projects / shibboleth / sp.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Port up context changes to prevent false spoofing error.
[shibboleth/sp.git] / shibboleth.spec.in
diff --git a/shibboleth.spec.in b/shibboleth.spec.in
index 7cb964b..8fdd69c 100644 (file)
--- a/shibboleth.spec.in
+++ b/shibboleth.spec.in
@@ -2,17 +2,26 @@ Name:         shibboleth
 Summary:       Open source system to enable inter-institutional resource sharing
 Version:       @-VERSION-@
 Release:       6
 Summary:       Open source system to enable inter-institutional resource sharing
 Version:       @-VERSION-@
 Release:       6
-#Copyright:    University Corporation for Advanced Internet Development, Inc.
+#Copyright:    Internet2
 Group:         System Environment/Libraries
 License:       Apache style
 URL:           http://shibboleth.internet2.edu/
 Group:         System Environment/Libraries
 License:       Apache style
 URL:           http://shibboleth.internet2.edu/
-Source0:       http://wayf.internet2.edu/shibboleth/%{name}-%{version}.tar.gz
-Source1:       http://wayf.internet2.edu/shibboleth/%{name}-%{version}.tar.gz.asc
+Source0:       http://shibboleth.internet2.edu/downloads/%{name}-%{version}.tar.gz
 BuildRoot:     %{_tmppath}/%{name}-%{version}-root
 BuildRoot:     %{_tmppath}/%{name}-%{version}-root
+BuildRequires: openssl-devel
+BuildRequires: xerces%{?xercesver}-c-devel >= 2.8.0
+BuildRequires:  xml-security-c-devel >= 1.4.0
+BuildRequires: zlib-devel, opensaml-devel >= 2.0
+%{?_with_log4cpp:BuildRequires:        log4cpp-devel >= 1.0}
+%{!?_with_log4cpp:BuildRequires: log4shib-devel}
+%{?_with_fastcgi:BuildRequires: fcgi-devel}
+%if "%{_vendor}" == "redhat"
+%{!?_without_builtinapache:BuildRequires: httpd-devel}
+%endif
+%if "%{_vendor}" == "suse"
+%{!?_without_builtinapache:BuildRequires: apache2-devel}
+%endif
 
 
-BuildRequires: openssl-devel, curl-devel >= 7.10.6, xerces-c-devel >= 2.6.1
-BuildRequires: xml-security-c-devel >= 1.1.0, log4cpp-devel >= 0.3.5
-BuildRequires: zlib-devel, opensaml-devel >= 1.1, httpd-devel
 
 %description
 Shibboleth, a project of Internet2/MACE, is developing architectures,
 
 %description
 Shibboleth, a project of Internet2/MACE, is developing architectures,
@@ -40,138 +49,198 @@ education community.
 This package contains the headers and other necessary files to build
 applications that use the shibboleth library.
 
 This package contains the headers and other necessary files to build
 applications that use the shibboleth library.
 
-%package selinux-policy-targeted
-Summary: SELinux policy targeted configuration for Shibboleth SP
-Group: System Environment/Base
-Requires: selinux-policy-targeted-sources
-
-%description selinux-policy-targeted
-Shibboleth, a project of Internet2/MACE, is developing architectures,
-policy structures, practical technologies, and an open source
-implementation to support inter-institutional sharing of web resources
-subject to access controls. In addition, Shibboleth will develop a
-policy framework that will allow inter-operation within the higher
-education community.
+%package docs
+Summary: Shibboleth API Documentation
+Group: Development/Libraries
+Requires: %{name} = %{version}
 
 
-This package contains the SELinux Policy (source) Configuration to
-enable the Shibboleth SP to integrate into Apache HTTPD in Red Hat /
-Fedora's Policy Targeted SELinux implementation.  It requires
-rebuilding your policy, so you must have the policy-targeted-source
-installed.
+%description docs
+Shibboleth Library API documentation generated by doxygen.
 
 %prep
 %setup -q
 
 %build
 
 %prep
 %setup -q
 
 %build
-%configure --enable-apache-20
-make
-make -C selinux
+%configure %{?_without_odbc:--disable-odbc} %{?_without_adfs:--disable-adfs} %{?_with_fastcgi} %{?shib_options}
+%{__make}
 
 %install
 
 %install
-[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
-rm -rf _docs
-
-make install DESTDIR=$RPM_BUILD_ROOT
-make -C selinux install DESTDIR=$RPM_BUILD_ROOT
-mv $RPM_BUILD_ROOT/usr/doc/shibboleth _docs
+[ "$RPM_BUILD_ROOT" != "/" ] && %{__rm} -rf $RPM_BUILD_ROOT
+%{__make} install NOKEYGEN=1 DESTDIR=$RPM_BUILD_ROOT
 
 
-find $RPM_BUILD_ROOT/%{_libexecdir} -type f -or -type l | grep \.so |
-  sed -e "s|$RPM_BUILD_ROOT||" | sort > rpm.filelist
+%if "%{_vendor}" == "suse"
+       %{__sed} -i "s/\/var\/log\/httpd/\/var\/log\/apache2/g" \
+               $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/native.logger
+%endif
 
 %check || :
 
 %check || :
-make check
+%{__make} check
 
 %clean
 
 %clean
-[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
+[ "$RPM_BUILD_ROOT" != "/" ] && %{__rm} -rf $RPM_BUILD_ROOT
 
 %post
 
 %post
+%ifnos solaris2.8 solaris2.9 solaris2.10
 /sbin/ldconfig
 /sbin/ldconfig
+%endif
 
 
-# Plug the shibboleth SP into Apache2 on a Red Hat system.
-if [ -d %{_sysconfdir}/httpd/conf.d ] ; then 
-       if [ ! -f %{_sysconfdir}/httpd/conf.d/shib.conf ] ; then
-               sed "s/\/usr\/doc\/shibboleth/\/usr\/share\/doc\/shibboleth-@-VERSION-@/g" \
-                       %{_sysconfdir}/shibboleth/apache2.config \
-                       > %{_sysconfdir}/httpd/conf.d/shib.conf
+
+# Plug the SP into Apache on a recognized system.
+APACHE_CONFIG="no"
+if [ -f $RPM_BUILD_ROOT/%{_libdir}/%{name}/mod_shib_13.so ] ; then
+       APACHE_CONFIG="apache.config"
+fi
+if [ -f $RPM_BUILD_ROOT/%{_libdir}/%{name}/mod_shib_20.so ] ; then
+       APACHE_CONFIG="apache2.config"
+fi
+if [ -f $RPM_BUILD_ROOT/%{_libdir}/%{name}/mod_shib_22.so ] ; then
+       APACHE_CONFIG="apache22.config"
+fi
+if [ "$APACHE_CONFIG" != "no" ] ; then
+       APACHE_CONFD="no"
+       if [ -d %{_sysconfdir}/httpd/conf.d ] ; then
+               APACHE_CONFD="%{_sysconfdir}/httpd/conf.d"
+       fi
+       if [ -d %{_sysconfdir}/apache2/conf.d ] ; then
+               APACHE_CONFD="%{_sysconfdir}/apache2/conf.d"
+       fi
+       if [ "$APACHE_CONFD" != "no" ] ; then
+               if [ ! -f $APACHE_CONFD/shib.conf ] ; then
+%if "%{_vendor}" == "suse"
+                   %{__sed} "s/\/usr\/doc\/%{name}/\/usr\/share\/doc\/packages\/%{name}/g" \
+                               %{_sysconfdir}/%{name}/$APACHE_CONFIG \
+                               > $APACHE_CONFD/shib.conf
+%else
+                       %{__sed} "s/\/usr\/doc\/%{name}/\/usr\/share\/doc\/%{name}-@-VERSION-@/g" \
+                           %{_sysconfdir}/%{name}/$APACHE_CONFIG \
+                           > $APACHE_CONFD/shib.conf
+%endif
+               fi
        fi
 fi
 
 # Install the shibd init.d scripts and service
        fi
 fi
 
 # Install the shibd init.d scripts and service
-if [ -d %{_sysconfdir}/init.d ] ; then
-       if [ ! -f %{_sysconfdir}/init.d/shibd ] ; then
-               cp -p %{_sysconfdir}/shibboleth/shibd %{_sysconfdir}/init.d/shibd
-               chmod 755 %{_sysconfdir}/init.d/shibd
-               chkconfig --add shibd
+%if "%{_vendor}" == "redhat"
+       if [ -d %{_sysconfdir}/init.d ] ; then
+               if [ ! -f %{_sysconfdir}/init.d/shibd ] ; then
+                       %{__cp} -p %{_sysconfdir}/%{name}/shibd-%{_vendor} %{_sysconfdir}/init.d/shibd
+                       %{__chmod} 755 %{_sysconfdir}/init.d/shibd
+                       chkconfig --add shibd
+               fi
        fi
        fi
-fi
+%endif
+
+# Key generation
+cd %{_sysconfdir}/%{name}
+sh ./keygen.sh -b
 
 %postun
 
 %postun
+%ifnos solaris2.8 solaris2.9 solaris2.10
 /sbin/ldconfig
 /sbin/ldconfig
+%endif
 
 
-# delete the shibboleth apache configuration if we're being removed
+# delete the Apache configuration if we're being removed
 [ "$1" = 0 ] || exit 0
 [ -f %{_sysconfdir}/httpd/conf.d/shib.conf ] && \
 [ "$1" = 0 ] || exit 0
 [ -f %{_sysconfdir}/httpd/conf.d/shib.conf ] && \
-    rm -f %{_sysconfdir}/httpd/conf.d/shib.conf
+    %{__rm} -f %{_sysconfdir}/httpd/conf.d/shib.conf
+[ -f %{_sysconfdir}/apache2/conf.d/shib.conf ] && \
+    %{__rm} -f %{_sysconfdir}/apache2/conf.d/shib.conf
 
 # clear init.d state
 
 # clear init.d state
-chkconfig --del shibd
-[ -f %{_sysconfdir}/init.d/shibd ] && \
-    rm -f %{_sysconfdir}/init.d/shibd
-
-%triggerin selinux-policy-targeted -- %{name}
-restorecon %{_sbindir}/shibd
-
-%triggerin selinux-policy-targeted -- selinux-policy-targeted-sources
-cd %{_sysconfdir}/selinux/targeted/src/policy || exit 1
-make -W install
-make load
-restorecon %{_sbindir}/shibd
+%if "%{_vendor}" == "redhat"
+       chkconfig --del shibd
+       [ -f %{_sysconfdir}/init.d/shibd ] && \
+           %{__rm} -f %{_sysconfdir}/init.d/shibd
+%endif
 
 
-%files -f rpm.filelist
+%files
 %defattr(-,root,root,-)
 %defattr(-,root,root,-)
-%doc _docs/CREDITS.txt _docs/NOTICE.txt _docs/NEWS.txt _docs/logo.jpg
-%doc _docs/main.css _docs/README.txt _docs/LICENSE.txt _docs/mysql-4.0.12.diff
 %{_sbindir}/shibd
 %{_sbindir}/shibd
-%{_sbindir}/siterefresh
-%{_bindir}/shibtest
-%{_libdir}/libshib.so.*
-%{_libdir}/libshib-target.so.*
-%dir /var/log/shibboleth
-%dir %{_datadir}/xml/shibboleth
-%{_datadir}/xml/shibboleth/*.xsd
-%{_datadir}/xml/shibboleth/*.xsl
-%dir %{_sysconfdir}/shibboleth
-%config %{_sysconfdir}/shibboleth/*.xml
-%config %{_sysconfdir}/shibboleth/*.html
-%config %{_sysconfdir}/shibboleth/*.logger
-%config %{_sysconfdir}/shibboleth/inqueue.pem
-%config %{_sysconfdir}/shibboleth/sp-example.crt
-%config %{_sysconfdir}/shibboleth/sp-example.key
-%{_sysconfdir}/shibboleth/*.dist
-%{_sysconfdir}/shibboleth/apache*.config
-%{_sysconfdir}/shibboleth/shibd
-
-%exclude %{_bindir}/posttest
-%exclude %{_bindir}/test-client
-%exclude %{_libexecdir}/*.la
+%{_bindir}/mdquery
+%{_bindir}/resolvertest
+%{_libdir}/libshibsp.so.*
+%{_libdir}/libshibsp-lite.so.*
+%dir %{_libdir}/%{name}
+%{_libdir}/%{name}/*
+%exclude %{_libdir}/%{name}/*.la
+%dir %{_localstatedir}/log/%{name}
+%dir %{_localstatedir}/run/%{name}
+%dir %{_datadir}/xml/%{name}
+%{_datadir}/xml/%{name}/*
+%dir %{_sysconfdir}/%{name}
+%config(noreplace) %{_sysconfdir}/%{name}/*.xml
+%config(noreplace) %{_sysconfdir}/%{name}/*.html
+%config(noreplace) %{_sysconfdir}/%{name}/*.logger
+%{_sysconfdir}/%{name}/*.dist
+%{_sysconfdir}/%{name}/apache*.config
+%{_sysconfdir}/%{name}/shibd-redhat
+%{_sysconfdir}/%{name}/shibd-debian
+%{_sysconfdir}/%{name}/shibd-osx.plist
+%{_sysconfdir}/%{name}/keygen.sh
+%{_sysconfdir}/%{name}/*.xsl
+%docdir %{_datadir}/doc/%{name}
+%{_datadir}/doc/%{name}/CREDITS.txt
+%{_datadir}/doc/%{name}/FASTCGI.LICENSE
+%{_datadir}/doc/%{name}/INSTALL.txt
+%{_datadir}/doc/%{name}/LICENSE.txt
+%{_datadir}/doc/%{name}/LOG4CPP.LICENSE
+%{_datadir}/doc/%{name}/logo.jpg
+%{_datadir}/doc/%{name}/main.css
+%{_datadir}/doc/%{name}/NOTICE.txt
+%{_datadir}/doc/%{name}/OPENSSL.LICENSE
+%{_datadir}/doc/%{name}/README.txt
+%{_datadir}/doc/%{name}/RELEASE.txt
+%exclude %{_datadir}/doc/%{name}/INSTALL-WIN32.txt
 
 %files devel
 %defattr(-,root,root,-)
 %{_includedir}
 
 %files devel
 %defattr(-,root,root,-)
 %{_includedir}
-%{_libdir}/libshib.so
-%{_libdir}/libshib-target.so
+%{_libdir}/libshibsp.so
+%{_libdir}/libshibsp-lite.so
 
 
-%files selinux-policy-targeted
-%defattr(-,root,root,-)
-%{_sysconfdir}/selinux/targeted/src/policy/file_contexts/program/*.fc
-%{_sysconfdir}/selinux/targeted/src/policy/domains/program/*.te
+%files docs
+%defattr(644,root,root,755)
+%doc %{_datadir}/doc/%{name}/api
 
 %changelog
 
 %changelog
+* Fri Jan 18 2008  Scott Cantor  <cantor.2@osu.edu>  - 2.0-5
+- Release candidate 1.
+
+* Sun Oct 21 2007 Scott Cantor  <cantor.2@osu.edu>  - 2.0-4
+- libexec -> lib/shibboleth changes
+- Added doc subpackage
+
+* Thu Aug 16 2007 Scott Cantor  <cantor.2@osu.edu>  - 2.0-3
+- First public beta.
+
+* Fri Jul 13 2007 Scott Cantor <cantor.2@osu.edu>  - 2.0-2
+- Second alpha release.
+
+* Sun Jun 10 2007 Scott Cantor <cantor.2@osu.edu>  - 2.0-1
+- First alpha release.
+
+* Mon Oct 2 2006 Scott Cantor  <cantor.2@osu.edu>  - 1.3-11
+- Applied fix for secadv 20061002
+- Fix for metadata loader loop
+
+* Wed Jun 15 2006 Scott Cantor  <cantor.2@osu.edu>  - 1.3-10
+- Applied fix for sec 20060615
+
+* Fri Apr 15 2006 Scott Cantor  <cantor.2@osu.edu>  - 1.3-9
+- Misc. patches, SuSE, Apache 2.2, gcc 4.1, and 64-bit support
+
+* Mon Jan 9 2006 Scott Cantor  <cantor.2@osu.edu>  - 1.3-8
+- Applied new fix for secadv 20060109
+
+* Tue Nov 8 2005 Scott Cantor  <cantor.2@osu.edu>  - 1.3-7
+- Applied new fix for secadv 20050901 plus rollup
+
 * Fri Sep 23 2005 Scott Cantor  <cantor.2@osu.edu>  - 1.3-6
 - Minor patches and default config changes
 - pidfile patch
 - Fix shib.conf creation
 - Integrated init.d script
 * Fri Sep 23 2005 Scott Cantor  <cantor.2@osu.edu>  - 1.3-6
 - Minor patches and default config changes
 - pidfile patch
 - Fix shib.conf creation
 - Integrated init.d script
+- Prevent replacement of config files
 
 * Thu Sep 1 2005  Scott Cantor  <cantor.2@osu.edu>  - 1.3-5
 - Applied fix for secadv 20050901 plus rollup of NSAPI fixes
 
 * Thu Sep 1 2005  Scott Cantor  <cantor.2@osu.edu>  - 1.3-5
 - Applied fix for secadv 20050901 plus rollup of NSAPI fixes
Shibboleth SP