diff options
Diffstat (limited to 'security')
25 files changed, 0 insertions, 1563 deletions
diff --git a/security/Makefile b/security/Makefile index c6cb36160bab..9b5d4d39c0d7 100644 --- a/security/Makefile +++ b/security/Makefile @@ -90,7 +90,6 @@ SUBDIR += cryptstring SUBDIR += cutlass SUBDIR += cvm - SUBDIR += cyrus-sasl SUBDIR += cyrus-sasl2 SUBDIR += cyrus-sasl2-ldapdb SUBDIR += cyrus-sasl2-saslauthd diff --git a/security/cyrus-sasl/Makefile b/security/cyrus-sasl/Makefile deleted file mode 100644 index 4538114fdf51..000000000000 --- a/security/cyrus-sasl/Makefile +++ /dev/null @@ -1,281 +0,0 @@ -# New ports collection makefile for: cyrus-sasl -# Date created: Nov 1 1999 -# Whom: hetzels@westbend.net -# -# $FreeBSD$ -# - -PORTNAME= cyrus-sasl -PORTVERSION= 1.5.28 -PORTREVISION= 5 -CATEGORIES= security ipv6 - -MAINTAINER= ports@FreeBSD.org -COMMENT= RFC 2222 SASL (Simple Authentication and Security Layer) - -DISTFILES= ${DISTNAME}${EXTRACT_SUFX} \ - sasl-${PORTVERSION}-ldap-ssl-filter-mysql-patch.tgz:ldap_mysql - -MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR%/ \ - ftp://ftp.westbend.net/pub/cyrus-mail/%SUBDIR%/ \ - http://www.transit.hanse.de/mirror/ftp.andrew.cmu.edu/pub/cyrus-mail/ \ - http://www.surf.org.uk/downloads/:ldap_mysql \ - ftp://ftp.westbend.net/pub/cyrus-mail/%SUBDIR%/:ldap_mysql \ - ${MASTER_SITE_SOURCEFORGE:S/$/:ldap_mysql/} -MASTER_SITE_SUBDIR= . OLD-VERSIONS/sasl cyrus-utils/:ldap_mysql -PATCHFILES= sasl_apop_patch.gz:apop \ - ${DISTNAME}-ipv6-${IPV6_VER}.diff.gz -PATCH_SITES= ftp://ftp.westbend.net/pub/cyrus-mail/contrib/:apop \ - http://www.imasy.or.jp/~ume/ipv6/ - -DEPRECATED= patches are unfetchable and this software is unsupported -EXPIRATION_DATE= 2007-01-02 - -USE_SUBMAKE= yes -USE_OPENSSL= yes - -USE_LDCONFIG= yes - -# IPv6 Patch provided by Hajimu UMEMOTO <ume@mahoroba.org> -IPV6_VER= 20020106 - -MAN3= sasl.3 sasl_authorize_t.3 sasl_callbacks.3 sasl_checkpass.3 \ - sasl_client_init.3 sasl_client_new.3 sasl_client_start.3 \ - sasl_client_step.3 sasl_decode.3 sasl_done.3 sasl_encode.3 \ - sasl_errstring.3 sasl_getopt_t.3 sasl_getpath_t.3 \ - sasl_getprop.3 sasl_getsecret_t.3 sasl_getsimple_t.3 \ - sasl_listmech.3 sasl_log_t.3 sasl_server_init.3 \ - sasl_server_new.3 sasl_server_start.3 sasl_server_step.3 \ - sasl_setprop.3 sasl_usererr.3 -MAN8= sasldblistusers.8 saslpasswd.8 saslauthd1.8 - -USE_RC_SUBR= YES - -USE_AUTOTOOLS= automake:14 autoconf:213 libtool:15 -AUTOMAKE_ARGS= --add-missing --include-deps - -CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc \ - --with-plugindir=${PREFIX}/lib/sasl \ - --with-dbpath=${PREFIX}/etc/sasldb \ - --includedir=${PREFIX}/include/sasl1 \ - --enable-static \ - --with-saslauthd=/var/state/saslauthd1 \ - --enable-auth-sasldb \ - --with-pwcheck=/var/pwcheck \ - --with-rc4=openssl - -SCRIPTS_ENV= WRKDIRPREFIX="${WRKDIRPREFIX}" \ - PREFIX="${PREFIX}" \ - TOUCH="${TOUCH}" \ - MKDIR="${MKDIR}" \ - REALCURDIR="${.CURDIR}" \ - WITH_DB3="${WITH_DB3}" \ - WITH_JAVA="${WITH_JAVA}" \ - WITH_MYSQL="${WITH_MYSQL}" \ - WITH_LDAP1="${WITH_LDAP1}" \ - WITH_LDAP2="${WITH_LDAP2}" - -JAVADIR?= jdk1.3.1 -JAVALIBDIR?= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/ - -.if defined(WITHOUT_ANONYMOUS) -CONFIGURE_ARGS+= --disable-anon -ANON= "@comment " -.endif - -.if defined(WITHOUT_CRAM) -CONFIGURE_ARGS+= --disable-cram -CRAM= "@comment " -.endif - -.if defined(WITHOUT_DIGEST) -CONFIGURE_ARGS+= --disable-digest -DIGEST= "@comment " -.endif - -# Outlook and Outlook Express requires the LOGIN mech -.if defined(WITHOUT_LOGIN) -CONFIGURE_ARGS+= --disable-login -LOGIN= "@comment " -.else -CONFIGURE_ARGS+= --enable-login -.endif - -.if defined(WITHOUT_OTP) -CONFIGURE_ARGS+= --disable-otp -OTP= "@comment " -.endif - -# Netscape requires the PLAIN mech -.if defined(WITHOUT_PLAIN) -CONFIGURE_ARGS+= --disable-plain -PLAIN= "@comment " -.endif - -.if !defined(WITHOUT_GSSAPI) && defined(KRB5_HOME) && exists(${KRB5_HOME}/lib/libgssapi_krb5.a) -CONFIGURE_ARGS+= --enable-gssapi=${KRB5_HOME} -.elif !defined(WITHOUT_GSSAPI) && defined(HEIMDAL_HOME) && exists(${HEIMDAL_HOME}/lib/libgssapi.a) -CONFIGURE_ARGS+= --enable-gssapi=${HEIMDAL_HOME} -.elif !defined(WITHOUT_GSSAPI) && defined(MAKE_KERBEROS5) && exists(/usr/lib/libkrb5.a) -CONFIGURE_ARGS+= --enable-gssapi -.else -CONFIGURE_ARGS+= --disable-gssapi -GSSAPI= "@comment " -.endif - -.include <bsd.port.pre.mk> - -# KERBEROS 4 was removed in FreeBSD 5.0-CURRENT -.if ${OSVERSION} > 500105 -.if defined(WITH_KERBEROS4) -LIB_DEPENDS+= krb.2:${PORTSDIR}/security/krb4 -CONFIGURE_ARGS+= --enable-krb4=${LOCALBASE}/krb4 -.else -CONFIGURE_ARGS+= --disable-krb4 -EBONES= "@comment " -.endif -.elif exists(/usr/lib/libkrb.a) && defined(MAKE_KERBEROS4) && !defined(WITHOUT_KERBEROS4) -CONFIGURE_ARGS+= --enable-krb4 -.elif !exists(/usr/lib/libkrb.a) && defined(WITH_KERBEROS4) -LIB_DEPENDS+= krb.2:${PORTSDIR}/security/krb4 -CONFIGURE_ARGS+= --enable-krb4=${LOCALBASE}/krb4 -.else -CONFIGURE_ARGS+= --disable-krb4 -EBONES= "@comment " -.endif - -CONFIGURE_ENV+= LOCALBASE=${LOCALBASE} \ - OPENSSLINC=${OPENSSLINC} \ - OPENSSLLIB=${OPENSSLLIB} - -CYRUS_USER?= cyrus -CYRUS_GROUP?= cyrus - -DOCS= AUTHORS COPYING ChangeLog INSTALL NEWS README TODO - -PLIST_SUB= PREFIX=${PREFIX} \ - ANON=${ANON} \ - OTP=${OTP} \ - CRAM=${CRAM} \ - DIGEST=${DIGEST} \ - LOGIN=${LOGIN} \ - PLAIN=${PLAIN} \ - GSSAPI=${GSSAPI} \ - EBONES=${EBONES} \ - DOCSDIR=${DOCSDIR:S/^${PREFIX}\///} \ - EXAMPLESDIR=${EXAMPLESDIR:S/^${PREFIX}\///} - -LDAP_MYSQL_PATCH= ldap-mysql_sasl-${PORTVERSION}/sasl-ldap+mysql.patch - -PKGDEINSTALL= ${WRKDIR}/pkg-deinstall -PKGINSTALL= ${WRKDIR}/pkg-install -PKGMESSAGE= ${WRKDIR}/pkg-message - -FMT= /usr/bin/fmt -w 67 - -pre-fetch: - @${SETENV} ${SCRIPTS_ENV} ${SH} ${SCRIPTDIR}/configure.sasl - -.if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc) -.include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc" -.endif - -RC_SCRIPTS_SUB= PREFIX=${PREFIX} \ - RC_SUBR=${RC_SUBR} \ - PWCHECK=${PWCHECK} \ - ENABLE_PWCHECK=${ENABLE_PWCHECK} \ - ENABLE_SASLAUTHD=${ENABLE_SASLAUTHD} \ - MYSQL_REQ=${MYSQL_REQ} - -PKG_SCRIPTS_SUB= PREFIX=${PREFIX} \ - CYRUS_USER=${CYRUS_USER} \ - CYRUS_GROUP=${CYRUS_GROUP} \ - ENABLE_PWCHECK=${ENABLE_PWCHECK} \ - ENABLE_SASLAUTHD=${ENABLE_SASLAUTHD} \ - PWCHECK=${PWCHECK} \ - PWCHECK_METHOD=${PWCHECK_METHOD} \ - SASLDB=${SASLDB_NAME} - -post-extract: - @${CP} ${FILESDIR}/pwcheck_pam.c ${WRKSRC}/pwcheck - -pre-patch: - @(cd ${WRKSRC} && ${PATCH} -p1 < ${WRKDIR}/${LDAP_MYSQL_PATCH}) - -# Fix pkg-{install/deinstall/messages} -post-patch: - @${SED} ${PKG_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ - ${.CURDIR}/pkg-install > ${PKGINSTALL} - @${SED} ${PKG_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ - ${.CURDIR}/pkg-deinstall > ${PKGDEINSTALL} - @${SED} -e "s;%%PWCHECK_METHOD%%;${PWCHECK_METHOD};g" \ - -e "s;%%PREFIX%%;${PREFIX};g" \ - ${.CURDIR}/pkg-message > ${PKGMESSAGE} -.ifdef LDAP_MYSQL_MSG - @${ECHO_CMD} ${LDAP_MYSQL_MSG} | ${FMT} >> ${PKGMESSAGE} - @${ECHO_CMD} >> ${PKGMESSAGE} -.endif - -pre-configure: - @(cd ${WRKSRC} && ${AUTOHEADER}) - -# Create Cyrus user and group -pre-install: - @${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL - @if [ -f ${PREFIX}/sbin/saslauthd ]; then \ - ${MV} ${PREFIX}/sbin/saslauthd ${PREFIX}/sbin/saslauthd2; \ - if [ -f ${PREFIX}/man/man8/saslauthd.8 ]; then \ - ${MV} ${PREFIX}/man/man8/saslauthd.8 \ - ${PREFIX}/man/man8/saslauthd2.8; \ - elif [ -f ${PREFIX}/man/man8/saslauthd.8.gz ]; then \ - ${MV} ${PREFIX}/man/man8/saslauthd.8.gz \ - ${PREFIX}/man/man8/saslauthd2.8.gz; \ - fi; \ - fi - -post-install: - @${MKDIR} ${EXAMPLESDIR} - @${SED} -e 's;%%PREFIX%%;${PREFIX};g' \ - ${FILESDIR}/cyrus.pam > ${EXAMPLESDIR}/cyrus.pam - @${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ - ${FILESDIR}/pwcheck.sh > ${PREFIX}/etc/rc.d/cyrus_pwcheck.sh - @${CHMOD} 755 ${PREFIX}/etc/rc.d/cyrus_pwcheck.sh - @${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ - ${FILESDIR}/saslauthd.sh > ${PREFIX}/etc/rc.d/saslauthd1.sh - @${CHMOD} 755 ${PREFIX}/etc/rc.d/saslauthd1.sh - @${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ - ${FILESDIR}/cyrus_sasl1 > ${PREFIX}/etc/rc.d/cyrus_sasl1 - @${CHMOD} 755 ${PREFIX}/etc/rc.d/cyrus_sasl1 - ${INSTALL} -d -m 770 -o ${CYRUS_USER} -g ${CYRUS_GROUP} /var/pwcheck - ${INSTALL} -d -m 770 -o ${CYRUS_USER} -g ${CYRUS_GROUP} /var/state/saslauthd1 -.if !defined(NOPORTDOCS) - @${MKDIR} ${DOCSDIR} -.for docfile in ${DOCS} - @${INSTALL_DATA} ${WRKSRC}/${docfile} ${DOCSDIR} -.endfor - (cd ${WRKSRC}/doc ; \ - for extrafile in `make -V EXTRA_DIST` ; do \ - ${INSTALL_DATA} ${WRKSRC}/doc/$${extrafile} ${DOCSDIR} ; \ - done) - @${INSTALL_DATA} ${WRKSRC}/java/doc/draft-weltman-java-sasl-02.txt ${DOCSDIR} - @${INSTALL_DATA} ${FILESDIR}/Sendmail.README ${DOCSDIR} -.endif - @${MV} ${PREFIX}/sbin/saslauthd ${PREFIX}/sbin/saslauthd1 - @${MV} ${PREFIX}/man/man8/saslauthd.8 ${PREFIX}/man/man8/saslauthd1.8 - @if [ -f ${PREFIX}/sbin/saslauthd2 ]; then \ - ${MV} ${PREFIX}/sbin/saslauthd2 ${PREFIX}/sbin/saslauthd; \ - if [ -f ${PREFIX}/man/man8/saslauthd2.8 ]; then \ - ${MV} ${PREFIX}/man/man8/saslauthd2.8 \ - ${PREFIX}/man/man8/saslauthd.8; \ - elif [ -f ${PREFIX}/man/man8/saslauthd2.8.gz ]; then \ - ${MV} ${PREFIX}/man/man8/saslauthd2.8.gz \ - ${PREFIX}/man/man8/saslauthd.8.gz; \ - fi; \ - fi - @PKG_PREFIX=${PREFIX} BATCH=${BATCH} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL - @${CAT} ${PKGMESSAGE} - -post-clean: - @${RM} -f ${WRKDIRPREFIX}${.CURDIR}/Makefile.inc - -.include <bsd.port.post.mk> diff --git a/security/cyrus-sasl/distinfo b/security/cyrus-sasl/distinfo deleted file mode 100644 index 70b939c38707..000000000000 --- a/security/cyrus-sasl/distinfo +++ /dev/null @@ -1,12 +0,0 @@ -MD5 (cyrus-sasl-1.5.28.tar.gz) = 60710be040801e9aff7353563b636518 -SHA256 (cyrus-sasl-1.5.28.tar.gz) = ff5a454915581c6be92caf648714b0ab7b71115542aae81394cab691a2803853 -SIZE (cyrus-sasl-1.5.28.tar.gz) = 5625195 -MD5 (sasl-1.5.28-ldap-ssl-filter-mysql-patch.tgz) = 1cb8cd37573b6baa91339bcef2912e1a -SHA256 (sasl-1.5.28-ldap-ssl-filter-mysql-patch.tgz) = 694dc1412ac8d3f1c36f98aabe7dda1c3f61ceba7fc5f7d6782854b8506a8433 -SIZE (sasl-1.5.28-ldap-ssl-filter-mysql-patch.tgz) = 9974 -MD5 (sasl_apop_patch.gz) = 6bf7a34b73d1c8d139d2269069d1ba4c -SHA256 (sasl_apop_patch.gz) = b1e824f7afbebb04942096b1b021c52b4e872f86eced145d9006c35862724ffb -SIZE (sasl_apop_patch.gz) = 2517 -MD5 (cyrus-sasl-1.5.28-ipv6-20020106.diff.gz) = 5987181a53531a46b2aec88b9aea6f9a -SHA256 (cyrus-sasl-1.5.28-ipv6-20020106.diff.gz) = 78facf7949acae0a54c11ab3f79d5646fa7d27e1e8be37b6c312111d1b367a55 -SIZE (cyrus-sasl-1.5.28-ipv6-20020106.diff.gz) = 16708 diff --git a/security/cyrus-sasl/files/Sendmail.README b/security/cyrus-sasl/files/Sendmail.README deleted file mode 100644 index 23d06599e12b..000000000000 --- a/security/cyrus-sasl/files/Sendmail.README +++ /dev/null @@ -1,190 +0,0 @@ -How to enable SMTP AUTH with FreeBSD default Sendmail - -1) Add the following to /etc/make.conf: - - # Add SMTP AUTH support to Sendmail - SENDMAIL_CFLAGS+= -I/usr/local/include/sasl1 -DSASL - SENDMAIL_LDFLAGS+= -L/usr/local/lib - SENDMAIL_LDADD+= -lsasl - - NOTE: 1. Sendmail 8.10 - 8.11 needS -D_FFR_UNSAFE_SASL added - to SENDMAIL_CFLAGS, if you need the GroupReadableSASLFile option - - Starting with Sendmail 8.12.4, you can also use the security/cyrus-sasl2 - port. Then you will not need the SASL V1 port installed. - - SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 - SENDMAIL_LDFLAGS=-L/usr/local/lib - SENDMAIL_LDADD=-lsasl2 - - -2) Rebuild FreeBSD (make buildworld, ...) - -3) Make sure that the pwcheck_method is correct in Sendmail.conf. - - Sendmail.conf (${PREFIX}/lib/sasl{,2}/Sendmail.conf) is created by - the cyrus-sasl and cyrus-sasl2 ports during installation. It may have - pwcheck_method set to either pwcheck (V1 only) or saslauthd (V1 & V2) by - default. Change this to what is appropriate for your site. - -4) Add the following to your sendmail.mc file: - - dnl The group needs to be mail in order to read the sasldb file - define(`confRUN_AS_USER',`root:mail')dnl - - TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl - define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl - - dnl Use the following for Sendmail 8.12 - define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLDBFile')dnl - - dnl Use the following for Sendmail 8.10 - 8.11 - define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl - -5) Add the following before FEATURE(msp) in your sendmail 8.12 submit.mc file: - - DAEMON_OPTIONS(`Name=NoMTA, Addr=127.0.0.1, M=EA')dnl - - This disables SMTP AUTH on the loopback interface. Otherwise you may get - the following error in the log: - - error: safesasl(/usr/local/etc/sasldb) failed: Group readable file - - when sending mail locally (seen when using pine locally on same server). - - ---- - - Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4. - These can be added to TRUST_AUTH_MECH and confAUTH_MECHANISMS as a space - seperated list. You may want to restrict LOGIN, and PLAIN authentication - methods for use with STARTTLS, as the password is not encrypted when - passed to sendmail. - - LOGIN is required for Outlook Express users. "My server requires - authentication" needs to be checked in the accounts properties to - use SASL Authentication. - - PLAIN is required for Netscape Communicator users. By default Netscape - Communicator will use SASL Authentication when sendmail is compiled with - SASL and will cause your users to enter their passwords each time they - retreive their mail (NS 4.7). - - The DONT_BLAME_SENDMAIL option GroupReadableSASL[DB]File is needed when you - are using cyrus-imapd and sendmail on the same server that requires access - to the sasldb database. - ----- - -To test Authentication with the sendmail server: - - You'll need to install the following PERL ports: - converters/p5-MIME-Base64 - security/p5-Digest-MD5 - security/p5-Digest-HMAC - - Then use one of the following procedures to test: - - A. PLAIN Mech: - 1. Create your Base64 encoded username/password. - - #perl -MMIME::Base64 -e 'print encode_base64("username\0username\0password");' - dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ= - - 2. telnet to port 25 of your sendmail server - - 3. send "EHLO <client.host.name>" - a. check for "250-AUTH *" in the response - b. check that the PLAIN mech is listed. - - 4. Send "AUTH PLAIN <Base64 username/password>" - - AUTH PLAIN dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ= - - you should now see the following response from the server: - - 235 Authentication successful - - 5. Type "QUIT" to close the telnet session to sendmail. - - B. LOGIN Mech: - 1. Create your Base64 encoded username and password. - - #perl -MMIME::Base64 -e 'print encode_base64("username");' - dXNlcm5hbWU= - #perl -MMIME::Base64 -e 'print encode_base64("password");' - cGFzc3dvcmQ= - - 2. telnet to port 25 of your sendmail server - - 3. send "EHLO <client.host.name>" - a. check for "250-AUTH *" in the response - b. check that the LOGIN mech is listed. - - 4. Send "AUTH LOGIN", then the base64 encoded username and passwords. - - C: AUTH LOGIN - S: 334 VXNlcm5hbWU6 (base64 encoded "Username:") - C: dXNlcm5hbWU= - S: 334 UGFzc3dvcmQ6 (base64 encode "Password:") - C: cGFzc3dvcmQ= - S: 235 2.0.0 OK Authenticated - - 5. Type "QUIT" to close the telnet session to sendmail. - - C. DIGEST-MD5 Mech: - - 1. telnet to port 25 of your sendmail server - - 2. send "EHLO <client.host.name>" - a. check for "250-AUTH *" in the response - b. check that the DIGEST-MD5 mech is listed. - - 3. Send "AUTH DIGEST-MD5" - - C: AUTH DIGEST-MD5 - S: 334 ? - - 4. Calculate the DIGEST-MD5 response (use another telnet, ssh, or X Window) - - ? - - 5. Send the DIGEST-MD5 response to the server. - - C: ? - S: 235 2.0.0 OK Authenticated - - 6. Type "QUIT" to close the telnet session to sendmail. - - D. CRAM-MD5 Mech: - - 1. telnet to port 25 of your sendmail server - - 2. send "EHLO <client.host.name>" - a. check for "250-AUTH *" in the response - b. check that the CRAM-MD5 mech is listed. - - 3. Send "AUTH CRAM-MD5" - - C: AUTH CRAM-MD5 - S: 334 PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+ - (base64 encoded timestamp and hostname) - - 4. Calculate the CRAM-MD5 response (use another telnet, ssh, or X Window) - - perl '-MDigest::HMAC_MD5 qw(hmac_md5 hmac_md5_hex)' -MMIME::Base64 \ - -e 'print encode_base64("username " . hmac_md5_hex(decode_base64("<ticket>"),"password"));' - - The "<ticket>" is the response received from the server in step 3. - - (i.e. PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+) - - Using the above ticket our CRAM-MD5 response is: - - dXNlcm5hbWUgMDZkMGEzMjVmMDU0NjQ4NjQ2ZTA3MmNkNGZlYjE3YzQ= - - 5. Send the CRAM-MD5 response to the server. - - C: dXNlcm5hbWUgMDZkMGEzMjVmMDU0NjQ4NjQ2ZTA3MmNkNGZlYjE3YzQ= - S: 235 2.0.0 OK Authenticated - - 6. Type "QUIT" to close the telnet session to sendmail. diff --git a/security/cyrus-sasl/files/cyrus.pam b/security/cyrus-sasl/files/cyrus.pam deleted file mode 100644 index 3c3734c3672f..000000000000 --- a/security/cyrus-sasl/files/cyrus.pam +++ /dev/null @@ -1,18 +0,0 @@ -# -# $FreeBSD$ -# -# PAM configuration for the "cyrus" service -# Copy this file to /etc/pam.d/cyrus -# - -# auth -#auth required pam_nologin.so no_warn -#auth sufficient %%PREFIX%%/lib/pam_ldap.so nowarn -#auth sufficient pam_opie.so no_warn no_fake_prompts -#auth requisite pam_opieaccess.so no_warn -#auth required pam_ssh.so no_warn try_first_pass -auth required pam_unix.so no_warn try_first_pass - -# account -#account sufficient %%PREFIX%%/lib/pam_ldap.so -account required pam_unix.so diff --git a/security/cyrus-sasl/files/cyrus_sasl1 b/security/cyrus-sasl/files/cyrus_sasl1 deleted file mode 100644 index fd56e3c0dd40..000000000000 --- a/security/cyrus-sasl/files/cyrus_sasl1 +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -# -# $FreeBSD$ -# - -# PROVIDE: sasl1 -# REQUIRE: DAEMON %%MYSQL_REQ%% -# -# NOTE for FreeBSD 5.0+: -# If you want this script to start with the base rc scripts copy -# cyrus_sasl1 to /etc/rc.d/cyrus_sasl1 - -# This is a dummy dependancy, to ensure that daemons are run _before_ -# `sasl1' is available. - diff --git a/security/cyrus-sasl/files/patch-ab b/security/cyrus-sasl/files/patch-ab deleted file mode 100644 index acf1e6da4495..000000000000 --- a/security/cyrus-sasl/files/patch-ab +++ /dev/null @@ -1,144 +0,0 @@ ---- configure.in.orig Wed Feb 26 23:00:39 2003 -+++ configure.in Wed Feb 26 23:22:03 2003 -@@ -66,8 +66,12 @@ - dnl check for -R, etc. switch - CMU_GUESS_RUNPATH_SWITCH - dnl let's just link against local. otherwise we never find anything useful. --CPPFLAGS="-I/usr/local/include ${CPPFLAGS}" --CMU_ADD_LIBPATH("/usr/local/lib") -+CPPFLAGS="-I${OPENSSLINC}/openssl ${CPPFLAGS}" -+if test "${OPENSSLINC}" != "/usr/include" ; then -+ CPPFLAGS="-I${OPENSSLINC} ${CPPFLAGS}" -+fi -+CMU_ADD_LIBPATH("${OPENSSLLIB}") -+CMU_ADD_LIBPATH("${LOCALBASE}/lib") - - AM_DISABLE_STATIC - -@@ -122,8 +126,6 @@ - - AC_SUBST(JAVA_INCLUDES) - AC_MSG_RESULT(JAVA_INCLUDES) -- JAVAC=`echo "$JAVAC" | sed 's,.*/,,'` -- JAVAH=`echo "$JAVAH" | sed 's,.*/,,'` - fi - - AM_CONDITIONAL(SAMPLE, test "$enable_sample" = yes) -@@ -239,6 +241,13 @@ - berkeley) - SASL_DB_BACKEND="db_${dblib}.lo" - AC_DEFINE(SASL_BERKELEYDB) -+ for db3loc in ${prefix} /usr/local /usr -+ do -+ if test -d ${db3loc}/include/db3; then -+ CPPFLAGS="-I${db3loc}/include/db3 $CPPFLAGS" -+ break -+ fi -+ done - ;; - *) - AC_MSG_WARN([Disabling SASL authentication database support]) -@@ -473,16 +482,40 @@ - CPPFLAGS="$CPPFLAGS -I${with_des}/include" - LDFLAGS="$LDFLAGS -L${with_des}/lib" - fi -- AC_CHECK_LIB(des, des_pcbc_encrypt, [LIB_DES="-ldes"; -- with_des=yes], with_des=no) -+ -+ dnl check for openssl installing -lcrypto, then make vanilla check -+ AC_CHECK_LIB(crypto, des_cbc_encrypt, [ -+ AC_CHECK_HEADER(openssl/des.h, [AC_DEFINE(WITH_SSL_DES) -+ LIB_DES="-lcrypto"; -+ with_des=yes], -+ with_des=no)], -+ with_des=no, $LIB_RSAREF) -+ -+ dnl same test again, different symbol name -+ if test "$with_des" = no; then -+ AC_CHECK_LIB(crypto, DES_cbc_encrypt, [ -+ AC_CHECK_HEADER(openssl/des.h, [AC_DEFINE(WITH_SSL_DES) -+ LIB_DES="-lcrypto"; -+ with_des=yes], -+ with_des=no)], -+ with_des=no, $LIB_RSAREF) -+ fi -+ -+ if test "$with_des" = no; then -+ AC_CHECK_LIB(des, des_pcbc_encrypt, [LIB_DES="-ldes"; -+ with_des=yes], with_des=no) -+ fi -+ - if test "$with_des" = no; then - AC_CHECK_LIB(des524, des_pcbc_encrypt, [LIB_DES="-ldes524"; - with_des=yes], with_des=no) - fi -+ - if test "$with_des" = no; then - AC_CHECK_LIB(des425, des_pcbc_encrypt, [LIB_DES="-ldes425"; - with_des=yes], with_des=no) - fi -+ - if test "$with_des" = no; then - dnl if openssl is around, we might be able to use that for des - -@@ -493,7 +526,7 @@ - LIB_RSAREF="-lRSAglue -lrsaref"; cmu_have_rsaref=yes, - cmu_have_rsaref=no) - -- AC_CHECK_LIB(crypto, des_pcbc_encrypt, -+ AC_CHECK_LIB(crypto, des_cbc_encrypt, - AC_CHECK_HEADER(openssl/des.h, [AC_DEFINE(WITH_SSL_DES) - LIB_DES="-lcrypto"; - with_des=yes], -@@ -502,10 +535,9 @@ - fi - fi - --dnl if test "$with_des" != no; then --dnl AC_DEFINE(WITH_DES) --dnl LIB_DES="-ldes" --dnl fi -+if test "$with_des" != no; then -+ AC_DEFINE(WITH_DES) -+fi - - AC_SUBST(LIB_DES) - -@@ -563,8 +595,8 @@ - AC_CHECK_HEADER(krb.h, - AC_CHECK_LIB(com_err, com_err, - AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err", -- krb4=no, -ldes -lcom_err), -- AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", krb4=no, -ldes))) -+ krb4=no, ${LIB_DES} -lcrypt -lcom_err), -+ AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", krb4=no, ${LIB_DES}))) - - else - AC_WARN(No DES library found for Kerberos V4 support) -@@ -592,7 +624,7 @@ - AC_MSG_RESULT(enabled) - SASL_MECHS="$SASL_MECHS libkerberos4.la" - AC_DEFINE(HAVE_KRB) -- SASL_KRB_LIB="-lkrb -ldes $COM_ERR" -+ SASL_KRB_LIB="-lkrb $LIB_DES $COM_ERR" - AC_SUBST(SASL_KRB_LIB) - else - AC_MSG_RESULT(disabled) -@@ -631,7 +663,7 @@ - - # the base64_decode check fails because libroken has dependencies - # FIXME: this is probabally non-optimal as well -- AC_CHECK_LIB(krb5,krb5_vlog,gss_impl="heimdal",,) -+ AC_CHECK_LIB(krb5,krb5_vlog,gss_impl="heimdal",, -lasn1 ${LIB_DES} -lroken ${LIB_CRYPT} -lcom_err) - # AC_CHECK_LIB(roken,base64_decode,gss_impl="heimdal",, $LIB_CRYPT) - - if test -d ${gssapi}; then -@@ -641,7 +673,7 @@ - if test "$gss_impl" = mit; then - GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err" - elif test "$gss_impl" = "heimdal"; then -- GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi -lkrb5 -ldes -lasn1 -lroken ${LIB_CRYPT} -lcom_err" -+ GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi -lkrb5 ${LIB_DES} -lasn1 -lroken ${LIB_CRYPT} -lcom_err" - else - gssapi="no" - AC_WARN(Disabling GSSAPI) diff --git a/security/cyrus-sasl/files/patch-java::CyrusSasl::Makefile.am b/security/cyrus-sasl/files/patch-java::CyrusSasl::Makefile.am deleted file mode 100644 index bf5be6aef933..000000000000 --- a/security/cyrus-sasl/files/patch-java::CyrusSasl::Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ ---- java/CyrusSasl/Makefile.am.orig Tue Nov 21 23:55:17 2000 -+++ java/CyrusSasl/Makefile.am Thu Jan 17 21:58:10 2002 -@@ -25,7 +25,7 @@ - - javasasl_version = 1:0:0 - --javasasldir = $(prefix)/lib/java/classes/sasl/CyrusSasl -+javasasldir = $(prefix)/share/java/classes/sasl/CyrusSasl - javahtmldir = $(prefix)/html/sasl - - INCLUDES=$(JAVA_INCLUDES) -I$(top_srcdir)/include diff --git a/security/cyrus-sasl/files/patch-java::javax::security::auth::callback::Makefile.am b/security/cyrus-sasl/files/patch-java::javax::security::auth::callback::Makefile.am deleted file mode 100644 index d4f02627d7a8..000000000000 --- a/security/cyrus-sasl/files/patch-java::javax::security::auth::callback::Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ ---- java/javax/security/auth/callback/Makefile.am.orig Sat Nov 4 16:55:44 2000 -+++ java/javax/security/auth/callback/Makefile.am Thu Jan 17 22:05:23 2002 -@@ -39,7 +39,7 @@ - # - ################################################################ - --javasasldir = $(prefix)/lib/java/classes/sasl/javax/security/auth/callback -+javasasldir = $(prefix)/share/java/classes/sasl/javax/security/auth/callback - javahtmldir = $(prefix)/html/sasl - - javasasl_JAVA = PasswordCallback.java \ diff --git a/security/cyrus-sasl/files/patch-lib::checkpw.c b/security/cyrus-sasl/files/patch-lib::checkpw.c deleted file mode 100644 index 3bc40e300107..000000000000 --- a/security/cyrus-sasl/files/patch-lib::checkpw.c +++ /dev/null @@ -1,17 +0,0 @@ ---- lib/checkpw.c.orig Mon Jun 17 18:28:29 2002 -+++ lib/checkpw.c Mon Jun 17 18:31:44 2002 -@@ -1667,12 +1667,14 @@ - return SASL_FAIL; - } - /* setting dereferensing aliases mode */ -+#ifdef LDAP_OPT_DEREF - if (ldap_set_option(ld, LDAP_OPT_DEREF, (void *) &ldap_deref) != LDAP_OPT_SUCCESS) { - if (reply) { - *reply = "cannot set deref options"; - } - return SASL_FAIL; - } -+#endif - /* set ssl mode if needed */ - #ifdef LDAP_OPT_X_TLS - if ( ldap_ssl_flag ) { diff --git a/security/cyrus-sasl/files/patch-lib::common.c b/security/cyrus-sasl/files/patch-lib::common.c deleted file mode 100644 index 8de08cfc3b26..000000000000 --- a/security/cyrus-sasl/files/patch-lib::common.c +++ /dev/null @@ -1,19 +0,0 @@ -Index: lib/common.c -diff -u lib/common.c.orig lib/common.c ---- lib/common.c.orig Mon Nov 15 18:23:04 2004 -+++ lib/common.c Mon Nov 15 18:24:43 2004 -@@ -684,7 +684,13 @@ - - if (! path_dest) - return SASL_BADPARAM; -- path = getenv(SASL_PATH_ENV_VAR); -+ -+ path = NULL; -+ -+ /* Honor external variable only in a safe environment */ -+ if (getuid() == geteuid() && getgid() == getegid()) -+ path = getenv(SASL_PATH_ENV_VAR); -+ - if (! path) - path = PLUGINDIR; - return _sasl_strdup(path, path_dest, NULL); diff --git a/security/cyrus-sasl/files/patch-plugins::kerberos4.c b/security/cyrus-sasl/files/patch-plugins::kerberos4.c deleted file mode 100644 index efef81b3adde..000000000000 --- a/security/cyrus-sasl/files/patch-plugins::kerberos4.c +++ /dev/null @@ -1,48 +0,0 @@ ---- plugins/kerberos4.c.orig Wed Feb 26 22:20:04 2003 -+++ plugins/kerberos4.c Wed Feb 26 22:30:25 2003 -@@ -711,14 +730,18 @@ - #ifdef __FreeBSD__ - des_pcbc_encrypt((const unsigned char *)in, - (unsigned char *)in, -+ clientinlen, -+ text->init_keysched, -+ &text->session, -+ DES_DECRYPT); - #else - des_pcbc_encrypt((des_cblock *)in, - (des_cblock *)in, --#endif - clientinlen, - text->init_keysched, - &text->session, - DES_DECRYPT); -+#endif - - testnum=(in[0]*256*256*256)+(in[1]*256*256)+(in[2]*256)+in[3]; - -@@ -1255,18 +1278,22 @@ - len++; - } - sout[len]=0; -+ - #ifdef __FreeBSD__ - des_pcbc_encrypt((const unsigned char *)sout, -- (unsigned char *)sout, -+ (unsigned char *)sout, -+ len, -+ text->init_keysched, -+ (des_cblock *)text->session, -+ DES_ENCRYPT); - #else -- - des_pcbc_encrypt((des_cblock *)sout, - (des_cblock *)sout, --#endif - len, - text->init_keysched, - (des_cblock *)text->session, - DES_ENCRYPT); -+#endif - - *clientout = params->utils->malloc(len); - memcpy((char *) *clientout, sout, len); diff --git a/security/cyrus-sasl/files/patch-pwcheck::Makefile.am b/security/cyrus-sasl/files/patch-pwcheck::Makefile.am deleted file mode 100644 index c9e94adefa82..000000000000 --- a/security/cyrus-sasl/files/patch-pwcheck::Makefile.am +++ /dev/null @@ -1,17 +0,0 @@ ---- pwcheck/Makefile.am.orig Wed Mar 22 11:06:43 2000 -+++ pwcheck/Makefile.am Thu Jan 17 19:09:06 2002 -@@ -22,9 +22,13 @@ - # SOFTWARE. - # - --sbin_PROGRAMS = pwcheck -+sbin_PROGRAMS = pwcheck pwcheck_pam - - pwcheck_SOURCES = pwcheck.c - EXTRA_pwcheck_SOURCES = pwcheck_getpwnam.c pwcheck_getspnam.c - pwcheck_DEPENDECIES = pwcheck_@PWCHECKMETH@.lo - pwcheck_LDADD = pwcheck_@PWCHECKMETH@.lo @LIB_CRYPT@ @LIB_SOCKET@ -+ -+pwcheck_pam_SOURCES = pwcheck.c -+pwcheck_pam_DEPENDECIES = pwcheck_pam.lo -+pwcheck_pam_LDADD = pwcheck_pam.lo @LIB_CRYPT@ @LIB_SOCKET@ @LIB_PAM@ diff --git a/security/cyrus-sasl/files/patch-sample::Makefile.am b/security/cyrus-sasl/files/patch-sample::Makefile.am deleted file mode 100644 index 98fd62f809da..000000000000 --- a/security/cyrus-sasl/files/patch-sample::Makefile.am +++ /dev/null @@ -1,12 +0,0 @@ ---- sample/Makefile.am.orig Tue Jan 22 21:00:24 2002 -+++ sample/Makefile.am Tue Jan 22 21:01:02 2002 -@@ -54,7 +54,9 @@ - client_SOURCES = client.c common.c common.h - - server_LDADD = ../lib/libsasl.la $(LIB_SOCKET) -+server_LDFLAGS = $(GSSAPIBASE_LIBS) - client_LDADD = ../lib/libsasl.la $(LIB_SOCKET) -+client_LDFLAGS = $(GSSAPIBASE_LIBS) - - sample_client_LDADD = ../lib/libsasl.la $(LIB_SOCKET) - sample_server_LDADD = ../lib/libsasl.la $(LIB_SOCKET) diff --git a/security/cyrus-sasl/files/patch-saslauthd::Makefile.am b/security/cyrus-sasl/files/patch-saslauthd::Makefile.am deleted file mode 100644 index 89e79ecea296..000000000000 --- a/security/cyrus-sasl/files/patch-saslauthd::Makefile.am +++ /dev/null @@ -1,10 +0,0 @@ ---- saslauthd/Makefile.am.orig Thu Dec 20 20:31:19 2001 -+++ saslauthd/Makefile.am Tue Sep 10 01:26:07 2002 -@@ -7,5 +7,5 @@ - INCLUDES = -I$(top_srcdir)/include - - install-data-local: -- $(mkinstalldirs) $(DESTDIR)$(mandir)/cat8 -- $(INSTALL_DATA) saslauthd.8 $(DESTDIR)$(mandir)/cat8/saslauthd.8 -+ $(mkinstalldirs) $(DESTDIR)$(mandir)/man8 -+ $(INSTALL_DATA) saslauthd.8 $(DESTDIR)$(mandir)/man8/saslauthd.8 diff --git a/security/cyrus-sasl/files/patch-utils::Makefile.am b/security/cyrus-sasl/files/patch-utils::Makefile.am deleted file mode 100644 index f8c887ba515e..000000000000 --- a/security/cyrus-sasl/files/patch-utils::Makefile.am +++ /dev/null @@ -1,16 +0,0 @@ ---- utils//Makefile.am.orig Tue Jan 22 21:03:43 2002 -+++ utils//Makefile.am Tue Jan 22 21:02:49 2002 -@@ -45,10 +45,13 @@ - sbin_PROGRAMS = saslpasswd sasldblistusers - man_MANS = saslpasswd.8 sasldblistusers.8 - saslpasswd_LDADD = ../lib/libsasl.la -+saslpasswd_LDFLAGS = $(GSSAPIBASE_LIBS) - sasldblistusers_LDADD = $(SASL_DB_LIB) -+sasldblistusers_LDFLAGS = $(GSSAPIBASE_LIBS) - - noinst_PROGRAMS = dbconverter-1.5.9 - dbconverter_1_5_9_LDADD = ../lib/libsasl.la $(SASL_DB_LIB) -+dbconverter_1_5_9_LDFLAGS = $(GSSAPIBASE_LIBS) - - EXTRA_PROGRAMS = testsuite - testsuite_LDADD = ../lib/libsasl.la $(SASL_DB_LIB) $(LIB_SOCKET) diff --git a/security/cyrus-sasl/files/pwcheck.sh b/security/cyrus-sasl/files/pwcheck.sh deleted file mode 100644 index b43abbb8257c..000000000000 --- a/security/cyrus-sasl/files/pwcheck.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -# -# $FreeBSD$ -# - -# PROVIDE: cyrus_pwcheck -# REQUIRE: DAEMON -# BEFORE: mail imap -# KEYWORD: shutdown -# - -prefix=%%PREFIX%% - -# Define these cyrus_pwcheck_* variables in one of these files: -# /etc/rc.conf -# /etc/rc.conf.local -# /etc/rc.conf.d/cyrus_pwcheck -# -# DO NOT CHANGE THE DEFAULT VALUES HERE - -cyrus_pwcheck_enable=${cyrus_pwcheck_enable:-"%%ENABLE_PWCHECK%%"} - -# pwcheck program to use (pwcheck/pwcheck_pam) -cyrus_pwcheck_program=${cyrus_pwcheck_program:-"${prefix}/sbin/%%PWCHECK%%"} - -. %%RC_SUBR%% - -name="cyrus_pwcheck" -rcvar=`set_rcvar` -command=${prefix}/sbin/%%PWCHECK%% -pidfile="/var/run/pwcheck.pid" - -load_rc_config $name -run_rc_command "$1" diff --git a/security/cyrus-sasl/files/pwcheck_pam.c b/security/cyrus-sasl/files/pwcheck_pam.c deleted file mode 100644 index aa0b354d330f..000000000000 --- a/security/cyrus-sasl/files/pwcheck_pam.c +++ /dev/null @@ -1,102 +0,0 @@ - -#include <sys/types.h> -#include <security/pam_appl.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -/* Static variables used to communicate between the conversation function - * and the server_login function - */ -static char *PAM_username; -static char *PAM_password; - -/* PAM conversation function - */ -static int PAM_conv (int num_msg, - const struct pam_message **msg, - struct pam_response **resp, - void *appdata_ptr) { - int replies = 0; - struct pam_response *reply = NULL; - - #define COPY_STRING(s) (s) ? strdup(s) : NULL - - reply = malloc(sizeof(struct pam_response) * num_msg); - if (!reply) return PAM_CONV_ERR; - - for (replies = 0; replies < num_msg; replies++) { - switch (msg[replies]->msg_style) { - case PAM_PROMPT_ECHO_ON: - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = COPY_STRING(PAM_username); - /* PAM frees resp */ - break; - case PAM_PROMPT_ECHO_OFF: - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = COPY_STRING(PAM_password); - /* PAM frees resp */ - break; - case PAM_TEXT_INFO: - /* fall through */ - case PAM_ERROR_MSG: - /* ignore it, but pam still wants a NULL response... */ - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = NULL; - break; - default: - /* Must be an error of some sort... */ - free (reply); - return PAM_CONV_ERR; - } - } - *resp = reply; - return PAM_SUCCESS; -} - -static struct pam_conv PAM_conversation = { - PAM_conv, - NULL -}; - -/* Server log in - * Accepts: user name string - * password string - * Returns: "OK" if password validated, error message otherwise - */ - -char *pwcheck(char *username, char *password) -{ - pam_handle_t *pamh; - int pam_error; - - /* PAM only handles authentication, not user information. */ - if ( !(username && password && strlen(username) && strlen(password)) ) - return "Incorrect username"; - - /* validate password */ - - PAM_password = password; - PAM_username = username; - fprintf(stderr, "checking %s\n", username); - pam_error = pam_start("cyrus", username, &PAM_conversation, &pamh); - if (pam_error == PAM_SUCCESS) - pam_error = pam_authenticate(pamh, 0); - - if (pam_error == PAM_SUCCESS) - pam_error = pam_acct_mgmt(pamh, 0); - - if ( pam_error == PAM_SUCCESS) - fprintf(stderr, "\tauthenticated %s\n", username); - else - fprintf(stderr, "\tfailed to authenticate %s\n", username); - - if(pam_end(pamh, pam_error) != PAM_SUCCESS) { - pamh = NULL; - fprintf(stderr, "pwcheck: failed to release authenticator\n"); - exit(1); - } - return ( pam_error == PAM_SUCCESS ? "OK" : "Incorrect passwd" ); -} - - diff --git a/security/cyrus-sasl/files/saslauthd.sh b/security/cyrus-sasl/files/saslauthd.sh deleted file mode 100644 index 1f27c8c1896f..000000000000 --- a/security/cyrus-sasl/files/saslauthd.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh -# -# $FreeBSD$ -# - -# PROVIDE: saslauthd1 -# REQUIRE: DAEMON -# BEFORE: mail imap -# KEYWORD: shutdown -# - -prefix=%%PREFIX%% - -# Define these saslauthd1_* variables in one of these files: -# /etc/rc.conf -# /etc/rc.conf.local -# /etc/rc.conf.d/saslauthd1 -# -# DO NOT CHANGE THE DEFAULT VALUES HERE - -saslauthd1_enable=${saslauthd1_enable:-"%%ENABLE_SASLAUTHD%%"} -saslauthd1_flags=${saslauthd1_flags:-"-a pam"} - -. %%RC_SUBR%% - -name="saslauthd1" -rcvar=`set_rcvar` -command="${prefix}/sbin/${name}" -pidfile="/var/state/${name}/mux.pid" - -load_rc_config $name -run_rc_command "$1" diff --git a/security/cyrus-sasl/pkg-deinstall b/security/cyrus-sasl/pkg-deinstall deleted file mode 100644 index 02d41095c0cf..000000000000 --- a/security/cyrus-sasl/pkg-deinstall +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/sh -# -# $FreeBSD$ -# -# Created by: hetzels@westbend.net - -#set -vx - -PKG_BATCH=${BATCH:=NO} - -PKG_PREFIX=${PKG_PREFIX:=/usr/local} - -SASLDB_NAME=${PKG_PREFIX}/etc/%%SASLDB%% - -CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%} -CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%} - -remove_file() -{ - file=$1 - - if cmp -s ${file} ${file}.tmp; then - rm -f ${file} - fi - rm -f ${file}.tmp -} - -# delete sasldb database - -delete_sasldb() { - if [ -f ${SASLDB_NAME} ] ; then - if [ `${PKG_PREFIX}/sbin/sasldblistusers | wc -l` -eq 0 ] ; then - rm ${SASLDB_NAME} - else - echo "WARNING: Users SASL passwords are in ${SASLDB_NAME}, keeping this file" - fi - fi -} - -delete_user() { - if pw usershow ${CYRUS_USER} 2>/dev/null 1>&2; then - echo "To delete Cyrus user permanently, use 'pw userdel ${CYRUS_USER}'" - fi - if pw groupshow ${CYRUS_GROUP} 2>/dev/null 1>&2; then - echo "To delete Cyrus group permanently, use 'pw groupdel ${CYRUS_GROUP}'" - fi - -} - -# This should really be uninstalled by Sendmail - -sendmail_conf() { - if [ -f ${PKG_PREFIX}/lib/sasl/Sendmail.conf ]; then - echo "pwcheck_method: %%PWCHECK_METHOD%%" > ${PKG_PREFIX}/lib/sasl/Sendmail.conf.tmp - remove_file ${PKG_PREFIX}/lib/sasl/Sendmail.conf - fi -} - -case $2 in - DEINSTALL) - delete_sasldb - sendmail_conf - ;; - POST-DEINSTALL) - delete_user - ;; - -esac diff --git a/security/cyrus-sasl/pkg-descr b/security/cyrus-sasl/pkg-descr deleted file mode 100644 index 8073aef78748..000000000000 --- a/security/cyrus-sasl/pkg-descr +++ /dev/null @@ -1,21 +0,0 @@ - This is a port of Cyrus SASL (Simple Authentication and Security Layer). -SASL is a method for adding authentication support to connection-based -protocols. To use SASL, a protocol includes a command for identifying and -authenticating a user to a server and for optionally negotiating protection of -subsequent protocol interactions. If its use is negotiated, a security layer is -inserted between the protocol and the connection. - The following mechanisms are included in this distribution: ANONYMOUS, -CRAM-MD5, DIGEST-MD5, GSSAPI (MIT Kerberos 5 or Heimdal Kerberos 5), KERBEROS_V4 -and PLAIN. - The library can use a Berkeley DB, gdbm or ndbm file on the server side -to store per-user authentication secrets. The utility saslpasswd has been -included for adding authentication secrets to the file. - PLAIN can either check /etc/passwd, Kerberos V4, use PAM, or the sasl -secrets database. By default PAM is used if PAM is found, then Kerberos, -finally /etc/passwd (non-shadow). This is tweakable in the configuration file. -Please see "${PREFIX}/share/doc/sasl/sysadmin.html". - The sample directory contains two programs which provide a reference for -using the library, as well as making it easy to test a mechanism on the command -line. See "${PREFIX}/share/doc/sasl/programming.html" for more information. - -WWW: http://cyrusimap.web.cmu.edu/ diff --git a/security/cyrus-sasl/pkg-install b/security/cyrus-sasl/pkg-install deleted file mode 100644 index 690edbccdec8..000000000000 --- a/security/cyrus-sasl/pkg-install +++ /dev/null @@ -1,107 +0,0 @@ -#!/bin/sh -# -# $FreeBSD$ -# -# Created by: stb@FreeBSD.org for the cyrus imap server -# Added to the cyrus-sasl port by hetzels@westbend.net - -#set -vx - -PKG_BATCH=${BATCH:=NO} - -PKG_PREFIX=${PKG_PREFIX:=/usr/local} - -SASLDB_NAME=${PKG_PREFIX}/etc/%%SASLDB%% - -CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%} -CYRUS_GROUP=${CYRUS_GROUP:=%%CYRUS_GROUP%%} - -# -# create 'cyrus' user and group before installing -# - -create_user() { - USER=${CYRUS_USER} - GROUP=${CYRUS_GROUP} - PW=/usr/sbin/pw - - if [ -x /sbin/nologin ]; then - shell=/sbin/nologin - else - shell=/nonexistent - fi - uhome="/nonexistent" - - if ! ${PW} show group ${GROUP} -q >/dev/null; then - gid=60 - while ${PW} show group -g ${gid} -q >/dev/null; do - gid=`expr ${gid} + 1` - done - if ! ${PW} add group ${GROUP} -g ${gid}; then - e=$? - echo "*** Failed to add group \`${GROUP}'. Please add it manually." - exit ${e} - fi - echo "*** Added group \`${GROUP}' (id ${gid})" - else - gid=`${PW} show group ${GROUP} 2>/dev/null | cut -d: -f3` - fi - - if ! ${PW} show user ${USER} -q >/dev/null; then - uid=60 - while ${PW} show user -u ${uid} -q >/dev/null; do - uid=`expr ${uid} + 1` - done - if ! ${PW} add user ${USER} -u ${uid} -g ${gid} -d "${uhome}" \ - -c "the cyrus mail server" -s "${shell}" -p "*" \ - ; then - e=$? - echo "*** Failed to add user \`${USER}'. Please add it manually." - exit ${e} - fi - echo "*** Added user \`${USER}' (id ${uid})" - else - if ! ${PW} mod user ${USER} -g ${gid} -d "${uhome}" \ - -c "the cyrus mail server" -s "${shell}" -p "*" \ - ; then - e=$? - echo "*** Failed to update user \`${USER}'." - exit ${e} - fi - echo "*** Updated user \`${USER}'." - fi -} - -create_sasldb() { - if [ ! -f ${SASLDB_NAME} ]; then - echo "test" | ${PKG_PREFIX}/sbin/saslpasswd -p -c cyrus - if [ `${PKG_PREFIX}/sbin/sasldblistusers | wc -l` -eq 0 ] ; then - echo "WARNING: Failed to create ${SASLDB_NAME}" - else - ${PKG_PREFIX}/sbin/saslpasswd -d cyrus - chown ${CYRUS_USER}:mail ${SASLDB_NAME} - chmod 640 ${SASLDB_NAME} - fi - fi -} - -# This should really be installed by Sendmail - -sendmail_conf() { - if [ ! -f ${PKG_PREFIX}/lib/sasl/Sendmail.conf ]; then - echo "pwcheck_method: %%PWCHECK_METHOD%%" > ${PKG_PREFIX}/lib/sasl/Sendmail.conf - fi -} - -case $2 in - PRE-INSTALL) - create_user - ;; - POST-INSTALL) - if [ "${PKG_BATCH}" = "NO" ]; then - create_sasldb - sendmail_conf - fi - ;; - -esac diff --git a/security/cyrus-sasl/pkg-message b/security/cyrus-sasl/pkg-message deleted file mode 100644 index e4cfeb9ce050..000000000000 --- a/security/cyrus-sasl/pkg-message +++ /dev/null @@ -1,21 +0,0 @@ - -You may need to start the pwcheck or saslauthd daemon for authentication -with the system password files: - - %%PREFIX%%/etc/rc.d/cyrus_pwcheck.sh start -or - %%PREFIX%%/etc/rc.d/saslauthd1.sh start - -or you can use sasldb for authentication, to add users use: - - saslpasswd -c username - -If you want to enable SMTP AUTH with the system Sendmail, read Sendmail.README - -NOTE: This port has been compiled with a default pwcheck_method of - %%PWCHECK_METHOD%%. You may need to set sasl_pwcheck_method to - %%PWCHECK_METHOD%% after installing either the Cyrus-IMAPd 1.6.24 - or 2.0.17 ports. - - You should also check the %%PREFIX%%/lib/sasl/*.conf files for the - correct pwcheck_method. diff --git a/security/cyrus-sasl/pkg-plist b/security/cyrus-sasl/pkg-plist deleted file mode 100644 index 2f88a76078f7..000000000000 --- a/security/cyrus-sasl/pkg-plist +++ /dev/null @@ -1,119 +0,0 @@ -@comment The following makes sure that the pwcheck and saslauthd -@comment daemons are stopped before removing the files. -@unexec if [ -f /var/run/pwcheck.pid ] ; then %D/etc/rc.d/cyrus_pwcheck.sh stop ; echo " stopped." ; fi -@unexec if [ -f /var/state/saslauthd1/mux.pid ] ; then %D/etc/rc.d/saslauthd1.sh stop ; echo " stopped." ; fi -etc/rc.d/cyrus_pwcheck.sh -etc/rc.d/cyrus_sasl1 -etc/rc.d/saslauthd1.sh -include/sasl1/hmac-md5.h -include/sasl1/md5.h -include/sasl1/md5global.h -include/sasl1/sasl.h -include/sasl1/saslplug.h -include/sasl1/saslutil.h -@dirrm include/sasl1 -%%JAVASASL%%lib/libjavasasl.a -%%JAVASASL%%lib/libjavasasl.la -%%JAVASASL%%lib/libjavasasl.so -%%JAVASASL%%lib/libjavasasl.so.1 -lib/libsasl.a -lib/libsasl.la -lib/libsasl.so -lib/libsasl.so.8 -%%ANON%%lib/sasl/libanonymous.a -%%ANON%%lib/sasl/libanonymous.la -%%ANON%%lib/sasl/libanonymous.so -%%ANON%%lib/sasl/libanonymous.so.1 -%%CRAM%%lib/sasl/libcrammd5.a -%%CRAM%%lib/sasl/libcrammd5.la -%%CRAM%%lib/sasl/libcrammd5.so -%%CRAM%%lib/sasl/libcrammd5.so.1 -%%DIGEST%%lib/sasl/libdigestmd5.a -%%DIGEST%%lib/sasl/libdigestmd5.la -%%DIGEST%%lib/sasl/libdigestmd5.so -%%DIGEST%%lib/sasl/libdigestmd5.so.0 -%%GSSAPI%%lib/sasl/libgssapiv2.a -%%GSSAPI%%lib/sasl/libgssapiv2.la -%%GSSAPI%%lib/sasl/libgssapiv2.so -%%GSSAPI%%lib/sasl/libgssapiv2.so.1 -%%EBONES%%lib/sasl/libkerberos4.a -%%EBONES%%lib/sasl/libkerberos4.la -%%EBONES%%lib/sasl/libkerberos4.so -%%EBONES%%lib/sasl/libkerberos4.so.1 -%%LOGIN%%lib/sasl/liblogin.a -%%LOGIN%%lib/sasl/liblogin.la -%%LOGIN%%lib/sasl/liblogin.so -%%LOGIN%%lib/sasl/liblogin.so.0 -%%PLAIN%%lib/sasl/libplain.a -%%PLAIN%%lib/sasl/libplain.la -%%PLAIN%%lib/sasl/libplain.so -%%PLAIN%%lib/sasl/libplain.so.1 -sbin/sasldblistusers -sbin/saslpasswd -sbin/pwcheck -sbin/pwcheck_pam -sbin/saslauthd1 -%%EXAMPLESDIR%%/cyrus.pam -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/ClientFactory.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericClient.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericCommon.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericServer.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/Sasl.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslClient.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslClientFactory.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslException.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslInputStream.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslOutputStream.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslServer.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslServerFactory.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/SaslUtils.class -%%JAVASASL%%share/java/classes/sasl/CyrusSasl/ServerFactory.class -%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/Callback.class -%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/CallbackHandler.class -%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/NameCallback.class -%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/PasswordCallback.class -%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/RealmCallback.class -%%JAVASASL%%share/java/classes/sasl/javax/security/auth/callback/UnsupportedCallbackException.class -%%PORTDOCS%%%%DOCSDIR%%/AUTHORS -%%PORTDOCS%%%%DOCSDIR%%/COPYING -%%PORTDOCS%%%%DOCSDIR%%/ChangeLog -%%PORTDOCS%%%%DOCSDIR%%/INSTALL -%%PORTDOCS%%%%DOCSDIR%%/NEWS -%%PORTDOCS%%%%DOCSDIR%%/README -%%PORTDOCS%%%%DOCSDIR%%/Sendmail.README -%%PORTDOCS%%%%DOCSDIR%%/TODO -%%PORTDOCS%%%%DOCSDIR%%/draft-newman-auth-scram-03.txt -%%PORTDOCS%%%%DOCSDIR%%/draft-weltman-java-sasl-02.txt -%%PORTDOCS%%%%DOCSDIR%%/rfc1321.txt -%%PORTDOCS%%%%DOCSDIR%%/rfc2095.txt -%%PORTDOCS%%%%DOCSDIR%%/rfc2104.txt -%%PORTDOCS%%%%DOCSDIR%%/rfc2222.txt -%%PORTDOCS%%%%DOCSDIR%%/rfc2245.txt -%%PORTDOCS%%%%DOCSDIR%%/rfc2831.txt -%%PORTDOCS%%%%DOCSDIR%%/gssapi.html -%%PORTDOCS%%%%DOCSDIR%%/index.html -%%PORTDOCS%%%%DOCSDIR%%/macosx.html -%%PORTDOCS%%%%DOCSDIR%%/programming.html -%%PORTDOCS%%%%DOCSDIR%%/sysadmin.html -%%PORTDOCS%%@dirrm %%DOCSDIR%% -%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security/auth/callback -%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security/auth -%%JAVASASL%%@dirrm share/java/classes/sasl/javax/security -%%JAVASASL%%@dirrm share/java/classes/sasl/javax -%%JAVASASL%%@dirrm share/java/classes/sasl/CyrusSasl -%%JAVASASL%%@dirrm share/java/classes/sasl -@dirrm %%EXAMPLESDIR%% -@dirrm lib/sasl -@cwd /var -@exec install -d -m 770 -o cyrus -g cyrus %D/pwcheck -@comment This file is created by the pwcheck program -@unexec rm -f %D/pwcheck/pwcheck -@dirrm pwcheck -@mode ug=rwx,o= -@exec mkdir -p /var/state/saslauthd1 -@exec chown -R cyrus:cyrus state -@exec chmod -R o= state -@comment These files are created by the saslauthd program -@unexec rm -fr /var/state/saslauthd1 -@unexec rmdir /var/state -@cwd %%PREFIX%% diff --git a/security/cyrus-sasl/scripts/configure.sasl b/security/cyrus-sasl/scripts/configure.sasl deleted file mode 100644 index 3893c0da1c55..000000000000 --- a/security/cyrus-sasl/scripts/configure.sasl +++ /dev/null @@ -1,237 +0,0 @@ -#!/bin/sh -# $FreeBSD$ - -if [ -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc ]; then - exit -fi - -tempfile=`mktemp -t checklist` - -if [ "${BATCH}" ]; then - if [ "${WITH_DB3}" ]; then - OPTIONS="\"DB3\"" - else - OPTIONS="\"NDBM\"" - fi - if [ "${WITH_JAVA}" ]; then - OPTIONS="${OPTIONS} \"JAVA\"" - fi - if [ "${WITH_MYSQL}" ]; then - OPTIONS="${OPTIONS} \"MySQL\"" - fi - if [ "${WITH_LDAP2}" ]; then - OPTIONS="${OPTIONS} \"OpenLDAP2\"" - elif [ "${WITH_LDAP1}" ]; then - OPTIONS="${OPTIONS} \"OpenLDAP1\"" - fi - if [ "${OPTIONS}" != "x" ]; then - OPTIONS="${OPTIONS} \"SASLAUTHD\"" - set ${OPTIONS} - fi -else - if [ "${WITH_DB3}" -o -f ${PREFIX}/lib/libdb3.so ] ; then - SET_DB3="ON" - SET_NDBM="OFF" - else - SET_DB3="OFF" - SET_NDBM="ON" - fi - if [ "${WITH_JAVA}" ] ; then - SET_JAVA="ON" - else - SET_JAVA="OFF" - fi - if [ "${WITH_MYSQL}" -o -f ${PREFIX}/lib/mysql/libmysqlclient.so ] ; then - SET_MYSQL="ON" - else - SET_MYSQL="OFF" - fi - - #Prefer LDAP2 over LDAP1 - SET_LDAP1="OFF" - SET_LDAP2="OFF" - if [ "${WITH_LDAP2}" -o -f ${PREFIX}/lib/libldap-2.2.so -a -f ${PREFIX}/lib/liblber-2.2.so ] ; then - SET_LDAP2="ON" - elif [ "${WITH_LDAP1}" -o -f ${PREFIX}/lib/libldap.so.1 -a -f ${PREFIX}/lib/liblber.so.1 ]; then - SET_LDAP1="ON" - fi - - /usr/bin/dialog --title "Additional Cyrus SASL options" --clear \ - --checklist "\n\ -Please select desired options:" -1 -1 16 \ -NDBM "ndbm DB" ${SET_NDBM} \ -DB3 "Berkeley DB, revision 3" ${SET_DB3} \ -JAVA "JavaSASL [Experimental]" ${SET_JAVA} \ -MySQL "MySQL password Authentication" ${SET_MYSQL} \ -OpenLDAP1 "OpenLDAP 1.x password Authentication" ${SET_LDAP1} \ -OpenLDAP2 "OpenLDAP 2.x password Authentication w/TLS" ${SET_LDAP2} \ -PWCHECK "Use pwcheck for password Authentication" OFF \ -PAMPWCHECK "Use pwcheck_pam for password Authentication" OFF \ -SASLAUTHD "Use saslauthd for password Authentication" ON \ -2> $tempfile - - retval=$? - - if [ -s $tempfile ]; then - set `cat $tempfile` - fi - rm -f $tempfile - - case $retval in - 0) if [ -z "$*" ]; then - echo "Nothing selected" - OPTIONS="\"NDBM\"" - set ${OPTIONS} - fi - ;; - 1) echo "Cancel pressed." - exit 1 - ;; - esac -fi - -${MKDIR} ${WRKDIRPREFIX}${REALCURDIR} -exec > ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc - -echo "PREFIX= ${PREFIX}" - -while [ "$1" ]; do - case $1 in - \"NDBM\") - if [ "${DBLIB}" ]; then - echo "ndbm and db3 are mutually exclusive." > /dev/stderr - rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc - exit 1 - fi - echo "CONFIGURE_ARGS+= --with-dblib=ndbm" - echo "SASLDB_NAME= sasldb.db" - DBLIB=1 - ;; - \"DB3\") - if [ "${DBLIB}" ]; then - echo "ndbm and db3 are mutually exclusive." > /dev/stderr - rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc - exit 1 - fi - echo "LIB_DEPENDS+= db3.3:\${PORTSDIR}/databases/db3" - echo "CONFIGURE_ARGS+= --with-dblib=berkeley" - echo "SASLDB_NAME= sasldb" - DBLIB=1 - ;; - \"JAVA\") - echo "BUILD_DEPENDS+= \${LOCALBASE}/\${JAVADIR}/bin/java:\${PORTSDIR}/java/jdk13" - echo "RUN_DEPENDS+= \${LOCALBASE}/\${JAVADIR}/bin/java:\${PORTSDIR}/java/jdk13" - echo "USE_GMAKE= yes" - echo "CONFIGURE_ARGS+= --enable-java \\" - echo " --with-javabase=\${LOCALBASE}/\${JAVADIR}" - echo "CONFIGURE_ENV+= JAVAC=\"\${LOCALBASE}/\${JAVADIR}/bin/javac\" \\" - echo " JAVAH=\"\${LOCALBASE}/\${JAVADIR}/bin/javah\" \\" - echo " JAVADOC=\"\${LOCALBASE}/\${JAVADIR}/bin/javadoc\"" - echo "PLIST_SUB+= JAVASASL=\"\"" - DEFJAVA=1 - ;; - \"MySQL\") - echo "LIB_DEPENDS+= mysqlclient.10:\${PORTSDIR}/databases/mysql323-client" - echo "CONFIGURE_ARGS+= --with-mysql=\${PREFIX}" - MYSQL_REQ=mysql - MSG=1 - ;; - \"OpenLDAP1\") - if [ "$OPENLDAP" ]; then - echo "OpenLDAP1 and OpenLDAP2 are mutually exclusive." > /dev/stderr - rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc - exit 1 - fi - echo "LIB_DEPENDS+= ldap.1:\${PORTSDIR}/net/openldap12" - echo "LIB_DEPENDS+= lber.1:\${PORTSDIR}/net/openldap12" - echo "CONFIGURE_ARGS+= --with-ldap=\${PREFIX}" - LDAP_REQ=ldap - OPENLDAP=1 - MSG=1 - ;; - \"OpenLDAP2\") - if [ "$OPENLDAP" ]; then - echo "OpenLDAP1 and OpenLDAP2 are mutually exclusive." > /dev/stderr - rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc - exit 1 - fi - echo "LIB_DEPENDS+= ldap-2.2:\${PORTSDIR}/net/openldap22-client" - echo "LIB_DEPENDS+= lber-2.2:\${PORTSDIR}/net/openldap22-client" - echo "CONFIGURE_ARGS+= --with-ldap=\${PREFIX}" - LDAP_REQ=ldap - OPENLDAP=1 - MSG=1 - ;; - \"PWCHECK\") - if [ "$PWCHECK" ]; then - echo "PWCHECK or PAMPWCHECK must be choosen seperately: Defaulting to PAMPWCHECK" > /dev/stderr - else - PWCHECK=pwcheck - fi - ;; - \"PAMPWCHECK\") - if [ "$PWCHECK" ]; then - echo "PWCHECK or PAMPWCHECK must be choosen seperately: Defaulting to PWCHECK" > /dev/stderr - else - PWCHECK=pwcheck_pam - fi - ;; - \"SASLAUTHD\") - if [ "$PWCHECK" ]; then - echo "SASLAUTHD is preferred over PWCHECK: Enabling saslauthd and disabling pwcheck in rc.d scripts" > /dev/stderr - fi - SASLAUTHD=1 - ;; - *) - echo "Invalid option(s): $*" > /dev/stderr - rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc - exit 1 - ;; - esac - shift -done - -if [ "${SASLAUTHD}" ]; then - ENABLE_PWCHECK=no - PWCHECK_METHOD=saslauthd - ENABLE_SASLAUTHD=yes - if [ -z "${PWCHECK}" ]; then - PWCHECK=pwcheck - fi -else - if [ "${PWCHECK}" ]; then - ENABLE_PWCHECK=yes - else - ENABLE_PWCHECK=no - PWCHECK=pwcheck - fi - PWCHECK_METHOD=pwcheck - ENABLE_SASLAUTHD=no -fi - -if [ ! "${DEFJAVA}" ]; then - echo "PLIST_SUB+= JAVASASL=\"@comment \"" -fi -if [ ! "${DBLIB}" ]; then - echo "CONFIGURE_ARGS+= --with-dblib=ndbm" - echo "SASLDB_NAME= sasldb.db" -fi - -echo "PWCHECK= ${PWCHECK}" -echo "PWCHECK_METHOD= ${PWCHECK_METHOD}" -echo "ENABLE_PWCHECK= ${ENABLE_PWCHECK}" -echo "ENABLE_SASLAUTHD= ${ENABLE_SASLAUTHD}" - -if [ "${MSG}" ]; then - if [ -n "${LDAP_REQ}" ]; then - METHOD="LDAP" - - if [ -n "${MYSQL_REQ}" ]; then - METHOD="LDAP or MySQL" - fi - elif [ -n "${MYSQL_REQ}" ]; then - METHOD="MySQL" - fi - - echo "LDAP_MYSQL_MSG= \"See sysadmin.html in the Cyrus-SASL docs directory for informaion on using ${METHOD} for authentication.\"" -fi |