summaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb
Commit message (Collapse)AuthorAgeFilesLines
* cyrus-sasl: upgrade 2.1.27 -> 2.1.28Wang Mingyu2022-03-011-101/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 0001-Allow-saslauthd-to-be-built-outside-of-source-tree-w.patch 0001-makeinit.sh-fix-parallel-build-issue.patch 0004-configure.ac-fix-condition-for-suppliment-snprintf-i.patch deleted since they're included in 2.1.28 CVE-2019-19906.patch avoid-to-call-AC_TRY_RUN.patch refreshed for new version Changelog: ========= build: ------ configure - Restore LIBS after checking gss_inquire_sec_context_by_oid makemd5.c - Fix potential out of bound writes fix build with –disable-shared –enable-static Dozens of fixes for Windows specific builds Fix cross platform builds with SPNEGO Do not try to build broken java subtree Fix build error with –enable-auth-sasldb common: ------- plugin_common.c: Ensure size is always checked if called repeatedly (#617) documentation: -------------- Fixed generation of saslauthd(8) man page Fixed installation of saslauthd(8) and testsaslauthd(8) man pages (#373) Updates for additional SCRAM mechanisms Fix sasl_decode64 and sasl_encode64 man pages Tons of fixes for Sphinx include: -------- sasl.h: Allow up to 16 bits for security flags lib: ---- checkpw.c: Skip one call to strcat Disable auxprop-hashed (#374) client.c: Use proper length for fully qualified domain names common.c: CVE-2019-19906 Fix off by one error (#587) external.c: fix EXTERNAL with non-terminated input (#689) saslutil.c: fix index_64 to be a signed char (#619) plugins: -------- gssapi.c: Emit debug log only in case of errors ntlm.c: Fail compile if MD4 is not available (#632) sql.c: Finish reading residual return data (#639) CVE-2022-24407 Escape password for SQL insert/update commands. sasldb: ------- db_gdbm.c: fix gdbm_errno overlay from gdbm_close DIGEST-MD5 plugin: ------------------ Prevent double free of RC4 context Use OpenSSL RC4 implementation if available SCRAM plugin: ------------ Return BADAUTH on incorrect password (#545) Add -224, -384, -512 (#552) Remove SCRAM_HASH_SIZE Add function to return SCRAM auth method name Allocate enough memory in scam_setpass() Add function to sort SCRAM methods by hash strength Update windows build for newer SCRAM options saslauthd: --------- auth_httpform.c: Avoid signed overflow with non-ascii characters (#576) auth_krb5.c: support setting an explicit auth_krb5 server name support setting an explicit servername with Heimdal unify the MIT and Heimdal auth_krb5 implementations Remove call to krbtf auth_rimap.c: provide native memmem implementation if missing lak.c: Allow LDAP_OPT_X_TLS_REQUIRE_CERT to be 0 (no certificate verification) lak.h: Increase supported DN length to 4096 (#626) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes: Use new CVE_CHECK_IGNORE variableKhem Raj2022-02-211-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes: Update SRC_URI branch and protocolsRichard Purdie2021-11-031-1/+1
| | | | | | | | | This patch updates SRC_URIs using git to include branch=master if no branch is set and also to use protocol=https for github urls as generated by the conversion script in OE-Core. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Convert to new override syntaxMartin Jansa2021-08-031-11/+11
| | | | | | | | | | This is the result of automated script (0.9.1) conversion: oe-core/scripts/contrib/convert-overrides.py . converting the metadata to use ":" as the override character instead of "_". Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* cyrus-sasl: add CVE-2020-8032 to allowlistito-yuichi@fujitsu.com2021-06-111-0/+3
| | | | | | | This affects only openSUSE, so add it to allowlist. Signed-off-by: Yuichi Ito <ito-yuichi@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cyrus-sasl: Disable ntlm plugin by defaultKhem Raj2020-12-231-1/+1
| | | | | | | | | ntlm requires md4 algorith defines which is now disabled in openssl recipe by default also see [1] [1] https://github.com/cyrusimap/cyrus-sasl/issues/632 Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cyrus-sasl: fix CVE-2019-19906Changqing Li2020-02-271-0/+1
| | | | | Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cyrus-sasl: Clarify BSD license variantChristophe PRIOUZEAU2019-10-241-1/+1
| | | | | | The License of cyrus-sasl is BSD-4-Clause. Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cyrus-sasl: fix parallel build issueHongxu Jia2018-09-141-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | While building plugins, each <plugin>.c requires a <plugin>_init.c, and the <plugin>_init.c is dynamically generated by makeinit.sh. But the makeinit.sh generates all *_init.c (13 mechanism plugins, 3 auxprop plugins) at one time, if there are multiple plugins, there will be multiple makeinit.sh invoking. It caused a parallel issue, the *_init.c files will be generated repeatedly. It occasionally generate dapdb_init.c incorrectly [snip plugins/ldapdb_init.c] SASL_CANONUSER_PLUG_INIT( ldapdb ) SASL_CANONUSER_PLUG_INIT( ldapdb ) SASL_CANONUSER_PLUG_INIT( ldapdb ) [snip plugins/ldapdb_init.c] Let makeinit.sh generate the expected <plugin>_init.c which is exactly required by <plugin>.c. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cyrus-sasl: fix build out of source tree failed while configuring with ↵Hongxu Jia2018-09-121-0/+1
| | | | | | | | | | | | | | | | `--enable-ldapdb' [snip] | powerpc-wrs-linux-gcc [snip] -I../common |../../git/saslauthd/lak.c:58:10: fatal error: crypto-compat.h: No such file or directory [snip] The crypto-compat.h locates in git/common/, it should be | `-I../../git/common' Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cyrus-sasl: do not set CLEANBROKENQi.Chen@windriver.com2018-09-101-1/+0
| | | | | | | | | | | | | | | | | | | | | A previous commit set CLEANBROKEN to "1" to claim to fix the following error. Fixed rebuild error: configure: error: changes in the environment can compromise the build configure: error: run `make distclean' and/or `rm .././config.cache' and start over configure: error: ./configure failed for saslauthd However, I'm still seeing these errors! The actual problem is about autotools.bbclass not cleaning things up. It just uses 'make clean' while maybe 'make distclean' and 'rm -f ${B}/config.cache' also needs to be there. In fact, setting CLEANBROKEN will do no cleanup except removing some .la files. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cyrus-sasl: Update to 2.1.27-rc7Khem Raj2018-09-051-0/+96
This update also fixes build failures with openSSL 1.1.x Drop patches which are not required anymore Backport a proposed patch to fix build on musl Readjust configure options since some of the options are not available anymore Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-07 05:25:57 +0000