guix/gnu/packages/cyrus-sasl.scm
Léo Le Bouter 70128b8afa
gnu: cyrus-sasl: Fix CVE-2019-19906.
* gnu/packages/patches/cyrus-sasl-CVE-2019-19906.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/cyrus-sasl.scm (cyrus-sasl/fixed): New variable. Apply patch.
(cyrus-sasl)[replacement]: Graft.
2021-03-10 11:51:09 +01:00

100 lines
4.1 KiB
Scheme

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages cyrus-sasl)
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (gnu packages dbm)
#:use-module (gnu packages kerberos)
#:use-module (gnu packages tls)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu))
(define-public cyrus-sasl
(package
(name "cyrus-sasl")
(version "2.1.27")
(source (origin
(method url-fetch)
(uri (list (string-append
"https://cyrusimap.org/releases/cyrus-sasl-"
version ".tar.gz")
(string-append
"ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-"
version ".tar.gz")))
(sha256 (base32
"1m85zcpgfdhm43cavpdkhb1s2zq1b31472hq1w1gs3xh94anp1i6"))
(patches (search-patches "cyrus-sasl-ac-try-run-fix.patch"))))
(replacement cyrus-sasl/fixed)
(build-system gnu-build-system)
(native-inputs
`(("autoconf" ,autoconf)
("automake" ,automake)
("libtool" ,libtool)))
(inputs `(("gdbm" ,gdbm)
("openssl" ,openssl)))
(propagated-inputs
`(;; cyrus-sasl.pc refers to -lkrb5, so propagate it.
("mit-krb5" ,mit-krb5)))
(arguments
'(#:configure-flags (list (string-append "--with-plugindir="
(assoc-ref %outputs "out")
"/lib/sasl2"))
;; The 'plugins' directory has shared source files, such as
;; 'plugin_common.c'. When building the shared libraries there, libtool
;; ends up doing "ln -s plugin_common.lo plugin_common.o", which can
;; fail with EEXIST when building things in parallel.
#:parallel-build? #f
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'autogen
(lambda _
(invoke "autoreconf" "-vif"))))))
(synopsis "Simple Authentication Security Layer implementation")
(description
"SASL (Simple Authentication Security Layer) is an Internet
standards-track method for remote computers to authenticate. The Cyrus SASL
library makes supporting various SASL mechanisms easy for both client and
server writers.")
(license (license:non-copyleft "file://COPYING"
"See COPYING in the distribution."))
(home-page "https://cyrusimap.org/sasl/")))
(define-public cyrus-sasl/fixed
(package
(inherit cyrus-sasl)
(version "2.1.27")
(source (origin
(method url-fetch)
(uri (list (string-append
"https://cyrusimap.org/releases/cyrus-sasl-"
version ".tar.gz")
(string-append
"ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-"
version ".tar.gz")))
(sha256 (base32
"1m85zcpgfdhm43cavpdkhb1s2zq1b31472hq1w1gs3xh94anp1i6"))
(patches (search-patches "cyrus-sasl-ac-try-run-fix.patch"
"cyrus-sasl-CVE-2019-19906.patch"))))))