Hi. I have some libsasl patches and bugs, need guidance
jan.parcel at oracle.com
Mon Oct 12 15:01:11 EDT 2015
I am updating form 2.1.25 to 2.1.26, and I have found a few things I had
to fix for Solaris, probably most
recent versions of Solaris, not just future ones. Do you have a "how to
contribute" page? I thought I had seen one but now can't find it.
I also see that you were patching things over the summer and wondered
how many of those could be considered security vulerability fixes,
especially the gssapi fixes. How long before 2.1.27 ? What would
trigger such a release?
And I wondered about things I've seen in emails this summer, regarding
the imap probect wrt libsasl, such as
"If you want to force TLS to be used before any SASL mechs are
advertised, set sasl_minimum_layer to 129 or higher." (We do not use
Here are the bugs I wanted to file in BugZilla, I was wondering if you
covered any of these in some of your
recent git integrations, I assume duplications are Not Good (TM):
sasl install dir for plugins should be separately configurable
/ (this is caused by the fact that something in /usr/lib/sasl2/64/ is
found in Solaris by asking for /usr/lib/sasl2 and knowing that the
caller is a 64-bit program)/
libtool.m4 overrides configuration for --no-verify
incorrect function definition for do_request in ipc_doors.c
sasl adjustment for location of gssapi.h incorrectly implemented
CMU cyrus-sasl missing man pages that we require
Moving to autotools 1.15 breaks cmu cyrus-sasl build
I have patches for all of those, of course, and our preference is for
them to either go upstream or be
EOL'd by fixes pulled down from upstream, preferably in a later
cyrus-sasl release such as 2.1.27.
Thanks in advance for any help.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Cyrus-devel