Add openssl 1.1 support to cyrus-sasl

dev-libs/cyrus-sasl/Manifest

@@ -0,0 +1 @@
+DIST cyrus-sasl-2.1.26.tar.gz 5220231 BLAKE2B 08fe5c1624e7cccb4b5e562f6987fddd047e1221b671cedbbb684d5a2f39e09a438ad14ffcedb5f398c203ca0b6e23574106c87f43a632028d50a69619c54970 SHA512 78819cb9bb38bea4537d6770d309deeeef09ff44a67526177609d3e1257ff4334d2b5e5131d5a1e4dea7430d8db1918ea9d171f0dee38b5e8337f4b72ed068f0

dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r11.ebuild

@@ -0,0 +1,264 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+inherit eutils flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd
+
+SASLAUTHD_CONF_VER="2.1.26"
+
+DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"
+HOMEPAGE="http://cyrusimap.web.cmu.edu/"
+SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"
+
+LICENSE="BSD-with-attribution"
+SLOT="2"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="authdaemond berkdb gdbm kerberos ldapdb libressl openldap mysql pam postgres sample selinux sqlite
+srp ssl static-libs urandom"
+
+DEPEND="
+	net-mail/mailbase
+	authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) )
+	berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )
+	gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] )
+	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
+	openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )
+	mysql? ( virtual/mysql )
+	pam? ( >=virtual/pam-0-r1[${MULTILIB_USEDEP}] )
+	postgres? ( dev-db/postgresql:= )
+	sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] )
+	ssl? (
+		!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
+		libressl? ( dev-libs/libressl:=[${MULTILIB_USEDEP}] )
+	)
+	java? ( >=virtual/jdk-1.6:= )"
+
+RDEPEND="
+	${DEPEND}
+	selinux? ( sec-policy/selinux-sasl )"
+
+MULTILIB_WRAPPED_HEADERS=(
+	/usr/include/sasl/md5global.h
+)
+
+PATCHES=(
+	"${FILESDIR}/${PN}-2.1.25-sasldb_al.patch"
+	"${FILESDIR}/${PN}-2.1.25-saslauthd_libtool.patch"
+	"${FILESDIR}/${PN}-2.1.25-avoid_pic_overwrite.patch"
+	"${FILESDIR}/${PN}-2.1.25-autotools_fixes.patch"
+	"${FILESDIR}/${PN}-2.1.25-as_needed.patch"
+	"${FILESDIR}/${PN}-2.1.25-missing_header.patch"
+	"${FILESDIR}/${PN}-2.1.25-fix_heimdal.patch"
+	"${FILESDIR}/${PN}-2.1.25-auxprop.patch"
+	"${FILESDIR}/${PN}-2.1.23-gss_c_nt_hostbased_service.patch"
+	"${FILESDIR}/${PN}-2.1.25-service_keytabs.patch"
+	"${FILESDIR}/${PN}-2.1.26-missing-size_t.patch"
+	"${FILESDIR}/${PN}-2.1.26-CVE-2013-4122.patch"
+	"${FILESDIR}/${PN}-2.1.26-send-imap-logout.patch"
+	"${FILESDIR}/${PN}-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch"
+	"${FILESDIR}/${PN}-2.1.26-fix_dovecot_authentication.patch"
+	"${FILESDIR}/${PN}-2.1.26-openssl-1.1.patch"
+)
+
+pkg_setup() {
+	java-pkg-opt-2_pkg_setup
+}
+
+src_prepare() {
+	epatch "${PATCHES[@]}"
+
+	# Get rid of the -R switch (runpath_switch for Sun)
+	# >=gcc-4.6 errors out with unknown option
+	sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \
+		configure.in || die
+
+	# Use plugindir for sasldir
+	sed -i '/^sasldir =/s:=.*:= $(plugindir):' \
+		"${S}"/plugins/Makefile.{am,in} || die "sed failed"
+
+	# #486740 #468556
+	sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \
+		-e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \
+		configure.in || die
+	sed -i -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \
+		saslauthd/configure.in || die
+
+	eautoreconf
+}
+
+src_configure() {
+	append-flags -fno-strict-aliasing
+	if [[ ${CHOST} == *-solaris* ]] ; then
+		# getpassphrase is defined in /usr/include/stdlib.h
+		append-cppflags -DHAVE_GETPASSPHRASE
+	else
+		# this horrendously breaks things on Solaris
+		append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED
+	fi
+
+	multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+	# Java support.
+	multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}"
+
+	local myconf=()
+
+	# Add authdaemond support (bug #56523).
+	if use authdaemond ; then
+		myconf+=( --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket )
+	fi
+
+	# Fix for bug #59634.
+	if ! use ssl ; then
+		myconf+=( --without-des )
+	fi
+
+	if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then
+		myconf+=( --enable-sql )
+	else
+		myconf+=( --disable-sql )
+	fi
+
+	# Default to GDBM if both 'gdbm' and 'berkdb' are present.
+	if use gdbm ; then
+		einfo "Building with GNU DB as database backend for your SASLdb"
+		myconf+=( --with-dblib=gdbm )
+	elif use berkdb ; then
+		einfo "Building with BerkeleyDB as database backend for your SASLdb"
+		myconf+=(
+			--with-dblib=berkeley
+			--with-bdb-incdir="$(db_includedir)"
+		)
+	else
+		einfo "Building without SASLdb support"
+		myconf+=( --with-dblib=none )
+	fi
+
+	# Use /dev/urandom instead of /dev/random (bug #46038).
+	if use urandom ; then
+		myconf+=( --with-devrandom=/dev/urandom )
+	fi
+
+	ECONF_SOURCE=${S} \
+	econf \
+		--enable-login \
+		--enable-ntlm \
+		--enable-auth-sasldb \
+		--disable-cmulocal \
+		--disable-krb4 \
+		--disable-macos-framework \
+		--enable-otp \
+		--without-sqlite \
+		--with-saslauthd="${EPREFIX}"/run/saslauthd \
+		--with-pwcheck="${EPREFIX}"/run/saslauthd \
+		--with-configdir="${EPREFIX}"/etc/sasl2 \
+		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sasl2 \
+		--with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2 \
+		$(use_with ssl openssl) \
+		$(use_with pam) \
+		$(use_with openldap ldap) \
+		$(use_enable ldapdb) \
+		$(multilib_native_use_enable sample) \
+		$(use_enable kerberos gssapi) \
+		$(multilib_native_use_enable java) \
+		$(multilib_native_use_with java javahome ${JAVA_HOME}) \
+		$(multilib_native_use_with mysql mysql "${EPREFIX}"/usr) \
+		$(multilib_native_use_with postgres pgsql) \
+		$(use_with sqlite sqlite3 "${EPREFIX}"/usr/$(get_libdir)) \
+		$(use_enable srp) \
+		$(use_enable static-libs static) \
+		"${myconf[@]}"
+}
+
+multilib_src_compile() {
+	emake
+
+	# Default location for java classes breaks OpenOffice (bug #60769).
+	# Thanks to axxo@gentoo.org for the solution.
+	if multilib_is_native_abi && use java ; then
+		jar -cvf ${PN}.jar -C java $(find java -name "*.class")
+	fi
+}
+
+multilib_src_install() {
+	default
+
+	if multilib_is_native_abi; then
+		if use sample ; then
+			docinto sample
+			dodoc "${S}"/sample/*.c
+			exeinto /usr/share/doc/${P}/sample
+			doexe sample/client sample/server
+		fi
+
+		# Default location for java classes breaks OpenOffice (bug #60769).
+		if use java; then
+			java-pkg_dojar ${PN}.jar
+			java-pkg_regso "${ED}/usr/$(get_libdir)/libjavasasl$(get_libname)"
+			# hackish, don't wanna dig through makefile
+			rm -rf "${ED}/usr/$(get_libdir)/java" || die
+			docinto "java"
+			dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/*
+			dodir "/usr/share/doc/${PF}/java/Test"
+			insinto "/usr/share/doc/${PF}/java/Test"
+			doins "${S}"/java/Test/*.java
+		fi
+
+		dosbin saslauthd/testsaslauthd
+	fi
+}
+
+multilib_src_install_all() {
+	keepdir /etc/sasl2
+
+	dodoc AUTHORS ChangeLog NEWS README doc/TODO doc/*.txt
+	newdoc pwcheck/README README.pwcheck
+	dohtml doc/*.html
+
+	docinto "saslauthd"
+	dodoc saslauthd/{AUTHORS,ChangeLog,LDAP_SASLAUTHD,NEWS,README}
+
+	newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd
+
+	newinitd "${FILESDIR}/pwcheck.rc6" pwcheck
+	systemd_dounit "${FILESDIR}/pwcheck.service"
+
+	newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd
+	newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd
+	systemd_dounit "${FILESDIR}/saslauthd.service"
+	systemd_dotmpfilesd "${FILESDIR}/${PN}.conf"
+
+	# The get_modname bit is important: do not remove the .la files on
+	# platforms where the lib isn't called .so for cyrus searches the .la to
+	# figure out what the name is supposed to be instead
+	use static-libs || [[ $(get_modname) != .so ]] || \
+		prune_libtool_files --modules
+}
+
+pkg_postinst () {
+	# Generate an empty sasldb2 with correct permissions.
+	if ( use berkdb || use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then
+		einfo "Generating an empty sasldb2 with correct permissions ..."
+		echo "p" | "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -p login \
+			|| die "Failed to generate sasldb2"
+		"${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -d login \
+			|| die "Failed to delete temp user"
+		chown root:mail "${EROOT}/etc/sasl2/sasldb2" \
+			|| die "Failed to chown ${EROOT}/etc/sasl2/sasldb2"
+		chmod 0640 "${EROOT}/etc/sasl2/sasldb2" \
+			|| die "Failed to chmod ${EROOT}/etc/sasl2/sasldb2"
+	fi
+
+	if use authdaemond ; then
+		elog "You need to add a user running a service using Courier's"
+		elog "authdaemon to the 'mail' group. For example, do:"
+		elog "	gpasswd -a postfix mail"
+		elog "to add the 'postfix' user to the 'mail' group."
+	fi
+
+	elog "pwcheck and saslauthd home directories have moved to:"
+	elog "  /run/saslauthd, using tmpfiles.d"
+}

dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch

@@ -0,0 +1,16 @@
+Gentoo bug #389349
+--- cmulocal/sasl2.m4	2009-04-28 17:09:13.000000000 +0200
++++ cmulocal/sasl2.m4	2011-11-02 17:55:24.000000000 +0100
+@@ -217,7 +217,11 @@
+                  [AC_WARN([Cybersafe define not found])])
+
+   elif test "$ac_cv_header_gssapi_h" = "yes"; then
+-    AC_EGREP_HEADER(GSS_C_NT_HOSTBASED_SERVICE, gssapi.h,
++    AC_EGREP_CPP(hostbased_service_gss_nt_yes, gssapi.h,
++                 [#include <gssapi.h>
++                  #ifdef GSS_C_NT_HOSTBASED_SERVICE
++                    hostbased_service_gss_nt_yes
++                  #endif],
+                     [AC_DEFINE(HAVE_GSS_C_NT_HOSTBASED_SERVICE,,
+                                [Define if your GSSAPI implimentation defines GSS_C_NT_HOSTBASED_SERVICE])])
+   elif test "$ac_cv_header_gssapi_gssapi_h"; then

dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-as_needed.patch

@@ -0,0 +1,27 @@
+Author: Matthias Klose <doko@ubuntu.com>
+Desription: Fix FTBFS, add $(SASL_DB_LIB) as dependency to libsasldb, and use
+it.
+--- a/saslauthd/Makefile.am
++++ b/saslauthd/Makefile.am
+@@ -16,7 +16,7 @@ EXTRA_saslauthd_sources = getaddrinfo.c
+ saslauthd_DEPENDENCIES = saslauthd-main.o @LTLIBOBJS@
+ saslauthd_LDADD	= @SASL_KRB_LIB@ \
+ 		  @GSSAPIBASE_LIBS@ @GSSAPI_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \
+-		  @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@
++		  @LIB_SOCKET@ ../sasldb/libsasldb.la @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@
+
+ testsaslauthd_SOURCES = testsaslauthd.c utils.c
+ testsaslauthd_LDADD = @LIB_SOCKET@
+--- a/sasldb/Makefile.am
++++ b/sasldb/Makefile.am
+@@ -55,8 +55,8 @@ noinst_LIBRARIES = libsasldb.a
+
+ libsasldb_la_SOURCES = allockey.c sasldb.h
+ EXTRA_libsasldb_la_SOURCES = $(extra_common_sources)
+-libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND)
+-libsasldb_la_LIBADD = $(SASL_DB_BACKEND) 
++libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
++libsasldb_la_LIBADD = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
+
+ # Prevent make dist stupidity
+ libsasldb_a_SOURCES =