pkgsrc-WIP-changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pam-pwdfile: update to 2.0



Module Name:	pkgsrc-wip
Committed By:	Bartosz Kuzma <bartosz.kuzma%gmail.com@localhost>
Pushed By:	bartosz.kuzma
Date:		Wed Jul 8 18:19:34 2026 +0200
Changeset:	05ef5e303a73886df6cad2bdb80a9eb19ecdc204

Modified Files:
	pam-pwdfile/Makefile
	pam-pwdfile/PLIST
	pam-pwdfile/distinfo
Added Files:
	pam-pwdfile/TODO
	pam-pwdfile/patches/patch-pam__pwdfile.c
Removed Files:
	pam-pwdfile/files/_pam_macros.h
	pam-pwdfile/patches/patch-aa
	pam-pwdfile/patches/patch-ab

Log Message:
pam-pwdfile: update to 2.0

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=05ef5e303a73886df6cad2bdb80a9eb19ecdc204

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 pam-pwdfile/Makefile                     |  24 +---
 pam-pwdfile/PLIST                        |   1 -
 pam-pwdfile/TODO                         |   1 +
 pam-pwdfile/distinfo                     |   9 +-
 pam-pwdfile/files/_pam_macros.h          | 187 -------------------------------
 pam-pwdfile/patches/patch-aa             |  14 ---
 pam-pwdfile/patches/patch-ab             |  16 ---
 pam-pwdfile/patches/patch-pam__pwdfile.c | 123 ++++++++++++++++++++
 8 files changed, 132 insertions(+), 243 deletions(-)

diffs:
diff --git a/pam-pwdfile/Makefile b/pam-pwdfile/Makefile
index 9b3f7a607f..13f64d0d8d 100644
--- a/pam-pwdfile/Makefile
+++ b/pam-pwdfile/Makefile
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.7 2012/10/04 19:44:06 asau Exp $
+# $NetBSD$
 #
 
-DISTNAME=		libpam-pwdfile-0.99
+DISTNAME=		libpam-pwdfile-2.0
 PKGNAME=		${DISTNAME:S/lib//}
-PKGREVISION=		3
 CATEGORIES=		security
 MASTER_SITES=		https://git.tiwe.de/libpam-pwdfile.git/snapshot/
 
@@ -21,35 +20,20 @@ LDLIBS=			-lpam
 LDLIBS+=		-lcrypt
 .endif
 
-pre-build:
-	${CP} files/_pam_macros.h ${WRKSRC}
+INSTALLATION_DIRS+=	lib/security share/doc/pam-pwdfile
 
 do-build:
 	cd ${WRKSRC} && \
 	${SHLIBTOOL} --mode=compile ${CC} -c pam_pwdfile.c -o pam_pwdfile.o && \
-	${SHLIBTOOL} --mode=compile ${CC} -c bigcrypt.c -o bigcrypt.o && \
-	${SHLIBTOOL} --mode=compile ${CC} -DHIGHFIRST -D'MD5Name(x)=Good##x' \
-		-c md5.c -o md5_good.o && \
-	${SHLIBTOOL} --mode=compile ${CC} -D'MD5Name(x)=Broken##x' \
-		-c md5.c -o md5_broken.o && \
-	${SHLIBTOOL} --mode=compile ${CC} -D'MD5Name(x)=Good##x' \
-		-c md5_crypt.c -o md5_crypt_good.o && \
-	${SHLIBTOOL} --mode=compile ${CC} -D'MD5Name(x)=Broken##x' \
-		-c md5_crypt.c -o md5_crypt_broken.o && \
 	${SHLIBTOOL} --mode=link ${CC} -avoid-version -module ${LDLIBS} \
 		-o pam_pwdfile.la -rpath ${PREFIX}/lib/security \
-		pam_pwdfile.lo md5_good.lo md5_crypt_good.lo md5_broken.lo \
-		md5_crypt_broken.lo bigcrypt.lo
+		pam_pwdfile.lo
 
 do-install:
-	${INSTALL_DATA_DIR} ${DESTDIR}${PREFIX}/lib/security
 	${SHLIBTOOL} --mode=install ${INSTALL_PROGRAM} \
 		-c ${WRKSRC}/pam_pwdfile.la ${DESTDIR}${PREFIX}/lib/security
-	${INSTALL_DATA_DIR} ${DESTDIR}${PREFIX}/share/doc/pam-pwdfile
 	${INSTALL_DATA} ${WRKSRC}/README \
 		${DESTDIR}${PREFIX}/share/doc/pam-pwdfile
-	${INSTALL_DATA} ${WRKSRC}/changelog \
-		${DESTDIR}${PREFIX}/share/doc/pam-pwdfile
 
 .include "../../mk/pam.buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
diff --git a/pam-pwdfile/PLIST b/pam-pwdfile/PLIST
index eebb604264..b6bffd85f4 100644
--- a/pam-pwdfile/PLIST
+++ b/pam-pwdfile/PLIST
@@ -1,4 +1,3 @@
 @comment $NetBSD: PLIST,v 1.4 2009/09/28 22:26:42 bartoszkuzma Exp $
 lib/security/pam_pwdfile.la
 share/doc/pam-pwdfile/README
-share/doc/pam-pwdfile/changelog
diff --git a/pam-pwdfile/TODO b/pam-pwdfile/TODO
new file mode 100644
index 0000000000..8792d05b79
--- /dev/null
+++ b/pam-pwdfile/TODO
@@ -0,0 +1 @@
+Test on other systems
diff --git a/pam-pwdfile/distinfo b/pam-pwdfile/distinfo
index 77876bdfee..ff00bf78c4 100644
--- a/pam-pwdfile/distinfo
+++ b/pam-pwdfile/distinfo
@@ -1,7 +1,6 @@
 $NetBSD: distinfo,v 1.1.1.1 2006/02/21 09:25:27 bartoszkuzma Exp $
 
-BLAKE2s (libpam-pwdfile-0.99.tar.gz) = 3751d251873f85ac9f64a1055afc3feda3bfd1240e3801eae0be78880b3f50e3
-SHA512 (libpam-pwdfile-0.99.tar.gz) = 05837eeebc2e557aaeecb228f84ffc8c64610ae807838a0a7d17886cb8e7688d74b40d71500027156560a5b014a53c58a77eb7665528cc6d3042eda42a5fd15a
-Size (libpam-pwdfile-0.99.tar.gz) = 16655 bytes
-SHA1 (patch-aa) = c890d486e9f3d0648c3e761776173aa3d2428911
-SHA1 (patch-ab) = 3f7b1e33634ac243482137343fb68e1db6137988
+BLAKE2s (libpam-pwdfile-2.0.tar.gz) = a60dcafd80f3d9310f5eb2ed102ff76919c2f39346eceeb501fa1e023124f060
+SHA512 (libpam-pwdfile-2.0.tar.gz) = a2b84690a0004fb191e81fecf12e2071090ca6be3fb3f759f521e2c43b0876a3fd1e1d59dbdf95cc069dc901cc4dfbf4caf0f115d28598d5e1149f47932efd21
+Size (libpam-pwdfile-2.0.tar.gz) = 8063 bytes
+SHA1 (patch-pam__pwdfile.c) = c5d1540e0b5963c25e9345132b95eee4c9ae2ff6
diff --git a/pam-pwdfile/files/_pam_macros.h b/pam-pwdfile/files/_pam_macros.h
deleted file mode 100644
index 2827fabf77..0000000000
--- a/pam-pwdfile/files/_pam_macros.h
+++ /dev/null
@@ -1,187 +0,0 @@
-#ifndef PAM_MACROS_H
-#define PAM_MACROS_H
-
-/*
- * All kind of macros used by PAM, but usable in some other
- * programs too.
- * Organized by Cristian Gafton <gafton%redhat.com@localhost>
- */
-
-/* a 'safe' version of strdup */
-
-#include <string.h>
-#include <stdlib.h>
-
-#define  x_strdup(s)  ( (s) ? strdup(s):NULL )
-
-/* Good policy to strike out passwords with some characters not just
-   free the memory */
-
-#define _pam_overwrite(x)        \
-do {                             \
-     register char *__xx__;      \
-     if ((__xx__=(x)))           \
-          while (*__xx__)        \
-               *__xx__++ = '\0'; \
-} while (0)
-
-/*
- * Don't just free it, forget it too.
- */
-
-#define _pam_drop(X) \
-do {                 \
-    if (X) {         \
-        free(X);     \
-        X=NULL;      \
-    }                \
-} while (0)
-
-#define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \
-do {                                              \
-    int reply_i;                                  \
-                                                  \
-    for (reply_i=0; reply_i<replies; ++reply_i) { \
-	if (reply[reply_i].resp) {                \
-	    _pam_overwrite(reply[reply_i].resp);  \
-	    free(reply[reply_i].resp);            \
-	}                                         \
-    }                                             \
-    if (reply)                                    \
-	free(reply);                              \
-} while (0)
-
-/* some debugging code */
-
-#ifdef DEBUG
-
-/*
- * This provides the necessary function to do debugging in PAM.
- * Cristian Gafton <gafton%redhat.com@localhost>
- */
-
-#include <stdio.h>
-#include <sys/types.h>
-#include <stdarg.h>
-#include <errno.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <unistd.h>
-
-/*
- * This is for debugging purposes ONLY. DO NOT use on live systems !!!
- * You have been warned :-) - CG
- *
- * to get automated debugging to the log file, it must be created manually.
- * _PAM_LOGFILE must exist, mode 666
- */
-
-#ifndef _PAM_LOGFILE
-#define _PAM_LOGFILE "/tmp/pam-debug.log"
-#endif
-
-static void _pam_output_debug_info(const char *file, const char *fn
-				   , const int line)
-{
-    FILE *logfile;
-    int must_close = 1, fd;
-   
-#ifdef O_NOFOLLOW
-    if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) {
-#else
-    if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) {
-#endif
-	if (!(logfile = fdopen(fd,"a"))) {
-	    logfile = stderr;
-	    must_close = 0;
-	    close(fd);
-	}
-    } else {
-        logfile = stderr;
-	must_close = 0;
-    }
-    fprintf(logfile,"[%s:%s(%d)] ",file, fn, line);
-    fflush(logfile);
-    if (must_close)
-        fclose(logfile);
-}
-
-static void _pam_output_debug(const char *format, ...)
-{
-    va_list args;
-    FILE *logfile;
-    int must_close = 1, fd;
-    
-    va_start(args, format);
-
-#ifdef O_NOFOLLOW
-    if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) {
-#else
-    if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) {
-#endif
-	if (!(logfile = fdopen(fd,"a"))) {
-	    logfile = stderr;
-	    must_close = 0;
-	    close(fd);
-	}
-    } else {
-	logfile = stderr;
-	must_close = 0;
-    }
-    vfprintf(logfile, format, args);
-    fprintf(logfile, "\n");
-    fflush(logfile);
-    if (must_close)
-        fclose(logfile);
-
-    va_end(args);
-}
-
-#define D(x) do { \
-    _pam_output_debug_info(__FILE__, __FUNCTION__, __LINE__); \
-    _pam_output_debug x ; \
-} while (0)
-
-#define _pam_show_mem(X,XS) do {                                      \
-      int i;                                                          \
-      register unsigned char *x;                                      \
-      x = (unsigned char *)X;                                         \
-      fprintf(stderr, "  <start at %p>\n", X);                        \
-      for (i = 0; i < XS ; ++x, ++i) {                                \
-          fprintf(stderr, "    %02X. <%p:%02X>\n", i, x, *x);         \
-      }                                                               \
-      fprintf(stderr, "  <end for %p after %d bytes>\n", X, XS);      \
-} while (0)
-
-#define _pam_show_reply(/* struct pam_response * */reply, /* int */replies) \
-do {                                                                        \
-    int reply_i;                                                            \
-    setbuf(stderr, NULL);                                                   \
-    fprintf(stderr, "array at %p of size %d\n",reply,replies);              \
-    fflush(stderr);                                                         \
-    if (reply) {                                                            \
-	for (reply_i = 0; reply_i < replies; reply_i++) {                   \
-	    fprintf(stderr, "  elem# %d at %p: resp = %p, retcode = %d\n",  \
-		    reply_i, reply+reply_i, reply[reply_i].resp,            \
-		    reply[reply_i].resp, _retcode);                         \
-	    fflush(stderr);                                                 \
-	    if (reply[reply_i].resp) {                                      \
-		fprintf(stderr, "    resp[%d] = '%s'\n",                    \
-			strlen(reply[reply_i].resp), reply[reply_i].resp);  \
-		fflush(stderr);                                             \
-	    }                                                               \
-	}                                                                   \
-    }                                                                       \
-    fprintf(stderr, "done here\n");                                         \
-    fflush(stderr);                                                         \
-} while (0)
-
-#else
-
-#define D(x)                             do { } while (0)
-#define _pam_show_mem(X,XS)              do { } while (0)
-#define _pam_show_reply(reply, replies)  do { } while (0)
-
-#endif /* DEBUG */
-
-#endif  /* PAM_MACROS_H */
diff --git a/pam-pwdfile/patches/patch-aa b/pam-pwdfile/patches/patch-aa
deleted file mode 100644
index fe27d95c41..0000000000
--- a/pam-pwdfile/patches/patch-aa
+++ /dev/null
@@ -1,14 +0,0 @@
-$NetBSD: patch-aa,v 1.1.1.1 2006/02/21 09:25:27 bartoszkuzma Exp $
-
---- pam_pwdfile.c.orig	2003-12-20 20:21:19.000000000 +0100
-+++ pam_pwdfile.c
-@@ -42,7 +42,9 @@
-  * OF THE POSSIBILITY OF SUCH DAMAGE.
-  */
- 
-+#ifdef __Linux__
- #include <features.h>
-+#endif
- #include <syslog.h>
- #include <stdarg.h>
- #include <stdio.h>
diff --git a/pam-pwdfile/patches/patch-ab b/pam-pwdfile/patches/patch-ab
deleted file mode 100644
index 957cf18c83..0000000000
--- a/pam-pwdfile/patches/patch-ab
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-ab,v 1.1.1.1 2006/02/21 09:25:27 bartoszkuzma Exp $
-
---- bigcrypt.c.orig	2002-05-11 16:42:35.000000000 +0200
-+++ bigcrypt.c
-@@ -25,7 +25,11 @@
-  */
- 
- #include <string.h>
-+#ifdef __Linux__
- #include <security/_pam_macros.h>
-+#else
-+#include "_pam_macros.h"
-+#endif
- 
- char *crypt(const char *key, const char *salt);
- char *bigcrypt(const char *key, const char *salt);
diff --git a/pam-pwdfile/patches/patch-pam__pwdfile.c b/pam-pwdfile/patches/patch-pam__pwdfile.c
new file mode 100644
index 0000000000..9c645f4dc3
--- /dev/null
+++ b/pam-pwdfile/patches/patch-pam__pwdfile.c
@@ -0,0 +1,123 @@
+$NetBSD$
+
+NetBSD support
+
+--- pam_pwdfile.c.orig	2024-06-17 10:17:40.000000000 +0000
++++ pam_pwdfile.c
+@@ -50,6 +50,11 @@
+ #endif
+ #endif
+ 
++#ifdef __NetBSD__
++#define _NETBSD_SOURCE
++#include <fcntl.h>
++#endif
++
+ #include <syslog.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+@@ -66,7 +71,17 @@
+ 
+ #define PAM_SM_AUTH
+ #include <security/pam_modules.h>
++#ifdef __Linux__
+ #include <security/pam_ext.h>
++#endif
++
++#ifdef __NetBSD__
++#define PWDFILE_SYSLOG(pamh, priority, fmt, ...) \
++    syslog((priority), (fmt), ##__VA_ARGS__)
++#else
++#define PWDFILE_SYSLOG(pamh, priority, fmt, ...) \
++    pam_syslog((pamh), (priority), (fmt), ##__VA_ARGS__)
++#endif
+ 
+ static int lock_fd(int fd) {
+     int delay;
+@@ -123,29 +138,29 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+     
+ #ifdef HAVE_PAM_FAIL_DELAY
+     if (use_delay) {
+-	if (debug) pam_syslog(pamh, LOG_DEBUG, "setting fail delay");
++	if (debug) PWDFILE_SYSLOG(pamh, LOG_DEBUG, "setting fail delay");
+ 	(void) pam_fail_delay(pamh, 2000000);   /* 2 sec */
+     }
+ #endif
+     
+     if (!pwdfilename) {
+-	pam_syslog(pamh, LOG_ERR, "password file name not specified");
++	PWDFILE_SYSLOG(pamh, LOG_ERR, "password file name not specified");
+ 	return PAM_AUTHINFO_UNAVAIL;
+     }
+     
+     if (pam_get_user(pamh, &name, NULL) != PAM_SUCCESS) {
+-	pam_syslog(pamh, LOG_ERR, "couldn't get username from PAM stack");
++	PWDFILE_SYSLOG(pamh, LOG_ERR, "couldn't get username from PAM stack");
+ 	return PAM_AUTH_ERR;
+     }
+-    if (debug) pam_syslog(pamh, LOG_DEBUG, "username is %s", name);
++    if (debug) PWDFILE_SYSLOG(pamh, LOG_DEBUG, "username is %s", name);
+     
+     if (!(pwdfile = fopen(pwdfilename, "r"))) {
+-	pam_syslog(pamh, LOG_ALERT, "couldn't open password file %s", pwdfilename);
++	PWDFILE_SYSLOG(pamh, LOG_ALERT, "couldn't open password file %s", pwdfilename);
+ 	return PAM_AUTHINFO_UNAVAIL;
+     }
+     
+     if (use_flock && lock_fd(fileno(pwdfile)) == -1) {
+-	pam_syslog(pamh, LOG_ALERT, "couldn't lock password file %s", pwdfilename);
++	PWDFILE_SYSLOG(pamh, LOG_ALERT, "couldn't lock password file %s", pwdfilename);
+ 	fclose(pwdfile);
+ 	return PAM_AUTHINFO_UNAVAIL;
+     }
+@@ -172,16 +187,16 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+     /* we keep linebuf (allocated by getline), stored_crypted_password is pointing into it */
+ 
+     if (!stored_crypted_password)
+-	if (debug) pam_syslog(pamh, LOG_ERR, "user not found in password database");
++	if (debug) PWDFILE_SYSLOG(pamh, LOG_ERR, "user not found in password database");
+     
+     if (stored_crypted_password && !strlen(stored_crypted_password)) {
+-	if (debug) pam_syslog(pamh, LOG_DEBUG, "user has empty password field");
++	if (debug) PWDFILE_SYSLOG(pamh, LOG_DEBUG, "user has empty password field");
+ 	free(linebuf);
+ 	return flags & PAM_DISALLOW_NULL_AUTHTOK ? PAM_AUTH_ERR : PAM_SUCCESS;
+     }
+     
+     if (pam_get_authtok(pamh, PAM_AUTHTOK, &password, NULL) != PAM_SUCCESS) {
+-	pam_syslog(pamh, LOG_ERR, "couldn't get password from PAM stack");
++	PWDFILE_SYSLOG(pamh, LOG_ERR, "couldn't get password from PAM stack");
+ 	free(linebuf);
+ 	return PAM_AUTH_ERR;
+     }
+@@ -191,7 +206,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+ 	return PAM_USER_UNKNOWN;
+     }
+     
+-    if (debug) pam_syslog(pamh, LOG_DEBUG, "got crypted password == '%s'", stored_crypted_password);
++    if (debug) PWDFILE_SYSLOG(pamh, LOG_DEBUG, "got crypted password == '%s'", stored_crypted_password);
+     
+ #ifdef USE_CRYPT_R
+     crypt_buf.initialized = 0;
+@@ -200,18 +215,18 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+     if (!(crypted_password = crypt(password, stored_crypted_password)))
+ #endif
+     {
+-	pam_syslog(pamh, LOG_ERR, "crypt() failed");
++	PWDFILE_SYSLOG(pamh, LOG_ERR, "crypt() failed");
+ 	free(linebuf);
+ 	return PAM_AUTH_ERR;
+     }
+     
+     if (strcmp(crypted_password, stored_crypted_password)) {
+-	pam_syslog(pamh, LOG_NOTICE, "wrong password for user %s", name);
++	PWDFILE_SYSLOG(pamh, LOG_NOTICE, "wrong password for user %s", name);
+ 	free(linebuf);
+ 	return PAM_AUTH_ERR;
+     }
+     
+-    if (debug) pam_syslog(pamh, LOG_DEBUG, "passwords match");
++    if (debug) PWDFILE_SYSLOG(pamh, LOG_DEBUG, "passwords match");
+     free(linebuf);
+     return PAM_SUCCESS;
+ }


Home | Main Index | Thread Index | Old Index