|
@@ -5,8 +5,8 @@
|
|
|
Summary: The Cyrus SASL library.
|
|
|
Summary(ja): Cyrus SASL ライブラリ
|
|
|
Name: cyrus-sasl
|
|
|
-Version: 2.1.26
|
|
|
-Release: 7%{?_dist_release}
|
|
|
+Version: 2.1.27
|
|
|
+Release: 1%{?_dist_release}
|
|
|
License: BSD with advertising
|
|
|
Group: System Environment/Libraries
|
|
|
URL: http://cyrusimap.org/
|
|
@@ -19,41 +19,13 @@ Source9: saslauthd.sysconfig
|
|
|
Patch11: cyrus-sasl-2.1.25-no_rpath.patch
|
|
|
Patch15: cyrus-sasl-2.1.20-saslauthd.conf-path.patch
|
|
|
Patch24: cyrus-sasl-2.1.21-sizes.patch
|
|
|
-Patch44: cyrus-sasl-2.1.26-release-server_creds.patch
|
|
|
-# AM_CONFIG_HEADER is obsolete, use AC_CONFIG_HEADERS instead
|
|
|
-Patch45: cyrus-sasl-2.1.26-obsolete-macro.patch
|
|
|
-# missing size_t declaration in sasl.h
|
|
|
-Patch46: cyrus-sasl-2.1.26-size_t.patch
|
|
|
-# detect gsskrb5_register_acceptor_identity macro (#976538)
|
|
|
-Patch48: cyrus-sasl-2.1.26-keytab.patch
|
|
|
+# The 64 bit *INT8 type is not used anywhere and other types match
|
|
|
Patch49: cyrus-sasl-2.1.26-md5global.patch
|
|
|
-# revert upstream commit 080e51c7fa0421eb2f0210d34cf0ac48a228b1e9 (#984079)
|
|
|
-# https://bugzilla.cyrusimap.org/show_bug.cgi?id=3480
|
|
|
-Patch50: cyrus-sasl-2.1.26-revert-upstream-080e51c7fa0421eb2f0210d34cf0ac48a228b1e9.patch
|
|
|
-# improve configuration error message
|
|
|
-Patch52: cyrus-sasl-2.1.26-config-error.patch
|
|
|
-# Treat SCRAM-SHA-1/DIGEST-MD5 as more secure than PLAIN (#970718)
|
|
|
-Patch53: cyrus-sasl-2.1.26-prefer-SCRAM-SHA-1-over-PLAIN.patch
|
|
|
-# Do not leak memory in sample server (#852755)
|
|
|
-Patch54: cyrus-sasl-2.1.26-sample-leak.patch
|
|
|
-# Document ability to run saslauthd unprivileged (#1189203)
|
|
|
-Patch55: cyrus-sasl-2.1.26-saslauthd-user.patch
|
|
|
-# Too much loogging in GSSAPI resolved (#1187097)
|
|
|
-Patch56: cyrus-sasl-2.1.26-user-specified-logging.patch
|
|
|
-# OpenSSL 1.1.0 support
|
|
|
-Patch57: cyrus-sasl-2.1.27-openssl-1.1.0.patch
|
|
|
-# Fix support for GSS SPNEGO to be compatible with windows (#1421663)
|
|
|
-Patch58: cyrus-sasl-2.1.26-gss-spnego.patch
|
|
|
-# Use per-connection mutex where possible
|
|
|
-Patch59: cyrus-sasl-2.1.26-gssapi-lock.patch
|
|
|
-# Allow cyrus sasl to get the ssf from gssapi #429
|
|
|
-Patch60: cyrus-sasl-2.1.26-ssf-from-gssapi.patch
|
|
|
|
|
|
Patch102: cyrus-sasl-2.1.26-configure.patch
|
|
|
|
|
|
#security
|
|
|
-## http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-CVE-2013-4122.patch?revision=1.1
|
|
|
-Patch200: cyrus-sasl-2.1.26-CVE-2013-4122.patch
|
|
|
+# none.
|
|
|
|
|
|
Buildroot: %{_tmppath}/%{name}-%{version}-root
|
|
|
BuildRequires: autoconf, automake, libtool
|
|
@@ -68,6 +40,7 @@ BuildRequires: zlib-devel
|
|
|
BuildRequires: pkgconfig
|
|
|
BuildRequires: krb5-devel
|
|
|
BuildRequires: groff
|
|
|
+BuildRequires: libxcrypt-devel
|
|
|
Requires(post): /sbin/ldconfig, chkconfig
|
|
|
Requires(postun): /sbin/ldconfig, chkconfig
|
|
|
|
|
@@ -274,89 +247,69 @@ the GS2 authentication scheme.
|
|
|
|
|
|
%prep
|
|
|
%setup -q
|
|
|
-chmod -x doc/*.html
|
|
|
+chmod -x doc/legacy/*.html
|
|
|
chmod -x include/*.h
|
|
|
%patch11 -p1 -b .no_rpath
|
|
|
%patch15 -p1 -b .path
|
|
|
%patch24 -p1 -b .sizes
|
|
|
-%patch44 -p1 -b .release-server_creds
|
|
|
-%patch45 -p1 -b .obsolete-macro
|
|
|
-%patch46 -p1 -b .size_t
|
|
|
-%patch48 -p1 -b .keytab
|
|
|
%patch49 -p1 -b .md5global.h
|
|
|
-%patch50 -p1 -b .gssapi
|
|
|
-%patch52 -p1 -b .configerr
|
|
|
-%patch53 -p1 -b .sha1vsplain
|
|
|
-%patch54 -p1 -b .leak
|
|
|
-%patch55 -p1 -b .man-unprivileged
|
|
|
-%patch56 -p1 -b .too-much-logging
|
|
|
-%patch57 -p1 -b .openssl110
|
|
|
-%patch58 -p1 -b .spnego
|
|
|
-%patch59 -p1 -b .mutex
|
|
|
-%patch60 -p1 -b .ssf-gssapi
|
|
|
|
|
|
%patch102 -p1 -b .configure
|
|
|
|
|
|
-%patch200 -p1 -b .CVE-2013-4122
|
|
|
-
|
|
|
+%build
|
|
|
# FIXME - we remove these files directly so that we can avoid using the -f
|
|
|
# flag, which has a nasty habit of overwriting files like COPYING.
|
|
|
rm -f config/config.guess config/config.sub
|
|
|
rm -f config/ltconfig config/ltmain.sh config/libtool.m4
|
|
|
rm -fr autom4te.cache
|
|
|
-libtoolize -c
|
|
|
-aclocal -I config -I cmulocal
|
|
|
-automake -a -c
|
|
|
-autoheader
|
|
|
-autoconf
|
|
|
-
|
|
|
-pushd saslauthd
|
|
|
-rm -f config/config.guess config/config.sub
|
|
|
-rm -f config/ltconfig config/ltmain.sh config/libtool.m4
|
|
|
-rm -fr autom4te.cache
|
|
|
-libtoolize -c
|
|
|
-aclocal -I config -I ../cmulocal -I ../config
|
|
|
-automake -a -c
|
|
|
-autoheader
|
|
|
-autoconf
|
|
|
-popd
|
|
|
-
|
|
|
-%build
|
|
|
-CFLAGS="$RPM_OPT_FLAGS -fPIC"; export CFLAGS
|
|
|
+autoreconf -vif
|
|
|
+
|
|
|
+# Find Kerberos.
|
|
|
+krb5_prefix=`krb5-config --prefix`
|
|
|
+if test x$krb5_prefix = x%{_prefix} ; then
|
|
|
+ krb5_prefix=
|
|
|
+else
|
|
|
+ CPPFLAGS="-I${krb5_prefix}/include $CPPFLAGS"; export CPPFLAGS
|
|
|
+ LDFLAGS="-L${krb5_prefix}/%{_lib} $LDFLAGS"; export LDFLAGS
|
|
|
+fi
|
|
|
|
|
|
# Find OpenSSL.
|
|
|
LIBS="-lcrypt"; export LIBS
|
|
|
if pkg-config openssl ; then
|
|
|
CPPFLAGS="`pkg-config --cflags-only-I openssl` $CPPFLAGS"; export CPPFLAGS
|
|
|
- CFLAGS="`pkg-config --cflags openssl` $CFLAGS"; export CFLAGS
|
|
|
LDFLAGS="`pkg-config --libs-only-L openssl` $LDFLAGS"; export LDFLAGS
|
|
|
fi
|
|
|
|
|
|
-# Find the SQL libraries used needed by the SQL auxprop plugin.
|
|
|
-mysql_config=mysql_config
|
|
|
-pg_config=pg_config
|
|
|
-SQL_CFLAGS=`${mysql_config} --cflags`" -I"`${pg_config} --includedir`
|
|
|
-SQL_LIBS=`${mysql_config} --libs`" -L"`${pg_config} --libdir`" -lpq"
|
|
|
-SQL_CFLAGS=`eval echo "$SQL_CFLAGS" | sed -e 's,-I%{_includedir}[^/],,g' -e 's,-I%{_includedir}$,,g' -e 's,[[:blank:]]+, ,g'`
|
|
|
-SQL_LIBS=`eval echo "$SQL_LIBS" | sed -e 's,-L%{_libdir}[^/],,g' -e 's,-L%{_libdir}$,,g' -e 's,[[:blank:]]+, ,g'`
|
|
|
-SQL_LDFLAGS=`eval echo "$SQL_LIBS" | sed -e 's,-[^L][^ ]*,,g'`
|
|
|
-echo $SQL_LDFLAGS
|
|
|
-SQL_LIBS=`eval echo "$SQL_LIBS" | sed -e 's,-[^l][^ ]*,,g'`
|
|
|
-echo $SQL_LIBS
|
|
|
-
|
|
|
-cleanup_flags() {
|
|
|
- sed -r -e 's,-D_GNU_SOURCE(=[^[:blank:]]+)?,,g' \
|
|
|
- -e 's,-D_FILE_OFFSET_BITS=[[:digit:]]+,,g' \
|
|
|
- -e 's,-D_LARGEFILE_SOURCE(=[^[:blank:]]+)?,,g' \
|
|
|
- -e 's,[[:blank:]]+, ,g'
|
|
|
-}
|
|
|
-CFLAGS=`echo $CFLAGS $SQL_CFLAGS | cleanup_flags`; export CFLAGS
|
|
|
-CPPFLAGS=`echo $CPPFLAGS $SQL_CFLAGS | cleanup_flags`; export CPPFLAGS
|
|
|
-LDFLAGS=`echo $LDFLAGS $SQL_LDFLAGS | cleanup_flags`; export LDFLAGS
|
|
|
+# Find the MySQL libraries used needed by the SQL auxprop plugin.
|
|
|
+INC_DIR="`mysql_config --include`"
|
|
|
+if test x"$INC_DIR" != "x-I%{_includedir}"; then
|
|
|
+ CPPFLAGS="$INC_DIR $CPPFLAGS"; export CPPFLAGS
|
|
|
+fi
|
|
|
+LIB_DIR="`mysql_config --libs | sed -e 's,-[^L][^ ]*,,g' -e 's,^ *,,' -e 's, *$,,' -e 's, *, ,g'`"
|
|
|
+if test x"$LIB_DIR" != "x-L%{_libdir}"; then
|
|
|
+ LDFLAGS="$LIB_DIR $LDFLAGS"; export LDFLAGS
|
|
|
+fi
|
|
|
+
|
|
|
+# Find the PostgreSQL libraries used needed by the SQL auxprop plugin.
|
|
|
+INC_DIR="-I`pg_config --includedir`"
|
|
|
+if test x"$INC_DIR" != "x-I%{_includedir}"; then
|
|
|
+ CPPFLAGS="$INC_DIR $CPPFLAGS"; export CPPFLAGS
|
|
|
+fi
|
|
|
+LIB_DIR="-L`pg_config --libdir`"
|
|
|
+if test x"$LIB_DIR" != "x-L%{_libdir}"; then
|
|
|
+ LDFLAGS="$LIB_DIR $LDFLAGS"; export LDFLAGS
|
|
|
+fi
|
|
|
+
|
|
|
+CFLAGS="$RPM_OPT_FLAGS $CFLAGS $CPPFLAGS -fPIC -pie -Wl,-z,relro -Wl,-z,now"; export CFLAGS
|
|
|
+
|
|
|
+echo "$CFLAGS"
|
|
|
+echo "$CPPFLAGS"
|
|
|
+echo "$LDFLAGS"
|
|
|
|
|
|
%configure \
|
|
|
--disable-static --enable-shared --disable-java \
|
|
|
- --with-plugindir=%{_plugindir2}:%{_sysconfdir}/sasl2 \
|
|
|
+ --with-plugindir=%{_plugindir2} \
|
|
|
+ --with-configdir=%{_plugindir2}:%{_sysconfdir}/sasl2 \
|
|
|
--disable-krb4 \
|
|
|
--with-rc4 \
|
|
|
--with-dblib=berkeley \
|
|
@@ -444,7 +397,8 @@ fi
|
|
|
|
|
|
%files
|
|
|
%defattr(-,root,root)
|
|
|
-%doc AUTHORS COPYING NEWS README doc/*.html
|
|
|
+%license COPYING
|
|
|
+%doc AUTHORS NEWS README doc/legacy/*.html
|
|
|
%doc $RPM_SOURCE_DIR/README.RPM
|
|
|
%dir %{_sysconfdir}/sasl2
|
|
|
%{_libdir}/libsasl*.so.*
|
|
@@ -557,6 +511,12 @@ fi
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
+* Mon May 13 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.1.27-1
|
|
|
+- new upstream release.
|
|
|
+- updated Patch11, 15, 21, 49 and 102.
|
|
|
+- dropped Patch44-48, 50-60 and 200.
|
|
|
+- added BR:libxcrypt-devel.
|
|
|
+
|
|
|
* Tue Nov 06 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.1.26-7
|
|
|
- rebuilt with openssl-1.1.1.
|
|
|
- added Patch54-60.
|