GNU bug report logs - #62760
[PATCH 0/3] Two serious vulnerabilities in Heimdal Kerberos

Previous Next

Package: guix-patches;

Reported by: Felix Lechner <felix.lechner <at> lease-up.com>

Date: Mon, 10 Apr 2023 19:51:02 UTC

Severity: normal

Tags: patch

Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

Message #14 received at 62760 <at> debbugs.gnu.org (full text, mbox):

From: Felix Lechner <felix.lechner <at> lease-up.com>
To: 62760 <at> debbugs.gnu.org
Cc: Felix Lechner <felix.lechner <at> lease-up.com>
Subject: [PATCH 3/3] gnu: heimdal: Enable OpenLDAP support;
 converge inputs toward Debian packaging.
Date: Mon, 10 Apr 2023 12:52:26 -0700

This commit took several cues for the inputs from the Debian packaging for
Heimdal. [1]

First, it was not clear why the alternative implementation mit-krb5 should be
supplied as an input to Heimdal. It was dropped.

The other inputs were added to address detection attempts in ./configure that
failed. They were evident from the build log.

Also enables support for the OpenLDAP backend for the principals database.

[1] https://tracker.debian.org/media/packages/h/heimdal/control-7.8.git20221117.28daf24dfsg-2

* gnu/packages/kerberos.scm (darktable)[inputs, native-inputs]: Enable
OpenLDAP; converge inputs toward Debian packaging.
---
 gnu/packages/kerberos.scm | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
index 0faf879e35..c9c86f9541 100644
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@@ -30,10 +30,12 @@
 
 (define-module (gnu packages kerberos)
   #:use-module (gnu packages)
+  #:use-module (gnu packages admin)
   #:use-module (gnu packages autotools)
   #:use-module (gnu packages bash)
   #:use-module (gnu packages bison)
   #:use-module (gnu packages dbm)
+  #:use-module (gnu packages flex)
   #:use-module (gnu packages perl)
   #:use-module (gnu packages python)
   #:use-module (gnu packages gettext)
@@ -41,6 +43,7 @@ (define-module (gnu packages kerberos)
   #:use-module (gnu packages libidn)
   #:use-module (gnu packages hurd)
   #:use-module (gnu packages linux)
+  #:use-module (gnu packages openldap)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages compression)
   #:use-module (gnu packages readline)
@@ -249,16 +252,22 @@ (define-public heimdal
                           (format #t "#!~a~%exit 1~%" (which "sh")))))))
        ;; Tests fail when run in parallel.
        #:parallel-tests? #f))
-    (native-inputs (list e2fsprogs ;for 'compile_et'
+    (native-inputs (list bison
+                         e2fsprogs ;for 'compile_et'
+                         flex
+                         libcap-ng
                          texinfo
                          unzip ;for tests
+                         openldap
                          perl
+                         pkg-config
                          python))
     (inputs (list readline
                   bash-minimal
                   bdb
                   e2fsprogs ;for libcom_err
-                  mit-krb5
+                  libcap-ng
+                  openldap
                   sqlite))
     (home-page "http://www.h5l.org/")
     (synopsis "Kerberos 5 network authentication")
-- 
2.39.2
This bug report was last modified 2 years and 102 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.