path: root/php-pecl-mysqlnd-krb.spec

# remirepo spec file for php-pecl-mysqlnd-krb
#
# Copyright (c) 2023 Remi Collet
# License: CC-BY-SA-4.0
# http://creativecommons.org/licenses/by-sa/4.0/
#
# Please, preserve the changelog entries
#

%{?scl:%scl_package php-pecl-mysqlnd-krb}

%global mysql_sock  %(mysql_config --socket 2>/dev/null || echo /var/lib/mysql/mysql.sock)

%global with_zts    0%{!?_without_zts:%{?__ztsphp:1}}
%global pecl_name   mysqlnd_krb
# After 20-mysqlnd.ini
%global ini_name    40-%{pecl_name}.ini

%global upstream_version 1.0.0
#global upstream_prever  RC
%global sources          %{pecl_name}-%{upstream_version}%{?upstream_prever}
%global _configure       ../%{sources}/configure

Summary:        Kerberos authentication plugin for mysqlnd
Name:           %{?scl_prefix}php-pecl-mysqlnd-krb
Version:        %{upstream_version}%{?upstream_prever:~%{upstream_prever}}
Release:        1%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}}

License:        PHP
URL:            https://pecl.php.net/package/%{pecl_name}
Source0:        https://pecl.php.net/get/%{sources}.tgz

BuildRequires:  make
BuildRequires:  %{?dtsprefix}gcc
BuildRequires:  %{?scl_prefix}php-devel >= 7.4
BuildRequires:  %{?scl_prefix}php-mysqlnd
BuildRequires:  %{?scl_prefix}php-pear
BuildRequires:  krb5-devel

Requires:       %{?scl_prefix}php(zend-abi) = %{php_zend_api}
Requires:       %{?scl_prefix}php(api) = %{php_core_api}
Requires:       %{?scl_prefix}php-mysqlnd%{?_isa}

Provides:       %{?scl_prefix}php-%{pecl_name}               = %{version}
Provides:       %{?scl_prefix}php-%{pecl_name}%{?_isa}       = %{version}
Provides:       %{?scl_prefix}php-pecl(%{pecl_name})         = %{version}
Provides:       %{?scl_prefix}php-pecl(%{pecl_name})%{?_isa} = %{version}
# Notice pecl_name != name
Provides:       %{?scl_prefix}php-pecl-%{pecl_name}          = %{version}-%{release}
Provides:       %{?scl_prefix}php-pecl-%{pecl_name}%{?_isa}  = %{version}-%{release}


%description
The mysqlnd_krb extension is an authentication 
plugin for mysqlnd that enables connections to MySQL accounts
that use Kerberos authentication.

If a MySQL account is configured with Kerberos authentication
(using `IDENTIFIED WITH kerberos_authentication` clause
of `CREATE USER`, see [1]) then normally `mysqlnd` will not
be able to connect to such an account. With this plugin such
connections are possible provided that user has appropriate
tickets loaded into the Kerberos ticket cache (in this case
no password is needed in the connection data).

If a ticket for the MySQL service is not present in the cache
the plugin can fetch the required ticket from Kerberos provided
that user principal's password is given in the connection data.

[1] https://dev.mysql.com/doc/refman/8.0/en/kerberos-pluggable-authentication.html

Package built for PHP %(%{__php} -r 'echo PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')%{?scl: as Software Collection (%{scl} by %{?scl_vendor}%{!?scl_vendor:rh})}.


%prep
%setup -qc
# Don't install/register tests
sed -e 's/role="test"/role="src"/' \
    %{?_licensedir:-e '/LICENSE/s/role="doc"/role="src"/' } \
    -i package.xml

cd %{sources}
# Sanity check, really often broken
vermaj=$(sed -n '/#define PHP_MYSQLND_KRB_MAJOR/{s/.* //;p}'   php_mysqlnd_krb.h)
vermin=$(sed -n '/#define PHP_MYSQLND_KRB_MINOR/{s/.* //;p}'   php_mysqlnd_krb.h)
verrel=$(sed -n '/#define PHP_MYSQLND_KRB_RELEASE/{s/.* //;p}' php_mysqlnd_krb.h)
if test "x${vermaj}.${vermin}.${verrel}" != "x%{upstream_version}%{?upstream_prever}"; then
   : Error: Upstream extension version is ${vermaj}.${vermin}.${verrel}, expecting %{upstream_version}%{?upstream_prever}.
   exit 1
fi
cd ..

mkdir NTS
%if %{with_zts}
mkdir  ZTS
%endif

# Create configuration files
cat << 'EOF' | tee %{ini_name}
; Enable %{pecl_name} extension modules
extension=%{pecl_name}.so
EOF


%build
%{?dtsenable}

cd %{sources}
%{__phpize}

cd ../NTS
%configure \
    --enable-mysqlnd_krb \
    --with-libdir=%{_lib} \
    --with-php-config=%{__phpconfig}
make %{?_smp_mflags}

%if %{with_zts}
cd ../ZTS
%configure \
    --enable-mysqlnd_krb \
    --with-libdir=%{_lib} \
    --with-php-config=%{__ztsphpconfig}
make %{?_smp_mflags}
%endif

%install
%{?dtsenable}

# Install the NTS stuff
make -C NTS   install INSTALL_ROOT=%{buildroot}
install -D -m 644 %{ini_name}   %{buildroot}%{php_inidir}/%{ini_name}

# Install XML package description
install -D -m 644 package.xml %{buildroot}%{pecl_xmldir}/%{name}.xml

%if %{with_zts}
# Install the ZTS stuff
make -C ZTS   install INSTALL_ROOT=%{buildroot}
install -D -m 644 %{ini_name}   %{buildroot}%{php_ztsinidir}/%{ini_name}
%endif

# Documentation
cd %{sources}
for i in $(grep 'role="doc"' ../package.xml | sed -e 's/^.*name="//;s/".*$//')
do [ -f $i ] &&  install -Dpm 644 $i %{buildroot}%{pecl_docdir}/%{pecl_name}/$i
done


%check
: Minimal load test for NTS extensions
%{__php} --no-php-ini \
    --define extension=mysqlnd \
    --define extension=%{buildroot}%{php_extdir}/%{pecl_name}.so \
    --modules | grep '^%{pecl_name}$'

%if %{with_zts}
: Minimal load test for ZTS extension
%{__ztsphp} --no-php-ini \
    --define extension=mysqlnd \
    --define extension=%{buildroot}%{php_ztsextdir}/%{pecl_name}.so \
    --modules | grep '^%{pecl_name}$'
%endif


%if 0%{?fedora} < 24 && 0%{?rhel} < 8
# when pear installed alone, after us
%triggerin -- %{?scl_prefix}php-pear
if [ -x %{__pecl} ] ; then
    %{pecl_install} %{pecl_xmldir}/%{name}.xml >/dev/null || :
fi

# posttrans as pear can be installed after us
%posttrans
if [ -x %{__pecl} ] ; then
    %{pecl_install} %{pecl_xmldir}/%{name}.xml >/dev/null || :
fi

%postun
if [ $1 -eq 0 -a -x %{__pecl} ] ; then
    %{pecl_uninstall} %{pecl_name} >/dev/null || :
fi
%endif


%files
%{?_licensedir:%license %{sources}/LICENSE}
%doc %{pecl_docdir}/%{pecl_name}
%{pecl_xmldir}/%{name}.xml

%config(noreplace) %{php_inidir}/%{ini_name}
%{php_extdir}/%{pecl_name}.so

%if %{with_zts}
%config(noreplace) %{php_ztsinidir}/%{ini_name}
%{php_ztsextdir}/%{pecl_name}.so
%endif


%changelog
* Wed Aug  2 2023 Remi Collet <remi@remirepo.net> - 1.0.0-1
- initial package, version 1.0.0 (beta)