diff options
| author | Kevin McCarthy <kevin@8t8.us> | 2021-12-15 17:50:00 -0800 |
|---|---|---|
| committer | Kevin McCarthy <kevin@8t8.us> | 2021-12-23 14:59:01 -0800 |
| commit | 68caf9140c8217ecf6c848460c4b4d27996b2922 (patch) | |
| tree | 37e5ee6ded751efaa7e9460baaaca9ba9d109926 /configure.ac | |
| parent | e3faeb0355ad3ac53696d0d4d9eee3e2fd9b595e (diff) | |
Add GNU SASL support for authentication.
It turns out Cyrus SASL's license may not be compatible with GPL
programs, see Debian Bug 999672.
So, add support for the GNU SASL library, using configure option
--with-gsasl.
I haven't touched the Cyrus SASL code in Mutt all that much in the
past, but I've done my best to keep the gsasl code clean and simple.
There are likely mistakes to be fixed and additions to be made,
though.
I queried the gsasl mailing list about the need for a socket
wrapper (as is done for the cyrus code), and it seems this should no
longer be needed. As long as GSASL_QOP is left at the
default (qop-auth), the client should ask for authentication, and not
negotiate integrity or confidentiality. (Thanks to Phil Pennock and
Simon Josefsson for their reponses - although the blame is fully
on *me* if this turns out to be incorrect). Therefore there is no
CONNECTION wrapping in this implementation.
Add multiline response support for SMTP authentication (which is
probably not actually needed). Also add arbitrary line length for the
SASL server responses (the RFCs note that for SASL, the protocol line
lengths don't apply).
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 48 |
1 files changed, 46 insertions, 2 deletions
diff --git a/configure.ac b/configure.ac index 81bfb9f5..8b86e421 100644 --- a/configure.ac +++ b/configure.ac @@ -849,11 +849,55 @@ AC_ARG_WITH(sasl, AS_HELP_STRING([--with-sasl@<:@=PFX@:>@],[Use SASL network sec LIBS="$saved_LIBS" AC_DEFINE(USE_SASL,1, - [ Define if want to use the SASL library for POP/IMAP authentication. ]) + [ Define if want support for SASL. ]) + AC_DEFINE(USE_SASL_CYRUS,1, + [ Define if want to use the Cyrus SASL library for POP/IMAP authentication. ]) need_sasl=yes + need_sasl_cyrus=yes fi ]) -AM_CONDITIONAL(USE_SASL, test x$need_sasl = xyes) +AC_ARG_WITH(gsasl, AS_HELP_STRING([--with-gsasl@<:@=PFX@:>@],[Use GNU SASL network security library]), + [ + if test "$with_gsasl" != "no" + then + if test "$need_socket" != "yes" + then + AC_MSG_ERROR([GNU SASL support is only useful with POP or IMAP support]) + fi + + if test x"$need_sasl" = "xyes" + then + AC_MSG_ERROR([Both --with-gsasl and --with-sasl can not be enabled at the same time]) + fi + + if test "$with_gsasl" != "yes" + then + CPPFLAGS="$CPPFLAGS -I$with_gsasl/include" + LDFLAGS="$LDFLAGS -L$with_gsasl/lib" + fi + + saved_LIBS="$LIBS" + LIBS= + + AC_CHECK_HEADER(gsasl.h, + AC_CHECK_LIB(gsasl, gsasl_check_version,, + AC_MSG_ERROR([GNU SASL library not found])), + AC_MSG_ERROR([GNU SASL headers not found])) + + MUTTLIBS="$MUTTLIBS -lgsasl" + MUTT_LIB_OBJECTS="$MUTT_LIB_OBJECTS mutt_sasl_gnu.o" + LIBS="$saved_LIBS" + + AC_DEFINE(USE_SASL,1, + [ Define if want support for SASL. ]) + AC_DEFINE(USE_SASL_GNU,1, + [ Define if want to use the GNU SASL library for POP/IMAP authentication. ]) + need_sasl=yes + need_sasl_gnu=yes + fi + ]) +AM_CONDITIONAL(USE_SASL_CYRUS, test x$need_sasl_cyrus = xyes) +AM_CONDITIONAL(USE_SASL_GNU, test x$need_sasl_gnu = xyes) dnl -- end socket -- |