Update to version 1.5.27
PR: 33603 Submitted by: MAINTAINER
This commit is contained in:
parent
58ccbf914e
commit
1dc48b9c06
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=53251
@ -6,15 +6,24 @@
|
||||
#
|
||||
|
||||
PORTNAME= cyrus-sasl
|
||||
PORTVERSION= 1.5.24
|
||||
PORTREVISION= 8
|
||||
CATEGORIES= security
|
||||
MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR% \
|
||||
PORTVERSION= 1.5.27
|
||||
PORTREVISION= 0
|
||||
CATEGORIES= security ipv6
|
||||
MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR%/ \
|
||||
http://prdownloads.sourceforge.net/cyrus-utils/ \
|
||||
http://www.surf.org.uk/downloads/ \
|
||||
ftp://ftp.westbend.net/pub/cyrus-mail/%SUBDIR%/ \
|
||||
${MASTER_SITE_SOURCEFORGE} \
|
||||
ftp://ftp.hanse.de/sites/transit/mirror/ftp.andrew.cmu.edu/pub/cyrus-mail/
|
||||
MASTER_SITE_SUBDIR= ./ OLD-VERSIONS/sasl/
|
||||
MASTER_SITE_SUBDIR= . OLD-VERSIONS/sasl cyrus-utils
|
||||
|
||||
PATCH_SITES= http://www.imasy.or.jp/~ume/ipv6/
|
||||
PATCHFILES= ${DISTNAME}-ipv6-20010321.diff.gz
|
||||
DISTFILES= ${DISTNAME}${EXTRACT_SUFX} \
|
||||
sasl-${PORTVERSION}-ldap-ssl-filter-mysql-patch3.tgz
|
||||
|
||||
PATCH_SITES= ftp://ftp.westbend.net/pub/cyrus-mail/contrib/ \
|
||||
http://www.imasy.or.jp/~ume/ipv6/
|
||||
PATCHFILES= sasl_apop_patch.gz \
|
||||
${DISTNAME}-ipv6-${IPV6_VER}.diff.gz
|
||||
|
||||
MAINTAINER= hetzels@westbend.net
|
||||
|
||||
@ -22,6 +31,9 @@ USE_OPENSSL= YES
|
||||
|
||||
INSTALLS_SHLIB= yes
|
||||
|
||||
# IPv6 Patch provided by Hajimu UMEMOTO <ume@mahoroba.org>
|
||||
IPV6_VER= 20020106
|
||||
|
||||
MAN3= sasl.3 sasl_authorize_t.3 sasl_callbacks.3 sasl_checkpass.3 \
|
||||
sasl_client_init.3 sasl_client_new.3 sasl_client_start.3 \
|
||||
sasl_client_step.3 sasl_decode.3 sasl_done.3 sasl_encode.3 \
|
||||
@ -43,32 +55,22 @@ CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc \
|
||||
--enable-static \
|
||||
--enable-login \
|
||||
--with-pwcheck=/var/pwcheck \
|
||||
--with-dblib=ndbm \
|
||||
--with-rc4=openssl
|
||||
|
||||
SCRIPTS_ENV= WRKDIRPREFIX="${WRKDIRPREFIX}" \
|
||||
PREFIX="${PREFIX}" \
|
||||
TOUCH="${TOUCH}" \
|
||||
MKDIR="${MKDIR}" \
|
||||
ENABLE_DB3="${ENABLE_DB3}" \
|
||||
ENABLE_MYSQL="${ENABLE_MYSQL}" \
|
||||
ENABLE_LDAP="${ENABLE_LDAP}"
|
||||
|
||||
# ENABLE_* variables can be used by depending ports to enable options.
|
||||
REALCURDIR="${.CURDIR}" \
|
||||
WITH_DB3="${WITH_DB3}" \
|
||||
WITH_JAVA="${WITH_JAVA}" \
|
||||
WITH_MYSQL="${WITH_MYSQL}" \
|
||||
WITH_LDAP1="${WITH_LDAP1}" \
|
||||
WITH_LDAP2="${WITH_LDAP2}"
|
||||
|
||||
# JavaSASL needs someone to look at to get it to build
|
||||
#JAVADIR= jdk1.1.8
|
||||
#JAVALIBDIR= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/
|
||||
|
||||
#.if defined(USE_JAVA) || exists(${LOCALBASE}/${JAVADIR}/bin/java)
|
||||
#BUILD_DEPENDS= ${LOCALBASE}/${JAVADIR}/bin/java:${PORTSDIR}/java/jdk
|
||||
#CONFIGURE_ARGS+= --with-java \
|
||||
# --with-javabase=${LOCALBASE}/include
|
||||
#
|
||||
#CONFIGURE_ENV= JAVAC="${LOCALBASE}/${JAVADIR}/bin/javac" \
|
||||
# JAVAH="${LOCALBASE}/${JAVADIR}/bin/javah" \
|
||||
# JAVADOC="${LOCALBASE}/${JAVADIR}/bin/javadoc"
|
||||
#.endif
|
||||
JAVADIR= jdk1.1.8
|
||||
JAVALIBDIR= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/
|
||||
|
||||
.if defined(KRB5_HOME) && exists(${KRB5_HOME})
|
||||
CONFIGURE_ARGS+= --enable-gssapi=${KRB5_HOME}
|
||||
@ -92,18 +94,13 @@ CONFIGURE_ENV+= LOCALBASE=${LOCALBASE} \
|
||||
|
||||
DOCS= AUTHORS COPYING ChangeLog INSTALL NEWS README TODO
|
||||
|
||||
DOC2= draft-leach-digest-sasl-05.txt \
|
||||
draft-newman-auth-scram-03.txt \
|
||||
rfc1321.txt rfc2095.txt rfc2104.txt \
|
||||
rfc2222.txt rfc2245.txt
|
||||
|
||||
HTDOCS= gssapi index programming sysadmin
|
||||
|
||||
PLIST_SUB= PREFIX=${PREFIX} \
|
||||
GSSAPI=${GSSAPI} \
|
||||
EBONES=${EBONES} \
|
||||
DOCSDIR=${DOCSDIR:S/^${PREFIX}\///} \
|
||||
|
||||
LDAP_MYSQL_PATCH= ldap-mysql_sasl/sasl-ldap+mysql.patch
|
||||
|
||||
PKGDEINSTALL= ${WRKDIR}/pkg-deinstall
|
||||
PKGINSTALL= ${WRKDIR}/pkg-install
|
||||
PKGMESSAGE= ${WRKDIR}/pkg-message
|
||||
@ -111,6 +108,14 @@ PKGMESSAGE= ${WRKDIR}/pkg-message
|
||||
pre-fetch:
|
||||
@${SETENV} ${SCRIPTS_ENV} ${SH} ${SCRIPTDIR}/configure.sasl
|
||||
|
||||
.if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc)
|
||||
.include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc"
|
||||
.endif
|
||||
|
||||
pre-patch:
|
||||
@(cd ${WRKSRC} && ${PATCH} -p1 < ${WRKDIR}/${LDAP_MYSQL_PATCH} && \
|
||||
${MV} configure.orig configure)
|
||||
|
||||
# Fix sasldb name in pkg-install/deinstall scripts
|
||||
post-patch:
|
||||
@${SED} -e "/%%SASLDB%%/s##${SASLDB_NAME}#g" \
|
||||
@ -119,8 +124,11 @@ post-patch:
|
||||
${.CURDIR}/pkg-deinstall > ${PKGDEINSTALL}
|
||||
@${SED} -e "/%%SASLDB%%/s##${SASLDB_NAME}#g" \
|
||||
-e "/%%PREFIX%%/s##${PREFIX}#g" \
|
||||
-e "/%%DOCSDIR%%/s##${DOCSDIR}#g" \
|
||||
${.CURDIR}/pkg-message > ${PKGMESSAGE}
|
||||
.ifdef LDAP_MYSQL_MSG
|
||||
@${ECHO} ${LDAP_MYSQL_MSG} | /usr/bin/fmt -w 67 >> ${PKGMESSAGE}
|
||||
@${ECHO} >> ${PKGMESSAGE}
|
||||
.endif
|
||||
|
||||
pre-configure:
|
||||
@(cd ${WRKSRC} && ${AUTOHEADER})
|
||||
@ -134,19 +142,16 @@ post-install:
|
||||
> ${PREFIX}/etc/rc.d/pwcheck.sh
|
||||
@${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh
|
||||
${INSTALL} -d -m 770 -o cyrus -g cyrus /var/pwcheck
|
||||
@${LN} ${PREFIX}/sbin/pwcheck ${PREFIX}/sbin/pwcheck_pwnam
|
||||
.if !defined(NOPORTDOCS)
|
||||
@${MKDIR} ${DOCSDIR}
|
||||
.for file in ${DOCS}
|
||||
@${INSTALL_DATA} ${WRKSRC}/${file} ${DOCSDIR}
|
||||
.endfor
|
||||
.for file in ${DOC2}
|
||||
@${INSTALL_DATA} ${WRKSRC}/doc/${file} ${DOCSDIR}
|
||||
.endfor
|
||||
(cd ${WRKSRC}/doc ; \
|
||||
for file in `make -V EXTRA_DIST` ; do \
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/$${file} ${DOCSDIR} ; \
|
||||
done)
|
||||
@${INSTALL_DATA} ${FILESDIR}/Sendmail.README ${DOCSDIR}
|
||||
.for file in ${HTDOCS}
|
||||
@${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${DOCSDIR}
|
||||
.endfor
|
||||
.endif
|
||||
@PKG_PREFIX=${PREFIX} BATCH=${BATCH} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
|
||||
@${CAT} ${PKGMESSAGE}
|
||||
@ -154,8 +159,8 @@ post-install:
|
||||
post-clean:
|
||||
@${RM} -f ${WRKDIRPREFIX}${.CURDIR}/Makefile.inc
|
||||
|
||||
.if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc)
|
||||
.include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc"
|
||||
.endif
|
||||
#if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc)
|
||||
#include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc"
|
||||
#endif
|
||||
|
||||
.include <bsd.port.mk>
|
||||
|
@ -1,2 +1,4 @@
|
||||
MD5 (cyrus-sasl-1.5.24.tar.gz) = ac3837c071c258b80021325936db2583
|
||||
MD5 (cyrus-sasl-1.5.24-ipv6-20010321.diff.gz) = a306953c91d9fbf2f4676ef394b38449
|
||||
MD5 (cyrus-sasl-1.5.27.tar.gz) = 76ea426e2e2da3b8d2e3a43af5488f3b
|
||||
MD5 (sasl-1.5.27-ldap-ssl-filter-mysql-patch3.tgz) = 19e6783c1f4095e265648d26c4679544
|
||||
MD5 (sasl_apop_patch.gz) = 6bf7a34b73d1c8d139d2269069d1ba4c
|
||||
MD5 (cyrus-sasl-1.5.27-ipv6-20020106.diff.gz) = b2956a084954a46ba2d751f56a80a275
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- configure.in.orig Thu Jul 20 21:35:01 2000
|
||||
+++ configure.in Thu Nov 16 09:07:00 2000
|
||||
--- configure.in.orig Tue Nov 27 11:45:28 2001
|
||||
+++ configure.in Tue Nov 27 12:49:28 2001
|
||||
@@ -66,8 +66,9 @@
|
||||
dnl check for -R, etc. switch
|
||||
CMU_GUESS_RUNPATH_SWITCH
|
||||
@ -12,10 +12,10 @@
|
||||
|
||||
AM_DISABLE_STATIC
|
||||
|
||||
@@ -232,6 +233,13 @@
|
||||
@@ -235,6 +236,13 @@
|
||||
berkeley)
|
||||
SASL_DB_BACKEND="db_${dblib}.lo"
|
||||
AC_DEFINE(SASL_BERKELEYDB)
|
||||
SASL_DB_LIB="-ldb"
|
||||
+ for db3loc in ${prefix} /usr/local /usr
|
||||
+ do
|
||||
+ if test -d ${db3loc}/include/db3; then
|
||||
@ -26,112 +26,3 @@
|
||||
;;
|
||||
*)
|
||||
AC_MSG_WARN([Disabling SASL authentication database support])
|
||||
@@ -310,6 +318,88 @@
|
||||
fi
|
||||
AM_CONDITIONAL(PWCHECK, test "$with_pwcheck" != no)
|
||||
|
||||
+dnl MySQL
|
||||
+AC_ARG_WITH(mysql, [ --with-mysql=PATH enable authentication from MySQL database [no] ],
|
||||
+ with_mysql=$withval,
|
||||
+ with_mysql=no)
|
||||
+
|
||||
+if test -z "$with_mysql"; then
|
||||
+ for mysqlloc in lib/mysql lib
|
||||
+ do
|
||||
+ if test -f ${prefix}/${mysqlloc}/libmysqlclient.a; then
|
||||
+ with_mysql="${prefix}"
|
||||
+ break
|
||||
+ elif test -f /usr/local/${mysqlloc}/libmysqlclient.a; then
|
||||
+ with_mysql="/usr/local"
|
||||
+ break
|
||||
+ elif test -f /usr/${mysqlloc}/libmysqlclient.a; then
|
||||
+ with_mysql="/usr"
|
||||
+ break
|
||||
+ fi
|
||||
+ done
|
||||
+fi
|
||||
+
|
||||
+LIB_MYSQL=""
|
||||
+case "$with_mysql" in
|
||||
+ no) true;;
|
||||
+ ""|yes) AC_CHECK_LIB(mysqlclient, mysql_select_db,
|
||||
+ AC_DEFINE(HAVE_MYSQL)
|
||||
+ LIB_MYSQL="-lmysqlclient",
|
||||
+ with_mysql=no);;
|
||||
+ *) if test -d ${with_mysql}/include/mysql; then
|
||||
+ CPPFLAGS="$CPPFLAGS -I${with_mysql}/include/mysql"
|
||||
+ else
|
||||
+ CPPFLAGS="$CPPFLAGS -I${with_mysql}/include"
|
||||
+ fi
|
||||
+ if test -d ${with_mysql}/lib/mysql; then
|
||||
+ LDFLAGS="$LDFLAGS -L${with_mysql}/lib/mysql"
|
||||
+ fi
|
||||
+ AC_DEFINE(HAVE_MYSQL)
|
||||
+ LIB_MYSQL="-lmysqlclient";;
|
||||
+esac
|
||||
+AC_SUBST(LIB_MYSQL)
|
||||
+
|
||||
+dnl LDAP
|
||||
+AC_ARG_WITH(ldap, [ --with-ldap=PATH enable authentication from LDAP [no] ],
|
||||
+ with_ldap=$withval,
|
||||
+ with_ldap=no)
|
||||
+
|
||||
+if test -z "$with_ldap"; then
|
||||
+ for ldaploc in lib/ldap lib
|
||||
+ do
|
||||
+ if test -f ${prefix}/${ldaploc}/libldap.a; then
|
||||
+ with_ldap="${prefix}"
|
||||
+ break
|
||||
+ elif test -f /usr/local/${ldaploc}/libldap.a; then
|
||||
+ with_ldap="/usr/local"
|
||||
+ break
|
||||
+ elif test -f /usr/${ldaploc}/libldap.a; then
|
||||
+ with_ldap="/usr"
|
||||
+ break
|
||||
+ fi
|
||||
+ done
|
||||
+fi
|
||||
+
|
||||
+LIB_LDAP=""
|
||||
+case "$with_ldap" in
|
||||
+ no) true;;
|
||||
+ ""|yes) AC_CHECK_LIB(ldap, ldap_open,
|
||||
+ AC_DEFINE(HAVE_LDAP)
|
||||
+ LIB_LDAP="-lldap -llber",
|
||||
+ with_ldap=no);;
|
||||
+ *) if test -d ${with_ldap}/include/ldap; then
|
||||
+ CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include/ldap"
|
||||
+ else
|
||||
+ CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include"
|
||||
+ fi
|
||||
+ if test -d ${with_ldap}/lib/ldap; then
|
||||
+ LDFLAGS="$LDFLAGS -L${with_ldap}/lib/ldap"
|
||||
+ fi
|
||||
+ AC_DEFINE(HAVE_LDAP)
|
||||
+ LIB_LDAP="-lldap -llber";;
|
||||
+esac
|
||||
+AC_SUBST(LIB_LDAP)
|
||||
+
|
||||
dnl CRAM-MD5
|
||||
AC_ARG_ENABLE(cram, [ --enable-cram enable CRAM-MD5 authentication [yes] ],
|
||||
cram=$enableval,
|
||||
@@ -434,11 +524,15 @@
|
||||
fi
|
||||
|
||||
if test "$with_des" != no; then
|
||||
+ case "$host_os" in
|
||||
+ freebsd*)
|
||||
+ COM_ERR="-lcom_err"
|
||||
+ ;;
|
||||
+ esac
|
||||
AC_CHECK_HEADER(krb.h,
|
||||
- AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="",
|
||||
- AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err",
|
||||
- AC_WARN(No Kerberos V4 found); krb4=no, -ldes -lcom_err),
|
||||
- -ldes),
|
||||
+ AC_CHECK_LIB(krb, krb_mk_priv,:,
|
||||
+ AC_WARN(No Kerberos V4 found); krb4=no,
|
||||
+ -ldes $COM_ERR),
|
||||
AC_WARN(No Kerberos V4 found); krb4=no)
|
||||
else
|
||||
AC_WARN(No DES library found for Kerberos V4 support)
|
||||
|
@ -1,15 +0,0 @@
|
||||
--- acconfig.h.orig Wed Jul 5 11:59:25 2000
|
||||
+++ acconfig.h Fri Sep 15 20:56:28 2000
|
||||
@@ -84,6 +84,12 @@
|
||||
/* do we have PAM for plaintext password checking? */
|
||||
#undef HAVE_PAM
|
||||
|
||||
+/* do we have MySQL for plaintext password checking? */
|
||||
+#undef HAVE_MYSQL
|
||||
+
|
||||
+/* do we have LDAP for plaintext password checking? */
|
||||
+#undef HAVE_LDAP
|
||||
+
|
||||
/* what flavor of GSSAPI are we using? */
|
||||
#undef HAVE_GSS_C_NT_HOSTBASED_SERVICE
|
||||
|
@ -1,9 +0,0 @@
|
||||
--- lib/Makefile.am.orig Thu Jul 20 21:35:02 2000
|
||||
+++ lib/Makefile.am Fri Sep 15 20:56:28 2000
|
||||
@@ -53,5 +53,5 @@
|
||||
EXTRA_libsasl_la_SOURCES = db_none.c db_ndbm.c db_gdbm.c db_berkeley.c db_testw32.c
|
||||
libsasl_la_LDFLAGS = -version-info $(sasl_version)
|
||||
libsasl_la_DEPENDENCIES = $(SASL_DB_BACKEND) @LTLIBOBJS@
|
||||
-libsasl_la_LIBADD = @LTLIBOBJS@ $(SASL_DB_BACKEND) $(SASL_DB_LIB) $(SASL_DL_LIB) $(PLAIN_LIBS)
|
||||
+libsasl_la_LIBADD = @LTLIBOBJS@ $(SASL_DB_BACKEND) $(SASL_DB_LIB) $(SASL_DL_LIB) $(PLAIN_LIBS) ${LIB_LDAP} ${LIB_MYSQL}
|
||||
# PLAIN_LIBS are linked in for sasl_checkpass
|
@ -1,321 +0,0 @@
|
||||
--- lib/checkpw.c.orig Wed Jul 19 20:24:13 2000
|
||||
+++ lib/checkpw.c Tue Oct 31 20:52:21 2000
|
||||
@@ -95,10 +95,19 @@
|
||||
#include <sys/un.h>
|
||||
#ifdef HAVE_UNISTD_H
|
||||
#include <unistd.h>
|
||||
-#endif
|
||||
+#endif /* HAVE_UNISTD_H */
|
||||
|
||||
extern int errno;
|
||||
-#endif
|
||||
+#endif /* HAVE_PWCHECK */
|
||||
+
|
||||
+#ifdef HAVE_MYSQL
|
||||
+#include <mysql.h>
|
||||
+#endif /* HAVE_MYSQL */
|
||||
+
|
||||
+#ifdef HAVE_LDAP
|
||||
+#include <lber.h>
|
||||
+#include <ldap.h>
|
||||
+#endif /* HAVE_LDAP */
|
||||
|
||||
#ifdef HAVE_KRB
|
||||
|
||||
@@ -170,12 +179,20 @@
|
||||
memcpy (&temp_key, "kerberos", 8);
|
||||
des_fixup_key_parity (&temp_key);
|
||||
des_key_sched (&temp_key, schedule);
|
||||
+#ifdef __FreeBSD__
|
||||
+ des_cbc_cksum ((const unsigned char *)password, &ivec, passlen, schedule, &ivec);
|
||||
+#else
|
||||
des_cbc_cksum ((des_cblock *)password, &ivec, passlen, schedule, &ivec);
|
||||
+#endif
|
||||
|
||||
memcpy (&temp_key, &ivec, sizeof temp_key);
|
||||
des_fixup_key_parity (&temp_key);
|
||||
des_key_sched (&temp_key, schedule);
|
||||
+#ifdef __FreeBSD__
|
||||
+ des_cbc_cksum ((const unsigned char *)password, key, passlen, schedule, &ivec);
|
||||
+#else
|
||||
des_cbc_cksum ((des_cblock *)password, key, passlen, schedule, &ivec);
|
||||
+#endif
|
||||
|
||||
des_fixup_key_parity (key);
|
||||
|
||||
@@ -210,10 +227,17 @@
|
||||
return (str);
|
||||
}
|
||||
|
||||
+#ifdef __FreeBSD__
|
||||
+static int use_key(const char *user __attribute__((unused)),
|
||||
+ char *instance __attribute__((unused)),
|
||||
+ const char *realm __attribute__((unused)),
|
||||
+ const void *key, des_cblock *returned_key)
|
||||
+#else
|
||||
static int use_key(char *user __attribute__((unused)),
|
||||
char *instance __attribute__((unused)),
|
||||
char *realm __attribute__((unused)),
|
||||
void *key, des_cblock *returned_key)
|
||||
+#endif
|
||||
{
|
||||
memcpy (returned_key, key, sizeof(des_cblock));
|
||||
return 0;
|
||||
@@ -838,7 +862,7 @@
|
||||
|
||||
|
||||
/* pwcheck daemon-authenticated login */
|
||||
-static int pwcheck_verify_password(sasl_conn_t *conn,
|
||||
+static int pwcheck_verify_password(sasl_conn_t *conn __attribute__((unused)),
|
||||
const char *userid,
|
||||
const char *passwd,
|
||||
const char *service __attribute__((unused)),
|
||||
@@ -853,8 +877,10 @@
|
||||
static char response[1024];
|
||||
int start, n;
|
||||
char pwpath[1024];
|
||||
+#if 0 /* Not used */
|
||||
sasl_getopt_t *getopt;
|
||||
void *context;
|
||||
+#endif
|
||||
|
||||
if (reply) { *reply = NULL; }
|
||||
|
||||
@@ -902,6 +928,224 @@
|
||||
|
||||
#endif
|
||||
|
||||
+#ifdef HAVE_MYSQL
|
||||
+/* DMZ mysql auth 12/29/1999
|
||||
+ * Updated to 1.5.24 by SWH 09/12/2000
|
||||
+ * changed to malloc qbuf Simon Loader 10/21/2000
|
||||
+ */
|
||||
+#ifdef USE_CRYPT_PASSWORD
|
||||
+#define QUERY_STRING "select %s from %s where %s = '%s' and %s = password('%s')"
|
||||
+#else
|
||||
+#define QUERY_STRING "select %s from %s where %s = '%s' and %s = '%s'"
|
||||
+#endif
|
||||
+
|
||||
+static int mysql_verify_password(sasl_conn_t *conn,
|
||||
+ const char *userid,
|
||||
+ const char *password,
|
||||
+ const char *service __attribute__((unused)),
|
||||
+ const char *user_realm __attribute__((unused)),
|
||||
+ const char **reply)
|
||||
+{
|
||||
+ unsigned int numrows;
|
||||
+ MYSQL mysql,*sock;
|
||||
+ MYSQL_RES *result;
|
||||
+ char *qbuf;
|
||||
+ char *db_user="",
|
||||
+ *db_passwd="",
|
||||
+ *db_host="",
|
||||
+ *db_uidcol="",
|
||||
+ *db_pwcol="",
|
||||
+ *db_database="",
|
||||
+ *db_table="";
|
||||
+ sasl_getopt_t *getopt;
|
||||
+ void *context;
|
||||
+
|
||||
+ if (!userid || !password) {
|
||||
+ return SASL_BADPARAM;
|
||||
+ }
|
||||
+ if (reply) { *reply = NULL; }
|
||||
+
|
||||
+ /* check to see if the user configured a mysqluser/passwd/host/etc */
|
||||
+ if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) {
|
||||
+ getopt(context, NULL, "mysql_user", (const char **) &db_user, NULL);
|
||||
+ if (!db_user) db_user = "";
|
||||
+ getopt(context, NULL, "mysql_passwd", (const char **) &db_passwd, NULL);
|
||||
+ if (!db_passwd) db_passwd = "";
|
||||
+ getopt(context, NULL, "mysql_host", (const char **) &db_host, NULL);
|
||||
+ if (!db_host) db_host = "";
|
||||
+ getopt(context, NULL, "mysql_database", (const char **) &db_database, NULL);
|
||||
+ if (!db_database) db_database = "";
|
||||
+ getopt(context, NULL, "mysql_table", (const char **) &db_table, NULL);
|
||||
+ if (!db_table) db_table = "";
|
||||
+ getopt(context, NULL, "mysql_uidcol", (const char **) &db_uidcol, NULL);
|
||||
+ if (!db_uidcol) db_uidcol = "";
|
||||
+ getopt(context, NULL, "mysql_pwdcol", (const char **) &db_pwcol, NULL);
|
||||
+ if (!db_pwcol) db_pwcol = "";
|
||||
+ }
|
||||
+
|
||||
+ if (!(sock = mysql_connect(&mysql,db_host,db_user,db_passwd)))
|
||||
+ {
|
||||
+ if (reply) { *reply = "cannot connect to MySQL server"; }
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+
|
||||
+ if (mysql_select_db(sock,db_database) < 0)
|
||||
+ {
|
||||
+ mysql_close(sock);
|
||||
+ if (reply) { *reply = "cannot select MySQL database"; }
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+ /* select DB_UIDCOL from DB_TABLE where DB_UIDCOL = 'userid' AND DB_PWCOL = password('password') */
|
||||
+ if ( (qbuf = (char *)malloc(strlen(QUERY_STRING)+strlen(db_uidcol)
|
||||
+ +strlen(db_table)+strlen(db_uidcol)
|
||||
+ +strlen(userid)+strlen(db_pwcol)
|
||||
+ +strlen(password)+1)) == NULL ) {
|
||||
+ if (reply) { *reply = "cannot malloc memory for sql query"; }
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+ sprintf(qbuf,QUERY_STRING,db_uidcol,db_table,db_uidcol,userid,db_pwcol,password);
|
||||
+ if (mysql_query(sock,qbuf) < 0 || !(result=mysql_store_result(sock)))
|
||||
+ {
|
||||
+ free(qbuf);
|
||||
+ mysql_close(sock);
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+
|
||||
+ if (result) //There were some rows found
|
||||
+ {
|
||||
+ if ((numrows = mysql_affected_rows(&mysql)) != 1)
|
||||
+ {
|
||||
+ mysql_free_result(result);
|
||||
+ mysql_close(sock);
|
||||
+ if ((numrows > 1) && (reply)) { *reply = "Detected duplicate entries for user"; }
|
||||
+ free(qbuf);
|
||||
+ return SASL_BADAUTH;
|
||||
+ } else {
|
||||
+ free(qbuf);
|
||||
+ mysql_free_result(result);
|
||||
+ mysql_close(sock);
|
||||
+ return SASL_OK;
|
||||
+ }
|
||||
+ }
|
||||
+ free(qbuf);
|
||||
+ mysql_free_result(result);
|
||||
+ mysql_close(sock);
|
||||
+ return SASL_BADAUTH;
|
||||
+}
|
||||
+#endif /* HAVE_MYSQL */
|
||||
+
|
||||
+#ifdef HAVE_LDAP
|
||||
+/* simon@surf.org.uk LDAP auth 07/11/2000
|
||||
+ * Updated to 1.5.24 by SWH 09/12/2000
|
||||
+ * changed to use malloc and simplify the auth by Simon@surf.org.uk 10/21/2000
|
||||
+ */
|
||||
+
|
||||
+#define LDAP_SERVER "localhost"
|
||||
+#define LDAP_BASEDN "o=JOFA, c=UK"
|
||||
+#define LDAP_UIDATTR "uid"
|
||||
+
|
||||
+#ifndef TRUE
|
||||
+# define TRUE 1
|
||||
+# define FALSE 0
|
||||
+#endif
|
||||
+
|
||||
+static int ldap_isdigits(char *value)
|
||||
+{
|
||||
+ char *ptr;
|
||||
+ int num = TRUE;
|
||||
+
|
||||
+ for (ptr = value; *ptr != '\0' && num != FALSE; ptr++) {
|
||||
+ if (!isdigit(*ptr))
|
||||
+ num = FALSE;
|
||||
+ }
|
||||
+
|
||||
+ return num;
|
||||
+}
|
||||
+
|
||||
+static int ldap_verify_password(sasl_conn_t *conn,
|
||||
+ const char *userid,
|
||||
+ const char *password,
|
||||
+ const char *service __attribute__((unused)),
|
||||
+ const char *user_realm __attribute__((unused)),
|
||||
+ const char **reply)
|
||||
+{
|
||||
+
|
||||
+ LDAP *ld;
|
||||
+ char *dn,
|
||||
+ *ldap_server="",
|
||||
+ *ldap_basedn="",
|
||||
+ *ldap_uidattr="",
|
||||
+ *port_num="";
|
||||
+ int ldap_port = LDAP_PORT;
|
||||
+ sasl_getopt_t *getopt;
|
||||
+ void *context;
|
||||
+
|
||||
+ /* If the password is NULL, reject the login...
|
||||
+ * Otherwise the bind will succed as a reference bind. Not good...
|
||||
+ */
|
||||
+ if (!userid || !password)
|
||||
+ {
|
||||
+ return SASL_BADPARAM;
|
||||
+ }
|
||||
+
|
||||
+ if (reply) { *reply = NULL; }
|
||||
+
|
||||
+ /* check to see if the user configured a mysqluser/passwd/host/etc */
|
||||
+ if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) {
|
||||
+ getopt(context, NULL, "ldap_server", (const char **) &ldap_server, NULL);
|
||||
+ if (!ldap_server) ldap_server = LDAP_SERVER;
|
||||
+ getopt(context, NULL, "ldap_basedn", (const char **) &ldap_basedn, NULL);
|
||||
+ if (!ldap_basedn) {
|
||||
+ if (reply) { *reply = "ldap_basedn not defined"; }
|
||||
+ return SASL_BADPARAM;
|
||||
+ }
|
||||
+ getopt(context, NULL, "ldap_uidattr", (const char **) &ldap_uidattr, NULL);
|
||||
+ if (!ldap_uidattr) ldap_uidattr = LDAP_UIDATTR;
|
||||
+ getopt(context, NULL, "ldap_port", (const char **) &port_num, NULL);
|
||||
+ if (!port_num) {
|
||||
+ ldap_port = LDAP_PORT;
|
||||
+ } else if (!ldap_isdigits(port_num)) {
|
||||
+ if (reply) { *reply = "ldap_port - invalid value"; }
|
||||
+ return SASL_BADPARAM;
|
||||
+ } else {
|
||||
+ ldap_port = atoi(port_num);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ /* Open the LDAP connection. */
|
||||
+ if ((ld = ldap_open(ldap_server, ldap_port)) == NULL)
|
||||
+ {
|
||||
+ if (reply) { *reply = "cannot connect to LDAP server"; }
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+
|
||||
+ if ( (dn = (char *)malloc(strlen(ldap_uidattr)
|
||||
+ +strlen(userid)+strlen(ldap_basedn)+3)) == NULL ) {
|
||||
+ if (reply) { *reply = "cannnot allocate memory for ldap dn"; }
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+ /* Generate a dn that we will try and login with */
|
||||
+ sprintf(dn,"%s=%s,%s", ldap_uidattr,userid,ldap_basedn);
|
||||
+
|
||||
+ /*
|
||||
+ * Just try and bind with the dn we have been given
|
||||
+ * In most cases the basedn is correct.
|
||||
+ * If this is not so I have a version or that too
|
||||
+ * Simon@surf.org.uk
|
||||
+ */
|
||||
+ if (ldap_simple_bind_s(ld,dn,(char *)password) != LDAP_SUCCESS) {
|
||||
+ free(dn);
|
||||
+ ldap_unbind(ld);
|
||||
+ return SASL_BADAUTH;
|
||||
+ }
|
||||
+
|
||||
+ free(dn);
|
||||
+ ldap_unbind(ld);
|
||||
+ return SASL_OK;
|
||||
+}
|
||||
+
|
||||
+#endif /* HAVE_LDAP */
|
||||
+
|
||||
struct sasl_verify_password_s _sasl_verify_password[] = {
|
||||
{ "sasldb", &sasldb_verify_password },
|
||||
#ifdef HAVE_KRB
|
||||
@@ -921,6 +1165,12 @@
|
||||
#endif
|
||||
#ifdef HAVE_PWCHECK
|
||||
{ "pwcheck", &pwcheck_verify_password },
|
||||
+#endif
|
||||
+#ifdef HAVE_MYSQL
|
||||
+ { "mysql", &mysql_verify_password },
|
||||
+#endif
|
||||
+#ifdef HAVE_LDAP
|
||||
+ { "ldap", &ldap_verify_password },
|
||||
#endif
|
||||
{ NULL, NULL }
|
||||
};
|
@ -1,46 +0,0 @@
|
||||
--- doc/sysadmin.html.orig Wed Jul 12 21:59:51 2000
|
||||
+++ doc/sysadmin.html Fri Sep 15 20:56:28 2000
|
||||
@@ -171,6 +171,43 @@
|
||||
<dt><i>pwcheck</i><dd> checks passwords with the use of a seperate,
|
||||
helper daemon. <b>needs to be documented.</b><p>
|
||||
|
||||
+<dt><i>mysql</i><dd> A MySQL database can be used for plaintext
|
||||
+ password checking by setting "pwcheck_method" to "mysql".<p>
|
||||
+
|
||||
+ <p>The following SASL options are used for MySQL Authentication:<p>
|
||||
+
|
||||
+ <dl>
|
||||
+ <dd>mysql_user: <user></dd>
|
||||
+ <dd>mysql_passwd: <cleartext pw></dd>
|
||||
+ <dd>mysql_host: <host></dd>
|
||||
+ <dd>mysql_database: <database></dd>
|
||||
+ <dd>mysql_table: <table></dd>
|
||||
+ <dd>mysql_uidcol: <username col></dd>
|
||||
+ <dd>mysql_pwdcol: <password col></dd>
|
||||
+ </dl>
|
||||
+
|
||||
+ <p>MySQL pwcheck_method created by <a href="mailto:dmz@dmzs.com">David Matthew Zendzian</a>
|
||||
+ the original patch may be found at <a href="http://www.dmzs.com/~dmz/projects/cyrus/">http://www.dmzs.com/~dmz/projects/cyrus/</a>.<p>
|
||||
+
|
||||
+<dt><i>ldap</i><dd> A LDAP server can be used for plaintext password
|
||||
+ checking by setting "pwcheck_method" to "ldap".<p>
|
||||
+
|
||||
+ <p>The following SASL options are used for LDAP Authentication:<p>
|
||||
+
|
||||
+ <dl>
|
||||
+ <dd>ldap_server: <LDAP Server [localhost]>
|
||||
+ <dd>ldap_basedn: <LDAP base dn>
|
||||
+ <dd>ldap_uidattr: <LDAP uid attribute [uid]>
|
||||
+ <dd>ldap_port: <LDAP port [389]>
|
||||
+ </dl>
|
||||
+
|
||||
+ <p>It is a requirement that "ldap_basedn" be set to the appropriate
|
||||
+ value for your site<br>
|
||||
+ (ex. ldap_basedn: o=surf, c=UK)<p>
|
||||
+
|
||||
+ <p>LDAP pwcheck_method created by <a href="mailto:simon@surf.org.uk">Simon@surf.org.uk</a>
|
||||
+ the original patch may be found at <a href="http://www.surf.org.uk/">http://www.surf.org.uk/</a>.<p>
|
||||
+
|
||||
<dt><i>write your own</i><dd> Last, but not least, the most flexible
|
||||
method of authentication for PLAIN is to write your own. If you do
|
||||
so, any application that calls the "<tt>sasl_checkpass()</tt>"
|
@ -1,30 +0,0 @@
|
||||
--- plugins/kerberos4.c.orig Wed Apr 19 11:18:48 2000
|
||||
+++ plugins/kerberos4.c Sat Sep 16 18:49:20 2000
|
||||
@@ -696,8 +696,13 @@
|
||||
|
||||
/* decrypt; verify checksum */
|
||||
|
||||
+#ifdef __FreeBSD__
|
||||
+ des_pcbc_encrypt((const unsigned char *)in,
|
||||
+ (unsigned char *)in,
|
||||
+#else
|
||||
des_pcbc_encrypt((des_cblock *)in,
|
||||
(des_cblock *)in,
|
||||
+#endif
|
||||
clientinlen,
|
||||
text->init_keysched,
|
||||
&text->session,
|
||||
@@ -1192,8 +1197,13 @@
|
||||
}
|
||||
sout[len]=0;
|
||||
|
||||
+#ifdef __FreeBSD__
|
||||
+ des_pcbc_encrypt((const unsigned char *)sout,
|
||||
+ (unsigned char *)sout,
|
||||
+#else
|
||||
des_pcbc_encrypt((des_cblock *)sout,
|
||||
(des_cblock *)sout,
|
||||
+#endif
|
||||
len,
|
||||
text->init_keysched,
|
||||
(des_cblock *)text->session,
|
@ -1,11 +0,0 @@
|
||||
--- lib/common.c.orig Thu Dec 6 18:34:09 2001
|
||||
+++ lib/common.c Thu Dec 6 18:34:24 2001
|
||||
@@ -596,7 +596,7 @@
|
||||
}
|
||||
|
||||
/* do the syslog call. do not need to call openlog */
|
||||
- syslog(syslog_priority | LOG_AUTH, message);
|
||||
+ syslog(syslog_priority | LOG_AUTH, "%s", message);
|
||||
|
||||
return SASL_OK;
|
||||
}
|
@ -15,7 +15,13 @@ SASLDB_NAME=${PKG_PREFIX}/etc/%%SASLDB%%
|
||||
# delete sasldb database
|
||||
|
||||
delete_sasldb() {
|
||||
[ -f ${SASLDB_NAME} -a ! -s ${SASLDB_NAME} ] && rm ${SASLDB_NAME}
|
||||
if [ -f ${SASLDB_NAME} ] ; then
|
||||
if [ `${PKG_PREFIX}/sbin/sasldblistusers | wc -l` -eq 0 ] ; then
|
||||
rm ${SASLDB_NAME}
|
||||
else
|
||||
echo "WARNING: Users SASL passwords are in ${SASLDB_NAME}, keeping this file"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# This should really be uninstalled by Sendmail
|
||||
|
@ -73,7 +73,8 @@ create_user() {
|
||||
|
||||
create_sasldb() {
|
||||
if [ ! -f ${SASLDB_NAME} ]; then
|
||||
touch ${SASLDB_NAME}
|
||||
echo "test" | ${PKG_PREFIX}/sbin/saslpasswd -p -c cyrus
|
||||
${PKG_PREFIX}/sbin/saslpasswd -d cyrus
|
||||
chown cyrus:mail ${SASLDB_NAME}
|
||||
chmod 640 ${SASLDB_NAME}
|
||||
fi
|
||||
|
@ -1,15 +1,12 @@
|
||||
%%PREFIX%%/etc/%%SASLDB%% now needs to be created
|
||||
before applications that depend on SASL are used.
|
||||
|
||||
su cyrus
|
||||
%%PREFIX%%/sbin/saslpasswd -c userid
|
||||
|
||||
You will also need to start the pwcheck daemon:
|
||||
You may need to start the pwcheck daemon for authentication with
|
||||
the system password files:
|
||||
|
||||
%%PREFIX%%/etc/rc.d/pwcheck.sh start
|
||||
|
||||
Read the documentation in %%DOCSDIR%%
|
||||
or you can use sasldb for authentication, to add users use:
|
||||
|
||||
saslpasswd -c username
|
||||
|
||||
How to enable SMTP AUTH with system Sendmail 8.11 - Sendmail.README
|
||||
|
||||
How to use LDAP or MySQL for passwords - see html/sysadmin.html
|
||||
|
@ -33,9 +33,7 @@ lib/sasl/libplain.so
|
||||
lib/sasl/libplain.so.1
|
||||
sbin/sasldblistusers
|
||||
sbin/saslpasswd
|
||||
sbin/pwcheck_pwnam
|
||||
@exec ln %D/sbin/pwcheck_pwnam %D/sbin/pwcheck
|
||||
@unexec rm -f %D/sbin/pwcheck
|
||||
sbin/pwcheck
|
||||
%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
|
||||
%%PORTDOCS%%%%DOCSDIR%%/COPYING
|
||||
%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
|
||||
@ -44,13 +42,13 @@ sbin/pwcheck_pwnam
|
||||
%%PORTDOCS%%%%DOCSDIR%%/README
|
||||
%%PORTDOCS%%%%DOCSDIR%%/Sendmail.README
|
||||
%%PORTDOCS%%%%DOCSDIR%%/TODO
|
||||
%%PORTDOCS%%%%DOCSDIR%%/draft-leach-digest-sasl-05.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/draft-newman-auth-scram-03.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc1321.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc2095.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc2104.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc2222.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc2245.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc2831.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/gssapi.html
|
||||
%%PORTDOCS%%%%DOCSDIR%%/index.html
|
||||
%%PORTDOCS%%%%DOCSDIR%%/programming.html
|
||||
|
@ -1,51 +1,68 @@
|
||||
#!/bin/sh
|
||||
# $FreeBSD$
|
||||
|
||||
if [ -f ${WRKDIRPREFIX}${CURDIR}/Makefile.inc ]; then
|
||||
if [ -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc ]; then
|
||||
exit
|
||||
fi
|
||||
|
||||
SASLDB_NAME=sasldb.db
|
||||
|
||||
tempfile=`mktemp -t checklist`
|
||||
|
||||
if [ "${BATCH}" ]; then
|
||||
if [ "x${ENABLE_DB3}" = "xYES" ]; then
|
||||
OPTIONS=\"DB3\"
|
||||
if [ "${WITH_DB3}" ]; then
|
||||
OPTIONS="\"DB3\""
|
||||
else
|
||||
OPTIONS="\"NDBM\""
|
||||
fi
|
||||
if [ "x${ENABLE_MYSQL}" = "xYES" ]; then
|
||||
if [ "${WITH_JAVA}" ]; then
|
||||
OPTIONS="${OPTIONS} \"JAVA\""
|
||||
fi
|
||||
if [ "${WITH_MYSQL}" ]; then
|
||||
OPTIONS="${OPTIONS} \"MySQL\""
|
||||
fi
|
||||
if [ "x${ENABLE_LDAP}" = "xYES" ]; then
|
||||
OPTIONS="${OPTIONS} \"OpenLDAP\""
|
||||
if [ "${WITH_LDAP2}" ]; then
|
||||
OPTIONS="${OPTIONS} \"OpenLDAP2\""
|
||||
elif [ "${WITH_LDAP1}" ]; then
|
||||
OPTIONS="${OPTIONS} \"OpenLDAP1\""
|
||||
fi
|
||||
if [ "x${OPTIONS}" != "x" ]; then
|
||||
if [ "${OPTIONS}" != "x" ]; then
|
||||
set ${OPTIONS}
|
||||
fi
|
||||
else
|
||||
if [ "x${ENABLE_DB3}" = "xYES" -o -f ${PREFIX}/lib/libdb3.so ] ; then
|
||||
if [ "${WITH_DB3}" -o -f ${PREFIX}/lib/libdb3.so ] ; then
|
||||
SET_DB3="ON"
|
||||
SET_NDBM="OFF"
|
||||
else
|
||||
SET_DB3="OFF"
|
||||
SET_NDBM="ON"
|
||||
fi
|
||||
if [ "x${ENABLE_MYSQL}" = "xYES" -o -f ${PREFIX}/lib/mysql/libmysqlclient.so ] ; then
|
||||
if [ "${WITH_JAVA}" ] ; then
|
||||
SET_JAVA="ON"
|
||||
else
|
||||
SET_JAVA="OFF"
|
||||
fi
|
||||
if [ "${WITH_MYSQL}" -o -f ${PREFIX}/lib/mysql/libmysqlclient.so ] ; then
|
||||
SET_MYSQL="ON"
|
||||
else
|
||||
SET_MYSQL="OFF"
|
||||
fi
|
||||
if [ "x${ENABLE_LDAP}" = "xYES" -o \
|
||||
-f ${PREFIX}/lib/libldap.so -a -f ${PREFIX}/lib/liblber.so ] ; then
|
||||
SET_LDAP="ON"
|
||||
else
|
||||
SET_LDAP="OFF"
|
||||
|
||||
#Perfer LDAP2 over LDAP1
|
||||
SET_LDAP1="OFF"
|
||||
SET_LDAP2="OFF"
|
||||
if [ "${WITH_LDAP2}" -o -f ${PREFIX}/lib/libldap.so.2 -a -f ${PREFIX}/lib/liblber.so.2 ] ; then
|
||||
SET_LDAP2="ON"
|
||||
elif [ "${WITH_LDAP1}" -o -f ${PREFIX}/lib/libldap.so.1 -a -f ${PREFIX}/lib/liblber.so.1 ]; then
|
||||
SET_LDAP1="ON"
|
||||
fi
|
||||
|
||||
/usr/bin/dialog --title "Additional SASL options" --clear \
|
||||
--checklist "\n\
|
||||
Please select desired options:" -1 -1 16 \
|
||||
NDBM "ndbm DB package" ${SET_NDBM} \
|
||||
DB3 "Berkeley DB package, revision 3" ${SET_DB3} \
|
||||
MySQL "MySQL password Authentication" ${SET_MYSQL} \
|
||||
OpenLDAP "OpenLDAP password Authentication" ${SET_LDAP} \
|
||||
OpenLDAP1 "OpenLDAP 1.x support" ${SET_LDAP1} \
|
||||
OpenLDAP2 "OpenLDAP 2.x support" ${SET_LDAP2} \
|
||||
2> $tempfile
|
||||
|
||||
retval=$?
|
||||
@ -66,34 +83,83 @@ OpenLDAP "OpenLDAP password Authentication" ${SET_LDAP} \
|
||||
esac
|
||||
fi
|
||||
|
||||
${MKDIR} ${WRKDIRPREFIX}${CURDIR}
|
||||
exec > ${WRKDIRPREFIX}${CURDIR}/Makefile.inc
|
||||
${MKDIR} ${WRKDIRPREFIX}${REALCURDIR}
|
||||
exec > ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
|
||||
echo "PREFIX= ${PREFIX}"
|
||||
|
||||
while [ "$1" ]; do
|
||||
case $1 in
|
||||
\"NDBM\")
|
||||
if [ "${DBLIB}" ]; then
|
||||
echo "ndbm and db3 are mutually exclusive." > /dev/stderr
|
||||
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
exit 1
|
||||
fi
|
||||
echo "CONFIGURE_ARGS+= --with-dblib=ndbm"
|
||||
echo "SASLDB_NAME= sasldb.db"
|
||||
DBLIB=1
|
||||
;;
|
||||
\"DB3\")
|
||||
if [ "${DBLIB}" ]; then
|
||||
echo "ndbm and db3 are mutually exclusive." > /dev/stderr
|
||||
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
exit 1
|
||||
fi
|
||||
echo "LIB_DEPENDS+= db3.2:\${PORTSDIR}/databases/db3"
|
||||
echo "CONFIGURE_ARGS+= --with-dblib=berkeley"
|
||||
SASLDB_NAME=sasldb
|
||||
echo "SASLDB_NAME= sasldb"
|
||||
DBLIB=1
|
||||
;;
|
||||
\"JAVA\")
|
||||
echo "JAVA is disabled, Ignoring option" > /dev/stderr
|
||||
;;
|
||||
\"DISABLED\")
|
||||
echo "RUN_DEPENDS= \${LOCALBASE}/\${JAVADIR}/bin/java:\${PORTSDIR}/java/jdk"
|
||||
echo "CONFIGURE_ARGS+= --with-java \\"
|
||||
echo " --with-javabase=\${LOCALBASE}/include"
|
||||
echo "CONFIGURE_ENV+= JAVAC=\"\${LOCALBASE}/\${JAVADIR}/bin/javac\" \\"
|
||||
echo " JAVAH=\"\${LOCALBASE}/\${JAVADIR}/bin/javah" \\"
|
||||
echo " JAVADOC=\"\${LOCALBASE}/\${JAVADIR}/bin/javadoc\"
|
||||
;;
|
||||
\"MySQL\")
|
||||
echo "LIB_DEPENDS+= mysqlclient.10:\${PORTSDIR}/databases/mysql323-client"
|
||||
echo "CONFIGURE_ARGS+= --with-mysql=\${PREFIX}"
|
||||
MSG=1
|
||||
;;
|
||||
\"OpenLDAP\")
|
||||
\"OpenLDAP1\")
|
||||
if [ "$OPENLDAP2" ]; then
|
||||
echo "OpenLDAP1 and OpenLDAP2 are mutually exclusive." > /dev/stderr
|
||||
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
exit 1
|
||||
fi
|
||||
echo "LIB_DEPENDS+= ldap.1:\${PORTSDIR}/net/openldap"
|
||||
echo "LIB_DEPENDS+= lber.1:\${PORTSDIR}/net/openldap"
|
||||
echo "CONFIGURE_ARGS+= --with-ldap=\${PREFIX}"
|
||||
OPENLDAP1=1
|
||||
MSG=1
|
||||
;;
|
||||
\"OpenLDAP2\")
|
||||
if [ "$OPENLDAP1" ]; then
|
||||
echo "OpenLDAP1 and OpenLDAP2 are mutually exclusive." > /dev/stderr
|
||||
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
exit 1
|
||||
fi
|
||||
echo "LIB_DEPENDS+= ldap.2:\${PORTSDIR}/net/openldap2"
|
||||
echo "LIB_DEPENDS+= lber.2:\${PORTSDIR}/net/openldap2"
|
||||
echo "CONFIGURE_ARGS+= --with-ldap=\${PREFIX}"
|
||||
OPENLDAP2=1
|
||||
MSG=1
|
||||
;;
|
||||
*)
|
||||
echo "Invalid option(s): $*" > /dev/stderr
|
||||
rm -f ${WRKDIRPREFIX}${CURDIR}/Makefile.inc
|
||||
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
echo "SASLDB_NAME= ${SASLDB_NAME}"
|
||||
if [ "x${MSG}" != "x" ]; then
|
||||
echo "LDAP_MYSQL_MSG= \"See sysadmin.html in the Cyrus-SASL docs directory for informaion on using LDAP or MySQL for authentication.\""
|
||||
fi
|
||||
|
@ -6,15 +6,24 @@
|
||||
#
|
||||
|
||||
PORTNAME= cyrus-sasl
|
||||
PORTVERSION= 1.5.24
|
||||
PORTREVISION= 8
|
||||
CATEGORIES= security
|
||||
MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR% \
|
||||
PORTVERSION= 1.5.27
|
||||
PORTREVISION= 0
|
||||
CATEGORIES= security ipv6
|
||||
MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR%/ \
|
||||
http://prdownloads.sourceforge.net/cyrus-utils/ \
|
||||
http://www.surf.org.uk/downloads/ \
|
||||
ftp://ftp.westbend.net/pub/cyrus-mail/%SUBDIR%/ \
|
||||
${MASTER_SITE_SOURCEFORGE} \
|
||||
ftp://ftp.hanse.de/sites/transit/mirror/ftp.andrew.cmu.edu/pub/cyrus-mail/
|
||||
MASTER_SITE_SUBDIR= ./ OLD-VERSIONS/sasl/
|
||||
MASTER_SITE_SUBDIR= . OLD-VERSIONS/sasl cyrus-utils
|
||||
|
||||
PATCH_SITES= http://www.imasy.or.jp/~ume/ipv6/
|
||||
PATCHFILES= ${DISTNAME}-ipv6-20010321.diff.gz
|
||||
DISTFILES= ${DISTNAME}${EXTRACT_SUFX} \
|
||||
sasl-${PORTVERSION}-ldap-ssl-filter-mysql-patch3.tgz
|
||||
|
||||
PATCH_SITES= ftp://ftp.westbend.net/pub/cyrus-mail/contrib/ \
|
||||
http://www.imasy.or.jp/~ume/ipv6/
|
||||
PATCHFILES= sasl_apop_patch.gz \
|
||||
${DISTNAME}-ipv6-${IPV6_VER}.diff.gz
|
||||
|
||||
MAINTAINER= hetzels@westbend.net
|
||||
|
||||
@ -22,6 +31,9 @@ USE_OPENSSL= YES
|
||||
|
||||
INSTALLS_SHLIB= yes
|
||||
|
||||
# IPv6 Patch provided by Hajimu UMEMOTO <ume@mahoroba.org>
|
||||
IPV6_VER= 20020106
|
||||
|
||||
MAN3= sasl.3 sasl_authorize_t.3 sasl_callbacks.3 sasl_checkpass.3 \
|
||||
sasl_client_init.3 sasl_client_new.3 sasl_client_start.3 \
|
||||
sasl_client_step.3 sasl_decode.3 sasl_done.3 sasl_encode.3 \
|
||||
@ -43,32 +55,22 @@ CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc \
|
||||
--enable-static \
|
||||
--enable-login \
|
||||
--with-pwcheck=/var/pwcheck \
|
||||
--with-dblib=ndbm \
|
||||
--with-rc4=openssl
|
||||
|
||||
SCRIPTS_ENV= WRKDIRPREFIX="${WRKDIRPREFIX}" \
|
||||
PREFIX="${PREFIX}" \
|
||||
TOUCH="${TOUCH}" \
|
||||
MKDIR="${MKDIR}" \
|
||||
ENABLE_DB3="${ENABLE_DB3}" \
|
||||
ENABLE_MYSQL="${ENABLE_MYSQL}" \
|
||||
ENABLE_LDAP="${ENABLE_LDAP}"
|
||||
|
||||
# ENABLE_* variables can be used by depending ports to enable options.
|
||||
REALCURDIR="${.CURDIR}" \
|
||||
WITH_DB3="${WITH_DB3}" \
|
||||
WITH_JAVA="${WITH_JAVA}" \
|
||||
WITH_MYSQL="${WITH_MYSQL}" \
|
||||
WITH_LDAP1="${WITH_LDAP1}" \
|
||||
WITH_LDAP2="${WITH_LDAP2}"
|
||||
|
||||
# JavaSASL needs someone to look at to get it to build
|
||||
#JAVADIR= jdk1.1.8
|
||||
#JAVALIBDIR= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/
|
||||
|
||||
#.if defined(USE_JAVA) || exists(${LOCALBASE}/${JAVADIR}/bin/java)
|
||||
#BUILD_DEPENDS= ${LOCALBASE}/${JAVADIR}/bin/java:${PORTSDIR}/java/jdk
|
||||
#CONFIGURE_ARGS+= --with-java \
|
||||
# --with-javabase=${LOCALBASE}/include
|
||||
#
|
||||
#CONFIGURE_ENV= JAVAC="${LOCALBASE}/${JAVADIR}/bin/javac" \
|
||||
# JAVAH="${LOCALBASE}/${JAVADIR}/bin/javah" \
|
||||
# JAVADOC="${LOCALBASE}/${JAVADIR}/bin/javadoc"
|
||||
#.endif
|
||||
JAVADIR= jdk1.1.8
|
||||
JAVALIBDIR= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/
|
||||
|
||||
.if defined(KRB5_HOME) && exists(${KRB5_HOME})
|
||||
CONFIGURE_ARGS+= --enable-gssapi=${KRB5_HOME}
|
||||
@ -92,18 +94,13 @@ CONFIGURE_ENV+= LOCALBASE=${LOCALBASE} \
|
||||
|
||||
DOCS= AUTHORS COPYING ChangeLog INSTALL NEWS README TODO
|
||||
|
||||
DOC2= draft-leach-digest-sasl-05.txt \
|
||||
draft-newman-auth-scram-03.txt \
|
||||
rfc1321.txt rfc2095.txt rfc2104.txt \
|
||||
rfc2222.txt rfc2245.txt
|
||||
|
||||
HTDOCS= gssapi index programming sysadmin
|
||||
|
||||
PLIST_SUB= PREFIX=${PREFIX} \
|
||||
GSSAPI=${GSSAPI} \
|
||||
EBONES=${EBONES} \
|
||||
DOCSDIR=${DOCSDIR:S/^${PREFIX}\///} \
|
||||
|
||||
LDAP_MYSQL_PATCH= ldap-mysql_sasl/sasl-ldap+mysql.patch
|
||||
|
||||
PKGDEINSTALL= ${WRKDIR}/pkg-deinstall
|
||||
PKGINSTALL= ${WRKDIR}/pkg-install
|
||||
PKGMESSAGE= ${WRKDIR}/pkg-message
|
||||
@ -111,6 +108,14 @@ PKGMESSAGE= ${WRKDIR}/pkg-message
|
||||
pre-fetch:
|
||||
@${SETENV} ${SCRIPTS_ENV} ${SH} ${SCRIPTDIR}/configure.sasl
|
||||
|
||||
.if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc)
|
||||
.include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc"
|
||||
.endif
|
||||
|
||||
pre-patch:
|
||||
@(cd ${WRKSRC} && ${PATCH} -p1 < ${WRKDIR}/${LDAP_MYSQL_PATCH} && \
|
||||
${MV} configure.orig configure)
|
||||
|
||||
# Fix sasldb name in pkg-install/deinstall scripts
|
||||
post-patch:
|
||||
@${SED} -e "/%%SASLDB%%/s##${SASLDB_NAME}#g" \
|
||||
@ -119,8 +124,11 @@ post-patch:
|
||||
${.CURDIR}/pkg-deinstall > ${PKGDEINSTALL}
|
||||
@${SED} -e "/%%SASLDB%%/s##${SASLDB_NAME}#g" \
|
||||
-e "/%%PREFIX%%/s##${PREFIX}#g" \
|
||||
-e "/%%DOCSDIR%%/s##${DOCSDIR}#g" \
|
||||
${.CURDIR}/pkg-message > ${PKGMESSAGE}
|
||||
.ifdef LDAP_MYSQL_MSG
|
||||
@${ECHO} ${LDAP_MYSQL_MSG} | /usr/bin/fmt -w 67 >> ${PKGMESSAGE}
|
||||
@${ECHO} >> ${PKGMESSAGE}
|
||||
.endif
|
||||
|
||||
pre-configure:
|
||||
@(cd ${WRKSRC} && ${AUTOHEADER})
|
||||
@ -134,19 +142,16 @@ post-install:
|
||||
> ${PREFIX}/etc/rc.d/pwcheck.sh
|
||||
@${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh
|
||||
${INSTALL} -d -m 770 -o cyrus -g cyrus /var/pwcheck
|
||||
@${LN} ${PREFIX}/sbin/pwcheck ${PREFIX}/sbin/pwcheck_pwnam
|
||||
.if !defined(NOPORTDOCS)
|
||||
@${MKDIR} ${DOCSDIR}
|
||||
.for file in ${DOCS}
|
||||
@${INSTALL_DATA} ${WRKSRC}/${file} ${DOCSDIR}
|
||||
.endfor
|
||||
.for file in ${DOC2}
|
||||
@${INSTALL_DATA} ${WRKSRC}/doc/${file} ${DOCSDIR}
|
||||
.endfor
|
||||
(cd ${WRKSRC}/doc ; \
|
||||
for file in `make -V EXTRA_DIST` ; do \
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/$${file} ${DOCSDIR} ; \
|
||||
done)
|
||||
@${INSTALL_DATA} ${FILESDIR}/Sendmail.README ${DOCSDIR}
|
||||
.for file in ${HTDOCS}
|
||||
@${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${DOCSDIR}
|
||||
.endfor
|
||||
.endif
|
||||
@PKG_PREFIX=${PREFIX} BATCH=${BATCH} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
|
||||
@${CAT} ${PKGMESSAGE}
|
||||
@ -154,8 +159,8 @@ post-install:
|
||||
post-clean:
|
||||
@${RM} -f ${WRKDIRPREFIX}${.CURDIR}/Makefile.inc
|
||||
|
||||
.if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc)
|
||||
.include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc"
|
||||
.endif
|
||||
#if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc)
|
||||
#include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc"
|
||||
#endif
|
||||
|
||||
.include <bsd.port.mk>
|
||||
|
@ -1,2 +1,4 @@
|
||||
MD5 (cyrus-sasl-1.5.24.tar.gz) = ac3837c071c258b80021325936db2583
|
||||
MD5 (cyrus-sasl-1.5.24-ipv6-20010321.diff.gz) = a306953c91d9fbf2f4676ef394b38449
|
||||
MD5 (cyrus-sasl-1.5.27.tar.gz) = 76ea426e2e2da3b8d2e3a43af5488f3b
|
||||
MD5 (sasl-1.5.27-ldap-ssl-filter-mysql-patch3.tgz) = 19e6783c1f4095e265648d26c4679544
|
||||
MD5 (sasl_apop_patch.gz) = 6bf7a34b73d1c8d139d2269069d1ba4c
|
||||
MD5 (cyrus-sasl-1.5.27-ipv6-20020106.diff.gz) = b2956a084954a46ba2d751f56a80a275
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- configure.in.orig Thu Jul 20 21:35:01 2000
|
||||
+++ configure.in Thu Nov 16 09:07:00 2000
|
||||
--- configure.in.orig Tue Nov 27 11:45:28 2001
|
||||
+++ configure.in Tue Nov 27 12:49:28 2001
|
||||
@@ -66,8 +66,9 @@
|
||||
dnl check for -R, etc. switch
|
||||
CMU_GUESS_RUNPATH_SWITCH
|
||||
@ -12,10 +12,10 @@
|
||||
|
||||
AM_DISABLE_STATIC
|
||||
|
||||
@@ -232,6 +233,13 @@
|
||||
@@ -235,6 +236,13 @@
|
||||
berkeley)
|
||||
SASL_DB_BACKEND="db_${dblib}.lo"
|
||||
AC_DEFINE(SASL_BERKELEYDB)
|
||||
SASL_DB_LIB="-ldb"
|
||||
+ for db3loc in ${prefix} /usr/local /usr
|
||||
+ do
|
||||
+ if test -d ${db3loc}/include/db3; then
|
||||
@ -26,112 +26,3 @@
|
||||
;;
|
||||
*)
|
||||
AC_MSG_WARN([Disabling SASL authentication database support])
|
||||
@@ -310,6 +318,88 @@
|
||||
fi
|
||||
AM_CONDITIONAL(PWCHECK, test "$with_pwcheck" != no)
|
||||
|
||||
+dnl MySQL
|
||||
+AC_ARG_WITH(mysql, [ --with-mysql=PATH enable authentication from MySQL database [no] ],
|
||||
+ with_mysql=$withval,
|
||||
+ with_mysql=no)
|
||||
+
|
||||
+if test -z "$with_mysql"; then
|
||||
+ for mysqlloc in lib/mysql lib
|
||||
+ do
|
||||
+ if test -f ${prefix}/${mysqlloc}/libmysqlclient.a; then
|
||||
+ with_mysql="${prefix}"
|
||||
+ break
|
||||
+ elif test -f /usr/local/${mysqlloc}/libmysqlclient.a; then
|
||||
+ with_mysql="/usr/local"
|
||||
+ break
|
||||
+ elif test -f /usr/${mysqlloc}/libmysqlclient.a; then
|
||||
+ with_mysql="/usr"
|
||||
+ break
|
||||
+ fi
|
||||
+ done
|
||||
+fi
|
||||
+
|
||||
+LIB_MYSQL=""
|
||||
+case "$with_mysql" in
|
||||
+ no) true;;
|
||||
+ ""|yes) AC_CHECK_LIB(mysqlclient, mysql_select_db,
|
||||
+ AC_DEFINE(HAVE_MYSQL)
|
||||
+ LIB_MYSQL="-lmysqlclient",
|
||||
+ with_mysql=no);;
|
||||
+ *) if test -d ${with_mysql}/include/mysql; then
|
||||
+ CPPFLAGS="$CPPFLAGS -I${with_mysql}/include/mysql"
|
||||
+ else
|
||||
+ CPPFLAGS="$CPPFLAGS -I${with_mysql}/include"
|
||||
+ fi
|
||||
+ if test -d ${with_mysql}/lib/mysql; then
|
||||
+ LDFLAGS="$LDFLAGS -L${with_mysql}/lib/mysql"
|
||||
+ fi
|
||||
+ AC_DEFINE(HAVE_MYSQL)
|
||||
+ LIB_MYSQL="-lmysqlclient";;
|
||||
+esac
|
||||
+AC_SUBST(LIB_MYSQL)
|
||||
+
|
||||
+dnl LDAP
|
||||
+AC_ARG_WITH(ldap, [ --with-ldap=PATH enable authentication from LDAP [no] ],
|
||||
+ with_ldap=$withval,
|
||||
+ with_ldap=no)
|
||||
+
|
||||
+if test -z "$with_ldap"; then
|
||||
+ for ldaploc in lib/ldap lib
|
||||
+ do
|
||||
+ if test -f ${prefix}/${ldaploc}/libldap.a; then
|
||||
+ with_ldap="${prefix}"
|
||||
+ break
|
||||
+ elif test -f /usr/local/${ldaploc}/libldap.a; then
|
||||
+ with_ldap="/usr/local"
|
||||
+ break
|
||||
+ elif test -f /usr/${ldaploc}/libldap.a; then
|
||||
+ with_ldap="/usr"
|
||||
+ break
|
||||
+ fi
|
||||
+ done
|
||||
+fi
|
||||
+
|
||||
+LIB_LDAP=""
|
||||
+case "$with_ldap" in
|
||||
+ no) true;;
|
||||
+ ""|yes) AC_CHECK_LIB(ldap, ldap_open,
|
||||
+ AC_DEFINE(HAVE_LDAP)
|
||||
+ LIB_LDAP="-lldap -llber",
|
||||
+ with_ldap=no);;
|
||||
+ *) if test -d ${with_ldap}/include/ldap; then
|
||||
+ CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include/ldap"
|
||||
+ else
|
||||
+ CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include"
|
||||
+ fi
|
||||
+ if test -d ${with_ldap}/lib/ldap; then
|
||||
+ LDFLAGS="$LDFLAGS -L${with_ldap}/lib/ldap"
|
||||
+ fi
|
||||
+ AC_DEFINE(HAVE_LDAP)
|
||||
+ LIB_LDAP="-lldap -llber";;
|
||||
+esac
|
||||
+AC_SUBST(LIB_LDAP)
|
||||
+
|
||||
dnl CRAM-MD5
|
||||
AC_ARG_ENABLE(cram, [ --enable-cram enable CRAM-MD5 authentication [yes] ],
|
||||
cram=$enableval,
|
||||
@@ -434,11 +524,15 @@
|
||||
fi
|
||||
|
||||
if test "$with_des" != no; then
|
||||
+ case "$host_os" in
|
||||
+ freebsd*)
|
||||
+ COM_ERR="-lcom_err"
|
||||
+ ;;
|
||||
+ esac
|
||||
AC_CHECK_HEADER(krb.h,
|
||||
- AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="",
|
||||
- AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err",
|
||||
- AC_WARN(No Kerberos V4 found); krb4=no, -ldes -lcom_err),
|
||||
- -ldes),
|
||||
+ AC_CHECK_LIB(krb, krb_mk_priv,:,
|
||||
+ AC_WARN(No Kerberos V4 found); krb4=no,
|
||||
+ -ldes $COM_ERR),
|
||||
AC_WARN(No Kerberos V4 found); krb4=no)
|
||||
else
|
||||
AC_WARN(No DES library found for Kerberos V4 support)
|
||||
|
@ -1,15 +0,0 @@
|
||||
--- acconfig.h.orig Wed Jul 5 11:59:25 2000
|
||||
+++ acconfig.h Fri Sep 15 20:56:28 2000
|
||||
@@ -84,6 +84,12 @@
|
||||
/* do we have PAM for plaintext password checking? */
|
||||
#undef HAVE_PAM
|
||||
|
||||
+/* do we have MySQL for plaintext password checking? */
|
||||
+#undef HAVE_MYSQL
|
||||
+
|
||||
+/* do we have LDAP for plaintext password checking? */
|
||||
+#undef HAVE_LDAP
|
||||
+
|
||||
/* what flavor of GSSAPI are we using? */
|
||||
#undef HAVE_GSS_C_NT_HOSTBASED_SERVICE
|
||||
|
@ -1,9 +0,0 @@
|
||||
--- lib/Makefile.am.orig Thu Jul 20 21:35:02 2000
|
||||
+++ lib/Makefile.am Fri Sep 15 20:56:28 2000
|
||||
@@ -53,5 +53,5 @@
|
||||
EXTRA_libsasl_la_SOURCES = db_none.c db_ndbm.c db_gdbm.c db_berkeley.c db_testw32.c
|
||||
libsasl_la_LDFLAGS = -version-info $(sasl_version)
|
||||
libsasl_la_DEPENDENCIES = $(SASL_DB_BACKEND) @LTLIBOBJS@
|
||||
-libsasl_la_LIBADD = @LTLIBOBJS@ $(SASL_DB_BACKEND) $(SASL_DB_LIB) $(SASL_DL_LIB) $(PLAIN_LIBS)
|
||||
+libsasl_la_LIBADD = @LTLIBOBJS@ $(SASL_DB_BACKEND) $(SASL_DB_LIB) $(SASL_DL_LIB) $(PLAIN_LIBS) ${LIB_LDAP} ${LIB_MYSQL}
|
||||
# PLAIN_LIBS are linked in for sasl_checkpass
|
@ -1,321 +0,0 @@
|
||||
--- lib/checkpw.c.orig Wed Jul 19 20:24:13 2000
|
||||
+++ lib/checkpw.c Tue Oct 31 20:52:21 2000
|
||||
@@ -95,10 +95,19 @@
|
||||
#include <sys/un.h>
|
||||
#ifdef HAVE_UNISTD_H
|
||||
#include <unistd.h>
|
||||
-#endif
|
||||
+#endif /* HAVE_UNISTD_H */
|
||||
|
||||
extern int errno;
|
||||
-#endif
|
||||
+#endif /* HAVE_PWCHECK */
|
||||
+
|
||||
+#ifdef HAVE_MYSQL
|
||||
+#include <mysql.h>
|
||||
+#endif /* HAVE_MYSQL */
|
||||
+
|
||||
+#ifdef HAVE_LDAP
|
||||
+#include <lber.h>
|
||||
+#include <ldap.h>
|
||||
+#endif /* HAVE_LDAP */
|
||||
|
||||
#ifdef HAVE_KRB
|
||||
|
||||
@@ -170,12 +179,20 @@
|
||||
memcpy (&temp_key, "kerberos", 8);
|
||||
des_fixup_key_parity (&temp_key);
|
||||
des_key_sched (&temp_key, schedule);
|
||||
+#ifdef __FreeBSD__
|
||||
+ des_cbc_cksum ((const unsigned char *)password, &ivec, passlen, schedule, &ivec);
|
||||
+#else
|
||||
des_cbc_cksum ((des_cblock *)password, &ivec, passlen, schedule, &ivec);
|
||||
+#endif
|
||||
|
||||
memcpy (&temp_key, &ivec, sizeof temp_key);
|
||||
des_fixup_key_parity (&temp_key);
|
||||
des_key_sched (&temp_key, schedule);
|
||||
+#ifdef __FreeBSD__
|
||||
+ des_cbc_cksum ((const unsigned char *)password, key, passlen, schedule, &ivec);
|
||||
+#else
|
||||
des_cbc_cksum ((des_cblock *)password, key, passlen, schedule, &ivec);
|
||||
+#endif
|
||||
|
||||
des_fixup_key_parity (key);
|
||||
|
||||
@@ -210,10 +227,17 @@
|
||||
return (str);
|
||||
}
|
||||
|
||||
+#ifdef __FreeBSD__
|
||||
+static int use_key(const char *user __attribute__((unused)),
|
||||
+ char *instance __attribute__((unused)),
|
||||
+ const char *realm __attribute__((unused)),
|
||||
+ const void *key, des_cblock *returned_key)
|
||||
+#else
|
||||
static int use_key(char *user __attribute__((unused)),
|
||||
char *instance __attribute__((unused)),
|
||||
char *realm __attribute__((unused)),
|
||||
void *key, des_cblock *returned_key)
|
||||
+#endif
|
||||
{
|
||||
memcpy (returned_key, key, sizeof(des_cblock));
|
||||
return 0;
|
||||
@@ -838,7 +862,7 @@
|
||||
|
||||
|
||||
/* pwcheck daemon-authenticated login */
|
||||
-static int pwcheck_verify_password(sasl_conn_t *conn,
|
||||
+static int pwcheck_verify_password(sasl_conn_t *conn __attribute__((unused)),
|
||||
const char *userid,
|
||||
const char *passwd,
|
||||
const char *service __attribute__((unused)),
|
||||
@@ -853,8 +877,10 @@
|
||||
static char response[1024];
|
||||
int start, n;
|
||||
char pwpath[1024];
|
||||
+#if 0 /* Not used */
|
||||
sasl_getopt_t *getopt;
|
||||
void *context;
|
||||
+#endif
|
||||
|
||||
if (reply) { *reply = NULL; }
|
||||
|
||||
@@ -902,6 +928,224 @@
|
||||
|
||||
#endif
|
||||
|
||||
+#ifdef HAVE_MYSQL
|
||||
+/* DMZ mysql auth 12/29/1999
|
||||
+ * Updated to 1.5.24 by SWH 09/12/2000
|
||||
+ * changed to malloc qbuf Simon Loader 10/21/2000
|
||||
+ */
|
||||
+#ifdef USE_CRYPT_PASSWORD
|
||||
+#define QUERY_STRING "select %s from %s where %s = '%s' and %s = password('%s')"
|
||||
+#else
|
||||
+#define QUERY_STRING "select %s from %s where %s = '%s' and %s = '%s'"
|
||||
+#endif
|
||||
+
|
||||
+static int mysql_verify_password(sasl_conn_t *conn,
|
||||
+ const char *userid,
|
||||
+ const char *password,
|
||||
+ const char *service __attribute__((unused)),
|
||||
+ const char *user_realm __attribute__((unused)),
|
||||
+ const char **reply)
|
||||
+{
|
||||
+ unsigned int numrows;
|
||||
+ MYSQL mysql,*sock;
|
||||
+ MYSQL_RES *result;
|
||||
+ char *qbuf;
|
||||
+ char *db_user="",
|
||||
+ *db_passwd="",
|
||||
+ *db_host="",
|
||||
+ *db_uidcol="",
|
||||
+ *db_pwcol="",
|
||||
+ *db_database="",
|
||||
+ *db_table="";
|
||||
+ sasl_getopt_t *getopt;
|
||||
+ void *context;
|
||||
+
|
||||
+ if (!userid || !password) {
|
||||
+ return SASL_BADPARAM;
|
||||
+ }
|
||||
+ if (reply) { *reply = NULL; }
|
||||
+
|
||||
+ /* check to see if the user configured a mysqluser/passwd/host/etc */
|
||||
+ if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) {
|
||||
+ getopt(context, NULL, "mysql_user", (const char **) &db_user, NULL);
|
||||
+ if (!db_user) db_user = "";
|
||||
+ getopt(context, NULL, "mysql_passwd", (const char **) &db_passwd, NULL);
|
||||
+ if (!db_passwd) db_passwd = "";
|
||||
+ getopt(context, NULL, "mysql_host", (const char **) &db_host, NULL);
|
||||
+ if (!db_host) db_host = "";
|
||||
+ getopt(context, NULL, "mysql_database", (const char **) &db_database, NULL);
|
||||
+ if (!db_database) db_database = "";
|
||||
+ getopt(context, NULL, "mysql_table", (const char **) &db_table, NULL);
|
||||
+ if (!db_table) db_table = "";
|
||||
+ getopt(context, NULL, "mysql_uidcol", (const char **) &db_uidcol, NULL);
|
||||
+ if (!db_uidcol) db_uidcol = "";
|
||||
+ getopt(context, NULL, "mysql_pwdcol", (const char **) &db_pwcol, NULL);
|
||||
+ if (!db_pwcol) db_pwcol = "";
|
||||
+ }
|
||||
+
|
||||
+ if (!(sock = mysql_connect(&mysql,db_host,db_user,db_passwd)))
|
||||
+ {
|
||||
+ if (reply) { *reply = "cannot connect to MySQL server"; }
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+
|
||||
+ if (mysql_select_db(sock,db_database) < 0)
|
||||
+ {
|
||||
+ mysql_close(sock);
|
||||
+ if (reply) { *reply = "cannot select MySQL database"; }
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+ /* select DB_UIDCOL from DB_TABLE where DB_UIDCOL = 'userid' AND DB_PWCOL = password('password') */
|
||||
+ if ( (qbuf = (char *)malloc(strlen(QUERY_STRING)+strlen(db_uidcol)
|
||||
+ +strlen(db_table)+strlen(db_uidcol)
|
||||
+ +strlen(userid)+strlen(db_pwcol)
|
||||
+ +strlen(password)+1)) == NULL ) {
|
||||
+ if (reply) { *reply = "cannot malloc memory for sql query"; }
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+ sprintf(qbuf,QUERY_STRING,db_uidcol,db_table,db_uidcol,userid,db_pwcol,password);
|
||||
+ if (mysql_query(sock,qbuf) < 0 || !(result=mysql_store_result(sock)))
|
||||
+ {
|
||||
+ free(qbuf);
|
||||
+ mysql_close(sock);
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+
|
||||
+ if (result) //There were some rows found
|
||||
+ {
|
||||
+ if ((numrows = mysql_affected_rows(&mysql)) != 1)
|
||||
+ {
|
||||
+ mysql_free_result(result);
|
||||
+ mysql_close(sock);
|
||||
+ if ((numrows > 1) && (reply)) { *reply = "Detected duplicate entries for user"; }
|
||||
+ free(qbuf);
|
||||
+ return SASL_BADAUTH;
|
||||
+ } else {
|
||||
+ free(qbuf);
|
||||
+ mysql_free_result(result);
|
||||
+ mysql_close(sock);
|
||||
+ return SASL_OK;
|
||||
+ }
|
||||
+ }
|
||||
+ free(qbuf);
|
||||
+ mysql_free_result(result);
|
||||
+ mysql_close(sock);
|
||||
+ return SASL_BADAUTH;
|
||||
+}
|
||||
+#endif /* HAVE_MYSQL */
|
||||
+
|
||||
+#ifdef HAVE_LDAP
|
||||
+/* simon@surf.org.uk LDAP auth 07/11/2000
|
||||
+ * Updated to 1.5.24 by SWH 09/12/2000
|
||||
+ * changed to use malloc and simplify the auth by Simon@surf.org.uk 10/21/2000
|
||||
+ */
|
||||
+
|
||||
+#define LDAP_SERVER "localhost"
|
||||
+#define LDAP_BASEDN "o=JOFA, c=UK"
|
||||
+#define LDAP_UIDATTR "uid"
|
||||
+
|
||||
+#ifndef TRUE
|
||||
+# define TRUE 1
|
||||
+# define FALSE 0
|
||||
+#endif
|
||||
+
|
||||
+static int ldap_isdigits(char *value)
|
||||
+{
|
||||
+ char *ptr;
|
||||
+ int num = TRUE;
|
||||
+
|
||||
+ for (ptr = value; *ptr != '\0' && num != FALSE; ptr++) {
|
||||
+ if (!isdigit(*ptr))
|
||||
+ num = FALSE;
|
||||
+ }
|
||||
+
|
||||
+ return num;
|
||||
+}
|
||||
+
|
||||
+static int ldap_verify_password(sasl_conn_t *conn,
|
||||
+ const char *userid,
|
||||
+ const char *password,
|
||||
+ const char *service __attribute__((unused)),
|
||||
+ const char *user_realm __attribute__((unused)),
|
||||
+ const char **reply)
|
||||
+{
|
||||
+
|
||||
+ LDAP *ld;
|
||||
+ char *dn,
|
||||
+ *ldap_server="",
|
||||
+ *ldap_basedn="",
|
||||
+ *ldap_uidattr="",
|
||||
+ *port_num="";
|
||||
+ int ldap_port = LDAP_PORT;
|
||||
+ sasl_getopt_t *getopt;
|
||||
+ void *context;
|
||||
+
|
||||
+ /* If the password is NULL, reject the login...
|
||||
+ * Otherwise the bind will succed as a reference bind. Not good...
|
||||
+ */
|
||||
+ if (!userid || !password)
|
||||
+ {
|
||||
+ return SASL_BADPARAM;
|
||||
+ }
|
||||
+
|
||||
+ if (reply) { *reply = NULL; }
|
||||
+
|
||||
+ /* check to see if the user configured a mysqluser/passwd/host/etc */
|
||||
+ if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) {
|
||||
+ getopt(context, NULL, "ldap_server", (const char **) &ldap_server, NULL);
|
||||
+ if (!ldap_server) ldap_server = LDAP_SERVER;
|
||||
+ getopt(context, NULL, "ldap_basedn", (const char **) &ldap_basedn, NULL);
|
||||
+ if (!ldap_basedn) {
|
||||
+ if (reply) { *reply = "ldap_basedn not defined"; }
|
||||
+ return SASL_BADPARAM;
|
||||
+ }
|
||||
+ getopt(context, NULL, "ldap_uidattr", (const char **) &ldap_uidattr, NULL);
|
||||
+ if (!ldap_uidattr) ldap_uidattr = LDAP_UIDATTR;
|
||||
+ getopt(context, NULL, "ldap_port", (const char **) &port_num, NULL);
|
||||
+ if (!port_num) {
|
||||
+ ldap_port = LDAP_PORT;
|
||||
+ } else if (!ldap_isdigits(port_num)) {
|
||||
+ if (reply) { *reply = "ldap_port - invalid value"; }
|
||||
+ return SASL_BADPARAM;
|
||||
+ } else {
|
||||
+ ldap_port = atoi(port_num);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ /* Open the LDAP connection. */
|
||||
+ if ((ld = ldap_open(ldap_server, ldap_port)) == NULL)
|
||||
+ {
|
||||
+ if (reply) { *reply = "cannot connect to LDAP server"; }
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+
|
||||
+ if ( (dn = (char *)malloc(strlen(ldap_uidattr)
|
||||
+ +strlen(userid)+strlen(ldap_basedn)+3)) == NULL ) {
|
||||
+ if (reply) { *reply = "cannnot allocate memory for ldap dn"; }
|
||||
+ return SASL_FAIL;
|
||||
+ }
|
||||
+ /* Generate a dn that we will try and login with */
|
||||
+ sprintf(dn,"%s=%s,%s", ldap_uidattr,userid,ldap_basedn);
|
||||
+
|
||||
+ /*
|
||||
+ * Just try and bind with the dn we have been given
|
||||
+ * In most cases the basedn is correct.
|
||||
+ * If this is not so I have a version or that too
|
||||
+ * Simon@surf.org.uk
|
||||
+ */
|
||||
+ if (ldap_simple_bind_s(ld,dn,(char *)password) != LDAP_SUCCESS) {
|
||||
+ free(dn);
|
||||
+ ldap_unbind(ld);
|
||||
+ return SASL_BADAUTH;
|
||||
+ }
|
||||
+
|
||||
+ free(dn);
|
||||
+ ldap_unbind(ld);
|
||||
+ return SASL_OK;
|
||||
+}
|
||||
+
|
||||
+#endif /* HAVE_LDAP */
|
||||
+
|
||||
struct sasl_verify_password_s _sasl_verify_password[] = {
|
||||
{ "sasldb", &sasldb_verify_password },
|
||||
#ifdef HAVE_KRB
|
||||
@@ -921,6 +1165,12 @@
|
||||
#endif
|
||||
#ifdef HAVE_PWCHECK
|
||||
{ "pwcheck", &pwcheck_verify_password },
|
||||
+#endif
|
||||
+#ifdef HAVE_MYSQL
|
||||
+ { "mysql", &mysql_verify_password },
|
||||
+#endif
|
||||
+#ifdef HAVE_LDAP
|
||||
+ { "ldap", &ldap_verify_password },
|
||||
#endif
|
||||
{ NULL, NULL }
|
||||
};
|
@ -1,46 +0,0 @@
|
||||
--- doc/sysadmin.html.orig Wed Jul 12 21:59:51 2000
|
||||
+++ doc/sysadmin.html Fri Sep 15 20:56:28 2000
|
||||
@@ -171,6 +171,43 @@
|
||||
<dt><i>pwcheck</i><dd> checks passwords with the use of a seperate,
|
||||
helper daemon. <b>needs to be documented.</b><p>
|
||||
|
||||
+<dt><i>mysql</i><dd> A MySQL database can be used for plaintext
|
||||
+ password checking by setting "pwcheck_method" to "mysql".<p>
|
||||
+
|
||||
+ <p>The following SASL options are used for MySQL Authentication:<p>
|
||||
+
|
||||
+ <dl>
|
||||
+ <dd>mysql_user: <user></dd>
|
||||
+ <dd>mysql_passwd: <cleartext pw></dd>
|
||||
+ <dd>mysql_host: <host></dd>
|
||||
+ <dd>mysql_database: <database></dd>
|
||||
+ <dd>mysql_table: <table></dd>
|
||||
+ <dd>mysql_uidcol: <username col></dd>
|
||||
+ <dd>mysql_pwdcol: <password col></dd>
|
||||
+ </dl>
|
||||
+
|
||||
+ <p>MySQL pwcheck_method created by <a href="mailto:dmz@dmzs.com">David Matthew Zendzian</a>
|
||||
+ the original patch may be found at <a href="http://www.dmzs.com/~dmz/projects/cyrus/">http://www.dmzs.com/~dmz/projects/cyrus/</a>.<p>
|
||||
+
|
||||
+<dt><i>ldap</i><dd> A LDAP server can be used for plaintext password
|
||||
+ checking by setting "pwcheck_method" to "ldap".<p>
|
||||
+
|
||||
+ <p>The following SASL options are used for LDAP Authentication:<p>
|
||||
+
|
||||
+ <dl>
|
||||
+ <dd>ldap_server: <LDAP Server [localhost]>
|
||||
+ <dd>ldap_basedn: <LDAP base dn>
|
||||
+ <dd>ldap_uidattr: <LDAP uid attribute [uid]>
|
||||
+ <dd>ldap_port: <LDAP port [389]>
|
||||
+ </dl>
|
||||
+
|
||||
+ <p>It is a requirement that "ldap_basedn" be set to the appropriate
|
||||
+ value for your site<br>
|
||||
+ (ex. ldap_basedn: o=surf, c=UK)<p>
|
||||
+
|
||||
+ <p>LDAP pwcheck_method created by <a href="mailto:simon@surf.org.uk">Simon@surf.org.uk</a>
|
||||
+ the original patch may be found at <a href="http://www.surf.org.uk/">http://www.surf.org.uk/</a>.<p>
|
||||
+
|
||||
<dt><i>write your own</i><dd> Last, but not least, the most flexible
|
||||
method of authentication for PLAIN is to write your own. If you do
|
||||
so, any application that calls the "<tt>sasl_checkpass()</tt>"
|
@ -1,30 +0,0 @@
|
||||
--- plugins/kerberos4.c.orig Wed Apr 19 11:18:48 2000
|
||||
+++ plugins/kerberos4.c Sat Sep 16 18:49:20 2000
|
||||
@@ -696,8 +696,13 @@
|
||||
|
||||
/* decrypt; verify checksum */
|
||||
|
||||
+#ifdef __FreeBSD__
|
||||
+ des_pcbc_encrypt((const unsigned char *)in,
|
||||
+ (unsigned char *)in,
|
||||
+#else
|
||||
des_pcbc_encrypt((des_cblock *)in,
|
||||
(des_cblock *)in,
|
||||
+#endif
|
||||
clientinlen,
|
||||
text->init_keysched,
|
||||
&text->session,
|
||||
@@ -1192,8 +1197,13 @@
|
||||
}
|
||||
sout[len]=0;
|
||||
|
||||
+#ifdef __FreeBSD__
|
||||
+ des_pcbc_encrypt((const unsigned char *)sout,
|
||||
+ (unsigned char *)sout,
|
||||
+#else
|
||||
des_pcbc_encrypt((des_cblock *)sout,
|
||||
(des_cblock *)sout,
|
||||
+#endif
|
||||
len,
|
||||
text->init_keysched,
|
||||
(des_cblock *)text->session,
|
@ -1,11 +0,0 @@
|
||||
--- lib/common.c.orig Thu Dec 6 18:34:09 2001
|
||||
+++ lib/common.c Thu Dec 6 18:34:24 2001
|
||||
@@ -596,7 +596,7 @@
|
||||
}
|
||||
|
||||
/* do the syslog call. do not need to call openlog */
|
||||
- syslog(syslog_priority | LOG_AUTH, message);
|
||||
+ syslog(syslog_priority | LOG_AUTH, "%s", message);
|
||||
|
||||
return SASL_OK;
|
||||
}
|
@ -15,7 +15,13 @@ SASLDB_NAME=${PKG_PREFIX}/etc/%%SASLDB%%
|
||||
# delete sasldb database
|
||||
|
||||
delete_sasldb() {
|
||||
[ -f ${SASLDB_NAME} -a ! -s ${SASLDB_NAME} ] && rm ${SASLDB_NAME}
|
||||
if [ -f ${SASLDB_NAME} ] ; then
|
||||
if [ `${PKG_PREFIX}/sbin/sasldblistusers | wc -l` -eq 0 ] ; then
|
||||
rm ${SASLDB_NAME}
|
||||
else
|
||||
echo "WARNING: Users SASL passwords are in ${SASLDB_NAME}, keeping this file"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# This should really be uninstalled by Sendmail
|
||||
|
@ -73,7 +73,8 @@ create_user() {
|
||||
|
||||
create_sasldb() {
|
||||
if [ ! -f ${SASLDB_NAME} ]; then
|
||||
touch ${SASLDB_NAME}
|
||||
echo "test" | ${PKG_PREFIX}/sbin/saslpasswd -p -c cyrus
|
||||
${PKG_PREFIX}/sbin/saslpasswd -d cyrus
|
||||
chown cyrus:mail ${SASLDB_NAME}
|
||||
chmod 640 ${SASLDB_NAME}
|
||||
fi
|
||||
|
@ -1,15 +1,12 @@
|
||||
%%PREFIX%%/etc/%%SASLDB%% now needs to be created
|
||||
before applications that depend on SASL are used.
|
||||
|
||||
su cyrus
|
||||
%%PREFIX%%/sbin/saslpasswd -c userid
|
||||
|
||||
You will also need to start the pwcheck daemon:
|
||||
You may need to start the pwcheck daemon for authentication with
|
||||
the system password files:
|
||||
|
||||
%%PREFIX%%/etc/rc.d/pwcheck.sh start
|
||||
|
||||
Read the documentation in %%DOCSDIR%%
|
||||
or you can use sasldb for authentication, to add users use:
|
||||
|
||||
saslpasswd -c username
|
||||
|
||||
How to enable SMTP AUTH with system Sendmail 8.11 - Sendmail.README
|
||||
|
||||
How to use LDAP or MySQL for passwords - see html/sysadmin.html
|
||||
|
@ -33,9 +33,7 @@ lib/sasl/libplain.so
|
||||
lib/sasl/libplain.so.1
|
||||
sbin/sasldblistusers
|
||||
sbin/saslpasswd
|
||||
sbin/pwcheck_pwnam
|
||||
@exec ln %D/sbin/pwcheck_pwnam %D/sbin/pwcheck
|
||||
@unexec rm -f %D/sbin/pwcheck
|
||||
sbin/pwcheck
|
||||
%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
|
||||
%%PORTDOCS%%%%DOCSDIR%%/COPYING
|
||||
%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
|
||||
@ -44,13 +42,13 @@ sbin/pwcheck_pwnam
|
||||
%%PORTDOCS%%%%DOCSDIR%%/README
|
||||
%%PORTDOCS%%%%DOCSDIR%%/Sendmail.README
|
||||
%%PORTDOCS%%%%DOCSDIR%%/TODO
|
||||
%%PORTDOCS%%%%DOCSDIR%%/draft-leach-digest-sasl-05.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/draft-newman-auth-scram-03.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc1321.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc2095.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc2104.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc2222.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc2245.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/rfc2831.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/gssapi.html
|
||||
%%PORTDOCS%%%%DOCSDIR%%/index.html
|
||||
%%PORTDOCS%%%%DOCSDIR%%/programming.html
|
||||
|
@ -1,51 +1,68 @@
|
||||
#!/bin/sh
|
||||
# $FreeBSD$
|
||||
|
||||
if [ -f ${WRKDIRPREFIX}${CURDIR}/Makefile.inc ]; then
|
||||
if [ -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc ]; then
|
||||
exit
|
||||
fi
|
||||
|
||||
SASLDB_NAME=sasldb.db
|
||||
|
||||
tempfile=`mktemp -t checklist`
|
||||
|
||||
if [ "${BATCH}" ]; then
|
||||
if [ "x${ENABLE_DB3}" = "xYES" ]; then
|
||||
OPTIONS=\"DB3\"
|
||||
if [ "${WITH_DB3}" ]; then
|
||||
OPTIONS="\"DB3\""
|
||||
else
|
||||
OPTIONS="\"NDBM\""
|
||||
fi
|
||||
if [ "x${ENABLE_MYSQL}" = "xYES" ]; then
|
||||
if [ "${WITH_JAVA}" ]; then
|
||||
OPTIONS="${OPTIONS} \"JAVA\""
|
||||
fi
|
||||
if [ "${WITH_MYSQL}" ]; then
|
||||
OPTIONS="${OPTIONS} \"MySQL\""
|
||||
fi
|
||||
if [ "x${ENABLE_LDAP}" = "xYES" ]; then
|
||||
OPTIONS="${OPTIONS} \"OpenLDAP\""
|
||||
if [ "${WITH_LDAP2}" ]; then
|
||||
OPTIONS="${OPTIONS} \"OpenLDAP2\""
|
||||
elif [ "${WITH_LDAP1}" ]; then
|
||||
OPTIONS="${OPTIONS} \"OpenLDAP1\""
|
||||
fi
|
||||
if [ "x${OPTIONS}" != "x" ]; then
|
||||
if [ "${OPTIONS}" != "x" ]; then
|
||||
set ${OPTIONS}
|
||||
fi
|
||||
else
|
||||
if [ "x${ENABLE_DB3}" = "xYES" -o -f ${PREFIX}/lib/libdb3.so ] ; then
|
||||
if [ "${WITH_DB3}" -o -f ${PREFIX}/lib/libdb3.so ] ; then
|
||||
SET_DB3="ON"
|
||||
SET_NDBM="OFF"
|
||||
else
|
||||
SET_DB3="OFF"
|
||||
SET_NDBM="ON"
|
||||
fi
|
||||
if [ "x${ENABLE_MYSQL}" = "xYES" -o -f ${PREFIX}/lib/mysql/libmysqlclient.so ] ; then
|
||||
if [ "${WITH_JAVA}" ] ; then
|
||||
SET_JAVA="ON"
|
||||
else
|
||||
SET_JAVA="OFF"
|
||||
fi
|
||||
if [ "${WITH_MYSQL}" -o -f ${PREFIX}/lib/mysql/libmysqlclient.so ] ; then
|
||||
SET_MYSQL="ON"
|
||||
else
|
||||
SET_MYSQL="OFF"
|
||||
fi
|
||||
if [ "x${ENABLE_LDAP}" = "xYES" -o \
|
||||
-f ${PREFIX}/lib/libldap.so -a -f ${PREFIX}/lib/liblber.so ] ; then
|
||||
SET_LDAP="ON"
|
||||
else
|
||||
SET_LDAP="OFF"
|
||||
|
||||
#Perfer LDAP2 over LDAP1
|
||||
SET_LDAP1="OFF"
|
||||
SET_LDAP2="OFF"
|
||||
if [ "${WITH_LDAP2}" -o -f ${PREFIX}/lib/libldap.so.2 -a -f ${PREFIX}/lib/liblber.so.2 ] ; then
|
||||
SET_LDAP2="ON"
|
||||
elif [ "${WITH_LDAP1}" -o -f ${PREFIX}/lib/libldap.so.1 -a -f ${PREFIX}/lib/liblber.so.1 ]; then
|
||||
SET_LDAP1="ON"
|
||||
fi
|
||||
|
||||
/usr/bin/dialog --title "Additional SASL options" --clear \
|
||||
--checklist "\n\
|
||||
Please select desired options:" -1 -1 16 \
|
||||
NDBM "ndbm DB package" ${SET_NDBM} \
|
||||
DB3 "Berkeley DB package, revision 3" ${SET_DB3} \
|
||||
MySQL "MySQL password Authentication" ${SET_MYSQL} \
|
||||
OpenLDAP "OpenLDAP password Authentication" ${SET_LDAP} \
|
||||
OpenLDAP1 "OpenLDAP 1.x support" ${SET_LDAP1} \
|
||||
OpenLDAP2 "OpenLDAP 2.x support" ${SET_LDAP2} \
|
||||
2> $tempfile
|
||||
|
||||
retval=$?
|
||||
@ -66,34 +83,83 @@ OpenLDAP "OpenLDAP password Authentication" ${SET_LDAP} \
|
||||
esac
|
||||
fi
|
||||
|
||||
${MKDIR} ${WRKDIRPREFIX}${CURDIR}
|
||||
exec > ${WRKDIRPREFIX}${CURDIR}/Makefile.inc
|
||||
${MKDIR} ${WRKDIRPREFIX}${REALCURDIR}
|
||||
exec > ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
|
||||
echo "PREFIX= ${PREFIX}"
|
||||
|
||||
while [ "$1" ]; do
|
||||
case $1 in
|
||||
\"NDBM\")
|
||||
if [ "${DBLIB}" ]; then
|
||||
echo "ndbm and db3 are mutually exclusive." > /dev/stderr
|
||||
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
exit 1
|
||||
fi
|
||||
echo "CONFIGURE_ARGS+= --with-dblib=ndbm"
|
||||
echo "SASLDB_NAME= sasldb.db"
|
||||
DBLIB=1
|
||||
;;
|
||||
\"DB3\")
|
||||
if [ "${DBLIB}" ]; then
|
||||
echo "ndbm and db3 are mutually exclusive." > /dev/stderr
|
||||
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
exit 1
|
||||
fi
|
||||
echo "LIB_DEPENDS+= db3.2:\${PORTSDIR}/databases/db3"
|
||||
echo "CONFIGURE_ARGS+= --with-dblib=berkeley"
|
||||
SASLDB_NAME=sasldb
|
||||
echo "SASLDB_NAME= sasldb"
|
||||
DBLIB=1
|
||||
;;
|
||||
\"JAVA\")
|
||||
echo "JAVA is disabled, Ignoring option" > /dev/stderr
|
||||
;;
|
||||
\"DISABLED\")
|
||||
echo "RUN_DEPENDS= \${LOCALBASE}/\${JAVADIR}/bin/java:\${PORTSDIR}/java/jdk"
|
||||
echo "CONFIGURE_ARGS+= --with-java \\"
|
||||
echo " --with-javabase=\${LOCALBASE}/include"
|
||||
echo "CONFIGURE_ENV+= JAVAC=\"\${LOCALBASE}/\${JAVADIR}/bin/javac\" \\"
|
||||
echo " JAVAH=\"\${LOCALBASE}/\${JAVADIR}/bin/javah" \\"
|
||||
echo " JAVADOC=\"\${LOCALBASE}/\${JAVADIR}/bin/javadoc\"
|
||||
;;
|
||||
\"MySQL\")
|
||||
echo "LIB_DEPENDS+= mysqlclient.10:\${PORTSDIR}/databases/mysql323-client"
|
||||
echo "CONFIGURE_ARGS+= --with-mysql=\${PREFIX}"
|
||||
MSG=1
|
||||
;;
|
||||
\"OpenLDAP\")
|
||||
\"OpenLDAP1\")
|
||||
if [ "$OPENLDAP2" ]; then
|
||||
echo "OpenLDAP1 and OpenLDAP2 are mutually exclusive." > /dev/stderr
|
||||
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
exit 1
|
||||
fi
|
||||
echo "LIB_DEPENDS+= ldap.1:\${PORTSDIR}/net/openldap"
|
||||
echo "LIB_DEPENDS+= lber.1:\${PORTSDIR}/net/openldap"
|
||||
echo "CONFIGURE_ARGS+= --with-ldap=\${PREFIX}"
|
||||
OPENLDAP1=1
|
||||
MSG=1
|
||||
;;
|
||||
\"OpenLDAP2\")
|
||||
if [ "$OPENLDAP1" ]; then
|
||||
echo "OpenLDAP1 and OpenLDAP2 are mutually exclusive." > /dev/stderr
|
||||
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
exit 1
|
||||
fi
|
||||
echo "LIB_DEPENDS+= ldap.2:\${PORTSDIR}/net/openldap2"
|
||||
echo "LIB_DEPENDS+= lber.2:\${PORTSDIR}/net/openldap2"
|
||||
echo "CONFIGURE_ARGS+= --with-ldap=\${PREFIX}"
|
||||
OPENLDAP2=1
|
||||
MSG=1
|
||||
;;
|
||||
*)
|
||||
echo "Invalid option(s): $*" > /dev/stderr
|
||||
rm -f ${WRKDIRPREFIX}${CURDIR}/Makefile.inc
|
||||
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
echo "SASLDB_NAME= ${SASLDB_NAME}"
|
||||
if [ "x${MSG}" != "x" ]; then
|
||||
echo "LDAP_MYSQL_MSG= \"See sysadmin.html in the Cyrus-SASL docs directory for informaion on using LDAP or MySQL for authentication.\""
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user