# - add ldap plugin from openldap sources
#
# Conditional build:
-# _with_srp - build srp pluggin
-# _without_myslq - don't build mysql pluggin
-# _without_ldap - disable LDAP support for sasluthd
+%bcond_without ldap # disable LDAP support for saslauthd
+%bcond_without gssapi # do not enable GSSAPI support for saslauthd and build gssapi plugin
+%bcond_without mysql # don't build MySQL pluggin
+%bcond_without pgsql # do not build PostgreSQL pluggin
+%bcond_without sqlite # do not enable sqlite plugin
+%bcond_with authlib # enable courier-authlib (i wasn't able to test it)
+%bcond_with cryptedpw # if you keep crypted passwords in your *sql
+%bcond_with opie # enable opie plugin
+%bcond_with srp # build srp pluggin
+%bcond_with pwcheck # build pwcheck helper (deprecated)
+%bcond_with x509 # build x509 plugin (no sources in package???)
#
+%if %{without mysql} && %{without pgsql}
+%undefine with_cryptedpw
+%endif
+
Summary: The SASL library API for the Cyrus mail system
Summary(pl): Biblioteka Cyrus SASL
Summary(pt_BR): Implementação da API SASL
Summary(ru): âÉÂÌÉÏÔÅËÁ Cyrus SASL
Summary(uk): â¦Â̦ÏÔÅËÁ Cyrus SASL
Name: cyrus-sasl
-Version: 2.1.13
-Release: 0.2
+Version: 2.1.21
+Release: 8
License: distributable
Group: Libraries
Source0: ftp://ftp.andrew.cmu.edu/pub/cyrus/%{name}-%{version}.tar.gz
-# Source0-md5: 1114d59d970791932e96de8557472672
+# Source0-md5: dde02db234dea892bee298390890502e
Source1: saslauthd.init
Source2: saslauthd.sysconfig
Source3: %{name}.pam
Patch0: %{name}-configdir.patch
Patch1: %{name}-nolibs.patch
-Patch2: %{name}-lt14d.patch
-Patch3: %{name}-do_dlopen.patch
+Patch2: %{name}-lt.patch
+Patch3: %{name}-split-sql.patch
+Patch4: %{name}-opie.patch
+Patch5: %{name}-gcc4.patch
+# Adapted from http://frost.ath.cx/software/cyrus-sasl-patches/dist/2.1.19/cyrus-sasl-2.1.19-checkpw.c+sql.c.patch
+Patch6: %{name}-cryptedpw.patch
+Patch7: %{name}-md5sum-passwords.patch
URL: http://asg.web.cmu.edu/sasl/
-BuildRequires: autoconf
+BuildRequires: autoconf >= 2.54
BuildRequires: automake
+%{?with_authlib:BuildRequires: courier-authlib-devel}
BuildRequires: db-devel
BuildRequires: ed
-BuildRequires: libtool >= 1.4
-%{!?_without_mysql:BuildRequires: mysql-devel}
-%{!?_without_ldap:BuildRequires: openldap-devel}
-BuildRequires: openssl-devel >= 0.9.7
+BuildRequires: groff
+%{?with_gssapi:BuildRequires: heimdal-devel >= 0.7}
+BuildRequires: libtool >= 1.4
+%{?with_mysql:BuildRequires: mysql-devel}
+%{?with_ldap:BuildRequires: openldap-devel >= 2.3.0}
+BuildRequires: openssl-devel >= 0.9.7d
+%{?with_opie:BuildRequires: opie-devel}
BuildRequires: pam-devel
-Requires(post): /sbin/ldconfig
+%{?with_pgsql:BuildRequires: postgresql-devel}
+%{?with_sqlite:BuildRequires: sqlite-devel}
+Requires: pam >= 0.79.0
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define _sysconfdir /etc/sasl
+%define specflags -fno-strict-aliasing
+
%description
This is an implementation of the SASL API, useful for adding
authentication, authorization, and security to network protocols. The
SASL protocol itself is documented in rfc2222; the API standard is a
work in progress.
+Note: remember to install appropriate plugins, or you won't have any
+authentication mechanisms available.
+
%description -l pl
Pakiet cyrus-sasl zawiera implementacjê biblioteki API SASL dla
systemu poczty elektronicznej Cyrusa. Biblioteka ta jest przydatna
bezpieczeñstwa protoko³ów sieciowych. Sam protokó³ SASL jest opisany w
RFC 2222; standaryzacja API jest w toku.
+Uwaga: aby by³y dostêpne jakiekolwiek mechanizmy autoryzacji, nale¿y
+doinstalowaæ odpowiednie wtyczki.
+
%description -l pt_BR
Esta é uma implementação da API SASL, útil para acrescentar
autenticação, autorização e seguança (criptografia) para protocolos de
Summary: Header files and documentation for cyrus-sasl
Summary(pl): Pliki nag³ówkowe i dokumentacja dla cyrus-sasl
Summary(pt_BR): Exemplos e arquivos para desenvolvimento com SASL
-Summary(ru): æÁÊÌÙ ÄÌÑ ÐÒÏÇÒÁÍÍÉÒÏ×ÁÎÉÑ Ó ÂÉÂÌÉÏÔÅËÏÊ Cyrus SASL
Summary(ru): æÁÊÌÉ ÄÌÑ ÐÒÏÇÒÁÍÕ×ÁÎÎÑ Ú Â¦Â̦ÏÔÅËÏÀ Cyrus SASL
+Summary(ru): æÁÊÌÙ ÄÌÑ ÐÒÏÇÒÁÍÍÉÒÏ×ÁÎÉÑ Ó ÂÉÂÌÉÏÔÅËÏÊ Cyrus SASL
Group: Development/Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description devel
This includes the header files and documentation needed to develop
Summary(ru): óÔÁÔÉÞÅÓËÉÅ ÂÉÂÌÉÏÔÅËÉ Cyrus SASL
Summary(uk): óÔÁÔÉÞΦ ¦Â̦ÏÔÅËÉ Cyrus SASL
Group: Development/Libraries
-Requires: %{name}-devel = %{version}
+Requires: %{name}-devel = %{version}-%{release}
%description static
Static cyrus-sasl libraries.
Summary(pl): Wtyczka Cram-MD5 do Cyrus SASL
Summary(pt_BR): Mecanismo SASL CRAM-MD5
Group: Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description cram-md5
This plugin implements the SASL CRAM-MD5 mechanism. CRAM-MD5 is the
Summary(pl): Wtyczka Digest-MD5 do Cyrus SASL
Summary(pt_BR): Mecanismo SASL DIGEST-MD5
Group: Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description digest-md5
This plugin implements the latest draft of the SASL DIGEST-MD5
Summary(pl): Wtyczka plain do Cyrus SASL
Summary(pt_BR): Mecanismo SASL PLAIN
Group: Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description plain
This plugin implements the SASL PLAIN mechanism. Although insecure,
Summary(pl): Wtyczka anonymous do Cyrus SASL
Summary(pt_BR): Mecanismo SASL ANONYMOUS
Group: Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description anonymous
This plugin implements the SASL ANONYMOUS mechanism, used for
Este plugin implementa o mecanismo SASL ANONYMOUS, usado para
autenticação anônima.
+%package gssapi
+Summary: GSSAPI Cyrus SASL plugin
+Summary(pl): Wtyczka GSSAPI do Cyrus SASL
+Summary(pt_BR): Mecanismo SASL GSSAPI
+Group: Libraries
+Requires: %{name} = %{version}-%{release}
+
+%description gssapi
+This plugin implements the SASL GSSAPI mechanism, used for
+GSSAPI/Kerberos5 authentication.
+
+%description gssapi -l pl
+Wtyczka dodaj±ca obs³ugê mechanizmu SASL GSSAPI, u¿ywanego do
+uwierzytelniania z u¿yciem GSSAPI/Kerberos5.
+
+%description gssapi -l pt_BR
+Este plugin implementa o mecanismo SASL GSSAPI, usado para
+autenticação Kerberos/GSSAPI.
+
%package login
Summary: Unsupported Login Cyrus SASL plugin
Summary(pl): Nie wspierana wtyczka Login do Cyrus SASL
Group: Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description login
Unsupported LOGIN Cyrus SASL plugin.
Summary(pl): Wtyczka SRP do Cyrus SASL
Summary(pt_BR): Mecanismo SASL SRP
Group: Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description srp
This plugin implements the SASL SRP mechanism, based on the Secure
Summary(pl): Wtyczka OTP do Cyrus SASL
Summary(pt_BR): Mecanismo SASL OTP
Group: Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description otp
This plugin implements the SASL OTP (One Time Password) mechanism.
Wtyczka dodaj±ca obs³ugê mechanizmu OTP (has³a jednorazowe) do Cyrus
SASL.
+%package opie
+Summary: OPIE Cyrus SASL plugin
+Summary(pl): Wtyczka OPIE do Cyrus SASL
+Summary(pt_BR): Mecanismo SASL OPIE
+Group: Libraries
+Requires: %{name} = %{version}-%{release}
+
+%description opie
+This plugin implements the SASL OPIE (One Time Password) mechanism.
+
+%description opie -l pl
+Wtyczka dodaj±ca obs³ugê mechanizmu OPIE (has³a jednorazowe) do Cyrus
+SASL.
+
%package x509
Summary: x509 Cyrus SASL plugin
Summary(pl): Wtyczka x509 do Cyrus SASL
Group: Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description x509
x509 Cyrus SASL plugin.
%package saslauthd
Summary: Cyrus SASL authd
Summary(pl): Demon authd do Cyrus SASL
-Group: Libraries
-Requires(post,postun): /sbin/chkconfig
-Requires: %{name} = %{version}
+Group: Daemons
+Requires(post,preun): /sbin/chkconfig
+Requires: %{name} = %{version}-%{release}
+Requires: rc-scripts
%description saslauthd
Cyrus SASL authd.
Summary: Cyrus SASL pwcheck helper
Summary(pl): Program pomocniczy pwcheck do Cyrus SASL
Group: Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description pwcheck
Cyrus SASL pwcheck helper.
Summary: Cyrus SASL sasldb plugin
Summary(pl): Wtyczka sasldb do Cyrus SASL
Group: Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description sasldb
Cyrus SASL sasldb plugin.
Wtyczka sasldb do Cyrus SASL.
%package mysql
-Summary: Cyrus SASL mysql plugin
-Summary(pl): Wtyczka mysql do Cyrus SASL
+Summary: Cyrus SASL MySQL plugin
+Summary(pl): Wtyczka MySQL do Cyrus SASL
Group: Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description mysql
-Cyrus SASL mysql plugin.
+Cyrus SASL MySQL plugin.
%description mysql -l pl
-Wtyczka mysql do Cyrus SASL.
+Wtyczka MySQL do Cyrus SASL.
+
+%package pgsql
+Summary: Cyrus SASL PostgreSQL plugin
+Summary(pl): Wtyczka PostgreSQL do Cyrus SASL
+Group: Libraries
+Requires: %{name} = %{version}-%{release}
+
+%description pgsql
+Cyrus SASL PostgreSQL plugin.
+
+%description pgsql -l pl
+Wtyczka PostgreSQL do Cyrus SASL.
+
+%package sqlite
+Summary: Cyrus SQLite PostgreSQL plugin
+Summary(pl): Wtyczka SQLite do Cyrus SASL
+Group: Libraries
+Requires: %{name} = %{version}-%{release}
+
+%description sqlite
+Cyrus SASL SQLite plugin.
+
+%description sqlite -l pl
+Wtyczka SQLite do Cyrus SASL.
%prep
-%setup -q
+%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%if %{with cryptedpw}
+%patch6 -p1
+%patch7 -p1
+%endif
cd doc
echo "cyrus-sasl complies with the following RFCs:" > rfc-compliance
rm -f rfc*.txt
cd ..
-%build
+rm -rf autom4te.cache saslauthd/autom4te.cache
# acinclude.m4 contains only old libtool.m4
-rm -f acinclude.m4 config/missing
+rm -f acinclude.m4 libtool config/libtool.m4 saslauthd/acinclude.m4
+
+%build
%{__libtoolize}
%{__aclocal} -I cmulocal -I config
%{__autoheader}
%{__autoconf}
cd saslauthd
- %{__aclocal} -I ../cmulocal -I ../config -I config
- %{__autoheader}
- %{__automake}
- %{__autoconf}
+%{__libtoolize}
+%{__aclocal} -I ../cmulocal -I ../config -I config
+%{__autoheader}
+%{__automake}
+%{__autoconf}
cd ..
-LDFLAGS="%{rpmldflags} -ldl"; export LDFLAGS
%configure \
- --enable-static \
+ %{?with_cryptedpw: LDFLAGS=-lcrypt} \
+ --disable-krb4 \
+ %{!?with_gssapi: --disable-gssapi} \
+ %{?with_gssapi: --enable-gssapi --with-gss_impl=heimdal} \
--enable-login \
- %{?_with_srp:--enable-srp} \
- %{?!_without_mysql: --with-mysql=%{_prefix}} \
- %{?!_without_ldap: --with-ldap=%{_prefix}} \
- %{?_with_pwcheck: --with-pwcheck=/var/lib/sasl2} \
- --with-saslauthd=/var/lib/sasl2 \
- --with-pam \
+ --enable-sql \
+ %{?with_srp: --enable-srp} \
+ --enable-static \
+ --with-plugindir=%{_libdir}/sasl2 \
+ --with-configdir=%{_sysconfdir} \
--with-dblib=berkeley \
--with-dbpath=/var/lib/sasl2/sasl.db \
- --with-configdir=%{_sysconfdir} \
- --disable-krb4 \
- --disable-gssapi
+ %{?with_authlib:--with-authdaemond=/var/spool/authdaemon/socket} \
+ %{?with_ldap: --with-ldap=%{_prefix}} \
+ %{?with_mysql: --with-mysql=%{_prefix}} \
+ %{?with_pgsql: --with-pgsql=%{_prefix}} \
+ %{?with_sqlite: --with-sqlite=%{_prefix}} \
+ %{?with_opie: --with-opie=%{_prefix}} \
+ --with-pam \
+ %{?with_pwcheck: --with-pwcheck=/var/lib/sasl2} \
+ --with-saslauthd=/var/lib/sasl2
%{__make}
+%{__make} -C saslauthd testsaslauthd
+%{__make} -C saslauthd saslcache
+
cd doc
RFCLIST=`grep 'rfc.\+\.txt' rfc-compliance`
for i in $RFCLIST; do
RFCDIR=../RFC/text/`echo $i | sed -e 's:^rfc::' -e 's:..\.txt$::' `00
echo -e ',s:'$i':'$RFCDIR/$i'\n,w\nq' | ed index.html
done
-cd ..
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{/var/lib/sasl2,%{_sysconfdir},/etc/{rc.d/init.d,sysconfig}} \
+install -d $RPM_BUILD_ROOT{%{_bindir},/var/lib/sasl2,%{_sysconfdir},/etc/{rc.d/init.d,sysconfig}} \
$RPM_BUILD_ROOT%{_mandir}/man8
%{__make} install \
+ sasldir=%{_libdir}/sasl2 \
DESTDIR=$RPM_BUILD_ROOT
rm -rf $RPM_BUILD_ROOT%{_mandir}/cat*
rm -f $RPM_BUILD_ROOT%{_libdir}/sasl2/*.{la,a}
-install {utils,saslauthd}/*.8 $RPM_BUILD_ROOT%{_mandir}/man8
+install utils/*.8 $RPM_BUILD_ROOT%{_mandir}/man8
+install saslauthd/saslauthd.mdoc $RPM_BUILD_ROOT%{_mandir}/man8/saslauthd.8
ln -sf libsasl2.so $RPM_BUILD_ROOT%{_libdir}/libsasl.so
touch $RPM_BUILD_ROOT/var/lib/sasl2/sasl.db
+# create empty config
+touch $RPM_BUILD_ROOT%{_sysconfdir}/saslauthd.conf
install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/saslauthd
install %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/saslauthd
install %{SOURCE3} ./cyrus.pam
+install saslauthd/{testsaslauthd,saslcache} $RPM_BUILD_ROOT%{_sbindir}
+
+# sample programs for testing sasl
+libtool --mode=install cp sample/client $RPM_BUILD_ROOT%{_bindir}/sasl-sample-client
+libtool --mode=install cp sample/server $RPM_BUILD_ROOT%{_bindir}/sasl-sample-server
+
%clean
rm -rf $RPM_BUILD_ROOT
-%post
-/sbin/ldconfig
-echo "Remember to install appropriate plugins, or you won't have any mechs available."
-
+%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%post saslauthd
%dir %{_libdir}/sasl2
%dir /var/lib/sasl2
%attr(755,root,root) %{_libdir}/lib*.so.*.*
+# sample programs to subpackage instead?
+%attr(755,root,root) %{_bindir}/sasl-sample-client
+%attr(755,root,root) %{_bindir}/sasl-sample-server
%attr(755,root,root) %{_sbindir}/sasldblistusers2
%attr(755,root,root) %{_sbindir}/saslpasswd2
-%attr(640,root,mail) %ghost %config(noreplace) %verify(not mtime md5 size) /var/lib/sasl2/sasl.db
+%attr(640,root,mail) %ghost %config(noreplace) %verify(not md5 mtime size) /var/lib/sasl2/sasl.db
%{_mandir}/man8/sasldblistusers2.*
%{_mandir}/man8/saslpasswd2.*
%defattr(644,root,root,755)
%attr(755,root,root) %{_libdir}/sasl2/libanonymous.so*
+%if %{with gssapi}
+%files gssapi
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sasl2/libgssapiv2.so*
+%endif
+
%files cram-md5
%defattr(644,root,root,755)
%attr(755,root,root) %{_libdir}/sasl2/libcrammd5.so*
%defattr(644,root,root,755)
%attr(755,root,root) %{_libdir}/sasl2/libotp.so*
+%if %{with opie}
+%files opie
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sasl2/libopie.so*
+%endif
+
%files plain
%defattr(644,root,root,755)
%attr(755,root,root) %{_libdir}/sasl2/libplain.so*
%defattr(644,root,root,755)
%attr(755,root,root) %{_libdir}/sasl2/libsasldb.so*
-%if %{!?_without_mysql:1}%{?_without_mysql:0}
+%if %{with mysql}
%files mysql
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/sasl2/libmysql*.so*
+%attr(755,root,root) %{_libdir}/sasl2/libmysql.so*
+%endif
+
+%if %{with pgsql}
+%files pgsql
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sasl2/libpgsql.so*
+%endif
+
+%if %{with sqlite}
+%files sqlite
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sasl2/libsqlite.so*
%endif
-%if %{?_with_srp:1}%{?!_with_srp:0}
+%if %{with srp}
%files srp
%defattr(644,root,root,755)
%attr(755,root,root) %{_libdir}/sasl2/libsrp.so*
%endif
-%if %{?_with_x509:1}%{?!_with_x509:0}
+%if %{with x509}
%files x509
%defattr(644,root,root,755)
%attr(755,root,root) %{_libdir}/sasl2/libx509.so*
%endif
-%if %{?_with_pwcheck:1}%{?!_with_pwcheck:0}
+%if %{with pwcheck}
%files pwcheck
%defattr(644,root,root,755)
%attr(755,root,root) %{_sbindir}/pwcheck
%files saslauthd
%defattr(644,root,root,755)
%doc cyrus.pam
+%doc saslauthd/{AUTHORS,LDAP_SASLAUTHD}
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/saslauthd.conf
+%config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/saslauthd
%attr(755,root,root) %{_sbindir}/saslauthd
+%attr(755,root,root) %{_sbindir}/testsaslauthd
+%attr(755,root,root) %{_sbindir}/saslcache
%attr(754,root,root) /etc/rc.d/init.d/saslauthd
-%config(noreplace) %verify(not mtime md5 size) /etc/sysconfig/saslauthd
%{_mandir}/man8/saslauthd.*