Source: otpw Severity: wishlist Hi,
This is a new effort to help in keeping this package up-to-date and functional. Based on the work provided by Jari Aalto in #669697 (but never merged back in the Debian archive), I provide here the additional changes to package the upstream release OTPW 1.5. Also, I fix an undefined symbol issue in the PAM module which occurs on hardware architecture lacking of few specific instructions. I have contacted the upstream developer Markus Kuhn to submit my patches and he answered me that it would do his best to fix the related issues in the next release. The attached diff has been made against the last package in the Debian archive and thus includes Jari's work. In the hope that it will help for this package to be maintained again. Thanks, Ludovic -- System Information: Debian Release: 8.7 APT prefers stable APT policy: (990, 'stable'), (500, 'unstable'), (500, 'testing') Architecture: armhf (armv7l) Kernel: Linux 3.14.14+ (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
diff -Nur otpw-1.3/debian/changelog otpw-1.5/debian/changelog --- otpw-1.3/debian/changelog 2017-02-23 14:30:12.872968094 +0100 +++ otpw-1.5/debian/changelog 2017-02-23 14:39:22.679403000 +0100 @@ -1,3 +1,31 @@ +otpw (1.5-0) UNRELEASED; urgency=medium + + * QA upload + * New upstream release + * Add patch: 01-fix-pam-otpw-linking + * Add patch: 02-fix-pam-otpw-useless-deps + * Add patch: 03-fix-makefile-pamlib-variable + * Add patch: 04-fix-signed-vs-unsigned-comparison + * Update to Standards-Version 3.9.6 + * Removed 01-pam-otpw-8.patch: applied upstream + + -- Ludovic Stordeur <[email protected]> Thu, 16 Feb 2017 15:22:19 +0100 + +otpw (1.3-2.1) unstable; urgency=low + + * Non-maintainer upload. + * Remove deprecated dpatch and upgrade to packaging format "3.0 quilt". + * Update to Standards-Version to 3.9.3 and debhelper to 9. + * Add build-arch and build-indep targets; use dh_prep in rules file. + * Fix copyright-refers-to-symlink-license (Lintian). + * Fix copyright-with-old-dh-make-debian-copyright (Lintian). + * Fix binary-control-field-duplicates-source (Lintian). + * Fix debian-rules-ignores-make-clean-error (Lintian). + * Fix no-homepage-field (Lintian). + * Fix debian-watch-contains-dh_make-template (Lintian). + + -- Jari Aalto <[email protected]> Sat, 21 Apr 2012 11:58:14 +0300 + otpw (1.3-2) unstable; urgency=low * Update maintainer address diff -Nur otpw-1.3/debian/compat otpw-1.5/debian/compat --- otpw-1.3/debian/compat 2017-02-23 14:30:12.872968094 +0100 +++ otpw-1.5/debian/compat 2017-02-03 20:59:50.643768697 +0100 @@ -1 +1 @@ -5 +9 diff -Nur otpw-1.3/debian/control otpw-1.5/debian/control --- otpw-1.3/debian/control 2017-02-23 14:30:12.873968161 +0100 +++ otpw-1.5/debian/control 2017-02-16 15:28:36.856206278 +0100 @@ -1,14 +1,15 @@ Source: otpw Priority: optional -Maintainer: Matthew Johnson <[email protected]> -Build-Depends: debhelper (>= 5), libpam-dev, dpatch -Standards-Version: 3.7.2 Section: libs +Maintainer: Matthew Johnson <[email protected]> +Build-Depends: debhelper (>= 9), libpam-dev +Standards-Version: 3.9.6 +Homepage: http://freecode.com/projects/otpw Package: libotpw-dev Section: libdevel Architecture: any -Depends: +Depends: ${misc:Depends}, Recommends: otpw-bin Description: OTPW library development files and documentation OTPW is a one-time password system which is robust against @@ -19,7 +20,6 @@ programs using OTPW and the documentation of the OTPW system. Package: libpam-otpw -Section: libs Architecture: any Recommends: otpw-bin Depends: ${shlibs:Depends}, ${misc:Depends} diff -Nur otpw-1.3/debian/copyright otpw-1.5/debian/copyright --- otpw-1.3/debian/copyright 2017-02-23 14:30:12.874968227 +0100 +++ otpw-1.5/debian/copyright 2017-02-03 20:59:50.644768835 +0100 @@ -5,7 +5,9 @@ Upstream Author: Markus Kuhn <[email protected]> -Copyright: 1998--2003 Markus Kuhn (exceptions below). +Copyright: + +Copyright (C) 1998--2003 Markus Kuhn (exceptions below). License: @@ -18,13 +20,13 @@ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. -Full text of the licence can be found in /usr/share/common-licenses/GPL +Full text of the licence can be found in /usr/share/common-licenses/GPL-2 Upstream has confirmed that all the files distributed in the tarball are licenced under the GPL. The files rmd160.c and rmd160.h are written by Antoon Bosselaers and Copyright -(c) Katholieke Universiteit Leuven 1996. Upstream has confirmed that he has +(C) Katholieke Universiteit Leuven 1996. Upstream has confirmed that he has permission to distribute and use these also under the terms of the GNU GPL version 2 or later as well: @@ -60,7 +62,8 @@ > http://www.cl.cam.ac.uk/~mgk25/ || CB3 0FD, Great Britain > -The Debian packaging is (C) 2007, Matthew Johnson <[email protected]> and -is licensed under the GPL, see `/usr/share/common-licenses/GPL'. +The Debian packaging is Copyright (C) 2007, Matthew Johnson +<[email protected]> and is licensed under the GPL, see +"/usr/share/common-licenses/GPL-2". diff -Nur otpw-1.3/debian/libotpw-dev.install otpw-1.5/debian/libotpw-dev.install --- otpw-1.3/debian/libotpw-dev.install 2017-02-23 14:30:12.874968227 +0100 +++ otpw-1.5/debian/libotpw-dev.install 2017-02-04 00:12:59.552036651 +0100 @@ -1,2 +1 @@ -/usr/lib /usr/include diff -Nur otpw-1.3/debian/patches/00list otpw-1.5/debian/patches/00list --- otpw-1.3/debian/patches/00list 2017-02-23 14:30:12.877968426 +0100 +++ otpw-1.5/debian/patches/00list 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -01_pam_otpw_8 diff -Nur otpw-1.3/debian/patches/01-fix-pam-otpw-linking otpw-1.5/debian/patches/01-fix-pam-otpw-linking --- otpw-1.3/debian/patches/01-fix-pam-otpw-linking 1970-01-01 01:00:00.000000000 +0100 +++ otpw-1.5/debian/patches/01-fix-pam-otpw-linking 2017-02-16 11:29:05.926476693 +0100 @@ -0,0 +1,33 @@ +commit f084457ebcb657afba47c76f5d3e5880493cf7b8 +Author: Ludovic Stordeur <[email protected]> +Date: Thu Feb 9 23:02:00 2017 +0100 + + Use `gcc' to link pam_otpw.so instead of `ld'. + + Using `gcc' as a linking driver is the natural way to perform the + linking step as it will take care to add the necessary additional + libraries. + + This solves the following issues: + - pam_otpw.so was not linked against the libc; while this is generally + not an issue, pam_otpw.so uses features of the libc and as a result it + should record it as a runtime dependency; + - pam_otpw.so did not work on some embedded architectures (ex: armv7l) + which do not implement in hardware some operations like modulo. In + such situation, pam_otpw.so must statically link against libgcc.a which + brings software emulation of these operations. Such implicit linking is + correctly performed when using gcc as a linking driver. + +diff --git a/Makefile b/Makefile +index 9c82d86..e1c35aa 100644 +--- a/Makefile ++++ b/Makefile +@@ -28,7 +28,7 @@ rmd160.o: rmd160.c rmd160.h + otpw-l.o: otpw-l.c otpw.c otpw.h md.h + pam_otpw.o: pam_otpw.c otpw.h md.h + pam_otpw.so: pam_otpw.o otpw-l.o rmd160.o md.o +- ld --shared -o $@ $+ -lcrypt -lpam -lpam_misc ++ $(CC) --shared -o $@ $+ -lcrypt -lpam -lpam_misc + + distribution: + git archive --prefix otpw-$(VERSION)/ -o otpw-$(VERSION).tar.gz v$(VERSION) diff -Nur otpw-1.3/debian/patches/01_pam_otpw_8.dpatch otpw-1.5/debian/patches/01_pam_otpw_8.dpatch --- otpw-1.3/debian/patches/01_pam_otpw_8.dpatch 2017-02-23 14:30:12.877968426 +0100 +++ otpw-1.5/debian/patches/01_pam_otpw_8.dpatch 1970-01-01 01:00:00.000000000 +0100 @@ -1,16 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 01_pam_otpw_8.dpatch by <[email protected]> -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Patch the manpage to the correct section - -@DPATCH@ - ---- a/pam_otpw.8 2007-03-13 10:27:09.979243250 +0000 -+++ b/pam_otpw.8.orig 2007-03-13 10:27:02.262761000 +0000 -@@ -1,4 +1,4 @@ --.TH PAMOTPW 1 "2003-09-30" -+.TH PAMOTPW 8 "2003-09-30" - .SH NAME - pam_otpw \- verify one-time passwords - .SH SYNOPSIS diff -Nur otpw-1.3/debian/patches/02-fix-pam-otpw-useless-deps otpw-1.5/debian/patches/02-fix-pam-otpw-useless-deps --- otpw-1.3/debian/patches/02-fix-pam-otpw-useless-deps 1970-01-01 01:00:00.000000000 +0100 +++ otpw-1.5/debian/patches/02-fix-pam-otpw-useless-deps 2017-02-16 11:29:17.925256795 +0100 @@ -0,0 +1,22 @@ +commit c526ef75c9e287b9a457b9c190a7ab7e9825b61a +Author: Ludovic Stordeur <[email protected]> +Date: Thu Feb 9 23:09:39 2017 +0100 + + Remove useless dependencies of pam_otpw.so + + pam_otpw.so does not use any symbols of libpam_misc.so nor libcrypt.so + and as a result it should not link against it. + +diff --git a/Makefile b/Makefile +index e1c35aa..b2a3e79 100644 +--- a/Makefile ++++ b/Makefile +@@ -28,7 +28,7 @@ rmd160.o: rmd160.c rmd160.h + otpw-l.o: otpw-l.c otpw.c otpw.h md.h + pam_otpw.o: pam_otpw.c otpw.h md.h + pam_otpw.so: pam_otpw.o otpw-l.o rmd160.o md.o +- $(CC) --shared -o $@ $+ -lcrypt -lpam -lpam_misc ++ $(CC) --shared -o $@ $+ -lpam + + distribution: + git archive --prefix otpw-$(VERSION)/ -o otpw-$(VERSION).tar.gz v$(VERSION) diff -Nur otpw-1.3/debian/patches/03-fix-makefile-pamlib-variable otpw-1.5/debian/patches/03-fix-makefile-pamlib-variable --- otpw-1.3/debian/patches/03-fix-makefile-pamlib-variable 1970-01-01 01:00:00.000000000 +0100 +++ otpw-1.5/debian/patches/03-fix-makefile-pamlib-variable 2017-02-16 11:31:52.973339862 +0100 @@ -0,0 +1,21 @@ +commit b64ae53ebbbb5d21dff5c8268a28e045b50a8c81 +Author: Ludovic Stordeur <[email protected]> +Date: Thu Feb 9 23:25:29 2017 +0100 + + Use `gcc' to guess the Target Triplet instead of hardcoding one. + + This should help to provide a more portable PAMLIB variable computation. + +Index: otpw-1.5/Makefile +=================================================================== +--- otpw-1.5.orig/Makefile ++++ otpw-1.5/Makefile +@@ -39,7 +39,7 @@ release: + rsync -t otpw.html $(HOME)/public_html/ + + #PAMLIB=/lib/security +-PAMLIB=/lib/x86_64-linux-gnu/security ++PAMLIB=/lib/$(gcc -dumpmachine)/security + + install: install-pam install-gen + diff -Nur otpw-1.3/debian/patches/04-fix-signed-vs-unsigned-comparison otpw-1.5/debian/patches/04-fix-signed-vs-unsigned-comparison --- otpw-1.3/debian/patches/04-fix-signed-vs-unsigned-comparison 1970-01-01 01:00:00.000000000 +0100 +++ otpw-1.5/debian/patches/04-fix-signed-vs-unsigned-comparison 2017-02-16 11:29:18.156271815 +0100 @@ -0,0 +1,37 @@ +commit 8fc6b3d5f01f6de2d517986330ab4c5896a81d64 +Author: Ludovic Stordeur <[email protected]> +Date: Thu Feb 16 11:03:25 2017 +0100 + + Fix GCC warning: signed vs unsigned comparison. + + The `struct passwd.pw_uid' is typed with `uid_t' which is defined as an + unsigned integer. + + So we now define `otpw_autopseudouser_maxuid' as an `uid_t' as well. + + As a result, the comparison of this variable against 0 at otpw.c:124 + can be removed. + +diff --git a/otpw.c b/otpw.c +index ba91558..6fc585b 100644 +--- a/otpw.c ++++ b/otpw.c +@@ -58,7 +58,7 @@ char *otpw_magic = "OTPW1\n"; + struct otpw_pwdbuf *otpw_pseudouser = NULL; + + char *otpw_autopseudouser = "otpw"; +-long otpw_autopseudouser_maxuid = 999; ++uid_t otpw_autopseudouser_maxuid = 999; + + /* allocate a struct otpw_pwdbuf (of suitable size to also hold the strings) */ + static struct otpw_pwdbuf *otpw_malloc_pwdbuf(void) +@@ -121,8 +121,7 @@ int otpw_set_pseudouser(struct otpw_pwdbuf **pseudouser) + int err; + err = otpw_getpwnam(otpw_autopseudouser, pseudouser); + if (otpw_pseudouser) { +- if (otpw_autopseudouser_maxuid >= 0 && +- otpw_pseudouser->pwd.pw_uid > otpw_autopseudouser_maxuid) { ++ if (otpw_pseudouser->pwd.pw_uid > otpw_autopseudouser_maxuid) { + err = EINVAL; + free(*pseudouser); + otpw_pseudouser = NULL; diff -Nur otpw-1.3/debian/patches/series otpw-1.5/debian/patches/series --- otpw-1.3/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 +++ otpw-1.5/debian/patches/series 2017-02-16 11:30:53.587477345 +0100 @@ -0,0 +1,4 @@ +01-fix-pam-otpw-linking +02-fix-pam-otpw-useless-deps +03-fix-makefile-pamlib-variable +04-fix-signed-vs-unsigned-comparison diff -Nur otpw-1.3/debian/rules otpw-1.5/debian/rules --- otpw-1.3/debian/rules 2017-02-23 14:30:12.878968492 +0100 +++ otpw-1.5/debian/rules 2017-02-16 11:08:13.929669435 +0100 @@ -9,7 +9,6 @@ # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 - CFLAGS = -Wall -g ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) @@ -18,41 +17,31 @@ CFLAGS += -O2 endif -patch: patch-stamp -patch-stamp: - dpatch apply-all - dpatch cat-all >patch-stamp - -unpatch: - dpatch deapply-all - rm -rf patch-stamp debian/patched +build-arch: build +build-indep: build build: build-stamp -build-stamp: patch +build-stamp: dh_testdir # Add here commands to compile the package. $(MAKE) CFLAGS="-fPIC -O -ggdb -W -Wall" otpw-gen pam_otpw.so - ar r libotpw.a md.o otpw-l.o pam_otpw.o rmd160.o - ranlib libotpw.a - touch $@ -clean: unpatch +clean: dh_testdir dh_testroot rm -f build-stamp configure-stamp # Add here commands to clean up after the build process. - -$(MAKE) clean - rm -f libotpw.a + [ ! -f Makefile ] || $(MAKE) clean dh_clean install: build dh_testdir dh_testroot - dh_clean -k + dh_prep dh_installdirs # Add here commands to install the package into debian/tmp @@ -64,7 +53,6 @@ install -d debian/tmp/usr/include install -m644 otpw.h debian/tmp/usr/include install -d debian/tmp/usr/lib - install -m644 libotpw.a debian/tmp/usr/lib # Build architecture-independent files here. binary-indep: build install diff -Nur otpw-1.3/debian/source/format otpw-1.5/debian/source/format --- otpw-1.3/debian/source/format 1970-01-01 01:00:00.000000000 +0100 +++ otpw-1.5/debian/source/format 2017-02-03 20:59:50.646769104 +0100 @@ -0,0 +1 @@ +3.0 (quilt) diff -Nur otpw-1.3/debian/watch otpw-1.5/debian/watch --- otpw-1.3/debian/watch 2017-02-23 14:30:12.878968492 +0100 +++ otpw-1.5/debian/watch 2017-02-03 20:59:50.645768970 +0100 @@ -1,10 +1,2 @@ -# Example watch control file for uscan -# Rename this file to "watch" and then you can run the "uscan" command -# to check for upstream updates and more. -# See uscan(1) for format - -# Compulsory line, this is a version 3 file version=3 - http://www.cl.cam.ac.uk/~mgk25/download/otpw-([\.0-9]*)\.tar\.gz -
