[arch-commits] Commit in libsasl/trunk (PKGBUILD cyrus-sasl-gssapi.patch)

Andreas Radke andyrtr at archlinux.org
Sun Jul 10 19:54:55 UTC 2016 

    Date: Sunday, July 10, 2016 @ 19:54:55
  Author: andyrtr
Revision: 271259

upgpkg: libsasl 2.1.26-8

rebuild old pkg, apply fix for FS#42789

Added:
  libsasl/trunk/cyrus-sasl-gssapi.patch
Modified:
  libsasl/trunk/PKGBUILD

-------------------------+
 PKGBUILD                |    9 ++++++---
 cyrus-sasl-gssapi.patch |   16 ++++++++++++++++
 2 files changed, 22 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2016-07-10 19:38:53 UTC (rev 271258)
+++ PKGBUILD	2016-07-10 19:54:55 UTC (rev 271259)
@@ -8,7 +8,7 @@
 #pkgname=('cyrus-sasl' 'cyrus-sasl-gssapi' 'cyrus-sasl-ldap' 'cyrus-sasl-sql')
 pkgname=libsasl
 pkgver=2.1.26
-pkgrel=7
+pkgrel=8
 pkgdesc="Cyrus Simple Authentication Service Layer (SASL) library"
 arch=('i686' 'x86_64')
 url="http://cyrusimap.web.cmu.edu/"
@@ -27,7 +27,8 @@
         saslauthd.conf.d
         tmpfiles.conf
         CVE-2013-4122.patch
-        cyrus-sasl-sql.patch)
+        cyrus-sasl-sql.patch
+        cyrus-sasl-gssapi.patch)
 md5sums=('a7f4e5e559a0e37b3ffc438c9456e425'
          '79b8a5e8689989e2afd4b7bda595a7b1'
          'f45aa8c42b32e0569ab3d14a83485b37'
@@ -40,7 +41,8 @@
          '49219af5641150edec288a3fdb65e7c1'
          '45bb0192d2f188066240b9a66ee6365f'
          'c5f0ec88c584a75c14d7f402eaeed7ef'
-         '82c0f66fdc5c1145eb48ea9116c27931')
+         '82c0f66fdc5c1145eb48ea9116c27931'
+         '0363b1a0337474a57b1f75f72fe88fa3')
 
 prepare() {
   cd cyrus-sasl-$pkgver
@@ -53,6 +55,7 @@
   patch -Np1 -i ../0030-dont_use_la_files_for_opening_plugins.patch
   patch -Np1 -i ../CVE-2013-4122.patch
   patch -Np0 -i ../cyrus-sasl-sql.patch
+  patch -Np1 -i ../cyrus-sasl-gssapi.patch
 
   sed 's/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/' -i configure.in
 }

Added: cyrus-sasl-gssapi.patch
===================================================================
--- cyrus-sasl-gssapi.patch	                        (rev 0)
+++ cyrus-sasl-gssapi.patch	2016-07-10 19:54:55 UTC (rev 271259)
@@ -0,0 +1,16 @@
+diff -aur cyrus-sasl-2.1.26.orig/plugins/gssapi.c cyrus-sasl-2.1.26/plugins/gssapi.c
+--- cyrus-sasl-2.1.26.orig/plugins/gssapi.c	2016-06-10 13:55:25.985676293 -0700
++++ cyrus-sasl-2.1.26/plugins/gssapi.c	2016-06-10 13:58:00.687337430 -0700
+@@ -1583,10 +1583,10 @@
+ 	}
+ 
+ 	/* Setup req_flags properly */
+-	req_flags = GSS_C_INTEG_FLAG;
++	req_flags = GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG;
+ 	if (params->props.max_ssf > params->external_ssf) {
+ 	    /* We are requesting a security layer */
+-	    req_flags |= GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG;
++	    req_flags |= GSS_C_INTEG_FLAG;
+ 	    /* Any SSF bigger than 1 is confidentiality. */
+ 	    /* Let's check if the client of the API requires confidentiality,
+ 	       and it wasn't already provided by an external layer */

More information about the arch-commits mailing list