[BACK]Return to Makefile CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / pkgsrc / security / mit-krb5

File: [cvs.NetBSD.org] / pkgsrc / security / mit-krb5 / Makefile (download)

Revision 1.14.2.1, Thu Dec 23 04:22:12 2004 UTC (14 years, 11 months ago) by snj
Branch: pkgsrc-2004Q4
Changes since 1.14: +13 -27 lines

Pullup ticket 182 - requested by Johnny C. Lam
security fix for mit-krb5

Module Name:    pkgsrc
Committed By:   jlam
Date:           Thu Dec 23 04:02:39 UTC 2004

Modified Files:
        pkgsrc/security/mit-krb5: Makefile distinfo

Log Message:
Update security/mit-krb5 to 1.3.6.

        NOTE: THIS IS A SECURITY UPDATE.

Changes from version 1.3.4 include:

* [2841] Fix heap buffer overflow in password history
  mechanism. [MITKRB5-SA-2004-004]

* [2682] Fix ftpd hang caused by empty PASS command.

* [2686] Fix double-free errors. [MITKRB5-SA-2004-002]

* [2687] Fix denial-of-service vulnerability in ASN.1
  decoder. [MITKRB5-SA-2004-003]

# $NetBSD: Makefile,v 1.14.2.1 2004/12/23 04:22:12 snj Exp $

DISTNAME=	krb5-1.3.6
PKGNAME=	mit-${DISTNAME:S/-signed$//}
CATEGORIES=	security
MASTER_SITES=	http://web.mit.edu/kerberos/dist/krb5/1.3/
DISTFILES=	${DISTNAME}-signed${EXTRACT_SUFX}
EXTRACT_SUFX=	.tar

MAINTAINER=	jlam@NetBSD.org
HOMEPAGE=	http://web.mit.edu/kerberos/www/
COMMENT=	MIT Kerberos 5 authentication system

RESTRICTED=	"Redistribution is restricted by U.S. export regulations"

WRKSRC=		${WRKDIR}/${DISTNAME}/src

.include "../../mk/bsd.prefs.mk"

CONFLICTS+=	heimdal-[0-9]*
CONFLICTS+=	kth-krb4-[0-9]*

.if !exists(/usr/bin/yacc)
BUILD_DEPENDS+=		bison-[0-9]*:../../devel/bison
YACC=			${LOCALBASE}/bin/bison -y
.endif

USE_BUILDLINK3=		yes
GNU_CONFIGURE=		yes
USE_LIBTOOL=		yes

# The actual KDC databases are stored in ${MIT_KRB5_STATEDIR}/krb5kdc.
MIT_KRB5_STATEDIR?=	${VARBASE}
FILES_SUBST+=		MIT_KRB5_STATEDIR=${MIT_KRB5_STATEDIR}

CONFIGURE_ARGS+=	--localstatedir=${MIT_KRB5_STATEDIR}
CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFDIR}
CONFIGURE_ARGS+=	--enable-shared
CONFIGURE_ARGS+=	--enable-pkgsrc-libtool
CONFIGURE_ARGS+=	--enable-dns
CONFIGURE_ARGS+=	--enable-kdc-replay-cache
CONFIGURE_ARGS+=	--without-krb4
CONFIGURE_ARGS+=	--without-tcl
MAKE_ENV+=		ROOT_USER=${ROOT_USER}

# XXX Force using the BSD utmp interface on NetBSD until the configure
# XXX scripts can be taught how to properly detect our utmpx
# XXX implementation.
#
.if ${OPSYS} == "NetBSD"
CONFIGURE_ENV+=		ac_cv_func_setutent=no
.endif

.if defined(KERBEROS_PREFIX_CMDS) && !empty(KERBEROS_PREFIX_CMDS:M[yY][eE][sS])
PKG_DEFAULT_OPTIONS+=	prefix-cmds
.endif

PKG_OPTIONS_VAR=	PKG_OPTIONS.mit-krb5
PKG_SUPPORTED_OPTIONS=	prefix-cmds
.include "../../mk/bsd.options.mk"

# Rename some of MIT krb5's applications so they won't conflict with
# other packages.
#
.if !empty(PKG_OPTIONS:Mprefix-cmds)
KRB5_PREFIX=		k
MIT_KRB5_TRANSFORM=	s/^ftp/${KRB5_PREFIX}&/;			\
			s/^rcp/${KRB5_PREFIX}&/;			\
			s/^rlogin/${KRB5_PREFIX}&/;			\
			s/^rsh/${KRB5_PREFIX}&/;			\
			s/^telnet/${KRB5_PREFIX}&/
.else
KRB5_PREFIX=		# empty
MIT_KRB5_TRANSFORM=	s/^ftp/k&/
.endif
PLIST_SUBST+=		KRB5_PREFIX=${KRB5_PREFIX}
CONFIGURE_ARGS+=	--program-transform-name="${MIT_KRB5_TRANSFORM}"

# Fix some places in the MIT krb5 sources that don't point to the correct
# Kerberized binaries when exec'ing programs.
#
SUBST_CLASSES+=		mit-krb5
SUBST_STAGE.mit-krb5=	pre-configure
SUBST_FILES.mit-krb5=	include/krb5/stock/osconf.h
SUBST_SED.mit-krb5=	-e "/KRB5_PATH_RLOGIN/s,/rlogin,/${KRB5_PREFIX}rlogin,g"

INFO_FILES=	krb425.info krb5-admin.info krb5-install.info krb5-user.info

USE_PKGINSTALL=		yes
OWN_DIRS_PERMS=		${MIT_KRB5_STATEDIR}/krb5kdc			\
			${ROOT_USER} ${ROOT_GROUP} 0700
RCD_SCRIPTS=		kadmind kdc

INSTALLATION_DIRS=	bin info lib sbin

# The MIT krb5 distribution is actually a tar file that contains the
# real .tar.gz distfile and a PGP signature.
#
post-extract:
	@extract_file="${WRKDIR}/${DISTNAME}.tar.gz";			\
	cd ${WRKDIR} && ${EXTRACT_CMD}

pre-configure:
	@cd ${WRKSRC}; ${FIND} . -name configure -print |		\
	${XARGS} -n 1 ${DIRNAME} |					\
	while read dir; do						\
		 ${ECHO} "=> Generating configure in $$dir";		\
		 (cd $$dir && ${AUTOCONF} -I ${WRKSRC} -f);		\
	done

post-install:
	cd ${WRKSRC}/../doc; for info in ${INFO_FILES}; do		\
		${INSTALL_MAN} $$info ${PREFIX}/${INFO_DIR} ;		\
		for file in $$info-[0-9]*; do				\
			if [ -f "$$file" ]; then			\
				${INSTALL_MAN} $$file ${PREFIX}/${INFO_DIR}; \
			fi;						\
		done;							\
	done

.include "../../mk/autoconf.mk"
.include "../../mk/bsd.pkg.mk"