./security/cyrus-sasl, Simple Authentication and Security Layer

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.1.28nb1, Package name: cyrus-sasl-2.1.28nb1, Maintainer: pkgsrc-users

SASL is a method for adding authentication support to connection-based
protocols. To use SASL, a protocol includes a command for identifying and
authenticating a user to a server and for optionally negotiating protection
of subsequent protocol interactions. If its use is negotiated, a security
layer is inserted between the protocol and the connection.

This is the Cyrus SASL API implentation. It can be used on the client or
server side to provide authentication. See RFC 2222 for more information.

There's a mailing list for Cyrus SASL. Subscribe by sending a message
to majordomo@lists.andrew.cmu.edu with the body "subscribe cyrus-sasl".
The mailing list is available via anonymous IMAP at
imap://cyrus.andrew.cmu.edu/archive.cyrus-sasl or via the web at
http://asg.web.cmu.edu/archive/mailbox.php3?mailbox=archive.cyrus-sasl.

This package does not include any mechanisms. Users will almost
certainly want to install one or more of the packages security/cy2-*.

DEINSTALL [+/-]

Required to build:
[pkgtools/cwrappers]

Package options: ndbm

Master sites:

Filesize: 3940.237 KB

Version history: (Expand)


CVS history: (Expand)


   2024-04-24 14:46:59 by Jonathan Perkin | Files touched by this commit (1)
Log message:
cyrus-sasl: Remove some outdated text from MESSAGE.

Some users found this text confusing and ended up trying to put config
files in the very directory we were telling them not to, e.g.
https://github.com/TritonDataCenter/pkgsrc/issues/378.

This text was added almost 7 years ago, so we can be pretty confident that
users have migrated past this change by now.
   2022-06-28 13:38:00 by Thomas Klausner | Files touched by this commit (3952)
Log message:
*: recursive bump for perl 5.36
   2022-02-24 12:00:04 by Thomas Klausner | Files touched by this commit (14) | Package updated
Log message:
cyrus-sasl: update to 2.1.28

New in 2.1.28

    build:
        configure - Restore LIBS after checking gss_inquire_sec_context_by_oid
        makemd5.c - Fix potential out of bound writes
        fix build with –disable-shared –enable-static
        Dozens of fixes for Windows specific builds
        Fix cross platform builds with SPNEGO
        Do not try to build broken java subtree
        Fix build error with –enable-auth-sasldb
    common:
        plugin_common.c:
            Ensure size is always checked if called repeatedly (#617)
    documentation:
        Fixed generation of saslauthd(8) man page
        Fixed installation of saslauthd(8) and testsaslauthd(8) man pages (#373)
        Updates for additional SCRAM mechanisms
        Fix sasl_decode64 and sasl_encode64 man pages
        Tons of fixes for Sphinx
    include:
        sasl.h:
            Allow up to 16 bits for security flags
    lib:
        checkpw.c:
            Skip one call to strcat
            Disable auxprop-hashed (#374)
        client.c:
            Use proper length for fully qualified domain names
        common.c:
            CVE-2019-19906 Fix off by one error (#587)
        external.c:
            fix EXTERNAL with non-terminated input (#689)
        saslutil.c:
            fix index_64 to be a signed char (#619)
    plugins:
        gssapi.c:
            Emit debug log only in case of errors
        ntlm.c:
            Fail compile if MD4 is not available (#632)
        sql.c:
            Finish reading residual return data (#639)
            CVE-2022-24407 Escape password for SQL insert/update commands.
    sasldb:
        db_gdbm.c:
            fix gdbm_errno overlay from gdbm_close
    DIGEST-MD5 plugin:
        Prevent double free of RC4 context
        Use OpenSSL RC4 implementation if available
    SCRAM plugin:
        Return BADAUTH on incorrect password (#545)
        Add -224, -384, -512 (#552)
        Remove SCRAM_HASH_SIZE
        Add function to return SCRAM auth method name
        Allocate enough memory in scam_setpass()
        Add function to sort SCRAM methods by hash strength
        Update windows build for newer SCRAM options
    saslauthd:
        auth_httpform.c:
            Avoid signed overflow with non-ascii characters (#576)
        auth_krb5.c:
            support setting an explicit auth_krb5 server name
            support setting an explicit servername with Heimdal
            unify the MIT and Heimdal auth_krb5 implementations
            Remove call to krbtf
        auth_rimap.c:
            provide native memmem implementation if missing
        lak.c:
            Allow LDAP_OPT_X_TLS_REQUIRE_CERT to be 0 (no certificate verification)
        lak.h:
            Increase supported DN length to 4096 (#626)
   2021-12-20 20:41:45 by Greg Troxel | Files touched by this commit (1)
Log message:
cyrus-sasl: Extend DESCR to mention plugins
   2021-11-15 19:12:45 by Thomas Klausner | Files touched by this commit (1)
Log message:
cyrus-sasl: use BLAKE2s

Remove checksums for file that is commented out in Makefile
   2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606)
Log message:
security: Remove SHA1 hashes for distfiles
   2021-05-24 21:56:06 by Thomas Klausner | Files touched by this commit (3575)
Log message:
*: recursive bump for perl 5.34
   2020-05-14 16:31:16 by Nia Alarie | Files touched by this commit (3)
Log message:
cyrus-sasl: Resolve some pkglint warnings