wok-next view cyrus-sasl/stuff/patches/cyrus-sasl-2.1.26-fixes-3.patch @ rev 20791
Up gnome-games, and add/update all the required dependencies
| author | Aleksej Bobylev <al.bobylev@gmail.com> |
|---|---|
| date | Sun Jun 10 01:56:40 2018 +0300 (2018-06-10) |
| parents | |
| children |
line source
1 Submitted By: Armin K. <krejzi at email dot com>
2 Date: 2014-08-24
3 Initial Package Version: 2.1.26
4 Upstream Status: Unknown
5 Origin: Debian and Gentoo
6 Description: Various package fixes, including autotools fixes, plugin fixes, security fixes, parallel build fixes, etc.
8 --- a/cmulocal/sasl2.m4 2012-11-06 20:14:29.000000000 +0100
9 +++ b/cmulocal/sasl2.m4 2014-08-24 00:06:33.965346597 +0200
10 @@ -112,9 +112,6 @@
11 fi
13 if test "$gss_impl" = "auto" -o "$gss_impl" = "mit"; then
14 - # check for libkrb5support first
15 - AC_CHECK_LIB(krb5support,krb5int_getspecific,K5SUP=-lkrb5support K5SUPSTATIC=$gssapi_dir/libkrb5support.a,,${LIB_SOCKET})
16 -
17 gss_failed=0
18 AC_CHECK_LIB(gssapi_krb5,gss_unwrap,gss_impl="mit",gss_failed=1,
19 ${GSSAPIBASE_LIBS} -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err ${K5SUP} ${LIB_SOCKET})
20 @@ -269,6 +266,7 @@
21 cmu_save_LIBS="$LIBS"
22 LIBS="$LIBS $GSSAPIBASE_LIBS"
23 AC_CHECK_FUNCS(gsskrb5_register_acceptor_identity)
24 + AC_CHECK_FUNCS(krb5_gss_register_acceptor_identity)
25 AC_CHECK_FUNCS(gss_decapsulate_token)
26 AC_CHECK_FUNCS(gss_encapsulate_token)
27 AC_CHECK_FUNCS(gss_oid_equal)
28 --- a/config/kerberos_v4.m4 2012-01-28 00:31:36.000000000 +0100
29 +++ b/config/kerberos_v4.m4 2014-08-24 00:06:33.968346643 +0200
30 @@ -89,18 +89,18 @@
31 dnl if we were ambitious, we would look more aggressively for the
32 dnl krb4 install
33 if test -d ${krb4}; then
34 - AC_CACHE_CHECK(for Kerberos includes, cyrus_krbinclude, [
35 + AC_CACHE_CHECK(for Kerberos includes, cyrus_cv_krbinclude, [
36 for krbhloc in include/kerberosIV include/kerberos include
37 do
38 if test -f ${krb4}/${krbhloc}/krb.h ; then
39 - cyrus_krbinclude=${krb4}/${krbhloc}
40 + cyrus_cv_krbinclude=${krb4}/${krbhloc}
41 break
42 fi
43 done
44 ])
46 - if test -n "${cyrus_krbinclude}"; then
47 - CPPFLAGS="$CPPFLAGS -I${cyrus_krbinclude}"
48 + if test -n "${cyrus_cv_krbinclude}"; then
49 + CPPFLAGS="$CPPFLAGS -I${cyrus_cv_krbinclude}"
50 fi
51 LDFLAGS="$LDFLAGS -L$krb4/lib"
52 fi
53 --- a/config.h.in 2012-11-06 20:20:59.000000000 +0100
54 +++ b/config.h.in 2014-08-24 00:06:33.969346659 +0200
55 @@ -126,6 +126,10 @@
56 */
57 #undef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
59 +/* Define to 1 if you have the `krb5_gss_register_acceptor_identity' function.
60 + */
61 +#undef HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY
62 +
63 /* Define if your GSSAPI implementation defines GSS_C_NT_HOSTBASED_SERVICE */
64 #undef HAVE_GSS_C_NT_HOSTBASED_SERVICE
66 --- a/configure.in 2012-10-12 16:05:48.000000000 +0200
67 +++ b/configure.in 2014-08-24 00:06:46.492540015 +0200
68 @@ -44,6 +44,8 @@
69 AC_INIT(lib/saslint.h)
70 AC_PREREQ([2.54])
72 +AC_CONFIG_MACRO_DIR([cmulocal], [config])
73 +
74 dnl use ./config.cache as the default cache file.
75 dnl we require a cache file to successfully configure our build.
76 if test $cache_file = "/dev/null"; then
77 @@ -62,9 +64,6 @@
78 AM_INIT_AUTOMAKE(cyrus-sasl, 2.1.26)
79 CMU_INIT_AUTOMAKE
81 -# and include our config dir scripts
82 -ACLOCAL="$ACLOCAL -I \$(top_srcdir)/config"
83 -
84 DIRS=""
86 AC_ARG_ENABLE(cmulocal,
87 @@ -861,9 +860,9 @@
88 notfound) AC_WARN([SQLite Library not found]); true;;
89 *)
90 if test -d ${with_sqlite}/lib; then
91 - LIB_SQLITE="-L${with_sqlite}/lib -R${with_sqlite}/lib"
92 + LIB_SQLITE="-L${with_sqlite}/lib"
93 else
94 - LIB_SQLITE="-L${with_sqlite} -R${with_sqlite}"
95 + LIB_SQLITE="-L${with_sqlite}"
96 fi
98 LIB_SQLITE_DIR=$LIB_SQLITE
99 @@ -913,9 +912,9 @@
100 notfound) AC_WARN([SQLite3 Library not found]); true;;
101 *)
102 if test -d ${with_sqlite3}/lib; then
103 - LIB_SQLITE3="-L${with_sqlite3}/lib -R${with_sqlite3}/lib"
104 + LIB_SQLITE3="-L${with_sqlite3}/lib"
105 else
106 - LIB_SQLITE3="-L${with_sqlite3} -R${with_sqlite3}"
107 + LIB_SQLITE3="-L${with_sqlite3}"
108 fi
110 LIB_SQLITE3_DIR=$LIB_SQLITE3
111 @@ -1412,10 +1411,9 @@
112 #endif /* CONFIG_H */
113 ])
115 -AM_CONFIG_HEADER(config.h)
116 +AC_CONFIG_HEADERS(config.h)
118 AC_OUTPUT(Makefile
119 -libsasl2.pc
120 include/Makefile
121 sasldb/Makefile
122 plugins/Makefile
123 --- a/include/sasl.h 2012-10-12 16:05:48.000000000 +0200
124 +++ b/include/sasl.h 2014-08-24 00:06:33.970346674 +0200
125 @@ -223,6 +223,8 @@
126 * they must be called before all other SASL functions:
127 */
129 +#include <sys/types.h>
130 +
131 /* memory allocation functions which may optionally be replaced:
132 */
133 typedef void *sasl_malloc_t(size_t);
134 --- a/java/CyrusSasl/Makefile.am 2012-01-28 00:31:36.000000000 +0100
135 +++ b/java/CyrusSasl/Makefile.am 2014-08-24 00:06:33.970346674 +0200
136 @@ -28,7 +28,7 @@
137 javasasldir = $(prefix)/lib/java/classes/sasl/CyrusSasl
138 javahtmldir = $(prefix)/html/sasl
140 -INCLUDES=-I$(top_srcdir)/include $(JAVA_INCLUDES)
141 +AM_CPPFLAGS=-I$(top_srcdir)/include $(JAVA_INCLUDES)
143 javasasl_JAVA = Sasl.java GenericClient.java \
144 ClientFactory.java \
145 --- a/lib/auxprop.c 2012-01-28 00:31:36.000000000 +0100
146 +++ b/lib/auxprop.c 2014-08-24 00:06:33.971346690 +0200
147 @@ -43,6 +43,7 @@
148 */
150 #include <config.h>
151 +#include <stdio.h>
152 #include <sasl.h>
153 #include <prop.h>
154 #include <ctype.h>
155 @@ -970,6 +971,10 @@
156 }
158 if(!found) {
159 + /* compatibility with <= 2.1.23, ignore the lack of auxrop plugin */
160 + if (!plist)
161 + result = SASL_OK;
162 + else
163 _sasl_log(sparams->utils->conn, SASL_LOG_DEBUG,
164 "could not find auxprop plugin, was searching for '%s'",
165 plist ? plist : "[all]");
166 --- a/lib/dlopen.c 2012-01-28 00:31:36.000000000 +0100
167 +++ b/lib/dlopen.c 2014-08-24 00:06:33.971346690 +0200
168 @@ -247,105 +247,6 @@
169 return result;
170 }
172 -/* this returns the file to actually open.
173 - * out should be a buffer of size PATH_MAX
174 - * and may be the same as in. */
175 -
176 -/* We'll use a static buffer for speed unless someone complains */
177 -#define MAX_LINE 2048
178 -
179 -static int _parse_la(const char *prefix, const char *in, char *out)
180 -{
181 - FILE *file;
182 - size_t length;
183 - char line[MAX_LINE];
184 - char *ntmp = NULL;
185 -
186 - if(!in || !out || !prefix || out == in) return SASL_BADPARAM;
187 -
188 - /* Set this so we can detect failure */
189 - *out = '\0';
190 -
191 - length = strlen(in);
192 -
193 - if (strcmp(in + (length - strlen(LA_SUFFIX)), LA_SUFFIX)) {
194 - if(!strcmp(in + (length - strlen(SO_SUFFIX)),SO_SUFFIX)) {
195 - /* check for a .la file */
196 - strcpy(line, prefix);
197 - strcat(line, in);
198 - length = strlen(line);
199 - *(line + (length - strlen(SO_SUFFIX))) = '\0';
200 - strcat(line, LA_SUFFIX);
201 - file = fopen(line, "r");
202 - if(file) {
203 - /* We'll get it on the .la open */
204 - fclose(file);
205 - return SASL_FAIL;
206 - }
207 - }
208 - strcpy(out, prefix);
209 - strcat(out, in);
210 - return SASL_OK;
211 - }
212 -
213 - strcpy(line, prefix);
214 - strcat(line, in);
215 -
216 - file = fopen(line, "r");
217 - if(!file) {
218 - _sasl_log(NULL, SASL_LOG_WARN,
219 - "unable to open LA file: %s", line);
220 - return SASL_FAIL;
221 - }
222 -
223 - while(!feof(file)) {
224 - if(!fgets(line, MAX_LINE, file)) break;
225 - if(line[strlen(line) - 1] != '\n') {
226 - _sasl_log(NULL, SASL_LOG_WARN,
227 - "LA file has too long of a line: %s", in);
228 - return SASL_BUFOVER;
229 - }
230 - if(line[0] == '\n' || line[0] == '#') continue;
231 - if(!strncmp(line, "dlname=", sizeof("dlname=") - 1)) {
232 - /* We found the line with the name in it */
233 - char *end;
234 - char *start;
235 - size_t len;
236 - end = strrchr(line, '\'');
237 - if(!end) continue;
238 - start = &line[sizeof("dlname=")-1];
239 - len = strlen(start);
240 - if(len > 3 && start[0] == '\'') {
241 - ntmp=&start[1];
242 - *end='\0';
243 - /* Do we have dlname="" ? */
244 - if(ntmp == end) {
245 - _sasl_log(NULL, SASL_LOG_DEBUG,
246 - "dlname is empty in .la file: %s", in);
247 - return SASL_FAIL;
248 - }
249 - strcpy(out, prefix);
250 - strcat(out, ntmp);
251 - }
252 - break;
253 - }
254 - }
255 - if(ferror(file) || feof(file)) {
256 - _sasl_log(NULL, SASL_LOG_WARN,
257 - "Error reading .la: %s\n", in);
258 - fclose(file);
259 - return SASL_FAIL;
260 - }
261 - fclose(file);
262 -
263 - if(!(*out)) {
264 - _sasl_log(NULL, SASL_LOG_WARN,
265 - "Could not find a dlname line in .la file: %s", in);
266 - return SASL_FAIL;
267 - }
268 -
269 - return SASL_OK;
270 -}
271 #endif /* DO_DLOPEN */
273 /* loads a plugin library */
274 @@ -499,18 +400,18 @@
275 if (length + pos>=PATH_MAX) continue; /* too big */
277 if (strcmp(dir->d_name + (length - strlen(SO_SUFFIX)),
278 - SO_SUFFIX)
279 - && strcmp(dir->d_name + (length - strlen(LA_SUFFIX)),
280 - LA_SUFFIX))
281 + SO_SUFFIX))
282 continue;
284 + /* We only use .so files for loading plugins */
285 +
286 memcpy(name,dir->d_name,length);
287 name[length]='\0';
289 - result = _parse_la(prefix, name, tmp);
290 - if(result != SASL_OK)
291 - continue;
292 -
293 + /* Create full name with path */
294 + strncpy(tmp, prefix, PATH_MAX);
295 + strncat(tmp, name, PATH_MAX);
296 +
297 /* skip "lib" and cut off suffix --
298 this only need be approximate */
299 strcpy(plugname, name + 3);
300 --- a/lib/Makefile.am 2012-10-12 16:05:48.000000000 +0200
301 +++ b/lib/Makefile.am 2014-08-24 00:06:33.971346690 +0200
302 @@ -45,7 +45,7 @@
303 # CURRENT:REVISION:AGE
304 sasl_version = 3:0:0
306 -INCLUDES=-DLIBSASL_EXPORTS=1 -I$(top_srcdir)/include -I$(top_srcdir)/plugins -I$(top_builddir)/include -I$(top_srcdir)/sasldb
307 +AM_CPPFLAGS=-DLIBSASL_EXPORTS=1 -I$(top_srcdir)/include -I$(top_srcdir)/plugins -I$(top_builddir)/include -I$(top_srcdir)/sasldb
309 EXTRA_DIST = windlopen.c staticopen.h NTMakefile
310 EXTRA_LIBRARIES = libsasl2.a
311 @@ -64,8 +64,8 @@
312 lib_LTLIBRARIES = libsasl2.la
314 libsasl2_la_SOURCES = $(common_sources) $(common_headers)
315 -libsasl2_la_LDFLAGS = -version-info $(sasl_version)
316 -libsasl2_la_DEPENDENCIES = $(LTLIBOBJS)
317 +libsasl2_la_LDFLAGS = -version-info $(sasl_version) -Wl,--version-script=$(top_srcdir)/Versions
318 +libsasl2_la_DEPENDENCIES = $(LTLIBOBJS) $(top_srcdir)/Versions
319 libsasl2_la_LIBADD = $(LTLIBOBJS) $(SASL_DL_LIB) $(LIB_SOCKET) $(LIB_DOOR)
321 if MACOSX
322 @@ -80,7 +80,7 @@
324 libsasl2.a: libsasl2.la $(SASL_STATIC_OBJS)
325 @echo adding static plugins and dependencies
326 - $(AR) cru .libs/$@ $(SASL_STATIC_OBJS)
327 + $(AR) cru $@ $(SASL_STATIC_OBJS)
328 @for i in ./libsasl2.la ../sasldb/libsasldb.la ../plugins/lib*.la; do \
329 if test ! -f $$i; then continue; fi; . $$i; \
330 for j in $$dependency_libs foo; do \
331 --- a/Makefile.am 2012-10-12 16:05:48.000000000 +0200
332 +++ b/Makefile.am 2014-08-24 00:06:46.492540015 +0200
333 @@ -43,6 +43,14 @@
334 #
335 ################################################################
337 +do_subst = sed -e 's,[@]LIB_DOOR[@],$(LIB_DOOR),g' \
338 + -e 's,[@]SASL_DL_LIB[@],$(SASL_DL_LIB),g' \
339 + -e 's,[@]LIBS[@],$(LIBS),g' \
340 + -e 's,[@]VERSION[@],$(VERSION),g' \
341 + -e 's,[@]libdir[@],$(libdir),g'
342 +
343 +ACLOCAL_AMFLAGS = -I cmulocal -I config
344 +
345 if SASLAUTHD
346 SAD = saslauthd
347 else
348 @@ -76,6 +84,10 @@
349 pkgconfigdir = $(libdir)/pkgconfig
350 pkgconfig_DATA = libsasl2.pc
352 +libsasl2.pc: $(srcdir)/libsasl2.pc.in Makefile
353 + rm -f $@
354 + $(do_subst) < $(srcdir)/libsasl2.pc.in > $@
355 +
356 dist-hook:
357 @find $(distdir) -exec chmod o+w {} ';'
358 @find $(distdir) -name CVS -print | xargs -t rm -rf
359 --- a/plugins/gssapi.c 2012-01-28 00:31:36.000000000 +0100
360 +++ b/plugins/gssapi.c 2014-08-24 00:06:33.972346705 +0200
361 @@ -50,6 +50,9 @@
362 #else
363 #include <gssapi/gssapi.h>
364 #endif
365 +#ifdef HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY
366 +#include <gssapi/gssapi_krb5.h>
367 +#endif
369 #ifdef WIN32
370 # include <winsock2.h>
371 @@ -1367,7 +1370,7 @@
372 };
374 int gssapiv2_server_plug_init(
375 -#ifndef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
376 +#if !defined(HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY) && !defined(HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY)
377 const sasl_utils_t *utils __attribute__((unused)),
378 #else
379 const sasl_utils_t *utils,
380 @@ -1377,7 +1380,7 @@
381 sasl_server_plug_t **pluglist,
382 int *plugcount)
383 {
384 -#ifdef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
385 +#if defined(HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY) || defined(HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY)
386 const char *keytab = NULL;
387 char keytab_path[1024];
388 unsigned int rl;
389 @@ -1387,7 +1390,7 @@
390 return SASL_BADVERS;
391 }
393 -#ifdef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
394 +#if defined(HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY) || defined(HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY)
395 /* unfortunately, we don't check for readability of keytab if it's
396 the standard one, since we don't know where it is */
398 @@ -1410,7 +1413,12 @@
400 strncpy(keytab_path, keytab, 1024);
402 +#ifdef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
403 gsskrb5_register_acceptor_identity(keytab_path);
404 +#endif
405 +#ifdef HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY
406 + krb5_gss_register_acceptor_identity(keytab_path);
407 +#endif
408 }
409 #endif
411 --- a/plugins/ldapdb.c 2012-01-28 00:31:36.000000000 +0100
412 +++ b/plugins/ldapdb.c 2014-08-24 00:06:33.972346705 +0200
413 @@ -251,6 +251,8 @@
415 #if defined(LDAP_PROXY_AUTHZ_FAILURE)
416 case LDAP_PROXY_AUTHZ_FAILURE:
417 +#elif defined(LDAP_X_PROXY_AUTHZ_FAILURE)
418 + case LDAP_X_PROXY_AUTHZ_FAILURE:
419 #endif
420 case LDAP_INAPPROPRIATE_AUTH:
421 case LDAP_INVALID_CREDENTIALS:
422 @@ -404,6 +406,7 @@
423 if ( len > out_max )
424 len = out_max;
425 memcpy(out, bvals[0]->bv_val, len);
426 + out[len] = '\0';
427 *out_ulen = len;
428 ber_bvecfree(bvals);
429 }
430 --- a/plugins/Makefile.am 2012-10-12 16:05:48.000000000 +0200
431 +++ b/plugins/Makefile.am 2014-08-24 00:06:33.973346721 +0200
432 @@ -49,7 +49,7 @@
433 # CURRENT:REVISION:AGE
434 plugin_version = 3:0:0
436 -INCLUDES=-I$(top_srcdir)/include -I$(top_srcdir)/lib -I$(top_srcdir)/sasldb -I$(top_builddir)/include
437 +AM_CPPFLAGS=-I$(top_srcdir)/include -I$(top_srcdir)/lib -I$(top_srcdir)/sasldb -I$(top_builddir)/include
438 AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir) -version-info $(plugin_version)
440 COMPAT_OBJS = @LTGETADDRINFOOBJS@ @LTGETNAMEINFOOBJS@ @LTSNPRINTFOBJS@
441 --- a/pwcheck/Makefile.am 2012-01-28 00:31:36.000000000 +0100
442 +++ b/pwcheck/Makefile.am 2014-08-24 00:06:33.973346721 +0200
443 @@ -24,7 +24,7 @@
445 sbin_PROGRAMS = pwcheck
447 -INCLUDES = -I../include -I../lib
448 +AM_CPPFLAGS = -I../include -I../lib
450 pwcheck_SOURCES = pwcheck.c
451 EXTRA_pwcheck_SOURCES = pwcheck_getpwnam.c pwcheck_getspnam.c
452 --- a/pwcheck/pwcheck_getpwnam.c 2012-01-28 00:31:36.000000000 +0100
453 +++ b/pwcheck/pwcheck_getpwnam.c 2014-08-24 00:06:33.973346721 +0200
454 @@ -32,6 +32,7 @@
455 char *password;
456 {
457 char* r;
458 + char* crpt_passwd;
459 struct passwd *pwd;
461 pwd = getpwnam(userid);
462 @@ -41,7 +42,7 @@
463 else if (pwd->pw_passwd[0] == '*') {
464 r = "Account disabled";
465 }
466 - else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) {
467 + else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) {
468 r = "Incorrect password";
469 }
470 else {
471 --- a/pwcheck/pwcheck_getspnam.c 2012-01-28 00:31:36.000000000 +0100
472 +++ b/pwcheck/pwcheck_getspnam.c 2014-08-24 00:06:33.973346721 +0200
473 @@ -24,6 +24,7 @@
474 ******************************************************************/
476 #include <shadow.h>
477 +#include <string.h>
479 extern char *crypt();
481 @@ -32,13 +33,15 @@
482 char *password;
483 {
484 struct spwd *pwd;
485 + char *crpt_passwd;
487 pwd = getspnam(userid);
488 if (!pwd) {
489 return "Userid not found";
490 }
492 - if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) {
493 + crpt_passwd = crypt(password, pwd->sp_pwdp);
494 + if (!crpt_passwd || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) {
495 return "Incorrect password";
496 }
497 else {
498 --- a/sample/Makefile.am 2012-10-16 15:07:55.000000000 +0200
499 +++ b/sample/Makefile.am 2014-08-24 00:06:33.973346721 +0200
500 @@ -42,7 +42,7 @@
501 #
502 ################################################################
504 -INCLUDES=-I$(top_srcdir)/include
505 +AM_CPPFLAGS=-I$(top_srcdir)/include
507 noinst_PROGRAMS = client server
508 EXTRA_PROGRAMS = sample-client sample-server
509 --- a/saslauthd/auth_getpwent.c 2012-10-12 16:05:48.000000000 +0200
510 +++ b/saslauthd/auth_getpwent.c 2014-08-24 00:06:33.974346736 +0200
511 @@ -77,6 +77,7 @@
512 {
513 /* VARIABLES */
514 struct passwd *pw; /* pointer to passwd file entry */
515 + char *crpt_passwd; /* encrypted password */
516 int errnum;
517 /* END VARIABLES */
519 @@ -105,7 +106,8 @@
520 }
521 }
523 - if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) {
524 + crpt_passwd = crypt(password, pw->pw_passwd);
525 + if (!crpt_passwd || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) {
526 if (flags & VERBOSE) {
527 syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login);
528 }
529 --- a/saslauthd/auth_rimap.c 2012-10-12 16:05:48.000000000 +0200
530 +++ b/saslauthd/auth_rimap.c 2014-08-24 00:06:33.974346736 +0200
531 @@ -90,6 +90,7 @@
532 service we connect to. */
533 #define TAG "saslauthd" /* IMAP command tag */
534 #define LOGIN_CMD (TAG " LOGIN ") /* IMAP login command (with tag) */
535 +#define LOGOUT_CMD (TAG " LOGOUT ") /* IMAP logout command (with tag)*/
536 #define NETWORK_IO_TIMEOUT 30 /* network I/O timeout (seconds) */
537 #define RESP_LEN 1000 /* size of read response buffer */
539 @@ -307,10 +308,12 @@
540 int s=-1; /* socket to remote auth host */
541 struct addrinfo *r; /* remote socket address info */
542 struct iovec iov[5]; /* for sending LOGIN command */
543 + struct iovec iov2[1]; /* for sending LOGOUT command */
544 char *qlogin; /* pointer to "quoted" login */
545 char *qpass; /* pointer to "quoted" password */
546 char *c; /* scratch pointer */
547 int rc; /* return code scratch area */
548 + int rcl; /* return code scratch area */
549 char rbuf[RESP_LEN]; /* response read buffer */
550 char hbuf[NI_MAXHOST], pbuf[NI_MAXSERV];
551 int saved_errno;
552 @@ -505,6 +508,24 @@
553 }
554 }
555 }
556 +
557 + /* close remote imap */
558 + iov2[0].iov_base = LOGOUT_CMD;
559 + iov2[0].iov_len = sizeof(LOGOUT_CMD) - 1;
560 + iov2[1].iov_base = "\r\n";
561 + iov2[1].iov_len = sizeof("\r\n") - 1;
562 +
563 + if (flags & VERBOSE) {
564 + syslog(LOG_DEBUG, "auth_rimap: sending %s%s %s",
565 + LOGOUT_CMD, qlogin, qpass);
566 + }
567 + alarm(NETWORK_IO_TIMEOUT);
568 + rcl = retry_writev(s, iov2, 2);
569 + alarm(0);
570 + if (rcl == -1) {
571 + syslog(LOG_WARNING, "auth_rimap: writev logout: %m");
572 + }
573 +
574 (void) close(s); /* we're done with the remote */
575 if (rc == -1) {
576 syslog(LOG_WARNING, "auth_rimap: read (response): %m");
577 --- a/saslauthd/auth_shadow.c 2012-10-12 16:05:48.000000000 +0200
578 +++ b/saslauthd/auth_shadow.c 2014-08-24 00:06:33.974346736 +0200
579 @@ -210,8 +210,8 @@
580 RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)");
581 }
583 - cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
584 - if (strcmp(sp->sp_pwdp, cpw)) {
585 + cpw = crypt(password, sp->sp_pwdp);
586 + if (!cpw || strcmp(sp->sp_pwdp, (const char *)cpw)) {
587 if (flags & VERBOSE) {
588 /*
589 * This _should_ reveal the SHADOW_PW_LOCKED prefix to an
590 @@ -221,10 +221,8 @@
591 syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'",
592 sp->sp_pwdp, cpw);
593 }
594 - free(cpw);
595 RETURN("NO Incorrect password");
596 }
597 - free(cpw);
599 /*
600 * The following fields will be set to -1 if:
601 @@ -286,7 +284,7 @@
602 RETURN("NO Invalid username");
603 }
605 - if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) {
606 + if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) {
607 if (flags & VERBOSE) {
608 syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s",
609 password, upw->upw_passwd);
610 --- a/saslauthd/configure.in 2012-10-12 16:05:48.000000000 +0200
611 +++ b/saslauthd/configure.in 2014-08-24 00:06:33.975346752 +0200
612 @@ -1,7 +1,8 @@
613 AC_INIT(mechanisms.h)
614 AC_PREREQ([2.54])
616 -AC_CONFIG_AUX_DIR(config)
617 +AC_CONFIG_MACRO_DIR([../cmulocal], [../config])
618 +AC_CONFIG_AUX_DIR([config])
619 AC_CANONICAL_HOST
621 dnl Should we enable SASLAUTHd at all?
622 @@ -25,6 +26,7 @@
623 AC_PROG_MAKE_SET
624 AC_PROG_LN_S
625 AC_PROG_INSTALL
626 +AC_PROG_LIBTOOL
628 dnl Checks for build foo
629 CMU_C___ATTRIBUTE__
630 @@ -77,7 +79,7 @@
631 AC_DEFINE(AUTH_SASLDB,[],[Include SASLdb Support])
632 SASL_DB_PATH_CHECK()
633 SASL_DB_CHECK()
634 - SASL_DB_LIB="$SASL_DB_LIB ../sasldb/.libs/libsasldb.al"
635 + SASL_DB_LIB="$SASL_DB_LIB ../sasldb/.libs/libsasldb.a"
636 fi
638 AC_ARG_ENABLE(httpform, [ --enable-httpform enable HTTP form authentication [[no]] ],
639 @@ -163,30 +165,30 @@
641 dnl Checks for which function macros exist
642 AC_MSG_CHECKING(whether $CC implements __func__)
643 -AC_CACHE_VAL(have_func,
644 +AC_CACHE_VAL(_cv_have_func,
645 [AC_TRY_LINK([#include <stdio.h>],[printf("%s", __func__);],
646 -have_func=yes,
647 -have_func=no)])
648 -AC_MSG_RESULT($have_func)
649 -if test "$have_func" = yes; then
650 +_cv_have_func=yes,
651 +_cv_have_func=no)])
652 +AC_MSG_RESULT($_cv_have_func)
653 +if test "$_cv_have_func" = yes; then
654 AC_DEFINE(HAVE_FUNC,[],[Does the compiler understand __func__])
655 else
656 AC_MSG_CHECKING(whether $CC implements __PRETTY_FUNCTION__)
657 - AC_CACHE_VAL(have_pretty_function,
658 + AC_CACHE_VAL(_cv_have_pretty_function,
659 [AC_TRY_LINK([#include <stdio.h>],[printf("%s", __PRETTY_FUNCTION__);],
660 - have_pretty_function=yes,
661 - have_pretty_function=no)])
662 - AC_MSG_RESULT($have_pretty_function)
663 - if test "$have_pretty_function" = yes; then
664 + _cv_have_pretty_function=yes,
665 + _cv_have_pretty_function=no)])
666 + AC_MSG_RESULT($_cv_have_pretty_function)
667 + if test "$_cv_have_pretty_function" = yes; then
668 AC_DEFINE(HAVE_PRETTY_FUNCTION,[],[Does compiler understand __PRETTY_FUNCTION__])
669 else
670 AC_MSG_CHECKING(whether $CC implements __FUNCTION__)
671 - AC_CACHE_VAL(have_function,
672 + AC_CACHE_VAL(_cv_have_function,
673 [AC_TRY_LINK([#include <stdio.h>],[printf("%s", __FUNCTION__);],
674 - have_function=yes,
675 - have_function=no)])
676 - AC_MSG_RESULT($have_function)
677 - if test "$have_function" = yes; then
678 + _cv_have_function=yes,
679 + _cv_have_function=no)])
680 + AC_MSG_RESULT($_cv_have_function)
681 + if test "$_cv_have_function" = yes; then
682 AC_DEFINE(HAVE_FUNCTION,[],[Does compiler understand __FUNCTION__])
683 fi
684 fi
685 --- a/saslauthd/Makefile.am 2012-01-28 00:31:36.000000000 +0100
686 +++ b/saslauthd/Makefile.am 2014-08-24 00:06:33.975346752 +0200
687 @@ -1,4 +1,6 @@
688 AUTOMAKE_OPTIONS = 1.7
689 +ACLOCAL_AMFLAGS = -I ../cmulocal -I ../config
690 +
691 sbin_PROGRAMS = saslauthd testsaslauthd
692 EXTRA_PROGRAMS = saslcache
694 @@ -16,7 +18,7 @@
695 saslauthd_DEPENDENCIES = saslauthd-main.o @LTLIBOBJS@
696 saslauthd_LDADD = @SASL_KRB_LIB@ \
697 @GSSAPIBASE_LIBS@ @GSSAPI_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \
698 - @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@
699 + @LIB_SOCKET@ ../sasldb/libsasldb.la @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@
701 testsaslauthd_SOURCES = testsaslauthd.c utils.c
702 testsaslauthd_LDADD = @LIB_SOCKET@
703 @@ -25,7 +27,7 @@
705 EXTRA_DIST = saslauthd.8 saslauthd.mdoc config include \
706 getnameinfo.c getaddrinfo.c LDAP_SASLAUTHD
707 -INCLUDES = -I$(top_srcdir)/include -I$(top_builddir)/include -I$(top_srcdir)/../include
708 +AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/include -I$(top_srcdir)/../include
709 DEFS = @DEFS@ -DSASLAUTHD_CONF_FILE_DEFAULT=\"@sysconfdir@/saslauthd.conf\" -I. -I$(srcdir) -I..
712 --- a/saslauthd/saslauthd.h.in 2012-11-06 20:21:43.000000000 +0100
713 +++ b/saslauthd/saslauthd.h.in 2014-08-24 00:06:33.975346752 +0200
714 @@ -62,6 +62,10 @@
715 */
716 #undef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
718 +/* Define to 1 if you have the `krb5_gss_register_acceptor_identity' function.
719 + */
720 +#undef HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY
721 +
722 /* Define if your GSSAPI implementation defines GSS_C_NT_HOSTBASED_SERVICE */
723 #undef HAVE_GSS_C_NT_HOSTBASED_SERVICE
725 --- a/sasldb/Makefile.am 2012-01-28 00:31:36.000000000 +0100
726 +++ b/sasldb/Makefile.am 2014-08-24 00:06:33.975346752 +0200
727 @@ -44,7 +44,7 @@
728 # Note that this doesn't necessaraly follow the libsasl2 verison info
729 sasl_version = 1:25:0
731 -INCLUDES=-I$(top_srcdir)/include -I$(top_builddir)/include @SASL_DB_INC@
732 +AM_CPPFLAGS=-I$(top_srcdir)/include -I$(top_builddir)/include @SASL_DB_INC@
734 extra_common_sources = db_none.c db_ndbm.c db_gdbm.c db_berkeley.c
736 @@ -55,14 +55,14 @@
738 libsasldb_la_SOURCES = allockey.c sasldb.h
739 EXTRA_libsasldb_la_SOURCES = $(extra_common_sources)
740 -libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND)
741 -libsasldb_la_LIBADD = $(SASL_DB_BACKEND)
742 +libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
743 +libsasldb_la_LIBADD = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
745 # Prevent make dist stupidity
746 libsasldb_a_SOURCES =
747 EXTRA_libsasldb_a_SOURCES =
749 libsasldb.a: libsasldb.la $(SASL_DB_BACKEND_STATIC)
750 - $(AR) cru .libs/$@ $(SASL_DB_BACKEND_STATIC)
751 + $(AR) cru $@ $(SASL_DB_BACKEND_STATIC)
754 --- a/utils/Makefile.am 2012-01-28 00:31:36.000000000 +0100
755 +++ b/utils/Makefile.am 2014-08-24 00:06:33.976346767 +0200
756 @@ -89,7 +89,7 @@
757 libsfsasl2_la_LIBADD = sfsasl.lo
758 libsfsasl2_la_LDFLAGS = -version-info 1:0:0 -export-dynamic -rpath $(libdir)
760 -INCLUDES=-I$(top_srcdir)/include -I$(top_builddir)/include @SASL_DB_INC@
761 +AM_CPPFLAGS=-I$(top_srcdir)/include -I$(top_builddir)/include @SASL_DB_INC@
762 EXTRA_DIST = saslpasswd2.8 sasldblistusers2.8 pluginviewer.8 sfsasl.h sfsasl.c smtptest.c testsuite.c pluginviewer.c NTMakefile
764 sfsasl.lo: sfsasl.c
765 --- a/Versions 1970-01-01 01:00:00.000000000 +0100
766 +++ b/Versions 2014-08-24 00:06:33.976346767 +0200
767 @@ -0,0 +1,7 @@
768 +SASL2 {
769 + global:
770 + sasl_*; prop_*; auxprop_plugin_info; _sasl_MD5*;
771 +};
772 +
773 +HIDDEN { local: __*; _rest*; _save*; *; };
774 +