mirrors/aports
3
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-04-19 05:36:38 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
aports/main/krb5/APKBUILD
J0WI 4c87a3702a main/krb5: security upgrade to 1.21.3
2024-06-30 19:34:00 +00:00

131 lines
3.4 KiB
Text
Raw Permalink Blame History

# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=krb5
pkgver=1.21.3
pkgrel=0
pkgdesc="The Kerberos network authentication system"
url="https://web.mit.edu/kerberos/www/"
arch="all"
license="MIT"
depends="krb5-conf"
depends_dev="e2fsprogs-dev libverto-dev"
makedepends="$depends_dev openldap-dev openssl-dev>3
keyutils-dev bison flex perl"
options="suid !check" # https://gitlab.alpinelinux.org/alpine/aports/-/issues/13155
subpackages="$pkgname-dev $pkgname-doc $pkgname-server
$pkgname-server-openrc:server_openrc $pkgname-server-ldap:ldap
$pkgname-pkinit $pkgname-libs"
_maj_min=$pkgver
case $pkgver in
*.*.*) _maj_min=${pkgver%.*} ;;
esac
source="https://web.mit.edu/kerberos/dist/krb5/$_maj_min/krb5-$pkgver.tar.gz
krb5kadmind.initd
krb5kdc.initd
krb5kpropd.initd
"
builddir="$srcdir/$pkgname-$pkgver/src"
# secfixes:
# 1.20.3-r0:
# - CVE-2024-37370
# - CVE-2024-37371
# 1.20.1-r0:
# - CVE-2022-42898
# 1.19.3-r0:
# - CVE-2021-37750
# 1.18.4-r0:
# - CVE-2021-36222
# 1.18.3-r0:
# - CVE-2020-28196
# 1.15.4-r0:
# - CVE-2018-20217
# 1.15.3-r0:
# - CVE-2017-15088
# - CVE-2018-5709
# - CVE-2018-5710
build() {
./configure \
CPPFLAGS="$CPPFLAGS -fPIC -I/usr/include/et" \
WARN_CFLAGS= \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--localstatedir=/var/lib \
--enable-shared \
--disable-nls \
--disable-static \
--disable-rpath \
--with-system-et \
--with-system-ss \
--with-system-verto \
--without-tcl \
--with-ldap
make
}
check() {
make check-unix
}
package() {
make install DESTDIR="$pkgdir"
mkdir -p "$pkgdir"/usr/share/doc/$pkgname
mv "$pkgdir"/usr/share/examples "$pkgdir"/usr/share/doc/$pkgname/
}
server() {
pkgdesc="The KDC and related programs for Kerberos 5"
depends="libverto-libev"
mkdir -p "$subpkgdir"/usr/share \
"$subpkgdir"/usr/bin
install -d "$subpkgdir"/var/lib/krb5kdc
mv "$pkgdir"/usr/sbin "$subpkgdir"/usr/
# used for testing server
amove usr/bin/sclient
}
server_openrc() {
pkgdesc="The KDC and related programs for Kerberos 5 (OpenRC init scripts)"
install_if="$pkgname-server=$pkgver-r$pkgrel openrc"
for i in $source; do
case $i in
*.initd) install -Dm755 "$srcdir"/$i \
"$subpkgdir"/etc/init.d/${i%.initd};;
esac
done
}
ldap() {
pkgdesc="The LDAP storage plugin for the Kerberos 5 KDC"
install -Dm644 \
-t "$subpkgdir"/usr/share/kerberos \
"$builddir"/plugins/kdb/ldap/libkdb_ldap/kerberos.ldif \
"$builddir"/plugins/kdb/ldap/libkdb_ldap/kerberos.openldap.ldif
amove usr/lib/krb5/plugins/kdb/kldap.so
amove usr/lib/libkdb_ldap*
}
pkinit() {
pkgdesc="The PKINIT module for Kerberos 5"
mkdir -p "$subpkgdir"/usr/lib/krb5/plugins/preauth
amove usr/lib/krb5/plugins/preauth/pkinit.so
}
libs() {
pkgdesc="The shared libraries used by Kerberos 5"
depends="krb5-conf"
amove usr/lib
}
sha512sums="
87bc06607f4d95ff604169cea22180703a42d667af05f66f1569b8bd592670c42820b335e5c279e8b4f066d1e7da20f1948a1e4def7c5d295c170cbfc7f49c71 krb5-1.21.3.tar.gz
43b9885b7eb8d0d60920def688de482f2b1701288f9acb1bb21dc76b2395428ff304961959eb04ba5eafd0412bae35668d6d2c8223424b9337bc051eadf51682 krb5kadmind.initd
ede15f15bbbc9d0227235067abe15245bb9713aea260d397379c63275ce74aea0db6c91c15d599e40c6e89612d76f3a0f8fdd21cbafa3f30d426d4310d3e2cec krb5kdc.initd
45be0d421efd41e9dd056125a750c90856586e990317456b68170d733b03cba9ecd18ab87603b20e49575e7839fb4a6d628255533f2631f9e8ddb7f3cc493a90 krb5kpropd.initd
"
Reference in a new issue View git blame Copy permalink