more LDAP support

sasl/rc.sasl

@@ -6,7 +6,11 @@
 %config
     sasl_enable="yes"
     sasl_authmech="@authmech@"
-    sasl_threads="5"
+    #sasl_authmech="sasldb"
+    #sasl_authmech="rimap -O remote.imap.server"
+    #sasl_authmech="pam"
+    #sasl_authmech="ldap"
+    sasl_threads="2"
 
 %start -p 200 -u @l_susr@
     opServiceEnabled sasl || exit 0

sasl/sasl.spec

@@ -46,6 +46,7 @@ Release:      20030312
 Source0:      ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-%{version}.tar.gz
 Source1:      rc.sasl
 Source2:      fsl.sasl
+Source3:      saslauthd.conf
 Patch0:       sasl.patch
 
 #   build information
@@ -194,16 +195,20 @@ AutoReqProv:  no
         $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2/*.a
 
     %{l_shtool} mkdir -f -p -m 755 \
-        $RPM_BUILD_ROOT%{l_prefix}/man/man8
+        $RPM_BUILD_ROOT%{l_prefix}/man/man8 \
+        $RPM_BUILD_ROOT%{l_prefix}/sbin \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/sasl \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
     %{l_shtool} install -c -m 644 \
         utils/saslpasswd2.8 \
         utils/sasldblistusers2.8 \
         $RPM_BUILD_ROOT%{l_prefix}/man/man8/
-    %{l_shtool} mkdir -f -p -m 755 \
-        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
     %{l_shtool} install -c -m 755 \
         saslauthd/testsaslauthd  \
         $RPM_BUILD_ROOT%{l_prefix}/sbin/
+    %{l_shtool} install -c -m 755 \
+        %{SOURCE saslauthd.conf} \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/sasl/
     %{l_shtool} install -c -m 755 \
         -e 's;@l_prefix@;%{l_prefix};g' \
         -e 's;@l_susr@;%{l_susr};g' \
@@ -247,6 +252,7 @@ AutoReqProv:  no
         '%config %{l_prefix}/etc/fsl/fsl.sasl' \
         '%not %dir %{l_prefix}/etc/fsl' \
 %endif
+        '%config %{l_prefix}/etc/sasl/saslauthd.conf' \
         '%dir %attr(0750,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl' \
         '%dir %attr(-,%{l_susr},%{l_sgrp}) %{l_prefix}/var/sasl/log'
 

sasl/saslauthd.conf

@@ -0,0 +1,54 @@
+# white space separated list of LDAP servers
+ldap_servers: ldap://127.0.0.1
+
+# authentication for restricted LDAP servers
+#ldap_bind_dn: cn=operator,ou=Profile,o=foo.com
+#ldap_bind_pw: secret
+
+# LDAP version to use (2|3)
+#ldap_version 3
+
+# LDAP timeout
+#ldap_timeout 5
+
+# LDAP aliases (search|find|always|never)
+ldap_deref: never
+
+# follow LDAP referrals ?
+ldap_referrals: no
+
+# restart LDAP I/O operations that fail ?
+ldap_restart: yes
+
+## deprecated client side caching, ignored
+##ldap_cache_ttl
+##ldap_cache_mem
+
+# search scope (sub|one|base)
+#ldap_scope: sub
+
+# starting point for a search
+#ldap_search_base:
+
+# authenticate against LDAP (bind|custom|fastbind)
+ldap_auth_method: bind
+
+# Filter LDAP records, %u = username, %r = realm
+# if ldap_auth_method is 'bind' the filter searches for the DN
+# otherwise the filter searches for the userPassword attribute
+#ldap_filter: uid=%u
+
+# debugging LDAP operation
+#ldap_debug 0
+
+# require and verify server certificate
+#ldap_tls_check_peer:  no
+#ldap_tls_cacert_file:
+#ldap_tls_cacert_dir:
+
+# list of SSL/TLS ciphers to allow
+#ldap_tls_ciphers: DEFAULT
+
+# files containing client certificate and key
+#ldap_tls_cert:
+#ldap_tls_key: