PSARC/2015/194 libsasl ON to Userland migration and update
authorJan Parcel <jan.parcel@oracle.com>
Tue, 03 Nov 2015 14:27:41 -0800
changeset 5055 9daf220c1a9a
parent 5054 91b97df27c58
child 5056 7581a14240ad
PSARC/2015/194 libsasl ON to Userland migration and update 20855050 Update libsasl 2.1.15 to 2.1.26 and migrate to Userland consolidation 15242150 SUNBT6211461 SASL library missing extras 20544079 sasl install dir for plugins should be separately configurable 20544093 ifdef sun for gethostname in saslutil.c is obsolete 20544122 libtool.m4 overrides configuration for --no-verify 20544160 incorrect function definition for do_request in ipc_doors.c 20544105 sasl adjustment for location of gssapi.h incorrectly implemented 21058782 CMU cyrus-sasl missing man pages that we require 21099377 Moving to autotools 1.15 breaks cmu cyrus-sasl build 21131962 libsasl mv to Userland means subversion requires system/library/security/libsasl 22052798 openldap slapd refuses to run if libsasl updated unless openldap recompiled
components/cyrus-sasl/Makefile
components/cyrus-sasl/Solaris/README.Solaris
components/cyrus-sasl/Solaris/libsasl.3lib
components/cyrus-sasl/Solaris/sasl_appname.conf.4
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_auxprop_add_plugin.3
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_canonuser_add_plugin.3
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_client_add_plugin.3
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_client_plug_init_t.3sasl
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_decode64.3
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_encode64.3
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_erasebuffer.3
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_getcallback_t.3sasl
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_server_add_plugin.3
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_server_plug_init_t.3sasl
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_set_alloc.3
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_set_mutex.3
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_seterror.3
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_utf8verify.3
components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_version.3sasl
components/cyrus-sasl/libsasl.p5m
components/cyrus-sasl/libsasl2.license
components/cyrus-sasl/llib-lsasl2
components/cyrus-sasl/m4/solaris.m4
components/cyrus-sasl/mapfile
components/cyrus-sasl/patches/1-cyrus-sasl-CVE-4122.patch
components/cyrus-sasl/patches/101-libtool-m4-overrides-no-verify.patch
components/cyrus-sasl/patches/102-sasldir-fix.patch
components/cyrus-sasl/patches/103-remove-ifdef-sun-gethostname.patch
components/cyrus-sasl/patches/104-gssapi-gssapi-h.patch
components/cyrus-sasl/patches/105-do_request-fix.patch
components/cyrus-sasl/patches/106-remove-WIN-module.patch
components/openldap/Makefile
components/openldap/depend.mk
components/openldap/openldap.p5m
components/subversion/Makefile
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Makefile	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,173 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+
+#
+# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+#
+
+include ../../make-rules/shared-macros.mk
+
+PATH=/usr/gnu/bin:$(SPRO_VROOT)/bin:/usr/bin
+
+ifeq   ($(strip $(PARFAIT_BUILD)),yes)
+PATH=$(PARFAIT_TOOLS):/usr/gnu/bin:$(SPRO_VROOT)/bin:/usr/bin
+endif
+
+COMPONENT_NAME=		cyrus-sasl
+
+# Prepending $(PKG_SOLARIS_VERSION) to version in package manifest due to
+# historical versioning, which will also be needed in any possible backports.
+# This will be changed to $(COMPONENT_VERSION) if the pkg name changes.
+# openldap.p5m must also be changed if this version format changes.
+IPS_COMPONENT_VERSION= $(PKG_SOLARIS_VERSION).$(COMPONENT_VERSION)
+
+#
+# If you update the COMPONENT_VERSION, you should make a corresponding change
+# in the dependency at the bottom of the openldap/openldap.p5m file.
+#
+COMPONENT_VERSION=	2.1.26
+COMPONENT_SRC=		$(COMPONENT_NAME)-$(COMPONENT_VERSION)
+COMPONENT_PROJECT_URL= ftp://ftp.cyrusimap.org/cyrus-sasl
+COMPONENT_ARCHIVE=	$(COMPONENT_SRC).tar.gz
+COMPONENT_ARCHIVE_HASH=	\
+    sha256:8fbc5136512b59bb793657f36fadda6359cae3b08f01fd16b3d406f1345b7bc3
+COMPONENT_ARCHIVE_URL= $(COMPONENT_PROJECT_URL)/$(COMPONENT_ARCHIVE)
+
+# Check DONOTUSE items when updating the version and hash
+DONOTUSE= $(SOURCE_DIR)/mac  $(SOURCE_DIR)/dlcompat-20010505
+
+COMPONENT_BUGDB=	library/libsasl
+
+TPNO=			21351
+
+CC += $(CC_BITS)
+
+SASL2.32 = $(USRLIBDIR)/sasl2
+SASL2.64 = $(USRLIBDIR)/sasl2/$(MACH64)
+SASL_CONFDIR = /etc/sasl
+PROTO_CONFDIR = $(PROTO_DIR)$(SASL_CONFDIR)
+
+include $(WS_TOP)/make-rules/prep.mk
+CONFIGURE_DEFAULT_DIRS=no
+include $(WS_TOP)/make-rules/configure.mk
+include $(WS_TOP)/make-rules/ips.mk
+include $(WS_TOP)/make-rules/lint-libraries.mk
+
+CONFIGURE_ENV +=  "CPPFLAGS=$(CPPFLAGS) -I/usr/include/openldap"
+CONFIGURE_OPTIONS += --with-cflags="$(CFLAGS)"
+CONFIGURE_OPTIONS += LDFLAGS="$(LDFLAGS) -lbsm -lscf -lresolv"
+CONFIGURE_OPTIONS += --libdir=$(CONFIGURE_LIBDIR.$(BITS))
+CONFIGURE_OPTIONS += --sysconfdir=$(ETCDIR)
+CONFIGURE_OPTIONS += --enable-auth-sasldb=yes
+CONFIGURE_OPTIONS += --with-dblib=berkeley
+CONFIGURE_OPTIONS += --with-saslauthd=$(USRSBINDIR)/saslauthd
+CONFIGURE_OPTIONS += --with-gss_impl=seam
+CONFIGURE_OPTIONS += --with-gnu-ld=no
+CONFIGURE_OPTIONS.32 += --with-plugindir=$(SASL2.32)
+CONFIGURE_OPTIONS.64 += --with-plugindir=$(SASL2.64)
+CONFIGURE_OPTIONS.32 += --with-sasldir=$(SASL2.32)
+CONFIGURE_OPTIONS.64 += --with-sasldir=$(SASL2.64)
+CONFIGURE_OPTIONS += --with-ipctype=doors
+CONFIGURE_OPTIONS += --with-ldap=$(USRDIR)
+CONFIGURE_OPTIONS += --enable-sample=yes
+CONFIGURE_OPTIONS += --with-configdir=$(ETCDIR)/sasl
+
+PKG_PROTO_DIRS += $(SOURCE_DIR)/doc $(COMPONENT_DIR)/Solaris
+
+# TODO -- make these work or rule them out in Phase II, second integration
+#CONFIGURE_OPTIONS += --with-dbpath=$(SASL_CONFDIR)/sasl2db
+#CONFIGURE_OPTIONS += --with-mysql=$?????
+#CONFIGURE_OPTIONS += --enable-sql=yes
+#CONFIGURE_OPTIONS += --enable-ldapdb=yes
+# postfix or AD might need --enable-login and --enable-ntlm
+#CONFIGURE_OPTIONS += --enable-login=yes
+#CONFIGURE_OPTIONS += --enable-ntlm=yes
+# test xalias levels:
+#CFLAGS += -xalias_level=strict
+
+LINTINCDIR= $(SOURCE_DIR)/include/sasl
+
+INCLIST= hmac-md5.h \
+	md5.h \
+	md5global.h \
+	prop.h \
+	sasl.h \
+	saslplug.h \
+	saslutil.h
+
+CFG_COMPILE=/usr/share/automake-1.15
+
+COMPONENT_PREP_ACTION = ( cd $(@D) &&  \
+		( cd config && ln -s $(CFG_COMPILE)/compile . ) ; \
+		( cd saslauthd/config && ln -s $(CFG_COMPILE)/compile . ); \
+		$(AUTORECONF) -d -m --force -v \
+		-I $(COMPONENT_DIR)/m4   \
+		-I $(SOURCE_DIR)/cmulocal \
+		-I $(SOURCE_DIR)/config ; \
+	    )
+
+# Remove some things we don't use and aren't in the TPNO
+# Make an include/sasl directory to make llib-lsasl2 match llib-lsasl2.ln
+COMPONENT_PRE_CONFIGURE_ACTION = \
+	-$(RM) -r $(DONOTUSE) ; \
+	$(MKDIR) $(LINTINCDIR) ; \
+	( cd $(LINTINCDIR) && \
+	    ( for i in $(INCLIST) ; do \
+	    	ln -s ../$$i $$i  ; \
+	    done ) \
+	)
+
+INSTALL_32 +=	$(PROTOUSRLIBDIR)/libsasl.so.1
+INSTALL_64 +=	$(PROTOUSRLIBDIR64)/libsasl.so.1
+
+
+# common targets
+build:		$(BUILD_32_and_64)
+configure:      $(BUILD_DIR_32)/.configured $(BUILD_DIR_64)/.configured
+install:	build $(INSTALL_32_and_64)
+publish:	install
+test:		$(NO_TESTS)
+system-test:	$(SYSTEM_TESTS_NOT_IMPLEMENTED)
+
+$(BUILD_32):  	COMPONENT_POST_BUILD_ACTION = \
+    $(LD) -F libsasl2.so.3 -o $(BUILD_DIR)/$(MACH32)/lib/.libs/libsasl.so.1 \
+    -G -hlibsasl.so.1 -Bdirect -z defs -M$(COMPONENT_DIR)/mapfile 
+
+$(BUILD_64):	COMPONENT_POST_BUILD_ACTION = \
+     $(LD) -F libsasl2.so.3 -64 -G \
+    -o $(BUILD_DIR)/$(MACH64)/lib/.libs/libsasl.so.1 \
+    -hlibsasl.so.1 -Bdirect -Wl,-zdefs -Wl,-M$(COMPONENT_DIR)/mapfile
+
+$(PROTOUSRLIBDIR)/libsasl.so.1:	$(BUILD_DIR)/$(MACH32)/lib/.libs/libsasl.so.1	
+	$(CP) $< [email protected]
+
+$(PROTOUSRLIBDIR64)/libsasl.so.1:	$(BUILD_DIR)/$(MACH64)/lib/.libs/libsasl.so.1	
+	$(CP) $< [email protected]
+
+ASLR_MODE = $(ASLR_ENABLE)
+BUILD_PKG_DEPENDENCIES =	$(BUILD_TOOLS)
+
+REQUIRED_PACKAGES += database/berkeleydb-5
+REQUIRED_PACKAGES += developer/build/automake-115
+REQUIRED_PACKAGES += library/openldap
+REQUIRED_PACKAGES += library/security/openssl
+REQUIRED_PACKAGES += system/library
+REQUIRED_PACKAGES += system/library/security/gss
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/README.Solaris	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,25 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+
+Configuration files for applications using libsasl and other sasl features
+should go in /etc/sasl or else in configuration directories expected by
+the specific application.
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/libsasl.3lib	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,106 @@
+'\" te
+.\" Copyright (c) 2003 by Sun Microsystems, Inc.  All rights reserved.
+.TH libsasl 3LIB "27 Oct 2003" "SunOS 5.12" "Interface Libraries"
+.SH NAME
+libsasl \- simple authentication and security layer library
+.SH SYNOPSIS
+.LP
+.nf
+cc [ \fIflag\fR... ] \fIfile\fR... \fB-lsasl2\fR [ \fIlibrary\fR... ]
+#include <\fBsasl/sasl.h\fR>
+#include <\fBsasl/prop.h\fR>
+#include <\fBsasl/saslutil.h\fR>
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+SASL is a security framework used by connection-oriented network applications primarily for authentication.  Another way to describe SASL is that it is a glue layer between a network application and some security mechanisms that allow applications to authenticate each other and provide additional security services such as data encryption.  As a glue layer, SASL hides the interface specifics of the security mechanism from the application, which allows greater portability and flexibility as new security mechanisms are implemented.  SASL is similar to the GSS-API in that it provides a layer of abstraction between an application and one or more security mechanisms.
+.sp
+.LP
+\fBlibsasl\fR provides both an API for applications and an SPI for various plug-ins. To link with this library, specify \fB-lsasl2\fR on the \fBcc\fR command line. 
+.SH INTERFACES
+.sp
+.LP
+The shared object \fBlibsasl.so.1\fR and associated include files provide the public interfaces defined below. The \fB*_t\fR interfaces are function prototypes for callbacks that are defined in the public SASL header files. While \fBlibsasl\fR provides default versions for some of the callbacks, this structure allows an application to define its own version of the some of the callback functions. 
+.sp
+.LP
+See \fBIntro\fR(3) for additional information on shared object interfaces.
+.sp
+
+.sp
+.TS
+tab();
+lw(2.75i) lw(2.75i) 
+lw(2.75i) lw(2.75i) 
+.
+\fBprop_clear\fR\fBprop_dispose\fR
+\fBprop_dup\fR\fBprop_erase\fR
+\fBprop_format\fR\fBprop_get\fR
+\fBprop_getnames\fR\fBprop_new\fR
+\fBprop_request\fR\fBprop_set\fR
+\fBprop_setvals\fR\fBsasl_authorize_t\fR
+\fBsasl_auxprop\fR\fBsasl_auxprop_add_plugin\fR
+\fBsasl_auxprop_getctx\fR\fBsasl_auxprop_request\fR
+\fBsasl_canon_user_t\fR\fBsasl_canonuser_add_plugin\fR
+\fBsasl_chalprompt_t\fR\fBsasl_checkapop\fR
+\fBsasl_checkpass\fR\fBsasl_client_add_plugin\fR
+\fBsasl_client_init\fR\fBsasl_client_new\fR
+\fBsasl_client_plug_init_t\fR\fBsasl_client_start\fR
+\fBsasl_client_step\fR\fBsasl_decode\fR
+\fBsasl_decode64\fR\fBsasl_dispose\fR
+\fBsasl_done\fR\fBsasl_encode\fR
+\fBsasl_encode64\fR\fBsasl_encodev\fR
+\fBsasl_erasebuffer\fR\fBsasl_errdetail\fR
+\fBsasl_errors\fR\fBsasl_errstring\fR
+\fBsasl_getcallback_t\fR\fBsasl_getopt_t\fR
+\fBsasl_getpath_t\fR\fBsasl_getprop\fR
+\fBsasl_getrealm_t\fR\fBsasl_getsecret_t\fR
+\fBsasl_getsimple_t\fR\fBsasl_global_listmech\fR
+\fBsasl_idle\fR\fBsasl_listmech\fR
+\fBsasl_log_t\fR\fBsasl_server_add_plugin\fR
+\fBsasl_server_init\fR\fBsasl_server_new\fR
+\fBsasl_server_plug_init_t\fR\fBsasl_server_start\fR
+\fBsasl_server_step\fR\fBsasl_server_userdb_checkpass_t\fR
+\fBsasl_server_userdb_setpass_t\fR\fBsasl_set_alloc\fR
+\fBsasl_set_mutex\fR\fBsasl_seterror\fR
+\fBsasl_setpass\fR\fBsasl_setprop\fR
+\fBsasl_utf8verify\fR\fBsasl_verifyfile_t\fR
+\fBsasl_version\fR
+.TE
+
+.SH FILES
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/usr/lib/libsasl.so.1\fR\fR
+.ad
+.RS 25n
+.rt  
+shared object
+.RE
+
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBIntro\fR(3), \fBattributes\fR(5), 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/sasl_appname.conf.4	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,158 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (c) 2003, Sun Microsystems, Inc. All Rights Reserved.
+.TH sasl_appname.conf 4 "14 Oct 2003" "SunOS 5.12" "File Formats"
+.SH NAME
+sasl_appname.conf \- SASL options and configuration file
+.SH SYNOPSIS
+.LP
+.nf
+/etc/sasl/\fIappname\fR\fB\&.conf\fR
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+The \fB/etc/sasl/\fIappname\fR.conf\fR file is a user-supplied configuration file that supports user set options for server applications.
+.sp
+.LP
+You can modify the behavior of \fBlibsasl\fR and its plug-ins for server applications by specifying option values in \fB/etc/sasl/\fIappname\fR.conf\fR file, where \fIappname\fR is the application defined name of the application. For \fBsendmail\fR, the file would be \fB/etc/sasl/Sendmail.conf\fR. See your application documentation for information on the application name.
+.sp
+.LP
+Options that you set in a \fB\fIappname\fR.conf\fR file do not override SASL options specified by the application itself.
+.sp
+.LP
+The format for each option setting is:
+.sp
+.in +2
+.nf
+option_name:value. 
+.fi
+.in -2
+
+.sp
+.LP
+You can comment lines in the file by using a leading #.
+.sp
+.LP
+The SASL library supports the following options for server applications: 
+.sp
+.ne 2
+.mk
+.na
+\fB\fBauto_transition\fR\fR
+.ad
+.RS 25n
+.rt  
+When set to \fByes\fR, plain users and login plug-ins are automatically transitioned to other mechanisms when they do a successful plaintext authentication. The default value for \fBauto_transition\fR is \fBno\fR.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBauxprop_plugin\fR\fR
+.ad
+.RS 25n
+.rt  
+A space-separated list of names of auxiliary property plug-ins to use. By default, SASL will use or query all available auxiliary property plug-ins.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBcanon_user_plugin\fR\fR
+.ad
+.RS 25n
+.rt  
+The name of the canonical user plug-in to use. By default, the value of \fBcanon_user_plugin\fR is \fBINTERNAL\fR, to indicated the use of built-in plug-ins.. 
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBlog_level\fR\fR
+.ad
+.RS 25n
+.rt  
+An integer value for the desired level of logging for a server, as defined in <\fBsasl.h\fR>. This sets the \fBlog_level\fR in the \fBsasl_server_params_t struct\fR in \fB/usr/include/sasl/saslplug.h\fR. The default value for \fBlog_level\fR is \fB1\fR to indicate \fBSASL_LOG_ERR\fR. 
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBmech_list\fR\fR
+.ad
+.RS 25n
+.rt  
+Whitespace separated list of SASL mechanisms to allow, for example, \fBDIGEST-MD5 GSSAPI\fR. The \fBmech_list\fR option is used to restrict the mechanisms to a subset of the installed plug-ins. By default, SASL will use all available mechanisms. 
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBpw_check\fR\fR
+.ad
+.RS 25n
+.rt  
+Whitespace separated list of mechanisms used to verify passwords that are used by \fBsasl_checkpass\fR(3SASL). The default value for \fBpw_check\fR is \fBauxprop\fR.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBreauth_timeout\fR\fR
+.ad
+.RS 25n
+.rt  
+This SASL option is used by the server DIGEST-MD5 plug-in. The value of \fBreauth_timeout\fR is the length in time (in minutes) that authentication information will be cached for a fast reauthorization. A value of 0 will disable reauthorization. The default value of \fBreauth_timeout\fR is 1440 (24 hours). 
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBserver_load_mech_list\fR\fR
+.ad
+.RS 25n
+.rt  
+A space separated list of mechanisms to load. If in the process of loading server plug-ns no desired mechanisms are included in the plug-in, the plug-in will be unloaded. By default, SASL loads all server plug-ins.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBuser_authid\fR\fR
+.ad
+.RS 25n
+.rt  
+If the value of \fBuser_authid\fR is \fByes\fR, then the GSSAPI will acquire the client credentials rather than use the default credentials when it creates the GSS client security context. The default value of \fBuser_authid\fR is \fBno\fR, whereby SASL uses the default client Kerberos identity. 
+.RE
+
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Interface StabilityCommitted
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_auxprop_add_plugin.3	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,109 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_auxprop_add_plugin 3SASL "16 Sep 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_auxprop_add_plugin \- add a SASL auxiliary property plug-in
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/saslplug.h>
+
+\fBint\fR \fBsasl_auxprop_add_plugin\fR(\fBconst char *\fR\fIplugname\fR,
+     \fBsasl_auxprop_plug_init_t *\fR\fIcplugfunc\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+Use the \fBsasl_auxprop_add_plugin()\fR interface to add a auxiliary property plug-in to the current list of auxiliary property plug-ins in the SASL library.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIplugname\fR\fR
+.ad
+.RS 13n
+.rt  
+The name of the auxiliary property plug-in.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIcplugfunc\fR\fR
+.ad
+.RS 13n
+.rt  
+The value of \fIcplugfunc\fR is filled in by the \fBsasl_auxprop_plug_init_t\fR structure.
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+\fBsasl_auxprop_add_plugin()\fR returns an integer that corresponds to a SASL error code.
+.SH ERRORS
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_OK\fR\fR
+.ad
+.RS 16n
+.rt  
+The call to \fBsasl_client_add_plugin()\fR was successful.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_BADVERS\fR\fR
+.ad
+.RS 16n
+.rt  
+Version mismatch with plug-in.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_NOMEM\fR\fR
+.ad
+.RS 16n
+.rt  
+Memory shortage failure.
+.RE
+
+.sp
+.LP
+See \fBsasl_errors\fR(3SASL) for information on other SASL error codes.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBsasl_errors\fR(3SASL), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_canonuser_add_plugin.3	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,109 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_canonuser_add_plugin 3SASL "16 Sep 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_canonuser_add_plugin \- add a SASL user canonicalization plug-in
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/saslplug.h>
+
+\fBint\fR \fBsasl_canonuser_add_plugin\fR(\fBconst char *\fR\fIplugname\fR,
+     \fBsasl_canonuser_plug_init_t *\fR\fIcplugfunc\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+Use the \fBsasl_canonuser_add_plugin()\fR interface to add a user canonicalization plug-in to the current list of user canonicalization plug-ins in the SASL library.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIplugname\fR\fR
+.ad
+.RS 13n
+.rt  
+The name of the user canonicalization plug-in.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIcplugfunc\fR\fR
+.ad
+.RS 13n
+.rt  
+The value of \fIcplugfunc\fR is filled in by the \fBsasl_canonuser_plug_init_t\fR structure.
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+\fBsasl_server_add_plugin()\fR returns an integer that corresponds to a SASL error code.
+.SH ERRORS
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_OK\fR\fR
+.ad
+.RS 16n
+.rt  
+The call to \fBsasl_client_add_plugin()\fR was successful.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_BADVERS\fR\fR
+.ad
+.RS 16n
+.rt  
+Version mismatch with plug-in.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_NOMEM\fR\fR
+.ad
+.RS 16n
+.rt  
+Memory shortage failure.
+.RE
+
+.sp
+.LP
+See \fBsasl_errors\fR(3SASL) for information on other SASL error codes.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBsasl_errors\fR(3SASL), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_client_add_plugin.3	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,109 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_client_add_plugin 3SASL "12 Sep 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_client_add_plugin \- add a SASL client plug-in
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/saslplug.h>
+
+\fBint\fR \fBsasl_client_add_plugin\fR(\fBconst char *\fR\fIplugname\fR,
+     \fBsasl_client_plug_init_t *\fR\fIcplugfunc\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+Use the \fBsasl_client_add_plugin()\fR interface to add a client plug-in to the current list of client plug-ins in the SASL library.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIplugname\fR\fR
+.ad
+.RS 13n
+.rt  
+The name of the client plug-in.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIcplugfunc\fR\fR
+.ad
+.RS 13n
+.rt  
+The value of \fIcplugfunc\fR is filled in by the \fBsasl_client_plug_init_t\fR structure.
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+\fBsasl_client_add_plugin()\fR returns an integer that corresponds to a SASL error code.
+.SH ERRORS
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_OK\fR\fR
+.ad
+.RS 16n
+.rt  
+The call to \fBsasl_client_add_plugin()\fR was successful.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_BADVERS\fR\fR
+.ad
+.RS 16n
+.rt  
+Version mismatch with plug-in.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_NOMEM\fR\fR
+.ad
+.RS 16n
+.rt  
+Memory shortage failure.
+.RE
+
+.sp
+.LP
+See \fBsasl_errors\fR(3SASL) for information on other SASL error codes.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBsasl_errors\fR(3SASL), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_client_plug_init_t.3sasl	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,120 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_client_plug_init_t 3SASL "27 Oct 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_client_plug_init_t \- client plug-in entry point
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/saslplug.h>
+
+\fBint\fR \fBsasl_client_plug_init_t\fR(\fBconst sasl_utils_t *\fR\fIutils\fR, \fBint\fR \fImax_version\fR,
+     \fBint *\fR\fIout_version\fR, \fBsasl_client_plug_t **\fR\fIpluglist\fR, \fBint *\fR\fIplugcount\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+The \fBsasl_client_plug_init_t()\fR callback function is the client plug-in entry point.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIutils\fR\fR
+.ad
+.RS 15n
+.rt  
+The utility callback functions.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fImax_version\fR\fR
+.ad
+.RS 15n
+.rt  
+The highest client plug-in version supported.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIout_version\fR\fR
+.ad
+.RS 15n
+.rt  
+The client plug-in version of the result..
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIpluglist\fR\fR
+.ad
+.RS 15n
+.rt  
+The list of client mechanism plug-ins.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIplugcount\fR\fR
+.ad
+.RS 15n
+.rt  
+The number of client mechanism plug-ins.
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+Like other SASL callback functions, \fBsasl_client_plug_init_t()\fR returns an integer that corresponds to a SASL error code. See <\fBsasl.h\fR> for a complete list of SASL error codes.
+.SH ERRORS
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_OK\fR\fR
+.ad
+.RS 11n
+.rt  
+The call to \fBsasl_client_plug_init_t()\fR was successful.
+.RE
+
+.sp
+.LP
+See \fBsasl_errors\fR(3SASL) for information on SASL error codes.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBsasl_errors\fR(3SASL), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_decode64.3	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,120 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_decode64 3SASL "16 Sep 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_decode64 \- decode base64 string
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/saslutil.h>
+
+\fBint\fR \fBsasl_decode64\fR(\fBconst char *\fR\fIin\fR, \fBunsigned\fR \fIinlen\fR, \fBchar *\fR\fIout\fR,
+     \fBunsigned\fR \fIoutmax\fR,\fBunsigned *\fR\fIoutlen\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+Use the \fBsasl_decode64()\fR interface to decode a base64 encoded buffer.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIin\fR\fR
+.ad
+.RS 10n
+.rt  
+Input data.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIinlen\fR\fR
+.ad
+.RS 10n
+.rt  
+The length of the input data.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIout\fR\fR
+.ad
+.RS 10n
+.rt  
+The output data. The value of \fIout\fR can be the same as \fIin\fR. However, there must be enough space.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIoutlen\fR\fR
+.ad
+.RS 10n
+.rt  
+The length of the actual output.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIoutmax\fR\fR
+.ad
+.RS 10n
+.rt  
+The maximum size of the output buffer.
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+\fBsasl_decode64()\fR returns an integer that corresponds to a SASL error code.
+.SH ERRORS
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_OK\fR\fR
+.ad
+.RS 11n
+.rt  
+The call to \fBsasl_decode64()\fR was successful.
+.RE
+
+.sp
+.LP
+See \fBsasl_errors\fR(3SASL) for information on SASL error codes.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBsasl_errors\fR(3SASL), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_encode64.3	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,128 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_encode64 3SASL "16 Sep 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_encode64 \- encode base64 string
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/saslutil.h>
+
+\fBint\fR \fBsasl_encode64\fR(\fBconst char *\fR\fIin\fR, \fBunsigned\fR \fIinlen\fR, \fBchar *\fR\fIout\fR,
+     \fBunsigned\fR \fIoutmax\fR, \fBunsigned *\fR\fIoutlen\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+Use the \fBsasl_encode64()\fR interface to convert an octet string into a base64 string. This routine is useful for SASL profiles that use base64, such as the IMAP (IMAP4) and POP (POP_AUTH) profiles. The output is null-terminated. If \fIoutlen\fR is non-\fINULL\fR, the length is placed in the \fIoutlen\fR.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIin\fR\fR
+.ad
+.RS 10n
+.rt  
+Input data.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIinlen\fR\fR
+.ad
+.RS 10n
+.rt  
+The length of the input data.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIout\fR\fR
+.ad
+.RS 10n
+.rt  
+The output data. The value of \fIout\fR can be the same as \fIin\fR. However, there must be enough space.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIoutlen\fR\fR
+.ad
+.RS 10n
+.rt  
+The length of the actual output.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIoutmax\fR\fR
+.ad
+.RS 10n
+.rt  
+The maximum size of the output buffer.
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+\fBsasl_encode64()\fR returns an integer that corresponds to a SASL error code.
+.SH ERRORS
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_OK\fR\fR
+.ad
+.RS 16n
+.rt  
+The call to \fBsasl_encode64()\fR was successful.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_BUFOVER\fR\fR
+.ad
+.RS 16n
+.rt  
+The output buffer was too small.
+.RE
+
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBsasl_errors\fR(3SASL), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_erasebuffer.3	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,75 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_erasebuffer 3SASL "16 Sep 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_erasebuffer \- erase buffer
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/saslutil.h>
+
+\fBvoid\fR \fBsasl_erasebuffer\fR(\fBchar *\fR\fIpass\fR, \fBunsigned\fR \fIlen\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+Use the \fBsasl_erasebuffer()\fR interface to erase a security sensitive buffer or password. The implementation may use recovery-resistant erase logic.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIpass\fR\fR
+.ad
+.RS 8n
+.rt  
+A password
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIlen\fR\fR
+.ad
+.RS 8n
+.rt  
+The length of the password
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+The \fBsasl_erasebuffer()\fR interface returns no return values.
+.SH ERRORS
+.sp
+.LP
+None.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_getcallback_t.3sasl	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,131 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_getcallback_t 3SASL "27 Oct 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_getcallback_t \- callback function to lookup a sasl_callback_t for a connection
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/saslplug.h>
+
+\fBint\fR \fBsasl_getcallback_t\fR(\fBsasl_conn_t *\fR\fIconn\fR, \fBunsigned long\fR \fIcallbacknum\fR,
+     \fBint\fR \fI(**proc)\fR( ), \fBvoid **\fR\fIpcontext\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+The \fBsasl_getcallback_t()\fR function is a callback to lookup a sasl_callback_t for a connection.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIconn\fR\fR
+.ad
+.RS 15n
+.rt  
+The connection to lookup a callback for.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIcallbacknum\fR\fR
+.ad
+.RS 15n
+.rt  
+The number of the callback.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIproc\fR\fR
+.ad
+.RS 15n
+.rt  
+Pointer to the callback function. The value of \fIproc\fR is set to \fINULL\fR upon failure.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIpcontext\fR\fR
+.ad
+.RS 15n
+.rt  
+Pointer to the callback context. The value of \fIpcontext\fR is set to \fINULL\fR upon failure.
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+Like other SASL callback functions, \fBsasl_getcallback_t()\fR returns an integer that corresponds to a SASL error code. See <\fBsasl.h\fR> for a complete list of SASL error codes.
+.SH ERRORS
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_OK\fR\fR
+.ad
+.RS 17n
+.rt  
+The call to \fBsasl_getcallback_t()\fR was successful.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_FAIL\fR\fR
+.ad
+.RS 17n
+.rt  
+Unable to find a callback of the requested type.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_INTERACT\fR\fR
+.ad
+.RS 17n
+.rt  
+The caller must use interaction to get data.
+.RE
+
+.sp
+.LP
+See \fBsasl_errors\fR(3SASL) for information on SASL error codes.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBsasl_errors\fR(3SASL), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_server_add_plugin.3	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,109 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_server_add_plugin 3SASL "1 Oct 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_server_add_plugin \- add a SASL server plug-in
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/saslplug.h>
+
+\fBint\fR \fBsasl_server_add_plugin\fR(\fBconst char *\fR\fIplugname\fR,
+     \fBsasl_server_plug_init_t *\fR\fIcplugfunc\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+Use the \fBsasl_server_add_plugin()\fR interface to add a server plug-in to the current list of client plug-ins in the SASL library.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIplugname\fR\fR
+.ad
+.RS 13n
+.rt  
+The name of the server plug-in.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIcplugfunc\fR\fR
+.ad
+.RS 13n
+.rt  
+The value of \fIcplugfunc\fR is filled in by the \fBsasl_server_plug_init_t\fR structure.
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+\fBsasl_server_add_plugin()\fR returns an integer that corresponds to a SASL error code.
+.SH ERRORS
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_OK\fR\fR
+.ad
+.RS 16n
+.rt  
+The call to \fBsasl_client_add_plugin()\fR was successful.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_BADVERS\fR\fR
+.ad
+.RS 16n
+.rt  
+Version mismatch with plug-in.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_NOMEM\fR\fR
+.ad
+.RS 16n
+.rt  
+Memory shortage failure.
+.RE
+
+.sp
+.LP
+See \fBsasl_errors\fR(3SASL) for information on other SASL error codes.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBsasl_errors\fR(3SASL), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_server_plug_init_t.3sasl	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,120 @@
+'\" te
+.\" Copyright (c) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (c) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_server_plug_init_t 3SASL "27 Oct 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_server_plug_init_t \- server plug-in entry point
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/saslplug.h>
+
+\fBint\fR \fBsasl_server_plug_init_t\fR(\fBconst sasl_utils_t *\fR\fIutils\fR, \fBint\fR \fImax_version\fR,
+     \fBint *\fR\fIout_version\fR, \fBsasl_client_plug_t **\fR\fIpluglist\fR, \fBint *\fR\fIplugcount\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+The \fBsasl_server_plug_init_t()\fR callback function is the server plug-in entry point.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIutils\fR\fR
+.ad
+.RS 15n
+.rt  
+The utility callback functions.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fImax_version\fR\fR
+.ad
+.RS 15n
+.rt  
+The highest server plug-in version supported.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIout_version\fR\fR
+.ad
+.RS 15n
+.rt  
+The server plug-in version of the result.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIpluglist\fR\fR
+.ad
+.RS 15n
+.rt  
+The list of server mechanism plug-ins.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIplugcount\fR\fR
+.ad
+.RS 15n
+.rt  
+The number of server mechanism plug-ins.
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+Like other SASL callback functions, \fBsasl_server_plug_init_t()\fR returns an integer that corresponds to a SASL error code. See <\fBsasl.h\fR> for a complete list of SASL error codes.
+.SH ERRORS
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_OK\fR\fR
+.ad
+.RS 11n
+.rt  
+The call to \fBsasl_server_plug_init_t()\fR was successful.
+.RE
+
+.sp
+.LP
+See \fBsasl_errors\fR(3SASL) for information on SASL error codes.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBsasl_errors\fR(3SASL), \fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_set_alloc.3	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,98 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_set_alloc 3SASL "22 Oct 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_set_alloc \- set the memory allocation functions used by the SASL library
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/sasl.h>
+
+\fBvoid\fR \fBsasl_set_alloc\fR(\fBsasl_malloc_t *\fR\fIm\fR, \fBsasl_calloc_t *\fR\fIc\fR, \fBsasl_realloc_t *\fR\fIr\fR,
+     \fBsasl_free_t *\fR\fIf\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+Use the \fBsasl_set_alloc()\fR interface to set the memory allocation routines that the SASL library and plug-ins will use.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIc\fR\fR
+.ad
+.RS 5n
+.rt  
+A pointer to a \fBcalloc()\fR function
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIf\fR\fR
+.ad
+.RS 5n
+.rt  
+A pointer to a \fBfree()\fR function
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIm\fR\fR
+.ad
+.RS 5n
+.rt  
+A pointer to a\fBmalloc()\fR function
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIr\fR\fR
+.ad
+.RS 5n
+.rt  
+A pointer to a \fBrealloc()\fR function
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+\fBsasl_set_alloc()\fR has no return values.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityObsolete
+_
+MT-LevelUnsafe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBattributes\fR(5)
+.SH NOTES
+.sp
+.LP
+While most of \fBlibsasl\fR is MT-Safe, \fBsasl_set_*\fR modifies the global state and should be considered Unsafe.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_set_mutex.3	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,98 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_set_mutex 3SASL "22 Oct 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_set_mutex \- set the mutex lock functions used by the SASL library
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/sasl.h>
+
+\fBvoid\fR \fBsasl_set_mutex\fR(\fBsasl_mutex_alloc_t *\fR\fIa\fR, \fBsasl_mutex_lock_t *\fR\fIl\fR,
+     \fBsasl_mutex_unlock_t *\fR\fIu\fR, \fBsasl_mutex_free_t *\fR\fIf\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+Use the \fBsasl_set_mutex()\fR interface to set the mutex lock routines that the SASL library and plug-ins will use.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIa\fR\fR
+.ad
+.RS 5n
+.rt  
+A pointer to the mutex lock allocation function
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIf\fR\fR
+.ad
+.RS 5n
+.rt  
+A pointer to the mutex free or destroy function
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIl\fR\fR
+.ad
+.RS 5n
+.rt  
+A pointer to the mutex lock function
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIu\fR\fR
+.ad
+.RS 5n
+.rt  
+A pointer to the mutex unlock function
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+\fBsasl_set_mutex()\fR has no return values.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityObsolete
+_
+MT-LevelUnsafe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBattributes\fR(5)
+.SH NOTES
+.sp
+.LP
+While most of \fBlibsasl\fR is MT-Safe, \fBsasl_set_*\fR modifies the global state and should be considered Unsafe.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_seterror.3	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,95 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_seterror 3SASL "14 Oct 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_seterror \- set the error string
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/sasl.h>
+
+\fBvoid\fR \fBsasl_seterror\fR(\fBsasl_conn_t *\fR\fIconn\fR, \fBunsigned\fR \fIflags\fR,
+     \fBconst char *\fR\fIfmt\fR, ...);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+The \fBsasl_seterror()\fR interface sets the error string that will be returned by \fBsasl_errdetail\fR(3SASL). Use \fBsyslog\fR(3C) style formatting, that is, use \fBprintf()\fR\(emstyle with \fB%m\fR as the most recent \fBerrno\fR error.
+.sp
+.LP
+The \fBsasl_seterror()\fR interface is primarily used by server callback functions and internal plug-ins, for example, with the \fBsasl_authorize_t\fR callback. The \fBsasl_seterror()\fR interface triggers a call to the SASL logging callback, if any, with a level of \fBSASL_LOG_FAIL\fR, unless the \fBSASL_NOLOG\fR flag is set.
+.sp
+.LP
+Make the message string sensitive to the current language setting. If there is no \fBSASL_CB_LANGUAGE\fR callback, message strings must be \fBi-default\fR. Otherwise, UTF-8 is used. Use of \fIRFC 2482\fR for mixed-language text is encouraged.
+.sp
+.LP
+If the value of \fIconn\fR is \fINULL\fR, the \fBsasl_seterror()\fR interface fails.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIconn\fR\fR
+.ad
+.RS 9n
+.rt  
+The \fBsasl_conn_t\fR for which the call to \fBsasl_seterror()\fR applies.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIflags\fR\fR
+.ad
+.RS 9n
+.rt  
+If set to \fBSASL_NOLOG\fR, the call to \fBsasl_seterror()\fR is not logged.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIfmt\fR\fR
+.ad
+.RS 9n
+.rt  
+A \fBsyslog\fR(3C) style format string.
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+\fBsasl_seterror()\fR has no return values.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBsasl_errdetail\fR(3SASL), \fBsyslog\fR(3C), \fBattributes\fR(5)
+.sp
+.LP
+Whistler, K. and Adams, G. \fIRFC 2482, Language Tagging in Unicode Plain Text\fR. Network Working Group. January 1999.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_utf8verify.3	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,94 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_utf8verify 3SASL "1 Oct 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_utf8verify \- encode base64 string
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/saslutil.h>
+
+\fBint\fR \fBsasl_utf8verify\fR(\fBconst char *\fR\fIstr\fR, \fBunsigned\fR \fIlen\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+Use the \fBsasl_utf8verify()\fR interface to verify that a string is valid UTF-8 and does not contain \fINULL\fR, a carriage return, or a linefeed. If \fIlen\fR ==0, \fBstrlen\fR(\fIstr\fR) will be used.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIstr\fR\fR
+.ad
+.RS 7n
+.rt  
+A string
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIlen\fR\fR
+.ad
+.RS 7n
+.rt  
+The length of the string
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+\fBsasl_utf8verify()\fR returns an integer that corresponds to a SASL error code.
+.SH ERRORS
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_OK\fR\fR
+.ad
+.RS 16n
+.rt  
+The call to \fBsasl_utf8verify()\fR was successful.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSASL_BADPROT\fR\fR
+.ad
+.RS 16n
+.rt  
+There was invalid UTF-8, or an error was found.
+.RE
+
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/Solaris/usr/share/man/man3/sasl_version.3sasl	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,71 @@
+'\" te
+.\" Copyright (C) 1998-2003, Carnegie Mellon Univeristy.  All Rights Reserved.
+.\" Portions Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
+.TH sasl_version 3SASL "14 Oct 2003" "SunOS 5.12" "Simple Authentication Security Layer Library Functions"
+.SH NAME
+sasl_version \- get SASL library version information
+.SH SYNOPSIS
+.LP
+.nf
+\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lsasl\fR   [ \fIlibrary\fR ... ]
+#include <sasl/sasl.h>
+
+\fBvoid\fR \fBsasl_version\fR(\fBconst char **\fR\fIimplementation\fR, \fBint *\fR\fIversion\fR);
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+Use the \fBsasl_version()\fR interface to obtain the version of the SASL library.
+.SH PARAMETERS
+.sp
+.ne 2
+.mk
+.na
+\fB\fIimplementation\fR\fR
+.ad
+.RS 18n
+.rt  
+A vendor-defined string that describes the implementation. The value of \fIimplementation\fRreturned is \fBSun SASL\fR.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fIversion\fR\fR
+.ad
+.RS 18n
+.rt  
+A vendor-defined represetation of the version number.
+.RE
+
+.SH RETURN VALUES
+.sp
+.LP
+The \fBsasl_version()\fR interface has no return values.
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitysystem/library/security/libsasl
+_
+Interface StabilityCommitted
+_
+MT-LevelMT-Safe
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBattributes\fR(5)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/libsasl.p5m	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,214 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+
+#
+# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+#
+
+<transform file path=usr.*/man/.+ -> default mangler.man.stability committed>
+<transform file path=(.+)/man/man3sasl/(.+).3sasl$ -> \
+    set action.hash %<1>/man/man3/%<2>.3>
+
+# A package version that starts with 2.1.26 will refuse to replace a package
+# version that starts with 5.12, so this workaround is needed until the
+# name change to libsasl2 (see Phase II line above)
+
+# openldap.p5m is dependent on this package name, must be kept in sync
+set name=pkg.fmri \
+    value=pkg:/system/library/security/[email protected]$(IPS_COMPONENT_VERSION),$(BUILD_VERSION)
+#
+set name=pkg.summary \
+    value="Cyrus SASL - Simple Authentication and Security Layer"
+set name=com.oracle.info.description value="cyrus-sasl project"
+set name=com.oracle.info.tpno value=$(TPNO)
+set name=info.classification \
+    value=org.opensolaris.category.2008:System/Libraries
+set name=info.source-url value=$(COMPONENT_ARCHIVE_URL)
+set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
+set name=org.opensolaris.arc-caseid value=PSARC/2015/194
+set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
+dir  path=etc/sasl owner=root group=sys mode=0755
+file README.Solaris path=etc/sasl/README.Solaris
+file path=usr/include/sasl/hmac-md5.h
+file path=usr/include/sasl/md5.h
+file path=usr/include/sasl/md5global.h
+file path=usr/include/sasl/prop.h
+file path=usr/include/sasl/sasl.h
+file path=usr/include/sasl/saslplug.h
+file path=usr/include/sasl/saslutil.h
+link path=usr/lib/$(MACH64)/libsasl.so target=libsasl2.so.3.0.0
+file path=usr/lib/$(MACH64)/libsasl.so.1
+link path=usr/lib/$(MACH64)/libsasl2.so target=libsasl2.so.3.0.0
+link path=usr/lib/$(MACH64)/libsasl2.so.3 target=libsasl2.so.3.0.0
+file path=usr/lib/$(MACH64)/libsasl2.so.3.0.0
+link path=usr/lib/$(MACH64)/llib-lsasl target=../llib-lsasl2 \
+    pkg.linted.dupaction010.2=true
+link path=usr/lib/$(MACH64)/llib-lsasl.ln target=llib-lsasl2 \
+    pkg.linted.dupaction010.2=true
+link path=usr/lib/$(MACH64)/llib-lsasl2 target=../llib-lsasl2
+file path=usr/lib/$(MACH64)/llib-lsasl2.ln
+link path=usr/lib/$(MACH64)/pkgconfig/libsasl.pc target=libsasl2.pc
+file path=usr/lib/$(MACH64)/pkgconfig/libsasl2.pc
+link path=usr/lib/libsasl.so target=libsasl2.so.3.0.0
+file path=usr/lib/libsasl.so.1
+link path=usr/lib/libsasl2.so target=libsasl2.so.3.0.0
+link path=usr/lib/libsasl2.so.3 target=libsasl2.so.3.0.0
+file path=usr/lib/libsasl2.so.3.0.0
+link path=usr/lib/llib-lsasl target=llib-lsasl2 pkg.linted.dupaction010.2=true
+link path=usr/lib/llib-lsasl.ln target=llib-lsasl2.ln \
+    pkg.linted.dupaction010.2=true
+file path=usr/lib/llib-lsasl2
+file path=usr/lib/llib-lsasl2.ln
+link path=usr/lib/pkgconfig/libsasl.pc target=libsasl2.pc
+file path=usr/lib/pkgconfig/libsasl2.pc
+link path=usr/lib/sasl target=./sasl2 pkg.linted=true
+link path=usr/lib/sasl2/$(MACH64)/libanonymous.so target=libanonymous.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libanonymous.so.3 target=libanonymous.so.3.0.0
+file path=usr/lib/sasl2/$(MACH64)/libanonymous.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libcrammd5.so target=libcrammd5.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libcrammd5.so.3 target=libcrammd5.so.3.0.0
+file path=usr/lib/sasl2/$(MACH64)/libcrammd5.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libdigestmd5.so target=libdigestmd5.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libdigestmd5.so.3 target=libdigestmd5.so.3.0.0
+file path=usr/lib/sasl2/$(MACH64)/libdigestmd5.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libgssapiv2.so target=libgssapiv2.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libgssapiv2.so.3 target=libgssapiv2.so.3.0.0
+file path=usr/lib/sasl2/$(MACH64)/libgssapiv2.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libotp.so target=libotp.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libotp.so.3 target=libotp.so.3.0.0
+file path=usr/lib/sasl2/$(MACH64)/libotp.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libplain.so target=libplain.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libplain.so.3 target=libplain.so.3.0.0
+file path=usr/lib/sasl2/$(MACH64)/libplain.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libsasldb.so target=libsasldb.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libsasldb.so.3 target=libsasldb.so.3.0.0
+file path=usr/lib/sasl2/$(MACH64)/libsasldb.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libscram.so target=libscram.so.3.0.0
+link path=usr/lib/sasl2/$(MACH64)/libscram.so.3 target=libscram.so.3.0.0
+file path=usr/lib/sasl2/$(MACH64)/libscram.so.3.0.0
+link path=usr/lib/sasl2/64 target=./$(MACH64)
+link path=usr/lib/sasl2/libanonymous.so target=libanonymous.so.3.0.0
+link path=usr/lib/sasl2/libanonymous.so.3 target=libanonymous.so.3.0.0
+file path=usr/lib/sasl2/libanonymous.so.3.0.0
+link path=usr/lib/sasl2/libcrammd5.so target=libcrammd5.so.3.0.0
+link path=usr/lib/sasl2/libcrammd5.so.3 target=libcrammd5.so.3.0.0
+file path=usr/lib/sasl2/libcrammd5.so.3.0.0
+link path=usr/lib/sasl2/libdigestmd5.so target=libdigestmd5.so.3.0.0
+link path=usr/lib/sasl2/libdigestmd5.so.3 target=libdigestmd5.so.3.0.0
+file path=usr/lib/sasl2/libdigestmd5.so.3.0.0
+link path=usr/lib/sasl2/libgssapiv2.so target=libgssapiv2.so.3.0.0
+link path=usr/lib/sasl2/libgssapiv2.so.3 target=libgssapiv2.so.3.0.0
+file path=usr/lib/sasl2/libgssapiv2.so.3.0.0
+link path=usr/lib/sasl2/libotp.so target=libotp.so.3.0.0
+link path=usr/lib/sasl2/libotp.so.3 target=libotp.so.3.0.0
+file path=usr/lib/sasl2/libotp.so.3.0.0
+link path=usr/lib/sasl2/libplain.so target=libplain.so.3.0.0
+link path=usr/lib/sasl2/libplain.so.3 target=libplain.so.3.0.0
+file path=usr/lib/sasl2/libplain.so.3.0.0
+link path=usr/lib/sasl2/libsasldb.so target=libsasldb.so.3.0.0
+link path=usr/lib/sasl2/libsasldb.so.3 target=libsasldb.so.3.0.0
+file path=usr/lib/sasl2/libsasldb.so.3.0.0
+link path=usr/lib/sasl2/libscram.so target=libscram.so.3.0.0
+link path=usr/lib/sasl2/libscram.so.3 target=libscram.so.3.0.0
+file path=usr/lib/sasl2/libscram.so.3.0.0
+file path=usr/sbin/pluginviewer
+file path=usr/sbin/saslauthd
+file path=usr/sbin/sasldblistusers2
+file path=usr/sbin/saslpasswd2
+file path=usr/sbin/testsaslauthd
+file usr/share/man/man8/pluginviewer.8 \
+    path=usr/share/man/man1m/pluginviewer.1m mangler.bypass=true
+file usr/share/man/man8/saslauthd.8 path=usr/share/man/man1m/saslauthd.1m \
+    mangler.bypass=true
+file usr/share/man/man8/sasldblistusers2.8 \
+    path=usr/share/man/man1m/sasldblistusers2.1m mangler.bypass=true
+file usr/share/man/man8/saslpasswd2.8 path=usr/share/man/man1m/saslpasswd2.1m \
+    mangler.bypass=true
+link path=usr/share/man/man3sasl/prop_clear.3sasl target=sasl_auxprop.3sasl
+link path=usr/share/man/man3sasl/prop_dispose.3sasl target=sasl_auxprop.3sasl
+link path=usr/share/man/man3sasl/prop_dup.3sasl target=sasl_auxprop.3sasl
+link path=usr/share/man/man3sasl/prop_erase.3sasl target=sasl_auxprop.3sasl
+link path=usr/share/man/man3sasl/prop_format.3sasl target=sasl_auxprop.3sasl
+link path=usr/share/man/man3sasl/prop_get.3sasl target=sasl_auxprop.3sasl
+link path=usr/share/man/man3sasl/prop_getnames.3sasl target=sasl_auxprop.3sasl
+link path=usr/share/man/man3sasl/prop_new.3sasl target=sasl_auxprop.3sasl
+link path=usr/share/man/man3sasl/prop_request.3sasl target=sasl_auxprop.3sasl
+link path=usr/share/man/man3sasl/prop_set.3sasl target=sasl_auxprop.3sasl
+link path=usr/share/man/man3sasl/prop_setvals.3sasl target=sasl_auxprop.3sasl
+file path=usr/share/man/man3sasl/sasl.3sasl
+file path=usr/share/man/man3sasl/sasl_authorize_t.3sasl
+file path=usr/share/man/man3sasl/sasl_auxprop.3sasl
+file sasl_auxprop_add_plugin.3sasl \
+    path=usr/share/man/man3sasl/sasl_auxprop_add_plugin.3sasl
+file path=usr/share/man/man3sasl/sasl_auxprop_getctx.3sasl
+file path=usr/share/man/man3sasl/sasl_auxprop_request.3sasl
+file path=usr/share/man/man3sasl/sasl_callbacks.3sasl
+file path=usr/share/man/man3sasl/sasl_canon_user_t.3sasl
+file sasl_canonuser_add_plugin.3sasl \
+    path=usr/share/man/man3sasl/sasl_canonuser_add_plugin.3sasl
+file path=usr/share/man/man3sasl/sasl_chalprompt_t.3sasl
+file path=usr/share/man/man3sasl/sasl_checkapop.3sasl
+file path=usr/share/man/man3sasl/sasl_checkpass.3sasl
+file sasl_client_add_plugin.3sasl \
+    path=usr/share/man/man3sasl/sasl_client_add_plugin.3sasl
+file path=usr/share/man/man3sasl/sasl_client_init.3sasl
+file path=usr/share/man/man3sasl/sasl_client_new.3sasl
+file path=usr/share/man/man3sasl/sasl_client_start.3sasl
+file path=usr/share/man/man3sasl/sasl_client_step.3sasl
+file path=usr/share/man/man3sasl/sasl_decode.3sasl
+file sasl_decode64.3sasl path=usr/share/man/man3sasl/sasl_decode64.3sasl
+file path=usr/share/man/man3sasl/sasl_dispose.3sasl
+file path=usr/share/man/man3sasl/sasl_done.3sasl
+file path=usr/share/man/man3sasl/sasl_encode.3sasl
+file sasl_encode64.3sasl path=usr/share/man/man3sasl/sasl_encode64.3sasl
+link path=usr/share/man/man3sasl/sasl_encodev.3sasl target=sasl_encode.3sasl
+file sasl_erasebuffer.3sasl path=usr/share/man/man3sasl/sasl_erasebuffer.3sasl
+file path=usr/share/man/man3sasl/sasl_errdetail.3sasl
+file path=usr/share/man/man3sasl/sasl_errors.3sasl
+file path=usr/share/man/man3sasl/sasl_errstring.3sasl
+file path=usr/share/man/man3sasl/sasl_getconfpath_t.3sasl
+file path=usr/share/man/man3sasl/sasl_getopt_t.3sasl
+file path=usr/share/man/man3sasl/sasl_getpath_t.3sasl
+file path=usr/share/man/man3sasl/sasl_getprop.3sasl
+file path=usr/share/man/man3sasl/sasl_getrealm_t.3sasl
+file path=usr/share/man/man3sasl/sasl_getsecret_t.3sasl
+file path=usr/share/man/man3sasl/sasl_getsimple_t.3sasl
+file path=usr/share/man/man3sasl/sasl_global_listmech.3sasl
+file path=usr/share/man/man3sasl/sasl_idle.3sasl
+file path=usr/share/man/man3sasl/sasl_listmech.3sasl
+file path=usr/share/man/man3sasl/sasl_log_t.3sasl
+file sasl_server_add_plugin.3sasl \
+    path=usr/share/man/man3sasl/sasl_server_add_plugin.3sasl
+file path=usr/share/man/man3sasl/sasl_server_init.3sasl
+file path=usr/share/man/man3sasl/sasl_server_new.3sasl
+file path=usr/share/man/man3sasl/sasl_server_start.3sasl
+file path=usr/share/man/man3sasl/sasl_server_step.3sasl
+file path=usr/share/man/man3sasl/sasl_server_userdb_checkpass_t.3sasl
+file path=usr/share/man/man3sasl/sasl_server_userdb_setpass_t.3sasl
+file sasl_set_alloc.3sasl path=usr/share/man/man3sasl/sasl_set_alloc.3sasl
+file sasl_set_mutex.3sasl path=usr/share/man/man3sasl/sasl_set_mutex.3sasl
+file sasl_seterror.3sasl path=usr/share/man/man3sasl/sasl_seterror.3sasl
+file path=usr/share/man/man3sasl/sasl_setpass.3sasl
+file path=usr/share/man/man3sasl/sasl_setprop.3sasl
+file path=usr/share/man/man3sasl/sasl_user_exists.3sasl
+file sasl_utf8verify.3sasl path=usr/share/man/man3sasl/sasl_utf8verify.3sasl
+file path=usr/share/man/man3sasl/sasl_verifyfile_t.3sasl
+license libsasl2.license license="BSD with attribution to CMU, MIT, others"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/libsasl2.license	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,348 @@
+
+    * Copyright (c) 1994-2012 Carnegie Mellon University.  All rights reserved. 
+    * 
+    * Redistribution and use in source and binary forms, with or without 
+    * modification, are permitted provided that the following conditions 
+    * are met: 
+    * 
+    * 1. Redistributions of source code must retain the above copyright 
+    *    notice, this list of conditions and the following disclaimer. 
+    * 
+    * 2. Redistributions in binary form must reproduce the above copyright 
+    *    notice, this list of conditions and the following disclaimer in 
+    *    the documentation and/or other materials provided with the 
+    *    distribution. 
+    * 
+    * 3. The name "Carnegie Mellon University" must not be used to 
+    *    endorse or promote products derived from this software without 
+    *    prior written permission. For permission or any legal 
+    *    details, please contact  
+    *      Office of Technology Transfer 
+    *      Carnegie Mellon University 
+    *      5000 Forbes Avenue 
+    *      Pittsburgh, PA  15213-3890 
+    *      (412) 268-4387, fax: (412) 268-7395 
+    *      [email protected] 
+    * 
+    * 4. Redistributions of any form whatsoever must retain the following 
+    *    acknowledgment: 
+    *    "This product includes software developed by Computing Services 
+    *     at Carnegie Mellon University (http://www.cmu.edu/computing/)." 
+    * 
+    * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO 
+    * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 
+    * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE 
+    * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 
+    * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 
+    * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 
+    * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 
+
+
+doc/readme.html 
+<H1>Read Me First</H1> 
+
+This document offers a general overview of the Cyrus SASL library. 
+The Cyrus SASL Libray provides applications with an implementation 
+of the Simple Authentication and Security Layer (RFC2222), and 
+several authentication mechanisms.  Users interested in the "big picture" 
+of what is provided by the library should read about 
+<a href=components.html>Cyrus SASL Components</a>. 
+
+<snip> 
+
+People considering doing binary distributions that include saslauthd 
+should be aware that the code is covered by several slightly different 
+(but compatible) licenses, due to how it was contributed.  Details can 
+be found within the source code.<p> 
+
+     
+
+/* 
+ *      Copyright (C) 1989 by the Massachusetts Institute of Technology 
+ * 
+ *      Export of this software from the United States of America is assumed 
+ *      to require a specific license from the United States Government. 
+ *      It is the responsibility of any person or organization contemplating 
+ *      export to obtain such a license before exporting. 
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 
+ * distribute this software and its documentation for any purpose and 
+ * without fee is hereby granted, provided that the above copyright 
+ * notice appear in all copies and that both that copyright notice and 
+ * this permission notice appear in supporting documentation, and that 
+ * the name of M.I.T. not be used in advertising or publicity pertaining 
+ * to distribution of the software without specific, written prior 
+ * permission.  M.I.T. makes no representations about the suitability of 
+ * this software for any purpose.  It is provided "as is" without express 
+ * or implied warranty. 
+ * 
+ */ 
+
+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All 
+rights reserved. 
+
+License to copy and use this software is granted provided that it 
+is identified as the "RSA Data Security, Inc. MD5 Message-Digest 
+Algorithm" in all material mentioning or referencing this software 
+or this function. 
+
+License is also granted to make and use derivative works provided 
+that such works are identified as "derived from the RSA Data 
+Security, Inc. MD5 Message-Digest Algorithm" in all material 
+mentioning or referencing the derived work. 
+
+RSA Data Security, Inc. makes no representations concerning either 
+the merchantability of this software or the suitability of this 
+software for any particular purpose. It is provided "as is" 
+without express or implied warranty of any kind. 
+
+These notices must be retained in any copies of any part of this 
+documentation and/or software. 
+
+
+ plugins/ldapdb.c 
+
+/* SASL LDAP auxprop+canonuser implementation 
+ * Copyright (C) 2002-2007 Howard Chu, All rights reserved. <[email protected]> 
+ * 
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted only as authorized by the OpenLDAP 
+ * Public License. 
+ * 
+ * A copy of this license is available in the file LICENSE in the 
+ * top-level directory of the distribution or, alternatively, at 
+ * <http://www.OpenLDAP.org/license.html>. 
+ */ 
+Text found at that URL:
+ Public License for 2.4.40
+The OpenLDAP Public License
+  Version 2.8, 17 August 2003
+
+Redistribution and use of this software and associated documentation
+("Software"), with or without modification, are permitted provided
+that the following conditions are met:
+
+1. Redistributions in source form must retain copyright statements
+   and notices,
+
+2. Redistributions in binary form must reproduce applicable copyright
+   statements and notices, this list of conditions, and the following
+   disclaimer in the documentation and/or other materials provided
+   with the distribution, and
+
+3. Redistributions must contain a verbatim copy of this document.
+
+The OpenLDAP Foundation may revise this license from time to time.
+Each revision is distinguished by a version number.  You may use
+this Software under terms of this license revision or under the
+terms of any subsequent revision of the license.
+
+THIS SOFTWARE IS PROVIDED BY THE OPENLDAP FOUNDATION AND ITS
+CONTRIBUTORS ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT
+SHALL THE OPENLDAP FOUNDATION, ITS CONTRIBUTORS, OR THE AUTHOR(S)
+OR OWNER(S) OF THE SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGE.
+
+The names of the authors and copyright holders must not be used in
+advertising or otherwise to promote the sale, use or other dealing
+in this Software without specific, written prior permission.  Title
+to copyright in this Software shall at all times remain with copyright
+holders.
+
+OpenLDAP is a registered trademark of the OpenLDAP Foundation.
+
+Copyright 1999-2003 The OpenLDAP Foundation, Redwood City,
+California, USA.  All Rights Reserved.  Permission to copy and
+distribute verbatim copies of this document is granted.
+
+IETF:  The Internet Society:
+   Copyright (C) The Internet Society (2003). All Rights Reserved. 
+
+
+Intellectual Property Statement 
+
+   The IETF takes no position regarding the validity or scope of any 
+   intellectual property or other rights that might be claimed to 
+   pertain to the implementation or use of the technology described in 
+   this document or the extent to which any license under such rights 
+   might or might not be available; neither does it represent that it 
+   has made any effort to identify any such rights. Information on the 
+   IETF's procedures with respect to rights in standards-track and 
+   standards-related documentation can be found in BCP-11. Copies of 
+   claims of rights made available for publication and any assurances of 
+   licenses to be made available, or the result of an attempt made to 
+   obtain a general license or permission for the use of such 
+   proprietary rights by implementors or users of this specification can 
+   be obtained from the IETF Secretariat. 
+
+   The IETF invites any interested party to bring to its attention any 
+   copyrights, patents or patent applications, or other proprietary 
+   rights which may cover technology that may be required to practice 
+   this standard. Please address the information to the IETF Executive 
+   Director. 
+
+
+Full Copyright Statement 
+
+   Copyright (C) The Internet Society (2003). All Rights Reserved. 
+
+   This document and translations of it may be copied and furnished to 
+   others, and derivative works that comment on or otherwise explain it 
+   or assist in its implementation may be prepared, copied, published 
+   and distributed, in whole or in part, without restriction of any 
+   kind, provided that the above copyright notice and this paragraph are 
+   included on all such copies and derivative works. However, this 
+   document itself may not be modified in any way, such as by removing 
+   the copyright notice or references to the Internet Society or other 
+   Internet organizations, except as needed for the purpose of 
+   developing Internet standards in which case the procedures for 
+   copyrights defined in the Internet Standards process must be 
+   followed, or as required to translate it into languages other than 
+   English. 
+
+   The limited permissions granted above are perpetual and will not be 
+   revoked by the Internet Society or its successors or assignees. 
+
+   This document and the information contained herein is provided on an 
+   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 
+   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 
+   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 
+
+
+
+Burdis & Naffah        Expires November 28, 2003               [Page 50] 
+Internet-Draft        SRP Authentication Mechanism              May 2003 
+
+
+   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 
+   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 
+
+
+mac/libdes/src/fcrypt.c 
+/* Copyright (C) 1995-1997 Eric Young ([email protected]) 
+ * All rights reserved. 
+ * 
+ * This package is an SSL implementation written 
+ * by Eric Young ([email protected]). 
+ * The implementation was written so as to conform with Netscapes SSL. 
+ * 
+ * This library is free for commercial and non-commercial use as long as 
+ * the following conditions are aheared to.  The following conditions 
+ * apply to all code found in this distribution, be it the RC4, RSA, 
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation 
+ * included with this distribution is covered by the same copyright terms 
+ * except that the holder is Tim Hudson ([email protected]). 
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in 
+ * the code are not to be removed. 
+ * If this package is used in a product, Eric Young should be given attribution 
+ * as the author of the parts of the library used. 
+ * This can be in the form of a textual message at program startup or 
+ * in documentation (online or textual) provided with the package. 
+ * 
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ * 1. Redistributions of source code must retain the copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ * 3. All advertising materials mentioning features or use of this software 
+ *    must display the following acknowledgement: 
+ *    "This product includes cryptographic software written by 
+ *     Eric Young ([email protected])" 
+ *    The word 'cryptographic' can be left out if the rouines from the library 
+ *    being used are not cryptographic related :-). 
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement: 
+ *    "This product includes software written by Tim Hudson ([email protected])" 
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ * 
+ * The licence and distribution terms for any publically available version or 
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be 
+ * copied and put under another distribution licence 
+ * [including the GNU Public Licence.] 
+ */ 
+For MD5 only: 
+/* 
+ * ---------------------------------------------------------------------------- 
+ * "THE BEER-WARE LICENSE" (Revision 42): 
+ * <[email protected]> wrote this file.  As long as you retain this notice you 
+ * can do whatever you want with this stuff. If we meet some day, and you think 
+ * this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp 
+ * ---------------------------------------------------------------------------- 
+ */ 
+
+mac/libdes/src/COPYRIGHT 
+
+Copyright (C) 1995-1997 Eric Young ([email protected]) 
+All rights reserved. 
+
+This package is an DES implementation written by Eric Young ([email protected]). 
+The implementation was written so as to conform with MIT's libdes. 
+
+This library is free for commercial and non-commercial use as long as 
+the following conditions are aheared to.  The following conditions 
+apply to all code found in this distribution. 
+
+Copyright remains Eric Young's, and as such any Copyright notices in 
+the code are not to be removed. 
+If this package is used in a product, Eric Young should be given attribution 
+as the author of that the SSL library.  This can be in the form of a textual 
+message at program startup or in documentation (online or textual) provided 
+with the package. 
+
+Redistribution and use in source and binary forms, with or without 
+modification, are permitted provided that the following conditions 
+are met: 
+1. Redistributions of source code must retain the copyright 
+   notice, this list of conditions and the following disclaimer. 
+2. Redistributions in binary form must reproduce the above copyright 
+   notice, this list of conditions and the following disclaimer in the 
+   documentation and/or other materials provided with the distribution. 
+3. All advertising materials mentioning features or use of this software 
+   must display the following acknowledgement: 
+   This product includes software developed by Eric Young ([email protected]) 
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+SUCH DAMAGE. 
+
+The license and distribution terms for any publically available version or 
+derivative of this code cannot be changed.  i.e. this code cannot simply be 
+copied and put under another distrubution license 
+[including the GNU Public License.] 
+
+The reason behind this being stated in this direct manner is past 
+experience in code simply being copied and the attribution removed 
+from it and then being distributed as part of other packages. This 
+implementation was a non-trivial and unpaid effort. 
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/llib-lsasl2	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,35 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ */
+
+/* LINTLIBRARY */
+/* PROTOLIB1 */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <sasl/sasl.h>
+#include <md5global.h>
+#include <sasl/saslplug.h>
+#include <sasl/saslutil.h>
+#include <sasl/prop.h>
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/m4/solaris.m4	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,11 @@
+dnl 
+dnl
+dnl
+
+AC_ARG_WITH(sasldir, [  --with-sasldir=DIR    set the directory where
+			  plugins will be installed, including $(MACH64),
+  sasldir=$withval,
+  sasldir=/usr/lib/sasl2)
+AC_DEFINE_UNQUOTED(SASLDIR, "$sasldir", [Installtime plugin location])
+AC_SUBST(sasldir)
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/mapfile	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,98 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# MAPFILE HEADER START
+#
+# WARNING:  STOP NOW.  DO NOT MODIFY THIS FILE.
+# Object versioning must comply with the rules detailed in
+#
+#	usr/src/lib/README.mapfiles
+#
+# You should not be making modifications here until you've read the most current
+# copy of that file. If you need help, contact a gatekeeper for guidance.
+#
+# MAPFILE HEADER END
+#
+# Note that the source above actually lives in the ON tree.
+#
+# Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved.
+#
+# public interfaces in libsasl
+#
+$mapfile_version 2
+
+FILTER {
+	FILTEE = libsasl2.so.3;
+	TYPE = WEAK;
+};
+
+SYMBOL_VERSION SUNW_1.1 {
+    global:
+	prop_clear			{ TYPE = FUNCTION };
+	prop_dispose			{ TYPE = FUNCTION };
+	prop_dup			{ TYPE = FUNCTION };
+	prop_erase			{ TYPE = FUNCTION };
+	prop_format			{ TYPE = FUNCTION };
+	prop_get			{ TYPE = FUNCTION };
+	prop_getnames			{ TYPE = FUNCTION };
+	prop_new			{ TYPE = FUNCTION };
+	prop_request			{ TYPE = FUNCTION };
+	prop_set			{ TYPE = FUNCTION };
+	prop_setvals			{ TYPE = FUNCTION };
+	sasl_auxprop_add_plugin		{ TYPE = FUNCTION };
+	sasl_auxprop_getctx		{ TYPE = FUNCTION };
+	sasl_auxprop_request		{ TYPE = FUNCTION };
+	sasl_canonuser_add_plugin	{ TYPE = FUNCTION };
+	sasl_checkapop			{ TYPE = FUNCTION };
+	sasl_checkpass			{ TYPE = FUNCTION };
+	sasl_client_add_plugin		{ TYPE = FUNCTION };
+	sasl_client_init		{ TYPE = FUNCTION };
+	sasl_client_new			{ TYPE = FUNCTION };
+	sasl_client_start		{ TYPE = FUNCTION };
+	sasl_client_step		{ TYPE = FUNCTION };
+	sasl_decode			{ TYPE = FUNCTION };
+	sasl_decode64			{ TYPE = FUNCTION };
+	sasl_dispose			{ TYPE = FUNCTION };
+	sasl_done			{ TYPE = FUNCTION };
+	sasl_encode			{ TYPE = FUNCTION };
+	sasl_encode64			{ TYPE = FUNCTION };
+	sasl_encodev			{ TYPE = FUNCTION };
+	sasl_erasebuffer		{ TYPE = FUNCTION };
+	sasl_errdetail			{ TYPE = FUNCTION };
+	sasl_errstring			{ TYPE = FUNCTION };
+	sasl_getprop			{ TYPE = FUNCTION };
+	sasl_global_listmech		{ TYPE = FUNCTION };
+	sasl_idle			{ TYPE = FUNCTION };
+	sasl_listmech			{ TYPE = FUNCTION };
+	sasl_server_add_plugin		{ TYPE = FUNCTION };
+	sasl_server_init		{ TYPE = FUNCTION };
+	sasl_server_new			{ TYPE = FUNCTION };
+	sasl_server_start		{ TYPE = FUNCTION };
+	sasl_server_step		{ TYPE = FUNCTION };
+	sasl_set_alloc			{ TYPE = FUNCTION };
+	sasl_set_mutex			{ TYPE = FUNCTION };
+	sasl_seterror			{ TYPE = FUNCTION };
+	sasl_setpass			{ TYPE = FUNCTION };
+	sasl_setprop			{ TYPE = FUNCTION };
+	sasl_user_exists		{ TYPE = FUNCTION };
+	sasl_utf8verify			{ TYPE = FUNCTION };
+	sasl_version			{ TYPE = FUNCTION };
+    local: *;
+};
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/patches/1-cyrus-sasl-CVE-4122.patch	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,110 @@
+This patch was re-made from a commit on cgit.cyrus.foundation at this
+URL:  
+https://cgit.cyrus.foundation/cyrus-sasl/commit/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d
+
+Probably not needed for Solaris but it's better to just have the fix.
+
+"Handle NULL returns from glibc 2.17+ crypt()
+Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL
+(w/ NULL return) if the salt violates specifications. Additionally,
+on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords
+passed to crypt() fail with EPERM (w/ NULL return).
+
+When using glibc's crypt(), check return value to avoid a possible NULL pointer dereference. Patch by [email protected]
+"
+
+diff -rupN old/pwcheck/pwcheck_getpwnam.c new/pwcheck/pwcheck_getpwnam.c
+--- old/pwcheck/pwcheck_getpwnam.c	2015-04-07 17:03:52.497417754 -0700
++++ new/pwcheck/pwcheck_getpwnam.c	2013-07-11 07:56:26.000000000 -0700
[email protected]@ -32,6 +32,7 @@ char *userid;
+ char *password;
+ {
+     char* r;
++    char* crpt_passwd;
+     struct passwd *pwd;
+ 
+     pwd = getpwnam(userid);
[email protected]@ -41,7 +42,7 @@ char *password;
+     else if (pwd->pw_passwd[0] == '*') {
+ 	r = "Account disabled";
+     }
+-    else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) {
++    else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) {
+ 	r = "Incorrect password";
+     }
+     else {
+diff -rupN old/pwcheck/pwcheck_getspnam.c new/pwcheck/pwcheck_getspnam.c
+--- old/pwcheck/pwcheck_getspnam.c	2015-04-07 17:03:52.508074499 -0700
++++ new/pwcheck/pwcheck_getspnam.c	2013-07-11 07:56:26.000000000 -0700
[email protected]@ -32,13 +32,15 @@ char *userid;
+ char *password;
+ {
+     struct spwd *pwd;
++    char *crpt_passwd;
+ 
+     pwd = getspnam(userid);
+     if (!pwd) {
+ 	return "Userid not found";
+     }
+     
+-    if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) {
++    crpt_passwd = crypt(password, pwd->sp_pwdp);
++    if (!crpt_passwd || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) {
+ 	return "Incorrect password";
+     }
+     else {
+diff -rupN old/saslauthd/auth_getpwent.c new/saslauthd/auth_getpwent.c
+--- old/saslauthd/auth_getpwent.c	2015-04-07 17:04:22.961304455 -0700
++++ new/saslauthd/auth_getpwent.c	2013-07-11 07:56:26.000000000 -0700
[email protected]@ -77,6 +77,7 @@ auth_getpwent (
+ {
+     /* VARIABLES */
+     struct passwd *pw;			/* pointer to passwd file entry */
++    char *crpt_passwd;			/* encrypted password */
+     int errnum;
+     /* END VARIABLES */
+   
[email protected]@ -105,7 +106,8 @@ auth_getpwent (
+ 	}
+     }
+ 
+-    if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) {
++    crpt_passwd = crypt(password, pw->pw_passwd);
++    if (!crpt_passwd || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) {
+ 	if (flags & VERBOSE) {
+ 	    syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login);
+ 	}
+diff -rupN old/saslauthd/auth_shadow.c new/saslauthd/auth_shadow.c
+--- old/saslauthd/auth_shadow.c	2015-04-07 17:04:22.968116900 -0700
++++ new/saslauthd/auth_shadow.c	2013-07-11 07:56:26.000000000 -0700
[email protected]@ -210,8 +210,8 @@ auth_shadow (
+ 	RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)");
+     }
+ 
+-    cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
+-    if (strcmp(sp->sp_pwdp, cpw)) {
++    cpw = crypt(password, sp->sp_pwdp);
++    if (!cpw || strcmp(sp->sp_pwdp, (const char *)cpw)) {
+ 	if (flags & VERBOSE) {
+ 	    /*
+ 	     * This _should_ reveal the SHADOW_PW_LOCKED prefix to an
[email protected]@ -221,10 +221,8 @@ auth_shadow (
+ 	    syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'",
+ 		   sp->sp_pwdp, cpw);
+ 	}
+-	free(cpw);
+ 	RETURN("NO Incorrect password");
+     }
+-    free(cpw);
+ 
+     /*
+      * The following fields will be set to -1 if:
[email protected]@ -286,7 +284,7 @@ auth_shadow (
+ 	RETURN("NO Invalid username");
+     }
+   
+-    if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) {
++    if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) {
+ 	if (flags & VERBOSE) {
+ 	    syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s",
+ 		   password, upw->upw_passwd);
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/patches/101-libtool-m4-overrides-no-verify.patch	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,29 @@
+Developed in-house at Oracle 
+libtool.m4 overrides configuration for --no-verify
+
+This will probably not be welcomed upstream, though we can try. 
+
+diff -rupN old/config/libtool.m4 new/config/libtool.m4
+--- old/config/libtool.m4	2015-01-16 16:29:56.329848513 -0800
++++ new/config/libtool.m4	2015-01-16 17:46:44.950680511 -0800
[email protected]@ -34,7 +34,7 @@ LD="$LD" LDFLAGS="$LDFLAGS" LIBS="$LIBS"
+ LN_S="$LN_S" NM="$NM" RANLIB="$RANLIB" \
+ DLLTOOL="$DLLTOOL" AS="$AS" OBJDUMP="$OBJDUMP" \
+ ${CONFIG_SHELL-/bin/sh} $ac_aux_dir/ltconfig --no-reexec \
+-$libtool_flags --no-verify $ac_aux_dir/ltmain.sh $lt_target \
++$libtool_flags  $ac_aux_dir/ltmain.sh $lt_target \
+ || AC_MSG_ERROR([libtool configure failed])
+ 
+ # Reload cache, that may have been modified by ltconfig
+diff -rupN old/saslauthd/config/libtool.m4 new/saslauthd/config/libtool.m4
+--- old/saslauthd/config/libtool.m4	2015-01-16 16:30:18.093408947 -0800
++++ new/saslauthd/config/libtool.m4	2015-01-16 17:47:29.492859873 -0800
[email protected]@ -34,7 +34,7 @@ LD="$LD" LDFLAGS="$LDFLAGS" LIBS="$LIBS"
+ LN_S="$LN_S" NM="$NM" RANLIB="$RANLIB" \
+ DLLTOOL="$DLLTOOL" AS="$AS" OBJDUMP="$OBJDUMP" \
+ ${CONFIG_SHELL-/bin/sh} $ac_aux_dir/ltconfig --no-reexec \
+-$libtool_flags --no-verify $ac_aux_dir/ltmain.sh $lt_target \
++$libtool_flags $ac_aux_dir/ltmain.sh $lt_target \
+ || AC_MSG_ERROR([libtool configure failed])
+ 
+ # Reload cache, that may have been modified by ltconfig
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/patches/102-sasldir-fix.patch	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,55 @@
+Developed in-house at Oracle 
+sasl install destination for plugins needs to be configurable
+Intended to go upstream
+
+diff -rupN old/configure.in new/configure.in
+--- old/configure.in	2015-01-16 16:06:51.953695234 -0800
++++ new/configure.in	2015-01-16 16:09:35.970052678 -0800
[email protected]@ -1019,6 +1019,12 @@ AC_ARG_WITH(configdir, [   --with-config
+ AC_DEFINE_UNQUOTED(CONFIGDIR, "$configdir", [Runtime config file location])
+ AC_SUBST(configdir)
+ 
++AC_ARG_WITH(sasldir, [  --with-sasldir=DIR    set the directory where plugins
++	     will be installed, possibly 32 vs 64 [[/usr/lib/sasl]] ],
++	     sasldir=$withval, sasldir=/usr/lib/sasl)
++AC_DEFINE_UNQUOTED(SASLDIR, "$sasldir", [Installtime plugin location])
++AC_SUBST(sasldir)
++
+ dnl look for rc4 libraries. we accept the CMU one or one from openSSL
+ AC_ARG_WITH(rc4, [  --with-rc4              use internal rc4 routines [[yes]] ],
+ 	with_rc4=$withval,
+diff -rupN old/Makefile.am new/Makefile.am
+--- old/Makefile.am	2015-01-16 16:11:08.980698791 -0800
++++ new/Makefile.am	2015-01-16 16:16:28.670281716 -0800
[email protected]@ -83,14 +83,15 @@ dist-hook:
+ 
+ framedir = /Library/Frameworks/SASL2.framework
+ install-exec-local: $(INSTALLOSX)
+-	@if test "$(plugindir)" != "$(prefix)/lib/sasl2"; then \
++	@if test "$(plugindir)" != "$(sasldir)"; then \
+ 	  echo "********************************************************"; \
+ 	  echo "* WARNING:"; \
+-	  echo "* Plugins are being installed into $(prefix)/lib/sasl2,"; \
++	  echo "* Plugins are being installed into $(sasldir),"; \
+ 	  echo "* but the library will look for them in $(plugindir)."; \
+-	  echo "* You need to make sure that the plugins will eventually"; \
++	  echo "* If this is not deliberate (for 32/64 bits), make " ; \
++	  echo "* sure that the plugins will eventually"; \
+ 	  echo "* be in $(plugindir) -- the easiest way is to make a"; \
+-	  echo "* symbolic link from $(plugindir) to $(prefix)/lib/sasl2,"; \
++	  echo "* symbolic link from $(plugindir) to $(sasldir),"; \
+ 	  echo "* but this may not be appropriate for your site, so this"; \
+ 	  echo "* installation procedure won't do it for you."; \
+ 	  echo "*"; \
+diff -rupN old/plugins/Makefile.am new/plugins/Makefile.am
+--- old/plugins/Makefile.am	2015-01-16 16:17:16.113465999 -0800
++++ new/plugins/Makefile.am	2015-01-16 16:18:02.347850991 -0800
[email protected]@ -63,7 +63,7 @@ plugindir = @[email protected]
+ 
+ common_sources = plugin_common.c plugin_common.h
+ 
+-sasldir = $(prefix)/lib/sasl2
++sasldir = @[email protected]
+ sasl_LTLIBRARIES = @[email protected]
+ EXTRA_LTLIBRARIES = libplain.la libanonymous.la libkerberos4.la libcrammd5.la \
+ 	libgs2.la libgssapiv2.la libdigestmd5.la liblogin.la libsrp.la libotp.la \
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/patches/103-remove-ifdef-sun-gethostname.patch	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,19 @@
+Developed in-house at Oracle 
+ifdef sun for gethostname in saslutil.c is obsolete
+Intended to go upstream
+
+diff -ru old/lib/saslutil.c new/lib/saslutil.c
+--- old/lib/saslutil.c	2012-10-12 07:05:48.000000000 -0700
++++ new/lib/saslutil.c	2014-09-15 17:16:31.437610001 -0700
[email protected]@ -80,11 +80,6 @@
+  * sasl_erasebuffer
+  */
+ 
+-#ifdef sun
+-/* gotta define gethostname ourselves on suns */
+-extern int gethostname(char *, int);
+-#endif
+-
+ char *encode_table;
+ char *decode_table;
+ 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/patches/104-gssapi-gssapi-h.patch	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,37 @@
+Developed in-house at Oracle 
+sasl adjustment for location of gssapi.h incorrectly implemented.
+Intended to go upstream
+
+diff -rupN old/cmulocal/sasl2.m4 new/cmulocal/sasl2.m4
+--- old/cmulocal/sasl2.m4	2015-01-16 15:18:02.047946282 -0800
++++ new/cmulocal/sasl2.m4	2015-01-16 15:31:22.716646757 -0800
[email protected]@ -73,10 +73,12 @@ if test "$gssapi" != no; then
+ 
+ fi
+ 
+-if test "$gssapi" != no; then
+-  if test "$ac_cv_header_gssapi_h" = "yes" -o "$ac_cv_header_gssapi_gssapi_h" = "yes"; then
+-    AC_DEFINE(HAVE_GSSAPI_H,,[Define if you have the gssapi.h header file])
+-  fi
++ if test "$gssapi" != no; then
++    if test "$ac_cv_header_gssapi_h" = "yes" ; then
++      AC_DEFINE(HAVE_GSSAPI_H,,[Define if you have the gssapi.h header file])
++    elif test "$ac_cv_header_gssapi_gssapi_h" = "yes"; then
++      AC_DEFINE(HAVE_GSSAPI_GSSAPI_H,,[Define for gssapi/gssapi.h header file])
++    fi
+ 
+   # We need to find out which gssapi implementation we are
+   # using. Supported alternatives are: MIT Kerberos 5,
+diff -rupN old/config.h.in new/config.h.in
+--- old/config.h.in	2015-01-16 15:14:54.941649896 -0800
++++ new/config.h.in	2015-01-16 15:16:16.884212684 -0800
[email protected]@ -122,6 +122,9 @@
+ /* Define if you have the gssapi.h header file */
+ #undef HAVE_GSSAPI_H
+ 
++/* Define if you have the gssapi/gssapi.h header file */
++#undef HAVE_GSSAPI_GSSAPI_H
++
+ /* Define to 1 if you have the `gsskrb5_register_acceptor_identity' function.
+    */
+ #undef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/patches/105-do_request-fix.patch	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,16 @@
+Developed in-house at Oracle 
+incorrect function definition for do_request in ipc_doors.c
+Intended to go upstream
+
+diff -rupN old/saslauthd/ipc_doors.c new/saslauthd/ipc_doors.c
+--- old/saslauthd/ipc_doors.c	2015-02-09 15:20:57.830073308 -0800
++++ new/saslauthd/ipc_doors.c	2015-02-09 15:23:22.530689631 -0800
[email protected]@ -209,7 +209,7 @@ void ipc_cleanup() {
+  * do_auth() back in saslauthd-main.c, then send the 
+  * result back through the door.
+  **************************************************************/
+-void do_request(void *cookie, char *data, size_t datasize, door_desc_t *dp, size_t ndesc) {
++void do_request(void *cookie, char *data, size_t datasize, door_desc_t *dp, uint_t ndesc) {
+ 	unsigned short		count = 0;                 /* input/output data byte count           */
+ 	char			*response = NULL;          /* response to send to the client         */
+ 	char			response_buff[1024];       /* temporary response buffer              */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/cyrus-sasl/patches/106-remove-WIN-module.patch	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,214 @@
+Remove code with IBM license per Legal.
+Not for upstream
+
+diff -rupN old/lib/saslutil.c new/lib/saslutil.c
+--- old/lib/saslutil.c	2015-02-25 20:27:58.438601475 -0800
++++ new/lib/saslutil.c	2015-03-12 11:36:32.932286680 -0700
[email protected]@ -601,207 +601,3 @@ LOWERCASE:
+     sasl_strlower (name);
+     return (0);
+ }
+-
+-#ifdef WIN32
+-/***************************************************************************** 
+- * 
+- *  MODULE NAME : GETOPT.C 
+- * 
+- *  COPYRIGHTS: 
+- *             This module contains code made available by IBM 
+- *             Corporation on an AS IS basis.  Any one receiving the 
+- *             module is considered to be licensed under IBM copyrights 
+- *             to use the IBM-provided source code in any way he or she 
+- *             deems fit, including copying it, compiling it, modifying 
+- *             it, and redistributing it, with or without 
+- *             modifications.  No license under any IBM patents or 
+- *             patent applications is to be implied from this copyright 
+- *             license. 
+- * 
+- *             A user of the module should understand that IBM cannot 
+- *             provide technical support for the module and will not be 
+- *             responsible for any consequences of use of the program. 
+- * 
+- *             Any notices, including this one, are not to be removed 
+- *             from the module without the prior written consent of 
+- *             IBM. 
+- * 
+- *  AUTHOR:   Original author: 
+- *                 G. R. Blair (BOBBLAIR at AUSVM1) 
+- *                 Internet: [email protected] 
+- * 
+- *            Extensively revised by: 
+- *                 John Q. Walker II, Ph.D. (JOHHQ at RALVM6) 
+- *                 Internet: [email protected] 
+- * 
+- *****************************************************************************/ 
+- 
+-/****************************************************************************** 
+- * getopt() 
+- * 
+- * The getopt() function is a command line parser.  It returns the next 
+- * option character in argv that matches an option character in opstring. 
+- * 
+- * The argv argument points to an array of argc+1 elements containing argc 
+- * pointers to character strings followed by a null pointer. 
+- * 
+- * The opstring argument points to a string of option characters; if an 
+- * option character is followed by a colon, the option is expected to have 
+- * an argument that may or may not be separated from it by white space. 
+- * The external variable optarg is set to point to the start of the option 
+- * argument on return from getopt(). 
+- * 
+- * The getopt() function places in optind the argv index of the next argument 
+- * to be processed.  The system initializes the external variable optind to 
+- * 1 before the first call to getopt(). 
+- * 
+- * When all options have been processed (that is, up to the first nonoption 
+- * argument), getopt() returns EOF.  The special option "--" may be used to 
+- * delimit the end of the options; EOF will be returned, and "--" will be 
+- * skipped. 
+- * 
+- * The getopt() function returns a question mark (?) when it encounters an 
+- * option character not included in opstring.  This error message can be 
+- * disabled by setting opterr to zero.  Otherwise, it returns the option 
+- * character that was detected. 
+- * 
+- * If the special option "--" is detected, or all options have been 
+- * processed, EOF is returned. 
+- * 
+- * Options are marked by either a minus sign (-) or a slash (/). 
+- * 
+- * No errors are defined. 
+- *****************************************************************************/ 
+- 
+-#include <string.h>                 /* for strchr() */ 
+- 
+-/* static (global) variables that are specified as exported by getopt() */ 
+-__declspec(dllexport) char *optarg = NULL;    /* pointer to the start of the option argument  */ 
+-__declspec(dllexport) int   optind = 1;       /* number of the next argv[] to be evaluated    */ 
+-__declspec(dllexport) int   opterr = 1;       /* non-zero if a question mark should be returned */
+-
+- 
+-/* handle possible future character set concerns by putting this in a macro */ 
+-#define _next_char(string)  (char)(*(string+1)) 
+- 
+-int getopt(int argc, char *argv[], char *opstring) 
+-{ 
+-    static char *pIndexPosition = NULL; /* place inside current argv string */ 
+-    char *pArgString = NULL;        /* where to start from next */ 
+-    char *pOptString;               /* the string in our program */ 
+- 
+- 
+-    if (pIndexPosition != NULL) { 
+-        /* we last left off inside an argv string */ 
+-        if (*(++pIndexPosition)) { 
+-            /* there is more to come in the most recent argv */ 
+-            pArgString = pIndexPosition; 
+-        } 
+-    } 
+- 
+-    if (pArgString == NULL) { 
+-        /* we didn't leave off in the middle of an argv string */ 
+-        if (optind >= argc) { 
+-            /* more command-line arguments than the argument count */ 
+-            pIndexPosition = NULL;  /* not in the middle of anything */ 
+-            return EOF;             /* used up all command-line arguments */ 
+-        } 
+- 
+-        /*--------------------------------------------------------------------- 
+-         * If the next argv[] is not an option, there can be no more options. 
+-         *-------------------------------------------------------------------*/ 
+-        pArgString = argv[optind++]; /* set this to the next argument ptr */ 
+- 
+-        if (('/' != *pArgString) && /* doesn't start with a slash or a dash? */ 
+-            ('-' != *pArgString)) { 
+-            --optind;               /* point to current arg once we're done */ 
+-            optarg = NULL;          /* no argument follows the option */ 
+-            pIndexPosition = NULL;  /* not in the middle of anything */ 
+-            return EOF;             /* used up all the command-line flags */ 
+-        } 
+- 
+-        /* check for special end-of-flags markers */ 
+-        if ((strcmp(pArgString, "-") == 0) || 
+-            (strcmp(pArgString, "--") == 0)) { 
+-            optarg = NULL;          /* no argument follows the option */ 
+-            pIndexPosition = NULL;  /* not in the middle of anything */ 
+-            return EOF;             /* encountered the special flag */ 
+-        } 
+- 
+-        pArgString++;               /* look past the / or - */ 
+-    } 
+- 
+-    if (':' == *pArgString) {       /* is it a colon? */ 
+-        /*--------------------------------------------------------------------- 
+-         * Rare case: if opterr is non-zero, return a question mark; 
+-         * otherwise, just return the colon we're on. 
+-         *-------------------------------------------------------------------*/ 
+-        return (opterr ? (int)'?' : (int)':'); 
+-    } 
+-    else if ((pOptString = strchr(opstring, *pArgString)) == 0) { 
+-        /*--------------------------------------------------------------------- 
+-         * The letter on the command-line wasn't any good. 
+-         *-------------------------------------------------------------------*/ 
+-        optarg = NULL;              /* no argument follows the option */ 
+-        pIndexPosition = NULL;      /* not in the middle of anything */ 
+-        return (opterr ? (int)'?' : (int)*pArgString); 
+-    } 
+-    else { 
+-        /*--------------------------------------------------------------------- 
+-         * The letter on the command-line matches one we expect to see 
+-         *-------------------------------------------------------------------*/ 
+-        if (':' == _next_char(pOptString)) { /* is the next letter a colon? */ 
+-            /* It is a colon.  Look for an argument string. */ 
+-            if ('\0' != _next_char(pArgString)) {  /* argument in this argv? */ 
+-                optarg = &pArgString[1];   /* Yes, it is */ 
+-            } 
+-            else { 
+-                /*------------------------------------------------------------- 
+-                 * The argument string must be in the next argv. 
+-                 * But, what if there is none (bad input from the user)? 
+-                 * In that case, return the letter, and optarg as NULL. 
+-                 *-----------------------------------------------------------*/ 
+-                if (optind < argc) 
+-                    optarg = argv[optind++]; 
+-                else { 
+-                    optarg = NULL; 
+-                    return (opterr ? (int)'?' : (int)*pArgString); 
+-                } 
+-            } 
+-            pIndexPosition = NULL;  /* not in the middle of anything */ 
+-        } 
+-        else { 
+-            /* it's not a colon, so just return the letter */ 
+-            optarg = NULL;          /* no argument follows the option */ 
+-            pIndexPosition = pArgString;    /* point to the letter we're on */ 
+-        } 
+-        return (int)*pArgString;    /* return the letter that matched */ 
+-    } 
+-} 
+-
+-#ifndef PASSWORD_MAX
+-#  define PASSWORD_MAX 255
+-#endif
+-
+-#include <conio.h>
+-char *
+-getpass(prompt)
+-const char *prompt;
+-{
+-	register char *p;
+-	register int c;
+-	static char pbuf[PASSWORD_MAX];
+-
+-	fprintf(stderr, "%s", prompt); (void) fflush(stderr);
+-	for (p=pbuf; (c = _getch())!=13 && c!=EOF;) {
+-		if (p < &pbuf[sizeof(pbuf)-1])
+-			*p++ = (char) c;
+-	}
+-	*p = '\0';
+-	fprintf(stderr, "\n"); (void) fflush(stderr);
+-	return(pbuf);
+-}
+-
+-
+-
+-#endif /* WIN32 */
--- a/components/openldap/Makefile	Tue Nov 03 13:40:13 2015 -0800
+++ b/components/openldap/Makefile	Tue Nov 03 14:27:41 2015 -0800
@@ -98,6 +98,31 @@
 # Enable ASLR for this component
 ASLR_MODE = $(ASLR_ENABLE)
 
+#
+# OpenLDAP must be built with cyrus-sasl out of the gate instead of the
+# installed copy.
+#
+CYRUS_SASL_ROOT = $(WS_COMPONENTS)/cyrus-sasl/build/prototype/$(MACH)
+LDFLAGS.32 +="-L$(CYRUS_SASL_ROOT)/usr/lib"
+LDFLAGS.64 +="-L$(CYRUS_SASL_ROOT)/usr/lib/$(MACH64)"
+LDFLAGS +=$(LDFLAGS.$(BITS))
+CPPFLAGS +="-I$(CYRUS_SASL_ROOT)/usr/include"
+CONFIGURE_ENV += CPPFLAGS="$(CPPFLAGS)"
+CONFIGURE_ENV += LDFLAGS="$(LDFLAGS)"
+# make sure that we don't add the cyrus-sasl proto area to the RUNPATH
+LD_UNSET.32="-R$(CYRUS_SASL_ROOT)/usr/lib"
+LD_UNSET.64="-R$(CYRUS_SASL_ROOT)/usr/lib/$(MACH64)"
+LD_UNSET += $(LD_UNSET.$(BITS))
+COMPONENT_BUILD_ENV += LD_UNSET="$(LD_UNSET)"
+COMPONENT_INSTALL_ENV += LD_UNSET="$(LD_UNSET)"
+
+# special targets due to dependency on cyrus-sasl
+../cyrus-sasl/build/%/.installed:
+	(cd ../cyrus-sasl && $(GMAKE) install)
+
+$(CONFIGURE_32):       ../cyrus-sasl/build/$(MACH32)/.installed
+$(CONFIGURE_64):       ../cyrus-sasl/build/$(MACH64)/.installed
+
 # common targets
 configure:	$(CONFIGURE_32_and_64)
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openldap/depend.mk	Tue Nov 03 14:27:41 2015 -0800
@@ -0,0 +1,1 @@
+openldap:      libsasl
--- a/components/openldap/openldap.p5m	Tue Nov 03 13:40:13 2015 -0800
+++ b/components/openldap/openldap.p5m	Tue Nov 03 14:27:41 2015 -0800
@@ -82,15 +82,26 @@
     path=lib/svc/manifest/network/ldap/ldap-olslapd.xml
 file Solaris/ldap-olslapd path=lib/svc/method/ldap-olslapd
 link path=usr/bin/openldapadd target=openldapmodify
-file usr/bin/$(MACH64)/ldapcompare path=usr/bin/openldapcompare
-file usr/bin/$(MACH64)/ldapdelete path=usr/bin/openldapdelete
-file usr/bin/$(MACH64)/ldapexop path=usr/bin/openldapexop
-file usr/bin/$(MACH64)/ldapmodify path=usr/bin/openldapmodify
-file usr/bin/$(MACH64)/ldapmodrdn path=usr/bin/openldapmodrdn
-file usr/bin/$(MACH64)/ldappasswd path=usr/bin/openldappasswd
-file usr/bin/$(MACH64)/ldapsearch path=usr/bin/openldapsearch
+# The bypasses (and manual dependency on libsasl at the end of the file)
+# are required for building with the cyrus-sasl proto area because of
+# libsasl version depency checks in openldap code.
+file usr/bin/$(MACH64)/ldapcompare path=usr/bin/openldapcompare \
+    pkg.depend.bypass-generate=libsasl2.so.3
+file usr/bin/$(MACH64)/ldapdelete path=usr/bin/openldapdelete \
+    pkg.depend.bypass-generate=libsasl2.so.3
+file usr/bin/$(MACH64)/ldapexop path=usr/bin/openldapexop \
+    pkg.depend.bypass-generate=libsasl2.so.3
+file usr/bin/$(MACH64)/ldapmodify path=usr/bin/openldapmodify \
+    pkg.depend.bypass-generate=libsasl2.so.3
+file usr/bin/$(MACH64)/ldapmodrdn path=usr/bin/openldapmodrdn \
+    pkg.depend.bypass-generate=libsasl2.so.3
+file usr/bin/$(MACH64)/ldappasswd path=usr/bin/openldappasswd \
+    pkg.depend.bypass-generate=libsasl2.so.3
+file usr/bin/$(MACH64)/ldapsearch path=usr/bin/openldapsearch \
+    pkg.depend.bypass-generate=libsasl2.so.3
 file usr/bin/$(MACH64)/ldapurl path=usr/bin/openldapurl
-file usr/bin/$(MACH64)/ldapwhoami path=usr/bin/openldapwhoami
+file usr/bin/$(MACH64)/ldapwhoami path=usr/bin/openldapwhoami \
+    pkg.depend.bypass-generate=libsasl2.so.3
 file path=usr/include/openldap/lber.h
 file path=usr/include/openldap/lber_types.h
 file path=usr/include/openldap/ldap.h
@@ -106,10 +117,12 @@
 link path=usr/lib/$(MACH64)/liblber.so target=liblber-2.4.so.2.8.3
 link path=usr/lib/$(MACH64)/libldap-2.4.so target=libldap-2.4.so.2.8.3
 link path=usr/lib/$(MACH64)/libldap-2.4.so.2 target=libldap-2.4.so.2.8.3
-file path=usr/lib/$(MACH64)/libldap-2.4.so.2.8.3
+file path=usr/lib/$(MACH64)/libldap-2.4.so.2.8.3 \
+    pkg.depend.bypass-generate=libsasl2.so.3
 link path=usr/lib/$(MACH64)/libldap_r-2.4.so target=libldap_r-2.4.so.2.8.3
 link path=usr/lib/$(MACH64)/libldap_r-2.4.so.2 target=libldap_r-2.4.so.2.8.3
-file path=usr/lib/$(MACH64)/libldap_r-2.4.so.2.8.3
+file path=usr/lib/$(MACH64)/libldap_r-2.4.so.2.8.3 \
+    pkg.depend.bypass-generate=libsasl2.so.3
 link path=usr/lib/$(MACH64)/libldap_r.so target=libldap_r-2.4.so.2.8.3
 link path=usr/lib/liblber-2.4.so target=liblber-2.4.so.2.8.3
 link path=usr/lib/liblber-2.4.so.2 target=liblber-2.4.so.2.8.3
@@ -117,10 +130,11 @@
 link path=usr/lib/liblber.so target=liblber-2.4.so.2.8.3
 link path=usr/lib/libldap-2.4.so target=libldap-2.4.so.2.8.3
 link path=usr/lib/libldap-2.4.so.2 target=libldap-2.4.so.2.8.3
-file path=usr/lib/libldap-2.4.so.2.8.3
+file path=usr/lib/libldap-2.4.so.2.8.3 pkg.depend.bypass-generate=libsasl2.so.3
 link path=usr/lib/libldap_r-2.4.so target=libldap_r-2.4.so.2.8.3
 link path=usr/lib/libldap_r-2.4.so.2 target=libldap_r-2.4.so.2.8.3
-file path=usr/lib/libldap_r-2.4.so.2.8.3
+file path=usr/lib/libldap_r-2.4.so.2.8.3 \
+    pkg.depend.bypass-generate=libsasl2.so.3
 link path=usr/lib/libldap_r.so target=libldap_r-2.4.so.2.8.3
 link path=usr/lib/openldap/bin/ldapadd target=../../../bin/openldapmodify
 link path=usr/lib/openldap/bin/ldapcompare target=../../../bin/openldapcompare
@@ -132,7 +146,8 @@
 link path=usr/lib/openldap/bin/ldapsearch target=../../../bin/openldapsearch
 link path=usr/lib/openldap/bin/ldapurl target=../../../bin/openldapurl
 link path=usr/lib/openldap/bin/ldapwhoami target=../../../bin/openldapwhoami
-file usr/lib/$(MACH64)/slapd path=usr/lib/slapd mode=0555
+file usr/lib/$(MACH64)/slapd path=usr/lib/slapd mode=0555 \
+    pkg.depend.bypass-generate=libsasl2.so.3
 link path=usr/sbin/slapacl target=../lib/slapd
 link path=usr/sbin/slapadd target=../lib/slapd
 link path=usr/sbin/slapauth target=../lib/slapd
@@ -497,3 +512,11 @@
 user username=openldap ftpuser=false gcos-field="OpenLDAP User" group=openldap \
     uid=75
 license openldap.license license="openldap license"
+# This dependency is because we are building against cyrus-sasl from its proto
+# area and bypassing the auto-generated dependency.  When libsasl is updated,
+# this version number really should be adjusted, but the userland-incorporation
+# will force the cyrus-sasl packaging and openldap packaging to be from the same
+# build and not just this version or later.
+# The strange version number is caused by historical versioning in ON and will
+# go away when the libsasl package name is changed to libsasl2
+depend type=require fmri=pkg:/system/library/security/[email protected]
--- a/components/subversion/Makefile	Tue Nov 03 13:40:13 2015 -0800
+++ b/components/subversion/Makefile	Tue Nov 03 14:27:41 2015 -0800
@@ -202,3 +202,4 @@
 REQUIRED_PACKAGES += system/library
 REQUIRED_PACKAGES += system/library/c++-runtime
 REQUIRED_PACKAGES += system/library/security/gss
+REQUIRED_PACKAGES += system/library/security/libsasl