mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-22 20:41:26 +00:00
- Update to 0.9.4
- Convert header PR: 172941 Submitted by: Muhammad Moinur Rahman <5u623l20@gmail.com>
This commit is contained in:
parent
e9a0fca851
commit
e0f718fe90
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=311565
@ -6,8 +6,7 @@
|
||||
#
|
||||
|
||||
PORTNAME= pam_ssh_agent_auth
|
||||
PORTVERSION= 0.9.3
|
||||
PORTREVISION= 1
|
||||
PORTVERSION= 0.9.4
|
||||
CATEGORIES= security
|
||||
MASTER_SITES= SF/pamsshagentauth/${PORTNAME}/v${PORTVERSION}/
|
||||
|
||||
|
@ -1,2 +1,2 @@
|
||||
SHA256 (pam_ssh_agent_auth-0.9.3.tar.bz2) = 10017968f5a8a41e1fcfaac6cdec479b70998bbbd19a70e94e2f654befafe5a6
|
||||
SIZE (pam_ssh_agent_auth-0.9.3.tar.bz2) = 239596
|
||||
SHA256 (pam_ssh_agent_auth-0.9.4.tar.bz2) = 496de600771d6296c7a7d01636399fd603e5a79930416ffbdc150c3784d80ca9
|
||||
SIZE (pam_ssh_agent_auth-0.9.4.tar.bz2) = 239250
|
||||
|
@ -1,25 +0,0 @@
|
||||
--- ./entropy.c 2009-08-08 20:54:21.000000000 -0400
|
||||
+++ ../../pam_ssh_agent_auth-0.9.3.fixed/entropy.c 2011-10-10 13:10:35.864389493 -0400
|
||||
@@ -79,11 +79,11 @@
|
||||
mysig_t old_sigchld;
|
||||
|
||||
if (RAND_status() == 1) {
|
||||
- verbose("RNG is ready, skipping seeding");
|
||||
+ pam_ssh_auth_verbose("RNG is ready, skipping seeding");
|
||||
return;
|
||||
}
|
||||
|
||||
- verbose("Seeding PRNG from %s", SSH_RAND_HELPER);
|
||||
+ pam_ssh_auth_verbose("Seeding PRNG from %s", SSH_RAND_HELPER);
|
||||
|
||||
if ((devnull = open("/dev/null", O_RDWR)) == -1)
|
||||
fatal("Couldn't open /dev/null: %s", strerror(errno));
|
||||
@@ -187,7 +187,7 @@
|
||||
|
||||
buf = buffer_get_string_ret(m, &len);
|
||||
if (buf != NULL) {
|
||||
- verbose("rexec_recv_rng_seed: seeding rng with %u bytes", len);
|
||||
+ pam_ssh_auth_verbose("rexec_recv_rng_seed: seeding rng with %u bytes", len);
|
||||
RAND_add(buf, len, len);
|
||||
}
|
||||
}
|
@ -1,20 +0,0 @@
|
||||
--- ./iterate_ssh_agent_keys.c 2010-01-12 21:17:01.000000000 -0500
|
||||
+++ ../../pam_ssh_agent_auth-0.9.3.fixed/iterate_ssh_agent_keys.c 2011-10-10 13:10:35.864389493 -0400
|
||||
@@ -82,7 +82,7 @@
|
||||
session_id2 = session_id2_gen();
|
||||
|
||||
if ((ac = ssh_get_authentication_connection(uid))) {
|
||||
- verbose("Contacted ssh-agent of user %s (%u)", getpwuid(uid)->pw_name, uid);
|
||||
+ pam_ssh_auth_verbose("Contacted ssh-agent of user %s (%u)", getpwuid(uid)->pw_name, uid);
|
||||
for (key = ssh_get_first_identity(ac, &comment, 2); key != NULL; key = ssh_get_next_identity(ac, &comment, 2))
|
||||
{
|
||||
if(key != NULL) {
|
||||
@@ -103,7 +103,7 @@
|
||||
ssh_close_authentication_connection(ac);
|
||||
}
|
||||
else {
|
||||
- verbose("No ssh-agent could be contacted");
|
||||
+ pam_ssh_auth_verbose("No ssh-agent could be contacted");
|
||||
}
|
||||
xfree(session_id2);
|
||||
EVP_cleanup();
|
@ -1,51 +0,0 @@
|
||||
--- ./key.c 2009-08-08 20:54:21.000000000 -0400
|
||||
+++ ../../pam_ssh_agent_auth-0.9.3.fixed/key.c 2011-10-10 13:10:35.865388224 -0400
|
||||
@@ -420,26 +420,26 @@
|
||||
case KEY_DSA:
|
||||
space = strchr(cp, ' ');
|
||||
if (space == NULL) {
|
||||
- verbose("key_read: missing whitespace");
|
||||
+ pam_ssh_auth_verbose("key_read: missing whitespace");
|
||||
return -1;
|
||||
}
|
||||
*space = '\0';
|
||||
type = key_type_from_name(cp);
|
||||
*space = ' ';
|
||||
if (type == KEY_UNSPEC) {
|
||||
- verbose("key_read: missing keytype");
|
||||
+ pam_ssh_auth_verbose("key_read: missing keytype");
|
||||
return -1;
|
||||
}
|
||||
cp = space+1;
|
||||
if (*cp == '\0') {
|
||||
- verbose("key_read: short string");
|
||||
+ pam_ssh_auth_verbose("key_read: short string");
|
||||
return -1;
|
||||
}
|
||||
if (ret->type == KEY_UNSPEC) {
|
||||
ret->type = type;
|
||||
} else if (ret->type != type) {
|
||||
/* is a key, but different type */
|
||||
- verbose("key_read: type mismatch");
|
||||
+ pam_ssh_auth_verbose("key_read: type mismatch");
|
||||
return -1;
|
||||
}
|
||||
len = 2*strlen(cp);
|
||||
@@ -656,7 +656,7 @@
|
||||
} else if (strcmp(name, "ssh-dss") == 0) {
|
||||
return KEY_DSA;
|
||||
}
|
||||
- verbose("key_type_from_name: unknown key type '%s'", name);
|
||||
+ pam_ssh_auth_verbose("key_type_from_name: unknown key type '%s'", name);
|
||||
return KEY_UNSPEC;
|
||||
}
|
||||
|
||||
@@ -677,7 +677,7 @@
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
- verbose("key names ok: [%s]", names);
|
||||
+ pam_ssh_auth_verbose("key names ok: [%s]", names);
|
||||
xfree(s);
|
||||
return 1;
|
||||
}
|
@ -1,11 +0,0 @@
|
||||
--- ./log.c 2009-08-08 20:54:21.000000000 -0400
|
||||
+++ ../../pam_ssh_agent_auth-0.9.3.fixed/log.c 2011-10-10 13:10:35.865388224 -0400
|
||||
@@ -166,7 +166,7 @@
|
||||
/* More detailed messages (information that does not need to go to the log). */
|
||||
|
||||
void
|
||||
-verbose(const char *fmt,...)
|
||||
+pam_ssh_auth_verbose(const char *fmt,...)
|
||||
{
|
||||
va_list args;
|
||||
|
@ -1,11 +0,0 @@
|
||||
--- ./log.h 2009-08-08 20:54:21.000000000 -0400
|
||||
+++ ../../pam_ssh_agent_auth-0.9.3.fixed/log.h 2011-10-10 13:10:38.856166661 -0400
|
||||
@@ -55,7 +55,7 @@
|
||||
void logerror(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
void sigdie(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
void logit(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
-void verbose(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
+void pam_ssh_auth_verbose(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
void debug(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
void debug2(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
void debug3(const char *, ...) __attribute__((format(printf, 1, 2)));
|
@ -1,102 +0,0 @@
|
||||
--- ./misc.c 2009-08-08 20:54:21.000000000 -0400
|
||||
+++ ../../pam_ssh_agent_auth-0.9.3.fixed/misc.c 2011-10-10 13:10:35.866387792 -0400
|
||||
@@ -84,13 +84,13 @@
|
||||
return (-1);
|
||||
}
|
||||
if (val & O_NONBLOCK) {
|
||||
- verbose("fd %d is O_NONBLOCK", fd);
|
||||
+ pam_ssh_auth_verbose("fd %d is O_NONBLOCK", fd);
|
||||
return (0);
|
||||
}
|
||||
- verbose("fd %d setting O_NONBLOCK", fd);
|
||||
+ pam_ssh_auth_verbose("fd %d setting O_NONBLOCK", fd);
|
||||
val |= O_NONBLOCK;
|
||||
if (fcntl(fd, F_SETFL, val) == -1) {
|
||||
- verbose("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd,
|
||||
+ pam_ssh_auth_verbose("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd,
|
||||
strerror(errno));
|
||||
return (-1);
|
||||
}
|
||||
@@ -108,13 +108,13 @@
|
||||
return (-1);
|
||||
}
|
||||
if (!(val & O_NONBLOCK)) {
|
||||
- verbose("fd %d is not O_NONBLOCK", fd);
|
||||
+ pam_ssh_auth_verbose("fd %d is not O_NONBLOCK", fd);
|
||||
return (0);
|
||||
}
|
||||
- verbose("fd %d clearing O_NONBLOCK", fd);
|
||||
+ pam_ssh_auth_verbose("fd %d clearing O_NONBLOCK", fd);
|
||||
val &= ~O_NONBLOCK;
|
||||
if (fcntl(fd, F_SETFL, val) == -1) {
|
||||
- verbose("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
|
||||
+ pam_ssh_auth_verbose("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
|
||||
fd, strerror(errno));
|
||||
return (-1);
|
||||
}
|
||||
@@ -138,15 +138,15 @@
|
||||
|
||||
optlen = sizeof opt;
|
||||
if (getsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, &optlen) == -1) {
|
||||
- verbose("getsockopt TCP_NODELAY: %.100s", strerror(errno));
|
||||
+ pam_ssh_auth_verbose("getsockopt TCP_NODELAY: %.100s", strerror(errno));
|
||||
return;
|
||||
}
|
||||
if (opt == 1) {
|
||||
- verbose("fd %d is TCP_NODELAY", fd);
|
||||
+ pam_ssh_auth_verbose("fd %d is TCP_NODELAY", fd);
|
||||
return;
|
||||
}
|
||||
opt = 1;
|
||||
- verbose("fd %d setting TCP_NODELAY", fd);
|
||||
+ pam_ssh_auth_verbose("fd %d setting TCP_NODELAY", fd);
|
||||
if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof opt) == -1)
|
||||
logerror("setsockopt TCP_NODELAY: %.100s", strerror(errno));
|
||||
}
|
||||
@@ -367,7 +367,7 @@
|
||||
return(xstrdup(host));
|
||||
if (asprintf(&hoststr, "[%s]:%d", host, (int)port) < 0)
|
||||
fatal("put_host_port: asprintf: %s", strerror(errno));
|
||||
- verbose("put_host_port: %s", hoststr);
|
||||
+ pam_ssh_auth_verbose("put_host_port: %s", hoststr);
|
||||
return hoststr;
|
||||
}
|
||||
|
||||
@@ -631,7 +631,7 @@
|
||||
if (buf[strlen(buf) - 1] == '\n' || feof(f)) {
|
||||
return 0;
|
||||
} else {
|
||||
- verbose("%s: %s line %lu exceeds size limit", __func__,
|
||||
+ pam_ssh_auth_verbose("%s: %s line %lu exceeds size limit", __func__,
|
||||
filename, *lineno);
|
||||
/* discard remainder of line */
|
||||
while (fgetc(f) != '\n' && !feof(f))
|
||||
@@ -662,16 +662,16 @@
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
- verbose("%s: invalid tunnel %u", __func__, tun);
|
||||
+ pam_ssh_auth_verbose("%s: invalid tunnel %u", __func__, tun);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
if (fd < 0) {
|
||||
- verbose("%s: %s open failed: %s", __func__, name, strerror(errno));
|
||||
+ pam_ssh_auth_verbose("%s: %s open failed: %s", __func__, name, strerror(errno));
|
||||
return (-1);
|
||||
}
|
||||
|
||||
- verbose("%s: %s mode %d fd %d", __func__, name, mode, fd);
|
||||
+ pam_ssh_auth_verbose("%s: %s mode %d fd %d", __func__, name, mode, fd);
|
||||
|
||||
/* Set the tunnel device operation mode */
|
||||
snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "tun%d", tun);
|
||||
@@ -703,7 +703,7 @@
|
||||
close(fd);
|
||||
if (sock >= 0)
|
||||
close(sock);
|
||||
- verbose("%s: failed to set %s mode %d: %s", __func__, name,
|
||||
+ pam_ssh_auth_verbose("%s: failed to set %s mode %d: %s", __func__, name,
|
||||
mode, strerror(errno));
|
||||
return (-1);
|
||||
#else
|
@ -1,58 +0,0 @@
|
||||
--- ./pam_ssh_agent_auth.c 2011-01-26 15:59:21.000000000 -0500
|
||||
+++ ../../pam_ssh_agent_auth-0.9.3.fixed/pam_ssh_agent_auth.c 2011-10-10 13:10:35.866387792 -0400
|
||||
@@ -124,7 +124,7 @@
|
||||
pam_get_item(pamh, PAM_USER, (void *) &user);
|
||||
pam_get_item(pamh, PAM_RUSER, (void *) &ruser_ptr);
|
||||
|
||||
- verbose("Beginning pam_ssh_agent_auth for user %s", user);
|
||||
+ pam_ssh_auth_verbose("Beginning pam_ssh_agent_auth for user %s", user);
|
||||
|
||||
if(ruser_ptr) {
|
||||
strncpy(ruser, ruser_ptr, sizeof(ruser) - 1);
|
||||
@@ -139,12 +139,12 @@
|
||||
#ifdef ENABLE_SUDO_HACK
|
||||
if( (strlen(sudo_service_name) > 0) && strncasecmp(servicename, sudo_service_name, sizeof(sudo_service_name) - 1) == 0 && getenv("SUDO_USER") ) {
|
||||
strncpy(ruser, getenv("SUDO_USER"), sizeof(ruser) - 1 );
|
||||
- verbose( "Using environment variable SUDO_USER (%s)", ruser );
|
||||
+ pam_ssh_auth_verbose( "Using environment variable SUDO_USER (%s)", ruser );
|
||||
} else
|
||||
#endif
|
||||
{
|
||||
if( ! getpwuid(getuid()) ) {
|
||||
- verbose("Unable to getpwuid(getuid())");
|
||||
+ pam_ssh_auth_verbose("Unable to getpwuid(getuid())");
|
||||
goto cleanexit;
|
||||
}
|
||||
strncpy(ruser, getpwuid(getuid())->pw_name, sizeof(ruser) - 1);
|
||||
@@ -153,11 +153,11 @@
|
||||
|
||||
/* Might as well explicitely confirm the user exists here */
|
||||
if(! getpwnam(ruser) ) {
|
||||
- verbose("getpwnam(%s) failed, bailing out", ruser);
|
||||
+ pam_ssh_auth_verbose("getpwnam(%s) failed, bailing out", ruser);
|
||||
goto cleanexit;
|
||||
}
|
||||
if( ! getpwnam(user) ) {
|
||||
- verbose("getpwnam(%s) failed, bailing out", user);
|
||||
+ pam_ssh_auth_verbose("getpwnam(%s) failed, bailing out", user);
|
||||
goto cleanexit;
|
||||
}
|
||||
|
||||
@@ -167,7 +167,7 @@
|
||||
*/
|
||||
parse_authorized_key_file(user, authorized_keys_file_input);
|
||||
} else {
|
||||
- verbose("Using default file=/etc/security/authorized_keys");
|
||||
+ pam_ssh_auth_verbose("Using default file=/etc/security/authorized_keys");
|
||||
authorized_keys_file = xstrdup("/etc/security/authorized_keys");
|
||||
}
|
||||
|
||||
@@ -177,7 +177,7 @@
|
||||
*/
|
||||
|
||||
if(user && strlen(ruser) > 0) {
|
||||
- verbose("Attempting authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file);
|
||||
+ pam_ssh_auth_verbose("Attempting authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file);
|
||||
|
||||
/*
|
||||
* this pw_uid is used to validate the SSH_AUTH_SOCK, and so must be the uid of the ruser invoking the program, not the target-user
|
@ -1,42 +0,0 @@
|
||||
--- ./pam_user_key_allowed2.c 2011-06-07 02:32:46.000000000 -0400
|
||||
+++ ../../pam_ssh_agent_auth-0.9.3.fixed/pam_user_key_allowed2.c 2011-10-10 13:10:35.866387792 -0400
|
||||
@@ -63,11 +63,11 @@
|
||||
Key *found;
|
||||
char *fp;
|
||||
|
||||
- verbose("trying public key file %s", file);
|
||||
+ pam_ssh_auth_verbose("trying public key file %s", file);
|
||||
|
||||
/* Fail not so quietly if file does not exist */
|
||||
if (stat(file, &st) < 0) {
|
||||
- verbose("File not found: %s", file);
|
||||
+ pam_ssh_auth_verbose("File not found: %s", file);
|
||||
return 0;
|
||||
}
|
||||
/* Open the file containing the authorized keys. */
|
||||
@@ -97,7 +97,7 @@
|
||||
if (key_read(found, &cp) != 1) {
|
||||
/* no key? check if there are options for this key */
|
||||
int quoted = 0;
|
||||
- verbose("user_key_allowed: check options: '%s'", cp);
|
||||
+ pam_ssh_auth_verbose("user_key_allowed: check options: '%s'", cp);
|
||||
key_options = cp;
|
||||
for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
|
||||
if (*cp == '\\' && cp[1] == '"')
|
||||
@@ -109,7 +109,7 @@
|
||||
for (; *cp == ' ' || *cp == '\t'; cp++)
|
||||
;
|
||||
if (key_read(found, &cp) != 1) {
|
||||
- verbose("user_key_allowed: advance: '%s'", cp);
|
||||
+ pam_ssh_auth_verbose("user_key_allowed: advance: '%s'", cp);
|
||||
/* still no key? advance to next line*/
|
||||
continue;
|
||||
}
|
||||
@@ -128,6 +128,6 @@
|
||||
fclose(f);
|
||||
key_free(found);
|
||||
if (!found_key)
|
||||
- verbose("key not found");
|
||||
+ pam_ssh_auth_verbose("key not found");
|
||||
return found_key;
|
||||
}
|
@ -1,29 +0,0 @@
|
||||
--- ./secure_filename.c 2009-08-08 20:54:21.000000000 -0400
|
||||
+++ ../../pam_ssh_agent_auth-0.9.3.fixed/secure_filename.c 2011-10-10 13:10:35.867387919 -0400
|
||||
@@ -80,7 +80,7 @@
|
||||
int comparehome = 0;
|
||||
struct stat st;
|
||||
|
||||
- verbose("secure_filename: checking for uid: %u", uid);
|
||||
+ pam_ssh_auth_verbose("secure_filename: checking for uid: %u", uid);
|
||||
|
||||
if (realpath(file, buf) == NULL) {
|
||||
snprintf(err, errlen, "realpath %s failed: %s", file,
|
||||
@@ -107,7 +107,7 @@
|
||||
}
|
||||
strlcpy(buf, cp, sizeof(buf));
|
||||
|
||||
- verbose("secure_filename: checking '%s'", buf);
|
||||
+ pam_ssh_auth_verbose("secure_filename: checking '%s'", buf);
|
||||
if (stat(buf, &st) < 0 ||
|
||||
(st.st_uid != 0 && st.st_uid != uid) ||
|
||||
(st.st_mode & 022) != 0) {
|
||||
@@ -118,7 +118,7 @@
|
||||
|
||||
/* If are passed the homedir then we can stop */
|
||||
if (comparehome && strcmp(homedir, buf) == 0) {
|
||||
- verbose("secure_filename: terminating check at '%s'",
|
||||
+ pam_ssh_auth_verbose("secure_filename: terminating check at '%s'",
|
||||
buf);
|
||||
break;
|
||||
}
|
@ -1,11 +0,0 @@
|
||||
--- ./ssh-dss.c 2009-08-08 20:54:21.000000000 -0400
|
||||
+++ ../../pam_ssh_agent_auth-0.9.3.fixed/ssh-dss.c 2011-10-10 13:10:35.867387919 -0400
|
||||
@@ -179,7 +179,7 @@
|
||||
|
||||
DSA_SIG_free(sig);
|
||||
|
||||
- verbose("ssh_dss_verify: signature %s",
|
||||
+ pam_ssh_auth_verbose("ssh_dss_verify: signature %s",
|
||||
ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
|
||||
return ret;
|
||||
}
|
@ -1,28 +0,0 @@
|
||||
--- ./ssh-rsa.c 2009-08-08 20:54:21.000000000 -0400
|
||||
+++ ../../pam_ssh_agent_auth-0.9.3.fixed/ssh-rsa.c 2011-10-10 13:10:35.867387919 -0400
|
||||
@@ -75,7 +75,7 @@
|
||||
}
|
||||
if (len < slen) {
|
||||
u_int diff = slen - len;
|
||||
- verbose("slen %u > len %u", slen, len);
|
||||
+ pam_ssh_auth_verbose("slen %u > len %u", slen, len);
|
||||
memmove(sig + diff, sig, len);
|
||||
memset(sig, 0, diff);
|
||||
} else if (len > slen) {
|
||||
@@ -148,7 +148,7 @@
|
||||
return -1;
|
||||
} else if (len < modlen) {
|
||||
u_int diff = modlen - len;
|
||||
- verbose("ssh_rsa_verify: add padding: modlen %u > len %u",
|
||||
+ pam_ssh_auth_verbose("ssh_rsa_verify: add padding: modlen %u > len %u",
|
||||
modlen, len);
|
||||
sigblob = xrealloc(sigblob, 1, modlen);
|
||||
memmove(sigblob + diff, sigblob, len);
|
||||
@@ -169,7 +169,7 @@
|
||||
memset(digest, 'd', sizeof(digest));
|
||||
memset(sigblob, 's', len);
|
||||
xfree(sigblob);
|
||||
- verbose("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
|
||||
+ pam_ssh_auth_verbose("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
|
||||
return ret;
|
||||
}
|
Loading…
Reference in New Issue
Block a user