net-nds/gssproxy: add 0.9.2

Signed-off-by: Sam James <sam@gentoo.org>

4 files changed, 176 insertions, 0 deletions

diff --git a/net-nds/gssproxy/Manifest b/net-nds/gssproxy/Manifest
index 6fc2a26a1c4b..5bbb2130220d 100644
--- a/net-nds/gssproxy/Manifest
+++ b/net-nds/gssproxy/Manifest
@@ -1 +1,2 @@
 DIST gssproxy-0.9.1.tar.gz 579038 BLAKE2B a17e673876b4acf480b23a8086720f507cd3a85c2f328469b726ab1653a94cd9a3eb9dd9369dee30b57457b6e8125b67a86fc4186c387e58d2d96b1da7c55089 SHA512 767c4e73d5240a43a0586e836e7dc199b8baf0adbc5a1a2cbb6ffc6f0a7ca574a4fc541ca474ef696d78956724eb24c465760f680e7170f8d77d056513b6226b
+DIST gssproxy-0.9.2.tar.gz 586240 BLAKE2B 4480070740ce77a9ed8714bbe8cb24684292317cc61e6c13e06b368bef6d722fdefb3c5230d15773050960851382435a15a0106e5d920c74b13afbbab9ff9194 SHA512 6de484c9c1715e8b845106e1b16e1c29805e4104db296eb44ea15e6b6973fd1df0b043d2cdc2798f04c7a0ce66279e356a285684bc3573ef847532ab2b87aca3
diff --git a/net-nds/gssproxy/files/gssproxy-0.9.2-docbook-upgrade.patch b/net-nds/gssproxy/files/gssproxy-0.9.2-docbook-upgrade.patch
new file mode 100644
index 000000000000..d8aba58b2823
--- /dev/null
+++ b/net-nds/gssproxy/files/gssproxy-0.9.2-docbook-upgrade.patch
@@ -0,0 +1,46 @@
+https://github.com/gssapi/gssproxy/commit/d4004e67cb399054c07b34517e8f0eaee83c55de
+
+From d4004e67cb399054c07b34517e8f0eaee83c55de Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tomasz=20K=C5=82oczko?= <kloczek@github.com>
+Date: Fri, 1 Sep 2023 18:19:23 +0000
+Subject: [PATCH] upgrade xml DTD to 4.5
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Trival change which upgardes xml DTD version to latest stable 4.5.
+
+Signed-off-by: Tomasz Kłoczko <kloczek@github.com>
+--- a/man/gssproxy-mech.8.xml.in
++++ b/man/gssproxy-mech.8.xml.in
+@@ -1,6 +1,6 @@
+ <?xml version="1.0" encoding="UTF-8"?>
+-<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.4//EN"
+-"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
++<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
++"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
+ <reference>
+ <title>GssProxy GSSAPI mechanism manual page</title>
+ <refentry>
+--- a/man/gssproxy.8.xml
++++ b/man/gssproxy.8.xml
+@@ -1,6 +1,6 @@
+ <?xml version="1.0" encoding="UTF-8"?>
+-<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.4//EN"
+-"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
++<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
++"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
+ <reference>
+ <title>GssProxy Manual pages</title>
+ <refentry>
+--- a/man/gssproxy.conf.5.xml
++++ b/man/gssproxy.conf.5.xml
+@@ -1,6 +1,6 @@
+ <?xml version="1.0" encoding="UTF-8"?>
+-<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.4//EN"
+-"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
++<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
++"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
+ <reference>
+ <title>GssProxy Manual pages</title>
+ <refentry>
diff --git a/net-nds/gssproxy/files/gssproxy-0.9.2-no-git-log.patch b/net-nds/gssproxy/files/gssproxy-0.9.2-no-git-log.patch
new file mode 100644
index 000000000000..2d12d7d738f9
--- /dev/null
+++ b/net-nds/gssproxy/files/gssproxy-0.9.2-no-git-log.patch
@@ -0,0 +1,13 @@
+Don't try to call 'git log' during configure. This leads to especially confusing
+output if the WORKDIR or S is a git repo for development.
+--- a/configure.ac
++++ b/configure.ac
+@@ -29,7 +29,7 @@ AC_SUBST([PRERELEASE_VERSION],
+ AC_DEFINE([PRERELEASE_VERSION], "PRERELEASE_VERSION_NUMBER",
+           [Prerelease version number of package])
+ 
+-AM_CONDITIONAL([GIT_CHECKOUT], [git log -1 &>/dev/null])
++AM_CONDITIONAL([GIT_CHECKOUT], [false &>/dev/null])
+ 
+ m4_pattern_allow([AM_SILENT_RULES])
+ AM_SILENT_RULES
diff --git a/net-nds/gssproxy/gssproxy-0.9.2.ebuild b/net-nds/gssproxy/gssproxy-0.9.2.ebuild
new file mode 100644
index 000000000000..501803444429
--- /dev/null
+++ b/net-nds/gssproxy/gssproxy-0.9.2.ebuild
@@ -0,0 +1,116 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools
+
+DESCRIPTION="Daemon to proxy GSSAPI context establishment and channel handling"
+HOMEPAGE="https://github.com/gssapi/gssproxy"
+SRC_URI="https://github.com/gssapi/${PN}/releases/download/v${PV}/${P}.tar.gz"
+
+LICENSE="BSD-1"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
+IUSE="debug selinux systemd"
+
+DEPEND="
+	>=dev-libs/libverto-0.2.2
+	>=dev-libs/ding-libs-0.6.1
+	virtual/krb5
+	selinux? ( sys-libs/libselinux )
+"
+RDEPEND="
+	${DEPEND}
+	selinux? ( sec-policy/selinux-gssproxy )
+"
+# We need xml stuff to build the man pages, and people really want/need
+# the man pages for this package :), bug #585200
+BDEPEND="
+	app-text/docbook-xml-dtd:4.5
+	dev-libs/libxslt
+	virtual/pkgconfig
+"
+
+# Many requirements to run tests, including running slapd as root, hence
+# unfeasible.
+RESTRICT="test"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-0.9.2-no-git-log.patch
+	"${FILESDIR}"/${P}-docbook-upgrade.patch
+)
+
+# pkg_setup() {
+#	# Here instead of flag-logic in DEPEND, since virtual/krb5 does not
+#	# allow to specify the openldap use flag, which heimdal doesn't
+#	# support.
+#	# Using mit-krb5 explicitly because heimdal doesn't install kerberos
+#	# schemata required for the tests of gss-proxy.
+#	if use test && ! has_version "app-crypt/mit-krb5[openldap]"; then
+#		eerror "Tests of this package require the kerberos schemata installed from app-crypt/mit-krb5[openldap]."
+#		die "Tests enabled but no app-crypt/mit-krb5[openldap] being installed."
+#	fi
+# }
+
+# Was required in 0.7.0 to fix the schema- and slapd-path. Reason for
+# comment: see RESTRICT comment
+# src_prepare() {
+#	default
+#	# The tests look for kerberos schemata in the documentation
+#	# directory of krb5, however these are installed in /etc/openldap
+#	# and only if the openldap useflag is supplied
+#	sed -i \
+#		-e 's#/usr/share/doc/krb5-server-ldap*#/etc/openldap/schema#' \
+#		-e "s#\(subprocess.Popen..\"\)slapd#\1/usr/$(get_libdir)/openldap/slapd#" \
+#		"${S}/tests/testlib.py" || die
+# }
+
+src_prepare() {
+	default
+
+	# Just for gssproxy-0.9.2-no-git-log.patch
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		# The build assumes localstatedir is /var and takes care of
+		# using all the right subdirs itself.
+		--localstatedir="${EPREFIX}"/var
+
+		--with-os=gentoo
+		--with-initscript=$(usex systemd systemd none)
+		$(use_with selinux)
+		$(use_with debug gssidebug)
+
+		# We already set FORTIFY_SOURCE by default along with the
+		# other bits. But setting it on each compile line interferes
+		# with efforts to try e.g. FORTIFY_SOURCE=3. So, disable it,
+		# but there's no actual difference to the safety of the binaries
+		# because of Gentoo's configuration/patches to the toolchain.
+		--without-hardening
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	# This is a plugin module, so no need for la file.
+	find "${ED}"/usr -name proxymech.la -delete || die
+
+	doinitd "${FILESDIR}"/gssproxy
+	insinto /etc/gssproxy
+	doins examples/*.conf
+
+	keepdir /var/lib/gssproxy
+	keepdir /var/lib/gssproxy/clients
+	keepdir /var/lib/gssproxy/rcache
+	fperms 0700 /var/lib/gssproxy/clients
+	fperms 0700 /var/lib/gssproxy/rcache
+
+	# The build installs a bunch of empty dirs, so prune them.
+	find "${ED}" -depth -type d -empty -delete || die
+}