%define major 2
%define libname %mklibname sasl %{major}
%define up_name cyrus-sasl
Summary: SASL is the Simple Authentication and Security Layer.
Name: %{up_name}
Version: 2.1.15
Release: 10.2.100mdk
Source0: ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%{up_name}-%{version}.tar.gz
Source1: ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%{up_name}-%{version}.tar.gz.sig
Source2: saslauthd.init
Source3: saslauthd.sysconfig
Patch0: cyrus-sasl-doc-patch.bz2
Patch1: cyrus-sasl-2.1.12-rpath.patch.bz2
Patch2: cyrus-sasl-2.1.15-lib64.patch.bz2
Patch3: cyrus-sasl-CAN-2004-0884.patch
Patch4: cyrus-sasl-2.1.15-CAN-2005-0373.patch
License: BSD style
Group: System/Libraries
URL: http://asg.web.cmu.edu/cyrus/download/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
Requires: %{libname}
Obsoletes: cyrus-sasl <= 2.1.0
PreReq: rpm-helper
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: db4-devel
BuildRequires: pam-devel
BuildRequires: openssl-devel >= 0.9.6a
BuildRequires: libtool >= 1.4
BuildRequires: krb5-devel
%{?!bootstrap:BuildRequires: openldap-devel}
%description
SASL is the Simple Authentication and Security Layer,
a method for adding authentication support to connection-based protocols.
To use SASL, a protocol includes a command for identifying and authenticating
a user to a server and for optionally negotiating protection of subsequent
protocol interactions. If its use is negotiated, a security layer is inserted
between the protocol and the connection.
%package -n %{libname}
Summary: Libraries for SASL a the Simple Authentication and Security Layer.
Group: System/Libraries
%description -n %{libname}
SASL is the Simple Authentication and Security Layer,
a method for adding authentication support to connection-based protocols.
To use SASL, a protocol includes a command for identifying and authenticating
a user to a server and for optionally negotiating protection of subsequent
protocol interactions. If its use is negotiated, a security layer is inserted
between the protocol and the connection.
%package -n %{libname}-devel
Summary: Librairies for SASL a the Simple Authentication and Security Layer.
Group: Development/C
Provides: libsasl-devel
Requires: %{libname} = %{version}
%description -n %{libname}-devel
SASL is the Simple Authentication and Security Layer,
a method for adding authentication support to connection-based protocols.
To use SASL, a protocol includes a command for identifying and authenticating
a user to a server and for optionally negotiating protection of subsequent
protocol interactions. If its use is negotiated, a security layer is inserted
between the protocol and the connection.
%package -n %{libname}-plug-anonymous
Summary: SASL ANONYMOUS mechanism plugin
Group: System/Libraries
Requires: %{libname} = %{version}
%description -n %{libname}-plug-anonymous
This plugin implements the SASL ANONYMOUS mechanism,
used for anonymous authentication.
%package -n %{libname}-plug-crammd5
Summary: SASL CRAM-MD5 mechanism plugin
Group: System/Libraries
Requires: %{libname} = %{version}
%description -n %{libname}-plug-crammd5
This plugin implements the SASL CRAM-MD5 mechanism.
CRAM-MD5 is the mandatory-to-implement authentication mechanism for a
number of protocols; it uses MD5 with a challenge/response system to
authenticate the user.
%package -n %{libname}-plug-digestmd5
Summary: SASL DIGEST-MD5 mechanism plugin
Group: System/Libraries
Requires: %{libname} = %{version}
%description -n %{libname}-plug-digestmd5
This plugin implements the latest draft of the SASL DIGEST-MD5
mechanism. Although not yet finalized, this is likely to become the
new mandatory-to-implement authentication system in all new protocols.
It's based on the digest md5 authentication system designed for HTTP.
#%package plug-kerberos4
#Summary: SASL KERBEROS_V4 mechanism plugin
#%description plug-kerberos4
#This plugin implements the SASL KERBEROS_V4 mechanism, allowing
#authentication via kerberos version four.
%package -n %{libname}-plug-plain
Summary: SASL PLAIN mechanism plugin
Group: System/Libraries
Requires: %{libname} = %{version}
%description -n %{libname}-plug-plain
This plugin implements the SASL PLAIN mechanism. Although insecure,
PLAIN is useful for transitioning to new security mechanisms, as this
is the only mechanism which gives the server a copy of the user's
password.
%package -n %{libname}-plug-scrammd5
Summary: SASL SCRAM-MD5 mechanism plugin
Group: System/Libraries
Requires: %{libname} = %{version}
%description -n %{libname}-plug-scrammd5
This plugin implements the SASL SCRAM-MD5 mechanism. Although
deprecated (this will be replaced by DIGEST-MD5 at some point), it may
be useful for the time being.
%package -n %{libname}-plug-login
Summary: SASL LOGIN mechanism plugin
Group: System/Libraries
Requires: %{libname} = %{version}
%description -n %{libname}-plug-login
This plugin implements the SASL LOGIN mechanism.
THIS PLUGIN IS DEPRECATED, is maintained only for compatibility reasons
and will be dropped soon.
Please use the plain plugin instead.
%package -n %{libname}-plug-gssapi
Summary: SASL GSSAPI mechanism plugin
Group: System/Libraries
Requires: %{libname} = %{version}
Requires: krb5-libs
%description -n %{libname}-plug-gssapi
This plugin implements the SASL GSSAPI (kerberos 5)mechanism.
%package -n %{libname}-plug-otp
Summary: SASL OTP mechanism plugin
Group: System/Libraries
Requires: %{libname} = %{version}
%description -n %{libname}-plug-otp
This plugin implements the SASL OTP mechanism.
%package -n %{libname}-plug-sasldb
Summary: SASL sasldb mechanism plugin
Group: System/Libraries
Requires: %{libname} = %{version}
%description -n %{libname}-plug-sasldb
This plugin implements the SASL sasldb mechanism.
%package -n %{libname}-plug-srp
Summary: SASL srp mechanism plugin
Group: System/Libraries
Requires: %{libname} = %{version}
%description -n %{libname}-plug-srp
This plugin implements the srp mechanism.
%package -n %{libname}-plug-ntlm
Summary: SASL ntlm authentication plugin
Group: System/Libraries
Requires: %{libname} = %{version}
%description -n %{libname}-plug-ntlm
This plugin implements the (unsupported) ntlm authentication.
%prep
%setup -q -n %{up_name}-%{version}
%patch0 -p1
%patch1 -p1
%patch2 -p1 -b .lib64
%patch3 -p0 -b .can-2004-0884
%patch4 -p1 -b .can-2005-0373
%build
%serverbuild
export LDFLAGS="-L%{_libdir}"
%{?__cputoolize: %{__cputoolize} -c saslauthd}
%configure --enable-static --enable-shared \
--with-plugindir=%{_libdir}/sasl2 \
--disable-krb4 \
--enable-login \
--enable-srp \
--enable-srp-setpass \
--enable-ntlm \
--enable-db4 \
--without-mysql \
%{?!bootstrap:--with-ldap=/usr} \
--with-dbpath=/var/lib/sasl2/sasl.db \
--with-configdir=%{_libdir}/sasl2 \
--with-saslauthd=/var/lib/sasl2
%make
cd saslauthd
make testsaslauthd
cd ..
install saslauthd/LDAP_SASLAUTHD README.ldap
%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/var/lib/sasl2
mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d/
mkdir -p $RPM_BUILD_ROOT/etc/sysconfig
%{__make} install DESTDIR=$RPM_BUILD_ROOT
install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/saslauthd
install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/saslauthd
# Install man pages in the expected location, even if they are
# pre-formatted.
install -m755 -d $RPM_BUILD_ROOT%{_mandir}/man8/
install -m644 */*.8 $RPM_BUILD_ROOT%{_mandir}/man8/
%makeinstall_std
# dbconverter-2 isn't installed by make install
cd utils
/bin/sh ../libtool --mode=install /usr/bin/install -c dbconverter-2 \
$RPM_BUILD_ROOT/%{_sbindir}/dbconverter-2
cd ..
cp saslauthd/testsaslauthd $RPM_BUILD_ROOT%{_sbindir}
%clean
rm -rf $RPM_BUILD_ROOT
%post
#convert old sasldb
if [ -f /var/lib/sasl/sasl.db -a ! -f /var/lib/sasl2/sasl.db ]; then
echo "" | /usr/sbin/dbconverter-2 /var/lib/sasl/sasl.db /var/lib/sasl2/sasl.db
fi
if [ -f /var/lib/sasl/sasl.db.rpmsave -a ! -f /var/lib/sasl2/sasl.db ]; then
echo "" | /usr/sbin/dbconverter-2 /var/lib/sasl/sasl.db.rpmsave /var/lib/sasl2/sasl.db
fi
%_post_service saslauthd
%preun
%_preun_service saslauthd
%post -n %{libname}
/sbin/ldconfig
%postun -n %{libname} -p /sbin/ldconfig
%files
%defattr(-,root,root)
%doc COPYING AUTHORS INSTALL NEWS README* ChangeLog sample/{client,server}
%doc doc/{TODO,ONEWS,*.txt,*.html}
%dir /var/lib/sasl2
%attr (755,root,root) %config(noreplace) /etc/rc.d/init.d/saslauthd
%attr (644,root,root) %config(noreplace) /etc/sysconfig/saslauthd
%{_sbindir}/*
%{_mandir}/man8/*
%{_mandir}/cat8/*
%files -n %{libname}
%defattr(-,root,root)
%{_libdir}/libsasl*.so.*
%files -n %{libname}-plug-anonymous
%defattr(-,root,root)
%{_libdir}/*/libanonymous*.so*
%{_libdir}/*/libanonymous*.la
%files -n %{libname}-plug-otp
%defattr(-,root,root)
%{_libdir}/*/libotp*.so*
%{_libdir}/*/libotp*.la
%files -n %{libname}-plug-sasldb
%defattr(-,root,root)
%{_libdir}/*/libsasldb*.so*
%{_libdir}/*/libsasldb*.la
%files -n %{libname}-plug-gssapi
%defattr(-,root,root)
%{_libdir}/*/libgssapi*.so*
%{_libdir}/*/libgssapi*.la
%files -n %{libname}-plug-crammd5
%defattr(-,root,root)
%{_libdir}/*/libcrammd5*.so*
%{_libdir}/*/libcrammd5*.la
%files -n %{libname}-plug-digestmd5
%defattr(-,root,root)
%{_libdir}/*/libdigestmd5*.so*
%{_libdir}/*/libdigestmd5*.la
%files -n %{libname}-plug-plain
%defattr(-,root,root)
%{_libdir}/*/libplain*.so*
%{_libdir}/*/libplain*.la
#%files -n %{libname}-plug-kerberos4
#%defattr(-,root,root)
#%{_libdir}/*/libkerberos4*.so*
%files -n %{libname}-plug-login
%defattr(-,root,root)
%{_libdir}/*/liblogin*.so*
%{_libdir}/*/liblogin*.la
%files -n %{libname}-plug-srp
%defattr(-,root,root)
%{_libdir}/*/libsrp*.so*
%{_libdir}/*/libsrp*.la
%files -n %{libname}-plug-ntlm
%defattr(-,root,root)
%{_libdir}/*/libntlm*.so*
%{_libdir}/*/libntlm*.la
%files -n %{libname}-devel
%defattr(-,root,root)
%{_includedir}/*
%{_libdir}/*.*so
%{_libdir}/*.*a
%{_libdir}/*/*.a
%{_mandir}/man3/*
%changelog
* Fri Mar 11 2005 Vincent Danen <vdanen@mandrakesoft.com> 2.1.15-10.2.100mdk
- security fix for CAN-2005-0373
* Tue Oct 05 2004 Vincent Danen <vdanen@mandrakesoft.com> 2.1.15-10.1.100mdk
- security fix for CAN-2004-0884
* Sun Mar 21 2004 Jean-Michel Dault <jmdault@mandrakesoft.com> 2.1.15-10mdk
- In some cases, the mux doesn't appear immediately when saslauthd returns,
add a 1 second delay if that happens.
* Fri Feb 27 2004 Stew Benedict <sbenedict@mandrakesoft.com> 2.1.15-9mdk
- fix obsoletes (thx warly)
* Fri Feb 27 2004 Stew Benedict <sbenedict@mandrakesoft.com> 2.1.15-8mdk
- rebuild, mysteriously disappeared from distro
* Fri Feb 13 2004 Jean-Michel Dault <jmdault@mandrakesoft.com> 2.1.15-7mdk
- fix initscript
* Fri Feb 06 2004 Jean-Michel Dault <jmdault@mandrakesoft.com> 2.1.15-6mdk
- add testsaslauthd
- modify init script so that if Postfix is present, we have a hardlink
in /var/spool/postfix/var/lib/sasl2/mux, otherwise smtp auth is not
working
- add missing plugin files
* Tue Nov 04 2003 Per Øyvind Karlsen <peroyvind@linux-mandrake.com> 2.1.15-5mdk
- fix wrong pidfile in init script
- drop Prefix tag
- fix no-chkconfig-line
* Thu Aug 07 2003 Florin <florin@mandrakesoft.com> 2.1.15-4mdk
- update the initscript and the sysconfig files (thx to L.Olivetti)
* Mon Aug 4 2003 Gwenole Beauchesne <gbeauchesne@mandrakesoft.com> 2.1.15-3mdk
- mklibname, cputoolize
- Enforce use of db4 libraries
- Patch2: Let sasldir be plugindir (aka lib64 fixes)
* Wed Jul 30 2003 Warly <warly@mandrakesoft.com> 2.1.15-2mdk
- recompile for the libcom_err.so.3 replaced into libcom_err.so.2
* Wed Jul 16 2003 Florin <florin@mandrakesoft.com> 2.1.15-1mdk
- 2.1.15
* Sat May 10 2003 Luca Olivetti <luca@olivetti.cjb.net> 2.1.13-1mdk
- 2.1.13
- renamed main package cyrus-sasl2 so it can coexist with sasl v1
* Tue Feb 25 2003 Luca Olivetti <luca@olivetti.cjb.net> 2.1.12-1mdk
- 2.1.12
- install the correct dbconverter-2
- convert v1 sasl.db in post
* Mon Dec 09 2002 Luca Olivetti <luca@olivetti.cjb.net> 2.1.10-1mdk
- removed gcc3.2 patch and other hacks no longer necessary
- upgrade to 2.1.10
- fixed some rpmlint warnings
* Sat Oct 26 2002 Luca Olivetti <luca@olivetti.cjb.net> 2.1.9-1mdk
- upgrade to 2.1.9
* Sat Oct 12 2002 Luca Olivetti <luca@olivetti.cjb.net> 2.1.8-1mdk
- upgrade to 2.1.8
- enabled and packaged plugin for srp
- enabled and packaged plugin for ntlm (new in 2.1.8)
* Sat Oct 05 2002 Luca Olivetti <luca@olivetti.cjb.net> 2.1.7-2mdk
- patch and hacks to compile under mandrake 9.0 (with gcc 3.2)
- corrected init script from mdk package
- added documentation for ldap authentication
* Wed Sep 11 2002 Luca Olivetti <luca@olivetti.cjb.net> 2.1.7-1mdk
- upgrade to 2.1.7
* Sun May 12 2002 Luca Olivetti <luca@olivetti.cjb.net> 2.1.2-2mdk
- man pages weren't installed (automake problem?), quick hack to fix it
- installed dbconverter-2 (not installed by make install)
- removed /etc/sasl2 directory (not used anywhere)
- removed various commented lines
* Thu Apr 18 2002 Luca Olivetti <luca@olivetti.cjb.net> 2.1.2-1mdk
- upgrade to 2.1.2
* Wed Apr 17 2002 Luca Olivetti <luca@olivetti.cjb.net> 2.1.0-1mdk
- first try to package version 2.1.0
* Mon Mar 4 2002 Vincent Danen <vdanen@mandrakesoft.com> 1.5.27-3mdk
- fix the incorrect fix of permissions on sasl.db (mode 600 is not good)
* Wed Oct 24 2001 Philippe Libat <philippe@mandrakesoft.com> 1.5.27-2mdk
- fix post-install script
* Tue Oct 16 2001 Philippe Libat <philippe@mandrakesoft.com> 1.5.27-1mdk
- New version
- rebuild for db3.3(patch3)
- fix permissions on /var/lib/sasl/sasl.db
- add postinstall initialisation command
* Sat Sep 22 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 1.5.24-7mdk
- Fix stupid error with CONFDIR.
- As a special bonus fix the build.
* Thu Jul 5 2001 Frederic Lepied <flepied@mandrakesoft.com> 1.5.24-6mdk
- rebuild for db3.2
* Wed Jun 20 2001 Philippe Libat <philippe@mandrakesoft.com> 1.5.24-5mdk
- review rpm organization
* Wed Jun 13 2001 Philippe Libat <philippe@mandrakesoft.com> 1.5.24-4mdk
- rpath patch <flepied@mandrakesoft.com>
* Tue Jun 12 2001 Philippe Libat <philippe@mandrakesoft.com> 1.5.24-3mdk
- mysql, ldap patch
- added documentation
* Fri Mar 9 2001 Vincent Saugey <vince@mandrakesoft.com> 1.5.24-2mdk
- Adding include file in devel package
* Mon Nov 27 2000 Vincent Saugey <vince@mandrakesoft.com> 1.5.24-1mdk
- First mdk release
