krb5: update to 1.18

package/krb5/Makefile

@@ -4,16 +4,16 @@
 include $(ADK_TOPDIR)/rules.mk
 
 PKG_NAME:=		krb5
-PKG_VERSION:=		1.13.1
+PKG_VERSION:=		1.18
 PKG_RELEASE:=		1
-PKG_HASH:=		4df629fdf97f362cf81edbf38d613b32b492dd88c876cf3aa1c66562f296663e
+PKG_HASH:=		73913934d711dcf9d5f5605803578edb44b9a11786df3c1b2711f4e1752f2c88
 PKG_DESCR:=		kerberos server
 PKG_SECTION:=		app/crypto
 PKG_DEPENDS:=		libkrb5 libncurses keyutils
 PKG_BUILDDEP:=		ncurses bison-host
 PKG_NEEDS:=		threads intl
 PKG_URL:=		http://web.mit.edu/kerberos/
-PKG_SITES:=		http://web.mit.edu/kerberos/dist/krb5/1.13/
+PKG_SITES:=		https://kerberos.org/dist/krb5/1.18/
 PKG_LIBNAME:=		libkrb5
 PKG_OPTS:=		dev noscripts
 PKG_NOPARALLEL:=	1
@@ -25,7 +25,7 @@ PKGSD_KRB5_CLIENT:=	kerberos client tools
 PKGSC_KRB5_CLIENT:=	app/crypto
 PKGSS_KRB5_CLIENT:=	libkrb5 libncurses
 
-DISTFILES:=		${PKG_NAME}-${PKG_VERSION}-signed.tar
+DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
 WRKSRC=			${WRKDIST}/src
 
 include $(ADK_TOPDIR)/mk/package.mk
@@ -36,6 +36,7 @@ $(eval $(call PKG_template,LIBKRB5,libkrb5,$(PKG_VERSION)-${PKG_RELEASE},,${PKGS
 
 CONFIGURE_ARGS+=	--disable-static \
 			--disable-profiled \
+			--disable-pkinit \
 			--without-system-et \
 			--without-system-ss \
 			--without-system-verto \
@@ -46,8 +47,6 @@ CONFIGURE_ENV+=		krb5_cv_attr_constructor_destructor=yes,yes \
 			ac_cv_file__etc_environment=no \
 			ac_cv_file__etc_TIMEZONE=no
 
-post-extract:
-	(cd ${WRKDIR}; tar xzf ${PKG_NAME}-${PKG_VERSION}.tar.gz)
 
 pre-build:
 	# fix nm call in script, we need the GNU version of nm

package/krb5/patches/patch-src_include_k5-thread_h

@@ -1,19 +0,0 @@
---- krb5-1.12.1.orig/src/include/k5-thread.h	2014-01-16 01:44:15.000000000 +0100
-+++ krb5-1.12.1/src/include/k5-thread.h	2014-06-05 20:59:34.000000000 +0200
-@@ -380,14 +380,12 @@ static inline int k5_mutex_finish_init(k
- 
- static inline void k5_mutex_lock(k5_mutex_t *m)
- {
--    int r = k5_os_mutex_lock(m);
--    assert(r == 0);
-+    k5_os_mutex_lock(m);
- }
- 
- static inline void k5_mutex_unlock(k5_mutex_t *m)
- {
--    int r = k5_os_mutex_unlock(m);
--    assert(r == 0);
-+    k5_os_mutex_unlock(m);
- }
- 
- #define k5_mutex_assert_locked(M)       ((void)(M))

package/krb5/patches/patch-src_kadmin_ktutil_ktutil_funcs_c

@@ -1,11 +0,0 @@
---- krb5-1.11.3.orig/src/kadmin/ktutil/ktutil_funcs.c	2013-06-03 23:39:43.000000000 +0200
-+++ krb5-1.11.3/src/kadmin/ktutil/ktutil_funcs.c	2013-10-09 09:54:40.000000000 +0200
-@@ -64,7 +64,7 @@ krb5_error_code ktutil_delete(context, l
-     krb5_kt_list *list;
-     int idx;
- {
--    krb5_kt_list lp, prev;
-+    krb5_kt_list lp, prev = NULL;
-     int i;
- 
-     for (lp = *list, i = 1; lp; prev = lp, lp = lp->next, i++) {

package/krb5/patches/patch-src_lib_crypto_krb_prng_c

@@ -1,13 +0,0 @@
---- krb5-1.11.3.orig/src/lib/crypto/krb/prng.c	2013-06-03 23:39:43.000000000 +0200
-+++ krb5-1.11.3/src/lib/crypto/krb/prng.c	2013-08-14 14:12:20.000000000 +0200
-@@ -138,10 +138,6 @@ krb5_c_random_os_entropy(krb5_context co
-        guaranteed to cause a reseed of some kind if strong is true and
-        we have both /dev/random and /dev/urandom.  We want the strong
-        data included in the reseed so we get it first.*/
--    if (strong) {
--        if (add_entropy_from_device(context, "/dev/random"))
--            *oursuccess = 1;
--    }
-     if (add_entropy_from_device(context, "/dev/urandom"))
-         *oursuccess = 1;
-     return 0;

package/krb5/patches/patch-src_lib_kadm5_alt_prof_c

@@ -1,11 +0,0 @@
---- krb5-1.13.1.orig/src/lib/kadm5/alt_prof.c	2015-02-11 21:16:43.000000000 -0600
-+++ krb5-1.13.1/src/lib/kadm5/alt_prof.c	2015-05-02 15:11:04.883427001 -0500
-@@ -154,7 +154,7 @@ krb5_aprof_get_boolean(krb5_pointer acon
-     krb5_error_code ret;
-     char **values, *valp;
-     int idx;
--    krb5_boolean val;
-+    krb5_boolean val = 0;
- 
-     ret = krb5_aprof_getvals(acontext, hierarchy, &values);
-     if (ret)

package/krb5/patches/patch-src_lib_krad_packet_c

@@ -1,12 +0,0 @@
---- krb5-1.12.1.orig/src/lib/krad/packet.c	2014-01-16 01:44:15.000000000 +0100
-+++ krb5-1.12.1/src/lib/krad/packet.c	2014-02-11 19:01:06.000000000 +0100
-@@ -253,8 +253,8 @@ krad_packet_new_request(krb5_context ctx
- {
-     krb5_error_code retval;
-     krad_packet *pkt;
--    uchar id;
-     size_t attrset_len;
-+    uchar id = NULL;
- 
-     pkt = packet_new();
-     if (pkt == NULL) {

package/krb5/patches/patch-src_lib_krb5_ccache_cc_file_c

@@ -1,20 +0,0 @@
---- krb5-1.13.1.orig/src/lib/krb5/ccache/cc_file.c	2015-02-11 21:16:43.000000000 -0600
-+++ krb5-1.13.1/src/lib/krb5/ccache/cc_file.c	2015-05-02 15:20:59.335427054 -0500
-@@ -401,7 +401,7 @@ read_principal(krb5_context context, krb
- {
-     krb5_error_code ret;
-     struct k5buf buf;
--    size_t maxsize;
-+    size_t maxsize = 0;
- 
-     *princ = NULL;
-     k5_cc_mutex_assert_locked(context, &((fcc_data *)id->data)->lock);
-@@ -1088,7 +1088,7 @@ fcc_next_cred(krb5_context context, krb5
-     krb5_fcc_cursor *fcursor = *cursor;
-     fcc_data *data = id->data;
-     struct k5buf buf;
--    size_t maxsize;
-+    size_t maxsize = 0;
- 
-     memset(creds, 0, sizeof(*creds));
-     k5_cc_mutex_lock(context, &data->lock);

package/krb5/patches/patch-src_lib_rpc_bindresvport_c

@@ -1,10 +0,0 @@
---- krb5-1.13.1.orig/src/lib/rpc/bindresvport.c	2015-02-11 21:16:43.000000000 -0600
-+++ krb5-1.13.1/src/lib/rpc/bindresvport.c	2015-05-02 15:11:04.955427001 -0500
-@@ -39,6 +39,7 @@
- #include <sys/types.h>
- #include <sys/errno.h>
- #include <sys/socket.h>
-+#include <netdb.h>
- #include <netinet/in.h>
- #include <gssrpc/rpc.h>
- #include <errno.h>

package/krb5/patches/patch-src_plugins_preauth_pkinit_pkinit_crypto_openssl_c

@@ -1,11 +0,0 @@
---- krb5-1.13.1.orig/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c	2015-02-11 21:16:43.000000000 -0600
-+++ krb5-1.13.1/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c	2015-05-02 15:39:13.727426998 -0500
-@@ -3593,7 +3593,7 @@ pkinit_open_session(krb5_context context
- {
-     CK_ULONG i, r;
-     unsigned char *cp;
--    size_t label_len;
-+    size_t label_len = 0;
-     CK_ULONG count = 0;
-     CK_SLOT_ID_PTR slotlist;
-     CK_TOKEN_INFO tinfo;

package/krb5/patches/patch-src_util_export-check_pl

@@ -1,11 +0,0 @@
---- krb5-1.11.3.orig/src/util/export-check.pl	2013-06-03 23:39:43.000000000 +0200
-+++ krb5-1.11.3/src/util/export-check.pl	2013-08-22 08:50:25.737585135 +0200
-@@ -38,7 +38,7 @@ if ($#ARGV != 1) {
- my($exfile, $libfile) = @ARGV;
- 
- @missing = ();
--open NM, "nm -Dg --defined-only $libfile |" || die "can't run nm on $libfile: $!";
-+open NM, "@@NM@@ -Dg --defined-only $libfile |" || die "can't run nm on $libfile: $!";
- open EXPORT, "< $exfile" || die "can't read $exfile: $!";
- 
- @export = <EXPORT>;