changeset
Import package vendor original spec for necessary manipulations.
Fri, 05 Oct 2012 22:37:14 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Fri, 05 Oct 2012 22:37:14 +0200
- changeset 724
- b318ab5c5f26
- parent 723
- f051a589a05a
- child 725
- 405367b5a7ff
Import package vendor original spec for necessary manipulations.
| sasl/fsl.sasl | file | annotate | diff | comparison | revisions | |
| sasl/rc.sasl | file | annotate | diff | comparison | revisions | |
| sasl/sasl.patch | file | annotate | diff | comparison | revisions | |
| sasl/sasl.pc | file | annotate | diff | comparison | revisions | |
| sasl/sasl.spec | file | annotate | diff | comparison | revisions | |
| sasl/saslauthd.conf | file | annotate | diff | comparison | revisions |
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/sasl/fsl.sasl Fri Oct 05 22:37:14 2012 +0200 1.3 @@ -0,0 +1,16 @@ 1.4 +## 1.5 +## fsl.sasl -- OSSP fsl configuration 1.6 +## 1.7 + 1.8 +ident (saslauthd)/.+ q{ 1.9 + prefix( 1.10 + prefix="%b %d %H:%M:%S %N <%L> $1[%P]: " 1.11 + ) 1.12 + -> { 1.13 + debug: file( 1.14 + path="@l_prefix@/var/sasl/log/saslauthd.log", 1.15 + perm=0600 1.16 + ) 1.17 + } 1.18 +}; 1.19 +
2.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 2.2 +++ b/sasl/rc.sasl Fri Oct 05 22:37:14 2012 +0200 2.3 @@ -0,0 +1,60 @@ 2.4 +#!@l_prefix@/bin/openpkg rc 2.5 +## 2.6 +## rc.sasl -- Run-Commands 2.7 +## 2.8 + 2.9 +%config 2.10 + sasl_enable="$openpkg_rc_def" 2.11 + sasl_flags="" 2.12 + sasl_authmech="@l_authmech@" 2.13 + sasl_threads="4" 2.14 + sasl_log_prolog="true" 2.15 + sasl_log_epilog="true" 2.16 + sasl_log_numfiles="10" 2.17 + sasl_log_minsize="1M" 2.18 + sasl_log_complevel="9" 2.19 + 2.20 +%common 2.21 + sasl_pidfile="@l_prefix@/var/sasl/run/saslauthd/saslauthd.pid" 2.22 + sasl_signal () { 2.23 + [ -f $sasl_pidfile ] && kill -$1 `cat $sasl_pidfile` 2.24 + } 2.25 + 2.26 +%status -u @l_susr@ -o 2.27 + sasl_usable="unknown" 2.28 + sasl_active="no" 2.29 + rcService sasl enable yes && \ 2.30 + sasl_signal 0 && sasl_active="yes" 2.31 + echo "sasl_enable=\"$sasl_enable\"" 2.32 + echo "sasl_usable=\"$sasl_usable\"" 2.33 + echo "sasl_active=\"$sasl_active\"" 2.34 + 2.35 +%start -p 400 -u @l_susr@ 2.36 + rcService sasl enable yes || exit 0 2.37 + rcService sasl active yes && exit 0 2.38 + @l_prefix@/sbin/saslauthd \ 2.39 + -a "${sasl_authmech}" \ 2.40 + -n "${sasl_threads}" \ 2.41 + ${sasl_flags} 2.42 + 2.43 +%stop -p 600 -u @l_susr@ 2.44 + rcService sasl enable yes || exit 0 2.45 + rcService sasl active no && exit 0 2.46 + sasl_signal TERM 2.47 + 2.48 +%restart -u @l_susr@ 2.49 + rcService sasl enable yes || exit 0 2.50 + rcService sasl active no && exit 0 2.51 + rc sasl stop 2.52 + sleep 2 2.53 + rc sasl start 2.54 + 2.55 +%daily -u @l_susr@ 2.56 + rcService sasl enable yes || exit 0 2.57 + shtool rotate -f \ 2.58 + -n ${sasl_log_numfiles} -s ${sasl_log_minsize} -d \ 2.59 + -z ${sasl_log_complevel} -o @l_susr@ -g @l_sgrp@ -m 600 \ 2.60 + -P "${sasl_log_prolog}" \ 2.61 + -E "${sasl_log_epilog}; rc sasl restart" \ 2.62 + @l_prefix@/var/sasl/log/saslauthd.log 2.63 +
3.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 3.2 +++ b/sasl/sasl.patch Fri Oct 05 22:37:14 2012 +0200 3.3 @@ -0,0 +1,600 @@ 3.4 +Index: configure 3.5 +--- configure.orig 2006-05-18 21:30:13 +0200 3.6 ++++ configure 2008-12-25 18:48:51 +0100 3.7 +@@ -3944,9 +3944,6 @@ 3.8 + 3.9 + fi 3.10 + 3.11 +-if test "$ac_cv_c_compiler_gnu" = yes; then 3.12 +- CFLAGS="-Wall -W ${CFLAGS}" 3.13 +-fi 3.14 + 3.15 + 3.16 + # Check whether --with-purecov or --without-purecov was given. 3.17 +@@ -5125,7 +5122,7 @@ 3.18 + fi 3.19 + 3.20 + saved_LIBS=$LIBS 3.21 +- for dbname in db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db 3.22 ++ for dbname in db 3.23 + do 3.24 + LIBS="$saved_LIBS -l$dbname" 3.25 + cat >conftest.$ac_ext <<_ACEOF 3.26 +@@ -5205,6 +5202,54 @@ 3.27 + fi 3.28 + rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 3.29 + fi 3.30 ++ if test "$dblib" = "no"; then 3.31 ++ cat >conftest.$ac_ext <<_ACEOF 3.32 ++/* confdefs.h. */ 3.33 ++_ACEOF 3.34 ++cat confdefs.h >>conftest.$ac_ext 3.35 ++cat >>conftest.$ac_ext <<_ACEOF 3.36 ++/* end confdefs.h. */ 3.37 ++#include <db.h> 3.38 ++int 3.39 ++main () 3.40 ++{ 3.41 ++dbm_open(NULL, 0, 0, 0, NULL, NULL, NULL); 3.42 ++ ; 3.43 ++ return 0; 3.44 ++} 3.45 ++_ACEOF 3.46 ++rm -f conftest.$ac_objext conftest$ac_exeext 3.47 ++if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 3.48 ++ (eval $ac_link) 2>conftest.er1 3.49 ++ ac_status=$? 3.50 ++ grep -v '^ *+' conftest.er1 >conftest.err 3.51 ++ rm -f conftest.er1 3.52 ++ cat conftest.err >&5 3.53 ++ echo "$as_me:$LINENO: \$? = $ac_status" >&5 3.54 ++ (exit $ac_status); } && 3.55 ++ { ac_try='test -z "$ac_c_werror_flag" 3.56 ++ || test ! -s conftest.err' 3.57 ++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 3.58 ++ (eval $ac_try) 2>&5 3.59 ++ ac_status=$? 3.60 ++ echo "$as_me:$LINENO: \$? = $ac_status" >&5 3.61 ++ (exit $ac_status); }; } && 3.62 ++ { ac_try='test -s conftest$ac_exeext' 3.63 ++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 3.64 ++ (eval $ac_try) 2>&5 3.65 ++ ac_status=$? 3.66 ++ echo "$as_me:$LINENO: \$? = $ac_status" >&5 3.67 ++ (exit $ac_status); }; }; then 3.68 ++ BDB_LIBADD="$BDB_LIBADD -ldb"; dblib="berkeley"; dbname=db 3.69 ++else 3.70 ++ echo "$as_me: failed program was:" >&5 3.71 ++sed 's/^/| /' conftest.$ac_ext >&5 3.72 ++ 3.73 ++dblib="no" 3.74 ++fi 3.75 ++rm -f conftest.err conftest.$ac_objext \ 3.76 ++ conftest$ac_exeext conftest.$ac_ext 3.77 ++ fi 3.78 + LIBS=$saved_LIBS 3.79 + 3.80 + LDFLAGS=$BDB_SAVE_LDFLAGS 3.81 +@@ -5882,7 +5927,7 @@ 3.82 + fi 3.83 + 3.84 + saved_LIBS=$LIBS 3.85 +- for dbname in db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db 3.86 ++ for dbname in db 3.87 + do 3.88 + LIBS="$saved_LIBS -l$dbname" 3.89 + cat >conftest.$ac_ext <<_ACEOF 3.90 +@@ -5962,6 +6007,54 @@ 3.91 + fi 3.92 + rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext 3.93 + fi 3.94 ++ if test "$dblib" = "no"; then 3.95 ++ cat >conftest.$ac_ext <<_ACEOF 3.96 ++/* confdefs.h. */ 3.97 ++_ACEOF 3.98 ++cat confdefs.h >>conftest.$ac_ext 3.99 ++cat >>conftest.$ac_ext <<_ACEOF 3.100 ++/* end confdefs.h. */ 3.101 ++#include <db.h> 3.102 ++int 3.103 ++main () 3.104 ++{ 3.105 ++dbm_open(NULL, 0, 0, 0, NULL, NULL, NULL); 3.106 ++ ; 3.107 ++ return 0; 3.108 ++} 3.109 ++_ACEOF 3.110 ++rm -f conftest.$ac_objext conftest$ac_exeext 3.111 ++if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 3.112 ++ (eval $ac_link) 2>conftest.er1 3.113 ++ ac_status=$? 3.114 ++ grep -v '^ *+' conftest.er1 >conftest.err 3.115 ++ rm -f conftest.er1 3.116 ++ cat conftest.err >&5 3.117 ++ echo "$as_me:$LINENO: \$? = $ac_status" >&5 3.118 ++ (exit $ac_status); } && 3.119 ++ { ac_try='test -z "$ac_c_werror_flag" 3.120 ++ || test ! -s conftest.err' 3.121 ++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 3.122 ++ (eval $ac_try) 2>&5 3.123 ++ ac_status=$? 3.124 ++ echo "$as_me:$LINENO: \$? = $ac_status" >&5 3.125 ++ (exit $ac_status); }; } && 3.126 ++ { ac_try='test -s conftest$ac_exeext' 3.127 ++ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 3.128 ++ (eval $ac_try) 2>&5 3.129 ++ ac_status=$? 3.130 ++ echo "$as_me:$LINENO: \$? = $ac_status" >&5 3.131 ++ (exit $ac_status); }; }; then 3.132 ++ BDB_LIBADD="$BDB_LIBADD -ldb"; dblib="berkeley"; dbname=db 3.133 ++else 3.134 ++ echo "$as_me: failed program was:" >&5 3.135 ++sed 's/^/| /' conftest.$ac_ext >&5 3.136 ++ 3.137 ++dblib="no" 3.138 ++fi 3.139 ++rm -f conftest.err conftest.$ac_objext \ 3.140 ++ conftest$ac_exeext conftest.$ac_ext 3.141 ++ fi 3.142 + LIBS=$saved_LIBS 3.143 + 3.144 + LDFLAGS=$BDB_SAVE_LDFLAGS 3.145 +@@ -12005,20 +12098,20 @@ 3.146 + fi 3.147 + 3.148 + LIB_SQLITE_DIR=$LIB_SQLITE 3.149 +- LIB_SQLITE="$LIB_SQLITE -lsqlite" 3.150 ++ LIB_SQLITE="$LIB_SQLITE -lsqlite3" 3.151 + 3.152 + if test -d ${with_sqlite}/include; then 3.153 + CPPFLAGS="${CPPFLAGS} -I${with_sqlite}/include" 3.154 + else 3.155 + CPPFLAGS="${CPPFLAGS} -I${with_sqlite}" 3.156 + fi 3.157 +- echo "$as_me:$LINENO: checking for sqlite_open in -lsqlite" >&5 3.158 +-echo $ECHO_N "checking for sqlite_open in -lsqlite... $ECHO_C" >&6 3.159 ++ echo "$as_me:$LINENO: checking for sqlite3_open in -lsqlite3" >&5 3.160 ++echo $ECHO_N "checking for sqlite3_open in -lsqlite3... $ECHO_C" >&6 3.161 + if test "${ac_cv_lib_sqlite_sqlite_open+set}" = set; then 3.162 + echo $ECHO_N "(cached) $ECHO_C" >&6 3.163 + else 3.164 + ac_check_lib_save_LIBS=$LIBS 3.165 +-LIBS="-lsqlite $LIB_SQLITE_DIR $LIBS" 3.166 ++LIBS="-lsqlite3 $LIB_SQLITE_DIR $LIBS" 3.167 + cat >conftest.$ac_ext <<_ACEOF 3.168 + #line $LINENO "configure" 3.169 + /* confdefs.h. */ 3.170 +@@ -12033,11 +12126,11 @@ 3.171 + #endif 3.172 + /* We use char because int might match the return type of a gcc2 3.173 + builtin and then its argument prototype would still apply. */ 3.174 +-char sqlite_open (); 3.175 ++char sqlite3_open (); 3.176 + int 3.177 + main () 3.178 + { 3.179 +-sqlite_open (); 3.180 ++sqlite3_open (); 3.181 + ; 3.182 + return 0; 3.183 + } 3.184 +Index: lib/saslint.h 3.185 +--- lib/saslint.h.orig 2006-04-18 22:25:45 +0200 3.186 ++++ lib/saslint.h 2008-12-25 18:48:51 +0100 3.187 +@@ -109,8 +109,6 @@ 3.188 + const char *appname; 3.189 + } sasl_global_callbacks_t; 3.190 + 3.191 +-extern sasl_global_callbacks_t global_callbacks; 3.192 +- 3.193 + typedef struct _sasl_external_properties 3.194 + { 3.195 + sasl_ssf_t ssf; 3.196 +Index: lib/server.c 3.197 +--- lib/server.c.orig 2006-05-17 18:46:13 +0200 3.198 ++++ lib/server.c 2008-12-25 18:48:51 +0100 3.199 +@@ -95,7 +95,7 @@ 3.200 + 3.201 + static mech_list_t *mechlist = NULL; /* global var which holds the list */ 3.202 + 3.203 +-sasl_global_callbacks_t global_callbacks; 3.204 ++static sasl_global_callbacks_t global_callbacks; 3.205 + 3.206 + /* set the password for a user 3.207 + * conn -- SASL connection 3.208 +@@ -477,16 +477,8 @@ 3.209 + return SASL_CONTINUE; 3.210 + } 3.211 + 3.212 +- /* get the path to the config file */ 3.213 +- getconfpath_cb = _sasl_find_getconfpath_callback( global_callbacks.callbacks ); 3.214 +- if (getconfpath_cb == NULL) return SASL_BADPARAM; 3.215 +- 3.216 +- /* getconfpath_cb->proc MUST be a sasl_getconfpath_t; if only C had a type 3.217 +- system */ 3.218 +- result = ((sasl_getconfpath_t *)(getconfpath_cb->proc))(getconfpath_cb->context, 3.219 +- &path_to_config); 3.220 +- if (result != SASL_OK) goto done; 3.221 +- if (path_to_config == NULL) path_to_config = ""; 3.222 ++ result = SASL_OK; 3.223 ++ path_to_config = "@l_sysconfdir@"; 3.224 + 3.225 + next = path_to_config; 3.226 + 3.227 +Index: plugins/sql.c 3.228 +--- plugins/sql.c.orig 2006-04-07 15:42:16 +0200 3.229 ++++ plugins/sql.c 2008-12-25 21:57:47 +0100 3.230 +@@ -150,9 +150,15 @@ 3.231 + return -1; 3.232 + } 3.233 + if (value) { 3.234 +- strncpy(value, row[0], size-2); 3.235 +- value[size-1] = '\0'; 3.236 +- if (value_len) *value_len = strlen(value); 3.237 ++ unsigned long *col_lens; 3.238 ++ size_t col_len; 3.239 ++ col_lens = mysql_fetch_lengths(result); 3.240 ++ col_len = (size_t)col_lens[0]; 3.241 ++ if (col_len > size - 1); 3.242 ++ col_len = size - 1; 3.243 ++ memcpy(value, row[0], col_len); 3.244 ++ value[col_len] = '\0'; 3.245 ++ if (value_len) *value_len = col_len; 3.246 + } 3.247 + 3.248 + /* free result */ 3.249 +@@ -277,7 +283,7 @@ 3.250 + ExecStatusType status; 3.251 + 3.252 + /* run the query */ 3.253 +- result = PQexec(conn, cmd); 3.254 ++ result = PQexecParams(conn, cmd, 0, NULL, NULL, NULL, NULL, 1); 3.255 + 3.256 + /* check the status */ 3.257 + status = PQresultStatus(result); 3.258 +@@ -298,6 +304,7 @@ 3.259 + row_count = PQntuples(result); 3.260 + if (!row_count) { 3.261 + /* umm nothing found */ 3.262 ++ utils->log(NULL, SASL_LOG_DEBUG, "sql plugin: no result found for query %s", cmd); 3.263 + utils->log(NULL, SASL_LOG_NOTE, "sql plugin: no result found"); 3.264 + PQclear(result); 3.265 + return -1; 3.266 +@@ -310,9 +317,26 @@ 3.267 + /* now get the result set value and value_len */ 3.268 + /* we only fetch one because we don't care about the rest */ 3.269 + if (value) { 3.270 +- strncpy(value, PQgetvalue(result,0,0), size-2); 3.271 +- value[size-1] = '\0'; 3.272 +- if (value_len) *value_len = strlen(value); 3.273 ++ if (PQgetisnull(result, 0, 0)) { 3.274 ++ size_t col_len; 3.275 ++ col_len = strlen(SQL_NULL_VALUE); 3.276 ++ if (col_len > size - 1) 3.277 ++ col_len = size - 1; 3.278 ++ memcpy(value, SQL_NULL_VALUE, col_len); 3.279 ++ value[col_len] = '\0'; 3.280 ++ if (value_len) 3.281 ++ *value_len = col_len; 3.282 ++ } 3.283 ++ else { 3.284 ++ size_t col_len; 3.285 ++ col_len = (size_t)PQgetlength(result, 0, 0); 3.286 ++ if (col_len > size - 1); 3.287 ++ col_len = size - 1; 3.288 ++ memcpy(value, PQgetvalue(result, 0, 0), col_len); 3.289 ++ value[col_len] = '\0'; 3.290 ++ if (value_len) 3.291 ++ *value_len = col_len; 3.292 ++ } 3.293 + } 3.294 + 3.295 + /* free result */ 3.296 +@@ -342,7 +366,7 @@ 3.297 + #endif /* HAVE_PGSQL */ 3.298 + 3.299 + #ifdef HAVE_SQLITE 3.300 +-#include <sqlite.h> 3.301 ++#include <sqlite3.h> 3.302 + 3.303 + static void *_sqlite_open(char *host __attribute__((unused)), 3.304 + char *port __attribute__((unused)), 3.305 +@@ -352,21 +376,23 @@ 3.306 + const char *database, const sasl_utils_t *utils) 3.307 + { 3.308 + int rc; 3.309 +- sqlite *db; 3.310 ++ sqlite3 *db; 3.311 + char *zErrMsg = NULL; 3.312 + 3.313 +- db = sqlite_open(database, 0, &zErrMsg); 3.314 +- if (db == NULL) { 3.315 ++ rc = sqlite3_open(database, &db); 3.316 ++ if (rc != SQLITE_OK) { 3.317 ++ zErrMsg = (char *)sqlite3_errmsg(db); 3.318 + utils->log(NULL, SASL_LOG_ERR, "sql plugin: %s", zErrMsg); 3.319 +- sqlite_freemem (zErrMsg); 3.320 ++ sqlite3_free (zErrMsg); 3.321 ++ sqlite3_close (db); 3.322 + return NULL; 3.323 + } 3.324 + 3.325 +- rc = sqlite_exec(db, "PRAGMA empty_result_callbacks = ON", NULL, NULL, &zErrMsg); 3.326 ++ rc = sqlite3_exec(db, "PRAGMA empty_result_callbacks = ON", NULL, NULL, &zErrMsg); 3.327 + if (rc != SQLITE_OK) { 3.328 + utils->log(NULL, SASL_LOG_ERR, "sql plugin: %s", zErrMsg); 3.329 +- sqlite_freemem (zErrMsg); 3.330 +- sqlite_close(db); 3.331 ++ sqlite3_free (zErrMsg); 3.332 ++ sqlite3_close(db); 3.333 + return NULL; 3.334 + } 3.335 + 3.336 +@@ -388,62 +414,67 @@ 3.337 + return 0; 3.338 + } 3.339 + 3.340 +-static int sqlite_my_callback(void *pArg, int argc __attribute__((unused)), 3.341 +- char **argv, 3.342 +- char **columnNames __attribute__((unused))) 3.343 +-{ 3.344 +- char **result = (char**)pArg; 3.345 +- 3.346 +- if (argv == NULL) { 3.347 +- *result = NULL; /* no record */ 3.348 +- } else if (argv[0] == NULL) { 3.349 +- *result = strdup(SQL_NULL_VALUE); /* NULL IS SQL_NULL_VALUE */ 3.350 +- } else { 3.351 +- *result = strdup(argv[0]); 3.352 +- } 3.353 +- 3.354 +- return /*ABORT*/1; 3.355 +-} 3.356 +- 3.357 + static int _sqlite_exec(void *db, const char *cmd, char *value, size_t size, 3.358 + size_t *value_len, const sasl_utils_t *utils) 3.359 + { 3.360 + int rc; 3.361 +- char *result = NULL; 3.362 +- char *zErrMsg = NULL; 3.363 ++ sqlite3_stmt *stmt; 3.364 ++ const char *todo; 3.365 ++ size_t len; 3.366 + 3.367 +- rc = sqlite_exec((sqlite*)db, cmd, sqlite_my_callback, (void*)&result, &zErrMsg); 3.368 +- if (rc != SQLITE_OK && rc != SQLITE_ABORT) { 3.369 +- utils->log(NULL, SASL_LOG_DEBUG, "sql plugin: %s ", zErrMsg); 3.370 +- sqlite_freemem (zErrMsg); 3.371 ++ rc = sqlite3_prepare((sqlite3*)db, cmd, (int)strlen(cmd), &stmt, &todo); 3.372 ++ if (rc != SQLITE_OK) { 3.373 ++ utils->log(NULL, SASL_LOG_DEBUG, "sql plugin error: %s", sqlite3_errmsg((sqlite3*)db)); 3.374 + return -1; 3.375 + } 3.376 +- 3.377 +- if (rc == SQLITE_OK) { 3.378 ++ rc = sqlite3_step(stmt); 3.379 ++ if (rc != SQLITE_ROW && rc != SQLITE_DONE) { 3.380 ++ utils->log(NULL, SASL_LOG_DEBUG, "sql plugin error: %s", sqlite3_errmsg((sqlite3*)db)); 3.381 ++ sqlite3_finalize(stmt); 3.382 ++ return -1; 3.383 ++ } 3.384 ++ if (sqlite3_column_count(stmt) == 0) { 3.385 + /* no results (BEGIN, COMMIT, DELETE, INSERT, UPDATE) */ 3.386 ++ sqlite3_finalize(stmt); 3.387 + return 0; 3.388 + } 3.389 +- 3.390 +- if (result == NULL) { 3.391 ++ if (rc == SQLITE_DONE) { 3.392 + /* umm nothing found */ 3.393 ++ utils->log(NULL, SASL_LOG_DEBUG, "sql plugin: no result found for query %s", cmd); 3.394 + utils->log(NULL, SASL_LOG_NOTE, "sql plugin: no result found"); 3.395 ++ sqlite3_finalize(stmt); 3.396 + return -1; 3.397 + } 3.398 +- 3.399 +- /* XXX: Duplication cannot be found by this method. */ 3.400 +- 3.401 +- /* now get the result set value and value_len */ 3.402 +- /* we only fetch one because we don't care about the rest */ 3.403 +- if (value) { 3.404 +- strncpy(value, result, size - 2); 3.405 +- value[size - 1] = '\0'; 3.406 +- if (value_len) { 3.407 +- *value_len = strlen(value); 3.408 +- } 3.409 ++ rc = sqlite3_column_type(stmt, 0); 3.410 ++ switch (rc) { 3.411 ++ case SQLITE_NULL: { 3.412 ++ len = strlen(SQL_NULL_VALUE); 3.413 ++ if (len > size - 1) 3.414 ++ len = size - 1; 3.415 ++ memcpy(value, SQL_NULL_VALUE, len); 3.416 ++ value[len] = '\0'; 3.417 ++ if (value_len) 3.418 ++ *value_len = len; 3.419 ++ break; 3.420 ++ } 3.421 ++ default: { 3.422 ++ const void *blob = sqlite3_column_blob(stmt, 0); 3.423 ++ len = (size_t)sqlite3_column_bytes(stmt, 0); 3.424 ++ if (len > size - 1) 3.425 ++ len = size - 1; 3.426 ++ memcpy(value, blob, len); 3.427 ++ value[len] = '\0'; 3.428 ++ if (value_len) 3.429 ++ *value_len = len; 3.430 ++ break; 3.431 ++ } 3.432 + } 3.433 +- 3.434 +- /* free result */ 3.435 +- free(result); 3.436 ++ rc = sqlite3_step(stmt); 3.437 ++ if (rc != SQLITE_DONE) { 3.438 ++ utils->log(NULL, SASL_LOG_WARN, 3.439 ++ "sql plugin: found duplicate row for query %s", cmd); 3.440 ++ } 3.441 ++ sqlite3_finalize(stmt); 3.442 + return 0; 3.443 + } 3.444 + 3.445 +@@ -464,7 +495,7 @@ 3.446 + 3.447 + static void _sqlite_close(void *db) 3.448 + { 3.449 +- sqlite_close((sqlite*)db); 3.450 ++ sqlite3_close((sqlite3 *)db); 3.451 + } 3.452 + #endif /* HAVE_SQLITE */ 3.453 + 3.454 +@@ -771,7 +802,7 @@ 3.455 + settings = (sql_settings_t *) glob_context; 3.456 + 3.457 + sparams->utils->log(NULL, SASL_LOG_DEBUG, 3.458 +- "sql plugin Parse the username %s\n", user); 3.459 ++ "sql plugin parse the username %s\n", user); 3.460 + 3.461 + user_buf = sparams->utils->malloc(ulen + 1); 3.462 + if (!user_buf) goto done; 3.463 +@@ -849,7 +880,7 @@ 3.464 + } 3.465 + 3.466 + sparams->utils->log(NULL, SASL_LOG_DEBUG, 3.467 +- "sql plugin create statement from %s %s %s\n", 3.468 ++ "sql plugin create statement from name=%s user=%s realm=%s\n", 3.469 + realname, escap_userid, escap_realm); 3.470 + 3.471 + /* create a statement that we will use */ 3.472 +@@ -864,9 +895,15 @@ 3.473 + /* run the query */ 3.474 + if (!settings->sql_engine->sql_exec(conn, query, value, sizeof(value), 3.475 + &value_len, sparams->utils)) { 3.476 ++ sparams->utils->log(NULL, SASL_LOG_DEBUG, 3.477 ++ "sql plugin query successful\n"); 3.478 + sparams->utils->prop_set(sparams->propctx, cur->name, 3.479 + value, value_len); 3.480 + } 3.481 ++ else { 3.482 ++ sparams->utils->log(NULL, SASL_LOG_DEBUG, 3.483 ++ "sql plugin query failed\n"); 3.484 ++ } 3.485 + 3.486 + sparams->utils->free(query); 3.487 + } 3.488 +Index: sample/client.c 3.489 +--- sample/client.c.orig 2004-03-09 18:35:32 +0100 3.490 ++++ sample/client.c 2008-12-25 18:48:51 +0100 3.491 +@@ -133,13 +133,11 @@ 3.492 + return SASL_OK; 3.493 + } 3.494 + 3.495 +-#ifndef HAVE_GETPASSPHRASE 3.496 + static char * 3.497 +-getpassphrase(const char *prompt) 3.498 ++my_getpassphrase(const char *prompt) 3.499 + { 3.500 + return getpass(prompt); 3.501 + } 3.502 +-#endif /* ! HAVE_GETPASSPHRASE */ 3.503 + 3.504 + static int 3.505 + getsecret(sasl_conn_t *conn, 3.506 +@@ -155,7 +153,7 @@ 3.507 + if (! conn || ! psecret || id != SASL_CB_PASS) 3.508 + return SASL_BADPARAM; 3.509 + 3.510 +- password = getpassphrase("Password: "); 3.511 ++ password = my_getpassphrase("Password: "); 3.512 + if (! password) 3.513 + return SASL_FAIL; 3.514 + 3.515 +Index: sample/sample-client.c 3.516 +--- sample/sample-client.c.orig 2004-10-26 13:14:33 +0200 3.517 ++++ sample/sample-client.c 2008-12-25 18:48:51 +0100 3.518 +@@ -244,13 +244,11 @@ 3.519 + return SASL_OK; 3.520 + } 3.521 + 3.522 +-#ifndef HAVE_GETPASSPHRASE 3.523 + static char * 3.524 +-getpassphrase(const char *prompt) 3.525 ++my_getpassphrase(const char *prompt) 3.526 + { 3.527 + return getpass(prompt); 3.528 + } 3.529 +-#endif /* ! HAVE_GETPASSPHRASE */ 3.530 + 3.531 + static int 3.532 + getsecret(sasl_conn_t *conn, 3.533 +@@ -264,7 +262,7 @@ 3.534 + if (! conn || ! psecret || id != SASL_CB_PASS) 3.535 + return SASL_BADPARAM; 3.536 + 3.537 +- password = getpassphrase("Password: "); 3.538 ++ password = my_getpassphrase("Password: "); 3.539 + if (! password) 3.540 + return SASL_FAIL; 3.541 + 3.542 +@@ -307,7 +305,7 @@ 3.543 + fflush(stdout); 3.544 + 3.545 + if (id == SASL_CB_ECHOPROMPT) { 3.546 +- char *original = getpassphrase(""); 3.547 ++ char *original = my_getpassphrase(""); 3.548 + if (! original) 3.549 + return SASL_FAIL; 3.550 + if (*original) 3.551 +Index: saslauthd/Makefile.am 3.552 +--- saslauthd/Makefile.am.orig 2006-05-17 18:46:17 +0200 3.553 ++++ saslauthd/Makefile.am 2008-12-25 18:48:51 +0100 3.554 +@@ -36,4 +36,4 @@ 3.555 + 3.556 + install-data-local: saslauthd.8 3.557 + $(mkinstalldirs) $(DESTDIR)$(mandir)/man8 3.558 +- $(INSTALL_DATA) $(srcdir)/saslauthd.8 $(DESTDIR)$(mandir)/man8/saslauthd.8 3.559 ++ $(INSTALL_DATA) $(srcdir)/saslauthd.mdoc $(DESTDIR)$(mandir)/man8/saslauthd.8 3.560 +Index: saslauthd/Makefile.in 3.561 +--- saslauthd/Makefile.in.orig 2008-12-25 18:48:51 +0100 3.562 ++++ saslauthd/Makefile.in 2008-12-25 18:48:51 +0100 3.563 +@@ -621,7 +621,7 @@ 3.564 + 3.565 + install-data-local: saslauthd.8 3.566 + $(mkinstalldirs) $(DESTDIR)$(mandir)/man8 3.567 +- $(INSTALL_DATA) $(srcdir)/saslauthd.8 $(DESTDIR)$(mandir)/man8/saslauthd.8 3.568 ++ $(INSTALL_DATA) $(srcdir)/saslauthd.mdoc $(DESTDIR)$(mandir)/man8/saslauthd.8 3.569 + # Tell versions [3.59,3.63) of GNU make to not export all variables. 3.570 + # Otherwise a system limit (for SysV at least) may be exceeded. 3.571 + .NOEXPORT: 3.572 +Index: saslauthd/lak.c 3.573 +--- saslauthd/lak.c.orig 2005-05-15 07:49:51 +0200 3.574 ++++ saslauthd/lak.c 2008-12-25 18:48:51 +0100 3.575 +@@ -47,6 +47,7 @@ 3.576 + #include <crypt.h> 3.577 + #endif 3.578 + 3.579 ++#include "saslauthd.h" /* get strlcpy macro for non-BSD; get HAVE_OPENSSL from config.h */ 3.580 + #ifdef HAVE_OPENSSL 3.581 + #ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT 3.582 + #define OPENSSL_DISABLE_OLD_DES_SUPPORT 3.583 +@@ -57,7 +58,7 @@ 3.584 + 3.585 + #include <ldap.h> 3.586 + #include <lber.h> 3.587 +-#include <sasl.h> 3.588 ++#include "sasl.h" 3.589 + #include "lak.h" 3.590 + 3.591 + typedef struct lak_auth_method { 3.592 +Index: utils/pluginviewer.c 3.593 +--- utils/pluginviewer.c.orig 2006-05-17 18:46:17 +0200 3.594 ++++ utils/pluginviewer.c 2008-12-25 18:48:51 +0100 3.595 +@@ -536,7 +536,7 @@ 3.596 + fprintf(stderr, "%s: Usage: %s [-a] [-s] [-c] [-b min=N,max=N] [-e ssf=N,id=ID] [-m MECHS] [-x AUXPROP_MECH] [-f FLAGS] [-i local=IP,remote=IP] [-p PATH]\n" 3.597 + "\t-a\tlist auxprop plugins\n" 3.598 + "\t-s\tlist server authentication (SASL) plugins\n" 3.599 +- "\t-s\tlist client authentication (SASL) plugins\n" 3.600 ++ "\t-c\tlist client authentication (SASL) plugins\n" 3.601 + "\t-b ...\t#bits to use for encryption\n" 3.602 + "\t\tmin=N\tminumum #bits to use (1 => integrity)\n" 3.603 + "\t\tmax=N\tmaximum #bits to use\n"
4.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 4.2 +++ b/sasl/sasl.pc Fri Oct 05 22:37:14 2012 +0200 4.3 @@ -0,0 +1,10 @@ 4.4 +prefix=@l_prefix@ 4.5 +exec_prefix=${prefix} 4.6 +libdir=${exec_prefix}/lib 4.7 +includedir=${prefix}/include 4.8 + 4.9 +Name: sasl 4.10 +Description: SASL 4.11 +Version: @version@ 4.12 +Libs: -L${libdir} @libs@ 4.13 +Cflags: -I${includedir}
5.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 5.2 +++ b/sasl/sasl.spec Fri Oct 05 22:37:14 2012 +0200 5.3 @@ -0,0 +1,440 @@ 5.4 +## 5.5 +## sasl.spec -- OpenPKG RPM Package Specification 5.6 +## Copyright (c) 2000-2010 OpenPKG Foundation e.V. <http://openpkg.net/> 5.7 +## 5.8 +## Permission to use, copy, modify, and distribute this software for 5.9 +## any purpose with or without fee is hereby granted, provided that 5.10 +## the above copyright notice and this permission notice appear in all 5.11 +## copies. 5.12 +## 5.13 +## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 5.14 +## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 5.15 +## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 5.16 +## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR 5.17 +## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 5.18 +## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 5.19 +## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 5.20 +## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 5.21 +## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 5.22 +## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 5.23 +## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5.24 +## SUCH DAMAGE. 5.25 +## 5.26 + 5.27 +# package information 5.28 +Name: sasl 5.29 +Summary: Simple Authentication and Security Layer (SASL) 5.30 +URL: http://www.cyrusimap.org/ 5.31 +Vendor: Cyrus Project, CMU 5.32 +Packager: OpenPKG Foundation e.V. 5.33 +Distribution: OpenPKG Community 5.34 +Class: BASE 5.35 +Group: Cryptography 5.36 +License: BSD 5.37 +Version: 2.1.23 5.38 +Release: 20101020 5.39 + 5.40 +# package options 5.41 +%option with_fsl yes 5.42 +%option with_sasldb yes 5.43 +%option with_pam no 5.44 +%option with_login no 5.45 +%option with_ldap no 5.46 +%option with_mysql no 5.47 +%option with_pgsql no 5.48 +%option with_sqlite no 5.49 +%option with_ntlm no 5.50 +%option with_otp no 5.51 +%option with_srp no 5.52 +%option with_kerberos no 5.53 + 5.54 +# list of sources 5.55 +Source0: ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-%{version}.tar.gz 5.56 +Source1: rc.sasl 5.57 +Source2: fsl.sasl 5.58 +Source3: saslauthd.conf 5.59 +Source4: sasl.pc 5.60 +Patch0: sasl.patch 5.61 + 5.62 +# build information 5.63 +BuildPreReq: OpenPKG, openpkg >= 20100101, gcc, make, groff 5.64 +PreReq: OpenPKG, openpkg >= 20100101 5.65 +BuildPreReq: db >= 4.1.24, openssl 5.66 +PreReq: db >= 4.1.24, openssl 5.67 +%if "%{with_fsl}" == "yes" 5.68 +BuildPreReq: fsl 5.69 +PreReq: fsl 5.70 +%endif 5.71 +%if "%{with_pam}" == "yes" 5.72 +BuildPreReq: PAM 5.73 +PreReq: PAM 5.74 +%endif 5.75 +%if "%{with_ldap}" == "yes" 5.76 +BuildPreReq: openldap 5.77 +PreReq: openldap 5.78 +%endif 5.79 +%if "%{with_mysql}" == "yes" 5.80 +BuildPreReq: mysql 5.81 +PreReq: mysql 5.82 +%endif 5.83 +%if "%{with_pgsql}" == "yes" 5.84 +BuildPreReq: postgresql 5.85 +PreReq: postgresql 5.86 +%endif 5.87 +%if "%{with_sqlite}" == "yes" 5.88 +BuildPreReq: sqlite 5.89 +PreReq: sqlite 5.90 +%endif 5.91 +%if "%{with_otp}" == "yes" 5.92 +BuildPreReq: opie 5.93 +PreReq: opie 5.94 +%endif 5.95 +%if "%{with_kerberos}" == "yes" 5.96 +BuildPreReq: KERBEROS 5.97 +PreReq: KERBEROS 5.98 +%endif 5.99 + 5.100 +%description 5.101 + SASL is the Simple Authentication and Security Layer, a method 5.102 + for adding authentication support to connection-based protocols. 5.103 + To use SASL, a protocol includes a command for identifying and 5.104 + authenticating a user to a server and for optionally negotiating 5.105 + protection of subsequent protocol interactions. If its use is 5.106 + negotiated, a security layer is inserted between the protocol and 5.107 + the connection. 5.108 + 5.109 +%track 5.110 + prog sasl = { 5.111 + version = %{version} 5.112 + url = ftp://ftp.cyrusimap.org/cyrus-sasl/ 5.113 + regex = cyrus-sasl-(\d+\.\d+\.\d+)\.tar\.gz 5.114 + } 5.115 + 5.116 +%prep 5.117 + %setup -q -n cyrus-sasl-%{version} 5.118 + %patch -p0 5.119 + 5.120 +%build 5.121 + # ensure the OpenPKG Berkeley-DB is picked up only 5.122 + %{l_shtool} subst \ 5.123 + -e 's;for dbname in db-.*db$;for dbname in db;' \ 5.124 + saslauthd/configure configure 5.125 + 5.126 + # disable some unwanted configure checks 5.127 + %{l_shtool} subst \ 5.128 + -e 's;\(SASL_DB_UTILS="saslpasswd2 sasldblistusers2\);\1 dbconverter-2;' \ 5.129 + -e "s;javac;javac-xxx;g" \ 5.130 + -e "s;javah;javah-xxx;g" \ 5.131 + -e "s;javadoc;javadoc-xxx;g" \ 5.132 + configure 5.133 + 5.134 + # fix OpenLDAP support 5.135 +%if "%{with_ldap}" == "yes" 5.136 + echo 'ac_cv_lib_ldap_ldap_initialize=yes' >config.cache 5.137 + %{l_shtool} subst \ 5.138 + -e "s;\(\$LDAP_LIBS\) *\(-lcrypto\);\1 -lssl -lcrypto \2;" \ 5.139 + saslauthd/configure 5.140 +%endif 5.141 + 5.142 + # fix GSS/Kerberos support 5.143 +%if "%{with_kerberos}" == "yes" 5.144 + %{l_shtool} subst \ 5.145 + -e 's;\(-lk5crypto\);\1 -lkrb5support;' \ 5.146 + configure 5.147 +%endif 5.148 + 5.149 + # enforce disabled Kerberos 5 support in saslauthd 5.150 + echo 'ac_cv_header_krb5_h=no' >config.cache 5.151 + 5.152 + # configure path to sasl-server config files 5.153 + %{l_shtool} subst \ 5.154 + -e 's;@l_sysconfdir@;%{l_prefix}/etc/sasl/sasl.d;g' \ 5.155 + lib/server.c 5.156 + 5.157 + # determine build flags 5.158 + cflags="%{l_cflags -O} %{l_cppflags}" 5.159 + ldflags="%{l_ldflags} %{l_fsl_ldflags}" 5.160 + libs="-ldb %{l_fsl_libs}" 5.161 +%if "%{with_ldap}" == "yes" 5.162 + cflags="$cflags -DAUTH_LDAP" 5.163 +%endif 5.164 +%if "%{with_mysql}" == "yes" 5.165 + libs="$libs -lz -lm" 5.166 +%endif 5.167 +%if "%{with_pgsql}" == "yes" 5.168 + cflags="$cflags -I%{l_cppflags postgresql}" 5.169 + libs="$libs -lssl -lcrypto -lcrypt" 5.170 +%endif 5.171 +%if "%{with_kerberos}" == "yes" 5.172 + cflags="$cflags `krb5-config --cflags gssapi`" 5.173 + libs="$libs `krb5-config --libs gssapi`" 5.174 +%endif 5.175 + case "%{l_platform -t}" in 5.176 + *-sunos* ) libs="$libs -lrt" ;; 5.177 + esac 5.178 + 5.179 + # configure package 5.180 + CC="%{l_cc}" \ 5.181 + CFLAGS="$cflags" \ 5.182 + CPPFLAGS="%{l_cppflags}" \ 5.183 + LDFLAGS="$ldflags" \ 5.184 + LIBS="$libs" \ 5.185 + ./configure \ 5.186 + --cache-file=./config.cache \ 5.187 + --prefix=%{l_prefix} \ 5.188 + --sysconfdir=%{l_prefix}/etc/sasl \ 5.189 + --with-configdir=%{l_prefix}/etc/sasl/sasl.d \ 5.190 + --with-plugindir=%{l_prefix}/lib/sasl \ 5.191 + --with-saslauthd=%{l_prefix}/var/sasl/run/saslauthd \ 5.192 + --enable-digest \ 5.193 + --enable-cram \ 5.194 + --enable-anon \ 5.195 +%if "%{with_sasldb}" == "yes" 5.196 + --enable-auth-sasldb \ 5.197 + --with-dbpath=%{l_prefix}/var/sasl/run/sasl.db \ 5.198 + --with-dblib=berkeley \ 5.199 + --with-bdb-incdir=%{l_prefix}/include \ 5.200 + --with-bdb-libdir=%{l_prefix}/lib \ 5.201 +%else 5.202 + --with-dblib=none \ 5.203 +%endif 5.204 + --with-openssl=%{l_prefix} \ 5.205 +%if "%{with_pam}" == "yes" 5.206 + --with-pam \ 5.207 +%else 5.208 + --without-pam \ 5.209 +%endif 5.210 +%if "%{with_login}" == "yes" 5.211 + --enable-login \ 5.212 +%else 5.213 + --disable-login \ 5.214 +%endif 5.215 +%if "%{with_ldap}" == "yes" 5.216 + --with-ldap=%{l_prefix} \ 5.217 +%else 5.218 + --without-ldap \ 5.219 +%endif 5.220 +%if "%{with_otp}" == "yes" 5.221 + --enable-otp \ 5.222 + --with-opie=%{l_prefix} \ 5.223 +%else 5.224 + --disable-otp \ 5.225 + --without-opie \ 5.226 +%endif 5.227 +%if "%{with_srp}" == "yes" 5.228 + --enable-srp \ 5.229 +%else 5.230 + --disable-srp \ 5.231 +%endif 5.232 +%if "%{with_kerberos}" == "yes" 5.233 + --enable-gssapi \ 5.234 + --with-gss_impl=`if [ -d %{l_prefix}/include/heimdal ]; then echo "heimdal"; else echo "mit"; fi` \ 5.235 +%else 5.236 + --disable-gssapi \ 5.237 + --without-gss_impl \ 5.238 +%endif 5.239 +%if "%{with_mysql}" == "yes" || "%{with_pgsql}" == "yes" || "%{with_sqlite}" == "yes" 5.240 + --enable-sql \ 5.241 +%if "%{with_mysql}" == "yes" 5.242 + --with-mysql=%{l_prefix} \ 5.243 +%else 5.244 + --without-mysql \ 5.245 +%endif 5.246 +%if "%{with_pgsql}" == "yes" 5.247 + --with-pgsql=%{l_prefix} \ 5.248 +%else 5.249 + --without-pgsql \ 5.250 +%endif 5.251 +%if "%{with_sqlite}" == "yes" 5.252 + --with-sqlite=%{l_prefix} \ 5.253 +%else 5.254 + --without-sqlite \ 5.255 +%endif 5.256 +%endif 5.257 +%if "%{with_ntlm}" == "yes" 5.258 + --enable-ntlm \ 5.259 +%else 5.260 + --disable-ntlm \ 5.261 +%endif 5.262 + --enable-shared \ 5.263 + --enable-static \ 5.264 + --enable-staticdlopen \ 5.265 + --enable-sample \ 5.266 + --disable-java \ 5.267 + --disable-krb4 \ 5.268 + --without-des 5.269 + 5.270 + # post adjustment: trust me, libtool, I know what I am doing 5.271 + %{l_shtool} subst \ 5.272 + -e 's;^\(deplibs_check_method=\).*;\1"pass_all";' \ 5.273 + -e 's/\(eval libobjs=.*$whole_archive_flag_spec.*\)$/case $archive_cmds in \\$LD* ) wl= ;; esac; \1/' \ 5.274 + libtool 5.275 + 5.276 + # post adjustment: do not reference static plugins 5.277 + %{l_shtool} subst \ 5.278 + -e '58s;.*;#define PIC;' \ 5.279 + lib/dlopen.c 5.280 + 5.281 + # post adjustment: do not pull static plugins into static library 5.282 + %{l_shtool} subst \ 5.283 + -e 's;-ln -s $(SASL_STATIC_SRCS) .;-ln ../sasldb/*.o ../plugins/*.o $(SASL_STATIC_SRCS) .;' \ 5.284 + lib/Makefile 5.285 + 5.286 + # post adjustment: build utils against static library 5.287 + %{l_shtool} subst \ 5.288 + -e 's;\(\$(CCLD)\);\1 -static;' \ 5.289 + -e 's;\(noinst.*=\) *dbconverter.*;\1;' \ 5.290 + utils/Makefile \ 5.291 + sample/Makefile 5.292 + 5.293 + # post adjustment: fix OpenLDAP support 5.294 +%if "%{with_ldap}" == "yes" 5.295 + %{l_shtool} subst \ 5.296 + -e "s;^\(saslauthd_LDADD[ ]*=[ ]*[^\\]*\);\1 -lcrypt -lldap -llber -lssl -lcrypto ;" \ 5.297 + saslauthd/Makefile 5.298 +%endif 5.299 + 5.300 + # build package 5.301 + %{l_make} %{l_mflags} 5.302 + ( cd saslauthd 5.303 + %{l_make} %{l_mflags} testsaslauthd 5.304 + ) || exit $? 5.305 + ( cd sample 5.306 + %{l_make} %{l_mflags} sample-client sample-server 5.307 + ) || exit $? 5.308 + 5.309 +%install 5.310 + 5.311 + # install package 5.312 + %{l_make} %{l_mflags} install AM_MAKEFLAGS="DESTDIR=$RPM_BUILD_ROOT" 5.313 + 5.314 + # remove libtool cruft 5.315 + rm -f \ 5.316 + $RPM_BUILD_ROOT%{l_prefix}/lib/*.la \ 5.317 + $RPM_BUILD_ROOT%{l_prefix}/lib/*.s[ol] \ 5.318 + $RPM_BUILD_ROOT%{l_prefix}/lib/*.s[ol].* \ 5.319 + $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2/*.a 5.320 + 5.321 + # post-adjust installation 5.322 + mv $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2 \ 5.323 + $RPM_BUILD_ROOT%{l_prefix}/lib/sasl 5.324 + mv $RPM_BUILD_ROOT%{l_prefix}/sbin/testsaslauthd \ 5.325 + $RPM_BUILD_ROOT%{l_prefix}/sbin/saslauthd-test 5.326 + mv $RPM_BUILD_ROOT%{l_prefix}/sbin/pluginviewer \ 5.327 + $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-pluginviewer 5.328 + mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/pluginviewer.8 \ 5.329 + $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasl-pluginviewer.8 5.330 + mv $RPM_BUILD_ROOT%{l_prefix}/sbin/saslpasswd2 \ 5.331 + $RPM_BUILD_ROOT%{l_prefix}/sbin/saslpasswd 5.332 + mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/saslpasswd2.8 \ 5.333 + $RPM_BUILD_ROOT%{l_prefix}/man/man8/saslpasswd.8 5.334 + mv $RPM_BUILD_ROOT%{l_prefix}/sbin/sasldblistusers2 \ 5.335 + $RPM_BUILD_ROOT%{l_prefix}/sbin/sasldblistusers 5.336 + mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasldblistusers2.8 \ 5.337 + $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasldblistusers.8 5.338 + rm -f $RPM_BUILD_ROOT%{l_prefix}/sbin/dbconverter-2 5.339 + strip $RPM_BUILD_ROOT%{l_prefix}/sbin/* >/dev/null 2>&1 || true 5.340 + 5.341 + # install sample client/server programs 5.342 + %{l_shtool} install -c -m 755 \ 5.343 + sample/sample-client \ 5.344 + $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-sample-client 5.345 + %{l_shtool} install -c -m 755 \ 5.346 + sample/sample-server \ 5.347 + $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-sample-server 5.348 + 5.349 + # install saslauthd default configuration 5.350 + %{l_shtool} mkdir -f -p -m 755 \ 5.351 + $RPM_BUILD_ROOT%{l_prefix}/etc/sasl 5.352 + %{l_shtool} install -c -m 755 \ 5.353 + %{SOURCE saslauthd.conf} \ 5.354 + $RPM_BUILD_ROOT%{l_prefix}/etc/sasl/ 5.355 + 5.356 + # create necessary additional directories 5.357 + %{l_shtool} mkdir -f -p -m 755 \ 5.358 + $RPM_BUILD_ROOT%{l_prefix}/var/sasl/log \ 5.359 + $RPM_BUILD_ROOT%{l_prefix}/var/sasl/run/saslauthd \ 5.360 + $RPM_BUILD_ROOT%{l_prefix}/etc/sasl/sasl.d 5.361 + 5.362 + # install run-command script 5.363 +%if "%{with_pam}" == "yes" 5.364 + l_authmech="pam" 5.365 +%else 5.366 + case "%{l_platform -t}" in 5.367 + *-linux* | *-sunos* ) l_authmech="shadow" ;; 5.368 + * ) l_authmech="getpwent" ;; 5.369 + esac 5.370 +%endif 5.371 + %{l_shtool} mkdir -f -p -m 755 \ 5.372 + $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d 5.373 + %{l_shtool} install -c -m 755 \ 5.374 + -e "s;@l_authmech@;${l_authmech};g" %{l_value -s -a} \ 5.375 + %{SOURCE rc.sasl} \ 5.376 + $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/ 5.377 + 5.378 + # install OSSP fsl configuration 5.379 + %{l_shtool} mkdir -f -p -m 755 \ 5.380 + $RPM_BUILD_ROOT%{l_prefix}/etc/fsl 5.381 + %{l_shtool} install -c -m 644 %{l_value -s -a} \ 5.382 + %{SOURCE fsl.sasl} \ 5.383 + $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/ 5.384 + 5.385 + # install pkg-config configuration 5.386 + libs="-lsasl2" 5.387 + case "%{l_platform -t}" in 5.388 + *-linux* ) libs="$libs -ldl" ;; 5.389 + esac 5.390 + %{l_shtool} mkdir -f -p -m 755 \ 5.391 + $RPM_BUILD_ROOT%{l_prefix}/lib/pkgconfig 5.392 + %{l_shtool} install -c -m 644 %{l_value -s -a} \ 5.393 + -e "s;@version@;%{version};" \ 5.394 + -e "s;@libs@;$libs;" \ 5.395 + %{SOURCE sasl.pc} \ 5.396 + $RPM_BUILD_ROOT%{l_prefix}/lib/pkgconfig/ 5.397 + 5.398 + # determine installation files 5.399 + %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \ 5.400 + %{l_files_std} \ 5.401 + '%config %{l_prefix}/etc/fsl/fsl.sasl' \ 5.402 + '%config %{l_prefix}/etc/sasl/saslauthd.conf' \ 5.403 + '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl' \ 5.404 + '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl/run' \ 5.405 + '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl/run/saslauthd' \ 5.406 + '%dir %attr(0700,%{l_susr},%{l_sgrp}) %{l_prefix}/var/sasl/log' 5.407 + 5.408 +%files -f files 5.409 + 5.410 +%clean 5.411 + 5.412 +%pre 5.413 + # before upgrade, save status and stop service 5.414 + [ $1 -eq 2 ] || exit 0 5.415 + eval `%{l_rc} sasl status 2>/dev/null | tee %{l_tmpfile}` 5.416 + %{l_rc} sasl stop 2>/dev/null 5.417 + exit 0 5.418 + 5.419 +%post 5.420 +%if "%{with_pam}" == "yes" 5.421 + if [ $1 -eq 1 ]; then 5.422 + # after install, add PAM configuration entry 5.423 + $RPM_INSTALL_PREFIX/sbin/pamtool --add --smart --name=sasl 5.424 + fi 5.425 +%endif 5.426 + if [ $1 -eq 2 ]; then 5.427 + # after upgrade, restore status 5.428 + eval `cat %{l_tmpfile}`; rm -f %{l_tmpfile} 5.429 + [ ".$sasl_active" = .yes ] && %{l_rc} sasl start 5.430 + fi 5.431 + exit 0 5.432 + 5.433 +%preun 5.434 + # before erase, stop service and remove log files 5.435 + [ $1 -eq 0 ] || exit 0 5.436 + %{l_rc} sasl stop 2>/dev/null 5.437 + rm -f $RPM_INSTALL_PREFIX/var/sasl/log/*.log* >/dev/null 2>&1 || true 5.438 +%if "%{with_pam}" == "yes" 5.439 + # remove PAM configuration entry 5.440 + $RPM_INSTALL_PREFIX/sbin/pamtool --remove --smart --name=sasl 5.441 +%endif 5.442 + exit 0 5.443 +
6.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 6.2 +++ b/sasl/saslauthd.conf Fri Oct 05 22:37:14 2012 +0200 6.3 @@ -0,0 +1,55 @@ 6.4 +## 6.5 +## saslauthd.conf -- SASL Authentication Daemon Configuration 6.6 +## 6.7 + 6.8 +# white space separated list of LDAP servers 6.9 +ldap_servers: ldap://127.0.0.1 6.10 + 6.11 +# authentication for restricted LDAP servers 6.12 +#ldap_bind_dn: cn=operator,ou=Profile,o=example.com 6.13 +#ldap_bind_pw: secret 6.14 + 6.15 +# LDAP version to use (2|3) 6.16 +#ldap_version 3 6.17 + 6.18 +# LDAP timeout 6.19 +#ldap_timeout 5 6.20 + 6.21 +# LDAP aliases (search|find|always|never) 6.22 +ldap_deref: never 6.23 + 6.24 +# follow LDAP referrals ? 6.25 +ldap_referrals: no 6.26 + 6.27 +# restart LDAP I/O operations that fail ? 6.28 +ldap_restart: yes 6.29 + 6.30 +# search scope (sub|one|base) 6.31 +#ldap_scope: sub 6.32 + 6.33 +# starting point for a search 6.34 +ldap_search_base: MUST-SPECIFY 6.35 + 6.36 +# authenticate against LDAP (bind|custom|fastbind) 6.37 +ldap_auth_method: bind 6.38 + 6.39 +# Filter LDAP records, %u = username, %r = realm 6.40 +# if ldap_auth_method is 'bind' the filter searches for the DN 6.41 +# otherwise the filter searches for the userPassword attribute 6.42 +#ldap_filter: uid=%u 6.43 + 6.44 +# debugging LDAP operation 6.45 +#ldap_debug 0 6.46 + 6.47 +# require and verify server certificate 6.48 +#ldap_tls_check_peer: no 6.49 +#ldap_tls_cacert_file: 6.50 +#ldap_tls_cacert_dir: 6.51 + 6.52 +# list of SSL/TLS ciphers to allow 6.53 +#ldap_tls_ciphers: DEFAULT 6.54 + 6.55 +# files containing client certificate and key 6.56 +#ldap_tls_cert: 6.57 +#ldap_tls_key: 6.58 +
