summaryrefslogtreecommitdiff
path: root/repo/system/krb5.xibuild
diff options
context:
space:
mode:
authordavidovski <david@davidovski.xyz>2022-03-01 21:25:54 +0000
committerdavidovski <david@davidovski.xyz>2022-03-01 21:25:54 +0000
commite8213fac46bfcb8068a883cb88b2bb1587f190f9 (patch)
tree8ec5946d18961404efb12700267e10cffffa6db7 /repo/system/krb5.xibuild
parent79c82d8fc0a4f6618429a0373bb832afd105543e (diff)
made packages work with musl
Diffstat (limited to 'repo/system/krb5.xibuild')
-rw-r--r--repo/system/krb5.xibuild36
1 files changed, 21 insertions, 15 deletions
diff --git a/repo/system/krb5.xibuild b/repo/system/krb5.xibuild
index ada3f55..03492c5 100644
--- a/repo/system/krb5.xibuild
+++ b/repo/system/krb5.xibuild
@@ -1,14 +1,20 @@
#!/bin/sh
MAKEDEPS="make "
-DEPS="musl e2fsprogs libldap keyutils"
+DEPS="musl e2fsprogs libldap keyutils gdbm"
PKG_VER=1.19.2
-SOURCE=https://github.com/krb5/krb5
-#SOURCE=https://kerberos.org/dist/krb5/$(echo $PKG_VER | cut -d. -f-2)/krb5-$PKG_VER.tar.gz
+SOURCE=http://web.mit.edu/kerberos/dist/krb5/${PKG_VER%.*}/krb5-${PKG_VER}.tar.gz
+
+ADDITIONAL="
+https://cgit.freebsd.org/ports/plain/security/krb5-119/files/patch-plugins_preauth_pkinit_pkinit__crypto__openssl.c
+https://cgit.freebsd.org/ports/plain/security/krb5-119/files/patch-plugins_preauth_pkinit_pkinit__crypto__openssl.h
+"
+
DESC="The Kerberos network authentication system"
prepare () {
+
# fix denial of service vulnerability
sed -i '210a if (sprinc == NULL) {\
status = "NULL_SERVER";\
@@ -16,8 +22,12 @@ prepare () {
goto cleanup;\
}' src/kdc/do_tgs_req.c
+
cd src &&
+ patch -Np0 -i ../patch-plugins_preauth_pkinit_pkinit__crypto__openssl.c
+ patch -Np0 -i ../patch-plugins_preauth_pkinit_pkinit__crypto__openssl.h
+ sed -e "/LDFLAGS=/d" -i build-tools/krb5-config.in
sed -i -e 's@\^u}@^u cols 300}@' tests/dejagnu/config/default.exp || true
sed -i -e '/eq 0/{N;s/12 //}' plugins/kdb/db2/libdb2/test/run.test || true
sed -i '/t_iprop.py/d' tests/Makefile.in || true
@@ -25,22 +35,18 @@ prepare () {
build () {
# would be ideal to use libressl rather than builtin library
- autoreconf
- ./configure --prefix=/usr \
- --sysconfdir=/etc \
- --localstatedir=/var/lib \
- --runstatedir=/run \
- --with-system-et \
- --with-system-ss \
- --with-system-verto=no \
- --with-crypto-impl=builtin \
- --enable-dns-for-realm &&
+ ./configure ${configure_args} --sbindir=/usr/bin \
+ --disable-rpath --with-system-et --without-system-verto --with-ldap \
+ --with-system-ss --enable-shared --without-tcl \
+ ac_cv_func_pthread_once=yes ac_cv_func_pthread_rwlock_init=yes \
+ acx_pthread_ok=yes ac_cv_func_regcomp=yes ac_cv_printf_positional=yes \
+ krb5_cv_attr_constructor_destructor=yes,yes
make
}
package () {
make DESTDIR=$PKG_DEST install
- install -v -dm755 $PKG_DEST/usr/share/doc/krb5-$PKG_VER &&
- cp -vfr ../doc/* $PKG_DEST/usr/share/doc/krb5-$PKG_VER
+ install -dm755 $PKG_DEST/usr/share/doc/krb5-$PKG_VER &&
+ cp -fr ../doc/* $PKG_DEST/usr/share/doc/krb5-$PKG_VER
}