Subject: pkg/26184: security/cyrus-sasl2 should be patched (again)
To: None <>
From: None <>
List: pkgsrc-bugs
Date: 07/07/2004 14:35:58
>Number:         26184
>Category:       pkg
>Synopsis:       security/cyrus-sasl2 should be patched (again)
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Jul 07 13:46:01 UTC 2004
>Originator:     Jukka Salmi
>Release:        NetBSD 1.6.2_STABLE
System: NetBSD 1.6.2_STABLE NetBSD 1.6.2_STABLE (GENERIC) #0: Fri May 28 14:57:42 CEST 2004 i386
Architecture: i386
Machine: i386
In pkg/26165 I informed about a bug in security/cyrus-sasl2 which prevents
a GSSAPI authenticated user from uploading sieve scripts larger than 4000
bytes; the workaround I mentioned was added as patches/patch-ap.
In the meantime that bug was fixed The Right Way (for details see comments
in CVS commits for plugins/gssapi.c[1]), so pkgsrc should use that fix

see pkg/26165
Two possible approaches:

1) Patch plugins/gssapi.c to rev. 1.90[2]; that revision includes the fix
   but also contains changes to support passing of GSSAPI credentials (wich
   will be in SASL 2.1.19). To compile successfully we'd also need to
   patch include/saslplug.h to rev. 1.38[3] and delete patches/patch-ap.

2) Use a "backported" version of plugins/gssapi.c which includes the fix
   but not the GSSAPI credential passing changes (patching include/saslplug.h
   would not be needed then). This could be achieved by continuing to use
   patches/patch-ap and adding a patch containing the diff[4] between
   revisions 1.86 and 1.90 and some minor manual changes to make it apply
   cleanly. I'll send such a patch in a minute.