1. Fixed coredump on -STABLE

2. pass maintainership to Mathieu Arnold <m@absolight.fr> PR: 41637 Submitted by: old maintainer
author: Ying-Chieh Liao <ijliao@FreeBSD.org> 2002-09-18 14:33:23 +0000
committer: Ying-Chieh Liao <ijliao@FreeBSD.org> 2002-09-18 14:33:23 +0000
commit: cb1f32d722d705a2a6a97de23cb79cc050285a86 (patch)
tree: 47c8f389ca1873ef695840eae3b313d367bd25f1 /security/pam-pgsql
parent: e08fa0da38e1cf4ed73a459a46b9b9e8b3cafd75 (diff)
download: ports-cb1f32d722d705a2a6a97de23cb79cc050285a86.tar.gz
ports-cb1f32d722d705a2a6a97de23cb79cc050285a86.zip
4 files changed, 365 insertions, 4 deletions
diff --git a/security/pam-pgsql/Makefile b/security/pam-pgsql/Makefile
index b1ad4fefacc2..b2ebf2778fb5 100644
--- a/security/pam-pgsql/Makefile
+++ b/security/pam-pgsql/Makefile
@@ -7,16 +7,17 @@
 
 PORTNAME=	pam-pgsql
 PORTVERSION=	0.5.2
-PORTREVISION=	5
+PORTREVISION=	6
 CATEGORIES=	security databases
 MASTER_SITES=	${MASTER_SITE_DEBIAN} \
 		http://libpam-pgsql.codecastle.com/${PORTNAME}-${PORTVERSION}-${PORTREVISION}/
 MASTER_SITE_SUBDIR=	pool/non-US/main/p/pam-pgsql
 DISTFILES=	${PORTNAME}_${PORTVERSION}.orig${EXTRACT_SUFX}
-PATCHFILES=	pam-pgsql_0.5.2-${PORTREVISION}.diff.gz
+
+PATCHFILES=	pam-pgsql_${PORTVERSION}-5.diff.gz
 PATCH_SITES=	${MASTER_SITES}
 
-MAINTAINER=	andrey@mgul.ac.ru
+MAINTAINER=	m@absolight.fr
 
 LIB_DEPENDS=	pq:${PORTSDIR}/databases/postgresql7
 
diff --git a/security/pam-pgsql/files/Makefile.bsd b/security/pam-pgsql/files/Makefile.bsd
index 3a6aef7d9c65..410e5e0aef1a 100644
--- a/security/pam-pgsql/files/Makefile.bsd
+++ b/security/pam-pgsql/files/Makefile.bsd
@@ -2,7 +2,7 @@
 
 .PATH:	${FILESDIR}
 
-SRCS=	pam_pgsql.c pam_get_pass.c pam_std_option.c pam_get_service.c
+SRCS=	pam_pgsql.c pam_get_pass.c
 SHLIB_NAME=	pam_pgsql.so
 
 LDADD=		-lpam -L${LOCALBASE}/lib -lpq -lmd
diff --git a/security/pam-pgsql/files/patch-pam_get_pass.c b/security/pam-pgsql/files/patch-pam_get_pass.c
new file mode 100644
index 000000000000..55395c9158bd
--- /dev/null
+++ b/security/pam-pgsql/files/patch-pam_get_pass.c
@@ -0,0 +1,73 @@
+--- pam_get_pass.c.orig	Mon Jan 14 17:45:55 2002
++++ pam_get_pass.c	Tue Aug 13 18:31:56 2002
+@@ -33,70 +33,7 @@
+ /* $Id: pam_get_pass.c,v 1.2 2000/06/25 09:39:28 ljb Exp $ */
+ #include <stdlib.h>
+ #include <security/pam_modules.h>
+-#include "pam_mod_misc.h"
+-
+-static int   pam_conv_pass(pam_handle_t *, const char *, int);
+-
+-static int
+-pam_conv_pass(pam_handle_t *pamh, const char *prompt, int options)
+-{
+-    int retval;
+-    const void *item;
+-    const struct pam_conv *conv;
+-    struct pam_message msg;
+-    const struct pam_message *msgs[1];
+-    struct pam_response *resp;
+-
+-    if ((retval = pam_get_item(pamh, PAM_CONV, &item)) !=
+-        PAM_SUCCESS)
+-        return retval;
+-    conv = (const struct pam_conv *)item;
+-    msg.msg_style = options & PAM_OPT_ECHO_PASS ?
+-        PAM_PROMPT_ECHO_ON : PAM_PROMPT_ECHO_OFF;
+-    msg.msg = prompt;
+-    msgs[0] = &msg;
+-    if ((retval = conv->conv(1, msgs, &resp, conv->appdata_ptr)) !=
+-        PAM_SUCCESS)
+-        return retval;
+-    if ((retval = pam_set_item(pamh, PAM_AUTHTOK, resp[0].resp)) !=
+-        PAM_SUCCESS)
+-        return retval;
+-    memset(resp[0].resp, 0, strlen(resp[0].resp));
+-    free(resp[0].resp);
+-    free(resp);
+-    return PAM_SUCCESS;
+-}
+-
+-int
+-pam_get_pass(pam_handle_t *pamh, const char **passp, const char *prompt,
+-    int options)
+-{
+-    int retval;
+-    const void *item = NULL;
+-
+-    /*
+-     * Grab the already-entered password if we might want to use it.
+-     */
+-    if (options & (PAM_OPT_TRY_FIRST_PASS | PAM_OPT_USE_FIRST_PASS)) {
+-        if ((retval = pam_get_item(pamh, PAM_AUTHTOK, &item)) !=
+-            PAM_SUCCESS)
+-            return retval;
+-    }
+-
+-    if (item == NULL) {
+-        /* The user hasn't entered a password yet. */
+-        if (options & PAM_OPT_USE_FIRST_PASS)
+-            return PAM_AUTH_ERR;
+-        /* Use the conversation function to get a password. */
+-        if ((retval = pam_conv_pass(pamh, prompt, options)) !=
+-            PAM_SUCCESS ||
+-            (retval = pam_get_item(pamh, PAM_AUTHTOK, &item)) !=
+-            PAM_SUCCESS)
+-            return retval;
+-    }
+-    *passp = (const char *)item;
+-    return PAM_SUCCESS;
+-}
++#include <security/pam_mod_misc.h>
+ 
+ int
diff --git a/security/pam-pgsql/files/patch-pam_pgsql.c b/security/pam-pgsql/files/patch-pam_pgsql.c
new file mode 100644
index 000000000000..a85c00f28617
--- /dev/null
+++ b/security/pam-pgsql/files/patch-pam_pgsql.c
@@ -0,0 +1,287 @@
+--- pam_pgsql.c.orig	Tue Aug 13 18:31:40 2002
++++ pam_pgsql.c	Tue Aug 13 18:33:05 2002
+@@ -23,7 +23,7 @@
+ #define PAM_SM_ACCOUNT
+ #define PAM_SM_PASSWORD
+ #include <security/pam_modules.h>
+-#include "pam_mod_misc.h"
++#include <security/pam_mod_misc.h>
+ 
+ #define PASSWORD_PROMPT         "Password: "
+ #define PASSWORD_PROMPT_NEW	    "New password: "
+@@ -31,16 +31,15 @@
+ #define CONF                    "/etc/pam_pgsql.conf"
+ 
+ #define DBGLOG(x...)  if(options->debug) {                          \
+-                          openlog("PAM_pgsql", LOG_PID, LOG_AUTH);  \
+                           syslog(LOG_DEBUG, ##x);                   \
+-                          closelog();                               \
+                       }
+ #define SYSLOG(x...)  do {                                          \
+-                          openlog("PAM_pgsql", LOG_PID, LOG_AUTH);  \
+                           syslog(LOG_INFO, ##x);                    \
+-                          closelog();                               \
+                       } while(0);
+ 
++int pam_get_confirm_pass(pam_handle_t *, const char **, const char *, const char *, int);
++
++
+ typedef enum {
+     PW_CLEAR = 1,
+     PW_MD5,
+@@ -61,32 +60,36 @@
+     int debug;
+ };
+ 
+-/* private: parse and set the specified string option */
+-static void
+-set_module_option(const char *option, struct module_options *options)
+-{
+-    char *buf, *eq;
+-    char *val, *end;
+-
+-    if(!option || !*option)
+-        return;
++enum {
++    PAM_DATABASE = PAM_OPT_STD_MAX,
++    PAM_TABLE,
++    PAM_DB_HOST,
++    PAM_DB_USER,
++    PAM_DB_PASSWORD,
++    PAM_USER_COLUMN,
++    PAM_PWD_COLUMN,
++    PAM_EXPIRED_COLUMN,
++    PAM_NEWTOK_COLUMN,
++    PAM_PW_TYPE
++};
+ 
+-    buf = strdup(option);
++static struct opttab other_options[] = {
++    {"database", PAM_DATABASE},
++    {"table", PAM_TABLE},
++    {"host", PAM_DB_HOST},
++    {"user", PAM_DB_USER},
++    {"password", PAM_DB_PASSWORD},
++    {"user_column", PAM_USER_COLUMN},
++    {"pwd_column", PAM_PWD_COLUMN},
++    {"expired_column", PAM_EXPIRED_COLUMN},
++    {"newtok_column", PAM_NEWTOK_COLUMN},
++    {"pw_type", PAM_PW_TYPE},
++    {NULL, 0}
++};
+ 
+-    if((eq = strchr(buf, '='))) {
+-        end = eq - 1;
+-        val = eq + 1;
+-        if(end <= buf || !*val)
+-            return;
+-        while(end > buf && isspace(*end))
+-            end--;
+-        end++;
+-        *end = '\0';
+-        while(*val && isspace(*val))
+-            val++;
+-    } else {
+-        val = NULL;
+-    }
++/* set the specified string option */
++static void
++set_option_val(struct module_options * options, const char * buf, char * val) {
+ 
+     DBGLOG("setting option: %s=>%s\n", buf, val);
+ 
+@@ -118,17 +121,48 @@
+     } else if(!strcmp(buf, "debug")) {
+         options->debug = 1;
+     }
++}
++
++/* private: parse the specified string option */
++static void
++set_module_option(const char *option, struct module_options *options)
++{
++    char *buf, *eq;
++    char *val, *end;
++
++    if(!option || !*option)
++        return;
++
++    buf = strdup(option);
++
++    if((eq = strchr(buf, '='))) {
++        end = eq - 1;
++        val = eq + 1;
++        if(end <= buf || !*val)
++            return;
++        while(end > buf && isspace(*end))
++            end--;
++        end++;
++        *end = '\0';
++        while(*val && isspace(*val))
++            val++;
++    } else {
++        val = NULL;
++    }
++
++    set_option_val(options, buf, val);
+ 
+     free(buf);
+ }
+ 
+ /* private: read module options from file or commandline */
+ static int 
+-get_module_options(int argc, const char **argv, struct module_options **options)
++get_module_options(int argc, const char **argv, struct module_options **options, struct options * pam_options)
+ {
+     int i, rc;
+     FILE *fp;
+     struct module_options *opts;
++    char *c;
+ 
+     opts = (struct module_options *)malloc(sizeof *opts);
+     bzero(opts, sizeof(*opts));
+@@ -154,11 +188,11 @@
+         fclose(fp);
+     }
+ 
+-    for(i = 0; i < argc; i++) {
+-        if(pam_std_option(&rc, argv[i]) == 0)
+-            continue;
+-        set_module_option(argv[i], opts);
++    for(i = PAM_OPT_STD_MAX; i <= PAM_PW_TYPE; i++) {
++	if (pam_test_option(pam_options, i, &c))
++	    set_option_val(opts, other_options[i - PAM_OPT_STD_MAX].name, c);
+     }
++
+     *options = opts;
+ 
+     return rc;
+@@ -257,7 +291,7 @@
+     free(conn_str);
+ 
+     if(PQstatus(conn) != CONNECTION_OK) {
+-        SYSLOG("PostgreSQL connection failed: '%s'", PQerrorMessage(conn));
++        SYSLOG("PostgreSQL connection failed: '%s' '%s'", PQerrorMessage(conn), conn_str);
+         return NULL;
+     }
+ 
+@@ -412,7 +446,6 @@
+     user_s = malloc(ulen);
+ 
+     sqlescape(user, user_s, strlen(user));
+-DBGLOG(user_s);
+ 
+     DBGLOG("query: SELECT %s FROM %s WHERE %s='%s'", options->pwd_column, options->table, options->user_column, user);
+     if(pg_exec(options, conn, &res, "SELECT %s FROM %s WHERE %s='%s'",
+@@ -463,13 +496,17 @@
+ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
+ {
+     struct module_options *options;
++    struct options  pam_options;
+     const char *user, *password;
+     int rc, std_flags;
+ 
+     if((rc = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS)
+         return rc;
+ 
+-    std_flags = get_module_options(argc, argv, &options);
++    pam_std_option(&pam_options, other_options, argc, argv);
++
++    std_flags = get_module_options(argc, argv, &options, &pam_options);
++    
+     if(options_valid(options) != 0) {
+         free_module_options(options);
+         return PAM_AUTH_ERR;
+@@ -477,18 +514,19 @@
+ 
+     DBGLOG("attempting to authenticate: %s", user);
+ 
+-    if((rc = pam_get_pass(pamh, &password, PASSWORD_PROMPT, std_flags) 
++    if((rc = pam_get_pass(pamh, &password, PASSWORD_PROMPT, &pam_options) 
+         != PAM_SUCCESS)) {
+         free_module_options(options);
+         return rc;
+     }
++    DBGLOG("received : user: '%s', pass: '%s'", user, password);
+ 
+     if((rc = auth_verify_password(user, password, options)) != PAM_SUCCESS) {
+         free_module_options(options);
+         return rc;
+     }
+ 
+-    SYSLOG("(%s) user %s authenticated.", pam_get_service(pamh), user);
++    SYSLOG("user %s authenticated.", user);
+     free_module_options(options);
+ 
+     return PAM_SUCCESS;
+@@ -500,13 +538,16 @@
+                             const char **argv)
+ {
+     struct module_options *options;
++    struct options  pam_options;
+     const char *user;
+     char *user_s;
+     int rc, ulen;
+     PGconn *conn;
+     PGresult *res;
+ 
+-    get_module_options(argc, argv, &options);
++    pam_std_option(&pam_options, other_options, argc, argv);
++
++    get_module_options(argc, argv, &options, &pam_options);
+     if(options_valid(options) != 0) {
+         free_module_options(options);
+         return PAM_AUTH_ERR;
+@@ -590,13 +631,16 @@
+ pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv)
+ {
+     struct module_options *options;
++    struct options  pam_options;
+     int rc, std_flags, ulen;
+     const char *user, *pass, *newpass;
+     char *newpass_crypt, *user_s;
+     PGconn *conn;
+     PGresult *res;
+ 
+-    std_flags = get_module_options(argc, argv, &options);
++    pam_std_option(&pam_options, other_options, argc, argv);
++
++    std_flags = get_module_options(argc, argv, &options, &pam_options);
+     if(options_valid(options) != 0) {
+         free_module_options(options);
+         return PAM_AUTH_ERR;
+@@ -614,7 +658,7 @@
+ 
+     if(flags & PAM_PRELIM_CHECK) {
+         /* at this point, this is the first time we get called */
+-        if((rc = pam_get_pass(pamh, &pass, PASSWORD_PROMPT, std_flags)) == PAM_SUCCESS) {
++        if((rc = pam_get_pass(pamh, &pass, PASSWORD_PROMPT, &pam_options)) == PAM_SUCCESS) {
+             if((rc = auth_verify_password(user, pass, options)) == PAM_SUCCESS) {
+                 rc = pam_set_item(pamh, PAM_OLDAUTHTOK, (const void *)pass);
+                 if(rc != PAM_SUCCESS) {
+@@ -640,7 +684,7 @@
+         }
+         rc = auth_verify_password(user, pass, options);
+         if(rc != PAM_SUCCESS) {
+-            SYSLOG("(%s) user '%s' not authenticated.", pam_get_service(pamh), user);
++            SYSLOG("user '%s' not authenticated.", user);
+             free_module_options(options);
+             return rc;
+         }
+@@ -698,7 +742,7 @@
+ 
+     free_module_options(options);
+     free(user_s);
+-    SYSLOG("(%s) password for '%s' was changed.", pam_get_service(pamh), user);
++    SYSLOG("password for '%s' was changed.", user);
+     return PAM_SUCCESS;
+ }
+ 
+@@ -707,4 +751,6 @@
+ pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
+ {
+ 	return PAM_SUCCESS;
+-}
++}  
++
++PAM_MODULE_ENTRY("pam_pgsql");
author	Ying-Chieh Liao <ijliao@FreeBSD.org>	2002-09-18 14:33:23 +0000
committer	Ying-Chieh Liao <ijliao@FreeBSD.org>	2002-09-18 14:33:23 +0000
commit	cb1f32d722d705a2a6a97de23cb79cc050285a86 (patch)
tree	47c8f389ca1873ef695840eae3b313d367bd25f1 /security/pam-pgsql
parent	e08fa0da38e1cf4ed73a459a46b9b9e8b3cafd75 (diff)
download	ports-cb1f32d722d705a2a6a97de23cb79cc050285a86.tar.gz ports-cb1f32d722d705a2a6a97de23cb79cc050285a86.zip