#
# Conditional builds:
-# x509 - build x509 pluggin
-# srp - build srp pluggin
+# _with_srp - build srp pluggin
+# _without_myslq - don't build mysql pluggin
+# _without_ldap - disable LDAP support for sasluthd
#
Summary: The SASL library API for the Cyrus mail system
Summary(pl): Biblioteka Cyrus SASL
+Summary(pt_BR): Implementação da API SASL
+Summary(ru): âÉÂÌÉÏÔÅËÁ Cyrus SASL
+Summary(uk): â¦Â̦ÏÔÅËÁ Cyrus SASL
Name: cyrus-sasl
-Version: 1.5.27
-Release: 11
+Version: 2.1.12
+Release: 2
License: distributable
Group: Libraries
-Source0: ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%{name}-%{version}.tar.gz
+Source0: ftp://ftp.andrew.cmu.edu/pub/cyrus-mail//%{name}-%{version}.tar.gz
Source1: saslauthd.init
Source2: saslauthd.sysconfig
Source3: %{name}.pam
Patch0: %{name}-configdir.patch
-Patch1: %{name}-des.patch
-Patch2: %{name}-mysql-ldap.patch
-Patch3: %{name}-saslauthd.patch
-#Patch4: http://www.imasy.or.jp/~ume/ipv6/cyrus-sasl-1.5.24-ipv6-20010321.diff.gz
-Patch4: %{name}-ipv6.patch
-Patch5: %{name}-ac25x.patch
-Patch6: saslauthd-man.diff
+Patch1: %{name}-nolibs.patch
+Patch2: %{name}-lt14d.patch
+Patch3: %{name}-do_dlopen.patch
BuildRequires: autoconf
BuildRequires: automake
-BuildRequires: db3-devel >= 3.1.17-8
-BuildRequires: pam-devel
-BuildRequires: openssl-devel >= 0.9.6a
+BuildRequires: db-devel
BuildRequires: libtool >= 1.4
-%{?_with_mysql:BuildRequires: mysql-devel}
-%{?_with_ldap:BuildRequires: openldap-devel}
+%{!?_without_mysql:BuildRequires: mysql-devel}
+%{!?_without_ldap:BuildRequires: openldap-devel}
+BuildRequires: openssl-devel >= 0.9.7
+BuildRequires: pam-devel
URL: http://asg.web.cmu.edu/sasl/
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define _sysconfdir /etc/sasl
%description
-The cyrus-sasl package contains the SASL library API implementation
-for the Cyrus mail system.
+This is an implementation of the SASL API, useful for adding
+authentication, authorization, and security to network protocols. The
+SASL protocol itself is documented in rfc2222; the API standard is a
+work in progress.
%description -l pl
Pakiet cyrus-sasl zawiera implementacjê biblioteki API SASL dla
-systemu poczty elektronicznej Cyrusa.
+systemu poczty elektronicznej Cyrusa. Biblioteka ta jest przydatna
+tak¿e do dodawania uwierzytelniania, autoryzacji oraz zwiêkszania
+bezpieczeñstwa protoko³ów sieciowych. Sam protokó³ SASL jest opisany w
+RFC 2222; standaryzacja API jest w toku.
+
+%description -l pt_BR
+Esta é uma implementação da API SASL, útil para acrescentar
+autenticação, autorização e seguança (criptografia) para protocolos de
+rede. O protocolo SASL está documentado na RFC 2222. A API "padrão"
+ainda está em desenvolvimento.
+
+%description -l ru
+ðÁËÅÔ cyrus-sasl ÓÏÄÅÒÖÉÔ ÒÅÁÌÉÚÁÃÉÀ Cyrus SASL. SASL - ÜÔÏ Simple
+Authentication and Security Layer, ÍÅÔÏÄ ÄÌÑ ÄÏÂÁ×ÌÅÎÉÑ ÐÏÄÄÅÒÖËÉ
+ÁÕÔÅÎÔÉËÁÃÉÉ Ë ÐÒÏÔÏËÏÌÁÍ, ÏÓÎÏ×ÁÎÎÙÍ ÎÁ ÓÏÅÄÉÎÅÎÉÑÈ.
+
+%description -l uk
+ðÁËÅÔ cyrus-sasl ͦÓÔÉÔØ ÒÅÁ̦ÚÁæÀ Cyrus SASL. SASL - ÃÅ Simple
+Authentication and Security Layer, ÍÅÔÏÄ ÄÌÑ ÄÏÄÁÎÎÑ Ð¦ÄÔÒÉÍËÉ
+ÁÕÔÅÎÔÉËÁæ§ ÄÏ ÐÒÏÔÏËÏ̦×, ÂÁÚÏ×ÁÎÉÈ ÎÁ Ú'¤ÄÎÁÎÎÑÈ.
%package devel
Summary: Header files and documentation for cyrus-sasl
Summary(pl): Pliki nag³ówkowe i dokumentacja dla cyrus-sasl
+Summary(pt_BR): Exemplos e arquivos para desenvolvimento com SASL
+Summary(ru): æÁÊÌÙ ÄÌÑ ÐÒÏÇÒÁÍÍÉÒÏ×ÁÎÉÑ Ó ÂÉÂÌÉÏÔÅËÏÊ Cyrus SASL
+Summary(ru): æÁÊÌÉ ÄÌÑ ÐÒÏÇÒÁÍÕ×ÁÎÎÑ Ú Â¦Â̦ÏÔÅËÏÀ Cyrus SASL
Group: Development/Libraries
Requires: %{name} = %{version}
%description devel
-Header files and documentation for cyrus-sasl.
+This includes the header files and documentation needed to develop
+applications which use SASL.
%description devel -l pl
Pliki nag³ówkowe i dokumentacja dla cyrus-sasl.
+%description devel -l pt_BR
+Este pacote inclui os arquivos de cabeçalho e documentação necessários
+para desenvolver aplicativos que usem SASL.
+
+%description devel -l ru
+èÅÄÅÒÙ É ÂÉÂÌÉÏÔÅËÉ, ÎÅÏÂÈÏÄÉÍÙÅ ÄÌÑ ÒÁÚÒÁÂÏÔËÉ ÐÒÉÌÏÖÅÎÉÊ,
+ÉÓÐÏÌØÚÕÀÝÉÈ Cyrus SASL.
+
+%description devel -l uk
+èÅÄÅÒÉ ÔÁ ¦Â̦ÏÔÅËÉ, ÎÅÏÂȦÄΦ ÄÌÑ ÒÏÚÒÏÂËÉ ÐÒÏÇÒÁÍ, ÝÏ
+×ÉËÏÒÉÓÔÏ×ÕÀÔØ Cyrus SASL.
+
%package static
Summary: Static cyrus-sasl libraries
Summary(pl): Statyczne biblioteki cyrus-sasl
+Summary(ru): óÔÁÔÉÞÅÓËÉÅ ÂÉÂÌÉÏÔÅËÉ Cyrus SASL
+Summary(uk): óÔÁÔÉÞΦ ¦Â̦ÏÔÅËÉ Cyrus SASL
Group: Development/Libraries
Requires: %{name}-devel = %{version}
%description static -l pl
Statyczne biblioteki cyrus-sasl.
+%description static -l ru
+óÔÁÔÉÞÅÓËÉÅ ÂÉÂÌÉÏÔÅËÉ, ÎÅÏÂÈÏÄÉÍÙÅ ÄÌÑ ÒÁÚÒÁÂÏÔËÉ ÐÒÉÌÏÖÅÎÉÊ,
+ÉÓÐÏÌØÚÕÀÝÉÈ Cyrus SASL.
+
+%description static -l uk
+óÔÁÔÉÞΦ ¦Â̦ÏÔÅËÉ, ÎÅÏÂȦÄΦ ÄÌÑ ÒÏÚÒÏÂËÉ ÐÒÏÇÒÁÍ, ÝÏ ×ÉËÏÒÉÓÔÏ×ÕÀÔØ
+Cyrus SASL.
+
%package cram-md5
Summary: Cram-MD5 Cyrus SASL plugin
Summary(pl): Wtyczka Cram-MD5 do Cyrus SASL
+Summary(pt_BR): Mecanismo SASL CRAM-MD5
Group: Libraries
Requires: %{name} = %{version}
%description cram-md5
-Cram-MD5 Cyrus SASL plugin.
+This plugin implements the SASL CRAM-MD5 mechanism. CRAM-MD5 is the
+mandatory-to-implement authentication mechanism for a number of
+protocols; it uses MD5 with a challenge/response system to
+authenticate the user.
%description cram-md5 -l pl
-Wtyczka Cram-MD5 do Cyrus SASL.
+Wtyczka dodaj±ca obs³ugê mechanizmu CRAM-MD5 do Cyrus SASL. CRAM-MD5
+jest obowi±zkowym do zaimplementowania mechanizmem uwierzytelniania
+dla wielu protoko³ów; do uwierzytelnienia u¿ytkownika u¿ywa MD5 wraz z
+systemem challenge/response.
+
+%description cram-md5 -l pt_BR
+Este plugin implementa o mecanismo SASL CRAM-MD5. CRAM-MD5 é o
+mecanismo de autenticação obrigatório de ser implementado para vários
+protocolos: ele usa MD5 com um sistema de desafio/resposta para
+autenticar o usuário.
%package digest-md5
Summary: Digest-MD5 Cyrus SASL plugin
Summary(pl): Wtyczka Digest-MD5 do Cyrus SASL
+Summary(pt_BR): Mecanismo SASL DIGEST-MD5
Group: Libraries
Requires: %{name} = %{version}
%description digest-md5
-Digest-MD5 Cyrus SASL plugin.
+This plugin implements the latest draft of the SASL DIGEST-MD5
+mechanism. Although not yet finalized, this is likely to become the
+new mandatory-to-implement authentication system in all new protocols.
+It's based on the digest md5 authentication system designed for HTTP.
%description digest-md5 -l pl
-Wtyczka Digest-MD5 do Cyrus SASL.
+Wtyczka dodaj±ca najnowsz± wersjê mechanizmu DIGEST-MD5 do Cyrus SASL.
+Pomimo tego, ¿e nie jest jeszcze ukoñczony, najprawdopodobniej stanie
+siê obowi±zkowym do zaimplementowania systemem uwierzytelniania we
+wszystkich nowych protoko³ach. Bazuje na systemie uwierzytelniania
+Digest-MD5 zaprojektowanym dla HTTP.
+
+%description digest-md5 -l pt_BR
+Este plugin implementa a última versão da especificação do mecanismo
+SASL DIGEST-MD5. Embora ainda não esteja finalizado, DIGEST-MD5
+provavelmente será o novo sistema de autenticação obrigatório para
+protocolos novos. Ele é baseado na autenticação md5 digest
+desenvolvida para HTTP.
%package plain
Summary: Plain Cyrus SASL plugin
Summary(pl): Wtyczka plain do Cyrus SASL
+Summary(pt_BR): Mecanismo SASL PLAIN
Group: Libraries
Requires: %{name} = %{version}
%description plain
-Plain Cyrus SASL plugin.
+This plugin implements the SASL PLAIN mechanism. Although insecure,
+PLAIN is useful for transitioning to new security mechanisms, as this
+is the only mechanism which gives the server a copy of the user's
+password.
%description plain -l pl
-Wtyczka plain do Cyrus SASL.
+Wtyczka dodaj±ca obs³ugê mechanizmu PLAIN do Cyrus SASL. Pomimo tego,
+¿e nie jest bezpieczny, PLAIN jest przydatny przy przechodzeniu na
+nowe mechanizmu bezpieczeñstwa, jako ¿e jest to jedyny mechanizm,
+który udostêpnia serwerowi kopiê has³a u¿ytkownika.
+
+%description plain -l pt_BR
+Este plugin implementa o mecanismo SASL PLAIN. Embora inseguro, este
+mecanismo é útil durante transições para novos mecanismos de
+segurança, pois é o único esquema que fornece uma cópia da senha do
+usuário para o servidor.
%package anonymous
Summary: Anonymous Cyrus SASL plugin
Summary(pl): Wtyczka anonymous do Cyrus SASL
+Summary(pt_BR): Mecanismo SASL ANONYMOUS
Group: Libraries
Requires: %{name} = %{version}
%description anonymous
-Anonymous Cyrus SASL plugin.
+This plugin implements the SASL ANONYMOUS mechanism, used for
+anonymous authentication.
%description anonymous -l pl
-Wtyczka anonymous do Cyrus SASL.
+Wtyczka dodaj±ca obs³ugê mechanizmu ANONYMOUS do Cyrus SASL. S³u¿y do
+anonimowego uwierzytelniania.
+
+%description anonymous -l pt_BR
+Este plugin implementa o mecanismo SASL ANONYMOUS, usado para
+autenticação anônima.
%package login
Summary: Unsupported Login Cyrus SASL plugin
-Summary(pl): Wtyczka Unsupported Login do Cyrus SASL
+Summary(pl): Nie wspierana wtyczka Login do Cyrus SASL
Group: Libraries
Requires: %{name} = %{version}
%description login
-Unsupported Login Cyrus SASL plugin.
+Unsupported LOGIN Cyrus SASL plugin.
%description login -l pl
-Wtyczka Unsupported Login do Cyrus SASL.
+Wtyczka dodaj±ca obs³ugê nie wspieranego mechanizmu LOGIN do Cyrus
+SASL.
%package srp
Summary: SRP Cyrus SASL plugin
Summary(pl): Wtyczka SRP do Cyrus SASL
+Summary(pt_BR): Mecanismo SASL SRP
Group: Libraries
Requires: %{name} = %{version}
%description srp
-SRP Cyrus SASL plugin.
+This plugin implements the SASL SRP mechanism, based on the Secure
+Remote Password protocol. This mechanism performs mutual
+authentication and can provide a security layer with replay detection,
+integrity protection and/or condifentiality protection.
%description srp -l pl
-Wtyczka SRP do Cyrus SASL.
+Wtyczka dodaj±ca obs³ugê mechanizmu SRP do Cyrus SASL. Bazuje na
+protokole Secure Remote Password. Ten mechanizm dokonuje wzajemnego
+uwierzytelnienia i mo¿e dodawaæ warstwê bezpieczeñstwa z wykrywaniem
+powtarzania, zabezpieczeniem integralno¶ci i/lub poufno¶ci.
+
+%description srp -l pt_BR
+Este plugin implementa o mecanismo SASL SRP, baseado no protocolo SRP
+(Secure Remote Password). Este mecanismo oferece autenticação mútua
+(do cliente e do servidor) e pode prover uma camada de segurança com
+detecção de ataques de replay, garantia de integridade e/ou
+confidencialidade.
+
+%package otp
+Summary: OTP Cyrus SASL plugin
+Summary(pl): Wtyczka OTP do Cyrus SASL
+Summary(pt_BR): Mecanismo SASL OTP
+Group: Libraries
+Requires: %{name} = %{version}
+
+%description otp
+This plugin implements the SASL OTP (One Time Password) mechanism.
+
+%description otp -l pl
+Wtyczka dodaj±ca obs³ugê mechanizmu OTP (has³a jednorazowe) do Cyrus
+SASL.
%package x509
Summary: x509 Cyrus SASL plugin
Summary: Cyrus SASL authd
Summary(pl): Demon authd do Cyrus SASL
Group: Libraries
+Requires(post,postun): /sbin/chkconfig
Requires: %{name} = %{version}
-Prereq: /sbin/chkconfig
%description saslauthd
Cyrus SASL authd.
%description pwcheck -l pl
Program pomocniczy pwcheck do Cyrus SASL.
+%package sasldb
+Summary: Cyrus SASL sasldb plugin
+Summary(pl): Wtyczka sasldb do Cyrus SASL
+Group: Libraries
+Requires: %{name} = %{version}
+
+%description sasldb
+Cyrus SASL sasldb plugin.
+
+%description sasldb -l pl
+Wtyczka sasldb do Cyrus SASL.
+
+%package mysql
+Summary: Cyrus SASL mysql plugin
+Summary(pl): Wtyczka mysql do Cyrus SASL
+Group: Libraries
+Requires: %{name} = %{version}
+
+%description mysql
+Cyrus SASL mysql plugin.
+
+%description mysql -l pl
+Wtyczka mysql do Cyrus SASL.
+
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p0
+
+cd doc
+echo "cyrus-sasl complies with the following RFCs:" > rfc-compliance
+ls rfc*.txt >> rfc-compliance
+rm -f rfc*.txt
+cd ..
%build
-rm -f config/missing
-libtoolize --copy --force
-aclocal -I cmulocal
-autoheader
+# acinclude.m4 contains only old libtool.m4
+rm -f acinclude.m4 config/missing
+%{__libtoolize}
+%{__aclocal} -I cmulocal -I config
+%{__autoheader}
+%{__automake}
+%{__autoconf}
+
+cd saslauthd
+%{__aclocal} -I ../cmulocal -I ../config -I config
+%{__autoheader}
automake -a
-autoconf
+%{__autoconf}
+cd ..
+
LDFLAGS="%{rpmldflags} -ldl"; export LDFLAGS
%configure \
--enable-static \
--enable-login \
%{?_with_srp:--enable-srp} \
- %{?_with_x509:--enable-x509} \
- %{?_with_mysql: --with-mysql=%{_prefix}} \
- %{?_with_ldap: --with-ldap=%{_prefix}} \
- %{?_with_pwcheck: --with-pwcheck=/var/lib/sasl} \
- --with-saslauthd=/var/lib/sasl \
+ %{?!_without_mysql: --with-mysql=%{_prefix}} \
+ %{?!_without_ldap: --with-ldap=%{_prefix}} \
+ %{?_with_pwcheck: --with-pwcheck=/var/lib/sasl2} \
+ --with-saslauthd=/var/lib/sasl2 \
--with-pam \
--with-dblib=berkeley \
- --with-dbpath=/var/lib/sasl/sasl.db \
- --with-configdir=%{_sysconfdir}
+ --with-dbpath=/var/lib/sasl2/sasl.db \
+ --with-configdir=%{_sysconfdir} \
+ --disable-krb4 \
+ --disable-gssapi
%{__make}
+cd doc
+RFCLIST=`grep 'rfc.+\.txt' rfc-compliance`
+for i in $RFCLIST; do
+ RFCDIR=../RFC/text/`echo $i | sed -e 's:^rfc::' -e 's:..\.txt$::' `00
+ echo -e ',s:'$i':'$RFCDIR/$i\n,w\nq' | ed index.html
+done
+cd ..
+
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{/var/lib/sasl,%{_sysconfdir},/etc/{rc.d/init.d,sysconfig,pam.d}}
-
+install -d $RPM_BUILD_ROOT{/var/lib/sasl2,%{_sysconfdir},/etc/{rc.d/init.d,sysconfig}} \
+ $RPM_BUILD_ROOT%{_mandir}/man8
%{__make} install DESTDIR=$RPM_BUILD_ROOT
-touch $RPM_BUILD_ROOT/var/lib/sasl/sasl.db
+rm -rf $RPM_BUILD_ROOT%{_mandir}/cat*
+rm -f $RPM_BUILD_ROOT%{_libdir}/sasl2/*.la
+
+install {utils,saslauthd}/*.8 $RPM_BUILD_ROOT%{_mandir}/man8
+
+ln -sf libsasl2.so $RPM_BUILD_ROOT%{_libdir}/libsasl.so
+
+touch $RPM_BUILD_ROOT/var/lib/sasl2/sasl.db
install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/saslauthd
install %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/saslauthd
-install %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/cyrus
-
-gzip -9nf COPYING testing.txt NEWS TODO README doc/*.txt
+install %{SOURCE3} ./cyrus.pam
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(644,root,root,755)
+%doc AUTHORS COPYING ChangeLog NEWS README
+%doc doc/{ONEWS,TODO,*.txt,*.html,*.fig,rfc-compliance}
%dir %{_sysconfdir}
-%dir %{_libdir}/sasl
-%dir /var/lib/sasl
+%dir %{_libdir}/sasl2
+%dir /var/lib/sasl2
%attr(755,root,root) %{_libdir}/lib*.so.*.*
-%attr(755,root,root) %{_sbindir}/sasldblistusers
-%attr(755,root,root) %{_sbindir}/saslpasswd
+%attr(755,root,root) %{_sbindir}/sasldblistusers2
+%attr(755,root,root) %{_sbindir}/saslpasswd2
-%attr(640,root,mail) %ghost %config(noreplace) %verify(not mtime md5 size) /var/lib/sasl/sasl.db
-%{_mandir}/man[18]/*
-%doc *.gz doc/*.gz doc/*.html
+%attr(640,root,mail) %ghost %config(noreplace) %verify(not mtime md5 size) /var/lib/sasl2/sasl.db
+%{_mandir}/man8/sasldblistusers2.*
+%{_mandir}/man8/saslpasswd2.*
%files devel
%defattr(644,root,root,755)
-%{_includedir}/*.h
+%{_includedir}/sasl
%attr(755,root,root) %{_libdir}/lib*.so
-%attr(755,root,root) %{_libdir}/lib*.la
+%{_libdir}/lib*.la
+%{_mandir}/man3/*
%files static
%defattr(644,root,root,755)
%{_libdir}/lib*.a
-%{_libdir}/sasl/lib*.a
+%{_libdir}/sasl2/lib*.a
+
+%files anonymous
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sasl2/libanonymous.so*
%files cram-md5
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/sasl/libcrammd5.so*
+%attr(755,root,root) %{_libdir}/sasl2/libcrammd5.so*
%files digest-md5
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/sasl/libdigestmd5.so*
+%attr(755,root,root) %{_libdir}/sasl2/libdigestmd5.so*
+
+%files login
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sasl2/liblogin.so*
+
+%files otp
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sasl2/libotp.so*
%files plain
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/sasl/libplain.so*
+%attr(755,root,root) %{_libdir}/sasl2/libplain.so*
-%files anonymous
+%files sasldb
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/sasl/libanonymous.so*
+%attr(755,root,root) %{_libdir}/sasl2/libsasldb.so*
-%files login
+%if %{!?_without_mysql:1}%{?_without_mysql:0}
+%files mysql
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/sasl/liblogin.so*
+%attr(755,root,root) %{_libdir}/sasl2/libmysql*.so*
+%endif
%if %{?_with_srp:1}%{?!_with_srp:0}
%files srp
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/sasl/libsrp.so*
+%attr(755,root,root) %{_libdir}/sasl2/libsrp.so*
%endif
%if %{?_with_x509:1}%{?!_with_x509:0}
%files x509
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/sasl/libx509.so*
+%attr(755,root,root) %{_libdir}/sasl2/libx509.so*
%endif
%if %{?_with_pwcheck:1}%{?!_with_pwcheck:0}
%files saslauthd
%defattr(644,root,root,755)
+%doc cyrus.pam
%attr(755,root,root) %{_sbindir}/saslauthd
%attr(754,root,root) /etc/rc.d/init.d/saslauthd
%config(noreplace) %verify(not mtime md5 size) /etc/sysconfig/saslauthd
-%config(noreplace) %verify(not mtime md5 size) /etc/pam.d/cyrus
+%{_mandir}/man8/saslauthd.*