debian/0000775000000000000000000000000012235227313007170 5ustar debian/source/0000775000000000000000000000000012224357633010477 5ustar debian/source/format0000664000000000000000000000001412224357633011705 0ustar 3.0 (quilt) debian/sasl2-bin.saslauthd.init0000664000000000000000000002445012224357633013652 0ustar #! /bin/sh ### BEGIN INIT INFO # Provides: saslauthd # Required-Start: $local_fs $remote_fs # Required-Stop: $local_fs $remote_fs # Default-Start: 2 3 4 5 # Default-Stop: 1 # Short-Description: saslauthd startup script # Description: This script starts the saslauthd daemon. It is # configured using the file /etc/default/saslauthd. ### END INIT INFO # Author: Fabian Fagerholm # Do NOT "set -e" # PATH should only include /usr/* if it runs after the mountnfs.sh script PATH=/sbin:/usr/sbin:/bin:/usr/bin # Global variables DAEMON=/usr/sbin/saslauthd DEFAULT_FILES=`find /etc/default -regex '/etc/default/saslauthd[_a-zA-Z0-9\-]*$' -print | sort` # Exit if the package is not installed [ -x "$DAEMON" ] || exit 0 # Load the VERBOSE setting and other rcS variables . /lib/init/vars.sh # Define LSB log_* functions. # Depend on lsb-base (>= 3.0-6) to ensure that this file is present. . /lib/lsb/init-functions # Function that starts all saslauthd instances # Parameters: none # Return value: none do_startall() { for instance in $DEFAULT_FILES do start_instance $instance done } # Function that stops all saslauthd instances # Parameters: none # Return value: none do_stopall() { for instance in $DEFAULT_FILES do stop_instance $instance done } # Function that sends a SIGHUP to all saslauthd instances # Parameters: none # Return value: none do_reloadall() { for instance in $DEFAULT_FILES do reload_instance $instance done } # Function that sends a SIG0 to all saslauthd instances # Parameters: none # Return value: none do_checkall() { for instance in $DEFAULT_FILES do check_instance $instance done } # Function that starts a single saslauthd instance # Parameters: # $1 = path of default file for this instance # Return value: # 0 on success (does not mean the instance started) # 1 on failure start_instance() { # Load defaults file for this instance. . $1 # If the daemon is not enabled, give the user a warning and stop. if [ "$START" != "yes" ]; then log_warning_msg "To enable $NAME, edit $1 and set START=yes" return 0 fi # If the short name of this instance is undefined, warn the user # but choose a default name. if [ -z "$NAME" ]; then log_warning_msg "Short name (NAME) undefined in $1, using default" NAME=default fi log_daemon_msg "Starting $DESC" "$NAME" # Set OPTIONS to a default value, as noted in the defaults file if [ -z "$OPTIONS" ]; then log_warning_msg "Options (OPTIONS) undefined in $1, using default (-c -m /var/run/saslauthd)" OPTIONS="-c -m /var/run/saslauthd" fi # Determine run directory and pid file location by looking # for an -m option. RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'` if [ -z "$RUN_DIR" ]; then # No run directory defined in defaults file, fail. log_failure_msg "No run directory defined for $NAME (did you forget to set OPTIONS=\"-c -m /var/run/saslauthd\" in the defaults file?), not starting" return 1 fi PIDFILE=$RUN_DIR/saslauthd.pid # If no mechanisms are defined, fail. if [ -z "$MECHANISMS" ]; then log_failure_msg "No mechanisms defined in $1, not starting $NAME" return 1 fi # If there are mechanism options defined, prepare them for use with # the -O flag. if [ -n "$MECH_OPTIONS" ]; then MECH_OPTIONS="-O $MECH_OPTIONS" fi # If there is a threads option defined, prepare it for use with # the -n flag. if [ -n "$THREADS" ]; then THREAD_OPTIONS="-n $THREADS" fi # Construct argument string. DAEMON_ARGS="-a $MECHANISMS $MECH_OPTIONS $OPTIONS $THREAD_OPTIONS" # If there is a statoverride for the run directory, then pull # permission and ownership information from it and create the directory. # Otherwise, we create the directory with default permissions and # ownership (root:sasl, 710). if dpkg-statoverride --list $RUN_DIR > /dev/null; then createdir `dpkg-statoverride --list $RUN_DIR` else createdir root sasl 710 $RUN_DIR fi # Start the daemon, phase 1: see if it is already running. start-stop-daemon --start --quiet --pidfile $PIDFILE --name $NAME \ --exec $DAEMON --test > /dev/null if [ "$?" != "0" ]; then log_progress_msg "(already running)" log_end_msg 0 return 0 fi # Start the daemon, phase 2: it was not running, so actually start it now. start-stop-daemon --start --quiet --pidfile $PIDFILE --name $NAME \ --exec $DAEMON -- $DAEMON_ARGS if [ "$?" -ne "0" ]; then log_end_msg 1 return 1 fi # Started successfully. log_end_msg 0 return 0 } # Function that stops a single saslauthd instance # Parameters: # $1 = path of default file for this instance # Return value: # 0 on success (daemon was stopped) # 1 if the daemon was already stopped # 2 if the daemon could not be stopped stop_instance() { # Load defaults file for this instance. . $1 # If the short name of this instance is undefined, warn the user # but choose a default name. if [ -z "$NAME" ]; then log_warning_msg "Short name (NAME) undefined in $1, using default" NAME=default fi # Set OPTIONS to a default value, as noted in the defaults file if [ -z "$OPTIONS" ]; then log_warning_msg "Options (OPTIONS) undefined in $1, using default (-c -m /var/run/saslauthd)" OPTIONS="-c -m /var/run/saslauthd" fi # Determine run directory and pid file location by looking # for an -m option. RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'` if [ -z "$RUN_DIR" ]; then # No run directory defined in defaults file, fail. log_failure_msg "No run directory defined for $NAME (did you forget to set OPTIONS=\"-c -m /var/run/saslauthd\" in the defaults file?), not starting" return 2 fi PIDFILE=$RUN_DIR/saslauthd.pid log_daemon_msg "Stopping $DESC" "$NAME" start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 \ --pidfile $PIDFILE --exec $DAEMON if [ "$?" -eq "2" ]; then # Failed to stop. log_end_msg 1 return 2 fi if [ "$?" -eq "1" ]; then # Already stopped. log_progress_msg "(not running)" fi # Many daemons don't delete their pidfiles when they exit. rm -f $PIDFILE # Stopped successfully. log_end_msg 0 return $RETVAL } # Function that sends a SIGHUP to a single saslauthd instance # Parameters: # $1 = path of default file for this instance # Return value: # 0 on success (does not mean the daemon was reloaded) # other values on failure reload_instance() { # Load defaults file for this instance. . $1 # If the short name of this instance is undefined, warn the user # but choose a default name. if [ -z "$NAME" ]; then log_warning_msg "Short name (NAME) undefined in $1, using default" NAME=default fi # Set OPTIONS to a default value, as noted in the defaults file if [ -z "$OPTIONS" ]; then log_warning_msg "Options (OPTIONS) undefined in $1, using default (-c -m /var/run/saslauthd)" OPTIONS="-c -m /var/run/saslauthd" fi # Determine run directory and pid file location by looking # for an -m option. RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'` if [ -z "$RUN_DIR" ]; then # No run directory defined in defaults file, fail. log_failure_msg "No run directory defined for $NAME (did you forget to set OPTIONS=\"-c -m /var/run/saslauthd\" in the defaults file?), not starting" return 2 fi PIDFILE=$RUN_DIR/saslauthd.pid log_daemon_msg "Reloading $DESC" "$NAME" # Reload the daemon. First, see if it is already running. start-stop-daemon --start --quiet --pidfile $PIDFILE \ --exec $DAEMON --test > /dev/null if [ "$?" -eq "0" ]; then # Not running, signal this and stop. log_progress_msg "(not running)" log_end_msg 0 return 0 fi start-stop-daemon --stop --signal 1 \ --pidfile $PIDFILE --exec $DAEMON log_end_msg $? } # Function that sends a SIG0 to a single saslauthd instance # Parameters: # $1 = path of default file for this instance # Return value: # 0 on success (does not mean the daemon was reloaded) # other values on failure check_instance() { # Load defaults file for this instance. . $1 # If the short name of this instance is undefined, warn the user # but choose a default name. if [ -z "$NAME" ]; then log_warning_msg "Short name (NAME) undefined in $1, using default" NAME=default fi # Determine run directory and pid file location by looking # for an -m option. RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'` if [ -z "$RUN_DIR" ]; then # No run directory defined in defaults file, fail. log_failure_msg "No run directory defined for $NAME, cannot check" return 2 fi PIDFILE=$RUN_DIR/saslauthd.pid log_daemon_msg "Checking $DESC" "$NAME" # Reload the daemon. First, see if it is already running. start-stop-daemon --start --quiet --pidfile $PIDFILE \ --exec $DAEMON --test > /dev/null if [ "$?" -eq "0" ]; then # Not running, signal this and stop. log_progress_msg "(not running)" log_end_msg 3 return 3 fi log_progress_msg "(running)" log_end_msg $? return 0 } # Function that creates a directory with the specified # ownership and permissions # Parameters: # $1 = user # $2 = group # $3 = permissions (octal) # $4 = path to directory # Return value: none createdir() { # In the future, use -P/-Z to have SE Linux enhancement install -d --group="$2" --mode="$3" --owner="$1" "$4" [ -x /sbin/restorecon ] && /sbin/restorecon "$4" } # Action switch case "$1" in start) do_startall ;; stop) do_stopall ;; reload|force-reload) do_reloadall ;; restart) do_stopall do_startall ;; status) do_checkall exit $? ;; start-instance) if [ -f /etc/default/$2 ]; then start_instance /etc/default/$2 else log_failure_msg "Instance $2 does not exist." fi ;; stop-instance) if [ -f /etc/default/$2 ]; then stop_instance /etc/default/$2 else log_failure_msg "Instance $2 does not exist." fi ;; reload-instance|force-reload-instance) if [ -f /etc/default/$2 ]; then reload_instance /etc/default/$2 else log_failure_msg "Instance $2 does not exist." fi ;; restart-instance) if [ -f /etc/default/$2 ]; then stop_instance /etc/default/$2 start_instance /etc/default/$2 else log_failure_msg "Instance $2 does not exist." fi ;; *) SCRIPTNAME=$0 echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 echo " or {start-instance|stop-instance|restart-instance|" >&2 echo " reload-instance|force-reload-instance} " \ "" >&2 exit 3 ;; esac : debian/copyright0000664000000000000000000000602512224357633011135 0ustar Format: http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?op=file&rev=173 Upstream-Name: Cyrus SASL Source: ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/ Files: * Copyright: 1998-2003, Carnegie Mellon University License: BSD-4-clause /* * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The name "Carnegie Mellon University" must not be used to * endorse or promote products derived from this software without * prior written permission. For permission or any other legal * details, please contact * Office of Technology Transfer * Carnegie Mellon University * 5000 Forbes Avenue * Pittsburgh, PA 15213-3890 * (412) 268-4387, fax: (412) 268-7395 * tech-transfer@andrew.cmu.edu * * 4. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by Computing Services * at Carnegie Mellon University (http://www.cmu.edu/computing/)." * * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ Files: debian/* Copyright: 2002-2004, Dima Barsky 2006-2009, Fabian Fagerholm 2006-2011, Roberto C. Sanchez License: GPL-2+ or BSD-2-clause On Debian systems, the complete text of the GNU General Public License, version 2, can be found in /usr/share/common-licenses/GPL-2. Files: debian/saslfinger/* Copyright: 2004, Patrick Koetter License: GPL-3+ On Debian systems, the complete text of the GNU General Public License, version 3, can be found in /usr/share/common-licenses/GPL-3. Comment: The saslfinger utility was downloaded from http://postfix.state-of-mind.de/patrick.koetter/saslfinger/ Files: debian/gen-auth/* Copyright: 2002-2006, John Jetmore License: GPL-3+ On Debian systems, the complete text of the GNU General Public License, version 2, can be found in /usr/share/common-licenses/GPL-2. Comment: The gen-auth utility was downloaded from http://jetmore.org/john/code/gen-auth debian/libsasl2-modules-gssapi-mit.lintian-overrides0000664000000000000000000000010312224357633020005 0ustar libsasl2-modules-gssapi-mit: possible-gpl-code-linked-with-openssl debian/sasl2-bin.docs0000664000000000000000000000002012224357633011633 0ustar doc/testing.txt debian/sasl-sample-client.sgml0000664000000000000000000001651012224357633013563 0ustar manpage.1'. You may view the manual page with: `docbook-to-man manpage.sgml | nroff -man | less'. The docbook-to-man binary is found in the docbook-to-man package. --> Fabian"> Fagerholm"> Jul 10, 2007"> 8"> fabbe@debian.org"> SASL-SAMPLE-CLIENT"> Debian"> GNU"> ]>
&dhemail;
&dhfirstname; &dhsurname; 2007 &dhusername; &dhdate; &dhucpackage; &dhsection; &dhpackage; Sample client program for demonstrating and testing SASL authentication. &dhpackage; -b min=N,max=N -e ssf=N,id=ID -m MECH -f FLAGS -i local=IP,remote=IP -p PATH -s NAME -n FQDN -u ID -a ID DESCRIPTION This manual page documents briefly the &dhpackage; command. This manual page was written for the &debian; distribution because the original program does not have a manual page. &dhpackage; is a program to demonstrate and test SASL authentication. It implements the client part, and the server part is available as sasl-sample-server. OPTIONS A summary of options is included below. Number of bits to use for encryption. min=N minimum number of bits to use (1 => integrity) max=N maximum number of bits to use Assume external encryption. ssf=N external mech provides N bits of encryption id=ID external mech provides authentication id ID Force use of MECH for security. Set security flags. noplain require security vs. passive attacks noactive require security vs. active attacks nodict require security vs. passive dictionary attacks forwardsec require forward secrecy maximum require all security flags passcred attempt to pass client credentials Set IP addresses (required by some mechs). local=IP;PORT set local address to IP, port PORT remote=IP;PORT set remote address to IP, port PORT Colon-separated search path for mechanisms. Realm to use. Service name passed to mechanisms. Server fully-qualified domain name. User (authorization) id to request. Id to authenticate as. Disable client-send-first. Enable server-send-last. SEE ALSO For additional information, please see /usr/share/doc/sasl2-bin/testing.txt AUTHOR This manual page was written by &dhusername; &dhemail; for the &debian; system (but may be used by others). Permission is granted to redistribute it and/or modify it under the terms of the &gnu; General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. debian/sample/0000775000000000000000000000000012224357633010460 5ustar debian/sample/Makefile0000664000000000000000000000057512224357633012127 0ustar #!/usr/bin/make -f INCDIR1=$(T)/../include INCDIR2=$(T)/include LIBDIR=$(T)/lib/.libs all: sample-server sample-client sample-server: sample-server.c gcc -g -o sample-server sample-server.c -I. -I$(T) -I$(INCDIR1) -I$(INCDIR2) -L$(LIBDIR) -lsasl2 sample-client: sample-client.c gcc -g -o sample-client sample-client.c -I. -I$(T) -I$(INCDIR1) -I$(INCDIR2) -L$(LIBDIR) -lsasl2 debian/libsasl2-modules-ldap.install0000664000000000000000000000003612224357633014665 0ustar usr/lib/*/sasl2/libldapdb.so* debian/doc/0000775000000000000000000000000012224357633007744 5ustar debian/doc/ldapdb.5.xml0000664000000000000000000001536612224357633012072 0ustar ldapdb 5 ldapdb auxiliary property plugin Cyrus SASL auxprop plugin to access LDAP authentication backends. Description This document describes configuration options for the Cyrus SASL auxiliary property plugin . This plugin reads all user data from an OpenLDAP server. It requires configuration of the plugin and of the LDAP server. The plugin must name a proxy user. The proxy user must (also) SASL authenticate at the LDAP server. The LDAP server must authorize the proxy user to access the authenticating users userPassword. Options The following configuration parameters are applicable in the context of the plugin: (default: empty) Specifies a whitespace-separated list of LDAP servers (authentication backends). Use ..., ... or ... to specify how the servers should be contacted. (default: empty) Specifies the proxy user name (authentication id) who logs into the LDAP server in order to retrieve the authenticating users userPassword. (default: empty) Sets the SASL mechanism the plugin (client) should use when it SASL connects to the LDAP server. (default: empty) Specifies the password used by ldapdb_id. The password must be written in cleartext. (default: empty) Specifies a path to a file that contains configuration options to override system-wide defaults when running ldap clients (see also: ldap.conf 5 ). The main purpose behind this option is to drop transmission of ldapdb_pw in favor of a client TLS certificate specified in ldapdb_rc, so that SASL/EXTERNAL may be used between the ldapdb plugin and the LDAP server. This is the most optimal way to use the ldapdb plugin when the servers are on separate machines - the connection is encrypted and password transmission is not necessary because the client is identified by its TLS client certificate. (default: empty) Enable encrypted communication using StartTLS. Valid options are: StartTLS encrypted communication is attempted. If it fails the client communicates unencrypted. StartTLS encrypted communication is required. If it fails the client aborts the connection. Example The following example shows a typical configuration. pwcheck_method: auxprop auxprop_plugin: ldapdb mech_list: PLAIN LOGIN NTLM CRAM-MD5 DIGEST-MD5 ldapdb_uri: ldap://localhost ldaps://ldap.example.com ldapdb_id: proxyuser ldapdb_pw: proxypass ldapdb_mech: DIGEST-MD5 See also authdaemond 5 , ldapdb 5 , libsasl 5 , saslauthd 8 , saslauthd.conf 5 , saslpasswd2 5 , sasldblistusers2 5 , sasldb 5 , sql 5 Readme files README.Debian Author This manual was written for the Debian distribution because the original program does not have a manual page. Parts of the documentation have been taken from the Cyrus SASL's options.html.
Patrick Ben Koetter p@state-of-mind.de
 debian/doc/saslauthd.conf.50000664000000000000000000002236512224357633012756 0ustar .\" Title: saslauthd.conf .\" Author: .\" Generator: DocBook XSL Stylesheets v1.73.2 .\" Date: 12/14/2008 .\" Manual: .\" Source: .\" .TH "SASLAUTHD\&.CONF" "5" "12/14/2008" "" "" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .SH "NAME" saslauthd.conf \- saslauthd LDAP configuration file .SH "SYNOPSIS" .HP 10 \fBsaslauthd\fR [\-a\ ldap] .HP 10 \fBsaslauthd\fR [\-a\ ldap] [\-O\ \fI/etc/saslauthd\&.conf\fR] .SH "DESCRIPTION" .PP This document describes LDAP configuration options for the Cyrus SASL password verification service \fBsaslauthd\fR\&. .PP By default \fBsaslauthd\fR searches for LDAP configuration options in \fI/usr/local/etc/saslauthd\&.conf\fR\&. This location can be overridden if the additional command line option \fB\-O\fR specifies an alternative path to the configuration file\&. .SH "SYNTAX" .PP Do not use quotes (\e"\e\') in the parameter values\&. .SH "OPTIONS" .PP The following are available LDAP parameters\&. The defaults are probably adequate for most installations\&. Only \fI\fIldap_servers\fR\fR may need to be specified\&. .PP \fIldap_auth_method\fR (default: \fBbind\fR|\fBfastbind\fR) .RS 4 The bind method uses the LDAP bind facility to verify the password\&. The bind method is not available when \fIldap_use_sasl\fR is turned on\&. In that case saslauthd will use fastbind\&. .PP \fBbind\fR .RS 4 \fBbind\fR is the default auth method\&. When ldap_use_sasl is enabled, \'fastbind\' is the default\&. .RE .PP \fBcustom\fR .RS 4 The \fBcustom\fR method uses \fIuserPassword\fR attribute to verify the password\&. Supported hashes: crypt, md5, smd5, sha and ssha\&. Cleartext is supported as well\&. .RE .PP \fBfastbind\fR .RS 4 The \fBfastbind\fR method \- when \fIldap_use_sasl\fR is \fBno\fR \- does away with the search and an extra anonymous bind in auth_bind, but makes two assumptions: .sp .RS 4 \h'-04' 1.\h'+02'Expanding the ldap_filter expression gives the user\'s fully\-qualified DN .RE .sp .RS 4 \h'-04' 2.\h'+02'There is no cost to staying bound as a named user .RE .RE .RE .PP \fIldap_bind_dn\fR (default: empty) .RS 4 Specify DN (distinguished name) to bind to the LDAP directory\&. Do not specify this parameter for the anonymous bind\&. .RE .PP \fIldap_bind_pw\fR (default: empty) .RS 4 An alias for \fIldap_password\fR\&. .RE .PP \fIldap_default_domain\fR (default: empty) .RS 4 An alias for \fIldap_default_realm\fR\&. .RE .PP \fIldap_default_realm\fR (default: empty) .RS 4 The default realm is assigned to the \fB%r\fR token when realm is not available\&. See \fIldap_filter\fR for more\&. .RE .PP \fIldap_deref\fR (default: empty) .RS 4 Specify how aliases dereferencing is handled during search\&. Should be one of \fBnever\fR, \fBalways\fR, \fBsearch\fR, or \fBfind\fR to specify that aliases are never dereferenced, always dereferenced, dereferenced when searching, or dereferenced only when locating the base object for the search\&. .RE .PP \fIldap_filter\fR (default: \fBuid=%u\fR) .RS 4 Specify a filter\&. The following tokens can be used in the filter string: .PP \fB%%\fR .RS 4 This is replaced by a literal \(cq%\(cq character\&. .RE .PP \fB%u\fR .RS 4 \fB%u\fR is replaced by the complete user string\&. .RE .PP \fB%U\fR .RS 4 If the string is an address (\fB%u\fR), \fB%U\fR will be replaced by the local part of that address\&. .RE .PP \fB%d\fR .RS 4 If the string is an address (\fB%u\fR), \fB%d\fR will be replaced by the domain part of that address\&. Otherwise it will be the same as \fB%r\fR\&. .RE .PP \fB%1\-9\fR .RS 4 If the input key is user@mail\&.example\&.com, then \fB%1\fR is com, \fB%2\fR is example and \fB%3\fR is mail\&. .RE .PP \fB%s\fR .RS 4 \fB%s\fR is replaced by the complete service string\&. .RE .PP \fB%r\fR .RS 4 \fB%r\fR is replaced by the complete realm string\&. .RE .PP \fB%D\fR .RS 4 \fB%D\fR is replaced by the complete user DN (available for group checks) .RE .sp The \fB%u\fR token has to be used at minimum for the filter to be useful\&. If \fIldap_auth_method\fR is \fBbind\fR, the filter will search for the DN (distinguished name) attribute\&. Otherwise, the search will look for the \fIldap_password_attr\fR attribute\&. .RE .PP \fIldap_group_attr\fR (default: \fBuniqueMember\fR) .RS 4 Specify what attribute to compare the user DN against in the group\&. If \fIldap_group_dn\fR is not specified, this parameter is ignored\&. If \fIldap_group_match_method\fR is not \fBattr\fR, this parameter is ignored\&. .RE .PP \fIldap_group_dn\fR (default: empty) .RS 4 If specified, the user has to be part of the group in order to authenticate successfully\&. Tokens described in \fIldap_filter\fR can be used for substitution\&. .RE .PP \fIldap_group_filter\fR (default: empty) .RS 4 Specify a filter\&. If a filter match is found then the user is in the group\&. Tokens described in \fIldap_filter\fR can be used for for substitution\&. If \fIldap_group_dn\fR is not specified, this parameter is ignored\&. If \fIldap_group_match_method\fR is not filter, this parameter is ignored\&. .RE .PP \fIldap_group_match_method\fR (default: \fBattr\fR) .RS 4 If \fBattr\fR is used the group match method uses \fIldap_group_attr\fR and if \fBfilter\fR is used \fIldap_group_search\fR will be used as group match method\&. If \fIldap_group_dn\fR is not specified, this parameter is ignored\&. .RE .PP \fIldap_group_search_base\fR (default: \fIldap_search_base\fR) .RS 4 Specify a starting point for the group search: e\&.g\&. dc=example,dc=com\&. Tokens described in \fIldap_filter\fR can be used for substitution\&. .RE .PP \fIldap_group_scope\fR (default: sub) .RS 4 Group search scope\&. Options are either \fBsub\fR, \fBone\fR or \fBbase\fR\&. .RE .PP \fIldap_password\fR (default: empty) .RS 4 Specify the password for \fIldap_bind_dn\fR or \fIldap_id\fR if \fIldap_use_sasl\fR is turned on\&. Do not specify this parameter for the anonymous bind\&. .RE .PP \fIldap_password_attr\fR (default: \fBuserPassword\fR) .RS 4 Specify what password attribute to use for password verification\&. .RE .PP \fIldap_referrals\fR (default: \fBno\fR) .RS 4 Specify whether or not the client should follow referrals\&. .RE .PP \fIldap_restart\fR (default: \fByes\fR) .RS 4 Specify whether or not LDAP I/O operations are automatically restarted if they abort prematurely\&. .RE .PP \fIldap_id\fR (default: empty) .RS 4 Specify the authentication ID for SASL bind\&. .RE .PP \fIldap_authz_id\fR (default: empty) .RS 4 Specify the proxy authorization ID for SASL bind\&. .RE .PP \fIldap_mech\fR (default: empty) .RS 4 Specify the authentication mechanism for SASL bind\&. .RE .PP \fIldap_realm\fR (default: empty) .RS 4 Specify the realm of authentication ID for SASL bind\&. .RE .PP \fIldap_scope\fR (default: \fBsub\fR) .RS 4 Search scope\&. Options are either \fBsub\fR, \fBone\fR or \fBbase\fR\&. .RE .PP \fIldap_search_base\fR (default: empty) .RS 4 Specify a starting point for the search: e\&.g\&. dc=example,dc=com\&. Tokens described in \fIldap_filter\fR can be used for substitution\&. .RE .PP \fIldap_servers\fR (default: \fBldap://localhost/\fR) .RS 4 Specify one or more URI(s) referring to LDAP server(s), e\&.g\&. ldaps://10\&.1\&.1\&.2:999/\&. Multiple servers must be separated by space\&. .RE .PP \fIldap_start_tls\fR (default: \fBno\fR) .RS 4 Use StartTLS extended operation\&. Do not use ldaps: ldap_servers when this option is turned on\&. .RE .PP \fIldap_time_limit\fR (default: \fB5\fR) .RS 4 Specify a number of seconds for a search request to complete\&. .RE .PP \fIldap_timeout\fR (default: \fB5\fR) .RS 4 Specify a number of seconds a search can take before timing out\&. .RE .PP \fIldap_tls_check_peer\fR (default: \fBno\fR) .RS 4 Require and verify server certificate\&. If this option is \fByes\fR, you must specify \fIldap_tls_cacert_file\fR or \fIldap_tls_cacert_dir\fR\&. .RE .PP \fIldap_tls_cacert_file\fR (default: empty) .RS 4 File containing CA (Certificate Authority) certificate(s)\&. .RE .PP \fIldap_tls_cacert_dir\fR (default: empty) .RS 4 Path to directory with CA (Certificate Authority) certificates\&. .RE .PP \fIldap_tls_ciphers\fR (default: \fBDEFAULT\fR) .RS 4 List of SSL/TLS ciphers to allow\&. The format of the string is described in \fBciphers\fR(1)\&. .RE .PP \fIldap_tls_cert\fR (default: empty) .RS 4 File containing the client certificate\&. .RE .PP \fIldap_tls_key\fR (default: empty) .RS 4 File containing the private client key\&. .RE .PP \fIldap_use_sasl\fR (default: \fBno\fR) .RS 4 Use SASL bind instead of simple bind when connecting to the LDAP server\&. .RE .PP \fIldap_version\fR (default: \fB3\fR) .RS 4 Specify the LDAP protocol version \- either \fB2\fR or \fB3\fR\&. If \fIldap_start_tls\fR and/or \fIldap_use_sasl\fR are enabled, \fIldap_version\fR will be automatically set to \fB3\fR\&. .RE .SH "EXAMPLE" .PP .sp .RS 4 .nf .fi .RE .SH "SEE ALSO" .PP \fBauthdaemond\fR(5), \fBldapdb\fR(5), \fBlibsasl\fR(5), \fBsaslauthd\fR(8), \fBsaslauthd.conf\fR(5), \fBsaslpasswd2\fR(5), \fBsasldblistusers2\fR(5), \fBsasldb\fR(5), \fBsql\fR(5) .SH "README FILES" .PP \fIREADME\&.Debian\fR .SH "AUTHOR(S)" .PP This manual is based on notes in \fILDAP_SASLAUTHD\fR from Igor Brezac\&. .PP .RS 4 .nf Igor Brezac .fi .RE .PP It was edited and revised for the Debian distribution because the original program does not have a manual page\&. .PP .RS 4 .nf Patrick Ben Koetter .fi .RE debian/doc/libsasl.5.xml0000664000000000000000000003745112224357633012274 0ustar libsasl 5 libsasl authentication library Cyrus SASL library handling communication between an application and the Cyrus SASL authentication framework. Description This document describes generic configuration options for the Cyrus SASL authentication library libsasl. The library handles communication between an application and the Cyrus SASL authentication framework. Both exchange information before libsasl can start offering authentication services for the application. The application, among other data, sends the service_name. The service name is the services name as specified by IANA. SMTP servers, for example, send as service_name. This information is handed over by libsasl e.g. when Kerberos or PAM authentication takes place. Configuration options in general are read either from a file or passed by the application using libsasl during library initialization. File-Based configuration When an application (server) starts, it initializes the libsasl library. The application passes app_name (application name) to the SASL library. Its value is used to construct the name of the application specific SASL configuration file. The Cyrus SASL sample-server, for example, sends as app_name. Using this value the SASL library will search the configuration directories for a file named sample.conf and read configuration options from it. Consult the applications manual to determine what app_name it sends to the Cyrus SASL library. Application-Based Configuration Configuration options for libsasl are written down together with application specific options in the applications configuration file. The application reads them and passes them over to libsasl when it loads the library. An example for application-based configuration is the Cyrus IMAP server imapd. SASL configuration is written to imapd.conf and passed to the SASL library when the imapd server starts. Configuration Syntax The general format of Cyrus SASL configuration file is as follows: Configuration options Configuration options are written each on a single physical line. Parameter and value must be separated by a colon and a single whitespace: parameter: value There must be no trailing whitespace after the value or Cyrus SASL will fail to apply the value appropriately! Comments, Emtpy lines and whitespace-only lines Empty lines and whitespace-only lines are ignored, as are lines whose first non-whitespace character is a #. Options There are generic options and options specific to the password verification service or auxiliary property plugin choosen by the administrator. Such specific options are documented in manuals listed in . The following configuration parameters are generic configuration options: authdaemond_path (default: ) Path to Courier MTA authdaemond's unix socket. Only applicable when pwcheck_method is set to . auto_transition: (default: ) Automatically transition users to other mechanisms when they do a successful plaintext authentication and if an auxprop plugin is used. This option does not apply to the ldapdb 5 plugin. It is a read-only plugin. Do not transition users to other mechanisms. Transition users to other mechanisms, but write non-plaintext secrets only. Transition users to other mechanisms. The only mechanisms (as currently implemented) which don't use plaintext secrets are OTP and SRP. auxprop_plugin: (default: empty) A whitespace-separated list of one or more auxiliary plugins used if the pwcheck_method parameter specifies as an option. Plugins will be queried in list order. If no plugin is specified, all available plugins will be queried. Specify to use the Cyrus SASL ldapdb 5 plugin. Specify to use the Cyrus SASL sasldb 5 plugin. Specify to use the Cyrus SASL sql 5 plugin. log_level: (default: ) Specifies a numeric log level. Available log levels are: Don't log anything Log unusual errors Log all authentication failures Log non-fatal warnings More verbose than 3 More verbose than 4 Traces of internal protocols Traces of internal protocols, including passwords Cyrus SASL sends log messages to the application that runs it. The application decides if it forwards such messages to the sysklogd 8 service, to which facility they are sent and which priority is given to the message. mech_list: (default: empty) The optional mech_list parameter specifies a whitespace-separated list of one or more mechanisms allowed for authentication. pwcheck_method: (default: ) A whitespace-separated list of one or more mechanisms. Cyrus SASL provides the following mechanisms: Configures Cyrus SASL to contact the Courier MTA authdaemond 8 password verification service for password verification. TODO Cyrus SASL will use its own plugin infrastructure to verify passwords. The auxprop_plugin parameter controls which plugins will be used. Verify passwords using the Cyrus SASL pwcheck 8 password verification service. The pwcheck daemon is considered deprecated and should not be used anymore. Use the saslauthd password verification service instead. Verify passwords using the Cyrus SASL saslauthd 8 password verification service. saslauthd_path: (default: empty) Path to saslauthd 8 run directory (including the /mux named pipe) See also authdaemond 5 , ldapdb 5 , libsasl 5 , saslauthd 8 , saslauthd.conf 5 , saslpasswd2 5 , sasldblistusers2 5 , sasldb 5 , sql 5 Readme files README.Debian Author This manual was written for the Debian distribution because the original program does not have a manual page. Parts of the documentation have been taken from the Cyrus SASL's options.html.
Patrick Ben Koetter p@state-of-mind.de
 debian/doc/sasldb.5.xml0000664000000000000000000001120012224357633012073 0ustar sasldb 5 sasldb auxiliary property plugin Cyrus SASL auxprop plugin to access the sasldb authentication backend Description This document describes configuration options for the Cyrus SASL auxiliary property plugin . is the default and fallback plugin. It will be used if explicitly configured, but also if other mechanisms have failed to load e.g. because they haven't been configured properly. This plugin reads all user data from a Berkeley database. On Debian systems the default location for this database is /etc/sasldb2. Passwords are stored in plaintext format to enable usage of shared-secret mechanisms. To protect the passwords, access has been restricted to user root and group sasl. An application must be member of the sasl group to conduct SASL authentication. Use the saslpasswd2 8 utility to create and modify users. The sasldblistusers2 8 command prints a list of existing users to STDOUT. Options The following configuration parameters are applicable in the context of the plugin: sasldb_path: (default: /etc/sasldb2) Specifies the path to the database when auxprop_plugin: is used. The default path is system dependant, but usually /etc/sasldb2. Example The following example shows a typical configuration. The database is located at the default location /etc/sasldb2. pwcheck_method: auxprop auxprop_plugin: sasldb mech_list: plain login cram-md5 digest-md5 See also authdaemond 5 , ldapdb 5 , libsasl 5 , saslauthd 8 , saslauthd.conf 5 , saslpasswd2 5 , sasldblistusers2 5 , sasldb 5 , sql 5 Readme files README.Debian Author This manual was written for the Debian distribution because the original program does not have a manual page. Parts of the documentation have been taken from the Cyrus SASL's options.html.
Patrick Ben Koetter p@state-of-mind.de
 debian/doc/ldapdb.50000664000000000000000000000731212224357633011263 0ustar .\" Title: ldapdb .\" Author: .\" Generator: DocBook XSL Stylesheets v1.73.2 .\" Date: 12/14/2008 .\" Manual: .\" Source: .\" .TH "LDAPDB" "5" "12/14/2008" "" "" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .SH "NAME" ldapdb \- auxiliary property plugin .SH "SYNOPSIS" .PP Cyrus SASL auxprop plugin to access LDAP authentication backends\&. .SH "DESCRIPTION" .PP This document describes configuration options for the Cyrus SASL auxiliary property plugin \fBldapdb\fR\&. .PP This plugin reads all user data from an OpenLDAP server\&. It requires configuration of the \fBldapdb\fR plugin and of the LDAP server\&. The \fBldapdb\fR plugin must name a proxy user\&. The proxy user must (also) SASL authenticate at the LDAP server\&. The LDAP server must authorize the \fBldapdb\fR proxy user to access the authenticating users \fIuserPassword\fR\&. .SH "OPTIONS" .PP The following configuration parameters are applicable in the context of the \fBldapdb\fR plugin: .PP \fBldapdb_uri\fR (default: empty) .RS 4 Specifies a whitespace\-separated list of LDAP servers (authentication backends)\&. Use \fBldapi://\fR\&.\&.\&., \fBldap://\fR\&.\&.\&. or \fBldaps://\fR\&.\&.\&. to specify how the servers should be contacted\&. .RE .PP \fBldapdb_id\fR (default: empty) .RS 4 Specifies the proxy user name (authentication id) who logs into the LDAP server in order to retrieve the authenticating users \fIuserPassword\fR\&. .RE .PP \fBldapdb_mech\fR (default: empty) .RS 4 Sets the SASL mechanism the \fBldapdb\fR plugin (client) should use when it SASL connects to the LDAP server\&. .RE .PP \fBldapdb_pw\fR (default: empty) .RS 4 Specifies the password used by \fIldapdb_id\fR\&. The password must be written in cleartext\&. .RE .PP \fBldapdb_rc\fR (default: empty) .RS 4 Specifies a path to a file that contains configuration options to override system\-wide defaults when running ldap clients (see also: \fBldap.conf\fR(5))\&. .sp The main purpose behind this option is to drop transmission of \fIldapdb_pw\fR in favor of a client TLS certificate specified in \fIldapdb_rc\fR, so that SASL/EXTERNAL may be used between the ldapdb plugin and the LDAP server\&. .sp .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br Note This is the most optimal way to use the ldapdb plugin when the servers are on separate machines \- the connection is encrypted and password transmission is not necessary because the client is identified by its TLS client certificate\&. .RE .PP \fBldapdb_starttls\fR (default: empty) .RS 4 Enable encrypted communication using StartTLS\&. Valid options are: .PP \fBtry\fR .RS 4 StartTLS encrypted communication is attempted\&. If it fails the client communicates unencrypted\&. .RE .PP \fBdemand\fR .RS 4 StartTLS encrypted communication is required\&. If it fails the client aborts the connection\&. .RE .RE .SH "EXAMPLE" .PP The following example shows a typical \fBldapdb\fR configuration\&. .sp .RS 4 .nf pwcheck_method: auxprop auxprop_plugin: ldapdb mech_list: PLAIN LOGIN NTLM CRAM\-MD5 DIGEST\-MD5 ldapdb_uri: ldap://localhost ldaps://ldap\&.example\&.com ldapdb_id: proxyuser ldapdb_pw: proxypass ldapdb_mech: DIGEST\-MD5 .fi .RE .SH "SEE ALSO" .PP \fBauthdaemond\fR(5), \fBldapdb\fR(5), \fBlibsasl\fR(5), \fBsaslauthd\fR(8), \fBsaslauthd.conf\fR(5), \fBsaslpasswd2\fR(5), \fBsasldblistusers2\fR(5), \fBsasldb\fR(5), \fBsql\fR(5) .SH "README FILES" .PP \fIREADME\&.Debian\fR .SH "AUTHOR" .PP This manual was written for the Debian distribution because the original program does not have a manual page\&. Parts of the documentation have been taken from the Cyrus SASL\'s \fIoptions\&.html\fR\&. .PP .RS 4 .nf Patrick Ben Koetter .fi .RE debian/doc/sql.50000664000000000000000000001241412224357633010633 0ustar .\" Title: sql .\" Author: .\" Generator: DocBook XSL Stylesheets v1.73.2 .\" Date: 12/14/2008 .\" Manual: Cyrus SASL sql auxprop plugin .\" Source: .\" .TH "SQL" "5" "12/14/2008" "" "Cyrus SASL sql auxprop plugin" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .SH "NAME" sql \- auxiliary property plugin .SH "SYNOPSIS" .PP Cyrus SASL auxprop plugin to access sql authentication backends\&. .SH "DESCRIPTION" .PP This document describes configuration options for the Cyrus SASL auxiliary property plugin \fBsql\fR\&. .PP \fBsql\fR is a generic plugin for various SQL backends\&. Currently it provides access to either MySQL, PostgreSQL or SQLite databases\&. .sp .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br Note .PP The plugin requires that passwords in the database are stored in plaintext format in order to use shared\-secret mechanisms\&. .SH "CONFIGURATION SYNTAX" .PP The following syntax is mandatory for \fBsql\fR plugin configuration: .sp .RS 4 \h'-04'\(bu\h'+03'SQL statements specified with \fIsql_select\fR, \fIsql_select\fR and \fIsql_select\fR must not be enclosed in quotes\&. .RE .sp .RS 4 \h'-04'\(bu\h'+03'Macros, e\&.g\&. \fB%u\fR, \fB%r\fR and \fB%v\fR, specified within SQL statements must be quoted individually\&. .RE .PP See the section called \(lqEXAMPLE\(rq for a valid configuration example\&. .SH "OPTIONS" .PP The following configuration parameters are applicable in the context of the \fBsql\fR plugin: .PP \fIsql_engine\fR (default: \fBmysql\fR) .RS 4 Specifies the type of SQL engine to use for connections to the SQL backend\&. The following types are available: .PP \fBmysql\fR .RS 4 Enables the mysql driver for connections to a MySQL server\&. .RE .PP \fBpgsql\fR .RS 4 Enables the pgsql driver for connections to a PostgreSQL server\&. .RE .PP \fBsqlite\fR .RS 4 Enables the sqlite driver for connections to a SQLite server\&. .RE .RE .PP \fIsql_hostnames\fR (default: empty) .RS 4 A comma\-separated list of one or more SQL servers the plugin should try to connect to and query from\&. Specify servers separated in hostname[:port] format\&. .sp .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br Note Specify localhost when using the MySQL engine to communicate over a UNIX domain socket and 127\&.0\&.0\&.1 to attempt a connection that uses a TCP socket\&. .RE .PP \fIsql_user\fR (default empty) .RS 4 Configures the username the plugin will send when it authenticates to the SQL server\&. .RE .PP \fIsql_passwd\fR (defaults: empty) .RS 4 Configures the password the plugin will send when it authenticates to the SQL server\&. .RE .PP \fIsql_database\fR (default: empty) .RS 4 Specifies the name of the database which contains auxiliary properties (e\&.g\&. username, realm, password etc\&.) .RE .PP \fIsql_select\fR (default: empty) .RS 4 Mandatory SELECT statement used to fetch properties from the SQL database\&. .RE .PP \fIsql_insert\fR (default: empty) .RS 4 Optional INSERT statement used to create properties for new users in the SQL database\&. .RE .PP \fIsql_update\fR (default: empty) .RS 4 Optional UPDATE statement used to modify properties in the SQL database\&. .RE .PP \fIsql_usessl\fR (default: \fBno\fR) .RS 4 Specify either \fByes\fR, \fBon\fR, \fB1\fR or \fBtrue\fR, and the plugin will try to establish a secure connection to the SQL server\&. .sp Does this really work? I remember it doesn\'t \&.\&.\&. .RE .SS "Macros" .PP The sql plugin provides macros to build \fIsql_select\fR, \fIsql_select\fR and \fIsql_select\fR statements\&. They will be replaced with arguments sent from the client\&. The following macros exist: .PP %u .RS 4 The name of the user whose properties are being selected, inserted or updated\&. .RE .PP %p .RS 4 The name of the property being selected, inserted or updated\&. While this could technically be anything, Cyrus SASL will try \fIuserPassword\fR and \fIcmusaslsecret\fR\fI\fIMECHNAME\fR\fR (where \fIMECHNAME\fR is the name of a SASL mechanism)\&. .RE .PP %r .RS 4 Name of the realm to which the user belongs\&. This could be the KERBEROS realm, the FQDN of the computer the SASL application is running on or whatever is after the @ on a username\&. .RE .PP %v .RS 4 Value of the property being stored during insert or update operations\&. While this could technically be anything depending on the property itself, it generally is a \fIuserPassword\fR\&. .RE .SH "EXAMPLE" .PP The following example shows a typical \fBsql\fR configuration: .sp .RS 4 .nf pwcheck_method: auxprop auxprop_plugin: sql mech_list: plain login cram\-md5 digest\-md5 sql_engine: pgsql sql_hostnames: 127\&.0\&.0\&.1, 192\&.0\&.2\&.1 sql_user: username sql_passwd: secret sql_database: company sql_select: SELECT password FROM users WHERE user = \'%u\'@\'%r\' .fi .RE .SH "SEE ALSO" .PP \fBauthdaemond\fR(5), \fBldapdb\fR(5), \fBlibsasl\fR(5), \fBsaslauthd\fR(8), \fBsaslauthd.conf\fR(5), \fBsaslpasswd2\fR(5), \fBsasldblistusers2\fR(5), \fBsasldb\fR(5), \fBsql\fR(5) .SH "README FILES" .PP \fIREADME\&.Debian\fR .SH "AUTHOR" .PP This manual was written for the Debian distribution because the original program does not have a manual page\&. Parts of the documentation have been taken from the Cyrus SASL\'s \fIoptions\&.html\fR\&. .PP .RS 4 .nf Patrick Ben Koetter .fi .RE debian/doc/sasldb.50000664000000000000000000000471312224357633011307 0ustar .\" Title: sasldb .\" Author: .\" Generator: DocBook XSL Stylesheets v1.73.2 .\" Date: 12/14/2008 .\" Manual: .\" Source: .\" .TH "SASLDB" "5" "12/14/2008" "" "" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .SH "NAME" sasldb \- auxiliary property plugin .SH "SYNOPSIS" .PP Cyrus SASL auxprop plugin to access the sasldb authentication backend .SH "DESCRIPTION" .PP This document describes configuration options for the Cyrus SASL auxiliary property plugin \fBsasldb\fR\&. .PP \fBsasldb\fR is the default and fallback plugin\&. It will be used if explicitly configured, but also if other mechanisms have failed to load e\&.g\&. because they haven\'t been configured properly\&. .PP This plugin reads all user data from a Berkeley database\&. On Debian systems the default location for this database is \fI/etc/sasldb2\fR\&. .PP Passwords are stored in plaintext format to enable usage of shared\-secret mechanisms\&. To protect the passwords, access has been restricted to user root and group sasl\&. An application must be member of the sasl group to conduct \fBsasldb\fR SASL authentication\&. .PP Use the \fBsaslpasswd2\fR(8) utility to create and modify \fBsasldb\fR users\&. The \fBsasldblistusers2\fR(8) command prints a list of existing \fBsasldb\fR users to STDOUT\&. .SH "OPTIONS" .PP The following configuration parameters are applicable in the context of the \fBsasldb\fR plugin: .PP \fIsasldb_path\fR: (default: \fI/etc/sasldb2\fR) .RS 4 Specifies the path to the database when \fIauxprop_plugin\fR: \fBsasldb\fR is used\&. The default path is system dependant, but usually \fI/etc/sasldb2\fR\&. .RE .SH "EXAMPLE" .PP The following example shows a typical \fBsasldb\fR configuration\&. The database is located at the default location \fI/etc/sasldb2\fR\&. .sp .RS 4 .nf pwcheck_method: auxprop auxprop_plugin: sasldb mech_list: plain login cram\-md5 digest\-md5 .fi .RE .SH "SEE ALSO" .PP \fBauthdaemond\fR(5), \fBldapdb\fR(5), \fBlibsasl\fR(5), \fBsaslauthd\fR(8), \fBsaslauthd.conf\fR(5), \fBsaslpasswd2\fR(5), \fBsasldblistusers2\fR(5), \fBsasldb\fR(5), \fBsql\fR(5) .SH "README FILES" .PP \fIREADME\&.Debian\fR .SH "AUTHOR" .PP This manual was written for the Debian distribution because the original program does not have a manual page\&. Parts of the documentation have been taken from the Cyrus SASL\'s \fIoptions\&.html\fR\&. .PP .RS 4 .nf Patrick Ben Koetter .fi .RE debian/doc/sql.5.xml0000664000000000000000000002376412224357633011444 0ustar Cyrus SASL sql auxprop plugin sql 5 sql auxiliary property plugin Cyrus SASL auxprop plugin to access sql authentication backends. Description This document describes configuration options for the Cyrus SASL auxiliary property plugin . is a generic plugin for various SQL backends. Currently it provides access to either MySQL, PostgreSQL or SQLite databases. The plugin requires that passwords in the database are stored in plaintext format in order to use shared-secret mechanisms. Configuration Syntax The following syntax is mandatory for plugin configuration: SQL statements specified with sql_select, sql_select and sql_select must not be enclosed in quotes. Macros, e.g. , and , specified within SQL statements must be quoted individually. See for a valid configuration example. Options The following configuration parameters are applicable in the context of the plugin: sql_engine (default: ) Specifies the type of SQL engine to use for connections to the SQL backend. The following types are available: Enables the mysql driver for connections to a MySQL server. Enables the pgsql driver for connections to a PostgreSQL server. Enables the sqlite driver for connections to a SQLite server. sql_hostnames (default: empty) A comma-separated list of one or more SQL servers the plugin should try to connect to and query from. Specify servers separated in hostname[:port] format. Specify localhost when using the MySQL engine to communicate over a UNIX domain socket and 127.0.0.1 to attempt a connection that uses a TCP socket. sql_user (default empty) Configures the username the plugin will send when it authenticates to the SQL server. sql_passwd (defaults: empty) Configures the password the plugin will send when it authenticates to the SQL server. sql_database (default: empty) Specifies the name of the database which contains auxiliary properties (e.g. username, realm, password etc.) sql_select (default: empty) Mandatory SELECT statement used to fetch properties from the SQL database. sql_insert (default: empty) Optional INSERT statement used to create properties for new users in the SQL database. sql_update (default: empty) Optional UPDATE statement used to modify properties in the SQL database. sql_usessl (default: ) Specify either , , or , and the plugin will try to establish a secure connection to the SQL server. Does this really work? I remember it doesn't ... Macros The sql plugin provides macros to build sql_select, sql_select and sql_select statements. They will be replaced with arguments sent from the client. The following macros exist: %u The name of the user whose properties are being selected, inserted or updated. %p The name of the property being selected, inserted or updated. While this could technically be anything, Cyrus SASL will try userPassword and cmusaslsecretMECHNAME (where MECHNAME is the name of a SASL mechanism). %r Name of the realm to which the user belongs. This could be the KERBEROS realm, the FQDN of the computer the SASL application is running on or whatever is after the @ on a username. %v Value of the property being stored during insert or update operations. While this could technically be anything depending on the property itself, it generally is a userPassword. Example The following example shows a typical configuration: pwcheck_method: auxprop auxprop_plugin: sql mech_list: plain login cram-md5 digest-md5 sql_engine: pgsql sql_hostnames: 127.0.0.1, 192.0.2.1 sql_user: username sql_passwd: secret sql_database: company sql_select: SELECT password FROM users WHERE user = '%u'@'%r' See also authdaemond 5 , ldapdb 5 , libsasl 5 , saslauthd 8 , saslauthd.conf 5 , saslpasswd2 5 , sasldblistusers2 5 , sasldb 5 , sql 5 Readme files README.Debian Author This manual was written for the Debian distribution because the original program does not have a manual page. Parts of the documentation have been taken from the Cyrus SASL's options.html.
Patrick Ben Koetter p@state-of-mind.de
 debian/doc/saslauthd.conf.5.xml0000664000000000000000000004770012224357633013555 0ustar saslauthd.conf 5 saslauthd.conf saslauthd LDAP configuration file saslauthd -a ldap saslauthd -a ldap -O /etc/saslauthd.conf Description This document describes LDAP configuration options for the Cyrus SASL password verification service saslauthd. By default saslauthd searches for LDAP configuration options in /usr/local/etc/saslauthd.conf. This location can be overridden if the additional command line option specifies an alternative path to the configuration file. Syntax Do not use quotes (\"\') in the parameter values. Options The following are available LDAP parameters. The defaults are probably adequate for most installations. Only ldap_servers may need to be specified. ldap_auth_method (default: |) The bind method uses the LDAP bind facility to verify the password. The bind method is not available when ldap_use_sasl is turned on. In that case saslauthd will use fastbind. is the default auth method. When ldap_use_sasl is enabled, 'fastbind' is the default. The method uses userPassword attribute to verify the password. Supported hashes: crypt, md5, smd5, sha and ssha. Cleartext is supported as well. The method - when ldap_use_sasl is - does away with the search and an extra anonymous bind in auth_bind, but makes two assumptions: Expanding the ldap_filter expression gives the user's fully-qualified DN There is no cost to staying bound as a named user ldap_bind_dn (default: empty) Specify DN (distinguished name) to bind to the LDAP directory. Do not specify this parameter for the anonymous bind. ldap_bind_pw (default: empty) An alias for ldap_password. ldap_default_domain (default: empty) An alias for ldap_default_realm. ldap_default_realm (default: empty) The default realm is assigned to the token when realm is not available. See ldap_filter for more. ldap_deref (default: empty) Specify how aliases dereferencing is handled during search. Should be one of , , , or to specify that aliases are never dereferenced, always dereferenced, dereferenced when searching, or dereferenced only when locating the base object for the search. ldap_filter (default: ) Specify a filter. The following tokens can be used in the filter string: This is replaced by a literal ’%’ character. is replaced by the complete user string. If the string is an address (), will be replaced by the local part of that address. If the string is an address (), will be replaced by the domain part of that address. Otherwise it will be the same as . If the input key is user@mail.example.com, then is com, is example and is mail. is replaced by the complete service string. is replaced by the complete realm string. is replaced by the complete user DN (available for group checks) The token has to be used at minimum for the filter to be useful. If ldap_auth_method is , the filter will search for the DN (distinguished name) attribute. Otherwise, the search will look for the ldap_password_attr attribute. ldap_group_attr (default: ) Specify what attribute to compare the user DN against in the group. If ldap_group_dn is not specified, this parameter is ignored. If ldap_group_match_method is not , this parameter is ignored. ldap_group_dn (default: empty) If specified, the user has to be part of the group in order to authenticate successfully. Tokens described in ldap_filter can be used for substitution. ldap_group_filter (default: empty) Specify a filter. If a filter match is found then the user is in the group. Tokens described in ldap_filter can be used for for substitution. If ldap_group_dn is not specified, this parameter is ignored. If ldap_group_match_method is not filter, this parameter is ignored. ldap_group_match_method (default: ) If is used the group match method uses ldap_group_attr and if is used ldap_group_search will be used as group match method. If ldap_group_dn is not specified, this parameter is ignored. ldap_group_search_base (default: ldap_search_base) Specify a starting point for the group search: e.g. dc=example,dc=com. Tokens described in ldap_filter can be used for substitution. ldap_group_scope (default: sub) Group search scope. Options are either , or . ldap_password (default: empty) Specify the password for ldap_bind_dn or ldap_id if ldap_use_sasl is turned on. Do not specify this parameter for the anonymous bind. ldap_password_attr (default: ) Specify what password attribute to use for password verification. ldap_referrals (default: ) Specify whether or not the client should follow referrals. ldap_restart (default: ) Specify whether or not LDAP I/O operations are automatically restarted if they abort prematurely. ldap_id (default: empty) Specify the authentication ID for SASL bind. ldap_authz_id (default: empty) Specify the proxy authorization ID for SASL bind. ldap_mech (default: empty) Specify the authentication mechanism for SASL bind. ldap_realm (default: empty) Specify the realm of authentication ID for SASL bind. ldap_scope (default: ) Search scope. Options are either , or . ldap_search_base (default: empty) Specify a starting point for the search: e.g. dc=example,dc=com. Tokens described in ldap_filter can be used for substitution. ldap_servers (default: ) Specify one or more URI(s) referring to LDAP server(s), e.g. ldaps://10.1.1.2:999/. Multiple servers must be separated by space. ldap_start_tls (default: ) Use StartTLS extended operation. Do not use ldaps: ldap_servers when this option is turned on. ldap_time_limit (default: ) Specify a number of seconds for a search request to complete. ldap_timeout (default: ) Specify a number of seconds a search can take before timing out. ldap_tls_check_peer (default: ) Require and verify server certificate. If this option is , you must specify ldap_tls_cacert_file or ldap_tls_cacert_dir. ldap_tls_cacert_file (default: empty) File containing CA (Certificate Authority) certificate(s). ldap_tls_cacert_dir (default: empty) Path to directory with CA (Certificate Authority) certificates. ldap_tls_ciphers (default: ) List of SSL/TLS ciphers to allow. The format of the string is described in ciphers 1 . ldap_tls_cert (default: empty) File containing the client certificate. ldap_tls_key (default: empty) File containing the private client key. ldap_use_sasl (default: ) Use SASL bind instead of simple bind when connecting to the LDAP server. ldap_version (default: ) Specify the LDAP protocol version - either or . If ldap_start_tls and/or ldap_use_sasl are enabled, ldap_version will be automatically set to . Example See also authdaemond 5 , ldapdb 5 , libsasl 5 , saslauthd 8 , saslauthd.conf 5 , saslpasswd2 5 , sasldblistusers2 5 , sasldb 5 , sql 5 Readme files README.Debian Author(s) This manual is based on notes in LDAP_SASLAUTHD from Igor Brezac.
Igor Brezac Igor@ipass.net
 It was edited and revised for the Debian distribution because the original program does not have a manual page.
Patrick Ben Koetter p@state-of-mind.de
 debian/doc/libsasl.50000664000000000000000000001675512224357633011501 0ustar .\" Title: libsasl .\" Author: .\" Generator: DocBook XSL Stylesheets v1.73.2 .\" Date: 12/15/2008 .\" Manual: .\" Source: .\" .TH "LIBSASL" "5" "12/15/2008" "" "" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .SH "NAME" libsasl \- authentication library .SH "SYNOPSIS" .PP Cyrus SASL library handling communication between an application and the Cyrus SASL authentication framework\&. .SH "DESCRIPTION" .PP This document describes generic configuration options for the Cyrus SASL authentication library libsasl\&. .PP The library handles communication between an application and the Cyrus SASL authentication framework\&. Both exchange information before libsasl can start offering authentication services for the application\&. .PP The application, among other data, sends the \fIservice_name\fR\&. The service name is the services name as specified by IANA\&. SMTP servers, for example, send \fBsmtp\fR as \fIservice_name\fR\&. This information is handed over by libsasl e\&.g\&. when Kerberos or PAM authentication takes place\&. .PP Configuration options in general are read either from a file or passed by the application using libsasl during library initialization\&. .SS "File\-Based configuration" .PP When an application (server) starts, it initializes the libsasl library\&. The application passes \fIapp_name\fR (application name) to the SASL library\&. Its value is used to construct the name of the application specific SASL configuration file\&. The Cyrus SASL sample\-server, for example, sends \fBsample\fR as \fIapp_name\fR\&. Using this value the SASL library will search the configuration directories for a file named \fIsample\&.conf\fR and read configuration options from it\&. .sp .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br Note .PP Consult the applications manual to determine what \fIapp_name\fR it sends to the Cyrus SASL library\&. .SS "Application\-Based Configuration" .PP Configuration options for libsasl are written down together with application specific options in the applications configuration file\&. The application reads them and passes them over to libsasl when it loads the library\&. .sp .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br Note .PP An example for application\-based configuration is the Cyrus IMAP server imapd\&. SASL configuration is written to \fIimapd\&.conf\fR and passed to the SASL library when the imapd server starts\&. .SH "CONFIGURATION SYNTAX" .PP The general format of Cyrus SASL configuration file is as follows: .PP Configuration options .RS 4 Configuration options are written each on a single physical line\&. Parameter and value must be separated by a colon and a single whitespace: .sp .RS 4 .nf parameter: value .fi .RE .sp .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br Important There must be no trailing whitespace after the value or Cyrus SASL will fail to apply the value appropriately! .RE .PP Comments, Emtpy lines and whitespace\-only lines .RS 4 Empty lines and whitespace\-only lines are ignored, as are lines whose first non\-whitespace character is a \(lq#\(rq\&. .RE .SH "OPTIONS" .PP There are generic options and options specific to the password verification service or auxiliary property plugin choosen by the administrator\&. Such specific options are documented in manuals listed in the section called \(lqSEE ALSO\(rq\&. .PP The following configuration parameters are generic configuration options: .PP \fIauthdaemond_path\fR (default: \fB/dev/null\fR) .RS 4 Path to Courier MTA authdaemond\'s unix socket\&. Only applicable when \fIpwcheck_method\fR is set to \fBauthdaemond\fR\&. .RE .PP \fIauto_transition\fR: (default: \fBno\fR) .RS 4 Automatically transition users to other mechanisms when they do a successful plaintext authentication and if an auxprop plugin is used\&. .sp .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br Important This option does not apply to the \fBldapdb\fR(5) plugin\&. It is a read\-only plugin\&. .PP \fBno\fR .RS 4 Do not transition users to other mechanisms\&. .RE .PP \fBnoplain\fR .RS 4 Transition users to other mechanisms, but write non\-plaintext secrets only\&. .RE .PP \fByes\fR .RS 4 Transition users to other mechanisms\&. .RE .sp .sp .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br Note The only mechanisms (as currently implemented) which don\'t use plaintext secrets are OTP and SRP\&. .RE .PP \fIauxprop_plugin\fR: (default: empty) .RS 4 A whitespace\-separated list of one or more auxiliary plugins used if the \fIpwcheck_method\fR parameter specifies \fBauxprop\fR as an option\&. Plugins will be queried in list order\&. If no plugin is specified, all available plugins will be queried\&. .PP \fBldapdb\fR .RS 4 Specify \fBldapdb\fR to use the Cyrus SASL \fBldapdb\fR(5) plugin\&. .RE .PP \fBsasldb\fR .RS 4 Specify \fBsasldb\fR to use the Cyrus SASL \fBsasldb\fR(5) plugin\&. .RE .PP \fBsql\fR .RS 4 Specify \fBsql\fR to use the Cyrus SASL \fBsql\fR(5) plugin\&. .RE .RE .PP \fIlog_level\fR: (default: \fB1\fR) .RS 4 Specifies a numeric log level\&. Available log levels are: .PP \fB0\fR .RS 4 Don\'t log anything .RE .PP \fB1\fR .RS 4 Log unusual errors .RE .PP \fB2\fR .RS 4 Log all authentication failures .RE .PP \fB3\fR .RS 4 Log non\-fatal warnings .RE .PP \fB4\fR .RS 4 More verbose than 3 .RE .PP \fB5\fR .RS 4 More verbose than 4 .RE .PP \fB6\fR .RS 4 Traces of internal protocols .RE .PP \fB7\fR .RS 4 Traces of internal protocols, including passwords .RE .sp .sp .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br Important Cyrus SASL sends log messages to the application that runs it\&. The application decides if it forwards such messages to the \fBsysklogd\fR(8) service, to which \fIfacility\fR they are sent and which \fIpriority\fR is given to the message\&. .RE .PP \fImech_list\fR: (default: empty) .RS 4 The optional \fImech_list\fR parameter specifies a whitespace\-separated list of one or more mechanisms allowed for authentication\&. .RE .PP \fIpwcheck_method\fR: (default: \fBauxprop\fR) .RS 4 A whitespace\-separated list of one or more mechanisms\&. Cyrus SASL provides the following mechanisms: .PP \fBauthdaemond\fR .RS 4 Configures Cyrus SASL to contact the Courier MTA \fBauthdaemond\fR(8) password verification service for password verification\&. .RE .PP \fBalwaystrue\fR .RS 4 TODO .RE .PP \fBauxprop\fR .RS 4 Cyrus SASL will use its own plugin infrastructure to verify passwords\&. The \fI\fIauxprop_plugin\fR\fR parameter controls which plugins will be used\&. .RE .PP \fBpwcheck\fR .RS 4 Verify passwords using the Cyrus SASL \fBpwcheck\fR(8) password verification service\&. The pwcheck daemon is considered deprecated and should not be used anymore\&. Use the saslauthd password verification service instead\&. .RE .PP \fBsaslauthd\fR .RS 4 Verify passwords using the Cyrus SASL \fBsaslauthd\fR(8) password verification service\&. .RE .RE .PP \fIsaslauthd_path\fR: (default: empty) .RS 4 Path to \fBsaslauthd\fR(8) run directory (including the \fI/mux\fR named pipe) .RE .SH "SEE ALSO" .PP \fBauthdaemond\fR(5), \fBldapdb\fR(5), \fBlibsasl\fR(5), \fBsaslauthd\fR(8), \fBsaslauthd.conf\fR(5), \fBsaslpasswd2\fR(5), \fBsasldblistusers2\fR(5), \fBsasldb\fR(5), \fBsql\fR(5) .SH "README FILES" .PP \fIREADME\&.Debian\fR .SH "AUTHOR" .PP This manual was written for the Debian distribution because the original program does not have a manual page\&. Parts of the documentation have been taken from the Cyrus SASL\'s \fIoptions\&.html\fR\&. .PP .RS 4 .nf Patrick Ben Koetter .fi .RE debian/doc/TODO0000664000000000000000000000007712224357633010440 0ustar Write manual for - authdaemond(8) - pwcheck_method: alwaystrue debian/libsasl2-dev.examples0000664000000000000000000000005112224357633013222 0ustar sample/*.c sample/*.h build-mit/config.h debian/libsasl2-2.install0000664000000000000000000000003012224412004012412 0ustar usr/lib/*/libsasl2.so.* debian/sasl2-bin.templates0000664000000000000000000000415612224357633012717 0ustar # These templates have been reviewed by the debian-l10n-english # team # # If modifications/additions/rewording are needed, please ask # debian-l10n-english@lists.debian.org for advice. # # Even minor modifications require translation updates and such # changes should be coordinated with translators and reviewers. Template: cyrus-sasl2/purge-sasldb2 Type: boolean Default: false _Description: Remove /etc/sasldb2? Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database file. . If important data is stored in that file, you should back it up now or choose not to remove the file. Template: cyrus-sasl2/backup-sasldb2 Type: string Default: /var/backups/sasldb2.bak _Description: Backup file name for /etc/sasldb2: Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database file. . That file has to be upgraded to a newer database format. First, a backup of the current file will be created. You can use that if you need to manually downgrade Cyrus SASL. However, automatic downgrades are not supported. . Please specify the backup file name. You should check the available disk space in that location. If the backup file already exists, it will be overwritten. Leaving this field empty will select the default value (/var/backups/sasldb2.bak). Template: cyrus-sasl2/upgrade-sasldb2-backup-failed Type: error _Description: Failed to back up /etc/sasldb2 The /etc/sasldb2 file could not be backed up with the file name you specified. . This is a fatal error and will cause the package installation to fail. . Please eliminate all possible reasons that might lead to this failure, and try to configure this package again. Template: cyrus-sasl2/upgrade-sasldb2-failed Type: error _Description: Failed to upgrade /etc/sasldb2 The /etc/sasldb2 file could not be upgraded to the new database format. . This is a fatal error and will cause the package installation to fail. . The configuration process will attempt to restore the backup of this file to its original location. . Please eliminate all possible reasons that might lead to this failure, then try to configure this package again. debian/libsasl2-modules.lintian-overrides0000664000000000000000000000021312224357633015734 0ustar # We do not link the GPL code we ship with openssl; it's a separate utility libsasl2-modules binary: possible-gpl-code-linked-with-openssl debian/libsasl2-modules-gssapi-heimdal.lintian-overrides0000664000000000000000000000023212224357633020622 0ustar # We do not link the GPL code we ship with openssl; it's a separate utility libsasl2-modules-gssapi-heimdal binary: possible-gpl-code-linked-with-openssl debian/cyrus-sasl2-doc.install0000664000000000000000000000000012224357633013507 0ustar debian/changelog0000664000000000000000000015420412235227313011050 0ustar cyrus-sasl2 (2.1.25.dfsg1-17build1) trusty; urgency=low * No change rebuild against db 5.3. -- Dmitrijs Ledkovs Sat, 02 Nov 2013 16:56:43 +0000 cyrus-sasl2 (2.1.25.dfsg1-17) unstable; urgency=low * Add libsasl2-modules-db to the include/exclude lists in debian/rules. -- Adam Conrad Sun, 06 Oct 2013 19:55:16 -0600 cyrus-sasl2 (2.1.25.dfsg1-16) unstable; urgency=low * Explicitly build-depend on libkrb5-dev to fix FTBFS (Closes: #724147) -- Adam Conrad Sun, 06 Oct 2013 18:48:39 -0600 cyrus-sasl2 (2.1.25.dfsg1-15) unstable; urgency=low * Split libsasl2-modules-db out of libsasl2-modules, so we can depend on it for smooth upgrades from wheezy without pulling in all the modules. -- Adam Conrad Sun, 06 Oct 2013 15:33:56 -0600 cyrus-sasl2 (2.1.25.dfsg1-14) unstable; urgency=low * CVE-2013-4122: Handle NULL returns from glibc 2.17+ crypt() (Closes: #716835) -- Ondřej Surý Wed, 17 Jul 2013 16:19:39 +0200 cyrus-sasl2 (2.1.25.dfsg1-13) unstable; urgency=low * Use --ignore-fail-on-non-empty option to rmdir instead of non-existent -f (Closes: #714601) -- Ondřej Surý Mon, 01 Jul 2013 12:19:54 +0200 cyrus-sasl2 (2.1.25.dfsg1-12) unstable; urgency=low * Change depend on libsasl2-modules to libsasl2-2 in libsasl2-dev (Closes: #714514) -- Ondřej Surý Mon, 01 Jul 2013 09:25:05 +0200 cyrus-sasl2 (2.1.25.dfsg1-11) unstable; urgency=low * Loosen dependency on libsasl2-modules from = to >= to allow transition to libsasl2-3 -- Ondřej Surý Thu, 27 Jun 2013 10:43:50 +0200 cyrus-sasl2 (2.1.25.dfsg1-10) unstable; urgency=low * Purge /usr/lib/sasl2/berkeley_db.active if the /etc/sasldb2 was purged or doesn't exist. -- Ondřej Surý Thu, 27 Jun 2013 10:42:59 +0200 cyrus-sasl2 (2.1.25.dfsg1-9) unstable; urgency=low * Move sasldb plugin from libsasl2-3 to libsasl2-modules (Closes: #714091) -- Ondřej Surý Wed, 26 Jun 2013 09:19:15 +0200 cyrus-sasl2 (2.1.25.dfsg1-8) unstable; urgency=low * Install berkeley_db.txt to sasl2-bin (Closes: #713932) -- Ondřej Surý Mon, 24 Jun 2013 07:52:29 +0200 cyrus-sasl2 (2.1.25.dfsg1-7) unstable; urgency=low * Use AC_CONFIG_MACRO_DIRS instead of AC_CONFIG_MACRO_DIR (Closes: #711219) * Fix heavy CPU usage in saslauthd (Closes: #708552) * Send LOGOUT before closing connection in auth_rimap (Closes: #708547) * Fix garbage in output buffer when using canonuser_plugin: ldapdb (Closes: #689346) -- Ondřej Surý Thu, 06 Jun 2013 13:41:17 +0200 cyrus-sasl2 (2.1.25.dfsg1-6) unstable; urgency=low * Fix failures when the host have broken hostname (Closes: #683555) -- Ondřej Surý Fri, 26 Oct 2012 14:06:11 +0200 cyrus-sasl2 (2.1.25.dfsg1-5) unstable; urgency=low * New sourceful upload (Closes: #676914) * Relabel /run directory for SE Linux (Closes: #677685) * Add a NEWS file about auxprop_plugin mysql->sql change (Closes: #680476) * Improve documentation on LDAP_SASLAUTHD file (Closes: #671015) -- Ondřej Surý Mon, 06 Aug 2012 13:34:27 +0200 cyrus-sasl2 (2.1.25.dfsg1-4) unstable; urgency=medium [ Ondřej Surý ] * Lintian says we need debhelper >= 9, so we need debhelper >= 9 [ Helmut Grohne ] * Breaks: slapd < 2.4.25-4 (Closes: #655845) * Introduce shlib dependency on 2.1.24 for libsasl2-2. (Closes: #628237) -- Ondřej Surý Sun, 04 Mar 2012 09:30:55 +0100 cyrus-sasl2 (2.1.25.dfsg1-3) unstable; urgency=low [ Thomas Preud'homme ] * Stop relying on the structure of debugging package (Closes: #653725). -- Ondřej Surý Wed, 18 Jan 2012 08:47:04 +0100 cyrus-sasl2 (2.1.25.dfsg1-2) unstable; urgency=low [ Roberto C. Sanchez ] * Update README.source to reflect quilt usage instead of dpatch [ Ondřej Surý ] * Fix missing pam library due MultiArch (Closes: #643331) -- Ondřej Surý Tue, 27 Sep 2011 13:00:26 +0200 cyrus-sasl2 (2.1.25.dfsg1-1) unstable; urgency=low * Imported Upstream version 2.1.25.dfsg1 * Refresh patches to the new release * sasldbconverter2.8 man page was removed from upstream tarball * Adapt debian/rules to SONAME change * Fix FTBFS with MultiArch heimdal libraries (Closes: #642681) * Add Catalan translation (Closes: #641826) -- Ondřej Surý Mon, 26 Sep 2011 10:08:32 +0200 cyrus-sasl2 (2.1.24~rc1.dfsg1+cvs2011-05-23-6) unstable; urgency=low * Add Breaks: postfix (<= 2.8.3-1) so it doesn't get upgraded until postfix sasl code is ready for MultiArch -- Ondřej Surý Wed, 17 Aug 2011 16:03:29 +0200 cyrus-sasl2 (2.1.24~rc1.dfsg1+cvs2011-05-23-5) unstable; urgency=low * Add MultiArch support (Courtesy of Steve Langasek) (Closes: #637968) * Add both patch(es) to fix authentication issue with dovecot (Closes: #635246) -- Ondřej Surý Tue, 16 Aug 2011 09:43:32 +0200 cyrus-sasl2 (2.1.24~rc1.dfsg1+cvs2011-05-23-4) unstable; urgency=low * Fix yet another upstream segfault breakage in GSSAPI from CVS (Closes: #629589) -- Ondřej Surý Wed, 08 Jun 2011 08:37:13 +0200 cyrus-sasl2 (2.1.24~rc1.dfsg1+cvs2011-05-23-3) unstable; urgency=low [ Dan White ] * Fix GSSAPI breakage by reverting revision 1.103 of plugins/gssapi.c (Closes: #628525) -- Ondřej Surý Tue, 07 Jun 2011 11:14:18 +0200 cyrus-sasl2 (2.1.24~rc1.dfsg1+cvs2011-05-23-2) unstable; urgency=low * Upload to unstable * One more AC_CACHE_VAL without _cv_ fix * Update Vcs-* links * Add gs2 and scram modules to libsasl2-modules-gssapi-mit (Closes: #628067) * Revert "Change gbp.conf for experimental branch" * Add lintian-override for libsasl2-modules-gssapi-mit: possible-gpl- code-linked-with-openssl -- Ondřej Surý Fri, 27 May 2011 17:05:30 +0200 cyrus-sasl2 (2.1.24~rc1.dfsg1+cvs2011-05-23-1) experimental; urgency=low * Imported Upstream version 2.1.24~rc1.dfsg1+cvs2011-05-23 * Adapt patches to new CVS checkout * Upload to experimental first to be sure everything works -- Ondřej Surý Thu, 26 May 2011 10:38:59 +0200 cyrus-sasl2 (2.1.24~rc1.dfsg1-1) unstable; urgency=low [ Roberto C. Sanchez ] * libsasl2-2.README.Debian: document that SASL logs debug messages by default, and how change/stop it (Closes: #590598) * Bump Standards-Version to 3.9.2 (no changes) * Remove Build-Depends on libopie-dev, which was removed (Closes: #622221) [ Ondřej Surý ] * Patch to support newer Berkeley DB (Closes: #621437) * Remove /etc/sasldb2 in prerm remove if empty (Closes: #618885) * Improve Berkeley DB upgrade code to note the used version in berkeley_db.active file and compare it with current version * Convert debian/rules to debhelper7 * Update Vcs-* and Homepage fields * Fix autoreconf by adding some recommended options to configure.in and Makefile.am * Imported Upstream version 2.1.24~rc1.dfsg1 * Update patches to new release * Update repack.sh * Build against sqlite3 since upstream has a support for it (Closes: #444799) * Fix FTBFS in LDAP plugin * Don't use .la files to open plugins, just scan .so * Set configdir to /etc/sasl2:/etc/sasl:/usr/lib/sasl2 (Closes: #465569) * Stop shipping .la and .a files for all modules (Closes: #516833) * sasl2-bin can depend on generic db-util package now * Add myself to uploaders * Removed hardcoded -R option when searching for sqlite libraries * Fix Sqlite3 FTBFS due missing link libraries in plugins/ -- Ondřej Surý Wed, 25 May 2011 21:57:11 +0200 cyrus-sasl2 (2.1.23.dfsg1-8) unstable; urgency=low * Eliminate getsubopt conflict when building with glibc 2.2, thanks to Colin Watson for the patch (Closes: #588528) * Convert package from using dpatch to using quilt * debian/sasl2-bin.saslauthd.init: Properly handle $(OPTIONS) missing from defaults file (Closes: #515534) * Bump Standards-Version to 3.9.1 (no changes) * cyrus-sasl2-dbg: Demote dependency on cyrus-sasl2-{mit,heimdal}-dbg to a recommendation (Closes: #607558) * Enable hardening features (Closes: #542725) * Fix FTBFS, add $(SASL_DB_LIB) as dependency to libsasldb, and use it. Thanks to Matthias Klose for the patch (Closes: #609237) * Drop gratuitous dependency on krb5support (Closes: #528238) * Ship docs on testing with sasl-sample-{client,server} (Closes: #516542) * Allow getting saslauthd status with '/etc/init.d/saslauthd status'. Thanks to Raoul Bhatia for the patch (Closes: #589181) * Fix documentation on saslauthd runtime directory perms (Closes: #528554) * Add Danish translation, thanks to Joe Dalton. (Closes: #585553) * Change to machine readable copyright file (Closes: 470948) * Improve documentation on location of socket directory based on whether Postfix runs inside or outside a chroot, thanks to Walter Rohrer for the suggestion. (Closes: #528553) * Start shipping gen-auth (Closes: #459624) * Switch to dpkg-source 3.0 (quilt) format. * Drop Conflicts/Replaces for pre-Lenny and pre-Sarge versions of packages -- Roberto C. Sanchez Wed, 16 Mar 2011 22:42:49 -0400 cyrus-sasl2 (2.1.23.dfsg1-7) unstable; urgency=low [ Luca Capello ] * Fix for (Closes: #601977), the idea coming from Gaudenz Steinlin : + debian/control: - cyrus-sasl2-dbg Depends: on one of the two GSSAPI dbg packages. - new cyrus-sasl2-mit-dbg package which Conflicts: with cyrus-sasl2-heimdal-dbg. - cyrus-sasl2-heimdal-dbg now Conflicts: with cyrus-sasl2-mit-dbg. + debian/cyrus-sasl2-heimdal-dbg.preinst: - remove, useless. + debian/cyrus-sasl2-heimdal-dbg.postrm: - remove, useless. + debian/cyrus-sasl2-mit-dbg.dirs: - create /usr/lib/debug/usr/lib/sasl2/. + debian/rules: - mv MIT libgssapiv2.so.2.0.23 into cyrus-sasl2-mit-dbg. [ Roberto C. Sanchez ] * Thanks to Luca Capello for providing the patch. -- Roberto C. Sanchez Sat, 18 Dec 2010 11:14:59 -0500 cyrus-sasl2 (2.1.23.dfsg1-6) unstable; urgency=low * Acknowledge NMU (thanks to Ben Hutchings) * Merge cyrus-sasl2 and cyrus-sasl2-heimdal source packages (Closes: #568358) + Build against new heimdal-multidev (Closes: #591147) * Properly detect presence of Heimdal (Closes: #590912); thanks tremendously to Russ Allbery for the patch -- Roberto C. Sanchez Thu, 19 Aug 2010 20:45:57 -0400 cyrus-sasl2 (2.1.23.dfsg1-5.1) unstable; urgency=low * Non-maintainer upload. * Remove incorrect conflict between cyrus-sasl2-dbg and cyrus-sasl2-heimdal-dbg (Closes: #590759); the conflicting file is now diverted by the latter -- Ben Hutchings Thu, 29 Jul 2010 03:34:07 +0100 cyrus-sasl2 (2.1.23.dfsg1-5) unstable; urgency=low * Finish switch to db4.8 by changing db4.7-util dependency to db4.8-util (Closes: #562895) -- Roberto C. Sanchez Mon, 28 Dec 2009 18:12:26 -0500 cyrus-sasl2 (2.1.23.dfsg1-4) unstable; urgency=low [ Fabian Fagerholm ] * debian/control, debian/sasl2-bin.postinst, debian/patches/0017_db4.8.dpatch: Bump libdb version to 4.8. (Closes: #556609) * debian/rules, debian/sasl2-bin.postinst, debian/sasl2-bin.saslauthd.init: No longer explicitly run stop init script on shutdown and reboot. (Closes: #560748) * debian/sasl2-bin.postinst: Don't attempt sasldb upgrade if the database file does not exist. (Closes: #521852) * debian/sasl2-bin.saslauthd.init: Fix return code comparisons. (Closes: #525424) * debian/control: Change upstream home page, this seems to be the active page and the old one contains less useful information. -- Fabian Fagerholm Mon, 28 Dec 2009 13:37:20 +0200 cyrus-sasl2 (2.1.23.dfsg1-3) unstable; urgency=low * Acknowledge NMU (Thanks to Christian Perrier) * Change package priority important -> standard, because of override disparity email -- Roberto C. Sanchez Sat, 07 Nov 2009 09:31:23 -0500 cyrus-sasl2 (2.1.23.dfsg1-2.1) unstable; urgency=low * Non-maintainer upload. * Fix pending l10n issues. Debconf translations: - French (Odile Bénassy). Closes: #518593 -- Christian Perrier Sat, 07 Nov 2009 08:04:09 +0100 cyrus-sasl2 (2.1.23.dfsg1-2) unstable; urgency=high [ Fabian Fagerholm ] * debian/control: Change Vcs-* fields to point to trunk. * debian/rules: Remove build-indep-stamp and build-arch-stamp when cleaning up (from Ubuntu) (Closes: #516538). * debian/patches/0014_avoid_pic_overwrite.dpatch: Also apply to lib/Makefile.am. Thanks to Amadeu A. Barbosa Jr. (Closes: #502910) [ Roberto C. Sanchez ] * Acknowledge NMU (thanks to Andreas Barth) * Document the sync mechanism between cyrus-sasl2 and cyrus-sasl2-heimdal. Urgency 'high' since current package is uninstallable. * Bump Standards-Version to 3.8.3 (no changes) -- Roberto C. Sanchez Wed, 07 Oct 2009 21:45:57 -0400 cyrus-sasl2 (2.1.23.dfsg1-1.1) unstable; urgency=medium * Build-Depend also on mysqlclient-dev. Closes: #542904 * Conflict cyrus-sasl2-heimdal-dbg as both packages provide the file /usr/lib/debug/usr/lib/sasl2/libgssapiv2.so.2.0.23 Closes: #530781 -- Andreas Barth Sat, 29 Aug 2009 11:47:55 +0200 cyrus-sasl2 (2.1.23.dfsg1-1) unstable; urgency=high * New upstream release - Security fix for CVE-2009-0688 (Closes: #528749). - debian/patches/0020_saslauthd_manpage.dpatch: Remove, integrated upstream. - debian/rules: Change chrpath invocation to match new version number of libsql.so. -- Fabian Fagerholm Sun, 24 May 2009 20:56:01 +0300 cyrus-sasl2 (2.1.22.dfsg1-26) UNRELEASED; urgency=low * NOT RELEASED * debian/control: Set section to debug to match override. -- Fabian Fagerholm Sun, 10 May 2009 09:55:01 +0300 cyrus-sasl2 (2.1.22.dfsg1-25) unstable; urgency=high * debian/patches/0017_db4.7.dpatch: Update db4.6 patch to db4.7. (Closes: #523007) -- Fabian Fagerholm Sun, 10 May 2009 08:51:30 +0300 cyrus-sasl2 (2.1.22.dfsg1-24) unstable; urgency=high [ Fabian Fagerholm ] * debian/patches/0021_no_mutex_changes_after_init.dpatch: Added patch to disallow mutex function changes once sasl_client_init and/or sasl_server_init have been called. Hand-picked and applied from upstream CVS revision 1.117, thanks to Eric Leblond. (Closes: #499770) * debian/control: Add ${misc:Depends} to applicable binary packages. * debian/rules, debian/libsasl2-modules, debian/libsasl2-modules-otp, debian/sasl2-bin: Add overrides for possible-gpl-code-linked-with-openssl lintian error. * debian/source.lintian-overrides: Add override for ancient-libtool lintian warning. * debian/sasl2-bin.postinst: Use set -e. * debian/patches/0022_gcc4.4_preprocessor_syntax.dpatch: Added patch to use test condition for #elif preprocessor directive. Required by GCC 4.4. Thanks to Martin Michlmayr. (Closes: #505042) * debian/cyrus-sasl2-dbg.dirs, debian/cyrus-sasl2-dbg.lintian-overrides, debian/rules: Add override because our -dbg package is not standardly named. * debian/control: Bump libdb version to 4.7. (Closes: #523007) * debian/sasl2-bin.postinst: Update to reflect libdb version change. Not strictly necessary since there were no database format changes betweek 4.6 and 4.7, but in the interest of completeness... -- Fabian Fagerholm Sat, 09 May 2009 22:56:52 +0300 cyrus-sasl2 (2.1.22.dfsg1-23) unstable; urgency=low * Add README.source to comply with Standards-Version 3.8.0 * Fix watch file to use dversionmangle instead of uversionmangle -- Roberto C. Sanchez Mon, 01 Sep 2008 11:05:12 -0400 cyrus-sasl2 (2.1.22.dfsg1-22) unstable; urgency=low [ Roberto C. Sanchez ] * Added Slovak translation, thanks to Ivan Masár (Closes: #489268) [ Fabian Fagerholm ] * Added Japanese translation, thanks to Hideki Yamane. (Closes: #493004) * Bump standards-version. -- Fabian Fagerholm Sat, 02 Aug 2008 15:57:11 +0300 cyrus-sasl2 (2.1.22.dfsg1-21) unstable; urgency=high [ Fabian Fagerholm ] * Add Basque translation, thanks to Piarres Beobide. (Closes: #481541) * Install README.Debian into libsasl2-2 package. (Closes: #485289) [ Roberto C. Sanchez ] * Remove bashism from debian/rules. (Closes: #484374) * Add Homepage field to debian/control. -- Fabian Fagerholm Mon, 09 Jun 2008 21:27:23 +0300 cyrus-sasl2 (2.1.22.dfsg1-20) unstable; urgency=high [ Fabian Fagerholm ] * debian/sasl2-bin.saslauthd.default, debian/sasl2-bin.README.Debian: Include warnings about running saslauthd with the -d option. (Closes: #474311) * debian/control: Adjust priorities to be consistent and policy-compliant. (Closes: #471534) * debian/rules: Remove generated man pages in clean target. (Partial sync with Ubuntu.) * debian/sasl2-bin.saslauthd.init: Remove bashism in init script. (Closes: #480613) Urgency set to high because of lenny release goal to make dash the default /bin/sh. -- Fabian Fagerholm Tue, 13 May 2008 22:28:11 +0300 cyrus-sasl2 (2.1.22.dfsg1-19) unstable; urgency=low [ Fabian Fagerholm ] * debian/patches/00options, debian/patches/00list: Don't apply symbol versioning patch when building under ppc64. (Closes: #327479) * debian/control: Lower priority of -modules-gssapi-mit package to extra, because it conflicts with the -modules-gssapi-heimdal package. (Policy section 2.5.) * debian/patches/0015_saslutil_decode64_fix.dpatch, debian/patches/00list: Don't allow trailing CR/LF/CRLF in base64 data. (Closes: #431191) * debian/control: Don't build-depend on -1 revisions. * debian/cyrus-sasl2-doc.doc-base: Adjust section. [ Roberto C. Sanchez ] * debian/repack.sh: Automate repackaging of DFSG-compliant tarball -- Fabian Fagerholm Tue, 18 Mar 2008 20:04:21 +0200 cyrus-sasl2 (2.1.22.dfsg1-18) unstable; urgency=high [ Fabian Fagerholm ] * debian/control: We conform to 3.7.3.0 of the Debian policy. * debian/control: Change Vcs-Browser to point to human-readable interface. * debian/patches/0018_auth_rimap_quotes.dpatch: Upstream fix for potential DoS attack through infinite loop. (Closes: #465561) * debian/patches/0019_ldap_deprecated.dpatch: Signal the use of deprecated LDAP functions to avoid implicit pointer conversion. (Closes: #463330) * debian/sasl2-bin.saslauthd.init: Eliminate bashism and use consistent comparison operators throughout. (Closes: #465355) * debian/sasl2-bin.postinst: Call db_stop to avoid hangs when starting saslauthd. (Closes: #459762) * debian/sasl2-bin.config: Don't call db_reset -- if the user has already seen the backup question, we don't ask again. (Closes: #464103) * debian/patches/0020_saslauthd_manpage.dpatch: Correct typos in saslauthd man page. Thanks to Thijs Kinkhorst. (Closes: #463016) * Add Dutch translation. (Closes: #465665) * debian/sasl2-bin.saslauthd.init: Remove S runlevel from Default-Stop. [ Roberto C. Sanchez ] * Add Swedish translation (Closes: #460496) -- Fabian Fagerholm Mon, 18 Feb 2008 15:37:12 +0200 cyrus-sasl2 (2.1.22.dfsg1-17) unstable; urgency=low [ Roberto C. Sanchez ] * debian/control: Add Vcs-Browser and Vcs-Svn tags. * Add Patrick Koetter's saslfinger utility to the package. * debian/cyrus-sasl2-doc.doc-base: add file [ Fabian Fagerholm ] * debian/control, debian/patches/0017_db4.6.dpatch, debian/sasl2-bin.postinst: Build against libdb4.6. Thanks to Martin Pitt for the suggestion and patch. (Closes: #458861) * debian/rules: Install saslfinger directly since we have better control to do it in the build scripts. * debian/sasl2-bin.lintian-overrides: Remove unneeded overrides. -- Fabian Fagerholm Mon, 07 Jan 2008 18:20:50 +0200 cyrus-sasl2 (2.1.22.dfsg1-16) unstable; urgency=low * Debconf templates and debian/control reviewed by the debian-l10n- english team as part of the Smith review project. (Closes: #444377, #447176) * [Debconf translation updates] * Portuguese. (Closes: #445045) * Vietnamese. (Closes: #445130) * Galician. (Closes: #445199) * Tamil. (Closes: #445251) * German. (Closes: #442889, #445559) * Finnish. (Closes: #445847) * Brazilian Portuguese. (Closes: #446144) * Italian. (Closes: #446157) * Russian. (Closes: #446655) * Czech. (Closes: #446787) * French. (Closes: #447118) * Spanish. * debian/control: versioned depends update automatically -- Roberto C. Sanchez Sat, 20 Oct 2007 13:15:28 -0400 cyrus-sasl2 (2.1.22.dfsg1-15) unstable; urgency=low [ Fabian Fagerholm ] * debian/sasl2-bin.saslauthd.init: allow running with NAME variable unset. (Closes: #436440, #436726) * debian/sasl2-bin.saslauthd.default: better in-file documentation. * debian/sasl2-bin.README.Debian: document what happens if you don't set the NAME variable. [ Roberto C. Sanchez ] * debian/po/es.po: add * debian/po/fr.po: add, thanks to Vincent Bernat (Closes: #433371) * debian/po/pt.po: add, thanks to Américo Monteiro (Closes: #436556) * debian/po/de.po: add, thanks to Helge Kreutzmann (Closes: #438719) * debian/po/pt_BR.po: add, thanks to Jefferson Alexandre (Closes: #439132) * debian/rules: Cleanup lintian warnings -- Roberto C. Sanchez Fri, 7 Sep 2007 22:30:01 -0400 cyrus-sasl2 (2.1.22.dfsg1-14) unstable; urgency=low [ Fabian Fagerholm ] * debian/control, debian/sasl2-bin.templates, debian/sasl2-bin.postinst, debian/po/templates.pot, debian/sasl2-bin.config: Build against libdb4.4. Upgrade the database format of /etc/sasldb2 on package upgrade. There is no support for automatic downgrade. (Closes: #354413, #421940) * debian/sasl2-bin.postinst: when creating an empty sasldb file, check for existence, not that it is a regular file. * debian/po/templates.pot: update translations template. -- Fabian Fagerholm Mon, 6 Aug 2007 09:16:21 +0300 cyrus-sasl2 (2.1.22.dfsg1-13) unstable; urgency=low [ Fabian Fagerholm ] * debian/control, debian/sasl2-bin.templates, debian/po: make Debconf templates translatable. (Closes: #428048) * debian/rules, debian/control, debian/sasl-sample-client.sgml, debian/sasl-sample-server.sgml: Introduce man pages for sasl-sample-client and sasl-sample-server. * debian/rules: Allow the package to be built twice. The upstream build system cannot properly clean the source tree after a build, but this at least allows another build to be performed even though the tree is not exactly the same (some generated files are left, but they would be regenerated anyway). (Closes: #424169) -- Fabian Fagerholm Fri, 13 Jul 2007 11:54:56 +0300 cyrus-sasl2 (2.1.22.dfsg1-12) unstable; urgency=low [ Fabian Fagerholm ] * debian/sasl2-bin.README.Debian: Small improvement to multi-init docs. * debian/control, debian/README.Debian: Change the wording regarding the need to install the modules packages, since they are not needed on all systems but are needed especially on servers that provide SASL authentication. * debian/control, debian/sasl2-bin.templates, debian/sasl2-bin.postinst, debian/rules, debian/sasl2-bin.postrm: Introduce Debconf prompt to ask for permission to remove /etc/sasldb2 on package purge, with fallback to not remove it when Debconf is not present. (Closes: #333416) * debian/sasl2-bin.postinst: Before creating the statoverride for the run directory, create it -- but only if the statoverride wasn't present already. The init script will recreate the directory if it's not there. -- Fabian Fagerholm Fri, 8 Jun 2007 12:57:11 +0300 cyrus-sasl2 (2.1.22.dfsg1-11) unstable; urgency=low [ Fabian Fagerholm ] * debian/sasl2-bin.saslauthd.init: Complete rewrite to allow managing multiple saslauthd instances with a single init script. (Closes: #320377) * debian/sasl2-bin.saslauthd.default: Adjust main default file to new init script requirements. * debian/sasl2-bin.README.Debian: Document the new init script setup for sysadmins. -- Fabian Fagerholm Thu, 7 Jun 2007 13:37:51 +0300 cyrus-sasl2 (2.1.22.dfsg1-10) unstable; urgency=high [ Fabian Fagerholm ] * debian/control: lower priority of libsasl2-modules to optional. * debian/control: make libsasl2-modules suggest either the MIT or Heimdal GSSAPI module. * debian/control: change ${Source-Version} into ${binary:Version} to ensure that we are up to date with current practise and are binNMU-safe. [ Roberto C. Sanchez ] * Urgency set to high to synchronize migration with cyrus-sasl2-heimdal. -- Roberto C. Sanchez Thu, 10 May 2007 20:03:45 -0400 cyrus-sasl2 (2.1.22.dfsg1-9) unstable; urgency=low [ Fabian Fagerholm ] * debian/rules: allow turning off SQL, LDAP and GSSAPI at build time, to ease bootstrapping new architectures (Closes: #404268). * debian/control: lower priority of libsasl2 to optional (Closes: #416561). * debian/control: remove transitional packages, conflict with Heimdal GSSAPI package. * debian/control: build-conflict with heimdal-dev. -- Fabian Fagerholm Fri, 20 Apr 2007 19:30:20 +0300 cyrus-sasl2 (2.1.22.dfsg1-8) unstable; urgency=high [ Fabian Fagerholm ] * debian/control, libsasl2-2: update Conflicts on Postfix, need a more recent version still for everything to work. * debian/control: add libsasl2-gssapi-mit transitional package. * debian/control, libsasl2-2: add versioned Conflicts: libsasl2-gssapi-mit and libsasl2-krb4-mit. This means Kerberos 4 is no longer supported. * debian/control, libsasl2-modules-gssapi-mit: add versioned Conflicts: and Replaces: libsasl2-gssapi-mit, remove Provides: libsasl2-gssapi-mit. * debian/TODO: remember to remove the transitional packages post-etch. -- Fabian Fagerholm Wed, 13 Dec 2006 23:22:02 +0200 cyrus-sasl2 (2.1.22.dfsg1-7) unstable; urgency=high [ Fabian Fagerholm ] * debian/sasl2-bin.postinst: create default statoverride entries for the saslauthd run directory and sasldb file, and create an empty sasldb file unless one already exists. (Closes: #401348) * debian/TODO: update. -- Fabian Fagerholm Fri, 8 Dec 2006 10:21:15 +0200 cyrus-sasl2 (2.1.22.dfsg1-6) unstable; urgency=medium [ Fabian Fagerholm ] * debian/control: add Provides: libsasl2-gssapi-mit, as suggested by Sam Hartman. * debian/patches/0015_saslutil_decode64_fix.dpatch: add check to succeed when input string is CR or LF terminated, as well. (Closes: #400955) * debian/sasl2-bin.saslauthd.init: if THREADS is not set, don't include the -n option, and let saslauthd fall back to the compiled-in default. (Closes: #401716) -- Fabian Fagerholm Tue, 5 Dec 2006 22:55:01 +0200 cyrus-sasl2 (2.1.22.dfsg1-5) unstable; urgency=low [ Fabian Fagerholm ] * debian/control: libsasl2-2 conflicts with postfix (<< 2.3.4-2) because earlier versions of postfix use the old method of setting the plugin configuration path. (Closes: #400772) * debian/control: drop libsasl2-2-dev and use libsasl2-dev only. * debian/patches/0015_saslutil_decode64_fix.dpatch: make sasl_decode64 ignore trailing CRLF in the input data. (Closes: #400955) -- Fabian Fagerholm Fri, 1 Dec 2006 22:41:02 +0200 cyrus-sasl2 (2.1.22.dfsg1-4) unstable; urgency=low [ Fabian Fagerholm ] * debian/rules, etc.: Build sample-{client,server} and ship them with Debianized names (prefix sasl-) in sasl2-bin. (Closes: #305357) -- Fabian Fagerholm Tue, 21 Nov 2006 07:51:18 +0200 cyrus-sasl2 (2.1.22.dfsg1-3) unstable; urgency=low [ Fabian Fagerholm ] * debian/control, debian/rules: Add cyrus-sasl2-dbg package and make dh_strip put debugging symbols in it. (Closes: #240767) * debian/sasl2-bin.saslauthd.init: Allow configurable run directory and pid file. (Closes: #201826) * debian/sasl2-bin.README.Debian: Short documentation on how to integrate saslauthd with Postfix. -- Fabian Fagerholm Fri, 17 Nov 2006 09:04:03 +0200 cyrus-sasl2 (2.1.22.dfsg1-2) unstable; urgency=low [ Fabian Fagerholm ] * debian/sasl2-bin.saslauthd.init: Fix case when MECH_OPTIONS is empty. (Closes: #397818) * debian/sasl2-bin.saslauthd.default: Include an example for postfix users. * debian/rules: Preserve CFLAGS variable as suggested by Andreas Metzler. [ Roberto C. Sanchez ] * debian/rules: added '--sysconfdir=/etc' option for configure (Closes: #398137) -- Fabian Fagerholm Mon, 13 Nov 2006 08:46:05 +0200 cyrus-sasl2 (2.1.22.dfsg1-1) unstable; urgency=low [ Fabian Fagerholm ] * debian/control: Adjust priority of packages to be more in line with policy and overrides. * debian/sasl2-bin.saslauthd.default: saslauthd can *not* use more than one authentication mechanism at a time. (Closes: #329716, #274182, #368189) * Repackage upstream tarball to remove non-DFSG-free IETF docs that were accidentally reintroduced for some reason. (Closes: #365183) * Remove non-DFSG-free IETF docs from trunk, so it corresponds to the repackaged tarball. * debian/patches/0012_xopen_crypt_prototype.dpatch: Avoid segfault on architectures where the size of a pointer is greater than the size of an integer. Dann Frazier reported and supplied the patch. (Closes: #397549) * debian/patches/0013_fix_hurd_build.dpatch: This patch had gotten lost, it fixes building on hurd-i386. (Closes: #397714) * debian/patches/0014_avoid_pic_overwrite: Don't overwrite PIC version of libsasldb.a with non-PIC version. This causes linking to fail when making shared objects on certain platforms such as amd64 and hppa. (Closes: #397603, #397605) * debian/rules: Move "-Wl,-z,defs" from CFLAGS to LDFLAGS to avoid a lot of irrelevant linker messages. Andreas Metzler spotted this. -- Fabian Fagerholm Thu, 9 Nov 2006 14:12:40 +0200 cyrus-sasl2 (2.1.22-1) unstable; urgency=low [ Fabian Fagerholm ] * debian/sasl2-bin.saslauthd.default: put back the descriptive comment about sasldb for saslauthd. * Upload to unstable (famous last words ;-). -- Fabian Fagerholm Tue, 7 Nov 2006 13:43:14 +0200 cyrus-sasl2 (2.1.22-0~pre05) experimental; urgency=low [ Fabian Fagerholm ] * debian/control: improve description of -doc package. * debian/control: add -modules-ldap package to -modules Suggests. * debian/control: build-depend on older libdb to ease upgrade. * debian/sasl2-bin.saslauthd.init: fix typo on line 31. * debian/sasl2-bin.saslauthd.init: if daemon is already running or already stopped, reflect this fact in the start or stop message, respectively. * debian/sasl2-bin.saslauthd.init: quote the user-supplied variable on line 51 to avoid errors when it contains a space-separated list. * debian/rules: socket directory is /var/run/saslauthd, fix typo. * debian/sasl2-bin.saslauthd.default: -T option doesn't work, remove. * debian/rules: enable sasldb support in saslauthd. * debian/rules: add test target (currently just builds the test suite). * debian/rules: clean up unneccessary file copying. * debian/patches/0009_sasldb_al.dpatch: fix building saslauthd with sasldb support. * debian/patches/0010_maintainer_mode.dpatch: use AM_MAINTAINER_MODE. * debian/patches/0011_saslauthd_ac_prog_libtool.dpatch: use AC_PROG_LIBTOOL in saslauthd's configure.in. -- Fabian Fagerholm Wed, 1 Nov 2006 23:55:50 +0200 cyrus-sasl2 (2.1.22-0~pre04) experimental; urgency=low [ Fabian Fagerholm ] * debian/rules: use /dev/urandom instead of /dev/random. * debian/README.Debian: document change to /dev/urandom. * Rename the package according to Steve Langasek's advice (based on a patch from Andreas Metzler). -- Fabian Fagerholm Mon, 30 Oct 2006 18:48:42 +0200 cyrus-sasl2 (2.1.22-0~pre03) experimental; urgency=low [ Roberto C. Sanchez ] * Acknowledge previous NMU (Closes: #275431) [ Fabian Fagerholm ] * debian/cyrus-sasl-2.1-bin.saslauthd.init: exit 0 when saslauthd binary is missing (policy 9.3.2) and exit 0 when START != yes. * debian/rules: enable --with-ldap and --enable-ldapdb. * debian/control: create an LDAP modules package. * debian/libsasl2-2-modules-ldap.{dirs,install}: install libldapdb.* into LDAP modules package. [ Andreas Metzler ] * debian/control: Change lsb-base from Build-Depends to Depends for cyrus-sasl-2.1-bin. -- Fabian Fagerholm Mon, 23 Oct 2006 17:27:18 +0300 cyrus-sasl2 (2.1.22-0~pre02) experimental; urgency=low [ Roberto C. Sanchez ] * debian/control: versioned conflict on libsasl2-modules allows installation of pre-release packages. [ Fabian Fagerholm ] * debian/rules: install dbconverter-2 as sasldbconverter2. * debian/rules: include man page for sasldbconverter2. * debian/changelog: clean up, rebuild for experimental. -- Fabian Fagerholm Fri, 20 Oct 2006 08:29:19 +0300 cyrus-sasl2 (2.1.22-0~pre01) experimental; urgency=low * Acknowledged previous NMUs (Closes: #274087, #344686, #362511, #245818) (Closes: #276637, #285605, #332703, #336485, #345880, #357527, #379846) (Closes: #248333, #315177, #324288, #361937, #242184, #256808, #202836) (Closes: #262339, #265751, #275498, #276849) [ Fabian Fagerholm ] * Adopted package (Closes: #368370) * Fixed static linking against libsasl2 (Closes: #282775) * debian/rules: Exit with an error if any of the auto* commands fail (Closes: #321760) * New upstream version (Closes: #316404) - Fixed crash with DIGEST-MD5 (Closes: #286285, #314724) - Built with courier authdaemon support (Closes: #328879) - sql plugin respects log_level settings (Closes: #296449) * debian/watch: Included a watch file (Closes: #205589) * debian/control, debian/rules: Switched from Heimdal to MIT Kerberos (Closes: #257306, #310438) * Repackaged upstream source to remove non-free docs (Closes: #365183) * debian/README.Debian: Document why libsasl2-modules is recommended (Closes: #302280, #365287) * debian/rules: Strip rpath from binaries and shared libraries when build inserts one. [ Roberto C. Sanchez ] * Added myself to Uploaders field * debian/control: Added missing Build-Depends on groff-base * debian/control: Changed build dependency from db4.2 to db4.4 (Closes: #354413) * debian/rules: Made it so README.configure-options is actually populated * debian/rules: Prevent bogus ldconfig calls in postinst and postrm * debian/testsaslauthd.8: Added manual page for testsaslauthd(8) * debian/cyrus-sasl-2.1-bin.saslauthd.init: Improved socket and pidfile location flexibility (Closes: #254298, #300710, #287313) * debian/control: Changed libsasl2-2-modules-sql to depend on libsasl2-2-modules (Closes: #392571) * debian/rules: /etc/sasl at start of config search path (Closes: #211156) * Split OTP plugin into its own package (Closes: #251735) * debian/control: Made libsasl2-2-modules suggest libsasl2-2-modules-{sql,otp,gssapi-heimdal} (Closes: #348685) * debian/cyrus-sasl-2.1-bin.saslauthd.init: Useful errors (Closes: #257181) * debian/control: Added NTLM to description (Closes: #274402) * Added necessary config.h and Makefile to build samples (Closes: #190658) -- Fabian Fagerholm Thu, 19 Oct 2006 23:26:02 +0300 cyrus-sasl2 (2.1.19.dfsg1-0.5) unstable; urgency=low * Non-maintainer upload during BSP. * Changed init script for option -m in saslauthd. (Thanks Elmar Hoffmann for your Help) Closes: #364395. -- Michael Steinfurth Sun, 17 Sep 2006 12:20:44 +0200 cyrus-sasl2 (2.1.19.dfsg1-0.4) unstable; urgency=high * Non-maintainer upload * Reverted to libdb4.2-dev. -- Peter Eisentraut Sat, 16 Sep 2006 00:19:18 +0200 cyrus-sasl2 (2.1.19.dfsg1-0.3) unstable; urgency=high * Use libkrb5-dev instead of heimdal-dev. Closes: #379846. * Use libdb4.3-dev instead of libdb4.2-dev. Closes: #336485. -- Peter Eisentraut Fri, 15 Sep 2006 18:30:19 +0200 cyrus-sasl2 (2.1.19.dfsg1-0.2) unstable; urgency=high * Non-maintainer upload * Applied upstream patch to fix remote denial of service [debian/patches/27_CVE-2006-1721.diff] Closes: #361937. -- dann frazier Tue, 25 Apr 2006 09:39:43 -0600 cyrus-sasl2 (2.1.19.dfsg1-0.1) unstable; urgency=low * Non-maintainer upload. * Remove dlcompat-20010505 subdirectory from source package as it contains non-DFSG-free source. Required regeneration of the orig.tar.gz. Closes: #357527. -- dann frazier Tue, 4 Apr 2006 16:38:20 -0600 cyrus-sasl2 (2.1.19-1.9) unstable; urgency=low * Non-maintainer upload. * debian/patches/26_fix_hurd_build.diff: Fix FTBFS on hurd-i386. Closes: #324288. -- Michael Banck Fri, 20 Jan 2006 15:45:30 +0100 cyrus-sasl2 (2.1.19-1.8) unstable; urgency=medium * Non-maintainer upload. * Medium-urgency upload for RC bugfixes. * Rebuild against current heimdal packages, dropping the build-dependency on the obsolete and soon-to-be-removed krb4 package; also drop the (misnamed) libsasl2-modules-kerberos-heimdal package as a result. Closes: #345737, 345880. * Drop mention of KERBEROS_V4 in the libsasl2 package description. * Build against libmysqlclient15 instead of the obsolete libmysqlclient10 for libsasl2-modules-sql. * debian/patches/25_postgresql_pg_config.diff: Use pg-config --includedir in configure.in, so that cyrus-sasl2 continues to build when the postgresql include path changes as the postgresql maintainers are planning to do; and adjust the include path in plugins/sql.c accordingly. Closes: #315177. -- Steve Langasek Sat, 7 Jan 2006 04:18:58 -0800 cyrus-sasl2 (2.1.19-1.7) unstable; urgency=low * Non-maintainer upload. * fix FTBFS in plugins/ntlm.c with patch 24. Closes: #332703 -- Andreas Barth Sat, 5 Nov 2005 20:07:50 +0100 cyrus-sasl2 (2.1.19-1.6) unstable; urgency=medium * Non-maintainer upload. * Medium-urgency upload for RC bugfixes. * Drop the extern declaration of a static variable global_callbacks, allowing the package to build with gcc-4.0 (closes: #285605). * Build-Depend on libpq-dev instead of on postgresql-dev, as the latter package name is obsolete. (Ref: #315177) -- Steve Langasek Wed, 24 Aug 2005 17:41:57 -0700 cyrus-sasl2 (2.1.19-1.5) unstable; urgency=emergency * NMU * Clean-up 2.1.19-1.4 NMU: + Since we were using an upstream CVS patch, add another patch fixing it instead of changing the (bad) upstream CVS patch; Sent this new patch upstream + Set *path to NULL, not to 0 * Add Build-Conflicts: autoconf2.13, automake1.4 * We want something easy to merge/further fix in sarge, so this cleanup is a good idea -- Henrique de Moraes Holschuh Sat, 16 Oct 2004 17:50:19 -0300 cyrus-sasl2 (2.1.19-1.4) unstable; urgency=low * NMU * fix the security fix: Initialize *path with 0. Closes: #276637. -- Andreas Barth Fri, 15 Oct 2004 20:26:41 +0200 cyrus-sasl2 (2.1.19-1.3) unstable; urgency=high * NMU * Fix minor issue with -1.2 in patch 15, to squash a compiler warning (just in case it becomes more than a warning in some arch): add missing "int" to extern declaration -- Henrique de Moraes Holschuh Fri, 8 Oct 2004 13:06:28 -0300 cyrus-sasl2 (2.1.19-1.2) unstable; urgency=high * NMU, since I am not sure Dima is back yet * SECURITY FIX: SASL_PATH environment variable must not be honoured on setuid environments, otherwise we have a local privilege escalation exploit (CVE: CAN-2004-0884), related advisories: RHSA-2004:546-02; GLSA 200410-05 * upstream CVS: lib/common.c: don't honor SASL_PATH in setuid environment. from Gentoo (CVE CAN-2004-0884); (closes: #275431) * upstream CVS: plugins/kerberos4.c: document weirdness with openssl DES * upstream CVS: plugins/cram.c,plugins/anonymous.c,plugins/login.c, plugins/plain.c,plugins/sasldb.c: Fixed several 64 bit portability warnings * Forward port sasl_set_alloc locking patch from SASL 1.5, to avoid problems with the braindead idea of globals SASL has, and with libraries that think they can get around mucking with them (hello openldap!) (closes: #274087) -- Henrique de Moraes Holschuh Fri, 8 Oct 2004 11:15:39 -0300 cyrus-sasl2 (2.1.19-1.1) unstable; urgency=medium * NMU with permission from the maintainer * Release Manager: SASL 2.1.18 (currently in sarge) is very unusable. Please accept this upload for sarge. The main reasons justifying this are: * Security fixes from upstream: at least one buffer overflow was plugged in 2.1.19, and the code was made more secure, which may have plugged other latent security bugs. * Essential feature: 2.1.18 has a very bad regression in that saslauthd cannot support realms embedded inside the username as previous versions did. However, that regression is exactly how it should be behaving since day one, never mind that too many setups are hopeless with the realm information out-of-band. 2.1.19 adds a "-r" option to saslauthd which restores the former behaviour. Both behaviours are needed, depending on the SASL mechs being used (one sends the realm out-of-band, the other in-band). Users have complained loudly about this issue, not only in Debian, but in the SASL and Cyrus IMAP mailinglists as well. For way too many people and setups, "-r" is essential * Essential bug fixes: Digest-MD5 and GSSAPI are quite broken in 2.1.18, and extensive fixes were applied on them in 2.1.19. In fact, 2.1.18 GSSAPI does _not_ work completely right against Heimdall and MIT kerberos. * ABI version issue: the 2.1.19-1 Debian package was uploaded to _unstable_ before the freeze. Maybe because of that, the maintainer did upgrade the shlibs dependency to 2.1.19 (I have confirmed that to be required for SASL modules, so it appears to be really required). Packages built in _unstable_ since them are being held back due to this issue. The best fix for packages that use libsasl2 *is* getting this new version into sarge, due to all other fixes. * Bugs closed in 2.1.19-1, but not ackwnoleged before: * Fix FTBFS in hppa, due to broken libtool usage, thanks to Steve Langasek for the patch (closes: #245818) * 2.1.19 supports saslauthd "-r" option (closes: #248333, #256808) * Changes in this NMU: * upstream CVS: plugins/digestmd5.c: Fix handling of client realm callback * upstream CVS: plugins/gssapi.c: Memory management cleanup * upstream CVS: configure.in, plugins/gssapi.c: Wrap all GSS calls in mutexes when required by the implementation (closes: #202836) THIS PATCH PROBABLY SHOULD BE SET TO DISABLED BY DEFAULT WHEN MIT KERBEROS 1.3.5 ENTERS UNSTABLE (see https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2255) * Libtool is refreshed at every build, so this upload closes: #262339 * debian/control: build-depend on debhelper (>= 4) * debian/control: build-depend on libtool (>= 1.5.6) instead of (>= 1.5.2-1) * Fix initscript to return status 0 if stop called when daemon is already stopped (closes: #242184) -- Henrique de Moraes Holschuh Sat, 14 Aug 2004 13:04:38 -0300 cyrus-sasl2 (2.1.19-1) unstable; urgency=medium * New upstream version (Closes: #259503, #259658) * Acknowledge the last NMU (closes: #254818) * Build against libdb4.2 (closes: #253894) * Fixed the path to saslauthd.conf in the saslauthd man page (Closes: #254454) -- Dima Barsky Sun, 4 Jul 2004 20:38:53 +0100 cyrus-sasl2 (2.1.18-4.1) unstable; urgency=low * NMU. * Fix FTBFS, non-PIC in shared lib (closes: #254818). -- Matthias Klose Fri, 21 May 2004 08:02:44 +0200 cyrus-sasl2 (2.1.18-4) unstable; urgency=medium * Added the build dependency on libtool -- Dima Barsky Mon, 19 Apr 2004 13:46:23 +0100 cyrus-sasl2 (2.1.18-3) unstable; urgency=medium * Update config.{sub,guess} at the build time * Added conflict with old MIT kerberos packages (Closes: #240714) -- Dima Barsky Sun, 18 Apr 2004 18:02:48 +0100 cyrus-sasl2 (2.1.18-2) unstable; urgency=low * Renamed libsasl2-modules-mysql to libsasl2-modules-sql * Reduced some packages' priority to optional, only the core remain important. * Enabled KRB4 (should've done it in 2.1.18-1). -- Dima Barsky Sun, 21 Mar 2004 01:07:40 +0000 cyrus-sasl2 (2.1.18-1) unstable; urgency=low * New upstream release (Closes: #232086) * Revised Build-Depends list (Closes: #212615) * Fixed typo in debian/control, thanks to hmh@debian.org (Closes: #213521) * Fixed mutex handling (Closes: #223253) * Use single -a for several mechanisms in /etc/init.d/saslauthd (Closes: #202354) * Fixed sasltestsuite (Closes: #217538) -- Dima Barsky Sat, 13 Mar 2004 16:16:26 +0000 cyrus-sasl2 (2.1.15-6) unstable; urgency=low * Acknowledging the last two NMUs (Closes: #213510, #212945, #212318, #211958) * Added -fno-strict-aliasing flag (Closes: #215862) -- Dima Barsky Sun, 26 Oct 2003 01:26:53 +0100 cyrus-sasl2 (2.1.15-5.2) unstable; urgency=low * NMU * Eeek, kill acinclude.m4 (what the FUCK is it doing there anyway?!) so as to correctly update the libtool environment (Closes: #213510) * While at it fix some stuff in the control file: + Section: libs for libsasl2-* since SASL runtime environment is NOT a devel suite * Document rather bluntly the extreme need for sasl modules for this lib to actually work in README.Debian -- Henrique de Moraes Holschuh Tue, 30 Sep 2003 21:14:56 -0300 cyrus-sasl2 (2.1.15-5.1) unstable; urgency=low * NMU * Rebuild, to get correct heimdal dependencies. Also add comerr-dev to build-dependency list (Closes: #212945) * Build-depend on libtool1.4 (Closes: #212318) -- Henrique de Moraes Holschuh Tue, 30 Sep 2003 13:56:28 -0300 cyrus-sasl2 (2.1.15-5) unstable; urgency=low * Set priority to "important" (Closes: #202876) * Run aclocal,autoconf,automake, and autoheader in saslauthd directory as well as the top one (Closes: #203096) * Registered a conflict between *-heimdal packages and *-mit ones (Closes: #202838) * Grabbed doc/components.html from the SASL CVS (Closes: #202642) -- Dima Barsky Thu, 31 Jul 2003 21:17:09 +0100 cyrus-sasl2 (2.1.15-4) unstable; urgency=low * Removed build dependency on libopenafs-dev, it was only required for SASL1. SASL2 can take the DES library from libssl-dev (Closes: #202569). -- Dima Barsky Wed, 23 Jul 2003 12:50:59 +0100 cyrus-sasl2 (2.1.15-3) unstable; urgency=low * Added build dependency on groff-base -- Dima Barsky Mon, 21 Jul 2003 12:39:50 +0100 cyrus-sasl2 (2.1.15-2) unstable; urgency=low * Added build dependency on dbs and libopenafs-dev -- Dima Barsky Mon, 21 Jul 2003 11:43:38 +0100 cyrus-sasl2 (2.1.15-1) unstable; urgency=low * New upstream release * Added LDAP_SASLAUTHD doc file to sasl2-bin (Closes: #201893) * Added build dependency on automake1.4 and autoconf2.13 -- Dima Barsky Tue, 15 Jul 2003 21:39:08 +0100 cyrus-sasl2 (2.1.14-1) unstable; urgency=low * New upstream release * Changed the build system to dbs. * THe GSSAPI segfault has been fixed upstream (Closes: #192502) * Fixed a typo in the sasl2-bin description (Closes: #197070, #193958) * Made a separate package for the MYSQL plugin (Closes: #188716, #166702, #190673) * Moved libsasldb plugin into the libsasl2 package. -- Dima Barsky Mon, 14 Jul 2003 07:04:47 +0100 cyrus-sasl2 (2.1.12-1) unstable; urgency=low * New upstream release * Changed variable 'c' in testsuite.c:2871 from char to int (Closes: #177426) * Recompiled with the latest heimdal libraries (Closes: #179810) * Removed RFC documents from libsasl2 (Closes: #178987) -- Dima Barsky Sat, 15 Mar 2003 22:29:25 +0000 cyrus-sasl2 (2.1.10-1) unstable; urgency=low * New upstream release (Closes: #172453) * Included sasldbconverter2 (Closes: #170740) * Removed duplicate "--with-ldap" from debian/rules (Closes: #167858) * Added "--sysconfdir=/etc" to debian/rules (Closes: #167855) * Changed libsasl2 -> libsasl2-modules dependency from Suggests to Recommends (Closes: #171938) * Added "--enable-alwaystrue" to debian/rules (Closes: #170495) * Included testsaslauthd (Closes: #167876) * Included sasltestsuite (Closes: #166538) -- Dima Barsky Mon, 23 Dec 2002 16:07:31 +0000 cyrus-sasl2 (2.1.9-5) unstable; urgency=low * Updated libtool files inside saslauthd/config/ (Closes: #166810) * Enabled NTLM module * Enabled LDAP support for saslauthd -- Dima Barsky Mon, 28 Oct 2002 21:12:56 +0000 cyrus-sasl2 (2.1.9-4) unstable; urgency=low * Enabled DO_DLOPEN unconditionally in configure.in -- Dima Barsky Mon, 28 Oct 2002 00:20:55 +0000 cyrus-sasl2 (2.1.9-3) unstable; urgency=low * Added AM_MAINTAINER_MODE to configure.in -- Dima Barsky Sat, 26 Oct 2002 01:46:13 +0100 cyrus-sasl2 (2.1.9-2) unstable; urgency=low * Added dbconverter-2 as /usr/sbin/sasldbconverter-2 * Added build dependency on zlib1g-dev -- Dima Barsky Fri, 25 Oct 2002 22:28:30 +0100 cyrus-sasl2 (2.1.9-1) unstable; urgency=low * New upstream release * shlibs now refers to the current version (Closes: #163845) * sasl2-bin now uses dpkg-statoverride to manage permissions of /var/run/saslauthd and /etc/sasldb2 (Closes: #163042, #164393) -- Dima Barsky Mon, 21 Oct 2002 22:01:01 +0100 cyrus-sasl2 (2.1.7-3) unstable; urgency=low * Added shlibs file (Closes: #162927) -- Dima Barsky Tue, 1 Oct 2002 17:44:36 +0100 cyrus-sasl2 (2.1.7-2) unstable; urgency=low * Build with versioned symbols * Another split: KERBEROS mechanism is now in a separate module (Closes: #154153) * README.Debian has been updated a while ago, we can close bug 146543 now. (Closes: #146543) -- Dima Barsky Mon, 30 Sep 2002 17:23:12 +0100 cyrus-sasl2 (2.1.7-1) unstable; urgency=low * New upstream version (Closes: #156286, #158296) * Enabled ldap and mysql (Closes: #155025, #154965) * /etc/sasldb2 and /var/run/saslauthd now belong to the group "sasl" and are group-readable (Closes: #151798) -- Dima Barsky Thu, 25 Sep 2002 15:51:12 +0100 cyrus-sasl2 (2.1.6-1) unstable; urgency=low * New upstream version * Make sure autoheader is not invoked at the build stage (Closes: #153127) -- Dima Barsky Wed, 17 Jul 2002 12:19:29 +0100 cyrus-sasl2 (2.1.5-7) unstable; urgency=low * Separated heimdal-dependent plugins into the libsasl2-modules-gssapi-heimdal package * Updated libtool to the latest version (Closes: #146229) * Changed permissions on /var/run/saslauthd to 711 (Closes: #151796) -- Dima Barsky Thu, 4 Jul 2002 09:24:42 +0100 cyrus-sasl2 (2.1.5-6) unstable; urgency=low * Removed build dependency on automake -- Dima Barsky Wed, 3 Jul 2002 09:51:47 +0100 cyrus-sasl2 (2.1.5-5) unstable; urgency=low * Added a few packages to the Build-Depends list -- Dima Barsky Tue, 2 Jul 2002 16:22:57 +0100 cyrus-sasl2 (2.1.5-4) unstable; urgency=low * Enabled DES, KERBEROS, and GSSAPI * Merged all modules into the package libsasl2-modules -- Dima Barsky Tue, 2 Jul 2002 13:10:10 +0100 cyrus-sasl2 (2.1.5-3) unstable; urgency=low * Enabled sasldb in saslauthd (Closes: 146791) -- Dima Barsky Tue, 2 Jul 2002 11:50:03 +0100 cyrus-sasl2 (2.1.5-2) unstable; urgency=low * Preserve /usr/lib/sasl2/*.la (Closes: #151567) -- Dima Barsky Mon, 1 Jul 2002 19:24:21 +0100 cyrus-sasl2 (2.1.5-1) unstable; urgency=low * New upstream version (Closes: #133458, #148693, #131792, #150957) * Added explicit rule for building libsasl2.a (Closes: #144200) * Added a warning about /dev/random to README.Debian (Closes: #146982) * /var/run/saslauthd/mux is now world-readable (Closes: #147484) * Modified sasl2-bin.default to make it clear that MECHANISMS is a space separated lists, so it should be quoted if there is more than one item in it (Closes: #146790) -- Dima Barsky Sun, 30 Jun 2002 01:19:16 +0100 cyrus-sasl2 (2.1.2-2) unstable; urgency=low * Fixed saslauthd man page (Closes: #131791) -- Dima Barsky Wed, 27 Mar 2002 15:27:39 +0000 cyrus-sasl2 (2.1.2-1) unstable; urgency=low * New upstream version * Changed --without-gssapi to --disable-gssapi * Closes: #131792 -- Dima Barsky Tue, 26 Mar 2002 22:29:12 +0000 cyrus-sasl2 (2.1.1-0.2) unstable; urgency=low * Fix a naming problem with the init script. * Fix problems with the init script itself. -- Michael Alan Dorman Sun, 17 Mar 2002 15:44:45 -0500 cyrus-sasl2 (2.1.1-0.1) unstable; urgency=low * New upstream version * Total rewrite of debian/rules, fold everything into nice, standard debhelper usage * Functionality to auto-start saslauthd, which configury through /etc/default/saslauthd -- Michael Alan Dorman Sun, 17 Mar 2002 15:09:55 -0500 cyrus-sasl2 (2.1.0-2) unstable; urgency=low * Added build dependency on libopie-dev -- Dima Barsky Sun, 27 Jan 2002 20:07:15 +0000 cyrus-sasl2 (2.1.0-1) unstable; urgency=low * Initial release of cyrus-sasl2 -- Dima Barsky Sun, 20 Jan 2002 14:36:45 +0000 debian/libsasl2-modules-db.install0000664000000000000000000000003612224360423014321 0ustar usr/lib/*/sasl2/libsasldb.so* debian/gbp.conf0000664000000000000000000000025412224412004010577 0ustar [DEFAULT] debian-branch = master debian-tag = debian/%(version)s upstream-branch = upstream-sid upstream-tag = upstream/%(version)s pristine-tar = True [git-dch] meta = 1 debian/repack.sh0000775000000000000000000000160412224412004010764 0ustar #!/bin/sh # # Repackage upstream source to exclude non-distributable files. # Should be called as "repack sh --upstream-source # (for example, via uscan). set -e set -u if [ $# -ne 3 ]; then echo "Usage: $0 --upstream-source " exit 1 fi OPT_VERSION=$2 OPT_FILE=$3 TMPDIR=`mktemp -d` trap "rm -rf $TMPDIR" QUIT INT EXIT echo "Repackaging $OPT_FILE" orig_file_path=$(readlink --canonicalize $OPT_FILE) package_name=$(dpkg-parsechangelog | sed -n 's/^Source: //p') dfsg_directory=${package_name}_${OPT_VERSION}.dfsg1 dfsg_file_path=$(dirname ${orig_file_path})/${dfsg_directory}.orig.tar.gz zcat "${orig_file_path}" | \ tar --wildcards \ --delete '*/dlcompat-20010505/*' \ --delete '*rfc*.txt' \ --delete '*draft-*.txt' \ --delete '*~' | \ gzip -c > $dfsg_file_path echo "File $OPT_FILE repackaged successfully to $dfsg_file_path" debian/control0000664000000000000000000002117212235227313010576 0ustar Source: cyrus-sasl2 Section: libs Priority: standard Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Debian Cyrus SASL Team Uploaders: Fabian Fagerholm , Roberto C. Sanchez , Ondřej Surý , Adam Conrad Standards-Version: 3.9.2 Build-Depends: debhelper (>= 9), quilt (>= 0.46-7~), autotools-dev, automake, autoconf, libtool, libdb-dev, libpam0g-dev (>= 0.76-22), libssl-dev (>= 0.9.7e-3), libmysqlclient-dev | libmysqlclient15-dev (>= 5.0.20), libpq-dev (>= 8.1.3-4), heimdal-multidev, krb5-multidev, libkrb5-dev, libsqlite3-dev, libldap2-dev (>= 2.1.30-8), chrpath, groff-base, debconf (>= 0.5) | debconf-2.0, po-debconf, docbook-to-man, hardening-wrapper Build-Conflicts: heimdal-dev Vcs-Browser: http://git.debian.org/?p=pkg-cyrus-sasl2/cyrus-sasl2.git Vcs-Git: git://git.debian.org/pkg-cyrus-sasl2/cyrus-sasl2/ Homepage: http://www.cyrusimap.org/ Package: sasl2-bin Section: utils Priority: optional Architecture: any Depends: libsasl2-2 (>= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}, lsb-base (>= 3.0-6), db-util, debconf (>= 1.4.69) | cdebconf (>= 0.39) Breaks: libsasl2-2 (<< 2.1.25.dfsg1-8) Replaces: libsasl2-2 (<< 2.1.25.dfsg1-8) Description: Cyrus SASL - administration programs for SASL users database This is the Cyrus SASL API implementation, version 2.1. See package libsasl2-2 and RFC 2222 for more information. . This package contains administration programs for the SASL users database and common binary files for plugin modules. Package: cyrus-sasl2-doc Section: doc Priority: optional Architecture: all Depends: ${misc:Depends} Description: Cyrus SASL - documentation This is the Cyrus SASL API implementation, version 2.1. See package libsasl2-2 and RFC 2222 for more information. . This package contains documentation for system administrators. Package: libsasl2-2 Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends}, libsasl2-modules-db (>= ${binary:Version}) Recommends: libsasl2-modules (>= ${binary:Version}) Breaks: postfix (<= 2.8.3-1), slapd (<= 2.4.25-3) Replaces: libsasl2 Description: Cyrus SASL - authentication abstraction library This is the Cyrus SASL API implementation, version 2.1. . SASL is the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. To use SASL, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating protection of subsequent protocol interactions. If its use is negotiated, a security layer is inserted between the protocol and the connection. See RFC 2222 for more information. . Any of: ANONYMOUS, CRAM-MD5, DIGEST-MD5, GSSAPI (MIT or Heimdal Kerberos 5), NTLM, OTP, PLAIN, or LOGIN can be used. Package: libsasl2-modules Priority: optional Architecture: any Multi-Arch: same Depends: ${shlibs:Depends}, ${misc:Depends} Suggests: libsasl2-modules-otp, libsasl2-modules-ldap, libsasl2-modules-sql, libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal Description: Cyrus SASL - pluggable authentication modules This is the Cyrus SASL API implementation, version 2.1. See package libsasl2-2 and RFC 2222 for more information. . This package provides the following SASL modules: LOGIN, PLAIN, ANONYMOUS, NTLM, CRAM-MD5, and DIGEST-MD5 (with DES support). Package: libsasl2-modules-db Architecture: any Multi-Arch: same Breaks: libsasl2-2 (<< 2.1.25.dfsg1-9~), libsasl2-3 (<< 2.1.26.dfsg1-2~) Replaces: libsasl2-2 (<< 2.1.25.dfsg1-9~), libsasl2-3 (<< 2.1.26.dfsg1-2~), libsasl2-modules (<< 2.1.26.dfsg1-6~) Depends: ${shlibs:Depends}, ${misc:Depends} Description: Cyrus SASL - pluggable authentication modules (DB) This is the Cyrus SASL API implementation, version 2.1. See package libsasl2-2 and RFC 2222 for more information. . This package provides the DB plugin, which supports Berkeley DB lookups. Package: libsasl2-modules-ldap Priority: extra Architecture: any Multi-Arch: same Depends: libsasl2-modules (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} Description: Cyrus SASL - pluggable authentication modules (LDAP) This is the Cyrus SASL API implementation, version 2.1. See package libsasl2-2 and RFC 2222 for more information. . This package provides the LDAP plugin, which supports OpenLDAP. Package: libsasl2-modules-otp Priority: extra Architecture: any Multi-Arch: same Depends: libsasl2-modules (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} Description: Cyrus SASL - pluggable authentication modules (OTP) This is the Cyrus SASL API implementation, version 2.1. See package libsasl2-2 and RFC 2222 for more information. . This package provides the OTP plugin, which supports one time passwords. Package: libsasl2-modules-sql Priority: extra Architecture: any Multi-Arch: same Depends: libsasl2-modules (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} Description: Cyrus SASL - pluggable authentication modules (SQL) This is the Cyrus SASL API implementation, version 2.1. See package libsasl2-2 and RFC 2222 for more information. . This package provides the SQL plugin, which supports MySQL, PostgreSQL and SQLite. Package: libsasl2-modules-gssapi-mit Priority: extra Architecture: any Multi-Arch: same Depends: libsasl2-modules (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} Conflicts: libsasl2-modules-gssapi-heimdal Description: Cyrus SASL - pluggable authentication modules (GSSAPI) This is the Cyrus SASL API implementation, version 2.1. See package libsasl2-2 and RFC 2222 for more information. . This package provides the GSSAPI plugin, compiled with the MIT Kerberos 5 library. Package: libsasl2-dev Section: libdevel Architecture: any Priority: optional Depends: libsasl2-2 (= ${binary:Version}), libc6-dev, ${misc:Depends} Description: Cyrus SASL - development files for authentication abstraction library This is the Cyrus SASL API implementation, version 2. See package libsasl2-2 and RFC 2222 for more information. . This package includes development files for compiling programs with SASL support. It is needed for development purposes only. Package: libsasl2-modules-gssapi-heimdal Architecture: any Multi-Arch: same Priority: extra Depends: libsasl2-modules (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} Conflicts: libsasl2-modules-gssapi-mit Description: Pluggable Authentication Modules for SASL (GSSAPI) This is the Cyrus SASL API implementation, version 2.1. See package libsasl2-2 and RFC 2222 for more information. . This package provides the GSSAPI plugin, compiled with the Heimdal Kerberos 5 library. Package: cyrus-sasl2-dbg Section: debug Architecture: any Priority: extra Depends: libsasl2-2 (= ${binary:Version}), ${misc:Depends} Recommends: cyrus-sasl2-mit-dbg | cyrus-sasl2-heimdal-dbg Description: Cyrus SASL - debugging symbols This is the Cyrus SASL API implementation, version 2. See package libsasl2-2 and RFC 2222 for more information. . This package contains the debugging symbols for all Cyrus SASL packages. The debugging symbols can be useful when investigating crashes in the SASL library or tools. You may be asked to install this package if you encounter such a crash. Package: cyrus-sasl2-mit-dbg Section: debug Architecture: any Priority: extra Depends: cyrus-sasl2-dbg (= ${binary:Version}), libsasl2-modules-gssapi-mit (= ${binary:Version}), ${misc:Depends} Conflicts: cyrus-sasl2-heimdal-dbg Description: Cyrus SASL - debugging symbols for MIT modules This is the Cyrus SASL API implementation, version 2. See package libsasl2-2 and RFC 2222 for more information. . This package contains the debugging symbols for the Cyrus SASL MIT GSSAPI modules package (libsasl2-modules-gssapi-mit). The debugging symbols can be useful when investigating crashes in the SASL library or tools. You may be asked to install this package if you encounter such a crash. Package: cyrus-sasl2-heimdal-dbg Section: debug Architecture: any Priority: extra Depends: cyrus-sasl2-dbg (= ${binary:Version}), libsasl2-modules-gssapi-heimdal (= ${binary:Version}), ${misc:Depends} Conflicts: cyrus-sasl2-mit-dbg Description: Cyrus SASL - debugging symbols for Heimdal modules This is the Cyrus SASL API implementation, version 2. See package libsasl2-2 and RFC 2222 for more information. . This package contains the debugging symbols for the Cyrus SASL Heimdal GSSAPI modules package (libsasl2-modules-gssapi-heimdal). The debugging symbols can be useful when investigating crashes in the SASL library or tools. You may be asked to install this package if you encounter such a crash. debian/saslfinger/0000775000000000000000000000000012224357633011334 5ustar debian/saslfinger/ChangeLog0000664000000000000000000000462112224357633013111 0ustar 2007-01-29 23:29 p * install.sh: Fixed sha-bang in file 2005-11-28 22:55 p * saslfinger: Added Gentoo paths contributed by Tuan Van 2005-01-10 23:10 p * HISTORY, INSTALL, TODO, index.html, install.sh, saslfinger, saslfinger.1, saslfinger.1.xml: Added properties to all files, changed source paths for install script 2005-01-10 23:04 p * man, saslfinger, saslfinger.1, saslfinger.1.xml, script: Moved saslfinger.1.xml saslfinger.1 and saslfinger to top dir 2005-01-10 23:02 p * html, index.html: Moved index.html to top dir. 2005-01-10 22:13 p * CHANGES, HISTORY, script/saslfinger: Moved telnet test to the end of the script until I've found a solution to stop the script from stopping if the telnet test fails 2005-01-10 21:50 p * branches, tags, trunk: Removed stupid SVN default files 2005-01-10 21:49 p * script/saslfinger: fighting the telnet test... 2004-11-22 14:35 p * script/saslfinger: Added /etc/slackware-version as system descriptor to look for 2004-11-03 08:53 p * html/index.html: update for 0.9.8 downloads 2004-11-03 08:53 p * CHANGES: update of changes 2004-11-03 08:52 p * script/saslfinger: + Added netcat as alternative for the unstable telnet based SMTP test routine + Fixed "command not found" message when nc or netcat are not present + Fixed a typo in the routine that replaces sql_passwd entries with blanks; it used to grep for sql_pass, but not sql_passwd. 2004-11-02 19:33 p * CHANGES: Update of changes 2004-11-02 19:32 p * script/saslfinger: Fixed a misleading message when smtpd.conf is missing. 2004-10-29 10:21 p * CHANGES, TODO: Update for release 0.9.6 2004-10-29 10:20 p * script/saslfinger: Added nc as alternative for the instable telnet test 2004-10-28 14:57 p * script/saslfinger: Added support for FreeBSD Fixed a typo in the client debug section 2004-10-28 14:56 p * CHANGES, TODO: Created a Changelog and a todo list 2004-10-07 07:58 p * script/saslfinger: Added path for SASL on NetBSD Added search parameters for TLS configuration 2004-09-15 00:17 p * INSTALL: Another change... 2004-09-15 00:15 p * INSTALL: Just to test the mail script... 2004-09-14 23:58 p * INSTALL, html, html/index.html, install.sh, man, man/saslfinger.1, man/saslfinger.1.xml, script, script/saslfinger: Initial import 2004-09-14 20:36 root * branches, tags, trunk: Initial repository layout debian/saslfinger/COPYING0000664000000000000000000010451312224357633012373 0ustar GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: Copyright (C) This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see . The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read . debian/saslfinger/install.sh0000775000000000000000000000233412224357633013343 0ustar #!/bin/bash scriptname="saslfinger" man_paths=(/usr/share/man) if [ ! -z "$DESTDIR" ] ; then echo "DESTDIR ($DESTDIR) found in the environment. Will be used as install prefix." fi # verify_man_page () # Check if the man page for this script has been installed and install it # if it isn't there. verify_man_page () { for man_path in ${man_paths[@]} do local man_source="${scriptname}.1" local man_dest="$DESTDIR${man_path}/man1/${scriptname}.1" if ! [[ -e ${man_dest} ]]; then echo "Installing man page..." $(cp ${man_source} ${man_dest}) elif [[ ${man_dest} -ot ${man_source} ]]; then echo "Updating ${scriptname} man page..." $(cp ${man_source} ${man_dest}) else echo "${scriptname} man page is up to date. Nothing to do." fi done } verify_script () { local source_dir="${scriptname}" local install_dir="$DESTDIR/usr/bin/${scriptname}" if ! [[ -e ${install_dir} ]]; then echo "Installing ${scriptname}..." `cp ${source_dir} ${install_dir}` `chmod 755 ${install_dir}` elif [[ ${install_dir} -ot ${source_dir} ]]; then echo "Updating ${scriptname}..." `cp -p -f ${source_dir} ${install_dir}` `chmod 755 ${install_dir}` else echo "${scriptname} is up to date. Nothing to do." fi } verify_script verify_man_page exit 0 debian/saslfinger/saslfinger0000775000000000000000000002117212224357633013422 0ustar #!/bin/bash # # Copyright © 2004 Patrick Koetter # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or (at # your option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # ##################################################################### # VARIABLES # ##################################################################### # set -e scriptname="${0##*/}" scriptversion=1.0.4 declare -a sasl_dirs valid_sasl_lib_names sasl_dirs=(/usr/lib/sasl \ /usr/lib64/sasl2 \ /var/lib/sasl \ /opt/lib/sasl \ /usr/lib/sasl2 \ /var/lib/sasl2 \ /opt/lib/sasl2 \ /usr/local/lib/sasl2 \ /etc/sasl2 \ /etc/postfix/sasl \ /etc/cyrus-sasl \ /usr/pkg/lib) sasl_libs=(libsasl.so libsasl2.so) ##################################################################### # COMMANDS AND FUNCTIONS # ##################################################################### export PATH="/bin:/sbin:/usr/bin:/usr/sbin:$PATH" function start () { echo "${scriptname} - postfix Cyrus sasl configuration $(date)" echo "version: ${scriptversion}" echo "mode: ${mode} SMTP AUTH" } function end () { echo "-- end of ${scriptname} output --" } function postconf_get () { postconf -h ${1}; } function get_saslpasswd () { postconf -h smtp_sasl_password_maps | sed -e s/^.*://; } function get_mail_version () { declare -a systems local systems=("/etc/redhat-release" "/etc/fedora-release" "/etc/slackware-version" "/etc/gentoo-release" "/etc/issue" "/etc/motd") echo "-- basics --" echo "Postfix: $(postconf_get mail_version)" for system in ${systems[@]}; do if [[ -e ${system} ]]; then echo "System: $(cat ${system})" break else continue fi done } function get_sasl_dirs () { local i=0 local sasldir="" for sasldir in ${sasl_dirs[@]}; do if [ -d ${sasldir} ]; then valid_sasldirs[$i]=${sasldir} let "i = $i + 1" fi done if ! [[ ${valid_sasldirs[@]} ]]; then echo -e "\aCould not find any valid Cyrus SASL directories." echo "Cyrus SASL is required to setup SMTP AUTH!" exit 72 fi } function get_sasl_support () { local sasllib="" echo "-- $1 is linked to --" for sasllib in ${sasl_libs[@]}; do local ldd_res="$(ldd "$(postconf_get daemon_directory)/${1}" | egrep -e "${sasllib}" 2>/dev/null)" if [ -n "${ldd_res}" ]; then echo "${ldd_res}" fi done } function get_smtp_dialogue () { echo "-- mechanisms on ${1} --" if echo "EHLO $HOSTNAME\r\nQUIT\r\n" | nc -w 1 -v ${1} 25 2>/dev/null | egrep "AUTH" 2>/dev/null; then echo elif echo "EHLO $HOSTNAME\r\nQUIT\r\n" | netcat -w 1 -v ${1} 25 2>/dev/null | egrep "AUTH" 2>/dev/null; then echo else (echo "EHLO $HOSTNAME"; sleep 2) | telnet ${1} 25 2>/dev/null | egrep "(AUTH)" fi } function get_maincf () { if test ${1} = "smtpd"; then local authparams="(^smtpd_sasl_*|broken_sasl_auth_clients|^smtpd_use_tls|^smtpd_tls_*)" elif test ${1} = "smtp"; then local authparams="(^smtp_sasl_*|^relayhost|^smtp_use_tls|^smtp_tls_*)" fi for daemon in ${1}; do echo "-- active SMTP AUTH and TLS parameters for ${1} --" if postconf -n | egrep -i ${authparams} 2> /dev/null; then continue else echo -e "\aNo active SMTP AUTH and TLS parameters for ${1} in main.cf!" echo "SMTP AUTH can't work!" exit 72 fi done } function get_sasl_apps () { active_services[0]="" if [[ $(egrep -v "^#.*smtpd_sasl_application_name" $(postconf_get config_directory)/master.cf |\ egrep "^.*smtpd_sasl_application_name" 2>/dev/null) ]]; then active_services=$(egrep -v "^#.*smtpd_sasl_application_name" $(postconf_get config_directory)/master.cf |\ egrep "^.*smtpd_sasl_application_name" | sed 's/.*-o smtpd_sasl_application_name=//g' | awk '{print $1}') else active_services[0]="smtpd" fi } function get_service_config () { # Add /etc/postfix/sasl to valid_sasldirs for Debian users. sasl_dirs[100]="/etc/postfix/sasl" local o=1 local sasldir="" local service="" for sasldir in ${sasl_dirs[@]}; do local i=1 for service in ${active_services[@]}; do if [ -e ${sasldir}/${service}.conf ]; then valid_services[$i$o]=${sasldir}/${service}.conf let "i = $i + 1" elif ! [ -e ${sasldir}/${service}.conf ]; then continue fi done let "o+=1" done if ! [[ ${valid_services[@]} ]]; then echo; echo -e "\aThere is no smtpd.conf that defines what SASL should do for Postfix." echo "SMTP AUTH can't work!"; echo exit 72 fi } function list_service_configs () { local smtpdconf="" for smtpdconf in ${valid_services[@]}; do echo "-- content of ${smtpdconf} --" cat ${smtpdconf} | sed -e 's/.*ldapdb_id.*/ldapdb_id: --- replaced ---/;s/.*sql_user:.*/sql_user: --- replaced ---/g;'\ -e 's/.*ldapdb_pw:.*/ldapdb_pw: --- replaced ---/g;s/.*sql_passwd:.*/sql_passwd: --- replaced ---/g' echo done } function list_sasl_dirs () { local sasldir="" for sasldir in ${valid_sasldirs[@]}; do echo "-- listing of ${sasldir} --"; ls -alL ${sasldir}; echo done } function get_mastercf () { echo "-- active services in $(postconf_get config_directory)/master.cf --" echo "$(egrep "(^# service type|\(yes\))" $(postconf_get config_directory)/master.cf)" echo "$(cat $(postconf_get config_directory)/master.cf | egrep -v "^#")" } function check_saslpasswd () { saslpasswd=$(postconf_get smtp_sasl_password_maps | sed -e s/^.*://) if ! [ $(get_saslpasswd) ]; then echo -e "\aCannot find the smtp_sasl_password_maps parameter in main.cf." echo "Client-side SMTP AUTH cannot work without this parameter!" exit 78 elif [ -e $(get_saslpasswd) ]; then echo "-- permissions for $(get_saslpasswd) --"; echo "`ls -al ${saslpasswd}`"; echo if [ -e $(get_saslpasswd).db ]; then echo "-- permissions for $(get_saslpasswd).db --"; echo "`ls -al ${saslpasswd}.db`"; echo if [ $(get_saslpasswd) -nt $(get_saslpasswd).db ]; then echo -e "\a$(get_saslpasswd).db is older than $(get_saslpasswd)!" echo "Run the following command as root to sync $(get_saslpasswd).db:" echo; echo -e "\tpostmap `postconf -h smtp_sasl_password_maps`"; echo exit 65 else echo "$(get_saslpasswd).db is up to date." fi else echo; echo -e "\aThere is no $(get_saslpasswd).db!" exit 78 fi elif ! [ -e $(get_saslpasswd) ]; then echo; echo -e "\aYou have set smtp_sasl_password_maps = ${saslpasswd}" echo "in main.cf, but $(get_saslpasswd) does not seem to be there." echo "Please check and run ${scriptname} again." exit 78 fi } function get_smtp_dialogue_wrapper () { local host="" if [ -r $(get_saslpasswd) ]; then for host in $(awk '!/^#/ {print $1}' ${saslpasswd}); do get_smtp_dialogue ${host}; echo done elif ! [ -r $(get_saslpasswd) ]; then echo -e "\aYou don't have the correct permissions to read $(get_saslpasswd)." echo "The telnet test, which gets the AUTH mechanisms offered by your remote" echo "MTA(s), requires reading this file. Become either root to access" echo "$(get_saslpasswd), or allow your current user, ${USER}, to read it."; echo exit 0 fi } function server () { mode="server-side" start; echo get_mail_version; echo get_sasl_support smtpd; echo get_maincf smtpd; echo get_sasl_dirs; echo list_sasl_dirs; echo get_sasl_apps; echo get_service_config; echo list_service_configs; echo get_mastercf; echo get_smtp_dialogue localhost; echo end; echo exit 0 } function client () { mode="client-side" start; echo get_mail_version; echo get_sasl_support smtp; echo get_maincf smtp; echo get_sasl_dirs; echo list_sasl_dirs; echo check_saslpasswd; echo get_mastercf; echo get_smtp_dialogue_wrapper; echo end; echo exit 0 } function usage () { echo; echo "saslfinger -s"; echo -e "\tCheck server-side SMTP AUTH configuration" echo; echo "saslfinger -c"; echo -e "\tCheck client-side SMTP AUTH configuration" echo; echo "saslfinger -h"; echo -e "\tPrint this message." echo; echo "Read man (1) saslfinger for a detailed discussion on what"; echo "${scriptname} may do for you." echo; exit 0 } no_args=0 if [ ${#} -eq ${no_args} ]; then echo; echo -e "\aUsage: `basename ${0}` [-chs]" echo "Use \"`basename ${0}` -h\" to find out what the options mean." echo; exit 65 fi while getopts "chs" option; do case ${option} in c ) client;; s ) server;; h ) usage;; esac done shift $(($OPTIND - 1)) exit 0 debian/saslfinger/INSTALL0000664000000000000000000000027712224357633012373 0ustar # $Id: INSTALL 21 2005-01-10 23:10:54Z p $ Run ./install.sh to install saslfinger and its man page. Read "man 1 saslfinger", choose the mode, and type "saslfinger" to start collecting data. debian/saslfinger/saslfinger.10000664000000000000000000000456612224357633013566 0ustar .TH saslfinger 1 User Manuals .SH NAME saslfinger \- A utility to collect SMTP AUTH relevant configuration for Postfix .SH SYNOPSIS \fBsaslfinger [-chs] \f1 .SH DESCRIPTION saslfinger is a utility to collect SMTP AUTH relevant configuration for Postfix. Depending on how you run it, it will search for information on server-side or client-side SMTP AUTH configuration settings in Postfix and Cyrus SASL. .SH OPTIONS .TP \fB-c\f1 If you run saslfinger with the option \fB-c\f1 it will collect data required for client-side SMTP AUTH. Client-side SMTP AUTH is when Postfix smtp daemon uses SMTP AUTH to authenticate itself with a remote mail server that offers SMTP AUTH. saslfinger will try to telnet to all hosts listed in smtp_sasl_password_maps, if it may read smtp_sasl_password_maps The telnet test verifies your host is able to reach the remote servers and shows what AUTH mechanisms they offer - in some cases this is required to debug client-side SMTP AUTH. Important: By default smtp_sasl_password_maps must be read-only to root, since these maps contain the usernames and passwords to authenticate. If you run saslfinger as root access will be no problem, but saslfinger will fail if you lack the permissions to access smtp_sasl_password_maps. If you want to run the telnet test, but don't want to run saslfinger as root change permissions of smtp_sasl_password_maps so that the user running saslfinger may access smtp_sasl_password_maps while you debug. *note: You don't need to worry about saslfinger doing anything with the username or password stored next to the remote hosts in your smtp_sasl_password_maps; saslfinger completely ignores these informations! .TP \fB-h\f1 If you run saslfinger with the option \fB-h\f1 it will print a little help message that tells you about the options you can use. .TP \fB-s\f1 If you run saslfinger with the option \fB-s\f1 it will collect data required for server-side SMTP AUTH. Server-side SMTP AUTH is when Postfix smtpd daemon offers SMTP AUTH to mail clients. .SH FILES \fIsaslfinger\f1 - the script you need to run. \fIsaslfinger.1\f1 - the man page you are currently reading. .SH AUTHOR Patrick Koetter, , \fBhttp://www.state-of-mind.de\f1 You will find the newest version of saslfinger at \fBhttp://postfix.state-of-mind.de/patrick.koetter/saslfinger/\f1. .SH BUGS Please report bugs to debian/saslfinger/TODO0000664000000000000000000000032012224357633012017 0ustar # $Id: TODO 21 2005-01-10 23:10:54Z p $ TODO list for saslfinger + SASL pwcheck_method debugging Add routines to identify the choosen pwcheck_method and run debug tests on them e.g. "saslauthd -a foo -d" debian/saslfinger/index.html0000664000000000000000000001135612224357633013337 0ustar saslfinger - debugging SMTP AUTH in Postfix

saslfinger

saslfinger is a bash utility script that seeks to help you debugging your SMTP AUTH setup. It gathers various informations about Cyrus SASL and Postfix from your system and sends it to stdout.

saslfinger is released under the GNU General Public License.

Requirements

saslfinger has been tested with bash version 2.04 or greater on the following plattforms:

  • RedHat Linux
  • Fedora Core
  • Debian Linux
  • SuSe Linux
  • Gentoo Linux
  • Mandrake Linux
  • FreeBSD

Usage

You must run saslfinger with one of the following options:

-c

If you run saslfinger with the option -c it will collect data required for client-side SMTP AUTH. Client-side SMTP AUTH is when Postfix smtp daemon uses SMTP AUTH to authenticate itself with a remote mail server that offers SMTP AUTH.

saslfinger will try to telnet to all hosts listed in smtp_sasl_password_maps, if it may read smtp_sasl_password_maps

The telnet test verifies your host is able to reach the remote servers and shows what AUTH mechanisms they offer - in some cases this is required to debug client-side SMTP AUTH.

Important: By default smtp_sasl_password_maps must be read-only to root, since these maps contain the usernames and passwords to authenticate. If you run saslfinger as root access will be no problem, but saslfinger will fail if you lack the permissions to access smtp_sasl_password_maps.

If you want to run the telnet test, but don't want to run saslfinger as root change permissions of smtp_sasl_password_maps so that the user running saslfinger may access smtp_sasl_password_maps while you debug.

*note: You don't need to worry about saslfinger doing anything with the username or password stored next to the remote hosts in your smtp_sasl_password_maps; saslfinger completely ignores these informations!

-h

If you run saslfinger with the option -h it will print a little help message that tells you about the options you can use.

-s

If you run saslfinger with the option -s it will collect data required for server-side SMTP AUTH. Server-side SMTP AUTH is when Postfix smtpd daemon offers SMTP AUTH to mail clients.

Patrick Koetter, patrick.koetter@state-of-mind.de
debian/saslfinger/saslfinger.1.xml0000664000000000000000000000665612224357633014367 0ustar saslfinger [-chs]

saslfinger is a utility to collect SMTP AUTH relevant configuration for Postfix. Depending on how you run it, it will search for information on server-side or client-side SMTP AUTH configuration settings in Postfix and Cyrus SASL.

saslfinger - the script you need to run.

saslfinger.1 - the man page you are currently reading.

Patrick Koetter, <patrick.koetter@state-of-mind.de>,

You will find the newest version of saslfinger at .

Please report bugs to <patrick.koetter@state-of-mind.de>

 debian/sasl2-bin.dirs0000664000000000000000000000014112224357633011650 0ustar usr/bin usr/sbin usr/share/doc usr/share/man/man1 usr/share/man/man8 usr/share/lintian/overrides debian/sasl2-bin.postinst0000664000000000000000000000642012224357633012600 0ustar #!/bin/sh # postinst script for sasl2-bin # Copyright (c) 2006 Fabian Fagerholm # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. set -e FALLBACK_RUN_DIR=/var/run/saslauthd SASLDB_FILE=/etc/sasldb2 # Debconf hook. . /usr/share/debconf/confmodule case "$1" in configure) # Upgrade SASL database if needed # The libdb dependency was updated in the following versions: # 2.1.22.dfsg1-14 (db4.2 -> db4.4) # 2.1.22.dfsg1-17 (db4.4 -> db4.6) # 2.1.22.dfsg1-24 (db4.6 -> db4.7) # 2.1.23.dfsg1-4 (db4.7 -> db4.8) # 2.1.23.dfsg1-8 (db4.8 -> db5.1) if [ -r /usr/lib/sasl2/berkeley_db.active ]; then OLD_BDB=$(cat /usr/lib/sasl2/berkeley_db.active) else if dpkg --compare-versions "$2" "lt-nl" 2.1.23.dfsg1-4; then OLD_BDB=4.7 elif dpkg --compare-versions "$2" "lt-nl" 2.1.23.dfsg1-9; then OLD_BDB=4.8 fi fi # Read the compiled-in Berkeley DB version NEW_BDB=$(cat /usr/lib/sasl2/berkeley_db.txt) if [ "$OLD_BDB" != "$NEW_BDB" ]; then if [ -e $SASLDB_FILE ]; then # The database exists and has users, begin upgrade procedure # # Well, this code doesn't break anything, but since Cyrus SASL # doesn't use transactional environment and the database format # was not changed since db3 it also doesn't do anything at all # Make backup and handle errors db_get cyrus-sasl2/backup-sasldb2 if ! cp --archive $SASLDB_FILE "$RET" >/dev/null 2>&1; then db_input high cyrus-sasl2/upgrade-sasldb2-backup-failed || true db_go || true exit 1 fi # Upgrade SASL database and handle errors if ! db${NEW_BDB}_upgrade $SASLDB_FILE >/dev/null 2>&1; then db_input high cyrus-sasl2/upgrade-sasldb2-failed || true db_go || true cp --archive "$RET" $SASLDB_FILE >/dev/null 2>&1 exit 1 fi fi # Note the active Berkeley DB version cp -f /usr/lib/sasl2/berkeley_db.txt /usr/lib/sasl2/berkeley_db.active fi # Create a statoverride for the default saslauthd run directory, # unless one already exists if ! dpkg-statoverride --list $FALLBACK_RUN_DIR >/dev/null 2>&1; then install -d --owner="root" --group="sasl" --mode="710" \ $FALLBACK_RUN_DIR dpkg-statoverride --update --add root sasl 710 $FALLBACK_RUN_DIR fi # Create an empty sasldb file, unless one already exists if [ ! -e $SASLDB_FILE ]; then echo '!' | saslpasswd2 -c 'no:such:user' saslpasswd2 -d 'no:such:user' fi # Create a statoverride for the sasldb file, unless one already exists if ! dpkg-statoverride --list $SASLDB_FILE >/dev/null 2>&1; then dpkg-statoverride --update --add root sasl 660 $SASLDB_FILE fi # In 2.1.23.dfsg1-4 and later versions, saslauthd is no longer # explicitly stopped on shutdown and reboot. if dpkg --compare-versions "$2" lt "2.1.23.dfsg1-4"; then rm -f /etc/rc0.d/K20saslauthd /etc/rc6.d/K20saslauthd fi db_stop ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument $1" >&2 exit 0 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/sasl2-bin.lintian-overrides0000664000000000000000000000007012224357633014346 0ustar sasl2-bin binary: possible-gpl-code-linked-with-openssl debian/gen-auth/0000775000000000000000000000000012224357633010707 5ustar debian/gen-auth/gen-auth0000775000000000000000000003466612224357633012364 0ustar #!/usr/bin/perl use strict; use MIME::Base64; use Getopt::Std; my($p_name) = $0 =~ m|/?([^/]+)$|; my $p_version = "20060620.0"; my $p_usage = "Usage: $p_name [--help|--version] | ..."; my $p_cp = < This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA EOM ext_usage(); my %O = (); getopts('s', \%O); my $type = get_input(\@ARGV, "encryption type: "); if ($type =~ /^plain$/i) { my $user = get_input(\@ARGV, "username: ", $O{s}||0); my $pass = get_input(\@ARGV, "password: ", $O{s}||1); print "Auth String: ", encode_base64("\0$user\0$pass", ''), "\n"; } elsif ($type =~ /^decode$/i) { my $user = get_input(\@ARGV, "string: ", $O{s}||0); print decode_base64($user), "\n"; } elsif ($type =~ /^encode$/i) { my $user = get_input(\@ARGV, "string: ", $O{s}||0); print encode_base64($user, ""), "\n"; } elsif ($type =~ /^rot13$/i) { my $str = get_input(\@ARGV, "string: ", $O{s}||0); my @c = unpack("c*", $str); foreach my $c (@c) { if ($c <= 123 && $c >= 97) { $c = ((($c - 97 + 13) % 26) + 97); } elsif ($c <= 90 && $c >= 65) { $c = ((($c - 65 + 13) % 26) + 65); } } print pack("c*", @c), "\n"; } elsif ($type =~ /^atbash$/i) { my $str = get_input(\@ARGV, "string: ", $O{s}||0); my @c = unpack("c*", $str); foreach my $c (@c) { if ($c <= 123 && $c >= 97) { $c = (25 - ($c - 97)) + 97; } elsif ($c <= 90 && $c >= 65) { $c = (25 - ($c - 65)) + 65; } } print pack("c*", @c), "\n"; } elsif ($type =~ /^http(-basic)?$/i) { my $user = get_input(\@ARGV, "username: ", $O{s}||0); my $pass = get_input(\@ARGV, "password: ", $O{s}||1); print "Auth String: ", encode_base64("${user}:$pass", ''), "\n"; } elsif ($type =~ /^wcsencode$/i) { try_load("WCS::Encode") || die "WCS::Encode required for rce\n"; my $user = get_input(\@ARGV, "string: ", $O{s}||0); chomp($user = WCS::Encode::encode($user)); print $user, "\n"; } elsif ($type =~ /^wcsdecode$/i) { try_load("WCS::Encode") || die "WCS::Encode required for rce\n"; my $user = get_input(\@ARGV, "string: ", $O{s}||0); print WCS::Encode::decode($user), "\n"; } elsif ($type =~ /^rce$/i) { try_load("WCS::Passwd") || die "WCS::Passwd required for rce\n"; my $user = get_input(\@ARGV, "string: ", $O{s}||0); print WCS::Passwd::rce($user), "\n"; } elsif ($type =~ /^rcd$/i) { try_load("WCS::Passwd") || die "WCS::Passwd required for rce\n"; my $user = get_input(\@ARGV, "string: ", $O{s}||0); print WCS::Passwd::rcd($user), "\n"; } elsif ($type =~ /^(salt)?encrypt$/i) { my $user = get_input(\@ARGV, "string: ", $O{s}||1); my $salt = join('', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]); $salt = get_input(\@ARGV, "salt: ", $O{s}||0) if ($type =~ /^saltencrypt/i); print crypt($user, $salt), "\n"; } elsif ($type =~ /^login$/i) { my $user = get_input(\@ARGV, "username: ", $O{s}||0); my $pass = get_input(\@ARGV, "password: ", $O{s}||1); print "Username: ", encode_base64($user, ""), "\n", "Password: ", encode_base64($pass, ""), "\n"; } elsif ($type =~ /^md5-(base)?64$/i) { try_load("Digest::MD5") || die "Digest::MD5 required for md5\n"; my $string = get_input(\@ARGV, "string: ", $O{s}||0); print Digest::MD5::md5_base64($string), "\n"; } elsif ($type =~ /^md5(-hex)?$/i) { try_load("Digest::MD5") || die "Digest::MD5 required for md5\n"; my $string = get_input(\@ARGV, "string: ", $O{s}||0); print Digest::MD5::md5_hex($string), "\n"; } elsif ($type =~ /^cram(-(md5|sha1))?$/i) { my $digest_type = lc($2) || 'md5'; if ($digest_type eq 'md5') { try_load("Digest::MD5") || die "Digest::MD5 required for CRAM-MD5\n"; } elsif ($digest_type eq 'sha1') { try_load("Digest::SHA1") || die "Digest::SHA1 required for CRAM-SHA1\n"; } my $user = get_input(\@ARGV, "username: ", $O{s}||0); my $pass = get_input(\@ARGV, "password: ", $O{s}||1); my $chal = get_input(\@ARGV, "challenge: ", $O{s}||0); if ($chal !~ /^new; $ctx->add($chal . $pass); print $ctx->hexdigest, "\n"; } else { print STDERR "I don't speak $type\n"; exit 1; } exit 0; sub get_input { my $a = shift; # command line array my $s = shift; # prompt string my $q = shift; # quiet my $r; # response if (scalar(@$a) > 0) { $r = shift(@$a); } else { print $s; system('stty', '-echo') if ($q); $r = <>; system('stty', 'echo') if ($q); print "\n" if ($q); chomp($r); } $r = '' if ($r eq '<>'); return($r); } sub get_digest { my $secr = shift; my $chal = shift; my $type = shift; my $ipad = chr(0x36) x 64; my $opad = chr(0x5c) x 64; if (length($secr) > 64) { if ($type eq 'md5') { $secr = Digest::MD5::md5($secr); } elsif ($type eq 'sha1') { $secr = Digest::SHA1::sha1($secr); } else { # unknown digest type return; } } else { $secr .= chr(0) x (64 - length($secr)); } my $digest = $type eq 'md5' ? Digest::MD5::md5_hex(($secr ^ $opad), Digest::MD5::md5(($secr ^ $ipad), $chal)) : Digest::SHA1::sha1_hex(($secr ^ $opad), Digest::SHA1::sha1(($secr ^ $ipad), $chal)); return($digest); } sub try_load { my $mod = shift; eval("use $mod"); return $@ ? 0 : 1; } sub ext_usage { if ($ARGV[0] =~ /^--help$/i) { require Config; $ENV{PATH} .= ":" unless $ENV{PATH} eq ""; $ENV{PATH} = "$ENV{PATH}$Config::Config{'installscript'}"; exec("perldoc", "-F", "-U", $0) || exit 1; # make parser happy %Config::Config = (); } elsif ($ARGV[0] =~ /^--version$/i) { print "$p_name version $p_version\n\n$p_cp\n"; } else { return; } exit(0); } __END__ =head1 NAME gen-auth - generate various authentication strings =head1 USAGE gen-auth [--help|--version] | ... =head1 DESCRIPTION gen-auth is tool to assist in all kinds of authentication / encoding / decoding / encrypting tasks. It began life as an smtp-specific tool, but has drifted in functionality over time. The program actions are broken down into types of encoding to generate. Each then takes its own specific args. The arguments are expected in a specific order on the command line. Every argument that isn't available on the command line will be prompted for. One benefit to this is arguments corresponding to passwords will not be echoed to the terminal when prompted for. =head1 TYPES The program action is controlled by the first argument. The meaning of the following arguments is specified by this type =over 4 =item PLAIN This type generates a PLAIN (RFC 2595) authentication string. It accepts supplemental arguments of username and password. It generates a Base64 encoded string "\0\0". =item LOGIN This method accepts username and password as supplemental args. It simply returns each string Base64 encoded. This provides only minimal advantages over using ENCODE twice. One advantage is hiding the password if you provide it on STDIN =item CRAM-MD5 CRAM-MD5 (RFC 2195) accepts three supplemental arguments. The first is the username and the second is the password. The third is the challenge string provided by the server. This string can be either Base64 encoded or not. The RFC states that all (unencoded) challenge strings must start w/ '<'. This is used to whether the string is Base64 encoded or not. CRAM-MD5 uses the challenge and the supplied password to generate a digest. it then returns the Base64 encoded version of the string md5(" ") This authentication method requires the Digest::MD5 perl module to be installed. =item CRAM-SHA1 This behaves the same as CRAM-MD5 but uses SHA1 digesting rather than MD5. This authentication method requires the Digest::SHA1 perl module to be installed. =item NTLM/SPA/MSN Although it may be advertised as one of the above types, this method of authentication if refered to singularly as NTLM. This is a multi-step authentication type. The first 3 arguments must be supplied up front. They are username, password, and domain, in that order. These three strings are used to generate an "Auth Request" string. This string should be passed verbatim to the server. The server will then respond with a challenge. This challenge is the fourth argument. After receiving the server challenge, gen-auth will produce an "Auth Response". Posting this response to the server completes the NTLM authentication transaction. This authentication method requires the Authen::NTLM perl module to be installed. See EXAMPLES for an example of this transaction. Note also that 'domain' is often blank from client or ignored by server. =item HTTP-BASIC Returns the value base64(":"). Used for HTTP Basic authentication (RFC 2617). Used by adding a header "Authorization: Basic " to a HTTP request where is the output of this command. =item APOP This implements the APOP authentication for the POP3 protocol as described in RFC 1939. is the challenge string presented by the POP3 server in the greeting banner. is the "secret" (usually a password) used to authenticate the user. This method returns a digest md5(""). This can be used to authenticate to a POP3 server in a string like "APOP " where is the string generated by this command. APOP required the Digest::MD5 perl module. =item ENCODE Simply Base64 encodes a plaintext string. Provided as a convenience function. =item DECODE Decodes a Base64 encoded string. Provided as a convenience function. =item MD5/MD5-HEX Provides an MD5 digest of the supplied string in hex. =item MD5-BASE64 Provides an MD5 digest of the supplied string in Base64. =item ENCRYPT Returns a crypt(3) string generated from the input string. =item SALTENCRYPT Same as ENCRYPT but you provide the salt as the second argument. See crypt(3) man page for details. =item ROT13 This performs a rot13 action on . This implementation only performs the action on ASCII 65-90,97-123. Any other character value is left untouched. Therefore this method is primarily for LOCALE=C, ASCII only. Feel free to send patches if you care to have it work in another setting. =item ATBASH This performs an atbash action on . Atbash mirrors a string such that 'a'=='z', 'b'=='y', etc. See the comments on locale and character set under ROT13. =back =head1 OPTIONS =item -s Supresses echo on all input fields read from standard input. If this option is not used, echo is suppressed on fields which are known to be password fields but this may not be secure enough. =item --help this screen. =item --version version info. =head1 EXAMPLES =over 4 =item generate a PLAIN AUTH string for user 'tim', password 'tanstaaftanstaaf' > gen-auth plain tim tanstaaftanstaaf Auth String: AHRpbQB0YW5zdGFhZnRhbnN0YWFm =item generate a CRAM-MD5 string for user 'tim', password 'tanstaaftanstaaf', challenge '<1896.697170952@postoffice.reston.mci.net>', using prompt to hide password > gen-auth cram-md5 username: tim password: challenge: PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+ dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw =item use the DECODE method to ensure we provided the correct output in our last example > gen-auth decode dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw tim b913a602c7eda7a495b4e6e7334d3890 =item use the NTLM (MSN) method to authenticate to a mail server using user 'tim', password 'tanstaaftanstaaf', and domain MAIL. Both the gen-auth transaction and SMTP transaction are shown to demonstrate the interaction between the two. AUTH MSN 334 NTLM supported TlRMTVNTUAABAAAAB7IAAAMAAwAgAAAABAAEACMAAAB0aW1NQUlM 334 TlRMTVNTUAACAAAAAAAAAAAoAAABggAA9RH5KZlXvygAAACAAAAAZL//4sQAAAAC TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAAAwAAAABgAGAHAAAAAGAAYAdgAAAAAAAAA8AAAAAYIAAK3lcO8PldNxIrkbvgKGJRR5owQePUtYaTtLVgfQiVQBywW2yZKyp+VFGqYfgDtdEHQAaQBtAHQAaQBtAA== 235 Authentication succeeded > gen-auth spa username: tim password: domain: MAIL Auth Request: TlRMTVNTUAABAAAAB7IAAAMAAwAgAAAABAAEACMAAAB0aW1NQUlM challenge: TlRMTVNTUAACAAAAAAAAAAAoAAABggAA9RH5KZlXvygAAACAAAAAZL//4sQAAAAC Auth Response: TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAAAwAAAABgAGAHAAAAAGAAYAdgAAAAAAAAA8AAAAAYIAAK3lcO8PldNxIrkbvgKGJRR5owQePUtYaTtLVgfQiVQBywW2yZKyp+VFGqYfgDtdEHQAaQBtAHQAaQBtAA== =back =head1 REQUIRES =item MIME::Base64 Required for all functionality =item Digest::MD5 Required for MD5, MD5-BASE64, CRAM-MD5, APOP =item Digest::SHA1 Required for CRAM-SHA1 =item Authen::NTLM Required for NTLM/MSN/SPA =head1 EXIT CODES =item 0 - no errors occurred =item 1 - unrecognized type specified =head1 CONTACT =item proj-gen-auth@jetmore.net debian/sasl2-bin.manpages0000664000000000000000000000001312224357633012500 0ustar gen-auth.1 debian/libsasl2-modules-otp.lintian-overrides0000664000000000000000000000010312224357633016532 0ustar libsasl2-modules-otp binary: possible-gpl-code-linked-with-openssl debian/libsasl2-modules-gssapi-heimdal.install0000664000000000000000000000004012224357633016627 0ustar usr/lib/*/sasl2/libgssapiv2.so* debian/rules0000775000000000000000000002246712224412110010250 0ustar #!/usr/bin/make -f # -*- makefile -*- # # debian/rules for CMU Cyrus SASL version 2.1 # # Copyright (c) 2011 by Ondřej Surý - migrated to dh7 # Based on previous work (c) 2006 by Fabian Fagerholm. # Based on previous work by Dima Barsky. # Based on cyrus-imapd-2.2 packages by Henrique de Moraes Holshuch. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # Note that Cyrus SASL itself is published under a different license. # Debhelper control. export DH_ALWAYS_EXCLUDE=CVS #export DH_VERBOSE=1 # uncomment this to turn on verbose mode export DEB_BUILD_HARDENING=1 DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) # Save Berkeley DB used for building the package BDB_VERSION ?= $(shell LC_ALL=C dpkg-query -l 'libdb[45].[0-9]-dev' | grep ^ii | sed -e 's|.*\s\libdb\([45]\.[0-9]\)-dev\s.*|\1|') # SQL support may be turned off during the build, but is on by default. ifeq (,$(findstring no-sql,$(DEB_BUILD_OPTIONS))) CONFIGURE_SQL=--enable-sql else CONFIGURE_SQL=--disable-sql endif # LDAP support may be turned off during the build, but is on by default. ifeq (,$(findstring no-ldap,$(DEB_BUILD_OPTIONS))) CONFIGURE_LDAP=--with-ldap CONFIGURE_LDAPDB=--enable-ldapdb else CONFIGURE_LDAP=--without-ldap CONFIGURE_LDAPDB=--disable-ldapdb endif # GSSAPI support may be turned off during the build, but is on by default ifeq (,$(findstring no-gssapi,$(DEB_BUILD_OPTIONS))) CONFIGURE_GSSAPI=--enable-gssapi else CONFIGURE_GSSAPI=--disable-gssapi endif CONFIGURE_COMMON_OPTIONS= \ --build=$(DEB_BUILD_GNU_TYPE) \ --prefix=/usr \ --mandir=\$${prefix}/share/man \ --infodir=\$${prefix}/share/info \ --enable-static \ --enable-shared \ --enable-alwaystrue \ --enable-checkapop \ --enable-cram \ --enable-digest \ --enable-otp \ --disable-srp \ --disable-srp-setpass \ --disable-krb4 \ $(CONFIGURE_GSSAPI) \ --enable-gss_mutexes \ --enable-auth-sasldb \ --enable-plain \ --enable-anon \ --enable-login \ --enable-ntlm \ --disable-passdss \ $(CONFIGURE_SQL) \ --with-sqlite3=/usr \ --with-mysql=/usr \ --with-pgsql=/usr/include/postgresql \ $(CONFIGURE_LDAPDB) \ --disable-macos-framework \ --with-pam=/usr \ --with-saslauthd=/var/run/saslauthd \ $(CONFIGURE_LDAP) \ --with-configdir=/etc/sasl2:/etc/sasl:/usr/lib/$(DEB_HOST_MULTIARCH)/sasl2:/usr/lib/sasl2 \ --with-plugindir=/usr/lib/$(DEB_HOST_MULTIARCH)/sasl2:/usr/lib/sasl2 \ --sysconfdir=/etc \ --with-devrandom=/dev/urandom # Some convenience variables export TMPBUILD_MIT := $(CURDIR)/build-mit export TMPBUILD_HEIMDAL := $(CURDIR)/build-heimdal export HEIMDAL_LDFLAGS := $(shell krb5-config.heimdal --libs gssapi | sed -e 's/ -l.*//') export HEIMDAL_CPPFLAGS := $(shell krb5-config.heimdal --cflags gssapi) export TMPPKG_MIT := $(CURDIR)/debian/tmp-mit export TMPPKG_HEIMDAL := $(CURDIR)/debian/tmp-heimdal AUTOFILES=acinclude.m4 aclocal.m4 config/config.sub config/config.guess \ config/ltmain.sh config/libtool.m4 BUILD_TMP_SUFFIX=.debian-build.tmp AUTOTOOLS=for i in $(AUTOFILES); do \ if [ -e $$i ]; then \ mv --verbose $$i `basename $$i`$(BUILD_TMP_SUFFIX) ; \ fi ; \ done && \ autoreconf -fi AUTOTOOLS_REVERSE=for i in $(AUTOFILES); do \ if [ -e `basename $$i`$(BUILD_TMP_SUFFIX) ]; then \ if [ -e $$i ]; then rm -fv $$i; fi ; \ mv --verbose `basename $$i`$(BUILD_TMP_SUFFIX) $$i ; \ fi ; \ done ### The Makefile targets begin. ### %: dh $@ --with=quilt override_dh_auto_clean: dh_auto_clean -B$(TMPBUILD_MIT) dh_auto_clean -B$(TMPBUILD_HEIMDAL) rm -f $(CURDIR)/sample/sample-client \ $(CURDIR)/sample/sample-server [ ! -f Makefile ] || $(MAKE) distclean $(AUTOTOOLS_REVERSE) (cd saslauthd && $(AUTOTOOLS_REVERSE) && cd ..) -rm -f config.h config.log autom4ate.cache # Remove symlinks that the CMU build sets up but never removes. # They can be found by running find . -lname '*' -print in the # source tree before and after a build and comparing the differences. rm -f lib/sasldb.c lib/db_berkeley.c lib/allockey.c lib/cram.c \ lib/digestmd5.c lib/otp.c lib/gssapi.c lib/plain.c \ lib/anonymous.c lib/login.c lib/ntlm.c lib/sql.c lib/ldapdb.c # Remove generated man pages -rm -f sasl-sample-client.8 sasl-sample-server.8 gen-auth.1 # Remove build directories rm -rf $(TMPBUILD_MIT) $(TMPBUILD_HEIMDAL) $(TMPPKG_MIT) $(TMPPKG_HEIMDAL) override_dh_auto_configure: $(AUTOTOOLS) (cd saslauthd && $(AUTOTOOLS) && cd ..) LDFLAGS="$(LDFLAGS) -L/usr/lib/mit-krb5 -Wl,-z,defs" \ CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS) -I/usr/include/mit-krb5" \ dh_auto_configure -B$(TMPBUILD_MIT) -- $(CONFIGURE_COMMON_OPTIONS) --with-gss_impl=mit LDFLAGS="$(LDFLAGS) $(HEIMDAL_LDFLAGS) -Wl,-z,defs" \ CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS) $(HEIMDAL_CPPFLAGS)" \ dh_auto_configure -B$(TMPBUILD_HEIMDAL) -- $(CONFIGURE_COMMON_OPTIONS) --with-gss_impl=heimdal # Record the build-time settings for later reference echo 'To build this package, configure was called as follows:' \ > debian/README.configure-options grep with\ options $(TMPBUILD_MIT)/config.status | sed -e \ 's/^.*options \\"/configure /;s/\\"$///' \ >> debian/README.configure-options override_dh_auto_build: dh_auto_build -B$(TMPBUILD_MIT) -- sasldir=/usr/lib/$(DEB_HOST_MULTIARCH)/sasl2 dh_auto_build -B$(TMPBUILD_HEIMDAL) -- sasldir=/usr/lib/$(DEB_HOST_MULTIARCH)/sasl2 # Build sample-{client,server} $(MAKE) -f $(CURDIR)/debian/sample/Makefile -C $(CURDIR)/sample T=$(TMPBUILD_MIT) # Build the sasl-sample-client and sasl-sample-server man pages. /usr/bin/docbook-to-man debian/sasl-sample-client.sgml \ > sasl-sample-client.8 /usr/bin/docbook-to-man debian/sasl-sample-server.sgml \ > sasl-sample-server.8 # Build the gen-auth man page /usr/bin/pod2man --stderr debian/gen-auth/gen-auth >gen-auth.1 override_dh_auto_install: dh_auto_install -B$(TMPBUILD_MIT) -- DESTDIR=$(TMPPKG_MIT) sasldir=/usr/lib/$(DEB_HOST_MULTIARCH)/sasl2 dh_auto_install -B$(TMPBUILD_HEIMDAL) -- DESTDIR=$(TMPPKG_HEIMDAL) sasldir=/usr/lib/$(DEB_HOST_MULTIARCH)/sasl2 # Note the version of Berkeley DB used to build this package mkdir -p $(TMPPKG_MIT)/usr/lib/sasl2 echo $(BDB_VERSION) > $(TMPPKG_MIT)/usr/lib/sasl2/berkeley_db.txt # Alter the default location and names of files to fit Debian # policy and better integrate with the Debian system. mv $(TMPPKG_MIT)/usr/sbin/pluginviewer $(TMPPKG_MIT)/usr/sbin/saslpluginviewer mv $(TMPPKG_MIT)/usr/share/man/man8/pluginviewer.8 \ $(TMPPKG_MIT)/usr/share/man/man8/saslpluginviewer.8 install -m 644 saslauthd/saslauthd.mdoc \ $(TMPPKG_MIT)/usr/share/man/man8/saslauthd.8 install -m 644 $(CURDIR)/debian/testsaslauthd.8 \ $(TMPPKG_MIT)/usr/share/man/man8/testsaslauthd.8 mv $(TMPPKG_MIT)/usr/sbin/dbconverter-2 $(TMPPKG_MIT)/usr/sbin/sasldbconverter2 # Install sample-{client,server} with Debianized names install -m 755 -D $(CURDIR)/sample/sample-client \ $(TMPPKG_MIT)/usr/bin/sasl-sample-client install -m 755 -D $(CURDIR)/sample/sample-server \ $(TMPPKG_MIT)/usr/sbin/sasl-sample-server # Alter the rpath of certain binaries and shared libraries. chrpath -d $(TMPPKG_MIT)/usr/sbin/sasldblistusers2 \ $(TMPPKG_MIT)/usr/sbin/saslpasswd2 chrpath -d $(TMPPKG_MIT)/usr/lib/$(DEB_HOST_MULTIARCH)/sasl2/libsql.so.2.0.* # Install the sasl-sample-client and -server man pages. dh_installman -psasl2-bin sasl-sample-client.8 sasl-sample-server.8 # Install saslfinger install -m 644 -D $(CURDIR)/debian/saslfinger/saslfinger.1 \ $(TMPPKG_MIT)/usr/share/man/man1/saslfinger.1 install -m 755 -D $(CURDIR)/debian/saslfinger/saslfinger \ $(TMPPKG_MIT)/usr/bin/saslfinger # Install gen-auth install -m 755 -D $(CURDIR)/debian/gen-auth/gen-auth \ $(TMPPKG_MIT)/usr/bin/gen-auth override_dh_install: dh_install -s --autodest --list-missing --sourcedir=$(TMPPKG_MIT) -psasl2-bin -plibsasl2-2 -plibsasl2-modules -plibsasl2-modules-db -plibsasl2-modules-ldap -plibsasl2-modules-otp -plibsasl2-modules-sql -plibsasl2-modules-gssapi-mit -plibsasl2-dev -Nlibsasl2-modules-gssapi-heimdal dh_install -s --autodest --list-missing --sourcedir=$(TMPPKG_HEIMDAL) -plibsasl2-modules-gssapi-heimdal -Nsasl2-bin -Nlibsasl2-2 -Nlibsasl2-modules -Nlibsasl2-modules-db -Nlibsasl2-modules-ldap -Nlibsasl2-modules-otp -Nlibsasl2-modules-sql -Nlibsasl2-modules-gssapi-mit -Nlibsasl2-dev override_dh_installinit: dh_installinit --name=saslauthd start 20 2 3 4 5 . stop 20 1 . override_dh_strip: dh_strip -Xlibgssapiv2.so.2.0. -psasl2-bin -plibsasl2-2 -plibsasl2-modules -plibsasl2-modules-db -plibsasl2-modules-ldap -plibsasl2-modules-otp -plibsasl2-modules-sql -plibsasl2-modules-gssapi-mit -plibsasl2-dev -Nlibsasl2-modules-gssapi-heimdal --dbg-package=cyrus-sasl2-dbg dh_strip -Xlibgs2.so.2.0. -Xlibscram.so.2.0. -plibsasl2-modules-gssapi-mit --dbg-package=cyrus-sasl2-mit-dbg dh_strip -plibsasl2-modules-gssapi-heimdal -Nsasl2-bin -Nlibsasl2-2 -Nlibsasl2-modules -Nlibsasl2-modules-db -Nlibsasl2-modules-ldap -Nlibsasl2-modules-otp -Nlibsasl2-modules-sql -Nlibsasl2-modules-gssapi-mit -Nlibsasl2-dev --dbg-package=cyrus-sasl2-heimdal-dbg override_dh_makeshlibs: dh_makeshlibs -V "libsasl2-2 (>= 2.1.24)" -X/usr/lib/$(DEB_HOST_MULTIARCH)/sasl2 override_dh_auto_test: cd $(TMPBUILD_MIT)/saslauthd && $(MAKE) testsaslauthd cd $(TMPBUILD_MIT)/utils && $(MAKE) testsuite debian/cyrus-sasl2-doc.dirs0000664000000000000000000000001612224357633013011 0ustar usr/share/doc debian/watch0000664000000000000000000000021012224357633010221 0ustar version=3 opts="dversionmangle=s/\.dfsg1//" http://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-(.*)\.tar\.gz debian debian/repack.sh debian/libsasl2-modules.install0000664000000000000000000000026712224360423013744 0ustar usr/lib/*/sasl2/libanonymous.so* usr/lib/*/sasl2/libcrammd5.so* usr/lib/*/sasl2/libdigestmd5.so* usr/lib/*/sasl2/liblogin.so* usr/lib/*/sasl2/libntlm.so* usr/lib/*/sasl2/libplain.so* debian/sasl-sample-server.sgml0000664000000000000000000001552012224357633013613 0ustar manpage.1'. You may view the manual page with: `docbook-to-man manpage.sgml | nroff -man | less'. The docbook-to-man binary is found in the docbook-to-man package. --> Fabian"> Fagerholm"> Jul 10, 2007"> 8"> fabbe@debian.org"> SASL-SAMPLE-SERVER"> Debian"> GNU"> ]>
&dhemail;
&dhfirstname; &dhsurname; 2007 &dhusername; &dhdate; &dhucpackage; &dhsection; &dhpackage; Sample server program for demonstrating and testing SASL authentication. &dhpackage; -b min=N,max=N -e ssf=N,id=ID -m MECH -f FLAGS -i local=IP,remote=IP -p PATH -d DOM -u DOM -s NAME -l DESCRIPTION This manual page documents briefly the &dhpackage; command. This manual page was written for the &debian; distribution because the original program does not have a manual page. &dhpackage; is a program to demonstrate and test SASL authentication. It implements the server part, and the client part is available as sasl-sample-client. OPTIONS A summary of options is included below. Number of bits to use for encryption. min=N minimum number of bits to use (1 => integrity) max=N maximum number of bits to use Assume external encryption. ssf=N external mech provides N bits of encryption id=ID external mech provides authentication id ID Force use of MECH for security. Set security flags. noplain require security vs. passive attacks noactive require security vs. active attacks nodict require security vs. passive dictionary attacks forwardsec require forward secrecy maximum require all security flags passcred attempt to pass client credentials Set IP addresses (required by some mechs). local=IP;PORT set local address to IP, port PORT remote=IP;PORT set remote address to IP, port PORT Colon-separated search path for mechanisms. Service name passed to mechanisms. Local server domain. User domain. Enable server-send-last. SEE ALSO For additional information, please see /usr/share/doc/sasl2-bin/testing.txt AUTHOR This manual page was written by &dhusername; &dhemail; for the &debian; system (but may be used by others). Permission is granted to redistribute it and/or modify it under the terms of the &gnu; General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. debian/sasl2-bin.postrm0000664000000000000000000000345312224357633012244 0ustar #!/bin/sh # postrm script for cyrus-sasl2 # Copyright (c) 2007 by Fabian Fagerholm # Parts based on cyrus-imapd-2.2 by Henrique de Moraes Holshuch and others. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # Note that Cyrus SASL itself is published under a different license. set -e FALLBACK_RUN_DIR=/var/run/saslauthd SASLDB_FILE=/etc/sasldb2 # Debconf hook. We don't rely on debconf being present at this time. if [ -e /usr/share/debconf/confmodule ];then # Source debconf library. . /usr/share/debconf/confmodule DEBCONFEXISTS="true" export DEBCONFEXISTS else DEBCONFEXISTS="false" export DEBCONFEXISTS fi case "$1" in remove) ;; purge) # Remove the default statoverride, if it exists if dpkg-statoverride --list $FALLBACK_RUN_DIR >/dev/null 2>&1; then dpkg-statoverride --remove $FALLBACK_RUN_DIR || true fi # Purge /etc/sasldb2? If Debconf is not installed, it will # not be touched. if [ "$DEBCONFEXISTS" = "true" ]; then db_title "Cyrus SASL" || true db_fset cyrus-sasl2/purge-sasldb2 seen false || true db_input high cyrus-sasl2/purge-sasldb2 || true db_go || true db_get cyrus-sasl2/purge-sasldb2 if [ "$RET" = "true" ]; then rm -f $SASLDB_FILE fi fi if [ ! -e $SASLDB_FILE ]; then rm -f /usr/lib/sasl2/berkeley_db.active rmdir --ignore-fail-on-non-empty /usr/lib/sasl2 || true fi ;; upgrade|failed-upgrade|disappear) ;; abort-upgrade) ;; abort-install) ;; *) echo "postrm called with unknown argument $1" >&2 exit 0 esac # dh_installdeb will replace this with automatically generated code. #DEBHELPER# exit 0 debian/libsasl2-modules-otp.install0000664000000000000000000000003312224357633014544 0ustar usr/lib/*/sasl2/libotp.so* debian/NEWS0000664000000000000000000000106412224357633007677 0ustar cyrus-sasl2 (2.1.25.dfsg1-5) unstable; urgency=low * Configuration of SQL engine backends have changed from database specific configuration (e.g. 'mysql') to generic 'sql' auxprop plugin. You will need to change your configuration f.e. from: auxprop_plugin: mysql to auxprop_plugin: sql sql_engine: mysql Also the SQL query (if used) needs to have '%u' replaced with '%u@%r' because now user and realm is provided separately. -- Ondřej Surý Mon, 06 Aug 2012 13:12:22 +0200 debian/libsasl2-2.docs0000664000000000000000000000004012224412004011675 0ustar debian/README.configure-options debian/cyrus-sasl2-doc.doc-base0000664000000000000000000000042212224357633013526 0ustar Document: cyrus-sasl2-doc Title: Cyrus SASL Documentation Author: Various Abstract: Documentation about various parts of the Cyrus SASL library Section: Programming Format: HTML Index: /usr/share/doc/cyrus-sasl2-doc/index.html Files: /usr/share/doc/cyrus-sasl2-doc/*.html debian/sasl2-bin.install0000664000000000000000000000012512224357633012357 0ustar usr/bin usr/sbin usr/share/man/man1 usr/share/man/man8 usr/lib/sasl2/berkeley_db.txt debian/sasl2-bin.preinst0000664000000000000000000000165312224357633012404 0ustar #!/bin/sh # preinst script for sasl2-bin # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `install' # * `install' # * `upgrade' # * `abort-upgrade' # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package SASLDB_FILE=/etc/sasldb2 case "$1" in install) ;; upgrade) # If the database contains no users, just wipe it out, # it will be recreated later in the current format if [ -e $SASLDB_FILE ] && [ "$(sasldblistusers2 | wc -l)" -eq 0 ]; then rm -f $SASLDB_FILE fi ;; abort-upgrade) ;; *) echo "preinst called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/patches/0000775000000000000000000000000012224412004010606 5ustar debian/patches/0005_dbconverter.diff0000664000000000000000000000321112224412004014416 0ustar Author: Fabian Fagerholm Description: Build the dbconverter-2 utility and change the path to the sasldb database file to /etc/sasldb2. --- a/utils/Makefile.am +++ b/utils/Makefile.am @@ -45,10 +45,10 @@ all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET) all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) -sbin_PROGRAMS = @SASL_DB_UTILS@ @SMTPTEST_PROGRAM@ pluginviewer +sbin_PROGRAMS = @SASL_DB_UTILS@ @SMTPTEST_PROGRAM@ pluginviewer dbconverter-2 EXTRA_PROGRAMS = saslpasswd2 sasldblistusers2 testsuite testsuitestatic smtptest pluginviewer -noinst_PROGRAMS = dbconverter-2 +#noinst_PROGRAMS = dbconverter-2 if NO_SASL_DB_MANS man_MANS = --- a/utils/dbconverter-2.c +++ b/utils/dbconverter-2.c @@ -385,7 +385,7 @@ static struct sasl_callback goodsasl_cb[ int main(int argc, char **argv) { - const char *db="/etc/sasldb"; + const char *db="/etc/sasldb2"; int result; if (argc > 1) { @@ -421,7 +421,7 @@ int main(int argc, char **argv) printf("\nThis program will take the sasldb file specified on the\n" "command line and convert it to a new sasldb file in the default\n" - "location (usually /etc/sasldb). It is STRONGLY RECOMMENDED that you\n" + "location (usually /etc/sasldb2). It is STRONGLY RECOMMENDED that you\n" "backup sasldb before allowing this program to run\n\n" "We are going to convert %s and our output will be in %s\n\n" "Press return to continue\n", db, db_new); debian/patches/0017_db4.8.diff0000664000000000000000000000114012224412004012722 0ustar Author: Fabian Fagerholm Description: Support and build against db4.8. --- a/cmulocal/berkdb.m4 +++ b/cmulocal/berkdb.m4 @@ -213,7 +213,7 @@ AC_DEFUN([CYRUS_BERKELEY_DB_CHK_LIB], fi saved_LIBS=$LIBS - for dbname in ${with_bdb} db-4.7 db4.7 db47 db-4.6 db4.6 db46 db-4.5 db4.5 db45 db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db + for dbname in ${with_bdb} db do LIBS="$saved_LIBS -l$dbname" AC_TRY_LINK([#include debian/patches/CVE-2013-4122.patch0000664000000000000000000000641112224412004013217 0ustar From dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d Mon Sep 17 00:00:00 2001 From: mancha Date: Thu, 11 Jul 2013 09:08:07 +0000 Subject: Handle NULL returns from glibc 2.17+ crypt() Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL (w/ NULL return) if the salt violates specifications. Additionally, on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords passed to crypt() fail with EPERM (w/ NULL return). When using glibc's crypt(), check return value to avoid a possible NULL pointer dereference. Patch by mancha1@hush.com. --- --- cyrus-sasl2.orig/pwcheck/pwcheck_getpwnam.c +++ cyrus-sasl2/pwcheck/pwcheck_getpwnam.c @@ -32,6 +32,7 @@ char *userid; char *password; { char* r; + char* crpt_passwd; struct passwd *pwd; pwd = getpwnam(userid); @@ -41,7 +42,7 @@ char *password; else if (pwd->pw_passwd[0] == '*') { r = "Account disabled"; } - else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) { + else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) { r = "Incorrect password"; } else { --- cyrus-sasl2.orig/pwcheck/pwcheck_getspnam.c +++ cyrus-sasl2/pwcheck/pwcheck_getspnam.c @@ -32,13 +32,15 @@ char *userid; char *password; { struct spwd *pwd; + char *crpt_passwd; pwd = getspnam(userid); if (!pwd) { return "Userid not found"; } - if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) { + crpt_passwd = crypt(password, pwd->sp_pwdp); + if (!crpt_passwd || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) { return "Incorrect password"; } else { --- cyrus-sasl2.orig/saslauthd/auth_getpwent.c +++ cyrus-sasl2/saslauthd/auth_getpwent.c @@ -73,6 +73,7 @@ auth_getpwent ( { /* VARIABLES */ struct passwd *pw; /* pointer to passwd file entry */ + char *crpt_passwd; /* encrypted password */ /* END VARIABLES */ pw = getpwnam(login); @@ -82,7 +83,8 @@ auth_getpwent ( RETURN("NO"); } - if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) { + crpt_passwd = crypt(password, pw->pw_passwd); + if (!crpt_passwd || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) { RETURN("NO"); } --- cyrus-sasl2.orig/saslauthd/auth_shadow.c +++ cyrus-sasl2/saslauthd/auth_shadow.c @@ -186,16 +186,14 @@ auth_shadow ( * not returning any information about a login until we have validated * the password. */ - cpw = strdup((const char *)crypt(password, sp->sp_pwdp)); - if (strcmp(sp->sp_pwdp, cpw)) { + cpw = crypt(password, sp->sp_pwdp); + if (!cpw || strcmp(sp->sp_pwdp, (const char *)cpw)) { if (flags & VERBOSE) { syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'", sp->sp_pwdp, cpw); } - free(cpw); RETURN("NO"); } - free(cpw); /* * The following fields will be set to -1 if: @@ -257,7 +255,7 @@ auth_shadow ( RETURN("NO"); } - if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) { + if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) { if (flags & VERBOSE) { syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s", password, upw->upw_passwd); debian/patches/0039-fix-canonuser-ldapdb-garbage-in-out-buffer.patch0000664000000000000000000000040312224412004022270 0ustar --- a/plugins/ldapdb.c +++ b/plugins/ldapdb.c @@ -406,6 +406,7 @@ ldapdb_canon_server(void *glob_context, if ( len > out_max ) len = out_max; memcpy(out, bvals[0]->bv_val, len); + out[len] = '\0'; *out_ulen = len; ber_bvecfree(bvals); } debian/patches/0031-dont_use_-R_when_search_for_sqlite_libraries.patch0000664000000000000000000000155712224412004023227 0ustar --- a/configure.in +++ b/configure.in @@ -865,9 +865,9 @@ case "$with_sqlite" in notfound) AC_WARN([SQLite Library not found]); true;; *) if test -d ${with_sqlite}/lib; then - LIB_SQLITE="-L${with_sqlite}/lib -R${with_sqlite}/lib" + LIB_SQLITE="-L${with_sqlite}/lib" else - LIB_SQLITE="-L${with_sqlite} -R${with_sqlite}" + LIB_SQLITE="-L${with_sqlite}" fi LIB_SQLITE_DIR=$LIB_SQLITE @@ -917,9 +917,9 @@ case "$with_sqlite3" in notfound) AC_WARN([SQLite3 Library not found]); true;; *) if test -d ${with_sqlite3}/lib; then - LIB_SQLITE3="-L${with_sqlite3}/lib -R${with_sqlite3}/lib" + LIB_SQLITE3="-L${with_sqlite3}/lib" else - LIB_SQLITE3="-L${with_sqlite3} -R${with_sqlite3}" + LIB_SQLITE3="-L${with_sqlite3}" fi LIB_SQLITE3_DIR=$LIB_SQLITE3 debian/patches/0009_sasldb_al.diff0000664000000000000000000000105312224412004014033 0ustar Author: Fabian Fagerholm Description: Fix linking with libsasldb.a when saslauthd is built with sasldb support. --- a/saslauthd/configure.in +++ b/saslauthd/configure.in @@ -77,7 +77,7 @@ if test "$authsasldb" != no; then AC_DEFINE(AUTH_SASLDB,[],[Include SASLdb Support]) SASL_DB_PATH_CHECK() SASL_DB_CHECK() - SASL_DB_LIB="$SASL_DB_LIB ../sasldb/.libs/libsasldb.al" + SASL_DB_LIB="$SASL_DB_LIB ../sasldb/.libs/libsasldb.a" fi AC_ARG_ENABLE(httpform, [ --enable-httpform enable HTTP form authentication [[no]] ], debian/patches/0002_testsuite.diff0000664000000000000000000000211412224412004014130 0ustar Author: Fabian Fagerholm Description: Rename the testsuite program to sasltestsuite and use /etc/sasldb2 instead of ./sasldb as default path for the sasldb database file. --- a/utils/testsuite.c +++ b/utils/testsuite.c @@ -462,9 +462,9 @@ int good_getopt(void *context __attribut *len = (unsigned) strlen("sasldb"); return SASL_OK; } else if (!strcmp(option, "sasldb_path")) { - *result = "./sasldb"; + *result = "/etc/sasldb2"; if (len) - *len = (unsigned) strlen("./sasldb"); + *len = (unsigned) strlen("/etc/sasldb2"); return SASL_OK; } else if (!strcmp(option, "canon_user_plugin")) { *result = cu_plugin; @@ -2924,7 +2924,7 @@ void notes(void) void usage(void) { printf("Usage:\n" \ - " testsuite [-g name] [-s seed] [-r tests] -a -M\n" \ + " sasltestsuite [-g name] [-s seed] [-r tests] -a -M\n" \ " g -- gssapi service name to use (default: host)\n" \ " r -- # of random tests to do (default: 25)\n" \ " a -- do all corruption tests (and ignores random ones unless -r specified)\n" \ debian/patches/0026_drop_krb5support_dependency.diff0000664000000000000000000000116612224412004017635 0ustar Author: Roberto C. Sanchez Description: Drop gratuitous dependency on krb5support --- a/cmulocal/sasl2.m4 +++ b/cmulocal/sasl2.m4 @@ -112,9 +112,6 @@ if test "$gssapi" != no; then fi if test "$gss_impl" = "auto" -o "$gss_impl" = "mit"; then - # check for libkrb5support first - AC_CHECK_LIB(krb5support,krb5int_getspecific,K5SUP=-lkrb5support K5SUPSTATIC=$gssapi_dir/libkrb5support.a,,${LIB_SOCKET}) - gss_failed=0 AC_CHECK_LIB(gssapi_krb5,gss_unwrap,gss_impl="mit",gss_failed=1, ${GSSAPIBASE_LIBS} -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err ${K5SUP} ${LIB_SOCKET}) debian/patches/0035-temporary_multiarch_fixes.patch0000664000000000000000000000142212224412004017503 0ustar --- a/configure.in +++ b/configure.in @@ -277,7 +277,7 @@ AC_ARG_WITH(pam, [ --with-pam=DIR if test "$with_pam" != no; then if test -d $with_pam; then CPPFLAGS="$CPPFLAGS -I${with_pam}/include" - LDFLAGS="$LDFLAGS -L${with_pam}/lib" + LDFLAGS="$LDFLAGS -L${with_pam}/$DEB_HOST_MULTIARCH/lib" fi AC_CHECK_HEADERS(security/pam_appl.h pam/pam_appl.h) cmu_save_LIBS="$LIBS" --- a/saslauthd/configure.in +++ b/saslauthd/configure.in @@ -95,7 +95,7 @@ AC_ARG_WITH(pam, [ --with-pam=DIR if test "$with_pam" != no; then if test -d $with_pam; then CPPFLAGS="$CPPFLAGS -I${with_pam}/include" - LDFLAGS="$LDFLAGS -L${with_pam}/lib" + LDFLAGS="$LDFLAGS -L${with_pam}/$DEB_HOST_MULTIARCH/lib" fi cmu_save_LIBS="$LIBS" AC_CHECK_LIB(pam, pam_start, [ debian/patches/0036-add-reference-to-LDAP_SASLAUTHD-file.patch0000664000000000000000000000231412224412004020364 0ustar --- a/saslauthd/saslauthd.8 +++ b/saslauthd/saslauthd.8 @@ -156,8 +156,8 @@ AAUUTTHHEENNTTIICCAATTIIOON Authenticate against an ldap server. The ldap configuration parameters are read from /usr/local/etc/saslauthd.conf. The location of this file can be changed with the -O parameter. - See the LDAP_SASLAUTHD file included with the distribution for - the list of available parameters. + See the LDAP_SASLAUTHD file included in the cyrus-sasl2-doc + package for the list of available parameters. sia _(_D_i_g_i_t_a_l _U_N_I_X_) --- a/saslauthd/saslauthd.mdoc +++ b/saslauthd/saslauthd.mdoc @@ -217,8 +217,8 @@ instead. .Pp Authenticate against an ldap server. The ldap configuration parameters are read from /etc/saslauthd.conf. The location of this file can be -changed with the -O parameter. See the LDAP_SASLAUTHD file included with the -distribution for the list of available parameters. +changed with the -O parameter. See the LDAP_SASLAUTHD file included in the +cyrus-sasl2-doc package for the list of available parameters. .It Li sia .Em (Digital UNIX) .Pp debian/patches/0037-abort_if_no_fqdn_fix.patch0000664000000000000000000000270612224357633016402 0ustar --- a/lib/saslutil.c +++ b/lib/saslutil.c @@ -555,32 +555,44 @@ int get_fqhostname( NULL, /* don't care abour service/port */ &hints, &result) != 0) { - /* errno on Unix, WSASetLastError on Windows are already done by the function */ - return (-1); + if (abort_if_no_fqdn) { + /* errno on Unix, WSASetLastError on Windows are already done by the function */ + return (-1); + } else { + goto LOWERCASE; + } } - if (abort_if_no_fqdn && (result == NULL || result->ai_canonname == NULL)) { + if (result == NULL || result->ai_canonname == NULL) { freeaddrinfo (result); + if (abort_if_no_fqdn) { #ifdef WIN32 - WSASetLastError (WSANO_DATA); + WSASetLastError (WSANO_DATA); #elif defined(ENODATA) - errno = ENODATA; + errno = ENODATA; #elif defined(EADDRNOTAVAIL) - errno = EADDRNOTAVAIL; + errno = EADDRNOTAVAIL; #endif - return (-1); + return (-1); + } else { + goto LOWERCASE; + } } - if (abort_if_no_fqdn && strchr (result->ai_canonname, '.') == NULL) { + if (strchr (result->ai_canonname, '.') == NULL) { freeaddrinfo (result); + if (abort_if_no_fqdn) { #ifdef WIN32 - WSASetLastError (WSANO_DATA); + WSASetLastError (WSANO_DATA); #elif defined(ENODATA) - errno = ENODATA; + errno = ENODATA; #elif defined(EADDRNOTAVAIL) - errno = EADDRNOTAVAIL; + errno = EADDRNOTAVAIL; #endif - return (-1); + return (-1); + } else { + goto LOWERCASE; + } } debian/patches/0029-ldap_fixes.patch0000664000000000000000000000051412224412004014335 0ustar --- a/plugins/ldapdb.c +++ b/plugins/ldapdb.c @@ -251,6 +251,8 @@ static int ldapdb_auxprop_lookup(void *g #if defined(LDAP_PROXY_AUTHZ_FAILURE) case LDAP_PROXY_AUTHZ_FAILURE: +#elif defined(LDAP_X_PROXY_AUTHZ_FAILURE) + case LDAP_X_PROXY_AUTHZ_FAILURE: #endif case LDAP_INAPPROPRIATE_AUTH: case LDAP_INVALID_CREDENTIALS: debian/patches/0038-send_imap_logout.patch0000664000000000000000000000352012224412004015547 0ustar --- a/saslauthd/auth_rimap.c +++ b/saslauthd/auth_rimap.c @@ -90,6 +90,7 @@ static struct addrinfo *ai = NULL; /* re service we connect to. */ #define TAG "saslauthd" /* IMAP command tag */ #define LOGIN_CMD (TAG " LOGIN ") /* IMAP login command (with tag) */ +#define LOGOUT_CMD (TAG " LOGOUT ") /* IMAP logout command (with tag)*/ #define NETWORK_IO_TIMEOUT 30 /* network I/O timeout (seconds) */ #define RESP_LEN 1000 /* size of read response buffer */ @@ -307,10 +308,12 @@ auth_rimap ( int s=-1; /* socket to remote auth host */ struct addrinfo *r; /* remote socket address info */ struct iovec iov[5]; /* for sending LOGIN command */ + struct iovec iov2[1]; /* for sending LOGOUT command */ char *qlogin; /* pointer to "quoted" login */ char *qpass; /* pointer to "quoted" password */ char *c; /* scratch pointer */ int rc; /* return code scratch area */ + int rcl; /* return code scratch area */ char rbuf[RESP_LEN]; /* response read buffer */ char hbuf[NI_MAXHOST], pbuf[NI_MAXSERV]; int saved_errno; @@ -523,6 +526,24 @@ auth_rimap ( } } } + + /* close remote imap */ + iov2[0].iov_base = LOGOUT_CMD; + iov2[0].iov_len = sizeof(LOGOUT_CMD) - 1; + iov2[1].iov_base = "\r\n"; + iov2[1].iov_len = sizeof("\r\n") - 1; + + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "auth_rimap: sending %s%s %s", + LOGOUT_CMD, qlogin, qpass); + } + alarm(NETWORK_IO_TIMEOUT); + rcl = retry_writev(s, iov2, 2); + alarm(0); + if (rcl == -1) { + syslog(LOG_WARNING, "auth_rimap: writev logout: %m"); + } + (void) close(s); /* we're done with the remote */ if (rc == -1) { syslog(LOG_WARNING, "auth_rimap: read (response): %m"); debian/patches/0001_versioned_symbols.diff0000664000000000000000000000142512224412004015650 0ustar Author: Fabian Fagerholm Description: Use versioned symbols for libsasl2. --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -62,8 +62,8 @@ LIB_DOOR= @LIB_DOOR@ lib_LTLIBRARIES = libsasl2.la libsasl2_la_SOURCES = $(common_sources) $(common_headers) -libsasl2_la_LDFLAGS = -version-info $(sasl_version) -libsasl2_la_DEPENDENCIES = $(LTLIBOBJS) +libsasl2_la_LDFLAGS = -version-info $(sasl_version) -Wl,--version-script=$(top_srcdir)/Versions +libsasl2_la_DEPENDENCIES = $(LTLIBOBJS) $(top_srcdir)/Versions libsasl2_la_LIBADD = $(LTLIBOBJS) $(SASL_DL_LIB) $(LIB_SOCKET) $(LIB_DOOR) if MACOSX --- /dev/null +++ b/Versions @@ -0,0 +1,7 @@ +SASL2 { + global: + sasl_*; prop_*; auxprop_plugin_info; _sasl_MD5*; +}; + +HIDDEN { local: __*; _rest*; _save*; *; }; + debian/patches/0030-dont_use_la_files_for_opening_plugins.patch0000664000000000000000000000652612224412004022024 0ustar --- a/lib/dlopen.c +++ b/lib/dlopen.c @@ -247,105 +247,6 @@ static int _sasl_plugin_load(char *plugi return result; } -/* this returns the file to actually open. - * out should be a buffer of size PATH_MAX - * and may be the same as in. */ - -/* We'll use a static buffer for speed unless someone complains */ -#define MAX_LINE 2048 - -static int _parse_la(const char *prefix, const char *in, char *out) -{ - FILE *file; - size_t length; - char line[MAX_LINE]; - char *ntmp = NULL; - - if(!in || !out || !prefix || out == in) return SASL_BADPARAM; - - /* Set this so we can detect failure */ - *out = '\0'; - - length = strlen(in); - - if (strcmp(in + (length - strlen(LA_SUFFIX)), LA_SUFFIX)) { - if(!strcmp(in + (length - strlen(SO_SUFFIX)),SO_SUFFIX)) { - /* check for a .la file */ - strcpy(line, prefix); - strcat(line, in); - length = strlen(line); - *(line + (length - strlen(SO_SUFFIX))) = '\0'; - strcat(line, LA_SUFFIX); - file = fopen(line, "r"); - if(file) { - /* We'll get it on the .la open */ - fclose(file); - return SASL_FAIL; - } - } - strcpy(out, prefix); - strcat(out, in); - return SASL_OK; - } - - strcpy(line, prefix); - strcat(line, in); - - file = fopen(line, "r"); - if(!file) { - _sasl_log(NULL, SASL_LOG_WARN, - "unable to open LA file: %s", line); - return SASL_FAIL; - } - - while(!feof(file)) { - if(!fgets(line, MAX_LINE, file)) break; - if(line[strlen(line) - 1] != '\n') { - _sasl_log(NULL, SASL_LOG_WARN, - "LA file has too long of a line: %s", in); - return SASL_BUFOVER; - } - if(line[0] == '\n' || line[0] == '#') continue; - if(!strncmp(line, "dlname=", sizeof("dlname=") - 1)) { - /* We found the line with the name in it */ - char *end; - char *start; - size_t len; - end = strrchr(line, '\''); - if(!end) continue; - start = &line[sizeof("dlname=")-1]; - len = strlen(start); - if(len > 3 && start[0] == '\'') { - ntmp=&start[1]; - *end='\0'; - /* Do we have dlname="" ? */ - if(ntmp == end) { - _sasl_log(NULL, SASL_LOG_DEBUG, - "dlname is empty in .la file: %s", in); - return SASL_FAIL; - } - strcpy(out, prefix); - strcat(out, ntmp); - } - break; - } - } - if(ferror(file) || feof(file)) { - _sasl_log(NULL, SASL_LOG_WARN, - "Error reading .la: %s\n", in); - fclose(file); - return SASL_FAIL; - } - fclose(file); - - if(!(*out)) { - _sasl_log(NULL, SASL_LOG_WARN, - "Could not find a dlname line in .la file: %s", in); - return SASL_FAIL; - } - - return SASL_OK; -} #endif /* DO_DLOPEN */ /* loads a plugin library */ @@ -499,18 +400,18 @@ int _sasl_load_plugins(const add_plugin_ if (length + pos>=PATH_MAX) continue; /* too big */ if (strcmp(dir->d_name + (length - strlen(SO_SUFFIX)), - SO_SUFFIX) - && strcmp(dir->d_name + (length - strlen(LA_SUFFIX)), - LA_SUFFIX)) + SO_SUFFIX)) continue; + /* We only use .so files for loading plugins */ + memcpy(name,dir->d_name,length); name[length]='\0'; - result = _parse_la(prefix, name, tmp); - if(result != SASL_OK) - continue; - + /* Create full name with path */ + strncpy(tmp, prefix, PATH_MAX); + strncat(tmp, name, PATH_MAX); + /* skip "lib" and cut off suffix -- this only need be approximate */ strcpy(plugname, name + 3); debian/patches/0003_saslauthd_mdoc.diff0000664000000000000000000000224412224412004015076 0ustar Author: Fabian Fagerholm Description: Use the correct path for the saslauthd.conf file, and use another date format (cosmetic). --- a/saslauthd/saslauthd.mdoc +++ b/saslauthd/saslauthd.mdoc @@ -10,7 +10,7 @@ .\" manpage in saslauthd.8 whenever you change this source .\" version. Only the pre-formatted manpage is installed. .\" -.Dd 10 24 2002 +.Dd October 24 2002 .Dt SASLAUTHD 8 .Os "CMU-SASL" .Sh NAME @@ -216,7 +216,7 @@ instead. .Em (All platforms that support OpenLDAP 2.0 or higher) .Pp Authenticate against an ldap server. The ldap configuration parameters are -read from /usr/local/etc/saslauthd.conf. The location of this file can be +read from /etc/saslauthd.conf. The location of this file can be changed with the -O parameter. See the LDAP_SASLAUTHD file included with the distribution for the list of available parameters. .It Li sia @@ -249,7 +249,7 @@ was never intended to be used in this ma .Bl -tag -width "/var/run/saslauthd/mux" .It Pa /var/run/saslauthd/mux The default communications socket. -.It Pa /usr/local/etc/saslauthd.conf +.It Pa /etc/saslauthd.conf The default configuration file for ldap support. .El .Sh SEE ALSO debian/patches/0033-fix_segfault_in_GSSAPI.patch0000664000000000000000000000132212224412004016424 0ustar --- a/plugins/gssapi.c +++ b/plugins/gssapi.c @@ -370,7 +370,7 @@ sasl_gss_encode(void *context, const str } if (output_token->value && output) { - unsigned char * p = (unsigned char *) text->encode_buf; + int len; ret = _plug_buf_alloc(text->utils, &(text->encode_buf), @@ -384,11 +384,8 @@ sasl_gss_encode(void *context, const str return ret; } - p[0] = (output_token->length>>24) & 0xFF; - p[1] = (output_token->length>>16) & 0xFF; - p[2] = (output_token->length>>8) & 0xFF; - p[3] = output_token->length & 0xFF; - + len = htonl(output_token->length); + memcpy(text->encode_buf, &len, 4); memcpy(text->encode_buf + 4, output_token->value, output_token->length); } debian/patches/0032-revert_1.103_revision_to_unbreak_GSSAPI.patch0000664000000000000000000000116012224412004021435 0ustar --- a/plugins/gssapi.c +++ b/plugins/gssapi.c @@ -1480,10 +1480,10 @@ static int gssapi_client_mech_step(void } /* Setup req_flags properly */ - req_flags = GSS_C_INTEG_FLAG; + req_flags = GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG; if (params->props.max_ssf > params->external_ssf) { /* We are requesting a security layer */ - req_flags |= GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG; + req_flags |= GSS_C_INTEG_FLAG; /* Any SSF bigger than 1 is confidentiality. */ /* Let's check if the client of the API requires confidentiality, and it wasn't already provided by an external layer */ debian/patches/0028-autotools_fixes.patch0000664000000000000000000000753012224412004015452 0ustar --- a/configure.in +++ b/configure.in @@ -44,6 +44,8 @@ dnl AC_INIT(lib/saslint.h) AC_PREREQ([2.54]) +AC_CONFIG_MACRO_DIRS([cmulocal] [config]) + dnl use ./config.cache as the default cache file. dnl we require a cache file to successfully configure our build. if test $cache_file = "/dev/null"; then --- a/Makefile.am +++ b/Makefile.am @@ -43,6 +43,8 @@ AUTOMAKE_OPTIONS = 1.7 # ################################################################ +ACLOCAL_AMFLAGS = -I cmulocal -I config + if SASLAUTHD SAD = saslauthd else --- a/saslauthd/configure.in +++ b/saslauthd/configure.in @@ -1,7 +1,8 @@ AC_INIT(mechanisms.h) AC_PREREQ([2.54]) -AC_CONFIG_AUX_DIR(config) +AC_CONFIG_MACRO_DIRS([../cmulocal] [../config]) +AC_CONFIG_AUX_DIR([config]) AC_CANONICAL_HOST dnl Should we enable SASLAUTHd at all? @@ -164,30 +165,30 @@ AC_SUBST(LTLIBOBJS) dnl Checks for which function macros exist AC_MSG_CHECKING(whether $CC implements __func__) -AC_CACHE_VAL(have_func, +AC_CACHE_VAL(_cv_have_func, [AC_TRY_LINK([#include ],[printf("%s", __func__);], -have_func=yes, -have_func=no)]) -AC_MSG_RESULT($have_func) -if test "$have_func" = yes; then +_cv_have_func=yes, +_cv_have_func=no)]) +AC_MSG_RESULT($_cv_have_func) +if test "$_cv_have_func" = yes; then AC_DEFINE(HAVE_FUNC,[],[Does the compiler understand __func__]) else AC_MSG_CHECKING(whether $CC implements __PRETTY_FUNCTION__) - AC_CACHE_VAL(have_pretty_function, + AC_CACHE_VAL(_cv_have_pretty_function, [AC_TRY_LINK([#include ],[printf("%s", __PRETTY_FUNCTION__);], - have_pretty_function=yes, - have_pretty_function=no)]) - AC_MSG_RESULT($have_pretty_function) - if test "$have_pretty_function" = yes; then + _cv_have_pretty_function=yes, + _cv_have_pretty_function=no)]) + AC_MSG_RESULT($_cv_have_pretty_function) + if test "$_cv_have_pretty_function" = yes; then AC_DEFINE(HAVE_PRETTY_FUNCTION,[],[Does compiler understand __PRETTY_FUNCTION__]) else AC_MSG_CHECKING(whether $CC implements __FUNCTION__) - AC_CACHE_VAL(have_function, + AC_CACHE_VAL(_cv_have_function, [AC_TRY_LINK([#include ],[printf("%s", __FUNCTION__);], - have_function=yes, - have_function=no)]) - AC_MSG_RESULT($have_function) - if test "$have_function" = yes; then + _cv_have_function=yes, + _cv_have_function=no)]) + AC_MSG_RESULT($_cv_have_function) + if test "$_cv_have_function" = yes; then AC_DEFINE(HAVE_FUNCTION,[],[Does compiler understand __FUNCTION__]) fi fi --- a/saslauthd/Makefile.am +++ b/saslauthd/Makefile.am @@ -1,4 +1,6 @@ AUTOMAKE_OPTIONS = 1.7 +ACLOCAL_AMFLAGS = -I ../cmulocal -I ../config + sbin_PROGRAMS = saslauthd testsaslauthd EXTRA_PROGRAMS = saslcache --- a/config/kerberos_v4.m4 +++ b/config/kerberos_v4.m4 @@ -89,18 +89,18 @@ AC_DEFUN([SASL_KERBEROS_V4_CHK], [ dnl if we were ambitious, we would look more aggressively for the dnl krb4 install if test -d ${krb4}; then - AC_CACHE_CHECK(for Kerberos includes, cyrus_krbinclude, [ + AC_CACHE_CHECK(for Kerberos includes, cyrus_cv_krbinclude, [ for krbhloc in include/kerberosIV include/kerberos include do if test -f ${krb4}/${krbhloc}/krb.h ; then - cyrus_krbinclude=${krb4}/${krbhloc} + cyrus_cv_krbinclude=${krb4}/${krbhloc} break fi done ]) - if test -n "${cyrus_krbinclude}"; then - CPPFLAGS="$CPPFLAGS -I${cyrus_krbinclude}" + if test -n "${cyrus_cv_krbinclude}"; then + CPPFLAGS="$CPPFLAGS -I${cyrus_cv_krbinclude}" fi LDFLAGS="$LDFLAGS -L$krb4/lib" fi debian/patches/0034-fix_dovecot_authentication.patch0000664000000000000000000000651412224412004017631 0ustar Index: cyrus-sasl2-2.1.25.dfsg1/saslauthd/auth_rimap.c =================================================================== --- cyrus-sasl2-2.1.25.dfsg1.orig/saslauthd/auth_rimap.c 2013-05-16 15:36:35.000000000 +0000 +++ cyrus-sasl2-2.1.25.dfsg1/saslauthd/auth_rimap.c 2013-05-16 15:43:24.000000000 +0000 @@ -1,3 +1,4 @@ + /* MODULE: auth_rimap */ /* COPYRIGHT @@ -367,6 +368,39 @@ alarm(NETWORK_IO_TIMEOUT); rc = read(s, rbuf, sizeof(rbuf)); alarm(0); + if ( rc>0 ) { + /* check if there is more to read */ + fd_set perm; + int fds, ret, loopc; + struct timeval timeout; + + FD_ZERO(&perm); + FD_SET(s, &perm); + fds = s +1; + + timeout.tv_sec = 1; + timeout.tv_usec = 0; + loopc = 0; + while( select (fds, &perm, NULL, NULL, &timeout ) >0 ) { + if ( FD_ISSET(s, &perm) ) { + ret = read(s, rbuf+rc, sizeof(rbuf)-rc); + if ( ret<0 ) { + rc = ret; + break; + } else { + if (ret == 0) { + loopc += 1; + } else { + loopc = 0; + } + if (loopc > sizeof(rbuf)) { // arbitrary chosen value + break; + } + rc += ret; + } + } + } + } if (rc == -1) { syslog(LOG_WARNING, "auth_rimap: read (banner): %m"); (void) close(s); @@ -456,6 +490,39 @@ alarm(NETWORK_IO_TIMEOUT); rc = read(s, rbuf, sizeof(rbuf)); alarm(0); + if ( rc>0 ) { + /* check if there is more to read */ + fd_set perm; + int fds, ret, loopc; + struct timeval timeout; + + FD_ZERO(&perm); + FD_SET(s, &perm); + fds = s +1; + + timeout.tv_sec = 1; + timeout.tv_usec = 0; + loopc = 0; + while( select (fds, &perm, NULL, NULL, &timeout ) >0 ) { + if ( FD_ISSET(s, &perm) ) { + ret = read(s, rbuf+rc, sizeof(rbuf)-rc); + if ( ret<0 ) { + rc = ret; + break; + } else { + if (ret == 0) { + loopc += 1; + } else { + loopc = 0; + } + if (loopc > sizeof(rbuf)) { // arbitrary chosen value + break; + } + rc += ret; + } + } + } + } (void) close(s); /* we're done with the remote */ if (rc == -1) { syslog(LOG_WARNING, "auth_rimap: read (response): %m"); Index: cyrus-sasl2-2.1.25.dfsg1/lib/checkpw.c =================================================================== --- cyrus-sasl2-2.1.25.dfsg1.orig/lib/checkpw.c 2013-05-16 15:36:35.000000000 +0000 +++ cyrus-sasl2-2.1.25.dfsg1/lib/checkpw.c 2013-05-16 15:36:53.000000000 +0000 @@ -587,16 +587,14 @@ /* Timeout. */ errno = ETIMEDOUT; return -1; - case +1: - if (FD_ISSET(fd, &rfds)) { - /* Success, file descriptor is readable. */ - return 0; - } - return -1; case -1: if (errno == EINTR || errno == EAGAIN) continue; default: + if (FD_ISSET(fd, &rfds)) { + /* Success, file descriptor is readable. */ + return 0; + } /* Error catch-all. */ return -1; } debian/patches/0014_avoid_pic_overwrite.diff0000664000000000000000000000206412224412004016151 0ustar Author: Fabian Fagerholm Description: This patch makes sure the non-PIC version of libsasldb.a, which is created out of non-PIC objects, is not going to overwrite the PIC version, which is created out of PIC objects. The PIC version is placed in .libs, and the non-PIC version in the current directory. This ensures that both non-PIC and PIC versions are available in the correct locations. --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -78,7 +78,7 @@ endif libsasl2.a: libsasl2.la $(SASL_STATIC_OBJS) @echo adding static plugins and dependencies - $(AR) cru .libs/$@ $(SASL_STATIC_OBJS) + $(AR) cru $@ $(SASL_STATIC_OBJS) @for i in ./libsasl2.la ../sasldb/libsasldb.la ../plugins/lib*.la; do \ if test ! -f $$i; then continue; fi; . $$i; \ for j in $$dependency_libs foo; do \ --- a/sasldb/Makefile.am +++ b/sasldb/Makefile.am @@ -63,6 +63,6 @@ libsasldb_a_SOURCES = EXTRA_libsasldb_a_SOURCES = libsasldb.a: libsasldb.la $(SASL_DB_BACKEND_STATIC) - $(AR) cru .libs/$@ $(SASL_DB_BACKEND_STATIC) + $(AR) cru $@ $(SASL_DB_BACKEND_STATIC) debian/patches/0011_saslauthd_ac_prog_libtool.diff0000664000000000000000000000043012224412004017304 0ustar Author: Fabian Fagerholm Description: Enable libtool use. --- a/saslauthd/configure.in +++ b/saslauthd/configure.in @@ -25,6 +25,7 @@ AC_PROG_AWK AC_PROG_MAKE_SET AC_PROG_LN_S AC_PROG_INSTALL +AC_PROG_LIBTOOL dnl Checks for build foo CMU_C___ATTRIBUTE__ debian/patches/0027_db5_support.diff0000664000000000000000000000202412224412004014354 0ustar Author: Ondřej Surý Description: Support newer Berkeley DB versions --- a/sasldb/db_berkeley.c +++ b/sasldb/db_berkeley.c @@ -101,7 +101,7 @@ static int berkeleydb_open(const sasl_ut ret = db_create(mbdb, NULL, 0); if (ret == 0 && *mbdb != NULL) { -#if DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1 +#if (DB_VERSION_MAJOR > 4) || ((DB_VERSION_MAJOR == 4) && (DB_VERSION_MINOR >= 1)) ret = (*mbdb)->open(*mbdb, NULL, path, NULL, DB_HASH, flags, 0660); #else ret = (*mbdb)->open(*mbdb, path, NULL, DB_HASH, flags, 0660); --- a/utils/dbconverter-2.c +++ b/utils/dbconverter-2.c @@ -214,7 +214,7 @@ static int berkeleydb_open(const char *p ret = db_create(mbdb, NULL, 0); if (ret == 0 && *mbdb != NULL) { -#if DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1 +#if (DB_VERSION_MAJOR > 4) || ((DB_VERSION_MAJOR == 4) && (DB_VERSION_MINOR >= 1)) ret = (*mbdb)->open(*mbdb, NULL, path, NULL, DB_HASH, DB_CREATE, 0664); #else ret = (*mbdb)->open(*mbdb, path, NULL, DB_HASH, DB_CREATE, 0664); debian/patches/0010_maintainer_mode.diff0000664000000000000000000000051312224412004015232 0ustar Author: Fabian Fagerholm Description: Enable maintainer mode to avoid auto* problems. --- a/configure.in +++ b/configure.in @@ -62,6 +62,8 @@ dnl AM_INIT_AUTOMAKE(cyrus-sasl, 2.1.25) CMU_INIT_AUTOMAKE +AM_MAINTAINER_MODE + # and include our config dir scripts ACLOCAL="$ACLOCAL -I \$(top_srcdir)/config" debian/patches/0012_xopen_crypt_prototype.diff0000664000000000000000000000133012224412004016576 0ustar Author: Dann Frazier Description: When _XOPEN_SOURCE is defined, the subsequent #include will define a correct function prototype for the crypt function. This avoids segfaults on architectures where the size of a pointer is greater than the size of an integer (ia64 and amd64 are examples). This may be detected by looking for build log lines such as the following: auth_shadow.c:183: warning: implicit declaration of function ‘crypt’ auth_shadow.c:183: warning: cast to pointer from integer of different size --- a/saslauthd/auth_shadow.c +++ b/saslauthd/auth_shadow.c @@ -36,6 +36,7 @@ #ifdef AUTH_SHADOW +#define _XOPEN_SOURCE #define PWBUFSZ 256 /***SWB***/ # include debian/patches/0025_ld_as_needed.diff0000664000000000000000000000207312224412004014476 0ustar Author: Matthias Klose Desription: Fix FTBFS, add $(SASL_DB_LIB) as dependency to libsasldb, and use it. --- a/saslauthd/Makefile.am +++ b/saslauthd/Makefile.am @@ -16,7 +16,7 @@ EXTRA_saslauthd_sources = getaddrinfo.c saslauthd_DEPENDENCIES = saslauthd-main.o @LTLIBOBJS@ saslauthd_LDADD = @SASL_KRB_LIB@ \ @GSSAPIBASE_LIBS@ @GSSAPI_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \ - @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@ + @LIB_SOCKET@ ../sasldb/libsasldb.la @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@ testsaslauthd_SOURCES = testsaslauthd.c utils.c testsaslauthd_LDADD = @LIB_SOCKET@ --- a/sasldb/Makefile.am +++ b/sasldb/Makefile.am @@ -55,8 +55,8 @@ noinst_LIBRARIES = libsasldb.a libsasldb_la_SOURCES = allockey.c sasldb.h EXTRA_libsasldb_la_SOURCES = $(extra_common_sources) -libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) -libsasldb_la_LIBADD = $(SASL_DB_BACKEND) +libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) $(SASL_DB_LIB) +libsasldb_la_LIBADD = $(SASL_DB_BACKEND) $(SASL_DB_LIB) # Prevent make dist stupidity libsasldb_a_SOURCES = debian/patches/series0000664000000000000000000000153412224412004012026 0ustar 0001_versioned_symbols.diff 0002_testsuite.diff 0003_saslauthd_mdoc.diff 0005_dbconverter.diff 0006_library_mutexes.diff 0009_sasldb_al.diff 0010_maintainer_mode.diff 0011_saslauthd_ac_prog_libtool.diff 0012_xopen_crypt_prototype.diff 0014_avoid_pic_overwrite.diff 0017_db4.8.diff 0025_ld_as_needed.diff 0026_drop_krb5support_dependency.diff 0027_db5_support.diff 0028-autotools_fixes.patch 0029-ldap_fixes.patch 0030-dont_use_la_files_for_opening_plugins.patch 0031-dont_use_-R_when_search_for_sqlite_libraries.patch 0032-revert_1.103_revision_to_unbreak_GSSAPI.patch 0033-fix_segfault_in_GSSAPI.patch 0034-fix_dovecot_authentication.patch 0035-temporary_multiarch_fixes.patch 0036-add-reference-to-LDAP_SASLAUTHD-file.patch 0037-abort_if_no_fqdn_fix.patch 0038-send_imap_logout.patch 0039-fix-canonuser-ldapdb-garbage-in-out-buffer.patch CVE-2013-4122.patch debian/patches/0006_library_mutexes.diff0000664000000000000000000000156112224412004015326 0ustar Author: Fabian Fagerholm Description: Exact description unknown; make sure mutex-related code works. --- a/lib/common.c +++ b/lib/common.c @@ -818,7 +818,7 @@ int _sasl_common_init(sasl_global_callba result = sasl_canonuser_add_plugin("INTERNAL", internal_canonuser_init); if(result != SASL_OK) return result; - if (!free_mutex) { + if (!free_mutex || free_mutex == 0x1) { free_mutex = sasl_MUTEX_ALLOC(); } if (!free_mutex) return SASL_FAIL; @@ -838,6 +838,11 @@ void sasl_dispose(sasl_conn_t **pconn) /* serialize disposes. this is necessary because we can't dispose of conn->mutex if someone else is locked on it */ + + if (!free_mutex || free_mutex == 0x1) + free_mutex = sasl_MUTEX_ALLOC(); + if (!free_mutex) return SASL_FAIL; + result = sasl_MUTEX_LOCK(free_mutex); if (result!=SASL_OK) return; debian/libsasl2-modules-sql.install0000664000000000000000000000003312224357633014541 0ustar usr/lib/*/sasl2/libsql.so* debian/libsasl2-2.README.Debian0000664000000000000000000000616512224412004013101 0ustar Cyrus SASL for Debian --------------------- SASL is the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. This is the Debian package of Cyrus SASL, which is an implementation of SASL by Carnegie Mellon University. The package stays as close as possible to the upstream version, but some changes have been introduced to fix known issues and to better integrate the software with the Debian system. For example, some command line utilities have been renamed with a "sasl" prefix, in order to avoid naming collisions. The software has been split into several packages, so a system administrator can choose what functionality to install and what to leave out. IMPORTANT: You MUST install one of the libsasl2-modules* packages for SASL to work with server programs. Otherwise server software like Postfix and Cyrus IMAPd will not allow any users to log in, and other SASL apps will malfuntion in weird ways. If you do not intend to use SASL on your server, then the libsasl2-modules* packages are not necessary for you. SASL automatically logs debug information to syslog's auth.debug facility. This is not something that can be disabled through a configuration option to libsasl2-2 itself. The default syslog configurations in Debian result in these messages going to /var/log/syslog and /var/log/auth.log. If you wish to send the SASL debug messages elsewhere, you can add a line like this: auth.debug /var/log/auth.debug To throw the messages away: auth.debug /dev/null Additional information can be found here: http://www.cyrusimap.org/docs/cyrus-imapd/2.4.8/install-configure.php SASL uses /dev/urandom, which doesn't block when the system runs out of entropy. However, when the system does run out of entropy, the random numbers that /dev/urandom emits are slightly less cryptographically secure. If you are concerned about this, then please turn to the kernel documentation or other sources to determine what this means in your case. In practise, /dev/urandom is just fine for the vast majority of cases. If you want to use /dev/random for whatever reason, you have to recompile the packages. (Change --with-devrandom in debian/rules.) Use dpkg-statoverride to change the permission and the ownership of the saslauthd socket /var/run/saslauthd and the sasldb user database /etc/sasldb2. For more information on saslauthd, see the README.Debian in the sasl2-bin package. For more information about SASL, please see http://asg.web.cmu.edu/sasl/, and for more information about Cyrus SASL, see http://asg.web.cmu.edu/sasl/sasl-library.html. Also see the following RFC documents, which are currently not distributed with the Debian packages: rfc1321.txt rfc1939.txt rfc2104.txt rfc2195.txt rfc2222.txt rfc2243.txt rfc2245.txt rfc2289.txt rfc2444.txt rfc2595.txt rfc2831.txt rfc2945.txt rfc3174.txt The project information page http://pkg-cyrus-sasl2.alioth.debian.org/ contains details about the Debian packaging project. All comments and bug reports are welcome, please use the Debian Bug Tracking System to submit them. -- Fabian Fagerholm , Fri, 9 Jun 2008 21:08:07 +0300 debian/libsasl2-modules-gssapi-mit.install0000664000000000000000000000013012224357633016015 0ustar usr/lib/*/sasl2/libgssapiv2.so* usr/lib/*/sasl2/libscram.so* usr/lib/*/sasl2/libgs2.so* debian/sasl2-bin.config0000664000000000000000000000143312224357633012161 0ustar #!/bin/sh # Debconf config script for cyrus-sasl2 # Copyright (c) 2007 by Fabian Fagerholm # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # Note that Cyrus SASL itself is published under a different license. set -e # Debconf hook. . /usr/share/debconf/confmodule case "$1" in configure) ok='' while [ ! "$ok" ]; do db_input medium cyrus-sasl2/backup-sasldb2 || true db_go db_get cyrus-sasl2/backup-sasldb2 if [ "$RET" ]; then ok=1 fi done ;; reconfigure) ;; *) echo "config called with unknown argument $1" >&2 exit 0 esac exit 0 debian/README.source0000664000000000000000000000036312224357633011360 0ustar This package uses quilt to manage all modifications to the upstream source. Changes are stored in the source package as diffs in debian/patches and applied during the build. See /usr/share/doc/quilt/README.source for a detailed explanation. debian/compat0000664000000000000000000000000212224357633010375 0ustar 9 debian/po/0000775000000000000000000000000012224357633007615 5ustar debian/po/ca.po0000664000000000000000000001200712224357633010540 0ustar # Translations file for cyrus-sasl2. # Copyright 2007 Fabian Fagerholm # This file is distributed under the same license as the PACKAGE package. # Innocent De Marchi , 2011 # msgid "" msgstr "" "Project-Id-Version: 2.1.24\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2011-09-15 16:31+0100\n" "Last-Translator: Innocent De Marchi \n" "Language-Team: Catalan \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Poedit-Language: Catalan\n" "X-Poedit-Country: Spain\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Voleu eliminar «/etc/sasldb2»?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database file." msgstr "Cyrus SASL pot emmagatzemar noms d'usuari i contrasenyes en el fitxer de dades «/etc/sasldb2»." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "If important data is stored in that file, you should back it up now or choose not to remove the file." msgstr "Si hi ha dades importants emmagatzemades en el fitxer, cal fer una còpia de seguretat ara o be no eliminar el fitxer." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Nom del fitxer de còpia de seguretat per a «/etc/sasldb2»:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database file." msgstr "Cyrus SASL ha emmagatzemat els noms d'usuaris i contrasenyes al fitxer de dades «/etc/sasldb2»" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "That file has to be upgraded to a newer database format. First, a backup of the current file will be created. You can use that if you need to manually downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "Cal actualitzar el format del fitxer de dades al nou format. Primer, es farà una còpia de seguretat del fitxer actual. Podreu fer servir la còpia de seguretat si torna manualment a una versió anterior de Cyrus SASL. Teniu present que no és possible tornar a una versió anterior automàticament." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Please specify the backup file name. You should check the available disk space in that location. If the backup file already exists, it will be overwritten. Leaving this field empty will select the default value (/var/backups/sasldb2.bak)." msgstr "Especifiqueu el nom del fitxer de la còpia de seguretat. Cal que comproveu que hi ha prou espai de disc disponible en la ubicació del fitxer. Si ja hi ha un fitxer de còpia de seguretat en aquesta ubicació, serà substituït. Si deixeu el camp buit, es farà servir el nom predeterminat («/var/backups/sasldb2.bak»)" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Ha fallat la generació del fitxer de còpia de seguretat de «/etc/sasldb2»" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "The /etc/sasldb2 file could not be backed up with the file name you specified." msgstr "No ha estat possible fer una còpia de seguretat del fitxer «/etc/sasldb2» amb el nom de fitxer que heu especificat." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 #: ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "Aquest és un error fatal el qual farà que la instal·lació falli." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Please eliminate all possible reasons that might lead to this failure, and try to configure this package again." msgstr "Eliminau totes les possibles causes de l'errada i, a continuació, tornau a intentar la configuració del paquet." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Ha fallat l'actualització de «/etc/sasldb2»" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "No ha estat possible actualitzar el fitxer «/etc/sasldb2» al nou format de dades." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The configuration process will attempt to restore the backup of this file to its original location." msgstr "El procés de configuració intentarà restaurar la còpia de seguretat del fitxer a la seva ubicació original." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Please eliminate all possible reasons that might lead to this failure, then try to configure this package again." msgstr "Eliminau totes les possibles causes de l'errada per, a continuació, tornar a intentar la configuració del paquet" debian/po/vi.po0000664000000000000000000001232112224357633010572 0ustar # Vietnamese translation for Cyrus SASL 2. # Copyright © 2007 Free Software Foundation, Inc. # Clytie Siddall , 2007 # msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-10-03 22:12+0930\n" "Last-Translator: Clytie Siddall \n" "Language-Team: Vietnamese \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0;\n" "X-Generator: LocFactoryEditor 1.7b1\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Gỡ bỏ « /etc/sasldb2 » không?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Phần mềm Cyrus SASL có khả năng cất giữ các tên người dùng và mật khẩu đều " "trong tập tin cơ sở dữ liệu « /etc/sasldb2 »." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Tập tin này chứa dữ liệu quan trọng nên bạn sao lưu nó ngay bây giờ, hoặc " "không gỡ bỏ nó." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Tên tập tin sao lưu cho « /etc/sasldb2 »:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Phần mềm Cyrus SASL đã cất giữ các tên người dùng và mật khẩu đều trong tập " "tin cơ sở dữ liệu « /etc/sasldb2 »." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "Tập tin này phải được nâng cấp lên định dạng cơ sở dữ liệu mới. Trước tiên, " "bản sao lưu của tập tin hiện thời sẽ được tạo. Bạn có thể sử dụng tập tin " "sao lưu này trong trường hợp bạn cần phải tự hạ cấp Cyrus SASL. Tuy nhiên, " "phần mềm này không hỗ trợ khả năng tự động hạ cấp." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Hãy ghi rõ tên cho tập tin sao lưu. Khuyên bạn cũng kiểm tra có đủ chỗ trên " "đĩa ở vị trí đó. Tập tin sao lưu đã tồn tại thì bị ghi đè. Bỏ trống trường " "này thì chọn giá trị mặc định (/var/backups/sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Lỗi sao lưu « /etc/sasldb2 »" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "Tập tin « /etc/sasldb2 » không thể được sao lưu dưới tên tập tin bạn đã ghi " "rõ." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "" "Đây là lỗi nghiêm trọng sẽ gây ra chạy không thành công tiến trình cài đặt " "gói." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Hãy loại ra mọi lý do có thể đưa tới vấn đề lỗi này, rồi thử lại cấu hình " "gói." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Lỗi nâng cấp « /etc/sasldb2 »" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "" "Tập tin « /etc/sasldb2 » không thể được nâng cấp lên định dạng cơ sở dữ liệu " "mới." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "Tiến trình cấu hình sẽ thử phục hồi bản sao lưu của tập tin này ở vị trí gốc " "của nó." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Hãy loại ra mọi lý do có thể đưa tới vấn đề lỗi này, rồi thử lại cấu hình " "gói." debian/po/ta.po0000664000000000000000000001611612224357633010566 0ustar # translation of cyrus-sasl2.po to TAMIL # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # # Dr.T.Vasudevan , 2007. msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-10-04 17:03+0530\n" "Last-Translator: Dr.T.Vasudevan \n" "Language-Team: TAMIL \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.11.4\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "/etc/sasldb2 ஐ நீக்கவா?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "ஸைரஸ் SASL பயனர் பெயர்கள் மற்றும் கடவுச்சொற்களை /etc/sasldb2 தரவுத்தள கோப்பில் சேமிக்க " "இயலும்" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "முக்கியமான தரவு அந்த கோப்பில் சேமித்து இருந்தால் அதை நீங்கள் இப்போது பாதுகாப்பு பிரதி " "எடுக்க வேன்டும் அல்லது அதை நீக்கக்கூடாது." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "/etc/sasldb2க்கு காப்புக்கோப்பு பெயர் :" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "ஸைரஸ் SASL பயனர் பெயர்கள் மற்றும் கடவுச்சொற்களை /etc/sasldb2 தரவுத்தள கோப்பில் சேமித்து " "உள்ளது." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "அந்த கோப்பு ஒரு புதிய முறைமைக்கு மேம்படுத்தப்பட வேன்டும். முதலில் ஒரு பாதுகாப்பு கோப்பு " "உருவாக்கப்படும். ஒரு வேளை நீங்கள் ஸைரஸ் SASL ஐ கைமுரையாக பின்படுத்த விரும்பினால் அதை " "பயன்ப்டுத்தலாம். ஆனால் தானியங்கி பின்படுத்தல் ஆதரிக்கப்படவில்லை." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "தயவு செய்து பாதுகாப்பு கோப்பு பெயர் ஐ உள்ளிடவும். அவ்விடத்தில் வட்டு இடம் உள்ளதா என " "சோதிக்க வேண்டும். பாதுகாப்பு கோப்பு ஏற்கெனவே இருந்தால் அது மேலெழுதப்படும். இந்த புலத்தை " "காலியாக் விட்டால் முன்னிருப்பு மதிப்பு பயன்படுத்தப்படும். (/var/backups/sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "/etc/sasldb2 இன் பாதுகாப்பு கோப்பு உருவாக்குதல் தோல்வியுற்றது " #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "கோப்பு /etc/sasldb2 ஐ நீங்கள் கொடுத்த பெயரில் சேமிக்க முடியவில்லை." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "இது ஒரு பெரும் தவறு. மேலும் பொதி நிறுவல் தோல்வியுறும்." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "தயவு செய்து இந்த தவறு நிகழ அனைத்து வாய்ப்புகளையும் ஆராய்ந்து நீக்குங்கள். பின் இந்த பொதியை " "உருவமைக்க முயலுங்கள்." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "/etc/sasldb2 மேம்படுத்தல் தோல்வியுற்றது" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "/etc/sasldb2 கோப்பு புதிய முறைமைக்கு மேம்படுத்த இயலவில்லை." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "இந்த வடிவமைப்பு செயல் இந்த கோப்பை பாதுகாப்பு பிரதியால் மீட்டெடுத்து பழைய இடத்தில் வைக்க " "முயலும்." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "தயவு செய்து இந்த தவறு நிகழ அனைத்து வாய்ப்புகளையும் ஆராய்ந்து நீக்குங்கள். பின் இந்த பொதியை " "உருவமைக்க முயலுங்கள்." debian/po/sk.po0000664000000000000000000001116712224357633010600 0ustar # Slovak translation of cyrus-sasl2. # Copyright (C) 2005 THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the cyrus-sasl2 package. # Ivan Masár , 2008. # msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2008-07-03 18:38+0100\n" "Last-Translator: Ivan Masár \n" "Language-Team: Slovak \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Odstrániť /etc/sasldb2?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database file." msgstr "Cyrus SASL môže uložiť používateľské mená a heslá v databáze /etc/sasldb2." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "If important data is stored in that file, you should back it up now or choose not to remove the file." msgstr "Ak sú v tomto súbore uložené dôležité údaje, mali by ste si ho teraz zálohovať alebo vybrať voľbu neodstraňovať súbor." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Názov záložného súboru pre /etc/sasldb2:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database file." msgstr "Cyrus SASL uložil používateľské mená a heslá v databáze /etc/sasldb2." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "That file has to be upgraded to a newer database format. First, a backup of the current file will be created. You can use that if you need to manually downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "Tento súbor musí byť aktualizovaný na nový formát databázy. Najskôr sa vytvorí záloha aktuálneho súboru. Môžete ju použiť pri manuálnom downgrade Cyrus SASL, no automatický downgrade nie je podporovaný." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Please specify the backup file name. You should check the available disk space in that location. If the backup file already exists, it will be overwritten. Leaving this field empty will select the default value (/var/backups/sasldb2.bak)." msgstr "Prosím, uveďte názov záložného súboru. Mali by ste skontrolovať dostupné miesto na disku na danom mieste. Ak záloha už existuje, bude prepísaná. Ak necháte toto pole prázdne, použije sa štandardná hodnota (/var/backups/sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Nepodarilo sa vytvoriť zálohu /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "The /etc/sasldb2 file could not be backed up with the file name you specified." msgstr "Súbor /etc/sasldb2 nebolo možné zálohovať s názvom súboru, ktorý ste zvolili." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 #: ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "Toto je kritická chyba a spôsobí zlyhanie inštalácie balíka." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Please eliminate all possible reasons that might lead to this failure, and try to configure this package again." msgstr "Prosím, eliminujte všetky možné dôvody zlyhania a pokúste sa znova nakonfigurovať balík." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Aktualizácia /etc/sasldb2 zlyhala" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "Súbor /etc/sasldb2 nebolo možné aktualizovať na nový formát súboru databázy." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The configuration process will attempt to restore the backup of this file to its original location." msgstr "Konfiguračný proces sa pokúsi obnoviť zálohu tohto súboru na pôvodné miesto." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Please eliminate all possible reasons that might lead to this failure, then try to configure this package again." msgstr "Prosím, eliminujte všetky možné dôvody zlyhania a pokúste sa znova nakonfigurovať balík." debian/po/eu.po0000664000000000000000000001151012224357633010564 0ustar # translation of templates.po to Euskara # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # # Piarres Beobide , 2008. msgid "" msgstr "" "Project-Id-Version: templates\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2008-05-16 22:23+0200\n" "Last-Translator: Piarres Beobide \n" "Language-Team: Euskara \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.11.4\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "/etc/sasldb2 kendu?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "Cyrus SASL-ek erabiltzaile-izen eta pasahitzak /etc/sasldb2 datu-base fitxategian gorde ditzake." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Fitxategi honetan datu garrantzizkoak gordetzen badira, fitxategi horren " "babeskopia egin eta ez ezabatzea hautatu beharko zenuke." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "/etc/sasldb2-ren babeskopia fitxategiaren izena:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "Cyrus SASL-ek erabiltzaile-izen eta pasahitzak /etc/sasldb2 datu-base fitxategian gorde ditu." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "Fitxategi hau datu-base formatu berriago batetara eguneratu behar da. Lehenengo uneko fitxategiaren babeskopia bat sortuko da. Zuk hori beharko duzu Cyrus SASL eskuz bertsio-atzeratu nahi baduzu. Baina bertsio-atzeratze automatikoak ez dira onartzen." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Mesedez zehaztu babeskopia fitxategi izena. Kokaleku horretan dagoen disko " "leku erabilgarria egiaztatu beharko zenuke. Babeskopia fitxategia dagoeneko badago gainidatzia izango da. Eremu hau zurian uzten baduzu lehenetsiriko izena erabiliko da (/var/backup/sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Huts /etc/sasldb2-ren babeskopia egitean" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "Ezin da /etc/sasldb2 fitxategiaren babeskopia zuk zehaztutako izenarekin egin." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "Hau errore konponezin bat da eta pakete instalazioak huts egitea eragingo du." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Mesedez konpondu errore honetara eraman duen arrazoia eta saiatu " "paketea berriz konfiguratzen." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Huts /etc/sasldb2 bertsio-berritzeko" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "/etc/sasldb2 fitxategia ezin izan da datu-base formatu berrira bertsio-berritu." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "Konfigurazio prozesuak fitxategi honen babeskopia bere jatorrizko lekura berreskuratzen saiatuko da." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Mesedez konpondu errore honetara eraman duen arrazoia, orduan saiatu " "paketea berriz konfiguratzen." debian/po/it.po0000664000000000000000000001171112224357633010572 0ustar # Italian (it) translation of debconf templates for cyrus-sasl2 # Copyright (C) 2007 Free Software Foundation, Inc. # This file is distributed under the same license as the cyrus-sasl2 package. # Luca Monducci , 2007. # msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2 italian debconf\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-10-10 10:33+0200\n" "Last-Translator: Luca Monducci \n" "Language-Team: Italian \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Rimuovere /etc/sasldb2?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL può memorizzare nomi utente e password nel file database /etc/" "sasldb2." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Se in quel file sono memorizzati dati importanti, si dovrebbe fare un backup " "adesso oppure scegliere di non rimuovere il file." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Nome del file di backup per /etc/sasldb2:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL ha memorizzato nomi utente e password nel file database /etc/" "sasldb2." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "Questo file deve essere aggiornato a un nuovo formato; come prima cosa viene " "effettuato una copia di backup del file attuale. Questa copia può essere " "usata nel caso sia necessario il ripristino manuale della versione " "precedente di Cyrus SASL. Questa operazione non è supportata automaticamente." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Specificare il nome del file di backup. Si deve controllare che sul disco ci " "sia spazio sufficiente per il backup. Se il backup già esiste, viene " "sovrascritto. Se non si inserisce un nome, viene usato il valore predefinito " "(/var/backups/sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Impossibile effettuare il backup di /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "Non è possibile effettuare il backup del file /etc/sasldb2 con il nome " "specificato." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "" "Questo è un errore fatale e causa il fallimento dell'installazione del " "pacchetto." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Eliminare tutte le possibili cause che abbiano causato questo fallimento e " "riprovare nuovamente a configurare questo pacchetto." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Impossibile aggiornare /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "Il file /etc/sasldb2 non può essere aggiornato al nuovo formato." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "Il processo di configurazione prova a ripristinare il backup di questo file " "nella posizione originaria." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Eliminare tutte le possibili cause che abbiano causato questo fallimento e " "riprovare nuovamente a configurare questo pacchetto." debian/po/sv.po0000664000000000000000000001130012224357633010600 0ustar # Swedish translation of cyrus-sasl2 debconf messages. # Copyright (C) 2008 Fabian Fagerholm # This file is distributed under the same license as the cyrus-sasl2 package. # Christer Andersson , 2008. # msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2 2.1.22\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2008-01-13 08:50+0100\n" "Last-Translator: Christer Andersson \n" "Language-Team: Swedish \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=iso-8859-1\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Ta bort /etc/sasldb2?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "Cyrus SASL kan lagra anvndarnamn och lsenord i databasfilen /etc/sasldb2." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "Om viktig data lagras i denna fil br du skerhetskopiera den nu eller vlja att inte ta bort filen." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Filnamn fr skerhetskopia av /etc/sasldb2:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "Cyrus SASL har lagrat anvndarnamn och lsenord i databasfilen /etc/sasldb2." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "Denna fil mste uppgraderas till ett nyare databasformat. Frst kommer en skerhetskopia av den nuvarande filen att skapas. Du kan anvnda den om du behver nedgradera Cyrus SASL manuellt. Automatiska nedgraderingar stds dock inte." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "Ange filnamnet fr skerhetskopian. Du br kontrollera tillgngligt diskutrymme dr. Om skerhetskopian redan existerar kommer den att skrivas ver. Standardvrdet (/var/backups/sasldb2.bak) anvnds om fltet lmnas tomt." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Misslyckades med att skerhetskopiera /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "Filen /etc/sasldb2 kunde inte skerhetskopieras med det namn du angav." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "Detta r ett kritiskt fel som leder till att paketinstallationen misslyckas." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "Eliminera alla mjliga orsaker som kan leda till detta misslyckande och frsk konfigurera detta paket igen." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Misslyckades med att uppgradera /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "Filen /etc/sasldb2 kunde inte uppgraderas till det nya databasformatet." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "Konfigurationsprocessen kommer att frska terstlla skerhetskopian till dess ursprungliga plats." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "Eliminera alla mjliga orsaker som kan leda till detta misslyckande och frsk sedan konfigurera detta paket igen." debian/po/gl.po0000664000000000000000000001146612224357633010567 0ustar # Galician translation of cyrus-sasl2's debconf templates # This file is distributed under the same license as the cyrus-sasl2 package. # Jacobo Tarrio , 2007. # msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-10-03 23:12+0100\n" "Last-Translator: Jacobo Tarrio \n" "Language-Team: Galician \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "¿Eliminar /etc/sasldb2?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL pode armacenar os nomes de usuario e contrasinais no ficheiro de " "base de datos /etc/sasldb2 ." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Se ten datos importantes armacenados nese ficheiro, debería facer unha copia " "deles agora ou non borrar o ficheiro." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Nome para o ficheiro coa copia de /etc/sasldb2:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL ten nomes de usuario e contrasinais armacenados no ficheiro de " "base de datos /etc/sasldb2 ." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "É preciso actualizar ese ficheiro a unha versión máis recente do formato da " "base de datos. Primeiro, hase crear unha copia do ficheiro actual. Pode " "empregar esa copia se precisa de voltar á versión anterior de Cyrus SASL " "(teña en conta que iso non se pode facer automaticamente)." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Indique o nome do ficheiro da copia. Debería comprobar o espazo dispoñible " "no disco desa ubicación. Se o ficheiro xa existe, hase sobrescribir. Se " "deixa o campo baleiro, hase escoller o valor por defecto (/var/backups/" "sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Non se puido copiar /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "Non se puido copiar o ficheiro /etc/sasldb2 ao ficheiro co nome que indicou." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "Este é un erro grave e ha facer que falle a instalación do paquete." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Arranxe tódolos posibles motivos polos que isto puido ter fallado, e volva " "configurar o paquete." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Non se puido actualizar /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "" "Non se puido actualizar o ficheiro /etc/sasldb2 ao novo formato da base de " "datos." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "O procedemento de ocnfiguración ha tentar recuperar o contido orixinal do " "ficheiro empregando a copia de seguridade." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Arranxe tódolos posibles motivos polos que isto puido ter fallado, e volva " "configurar o paquete." debian/po/nl.po0000664000000000000000000001157412224357633010576 0ustar # Dutch cyrus-sasl2 po-debconf translation, # Copyright (C) 2008 THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the cyrus-sasl2 package. # Vincent Zweije , 2008. # msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2 2.1.22.dfsg1-17\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2008-02-13 21:41+0000\n" "Last-Translator: Vincent Zweije \n" "Language-Team: Debian-Dutch \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=ISO-8859-15\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "" "/etc/sasldb2 verwijderen?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL kan gebruikersnamen en wachtwoorden in /etc/sasldb2 opslaan." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Indien dat bestand belangrijke gegevens bevat, dient u er nu een reservekopie " "van te maken, of ervoor te kiezen het niet te verwijderen." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "" "Bestandsnaam voor de reservekopie van /etc/sasldb2:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL heeft gebruikersnamen en wachtwoorden in /etc/sasldb2 opgeslagen." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "Dat bestand moet worden opgewaardeerd naar een nieuwer formaat. Eerst wordt " "een reservekopie van het huidige bestand gemaakt. U kunt dit gebruiken als " "u handmatig Cyrus SASL moet degraderen. Automatische degraderingen worden " "echter niet ondersteund." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Gelieve de bestandsnaam van de reservekopie op te geven. Het is aan " "te raden de beschikbare schijfruimte op die locatie te bekijken. Als het " "bestand al bestaat zal het worden overschreven. Als u dit veld " "leeg laat wordt de standaardwaarde /var/backups/sasldb2.bak gebruikt." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "" "Maken van reservekopie van /etc/sasldb2 mislukt" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "Er kon geen reservekopie van /etc/sasldb2 worden gemaakt met de door u " "opgegeven naam." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "" "Dit is een fatale fout, die de installatie van het pakket zal doen mislukken." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Gelieve de mogelijke oorzaken van dit falen te verhelpen; probeer daarna " "dit pakket opnieuw in te stellen." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "" "Opwaarderen van /etc/sasldb2 mislukt" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "" "/etc/sasldb2 kon niet worden opgewaardeerd naar het nieuwe bestandsformaat." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "Het installatieproces zal nu proberen de reservekopie van dit bestand terug " "te zetten." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Gelieve de mogelijke oorzaken van dit falen te verhelpen; probeer daarna " "dit pakket opnieuw in te stellen." debian/po/cs.po0000664000000000000000000001146512224357633010571 0ustar # Czech translation of cyrus-sasl2 debconf messages. # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the cyrus-sasl2 package. # Miroslav Kure , 2007. # msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-10-15 18:15+0200\n" "Last-Translator: Miroslav Kure \n" "Language-Team: Czech \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Odstranit /etc/sasldb2?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL může do databáze v souboru /etc/sasldb2 ukládat uživatelská jména " "a hesla." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Pokud se v tomto souboru nachází důležitá data, měli byste je buď " "zazálohovat, nebo soubor neodstraňovat." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Jméno záložního souboru pro /etc/sasldb2:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL si ukládá uživatelská jména a hesla do databázového souboru /etc/" "sasldb2." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "Formát této databáze se musí aktualizovat na novější verzi. Nejprve se " "vytvoří záloha stávajícího souboru, kterou můžete využít třeba při návratu k " "původní verzi Cyrus SASL. (Přechod na nižší verze však neprobíhá " "automaticky.)" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Zadejte prosím jméno záložního souboru. Měli byste se přesvědčit, že je na " "zvoleném umístění dostatek volného místa. Pokud již zadaný soubor existuje, " "bude přepsán. Ponecháte-li pole prázdné, použije se výchozí hodnota /var/" "backups/sasldb2.bak." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Nepodařilo se zazálohovat /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "Soubor /etc/sasldb2 nemohl být pod zadaným jménem zazálohován." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "Jedná se o kritickou chybu, která způsobí, že instalace balíku selže." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Pokuste se omezit všechny možné příčiny této chyby a zkuste balík znovu " "nakonfigurovat." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Nepodařilo se aktualizovat /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "Soubor /etc/sasldb2 nemohl být aktualizován na nový formát databáze." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "Konfigurační proces se pokusí obnovit zálohu tohoto souboru do původního " "umístění." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Pokuste se omezit všechny možné příčiny této chyby a pak zkuste balík znovu " "nakonfigurovat." debian/po/fi.po0000664000000000000000000001137012224357633010555 0ustar msgid "" msgstr "" "Project-Id-Version: \n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-10-08 18:23+0200\n" "Last-Translator: Esko Arajärvi \n" "Language-Team: Finnish \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Poedit-Language: Finnish\n" "X-Poedit-Country: FINLAND\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Poistetaanko /etc/sasldb2?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL voi tallentaa käyttäjätunnukset ja salasanat " "tietokantatiedostoon /etc/sasldb2." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Jos kyseiseen tiedostoon on tallennettu tärkeää tietoa, älä poista tiedostoa " "tai kopioi se talteen." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Tiedoston /etc/sasldb2 varmuuskopiotiedosto:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL on tallentanut käyttäjätunnuksia ja salasanoja " "tietokantatiedostoon /etc/sasldb2." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "Kyseinen tiedosto pitää päivittää uudempaan tietokantamuotoon. Ensin " "tiedoston nykyisestä versiosta tehdään varmuuskopio. Sitä voidaan käyttää, " "jos on tarpeen manuaalisesti varhentaa käytettävää Cyrus SASLin versiota. " "Automaattisia varhennuksia ei kuitenkaan tueta." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Anna varmuuskopiotiedoston nimi. Varmista, että levyllä on tarpeeksi tilaa " "kyseisessä paikassa. Jos varmuuskopiotiedosto on jo olemassa, uusi " "kirjoitetaan sen päälle. Jos jätät kentän tyhjäksi, käytetään oletusarvoa (/" "var/backups/sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Varmuuskopion teko tiedostosta /etc/sasldb2 epäonnistui." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "Tiedostoa /etc/sasldb2 voi voitu kopioida tiedostonimelle, jonka annoit." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "" "Tämä on vakava virhe ja aiheuttaa sen, että paketin asennus epäonnistuu." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Poista kaikki mahdolliset syyt, jotka ovat voineet johtaa tähän " "epäonnistumiseen ja yritä tehdä uudelleen tämän paketin asetukset." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Tiedoston /etc/sasldb2 päivitys epäonnistui" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "Tiedostoa /etc/sasldb2 ei voitu päivittää uuteen tietokantamuotoon." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "Asennusprosessi yrittää palauttaa tiedoston varmuuskopion alkuperäiseen " "sijaintiinsa." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Poista kaikki mahdolliset syyt, jotka ovat voineet johtaa tähän " "epäonnistumiseen ja yritä tehdä uudelleen tämän paketin asetukset." debian/po/POTFILES.in0000664000000000000000000000005612224357633011373 0ustar [type: gettext/rfc822deb] sasl2-bin.templates debian/po/templates.pot0000664000000000000000000000641312224357633012343 0ustar # SOME DESCRIPTIVE TITLE. # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # FIRST AUTHOR , YEAR. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=CHARSET\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" debian/po/da.po0000664000000000000000000001144312224357633010544 0ustar # Danish translation cyrus-sasl2. # Copyright (C) 2010 cyrus-sasl2 & nedenstående oversættere. # This file is distributed under the same license as the cyrus-sasl2 package. # Joe Hansen , 2010. # msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2010-06-11 17:30+01:00\n" "Last-Translator: Joe Hansen \n" "Language-Team: Danish \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Fjern /etc/sas1db2?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL kan gemme brugernavne og adgangskoder i databasefilen " "/etc/sasldb2." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Hvis vigtigt data gemmes i den fil, skal du lave en sikkerhedskopi af den " "nu eller vælge ikke at fjerne filen." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Navn på sikkerhedskopi til /etc/sasldb2:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL har gemt brugernavne og adgangskoder i databasefilen /etc/sasldb2." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "Den fil er blevet opgraderet til et nyere databaseformat. Først vil en " "sikkerhedskopi af den aktuelle fil blive oprettet. Du kan bruge den, hvis " "du manuelt skal nedgradere Cyrus SASL. Bemærk dog, at automatiske nedgraderinger " "ikke er understøttet." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Angiv venligst navnet på sikkerhedskopien. Du skal tjekke tilgængelig diskplads " "på den placering. Hvis sikkerhedskopien allerede findes, vil den blive " "overskrevet. Et tomt felt her vil medføre valg af standardværdien (/var/" "backups/sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Kunne ikke lave sikkerhedskopi af /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "Filen /etc/sasldb2 kunne ikke sikkerhedskopieres med det angivne " "navn." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "Dette er en fatal fejl; og vil medføre at pakkeinstallationen mislykkes." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Eliminer venligst alle mulige årsager som kan føre til denne fejl, og forsøg igen " "at konfigurere denne pakke." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Kunne ikke opgradere /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "Filen /etc/sasldb2 kunne ikke opgraderes til det nye databaseformat." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "Konfigurationsprocessen vil forsøge at gendanne sikkerhedskopien for denne fil " "til dens oprindelige placering." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Eliminer venligst alle mulige årsager som kan føre til denne fejl, forsøg så " "at konfigurere denne pakke igen." debian/po/fr.po0000664000000000000000000001323112224357633010564 0ustar # Translation file for cyrus-sasl2. # Copyright (C) 2007 Odile Bénassy # This file is licensed under the same license as the cyrus-sasl2 # package. # Vincent Bernat , 2007. # msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2 2.1.22.dfsg1-13\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-10-08 14:35+0200\n" "Last-Translator: Odile Bénassy \n" "Language-Team: French , 2007. # Américo Monteiro , 2007. msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2 2.1.22.dfsg1-16\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-10-02 21:11+0100\n" "Last-Translator: Américo Monteiro \n" "Language-Team: Portuguese \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.11.4\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Remover o /etc/sasldb2?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL pode guardar nomes de utilizadores e passwords no ficheiro base " "de dados /etc/sasldb2." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Se estiverem guardados dados importantes nesse ficheiro, você deverá criar " "uma cópia de segurança agora ou escolher não remover o ficheiro." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Nome do ficheiro cópia de segurança para o /etc/ssaldb2:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL guardou nomes de utilizadores e passwords no ficheiro base de " "dados /etc/sasldb2." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "O ficheiro tem que ser actualizado para um novo formato de base de dados. " "Primeiro será feita uma cópia de segurança do ficheiro actual. Você pode usá-" "la se precisar de regredir manualmente de versão do Cyrus SASL. No entanto, " "regressões automáticas não são suportadas." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Por favor indique o nome de ficheiro para a cópia de segurança. Deve " "verificar o espaço de disco disponível nessa localização. Se o ficheiro de " "cópia de segurança já existir, será sobre-escrito. Deixar este campo vazio " "irá seleccionar o valor pré-definido (/var/backups/sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Falha ao criar cópia de segurança do /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "O ficheiro /etc/sasldb2 não pôde ser salvaguardado com o nome de ficheiro " "que especificou." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "Este é um erro fatal e irá causar a falha da instalação deste pacote." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Por favor, elimine todas as razões possíveis que possam levar a esta falha, " "e depois tente configurar este pacote outra vez." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Falha ao actualizar o /etc/sasldb2." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "" "O ficheiro /etc/sasldb2 não pôde ser actualizado para o novo formato de base " "de dados." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "O processo de configuração irá tentar restaurar a cópia de segurança deste " "ficheiro para a sua localização original." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Por favor, elimine todas as razões possíveis que possam levar a esta falha, " "e depois tente configurar este pacote outra vez." debian/po/ja.po0000664000000000000000000001261012224357633010547 0ustar # Copyright (C) 2008 Debian Cyrus SASL Team # This file is distributed under the same license as the cyrus-sasl2 package. # Hideki Yamane , 2008. msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2 2.1.22.dfsg1-21\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2008-07-22 00:03+0900\n" "Last-Translator: Hideki Yamane (Debian-JP) \n" "Language-Team: Japanese \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "/etc/sasldb2 を削除しますか?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL では、ユーザ名とパスワードを /etc/sasldb2 データベースファイルに保存" "できます。" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "重要なデータがこのファイルに保存されている場合、すぐにバックアップするか、ファイルを" "削除しないようにしてください。" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "/etc/sasldb2 のバックアップファイル名:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL は、ユーザ名とパスワードを /etc/sasldb2 データベースファイルに保存して" "います。" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "ファイルを新しいデータベース形式に更新する必要があります。まず、現在のファイルの" "バックアップを作成します。これは Cyrus SASL を手動でダウングレードする必要があった" "場合に使えます。しかし、自動ダウングレードはサポートされていません。" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "バックアップファイル名を指定してください。保存する場所に十分なディスク容量があるか" "を確認してください。バックアップファイルが既にある場合は上書きされます。" "ここでの値を空のままにしておくと、デフォルト値 (/var/backups/sasldb2.bak) が" "使われます。" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "/etc/sasldb2 のバックアップに失敗しました" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "/etc/sasldb2 ファイルのバックアップを行おうとしましたが、あなたが指定した" "ファイル名での保存ができませんでした。" #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "" "これは致命的なエラーであり、パッケージインストールの失敗を引き起こすと思われます。" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "この問題を引き起こした理由を可能な限り排除して、再度パッケージを設定してください。" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "/etc/sasldb2 の更新に失敗しました" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "/etc/sasldb2 ファイルを新しいデータベース形式に更新できませんでした。" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "今回の設定作業では、このファイルのバックアップを元の位置にリストアしようと試みます。" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "この問題を引き起こした理由を可能な限り排除して、再度パッケージを設定してください。" debian/po/ru.po0000664000000000000000000001350712224357633010611 0ustar # translation of ru.po to Russian # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # # Yuri Kozlov , 2007. msgid "" msgstr "" "Project-Id-Version: 2.1.22.dfsg1-15\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-10-08 21:31+0400\n" "Last-Translator: Yuri Kozlov \n" "Language-Team: Russian \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.11.4\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%" "10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Удалить /etc/sasldb2?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL может хранить имена пользователей и пароли в файле базы данных /" "etc/sasldb2." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Если данные в этом файле важны для вас, сделайте его резервную копию сейчас " "или выберите не удалять этот файл." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Имя файла резервной копии для /etc/sasldb2:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL хранит имена пользователей и пароли в файле базы данных /etc/" "sasldb2." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "Требуется обновить формат этого файла. Для этого, во-первых, будет создана " "резервная копия имеющего файла. Вы можете использовать её, если понадобится " "вручную вернуться на старую версию Cyrus SASL. Автоматическое возвращение не " "поддерживается." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Введите имя файла резервной копии. Проверьте, что есть достаточно места на " "диске. Если файл резервной копии уже существует, то он будет перезаписан. " "Если поле пустое, то используется значение по умолчанию (/var/backups/" "sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Ошибка при создании резервной копии /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "Для файла /etc/sasldb2 не может быть сделана резервная копия с указанным " "вами именем." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "Это серьёзная ошибка и поэтому установка пакета будет прервана." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Устраните возможные причины данной ошибки и попробуйте настроить пакет ещё " "раз." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Ошибка при обновлении /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "" "Файл /etc/sasldb2 не может быть обновлён до нового формата базы данных." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "Будет предпринята попытка восстановить файл из резервной копии в прежний " "каталог." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Устраните возможные причины данной ошибки и попробуйте настроить пакет ещё " "раз." debian/po/es.po0000664000000000000000000001234312224357633010567 0ustar # Translations file for cyrus-sasl2. # Copyright 2007 Fabian Fagerholm # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # Note that Cyrus SASL itself is published under a different license. # # Fabian Fagerholm , 2007. # msgid "" msgstr "" "Project-Id-Version: cyrus-sasl 2.1.22\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-09-07 22:04-0500\n" "Last-Translator: Roberto C. Sánchez \n" "Language-Team: Spanish\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Remover /etc/sasldb2?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL puede guardar nombres de usuarios y contraseñas en el fichero " "base de datos /etc/sasldb2." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Si datos importantes estan guardados en ese fichero, debes hacer una copia " "de seguridad ahora o escoga no remover el fichero." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Nombre de fichero para la copia de seguridad de /etc/sasldb2." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL ha guardo nombres de usuarios y contraseñas en el fichero base de " "datos /etc/sasldb2." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "Ese fichero tiene que ser actualizado a un formato nuevo de base de datos. " "Antes de hacer eso, se haria una copia de seguridad del fichero actual. " "Usted puede usar eso si tiene que manualmente degradar a Cyrus SASL. Nótese " "que degradar automaticamente no es soportado." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Por favor indique el nombre de la copia de seguridad. Usted debe comprobar " "que existe suficiente espacio libre en ese lugar. Si la copia de seguridad " "ya existe en ese lugar, será sobreescrito. Un nombre vacío selecciona el " "nombre de omisión (/var/backups/sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Falló crear la copia de seguridad de /etc/sasldb2." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "No se pudo hacer una copia de seguridad del fichero /etc/sasldb2 con el " "nombre de fichero indicado." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "" "Esto es un error fatál and causará la instalación del paquete a fallar." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Por favor elimine todas las razones posibles que podrán llegar a este fallo, " "e intente a configurar el paquete otra vez." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Falló actualizar /etc/sasldb2." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "" "El fichero /etc/sasldb2 no pudo ser actualizado al formato nuevo de base de " "datos." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "El proceso de configuración intentará restablecer la copia de seguridad de " "este fichero a su lugar original." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Por favor elimine todas las razones posibles que podrán llegar a este fallo, " "entonces intente a configurar el paquete otra vez." debian/po/pt_BR.po0000664000000000000000000001247412224357633011173 0ustar # cyrus-sasl2 Brazilian Portuguese po-debconf translation # # Translations file for cyrus-sasl2. # Copyright 2007 Fabian Fagerholm # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # Note that Cyrus SASL itself is published under a different license. # # Fabian Fagerholm , 2007. # # Jefferson Alexandre dos Santos , 2007. msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-10-06 15:29-0300\n" "Last-Translator: Jefferson Alexandre dos Santos \n" "Language-Team: l10n portuguese \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "pt_BR utf-8\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "Remover /etc/sasldb2?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL pode armazenar nomes de usuários e senhas no arquivo banco de " "dados /etc/sasldb2." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Se dados importantes são armazenados nesse arquivo, você deveria fazer um " "backup agora ou escolher não remover o arquivo." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Nome do arquivo backup para /etc/sasldb2:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL possui nomes de usuários e senhas armazenados no arquivo de banco " "de dados /etc/sasldb2." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "Esse arquivo será atualizado para um novo formato de banco de dados. " "Primeiro, um backup do arquivo atual será criado. Você pode usá-lo caso " "necessite reverter (\"downgrade\") manualmente o Cyrus SASL. Porém, " "reversões (\"downgrades\") automáticos não são suportados." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Por favor, especifique o nome do arquivo backup. Você deveria verificar o " "espaço em disco nesse local. Se o arquivo de backup já existir, ele será " "sobrescrito. Deixar este campo em branco selecionará o nome padrão (/var/" "backups/sasldb2.bak)." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Falha ao criar o backup de /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "O arquivo /etc/sasldb2 não pode ser salvo com o nome que você especificou." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "Este é um erro fatal e causará a falha na instalação do pacote." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Por favor, elimine todas as possíveis razões que possam ter levado a esta " "falha, e então tente configurar este pacote novamente." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Falha ao atualizar /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "" "O arquivo /etc/sasldb2 não pode ser atualizado para o novo formato de banco " "de dados." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "O processo de configuração tentará restaurar o backup deste arquivo para a " "sua localização original." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Por favor, elimine todas as possíveis razões que possam ter levado a esta " "falha, e então tente configurar este pacote novamente." debian/po/de.po0000664000000000000000000001616012224357633010551 0ustar # Translations file for cyrus-sasl2. # Copyright (C) 2007 Fabian Fagerholm # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # Note that Cyrus SASL itself is published under a different license. # # Fabian Fagerholm , 2007. # Helge Kreutzmann , 2007. # msgid "" msgstr "" "Project-Id-Version: cyrus-sasl2 2.1.22.dfsg1-16\n" "Report-Msgid-Bugs-To: pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org\n" "POT-Creation-Date: 2007-10-02 07:23+0200\n" "PO-Revision-Date: 2007-10-06 22:40+0200\n" "Last-Translator: Helge Kreutzmann \n" "Language-Team: German \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=ISO-8859-15\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "Remove /etc/sasldb2?" msgstr "/etc/sasldb2 entfernen?" #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "Cyrus SASL can store usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL kann Benutzernamen und Passwrter in der Datenbankdatei /etc/" "sasldb2 speichern." #. Type: boolean #. Description #: ../sasl2-bin.templates:2001 msgid "" "If important data is stored in that file, you should back it up now or " "choose not to remove the file." msgstr "" "Falls wichtige Daten in dieser Datei gespeichert werden, sollten Sie jetzt " "eine Sicherungskopie anlegen oder auswhlen, dass die Datei nicht entfernt " "wird." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "Backup file name for /etc/sasldb2:" msgstr "Name der Sicherungskopie fr /etc/sasldb2:" #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Cyrus SASL has stored usernames and passwords in the /etc/sasldb2 database " "file." msgstr "" "Cyrus SASL hatte Benutzernamen und Passwrter in der Datenbankdatei /etc/" "sasldb2 gespeichert." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "That file has to be upgraded to a newer database format. First, a backup of " "the current file will be created. You can use that if you need to manually " "downgrade Cyrus SASL. However, automatic downgrades are not supported." msgstr "" "Es muss ein Upgrade dieser Datei auf ein neueres Datenbankformat vorgenommen " "werden. Vorher wird eine Sicherungskopie der Datei erstellt. Sie knnen " "diese verwenden, falls Sie Cyrus SASL aus irgendeinem Grund auf eine ltere " "Version deaktualisieren mchten. Beachten Sie, dass automatische " "Deaktualisierungen nicht untersttzt werden." #. Type: string #. Description #: ../sasl2-bin.templates:3001 msgid "" "Please specify the backup file name. You should check the available disk " "space in that location. If the backup file already exists, it will be " "overwritten. Leaving this field empty will select the default value (/var/" "backups/sasldb2.bak)." msgstr "" "Bitte geben Sie den Namen der Sicherungskopie an. Sie sollten berprfen, " "dass an diesem Platz genug verfgbarer Plattenplatz vorhanden ist. Falls die " "Sicherungsdatei bereits existiert, wird sie berschrieben. Falls Sie das " "Feld leer lassen, wird der Vorgabewert (/var/backups/sasldb2.bak) verwendet." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "Failed to back up /etc/sasldb2" msgstr "Fehler beim Sichern von /etc/sasldb2" #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "The /etc/sasldb2 file could not be backed up with the file name you " "specified." msgstr "" "Die Datei /etc/sasldb2 konnte nicht mit dem von Ihnen angegebenen Dateinamen " "gesichert werden." #. Type: error #. Description #. Type: error #. Description #: ../sasl2-bin.templates:4001 ../sasl2-bin.templates:5001 msgid "This is a fatal error and will cause the package installation to fail." msgstr "Dieser Fehler ist fatal und die Paketinstallation wird fehlschlagen." #. Type: error #. Description #: ../sasl2-bin.templates:4001 msgid "" "Please eliminate all possible reasons that might lead to this failure, and " "try to configure this package again." msgstr "" "Bitte beseitigen Sie alle mglichen Grnde, die zu diesem Fehler gefhrt " "haben knnten und versuchen Sie, das Paket noch einmal zu konfigurieren." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "Failed to upgrade /etc/sasldb2" msgstr "Upgrade von /etc/sasldb2 fehlgeschlagen" #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "The /etc/sasldb2 file could not be upgraded to the new database format." msgstr "" "Es konnte kein Upgrade der Datei /etc/sasldb2 auf das neue Datenbankformat " "vorgenommen werden." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "The configuration process will attempt to restore the backup of this file to " "its original location." msgstr "" "Der Konfigurationsprozess wird versuchen, die Sicherungskopie dieser Datei " "an dem Ursprungsort wiederherzustellen." #. Type: error #. Description #: ../sasl2-bin.templates:5001 msgid "" "Please eliminate all possible reasons that might lead to this failure, then " "try to configure this package again." msgstr "" "Bitte beseitigen Sie alle mglichen Grnde, die zu diesem Fehler gefhrt " "haben knnten, versuchen Sie dann, das Paket noch einmal zu konfigurieren." #~ msgid "" #~ "Cyrus SASL can store usernames and passwords in the database file /etc/" #~ "sasldb2. If you have stored important data in that file, then please make " #~ "a backup now or choose not to remove the file." #~ msgstr "" #~ "Cyrus SASL kann Benutzernamen und Passwrter in der Datenbankdatei /etc/" #~ "sasldb2 speichern. Falls Sie wichtige Daten in dieser Datei gespeichert " #~ "haben, dann erstellen Sie jetzt eine Sicherungskopie oder lassen Sie die " #~ "Datei nicht entfernen." #~ msgid "" #~ "If you have not stored important data in that file, it's safe to remove " #~ "it." #~ msgstr "" #~ "Falls Sie keine wichtigen Daten in dieser Datei gespeichert haben, kann " #~ "sie problemlos entfernt werden." #~ msgid "" #~ "Please eliminate all possible reasons that might lead to this failure, " #~ "such as exhausted disk space, and then try to configure this package " #~ "again." #~ msgstr "" #~ "Bitte beseitigen Sie alle mglichen Grnde, die zu diesem Fehler gefhrt " #~ "haben knnten, wie beispielsweise ungengender Plattenplatz, und " #~ "versuchen Sie dann, das Paket noch einmal zu konfigurieren." #~ msgid "" #~ "For some reason, /etc/sasldb2 could not be upgraded to the new database " #~ "format. This is a fatal error and will cause the package installation to " #~ "fail. An attempt will be made to restore the backup of /etc/sasldb2 to " #~ "its original location." #~ msgstr "" #~ "Aus irgendeinem Grund konnte kein Upgrade von /etc/sasldb2 auf das neue " #~ "Datenbankformat durchgefhrt werden. Dieser Fehler ist fatal und fhrt " #~ "dazu, dass die Paketinstallation fehlschlgt. Es wird versucht, die " #~ "Sicherungskopie von /etc/sasldb2 an seinem ursprnglichen Ort " #~ "wiederherzustellen." debian/sasl2-bin.README.Debian0000664000000000000000000001561112224357633013035 0ustar Notes for Cyrus SASL programs ============================= saslauthd --------- Using a single saslauthd instance with Postfix or another chrooted server: NOTE: this applies only if you run Postfix or another server in a chroot, which is the Debian default. If you run a mixed environment (some instances of Postfix's smtpd in a chroot, some outside chroot, for example) then see the section on multiple instances of saslauthd below. If you run a chrooted server such as Postfix and wish to use saslauthd, you must place the saslauthd socket ("mux") inside the Postfix chroot. You must also set correct overrides for the run directory inside the chroot, using dpkg-statoverride. Finally, you must add the postfix user to the sasl group. These steps ensure that the Debian subsystems know how you want things to be laid out. To know if your Postfix is running chroot, check /etc/postfix/master.cf. If it has the line "smtp inet n - y - - smtpd" or "smtp inet n - - - - smtpd" then your Postfix is running in a chroot. If it has the line "smtp inet n - n - - smtpd" then your Postfix is NOT running in a chroot. To place the saslauthd socket inside the Postfix chroot, edit /etc/default/saslauthd and set OPTIONS like this (you may omit -c): OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd" To set the run directory using dpkg-statoverride, run this command as root: dpkg-statoverride --add root sasl 750 /var/spool/postfix/var/run/saslauthd Finally, to add the postfix user to the sasl group: adduser postfix sasl The init script will automatically create the run directory with the permissions you have set using dpkg-statoverride. Please note that you must also configure Postfix correctly. There are many options related to SASL. See the Postfix documentation for how to do this. Running multiple instances of saslauthd: By default, the Debian package runs a single instance of saslauthd. However, the init script supports running several instances using the method described subsequently. Note that it's your responsibility to keep track of each instance: where its configuration file resides, where you put its communication socket, and how you configure programs to look for the right socket. The Debian infrastructure only provides a way to start, stop, restart and reload these saslauthd instances, and nothing else. By default, the start, stop, restart, force-reload and reload actions will act on all your saslauthd instances. If you want to do something to a single instance, use the following actions: start-instance -- start the instance stop-instance -- stop the instance restart-instance -- restart the instance force-reload-instance -- force-reload the instance reload-instance -- reload the instance Example: /etc/init.d/saslauthd start-instance saslauthd-postfix_chroot To create a new instance of saslauthd, you must do three things: 1. Create a defaults file for the new instance, 2. create a statoverride for the run directory of that instance, and 3. configure programs to use the right socket. 1. To create a defaults file for the new instance, copy the file /etc/default/saslauthd to /etc/default/saslauthd-, where is a string describing your new instance. For example: cp /etc/default/saslauthd /etc/default/saslauthd-postfix_chroot NOTE: MUST NOT include any characters that need escaping to be a valid file name. You can't put spaces or any other strange characters in it. The formal definition is that you can use only the characters a-z, A-Z, numbers 0-9, and the characters - and _. Things will break if you use characters that need escaping. The name is case- sensitive. Then, edit that file and set the following: DESC -- a description of this saslauthd instance, for example "Postfix chroot SASL Authentication Daemon" NAME -- a short name for this saslauthd instance, for example "saslauthd-postfix_chroot" OPTIONS -- must include the -m flag and the run directory of this instance, for example "-c -m /var/spool/postfix/var/run/saslauthd" It's *very* important that you set the -m option differently for each instance! Also note that you MUST set the -m option for EVERY instance. Things will break if you don't do these things. If you don't set the NAME option, it will be set to "default" and you will not be able to start, stop or reload that instance separately (using the *-instance actions described above). 2. You must also create a statoverride entry to tell the init script which permissions you want for the run directory. Example: dpkg-statoverride --add root sasl 750 /var/spool/postfix/var/run/saslauthd The init script will ensure that the directory exists, and create it with the proper permissions if it doesn't. Note that the directory MUST match what you specified for the -m option in step one. 3. Finally, you must configure your programs to communicate with each saslauthd instance on their respective sockets. This is usually accomplished by setting the saslauthd_path option in the sasl configuration of the program. For example, Postfix uses the SASL application name "smtpd", and it sets the SASL configuration file path to /etc/postfix/sasl. This means that SASL will look for settings in /etc/postfix/sasl/smtpd.conf. So, to set the socket path, put this in /etc/postfix/sasl/smtpd.conf: saslauthd_path: /var/run/saslauthd NOTE: If you run a chrooted server, such as Postfix with default Debian settings, the saslauthd_path is relative to the chroot directory. You have to take this into account when configuring the -m option in the saslauthd default file (see above). If all this seems daunting to you, then take one step at a time, and make sure you understand what you've done, and why, before proceeding to the next step. The interactions of the SASL software, the server software using SASL and the Debian system are fairly complex, and it's easy to get confused if you are in a hurry or try to do things too fast. It really does pay off to spend the 5-15 minutes it takes to do this right, instead of rushing off and breaking your system. Running in debug mode --------------------- To run saslauthd in debug mode, use the -d option. However, avoid putting this option into /etc/defaults/saslauthd, because it will break your system! The -d option turns saslauthd into a foreground process instead of a background daemon, which means that the boot (init) sequence will stop when saslauthd is started. You will probably end up with a system that is only partly started, and you'll be unable to log in through ssh to fix it. When you do need to debug SASL, please stop saslauthd through the normal init script and then run it by hand in debug mode with the -d option and all other options that you wish to test. -- Fabian Fagerholm , Tue, 7 Apr 2008 19:34:12 +0300 debian/libsasl2-2.dirs0000664000000000000000000000002612224412004011712 0ustar usr/lib usr/lib/sasl2 debian/testsaslauthd.80000664000000000000000000000121312224357633012155 0ustar .\" Hey, EMACS: -*- nroff -*- .TH TESTSASLAUTHD 8 "14 October 2006" .SH NAME testsaslauthd \- test utility for the SASL authentication server .SH SYNOPSIS .B testsaslauthd .RI "[ " \(hyr " " realm " ] [ " \(hys " " servicename " ] [ " \(hyf " " socket " " path " ] [ " \(hyR " " repeatnum " ]" .SH DESCRIPTION This manual page documents briefly the .B testsaslauthd command. .PP .SH SEE ALSO .BR saslauthd (8). .br .SH AUTHOR testsaslauthd was written by Carnegie Mellon University. .PP This manual page was written by Roberto C. Sanchez , for the Debian project (but may be used by others). debian/TODO0000664000000000000000000000057312224357633007674 0ustar General things to do: * Move to a more current version of libdb. TEST! * Become more strict in handling base64 data: - Stop applying 0015_saslutil_decode64_fix.dpatch. - Watch as packages break. - Help fix broken packages. * Improve documentation. Post-etch: * Remove libsasl2-gssapi-mit transitional package. * Remove libsasl2-modules-gssapi-heimdal transitional package. debian/sasl2-bin.prerm0000664000000000000000000000176712224357633012053 0ustar #!/bin/sh # prerm script for sasl2-bin # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `remove' # * `upgrade' # * `failed-upgrade' # * `remove' `in-favour' # * `deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package SASLDB_FILE=/etc/sasldb2 case "$1" in remove) if [ -e $SASLDB_FILE ] && \ [ `sasldblistusers2 | wc -l` -eq 0 ]; then rm $SASLDB_FILE fi ;; upgrade|deconfigure) ;; failed-upgrade) ;; *) echo "prerm called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/libsasl2-dev.install0000664000000000000000000000011712224357633013055 0ustar usr/include/sasl usr/lib/*/libsasl2.so usr/lib/*/libsasl2.a usr/share/man/man3 debian/cyrus-sasl2-doc.docs0000664000000000000000000000004412224357633013001 0ustar saslauthd/LDAP_SASLAUTHD doc/*.html debian/sasl2-bin.saslauthd.default0000664000000000000000000000441212224357633014327 0ustar # # Settings for saslauthd daemon # Please read /usr/share/doc/sasl2-bin/README.Debian for details. # # Should saslauthd run automatically on startup? (default: no) START=no # Description of this saslauthd instance. Recommended. # (suggestion: SASL Authentication Daemon) DESC="SASL Authentication Daemon" # Short name of this saslauthd instance. Strongly recommended. # (suggestion: saslauthd) NAME="saslauthd" # Which authentication mechanisms should saslauthd use? (default: pam) # # Available options in this Debian package: # getpwent -- use the getpwent() library function # kerberos5 -- use Kerberos 5 # pam -- use PAM # rimap -- use a remote IMAP server # shadow -- use the local shadow password file # sasldb -- use the local sasldb database file # ldap -- use LDAP (configuration is in /etc/saslauthd.conf) # # Only one option may be used at a time. See the saslauthd man page # for more information. # # Example: MECHANISMS="pam" MECHANISMS="pam" # Additional options for this mechanism. (default: none) # See the saslauthd man page for information about mech-specific options. MECH_OPTIONS="" # How many saslauthd processes should we run? (default: 5) # A value of 0 will fork a new process for each connection. THREADS=5 # Other options (default: -c -m /var/run/saslauthd) # Note: You MUST specify the -m option or saslauthd won't run! # # WARNING: DO NOT SPECIFY THE -d OPTION. # The -d option will cause saslauthd to run in the foreground instead of as # a daemon. This will PREVENT YOUR SYSTEM FROM BOOTING PROPERLY. If you wish # to run saslauthd in debug mode, please run it by hand to be safe. # # See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information. # See the saslauthd man page and the output of 'saslauthd -h' for general # information about these options. # # Example for chroot Postfix users: "-c -m /var/spool/postfix/var/run/saslauthd" # Example for non-chroot Postfix users: "-c -m /var/run/saslauthd" # # To know if your Postfix is running chroot, check /etc/postfix/master.cf. # If it has the line "smtp inet n - y - - smtpd" or "smtp inet n - - - - smtpd" # then your Postfix is running in a chroot. # If it has the line "smtp inet n - n - - smtpd" then your Postfix is NOT # running in a chroot. OPTIONS="-c -m /var/run/saslauthd"