Home Explore Help
Sign In
dustdfg
/
dragora
forked from dragora/dragora
Watch 1
Star 0
Fork 0
Files
Branch: cmake-recipe
Branches Tags
dragora
/
recipes
/
networking
/
tcp_wrappers
/
recipe

recipe 4.1 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128 
  1. # Build recipe for tcp_wrappers.
    2. 

  2. #
    3. 

  3. # Copyright (c) 2018, 2021 Matias Fonzo, <selk@dragora.org>.
    4. 

  4. #
    5. 

  5. # Licensed under the Apache License, Version 2.0 (the "License");
    6. 

  6. # you may not use this file except in compliance with the License.
    7. 

  7. # You may obtain a copy of the License at
    8. 

  8. #
    9. 

  9. #    http://www.apache.org/licenses/LICENSE-2.0
    10. 

  10. #
    11. 

  11. # Unless required by applicable law or agreed to in writing, software
    12. 

  12. # distributed under the License is distributed on an "AS IS" BASIS,
    13. 

  13. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    14. 

  14. # See the License for the specific language governing permissions and
    15. 

  15. # limitations under the License.
    16. 

  16. 

  17. # Exit immediately on any error
    18. 

  18. set -e
    19. 

  19. 

  20. program=tcp_wrappers
    21. 

  21. version=7.6
    22. 

  22. release=3
    23. 

  23. 

  24. # Define a category for the output of the package name
    25. 

  25. pkgcategory=networking
    26. 

  26. 

  27. tarname=${program}_${version}.tar.gz
    28. 

  28. 

  29. # Remote source(s)
    30. 

  30. fetch=http://ftp.porcupine.org/pub/security/$tarname
    31. 

  31. 

  32. description="
    33. 

  33. Monitor of incoming TCP connections.
    34. 

  34. 

  35. TCP Wrapper is a host-based Networking ACL system, used to
    36. 

  36. filter network access to Internet Protocol servers on
    37. 

  37. (Unix-like) operating systems such as Linux or BSD.
    38. 

  38. 

  39. It allows host or subnetwork IP addresses, names and/or
    40. 

  40. ident query replies, to be used as tokens on which to
    41. 

  41. filter for access control purposes.
    42. 

  42. "
    43. 

  43. 

  44. homepage=ftp://ftp.porcupine.org/pub/security/index.html
    45. 

  45. license=BSD
    46. 

  46. 

  47. # Source documentation
    48. 

  48. docs="BLURB CHANGES DISCLAIMER README README.NIS"
    49. 

  49. docsdir="${docdir}/${program}-${version}"
    50. 

  50. 

  51. # Source directory
    52. 

  52. srcdir=${program}_${version}
    53. 

  53. 

  54. # Limit parallel jobs for the compiler to 1
    55. 

  55. jobs=1
    56. 

  56. 

  57. build()
    58. 

  58. {
    59. 

  59.     unpack "${tardir}/$tarname"
    60. 

  60. 

  61.     cd "$srcdir"
    62. 

  62. 

  63.     # Refresh old source code plus security issues via patches
    64. 

  64. 

  65.     # Apply patches from Debian (Thanks!)
    66. 

  66.     while read -r line
    67. 

  67.     do
    68. 

  68.         patch -p1 < "${worktree}/patches/tcp_wrappers/${line}"
    69. 

  69.     done < "${worktree}/patches/tcp_wrappers/series"
    70. 

  70. 

  71.     # Apply extras patches from "musl development overlay" (Thanks to "Gentoo Linux")
    72. 

  72.     patch -p1 < "${worktree}/patches/tcp_wrappers/tcp-wrappers-7.6.22-remove-DECLS.patch"
    73. 

  73.     patch -p1 < "${worktree}/patches/tcp_wrappers/tcp-wrappers-7.6-redhat-bug11881.patch"
    74. 

  74.     patch -p1 < "${worktree}/patches/tcp_wrappers/0001-Remove-fgets-extern-declaration.patch"
    75. 

  75. 

  76.     # Set sane permissions
    77. 

  77.     chmod -R u+w,go-w,a+rX-s .
    78. 

  78. 

  79.     make -j${jobs} COPTS="$QICFLAGS" LDOPTS="$QILDFLAGS" \
    80. 

  80.      STYLE="-DPROCESS_OPTIONS" REAL_DAEMON_DIR=/usr/sbin musl
    81. 

  81. 

  82.     # Install manually
    83. 

  83. 

  84.     mkdir -p "${destdir}/usr/include" \
    85. 

  85.      "${destdir}/usr/sbin" "${destdir}/usr/lib${libSuffix}"
    86. 

  86. 

  87.     for file in safe_finger tcpd tcpdchk tcpdmatch try-from
    88. 

  88.     do
    89. 

  89.         cp -p $file "${destdir}/usr/sbin/"
    90. 

  90.         chmod 755   "${destdir}/usr/sbin/${file}"
    91. 

  91.     done
    92. 

  92.     unset -v file
    93. 

  93. 

  94.     cp -p libwrap.a "${destdir}/usr/lib${libSuffix}/"
    95. 

  95.     chmod 644 "${destdir}/usr/lib${libSuffix}/libwrap.a"
    96. 

  96. 

  97.     cp -p tcpd.h "${destdir}/usr/include/"
    98. 

  98.     chmod 644 "${destdir}/usr/include/tcpd.h"
    99. 

  99. 

  100.     mkdir -p "${destdir}${mandir}/man3" \
    101. 

  101.      "${destdir}${mandir}/man5" "${destdir}${mandir}/man8"
    102. 

  102.     lzip -9c < hosts_access.3   > "${destdir}${mandir}/man3/hosts_access.3.lz"
    103. 

  103.     lzip -9c < hosts_access.5   > "${destdir}${mandir}/man5/hosts_access.5.lz"
    104. 

  104.     lzip -9c < hosts_options.5  > "${destdir}${mandir}/man5/hosts_options.5.lz"
    105. 

  105.     lzip -9c < tcpd.8           > "${destdir}${mandir}/man8/tcpd.8.lz"
    106. 

  106.     lzip -9c < tcpdchk.8        > "${destdir}${mandir}/man8/tcpdchk.8.lz"
    107. 

  107.     lzip -9c < tcpdmatch.8      > "${destdir}${mandir}/man8/tcpdmatch.8.lz"
    108. 

  108. 

  109.     # Strip remaining binaries and libraries
    110. 

  110.     find "$destdir" -type f | xargs file | \
    111. 

  111.      awk '/ELF/ && /executable/ || /shared object/' | \
    112. 

  112.       cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
    113. 

  113. 

  114.     strip --strip-debug "${destdir}/usr/lib${libSuffix}/libwrap.a"
    115. 

  115. 

  116.     # Copy local config files
    117. 

  117.     mkdir -p "${destdir}/etc"
    118. 

  118.     cp -p "${worktree}/archive/tcp_wrappers/etc/hosts.allow" "${destdir}/etc/"
    119. 

  119.     cp -p "${worktree}/archive/tcp_wrappers/etc/hosts.deny" "${destdir}/etc/"
    120. 

  120.     chmod 644 "${destdir}/etc/hosts.allow" "${destdir}/etc/hosts.deny"
    121. 

  121.     touch "${destdir}/etc/.graft-config"
    122. 

  122. 

  123.     # Copy documentation
    124. 

  124.     mkdir -p "${destdir}/$docsdir"
    125. 

  125.     cp -p $docs "${destdir}/$docsdir"
    126. 

  126. }
    127. 

  127. 

  128.