diff -r f051a589a05a -r b318ab5c5f26 sasl/sasl.spec --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/sasl/sasl.spec Fri Oct 05 22:37:14 2012 +0200 @@ -0,0 +1,440 @@ +## +## sasl.spec -- OpenPKG RPM Package Specification +## Copyright (c) 2000-2010 OpenPKG Foundation e.V. +## +## Permission to use, copy, modify, and distribute this software for +## any purpose with or without fee is hereby granted, provided that +## the above copyright notice and this permission notice appear in all +## copies. +## +## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +## SUCH DAMAGE. +## + +# package information +Name: sasl +Summary: Simple Authentication and Security Layer (SASL) +URL: http://www.cyrusimap.org/ +Vendor: Cyrus Project, CMU +Packager: OpenPKG Foundation e.V. +Distribution: OpenPKG Community +Class: BASE +Group: Cryptography +License: BSD +Version: 2.1.23 +Release: 20101020 + +# package options +%option with_fsl yes +%option with_sasldb yes +%option with_pam no +%option with_login no +%option with_ldap no +%option with_mysql no +%option with_pgsql no +%option with_sqlite no +%option with_ntlm no +%option with_otp no +%option with_srp no +%option with_kerberos no + +# list of sources +Source0: ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-%{version}.tar.gz +Source1: rc.sasl +Source2: fsl.sasl +Source3: saslauthd.conf +Source4: sasl.pc +Patch0: sasl.patch + +# build information +BuildPreReq: OpenPKG, openpkg >= 20100101, gcc, make, groff +PreReq: OpenPKG, openpkg >= 20100101 +BuildPreReq: db >= 4.1.24, openssl +PreReq: db >= 4.1.24, openssl +%if "%{with_fsl}" == "yes" +BuildPreReq: fsl +PreReq: fsl +%endif +%if "%{with_pam}" == "yes" +BuildPreReq: PAM +PreReq: PAM +%endif +%if "%{with_ldap}" == "yes" +BuildPreReq: openldap +PreReq: openldap +%endif +%if "%{with_mysql}" == "yes" +BuildPreReq: mysql +PreReq: mysql +%endif +%if "%{with_pgsql}" == "yes" +BuildPreReq: postgresql +PreReq: postgresql +%endif +%if "%{with_sqlite}" == "yes" +BuildPreReq: sqlite +PreReq: sqlite +%endif +%if "%{with_otp}" == "yes" +BuildPreReq: opie +PreReq: opie +%endif +%if "%{with_kerberos}" == "yes" +BuildPreReq: KERBEROS +PreReq: KERBEROS +%endif + +%description + SASL is the Simple Authentication and Security Layer, a method + for adding authentication support to connection-based protocols. + To use SASL, a protocol includes a command for identifying and + authenticating a user to a server and for optionally negotiating + protection of subsequent protocol interactions. If its use is + negotiated, a security layer is inserted between the protocol and + the connection. + +%track + prog sasl = { + version = %{version} + url = ftp://ftp.cyrusimap.org/cyrus-sasl/ + regex = cyrus-sasl-(\d+\.\d+\.\d+)\.tar\.gz + } + +%prep + %setup -q -n cyrus-sasl-%{version} + %patch -p0 + +%build + # ensure the OpenPKG Berkeley-DB is picked up only + %{l_shtool} subst \ + -e 's;for dbname in db-.*db$;for dbname in db;' \ + saslauthd/configure configure + + # disable some unwanted configure checks + %{l_shtool} subst \ + -e 's;\(SASL_DB_UTILS="saslpasswd2 sasldblistusers2\);\1 dbconverter-2;' \ + -e "s;javac;javac-xxx;g" \ + -e "s;javah;javah-xxx;g" \ + -e "s;javadoc;javadoc-xxx;g" \ + configure + + # fix OpenLDAP support +%if "%{with_ldap}" == "yes" + echo 'ac_cv_lib_ldap_ldap_initialize=yes' >config.cache + %{l_shtool} subst \ + -e "s;\(\$LDAP_LIBS\) *\(-lcrypto\);\1 -lssl -lcrypto \2;" \ + saslauthd/configure +%endif + + # fix GSS/Kerberos support +%if "%{with_kerberos}" == "yes" + %{l_shtool} subst \ + -e 's;\(-lk5crypto\);\1 -lkrb5support;' \ + configure +%endif + + # enforce disabled Kerberos 5 support in saslauthd + echo 'ac_cv_header_krb5_h=no' >config.cache + + # configure path to sasl-server config files + %{l_shtool} subst \ + -e 's;@l_sysconfdir@;%{l_prefix}/etc/sasl/sasl.d;g' \ + lib/server.c + + # determine build flags + cflags="%{l_cflags -O} %{l_cppflags}" + ldflags="%{l_ldflags} %{l_fsl_ldflags}" + libs="-ldb %{l_fsl_libs}" +%if "%{with_ldap}" == "yes" + cflags="$cflags -DAUTH_LDAP" +%endif +%if "%{with_mysql}" == "yes" + libs="$libs -lz -lm" +%endif +%if "%{with_pgsql}" == "yes" + cflags="$cflags -I%{l_cppflags postgresql}" + libs="$libs -lssl -lcrypto -lcrypt" +%endif +%if "%{with_kerberos}" == "yes" + cflags="$cflags `krb5-config --cflags gssapi`" + libs="$libs `krb5-config --libs gssapi`" +%endif + case "%{l_platform -t}" in + *-sunos* ) libs="$libs -lrt" ;; + esac + + # configure package + CC="%{l_cc}" \ + CFLAGS="$cflags" \ + CPPFLAGS="%{l_cppflags}" \ + LDFLAGS="$ldflags" \ + LIBS="$libs" \ + ./configure \ + --cache-file=./config.cache \ + --prefix=%{l_prefix} \ + --sysconfdir=%{l_prefix}/etc/sasl \ + --with-configdir=%{l_prefix}/etc/sasl/sasl.d \ + --with-plugindir=%{l_prefix}/lib/sasl \ + --with-saslauthd=%{l_prefix}/var/sasl/run/saslauthd \ + --enable-digest \ + --enable-cram \ + --enable-anon \ +%if "%{with_sasldb}" == "yes" + --enable-auth-sasldb \ + --with-dbpath=%{l_prefix}/var/sasl/run/sasl.db \ + --with-dblib=berkeley \ + --with-bdb-incdir=%{l_prefix}/include \ + --with-bdb-libdir=%{l_prefix}/lib \ +%else + --with-dblib=none \ +%endif + --with-openssl=%{l_prefix} \ +%if "%{with_pam}" == "yes" + --with-pam \ +%else + --without-pam \ +%endif +%if "%{with_login}" == "yes" + --enable-login \ +%else + --disable-login \ +%endif +%if "%{with_ldap}" == "yes" + --with-ldap=%{l_prefix} \ +%else + --without-ldap \ +%endif +%if "%{with_otp}" == "yes" + --enable-otp \ + --with-opie=%{l_prefix} \ +%else + --disable-otp \ + --without-opie \ +%endif +%if "%{with_srp}" == "yes" + --enable-srp \ +%else + --disable-srp \ +%endif +%if "%{with_kerberos}" == "yes" + --enable-gssapi \ + --with-gss_impl=`if [ -d %{l_prefix}/include/heimdal ]; then echo "heimdal"; else echo "mit"; fi` \ +%else + --disable-gssapi \ + --without-gss_impl \ +%endif +%if "%{with_mysql}" == "yes" || "%{with_pgsql}" == "yes" || "%{with_sqlite}" == "yes" + --enable-sql \ +%if "%{with_mysql}" == "yes" + --with-mysql=%{l_prefix} \ +%else + --without-mysql \ +%endif +%if "%{with_pgsql}" == "yes" + --with-pgsql=%{l_prefix} \ +%else + --without-pgsql \ +%endif +%if "%{with_sqlite}" == "yes" + --with-sqlite=%{l_prefix} \ +%else + --without-sqlite \ +%endif +%endif +%if "%{with_ntlm}" == "yes" + --enable-ntlm \ +%else + --disable-ntlm \ +%endif + --enable-shared \ + --enable-static \ + --enable-staticdlopen \ + --enable-sample \ + --disable-java \ + --disable-krb4 \ + --without-des + + # post adjustment: trust me, libtool, I know what I am doing + %{l_shtool} subst \ + -e 's;^\(deplibs_check_method=\).*;\1"pass_all";' \ + -e 's/\(eval libobjs=.*$whole_archive_flag_spec.*\)$/case $archive_cmds in \\$LD* ) wl= ;; esac; \1/' \ + libtool + + # post adjustment: do not reference static plugins + %{l_shtool} subst \ + -e '58s;.*;#define PIC;' \ + lib/dlopen.c + + # post adjustment: do not pull static plugins into static library + %{l_shtool} subst \ + -e 's;-ln -s $(SASL_STATIC_SRCS) .;-ln ../sasldb/*.o ../plugins/*.o $(SASL_STATIC_SRCS) .;' \ + lib/Makefile + + # post adjustment: build utils against static library + %{l_shtool} subst \ + -e 's;\(\$(CCLD)\);\1 -static;' \ + -e 's;\(noinst.*=\) *dbconverter.*;\1;' \ + utils/Makefile \ + sample/Makefile + + # post adjustment: fix OpenLDAP support +%if "%{with_ldap}" == "yes" + %{l_shtool} subst \ + -e "s;^\(saslauthd_LDADD[ ]*=[ ]*[^\\]*\);\1 -lcrypt -lldap -llber -lssl -lcrypto ;" \ + saslauthd/Makefile +%endif + + # build package + %{l_make} %{l_mflags} + ( cd saslauthd + %{l_make} %{l_mflags} testsaslauthd + ) || exit $? + ( cd sample + %{l_make} %{l_mflags} sample-client sample-server + ) || exit $? + +%install + + # install package + %{l_make} %{l_mflags} install AM_MAKEFLAGS="DESTDIR=$RPM_BUILD_ROOT" + + # remove libtool cruft + rm -f \ + $RPM_BUILD_ROOT%{l_prefix}/lib/*.la \ + $RPM_BUILD_ROOT%{l_prefix}/lib/*.s[ol] \ + $RPM_BUILD_ROOT%{l_prefix}/lib/*.s[ol].* \ + $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2/*.a + + # post-adjust installation + mv $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2 \ + $RPM_BUILD_ROOT%{l_prefix}/lib/sasl + mv $RPM_BUILD_ROOT%{l_prefix}/sbin/testsaslauthd \ + $RPM_BUILD_ROOT%{l_prefix}/sbin/saslauthd-test + mv $RPM_BUILD_ROOT%{l_prefix}/sbin/pluginviewer \ + $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-pluginviewer + mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/pluginviewer.8 \ + $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasl-pluginviewer.8 + mv $RPM_BUILD_ROOT%{l_prefix}/sbin/saslpasswd2 \ + $RPM_BUILD_ROOT%{l_prefix}/sbin/saslpasswd + mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/saslpasswd2.8 \ + $RPM_BUILD_ROOT%{l_prefix}/man/man8/saslpasswd.8 + mv $RPM_BUILD_ROOT%{l_prefix}/sbin/sasldblistusers2 \ + $RPM_BUILD_ROOT%{l_prefix}/sbin/sasldblistusers + mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasldblistusers2.8 \ + $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasldblistusers.8 + rm -f $RPM_BUILD_ROOT%{l_prefix}/sbin/dbconverter-2 + strip $RPM_BUILD_ROOT%{l_prefix}/sbin/* >/dev/null 2>&1 || true + + # install sample client/server programs + %{l_shtool} install -c -m 755 \ + sample/sample-client \ + $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-sample-client + %{l_shtool} install -c -m 755 \ + sample/sample-server \ + $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-sample-server + + # install saslauthd default configuration + %{l_shtool} mkdir -f -p -m 755 \ + $RPM_BUILD_ROOT%{l_prefix}/etc/sasl + %{l_shtool} install -c -m 755 \ + %{SOURCE saslauthd.conf} \ + $RPM_BUILD_ROOT%{l_prefix}/etc/sasl/ + + # create necessary additional directories + %{l_shtool} mkdir -f -p -m 755 \ + $RPM_BUILD_ROOT%{l_prefix}/var/sasl/log \ + $RPM_BUILD_ROOT%{l_prefix}/var/sasl/run/saslauthd \ + $RPM_BUILD_ROOT%{l_prefix}/etc/sasl/sasl.d + + # install run-command script +%if "%{with_pam}" == "yes" + l_authmech="pam" +%else + case "%{l_platform -t}" in + *-linux* | *-sunos* ) l_authmech="shadow" ;; + * ) l_authmech="getpwent" ;; + esac +%endif + %{l_shtool} mkdir -f -p -m 755 \ + $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d + %{l_shtool} install -c -m 755 \ + -e "s;@l_authmech@;${l_authmech};g" %{l_value -s -a} \ + %{SOURCE rc.sasl} \ + $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/ + + # install OSSP fsl configuration + %{l_shtool} mkdir -f -p -m 755 \ + $RPM_BUILD_ROOT%{l_prefix}/etc/fsl + %{l_shtool} install -c -m 644 %{l_value -s -a} \ + %{SOURCE fsl.sasl} \ + $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/ + + # install pkg-config configuration + libs="-lsasl2" + case "%{l_platform -t}" in + *-linux* ) libs="$libs -ldl" ;; + esac + %{l_shtool} mkdir -f -p -m 755 \ + $RPM_BUILD_ROOT%{l_prefix}/lib/pkgconfig + %{l_shtool} install -c -m 644 %{l_value -s -a} \ + -e "s;@version@;%{version};" \ + -e "s;@libs@;$libs;" \ + %{SOURCE sasl.pc} \ + $RPM_BUILD_ROOT%{l_prefix}/lib/pkgconfig/ + + # determine installation files + %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \ + %{l_files_std} \ + '%config %{l_prefix}/etc/fsl/fsl.sasl' \ + '%config %{l_prefix}/etc/sasl/saslauthd.conf' \ + '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl' \ + '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl/run' \ + '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl/run/saslauthd' \ + '%dir %attr(0700,%{l_susr},%{l_sgrp}) %{l_prefix}/var/sasl/log' + +%files -f files + +%clean + +%pre + # before upgrade, save status and stop service + [ $1 -eq 2 ] || exit 0 + eval `%{l_rc} sasl status 2>/dev/null | tee %{l_tmpfile}` + %{l_rc} sasl stop 2>/dev/null + exit 0 + +%post +%if "%{with_pam}" == "yes" + if [ $1 -eq 1 ]; then + # after install, add PAM configuration entry + $RPM_INSTALL_PREFIX/sbin/pamtool --add --smart --name=sasl + fi +%endif + if [ $1 -eq 2 ]; then + # after upgrade, restore status + eval `cat %{l_tmpfile}`; rm -f %{l_tmpfile} + [ ".$sasl_active" = .yes ] && %{l_rc} sasl start + fi + exit 0 + +%preun + # before erase, stop service and remove log files + [ $1 -eq 0 ] || exit 0 + %{l_rc} sasl stop 2>/dev/null + rm -f $RPM_INSTALL_PREFIX/var/sasl/log/*.log* >/dev/null 2>&1 || true +%if "%{with_pam}" == "yes" + # remove PAM configuration entry + $RPM_INSTALL_PREFIX/sbin/pamtool --remove --smart --name=sasl +%endif + exit 0 +