PORTREVISION=	1

AUTOHEADER=	autoheader

AUTOMAKE=	automake --add-missing --include-deps

pre-fetch:

	@${SETENV} ${SCRIPTS_ENV} ${SH} ${SCRIPTDIR}/configure.sasl

pre-configure:

	@(cd ${WRKSRC} && ${AUTOHEADER})

	@${INSTALL_DATA} ${FILESDIR}/Sendmail.README ${PREFIX}/share/doc

	@PKG_PREFIX=${PREFIX} BATCH=${BATCH} ${SH} ${PKGDIR}/INSTALL ${PKGNAME} POST-INSTALL

	@${CAT} ${PKGMESSAGE}

.if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc)

How to enable SMTP AUTH with FreeBSD default Sendmail 8.11

1. Edit /usr/src/usr.sbin/sendmail/Makefile, and change the line:

    LDADD= -lutil -lwrap

into

    LDADD+= -lutil -lwrap

    NOTE: This change is in 5.0-CURRENT and will be MFC'd to

    4.1-STABLE later.

2) Add the following to  /etc/make.conf:

# Add SMTP AUTH support to Sendmail

.if ${.CURDIR} == "/usr/src/usr.sbin/sendmail"

CFLAGS+=-DSASL -I/usr/local/include/sasl -L/usr/local/lib

LDADD+=-lsasl

.endif

3) Rebuild FreeBSD (make buildworld, ...)

4) Create /usr/local/lib/sasl/Sendmail.conf with the following.

   pwcheck_method: pwcheck

@@ -310,6 +311,88 @@

 fi

 AM_CONDITIONAL(PWCHECK, test "$with_pwcheck" != no)

+dnl MySQL

+AC_ARG_WITH(mysql,  [ --with-mysql=PATH        enable authentication from MySQL database [no] ],

+  with_mysql=$withval,

+  with_mysql=no)

+

+if test -z "$with_mysql"; then

+  for mysqlloc in lib/mysql lib

+  do

+    if test -f ${prefix}/${mysqlloc}/libmysqlclient.a; then

+      with_mysql="${prefix}"

+      break

+    elif test -f /usr/local/${mysqlloc}/libmysqlclient.a; then

+      with_mysql="/usr/local"

+      break

+    elif test -f /usr/${mysqlloc}/libmysqlclient.a; then

+      with_mysql="/usr"

+      break

+    fi

+  done

+fi

+

+LIB_MYSQL=""

+case "$with_mysql" in

+    no) true;;

+    ""|yes) AC_CHECK_LIB(mysqlclient, mysql_select_db,

+		AC_DEFINE(HAVE_MYSQL)

+		LIB_MYSQL="-lmysqlclient",

+		with_mysql=no);;

+    *)	if test -d ${with_mysql}/include/mysql; then

+	  CPPFLAGS="$CPPFLAGS -I${with_mysql}/include/mysql"

+	else

+	  CPPFLAGS="$CPPFLAGS -I${with_mysql}/include"

+	fi

+	if test -d ${with_mysql}/lib/mysql; then

+	  LDFLAGS="$LDFLAGS -L${with_mysql}/lib/mysql"

+	fi

+	AC_DEFINE(HAVE_MYSQL)

+	LIB_MYSQL="-lmysqlclient";;

+esac

+AC_SUBST(LIB_MYSQL)

+

+dnl LDAP

+AC_ARG_WITH(ldap, [  --with-ldap=PATH         enable authentication from LDAP [no] ],

+  with_ldap=$withval,

+  with_ldap=no)

+

+if test -z "$with_ldap"; then

+  for ldaploc in lib/ldap lib

+  do

+    if test -f ${prefix}/${ldaploc}/libldap.a; then

+      with_ldap="${prefix}"

+      break

+    elif test -f /usr/local/${ldaploc}/libldap.a; then

+      with_ldap="/usr/local"

+      break

+    elif test -f /usr/${ldaploc}/libldap.a; then

+      with_ldap="/usr"

+      break

+    fi

+  done

+fi

+

+LIB_LDAP=""

+case "$with_ldap" in

+    no) true;;

+    ""|yes) AC_CHECK_LIB(ldap, ldap_open,

+                AC_DEFINE(HAVE_LDAP)

+		LIB_LDAP="-lldap -llber",

+                with_ldap=no);;

+    *)  if test -d ${with_ldap}/include/ldap; then

+          CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include/ldap"

+        else

+          CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include"

+        fi

+	if test -d ${with_ldap}/lib/ldap; then

+	  LDFLAGS="$LDFLAGS -L${with_ldap}/lib/ldap"

+	fi

+        AC_DEFINE(HAVE_LDAP)

+        LIB_LDAP="-lldap -llber";;

+esac

+AC_SUBST(LIB_LDAP)

+

 dnl CRAM-MD5

 AC_ARG_ENABLE(cram, [  --enable-cram           enable CRAM-MD5 authentication [yes] ],

   cram=$enableval,

@@ -434,11 +517,15 @@

   fi

   if test "$with_des" != no; then

+    case "$host_os" in

+	freebsd*)

+	    COM_ERR="-lcom_err"

+	    ;;

+    esac

     AC_CHECK_HEADER(krb.h,

-      AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="",

-	AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err",

-                     AC_WARN(No Kerberos V4 found); krb4=no, -ldes -lcom_err),

-        -ldes),

+      AC_CHECK_LIB(krb, krb_mk_priv,:,

+		   AC_WARN(No Kerberos V4 found); krb4=no,

+		   -ldes $COM_ERR),

       AC_WARN(No Kerberos V4 found); krb4=no)

   else

     AC_WARN(No DES library found for Kerberos V4 support)

--- acconfig.h.orig	Wed Jul  5 11:59:25 2000

+++ acconfig.h	Fri Sep 15 20:56:28 2000

@@ -84,6 +84,12 @@

 /* do we have PAM for plaintext password checking? */

 #undef HAVE_PAM

+/* do we have MySQL for plaintext password checking? */

+#undef HAVE_MYSQL

+

+/* do we have LDAP for plaintext password checking? */

+#undef HAVE_LDAP

+

 /* what flavor of GSSAPI are we using? */

 #undef HAVE_GSS_C_NT_HOSTBASED_SERVICE

--- lib/Makefile.am.orig	Thu Jul 20 21:35:02 2000

+++ lib/Makefile.am	Fri Sep 15 20:56:28 2000

@@ -53,5 +53,5 @@

 EXTRA_libsasl_la_SOURCES = db_none.c db_ndbm.c db_gdbm.c db_berkeley.c db_testw32.c

 libsasl_la_LDFLAGS = -version-info $(sasl_version)

 libsasl_la_DEPENDENCIES = $(SASL_DB_BACKEND) @LTLIBOBJS@

-libsasl_la_LIBADD = @LTLIBOBJS@ $(SASL_DB_BACKEND) $(SASL_DB_LIB) $(SASL_DL_LIB) $(PLAIN_LIBS)

+libsasl_la_LIBADD = @LTLIBOBJS@ $(SASL_DB_BACKEND) $(SASL_DB_LIB) $(SASL_DL_LIB) $(PLAIN_LIBS) ${LIB_LDAP} ${LIB_MYSQL}

 # PLAIN_LIBS are linked in for sasl_checkpass

--- lib/checkpw.c.orig	Wed Jul 19 20:24:13 2000

+++ lib/checkpw.c	Sat Sep 16 21:07:33 2000

@@ -95,10 +95,19 @@

 #include <sys/un.h>

 #ifdef HAVE_UNISTD_H

 #include <unistd.h>

-#endif

+#endif /* HAVE_UNISTD_H */

 extern int errno;

-#endif

+#endif /* HAVE_PWCHECK */

+

+#ifdef HAVE_MYSQL

+#include <mysql.h>

+#endif /* HAVE_MYSQL */

+

+#ifdef HAVE_LDAP

+#include <lber.h>

+#include <ldap.h>

+#endif /* HAVE_LDAP */

 #ifdef HAVE_KRB

@@ -170,12 +179,20 @@

     memcpy (&temp_key, "kerberos", 8);

     des_fixup_key_parity (&temp_key);

     des_key_sched (&temp_key, schedule);

+#ifdef __FreeBSD__

+    des_cbc_cksum ((const unsigned char *)password, &ivec, passlen, schedule, &ivec);

+#else

     des_cbc_cksum ((des_cblock *)password, &ivec, passlen, schedule, &ivec);

+#endif

     memcpy (&temp_key, &ivec, sizeof temp_key);

     des_fixup_key_parity (&temp_key);

     des_key_sched (&temp_key, schedule);

+#ifdef __FreeBSD__

+    des_cbc_cksum ((const unsigned char *)password, key, passlen, schedule, &ivec);

+#else

     des_cbc_cksum ((des_cblock *)password, key, passlen, schedule, &ivec);

+#endif

     des_fixup_key_parity (key);

@@ -210,10 +227,17 @@

     return (str);

 }

+#ifdef __FreeBSD__

+static int use_key(const char *user __attribute__((unused)),

+                   char *instance __attribute__((unused)),

+                   const char *realm __attribute__((unused)),

+                   const void *key, des_cblock *returned_key)

+#else

 static int use_key(char *user __attribute__((unused)), 

 		   char *instance __attribute__((unused)), 

 		   char *realm __attribute__((unused)), 

 		   void *key, des_cblock *returned_key)

+#endif

 {

     memcpy (returned_key, key, sizeof(des_cblock));

     return 0;

@@ -838,7 +862,7 @@

 /* pwcheck daemon-authenticated login */

-static int pwcheck_verify_password(sasl_conn_t *conn,

+static int pwcheck_verify_password(sasl_conn_t *conn __attribute__((unused)),

 				   const char *userid, 

 				   const char *passwd,

 				   const char *service __attribute__((unused)),

@@ -853,8 +877,10 @@

     static char response[1024];

     int start, n;

     char pwpath[1024];

+#if 0	/* Not used */

     sasl_getopt_t *getopt;

     void *context;

+#endif

     if (reply) { *reply = NULL; }

@@ -902,6 +928,260 @@

 #endif

+#ifdef HAVE_MYSQL

+/* DMZ mysql auth 12/29/1999

+ * Updated to 1.5.24 by SWH 09/12/2000

+ */

+#ifdef USE_CRYPT_PASSWORD

+#define QUERY_STRING    "select %s from %s where %s = '%s' and %s = password('%s')"

+#else

+#define QUERY_STRING    "select %s from %s where %s = '%s' and %s = '%s'"

+#endif

+

+static int mysql_verify_password(sasl_conn_t *conn,

+				const char *userid,

+				const char *password,

+				const char *service __attribute__((unused)),

+				const char *user_realm __attribute__((unused)),

+				const char **reply)

+{

+   unsigned int numrows;

+   MYSQL mysql,*sock;

+   MYSQL_RES *result;

+   char qbuf[300];

+   char *db_user="",

+        *db_passwd="",

+        *db_host="",

+        *db_uidcol="",

+        *db_pwcol="",

+        *db_database="",

+        *db_table="";

+   sasl_getopt_t *getopt;

+   void *context;

+ 

+   if (!userid || !password) {

+       return SASL_BADPARAM;

+   }

+   if (reply) { *reply = NULL; }

+ 

+   /* check to see if the user configured a mysqluser/passwd/host/etc */

+   if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) {

+       getopt(context, NULL, "mysql_user", (const char **) &db_user, NULL);

+       if (!db_user) db_user = "";

+       getopt(context, NULL, "mysql_passwd", (const char **) &db_passwd, NULL);

+       if (!db_passwd) db_passwd = "";

+       getopt(context, NULL, "mysql_host", (const char **) &db_host, NULL);

+       if (!db_host) db_host = "";

+       getopt(context, NULL, "mysql_database", (const char **) &db_database, NULL);

+       if (!db_database) db_database = "";

+       getopt(context, NULL, "mysql_table", (const char **) &db_table, NULL);

+       if (!db_table) db_table = "";

+       getopt(context, NULL, "mysql_uidcol", (const char **) &db_uidcol, NULL);

+       if (!db_uidcol) db_uidcol = "";

+       getopt(context, NULL, "mysql_pwdcol", (const char **) &db_pwcol, NULL);

+       if (!db_pwcol) db_pwcol = "";

+    }

+

+    if (!(sock = mysql_connect(&mysql,db_host,db_user,db_passwd)))

+    {

+      if (reply) { *reply = "cannot connect to MySQL server"; }

+      return SASL_FAIL;

+    }

+

+    if (mysql_select_db(sock,db_database) < 0)

+    {

+      mysql_close(sock);

+      if (reply) { *reply = "cannot select MySQL database"; }

+      return SASL_FAIL;

+    }

+    /* select DB_UIDCOL from DB_TABLE where DB_UIDCOL = 'userid' AND DB_PWCOL = password('password') */

+    sprintf(qbuf,QUERY_STRING,db_uidcol,db_table,db_uidcol,userid,db_pwcol,password);

+    if (mysql_query(sock,qbuf) < 0 || !(result=mysql_store_result(sock)))

+    {

+      mysql_close(sock);

+      return SASL_FAIL;

+    }

+

+    if (result) //There were some rows found

+    {

+           if ((numrows = mysql_affected_rows(&mysql)) != 1)

+           {

+                   mysql_free_result(result);

+                   mysql_close(sock);

+		   if ((numrows > 1) && (reply)) { *reply = "Detected duplicate entries for user"; }

+                   return SASL_BADAUTH;

+           } else {

+                   mysql_free_result(result);

+                   mysql_close(sock);

+                   return SASL_OK;

+	   }

+    }

+    mysql_free_result(result);

+    mysql_close(sock);

+    return SASL_BADAUTH;

+}

+#endif /* HAVE_MYSQL */

+

+#ifdef HAVE_LDAP

+/* simon@surf.org.uk LDAP auth 07/11/2000

+ * Updated to 1.5.24 by SWH 09/12/2000

+ */

+

+#define LDAP_SERVER	"localhost"

+#define LDAP_BASEDN	"o=JOFA, c=UK"

+#define LDAP_UIDATTR	"uid"

+

+#ifndef TRUE

+# define TRUE		1

+# define FALSE		0

+#endif

+

+static int ldap_isdigits(char *value)

+{

+    char *ptr;

+    int num = TRUE;

+

+    for (ptr = value; *ptr != '\0' && num != FALSE; ptr++) {

+	if (!isdigit(*ptr))

+	    num = FALSE;

+    }

+

+    return num;

+}

+

+static int ldap_verify_password(sasl_conn_t *conn,

+				const char *userid,

+				const char *password,

+				const char *service __attribute__((unused)),

+				const char *user_realm __attribute__((unused)),

+				const char **reply)

+{

+

+    LDAP *ld;

+    LDAPMessage *result;

+    LDAPMessage *entry;

+    char *attrs[2];

+    char filter[200]; 

+    char *dn,

+	 *ldap_server="",

+	 *ldap_basedn="",

+	 *ldap_uidattr="",

+	 *port_num="";

+    int ldap_port = LDAP_PORT;

+    int count;

+    sasl_getopt_t *getopt;

+    void *context;

+

+    /* If the password is NULL, reject the login...

+     * Otherwise the bind will succed as a reference bind. Not good...

+     */

+    if (strcmp(password,"") == 0)

+    {

+	return SASL_BADPARAM;

+    }

+

+   if (reply) { *reply = NULL; }

+

+   /* check to see if the user configured a mysqluser/passwd/host/etc */

+   if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) {

+	getopt(context, NULL, "ldap_server", (const char **) &ldap_server, NULL);

+	if (!ldap_server) ldap_server = LDAP_SERVER;

+	getopt(context, NULL, "ldap_basedn", (const char **) &ldap_basedn, NULL);

+	if (!ldap_basedn) {

+	    if (reply) { *reply = "ldap_basedn not defined"; }

+	    return SASL_BADPARAM;

+	}

+	getopt(context, NULL, "ldap_uidattr", (const char **) &ldap_uidattr, NULL);

+	if (!ldap_uidattr) ldap_uidattr = LDAP_UIDATTR;

+	getopt(context, NULL, "ldap_port", (const char **) &port_num, NULL);

+	if (!port_num) {

+	    ldap_port = LDAP_PORT;

+	} else if (!ldap_isdigits(port_num)) {

+	    if (reply) { *reply = "ldap_port - invalid value"; }

+	    return SASL_BADPARAM;

+	} else {

+	    ldap_port = atoi(port_num);

+	}

+    }

+

+    /* Open the LDAP connection. */

+    if ((ld = ldap_open(ldap_server, ldap_port)) == NULL)

+    {

+	if (reply) { *reply = "cannot connect to LDAP server"; }

+	return SASL_FAIL;

+    }

+

+    /* Bind anonymously so that you can find the DN of the appropriate user. */

+    if (ldap_simple_bind_s(ld,"","") != LDAP_SUCCESS)

+    {

+	ldap_unbind(ld);

+	if (reply) { *reply = "cannot bind to LDAP server"; }

+	return SASL_FAIL;

+    }

+

+    /* Generate a filter that will return the entry with a matching UID */

+    sprintf(filter,"(%s=%s)", ldap_uidattr,userid);

+

+    /* Just return country...This doesn't actually matter, since we will

+     * not read the attributes and values, only the DN

+     */

+    attrs[0] = "c";

+    attrs[1] = NULL;

+

+    /* Perform the search... */

+    if (ldap_search_s(ld,ldap_basedn,LDAP_SCOPE_SUBTREE,filter,attrs,1,&result) != LDAP_SUCCESS )

+    {

+	ldap_unbind(ld);

+	return SASL_BADAUTH;

+    }

+

+    /* If the entry count is not equal to one, either the UID was not unique or

+     * there was no match

+     */

+    if ((count = ldap_count_entries(ld,result)) != 1)

+    {

+	ldap_msgfree(result);

+	ldap_unbind(ld);

+	if ((count > 1) && (reply)) { *reply = "Detected duplicate entries for user"; }

+	return SASL_BADAUTH;

+    }

+

+    /* Get the first entry */

+    if ((entry = ldap_first_entry(ld,result)) == NULL)

+    {

+	ldap_msgfree(result);

+	ldap_unbind(ld);

+	return SASL_BADAUTH;

+    }

+

+    /* Get the DN of the entry */

+    if ((dn = ldap_get_dn(ld,entry)) == NULL)

+    {

+	ldap_msgfree(entry);

+	ldap_unbind(ld);

+	return SASL_BADAUTH;

+    }

+

+    /* Now bind as the DN with the password supplied earlier...

+     * Successful bind means the password was correct, otherwise the

+     * password is invalid.

+     */

+    if (ldap_simple_bind_s(ld,dn,(char *)password) != LDAP_SUCCESS)

+    {

+	free(dn);

+	ldap_msgfree(entry);

+	ldap_unbind(ld);

+	return SASL_BADAUTH;

+    }

+

+    free(dn);

+    ldap_msgfree(entry);

+    ldap_unbind(ld);

+    return SASL_OK;

+}

+

+#endif /* HAVE_LDAP */

+

 struct sasl_verify_password_s _sasl_verify_password[] = {

     { "sasldb", &sasldb_verify_password },

 #ifdef HAVE_KRB

@@ -921,6 +1201,12 @@

 #endif

 #ifdef HAVE_PWCHECK

     { "pwcheck", &pwcheck_verify_password },

+#endif

+#ifdef HAVE_MYSQL

+    { "mysql", &mysql_verify_password },

+#endif

+#ifdef HAVE_LDAP

+    { "ldap", &ldap_verify_password },

 #endif

     { NULL, NULL }

 };

--- doc/sysadmin.html.orig	Wed Jul 12 21:59:51 2000

+++ doc/sysadmin.html	Fri Sep 15 20:56:28 2000

@@ -171,6 +171,43 @@

 <dt><i>pwcheck</i><dd> checks passwords with the use of a seperate,

   helper daemon. <b>needs to be documented.</b><p>

+<dt><i>mysql</i><dd> A MySQL database can be used for plaintext

+  password checking by setting "pwcheck_method" to "mysql".<p>

+

+  <p>The following SASL options are used for MySQL Authentication:<p>

+

+  <dl>

+    <dd>mysql_user: &lt;user&gt;</dd>

+    <dd>mysql_passwd: &lt;cleartext pw&gt;</dd>

+    <dd>mysql_host: &lt;host&gt;</dd>

+    <dd>mysql_database: &lt;database&gt;</dd>

+    <dd>mysql_table: &lt;table&gt;</dd>

+    <dd>mysql_uidcol: &lt;username col&gt;</dd>

+    <dd>mysql_pwdcol: &lt;password col&gt;</dd>

+  </dl>

+

+  <p>MySQL pwcheck_method created by <a href="mailto:dmz@dmzs.com">David Matthew Zendzian</a>

+  the original patch may be found at <a href="http://www.dmzs.com/~dmz/projects/cyrus/">http://www.dmzs.com/~dmz/projects/cyrus/</a>.<p>

+

+<dt><i>ldap</i><dd> A LDAP server can be used for plaintext password

+  checking by setting "pwcheck_method" to "ldap".<p>

+

+  <p>The following SASL options are used for LDAP Authentication:<p>

+

+  <dl>

+    <dd>ldap_server: &lt;LDAP Server [localhost]&gt;

+    <dd>ldap_basedn: &lt;LDAP base dn&gt;

+    <dd>ldap_uidattr: &lt;LDAP uid attribute [uid]&gt;

+    <dd>ldap_port: &lt;LDAP port [389]&gt;

+  </dl>

+

+  <p>It is a requirement that "ldap_basedn" be set to the appropriate

+  value for your site<br>

+  (ex. ldap_basedn: o=surf, c=UK)<p>

+

+  <p>LDAP pwcheck_method created by <a href="mailto:simon@surf.org.uk">Simon@surf.org.uk</a>

+  the original patch may be found at <a href="http://www.surf.org.uk/">http://www.surf.org.uk/</a>.<p>

+

 <dt><i>write your own</i><dd> Last, but not least, the most flexible

   method of authentication for PLAIN is to write your own.  If you do

   so, any application that calls the "<tt>sasl_checkpass()</tt>"

--- plugins/kerberos4.c.orig	Wed Apr 19 11:18:48 2000

+++ plugins/kerberos4.c	Sat Sep 16 18:49:20 2000

@@ -696,8 +696,13 @@

     /* decrypt; verify checksum */

+#ifdef __FreeBSD__

+    des_pcbc_encrypt((const unsigned char *)in,

+		     (unsigned char *)in,

+#else

     des_pcbc_encrypt((des_cblock *)in,

 		     (des_cblock *)in,

+#endif

 		     clientinlen,

 		     text->init_keysched,

 		     &text->session,

@@ -1192,8 +1197,13 @@

     }

     sout[len]=0;

+#ifdef __FreeBSD__

+    des_pcbc_encrypt((const unsigned char *)sout,

+		     (unsigned char *)sout,

+#else

     des_pcbc_encrypt((des_cblock *)sout,

 		     (des_cblock *)sout,

+#endif

 		     len,

 		     text->init_keysched,

 		     (des_cblock *)text->session,

PKG_BATCH=${BATCH:=NO}

PKG_PREFIX=${PKG_PREFIX:=/usr/local}

create_sasldb() {

	if [ ! -f ${PGK_PREFIX}/etc/sasldb.db ]; then

		touch ${PGK_PREFIX}/etc/sasldb.db

		chown cyrus:mail ${PGK_PREFIX}/etc/sasldb.db

		chmod 640 ${PGK_PREFIX}/etc/sasldb.db

	fi

}

# This should really be installed by Sendmail

sendmail_conf() {

	if [ ! -f ${PKG_PREFIX}/lib/sasl/Sendmail.conf ]; then

		echo "pwcheck_method: pwcheck" > ${PKG_PREFIX}/lib/sasl/Sendmail.conf

	fi

}

@comment remove ../etc/sasldb.db only if it exists and has a zero size.

@unexec [ -f %D/etc/sasldb.db -a ! -s %D/etc/sasldb.db ] && rm %D/etc/sasldb.db

%%NOPORTDOCS%%share/doc/SASL/Sendmail.README

@dirrm lib/sasl

#!/bin/sh

# $FreeBSD$

if [ -f ${WRKDIRPREFIX}${CURDIR}/Makefile.inc ]; then

	exit

fi

if [ "${BATCH}" ]; then

	exit

else

	/usr/bin/dialog --title "Additional pwcheck methods" --clear \

		--checklist "\n\

Please select desired options:" -1 -1 16 \

MySQL		"MySQL password Authentication" OFF \

OpenLDAP	"OpenLDAP password Authentication" OFF \

2> /tmp/checklist.tmp.$$

	retval=$?

	if [ -s /tmp/checklist.tmp.$$ ]; then

		set `cat /tmp/checklist.tmp.$$`

	fi

	rm -f /tmp/checklist.tmp.$$

	case $retval in

		0)	if [ -z "$*" ]; then

				echo "Nothing selected"

			fi

			;;

		1)	echo "Cancel pressed."

			exit 1

			;;

	esac

fi

${MKDIR} ${WRKDIRPREFIX}${CURDIR}

exec > ${WRKDIRPREFIX}${CURDIR}/Makefile.inc

echo "PREFIX=	${PREFIX}"

while [ "$1" ]; do

	case $1 in

		\"MySQL\")

			echo "LIB_DEPENDS+=	mysqlclient.6:\${PORTSDIR}/databases/mysql322-client"

			echo "CONFIGURE_ARGS+=--with-mysql=\${PREFIX}"

			;;

		\"OpenLDAP\")

			echo "LIB_DEPENDS+=	ldap.1:\${PORTSDIR}/net/openldap"

			echo "LIB_DEPENDS+=	lber.1:\${PORTSDIR}/net/openldap"

			echo "CONFIGURE_ARGS+=--with-ldap=\${PREFIX}"

			;;

		*)

			echo "Invalid option(s): $*" > /dev/stderr

			rm -f ${WRKDIRPREFIX}${CURDIR}/Makefile.inc

			exit 1

			;;

	esac

	shift

done