-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add openssl 1.1 support to cyrus-sasl
- Loading branch information
Showing
27 changed files
with
1,414 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
DIST cyrus-sasl-2.1.26.tar.gz 5220231 BLAKE2B 08fe5c1624e7cccb4b5e562f6987fddd047e1221b671cedbbb684d5a2f39e09a438ad14ffcedb5f398c203ca0b6e23574106c87f43a632028d50a69619c54970 SHA512 78819cb9bb38bea4537d6770d309deeeef09ff44a67526177609d3e1257ff4334d2b5e5131d5a1e4dea7430d8db1918ea9d171f0dee38b5e8337f4b72ed068f0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,264 @@ | ||
# Copyright 1999-2018 Gentoo Foundation | ||
# Distributed under the terms of the GNU General Public License v2 | ||
|
||
EAPI=5 | ||
|
||
inherit eutils flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd | ||
|
||
SASLAUTHD_CONF_VER="2.1.26" | ||
|
||
DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)" | ||
HOMEPAGE="http://cyrusimap.web.cmu.edu/" | ||
SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz" | ||
|
||
LICENSE="BSD-with-attribution" | ||
SLOT="2" | ||
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" | ||
IUSE="authdaemond berkdb gdbm kerberos ldapdb libressl openldap mysql pam postgres sample selinux sqlite | ||
srp ssl static-libs urandom" | ||
|
||
DEPEND=" | ||
net-mail/mailbase | ||
authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) ) | ||
berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] ) | ||
gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] ) | ||
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) | ||
openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] ) | ||
mysql? ( virtual/mysql ) | ||
pam? ( >=virtual/pam-0-r1[${MULTILIB_USEDEP}] ) | ||
postgres? ( dev-db/postgresql:= ) | ||
sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] ) | ||
ssl? ( | ||
!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] ) | ||
libressl? ( dev-libs/libressl:=[${MULTILIB_USEDEP}] ) | ||
) | ||
java? ( >=virtual/jdk-1.6:= )" | ||
|
||
RDEPEND=" | ||
${DEPEND} | ||
selinux? ( sec-policy/selinux-sasl )" | ||
|
||
MULTILIB_WRAPPED_HEADERS=( | ||
/usr/include/sasl/md5global.h | ||
) | ||
|
||
PATCHES=( | ||
"${FILESDIR}/${PN}-2.1.25-sasldb_al.patch" | ||
"${FILESDIR}/${PN}-2.1.25-saslauthd_libtool.patch" | ||
"${FILESDIR}/${PN}-2.1.25-avoid_pic_overwrite.patch" | ||
"${FILESDIR}/${PN}-2.1.25-autotools_fixes.patch" | ||
"${FILESDIR}/${PN}-2.1.25-as_needed.patch" | ||
"${FILESDIR}/${PN}-2.1.25-missing_header.patch" | ||
"${FILESDIR}/${PN}-2.1.25-fix_heimdal.patch" | ||
"${FILESDIR}/${PN}-2.1.25-auxprop.patch" | ||
"${FILESDIR}/${PN}-2.1.23-gss_c_nt_hostbased_service.patch" | ||
"${FILESDIR}/${PN}-2.1.25-service_keytabs.patch" | ||
"${FILESDIR}/${PN}-2.1.26-missing-size_t.patch" | ||
"${FILESDIR}/${PN}-2.1.26-CVE-2013-4122.patch" | ||
"${FILESDIR}/${PN}-2.1.26-send-imap-logout.patch" | ||
"${FILESDIR}/${PN}-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch" | ||
"${FILESDIR}/${PN}-2.1.26-fix_dovecot_authentication.patch" | ||
"${FILESDIR}/${PN}-2.1.26-openssl-1.1.patch" | ||
) | ||
|
||
pkg_setup() { | ||
java-pkg-opt-2_pkg_setup | ||
} | ||
|
||
src_prepare() { | ||
epatch "${PATCHES[@]}" | ||
|
||
# Get rid of the -R switch (runpath_switch for Sun) | ||
# >=gcc-4.6 errors out with unknown option | ||
sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \ | ||
configure.in || die | ||
|
||
# Use plugindir for sasldir | ||
sed -i '/^sasldir =/s:=.*:= $(plugindir):' \ | ||
"${S}"/plugins/Makefile.{am,in} || die "sed failed" | ||
|
||
# #486740 #468556 | ||
sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \ | ||
-e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \ | ||
configure.in || die | ||
sed -i -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \ | ||
saslauthd/configure.in || die | ||
|
||
eautoreconf | ||
} | ||
|
||
src_configure() { | ||
append-flags -fno-strict-aliasing | ||
if [[ ${CHOST} == *-solaris* ]] ; then | ||
# getpassphrase is defined in /usr/include/stdlib.h | ||
append-cppflags -DHAVE_GETPASSPHRASE | ||
else | ||
# this horrendously breaks things on Solaris | ||
append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED | ||
fi | ||
|
||
multilib-minimal_src_configure | ||
} | ||
|
||
multilib_src_configure() { | ||
# Java support. | ||
multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}" | ||
|
||
local myconf=() | ||
|
||
# Add authdaemond support (bug #56523). | ||
if use authdaemond ; then | ||
myconf+=( --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket ) | ||
fi | ||
|
||
# Fix for bug #59634. | ||
if ! use ssl ; then | ||
myconf+=( --without-des ) | ||
fi | ||
|
||
if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then | ||
myconf+=( --enable-sql ) | ||
else | ||
myconf+=( --disable-sql ) | ||
fi | ||
|
||
# Default to GDBM if both 'gdbm' and 'berkdb' are present. | ||
if use gdbm ; then | ||
einfo "Building with GNU DB as database backend for your SASLdb" | ||
myconf+=( --with-dblib=gdbm ) | ||
elif use berkdb ; then | ||
einfo "Building with BerkeleyDB as database backend for your SASLdb" | ||
myconf+=( | ||
--with-dblib=berkeley | ||
--with-bdb-incdir="$(db_includedir)" | ||
) | ||
else | ||
einfo "Building without SASLdb support" | ||
myconf+=( --with-dblib=none ) | ||
fi | ||
|
||
# Use /dev/urandom instead of /dev/random (bug #46038). | ||
if use urandom ; then | ||
myconf+=( --with-devrandom=/dev/urandom ) | ||
fi | ||
|
||
ECONF_SOURCE=${S} \ | ||
econf \ | ||
--enable-login \ | ||
--enable-ntlm \ | ||
--enable-auth-sasldb \ | ||
--disable-cmulocal \ | ||
--disable-krb4 \ | ||
--disable-macos-framework \ | ||
--enable-otp \ | ||
--without-sqlite \ | ||
--with-saslauthd="${EPREFIX}"/run/saslauthd \ | ||
--with-pwcheck="${EPREFIX}"/run/saslauthd \ | ||
--with-configdir="${EPREFIX}"/etc/sasl2 \ | ||
--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sasl2 \ | ||
--with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2 \ | ||
$(use_with ssl openssl) \ | ||
$(use_with pam) \ | ||
$(use_with openldap ldap) \ | ||
$(use_enable ldapdb) \ | ||
$(multilib_native_use_enable sample) \ | ||
$(use_enable kerberos gssapi) \ | ||
$(multilib_native_use_enable java) \ | ||
$(multilib_native_use_with java javahome ${JAVA_HOME}) \ | ||
$(multilib_native_use_with mysql mysql "${EPREFIX}"/usr) \ | ||
$(multilib_native_use_with postgres pgsql) \ | ||
$(use_with sqlite sqlite3 "${EPREFIX}"/usr/$(get_libdir)) \ | ||
$(use_enable srp) \ | ||
$(use_enable static-libs static) \ | ||
"${myconf[@]}" | ||
} | ||
|
||
multilib_src_compile() { | ||
emake | ||
|
||
# Default location for java classes breaks OpenOffice (bug #60769). | ||
# Thanks to axxo@gentoo.org for the solution. | ||
if multilib_is_native_abi && use java ; then | ||
jar -cvf ${PN}.jar -C java $(find java -name "*.class") | ||
fi | ||
} | ||
|
||
multilib_src_install() { | ||
default | ||
|
||
if multilib_is_native_abi; then | ||
if use sample ; then | ||
docinto sample | ||
dodoc "${S}"/sample/*.c | ||
exeinto /usr/share/doc/${P}/sample | ||
doexe sample/client sample/server | ||
fi | ||
|
||
# Default location for java classes breaks OpenOffice (bug #60769). | ||
if use java; then | ||
java-pkg_dojar ${PN}.jar | ||
java-pkg_regso "${ED}/usr/$(get_libdir)/libjavasasl$(get_libname)" | ||
# hackish, don't wanna dig through makefile | ||
rm -rf "${ED}/usr/$(get_libdir)/java" || die | ||
docinto "java" | ||
dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/* | ||
dodir "/usr/share/doc/${PF}/java/Test" | ||
insinto "/usr/share/doc/${PF}/java/Test" | ||
doins "${S}"/java/Test/*.java | ||
fi | ||
|
||
dosbin saslauthd/testsaslauthd | ||
fi | ||
} | ||
|
||
multilib_src_install_all() { | ||
keepdir /etc/sasl2 | ||
|
||
dodoc AUTHORS ChangeLog NEWS README doc/TODO doc/*.txt | ||
newdoc pwcheck/README README.pwcheck | ||
dohtml doc/*.html | ||
|
||
docinto "saslauthd" | ||
dodoc saslauthd/{AUTHORS,ChangeLog,LDAP_SASLAUTHD,NEWS,README} | ||
|
||
newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd | ||
|
||
newinitd "${FILESDIR}/pwcheck.rc6" pwcheck | ||
systemd_dounit "${FILESDIR}/pwcheck.service" | ||
|
||
newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd | ||
newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd | ||
systemd_dounit "${FILESDIR}/saslauthd.service" | ||
systemd_dotmpfilesd "${FILESDIR}/${PN}.conf" | ||
|
||
# The get_modname bit is important: do not remove the .la files on | ||
# platforms where the lib isn't called .so for cyrus searches the .la to | ||
# figure out what the name is supposed to be instead | ||
use static-libs || [[ $(get_modname) != .so ]] || \ | ||
prune_libtool_files --modules | ||
} | ||
|
||
pkg_postinst () { | ||
# Generate an empty sasldb2 with correct permissions. | ||
if ( use berkdb || use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then | ||
einfo "Generating an empty sasldb2 with correct permissions ..." | ||
echo "p" | "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -p login \ | ||
|| die "Failed to generate sasldb2" | ||
"${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -d login \ | ||
|| die "Failed to delete temp user" | ||
chown root:mail "${EROOT}/etc/sasl2/sasldb2" \ | ||
|| die "Failed to chown ${EROOT}/etc/sasl2/sasldb2" | ||
chmod 0640 "${EROOT}/etc/sasl2/sasldb2" \ | ||
|| die "Failed to chmod ${EROOT}/etc/sasl2/sasldb2" | ||
fi | ||
|
||
if use authdaemond ; then | ||
elog "You need to add a user running a service using Courier's" | ||
elog "authdaemon to the 'mail' group. For example, do:" | ||
elog " gpasswd -a postfix mail" | ||
elog "to add the 'postfix' user to the 'mail' group." | ||
fi | ||
|
||
elog "pwcheck and saslauthd home directories have moved to:" | ||
elog " /run/saslauthd, using tmpfiles.d" | ||
} |
16 changes: 16 additions & 0 deletions
16
dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
Gentoo bug #389349 | ||
--- cmulocal/sasl2.m4 2009-04-28 17:09:13.000000000 +0200 | ||
+++ cmulocal/sasl2.m4 2011-11-02 17:55:24.000000000 +0100 | ||
@@ -217,7 +217,11 @@ | ||
[AC_WARN([Cybersafe define not found])]) | ||
|
||
elif test "$ac_cv_header_gssapi_h" = "yes"; then | ||
- AC_EGREP_HEADER(GSS_C_NT_HOSTBASED_SERVICE, gssapi.h, | ||
+ AC_EGREP_CPP(hostbased_service_gss_nt_yes, gssapi.h, | ||
+ [#include <gssapi.h> | ||
+ #ifdef GSS_C_NT_HOSTBASED_SERVICE | ||
+ hostbased_service_gss_nt_yes | ||
+ #endif], | ||
[AC_DEFINE(HAVE_GSS_C_NT_HOSTBASED_SERVICE,, | ||
[Define if your GSSAPI implimentation defines GSS_C_NT_HOSTBASED_SERVICE])]) | ||
elif test "$ac_cv_header_gssapi_gssapi_h"; then |
27 changes: 27 additions & 0 deletions
27
dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-as_needed.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
Author: Matthias Klose <doko@ubuntu.com> | ||
Desription: Fix FTBFS, add $(SASL_DB_LIB) as dependency to libsasldb, and use | ||
it. | ||
--- a/saslauthd/Makefile.am | ||
+++ b/saslauthd/Makefile.am | ||
@@ -16,7 +16,7 @@ EXTRA_saslauthd_sources = getaddrinfo.c | ||
saslauthd_DEPENDENCIES = saslauthd-main.o @LTLIBOBJS@ | ||
saslauthd_LDADD = @SASL_KRB_LIB@ \ | ||
@GSSAPIBASE_LIBS@ @GSSAPI_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \ | ||
- @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@ | ||
+ @LIB_SOCKET@ ../sasldb/libsasldb.la @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@ | ||
|
||
testsaslauthd_SOURCES = testsaslauthd.c utils.c | ||
testsaslauthd_LDADD = @LIB_SOCKET@ | ||
--- a/sasldb/Makefile.am | ||
+++ b/sasldb/Makefile.am | ||
@@ -55,8 +55,8 @@ noinst_LIBRARIES = libsasldb.a | ||
|
||
libsasldb_la_SOURCES = allockey.c sasldb.h | ||
EXTRA_libsasldb_la_SOURCES = $(extra_common_sources) | ||
-libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) | ||
-libsasldb_la_LIBADD = $(SASL_DB_BACKEND) | ||
+libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) $(SASL_DB_LIB) | ||
+libsasldb_la_LIBADD = $(SASL_DB_BACKEND) $(SASL_DB_LIB) | ||
|
||
# Prevent make dist stupidity | ||
libsasldb_a_SOURCES = |
Oops, something went wrong.