summaryrefslogtreecommitdiff
path: root/repo/krb5
diff options
context:
space:
mode:
authordavidovski <david@davidovski.xyz>2023-02-02 14:10:02 +0000
committerdavidovski <david@davidovski.xyz>2023-02-02 14:10:02 +0000
commitf29d569cd33a73da5ad675f43a34ad53c5cc9bc6 (patch)
tree76fe6267f8307e7630fc6f53ff99a9767ad40de0 /repo/krb5
parent05d004dfe0c9a9d898fac8a4a0292ca2a74ca391 (diff)
Work
Diffstat (limited to 'repo/krb5')
-rw-r--r--repo/krb5/krb5-server.xibuild17
-rw-r--r--repo/krb5/krb5.xibuild83
-rw-r--r--repo/krb5/krb5kadmind.initd25
-rw-r--r--repo/krb5/krb5kdc.initd24
-rw-r--r--repo/krb5/krb5kpropd.initd24
-rw-r--r--repo/krb5/mit-krb5_krb5-config_LDFLAGS.patch12
6 files changed, 140 insertions, 45 deletions
diff --git a/repo/krb5/krb5-server.xibuild b/repo/krb5/krb5-server.xibuild
new file mode 100644
index 0000000..e8edb99
--- /dev/null
+++ b/repo/krb5/krb5-server.xibuild
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+DESC="The KDC and related programs for Kerberos 5"
+
+package() {
+ mkdir -p "$PKG_DEST"/usr/share \
+ "$PKG_DEST"/usr/bin
+ install -d "$PKG_DEST"/var/lib/krb5kdc
+ mv "$PKG_DEST"/../krb5/usr/sbin "$subpkgdir"/usr/
+
+ add_from_main usr/bin/sclient
+
+ for i in $BUILD_ROOT/*.initd; do
+ install -Dm755 $i \
+ "$PKG_DEST"/etc/init.d/${i%.initd}
+ done
+}
diff --git a/repo/krb5/krb5.xibuild b/repo/krb5/krb5.xibuild
index c38416a..92185b9 100644
--- a/repo/krb5/krb5.xibuild
+++ b/repo/krb5/krb5.xibuild
@@ -1,59 +1,52 @@
#!/bin/sh
-MAKEDEPS="make "
-DEPS="musl e2fsprogs libldap gdbm"
+NAME="krb5"
+DESC="The Kerberos network authentication system"
+
+MAKEDEPS="e2fsprogs libverto libldap openssl keyutils bison flex perl"
PKG_VER=1.19.3
-SOURCE=http://kerberos.org/dist/krb5/${PKG_VER%.*}/krb5-${PKG_VER}.tar.gz
+maj_min=$PKG_VER
+case $PKG_VER in
+ *.*.*) maj_min=${PKG_VER%.*} ;;
+esac
+
+SOURCE="https://web.mit.edu/kerberos/dist/krb5/$maj_min/krb5-$PKG_VER.tar.gz"
ADDITIONAL="
- https://www.linuxfromscratch.org/patches/blfs/svn/mitkrb-${PKG_VER}-openssl3_fixes-1.patch
+krb5kadmind.initd
+krb5kdc.initd
+krb5kpropd.initd
+mit-krb5_krb5-config_LDFLAGS.patch
"
-DESC="The Kerberos network authentication system"
-
prepare () {
-
- # fix denial of service vulnerability
- sed -i '210a if (sprinc == NULL) {\
- status = "NULL_SERVER";\
- errcode = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;\
- goto cleanup;\
- }' src/kdc/do_tgs_req.c
-
-
- cd src &&
- #these were needed for libressl
- #patch -Np0 -i ../patch-plugins_preauth_pkinit_pkinit__crypto__openssl.c
- #patch -Np0 -i ../patch-plugins_preauth_pkinit_pkinit__crypto__openssl.h
- patch -Np2 -i ../mitkrb-$PKG_VER-openssl3_fixes-1.patch
-
-
- sed -e "/LDFLAGS=/d" -i build-tools/krb5-config.in
- sed -i -e 's@\^u}@^u cols 300}@' tests/dejagnu/config/default.exp || true
- sed -i -e '/eq 0/{N;s/12 //}' plugins/kdb/db2/libdb2/test/run.test || true
- sed -i '/t_iprop.py/d' tests/Makefile.in || true
+ cd src
+ mv ../*.patch .
+ apply_patches
}
-build () {
- # would be ideal to use openssl rather than builtin library
- autoreconf
- ./configure --prefix=/usr \
- --sysconfdir=/etc \
- --localstatedir=/var/lib \
- --runstatedir=/run \
- --with-system-et \
- --with-system-ss \
- --with-system-verto=no \
- --with-crypto-impl=builtin \
- --enable-dns-for-realm &&
-
- make
+build() {
+ ./configure \
+ CPPFLAGS="$CPPFLAGS -fPIC -I/usr/include/et" \
+ WARN_CFLAGS= \
+ --prefix=/usr \
+ --localstatedir=/var/lib \
+ --enable-shared \
+ --disable-nls \
+ --disable-static \
+ --disable-rpath \
+ --with-system-et \
+ --with-system-ss \
+ --with-system-verto \
+ --without-tcl \
+ --with-ldap
+ make
}
-package () {
- make DESTDIR=$PKG_DEST install
-
- install -dm755 $PKG_DEST/usr/share/doc/krb5-$PKG_VER &&
- cp -fr ../doc/* $PKG_DEST/usr/share/doc/krb5-$PKG_VER
+package() {
+ make install DESTDIR="$PKG_DEST"
+ mkdir -p "$PKG_DEST"/usr/share/doc/krb5
+ mv "$PKG_DEST"/usr/share/examples "$PKG_DEST"/usr/share/doc/krb5/
}
+
diff --git a/repo/krb5/krb5kadmind.initd b/repo/krb5/krb5kadmind.initd
new file mode 100644
index 0000000..64622d5
--- /dev/null
+++ b/repo/krb5/krb5kadmind.initd
@@ -0,0 +1,25 @@
+#!/sbin/openrc-run
+
+#---------------------------------------------------------------------------
+# This script starts/stops the MIT Kerberos 5 Admin daemon
+#---------------------------------------------------------------------------
+
+daemon="MIT Kerberos 5 Admin daemon"
+exec="/usr/sbin/kadmind"
+
+depend() {
+ need krb5kdc
+ use net
+}
+
+start() {
+ ebegin "Starting $daemon"
+ start-stop-daemon --start --quiet --exec ${exec} 1>&2
+ eend $? "Error starting $daemon"
+}
+
+stop() {
+ ebegin "Stopping $daemon"
+ start-stop-daemon --stop --quiet --exec ${exec} 1>&2
+ eend $? "Error stopping $daemon"
+}
diff --git a/repo/krb5/krb5kdc.initd b/repo/krb5/krb5kdc.initd
new file mode 100644
index 0000000..35cac6f
--- /dev/null
+++ b/repo/krb5/krb5kdc.initd
@@ -0,0 +1,24 @@
+#!/sbin/openrc-run
+
+#---------------------------------------------------------------------------
+# This script starts/stops the MIT Kerberos 5 KDC
+#---------------------------------------------------------------------------
+
+daemon="MIT Kerberos 5 KDC"
+exec="/usr/sbin/krb5kdc"
+
+depend() {
+ use net
+}
+
+start() {
+ ebegin "Starting $daemon"
+ start-stop-daemon --start --quiet --exec ${exec} 1>&2
+ eend $? "Error starting $daemon"
+}
+
+stop() {
+ ebegin "Stopping $daemon"
+ start-stop-daemon --stop --quiet --exec ${exec} 1>&2
+ eend $? "Error stopping $daemon"
+}
diff --git a/repo/krb5/krb5kpropd.initd b/repo/krb5/krb5kpropd.initd
new file mode 100644
index 0000000..75d2f0d
--- /dev/null
+++ b/repo/krb5/krb5kpropd.initd
@@ -0,0 +1,24 @@
+#!/sbin/openrc-run
+
+#---------------------------------------------------------------------------
+# This script starts/stops the MIT Kerberos 5 kpropd
+#---------------------------------------------------------------------------
+
+daemon="MIT Kerberos 5 kpropd"
+exec="/usr/sbin/kpropd"
+
+depend() {
+ use net krb5kdc krb5kadmind
+}
+
+start() {
+ ebegin "Starting $daemon"
+ start-stop-daemon --start --quiet --exec ${exec} -- -S 1>&2
+ eend $? "Error starting $daemon"
+}
+
+stop() {
+ ebegin "Stopping $daemon"
+ start-stop-daemon --stop --quiet --exec ${exec} 1>&2
+ eend $? "Error stopping $daemon"
+}
diff --git a/repo/krb5/mit-krb5_krb5-config_LDFLAGS.patch b/repo/krb5/mit-krb5_krb5-config_LDFLAGS.patch
new file mode 100644
index 0000000..9ae5226
--- /dev/null
+++ b/repo/krb5/mit-krb5_krb5-config_LDFLAGS.patch
@@ -0,0 +1,12 @@
+Bug #448778
+--- a/build-tools/krb5-config.in
++++ b/build-tools/krb5-config.in
+@@ -221,7 +221,7 @@
+ -e 's#\$(PROG_RPATH)#'$libdir'#' \
+ -e 's#\$(PROG_LIBPATH)#'$libdirarg'#' \
+ -e 's#\$(RPATH_FLAG)#'"$RPATH_FLAG"'#' \
+- -e 's#\$(LDFLAGS)#'"$LDFLAGS"'#' \
++ -e 's#\$(LDFLAGS)##' \
+ -e 's#\$(PTHREAD_CFLAGS)#'"$PTHREAD_CFLAGS"'#' \
+ -e 's#\$(CFLAGS)##'`
+