2 # Copyright (C) 2019 Wind River Systems, Inc.
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
16 SUMMARY = "provides a daemon to manage access to GSSAPI credentials"
17 HOMEPAGE = "https://pagure.io/gssproxy"
20 LIC_FILES_CHKSUM = "file://COPYING;md5=a9ac3d0a983ebc781f7aa7173499e2e5"
22 DEPENDS += "popt ding-libs keyutils libverto krb5 libxslt-native libxml2-native \
23 libselinux libpthread-stubs gettext-native \
25 RDEPENDS_${PN} += "libinih popt libverto-libevent libverto-tevent keyutils \
26 libgssapi-krb5 libgssrpc libk5crypto libkadm5clnt-mit \
27 libkadm5srv-mit libkdb5 libkrad libkrb5 libkrb5support \
28 libxslt libxslt-bin libxml2-utils libxml2 \
32 FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
34 SRC_URI = "https://releases.pagure.org/gssproxy/gssproxy-${PV}.tar.gz \
35 file://Properly-renew-expired-credentials.patch;striplevel=2 \
36 file://Change-impersonator-check-code.patch;striplevel=2 \
37 file://Allow-connection-to-self-when-impersonator-set.patch;striplevel=2 \
38 file://Make-proc-file-failure-loud-but-nonfatal.patch;striplevel=2 \
39 file://Turn-on-Wextra.patch;striplevel=2 \
40 file://Fix-unused-variables.patch;striplevel=2 \
41 file://Fix-mismatched-sign-comparisons.patch;striplevel=2 \
42 file://Fix-error-checking-on-get_impersonator_fallback.patch;striplevel=2 \
43 file://Remove-gpm_release_ctx-to-fix-double-unlock.patch;striplevel=2 \
44 file://Appease-gcc-7-s-fallthrough-detection.patch;striplevel=2 \
45 file://Fix-memory-leak.patch;striplevel=2 \
46 file://Fix-most-memory-leaks.patch;striplevel=2 \
47 file://Fix-segfault-when-no-config-files-are-present.patch;striplevel=2 \
48 file://Update-systemd-file.patch;striplevel=2 \
49 file://Fix-error-handling-in-gp_config_from_dir.patch;striplevel=2 \
50 file://Do-not-call-gpm_grab_sock-twice.patch;striplevel=2 \
51 file://Only-empty-FILE-ccaches-when-storing-remote-creds.patch;striplevel=2 \
52 file://Handle-outdated-encrypted-ccaches.patch;striplevel=2 \
53 file://Separate-cred-and-ccache-manipulation-in-gpp_store_r.patch;striplevel=2 \
54 file://Properly-locate-credentials-in-collection-caches-in-.patch;striplevel=2 \
55 file://Properly-initialize-ccaches-before-storing-into-them.patch;striplevel=2 \
56 file://Include-header-for-writev.patch;striplevel=2 \
57 file://Tolerate-NULL-pointers-in-gp_same.patch;striplevel=2 \
58 file://Add-Client-ID-to-debug-messages.patch;striplevel=2 \
59 file://client-Switch-to-non-blocking-sockets.patch;striplevel=2 \
60 file://server-Add-detailed-request-logging.patch;striplevel=2 \
61 file://Fix-potential-free-of-non-heap-address.patch;striplevel=2 \
62 file://Prevent-uninitialized-read-in-error-path-of-XDR-cont.patch;striplevel=2 \
63 file://Simplify-setting-NONBLOCK-on-socket.patch;striplevel=2 \
64 file://Fix-handling-of-non-EPOLLIN-EPOLLOUT-events.patch;striplevel=2 \
65 file://Fix-error-handling-in-gpm_send_buffer-gpm_recv_buffe.patch;striplevel=2 \
66 file://Emit-debug-on-queue-errors.patch;striplevel=2 \
67 file://Conditionally-reload-kernel-interface-on-SIGHUP.patch;striplevel=2 \
68 file://Don-t-leak-mech_type-when-CONTINUE_NEEDED-from-init_.patch;striplevel=2 \
69 file://Always-use-the-encype-we-selected.patch;striplevel=2 \
70 file://Clarify-debug-and-debug_level-in-man-pages.patch;striplevel=2 \
71 file://Always-choose-highest-requested-debug-level.patch;striplevel=2 \
74 SRC_URI[md5sum] = "1837acb5766ffbc6fcc70ecaa72e285f"
76 inherit autotools systemd pkgconfig
78 SYSTEMD_SERVICE_${PN} = "gssproxy.service"
80 EXTRA_OECONF="--with-pubconf-path=${sysconfdir}/gssproxy \
81 --with-initscript=systemd --disable-static \
82 --disable-rpath --with-gpp-default-behavior=REMOTE_FIRST \
83 --with-systemdunitdir=${systemd_system_unitdir} \
87 CFLAGS += "-fPIE -fstack-protector-all"
88 LDFLAGS += "-fPIE -pie -Wl,-z,now"