forked from pool/pam_pkcs11
139 lines
4.5 KiB
RPMSpec
139 lines
4.5 KiB
RPMSpec
#
|
||
# spec file for package pam_pkcs11 (Version 0.6.0)
|
||
#
|
||
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||
# This file and all modifications and additions to the pristine
|
||
# package are under the same license as the package itself.
|
||
#
|
||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||
#
|
||
|
||
# norootforbuild
|
||
|
||
Name: pam_pkcs11
|
||
Version: 0.6.0
|
||
Release: 16
|
||
URL: http://www.opensc-project.org/pam_pkcs11/
|
||
Group: Productivity/Security
|
||
License: LGPL v2 or later
|
||
Summary: PKCS #11 PAM Module
|
||
Source: %{name}-%{version}.tar.bz2
|
||
Source1: pam_pkcs11-common-auth-smartcard.pam
|
||
Source2: secutil.h
|
||
Patch: %{name}-mapfile-syntax.patch
|
||
Patch1: %{name}-0.5.3-nss-conf.patch
|
||
Patch2: %{name}-0.6.0-ms-upn-oid.patch
|
||
Patch3: %{name}-0.6.0-nss-autoconf.patch
|
||
Patch4: %{name}-msnickname.patch
|
||
Patch5: %{name}-implicit-declaration.patch
|
||
BuildRequires: curl-devel libopenssl-devel libxslt mozilla-nss-devel openldap2-devel openssl-devel pam-devel pcsc-lite-devel pkg-config
|
||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||
|
||
%description
|
||
This Linux PAM module allows X.509 a certificate-based user
|
||
authentication. The certificate and its dedicated private key are
|
||
thereby accessed by means of an appropriate PKCS #11 module. For the
|
||
verification of the users' certificates, locally stored CA certificates
|
||
as well as online or locally accessible CRLs are used.
|
||
|
||
Additionally, the package includes pam_pkcs11-related tools: *
|
||
pkcs11_eventmgr: Generates actions on card insert, removal, or
|
||
time-out events
|
||
|
||
* pklogin_finder: Gets the login name that maps to a certificate
|
||
|
||
* pkcs11_inspect: Inspects the contents of a certificate
|
||
|
||
* make_hash_links: Creates hash link directories for storing CAs and
|
||
CRLs
|
||
|
||
|
||
|
||
Authors:
|
||
--------
|
||
Mario Strasser <mast@gmx.net>
|
||
Juan Antonio Martinez <jonsito@teleline.es>
|
||
Antti Tapaninen <aet@cc.hut.fi>
|
||
Timo Sirainen <tss@iki.fi>
|
||
Ludovic Rousseau <ludovic.rousseau@free.fr>
|
||
Andreas Jellinghaus <aj@dungeon.inka.de>
|
||
Dominik Fischer <dom_fischer@web.de>
|
||
Ville Skytt<EFBFBD> <vskytta@gmail.com>
|
||
|
||
%prep
|
||
%setup -q
|
||
%patch
|
||
%patch1 -p1
|
||
%patch2 -p1
|
||
%patch3 -p1
|
||
%patch4 -p1
|
||
%patch5
|
||
cp -a %{S:1} common-auth-smartcard
|
||
cp -a %{S:2} src/common/
|
||
|
||
%build
|
||
# LDAP_DEPRECATED required for for ldap_simple_bind_s(), ldap_search_s(), ldap_unbind_s()
|
||
# -fno-strict-aliasing required for pam_pkcs11-0.6.0:
|
||
export CFLAGS="$RPM_OPT_FLAGS -DLDAP_DEPRECATED -fno-strict-aliasing"
|
||
export CPPFLAGS="`pkg-config --cflags xulrunner-xpcom | sed 's: *:/system_wrappers&:g'`"
|
||
%configure\
|
||
--datadir=%{_docdir}\
|
||
--with-nss\
|
||
--with-curl
|
||
make %{?jobs:-j%jobs}
|
||
|
||
%install
|
||
%makeinstall
|
||
mkdir -p $RPM_BUILD_ROOT/%{_lib}
|
||
mv $RPM_BUILD_ROOT%{_libdir}/security $RPM_BUILD_ROOT/%{_lib}
|
||
rm $RPM_BUILD_ROOT%{_libdir}/pam_pkcs11/*.*a #$RPM_BUILD_ROOT/%{_lib}/security/*.*a
|
||
# Hardcoded defaults... no sysconfdir
|
||
install -dm 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam_pkcs11/cacerts
|
||
install -dm 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam_pkcs11/crls
|
||
cd etc
|
||
for conf in *.conf.example ; do
|
||
install -m 644 ${conf} $RPM_BUILD_ROOT%{_sysconfdir}/pam_pkcs11/${conf%.example}
|
||
done
|
||
cd ..
|
||
mkdir -p $RPM_BUILD_ROOT%{_docdir}/%{name}
|
||
cp -a AUTHORS COPYING ChangeLog ChangeLog.svn NEWS README TODO doc/pam_pkcs11.html doc/mappers_api.html doc/api doc/README.autologin doc/README.mappers $RPM_BUILD_ROOT%{_docdir}/%{name}
|
||
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
|
||
cp common-auth-smartcard $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/
|
||
%find_lang %{name}
|
||
|
||
%clean
|
||
rm -rf $RPM_BUILD_ROOT
|
||
|
||
%files -f %{name}.lang
|
||
%defattr (-, root, root)
|
||
%doc %{_docdir}/%{name}
|
||
%{_bindir}/*
|
||
%{_libdir}/pam_pkcs11
|
||
/%{_lib}/security/*.so
|
||
%doc %{_mandir}/man?/*.*
|
||
%dir %{_sysconfdir}/pam_pkcs11
|
||
%dir %{_sysconfdir}/pam_pkcs11/cacerts
|
||
%dir %{_sysconfdir}/pam_pkcs11/crls
|
||
%config(noreplace) %{_sysconfdir}/pam_pkcs11/*.conf
|
||
%config(noreplace) %{_sysconfdir}/pam.d/common-auth-smartcard
|
||
|
||
%changelog
|
||
* Thu Sep 06 2007 - jberkman@novell.com
|
||
- use the same directory for nssdb as the kerberos pkinit plugin
|
||
* Tue Jul 31 2007 - sbrabec@suse.cz
|
||
- Build with NSS instead of openssl.
|
||
- Applied patches from Jacob Berkman: MS UPN OID and NSS
|
||
configuration.
|
||
- Fixed implicit declaration.
|
||
* Thu Jul 26 2007 - sbrabec@suse.cz
|
||
- Updated to version 0.6.0:
|
||
* compiler warning fixes
|
||
* I18N support
|
||
* new configuration options
|
||
* support for new environment variables
|
||
* new tool pkcs11_setup
|
||
* support for the NSS crypto libraries (off by default)
|
||
* for more changes see ChangeLog.svn
|
||
* Fri May 12 2006 - sbrabec@suse.cz
|
||
- New SuSE package, version 0.5.3.
|