summaryrefslogtreecommitdiff
path: root/testing/cyrus-sasl
diff options
context:
space:
mode:
Diffstat (limited to 'testing/cyrus-sasl')
-rw-r--r--testing/cyrus-sasl/0003_saslauthd_mdoc.patch35
-rw-r--r--testing/cyrus-sasl/0010_maintainer_mode.patch19
-rw-r--r--testing/cyrus-sasl/0011_saslauthd_ac_prog_libtool.patch15
-rw-r--r--testing/cyrus-sasl/0012_xopen_crypt_prototype.patch20
-rw-r--r--testing/cyrus-sasl/0016_pid_file_lock_creation_mask.patch27
-rw-r--r--testing/cyrus-sasl/0018_auth_rimap_quotes.patch35
-rw-r--r--testing/cyrus-sasl/0019_ldap_deprecated.patch22
-rw-r--r--testing/cyrus-sasl/0022_gcc4.4_preprocessor_syntax.patch26
-rw-r--r--testing/cyrus-sasl/0025_ld_as_needed.patch27
-rw-r--r--testing/cyrus-sasl/0026_drop_krb5support_dependency.patch14
-rw-r--r--testing/cyrus-sasl/0027_db5_support.patch24
-rw-r--r--testing/cyrus-sasl/0030-dont_use_la_files_for_opening_plugins.patch134
-rw-r--r--testing/cyrus-sasl/PKGBUILD203
-rw-r--r--testing/cyrus-sasl/cyrus-sasl-2.1.19-checkpw.c.patch170
-rw-r--r--testing/cyrus-sasl/cyrus-sasl-2.1.22-as-needed.patch11
-rw-r--r--testing/cyrus-sasl/cyrus-sasl-2.1.22-automake-1.10.patch94
-rw-r--r--testing/cyrus-sasl/cyrus-sasl-2.1.22-crypt.patch71
-rw-r--r--testing/cyrus-sasl/cyrus-sasl-2.1.22-qa.patch22
-rw-r--r--testing/cyrus-sasl/cyrus-sasl-2.1.23-authd-fix.patch28
-rw-r--r--testing/cyrus-sasl/saslauthd49
-rw-r--r--testing/cyrus-sasl/saslauthd.conf.d1
21 files changed, 1047 insertions, 0 deletions
diff --git a/testing/cyrus-sasl/0003_saslauthd_mdoc.patch b/testing/cyrus-sasl/0003_saslauthd_mdoc.patch
new file mode 100644
index 000000000..694f4bb67
--- /dev/null
+++ b/testing/cyrus-sasl/0003_saslauthd_mdoc.patch
@@ -0,0 +1,35 @@
+0003_saslauthd_mdoc.dpatch by <fabbe@debian.org>
+
+Use the correct path for the saslauthd.conf file, and use another
+date format (cosmetic).
+
+diff -urNad trunk~/saslauthd/saslauthd.mdoc trunk/saslauthd/saslauthd.mdoc
+--- trunk~/saslauthd/saslauthd.mdoc 2006-05-29 22:52:42.000000000 +0300
++++ trunk/saslauthd/saslauthd.mdoc 2006-07-12 15:05:25.000000000 +0300
+@@ -10,7 +10,7 @@
+ .\" manpage in saslauthd.8 whenever you change this source
+ .\" version. Only the pre-formatted manpage is installed.
+ .\"
+-.Dd 10 24 2002
++.Dd October 24 2002
+ .Dt SASLAUTHD 8
+ .Os "CMU-SASL"
+ .Sh NAME
+@@ -216,7 +216,7 @@
+ .Em (All platforms that support OpenLDAP 2.0 or higher)
+ .Pp
+ Authenticate against an ldap server. The ldap configuration parameters are
+-read from /usr/local/etc/saslauthd.conf. The location of this file can be
++read from /etc/saslauthd.conf. The location of this file can be
+ changed with the -O parameter. See the LDAP_SASLAUTHD file included with the
+ distribution for the list of available parameters.
+ .It Li sia
+@@ -249,7 +249,7 @@
+ .Bl -tag -width "/var/run/saslauthd/mux"
+ .It Pa /var/run/saslauthd/mux
+ The default communications socket.
+-.It Pa /usr/local/etc/saslauthd.conf
++.It Pa /etc/saslauthd.conf
+ The default configuration file for ldap support.
+ .El
+ .Sh SEE ALSO
diff --git a/testing/cyrus-sasl/0010_maintainer_mode.patch b/testing/cyrus-sasl/0010_maintainer_mode.patch
new file mode 100644
index 000000000..cf3d02a08
--- /dev/null
+++ b/testing/cyrus-sasl/0010_maintainer_mode.patch
@@ -0,0 +1,19 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 0010_maintainer_mode.dpatch by <fabbe@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Enable maintainer mode to avoid auto* problems.
+
+@DPATCH@
+diff -urNad trunk~/configure.in trunk/configure.in
+--- trunk~/configure.in 2006-05-29 22:52:46.000000000 +0300
++++ trunk/configure.in 2006-11-01 23:24:55.000000000 +0200
+@@ -62,6 +62,8 @@
+ AM_INIT_AUTOMAKE(cyrus-sasl, 2.1.22)
+ CMU_INIT_AUTOMAKE
+
++AM_MAINTAINER_MODE
++
+ # and include our config dir scripts
+ ACLOCAL="$ACLOCAL -I \$(top_srcdir)/config"
+
diff --git a/testing/cyrus-sasl/0011_saslauthd_ac_prog_libtool.patch b/testing/cyrus-sasl/0011_saslauthd_ac_prog_libtool.patch
new file mode 100644
index 000000000..3805b4857
--- /dev/null
+++ b/testing/cyrus-sasl/0011_saslauthd_ac_prog_libtool.patch
@@ -0,0 +1,15 @@
+0011_saslauthd_ac_prog_libtool.dpatch by <fabbe@debian.org>
+
+Enable libtool use.
+
+diff -urNad trunk~/saslauthd/configure.in trunk/saslauthd/configure.in
+--- trunk~/saslauthd/configure.in 2006-05-29 22:52:42.000000000 +0300
++++ trunk/saslauthd/configure.in 2006-11-01 23:41:51.000000000 +0200
+@@ -25,6 +25,7 @@
+ AC_PROG_MAKE_SET
+ AC_PROG_LN_S
+ AC_PROG_INSTALL
++AC_PROG_LIBTOOL
+
+ dnl Checks for build foo
+ CMU_C___ATTRIBUTE__
diff --git a/testing/cyrus-sasl/0012_xopen_crypt_prototype.patch b/testing/cyrus-sasl/0012_xopen_crypt_prototype.patch
new file mode 100644
index 000000000..d50ec8343
--- /dev/null
+++ b/testing/cyrus-sasl/0012_xopen_crypt_prototype.patch
@@ -0,0 +1,20 @@
+0012_xopen_crypt_prototype.dpatch by <dannf@debian.org>
+
+When _XOPEN_SOURCE is defined, the subsequent #include <unistd.h>
+will define a correct function prototype for the crypt function.
+This avoids segfaults on architectures where the size of a pointer
+is greater than the size of an integer (ia64 and amd64 are examples).
+This may be detected by looking for build log lines such as the
+following:
+auth_shadow.c:183: warning: implicit declaration of function ‘crypt’
+auth_shadow.c:183: warning: cast to pointer from integer of different
+size
+
+diff -urNad trunk~/saslauthd/auth_shadow.c trunk/saslauthd/auth_shadow.c
+--- trunk~/saslauthd/auth_shadow.c 2006-05-29 22:52:42.000000000 +0300
++++ trunk/saslauthd/auth_shadow.c 2006-11-08 13:44:23.000000000 +0200
+@@ -1,3 +1,4 @@
++#define _XOPEN_SOURCE
+ #define PWBUFSZ 256 /***SWB***/
+
+ /* MODULE: auth_shadow */
diff --git a/testing/cyrus-sasl/0016_pid_file_lock_creation_mask.patch b/testing/cyrus-sasl/0016_pid_file_lock_creation_mask.patch
new file mode 100644
index 000000000..e9170cef3
--- /dev/null
+++ b/testing/cyrus-sasl/0016_pid_file_lock_creation_mask.patch
@@ -0,0 +1,27 @@
+0016_pid_file_lock_creation_mask.dpatch by Sam Hocevar <sam@zoy.org>
+
+pid_file_lock is created with a mask of 644 instead of 0644.
+This patch fixes this octal/decimal confusion as well as the
+(harmless) one in the previous umask() call.
+
+diff -urNad trunk~/saslauthd/saslauthd-main.c trunk/saslauthd/saslauthd-main.c
+--- trunk~/saslauthd/saslauthd-main.c 2006-05-29 22:52:42.000000000 +0300
++++ trunk/saslauthd/saslauthd-main.c 2007-06-26 12:07:10.000000000 +0300
+@@ -276,7 +276,7 @@
+ exit(1);
+ }
+
+- umask(077);
++ umask(0077);
+
+ pid_file_size = strlen(run_path) + sizeof(PID_FILE_LOCK) + 1;
+ if ((pid_file_lock = malloc(pid_file_size)) == NULL) {
+@@ -287,7 +287,7 @@
+ strlcpy(pid_file_lock, run_path, pid_file_size);
+ strlcat(pid_file_lock, PID_FILE_LOCK, pid_file_size);
+
+- if ((pid_file_lock_fd = open(pid_file_lock, O_CREAT|O_TRUNC|O_RDWR, 644)) < 0) {
++ if ((pid_file_lock_fd = open(pid_file_lock, O_CREAT|O_TRUNC|O_RDWR, 0644)) < 0) {
+ rc = errno;
+ logger(L_ERR, L_FUNC, "could not open pid lock file: %s", pid_file_lock);
+ logger(L_ERR, L_FUNC, "open: %s", strerror(rc));
diff --git a/testing/cyrus-sasl/0018_auth_rimap_quotes.patch b/testing/cyrus-sasl/0018_auth_rimap_quotes.patch
new file mode 100644
index 000000000..13fa999f0
--- /dev/null
+++ b/testing/cyrus-sasl/0018_auth_rimap_quotes.patch
@@ -0,0 +1,35 @@
+0016_auth_rimap_quotes.dpatch by <fabbe@debian.org>
+
+All lines beginning with `## DP:' are a description of the patch.
+Avoid infinite loop when username/password has a double quote character.
+Upstream change: https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/saslauthd/auth_rimap.c.diff?r1=1.12;r2=1.13
+
+diff -urNad etch~/saslauthd/auth_rimap.c etch/saslauthd/auth_rimap.c
+--- etch~/saslauthd/auth_rimap.c 2007-03-29 15:16:20.000000000 +0300
++++ etch/saslauthd/auth_rimap.c 2008-02-13 13:42:53.000000000 +0200
+@@ -162,6 +162,7 @@
+ num_quotes = 0;
+ p1 = s;
+ while ((p1 = strchr(p1, '"')) != NULL) {
++ p1++;
+ num_quotes++;
+ }
+
+@@ -438,7 +439,7 @@
+ syslog(LOG_WARNING, "auth_rimap: writev: %m");
+ memset(qlogin, 0, strlen(qlogin));
+ free(qlogin);
+- memset(qpass, 0, strlen(qlogin));
++ memset(qpass, 0, strlen(qpass));
+ free(qpass);
+ (void)close(s);
+ return strdup(RESP_IERROR);
+@@ -447,7 +448,7 @@
+ /* don't need these any longer */
+ memset(qlogin, 0, strlen(qlogin));
+ free(qlogin);
+- memset(qpass, 0, strlen(qlogin));
++ memset(qpass, 0, strlen(qpass));
+ free(qpass);
+
+ /* read and parse the LOGIN response */
diff --git a/testing/cyrus-sasl/0019_ldap_deprecated.patch b/testing/cyrus-sasl/0019_ldap_deprecated.patch
new file mode 100644
index 000000000..8825256cb
--- /dev/null
+++ b/testing/cyrus-sasl/0019_ldap_deprecated.patch
@@ -0,0 +1,22 @@
+0019_ldap_deprecated.dpatch by dann frazier <dannf@debian.org>
+
+The function ldap_get_values, used in saslauthd/lak.c, is deprecated.
+Therefore, its prototype is not included by default when compiling
+against the ldap.h headers. As a result, the compiler cannot know the
+return type of the function at compile time, and will implicitly
+convert to a pointer. This has implications on 64-bit systems.
+This patch sets the deprecation mode on, so that the function prototype
+gets included when compiling.
+(Description by Fabian Fagerholm <fabbe@debian.org>)
+
+diff -urNad trunk~/saslauthd/lak.c trunk/saslauthd/lak.c
+--- trunk~/saslauthd/lak.c 2006-06-04 12:26:20.000000000 +0300
++++ trunk/saslauthd/lak.c 2008-02-15 14:32:11.000000000 +0200
+@@ -55,6 +55,7 @@
+ #include <openssl/des.h>
+ #endif
+
++#define LDAP_DEPRECATED 1
+ #include <ldap.h>
+ #include <lber.h>
+ #include <sasl.h>
diff --git a/testing/cyrus-sasl/0022_gcc4.4_preprocessor_syntax.patch b/testing/cyrus-sasl/0022_gcc4.4_preprocessor_syntax.patch
new file mode 100644
index 000000000..a49b553f0
--- /dev/null
+++ b/testing/cyrus-sasl/0022_gcc4.4_preprocessor_syntax.patch
@@ -0,0 +1,26 @@
+0022_gcc4.4_preprocessor_syntax.dpatch by <fabbe@paniq.net>
+
+The #elif preprocessor directive requires a test condition.
+GCC 4.4 enforces this rule.
+
+diff -urNad trunk~/plugins/digestmd5.c trunk/plugins/digestmd5.c
+--- trunk~/plugins/digestmd5.c 2006-06-04 12:26:19.000000000 +0300
++++ trunk/plugins/digestmd5.c 2009-01-26 13:29:40.000000000 +0200
+@@ -2715,7 +2715,7 @@
+ "DIGEST-MD5", /* mech_name */
+ #ifdef WITH_RC4
+ 128, /* max_ssf */
+-#elif WITH_DES
++#elif defined(WITH_DES)
+ 112,
+ #else
+ 1,
+@@ -4034,7 +4034,7 @@
+ "DIGEST-MD5",
+ #ifdef WITH_RC4 /* mech_name */
+ 128, /* max ssf */
+-#elif WITH_DES
++#elif defined(WITH_DES)
+ 112,
+ #else
+ 1,
diff --git a/testing/cyrus-sasl/0025_ld_as_needed.patch b/testing/cyrus-sasl/0025_ld_as_needed.patch
new file mode 100644
index 000000000..67b48b4a4
--- /dev/null
+++ b/testing/cyrus-sasl/0025_ld_as_needed.patch
@@ -0,0 +1,27 @@
+Author: Matthias Klose <doko@ubuntu.com>
+Desription: Fix FTBFS, add $(SASL_DB_LIB) as dependency to libsasldb, and use
+it.
+--- a/saslauthd/Makefile.am
++++ b/saslauthd/Makefile.am
+@@ -16,7 +16,7 @@ EXTRA_saslauthd_sources = getaddrinfo.c
+ saslauthd_DEPENDENCIES = saslauthd-main.o @LTLIBOBJS@
+ saslauthd_LDADD = @SASL_KRB_LIB@ \
+ @GSSAPIBASE_LIBS@ @GSSAPI_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \
+- @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@
++ @LIB_SOCKET@ ../sasldb/libsasldb.la @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@
+
+ testsaslauthd_SOURCES = testsaslauthd.c utils.c
+ testsaslauthd_LDADD = @LIB_SOCKET@
+--- a/sasldb/Makefile.am
++++ b/sasldb/Makefile.am
+@@ -55,8 +55,8 @@ noinst_LIBRARIES = libsasldb.a
+
+ libsasldb_la_SOURCES = allockey.c sasldb.h
+ EXTRA_libsasldb_la_SOURCES = $(extra_common_sources)
+-libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND)
+-libsasldb_la_LIBADD = $(SASL_DB_BACKEND)
++libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
++libsasldb_la_LIBADD = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
+
+ # Prevent make dist stupidity
+ libsasldb_a_SOURCES =
diff --git a/testing/cyrus-sasl/0026_drop_krb5support_dependency.patch b/testing/cyrus-sasl/0026_drop_krb5support_dependency.patch
new file mode 100644
index 000000000..cc00867ef
--- /dev/null
+++ b/testing/cyrus-sasl/0026_drop_krb5support_dependency.patch
@@ -0,0 +1,14 @@
+Author: Roberto C. Sanchez <roberto@connexer.com>
+Description: Drop gratuitous dependency on krb5support
+--- a/cmulocal/sasl2.m4
++++ b/cmulocal/sasl2.m4
+@@ -112,9 +112,6 @@ if test "$gssapi" != no; then
+ fi
+
+ if test "$gss_impl" = "auto" -o "$gss_impl" = "mit"; then
+- # check for libkrb5support first
+- AC_CHECK_LIB(krb5support,krb5int_getspecific,K5SUP=-lkrb5support K5SUPSTATIC=$gssapi_dir/libkrb5support.a,,${LIB_SOCKET})
+-
+ gss_failed=0
+ AC_CHECK_LIB(gssapi_krb5,gss_unwrap,gss_impl="mit",gss_failed=1,
+ ${GSSAPIBASE_LIBS} -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err ${K5SUP} ${LIB_SOCKET})
diff --git a/testing/cyrus-sasl/0027_db5_support.patch b/testing/cyrus-sasl/0027_db5_support.patch
new file mode 100644
index 000000000..522824074
--- /dev/null
+++ b/testing/cyrus-sasl/0027_db5_support.patch
@@ -0,0 +1,24 @@
+Author: Ondřej Surý <ondrej@debian.org>
+Description: Support newer Berkeley DB versions
+--- a/sasldb/db_berkeley.c
++++ b/sasldb/db_berkeley.c
+@@ -101,7 +101,7 @@ static int berkeleydb_open(const sasl_ut
+ ret = db_create(mbdb, NULL, 0);
+ if (ret == 0 && *mbdb != NULL)
+ {
+-#if DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1
++#if (DB_VERSION_MAJOR > 4) || ((DB_VERSION_MAJOR == 4) && (DB_VERSION_MINOR >= 1))
+ ret = (*mbdb)->open(*mbdb, NULL, path, NULL, DB_HASH, flags, 0660);
+ #else
+ ret = (*mbdb)->open(*mbdb, path, NULL, DB_HASH, flags, 0660);
+--- a/utils/dbconverter-2.c
++++ b/utils/dbconverter-2.c
+@@ -214,7 +214,7 @@ static int berkeleydb_open(const char *p
+ ret = db_create(mbdb, NULL, 0);
+ if (ret == 0 && *mbdb != NULL)
+ {
+-#if DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1
++#if (DB_VERSION_MAJOR > 4) || ((DB_VERSION_MAJOR == 4) && (DB_VERSION_MINOR >= 1))
+ ret = (*mbdb)->open(*mbdb, NULL, path, NULL, DB_HASH, DB_CREATE, 0664);
+ #else
+ ret = (*mbdb)->open(*mbdb, path, NULL, DB_HASH, DB_CREATE, 0664);
diff --git a/testing/cyrus-sasl/0030-dont_use_la_files_for_opening_plugins.patch b/testing/cyrus-sasl/0030-dont_use_la_files_for_opening_plugins.patch
new file mode 100644
index 000000000..14a322496
--- /dev/null
+++ b/testing/cyrus-sasl/0030-dont_use_la_files_for_opening_plugins.patch
@@ -0,0 +1,134 @@
+--- a/lib/dlopen.c
++++ b/lib/dlopen.c
+@@ -247,105 +247,6 @@ static int _sasl_plugin_load(char *plugi
+ return result;
+ }
+
+-/* this returns the file to actually open.
+- * out should be a buffer of size PATH_MAX
+- * and may be the same as in. */
+-
+-/* We'll use a static buffer for speed unless someone complains */
+-#define MAX_LINE 2048
+-
+-static int _parse_la(const char *prefix, const char *in, char *out)
+-{
+- FILE *file;
+- size_t length;
+- char line[MAX_LINE];
+- char *ntmp = NULL;
+-
+- if(!in || !out || !prefix || out == in) return SASL_BADPARAM;
+-
+- /* Set this so we can detect failure */
+- *out = '\0';
+-
+- length = strlen(in);
+-
+- if (strcmp(in + (length - strlen(LA_SUFFIX)), LA_SUFFIX)) {
+- if(!strcmp(in + (length - strlen(SO_SUFFIX)),SO_SUFFIX)) {
+- /* check for a .la file */
+- strcpy(line, prefix);
+- strcat(line, in);
+- length = strlen(line);
+- *(line + (length - strlen(SO_SUFFIX))) = '\0';
+- strcat(line, LA_SUFFIX);
+- file = fopen(line, "r");
+- if(file) {
+- /* We'll get it on the .la open */
+- fclose(file);
+- return SASL_FAIL;
+- }
+- }
+- strcpy(out, prefix);
+- strcat(out, in);
+- return SASL_OK;
+- }
+-
+- strcpy(line, prefix);
+- strcat(line, in);
+-
+- file = fopen(line, "r");
+- if(!file) {
+- _sasl_log(NULL, SASL_LOG_WARN,
+- "unable to open LA file: %s", line);
+- return SASL_FAIL;
+- }
+-
+- while(!feof(file)) {
+- if(!fgets(line, MAX_LINE, file)) break;
+- if(line[strlen(line) - 1] != '\n') {
+- _sasl_log(NULL, SASL_LOG_WARN,
+- "LA file has too long of a line: %s", in);
+- return SASL_BUFOVER;
+- }
+- if(line[0] == '\n' || line[0] == '#') continue;
+- if(!strncmp(line, "dlname=", sizeof("dlname=") - 1)) {
+- /* We found the line with the name in it */
+- char *end;
+- char *start;
+- size_t len;
+- end = strrchr(line, '\'');
+- if(!end) continue;
+- start = &line[sizeof("dlname=")-1];
+- len = strlen(start);
+- if(len > 3 && start[0] == '\'') {
+- ntmp=&start[1];
+- *end='\0';
+- /* Do we have dlname="" ? */
+- if(ntmp == end) {
+- _sasl_log(NULL, SASL_LOG_DEBUG,
+- "dlname is empty in .la file: %s", in);
+- return SASL_FAIL;
+- }
+- strcpy(out, prefix);
+- strcat(out, ntmp);
+- }
+- break;
+- }
+- }
+- if(ferror(file) || feof(file)) {
+- _sasl_log(NULL, SASL_LOG_WARN,
+- "Error reading .la: %s\n", in);
+- fclose(file);
+- return SASL_FAIL;
+- }
+- fclose(file);
+-
+- if(!(*out)) {
+- _sasl_log(NULL, SASL_LOG_WARN,
+- "Could not find a dlname line in .la file: %s", in);
+- return SASL_FAIL;
+- }
+-
+- return SASL_OK;
+-}
+ #endif /* DO_DLOPEN */
+
+ /* loads a plugin library */
+@@ -499,18 +400,18 @@ int _sasl_load_plugins(const add_plugin_
+ if (length + pos>=PATH_MAX) continue; /* too big */
+
+ if (strcmp(dir->d_name + (length - strlen(SO_SUFFIX)),
+- SO_SUFFIX)
+- && strcmp(dir->d_name + (length - strlen(LA_SUFFIX)),
+- LA_SUFFIX))
++ SO_SUFFIX))
+ continue;
+
++ /* We only use .so files for loading plugins */
++
+ memcpy(name,dir->d_name,length);
+ name[length]='\0';
+
+- result = _parse_la(prefix, name, tmp);
+- if(result != SASL_OK)
+- continue;
+-
++ /* Create full name with path */
++ strncpy(tmp, prefix, PATH_MAX);
++ strncat(tmp, name, PATH_MAX);
++
+ /* skip "lib" and cut off suffix --
+ this only need be approximate */
+ strcpy(plugname, name + 3);
diff --git a/testing/cyrus-sasl/PKGBUILD b/testing/cyrus-sasl/PKGBUILD
new file mode 100644
index 000000000..f4d80b6a6
--- /dev/null
+++ b/testing/cyrus-sasl/PKGBUILD
@@ -0,0 +1,203 @@
+# $Id: PKGBUILD 134446 2011-08-03 20:43:28Z jgc $
+# Maintainer: Jan de Groot <jgc@archlinux.org>
+
+# This package spans multiple repositories.
+# Always build from cyrus-sasl/trunk and merge changes to libsasl/trunk.
+
+pkgbase=('cyrus-sasl')
+pkgname=('cyrus-sasl' 'cyrus-sasl-gssapi' 'cyrus-sasl-ldap' 'cyrus-sasl-sql')
+#pkgname=libsasl
+pkgver=2.1.23
+pkgrel=7
+pkgdesc="Cyrus Simple Authentication Service Layer (SASL) library"
+arch=('i686' 'x86_64')
+url="http://cyrusimap.web.cmu.edu/downloads.html#sasl"
+license=('custom')
+options=('!makeflags' '!libtool')
+makedepends=('postgresql-libs' 'libmysqlclient' 'libldap' 'krb5' 'openssl')
+source=(ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-${pkgver}.tar.gz
+ cyrus-sasl-2.1.19-checkpw.c.patch
+ cyrus-sasl-2.1.22-crypt.patch
+ cyrus-sasl-2.1.22-qa.patch
+ cyrus-sasl-2.1.22-automake-1.10.patch
+ cyrus-sasl-2.1.23-authd-fix.patch
+ 0003_saslauthd_mdoc.patch
+ 0010_maintainer_mode.patch
+ 0011_saslauthd_ac_prog_libtool.patch
+ 0012_xopen_crypt_prototype.patch
+ 0016_pid_file_lock_creation_mask.patch
+ 0018_auth_rimap_quotes.patch
+ 0019_ldap_deprecated.patch
+ 0022_gcc4.4_preprocessor_syntax.patch
+ 0025_ld_as_needed.patch
+ 0026_drop_krb5support_dependency.patch
+ 0027_db5_support.patch
+ 0030-dont_use_la_files_for_opening_plugins.patch
+ saslauthd.conf.d
+ saslauthd)
+md5sums=('2eb0e48106f0e9cd8001e654f267ecbc'
+ 'e27ddff076342e7a3041c4759817d04b'
+ 'd7e6886e88af04d05f3dec7f0a59ccf7'
+ '79b8a5e8689989e2afd4b7bda595a7b1'
+ 'f4131b077ddb5240b375d749162f1b7a'
+ 'c7ad2c70c1ef814eb4b119f316c064f2'
+ 'caeeac3feba19cbbd36e7345cc805600'
+ 'f45d8b60e8f74dd7f7c2ec1665fa602a'
+ '9d93880514cb5ff5da969f1ceb64a661'
+ 'dfdc052a7e678db9f687482c5d52f34e'
+ '4a09f6b24b91f8450892a78e378860da'
+ '213abe7c5dfe0d7f446992787da1e780'
+ '5a0321177ad30cb5518c8b6812e3961a'
+ '0c965748970eea29fa295524821d43f0'
+ '62bf892fe4d1df41ff748e91a1afaf67'
+ 'b7848957357e7c02d6490102be496bf9'
+ 'd86a5aa2e3b5b7c1bad6f8b548b7ea36'
+ '8e7106f32e495e9ade69014fd1b3352a'
+ '49219af5641150edec288a3fdb65e7c1'
+ '75542f613185d5a90520ad0d7d926a20')
+
+build() {
+ cd "${srcdir}/cyrus-sasl-${pkgver}"
+ patch -Np1 -i "${srcdir}/cyrus-sasl-2.1.19-checkpw.c.patch"
+ patch -Np1 -i "${srcdir}/cyrus-sasl-2.1.22-crypt.patch"
+ patch -Np1 -i "${srcdir}/cyrus-sasl-2.1.22-qa.patch"
+ patch -Np1 -i "${srcdir}/cyrus-sasl-2.1.22-automake-1.10.patch"
+ patch -Np0 -i "${srcdir}/cyrus-sasl-2.1.23-authd-fix.patch"
+ patch -Np1 -i "${srcdir}/0003_saslauthd_mdoc.patch"
+ patch -Np1 -i "${srcdir}/0010_maintainer_mode.patch"
+ patch -Np1 -i "${srcdir}/0011_saslauthd_ac_prog_libtool.patch"
+ patch -Np1 -i "${srcdir}/0012_xopen_crypt_prototype.patch"
+ patch -Np1 -i "${srcdir}/0016_pid_file_lock_creation_mask.patch"
+ patch -Np1 -i "${srcdir}/0018_auth_rimap_quotes.patch"
+ patch -Np1 -i "${srcdir}/0019_ldap_deprecated.patch"
+ patch -Np1 -i "${srcdir}/0022_gcc4.4_preprocessor_syntax.patch"
+ patch -Np1 -i "${srcdir}/0025_ld_as_needed.patch"
+ patch -Np1 -i "${srcdir}/0026_drop_krb5support_dependency.patch"
+ patch -Np1 -i "${srcdir}/0027_db5_support.patch"
+ patch -Np1 -i "${srcdir}/0030-dont_use_la_files_for_opening_plugins.patch"
+
+ rm -f config/config.guess config/config.sub
+ rm -f config/ltconfig config/ltmain.sh config/libtool.m4
+ rm -fr autom4te.cache
+ libtoolize -c
+ aclocal -I config -I cmulocal
+ automake -a -c
+ autoheader
+ autoconf
+
+ pushd saslauthd
+ rm -f config/config.guess config/config.sub
+ rm -f config/ltconfig config/ltmain.sh config/libtool.m4
+ rm -fr autom4te.cache
+ libtoolize -c
+ aclocal -I config -I ../cmulocal -I ../config
+ automake -a -c
+ autoheader
+ autoconf
+ popd
+
+ ./configure --prefix=/usr \
+ --mandir=/usr/share/man \
+ --infodir=/usr/share/info \
+ --disable-static \
+ --enable-shared \
+ --enable-alwaystrue \
+ --enable-checkapop \
+ --enable-cram \
+ --enable-digest \
+ --disable-otp \
+ --disable-srp \
+ --disable-srp-setpass \
+ --disable-krb4 \
+ --enable-gssapi \
+ --enable-auth-sasldb \
+ --enable-plain \
+ --enable-anon \
+ --enable-login \
+ --enable-ntlm \
+ --disable-passdss \
+ --enable-sql \
+ --enable-ldapdb \
+ --disable-macos-framework \
+ --with-pam \
+ --with-saslauthd=/var/run/saslauthd \
+ --with-ldap \
+ --with-configdir=/etc/sasl2:/etc/sasl:/usr/lib/sasl2 \
+ --sysconfdir=/etc \
+ --with-devrandom=/dev/urandom
+ make
+}
+
+package_libsasl() {
+ pkgdesc="Cyrus Simple Authentication Service Layer (SASL) Library"
+ depends=('openssl')
+ provides=('cyrus-sasl-plugins')
+ conflicts=('cyrus-sasl-plugins')
+
+ cd "${srcdir}/cyrus-sasl-${pkgver}"
+ for dir in include lib sasldb plugins utils; do
+ pushd ${dir}
+ make DESTDIR="${pkgdir}" install
+ popd
+ done
+ rm -f "${pkgdir}"/usr/lib/sasl2/libsql.so*
+ rm -f "${pkgdir}"/usr/lib/sasl2/libgssapiv2.so*
+ rm -f "${pkgdir}"/usr/lib/sasl2/libldapdb.so*
+ install -m755 -d "${pkgdir}/usr/share/licenses/libsasl"
+ install -m644 COPYING "${pkgdir}/usr/share/licenses/libsasl/"
+}
+
+package_cyrus-sasl() {
+ depends=("libsasl=${pkgver}-${pkgrel}")
+ pkgdesc="Cyrus saslauthd SASL authentication daemon"
+ backup=('etc/conf.d/saslauthd')
+
+ cd "${srcdir}/cyrus-sasl-${pkgver}/saslauthd"
+ make DESTDIR="${pkgdir}" install
+ install -m755 -d "${pkgdir}/etc/rc.d"
+ install -m755 -d "${pkgdir}/etc/conf.d"
+ install -m755 "${srcdir}/saslauthd" "${pkgdir}/etc/rc.d/"
+ install -m644 "${srcdir}/saslauthd.conf.d" "${pkgdir}/etc/conf.d/saslauthd"
+
+ install -m755 -d "${pkgdir}/usr/share/licenses/cyrus-sasl"
+ ln -sf ../libsasl/COPYING "${pkgdir}/usr/share/licenses/cyrus-sasl/"
+}
+
+package_cyrus-sasl-gssapi() {
+ pkgdesc="GSSAPI authentication mechanism for Cyrus SASL"
+ depends=("libsasl=${pkgver}-${pkgrel}" 'krb5')
+ replaces=('cyrus-sasl-plugins')
+
+ cd "${srcdir}/cyrus-sasl-${pkgver}/plugins"
+ install -m755 -d "${pkgdir}/usr/lib/sasl2"
+ cp -a .libs/libgssapiv2.so* "${pkgdir}/usr/lib/sasl2/"
+
+ install -m755 -d "${pkgdir}/usr/share/licenses/cyrus-sasl-gssapi"
+ ln -sf ../libsasl/COPYING "${pkgdir}/usr/share/licenses/cyrus-sasl-gssapi/"
+}
+
+package_cyrus-sasl-ldap() {
+ pkgdesc="ldapdb auxprop module for Cyrus SASL"
+ depends=("libsasl=${pkgver}-${pkgrel}" 'libldap')
+ replaces=('cyrus-sasl-plugins')
+
+ cd "${srcdir}/cyrus-sasl-${pkgver}/plugins"
+ install -m755 -d "${pkgdir}/usr/lib/sasl2"
+ cp -a .libs/libldapdb.so* "${pkgdir}/usr/lib/sasl2/"
+
+ install -m755 -d "${pkgdir}/usr/share/licenses/cyrus-sasl-ldap"
+ ln -sf ../libsasl/COPYING "${pkgdir}/usr/share/licenses/cyrus-sasl-ldap/"
+}
+
+package_cyrus-sasl-sql() {
+ pkgdesc="SQL auxprop module for Cyrus SASL"
+ depends=("libsasl=${pkgver}-${pkgrel}" 'postgresql-libs' 'libmysqlclient')
+ replaces=('cyrus-sasl-plugins')
+
+ cd "${srcdir}/cyrus-sasl-${pkgver}/plugins"
+ install -m755 -d "${pkgdir}/usr/lib/sasl2"
+ cp -a .libs/libsql.so* "${pkgdir}/usr/lib/sasl2/"
+
+ install -m755 -d "${pkgdir}/usr/share/licenses/cyrus-sasl-sql"
+ ln -sf ../libsasl/COPYING "${pkgdir}/usr/share/licenses/cyrus-sasl-sql/"
+}
diff --git a/testing/cyrus-sasl/cyrus-sasl-2.1.19-checkpw.c.patch b/testing/cyrus-sasl/cyrus-sasl-2.1.19-checkpw.c.patch
new file mode 100644
index 000000000..f7bf44b79
--- /dev/null
+++ b/testing/cyrus-sasl/cyrus-sasl-2.1.19-checkpw.c.patch
@@ -0,0 +1,170 @@
+diff -ur ../cyrus-sasl-2.1.19.orig/lib/Makefile.in ./lib/Makefile.in
+--- ../cyrus-sasl-2.1.19.orig/lib/Makefile.in 2004-07-02 21:40:15.000000000 +0200
++++ ./lib/Makefile.in 2004-09-07 13:21:22.746680576 +0200
+@@ -120,7 +120,7 @@
+ JAVA_TRUE = @JAVA_TRUE@
+ LDFLAGS = @LDFLAGS@
+ LIBOBJS = @LIBOBJS@
+-LIBS = @LIBS@
++LIBS = -lcrypt @LIBS@
+ LIBTOOL = @LIBTOOL@
+ LIB_CRYPT = @LIB_CRYPT@
+ LIB_DES = @LIB_DES@
+diff -ur ../cyrus-sasl-2.1.19.orig/lib/checkpw.c ./lib/checkpw.c
+--- ../cyrus-sasl-2.1.19.orig/lib/checkpw.c 2004-03-17 14:58:13.000000000 +0100
++++ ./lib/checkpw.c 2004-09-07 13:21:12.645916147 +0200
+@@ -94,6 +94,23 @@
+ # endif
+ #endif
+
++/******************************
++ * crypt(3) patch start *
++ ******************************/
++char *crypt(const char *key, const char *salt);
++
++/* cleartext password formats */
++#define PASSWORD_FORMAT_CLEARTEXT 1
++#define PASSWORD_FORMAT_CRYPT 2
++#define PASSWORD_FORMAT_CRYPTTRAD 3
++#define PASSWORD_SALT_BUF_LEN 22
++
++/* weeds out crypt(3) password's salt */
++int _sasl_get_salt (char *dest, char *src, int format);
++
++/******************************
++ * crypt(3) patch stop *
++ ******************************/
+
+ /* we store the following secret to check plaintext passwords:
+ *
+@@ -143,7 +160,51 @@
+ "*cmusaslsecretPLAIN",
+ NULL };
+ struct propval auxprop_values[3];
+-
++
++ /******************************
++ * crypt(3) patch start *
++ * for password format check *
++ ******************************/
++ sasl_getopt_t *getopt;
++ void *context;
++ const char *p = NULL;
++ /**
++ * MD5: 12 char salt
++ * BLOWFISH: 16 char salt
++ */
++ char salt[PASSWORD_SALT_BUF_LEN];
++ int password_format;
++
++ /* get password format from auxprop configuration */
++ if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) {
++ getopt(context, NULL, "password_format", &p, NULL);
++ }
++
++ /* set password format */
++ if (p) {
++ /*
++ memset(pass_format_str, '\0', PASSWORD_FORMAT_STR_LEN);
++ strncpy(pass_format_str, p, (PASSWORD_FORMAT_STR_LEN - 1));
++ */
++ /* modern, modular crypt(3) */
++ if (strncmp(p, "crypt", 11) == 0)
++ password_format = PASSWORD_FORMAT_CRYPT;
++ /* traditional crypt(3) */
++ else if (strncmp(p, "crypt_trad", 11) == 0)
++ password_format = PASSWORD_FORMAT_CRYPTTRAD;
++ /* cleartext password */
++ else
++ password_format = PASSWORD_FORMAT_CLEARTEXT;
++ } else {
++ /* cleartext password */
++ password_format = PASSWORD_FORMAT_CLEARTEXT;
++ }
++
++ /******************************
++ * crypt(3) patch stop *
++ * for password format check *
++ ******************************/
++
+ if (!conn || !userstr)
+ return SASL_BADPARAM;
+
+@@ -180,14 +241,31 @@
+ goto done;
+ }
+
+- /* At the point this has been called, the username has been canonified
+- * and we've done the auxprop lookup. This should be easy. */
+- if(auxprop_values[0].name
+- && auxprop_values[0].values
+- && auxprop_values[0].values[0]
+- && !strcmp(auxprop_values[0].values[0], passwd)) {
+- /* We have a plaintext version and it matched! */
+- return SASL_OK;
++
++ /******************************
++ * crypt(3) patch start *
++ ******************************/
++
++ /* get salt */
++ _sasl_get_salt(salt, (char *) auxprop_values[0].values[0], password_format);
++
++ /* crypt(3)-ed password? */
++ if (password_format != PASSWORD_FORMAT_CLEARTEXT) {
++ /* compare password */
++ if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcmp(crypt(passwd, salt), auxprop_values[0].values[0]) == 0)
++ return SASL_OK;
++ else
++ ret = SASL_BADAUTH;
++ }
++ else if (password_format == PASSWORD_FORMAT_CLEARTEXT) {
++ /* compare passwords */
++ if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcmp(auxprop_values[0].values[0], passwd) == 0)
++ return SASL_OK;
++ else
++ ret = SASL_BADAUTH;
++ /******************************
++ * crypt(3) patch stop *
++ ******************************/
+ } else if(auxprop_values[1].name
+ && auxprop_values[1].values
+ && auxprop_values[1].values[0]) {
+@@ -975,3 +1053,37 @@
+ #endif
+ { NULL, NULL }
+ };
++
++/* weeds out crypt(3) password's salt */
++int _sasl_get_salt (char *dest, char *src, int format) {
++ int num; /* how many characters is salt long? */
++ switch (format) {
++ case PASSWORD_FORMAT_CRYPT:
++ /* md5 crypt */
++ if (src[1] == '1')
++ num = 12;
++ /* blowfish crypt */
++ else if (src[1] == '2')
++ num = (src[1] == '2' && src[2] == 'a') ? 17 : 16;
++ /* traditional crypt */
++ else
++ num = 2;
++ break;
++
++ case PASSWORD_FORMAT_CRYPTTRAD:
++ num = 2;
++ break;
++
++ default:
++ return 1;
++ }
++
++ /* destroy destination */
++ memset(dest, '\0', (num + 1));
++
++ /* copy salt to destination */
++ strncpy(dest, src, num);
++
++ return 1;
++}
++
diff --git a/testing/cyrus-sasl/cyrus-sasl-2.1.22-as-needed.patch b/testing/cyrus-sasl/cyrus-sasl-2.1.22-as-needed.patch
new file mode 100644
index 000000000..1294cb507
--- /dev/null
+++ b/testing/cyrus-sasl/cyrus-sasl-2.1.22-as-needed.patch
@@ -0,0 +1,11 @@
+--- saslauthd/configure.in.orig 2006-05-23 15:53:17.000000000 -0700
++++ saslauthd/configure.in 2006-05-23 15:53:33.000000000 -0700
+@@ -77,7 +77,7 @@
+ AC_DEFINE(AUTH_SASLDB,[],[Include SASLdb Support])
+ SASL_DB_PATH_CHECK()
+ SASL_DB_CHECK()
+- SASL_DB_LIB="$SASL_DB_LIB ../sasldb/.libs/libsasldb.al"
++ SASL_DB_LIB="../sasldb/.libs/libsasldb.a $SASL_DB_LIB"
+ fi
+
+ AC_ARG_ENABLE(httpform, [ --enable-httpform enable HTTP form authentication [[no]] ],
diff --git a/testing/cyrus-sasl/cyrus-sasl-2.1.22-automake-1.10.patch b/testing/cyrus-sasl/cyrus-sasl-2.1.22-automake-1.10.patch
new file mode 100644
index 000000000..8cd71c0c5
--- /dev/null
+++ b/testing/cyrus-sasl/cyrus-sasl-2.1.22-automake-1.10.patch
@@ -0,0 +1,94 @@
+Re-merged patch by Robert Scheck <redhat@linuxnetz.de> for cyrus-sasl >= 2.1.22, which was
+originally written by Jacek Konieczny <jajcus@pld-linux.org> and makes cyrus-sasl building
+using automake 1.10.
+
+--- cyrus-sasl-2.1.22/plugins/Makefile.am 2006-05-17 18:46:16.000000000 +0200
++++ cyrus-sasl-2.1.22/plugins/Makefile.am.am110 2007-02-16 15:42:07.000000000 +0100
+@@ -82,73 +82,73 @@
+ libntlm.la libpassdss.la libsasldb.la libsql.la libldapdb.la
+
+ libplain_la_SOURCES = plain.c plain_init.c $(common_sources)
+-libplain_la_LDFLAGS = -version-info $(plain_version)
++libplain_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(plain_version)
+ libplain_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libplain_la_LIBADD = $(PLAIN_LIBS) $(COMPAT_OBJS)
+
+ libanonymous_la_SOURCES = anonymous.c anonymous_init.c $(common_sources)
+-libanonymous_la_LDFLAGS = -version-info $(anonymous_version)
++libanonymous_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(anonymous_version)
+ libanonymous_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libanonymous_la_LIBADD = $(COMPAT_OBJS)
+
+ libkerberos4_la_SOURCES = kerberos4.c kerberos4_init.c $(common_sources)
+-libkerberos4_la_LDFLAGS = -version-info $(kerberos4_version)
++libkerberos4_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(kerberos4_version)
+ libkerberos4_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libkerberos4_la_LIBADD = $(SASL_KRB_LIB) $(LIB_SOCKET) $(COMPAT_OBJS)
+
+ libgssapiv2_la_SOURCES = gssapi.c gssapiv2_init.c $(common_sources)
+-libgssapiv2_la_LDFLAGS = -version-info $(gssapiv2_version)
++libgssapiv2_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(gssapiv2_version)
+ libgssapiv2_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libgssapiv2_la_LIBADD = $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(LIB_SOCKET) $(COMPAT_OBJS)
+
+ libcrammd5_la_SOURCES = cram.c crammd5_init.c $(common_sources)
+-libcrammd5_la_LDFLAGS = -version-info $(crammd5_version)
++libcrammd5_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(crammd5_version)
+ libcrammd5_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libcrammd5_la_LIBADD = $(COMPAT_OBJS)
+
+ libdigestmd5_la_SOURCES = digestmd5.c digestmd5_init.c $(common_sources)
+-libdigestmd5_la_LDFLAGS = -version-info $(digestmd5_version)
++libdigestmd5_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(digestmd5_version)
+ libdigestmd5_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libdigestmd5_la_LIBADD = $(LIB_DES) $(LIB_SOCKET) $(COMPAT_OBJS)
+
+ liblogin_la_SOURCES = login.c login_init.c $(common_sources)
+-liblogin_la_LDFLAGS = -version-info $(login_version)
++liblogin_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(login_version)
+ liblogin_la_DEPENDENCIES = $(COMPAT_OBJS)
+ liblogin_la_LIBADD = $(PLAIN_LIBS) $(COMPAT_OBJS)
+
+ libsrp_la_SOURCES = srp.c srp_init.c $(common_sources)
+-libsrp_la_LDFLAGS = -version-info $(srp_version)
++libsrp_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(srp_version)
+ libsrp_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libsrp_la_LIBADD = $(SRP_LIBS) $(COMPAT_OBJS)
+
+ libotp_la_SOURCES = otp.c otp_init.c otp.h $(common_sources)
+-libotp_la_LDFLAGS = -version-info $(otp_version)
++libotp_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(otp_version)
+ libotp_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libotp_la_LIBADD = $(OTP_LIBS) $(COMPAT_OBJS)
+
+ libntlm_la_SOURCES = ntlm.c ntlm_init.c $(common_sources)
+-libntlm_la_LDFLAGS = -version-info $(ntlm_version)
++libntlm_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(ntlm_version)
+ libntlm_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libntlm_la_LIBADD = $(NTLM_LIBS) $(COMPAT_OBJS)
+
+ libpassdss_la_SOURCES = passdss.c passdss_init.c $(common_sources)
+-libpassdss_la_LDFLAGS = -version-info $(passdss_version)
++libpassdss_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(passdss_version)
+ libpassdss_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libpassdss_la_LIBADD = $(PASSDSS_LIBS) $(COMPAT_OBJS)
+
+ # Auxprop Plugins
+ libsasldb_la_SOURCES = sasldb.c sasldb_init.c $(common_sources)
+-libsasldb_la_LDFLAGS = -version-info $(sasldb_version)
++libsasldb_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(sasldb_version)
+ libsasldb_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libsasldb_la_LIBADD = ../sasldb/libsasldb.la $(SASL_DB_LIB) $(COMPAT_OBJS)
+
+ libldapdb_la_SOURCES = ldapdb.c ldapdb_init.c $(common_sources)
+-libldapdb_la_LDFLAGS = $(LIB_LDAP) -version-info $(ldapdb_version)
++libldapdb_la_LDFLAGS = $(AM_LDFLAGS) $(LIB_LDAP) -version-info $(ldapdb_version)
+ libldapdb_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libldapdb_la_LIBADD = $(COMPAT_OBJS)
+
+ libsql_la_SOURCES = sql.c sql_init.c $(common_sources)
+-libsql_la_LDFLAGS = $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) -version-info $(sql_version)
++libsql_la_LDFLAGS = $(AM_LDFLAGS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) -version-info $(sql_version)
+ libsql_la_DEPENDENCIES = $(COMPAT_OBJS)
+ libsql_la_LIBADD = $(COMPAT_OBJS)
+
diff --git a/testing/cyrus-sasl/cyrus-sasl-2.1.22-crypt.patch b/testing/cyrus-sasl/cyrus-sasl-2.1.22-crypt.patch
new file mode 100644
index 000000000..fd356327b
--- /dev/null
+++ b/testing/cyrus-sasl/cyrus-sasl-2.1.22-crypt.patch
@@ -0,0 +1,71 @@
+http://bugs.gentoo.org/152544
+
+--- cyrus-sasl-2.1.22/lib/Makefile.am
++++ cyrus-sasl-2.1.22/lib/Makefile.am
+@@ -45,6 +45,7 @@ sasl_version = 2:22:0
+
+ INCLUDES=-I$(top_srcdir)/include -I$(top_srcdir)/plugins -I$(top_builddir)/include -I$(top_srcdir)/sasldb
+
++AM_CFLAGS = -fPIC
+ EXTRA_DIST = windlopen.c staticopen.h NTMakefile
+ EXTRA_LIBRARIES = libsasl2.a
+ noinst_LIBRARIES = @SASL_STATIC_LIBS@
+--- cyrus-sasl-2.1.22/plugins/Makefile.am
++++ cyrus-sasl-2.1.22/plugins/Makefile.am
+@@ -63,6 +63,7 @@ srp_version = 2:22:0
+
+ INCLUDES=-I$(top_srcdir)/include -I$(top_srcdir)/lib -I$(top_srcdir)/sasldb -I$(top_builddir)/include
+ AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir)
++AM_CFLAGS = -fPIC
+
+ COMPAT_OBJS = @LTGETADDRINFOOBJS@ @LTGETNAMEINFOOBJS@ @LTSNPRINTFOBJS@
+
+--- cyrus-sasl-2.1.22/sasldb/Makefile.am
++++ cyrus-sasl-2.1.22/sasldb/Makefile.am
+@@ -48,6 +48,7 @@ INCLUDES=-I$(top_srcdir)/include -I$(top
+
+ extra_common_sources = db_none.c db_ndbm.c db_gdbm.c db_berkeley.c
+
++AM_CFLAGS = -fPIC
+ EXTRA_DIST = NTMakefile
+
+ noinst_LTLIBRARIES = libsasldb.la
+--- cyrus-sasl-2.1.22/utils/Makefile.am
++++ cyrus-sasl-2.1.22/utils/Makefile.am
+@@ -42,7 +42,7 @@
+ #
+ ################################################################
+
+-all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET)
++all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET) $(LIB_CRYPT)
+ all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE)
+
+ sbin_PROGRAMS = @SASL_DB_UTILS@ @SMTPTEST_PROGRAM@ pluginviewer
+--- cyrus-sasl-2.1.22/sample/Makefile.am
++++ cyrus-sasl-2.1.22/sample/Makefile.am
+@@ -54,10 +54,10 @@ sample_server_SOURCES = sample-server.c
+ server_SOURCES = server.c common.c common.h
+ client_SOURCES = client.c common.c common.h
+
+-server_LDADD = ../lib/libsasl2.la $(LIB_SOCKET)
+-client_LDADD = ../lib/libsasl2.la $(LIB_SOCKET)
++server_LDADD = ../lib/libsasl2.la $(LIB_SOCKET) $(LIB_CRYPT)
++client_LDADD = ../lib/libsasl2.la $(LIB_SOCKET) $(LIB_CRYPT)
+
+-sample_client_LDADD = ../lib/libsasl2.la $(LIB_SOCKET)
+-sample_server_LDADD = ../lib/libsasl2.la $(LIB_SOCKET)
++sample_client_LDADD = ../lib/libsasl2.la $(LIB_SOCKET) $(LIB_CRYPT)
++sample_server_LDADD = ../lib/libsasl2.la $(LIB_SOCKET) $(LIB_CRYPT)
+
+ EXTRA_DIST = NTMakefile
+--- cyrus-sasl-2.1.22/lib/Makefile.am
++++ cyrus-sasl-2.1.22/lib/Makefile.am
+@@ -63,7 +63,7 @@ lib_LTLIBRARIES = libsasl2.la
+ libsasl2_la_SOURCES = $(common_sources) $(common_headers)
+ libsasl2_la_LDFLAGS = -version-info $(sasl_version)
+ libsasl2_la_DEPENDENCIES = $(LTLIBOBJS)
+-libsasl2_la_LIBADD = $(LTLIBOBJS) $(SASL_DL_LIB) $(LIB_SOCKET) $(LIB_DOOR)
++libsasl2_la_LIBADD = $(LTLIBOBJS) $(SASL_DL_LIB) $(LIB_SOCKET) $(LIB_DOOR) $(LIB_CRYPT)
+
+ if MACOSX
+ framedir = /Library/Frameworks/SASL2.framework
diff --git a/testing/cyrus-sasl/cyrus-sasl-2.1.22-qa.patch b/testing/cyrus-sasl/cyrus-sasl-2.1.22-qa.patch
new file mode 100644
index 000000000..4f7b04f13
--- /dev/null
+++ b/testing/cyrus-sasl/cyrus-sasl-2.1.22-qa.patch
@@ -0,0 +1,22 @@
+fix missing prototype warnings
+
+--- cyrus-sasl-2.1.22/lib/auxprop.c
++++ cyrus-sasl-2.1.22/lib/auxprop.c
+@@ -43,6 +43,7 @@
+ */
+
+ #include <config.h>
++#include <stdio.h>
+ #include <sasl.h>
+ #include <prop.h>
+ #include <ctype.h>
+--- cyrus-sasl-2.1.22/pwcheck/pwcheck_getspnam.c
++++ cyrus-sasl-2.1.22/pwcheck/pwcheck_getspnam.c
+@@ -24,6 +24,7 @@ OF OR IN CONNECTION WITH THE USE OR PERF
+ ******************************************************************/
+
+ #include <shadow.h>
++#include <string.h>
+
+ extern char *crypt();
+
diff --git a/testing/cyrus-sasl/cyrus-sasl-2.1.23-authd-fix.patch b/testing/cyrus-sasl/cyrus-sasl-2.1.23-authd-fix.patch
new file mode 100644
index 000000000..f5f372d17
--- /dev/null
+++ b/testing/cyrus-sasl/cyrus-sasl-2.1.23-authd-fix.patch
@@ -0,0 +1,28 @@
+fix warnings:
+
+auth_sasldb.c: In function ‘auth_sasldb’:
+auth_sasldb.c:144: warning: implicit declaration of function ‘gethostname’
+
+auth_sasldb.c:153: warning: passing argument 8 of ‘_sasldb_getdata’ from incompatible pointer type
+../sasldb/sasldb.h:60: note: expected ‘size_t *’ but argument is of type ‘int *’
+
+--- saslauthd/auth_sasldb.c
++++ saslauthd/auth_sasldb.c
+@@ -41,6 +41,7 @@
+ #include <string.h>
+ #include <stdlib.h>
+ #include <pwd.h>
++#include <unistd.h>
+ /* END PUBLIC DEPENDENCIES */
+
+ #define RETURN(x) return strdup(x)
+@@ -131,7 +132,8 @@
+ /* VARIABLES */
+ char pw[1024]; /* pointer to passwd file entry */
+ sasl_utils_t utils;
+- int ret, outsize;
++ int ret;
++ size_t outsize;
+ const char *use_realm;
+ char realm_buf[MAXHOSTNAMELEN];
+ /* END VARIABLES */
diff --git a/testing/cyrus-sasl/saslauthd b/testing/cyrus-sasl/saslauthd
new file mode 100644
index 000000000..6afafae0b
--- /dev/null
+++ b/testing/cyrus-sasl/saslauthd
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+# source application-specific settings
+[ -f /etc/conf.d/saslauthd ] && . /etc/conf.d/saslauthd
+
+. /etc/rc.conf
+. /etc/rc.d/functions
+
+DAEMON_NAME="saslauthd"
+SASLAUTHD_BIN=/usr/sbin/saslauthd
+SASLAUTHD_RUN=/var/run/saslauthd
+SASLAUTHD_PID=$SASLAUTHD_RUN/saslauthd.pid
+
+case "$1" in
+ start)
+ stat_busy "Starting $DAEMON_NAME"
+ [ ! -d /var/run/saslauthd ] && install -d /var/run/saslauthd
+ if $SASLAUTHD_BIN $SASLAUTHD_OPTS >/dev/null; then
+ add_daemon $DAEMON_NAME
+ stat_done
+ else
+ stat_fail
+ exit 1
+ fi
+ ;;
+
+ stop)
+ stat_busy "Stopping $DAEMON_NAME"
+ [ -f $SASLAUTHD_PID ] && kill `cat $SASLAUTHD_PID` &>/dev/null
+ if [ $? -gt 0 ]; then
+ stat_fail
+ exit 1
+ else
+ rm_daemon $DAEMON_NAME
+ stat_done
+ fi
+ ;;
+
+ restart)
+ $0 stop
+ sleep 1
+ $0 start
+ ;;
+
+ *)
+ echo "usage: $0 {start|stop|restart}"
+esac
+exit 0
+# vim: ts=2 sw=2 et ft=sh
diff --git a/testing/cyrus-sasl/saslauthd.conf.d b/testing/cyrus-sasl/saslauthd.conf.d
new file mode 100644
index 000000000..167211290
--- /dev/null
+++ b/testing/cyrus-sasl/saslauthd.conf.d
@@ -0,0 +1 @@
+SASLAUTHD_OPTS="-a pam"