From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 663E1158089 for ; Tue, 19 Sep 2023 16:04:21 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A7C4F2BC014; Tue, 19 Sep 2023 16:04:20 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8F7BB2BC014 for ; Tue, 19 Sep 2023 16:04:20 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id B1A3B335C39 for ; Tue, 19 Sep 2023 16:04:19 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 5D31E11AA for ; Tue, 19 Sep 2023 16:04:18 +0000 (UTC) From: "Eray Aslan" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Eray Aslan" Message-ID: <1695139441.91af7c9c8b9da614355ab51aef288243db51f5c6.eras@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: app-crypt/heimdal/ X-VCS-Repository: repo/gentoo X-VCS-Files: app-crypt/heimdal/heimdal-7.8.0-r3.ebuild X-VCS-Directories: app-crypt/heimdal/ X-VCS-Committer: eras X-VCS-Committer-Name: Eray Aslan X-VCS-Revision: 91af7c9c8b9da614355ab51aef288243db51f5c6 X-VCS-Branch: master Date: Tue, 19 Sep 2023 16:04:18 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 2a33ebce-a692-4f42-ab5d-2642256bbba7 X-Archives-Hash: 60c362db35f2591e6c5d8010b1485f2c commit: 91af7c9c8b9da614355ab51aef288243db51f5c6 Author: Eray Aslan gentoo org> AuthorDate: Tue Sep 19 15:56:12 2023 +0000 Commit: Eray Aslan gentoo org> CommitDate: Tue Sep 19 16:04:01 2023 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=91af7c9c app-crypt/heimdal: remove openssl support heimdal does not support openssl-3. remove openssl support since openssl-1.1 is EOL. This is not as bad as it sounds since we fall back to heimdal's hcrypto library Closes: https://bugs.gentoo.org/913718 Signed-off-by: Eray Aslan gentoo.org> app-crypt/heimdal/heimdal-7.8.0-r3.ebuild | 188 ++++++++++++++++++++++++++++++ 1 file changed, 188 insertions(+) diff --git a/app-crypt/heimdal/heimdal-7.8.0-r3.ebuild b/app-crypt/heimdal/heimdal-7.8.0-r3.ebuild new file mode 100644 index 000000000000..8408240047cb --- /dev/null +++ b/app-crypt/heimdal/heimdal-7.8.0-r3.ebuild @@ -0,0 +1,188 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11..12} ) +VIRTUALX_REQUIRED="manual" + +inherit autotools db-use multilib-minimal python-any-r1 virtualx flag-o-matic + +MY_P="${P}" +DESCRIPTION="Kerberos 5 implementation from KTH" +HOMEPAGE="https://www.heimdal.software/" +SRC_URI="https://github.com/${PN}/${PN}/releases/download/${P}/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="afs +berkdb caps gdbm hdb-ldap +lmdb otp selinux static-libs test X" +RESTRICT="!test? ( test )" + +# 717740 +REQUIRED_USE="otp? ( berkdb )" + +CDEPEND=" + virtual/libcrypt:=[${MULTILIB_USEDEP}] + berkdb? ( >=sys-libs/db-4.8.30-r1:*[${MULTILIB_USEDEP}] ) + gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] ) + lmdb? ( dev-db/lmdb:= ) + caps? ( sys-libs/libcap-ng ) + >=dev-db/sqlite-3.8.2[${MULTILIB_USEDEP}] + >=sys-fs/e2fsprogs-1.46.4-r51[${MULTILIB_USEDEP}] + sys-libs/ncurses:0= + >=sys-libs/readline-6.2_p5-r1:0=[${MULTILIB_USEDEP}] + afs? ( net-fs/openafs ) + hdb-ldap? ( >=net-nds/openldap-2.3.0:= ) + X? ( + x11-libs/libX11 + x11-libs/libXau + x11-libs/libXt + ) + !!app-crypt/mit-krb5 + !!app-crypt/mit-krb5-appl" + +DEPEND="${CDEPEND} + ${PYTHON_DEPS} + dev-perl/JSON + virtual/pkgconfig + sys-apps/texinfo + >=sys-devel/autoconf-2.62 + test? ( X? ( ${VIRTUALX_DEPEND} ) )" + +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-kerberos )" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/krb5-types.h + /usr/include/cms_asn1.h + /usr/include/digest_asn1.h + /usr/include/hdb_asn1.h + /usr/include/krb5_asn1.h + /usr/include/pkcs12_asn1.h + /usr/include/pkinit_asn1.h + /usr/include/rfc2459_asn1.h +) + +MULTILIB_CHOST_TOOLS=( + /usr/bin/krb5-config +) + +PATCHES=( + "${FILESDIR}/heimdal_disable-check-iprop.patch" + "${FILESDIR}/heimdal_tinfo.patch" + "${FILESDIR}/heimdal_build-headers-before-use.patch" + "${FILESDIR}/heimdal_fix-db60.patch" + "${FILESDIR}/heimdal-7.8.0-CVE-2022-45142.patch" + "${FILESDIR}/heimdal-7.8.0-configure-clang16.patch" +) + +src_prepare() { + default + eautoreconf +} + +src_configure() { + # QA + append-flags -fno-strict-aliasing + + multilib-minimal_src_configure +} + +multilib_src_configure() { + local myeconfargs=( + --enable-kcm + --disable-osfc2 + --enable-shared + --with-libintl="${EPREFIX}"/usr + --with-readline="${EPREFIX}"/usr + --with-sqlite3="${EPREFIX}"/usr + --libexecdir="${EPREFIX}"/usr/sbin + --enable-pthread-support + --enable-kx509 + --enable-pk-init + --with-ipv6 + --without-openssl + $(use_enable afs afs-support) + $(use_enable gdbm ndbm-db) + $(use_enable lmdb mdb-db) + $(use_enable otp) + $(use_enable static-libs static) + $(multilib_native_use_with caps capng) + $(multilib_native_use_with hdb-ldap openldap "${EPREFIX}"/usr) + $(multilib_native_use_with X x) + ) + if use berkdb; then + myeconfargs+=( + --with-berkeley-db + --with-berkeley-db-include="$(db_includedir)" + ) + else + myeconfargs+=( + --without-berkeley-db + ) + fi + + CONFIG_SHELL="${BROOT}"/bin/bash ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" +} + +multilib_src_compile() { + if multilib_is_native_abi; then + emake + else + emake -C include + emake -C lib + emake -C kdc + emake -C tools + emake -C tests/plugin + fi +} + +multilib_src_test() { + multilib_is_native_abi && emake -j1 check +} + +multilib_src_install() { + if multilib_is_native_abi; then + INSTALL_CATPAGES="no" emake DESTDIR="${D}" install + else + emake -C include DESTDIR="${D}" install + emake -C lib DESTDIR="${D}" install + emake -C kdc DESTDIR="${D}" install + emake -C tools DESTDIR="${D}" install + emake -C tests/plugin DESTDIR="${D}" install + fi +} + +multilib_src_install_all() { + dodoc ChangeLog* README NEWS TODO + + # client rename + mv "${ED}"/usr/share/man/man1/{,k}su.1 + mv "${ED}"/usr/bin/{,k}su + + newinitd "${FILESDIR}"/heimdal-kdc.initd-r2 heimdal-kdc + newinitd "${FILESDIR}"/heimdal-kadmind.initd-r2 heimdal-kadmind + newinitd "${FILESDIR}"/heimdal-kpasswdd.initd-r2 heimdal-kpasswdd + newinitd "${FILESDIR}"/heimdal-kcm.initd-r1 heimdal-kcm + + newconfd "${FILESDIR}"/heimdal-kdc.confd heimdal-kdc + newconfd "${FILESDIR}"/heimdal-kadmind.confd heimdal-kadmind + newconfd "${FILESDIR}"/heimdal-kpasswdd.confd heimdal-kpasswdd + newconfd "${FILESDIR}"/heimdal-kcm.confd heimdal-kcm + + insinto /etc + newins "${S}"/krb5.conf krb5.conf.example + + if use hdb-ldap; then + insinto /etc/openldap/schema + doins "${S}/lib/hdb/hdb.schema" + fi + + if ! use static-libs ; then + find "${ED}" -name "*.la" -delete || die + fi + + # default database dir + keepdir /var/heimdal +}