[gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/files/, dev-libs/cyrus-sasl/ - gentoo-commits

From:	Sam James <sam@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: dev-libs/cyrus-sasl/files/, dev-libs/cyrus-sasl/
Date:	Wed, 27 Oct 2021 23:20:31
Message-Id:	`1635376816.0ea0e5c7d34102447316e0ec3e9a4aa82e4523bf.sam@gentoo`

1

commit:     0ea0e5c7d34102447316e0ec3e9a4aa82e4523bf

2

Author:     Martin Kletzander <nert.pinx <AT> gmail <DOT> com>

3

AuthorDate: Wed Oct 27 09:45:22 2021 +0000

4

Commit:     Sam James <sam <AT> gentoo <DOT> org>

5

CommitDate: Wed Oct 27 23:20:16 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ea0e5c7

7

8

dev-libs/cyrus-sasl: Backport upstream fix for wrong error handling w/ newer gdbm

9

10

Without this fix applications might fail with spurious error message, for

11

example libvirt's sasl authentication fails with:

12

13

    authentication failed: Failed to start SASL negotiation: -1 (SASL(-1):

14

    generic failure: unable to canonify user and get auxprops)

15

16

It is merged upstream as commit cyrus-sasl-2.1.27-2-gaf48f6fec9a7:

17

18

commit af48f6fec9a7b6374d4153c5db894d4a1f349645

19

Author: Jonas Jelten <jj <AT> sft.mx>

20

Date:   Sat Feb 2 20:53:37 2019 +0100

21

22

    db_gdbm: fix gdbm_errno overlay from gdbm_close

23

24

Package-Manager: Portage-3.0.28, Repoman-3.0.3

25

Closes: https://github.com/gentoo/gentoo/pull/22723

26

Signed-off-by: Sam James <sam <AT> gentoo.org>

27

28

 dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r5.ebuild    | 269 +++++++++++++++++++++

29

 ...bm-fix-gdbm_errno-overlay-from-gdbm_close.patch |  35 +++

30

 2 files changed, 304 insertions(+)

31

32

diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r5.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r5.ebuild

33

new file mode 100644

34

index 00000000000..3d486cc99a5

35

--- /dev/null

36

+++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r5.ebuild

37

@@ -0,0 +1,269 @@

38

+# Copyright 1999-2021 Gentoo Authors

39

+# Distributed under the terms of the GNU General Public License v2

40

+

41

+EAPI=7

42

+

43

+inherit flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd toolchain-funcs tmpfiles

44

+

45

+SASLAUTHD_CONF_VER="2.1.26"

46

+

47

+DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"

48

+HOMEPAGE="https://www.cyrusimap.org/sasl/"

49

+#SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"

50

+SRC_URI="https://github.com/cyrusimap/${PN}/releases/download/${P}/${P}.tar.gz"

51

+

52

+LICENSE="BSD-with-attribution"

53

+SLOT="2"

54

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"

55

+IUSE="authdaemond berkdb gdbm kerberos ldapdb openldap mysql pam postgres sample selinux sqlite srp ssl static-libs urandom"

56

+

57

+CDEPEND="

58

+	net-mail/mailbase

59

+	virtual/libcrypt:=

60

+	authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) )

61

+	berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )

62

+	gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] )

63

+	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )

64

+	openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )

65

+	mysql? ( dev-db/mysql-connector-c:0=[${MULTILIB_USEDEP}] )

66

+	pam? ( >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] )

67

+	postgres? ( dev-db/postgresql:* )

68

+	sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] )

69

+	ssl? (

70

+		>=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}]

71

+	)

72

+	java? ( >=virtual/jdk-1.6:= )"

73

+

74

+REQUIRED_USE="ldapdb? ( openldap )"

75

+

76

+RDEPEND="

77

+	${CDEPEND}

78

+	selinux? ( sec-policy/selinux-sasl )"

79

+

80

+DEPEND="${CDEPEND}"

81

+

82

+MULTILIB_WRAPPED_HEADERS=(

83

+	/usr/include/sasl/md5global.h

84

+)

85

+

86

+PATCHES=(

87

+	"${FILESDIR}/${PN}-2.1.27-avoid_pic_overwrite.patch"

88

+	"${FILESDIR}/${PN}-2.1.27-autotools_fixes.patch"

89

+	"${FILESDIR}/${PN}-2.1.27-as_needed.patch"

90

+	"${FILESDIR}/${PN}-2.1.25-auxprop.patch"

91

+	"${FILESDIR}/${PN}-2.1.27-gss_c_nt_hostbased_service.patch"

92

+	"${FILESDIR}/${PN}-2.1.26-missing-size_t.patch"

93

+	"${FILESDIR}/${PN}-2.1.27-doc_build_fix.patch"

94

+	"${FILESDIR}/${PN}-2.1.27-memmem.patch"

95

+	"${FILESDIR}/${PN}-2.1.27-CVE-2019-19906.patch"

96

+	"${FILESDIR}/${PN}-2.1.27-slibtool.patch"

97

+	"${FILESDIR}/${PN}-2.1.27-db_gdbm-fix-gdbm_errno-overlay-from-gdbm_close.patch"

98

+)

99

+

100

+pkg_setup() {

101

+	java-pkg-opt-2_pkg_setup

102

+}

103

+

104

+src_prepare() {

105

+	default

106

+

107

+	# Get rid of the -R switch (runpath_switch for Sun)

108

+	# >=gcc-4.6 errors out with unknown option

109

+	sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \

110

+		configure.ac || die

111

+

112

+	# Use plugindir for sasldir

113

+	sed -i '/^sasldir =/s:=.*:= $(plugindir):' \

114

+		"${S}"/plugins/Makefile.{am,in} || die "sed failed"

115

+

116

+	# #486740 #468556

117

+	sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \

118

+		-e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \

119

+		configure.ac || die

120

+

121

+	eautoreconf

122

+

123

+	export CC_FOR_BUILD="$(tc-getBUILD_CC)"

124

+}

125

+

126

+src_configure() {

127

+	append-flags -fno-strict-aliasing

128

+

129

+	if [[ ${CHOST} == *-solaris* ]] ; then

130

+		# getpassphrase is defined in /usr/include/stdlib.h

131

+		append-cppflags -DHAVE_GETPASSPHRASE

132

+	else

133

+		# this horrendously breaks things on Solaris

134

+		append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED

135

+		# replaces BSD_SOURCE (bug #579218)

136

+		append-cppflags -D_DEFAULT_SOURCE

137

+	fi

138

+

139

+	multilib-minimal_src_configure

140

+}

141

+

142

+multilib_src_configure() {

143

+	# Java support

144

+	multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}"

145

+

146

+	local myeconfargs=(

147

+		--enable-login

148

+		--enable-ntlm

149

+		--enable-auth-sasldb

150

+		--disable-cmulocal

151

+		--disable-krb4

152

+		--disable-macos-framework

153

+		--enable-otp

154

+		--without-sqlite

155

+		--with-saslauthd="${EPREFIX}"/run/saslauthd

156

+		--with-pwcheck="${EPREFIX}"/run/saslauthd

157

+		--with-configdir="${EPREFIX}"/etc/sasl2

158

+		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sasl2

159

+		--with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2

160

+		--with-sphinx-build=no

161

+		$(use_with ssl openssl)

162

+		$(use_with pam)

163

+		$(use_with openldap ldap)

164

+		$(use_enable ldapdb)

165

+		$(multilib_native_use_enable sample)

166

+		$(use_enable kerberos gssapi)

167

+		$(multilib_native_use_enable java)

168

+		$(multilib_native_use_with mysql mysql "${EPREFIX}"/usr)

169

+		$(multilib_native_use_with postgres pgsql "${EPREFIX}"/usr/$(get_libdir)/postgresql)

170

+		$(use_with sqlite sqlite3 "${EPREFIX}"/usr/$(get_libdir))

171

+		$(use_enable srp)

172

+		$(use_enable static-libs static)

173

+

174

+		# Add authdaemond support (bug #56523).

175

+		$(usex authdaemond --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket '')

176

+

177

+		# Fix for bug #59634.

178

+		$(usex ssl '' --without-des)

179

+

180

+		# Use /dev/urandom instead of /dev/random (bug #46038).

181

+		$(usex urandom --with-devrandom=/dev/urandom '')

182

+	)

183

+

184

+	if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then

185

+		myeconfargs+=( --enable-sql )

186

+	else

187

+		myeconfargs+=( --disable-sql )

188

+	fi

189

+

190

+	# Default to GDBM if both 'gdbm' and 'berkdb' are present.

191

+	if use gdbm ; then

192

+		einfo "Building with GNU DB as database backend for your SASLdb"

193

+		myeconfargs+=( --with-dblib=gdbm )

194

+	elif use berkdb ; then

195

+		einfo "Building with BerkeleyDB as database backend for your SASLdb"

196

+		myeconfargs+=(

197

+			--with-dblib=berkeley

198

+			--with-bdb-incdir="$(db_includedir)"

199

+		)

200

+	else

201

+		einfo "Building without SASLdb support"

202

+		myeconfargs+=( --with-dblib=none )

203

+	fi

204

+

205

+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"

206

+}

207

+

208

+multilib_src_compile() {

209

+	emake

210

+

211

+	# Default location for java classes breaks OpenOffice (bug #60769).

212

+	# Thanks to axxo@g.o for the solution.

213

+	if multilib_is_native_abi && use java ; then

214

+		jar -cvf ${PN}.jar -C java $(find java -name "*.class")

215

+	fi

216

+}

217

+

218

+multilib_src_install() {

219

+	default

220

+

221

+	if multilib_is_native_abi; then

222

+		if use sample ; then

223

+			docinto sample

224

+			dodoc "${S}"/sample/*.c

225

+			exeinto /usr/share/doc/${P}/sample

226

+			doexe sample/client sample/server

227

+		fi

228

+

229

+		# Default location for java classes breaks OpenOffice (bug #60769).

230

+		if use java; then

231

+			java-pkg_dojar ${PN}.jar

232

+			java-pkg_regso "${ED}/usr/$(get_libdir)/libjavasasl$(get_libname)"

233

+			# hackish, don't wanna dig through makefile

234

+			rm -rf "${ED}/usr/$(get_libdir)/java" || die

235

+			docinto "java"

236

+			dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/*

237

+			insinto "/usr/share/doc/${PF}/java/Test"

238

+			doins "${S}"/java/Test/*.java

239

+		fi

240

+

241

+		dosbin saslauthd/testsaslauthd

242

+	fi

243

+}

244

+

245

+multilib_src_install_all() {

246

+	doman man/*

247

+

248

+	keepdir /etc/sasl2

249

+

250

+	# Reset docinto to default value (#674296)

251

+	docinto

252

+	dodoc AUTHORS ChangeLog doc/legacy/TODO

253

+	newdoc pwcheck/README README.pwcheck

254

+

255

+	newdoc docsrc/sasl/release-notes/$(ver_cut 1-2)/index.rst release-notes

256

+	edos2unix "${ED}/usr/share/doc/${PF}/release-notes"

257

+

258

+	docinto html

259

+	dodoc doc/html/*.html

260

+

261

+	if use pam; then

262

+		newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd

263

+	fi

264

+

265

+	newinitd "${FILESDIR}/pwcheck.rc6" pwcheck

266

+	systemd_dounit "${FILESDIR}/pwcheck.service"

267

+

268

+	newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd

269

+	newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd

270

+	systemd_dounit "${FILESDIR}/saslauthd.service"

271

+	dotmpfiles "${FILESDIR}/${PN}.conf"

272

+

273

+	# The get_modname bit is important: do not remove the .la files on

274

+	# platforms where the lib isn't called .so for cyrus searches the .la to

275

+	# figure out what the name is supposed to be instead

276

+	if ! use static-libs && [[ $(get_modname) == .so ]] ; then

277

+		find "${ED}" -name "*.la" -delete || die

278

+	fi

279

+}

280

+

281

+pkg_postinst() {

282

+	tmpfiles_process ${PN}.conf

283

+

284

+	# Generate an empty sasldb2 with correct permissions.

285

+	if ( use berkdb || use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then

286

+		einfo "Generating an empty sasldb2 with correct permissions ..."

287

+		echo "p" | "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -p login \

288

+			|| die "Failed to generate sasldb2"

289

+		"${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -d login \

290

+			|| die "Failed to delete temp user"

291

+		chown root:mail "${EROOT}/etc/sasl2/sasldb2" \

292

+			|| die "Failed to chown ${EROOT}/etc/sasl2/sasldb2"

293

+		chmod 0640 "${EROOT}/etc/sasl2/sasldb2" \

294

+			|| die "Failed to chmod ${EROOT}/etc/sasl2/sasldb2"

295

+	fi

296

+

297

+	if use authdaemond ; then

298

+		elog "You need to add a user running a service using Courier's"

299

+		elog "authdaemon to the 'mail' group. For example, do:"

300

+		elog "	gpasswd -a postfix mail"

301

+		elog "to add the 'postfix' user to the 'mail' group."

302

+	fi

303

+

304

+	elog "pwcheck and saslauthd home directories have moved to:"

305

+	elog "  /run/saslauthd, using tmpfiles.d"

306

+}

307

308

diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-db_gdbm-fix-gdbm_errno-overlay-from-gdbm_close.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-db_gdbm-fix-gdbm_errno-overlay-from-gdbm_close.patch

309

new file mode 100644

310

index 00000000000..f1e3ae9850c

311

--- /dev/null

312

+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-db_gdbm-fix-gdbm_errno-overlay-from-gdbm_close.patch

313

@@ -0,0 +1,35 @@

314

+From af48f6fec9a7b6374d4153c5db894d4a1f349645 Mon Sep 17 00:00:00 2001

315

+Message-Id: <af48f6fec9a7b6374d4153c5db894d4a1f349645.1635327406.git.mkletzan@××××××.com>

316

+From: Jonas Jelten <jj@×××.mx>

317

+Date: Sat, 2 Feb 2019 20:53:37 +0100

318

+Subject: [PATCH] db_gdbm: fix gdbm_errno overlay from gdbm_close

319

+

320

+`gdbm_close` also sets gdbm_errno since version 1.17.

321

+This leads to a problem in `libsasl` as the `gdbm_close` incovation overlays

322

+the `gdbm_errno` value which is then later used for the error handling.

323

+

324

+Signed-off-by: Martin Kletzander <mkletzan@××××××.com>

325

+---

326

+ sasldb/db_gdbm.c | 4 +++-

327

+ 1 file changed, 3 insertions(+), 1 deletion(-)

328

+

329

+diff --git a/sasldb/db_gdbm.c b/sasldb/db_gdbm.c

330

+index ee56a6bf8516..c908808e04a1 100644

331

+--- a/sasldb/db_gdbm.c

332

++++ b/sasldb/db_gdbm.c

333

+@@ -107,9 +107,11 @@ int _sasldb_getdata(const sasl_utils_t *utils,

334

+   gkey.dptr = key;

335

+   gkey.dsize = key_len;

336

+   gvalue = gdbm_fetch(db, gkey);

337

++  int fetch_errno = gdbm_errno;

338

++

339

+   gdbm_close(db);

340

+   if (! gvalue.dptr) {

341

+-      if (gdbm_errno == GDBM_ITEM_NOT_FOUND) {

342

++      if (fetch_errno == GDBM_ITEM_NOT_FOUND) {

343

+           utils->seterror(conn, SASL_NOLOG,

344

+ 			  "user: %s@%s property: %s not found in %s",

345

+ 			  authid, realm, propName, path);

346

+--

347

+2.33.1

348

+

1	commit: 0ea0e5c7d34102447316e0ec3e9a4aa82e4523bf
2	Author: Martin Kletzander <nert.pinx <AT> gmail <DOT> com>
3	AuthorDate: Wed Oct 27 09:45:22 2021 +0000
4	Commit: Sam James <sam <AT> gentoo <DOT> org>
5	CommitDate: Wed Oct 27 23:20:16 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ea0e5c7
7
8	dev-libs/cyrus-sasl: Backport upstream fix for wrong error handling w/ newer gdbm
9
10	Without this fix applications might fail with spurious error message, for
11	example libvirt's sasl authentication fails with:
12
13	authentication failed: Failed to start SASL negotiation: -1 (SASL(-1):
14	generic failure: unable to canonify user and get auxprops)
15
16	It is merged upstream as commit cyrus-sasl-2.1.27-2-gaf48f6fec9a7:
17
18	commit af48f6fec9a7b6374d4153c5db894d4a1f349645
19	Author: Jonas Jelten <jj <AT> sft.mx>
20	Date: Sat Feb 2 20:53:37 2019 +0100
21
22	db_gdbm: fix gdbm_errno overlay from gdbm_close
23
24	Package-Manager: Portage-3.0.28, Repoman-3.0.3
25	Closes: https://github.com/gentoo/gentoo/pull/22723
26	Signed-off-by: Sam James <sam <AT> gentoo.org>
27
28	dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r5.ebuild \| 269 +++++++++++++++++++++
29	...bm-fix-gdbm_errno-overlay-from-gdbm_close.patch \| 35 +++
30	2 files changed, 304 insertions(+)
31
32	diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r5.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r5.ebuild
33	new file mode 100644
34	index 00000000000..3d486cc99a5
35	--- /dev/null
36	+++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r5.ebuild
37	@@ -0,0 +1,269 @@
38	+# Copyright 1999-2021 Gentoo Authors
39	+# Distributed under the terms of the GNU General Public License v2
40	+
41	+EAPI=7
42	+
43	+inherit flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd toolchain-funcs tmpfiles
44	+
45	+SASLAUTHD_CONF_VER="2.1.26"
46	+
47	+DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"
48	+HOMEPAGE="https://www.cyrusimap.org/sasl/"
49	+#SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"
50	+SRC_URI="https://github.com/cyrusimap/${PN}/releases/download/${P}/${P}.tar.gz"
51	+
52	+LICENSE="BSD-with-attribution"
53	+SLOT="2"
54	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
55	+IUSE="authdaemond berkdb gdbm kerberos ldapdb openldap mysql pam postgres sample selinux sqlite srp ssl static-libs urandom"
56	+
57	+CDEPEND="
58	+ net-mail/mailbase
59	+ virtual/libcrypt:=
60	+ authdaemond? ( \|\| ( net-mail/courier-imap mail-mta/courier ) )
61	+ berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )
62	+ gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] )
63	+ kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
64	+ openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )
65	+ mysql? ( dev-db/mysql-connector-c:0=[${MULTILIB_USEDEP}] )
66	+ pam? ( >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] )
67	+ postgres? ( dev-db/postgresql:* )
68	+ sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] )
69	+ ssl? (
70	+ >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}]
71	+ )
72	+ java? ( >=virtual/jdk-1.6:= )"
73	+
74	+REQUIRED_USE="ldapdb? ( openldap )"
75	+
76	+RDEPEND="
77	+ ${CDEPEND}
78	+ selinux? ( sec-policy/selinux-sasl )"
79	+
80	+DEPEND="${CDEPEND}"
81	+
82	+MULTILIB_WRAPPED_HEADERS=(
83	+ /usr/include/sasl/md5global.h
84	+)
85	+
86	+PATCHES=(
87	+ "${FILESDIR}/${PN}-2.1.27-avoid_pic_overwrite.patch"
88	+ "${FILESDIR}/${PN}-2.1.27-autotools_fixes.patch"
89	+ "${FILESDIR}/${PN}-2.1.27-as_needed.patch"
90	+ "${FILESDIR}/${PN}-2.1.25-auxprop.patch"
91	+ "${FILESDIR}/${PN}-2.1.27-gss_c_nt_hostbased_service.patch"
92	+ "${FILESDIR}/${PN}-2.1.26-missing-size_t.patch"
93	+ "${FILESDIR}/${PN}-2.1.27-doc_build_fix.patch"
94	+ "${FILESDIR}/${PN}-2.1.27-memmem.patch"
95	+ "${FILESDIR}/${PN}-2.1.27-CVE-2019-19906.patch"
96	+ "${FILESDIR}/${PN}-2.1.27-slibtool.patch"
97	+ "${FILESDIR}/${PN}-2.1.27-db_gdbm-fix-gdbm_errno-overlay-from-gdbm_close.patch"
98	+)
99	+
100	+pkg_setup() {
101	+ java-pkg-opt-2_pkg_setup
102	+}
103	+
104	+src_prepare() {
105	+ default
106	+
107	+ # Get rid of the -R switch (runpath_switch for Sun)
108	+ # >=gcc-4.6 errors out with unknown option
109	+ sed -i -e '/LIB_SQLITE.-R/s/ -R[^"]//' \
110	+ configure.ac \|\| die
111	+
112	+ # Use plugindir for sasldir
113	+ sed -i '/^sasldir =/s:=.*:= $(plugindir):' \
114	+ "${S}"/plugins/Makefile.{am,in} \|\| die "sed failed"
115	+
116	+ # #486740 #468556
117	+ sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \
118	+ -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \
119	+ configure.ac \|\| die
120	+
121	+ eautoreconf
122	+
123	+ export CC_FOR_BUILD="$(tc-getBUILD_CC)"
124	+}
125	+
126	+src_configure() {
127	+ append-flags -fno-strict-aliasing
128	+
129	+ if [[ ${CHOST} == -solaris ]] ; then
130	+ # getpassphrase is defined in /usr/include/stdlib.h
131	+ append-cppflags -DHAVE_GETPASSPHRASE
132	+ else
133	+ # this horrendously breaks things on Solaris
134	+ append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED
135	+ # replaces BSD_SOURCE (bug #579218)
136	+ append-cppflags -D_DEFAULT_SOURCE
137	+ fi
138	+
139	+ multilib-minimal_src_configure
140	+}
141	+
142	+multilib_src_configure() {
143	+ # Java support
144	+ multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}"
145	+
146	+ local myeconfargs=(
147	+ --enable-login
148	+ --enable-ntlm
149	+ --enable-auth-sasldb
150	+ --disable-cmulocal
151	+ --disable-krb4
152	+ --disable-macos-framework
153	+ --enable-otp
154	+ --without-sqlite
155	+ --with-saslauthd="${EPREFIX}"/run/saslauthd
156	+ --with-pwcheck="${EPREFIX}"/run/saslauthd
157	+ --with-configdir="${EPREFIX}"/etc/sasl2
158	+ --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sasl2
159	+ --with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2
160	+ --with-sphinx-build=no
161	+ $(use_with ssl openssl)
162	+ $(use_with pam)
163	+ $(use_with openldap ldap)
164	+ $(use_enable ldapdb)
165	+ $(multilib_native_use_enable sample)
166	+ $(use_enable kerberos gssapi)
167	+ $(multilib_native_use_enable java)
168	+ $(multilib_native_use_with mysql mysql "${EPREFIX}"/usr)
169	+ $(multilib_native_use_with postgres pgsql "${EPREFIX}"/usr/$(get_libdir)/postgresql)
170	+ $(use_with sqlite sqlite3 "${EPREFIX}"/usr/$(get_libdir))
171	+ $(use_enable srp)
172	+ $(use_enable static-libs static)
173	+
174	+ # Add authdaemond support (bug #56523).
175	+ $(usex authdaemond --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket '')
176	+
177	+ # Fix for bug #59634.
178	+ $(usex ssl '' --without-des)
179	+
180	+ # Use /dev/urandom instead of /dev/random (bug #46038).
181	+ $(usex urandom --with-devrandom=/dev/urandom '')
182	+ )
183	+
184	+ if use sqlite \|\| { multilib_is_native_abi && { use mysql \|\| use postgres; }; } ; then
185	+ myeconfargs+=( --enable-sql )
186	+ else
187	+ myeconfargs+=( --disable-sql )
188	+ fi
189	+
190	+ # Default to GDBM if both 'gdbm' and 'berkdb' are present.
191	+ if use gdbm ; then
192	+ einfo "Building with GNU DB as database backend for your SASLdb"
193	+ myeconfargs+=( --with-dblib=gdbm )
194	+ elif use berkdb ; then
195	+ einfo "Building with BerkeleyDB as database backend for your SASLdb"
196	+ myeconfargs+=(
197	+ --with-dblib=berkeley
198	+ --with-bdb-incdir="$(db_includedir)"
199	+ )
200	+ else
201	+ einfo "Building without SASLdb support"
202	+ myeconfargs+=( --with-dblib=none )
203	+ fi
204	+
205	+ ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
206	+}
207	+
208	+multilib_src_compile() {
209	+ emake
210	+
211	+ # Default location for java classes breaks OpenOffice (bug #60769).
212	+ # Thanks to axxo@g.o for the solution.
213	+ if multilib_is_native_abi && use java ; then
214	+ jar -cvf ${PN}.jar -C java $(find java -name "*.class")
215	+ fi
216	+}
217	+
218	+multilib_src_install() {
219	+ default
220	+
221	+ if multilib_is_native_abi; then
222	+ if use sample ; then
223	+ docinto sample
224	+ dodoc "${S}"/sample/*.c
225	+ exeinto /usr/share/doc/${P}/sample
226	+ doexe sample/client sample/server
227	+ fi
228	+
229	+ # Default location for java classes breaks OpenOffice (bug #60769).
230	+ if use java; then
231	+ java-pkg_dojar ${PN}.jar
232	+ java-pkg_regso "${ED}/usr/$(get_libdir)/libjavasasl$(get_libname)"
233	+ # hackish, don't wanna dig through makefile
234	+ rm -rf "${ED}/usr/$(get_libdir)/java" \|\| die
235	+ docinto "java"
236	+ dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/*
237	+ insinto "/usr/share/doc/${PF}/java/Test"
238	+ doins "${S}"/java/Test/*.java
239	+ fi
240	+
241	+ dosbin saslauthd/testsaslauthd
242	+ fi
243	+}
244	+
245	+multilib_src_install_all() {
246	+ doman man/*
247	+
248	+ keepdir /etc/sasl2
249	+
250	+ # Reset docinto to default value (#674296)
251	+ docinto
252	+ dodoc AUTHORS ChangeLog doc/legacy/TODO
253	+ newdoc pwcheck/README README.pwcheck
254	+
255	+ newdoc docsrc/sasl/release-notes/$(ver_cut 1-2)/index.rst release-notes
256	+ edos2unix "${ED}/usr/share/doc/${PF}/release-notes"
257	+
258	+ docinto html
259	+ dodoc doc/html/*.html
260	+
261	+ if use pam; then
262	+ newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd
263	+ fi
264	+
265	+ newinitd "${FILESDIR}/pwcheck.rc6" pwcheck
266	+ systemd_dounit "${FILESDIR}/pwcheck.service"
267	+
268	+ newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd
269	+ newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd
270	+ systemd_dounit "${FILESDIR}/saslauthd.service"
271	+ dotmpfiles "${FILESDIR}/${PN}.conf"
272	+
273	+ # The get_modname bit is important: do not remove the .la files on
274	+ # platforms where the lib isn't called .so for cyrus searches the .la to
275	+ # figure out what the name is supposed to be instead
276	+ if ! use static-libs && [[ $(get_modname) == .so ]] ; then
277	+ find "${ED}" -name "*.la" -delete \|\| die
278	+ fi
279	+}
280	+
281	+pkg_postinst() {
282	+ tmpfiles_process ${PN}.conf
283	+
284	+ # Generate an empty sasldb2 with correct permissions.
285	+ if ( use berkdb \|\| use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then
286	+ einfo "Generating an empty sasldb2 with correct permissions ..."
287	+ echo "p" \| "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -p login \
288	+ \|\| die "Failed to generate sasldb2"
289	+ "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -d login \
290	+ \|\| die "Failed to delete temp user"
291	+ chown root:mail "${EROOT}/etc/sasl2/sasldb2" \
292	+ \|\| die "Failed to chown ${EROOT}/etc/sasl2/sasldb2"
293	+ chmod 0640 "${EROOT}/etc/sasl2/sasldb2" \
294	+ \|\| die "Failed to chmod ${EROOT}/etc/sasl2/sasldb2"
295	+ fi
296	+
297	+ if use authdaemond ; then
298	+ elog "You need to add a user running a service using Courier's"
299	+ elog "authdaemon to the 'mail' group. For example, do:"
300	+ elog " gpasswd -a postfix mail"
301	+ elog "to add the 'postfix' user to the 'mail' group."
302	+ fi
303	+
304	+ elog "pwcheck and saslauthd home directories have moved to:"
305	+ elog " /run/saslauthd, using tmpfiles.d"
306	+}
307
308	diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-db_gdbm-fix-gdbm_errno-overlay-from-gdbm_close.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-db_gdbm-fix-gdbm_errno-overlay-from-gdbm_close.patch
309	new file mode 100644
310	index 00000000000..f1e3ae9850c
311	--- /dev/null
312	+++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-db_gdbm-fix-gdbm_errno-overlay-from-gdbm_close.patch
313	@@ -0,0 +1,35 @@
314	+From af48f6fec9a7b6374d4153c5db894d4a1f349645 Mon Sep 17 00:00:00 2001
315	+Message-Id: <af48f6fec9a7b6374d4153c5db894d4a1f349645.1635327406.git.mkletzan@××××××.com>
316	+From: Jonas Jelten <jj@×××.mx>
317	+Date: Sat, 2 Feb 2019 20:53:37 +0100
318	+Subject: [PATCH] db_gdbm: fix gdbm_errno overlay from gdbm_close
319	+
320	+`gdbm_close` also sets gdbm_errno since version 1.17.
321	+This leads to a problem in `libsasl` as the `gdbm_close` incovation overlays
322	+the `gdbm_errno` value which is then later used for the error handling.
323	+
324	+Signed-off-by: Martin Kletzander <mkletzan@××××××.com>
325	+---
326	+ sasldb/db_gdbm.c \| 4 +++-
327	+ 1 file changed, 3 insertions(+), 1 deletion(-)
328	+
329	+diff --git a/sasldb/db_gdbm.c b/sasldb/db_gdbm.c
330	+index ee56a6bf8516..c908808e04a1 100644
331	+--- a/sasldb/db_gdbm.c
332	++++ b/sasldb/db_gdbm.c
333	+@@ -107,9 +107,11 @@ int _sasldb_getdata(const sasl_utils_t *utils,
334	+ gkey.dptr = key;
335	+ gkey.dsize = key_len;
336	+ gvalue = gdbm_fetch(db, gkey);
337	++ int fetch_errno = gdbm_errno;
338	++
339	+ gdbm_close(db);
340	+ if (! gvalue.dptr) {
341	+- if (gdbm_errno == GDBM_ITEM_NOT_FOUND) {
342	++ if (fetch_errno == GDBM_ITEM_NOT_FOUND) {
343	+ utils->seterror(conn, SASL_NOLOG,
344	+ "user: %s@%s property: %s not found in %s",
345	+ authid, realm, propName, path);
346	+--
347	+2.33.1
348	+

Gentoo Archives: gentoo-commits