From owner-freebsd-ports@freebsd.org  Wed Feb 24 12:13:55 2016
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 77F80AB19B8
 for <freebsd-ports@mailman.ysv.freebsd.org>;
 Wed, 24 Feb 2016 12:13:55 +0000 (UTC)
 (envelope-from amonk@backwatcher.com)
Received: from mail.backwatcher.com (mail.backwatcher.com [104.238.223.246])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mail.backwatcher.com",
 Issuer "Let's Encrypt Authority X1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 544129FC;
 Wed, 24 Feb 2016 12:13:55 +0000 (UTC)
 (envelope-from amonk@backwatcher.com)
Received: from envy.sec.gnutec.com (d216-232-204-79.bchsia.telus.net
 [216.232.204.79]) (authenticated)
 by mail.backwatcher.com (MYOB) via MTA with ESMTPSA id u1OCDmEv029057;
 Wed, 24 Feb 2016 04:13:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=backwatcher.com;
 s=dkim; t=1456316032;
 bh=QDFk8PyWnagQd9v8Xr6Th5Sw0GFWVrztqSGaHYRgP7Q=;
 h=Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References:
 MIME-Version:Content-Type;
 b=aUjX8hw31JKnud7lpBgJoDh0rXsyNZq4CMIVnNO+zPuqZyu2bAYzntTl4sEzpO+Ye
 dO63ebpPVFbC8f2WXwsp4QOJyh6J4DsZaUqhq0k6OY3gwRHi7IuQ0EVRshy1+LF+Ne
 ++cxCBG+sMtyFrgDAYZBiBzoJ7dycklUKTsybu5Y=
Date: Wed, 24 Feb 2016 04:13:40 -0800
From: Kyle Amon <amonk@backwatcher.com>
To: Hajimu UMEMOTO <ume@FreeBSD.org>
Cc: freebsd-ports@freebsd.org
Subject: Re: SRP support for the cyrus-sasl-2.1.26_12 port
Message-ID: <20160224041340.36f44ebf@envy.sec.gnutec.com>
In-Reply-To: <ygeziuqfkop.wl-ume@FreeBSD.org>
References: <20160223182505.066765fb@envy.sec.gnutec.com>
 <ygeziuqfkop.wl-ume@FreeBSD.org>
Organization: BackWatcher, Inc.
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 boundary="Sig_/5Edwxn8d7B7191QTyyVEFDm"; protocol="application/pgp-signature"
X-milter-spamd: ham (-3.0/5.0 ALL_TRUSTED, BAYES_00, DKIM_SIGNED, DKIM_VALID,
 DKIM_VALID_AU)
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2016 12:13:55 -0000

--Sig_/5Edwxn8d7B7191QTyyVEFDm
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

Hajimu,

Awesome!  Works for me, but why not just just make the SRP and SRP-SETPASS
options off by default?  I'm quite happy either way.  Just wondering.

Thanks much,

--Kyle

On Wed, 24 Feb 2016 19:48:38 +0900
Thus spake Hajimu UMEMOTO <ume@FreeBSD.org>:

> Hi,
>=20
> >>>>> On Tue, 23 Feb 2016 18:25:05 -0800
> >>>>> Kyle Amon <amonk@backwatcher.com> said: =20
>=20
> amonk> I added support for SRP (including srp-setpass [so saslpasswd2 can
> amonk> store srp salts and verifiers in the sasl password database too, if
> amonk> so desired]) to the cyrus-sasl-2.1.26_12 port.  Two small patch fi=
les
> amonk> are attached. Please consider applying them (or something very sim=
ilar)
> amonk> so that FreeBSD's cyrus-sasl port can support SRP "out of the box."
> amonk> SRP is and excellent, secure authentication method, support for it=
 has
> amonk> long existed in cyrus-sasl, and that support should be easily obta=
inable
> amonk> by FreeBSD's users.  Help make the net a more secure place. :) =20
>=20
> I've committed to add security/cyrus-sasl2-srp.
> If we have the SRP and SRP-SETPASS options enabled by default, the SRP
> salts and verifiers will be stored to the sasldb as well.
> Perhaps, it is not desired by many people.  Therefore, I made the SRP
> plugin the separate port.
>=20
> Sincerely,
>=20
> --
> Hajimu UMEMOTO
> ume@mahoroba.org  ume@FreeBSD.org
> http://www.mahoroba.org/~ume/


--=20

  CA +1-778-819-UNIX                  BackWatcher, Inc.
  US +1-425-584-UNIX                  Information Security Solutions
 SIP amonk@backwatcher.com            www.backwatcher.com

INUM +883-5100-0990-1657  /  ISN UNIX*1917  /  C*NET 1-731-UNIX

GPG ed25519/F57091DBD60FBBB8 [ed25519/D60FBBB8]
    985C 5B61 4ACE C89A 0DEE  ECCD F570 91DB D60F BBB8

    rsa4096/CF001165F36E1CAB [rsa4096/F36E1CAB]
    6050 05B7 9FF1 CC21 3F00  CEBB CF00 1165 F36E 1CAB

OTR E1A46361 9FD0D801 0132D21A FE2E96BE 39E3F069 : amonk@backwatcher.com
    5AB3E0B8 31F6ADB4 9A7D2FC2 A8235281 5776701E : silcnet


--Sig_/5Edwxn8d7B7191QTyyVEFDm
Content-Type: application/pgp-signature
Content-Description: OpenPGP digital signature

-----BEGIN PGP SIGNATURE-----

iF4EARYKAAYFAlbNnnQACgkQ9XCR29YPu7jjZAEA5oSzAEP0cgF2VcUYh/YwPN6f
R3iebyySG3eLXWRSqcUA/0dpDk0VGkfYle7+FtS5J5hmv1Gldc4h9Rl1YbhpQ2oH
=wnxB
-----END PGP SIGNATURE-----

--Sig_/5Edwxn8d7B7191QTyyVEFDm--