sssd: update to 2.8.2.

Dependencies: * libwbclient is deprecated and removed upstream. * libxslt-devel is not used for building; xsltproc from libxslt is used instead. * xmlcatmgr does not seem to be used as a host make dependency. * python3 is required for cross compiling bindings. * http-parser-devel (http_parser.h) does not seem to be mentioned anywhere in the source code. * nscd does not seem to be used in hostmakedepends. Patches: * libressl.patch is removed due to openssl replacing libressl. * remove patches relating to tests as we disable them Misc: * "--without-python2-bindings" can be safely omitted from configure_args. * oidc-child now requires libjose which is not present in the repository, hence it is disabled.
2025-04-19 07:37:01 +02:00 · 2023-02-11 11:43:22 +01:00 · 2023-02-11 11:43:22 +01:00 · 8e28a98fc1
commit 8e28a98fc1
parent 8077eee64d
5 changed files with 59 additions and 105 deletions
--- a/srcpkgs/sssd/patches/configure_cross.patch
+++ b/srcpkgs/sssd/patches/configure_cross.patch
@ -0,0 +1,33 @@
+configure was supposed to execute compiled testing binaries.
+
+However, when it comes to cross compiling, the script chooses to exit
+and interrupt the building.
+
+Skipping execution is preferred to quitting in this case.
+
+--- a/configure
+++ b/configure
+@@ -20460,10 +20460,7 @@
+ 
+ if test "$cross_compiling" = yes
+ then :
+-  { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+-printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+-as_fn_error $? "cannot run test program while cross compiling
+-See \`config.log' for more details" "$LINENO" 5; }
+  :
+ else $as_nop
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ /* end confdefs.h.  */
+@@ -22915,10 +22912,7 @@
+         LIBS="$LIBS -L${sambalibdir} -lidmap-samba4 -Wl,-rpath ${sambalibdir}"
+         if test "$cross_compiling" = yes
+ then :
+-  { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+-printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;}
+-as_fn_error $? "cannot run test program while cross compiling
+-See \`config.log' for more details" "$LINENO" 5; }
+  :
+ else $as_nop
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ /* end confdefs.h.  */
--- a/srcpkgs/sssd/patches/fix_tests.patch
+++ b/srcpkgs/sssd/patches/fix_tests.patch
@ -1,54 +0,0 @@
-Fix tests by disabling failures related to softhsm, see
-
-https://github.com/SSSD/sssd/issues/5397
-
--- a/src/tests/cmocka/test_pam_srv.c
-+++ b/src/tests/cmocka/test_pam_srv.c
-@@ -41,6 +41,8 @@
- #include "tests/test_CA/SSSD_test_cert_x509_0002.h"
- #include "tests/test_CA/SSSD_test_cert_x509_0005.h"
- 
-+#define TEST_MODULE_NAME SOFTHSM2_PATH
-+
- #include "tests/test_ECC_CA/SSSD_test_ECC_cert_x509_0001.h"
- #else
- #define SSSD_TEST_CERT_0001 ""
-@@ -48,6 +50,7 @@
- #define SSSD_TEST_CERT_0005 ""
- 
- #define SSSD_TEST_ECC_CERT_0001 ""
-+#define TEST_MODULE_NAME ""
- #endif
- 
- #define TESTS_PATH "tp_" BASE_FILE_STEM
-@@ -62,7 +65,6 @@
- #define TEST_TOKEN_NAME "SSSD Test Token"
- #define TEST_TOKEN2_NAME "SSSD Test Token Number 2"
- #define TEST_KEY_ID "C554C9F82C2A9D58B70921C143304153A8A42F17"
-#define TEST_MODULE_NAME SOFTHSM2_PATH
- #define TEST_PROMPT "SSSD test cert 0001\nCN=SSSD test cert 0001,OU=SSSD test,O=SSSD"
- #define TEST2_PROMPT "SSSD test cert 0002\nCN=SSSD test cert 0002,OU=SSSD test,O=SSSD"
- #define TEST5_PROMPT "SSSD test cert 0005\nCN=SSSD test cert 0005,OU=SSSD test,O=SSSD"
-
-The test_ncache_* functions require a working user directory, which is
-generally unavailable in xbps-src builds.
-
--- a/src/tests/cmocka/test_negcache.c
-+++ b/src/tests/cmocka/test_negcache.c
-@@ -1089,7 +1089,7 @@
-                                         setup, teardown),
-         cmocka_unit_test_setup_teardown(test_sss_ncache_domain_locate_type,
-                                         setup, teardown),
-
-+#if 0
-         /* user */
-         cmocka_unit_test_setup_teardown(test_ncache_nocache_user,
-                                         test_ncache_setup,
-@@ -1142,6 +1142,7 @@
-         cmocka_unit_test_setup_teardown(test_ncache_both_gid,
-                                         test_ncache_setup,
-                                         test_ncache_teardown),
-+#endif
-     };
- 
-     tests_set_cwd();
--- a/srcpkgs/sssd/patches/libressl.patch
+++ b/srcpkgs/sssd/patches/libressl.patch
@ -1,26 +0,0 @@
-diff -Naurp0 a/p11_child/p11_child_openssl.c b/p11_child/p11_child_openssl.c
--- a/src/p11_child/p11_child_openssl.c	2020-09-06 16:39:47.663132167 +0200
-+++ b/src/p11_child/p11_child_openssl.c	2020-09-06 16:39:51.887060887 +0200
-@@ -33,0 +34 @@
-+#include <limits.h>
-diff -Naurp0 a/util/crypto/libcrypto/crypto_hmac_sha1.c b/util/crypto/libcrypto/crypto_hmac_sha1.c
--- a/src/util/crypto/libcrypto/crypto_hmac_sha1.c	2020-09-06 16:39:47.705131458 +0200
-+++ b/src/util/crypto/libcrypto/crypto_hmac_sha1.c	2020-09-06 16:39:51.870061174 +0200
-@@ -19,0 +20 @@
-+#include <limits.h>
--- a/src/lib/certmap/sss_cert_content_crypto.c	2020-10-12 12:16:19.000000000 +0200
-+++ b/src/lib/certmap/sss_cert_content_crypto.c	2020-10-12 12:16:19.000000000 +0200
-@@ -771,8 +771,13 @@
-         ret = EIO;
-         goto done;
-     }
-+#ifdef LIBRESSL_VERSION_NUMBER
-+    if (cert->ex_flags & EXFLAG_KUSAGE) {
-+        cont->key_usage = cert->ex_kusage;
-+#else
-     if ((X509_get_extension_flags(cert) & EXFLAG_KUSAGE)) {
-         cont->key_usage = X509_get_key_usage(cert);
-+#endif
-     } else {
-         /* According to X.509 https://www.itu.int/rec/T-REC-X.509-201610-I
-          * section 13.3.2 "Certificate match" "keyUsage matches if all of the
--- a/srcpkgs/sssd/template
+++ b/srcpkgs/sssd/template
@ -1,20 +1,22 @@
 # Template file for 'sssd'
 pkgname=sssd
-version=2.4.0
-revision=5
+version=2.8.2
+revision=1
+# upstream explicitly hardcodes to use glibc:
+# https://github.com/SSSD/sssd/blob/2.8.2/src/util/nss_dl_load.c
+archs="~*-musl"
 build_style=gnu-configure
 # configure checks sys.version[:3] for Python versioning, so 3.10 becomes 3.1;
 # until this is fixed upstream, manually define am_cv_python_version to circumvent
-configure_args="--without-selinux --without-semanage --without-libwbclient
+configure_args="--without-selinux --without-semanage --without-oidc-child
 --disable-cifs-idmap-plugin --without-samba --with-os=fedora
 --with-test-dir=/dev/shm --with-python3-bindings --with-pid-path=/run
- --with-sudo-lib-path=/usr/lib/sssd --without-python2-bindings
- am_cv_python_version=${py3_ver}"
-hostmakedepends="pkg-config nscd bind xmlcatmgr docbook-xsl"
+ --with-sudo-lib-path=/usr/lib/sssd am_cv_python_version=${py3_ver}"
+hostmakedepends="libxslt pkg-config bind docbook-xsl python3"
 makedepends="pam-devel popt-devel talloc-devel tdb-devel tevent-devel ldb-devel
 ding-libs-devel libldap-devel mit-krb5-devel c-ares-devel glib-devel
- libxslt-devel nss-devel libnfsidmap-devel http-parser-devel p11-kit-devel
- jansson-devel python3-devel libcurl-devel cmocka-devel check-devel"
+ libnfsidmap-devel p11-kit-devel jansson-devel python3-devel libcurl-devel
+ libunistring-devel"
 make_dirs="/var/lib/sss/db 0700 root root
 /var/lib/sss/secrets 0700 root root
 /var/lib/sss/pubconf/krb5.include.d 0700 root root
@ -22,32 +24,32 @@ make_dirs="/var/lib/sss/db 0700 root root
 /var/lib/sss/mc 0700 root root
 /var/lib/sss/keytabs 0700 root root
 /var/lib/sss/gpo_cache 0700 root root
- /var/lib/sss/db 0700 root root
- /etc/sssd/ 0700 root root
- /var/sssd/conf.d 0700 root root"
+ /var/lib/sss/deskprofile 0700 root root
+ /etc/sssd/pki 0700 root root
+ /etc/sssd/conf.d 0700 root root"
 short_desc="System Security Services Daemon"
 maintainer="Yuusha Spacewolf <xyuusha@paranoici.org>"
 license="GPL-3.0-or-later"
 homepage="https://sssd.io"
-distfiles="https://github.com/SSSD/sssd/releases/download/${pkgname}-${version//./_}/${pkgname}-${version}.tar.gz"
-checksum=13d7eeff15e582279f70a3aad32daeb40d3749ec14947a4eded35adce7490cdd
+distfiles="https://github.com/SSSD/sssd/releases/download/${version}/${pkgname}-${version}.tar.gz"
+checksum=ae16447d06bb725bfa9ccb47a9287135015f789ba7414f50cebcb62d52402fef
 python_version=3
-nocross="configure attempts to run compiled output"
 # These modules in /usr/lib/sssd are required by sssd-python3
 shlib_provides="libsss_util.so libsss_crypt.so libsss_debug.so"
+# * test_sysdb_sudo: Could not run test: 0 != 0x1 (test_sudo_convert_time);
+# * test_inotify: [test_timeout] (0x0010): The test timed out!
+# * dlopen-tests: Error opening sss.so: [...] conf_get_str: symbol not found
+# * strtonum-tests: Tests:test_strtoint32_alphaonly_base_10:0: errno
+#   unexpectedly set to 22
+# * pam-srv-tests: https://github.com/SSSD/sssd/issues/5631
+# * requires to manually 'make test_CA' (although it should be done by
+#   default?).
+make_check=no

-if [ "$XBPS_LIBC" != glibc ]; then
-	broken="nscd is glibc only"
-fi
-
-do_check() {
-	export CK_TIMEOUT_MULTIPLIER=10
-	make check VERBOSE=yes
-	unset CK_TIMEOUT_MULTIPLIER
-}
+export PYTHON_CONFIG="${XBPS_CROSS_BASE}/usr/bin/python3-config"

 post_install() {
-	rm -rf ${DESTDIR}/etc/rc.d
+	rm -r ${DESTDIR}/etc/rc.d

 	vsv sssd
 }
--- a/srcpkgs/sssd/update
+++ b/srcpkgs/sssd/update
@ -1 +0,0 @@
-pattern="${pkgname}-\K[0-9_.]+(?=tar.gz)"