined(HAVE_OPENSSL) && OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	OpenSSL_add_all_digests();
+ #endif
+ 


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/, dev-libs/cyrus-sasl/files/
@ 2019-01-01 16:05 Lars Wendler
  0 siblings, 0 replies; 9+ messages in thread
From: Lars Wendler @ 2019-01-01 16:05 UTC (permalink / raw
  To: gentoo-commits

commit:     2f807113037587cd4572a79022313e7f66858e4e
Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Tue Nov 20 10:58:18 2018 +0000
Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Tue Jan  1 16:05:46 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2f807113

dev-libs/cyrus-sasl: Bump to version 2.1.27

Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
Closes: https://github.com/gentoo/gentoo/pull/10454
Closes: https://bugs.gentoo.org/592528
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>

 dev-libs/cyrus-sasl/Manifest                       |   1 +
 dev-libs/cyrus-sasl/cyrus-sasl-2.1.27.ebuild       | 251 +++++++++++++++++++++
 .../files/cyrus-sasl-2.1.27-as_needed.patch        |  25 ++
 .../files/cyrus-sasl-2.1.27-autotools_fixes.patch  |  31 +++
 .../cyrus-sasl-2.1.27-avoid_pic_overwrite.patch    |  17 ++
 .../files/cyrus-sasl-2.1.27-doc_build_fix.patch    |  11 +
 ...us-sasl-2.1.27-gss_c_nt_hostbased_service.patch |  16 ++
 7 files changed, 352 insertions(+)

diff --git a/dev-libs/cyrus-sasl/Manifest b/dev-libs/cyrus-sasl/Manifest
index 2d6baa82c81..5a11cc2bfeb 100644
--- a/dev-libs/cyrus-sasl/Manifest
+++ b/dev-libs/cyrus-sasl/Manifest
@@ -1 +1,2 @@
 DIST cyrus-sasl-2.1.26.tar.gz 5220231 BLAKE2B 08fe5c1624e7cccb4b5e562f6987fddd047e1221b671cedbbb684d5a2f39e09a438ad14ffcedb5f398c203ca0b6e23574106c87f43a632028d50a69619c54970 SHA512 78819cb9bb38bea4537d6770d309deeeef09ff44a67526177609d3e1257ff4334d2b5e5131d5a1e4dea7430d8db1918ea9d171f0dee38b5e8337f4b72ed068f0
+DIST cyrus-sasl-2.1.27.tar.gz 4111249 BLAKE2B 82c9acce8534521ce5c5806f093e927f1854b4bc4b83ea7db1b32ceaa811adc1a5b6fc16d03233d729194cd603836f6e58de67f915abab2cb74561a80d03f5a8 SHA512 d11549a99b3b06af79fc62d5478dba3305d7e7cc0824f4b91f0d2638daafbe940623eab235f85af9be38dcf5d42fc131db531c177040a85187aee5096b8df63b

diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27.ebuild
new file mode 100644
index 00000000000..09fe5b51147
--- /dev/null
+++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27.ebuild
@@ -0,0 +1,251 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd eapi7-ver
+
+SASLAUTHD_CONF_VER="2.1.26"
+
+DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"
+HOMEPAGE="https://www.cyrusimap.org/sasl/"
+SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"
+
+LICENSE="BSD-with-attribution"
+SLOT="2"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="authdaemond berkdb gdbm kerberos ldapdb libressl openldap mysql pam postgres sample selinux sqlite srp ssl static-libs urandom"
+
+CDEPEND="
+	net-mail/mailbase
+	authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) )
+	berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )
+	gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] )
+	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
+	openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )
+	mysql? ( virtual/mysql )
+	pam? ( >=virtual/pam-0-r1[${MULTILIB_USEDEP}] )
+	postgres? ( dev-db/postgresql:* )
+	sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] )
+	ssl? (
+		!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
+		libressl? ( dev-libs/libressl:=[${MULTILIB_USEDEP}] )
+	)
+	java? ( >=virtual/jdk-1.6:= )"
+
+RDEPEND="
+	${CDEPEND}
+	selinux? ( sec-policy/selinux-sasl )"
+
+DEPEND="${CDEPEND}
+	dev-perl/Pod-POM-View-Restructured
+	dev-python/sphinx"
+
+MULTILIB_WRAPPED_HEADERS=(
+	/usr/include/sasl/md5global.h
+)
+
+PATCHES=(
+	"${FILESDIR}/${PN}-2.1.27-avoid_pic_overwrite.patch"
+	"${FILESDIR}/${PN}-2.1.27-autotools_fixes.patch"
+	"${FILESDIR}/${PN}-2.1.27-as_needed.patch"
+	"${FILESDIR}/${PN}-2.1.25-auxprop.patch"
+	"${FILESDIR}/${PN}-2.1.27-gss_c_nt_hostbased_service.patch"
+	"${FILESDIR}/${PN}-2.1.26-missing-size_t.patch"
+	"${FILESDIR}/${PN}-2.1.27-doc_build_fix.patch"
+)
+
+pkg_setup() {
+	java-pkg-opt-2_pkg_setup
+}
+
+src_prepare() {
+	default
+
+	# Get rid of the -R switch (runpath_switch for Sun)
+	# >=gcc-4.6 errors out with unknown option
+	sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \
+		configure.ac || die
+
+	# Use plugindir for sasldir
+	sed -i '/^sasldir =/s:=.*:= $(plugindir):' \
+		"${S}"/plugins/Makefile.{am,in} || die "sed failed"
+
+	# #486740 #468556
+	sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \
+		-e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \
+		configure.ac || die
+
+	eautoreconf
+}
+
+src_configure() {
+	append-flags -fno-strict-aliasing
+	if [[ ${CHOST} == *-solaris* ]] ; then
+		# getpassphrase is defined in /usr/include/stdlib.h
+		append-cppflags -DHAVE_GETPASSPHRASE
+	else
+		# this horrendously breaks things on Solaris
+		append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED
+	fi
+
+	multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+	# Java support.
+	multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}"
+
+	local myeconfargs=(
+		--enable-login
+		--enable-ntlm
+		--enable-auth-sasldb
+		--disable-cmulocal
+		--disable-krb4
+		--disable-macos-framework
+		--enable-otp
+		--without-sqlite
+		--with-saslauthd="${EPREFIX}"/run/saslauthd
+		--with-pwcheck="${EPREFIX}"/run/saslauthd
+		--with-configdir="${EPREFIX}"/etc/sasl2
+		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sasl2
+		--with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2
+		$(use_with ssl openssl)
+		$(use_with pam)
+		$(use_with openldap ldap)
+		$(use_enable ldapdb)
+		$(multilib_native_use_enable sample)
+		$(use_enable kerberos gssapi)
+		$(multilib_native_use_enable java)
+		$(multilib_native_use_with mysql mysql "${EPREFIX}"/usr)
+		$(multilib_native_use_with postgres pgsql "${EPREFIX}"/usr/$(get_libdir)/postgresql)
+		$(use_with sqlite sqlite3 "${EPREFIX}"/usr/$(get_libdir))
+		$(use_enable srp)
+		$(use_enable static-libs static)
+
+		# Add authdaemond support (bug #56523).
+		$(usex authdaemond --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket '')
+
+		# Fix for bug #59634.
+		$(usex ssl '' --without-des)
+
+		# Use /dev/urandom instead of /dev/random (bug #46038).
+		$(usex urandom --with-devrandom=/dev/urandom '')
+	)
+
+	if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then
+		myeconfargs+=( --enable-sql )
+	else
+		myeconfargs+=( --disable-sql )
+	fi
+
+	# Default to GDBM if both 'gdbm' and 'berkdb' are present.
+	if use gdbm ; then
+		einfo "Building with GNU DB as database backend for your SASLdb"
+		myeconfargs+=( --with-dblib=gdbm )
+	elif use berkdb ; then
+		einfo "Building with BerkeleyDB as database backend for your SASLdb"
+		myeconfargs+=(
+			--with-dblib=berkeley
+			--with-bdb-incdir="$(db_includedir)"
+		)
+	else
+		einfo "Building without SASLdb support"
+		myeconfargs+=( --with-dblib=none )
+	fi
+
+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+}
+
+multilib_src_compile() {
+	emake
+
+	# Default location for java classes breaks OpenOffice (bug #60769).
+	# Thanks to axxo@gentoo.org for the solution.
+	if multilib_is_native_abi && use java ; then
+		jar -cvf ${PN}.jar -C java $(find java -name "*.class")
+	fi
+}
+
+multilib_src_install() {
+	default
+
+	if multilib_is_native_abi; then
+		if use sample ; then
+			docinto sample
+			dodoc "${S}"/sample/*.c
+			exeinto /usr/share/doc/${P}/sample
+			doexe sample/client sample/server
+		fi
+
+		# Default location for java classes breaks OpenOffice (bug #60769).
+		if use java; then
+			java-pkg_dojar ${PN}.jar
+			java-pkg_regso "${ED}/usr/$(get_libdir)/libjavasasl$(get_libname)"
+			# hackish, don't wanna dig through makefile
+			rm -rf "${ED}/usr/$(get_libdir)/java" || die
+			docinto "java"
+			dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/*
+			dodir "/usr/share/doc/${PF}/java/Test"
+			insinto "/usr/share/doc/${PF}/java/Test"
+			doins "${S}"/java/Test/*.java
+		fi
+
+		dosbin saslauthd/testsaslauthd
+	fi
+}
+
+multilib_src_install_all() {
+	keepdir /etc/sasl2
+
+	dodoc AUTHORS ChangeLog doc/legacy/TODO
+	newdoc pwcheck/README README.pwcheck
+
+	newdoc docsrc/sasl/release-notes/$(ver_cut 1-2)/index.rst release-notes
+	edos2unix ${ED%/}/usr/share/doc/${PF}/release-notes
+
+	docinto html
+	dodoc doc/html/*.html
+
+	newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd
+
+	newinitd "${FILESDIR}/pwcheck.rc6" pwcheck
+	systemd_dounit "${FILESDIR}/pwcheck.service"
+
+	newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd
+	newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd
+	systemd_dounit "${FILESDIR}/saslauthd.service"
+	systemd_dotmpfilesd "${FILESDIR}/${PN}.conf"
+
+	# The get_modname bit is important: do not remove the .la files on
+	# platforms where the lib isn't called .so for cyrus searches the .la to
+	# figure out what the name is supposed to be instead
+	if ! use static-libs && [[ $(get_modname) == .so ]] ; then
+		find "${ED}" -name "*.la" -delete || die
+	fi
+}
+
+pkg_postinst () {
+	# Generate an empty sasldb2 with correct permissions.
+	if ( use berkdb || use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then
+		einfo "Generating an empty sasldb2 with correct permissions ..."
+		echo "p" | "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -p login \
+			|| die "Failed to generate sasldb2"
+		"${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -d login \
+			|| die "Failed to delete temp user"
+		chown root:mail "${EROOT}/etc/sasl2/sasldb2" \
+			|| die "Failed to chown ${EROOT}/etc/sasl2/sasldb2"
+		chmod 0640 "${EROOT}/etc/sasl2/sasldb2" \
+			|| die "Failed to chmod ${EROOT}/etc/sasl2/sasldb2"
+	fi
+
+	if use authdaemond ; then
+		elog "You need to add a user running a service using Courier's"
+		elog "authdaemon to the 'mail' group. For example, do:"
+		elog "	gpasswd -a postfix mail"
+		elog "to add the 'postfix' user to the 'mail' group."
+	fi
+
+	elog "pwcheck and saslauthd home directories have moved to:"
+	elog "  /run/saslauthd, using tmpfiles.d"
+}

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-as_needed.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-as_needed.patch
new file mode 100644
index 00000000000..7cd9e151fbb
--- /dev/null
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-as_needed.patch
@@ -0,0 +1,25 @@
+Author: Matthias Klose <doko@ubuntu.com>
+Desription: Fix FTBFS, add $(SASL_DB_LIB) as dependency to libsasldb, and use
+it.
+--- cyrus-sasl-2.1.27/saslauthd/Makefile.am
++++ cyrus-sasl-2.1.27/saslauthd/Makefile.am
+@@ -25,7 +25,7 @@
+ saslauthd_DEPENDENCIES = saslauthd-main.o $(LTLIBOBJS_FULL)
+ saslauthd_LDADD	= @SASL_KRB_LIB@ \
+ 		  @GSSAPIBASE_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \
+-		  @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS)
++		  @LIB_SOCKET@ ../sasldb/libsasldb.la @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS)
+ 
+ testsaslauthd_SOURCES = testsaslauthd.c utils.c
+ testsaslauthd_LDADD = @LIB_SOCKET@
+--- cyrus-sasl-2.1.27/sasldb/Makefile.am
++++ cyrus-sasl-2.1.27/sasldb/Makefile.am
+@@ -54,6 +54,6 @@
+ 
+ libsasldb_la_SOURCES = allockey.c sasldb.h
+ EXTRA_libsasldb_la_SOURCES = $(extra_common_sources)
+-libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND)
+-libsasldb_la_LIBADD = $(SASL_DB_BACKEND)
++libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
++libsasldb_la_LIBADD = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
+ libsasldb_la_LDFLAGS = -no-undefined

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autotools_fixes.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autotools_fixes.patch
new file mode 100644
index 00000000000..2ce971efc5b
--- /dev/null
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autotools_fixes.patch
@@ -0,0 +1,31 @@
+--- cyrus-sasl-2.1.27/configure.ac
++++ cyrus-sasl-2.1.27/configure.ac
+@@ -44,6 +44,8 @@
+ 
+ AC_PREREQ(2.63)
+ 
++AC_CONFIG_MACRO_DIR([config])
++
+ dnl
+ dnl REMINDER: When changing the version number here, please also update
+ dnl the values in win32/include/config.h and include/sasl.h as well.
+--- cyrus-sasl-2.1.27/Makefile.am
++++ cyrus-sasl-2.1.27/Makefile.am
+@@ -44,6 +44,8 @@
+ #
+ ################################################################
+ 
++ACLOCAL_AMFLAGS = -I config
++
+ if SASLAUTHD
+ SAD = saslauthd
+ else
+--- cyrus-sasl-2.1.27/saslauthd/Makefile.am
++++ cyrus-sasl-2.1.27/saslauthd/Makefile.am
+@@ -1,4 +1,6 @@
+ AUTOMAKE_OPTIONS = 1.7
++ACLOCAL_AMFLAGS = -I ../config
++
+ sbin_PROGRAMS	= saslauthd testsaslauthd
+ EXTRA_PROGRAMS  = saslcache
+ 

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-avoid_pic_overwrite.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-avoid_pic_overwrite.patch
new file mode 100644
index 00000000000..c331039e2f1
--- /dev/null
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-avoid_pic_overwrite.patch
@@ -0,0 +1,17 @@
+Author: Fabian Fagerholm <fabbe@debian.org>
+Description: This patch makes sure the non-PIC version of libsasldb.a, which
+is created out of non-PIC objects, is not going to overwrite the PIC version,
+which is created out of PIC objects. The PIC version is placed in .libs, and
+the non-PIC version in the current directory.  This ensures that both non-PIC
+and PIC versions are available in the correct locations.
+--- cyrus-sasl-2.1.27/lib/Makefile.am
++++ cyrus-sasl-2.1.27/lib/Makefile.am
+@@ -98,7 +98,7 @@
+ 
+ libsasl2.a: libsasl2.la $(SASL_STATIC_OBJS)
+ 	@echo adding static plugins and dependencies
+-	$(AR) cru .libs/$@ $(SASL_STATIC_OBJS)
++	$(AR) cru $@ $(SASL_STATIC_OBJS)
+ 	@for i in ./libsasl2.la ../common/libplugin_common.la ../sasldb/libsasldb.la ../plugins/lib*.la; do \
+ 	if test ! -f $$i; then continue; fi; . $$i; \
+ 	for j in $$dependency_libs foo; do \

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-doc_build_fix.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-doc_build_fix.patch
new file mode 100644
index 00000000000..bdd02f77966
--- /dev/null
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-doc_build_fix.patch
@@ -0,0 +1,11 @@
+--- cyrus-sasl-2.1.27/docsrc/exts/sphinxlocal/writers/manpage.py
++++ cyrus-sasl-2.1.27/docsrc/exts/sphinxlocal/writers/manpage.py
+@@ -23,7 +23,7 @@
+ from sphinx import addnodes
+ from sphinx.locale import admonitionlabels, _
+ from sphinx.util.osutil import ustrftime
+-from sphinx.util.compat import docutils_version
++#from sphinx.util.compat import docutils_version
+ 
+ class CyrusManualPageWriter(ManualPageWriter):
+ 

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-gss_c_nt_hostbased_service.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-gss_c_nt_hostbased_service.patch
new file mode 100644
index 00000000000..c585cb158e1
--- /dev/null
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-gss_c_nt_hostbased_service.patch
@@ -0,0 +1,16 @@
+Gentoo bug #389349
+--- cyrus-sasl-2.1.27/m4/sasl2.m4
++++ cyrus-sasl-2.1.27/m4/sasl2.m4
+@@ -220,7 +220,11 @@
+                  [AC_WARN([Cybersafe define not found])])
+ 
+   elif test "$ac_cv_header_gssapi_h" = "yes"; then
+-    AC_EGREP_HEADER(GSS_C_NT_HOSTBASED_SERVICE, gssapi.h,
++    AC_EGREP_CPP(hostbased_service_gss_nt_yes, gssapi.h,
++                 [#include <gssapi.h>
++                  #ifdef GSS_C_NT_HOSTBASED_SERVICE
++                    hostbased_service_gss_nt_yes
++                  #endif],
+                     [AC_DEFINE(HAVE_GSS_C_NT_HOSTBASED_SERVICE,,
+                                [Define if your GSSAPI implementation defines GSS_C_NT_HOSTBASED_SERVICE])])
+   elif test "$ac_cv_header_gssapi_gssapi_h"; then


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/, dev-libs/cyrus-sasl/files/
@ 2019-12-23 21:41 Thomas Deutschmann
  0 siblings, 0 replies; 9+ messages in thread
From: Thomas Deutschmann @ 2019-12-23 21:41 UTC (permalink / raw
  To: gentoo-commits

commit:     ec41e92e4aec19aa605f5d410ba06cc86e7b48f0
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Mon Dec 23 21:34:38 2019 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Mon Dec 23 21:34:54 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ec41e92e

dev-libs/cyrus-sasl: fix CVE-2019-19906

Bug: https://bugs.gentoo.org/703628
Package-Manager: Portage-2.3.82, Repoman-2.3.20
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

 dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r3.ebuild    | 259 +++++++++++++++++++++
 .../files/cyrus-sasl-2.1.27-CVE-2019-19906.patch   |  20 ++
 2 files changed, 279 insertions(+)

diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r3.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r3.ebuild
new file mode 100644
index 00000000000..25c41df746a
--- /dev/null
+++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r3.ebuild
@@ -0,0 +1,259 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd eapi7-ver
+
+SASLAUTHD_CONF_VER="2.1.26"
+
+DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"
+HOMEPAGE="https://www.cyrusimap.org/sasl/"
+#SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"
+SRC_URI="https://github.com/cyrusimap/${PN}/releases/download/${P}/${P}.tar.gz"
+
+LICENSE="BSD-with-attribution"
+SLOT="2"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="authdaemond berkdb gdbm kerberos ldapdb libressl openldap mysql pam postgres sample selinux sqlite srp ssl static-libs urandom"
+
+CDEPEND="
+	net-mail/mailbase
+	authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) )
+	berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )
+	gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] )
+	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
+	openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )
+	mysql? ( dev-db/mysql-connector-c:0=[${MULTILIB_USEDEP}] )
+	pam? ( >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] )
+	postgres? ( dev-db/postgresql:* )
+	sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] )
+	ssl? (
+		!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
+		libressl? ( dev-libs/libressl:=[${MULTILIB_USEDEP}] )
+	)
+	java? ( >=virtual/jdk-1.6:= )"
+
+REQUIRED_USE="ldapdb? ( openldap )"
+
+RDEPEND="
+	${CDEPEND}
+	selinux? ( sec-policy/selinux-sasl )"
+
+DEPEND="${CDEPEND}"
+
+MULTILIB_WRAPPED_HEADERS=(
+	/usr/include/sasl/md5global.h
+)
+
+PATCHES=(
+	"${FILESDIR}/${PN}-2.1.27-avoid_pic_overwrite.patch"
+	"${FILESDIR}/${PN}-2.1.27-autotools_fixes.patch"
+	"${FILESDIR}/${PN}-2.1.27-as_needed.patch"
+	"${FILESDIR}/${PN}-2.1.25-auxprop.patch"
+	"${FILESDIR}/${PN}-2.1.27-gss_c_nt_hostbased_service.patch"
+	"${FILESDIR}/${PN}-2.1.26-missing-size_t.patch"
+	"${FILESDIR}/${PN}-2.1.27-doc_build_fix.patch"
+	"${FILESDIR}/${PN}-2.1.27-memmem.patch"
+	"${FILESDIR}/${PN}-2.1.27-CVE-2019-19906.patch"
+)
+
+pkg_setup() {
+	java-pkg-opt-2_pkg_setup
+}
+
+src_prepare() {
+	default
+
+	# Get rid of the -R switch (runpath_switch for Sun)
+	# >=gcc-4.6 errors out with unknown option
+	sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \
+		configure.ac || die
+
+	# Use plugindir for sasldir
+	sed -i '/^sasldir =/s:=.*:= $(plugindir):' \
+		"${S}"/plugins/Makefile.{am,in} || die "sed failed"
+
+	# #486740 #468556
+	sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \
+		-e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \
+		configure.ac || die
+
+	eautoreconf
+}
+
+src_configure() {
+	append-flags -fno-strict-aliasing
+	if [[ ${CHOST} == *-solaris* ]] ; then
+		# getpassphrase is defined in /usr/include/stdlib.h
+		append-cppflags -DHAVE_GETPASSPHRASE
+	else
+		# this horrendously breaks things on Solaris
+		append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED
+	fi
+
+	multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+	# Java support.
+	multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}"
+
+	local myeconfargs=(
+		--enable-login
+		--enable-ntlm
+		--enable-auth-sasldb
+		--disable-cmulocal
+		--disable-krb4
+		--disable-macos-framework
+		--enable-otp
+		--without-sqlite
+		--with-saslauthd="${EPREFIX}"/run/saslauthd
+		--with-pwcheck="${EPREFIX}"/run/saslauthd
+		--with-configdir="${EPREFIX}"/etc/sasl2
+		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sasl2
+		--with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2
+		--with-sphinx-build=no
+		$(use_with ssl openssl)
+		$(use_with pam)
+		$(use_with openldap ldap)
+		$(use_enable ldapdb)
+		$(multilib_native_use_enable sample)
+		$(use_enable kerberos gssapi)
+		$(multilib_native_use_enable java)
+		$(multilib_native_use_with mysql mysql "${EPREFIX}"/usr)
+		$(multilib_native_use_with postgres pgsql "${EPREFIX}"/usr/$(get_libdir)/postgresql)
+		$(use_with sqlite sqlite3 "${EPREFIX}"/usr/$(get_libdir))
+		$(use_enable srp)
+		$(use_enable static-libs static)
+
+		# Add authdaemond support (bug #56523).
+		$(usex authdaemond --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket '')
+
+		# Fix for bug #59634.
+		$(usex ssl '' --without-des)
+
+		# Use /dev/urandom instead of /dev/random (bug #46038).
+		$(usex urandom --with-devrandom=/dev/urandom '')
+	)
+
+	if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then
+		myeconfargs+=( --enable-sql )
+	else
+		myeconfargs+=( --disable-sql )
+	fi
+
+	# Default to GDBM if both 'gdbm' and 'berkdb' are present.
+	if use gdbm ; then
+		einfo "Building with GNU DB as database backend for your SASLdb"
+		myeconfargs+=( --with-dblib=gdbm )
+	elif use berkdb ; then
+		einfo "Building with BerkeleyDB as database backend for your SASLdb"
+		myeconfargs+=(
+			--with-dblib=berkeley
+			--with-bdb-incdir="$(db_includedir)"
+		)
+	else
+		einfo "Building without SASLdb support"
+		myeconfargs+=( --with-dblib=none )
+	fi
+
+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+}
+
+multilib_src_compile() {
+	emake
+
+	# Default location for java classes breaks OpenOffice (bug #60769).
+	# Thanks to axxo@gentoo.org for the solution.
+	if multilib_is_native_abi && use java ; then
+		jar -cvf ${PN}.jar -C java $(find java -name "*.class")
+	fi
+}
+
+multilib_src_install() {
+	default
+
+	if multilib_is_native_abi; then
+		if use sample ; then
+			docinto sample
+			dodoc "${S}"/sample/*.c
+			exeinto /usr/share/doc/${P}/sample
+			doexe sample/client sample/server
+		fi
+
+		# Default location for java classes breaks OpenOffice (bug #60769).
+		if use java; then
+			java-pkg_dojar ${PN}.jar
+			java-pkg_regso "${ED}/usr/$(get_libdir)/libjavasasl$(get_libname)"
+			# hackish, don't wanna dig through makefile
+			rm -rf "${ED}/usr/$(get_libdir)/java" || die
+			docinto "java"
+			dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/*
+			dodir "/usr/share/doc/${PF}/java/Test"
+			insinto "/usr/share/doc/${PF}/java/Test"
+			doins "${S}"/java/Test/*.java
+		fi
+
+		dosbin saslauthd/testsaslauthd
+	fi
+}
+
+multilib_src_install_all() {
+	doman man/*
+
+	keepdir /etc/sasl2
+
+	# Reset docinto to default value (#674296)
+	docinto
+	dodoc AUTHORS ChangeLog doc/legacy/TODO
+	newdoc pwcheck/README README.pwcheck
+
+	newdoc docsrc/sasl/release-notes/$(ver_cut 1-2)/index.rst release-notes
+	edos2unix ${ED%/}/usr/share/doc/${PF}/release-notes
+
+	docinto html
+	dodoc doc/html/*.html
+
+	newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd
+
+	newinitd "${FILESDIR}/pwcheck.rc6" pwcheck
+	systemd_dounit "${FILESDIR}/pwcheck.service"
+
+	newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd
+	newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd
+	systemd_dounit "${FILESDIR}/saslauthd.service"
+	systemd_dotmpfilesd "${FILESDIR}/${PN}.conf"
+
+	# The get_modname bit is important: do not remove the .la files on
+	# platforms where the lib isn't called .so for cyrus searches the .la to
+	# figure out what the name is supposed to be instead
+	if ! use static-libs && [[ $(get_modname) == .so ]] ; then
+		find "${ED}" -name "*.la" -delete || die
+	fi
+}
+
+pkg_postinst () {
+	# Generate an empty sasldb2 with correct permissions.
+	if ( use berkdb || use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then
+		einfo "Generating an empty sasldb2 with correct permissions ..."
+		echo "p" | "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -p login \
+			|| die "Failed to generate sasldb2"
+		"${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -d login \
+			|| die "Failed to delete temp user"
+		chown root:mail "${EROOT}/etc/sasl2/sasldb2" \
+			|| die "Failed to chown ${EROOT}/etc/sasl2/sasldb2"
+		chmod 0640 "${EROOT}/etc/sasl2/sasldb2" \
+			|| die "Failed to chmod ${EROOT}/etc/sasl2/sasldb2"
+	fi
+
+	if use authdaemond ; then
+		elog "You need to add a user running a service using Courier's"
+		elog "authdaemon to the 'mail' group. For example, do:"
+		elog "	gpasswd -a postfix mail"
+		elog "to add the 'postfix' user to the 'mail' group."
+	fi
+
+	elog "pwcheck and saslauthd home directories have moved to:"
+	elog "  /run/saslauthd, using tmpfiles.d"
+}

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-CVE-2019-19906.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-CVE-2019-19906.patch
new file mode 100644
index 00000000000..82b9e1fb6db
--- /dev/null
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-CVE-2019-19906.patch
@@ -0,0 +1,20 @@
+Description: CVE-2019-19906: Off-by-one in _sasl_add_string function
+Origin: vendor
+Bug: https://github.com/cyrusimap/cyrus-sasl/issues/587
+Bug-Debian: https://bugs.debian.org/947043
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-19906
+Author: Stephan Zeisberg <stephan@srlabs.de>
+Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
+Last-Update: 2019-12-19
+
+--- a/lib/common.c
++++ b/lib/common.c
+@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t
+ 
+   if (add==NULL) add = "(null)";
+ 
+-  addlen=strlen(add); /* only compute once */
++  addlen=strlen(add)+1; /* only compute once */
+   if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK)
+     return SASL_NOMEM;
+ 


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/, dev-libs/cyrus-sasl/files/
@ 2021-03-16 22:14 Sam James
  0 siblings, 0 replies; 9+ messages in thread
From: Sam James @ 2021-03-16 22:14 UTC (permalink / raw
  To: gentoo-commits

commit:     ac8b393cb1ff7ca80be582820d2fd63c320c43c4
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Tue Mar 16 22:13:48 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Mar 16 22:13:48 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ac8b393c

dev-libs/cyrus-sasl: fix build with slibtool

Thanks-to: orbea <orbea <AT> riseup.net>
Closes: https://bugs.gentoo.org/775875
Signed-off-by: Sam James <sam <AT> gentoo.org>

 dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r4.ebuild        |  1 +
 .../cyrus-sasl/files/cyrus-sasl-2.1.27-slibtool.patch  | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+)

diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r4.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r4.ebuild
index 500aa56870b..32fdde1ac70 100644
--- a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r4.ebuild
+++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r4.ebuild
@@ -57,6 +57,7 @@ PATCHES=(
 	"${FILESDIR}/${PN}-2.1.27-doc_build_fix.patch"
 	"${FILESDIR}/${PN}-2.1.27-memmem.patch"
 	"${FILESDIR}/${PN}-2.1.27-CVE-2019-19906.patch"
+	"${FILESDIR}/${PN}-2.1.27-slibtool.patch"
 )
 
 pkg_setup() {

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-slibtool.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-slibtool.patch
new file mode 100644
index 00000000000..81198cb87f0
--- /dev/null
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-slibtool.patch
@@ -0,0 +1,18 @@
+https://github.com/cyrusimap/cyrus-sasl/pull/623
+https://bugs.gentoo.org/775875
+
+From 5b8075eeba8d0334573689450b07610c176a2618 Mon Sep 17 00:00:00 2001
+From: orbea <orbea@riseup.net>
+Date: Wed, 9 Sep 2020 07:29:38 -0700
+Subject: [PATCH] common: Define the missing crypto_compat_version version.
+
+--- a/common/Makefile.am
++++ b/common/Makefile.am
+@@ -46,6 +46,7 @@
+ # See <http://www.gnu.org/software/libtool/manual/libtool.html#Versioning>
+ # CURRENT:REVISION:AGE
+ plugin_common_version = 3:0:0
++crypto_compat_version = 0:0:0
+ 
+ AM_CPPFLAGS=-fPIC -I$(top_srcdir)/include -I$(top_builddir)/include
+ 


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/, dev-libs/cyrus-sasl/files/
@ 2021-11-22  9:52 Sam James
  0 siblings, 0 replies; 9+ messages in thread
From: Sam James @ 2021-11-22  9:52 UTC (permalink / raw
  To: gentoo-commits

commit:     6d0711ff5c0e069faa6aed313e975b8800e48a65
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Mon Nov 22 09:51:41 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon Nov 22 09:51:41 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6d0711ff

dev-libs/cyrus-sasl: fix autoconf 2.71 compatibility (breaks gssapi detection)

Closes: https://bugs.gentoo.org/825342
Signed-off-by: Sam James <sam <AT> gentoo.org>

 ....1.27-r5.ebuild => cyrus-sasl-2.1.27-r6.ebuild} |  1 +
 .../files/cyrus-sasl-2.1.27-autoconf-2.71.patch    | 45 ++++++++++++++++++++++
 2 files changed, 46 insertions(+)

diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r5.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r6.ebuild
similarity index 99%
rename from dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r5.ebuild
rename to dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r6.ebuild
index 1a07aa6eace3..3f20ae795401 100644
--- a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r5.ebuild
+++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r6.ebuild
@@ -58,6 +58,7 @@ PATCHES=(
 	"${FILESDIR}/${PN}-2.1.27-CVE-2019-19906.patch"
 	"${FILESDIR}/${PN}-2.1.27-slibtool.patch"
 	"${FILESDIR}/${PN}-2.1.27-db_gdbm-fix-gdbm_errno-overlay-from-gdbm_close.patch"
+	"${FILESDIR}/${PN}-2.1.27-autoconf-2.71.patch"
 )
 
 pkg_setup() {

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autoconf-2.71.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autoconf-2.71.patch
new file mode 100644
index 000000000000..b346cd7e5002
--- /dev/null
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autoconf-2.71.patch
@@ -0,0 +1,45 @@
+https://bugs.gentoo.org/825342
+
+commit 5664c3f535289ce9efb513a2897991b5c436bb44
+Author: Pavel Raiskup <praiskup@redhat.com>
+Date:   Thu Apr 1 17:26:28 2021 +0200
+
+    configure.ac: properly quote macro arguments
+    
+    Autoconf 2.70+ is more picky about the quotation (even though with
+    previous versions the arguments should have been quoted, too).  When we
+    don't quote macros inside the AC_CACHE_VAL macro - some of the Autoconf
+    initialization is wrongly ordered in ./configure script and we keep
+    seeing bugs like:
+    
+        ./configure: line 2165: ac_fn_c_try_run: command not found
+    
+    Original report: https://bugzilla.redhat.com/1943013
+    
+    Signed-off-by: Pavel Raiskup <praiskup@redhat.com>
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -213,7 +213,8 @@ if test $sasl_cv_uscore = yes; then
+ 	AC_MSG_CHECKING(whether dlsym adds the underscore for us)
+ 	cmu_save_LIBS="$LIBS"
+ 	LIBS="$LIBS $SASL_DL_LIB"
+-	AC_CACHE_VAL(sasl_cv_dlsym_adds_uscore,AC_TRY_RUN( [
++	AC_CACHE_VAL([sasl_cv_dlsym_adds_uscore],
++	             [AC_TRY_RUN([
+ #include <dlfcn.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+@@ -221,9 +222,9 @@ void foo() { int i=0;}
+ int main() { void *self, *ptr1, *ptr2; self=dlopen(NULL,RTLD_LAZY);
+     if(self) { ptr1=dlsym(self,"foo"); ptr2=dlsym(self,"_foo");
+     if(ptr1 && !ptr2) exit(0); } exit(1); } 
+-], [sasl_cv_dlsym_adds_uscore=yes], sasl_cv_dlsym_adds_uscore=no
+-	AC_DEFINE(DLSYM_NEEDS_UNDERSCORE, [], [Do we need a leading _ for dlsym?]),
+-	AC_MSG_WARN(cross-compiler, we'll do our best)))
++], [sasl_cv_dlsym_adds_uscore=yes], [sasl_cv_dlsym_adds_uscore=no
++	AC_DEFINE(DLSYM_NEEDS_UNDERSCORE, [], [Do we need a leading _ for dlsym?])],
++	[AC_MSG_WARN(cross-compiler, we'll do our best)])])
+ 	LIBS="$cmu_save_LIBS"
+       AC_MSG_RESULT($sasl_cv_dlsym_adds_uscore)
+ 


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/, dev-libs/cyrus-sasl/files/
@ 2021-11-22  9:57 Sam James
  0 siblings, 0 replies; 9+ messages in thread
From: Sam James @ 2021-11-22  9:57 UTC (permalink / raw
  To: gentoo-commits

commit:     5ce7b15739d29a94773324e1295020c059f978ab
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Mon Nov 22 09:57:02 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon Nov 22 09:57:28 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5ce7b157

dev-libs/cyrus-sasl: switch to patchset for -r6

files/ was getting too large for the repository.

Signed-off-by: Sam James <sam <AT> gentoo.org>

 dev-libs/cyrus-sasl/Manifest                       |  1 +
 dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r6.ebuild    | 16 ++------
 .../files/cyrus-sasl-2.1.27-autoconf-2.71.patch    | 45 ----------------------
 3 files changed, 4 insertions(+), 58 deletions(-)

diff --git a/dev-libs/cyrus-sasl/Manifest b/dev-libs/cyrus-sasl/Manifest
index 843afea7db80..da2a2265fd42 100644
--- a/dev-libs/cyrus-sasl/Manifest
+++ b/dev-libs/cyrus-sasl/Manifest
@@ -1 +1,2 @@
+DIST cyrus-sasl-2.1.27-r6-patches.tar.bz2 5169 BLAKE2B 43a2f0db4a8589ec1cde7807b31a93459eacb04d27ba36751a69dd5f4e669d1b28342194b0e1a5382e281a52a35e88168877b54065cfba01b9bd33e87fbd23f1 SHA512 41c4ca7c8f7b79e03faf5d826a6ff0ed398137239b93fb0046ccbf385f6ddeab2b9fb2f51d7a263dc74626e5fdbefb28615a1ee22aabe57ed57f10a52d382797
 DIST cyrus-sasl-2.1.27.tar.gz 4111249 BLAKE2B 82c9acce8534521ce5c5806f093e927f1854b4bc4b83ea7db1b32ceaa811adc1a5b6fc16d03233d729194cd603836f6e58de67f915abab2cb74561a80d03f5a8 SHA512 d11549a99b3b06af79fc62d5478dba3305d7e7cc0824f4b91f0d2638daafbe940623eab235f85af9be38dcf5d42fc131db531c177040a85187aee5096b8df63b

diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r6.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r6.ebuild
index 3f20ae795401..99c0c56d8889 100644
--- a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r6.ebuild
+++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r6.ebuild
@@ -6,11 +6,12 @@ EAPI=7
 inherit edos2unix flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd toolchain-funcs tmpfiles
 
 SASLAUTHD_CONF_VER="2.1.26"
-
+MY_PATCH_VER="${PN}-2.1.27-r6-patches"
 DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"
 HOMEPAGE="https://www.cyrusimap.org/sasl/"
 #SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"
 SRC_URI="https://github.com/cyrusimap/${PN}/releases/download/${P}/${P}.tar.gz"
+SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${MY_PATCH_VER}.tar.bz2"
 
 LICENSE="BSD-with-attribution"
 SLOT="2"
@@ -47,18 +48,7 @@ MULTILIB_WRAPPED_HEADERS=(
 )
 
 PATCHES=(
-	"${FILESDIR}/${PN}-2.1.27-avoid_pic_overwrite.patch"
-	"${FILESDIR}/${PN}-2.1.27-autotools_fixes.patch"
-	"${FILESDIR}/${PN}-2.1.27-as_needed.patch"
-	"${FILESDIR}/${PN}-2.1.25-auxprop.patch"
-	"${FILESDIR}/${PN}-2.1.27-gss_c_nt_hostbased_service.patch"
-	"${FILESDIR}/${PN}-2.1.26-missing-size_t.patch"
-	"${FILESDIR}/${PN}-2.1.27-doc_build_fix.patch"
-	"${FILESDIR}/${PN}-2.1.27-memmem.patch"
-	"${FILESDIR}/${PN}-2.1.27-CVE-2019-19906.patch"
-	"${FILESDIR}/${PN}-2.1.27-slibtool.patch"
-	"${FILESDIR}/${PN}-2.1.27-db_gdbm-fix-gdbm_errno-overlay-from-gdbm_close.patch"
-	"${FILESDIR}/${PN}-2.1.27-autoconf-2.71.patch"
+	"${WORKDIR}"/${MY_PATCH_VER}/
 )
 
 pkg_setup() {

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autoconf-2.71.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autoconf-2.71.patch
deleted file mode 100644
index b346cd7e5002..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autoconf-2.71.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-https://bugs.gentoo.org/825342
-
-commit 5664c3f535289ce9efb513a2897991b5c436bb44
-Author: Pavel Raiskup <praiskup@redhat.com>
-Date:   Thu Apr 1 17:26:28 2021 +0200
-
-    configure.ac: properly quote macro arguments
-    
-    Autoconf 2.70+ is more picky about the quotation (even though with
-    previous versions the arguments should have been quoted, too).  When we
-    don't quote macros inside the AC_CACHE_VAL macro - some of the Autoconf
-    initialization is wrongly ordered in ./configure script and we keep
-    seeing bugs like:
-    
-        ./configure: line 2165: ac_fn_c_try_run: command not found
-    
-    Original report: https://bugzilla.redhat.com/1943013
-    
-    Signed-off-by: Pavel Raiskup <praiskup@redhat.com>
-
---- a/configure.ac
-+++ b/configure.ac
-@@ -213,7 +213,8 @@ if test $sasl_cv_uscore = yes; then
- 	AC_MSG_CHECKING(whether dlsym adds the underscore for us)
- 	cmu_save_LIBS="$LIBS"
- 	LIBS="$LIBS $SASL_DL_LIB"
--	AC_CACHE_VAL(sasl_cv_dlsym_adds_uscore,AC_TRY_RUN( [
-+	AC_CACHE_VAL([sasl_cv_dlsym_adds_uscore],
-+	             [AC_TRY_RUN([
- #include <dlfcn.h>
- #include <stdio.h>
- #include <stdlib.h>
-@@ -221,9 +222,9 @@ void foo() { int i=0;}
- int main() { void *self, *ptr1, *ptr2; self=dlopen(NULL,RTLD_LAZY);
-     if(self) { ptr1=dlsym(self,"foo"); ptr2=dlsym(self,"_foo");
-     if(ptr1 && !ptr2) exit(0); } exit(1); } 
--], [sasl_cv_dlsym_adds_uscore=yes], sasl_cv_dlsym_adds_uscore=no
--	AC_DEFINE(DLSYM_NEEDS_UNDERSCORE, [], [Do we need a leading _ for dlsym?]),
--	AC_MSG_WARN(cross-compiler, we'll do our best)))
-+], [sasl_cv_dlsym_adds_uscore=yes], [sasl_cv_dlsym_adds_uscore=no
-+	AC_DEFINE(DLSYM_NEEDS_UNDERSCORE, [], [Do we need a leading _ for dlsym?])],
-+	[AC_MSG_WARN(cross-compiler, we'll do our best)])])
- 	LIBS="$cmu_save_LIBS"
-       AC_MSG_RESULT($sasl_cv_dlsym_adds_uscore)
- 


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/, dev-libs/cyrus-sasl/files/
@ 2022-02-23  0:54 Sam James
  0 siblings, 0 replies; 9+ messages in thread
From: Sam James @ 2022-02-23  0:54 UTC (permalink / raw
  To: gentoo-commits

commit:     a065bacc267e31d5dd4a64d416de800cb6bc6fdd
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 23 00:52:37 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Feb 23 00:53:47 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a065bacc

dev-libs/cyrus-sasl: add 2.1.28

Java bindings dropped upstream. Fair amount of autotools changed upstream
too so hopefully those issues are fixed.

Bug: https://bugs.gentoo.org/539632
Bug: https://bugs.gentoo.org/591358
Bug: https://bugs.gentoo.org/409897
Closes: https://bugs.gentoo.org/476392
Closes: https://bugs.gentoo.org/818145
Signed-off-by: Sam James <sam <AT> gentoo.org>

 dev-libs/cyrus-sasl/Manifest                       |   1 +
 dev-libs/cyrus-sasl/cyrus-sasl-2.1.28.ebuild       | 220 +++++++++++++++++++++
 ...yrus-sasl-2.1.28-fix-configure-time-check.patch |  50 +++++
 3 files changed, 271 insertions(+)

diff --git a/dev-libs/cyrus-sasl/Manifest b/dev-libs/cyrus-sasl/Manifest
index da2a2265fd42..0de2b299de60 100644
--- a/dev-libs/cyrus-sasl/Manifest
+++ b/dev-libs/cyrus-sasl/Manifest
@@ -1,2 +1,3 @@
 DIST cyrus-sasl-2.1.27-r6-patches.tar.bz2 5169 BLAKE2B 43a2f0db4a8589ec1cde7807b31a93459eacb04d27ba36751a69dd5f4e669d1b28342194b0e1a5382e281a52a35e88168877b54065cfba01b9bd33e87fbd23f1 SHA512 41c4ca7c8f7b79e03faf5d826a6ff0ed398137239b93fb0046ccbf385f6ddeab2b9fb2f51d7a263dc74626e5fdbefb28615a1ee22aabe57ed57f10a52d382797
 DIST cyrus-sasl-2.1.27.tar.gz 4111249 BLAKE2B 82c9acce8534521ce5c5806f093e927f1854b4bc4b83ea7db1b32ceaa811adc1a5b6fc16d03233d729194cd603836f6e58de67f915abab2cb74561a80d03f5a8 SHA512 d11549a99b3b06af79fc62d5478dba3305d7e7cc0824f4b91f0d2638daafbe940623eab235f85af9be38dcf5d42fc131db531c177040a85187aee5096b8df63b
+DIST cyrus-sasl-2.1.28.tar.gz 4034803 BLAKE2B 6cca8c26cebb9c2ee5d539c43797d30b6309a476ec4233225789978e1d7315c4ea5d2abbc7f5464be0f3c0de5fd9212706b43fbc92f40b76cd0b1013cc00f823 SHA512 db15af9079758a9f385457a79390c8a7cd7ea666573dace8bf4fb01bb4b49037538d67285727d6a70ad799d2e2318f265c9372e2427de9371d626a1959dd6f78

diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.28.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.28.ebuild
new file mode 100644
index 000000000000..84382b93e147
--- /dev/null
+++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.28.ebuild
@@ -0,0 +1,220 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools edos2unix flag-o-matic multilib multilib-minimal pam db-use systemd toolchain-funcs tmpfiles
+
+SASLAUTHD_CONF_VER="2.1.26"
+MY_PATCH_VER="${PN}-2.1.27-r6-patches"
+DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"
+HOMEPAGE="https://www.cyrusimap.org/sasl/"
+#SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"
+SRC_URI="https://github.com/cyrusimap/${PN}/releases/download/${P}/${P}.tar.gz"
+SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${MY_PATCH_VER}.tar.bz2"
+
+LICENSE="BSD-with-attribution"
+SLOT="2"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="authdaemond berkdb gdbm kerberos ldapdb openldap mysql pam postgres sample selinux sqlite srp ssl static-libs urandom"
+REQUIRED_USE="ldapdb? ( openldap )"
+
+DEPEND="net-mail/mailbase
+	virtual/libcrypt:=
+	authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) )
+	berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )
+	gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] )
+	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
+	openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )
+	mysql? ( dev-db/mysql-connector-c:0=[${MULTILIB_USEDEP}] )
+	pam? ( >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] )
+	postgres? ( dev-db/postgresql:* )
+	sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] )
+	ssl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )"
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-sasl )"
+
+MULTILIB_WRAPPED_HEADERS=(
+	/usr/include/sasl/md5global.h
+)
+
+PATCHES=(
+	"${WORKDIR}"/${MY_PATCH_VER}/cyrus-sasl-2.1.25-auxprop.patch
+	"${WORKDIR}"/${MY_PATCH_VER}/cyrus-sasl-2.1.27-avoid_pic_overwrite.patch
+	"${WORKDIR}"/${MY_PATCH_VER}/cyrus-sasl-2.1.27-gss_c_nt_hostbased_service.patch
+	"${FILESDIR}"/cyrus-sasl-2.1.28-fix-configure-time-check.patch
+)
+
+src_prepare() {
+	default
+
+	# Use plugindir for sasldir
+	sed -i '/^sasldir =/s:=.*:= $(plugindir):' \
+		"${S}"/plugins/Makefile.{am,in} || die "sed failed"
+
+	# bug #486740 and bug #468556 (dropped AM_CONFIG_HEADER sed in 2.1.28)
+	sed -i -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' configure.ac || die
+
+	eautoreconf
+}
+
+src_configure() {
+	export CC_FOR_BUILD="$(tc-getBUILD_CC)"
+
+	append-flags -fno-strict-aliasing
+
+	if [[ ${CHOST} == *-solaris* ]] ; then
+		# getpassphrase is defined in /usr/include/stdlib.h
+		append-cppflags -DHAVE_GETPASSPHRASE
+	else
+		# this horrendously breaks things on Solaris
+		append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED
+		# replaces BSD_SOURCE (bug #579218)
+		append-cppflags -D_DEFAULT_SOURCE
+	fi
+
+	multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+	local myeconfargs=(
+		--enable-login
+		--enable-ntlm
+		--enable-auth-sasldb
+		--disable-cmulocal
+		--disable-krb4
+		--disable-macos-framework
+		--enable-otp
+		--without-sqlite
+		--with-saslauthd="${EPREFIX}"/run/saslauthd
+		--with-pwcheck="${EPREFIX}"/run/saslauthd
+		--with-configdir="${EPREFIX}"/etc/sasl2
+		--with-plugindir="${EPREFIX}/usr/$(get_libdir)/sasl2"
+		--with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2
+		--with-sphinx-build=no
+		$(use_with ssl openssl)
+		$(use_with pam)
+		$(use_with openldap ldap)
+		$(use_enable ldapdb)
+		$(multilib_native_use_enable sample)
+		$(use_enable kerberos gssapi)
+		$(multilib_native_use_with mysql mysql "${EPREFIX}"/usr)
+		$(multilib_native_use_with postgres pgsql "${EPREFIX}/usr/$(get_libdir)/postgresql")
+		$(use_with sqlite sqlite3 "${EPREFIX}/usr/$(get_libdir)")
+		$(use_enable srp)
+		$(use_enable static-libs static)
+
+		# Add authdaemond support (bug #56523).
+		$(usex authdaemond --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket '')
+
+		# Fix for bug #59634.
+		$(usex ssl '' --without-des)
+
+		# Use /dev/urandom instead of /dev/random (bug #46038).
+		$(usex urandom --with-devrandom=/dev/urandom '')
+	)
+
+	if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then
+		myeconfargs+=( --enable-sql )
+	else
+		myeconfargs+=( --disable-sql )
+	fi
+
+	# Default to GDBM if both 'gdbm' and 'berkdb' are present.
+	if use gdbm ; then
+		einfo "Building with GNU DB as database backend for your SASLdb"
+		myeconfargs+=( --with-dblib=gdbm )
+	elif use berkdb ; then
+		einfo "Building with BerkeleyDB as database backend for your SASLdb"
+		myeconfargs+=(
+			--with-dblib=berkeley
+			--with-bdb-incdir="$(db_includedir)"
+		)
+	else
+		einfo "Building without SASLdb support"
+		myeconfargs+=( --with-dblib=none )
+	fi
+
+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+}
+
+multilib_src_install() {
+	default
+
+	if multilib_is_native_abi; then
+		if use sample ; then
+			docinto sample
+			dodoc "${S}"/sample/*.c
+			exeinto /usr/share/doc/${P}/sample
+			doexe sample/client sample/server
+		fi
+
+		dosbin saslauthd/testsaslauthd
+	fi
+}
+
+multilib_src_install_all() {
+	doman man/*
+
+	keepdir /etc/sasl2
+
+	# Reset docinto to default value (bug #674296)
+	docinto
+	dodoc AUTHORS ChangeLog doc/legacy/TODO
+	newdoc pwcheck/README README.pwcheck
+
+	newdoc docsrc/sasl/release-notes/$(ver_cut 1-2)/index.rst release-notes
+	edos2unix "${ED}"/usr/share/doc/${PF}/release-notes
+
+	docinto html
+	dodoc doc/html/*.html
+
+	if use pam; then
+		newpamd "${FILESDIR}"/saslauthd.pam-include saslauthd
+	fi
+
+	newinitd "${FILESDIR}"/pwcheck.rc6 pwcheck
+	systemd_dounit "${FILESDIR}"/pwcheck.service
+
+	newinitd "${FILESDIR}"/saslauthd2.rc7 saslauthd
+	newconfd "${FILESDIR}"/saslauthd-${SASLAUTHD_CONF_VER}.conf saslauthd
+	systemd_dounit "${FILESDIR}"/saslauthd.service
+	dotmpfiles "${FILESDIR}"/${PN}.conf
+
+	# The get_modname bit is important: do not remove the .la files on
+	# platforms where the lib isn't called .so for cyrus searches the .la to
+	# figure out what the name is supposed to be instead
+	if ! use static-libs && [[ $(get_modname) == .so ]] ; then
+		find "${ED}" -name "*.la" -delete || die
+	fi
+}
+
+pkg_postinst() {
+	tmpfiles_process ${PN}.conf
+
+	# Generate an empty sasldb2 with correct permissions.
+	if ( use berkdb || use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then
+		einfo "Generating an empty sasldb2 with correct permissions ..."
+
+		echo "p" | "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -p login \
+			|| die "Failed to generate sasldb2"
+
+		"${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -d login \
+			|| die "Failed to delete temp user"
+
+		chown root:mail "${EROOT}/etc/sasl2/sasldb2" \
+			|| die "Failed to chown ${EROOT}/etc/sasl2/sasldb2"
+		chmod 0640 "${EROOT}/etc/sasl2/sasldb2" \
+			|| die "Failed to chmod ${EROOT}/etc/sasl2/sasldb2"
+	fi
+
+	if use authdaemond ; then
+		elog "You need to add a user running a service using Courier's"
+		elog "authdaemon to the 'mail' group. For example, do:"
+		elog "	gpasswd -a postfix mail"
+		elog "to add the 'postfix' user to the 'mail' group."
+	fi
+
+	elog "pwcheck and saslauthd home directories have moved to:"
+	elog "  /run/saslauthd, using tmpfiles.d"
+}

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.28-fix-configure-time-check.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.28-fix-configure-time-check.patch
new file mode 100644
index 000000000000..873dac53fe03
--- /dev/null
+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.28-fix-configure-time-check.patch
@@ -0,0 +1,50 @@
+https://github.com/cyrusimap/cyrus-sasl/pull/709
+
+From 399625c3413c313e93432d0f5907350722b861c7 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Wed, 23 Feb 2022 00:45:15 +0000
+Subject: [PATCH] Fix <time.h> check
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+We're conditionally including based on HAVE_TIME_H in a bunch of places,
+but we're not actually checking for time.h, so that's never going to be defined.
+
+While at it, add in a missing include in the cram plugin.
+
+This fixes a bunch of implicit declaration warnings:
+```
+ * cyrus-sasl-2.1.28/lib/saslutil.c:280:3: warning: implicit declaration of function ‘time’ [-Wimplicit-function-declaration]
+ * cyrus-sasl-2.1.28/lib/saslutil.c:364:41: warning: implicit declaration of function ‘clock’ [-Wimplicit-function-declaration]
+ * cyrus-sasl-2.1.28/plugins/cram.c:132:7: warning: implicit declaration of function ‘time’ [-Wimplicit-function-declaration]
+ * cyrus-sasl-2.1.28/lib/saslutil.c:280:3: warning: implicit declaration of function ‘time’ [-Wimplicit-function-declaration]
+ * cyrus-sasl-2.1.28/lib/saslutil.c:364:41: warning: implicit declaration of function ‘clock’ [-Wimplicit-function-declaration]
+ * cyrus-sasl-2.1.28/plugins/cram.c:132:7: warning: implicit declaration of function ‘time’ [-Wimplicit-function-declaration]
+```
+
+Signed-off-by: Sam James <sam@gentoo.org>
+--- a/configure.ac
++++ b/configure.ac
+@@ -1290,7 +1290,7 @@ AC_CHECK_HEADERS_ONCE([sys/time.h])
+ 
+ AC_HEADER_DIRENT
+ AC_HEADER_SYS_WAIT
+-AC_CHECK_HEADERS(crypt.h des.h dlfcn.h fcntl.h limits.h malloc.h paths.h strings.h sys/file.h sys/time.h syslog.h unistd.h inttypes.h sys/uio.h sys/param.h sysexits.h stdarg.h varargs.h krb5.h)
++AC_CHECK_HEADERS(crypt.h des.h dlfcn.h fcntl.h limits.h malloc.h paths.h strings.h sys/file.h sys/time.h syslog.h time.h unistd.h inttypes.h sys/uio.h sys/param.h sysexits.h stdarg.h varargs.h krb5.h)
+ 
+ IPv6_CHECK_SS_FAMILY()
+ IPv6_CHECK_SA_LEN()
+--- a/plugins/cram.c
++++ b/plugins/cram.c
+@@ -53,6 +53,10 @@
+ #endif
+ #include <fcntl.h>
+ 
++#ifdef HAVE_TIME_H
++#include <time.h>
++#endif
++
+ #include <sasl.h>
+ #include <saslplug.h>
+ #include <saslutil.h>


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/, dev-libs/cyrus-sasl/files/
@ 2022-02-23  2:19 Sam James
  0 siblings, 0 replies; 9+ messages in thread
From: Sam James @ 2022-02-23  2:19 UTC (permalink / raw
  To: gentoo-commits

commit:     65be5f298d5fc6b98119d01e946f0708fd40cde7
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 23 01:48:06 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Feb 23 01:48:20 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=65be5f29

dev-libs/cyrus-sasl: drop 2.1.27-r4

Signed-off-by: Sam James <sam <AT> gentoo.org>

 dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r4.ebuild    | 268 ---------------------
 .../files/cyrus-sasl-2.1.25-auxprop.patch          |  16 --
 .../files/cyrus-sasl-2.1.26-missing-size_t.patch   |  13 -
 .../files/cyrus-sasl-2.1.27-CVE-2019-19906.patch   |  20 --
 .../files/cyrus-sasl-2.1.27-as_needed.patch        |  25 --
 .../files/cyrus-sasl-2.1.27-autotools_fixes.patch  |  31 ---
 .../cyrus-sasl-2.1.27-avoid_pic_overwrite.patch    |  17 --
 .../files/cyrus-sasl-2.1.27-doc_build_fix.patch    |  11 -
 ...us-sasl-2.1.27-gss_c_nt_hostbased_service.patch |  16 --
 .../files/cyrus-sasl-2.1.27-memmem.patch           |  53 ----
 .../files/cyrus-sasl-2.1.27-slibtool.patch         |  18 --
 11 files changed, 488 deletions(-)

diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r4.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r4.ebuild
deleted file mode 100644
index 670450a576e0..000000000000
--- a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r4.ebuild
+++ /dev/null
@@ -1,268 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit edos2unix flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd toolchain-funcs tmpfiles
-
-SASLAUTHD_CONF_VER="2.1.26"
-
-DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"
-HOMEPAGE="https://www.cyrusimap.org/sasl/"
-#SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"
-SRC_URI="https://github.com/cyrusimap/${PN}/releases/download/${P}/${P}.tar.gz"
-
-LICENSE="BSD-with-attribution"
-SLOT="2"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="authdaemond berkdb gdbm kerberos ldapdb openldap mysql pam postgres sample selinux sqlite srp ssl static-libs urandom"
-
-CDEPEND="
-	net-mail/mailbase
-	virtual/libcrypt:=
-	authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) )
-	berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )
-	gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] )
-	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
-	openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )
-	mysql? ( dev-db/mysql-connector-c:0=[${MULTILIB_USEDEP}] )
-	pam? ( >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] )
-	postgres? ( dev-db/postgresql:* )
-	sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] )
-	ssl? (
-		>=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}]
-	)
-	java? ( >=virtual/jdk-1.6:= )"
-
-REQUIRED_USE="ldapdb? ( openldap )"
-
-RDEPEND="
-	${CDEPEND}
-	selinux? ( sec-policy/selinux-sasl )"
-
-DEPEND="${CDEPEND}"
-
-MULTILIB_WRAPPED_HEADERS=(
-	/usr/include/sasl/md5global.h
-)
-
-PATCHES=(
-	"${FILESDIR}/${PN}-2.1.27-avoid_pic_overwrite.patch"
-	"${FILESDIR}/${PN}-2.1.27-autotools_fixes.patch"
-	"${FILESDIR}/${PN}-2.1.27-as_needed.patch"
-	"${FILESDIR}/${PN}-2.1.25-auxprop.patch"
-	"${FILESDIR}/${PN}-2.1.27-gss_c_nt_hostbased_service.patch"
-	"${FILESDIR}/${PN}-2.1.26-missing-size_t.patch"
-	"${FILESDIR}/${PN}-2.1.27-doc_build_fix.patch"
-	"${FILESDIR}/${PN}-2.1.27-memmem.patch"
-	"${FILESDIR}/${PN}-2.1.27-CVE-2019-19906.patch"
-	"${FILESDIR}/${PN}-2.1.27-slibtool.patch"
-)
-
-pkg_setup() {
-	java-pkg-opt-2_pkg_setup
-}
-
-src_prepare() {
-	default
-
-	# Get rid of the -R switch (runpath_switch for Sun)
-	# >=gcc-4.6 errors out with unknown option
-	sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \
-		configure.ac || die
-
-	# Use plugindir for sasldir
-	sed -i '/^sasldir =/s:=.*:= $(plugindir):' \
-		"${S}"/plugins/Makefile.{am,in} || die "sed failed"
-
-	# #486740 #468556
-	sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \
-		-e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \
-		configure.ac || die
-
-	eautoreconf
-
-	export CC_FOR_BUILD="$(tc-getBUILD_CC)"
-}
-
-src_configure() {
-	append-flags -fno-strict-aliasing
-
-	if [[ ${CHOST} == *-solaris* ]] ; then
-		# getpassphrase is defined in /usr/include/stdlib.h
-		append-cppflags -DHAVE_GETPASSPHRASE
-	else
-		# this horrendously breaks things on Solaris
-		append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED
-		# replaces BSD_SOURCE (bug #579218)
-		append-cppflags -D_DEFAULT_SOURCE
-	fi
-
-	multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
-	# Java support
-	multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}"
-
-	local myeconfargs=(
-		--enable-login
-		--enable-ntlm
-		--enable-auth-sasldb
-		--disable-cmulocal
-		--disable-krb4
-		--disable-macos-framework
-		--enable-otp
-		--without-sqlite
-		--with-saslauthd="${EPREFIX}"/run/saslauthd
-		--with-pwcheck="${EPREFIX}"/run/saslauthd
-		--with-configdir="${EPREFIX}"/etc/sasl2
-		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sasl2
-		--with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2
-		--with-sphinx-build=no
-		$(use_with ssl openssl)
-		$(use_with pam)
-		$(use_with openldap ldap)
-		$(use_enable ldapdb)
-		$(multilib_native_use_enable sample)
-		$(use_enable kerberos gssapi)
-		$(multilib_native_use_enable java)
-		$(multilib_native_use_with mysql mysql "${EPREFIX}"/usr)
-		$(multilib_native_use_with postgres pgsql "${EPREFIX}"/usr/$(get_libdir)/postgresql)
-		$(use_with sqlite sqlite3 "${EPREFIX}"/usr/$(get_libdir))
-		$(use_enable srp)
-		$(use_enable static-libs static)
-
-		# Add authdaemond support (bug #56523).
-		$(usex authdaemond --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket '')
-
-		# Fix for bug #59634.
-		$(usex ssl '' --without-des)
-
-		# Use /dev/urandom instead of /dev/random (bug #46038).
-		$(usex urandom --with-devrandom=/dev/urandom '')
-	)
-
-	if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then
-		myeconfargs+=( --enable-sql )
-	else
-		myeconfargs+=( --disable-sql )
-	fi
-
-	# Default to GDBM if both 'gdbm' and 'berkdb' are present.
-	if use gdbm ; then
-		einfo "Building with GNU DB as database backend for your SASLdb"
-		myeconfargs+=( --with-dblib=gdbm )
-	elif use berkdb ; then
-		einfo "Building with BerkeleyDB as database backend for your SASLdb"
-		myeconfargs+=(
-			--with-dblib=berkeley
-			--with-bdb-incdir="$(db_includedir)"
-		)
-	else
-		einfo "Building without SASLdb support"
-		myeconfargs+=( --with-dblib=none )
-	fi
-
-	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
-	emake
-
-	# Default location for java classes breaks OpenOffice (bug #60769).
-	# Thanks to axxo@gentoo.org for the solution.
-	if multilib_is_native_abi && use java ; then
-		jar -cvf ${PN}.jar -C java $(find java -name "*.class")
-	fi
-}
-
-multilib_src_install() {
-	default
-
-	if multilib_is_native_abi; then
-		if use sample ; then
-			docinto sample
-			dodoc "${S}"/sample/*.c
-			exeinto /usr/share/doc/${P}/sample
-			doexe sample/client sample/server
-		fi
-
-		# Default location for java classes breaks OpenOffice (bug #60769).
-		if use java; then
-			java-pkg_dojar ${PN}.jar
-			java-pkg_regso "${ED}/usr/$(get_libdir)/libjavasasl$(get_libname)"
-			# hackish, don't wanna dig through makefile
-			rm -rf "${ED}/usr/$(get_libdir)/java" || die
-			docinto "java"
-			dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/*
-			insinto "/usr/share/doc/${PF}/java/Test"
-			doins "${S}"/java/Test/*.java
-		fi
-
-		dosbin saslauthd/testsaslauthd
-	fi
-}
-
-multilib_src_install_all() {
-	doman man/*
-
-	keepdir /etc/sasl2
-
-	# Reset docinto to default value (#674296)
-	docinto
-	dodoc AUTHORS ChangeLog doc/legacy/TODO
-	newdoc pwcheck/README README.pwcheck
-
-	newdoc docsrc/sasl/release-notes/$(ver_cut 1-2)/index.rst release-notes
-	edos2unix "${ED}/usr/share/doc/${PF}/release-notes"
-
-	docinto html
-	dodoc doc/html/*.html
-
-	if use pam; then
-		newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd
-	fi
-
-	newinitd "${FILESDIR}/pwcheck.rc6" pwcheck
-	systemd_dounit "${FILESDIR}/pwcheck.service"
-
-	newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd
-	newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd
-	systemd_dounit "${FILESDIR}/saslauthd.service"
-	dotmpfiles "${FILESDIR}/${PN}.conf"
-
-	# The get_modname bit is important: do not remove the .la files on
-	# platforms where the lib isn't called .so for cyrus searches the .la to
-	# figure out what the name is supposed to be instead
-	if ! use static-libs && [[ $(get_modname) == .so ]] ; then
-		find "${ED}" -name "*.la" -delete || die
-	fi
-}
-
-pkg_postinst() {
-	tmpfiles_process ${PN}.conf
-
-	# Generate an empty sasldb2 with correct permissions.
-	if ( use berkdb || use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then
-		einfo "Generating an empty sasldb2 with correct permissions ..."
-		echo "p" | "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -p login \
-			|| die "Failed to generate sasldb2"
-		"${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -d login \
-			|| die "Failed to delete temp user"
-		chown root:mail "${EROOT}/etc/sasl2/sasldb2" \
-			|| die "Failed to chown ${EROOT}/etc/sasl2/sasldb2"
-		chmod 0640 "${EROOT}/etc/sasl2/sasldb2" \
-			|| die "Failed to chmod ${EROOT}/etc/sasl2/sasldb2"
-	fi
-
-	if use authdaemond ; then
-		elog "You need to add a user running a service using Courier's"
-		elog "authdaemon to the 'mail' group. For example, do:"
-		elog "	gpasswd -a postfix mail"
-		elog "to add the 'postfix' user to the 'mail' group."
-	fi
-
-	elog "pwcheck and saslauthd home directories have moved to:"
-	elog "  /run/saslauthd, using tmpfiles.d"
-}

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-auxprop.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-auxprop.patch
deleted file mode 100644
index a9dd1476d2e6..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-auxprop.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-https://bugzilla.cyrusimap.org/show_bug.cgi?id=3590
-https://bugs.gentoo.org/show_bug.cgi?id=392761
-
---- cyrus-sasl-2.1.25/lib/auxprop.c~	2011-10-20 17:33:46.423015318 +0200
-+++ cyrus-sasl-2.1.25/lib/auxprop.c	2011-10-20 17:48:49.336348654 +0200
-@@ -971,6 +971,10 @@
-     }
- 
-     if(!found) {
-+	/* compatibility with <= 2.1.23, ignore the lack of auxrop plugin */
-+	if (!plist)
-+	    result = SASL_OK;
-+	else
- 	_sasl_log(sparams->utils->conn, SASL_LOG_DEBUG,
- 		  "could not find auxprop plugin, was searching for '%s'",
- 		  plist ? plist : "[all]");

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-missing-size_t.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-missing-size_t.patch
deleted file mode 100644
index 0177b52567f2..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-missing-size_t.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-Gentoo bug #458790
---- a/include/sasl.h
-+++ b/include/sasl.h
-@@ -121,6 +121,9 @@
- #ifndef SASL_H
- #define SASL_H 1
- 
-+/* stddef.h to get size_t defined */
-+#include <stddef.h>
-+
- /* Keep in sync with win32/common.mak */
- #define SASL_VERSION_MAJOR 2
- #define SASL_VERSION_MINOR 1

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-CVE-2019-19906.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-CVE-2019-19906.patch
deleted file mode 100644
index 82b9e1fb6dbe..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-CVE-2019-19906.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Description: CVE-2019-19906: Off-by-one in _sasl_add_string function
-Origin: vendor
-Bug: https://github.com/cyrusimap/cyrus-sasl/issues/587
-Bug-Debian: https://bugs.debian.org/947043
-Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-19906
-Author: Stephan Zeisberg <stephan@srlabs.de>
-Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
-Last-Update: 2019-12-19
-
---- a/lib/common.c
-+++ b/lib/common.c
-@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t
- 
-   if (add==NULL) add = "(null)";
- 
--  addlen=strlen(add); /* only compute once */
-+  addlen=strlen(add)+1; /* only compute once */
-   if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK)
-     return SASL_NOMEM;
- 

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-as_needed.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-as_needed.patch
deleted file mode 100644
index 7cd9e151fbb7..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-as_needed.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-Author: Matthias Klose <doko@ubuntu.com>
-Desription: Fix FTBFS, add $(SASL_DB_LIB) as dependency to libsasldb, and use
-it.
---- cyrus-sasl-2.1.27/saslauthd/Makefile.am
-+++ cyrus-sasl-2.1.27/saslauthd/Makefile.am
-@@ -25,7 +25,7 @@
- saslauthd_DEPENDENCIES = saslauthd-main.o $(LTLIBOBJS_FULL)
- saslauthd_LDADD	= @SASL_KRB_LIB@ \
- 		  @GSSAPIBASE_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \
--		  @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS)
-+		  @LIB_SOCKET@ ../sasldb/libsasldb.la @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS)
- 
- testsaslauthd_SOURCES = testsaslauthd.c utils.c
- testsaslauthd_LDADD = @LIB_SOCKET@
---- cyrus-sasl-2.1.27/sasldb/Makefile.am
-+++ cyrus-sasl-2.1.27/sasldb/Makefile.am
-@@ -54,6 +54,6 @@
- 
- libsasldb_la_SOURCES = allockey.c sasldb.h
- EXTRA_libsasldb_la_SOURCES = $(extra_common_sources)
--libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND)
--libsasldb_la_LIBADD = $(SASL_DB_BACKEND)
-+libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
-+libsasldb_la_LIBADD = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
- libsasldb_la_LDFLAGS = -no-undefined

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autotools_fixes.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autotools_fixes.patch
deleted file mode 100644
index 2ce971efc5b5..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-autotools_fixes.patch
+++ /dev/null
@@ -1,31 +0,0 @@
---- cyrus-sasl-2.1.27/configure.ac
-+++ cyrus-sasl-2.1.27/configure.ac
-@@ -44,6 +44,8 @@
- 
- AC_PREREQ(2.63)
- 
-+AC_CONFIG_MACRO_DIR([config])
-+
- dnl
- dnl REMINDER: When changing the version number here, please also update
- dnl the values in win32/include/config.h and include/sasl.h as well.
---- cyrus-sasl-2.1.27/Makefile.am
-+++ cyrus-sasl-2.1.27/Makefile.am
-@@ -44,6 +44,8 @@
- #
- ################################################################
- 
-+ACLOCAL_AMFLAGS = -I config
-+
- if SASLAUTHD
- SAD = saslauthd
- else
---- cyrus-sasl-2.1.27/saslauthd/Makefile.am
-+++ cyrus-sasl-2.1.27/saslauthd/Makefile.am
-@@ -1,4 +1,6 @@
- AUTOMAKE_OPTIONS = 1.7
-+ACLOCAL_AMFLAGS = -I ../config
-+
- sbin_PROGRAMS	= saslauthd testsaslauthd
- EXTRA_PROGRAMS  = saslcache
- 

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-avoid_pic_overwrite.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-avoid_pic_overwrite.patch
deleted file mode 100644
index c331039e2f16..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-avoid_pic_overwrite.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-Author: Fabian Fagerholm <fabbe@debian.org>
-Description: This patch makes sure the non-PIC version of libsasldb.a, which
-is created out of non-PIC objects, is not going to overwrite the PIC version,
-which is created out of PIC objects. The PIC version is placed in .libs, and
-the non-PIC version in the current directory.  This ensures that both non-PIC
-and PIC versions are available in the correct locations.
---- cyrus-sasl-2.1.27/lib/Makefile.am
-+++ cyrus-sasl-2.1.27/lib/Makefile.am
-@@ -98,7 +98,7 @@
- 
- libsasl2.a: libsasl2.la $(SASL_STATIC_OBJS)
- 	@echo adding static plugins and dependencies
--	$(AR) cru .libs/$@ $(SASL_STATIC_OBJS)
-+	$(AR) cru $@ $(SASL_STATIC_OBJS)
- 	@for i in ./libsasl2.la ../common/libplugin_common.la ../sasldb/libsasldb.la ../plugins/lib*.la; do \
- 	if test ! -f $$i; then continue; fi; . $$i; \
- 	for j in $$dependency_libs foo; do \

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-doc_build_fix.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-doc_build_fix.patch
deleted file mode 100644
index bdd02f779660..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-doc_build_fix.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- cyrus-sasl-2.1.27/docsrc/exts/sphinxlocal/writers/manpage.py
-+++ cyrus-sasl-2.1.27/docsrc/exts/sphinxlocal/writers/manpage.py
-@@ -23,7 +23,7 @@
- from sphinx import addnodes
- from sphinx.locale import admonitionlabels, _
- from sphinx.util.osutil import ustrftime
--from sphinx.util.compat import docutils_version
-+#from sphinx.util.compat import docutils_version
- 
- class CyrusManualPageWriter(ManualPageWriter):
- 

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-gss_c_nt_hostbased_service.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-gss_c_nt_hostbased_service.patch
deleted file mode 100644
index c585cb158e15..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-gss_c_nt_hostbased_service.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-Gentoo bug #389349
---- cyrus-sasl-2.1.27/m4/sasl2.m4
-+++ cyrus-sasl-2.1.27/m4/sasl2.m4
-@@ -220,7 +220,11 @@
-                  [AC_WARN([Cybersafe define not found])])
- 
-   elif test "$ac_cv_header_gssapi_h" = "yes"; then
--    AC_EGREP_HEADER(GSS_C_NT_HOSTBASED_SERVICE, gssapi.h,
-+    AC_EGREP_CPP(hostbased_service_gss_nt_yes, gssapi.h,
-+                 [#include <gssapi.h>
-+                  #ifdef GSS_C_NT_HOSTBASED_SERVICE
-+                    hostbased_service_gss_nt_yes
-+                  #endif],
-                     [AC_DEFINE(HAVE_GSS_C_NT_HOSTBASED_SERVICE,,
-                                [Define if your GSSAPI implementation defines GSS_C_NT_HOSTBASED_SERVICE])])
-   elif test "$ac_cv_header_gssapi_gssapi_h"; then

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-memmem.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-memmem.patch
deleted file mode 100644
index 158529dcb5f5..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-memmem.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-auth_rimap: provide naive memmem implementation if missing
-
-read_response uses memmem, which is not available on e.g. Solaris 10
-
-Bug: https://github.com/cyrusimap/cyrus-sasl/pull/551
-Signed-off-by: Fabian Groffen <grobian@gentoo.org>
-
---- a/saslauthd/auth_rimap.c
-+++ b/saslauthd/auth_rimap.c
-@@ -367,6 +367,32 @@
- /* END FUNCTION: process_login_reply */
- \f
- 
-+#ifndef HAVE_MEMMEM
-+static void *memmem(
-+		const void *big, size_t big_len,
-+		const void *little, size_t little_len)
-+{
-+	const char *bp = (const char *)big;
-+	const char *lp = (const char *)little;
-+	size_t l;
-+
-+	if (big_len < little_len || little_len == 0 || big_len == 0)
-+		return NULL;
-+
-+	while (big_len > 0) {
-+		for (l = 0; l < little_len; l++) {
-+			if (bp[l] != lp[l])
-+				break;
-+		}
-+		if (l == little_len)
-+			return (void *)bp;
-+		bp++;
-+	}
-+
-+	return NULL;
-+}
-+#endif
-+
- static int read_response(int s, char *rbuf, int buflen, const char *tag)
- {
-     int rc = 0;
---- a/configure.ac
-+++ b/configure.ac
-@@ -1292,7 +1292,7 @@
- 
- #AC_FUNC_MEMCMP
- #AC_FUNC_VPRINTF
--AC_CHECK_FUNCS(gethostname getdomainname getpwnam getspnam gettimeofday inet_aton memcpy mkdir select socket strchr strdup strerror strspn strstr strtol jrand48 getpassphrase asprintf strlcat strlcpy)
-+AC_CHECK_FUNCS(gethostname getdomainname getpwnam getspnam gettimeofday inet_aton memcpy memmem mkdir select socket strchr strdup strerror strspn strstr strtol jrand48 getpassphrase asprintf strlcat strlcpy)
- 
- if test $ac_cv_func_getspnam = yes; then
- 	AC_MSG_CHECKING(if getpwnam_r/getspnam_r take 5 arguments)

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-slibtool.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-slibtool.patch
deleted file mode 100644
index 81198cb87f0d..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-slibtool.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-https://github.com/cyrusimap/cyrus-sasl/pull/623
-https://bugs.gentoo.org/775875
-
-From 5b8075eeba8d0334573689450b07610c176a2618 Mon Sep 17 00:00:00 2001
-From: orbea <orbea@riseup.net>
-Date: Wed, 9 Sep 2020 07:29:38 -0700
-Subject: [PATCH] common: Define the missing crypto_compat_version version.
-
---- a/common/Makefile.am
-+++ b/common/Makefile.am
-@@ -46,6 +46,7 @@
- # See <http://www.gnu.org/software/libtool/manual/libtool.html#Versioning>
- # CURRENT:REVISION:AGE
- plugin_common_version = 3:0:0
-+crypto_compat_version = 0:0:0
- 
- AM_CPPFLAGS=-fPIC -I$(top_srcdir)/include -I$(top_builddir)/include
- 


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/, dev-libs/cyrus-sasl/files/
@ 2023-09-06 11:56 David Seifert
  0 siblings, 0 replies; 9+ messages in thread
From: David Seifert @ 2023-09-06 11:56 UTC (permalink / raw
  To: gentoo-commits

commit:     fb49d510b860364896096c1ae2ac7b4bfe236b60
Author:     David Seifert <soap <AT> gentoo <DOT> org>
AuthorDate: Wed Sep  6 11:55:55 2023 +0000
Commit:     David Seifert <soap <AT> gentoo <DOT> org>
CommitDate: Wed Sep  6 11:55:55 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fb49d510

dev-libs/cyrus-sasl: drop 2.1.28-r2, 2.1.28-r3

Signed-off-by: David Seifert <soap <AT> gentoo.org>

 dev-libs/cyrus-sasl/Manifest                       |   1 -
 dev-libs/cyrus-sasl/cyrus-sasl-2.1.28-r2.ebuild    | 221 ---------------------
 dev-libs/cyrus-sasl/cyrus-sasl-2.1.28-r3.ebuild    | 218 --------------------
 ...yrus-sasl-2.1.28-fix-configure-time-check.patch |  50 -----
 4 files changed, 490 deletions(-)

diff --git a/dev-libs/cyrus-sasl/Manifest b/dev-libs/cyrus-sasl/Manifest
index bfa6547d559e..e6f246ba2943 100644
--- a/dev-libs/cyrus-sasl/Manifest
+++ b/dev-libs/cyrus-sasl/Manifest
@@ -1,3 +1,2 @@
-DIST cyrus-sasl-2.1.27-r6-patches.tar.bz2 5169 BLAKE2B 43a2f0db4a8589ec1cde7807b31a93459eacb04d27ba36751a69dd5f4e669d1b28342194b0e1a5382e281a52a35e88168877b54065cfba01b9bd33e87fbd23f1 SHA512 41c4ca7c8f7b79e03faf5d826a6ff0ed398137239b93fb0046ccbf385f6ddeab2b9fb2f51d7a263dc74626e5fdbefb28615a1ee22aabe57ed57f10a52d382797
 DIST cyrus-sasl-2.1.28-r3-patches.tar.xz 4244 BLAKE2B 113da9bb58cce3643269fca88ea8d700aa20226d9536427c9068ef7b43499c2b78cbcb233d8db2418d84136c7edd629cc05f52b31cdfddfcb529f9a9fcb4effb SHA512 0cccbb27646dc118fbeea64b0cb688f312df97b31fced8c18d5230764cd5e2f0d48806bd2f5524aeddd02e8933cd835fb6f67dd3fbc1b0abfd1a3e1f0f53cf8a
 DIST cyrus-sasl-2.1.28.tar.gz 4034803 BLAKE2B 6cca8c26cebb9c2ee5d539c43797d30b6309a476ec4233225789978e1d7315c4ea5d2abbc7f5464be0f3c0de5fd9212706b43fbc92f40b76cd0b1013cc00f823 SHA512 db15af9079758a9f385457a79390c8a7cd7ea666573dace8bf4fb01bb4b49037538d67285727d6a70ad799d2e2318f265c9372e2427de9371d626a1959dd6f78

diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.28-r2.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.28-r2.ebuild
deleted file mode 100644
index 38733ce427bc..000000000000
--- a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.28-r2.ebuild
+++ /dev/null
@@ -1,221 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit autotools edos2unix flag-o-matic multilib multilib-minimal pam db-use systemd toolchain-funcs tmpfiles
-
-SASLAUTHD_CONF_VER="2.1.26"
-MY_PATCH_VER="${PN}-2.1.27-r6-patches"
-DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"
-HOMEPAGE="https://www.cyrusimap.org/sasl/"
-#SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"
-SRC_URI="https://github.com/cyrusimap/${PN}/releases/download/${P}/${P}.tar.gz"
-SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${MY_PATCH_VER}.tar.bz2"
-
-LICENSE="BSD-with-attribution"
-SLOT="2"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~mips ~ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris"
-IUSE="authdaemond berkdb gdbm kerberos ldapdb openldap mysql pam postgres sample selinux sqlite srp ssl static-libs urandom"
-REQUIRED_USE="ldapdb? ( openldap )"
-
-DEPEND="net-mail/mailbase
-	virtual/libcrypt:=
-	authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) )
-	berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )
-	gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] )
-	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
-	openldap? ( >=net-nds/openldap-2.4.38-r1:=[${MULTILIB_USEDEP}] )
-	mysql? ( dev-db/mysql-connector-c:0=[${MULTILIB_USEDEP}] )
-	pam? ( >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] )
-	postgres? ( dev-db/postgresql:* )
-	sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] )
-	ssl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )"
-RDEPEND="${DEPEND}
-	selinux? ( sec-policy/selinux-sasl )"
-
-MULTILIB_WRAPPED_HEADERS=(
-	/usr/include/sasl/md5global.h
-)
-
-PATCHES=(
-	"${WORKDIR}"/${MY_PATCH_VER}/cyrus-sasl-2.1.25-auxprop.patch
-	"${WORKDIR}"/${MY_PATCH_VER}/cyrus-sasl-2.1.27-avoid_pic_overwrite.patch
-	"${WORKDIR}"/${MY_PATCH_VER}/cyrus-sasl-2.1.27-gss_c_nt_hostbased_service.patch
-	"${FILESDIR}"/cyrus-sasl-2.1.28-fix-configure-time-check.patch
-)
-
-src_prepare() {
-	default
-
-	# Use plugindir for sasldir
-	# https://github.com/cyrusimap/cyrus-sasl/issues/339 (I think)
-	sed -i '/^sasldir =/s:=.*:= $(plugindir):' \
-		"${S}"/plugins/Makefile.{am,in} || die "sed failed"
-
-	# bug #486740 and bug #468556 (dropped AM_CONFIG_HEADER sed in 2.1.28)
-	sed -i -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' configure.ac || die
-
-	eautoreconf
-}
-
-src_configure() {
-	export CC_FOR_BUILD="$(tc-getBUILD_CC)"
-
-	append-flags -fno-strict-aliasing
-
-	if [[ ${CHOST} == *-solaris* ]] ; then
-		# getpassphrase is defined in /usr/include/stdlib.h
-		append-cppflags -DHAVE_GETPASSPHRASE
-	else
-		# this horrendously breaks things on Solaris
-		append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED
-		# replaces BSD_SOURCE (bug #579218)
-		append-cppflags -D_DEFAULT_SOURCE
-	fi
-
-	multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
-	local myeconfargs=(
-		--enable-login
-		--enable-ntlm
-		--enable-auth-sasldb
-		--disable-cmulocal
-		--disable-krb4
-		--disable-macos-framework
-		--enable-otp
-		--without-sqlite
-		--with-saslauthd="${EPREFIX}"/run/saslauthd
-		--with-pwcheck="${EPREFIX}"/run/saslauthd
-		--with-configdir="${EPREFIX}"/etc/sasl2
-		--with-plugindir="${EPREFIX}/usr/$(get_libdir)/sasl2"
-		--with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2
-		--with-sphinx-build=no
-		$(use_with ssl openssl)
-		$(use_with pam)
-		$(use_with openldap ldap)
-		$(use_enable ldapdb)
-		$(multilib_native_use_enable sample)
-		$(use_enable kerberos gssapi)
-		$(multilib_native_use_with mysql mysql "${EPREFIX}"/usr)
-		$(multilib_native_use_with postgres pgsql "${EPREFIX}/usr/$(get_libdir)/postgresql")
-		$(use_with sqlite sqlite3 "${EPREFIX}/usr/$(get_libdir)")
-		$(use_enable srp)
-		$(use_enable static-libs static)
-
-		# Add authdaemond support (bug #56523).
-		$(usex authdaemond --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket '')
-
-		# Fix for bug #59634.
-		$(usex ssl '' --without-des)
-
-		# Use /dev/urandom instead of /dev/random (bug #46038).
-		$(usex urandom --with-devrandom=/dev/urandom '')
-	)
-
-	if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then
-		myeconfargs+=( --enable-sql )
-	else
-		myeconfargs+=( --disable-sql )
-	fi
-
-	# Default to GDBM if both 'gdbm' and 'berkdb' are present.
-	if use gdbm ; then
-		einfo "Building with GNU DB as database backend for your SASLdb"
-		myeconfargs+=( --with-dblib=gdbm )
-	elif use berkdb ; then
-		einfo "Building with BerkeleyDB as database backend for your SASLdb"
-		myeconfargs+=(
-			--with-dblib=berkeley
-			--with-bdb-incdir="$(db_includedir)"
-		)
-	else
-		einfo "Building without SASLdb support"
-		myeconfargs+=( --with-dblib=none )
-	fi
-
-	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
-}
-
-multilib_src_install() {
-	default
-
-	if multilib_is_native_abi; then
-		if use sample ; then
-			docinto sample
-			dodoc "${S}"/sample/*.c
-			exeinto /usr/share/doc/${P}/sample
-			doexe sample/client sample/server
-		fi
-
-		dosbin saslauthd/testsaslauthd
-	fi
-}
-
-multilib_src_install_all() {
-	doman man/*
-
-	keepdir /etc/sasl2
-
-	# Reset docinto to default value (bug #674296)
-	docinto
-	dodoc AUTHORS ChangeLog doc/legacy/TODO
-	newdoc pwcheck/README README.pwcheck
-
-	newdoc docsrc/sasl/release-notes/$(ver_cut 1-2)/index.rst release-notes
-	edos2unix "${ED}"/usr/share/doc/${PF}/release-notes
-
-	docinto html
-	dodoc doc/html/*.html
-
-	if use pam; then
-		newpamd "${FILESDIR}"/saslauthd.pam-include saslauthd
-	fi
-
-	newinitd "${FILESDIR}"/pwcheck.rc6 pwcheck
-	systemd_dounit "${FILESDIR}"/pwcheck.service
-
-	newinitd "${FILESDIR}"/saslauthd2.rc7 saslauthd
-	newconfd "${FILESDIR}"/saslauthd-${SASLAUTHD_CONF_VER}.conf saslauthd
-	systemd_dounit "${FILESDIR}"/saslauthd.service
-	dotmpfiles "${FILESDIR}"/${PN}.conf
-
-	# The get_modname bit is important: do not remove the .la files on
-	# platforms where the lib isn't called .so for cyrus searches the .la to
-	# figure out what the name is supposed to be instead
-	if ! use static-libs && [[ $(get_modname) == .so ]] ; then
-		find "${ED}" -name "*.la" -delete || die
-	fi
-}
-
-pkg_postinst() {
-	tmpfiles_process ${PN}.conf
-
-	# Generate an empty sasldb2 with correct permissions.
-	if ( use berkdb || use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then
-		einfo "Generating an empty sasldb2 with correct permissions ..."
-
-		echo "p" | "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -p login \
-			|| die "Failed to generate sasldb2"
-
-		"${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -d login \
-			|| die "Failed to delete temp user"
-
-		chown root:mail "${EROOT}/etc/sasl2/sasldb2" \
-			|| die "Failed to chown ${EROOT}/etc/sasl2/sasldb2"
-		chmod 0640 "${EROOT}/etc/sasl2/sasldb2" \
-			|| die "Failed to chmod ${EROOT}/etc/sasl2/sasldb2"
-	fi
-
-	if use authdaemond ; then
-		elog "You need to add a user running a service using Courier's"
-		elog "authdaemon to the 'mail' group. For example, do:"
-		elog "	gpasswd -a postfix mail"
-		elog "to add the 'postfix' user to the 'mail' group."
-	fi
-
-	elog "pwcheck and saslauthd home directories have moved to:"
-	elog "  /run/saslauthd, using tmpfiles.d"
-}

diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.28-r3.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.28-r3.ebuild
deleted file mode 100644
index 2c1eac083d19..000000000000
--- a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.28-r3.ebuild
+++ /dev/null
@@ -1,218 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit autotools edos2unix flag-o-matic multilib multilib-minimal pam db-use systemd toolchain-funcs tmpfiles
-
-SASLAUTHD_CONF_VER="2.1.26"
-MY_PATCH_VER="${PN}-2.1.28-r3-patches"
-DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"
-HOMEPAGE="https://www.cyrusimap.org/sasl/"
-#SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"
-SRC_URI="https://github.com/cyrusimap/${PN}/releases/download/${P}/${P}.tar.gz"
-SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${MY_PATCH_VER}.tar.xz"
-
-LICENSE="BSD-with-attribution"
-SLOT="2"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris"
-IUSE="authdaemond berkdb gdbm kerberos ldapdb openldap mysql pam postgres sample selinux sqlite srp ssl static-libs urandom"
-REQUIRED_USE="ldapdb? ( openldap )"
-
-DEPEND="net-mail/mailbase
-	virtual/libcrypt:=
-	authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) )
-	berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )
-	gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] )
-	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
-	openldap? ( >=net-nds/openldap-2.4.38-r1:=[${MULTILIB_USEDEP}] )
-	mysql? ( dev-db/mysql-connector-c:0=[${MULTILIB_USEDEP}] )
-	pam? ( >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] )
-	postgres? ( dev-db/postgresql:* )
-	sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] )
-	ssl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )"
-RDEPEND="${DEPEND}
-	selinux? ( sec-policy/selinux-sasl )"
-
-MULTILIB_WRAPPED_HEADERS=(
-	/usr/include/sasl/md5global.h
-)
-
-PATCHES=(
-	"${WORKDIR}"/${MY_PATCH_VER}/
-)
-
-src_prepare() {
-	default
-
-	# Use plugindir for sasldir
-	# https://github.com/cyrusimap/cyrus-sasl/issues/339 (I think)
-	sed -i '/^sasldir =/s:=.*:= $(plugindir):' \
-		"${S}"/plugins/Makefile.{am,in} || die "sed failed"
-
-	# bug #486740 and bug #468556 (dropped AM_CONFIG_HEADER sed in 2.1.28)
-	sed -i -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' configure.ac || die
-
-	eautoreconf
-}
-
-src_configure() {
-	export CC_FOR_BUILD="$(tc-getBUILD_CC)"
-
-	append-flags -fno-strict-aliasing
-
-	if [[ ${CHOST} == *-solaris* ]] ; then
-		# getpassphrase is defined in /usr/include/stdlib.h
-		append-cppflags -DHAVE_GETPASSPHRASE
-	else
-		# this horrendously breaks things on Solaris
-		append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED
-		# replaces BSD_SOURCE (bug #579218)
-		append-cppflags -D_DEFAULT_SOURCE
-	fi
-
-	multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
-	local myeconfargs=(
-		--enable-login
-		--enable-ntlm
-		--enable-auth-sasldb
-		--disable-cmulocal
-		--disable-krb4
-		--disable-macos-framework
-		--enable-otp
-		--without-sqlite
-		--with-saslauthd="${EPREFIX}"/run/saslauthd
-		--with-pwcheck="${EPREFIX}"/run/saslauthd
-		--with-configdir="${EPREFIX}"/etc/sasl2
-		--with-plugindir="${EPREFIX}/usr/$(get_libdir)/sasl2"
-		--with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2
-		--with-sphinx-build=no
-		$(use_with ssl openssl)
-		$(use_with pam)
-		$(use_with openldap ldap)
-		$(use_enable ldapdb)
-		$(multilib_native_use_enable sample)
-		$(use_enable kerberos gssapi)
-		$(multilib_native_use_with mysql mysql "${EPREFIX}"/usr)
-		$(multilib_native_use_with postgres pgsql "${EPREFIX}/usr/$(get_libdir)/postgresql")
-		$(use_with sqlite sqlite3 "${EPREFIX}/usr/$(get_libdir)")
-		$(use_enable srp)
-		$(use_enable static-libs static)
-
-		# Add authdaemond support (bug #56523).
-		$(usex authdaemond --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket '')
-
-		# Fix for bug #59634.
-		$(usex ssl '' --without-des)
-
-		# Use /dev/urandom instead of /dev/random (bug #46038).
-		$(usex urandom --with-devrandom=/dev/urandom '')
-	)
-
-	if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then
-		myeconfargs+=( --enable-sql )
-	else
-		myeconfargs+=( --disable-sql )
-	fi
-
-	# Default to GDBM if both 'gdbm' and 'berkdb' are present.
-	if use gdbm ; then
-		einfo "Building with GNU DB as database backend for your SASLdb"
-		myeconfargs+=( --with-dblib=gdbm )
-	elif use berkdb ; then
-		einfo "Building with BerkeleyDB as database backend for your SASLdb"
-		myeconfargs+=(
-			--with-dblib=berkeley
-			--with-bdb-incdir="$(db_includedir)"
-		)
-	else
-		einfo "Building without SASLdb support"
-		myeconfargs+=( --with-dblib=none )
-	fi
-
-	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
-}
-
-multilib_src_install() {
-	default
-
-	if multilib_is_native_abi; then
-		if use sample ; then
-			docinto sample
-			dodoc "${S}"/sample/*.c
-			exeinto /usr/share/doc/${P}/sample
-			doexe sample/client sample/server
-		fi
-
-		dosbin saslauthd/testsaslauthd
-	fi
-}
-
-multilib_src_install_all() {
-	doman man/*
-
-	keepdir /etc/sasl2
-
-	# Reset docinto to default value (bug #674296)
-	docinto
-	dodoc AUTHORS ChangeLog doc/legacy/TODO
-	newdoc pwcheck/README README.pwcheck
-
-	newdoc docsrc/sasl/release-notes/$(ver_cut 1-2)/index.rst release-notes
-	edos2unix "${ED}"/usr/share/doc/${PF}/release-notes
-
-	docinto html
-	dodoc doc/html/*.html
-
-	if use pam; then
-		newpamd "${FILESDIR}"/saslauthd.pam-include saslauthd
-	fi
-
-	newinitd "${FILESDIR}"/pwcheck.rc6 pwcheck
-	systemd_dounit "${FILESDIR}"/pwcheck.service
-
-	newinitd "${FILESDIR}"/saslauthd2.rc7 saslauthd
-	newconfd "${FILESDIR}"/saslauthd-${SASLAUTHD_CONF_VER}.conf saslauthd
-	systemd_dounit "${FILESDIR}"/saslauthd.service
-	dotmpfiles "${FILESDIR}"/${PN}.conf
-
-	# The get_modname bit is important: do not remove the .la files on
-	# platforms where the lib isn't called .so for cyrus searches the .la to
-	# figure out what the name is supposed to be instead
-	if ! use static-libs && [[ $(get_modname) == .so ]] ; then
-		find "${ED}" -name "*.la" -delete || die
-	fi
-}
-
-pkg_postinst() {
-	tmpfiles_process ${PN}.conf
-
-	# Generate an empty sasldb2 with correct permissions.
-	if ( use berkdb || use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then
-		einfo "Generating an empty sasldb2 with correct permissions ..."
-
-		echo "p" | "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -p login \
-			|| die "Failed to generate sasldb2"
-
-		"${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -d login \
-			|| die "Failed to delete temp user"
-
-		chown root:mail "${EROOT}/etc/sasl2/sasldb2" \
-			|| die "Failed to chown ${EROOT}/etc/sasl2/sasldb2"
-		chmod 0640 "${EROOT}/etc/sasl2/sasldb2" \
-			|| die "Failed to chmod ${EROOT}/etc/sasl2/sasldb2"
-	fi
-
-	if use authdaemond ; then
-		elog "You need to add a user running a service using Courier's"
-		elog "authdaemon to the 'mail' group. For example, do:"
-		elog "	gpasswd -a postfix mail"
-		elog "to add the 'postfix' user to the 'mail' group."
-	fi
-
-	elog "pwcheck and saslauthd home directories have moved to:"
-	elog "  /run/saslauthd, using tmpfiles.d"
-}

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.28-fix-configure-time-check.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.28-fix-configure-time-check.patch
deleted file mode 100644
index 873dac53fe03..000000000000
--- a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.28-fix-configure-time-check.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-https://github.com/cyrusimap/cyrus-sasl/pull/709
-
-From 399625c3413c313e93432d0f5907350722b861c7 Mon Sep 17 00:00:00 2001
-From: Sam James <sam@gentoo.org>
-Date: Wed, 23 Feb 2022 00:45:15 +0000
-Subject: [PATCH] Fix <time.h> check
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-We're conditionally including based on HAVE_TIME_H in a bunch of places,
-but we're not actually checking for time.h, so that's never going to be defined.
-
-While at it, add in a missing include in the cram plugin.
-
-This fixes a bunch of implicit declaration warnings:
-```
- * cyrus-sasl-2.1.28/lib/saslutil.c:280:3: warning: implicit declaration of function ‘time’ [-Wimplicit-function-declaration]
- * cyrus-sasl-2.1.28/lib/saslutil.c:364:41: warning: implicit declaration of function ‘clock’ [-Wimplicit-function-declaration]
- * cyrus-sasl-2.1.28/plugins/cram.c:132:7: warning: implicit declaration of function ‘time’ [-Wimplicit-function-declaration]
- * cyrus-sasl-2.1.28/lib/saslutil.c:280:3: warning: implicit declaration of function ‘time’ [-Wimplicit-function-declaration]
- * cyrus-sasl-2.1.28/lib/saslutil.c:364:41: warning: implicit declaration of function ‘clock’ [-Wimplicit-function-declaration]
- * cyrus-sasl-2.1.28/plugins/cram.c:132:7: warning: implicit declaration of function ‘time’ [-Wimplicit-function-declaration]
-```
-
-Signed-off-by: Sam James <sam@gentoo.org>
---- a/configure.ac
-+++ b/configure.ac
-@@ -1290,7 +1290,7 @@ AC_CHECK_HEADERS_ONCE([sys/time.h])
- 
- AC_HEADER_DIRENT
- AC_HEADER_SYS_WAIT
--AC_CHECK_HEADERS(crypt.h des.h dlfcn.h fcntl.h limits.h malloc.h paths.h strings.h sys/file.h sys/time.h syslog.h unistd.h inttypes.h sys/uio.h sys/param.h sysexits.h stdarg.h varargs.h krb5.h)
-+AC_CHECK_HEADERS(crypt.h des.h dlfcn.h fcntl.h limits.h malloc.h paths.h strings.h sys/file.h sys/time.h syslog.h time.h unistd.h inttypes.h sys/uio.h sys/param.h sysexits.h stdarg.h varargs.h krb5.h)
- 
- IPv6_CHECK_SS_FAMILY()
- IPv6_CHECK_SA_LEN()
---- a/plugins/cram.c
-+++ b/plugins/cram.c
-@@ -53,6 +53,10 @@
- #endif
- #include <fcntl.h>
- 
-+#ifdef HAVE_TIME_H
-+#include <time.h>
-+#endif
-+
- #include <sasl.h>
- #include <saslplug.h>
- #include <saslutil.h>


^ permalink raw reply related	[flat|nested] 9+ messages in thread

end of thread, other threads:[~2023-09-06 11:56 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-11-22  9:57 [gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/, dev-libs/cyrus-sasl/files/ Sam James
  -- strict thread matches above, loose matches on Subject: below --
2023-09-06 11:56 David Seifert
2022-02-23  2:19 Sam James
2022-02-23  0:54 Sam James
2021-11-22  9:52 Sam James
2021-03-16 22:14 Sam James
2019-12-23 21:41 Thomas Deutschmann
2019-01-01 16:05 Lars Wendler
2018-10-24 12:30 Lars Wendler

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox