# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=sudo
pkgver=1.8.27
if [ "${pkgver%_*}" != "$pkgver" ]; then
	_realver=${pkgver%_*}${pkgver#*_}
else
	_realver=$pkgver
fi
pkgrel=2
pkgdesc="Give certain users the ability to run some commands as root"
url="https://www.sudo.ws/sudo/"
arch="all"
license="custom ISC"
makedepends="zlib-dev bash mdocml"
depends=
subpackages="$pkgname-doc $pkgname-dev"
source="https://www.sudo.ws/dist/sudo-${_realver}.tar.gz
	fix-cross-compile.patch
	fix-tests.patch
	libcrypt.patch
	sudo-cvtsudoers.patch
	CVE-2019-14287.patch
	CVE-2019-18634.patch
	"
options="suid"

# secfixes:
#   1.8.27-r2:
#   - CVE-2019-18634
#   1.8.27-r1:
#   - CVE-2019-14287
#   1.8.20_p2-r0:
#   - CVE-2017-1000368

builddir="$srcdir"/$pkgname-$_realver
build() {
	cd "$builddir"
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--libexecdir=/usr/lib \
		--mandir=/usr/share/man \
		--disable-nls \
		--enable-pie \
		--with-env-editor \
		--with-mdoc \
		--without-pam \
		--without-skey \
		--with-passprompt="[sudo] password for %p: "
	make
}

check() {
	cd "$builddir"

	make check
}

package() {
	cd "$builddir"
	# the sudo's mkinstalldir script miscreates the leading
	# path components with bad permissions. fix this.
	install -d -m0755 "$pkgdir"/var "$pkgdir"/var/db
	make -j1 DESTDIR="$pkgdir" install
	rm -rf "$pkgdir"/var/run
}

sha512sums="0480def650ab880ab9e6c51c606a06897fd638f0381e99c038f5aa47d064aaa2fb35b73eee7f86e73185e18d5dbb8b6ba49c616b1785a1edb2dd6d7b2fa4fcac  sudo-1.8.27.tar.gz
f0f462f40502da2194310fe4a72ec1a16ba40f95a821ba9aa6aabaa423d28c4ab26b684afa7fb81c2407cf60de9327bdab01de51b878c5d4de49b0d62645f53c  fix-cross-compile.patch
b2d7816d334826545420c578114e5af361ced65c00e5bfc2e0b16f3c9325aa9d2b902defeebb181da3cf7bc6aba3a59a496293d2f11d83c9793f11138ba50343  fix-tests.patch
0fa06d13d202ee5ab58596413a7498b3e9b6925e87385bb876f5e0b29b22010a84918686a5974de87392ab18158e883da343fe6a14448a4e273eaa1bb81f5995  libcrypt.patch
a4a219c16cd353b54f69b74ce7383b90f89745351776bd91bfccb63a2211fa84177719634d4e7e753cf22a8b175d797a474416ffac66d4aee31d3b8e28bfabd1  sudo-cvtsudoers.patch
bad0eda3a7473e4b13d2d9744c41d37bd1c2f4a50491e7e6c6e2cdb67f98eea5d595ead70ab7ac93444d41d1c9f65d83e67f905614869b9df0bd59365fefae1f  CVE-2019-14287.patch
2e701aecd05f2a9b77e77f43e91d748794661dabfc7a0826bea41a9668220a1889f273568b67632829df7dba66ad3d2e0e73513ca59753c1c8e64967f0e705f8  CVE-2019-18634.patch"