svn commit: r482904 - in head/security/pam_p11: . files
Alex Dupre
ale at FreeBSD.org
Wed Oct 24 13:06:08 UTC 2018
Author: ale
Date: Wed Oct 24 12:48:46 2018
New Revision: 482904
URL: https://svnweb.freebsd.org/changeset/ports/482904
Log:
Add support for openssl 1.1.x and NLS.
Added:
head/security/pam_p11/files/patch-configure.ac (contents, props changed)
head/security/pam_p11/files/patch-src_Makefile.am (contents, props changed)
Deleted:
head/security/pam_p11/files/patch-src_Makefile.in
Modified:
head/security/pam_p11/Makefile
head/security/pam_p11/files/patch-src_pam__p11.c
Modified: head/security/pam_p11/Makefile
==============================================================================
--- head/security/pam_p11/Makefile Wed Oct 24 11:48:38 2018 (r482903)
+++ head/security/pam_p11/Makefile Wed Oct 24 12:48:46 2018 (r482904)
@@ -3,6 +3,7 @@
PORTNAME= pam_p11
PORTVERSION= 0.2.0
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= https://github.com/OpenSC/pam_p11/releases/download/pam_p11-${PORTVERSION}/
@@ -13,11 +14,17 @@ LICENSE= LGPL21
LIB_DEPENDS= libp11.so:security/libp11
-USES= libtool pkgconfig ssl
+USES= libtool pkgconfig ssl autoreconf
-OPTIONS_DEFINE= DOCS
+OPTIONS_DEFINE= DOCS NLS
GNU_CONFIGURE= yes
+
+NLS_CONFIGURE_ENABLE= nls
+NLS_USES= gettext
+NLS_PLIST_FILES=share/locale/de/LC_MESSAGES/pam_p11.mo
+
+CONFIGURE_ARGS= --with-libintl-prefix=${LOCALBASE}
CONFIGURE_ENV= OPENSSL_CFLAGS="-I${OPENSSLINC}" \
OPENSSL_LIBS="-L${OPENSSLLIB} -lcrypto"
Added: head/security/pam_p11/files/patch-configure.ac
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/pam_p11/files/patch-configure.ac Wed Oct 24 12:48:46 2018 (r482904)
@@ -0,0 +1,14 @@
+--- configure.ac.orig 2018-10-24 11:06:32 UTC
++++ configure.ac
+@@ -85,6 +85,11 @@ PKG_CHECK_MODULES(
+ )]
+ )
+
++saved_LIBS="$LIBS"
++LIBS="$OPENSSL_LIBS $LIBS"
++AC_CHECK_FUNCS(EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset)
++LIBS="$saved_LIBS"
++
+ if test -z "${PAM_LIBS}"; then
+ AC_ARG_VAR([PAM_CFLAGS], [C compiler flags for pam])
+ AC_ARG_VAR([PAM_LIBS], [linker flags for pam])
Added: head/security/pam_p11/files/patch-src_Makefile.am
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/pam_p11/files/patch-src_Makefile.am Wed Oct 24 12:48:46 2018 (r482904)
@@ -0,0 +1,16 @@
+--- src/Makefile.am.orig 2018-10-24 12:39:40 UTC
++++ src/Makefile.am
+@@ -14,11 +14,11 @@ pam_p11_la_SOURCES = pam_p11.c base64.c
+ noinst_PROGRAMS = test-login test-passwd
+
+ test_login_SOURCES = test.c login.c $(pam_p11_la_SOURCES)
+-test_login_LDADD = -lpam_misc
++test_login_LDADD = ${INTLLIBS}
+ test_login_CFLAGS = $(AM_CFLAGS) -DLIBDIR=\"$(libdir)\" -DTEST
+
+ test_passwd_SOURCES = test.c passwd.c $(pam_p11_la_SOURCES)
+-test_passwd_LDADD = -lpam_misc
++test_passwd_LDADD = ${INTLLIBS}
+ test_passwd_CFLAGS = $(AM_CFLAGS) -DLIBDIR=\"$(libdir)\" -DTEST
+
+ format:
Modified: head/security/pam_p11/files/patch-src_pam__p11.c
==============================================================================
--- head/security/pam_p11/files/patch-src_pam__p11.c Wed Oct 24 11:48:38 2018 (r482903)
+++ head/security/pam_p11/files/patch-src_pam__p11.c Wed Oct 24 12:48:46 2018 (r482904)
@@ -1,6 +1,24 @@
--- src/pam_p11.c.orig 2018-05-04 14:52:04 UTC
+++ src/pam_p11.c
-@@ -53,7 +53,7 @@
+@@ -31,6 +31,17 @@
+ #include <openssl/crypto.h>
+ #include <libp11.h>
+
++/* openssl deprecated API emulation */
++#ifndef HAVE_EVP_MD_CTX_NEW
++#define EVP_MD_CTX_new() EVP_MD_CTX_create()
++#endif
++#ifndef HAVE_EVP_MD_CTX_FREE
++#define EVP_MD_CTX_free(ctx) EVP_MD_CTX_destroy((ctx))
++#endif
++#ifndef HAVE_EVP_MD_CTX_RESET
++#define EVP_MD_CTX_reset(ctx) EVP_MD_CTX_cleanup((ctx))
++#endif
++
+ #ifdef ENABLE_NLS
+ #include <libintl.h>
+ #include <locale.h>
+@@ -53,7 +64,7 @@
#include <security/pam_ext.h>
#else
#define pam_syslog(handle, level, msg...) syslog(level, ## msg)
@@ -9,7 +27,7 @@
const char *fmt, va_list args)
{
int r = PAM_CRED_INSUFFICIENT;
-@@ -549,7 +549,7 @@ static int key_find(pam_handle_t *pamh,
+@@ -549,7 +560,7 @@ static int key_find(pam_handle_t *pamh,
return 0;
}
@@ -18,3 +36,30 @@
{
int ok = 0;
int fd = open("/dev/urandom", O_RDONLY);
+@@ -572,7 +583,7 @@ static int key_verify(pam_handle_t *pamh
+ unsigned char signature[256];
+ unsigned int siglen = sizeof signature;
+ const EVP_MD *md = EVP_sha1();
+- EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
++ EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
+ EVP_PKEY *privkey = PKCS11_get_private_key(authkey);
+ EVP_PKEY *pubkey = PKCS11_get_public_key(authkey);
+
+@@ -590,7 +601,7 @@ static int key_verify(pam_handle_t *pamh
+ || !EVP_SignInit(md_ctx, md)
+ || !EVP_SignUpdate(md_ctx, challenge, sizeof challenge)
+ || !EVP_SignFinal(md_ctx, signature, &siglen, privkey)
+- || !EVP_MD_CTX_cleanup(md_ctx)
++ || !EVP_MD_CTX_reset(md_ctx)
+ || !EVP_VerifyInit(md_ctx, md)
+ || !EVP_VerifyUpdate(md_ctx, challenge, sizeof challenge)
+ || 1 != EVP_VerifyFinal(md_ctx, signature, siglen, pubkey)) {
+@@ -607,7 +618,7 @@ err:
+ if (NULL != privkey)
+ EVP_PKEY_free(privkey);
+ if (NULL != md_ctx) {
+- EVP_MD_CTX_destroy(md_ctx);
++ EVP_MD_CTX_free(md_ctx);
+ }
+ return ok;
+ }
More information about the svn-ports-head
mailing list