summaryrefslogtreecommitdiff
path: root/sys-auth/pam_p11
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2018-10-27 12:48:57 +0100
committerV3n3RiX <venerix@redcorelinux.org>2018-10-27 12:48:57 +0100
commit70b82ae359a5538711e103b0e8dfb92654296644 (patch)
tree8412b84ff9ce02a22be5251052b00feefe1d5b70 /sys-auth/pam_p11
parent64e107b9b6058580ff0432107eb37cefb0b2a7d8 (diff)
gentoo resync : 27.10.2018
Diffstat (limited to 'sys-auth/pam_p11')
-rw-r--r--sys-auth/pam_p11/Manifest3
-rw-r--r--sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch76
-rw-r--r--sys-auth/pam_p11/pam_p11-0.2.0.ebuild10
3 files changed, 86 insertions, 3 deletions
diff --git a/sys-auth/pam_p11/Manifest b/sys-auth/pam_p11/Manifest
index 8ca7ddf3898a..39f06f72d594 100644
--- a/sys-auth/pam_p11/Manifest
+++ b/sys-auth/pam_p11/Manifest
@@ -1,4 +1,5 @@
AUX pam_p11-0.2.0-build.patch 812 BLAKE2B efd9b8f46bff6bfd04d0be9a82998ddb3ef4b53d17130be349b0ed85fd5845e4c4aeff24417e740a3f8534d76bc7598666a9f07836aeeb264bb9d71a05c8ab77 SHA512 ebb3802d4ed4e6e6b2bb863edceb04e02246f5d36a0b7d78ba17295f151c2864a13fd9b161568da614b03c38f81c2157793a4160a90bbb61a9e666c4075807ef
+AUX pam_p11-0.2.0-openssl11.patch 2501 BLAKE2B 445b10d67ac5102c4b2b95931ef7168e25ac5627d5a60e6fe3f28dd01840a0882c4f6558d841af9e2ba64bb46a00692cccf403c19195a2eb3f7bc702d23056cc SHA512 1e0ebce3b42f66b2c1d9a0ac2c0369dc6a4d8c379625aad151260c844263381b3ffb8f12e2298152d7b6213cc773bf6aa77b603bebb321902ab106e376966367
DIST pam_p11-0.2.0.tar.gz 417550 BLAKE2B e3c5bb32d6c7c84776341796ebdb9850a9561778aee820acb2a6c61112a2a5df5ee7c539cb5974439e565046e944f4710b87c3b51dea61fdb2cd9171daac3a0c SHA512 2cadf6fe880c953554757099741f3cfe992067f251b7e7e977a6dda5f65cbe1f55b1de6d180638997eada0d3b760887091014b99f8ae4b6d31b25af8e555343c
-EBUILD pam_p11-0.2.0.ebuild 702 BLAKE2B 39251055c04a8225e1942423619dc643cc4b0c2d26bfe4a70350ed9786692a461533b640e1dcf5862e5d64b5939fc61957fa72b4b5141db273210ed9f08895e9 SHA512 439c5c5924fd7dceefa0d59bb276a2a20698dc3ceb9e8e13b710f1c1142f4b4883259e14f0364f14bbeef445f7f88aa329d022b329a55e04a8887f3f61685b14
+EBUILD pam_p11-0.2.0.ebuild 794 BLAKE2B f0909322f6c810bbc299fb64815b043f82e1ba82ba47bb64af0ec8f013ab2a2f3d44cdeee12a30e8b91c1db66971bf96d06d5e7a71b88a9d92806f15304d1cff SHA512 ff588a66e837a7fecd31c112625ea1afb6d8d451d639a8d4f1465431378398834c391ce5550b511111e29dfa1526fa5da6751b3f076eb381dd14eaa1e8d80b5a
MISC metadata.xml 528 BLAKE2B c2ab3c41473490f8c7c3926491d06ddf35554b92cd41ac7abe05f830a2b7c78c97a4ad9d4bcf39e6d1250cb2544ef9bd280e11a96f579ee1552b4748f012f1b8 SHA512 7d3ab0a89f1be52b1937fe300710c23ca4c24c548448b5c7edd5b6817c45a0a184fef8e07d60c0c4f6f9e1ee2fdb843dc6ceb95e5731ce9e9d76f98ae5b7e652
diff --git a/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
new file mode 100644
index 000000000000..8c41e29bed1f
--- /dev/null
+++ b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
@@ -0,0 +1,76 @@
+From 46a6079817c67a09e5ac493af3381c655bd91c26 Mon Sep 17 00:00:00 2001
+From: Peter Popovec <popovec.peter@gmail.com>
+Date: Tue, 21 Aug 2018 10:24:36 +0200
+Subject: [PATCH] Replacing deprecated OpenSSL API functions (#12)
+
+fixes https://github.com/OpenSC/pam_p11/issues/10
+---
+ configure.ac | 5 +++++
+ src/pam_p11.c | 17 ++++++++++++++---
+ 2 files changed, 19 insertions(+), 3 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 5bcbdd6..2854a99 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -85,6 +85,11 @@ PKG_CHECK_MODULES(
+ )]
+ )
+
++saved_LIBS="$LIBS"
++LIBS="$OPENSSL_LIBS $LIBS"
++AC_CHECK_FUNCS(EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset)
++LIBS="$saved_LIBS"
++
+ if test -z "${PAM_LIBS}"; then
+ AC_ARG_VAR([PAM_CFLAGS], [C compiler flags for pam])
+ AC_ARG_VAR([PAM_LIBS], [linker flags for pam])
+diff --git a/src/pam_p11.c b/src/pam_p11.c
+index 2b4bfbe..60380e5 100644
+--- a/src/pam_p11.c
++++ b/src/pam_p11.c
+@@ -31,6 +31,17 @@
+ #include <openssl/crypto.h>
+ #include <libp11.h>
+
++/* openssl deprecated API emulation */
++#ifndef HAVE_EVP_MD_CTX_NEW
++#define EVP_MD_CTX_new() EVP_MD_CTX_create()
++#endif
++#ifndef HAVE_EVP_MD_CTX_FREE
++#define EVP_MD_CTX_free(ctx) EVP_MD_CTX_destroy((ctx))
++#endif
++#ifndef HAVE_EVP_MD_CTX_RESET
++#define EVP_MD_CTX_reset(ctx) EVP_MD_CTX_cleanup((ctx))
++#endif
++
+ #ifdef ENABLE_NLS
+ #include <libintl.h>
+ #include <locale.h>
+@@ -578,7 +589,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
+ unsigned char signature[256];
+ unsigned int siglen = sizeof signature;
+ const EVP_MD *md = EVP_sha1();
+- EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
++ EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
+ EVP_PKEY *privkey = PKCS11_get_private_key(authkey);
+ EVP_PKEY *pubkey = PKCS11_get_public_key(authkey);
+
+@@ -596,7 +607,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
+ || !EVP_SignInit(md_ctx, md)
+ || !EVP_SignUpdate(md_ctx, challenge, sizeof challenge)
+ || !EVP_SignFinal(md_ctx, signature, &siglen, privkey)
+- || !EVP_MD_CTX_cleanup(md_ctx)
++ || !EVP_MD_CTX_reset(md_ctx)
+ || !EVP_VerifyInit(md_ctx, md)
+ || !EVP_VerifyUpdate(md_ctx, challenge, sizeof challenge)
+ || 1 != EVP_VerifyFinal(md_ctx, signature, siglen, pubkey)) {
+@@ -613,7 +624,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
+ if (NULL != privkey)
+ EVP_PKEY_free(privkey);
+ if (NULL != md_ctx) {
+- EVP_MD_CTX_destroy(md_ctx);
++ EVP_MD_CTX_free(md_ctx);
+ }
+ return ok;
+ }
diff --git a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild b/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
index cc81b3a08cbf..6156029daf1d 100644
--- a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
+++ b/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
-inherit pam
+inherit autotools pam
DESCRIPTION="PAM module for authenticating against PKCS#11 tokens"
HOMEPAGE="https://github.com/opensc/pam_p11/wiki"
@@ -22,8 +22,14 @@ BDEPEND="virtual/pkgconfig"
PATCHES=(
"${FILESDIR}/${P}-build.patch"
+ "${FILESDIR}/${P}-openssl11.patch" #658036
)
+src_prepare() {
+ default
+ eautoreconf
+}
+
src_configure() {
econf --with-pamdir="$(getpam_mod_dir)"
}