commit: 3e50a2a015fe3d523bfc4e72ed2175d4d6033e97
Author: Lars Wendler gentoo org>
AuthorDate: Wed Oct 24 12:05:16 2018 +
Commit: Lars Wendler gentoo org>
CommitDate: Wed Oct 24 12:05:48 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3e50a2a0
sys-auth/pam_p11: Fixed build with openssl-1.1
Closes: https://bugs.gentoo.org/658036
Signed-off-by: Lars Wendler gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11
.../pam_p11/files/pam_p11-0.2.0-openssl11.patch| 76 ++
sys-auth/pam_p11/pam_p11-0.2.0.ebuild | 10 ++-
2 files changed, 84 insertions(+), 2 deletions(-)
diff --git a/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
new file mode 100644
index 000..8c41e29bed1
--- /dev/null
+++ b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
@@ -0,0 +1,76 @@
+From 46a6079817c67a09e5ac493af3381c655bd91c26 Mon Sep 17 00:00:00 2001
+From: Peter Popovec
+Date: Tue, 21 Aug 2018 10:24:36 +0200
+Subject: [PATCH] Replacing deprecated OpenSSL API functions (#12)
+
+fixes https://github.com/OpenSC/pam_p11/issues/10
+---
+ configure.ac | 5 +
+ src/pam_p11.c | 17 ++---
+ 2 files changed, 19 insertions(+), 3 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 5bcbdd6..2854a99 100644
+--- a/configure.ac
b/configure.ac
+@@ -85,6 +85,11 @@ PKG_CHECK_MODULES(
+ )]
+ )
+
++saved_LIBS="$LIBS"
++LIBS="$OPENSSL_LIBS $LIBS"
++AC_CHECK_FUNCS(EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset)
++LIBS="$saved_LIBS"
++
+ if test -z "${PAM_LIBS}"; then
+ AC_ARG_VAR([PAM_CFLAGS], [C compiler flags for pam])
+ AC_ARG_VAR([PAM_LIBS], [linker flags for pam])
+diff --git a/src/pam_p11.c b/src/pam_p11.c
+index 2b4bfbe..60380e5 100644
+--- a/src/pam_p11.c
b/src/pam_p11.c
+@@ -31,6 +31,17 @@
+ #include
+ #include
+
++/* openssl deprecated API emulation */
++#ifndef HAVE_EVP_MD_CTX_NEW
++#define EVP_MD_CTX_new() EVP_MD_CTX_create()
++#endif
++#ifndef HAVE_EVP_MD_CTX_FREE
++#define EVP_MD_CTX_free(ctx) EVP_MD_CTX_destroy((ctx))
++#endif
++#ifndef HAVE_EVP_MD_CTX_RESET
++#define EVP_MD_CTX_reset(ctx) EVP_MD_CTX_cleanup((ctx))
++#endif
++
+ #ifdef ENABLE_NLS
+ #include
+ #include
+@@ -578,7 +589,7 @@ static int key_verify(pam_handle_t *pamh, int flags,
PKCS11_KEY *authkey)
+ unsigned char signature[256];
+ unsigned int siglen = sizeof signature;
+ const EVP_MD *md = EVP_sha1();
+- EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
++ EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
+ EVP_PKEY *privkey = PKCS11_get_private_key(authkey);
+ EVP_PKEY *pubkey = PKCS11_get_public_key(authkey);
+
+@@ -596,7 +607,7 @@ static int key_verify(pam_handle_t *pamh, int flags,
PKCS11_KEY *authkey)
+ || !EVP_SignInit(md_ctx, md)
+ || !EVP_SignUpdate(md_ctx, challenge, sizeof challenge)
+ || !EVP_SignFinal(md_ctx, signature, &siglen, privkey)
+- || !EVP_MD_CTX_cleanup(md_ctx)
++ || !EVP_MD_CTX_reset(md_ctx)
+ || !EVP_VerifyInit(md_ctx, md)
+ || !EVP_VerifyUpdate(md_ctx, challenge, sizeof
challenge)
+ || 1 != EVP_VerifyFinal(md_ctx, signature, siglen,
pubkey)) {
+@@ -613,7 +624,7 @@ static int key_verify(pam_handle_t *pamh, int flags,
PKCS11_KEY *authkey)
+ if (NULL != privkey)
+ EVP_PKEY_free(privkey);
+ if (NULL != md_ctx) {
+- EVP_MD_CTX_destroy(md_ctx);
++ EVP_MD_CTX_free(md_ctx);
+ }
+ return ok;
+ }
diff --git a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
b/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
index cc81b3a08cb..6156029daf1 100644
--- a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
+++ b/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
-inherit pam
+inherit autotools pam
DESCRIPTION="PAM module for authenticating against PKCS#11 tokens"
HOMEPAGE="https://github.com/opensc/pam_p11/wiki";
@@ -22,8 +22,14 @@ BDEPEND="virtual/pkgconfig"
PATCHES=(
"${FILESDIR}/${P}-build.patch"
+ "${FILESDIR}/${P}-openssl11.patch" #658036
)
+src_prepare() {
+ default
+ eautoreconf
+}
+
src_configure() {
econf --with-pamdir="$(getpam_mod_dir)"
}
