From owner-svn-ports-head@freebsd.org Wed Oct 24 13:06:08 2018 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1D62C1079EF2; Wed, 24 Oct 2018 13:06:08 +0000 (UTC) (envelope-from ale@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A57AA8706C; Wed, 24 Oct 2018 13:06:07 +0000 (UTC) (envelope-from ale@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 121E12A164; Wed, 24 Oct 2018 12:48:48 +0000 (UTC) (envelope-from ale@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w9OCml0F049063; Wed, 24 Oct 2018 12:48:47 GMT (envelope-from ale@FreeBSD.org) Received: (from ale@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w9OCmlp2049059; Wed, 24 Oct 2018 12:48:47 GMT (envelope-from ale@FreeBSD.org) Message-Id: <201810241248.w9OCmlp2049059@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ale set sender to ale@FreeBSD.org using -f From: Alex Dupre Date: Wed, 24 Oct 2018 12:48:47 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r482904 - in head/security/pam_p11: . files X-SVN-Group: ports-head X-SVN-Commit-Author: ale X-SVN-Commit-Paths: in head/security/pam_p11: . files X-SVN-Commit-Revision: 482904 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Oct 2018 13:06:08 -0000 Author: ale Date: Wed Oct 24 12:48:46 2018 New Revision: 482904 URL: https://svnweb.freebsd.org/changeset/ports/482904 Log: Add support for openssl 1.1.x and NLS. Added: head/security/pam_p11/files/patch-configure.ac (contents, props changed) head/security/pam_p11/files/patch-src_Makefile.am (contents, props changed) Deleted: head/security/pam_p11/files/patch-src_Makefile.in Modified: head/security/pam_p11/Makefile head/security/pam_p11/files/patch-src_pam__p11.c Modified: head/security/pam_p11/Makefile ============================================================================== --- head/security/pam_p11/Makefile Wed Oct 24 11:48:38 2018 (r482903) +++ head/security/pam_p11/Makefile Wed Oct 24 12:48:46 2018 (r482904) @@ -3,6 +3,7 @@ PORTNAME= pam_p11 PORTVERSION= 0.2.0 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= https://github.com/OpenSC/pam_p11/releases/download/pam_p11-${PORTVERSION}/ @@ -13,11 +14,17 @@ LICENSE= LGPL21 LIB_DEPENDS= libp11.so:security/libp11 -USES= libtool pkgconfig ssl +USES= libtool pkgconfig ssl autoreconf -OPTIONS_DEFINE= DOCS +OPTIONS_DEFINE= DOCS NLS GNU_CONFIGURE= yes + +NLS_CONFIGURE_ENABLE= nls +NLS_USES= gettext +NLS_PLIST_FILES=share/locale/de/LC_MESSAGES/pam_p11.mo + +CONFIGURE_ARGS= --with-libintl-prefix=${LOCALBASE} CONFIGURE_ENV= OPENSSL_CFLAGS="-I${OPENSSLINC}" \ OPENSSL_LIBS="-L${OPENSSLLIB} -lcrypto" Added: head/security/pam_p11/files/patch-configure.ac ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/pam_p11/files/patch-configure.ac Wed Oct 24 12:48:46 2018 (r482904) @@ -0,0 +1,14 @@ +--- configure.ac.orig 2018-10-24 11:06:32 UTC ++++ configure.ac +@@ -85,6 +85,11 @@ PKG_CHECK_MODULES( + )] + ) + ++saved_LIBS="$LIBS" ++LIBS="$OPENSSL_LIBS $LIBS" ++AC_CHECK_FUNCS(EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset) ++LIBS="$saved_LIBS" ++ + if test -z "${PAM_LIBS}"; then + AC_ARG_VAR([PAM_CFLAGS], [C compiler flags for pam]) + AC_ARG_VAR([PAM_LIBS], [linker flags for pam]) Added: head/security/pam_p11/files/patch-src_Makefile.am ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/pam_p11/files/patch-src_Makefile.am Wed Oct 24 12:48:46 2018 (r482904) @@ -0,0 +1,16 @@ +--- src/Makefile.am.orig 2018-10-24 12:39:40 UTC ++++ src/Makefile.am +@@ -14,11 +14,11 @@ pam_p11_la_SOURCES = pam_p11.c base64.c + noinst_PROGRAMS = test-login test-passwd + + test_login_SOURCES = test.c login.c $(pam_p11_la_SOURCES) +-test_login_LDADD = -lpam_misc ++test_login_LDADD = ${INTLLIBS} + test_login_CFLAGS = $(AM_CFLAGS) -DLIBDIR=\"$(libdir)\" -DTEST + + test_passwd_SOURCES = test.c passwd.c $(pam_p11_la_SOURCES) +-test_passwd_LDADD = -lpam_misc ++test_passwd_LDADD = ${INTLLIBS} + test_passwd_CFLAGS = $(AM_CFLAGS) -DLIBDIR=\"$(libdir)\" -DTEST + + format: Modified: head/security/pam_p11/files/patch-src_pam__p11.c ============================================================================== --- head/security/pam_p11/files/patch-src_pam__p11.c Wed Oct 24 11:48:38 2018 (r482903) +++ head/security/pam_p11/files/patch-src_pam__p11.c Wed Oct 24 12:48:46 2018 (r482904) @@ -1,6 +1,24 @@ --- src/pam_p11.c.orig 2018-05-04 14:52:04 UTC +++ src/pam_p11.c -@@ -53,7 +53,7 @@ +@@ -31,6 +31,17 @@ + #include + #include + ++/* openssl deprecated API emulation */ ++#ifndef HAVE_EVP_MD_CTX_NEW ++#define EVP_MD_CTX_new() EVP_MD_CTX_create() ++#endif ++#ifndef HAVE_EVP_MD_CTX_FREE ++#define EVP_MD_CTX_free(ctx) EVP_MD_CTX_destroy((ctx)) ++#endif ++#ifndef HAVE_EVP_MD_CTX_RESET ++#define EVP_MD_CTX_reset(ctx) EVP_MD_CTX_cleanup((ctx)) ++#endif ++ + #ifdef ENABLE_NLS + #include + #include +@@ -53,7 +64,7 @@ #include #else #define pam_syslog(handle, level, msg...) syslog(level, ## msg) @@ -9,7 +27,7 @@ const char *fmt, va_list args) { int r = PAM_CRED_INSUFFICIENT; -@@ -549,7 +549,7 @@ static int key_find(pam_handle_t *pamh, +@@ -549,7 +560,7 @@ static int key_find(pam_handle_t *pamh, return 0; } @@ -18,3 +36,30 @@ { int ok = 0; int fd = open("/dev/urandom", O_RDONLY); +@@ -572,7 +583,7 @@ static int key_verify(pam_handle_t *pamh + unsigned char signature[256]; + unsigned int siglen = sizeof signature; + const EVP_MD *md = EVP_sha1(); +- EVP_MD_CTX *md_ctx = EVP_MD_CTX_create(); ++ EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); + EVP_PKEY *privkey = PKCS11_get_private_key(authkey); + EVP_PKEY *pubkey = PKCS11_get_public_key(authkey); + +@@ -590,7 +601,7 @@ static int key_verify(pam_handle_t *pamh + || !EVP_SignInit(md_ctx, md) + || !EVP_SignUpdate(md_ctx, challenge, sizeof challenge) + || !EVP_SignFinal(md_ctx, signature, &siglen, privkey) +- || !EVP_MD_CTX_cleanup(md_ctx) ++ || !EVP_MD_CTX_reset(md_ctx) + || !EVP_VerifyInit(md_ctx, md) + || !EVP_VerifyUpdate(md_ctx, challenge, sizeof challenge) + || 1 != EVP_VerifyFinal(md_ctx, signature, siglen, pubkey)) { +@@ -607,7 +618,7 @@ err: + if (NULL != privkey) + EVP_PKEY_free(privkey); + if (NULL != md_ctx) { +- EVP_MD_CTX_destroy(md_ctx); ++ EVP_MD_CTX_free(md_ctx); + } + return ok; + }