- Add CRACKLIB support

Submitted by: Matt Simerson <matt@simerson.net> Obtained from: http://sourceforge.net/p/qmailadmin/patches/28/
author: bdrewery <bdrewery@FreeBSD.org> 2014-05-24 05:48:24 +0800
committer: bdrewery <bdrewery@FreeBSD.org> 2014-05-24 05:48:24 +0800
commit: 951078d13b3efdb514db708820615c80a3bb8e02 (patch)
tree: bc1540721e5cd2265824ab276c964d3a29f5dd52 /mail
parent: c5c143e92aafdc66315851ed84535683bd791510 (diff)
download: freebsd-ports-gnome-951078d13b3efdb514db708820615c80a3bb8e02.tar.gz
freebsd-ports-gnome-951078d13b3efdb514db708820615c80a3bb8e02.tar.zst
freebsd-ports-gnome-951078d13b3efdb514db708820615c80a3bb8e02.zip
2 files changed, 90 insertions, 2 deletions
diff --git a/mail/qmailadmin/Makefile b/mail/qmailadmin/Makefile
index ccab5693fce2..b055e9317a1a 100644
--- a/mail/qmailadmin/Makefile
+++ b/mail/qmailadmin/Makefile
@@ -3,7 +3,7 @@
 
 PORTNAME=	qmailadmin
 PORTVERSION=	1.2.15
-PORTREVISION=	5
+PORTREVISION=	6
 PORTEPOCH=	2
 CATEGORIES=	mail www
 MASTER_SITES=	SF/${PORTNAME}/${PORTNAME}-stable/${PORTVERSION} \
@@ -36,7 +36,7 @@ AUTOMAKE_ARGS+=	--add-missing
 
 OPTIONS_DEFINE=	IPAUTH USER_INDEX MODIFY_QUOTA DOMAIN_AUTOFILL \
 		IDX IDX_SQL HELP SPAM_DETECTION SPAM_NEEDS_EMAIL \
-		CATCHALL TRIVIAL_PASSWORD NOCACHE
+		CATCHALL TRIVIAL_PASSWORD NOCACHE CRACKLIB
 OPTIONS_DEFAULT=IPAUTH IDX_SQL USER_INDEX CATCHALL TRIVIAL_PASSWORD
 IPAUTH_DESC=		Check IP address after login
 USER_INDEX_DESC=	Enable user index display
@@ -50,6 +50,7 @@ SPAM_NEEDS_EMAIL_DESC=	Append user's email to spam command #'
 CATCHALL_DESC=		Enable catch-all accounts
 TRIVIAL_PASSWORD_DESC=	Disallow password containing username
 NOCACHE_DESC=		Prohibit caching via http headers
+CRACKLIB_DESC=		Use cracklib to enforce stronger passwords
 
 CONFIGURE_ARGS+=	\
 	--enable-qmaildir=${QMAIL_PREFIX} \
@@ -87,6 +88,15 @@ EXTRA_PATCHES+=		${FILESDIR}/extra-ezmlm-idx7.patch
 CONFIGURE_ARGS+=	--enable-spam-command="${SPAM_COMMAND}"
 .endif
 
+.if ${PORT_OPTIONS:MCRACKLIB}
+EXTRA_PATCHES+=		${FILESDIR}/cracklib.patch
+BUILD_DEPENDS+=		${LOCALBASE}/include/crack.h:${PORTSDIR}/security/cracklib
+CONFIGURE_ARGS+=	--enable-cracklib=${LOCALBASE}/libdata/cracklib/pw_dict
+CFLAGS+=	-I${LOCALBASE}/include
+LDFLAGS+=       -L${LOCALBASE}/lib
+CONFIGURE_ENV+=	LIBS="-lcrack"
+.endif
+
 # vpopmail installation directory
 #
 # NB: change this with extreme caution!  For instance, if vpopmail is not
diff --git a/mail/qmailadmin/files/cracklib.patch b/mail/qmailadmin/files/cracklib.patch
new file mode 100644
index 000000000000..81fe28a1fbe4
--- /dev/null
+++ b/mail/qmailadmin/files/cracklib.patch
@@ -0,0 +1,78 @@
+--- ./configure.in.orig	2011-01-14 13:35:14.000000000 -0800
++++ ./configure.in	2014-05-22 21:51:26.000000000 -0700
+@@ -26,6 +26,7 @@
+ dnl Checks for libraries.
+ AC_CHECK_LIB(crypt,crypt)
+ AC_CHECK_LIB(shadow,crypt)
++AC_CHECK_LIB(crack,FascistCheck)
+ #AC_CHECK_LIB(m,floor)
+ #AC_CHECK_LIB(nsl, gethostbyaddr)
+ #AC_CHECK_LIB(socket, getsockname)
+@@ -421,6 +422,31 @@
+ AC_DEFINE_UNQUOTED(SPAM_COMMAND, "$spam_command","")
+ AC_SUBST(SPAM_COMMAND)
+ 
++cracklib=no
++AC_ARG_ENABLE(cracklib, [  --enable-cracklib=PATH     Path to cracklib dictionary.],
++    cracklib="$enableval",
++    [
++        if test "$cracklib" = ""
++        then
++            AC_MSG_ERROR([Unable to find your cracklib directory, specify --enable-cracklib.])
++        fi
++    ] )
++
++if test "$cracklib" = "yes"
++then
++	cracklib="/usr/local/libdata/cracklib/pw_dict"
++fi
++
++case $cracklib in
++0*|n*|N*)
++	echo "checking whether to use password checking... no"
++	;;
++*)
++	AC_DEFINE_UNQUOTED(CRACKLIB,"$cracklib","")
++	echo "checking whether to use password checking... yes"
++	;;
++esac
++
+ HELP=no
+ AC_ARG_ENABLE(help, [  --enable-help  Display help links on login page.],
+     HELP="$enableval",)
+@@ -485,4 +511,7 @@
+ then
+         echo "      spam command = "$spam_command""
+ fi
+-
++if test "$cracklib" != "no"
++then
++	echo "cracklib dictionary= "$cracklib""
++fi
+--- ./user.c.orig	2014-05-22 21:51:03.000000000 -0700
++++ ./user.c	2014-05-22 21:52:14.000000000 -0700
+@@ -47,6 +47,9 @@
+ #include "user.h"
+ #include "util.h"
+ #include "vauth.h"
++#ifdef CRACKLIB
++#	include </usr/local/include/crack.h>
++#endif
+ 
+ 
+ #define HOOKS 1
+@@ -800,6 +803,14 @@
+        exit(0);
+      }
+ #endif
++#ifdef CRACKLIB
++    if ((tmpstr = FascistCheck(Password1, CRACKLIB)) != NULL ) {
++       sprintf(StatusMessage, "Bad password - %s\n", tmpstr);
++       moduser();
++       vclose();
++       exit(0);
++    }
++#endif
+     ret_code = vpasswd( ActionUser, Domain, Password1, USE_POP);
+     if ( ret_code != VA_SUCCESS ) {
+       snprintf (StatusMessage, sizeof(StatusMessage), "%s (%s)", html_text[140],
author	bdrewery <bdrewery@FreeBSD.org>	2014-05-24 05:48:24 +0800
committer	bdrewery <bdrewery@FreeBSD.org>	2014-05-24 05:48:24 +0800
commit	951078d13b3efdb514db708820615c80a3bb8e02 (patch)
tree	bc1540721e5cd2265824ab276c964d3a29f5dd52 /mail
parent	c5c143e92aafdc66315851ed84535683bd791510 (diff)
download	freebsd-ports-gnome-951078d13b3efdb514db708820615c80a3bb8e02.tar.gz freebsd-ports-gnome-951078d13b3efdb514db708820615c80a3bb8e02.tar.zst freebsd-ports-gnome-951078d13b3efdb514db708820615c80a3bb8e02.zip