blob: 029f4338931cb4747d88eb8b9ff9ab7c2e8919df (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
pkgname=heimdal
pkgver=7.7.0
_ver=${pkgver/_rc/rc}
pkgrel=0
pkgdesc="An implementation of Kerberos 5"
arch="all"
url="http://www.h5l.org/"
license="BSD-3-Clause"
depends="krb5-conf"
depends_dev="openssl-dev e2fsprogs-dev db-dev"
makedepends="$depends_dev autoconf automake bash gawk libtool
ncurses-dev perl readline-dev sqlite-dev texinfo perl-json"
install=
options="suid !check" #FIXME: FAIL: snprintf-test
subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-openrc"
source="https://github.com/heimdal/heimdal/releases/download/heimdal-$pkgver/heimdal-$pkgver.tar.gz
heimdal-kadmind.initd
heimdal-kdc.initd
heimdal-kpasswdd.initd
005_all_heimdal-suid_fix.patch
heimdal_missing-include.patch
CVE-2018-16860.patch
"
builddir="$srcdir/$pkgname-$_ver"
# secfixes:
# 7.5.3-r4:
# - CVE-2018-16860
# 7.4.0-r2:
# - CVE-2017-17439
# 7.4.0-r0:
# - CVE-2017-11103
prepare() {
[ -e /usr/lib/libasn1.so ] && echo "## remove old heimdal pkg first ##" && return 1
cd "$builddir"
default_prepare
sh ./autogen.sh
}
build() {
cd "$builddir"
export LDFLAGS="${LDFLAGS} -Wl,--as-needed"
export LIBS="-ldb"
./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--enable-shared=yes \
--without-x \
--with-berkeley-db \
--with-readline-lib=/usr/lib \
--with-readline-include=/usr/include/readline \
--with-sqlite3=/usr \
--without-openssl
# make sure we use system version
rm -r lib/sqlite lib/com_err
# workarount a parallell build issue
make -C lib/asn1 der-protos.h der-private.h
make -C lib/kadm5 kadm5-protos.h kadm5-private.h kadm5_err.h
make -C lib/krb5 krb5-protos.h krb5-private.h krb5_err.h krb_err.h \
heim_err.h k524_err.h
make -C lib/hx509 hx509-private.h hx509-protos.h
make
}
check() {
cd "$builddir"
make check
}
package() {
cd "$builddir"
make DESTDIR="$pkgdir" exec_prefix=/usr sysconfdir=/etc \
mandir=/usr/share/man infodir=/usr/share/info datadir=/var/lib/heimdal \
localstatedir=/var/lib/heimdal libexecdir=/usr/sbin install
install -m755 -D "$srcdir"/heimdal-kadmind.initd \
"$pkgdir"/etc/init.d/heimdal-kadmind
install -m755 -D "$srcdir"/heimdal-kdc.initd \
"$pkgdir"/etc/init.d/heimdal-kdc
install -m755 -D "$srcdir"/heimdal-kpasswdd.initd \
"$pkgdir"/etc/init.d/heimdal-kpasswdd
for i in 1 3 5 8; do
rm -rf "$pkgdir"/usr/share/man/cat$i
done
# Remove conflicts
# e2fsprogs
rm -f "$pkgdir"/usr/bin/compile_et \
"$pkgdir"/usr/share/man/man1/compile_et.1
# Compress info pages
for page in heimdal hx509; do
gzip -9 "$pkgdir"/usr/share/info/${page}.info
done
# Install the license
install -d "$pkgdir"/usr/share/licenses/$pkgname
install -D -m644 "$srcdir"/$pkgname-$_ver/LICENSE \
"$pkgdir"/usr/share/licenses/$pkgname/
}
libs() {
pkgdesc="Heimdal libraries"
replaces="heimdal"
depends="krb5-conf"
mkdir -p "$subpkgdir"/usr/bin "$subpkgdir"/usr/sbin
mv "$pkgdir"/usr/lib "$subpkgdir"/usr/
mv "$pkgdir"/usr/bin/string2key \
"$pkgdir"/usr/bin/verify_krb5_conf \
"$subpkgdir"/usr/bin/
mv "$pkgdir"/usr/sbin/kdigest \
"$pkgdir"/usr/sbin/digest-service \
"$subpkgdir"/usr/sbin/
}
sha512sums="6660939b5a36ce36310721a08a089fb671d1e3d2e8ac74ea4775bfa5f8f772d32de805551456200fe96cc486c092c44beb84f5dd877008bc305490ee971bbf99 heimdal-7.7.0.tar.gz
0ae0fec4bdb3907d9e82e788e12ef185dd00e6db4c17f55758da5600fedd72ed1118b6b492d039f91cc54d54bf2f79f624ea38a68067e424b737b128494a4bbd heimdal-kadmind.initd
4dca69bb1c1c6dfce8c0fc1da84855e4549be478ab09511fa5143ee61d1609fed7f3303179bc1e499b0f20445e04c41eda132dd1c5f72e2fea4fcf60a35ad2a9 heimdal-kdc.initd
abee8390632fa775e74900d09e5c72b02fe4f9616b43cc8d0a76175486ed6d4707fb3ce4d06ceb09b0e8d1384e037c3cff6525e11def0122c35c32eebd0d196f heimdal-kpasswdd.initd
2a6b20588a86a9ea3c35209b96ef2da0b39bc3112aec1505e69a60efc9ffb9ddc1d0dbdfaf864142e9d2f81da3d2653de56d6ffa01871c20fde17e4642625c56 005_all_heimdal-suid_fix.patch
e89efdc942c512363aac1d9797c6bf622324e9200e282bc5ed680300b9e1b39a4ea20f059cdac8f22f972eb0af0e625fd41f267ebcafcfec0aaa81192aff79c1 heimdal_missing-include.patch
36738795eb3478b55790bf1927f85a421b13b6b47dcc273daeb6630c39a4e1c1258148fa0e9f004ae59a9ac89caf54cb25efedb417e852e42a2c32d02e43fd56 CVE-2018-16860.patch"
|