diff options
Diffstat (limited to 'app-crypt')
-rw-r--r-- | app-crypt/Manifest.gz | bin | 24963 -> 24970 bytes | |||
-rw-r--r-- | app-crypt/heimdal/Manifest | 2 | ||||
-rw-r--r-- | app-crypt/heimdal/files/heimdal-7.8.0-configure-clang16.patch | 54 | ||||
-rw-r--r-- | app-crypt/heimdal/heimdal-7.8.0-r2.ebuild | 191 |
4 files changed, 247 insertions, 0 deletions
diff --git a/app-crypt/Manifest.gz b/app-crypt/Manifest.gz Binary files differindex 9e7d2f704c14..51e436e076fd 100644 --- a/app-crypt/Manifest.gz +++ b/app-crypt/Manifest.gz diff --git a/app-crypt/heimdal/Manifest b/app-crypt/heimdal/Manifest index 60bc2b0506be..d2339cd2d51a 100644 --- a/app-crypt/heimdal/Manifest +++ b/app-crypt/heimdal/Manifest @@ -1,4 +1,5 @@ AUX heimdal-7.8.0-CVE-2022-45142.patch 1320 BLAKE2B 2aa61a0a7c852b587b4313a13b4fa24415123590bd5779e972a395fa4e93e048544e874b238d8fabf7853001ff1eae668263bbf8f8f00d2ce395a5af869ba99f SHA512 9a03a218c0e523ed50051176f11f6939a5c9dd45c40495fa676b94083a1aa69ec9109fa415f836cec1b3a26ff77cd3ac44a7464f0395c8088627561fefbf2c66 +AUX heimdal-7.8.0-configure-clang16.patch 2374 BLAKE2B 7db8772c3939b733b284a491322c8f256e9c50fce3a8727209ebddb2ae2493b4305d25d92a7e7e2cc8fb3c114be688b462556db718d4c8eb9a9cd722beddc777 SHA512 b14ae324d742eebc756ff5a01762aae7282a32ffd09f703e82bc3b7bedfa0ede08763003d711acf72edc5768ed9db64a4b72682be945e41954de1ace26bcd18b AUX heimdal-kadmind.confd 151 BLAKE2B 1e916d248e9d93029e1e2a541c505c87f017e2a825383650dd8cf0e9c55d1740410312bf050270a382caef11250dbcf333724e5e73ce4ed4d2dacb53dbdb6a34 SHA512 2e2852fa6bebeb58da4bd80fb584339ab8c95fdc1e37f957045f9fcc9b212ccf61145d16c6f7a2fae6245e977200e48150f25bc4ac1d734692555ccfd9911810 AUX heimdal-kadmind.initd-r2 427 BLAKE2B 55f0d458b28c889bce8a98ce58112124983c284918c1db1b877c095bd9f573d60ec035afe3182d5ae3f6d484af6fdd09b9efe01b73821921afac8509b65abbf4 SHA512 fd8cf77b7786a6b78d775be3ee769a31ec27a085f4e0764722948a02122e9a4ce52143eb1d3ac2acd7c74a5bee4432220155eb9a49bfbafc0c23431b18da64b2 AUX heimdal-kcm.confd 130 BLAKE2B 5c182031eab38014f2f83c70989df31c9ddb664d166f2c92d93aac9cf352ac0975486d4edb8079cd77b74e52d480917297d00f966d0568b24ee70212e119de18 SHA512 dd70d57c3be5f0d4cf872463af1df6bec82774314e6462cd2433ff9fc4d2ff585210581c75bc76b33085e58b16e3ca795bbd531eba6b5f7a3f7f505b7e9ed50b @@ -16,5 +17,6 @@ DIST heimdal-7.7.1.tar.gz 10009851 BLAKE2B 2d2b6cef4aea1dfab97106cc6be5f3f68736c DIST heimdal-7.8.0.tar.gz 10024936 BLAKE2B bab8ed12a5257395b34bb88e22147912857015c652f0899c54809582c49f9c33b9ac748b28dd38ac7072d245e86e44c5dafb8725103fcb4a6dae16c8d1d4b623 SHA512 0167345aca77d65b7a1113874eee5b65ec6e1fec1f196d57e571265409fa35ef95a673a4fd4aafbb0ab5fb5b246b97412353a68d6613a8aff6393a9f1e72999e EBUILD heimdal-7.7.1.ebuild 4493 BLAKE2B a86f726d9586d6ab2e62ee7e96f1e8b179ec0460d6bdb0677f6a70b058e47ac7f9c8690e88c4963acc43de976cf5845e157523005284c951a6ee4f7a38dc5e7f SHA512 20496f6eeebdf26f687df3b7a585441091948f7aa2070951526a9233b3c407c266609ebad0099ba0e0bbd9c4eb95d2ddb58640253ea6296ab6d31b42b912ef8e EBUILD heimdal-7.8.0-r1.ebuild 4588 BLAKE2B c75a7c56ab3e17ce53125654cd9671de77c5c0fcfdb1197ff3816cd0291502eb00a1422d7c0586612d2bf717585dab57e1e56f2cb3ba1dc866f460e2dfcbf6f5 SHA512 831c093c89a24b208ccf46acee0a79c7bed17b6fb24b7850aa519fb5016eefcaadb7d37ccc100f4ffec72d7b589ee70f608d1fb64b194eb6a2c07c71d5c148c5 +EBUILD heimdal-7.8.0-r2.ebuild 4643 BLAKE2B a17addef42cd7adfeeba6b5047b494f0bb535a21d27a01ec397bdd2017d6b194f1abeb7ffdf9bed48f83537827b321dab0e562cf4ada4c7121f92f48502950d9 SHA512 81dc50807ea7bdb5bd7cc00ae6fdb06086f22e54bd6b22a1c20bb950d459c78af3c620337bcbcb5607694d86469d78d2e5781785aeec92760efbfc20a67c7d5d EBUILD heimdal-7.8.0.ebuild 4499 BLAKE2B 1f9d2bed92c3e1490e41c1728d0f1bd0da2a6e8353819325d68c68d0395082b8793f7bfc896e0145b693feb7a2a2f8dff0c7f34f3d11ea3802457677b9a9500c SHA512 72e792c5cc6aa65aa5cc74f7c4511251492bfc667a35878554e2789c1050592ab0be4af499d56f65af0e1274ea957c02ae30068283c325bc4c2fabb0b47069c0 MISC metadata.xml 582 BLAKE2B e38fb8048d899871775a690397627b0003cb3301aaa3c98cc8fb9d70e867bd0b922581d3e319464ff89929c4a34c608e23cecc72f0b4a320b3365cf23853268e SHA512 77b5b3da9ccbcb77c6e0985c7610b3ba5b698092327221477f30828f086ef3891c8170856cb6b26a5596239180e43c5b6d5e213ae6a7129c659bb34fe9c498cd diff --git a/app-crypt/heimdal/files/heimdal-7.8.0-configure-clang16.patch b/app-crypt/heimdal/files/heimdal-7.8.0-configure-clang16.patch new file mode 100644 index 000000000000..6e948bc51c3b --- /dev/null +++ b/app-crypt/heimdal/files/heimdal-7.8.0-configure-clang16.patch @@ -0,0 +1,54 @@ +https://bugs.gentoo.org/899072 +https://github.com/heimdal/heimdal/issues/790 +https://github.com/heimdal/heimdal/pull/1085 + +From 5b872a635c9c8f04f58e03c43e7953c35e1f66b7 Mon Sep 17 00:00:00 2001 +From: Florian Weimer <fweimer@redhat.com> +Date: Thu, 13 Apr 2023 13:13:59 +0200 +Subject: [PATCH 1/2] cf: Include <string.h> for memset in AC_HAVE_STRUCT_FIELD + +Otherwise, the check relies on an implicit function declaration, +and will fail unconditionally with compilers that do not support +them. +--- a/cf/have-struct-field.m4 ++++ b/cf/have-struct-field.m4 +@@ -7,7 +7,8 @@ dnl AC_HAVE_STRUCT_FIELD(struct, field, headers) + AC_DEFUN([AC_HAVE_STRUCT_FIELD], [ + define(cache_val, translit(ac_cv_type_$1_$2, [A-Z ], [a-z_])) + AC_CACHE_CHECK([for $2 in $1], cache_val,[ +-AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[$3]], ++AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <string.h> ++$3]], + [[$1 x; memset(&x, 0, sizeof(x)); x.$2]])], + [cache_val=yes], + [cache_val=no]) + +From fc6d5b5c7677bb7271361c4bd60ea1bd36d944b9 Mon Sep 17 00:00:00 2001 +From: Florian Weimer <fweimer@redhat.com> +Date: Thu, 13 Apr 2023 13:26:29 +0200 +Subject: [PATCH 2/2] cf: Do not use headers and argument lists in + AC_FIND_FUNC_NO_LIBS2 + +The callers of this macro generally do not supply this information. +Without it, the checks rely on compiler support for implicit function +declarations. It would be possible to supply this information in +the callers. But even then, with the existing macro interface, it +would be necessary to pass eg. null pointers where they trigger +undefined behavior. Therefore, use the same kludge that autoconf +uses to make up prototypes, avoiding those implicit function +declarations. + +The includes/arguments macro parameters are now ignored, but preserved +for interface compatibility. +--- a/cf/find-func-no-libs2.m4 ++++ b/cf/find-func-no-libs2.m4 +@@ -21,7 +21,7 @@ if eval "test \"\$ac_cv_func_$1\" != yes" ; then + *) ac_lib="-l$ac_lib" ;; + esac + LIBS="$6 $ac_lib $5 $ac_save_LIBS" +- AC_LINK_IFELSE([AC_LANG_PROGRAM([[$3]],[[$1($4)]])],[eval "if test -n \"$ac_lib\";then ac_cv_funclib_$1=$ac_lib; else ac_cv_funclib_$1=yes; fi";break]) ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[char $1 (void);]],[[$1()]])],[eval "if test -n \"$ac_lib\";then ac_cv_funclib_$1=$ac_lib; else ac_cv_funclib_$1=yes; fi";break]) + done + eval "ac_cv_funclib_$1=\${ac_cv_funclib_$1-no}" + LIBS="$ac_save_LIBS" + diff --git a/app-crypt/heimdal/heimdal-7.8.0-r2.ebuild b/app-crypt/heimdal/heimdal-7.8.0-r2.ebuild new file mode 100644 index 000000000000..e007ac4d09ef --- /dev/null +++ b/app-crypt/heimdal/heimdal-7.8.0-r2.ebuild @@ -0,0 +1,191 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{9..11} ) +VIRTUALX_REQUIRED="manual" + +inherit autotools db-use multilib-minimal python-any-r1 virtualx flag-o-matic + +MY_P="${P}" +DESCRIPTION="Kerberos 5 implementation from KTH" +HOMEPAGE="https://www.heimdal.software/" +SRC_URI="https://github.com/${PN}/${PN}/releases/download/${P}/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="afs +berkdb caps gdbm hdb-ldap +lmdb otp selinux ssl static-libs test X" +RESTRICT="!test? ( test )" + +# 717740 +REQUIRED_USE="otp? ( berkdb )" + +CDEPEND=" + virtual/libcrypt:=[${MULTILIB_USEDEP}] + ssl? ( + >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] + ) + berkdb? ( >=sys-libs/db-4.8.30-r1:*[${MULTILIB_USEDEP}] ) + gdbm? ( >=sys-libs/gdbm-1.10-r1:=[${MULTILIB_USEDEP}] ) + lmdb? ( dev-db/lmdb:= ) + caps? ( sys-libs/libcap-ng ) + >=dev-db/sqlite-3.8.2[${MULTILIB_USEDEP}] + >=sys-fs/e2fsprogs-1.46.4-r51[${MULTILIB_USEDEP}] + sys-libs/ncurses:0= + >=sys-libs/readline-6.2_p5-r1:0=[${MULTILIB_USEDEP}] + afs? ( net-fs/openafs ) + hdb-ldap? ( >=net-nds/openldap-2.3.0:= ) + X? ( + x11-libs/libX11 + x11-libs/libXau + x11-libs/libXt + ) + !!app-crypt/mit-krb5 + !!app-crypt/mit-krb5-appl" + +DEPEND="${CDEPEND} + ${PYTHON_DEPS} + dev-perl/JSON + virtual/pkgconfig + sys-apps/texinfo + >=sys-devel/autoconf-2.62 + test? ( X? ( ${VIRTUALX_DEPEND} ) )" + +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-kerberos )" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/krb5-types.h + /usr/include/cms_asn1.h + /usr/include/digest_asn1.h + /usr/include/hdb_asn1.h + /usr/include/krb5_asn1.h + /usr/include/pkcs12_asn1.h + /usr/include/pkinit_asn1.h + /usr/include/rfc2459_asn1.h +) + +MULTILIB_CHOST_TOOLS=( + /usr/bin/krb5-config +) + +PATCHES=( + "${FILESDIR}/heimdal_disable-check-iprop.patch" + "${FILESDIR}/heimdal_tinfo.patch" + "${FILESDIR}/heimdal_build-headers-before-use.patch" + "${FILESDIR}/heimdal_fix-db60.patch" + "${FILESDIR}/heimdal-7.8.0-CVE-2022-45142.patch" + "${FILESDIR}/heimdal-7.8.0-configure-clang16.patch" +) + +src_prepare() { + default + eautoreconf +} + +src_configure() { + # QA + append-flags -fno-strict-aliasing + + multilib-minimal_src_configure +} + +multilib_src_configure() { + local myeconfargs=( + --enable-kcm + --disable-osfc2 + --enable-shared + --with-libintl="${EPREFIX}"/usr + --with-readline="${EPREFIX}"/usr + --with-sqlite3="${EPREFIX}"/usr + --libexecdir="${EPREFIX}"/usr/sbin + --enable-pthread-support + --enable-kx509 + --enable-pk-init + --with-ipv6 + $(use_enable afs afs-support) + $(use_enable gdbm ndbm-db) + $(use_enable lmdb mdb-db) + $(use_enable otp) + $(use_enable static-libs static) + $(multilib_native_use_with caps capng) + $(multilib_native_use_with hdb-ldap openldap "${EPREFIX}"/usr) + $(use_with ssl openssl "${EPREFIX}"/usr) + $(multilib_native_use_with X x) + ) + if use berkdb; then + myeconfargs+=( + --with-berkeley-db + --with-berkeley-db-include="$(db_includedir)" + ) + else + myeconfargs+=( + --without-berkeley-db + ) + fi + + CONFIG_SHELL="${BROOT}"/bin/bash ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" +} + +multilib_src_compile() { + if multilib_is_native_abi; then + emake + else + emake -C include + emake -C lib + emake -C kdc + emake -C tools + emake -C tests/plugin + fi +} + +multilib_src_test() { + multilib_is_native_abi && emake -j1 check +} + +multilib_src_install() { + if multilib_is_native_abi; then + INSTALL_CATPAGES="no" emake DESTDIR="${D}" install + else + emake -C include DESTDIR="${D}" install + emake -C lib DESTDIR="${D}" install + emake -C kdc DESTDIR="${D}" install + emake -C tools DESTDIR="${D}" install + emake -C tests/plugin DESTDIR="${D}" install + fi +} + +multilib_src_install_all() { + dodoc ChangeLog* README NEWS TODO + + # client rename + mv "${ED}"/usr/share/man/man1/{,k}su.1 + mv "${ED}"/usr/bin/{,k}su + + newinitd "${FILESDIR}"/heimdal-kdc.initd-r2 heimdal-kdc + newinitd "${FILESDIR}"/heimdal-kadmind.initd-r2 heimdal-kadmind + newinitd "${FILESDIR}"/heimdal-kpasswdd.initd-r2 heimdal-kpasswdd + newinitd "${FILESDIR}"/heimdal-kcm.initd-r1 heimdal-kcm + + newconfd "${FILESDIR}"/heimdal-kdc.confd heimdal-kdc + newconfd "${FILESDIR}"/heimdal-kadmind.confd heimdal-kadmind + newconfd "${FILESDIR}"/heimdal-kpasswdd.confd heimdal-kpasswdd + newconfd "${FILESDIR}"/heimdal-kcm.confd heimdal-kcm + + insinto /etc + newins "${S}"/krb5.conf krb5.conf.example + + if use hdb-ldap; then + insinto /etc/openldap/schema + doins "${S}/lib/hdb/hdb.schema" + fi + + if ! use static-libs ; then + find "${ED}" -name "*.la" -delete || die + fi + + # default database dir + keepdir /var/heimdal +} |