diff options
-rw-r--r-- | GIDs | 1 | ||||
-rw-r--r-- | UIDs | 1 | ||||
-rw-r--r-- | security/Makefile | 1 | ||||
-rw-r--r-- | security/otpw/Makefile | 28 | ||||
-rw-r--r-- | security/otpw/distinfo | 3 | ||||
-rw-r--r-- | security/otpw/files/patch-Makefile | 26 | ||||
-rw-r--r-- | security/otpw/files/patch-otpw.c | 11 | ||||
-rw-r--r-- | security/otpw/files/patch-pam__otpw.c | 26 | ||||
-rw-r--r-- | security/otpw/pkg-descr | 4 | ||||
-rw-r--r-- | security/otpw/pkg-plist | 4 |
10 files changed, 105 insertions, 0 deletions
@@ -105,6 +105,7 @@ polipo:*:173: flowtools:*:174: twms:*:175: mlvpn:*:176: +otpw:*:178: gdnsd:*:179: rt:*:180: nagios:*:181: @@ -111,6 +111,7 @@ polipo:*:173:173::0:0:polipo web cache:/nonexistent:/usr/sbin/nologin flowtools:*:174:174::0:0:Flow-tools collector pseudo-user:/nonexistent:/usr/sbin/nologin twms:*:175:175::0:0:tWMS pseudo-user:/nonexistent:/usr/sbin/nologin mlvpn:*:176:176::0:0:mlVPN pseudo-user:/var/run/mlvpn:/usr/sbin/nologin +otpw:*:178:178::0:0:OTPW pseudouser:/var/lib/otpw:/usr/sbin/nologin gdnsd:*:179:179::0:0:gDNSd pseudo-user:/nonexistent:/usr/sbin/nologin nagios:*:181:181::0:0:Nagios pseudo-user:/var/spool/nagios:/usr/sbin/nologin noc:*:182:182::0:0:NOC pseudo-user:/usr/local/noc:/bin/sh diff --git a/security/Makefile b/security/Makefile index 7a845d092d88..bc8bf519bf5f 100644 --- a/security/Makefile +++ b/security/Makefile @@ -430,6 +430,7 @@ SUBDIR += ossec-hids-local SUBDIR += ossec-hids-server SUBDIR += osslsigncode + SUBDIR += otpw SUBDIR += outguess SUBDIR += p11-kit SUBDIR += p5-Apache-Htpasswd diff --git a/security/otpw/Makefile b/security/otpw/Makefile new file mode 100644 index 000000000000..d4110bcf3191 --- /dev/null +++ b/security/otpw/Makefile @@ -0,0 +1,28 @@ +# $FreeBSD$ + +PORTNAME= otpw +PORTVERSION= 1.5 +CATEGORIES= security +MASTER_SITES= https://www.cl.cam.ac.uk/~mgk25/download/ \ + LOCAL/jkim + +MAINTAINER= jkim@FreeBSD.org +COMMENT= One-time password login package by Markus Kuhn + +LICENSE= GPLv2+ + +GROUPS= ${PORTNAME} +USERS= ${PORTNAME} + +MAKE_ARGS= CC="${CC}" +USES= gmake + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/otpw-gen ${STAGEDIR}${PREFIX}/bin + ${INSTALL_LIB} ${WRKSRC}/pam_otpw.so ${STAGEDIR}${PREFIX}/lib + ${INSTALL_MAN} ${WRKSRC}/otpw-gen.1.gz \ + ${STAGEDIR}${MANPREFIX}/man/man1 + ${INSTALL_MAN} ${WRKSRC}/pam_otpw.8.gz \ + ${STAGEDIR}${MANPREFIX}/man/man8 + +.include <bsd.port.mk> diff --git a/security/otpw/distinfo b/security/otpw/distinfo new file mode 100644 index 000000000000..108b5666fdf2 --- /dev/null +++ b/security/otpw/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1467921387 +SHA256 (otpw-1.5.tar.gz) = 98aca38a61c7713677b96f24426ca7053480c0fd077d91b1e99bc9f92ccb832a +SIZE (otpw-1.5.tar.gz) = 45725 diff --git a/security/otpw/files/patch-Makefile b/security/otpw/files/patch-Makefile new file mode 100644 index 000000000000..597c1f7161e2 --- /dev/null +++ b/security/otpw/files/patch-Makefile @@ -0,0 +1,26 @@ +--- Makefile.orig 2014-08-07 19:21:15 UTC ++++ Makefile +@@ -7,12 +7,12 @@ + VERSION=1.5 + + CC=gcc +-CFLAGS=-O -ggdb -W -Wall -Wno-unused-result -fPIC ++CFLAGS+=-fPIC + + %.gz: % + gzip -9c $< >$@ + +-TARGETS=otpw-gen demologin pam_otpw.so pam_otpw.8.gz otpw-gen.1.gz ++TARGETS=otpw-gen pam_otpw.so pam_otpw.8.gz otpw-gen.1.gz + + all: $(TARGETS) + +@@ -28,7 +28,7 @@ rmd160.o: rmd160.c rmd160.h + otpw-l.o: otpw-l.c otpw.c otpw.h md.h + pam_otpw.o: pam_otpw.c otpw.h md.h + pam_otpw.so: pam_otpw.o otpw-l.o rmd160.o md.o +- ld --shared -o $@ $+ -lcrypt -lpam -lpam_misc ++ ${LD} --shared -o $@ $+ -lcrypt -lpam + + distribution: + git archive --prefix otpw-$(VERSION)/ -o otpw-$(VERSION).tar.gz v$(VERSION) diff --git a/security/otpw/files/patch-otpw.c b/security/otpw/files/patch-otpw.c new file mode 100644 index 000000000000..85e6e77dc402 --- /dev/null +++ b/security/otpw/files/patch-otpw.c @@ -0,0 +1,11 @@ +--- otpw.c.orig 2014-08-07 19:21:15 UTC ++++ otpw.c +@@ -68,7 +68,7 @@ static struct otpw_pwdbuf *otpw_malloc_p + + buflen = sysconf(_SC_GETPW_R_SIZE_MAX); /* typical value: 1024 */ + /* fprintf(stderr, "_SC_GETPW_R_SIZE_MAX = %ld\n", buflen); */ +- if (buflen < 0) return NULL; ++ if (buflen < 0) buflen = 1024; + p = (struct otpw_pwdbuf *) malloc(sizeof(struct otpw_pwdbuf) + buflen); + if (p) p->buflen = buflen; + return p; diff --git a/security/otpw/files/patch-pam__otpw.c b/security/otpw/files/patch-pam__otpw.c new file mode 100644 index 000000000000..407a4741b312 --- /dev/null +++ b/security/otpw/files/patch-pam__otpw.c @@ -0,0 +1,26 @@ +--- pam_otpw.c.orig 2014-08-07 19:21:15 UTC ++++ pam_otpw.c +@@ -25,6 +25,9 @@ + #define PAM_SM_AUTH + #define PAM_SM_SESSION + #include <security/pam_modules.h> ++#ifdef OPENPAM ++#include <security/pam_appl.h> ++#endif + + #include "otpw.h" + +@@ -226,8 +229,13 @@ PAM_EXTERN int pam_sm_authenticate(pam_h + + /* get user name */ + retval = pam_get_user(pamh, &username, "login: "); ++#ifdef OPENPAM ++ if (retval == PAM_CONV_ERR) ++ return PAM_CONV_ERR; ++#else + if (retval == PAM_CONV_AGAIN) + return PAM_INCOMPLETE; ++#endif + else if (retval != PAM_SUCCESS) { + log_message(LOG_NOTICE, pamh, "no username provided"); + return PAM_USER_UNKNOWN; diff --git a/security/otpw/pkg-descr b/security/otpw/pkg-descr new file mode 100644 index 000000000000..f9405ea00f20 --- /dev/null +++ b/security/otpw/pkg-descr @@ -0,0 +1,4 @@ +OTPW is a one-time password system which is robust against the password +list being stolen and race for the last digit attacks. + +WWW: https://www.cl.cam.ac.uk/~mgk25/otpw.html diff --git a/security/otpw/pkg-plist b/security/otpw/pkg-plist new file mode 100644 index 000000000000..a6ede774525b --- /dev/null +++ b/security/otpw/pkg-plist @@ -0,0 +1,4 @@ +@(otpw,otpw,4555) bin/otpw-gen +lib/pam_otpw.so +man/man1/otpw-gen.1.gz +man/man8/pam_otpw.8.gz |