1 # Buildsheet autogenerated by ravenadm tool -- Do not edit.
8 SDESC[standard]= Cyrus Simple Authentication Service Layer (SASL)
9 HOMEPAGE= https://www.cyrusimap.org/sasl/
13 SITES[main]= https://github.com/cyrusimap/cyrus-sasl/releases/download/cyrus-sasl-2.1.28/
14 DISTFILE[1]= cyrus-sasl-2.1.28.tar.gz:main
16 SPKGS[standard]= complete
20 OPTIONS_AVAILABLE= none
21 OPTIONS_STANDARD= none
25 USERGROUP_SPKG= primary
27 USES= cpe gmake libtool:keepla perl:build bdb ssl mbsdfix
29 LICENSE= BSD4CLAUSE:primary
30 LICENSE_FILE= BSD4CLAUSE:{{WRKSRC}}/COPYING
34 FPC_EQUIVALENT= security/cyrus-sasl2
37 CONFIGURE_ARGS= --disable-alwaystrue
38 --disable-keep-db-open
51 --sysconfdir={{PREFIX}}/etc
53 --with-bdb-libdir={{BDB_LIB_DIR}}
54 --with-bdb-incdir={{BDB_INCLUDE_DIR}}
55 --with-authdaemond=/var/run/authdaemond/socket
56 --with-configdir={{PREFIX}}/lib/sasl2:{{PREFIX}}/etc/sasl2
57 --with-plugindir={{PREFIX}}/lib/sasl2
58 --with-dbpath={{PREFIX}}/etc/sasldb2
60 --includedir={{PREFIX}}/include
63 --with-saslauthd=/var/run/saslauthd
64 --with-openssl={{OPENSSLBASE}}
68 INSTALL_REQ_TOOLCHAIN= yes
70 PLIST_SUB= UNDERSCORE=1.13.1
72 SUB_FILES= pkg-install-primary
74 SUB_LIST= SASLDB_NAME=sasldb2
77 CFLAGS= -Wno-pointer-sign
78 VAR_OPSYS[netbsd]= CONFIGURE_ENV=ac_cv_lib_dl_dlopen=no
79 VAR_ARCH[x86_64]= CPPFLAGS=-fPIC
82 ${MKDIR} ${STAGEDIR}${STD_DOCDIR}
83 (cd ${WRKSRC}/doc && ${COPYTREE_SHARE} . ${STAGEDIR}${STD_DOCDIR} \
84 "! \( -path */html/_sources* \
87 -o -name Makefile.in \
88 -o -name Makefile.in.bak \
89 -o -name Makefile.am \
91 -o -name .cvsignore \)" \
94 ${INSTALL_DATA} AUTHORS ChangeLog INSTALL.TXT README ${STAGEDIR}${STD_DOCDIR})
95 ${INSTALL_DATA} ${FILESDIR}/Sendmail.README ${STAGEDIR}${STD_DOCDIR}
96 ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/sasl2/*.${LIBEXT}
97 ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/*.${LIBEXT}
100 # work around horrible libtool
101 ${REINPLACE_CMD} -e "/^archive_cmds=/ \
102 s|linkopts|linkopts -Wl,-R,${BDB_LIB_DIR}:${OPENSSLRPATH}|" \
105 [FILE:460:descriptions/desc.primary]
106 The Cyrus SASL (Simple Authentication and Security Layer)
108 SASL is the Simple Authentication and Security Layer, a method for
109 adding authentication support to connection-based protocols. To use
110 SASL, a protocol includes a command for identifying and authenticating
111 a user to a server and for optionally negotiating protection of
112 subsequent protocol interactions. If its use is negotiated, a security
113 layer is inserted between the protocol and the connection.
117 7ccfc6abd01ed67c1a0924b353e526f1b766b21f42d4562ee635a8ebfc5bb38c 4034803 cyrus-sasl-2.1.28.tar.gz
120 [FILE:2072:manifests/plist.primary]
133 libsasl2.so.%%SOMAJOR%%
134 libsasl2.so.%%SOVERSION%%
135 lib/pkgconfig/libsasl2.pc
140 libanonymous.so.%%SOMAJOR%%
141 libanonymous.so.%%SOVERSION%%
145 libcrammd5.so.%%SOMAJOR%%
146 libcrammd5.so.%%SOVERSION%%
150 libdigestmd5.so.%%SOMAJOR%%
151 libdigestmd5.so.%%SOVERSION%%
155 liblogin.so.%%SOMAJOR%%
156 liblogin.so.%%SOVERSION%%
160 libntlm.so.%%SOMAJOR%%
161 libntlm.so.%%SOVERSION%%
165 libplain.so.%%SOMAJOR%%
166 libplain.so.%%SOVERSION%%
170 libsasldb.so.%%SOMAJOR%%
171 libsasldb.so.%%SOVERSION%%
175 libscram.so.%%SOMAJOR%%
176 libscram.so.%%SOVERSION%%
183 sasl_authorize_t.3.gz
185 sasl_auxprop_getctx.3.gz
186 sasl_auxprop_request.3.gz
188 sasl_canon_user_t.3.gz
189 sasl_chalprompt_t.3.gz
192 sasl_client_init.3.gz
194 sasl_client_start.3.gz
195 sasl_client_step.3.gz
204 sasl_getconfpath_t.3.gz
209 sasl_getsecret_t.3.gz
210 sasl_getsimple_t.3.gz
211 sasl_global_listmech.3.gz
215 sasl_server_init.3.gz
217 sasl_server_start.3.gz
218 sasl_server_step.3.gz
219 sasl_server_userdb_checkpass_t.3.gz
220 sasl_server_userdb_setpass_t.3.gz
223 sasl_user_exists.3.gz
224 sasl_verifyfile_t.3.gz
227 sasldblistusers2.8.gz
231 [FILE:4070:manifests/plist.docs]
232 share/doc/cyrus-sasl/
238 share/doc/cyrus-sasl/html/
251 share/doc/cyrus-sasl/html/_static/
255 documentation_options.js
266 underscore-%%UNDERSCORE%%.js
268 share/doc/cyrus-sasl/html/_static/css/
271 share/doc/cyrus-sasl/html/_static/event_notifications/
273 ApplePushService.json
282 MailboxSubscribe.json
283 MailboxUnSubscribe.json
294 share/doc/cyrus-sasl/html/_static/fonts/
300 RobotoSlab-Regular.ttf
301 fontawesome-webfont.eot
302 fontawesome-webfont.svg
303 fontawesome-webfont.ttf
304 fontawesome-webfont.woff
305 share/doc/cyrus-sasl/html/_static/js/
308 share/doc/cyrus-sasl/html/sasl/
311 authentication_mechanisms.html
312 auxiliary_properties.html
328 share/doc/cyrus-sasl/html/sasl/developer/
333 share/doc/cyrus-sasl/html/sasl/faqs/
334 authorize-vs-authenticate.html
335 crammd5-digestmd5-scram.html
336 openldap-sasl-gssapi.html
337 plaintextpasswords.html
340 share/doc/cyrus-sasl/html/sasl/reference/manpages/template.html
341 share/doc/cyrus-sasl/html/sasl/reference/manpages/library/
343 sasl_authorize_t.html
345 sasl_auxprop_add_plugin.html
346 sasl_auxprop_getctx.html
347 sasl_auxprop_request.html
349 sasl_canon_user_t.html
350 sasl_canonuser_add_plugin.html
351 sasl_chalprompt_t.html
354 sasl_client_add_plugin.html
355 sasl_client_done.html
356 sasl_client_init.html
358 sasl_client_plug_init_t.html
359 sasl_client_start.html
360 sasl_client_step.html
368 sasl_erasebuffer.html
372 sasl_getcallback_t.html
373 sasl_getconfpath_t.html
378 sasl_getsecret_t.html
379 sasl_getsimple_t.html
380 sasl_global_listmech.html
384 sasl_server_add_plugin.html
385 sasl_server_done.html
386 sasl_server_init.html
388 sasl_server_plug_init_t.html
389 sasl_server_start.html
390 sasl_server_step.html
391 sasl_server_userdb_checkpass_t.html
392 sasl_server_userdb_setpass_t.html
398 sasl_user_exists.html
401 sasl_verifyfile_t.html
402 share/doc/cyrus-sasl/html/sasl/release-notes/index.html
403 share/doc/cyrus-sasl/html/sasl/release-notes/1/index.html
404 share/doc/cyrus-sasl/html/sasl/release-notes/2.0/index.html
405 share/doc/cyrus-sasl/html/sasl/release-notes/2.1/index.html
406 share/doc/cyrus-sasl/legacy/
421 server-plugin-flow.fig
428 [FILE:1733:patches/patch-configure]
429 --- configure.orig 2022-02-18 21:53:52 UTC
431 @@ -15244,6 +15244,8 @@ else
438 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if I should include saslauthd" >&5
439 $as_echo_n "checking if I should include saslauthd... " >&6; }
440 @@ -16859,6 +16861,7 @@ fi
441 gssapi_dir="${gssapi}/lib"
442 GSSAPIBASE_LIBS="-L$gssapi_dir"
443 GSSAPIBASE_STATIC_LIBS="-L$gssapi_dir"
444 + gssapi_bindir="${gssapi}/bin/"
446 # FIXME: This is only used for building cyrus, and then only as
447 # a real hack. it needs to be fixed.
448 @@ -16878,7 +16881,7 @@ if ${ac_cv_lib_gssapi_gss_unwrap+:} fals
449 $as_echo_n "(cached) " >&6
451 ac_check_lib_save_LIBS=$LIBS
452 -LIBS="-lgssapi ${GSSAPIBASE_LIBS} -lgssapi -lkrb5 -lasn1 -lroken ${LIB_CRYPT} ${LIB_DES} -lcom_err ${LIB_SOCKET} $LIBS"
453 +LIBS="${GSSAPIBASE_LIBS} `${gssapi_bindir}krb5-config --libs gssapi` $LIBS"
454 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
455 /* end confdefs.h. */
457 @@ -17138,7 +17141,7 @@ fi
458 GSSAPIBASE_STATIC_LIBS="$GSSAPIBASE_LIBS $gssapi_dir/libgssapi_krb5.a $gssapi_dir/libkrb5.a $gssapi_dir/libk5crypto.a $gssapi_dir/libcom_err.a"
459 elif test "$gss_impl" = "heimdal"; then
461 - GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi -lkrb5 -lasn1 -lroken ${LIB_CRYPT} ${LIB_DES} -lcom_err"
462 + GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS `${gssapi_bindir}krb5-config --libs gssapi`"
463 GSSAPIBASE_STATIC_LIBS="$GSSAPIBASE_STATIC_LIBS $gssapi_dir/libgssapi.a $gssapi_dir/libkrb5.a $gssapi_dir/libasn1.a $gssapi_dir/libroken.a $gssapi_dir/libcom_err.a ${LIB_CRYPT}"
464 elif test "$gss_impl" = "cybersafe03"; then
465 # Version of CyberSafe with two libraries
468 [FILE:348:patches/patch-plugins_gssapi.c]
469 --- plugins/gssapi.c.orig 2022-02-18 21:53:25 UTC
471 @@ -1668,8 +1668,10 @@ static int gssapi_client_mech_step(void
476 params->utils->log(params->utils->conn, SASL_LOG_DEBUG,
477 "GSSAPI client step %d", text->state);
480 switch (text->state) {
484 [FILE:718:patches/patch-utils__Makefile.in]
485 --- utils/Makefile.in.orig 2022-02-18 21:53:55 UTC
486 +++ utils/Makefile.in
487 @@ -495,7 +495,7 @@ top_srcdir = @top_srcdir@
488 all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET)
489 all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE)
490 @NO_SASL_DB_MANS_FALSE@man_MANS = saslpasswd2.8 sasldblistusers2.8 pluginviewer.8
491 -@NO_SASL_DB_MANS_TRUE@man_MANS =
492 +@NO_SASL_DB_MANS_TRUE@man_MANS = pluginviewer.8
493 saslpasswd2_LDADD = ../sasldb/libsasldb.la $(all_sasl_libs)
494 saslpasswd2_SOURCES = saslpasswd.c
495 sasldblistusers2_LDADD = ../sasldb/libsasldb.la $(all_sasl_libs)
498 [FILE:2307:files/Sendmail.README]
499 How to enable SMTP AUTH with FreeBSD default Sendmail
501 1) Add the following to /etc/make.conf:
503 # Add SMTP AUTH support to Sendmail
504 SENDMAIL_CFLAGS+= -I/usr/local/include -DSASL=2
505 SENDMAIL_LDFLAGS+= -L/usr/local/lib
506 SENDMAIL_LDADD+= -lsasl2
508 2) Rebuild FreeBSD (make buildworld, ...)
510 3) Make sure that the pwcheck_method is correct in Sendmail.conf.
512 Sendmail.conf (${PREFIX}/lib/sasl2/Sendmail.conf) is created by
513 the cyrus-sasl2 ports during installation. It may have
514 pwcheck_method set to saslauthd by default. Change this to what is
515 appropriate for your site.
517 4) Add the following to your sendmail.mc file:
519 dnl The group needs to be mail in order to read the sasldb2 file
520 define(`confRUN_AS_USER',`root:mail')dnl
522 TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl
523 define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl
525 define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLDBFile')dnl
527 5) Add the following before FEATURE(msp) in your submit.mc file:
529 DAEMON_OPTIONS(`Name=NoMTA, Addr=127.0.0.1, M=EA')dnl
531 This disables SMTP AUTH on the loopback interface. Otherwise you may get
532 the following error in the log:
534 error: safesasl(/usr/local/etc/sasldb2) failed: Group readable file
536 when sending mail locally (seen when using pine locally on same server).
540 Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4.
541 These can be added to TRUST_AUTH_MECH and confAUTH_MECHANISMS as a space
542 seperated list. You may want to restrict LOGIN, and PLAIN authentication
543 methods for use with STARTTLS, as the password is not encrypted when
546 LOGIN is required for Outlook Express users. "My server requires
547 authentication" needs to be checked in the accounts properties to
548 use SASL Authentication.
550 PLAIN is required for Netscape Communicator users. By default Netscape
551 Communicator will use SASL Authentication when sendmail is compiled with
552 SASL and will cause your users to enter their passwords each time they
553 retreive their mail (NS 4.7).
555 The DONT_BLAME_SENDMAIL option GroupReadableSASLDBFile is needed when you
556 are using cyrus-imapd and sendmail on the same server that requires access
557 to the sasldb2 database.
559 SASLv2 support of Sendmail is starting with 8.12.4.
562 [FILE:704:files/pkg-deinstall-primary.in]
566 PKG_BATCH=${BATCH:=NO}
567 PKG_PREFIX=${PKG_PREFIX:=%%PREFIX%%}
568 SASLDB_NAME=%%SASLDB_NAME%%
569 SASLDB_NAME=${SASLDB_NAME:+${PKG_PREFIX}/etc/%%SASLDB_NAME%%}
570 CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%}
572 # delete sasldb database
574 if [ -f ${SASLDB_NAME} ] ; then
575 if [ `${PKG_PREFIX}/sbin/sasldblistusers2 | wc -l` -eq 0 ]; then
576 echo "Removing ${SASLDB_NAME} as part of cyrus-sasl deinstallation."
578 if [ -f ${SASLDB_NAME}-lock ] ; then
579 rm ${SASLDB_NAME}-lock
582 echo "WARNING: Users SASL passwords are in ${SASLDB_NAME}, keeping this file"
589 if [ -n "${SASLDB_NAME}" ]; then
596 [FILE:1140:files/pkg-install-primary.in]
600 PKG_BATCH=${BATCH:=NO}
601 PKG_PREFIX=${PKG_PREFIX:=%%PREFIX%%}
602 SASLDB_NAME=%%SASLDB_NAME%%
603 SASLDB_NAME=${SASLDB_NAME:+${PKG_PREFIX}/etc/%%SASLDB_NAME%%}
604 CYRUS_USER=${CYRUS_USER:=%%CYRUS_USER%%}
607 if [ ! -f ${SASLDB_NAME} ]; then
608 echo "test" | ${PKG_PREFIX}/sbin/saslpasswd2 -p -c ${CYRUS_USER}
609 if [ `${PKG_PREFIX}/sbin/sasldblistusers2 | wc -l` -eq 0 ] ; then
610 echo "WARNING: Failed to create ${SASLDB_NAME}"
612 ${PKG_PREFIX}/sbin/saslpasswd2 -d ${CYRUS_USER}
613 chown ${CYRUS_USER}:mail ${SASLDB_NAME}
614 chmod 640 ${SASLDB_NAME}
615 if [ -f ${SASLDB_NAME}-lock ]; then
616 chown ${CYRUS_USER}:mail ${SASLDB_NAME}-lock
617 chmod 640 ${SASLDB_NAME}-lock
625 if [ "${PKG_BATCH}" = "NO" ]; then
626 if [ -n "${SASLDB_NAME}" ]; then
629 elif [ -n "${SASLDB_NAME}" -a ! -f ${SASLDB_NAME} ]; then
630 echo "*** We do not create ${SASLDB_NAME} automatically in"
631 echo "*** BATCH mode. Please create it by yourself. It should be"
632 echo "*** owner: ${CYRUS_USER}, group: mail, mode: 0640."