FreeBSD Bugzilla – Attachment 40263 Details for
Bug 63289
Fix startup scripts to not override settings found in /etc/rc.conf upon startup.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 6.61 KB, created by
Scot W. Hetzel
on 2004-02-23 22:10:22 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
Scot W. Hetzel
Created:
2004-02-23 22:10:22 UTC
Size:
6.61 KB
patch
obsolete
>Index: Makefile >=================================================================== >RCS file: /home/ncvs/ports/security/cyrus-sasl/Makefile,v >retrieving revision 1.53 >diff -u -r1.53 Makefile >--- Makefile 22 Feb 2004 02:16:43 -0000 1.53 >+++ Makefile 23 Feb 2004 21:41:19 -0000 >@@ -10,7 +10,7 @@ > PORTREVISION= 2 > CATEGORIES= security ipv6 > >-MAINTAINER= ports@FreeBSD.org >+MAINTAINER= FreeBSD-Maintainer@westbend.net > COMMENT= RFC 2222 SASL (Simple Authentication and Security Layer) > > DISTFILES= ${DISTNAME}${EXTRACT_SUFX} \ >Index: files/Sendmail.README >=================================================================== >RCS file: /home/ncvs/ports/security/cyrus-sasl/files/Sendmail.README,v >retrieving revision 1.9 >diff -u -r1.9 Sendmail.README >--- files/Sendmail.README 6 May 2003 12:32:13 -0000 1.9 >+++ files/Sendmail.README 23 Feb 2004 21:40:22 -0000 >@@ -72,3 +72,119 @@ > The DONT_BLAME_SENDMAIL option GroupReadableSASL[DB]File is needed when you > are using cyrus-imapd and sendmail on the same server that requires access > to the sasldb database. >+ >+---- >+ >+To test Authentication with the sendmail server: >+ >+ You'll need to install the following PERL ports: >+ converters/p5-MIME-Base64 >+ security/p5-Digest-MD5 >+ security/p5-Digest-HMAC >+ >+ Then use one of the following procedures to test: >+ >+ A. PLAIN Mech: >+ 1. Create your Base64 encoded username/password. >+ >+ #perl -MMIME::Base64 -e 'print encode_base64("username\0username\0password");' >+ dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ= >+ >+ 2. telnet to port 25 of your sendmail server >+ >+ 3. send "EHLO <client.host.name>" >+ a. check for "250-AUTH *" in the response >+ b. check that the PLAIN mech is listed. >+ >+ 4. Send "AUTH PLAIN <Base64 username/password>" >+ >+ AUTH PLAIN dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ= >+ >+ you should now see the following response from the server: >+ >+ 235 Authentication successful >+ >+ 5. Type "QUIT" to close the telnet session to sendmail. >+ >+ B. LOGIN Mech: >+ 1. Create your Base64 encoded username and password. >+ >+ #perl -MMIME::Base64 -e 'print encode_base64("username");' >+ dXNlcm5hbWU= >+ #perl -MMIME::Base64 -e 'print encode_base64("password");' >+ cGFzc3dvcmQ= >+ >+ 2. telnet to port 25 of your sendmail server >+ >+ 3. send "EHLO <client.host.name>" >+ a. check for "250-AUTH *" in the response >+ b. check that the LOGIN mech is listed. >+ >+ 4. Send "AUTH LOGIN", then the base64 encoded username and passwords. >+ >+ C: AUTH LOGIN >+ S: 334 VXNlcm5hbWU6 (base64 encoded "Username:") >+ C: dXNlcm5hbWU= >+ S: 334 UGFzc3dvcmQ6 (base64 encode "Password:") >+ C: cGFzc3dvcmQ= >+ S: 235 2.0.0 OK Authenticated >+ >+ 5. Type "QUIT" to close the telnet session to sendmail. >+ >+ C. DIGEST-MD5 Mech: >+ >+ 1. telnet to port 25 of your sendmail server >+ >+ 2. send "EHLO <client.host.name>" >+ a. check for "250-AUTH *" in the response >+ b. check that the DIGEST-MD5 mech is listed. >+ >+ 3. Send "AUTH DIGEST-MD5" >+ >+ C: AUTH DIGEST-MD5 >+ S: 334 ? >+ >+ 4. Calculate the DIGEST-MD5 response (use another telnet, ssh, or X Window) >+ >+ ? >+ >+ 5. Send the DIGEST-MD5 response to the server. >+ >+ C: ? >+ S: 235 2.0.0 OK Authenticated >+ >+ 6. Type "QUIT" to close the telnet session to sendmail. >+ >+ D. CRAM-MD5 Mech: >+ >+ 1. telnet to port 25 of your sendmail server >+ >+ 2. send "EHLO <client.host.name>" >+ a. check for "250-AUTH *" in the response >+ b. check that the CRAM-MD5 mech is listed. >+ >+ 3. Send "AUTH CRAM-MD5" >+ >+ C: AUTH CRAM-MD5 >+ S: 334 PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+ >+ (base64 encoded timestamp and hostname) >+ >+ 4. Calculate the CRAM-MD5 response (use another telnet, ssh, or X Window) >+ >+ perl '-MDigest::HMAC_MD5 qw(hmac_md5 hmac_md5_hex)' -MMIME::Base64 \ >+ -e 'print encode_base64("username " . hmac_md5_hex(decode_base64("<ticket>"),"password"));' >+ >+ The "<ticket>" is the response received from the server in step 3. >+ >+ (i.e. PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+) >+ >+ Using the above ticket our CRAM-MD5 response is: >+ >+ dXNlcm5hbWUgMDZkMGEzMjVmMDU0NjQ4NjQ2ZTA3MmNkNGZlYjE3YzQ= >+ >+ 5. Send the CRAM-MD5 response to the server. >+ >+ C: dXNlcm5hbWUgMDZkMGEzMjVmMDU0NjQ4NjQ2ZTA3MmNkNGZlYjE3YzQ= >+ S: 235 2.0.0 OK Authenticated >+ >+ 6. Type "QUIT" to close the telnet session to sendmail. >Index: files/pwcheck.sh >=================================================================== >RCS file: /home/ncvs/ports/security/cyrus-sasl/files/pwcheck.sh,v >retrieving revision 1.9 >diff -u -r1.9 pwcheck.sh >--- files/pwcheck.sh 27 Aug 2003 04:38:36 -0000 1.9 >+++ files/pwcheck.sh 23 Feb 2004 21:22:25 -0000 >@@ -8,9 +8,6 @@ > # BEFORE: mail imap > # KEYWORD: FreeBSD shutdown > # >-# NOTE for FreeBSD 5.0+: >-# If you want this script to start with the base rc scripts >-# move cyrus_pwcheck.sh to /etc/rc.d/cyrus_pwcheck > > prefix=%%PREFIX%% > >@@ -19,11 +16,12 @@ > # /etc/rc.conf.local > # /etc/rc.conf.d/cyrus_pwcheck > # >-# DO NOT CHANGE THESE DEFAULT VALUES HERE >-# >-cyrus_pwcheck_enable="%%ENABLE_PWCHECK%%" # Enable pwcheck daemon >-cyrus_pwcheck_program="${prefix}/sbin/%%PWCHECK%%" # pwcheck program to use >- # (pwcheck/pwcheck_pam) >+# DO NOT CHANGE THE DEFAULT VALUES HERE >+ >+cyrus_pwcheck_enable=${cyrus_pwcheck_enable:-"%%ENABLE_PWCHECK%%"} >+ >+# pwcheck program to use (pwcheck/pwcheck_pam) >+cyrus_pwcheck_program=${cyrus_pwcheck_program:-"${prefix}/sbin/%%PWCHECK%%"} > > . %%RC_SUBR%% > >Index: files/saslauthd.sh >=================================================================== >RCS file: /home/ncvs/ports/security/cyrus-sasl/files/saslauthd.sh,v >retrieving revision 1.4 >diff -u -r1.4 saslauthd.sh >--- files/saslauthd.sh 27 Aug 2003 04:38:36 -0000 1.4 >+++ files/saslauthd.sh 23 Feb 2004 21:21:45 -0000 >@@ -8,9 +8,6 @@ > # BEFORE: mail imap > # KEYWORD: FreeBSD shutdown > # >-# NOTE for FreeBSD 5.0+: >-# If you want this script to start with the base rc scripts >-# move saslauthd1.sh to /etc/rc.d/saslauthd1 > > prefix=%%PREFIX%% > >@@ -19,11 +16,10 @@ > # /etc/rc.conf.local > # /etc/rc.conf.d/saslauthd1 > # >-# DO NOT CHANGE THESE DEFAULT VALUES HERE >-# >-saslauthd1_enable="%%ENABLE_SASLAUTHD%%" # Enable saslauthd >-#saslauthd1_program="${prefix}/sbin/saslauthd1" # Location of saslauthd1 >-saslauthd1_flags="-a pam" # Flags to saslauthd program >+# DO NOT CHANGE THE DEFAULT VALUES HERE >+ >+saslauthd1_enable=${saslauthd1_enable:-"%%ENABLE_SASLAUTHD%%"} >+saslauthd1_flags=${saslauthd1_flags:-"-a pam} > > . %%RC_SUBR%%
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=40263">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 63289
: 40263