2 # - add ldap plugin from openldap sources
5 %bcond_without cryptedpw # if you keep crypted passwords in your *sql
6 %bcond_without ldap # disable LDAP support for saslauthd
7 %bcond_without gssapi # do not enable GSSAPI support for saslauthd and build gssapi plugin
8 %bcond_without mysql # don't build MySQL pluggin
9 %bcond_without pgsql # do not build PostgreSQL pluggin
10 %bcond_without sqlite # do not enable sqlite plugin
11 %bcond_with authlib # enable courier-authlib (i wasn't able to test it)
12 %bcond_with opie # enable opie plugin
13 %bcond_with srp # build srp pluggin
14 %bcond_with pwcheck # build pwcheck helper (deprecated)
15 %bcond_with x509 # build x509 plugin (no sources in package???)
17 %if !%{with mysql} && !%{with pgsql}
18 %undefine with_cryptedpw
21 Summary: The SASL library API for the Cyrus mail system
22 Summary(pl.UTF-8): Biblioteka Cyrus SASL
23 Summary(pt_BR.UTF-8): Implementação da API SASL
24 Summary(ru.UTF-8): Библиотека Cyrus SASL
25 Summary(uk.UTF-8): Бібліотека Cyrus SASL
29 License: distributable
31 Source0: ftp://ftp.andrew.cmu.edu/pub/cyrus/%{name}-%{version}.tar.gz
32 # Source0-md5: 45dde9d19193ae9dd388eb68b2027bc9
33 Source1: saslauthd.init
34 Source2: saslauthd.sysconfig
36 Patch0: %{name}-nolibs.patch
37 Patch1: %{name}-lt.patch
38 Patch2: %{name}-split-sql.patch
39 Patch3: %{name}-opie.patch
40 Patch4: %{name}-gcc4.patch
41 # Adapted from http://frost.ath.cx/software/cyrus-sasl-patches/dist/2.1.19/cyrus-sasl-2.1.19-checkpw.c+sql.c.patch
42 Patch5: %{name}-cryptedpw.patch
43 Patch6: %{name}-md5sum-passwords.patch
44 Patch7: %{name}-db.patch
45 Patch8: %{name}-automake_1_10.patch
46 URL: http://asg.web.cmu.edu/sasl/
47 BuildRequires: autoconf >= 2.54
48 BuildRequires: automake
49 %{?with_authlib:BuildRequires: courier-authlib-devel}
50 BuildRequires: db-devel
53 %{?with_gssapi:BuildRequires: krb5-devel}
54 BuildRequires: libtool >= 1.4
55 %{?with_mysql:BuildRequires: mysql-devel}
56 %{?with_ldap:BuildRequires: openldap-devel >= 2.3.0}
57 BuildRequires: openssl-devel >= 0.9.7d
58 %{?with_opie:BuildRequires: opie-devel}
59 BuildRequires: pam-devel
60 %{?with_pgsql:BuildRequires: postgresql-devel}
61 BuildRequires: rpmbuild(macros) >= 1.268
62 %{?with_sqlite:BuildRequires: sqlite-devel}
63 Requires: pam >= 0.79.0
64 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
66 %define _sysconfdir /etc/sasl
68 %define specflags -fno-strict-aliasing
71 This is an implementation of the SASL API, useful for adding
72 authentication, authorization, and security to network protocols. The
73 SASL protocol itself is documented in rfc2222; the API standard is a
76 Note: remember to install appropriate plugins, or you won't have any
77 authentication mechanisms available.
79 %description -l pl.UTF-8
80 Pakiet cyrus-sasl zawiera implementację biblioteki API SASL dla
81 systemu poczty elektronicznej Cyrusa. Biblioteka ta jest przydatna
82 także do dodawania uwierzytelniania, autoryzacji oraz zwiększania
83 bezpieczeństwa protokołów sieciowych. Sam protokół SASL jest opisany w
84 RFC 2222; standaryzacja API jest w toku.
86 Uwaga: aby były dostępne jakiekolwiek mechanizmy autoryzacji, należy
87 doinstalować odpowiednie wtyczki.
89 %description -l pt_BR.UTF-8
90 Esta é uma implementação da API SASL, útil para acrescentar
91 autenticação, autorização e seguança (criptografia) para protocolos de
92 rede. O protocolo SASL está documentado na RFC 2222. A API "padrão"
93 ainda está em desenvolvimento.
95 %description -l ru.UTF-8
96 Пакет cyrus-sasl содержит реализацию Cyrus SASL. SASL - это Simple
97 Authentication and Security Layer, метод для добавления поддержки
98 аутентикации к протоколам, основанным на соединениях.
100 %description -l uk.UTF-8
101 Пакет cyrus-sasl містить реалізацію Cyrus SASL. SASL - це Simple
102 Authentication and Security Layer, метод для додання підтримки
103 аутентикації до протоколів, базованих на з'єднаннях.
106 Summary: Header files and documentation for cyrus-sasl
107 Summary(pl.UTF-8): Pliki nagłówkowe i dokumentacja dla cyrus-sasl
108 Summary(pt_BR.UTF-8): Exemplos e arquivos para desenvolvimento com SASL
109 Summary(ru.UTF-8): Файлы для программирования с библиотекой Cyrus SASL
110 Summary(uk.UTF-8): Файли для програмування з бібліотекою Cyrus SASL
111 Group: Development/Libraries
112 Requires: %{name} = %{version}-%{release}
115 This includes the header files and documentation needed to develop
116 applications which use SASL.
118 %description devel -l pl.UTF-8
119 Pliki nagłówkowe i dokumentacja dla cyrus-sasl.
121 %description devel -l pt_BR.UTF-8
122 Este pacote inclui os arquivos de cabeçalho e documentação necessários
123 para desenvolver aplicativos que usem SASL.
125 %description devel -l ru.UTF-8
126 Хедеры и библиотеки, необходимые для разработки приложений,
127 использующих Cyrus SASL.
129 %description devel -l uk.UTF-8
130 Хедери та бібліотеки, необхідні для розробки програм, що
131 використовують Cyrus SASL.
134 Summary: Static cyrus-sasl libraries
135 Summary(pl.UTF-8): Statyczne biblioteki cyrus-sasl
136 Summary(ru.UTF-8): Статические библиотеки Cyrus SASL
137 Summary(uk.UTF-8): Статичні бібліотеки Cyrus SASL
138 Group: Development/Libraries
139 Requires: %{name}-devel = %{version}-%{release}
142 Static cyrus-sasl libraries.
144 %description static -l pl.UTF-8
145 Statyczne biblioteki cyrus-sasl.
147 %description static -l ru.UTF-8
148 Статические библиотеки, необходимые для разработки приложений,
149 использующих Cyrus SASL.
151 %description static -l uk.UTF-8
152 Статичні бібліотеки, необхідні для розробки програм, що використовують
156 Summary: Cram-MD5 Cyrus SASL plugin
157 Summary(pl.UTF-8): Wtyczka Cram-MD5 do Cyrus SASL
158 Summary(pt_BR.UTF-8): Mecanismo SASL CRAM-MD5
160 Requires: %{name} = %{version}-%{release}
162 %description cram-md5
163 This plugin implements the SASL CRAM-MD5 mechanism. CRAM-MD5 is the
164 mandatory-to-implement authentication mechanism for a number of
165 protocols; it uses MD5 with a challenge/response system to
166 authenticate the user.
168 %description cram-md5 -l pl.UTF-8
169 Wtyczka dodająca obsługę mechanizmu CRAM-MD5 do Cyrus SASL. CRAM-MD5
170 jest obowiązkowym do zaimplementowania mechanizmem uwierzytelniania
171 dla wielu protokołów; do uwierzytelnienia użytkownika używa MD5 wraz z
172 systemem challenge/response.
174 %description cram-md5 -l pt_BR.UTF-8
175 Este plugin implementa o mecanismo SASL CRAM-MD5. CRAM-MD5 é o
176 mecanismo de autenticação obrigatório de ser implementado para vários
177 protocolos: ele usa MD5 com um sistema de desafio/resposta para
178 autenticar o usuário.
181 Summary: Digest-MD5 Cyrus SASL plugin
182 Summary(pl.UTF-8): Wtyczka Digest-MD5 do Cyrus SASL
183 Summary(pt_BR.UTF-8): Mecanismo SASL DIGEST-MD5
185 Requires: %{name} = %{version}-%{release}
187 %description digest-md5
188 This plugin implements the latest draft of the SASL DIGEST-MD5
189 mechanism. Although not yet finalized, this is likely to become the
190 new mandatory-to-implement authentication system in all new protocols.
191 It's based on the digest md5 authentication system designed for HTTP.
193 %description digest-md5 -l pl.UTF-8
194 Wtyczka dodająca najnowszą wersję mechanizmu DIGEST-MD5 do Cyrus SASL.
195 Pomimo tego, że nie jest jeszcze ukończony, najprawdopodobniej stanie
196 się obowiązkowym do zaimplementowania systemem uwierzytelniania we
197 wszystkich nowych protokołach. Bazuje na systemie uwierzytelniania
198 Digest-MD5 zaprojektowanym dla HTTP.
200 %description digest-md5 -l pt_BR.UTF-8
201 Este plugin implementa a última versão da especificação do mecanismo
202 SASL DIGEST-MD5. Embora ainda não esteja finalizado, DIGEST-MD5
203 provavelmente será o novo sistema de autenticação obrigatório para
204 protocolos novos. Ele é baseado na autenticação md5 digest
205 desenvolvida para HTTP.
208 Summary: Plain Cyrus SASL plugin
209 Summary(pl.UTF-8): Wtyczka plain do Cyrus SASL
210 Summary(pt_BR.UTF-8): Mecanismo SASL PLAIN
212 Requires: %{name} = %{version}-%{release}
215 This plugin implements the SASL PLAIN mechanism. Although insecure,
216 PLAIN is useful for transitioning to new security mechanisms, as this
217 is the only mechanism which gives the server a copy of the user's
220 %description plain -l pl.UTF-8
221 Wtyczka dodająca obsługę mechanizmu PLAIN do Cyrus SASL. Pomimo tego,
222 że nie jest bezpieczny, PLAIN jest przydatny przy przechodzeniu na
223 nowe mechanizmu bezpieczeństwa, jako że jest to jedyny mechanizm,
224 który udostępnia serwerowi kopię hasła użytkownika.
226 %description plain -l pt_BR.UTF-8
227 Este plugin implementa o mecanismo SASL PLAIN. Embora inseguro, este
228 mecanismo é útil durante transições para novos mecanismos de
229 segurança, pois é o único esquema que fornece uma cópia da senha do
230 usuário para o servidor.
233 Summary: Anonymous Cyrus SASL plugin
234 Summary(pl.UTF-8): Wtyczka anonymous do Cyrus SASL
235 Summary(pt_BR.UTF-8): Mecanismo SASL ANONYMOUS
237 Requires: %{name} = %{version}-%{release}
239 %description anonymous
240 This plugin implements the SASL ANONYMOUS mechanism, used for
241 anonymous authentication.
243 %description anonymous -l pl.UTF-8
244 Wtyczka dodająca obsługę mechanizmu ANONYMOUS do Cyrus SASL. Służy do
245 anonimowego uwierzytelniania.
247 %description anonymous -l pt_BR.UTF-8
248 Este plugin implementa o mecanismo SASL ANONYMOUS, usado para
249 autenticação anônima.
252 Summary: GSSAPI Cyrus SASL plugin
253 Summary(pl.UTF-8): Wtyczka GSSAPI do Cyrus SASL
254 Summary(pt_BR.UTF-8): Mecanismo SASL GSSAPI
256 Requires: %{name} = %{version}-%{release}
259 This plugin implements the SASL GSSAPI mechanism, used for
260 GSSAPI/Kerberos5 authentication.
262 %description gssapi -l pl.UTF-8
263 Wtyczka dodająca obsługę mechanizmu SASL GSSAPI, używanego do
264 uwierzytelniania z użyciem GSSAPI/Kerberos5.
266 %description gssapi -l pt_BR.UTF-8
267 Este plugin implementa o mecanismo SASL GSSAPI, usado para
268 autenticação Kerberos/GSSAPI.
271 Summary: Unsupported Login Cyrus SASL plugin
272 Summary(pl.UTF-8): Nie wspierana wtyczka Login do Cyrus SASL
274 Requires: %{name} = %{version}-%{release}
277 Unsupported LOGIN Cyrus SASL plugin.
279 %description login -l pl.UTF-8
280 Wtyczka dodająca obsługę nie wspieranego mechanizmu LOGIN do Cyrus
284 Summary: SRP Cyrus SASL plugin
285 Summary(pl.UTF-8): Wtyczka SRP do Cyrus SASL
286 Summary(pt_BR.UTF-8): Mecanismo SASL SRP
288 Requires: %{name} = %{version}-%{release}
291 This plugin implements the SASL SRP mechanism, based on the Secure
292 Remote Password protocol. This mechanism performs mutual
293 authentication and can provide a security layer with replay detection,
294 integrity protection and/or condifentiality protection.
296 %description srp -l pl.UTF-8
297 Wtyczka dodająca obsługę mechanizmu SRP do Cyrus SASL. Bazuje na
298 protokole Secure Remote Password. Ten mechanizm dokonuje wzajemnego
299 uwierzytelnienia i może dodawać warstwę bezpieczeństwa z wykrywaniem
300 powtarzania, zabezpieczeniem integralności i/lub poufności.
302 %description srp -l pt_BR.UTF-8
303 Este plugin implementa o mecanismo SASL SRP, baseado no protocolo SRP
304 (Secure Remote Password). Este mecanismo oferece autenticação mútua
305 (do cliente e do servidor) e pode prover uma camada de segurança com
306 detecção de ataques de replay, garantia de integridade e/ou
310 Summary: OTP Cyrus SASL plugin
311 Summary(pl.UTF-8): Wtyczka OTP do Cyrus SASL
312 Summary(pt_BR.UTF-8): Mecanismo SASL OTP
314 Requires: %{name} = %{version}-%{release}
317 This plugin implements the SASL OTP (One Time Password) mechanism.
319 %description otp -l pl.UTF-8
320 Wtyczka dodająca obsługę mechanizmu OTP (hasła jednorazowe) do Cyrus
324 Summary: OPIE Cyrus SASL plugin
325 Summary(pl.UTF-8): Wtyczka OPIE do Cyrus SASL
326 Summary(pt_BR.UTF-8): Mecanismo SASL OPIE
328 Requires: %{name} = %{version}-%{release}
331 This plugin implements the SASL OPIE (One Time Password) mechanism.
333 %description opie -l pl.UTF-8
334 Wtyczka dodająca obsługę mechanizmu OPIE (hasła jednorazowe) do Cyrus
338 Summary: x509 Cyrus SASL plugin
339 Summary(pl.UTF-8): Wtyczka x509 do Cyrus SASL
341 Requires: %{name} = %{version}-%{release}
344 x509 Cyrus SASL plugin.
346 %description x509 -l pl.UTF-8
347 Wtyczka x509 do Cyrus SASL.
350 Summary: Cyrus SASL authd
351 Summary(pl.UTF-8): Demon authd do Cyrus SASL
353 Requires(post,preun): /sbin/chkconfig
354 Requires: %{name} = %{version}-%{release}
355 Requires: /sbin/chkconfig
358 %description saslauthd
361 %description saslauthd -l pl.UTF-8
362 Demon authd do Cyrus SASL.
365 Summary: Cyrus SASL pwcheck helper
366 Summary(pl.UTF-8): Program pomocniczy pwcheck do Cyrus SASL
368 Requires: %{name} = %{version}-%{release}
371 Cyrus SASL pwcheck helper.
373 %description pwcheck -l pl.UTF-8
374 Program pomocniczy pwcheck do Cyrus SASL.
377 Summary: Cyrus SASL sasldb plugin
378 Summary(pl.UTF-8): Wtyczka sasldb do Cyrus SASL
380 Requires: %{name} = %{version}-%{release}
383 Cyrus SASL sasldb plugin.
385 %description sasldb -l pl.UTF-8
386 Wtyczka sasldb do Cyrus SASL.
389 Summary: Cyrus SASL MySQL plugin
390 Summary(pl.UTF-8): Wtyczka MySQL do Cyrus SASL
392 Requires: %{name} = %{version}-%{release}
395 Cyrus SASL MySQL plugin.
397 %description mysql -l pl.UTF-8
398 Wtyczka MySQL do Cyrus SASL.
401 Summary: Cyrus SASL PostgreSQL plugin
402 Summary(pl.UTF-8): Wtyczka PostgreSQL do Cyrus SASL
404 Requires: %{name} = %{version}-%{release}
407 Cyrus SASL PostgreSQL plugin.
409 %description pgsql -l pl.UTF-8
410 Wtyczka PostgreSQL do Cyrus SASL.
413 Summary: Cyrus SQLite PostgreSQL plugin
414 Summary(pl.UTF-8): Wtyczka SQLite do Cyrus SASL
416 Requires: %{name} = %{version}-%{release}
419 Cyrus SASL SQLite plugin.
421 %description sqlite -l pl.UTF-8
422 Wtyczka SQLite do Cyrus SASL.
431 %if %{with cryptedpw}
439 echo "cyrus-sasl complies with the following RFCs:" > rfc-compliance
440 ls rfc*.txt >> rfc-compliance
444 rm -rf autom4te.cache saslauthd/autom4te.cache
445 # acinclude.m4 contains only old libtool.m4
446 rm -f acinclude.m4 libtool config/libtool.m4 saslauthd/acinclude.m4
450 %{__aclocal} -I cmulocal -I config
457 %{__aclocal} -I ../cmulocal -I ../config -I config
464 %{?with_cryptedpw: LDFLAGS=-lcrypt} \
466 %{!?with_gssapi: --disable-gssapi} \
467 %{?with_gssapi: --enable-gssapi --with-gss_impl=mit} \
471 %{?with_srp: --enable-srp} \
473 --with-plugindir=%{_libdir}/sasl2 \
474 --with-configdir=%{_sysconfdir} \
475 --with-dblib=berkeley \
476 --with-dbpath=/var/lib/sasl2/sasl.db \
477 %{?with_authlib:--with-authdaemond=/var/spool/authdaemon/socket} \
478 %{?with_ldap: --with-ldap=%{_prefix}} \
479 %{?with_mysql: --with-mysql=%{_prefix}} \
480 %{?with_pgsql: --with-pgsql=%{_prefix}} \
481 %{?with_sqlite: --with-sqlite=%{_prefix}} \
482 %{?with_opie: --with-opie=%{_prefix}} \
484 %{?with_pwcheck: --with-pwcheck=/var/lib/sasl2} \
485 --with-saslauthd=/var/lib/sasl2
488 %{__make} -C saslauthd testsaslauthd
489 %{__make} -C saslauthd saslcache
492 RFCLIST=`grep 'rfc.\+\.txt' rfc-compliance`
493 for i in $RFCLIST; do
494 RFCDIR=../RFC/text/`echo $i | sed -e 's:^rfc::' -e 's:..\.txt$::' `00
495 echo -e ',s:'$i':'$RFCDIR/$i'\n,w\nq' | ed index.html
499 rm -rf $RPM_BUILD_ROOT
500 install -d $RPM_BUILD_ROOT{%{_bindir},/var/lib/sasl2,%{_sysconfdir},/etc/{rc.d/init.d,sysconfig}} \
501 $RPM_BUILD_ROOT%{_mandir}/man8
504 sasldir=%{_libdir}/sasl2 \
505 DESTDIR=$RPM_BUILD_ROOT
507 rm -rf $RPM_BUILD_ROOT%{_mandir}/cat*
508 rm -f $RPM_BUILD_ROOT%{_libdir}/sasl2/*.{la,a}
510 install utils/*.8 $RPM_BUILD_ROOT%{_mandir}/man8
511 install saslauthd/saslauthd.mdoc $RPM_BUILD_ROOT%{_mandir}/man8/saslauthd.8
513 ln -sf libsasl2.so $RPM_BUILD_ROOT%{_libdir}/libsasl.so
515 touch $RPM_BUILD_ROOT/var/lib/sasl2/sasl.db
517 # create empty config
518 touch $RPM_BUILD_ROOT%{_sysconfdir}/saslauthd.conf
519 install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/saslauthd
520 install %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/saslauthd
521 install %{SOURCE3} ./cyrus.pam
523 install saslauthd/{testsaslauthd,saslcache} $RPM_BUILD_ROOT%{_sbindir}
525 # sample programs for testing sasl
526 libtool --mode=install cp sample/client $RPM_BUILD_ROOT%{_bindir}/sasl-sample-client
527 libtool --mode=install cp sample/server $RPM_BUILD_ROOT%{_bindir}/sasl-sample-server
530 rm -rf $RPM_BUILD_ROOT
532 %post -p /sbin/ldconfig
533 %postun -p /sbin/ldconfig
536 /sbin/chkconfig --add saslauthd
537 %service saslauthd restart
540 if [ "$1" = "0" ]; then
541 %service saslauthd stop
542 /sbin/chkconfig --del saslauthd
546 %defattr(644,root,root,755)
547 %doc AUTHORS COPYING ChangeLog NEWS README
548 %doc doc/{ONEWS,TODO,*.txt,*.html,*.fig,rfc-compliance}
550 %dir %{_libdir}/sasl2
552 %attr(755,root,root) %{_libdir}/lib*.so.*.*
553 # sample programs to subpackage instead?
554 %attr(755,root,root) %{_bindir}/sasl-sample-client
555 %attr(755,root,root) %{_bindir}/sasl-sample-server
556 %attr(755,root,root) %{_sbindir}/pluginviewer
557 %attr(755,root,root) %{_sbindir}/sasldblistusers2
558 %attr(755,root,root) %{_sbindir}/saslpasswd2
560 %attr(640,root,mail) %ghost %config(noreplace) %verify(not md5 mtime size) /var/lib/sasl2/sasl.db
561 %{_mandir}/man8/pluginviewer.8*
562 %{_mandir}/man8/sasldblistusers2.8*
563 %{_mandir}/man8/saslpasswd2.8*
566 %defattr(644,root,root,755)
568 %attr(755,root,root) %{_libdir}/lib*.so
573 %defattr(644,root,root,755)
577 %defattr(644,root,root,755)
578 %attr(755,root,root) %{_libdir}/sasl2/libanonymous.so*
582 %defattr(644,root,root,755)
583 %attr(755,root,root) %{_libdir}/sasl2/libgssapiv2.so*
587 %defattr(644,root,root,755)
588 %attr(755,root,root) %{_libdir}/sasl2/libcrammd5.so*
591 %defattr(644,root,root,755)
592 %attr(755,root,root) %{_libdir}/sasl2/libdigestmd5.so*
595 %defattr(644,root,root,755)
596 %attr(755,root,root) %{_libdir}/sasl2/liblogin.so*
599 %defattr(644,root,root,755)
600 %attr(755,root,root) %{_libdir}/sasl2/libotp.so*
604 %defattr(644,root,root,755)
605 %attr(755,root,root) %{_libdir}/sasl2/libopie.so*
609 %defattr(644,root,root,755)
610 %attr(755,root,root) %{_libdir}/sasl2/libplain.so*
613 %defattr(644,root,root,755)
614 %attr(755,root,root) %{_libdir}/sasl2/libsasldb.so*
618 %defattr(644,root,root,755)
619 %attr(755,root,root) %{_libdir}/sasl2/libmysql.so*
624 %defattr(644,root,root,755)
625 %attr(755,root,root) %{_libdir}/sasl2/libpgsql.so*
630 %defattr(644,root,root,755)
631 %attr(755,root,root) %{_libdir}/sasl2/libsqlite.so*
636 %defattr(644,root,root,755)
637 %attr(755,root,root) %{_libdir}/sasl2/libsrp.so*
642 %defattr(644,root,root,755)
643 %attr(755,root,root) %{_libdir}/sasl2/libx509.so*
648 %defattr(644,root,root,755)
649 %attr(755,root,root) %{_sbindir}/pwcheck
653 %defattr(644,root,root,755)
655 %doc saslauthd/{AUTHORS,LDAP_SASLAUTHD}
656 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/saslauthd.conf
657 %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/saslauthd
658 %attr(755,root,root) %{_sbindir}/saslauthd
659 %attr(755,root,root) %{_sbindir}/testsaslauthd
660 %attr(755,root,root) %{_sbindir}/saslcache
661 %attr(754,root,root) /etc/rc.d/init.d/saslauthd
662 %{_mandir}/man8/saslauthd.8*