* [gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_p11/files/, sys-auth/pam_p11/
@ 2018-08-15 15:34 Alon Bar-Lev
0 siblings, 0 replies; 2+ messages in thread
From: Alon Bar-Lev @ 2018-08-15 15:34 UTC (permalink / raw
To: gentoo-commits
commit: e9f8f67257b2e4bce52ecd5c9ff8abebfa48c1b1
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Wed Aug 15 15:33:34 2018 +0000
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Wed Aug 15 15:34:42 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e9f8f672
sys-auth/pam_p11: fix unsigned comparison
Closes: https://bugs.gentoo.org/show_bug.cgi?id=663678
Package-Manager: Portage-2.3.40, Repoman-2.3.9
sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch | 26 ++++++++++++++++++++++++
sys-auth/pam_p11/pam_p11-0.2.0.ebuild | 4 ++++
2 files changed, 30 insertions(+)
diff --git a/sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch b/sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch
new file mode 100644
index 00000000000..813499acd3a
--- /dev/null
+++ b/sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch
@@ -0,0 +1,26 @@
+From 659a6eb5434039c27b41a9d06edc64923e5042b9 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Wed, 15 Aug 2018 18:30:51 +0300
+Subject: [PATCH] build: pam_p11: unsigned comparison
+
+Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
+---
+ src/pam_p11.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/pam_p11.c b/src/pam_p11.c
+index 960c164..1cf6cb2 100644
+--- a/src/pam_p11.c
++++ b/src/pam_p11.c
+@@ -553,7 +553,7 @@ static int randomize(pam_handle_t *pamh, unsigned char *r, unsigned int r_len)
+ {
+ int ok = 0;
+ int fd = open("/dev/urandom", O_RDONLY);
+- if (0 <= fd && read(fd, r, r_len) == r_len) {
++ if (0 <= fd && read(fd, r, r_len) == (ssize_t)r_len) {
+ ok = 1;
+ } else {
+ pam_syslog(pamh, LOG_CRIT, "Error reading from /dev/urandom: %s",
+--
+2.16.4
+
diff --git a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild b/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
index 5719fc04d4c..d409179e139 100644
--- a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
+++ b/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
@@ -20,6 +20,10 @@ RDEPEND="virtual/pam
DEPEND="${RDEPEND}
virtual/pkgconfig"
+PATCHES=(
+ "${FILESDIR}/${P}-build.patch"
+)
+
src_configure() {
econf --with-pamdir="$(getpam_mod_dir)"
}
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_p11/files/, sys-auth/pam_p11/
@ 2018-10-24 12:05 Lars Wendler
0 siblings, 0 replies; 2+ messages in thread
From: Lars Wendler @ 2018-10-24 12:05 UTC (permalink / raw
To: gentoo-commits
commit: 3e50a2a015fe3d523bfc4e72ed2175d4d6033e97
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Wed Oct 24 12:05:16 2018 +0000
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Wed Oct 24 12:05:48 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3e50a2a0
sys-auth/pam_p11: Fixed build with openssl-1.1
Closes: https://bugs.gentoo.org/658036
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11
.../pam_p11/files/pam_p11-0.2.0-openssl11.patch | 76 ++++++++++++++++++++++
sys-auth/pam_p11/pam_p11-0.2.0.ebuild | 10 ++-
2 files changed, 84 insertions(+), 2 deletions(-)
diff --git a/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
new file mode 100644
index 00000000000..8c41e29bed1
--- /dev/null
+++ b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
@@ -0,0 +1,76 @@
+From 46a6079817c67a09e5ac493af3381c655bd91c26 Mon Sep 17 00:00:00 2001
+From: Peter Popovec <popovec.peter@gmail.com>
+Date: Tue, 21 Aug 2018 10:24:36 +0200
+Subject: [PATCH] Replacing deprecated OpenSSL API functions (#12)
+
+fixes https://github.com/OpenSC/pam_p11/issues/10
+---
+ configure.ac | 5 +++++
+ src/pam_p11.c | 17 ++++++++++++++---
+ 2 files changed, 19 insertions(+), 3 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 5bcbdd6..2854a99 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -85,6 +85,11 @@ PKG_CHECK_MODULES(
+ )]
+ )
+
++saved_LIBS="$LIBS"
++LIBS="$OPENSSL_LIBS $LIBS"
++AC_CHECK_FUNCS(EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset)
++LIBS="$saved_LIBS"
++
+ if test -z "${PAM_LIBS}"; then
+ AC_ARG_VAR([PAM_CFLAGS], [C compiler flags for pam])
+ AC_ARG_VAR([PAM_LIBS], [linker flags for pam])
+diff --git a/src/pam_p11.c b/src/pam_p11.c
+index 2b4bfbe..60380e5 100644
+--- a/src/pam_p11.c
++++ b/src/pam_p11.c
+@@ -31,6 +31,17 @@
+ #include <openssl/crypto.h>
+ #include <libp11.h>
+
++/* openssl deprecated API emulation */
++#ifndef HAVE_EVP_MD_CTX_NEW
++#define EVP_MD_CTX_new() EVP_MD_CTX_create()
++#endif
++#ifndef HAVE_EVP_MD_CTX_FREE
++#define EVP_MD_CTX_free(ctx) EVP_MD_CTX_destroy((ctx))
++#endif
++#ifndef HAVE_EVP_MD_CTX_RESET
++#define EVP_MD_CTX_reset(ctx) EVP_MD_CTX_cleanup((ctx))
++#endif
++
+ #ifdef ENABLE_NLS
+ #include <libintl.h>
+ #include <locale.h>
+@@ -578,7 +589,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
+ unsigned char signature[256];
+ unsigned int siglen = sizeof signature;
+ const EVP_MD *md = EVP_sha1();
+- EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
++ EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
+ EVP_PKEY *privkey = PKCS11_get_private_key(authkey);
+ EVP_PKEY *pubkey = PKCS11_get_public_key(authkey);
+
+@@ -596,7 +607,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
+ || !EVP_SignInit(md_ctx, md)
+ || !EVP_SignUpdate(md_ctx, challenge, sizeof challenge)
+ || !EVP_SignFinal(md_ctx, signature, &siglen, privkey)
+- || !EVP_MD_CTX_cleanup(md_ctx)
++ || !EVP_MD_CTX_reset(md_ctx)
+ || !EVP_VerifyInit(md_ctx, md)
+ || !EVP_VerifyUpdate(md_ctx, challenge, sizeof challenge)
+ || 1 != EVP_VerifyFinal(md_ctx, signature, siglen, pubkey)) {
+@@ -613,7 +624,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
+ if (NULL != privkey)
+ EVP_PKEY_free(privkey);
+ if (NULL != md_ctx) {
+- EVP_MD_CTX_destroy(md_ctx);
++ EVP_MD_CTX_free(md_ctx);
+ }
+ return ok;
+ }
diff --git a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild b/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
index cc81b3a08cb..6156029daf1 100644
--- a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
+++ b/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
-inherit pam
+inherit autotools pam
DESCRIPTION="PAM module for authenticating against PKCS#11 tokens"
HOMEPAGE="https://github.com/opensc/pam_p11/wiki"
@@ -22,8 +22,14 @@ BDEPEND="virtual/pkgconfig"
PATCHES=(
"${FILESDIR}/${P}-build.patch"
+ "${FILESDIR}/${P}-openssl11.patch" #658036
)
+src_prepare() {
+ default
+ eautoreconf
+}
+
src_configure() {
econf --with-pamdir="$(getpam_mod_dir)"
}
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2018-10-24 12:06 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-08-15 15:34 [gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_p11/files/, sys-auth/pam_p11/ Alon Bar-Lev
-- strict thread matches above, loose matches on Subject: below --
2018-10-24 12:05 Lars Wendler
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox