6569 – [UPDATE] cyrus-sasl-2.1.7 -> r1

Bug 6569 - [UPDATE] cyrus-sasl-2.1.7 -> r1

Summary: [UPDATE] cyrus-sasl-2.1.7 -> r1

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Server (show other bugs)
Hardware:	All Linux

Importance:	High enhancement (vote)
Assignee:	Nick Hadaway

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2002-08-16 00:43 UTC by Eric Renfro
Modified:	2002-09-10 16:17 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Cyrus-SASL flag extensions. (cyrus-sasl-2.1.7-r1.ebuild,3.21 KB, text/plain) 2002-08-16 00:46 UTC, Eric Renfro	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Eric Renfro 2002-08-16 00:43:13 UTC

With this updated Cyrus-SASL, comes with a new set of flags that should be
available. When you run, for example, an MTA against SASL for AUTH, every auth
plugin sasl has available, the MTA will announce as well (for example, postfix,
which won't let you specifically disable auth methods directly). This comes with
a slight bit of additions of sasl-authmodule flags. Because of this, at least
some default auth modules need to be in the global-wide USE defaults.

The SASL flags are as follows:

sasl-plain  - AUTH PLAIN
sasl-login  - AUTH LOGIN
sasl-cram   - AUTH CRAM-MD5 (depreciating by DIGEST-MD5)
sasl-scram  - AUTH SCRAM-MD5 (depreciated)
sasl-digest - AUTH DIGEST-MD5 (suggested new standard)
sasl-krb4   - AUTH Kerberos IV
sasl-gssapi - (for extended kerberos functionality)
sasl-opie   - One-Time Passwords in Everything

By default, I propose the first 5 of those to be added to the global use
defaults, providing the same effect as the 2.1.7 ebuild, but allowing users to
disable specific features, or enable others.

Some more flags, for extending the SASL auth capabilities. Right now, they're
experimental, and should not be enabled by default for that very reason:

sasl-ldap  - OpenLDAP support (experimental)
sasl-mysql - MySQL support (experimental)

The latter flags are global between Cyrus-SASL and Cyrus-IMAPD:

cyrus-berkdb - Berkeley DB
cyrus-gdbm   - gdbm

These two flags are for setting the default dbm format Cyrus-SASL, and
Cyrus-IMAP use. Neither should be set by default, fallback is set to use
berkeley just as the ebuild did to begin with.

Comment 1 Eric Renfro 2002-08-16 00:46:54 UTC

Created attachment 3123 [details]
Cyrus-SASL flag extensions.

The above mentioned flags are provided here.

Comment 2 Eric Renfro 2002-08-16 19:04:58 UTC

Correction.  sasl-gssapi is MIT Kerberos V or Heimdal Kerberos V

Comment 3 Nick Hadaway 2002-08-22 12:59:09 UTC

cyrus-sasl-2.1.7-r1 has been added to portage.  Please test and report back on 
this bug report your experience.  The files should be available on rsync 
servers within 24 hours.

Comment 4 Nick Hadaway 2002-09-10 16:17:52 UTC

I have removed the extensive list of use flags as it is overkill for 
authenticator choosing.  I have reverted the ebuild to install the default 
enabled authenticators.  Things affected by use flags are now... 

ldap
mysql
berkdb
static
kerberos

The authenticator used is chosen during configuration after install and having 
all default authenticators included does not increase binary or library size 
significantly.