pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
pam-pwdfile: update to 2.0
Module Name: pkgsrc-wip
Committed By: Bartosz Kuzma <bartosz.kuzma%gmail.com@localhost>
Pushed By: bartosz.kuzma
Date: Wed Jul 8 18:19:34 2026 +0200
Changeset: 05ef5e303a73886df6cad2bdb80a9eb19ecdc204
Modified Files:
pam-pwdfile/Makefile
pam-pwdfile/PLIST
pam-pwdfile/distinfo
Added Files:
pam-pwdfile/TODO
pam-pwdfile/patches/patch-pam__pwdfile.c
Removed Files:
pam-pwdfile/files/_pam_macros.h
pam-pwdfile/patches/patch-aa
pam-pwdfile/patches/patch-ab
Log Message:
pam-pwdfile: update to 2.0
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=05ef5e303a73886df6cad2bdb80a9eb19ecdc204
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
pam-pwdfile/Makefile | 24 +---
pam-pwdfile/PLIST | 1 -
pam-pwdfile/TODO | 1 +
pam-pwdfile/distinfo | 9 +-
pam-pwdfile/files/_pam_macros.h | 187 -------------------------------
pam-pwdfile/patches/patch-aa | 14 ---
pam-pwdfile/patches/patch-ab | 16 ---
pam-pwdfile/patches/patch-pam__pwdfile.c | 123 ++++++++++++++++++++
8 files changed, 132 insertions(+), 243 deletions(-)
diffs:
diff --git a/pam-pwdfile/Makefile b/pam-pwdfile/Makefile
index 9b3f7a607f..13f64d0d8d 100644
--- a/pam-pwdfile/Makefile
+++ b/pam-pwdfile/Makefile
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.7 2012/10/04 19:44:06 asau Exp $
+# $NetBSD$
#
-DISTNAME= libpam-pwdfile-0.99
+DISTNAME= libpam-pwdfile-2.0
PKGNAME= ${DISTNAME:S/lib//}
-PKGREVISION= 3
CATEGORIES= security
MASTER_SITES= https://git.tiwe.de/libpam-pwdfile.git/snapshot/
@@ -21,35 +20,20 @@ LDLIBS= -lpam
LDLIBS+= -lcrypt
.endif
-pre-build:
- ${CP} files/_pam_macros.h ${WRKSRC}
+INSTALLATION_DIRS+= lib/security share/doc/pam-pwdfile
do-build:
cd ${WRKSRC} && \
${SHLIBTOOL} --mode=compile ${CC} -c pam_pwdfile.c -o pam_pwdfile.o && \
- ${SHLIBTOOL} --mode=compile ${CC} -c bigcrypt.c -o bigcrypt.o && \
- ${SHLIBTOOL} --mode=compile ${CC} -DHIGHFIRST -D'MD5Name(x)=Good##x' \
- -c md5.c -o md5_good.o && \
- ${SHLIBTOOL} --mode=compile ${CC} -D'MD5Name(x)=Broken##x' \
- -c md5.c -o md5_broken.o && \
- ${SHLIBTOOL} --mode=compile ${CC} -D'MD5Name(x)=Good##x' \
- -c md5_crypt.c -o md5_crypt_good.o && \
- ${SHLIBTOOL} --mode=compile ${CC} -D'MD5Name(x)=Broken##x' \
- -c md5_crypt.c -o md5_crypt_broken.o && \
${SHLIBTOOL} --mode=link ${CC} -avoid-version -module ${LDLIBS} \
-o pam_pwdfile.la -rpath ${PREFIX}/lib/security \
- pam_pwdfile.lo md5_good.lo md5_crypt_good.lo md5_broken.lo \
- md5_crypt_broken.lo bigcrypt.lo
+ pam_pwdfile.lo
do-install:
- ${INSTALL_DATA_DIR} ${DESTDIR}${PREFIX}/lib/security
${SHLIBTOOL} --mode=install ${INSTALL_PROGRAM} \
-c ${WRKSRC}/pam_pwdfile.la ${DESTDIR}${PREFIX}/lib/security
- ${INSTALL_DATA_DIR} ${DESTDIR}${PREFIX}/share/doc/pam-pwdfile
${INSTALL_DATA} ${WRKSRC}/README \
${DESTDIR}${PREFIX}/share/doc/pam-pwdfile
- ${INSTALL_DATA} ${WRKSRC}/changelog \
- ${DESTDIR}${PREFIX}/share/doc/pam-pwdfile
.include "../../mk/pam.buildlink3.mk"
.include "../../mk/bsd.pkg.mk"
diff --git a/pam-pwdfile/PLIST b/pam-pwdfile/PLIST
index eebb604264..b6bffd85f4 100644
--- a/pam-pwdfile/PLIST
+++ b/pam-pwdfile/PLIST
@@ -1,4 +1,3 @@
@comment $NetBSD: PLIST,v 1.4 2009/09/28 22:26:42 bartoszkuzma Exp $
lib/security/pam_pwdfile.la
share/doc/pam-pwdfile/README
-share/doc/pam-pwdfile/changelog
diff --git a/pam-pwdfile/TODO b/pam-pwdfile/TODO
new file mode 100644
index 0000000000..8792d05b79
--- /dev/null
+++ b/pam-pwdfile/TODO
@@ -0,0 +1 @@
+Test on other systems
diff --git a/pam-pwdfile/distinfo b/pam-pwdfile/distinfo
index 77876bdfee..ff00bf78c4 100644
--- a/pam-pwdfile/distinfo
+++ b/pam-pwdfile/distinfo
@@ -1,7 +1,6 @@
$NetBSD: distinfo,v 1.1.1.1 2006/02/21 09:25:27 bartoszkuzma Exp $
-BLAKE2s (libpam-pwdfile-0.99.tar.gz) = 3751d251873f85ac9f64a1055afc3feda3bfd1240e3801eae0be78880b3f50e3
-SHA512 (libpam-pwdfile-0.99.tar.gz) = 05837eeebc2e557aaeecb228f84ffc8c64610ae807838a0a7d17886cb8e7688d74b40d71500027156560a5b014a53c58a77eb7665528cc6d3042eda42a5fd15a
-Size (libpam-pwdfile-0.99.tar.gz) = 16655 bytes
-SHA1 (patch-aa) = c890d486e9f3d0648c3e761776173aa3d2428911
-SHA1 (patch-ab) = 3f7b1e33634ac243482137343fb68e1db6137988
+BLAKE2s (libpam-pwdfile-2.0.tar.gz) = a60dcafd80f3d9310f5eb2ed102ff76919c2f39346eceeb501fa1e023124f060
+SHA512 (libpam-pwdfile-2.0.tar.gz) = a2b84690a0004fb191e81fecf12e2071090ca6be3fb3f759f521e2c43b0876a3fd1e1d59dbdf95cc069dc901cc4dfbf4caf0f115d28598d5e1149f47932efd21
+Size (libpam-pwdfile-2.0.tar.gz) = 8063 bytes
+SHA1 (patch-pam__pwdfile.c) = c5d1540e0b5963c25e9345132b95eee4c9ae2ff6
diff --git a/pam-pwdfile/files/_pam_macros.h b/pam-pwdfile/files/_pam_macros.h
deleted file mode 100644
index 2827fabf77..0000000000
--- a/pam-pwdfile/files/_pam_macros.h
+++ /dev/null
@@ -1,187 +0,0 @@
-#ifndef PAM_MACROS_H
-#define PAM_MACROS_H
-
-/*
- * All kind of macros used by PAM, but usable in some other
- * programs too.
- * Organized by Cristian Gafton <gafton%redhat.com@localhost>
- */
-
-/* a 'safe' version of strdup */
-
-#include <string.h>
-#include <stdlib.h>
-
-#define x_strdup(s) ( (s) ? strdup(s):NULL )
-
-/* Good policy to strike out passwords with some characters not just
- free the memory */
-
-#define _pam_overwrite(x) \
-do { \
- register char *__xx__; \
- if ((__xx__=(x))) \
- while (*__xx__) \
- *__xx__++ = '\0'; \
-} while (0)
-
-/*
- * Don't just free it, forget it too.
- */
-
-#define _pam_drop(X) \
-do { \
- if (X) { \
- free(X); \
- X=NULL; \
- } \
-} while (0)
-
-#define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \
-do { \
- int reply_i; \
- \
- for (reply_i=0; reply_i<replies; ++reply_i) { \
- if (reply[reply_i].resp) { \
- _pam_overwrite(reply[reply_i].resp); \
- free(reply[reply_i].resp); \
- } \
- } \
- if (reply) \
- free(reply); \
-} while (0)
-
-/* some debugging code */
-
-#ifdef DEBUG
-
-/*
- * This provides the necessary function to do debugging in PAM.
- * Cristian Gafton <gafton%redhat.com@localhost>
- */
-
-#include <stdio.h>
-#include <sys/types.h>
-#include <stdarg.h>
-#include <errno.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <unistd.h>
-
-/*
- * This is for debugging purposes ONLY. DO NOT use on live systems !!!
- * You have been warned :-) - CG
- *
- * to get automated debugging to the log file, it must be created manually.
- * _PAM_LOGFILE must exist, mode 666
- */
-
-#ifndef _PAM_LOGFILE
-#define _PAM_LOGFILE "/tmp/pam-debug.log"
-#endif
-
-static void _pam_output_debug_info(const char *file, const char *fn
- , const int line)
-{
- FILE *logfile;
- int must_close = 1, fd;
-
-#ifdef O_NOFOLLOW
- if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) {
-#else
- if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) {
-#endif
- if (!(logfile = fdopen(fd,"a"))) {
- logfile = stderr;
- must_close = 0;
- close(fd);
- }
- } else {
- logfile = stderr;
- must_close = 0;
- }
- fprintf(logfile,"[%s:%s(%d)] ",file, fn, line);
- fflush(logfile);
- if (must_close)
- fclose(logfile);
-}
-
-static void _pam_output_debug(const char *format, ...)
-{
- va_list args;
- FILE *logfile;
- int must_close = 1, fd;
-
- va_start(args, format);
-
-#ifdef O_NOFOLLOW
- if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) {
-#else
- if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) {
-#endif
- if (!(logfile = fdopen(fd,"a"))) {
- logfile = stderr;
- must_close = 0;
- close(fd);
- }
- } else {
- logfile = stderr;
- must_close = 0;
- }
- vfprintf(logfile, format, args);
- fprintf(logfile, "\n");
- fflush(logfile);
- if (must_close)
- fclose(logfile);
-
- va_end(args);
-}
-
-#define D(x) do { \
- _pam_output_debug_info(__FILE__, __FUNCTION__, __LINE__); \
- _pam_output_debug x ; \
-} while (0)
-
-#define _pam_show_mem(X,XS) do { \
- int i; \
- register unsigned char *x; \
- x = (unsigned char *)X; \
- fprintf(stderr, " <start at %p>\n", X); \
- for (i = 0; i < XS ; ++x, ++i) { \
- fprintf(stderr, " %02X. <%p:%02X>\n", i, x, *x); \
- } \
- fprintf(stderr, " <end for %p after %d bytes>\n", X, XS); \
-} while (0)
-
-#define _pam_show_reply(/* struct pam_response * */reply, /* int */replies) \
-do { \
- int reply_i; \
- setbuf(stderr, NULL); \
- fprintf(stderr, "array at %p of size %d\n",reply,replies); \
- fflush(stderr); \
- if (reply) { \
- for (reply_i = 0; reply_i < replies; reply_i++) { \
- fprintf(stderr, " elem# %d at %p: resp = %p, retcode = %d\n", \
- reply_i, reply+reply_i, reply[reply_i].resp, \
- reply[reply_i].resp, _retcode); \
- fflush(stderr); \
- if (reply[reply_i].resp) { \
- fprintf(stderr, " resp[%d] = '%s'\n", \
- strlen(reply[reply_i].resp), reply[reply_i].resp); \
- fflush(stderr); \
- } \
- } \
- } \
- fprintf(stderr, "done here\n"); \
- fflush(stderr); \
-} while (0)
-
-#else
-
-#define D(x) do { } while (0)
-#define _pam_show_mem(X,XS) do { } while (0)
-#define _pam_show_reply(reply, replies) do { } while (0)
-
-#endif /* DEBUG */
-
-#endif /* PAM_MACROS_H */
diff --git a/pam-pwdfile/patches/patch-aa b/pam-pwdfile/patches/patch-aa
deleted file mode 100644
index fe27d95c41..0000000000
--- a/pam-pwdfile/patches/patch-aa
+++ /dev/null
@@ -1,14 +0,0 @@
-$NetBSD: patch-aa,v 1.1.1.1 2006/02/21 09:25:27 bartoszkuzma Exp $
-
---- pam_pwdfile.c.orig 2003-12-20 20:21:19.000000000 +0100
-+++ pam_pwdfile.c
-@@ -42,7 +42,9 @@
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-+#ifdef __Linux__
- #include <features.h>
-+#endif
- #include <syslog.h>
- #include <stdarg.h>
- #include <stdio.h>
diff --git a/pam-pwdfile/patches/patch-ab b/pam-pwdfile/patches/patch-ab
deleted file mode 100644
index 957cf18c83..0000000000
--- a/pam-pwdfile/patches/patch-ab
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-ab,v 1.1.1.1 2006/02/21 09:25:27 bartoszkuzma Exp $
-
---- bigcrypt.c.orig 2002-05-11 16:42:35.000000000 +0200
-+++ bigcrypt.c
-@@ -25,7 +25,11 @@
- */
-
- #include <string.h>
-+#ifdef __Linux__
- #include <security/_pam_macros.h>
-+#else
-+#include "_pam_macros.h"
-+#endif
-
- char *crypt(const char *key, const char *salt);
- char *bigcrypt(const char *key, const char *salt);
diff --git a/pam-pwdfile/patches/patch-pam__pwdfile.c b/pam-pwdfile/patches/patch-pam__pwdfile.c
new file mode 100644
index 0000000000..9c645f4dc3
--- /dev/null
+++ b/pam-pwdfile/patches/patch-pam__pwdfile.c
@@ -0,0 +1,123 @@
+$NetBSD$
+
+NetBSD support
+
+--- pam_pwdfile.c.orig 2024-06-17 10:17:40.000000000 +0000
++++ pam_pwdfile.c
+@@ -50,6 +50,11 @@
+ #endif
+ #endif
+
++#ifdef __NetBSD__
++#define _NETBSD_SOURCE
++#include <fcntl.h>
++#endif
++
+ #include <syslog.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+@@ -66,7 +71,17 @@
+
+ #define PAM_SM_AUTH
+ #include <security/pam_modules.h>
++#ifdef __Linux__
+ #include <security/pam_ext.h>
++#endif
++
++#ifdef __NetBSD__
++#define PWDFILE_SYSLOG(pamh, priority, fmt, ...) \
++ syslog((priority), (fmt), ##__VA_ARGS__)
++#else
++#define PWDFILE_SYSLOG(pamh, priority, fmt, ...) \
++ pam_syslog((pamh), (priority), (fmt), ##__VA_ARGS__)
++#endif
+
+ static int lock_fd(int fd) {
+ int delay;
+@@ -123,29 +138,29 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+
+ #ifdef HAVE_PAM_FAIL_DELAY
+ if (use_delay) {
+- if (debug) pam_syslog(pamh, LOG_DEBUG, "setting fail delay");
++ if (debug) PWDFILE_SYSLOG(pamh, LOG_DEBUG, "setting fail delay");
+ (void) pam_fail_delay(pamh, 2000000); /* 2 sec */
+ }
+ #endif
+
+ if (!pwdfilename) {
+- pam_syslog(pamh, LOG_ERR, "password file name not specified");
++ PWDFILE_SYSLOG(pamh, LOG_ERR, "password file name not specified");
+ return PAM_AUTHINFO_UNAVAIL;
+ }
+
+ if (pam_get_user(pamh, &name, NULL) != PAM_SUCCESS) {
+- pam_syslog(pamh, LOG_ERR, "couldn't get username from PAM stack");
++ PWDFILE_SYSLOG(pamh, LOG_ERR, "couldn't get username from PAM stack");
+ return PAM_AUTH_ERR;
+ }
+- if (debug) pam_syslog(pamh, LOG_DEBUG, "username is %s", name);
++ if (debug) PWDFILE_SYSLOG(pamh, LOG_DEBUG, "username is %s", name);
+
+ if (!(pwdfile = fopen(pwdfilename, "r"))) {
+- pam_syslog(pamh, LOG_ALERT, "couldn't open password file %s", pwdfilename);
++ PWDFILE_SYSLOG(pamh, LOG_ALERT, "couldn't open password file %s", pwdfilename);
+ return PAM_AUTHINFO_UNAVAIL;
+ }
+
+ if (use_flock && lock_fd(fileno(pwdfile)) == -1) {
+- pam_syslog(pamh, LOG_ALERT, "couldn't lock password file %s", pwdfilename);
++ PWDFILE_SYSLOG(pamh, LOG_ALERT, "couldn't lock password file %s", pwdfilename);
+ fclose(pwdfile);
+ return PAM_AUTHINFO_UNAVAIL;
+ }
+@@ -172,16 +187,16 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+ /* we keep linebuf (allocated by getline), stored_crypted_password is pointing into it */
+
+ if (!stored_crypted_password)
+- if (debug) pam_syslog(pamh, LOG_ERR, "user not found in password database");
++ if (debug) PWDFILE_SYSLOG(pamh, LOG_ERR, "user not found in password database");
+
+ if (stored_crypted_password && !strlen(stored_crypted_password)) {
+- if (debug) pam_syslog(pamh, LOG_DEBUG, "user has empty password field");
++ if (debug) PWDFILE_SYSLOG(pamh, LOG_DEBUG, "user has empty password field");
+ free(linebuf);
+ return flags & PAM_DISALLOW_NULL_AUTHTOK ? PAM_AUTH_ERR : PAM_SUCCESS;
+ }
+
+ if (pam_get_authtok(pamh, PAM_AUTHTOK, &password, NULL) != PAM_SUCCESS) {
+- pam_syslog(pamh, LOG_ERR, "couldn't get password from PAM stack");
++ PWDFILE_SYSLOG(pamh, LOG_ERR, "couldn't get password from PAM stack");
+ free(linebuf);
+ return PAM_AUTH_ERR;
+ }
+@@ -191,7 +206,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+ return PAM_USER_UNKNOWN;
+ }
+
+- if (debug) pam_syslog(pamh, LOG_DEBUG, "got crypted password == '%s'", stored_crypted_password);
++ if (debug) PWDFILE_SYSLOG(pamh, LOG_DEBUG, "got crypted password == '%s'", stored_crypted_password);
+
+ #ifdef USE_CRYPT_R
+ crypt_buf.initialized = 0;
+@@ -200,18 +215,18 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+ if (!(crypted_password = crypt(password, stored_crypted_password)))
+ #endif
+ {
+- pam_syslog(pamh, LOG_ERR, "crypt() failed");
++ PWDFILE_SYSLOG(pamh, LOG_ERR, "crypt() failed");
+ free(linebuf);
+ return PAM_AUTH_ERR;
+ }
+
+ if (strcmp(crypted_password, stored_crypted_password)) {
+- pam_syslog(pamh, LOG_NOTICE, "wrong password for user %s", name);
++ PWDFILE_SYSLOG(pamh, LOG_NOTICE, "wrong password for user %s", name);
+ free(linebuf);
+ return PAM_AUTH_ERR;
+ }
+
+- if (debug) pam_syslog(pamh, LOG_DEBUG, "passwords match");
++ if (debug) PWDFILE_SYSLOG(pamh, LOG_DEBUG, "passwords match");
+ free(linebuf);
+ return PAM_SUCCESS;
+ }
Home |
Main Index |
Thread Index |
Old Index