# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=openvpn-auth-ldap
pkgver=2.0.4
pkgrel=7
pkgdesc="LDAP authentication and authorization plugin for OpenVPN 2.x"
url="https://github.com/threerings/openvpn-auth-ldap/"
arch="all"
license="BSD-3-Clause"
depends="openvpn"
makedepends="automake autoconf re2c openldap-dev openvpn-dev gcc-objc"
pkggroups="openvpn"
install="$pkgname.post-upgrade"
source="https://github.com/threerings/openvpn-auth-ldap/archive/auth-ldap-$pkgver.tar.gz
	CVE-2024-28820.patch
	default-config.patch
	fix-make-install.patch
	stdio.patch
	"
builddir="$srcdir/$pkgname-auth-ldap-$pkgver"

# secfixes:
#   2.0.4-r7:
#     - CVE-2024-28820

prepare() {
	default_prepare
	autoreconf -vif
}

build() {
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--infodir=/usr/share/info \
		--with-openvpn=/usr \
		--with-objc-runtime=GNU \
		CFLAGS="$CFLAGS -fPIC" \
		OBJCFLAGS="-std=gnu11 -fpermissive"
	make
}

check() {
	make -C tests test
}

package() {
	make DESTDIR="$pkgdir" install

	install -D -m 640 -g openvpn auth-ldap.conf "$pkgdir"/etc/openvpn/auth-ldap.conf
}

sha512sums="
ffa1f1617acd3f4e96d3abea7e5611d8b8406c92ff1298ac0520f2d42f188116904187d3ca8c0ae88e0bcc6449ec4c8494a18770a4635c1ee7301baaaddfa12e  auth-ldap-2.0.4.tar.gz
f68159da95bc6b593892125c6b97e6c60a8677f9d39031cb04c1948ac9495d507cb10f7929c1716cb67ac4f5e5d5fdb1a3ff51b902b2c4df65c3225c27899019  CVE-2024-28820.patch
7d33287dde5ef338797d395f6e254d6e3116cbc274f89fc44b0de7f624d51c23c5734229279023c5b818d1ce7313f761770ee2f60c1975713feefdf03f040374  default-config.patch
e6f826558a8542e3372c23692b9006ae5978110cd599ccde4756ace6bedd0c6a249738b00ba29e7121727246e001154f7aeb3804864fbc935e0acbb17b7d2a27  fix-make-install.patch
57c8db58a10e8e4d4786cace8ace897510d1c547c679b5fe301010c47fc124af6d1b236e7752a4e0ca929cd30c1d242a90ef621baf244830ac344379ce03de05  stdio.patch
"
