kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/security/courier-authlib/patches/patch-aa

238 lines
11 KiB
Text
Raw Normal View History

Update courier-authlib to 0.62.2. Include security fix for CVE-2008-2380 and requested by PR#41023 (approved by wiz@). 0.62.2 This release corrects a makefile compatibility problem with bash 4. 0.62.1 This release correct a couple of minor compiler warnings and errors. * cryptpassword.c: Fix compiler warnings * checkpasswordsha1.c: Fix compiler warnings. * authldaplib.c (auth_ldap_enumerate): Fix typo. 0.62.0 This release adds support for additional hash functions, and an update to the Postgres driver that removes potentional SQL injection vulnerabilities in some circumstances. * authpgsqllib.c: Use PQescapeStringConn() instead of removing all apostrophes from query parameters. This fixes a potential SQL injection vulnerability if the Postgres database uses a non-Latin locale. * Added support for {SSHA}-encrypted passwords. Based on a patch by Zou bin <zb@bisp.com>. * Added support for {SHA512} hash function
2009-07-02 14:23:44 +02:00
$NetBSD: patch-aa,v 1.7 2009/07/02 12:23:44 obache Exp $
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
Update courier-authlib to 0.62.2. Include security fix for CVE-2008-2380 and requested by PR#41023 (approved by wiz@). 0.62.2 This release corrects a makefile compatibility problem with bash 4. 0.62.1 This release correct a couple of minor compiler warnings and errors. * cryptpassword.c: Fix compiler warnings * checkpasswordsha1.c: Fix compiler warnings. * authldaplib.c (auth_ldap_enumerate): Fix typo. 0.62.0 This release adds support for additional hash functions, and an update to the Postgres driver that removes potentional SQL injection vulnerabilities in some circumstances. * authpgsqllib.c: Use PQescapeStringConn() instead of removing all apostrophes from query parameters. This fixes a potential SQL injection vulnerability if the Postgres database uses a non-Latin locale. * Added support for {SSHA}-encrypted passwords. Based on a patch by Zou bin <zb@bisp.com>. * Added support for {SHA512} hash function
2009-07-02 14:23:44 +02:00
--- Makefile.in.orig 2009-02-03 23:39:56.000000000 +0000
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
+++ Makefile.in
Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667, finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid abuse of libtool. Changes since 0.60.2: * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade with older packages that require <libname>.so.0. * Makefile.am: Switch to versionless shared libraries. Install all shared libraries just as <libname>.so. make install manually removes *.so.0.0 files that were left over from previous versions, and installs a temporary *.so.0 symlink to *.so, for temporary binary ABI compatibility with 0.60. The symlinks will be removed in 0.62. * Cleanup: always compile md5, sha* and hmac stuff, and remove all conditionally-compiled cruft. Move SASL list to an internal header. Add client-side support for AUTH EXTERNAL. * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(), invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL by going through the motions, then setting up a dummy authentication request. * authdaemon.c (auth_generic): Check for the dummy EXTERNAL authentication request, and handle it by invoking auth_getuserinfo(), rather than sending it down the pipe. This avoid having to implement a stub in every authentication module. * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES * authmysqllib.c: Fix domain-less queries. * Makefile: Drop the unmaintained authvchkpw module. * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of crude filtering. * Makefile.am: Use _LIBADD properly. * configure.in: More portability fixes.
2008-09-29 00:15:30 +02:00
@@ -453,7 +453,7 @@ CLEANFILES = authldaprc.h authmysqlrc.h
DISTCLEANFILES = dbobj.config README_authlib.html
commonlibdep = libcourierauthcommon.la
-commonldflags = -module -rpath $(pkglibdir) -export-symbols-regex 'courier_auth.*_init' -avoid-version
+commonldflags = -module -rpath $(pkglibdir) -export-symbols-regex 'courier_auth.*_init'
commonlibadd = libcourierauthcommon.la
libcourierauthcommon_t = @CRYPTLIBS@
libcourierauthcommon_la_SOURCES = \
@@ -468,7 +468,7 @@ libcourierauthcommon_la_SOURCES = \
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
libcourierauthcommon_la_DEPENDENCIES = libcourierauth.la
libcourierauthcommon_la_LIBADD = libcourierauth.la
Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667, finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid abuse of libtool. Changes since 0.60.2: * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade with older packages that require <libname>.so.0. * Makefile.am: Switch to versionless shared libraries. Install all shared libraries just as <libname>.so. make install manually removes *.so.0.0 files that were left over from previous versions, and installs a temporary *.so.0 symlink to *.so, for temporary binary ABI compatibility with 0.60. The symlinks will be removed in 0.62. * Cleanup: always compile md5, sha* and hmac stuff, and remove all conditionally-compiled cruft. Move SASL list to an internal header. Add client-side support for AUTH EXTERNAL. * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(), invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL by going through the motions, then setting up a dummy authentication request. * authdaemon.c (auth_generic): Check for the dummy EXTERNAL authentication request, and handle it by invoking auth_getuserinfo(), rather than sending it down the pipe. This avoid having to implement a stub in every authentication module. * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES * authmysqllib.c: Fix domain-less queries. * Makefile: Drop the unmaintained authvchkpw module. * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of crude filtering. * Makefile.am: Use _LIBADD properly. * configure.in: More portability fixes.
2008-09-29 00:15:30 +02:00
-libcourierauthcommon_la_LDFLAGS = $(libcourierauthcommon_t:%=-Wl,%) -avoid-version
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
+libcourierauthcommon_la_LDFLAGS = $(libcourierauthcommon_t)
Strip off any leading "-Wl," in the compiler and linker flags before the courier Makefile adds it to all of the flags again. This avoids situations where you end up with a flag that looks like "-Wl,-Wl,...". This should fix the problem noted in pkg/29777.
2005-03-24 08:13:14 +01:00
libcourierauth_la_SOURCES = authdaemon.c authdaemonlib.c preauthdaemon.c \
authmoduser2.c authmoduser3.c debug.c \
courierauthdebug.h \
Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667, finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid abuse of libtool. Changes since 0.60.2: * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade with older packages that require <libname>.so.0. * Makefile.am: Switch to versionless shared libraries. Install all shared libraries just as <libname>.so. make install manually removes *.so.0.0 files that were left over from previous versions, and installs a temporary *.so.0 symlink to *.so, for temporary binary ABI compatibility with 0.60. The symlinks will be removed in 0.62. * Cleanup: always compile md5, sha* and hmac stuff, and remove all conditionally-compiled cruft. Move SASL list to an internal header. Add client-side support for AUTH EXTERNAL. * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(), invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL by going through the motions, then setting up a dummy authentication request. * authdaemon.c (auth_generic): Check for the dummy EXTERNAL authentication request, and handle it by invoking auth_getuserinfo(), rather than sending it down the pipe. This avoid having to implement a stub in every authentication module. * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES * authmysqllib.c: Fix domain-less queries. * Makefile: Drop the unmaintained authvchkpw module. * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of crude filtering. * Makefile.am: Use _LIBADD properly. * configure.in: More portability fixes.
2008-09-29 00:15:30 +02:00
@@ -477,7 +477,7 @@ libcourierauth_la_SOURCES = authdaemon.c
libcourierauth_la_LIBADD = libhmac/libhmac.la md5/libmd5.la sha1/libsha1.la numlib/libnumlib.la \
random128/librandom128.la rfc822/libencode.la
-libcourierauth_la_LDFLAGS = @NETLIBS@ -avoid-version
+libcourierauth_la_LDFLAGS = @NETLIBS@
# The userdb module
libauthuserdb_t = userdb/libuserdb.la @dblibrary@ @LIBGDBM@ @LIBDB@
@@ -569,7 +569,7 @@ libcourierauthsasl_la_SOURCES = \
authsaslfrombase64.c authsasltobase64.c
libcourierauthsasl_la_LIBADD = libcourierauth.la
-libcourierauthsasl_la_LDFLAGS = -export-symbols-regex '^auth_sasl|auth_sasl_ex$$' -avoid-version
+libcourierauthsasl_la_LDFLAGS = -export-symbols-regex '^auth_sasl|auth_sasl_ex$$'
libcourierauthsaslclient_la_SOURCES = courierauthsaslclient.h \
authsaslclient.c authsaslclient.h authsaslclientcram.c \
authsaslclientcrammd5.c authsaslclientcramsha1.c \
@@ -578,7 +578,7 @@ libcourierauthsaslclient_la_SOURCES = co
authsaslfrombase64.c authsasltobase64.c
libcourierauthsaslclient_la_LIBADD = libcourierauth.la
-libcourierauthsaslclient_la_LDFLAGS = -export-symbols-regex '^auth_sasl_client$$' -avoid-version
+libcourierauthsaslclient_la_LDFLAGS = -export-symbols-regex '^auth_sasl_client$$'
include_HEADERS = courier_auth_config.h courierauth.h courierauthsasl.h \
courierauthsaslclient.h courierauthdebug.h
@@ -609,9 +609,9 @@ authdaemondprog_DEPENDENCIES = libcourie
Update security/courier-authlib to 0.59.3. Changes from version 0.58 include: * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is enabled, but the actual authpipe script/external prog is not installed. * authmysqlrc: Implement SSL-encrypted MySQL connections * authldaplib.c (l_simple_bind_s): Fix anon binds. * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration * userdb/makeuserdb.in: Added the -f option to makeuserdb * authldaplib.c: Try to recover when the LDAP server closes the persistent socket, for inactivity.
2007-08-10 19:57:21 +02:00
authdaemondprog_LDADD = $(LIBLTDL) libcourierauthcommon.la liblock/liblock.la \
libhmac/libhmac.la md5/libmd5.la sha1/libsha1.la \
- rfc822/libencode.la numlib/libnumlib.la
+ rfc822/libencode.la numlib/libnumlib.la $(DL_LIBS)
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
-authdaemondprog_LDFLAGS = -export-dynamic $(modules:%=-dlopen %) @NETLIBS@
+authdaemondprog_LDFLAGS = -export-dynamic $(modules:%=-dlopen %) $(DL_LDFLAGS) @NETLIBS@
authdaemontest_SOURCES = authdaemontest.c
authdaemontest_DEPENDENCIES = libcourierauthcommon.la
authdaemontest_LDADD = libcourierauthcommon.la @NETLIBS@
Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667, finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid abuse of libtool. Changes since 0.60.2: * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade with older packages that require <libname>.so.0. * Makefile.am: Switch to versionless shared libraries. Install all shared libraries just as <libname>.so. make install manually removes *.so.0.0 files that were left over from previous versions, and installs a temporary *.so.0 symlink to *.so, for temporary binary ABI compatibility with 0.60. The symlinks will be removed in 0.62. * Cleanup: always compile md5, sha* and hmac stuff, and remove all conditionally-compiled cruft. Move SASL list to an internal header. Add client-side support for AUTH EXTERNAL. * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(), invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL by going through the motions, then setting up a dummy authentication request. * authdaemon.c (auth_generic): Check for the dummy EXTERNAL authentication request, and handle it by invoking auth_getuserinfo(), rather than sending it down the pipe. This avoid having to implement a stub in every authentication module. * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES * authmysqllib.c: Fix domain-less queries. * Makefile: Drop the unmaintained authvchkpw module. * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of crude filtering. * Makefile.am: Use _LIBADD properly. * configure.in: More portability fixes.
2008-09-29 00:15:30 +02:00
@@ -1517,14 +1517,14 @@ uninstall-man: uninstall-man1 uninstall-
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
authpgsqllib.lo: authpgsqllib.c authpgsqlrc.h
@HAVE_AUTHPGSQL_TRUE@install-authpgsqlrc:
Update security/courier-authlib to 0.59.3. Changes from version 0.58 include: * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is enabled, but the actual authpipe script/external prog is not installed. * authmysqlrc: Implement SSL-encrypted MySQL connections * authldaplib.c (l_simple_bind_s): Fix anon binds. * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration * userdb/makeuserdb.in: Added the -f option to makeuserdb * authldaplib.c: Try to recover when the LDAP server closes the persistent socket, for inactivity.
2007-08-10 19:57:21 +02:00
-@HAVE_AUTHPGSQL_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname @authpgsqlrc@` || :
+@HAVE_AUTHPGSQL_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname $(authpgsqlrc)` || :
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
@HAVE_AUTHPGSQL_TRUE@ $(INSTALL_DATA) -m 660 $(srcdir)/authpgsqlrc \
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
-@HAVE_AUTHPGSQL_TRUE@ $(DESTDIR)@authpgsqlrc@.dist
-@HAVE_AUTHPGSQL_TRUE@ -chown @mailuser@ $(DESTDIR)@authpgsqlrc@.dist
-@HAVE_AUTHPGSQL_TRUE@ -chgrp @mailgroup@ $(DESTDIR)@authpgsqlrc@.dist
+@HAVE_AUTHPGSQL_TRUE@ $(DESTDIR)$(authpgsqlrc).dist
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
+@HAVE_AUTHPGSQL_TRUE@ -chown $(mailuser) $(DESTDIR)$(authpgsqlrc).dist
+@HAVE_AUTHPGSQL_TRUE@ -chgrp $(mailgroup) $(DESTDIR)$(authpgsqlrc).dist
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
@HAVE_AUTHPGSQL_TRUE@uninstall-authpgsqlrc:
-@HAVE_AUTHPGSQL_TRUE@ rm -f $(DESTDIR)@authpgsqlrc@.dist
+@HAVE_AUTHPGSQL_TRUE@ rm -f $(DESTDIR)$(authpgsqlrc).dist
@HAVE_AUTHPGSQL_FALSE@install-authpgsqlrc:
@HAVE_AUTHPGSQL_FALSE@ @:
Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667, finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid abuse of libtool. Changes since 0.60.2: * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade with older packages that require <libname>.so.0. * Makefile.am: Switch to versionless shared libraries. Install all shared libraries just as <libname>.so. make install manually removes *.so.0.0 files that were left over from previous versions, and installs a temporary *.so.0 symlink to *.so, for temporary binary ABI compatibility with 0.60. The symlinks will be removed in 0.62. * Cleanup: always compile md5, sha* and hmac stuff, and remove all conditionally-compiled cruft. Move SASL list to an internal header. Add client-side support for AUTH EXTERNAL. * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(), invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL by going through the motions, then setting up a dummy authentication request. * authdaemon.c (auth_generic): Check for the dummy EXTERNAL authentication request, and handle it by invoking auth_getuserinfo(), rather than sending it down the pipe. This avoid having to implement a stub in every authentication module. * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES * authmysqllib.c: Fix domain-less queries. * Makefile: Drop the unmaintained authvchkpw module. * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of crude filtering. * Makefile.am: Use _LIBADD properly. * configure.in: More portability fixes.
2008-09-29 00:15:30 +02:00
@@ -1533,19 +1533,19 @@ authpgsqllib.lo: authpgsqllib.c authpgsq
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
@HAVE_AUTHPGSQL_FALSE@ @:
authpgsqlrc.h:
- echo "#define AUTHPGSQLRC \"@authpgsqlrc@\"" >authpgsqlrc.h
+ echo "#define AUTHPGSQLRC \"$(authpgsqlrc)\"" >authpgsqlrc.h
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
authldaplib.lo: authldaplib.c authldaprc.h
@HAVE_LDAP_TRUE@install-authldaprc:
Update security/courier-authlib to 0.59.3. Changes from version 0.58 include: * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is enabled, but the actual authpipe script/external prog is not installed. * authmysqlrc: Implement SSL-encrypted MySQL connections * authldaplib.c (l_simple_bind_s): Fix anon binds. * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration * userdb/makeuserdb.in: Added the -f option to makeuserdb * authldaplib.c: Try to recover when the LDAP server closes the persistent socket, for inactivity.
2007-08-10 19:57:21 +02:00
-@HAVE_LDAP_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname @authldaprc@` || :
+@HAVE_LDAP_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname $(authldaprc)` || :
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
@HAVE_LDAP_TRUE@ $(INSTALL_DATA) -m 660 $(srcdir)/authldaprc \
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
-@HAVE_LDAP_TRUE@ $(DESTDIR)@authldaprc@.dist
-@HAVE_LDAP_TRUE@ -chown @mailuser@ $(DESTDIR)@authldaprc@.dist
-@HAVE_LDAP_TRUE@ -chgrp @mailgroup@ $(DESTDIR)@authldaprc@.dist
+@HAVE_LDAP_TRUE@ $(DESTDIR)$(authldaprc).dist
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
+@HAVE_LDAP_TRUE@ -chown $(mailuser) $(DESTDIR)$(authldaprc).dist
+@HAVE_LDAP_TRUE@ -chgrp $(mailgroup) $(DESTDIR)$(authldaprc).dist
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
@HAVE_LDAP_TRUE@uninstall-authldaprc:
-@HAVE_LDAP_TRUE@ rm -f $(DESTDIR)@authldaprc@.dist
+@HAVE_LDAP_TRUE@ rm -f $(DESTDIR)$(authldaprc).dist
@HAVE_LDAP_FALSE@install-authldaprc:
@HAVE_LDAP_FALSE@ @:
Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667, finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid abuse of libtool. Changes since 0.60.2: * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade with older packages that require <libname>.so.0. * Makefile.am: Switch to versionless shared libraries. Install all shared libraries just as <libname>.so. make install manually removes *.so.0.0 files that were left over from previous versions, and installs a temporary *.so.0 symlink to *.so, for temporary binary ABI compatibility with 0.60. The symlinks will be removed in 0.62. * Cleanup: always compile md5, sha* and hmac stuff, and remove all conditionally-compiled cruft. Move SASL list to an internal header. Add client-side support for AUTH EXTERNAL. * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(), invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL by going through the motions, then setting up a dummy authentication request. * authdaemon.c (auth_generic): Check for the dummy EXTERNAL authentication request, and handle it by invoking auth_getuserinfo(), rather than sending it down the pipe. This avoid having to implement a stub in every authentication module. * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES * authmysqllib.c: Fix domain-less queries. * Makefile: Drop the unmaintained authvchkpw module. * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of crude filtering. * Makefile.am: Use _LIBADD properly. * configure.in: More portability fixes.
2008-09-29 00:15:30 +02:00
@@ -1554,19 +1554,19 @@ authldaplib.lo: authldaplib.c authldaprc
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
@HAVE_LDAP_FALSE@ @:
authldaprc.h:
- echo "#define AUTHLDAPRC \"@authldaprc@\"" >authldaprc.h
+ echo "#define AUTHLDAPRC \"$(authldaprc)\"" >authldaprc.h
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
authmysqllib.lo: authmysqllib.c authmysqlrc.h
@HAVE_AUTHMYSQL_TRUE@install-authmysqlrc:
Update security/courier-authlib to 0.59.3. Changes from version 0.58 include: * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is enabled, but the actual authpipe script/external prog is not installed. * authmysqlrc: Implement SSL-encrypted MySQL connections * authldaplib.c (l_simple_bind_s): Fix anon binds. * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration * userdb/makeuserdb.in: Added the -f option to makeuserdb * authldaplib.c: Try to recover when the LDAP server closes the persistent socket, for inactivity.
2007-08-10 19:57:21 +02:00
-@HAVE_AUTHMYSQL_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname @authmysqlrc@` || :
+@HAVE_AUTHMYSQL_TRUE@ $(mkinstalldirs) $(DESTDIR)`dirname $(authmysqlrc)` || :
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
@HAVE_AUTHMYSQL_TRUE@ $(INSTALL_DATA) -m 660 $(srcdir)/authmysqlrc \
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
-@HAVE_AUTHMYSQL_TRUE@ $(DESTDIR)@authmysqlrc@.dist
-@HAVE_AUTHMYSQL_TRUE@ -chown @mailuser@ $(DESTDIR)@authmysqlrc@.dist
-@HAVE_AUTHMYSQL_TRUE@ -chgrp @mailgroup@ $(DESTDIR)@authmysqlrc@.dist
+@HAVE_AUTHMYSQL_TRUE@ $(DESTDIR)$(authmysqlrc).dist
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
+@HAVE_AUTHMYSQL_TRUE@ -chown $(mailuser) $(DESTDIR)$(authmysqlrc).dist
+@HAVE_AUTHMYSQL_TRUE@ -chgrp $(mailgroup) $(DESTDIR)$(authmysqlrc).dist
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
@HAVE_AUTHMYSQL_TRUE@uninstall-authmysqlrc:
-@HAVE_AUTHMYSQL_TRUE@ rm -f $(DESTDIR)@authmysqlrc@.dist
+@HAVE_AUTHMYSQL_TRUE@ rm -f $(DESTDIR)$(authmysqlrc).dist
@HAVE_AUTHMYSQL_FALSE@install-authmysqlrc:
@HAVE_AUTHMYSQL_FALSE@ @:
Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667, finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid abuse of libtool. Changes since 0.60.2: * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade with older packages that require <libname>.so.0. * Makefile.am: Switch to versionless shared libraries. Install all shared libraries just as <libname>.so. make install manually removes *.so.0.0 files that were left over from previous versions, and installs a temporary *.so.0 symlink to *.so, for temporary binary ABI compatibility with 0.60. The symlinks will be removed in 0.62. * Cleanup: always compile md5, sha* and hmac stuff, and remove all conditionally-compiled cruft. Move SASL list to an internal header. Add client-side support for AUTH EXTERNAL. * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(), invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL by going through the motions, then setting up a dummy authentication request. * authdaemon.c (auth_generic): Check for the dummy EXTERNAL authentication request, and handle it by invoking auth_getuserinfo(), rather than sending it down the pipe. This avoid having to implement a stub in every authentication module. * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES * authmysqllib.c: Fix domain-less queries. * Makefile: Drop the unmaintained authvchkpw module. * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of crude filtering. * Makefile.am: Use _LIBADD properly. * configure.in: More portability fixes.
2008-09-29 00:15:30 +02:00
@@ -1575,27 +1575,27 @@ authmysqllib.lo: authmysqllib.c authmysq
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
@HAVE_AUTHMYSQL_FALSE@ @:
authmysqlrc.h:
- echo "#define AUTHMYSQLRC \"@authmysqlrc@\"" >authmysqlrc.h
+ echo "#define AUTHMYSQLRC \"$(authmysqlrc)\"" >authmysqlrc.h
authpipelib.lo: authpipelib.c authpipelib.h authpiperc.h
authpiperc.h:
- echo "#define PIPE_PROGRAM \"@authProg@\"" >authpiperc.h
+ echo "#define PIPE_PROGRAM \"$(authProg)\"" >authpiperc.h
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
install-authdaemonrc:
Update security/courier-authlib to 0.59.3. Changes from version 0.58 include: * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is enabled, but the actual authpipe script/external prog is not installed. * authmysqlrc: Implement SSL-encrypted MySQL connections * authldaplib.c (l_simple_bind_s): Fix anon binds. * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration * userdb/makeuserdb.in: Added the -f option to makeuserdb * authldaplib.c: Try to recover when the LDAP server closes the persistent socket, for inactivity.
2007-08-10 19:57:21 +02:00
- $(mkinstalldirs) $(DESTDIR)`dirname @authdaemonrc@` || :
+ $(mkinstalldirs) $(DESTDIR)`dirname $(authdaemonrc)` || :
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
sed 's/@ALLMODULES@/$(modules:lib%.la=%)/' <authdaemonrc >authdaemonrc.tmp
- $(INSTALL_DATA) -m 660 authdaemonrc.tmp $(DESTDIR)@authdaemonrc@.dist
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
+ $(INSTALL_DATA) -m 660 authdaemonrc.tmp $(DESTDIR)$(authdaemonrc).dist
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
rm -f authdaemonrc.tmp
- -chown @mailuser@ $(DESTDIR)@authdaemonrc@.dist
- -chgrp @mailgroup@ $(DESTDIR)@authdaemonrc@.dist
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
+ -chown $(mailuser) $(DESTDIR)$(authdaemonrc).dist
+ -chgrp $(mailgroup) $(DESTDIR)$(authdaemonrc).dist
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
uninstall-authdaemonrc:
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
- rm -f $(DESTDIR)@authdaemonrc@.dist
+ rm -f $(DESTDIR)$(authdaemonrc).dist
authdaemonrc.h:
- echo "#define AUTHDAEMONRC \"@authdaemonrc@\"" >authdaemonrc.h
- echo "#define AUTHDAEMONVAR \"@authdaemonvar@\"" >>authdaemonrc.h
+ echo "#define AUTHDAEMONRC \"$(authdaemonrc)\"" >authdaemonrc.h
+ echo "#define AUTHDAEMONVAR \"$(authdaemonvar)\"" >>authdaemonrc.h
echo "#define AUTHDAEMONPID AUTHDAEMONVAR \"/pid\"" >>authdaemonrc.h
echo "#define AUTHDAEMONSOCK AUTHDAEMONVAR \"/socket\"" >>authdaemonrc.h
echo "#define AUTHDAEMONLOCK AUTHDAEMONVAR \"/lock\"" >>authdaemonrc.h
Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667, finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid abuse of libtool. Changes since 0.60.2: * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade with older packages that require <libname>.so.0. * Makefile.am: Switch to versionless shared libraries. Install all shared libraries just as <libname>.so. make install manually removes *.so.0.0 files that were left over from previous versions, and installs a temporary *.so.0 symlink to *.so, for temporary binary ABI compatibility with 0.60. The symlinks will be removed in 0.62. * Cleanup: always compile md5, sha* and hmac stuff, and remove all conditionally-compiled cruft. Move SASL list to an internal header. Add client-side support for AUTH EXTERNAL. * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(), invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL by going through the motions, then setting up a dummy authentication request. * authdaemon.c (auth_generic): Check for the dummy EXTERNAL authentication request, and handle it by invoking auth_getuserinfo(), rather than sending it down the pipe. This avoid having to implement a stub in every authentication module. * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES * authmysqllib.c: Fix domain-less queries. * Makefile: Drop the unmaintained authvchkpw module. * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of crude filtering. * Makefile.am: Use _LIBADD properly. * configure.in: More portability fixes.
2008-09-29 00:15:30 +02:00
@@ -1613,20 +1613,20 @@ authchangepwdir.h: config.status
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
echo '#define AUTHCHANGEPWDIR "$(pkglibexecdir)"' >authchangepwdir.h
sbindir.h: config.status
- echo '#define SBINDIR "@sbindir@"' >sbindir.h
+ echo '#define SBINDIR "$(sbindir)"' >sbindir.h
pkglibdir.h: config.status
echo '#define PKGLIBDIR "$(pkglibdir)"' >pkglibdir.h
Update security/courier-authlib to 0.59.3. Changes from version 0.58 include: * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is enabled, but the actual authpipe script/external prog is not installed. * authmysqlrc: Implement SSL-encrypted MySQL connections * authldaplib.c (l_simple_bind_s): Fix anon binds. * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration * userdb/makeuserdb.in: Added the -f option to makeuserdb * authldaplib.c: Try to recover when the LDAP server closes the persistent socket, for inactivity.
2007-08-10 19:57:21 +02:00
packageversion.h: config.status
- echo '#define PKGVERSION "@PACKAGE_VERSION@"' >packageversion.h
+ echo '#define PKGVERSION "$(PACKAGE_VERSION)"' >packageversion.h
pkgincludedir.h: config.status
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
echo '#define PKGINCLUDEDIR "$(includedir)"' >pkgincludedir.h
mailusergroup.h: config.status
- echo '#define MAILUSER "@mailuser@"' >mailusergroup.h
- echo '#define MAILGROUP "@mailgroup@"' >>mailusergroup.h
+ echo '#define MAILUSER "$(mailuser)"' >mailusergroup.h
+ echo '#define MAILGROUP "$(mailgroup)"' >>mailusergroup.h
dist-hook:
for f in $(BUILT1) ; do rm -f $(distdir)/$$f; done
Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667, finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid abuse of libtool. Changes since 0.60.2: * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade with older packages that require <libname>.so.0. * Makefile.am: Switch to versionless shared libraries. Install all shared libraries just as <libname>.so. make install manually removes *.so.0.0 files that were left over from previous versions, and installs a temporary *.so.0 symlink to *.so, for temporary binary ABI compatibility with 0.60. The symlinks will be removed in 0.62. * Cleanup: always compile md5, sha* and hmac stuff, and remove all conditionally-compiled cruft. Move SASL list to an internal header. Add client-side support for AUTH EXTERNAL. * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(), invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL by going through the motions, then setting up a dummy authentication request. * authdaemon.c (auth_generic): Check for the dummy EXTERNAL authentication request, and handle it by invoking auth_getuserinfo(), rather than sending it down the pipe. This avoid having to implement a stub in every authentication module. * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES * authmysqllib.c: Fix domain-less queries. * Makefile: Drop the unmaintained authvchkpw module. * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of crude filtering. * Makefile.am: Use _LIBADD properly. * configure.in: More portability fixes.
2008-09-29 00:15:30 +02:00
@@ -1642,10 +1642,10 @@ install-exec-hook:
Update security/courier-authlib to 0.59.3. Changes from version 0.58 include: * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is enabled, but the actual authpipe script/external prog is not installed. * authmysqlrc: Implement SSL-encrypted MySQL connections * authldaplib.c (l_simple_bind_s): Fix anon binds. * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration * userdb/makeuserdb.in: Added the -f option to makeuserdb * authldaplib.c: Try to recover when the LDAP server closes the persistent socket, for inactivity.
2007-08-10 19:57:21 +02:00
$(mkinstalldirs) $(DESTDIR)$(sbindir) || :
$(mkinstalldirs) $(DESTDIR)$(pkglibexecdir) || :
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) authdaemondprog $(DESTDIR)$(pkglibexecdir)/authdaemond
Update security/courier-authlib to 0.59.3. Changes from version 0.58 include: * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is enabled, but the actual authpipe script/external prog is not installed. * authmysqlrc: Implement SSL-encrypted MySQL connections * authldaplib.c (l_simple_bind_s): Fix anon binds. * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration * userdb/makeuserdb.in: Added the -f option to makeuserdb * authldaplib.c: Try to recover when the LDAP server closes the persistent socket, for inactivity.
2007-08-10 19:57:21 +02:00
- $(mkinstalldirs) $(DESTDIR)@authdaemonvar@ || :
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
- chmod 750 $(DESTDIR)@authdaemonvar@
- -chown @mailuser@ $(DESTDIR)@authdaemonvar@
- -chgrp @mailgroup@ $(DESTDIR)@authdaemonvar@
Update security/courier-authlib to 0.59.3. Changes from version 0.58 include: * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is enabled, but the actual authpipe script/external prog is not installed. * authmysqlrc: Implement SSL-encrypted MySQL connections * authldaplib.c (l_simple_bind_s): Fix anon binds. * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration * userdb/makeuserdb.in: Added the -f option to makeuserdb * authldaplib.c: Try to recover when the LDAP server closes the persistent socket, for inactivity.
2007-08-10 19:57:21 +02:00
+ $(mkinstalldirs) $(DESTDIR)$(authdaemonvar) || :
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
+ chmod 750 $(DESTDIR)$(authdaemonvar)
+ -chown $(mailuser) $(DESTDIR)$(authdaemonvar)
+ -chgrp $(mailgroup) $(DESTDIR)$(authdaemonvar)
Import courier-authlib-0.53 as security/courier-authlib. The Courier authentication library provides authentication services for other Courier applications. In this context, the term "authentication" refers to the following functions: 1. Take a userid or a loginid, and a password. Determine whether the loginid and the password are valid. 2. Given a userid, obtain the following information about the userid: A. The account's home directory. B. The numeric system userid and groupid that owns all files associated with this account. C. The location of the account's maildir. D. Any maildir quota defined for this account. See the Courier documentation for more information on maildir quotas. E. Other miscellaneous account-specific options. 3. Change the password associated with a loginid. 4. Obtain a complete list of all loginids.
2005-02-10 04:21:30 +01:00
test "@LIBAUTHUSERDB@" = "" && exit 0 ;\
$(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) makedat/makedatprog \
$(DESTDIR)$(pkglibexecdir)/makedatprog ; \
Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667, finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid abuse of libtool. Changes since 0.60.2: * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade with older packages that require <libname>.so.0. * Makefile.am: Switch to versionless shared libraries. Install all shared libraries just as <libname>.so. make install manually removes *.so.0.0 files that were left over from previous versions, and installs a temporary *.so.0 symlink to *.so, for temporary binary ABI compatibility with 0.60. The symlinks will be removed in 0.62. * Cleanup: always compile md5, sha* and hmac stuff, and remove all conditionally-compiled cruft. Move SASL list to an internal header. Add client-side support for AUTH EXTERNAL. * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(), invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL by going through the motions, then setting up a dummy authentication request. * authdaemon.c (auth_generic): Check for the dummy EXTERNAL authentication request, and handle it by invoking auth_getuserinfo(), rather than sending it down the pipe. This avoid having to implement a stub in every authentication module. * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES * authmysqllib.c: Fix domain-less queries. * Makefile: Drop the unmaintained authvchkpw module. * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of crude filtering. * Makefile.am: Use _LIBADD properly. * configure.in: More portability fixes.
2008-09-29 00:15:30 +02:00
@@ -1659,7 +1659,6 @@ install-exec-hook:
$(DESTDIR)$(sbindir)/userdbpw ; \
$(INSTALL_SCRIPT) userdb-test-cram-md5.pl \
$(DESTDIR)$(sbindir)/userdb-test-cram-md5
Update courier-authlib to 0.62.2. Include security fix for CVE-2008-2380 and requested by PR#41023 (approved by wiz@). 0.62.2 This release corrects a makefile compatibility problem with bash 4. 0.62.1 This release correct a couple of minor compiler warnings and errors. * cryptpassword.c: Fix compiler warnings * checkpasswordsha1.c: Fix compiler warnings. * authldaplib.c (auth_ldap_enumerate): Fix typo. 0.62.0 This release adds support for additional hash functions, and an update to the Postgres driver that removes potentional SQL injection vulnerabilities in some circumstances. * authpgsqllib.c: Use PQescapeStringConn() instead of removing all apostrophes from query parameters. This fixes a potential SQL injection vulnerability if the Postgres database uses a non-Latin locale. * Added support for {SSHA}-encrypted passwords. Based on a patch by Zou bin <zb@bisp.com>. * Added support for {SHA512} hash function
2009-07-02 14:23:44 +02:00
- for f in $(pkglib_LTLIBRARIES); do . ./$$f; rm -f $(DESTDIR)$(pkglibdir)/$$dlname.0 $(DESTDIR)$(pkglibdir)/$$dlname.0.0; ln -s $$dlname $(DESTDIR)$(pkglibdir)/$$dlname.0; done
Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667, finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid abuse of libtool. Changes since 0.60.2: * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade with older packages that require <libname>.so.0. * Makefile.am: Switch to versionless shared libraries. Install all shared libraries just as <libname>.so. make install manually removes *.so.0.0 files that were left over from previous versions, and installs a temporary *.so.0 symlink to *.so, for temporary binary ABI compatibility with 0.60. The symlinks will be removed in 0.62. * Cleanup: always compile md5, sha* and hmac stuff, and remove all conditionally-compiled cruft. Move SASL list to an internal header. Add client-side support for AUTH EXTERNAL. * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(), invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL by going through the motions, then setting up a dummy authentication request. * authdaemon.c (auth_generic): Check for the dummy EXTERNAL authentication request, and handle it by invoking auth_getuserinfo(), rather than sending it down the pipe. This avoid having to implement a stub in every authentication module. * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES * authmysqllib.c: Fix domain-less queries. * Makefile: Drop the unmaintained authvchkpw module. * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of crude filtering. * Makefile.am: Use _LIBADD properly. * configure.in: More portability fixes.
2008-09-29 00:15:30 +02:00
uninstall-hook: uninstall-authldaprc uninstall-authdaemonrc uninstall-authmysqlrc uninstall-authpgsqlrc
rm -f $(DESTDIR)$(pkglibexecdir)/authdaemond
Update courier-authlib to 0.62.2. Include security fix for CVE-2008-2380 and requested by PR#41023 (approved by wiz@). 0.62.2 This release corrects a makefile compatibility problem with bash 4. 0.62.1 This release correct a couple of minor compiler warnings and errors. * cryptpassword.c: Fix compiler warnings * checkpasswordsha1.c: Fix compiler warnings. * authldaplib.c (auth_ldap_enumerate): Fix typo. 0.62.0 This release adds support for additional hash functions, and an update to the Postgres driver that removes potentional SQL injection vulnerabilities in some circumstances. * authpgsqllib.c: Use PQescapeStringConn() instead of removing all apostrophes from query parameters. This fixes a potential SQL injection vulnerability if the Postgres database uses a non-Latin locale. * Added support for {SSHA}-encrypted passwords. Based on a patch by Zou bin <zb@bisp.com>. * Added support for {SHA512} hash function
2009-07-02 14:23:44 +02:00
@@ -1751,13 +1750,13 @@ README_authlib.html: README_authlib.html
Update security/courier-authlib to 0.57. Changes from version 0.55 include: * authlib: create the authtest and authpasswd manual pages. * authdaemon.c (auth_generic): Silly bug in auth_generic(). * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd(). * authpgsqllib.c (auth_pgsql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Ditto. * authmysqllib.c (auth_mysql_setpass): Fix a memory leak. * authpipe: more fixes to the authpipe module. * authpipe: various fixes to the authpipe module. * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe module. * New authpipe authentication module. * authldap.schema: Add mailhost to the recommended LDAP schema. * README_authlib.sgml: Document updated authpipe protocol. * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints. * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on crypted passwords. * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords. * authdaemond.c: Strip full name/gecos field after the first comma. * authdaemond: Pass LOGGEROPTS option to authdaemond. * liblog/logger.c: Fix wrong args to setuidgid(). * liblog/logger.c: Added -droproot option to courierlogger. * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs under a different uid. * Changed -uid and -gid options to -user and -group for consistency with couriertcpd. Change them to affect courierlogger itself, after it has spawned any child. * Optional default domain for authentication requests. * Fix the error code when an empty password is provided.
2005-08-11 02:03:16 +02:00
authdaemond.o: authdaemonrc.h authdaemond.c
install-migrate: authmigrate
- @SHELL@ authmigrate
+ $(SHELL) authmigrate
install-configure:
- test -f $(DESTDIR)@authdaemonrc@.dist && @SYSCONFTOOL@ $(DESTDIR)@authdaemonrc@.dist || true
- test -f $(DESTDIR)@authmysqlrc@.dist && @SYSCONFTOOL@ $(DESTDIR)@authmysqlrc@.dist || true
- test -f $(DESTDIR)@authpgsqlrc@.dist && @SYSCONFTOOL@ $(DESTDIR)@authpgsqlrc@.dist || true
- test -f $(DESTDIR)@authldaprc@.dist && @SYSCONFTOOL@ $(DESTDIR)@authldaprc@.dist || true
+ test -f $(DESTDIR)$(authdaemonrc).dist && $(SYSCONFTOOL) $(DESTDIR)$(authdaemonrc).dist || true
+ test -f $(DESTDIR)$(authmysqlrc).dist && $(SYSCONFTOOL) $(DESTDIR)$(authmysqlrc).dist || true
+ test -f $(DESTDIR)$(authpgsqlrc).dist && $(SYSCONFTOOL) $(DESTDIR)$(authpgsqlrc).dist || true
+ test -f $(DESTDIR)$(authldaprc).dist && $(SYSCONFTOOL) $(DESTDIR)$(authldaprc).dist || true
# For maintainer's use only
Reference in a new issue Copy permalink