pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/openpam openpam: update to 20170430
details: https://anonhg.NetBSD.org/pkgsrc/rev/62c228169023
branches: trunk
changeset: 307956:62c228169023
user: triaxx <triaxx%pkgsrc.org@localhost>
date: Tue May 15 07:57:32 2018 +0000
description:
openpam: update to 20170430
* patch-lib_libpam_openpam__constants.c:
* comment it (make pkglint happy)
* fix OPENPAM_MODULES_DIR (avoid openpam loading basesystem modules)
* remove "CONFIGURE_ARGS+= --without-pam-su" (option not recognized by configure)
* change '_dep_' to 'dep' in builtin.mk (make pkglint happy)
* fix paths in manpages
Changes from upstream:
============================================================================
OpenPAM Resedacea 2017-04-30
- BUGFIX: Reinstore the NULL check in pam_end(3) which was removed in
OpenPAM Radula, as it breaks common error-handling constructs.
- BUGFIX: Return PAM_SYMBOL_ERR instead of PAM_SYSTEM_ERR from the
dispatcher when the required service function could not be found.
- ENHANCE: Introduce the PAM_BAD_HANDLE error code for when pamh is
NULL in API functions that have a NULL check.
- ENHANCE: Introduce the PAM_BAD_ITEM, PAM_BAD_FEATURE and
PAM_BAD_CONSTANT error codes for situations where we previously
incorrectly used PAM_SYMBOL_ERR to denote that an invalid constant
had been passed to an API function.
- ENHANCE: Improve the RETURN VALUES section in API man pages,
especially for functions that cannot fail, which were incorrectly
documented as returning -1 on failure.
============================================================================
OpenPAM Radula 2017-02-19
- BUGFIX: Fix an inverted test which prevented pam_get_authtok(3) and
pam_get_user(3) from using application-provided custom prompts.
- BUGFIX: Plug a memory leak in pam_set_item(3).
- BUGFIX: Plug a potential memory leak in openpam_readlinev(3).
- BUGFIX: In openpam_readword(3), support line continuations within
whitespace.
- ENHANCE: Add a feature flag to control fallback to "other" policy.
- ENHANCE: Add a pam_return(8) module which returns an arbitrary
code specified in the module options.
- ENHANCE: More and better unit tests.
diffstat:
security/openpam/Makefile | 12 ++-
security/openpam/PLIST | 3 +-
security/openpam/builtin.mk | 6 +-
security/openpam/distinfo | 14 +-
security/openpam/patches/patch-doc_man_pam.conf.5 | 40 ++++++++++
security/openpam/patches/patch-lib_libpam_openpam__constants.c | 17 +++-
6 files changed, 74 insertions(+), 18 deletions(-)
diffs (168 lines):
diff -r c0fff4a99699 -r 62c228169023 security/openpam/Makefile
--- a/security/openpam/Makefile Tue May 15 06:50:19 2018 +0000
+++ b/security/openpam/Makefile Tue May 15 07:57:32 2018 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.26 2018/01/01 18:16:39 rillig Exp $
+# $NetBSD: Makefile,v 1.27 2018/05/15 07:57:32 triaxx Exp $
-DISTNAME= openpam-20140912
-PKGREVISION= 2
+DISTNAME= openpam-20170430
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=openpam/}
@@ -15,7 +14,6 @@
USE_LIBTOOL= yes
GNU_CONFIGURE= yes
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q}
-CONFIGURE_ARGS+= --without-pam-su
CONFIGURE_ARGS+= --with-pam-unix
CONFIGURE_ARGS+= --with-modules-dir=${PREFIX}/lib/security
@@ -23,6 +21,12 @@
OWN_DIRS= ${PKG_SYSCONFDIR}/pam.d
+SUBST_CLASSES+= man
+SUBST_MESSAGE.man= Fixing hardcoded paths in manpages.
+SUBST_STAGE.man= post-build
+SUBST_FILES.man= doc/man/pam.conf.5
+SUBST_VARS.man= PKG_SYSCONFDIR PREFIX
+
.include "../../mk/dlopen.buildlink3.mk"
# Create a fake perl binary to avoid recreating the man pages.
diff -r c0fff4a99699 -r 62c228169023 security/openpam/PLIST
--- a/security/openpam/PLIST Tue May 15 06:50:19 2018 +0000
+++ b/security/openpam/PLIST Tue May 15 07:57:32 2018 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.8 2018/01/01 22:29:54 rillig Exp $
+@comment $NetBSD: PLIST,v 1.9 2018/05/15 07:57:32 triaxx Exp $
include/security/openpam.h
include/security/openpam_attr.h
include/security/openpam_version.h
@@ -9,6 +9,7 @@
lib/libpam.la
lib/security/pam_deny.la
lib/security/pam_permit.la
+lib/security/pam_return.la
lib/security/pam_unix.la
man/man3/openpam.3
man/man3/openpam_borrow_cred.3
diff -r c0fff4a99699 -r 62c228169023 security/openpam/builtin.mk
--- a/security/openpam/builtin.mk Tue May 15 06:50:19 2018 +0000
+++ b/security/openpam/builtin.mk Tue May 15 07:57:32 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: builtin.mk,v 1.9 2013/11/23 12:10:13 obache Exp $
+# $NetBSD: builtin.mk,v 1.10 2018/05/15 07:57:32 triaxx Exp $
BUILTIN_PKG:= openpam
@@ -45,10 +45,10 @@
. if defined(BUILTIN_PKG.openpam) && \
!empty(IS_BUILTIN.openpam:M[yY][eE][sS])
USE_BUILTIN.openpam= yes
-. for _dep_ in ${BUILDLINK_API_DEPENDS.openpam}
+. for dep in ${BUILDLINK_API_DEPENDS.openpam}
. if !empty(USE_BUILTIN.openpam:M[yY][eE][sS])
USE_BUILTIN.openpam!= \
- if ${PKG_ADMIN} pmatch ${_dep_:Q} ${BUILTIN_PKG.openpam:Q}; then \
+ if ${PKG_ADMIN} pmatch ${dep:Q} ${BUILTIN_PKG.openpam:Q}; then \
${ECHO} yes; \
else \
${ECHO} no; \
diff -r c0fff4a99699 -r 62c228169023 security/openpam/distinfo
--- a/security/openpam/distinfo Tue May 15 06:50:19 2018 +0000
+++ b/security/openpam/distinfo Tue May 15 07:57:32 2018 +0000
@@ -1,10 +1,10 @@
-$NetBSD: distinfo,v 1.12 2016/03/10 12:57:09 tnn Exp $
+$NetBSD: distinfo,v 1.13 2018/05/15 07:57:32 triaxx Exp $
-SHA1 (openpam-20140912.tar.gz) = 45b335d2cb3a4edcc66046ae56d689113e59a67a
-RMD160 (openpam-20140912.tar.gz) = 547cb3cf81d5b4526ddf2a702b83d5303430f764
-SHA512 (openpam-20140912.tar.gz) = c6cfbd669fe1b67af43a33c33bf2587e1512c27f1b96b9b38df37b81ecc4999d85e04b361b19a7265dbf271ebd3de3bd55342ee4fdbee9c68836b69714706423
-Size (openpam-20140912.tar.gz) = 457600 bytes
+SHA1 (openpam-20170430.tar.gz) = 758bd47cddcc1e444dd865a8724a943931762e43
+RMD160 (openpam-20170430.tar.gz) = 20553bf5f46c7b77bfacae424d561d9b047affae
+SHA512 (openpam-20170430.tar.gz) = 04b320bf0e581f4ff75f12fd43cb07df9a417a3e08371f3a71ad9f94caec9ff9742b49391bfb4ae81a7237817ed4eccdc1485a105b35f9d970fb92e4341b9510
+Size (openpam-20170430.tar.gz) = 494372 bytes
+SHA1 (patch-doc_man_pam.conf.5) = 0c9ad45f67333ecbcd5085a536a25b5ed2b01b93
SHA1 (patch-lib_libpam_openpam__configure.c) = 5f4271121d03eb6b9ea7e3e1b85f9b27c9f4eaae
-SHA1 (patch-lib_libpam_openpam__constants.c) = 7dd63e288408939a73057b3e4d90382983c1d559
+SHA1 (patch-lib_libpam_openpam__constants.c) = 14b11cda3dbbfafd5a45865a868295e801bd1733
SHA1 (patch-lib_libpam_openpam__dynamic.c) = 0bed21f16b74dbdb312ce4f09c17055a0891bdd5
-SHA1 (patch-lib_libpam_openpam__readword.c) = 75875dc75f76c6caa267ce7c6c905e0ac2790ad1
diff -r c0fff4a99699 -r 62c228169023 security/openpam/patches/patch-doc_man_pam.conf.5
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openpam/patches/patch-doc_man_pam.conf.5 Tue May 15 07:57:32 2018 +0000
@@ -0,0 +1,40 @@
+$NetBSD: patch-doc_man_pam.conf.5,v 1.1 2018/05/15 07:57:32 triaxx Exp $
+
+Fix hardcoded paths.
+
+--- doc/man/pam.conf.5.orig 2017-04-30 21:36:51.000000000 +0000
++++ doc/man/pam.conf.5
+@@ -39,13 +39,9 @@ The PAM library searches for policies in
+ decreasing order of preference:
+ .Bl -enum
+ .It
+-.Pa /etc/pam.d/ Ns Ar service-name
++.Pa @PKG_SYSCONFDIR@/pam.d/ Ns Ar service-name
+ .It
+-.Pa /etc/pam.conf
+-.It
+-.Pa /usr/local/etc/pam.d/ Ns Ar service-name
+-.It
+-.Pa /usr/local/etc/pam.conf
++.Pa @PKG_SYSCONFDIR@/pam.conf
+ .El
+ .Pp
+ If none of these locations contains a policy for the given service,
+@@ -144,13 +140,10 @@ The
+ .Ar module-path
+ field specifies the name or full path of the module to call.
+ If only the name is specified, the PAM library will search for it in
+-the following locations:
+-.Bl -enum
+-.It
+-.Pa /usr/lib
+-.It
+-.Pa /usr/local/lib
+-.El
++the following location:
++.Bd -unfilled -offset indent
++.Ar @PREFIX@/lib/security
++.Ed
+ .Pp
+ The remaining fields, if any, are passed unmodified to the module if
+ and when it is invoked.
diff -r c0fff4a99699 -r 62c228169023 security/openpam/patches/patch-lib_libpam_openpam__constants.c
--- a/security/openpam/patches/patch-lib_libpam_openpam__constants.c Tue May 15 06:50:19 2018 +0000
+++ b/security/openpam/patches/patch-lib_libpam_openpam__constants.c Tue May 15 07:57:32 2018 +0000
@@ -1,8 +1,11 @@
-$NetBSD: patch-lib_libpam_openpam__constants.c,v 1.1 2014/06/10 13:17:42 joerg Exp $
+$NetBSD: patch-lib_libpam_openpam__constants.c,v 1.2 2018/05/15 07:57:32 triaxx Exp $
---- lib/libpam/openpam_constants.c.orig 2014-06-10 13:01:39.996428375 +0000
+Change hardcoded configuration paths to ones depending on compiler variables.
+Fix OPENPAM_MODULES_DIR to avoid openpam loading basesystem modules.
+
+--- lib/libpam/openpam_constants.c.orig 2017-04-30 21:34:49.000000000 +0000
+++ lib/libpam/openpam_constants.c
-@@ -127,10 +127,8 @@ const char *pam_sm_func_name[PAM_NUM_PRI
+@@ -167,16 +167,14 @@ const char *pam_sm_func_name[PAM_NUM_PRI
};
const char *openpam_policy_path[] = {
@@ -15,3 +18,11 @@
NULL
};
+ const char *openpam_module_path[] = {
+-#ifdef OPENPAM_MODULES_DIRECTORY
+- OPENPAM_MODULES_DIRECTORY,
++#ifdef OPENPAM_MODULES_DIR
++ OPENPAM_MODULES_DIR,
+ #else
+ "/usr/lib",
+ "/usr/local/lib",
Home |
Main Index |
Thread Index |
Old Index