SECURITY update to cyrus-sasl-2.1.28.

security/cyrus-sasl2/Makefile

@@ -1,15 +1,27 @@
-# $OpenBSD: Makefile,v 1.111 2022/01/10 23:58:49 daniel Exp $
+# $OpenBSD: Makefile,v 1.112 2022/02/24 08:33:56 ajacoutot Exp $
 
 # XXX merge this patch and rid of the dot.la files?
 https://git.archlinux.org/svntogit/packages.git/tree/trunk/0030-dont_use_la_files_for_opening_plugins.patch?h=packages/cyrus-sasl
 
 COMMENT=		RFC 2222 SASL (Simple Authentication and Security Layer)
 
-V=			2.1.27
+V=			2.1.28
 DISTNAME=		cyrus-sasl-${V}
-REVISION=		3
 
 SHARED_LIBS +=  sasl2                3.1      # 3.0
+SHARED_LIBS +=	anonymous                 0.0 # 3.0
+SHARED_LIBS +=	crammd5                   0.0 # 3.0
+SHARED_LIBS +=	digestmd5                 0.0 # 3.0
+SHARED_LIBS +=	gs2                       0.0 # 3.0
+SHARED_LIBS +=	gssapiv2                  0.0 # 3.0
+SHARED_LIBS +=	ldapdb                    0.0 # 3.0
+SHARED_LIBS +=	login                     0.0 # 3.0
+SHARED_LIBS +=	ntlm                      0.0 # 3.0
+SHARED_LIBS +=	otp                       0.0 # 3.0
+SHARED_LIBS +=	plain                     0.0 # 3.0
+SHARED_LIBS +=	sasldb                    0.0 # 3.0
+SHARED_LIBS +=	scram                     0.0 # 3.0
+SHARED_LIBS +=	sql                       0.0 # 3.0
 
 CATEGORIES=		security
 
@@ -65,6 +77,7 @@ CONFIGURE_ARGS +=	--with-dblib=ndbm \
 .if ${FLAVOR:Mgssapi}
 CONFIGURE_ARGS +=	--enable-gssapi=${LOCALBASE}/heimdal
 MODULES +=		security/heimdal
+WANTLIB += execinfo
 WANTLIB += heimdal/lib/gssapi
 WANTLIB += heimdal/lib/heimntlm
 WANTLIB += heimdal/lib/heimsqlite
@@ -89,7 +102,7 @@ PKG_ARGS=		-Dsql=0
 
 .if ${FLAVOR:Mmysql}
 LIB_DEPENDS +=		databases/mariadb
-WANTLIB+= m pthread ssl z lib/mysql/mysqlclient
+WANTLIB+= m mariadb pthread ssl z
 CONFIGURE_ARGS +=	--with-mysql="${LOCALBASE}"
 .else
 CONFIGURE_ARGS +=	--without-mysql
@@ -98,14 +111,14 @@ CONFIGURE_ARGS +=	--without-mysql
 .if ${FLAVOR:Mpgsql}
 LIB_DEPENDS +=		databases/postgresql
 CFLAGS +=		-I${LOCALBASE}/include/postgresql
-WANTLIB += pq ssl
+WANTLIB += m pq ssl
 .else
 CONFIGURE_ARGS +=	--without-pgsql
 .endif
 
 .if ${FLAVOR:Msqlite3}
 LIB_DEPENDS +=		databases/sqlite3
-WANTLIB += m pthread sqlite3
+WANTLIB += m pthread sqlite3 z
 .else
 CONFIGURE_ARGS +=	--without-sqlite3
 .endif

security/cyrus-sasl2/distinfo

@@ -1,2 +1,2 @@
-SHA256 (cyrus-sasl-2.1.27.tar.gz) = JoZrFUmwD/0CDxiKQ8JYAX+hw4Kz3a3YIBU29y77BdU=
-SIZE (cyrus-sasl-2.1.27.tar.gz) = 4111249
+SHA256 (cyrus-sasl-2.1.28.tar.gz) = fM/Gq9Ae1nwaCSSzU+Um8bdmsh9C1FYu5jWo6/xbs4w=
+SIZE (cyrus-sasl-2.1.28.tar.gz) = 4034803

security/cyrus-sasl2/patches/patch-common_Makefile_in

@@ -1,24 +0,0 @@
-$OpenBSD: patch-common_Makefile_in,v 1.1 2018/11/19 08:24:23 ajacoutot Exp $
-
-GNU libtool says:
-libtool: link: warning: `-version-info/-version-number' is ignored for convenience libraries
-crypto_compat_version is not defined which makes our libtool(1)
-exit with an error, so just drop things that should be ignored
-See: https://www.gnu.org/software/libtool/manual/html_node/Static-libraries.html
-
-Index: common/Makefile.in
---- common/Makefile.in.orig
-+++ common/Makefile.in
-@@ -431,10 +431,10 @@ plugin_common_version = 3:0:0
- AM_CPPFLAGS = -fPIC -I$(top_srcdir)/include -I$(top_builddir)/include
- noinst_LTLIBRARIES = libplugin_common.la libcrypto_compat.la
- libplugin_common_la_SOURCES = plugin_common.c plugin_common.h
--libplugin_common_la_LDFLAGS = -version-info $(plugin_common_version) -no-undefined
-+libplugin_common_la_LDFLAGS = -no-undefined
- libplugin_common_la_LIBADD = $(LIB_SOCKET)
- libcrypto_compat_la_SOURCES = crypto-compat.c crypto-compat.h
--libcrypto_compat_la_LDFLAGS = -version-info $(crypto_compat_version) -no-undefined
-+libcrypto_compat_la_LDFLAGS = -no-undefined
- all: all-am
- 
- .SUFFIXES:

security/cyrus-sasl2/patches/patch-configure

@@ -1,9 +1,9 @@
-$OpenBSD: patch-configure,v 1.16 2018/11/19 08:24:23 ajacoutot Exp $
+$OpenBSD: patch-configure,v 1.17 2022/02/24 08:33:56 ajacoutot Exp $
 
 Index: configure
 --- configure.orig
 +++ configure
-@@ -17051,6 +17051,7 @@ if ${ac_cv_lib_gssapi_gss_unwrap+:} false; then :
+@@ -16879,6 +16879,7 @@ if ${ac_cv_lib_gssapi_gss_unwrap+:} false; then :
  else
    ac_check_lib_save_LIBS=$LIBS
  LIBS="-lgssapi ${GSSAPIBASE_LIBS} -lgssapi -lkrb5 -lasn1 -lroken ${LIB_CRYPT} ${LIB_DES} -lcom_err ${LIB_SOCKET} $LIBS"
@@ -11,7 +11,7 @@ Index: configure
  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
  /* end confdefs.h.  */
  
-@@ -17310,6 +17311,7 @@ fi
+@@ -17138,6 +17139,7 @@ fi
      GSSAPIBASE_STATIC_LIBS="$GSSAPIBASE_LIBS $gssapi_dir/libgssapi_krb5.a $gssapi_dir/libkrb5.a $gssapi_dir/libk5crypto.a $gssapi_dir/libcom_err.a"
    elif test "$gss_impl" = "heimdal"; then
      CPPFLAGS="$CPPFLAGS"

security/cyrus-sasl2/patches/patch-plugins_Makefile_in

@@ -1,14 +0,0 @@
-$OpenBSD: patch-plugins_Makefile_in,v 1.4 2018/11/19 08:24:23 ajacoutot Exp $
-
-Index: plugins/Makefile.in
---- plugins/Makefile.in.orig
-+++ plugins/Makefile.in
-@@ -494,7 +494,7 @@ top_srcdir = @top_srcdir@
- # CURRENT:REVISION:AGE
- plugin_version = 3:0:0
- AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/lib -I$(top_srcdir)/sasldb -I$(top_srcdir)/common -I$(top_builddir)/include
--AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir) -version-info $(plugin_version) -no-undefined
-+AM_LDFLAGS = -module -avoid-version -export-dynamic -rpath $(plugindir) -version-info $(plugin_version) -no-undefined
- @BUILD_LIBOBJ_TRUE@COMPAT_OBJS = $(top_builddir)/lib/libobj.la
- PLUGIN_COMMON_OBJS = $(top_builddir)/common/libplugin_common.la
- CRYPTO_COMPAT_OBJS = $(top_builddir)/common/libcrypto_compat.la

security/cyrus-sasl2/patches/patch-saslauthd_Makefile_in

@@ -1,25 +0,0 @@
-$OpenBSD: patch-saslauthd_Makefile_in,v 1.15 2018/11/19 08:24:23 ajacoutot Exp $
-
-Remove hand-rolled formatting, just install mdoc(7) source manual.
-
-Index: saslauthd/Makefile.in
---- saslauthd/Makefile.in.orig
-+++ saslauthd/Makefile.in
-@@ -781,15 +781,9 @@ uninstall-am: uninstall-local uninstall-sbinPROGRAMS
- 
- .PRECIOUS: Makefile
- 
--
--dist-hook: saslauthd.8
--
--saslauthd.8: saslauthd.mdoc
--	nroff -mdoc $(srcdir)/saslauthd.mdoc > $(srcdir)/saslauthd.8
--
--install-data-local: saslauthd.8
-+install-data-local:
- 	$(mkinstalldirs) $(DESTDIR)$(mandir)/man8
--	$(INSTALL_DATA) $(srcdir)/saslauthd.8 $(DESTDIR)$(mandir)/man8/saslauthd.8
-+	$(INSTALL_DATA) $(srcdir)/saslauthd.mdoc $(DESTDIR)$(mandir)/man8/saslauthd.8
- 
- uninstall-local:
- 	-rm -rf $(DESTDIR)$(mandir)/man8/saslauthd.8

security/cyrus-sasl2/patches/patch-saslauthd_lak_c

@@ -1,11 +1,11 @@
-$OpenBSD: patch-saslauthd_lak_c,v 1.2 2019/01/20 23:00:32 ajacoutot Exp $
+$OpenBSD: patch-saslauthd_lak_c,v 1.3 2022/02/24 08:33:56 ajacoutot Exp $
 
 64-bit time_t
 
 Index: saslauthd/lak.c
 --- saslauthd/lak.c.orig
 +++ saslauthd/lak.c
-@@ -841,12 +841,12 @@ static int lak_connect(
+@@ -842,12 +842,12 @@ static int lak_connect(
  
  	rc = ldap_set_option(lak->ld, LDAP_OPT_NETWORK_TIMEOUT, &(lak->conf->timeout));
  	if (rc != LDAP_OPT_SUCCESS) {

security/cyrus-sasl2/pkg/PFRAG.gssapi

@@ -1,5 +1,5 @@
-@comment $OpenBSD: PFRAG.gssapi,v 1.2 2016/04/04 22:57:45 naddy Exp $
+@comment $OpenBSD: PFRAG.gssapi,v 1.3 2022/02/24 08:33:56 ajacoutot Exp $
 lib/sasl2/libgs2.la
-lib/sasl2/libgs2.so
+@lib lib/sasl2/libgs2.so.${LIBgs2_VERSION}
 lib/sasl2/libgssapiv2.la
-lib/sasl2/libgssapiv2.so
+@lib lib/sasl2/libgssapiv2.so.${LIBgssapiv2_VERSION}

security/cyrus-sasl2/pkg/PFRAG.ldap

@@ -1,6 +1,6 @@
-@comment $OpenBSD: PFRAG.ldap,v 1.7 2016/04/04 22:57:45 naddy Exp $
+@comment $OpenBSD: PFRAG.ldap,v 1.8 2022/02/24 08:33:56 ajacoutot Exp $
 lib/sasl2/libldapdb.la
-lib/sasl2/libldapdb.so
+@lib lib/sasl2/libldapdb.so.${LIBldapdb_VERSION}
 share/doc/cyrus-sasl/LDAP_SASLAUTHD
 share/examples/cyrus-sasl/saslauthd.conf
 @mode 640

security/cyrus-sasl2/pkg/PFRAG.sql

@@ -1,4 +1,4 @@
-@comment $OpenBSD: PFRAG.sql,v 1.11 2016/10/10 12:25:20 ajacoutot Exp $
+@comment $OpenBSD: PFRAG.sql,v 1.12 2022/02/24 08:33:56 ajacoutot Exp $
 lib/sasl2/libsql.la
-lib/sasl2/libsql.so
+@lib lib/sasl2/libsql.so.${LIBsql_VERSION}
 share/examples/cyrus-sasl/Sendmail.conf-sql

security/cyrus-sasl2/pkg/PLIST

@@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST,v 1.36 2022/01/10 23:58:49 daniel Exp $
+@comment $OpenBSD: PLIST,v 1.37 2022/02/24 08:33:56 ajacoutot Exp $
 @conflict cyrus-sasl-*
 @extraunexec rm -rf /var/sasl2/*
 @rcscript ${RCDIR}/saslauthd
@@ -16,23 +16,23 @@ lib/libsasl2.la
 lib/pkgconfig/libsasl2.pc
 lib/sasl2/
 lib/sasl2/libanonymous.la
-@so lib/sasl2/libanonymous.so
+@lib lib/sasl2/libanonymous.so.${LIBanonymous_VERSION}
 lib/sasl2/libcrammd5.la
-@so lib/sasl2/libcrammd5.so
+@lib lib/sasl2/libcrammd5.so.${LIBcrammd5_VERSION}
 lib/sasl2/libdigestmd5.la
-@so lib/sasl2/libdigestmd5.so
+@lib lib/sasl2/libdigestmd5.so.${LIBdigestmd5_VERSION}
 lib/sasl2/liblogin.la
-@so lib/sasl2/liblogin.so
+@lib lib/sasl2/liblogin.so.${LIBlogin_VERSION}
 lib/sasl2/libntlm.la
-@so lib/sasl2/libntlm.so
+@lib lib/sasl2/libntlm.so.${LIBntlm_VERSION}
 lib/sasl2/libotp.la
-@so lib/sasl2/libotp.so
+@lib lib/sasl2/libotp.so.${LIBotp_VERSION}
 lib/sasl2/libplain.la
-@so lib/sasl2/libplain.so
+@lib lib/sasl2/libplain.so.${LIBplain_VERSION}
 lib/sasl2/libsasldb.la
-@so lib/sasl2/libsasldb.so
+@lib lib/sasl2/libsasldb.so.${LIBsasldb_VERSION}
 lib/sasl2/libscram.la
-@so lib/sasl2/libscram.so
+@lib lib/sasl2/libscram.so.${LIBscram_VERSION}
 @man man/man3/sasl.3
 @man man/man3/sasl_authorize_t.3
 @man man/man3/sasl_auxprop.3
@@ -80,11 +80,14 @@ lib/sasl2/libscram.la
 @man man/man8/saslauthd.8
 @man man/man8/sasldblistusers2.8
 @man man/man8/saslpasswd2.8
+@man man/man8/testsaslauthd.8
 @bin sbin/pluginviewer
 @bin sbin/saslauthd
 @bin sbin/sasldblistusers2
 @bin sbin/saslpasswd2
 @bin sbin/testsaslauthd
+share/doc/cyrus-sasl/
+share/examples/cyrus-sasl/
 @sample ${SYSCONFDIR}/sasl2/
 @sample /var/sasl2/
 %%gssapi%%