Date: Tue, 23 Feb 2016 18:25:05 -0800 From: Kyle Amon <amonk@backwatcher.com> To: ume@freebsd.org, freebsd-ports@freebsd.org Subject: SRP support for the cyrus-sasl-2.1.26_12 port Message-ID: <20160223182505.066765fb@envy.sec.gnutec.com>
next in thread | raw e-mail | index | archive | help
--Sig_/uCjk_EKNRbg5pOTftyJrRGa
Content-Type: multipart/mixed; boundary="MP_/iQQpGVh4AoqS50z.x+6W7JJ"
--MP_/iQQpGVh4AoqS50z.x+6W7JJ
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Hi,
I added support for SRP (including srp-setpass [so saslpasswd2 can
store srp salts and verifiers in the sasl password database too, if
so desired]) to the cyrus-sasl-2.1.26_12 port. Two small patch files
are attached. Please consider applying them (or something very similar)
so that FreeBSD's cyrus-sasl port can support SRP "out of the box."
SRP is and excellent, secure authentication method, support for it has
long existed in cyrus-sasl, and that support should be easily obtainable
by FreeBSD's users. Help make the net a more secure place. :)
Best Regards,
--Kyle
P.S. I'm not on the freebsd-ports mailing list, FYI.
--=20
CA +1-778-819-UNIX BackWatcher, Inc.
US +1-425-584-UNIX Information Security Solutions
SIP amonk@backwatcher.com www.backwatcher.com
INUM +883-5100-0990-1657 / ISN UNIX*1917 / C*NET 1-731-UNIX
GPG ed25519/F57091DBD60FBBB8 [ed25519/D60FBBB8]
985C 5B61 4ACE C89A 0DEE ECCD F570 91DB D60F BBB8
rsa4096/CF001165F36E1CAB [rsa4096/F36E1CAB]
6050 05B7 9FF1 CC21 3F00 CEBB CF00 1165 F36E 1CAB
OTR E1A46361 9FD0D801 0132D21A FE2E96BE 39E3F069 : amonk@backwatcher.com
5AB3E0B8 31F6ADB4 9A7D2FC2 A8235281 5776701E : silcnet
--MP_/iQQpGVh4AoqS50z.x+6W7JJ
Content-Type: text/x-patch
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename=Makefile.patch
--- Makefile.dist 2016-02-23 07:06:03.323811000 -0800
+++ Makefile 2016-02-23 07:22:56.047782000 -0800
@@ -40,13 +40,13 @@
=20
NO_OPTIONS_SORT=3D yes
OPTIONS_DEFINE=3D ALWAYSTRUE AUTHDAEMOND DOCS KEEP_DB_OPEN \
- OBSOLETE_CRAM_ATTR BDB MYSQL PGSQL
+ OBSOLETE_CRAM_ATTR BDB MYSQL PGSQL SRP-SETPASS
OPTIONS_RADIO=3D SQLITE
OPTIONS_RADIO_SQLITE=3D SQLITE2 SQLITE3
OPTIONS_GROUP=3D MECH
-OPTIONS_GROUP_MECH=3D CRAM DIGEST LOGIN NTLM OTP PLAIN SCRAM
+OPTIONS_GROUP_MECH=3D CRAM DIGEST LOGIN NTLM OTP PLAIN SCRAM SRP
OPTIONS_DEFAULT=3D AUTHDAEMOND OBSOLETE_CRAM_ATTR CRAM DIGEST \
- LOGIN NTLM OTP PLAIN SCRAM
+ LOGIN NTLM OTP PLAIN SCRAM SRP SRP-SETPASS
OPTIONS_SUB=3D yes
ALWAYSTRUE_DESC=3D the alwaystrue password verifier
ALWAYSTRUE_CONFIGURE_ENABLE=3Dalwaystrue
@@ -90,6 +90,10 @@
PLAIN_CONFIGURE_ENABLE=3D plain
SCRAM_DESC=3D SCRAM authentication
SCRAM_CONFIGURE_ENABLE=3D scram
+SRP_DESC=3D SRP authentication
+SRP_CONFIGURE_ENABLE=3D srp
+SRP-SETPASS_DESC=3D enable srp-setpass
+SRP-SETPASS_CONFIGURE_ENABLE=3D srp-setpass
=20
.include <bsd.port.pre.mk>
=20
--MP_/iQQpGVh4AoqS50z.x+6W7JJ
Content-Type: text/x-patch
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename=pkg-plist.patch
--- pkg-plist.dist 2016-02-23 08:01:04.584010000 -0800
+++ pkg-plist 2016-02-23 07:45:31.537829000 -0800
@@ -55,6 +55,11 @@
%%PLAIN%%lib/sasl2/libplain.so
%%PLAIN%%lib/sasl2/libplain.so.3
%%PLAIN%%lib/sasl2/libplain.so.3.0.0
+%%SRP%%lib/sasl2/libsrp.a
+%%SRP%%lib/sasl2/libsrp.la
+%%SRP%%lib/sasl2/libsrp.so
+%%SRP%%lib/sasl2/libsrp.so.3
+%%SRP%%lib/sasl2/libsrp.so.3.0.0
lib/sasl2/libsasldb.a
lib/sasl2/libsasldb.la
lib/sasl2/libsasldb.so
--MP_/iQQpGVh4AoqS50z.x+6W7JJ--
--Sig_/uCjk_EKNRbg5pOTftyJrRGa
Content-Type: application/pgp-signature
Content-Description: OpenPGP digital signature
-----BEGIN PGP SIGNATURE-----
iF4EARYKAAYFAlbNFIEACgkQ9XCR29YPu7i0WgEAvhru3UUDa+C1nQwSB0710K/N
AaXqvgOsPWNw23mIY7cA/35C6XiuukaM9UHcOMMx/K4J49RoUt/g4S1IzLzegZME
=oWYn
-----END PGP SIGNATURE-----
--Sig_/uCjk_EKNRbg5pOTftyJrRGa--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160223182505.066765fb>