Feature request: add patch to enable crypted passwords

Hi Karsten,
thank you for finding this patch.This would indeed be nice to have.

A few questions:
 * the build system changes you mention seem not to be included (maybe attach a debdiff ?)
 * could you reproduce the dpatch with diff -p so it's eaier for others to put in context ?

Thanks you,
  Philipp

notes to self and others reviewing this patch (sasl package guru ?):
 * the strncmp's around line 62 in the patch might as well use pass_format_str instead of p
 * the hardcoded 11 there bothers me
 * strcasecmp ?
 * this part in _sasl_get_salt is partially redundant:
+ /* blowfish crypt */
+ else if (src[1] == '2')
+ num = (src[1] == '2' && src[2] == 'a') ? 17 : 16;
 * _sasl_get_salt returns 1 regardless whether or not dest (&salt) was written to, and the return value is never checked
   this is probably not exploitable, but non-nice
 * I don't grok exactly how auxprop_values[...] is structured, but the patch seems to do sensible things with it :)

other than the above, seems fine to me.

Hi Philipp,

since I'm not familiar with dpatch or debdiff (or any aspects of the debian build system), I made the changes manually. I'm attaching a diff of cyrus-sasl2_2.1.22.dfsg1-18ubuntu2.diff that includes all the changes I made.

This is basically all there is to it:

- lib/Makefile.in: Add "-lcrypt" to line 185:
  LIBS = -lcrypt @LIBS@
  I added this patch to lib/Makefile.in.diff

- lib/Makefile.am: Add "$(LIB_CRYPT)" to line 65
  libsasl2_la_LIBADD = $(LTLIBOBJS) $(SASL_DL_LIB) $(LIB_SOCKET) $(LIB_DOOR) $(LIB_CRYPT)
  This was added to debian/patches/0001_versioned_symbols.dpatch.diff because that file is taking care of lib/Makefile.am anyway

- debian/patches/00list.diff: Add a line to include new file 0021_crypted_passwords.dpatch.diff

- debian/patches/0021_crypted_passwords.dpatch.diff: New file that includes all changes made to lib/checkpw.c

Obviously, it would be nicer if all patches were in a single file, but I couldn't figure that out :-)

Karsten

Hi

I've built a modified package with this crypt patch (for Hardy Heron), if somebody wants to test it, feel free to download the packages from my PPA.

http://ppa.launchpad.net/cemc/ubuntu

I'm no expert in programming, but as far as i can tell, the patch is working fine, it didn't cause me troubles, i've been using it in other cyrus-sasl versions on other distros (mainly CentOS / Fedora). Maybe it still could use some reworking like Phillip said above.
You can see my working smtpd.conf (on Ubuntu 8.04) attached to this comment.

Thanks for the patches I was wondering if they have been accepted and applied upstream yet?

Regards
chuck