Module Name: src
Committed By: christos
Date: Fri Feb 11 23:44:44 UTC 2011
Modified Files:
src/crypto/external/bsd/libsaslc/dist: index.html soc.html style.css
src/crypto/external/bsd/libsaslc/dist/doc: library.txt
src/crypto/external/bsd/libsaslc/dist/include: saslc.h
src/crypto/external/bsd/libsaslc/dist/man: libsaslc.3
src/crypto/external/bsd/libsaslc/dist/src: Makefile Makefile.bsd
crypto.c crypto.h dict.c dict.h error.c error.h mech.c mech.h
mech_anonymous.c mech_crammd5.c mech_digestmd5.c mech_external.c
mech_gssapi.c mech_login.c mech_plain.c parser.c parser.h saslc.c
saslc_private.h xsess.c
src/crypto/external/bsd/libsaslc/dist/test: Makefile example_client.c
t_crypto.c t_dict.c t_error.c t_parser.c t_saslc.c t_session.c
src/crypto/external/bsd/libsaslc/dist/test/parser_tests/test2:
saslc.conf
src/crypto/external/bsd/libsaslc/lib: Makefile
Added Files:
src/crypto/external/bsd/libsaslc/dist/ref: index.txt rfc4422.txt
rfc4505.txt rfc4616.txt rfc4752.txt
src/crypto/external/bsd/libsaslc/dist/src: buffer.c buffer.h list.c
list.h msg.c msg.h
src/crypto/external/bsd/libsaslc/dist/test/hash_tests: Makefile
test_hash.c
src/crypto/external/bsd/libsaslc/dist/test/parser_tests/test4:
saslc.conf
Log Message:
Changes from Anon Ymous:
Make this library work.
- several API changes (see the manpage)
- take care to match the spec (hopefully)
- deal with comma delimited lists more systematically
- addition of the DIGEST-MD5 security layer
- syslog messages including debugging messages
- many coding simplifications, changes, rewrites, and additions (i.e.,
stuff I can't recall at the moment)
- rewrite the manpage
The API changes have been heavily influenced by hooking this up to
postfix(1).
The ANONYMOUS, LOGIN, PLAIN, CRAM-MD5, DIGEST-MD5, and GSSAPI
authentication mechanisms have been tested and shown to work for
authentication with a postfix(1) server using the cyrus-sasl library.
(A postfix(1) libsaslc(3) client wrapper was used for the testing and
will be committed separately.)
The EXTERNAL authentication mechanism should work (it is pretty
simple), but it has not been tested with any servers.
The security layers of DIGEST-MD5 and GSSAPI have also not been tested
with any servers. Do any SMTP servers really support these security
layers? Postfix with cyrus-sasl does not, either as a client or
server, even though the cyrus-sasl library has support for the layers.
The new DIGEST-MD5 security layer encode/decode routines have been
tested against themselves (not terribly useful), but nothing else. As
they use the openssl EVP_* routines (which aren't well documented) to
do the cryptography, the "auth-conf" layer may or may not actually
match the rfc2831 standard. The "auth-int" layer is much more likely
to be in compliance.
Note: I have left support for a version of AES in the DIGEST-MD5 code
even though it is not part of rfc2831 (May 2000). This flavor of AES
was in a later draft (June 2003) that was included in the cyrus-sasl
distribution, but changed to a different flavor of AES in subsequent
drafts (and DES disappeared). AFAIKT, none of those drafts have been
accepted; the last I could find expired in Sept 2007. rfc2831 is
still listed as standards track. The AES support is very minor (some
table entries and a few lines of code to construct the IV) and I was
asked to leave it for now.
Hopefully there are not too many bugs, memory leaks, or
spelling/grammar errors. My apologies in advance.
BTW, if you would prefer to use cyrus-sasl, install it (e.g., from
pkgsrc), and then rebuild postfix with HAVE_CYRUS_SASL defined.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/libsaslc/dist/index.html \
src/crypto/external/bsd/libsaslc/dist/soc.html \
src/crypto/external/bsd/libsaslc/dist/style.css
cvs rdiff -u -r1.2 -r1.3 \
src/crypto/external/bsd/libsaslc/dist/doc/library.txt
cvs rdiff -u -r1.2 -r1.3 \
src/crypto/external/bsd/libsaslc/dist/include/saslc.h
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/libsaslc/dist/man/libsaslc.3
cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/libsaslc/dist/ref/index.txt \
src/crypto/external/bsd/libsaslc/dist/ref/rfc4422.txt \
src/crypto/external/bsd/libsaslc/dist/ref/rfc4505.txt \
src/crypto/external/bsd/libsaslc/dist/ref/rfc4616.txt \
src/crypto/external/bsd/libsaslc/dist/ref/rfc4752.txt
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/libsaslc/dist/src/Makefile \
src/crypto/external/bsd/libsaslc/dist/src/Makefile.bsd \
src/crypto/external/bsd/libsaslc/dist/src/crypto.c \
src/crypto/external/bsd/libsaslc/dist/src/crypto.h \
src/crypto/external/bsd/libsaslc/dist/src/dict.c \
src/crypto/external/bsd/libsaslc/dist/src/dict.h \
src/crypto/external/bsd/libsaslc/dist/src/error.c \
src/crypto/external/bsd/libsaslc/dist/src/error.h \
src/crypto/external/bsd/libsaslc/dist/src/mech.c \
src/crypto/external/bsd/libsaslc/dist/src/mech.h \
src/crypto/external/bsd/libsaslc/dist/src/mech_anonymous.c \
src/crypto/external/bsd/libsaslc/dist/src/mech_crammd5.c \
src/crypto/external/bsd/libsaslc/dist/src/mech_external.c \
src/crypto/external/bsd/libsaslc/dist/src/mech_gssapi.c \
src/crypto/external/bsd/libsaslc/dist/src/mech_login.c \
src/crypto/external/bsd/libsaslc/dist/src/mech_plain.c \
src/crypto/external/bsd/libsaslc/dist/src/parser.c \
src/crypto/external/bsd/libsaslc/dist/src/parser.h \
src/crypto/external/bsd/libsaslc/dist/src/saslc.c \
src/crypto/external/bsd/libsaslc/dist/src/saslc_private.h \
src/crypto/external/bsd/libsaslc/dist/src/xsess.c
cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/libsaslc/dist/src/buffer.c \
src/crypto/external/bsd/libsaslc/dist/src/buffer.h \
src/crypto/external/bsd/libsaslc/dist/src/list.c \
src/crypto/external/bsd/libsaslc/dist/src/list.h \
src/crypto/external/bsd/libsaslc/dist/src/msg.c \
src/crypto/external/bsd/libsaslc/dist/src/msg.h
cvs rdiff -u -r1.3 -r1.4 \
src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/libsaslc/dist/test/Makefile \
src/crypto/external/bsd/libsaslc/dist/test/example_client.c \
src/crypto/external/bsd/libsaslc/dist/test/t_crypto.c \
src/crypto/external/bsd/libsaslc/dist/test/t_dict.c \
src/crypto/external/bsd/libsaslc/dist/test/t_error.c \
src/crypto/external/bsd/libsaslc/dist/test/t_parser.c \
src/crypto/external/bsd/libsaslc/dist/test/t_saslc.c \
src/crypto/external/bsd/libsaslc/dist/test/t_session.c
cvs rdiff -u -r0 -r1.1 \
src/crypto/external/bsd/libsaslc/dist/test/hash_tests/Makefile \
src/crypto/external/bsd/libsaslc/dist/test/hash_tests/test_hash.c
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/crypto/external/bsd/libsaslc/dist/test/parser_tests/test2/saslc.conf
cvs rdiff -u -r0 -r1.1 \
src/crypto/external/bsd/libsaslc/dist/test/parser_tests/test4/saslc.conf
cvs rdiff -u -r1.1.1.1 -r1.2 src/crypto/external/bsd/libsaslc/lib/Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
