[gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_p11/, sys-auth/pam_p11/files/

2023-04-27 Thread Sam James 
commit: b4d09bb5d767ebb39c3133c6456c018c74562e0e
Author: orbea  riseup  net>
AuthorDate: Wed Apr 26 16:00:23 2023 +
Commit: Sam James  gentoo  org>
CommitDate: Fri Apr 28 00:48:09 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b4d09bb5

sys-auth/pam_p11: Add upstream libressl patch

This patch was accepted upstream and fixes the build with libressl >= 3.0.0.

Bug: https://bugs.gentoo.org/903001
Upstream-PR: https://github.com/OpenSC/pam_p11/pull/26
Upstream-Commit: 
https://github.com/OpenSC/pam_p11/commit/cb2f0c318c94e30addfce3b432ed91496a43e411
Signed-off-by: orbea  riseup.net>
Closes: https://github.com/gentoo/gentoo/pull/30771
Signed-off-by: Sam James  gentoo.org>

 .../pam_p11/files/pam_p11-0.3.1-libressl.patch | 28 ++
 sys-auth/pam_p11/pam_p11-0.3.1.ebuild  |  6 -
 2 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/sys-auth/pam_p11/files/pam_p11-0.3.1-libressl.patch 
b/sys-auth/pam_p11/files/pam_p11-0.3.1-libressl.patch
new file mode 100644
index ..e085e06e9006
--- /dev/null
+++ b/sys-auth/pam_p11/files/pam_p11-0.3.1-libressl.patch
@@ -0,0 +1,28 @@
+https://bugs.gentoo.org/903001
+https://github.com/OpenSC/pam_p11/pull/26
+https://github.com/OpenSC/pam_p11/commit/cb2f0c318c94e30addfce3b432ed91496a43e411
+
+From b307045a93d042ac9e3871e35f8495e8bb201574 Mon Sep 17 00:00:00 2001
+From: orbea 
+Date: Tue, 11 Apr 2023 07:29:12 -0700
+Subject: [PATCH] match_openssh: Fix the build for LibreSSL >= 3.0.0
+
+Newer LibreSSL versions no longer need the older OpenSSL APIs.
+---
+ src/match_openssh.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/match_openssh.c b/src/match_openssh.c
+index 89cbd73..fb59308 100644
+--- a/src/match_openssh.c
 b/src/match_openssh.c
+@@ -22,7 +22,8 @@
+ 
+ #define OPENSSH_LINE_MAX 16384/* from openssh SSH_MAX_PUBKEY_BYTES */
+ 
+-#if (OPENSSL_VERSION_NUMBER < 0x1010L) || defined 
(LIBRESSL_VERSION_NUMBER)
++#if (OPENSSL_VERSION_NUMBER < 0x1010L) || \
++(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x300L)
+ void RSA_get0_key(const RSA *r,
+  const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
+ {

diff --git a/sys-auth/pam_p11/pam_p11-0.3.1.ebuild 
b/sys-auth/pam_p11/pam_p11-0.3.1.ebuild
index 0322e3038be0..4b50c70d2edc 100644
--- a/sys-auth/pam_p11/pam_p11-0.3.1.ebuild
+++ b/sys-auth/pam_p11/pam_p11-0.3.1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2022 Gentoo Authors
+# Copyright 1999-2023 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
@@ -20,6 +20,10 @@ RDEPEND="sys-libs/pam
 DEPEND="${RDEPEND}"
 BDEPEND="virtual/pkgconfig"
 
+PATCHES=(
+   "${FILESDIR}/${P}-libressl.patch" #903001
+)
+
 src_configure() {
# Ugly way to work around deprecated declarations in openssl-3
append-cflags -Wno-error=deprecated-declarations

[gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_p11/, sys-auth/pam_p11/files/

2019-06-27 Thread Alon Bar-Lev 
commit: cee16c81ab7597ce05a1e0b985a533014653c234
Author: Alon Bar-Lev  gentoo  org>
AuthorDate: Thu Jun 27 10:08:09 2019 +
Commit: Alon Bar-Lev  gentoo  org>
CommitDate: Thu Jun 27 10:08:52 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cee16c81

sys-auth/pam_p11: cleanup old

Signed-off-by: Alon Bar-Lev  gentoo.org>
Package-Manager: Portage-2.3.66, Repoman-2.3.11

 sys-auth/pam_p11/Manifest  |  1 -
 sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch   | 26 
 .../pam_p11/files/pam_p11-0.2.0-openssl11.patch| 76 --
 sys-auth/pam_p11/pam_p11-0.2.0.ebuild  | 42 
 4 files changed, 145 deletions(-)

diff --git a/sys-auth/pam_p11/Manifest b/sys-auth/pam_p11/Manifest
index 55e93521a67..7b93d357274 100644
--- a/sys-auth/pam_p11/Manifest
+++ b/sys-auth/pam_p11/Manifest
@@ -1,2 +1 @@
-DIST pam_p11-0.2.0.tar.gz 417550 BLAKE2B 
e3c5bb32d6c7c84776341796ebdb9850a9561778aee820acb2a6c61112a2a5df5ee7c539cb5974439e565046e944f4710b87c3b51dea61fdb2cd9171daac3a0c
 SHA512 
2cadf6fe880c953554757099741f3cfe992067f251b7e7e977a6dda5f65cbe1f55b1de6d180638997eada0d3b760887091014b99f8ae4b6d31b25af8e555343c
 DIST pam_p11-0.3.0.tar.gz 422806 BLAKE2B 
60ac1cc0b8fff536553b2502f906f7730c1be760b2948389f5a6399979f994b3fcfa04226f1605c64d02bad47f46c9bd28fa076d819814b9121241b034407d4b
 SHA512 
f89cf57f6365c25e54830d18180aad7d14b7eaef82eb0d419bcc3d8b881e1e07993a2c4e635e90b4f2fb779fec24fa0d912388f898d726e387bc0db63d772d49

diff --git a/sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch 
b/sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch
deleted file mode 100644
index 813499acd3a..000
--- a/sys-auth/pam_p11/files/pam_p11-0.2.0-build.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 659a6eb5434039c27b41a9d06edc64923e5042b9 Mon Sep 17 00:00:00 2001
-From: Alon Bar-Lev 
-Date: Wed, 15 Aug 2018 18:30:51 +0300
-Subject: [PATCH] build: pam_p11: unsigned comparison
-
-Signed-off-by: Alon Bar-Lev 

- src/pam_p11.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/pam_p11.c b/src/pam_p11.c
-index 960c164..1cf6cb2 100644
 a/src/pam_p11.c
-+++ b/src/pam_p11.c
-@@ -553,7 +553,7 @@ static int randomize(pam_handle_t *pamh, unsigned char *r, 
unsigned int r_len)
- {
-   int ok = 0;
-   int fd = open("/dev/urandom", O_RDONLY);
--  if (0 <= fd && read(fd, r, r_len) == r_len) {
-+  if (0 <= fd && read(fd, r, r_len) == (ssize_t)r_len) {
-   ok = 1;
-   } else {
-   pam_syslog(pamh, LOG_CRIT, "Error reading from /dev/urandom: 
%s",
--- 
-2.16.4
-

diff --git a/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch 
b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
deleted file mode 100644
index 8c41e29bed1..000
--- a/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From 46a6079817c67a09e5ac493af3381c655bd91c26 Mon Sep 17 00:00:00 2001
-From: Peter Popovec 
-Date: Tue, 21 Aug 2018 10:24:36 +0200
-Subject: [PATCH] Replacing deprecated OpenSSL API functions (#12)
-
-fixes https://github.com/OpenSC/pam_p11/issues/10

- configure.ac  |  5 +
- src/pam_p11.c | 17 ++---
- 2 files changed, 19 insertions(+), 3 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 5bcbdd6..2854a99 100644
 a/configure.ac
-+++ b/configure.ac
-@@ -85,6 +85,11 @@ PKG_CHECK_MODULES(
-   )]
- )
- 
-+saved_LIBS="$LIBS"
-+LIBS="$OPENSSL_LIBS $LIBS"
-+AC_CHECK_FUNCS(EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset)
-+LIBS="$saved_LIBS"
-+
- if test -z "${PAM_LIBS}"; then
-   AC_ARG_VAR([PAM_CFLAGS], [C compiler flags for pam])
-   AC_ARG_VAR([PAM_LIBS], [linker flags for pam])
-diff --git a/src/pam_p11.c b/src/pam_p11.c
-index 2b4bfbe..60380e5 100644
 a/src/pam_p11.c
-+++ b/src/pam_p11.c
-@@ -31,6 +31,17 @@
- #include 
- #include 
- 
-+/* openssl deprecated API emulation */
-+#ifndef HAVE_EVP_MD_CTX_NEW
-+#define EVP_MD_CTX_new()  EVP_MD_CTX_create()
-+#endif
-+#ifndef HAVE_EVP_MD_CTX_FREE
-+#define EVP_MD_CTX_free(ctx)  EVP_MD_CTX_destroy((ctx))
-+#endif
-+#ifndef HAVE_EVP_MD_CTX_RESET
-+#define EVP_MD_CTX_reset(ctx) EVP_MD_CTX_cleanup((ctx))
-+#endif
-+
- #ifdef ENABLE_NLS
- #include 
- #include 
-@@ -578,7 +589,7 @@ static int key_verify(pam_handle_t *pamh, int flags, 
PKCS11_KEY *authkey)
-   unsigned char signature[256];
-   unsigned int siglen = sizeof signature;
-   const EVP_MD *md = EVP_sha1();
--  EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
-+  EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
-   EVP_PKEY *privkey = PKCS11_get_private_key(authkey);
-   EVP_PKEY *pubkey = PKCS11_get_public_key(authkey);
- 
-@@ -596,7 +607,7 @@ static int key_verify(pam_handle_t *pamh, int flags, 
PKCS11_KEY *authkey)
-   || !EVP_SignInit(md_ctx, md)
-   || !EVP_SignUpdate(md_ctx, challenge, sizeof challenge)
-   || !EVP_SignFinal(md_ctx,

[gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_p11/, sys-auth/pam_p11/files/

2017-03-06 Thread Alon Bar-Lev 
commit: fb8fbfe2f28e7ce11892e6bc27840c1cf48519f9
Author: Alon Bar-Lev  gentoo  org>
AuthorDate: Mon Mar  6 19:23:12 2017 +
Commit: Alon Bar-Lev  gentoo  org>
CommitDate: Mon Mar  6 19:25:38 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fb8fbfe2

sys-auth/pam_p11: avoid using ldscript fix build

Bug: 611874

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 sys-auth/pam_p11/files/pam_p11-0.1.5-build.patch | 41 
 sys-auth/pam_p11/pam_p11-0.1.5-r2.ebuild | 17 --
 2 files changed, 48 insertions(+), 10 deletions(-)

diff --git a/sys-auth/pam_p11/files/pam_p11-0.1.5-build.patch 
b/sys-auth/pam_p11/files/pam_p11-0.1.5-build.patch
new file mode 100644
index 000..5ca0b76d5e5
--- /dev/null
+++ b/sys-auth/pam_p11/files/pam_p11-0.1.5-build.patch
@@ -0,0 +1,41 @@
+From 8d09661398f14102703e19418f15e9cf3f3707d1 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev 
+Date: Mon, 6 Mar 2017 21:19:15 +0200
+Subject: [PATCH] build: export only needed symbols
+
+Signed-off-by: Alon Bar-Lev 
+---
+ src/Makefile.am | 3 ++-
+ src/pam_p11.exports | 6 ++
+ 2 files changed, 8 insertions(+), 1 deletion(-)
+ create mode 100644 src/pam_p11.exports
+
+diff --git a/src/Makefile.am b/src/Makefile.am
+index 8bfb0bd..83a3e3d 100644
+--- a/src/Makefile.am
 b/src/Makefile.am
+@@ -3,7 +3,8 @@
+ MAINTAINERCLEANFILES = Makefile.in
+ 
+ AM_CFLAGS = -Wall -fno-strict-aliasing $(OPENSSL_CFLAGS) $(LIBP11_CFLAGS)
+-AM_LDFLAGS = -module -avoid-version
++AM_LDFLAGS = -module -avoid-version -shared -no-undefined \
++  -export-symbols "$(srcdir)/pam_p11.exports"
+ 
+ lib_LTLIBRARIES = pam_p11_openssh.la  pam_p11_opensc.la 
+ 
+diff --git a/src/pam_p11.exports b/src/pam_p11.exports
+new file mode 100644
+index 000..416cde1
+--- /dev/null
 b/src/pam_p11.exports
+@@ -0,0 +1,6 @@
++pam_sm_authenticate
++pam_sm_setcred
++pam_sm_acct_mgmt
++pam_sm_open_session
++pam_sm_close_session
++pam_sm_chauthtok
+-- 
+2.10.2
+

diff --git a/sys-auth/pam_p11/pam_p11-0.1.5-r2.ebuild 
b/sys-auth/pam_p11/pam_p11-0.1.5-r2.ebuild
index 45058fdce0e..8e7e780a8cc 100644
--- a/sys-auth/pam_p11/pam_p11-0.1.5-r2.ebuild
+++ b/sys-auth/pam_p11/pam_p11-0.1.5-r2.ebuild
@@ -3,7 +3,7 @@
 
 EAPI=6
 
-inherit pam flag-o-matic
+inherit autotools pam flag-o-matic
 
 DESCRIPTION="PAM module for authenticating against PKCS#11 tokens"
 HOMEPAGE="https://github.com/opensc/pam_p11/wiki;
@@ -20,16 +20,13 @@ RDEPEND="virtual/pam
 DEPEND="${RDEPEND}
virtual/pkgconfig"
 
-src_configure() {
-   # hide all the otherwise-exported symbols that may clash with
-   # other software loading the PAM modules (see bug #274924 as an
-   # example).
-   append-ldflags -Wl,--version-script="${FILESDIR}"/pam_symbols.ver
+PATCHES=(
+   "${FILESDIR}/${P}-build.patch"
+)
 
-   econf \
-   --disable-static \
-   --enable-fast-install \
-   || die
+src_prepare() {
+   default
+   eautoreconf
 }
 
 src_install() {