security/cyrus-sasl2: Update to 2.1.28.

PR: 262133 Relnotes: https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28 Security: CVE-2019-19906, CVE-2022-24407
2025-05-30 09:56:43 -04:00 · 2022-02-28 21:23:47 +09:00 · 2022-02-28 21:23:47 +09:00 · d29e6c0326
commit d29e6c0326
parent e30bd8fffa
9 changed files with 6 additions and 89 deletions
--- a/security/cyrus-sasl2-gssapi/Makefile
+++ b/security/cyrus-sasl2-gssapi/Makefile
@ -1,5 +1,4 @@
 PKGNAMESUFFIX=	-gssapi
 PORTREVISION=	2
 COMMENT=	SASL GSSAPI authentication plugin
--- a/security/cyrus-sasl2-saslauthd/Makefile
+++ b/security/cyrus-sasl2-saslauthd/Makefile
@ -1,5 +1,4 @@
 PKGNAMESUFFIX=	-saslauthd
 PORTREVISION=	2
 COMMENT=	SASL authentication server for cyrus-sasl2
--- a/security/cyrus-sasl2-saslauthd/pkg-plist
+++ b/security/cyrus-sasl2-saslauthd/pkg-plist
@ -1,4 +1,5 @@
 man/man8/saslauthd.8.gz
 man/man8/testsaslauthd.8.gz
 sbin/saslauthd
 sbin/saslcache
 sbin/testsaslauthd
--- a/security/cyrus-sasl2-sql/Makefile
+++ b/security/cyrus-sasl2-sql/Makefile
@ -1,5 +1,4 @@
 PKGNAMESUFFIX=	-sql
 PORTREVISION=	1
 COMMENT=	SASL SQL plugins
--- a/security/cyrus-sasl2/Makefile
+++ b/security/cyrus-sasl2/Makefile
@ -1,5 +1,3 @@
 PORTREVISION=	2
 COMMENT=	RFC 2222 SASL (Simple Authentication and Security Layer)
 USES=		cpe libtool:keepla pathfix perl5
@ -60,6 +58,6 @@ PLAIN_CONFIGURE_ENABLE=	plain
 SCRAM_DESC=		SCRAM authentication
 SCRAM_CONFIGURE_ENABLE=	scram
-DOCS=	AUTHORS COPYING ChangeLog INSTALL INSTALL.TXT README
+DOCS=	AUTHORS COPYING ChangeLog INSTALL.TXT README
 .include "${.CURDIR}/../../security/cyrus-sasl2/Makefile.common"
--- a/security/cyrus-sasl2/Makefile.common
+++ b/security/cyrus-sasl2/Makefile.common
@ -1,5 +1,5 @@
 PORTNAME=	cyrus-sasl
-PORTVERSION=	2.1.27
+PORTVERSION=	2.1.28
 CATEGORIES=	security
 MASTER_SITES=	https://github.com/cyrusimap/cyrus-sasl/releases/download/${PORTNAME}-${PORTVERSION}/
--- a/security/cyrus-sasl2/distinfo
+++ b/security/cyrus-sasl2/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1542468728
+TIMESTAMP = 1645585277
-SHA256 (cyrus-sasl-2.1.27.tar.gz) = 26866b1549b00ffd020f188a43c258017fa1c382b3ddadd8201536f72efb05d5
+SHA256 (cyrus-sasl-2.1.28.tar.gz) = 7ccfc6abd01ed67c1a0924b353e526f1b766b21f42d4562ee635a8ebfc5bb38c
-SIZE (cyrus-sasl-2.1.27.tar.gz) = 4111249
+SIZE (cyrus-sasl-2.1.28.tar.gz) = 4034803
--- a/security/cyrus-sasl2/files/patch-plugins__sql.c
+++ b/security/cyrus-sasl2/files/patch-plugins__sql.c
@ -1,66 +0,0 @@
 --- plugins/sql.c.orig	2016-12-10 15:45:55 UTC
 +++ plugins/sql.c
@@ -1150,6 +1150,7 @@ static int sql_auxprop_store(void *glob_context,
     char *statement = NULL;
     char *escap_userid = NULL;
     char *escap_realm = NULL;
 +    char *escap_passwd = NULL;
     const char *cmd;
     sql_settings_t *settings;
@@ -1221,6 +1222,11 @@ static int sql_auxprop_store(void *glob_context,
 			    "Unable to begin transaction\n");
     }
     for (cur = to_store; ret == SASL_OK && cur->name; cur++) {
 +	/* Free the buffer, current content is from previous loop. */
 +	if (escap_passwd) {
 +	    sparams->utils->free(escap_passwd);
 +	    escap_passwd = NULL;
 +	}
 	if (cur->name[0] == '*') {
 	    continue;
@@ -1242,19 +1248,32 @@ static int sql_auxprop_store(void *glob_context,
 	}
 	sparams->utils->free(statement);
 +	if (cur->values[0]) {
 +	    escap_passwd = (char *)sparams->utils->malloc(strlen(cur->values[0])*2+1);
 +	    if (!escap_passwd) {
 +		ret = SASL_NOMEM;
 +		break;
 +	    }
 +	    settings->sql_engine->sql_escape_str(escap_passwd, cur->values[0]);
 +	}
 +
 	/* create a statement that we will use */
 	statement = sql_create_statement(cmd, cur->name, escap_userid,
 					 escap_realm,
 -					 cur->values && cur->values[0] ?
 -					 cur->values[0] : SQL_NULL_VALUE,
 +					 escap_passwd ?
 +					 escap_passwd : SQL_NULL_VALUE,
 					 sparams->utils);
 +	if (!statement) {
 +	    ret = SASL_NOMEM;
 +	    break;
 +	}
 	{
 	    char *log_statement =
 		sql_create_statement(cmd, cur->name,
 				     escap_userid,
 				     escap_realm,
 -				     cur->values && cur->values[0] ?
 +				     escap_passwd ?
 				     "<omitted>" : SQL_NULL_VALUE,
 				     sparams->utils);
 	    sparams->utils->log(sparams->utils->conn, SASL_LOG_DEBUG,
@@ -1287,6 +1306,7 @@ static int sql_auxprop_store(void *glob_context,
   done:
     if (escap_userid) sparams->utils->free(escap_userid);
     if (escap_realm) sparams->utils->free(escap_realm);
 +    if (escap_passwd) sparams->utils->free(escap_passwd);
     if (conn) settings->sql_engine->sql_close(conn);
     if (userid) sparams->utils->free(userid);
     if (realm) sparams->utils->free(realm);
--- a/security/cyrus-sasl2/files/patch-saslauthd__Makefile.in
+++ b/security/cyrus-sasl2/files/patch-saslauthd__Makefile.in
@ -1,13 +0,0 @@
 Index: saslauthd/Makefile.in
 diff -u saslauthd/Makefile.in.orig saslauthd/Makefile.in
 --- saslauthd/Makefile.in.orig	2011-09-07 22:13:56.000000000 +0900
 +++ saslauthd/Makefile.in	2011-09-14 15:16:53.207259788 +0900
@@ -722,7 +722,7 @@
 install-data-local: saslauthd.8
 	$(mkinstalldirs) $(DESTDIR)$(mandir)/man8
 -	$(INSTALL_DATA) $(srcdir)/saslauthd.8 $(DESTDIR)$(mandir)/man8/saslauthd.8
 +	$(INSTALL_DATA) $(srcdir)/saslauthd.mdoc $(DESTDIR)$(mandir)/man8/saslauthd.8
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.