##
##  sks.spec -- OpenPKG RPM Package Specification
##  Copyright (c) 2000-2022 OpenPKG Project <http://openpkg.org/>
##
##  Permission to use, copy, modify, and distribute this software for
##  any purpose with or without fee is hereby granted, provided that
##  the above copyright notice and this permission notice appear in all
##  copies.
##
##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
##  SUCH DAMAGE.
##

#   package information
Name:         sks
Summary:      OpenPGP Key Server
URL:          http://www.nongnu.org/sks/
Vendor:       Yaron Minsky
Packager:     OpenPKG Project
Distribution: OpenPKG Community
Class:        EVAL
Group:        PGP
License:      GPL
Version:      1.0.10
Release:      20080101

#   list of sources
Source0:      http://download.savannah.gnu.org/releases/sks/sks-%{version}.tgz
Source1:      rc.sks
Source2:      sks-setup
Source3:      sks-load
Source4:      sks-mail.c
Source5:      sks.html
Source6:      sks.txt
Patch0:       sks.patch

#   build information
BuildPreReq:  OpenPKG, openpkg >= 20160101, ocaml, gcc, make, perl
PreReq:       OpenPKG, openpkg >= 20160101, MTA
BuildPreReq:  db
PreReq:       db

%description
    SKS is a new OpenPGP keyserver whose goal is to provide easy
    to deploy, decentralized, and highly reliable synchronization.
    That means that a key submitted to one SKS server will quickly
    be distributed to all key servers, and even wildly out-of-date
    servers, or servers that experience spotty connectivity, can fully
    synchronize with rest of the system.

    SKS uses a highly efficient and reliable reconciliation algorithm;
    follows RFC2440 and RFC2440bis carefully, supports (unlike PKS)
    new and old style packets, photoID packets, multiple subkeys, and
    pretty much everything allowed by the RFCs; is fully compatible with
    the PKS system (can both send and receive syncs from PKS servers,
    ensuring seamless connectivity), provides a simple configuration:
    each host just needs a (partial) list of the other participating key
    servers; and supports HKP/web-based querying.

%track
    prog sks = {
        version   = %{version}
        url       = http://download.savannah.gnu.org/releases/sks/
        regex     = sks-(__VER__)\.tgz
    }

%prep
    %setup -q
    %patch -p0

%build
    #   build main program
    %{l_make} %{l_mflags} \
        BDBINCLUDE="%{l_cppflags}" \
        BDBLIB="%{l_ldflags}" \
        LIBDB="-ldb" \
        MANDIR="%{l_prefix}/man"

    #   build suid wrapper sks-mail
    %{l_cc} %{l_cflags} %{l_ldflags} '-DL_PREFIX="%{l_prefix}"' \
        -o sks-mail %{SOURCE sks-mail.c}

%install
    #   create installation hierarchy
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/sks \
        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \
        $RPM_BUILD_ROOT%{l_prefix}/sbin \
        $RPM_BUILD_ROOT%{l_prefix}/var/sks

    #   install programs
    %{l_shtool} install -c -s -m 755 \
        sks sks_add_mail sks-mail $RPM_BUILD_ROOT%{l_prefix}/sbin/
    %{l_shtool} install -c -m 755 %{l_value -s -a} \
        %{SOURCE sks-setup} %{SOURCE sks-load} \
        $RPM_BUILD_ROOT%{l_prefix}/sbin/
    %{l_shtool} install -c -m 755 \
        -e 's;/bin/bash;%{l_bash};g' \
        -e 's; sks ; %{l_prefix}/sbin/sks ;g' \
        sks_build.sh $RPM_BUILD_ROOT%{l_prefix}/sbin/sks_build

    #   install run-command script
    %{l_shtool} install -c -m 755 %{l_value -s -a} \
        %{SOURCE rc.sks} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/

    #   install default web form
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        %{SOURCE sks.html} $RPM_BUILD_ROOT%{l_prefix}/etc/sks/

    for name in `grep "^<file" %{SOURCE sks.txt} | sed -e 's;^.*name=";;' -e 's;".*$;;'`; do
        (echo ""; cat %{SOURCE sks.txt}; echo "") |\
            sed -e "1,/^<file name=\"$name\">/d" -e "/<\/file>/,\$d" >$name
        %{l_shtool} install -c -m 644 %{l_value -s -a} \
            $name $RPM_BUILD_ROOT%{l_prefix}/etc/sks/
    done

    #   determine installation files
    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
        %{l_files_std} \
        '%config %{l_prefix}/etc/sks/*' \
        '%attr(4755,%{l_rusr},%{l_mgrp}) %{l_prefix}/sbin/sks-mail' \
        '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/sks'

%files -f files

%clean

%post
    if [ $1 -eq 1 ]; then
        #   create initial database
        su %{l_rusr} -c "$RPM_INSTALL_PREFIX/sbin/sks-setup"

        #   activate in MTA configuration
        aliases_file=`$RPM_INSTALL_PREFIX/bin/openpkg rc --query MTA_aliases_file`
        aliases_update=`$RPM_INSTALL_PREFIX/bin/openpkg rc --query MTA_aliases_update`
        if [ ".$aliases_file" != . ]; then
            ( echo "sks:             pks-request"
              echo "sks-request:     \"|$RPM_INSTALL_PREFIX/sbin/sks-mail $RPM_INSTALL_PREFIX/var/sks\""
              echo "sks-daemon:      MAILER-DAEMON"
              echo "sks-admin:       postmaster"
              echo "pgp-public-keys: sks-request"
              echo "pgp:             sks-request"
            ) | %{l_rpmtool} config -a -i "$RPM_INSTALL_PREFIX:sks" $aliases_file
        fi
        if [ ".$aliases_update" != . ]; then
            eval $aliases_update
        fi

        #   display hint
        ( echo "SKS database initialized. Now you can start SKS with"
          echo "    \$ $RPM_INSTALL_PREFIX/bin/openpkg rc sks start"
          echo "and, for instance, lookup the OpenPKG OpenPGP keys under"
          echo "    http://localhost:11371/pks/lookup?op=index&search=openpkg"
          echo "or access the SKS internal statistic page under"
          echo "    http://localhost:11371/pks/lookup?op=stats"
          echo "or access the simple top-level SKS web form under"
          echo "    http://localhost:11371/"
          echo "If you want to load a full dump of all keys in the existing"
          echo "SKS key servers, run the following command to download and"
          echo "merge all their latest dumps into your local database:"
          echo "    su %{l_rusr} -c $RPM_INSTALL_PREFIX/sbin/sks-load"
        ) | %{l_rpmtool} msg -b -t notice
    elif [ $1 -eq 2 ]; then
        #   after upgrade, restart service
        eval `%{l_rc} sks status 2>/dev/null`
        [ ".$sks_active" = .yes ] && %{l_rc} sks restart
    fi
    exit 0

%preun
    #   before erase, stop service and remove log files
    [ $1 -eq 0 ] || exit 0
    %{l_rc} sks stop 2>/dev/null

    #   deactivate in MTA configuration
    aliases_file=`$RPM_INSTALL_PREFIX/bin/openpkg rc --query MTA_aliases_file`
    aliases_update=`$RPM_INSTALL_PREFIX/bin/openpkg rc --query MTA_aliases_update`
    if [ ".$aliases_file" != . ]; then
        %{l_rpmtool} config -r -i "$RPM_INSTALL_PREFIX:sks" $aliases_file
    fi
    if [ ".$aliases_update" != . ]; then
        eval $aliases_update
    fi

    #   remove database files
    rm -rf $RPM_INSTALL_PREFIX/var/sks/* >/dev/null 2>&1 || true
    exit 0