diff options
Diffstat (limited to 'main/krb5')
-rw-r--r-- | main/krb5/APKBUILD | 155 | ||||
-rw-r--r-- | main/krb5/krb5kadmind.initd | 25 | ||||
-rw-r--r-- | main/krb5/krb5kdc.initd | 24 | ||||
-rw-r--r-- | main/krb5/krb5kpropd.initd | 24 | ||||
-rw-r--r-- | main/krb5/mit-krb5-1.11_uninitialized.patch | 81 | ||||
-rw-r--r-- | main/krb5/mit-krb5_krb5-config_LDFLAGS.patch | 12 |
6 files changed, 321 insertions, 0 deletions
diff --git a/main/krb5/APKBUILD b/main/krb5/APKBUILD new file mode 100644 index 0000000000..6ce12c4db7 --- /dev/null +++ b/main/krb5/APKBUILD @@ -0,0 +1,155 @@ +# Maintainer: Natanael Copa <ncopa@alpinelinux.org> +pkgname=krb5 +pkgver=1.11 +pkgrel=2 +pkgdesc="The Kerberos network authentication system" +url="http://web.mit.edu/kerberos/www/" +arch="all" +license="MIT" +depends="" +depends_dev="e2fsprogs-dev" +makedepends="$depends_dev libverto-dev openldap-dev openssl-dev + keyutils-dev bison flex perl" +install="" +subpackages="$pkgname-dev $pkgname-doc $pkgname-server + $pkgname-server-ldap:ldap $pkgname-pkinit $pkgname-libs" +source="http://web.mit.edu/kerberos/dist/krb5/1.11/krb5-$pkgver-signed.tar + mit-krb5-1.11_uninitialized.patch + mit-krb5_krb5-config_LDFLAGS.patch + krb5kadmind.initd + krb5kdc.initd + krb5kpropd.initd + " + +_builddir="$srcdir"/krb5-$pkgver +unpack() { + default_unpack + cd "$srcdir" + tar -zxf krb5-$pkgver.tar.gz +} + + +prepare() { + local i + cd "$_builddir" + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done +} + +build() { + cd "$_builddir"/src + ./configure \ + CPPFLAGS="$CPPFLAGS -fPIC -I/usr/include/et" \ + --prefix=/usr \ + --localstatedir=/var/lib \ + --enable-shared \ + --disable-static \ + --disable-rpath \ + --with-system-et \ + --with-system-ss \ + --with-system-verto \ + --without-tcl \ + --with-ldap \ + --with-crypto-impl=openssl \ + || return 1 + make +} + +package() { + cd "$_builddir"/src + make install DESTDIR="$pkgdir" || return 1 + mkdir -p "$pkgdir"/usr/share/doc/$pkgname + mv "$pkgdir"/usr/share/examples "$pkgdir"/usr/share/doc/$pkgname/ + + for i in $source; do + case $i in + *.initd) install -Dm755 "$srcdir"/$i \ + "$pkgdir"/etc/init.d/${i%.initd};; + esac + done + cat > "$pkgdir"/etc/krb5.conf <<EOF +[logging] + default = FILE:/var/log/krb5libs.log + kdc = FILE:/var/log/krb5kdc.log + admin_server = FILE:/var/log/kadmind.log + +[libdefaults] + dns_lookup_realm = false + ticket_lifetime = 24h + renew_lifetime = 7d + forwardable = true + rdns = false +# default_realm = EXAMPLE.COM + +[realms] +# EXAMPLE.COM = { +# kdc = kerberos.example.com +# admin_server = kerberos.example.com +# } + +[domain_realm] +# .example.com = EXAMPLE.COM +# example.com = EXAMPLE.COM + +EOF +} + +server() { + pkgdesc="The KDC and related programs for Kerberos 5" + depends="libverto-libev" + mkdir -p "$subpkgdir"/usr/share \ + "$subpkgdir"/usr/bin \ + "$subpkgdir"/etc/ + install -d "$subpkgdir"/var/lib/krb5kdc || return 1 + mv "$pkgdir"/usr/sbin "$subpkgdir"/usr/ || return 1 + mv "$pkgdir"/usr/share/gnats "$subpkgdir"/usr/share/ || return 1 + mv "$pkgdir"/etc/init.d "$subpkgdir"/etc/ || return 1 + # used for testing server + mv "$pkgdir"/usr/bin/sclient "$subpkgdir"/usr/bin/ + +} + +ldap() { + pkgdesc="The LDAP storage plugin for the Kerberos 5 KDC" + mkdir -p "$subpkgdir"/usr/lib/krb5/plugins/kdb + mv "$pkgdir"/usr/lib/krb5/plugins/kdb/kldap.so \ + "$subpkgdir"/usr/lib/krb5/plugins/kdb/ || return 1 + mv "$pkgdir"/usr/lib/libkdb_ldap* \ + "$subpkgdir"/usr/lib/ +} + +pkinit() { + pkgdesc="The PKINIT module for Kerberos 5" + mkdir -p "$subpkgdir"/usr/lib/krb5/plugins/preauth + mv "$pkgdir"/usr/lib/krb5/plugins/preauth/pkinit.so \ + "$subpkgdir"/usr/lib/krb5/plugins/preauth/pkinit.so +} + +libs() { + pkgdesc="The shared libraries used by Kerberos 5" + mkdir -p "$subpkgdir"/usr/ "$subpkgdir"/etc + mv "$pkgdir"/usr/lib "$subpkgdir"/usr/ || return 1 + mv "$pkgdir"/etc/krb5.conf "$subpkgdir"/etc/ +} + +md5sums="1a13c53899806c4da99a798a04d25545 krb5-1.11-signed.tar +597cd7ab74a8113b86e3405c15ccfecb mit-krb5-1.11_uninitialized.patch +656e242de9b5ada1edf398983db51eef mit-krb5_krb5-config_LDFLAGS.patch +29906e70e15025dda8b315d8209cab4c krb5kadmind.initd +47efe7f24c98316d38ea46ad629b3517 krb5kdc.initd +3e0b8313c1e5bfb7625f35e76a5e53f1 krb5kpropd.initd" +sha256sums="fe37fb93b398db98a1b23f814673ea2ae4b90138f85e1a4027ef639456a78651 krb5-1.11-signed.tar +81a0d432b6d1686587b25b6ce70f0b8558e0c693da4c63b9de881962ae01c043 mit-krb5-1.11_uninitialized.patch +9ebfc38cc167bbf451105807512845cd961f839d64b7e2904a6c4e722e41fe2b mit-krb5_krb5-config_LDFLAGS.patch +c7a1ec03472996daaaaf1a4703566113c80f72ee8605d247098a25a13dad1f5f krb5kadmind.initd +709309dea043aa306c2fcf0960e0993a6db540c220de64cf92d6b85f1cca23c5 krb5kdc.initd +86b15d691e32b331ac756ee368b7364de6ab238dcae5adfed2a00b57d1b64ef4 krb5kpropd.initd" +sha512sums="ee6194d3d504c3d40cb025b9988dcdcabbfdcf5de4711c3475f9ac1d4178095fe2114691c0f212c21d2b99d771ecc42cdd14bd18e7c987681c0092e6ce46068f krb5-1.11-signed.tar +4d2ea5189971df13bf874d29bcf89fa3bfeb1d25b3bd9245ee7c88f5c4834e950c5978ce13df3b8fc05f98dd7d5510dad43af0440436958fa23f9e1a51f60f76 mit-krb5-1.11_uninitialized.patch +8118518e359cb5e69e3321b7438b200d5d74ceeac16b4623bf4e4bfb4ead6c656de6fa153f9bcc454097b45a512bc8cd0798b1f062a2c4a09f75253b204a7a17 mit-krb5_krb5-config_LDFLAGS.patch +561af06b4e0f0e130dda345ad934bcdb9984ec00cc38d871df1d3bb3f9e1c7d86f06db5b03229707c88b96ad324e3a2222420f8494aa431002cacea0246b1153 krb5kadmind.initd +d6d0076886ce284fc395fafc2dc253b4b3ee97b2986dea51388d96a1e1294680fb171f475efc7844559e2c6aac44b26678a9255921db9a58dcf2e7164f0aeec5 krb5kdc.initd +f97d33fa977c132a470d95fd539d8e8db018e03f28dbc9d3e04faf78ebb7392196e7d5135f138c2390979bf37b3ae0265e6827f0c17b44b277eb2dfff0a96f77 krb5kpropd.initd" diff --git a/main/krb5/krb5kadmind.initd b/main/krb5/krb5kadmind.initd new file mode 100644 index 0000000000..a1cdfef822 --- /dev/null +++ b/main/krb5/krb5kadmind.initd @@ -0,0 +1,25 @@ +#!/sbin/runscript + +#--------------------------------------------------------------------------- +# This script starts/stops the MIT Kerberos 5 Admin daemon +#--------------------------------------------------------------------------- + +daemon="MIT Kerberos 5 Admin daemon" +exec="/usr/sbin/kadmind" + +depend() { + need krb5kdc + use net +} + +start() { + ebegin "Starting $daemon" + start-stop-daemon --start --quiet --exec ${exec} 1>&2 + eend $? "Error starting $daemon" +} + +stop() { + ebegin "Stopping $daemon" + start-stop-daemon --stop --quiet --exec ${exec} 1>&2 + eend $? "Error stopping $daemon" +} diff --git a/main/krb5/krb5kdc.initd b/main/krb5/krb5kdc.initd new file mode 100644 index 0000000000..94f1f79379 --- /dev/null +++ b/main/krb5/krb5kdc.initd @@ -0,0 +1,24 @@ +#!/sbin/runscript + +#--------------------------------------------------------------------------- +# This script starts/stops the MIT Kerberos 5 KDC +#--------------------------------------------------------------------------- + +daemon="MIT Kerberos 5 KDC" +exec="/usr/sbin/krb5kdc" + +depend() { + use net +} + +start() { + ebegin "Starting $daemon" + start-stop-daemon --start --quiet --exec ${exec} 1>&2 + eend $? "Error starting $daemon" +} + +stop() { + ebegin "Stopping $daemon" + start-stop-daemon --stop --quiet --exec ${exec} 1>&2 + eend $? "Error stopping $daemon" +} diff --git a/main/krb5/krb5kpropd.initd b/main/krb5/krb5kpropd.initd new file mode 100644 index 0000000000..8b4b82975e --- /dev/null +++ b/main/krb5/krb5kpropd.initd @@ -0,0 +1,24 @@ +#!/sbin/runscript + +#--------------------------------------------------------------------------- +# This script starts/stops the MIT Kerberos 5 kpropd +#--------------------------------------------------------------------------- + +daemon="MIT Kerberos 5 kpropd" +exec="/usr/sbin/kpropd" + +depend() { + use net krb5kdc krb5kadmind +} + +start() { + ebegin "Starting $daemon" + start-stop-daemon --start --quiet --exec ${exec} -- -S 1>&2 + eend $? "Error starting $daemon" +} + +stop() { + ebegin "Stopping $daemon" + start-stop-daemon --stop --quiet --exec ${exec} 1>&2 + eend $? "Error stopping $daemon" +} diff --git a/main/krb5/mit-krb5-1.11_uninitialized.patch b/main/krb5/mit-krb5-1.11_uninitialized.patch new file mode 100644 index 0000000000..a32d01d51f --- /dev/null +++ b/main/krb5/mit-krb5-1.11_uninitialized.patch @@ -0,0 +1,81 @@ +--- a/src/slave/kprop.c ++++ b/src/slave/kprop.c +@@ -91,7 +91,7 @@ main(argc, argv) + int argc; + char **argv; + { +- int fd, database_fd, database_size; ++ int fd = -1, database_fd, database_size; + krb5_error_code retval; + krb5_context context; + krb5_creds *my_creds; +--- a/src/kadmin/ktutil/ktutil_funcs.c ++++ b/src/kadmin/ktutil/ktutil_funcs.c +@@ -64,7 +64,7 @@ + krb5_kt_list *list; + int idx; + { +- krb5_kt_list lp, prev; ++ krb5_kt_list lp, prev = NULL; + int i; + + for (lp = *list, i = 1; lp; prev = lp, lp = lp->next, i++) { +--- a/src/lib/kadm5/alt_prof.c ++++ b/src/lib/kadm5/alt_prof.c +@@ -164,7 +164,7 @@ + char **values; + char *valp; + int idx; +- krb5_boolean val; ++ krb5_boolean val = 0; + + kret = krb5_aprof_getvals (acontext, hierarchy, &values); + if (kret) +--- a/src/lib/krb5/unicode/ucstr.c ++++ b/src/lib/krb5/unicode/ucstr.c +@@ -109,7 +109,7 @@ + krb5_data ** newdataptr, + unsigned flags) + { +- int i, j, len, clen, outpos, ucsoutlen, outsize; ++ int i, j, len, clen, outpos = 0, ucsoutlen, outsize; + char *out = NULL, *outtmp, *s; + krb5_ucs4 *ucs = NULL, *p, *ucsout = NULL; + krb5_data *newdata; +diff --git a/src/util/profile/prof_init.c b/src/util/profile/prof_init.c +index 7dc5b47..cd90db8 100644 +--- a/src/util/profile/prof_init.c ++++ b/src/util/profile/prof_init.c +@@ -255,7 +255,7 @@ copy_vtable_profile(profile_t profile, profile_t *ret_new_profile) + { + errcode_t err; + void *cbdata; +- profile_t new_profile; ++ profile_t new_profile = NULL; + + *ret_new_profile = NULL; + +--- a/src/lib/krb5/krb/preauth2.c 2012-12-24 12:39:18.432678497 +0100 ++++ b/src/lib/krb5/krb/preauth2.c 2012-12-24 12:50:49.444099126 +0100 +@@ -956,7 +956,7 @@ + size_t i, h; + int out_pa_list_size = 0; + krb5_pa_data **out_pa_list = NULL; +- krb5_error_code ret, module_ret; ++ krb5_error_code ret, module_ret = 0; + krb5_responder_fn responder = opte->opt_private->responder; + static const int paorder[] = { PA_INFO, PA_REAL }; + +--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c.orig 2013-02-15 14:38:43.742293824 +0000 ++++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 2013-02-15 14:41:06.806870075 +0000 +@@ -1359,8 +1359,8 @@ + goto cleanup; + + for (i=0; bvalues[i] != NULL; ++i) { +- krb5_int16 n_kd; +- krb5_key_data *kd; ++ krb5_int16 n_kd = 0; ++ krb5_key_data *kd = NULL; + krb5_data in; + + if (bvalues[i]->bv_len == 0) diff --git a/main/krb5/mit-krb5_krb5-config_LDFLAGS.patch b/main/krb5/mit-krb5_krb5-config_LDFLAGS.patch new file mode 100644 index 0000000000..0b300cb44a --- /dev/null +++ b/main/krb5/mit-krb5_krb5-config_LDFLAGS.patch @@ -0,0 +1,12 @@ +Bug #448778 +--- krb5-1.11/src/krb5-config.in 2012-12-18 02:47:04.000000000 +0000 ++++ krb5-1.11/src/krb5-config.in 2012-12-28 07:13:16.582693363 +0000 +@@ -217,7 +217,7 @@ + -e 's#\$(PROG_RPATH)#'$libdir'#' \ + -e 's#\$(PROG_LIBPATH)#'$libdirarg'#' \ + -e 's#\$(RPATH_FLAG)#'"$RPATH_FLAG"'#' \ +- -e 's#\$(LDFLAGS)#'"$LDFLAGS"'#' \ ++ -e 's#\$(LDFLAGS)##' \ + -e 's#\$(PTHREAD_CFLAGS)#'"$PTHREAD_CFLAGS"'#' \ + -e 's#\$(CFLAGS)##'` + |