From 724334d32a4fdf54561dce645fecf6c28c3b4f53 Mon Sep 17 00:00:00 2001 From: Julian Ospald Date: Sun, 20 Sep 2015 16:05:39 +0200 Subject: [PATCH] dev-libs/cyrus-sasl: add libressl support --- .../cyrus-sasl/cyrus-sasl-2.1.26-r10.ebuild | 246 ++++++++++++++++++ 1 file changed, 246 insertions(+) create mode 100644 dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r10.ebuild diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r10.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r10.ebuild new file mode 100644 index 000000000000..76132c23d3e4 --- /dev/null +++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r10.ebuild @@ -0,0 +1,246 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd + +SASLAUTHD_CONF_VER="2.1.26" + +DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)" +HOMEPAGE="http://cyrusimap.web.cmu.edu/" +SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz" + +LICENSE="BSD-with-attribution" +SLOT="2" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd" +IUSE="authdaemond berkdb gdbm kerberos ldapdb libressl openldap mysql pam postgres sample selinux sqlite +srp ssl static-libs urandom" + +DEPEND="net-mail/mailbase + authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) ) + berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] ) + gdbm? ( >=sys-libs/gdbm-1.10-r1[${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] ) + mysql? ( virtual/mysql ) + pam? ( >=virtual/pam-0-r1[${MULTILIB_USEDEP}] ) + postgres? ( dev-db/postgresql:= ) + sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] ) + ssl? ( + !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) + libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] ) + ) + java? ( >=virtual/jdk-1.4:= )" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-sasl )" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/sasl/md5global.h +) + +pkg_setup() { + java-pkg-opt-2_pkg_setup +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-2.1.25-sasldb_al.patch + epatch "${FILESDIR}"/${PN}-2.1.25-saslauthd_libtool.patch + epatch "${FILESDIR}"/${PN}-2.1.25-avoid_pic_overwrite.patch + epatch "${FILESDIR}"/${PN}-2.1.25-autotools_fixes.patch + epatch "${FILESDIR}"/${PN}-2.1.25-as_needed.patch + epatch "${FILESDIR}"/${PN}-2.1.25-missing_header.patch + epatch "${FILESDIR}"/${PN}-2.1.25-fix_heimdal.patch + epatch "${FILESDIR}"/${PN}-2.1.25-auxprop.patch + epatch "${FILESDIR}"/${PN}-2.1.23-gss_c_nt_hostbased_service.patch + epatch "${FILESDIR}"/${PN}-2.1.25-service_keytabs.patch + epatch "${FILESDIR}"/${PN}-2.1.26-missing-size_t.patch + epatch "${FILESDIR}"/${PN}-2.1.26-CVE-2013-4122.patch + epatch "${FILESDIR}"/${PN}-2.1.26-send-imap-logout.patch + epatch "${FILESDIR}"/${PN}-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch + epatch "${FILESDIR}"/${PN}-2.1.26-fix_dovecot_authentication.patch + + # Get rid of the -R switch (runpath_switch for Sun) + # >=gcc-4.6 errors out with unknown option + sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \ + configure.in || die + + # Use plugindir for sasldir + sed -i '/^sasldir =/s:=.*:= $(plugindir):' \ + "${S}"/plugins/Makefile.{am,in} || die "sed failed" + + # #486740 #468556 + sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \ + -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \ + configure.in || die + sed -i -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \ + saslauthd/configure.in || die + + eautoreconf +} + +src_configure() { + append-flags -fno-strict-aliasing + append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED + + multilib-minimal_src_configure +} + +multilib_src_configure() { + # Java support. + multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}" + + local myconf=() + + # Add authdaemond support (bug #56523). + if use authdaemond ; then + myconf+=( --with-authdaemond=/var/lib/courier/authdaemon/socket ) + fi + + # Fix for bug #59634. + if ! use ssl ; then + myconf+=( --without-des ) + fi + + if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then + myconf+=( --enable-sql ) + else + myconf+=( --disable-sql ) + fi + + # Default to GDBM if both 'gdbm' and 'berkdb' are present. + if use gdbm ; then + einfo "Building with GNU DB as database backend for your SASLdb" + myconf+=( --with-dblib=gdbm ) + elif use berkdb ; then + einfo "Building with BerkeleyDB as database backend for your SASLdb" + myconf+=( + --with-dblib=berkeley + --with-bdb-incdir="$(db_includedir)" + ) + else + einfo "Building without SASLdb support" + myconf+=( --with-dblib=none ) + fi + + # Use /dev/urandom instead of /dev/random (bug #46038). + if use urandom ; then + myconf+=( --with-devrandom=/dev/urandom ) + fi + + ECONF_SOURCE=${S} \ + econf \ + --enable-login \ + --enable-ntlm \ + --enable-auth-sasldb \ + --disable-cmulocal \ + --disable-krb4 \ + --enable-otp \ + --without-sqlite \ + --with-saslauthd=/run/saslauthd \ + --with-pwcheck=/run/saslauthd \ + --with-configdir=/etc/sasl2 \ + --with-plugindir=/usr/$(get_libdir)/sasl2 \ + --with-dbpath=/etc/sasl2/sasldb2 \ + $(use_with ssl openssl) \ + $(use_with pam) \ + $(use_with openldap ldap) \ + $(use_enable ldapdb) \ + $(multilib_native_use_enable sample) \ + $(use_enable kerberos gssapi) \ + $(multilib_native_use_enable java) \ + $(multilib_native_use_with java javahome ${JAVA_HOME}) \ + $(multilib_native_use_with mysql mysql /usr) \ + $(multilib_native_use_with postgres pgsql) \ + $(use_with sqlite sqlite3 /usr/$(get_libdir)) \ + $(use_enable srp) \ + $(use_enable static-libs static) \ + "${myconf[@]}" +} + +multilib_src_compile() { + emake + + # Default location for java classes breaks OpenOffice (bug #60769). + # Thanks to axxo@gentoo.org for the solution. + if multilib_is_native_abi && use java ; then + jar -cvf ${PN}.jar -C java $(find java -name "*.class") + fi +} + +multilib_src_install() { + default + + if multilib_is_native_abi; then + if use sample ; then + docinto sample + dodoc "${S}"/sample/*.c + exeinto /usr/share/doc/${P}/sample + doexe sample/client sample/server + fi + + # Default location for java classes breaks OpenOffice (bug #60769). + if use java ; then + java-pkg_dojar ${PN}.jar + java-pkg_regso "${D}/usr/$(get_libdir)/libjavasasl.so" + # hackish, don't wanna dig through makefile + rm -Rf "${D}/usr/$(get_libdir)/java" + docinto "java" + dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/* + dodir "/usr/share/doc/${PF}/java/Test" + insinto "/usr/share/doc/${PF}/java/Test" + doins "${S}"/java/Test/*.java + fi + + dosbin saslauthd/testsaslauthd + fi +} + +multilib_src_install_all() { + keepdir /etc/sasl2 + + dodoc AUTHORS ChangeLog NEWS README doc/TODO doc/*.txt + newdoc pwcheck/README README.pwcheck + dohtml doc/*.html + + docinto "saslauthd" + dodoc saslauthd/{AUTHORS,ChangeLog,LDAP_SASLAUTHD,NEWS,README} + + newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd + + newinitd "${FILESDIR}/pwcheck.rc6" pwcheck + systemd_dounit "${FILESDIR}/pwcheck.service" + + newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd + newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd + systemd_dounit "${FILESDIR}/saslauthd.service" + systemd_dotmpfilesd "${FILESDIR}/${PN}.conf" + + prune_libtool_files --modules +} + +pkg_postinst () { + # Generate an empty sasldb2 with correct permissions. + if ( use berkdb || use gdbm ) && [[ ! -f "${ROOT}/etc/sasl2/sasldb2" ]] ; then + einfo "Generating an empty sasldb2 with correct permissions ..." + echo "p" | "${ROOT}/usr/sbin/saslpasswd2" -f "${ROOT}/etc/sasl2/sasldb2" -p login \ + || die "Failed to generate sasldb2" + "${ROOT}/usr/sbin/saslpasswd2" -f "${ROOT}/etc/sasl2/sasldb2" -d login \ + || die "Failed to delete temp user" + chown root:mail "${ROOT}/etc/sasl2/sasldb2" \ + || die "Failed to chown ${ROOT}/etc/sasl2/sasldb2" + chmod 0640 "${ROOT}/etc/sasl2/sasldb2" \ + || die "Failed to chmod ${ROOT}/etc/sasl2/sasldb2" + fi + + if use authdaemond ; then + elog "You need to add a user running a service using Courier's" + elog "authdaemon to the 'mail' group. For example, do:" + elog " gpasswd -a postfix mail" + elog "to add the 'postfix' user to the 'mail' group." + fi + + elog "pwcheck and saslauthd home directories have moved to:" + elog " /run/saslauthd, using tmpfiles.d" +} -- 2.26.2