diff options
author | Chris Severance | 2022-05-08 21:42:13 -0400 |
---|---|---|
committer | Chris Severance | 2022-05-08 21:42:13 -0400 |
commit | 8cc98ca547d335436a591a3cca7a467ae81366f6 (patch) | |
tree | a1d978e361b2a188359486f8032fee36087a77d9 | |
download | aur-8cc98ca547d335436a591a3cca7a467ae81366f6.tar.gz |
Initial Import
-rw-r--r-- | .SRCINFO | 37 | ||||
-rw-r--r-- | 0000-jsch-disable-enable-ssh-rsa.patch | 41 | ||||
-rw-r--r-- | 0000-jsch-disable-md5-3des-cbc-dss-arcfour.patch | 111 | ||||
-rw-r--r-- | 0000-mirth-disable-tls11.patch | 18 | ||||
-rw-r--r-- | PKGBUILD | 246 | ||||
-rw-r--r-- | mirthconnect.install | 48 |
6 files changed, 501 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..03bfa7fce9a0 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,37 @@ +# Generated by mksrcinfo v8 +# Mon May 9 01:41:33 UTC 2022 +pkgbase = mirthconnect + pkgdesc = hl7 connector by Nextgen + pkgver = 4.0.1.b293 + pkgrel = 1 + url = https://www.nextgen.com/products-and-services/integration-engine + install = mirthconnect.install + arch = x86_64 + license = MPL + makedepends = maven + depends = jdk17-openjdk + optdepends = mariadb: alternate database to derby + optdepends = postgresql: alternate database to derby + backup = var/lib/mirthconnect/conf/dbdrivers.xml + backup = var/lib/mirthconnect/conf/log4j-cli.properties + backup = var/lib/mirthconnect/conf/log4j.properties + backup = var/lib/mirthconnect/conf/mirth-cli-config.properties + backup = var/lib/mirthconnect/conf/mirth.properties + source = https://s3.amazonaws.com/downloads.mirthcorp.com/connect/4.0.1.b293/mirthconnect-4.0.1.b293-unix.tar.gz + source = 0000-mirth-disable-tls11.patch + source = https://github.com/mwiede/jsch/archive/refs/tags/jsch-0.2.1.tar.gz + source = 0000-jsch-disable-md5-3des-cbc-dss-arcfour.patch + source = 0000-jsch-disable-enable-ssh-rsa.patch + md5sums = 8334c068adb05017514ce67ae2529a0d + md5sums = 426de9435b21e90df7ae044510938270 + md5sums = 9d3781f917c5f5c4bc7e16860dc18344 + md5sums = b9e1b8f9395622ba548d7fd07cfd7c26 + md5sums = 7a779d050bd1cfee55486a1d226466f1 + sha256sums = fd5223a15cdcaaf0d8071c1bdd9a0409fecd93fcec25e18c1daab1e9fe1f991d + sha256sums = 4dc37b7ed9db5c9fcd74f45cd6197f6b631d74d3a30022bda6fda1c5900b7099 + sha256sums = a3cb1b619269dbef91170f5470a0784aab4862932c17b63af686d5955b3c4bb9 + sha256sums = f754da4581b5e390e13fc407ab9fc4cdc7f139585081929626be8569dae99ad9 + sha256sums = 34ae98344a701d73145aa37e388f2765128d6e80240f0dc943d9ecc77ceed2d0 + +pkgname = mirthconnect + diff --git a/0000-jsch-disable-enable-ssh-rsa.patch b/0000-jsch-disable-enable-ssh-rsa.patch new file mode 100644 index 000000000000..d9eb75d31797 --- /dev/null +++ b/0000-jsch-disable-enable-ssh-rsa.patch @@ -0,0 +1,41 @@ +diff -pNaru5 a/src/main/java/com/jcraft/jsch/JSch.java b/src/main/java/com/jcraft/jsch/JSch.java +--- a/src/main/java/com/jcraft/jsch/JSch.java 2022-02-09 07:24:03.000000000 -0500 ++++ b/src/main/java/com/jcraft/jsch/JSch.java 2022-02-15 23:13:54.826589765 -0500 +@@ -40,18 +40,18 @@ public class JSch{ + */ + public static final String VERSION = Version.getVersion(); + + static Hashtable<String, String> config=new Hashtable<>(); + static{ +- config.put("kex", Util.getSystemProperty("jsch.kex", "curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256")); +- config.put("server_host_key", Util.getSystemProperty("jsch.server_host_key", "ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256")); ++ config.put("kex", Util.getSystemProperty("jsch.kex", "curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1")); ++ config.put("server_host_key", Util.getSystemProperty("jsch.server_host_key", "ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa")); + config.put("prefer_known_host_key_types", Util.getSystemProperty("jsch.prefer_known_host_key_types", "yes")); + config.put("enable_server_sig_algs", Util.getSystemProperty("jsch.enable_server_sig_algs", "yes")); +- config.put("cipher.s2c", Util.getSystemProperty("jsch.cipher", "aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com")); +- config.put("cipher.c2s", Util.getSystemProperty("jsch.cipher", "aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com")); +- config.put("mac.s2c", Util.getSystemProperty("jsch.mac", "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1")); +- config.put("mac.c2s", Util.getSystemProperty("jsch.mac", "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1")); ++ config.put("cipher.s2c", Util.getSystemProperty("jsch.cipher", "aes256-ctr,aes256-gcm@openssh.com,aes256-cbc,aes192-ctr,aes192-cbc,aes128-ctr,aes128-gcm@openssh.com,aes128-cbc")); ++ config.put("cipher.c2s", Util.getSystemProperty("jsch.cipher", "aes256-ctr,aes256-gcm@openssh.com,aes256-cbc,aes192-ctr,aes192-cbc,aes128-ctr,aes128-gcm@openssh.com,aes128-cbc")); ++ config.put("mac.s2c", Util.getSystemProperty("jsch.mac", "hmac-sha2-512-etm@openssh.com,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-256,hmac-sha1-etm@openssh.com,hmac-sha1")); ++ config.put("mac.c2s", Util.getSystemProperty("jsch.mac", "hmac-sha2-512-etm@openssh.com,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-256,hmac-sha1-etm@openssh.com,hmac-sha1")); + config.put("compression.s2c", Util.getSystemProperty("jsch.compression", "none")); + config.put("compression.c2s", Util.getSystemProperty("jsch.compression", "none")); + + config.put("lang.s2c", Util.getSystemProperty("jsch.lang", "")); + config.put("lang.c2s", Util.getSystemProperty("jsch.lang", "")); +@@ -225,11 +225,11 @@ public class JSch{ + + config.put("StrictHostKeyChecking", "ask"); + config.put("HashKnownHosts", "no"); + + config.put("PreferredAuthentications", Util.getSystemProperty("jsch.preferred_authentications", "gssapi-with-mic,publickey,keyboard-interactive,password")); +- config.put("PubkeyAcceptedAlgorithms", Util.getSystemProperty("jsch.client_pubkey", "ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256")); ++ config.put("PubkeyAcceptedAlgorithms", Util.getSystemProperty("jsch.client_pubkey", "ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa")); + + config.put("CheckCiphers", Util.getSystemProperty("jsch.check_ciphers", "chacha20-poly1305@openssh.com")); + config.put("CheckMacs", Util.getSystemProperty("jsch.check_macs", "")); + config.put("CheckKexes", Util.getSystemProperty("jsch.check_kexes", "curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512")); + config.put("CheckSignatures", Util.getSystemProperty("jsch.check_signatures", "ssh-ed25519,ssh-ed448")); diff --git a/0000-jsch-disable-md5-3des-cbc-dss-arcfour.patch b/0000-jsch-disable-md5-3des-cbc-dss-arcfour.patch new file mode 100644 index 000000000000..bcaf0d285774 --- /dev/null +++ b/0000-jsch-disable-md5-3des-cbc-dss-arcfour.patch @@ -0,0 +1,111 @@ +diff -pNaru5 a/src/main/java/com/jcraft/jsch/JSch.java b/src/main/java/com/jcraft/jsch/JSch.java +--- a/src/main/java/com/jcraft/jsch/JSch.java 2018-11-20 05:58:55.000000000 -0500 ++++ b/src/main/java/com/jcraft/jsch/JSch.java 2022-05-05 16:32:00.569792636 -0400 +@@ -38,31 +38,31 @@ public class JSch{ + */ + public static final String VERSION = "0.1.54"; + + static java.util.Hashtable config=new java.util.Hashtable(); + static{ +- config.put("kex", "ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1"); +- config.put("server_host_key", "ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"); ++ config.put("kex", "ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1"); ++ config.put("server_host_key", "ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,ssh-rsa"); + config.put("cipher.s2c", +- "aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc"); ++ "aes256-ctr,aes256-cbc,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc"); + config.put("cipher.c2s", +- "aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc"); ++ "aes256-ctr,aes256-cbc,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc"); + +- config.put("mac.s2c", "hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96"); +- config.put("mac.c2s", "hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96"); ++ config.put("mac.s2c", "hmac-sha2-256,hmac-sha1"); ++ config.put("mac.c2s", "hmac-sha2-256,hmac-sha1"); + config.put("compression.s2c", "none"); + config.put("compression.c2s", "none"); + + config.put("lang.s2c", ""); + config.put("lang.c2s", ""); + + config.put("compression_level", "6"); + + config.put("diffie-hellman-group-exchange-sha1", + "com.jcraft.jsch.DHGEX"); +- config.put("diffie-hellman-group1-sha1", +- "com.jcraft.jsch.DHG1"); ++// config.put("diffie-hellman-group1-sha1", ++// "com.jcraft.jsch.DHG1"); + config.put("diffie-hellman-group14-sha1", + "com.jcraft.jsch.DHG14"); // available since JDK8. + config.put("diffie-hellman-group-exchange-sha256", + "com.jcraft.jsch.DHGEX256"); // available since JDK1.4.2. + // On JDK8, 2048bits will be used. +@@ -75,28 +75,28 @@ public class JSch{ + config.put("ecdh-sha2-nistp521", "com.jcraft.jsch.DHEC521"); + + config.put("ecdh-sha2-nistp", "com.jcraft.jsch.jce.ECDHN"); + + config.put("dh", "com.jcraft.jsch.jce.DH"); +- config.put("3des-cbc", "com.jcraft.jsch.jce.TripleDESCBC"); +- config.put("blowfish-cbc", "com.jcraft.jsch.jce.BlowfishCBC"); ++ //config.put("3des-cbc", "com.jcraft.jsch.jce.TripleDESCBC"); ++ //config.put("blowfish-cbc", "com.jcraft.jsch.jce.BlowfishCBC"); + config.put("hmac-sha1", "com.jcraft.jsch.jce.HMACSHA1"); +- config.put("hmac-sha1-96", "com.jcraft.jsch.jce.HMACSHA196"); ++ //config.put("hmac-sha1-96", "com.jcraft.jsch.jce.HMACSHA196"); + config.put("hmac-sha2-256", "com.jcraft.jsch.jce.HMACSHA256"); + // The "hmac-sha2-512" will require the key-length 2048 for DH, + // but Sun's JCE has not allowed to use such a long key. + //config.put("hmac-sha2-512", "com.jcraft.jsch.jce.HMACSHA512"); +- config.put("hmac-md5", "com.jcraft.jsch.jce.HMACMD5"); +- config.put("hmac-md5-96", "com.jcraft.jsch.jce.HMACMD596"); ++ //config.put("hmac-md5", "com.jcraft.jsch.jce.HMACMD5"); ++ //config.put("hmac-md5-96", "com.jcraft.jsch.jce.HMACMD596"); + config.put("sha-1", "com.jcraft.jsch.jce.SHA1"); + config.put("sha-256", "com.jcraft.jsch.jce.SHA256"); + config.put("sha-384", "com.jcraft.jsch.jce.SHA384"); + config.put("sha-512", "com.jcraft.jsch.jce.SHA512"); + config.put("md5", "com.jcraft.jsch.jce.MD5"); +- config.put("signature.dss", "com.jcraft.jsch.jce.SignatureDSA"); ++ //config.put("signature.dss", "com.jcraft.jsch.jce.SignatureDSA"); + config.put("signature.rsa", "com.jcraft.jsch.jce.SignatureRSA"); +- config.put("keypairgen.dsa", "com.jcraft.jsch.jce.KeyPairGenDSA"); ++ //config.put("keypairgen.dsa", "com.jcraft.jsch.jce.KeyPairGenDSA"); + config.put("keypairgen.rsa", "com.jcraft.jsch.jce.KeyPairGenRSA"); + config.put("keypairgen.ecdsa", "com.jcraft.jsch.jce.KeyPairGenECDSA"); + config.put("random", "com.jcraft.jsch.jce.Random"); + + config.put("none", "com.jcraft.jsch.CipherNone"); +@@ -106,14 +106,14 @@ public class JSch{ + config.put("aes256-cbc", "com.jcraft.jsch.jce.AES256CBC"); + + config.put("aes128-ctr", "com.jcraft.jsch.jce.AES128CTR"); + config.put("aes192-ctr", "com.jcraft.jsch.jce.AES192CTR"); + config.put("aes256-ctr", "com.jcraft.jsch.jce.AES256CTR"); +- config.put("3des-ctr", "com.jcraft.jsch.jce.TripleDESCTR"); +- config.put("arcfour", "com.jcraft.jsch.jce.ARCFOUR"); +- config.put("arcfour128", "com.jcraft.jsch.jce.ARCFOUR128"); +- config.put("arcfour256", "com.jcraft.jsch.jce.ARCFOUR256"); ++ //config.put("3des-ctr", "com.jcraft.jsch.jce.TripleDESCTR"); ++ //config.put("arcfour", "com.jcraft.jsch.jce.ARCFOUR"); ++ //config.put("arcfour128", "com.jcraft.jsch.jce.ARCFOUR128"); ++ //config.put("arcfour256", "com.jcraft.jsch.jce.ARCFOUR256"); + + config.put("userauth.none", "com.jcraft.jsch.UserAuthNone"); + config.put("userauth.password", "com.jcraft.jsch.UserAuthPassword"); + config.put("userauth.keyboard-interactive", "com.jcraft.jsch.UserAuthKeyboardInteractive"); + config.put("userauth.publickey", "com.jcraft.jsch.UserAuthPublicKey"); +@@ -128,11 +128,11 @@ public class JSch{ + config.put("StrictHostKeyChecking", "ask"); + config.put("HashKnownHosts", "no"); + + config.put("PreferredAuthentications", "gssapi-with-mic,publickey,keyboard-interactive,password"); + +- config.put("CheckCiphers", "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256"); ++ config.put("CheckCiphers", "aes256-ctr,aes256-cbc,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc"); + config.put("CheckKexes", "diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521"); + config.put("CheckSignatures", "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"); + + config.put("MaxAuthTries", "6"); + config.put("ClearAllForwardings", "no"); diff --git a/0000-mirth-disable-tls11.patch b/0000-mirth-disable-tls11.patch new file mode 100644 index 000000000000..112bf0c66c76 --- /dev/null +++ b/0000-mirth-disable-tls11.patch @@ -0,0 +1,18 @@ +diff -pNaru5 a/conf/mirth.properties b/conf/mirth.properties +--- a/conf/mirth.properties 2022-02-11 11:55:37.612844338 -0500 ++++ b/conf/mirth.properties 2022-02-11 11:57:57.403722379 -0500 +@@ -35,12 +35,12 @@ http.contextpath = / + server.url = + + http.host = 0.0.0.0 + https.host = 0.0.0.0 + +-https.client.protocols = TLSv1.3,TLSv1.2,TLSv1.1 +-https.server.protocols = TLSv1.3,TLSv1.2,TLSv1.1,SSLv2Hello ++https.client.protocols = TLSv1.3,TLSv1.2 ++https.server.protocols = TLSv1.3,TLSv1.2 + https.ciphersuites = TLS_CHACHA20_POLY1305_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV + https.ephemeraldhkeysize = 2048 + + # If set to true, the Connect REST API will require all incoming requests to contain an "X-Requested-With" header. + # This protects against Cross-Site Request Forgery (CSRF) security vulnerabilities. diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..f7d85e43efc5 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,246 @@ +# Maintainer: Chris Severance aur.severach aATt spamgourmet dott com + +_mirthhome='/var/lib/mirthconnect' +_mirthgroup='mirthcon' +_mirthuser='mirthcon' +#_JVM='/usr/lib/jvm/java-8-jre/jre'; _JRE='jre8' +#_JVM='/usr/lib/jvm/java-11-openjdk'; _JRE='jre11-openjdk-headless' # errors +#_JVM='/usr/lib/jvm/java-11-openjdk'; _JRE='jdk11-openjdk-headless' +#_JVM='/usr/lib/jvm/java-16-openjdk'; _JRE='jre16-openjdk-headless' # too hard, not an LTS release +#_JVM='/usr/lib/jvm/java-18-openjdk'; _JRE='jre-openjdk-headless' # can't track with version changes + +if :; then + _jsch_libname='jsch' + _jsch_oldver='0.1.54' + if :; then + _JVM='/usr/lib/jvm/java-17-openjdk'; _JRE='jdk17-openjdk' # needed for all functionality of JSCH-0.2.0 + _jsch_pkgver='0.2.1' + _jsch_srcdir="${_jsch_libname}-${_jsch_libname}-${_jsch_pkgver}" + #_jsch_srcdir="${_jsch_libname}-${_jsch_srcdir}" + _source=("https://github.com/mwiede/jsch/archive/refs/tags/${_jsch_libname}-${_jsch_pkgver}.tar.gz") + makedepends+=('maven') + else + _JVM='/usr/lib/jvm/java-8-openjdk'; _JRE='jdk8-openjdk' # sufficient for JSCH-0.1.55 + _jsch_pkgver='0.1.55' + _jsch_srcdir="${_jsch_libname}-${_jsch_pkgver}" + _source=("https://downloads.sourceforge.net/project/${_jsch_libname}/${_jsch_libname}/${_jsch_pkgver}/${_jsch_srcdir}.zip") + makedepends+=('ant') + fi +else + _JVM='/usr/lib/jvm/java-8-openjdk/jre'; _JRE='jre8-openjdk-headless' +fi + +set -u +pkgname='mirthconnect' +#pkgname+='-git' +#pkgver='3.12.0.b2650' +pkgver='4.0.1.b293' +pkgrel='1' +pkgdesc='hl7 connector by Nextgen' +arch=('x86_64') +url='https://www.nextgen.com/products-and-services/integration-engine' +_giturl='https://github.com/nextgenhealthcare/connect' +license=('MPL') +depends=("${_JRE}") +optdepends=( + {mariadb,postgresql}': alternate database to derby' +) +backup=( + "${_mirthhome#/}/conf/dbdrivers.xml" + "${_mirthhome#/}/conf/log4j-cli.properties" + "${_mirthhome#/}/conf/log4j.properties" + "${_mirthhome#/}/conf/mirth-cli-config.properties" + "${_mirthhome#/}/conf/mirth.properties" +) +install="${pkgname}.install" +_srcdir='Mirth Connect' +source=( + "https://s3.amazonaws.com/downloads.mirthcorp.com/connect/${pkgver}/mirthconnect-${pkgver}-unix.tar.gz" + '0000-mirth-disable-tls11.patch' + "${_source[@]}" +) +md5sums=('8334c068adb05017514ce67ae2529a0d' + '426de9435b21e90df7ae044510938270' + '9d3781f917c5f5c4bc7e16860dc18344' + 'b9e1b8f9395622ba548d7fd07cfd7c26' + '7a779d050bd1cfee55486a1d226466f1') +sha256sums=('fd5223a15cdcaaf0d8071c1bdd9a0409fecd93fcec25e18c1daab1e9fe1f991d' + '4dc37b7ed9db5c9fcd74f45cd6197f6b631d74d3a30022bda6fda1c5900b7099' + 'a3cb1b619269dbef91170f5470a0784aab4862932c17b63af686d5955b3c4bb9' + 'f754da4581b5e390e13fc407ab9fc4cdc7f139585081929626be8569dae99ad9' + '34ae98344a701d73145aa37e388f2765128d6e80240f0dc943d9ecc77ceed2d0') + +source+=( + '0000-jsch-disable-md5-3des-cbc-dss-arcfour.patch' + '0000-jsch-disable-enable-ssh-rsa.patch' +) +if [ ! -z "${_jsch_oldver:-}" ]; then +_jsch_prepare() { + pushd "${srcdir}/${_jsch_srcdir}" > /dev/null + + if [ "$(vercmp "${_jsch_pkgver}" "0.1.55")" -le 0 ]; then + #cd "${srcdir}"; cp -pr "${_jsch_srcdir}" 'a'; ln -s "${_jsch_srcdir}" 'b'; false + # diff -pNaru5 'a' 'b' > '0000-jsch-disable-md5-3des-cbc-dss-arcfour.patch' + patch -Nup1 -i "${srcdir}/0000-jsch-disable-md5-3des-cbc-dss-arcfour.patch" + + #pushd 'src/main/java/com/jcraft/jsch/jce' > /dev/null + #rm -f *CBC* *TripleDES* 'KeyPairGenDSA.java' *ARCFOUR* *Blowfish* *MD5* 'SignatureDSA.java' + #popd > /dev/null + + sed -E -e '/String VERSION/ s:".+":'"\"${_jsch_pkgver}-ArchMirth\":g" -i 'src/main/java/com/jcraft/jsch/JSch.java' + fi + if [ "$(vercmp "${_jsch_pkgver}" "0.2.0")" -ge 0 ]; then + #cd "${srcdir}"; cp -pr "${_jsch_srcdir}" 'a'; ln -s "${_jsch_srcdir}" 'b'; false + # diff -pNaru5 'a' 'b' > '0000-jsch-disable-enable-ssh-rsa.patch' + patch -Nup1 -i "${srcdir}/0000-jsch-disable-enable-ssh-rsa.patch" + fi + + popd > /dev/null +} + +_jsch_build() { + pushd "${srcdir}/${_jsch_srcdir}" > /dev/null + if [ "$(vercmp "${_jsch_pkgver}" "0.1.55")" -le 0 ]; then + JAVA_HOME="${_JVM}" \ + ant dist + else + JAVA_HOME="${_JVM}" \ + mvn package + fi + popd > /dev/null +} + +_jsch_package() { + pushd "${srcdir}/${_jsch_srcdir}" > /dev/null + rm "${pkgdir}/${_mirthhome}/server-lib/${_jsch_libname}-${_jsch_oldver}.jar" + install -Dm644 'LICENSE.txt' "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE.jcsh" + if [ "$(vercmp "${_jsch_pkgver}" "0.1.55")" -le 0 ]; then + cd 'dist/lib' + else + cd 'target' + fi + install -m644 "${_jsch_libname}-${_jsch_pkgver}.jar" "${pkgdir}/${_mirthhome}/server-lib/${_jsch_libname}-${_jsch_pkgver}.jar" + popd > /dev/null +} +else +_jsch_prepare() { :; } +_jsch_build() { :; } +_jsch_package() { :; } +fi + +if [ "${pkgname%-git}" != "${pkgname}" ]; then + md5sums[0]='SKIP' + sha256sums[0]='SKIP' + source[0]="${url//https/git}" + makedepends+=('git') + conflicts=("${pkgname%-git}") + provides=("${pkgname%-git}=${pkgver%.r*}") + _srcdir="${pkgname%-git}" +pkgver() { + set -u + cd "${_srcdir}" + git describe --long --tags | sed -e 's/\([^-]*-g\)/r\1/' -e 's/-/./g' -e 's:^v::g' + set +u +} +elif [ "${pkgver%.r*}" != "${pkgver}" ]; then +pkgver() { + echo "${pkgver%.r*}" +} +fi + +prepare() { + set -u + cd "${_srcdir}" + sed -e "/^# INSTALL4J_JAVA_HOME_OVERRIDE=/ a INSTALL4J_JAVA_HOME_OVERRIDE='${_JVM}'" -i 'mccommand' 'mcmanager' 'mcserver' 'mcservice' + + chmod 700 'conf' # contains cleartext passwords + + sed -e 's:\r::g' -i conf/*.properties + echo >> 'conf/dbdrivers.xml' + echo >> 'conf/log4j-cli.properties' + echo >> 'conf/mirth-cli-config.properties' + echo >> 'conf/mirth.properties' + echo >> 'docs/mcservice-java9+.vmoptions' + + if grep -q -F -e 'TLSv1.1' 'conf/mirth.properties'; then + #cd '..'; cp -pr "${_srcdir}" 'a'; ln -s "${_srcdir}" 'b'; false + # diff -pNaru5 'a' 'b' > '0000-mirth-disable-tls11.patch' + patch -Nup1 -i "${srcdir}/0000-mirth-disable-tls11.patch" + fi + + _jsch_prepare + set +u +} + +build() { + set -u + _jsch_build + set +u +} + +package() { + set -u + cd "${_srcdir}" + install -d "${pkgdir}/${_mirthhome}/" + cp -pr . "${pkgdir}/${_mirthhome}" + if [[ "${_JVM}" =~ [0-9]+ ]]; then + if [ "${BASH_REMATCH}" -ge 9 ]; then + pushd "${pkgdir}/${_mirthhome}" > /dev/null + local _v + for _v in *.vmoptions; do + cat 'docs/mcservice-java9+.vmoptions' >> "${_v}" + done + popd > /dev/null + fi + fi + _jsch_package + + if :; then + local _f + install -d "${pkgdir}/usr/lib/${pkgname}/" + for _f in cli-lib client-lib docs extensions manager-lib public_api_html public_html server-lib webapps; do + mv "${pkgdir}/${_mirthhome}/${_f}" "${pkgdir}/usr/lib/${pkgname}/${_f}" + ln -s "/usr/lib/${pkgname}/${_f}" "${pkgdir}/${_mirthhome}/${_f}" + done + install -d "${pkgdir}/etc/" + ln -s "${_mirthhome}/conf" "${pkgdir}/etc/${pkgname}" + fi + + # systemd service + install -Dm644 <(cat << EOF +# Automatically generated by ${pkgname}-${pkgver} PKGBUILD from Arch Linux AUR +# https://aur.archlinux.org/ + +[Unit] +Description=${pkgdesc} +After=network.target + +[Service] +Type=simple +ExecStart=${_mirthhome}/mcserver +RemainAfterExit=yes +Group=${_mirthgroup} +User=${_mirthuser} + +[Install] +WantedBy=multi-user.target +EOF + ) "${pkgdir}/usr/lib/systemd/system/${pkgname}.service" + + # Generate amended install + bash -n "${startdir}/${install}" || echo "${}" + true && install="${install}.pkg" + rm -f "${startdir}/${install}" + cat - <<<" +# Do not modify this copy + +_mirthhome='"${_mirthhome}"' +_mirthgroup='"${_mirthgroup}"' +_mirthuser='"${_mirthuser}"' + +" "${startdir}/${install%.pkg}" > "${startdir}/${install}" + bash -n "${startdir}/${install}" || echo "${}" + + set +u +} +set +u diff --git a/mirthconnect.install b/mirthconnect.install new file mode 100644 index 000000000000..23ef9da6c550 --- /dev/null +++ b/mirthconnect.install @@ -0,0 +1,48 @@ +# variables filled in by PKGBUILD + +_usercheck() { + if ! getent group "${_mirthgroup}" &> /dev/null; then + groupadd -r "${_mirthgroup}" + echo "mirth: Group ${_mirthgroup} added" + fi + if ! getent passwd "${_mirthuser}" &> /dev/null; then + useradd -r -g "${_mirthgroup}" -G 'http' -d "${_mirthhome}" -s '/usr/bin/bash' -c 'mirth document server' "${_mirthuser}" + echo "mirth: User ${_mirthuser} added" + fi +} + +post_upgrade() { + set -u + chown "${_mirthuser}:${_mirthgroup}" "${_mirthhome}" + chown -R "${_mirthuser}:${_mirthgroup}" "${_mirthhome}/conf" + set +u +} + +post_install() { + set -u + _usercheck + post_upgrade + set +u +} + +pre_remove() { + set -u + systemctl stop 'mirthconnect.service' + set +u +} + +post_remove() { + set -u + if getent passwd "${_mirthuser}" &> /dev/null; then + userdel "${_mirthuser}" + echo "mirth: User ${_mirthgroup} removed" + fi + if getent group "${_mirthgroup}" &> /dev/null; then + groupdel "${_mirthgroup}" + echo "mirth: Group ${_mirthgroup} removed" + fi + if [ -d "${_mirthhome}" ]; then + echo "Uninstall all settings: sudo rm -rf '${_mirthhome}'" + fi + set +u +} |