openpkg-packages/sasl/sasl.spec

##
##  sasl.spec -- OpenPKG RPM Package Specification
##  Copyright (c) 2000-2007 OpenPKG Foundation e.V. <http://openpkg.net/>
##  Copyright (c) 2000-2007 Ralf S. Engelschall <http://engelschall.com/>
##
##  Permission to use, copy, modify, and distribute this software for
##  any purpose with or without fee is hereby granted, provided that
##  the above copyright notice and this permission notice appear in all
##  copies.
##
##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
##  SUCH DAMAGE.
##

#   package information
Name:         sasl
Summary:      Simple Authentication and Security Layer (SASL)
URL:          http://asg.web.cmu.edu/sasl/
Vendor:       Cyrus Project, CMU
Packager:     OpenPKG Foundation e.V.
Distribution: OpenPKG Community
Class:        BASE
Group:        Cryptography
License:      BSD
Version:      2.1.22
Release:      20070505

#   package options
%option       with_fsl    yes
%option       with_pam    no
%option       with_login  no
%option       with_ldap   no
%option       with_mysql  no
%option       with_pgsql  no
%option       with_sqlite no
%option       with_ntlm   no
%option       with_otp    no
%option       with_gss    no
%option       with_sasldb no

#   list of sources
Source0:      ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-%{version}.tar.gz
Source1:      rc.sasl
Source2:      fsl.sasl
Source3:      saslauthd.conf
Patch0:       sasl.patch

#   build information
Prefix:       %{l_prefix}
BuildRoot:    %{l_buildroot}
BuildPreReq:  OpenPKG, openpkg >= 20060823, gcc, make, groff
PreReq:       OpenPKG, openpkg >= 20060823
BuildPreReq:  db >= 4.1.24, openssl
PreReq:       db >= 4.1.24, openssl
%if "%{with_fsl}" == "yes"
BuildPreReq:  fsl >= 1.2.0
PreReq:       fsl >= 1.2.0
%endif
%if "%{with_pam}" == "yes"
BuildPreReq:  PAM
PreReq:       PAM
%endif
%if "%{with_ldap}" == "yes"
BuildPreReq:  openldap
PreReq:       openldap
%endif
%if "%{with_mysql}" == "yes"
BuildPreReq:  mysql
PreReq:       mysql
%endif
%if "%{with_pgsql}" == "yes"
BuildPreReq:  postgresql
PreReq:       postgresql
%endif
%if "%{with_sqlite}" == "yes"
BuildPreReq:  sqlite
PreReq:       sqlite
%endif
%if "%{with_otp}" == "yes"
BuildPreReq:  opie
PreReq:       opie
%endif
%if "%{with_gss}" == "yes"
BuildPreReq:  kerberos
PreReq:       kerberos
%endif
AutoReq:      no
AutoReqProv:  no

%description
    SASL is the Simple Authentication and Security Layer, a method
    for adding authentication support to connection-based protocols.
    To use SASL, a protocol includes a command for identifying and
    authenticating a user to a server and for optionally negotiating
    protection of subsequent protocol interactions. If its use is
    negotiated, a security layer is inserted between the protocol and
    the connection.

%track
    prog sasl = {
        version   = %{version}
        url       = ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/
        regex     = cyrus-sasl-(\d+\.\d+\.\d+)\.tar\.gz
    }

%prep
    %setup -q -n cyrus-sasl-%{version}
    %patch -p0

%build
    #   disable some unwanted configure checks
    %{l_shtool} subst \
        -e 's;\(SASL_DB_UTILS="saslpasswd2 sasldblistusers2\);\1 dbconverter-2;' \
        -e "s;javac;javac-xxx;g" \
        -e "s;javah;javah-xxx;g" \
        -e "s;javadoc;javadoc-xxx;g" \
        configure

    #   fix OpenLDAP support
%if "%{with_ldap}" == "yes"
    echo 'ac_cv_lib_ldap_ldap_initialize=yes' >config.cache
    %{l_shtool} subst \
        -e "s;\(\$LDAP_LIBS\) *\(-lcrypto\);\1 -lssl -lcrypto \2;" \
        saslauthd/configure
%endif

    #   fix GSS/Kerberos support
%if "%{with_gss}" == "yes"
    %{l_shtool} subst \
        -e 's;\(-lk5crypto\);\1 -lkrb5support;' \
        configure
%endif

    #   enforce disabled Kerberos 5 support in saslauthd
    echo 'ac_cv_header_krb5_h=no' >config.cache

    #   configure path to sasl-server config files
    %{l_shtool} subst \
        -e 's;@l_sysconfdir@;%{l_prefix}/etc/sasl/apps;g' \
        lib/server.c

    #   determine build flags
    cppflags="%{l_cppflags}"
    case "%{l_platform -t}" in
        sparc64-freebsd* ) cppflags="$cppflags -fPIC" ;;
    esac
    cflags="%{l_cflags -O} %{l_cppflags}"
    ldflags="%{l_ldflags} %{l_fsl_ldflags}"
    libs="-ldb %{l_fsl_libs}"
%if "%{with_ldap}" == "yes"
    cflags="$cflags -DAUTH_LDAP"
%endif
%if "%{with_mysql}" == "yes"
    libs="$libs -lz -lm"
%endif
%if "%{with_gss}" == "yes"
    ldflags="$ldflags %{l_ldflags kerberos}"
%endif
    case "%{l_platform -t}" in
        *-sunos* ) libs="$libs -lrt" ;;
    esac

    #   configure package
    CC="%{l_cc}" \
    CFLAGS="$cflags" \
    CPPFLAGS="$cppflags" \
    LDFLAGS="$ldflags" \
    LIBS="$libs" \
    ./configure \
        --cache-file=./config.cache \
        --prefix=%{l_prefix} \
        --sysconfdir="%{l_prefix}/etc/sasl" \
        --with-plugindir=%{l_prefix}/lib/sasl \
        --with-saslauthd=%{l_prefix}/var/sasl/saslauthd \
%if "%{with_sasldb}" == "yes"
        --enable-auth-sasldb \
        --with-dbpath=%{l_prefix}/var/sasl/sasldb \
        --with-dblib=berkeley \
        --with-bdb-incdir=%{l_prefix}/include \
        --with-bdb-libdir=%{l_prefix}/lib \
%else
        --with-dblib=none \
%endif
        --with-openssl=%{l_prefix} \
%if "%{with_pam}" == "yes"
        --with-pam \
%else
        --without-pam \
%endif
%if "%{with_login}" == "yes"
        --enable-login \
%else
        --disable-login \
%endif
%if "%{with_ldap}" == "yes"
        --with-ldap=%{l_prefix} \
%else
        --without-ldap \
%endif
%if "%{with_otp}" == "yes"
        --enable-otp \
        --with-opie=%{l_prefix} \
%else
        --disable-otp \
        --without-opie \
%endif
%if "%{with_gss}" == "yes"
        --enable-gssapi \
        --with-gss_impl=mit \
%else
        --disable-gssapi \
        --without-gss_impl \
%endif
%if "%{with_mysql}" == "yes" || "%{with_pgsql}" == "yes" || "%{with_pgsql}" == "yes" || "%{with_sqlite}" == "yes"
        --enable-sql \
%if "%{with_mysql}" == "yes"
        --with-mysql=%{l_prefix} \
%else
        --without-mysql \
%endif
%if "%{with_pgsql}" == "yes"
        --with-pgsql=%{l_prefix} \
%else
        --without-pgsql \
%endif
%if "%{with_sqlite}" == "yes"
        --with-sqlite=%{l_prefix} \
%else
        --without-sqlite \
%endif
%endif
%if "%{with_ntlm}" == "yes"
        --enable-ntlm \
%else
        --disable-ntlm \
%endif
        --enable-shared \
        --enable-static \
        --enable-staticdlopen \
        --disable-java \
        --disable-sample \
        --disable-krb4 \
        --without-des

    #   post adjustment: trust me, libtool, I know what I am doing
    %{l_shtool} subst \
        -e 's;^\(deplibs_check_method=\).*;\1"pass_all";' \
        -e 's/\(eval libobjs=.*$whole_archive_flag_spec.*\)$/case $archive_cmds in \\$LD* ) wl= ;; esac; \1/' \
        libtool

    #   post adjustment: do not reference static plugins
    %{l_shtool} subst \
        -e '58s;.*;#define PIC;' \
        lib/dlopen.c

    #   post adjustment: do not pull static plugins into static library
    %{l_shtool} subst \
        -e 's;-ln -s $(SASL_STATIC_SRCS) .;-ln ../sasldb/*.o ../plugins/*.o $(SASL_STATIC_SRCS) .;' \
        lib/Makefile

    #   post adjustment: build utils against static library
    %{l_shtool} subst \
        -e 's;\(\$(CCLD)\);\1 -static;' \
        -e 's;\(noinst.*=\) *dbconverter.*;\1;' \
        utils/Makefile \
        sample/Makefile

    #   post adjustment: fix OpenLDAP support
%if "%{with_ldap}" == "yes"
    %{l_shtool} subst \
        -e "s;^\(saslauthd_LDADD[ 	]*=[ 	]*[^\\]*\);\1 -lcrypt -lldap -llber -lssl -lcrypto ;" \
        saslauthd/Makefile
%endif

    #   build package
    %{l_make} %{l_mflags}
    cd saslauthd
    %{l_make} %{l_mflags} testsaslauthd

%install
    rm -rf $RPM_BUILD_ROOT

    #   install package
    %{l_make} %{l_mflags} install AM_MAKEFLAGS="DESTDIR=$RPM_BUILD_ROOT"

    #   remove libtool cruft
    rm -f \
        $RPM_BUILD_ROOT%{l_prefix}/lib/*.la \
        $RPM_BUILD_ROOT%{l_prefix}/lib/*.s[ol] \
        $RPM_BUILD_ROOT%{l_prefix}/lib/*.s[ol].* \
        $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2/*.la \
        $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2/*.a

    #   post-adjust installation
    mv $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2 \
       $RPM_BUILD_ROOT%{l_prefix}/lib/sasl
    strip $RPM_BUILD_ROOT%{l_prefix}/sbin/* >/dev/null 2>&1 || true

    #   install saslauthd test program
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/sbin
    %{l_shtool} install -c -m 755 \
        saslauthd/testsaslauthd \
        $RPM_BUILD_ROOT%{l_prefix}/sbin/

    #   install saslauthd default configuration
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/sasl
    %{l_shtool} install -c -m 755 \
        %{SOURCE saslauthd.conf} \
        $RPM_BUILD_ROOT%{l_prefix}/etc/sasl/

    #   install missing manual pages
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/man/man8
    %{l_shtool} install -c -m 644 \
        utils/saslpasswd2.8 \
        utils/sasldblistusers2.8 \
        $RPM_BUILD_ROOT%{l_prefix}/man/man8/

    #   create necessary additional directories
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/var/sasl/log \
        $RPM_BUILD_ROOT%{l_prefix}/var/sasl/saslauthd \
        $RPM_BUILD_ROOT%{l_prefix}/etc/sasl/apps

    #   install run-command script
%if "%{with_pam}" == "yes"
    l_authmech="pam"
%else
    case "%{l_platform -t}" in
        *-linux* | *-sunos* ) l_authmech="shadow"   ;;
        *                   ) l_authmech="getpwent" ;;
    esac
%endif
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
    %{l_shtool} install -c -m 755 \
        -e "s;@l_authmech@;${l_authmech};g" %{l_value -s -a} \
        %{SOURCE rc.sasl} \
        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/

    #   install OSSP fsl configuration
    %{l_shtool} mkdir -f -p -m 755 $RPM_BUILD_ROOT%{l_prefix}/etc/fsl
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        %{SOURCE fsl.sasl} \
        $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/

    #   determine installation files
    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
        %{l_files_std} \
        '%not %dir %{l_prefix}/etc/fsl' \
        '%config %{l_prefix}/etc/fsl/fsl.sasl' \
        '%config %{l_prefix}/etc/sasl/saslauthd.conf' \
        '%dir %attr(0750,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl' \
        '%dir %attr(0750,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl/saslauthd' \
        '%dir %attr(0700,%{l_susr},%{l_sgrp}) %{l_prefix}/var/sasl/log'

%files -f files

%clean
    rm -rf $RPM_BUILD_ROOT

%pre
    #   before upgrade, save status and stop service
    [ $1 -eq 2 ] || exit 0
    eval `%{l_rc} sasl status 2>/dev/null | tee %{l_tmpfile}`
    %{l_rc} sasl stop 2>/dev/null
    exit 0

%post
%if "%{with_pam}" == "yes"
    if [ $1 -eq 1 ]; then
        #   after install, add PAM configuration entry
        $RPM_INSTALL_PREFIX/sbin/pamtool --add --smart --name=sasl
    fi
%endif
    if [ $1 -eq 2 ]; then
        #   after upgrade, restore status
        eval `cat %{l_tmpfile}`; rm -f %{l_tmpfile}
        [ ".$sasl_active" = .yes ] && %{l_rc} sasl start
    fi
    exit 0

%preun
    #   before erase, stop service and remove log files
    [ $1 -eq 0 ] || exit 0
    %{l_rc} sasl stop 2>/dev/null
    rm -f $RPM_INSTALL_PREFIX/var/sasl/log/*.log* >/dev/null 2>&1 || true
%if "%{with_pam}" == "yes"
    #   remove PAM configuration entry
    $RPM_INSTALL_PREFIX/sbin/pamtool --remove --smart --name=sasl
%endif
    exit 0