[gentoo-commits] repo/gentoo:master commit in: app-crypt/mit-krb5/files/, app-crypt/mit-krb5/ - gentoo-commits

From:	Eray Aslan <eras@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: app-crypt/mit-krb5/files/, app-crypt/mit-krb5/
Date:	Tue, 05 Dec 2017 10:00:38
Message-Id:	`1512468013.e6232da235fc02eabf2dc7ee0790a51f5e811e0d.eras@gentoo`

1

commit:     e6232da235fc02eabf2dc7ee0790a51f5e811e0d

2

Author:     Eray Aslan <eras <AT> gentoo <DOT> org>

3

AuthorDate: Tue Dec  5 10:00:13 2017 +0000

4

Commit:     Eray Aslan <eras <AT> gentoo <DOT> org>

5

CommitDate: Tue Dec  5 10:00:13 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e6232da2

7

8

app-crypt/mit-krb5: security bump to 1.15.2-r1.  Bug 639702

9

10

Package-Manager: Portage-2.3.16, Repoman-2.3.6

11

12

 .../files/mit-krb5-1.15.2-fix-pkinit.patch         |  98 ++++++++++++++

13

 app-crypt/mit-krb5/mit-krb5-1.15.2-r1.ebuild       | 149 +++++++++++++++++++++

14

 2 files changed, 247 insertions(+)

15

16

diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.15.2-fix-pkinit.patch b/app-crypt/mit-krb5/files/mit-krb5-1.15.2-fix-pkinit.patch

17

new file mode 100644

18

index 00000000000..4f721d4d961

19

--- /dev/null

20

+++ b/app-crypt/mit-krb5/files/mit-krb5-1.15.2-fix-pkinit.patch

21

@@ -0,0 +1,98 @@

22

+diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c

23

+index 74fffbf321..4b86a6f302 100644

24

+--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c

25

++++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c

26

+@@ -5145,33 +5145,29 @@ crypto_retieve_X509_key_usage(krb5_context context,

27

+     return retval;

28

+ }

29

+

30

+-/*

31

+- * Return a string format of an X509_NAME in buf where

32

+- * size is an in/out parameter.  On input it is the size

33

+- * of the buffer, and on output it is the actual length

34

+- * of the name.

35

+- * If buf is NULL, returns the length req'd to hold name

36

+- */

37

+-static char *

38

+-X509_NAME_oneline_ex(X509_NAME * a,

39

+-                     char *buf,

40

+-                     unsigned int *size,

41

+-                     unsigned long flag)

42

++static krb5_error_code

43

++rfc2253_name(X509_NAME *name, char **str_out)

44

+ {

45

+-    BIO *out = NULL;

46

++    BIO *b = NULL;

47

++    char *str;

48

+

49

+-    out = BIO_new(BIO_s_mem ());

50

+-    if (X509_NAME_print_ex(out, a, 0, flag) > 0) {

51

+-        if (buf != NULL && (*size) >  (unsigned int) BIO_number_written(out)) {

52

+-            memset(buf, 0, *size);

53

+-            BIO_read(out, buf, (int) BIO_number_written(out));

54

+-        }

55

+-        else {

56

+-            *size = BIO_number_written(out);

57

+-        }

58

+-    }

59

+-    BIO_free(out);

60

+-    return (buf);

61

++    *str_out = NULL;

62

++    b = BIO_new(BIO_s_mem());

63

++    if (b == NULL)

64

++        return ENOMEM;

65

++    if (X509_NAME_print_ex(b, name, 0, XN_FLAG_SEP_COMMA_PLUS) < 0)

66

++        goto error;

67

++    str = calloc(BIO_number_written(b) + 1, 1);

68

++    if (str == NULL)

69

++        goto error;

70

++    BIO_read(b, str, BIO_number_written(b));

71

++    BIO_free(b);

72

++    *str_out = str;

73

++    return 0;

74

++

75

++error:

76

++    BIO_free(b);

77

++    return ENOMEM;

78

+ }

79

+

80

+ /*

81

+@@ -5187,8 +5183,6 @@ crypto_cert_get_matching_data(krb5_context context,

82

+     krb5_principal *pkinit_sans =NULL, *upn_sans = NULL;

83

+     struct _pkinit_cert_data *cd = (struct _pkinit_cert_data *)ch;

84

+     unsigned int i, j;

85

+-    char buf[DN_BUF_LEN];

86

+-    unsigned int bufsize = sizeof(buf);

87

+

88

+     if (cd == NULL || cd->magic != CERT_MAGIC)

89

+         return EINVAL;

90

+@@ -5201,23 +5195,14 @@ crypto_cert_get_matching_data(krb5_context context,

91

+

92

+     md->ch = ch;

93

+

94

+-    /* get the subject name (in rfc2253 format) */

95

+-    X509_NAME_oneline_ex(X509_get_subject_name(cd->cred->cert),

96

+-                         buf, &bufsize, XN_FLAG_SEP_COMMA_PLUS);

97

+-    md->subject_dn = strdup(buf);

98

+-    if (md->subject_dn == NULL) {

99

+-        retval = ENOMEM;

100

++    retval = rfc2253_name(X509_get_subject_name(cd->cred->cert),

101

++                          &md->subject_dn);

102

++    if (retval)

103

+         goto cleanup;

104

+-    }

105

+-

106

+-    /* get the issuer name (in rfc2253 format) */

107

+-    X509_NAME_oneline_ex(X509_get_issuer_name(cd->cred->cert),

108

+-                         buf, &bufsize, XN_FLAG_SEP_COMMA_PLUS);

109

+-    md->issuer_dn = strdup(buf);

110

+-    if (md->issuer_dn == NULL) {

111

+-        retval = ENOMEM;

112

++    retval = rfc2253_name(X509_get_issuer_name(cd->cred->cert),

113

++                          &md->issuer_dn);

114

++    if (retval)

115

+         goto cleanup;

116

+-    }

117

+

118

+     /* get the san data */

119

+     retval = crypto_retrieve_X509_sans(context, cd->plgctx, cd->reqctx,

120

121

diff --git a/app-crypt/mit-krb5/mit-krb5-1.15.2-r1.ebuild b/app-crypt/mit-krb5/mit-krb5-1.15.2-r1.ebuild

122

new file mode 100644

123

index 00000000000..1f9cfda9466

124

--- /dev/null

125

+++ b/app-crypt/mit-krb5/mit-krb5-1.15.2-r1.ebuild

126

@@ -0,0 +1,149 @@

127

+# Copyright 1999-2017 Gentoo Foundation

128

+# Distributed under the terms of the GNU General Public License v2

129

+

130

+EAPI=6

131

+

132

+PYTHON_COMPAT=( python2_7 )

133

+inherit autotools flag-o-matic multilib-minimal python-any-r1 versionator

134

+

135

+MY_P="${P/mit-}"

136

+P_DIR=$(get_version_component_range 1-2)

137

+DESCRIPTION="MIT Kerberos V"

138

+HOMEPAGE="http://web.mit.edu/kerberos/www/"

139

+SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}.tar.gz"

140

+

141

+LICENSE="openafs-krb5-a BSD MIT OPENLDAP BSD-2 HPND BSD-4 ISC RSA CC-BY-SA-3.0 || ( BSD-2 GPL-2+ )"

142

+SLOT="0"

143

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"

144

+IUSE="doc +keyutils libressl nls openldap +pkinit selinux +threads test xinetd"

145

+

146

+CDEPEND="

147

+	!!app-crypt/heimdal

148

+	>=sys-libs/e2fsprogs-libs-1.42.9[${MULTILIB_USEDEP}]

149

+	|| (

150

+		>=dev-libs/libverto-0.2.5[libev,${MULTILIB_USEDEP}]

151

+		>=dev-libs/libverto-0.2.5[libevent,${MULTILIB_USEDEP}]

152

+		>=dev-libs/libverto-0.2.5[tevent,${MULTILIB_USEDEP}]

153

+	)

154

+	keyutils? ( >=sys-apps/keyutils-1.5.8[${MULTILIB_USEDEP}] )

155

+	openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )

156

+	pkinit? (

157

+		!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )

158

+		libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )

159

+	)

160

+	xinetd? ( sys-apps/xinetd )

161

+	abi_x86_32? (

162

+		!<=app-emulation/emul-linux-x86-baselibs-20140508-r1

163

+		!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]

164

+	)"

165

+DEPEND="${CDEPEND}

166

+	${PYTHON_DEPS}

167

+	virtual/yacc

168

+	doc? ( virtual/latex-base )

169

+	test? (

170

+		${PYTHON_DEPS}

171

+		dev-lang/tcl:0

172

+		dev-util/dejagnu

173

+	)"

174

+RDEPEND="${CDEPEND}

175

+	selinux? ( sec-policy/selinux-kerberos )"

176

+

177

+S=${WORKDIR}/${MY_P}/src

178

+

179

+MULTILIB_CHOST_TOOLS=(

180

+	/usr/bin/krb5-config

181

+)

182

+

183

+src_prepare() {

184

+	eapply "${FILESDIR}/${PN}-1.12_warn_cflags.patch"

185

+	eapply -p2 "${FILESDIR}/${PN}-config_LDFLAGS.patch"

186

+	eapply -p0 "${FILESDIR}/${PN}-1.14.2-redeclared-ttyname.patch"

187

+	eapply "${FILESDIR}/${PN}-1.14.4-disable-nls.patch"

188

+	eapply -p2 "${FILESDIR}/${PN}-1.15.2-fix-pkinit.patch"

189

+

190

+	# Make sure we always use the system copies.

191

+	rm -rf util/{et,ss,verto}

192

+	sed -i 's:^[[:space:]]*util/verto$::' configure.in || die

193

+

194

+	eapply_user

195

+	eautoreconf

196

+}

197

+

198

+src_configure() {

199

+	# QA

200

+	append-flags -fno-strict-aliasing

201

+	append-flags -fno-strict-overflow

202

+

203

+	multilib-minimal_src_configure

204

+}

205

+

206

+multilib_src_configure() {

207

+	use keyutils || export ac_cv_header_keyutils_h=no

208

+	ECONF_SOURCE=${S} \

209

+	WARN_CFLAGS="set" \

210

+	econf \

211

+		$(use_with openldap ldap) \

212

+		"$(multilib_native_use_with test tcl "${EPREFIX}/usr")" \

213

+		$(use_enable nls) \

214

+		$(use_enable pkinit) \

215

+		$(use_enable threads thread-support) \

216

+		--without-hesiod \

217

+		--enable-shared \

218

+		--with-system-et \

219

+		--with-system-ss \

220

+		--enable-dns-for-realm \

221

+		--enable-kdc-lookaside-cache \

222

+		--with-system-verto \

223

+		--disable-rpath

224

+}

225

+

226

+multilib_src_compile() {

227

+	emake -j1

228

+}

229

+

230

+multilib_src_test() {

231

+	multilib_is_native_abi && emake -j1 check

232

+}

233

+

234

+multilib_src_install() {

235

+	emake \

236

+		DESTDIR="${D}" \

237

+		EXAMPLEDIR="${EPREFIX}/usr/share/doc/${PF}/examples" \

238

+		install

239

+}

240

+

241

+multilib_src_install_all() {

242

+	# default database dir

243

+	keepdir /var/lib/krb5kdc

244

+

245

+	cd ..

246

+	dodoc README

247

+

248

+	if use doc; then

249

+		dodoc -r doc/html

250

+		docinto pdf

251

+		dodoc doc/pdf/*.pdf

252

+	fi

253

+

254

+	newinitd "${FILESDIR}"/mit-krb5kadmind.initd-r2 mit-krb5kadmind

255

+	newinitd "${FILESDIR}"/mit-krb5kdc.initd-r2 mit-krb5kdc

256

+	newinitd "${FILESDIR}"/mit-krb5kpropd.initd-r2 mit-krb5kpropd

257

+	newconfd "${FILESDIR}"/mit-krb5kadmind.confd mit-krb5kadmind

258

+	newconfd "${FILESDIR}"/mit-krb5kdc.confd mit-krb5kdc

259

+	newconfd "${FILESDIR}"/mit-krb5kpropd.confd mit-krb5kpropd

260

+

261

+	insinto /etc

262

+	newins "${ED}/usr/share/doc/${PF}/examples/krb5.conf" krb5.conf.example

263

+	insinto /var/lib/krb5kdc

264

+	newins "${ED}/usr/share/doc/${PF}/examples/kdc.conf" kdc.conf.example

265

+

266

+	if use openldap ; then

267

+		insinto /etc/openldap/schema

268

+		doins "${S}/plugins/kdb/ldap/libkdb_ldap/kerberos.schema"

269

+	fi

270

+

271

+	if use xinetd ; then

272

+		insinto /etc/xinetd.d

273

+		newins "${FILESDIR}/kpropd.xinetd" kpropd

274

+	fi

275

+}

1	commit: e6232da235fc02eabf2dc7ee0790a51f5e811e0d
2	Author: Eray Aslan <eras <AT> gentoo <DOT> org>
3	AuthorDate: Tue Dec 5 10:00:13 2017 +0000
4	Commit: Eray Aslan <eras <AT> gentoo <DOT> org>
5	CommitDate: Tue Dec 5 10:00:13 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e6232da2
7
8	app-crypt/mit-krb5: security bump to 1.15.2-r1. Bug 639702
9
10	Package-Manager: Portage-2.3.16, Repoman-2.3.6
11
12	.../files/mit-krb5-1.15.2-fix-pkinit.patch \| 98 ++++++++++++++
13	app-crypt/mit-krb5/mit-krb5-1.15.2-r1.ebuild \| 149 +++++++++++++++++++++
14	2 files changed, 247 insertions(+)
15
16	diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.15.2-fix-pkinit.patch b/app-crypt/mit-krb5/files/mit-krb5-1.15.2-fix-pkinit.patch
17	new file mode 100644
18	index 00000000000..4f721d4d961
19	--- /dev/null
20	+++ b/app-crypt/mit-krb5/files/mit-krb5-1.15.2-fix-pkinit.patch
21	@@ -0,0 +1,98 @@
22	+diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
23	+index 74fffbf321..4b86a6f302 100644
24	+--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
25	++++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
26	+@@ -5145,33 +5145,29 @@ crypto_retieve_X509_key_usage(krb5_context context,
27	+ return retval;
28	+ }
29	+
30	+-/*
31	+- * Return a string format of an X509_NAME in buf where
32	+- * size is an in/out parameter. On input it is the size
33	+- * of the buffer, and on output it is the actual length
34	+- * of the name.
35	+- * If buf is NULL, returns the length req'd to hold name
36	+- */
37	+-static char *
38	+-X509_NAME_oneline_ex(X509_NAME * a,
39	+- char *buf,
40	+- unsigned int *size,
41	+- unsigned long flag)
42	++static krb5_error_code
43	++rfc2253_name(X509_NAME name, char *str_out)
44	+ {
45	+- BIO *out = NULL;
46	++ BIO *b = NULL;
47	++ char *str;
48	+
49	+- out = BIO_new(BIO_s_mem ());
50	+- if (X509_NAME_print_ex(out, a, 0, flag) > 0) {
51	+- if (buf != NULL && (*size) > (unsigned int) BIO_number_written(out)) {
52	+- memset(buf, 0, *size);
53	+- BIO_read(out, buf, (int) BIO_number_written(out));
54	+- }
55	+- else {
56	+- *size = BIO_number_written(out);
57	+- }
58	+- }
59	+- BIO_free(out);
60	+- return (buf);
61	++ *str_out = NULL;
62	++ b = BIO_new(BIO_s_mem());
63	++ if (b == NULL)
64	++ return ENOMEM;
65	++ if (X509_NAME_print_ex(b, name, 0, XN_FLAG_SEP_COMMA_PLUS) < 0)
66	++ goto error;
67	++ str = calloc(BIO_number_written(b) + 1, 1);
68	++ if (str == NULL)
69	++ goto error;
70	++ BIO_read(b, str, BIO_number_written(b));
71	++ BIO_free(b);
72	++ *str_out = str;
73	++ return 0;
74	++
75	++error:
76	++ BIO_free(b);
77	++ return ENOMEM;
78	+ }
79	+
80	+ /*
81	+@@ -5187,8 +5183,6 @@ crypto_cert_get_matching_data(krb5_context context,
82	+ krb5_principal pkinit_sans =NULL, upn_sans = NULL;
83	+ struct _pkinit_cert_data cd = (struct _pkinit_cert_data )ch;
84	+ unsigned int i, j;
85	+- char buf[DN_BUF_LEN];
86	+- unsigned int bufsize = sizeof(buf);
87	+
88	+ if (cd == NULL \|\| cd->magic != CERT_MAGIC)
89	+ return EINVAL;
90	+@@ -5201,23 +5195,14 @@ crypto_cert_get_matching_data(krb5_context context,
91	+
92	+ md->ch = ch;
93	+
94	+- /* get the subject name (in rfc2253 format) */
95	+- X509_NAME_oneline_ex(X509_get_subject_name(cd->cred->cert),
96	+- buf, &bufsize, XN_FLAG_SEP_COMMA_PLUS);
97	+- md->subject_dn = strdup(buf);
98	+- if (md->subject_dn == NULL) {
99	+- retval = ENOMEM;
100	++ retval = rfc2253_name(X509_get_subject_name(cd->cred->cert),
101	++ &md->subject_dn);
102	++ if (retval)
103	+ goto cleanup;
104	+- }
105	+-
106	+- /* get the issuer name (in rfc2253 format) */
107	+- X509_NAME_oneline_ex(X509_get_issuer_name(cd->cred->cert),
108	+- buf, &bufsize, XN_FLAG_SEP_COMMA_PLUS);
109	+- md->issuer_dn = strdup(buf);
110	+- if (md->issuer_dn == NULL) {
111	+- retval = ENOMEM;
112	++ retval = rfc2253_name(X509_get_issuer_name(cd->cred->cert),
113	++ &md->issuer_dn);
114	++ if (retval)
115	+ goto cleanup;
116	+- }
117	+
118	+ /* get the san data */
119	+ retval = crypto_retrieve_X509_sans(context, cd->plgctx, cd->reqctx,
120
121	diff --git a/app-crypt/mit-krb5/mit-krb5-1.15.2-r1.ebuild b/app-crypt/mit-krb5/mit-krb5-1.15.2-r1.ebuild
122	new file mode 100644
123	index 00000000000..1f9cfda9466
124	--- /dev/null
125	+++ b/app-crypt/mit-krb5/mit-krb5-1.15.2-r1.ebuild
126	@@ -0,0 +1,149 @@
127	+# Copyright 1999-2017 Gentoo Foundation
128	+# Distributed under the terms of the GNU General Public License v2
129	+
130	+EAPI=6
131	+
132	+PYTHON_COMPAT=( python2_7 )
133	+inherit autotools flag-o-matic multilib-minimal python-any-r1 versionator
134	+
135	+MY_P="${P/mit-}"
136	+P_DIR=$(get_version_component_range 1-2)
137	+DESCRIPTION="MIT Kerberos V"
138	+HOMEPAGE="http://web.mit.edu/kerberos/www/"
139	+SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}.tar.gz"
140	+
141	+LICENSE="openafs-krb5-a BSD MIT OPENLDAP BSD-2 HPND BSD-4 ISC RSA CC-BY-SA-3.0 \|\| ( BSD-2 GPL-2+ )"
142	+SLOT="0"
143	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
144	+IUSE="doc +keyutils libressl nls openldap +pkinit selinux +threads test xinetd"
145	+
146	+CDEPEND="
147	+ !!app-crypt/heimdal
148	+ >=sys-libs/e2fsprogs-libs-1.42.9[${MULTILIB_USEDEP}]
149	+ \|\| (
150	+ >=dev-libs/libverto-0.2.5[libev,${MULTILIB_USEDEP}]
151	+ >=dev-libs/libverto-0.2.5[libevent,${MULTILIB_USEDEP}]
152	+ >=dev-libs/libverto-0.2.5[tevent,${MULTILIB_USEDEP}]
153	+ )
154	+ keyutils? ( >=sys-apps/keyutils-1.5.8[${MULTILIB_USEDEP}] )
155	+ openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )
156	+ pkinit? (
157	+ !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
158	+ libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
159	+ )
160	+ xinetd? ( sys-apps/xinetd )
161	+ abi_x86_32? (
162	+ !<=app-emulation/emul-linux-x86-baselibs-20140508-r1
163	+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
164	+ )"
165	+DEPEND="${CDEPEND}
166	+ ${PYTHON_DEPS}
167	+ virtual/yacc
168	+ doc? ( virtual/latex-base )
169	+ test? (
170	+ ${PYTHON_DEPS}
171	+ dev-lang/tcl:0
172	+ dev-util/dejagnu
173	+ )"
174	+RDEPEND="${CDEPEND}
175	+ selinux? ( sec-policy/selinux-kerberos )"
176	+
177	+S=${WORKDIR}/${MY_P}/src
178	+
179	+MULTILIB_CHOST_TOOLS=(
180	+ /usr/bin/krb5-config
181	+)
182	+
183	+src_prepare() {
184	+ eapply "${FILESDIR}/${PN}-1.12_warn_cflags.patch"
185	+ eapply -p2 "${FILESDIR}/${PN}-config_LDFLAGS.patch"
186	+ eapply -p0 "${FILESDIR}/${PN}-1.14.2-redeclared-ttyname.patch"
187	+ eapply "${FILESDIR}/${PN}-1.14.4-disable-nls.patch"
188	+ eapply -p2 "${FILESDIR}/${PN}-1.15.2-fix-pkinit.patch"
189	+
190	+ # Make sure we always use the system copies.
191	+ rm -rf util/{et,ss,verto}
192	+ sed -i 's:^[[:space:]]*util/verto$::' configure.in \|\| die
193	+
194	+ eapply_user
195	+ eautoreconf
196	+}
197	+
198	+src_configure() {
199	+ # QA
200	+ append-flags -fno-strict-aliasing
201	+ append-flags -fno-strict-overflow
202	+
203	+ multilib-minimal_src_configure
204	+}
205	+
206	+multilib_src_configure() {
207	+ use keyutils \|\| export ac_cv_header_keyutils_h=no
208	+ ECONF_SOURCE=${S} \
209	+ WARN_CFLAGS="set" \
210	+ econf \
211	+ $(use_with openldap ldap) \
212	+ "$(multilib_native_use_with test tcl "${EPREFIX}/usr")" \
213	+ $(use_enable nls) \
214	+ $(use_enable pkinit) \
215	+ $(use_enable threads thread-support) \
216	+ --without-hesiod \
217	+ --enable-shared \
218	+ --with-system-et \
219	+ --with-system-ss \
220	+ --enable-dns-for-realm \
221	+ --enable-kdc-lookaside-cache \
222	+ --with-system-verto \
223	+ --disable-rpath
224	+}
225	+
226	+multilib_src_compile() {
227	+ emake -j1
228	+}
229	+
230	+multilib_src_test() {
231	+ multilib_is_native_abi && emake -j1 check
232	+}
233	+
234	+multilib_src_install() {
235	+ emake \
236	+ DESTDIR="${D}" \
237	+ EXAMPLEDIR="${EPREFIX}/usr/share/doc/${PF}/examples" \
238	+ install
239	+}
240	+
241	+multilib_src_install_all() {
242	+ # default database dir
243	+ keepdir /var/lib/krb5kdc
244	+
245	+ cd ..
246	+ dodoc README
247	+
248	+ if use doc; then
249	+ dodoc -r doc/html
250	+ docinto pdf
251	+ dodoc doc/pdf/*.pdf
252	+ fi
253	+
254	+ newinitd "${FILESDIR}"/mit-krb5kadmind.initd-r2 mit-krb5kadmind
255	+ newinitd "${FILESDIR}"/mit-krb5kdc.initd-r2 mit-krb5kdc
256	+ newinitd "${FILESDIR}"/mit-krb5kpropd.initd-r2 mit-krb5kpropd
257	+ newconfd "${FILESDIR}"/mit-krb5kadmind.confd mit-krb5kadmind
258	+ newconfd "${FILESDIR}"/mit-krb5kdc.confd mit-krb5kdc
259	+ newconfd "${FILESDIR}"/mit-krb5kpropd.confd mit-krb5kpropd
260	+
261	+ insinto /etc
262	+ newins "${ED}/usr/share/doc/${PF}/examples/krb5.conf" krb5.conf.example
263	+ insinto /var/lib/krb5kdc
264	+ newins "${ED}/usr/share/doc/${PF}/examples/kdc.conf" kdc.conf.example
265	+
266	+ if use openldap ; then
267	+ insinto /etc/openldap/schema
268	+ doins "${S}/plugins/kdb/ldap/libkdb_ldap/kerberos.schema"
269	+ fi
270	+
271	+ if use xinetd ; then
272	+ insinto /etc/xinetd.d
273	+ newins "${FILESDIR}/kpropd.xinetd" kpropd
274	+ fi
275	+}

Gentoo Archives: gentoo-commits