Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-mail
diff options
context:
space:
mode:
authorEray Aslan <eras@gentoo.org>2013-06-26 16:18:51 +0000
committerEray Aslan <eras@gentoo.org>2013-06-26 16:18:51 +0000
commitbc98cdb32ba9d5306cc178ddabb07c70795c1b1a (patch)
treeff32d31fc740748e77c659708b121a6e9983c139 /net-mail
parentrevbumps; add sec patches XSA-55, remove disused patches (diff)
downloadgentoo-2-bc98cdb32ba9d5306cc178ddabb07c70795c1b1a.tar.gz
gentoo-2-bc98cdb32ba9d5306cc178ddabb07c70795c1b1a.tar.bz2
gentoo-2-bc98cdb32ba9d5306cc178ddabb07c70795c1b1a.zip
Fix conflict with cyrus-sasl - bug #474862
(Portage version: 2.2.0_alpha185/cvs/Linux x86_64, signed Manifest commit with key 0x77F1F175586A3B1F)
Diffstat (limited to 'net-mail')
-rw-r--r--net-mail/dovecot/ChangeLog8
-rw-r--r--net-mail/dovecot/dovecot-2.2.4-r1.ebuild284
-rw-r--r--net-mail/dovecot/files/cyrus-sasl.patch745
3 files changed, 1036 insertions, 1 deletions
diff --git a/net-mail/dovecot/ChangeLog b/net-mail/dovecot/ChangeLog
index 307266d0a25f..fc8659b51cf9 100644
--- a/net-mail/dovecot/ChangeLog
+++ b/net-mail/dovecot/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for net-mail/dovecot
# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/ChangeLog,v 1.436 2013/06/25 05:41:19 eras Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/ChangeLog,v 1.437 2013/06/26 16:18:51 eras Exp $
+
+*dovecot-2.2.4-r1 (26 Jun 2013)
+
+ 26 Jun 2013; Eray Aslan <eras@gentoo.org> +dovecot-2.2.4-r1.ebuild,
+ +files/cyrus-sasl.patch:
+ Fix conflict with cyrus-sasl - bug #474862
*dovecot-2.2.4 (25 Jun 2013)
diff --git a/net-mail/dovecot/dovecot-2.2.4-r1.ebuild b/net-mail/dovecot/dovecot-2.2.4-r1.ebuild
new file mode 100644
index 000000000000..321b417db0bb
--- /dev/null
+++ b/net-mail/dovecot/dovecot-2.2.4-r1.ebuild
@@ -0,0 +1,284 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/dovecot-2.2.4-r1.ebuild,v 1.1 2013/06/26 16:18:51 eras Exp $
+
+EAPI=5
+inherit autotools eutils multilib ssl-cert systemd user versionator
+
+MY_P="${P/_/.}"
+major_minor="$(get_version_component_range 1-2)"
+sieve_version="0.4.0"
+SRC_URI="http://dovecot.org/releases/${major_minor}/${MY_P}.tar.gz
+ sieve? (
+ http://www.rename-it.nl/dovecot/${major_minor}/${PN}-${major_minor}-pigeonhole-${sieve_version}.tar.gz
+ )
+ managesieve? (
+ http://www.rename-it.nl/dovecot/${major_minor}/${PN}-${major_minor}-pigeonhole-${sieve_version}.tar.gz
+ ) "
+DESCRIPTION="An IMAP and POP3 server written with security primarily in mind"
+HOMEPAGE="http://www.dovecot.org/"
+
+SLOT="0"
+LICENSE="LGPL-2.1 MIT"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+
+IUSE_DOVECOT_AUTH="kerberos ldap mysql pam postgres sqlite vpopmail"
+IUSE_DOVECOT_STORAGE="cydir imapc +maildir mbox mdbox pop3c sdbox"
+IUSE_DOVECOT_OTHER="bzip2 caps doc ipv6 lucene managesieve selinux sieve solr +ssl static-libs suid tcpd zlib"
+
+IUSE="${IUSE_DOVECOT_AUTH} ${IUSE_DOVECOT_STORAGE} ${IUSE_DOVECOT_OTHER}"
+
+DEPEND="caps? ( sys-libs/libcap )
+ kerberos? ( virtual/krb5 )
+ ldap? ( net-nds/openldap )
+ lucene? ( >=dev-cpp/clucene-2.3 )
+ mysql? ( virtual/mysql )
+ pam? ( virtual/pam )
+ postgres? ( dev-db/postgresql-base !dev-db/postgresql-base[ldap,threads] )
+ selinux? ( sec-policy/selinux-dovecot )
+ solr? ( net-misc/curl dev-libs/expat )
+ sqlite? ( dev-db/sqlite )
+ ssl? ( dev-libs/openssl )
+ tcpd? ( sys-apps/tcp-wrappers )
+ vpopmail? ( net-mail/vpopmail )
+ virtual/libiconv"
+
+RDEPEND="${DEPEND}
+ net-mail/mailbase"
+
+S=${WORKDIR}/${MY_P}
+
+pkg_setup() {
+ if use managesieve && ! use sieve; then
+ ewarn "managesieve USE flag selected but sieve USE flag unselected"
+ ewarn "sieve USE flag will be turned on"
+ fi
+ # default internal user
+ enewgroup dovecot 97
+ enewuser dovecot 97 -1 /dev/null dovecot
+ # default login user
+ enewuser dovenull -1 -1 /dev/null
+ # add "mail" group for suid'ing. Better security isolation.
+ if use suid; then
+ enewgroup mail
+ fi
+}
+
+src_prepare() {
+ epatch "${FILESDIR}/cyrus-sasl.patch"
+ sed -i -e '1iACLOCAL_AMFLAGS = -I .' Makefile.am || die
+ eautoreconf
+}
+
+src_configure() {
+ local conf=""
+
+ if use postgres || use mysql || use sqlite; then
+ conf="${conf} --with-sql"
+ fi
+
+ local storages=""
+ for storage in ${IUSE_DOVECOT_STORAGE//+/}; do
+ use ${storage} && storages="${storage} ${storages}"
+ done
+ [ "${storages}" ] || storages="maildir"
+
+ # turn valgrind tests off. Bug #340791
+ VALGRIND=no econf \
+ --localstatedir="${EPREFIX}/var" \
+ --with-moduledir="${EPREFIX}/usr/$(get_libdir)/dovecot" \
+ --without-stemmer \
+ --with-storages="${storages}" \
+ --disable-rpath \
+ $( systemd_with_unitdir ) \
+ $( use_with bzip2 bzlib ) \
+ $( use_with caps libcap ) \
+ $( use_with kerberos gssapi ) \
+ $( use_with ldap ) \
+ $( use_with lucene ) \
+ $( use_with mysql ) \
+ $( use_with pam ) \
+ $( use_with postgres pgsql ) \
+ $( use_with sqlite ) \
+ $( use_with solr ) \
+ $( use_with ssl ) \
+ $( use_with tcpd libwrap ) \
+ $( use_with vpopmail ) \
+ $( use_with zlib ) \
+ $( use_enable static-libs static ) \
+ ${conf}
+
+ if use sieve || use managesieve ; then
+ # The sieve plugin needs this file to be build to determine the plugin
+ # directory and the list of libraries to link to.
+ emake dovecot-config
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed"
+ econf \
+ $( use_enable static-libs static ) \
+ --localstatedir="${EPREFIX}/var" \
+ --enable-shared \
+ --with-dovecot="../${MY_P}" \
+ $( use_with managesieve )
+ fi
+}
+
+src_compile() {
+ default
+ if use sieve || use managesieve ; then
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed"
+ emake CC="$(tc-getCC)" CFLAGS="${CFLAGS}"
+ fi
+}
+
+src_test() {
+ default
+ if use sieve || use managesieve ; then
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed"
+ default
+ fi
+}
+
+src_install () {
+ default
+
+ # insecure:
+ # use suid && fperms u+s /usr/libexec/dovecot/deliver
+ # better:
+ if use suid;then
+ einfo "Changing perms to allow deliver to be suided"
+ fowners root:mail "${EPREFIX}/usr/libexec/dovecot/dovecot-lda"
+ fperms 4750 "${EPREFIX}/usr/libexec/dovecot/dovecot-lda"
+ fi
+
+ newinitd "${FILESDIR}"/dovecot.init-r4 dovecot
+
+ rm -rf "${ED}"/usr/share/doc/dovecot
+
+ dodoc AUTHORS NEWS README TODO
+ dodoc doc/*.{txt,cnf,xml,sh}
+ docinto example-config
+ dodoc doc/example-config/*.{conf,ext}
+ docinto example-config/conf.d
+ dodoc doc/example-config/conf.d/*.{conf,ext}
+ docinto wiki
+ dodoc doc/wiki/*
+ doman doc/man/*.{1,7}
+
+ # Create the dovecot.conf file from the dovecot-example.conf file that
+ # the dovecot folks nicely left for us....
+ local conf="${ED}/etc/dovecot/dovecot.conf"
+ local confd="${ED}/etc/dovecot/conf.d"
+
+ insinto /etc/dovecot
+ doins doc/example-config/*.{conf,ext}
+ insinto /etc/dovecot/conf.d
+ doins doc/example-config/conf.d/*.{conf,ext}
+ fperms 0600 "${EPREFIX}"/etc/dovecot/dovecot-{ldap,sql}.conf.ext
+ rm -f "${confd}/../README"
+
+ # .maildir is the Gentoo default
+ local mail_location="maildir:~/.maildir"
+ if ! use maildir; then
+ if use mbox; then
+ mail_location="mbox:/var/spool/mail/%u:INDEX=/var/dovecot/%u"
+ keepdir /var/dovecot
+ sed -i -e 's|#mail_privileged_group =|mail_privileged_group = mail|' \
+ "${confd}/10-mail.conf" || die "sed failed"
+ elif use mdbox ; then
+ mail_location="mdbox:~/.mdbox"
+ elif use sdbox ; then
+ mail_location="sdbox:~/.sdbox"
+ fi
+ fi
+ sed -i -e \
+ "s|#mail_location =|mail_location = ${mail_location}|" \
+ "${confd}/10-mail.conf" \
+ || die "failed to update mail location settings in 10-mail.conf"
+
+ # We're using pam files (imap and pop3) provided by mailbase
+ if use pam; then
+ sed -i -e '/driver = pam/,/^[ \t]*}/ s|#args = dovecot|args = "\*"|' \
+ "${confd}/auth-system.conf.ext" \
+ || die "failed to update PAM settings in auth-system.conf.ext"
+ # mailbase does not provide a sieve pam file
+ use managesieve && dosym imap /etc/pam.d/sieve
+ sed -i -e \
+ 's/#!include auth-system.conf.ext/!include auth-system.conf.ext/' \
+ "${confd}/10-auth.conf" \
+ || die "failed to update PAM settings in 10-auth.conf"
+ fi
+
+ # Disable ipv6 if necessary
+ if ! use ipv6; then
+ sed -i -e 's/^#listen = \*, ::/listen = \*/g' "${conf}" \
+ || die "failed to update listen settings in dovecot.conf"
+ fi
+
+ # Update ssl cert locations
+ if use ssl; then
+ sed -i -e 's:^#ssl = yes:ssl = yes:' "${confd}/10-ssl.conf" \
+ || die "ssl conf failed"
+ sed -i -e 's:^ssl_cert =.*:ssl_cert = </etc/ssl/dovecot/server.pem:' \
+ -e 's:^ssl_key =.*:ssl_key = </etc/ssl/dovecot/server.key:' \
+ "${confd}/10-ssl.conf" || die "failed to update SSL settings in 10-ssl.conf"
+ fi
+
+ # Install SQL configuration
+ if use mysql || use postgres; then
+ sed -i -e \
+ 's/#!include auth-sql.conf.ext/!include auth-sql.conf.ext/' \
+ "${confd}/10-auth.conf" || die "failed to update SQL settings in \
+ 10-auth.conf"
+ fi
+
+ # Install LDAP configuration
+ if use ldap; then
+ sed -i -e \
+ 's/#!include auth-ldap.conf.ext/!include auth-ldap.conf.ext/' \
+ "${confd}/10-auth.conf" \
+ || die "failed to update ldap settings in 10-auth.conf"
+ fi
+
+ if use vpopmail; then
+ sed -i -e \
+ 's/#!include auth-vpopmail.conf.ext/!include auth-vpopmail.conf.ext/' \
+ "${confd}/10-auth.conf" \
+ || die "failed to update vpopmail settings in 10-auth.conf"
+ fi
+
+ if use sieve || use managesieve ; then
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed"
+ emake DESTDIR="${ED}" install
+ sed -i -e \
+ 's/^[[:space:]]*#mail_plugins = $mail_plugins/mail_plugins = sieve/' "${confd}/15-lda.conf" \
+ || die "failed to update sieve settings in 15-lda.conf"
+ rm -rf "${ED}"/usr/share/doc/dovecot
+ dodoc doc/*.txt
+ docinto example-config/conf.d
+ dodoc doc/example-config/conf.d/*.conf
+ insinto /etc/dovecot/conf.d
+ doins doc/example-config/conf.d/90-sieve{,-extprograms}.conf
+ use managesieve && doins doc/example-config/conf.d/20-managesieve.conf
+ docinto sieve/rfc
+ dodoc doc/rfc/*.txt
+ docinto sieve/devel
+ dodoc doc/devel/DESIGN
+ doman doc/man/*.{1,7}
+ fi
+
+ use static-libs || find "${ED}"/usr/lib* -name '*.la' -delete
+}
+
+pkg_postinst() {
+ if use ssl; then
+ # Let's not make a new certificate if we already have one
+ if ! [[ -e "${ROOT}"/etc/ssl/dovecot/server.pem && \
+ -e "${ROOT}"/etc/ssl/dovecot/server.key ]]; then
+ einfo "Creating SSL certificate"
+ SSL_ORGANIZATION="${SSL_ORGANIZATION:-Dovecot IMAP Server}"
+ install_cert /etc/ssl/dovecot/server
+ fi
+ fi
+
+ elog "Please read http://wiki2.dovecot.org/Upgrading/ for upgrade notes."
+}
diff --git a/net-mail/dovecot/files/cyrus-sasl.patch b/net-mail/dovecot/files/cyrus-sasl.patch
new file mode 100644
index 000000000000..66626f8b77d3
--- /dev/null
+++ b/net-mail/dovecot/files/cyrus-sasl.patch
@@ -0,0 +1,745 @@
+# Gentoo Bug #474862
+# HG changeset patch
+# User Timo Sirainen <tss@iki.fi>
+# Date 1372246654 -10800
+# Node ID 2dd27b0e7e49785f4a2257a2b0933bc028ea9975
+# Parent d6b18c237be50b8327f068e918d297906e06ba6d
+lib-sasl: Use dsasl_ prefix so we don't conflict with Cyrus SASL library.
+
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/imap-login/imap-proxy.c
+--- a/src/imap-login/imap-proxy.c Tue Jun 25 16:03:04 2013 +0300
++++ b/src/imap-login/imap-proxy.c Wed Jun 26 14:37:34 2013 +0300
+@@ -9,7 +9,7 @@
+ #include "str.h"
+ #include "str-sanitize.h"
+ #include "safe-memset.h"
+-#include "sasl-client.h"
++#include "dsasl-client.h"
+ #include "client.h"
+ #include "client-authenticate.h"
+ #include "imap-resp-code.h"
+@@ -58,7 +58,7 @@
+
+ static int proxy_write_login(struct imap_client *client, string_t *str)
+ {
+- struct sasl_client_settings sasl_set;
++ struct dsasl_client_settings sasl_set;
+ const unsigned char *output;
+ unsigned int len;
+ const char *mech_name, *error;
+@@ -85,14 +85,14 @@
+ sasl_set.authzid = client->common.proxy_user;
+ sasl_set.password = client->common.proxy_password;
+ client->common.proxy_sasl_client =
+- sasl_client_new(client->common.proxy_mech, &sasl_set);
+- mech_name = sasl_client_mech_get_name(client->common.proxy_mech);
++ dsasl_client_new(client->common.proxy_mech, &sasl_set);
++ mech_name = dsasl_client_mech_get_name(client->common.proxy_mech);
+
+ str_append(str, "L AUTHENTICATE ");
+ str_append(str, mech_name);
+ if (client->proxy_sasl_ir) {
+- if (sasl_client_output(client->common.proxy_sasl_client,
+- &output, &len, &error) < 0) {
++ if (dsasl_client_output(client->common.proxy_sasl_client,
++ &output, &len, &error) < 0) {
+ client_log_err(&client->common, t_strdup_printf(
+ "proxy: SASL mechanism %s init failed: %s",
+ mech_name, error));
+@@ -226,11 +226,11 @@
+ client_proxy_failed(client, TRUE);
+ return -1;
+ }
+- ret = sasl_client_input(client->proxy_sasl_client,
+- str_data(str), str_len(str), &error);
++ ret = dsasl_client_input(client->proxy_sasl_client,
++ str_data(str), str_len(str), &error);
+ if (ret == 0) {
+- ret = sasl_client_output(client->proxy_sasl_client,
+- &data, &data_len, &error);
++ ret = dsasl_client_output(client->proxy_sasl_client,
++ &data, &data_len, &error);
+ }
+ if (ret < 0) {
+ client_log_err(client, t_strdup_printf(
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/Makefile.am
+--- a/src/lib-sasl/Makefile.am Tue Jun 25 16:03:04 2013 +0300
++++ b/src/lib-sasl/Makefile.am Wed Jun 26 14:37:34 2013 +0300
+@@ -6,11 +6,11 @@
+ libsasl_la_SOURCES = \
+ mech-login.c \
+ mech-plain.c \
+- sasl-client.c
++ dsasl-client.c
+
+ headers = \
+- sasl-client.h \
+- sasl-client-private.h
++ dsasl-client.h \
++ dsasl-client-private.h
+
+ pkginc_libdir=$(pkgincludedir)
+ pkginc_lib_HEADERS = $(headers)
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/dsasl-client-private.h
+--- /dev/null Thu Jan 01 00:00:00 1970 +0000
++++ b/src/lib-sasl/dsasl-client-private.h Wed Jun 26 14:37:34 2013 +0300
+@@ -0,0 +1,33 @@
++#ifndef DSASL_CLIENT_PRIVATE_H
++#define DSASL_CLIENT_PRIVATE_H
++
++#include "dsasl-client.h"
++
++struct dsasl_client {
++ pool_t pool;
++ struct dsasl_client_settings set;
++ char *password;
++ const struct dsasl_client_mech *mech;
++};
++
++struct dsasl_client_mech {
++ const char *name;
++ size_t struct_size;
++
++ int (*input)(struct dsasl_client *client,
++ const unsigned char *input,
++ unsigned int input_len,
++ const char **error_r);
++ int (*output)(struct dsasl_client *client,
++ const unsigned char **output_r,
++ unsigned int *output_len_r,
++ const char **error_r);
++ void (*free)(struct dsasl_client *client);
++};
++
++extern const struct dsasl_client_mech dsasl_client_mech_login;
++
++void dsasl_client_mech_register(const struct dsasl_client_mech *mech);
++void dsasl_client_mech_unregister(const struct dsasl_client_mech *mech);
++
++#endif
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/dsasl-client.c
+--- /dev/null Thu Jan 01 00:00:00 1970 +0000
++++ b/src/lib-sasl/dsasl-client.c Wed Jun 26 14:37:34 2013 +0300
+@@ -0,0 +1,104 @@
++/* Copyright (c) 2013 Dovecot authors, see the included COPYING file */
++
++#include "lib.h"
++#include "array.h"
++#include "safe-memset.h"
++#include "dsasl-client-private.h"
++
++static ARRAY(const struct dsasl_client_mech *) dsasl_mechanisms = ARRAY_INIT;
++
++static const struct dsasl_client_mech *
++dsasl_client_mech_find_idx(const char *name, unsigned int *idx_r)
++{
++ const struct dsasl_client_mech *const *mechp;
++
++ array_foreach(&dsasl_mechanisms, mechp) {
++ if (strcasecmp((*mechp)->name, name) == 0) {
++ *idx_r = array_foreach_idx(&dsasl_mechanisms, mechp);
++ return *mechp;
++ }
++ }
++ return NULL;
++}
++
++const struct dsasl_client_mech *dsasl_client_mech_find(const char *name)
++{
++ unsigned int idx;
++
++ return dsasl_client_mech_find_idx(name, &idx);
++}
++
++const char *dsasl_client_mech_get_name(const struct dsasl_client_mech *mech)
++{
++ return mech->name;
++}
++
++void dsasl_client_mech_register(const struct dsasl_client_mech *mech)
++{
++ array_append(&dsasl_mechanisms, &mech, 1);
++}
++
++void dsasl_client_mech_unregister(const struct dsasl_client_mech *mech)
++{
++ unsigned int idx;
++
++ if (dsasl_client_mech_find_idx(mech->name, &idx) == NULL)
++ i_panic("SASL mechanism not registered: %s", mech->name);
++ array_delete(&dsasl_mechanisms, idx, 1);
++}
++
++struct dsasl_client *dsasl_client_new(const struct dsasl_client_mech *mech,
++ const struct dsasl_client_settings *set)
++{
++ struct dsasl_client *client;
++ pool_t pool = pool_alloconly_create("sasl client", 512);
++
++ client = p_malloc(pool, mech->struct_size);
++ client->pool = pool;
++ client->mech = mech;
++ client->set.authid = p_strdup(pool, set->authid);
++ client->set.authzid = p_strdup(pool, set->authzid);
++ client->password = p_strdup(pool, set->password);
++ client->set.password = client->password;
++ return client;
++}
++
++void dsasl_client_free(struct dsasl_client **_client)
++{
++ struct dsasl_client *client = *_client;
++
++ *_client = NULL;
++
++ if (client->mech->free != NULL)
++ client->mech->free(client);
++ safe_memset(client->password, 0, strlen(client->password));
++ pool_unref(&client->pool);
++}
++
++int dsasl_client_input(struct dsasl_client *client,
++ const unsigned char *input,
++ unsigned int input_len,
++ const char **error_r)
++{
++ return client->mech->input(client, input, input_len, error_r);
++}
++
++int dsasl_client_output(struct dsasl_client *client,
++ const unsigned char **output_r,
++ unsigned int *output_len_r,
++ const char **error_r)
++{
++ return client->mech->output(client, output_r, output_len_r, error_r);
++}
++
++void dsasl_clients_init(void)
++{
++ i_array_init(&dsasl_mechanisms, 8);
++ dsasl_client_mech_register(&dsasl_client_mech_plain);
++ dsasl_client_mech_register(&dsasl_client_mech_login);
++}
++
++void dsasl_clients_deinit(void)
++{
++ array_free(&dsasl_mechanisms);
++}
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/dsasl-client.h
+--- /dev/null Thu Jan 01 00:00:00 1970 +0000
++++ b/src/lib-sasl/dsasl-client.h Wed Jun 26 14:37:34 2013 +0300
+@@ -0,0 +1,39 @@
++#ifndef DSASL_CLIENT_H
++#define DSASL_CLIENT_H
++
++struct dsasl_client_settings {
++ /* authentication ID - must be set with most mechanisms */
++ const char *authid;
++ /* authorization ID (who to log in as, if authentication ID is a
++ master user) */
++ const char *authzid;
++ /* password - must be set with most mechanisms */
++ const char *password;
++};
++
++/* PLAIN mechanism always exists and can be accessed directly via this. */
++extern const struct dsasl_client_mech dsasl_client_mech_plain;
++
++const struct dsasl_client_mech *dsasl_client_mech_find(const char *name);
++const char *dsasl_client_mech_get_name(const struct dsasl_client_mech *mech);
++
++struct dsasl_client *dsasl_client_new(const struct dsasl_client_mech *mech,
++ const struct dsasl_client_settings *set);
++void dsasl_client_free(struct dsasl_client **client);
++
++/* Call for server input. */
++int dsasl_client_input(struct dsasl_client *client,
++ const unsigned char *input,
++ unsigned int input_len,
++ const char **error_r);
++/* Call for getting server output. Also used to get the initial SASL response
++ if supported by the protocol. */
++int dsasl_client_output(struct dsasl_client *client,
++ const unsigned char **output_r,
++ unsigned int *output_len_r,
++ const char **error_r);
++
++void dsasl_clients_init(void);
++void dsasl_clients_deinit(void);
++
++#endif
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/mech-login.c
+--- a/src/lib-sasl/mech-login.c Tue Jun 25 16:03:04 2013 +0300
++++ b/src/lib-sasl/mech-login.c Wed Jun 26 14:37:34 2013 +0300
+@@ -2,7 +2,7 @@
+
+ #include "lib.h"
+ #include "str.h"
+-#include "sasl-client-private.h"
++#include "dsasl-client-private.h"
+
+ enum login_state {
+ STATE_INIT = 0,
+@@ -10,18 +10,19 @@
+ STATE_PASS
+ };
+
+-struct login_sasl_client {
+- struct sasl_client client;
++struct login_dsasl_client {
++ struct dsasl_client client;
+ enum login_state state;
+ };
+
+ static int
+-mech_login_input(struct sasl_client *_client,
++mech_login_input(struct dsasl_client *_client,
+ const unsigned char *input ATTR_UNUSED,
+ unsigned int input_len ATTR_UNUSED,
+ const char **error_r)
+ {
+- struct login_sasl_client *client = (struct login_sasl_client *)_client;
++ struct login_dsasl_client *client =
++ (struct login_dsasl_client *)_client;
+
+ if (client->state == STATE_PASS) {
+ *error_r = "Server didn't finish authentication";
+@@ -32,11 +33,12 @@
+ }
+
+ static int
+-mech_login_output(struct sasl_client *_client,
++mech_login_output(struct dsasl_client *_client,
+ const unsigned char **output_r, unsigned int *output_len_r,
+ const char **error_r)
+ {
+- struct login_sasl_client *client = (struct login_sasl_client *)_client;
++ struct login_dsasl_client *client =
++ (struct login_dsasl_client *)_client;
+
+ if (_client->set.authid == NULL) {
+ *error_r = "authid not set";
+@@ -64,9 +66,9 @@
+ i_unreached();
+ }
+
+-const struct sasl_client_mech sasl_client_mech_login = {
++const struct dsasl_client_mech dsasl_client_mech_login = {
+ .name = "LOGIN",
+- .struct_size = sizeof(struct login_sasl_client),
++ .struct_size = sizeof(struct login_dsasl_client),
+
+ .input = mech_login_input,
+ .output = mech_login_output
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/mech-plain.c
+--- a/src/lib-sasl/mech-plain.c Tue Jun 25 16:03:04 2013 +0300
++++ b/src/lib-sasl/mech-plain.c Wed Jun 26 14:37:34 2013 +0300
+@@ -2,19 +2,20 @@
+
+ #include "lib.h"
+ #include "str.h"
+-#include "sasl-client-private.h"
++#include "dsasl-client-private.h"
+
+-struct plain_sasl_client {
+- struct sasl_client client;
++struct plain_dsasl_client {
++ struct dsasl_client client;
+ bool output_sent;
+ };
+
+ static int
+-mech_plain_input(struct sasl_client *_client,
++mech_plain_input(struct dsasl_client *_client,
+ const unsigned char *input ATTR_UNUSED, unsigned int input_len,
+ const char **error_r)
+ {
+- struct plain_sasl_client *client = (struct plain_sasl_client *)_client;
++ struct plain_dsasl_client *client =
++ (struct plain_dsasl_client *)_client;
+
+ if (!client->output_sent) {
+ if (input_len > 0) {
+@@ -29,11 +30,12 @@
+ }
+
+ static int
+-mech_plain_output(struct sasl_client *_client,
++mech_plain_output(struct dsasl_client *_client,
+ const unsigned char **output_r, unsigned int *output_len_r,
+ const char **error_r)
+ {
+- struct plain_sasl_client *client = (struct plain_sasl_client *)_client;
++ struct plain_dsasl_client *client =
++ (struct plain_dsasl_client *)_client;
+ string_t *str;
+
+ if (_client->set.authid == NULL) {
+@@ -59,9 +61,9 @@
+ return 0;
+ }
+
+-const struct sasl_client_mech sasl_client_mech_plain = {
++const struct dsasl_client_mech dsasl_client_mech_plain = {
+ .name = "PLAIN",
+- .struct_size = sizeof(struct plain_sasl_client),
++ .struct_size = sizeof(struct plain_dsasl_client),
+
+ .input = mech_plain_input,
+ .output = mech_plain_output
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/sasl-client-private.h
+--- a/src/lib-sasl/sasl-client-private.h Tue Jun 25 16:03:04 2013 +0300
++++ /dev/null Thu Jan 01 00:00:00 1970 +0000
+@@ -1,33 +0,0 @@
+-#ifndef SASL_CLIENT_PRIVATE_H
+-#define SASL_CLIENT_PRIVATE_H
+-
+-#include "sasl-client.h"
+-
+-struct sasl_client {
+- pool_t pool;
+- struct sasl_client_settings set;
+- char *password;
+- const struct sasl_client_mech *mech;
+-};
+-
+-struct sasl_client_mech {
+- const char *name;
+- size_t struct_size;
+-
+- int (*input)(struct sasl_client *client,
+- const unsigned char *input,
+- unsigned int input_len,
+- const char **error_r);
+- int (*output)(struct sasl_client *client,
+- const unsigned char **output_r,
+- unsigned int *output_len_r,
+- const char **error_r);
+- void (*free)(struct sasl_client *client);
+-};
+-
+-extern const struct sasl_client_mech sasl_client_mech_login;
+-
+-void sasl_client_mech_register(const struct sasl_client_mech *mech);
+-void sasl_client_mech_unregister(const struct sasl_client_mech *mech);
+-
+-#endif
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/sasl-client.c
+--- a/src/lib-sasl/sasl-client.c Tue Jun 25 16:03:04 2013 +0300
++++ /dev/null Thu Jan 01 00:00:00 1970 +0000
+@@ -1,104 +0,0 @@
+-/* Copyright (c) 2013 Dovecot authors, see the included COPYING file */
+-
+-#include "lib.h"
+-#include "array.h"
+-#include "safe-memset.h"
+-#include "sasl-client-private.h"
+-
+-static ARRAY(const struct sasl_client_mech *) sasl_mechanisms = ARRAY_INIT;
+-
+-static const struct sasl_client_mech *
+-sasl_client_mech_find_idx(const char *name, unsigned int *idx_r)
+-{
+- const struct sasl_client_mech *const *mechp;
+-
+- array_foreach(&sasl_mechanisms, mechp) {
+- if (strcasecmp((*mechp)->name, name) == 0) {
+- *idx_r = array_foreach_idx(&sasl_mechanisms, mechp);
+- return *mechp;
+- }
+- }
+- return NULL;
+-}
+-
+-const struct sasl_client_mech *sasl_client_mech_find(const char *name)
+-{
+- unsigned int idx;
+-
+- return sasl_client_mech_find_idx(name, &idx);
+-}
+-
+-const char *sasl_client_mech_get_name(const struct sasl_client_mech *mech)
+-{
+- return mech->name;
+-}
+-
+-void sasl_client_mech_register(const struct sasl_client_mech *mech)
+-{
+- array_append(&sasl_mechanisms, &mech, 1);
+-}
+-
+-void sasl_client_mech_unregister(const struct sasl_client_mech *mech)
+-{
+- unsigned int idx;
+-
+- if (sasl_client_mech_find_idx(mech->name, &idx) == NULL)
+- i_panic("SASL mechanism not registered: %s", mech->name);
+- array_delete(&sasl_mechanisms, idx, 1);
+-}
+-
+-struct sasl_client *sasl_client_new(const struct sasl_client_mech *mech,
+- const struct sasl_client_settings *set)
+-{
+- struct sasl_client *client;
+- pool_t pool = pool_alloconly_create("sasl client", 512);
+-
+- client = p_malloc(pool, mech->struct_size);
+- client->pool = pool;
+- client->mech = mech;
+- client->set.authid = p_strdup(pool, set->authid);
+- client->set.authzid = p_strdup(pool, set->authzid);
+- client->password = p_strdup(pool, set->password);
+- client->set.password = client->password;
+- return client;
+-}
+-
+-void sasl_client_free(struct sasl_client **_client)
+-{
+- struct sasl_client *client = *_client;
+-
+- *_client = NULL;
+-
+- if (client->mech->free != NULL)
+- client->mech->free(client);
+- safe_memset(client->password, 0, strlen(client->password));
+- pool_unref(&client->pool);
+-}
+-
+-int sasl_client_input(struct sasl_client *client,
+- const unsigned char *input,
+- unsigned int input_len,
+- const char **error_r)
+-{
+- return client->mech->input(client, input, input_len, error_r);
+-}
+-
+-int sasl_client_output(struct sasl_client *client,
+- const unsigned char **output_r,
+- unsigned int *output_len_r,
+- const char **error_r)
+-{
+- return client->mech->output(client, output_r, output_len_r, error_r);
+-}
+-
+-void sasl_clients_init(void)
+-{
+- i_array_init(&sasl_mechanisms, 8);
+- sasl_client_mech_register(&sasl_client_mech_plain);
+- sasl_client_mech_register(&sasl_client_mech_login);
+-}
+-
+-void sasl_clients_deinit(void)
+-{
+- array_free(&sasl_mechanisms);
+-}
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/sasl-client.h
+--- a/src/lib-sasl/sasl-client.h Tue Jun 25 16:03:04 2013 +0300
++++ /dev/null Thu Jan 01 00:00:00 1970 +0000
+@@ -1,39 +0,0 @@
+-#ifndef SASL_CLIENT_H
+-#define SASL_CLIENT_H
+-
+-struct sasl_client_settings {
+- /* authentication ID - must be set with most mechanisms */
+- const char *authid;
+- /* authorization ID (who to log in as, if authentication ID is a
+- master user) */
+- const char *authzid;
+- /* password - must be set with most mechanisms */
+- const char *password;
+-};
+-
+-/* PLAIN mechanism always exists and can be accessed directly via this. */
+-extern const struct sasl_client_mech sasl_client_mech_plain;
+-
+-const struct sasl_client_mech *sasl_client_mech_find(const char *name);
+-const char *sasl_client_mech_get_name(const struct sasl_client_mech *mech);
+-
+-struct sasl_client *sasl_client_new(const struct sasl_client_mech *mech,
+- const struct sasl_client_settings *set);
+-void sasl_client_free(struct sasl_client **client);
+-
+-/* Call for server input. */
+-int sasl_client_input(struct sasl_client *client,
+- const unsigned char *input,
+- unsigned int input_len,
+- const char **error_r);
+-/* Call for getting server output. Also used to get the initial SASL response
+- if supported by the protocol. */
+-int sasl_client_output(struct sasl_client *client,
+- const unsigned char **output_r,
+- unsigned int *output_len_r,
+- const char **error_r);
+-
+-void sasl_clients_init(void);
+-void sasl_clients_deinit(void);
+-
+-#endif
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/login-common/client-common-auth.c
+--- a/src/login-common/client-common-auth.c Tue Jun 25 16:03:04 2013 +0300
++++ b/src/login-common/client-common-auth.c Wed Jun 26 14:37:34 2013 +0300
+@@ -9,7 +9,7 @@
+ #include "time-util.h"
+ #include "login-proxy.h"
+ #include "auth-client.h"
+-#include "sasl-client.h"
++#include "dsasl-client.h"
+ #include "master-service-ssl-settings.h"
+ #include "client-common.h"
+
+@@ -202,7 +202,7 @@
+ }
+
+ if (client->proxy_sasl_client != NULL)
+- sasl_client_free(&client->proxy_sasl_client);
++ dsasl_client_free(&client->proxy_sasl_client);
+ login_proxy_free(&client->login_proxy);
+ proxy_free_password(client);
+ i_free_and_null(client->proxy_user);
+@@ -275,7 +275,7 @@
+ const struct client_auth_reply *reply)
+ {
+ struct login_proxy_settings proxy_set;
+- const struct sasl_client_mech *sasl_mech = NULL;
++ const struct dsasl_client_mech *sasl_mech = NULL;
+
+ i_assert(reply->destuser != NULL);
+ i_assert(!client->destroyed);
+@@ -296,7 +296,7 @@
+ }
+
+ if (reply->proxy_mech != NULL) {
+- sasl_mech = sasl_client_mech_find(reply->proxy_mech);
++ sasl_mech = dsasl_client_mech_find(reply->proxy_mech);
+ if (sasl_mech == NULL) {
+ client_log_err(client, t_strdup_printf(
+ "proxy: Unsupported SASL mechanism %s",
+@@ -306,7 +306,7 @@
+ }
+ } else if (reply->master_user != NULL) {
+ /* have to use PLAIN authentication with master user logins */
+- sasl_mech = &sasl_client_mech_plain;
++ sasl_mech = &dsasl_client_mech_plain;
+ }
+
+ i_assert(client->refcount > 1);
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/login-common/client-common.c
+--- a/src/login-common/client-common.c Tue Jun 25 16:03:04 2013 +0300
++++ b/src/login-common/client-common.c Wed Jun 26 14:37:34 2013 +0300
+@@ -18,7 +18,7 @@
+ #include "master-service-ssl-settings.h"
+ #include "master-auth.h"
+ #include "auth-client.h"
+-#include "sasl-client.h"
++#include "dsasl-client.h"
+ #include "login-proxy.h"
+ #include "ssl-proxy.h"
+ #include "client-common.h"
+@@ -211,7 +211,7 @@
+ }
+
+ if (client->proxy_sasl_client != NULL)
+- sasl_client_free(&client->proxy_sasl_client);
++ dsasl_client_free(&client->proxy_sasl_client);
+ if (client->login_proxy != NULL)
+ login_proxy_free(&client->login_proxy);
+ if (client->v.destroy != NULL)
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/login-common/client-common.h
+--- a/src/login-common/client-common.h Tue Jun 25 16:03:04 2013 +0300
++++ b/src/login-common/client-common.h Wed Jun 26 14:37:34 2013 +0300
+@@ -122,8 +122,8 @@
+
+ struct login_proxy *login_proxy;
+ char *proxy_user, *proxy_master_user, *proxy_password;
+- const struct sasl_client_mech *proxy_mech;
+- struct sasl_client *proxy_sasl_client;
++ const struct dsasl_client_mech *proxy_mech;
++ struct dsasl_client *proxy_sasl_client;
+ unsigned int proxy_state;
+ unsigned int proxy_ttl;
+
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/login-common/main.c
+--- a/src/login-common/main.c Tue Jun 25 16:03:04 2013 +0300
++++ b/src/login-common/main.c Wed Jun 26 14:37:34 2013 +0300
+@@ -13,7 +13,7 @@
+ #include "access-lookup.h"
+ #include "anvil-client.h"
+ #include "auth-client.h"
+-#include "sasl-client.h"
++#include "dsasl-client.h"
+ #include "master-service-ssl-settings.h"
+ #include "ssl-proxy.h"
+ #include "login-proxy.h"
+@@ -282,7 +282,7 @@
+ /* Initialize SSL proxy so it can read certificate and private
+ key file. */
+ ssl_proxy_init();
+- sasl_clients_init();
++ dsasl_clients_init();
+
+ /* set the number of fds we want to use. it may get increased or
+ decreased. leave a couple of extra fds for auth sockets and such.
+@@ -358,7 +358,7 @@
+ anvil_client_deinit(&anvil);
+ if (auth_client_to != NULL)
+ timeout_remove(&auth_client_to);
+- sasl_clients_deinit();
++ dsasl_clients_deinit();
+ login_settings_deinit();
+ }
+
+diff -r d6b18c237be5 -r 2dd27b0e7e49 src/pop3-login/pop3-proxy.c
+--- a/src/pop3-login/pop3-proxy.c Tue Jun 25 16:03:04 2013 +0300
++++ b/src/pop3-login/pop3-proxy.c Wed Jun 26 14:37:34 2013 +0300
+@@ -8,7 +8,7 @@
+ #include "safe-memset.h"
+ #include "str.h"
+ #include "str-sanitize.h"
+-#include "sasl-client.h"
++#include "dsasl-client.h"
+ #include "client.h"
+ #include "pop3-proxy.h"
+
+@@ -23,7 +23,7 @@
+
+ static int proxy_send_login(struct pop3_client *client, struct ostream *output)
+ {
+- struct sasl_client_settings sasl_set;
++ struct dsasl_client_settings sasl_set;
+ const unsigned char *sasl_output;
+ unsigned int len;
+ const char *mech_name, *error;
+@@ -60,12 +60,12 @@
+ sasl_set.authzid = client->common.proxy_user;
+ sasl_set.password = client->common.proxy_password;
+ client->common.proxy_sasl_client =
+- sasl_client_new(client->common.proxy_mech, &sasl_set);
+- mech_name = sasl_client_mech_get_name(client->common.proxy_mech);
++ dsasl_client_new(client->common.proxy_mech, &sasl_set);
++ mech_name = dsasl_client_mech_get_name(client->common.proxy_mech);
+
+ str_printfa(str, "AUTH %s ", mech_name);
+- if (sasl_client_output(client->common.proxy_sasl_client,
+- &sasl_output, &len, &error) < 0) {
++ if (dsasl_client_output(client->common.proxy_sasl_client,
++ &sasl_output, &len, &error) < 0) {
+ client_log_err(&client->common, t_strdup_printf(
+ "proxy: SASL mechanism %s init failed: %s",
+ mech_name, error));
+@@ -99,11 +99,11 @@
+ client_log_err(client, "proxy: Server sent invalid base64 data in AUTH response");
+ return -1;
+ }
+- ret = sasl_client_input(client->proxy_sasl_client,
+- str_data(str), str_len(str), &error);
++ ret = dsasl_client_input(client->proxy_sasl_client,
++ str_data(str), str_len(str), &error);
+ if (ret == 0) {
+- ret = sasl_client_output(client->proxy_sasl_client,
+- &data, &data_len, &error);
++ ret = dsasl_client_output(client->proxy_sasl_client,
++ &data, &data_len, &error);
+ }
+ if (ret < 0) {
+ client_log_err(client, t_strdup_printf(
+