[gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_p11/, sys-auth/pam_p11/files/

[gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_p11/, sys-auth/pam_p11/files/

[Alon Bar-Lev]

commit:     fb8fbfe2f28e7ce11892e6bc27840c1cf48519f9
Author:     Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Mon Mar  6 19:23:12 2017 +0000
Commit:     Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Mon Mar  6 19:25:38 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fb8fbfe2

sys-auth/pam_p11: avoid using ldscript fix build

Bug: 611874

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 sys-auth/pam_p11/files/pam_p11-0.1.5-build.patch | 41 ++++++++++++++++++++++++
 sys-auth/pam_p11/pam_p11-0.1.5-r2.ebuild         | 17 ++++------
 2 files changed, 48 insertions(+), 10 deletions(-)

diff --git a/sys-auth/pam_p11/files/pam_p11-0.1.5-build.patch b/sys-auth/pam_p11/files/pam_p11-0.1.5-build.patch
new file mode 100644
index 00000000000..5ca0b76d5e5
--- /dev/null
+++ b/sys-auth/pam_p11/files/pam_p11-0.1.5-build.patch
@@ -0,0 +1,41 @@
+From 8d09661398f14102703e19418f15e9cf3f3707d1 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Mon, 6 Mar 2017 21:19:15 +0200
+Subject: [PATCH] build: export only needed symbols
+
+Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
+---
+ src/Makefile.am     | 3 ++-
+ src/pam_p11.exports | 6 ++++++
+ 2 files changed, 8 insertions(+), 1 deletion(-)
+ create mode 100644 src/pam_p11.exports
+
+diff --git a/src/Makefile.am b/src/Makefile.am
+index 8bfb0bd..83a3e3d 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -3,7 +3,8 @@
+ MAINTAINERCLEANFILES = Makefile.in
+ 
+ AM_CFLAGS = -Wall -fno-strict-aliasing $(OPENSSL_CFLAGS) $(LIBP11_CFLAGS)
+-AM_LDFLAGS = -module -avoid-version
++AM_LDFLAGS = -module -avoid-version -shared -no-undefined \
++	-export-symbols "$(srcdir)/pam_p11.exports"
+ 
+ lib_LTLIBRARIES = pam_p11_openssh.la  pam_p11_opensc.la 
+ 
+diff --git a/src/pam_p11.exports b/src/pam_p11.exports
+new file mode 100644
+index 0000000..416cde1
+--- /dev/null
++++ b/src/pam_p11.exports
+@@ -0,0 +1,6 @@
++pam_sm_authenticate
++pam_sm_setcred
++pam_sm_acct_mgmt
++pam_sm_open_session
++pam_sm_close_session
++pam_sm_chauthtok
+-- 
+2.10.2
+

diff --git a/sys-auth/pam_p11/pam_p11-0.1.5-r2.ebuild b/sys-auth/pam_p11/pam_p11-0.1.5-r2.ebuild
index 45058fdce0e..8e7e780a8cc 100644
--- a/sys-auth/pam_p11/pam_p11-0.1.5-r2.ebuild
+++ b/sys-auth/pam_p11/pam_p11-0.1.5-r2.ebuild
@@ -3,7 +3,7 @@
 
 EAPI=6
 
-inherit pam flag-o-matic
+inherit autotools pam flag-o-matic
 
 DESCRIPTION="PAM module for authenticating against PKCS#11 tokens"
 HOMEPAGE="https://github.com/opensc/pam_p11/wiki"
@@ -20,16 +20,13 @@ RDEPEND="virtual/pam
 DEPEND="${RDEPEND}
 	virtual/pkgconfig"
 
-src_configure() {
-	# hide all the otherwise-exported symbols that may clash with
-	# other software loading the PAM modules (see bug #274924 as an
-	# example).
-	append-ldflags -Wl,--version-script="${FILESDIR}"/pam_symbols.ver
+PATCHES=(
+	"${FILESDIR}/${P}-build.patch"
+)
 
-	econf \
-		--disable-static \
-		--enable-fast-install \
-		|| die
+src_prepare() {
+	default
+	eautoreconf
 }
 
 src_install() {

[gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_p11/, sys-auth/pam_p11/files/

[Alon Bar-Lev]

commit:     cee16c81ab7597ce05a1e0b985a533014653c234
Author:     Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Thu Jun 27 10:08:09 2019 +0000
Commit:     Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Thu Jun 27 10:08:52 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cee16c81

sys-auth/pam_p11: cleanup old

Signed-off-by: Alon Bar-Lev <alonbl <AT> gentoo.org>
Package-Manager: Portage-2.3.66, Repoman-2.3.11

 sys-auth/pam_p11/Manifest                          |  1 -
 sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch   | 26 --------
 .../pam_p11/files/pam_p11-0.2.0-openssl11.patch    | 76 ----------------------
 sys-auth/pam_p11/pam_p11-0.2.0.ebuild              | 42 ------------
 4 files changed, 145 deletions(-)

diff --git a/sys-auth/pam_p11/Manifest b/sys-auth/pam_p11/Manifest
index 55e93521a67..7b93d357274 100644
--- a/sys-auth/pam_p11/Manifest
+++ b/sys-auth/pam_p11/Manifest
@@ -1,2 +1 @@
-DIST pam_p11-0.2.0.tar.gz 417550 BLAKE2B e3c5bb32d6c7c84776341796ebdb9850a9561778aee820acb2a6c61112a2a5df5ee7c539cb5974439e565046e944f4710b87c3b51dea61fdb2cd9171daac3a0c SHA512 2cadf6fe880c953554757099741f3cfe992067f251b7e7e977a6dda5f65cbe1f55b1de6d180638997eada0d3b760887091014b99f8ae4b6d31b25af8e555343c
 DIST pam_p11-0.3.0.tar.gz 422806 BLAKE2B 60ac1cc0b8fff536553b2502f906f7730c1be760b2948389f5a6399979f994b3fcfa04226f1605c64d02bad47f46c9bd28fa076d819814b9121241b034407d4b SHA512 f89cf57f6365c25e54830d18180aad7d14b7eaef82eb0d419bcc3d8b881e1e07993a2c4e635e90b4f2fb779fec24fa0d912388f898d726e387bc0db63d772d49

diff --git a/sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch b/sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch
deleted file mode 100644
index 813499acd3a..00000000000
--- a/sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 659a6eb5434039c27b41a9d06edc64923e5042b9 Mon Sep 17 00:00:00 2001
-From: Alon Bar-Lev <alon.barlev@gmail.com>
-Date: Wed, 15 Aug 2018 18:30:51 +0300
-Subject: [PATCH] build: pam_p11: unsigned comparison
-
-Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
----
- src/pam_p11.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/pam_p11.c b/src/pam_p11.c
-index 960c164..1cf6cb2 100644
---- a/src/pam_p11.c
-+++ b/src/pam_p11.c
-@@ -553,7 +553,7 @@ static int randomize(pam_handle_t *pamh, unsigned char *r, unsigned int r_len)
- {
- 	int ok = 0;
- 	int fd = open("/dev/urandom", O_RDONLY);
--	if (0 <= fd && read(fd, r, r_len) == r_len) {
-+	if (0 <= fd && read(fd, r, r_len) == (ssize_t)r_len) {
- 		ok = 1;
- 	} else {
- 		pam_syslog(pamh, LOG_CRIT, "Error reading from /dev/urandom: %s",
--- 
-2.16.4
-

diff --git a/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
deleted file mode 100644
index 8c41e29bed1..00000000000
--- a/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From 46a6079817c67a09e5ac493af3381c655bd91c26 Mon Sep 17 00:00:00 2001
-From: Peter Popovec <popovec.peter@gmail.com>
-Date: Tue, 21 Aug 2018 10:24:36 +0200
-Subject: [PATCH] Replacing deprecated OpenSSL API functions (#12)
-
-fixes https://github.com/OpenSC/pam_p11/issues/10
----
- configure.ac  |  5 +++++
- src/pam_p11.c | 17 ++++++++++++++---
- 2 files changed, 19 insertions(+), 3 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 5bcbdd6..2854a99 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -85,6 +85,11 @@ PKG_CHECK_MODULES(
- 	)]
- )
- 
-+saved_LIBS="$LIBS"
-+LIBS="$OPENSSL_LIBS $LIBS"
-+AC_CHECK_FUNCS(EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset)
-+LIBS="$saved_LIBS"
-+
- if test -z "${PAM_LIBS}"; then
- 	AC_ARG_VAR([PAM_CFLAGS], [C compiler flags for pam])
- 	AC_ARG_VAR([PAM_LIBS], [linker flags for pam])
-diff --git a/src/pam_p11.c b/src/pam_p11.c
-index 2b4bfbe..60380e5 100644
---- a/src/pam_p11.c
-+++ b/src/pam_p11.c
-@@ -31,6 +31,17 @@
- #include <openssl/crypto.h>
- #include <libp11.h>
- 
-+/* openssl deprecated API emulation */
-+#ifndef HAVE_EVP_MD_CTX_NEW
-+#define EVP_MD_CTX_new()	EVP_MD_CTX_create()
-+#endif
-+#ifndef HAVE_EVP_MD_CTX_FREE
-+#define EVP_MD_CTX_free(ctx)	EVP_MD_CTX_destroy((ctx))
-+#endif
-+#ifndef HAVE_EVP_MD_CTX_RESET
-+#define EVP_MD_CTX_reset(ctx)	EVP_MD_CTX_cleanup((ctx))
-+#endif
-+
- #ifdef ENABLE_NLS
- #include <libintl.h>
- #include <locale.h>
-@@ -578,7 +589,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
- 	unsigned char signature[256];
- 	unsigned int siglen = sizeof signature;
- 	const EVP_MD *md = EVP_sha1();
--	EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
-+	EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
- 	EVP_PKEY *privkey = PKCS11_get_private_key(authkey);
- 	EVP_PKEY *pubkey = PKCS11_get_public_key(authkey);
- 
-@@ -596,7 +607,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
- 			|| !EVP_SignInit(md_ctx, md)
- 			|| !EVP_SignUpdate(md_ctx, challenge, sizeof challenge)
- 			|| !EVP_SignFinal(md_ctx, signature, &siglen, privkey)
--			|| !EVP_MD_CTX_cleanup(md_ctx)
-+			|| !EVP_MD_CTX_reset(md_ctx)
- 			|| !EVP_VerifyInit(md_ctx, md)
- 			|| !EVP_VerifyUpdate(md_ctx, challenge, sizeof challenge)
- 			|| 1 != EVP_VerifyFinal(md_ctx, signature, siglen, pubkey)) {
-@@ -613,7 +624,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
- 	if (NULL != privkey)
- 		EVP_PKEY_free(privkey);
- 	if (NULL != md_ctx) {
--		EVP_MD_CTX_destroy(md_ctx);
-+		EVP_MD_CTX_free(md_ctx);
- 	}
- 	return ok;
- }

diff --git a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild b/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
deleted file mode 100644
index f2aa0f8952f..00000000000
--- a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
+++ /dev/null
@@ -1,42 +0,0 @@
-# Copyright 1999-2018 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit autotools pam
-
-DESCRIPTION="PAM module for authenticating against PKCS#11 tokens"
-HOMEPAGE="https://github.com/opensc/pam_p11/wiki"
-SRC_URI="https://github.com/OpenSC/${PN}/releases/download/${P}/${P}.tar.gz"
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-KEYWORDS="alpha amd64 ~hppa ia64 ppc ppc64 ~sparc x86"
-IUSE=""
-
-RDEPEND="virtual/pam
-	dev-libs/libp11
-	dev-libs/openssl:0="
-
-DEPEND="${RDEPEND}"
-
-BDEPEND="virtual/pkgconfig"
-
-PATCHES=(
-	"${FILESDIR}/${P}-build.patch"
-	"${FILESDIR}/${P}-openssl11.patch" #658036
-)
-
-src_prepare() {
-	default
-	eautoreconf
-}
-
-src_configure() {
-	econf --with-pamdir="$(getpam_mod_dir)"
-}
-
-src_install() {
-	default
-	find "${D}" -name '*.la' -delete || die
-}

[gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_p11/, sys-auth/pam_p11/files/

[Sam James]

commit:     b4d09bb5d767ebb39c3133c6456c018c74562e0e
Author:     orbea <orbea <AT> riseup <DOT> net>
AuthorDate: Wed Apr 26 16:00:23 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Apr 28 00:48:09 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b4d09bb5

sys-auth/pam_p11: Add upstream libressl patch

This patch was accepted upstream and fixes the build with libressl >= 3.0.0.

Bug: https://bugs.gentoo.org/903001
Upstream-PR: https://github.com/OpenSC/pam_p11/pull/26
Upstream-Commit: https://github.com/OpenSC/pam_p11/commit/cb2f0c318c94e30addfce3b432ed91496a43e411
Signed-off-by: orbea <orbea <AT> riseup.net>
Closes: https://github.com/gentoo/gentoo/pull/30771
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../pam_p11/files/pam_p11-0.3.1-libressl.patch     | 28 ++++++++++++++++++++++
 sys-auth/pam_p11/pam_p11-0.3.1.ebuild              |  6 ++++-
 2 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/sys-auth/pam_p11/files/pam_p11-0.3.1-libressl.patch b/sys-auth/pam_p11/files/pam_p11-0.3.1-libressl.patch
new file mode 100644
index 000000000000..e085e06e9006
--- /dev/null
+++ b/sys-auth/pam_p11/files/pam_p11-0.3.1-libressl.patch
@@ -0,0 +1,28 @@
+https://bugs.gentoo.org/903001
+https://github.com/OpenSC/pam_p11/pull/26
+https://github.com/OpenSC/pam_p11/commit/cb2f0c318c94e30addfce3b432ed91496a43e411
+
+From b307045a93d042ac9e3871e35f8495e8bb201574 Mon Sep 17 00:00:00 2001
+From: orbea <orbea@riseup.net>
+Date: Tue, 11 Apr 2023 07:29:12 -0700
+Subject: [PATCH] match_openssh: Fix the build for LibreSSL >= 3.0.0
+
+Newer LibreSSL versions no longer need the older OpenSSL APIs.
+---
+ src/match_openssh.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/match_openssh.c b/src/match_openssh.c
+index 89cbd73..fb59308 100644
+--- a/src/match_openssh.c
++++ b/src/match_openssh.c
+@@ -22,7 +22,8 @@
+ 
+ #define OPENSSH_LINE_MAX 16384	/* from openssh SSH_MAX_PUBKEY_BYTES */
+ 
+-#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined (LIBRESSL_VERSION_NUMBER)
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || \
++    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3000000L)
+ void RSA_get0_key(const RSA *r,
+                  const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
+ {

diff --git a/sys-auth/pam_p11/pam_p11-0.3.1.ebuild b/sys-auth/pam_p11/pam_p11-0.3.1.ebuild
index 0322e3038be0..4b50c70d2edc 100644
--- a/sys-auth/pam_p11/pam_p11-0.3.1.ebuild
+++ b/sys-auth/pam_p11/pam_p11-0.3.1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2022 Gentoo Authors
+# Copyright 1999-2023 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
@@ -20,6 +20,10 @@ RDEPEND="sys-libs/pam
 DEPEND="${RDEPEND}"
 BDEPEND="virtual/pkgconfig"
 
+PATCHES=(
+	"${FILESDIR}/${P}-libressl.patch" #903001
+)
+
 src_configure() {
 	# Ugly way to work around deprecated declarations in openssl-3
 	append-cflags -Wno-error=deprecated-declarations