Received: by mail.netbsd.org (Postfix, from userid 605) id 747AE84F4A; Mon, 22 Aug 2022 07:42:55 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id ACDA584CD9 for ; Mon, 22 Aug 2022 07:42:54 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id Mhh2HeDKQ4s5 for ; Mon, 22 Aug 2022 07:42:52 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197]) by mail.netbsd.org (Postfix) with ESMTP id C19CF84C2C for ; Mon, 22 Aug 2022 07:42:52 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id B4FCCFB1A; Mon, 22 Aug 2022 07:42:52 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_16611541723590" MIME-Version: 1.0 Date: Mon, 22 Aug 2022 07:42:52 +0000 From: "Stephen Borrill" Subject: CVS commit: pkgsrc/security/oath-toolkit To: pkgsrc-changes@NetBSD.org Reply-To: sborrill@netbsd.org X-Mailer: log_accum Message-Id: <20220822074252.B4FCCFB1A@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_16611541723590 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: sborrill Date: Mon Aug 22 07:42:52 UTC 2022 Modified Files: pkgsrc/security/oath-toolkit: Makefile PLIST distinfo pkgsrc/security/oath-toolkit/patches: patch-liboath_gl_fflush.c Added Files: pkgsrc/security/oath-toolkit: options.mk pkgsrc/security/oath-toolkit/patches: patch-pam__oath_Makefile.in patch-pam__oath_configure.ac patch-pam__oath_pam__modutil.c patch-pam__oath_pam__modutil.h patch-pam__oath_pam__oath.c Removed Files: pkgsrc/security/oath-toolkit/patches: patch-liboath_gl_fseeko.c Log Message: oath-toolkit: update to 2.6.7 Changes since 2.4.1: Version 2.6.7 (released 2021-05-01) pam_oath: Support variables in usersfile string parameter. the usersfile string in the pam_oath configuration file. The placeholder values allow the user credentials file to be stored in a file path that is relative to the user, and mimics similar behavior found in google-authenticator-libpam. The motivation for these changes is to allow for non-privileged processes to use pam_oath (e.g., for 2FA with xscreensaver). Non-privileged and non-suid programs are unable to use pam_oath. These changes are a proposed alternative to a suid helper binary as well. Thanks to Jason Graham for the patch. See https://gitlab.com/oath-toolkit/oath-toolkit/-/merge_requests/12. doc: Fix project URL in man pages. Thanks to Jason Graham for the patch. Fixes https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/19. build: Drop use of libxml's AM_PATH_XML2 in favor of pkg-config. build: Modernize autotools usage. Most importantly, no longer use -Werror with AM_INIT_AUTOMAKE to make rebuilding from source more safe with future automake versions. Updated gnulib files. Version 2.6.6 (released 2021-01-20) oathtool: Handle HOTP --counter values larger than 0x7FFFFFFFFFFFFFFF. Thanks to Jason Lai for report. doc: GTK-DOC manual improvements. Updated gnulib files. Fixes test-parse-datetime self-check. Fixes https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/20. Version 2.6.5 (released 2020-12-29) oathtool: Support for reading KEY and OTP from standard input or filename. KEY and OTP may now be given as - to mean stdin, or @FILE to read from a particular file. This is recommended on multi-user systems, since secrets as command line parameters leak. Based on a patch from Ian Jackson. Fixes #6. pam_oath: Fix unlikely logic fail on out of memory conditions. Patch from Matthias Gerstner. Doc fixes. Version 2.6.4 (released 2020-11-11) libpskc: New --with-xmlsec-crypto-engine to hard-code crypto engine. Fixes https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/16. Use it like --with-xmlsec-crypto-engine=gnutls or --with-xmlsec-crypto-engine=openssl if the default dynamic loading fails because of runtime linker search path issues. oathtool --totp --verbose now prints TOTP hash mode. Fixes https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/4. oathtool: Hash names (e.g., SHA256) for --totp are now upper case. Fixes https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/3. Lower/mixed case hash names are supported for compatibility. pam_oath: Fail gracefully for missing users. Fixes https://savannah.nongnu.org/support/index.php?109111. This allows you to incrementally add support for OATH authentication instead of forcing it on all users. See updated pam_oath/README on the [user_unknown=ignore success=ok] parameter that can now be supplied to PAM configuration. Patch by Antoine Beaupra Fix libpskc memory corruption bug. Fixes https://savannah.nongnu.org/support/?108736. Thanks to David Woodhouse and Jaroslav A karvada for report, self check and patch. Fix man pages. Fixes https://savannah.nongnu.org/support/?108312. Thanks to Jaroslav A karvada for the patch. Build fixes. Version 2.6.3 (released 2020-11-07) pam_oath: Fix self-tests. build: Update gnulib. Fix compiler warnings. Doc fixes. Version 2.6.2 (released 2016-08-27) doc: Version controlled source code repository moved to GitLab. Version 2.6.1 (released 2015-07-31) liboath: Fix make check on 32-bit systems. Report and patch by Christian Hesse. Version 2.6.0 (released 2015-05-19) liboath: Support TOTP with HMAC-SHA256 and HMAC-SHA512. This adds new APIs oath_totp_generate2, oath_totp_validate4 and oath_totp_validate4_callback. oathtool: The --totp parameter now take an optional argument to specify MAC. For example use --totp=sha256 to use HMAC-SHA256. When --totp is used the default HMAC-SHA1 is used, as before. pam_oath: Mention in README that you shouldn???t use insecure keys. Suggested by Robin. pam_oath: Check return value from strdup. Patch by Eero Hakkinen. The files gdoc and expect.oath are now included in the tarball. Suggested by Jaroslav A karvada. To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 pkgsrc/security/oath-toolkit/Makefile cvs rdiff -u -r1.5 -r1.6 pkgsrc/security/oath-toolkit/PLIST cvs rdiff -u -r1.13 -r1.14 pkgsrc/security/oath-toolkit/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/security/oath-toolkit/options.mk cvs rdiff -u -r1.3 -r1.4 \ pkgsrc/security/oath-toolkit/patches/patch-liboath_gl_fflush.c cvs rdiff -u -r1.2 -r0 \ pkgsrc/security/oath-toolkit/patches/patch-liboath_gl_fseeko.c cvs rdiff -u -r0 -r1.1 \ pkgsrc/security/oath-toolkit/patches/patch-pam__oath_Makefile.in \ pkgsrc/security/oath-toolkit/patches/patch-pam__oath_configure.ac \ pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__modutil.c \ pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__modutil.h \ pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__oath.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_16611541723590 Content-Disposition: inline Content-Length: 17151 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/security/oath-toolkit/Makefile diff -u pkgsrc/security/oath-toolkit/Makefile:1.23 pkgsrc/security/oath-toolkit/Makefile:1.24 --- pkgsrc/security/oath-toolkit/Makefile:1.23 Mon Apr 18 19:12:00 2022 +++ pkgsrc/security/oath-toolkit/Makefile Mon Aug 22 07:42:52 2022 @@ -1,11 +1,10 @@ -# $NetBSD: Makefile,v 1.23 2022/04/18 19:12:00 adam Exp $ +# $NetBSD: Makefile,v 1.24 2022/08/22 07:42:52 sborrill Exp $ -DISTNAME= oath-toolkit-2.4.1 -PKGREVISION= 8 +DISTNAME= oath-toolkit-2.6.7 CATEGORIES= security MASTER_SITES= http://download.savannah.gnu.org/releases/oath-toolkit/ -MAINTAINER= pettai@NetBSD.org +MAINTAINER= sborrill@NetBSD.org HOMEPAGE= https://www.nongnu.org/oath-toolkit/ COMMENT= OATH (Open AuTHentication) Toolkit LICENSE= gnu-lgpl-v2.1 AND gnu-gpl-v3 @@ -14,17 +13,18 @@ GNU_CONFIGURE= yes USE_TOOLS+= pkg-config USE_LIBTOOL= yes -USE_TOOLS+= autoconf automake m4 autoreconf +USE_TOOLS+= autoconf automake m4 autoreconf perl BUILD_DEPENDS+= automake>=1.14:../../devel/automake TOOL_DEPENDS+= gtk-doc-[0-9]*:../../textproc/gtk-doc PKGCONFIG_OVERRIDE+= liboath/liboath.pc.in +.include "options.mk" + pre-configure: cd ${WRKSRC} && autoreconf -fi .include "../../textproc/libxml2/buildlink3.mk" .include "../../security/xmlsec1/buildlink3.mk" -.include "../../mk/pam.buildlink3.mk" .include "../../mk/bsd.pkg.mk" Index: pkgsrc/security/oath-toolkit/PLIST diff -u pkgsrc/security/oath-toolkit/PLIST:1.5 pkgsrc/security/oath-toolkit/PLIST:1.6 --- pkgsrc/security/oath-toolkit/PLIST:1.5 Tue Sep 23 19:39:50 2014 +++ pkgsrc/security/oath-toolkit/PLIST Mon Aug 22 07:42:52 2022 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.5 2014/09/23 19:39:50 joerg Exp $ +@comment $NetBSD: PLIST,v 1.6 2022/08/22 07:42:52 sborrill Exp $ bin/oathtool bin/pskctool include/liboath/oath.h @@ -14,7 +14,7 @@ lib/liboath.la lib/libpskc.la lib/pkgconfig/liboath.pc lib/pkgconfig/libpskc.pc -lib/security/pam_oath.la +${PLIST.pam}lib/security/pam_oath.la man/man1/oathtool.1 man/man1/pskctool.1 man/man3/oath_authenticate_usersfile.3 @@ -31,11 +31,14 @@ man/man3/oath_init.3 man/man3/oath_strerror.3 man/man3/oath_strerror_name.3 man/man3/oath_totp_generate.3 +man/man3/oath_totp_generate2.3 man/man3/oath_totp_validate.3 man/man3/oath_totp_validate2.3 man/man3/oath_totp_validate2_callback.3 man/man3/oath_totp_validate3.3 man/man3/oath_totp_validate3_callback.3 +man/man3/oath_totp_validate4.3 +man/man3/oath_totp_validate4_callback.3 man/man3/oath_totp_validate_callback.3 man/man3/pskc_add_keypackage.3 man/man3/pskc_build_xml.3 @@ -150,25 +153,28 @@ share/gtk-doc/html/liboath/api-index-1-1 share/gtk-doc/html/liboath/api-index-1-4-0.html share/gtk-doc/html/liboath/api-index-1-6-0.html share/gtk-doc/html/liboath/api-index-1-8-0.html +share/gtk-doc/html/liboath/api-index-2-4-0.html +share/gtk-doc/html/liboath/api-index-2-6-0.html share/gtk-doc/html/liboath/api-index-full.html +share/gtk-doc/html/liboath/deprecated-api-index.html share/gtk-doc/html/liboath/home.png share/gtk-doc/html/liboath/index.html -share/gtk-doc/html/liboath/index.sgml share/gtk-doc/html/liboath/intro.html +share/gtk-doc/html/liboath/left-insensitive.png share/gtk-doc/html/liboath/left.png -share/gtk-doc/html/liboath/liboath-oath.html +share/gtk-doc/html/liboath/liboath-oath.h.html share/gtk-doc/html/liboath/liboath.devhelp2 +share/gtk-doc/html/liboath/right-insensitive.png share/gtk-doc/html/liboath/right.png share/gtk-doc/html/liboath/style.css +share/gtk-doc/html/liboath/up-insensitive.png share/gtk-doc/html/liboath/up.png share/gtk-doc/html/libpskc/api-index-2-2-0.html share/gtk-doc/html/libpskc/api-index-full.html -share/gtk-doc/html/libpskc/ch02s02.html -share/gtk-doc/html/libpskc/ch02s03.html -share/gtk-doc/html/libpskc/ch02s04.html +share/gtk-doc/html/libpskc/deprecated-api-index.html share/gtk-doc/html/libpskc/home.png share/gtk-doc/html/libpskc/index.html -share/gtk-doc/html/libpskc/index.sgml +share/gtk-doc/html/libpskc/left-insensitive.png share/gtk-doc/html/libpskc/left.png share/gtk-doc/html/libpskc/libpskc-container.html share/gtk-doc/html/libpskc/libpskc-enums.html @@ -182,11 +188,17 @@ share/gtk-doc/html/libpskc/pskc-referenc share/gtk-doc/html/libpskc/pskc-tutorial-libpskc-create.html share/gtk-doc/html/libpskc/pskc-tutorial-libpskc-sign.html share/gtk-doc/html/libpskc/pskc-tutorial-libpskc-verify.html +share/gtk-doc/html/libpskc/pskc-tutorial-library.html +share/gtk-doc/html/libpskc/pskc-tutorial-pskctool-sign.html +share/gtk-doc/html/libpskc/pskc-tutorial-pskctool-validate.html +share/gtk-doc/html/libpskc/pskc-tutorial-pskctool-verify.html share/gtk-doc/html/libpskc/pskc-tutorial-pskctool.html share/gtk-doc/html/libpskc/pskc-tutorial-quickstart.html share/gtk-doc/html/libpskc/pskc-tutorial.html +share/gtk-doc/html/libpskc/right-insensitive.png share/gtk-doc/html/libpskc/right.png share/gtk-doc/html/libpskc/style.css +share/gtk-doc/html/libpskc/up-insensitive.png share/gtk-doc/html/libpskc/up.png share/xml/pskc/catalog-pskc.xml share/xml/pskc/pskc-schema.xsd Index: pkgsrc/security/oath-toolkit/distinfo diff -u pkgsrc/security/oath-toolkit/distinfo:1.13 pkgsrc/security/oath-toolkit/distinfo:1.14 --- pkgsrc/security/oath-toolkit/distinfo:1.13 Tue Oct 26 11:17:21 2021 +++ pkgsrc/security/oath-toolkit/distinfo Mon Aug 22 07:42:52 2022 @@ -1,7 +1,11 @@ -$NetBSD: distinfo,v 1.13 2021/10/26 11:17:21 nia Exp $ +$NetBSD: distinfo,v 1.14 2022/08/22 07:42:52 sborrill Exp $ -BLAKE2s (oath-toolkit-2.4.1.tar.gz) = 1c708e16554736cfe5d38e4b6ff4e2eda945c9bc72cfb889f0ce4aec6078c44d -SHA512 (oath-toolkit-2.4.1.tar.gz) = 2a3440d5c97afef00dacd235d5471e8bf68086dfdb20234a894e7534d75670808fef444fe1062525800bc5ffe368898302e6cf250cd76b7238cd602d7d05e89b -Size (oath-toolkit-2.4.1.tar.gz) = 4136649 bytes -SHA1 (patch-liboath_gl_fflush.c) = d957eed6c3e653ee53bbcf0b95b0c032f092b07d -SHA1 (patch-liboath_gl_fseeko.c) = bd67a1af8c01a2dbf849f8612cbb18470cb3b248 +BLAKE2s (oath-toolkit-2.6.7.tar.gz) = 60abf1cd8341cc5ed887aea4c58928bfcac3347ab43dd3704bd69cf5e9a7e5ec +SHA512 (oath-toolkit-2.6.7.tar.gz) = 50edff75c8366887d69cf4740c4cc3bdfc3e43cbd4910ff40f735bca489f0953d7e5a21130f12782ac7a1f2fb00f0db313aff139085f23daba78a69bc7b2eb12 +Size (oath-toolkit-2.6.7.tar.gz) = 5625279 bytes +SHA1 (patch-liboath_gl_fflush.c) = 65b10470b8ba45973d11e3bdf32b9511461f87dc +SHA1 (patch-pam__oath_Makefile.in) = c3fd5dea44e6c604e77dbe81ff7b062dc12925bf +SHA1 (patch-pam__oath_configure.ac) = 525c51b98d0fc444440aa77a9b821b4c820cca31 +SHA1 (patch-pam__oath_pam__modutil.c) = f60b9d7a71efd79425be7ca3257d1a37b3d806fb +SHA1 (patch-pam__oath_pam__modutil.h) = fe361f7430cf8a26c74653b4dbc42c01825f90f2 +SHA1 (patch-pam__oath_pam__oath.c) = f138397e7f5593f248c3ff761449b968ce6d9129 Index: pkgsrc/security/oath-toolkit/patches/patch-liboath_gl_fflush.c diff -u pkgsrc/security/oath-toolkit/patches/patch-liboath_gl_fflush.c:1.3 pkgsrc/security/oath-toolkit/patches/patch-liboath_gl_fflush.c:1.4 --- pkgsrc/security/oath-toolkit/patches/patch-liboath_gl_fflush.c:1.3 Sat Mar 16 20:52:38 2013 +++ pkgsrc/security/oath-toolkit/patches/patch-liboath_gl_fflush.c Mon Aug 22 07:42:52 2022 @@ -1,11 +1,13 @@ -$NetBSD: patch-liboath_gl_fflush.c,v 1.3 2013/03/16 20:52:38 pettai Exp $ +$NetBSD: patch-liboath_gl_fflush.c,v 1.4 2022/08/22 07:42:52 sborrill Exp $ ---- liboath/gl/fflush.c.orig 2013-01-03 22:33:04.000000000 +0000 -+++ liboath/gl/fflush.c -@@ -96,7 +96,7 @@ update_fpos_cache (FILE *fp _GL_UNUSED_P - off_t pos _GL_UNUSED_PARAMETER) +Fix build on NetBSD + +--- liboath/gl/fflush.c.orig 2021-01-20 12:13:56.000000000 +0000 ++++ liboath/gl/fflush.c 2022-08-17 10:41:26.973082601 +0100 +@@ -101,7 +101,7 @@ { - # if defined __sferror || defined __DragonFly__ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin */ + # if defined __sferror || defined __DragonFly__ || defined __ANDROID__ + /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */ -# if defined __CYGWIN__ +# if defined(__CYGWIN__) || defined(__NetBSD__) /* fp_->_offset is typed as an integer. */ Added files: Index: pkgsrc/security/oath-toolkit/options.mk diff -u /dev/null pkgsrc/security/oath-toolkit/options.mk:1.1 --- /dev/null Mon Aug 22 07:42:52 2022 +++ pkgsrc/security/oath-toolkit/options.mk Mon Aug 22 07:42:52 2022 @@ -0,0 +1,16 @@ +# $NetBSD: options.mk,v 1.1 2022/08/22 07:42:52 sborrill Exp $ + +PKG_OPTIONS_VAR= PKG_OPTIONS.oath-toolkit +PKG_SUPPORTED_OPTIONS+= pam +PKG_SUGGESTED_OPTIONS= pam + +.include "../../mk/bsd.options.mk" + +PLIST_VARS+= pam + +.if !empty(PKG_OPTIONS:Mpam) +PLIST.pam= yes +. include "../../mk/pam.buildlink3.mk" +.else +CONFIGURE_ARGS+= --disable-pam +.endif Index: pkgsrc/security/oath-toolkit/patches/patch-pam__oath_Makefile.in diff -u /dev/null pkgsrc/security/oath-toolkit/patches/patch-pam__oath_Makefile.in:1.1 --- /dev/null Mon Aug 22 07:42:52 2022 +++ pkgsrc/security/oath-toolkit/patches/patch-pam__oath_Makefile.in Mon Aug 22 07:42:52 2022 @@ -0,0 +1,62 @@ +$NetBSD: patch-pam__oath_Makefile.in,v 1.1 2022/08/22 07:42:52 sborrill Exp $ + +Use local fragment of libpam, from FreeBSD + +--- pam_oath/Makefile.in.orig 2022-02-01 11:49:49 UTC ++++ pam_oath/Makefile.in +@@ -149,7 +149,7 @@ am__uninstall_files_from_dir = { \ + am__installdirs = "$(DESTDIR)$(pammoddir)" + LTLIBRARIES = $(pammod_LTLIBRARIES) + pam_oath_la_DEPENDENCIES = ../liboath/liboath.la +-am_pam_oath_la_OBJECTS = pam_oath.lo ++am_pam_oath_la_OBJECTS = pam_oath.lo pam_modutil.lo + pam_oath_la_OBJECTS = $(am_pam_oath_la_OBJECTS) + AM_V_lt = $(am__v_lt_@AM_V@) + am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +@@ -173,7 +173,8 @@ am__v_at_1 = + DEFAULT_INCLUDES = -I.@am__isrc@ + depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp + am__maybe_remake_depfiles = depfiles +-am__depfiles_remade = ./$(DEPDIR)/pam_oath.Plo ++am__depfiles_remade = ./$(DEPDIR)/pam_modutil.Plo \ ++ ./$(DEPDIR)/pam_oath.Plo + am__mv = mv -f + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +@@ -414,7 +416,7 @@ AM_CPPFLAGS = -I$(builddir)/../liboath + EXTRA_DIST = README + pammoddir = $(PAMDIR) + pammod_LTLIBRARIES = pam_oath.la +-pam_oath_la_SOURCES = pam_oath.c ++pam_oath_la_SOURCES = pam_oath.c pam_modutil.c pam_modutil.h + # XXX add -Wl,-x too? PAM documentation suggests it. + pam_oath_la_LIBADD = ../liboath/liboath.la + pam_oath_la_LDFLAGS = -module -avoid-version +@@ -516,6 +518,7 @@ mostlyclean-compile: + distclean-compile: + -rm -f *.tab.c + ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_modutil.Plo@am__quote@ # am--include-marker + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_oath.Plo@am__quote@ # am--include-marker + + $(am__depfiles_remade): +@@ -896,7 +904,8 @@ clean-am: clean-generic clean-libtool clean-pammodLTLI + + distclean: distclean-recursive + -rm -f $(am__CONFIG_DISTCLEAN_FILES) +- -rm -f ./$(DEPDIR)/pam_oath.Plo ++ -rm -f ./$(DEPDIR)/pam_modutil.Plo ++ -rm -f ./$(DEPDIR)/pam_oath.Plo + -rm -f Makefile + distclean-am: clean-am distclean-compile distclean-generic \ + distclean-hdr distclean-libtool distclean-tags +@@ -944,7 +953,8 @@ installcheck-am: + maintainer-clean: maintainer-clean-recursive + -rm -f $(am__CONFIG_DISTCLEAN_FILES) + -rm -rf $(top_srcdir)/autom4te.cache +- -rm -f ./$(DEPDIR)/pam_oath.Plo ++ -rm -f ./$(DEPDIR)/pam_modutil.Plo ++ -rm -f ./$(DEPDIR)/pam_oath.Plo + -rm -f Makefile + maintainer-clean-am: distclean-am maintainer-clean-generic + Index: pkgsrc/security/oath-toolkit/patches/patch-pam__oath_configure.ac diff -u /dev/null pkgsrc/security/oath-toolkit/patches/patch-pam__oath_configure.ac:1.1 --- /dev/null Mon Aug 22 07:42:52 2022 +++ pkgsrc/security/oath-toolkit/patches/patch-pam__oath_configure.ac Mon Aug 22 07:42:52 2022 @@ -0,0 +1,15 @@ +$NetBSD: patch-pam__oath_configure.ac,v 1.1 2022/08/22 07:42:52 sborrill Exp $ + +Use local fragment of libpam, from FreeBSD + +--- pam_oath/configure.ac.orig 2022-08-17 14:42:32.924331123 +0000 ++++ pam_oath/configure.ac 2022-08-17 14:43:19.893846965 +0000 +@@ -29,8 +29,6 @@ + + AC_CHECK_HEADERS([security/pam_appl.h], [], + [AC_MSG_ERROR([[PAM header files not found, install libpam-dev.]])]) +-AC_CHECK_HEADERS([security/pam_modutil.h], [], +- [AC_MSG_ERROR([[PAM header files not found, install libpam-dev.]])]) + AC_CHECK_HEADERS([security/pam_modules.h security/_pam_macros.h], [], [], + [#include ]) + Index: pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__modutil.c diff -u /dev/null pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__modutil.c:1.1 --- /dev/null Mon Aug 22 07:42:52 2022 +++ pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__modutil.c Mon Aug 22 07:42:52 2022 @@ -0,0 +1,89 @@ +$NetBSD: patch-pam__oath_pam__modutil.c,v 1.1 2022/08/22 07:42:52 sborrill Exp $ + +Use local fragment of libpam, from FreeBSD + +--- pam_oath/pam_modutil.c.orig 2022-01-31 11:03:40 UTC ++++ pam_oath/pam_modutil.c +@@ -0,0 +1,82 @@ ++#include ++ ++#ifndef HAVE_SECURITY_PAM_MODUTIL_H ++ ++#include "pam_modutil.h" ++ ++#ifdef HAVE_SECURITY_PAM_APPL_H ++#include ++#endif ++#ifdef HAVE_SECURITY_PAM_MODULES_H ++#include ++#endif ++ ++#include ++#include ++#include ++#include ++#include ++ ++#define PWD_INITIAL_LENGTH 0x400 ++#define PWD_ABSURD_PWD_LENGTH 0x4000 ++ ++void _pam_modutil_cleanup(pam_handle_t *pamh, void *data, int error_status) { ++ if (data) { ++ (void) free(data); ++ } ++} ++ ++struct passwd *pam_modutil_getpwnam(pam_handle_t *pamh, const char *user) { ++ void *buffer = NULL; ++ size_t length = PWD_INITIAL_LENGTH; ++ long sc_init_length = sysconf(_SC_GETPW_R_SIZE_MAX); ++ ++ if (sc_init_length != -1 && sc_init_length < PWD_ABSURD_PWD_LENGTH) { ++ length = (size_t) sc_init_length; ++ } ++ ++ do { ++ int status; ++ void *new_buffer; ++ struct passwd *result = NULL; ++ ++ new_buffer = realloc(buffer, sizeof(struct passwd) + length); ++ if (new_buffer == NULL) { ++ // out of memory ++ if (buffer) { ++ free(buffer); ++ } ++ return NULL; ++ } ++ buffer = new_buffer; ++ ++ status = getpwnam_r(user, buffer, ++ sizeof(struct passwd) + (char *) buffer, ++ length, &result); ++ if (!status && result) { ++ status = pam_set_data(pamh, "_pammodutil_getpwnam", result, ++ _pam_modutil_cleanup); ++ if (status == PAM_SUCCESS) { ++ return result; ++ } ++ // unable to set data item ++ free(buffer); ++ return NULL; ++ } ++ if (status != ERANGE) { ++ // no matching record found (if status == 0) ++ // or getpwnam_r encountered an error ++ free(buffer); ++ return NULL; ++ } ++ ++ length <<= 1; ++ } while (length < PWD_ABSURD_PWD_LENGTH); ++ ++ // exceeded maximum buffer size ++ free(buffer); ++ return NULL; ++} ++#else ++typedef int make_iso_compilers_happy; ++#endif /* HAVE_SECURITY_PAM_MODUTIL_H */ Index: pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__modutil.h diff -u /dev/null pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__modutil.h:1.1 --- /dev/null Mon Aug 22 07:42:52 2022 +++ pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__modutil.h Mon Aug 22 07:42:52 2022 @@ -0,0 +1,24 @@ +$NetBSD: patch-pam__oath_pam__modutil.h,v 1.1 2022/08/22 07:42:52 sborrill Exp $ + +Use local fragment of libpam, from FreeBSD + +--- pam_oath/pam_modutil.h.orig 2022-01-31 11:03:40 UTC ++++ pam_oath/pam_modutil.h +@@ -0,0 +1,17 @@ ++#ifndef PAM_MODUTIL_H ++#define PAM_MODUTIL_H ++ ++#ifdef HAVE_SECURITY_PAM_MODUTIL_H ++#include ++#else ++ ++#ifdef HAVE_SECURITY_PAM_MODULES_H ++#include ++#endif ++ ++#include ++ ++struct passwd *pam_modutil_getpwnam(pam_handle_t *pamh, const char *user); ++ ++#endif ++#endif Index: pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__oath.c diff -u /dev/null pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__oath.c:1.1 --- /dev/null Mon Aug 22 07:42:52 2022 +++ pkgsrc/security/oath-toolkit/patches/patch-pam__oath_pam__oath.c Mon Aug 22 07:42:52 2022 @@ -0,0 +1,24 @@ +$NetBSD: patch-pam__oath_pam__oath.c,v 1.1 2022/08/22 07:42:52 sborrill Exp $ + +Use local fragment of libpam, from FreeBSD + +--- pam_oath/pam_oath.c.orig 2021-05-01 17:10:32 UTC ++++ pam_oath/pam_oath.c +@@ -21,6 +21,7 @@ + #include + + #include "oath.h" ++#include "pam_modutil.h" + + #include + #include +@@ -42,9 +43,6 @@ + + #ifdef HAVE_SECURITY_PAM_APPL_H + #include +-#endif +-#ifdef HAVE_SECURITY_PAM_MODUTIL_H +-#include + #endif + #ifdef HAVE_SECURITY_PAM_MODULES_H + #include --_----------=_16611541723590--