summaryrefslogtreecommitdiff
path: root/repo/system/krb5.xibuild
blob: 03492c58c13e5f870df7166520e08b5e5202c866 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/bin/sh

MAKEDEPS="make "
DEPS="musl e2fsprogs libldap keyutils gdbm"

PKG_VER=1.19.2
SOURCE=http://web.mit.edu/kerberos/dist/krb5/${PKG_VER%.*}/krb5-${PKG_VER}.tar.gz

ADDITIONAL="
https://cgit.freebsd.org/ports/plain/security/krb5-119/files/patch-plugins_preauth_pkinit_pkinit__crypto__openssl.c
https://cgit.freebsd.org/ports/plain/security/krb5-119/files/patch-plugins_preauth_pkinit_pkinit__crypto__openssl.h
"

DESC="The Kerberos network authentication system"

prepare () {

    # fix denial of service vulnerability
    sed -i '210a if (sprinc == NULL) {\
       status = "NULL_SERVER";\
       errcode = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;\
       goto cleanup;\
       }' src/kdc/do_tgs_req.c


    cd src &&
    patch -Np0 -i ../patch-plugins_preauth_pkinit_pkinit__crypto__openssl.c
    patch -Np0 -i ../patch-plugins_preauth_pkinit_pkinit__crypto__openssl.h

   	sed -e "/LDFLAGS=/d" -i build-tools/krb5-config.in
    sed -i -e 's@\^u}@^u cols 300}@' tests/dejagnu/config/default.exp || true
    sed -i -e '/eq 0/{N;s/12 //}'    plugins/kdb/db2/libdb2/test/run.test || true
    sed -i '/t_iprop.py/d'           tests/Makefile.in                    || true
}

build () {
    # would be ideal to use libressl rather than builtin library
    ./configure ${configure_args} --sbindir=/usr/bin \
		--disable-rpath --with-system-et --without-system-verto --with-ldap \
		--with-system-ss --enable-shared --without-tcl \
		ac_cv_func_pthread_once=yes ac_cv_func_pthread_rwlock_init=yes \
		acx_pthread_ok=yes ac_cv_func_regcomp=yes ac_cv_printf_positional=yes \
		krb5_cv_attr_constructor_destructor=yes,yes
    make
}

package () {
    make DESTDIR=$PKG_DEST install

    install -dm755 $PKG_DEST/usr/share/doc/krb5-$PKG_VER &&
    cp -fr ../doc/*  $PKG_DEST/usr/share/doc/krb5-$PKG_VER
}