Date: Thu, 8 Oct 2009 01:40:03 GMT From: Andreas Schwarz <asc.freebsd@schwarzes.net> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/138483: security/pam_pwdfile port doesn't work post update to 0.99 Message-ID: <200910080140.n981e3oQ011844@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/138483; it has been noted by GNATS. From: Andreas Schwarz <asc.freebsd@schwarzes.net> To: bug-followup@FreeBSD.org, me@benschumacher.com Cc: Subject: Re: ports/138483: security/pam_pwdfile port doesn't work post update to 0.99 Date: Thu, 08 Oct 2009 03:06:05 +0200 Warning: This is a message in MIME format. Your mail reader does not support MIME. Some parts of this message will be readable as plain text. To see the rest, you will need to upgrade your mail reader. Following are some URLs where you can find MIME-capable mail programs for common platforms: AmigaOS...........: http://www.yam.ch/ Unix/MacOS/Windows: http://www.mozilla.com/thunderbird/ General information about MIME can be found at: http://en.wikipedia.org/wiki/MIME ----=_BOUNDARY.22c5ca386694c4ae.01 Content-Type: text/plain Unfortunately there is a litte problem with the patch, The "_pam_macros.h" would not be found, because it is not in the search path. The patch for bigcrypt.c should add #include "_pam_macros.h" instead of #include <pam_macros.h>. ===> Configuring for pam_pwdfile-0.99_1 ===> Building for pam_pwdfile-0.99_1 Warning: Object directory not changed from original /root/_sys/ports/security/pam_pwdfile/work/pam_pwdfile-0.99 cc -fpic -DPIC -O -pipe -march=pentium4 -Wall -D_BSD_SOURCE -c pam_pwdfile.c -o pam_pwdfile.So cc -fpic -DPIC -O -pipe -march=pentium4 -Wall -D_BSD_SOURCE -c bigcrypt.c -o bigcrypt.So bigcrypt.c:28:25: error: _pam_macros.h: No such file or directory ----=_BOUNDARY.22c5ca386694c4ae.01 Content-Type: text/plain; name="pam_pwdfile.patch" Content-Disposition: attachment; filename="pam_pwdfile.patch" diff -Naur security/pam_pwdfile.old/Makefile security/pam_pwdfile/Makefile --- security/pam_pwdfile.old/Makefile 2009-09-07 22:10:40.000000000 +0200 +++ security/pam_pwdfile/Makefile 2009-10-08 02:57:58.000000000 +0200 @@ -7,6 +7,7 @@ PORTNAME= pam_pwdfile PORTVERSION= 0.99 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://cpbotha.net/files/pam_pwdfile/ @@ -17,9 +18,11 @@ PLIST_FILES= lib/pam_pwdfile.so PORTDOCS= README INSTALL changelog +CFLAGS+= -I${WRKSRC} post-patch: ${REINPLACE_CMD} -e 's|#include <features.h>||g' ${WRKSRC}/pam_pwdfile.c + ${CP} ${FILESDIR}/_pam_macros.h ${WRKSRC} post-install: .if !defined(NOPORTDOCS) diff -Naur security/pam_pwdfile.old/files/Makefile.bsd security/pam_pwdfile/files/Makefile.bsd --- security/pam_pwdfile.old/files/Makefile.bsd 2002-07-21 19:02:04.000000000 +0200 +++ security/pam_pwdfile/files/Makefile.bsd 2009-10-08 02:57:58.000000000 +0200 @@ -1,6 +1,12 @@ # inspired from pam-pgsql port :-) -SRCS= pam_pwdfile.c +SRCS= pam_pwdfile.c \ + bigcrypt.c \ + md5_good.c \ + md5_crypt_good.c \ + md5_broken.c \ + md5_crypt_broken.c + SHLIB_NAME= pam_pwdfile.so LDADD= -lpam -lcrypt @@ -8,4 +14,16 @@ LIBDIR= ${LOCALBASE}/lib +md5_good.c: md5.c + $(CPP) $(CPPFLAGS) -DHIGHFIRST -D'MD5Name(x)=Good##x' -o $@ $> + +md5_broken.c: md5.c + $(CPP) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' -o $@ $> + +md5_crypt_good.c: md5_crypt.c + $(CPP) $(CPPFLAGS) -D'MD5Name(x)=Good##x' -o $@ $> + +md5_crypt_broken.c: md5_crypt.c + $(CPP) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' -o $@ $> + .include <bsd.lib.mk> diff -Naur security/pam_pwdfile.old/files/_pam_macros.h security/pam_pwdfile/files/_pam_macros.h --- security/pam_pwdfile.old/files/_pam_macros.h 1970-01-01 01:00:00.000000000 +0100 +++ security/pam_pwdfile/files/_pam_macros.h 2009-10-08 02:57:58.000000000 +0200 @@ -0,0 +1,196 @@ +#ifndef PAM_MACROS_H +#define PAM_MACROS_H + +/* + * All kind of macros used by PAM, but usable in some other + * programs too. + * Organized by Cristian Gafton <gafton@redhat.com> + */ + +/* a 'safe' version of strdup */ + +#include <stdlib.h> +#include <string.h> + +#define x_strdup(s) ( (s) ? strdup(s):NULL ) + +/* Good policy to strike out passwords with some characters not just + free the memory */ + +#define _pam_overwrite(x) \ +do { \ + register char *__xx__; \ + if ((__xx__=(x))) \ + while (*__xx__) \ + *__xx__++ = '\0'; \ +} while (0) + +#define _pam_overwrite_n(x,n) \ +do { \ + register char *__xx__; \ + register unsigned int __i__ = 0; \ + if ((__xx__=(x))) \ + for (;__i__<n; __i__++) \ + __xx__[__i__] = 0; \ +} while (0) + +/* + * Don't just free it, forget it too. + */ + +#define _pam_drop(X) \ +do { \ + if (X) { \ + free(X); \ + X=NULL; \ + } \ +} while (0) + +#define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \ +do { \ + int reply_i; \ + \ + for (reply_i=0; reply_i<replies; ++reply_i) { \ + if (reply[reply_i].resp) { \ + _pam_overwrite(reply[reply_i].resp); \ + free(reply[reply_i].resp); \ + } \ + } \ + if (reply) \ + free(reply); \ +} while (0) + +/* some debugging code */ + +#ifdef DEBUG + +/* + * This provides the necessary function to do debugging in PAM. + * Cristian Gafton <gafton@redhat.com> + */ + +#include <stdio.h> +#include <sys/types.h> +#include <stdarg.h> +#include <errno.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <unistd.h> + +/* + * This is for debugging purposes ONLY. DO NOT use on live systems !!! + * You have been warned :-) - CG + * + * to get automated debugging to the log file, it must be created manually. + * _PAM_LOGFILE must exist and be writable to the programs you debug. + */ + +#ifndef _PAM_LOGFILE +#define _PAM_LOGFILE "/var/run/pam-debug.log" +#endif + +static void _pam_output_debug_info(const char *file, const char *fn + , const int line) +{ + FILE *logfile; + int must_close = 1, fd; + +#ifdef O_NOFOLLOW + if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) { +#else + if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) { +#endif + if (!(logfile = fdopen(fd,"a"))) { + logfile = stderr; + must_close = 0; + close(fd); + } + } else { + logfile = stderr; + must_close = 0; + } + fprintf(logfile,"[%s:%s(%d)] ",file, fn, line); + fflush(logfile); + if (must_close) + fclose(logfile); +} + +static void _pam_output_debug(const char *format, ...) +{ + va_list args; + FILE *logfile; + int must_close = 1, fd; + + va_start(args, format); + +#ifdef O_NOFOLLOW + if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) { +#else + if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) { +#endif + if (!(logfile = fdopen(fd,"a"))) { + logfile = stderr; + must_close = 0; + close(fd); + } + } else { + logfile = stderr; + must_close = 0; + } + vfprintf(logfile, format, args); + fprintf(logfile, "\n"); + fflush(logfile); + if (must_close) + fclose(logfile); + + va_end(args); +} + +#define D(x) do { \ + _pam_output_debug_info(__FILE__, __FUNCTION__, __LINE__); \ + _pam_output_debug x ; \ +} while (0) + +#define _pam_show_mem(X,XS) do { \ + int i; \ + register unsigned char *x; \ + x = (unsigned char *)X; \ + fprintf(stderr, " <start at %p>\n", X); \ + for (i = 0; i < XS ; ++x, ++i) { \ + fprintf(stderr, " %02X. <%p:%02X>\n", i, x, *x); \ + } \ + fprintf(stderr, " <end for %p after %d bytes>\n", X, XS); \ +} while (0) + +#define _pam_show_reply(/* struct pam_response * */reply, /* int */replies) \ +do { \ + int reply_i; \ + setbuf(stderr, NULL); \ + fprintf(stderr, "array at %p of size %d\n",reply,replies); \ + fflush(stderr); \ + if (reply) { \ + for (reply_i = 0; reply_i < replies; reply_i++) { \ + fprintf(stderr, " elem# %d at %p: resp = %p, retcode = %d\n", \ + reply_i, reply+reply_i, reply[reply_i].resp, \ + reply[reply_i].resp, _retcode); \ + fflush(stderr); \ + if (reply[reply_i].resp) { \ + fprintf(stderr, " resp[%d] = '%s'\n", \ + strlen(reply[reply_i].resp), reply[reply_i].resp); \ + fflush(stderr); \ + } \ + } \ + } \ + fprintf(stderr, "done here\n"); \ + fflush(stderr); \ +} while (0) + +#else + +#define D(x) do { } while (0) +#define _pam_show_mem(X,XS) do { } while (0) +#define _pam_show_reply(reply, replies) do { } while (0) + +#endif /* DEBUG */ + +#endif /* PAM_MACROS_H */ diff -Naur security/pam_pwdfile.old/files/patch-bigcrypt.c security/pam_pwdfile/files/patch-bigcrypt.c --- security/pam_pwdfile.old/files/patch-bigcrypt.c 1970-01-01 01:00:00.000000000 +0100 +++ security/pam_pwdfile/files/patch-bigcrypt.c 2009-10-08 02:57:58.000000000 +0200 @@ -0,0 +1,11 @@ +--- bigcrypt.c.orig 2009-09-04 18:37:28.000000000 -0500 ++++ bigcrypt.c 2009-09-04 18:37:30.000000000 -0500 +@@ -25,7 +25,7 @@ + */ + + #include <string.h> +-#include <security/_pam_macros.h> ++#include "_pam_macros.h" + + char *crypt(const char *key, const char *salt); + char *bigcrypt(const char *key, const char *salt); ----=_BOUNDARY.22c5ca386694c4ae.01--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200910080140.n981e3oQ011844>