Index: head/security/cyrus-sasl/files/Sendmail.README =================================================================== --- head/security/cyrus-sasl/files/Sendmail.README (revision 61476) +++ head/security/cyrus-sasl/files/Sendmail.README (revision 61477) @@ -1,41 +1,51 @@ -How to enable SMTP AUTH with FreeBSD default Sendmail 8.11 +How to enable SMTP AUTH with FreeBSD default Sendmail 1) Add the following to /etc/make.conf: # Add SMTP AUTH support to Sendmail - SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL -D_FFR_UNSAFE_SASL + SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL SENDMAIL_LDFLAGS+= -L/usr/local/lib SENDMAIL_LDADD+= -lsasl + NOTE: Sendmail 8.10 - 8.11 needS -D_FFR_UNSAFE_SASL added + to SENDMAIL_CFLAGS, if you need the GroupReadableSASLFile option + 2) Rebuild FreeBSD (make buildworld, ...) 3) Create /usr/local/lib/sasl/Sendmail.conf with the following. pwcheck_method: pwcheck 4) Add the following to your sendmail.mc file: + dnl The group needs to be mail in order to read the sasldb file + define(`confRUN_AS_USER',`root:mail')dnl + TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl + + dnl Use the following for Sendmail 8.12 define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLDBFile')dnl - define(`confRUN_AS_USER',`root:mail')dnl + dnl Use the following for Sendmail 8.10 - 8.11 + define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl + ---- Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4. These can be added to TRUST_AUTH_MECH and confAUTH_MECHANISMS as a space seperated list. You may want to restrict LOGIN, and PLAIN authentication methods for use with STARTTLS, as the password is not encrypted when passed to sendmail. LOGIN is required for Outlook Express users. "My server requires authentication" needs to be checked in the accounts properties to use SASL Authentication. PLAIN is required for Netscape Communicator users. By default Netscape Communicator will use SASL Authentication when sendmail is compiled with SASL. - The DONT_BLAME_SENDMAIL option GroupReadableSASLFile is needed when you + The DONT_BLAME_SENDMAIL option GroupReadableSASL[DB]File is needed when you are using cyrus-imapd and sendmail on the same server that requires access to the sasldb database. Property changes on: head/security/cyrus-sasl/files/Sendmail.README ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.4 \ No newline at end of property +1.5 \ No newline at end of property Index: head/security/cyrus-sasl/files/patch-ab =================================================================== --- head/security/cyrus-sasl/files/patch-ab (revision 61476) +++ head/security/cyrus-sasl/files/patch-ab (revision 61477) @@ -1,89 +1,92 @@ ---- configure.in.orig Mon May 20 19:02:49 2002 -+++ configure.in Mon May 20 19:21:53 2002 -@@ -66,8 +66,9 @@ +--- configure.in.orig Wed May 22 20:49:46 2002 ++++ configure.in Thu May 23 16:52:07 2002 +@@ -66,8 +66,12 @@ dnl check for -R, etc. switch CMU_GUESS_RUNPATH_SWITCH dnl let's just link against local. otherwise we never find anything useful. -CPPFLAGS="-I/usr/local/include ${CPPFLAGS}" -CMU_ADD_LIBPATH("/usr/local/lib") -+CPPFLAGS="-I${OPENSSLINC} -I${OPENSSLINC}/openssl ${CPPFLAGS}" ++CPPFLAGS="-I${OPENSSLINC}/openssl ${CPPFLAGS}" ++if test "${OPENSSLINC}" != "/usr/include" ; then ++ CPPFLAGS="-I${OPENSSLINC} ${CPPFLAGS}" ++fi +CMU_ADD_LIBPATH("${OPENSSLLIB}") +CMU_ADD_LIBPATH("${LOCALBASE}/lib") AM_DISABLE_STATIC -@@ -122,8 +123,6 @@ +@@ -122,8 +126,6 @@ AC_SUBST(JAVA_INCLUDES) AC_MSG_RESULT(JAVA_INCLUDES) - JAVAC=`echo "$JAVAC" | sed 's,.*/,,'` - JAVAH=`echo "$JAVAH" | sed 's,.*/,,'` fi AM_CONDITIONAL(SAMPLE, test "$enable_sample" = yes) -@@ -149,11 +148,13 @@ +@@ -149,11 +151,13 @@ AC_CHECK_HEADER(db.h, AC_CHECK_LIB(db-3, db_create, SASL_DB_LIB="-ldb-3"; dblib="berkeley", + AC_CHECK_LIB(db3, db_create, SASL_DB_LIB="-ldb3"; + dblib="berkeley", AC_CHECK_LIB(db, db_create, SASL_DB_LIB="-ldb"; dblib="berkeley", AC_CHECK_LIB(db, db_open, SASL_DB_LIB="-ldb"; dblib="berkeley", - dblib="no"))), + dblib="no")))), dblib="no") ;; gdbm) -@@ -175,11 +176,13 @@ +@@ -175,11 +179,13 @@ AC_CHECK_HEADER(db.h, AC_CHECK_LIB(db-3, db_create, SASL_DB_LIB="-ldb-3"; dblib="berkeley", + AC_CHECK_LIB(db3, db_create, SASL_DB_LIB="-ldb3"; + dblib="berkeley", AC_CHECK_LIB(db, db_create, SASL_DB_LIB="-ldb"; dblib="berkeley", AC_CHECK_LIB(db, db_open, SASL_DB_LIB="-ldb"; dblib="berkeley", - dblib="no"))), + dblib="no")))), dblib="no") if test "$dblib" = no; then dnl How about ndbm? -@@ -229,6 +232,13 @@ +@@ -229,6 +235,13 @@ berkeley) SASL_DB_BACKEND="db_${dblib}.lo" AC_DEFINE(SASL_BERKELEYDB) + for db3loc in ${prefix} /usr/local /usr + do + if test -d ${db3loc}/include/db3; then + CPPFLAGS="-I${db3loc}/include/db3 $CPPFLAGS" + break + fi + done ;; *) AC_MSG_WARN([Disabling SASL authentication database support]) -@@ -534,12 +544,16 @@ +@@ -534,12 +547,16 @@ fi if test "$with_des" != no; then + case "$host_os" in + freebsd*) + COM_ERR="-lcom_err" + ;; + esac AC_CHECK_HEADER(krb.h, - AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", - AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err", - AC_WARN(No Kerberos V4 found); krb4=no, -ldes -lcom_err), - -ldes), - AC_WARN(No Kerberos V4 found); krb4=no) + AC_CHECK_LIB(krb, krb_mk_priv,:, + AC_WARN(No Kerberos V4 found); krb4=no, + -ldes ${COM_ERR}), + AC_WARN(No Kerberos V4 headers found); krb4=no) else AC_WARN(No DES library found for Kerberos V4 support) krb4=no Property changes on: head/security/cyrus-sasl/files/patch-ab ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.13 \ No newline at end of property +1.14 \ No newline at end of property Index: head/security/cyrus-sasl2/files/Sendmail.README =================================================================== --- head/security/cyrus-sasl2/files/Sendmail.README (revision 61476) +++ head/security/cyrus-sasl2/files/Sendmail.README (revision 61477) @@ -1,41 +1,51 @@ -How to enable SMTP AUTH with FreeBSD default Sendmail 8.11 +How to enable SMTP AUTH with FreeBSD default Sendmail 1) Add the following to /etc/make.conf: # Add SMTP AUTH support to Sendmail - SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL -D_FFR_UNSAFE_SASL + SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL SENDMAIL_LDFLAGS+= -L/usr/local/lib SENDMAIL_LDADD+= -lsasl + NOTE: Sendmail 8.10 - 8.11 needS -D_FFR_UNSAFE_SASL added + to SENDMAIL_CFLAGS, if you need the GroupReadableSASLFile option + 2) Rebuild FreeBSD (make buildworld, ...) 3) Create /usr/local/lib/sasl/Sendmail.conf with the following. pwcheck_method: pwcheck 4) Add the following to your sendmail.mc file: + dnl The group needs to be mail in order to read the sasldb file + define(`confRUN_AS_USER',`root:mail')dnl + TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl + + dnl Use the following for Sendmail 8.12 define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLDBFile')dnl - define(`confRUN_AS_USER',`root:mail')dnl + dnl Use the following for Sendmail 8.10 - 8.11 + define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl + ---- Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4. These can be added to TRUST_AUTH_MECH and confAUTH_MECHANISMS as a space seperated list. You may want to restrict LOGIN, and PLAIN authentication methods for use with STARTTLS, as the password is not encrypted when passed to sendmail. LOGIN is required for Outlook Express users. "My server requires authentication" needs to be checked in the accounts properties to use SASL Authentication. PLAIN is required for Netscape Communicator users. By default Netscape Communicator will use SASL Authentication when sendmail is compiled with SASL. - The DONT_BLAME_SENDMAIL option GroupReadableSASLFile is needed when you + The DONT_BLAME_SENDMAIL option GroupReadableSASL[DB]File is needed when you are using cyrus-imapd and sendmail on the same server that requires access to the sasldb database. Property changes on: head/security/cyrus-sasl2/files/Sendmail.README ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.4 \ No newline at end of property +1.5 \ No newline at end of property Index: head/security/cyrus-sasl2/files/patch-ab =================================================================== --- head/security/cyrus-sasl2/files/patch-ab (revision 61476) +++ head/security/cyrus-sasl2/files/patch-ab (revision 61477) @@ -1,89 +1,92 @@ ---- configure.in.orig Mon May 20 19:02:49 2002 -+++ configure.in Mon May 20 19:21:53 2002 -@@ -66,8 +66,9 @@ +--- configure.in.orig Wed May 22 20:49:46 2002 ++++ configure.in Thu May 23 16:52:07 2002 +@@ -66,8 +66,12 @@ dnl check for -R, etc. switch CMU_GUESS_RUNPATH_SWITCH dnl let's just link against local. otherwise we never find anything useful. -CPPFLAGS="-I/usr/local/include ${CPPFLAGS}" -CMU_ADD_LIBPATH("/usr/local/lib") -+CPPFLAGS="-I${OPENSSLINC} -I${OPENSSLINC}/openssl ${CPPFLAGS}" ++CPPFLAGS="-I${OPENSSLINC}/openssl ${CPPFLAGS}" ++if test "${OPENSSLINC}" != "/usr/include" ; then ++ CPPFLAGS="-I${OPENSSLINC} ${CPPFLAGS}" ++fi +CMU_ADD_LIBPATH("${OPENSSLLIB}") +CMU_ADD_LIBPATH("${LOCALBASE}/lib") AM_DISABLE_STATIC -@@ -122,8 +123,6 @@ +@@ -122,8 +126,6 @@ AC_SUBST(JAVA_INCLUDES) AC_MSG_RESULT(JAVA_INCLUDES) - JAVAC=`echo "$JAVAC" | sed 's,.*/,,'` - JAVAH=`echo "$JAVAH" | sed 's,.*/,,'` fi AM_CONDITIONAL(SAMPLE, test "$enable_sample" = yes) -@@ -149,11 +148,13 @@ +@@ -149,11 +151,13 @@ AC_CHECK_HEADER(db.h, AC_CHECK_LIB(db-3, db_create, SASL_DB_LIB="-ldb-3"; dblib="berkeley", + AC_CHECK_LIB(db3, db_create, SASL_DB_LIB="-ldb3"; + dblib="berkeley", AC_CHECK_LIB(db, db_create, SASL_DB_LIB="-ldb"; dblib="berkeley", AC_CHECK_LIB(db, db_open, SASL_DB_LIB="-ldb"; dblib="berkeley", - dblib="no"))), + dblib="no")))), dblib="no") ;; gdbm) -@@ -175,11 +176,13 @@ +@@ -175,11 +179,13 @@ AC_CHECK_HEADER(db.h, AC_CHECK_LIB(db-3, db_create, SASL_DB_LIB="-ldb-3"; dblib="berkeley", + AC_CHECK_LIB(db3, db_create, SASL_DB_LIB="-ldb3"; + dblib="berkeley", AC_CHECK_LIB(db, db_create, SASL_DB_LIB="-ldb"; dblib="berkeley", AC_CHECK_LIB(db, db_open, SASL_DB_LIB="-ldb"; dblib="berkeley", - dblib="no"))), + dblib="no")))), dblib="no") if test "$dblib" = no; then dnl How about ndbm? -@@ -229,6 +232,13 @@ +@@ -229,6 +235,13 @@ berkeley) SASL_DB_BACKEND="db_${dblib}.lo" AC_DEFINE(SASL_BERKELEYDB) + for db3loc in ${prefix} /usr/local /usr + do + if test -d ${db3loc}/include/db3; then + CPPFLAGS="-I${db3loc}/include/db3 $CPPFLAGS" + break + fi + done ;; *) AC_MSG_WARN([Disabling SASL authentication database support]) -@@ -534,12 +544,16 @@ +@@ -534,12 +547,16 @@ fi if test "$with_des" != no; then + case "$host_os" in + freebsd*) + COM_ERR="-lcom_err" + ;; + esac AC_CHECK_HEADER(krb.h, - AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", - AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err", - AC_WARN(No Kerberos V4 found); krb4=no, -ldes -lcom_err), - -ldes), - AC_WARN(No Kerberos V4 found); krb4=no) + AC_CHECK_LIB(krb, krb_mk_priv,:, + AC_WARN(No Kerberos V4 found); krb4=no, + -ldes ${COM_ERR}), + AC_WARN(No Kerberos V4 headers found); krb4=no) else AC_WARN(No DES library found for Kerberos V4 support) krb4=no Property changes on: head/security/cyrus-sasl2/files/patch-ab ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.13 \ No newline at end of property +1.14 \ No newline at end of property