summaryrefslogtreecommitdiffstats
path: root/source/n/cyrus-sasl
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2016-06-30 20:26:57 +0000
committer Eric Hameleers <alien@slackware.com>2018-05-31 23:31:18 +0200
commitd31c50870d0bee042ce660e445c9294a59a3a65b (patch)
tree6bfc0de3c95267b401b620c2c67859557dc60f97 /source/n/cyrus-sasl
parent76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 (diff)
downloadcurrent-d31c50870d0bee042ce660e445c9294a59a3a65b.tar.gz
current-d31c50870d0bee042ce660e445c9294a59a3a65b.tar.xz
Slackware 14.2slackware-14.2
Thu Jun 30 20:26:57 UTC 2016 Slackware 14.2 x86_64 stable is released! The long development cycle (the Linux community has lately been living in "interesting times", as they say) is finally behind us, and we're proud to announce the release of Slackware 14.2. The new release brings many updates and modern tools, has switched from udev to eudev (no systemd), and adds well over a hundred new packages to the system. Thanks to the team, the upstream developers, the dedicated Slackware community, and everyone else who pitched in to help make this release a reality. The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware project by picking up a copy from store.slackware.com. We're taking pre-orders now, and offer a discount if you sign up for a subscription. Have fun! :-)
Diffstat (limited to 'source/n/cyrus-sasl')
-rw-r--r--source/n/cyrus-sasl/cyrus-sasl-2.1.23-glibc217-crypt.diff105
-rw-r--r--source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch86
-rw-r--r--source/n/cyrus-sasl/cyrus-sasl-2.1.26-size_t.patch12
-rwxr-xr-xsource/n/cyrus-sasl/cyrus-sasl.SlackBuild16
-rw-r--r--source/n/cyrus-sasl/cyrus-sasl.bad_elif.diff22
5 files changed, 105 insertions, 136 deletions
diff --git a/source/n/cyrus-sasl/cyrus-sasl-2.1.23-glibc217-crypt.diff b/source/n/cyrus-sasl/cyrus-sasl-2.1.23-glibc217-crypt.diff
deleted file mode 100644
index 2cbb48605..000000000
--- a/source/n/cyrus-sasl/cyrus-sasl-2.1.23-glibc217-crypt.diff
+++ /dev/null
@@ -1,105 +0,0 @@
-From 0626e86d2e1d0be63a56918371a15d98cfad19d1 Mon Sep 17 00:00:00 2001
-From: mancha <mancha1@hush.com>
-Date: Tue, 9 Jul 2013
-Subject: Handle NULL returns from glibc 2.17+ crypt().
-
-Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL
-(w/ NULL return) if the salt violates specifications. Additionally,
-on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords
-passed to crypt() fail with EPERM (w/ NULL return).
-
-When using glibc's crypt(), check return value to avoid a possible
-NULL pointer dereference.
----
- pwcheck/pwcheck_getpwnam.c | 3 ++-
- pwcheck/pwcheck_getspnam.c | 3 ++-
- saslauthd/auth_getpwent.c | 3 ++-
- saslauthd/auth_shadow.c | 7 ++-----
- 4 files changed, 8 insertions(+), 8 deletions(-)
-
---- a/pwcheck/pwcheck_getpwnam.c
-+++ b/pwcheck/pwcheck_getpwnam.c
-@@ -32,6 +32,7 @@ extern char *crypt();
- char *password;
- {
- char* r;
-+ char* crpt_passwd;
- struct passwd *pwd;
-
- pwd = getpwnam(userid);
-@@ -41,7 +42,7 @@ char *password;
- else if (pwd->pw_passwd[0] == '*') {
- r = "Account disabled";
- }
-- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) {
-+ else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) {
- r = "Incorrect password";
- }
- else {
---- a/pwcheck/pwcheck_getspnam.c
-+++ b/pwcheck/pwcheck_getspnam.c
-@@ -30,6 +30,7 @@ extern char *crypt();
- char *pwcheck(userid, password)
- char *userid;
- char *password;
-+char *crpt_passwd;
- {
- struct spwd *pwd;
-
-@@ -38,7 +39,7 @@ char *password;
- return "Userid not found";
- }
-
-- if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) {
-+ if (!(crpt_passwd = crypt(password, pwd->sp_pwdp)) || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) {
- return "Incorrect password";
- }
- else {
---- a/saslauthd/auth_getpwent.c
-+++ b/saslauthd/auth_getpwent.c
-@@ -70,6 +70,7 @@ auth_getpwent (
- {
- /* VARIABLES */
- struct passwd *pw; /* pointer to passwd file entry */
-+ char *crpt_passwd; /* encrypted password */
- /* END VARIABLES */
-
- pw = getpwnam(login);
-@@ -79,7 +80,7 @@ auth_getpwent (
- RETURN("NO");
- }
-
-- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) {
-+ if (!(crpt_passwd = crypt(password, pw->pw_passwd)) || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) {
- RETURN("NO");
- }
-
---- a/saslauthd/auth_shadow.c
-+++ b/saslauthd/auth_shadow.c
-@@ -180,16 +180,13 @@ auth_shadow (
- * not returning any information about a login until we have validated
- * the password.
- */
-- cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
-- if (strcmp(sp->sp_pwdp, cpw)) {
-+ if (!(cpw = crypt(password, sp->sp_pwdp)) || strcmp(sp->sp_pwdp, (const char *)cpw)) {
- if (flags & VERBOSE) {
- syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'",
- sp->sp_pwdp, cpw);
- }
-- free(cpw);
- RETURN("NO");
- }
-- free(cpw);
-
- /*
- * The following fields will be set to -1 if:
-@@ -251,7 +250,7 @@ auth_shadow (
- RETURN("NO");
- }
-
-- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) {
-+ if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) {
- if (flags & VERBOSE) {
- syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s",
- password, upw->upw_passwd);
diff --git a/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch b/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch
new file mode 100644
index 000000000..ce9b5e256
--- /dev/null
+++ b/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch
@@ -0,0 +1,86 @@
+diff -up cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c.null-crypt cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c
+--- cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c.null-crypt 2012-01-28 00:31:36.000000000 +0100
++++ cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c 2012-12-20 17:00:14.614580310 +0100
+@@ -31,7 +31,7 @@ char *pwcheck(userid, password)
+ char *userid;
+ char *password;
+ {
+- char* r;
++ char* r, *cryptbuf;
+ struct passwd *pwd;
+
+ pwd = getpwnam(userid);
+@@ -41,11 +41,13 @@ char *password;
+ else if (pwd->pw_passwd[0] == '*') {
+ r = "Account disabled";
+ }
+- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) {
+- r = "Incorrect password";
+- }
+ else {
+- r = "OK";
++ cryptbuf = crypt(password, pwd->pw_passwd);
++ if((cryptbuf == NULL) || (strcmp(pwd->pw_passwd, cryptbuf) != 0)) {
++ r = "Incorrect password";
++ } else {
++ r = "OK";
++ }
+ }
+
+ endpwent();
+diff -up cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c.null-crypt cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c
+--- cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c.null-crypt 2012-10-12 16:05:48.000000000 +0200
++++ cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c 2012-12-20 17:03:17.940793653 +0100
+@@ -78,6 +78,7 @@ auth_getpwent (
+ /* VARIABLES */
+ struct passwd *pw; /* pointer to passwd file entry */
+ int errnum;
++ char *cryptbuf;
+ /* END VARIABLES */
+
+ errno = 0;
+@@ -105,7 +106,8 @@ auth_getpwent (
+ }
+ }
+
+- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) {
++ cryptbuf = crypt(password, pw->pw_passwd);
++ if ((cryptbuf == NULL) || strcmp(pw->pw_passwd, cryptbuf)) {
+ if (flags & VERBOSE) {
+ syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login);
+ }
+diff -up cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.null-crypt cyrus-sasl-2.1.26/saslauthd/auth_shadow.c
+--- cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.null-crypt 2012-12-20 17:00:14.000000000 +0100
++++ cyrus-sasl-2.1.26/saslauthd/auth_shadow.c 2012-12-20 17:16:44.190360006 +0100
+@@ -214,8 +214,8 @@ auth_shadow (
+ RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)");
+ }
+
+- cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
+- if (strcmp(sp->sp_pwdp, cpw)) {
++ cpw = crypt(password, sp->sp_pwdp);
++ if ((cpw == NULL) || strcmp(sp->sp_pwdp, cpw)) {
+ if (flags & VERBOSE) {
+ /*
+ * This _should_ reveal the SHADOW_PW_LOCKED prefix to an
+@@ -225,10 +225,8 @@ auth_shadow (
+ syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'",
+ sp->sp_pwdp, cpw);
+ }
+- free(cpw);
+ RETURN("NO Incorrect password");
+ }
+- free(cpw);
+
+ /*
+ * The following fields will be set to -1 if:
+@@ -290,7 +288,8 @@ auth_shadow (
+ RETURN("NO Invalid username");
+ }
+
+- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) {
++ cpw = crypt(password, upw->upw_passwd);
++ if ((cpw == NULL) || strcmp(upw->upw_passwd, cpw) != 0) {
+ if (flags & VERBOSE) {
+ syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s",
+ password, upw->upw_passwd);
diff --git a/source/n/cyrus-sasl/cyrus-sasl-2.1.26-size_t.patch b/source/n/cyrus-sasl/cyrus-sasl-2.1.26-size_t.patch
new file mode 100644
index 000000000..cde823835
--- /dev/null
+++ b/source/n/cyrus-sasl/cyrus-sasl-2.1.26-size_t.patch
@@ -0,0 +1,12 @@
+diff -up cyrus-sasl-2.1.26/include/sasl.h.size_t cyrus-sasl-2.1.26/include/sasl.h
+--- cyrus-sasl-2.1.26/include/sasl.h.size_t 2012-10-12 09:05:48.000000000 -0500
++++ cyrus-sasl-2.1.26/include/sasl.h 2013-01-31 13:21:04.007739327 -0600
+@@ -223,6 +223,8 @@ extern "C" {
+ * they must be called before all other SASL functions:
+ */
+
++#include <sys/types.h>
++
+ /* memory allocation functions which may optionally be replaced:
+ */
+ typedef void *sasl_malloc_t(size_t);
diff --git a/source/n/cyrus-sasl/cyrus-sasl.SlackBuild b/source/n/cyrus-sasl/cyrus-sasl.SlackBuild
index c47821d55..0cbad20a9 100755
--- a/source/n/cyrus-sasl/cyrus-sasl.SlackBuild
+++ b/source/n/cyrus-sasl/cyrus-sasl.SlackBuild
@@ -1,6 +1,6 @@
#!/bin/sh
-# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2008, 2009, 2010, 2013, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -22,12 +22,12 @@
PKGNAM=cyrus-sasl
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-5}
+BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
- i?86) export ARCH=i486 ;;
+ i?86) export ARCH=i586 ;;
arm*) export ARCH=arm ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) export ARCH=$( uname -m ) ;;
@@ -38,8 +38,8 @@ CWD=$(pwd)
TMP=${TMP:-/tmp}
PKG=$TMP/package-cyrus-sasl
-if [ "$ARCH" = "i486" ]; then
- SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+ SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "s390" ]; then
SLKCFLAGS="-O2"
@@ -59,11 +59,9 @@ rm -rf cyrus-sasl-$VERSION
tar xvf $CWD/cyrus-sasl-$VERSION.tar.?z* || exit 1
cd cyrus-sasl-$VERSION || exit 1
-# Fix compiling:
-zcat $CWD/cyrus-sasl.bad_elif.diff.gz | patch -p1 --verbose || exit 1
-
# Fix for glibc-2.17 crypt() NULL return:
-zcat $CWD/cyrus-sasl-2.1.23-glibc217-crypt.diff.gz | patch -p1 --verbose || exit 1
+zcat $CWD/cyrus-sasl-2.1.26-null-crypt.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/cyrus-sasl-2.1.26-size_t.patch.gz | patch -p1 --verbose || exit 1
chown -R root:root .
find . -perm 777 -exec chmod 755 {} \;
diff --git a/source/n/cyrus-sasl/cyrus-sasl.bad_elif.diff b/source/n/cyrus-sasl/cyrus-sasl.bad_elif.diff
deleted file mode 100644
index a7196b3b1..000000000
--- a/source/n/cyrus-sasl/cyrus-sasl.bad_elif.diff
+++ /dev/null
@@ -1,22 +0,0 @@
-Index: cyrus-sasl-2.1.23/plugins/digestmd5.c
-===================================================================
---- cyrus-sasl-2.1.23.orig/plugins/digestmd5.c
-+++ cyrus-sasl-2.1.23/plugins/digestmd5.c
-@@ -2715,7 +2715,7 @@ static sasl_server_plug_t digestmd5_serv
- "DIGEST-MD5", /* mech_name */
- #ifdef WITH_RC4
- 128, /* max_ssf */
--#elif WITH_DES
-+#elif defined(WITH_DES)
- 112,
- #else
- 1,
-@@ -4034,7 +4034,7 @@ static sasl_client_plug_t digestmd5_clie
- "DIGEST-MD5",
- #ifdef WITH_RC4 /* mech_name */
- 128, /* max ssf */
--#elif WITH_DES
-+#elif defined(WITH_DES)
- 112,
- #else
- 1,