aboutsummaryrefslogtreecommitdiffstats
path: root/main/krb5
diff options
context:
space:
mode:
Diffstat (limited to 'main/krb5')
-rw-r--r--main/krb5/APKBUILD155
-rw-r--r--main/krb5/krb5kadmind.initd25
-rw-r--r--main/krb5/krb5kdc.initd24
-rw-r--r--main/krb5/krb5kpropd.initd24
-rw-r--r--main/krb5/mit-krb5-1.11_uninitialized.patch81
-rw-r--r--main/krb5/mit-krb5_krb5-config_LDFLAGS.patch12
6 files changed, 321 insertions, 0 deletions
diff --git a/main/krb5/APKBUILD b/main/krb5/APKBUILD
new file mode 100644
index 0000000000..6ce12c4db7
--- /dev/null
+++ b/main/krb5/APKBUILD
@@ -0,0 +1,155 @@
+# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
+pkgname=krb5
+pkgver=1.11
+pkgrel=2
+pkgdesc="The Kerberos network authentication system"
+url="http://web.mit.edu/kerberos/www/"
+arch="all"
+license="MIT"
+depends=""
+depends_dev="e2fsprogs-dev"
+makedepends="$depends_dev libverto-dev openldap-dev openssl-dev
+ keyutils-dev bison flex perl"
+install=""
+subpackages="$pkgname-dev $pkgname-doc $pkgname-server
+ $pkgname-server-ldap:ldap $pkgname-pkinit $pkgname-libs"
+source="http://web.mit.edu/kerberos/dist/krb5/1.11/krb5-$pkgver-signed.tar
+ mit-krb5-1.11_uninitialized.patch
+ mit-krb5_krb5-config_LDFLAGS.patch
+ krb5kadmind.initd
+ krb5kdc.initd
+ krb5kpropd.initd
+ "
+
+_builddir="$srcdir"/krb5-$pkgver
+unpack() {
+ default_unpack
+ cd "$srcdir"
+ tar -zxf krb5-$pkgver.tar.gz
+}
+
+
+prepare() {
+ local i
+ cd "$_builddir"
+ for i in $source; do
+ case $i in
+ *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+ esac
+ done
+}
+
+build() {
+ cd "$_builddir"/src
+ ./configure \
+ CPPFLAGS="$CPPFLAGS -fPIC -I/usr/include/et" \
+ --prefix=/usr \
+ --localstatedir=/var/lib \
+ --enable-shared \
+ --disable-static \
+ --disable-rpath \
+ --with-system-et \
+ --with-system-ss \
+ --with-system-verto \
+ --without-tcl \
+ --with-ldap \
+ --with-crypto-impl=openssl \
+ || return 1
+ make
+}
+
+package() {
+ cd "$_builddir"/src
+ make install DESTDIR="$pkgdir" || return 1
+ mkdir -p "$pkgdir"/usr/share/doc/$pkgname
+ mv "$pkgdir"/usr/share/examples "$pkgdir"/usr/share/doc/$pkgname/
+
+ for i in $source; do
+ case $i in
+ *.initd) install -Dm755 "$srcdir"/$i \
+ "$pkgdir"/etc/init.d/${i%.initd};;
+ esac
+ done
+ cat > "$pkgdir"/etc/krb5.conf <<EOF
+[logging]
+ default = FILE:/var/log/krb5libs.log
+ kdc = FILE:/var/log/krb5kdc.log
+ admin_server = FILE:/var/log/kadmind.log
+
+[libdefaults]
+ dns_lookup_realm = false
+ ticket_lifetime = 24h
+ renew_lifetime = 7d
+ forwardable = true
+ rdns = false
+# default_realm = EXAMPLE.COM
+
+[realms]
+# EXAMPLE.COM = {
+# kdc = kerberos.example.com
+# admin_server = kerberos.example.com
+# }
+
+[domain_realm]
+# .example.com = EXAMPLE.COM
+# example.com = EXAMPLE.COM
+
+EOF
+}
+
+server() {
+ pkgdesc="The KDC and related programs for Kerberos 5"
+ depends="libverto-libev"
+ mkdir -p "$subpkgdir"/usr/share \
+ "$subpkgdir"/usr/bin \
+ "$subpkgdir"/etc/
+ install -d "$subpkgdir"/var/lib/krb5kdc || return 1
+ mv "$pkgdir"/usr/sbin "$subpkgdir"/usr/ || return 1
+ mv "$pkgdir"/usr/share/gnats "$subpkgdir"/usr/share/ || return 1
+ mv "$pkgdir"/etc/init.d "$subpkgdir"/etc/ || return 1
+ # used for testing server
+ mv "$pkgdir"/usr/bin/sclient "$subpkgdir"/usr/bin/
+
+}
+
+ldap() {
+ pkgdesc="The LDAP storage plugin for the Kerberos 5 KDC"
+ mkdir -p "$subpkgdir"/usr/lib/krb5/plugins/kdb
+ mv "$pkgdir"/usr/lib/krb5/plugins/kdb/kldap.so \
+ "$subpkgdir"/usr/lib/krb5/plugins/kdb/ || return 1
+ mv "$pkgdir"/usr/lib/libkdb_ldap* \
+ "$subpkgdir"/usr/lib/
+}
+
+pkinit() {
+ pkgdesc="The PKINIT module for Kerberos 5"
+ mkdir -p "$subpkgdir"/usr/lib/krb5/plugins/preauth
+ mv "$pkgdir"/usr/lib/krb5/plugins/preauth/pkinit.so \
+ "$subpkgdir"/usr/lib/krb5/plugins/preauth/pkinit.so
+}
+
+libs() {
+ pkgdesc="The shared libraries used by Kerberos 5"
+ mkdir -p "$subpkgdir"/usr/ "$subpkgdir"/etc
+ mv "$pkgdir"/usr/lib "$subpkgdir"/usr/ || return 1
+ mv "$pkgdir"/etc/krb5.conf "$subpkgdir"/etc/
+}
+
+md5sums="1a13c53899806c4da99a798a04d25545 krb5-1.11-signed.tar
+597cd7ab74a8113b86e3405c15ccfecb mit-krb5-1.11_uninitialized.patch
+656e242de9b5ada1edf398983db51eef mit-krb5_krb5-config_LDFLAGS.patch
+29906e70e15025dda8b315d8209cab4c krb5kadmind.initd
+47efe7f24c98316d38ea46ad629b3517 krb5kdc.initd
+3e0b8313c1e5bfb7625f35e76a5e53f1 krb5kpropd.initd"
+sha256sums="fe37fb93b398db98a1b23f814673ea2ae4b90138f85e1a4027ef639456a78651 krb5-1.11-signed.tar
+81a0d432b6d1686587b25b6ce70f0b8558e0c693da4c63b9de881962ae01c043 mit-krb5-1.11_uninitialized.patch
+9ebfc38cc167bbf451105807512845cd961f839d64b7e2904a6c4e722e41fe2b mit-krb5_krb5-config_LDFLAGS.patch
+c7a1ec03472996daaaaf1a4703566113c80f72ee8605d247098a25a13dad1f5f krb5kadmind.initd
+709309dea043aa306c2fcf0960e0993a6db540c220de64cf92d6b85f1cca23c5 krb5kdc.initd
+86b15d691e32b331ac756ee368b7364de6ab238dcae5adfed2a00b57d1b64ef4 krb5kpropd.initd"
+sha512sums="ee6194d3d504c3d40cb025b9988dcdcabbfdcf5de4711c3475f9ac1d4178095fe2114691c0f212c21d2b99d771ecc42cdd14bd18e7c987681c0092e6ce46068f krb5-1.11-signed.tar
+4d2ea5189971df13bf874d29bcf89fa3bfeb1d25b3bd9245ee7c88f5c4834e950c5978ce13df3b8fc05f98dd7d5510dad43af0440436958fa23f9e1a51f60f76 mit-krb5-1.11_uninitialized.patch
+8118518e359cb5e69e3321b7438b200d5d74ceeac16b4623bf4e4bfb4ead6c656de6fa153f9bcc454097b45a512bc8cd0798b1f062a2c4a09f75253b204a7a17 mit-krb5_krb5-config_LDFLAGS.patch
+561af06b4e0f0e130dda345ad934bcdb9984ec00cc38d871df1d3bb3f9e1c7d86f06db5b03229707c88b96ad324e3a2222420f8494aa431002cacea0246b1153 krb5kadmind.initd
+d6d0076886ce284fc395fafc2dc253b4b3ee97b2986dea51388d96a1e1294680fb171f475efc7844559e2c6aac44b26678a9255921db9a58dcf2e7164f0aeec5 krb5kdc.initd
+f97d33fa977c132a470d95fd539d8e8db018e03f28dbc9d3e04faf78ebb7392196e7d5135f138c2390979bf37b3ae0265e6827f0c17b44b277eb2dfff0a96f77 krb5kpropd.initd"
diff --git a/main/krb5/krb5kadmind.initd b/main/krb5/krb5kadmind.initd
new file mode 100644
index 0000000000..a1cdfef822
--- /dev/null
+++ b/main/krb5/krb5kadmind.initd
@@ -0,0 +1,25 @@
+#!/sbin/runscript
+
+#---------------------------------------------------------------------------
+# This script starts/stops the MIT Kerberos 5 Admin daemon
+#---------------------------------------------------------------------------
+
+daemon="MIT Kerberos 5 Admin daemon"
+exec="/usr/sbin/kadmind"
+
+depend() {
+ need krb5kdc
+ use net
+}
+
+start() {
+ ebegin "Starting $daemon"
+ start-stop-daemon --start --quiet --exec ${exec} 1>&2
+ eend $? "Error starting $daemon"
+}
+
+stop() {
+ ebegin "Stopping $daemon"
+ start-stop-daemon --stop --quiet --exec ${exec} 1>&2
+ eend $? "Error stopping $daemon"
+}
diff --git a/main/krb5/krb5kdc.initd b/main/krb5/krb5kdc.initd
new file mode 100644
index 0000000000..94f1f79379
--- /dev/null
+++ b/main/krb5/krb5kdc.initd
@@ -0,0 +1,24 @@
+#!/sbin/runscript
+
+#---------------------------------------------------------------------------
+# This script starts/stops the MIT Kerberos 5 KDC
+#---------------------------------------------------------------------------
+
+daemon="MIT Kerberos 5 KDC"
+exec="/usr/sbin/krb5kdc"
+
+depend() {
+ use net
+}
+
+start() {
+ ebegin "Starting $daemon"
+ start-stop-daemon --start --quiet --exec ${exec} 1>&2
+ eend $? "Error starting $daemon"
+}
+
+stop() {
+ ebegin "Stopping $daemon"
+ start-stop-daemon --stop --quiet --exec ${exec} 1>&2
+ eend $? "Error stopping $daemon"
+}
diff --git a/main/krb5/krb5kpropd.initd b/main/krb5/krb5kpropd.initd
new file mode 100644
index 0000000000..8b4b82975e
--- /dev/null
+++ b/main/krb5/krb5kpropd.initd
@@ -0,0 +1,24 @@
+#!/sbin/runscript
+
+#---------------------------------------------------------------------------
+# This script starts/stops the MIT Kerberos 5 kpropd
+#---------------------------------------------------------------------------
+
+daemon="MIT Kerberos 5 kpropd"
+exec="/usr/sbin/kpropd"
+
+depend() {
+ use net krb5kdc krb5kadmind
+}
+
+start() {
+ ebegin "Starting $daemon"
+ start-stop-daemon --start --quiet --exec ${exec} -- -S 1>&2
+ eend $? "Error starting $daemon"
+}
+
+stop() {
+ ebegin "Stopping $daemon"
+ start-stop-daemon --stop --quiet --exec ${exec} 1>&2
+ eend $? "Error stopping $daemon"
+}
diff --git a/main/krb5/mit-krb5-1.11_uninitialized.patch b/main/krb5/mit-krb5-1.11_uninitialized.patch
new file mode 100644
index 0000000000..a32d01d51f
--- /dev/null
+++ b/main/krb5/mit-krb5-1.11_uninitialized.patch
@@ -0,0 +1,81 @@
+--- a/src/slave/kprop.c
++++ b/src/slave/kprop.c
+@@ -91,7 +91,7 @@ main(argc, argv)
+ int argc;
+ char **argv;
+ {
+- int fd, database_fd, database_size;
++ int fd = -1, database_fd, database_size;
+ krb5_error_code retval;
+ krb5_context context;
+ krb5_creds *my_creds;
+--- a/src/kadmin/ktutil/ktutil_funcs.c
++++ b/src/kadmin/ktutil/ktutil_funcs.c
+@@ -64,7 +64,7 @@
+ krb5_kt_list *list;
+ int idx;
+ {
+- krb5_kt_list lp, prev;
++ krb5_kt_list lp, prev = NULL;
+ int i;
+
+ for (lp = *list, i = 1; lp; prev = lp, lp = lp->next, i++) {
+--- a/src/lib/kadm5/alt_prof.c
++++ b/src/lib/kadm5/alt_prof.c
+@@ -164,7 +164,7 @@
+ char **values;
+ char *valp;
+ int idx;
+- krb5_boolean val;
++ krb5_boolean val = 0;
+
+ kret = krb5_aprof_getvals (acontext, hierarchy, &values);
+ if (kret)
+--- a/src/lib/krb5/unicode/ucstr.c
++++ b/src/lib/krb5/unicode/ucstr.c
+@@ -109,7 +109,7 @@
+ krb5_data ** newdataptr,
+ unsigned flags)
+ {
+- int i, j, len, clen, outpos, ucsoutlen, outsize;
++ int i, j, len, clen, outpos = 0, ucsoutlen, outsize;
+ char *out = NULL, *outtmp, *s;
+ krb5_ucs4 *ucs = NULL, *p, *ucsout = NULL;
+ krb5_data *newdata;
+diff --git a/src/util/profile/prof_init.c b/src/util/profile/prof_init.c
+index 7dc5b47..cd90db8 100644
+--- a/src/util/profile/prof_init.c
++++ b/src/util/profile/prof_init.c
+@@ -255,7 +255,7 @@ copy_vtable_profile(profile_t profile, profile_t *ret_new_profile)
+ {
+ errcode_t err;
+ void *cbdata;
+- profile_t new_profile;
++ profile_t new_profile = NULL;
+
+ *ret_new_profile = NULL;
+
+--- a/src/lib/krb5/krb/preauth2.c 2012-12-24 12:39:18.432678497 +0100
++++ b/src/lib/krb5/krb/preauth2.c 2012-12-24 12:50:49.444099126 +0100
+@@ -956,7 +956,7 @@
+ size_t i, h;
+ int out_pa_list_size = 0;
+ krb5_pa_data **out_pa_list = NULL;
+- krb5_error_code ret, module_ret;
++ krb5_error_code ret, module_ret = 0;
+ krb5_responder_fn responder = opte->opt_private->responder;
+ static const int paorder[] = { PA_INFO, PA_REAL };
+
+--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c.orig 2013-02-15 14:38:43.742293824 +0000
++++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 2013-02-15 14:41:06.806870075 +0000
+@@ -1359,8 +1359,8 @@
+ goto cleanup;
+
+ for (i=0; bvalues[i] != NULL; ++i) {
+- krb5_int16 n_kd;
+- krb5_key_data *kd;
++ krb5_int16 n_kd = 0;
++ krb5_key_data *kd = NULL;
+ krb5_data in;
+
+ if (bvalues[i]->bv_len == 0)
diff --git a/main/krb5/mit-krb5_krb5-config_LDFLAGS.patch b/main/krb5/mit-krb5_krb5-config_LDFLAGS.patch
new file mode 100644
index 0000000000..0b300cb44a
--- /dev/null
+++ b/main/krb5/mit-krb5_krb5-config_LDFLAGS.patch
@@ -0,0 +1,12 @@
+Bug #448778
+--- krb5-1.11/src/krb5-config.in 2012-12-18 02:47:04.000000000 +0000
++++ krb5-1.11/src/krb5-config.in 2012-12-28 07:13:16.582693363 +0000
+@@ -217,7 +217,7 @@
+ -e 's#\$(PROG_RPATH)#'$libdir'#' \
+ -e 's#\$(PROG_LIBPATH)#'$libdirarg'#' \
+ -e 's#\$(RPATH_FLAG)#'"$RPATH_FLAG"'#' \
+- -e 's#\$(LDFLAGS)#'"$LDFLAGS"'#' \
++ -e 's#\$(LDFLAGS)##' \
+ -e 's#\$(PTHREAD_CFLAGS)#'"$PTHREAD_CFLAGS"'#' \
+ -e 's#\$(CFLAGS)##'`
+