# Maintainer: Natanael Copa pkgname=krb5 pkgver=1.12.4 pkgrel=2 pkgdesc="The Kerberos network authentication system" url="http://web.mit.edu/kerberos/www/" arch="all" license="MIT" depends="krb5-conf" depends_dev="e2fsprogs-dev" makedepends="$depends_dev libverto-dev openldap-dev openssl-dev keyutils-dev bison flex perl" install="" subpackages="$pkgname-dev $pkgname-doc $pkgname-server $pkgname-server-ldap:ldap $pkgname-pkinit $pkgname-libs" source="http://web.mit.edu/kerberos/dist/krb5/${pkgver%.*}/krb5-$pkgver-signed.tar mit-krb5_krb5-config_LDFLAGS.patch fix-includes.patch CVE-2014-5351.patch CVE-2015-2695.patch CVE-2015-2696.patch CVE-2015-2697.patch Fix-two-IAKERB-comments.patch CVE-2015-2698.patch Fix-SPNEGO-context-import.patch CVE-2015-8629.patch CVE-2015-8630.patch CVE-2015-8631.patch CVE-2016-3119.patch krb5kadmind.initd krb5kdc.initd krb5kpropd.initd " _builddir="$srcdir"/krb5-$pkgver unpack() { default_unpack cd "$srcdir" tar -zxf krb5-$pkgver.tar.gz } prepare() { local i cd "$_builddir" for i in $source; do case $i in *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; esac done } build() { cd "$_builddir"/src ./configure \ CPPFLAGS="$CPPFLAGS -fPIC -I/usr/include/et" \ WARN_CFLAGS= \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --localstatedir=/var/lib \ --enable-shared \ --disable-static \ --disable-rpath \ --with-system-et \ --with-system-ss \ --with-system-verto \ --without-tcl \ --with-ldap \ --with-crypto-impl=openssl \ || return 1 make } package() { cd "$_builddir"/src make install DESTDIR="$pkgdir" || return 1 mkdir -p "$pkgdir"/usr/share/doc/$pkgname mv "$pkgdir"/usr/share/examples "$pkgdir"/usr/share/doc/$pkgname/ for i in $source; do case $i in *.initd) install -Dm755 "$srcdir"/$i \ "$pkgdir"/etc/init.d/${i%.initd};; esac done } server() { pkgdesc="The KDC and related programs for Kerberos 5" depends="libverto-libev" mkdir -p "$subpkgdir"/usr/share \ "$subpkgdir"/usr/bin \ "$subpkgdir"/etc/ install -d "$subpkgdir"/var/lib/krb5kdc || return 1 mv "$pkgdir"/usr/sbin "$subpkgdir"/usr/ || return 1 mv "$pkgdir"/usr/share/gnats "$subpkgdir"/usr/share/ || return 1 mv "$pkgdir"/etc/init.d "$subpkgdir"/etc/ || return 1 # used for testing server mv "$pkgdir"/usr/bin/sclient "$subpkgdir"/usr/bin/ } ldap() { pkgdesc="The LDAP storage plugin for the Kerberos 5 KDC" mkdir -p "$subpkgdir"/usr/lib/krb5/plugins/kdb mv "$pkgdir"/usr/lib/krb5/plugins/kdb/kldap.so \ "$subpkgdir"/usr/lib/krb5/plugins/kdb/ || return 1 mv "$pkgdir"/usr/lib/libkdb_ldap* \ "$subpkgdir"/usr/lib/ } pkinit() { pkgdesc="The PKINIT module for Kerberos 5" mkdir -p "$subpkgdir"/usr/lib/krb5/plugins/preauth mv "$pkgdir"/usr/lib/krb5/plugins/preauth/pkinit.so \ "$subpkgdir"/usr/lib/krb5/plugins/preauth/pkinit.so } libs() { pkgdesc="The shared libraries used by Kerberos 5" depends="krb5-conf" mkdir -p "$subpkgdir"/usr/ mv "$pkgdir"/usr/lib "$subpkgdir"/usr/ || return 1 } md5sums="7421b62fea6d86788ed483c3e9762c64 krb5-1.12.4-signed.tar c84a0c7d8014e3528524956ffdd1c3e9 mit-krb5_krb5-config_LDFLAGS.patch 2ad9ee0493e4bc376e317d9f76202c75 fix-includes.patch 3d1c85c3abce2e351991c4aa8643df98 CVE-2014-5351.patch ca73fdd31a2d5c38993afbed909b5417 CVE-2015-2695.patch dc4c2a99b5b8a9bf7b306d614134c267 CVE-2015-2696.patch a2369d91ccef67f093af594d941ebc11 CVE-2015-2697.patch 64fda4ee2a108258f23ecd7a592234a6 Fix-two-IAKERB-comments.patch c071b4321118cd0ca262de0af87262ab CVE-2015-2698.patch fc1b1bab6d738ec9b21481958d203ea7 Fix-SPNEGO-context-import.patch 51bfc721a58e4dd28ebcf2f600ff3455 CVE-2015-8629.patch f8b6f512f94dcad5bfdc1250beaf2d11 CVE-2015-8630.patch 380b86bdaa1303a6bc7b0cc3672c3e43 CVE-2015-8631.patch 4c1026deb45e9d6f2daf70198806908b CVE-2016-3119.patch 29906e70e15025dda8b315d8209cab4c krb5kadmind.initd 47efe7f24c98316d38ea46ad629b3517 krb5kdc.initd 3e0b8313c1e5bfb7625f35e76a5e53f1 krb5kpropd.initd" sha256sums="b95d029e4b376332b3517bad49becdd48503f82a7ac24e5f284a00aa091dd0d9 krb5-1.12.4-signed.tar 84007c7423f67db7a8b248b9643c49ef25f2d56ce15c2574eb41ecbf51bcd3f2 mit-krb5_krb5-config_LDFLAGS.patch 2eaa327bb57408558ed20279b0ba8078c826210c861af0c83a0c22d26c9b1b3a fix-includes.patch a01613ffcae97263bef3933645176a927c1cc5f676abd9da2ff9e44a5c1493bf CVE-2014-5351.patch b83dd0714f1ab164f6eb50d173bec25bb851c739ed5b1c38b35e7a1910cff25b CVE-2015-2695.patch add426d86d31c57dc8e1c1d9043f61c21f2e532e728d1d9c703b2616bf246d7c CVE-2015-2696.patch e1d3d6a0dfede9d5a4af83d51c4f5fad13e917e4cb58672ff0ee3e8f34fe0379 CVE-2015-2697.patch da0cea010734fa4234ee88d689107349f38767dafe8702075dbf064e5fc1fb46 Fix-two-IAKERB-comments.patch f0a15e9805f4d33e6dfa6985aba5fa89727a7be9eb0344bea88a3151999229a5 CVE-2015-2698.patch 704e47cb9d1d7ab98951f2e56d12b37ca7269bbcb77a642dea3a77d8259b4301 Fix-SPNEGO-context-import.patch 6c462dfa8202be953d3b9dc2acecb94b3576663caf7a1ceb1275b1dcb6b11171 CVE-2015-8629.patch d87154deff5284b1a22d0c31de1b3c6276e4c2a94d7951b3cb31ed1b2ef405da CVE-2015-8630.patch 7c1860aeba4b0712b1fd0b46ed6acc882f36a5b5b7cbcaa8e496baca65bc881a CVE-2015-8631.patch 77b1fc7ce4ba5fd6360204e023a8984799b38252d60bac9d988011067b851f78 CVE-2016-3119.patch c7a1ec03472996daaaaf1a4703566113c80f72ee8605d247098a25a13dad1f5f krb5kadmind.initd 709309dea043aa306c2fcf0960e0993a6db540c220de64cf92d6b85f1cca23c5 krb5kdc.initd 86b15d691e32b331ac756ee368b7364de6ab238dcae5adfed2a00b57d1b64ef4 krb5kpropd.initd" sha512sums="224e9a79cd9dc2b7f1fb19472cce2e6118d402eb4d5378ad88d26bdedd244ea4f3aee40ea1770a308f21b09f2dc5b384ecb1f93327e5b59da09fcf569d378deb krb5-1.12.4-signed.tar 5a3782ff17b383f8cd0415fd13538ab56afd788130d6ad640e9f2682b7deaae7f25713ce358058ed771091040dccf62a3bc87e6fd473d505ec189a95debcc801 mit-krb5_krb5-config_LDFLAGS.patch aa33bcd481f85f7456fe9cfaa3842d86a08d8cdc9c30523f7524586d706e9ad905c63f1514173a209a2fc1071443a5c23d530b0960d0d5e0a6c32133fb7a0e9a fix-includes.patch 7d3d26787d2053f444c0054d0f1db2f93ce99a2b2d2926168f19f39fd4b74d67052c9bb5183f2d9621377f52f93dde8d6307e1a86374ca156adbdfec53b9eb33 CVE-2014-5351.patch 4e1499d799bed90b2857d24de29ea3bb7500b514a86c2a8f4596fb80f97f01445b7dd9d0cb19c1cfb1f03f5c6a8e2a2149a6278c720933181db8e188063dcc6a CVE-2015-2695.patch d27e836a3e8a1ca6b711c0ce4f9f68cbd42d888cb9dcaf2dcb78fdc9ca7652865c124e14c7026b4e94a722a314a0c30f732cc00344973ee5a180f11901347ed1 CVE-2015-2696.patch 5f6a630b566c9f0cb02528fca3a789547e294acf5f3435eb62b79411187e4fcaaa58b81eff34e8ac6cbca3dacb076bd626a31687c04936b35bf7ab3e35965a31 CVE-2015-2697.patch 25be730f6f7457c15e5ebb4862cac87e7aa34807dbbba4054f7909d3f4e471d381f2f6867db5cabcaea2ae4d9a3ca0c6f661e3771f0388a4f8b7720e57d7eee8 Fix-two-IAKERB-comments.patch beda374243c5db14f2de5c988443c9b3f4f03dd69e5ac5127851010b52f4d76ed43489f721f04d5443629dfdb2ec2e45b3c87e00b4dcb1ced7594d9864c01544 CVE-2015-2698.patch 10cd8c4ccc54510db44462860410b7177a3cd6fd245ccbf35b3e8637370fc3f3f88028bbd0055452134816e805330352a627369bd17eafc16418ad8d88feacde Fix-SPNEGO-context-import.patch a4791794fc8cd675605ed0f9d39b099b2e83713c7038648529906490c36b1e92739f05ba6f5a1be9923459a01b45ffb04129e23313873fea2fd41c45f7f42f90 CVE-2015-8629.patch c91415ff810ea1b3d8ba80d005bc40bb3595be4b7610b69d6c8c97bdcb290c1eb400997ccb091863d558bfb8a4cbb8f00557a690f60c0ada700ba76194960b0a CVE-2015-8630.patch 59b70cf6aa3f462fe8dab0f02e7f649f9615c5e40ad43517a9b9febd2c5d87b0d38f3e620ad6dd006c9ecbc9a4bbcab39655e518c6d37fbe74f40a888545ae79 CVE-2015-8631.patch 0c2bdab9b93e48c3f2c06dbd3196bc1e5aad7b9b969c1b43e1147d8885d78206854900a78d32f4a5813bc0e3297e6bfec344f2878025c02be94d9675f04e8268 CVE-2016-3119.patch 561af06b4e0f0e130dda345ad934bcdb9984ec00cc38d871df1d3bb3f9e1c7d86f06db5b03229707c88b96ad324e3a2222420f8494aa431002cacea0246b1153 krb5kadmind.initd d6d0076886ce284fc395fafc2dc253b4b3ee97b2986dea51388d96a1e1294680fb171f475efc7844559e2c6aac44b26678a9255921db9a58dcf2e7164f0aeec5 krb5kdc.initd f97d33fa977c132a470d95fd539d8e8db018e03f28dbc9d3e04faf78ebb7392196e7d5135f138c2390979bf37b3ae0265e6827f0c17b44b277eb2dfff0a96f77 krb5kpropd.initd"