Update to version 1.5.15.

PR:		16130
Submitted by:	maintainer

security/cyrus-sasl/Makefile

@@ -17,7 +17,7 @@ MAINTAINER=	hetzels@westbend.net
 BUILD_DEPENDS=	openssl:${PORTSDIR}/security/openssl
 LIB_DEPENDS=	crypto.1:${PORTSDIR}/security/openssl
 
-SASL_VER=	1.5.13
+SASL_VER=	1.5.15
 
 RESTRICTED=     "Contains cryptography"
 
@@ -35,27 +35,14 @@ CONFIGURE_ARGS= \
 		--with-dbpath=${PREFIX}/etc/sasldb \
 		--includedir=${PREFIX}/include/sasl \
 		--enable-static \
+		--enable-login \
+		--with-pwcheck=/var/pwcheck \
 		--with-rc4=openssl
 
 .if defined(KRB5_HOME) && exists(${KRB5_HOME})
 CONFIGURE_ARGS+= --enable-gssapi=${KRB5_HOME}
 .endif
 
-CONFIGURE_ARGS+= \
-		--with-pwcheck=/var/pwcheck
-
-#  --with-dbpath=PATH      set the DB path to use [/etc/sasldb]
-#  --with-pam=DIR          use PAM (rooted in DIR) [yes]
-#  --with-pwcheck=DIR      enable use of the pwcheck daemonusing statedir DIR
-#  --enable-cram           enable CRAM-MD5 authentication [yes]
-#  --enable-scram          enable SCRAM-MD5 authentication [no]
-#  --enable-digest         enable DIGEST-MD5 authentication [yes]
-#  --enable-krb4           enable KERBEROS_V4 authentication [yes]
-#  --enable-gssapi         enable GSSAPI authentication [yes]
-#  --enable-anon           enable ANONYMOUS authentication [yes]
-#  --enable-plain          enable PLAIN authentication [yes]
-#  --with-rc4=DIR          use rc4 (look in DIR) [yes]
-
 DOCS=	README README.Y2K TODO INSTALL ChangeLog NEWS
 
 DOC2=	draft-newman-auth-scram-03.txt \
@@ -65,11 +52,18 @@ DOC2=	draft-newman-auth-scram-03.txt \
 
 HTDOCS=	index programming sysadmin
 
+# Create Cyrus user and group
+pre-install:
+	@${SH} ${PKGDIR}/INSTALL ${PKGNAME} PRE-INSTALL
+
 post-install:
 	@${SETENV} OBJFORMAT=${PORTOBJFORMAT} ${LDCONFIG} -m ${PREFIX}/lib
-#       ${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck
+	@${SED}  -e "/%%PREFIX%%/s##${PREFIX}#g" ${FILESDIR}/pwcheck.sh \
+		> ${PREFIX}/etc/rc.d/pwcheck.sh
+	@${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh
+	${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck
 .if !defined(NOPORTDOCS)
-	${MKDIR} ${PREFIX}/share/doc/SASL/html
+	@${MKDIR} ${PREFIX}/share/doc/SASL/html
 .for file in ${DOCS}
 	@${ECHO} share/doc/SASL/${file} >>${TMPPLIST}
 	@${INSTALL_DATA} ${WRKSRC}/${file} ${PREFIX}/share/doc/SASL
@@ -79,19 +73,19 @@ post-install:
 	@${INSTALL_DATA} ${WRKSRC}/doc/${file} ${PREFIX}/share/doc/SASL
 .endfor
 .for file in ${HTDOCS}
-	${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${PREFIX}/share/doc/SASL/html
+	@${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${PREFIX}/share/doc/SASL/html
 	@${ECHO} share/doc/SASL/html/${file}.html >>${TMPPLIST}
 .endfor
 	@${ECHO} "@dirrm share/doc/SASL/html" >>${TMPPLIST}
 	@${ECHO} "@dirrm share/doc/SASL" >>${TMPPLIST}
 .endif
 .if !defined(KRB5_HOME) || !exists(${KRB5_HOME})
-	${GREP} -v libgssapiv2 ${TMPPLIST} > ${WRKDIR}/tmp.plist
-	${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
+	@${GREP} -v libgssapiv2 ${TMPPLIST} > ${WRKDIR}/tmp.plist
+	@${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
 .endif
 .if !defined(MAKE_EBONES) || exists(/usr/lib/libkrb.a)
-	${GREP} -v libkerberos4 ${TMPPLIST} > ${WRKDIR}/tmp.plist
-	${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
+	@${GREP} -v libkerberos4 ${TMPPLIST} > ${WRKDIR}/tmp.plist
+	@${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
 .endif
 
 .include <bsd.port.mk>

security/cyrus-sasl/distinfo

@@ -1 +1 @@
-MD5 (cyrus-sasl-1.5.13.tar.gz) = 6bfa1ac9f34d30e36cc827667f657521
+MD5 (cyrus-sasl-1.5.15.tar.gz) = a1c0f6ef22f34b0a2366e7ec70bdf705

security/cyrus-sasl/files/patch-ab

@@ -1,6 +1,6 @@
---- configure.in.orig	Thu Dec  2 14:10:30 1999
-+++ configure.in	Sat Dec  4 17:59:13 1999
-@@ -213,6 +213,7 @@
+--- configure.in.orig	Thu Jan 13 23:00:16 2000
++++ configure.in	Fri Jan 14 17:56:41 2000
+@@ -222,6 +222,7 @@
    AC_CHECK_LIB(crypt, crypt,
  	       LIB_CRYPT="-lcrypt"; cmu_have_crypt=yes,
  	       cmu_have_crypt=no))
@@ -8,28 +8,3 @@
  
  CMU_SOCKETS
  
-@@ -503,15 +504,22 @@
- 	    with_rc4=no)
- 
-   if test "$with_rc4" = no; then
-+
-+	  dnl if openssl has been compiled with the rsaref2 libraries,
-+	  dnl we need to include the rsaref libraries in the crypto check
-+	  LIB_RSAREF=""
-+	  AC_CHECK_LIB(rsaref, RSAPublicEncrypt,
-+		  LIB_RSAREF="-lRSAglue -lrsaref"; cmu_have_rsaref=yes,
-+		  cmu_have_rsaref=no)
-+
- 	  AC_CHECK_LIB(crypto, RC4_set_key,
- 		  AC_CHECK_HEADER(openssl/rc4.h, [AC_DEFINE(WITH_SSL_RC4)
-                                                   LIB_RC4="-lcrypto";
- 						  with_rc4="openssl"],
- 			          AC_WARN([SSL: Disabling rc4 support]); 
-                                   with_rc4=no),
--		       AC_WARN([SSL2: Disabling rc4 support]); with_rc4=no)
-+		       AC_WARN([SSL2: Disabling rc4 support]); with_rc4=no, $LIB_RSAREF)
-   fi
--
-   LIBS="$cmu_save_LIBS"
- fi
- 

security/cyrus-sasl/files/pwcheck.sh

@@ -1,7 +1,9 @@
 #!/bin/sh
 #
+# $FreeBSD$
+#
 
-PREFIX=/usr/local
+PREFIX=%%PREFIX%%
 
 case "$1" in
 
@@ -16,6 +18,7 @@ stop)
 	if [ -r /var/run/pwcheck.pid ]
 	then
 		kill `cat /var/run/pwcheck.pid` && echo -n " pwcheck"
+		rm /var/run/pwcheck.pid
 	fi
 	;;
 

security/cyrus-sasl/pkg-install

@@ -0,0 +1,73 @@
+#!/bin/sh
+#
+#	$FreeBSD$
+#
+# Created by: stb@FreeBSD.org for the cyrus imap server
+# Added to the cyrus-sasl port by hetzel@westbend.net
+
+#set -vx
+
+#
+# create 'cyrus' user and group before installing
+#
+
+create() {
+	if [ ! -x /usr/sbin/pw ]; then
+		echo "*** Please add a user and a group named \`cyrus' before installing this package."
+		exit 69
+	fi
+
+	if ! pw show group cyrus -q >/dev/null; then
+		gid=60
+		while pw show group -g ${gid} -q >/dev/null; do
+			gid=`expr ${gid} + 1`
+		done
+		if ! pw add group cyrus -g ${gid}; then
+			e=$?
+			echo "*** Failed to add group \`cyrus'. Please add it manually."
+			exit ${e}
+		fi
+		echo "*** Added group \`cyrus' (id ${gid})"
+	else
+		gid=`pw show group cyrus 2>/dev/null | cut -d: -f3`
+	fi
+
+	if [ -x /sbin/nologin ]; then
+		shell=/sbin/nologin
+	else
+		shell=/nonexistent
+	fi
+	if ! pw show user cyrus -q >/dev/null; then
+		uid=60
+		while pw show user -u ${uid} -q >/dev/null; do
+			uid=`expr ${uid} + 1`
+		done
+		if ! pw add user cyrus -u ${uid} -g ${gid} -d "/nonexistent" \
+				-c "the cyrus mail server" -s "${shell}" -p "*" \
+				; then
+			e=$?
+			echo "*** Failed to add user \`cyrus'. Please add it manually."
+			exit ${e}
+		fi
+		echo "*** Added user \`cyrus' (id ${uid})"
+	else
+		if ! pw mod user cyrus -g ${gid} -d "/nonexistent" \
+				-c "the cyrus mail server" -s "${shell}" -p "*" \
+				; then
+			e=$?
+			echo "*** Failed to update user \`cyrus'."
+			exit ${e}
+		fi
+		echo "*** Updated user \`cyrus'."
+	fi
+	if ! pw group mod cyrus -m daemon; then
+		echo "*** can't add user \`daemon' to group \`cyrus'"
+	fi
+}
+
+case $2 in
+	PRE-INSTALL)
+		create
+		;;
+
+esac

security/cyrus-sasl/pkg-message

@@ -0,0 +1,4 @@
+Start the pwcheck program to have clients use the SASL libraries
+as a non-root user:
+
+	/usr/local/etc/rc.d/pwcheck.sh [start|stop]

security/cyrus-sasl/pkg-plist

@@ -1,3 +1,5 @@
+@unexec %D/etc/rc.d/pwcheck.sh stop ; echo " stopped."
+etc/rc.d/pwcheck.sh
 include/sasl/hmac-md5.h
 include/sasl/md5.h
 include/sasl/md5global.h
@@ -25,8 +27,19 @@ lib/sasl/libgssapiv2.so.1
 lib/sasl/libkerberos4.a
 lib/sasl/libkerberos4.so
 lib/sasl/libkerberos4.so.1
+lib/sasl/liblogin.a
+lib/sasl/liblogin.so
+lib/sasl/liblogin.so.0
 lib/sasl/libplain.a
 lib/sasl/libplain.so
 lib/sasl/libplain.so.1
 @dirrm lib/sasl
 sbin/saslpasswd
+sbin/pwcheck
+@mode u=rwx,go=
+@exec mkdir /var/pwcheck
+@exec chown cyrus:cyrus /var/pwcheck
+@exec chmod go= /var/pwcheck
+@comment This file gets create by the pwcheck program
+@unexec rm -f /var/pwcheck/pwcheck
+@unexec rmdir /var/pwcheck

security/cyrus-sasl2/Makefile

@@ -17,7 +17,7 @@ MAINTAINER=	hetzels@westbend.net
 BUILD_DEPENDS=	openssl:${PORTSDIR}/security/openssl
 LIB_DEPENDS=	crypto.1:${PORTSDIR}/security/openssl
 
-SASL_VER=	1.5.13
+SASL_VER=	1.5.15
 
 RESTRICTED=     "Contains cryptography"
 
@@ -35,27 +35,14 @@ CONFIGURE_ARGS= \
 		--with-dbpath=${PREFIX}/etc/sasldb \
 		--includedir=${PREFIX}/include/sasl \
 		--enable-static \
+		--enable-login \
+		--with-pwcheck=/var/pwcheck \
 		--with-rc4=openssl
 
 .if defined(KRB5_HOME) && exists(${KRB5_HOME})
 CONFIGURE_ARGS+= --enable-gssapi=${KRB5_HOME}
 .endif
 
-CONFIGURE_ARGS+= \
-		--with-pwcheck=/var/pwcheck
-
-#  --with-dbpath=PATH      set the DB path to use [/etc/sasldb]
-#  --with-pam=DIR          use PAM (rooted in DIR) [yes]
-#  --with-pwcheck=DIR      enable use of the pwcheck daemonusing statedir DIR
-#  --enable-cram           enable CRAM-MD5 authentication [yes]
-#  --enable-scram          enable SCRAM-MD5 authentication [no]
-#  --enable-digest         enable DIGEST-MD5 authentication [yes]
-#  --enable-krb4           enable KERBEROS_V4 authentication [yes]
-#  --enable-gssapi         enable GSSAPI authentication [yes]
-#  --enable-anon           enable ANONYMOUS authentication [yes]
-#  --enable-plain          enable PLAIN authentication [yes]
-#  --with-rc4=DIR          use rc4 (look in DIR) [yes]
-
 DOCS=	README README.Y2K TODO INSTALL ChangeLog NEWS
 
 DOC2=	draft-newman-auth-scram-03.txt \
@@ -65,11 +52,18 @@ DOC2=	draft-newman-auth-scram-03.txt \
 
 HTDOCS=	index programming sysadmin
 
+# Create Cyrus user and group
+pre-install:
+	@${SH} ${PKGDIR}/INSTALL ${PKGNAME} PRE-INSTALL
+
 post-install:
 	@${SETENV} OBJFORMAT=${PORTOBJFORMAT} ${LDCONFIG} -m ${PREFIX}/lib
-#       ${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck
+	@${SED}  -e "/%%PREFIX%%/s##${PREFIX}#g" ${FILESDIR}/pwcheck.sh \
+		> ${PREFIX}/etc/rc.d/pwcheck.sh
+	@${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh
+	${INSTALL} -d -m 700 -o cyrus -g cyrus /var/pwcheck
 .if !defined(NOPORTDOCS)
-	${MKDIR} ${PREFIX}/share/doc/SASL/html
+	@${MKDIR} ${PREFIX}/share/doc/SASL/html
 .for file in ${DOCS}
 	@${ECHO} share/doc/SASL/${file} >>${TMPPLIST}
 	@${INSTALL_DATA} ${WRKSRC}/${file} ${PREFIX}/share/doc/SASL
@@ -79,19 +73,19 @@ post-install:
 	@${INSTALL_DATA} ${WRKSRC}/doc/${file} ${PREFIX}/share/doc/SASL
 .endfor
 .for file in ${HTDOCS}
-	${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${PREFIX}/share/doc/SASL/html
+	@${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${PREFIX}/share/doc/SASL/html
 	@${ECHO} share/doc/SASL/html/${file}.html >>${TMPPLIST}
 .endfor
 	@${ECHO} "@dirrm share/doc/SASL/html" >>${TMPPLIST}
 	@${ECHO} "@dirrm share/doc/SASL" >>${TMPPLIST}
 .endif
 .if !defined(KRB5_HOME) || !exists(${KRB5_HOME})
-	${GREP} -v libgssapiv2 ${TMPPLIST} > ${WRKDIR}/tmp.plist
-	${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
+	@${GREP} -v libgssapiv2 ${TMPPLIST} > ${WRKDIR}/tmp.plist
+	@${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
 .endif
 .if !defined(MAKE_EBONES) || exists(/usr/lib/libkrb.a)
-	${GREP} -v libkerberos4 ${TMPPLIST} > ${WRKDIR}/tmp.plist
-	${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
+	@${GREP} -v libkerberos4 ${TMPPLIST} > ${WRKDIR}/tmp.plist
+	@${MV} ${WRKDIR}/tmp.plist ${TMPPLIST}
 .endif
 
 .include <bsd.port.mk>

security/cyrus-sasl2/distinfo

@@ -1 +1 @@
-MD5 (cyrus-sasl-1.5.13.tar.gz) = 6bfa1ac9f34d30e36cc827667f657521
+MD5 (cyrus-sasl-1.5.15.tar.gz) = a1c0f6ef22f34b0a2366e7ec70bdf705

security/cyrus-sasl2/files/patch-ab

@@ -1,6 +1,6 @@
---- configure.in.orig	Thu Dec  2 14:10:30 1999
-+++ configure.in	Sat Dec  4 17:59:13 1999
-@@ -213,6 +213,7 @@
+--- configure.in.orig	Thu Jan 13 23:00:16 2000
++++ configure.in	Fri Jan 14 17:56:41 2000
+@@ -222,6 +222,7 @@
    AC_CHECK_LIB(crypt, crypt,
  	       LIB_CRYPT="-lcrypt"; cmu_have_crypt=yes,
  	       cmu_have_crypt=no))
@@ -8,28 +8,3 @@
  
  CMU_SOCKETS
  
-@@ -503,15 +504,22 @@
- 	    with_rc4=no)
- 
-   if test "$with_rc4" = no; then
-+
-+	  dnl if openssl has been compiled with the rsaref2 libraries,
-+	  dnl we need to include the rsaref libraries in the crypto check
-+	  LIB_RSAREF=""
-+	  AC_CHECK_LIB(rsaref, RSAPublicEncrypt,
-+		  LIB_RSAREF="-lRSAglue -lrsaref"; cmu_have_rsaref=yes,
-+		  cmu_have_rsaref=no)
-+
- 	  AC_CHECK_LIB(crypto, RC4_set_key,
- 		  AC_CHECK_HEADER(openssl/rc4.h, [AC_DEFINE(WITH_SSL_RC4)
-                                                   LIB_RC4="-lcrypto";
- 						  with_rc4="openssl"],
- 			          AC_WARN([SSL: Disabling rc4 support]); 
-                                   with_rc4=no),
--		       AC_WARN([SSL2: Disabling rc4 support]); with_rc4=no)
-+		       AC_WARN([SSL2: Disabling rc4 support]); with_rc4=no, $LIB_RSAREF)
-   fi
--
-   LIBS="$cmu_save_LIBS"
- fi
- 

security/cyrus-sasl2/files/pwcheck.sh

@@ -1,7 +1,9 @@
 #!/bin/sh
 #
+# $FreeBSD$
+#
 
-PREFIX=/usr/local
+PREFIX=%%PREFIX%%
 
 case "$1" in
 
@@ -16,6 +18,7 @@ stop)
 	if [ -r /var/run/pwcheck.pid ]
 	then
 		kill `cat /var/run/pwcheck.pid` && echo -n " pwcheck"
+		rm /var/run/pwcheck.pid
 	fi
 	;;
 

security/cyrus-sasl2/pkg-install

@@ -0,0 +1,73 @@
+#!/bin/sh
+#
+#	$FreeBSD$
+#
+# Created by: stb@FreeBSD.org for the cyrus imap server
+# Added to the cyrus-sasl port by hetzel@westbend.net
+
+#set -vx
+
+#
+# create 'cyrus' user and group before installing
+#
+
+create() {
+	if [ ! -x /usr/sbin/pw ]; then
+		echo "*** Please add a user and a group named \`cyrus' before installing this package."
+		exit 69
+	fi
+
+	if ! pw show group cyrus -q >/dev/null; then
+		gid=60
+		while pw show group -g ${gid} -q >/dev/null; do
+			gid=`expr ${gid} + 1`
+		done
+		if ! pw add group cyrus -g ${gid}; then
+			e=$?
+			echo "*** Failed to add group \`cyrus'. Please add it manually."
+			exit ${e}
+		fi
+		echo "*** Added group \`cyrus' (id ${gid})"
+	else
+		gid=`pw show group cyrus 2>/dev/null | cut -d: -f3`
+	fi
+
+	if [ -x /sbin/nologin ]; then
+		shell=/sbin/nologin
+	else
+		shell=/nonexistent
+	fi
+	if ! pw show user cyrus -q >/dev/null; then
+		uid=60
+		while pw show user -u ${uid} -q >/dev/null; do
+			uid=`expr ${uid} + 1`
+		done
+		if ! pw add user cyrus -u ${uid} -g ${gid} -d "/nonexistent" \
+				-c "the cyrus mail server" -s "${shell}" -p "*" \
+				; then
+			e=$?
+			echo "*** Failed to add user \`cyrus'. Please add it manually."
+			exit ${e}
+		fi
+		echo "*** Added user \`cyrus' (id ${uid})"
+	else
+		if ! pw mod user cyrus -g ${gid} -d "/nonexistent" \
+				-c "the cyrus mail server" -s "${shell}" -p "*" \
+				; then
+			e=$?
+			echo "*** Failed to update user \`cyrus'."
+			exit ${e}
+		fi
+		echo "*** Updated user \`cyrus'."
+	fi
+	if ! pw group mod cyrus -m daemon; then
+		echo "*** can't add user \`daemon' to group \`cyrus'"
+	fi
+}
+
+case $2 in
+	PRE-INSTALL)
+		create
+		;;
+
+esac

security/cyrus-sasl2/pkg-message

@@ -0,0 +1,4 @@
+Start the pwcheck program to have clients use the SASL libraries
+as a non-root user:
+
+	/usr/local/etc/rc.d/pwcheck.sh [start|stop]

security/cyrus-sasl2/pkg-plist

@@ -1,3 +1,5 @@
+@unexec %D/etc/rc.d/pwcheck.sh stop ; echo " stopped."
+etc/rc.d/pwcheck.sh
 include/sasl/hmac-md5.h
 include/sasl/md5.h
 include/sasl/md5global.h
@@ -25,8 +27,19 @@ lib/sasl/libgssapiv2.so.1
 lib/sasl/libkerberos4.a
 lib/sasl/libkerberos4.so
 lib/sasl/libkerberos4.so.1
+lib/sasl/liblogin.a
+lib/sasl/liblogin.so
+lib/sasl/liblogin.so.0
 lib/sasl/libplain.a
 lib/sasl/libplain.so
 lib/sasl/libplain.so.1
 @dirrm lib/sasl
 sbin/saslpasswd
+sbin/pwcheck
+@mode u=rwx,go=
+@exec mkdir /var/pwcheck
+@exec chown cyrus:cyrus /var/pwcheck
+@exec chmod go= /var/pwcheck
+@comment This file gets create by the pwcheck program
+@unexec rm -f /var/pwcheck/pwcheck
+@unexec rmdir /var/pwcheck