Path to this page:
./
security/cy2-gssapi,
Cyrus SASL GSSAPI authentication plugin
Branch: CURRENT,
Version: 2.1.28nb1,
Package name: cy2-gssapi-2.1.28nb1,
Maintainer: pkgsrc-usersSASL is a method for adding authentication support to connection-based
protocols. To use SASL, a protocol includes a command for identifying and
authenticating a user to a server and for optionally negotiating protection
of subsequent protocol interactions. If its use is negotiated, a security
layer is inserted between the protocol and the connection.
This is the Cyrus SASL plugin that implements the GSSAPI authentication
mechanism.
Required to run:[
security/cyrus-sasl] [
security/heimdal] [
security/openssl]
Required to build:[
pkgtools/cwrappers]
Master sites:
Filesize: 3940.237 KB
Version history: (Expand)
- (2023-10-25) Updated to version: cy2-gssapi-2.1.28nb1
- (2022-02-24) Updated to version: cy2-gssapi-2.1.28
- (2021-10-21) Updated to version: cy2-gssapi-2.1.27nb2
- (2020-01-19) Updated to version: cy2-gssapi-2.1.27nb1
- (2018-04-17) Updated to version: cy2-gssapi-2.1.27
- (2017-04-27) Updated to version: cy2-gssapi-2.1.26nb4
CVS history: (Expand)
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|
2022-02-24 12:00:04 by Thomas Klausner | Files touched by this commit (14) | |
Log message:
cyrus-sasl: update to 2.1.28
New in 2.1.28
build:
configure - Restore LIBS after checking gss_inquire_sec_context_by_oid
makemd5.c - Fix potential out of bound writes
fix build with –disable-shared –enable-static
Dozens of fixes for Windows specific builds
Fix cross platform builds with SPNEGO
Do not try to build broken java subtree
Fix build error with –enable-auth-sasldb
common:
plugin_common.c:
Ensure size is always checked if called repeatedly (#617)
documentation:
Fixed generation of saslauthd(8) man page
Fixed installation of saslauthd(8) and testsaslauthd(8) man pages (#373)
Updates for additional SCRAM mechanisms
Fix sasl_decode64 and sasl_encode64 man pages
Tons of fixes for Sphinx
include:
sasl.h:
Allow up to 16 bits for security flags
lib:
checkpw.c:
Skip one call to strcat
Disable auxprop-hashed (#374)
client.c:
Use proper length for fully qualified domain names
common.c:
CVE-2019-19906 Fix off by one error (#587)
external.c:
fix EXTERNAL with non-terminated input (#689)
saslutil.c:
fix index_64 to be a signed char (#619)
plugins:
gssapi.c:
Emit debug log only in case of errors
ntlm.c:
Fail compile if MD4 is not available (#632)
sql.c:
Finish reading residual return data (#639)
CVE-2022-24407 Escape password for SQL insert/update commands.
sasldb:
db_gdbm.c:
fix gdbm_errno overlay from gdbm_close
DIGEST-MD5 plugin:
Prevent double free of RC4 context
Use OpenSSL RC4 implementation if available
SCRAM plugin:
Return BADAUTH on incorrect password (#545)
Add -224, -384, -512 (#552)
Remove SCRAM_HASH_SIZE
Add function to return SCRAM auth method name
Allocate enough memory in scam_setpass()
Add function to sort SCRAM methods by hash strength
Update windows build for newer SCRAM options
saslauthd:
auth_httpform.c:
Avoid signed overflow with non-ascii characters (#576)
auth_krb5.c:
support setting an explicit auth_krb5 server name
support setting an explicit servername with Heimdal
unify the MIT and Heimdal auth_krb5 implementations
Remove call to krbtf
auth_rimap.c:
provide native memmem implementation if missing
lak.c:
Allow LDAP_OPT_X_TLS_REQUIRE_CERT to be 0 (no certificate verification)
lak.h:
Increase supported DN length to 4096 (#626)
|
2021-10-21 09:46:39 by Thomas Klausner | Files touched by this commit (77) |
Log message:
*: recursive bump for heimdal 7.7.0
its buildlink3.mk now includes openssl's buildlink3.mk
|
2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836) |
Log message:
*: Recursive revision bump for openssl 1.1.1.
|
2018-12-09 22:05:37 by Adam Ciarcinski | Files touched by this commit (53) |
Log message:
Removed commented-out PKGREVISIONs
|
2018-04-17 03:57:19 by Christos Zoulas | Files touched by this commit (26) |
Log message:
upgrade to 2.1.27-rc7 so that we can use it with openssl-1.1
|
2017-04-27 15:56:47 by Jonathan Perkin | Files touched by this commit (14) |
Log message:
Fix to use PKG_SYSCONFDIR. Bump PKGREVISION for all packages using the
shared Makefile.common.
|
2016-12-12 15:22:04 by Thomas Klausner | Files touched by this commit (30) |
Log message:
Revert "Specify readline requirement on 30 packages"
Many of these definitely do not depend on readline.
So there must be a different underlying problem, and that
should be tracked down instead of papering over it.
|