commit: 0b0b1dcf64f222410abcf1cb8cc953ffe497a205 Author: Eray Aslan <eras <AT> gentoo <DOT> org> AuthorDate: Thu Jun 27 07:27:20 2024 +0000 Commit: Eray Aslan <eras <AT> gentoo <DOT> org> CommitDate: Thu Jun 27 07:29:23 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0b0b1dcf
app-crypt/mit-krb5: add 1.21.3 security bump also - install ldif files when openldap USE flag is in use - make +threads USE flag mandatory Bug: https://bugs.gentoo.org/934994 Closes: https://bugs.gentoo.org/890038 Closes: https://bugs.gentoo.org/868462 Signed-off-by: Eray Aslan <eras <AT> gentoo.org> app-crypt/mit-krb5/Manifest | 1 + app-crypt/mit-krb5/mit-krb5-1.21.3.ebuild | 154 ++++++++++++++++++++++++++++++ 2 files changed, 155 insertions(+) diff --git a/app-crypt/mit-krb5/Manifest b/app-crypt/mit-krb5/Manifest index 1ce7821058e3..185c64f6f211 100644 --- a/app-crypt/mit-krb5/Manifest +++ b/app-crypt/mit-krb5/Manifest @@ -1 +1,2 @@ DIST krb5-1.21.2.tar.gz 8622513 BLAKE2B 2afb3ff962a343bc07182fdab0c0ffb221632ff38baab74278cfc721ae72deacc260221470de36e420584f00b780e13221d2e511d4831bca8e1270b7f3d9e824 SHA512 4e09296b412383d53872661718dbfaa90201e0d85f69db48e57a8d4bd73c95a90c7ec7b6f0f325f6bc967f8d203b256b071c0191facf080aca0e2caec5d0ac49 +DIST krb5-1.21.3.tar.gz 9136145 BLAKE2B e909a55eaedab68e5c829bb7bbd26cec5db2d7b8d97f3b034de94d8f957003f16977ac619afee3b862f288e59f05c5e44f41e65b8883961c8b22a26e2f4733bc SHA512 87bc06607f4d95ff604169cea22180703a42d667af05f66f1569b8bd592670c42820b335e5c279e8b4f066d1e7da20f1948a1e4def7c5d295c170cbfc7f49c71 diff --git a/app-crypt/mit-krb5/mit-krb5-1.21.3.ebuild b/app-crypt/mit-krb5/mit-krb5-1.21.3.ebuild new file mode 100644 index 000000000000..954d41e8fbdc --- /dev/null +++ b/app-crypt/mit-krb5/mit-krb5-1.21.3.ebuild @@ -0,0 +1,154 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11..13} ) +inherit autotools flag-o-matic python-any-r1 systemd toolchain-funcs multilib-minimal + +MY_P="${P/mit-}" +P_DIR=$(ver_cut 1-2) +DESCRIPTION="MIT Kerberos V" +HOMEPAGE="https://web.mit.edu/kerberos/www/"; +SRC_URI="https://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}.tar.gz"; +S=${WORKDIR}/${MY_P}/src + +LICENSE="openafs-krb5-a BSD MIT OPENLDAP BSD-2 HPND BSD-4 ISC RSA CC-BY-SA-3.0 || ( BSD-2 GPL-2+ )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="cpu_flags_x86_aes doc +keyutils lmdb nls openldap +pkinit selinux test xinetd" + +RESTRICT="!test? ( test )" + +DEPEND=" + !!app-crypt/heimdal + >=sys-fs/e2fsprogs-1.46.4-r51[${MULTILIB_USEDEP}] + || ( + >=dev-libs/libverto-0.2.5[libev,${MULTILIB_USEDEP}] + >=dev-libs/libverto-0.2.5[libevent,${MULTILIB_USEDEP}] + ) + keyutils? ( >=sys-apps/keyutils-1.5.8:=[${MULTILIB_USEDEP}] ) + lmdb? ( dev-db/lmdb:= ) + nls? ( sys-devel/gettext[${MULTILIB_USEDEP}] ) + openldap? ( >=net-nds/openldap-2.4.38-r1:=[${MULTILIB_USEDEP}] ) + pkinit? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] ) + xinetd? ( sys-apps/xinetd ) + " +BDEPEND=" + ${PYTHON_DEPS} + app-alternatives/yacc + cpu_flags_x86_aes? ( + amd64? ( dev-lang/yasm ) + x86? ( dev-lang/yasm ) + ) + doc? ( virtual/latex-base ) + test? ( dev-util/cmocka ) + " +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-kerberos )" + +PATCHES=( + "${FILESDIR}/${PN}-1.12_warn_cflags.patch" + "${FILESDIR}/${PN}_dont_create_rundir.patch" + "${FILESDIR}/${PN}-1.18.2-krb5-config.patch" +) + +MULTILIB_CHOST_TOOLS=( + /usr/bin/krb5-config +) + +src_prepare() { + default + # Make sure we always use the system copies. + rm -rf util/{et,ss,verto} + sed -i 's:^[[:space:]]*util/verto$::' configure.ac || die + + eautoreconf +} + +src_configure() { + # lto-type-mismatch (bug #854225) + filter-lto + + multilib-minimal_src_configure +} + +multilib_src_configure() { + ECONF_SOURCE=${S} \ + AR="$(tc-getAR)" \ + WARN_CFLAGS="set" \ + econf \ + $(use_with openldap ldap) \ + $(use_enable nls) \ + $(use_enable pkinit) \ + $(use_with lmdb) \ + $(use_with keyutils) \ + --without-hesiod \ + --enable-shared \ + --with-system-et \ + --with-system-ss \ + --enable-dns-for-realm \ + --enable-kdc-lookaside-cache \ + --with-system-verto \ + --enable-thread-support \ + --disable-rpath +} + +multilib_src_compile() { + emake -j1 +} + +multilib_src_test() { + multilib_is_native_abi && emake -j1 check +} + +multilib_src_install() { + emake \ + DESTDIR="${D}" \ + EXAMPLEDIR="${EPREFIX}/usr/share/doc/${PF}/examples" \ + install +} + +multilib_src_install_all() { + # default database dir + keepdir /var/lib/krb5kdc + + cd .. + dodoc README + + newinitd "${FILESDIR}"/mit-krb5kadmind.initd-r2 mit-krb5kadmind + newinitd "${FILESDIR}"/mit-krb5kdc.initd-r2 mit-krb5kdc + newinitd "${FILESDIR}"/mit-krb5kpropd.initd-r2 mit-krb5kpropd + newconfd "${FILESDIR}"/mit-krb5kadmind.confd mit-krb5kadmind + newconfd "${FILESDIR}"/mit-krb5kdc.confd mit-krb5kdc + newconfd "${FILESDIR}"/mit-krb5kpropd.confd mit-krb5kpropd + + systemd_newunit "${FILESDIR}"/mit-krb5kadmind.service mit-krb5kadmind.service + systemd_newunit "${FILESDIR}"/mit-krb5kdc.service mit-krb5kdc.service + systemd_newunit "${FILESDIR}"/mit-krb5kpropd.service mit-krb5kpropd.service + systemd_newunit "${FILESDIR}"/mit-krb5kpropd_at.service "[email protected]" + systemd_newunit "${FILESDIR}"/mit-krb5kpropd.socket mit-krb5kpropd.socket + + insinto /etc + newins "${ED}/usr/share/doc/${PF}/examples/krb5.conf" krb5.conf.example + insinto /var/lib/krb5kdc + newins "${ED}/usr/share/doc/${PF}/examples/kdc.conf" kdc.conf.example + + if use openldap ; then + dodoc "${S}/plugins/kdb/ldap/libkdb_ldap/kerberos.ldif" + dodoc "${S}/plugins/kdb/ldap/libkdb_ldap/kerberos.openldap.ldif" + insinto /etc/openldap/schema + doins "${S}/plugins/kdb/ldap/libkdb_ldap/kerberos.schema" + fi + + if use xinetd ; then + insinto /etc/xinetd.d + newins "${FILESDIR}/kpropd.xinetd" kpropd + fi + + if use doc; then + dodoc -r doc/html + docinto pdf + dodoc doc/pdf/*.pdf + fi +}
