sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-04-28 01:26:39 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

security/pam_pwdfile: Update to latest version 2.0

Browse source 
PR:		285688
Reported by:	ykla <yklaxds@gmail.com>
This commit is contained in:
Lev A. Serebryakov 2025-04-02 22:00:57 +03:00
parent b1c60383a0
commit 88ae750911
8 changed files with 56 additions and 293 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
security/pam_pwdfile/Makefile
View file

@ -1,18 +1,15 @@
PORTNAME= pam_pwdfile
PORTVERSION= 1.0
DISTVERSIONPREFIX= v
PORTVERSION= 2.0
MASTER_SITES= https://git.tiwe.de/libpam-pwdfile.git/snapshot/
DISTFILES= libpam-pwdfile-${PORTVERSION}.tar.gz
CATEGORIES= security
MAINTAINER= lev@FreeBSD.org
COMMENT= Pam module for authenticating with flat passwd files
WWW= http://www.cpbotha.net/pam_pwdfile.html
WWW= https://www.cpbotha.net/software/pam_pwdfile/
USES= uidfix
USE_GITHUB= yes
GH_ACCOUNT= tiwe-de
GH_PROJECT= libpam-pwdfile
MAKEFILE= ${FILESDIR}/Makefile.bsd
LICENSE= BSD3CLAUSE GPLv1 GPLv2 GPLv3
LICENSE_COMB= dual
PLIST_FILES= lib/pam_pwdfile.so
PORTDOCS= README INSTALL
@ -20,9 +17,9 @@ CFLAGS+= -I${WRKSRC}
OPTIONS_DEFINE= DOCS
post-patch:
# ${REINPLACE_CMD} -e 's|#include <features.h>||g' ${WRKSRC}/pam_pwdfile.c
${CP} ${FILESDIR}/_pam_macros.h ${WRKSRC}
MAKE_ARGS= PAM_LIB_DIR=${PREFIX}/lib
WRKSRC= ${WRKDIR}/libpam-pwdfile-${PORTVERSION}
post-install:
@${MKDIR} ${STAGEDIR}${DOCSDIR}

6
security/pam_pwdfile/distinfo
View file

@ -1,3 +1,3 @@
TIMESTAMP = 1523883055
SHA256 (tiwe-de-libpam-pwdfile-v1.0_GH0.tar.gz) = 5b8db1397cff9cadfd1bb96f53c134b787ab0e6a0fbedb71040541d340313ba2
SIZE (tiwe-de-libpam-pwdfile-v1.0_GH0.tar.gz) = 13418
TIMESTAMP = 1743618637
SHA256 (libpam-pwdfile-2.0.tar.gz) = 981c286923c2018ececb5025ba0b27020ffa964d8b8d426ff58ad7f156e72424
SIZE (libpam-pwdfile-2.0.tar.gz) = 8063

29
security/pam_pwdfile/files/Makefile.bsd
View file

@ -1,29 +0,0 @@
# inspired from pam-pgsql port :-)
SRCS= pam_pwdfile.c \
bigcrypt.c \
md5_good.c \
md5_crypt_good.c \
md5_broken.c \
md5_crypt_broken.c
SHLIB_NAME= pam_pwdfile.so
LDADD= -lpam -lcrypt
CFLAGS+= -Wall -D_BSD_SOURCE
LIBDIR= ${LOCALBASE}/lib
md5_good.c: md5.c
$(CPP) $(CPPFLAGS) -DHIGHFIRST -D'MD5Name(x)=Good##x' -o $@ $>
md5_broken.c: md5.c
$(CPP) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' -o $@ $>
md5_crypt_good.c: md5_crypt.c
$(CPP) $(CPPFLAGS) -D'MD5Name(x)=Good##x' -o $@ $>
md5_crypt_broken.c: md5_crypt.c
$(CPP) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' -o $@ $>
.include <bsd.lib.mk>

196
security/pam_pwdfile/files/_pam_macros.h
View file

@ -1,196 +0,0 @@
#ifndef PAM_MACROS_H
#define PAM_MACROS_H
/*
* All kind of macros used by PAM, but usable in some other
* programs too.
* Organized by Cristian Gafton <gafton@redhat.com>
*/
/* a 'safe' version of strdup */
#include <stdlib.h>
#include <string.h>
#define x_strdup(s) ( (s) ? strdup(s):NULL )
/* Good policy to strike out passwords with some characters not just
free the memory */
#define _pam_overwrite(x) \
do { \
register char *__xx__; \
if ((__xx__=(x))) \
while (*__xx__) \
*__xx__++ = '\0'; \
} while (0)
#define _pam_overwrite_n(x,n) \
do { \
register char *__xx__; \
register unsigned int __i__ = 0; \
if ((__xx__=(x))) \
for (;__i__<n; __i__++) \
__xx__[__i__] = 0; \
} while (0)
/*
* Don't just free it, forget it too.
*/
#define _pam_drop(X) \
do { \
if (X) { \
free(X); \
X=NULL; \
} \
} while (0)
#define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \
do { \
int reply_i; \
\
for (reply_i=0; reply_i<replies; ++reply_i) { \
if (reply[reply_i].resp) { \
_pam_overwrite(reply[reply_i].resp); \
free(reply[reply_i].resp); \
} \
} \
if (reply) \
free(reply); \
} while (0)
/* some debugging code */
#ifdef DEBUG
/*
* This provides the necessary function to do debugging in PAM.
* Cristian Gafton <gafton@redhat.com>
*/
#include <stdio.h>
#include <sys/types.h>
#include <stdarg.h>
#include <errno.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
/*
* This is for debugging purposes ONLY. DO NOT use on live systems !!!
* You have been warned :-) - CG
*
* to get automated debugging to the log file, it must be created manually.
* _PAM_LOGFILE must exist and be writable to the programs you debug.
*/
#ifndef _PAM_LOGFILE
#define _PAM_LOGFILE "/var/run/pam-debug.log"
#endif
static void _pam_output_debug_info(const char *file, const char *fn
, const int line)
{
FILE *logfile;
int must_close = 1, fd;
#ifdef O_NOFOLLOW
if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) {
#else
if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) {
#endif
if (!(logfile = fdopen(fd,"a"))) {
logfile = stderr;
must_close = 0;
close(fd);
}
} else {
logfile = stderr;
must_close = 0;
}
fprintf(logfile,"[%s:%s(%d)] ",file, fn, line);
fflush(logfile);
if (must_close)
fclose(logfile);
}
static void _pam_output_debug(const char *format, ...)
{
va_list args;
FILE *logfile;
int must_close = 1, fd;
va_start(args, format);
#ifdef O_NOFOLLOW
if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) {
#else
if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) {
#endif
if (!(logfile = fdopen(fd,"a"))) {
logfile = stderr;
must_close = 0;
close(fd);
}
} else {
logfile = stderr;
must_close = 0;
}
vfprintf(logfile, format, args);
fprintf(logfile, "\n");
fflush(logfile);
if (must_close)
fclose(logfile);
va_end(args);
}
#define D(x) do { \
_pam_output_debug_info(__FILE__, __FUNCTION__, __LINE__); \
_pam_output_debug x ; \
} while (0)
#define _pam_show_mem(X,XS) do { \
int i; \
register unsigned char *x; \
x = (unsigned char *)X; \
fprintf(stderr, " <start at %p>\n", X); \
for (i = 0; i < XS ; ++x, ++i) { \
fprintf(stderr, " %02X. <%p:%02X>\n", i, x, *x); \
} \
fprintf(stderr, " <end for %p after %d bytes>\n", X, XS); \
} while (0)
#define _pam_show_reply(/* struct pam_response * */reply, /* int */replies) \
do { \
int reply_i; \
setbuf(stderr, NULL); \
fprintf(stderr, "array at %p of size %d\n",reply,replies); \
fflush(stderr); \
if (reply) { \
for (reply_i = 0; reply_i < replies; reply_i++) { \
fprintf(stderr, " elem# %d at %p: resp = %p, retcode = %d\n", \
reply_i, reply+reply_i, reply[reply_i].resp, \
reply[reply_i].resp, _retcode); \
fflush(stderr); \
if (reply[reply_i].resp) { \
fprintf(stderr, " resp[%d] = '%s'\n", \
strlen(reply[reply_i].resp), reply[reply_i].resp); \
fflush(stderr); \
} \
} \
} \
fprintf(stderr, "done here\n"); \
fflush(stderr); \
} while (0)
#else
#define D(x) do { } while (0)
#define _pam_show_mem(X,XS) do { } while (0)
#define _pam_show_reply(reply, replies) do { } while (0)
#endif /* DEBUG */
#endif /* PAM_MACROS_H */

22
security/pam_pwdfile/files/patch-Makefile Normal file
View file

@ -0,0 +1,22 @@
--- Makefile.orig 2025-04-02 18:45:17 UTC
+++ Makefile
@@ -2,8 +2,8 @@ PAM_LIB_DIR ?= /lib/security
INSTALL ?= install
CFLAGS ?= -O2 -g -Wall -Wformat-security
-CPPFLAGS += -DUSE_CRYPT_R -D_FILE_OFFSET_BITS=64
-CFLAGS += -fPIC -fvisibility=hidden
+CPPFLAGS += -D_FILE_OFFSET_BITS=64
+CFLAGS += -fPIC -fvisibility=hidden ${CPPFLAGS}
LDFLAGS += -Wl,-x -shared
TITLE = pam_pwdfile
@@ -19,7 +19,7 @@ $(LIBSHARED): $(LIBOBJ)
install: $(LIBSHARED)
$(INSTALL) -m 0755 -d $(DESTDIR)$(PAM_LIB_DIR)
- $(INSTALL) -m 0755 $(LIBSHARED) $(DESTDIR)$(PAM_LIB_DIR)
+ $(INSTALL) -m 0755 -s $(LIBSHARED) $(DESTDIR)$(PAM_LIB_DIR)
clean:
$(RM) *.o *.so

20
security/pam_pwdfile/files/patch-md5.c
View file

@ -1,20 +0,0 @@
--- md5.c.orig 2018-04-13 14:15:16.302782000 +0300
+++ md5.c 2018-04-13 14:25:07.662155000 +0300
@@ -17,7 +17,7 @@
*/
#include <string.h>
-#include <byteswap.h>
+#include <sys/endian.h>
#include "md5.h"
#ifndef HIGHFIRST
@@ -25,7 +25,7 @@
#else
static void byteReverse(unsigned char *buf, unsigned longs) {
for (; longs; --longs, buf +=4)
- *((uint32_t *) buf) = bswap_32(*((uint32_t *) buf));
+ *((uint32_t *) buf) = bswap32(*((uint32_t *) buf));
}
#endif

22
security/pam_pwdfile/files/patch-pam__pwdfile.c Normal file
View file

@ -0,0 +1,22 @@
--- pam_pwdfile.c.orig 2025-04-02 18:36:58 UTC
+++ pam_pwdfile.c
@@ -42,9 +42,6 @@
#define _GNU_SOURCE
#include <crypt.h>
#else
-#ifndef _XOPEN_SOURCE
-#define _XOPEN_SOURCE 700
-#endif
#ifndef _BSD_SOURCE
#define _BSD_SOURCE
#endif
@@ -66,7 +63,8 @@
#define PAM_SM_AUTH
#include <security/pam_modules.h>
-#include <security/pam_ext.h>
+
+#define pam_syslog(H, C, ...) syslog(C, __VA_ARGS__)
static int lock_fd(int fd) {
int delay;

33
security/pam_pwdfile/files/patch-pam_pwdfile.c
View file

@ -1,33 +0,0 @@
--- pam_pwdfile.c.orig 2018-04-13 14:25:49.414568000 +0300
+++ pam_pwdfile.c 2018-04-13 14:42:33.040919000 +0300
@@ -38,18 +38,7 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifdef USE_CRYPT_R
-#define _GNU_SOURCE
-#include <crypt.h>
-#else
-#ifndef _XOPEN_SOURCE
-#define _XOPEN_SOURCE 700
-#endif
-#ifndef _BSD_SOURCE
-#define _BSD_SOURCE
-#endif
-#endif
-
+#include <stdint.h>
#include <syslog.h>
#include <stdio.h>
#include <stdlib.h>
@@ -66,7 +55,9 @@
#define PAM_SM_AUTH
#include <security/pam_modules.h>
-#include <security/pam_ext.h>
+/* #include <security/pam_ext.h> */
+
+#define pam_syslog(H, C, ...) syslog(C, __VA_ARGS__)
#include "md5.h"
#include "bigcrypt.h"