diff options
author | Ryan Steinmetz <zi@FreeBSD.org> | 2012-12-15 03:35:59 +0000 |
---|---|---|
committer | Ryan Steinmetz <zi@FreeBSD.org> | 2012-12-15 03:35:59 +0000 |
commit | ee3da01aeb606f4eea605299a41df19922524200 (patch) | |
tree | 755319b9f3a3289ab7443c97d1840f37205d9583 /security/pam_krb5-rh | |
parent | 3bc981f862daf26eea9576f10292d9b8acb415b9 (diff) | |
download | ports-ee3da01aeb606f4eea605299a41df19922524200.tar.gz ports-ee3da01aeb606f4eea605299a41df19922524200.zip |
Notes
Diffstat (limited to 'security/pam_krb5-rh')
-rw-r--r-- | security/pam_krb5-rh/Makefile | 14 | ||||
-rw-r--r-- | security/pam_krb5-rh/distinfo | 4 | ||||
-rw-r--r-- | security/pam_krb5-rh/files/patch-src__cchelper.c | 10 | ||||
-rw-r--r-- | security/pam_krb5-rh/files/patch-src__mkdir.c | 11 | ||||
-rw-r--r-- | security/pam_krb5-rh/files/patch-src__pam_krb5_cchelper.c | 10 | ||||
-rw-r--r-- | security/pam_krb5-rh/files/patch-src__storetmp.c | 10 | ||||
-rw-r--r-- | security/pam_krb5-rh/files/patch-src__v5.c | 70 | ||||
-rw-r--r-- | security/pam_krb5-rh/pkg-plist | 2 |
8 files changed, 44 insertions, 87 deletions
diff --git a/security/pam_krb5-rh/Makefile b/security/pam_krb5-rh/Makefile index 4d6d0b65e3b9..257f42465136 100644 --- a/security/pam_krb5-rh/Makefile +++ b/security/pam_krb5-rh/Makefile @@ -6,7 +6,7 @@ # PORTNAME= pam_krb5 -DISTVERSION= 2.3.13-1 +DISTVERSION= 2.4.1 CATEGORIES= security MASTER_SITES= https://fedorahosted.org/released/${PORTNAME}/ \ http://mirrors.rit.edu/zi/ @@ -25,10 +25,10 @@ GNU_CONFIGURE= yes CONFIGURE_ARGS+=--with-libiconv-prefix=${LOCALBASE} --without-afs \ --with-libintl-prefix=${LOCALBASE} --with-krb4=no \ --without-keyutils -LDFLAGS= -L${LOCALBASE}/lib +LDFLAGS+= -L${LOCALBASE}/lib MAN5= pam_krb5.5 -MAN8= pam_krb5.8 pam_krb5_storetmp.8 +MAN8= pam_krb5.8 pam_krb5_cchelper.8 .if defined(WITHOUT_NLS) PLIST_SUB+= NLS="@comment " @@ -39,6 +39,12 @@ LDFLAGS+= -lintl USE_GETTEXT= yes .endif +.include <bsd.port.pre.mk> + +.if ${OSVERSION} < 800000 +BROKEN= does not build on FreeBSD 7.x +.endif + post-patch: @${REINPLACE_CMD} -e 's|libdir)/security|libdir)|g' ${WRKSRC}/src/Makefile.in @${REINPLACE_CMD} -e 's|/lib64/security|${LOCALBASE}/lib|g' \ @@ -48,4 +54,4 @@ post-patch: @${REINPLACE_CMD} -e 's|PAM_AUTHTOK_RECOVER_ERR|PAM_AUTHTOK_RECOVERY_ERR|g' \ ${WRKSRC}/src/password.c -.include <bsd.port.mk> +.include <bsd.port.post.mk> diff --git a/security/pam_krb5-rh/distinfo b/security/pam_krb5-rh/distinfo index 54fc02854c4e..5195669ab659 100644 --- a/security/pam_krb5-rh/distinfo +++ b/security/pam_krb5-rh/distinfo @@ -1,2 +1,2 @@ -SHA256 (pam_krb5-2.3.13-1.tar.gz) = bc5b45afcb5951edc0c4b98a3342d96a3b59cedd4234560b6d1450ebe990195f -SIZE (pam_krb5-2.3.13-1.tar.gz) = 566365 +SHA256 (pam_krb5-2.4.1.tar.gz) = 198b2d8587055f48282357cbe27b2973993abf8a026463ec46cc3ec7bd099ce2 +SIZE (pam_krb5-2.4.1.tar.gz) = 547592 diff --git a/security/pam_krb5-rh/files/patch-src__cchelper.c b/security/pam_krb5-rh/files/patch-src__cchelper.c new file mode 100644 index 000000000000..da318aca18c8 --- /dev/null +++ b/security/pam_krb5-rh/files/patch-src__cchelper.c @@ -0,0 +1,10 @@ +--- ./src/cchelper.c.orig 2012-12-14 22:20:31.000000000 -0500 ++++ ./src/cchelper.c 2012-12-14 22:20:36.000000000 -0500 +@@ -44,6 +44,7 @@ + #include <stdlib.h> + #include <string.h> + #include <unistd.h> ++#include <sys/signal.h> + + #include KRB5_H + diff --git a/security/pam_krb5-rh/files/patch-src__mkdir.c b/security/pam_krb5-rh/files/patch-src__mkdir.c new file mode 100644 index 000000000000..ac68654a2f85 --- /dev/null +++ b/security/pam_krb5-rh/files/patch-src__mkdir.c @@ -0,0 +1,11 @@ +--- ./src/mkdir.c.orig 2012-09-12 22:34:04.000000000 -0400 ++++ ./src/mkdir.c 2012-12-14 22:26:24.000000000 -0500 +@@ -34,6 +34,8 @@ + + #include <sys/types.h> + #include <sys/stat.h> ++#include <sys/syslimits.h> ++#include <sys/limits.h> + #include <dirent.h> + #include <errno.h> + #include <fcntl.h> diff --git a/security/pam_krb5-rh/files/patch-src__pam_krb5_cchelper.c b/security/pam_krb5-rh/files/patch-src__pam_krb5_cchelper.c new file mode 100644 index 000000000000..290346e746bd --- /dev/null +++ b/security/pam_krb5-rh/files/patch-src__pam_krb5_cchelper.c @@ -0,0 +1,10 @@ +--- ./src/pam_krb5_cchelper.c.orig 2012-12-14 22:27:50.000000000 -0500 ++++ ./src/pam_krb5_cchelper.c 2012-12-14 22:28:00.000000000 -0500 +@@ -34,6 +34,7 @@ + + #include <sys/types.h> + #include <sys/stat.h> ++#include <sys/syslimits.h> + #include <dirent.h> + #include <errno.h> + #include <fcntl.h> diff --git a/security/pam_krb5-rh/files/patch-src__storetmp.c b/security/pam_krb5-rh/files/patch-src__storetmp.c deleted file mode 100644 index ae7894a30a11..000000000000 --- a/security/pam_krb5-rh/files/patch-src__storetmp.c +++ /dev/null @@ -1,10 +0,0 @@ ---- ./src/storetmp.c.orig 2011-10-18 11:47:04.000000000 -0400 -+++ ./src/storetmp.c 2011-10-18 11:47:16.000000000 -0400 -@@ -36,6 +36,7 @@ - #include <sys/select.h> - #include <sys/stat.h> - #include <sys/wait.h> -+#include <sys/signal.h> - #include <errno.h> - #include <fcntl.h> - #include <grp.h> diff --git a/security/pam_krb5-rh/files/patch-src__v5.c b/security/pam_krb5-rh/files/patch-src__v5.c deleted file mode 100644 index ec9fa8296269..000000000000 --- a/security/pam_krb5-rh/files/patch-src__v5.c +++ /dev/null @@ -1,70 +0,0 @@ ---- ./src/v5.c.orig 2011-07-29 15:31:01.000000000 -0400 -+++ ./src/v5.c 2011-10-24 09:25:15.000000000 -0400 -@@ -1350,6 +1350,9 @@ - krb5_creds tmpcreds; - krb5_ccache ccache; - krb5_get_init_creds_opt *tmp_gicopts; -+ krb5_timestamp sec; -+ const char *e = NULL; -+ char *p; - - /* In case we already have creds, get rid of them. */ - krb5_free_cred_contents(ctx, creds); -@@ -1393,23 +1396,50 @@ - memset(&service_principal, 0, sizeof(service_principal)); - if (krb5_parse_name(ctx, realm_service, - &service_principal) == 0) { -- if (options->debug) { -- debug("attempting to read existing credentials " -- "from %s", krb5_cc_default_name(ctx)); -- } - memset(&ccache, 0, sizeof(ccache)); - /* In case we're setuid/setgid, switch to the caller's - * permissions. */ - saved_perms = _pam_krb5_switch_perms(); -+ -+ e = getenv("KRB5CCNAME"); -+ if (e) { -+ p = strndup(e, 128); -+ if (p == NULL) { -+ memset(&e, 0, sizeof(e)); -+ if (options->debug) -+ debug("malloc: out of memory"); -+ return ENOMEM; -+ } -+ if ((strnlen(p, 128) > 96) || strnlen(p, 128) <= 0) { -+ memset(&e, 0, sizeof(e)); -+ if (options->debug) -+ debug("KRB5CCNAME is too long or too short, aborting"); -+ return PAM_SYSTEM_ERR; -+ } -+ if (strncmp(p, "FILE", 4) == 0 && (p[4] == ':' || p[4] == '=')) -+ krb5_cc_set_default_name(ctx, p); -+ else { -+ if (options->debug) -+ debug("KRB5CCNAME does not start with FILE:"); -+ } -+ memset(&e, 0, sizeof(e)); -+ } -+ if (options->debug) { -+ debug("attempting to read existing credentials " -+ "from %s", krb5_cc_default_name(ctx)); -+ } - if ((saved_perms != NULL) && - (krb5_cc_default(ctx, &ccache) == 0)) { -+ krb5_timeofday (ctx, &sec); - tmpcreds.client = userinfo->principal_name; - tmpcreds.server = service_principal; - i = krb5_cc_retrieve_cred(ctx, ccache, 0, - &tmpcreds, creds); -- /* FIXME: check if the creds are expired? -- * What's the right error code if we check, and -- * they are? */ -+ if ((i == 0) && creds->times.endtime < sec) { -+ if (options->debug) -+ warn("Credentials expired"); -+ i = KRB5_KPASSWD_AUTHERROR; -+ } - memset(&tmpcreds, 0, sizeof(tmpcreds)); - krb5_cc_close(ctx, ccache); - /* In case we're setuid/setgid, restore the diff --git a/security/pam_krb5-rh/pkg-plist b/security/pam_krb5-rh/pkg-plist index 70c618007345..836cfd9d6f9c 100644 --- a/security/pam_krb5-rh/pkg-plist +++ b/security/pam_krb5-rh/pkg-plist @@ -1,4 +1,4 @@ -lib/pam_krb5/pam_krb5_storetmp +lib/pam_krb5/pam_krb5_cchelper lib/pam_krb5.so lib/pam_krb5.la @dirrm lib/pam_krb5 |