diff options
| author | Thomas Zander <riggs@FreeBSD.org> | 2014-11-22 18:30:17 +0000 |
|---|---|---|
| committer | Thomas Zander <riggs@FreeBSD.org> | 2014-11-22 18:30:17 +0000 |
| commit | 812a659b17dda8bebd410bb0785003942b7eee69 (patch) | |
| tree | 767068cb16dc4edc8d968a1222c42a279ba6ce3e | |
| parent | 762583e1f63d9dbcec7528a33ae0f5c4587625d4 (diff) | |
| download | ports-812a659b17dda8bebd410bb0785003942b7eee69.tar.gz ports-812a659b17dda8bebd410bb0785003942b7eee69.zip | |
Notes
| -rw-r--r-- | security/pam_google_authenticator/Makefile | 7 | ||||
| -rw-r--r-- | security/pam_google_authenticator/files/patch-pam_google_authenticator.c | 67 |
2 files changed, 74 insertions, 0 deletions
diff --git a/security/pam_google_authenticator/Makefile b/security/pam_google_authenticator/Makefile index 9e38000cfcbe..a39bc0bb696e 100644 --- a/security/pam_google_authenticator/Makefile +++ b/security/pam_google_authenticator/Makefile @@ -3,6 +3,7 @@ PORTNAME= pam_google_authenticator PORTVERSION= 20140826 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= LOCAL/riggs/google-authenticator DISTNAME= google-authenticator-${PORTVERSION} @@ -12,10 +13,16 @@ COMMENT= PAM module for two-step authentication from Google LICENSE= APACHE20 +OPTIONS_DEFINE= STEPSIZE +STEPSIZE_DESC= Allow time steps other than the default of 30 seconds +STEPSIZE_CFLAGS= -DSTEPSIZE + USES= gmake PLIST_FILES= bin/google-authenticator lib/pam_google_authenticator.so +.include <bsd.port.options.mk> + do-install: ${INSTALL_PROGRAM} ${WRKSRC}/google-authenticator \ ${STAGEDIR}${PREFIX}/bin/google-authenticator diff --git a/security/pam_google_authenticator/files/patch-pam_google_authenticator.c b/security/pam_google_authenticator/files/patch-pam_google_authenticator.c new file mode 100644 index 000000000000..32e1da309abd --- /dev/null +++ b/security/pam_google_authenticator/files/patch-pam_google_authenticator.c @@ -0,0 +1,67 @@ +--- pam_google_authenticator.c.orig 2014-01-30 15:17:38.000000000 +0000 ++++ pam_google_authenticator.c 2014-11-04 17:05:55.000000000 +0000 +@@ -503,10 +503,6 @@ + } + #endif + +-static int get_timestamp(void) { +- return get_time()/30; +-} +- + static int comparator(const void *a, const void *b) { + return *(unsigned int *)a - *(unsigned int *)b; + } +@@ -538,6 +534,41 @@ + return NULL; + } + ++#if !defined(STEPSIZE) ++static int get_timestamp(void) { ++ return get_time()/30; ++} ++#else ++static int get_timestamp(pam_handle_t *pamh, const char *secret_filename, ++ const char *buf) { ++ const char *value = get_cfg_value(pamh, "STEP_SIZE", buf); ++ if (!value) { ++ // Default step size is 30. ++ free((void *)value); ++ return get_time()/30; ++ } else if (value == &oom) { ++ // Out of memory. This is a fatal error. ++ return 0; ++ } ++ ++ char *endptr; ++ errno = 0; ++ int step = (int)strtoul(value, &endptr, 10); ++ if (errno || !*value || value == endptr || ++ (*endptr && *endptr != ' ' && *endptr != '\t' && ++ *endptr != '\n' && *endptr != '\r') || ++ step < 1 || step > 60) { ++ free((void *)value); ++ log_message(LOG_ERR, pamh, "Invalid STEP_SIZE option in \"%s\"", ++ secret_filename); ++ return 0; ++ } ++ free((void *)value); ++ ++ return get_time()/step; ++} ++#endif ++ + static int set_cfg_value(pam_handle_t *pamh, const char *key, const char *val, + char **buf) { + size_t key_len = strlen(key); +@@ -1162,7 +1193,11 @@ + } + + // Compute verification codes and compare them with user input ++#if !defined(STEPSIZE) + const int tm = get_timestamp(); ++#else ++ const int tm = get_timestamp(pamh, secret_filename, *buf); ++#endif + const char *skew_str = get_cfg_value(pamh, "TIME_SKEW", *buf); + if (skew_str == &oom) { + // Out of memory. This is a fatal error |