APKBUILD 3.46 KB
Newer Older
Natanael Copa's avatar
Natanael Copa committed
1
2
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=krb5
J0WI's avatar
J0WI committed
3
pkgver=1.19.2
4
pkgrel=4
Natanael Copa's avatar
Natanael Copa committed
5
pkgdesc="The Kerberos network authentication system"
J0WI's avatar
J0WI committed
6
url="https://web.mit.edu/kerberos/www/"
Natanael Copa's avatar
Natanael Copa committed
7
8
arch="all"
license="MIT"
9
depends="krb5-conf"
10
depends_dev="e2fsprogs-dev"
11
makedepends="$depends_dev libverto-dev openldap-dev openssl1.1-compat-dev
12
	keyutils-dev bison flex perl"
Andy Postnikov's avatar
Andy Postnikov committed
13
options="suid !check" # https://gitlab.alpinelinux.org/alpine/aports/-/issues/13155
14
subpackages="$pkgname-dev $pkgname-doc $pkgname-server
TBK's avatar
TBK committed
15
16
	$pkgname-server-openrc:server_openrc $pkgname-server-ldap:ldap
	$pkgname-pkinit $pkgname-libs"
17
18
19

_maj_min=$pkgver
case $pkgver in
TBK's avatar
TBK committed
20
	*.*.*) _maj_min=${pkgver%.*} ;;
21
22
esac

Leo's avatar
Leo committed
23
source="https://web.mit.edu/kerberos/dist/krb5/$_maj_min/krb5-$pkgver.tar.gz
Natanael Copa's avatar
Natanael Copa committed
24
	mit-krb5_krb5-config_LDFLAGS.patch
Timo Teräs's avatar
Timo Teräs committed
25

Natanael Copa's avatar
Natanael Copa committed
26
27
28
29
	krb5kadmind.initd
	krb5kdc.initd
	krb5kpropd.initd
	"
TBK's avatar
TBK committed
30
builddir="$srcdir/$pkgname-$pkgver/src"
31

32
# secfixes:
J0WI's avatar
J0WI committed
33
34
#   1.18.4-r0:
#     - CVE-2021-36222
Leo's avatar
Leo committed
35
36
#   1.18.3-r0:
#     - CVE-2020-28196
37
38
#   1.15.4-r0:
#     - CVE-2018-20217
39
#   1.15.3-r0:
40
41
42
#     - CVE-2017-15088
#     - CVE-2018-5709
#     - CVE-2018-5710
43

Natanael Copa's avatar
Natanael Copa committed
44
45
46
build() {
	./configure \
		CPPFLAGS="$CPPFLAGS -fPIC -I/usr/include/et" \
Natanael Copa's avatar
Natanael Copa committed
47
		WARN_CFLAGS= \
48
49
		--build=$CBUILD \
		--host=$CHOST \
Natanael Copa's avatar
Natanael Copa committed
50
51
52
		--prefix=/usr \
		--localstatedir=/var/lib \
		--enable-shared \
TBK's avatar
TBK committed
53
		--disable-nls \
Natanael Copa's avatar
Natanael Copa committed
54
55
56
57
58
59
		--disable-static \
		--disable-rpath \
		--with-system-et \
		--with-system-ss \
		--with-system-verto \
		--without-tcl \
60
		--with-ldap
Natanael Copa's avatar
Natanael Copa committed
61
62
63
	make
}

TBK's avatar
TBK committed
64
65
66
67
check() {
	make check-unix
}

Natanael Copa's avatar
Natanael Copa committed
68
package() {
69
	make install DESTDIR="$pkgdir"
Natanael Copa's avatar
Natanael Copa committed
70
71
72
73
74
75
	mkdir -p "$pkgdir"/usr/share/doc/$pkgname
	mv "$pkgdir"/usr/share/examples "$pkgdir"/usr/share/doc/$pkgname/
}

server() {
	pkgdesc="The KDC and related programs for Kerberos 5"
76
	depends="libverto-libev"
Natanael Copa's avatar
Natanael Copa committed
77
	mkdir -p "$subpkgdir"/usr/share \
TBK's avatar
TBK committed
78
		"$subpkgdir"/usr/bin
79
80
	install -d "$subpkgdir"/var/lib/krb5kdc
	mv "$pkgdir"/usr/sbin "$subpkgdir"/usr/
TBK's avatar
TBK committed
81

Natanael Copa's avatar
Natanael Copa committed
82
	# used for testing server
TBK's avatar
TBK committed
83
84
85
86
87
88
	amove usr/bin/sclient
}

server_openrc() {
	pkgdesc="The KDC and related programs for Kerberos 5 (OpenRC init scripts)"
	install_if="$pkgname-server=$pkgver-r$pkgrel openrc"
Natanael Copa's avatar
Natanael Copa committed
89

TBK's avatar
TBK committed
90
91
92
93
94
95
	for i in $source; do
		case $i in
		*.initd) install -Dm755 "$srcdir"/$i \
			"$subpkgdir"/etc/init.d/${i%.initd};;
		esac
	done
Natanael Copa's avatar
Natanael Copa committed
96
97
98
99
}

ldap() {
	pkgdesc="The LDAP storage plugin for the Kerberos 5 KDC"
100
101
102
103
	install -Dm644 \
		-t "$subpkgdir"/usr/share/kerberos \
		"$builddir"/plugins/kdb/ldap/libkdb_ldap/kerberos.ldif \
		"$builddir"/plugins/kdb/ldap/libkdb_ldap/kerberos.openldap.ldif
TBK's avatar
TBK committed
104
105
	amove usr/lib/krb5/plugins/kdb/kldap.so
	amove usr/lib/libkdb_ldap*
Natanael Copa's avatar
Natanael Copa committed
106
107
108
109
110
}

pkinit() {
	pkgdesc="The PKINIT module for Kerberos 5"
	mkdir -p "$subpkgdir"/usr/lib/krb5/plugins/preauth
TBK's avatar
TBK committed
111
	amove usr/lib/krb5/plugins/preauth/pkinit.so
Natanael Copa's avatar
Natanael Copa committed
112
113
114
115
}

libs() {
	pkgdesc="The shared libraries used by Kerberos 5"
116
	depends="krb5-conf"
TBK's avatar
TBK committed
117
	amove usr/lib
Natanael Copa's avatar
Natanael Copa committed
118
}
TBK's avatar
TBK committed
119

J0WI's avatar
J0WI committed
120
sha512sums="
J0WI's avatar
J0WI committed
121
b90d6ed0e1e8a87eb5cb2c36d88b823a6a6caabf85e5d419adb8a930f7eea09a5f8491464e7e454cca7ba88be09d19415962fe0036ad2e31fc584f9fc0bbd470  krb5-1.19.2.tar.gz
TBK's avatar
TBK committed
122
5c62cbcbf1ef0462323f3392a362b42ed301967a1de80ddcb27eece4fad23efeeb5f04f5af521cfffff36b918bb93813262aa62785e59d6cb5af437a2c9e886d  mit-krb5_krb5-config_LDFLAGS.patch
123
124
43b9885b7eb8d0d60920def688de482f2b1701288f9acb1bb21dc76b2395428ff304961959eb04ba5eafd0412bae35668d6d2c8223424b9337bc051eadf51682  krb5kadmind.initd
ede15f15bbbc9d0227235067abe15245bb9713aea260d397379c63275ce74aea0db6c91c15d599e40c6e89612d76f3a0f8fdd21cbafa3f30d426d4310d3e2cec  krb5kdc.initd
J0WI's avatar
J0WI committed
125
126
45be0d421efd41e9dd056125a750c90856586e990317456b68170d733b03cba9ecd18ab87603b20e49575e7839fb4a6d628255533f2631f9e8ddb7f3cc493a90  krb5kpropd.initd
"