pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pkg/47168: pkgsrc update for security/pam_ssh_agent_auth



>Number:         47168
>Category:       pkg
>Synopsis:       Does not build and/or run under NetBSD 5.x/6.x, i386/amd64
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Wed Nov 07 19:25:00 +0000 2012
>Originator:     Jason White
>Release:        NetBSD 6.0
>Organization:
>Environment:
System: NetBSD bofh.its.iastate.edu 6.0 NetBSD 6.0 (GENERIC) i386
Architecture: i386
Machine: i386
>Description:
This package fails to build and/or function under NetBSD 5.x and 6.x,
i386 and amd64.

1) When invoking this module, the following appears in /var/log/authlog:
in openpam_dispatch(): pam_ssh_agent_auth.so: no pam_sm_authenticate()

2) Because the ordering of arguments to strnvis() changed in NetBSD 6.0,
this module will build but segfault when invoked. Same issue as PR/44977.

>How-To-Repeat:
Build it.  Add it to a pam stack (say, su) and try to su.
With NetBSD <6.0 you get condition #1 above.
With NetBSD >=6.0 you get both conditions above.

>Fix:
1) To fix the "no pam_sm_authenticate()" message, the module must be built
with the compiler flag -DNO_STATIC_MODULES.  [patch below]

2) To fix the issue with strnvis, check to see if we're compiling on
NetBSD 6.0 or later and tweak the order of the arguments to strnvis()
accordingly. [patch below]

The following patch fixes these issues and also updates the 
module version from 0.9.2 to 0.9.3.  I attempted to make 0.9.4 (latest)
work under NetBSD, but kept getting bogus messages about not
being able to find the module though ktrace showed otherwise.
0.9.4 does not offer any significant features or functionality
over 0.9.3, but was trying to be current.

Patch also fixes some compiler warnings in openbsd-compat library.

Index: Makefile
===================================================================
RCS file: /cvsroot/pkgsrc/security/pam_ssh_agent_auth/Makefile,v
retrieving revision 1.4
diff -u -r1.4 Makefile
--- Makefile    23 Oct 2012 18:16:49 -0000      1.4
+++ Makefile    7 Nov 2012 17:15:36 -0000
@@ -1,6 +1,6 @@
 # $NetBSD: Makefile,v 1.4 2012/10/23 18:16:49 asau Exp $
 
-DISTNAME=      pam_ssh_agent_auth-0.9.2
+DISTNAME=      pam_ssh_agent_auth-0.9.3
 CATEGORIES=    security
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=pamsshagentauth/}
 EXTRACT_SUFX=  .tar.bz2
@@ -13,4 +13,6 @@
 GNU_CONFIGURE= yes
 USE_TOOLS+=    pod2man
 
+CFLAGS.NetBSD+=        -DNO_STATIC_MODULES
+
 .include "../../mk/bsd.pkg.mk"
Index: distinfo
===================================================================
RCS file: /cvsroot/pkgsrc/security/pam_ssh_agent_auth/distinfo,v
retrieving revision 1.2
diff -u -r1.2 distinfo
--- distinfo    15 Jan 2010 22:23:48 -0000      1.2
+++ distinfo    7 Nov 2012 17:15:36 -0000
@@ -1,8 +1,10 @@
 $NetBSD: distinfo,v 1.2 2010/01/15 22:23:48 agc Exp $
 
-SHA1 (pam_ssh_agent_auth-0.9.2.tar.bz2) = 
0f3d9455a8f983907cfad293105cfb16c4a08a0a
-RMD160 (pam_ssh_agent_auth-0.9.2.tar.bz2) = 
2ef2a4dbb1f3115751f596629c0518e65500cdf4
-Size (pam_ssh_agent_auth-0.9.2.tar.bz2) = 237156 bytes
+SHA1 (pam_ssh_agent_auth-0.9.3.tar.bz2) = 
5761a2d5e3ea29e0b415424338d27deaabdd75f4
+RMD160 (pam_ssh_agent_auth-0.9.3.tar.bz2) = 
cd4846adf8f131991b18c8af48b750440bd636c6
+Size (pam_ssh_agent_auth-0.9.3.tar.bz2) = 239596 bytes
 SHA1 (patch-aa) = a32866ae59734b94c55a3531094bbd6b6d9cdbfc
 SHA1 (patch-ab) = 9ef4711ea6a65a627e581d8905a3a9f8ef0cf202
 SHA1 (patch-ac) = ade7a45c5e42307ee0e9ffbdbd708a6fef64ada0
+SHA1 (patch-ad) = a29719b21e80115e9b1c54b0c3f965f934effba6
+SHA1 (patch-ae) = 3a09dbeed4dd0991127e1e1c7b3b142ac3a2e44b
Index: patches/patch-ad
===================================================================
RCS file: patches/patch-ad
diff -N patches/patch-ad
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-ad    7 Nov 2012 17:15:36 -0000
@@ -0,0 +1,15 @@
+--- log.c      2012-11-07 10:03:34.000000000 -0600
++++ log.c      2012-11-07 10:03:44.000000000 -0600
+@@ -361,7 +361,11 @@
+               vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args);
+       }
+ 
+-      strnvis(fmtbuf, msgbuf, sizeof(fmtbuf),
++#if (defined(__NetBSD_Version__) && __NetBSD_Version__ >= 600000000)
++        strnvis(fmtbuf, sizeof(fmtbuf), msgbuf,
++#else
++        strnvis(fmtbuf, msgbuf, sizeof(fmtbuf),
++#endif
+           log_on_stderr ? LOG_STDERR_VIS : LOG_SYSLOG_VIS);
+ 
+     if(level == SYSLOG_LEVEL_FATAL) {
Index: patches/patch-ae
===================================================================
RCS file: patches/patch-ae
diff -N patches/patch-ae
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-ae    7 Nov 2012 17:15:36 -0000
@@ -0,0 +1,17 @@
+--- openbsd-compat/readpassphrase.c    2012-11-07 10:09:52.000000000 -0600
++++ openbsd-compat/readpassphrase.c    2012-11-07 10:18:38.000000000 -0600
+@@ -124,11 +124,11 @@
+               if (p < end) {
+                       if ((flags & RPP_SEVENBIT))
+                               ch &= 0x7f;
+-                      if (isalpha(ch)) {
++                      if (isalpha((int)ch)) {
+                               if ((flags & RPP_FORCELOWER))
+-                                      ch = tolower(ch);
++                                      ch = tolower((int)ch);
+                               if ((flags & RPP_FORCEUPPER))
+-                                      ch = toupper(ch);
++                                      ch = toupper((int)ch);
+                       }
+                       *p++ = ch;
+               }



Home | Main Index | Thread Index | Old Index