diff options
Diffstat (limited to 'databases')
-rw-r--r-- | databases/cyrus-imspd/Makefile | 10 | ||||
-rw-r--r-- | databases/cyrus-imspd/distinfo | 4 | ||||
-rw-r--r-- | databases/cyrus-imspd/files/patch-imsp::abook.c | 129 |
3 files changed, 8 insertions, 135 deletions
diff --git a/databases/cyrus-imspd/Makefile b/databases/cyrus-imspd/Makefile index f83061e9c3c6..13ee3d2c6ca8 100644 --- a/databases/cyrus-imspd/Makefile +++ b/databases/cyrus-imspd/Makefile @@ -6,8 +6,7 @@ # PORTNAME= cyrus-imspd -PORTVERSION= 1.6a3 -PORTREVISION= 2 +PORTVERSION= 1.6a5 CATEGORIES= databases mail MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/ \ ftp://ftp.hanse.de/sites/transit/mirror/ftp.andrew.cmu.edu/pub/cyrus-mail/ @@ -16,16 +15,19 @@ DISTNAME= ${PORTNAME}-v${PORTVERSION} MAINTAINER= ports@FreeBSD.org COMMENT= The cyrus IMSP (Internet Message Support Protocol) server -FORBIDDEN= "potentially exploitable heap overflow, see <http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=25>" - LIB_DEPENDS= sasl.8:${PORTSDIR}/security/cyrus-sasl BUILD_DEPENDS= ${LOCALBASE}/sbin/pwcheck:${PORTSDIR}/security/cyrus-sasl +USE_REINPLACE= YES GNU_CONFIGURE= YES CONFIGURE_ARGS= --prefix=${PREFIX} \ --with-sasldir=${LOCALBASE} \ --with-auth=unix +pre-configure: + ${REINPLACE_CMD} -e "s|<sasl.h>|<sasl1/sasl.h>|" \ + ${WRKSRC}/configure + post-install: ${INSTALL_SCRIPT} ${FILESDIR}/imspd.sh \ ${PREFIX}/etc/rc.d/imspd.sh diff --git a/databases/cyrus-imspd/distinfo b/databases/cyrus-imspd/distinfo index b87f0af1f027..9065b486946b 100644 --- a/databases/cyrus-imspd/distinfo +++ b/databases/cyrus-imspd/distinfo @@ -1,2 +1,2 @@ -MD5 (cyrus-imspd-v1.6a3.tar.gz) = 224f2d8acf4858fd2ed45613c537a61c -SIZE (cyrus-imspd-v1.6a3.tar.gz) = 566374 +MD5 (cyrus-imspd-v1.6a5.tar.gz) = 92c4bd77f32a17ffd6ce16a872a679bc +SIZE (cyrus-imspd-v1.6a5.tar.gz) = 607857 diff --git a/databases/cyrus-imspd/files/patch-imsp::abook.c b/databases/cyrus-imspd/files/patch-imsp::abook.c deleted file mode 100644 index ca6cae45d264..000000000000 --- a/databases/cyrus-imspd/files/patch-imsp::abook.c +++ /dev/null @@ -1,129 +0,0 @@ ---- imsp/abook.c.orig Mon Dec 15 15:52:51 2003 -+++ imsp/abook.c Mon Dec 15 15:58:41 2003 -@@ -68,8 +68,9 @@ - /* generate the database name for an address book - * returns -1 for invalid name, otherwise returns length of owner name - */ --static int abook_dbname(dbname, name) -+static int abook_dbname(dbname, name, dbnamelen) - char *dbname, *name; -+ size_t dbnamelen; - { - char *split; - int len = strlen(name), ownerlen; -@@ -86,7 +87,9 @@ - ownerlen = split - name; - } - -- sprintf(dbname, abookdb, ownerlen, name, name); -+ if (snprintf(dbname, dbnamelen, abookdb, ownerlen, name, -+ name) >= dbnamelen) -+ return (-1); - - return (ownerlen); - } -@@ -104,7 +107,7 @@ - long mask = 0; - - /* look up the database */ -- len = abook_dbname(dbname, name); -+ len = abook_dbname(dbname, name, sizeof(dbname)); - if (len < 0) return (0); - - /* get the ACL */ -@@ -161,7 +164,7 @@ - while (dot >= cname && *dot != '.') --dot; - if (dot >= cname) *dot = '\0'; - sdb_get(abooks, cname, SDB_ICASE, pacl); -- abook_dbname(dbname, cname); -+ abook_dbname(dbname, cname, sizeof(dbname)); - exists = sdb_check(dbname); - if (exists == 0) mask = abook_rights(id, cname, *pacl); - if (dot >= cname) --dot; -@@ -212,7 +215,7 @@ - state->kv = NULL; - *count = 0; - *freedata = 0; -- if (abook_dbname(dbname, name) < 0) return (NULL); -+ if (abook_dbname(dbname, name, sizeof(dbname)) < 0) return (NULL); - - #ifdef HAVE_LDAP - if (abook_usesldap(id, name)) { -@@ -348,7 +351,7 @@ - } - #endif - -- if (abook_dbname(dbname, name) < 0) return (AB_FAIL); -+ if (abook_dbname(dbname, name, sizeof(dbname)) < 0) return (AB_FAIL); - - /* start match */ - if (!fcount) { -@@ -481,7 +484,8 @@ - int ownerlen, result = 0; - - /* find abook, and make sure it doesn't exist */ -- if ((ownerlen = abook_dbname(dbname, name)) < 0) return (AB_FAIL); -+ if ((ownerlen = abook_dbname(dbname, name, sizeof(dbname))) < 0) -+ return (AB_FAIL); - if (sdb_check(dbname) == 0) return (AB_EXIST); - - #if 0 -@@ -562,7 +566,7 @@ - char *sep, *value; - - /* find abook, and make sure it exists */ -- if ((ownerlen = abook_dbname(dbname, name)) < 0) { -+ if ((ownerlen = abook_dbname(dbname, name, sizeof(dbname))) < 0) { - return (AB_FAIL); - } - if (ownerlen == strlen(name) && auth_level(id) != AUTH_ADMIN) { -@@ -630,8 +634,8 @@ - - /* make sure names are valid */ - if (!strcasecmp(name, newname) || -- (osrclen = abook_dbname(dbsrc, name)) < 0 || -- (odstlen = abook_dbname(dbdst, newname)) < 0) { -+ (osrclen = abook_dbname(dbsrc, name, sizeof(dbsrc))) < 0 || -+ (odstlen = abook_dbname(dbdst, newname, sizeof(dbdst))) < 0) { - return (AB_FAIL); - } - if (sdb_check(dbsrc) < 0) return (AB_NOEXIST); -@@ -734,7 +738,8 @@ - int i, result, ownerlen, maxfieldlen, len; - long delta; - -- if ((ownerlen = abook_dbname(dbname, name)) < 0) return (AB_FAIL); -+ if ((ownerlen = abook_dbname(dbname, name, sizeof(dbname))) < 0) -+ return (AB_FAIL); - sprintf(uname, "%.*s", ownerlen, name); - - /* check for invalid characters in alias or field */ -@@ -844,7 +849,8 @@ - return (AB_PERM); - } - -- if ((ownerlen = abook_dbname(dbname, name)) < 0) return (AB_FAIL); -+ if ((ownerlen = abook_dbname(dbname, name, sizeof(dbname))) < 0) -+ return (AB_FAIL); - - /* check for invalid characters in alias */ - for (scan = alias; *scan && *scan != '*' && *scan != '%'; ++scan); -@@ -910,7 +916,8 @@ - } - - /* make sure db exists */ -- if ((ownerlen = abook_dbname(dbname, name)) < 0) return (AB_FAIL); -+ if ((ownerlen = abook_dbname(dbname, name, sizeof(dbname))) < 0) -+ return (AB_FAIL); - if (sdb_check(dbname) < 0) return (AB_NOEXIST); - - /* lock acl db */ -@@ -977,7 +984,7 @@ - char *acl; - - /* look up the database */ -- if (abook_dbname(dbname, name) < 0) return (NULL); -+ if (abook_dbname(dbname, name, sizeof(dbname)) < 0) return (NULL); - - /* make sure db exists */ - if (sdb_check(dbname) < 0) return (NULL); |