author: Anders Nordby <anders@FreeBSD.org> 2003-06-01 21:27:03 +0000
committer: Anders Nordby <anders@FreeBSD.org> 2003-06-01 21:27:03 +0000
commit: b3480a0721fa81276e15b68bc584cf03f41581d7 (patch)
tree: 292d52896a4a1ad5396df3214f195185099f7e90 /security/pam-mysql
parent: 0cfe1e7e78a60813b8a590ba38ecd7e908673cdc (diff)
download: ports-b3480a0721fa81276e15b68bc584cf03f41581d7.tar.gz
ports-b3480a0721fa81276e15b68bc584cf03f41581d7.zip
4 files changed, 109 insertions, 68 deletions
diff --git a/security/pam-mysql/Makefile b/security/pam-mysql/Makefile
index 48e34258af69..e38a9e786d93 100644
--- a/security/pam-mysql/Makefile
+++ b/security/pam-mysql/Makefile
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	pam_mysql
-PORTVERSION=	0.4.7
+PORTVERSION=	0.5
 CATEGORIES=	security databases
 MASTER_SITES=	http://download.sourceforge.net/pam-mysql/ \
 		http://atreides.freenix.no/~anders/
@@ -22,10 +22,6 @@ WRKSRC=		${WRKDIR}/${PORTNAME}
 
 .include <bsd.port.pre.mk>
 
-.if !exists(/usr/include/security/_pam_types.h) && ${OSVERSION} >= 500031
-BROKEN=		"Does not work with OpenPAM (yet)"
-.endif
-
 post-patch:
 	@cd ${WRKSRC} && ${GMAKE} clean
 
diff --git a/security/pam-mysql/distinfo b/security/pam-mysql/distinfo
index d1dc96c9c5a3..a85464cc0713 100644
--- a/security/pam-mysql/distinfo
+++ b/security/pam-mysql/distinfo
@@ -1 +1 @@
-MD5 (pam_mysql-0.4.7.tar.gz) = 8442ec07c3de929720bbb8783750a1ff
+MD5 (pam_mysql-0.5.tar.gz) = 8cf002392292ae2a5774545324739a94
diff --git a/security/pam-mysql/files/patch-aa b/security/pam-mysql/files/patch-aa
index 6de3b98a6fdc..202945343122 100644
--- a/security/pam-mysql/files/patch-aa
+++ b/security/pam-mysql/files/patch-aa
@@ -1,63 +1,90 @@
---- pam_mysql.c.old	Sun Sep 24 02:26:17 2000
-+++ pam_mysql.c	Sun Sep 24 02:42:23 2000
-@@ -14,7 +14,6 @@
- #include <unistd.h>
- #include <syslog.h>
- #include <stdarg.h>
--#include <alloca.h>
- #include <string.h>
+--- pam_mysql.c.orig	Sun Sep 15 10:28:58 2002
++++ pam_mysql.c	Thu Feb 13 14:58:21 2003
+@@ -23,6 +23,7 @@
+ #include <sys/socket.h>
+ #include <netinet/in.h>
+ #include <arpa/inet.h>
++#include <time.h>
  
- #include <mysql/mysql.h>
-@@ -332,40 +331,40 @@
- 		}
- 		strcpy (junk, argv[i]);
- 		if ((strchr (junk, (int) '=') != NULL)) {
--			strncpy (mybuf, strtok (junk, "="), 255);
--			strncpy (myval, strtok (NULL, "="), 255);
-+			strlcpy (mybuf, strtok (junk, "="), 255);
-+			strlcpy (myval, strtok (NULL, "="), 255);
- 			free (junk);
- 			if (!strcasecmp ("host", mybuf)) {
--				strncpy (options.host, myval, 255);
-+				strlcpy (options.host, myval, 255);
- 				D (("host changed."));
- 			} else if (!strcasecmp ("where", mybuf)) {
- 				while ( (mj = strtok(NULL,"=")) != NULL )
- 				{
--					strcat(myval, "=");
--					strcat(myval, mj);
-+					strlcat(myval, "=", 255);
-+					strlcat(myval, mj, 255);
- 				}
--				strncpy (options.where, myval, 256);
-+				strlcpy (options.where, myval, 256);
- 				D (("where changed."));
- #ifdef DEBUG
- 				syslog(LOG_ERR, "pam_mysql: where now is %s", options.where);
- #endif
- 			} else if (!strcasecmp ("db", mybuf)) {
--				strncpy (options.database, myval, 16);
-+				strlcpy (options.database, myval, 16);
- 				D (("database changed."));
- 			} else if (!strcasecmp ("user", mybuf)) {
--				strncpy (options.dbuser, myval, 16);
-+				strlcpy (options.dbuser, myval, 16);
- 				D (("dbuser changed."));
- 			} else if (!strcasecmp ("passwd", mybuf)) {
--				strncpy (options.dbpasswd, myval, 16);
-+				strlcpy (options.dbpasswd, myval, 16);
- 				D (("dbpasswd changed."));
- 			} else if (!strcasecmp ("table", mybuf)) {
--				strncpy (options.table, myval, 16);
-+				strlcpy (options.table, myval, 16);
- 				D (("table changed."));
- 			} else if (!strcasecmp ("usercolumn", mybuf)) {
--				strncpy (options.usercolumn, myval, 16);
-+				strlcpy (options.usercolumn, myval, 16);
- 				D (("usercolumn changed."));
- 			} else if (!strcasecmp ("passwdcolumn", mybuf)) {
--				strncpy (options.passwdcolumn, myval, 16);
-+				strlcpy (options.passwdcolumn, myval, 16);
- 				D (("passwdcolumn changed."));
- 			} else if (!strcasecmp ("crypt", mybuf)) {
- 				if ((!strcmp (myval, "1")) ||
+ 
+ /* AFAIK, only FreeBSD has MD5Data() defined in md5.h
+@@ -54,7 +55,53 @@
+ #define DEBUG 
+ 
+ #include <security/pam_modules.h>
++#ifdef _OPENPAM
++#include <security/pam_appl.h>
++#else
+ #include <security/pam_misc.h>
++#endif
++
++#ifdef _OPENPAM
++/* some macros not defined in OpenPAM */
++
++/* Good policy to strike out passwords with some characters not just
++   free the memory */
++
++#define _pam_overwrite(x)        \
++do {                             \
++     register char *__xx__;      \
++     if ((__xx__=(x)))           \
++          while (*__xx__)        \
++               *__xx__++ = '\0'; \
++} while (0)
++
++/*
++ * Don't just free it, forget it too.
++ */
++
++#define _pam_drop(X) \
++do {                 \
++    if (X) {         \
++        free(X);     \
++        X=NULL;      \
++    }                \
++} while (0)
++
++#define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \
++do {                                              \
++    int reply_i;                                  \
++                                                  \
++    for (reply_i=0; reply_i<replies; ++reply_i) { \
++	if (reply[reply_i].resp) {                \
++	    _pam_overwrite(reply[reply_i].resp);  \
++	    free(reply[reply_i].resp);            \
++	}                                         \
++    }                                             \
++    if (reply)                                    \
++	free(reply);                              \
++} while (0)
++
++#endif
+ 
+ struct optionstruct {
+ 	char host[257];
+@@ -620,7 +667,11 @@
+ 		retval = conv->conv(nargs,
+ 		                    (const struct pam_message **) message,
+ 		                    response, conv->appdata_ptr);
+-		if ((retval != PAM_SUCCESS) && (retval != PAM_CONV_AGAIN))
++		if ((retval != PAM_SUCCESS)
++#ifndef _OPENPAM
++			&& (retval != PAM_CONV_AGAIN)
++#endif
++		   )
+ 			syslog(LOG_DEBUG, "pam_mysql: conversation failure [%s]",
+ 			       pam_strerror(pamh, retval));
+ 	} else {
+@@ -827,8 +878,12 @@
+ 	if (retval != PAM_SUCCESS) {
+ 		if (resp != NULL)
+ 			_pam_drop_reply(resp,i);
++#ifndef _OPENPAM
+ 		return ((retval == PAM_CONV_AGAIN)
+ 		        ? PAM_INCOMPLETE : PAM_AUTHINFO_UNAVAIL);
++#else
++		return PAM_AUTHINFO_UNAVAIL;
++#endif
+ 	}
+ 
+ 	/* we have a password so set AUTHTOK
diff --git a/security/pam-mysql/files/patch-ab b/security/pam-mysql/files/patch-ab
new file mode 100644
index 000000000000..b07b8ed513c7
--- /dev/null
+++ b/security/pam-mysql/files/patch-ab
@@ -0,0 +1,18 @@
+--- Makefile.orig	Thu Nov 21 02:13:01 2002
++++ Makefile	Mon May 19 23:41:43 2003
+@@ -3,13 +3,9 @@
+ ifndef FULL_LINUX_PAM_SOURCE_TREE
+ export DYNAMIC=-DPAM_DYNAMIC
+ export CC=gcc
+-export CFLAGS=-O2 -Dlinux -DLINUX_PAM \
+-       -ansi -D_POSIX_SOURCE -Wall -Wwrite-strings \
+-       -Wpointer-arith -Wcast-qual -Wcast-align -Wtraditional \
+-       -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline \
+-       -Wshadow -pedantic -fPIC
++export CFLAGS+=-I${LOCALBASE}/include -fPIC
+ export MKDIR=mkdir -p
+-export LD_D=gcc -shared -Xlinker -x -L/usr/lib/mysql -lz
++export LD_D=${CC} -shared -Xlinker -x -L${LOCALBASE}/lib/mysql -lz
+ endif
+ 
+ #
author	Anders Nordby <anders@FreeBSD.org>	2003-06-01 21:27:03 +0000
committer	Anders Nordby <anders@FreeBSD.org>	2003-06-01 21:27:03 +0000
commit	b3480a0721fa81276e15b68bc584cf03f41581d7 (patch)
tree	292d52896a4a1ad5396df3214f195185099f7e90 /security/pam-mysql
parent	0cfe1e7e78a60813b8a590ba38ecd7e908673cdc (diff)
download	ports-b3480a0721fa81276e15b68bc584cf03f41581d7.tar.gz ports-b3480a0721fa81276e15b68bc584cf03f41581d7.zip