Hello community, here is the log from the commit of package pam_yubico for openSUSE:Factory checked in at 2016-04-28 16:56:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pam_yubico (Old) and /work/SRC/openSUSE:Factory/.pam_yubico.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam_yubico" Changes: -------- --- /work/SRC/openSUSE:Factory/pam_yubico/pam_yubico.changes 2015-10-14 16:44:30.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.pam_yubico.new/pam_yubico.changes 2016-04-28 17:02:03.000000000 +0200 @@ -1,0 +2,8 @@ +Mon Apr 25 20:18:57 UTC 2016 - [email protected] + +- Version 2.21 (released 2016-02-19) + - Add proxy support for yubico-c-client. + - Check that conv is set before trying to use it fixes a crash bug with the osx loginwindow. + - Add building of a mac installer. + +------------------------------------------------------------------- Old: ---- pam_yubico-2.20.tar.gz pam_yubico-2.20.tar.gz.sig New: ---- pam_yubico-2.21.tar.gz pam_yubico-2.21.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam_yubico.spec ++++++ --- /var/tmp/diff_new_pack.YVmOPM/_old 2016-04-28 17:02:05.000000000 +0200 +++ /var/tmp/diff_new_pack.YVmOPM/_new 2016-04-28 17:02:05.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package pam_yubico # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: pam_yubico -Version: 2.20 +Version: 2.21 Release: 0 Summary: Yubico Pluggable Authentication Module (PAM) License: BSD-2-Clause ++++++ pam_yubico-2.20.tar.gz -> pam_yubico-2.21.tar.gz ++++++ ++++ 2185 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/ChangeLog new/pam_yubico-2.21/ChangeLog --- old/pam_yubico-2.20/ChangeLog 2015-09-22 08:14:23.000000000 +0200 +++ new/pam_yubico-2.21/ChangeLog 2016-02-19 12:18:10.000000000 +0100 @@ -1,3 +1,75 @@ +2016-02-19 Klas Lindfors <[email protected]> + + * NEWS: NEWS for 2.21 + +2016-02-17 Klas Lindfors <[email protected]> + + * mac.mk: add first stab at makefile for mac installer fixes #76 + +2016-02-17 Klas Lindfors <[email protected]> + + * pam_yubico.c, util.c: pass cfg->debug to check_firmware_version() + and let it use D macro + +2016-02-16 Klas Lindfors <[email protected]> + + * : Merge pull request #88 from + shankerwangmiao/bug-fix-for-null-conv add check for NULL conv + +2015-11-16 Klas Lindfors <[email protected]> + + * : commit e231b8217cdfc25bffc7181a1270dfd840a3aebf Author: mikemn + <[email protected]> Date: Thu Nov 12 15:02:49 2015 + -0600 + +2015-11-11 mikemn <[email protected]> + + * pam_yubico.8.txt, pam_yubico.c: Add proxy support via Curl + +2015-11-13 Klas Lindfors <[email protected]> + + * tests/aux/build-and-test.sh: set -e later for travis and hope for + the best + +2015-11-13 Klas Lindfors <[email protected]> + + * tests/aux/build-and-test.sh: add brew update for travis + +2015-10-08 Klas Lindfors <[email protected]> + + * configure.ac, m4/valgrind-tests.m4: with more thought: remove + valgrind for tests since curl+gnutls seems to leave gnutls inited data around + +2015-10-08 Klas Lindfors <[email protected]> + + * configure.ac, m4/valgrind-tests.m4: add valgrind-tests + +2015-10-08 Klas Lindfors <[email protected]> + + * pam_yubico.c: use correct modifier for size_t print + +2015-10-08 Klas Lindfors <[email protected]> + + * .travis.yml, tests/aux/build-and-test.sh, tests/pam_test.c: setup + travis to do multi-os builds + +2015-10-08 Klas Lindfors <[email protected]> + + * tests/Makefile.am, tests/test.c: drop the non-portable test test it linked with the module and didn't really do anything, making the + test suite more fragile than necessary + +2015-10-05 Klas Lindfors <[email protected]> + + * README, doc/YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc, + doc/YubiKey_and_FreeRADIUS_via_PAM.adoc: remove forgotten references + to wiki There is no wiki for this project, that information is either in the + doc folder or in the project manpages. Both of which accessible from + https://developers.yubico.com/yubico-pam/ fixes #81 + +2015-09-22 Klas Lindfors <[email protected]> + + * NEWS, configure.ac: bump versions + 2015-09-22 Klas Lindfors <[email protected]> * NEWS: NEWS for 2.20 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/NEWS new/pam_yubico-2.21/NEWS --- old/pam_yubico-2.20/NEWS 2015-09-22 08:14:05.000000000 +0200 +++ new/pam_yubico-2.21/NEWS 2016-02-19 12:17:55.000000000 +0100 @@ -1,5 +1,14 @@ pam_yubico NEWS -- History of user-visible changes. -*- outline -*- +* Version 2.21 (released 2016-02-19) + +** Add proxy support for yubico-c-client. + +** Check that conv is set before trying to use it +fixes a crash bug with the osx loginwindow. + +** Add building of a mac installer. + * Version 2.20 (released 2015-09-22) ** Add cainfo option to allow usage of a cabundle instead of path. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/README new/pam_yubico-2.21/README --- old/pam_yubico-2.20/README 2015-03-17 09:32:47.000000000 +0100 +++ new/pam_yubico-2.21/README 2015-11-16 09:09:04.000000000 +0100 @@ -129,7 +129,7 @@ mv /usr/local/lib/security/pam_yubico.so /lib/security/ ---- -For more information, see the project Wiki page. +For more information, see the project documentation. Supported PAM module parameters are: @@ -188,6 +188,12 @@ required if 'https' or 'ldaps' are used in 'url' and 'ldap_uri' respectively. +proxy:: +specify a proxy to connect to the validation server. Valid schemes are +socks4://, socks4a://, socks5:// or socks5h://. Socks5h asks the proxy +to do the dns resolving. If no scheme or port is specified HTTP proxy +port 1080 will be used. + verbose_otp:: This argument is used to show the OTP (One-Time Password) when it is entered, i.e. to enable terminal echo of entered characters. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/build-aux/ar-lib new/pam_yubico-2.21/build-aux/ar-lib --- old/pam_yubico-2.20/build-aux/ar-lib 2015-08-11 08:53:25.000000000 +0200 +++ new/pam_yubico-2.21/build-aux/ar-lib 2015-11-11 12:48:14.000000000 +0100 @@ -4,7 +4,7 @@ me=ar-lib scriptversion=2012-03-01.08; # UTC -# Copyright (C) 2010-2013 Free Software Foundation, Inc. +# Copyright (C) 2010-2014 Free Software Foundation, Inc. # Written by Peter Rosin <[email protected]>. # # This program is free software; you can redistribute it and/or modify diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/build-aux/compile new/pam_yubico-2.21/build-aux/compile --- old/pam_yubico-2.20/build-aux/compile 2015-08-11 08:53:25.000000000 +0200 +++ new/pam_yubico-2.21/build-aux/compile 2015-11-11 12:48:14.000000000 +0100 @@ -3,7 +3,7 @@ scriptversion=2012-10-14.11; # UTC -# Copyright (C) 1999-2013 Free Software Foundation, Inc. +# Copyright (C) 1999-2014 Free Software Foundation, Inc. # Written by Tom Tromey <[email protected]>. # # This program is free software; you can redistribute it and/or modify diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/build-aux/missing new/pam_yubico-2.21/build-aux/missing --- old/pam_yubico-2.20/build-aux/missing 2015-08-11 08:53:25.000000000 +0200 +++ new/pam_yubico-2.21/build-aux/missing 2015-11-11 12:48:14.000000000 +0100 @@ -3,7 +3,7 @@ scriptversion=2013-10-28.13; # UTC -# Copyright (C) 1996-2013 Free Software Foundation, Inc. +# Copyright (C) 1996-2014 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard <[email protected]>, 1996. # This program is free software; you can redistribute it and/or modify diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/build-aux/test-driver new/pam_yubico-2.21/build-aux/test-driver --- old/pam_yubico-2.20/build-aux/test-driver 2015-08-11 08:53:25.000000000 +0200 +++ new/pam_yubico-2.21/build-aux/test-driver 2015-11-11 12:48:15.000000000 +0100 @@ -3,7 +3,7 @@ scriptversion=2013-07-13.22; # UTC -# Copyright (C) 2011-2013 Free Software Foundation, Inc. +# Copyright (C) 2011-2014 Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -106,11 +106,14 @@ # Test script is run here. "$@" >$log_file 2>&1 estatus=$? + if test $enable_hard_errors = no && test $estatus -eq 99; then - estatus=1 + tweaked_estatus=1 +else + tweaked_estatus=$estatus fi -case $estatus:$expect_failure in +case $tweaked_estatus:$expect_failure in 0:yes) col=$red res=XPASS recheck=yes gcopy=yes;; 0:*) col=$grn res=PASS recheck=no gcopy=no;; 77:*) col=$blu res=SKIP recheck=no gcopy=yes;; @@ -119,6 +122,12 @@ *:*) col=$red res=FAIL recheck=yes gcopy=yes;; esac +# Report the test outcome and exit status in the logs, so that one can +# know whether the test passed or failed simply by looking at the '.log' +# file, without the need of also peaking into the corresponding '.trs' +# file (automake bug#11814). +echo "$res $test_name (exit status: $estatus)" >>$log_file + # Report outcome to console. echo "${col}${res}${std}: $test_name" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/configure.ac new/pam_yubico-2.21/configure.ac --- old/pam_yubico-2.20/configure.ac 2015-09-11 13:55:29.000000000 +0200 +++ new/pam_yubico-2.21/configure.ac 2015-10-08 12:04:18.000000000 +0200 @@ -26,7 +26,7 @@ # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -AC_INIT([pam_yubico], [2.20], [[email protected]]) +AC_INIT([pam_yubico], [2.21], [[email protected]]) AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE([1.11 foreign -Wall -Werror]) @@ -160,7 +160,6 @@ gl_WARN_ADD([-fdiagnostics-show-option]) fi - AC_CONFIG_FILES(Makefile) AC_CONFIG_FILES(tests/Makefile) AC_OUTPUT diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/doc/YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc new/pam_yubico-2.21/doc/YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc --- old/pam_yubico-2.20/doc/YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc 2014-10-30 08:10:39.000000000 +0100 +++ new/pam_yubico-2.21/doc/YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc 2015-10-05 10:06:52.000000000 +0200 @@ -62,12 +62,12 @@ Installation of pam_yubico module : ----------------------------------- Build instructions for pam_yubico are available in the README. -(https://github.com/Yubico/yubico-pam/wiki/ReadMe) +(https://developers.yubico.com/yubico-pam/) Configuration of pam_yubico module : ------------------------------------ Configuration instructions for pam_yubico are also available in the README. -(https://github.com/Yubico/yubico-pam/wiki/ReadMe) +(https://developers.yubico.com/yubico-pam/) _Make sure you set your system up for either central authorization mapping, or user level mapping, as this will control which users can connect to the diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/doc/YubiKey_and_FreeRADIUS_via_PAM.adoc new/pam_yubico-2.21/doc/YubiKey_and_FreeRADIUS_via_PAM.adoc --- old/pam_yubico-2.20/doc/YubiKey_and_FreeRADIUS_via_PAM.adoc 2014-11-03 11:23:32.000000000 +0100 +++ new/pam_yubico-2.21/doc/YubiKey_and_FreeRADIUS_via_PAM.adoc 2015-10-05 10:06:32.000000000 +0200 @@ -60,13 +60,13 @@ === Installation of pam_yubico module === Build instructions for pam_yubico are available in the README. -(https://github.com/Yubico/yubico-pam/wiki/ReadMe) +(https://developers.yubico.com/yubico-pam/) === Configuration of pam_yubico module === Configuration instructions for pam_yubico are also available in the README. -(https://github.com/Yubico/yubico-pam/wiki/ReadMe) +(https://developers.yubico.com/yubico-pam/) NOTE: Make sure you set your system up for either central authorization mapping, or user level mapping, as this will control which users can connect to the diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/pam_yubico.8 new/pam_yubico-2.21/pam_yubico.8 --- old/pam_yubico-2.20/pam_yubico.8 2015-09-15 15:00:08.000000000 +0200 +++ new/pam_yubico-2.21/pam_yubico.8 2016-02-18 13:12:48.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: pam_yubico .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: Version 2.20 +.\" Date: Version 2.21 .\" Manual: Yubico PAM Module Manual .\" Source: yubico-pam .\" Language: English .\" -.TH "PAM_YUBICO" "8" "Version 2\&.20" "yubico\-pam" "Yubico PAM Module Manual" +.TH "PAM_YUBICO" "8" "Version 2\&.21" "yubico\-pam" "Yubico PAM Module Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -103,6 +103,11 @@ respectively\&. .RE .PP +\fBproxy\fR=\fIproxy\fR +.RS 4 +Specify a proxy to connect to the validation server\&. Valid schemes are socks4://, socks4a://, socks5:// or socks5h://\&. Socks5h asks the proxy to do the dns resolving\&. If no scheme or port is specified HTTP proxy port 1080 will be used\&. E\&.g\&. socks5h://user:pass@10\&.10\&.0\&.1:1080 +.RE +.PP \fBverbose_otp\fR .RS 4 This argument is used to show the OTP (One Time Password) when it is entered, i\&.e\&. to enable terminal echo of entered characters\&. You are advised to not use this, if you are using two factor authentication because that will display your password on the screen\&. This requires the service using the PAM module to display custom fields\&. For example, OpenSSH requires you to configure "ChallengeResponseAuthentication no"\&. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/pam_yubico.8.txt new/pam_yubico-2.21/pam_yubico.8.txt --- old/pam_yubico-2.20/pam_yubico.8.txt 2015-09-15 15:00:07.000000000 +0200 +++ new/pam_yubico-2.21/pam_yubico.8.txt 2016-02-18 13:11:05.000000000 +0100 @@ -50,6 +50,9 @@ *capath*=_path_:: Specify the path where X509 certificates are stored. This is required if 'https' or 'ldaps' are used in 'url' and 'ldap_uri' respectively. +*proxy*=_proxy_:: +Specify a proxy to connect to the validation server. Valid schemes are socks4://, socks4a://, socks5:// or socks5h://. Socks5h asks the proxy to do the dns resolving. If no scheme or port is specified HTTP proxy port 1080 will be used. E.g. socks5h://user:[email protected]:1080 + *verbose_otp*:: This argument is used to show the OTP (One Time Password) when it is entered, i.e. to enable terminal echo of entered characters. You are advised to not use this, if you are using two factor authentication because that will display your password on the screen. This requires the service using the PAM module to display custom fields. For example, OpenSSH requires you to configure "ChallengeResponseAuthentication no". diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/pam_yubico.c new/pam_yubico-2.21/pam_yubico.c --- old/pam_yubico-2.20/pam_yubico.c 2015-09-14 13:29:30.000000000 +0200 +++ new/pam_yubico-2.21/pam_yubico.c 2016-02-19 11:03:52.000000000 +0100 @@ -111,6 +111,7 @@ const char *auth_file; const char *capath; const char *cainfo; + const char *proxy; const char *url; const char *urllist; const char *ldapserver; @@ -300,7 +301,7 @@ if (cfg->user_attr && cfg->yubi_attr && cfg->ldapdn) { i = (strlen(cfg->user_attr) + strlen(cfg->ldapdn) + strlen(user) + 3) * sizeof(char); if ((find = malloc(i)) == NULL) { - DBG (("Failed allocating %i bytes", i)); + DBG (("Failed allocating %zu bytes", i)); retval = 0; goto done; } @@ -406,11 +407,15 @@ return retval; } + if(!conv || !conv->conv){ + D(("conv() function invalid")); + return PAM_CONV_ERR; + } pmsg[0] = &msg[0]; msg[0].msg = (char *) message; /* on some systems, pam_message.msg isn't const */ msg[0].msg_style = PAM_ERROR_MSG; retval = conv->conv(1, pmsg, &resp, conv->appdata_ptr); - + if (retval != PAM_SUCCESS) { D(("conv returned error: %s", pam_strerror (pamh, retval))); return retval; @@ -456,7 +461,7 @@ goto out; } - if (! check_firmware_version(yk, false, true)) { + if (! check_firmware_version(yk, cfg->debug, true)) { DBG(("YubiKey does not support Challenge-Response (version 2.2 required)")); goto out; } @@ -710,6 +715,8 @@ cfg->capath = argv[i] + 7; if (strncmp (argv[i], "cainfo=", 7) == 0) cfg->cainfo = argv[i] + 7; + if (strncmp (argv[i], "proxy=", 6) == 0) + cfg->proxy = argv[i] + 6; if (strncmp (argv[i], "url=", 4) == 0) cfg->url = argv[i] + 4; if (strncmp (argv[i], "urllist=", 8) == 0) @@ -772,6 +779,7 @@ D (("urllist=%s", cfg->urllist ? cfg->urllist : "(null)")); D (("capath=%s", cfg->capath ? cfg->capath : "(null)")); D (("cainfo=%s", cfg->cainfo ? cfg->cainfo : "(null)")); + D (("proxy=%s", cfg->proxy ? cfg->proxy : "(null)")); D (("token_id_length=%d", cfg->token_id_length)); D (("mode=%s", cfg->mode == CLIENT ? "client" : "chresp" )); D (("chalresp_path=%s", cfg->chalresp_path ? cfg->chalresp_path : "(null)")); @@ -883,6 +891,9 @@ if (cfg->cainfo) ykclient_set_ca_info (ykc, cfg->cainfo); + if (cfg->proxy) + ykclient_set_proxy (ykc, cfg->proxy); + if (cfg->url) { rc = ykclient_set_url_template (ykc, cfg->url); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/tests/Makefile.am new/pam_yubico-2.21/tests/Makefile.am --- old/pam_yubico-2.20/tests/Makefile.am 2015-04-07 16:33:41.000000000 +0200 +++ new/pam_yubico-2.21/tests/Makefile.am 2015-10-08 12:04:04.000000000 +0200 @@ -30,14 +30,13 @@ AM_LDFLAGS = -no-install AM_CFLAGS=-I$(srcdir)/.. $(WARN_CFLAGS) AM_CPPFLAGS = @YKPERS_CFLAGS@ -test_LDADD = ../pam_yubico.la util_test_LDADD = ../libpam_util.la pam_test_LDADD = ../libpam_real.la ../libpam_util.la @LTLIBYUBIKEY@ @LTLIBYKCLIENT@ @LIBLDAP@ pam_test_CPPFLAGS = -DSRCDIR=\"$(srcdir)\" TESTS_ENVIRONMENT = export LDAPNOINIT=1; -check_PROGRAMS = test util_test pam_test +check_PROGRAMS = util_test pam_test TESTS = $(check_PROGRAMS) if ENABLE_COV diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/tests/pam_test.c new/pam_yubico-2.21/tests/pam_test.c --- old/pam_yubico-2.20/tests/pam_test.c 2015-03-04 14:40:31.000000000 +0100 +++ new/pam_yubico-2.21/tests/pam_test.c 2016-02-18 10:44:39.000000000 +0100 @@ -38,7 +38,14 @@ #include <assert.h> #include <security/pam_appl.h> +#ifdef HAVE_PAM_MODUTIL_DROP_PRIV #include <security/pam_modutil.h> +#else +#include <pwd.h> +struct pam_modutil_privs { + int noop; +}; +#endif #define YKVAL_PORT1 "17502" #define YKVAL_PORT2 "30559" @@ -83,7 +90,11 @@ return &_data[(long)id]; } +#ifdef OPENPAM +const char * pam_strerror(const pam_handle_t *pamh, int errnum) { +#else const char * pam_strerror(pam_handle_t *pamh, int errnum) { +#endif fprintf(stderr, "in pam_strerror()\n"); return "error"; } @@ -94,7 +105,16 @@ return PAM_SUCCESS; } +int pam_get_data(const pam_handle_t *pamh, const char *module_data_name, const void **data) { + fprintf(stderr, "in pam_get_data() %s\n", module_data_name); + return PAM_SUCCESS; +} + +#ifdef OPENPAM +int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt) { +#else int pam_get_user(const pam_handle_t *pamh, const char **user, const char *prompt) { +#endif fprintf(stderr, "in pam_get_user()\n"); *user = test_get_data((void*)pamh)->user; return PAM_SUCCESS; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/tests/test.c new/pam_yubico-2.21/tests/test.c --- old/pam_yubico-2.20/tests/test.c 2015-03-04 07:58:20.000000000 +0100 +++ new/pam_yubico-2.21/tests/test.c 1970-01-01 01:00:00.000000000 +0100 @@ -1,55 +0,0 @@ -/* Written by Simon Josefsson <[email protected]>. - * Copyright (c) 2007-2014 Yubico AB - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are - * met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include <stdio.h> -#include <stdlib.h> - -/* These #defines must be present according to PAM documentation. */ -#define PAM_SM_AUTH - -#ifdef HAVE_SECURITY_PAM_APPL_H -#include <security/pam_appl.h> -#endif -#ifdef HAVE_SECURITY_PAM_MODULES_H -#include <security/pam_modules.h> -#endif - - -int -main (int argc, const char **argv) -{ - pam_handle_t *pamh = NULL; - int rc; - - rc = pam_sm_authenticate (pamh, 0, 1, argv); - - printf ("rc %d\n", rc); - - return 0; -} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/util.c new/pam_yubico-2.21/util.c --- old/pam_yubico-2.20/util.c 2015-09-14 10:36:36.000000000 +0200 +++ new/pam_yubico-2.21/util.c 2016-02-19 11:03:52.000000000 +0100 @@ -206,10 +206,10 @@ } if (verbose) { - printf("Firmware version %d.%d.%d\n", + D(("YubiKey Firmware version: %d.%d.%d\n", ykds_version_major(st), ykds_version_minor(st), - ykds_version_build(st)); + ykds_version_build(st))); fflush(stdout); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/ykpamcfg.1 new/pam_yubico-2.21/ykpamcfg.1 --- old/pam_yubico-2.20/ykpamcfg.1 2015-08-18 14:11:50.000000000 +0200 +++ new/pam_yubico-2.21/ykpamcfg.1 2016-02-18 13:12:48.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: ykpamcfg .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: Version 2.20 +.\" Date: Version 2.21 .\" Manual: Yubico PAM Module Manual .\" Source: yubico-pam .\" Language: English .\" -.TH "YKPAMCFG" "1" "Version 2\&.20" "yubico\-pam" "Yubico PAM Module Manual" +.TH "YKPAMCFG" "1" "Version 2\&.21" "yubico\-pam" "Yubico PAM Module Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" -----------------------------------------------------------------
