aboutsummaryrefslogtreecommitdiffstats
path: root/main/heimdal/APKBUILD
blob: 029f4338931cb4747d88eb8b9ff9ab7c2e8919df (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
pkgname=heimdal
pkgver=7.7.0
_ver=${pkgver/_rc/rc}
pkgrel=0
pkgdesc="An implementation of Kerberos 5"
arch="all"
url="http://www.h5l.org/"
license="BSD-3-Clause"
depends="krb5-conf"
depends_dev="openssl-dev e2fsprogs-dev db-dev"
makedepends="$depends_dev autoconf automake bash gawk libtool
	ncurses-dev perl readline-dev sqlite-dev texinfo perl-json"
install=
options="suid !check" #FIXME: FAIL: snprintf-test
subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-openrc"
source="https://github.com/heimdal/heimdal/releases/download/heimdal-$pkgver/heimdal-$pkgver.tar.gz
	heimdal-kadmind.initd
	heimdal-kdc.initd
	heimdal-kpasswdd.initd

	005_all_heimdal-suid_fix.patch
	heimdal_missing-include.patch
	CVE-2018-16860.patch
	"
builddir="$srcdir/$pkgname-$_ver"

# secfixes:
#   7.5.3-r4:
#     - CVE-2018-16860
#   7.4.0-r2:
#     - CVE-2017-17439
#   7.4.0-r0:
#     - CVE-2017-11103

prepare() {
	[ -e /usr/lib/libasn1.so ] && echo "## remove old heimdal pkg first ##" && return 1

	cd "$builddir"
	default_prepare

	sh ./autogen.sh
}

build() {
	cd "$builddir"
	export LDFLAGS="${LDFLAGS} -Wl,--as-needed"
	export LIBS="-ldb"

	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--enable-shared=yes \
		--without-x \
		--with-berkeley-db \
		--with-readline-lib=/usr/lib \
		--with-readline-include=/usr/include/readline \
		--with-sqlite3=/usr \
		--without-openssl

	# make sure we use system version
	rm -r lib/sqlite lib/com_err

	# workarount a parallell build issue
	make -C lib/asn1 der-protos.h der-private.h
	make -C lib/kadm5 kadm5-protos.h kadm5-private.h kadm5_err.h
	make -C lib/krb5 krb5-protos.h krb5-private.h krb5_err.h krb_err.h \
		heim_err.h k524_err.h
	make -C lib/hx509 hx509-private.h  hx509-protos.h
	make
}

check() {
	cd "$builddir"
	make check
}

package() {
	cd "$builddir"
	make DESTDIR="$pkgdir" exec_prefix=/usr sysconfdir=/etc \
	mandir=/usr/share/man infodir=/usr/share/info datadir=/var/lib/heimdal \
	localstatedir=/var/lib/heimdal libexecdir=/usr/sbin install


	install -m755 -D "$srcdir"/heimdal-kadmind.initd \
		"$pkgdir"/etc/init.d/heimdal-kadmind
	install -m755 -D "$srcdir"/heimdal-kdc.initd \
		"$pkgdir"/etc/init.d/heimdal-kdc
	install -m755 -D "$srcdir"/heimdal-kpasswdd.initd \
		"$pkgdir"/etc/init.d/heimdal-kpasswdd

	for i in 1 3 5 8; do
		rm -rf "$pkgdir"/usr/share/man/cat$i
	done

	# Remove conflicts
	# e2fsprogs
	rm -f "$pkgdir"/usr/bin/compile_et \
		"$pkgdir"/usr/share/man/man1/compile_et.1

	# Compress info pages
	for page in heimdal hx509; do
		gzip -9 "$pkgdir"/usr/share/info/${page}.info
	done

	# Install the license
	install -d "$pkgdir"/usr/share/licenses/$pkgname
	install -D -m644 "$srcdir"/$pkgname-$_ver/LICENSE \
		"$pkgdir"/usr/share/licenses/$pkgname/
}

libs() {
	pkgdesc="Heimdal libraries"
	replaces="heimdal"
	depends="krb5-conf"
	mkdir -p "$subpkgdir"/usr/bin "$subpkgdir"/usr/sbin
	mv "$pkgdir"/usr/lib "$subpkgdir"/usr/
	mv "$pkgdir"/usr/bin/string2key \
		"$pkgdir"/usr/bin/verify_krb5_conf \
		"$subpkgdir"/usr/bin/
	mv "$pkgdir"/usr/sbin/kdigest \
		"$pkgdir"/usr/sbin/digest-service \
		"$subpkgdir"/usr/sbin/

}

sha512sums="6660939b5a36ce36310721a08a089fb671d1e3d2e8ac74ea4775bfa5f8f772d32de805551456200fe96cc486c092c44beb84f5dd877008bc305490ee971bbf99  heimdal-7.7.0.tar.gz
0ae0fec4bdb3907d9e82e788e12ef185dd00e6db4c17f55758da5600fedd72ed1118b6b492d039f91cc54d54bf2f79f624ea38a68067e424b737b128494a4bbd  heimdal-kadmind.initd
4dca69bb1c1c6dfce8c0fc1da84855e4549be478ab09511fa5143ee61d1609fed7f3303179bc1e499b0f20445e04c41eda132dd1c5f72e2fea4fcf60a35ad2a9  heimdal-kdc.initd
abee8390632fa775e74900d09e5c72b02fe4f9616b43cc8d0a76175486ed6d4707fb3ce4d06ceb09b0e8d1384e037c3cff6525e11def0122c35c32eebd0d196f  heimdal-kpasswdd.initd
2a6b20588a86a9ea3c35209b96ef2da0b39bc3112aec1505e69a60efc9ffb9ddc1d0dbdfaf864142e9d2f81da3d2653de56d6ffa01871c20fde17e4642625c56  005_all_heimdal-suid_fix.patch
e89efdc942c512363aac1d9797c6bf622324e9200e282bc5ed680300b9e1b39a4ea20f059cdac8f22f972eb0af0e625fd41f267ebcafcfec0aaa81192aff79c1  heimdal_missing-include.patch
36738795eb3478b55790bf1927f85a421b13b6b47dcc273daeb6630c39a4e1c1258148fa0e9f004ae59a9ac89caf54cb25efedb417e852e42a2c32d02e43fd56  CVE-2018-16860.patch"