michael@724: ## michael@724: ## sasl.spec -- OpenPKG RPM Package Specification michael@724: ## Copyright (c) 2000-2010 OpenPKG Foundation e.V. michael@724: ## michael@724: ## Permission to use, copy, modify, and distribute this software for michael@724: ## any purpose with or without fee is hereby granted, provided that michael@724: ## the above copyright notice and this permission notice appear in all michael@724: ## copies. michael@724: ## michael@724: ## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED michael@724: ## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF michael@724: ## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. michael@724: ## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR michael@724: ## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, michael@724: ## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT michael@724: ## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF michael@724: ## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND michael@724: ## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, michael@724: ## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT michael@724: ## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF michael@724: ## SUCH DAMAGE. michael@724: ## michael@724: michael@724: # package information michael@724: Name: sasl michael@724: Summary: Simple Authentication and Security Layer (SASL) michael@724: URL: http://www.cyrusimap.org/ michael@724: Vendor: Cyrus Project, CMU michael@724: Packager: OpenPKG Foundation e.V. michael@724: Distribution: OpenPKG Community michael@724: Class: BASE michael@724: Group: Cryptography michael@724: License: BSD michael@727: Version: 2.1.25 michael@725: Release: 20120800 michael@724: michael@724: # package options michael@724: %option with_fsl yes michael@724: %option with_sasldb yes michael@724: %option with_pam no michael@724: %option with_login no michael@724: %option with_ldap no michael@724: %option with_mysql no michael@724: %option with_pgsql no michael@724: %option with_sqlite no michael@724: %option with_ntlm no michael@724: %option with_otp no michael@724: %option with_srp no michael@724: %option with_kerberos no michael@724: michael@724: # list of sources michael@724: Source0: ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-%{version}.tar.gz michael@724: Source1: rc.sasl michael@724: Source2: fsl.sasl michael@724: Source3: saslauthd.conf michael@724: Source4: sasl.pc michael@724: Patch0: sasl.patch michael@724: michael@724: # build information michael@724: BuildPreReq: OpenPKG, openpkg >= 20100101, gcc, make, groff michael@724: PreReq: OpenPKG, openpkg >= 20100101 michael@724: BuildPreReq: db >= 4.1.24, openssl michael@724: PreReq: db >= 4.1.24, openssl michael@724: %if "%{with_fsl}" == "yes" michael@724: BuildPreReq: fsl michael@724: PreReq: fsl michael@724: %endif michael@724: %if "%{with_pam}" == "yes" michael@724: BuildPreReq: PAM michael@724: PreReq: PAM michael@724: %endif michael@724: %if "%{with_ldap}" == "yes" michael@724: BuildPreReq: openldap michael@724: PreReq: openldap michael@724: %endif michael@724: %if "%{with_mysql}" == "yes" michael@724: BuildPreReq: mysql michael@724: PreReq: mysql michael@724: %endif michael@724: %if "%{with_pgsql}" == "yes" michael@724: BuildPreReq: postgresql michael@724: PreReq: postgresql michael@724: %endif michael@724: %if "%{with_sqlite}" == "yes" michael@724: BuildPreReq: sqlite michael@724: PreReq: sqlite michael@724: %endif michael@724: %if "%{with_otp}" == "yes" michael@724: BuildPreReq: opie michael@724: PreReq: opie michael@724: %endif michael@724: %if "%{with_kerberos}" == "yes" michael@724: BuildPreReq: KERBEROS michael@724: PreReq: KERBEROS michael@724: %endif michael@724: michael@724: %description michael@724: SASL is the Simple Authentication and Security Layer, a method michael@724: for adding authentication support to connection-based protocols. michael@724: To use SASL, a protocol includes a command for identifying and michael@724: authenticating a user to a server and for optionally negotiating michael@724: protection of subsequent protocol interactions. If its use is michael@724: negotiated, a security layer is inserted between the protocol and michael@724: the connection. michael@724: michael@724: %track michael@724: prog sasl = { michael@724: version = %{version} michael@724: url = ftp://ftp.cyrusimap.org/cyrus-sasl/ michael@724: regex = cyrus-sasl-(\d+\.\d+\.\d+)\.tar\.gz michael@724: } michael@724: michael@724: %prep michael@724: %setup -q -n cyrus-sasl-%{version} michael@725: %{l_shtool} subst \ michael@725: -e 's;u_int\([0-9]*\)_t;uint\1_t;g' \ michael@725: sasldb/db_berkeley.c michael@727: %{l_shtool} subst \ michael@727: -e 's;extern int gethostname(char \*,\) int;\1 size_t;' \ michael@727: lib/saslutil.c michael@724: %patch -p0 michael@724: michael@724: %build michael@724: # ensure the OpenPKG Berkeley-DB is picked up only michael@724: %{l_shtool} subst \ michael@724: -e 's;for dbname in db-.*db$;for dbname in db;' \ michael@724: saslauthd/configure configure michael@724: michael@724: # disable some unwanted configure checks michael@724: %{l_shtool} subst \ michael@724: -e 's;\(SASL_DB_UTILS="saslpasswd2 sasldblistusers2\);\1 dbconverter-2;' \ michael@724: -e "s;javac;javac-xxx;g" \ michael@724: -e "s;javah;javah-xxx;g" \ michael@724: -e "s;javadoc;javadoc-xxx;g" \ michael@724: configure michael@724: michael@724: # fix OpenLDAP support michael@724: %if "%{with_ldap}" == "yes" michael@724: echo 'ac_cv_lib_ldap_ldap_initialize=yes' >config.cache michael@724: %{l_shtool} subst \ michael@724: -e "s;\(\$LDAP_LIBS\) *\(-lcrypto\);\1 -lssl -lcrypto \2;" \ michael@724: saslauthd/configure michael@724: %endif michael@724: michael@724: # fix GSS/Kerberos support michael@724: %if "%{with_kerberos}" == "yes" michael@724: %{l_shtool} subst \ michael@724: -e 's;\(-lk5crypto\);\1 -lkrb5support;' \ michael@724: configure michael@724: %endif michael@724: michael@724: # enforce disabled Kerberos 5 support in saslauthd michael@724: echo 'ac_cv_header_krb5_h=no' >config.cache michael@724: michael@724: # configure path to sasl-server config files michael@724: %{l_shtool} subst \ michael@724: -e 's;@l_sysconfdir@;%{l_prefix}/etc/sasl/sasl.d;g' \ michael@724: lib/server.c michael@724: michael@724: # determine build flags michael@724: cflags="%{l_cflags -O} %{l_cppflags}" michael@724: ldflags="%{l_ldflags} %{l_fsl_ldflags}" michael@724: libs="-ldb %{l_fsl_libs}" michael@724: %if "%{with_ldap}" == "yes" michael@724: cflags="$cflags -DAUTH_LDAP" michael@724: %endif michael@724: %if "%{with_mysql}" == "yes" michael@724: libs="$libs -lz -lm" michael@724: %endif michael@724: %if "%{with_pgsql}" == "yes" michael@724: cflags="$cflags -I%{l_cppflags postgresql}" michael@724: libs="$libs -lssl -lcrypto -lcrypt" michael@724: %endif michael@724: %if "%{with_kerberos}" == "yes" michael@724: cflags="$cflags `krb5-config --cflags gssapi`" michael@724: libs="$libs `krb5-config --libs gssapi`" michael@724: %endif michael@724: case "%{l_platform -t}" in michael@724: *-sunos* ) libs="$libs -lrt" ;; michael@724: esac michael@724: michael@724: # configure package michael@724: CC="%{l_cc}" \ michael@724: CFLAGS="$cflags" \ michael@724: CPPFLAGS="%{l_cppflags}" \ michael@724: LDFLAGS="$ldflags" \ michael@724: LIBS="$libs" \ michael@724: ./configure \ michael@724: --cache-file=./config.cache \ michael@724: --prefix=%{l_prefix} \ michael@724: --sysconfdir=%{l_prefix}/etc/sasl \ michael@724: --with-configdir=%{l_prefix}/etc/sasl/sasl.d \ michael@724: --with-plugindir=%{l_prefix}/lib/sasl \ michael@724: --with-saslauthd=%{l_prefix}/var/sasl/run/saslauthd \ michael@724: --enable-digest \ michael@724: --enable-cram \ michael@724: --enable-anon \ michael@724: %if "%{with_sasldb}" == "yes" michael@724: --enable-auth-sasldb \ michael@724: --with-dbpath=%{l_prefix}/var/sasl/run/sasl.db \ michael@724: --with-dblib=berkeley \ michael@724: --with-bdb-incdir=%{l_prefix}/include \ michael@724: --with-bdb-libdir=%{l_prefix}/lib \ michael@724: %else michael@724: --with-dblib=none \ michael@724: %endif michael@724: --with-openssl=%{l_prefix} \ michael@724: %if "%{with_pam}" == "yes" michael@724: --with-pam \ michael@724: %else michael@724: --without-pam \ michael@724: %endif michael@724: %if "%{with_login}" == "yes" michael@724: --enable-login \ michael@724: %else michael@724: --disable-login \ michael@724: %endif michael@724: %if "%{with_ldap}" == "yes" michael@724: --with-ldap=%{l_prefix} \ michael@724: %else michael@724: --without-ldap \ michael@724: %endif michael@724: %if "%{with_otp}" == "yes" michael@724: --enable-otp \ michael@724: --with-opie=%{l_prefix} \ michael@724: %else michael@724: --disable-otp \ michael@724: --without-opie \ michael@724: %endif michael@724: %if "%{with_srp}" == "yes" michael@724: --enable-srp \ michael@724: %else michael@724: --disable-srp \ michael@724: %endif michael@724: %if "%{with_kerberos}" == "yes" michael@724: --enable-gssapi \ michael@724: --with-gss_impl=`if [ -d %{l_prefix}/include/heimdal ]; then echo "heimdal"; else echo "mit"; fi` \ michael@724: %else michael@724: --disable-gssapi \ michael@724: --without-gss_impl \ michael@724: %endif michael@724: %if "%{with_mysql}" == "yes" || "%{with_pgsql}" == "yes" || "%{with_sqlite}" == "yes" michael@724: --enable-sql \ michael@724: %if "%{with_mysql}" == "yes" michael@724: --with-mysql=%{l_prefix} \ michael@724: %else michael@724: --without-mysql \ michael@724: %endif michael@724: %if "%{with_pgsql}" == "yes" michael@724: --with-pgsql=%{l_prefix} \ michael@724: %else michael@724: --without-pgsql \ michael@724: %endif michael@724: %if "%{with_sqlite}" == "yes" michael@724: --with-sqlite=%{l_prefix} \ michael@724: %else michael@724: --without-sqlite \ michael@724: %endif michael@724: %endif michael@724: %if "%{with_ntlm}" == "yes" michael@724: --enable-ntlm \ michael@724: %else michael@724: --disable-ntlm \ michael@724: %endif michael@724: --enable-shared \ michael@724: --enable-static \ michael@724: --enable-staticdlopen \ michael@724: --enable-sample \ michael@724: --disable-java \ michael@724: --disable-krb4 \ michael@724: --without-des michael@724: michael@724: # post adjustment: trust me, libtool, I know what I am doing michael@724: %{l_shtool} subst \ michael@724: -e 's;^\(deplibs_check_method=\).*;\1"pass_all";' \ michael@724: -e 's/\(eval libobjs=.*$whole_archive_flag_spec.*\)$/case $archive_cmds in \\$LD* ) wl= ;; esac; \1/' \ michael@724: libtool michael@724: michael@724: # post adjustment: do not reference static plugins michael@724: %{l_shtool} subst \ michael@724: -e '58s;.*;#define PIC;' \ michael@724: lib/dlopen.c michael@724: michael@724: # post adjustment: do not pull static plugins into static library michael@724: %{l_shtool} subst \ michael@724: -e 's;-ln -s $(SASL_STATIC_SRCS) .;-ln ../sasldb/*.o ../plugins/*.o $(SASL_STATIC_SRCS) .;' \ michael@724: lib/Makefile michael@724: michael@724: # post adjustment: build utils against static library michael@724: %{l_shtool} subst \ michael@724: -e 's;\(\$(CCLD)\);\1 -static;' \ michael@724: -e 's;\(noinst.*=\) *dbconverter.*;\1;' \ michael@724: utils/Makefile \ michael@724: sample/Makefile michael@724: michael@724: # post adjustment: fix OpenLDAP support michael@724: %if "%{with_ldap}" == "yes" michael@724: %{l_shtool} subst \ michael@724: -e "s;^\(saslauthd_LDADD[ ]*=[ ]*[^\\]*\);\1 -lcrypt -lldap -llber -lssl -lcrypto ;" \ michael@724: saslauthd/Makefile michael@724: %endif michael@724: michael@724: # build package michael@725: %{l_make} %{l_mflags -O} michael@724: ( cd saslauthd michael@725: %{l_make} %{l_mflags -O} testsaslauthd michael@724: ) || exit $? michael@724: ( cd sample michael@725: %{l_make} %{l_mflags -O} sample-client sample-server michael@724: ) || exit $? michael@724: michael@724: %install michael@724: # install package michael@725: %{l_make} %{l_mflags} install DESTDIR="$RPM_BUILD_ROOT" michael@724: michael@724: # remove libtool cruft michael@724: rm -f \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/lib/*.la \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/lib/*.s[ol] \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/lib/*.s[ol].* \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2/*.a michael@724: michael@724: # post-adjust installation michael@724: mv $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2 \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/lib/sasl michael@724: mv $RPM_BUILD_ROOT%{l_prefix}/sbin/testsaslauthd \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/sbin/saslauthd-test michael@724: mv $RPM_BUILD_ROOT%{l_prefix}/sbin/pluginviewer \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-pluginviewer michael@724: mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/pluginviewer.8 \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasl-pluginviewer.8 michael@724: mv $RPM_BUILD_ROOT%{l_prefix}/sbin/saslpasswd2 \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/sbin/saslpasswd michael@724: mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/saslpasswd2.8 \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/man/man8/saslpasswd.8 michael@724: mv $RPM_BUILD_ROOT%{l_prefix}/sbin/sasldblistusers2 \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/sbin/sasldblistusers michael@724: mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasldblistusers2.8 \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasldblistusers.8 michael@724: rm -f $RPM_BUILD_ROOT%{l_prefix}/sbin/dbconverter-2 michael@724: strip $RPM_BUILD_ROOT%{l_prefix}/sbin/* >/dev/null 2>&1 || true michael@724: michael@724: # install sample client/server programs michael@724: %{l_shtool} install -c -m 755 \ michael@724: sample/sample-client \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-sample-client michael@724: %{l_shtool} install -c -m 755 \ michael@724: sample/sample-server \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-sample-server michael@724: michael@724: # install saslauthd default configuration michael@724: %{l_shtool} mkdir -f -p -m 755 \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/etc/sasl michael@724: %{l_shtool} install -c -m 755 \ michael@724: %{SOURCE saslauthd.conf} \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/etc/sasl/ michael@724: michael@724: # create necessary additional directories michael@724: %{l_shtool} mkdir -f -p -m 755 \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/var/sasl/log \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/var/sasl/run/saslauthd \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/etc/sasl/sasl.d michael@724: michael@724: # install run-command script michael@724: %if "%{with_pam}" == "yes" michael@724: l_authmech="pam" michael@724: %else michael@724: case "%{l_platform -t}" in michael@724: *-linux* | *-sunos* ) l_authmech="shadow" ;; michael@724: * ) l_authmech="getpwent" ;; michael@724: esac michael@724: %endif michael@724: %{l_shtool} mkdir -f -p -m 755 \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d michael@724: %{l_shtool} install -c -m 755 \ michael@724: -e "s;@l_authmech@;${l_authmech};g" %{l_value -s -a} \ michael@724: %{SOURCE rc.sasl} \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/ michael@724: michael@724: # install OSSP fsl configuration michael@724: %{l_shtool} mkdir -f -p -m 755 \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/etc/fsl michael@724: %{l_shtool} install -c -m 644 %{l_value -s -a} \ michael@724: %{SOURCE fsl.sasl} \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/ michael@724: michael@724: # install pkg-config configuration michael@724: libs="-lsasl2" michael@724: case "%{l_platform -t}" in michael@724: *-linux* ) libs="$libs -ldl" ;; michael@724: esac michael@724: %{l_shtool} mkdir -f -p -m 755 \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/lib/pkgconfig michael@724: %{l_shtool} install -c -m 644 %{l_value -s -a} \ michael@724: -e "s;@version@;%{version};" \ michael@724: -e "s;@libs@;$libs;" \ michael@724: %{SOURCE sasl.pc} \ michael@724: $RPM_BUILD_ROOT%{l_prefix}/lib/pkgconfig/ michael@724: michael@724: # determine installation files michael@724: %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \ michael@724: %{l_files_std} \ michael@724: '%config %{l_prefix}/etc/fsl/fsl.sasl' \ michael@724: '%config %{l_prefix}/etc/sasl/saslauthd.conf' \ michael@724: '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl' \ michael@724: '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl/run' \ michael@724: '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl/run/saslauthd' \ michael@724: '%dir %attr(0700,%{l_susr},%{l_sgrp}) %{l_prefix}/var/sasl/log' michael@724: michael@724: %files -f files michael@724: michael@724: %clean michael@724: michael@724: %pre michael@724: # before upgrade, save status and stop service michael@724: [ $1 -eq 2 ] || exit 0 michael@724: eval `%{l_rc} sasl status 2>/dev/null | tee %{l_tmpfile}` michael@724: %{l_rc} sasl stop 2>/dev/null michael@724: exit 0 michael@724: michael@724: %post michael@724: %if "%{with_pam}" == "yes" michael@724: if [ $1 -eq 1 ]; then michael@724: # after install, add PAM configuration entry michael@724: $RPM_INSTALL_PREFIX/sbin/pamtool --add --smart --name=sasl michael@724: fi michael@724: %endif michael@724: if [ $1 -eq 2 ]; then michael@724: # after upgrade, restore status michael@724: eval `cat %{l_tmpfile}`; rm -f %{l_tmpfile} michael@724: [ ".$sasl_active" = .yes ] && %{l_rc} sasl start michael@724: fi michael@724: exit 0 michael@724: michael@724: %preun michael@724: # before erase, stop service and remove log files michael@724: [ $1 -eq 0 ] || exit 0 michael@724: %{l_rc} sasl stop 2>/dev/null michael@724: rm -f $RPM_INSTALL_PREFIX/var/sasl/log/*.log* >/dev/null 2>&1 || true michael@724: %if "%{with_pam}" == "yes" michael@724: # remove PAM configuration entry michael@724: $RPM_INSTALL_PREFIX/sbin/pamtool --remove --smart --name=sasl michael@724: %endif michael@724: exit 0 michael@724: