mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-23 00:43:28 +00:00
Code Issues Releases Activity

Fix OpenLDAP v1 errors

Browse Source 
Allow PAM aware pwcheck daemon
Add JavaSASL

PR:		34068
Submitted by:	maintainer
This commit is contained in:
David W. Chapman Jr. 2002-01-20 19:23:25 +00:00
parent 824c134eb9
commit cfa957e244
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=53400
20 changed files with 812 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
security/cyrus-sasl/Makefile
View File

@ -7,7 +7,7 @@
PORTNAME= cyrus-sasl
PORTVERSION= 1.5.27
PORTREVISION= 0
PORTREVISION= 1
CATEGORIES= security ipv6
MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR%/ \
http://prdownloads.sourceforge.net/cyrus-utils/ \
@ -69,7 +69,7 @@ SCRIPTS_ENV= WRKDIRPREFIX="${WRKDIRPREFIX}" \
WITH_LDAP2="${WITH_LDAP2}"
# JavaSASL needs someone to look at to get it to build
JAVADIR= jdk1.1.8
JAVADIR= jdk1.3.1
JAVALIBDIR= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/
.if defined(KRB5_HOME) && exists(${KRB5_HOME})
@ -112,18 +112,21 @@ pre-fetch:
.include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc"
.endif
post-extract:
@${CP} ${FILESDIR}/pwcheck_pam.c ${WRKSRC}/pwcheck
pre-patch:
@(cd ${WRKSRC} && ${PATCH} -p1 < ${WRKDIR}/${LDAP_MYSQL_PATCH} && \
${MV} configure.orig configure)
# Fix sasldb name in pkg-install/deinstall scripts
post-patch:
@${SED} -e "/%%SASLDB%%/s##${SASLDB_NAME}#g" \
@${SED} -e "s;%%SASLDB%%;${SASLDB_NAME};g" \
${.CURDIR}/pkg-install > ${PKGINSTALL}
@${SED} -e "/%%SASLDB%%/s##${SASLDB_NAME}#g" \
@${SED} -e "s;%%SASLDB%%;${SASLDB_NAME};g" \
${.CURDIR}/pkg-deinstall > ${PKGDEINSTALL}
@${SED} -e "/%%SASLDB%%/s##${SASLDB_NAME}#g" \
-e "/%%PREFIX%%/s##${PREFIX}#g" \
@${SED} -e "s;%%SASLDB%%;${SASLDB_NAME};g" \
-e "s;%%PREFIX%%;${PREFIX};g" \
${.CURDIR}/pkg-message > ${PKGMESSAGE}
.ifdef LDAP_MYSQL_MSG
@${ECHO} ${LDAP_MYSQL_MSG} | /usr/bin/fmt -w 67 >> ${PKGMESSAGE}
@ -138,8 +141,8 @@ pre-install:
@${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
post-install:
@${SED} -e "/%%PREFIX%%/s##${PREFIX}#g" ${FILESDIR}/pwcheck.sh \
> ${PREFIX}/etc/rc.d/pwcheck.sh
@${SED} -e "s;%%PREFIX%%;${PREFIX};g" ${PWCHECK_SUB} \
${FILESDIR}/pwcheck.sh > ${PREFIX}/etc/rc.d/pwcheck.sh
@${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh
${INSTALL} -d -m 770 -o cyrus -g cyrus /var/pwcheck
.if !defined(NOPORTDOCS)
@ -151,6 +154,7 @@ post-install:
for file in `make -V EXTRA_DIST` ; do \
${INSTALL_DATA} ${WRKSRC}/doc/$${file} ${DOCSDIR} ; \
done)
@${INSTALL_DATA} ${WRKSRC}/java/doc/draft-weltman-java-sasl-02.txt ${DOCSDIR}
@${INSTALL_DATA} ${FILESDIR}/Sendmail.README ${DOCSDIR}
.endif
@PKG_PREFIX=${PREFIX} BATCH=${BATCH} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL

15
security/cyrus-sasl/files/patch-ab
View File

@ -1,5 +1,5 @@
--- configure.in.orig Tue Nov 27 11:45:28 2001
+++ configure.in Tue Nov 27 12:49:28 2001
--- configure.in.orig Thu Jan 17 19:21:51 2002
+++ configure.in Thu Jan 17 19:47:46 2002
@@ -66,8 +66,9 @@
dnl check for -R, etc. switch
CMU_GUESS_RUNPATH_SWITCH
@ -12,7 +12,16 @@
AM_DISABLE_STATIC
@@ -235,6 +236,13 @@
@@ -122,8 +123,6 @@
AC_SUBST(JAVA_INCLUDES)
AC_MSG_RESULT(JAVA_INCLUDES)
- JAVAC=`echo "$JAVAC" | sed 's,.*/,,'`
- JAVAH=`echo "$JAVAH" | sed 's,.*/,,'`
fi
AM_CONDITIONAL(SAMPLE, test "$enable_sample" = yes)
@@ -235,6 +234,13 @@
berkeley)
SASL_DB_BACKEND="db_${dblib}.lo"
AC_DEFINE(SASL_BERKELEYDB)

11
security/cyrus-sasl/files/patch-java::CyrusSasl::Makefile.am Normal file
View File

@ -0,0 +1,11 @@
--- java/CyrusSasl/Makefile.am.orig Tue Nov 21 23:55:17 2000
+++ java/CyrusSasl/Makefile.am Thu Jan 17 21:58:10 2002
@@ -25,7 +25,7 @@
javasasl_version = 1:0:0
-javasasldir = $(prefix)/lib/java/classes/sasl/CyrusSasl
+javasasldir = $(prefix)/share/java/classes/sasl/CyrusSasl
javahtmldir = $(prefix)/html/sasl
INCLUDES=$(JAVA_INCLUDES) -I$(top_srcdir)/include

11
security/cyrus-sasl/files/patch-java::javax::security::auth::callback::Makefile.am Normal file
View File

@ -0,0 +1,11 @@
--- java/javax/security/auth/callback/Makefile.am.orig Sat Nov 4 16:55:44 2000
+++ java/javax/security/auth/callback/Makefile.am Thu Jan 17 22:05:23 2002
@@ -39,7 +39,7 @@
#
################################################################
-javasasldir = $(prefix)/lib/java/classes/sasl/javax/security/auth/callback
+javasasldir = $(prefix)/share/java/classes/sasl/javax/security/auth/callback
javahtmldir = $(prefix)/html/sasl
javasasl_JAVA = PasswordCallback.java \

101
security/cyrus-sasl/files/patch-lib::checkpw.c Normal file
View File

@ -0,0 +1,101 @@
--- lib/checkpw.c.orig Fri Jan 18 21:56:29 2002
+++ lib/checkpw.c Fri Jan 18 22:14:58 2002
@@ -1491,6 +1491,9 @@
# define FALSE 0
#endif
+#ifndef LDAP_NO_ATTRS
+#define LDAP_NO_ATTRS "1.1"
+#endif
static int ldap_isdigits(char *value)
{
char *ptr;
@@ -1504,6 +1507,16 @@
return num;
}
+#ifdef LDAP_VENDOR_VERSION
+#define SASL_ldap_search_ext_s(ld, base, scope, filter, attrs, attrsonly, serverctrls, clientctrls, timeout, sizelimit, res) \
+ ldap_search_ext_s(ld, base, scope, filter, attrs, attrsonly, serverctrls, clientctrls, timeout, sizelimit, res)
+#define SASL_ldap_memfree(dn) ldap_memfree(dn)
+#else
+#define SASL_ldap_search_ext_s(ld, base, scope, filter, attrs, attrsonly, serverctrls, clientctrls, timeout, sizelimit, res) \
+ ldap_search_st(ld, base, scope, filter, attrs, attrsonly, timeout, res)
+#define SASL_ldap_memfree(dn) free(dn)
+#endif
+
static int ldap_verify_password(sasl_conn_t *conn,
const char *userid,
const char *password,
@@ -1522,18 +1535,18 @@
*ldap_filter="",
*ldap_bind_dn="",
*ldap_bind_pw="",
- *ldap_ssl="",
*ldap_filter_mode="",
*port_num="";
int malloc_size; /* safety net */
int ldap_filter_flag = 0;
- int ldap_ssl_flag = 0;
int ldap_port = LDAP_PORT;
sasl_getopt_t *getopt;
void *context;
LDAPMessage *result, *e;
char *attrs[]={LDAP_NO_ATTRS, NULL};
#ifdef LDAP_OPT_X_TLS
+ char *ldap_ssl="";
+ int ldap_ssl_flag = 0;
int tls_option;
#endif
@@ -1625,9 +1638,11 @@
return SASL_FAIL;
}
/* set ssl mode if needed */
+#ifdef LDAP_OPT_X_TLS
if ( ldap_ssl_flag ) {
ldap_set_option(ld, LDAP_OPT_X_TLS, (void *)&tls_option);
}
+#endif
/* either run the filter or just bind as them ? */
@@ -1657,7 +1672,7 @@
snprintf(filter,malloc_size-1,"(&(%s=%s)%s)", ldap_uidattr, userid, ldap_filter);
/* Now do the search */
- if (ldap_search_ext_s(ld, ldap_basedn, LDAP_SCOPE_SUBTREE, filter,
+ if (SASL_ldap_search_ext_s(ld, ldap_basedn, LDAP_SCOPE_SUBTREE, filter,
attrs, 0, NULL, NULL, LDAP_NO_LIMIT, 1, &result) !=
LDAP_SUCCESS) {
free(filter);
@@ -1680,17 +1695,17 @@
ldap_unbind(ld);
return SASL_BADAUTH;
}
- if (ldap_simple_bind_s(ld,dn,password) != LDAP_SUCCESS) {
+ if (ldap_simple_bind_s(ld,dn,(char *)password) != LDAP_SUCCESS) {
e = NULL;
free(filter);
- ldap_memfree(dn);
+ SASL_ldap_memfree(dn);
ldap_msgfree(result);
ldap_unbind(ld);
return SASL_BADAUTH;
}
e = NULL;
free(filter);
- ldap_memfree(dn);
+ SASL_ldap_memfree(dn);
ldap_msgfree(result);
} else {
@@ -1710,7 +1725,7 @@
* If this is not so I have a version or that too
* Simon@surf.org.uk
*/
- if (ldap_simple_bind_s(ld,dn,password) != LDAP_SUCCESS) {
+ if (ldap_simple_bind_s(ld,dn,(char *)password) != LDAP_SUCCESS) {
free(dn);
ldap_unbind(ld);
return SASL_BADAUTH;

17
security/cyrus-sasl/files/patch-pwcheck::Makefile.am Normal file
View File

@ -0,0 +1,17 @@
--- pwcheck/Makefile.am.orig Wed Mar 22 11:06:43 2000
+++ pwcheck/Makefile.am Thu Jan 17 19:09:06 2002
@@ -22,9 +22,13 @@
# SOFTWARE.
#
-sbin_PROGRAMS = pwcheck
+sbin_PROGRAMS = pwcheck pwcheck_pam
pwcheck_SOURCES = pwcheck.c
EXTRA_pwcheck_SOURCES = pwcheck_getpwnam.c pwcheck_getspnam.c
pwcheck_DEPENDECIES = pwcheck_@PWCHECKMETH@.lo
pwcheck_LDADD = pwcheck_@PWCHECKMETH@.lo @LIB_CRYPT@ @LIB_SOCKET@
+
+pwcheck_pam_SOURCES = pwcheck.c
+pwcheck_pam_DEPENDECIES = pwcheck_pam.lo
+pwcheck_pam_LDADD = pwcheck_pam.lo @LIB_CRYPT@ @LIB_SOCKET@ @LIB_PAM@

73
security/cyrus-sasl/files/pwcheck.sh
View File

@ -3,29 +3,64 @@
# $FreeBSD$
#
action=$1
PREFIX=%%PREFIX%%
case "$1" in
# Suck in the configuration variables.
if [ -z "${source_rc_confs_defined}" ]; then
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
source_rc_confs
elif [ -r /etc/rc.conf ]; then
. /etc/rc.conf
fi
fi
start)
if [ -x ${PREFIX}/sbin/pwcheck ]
then
${PREFIX}/sbin/pwcheck & && echo -n " pwcheck"
fi
# The following sasl_pwcheck_* variables may be defined in rc.conf
#
# sasl_pwcheck_enable - Set to YES to enable pwcheck
# Default: %%ENABLEPWCHECK%%
#
# sasl_pwcheck_program - Path to pwcheck program (pwcheck/pwcheck_pam)
# Default: ${PREFIX}/sbin/%%PWCHECK%%
if [ -z "${sasl_pwcheck_enable}" ] ; then
sasl_pwcheck_enable=%%ENABLEPWCHECK%%
fi
if [ -z "${sasl_pwcheck_program}" ]; then
sasl_pwcheck_program=${PREFIX}/sbin/%%PWCHECK%%
fi
rc=0
case "${sasl_pwcheck_enable}" in
[Yy][Ee][Ss])
case "${action}" in
start)
if [ -x ${sasl_pwcheck_program} ] ; then
${sasl_pwcheck_program} & && echo -n " pwcheck"
fi
;;
stop)
if [ -r /var/run/pwcheck.pid ]; then
kill `cat /var/run/pwcheck.pid` && echo -n " pwcheck"
rm /var/run/pwcheck.pid
fi
;;
*)
echo "usage: $0 {start|stop}" 1>&2
rc=64
;;
esac
;;
stop)
if [ -r /var/run/pwcheck.pid ]
then
kill `cat /var/run/pwcheck.pid` && echo -n " pwcheck"
rm /var/run/pwcheck.pid
fi
*)
rc=0
;;
*)
echo "usage: $0 {start|stop}" 1>&2
exit 64
;;
esac
exit $rc

101
security/cyrus-sasl/files/pwcheck_pam.c Normal file
View File

@ -0,0 +1,101 @@
#include <security/pam_appl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
/* Static variables used to communicate between the conversation function
* and the server_login function
*/
static char *PAM_username;
static char *PAM_password;
/* PAM conversation function
*/
static int PAM_conv (int num_msg,
const struct pam_message **msg,
struct pam_response **resp,
void *appdata_ptr) {
int replies = 0;
struct pam_response *reply = NULL;
#define COPY_STRING(s) (s) ? strdup(s) : NULL
reply = malloc(sizeof(struct pam_response) * num_msg);
if (!reply) return PAM_CONV_ERR;
for (replies = 0; replies < num_msg; replies++) {
switch (msg[replies]->msg_style) {
case PAM_PROMPT_ECHO_ON:
reply[replies].resp_retcode = PAM_SUCCESS;
reply[replies].resp = COPY_STRING(PAM_username);
/* PAM frees resp */
break;
case PAM_PROMPT_ECHO_OFF:
reply[replies].resp_retcode = PAM_SUCCESS;
reply[replies].resp = COPY_STRING(PAM_password);
/* PAM frees resp */
break;
case PAM_TEXT_INFO:
/* fall through */
case PAM_ERROR_MSG:
/* ignore it, but pam still wants a NULL response... */
reply[replies].resp_retcode = PAM_SUCCESS;
reply[replies].resp = NULL;
break;
default:
/* Must be an error of some sort... */
free (reply);
return PAM_CONV_ERR;
}
}
*resp = reply;
return PAM_SUCCESS;
}
static struct pam_conv PAM_conversation = {
PAM_conv,
NULL
};
/* Server log in
* Accepts: user name string
* password string
* Returns: "OK" if password validated, error message otherwise
*/
char *pwcheck(char *username, char *password)
{
pam_handle_t *pamh;
int pam_error;
/* PAM only handles authentication, not user information. */
if ( !(username && password && strlen(username) && strlen(password)) )
return "Incorrect username";
/* validate password */
PAM_password = password;
PAM_username = username;
fprintf(stderr, "checking %s\n", username);
pam_error = pam_start("cyrus", username, &PAM_conversation, &pamh);
if (pam_error == PAM_SUCCESS)
pam_error = pam_authenticate(pamh, 0);
if (pam_error == PAM_SUCCESS)
pam_error = pam_acct_mgmt(pamh, 0);
if ( pam_error == PAM_SUCCESS)
fprintf(stderr, "\tauthenticated %s\n", username);
else
fprintf(stderr, "\tfailed to authenticate %s\n", username);
if(pam_end(pamh, pam_error) != PAM_SUCCESS) {
pamh = NULL;
fprintf(stderr, "pwcheck: failed to release authenticator\n");
exit(1);
}
return ( pam_error == PAM_SUCCESS ? "OK" : "Incorrect passwd" );
}

33
security/cyrus-sasl/pkg-plist
View File

@ -7,6 +7,9 @@ include/sasl/sasl.h
include/sasl/saslplug.h
include/sasl/saslutil.h
@dirrm include/sasl
%%JAVASASL%%lib/libjavasasl.a
%%JAVASASL%%lib/libjavasasl.so
%%JAVASASL%%lib/libjavasasl.so.1
lib/libsasl.a
lib/libsasl.so
lib/libsasl.so.8
@ -34,6 +37,27 @@ lib/sasl/libplain.so.1
sbin/sasldblistusers
sbin/saslpasswd
sbin/pwcheck
sbin/pwcheck_pam
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/ClientFactory.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericClient.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericCommon.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericServer.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/Sasl.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslClient.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslClientFactory.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslException.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslInputStream.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslOutputStream.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslServer.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslServerFactory.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslUtils.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/ServerFactory.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/Callback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/CallbackHandler.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/NameCallback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/PasswordCallback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/RealmCallback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/UnsupportedCallbackException.class
%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
%%PORTDOCS%%%%DOCSDIR%%/COPYING
%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
@ -43,6 +67,7 @@ sbin/pwcheck
%%PORTDOCS%%%%DOCSDIR%%/Sendmail.README
%%PORTDOCS%%%%DOCSDIR%%/TODO
%%PORTDOCS%%%%DOCSDIR%%/draft-newman-auth-scram-03.txt
%%PORTDOCS%%%%DOCSDIR%%/draft-weltman-java-sasl-02.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc1321.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc2095.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc2104.txt
@ -54,6 +79,14 @@ sbin/pwcheck
%%PORTDOCS%%%%DOCSDIR%%/programming.html
%%PORTDOCS%%%%DOCSDIR%%/sysadmin.html
%%PORTDOCS%%@dirrm %%DOCSDIR%%
%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security/auth/callback
%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security/auth
%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security
%%JAVASASL%%@dirrm share/java/classes/sasl/javax
%%JAVASASL%%@dirrm share/java/classes/sasl/CyrusSasl
%%JAVASASL%%@dirrm share/java/classes/sasl
%%JAVASASL%%@unexec rmdir %D/share/java/classes || true
%%JAVASASL%%@unexec rmdir %D/share/java || true
@dirrm lib/sasl
@cwd /var
@exec install -d -m 770 -o cyrus -g cyrus %D/pwcheck

73
security/cyrus-sasl/scripts/configure.sasl
View File

@ -25,6 +25,7 @@ if [ "${BATCH}" ]; then
OPTIONS="${OPTIONS} \"OpenLDAP1\""
fi
if [ "${OPTIONS}" != "x" ]; then
OPTIONS="${OPTIONS} \"PWCHECK\""
set ${OPTIONS}
fi
else
@ -58,11 +59,14 @@ else
/usr/bin/dialog --title "Additional SASL options" --clear \
--checklist "\n\
Please select desired options:" -1 -1 16 \
NDBM "ndbm DB package" ${SET_NDBM} \
DB3 "Berkeley DB package, revision 3" ${SET_DB3} \
NDBM "ndbm DB" ${SET_NDBM} \
DB3 "Berkeley DB, revision 3" ${SET_DB3} \
JAVA "JavaSASL [Experimental]" ${SET_JAVA} \
MySQL "MySQL password Authentication" ${SET_MYSQL} \
OpenLDAP1 "OpenLDAP 1.x support" ${SET_LDAP1} \
OpenLDAP2 "OpenLDAP 2.x support" ${SET_LDAP2} \
OpenLDAP1 "OpenLDAP 1.x password Authentication" ${SET_LDAP1} \
OpenLDAP2 "OpenLDAP 2.x password Authentication w/TLS" ${SET_LDAP2} \
PWCHECK "Use pwcheck for password Authentication" ON \
PAMPWCHECK "Use pwcheck_pam for password Authentication" OFF \
2> $tempfile
retval=$?
@ -75,6 +79,8 @@ OpenLDAP2 "OpenLDAP 2.x support" ${SET_LDAP2} \
case $retval in
0) if [ -z "$*" ]; then
echo "Nothing selected"
OPTIONS="\"NDBM\""
set ${OPTIONS}
fi
;;
1) echo "Cancel pressed."
@ -112,15 +118,16 @@ while [ "$1" ]; do
DBLIB=1
;;
\"JAVA\")
echo "JAVA is disabled, Ignoring option" > /dev/stderr
;;
\"DISABLED\")
echo "RUN_DEPENDS= \${LOCALBASE}/\${JAVADIR}/bin/java:\${PORTSDIR}/java/jdk"
echo "CONFIGURE_ARGS+= --with-java \\"
echo " --with-javabase=\${LOCALBASE}/include"
echo "BUILD_DEPENDS+= \${LOCALBASE}/\${JAVADIR}/bin/java:\${PORTSDIR}/java/jdk13"
echo "RUN_DEPENDS+= \${LOCALBASE}/\${JAVADIR}/bin/java:\${PORTSDIR}/java/jdk13"
echo "USE_GMAKE= yes"
echo "CONFIGURE_ARGS+= --enable-java \\"
echo " --with-javabase=\${LOCALBASE}/\${JAVADIR}"
echo "CONFIGURE_ENV+= JAVAC=\"\${LOCALBASE}/\${JAVADIR}/bin/javac\" \\"
echo " JAVAH=\"\${LOCALBASE}/\${JAVADIR}/bin/javah" \\"
echo " JAVADOC=\"\${LOCALBASE}/\${JAVADIR}/bin/javadoc\"
echo " JAVAH=\"\${LOCALBASE}/\${JAVADIR}/bin/javah\" \\"
echo " JAVADOC=\"\${LOCALBASE}/\${JAVADIR}/bin/javadoc\""
echo "PLIST_SUB+= JAVASASL=\"\""
DEFJAVA=1
;;
\"MySQL\")
echo "LIB_DEPENDS+= mysqlclient.10:\${PORTSDIR}/databases/mysql323-client"
@ -128,7 +135,7 @@ while [ "$1" ]; do
MSG=1
;;
\"OpenLDAP1\")
if [ "$OPENLDAP2" ]; then
if [ "$OPENLDAP" ]; then
echo "OpenLDAP1 and OpenLDAP2 are mutually exclusive." > /dev/stderr
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
exit 1
@ -136,11 +143,10 @@ while [ "$1" ]; do
echo "LIB_DEPENDS+= ldap.1:\${PORTSDIR}/net/openldap"
echo "LIB_DEPENDS+= lber.1:\${PORTSDIR}/net/openldap"
echo "CONFIGURE_ARGS+= --with-ldap=\${PREFIX}"
OPENLDAP1=1
MSG=1
OPENLDAP=1
;;
\"OpenLDAP2\")
if [ "$OPENLDAP1" ]; then
if [ "$OPENLDAP" ]; then
echo "OpenLDAP1 and OpenLDAP2 are mutually exclusive." > /dev/stderr
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
exit 1
@ -148,8 +154,23 @@ while [ "$1" ]; do
echo "LIB_DEPENDS+= ldap.2:\${PORTSDIR}/net/openldap2"
echo "LIB_DEPENDS+= lber.2:\${PORTSDIR}/net/openldap2"
echo "CONFIGURE_ARGS+= --with-ldap=\${PREFIX}"
OPENLDAP2=1
MSG=1
OPENLDAP=1
;;
\"PWCHECK\")
if [ "$PWCHECK" ]; then
echo "PWCHECK or PAMPWCHECK must be choosen seperately: Defaulting to PAMPWCHECK" > /dev/stderr
else
echo "PWCHECK_SUB+= -e \"s;%%PWCHECK%%;pwcheck;g\""
PWCHECK=1
fi
;;
\"PAMPWCHECK\")
if [ "$PWCHECK" ]; then
echo "PWCHECK or PAMPWCHECK must be choosen seperately: Defaulting to PWCHECK" > /dev/stderr
else
echo "PWCHECK_SUB+= -e \"s;%%PWCHECK%%;pwcheck_pam;g\""
PWCHECK=1
fi
;;
*)
echo "Invalid option(s): $*" > /dev/stderr
@ -160,6 +181,20 @@ while [ "$1" ]; do
shift
done
if [ "x${MSG}" != "x" ]; then
if [ "$PWCHECK" ]; then
echo "PWCHECK_SUB+= -e \"s;%%ENABLEPWCHECK%%;yes;g\""
else
echo "PWCHECK_SUB+= -e \"s;%%PWCHECK%%;pwcheck;g\" \\"
echo " -e \"s;%%ENABLEPWCHECK%%;no;g\""
fi
if [ ! "${DEFJAVA}" ]; then
echo "PLIST_SUB+= JAVASASL=\"@comment \""
fi
if [ ! "${DBLIB}" ]; then
echo "CONFIGURE_ARGS+= --with-dblib=ndbm"
echo "SASLDB_NAME= sasldb.db"
fi
if [ "$OPENLDAP" ]; then
echo "LDAP_MYSQL_MSG= \"See sysadmin.html in the Cyrus-SASL docs directory for informaion on using LDAP or MySQL for authentication.\""
fi

20
security/cyrus-sasl2/Makefile
View File

@ -7,7 +7,7 @@
PORTNAME= cyrus-sasl
PORTVERSION= 1.5.27
PORTREVISION= 0
PORTREVISION= 1
CATEGORIES= security ipv6
MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR%/ \
http://prdownloads.sourceforge.net/cyrus-utils/ \
@ -69,7 +69,7 @@ SCRIPTS_ENV= WRKDIRPREFIX="${WRKDIRPREFIX}" \
WITH_LDAP2="${WITH_LDAP2}"
# JavaSASL needs someone to look at to get it to build
JAVADIR= jdk1.1.8
JAVADIR= jdk1.3.1
JAVALIBDIR= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/
.if defined(KRB5_HOME) && exists(${KRB5_HOME})
@ -112,18 +112,21 @@ pre-fetch:
.include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc"
.endif
post-extract:
@${CP} ${FILESDIR}/pwcheck_pam.c ${WRKSRC}/pwcheck
pre-patch:
@(cd ${WRKSRC} && ${PATCH} -p1 < ${WRKDIR}/${LDAP_MYSQL_PATCH} && \
${MV} configure.orig configure)
# Fix sasldb name in pkg-install/deinstall scripts
post-patch:
@${SED} -e "/%%SASLDB%%/s##${SASLDB_NAME}#g" \
@${SED} -e "s;%%SASLDB%%;${SASLDB_NAME};g" \
${.CURDIR}/pkg-install > ${PKGINSTALL}
@${SED} -e "/%%SASLDB%%/s##${SASLDB_NAME}#g" \
@${SED} -e "s;%%SASLDB%%;${SASLDB_NAME};g" \
${.CURDIR}/pkg-deinstall > ${PKGDEINSTALL}
@${SED} -e "/%%SASLDB%%/s##${SASLDB_NAME}#g" \
-e "/%%PREFIX%%/s##${PREFIX}#g" \
@${SED} -e "s;%%SASLDB%%;${SASLDB_NAME};g" \
-e "s;%%PREFIX%%;${PREFIX};g" \
${.CURDIR}/pkg-message > ${PKGMESSAGE}
.ifdef LDAP_MYSQL_MSG
@${ECHO} ${LDAP_MYSQL_MSG} | /usr/bin/fmt -w 67 >> ${PKGMESSAGE}
@ -138,8 +141,8 @@ pre-install:
@${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
post-install:
@${SED} -e "/%%PREFIX%%/s##${PREFIX}#g" ${FILESDIR}/pwcheck.sh \
> ${PREFIX}/etc/rc.d/pwcheck.sh
@${SED} -e "s;%%PREFIX%%;${PREFIX};g" ${PWCHECK_SUB} \
${FILESDIR}/pwcheck.sh > ${PREFIX}/etc/rc.d/pwcheck.sh
@${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh
${INSTALL} -d -m 770 -o cyrus -g cyrus /var/pwcheck
.if !defined(NOPORTDOCS)
@ -151,6 +154,7 @@ post-install:
for file in `make -V EXTRA_DIST` ; do \
${INSTALL_DATA} ${WRKSRC}/doc/$${file} ${DOCSDIR} ; \
done)
@${INSTALL_DATA} ${WRKSRC}/java/doc/draft-weltman-java-sasl-02.txt ${DOCSDIR}
@${INSTALL_DATA} ${FILESDIR}/Sendmail.README ${DOCSDIR}
.endif
@PKG_PREFIX=${PREFIX} BATCH=${BATCH} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL

15
security/cyrus-sasl2/files/patch-ab
View File

@ -1,5 +1,5 @@
--- configure.in.orig Tue Nov 27 11:45:28 2001
+++ configure.in Tue Nov 27 12:49:28 2001
--- configure.in.orig Thu Jan 17 19:21:51 2002
+++ configure.in Thu Jan 17 19:47:46 2002
@@ -66,8 +66,9 @@
dnl check for -R, etc. switch
CMU_GUESS_RUNPATH_SWITCH
@ -12,7 +12,16 @@
AM_DISABLE_STATIC
@@ -235,6 +236,13 @@
@@ -122,8 +123,6 @@
AC_SUBST(JAVA_INCLUDES)
AC_MSG_RESULT(JAVA_INCLUDES)
- JAVAC=`echo "$JAVAC" | sed 's,.*/,,'`
- JAVAH=`echo "$JAVAH" | sed 's,.*/,,'`
fi
AM_CONDITIONAL(SAMPLE, test "$enable_sample" = yes)
@@ -235,6 +234,13 @@
berkeley)
SASL_DB_BACKEND="db_${dblib}.lo"
AC_DEFINE(SASL_BERKELEYDB)

11
security/cyrus-sasl2/files/patch-java::CyrusSasl::Makefile.am Normal file
View File

@ -0,0 +1,11 @@
--- java/CyrusSasl/Makefile.am.orig Tue Nov 21 23:55:17 2000
+++ java/CyrusSasl/Makefile.am Thu Jan 17 21:58:10 2002
@@ -25,7 +25,7 @@
javasasl_version = 1:0:0
-javasasldir = $(prefix)/lib/java/classes/sasl/CyrusSasl
+javasasldir = $(prefix)/share/java/classes/sasl/CyrusSasl
javahtmldir = $(prefix)/html/sasl
INCLUDES=$(JAVA_INCLUDES) -I$(top_srcdir)/include

11
security/cyrus-sasl2/files/patch-java::javax::security::auth::callback::Makefile.am Normal file
View File

@ -0,0 +1,11 @@
--- java/javax/security/auth/callback/Makefile.am.orig Sat Nov 4 16:55:44 2000
+++ java/javax/security/auth/callback/Makefile.am Thu Jan 17 22:05:23 2002
@@ -39,7 +39,7 @@
#
################################################################
-javasasldir = $(prefix)/lib/java/classes/sasl/javax/security/auth/callback
+javasasldir = $(prefix)/share/java/classes/sasl/javax/security/auth/callback
javahtmldir = $(prefix)/html/sasl
javasasl_JAVA = PasswordCallback.java \

101
security/cyrus-sasl2/files/patch-lib::checkpw.c Normal file
View File

@ -0,0 +1,101 @@
--- lib/checkpw.c.orig Fri Jan 18 21:56:29 2002
+++ lib/checkpw.c Fri Jan 18 22:14:58 2002
@@ -1491,6 +1491,9 @@
# define FALSE 0
#endif
+#ifndef LDAP_NO_ATTRS
+#define LDAP_NO_ATTRS "1.1"
+#endif
static int ldap_isdigits(char *value)
{
char *ptr;
@@ -1504,6 +1507,16 @@
return num;
}
+#ifdef LDAP_VENDOR_VERSION
+#define SASL_ldap_search_ext_s(ld, base, scope, filter, attrs, attrsonly, serverctrls, clientctrls, timeout, sizelimit, res) \
+ ldap_search_ext_s(ld, base, scope, filter, attrs, attrsonly, serverctrls, clientctrls, timeout, sizelimit, res)
+#define SASL_ldap_memfree(dn) ldap_memfree(dn)
+#else
+#define SASL_ldap_search_ext_s(ld, base, scope, filter, attrs, attrsonly, serverctrls, clientctrls, timeout, sizelimit, res) \
+ ldap_search_st(ld, base, scope, filter, attrs, attrsonly, timeout, res)
+#define SASL_ldap_memfree(dn) free(dn)
+#endif
+
static int ldap_verify_password(sasl_conn_t *conn,
const char *userid,
const char *password,
@@ -1522,18 +1535,18 @@
*ldap_filter="",
*ldap_bind_dn="",
*ldap_bind_pw="",
- *ldap_ssl="",
*ldap_filter_mode="",
*port_num="";
int malloc_size; /* safety net */
int ldap_filter_flag = 0;
- int ldap_ssl_flag = 0;
int ldap_port = LDAP_PORT;
sasl_getopt_t *getopt;
void *context;
LDAPMessage *result, *e;
char *attrs[]={LDAP_NO_ATTRS, NULL};
#ifdef LDAP_OPT_X_TLS
+ char *ldap_ssl="";
+ int ldap_ssl_flag = 0;
int tls_option;
#endif
@@ -1625,9 +1638,11 @@
return SASL_FAIL;
}
/* set ssl mode if needed */
+#ifdef LDAP_OPT_X_TLS
if ( ldap_ssl_flag ) {
ldap_set_option(ld, LDAP_OPT_X_TLS, (void *)&tls_option);
}
+#endif
/* either run the filter or just bind as them ? */
@@ -1657,7 +1672,7 @@
snprintf(filter,malloc_size-1,"(&(%s=%s)%s)", ldap_uidattr, userid, ldap_filter);
/* Now do the search */
- if (ldap_search_ext_s(ld, ldap_basedn, LDAP_SCOPE_SUBTREE, filter,
+ if (SASL_ldap_search_ext_s(ld, ldap_basedn, LDAP_SCOPE_SUBTREE, filter,
attrs, 0, NULL, NULL, LDAP_NO_LIMIT, 1, &result) !=
LDAP_SUCCESS) {
free(filter);
@@ -1680,17 +1695,17 @@
ldap_unbind(ld);
return SASL_BADAUTH;
}
- if (ldap_simple_bind_s(ld,dn,password) != LDAP_SUCCESS) {
+ if (ldap_simple_bind_s(ld,dn,(char *)password) != LDAP_SUCCESS) {
e = NULL;
free(filter);
- ldap_memfree(dn);
+ SASL_ldap_memfree(dn);
ldap_msgfree(result);
ldap_unbind(ld);
return SASL_BADAUTH;
}
e = NULL;
free(filter);
- ldap_memfree(dn);
+ SASL_ldap_memfree(dn);
ldap_msgfree(result);
} else {
@@ -1710,7 +1725,7 @@
* If this is not so I have a version or that too
* Simon@surf.org.uk
*/
- if (ldap_simple_bind_s(ld,dn,password) != LDAP_SUCCESS) {
+ if (ldap_simple_bind_s(ld,dn,(char *)password) != LDAP_SUCCESS) {
free(dn);
ldap_unbind(ld);
return SASL_BADAUTH;

17
security/cyrus-sasl2/files/patch-pwcheck::Makefile.am Normal file
View File

@ -0,0 +1,17 @@
--- pwcheck/Makefile.am.orig Wed Mar 22 11:06:43 2000
+++ pwcheck/Makefile.am Thu Jan 17 19:09:06 2002
@@ -22,9 +22,13 @@
# SOFTWARE.
#
-sbin_PROGRAMS = pwcheck
+sbin_PROGRAMS = pwcheck pwcheck_pam
pwcheck_SOURCES = pwcheck.c
EXTRA_pwcheck_SOURCES = pwcheck_getpwnam.c pwcheck_getspnam.c
pwcheck_DEPENDECIES = pwcheck_@PWCHECKMETH@.lo
pwcheck_LDADD = pwcheck_@PWCHECKMETH@.lo @LIB_CRYPT@ @LIB_SOCKET@
+
+pwcheck_pam_SOURCES = pwcheck.c
+pwcheck_pam_DEPENDECIES = pwcheck_pam.lo
+pwcheck_pam_LDADD = pwcheck_pam.lo @LIB_CRYPT@ @LIB_SOCKET@ @LIB_PAM@

73
security/cyrus-sasl2/files/pwcheck.sh
View File

@ -3,29 +3,64 @@
# $FreeBSD$
#
action=$1
PREFIX=%%PREFIX%%
case "$1" in
# Suck in the configuration variables.
if [ -z "${source_rc_confs_defined}" ]; then
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
source_rc_confs
elif [ -r /etc/rc.conf ]; then
. /etc/rc.conf
fi
fi
start)
if [ -x ${PREFIX}/sbin/pwcheck ]
then
${PREFIX}/sbin/pwcheck & && echo -n " pwcheck"
fi
# The following sasl_pwcheck_* variables may be defined in rc.conf
#
# sasl_pwcheck_enable - Set to YES to enable pwcheck
# Default: %%ENABLEPWCHECK%%
#
# sasl_pwcheck_program - Path to pwcheck program (pwcheck/pwcheck_pam)
# Default: ${PREFIX}/sbin/%%PWCHECK%%
if [ -z "${sasl_pwcheck_enable}" ] ; then
sasl_pwcheck_enable=%%ENABLEPWCHECK%%
fi
if [ -z "${sasl_pwcheck_program}" ]; then
sasl_pwcheck_program=${PREFIX}/sbin/%%PWCHECK%%
fi
rc=0
case "${sasl_pwcheck_enable}" in
[Yy][Ee][Ss])
case "${action}" in
start)
if [ -x ${sasl_pwcheck_program} ] ; then
${sasl_pwcheck_program} & && echo -n " pwcheck"
fi
;;
stop)
if [ -r /var/run/pwcheck.pid ]; then
kill `cat /var/run/pwcheck.pid` && echo -n " pwcheck"
rm /var/run/pwcheck.pid
fi
;;
*)
echo "usage: $0 {start|stop}" 1>&2
rc=64
;;
esac
;;
stop)
if [ -r /var/run/pwcheck.pid ]
then
kill `cat /var/run/pwcheck.pid` && echo -n " pwcheck"
rm /var/run/pwcheck.pid
fi
*)
rc=0
;;
*)
echo "usage: $0 {start|stop}" 1>&2
exit 64
;;
esac
exit $rc

101
security/cyrus-sasl2/files/pwcheck_pam.c Normal file
View File

@ -0,0 +1,101 @@
#include <security/pam_appl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
/* Static variables used to communicate between the conversation function
* and the server_login function
*/
static char *PAM_username;
static char *PAM_password;
/* PAM conversation function
*/
static int PAM_conv (int num_msg,
const struct pam_message **msg,
struct pam_response **resp,
void *appdata_ptr) {
int replies = 0;
struct pam_response *reply = NULL;
#define COPY_STRING(s) (s) ? strdup(s) : NULL
reply = malloc(sizeof(struct pam_response) * num_msg);
if (!reply) return PAM_CONV_ERR;
for (replies = 0; replies < num_msg; replies++) {
switch (msg[replies]->msg_style) {
case PAM_PROMPT_ECHO_ON:
reply[replies].resp_retcode = PAM_SUCCESS;
reply[replies].resp = COPY_STRING(PAM_username);
/* PAM frees resp */
break;
case PAM_PROMPT_ECHO_OFF:
reply[replies].resp_retcode = PAM_SUCCESS;
reply[replies].resp = COPY_STRING(PAM_password);
/* PAM frees resp */
break;
case PAM_TEXT_INFO:
/* fall through */
case PAM_ERROR_MSG:
/* ignore it, but pam still wants a NULL response... */
reply[replies].resp_retcode = PAM_SUCCESS;
reply[replies].resp = NULL;
break;
default:
/* Must be an error of some sort... */
free (reply);
return PAM_CONV_ERR;
}
}
*resp = reply;
return PAM_SUCCESS;
}
static struct pam_conv PAM_conversation = {
PAM_conv,
NULL
};
/* Server log in
* Accepts: user name string
* password string
* Returns: "OK" if password validated, error message otherwise
*/
char *pwcheck(char *username, char *password)
{
pam_handle_t *pamh;
int pam_error;
/* PAM only handles authentication, not user information. */
if ( !(username && password && strlen(username) && strlen(password)) )
return "Incorrect username";
/* validate password */
PAM_password = password;
PAM_username = username;
fprintf(stderr, "checking %s\n", username);
pam_error = pam_start("cyrus", username, &PAM_conversation, &pamh);
if (pam_error == PAM_SUCCESS)
pam_error = pam_authenticate(pamh, 0);
if (pam_error == PAM_SUCCESS)
pam_error = pam_acct_mgmt(pamh, 0);
if ( pam_error == PAM_SUCCESS)
fprintf(stderr, "\tauthenticated %s\n", username);
else
fprintf(stderr, "\tfailed to authenticate %s\n", username);
if(pam_end(pamh, pam_error) != PAM_SUCCESS) {
pamh = NULL;
fprintf(stderr, "pwcheck: failed to release authenticator\n");
exit(1);
}
return ( pam_error == PAM_SUCCESS ? "OK" : "Incorrect passwd" );
}

33
security/cyrus-sasl2/pkg-plist
View File

@ -7,6 +7,9 @@ include/sasl/sasl.h
include/sasl/saslplug.h
include/sasl/saslutil.h
@dirrm include/sasl
%%JAVASASL%%lib/libjavasasl.a
%%JAVASASL%%lib/libjavasasl.so
%%JAVASASL%%lib/libjavasasl.so.1
lib/libsasl.a
lib/libsasl.so
lib/libsasl.so.8
@ -34,6 +37,27 @@ lib/sasl/libplain.so.1
sbin/sasldblistusers
sbin/saslpasswd
sbin/pwcheck
sbin/pwcheck_pam
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/ClientFactory.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericClient.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericCommon.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericServer.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/Sasl.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslClient.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslClientFactory.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslException.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslInputStream.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslOutputStream.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslServer.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslServerFactory.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslUtils.class
%%JAVASASL%%share/java/classes/sasl/CyrusSasl/ServerFactory.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/Callback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/CallbackHandler.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/NameCallback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/PasswordCallback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/RealmCallback.class
%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/UnsupportedCallbackException.class
%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
%%PORTDOCS%%%%DOCSDIR%%/COPYING
%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
@ -43,6 +67,7 @@ sbin/pwcheck
%%PORTDOCS%%%%DOCSDIR%%/Sendmail.README
%%PORTDOCS%%%%DOCSDIR%%/TODO
%%PORTDOCS%%%%DOCSDIR%%/draft-newman-auth-scram-03.txt
%%PORTDOCS%%%%DOCSDIR%%/draft-weltman-java-sasl-02.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc1321.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc2095.txt
%%PORTDOCS%%%%DOCSDIR%%/rfc2104.txt
@ -54,6 +79,14 @@ sbin/pwcheck
%%PORTDOCS%%%%DOCSDIR%%/programming.html
%%PORTDOCS%%%%DOCSDIR%%/sysadmin.html
%%PORTDOCS%%@dirrm %%DOCSDIR%%
%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security/auth/callback
%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security/auth
%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security
%%JAVASASL%%@dirrm share/java/classes/sasl/javax
%%JAVASASL%%@dirrm share/java/classes/sasl/CyrusSasl
%%JAVASASL%%@dirrm share/java/classes/sasl
%%JAVASASL%%@unexec rmdir %D/share/java/classes || true
%%JAVASASL%%@unexec rmdir %D/share/java || true
@dirrm lib/sasl
@cwd /var
@exec install -d -m 770 -o cyrus -g cyrus %D/pwcheck

73
security/cyrus-sasl2/scripts/configure.sasl
View File

@ -25,6 +25,7 @@ if [ "${BATCH}" ]; then
OPTIONS="${OPTIONS} \"OpenLDAP1\""
fi
if [ "${OPTIONS}" != "x" ]; then
OPTIONS="${OPTIONS} \"PWCHECK\""
set ${OPTIONS}
fi
else
@ -58,11 +59,14 @@ else
/usr/bin/dialog --title "Additional SASL options" --clear \
--checklist "\n\
Please select desired options:" -1 -1 16 \
NDBM "ndbm DB package" ${SET_NDBM} \
DB3 "Berkeley DB package, revision 3" ${SET_DB3} \
NDBM "ndbm DB" ${SET_NDBM} \
DB3 "Berkeley DB, revision 3" ${SET_DB3} \
JAVA "JavaSASL [Experimental]" ${SET_JAVA} \
MySQL "MySQL password Authentication" ${SET_MYSQL} \
OpenLDAP1 "OpenLDAP 1.x support" ${SET_LDAP1} \
OpenLDAP2 "OpenLDAP 2.x support" ${SET_LDAP2} \
OpenLDAP1 "OpenLDAP 1.x password Authentication" ${SET_LDAP1} \
OpenLDAP2 "OpenLDAP 2.x password Authentication w/TLS" ${SET_LDAP2} \
PWCHECK "Use pwcheck for password Authentication" ON \
PAMPWCHECK "Use pwcheck_pam for password Authentication" OFF \
2> $tempfile
retval=$?
@ -75,6 +79,8 @@ OpenLDAP2 "OpenLDAP 2.x support" ${SET_LDAP2} \
case $retval in
0) if [ -z "$*" ]; then
echo "Nothing selected"
OPTIONS="\"NDBM\""
set ${OPTIONS}
fi
;;
1) echo "Cancel pressed."
@ -112,15 +118,16 @@ while [ "$1" ]; do
DBLIB=1
;;
\"JAVA\")
echo "JAVA is disabled, Ignoring option" > /dev/stderr
;;
\"DISABLED\")
echo "RUN_DEPENDS= \${LOCALBASE}/\${JAVADIR}/bin/java:\${PORTSDIR}/java/jdk"
echo "CONFIGURE_ARGS+= --with-java \\"
echo " --with-javabase=\${LOCALBASE}/include"
echo "BUILD_DEPENDS+= \${LOCALBASE}/\${JAVADIR}/bin/java:\${PORTSDIR}/java/jdk13"
echo "RUN_DEPENDS+= \${LOCALBASE}/\${JAVADIR}/bin/java:\${PORTSDIR}/java/jdk13"
echo "USE_GMAKE= yes"
echo "CONFIGURE_ARGS+= --enable-java \\"
echo " --with-javabase=\${LOCALBASE}/\${JAVADIR}"
echo "CONFIGURE_ENV+= JAVAC=\"\${LOCALBASE}/\${JAVADIR}/bin/javac\" \\"
echo " JAVAH=\"\${LOCALBASE}/\${JAVADIR}/bin/javah" \\"
echo " JAVADOC=\"\${LOCALBASE}/\${JAVADIR}/bin/javadoc\"
echo " JAVAH=\"\${LOCALBASE}/\${JAVADIR}/bin/javah\" \\"
echo " JAVADOC=\"\${LOCALBASE}/\${JAVADIR}/bin/javadoc\""
echo "PLIST_SUB+= JAVASASL=\"\""
DEFJAVA=1
;;
\"MySQL\")
echo "LIB_DEPENDS+= mysqlclient.10:\${PORTSDIR}/databases/mysql323-client"
@ -128,7 +135,7 @@ while [ "$1" ]; do
MSG=1
;;
\"OpenLDAP1\")
if [ "$OPENLDAP2" ]; then
if [ "$OPENLDAP" ]; then
echo "OpenLDAP1 and OpenLDAP2 are mutually exclusive." > /dev/stderr
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
exit 1
@ -136,11 +143,10 @@ while [ "$1" ]; do
echo "LIB_DEPENDS+= ldap.1:\${PORTSDIR}/net/openldap"
echo "LIB_DEPENDS+= lber.1:\${PORTSDIR}/net/openldap"
echo "CONFIGURE_ARGS+= --with-ldap=\${PREFIX}"
OPENLDAP1=1
MSG=1
OPENLDAP=1
;;
\"OpenLDAP2\")
if [ "$OPENLDAP1" ]; then
if [ "$OPENLDAP" ]; then
echo "OpenLDAP1 and OpenLDAP2 are mutually exclusive." > /dev/stderr
rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
exit 1
@ -148,8 +154,23 @@ while [ "$1" ]; do
echo "LIB_DEPENDS+= ldap.2:\${PORTSDIR}/net/openldap2"
echo "LIB_DEPENDS+= lber.2:\${PORTSDIR}/net/openldap2"
echo "CONFIGURE_ARGS+= --with-ldap=\${PREFIX}"
OPENLDAP2=1
MSG=1
OPENLDAP=1
;;
\"PWCHECK\")
if [ "$PWCHECK" ]; then
echo "PWCHECK or PAMPWCHECK must be choosen seperately: Defaulting to PAMPWCHECK" > /dev/stderr
else
echo "PWCHECK_SUB+= -e \"s;%%PWCHECK%%;pwcheck;g\""
PWCHECK=1
fi
;;
\"PAMPWCHECK\")
if [ "$PWCHECK" ]; then
echo "PWCHECK or PAMPWCHECK must be choosen seperately: Defaulting to PWCHECK" > /dev/stderr
else
echo "PWCHECK_SUB+= -e \"s;%%PWCHECK%%;pwcheck_pam;g\""
PWCHECK=1
fi
;;
*)
echo "Invalid option(s): $*" > /dev/stderr
@ -160,6 +181,20 @@ while [ "$1" ]; do
shift
done
if [ "x${MSG}" != "x" ]; then
if [ "$PWCHECK" ]; then
echo "PWCHECK_SUB+= -e \"s;%%ENABLEPWCHECK%%;yes;g\""
else
echo "PWCHECK_SUB+= -e \"s;%%PWCHECK%%;pwcheck;g\" \\"
echo " -e \"s;%%ENABLEPWCHECK%%;no;g\""
fi
if [ ! "${DEFJAVA}" ]; then
echo "PLIST_SUB+= JAVASASL=\"@comment \""
fi
if [ ! "${DBLIB}" ]; then
echo "CONFIGURE_ARGS+= --with-dblib=ndbm"
echo "SASLDB_NAME= sasldb.db"
fi
if [ "$OPENLDAP" ]; then
echo "LDAP_MYSQL_MSG= \"See sysadmin.html in the Cyrus-SASL docs directory for informaion on using LDAP or MySQL for authentication.\""
fi