ff45a00e79
* gnu/packages/patches/mit-krb5-CVE-2015-2695-pt1.patch, gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch, gnu/packages/patches/mit-krb5-CVE-2015-2696.patch, gnu/packages/patches/mit-krb5-CVE-2015-2697.patch, gnu/packages/patches/mit-krb5-CVE-2015-2698-pt1.patch, gnu/packages/patches/mit-krb5-CVE-2015-2698-pt2.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/mit-krb5.scm (mit-krb5)[native-inputs]: Add patches.
119 lines
4.8 KiB
Scheme
119 lines
4.8 KiB
Scheme
;;; GNU Guix --- Functional package management for GNU
|
|
;;; Copyright © 2012, 2013 Andreas Enge <andreas@enge.fr>
|
|
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
|
|
;;;
|
|
;;; This file is part of GNU Guix.
|
|
;;;
|
|
;;; GNU Guix is free software; you can redistribute it and/or modify it
|
|
;;; under the terms of the GNU General Public License as published by
|
|
;;; the Free Software Foundation; either version 3 of the License, or (at
|
|
;;; your option) any later version.
|
|
;;;
|
|
;;; GNU Guix is distributed in the hope that it will be useful, but
|
|
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
;;; GNU General Public License for more details.
|
|
;;;
|
|
;;; You should have received a copy of the GNU General Public License
|
|
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
(define-module (gnu packages mit-krb5)
|
|
#:use-module (gnu packages)
|
|
#:use-module (gnu packages bison)
|
|
#:use-module (gnu packages perl)
|
|
#:use-module (gnu packages gcc)
|
|
#:use-module (guix licenses)
|
|
#:use-module (guix packages)
|
|
#:use-module (guix download)
|
|
#:use-module (guix utils)
|
|
#:use-module (guix build-system gnu))
|
|
|
|
(define-public mit-krb5
|
|
(package
|
|
(name "mit-krb5")
|
|
(version "1.13.2")
|
|
(source (origin
|
|
(method url-fetch)
|
|
(uri (string-append "http://web.mit.edu/kerberos/www/dist/krb5/"
|
|
(version-major+minor version)
|
|
"/krb5-" version "-signed.tar"))
|
|
(sha256 (base32
|
|
"1qbdzyrws7d0q4filsibh28z54pd5l987jr0ygv43iq9085w6a75"))))
|
|
(build-system gnu-build-system)
|
|
(native-inputs
|
|
`(("bison" ,bison)
|
|
("perl" ,perl)
|
|
|
|
;; Include the patches as native-inputs.
|
|
,@(map (lambda (label)
|
|
(let ((input-name (string-append "patch/" label))
|
|
(file-name (string-append name "-" label ".patch")))
|
|
`(,input-name ,(search-patch file-name))))
|
|
'("CVE-2015-2695-pt1"
|
|
"CVE-2015-2695-pt2"
|
|
"CVE-2015-2696"
|
|
"CVE-2015-2697"
|
|
"CVE-2015-2698-pt1"
|
|
"CVE-2015-2698-pt2"))))
|
|
(arguments
|
|
`(#:modules ((ice-9 ftw)
|
|
(ice-9 match)
|
|
(srfi srfi-1)
|
|
,@%gnu-build-system-modules)
|
|
#:phases
|
|
(modify-phases %standard-phases
|
|
(replace 'unpack
|
|
(lambda* (#:key source #:allow-other-keys)
|
|
(define (sub-directory? name)
|
|
(and (not (member name '("." "..")))
|
|
(equal? (stat:type (stat name))
|
|
'directory)))
|
|
(and (zero? (system* "tar" "xvf" source))
|
|
(match (find-files "." "\\.tar\\.gz$")
|
|
((inner-tar-file)
|
|
(zero? (system* "tar" "xvf" inner-tar-file))))
|
|
(match (scandir "." sub-directory?)
|
|
((directory)
|
|
(chdir directory)
|
|
#t)))))
|
|
|
|
(add-after 'unpack 'apply-patches
|
|
(lambda* (#:key inputs native-inputs #:allow-other-keys)
|
|
(let ((patches (filter (match-lambda
|
|
((name . file)
|
|
(string-prefix? "patch/" name)))
|
|
(or native-inputs inputs))))
|
|
(every (match-lambda
|
|
((name . file)
|
|
(format (current-error-port)
|
|
"applying '~a'...~%" name)
|
|
(zero? (system* "patch" "-p1" "--force" "-i" file))))
|
|
patches))))
|
|
|
|
(add-after 'apply-patches 'enter-source-directory
|
|
(lambda _
|
|
(chdir "src")
|
|
#t))
|
|
|
|
(add-before 'check 'pre-check
|
|
(lambda* (#:key inputs #:allow-other-keys)
|
|
(let ((perl (assoc-ref inputs "perl")))
|
|
(substitute* "plugins/kdb/db2/libdb2/test/run.test"
|
|
(("/bin/cat") (string-append perl "/bin/perl"))
|
|
(("D/bin/sh") (string-append "D" (which "bash")))
|
|
(("bindir=/bin/.") (string-append "bindir=" perl "/bin"))))
|
|
|
|
;; avoid service names since /etc/services is unavailable
|
|
(substitute* "tests/resolve/Makefile"
|
|
(("-p telnet") "-p 23"))
|
|
#t)))))
|
|
(synopsis "MIT Kerberos 5")
|
|
(description
|
|
"Massachusetts Institute of Technology implementation of Kerberos.
|
|
Kerberos is a network authentication protocol designed to provide strong
|
|
authentication for client/server applications by using secret-key
|
|
cryptography.")
|
|
(license (non-copyleft "file://NOTICE"
|
|
"See NOTICE in the distribution."))
|
|
(home-page "http://web.mit.edu/kerberos/")))
|