From owner-freebsd-ports@freebsd.org Wed Feb 24 10:49:09 2016 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 88F63AB3140 for ; Wed, 24 Feb 2016 10:49:09 +0000 (UTC) (envelope-from ume@mahoroba.org) Received: from mail.mahoroba.org (ent.mahoroba.org [IPv6:2001:2f0:104:8010::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "asuka.mahoroba.org", Issuer "ca.mahoroba.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 2A6B11277 for ; Wed, 24 Feb 2016 10:49:09 +0000 (UTC) (envelope-from ume@mahoroba.org) Received: from vsuiko.mahoroba.org (vsuiko.mahoroba.org [IPv6:2001:2f0:104:8010:a00:27ff:feb0:c2e]) (user=ume mech=DIGEST-MD5 bits=0) by mail.mahoroba.org (8.15.2/8.15.2) with ESMTPSA/inet6 id u1OAmjTJ090067 (version=TLSv1.2 cipher=AES128-GCM-SHA256 bits=128 verify=NO); Wed, 24 Feb 2016 19:48:49 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Wed, 24 Feb 2016 19:48:38 +0900 Message-ID: From: Hajimu UMEMOTO To: Kyle Amon Cc: freebsd-ports@freebsd.org Subject: Re: SRP support for the cyrus-sasl-2.1.26_12 port In-Reply-To: <20160223182505.066765fb@envy.sec.gnutec.com> References: <20160223182505.066765fb@envy.sec.gnutec.com> User-Agent: xcite1.60> Wanderlust/2.15.9 (Almost Unreal) Emacs/24.5 Mule/6.0 (HANACHIRUSATO) X-Operating-System: FreeBSD 10.3-BETA2 X-PGP-Key: http://www.mahoroba.org/~ume/publickey.asc X-PGP-Fingerprint: 1F00 0B9E 2164 70FC 6DC5 BF5F 04E9 F086 BF90 71FE MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6a2 (mail.mahoroba.org [IPv6:2001:2f0:104:8010::1]); Wed, 24 Feb 2016 19:48:50 +0900 (JST) X-Virus-Scanned: clamav-milter 0.99 at asuka.mahoroba.org X-Virus-Status: Clean X-Spam-Status: No, score=-3.5 required=5.0 tests=ALL_TRUSTED,BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,RP_MATCHES_RCVD autolearn=ham autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on asuka.mahoroba.org X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2016 10:49:09 -0000 Hi, >>>>> On Tue, 23 Feb 2016 18:25:05 -0800 >>>>> Kyle Amon said: amonk> I added support for SRP (including srp-setpass [so saslpasswd2 can amonk> store srp salts and verifiers in the sasl password database too, if amonk> so desired]) to the cyrus-sasl-2.1.26_12 port. Two small patch files amonk> are attached. Please consider applying them (or something very similar) amonk> so that FreeBSD's cyrus-sasl port can support SRP "out of the box." amonk> SRP is and excellent, secure authentication method, support for it has amonk> long existed in cyrus-sasl, and that support should be easily obtainable amonk> by FreeBSD's users. Help make the net a more secure place. :) I've committed to add security/cyrus-sasl2-srp. If we have the SRP and SRP-SETPASS options enabled by default, the SRP salts and verifiers will be stored to the sasldb as well. Perhaps, it is not desired by many people. Therefore, I made the SRP plugin the separate port. Sincerely, -- Hajimu UMEMOTO ume@mahoroba.org ume@FreeBSD.org http://www.mahoroba.org/~ume/