diff options
author | Tavis Ormandy <taviso@gentoo.org> | 2005-03-03 15:43:47 +0000 |
---|---|---|
committer | Tavis Ormandy <taviso@gentoo.org> | 2005-03-03 15:43:47 +0000 |
commit | 31308538e00ca21135f70a35a77d6673cbc7b0af (patch) | |
tree | 5cc021b53c84e26735bd072d4b74f0c4cf5f0344 /app-admin | |
parent | new upstream release (development branch). fixes bug #82807. (diff) | |
download | gentoo-2-31308538e00ca21135f70a35a77d6673cbc7b0af.tar.gz gentoo-2-31308538e00ca21135f70a35a77d6673cbc7b0af.tar.bz2 gentoo-2-31308538e00ca21135f70a35a77d6673cbc7b0af.zip |
fixing #71015
(Portage version: 2.0.51.18)
Diffstat (limited to 'app-admin')
-rw-r--r-- | app-admin/skey/ChangeLog | 9 | ||||
-rw-r--r-- | app-admin/skey/Manifest | 21 | ||||
-rw-r--r-- | app-admin/skey/files/digest-skey-1.1.5-r5 | 1 | ||||
-rw-r--r-- | app-admin/skey/files/skey-1.1.5-otp.diff | 59 | ||||
-rw-r--r-- | app-admin/skey/skey-1.1.5-r5.ebuild | 109 |
5 files changed, 184 insertions, 15 deletions
diff --git a/app-admin/skey/ChangeLog b/app-admin/skey/ChangeLog index 91e393adad9c..a3b4e1e309d5 100644 --- a/app-admin/skey/ChangeLog +++ b/app-admin/skey/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for app-admin/skey # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/skey/ChangeLog,v 1.29 2005/02/07 18:02:40 gustavoz Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/skey/ChangeLog,v 1.30 2005/03/03 15:43:47 taviso Exp $ + +*skey-1.1.5-r5 (03 Mar 2005) + + 03 Mar 2005; Tavis Ormandy <taviso@gentoo.org> +files/skey-1.1.5-otp.diff, + +skey-1.1.5-r5.ebuild: + fixing #71015, add convienience links for skey invokation, otp-xxx. + Thanks to Ulrich Mueller for the patch. 07 Feb 2005; Gustavo Zacarias <gustavoz@gentoo.org> skey-1.1.5-r4.ebuild: Stable on sparc diff --git a/app-admin/skey/Manifest b/app-admin/skey/Manifest index 8e87ab36df4c..6e94e1a1b421 100644 --- a/app-admin/skey/Manifest +++ b/app-admin/skey/Manifest @@ -1,19 +1,12 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - +MD5 f9ae9e48eb3c1c9115e24f5cf21dce4e skey-1.1.5-r4.ebuild 2865 +MD5 138cf9abba294be5ff7f491401e71ab2 skey-1.1.5-r3.ebuild 2276 +MD5 bb2821dc6a6fde3b56542fdb4aac1803 skey-1.1.5-r5.ebuild 2990 MD5 071de38de0a17deed54b1b7a145b7eba ChangeLog 3995 MD5 fb946a077c4e2ae03befc41f3a095b39 metadata.xml 1425 -MD5 138cf9abba294be5ff7f491401e71ab2 skey-1.1.5-r3.ebuild 2276 -MD5 f9ae9e48eb3c1c9115e24f5cf21dce4e skey-1.1.5-r4.ebuild 2865 -MD5 c402251257567c1f0321c9c426144ced files/digest-skey-1.1.5-r3 62 -MD5 c402251257567c1f0321c9c426144ced files/digest-skey-1.1.5-r4 62 MD5 ab3f803b5ad68dc89dfb5b544342b403 files/skey-1.1.5-fPIC.patch 271 MD5 c862d14e1478ec91ed4c5b97f124ea08 files/skey-1.1.5-gentoo.diff.gz 37614 +MD5 f227550f3aee8a1988f3bbc6176cbaf8 files/skey-1.1.5-otp.diff 1437 +MD5 c402251257567c1f0321c9c426144ced files/digest-skey-1.1.5-r3 62 +MD5 c402251257567c1f0321c9c426144ced files/digest-skey-1.1.5-r4 62 +MD5 c402251257567c1f0321c9c426144ced files/digest-skey-1.1.5-r5 62 MD5 2bc2fd632a13d33a3832ec3bf2449c1b files/skey-login_name_max.diff 386 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.2.6 (GNU/Linux) - -iD8DBQFCB61CKRy60XGEcJIRAvIGAJ413lONDK+o7A4bUYaEDuo+BwdfKgCdEMoV -/qZjTna6W8XHIb9ZqUcIFXo= -=T76P ------END PGP SIGNATURE----- diff --git a/app-admin/skey/files/digest-skey-1.1.5-r5 b/app-admin/skey/files/digest-skey-1.1.5-r5 new file mode 100644 index 000000000000..2c986e527d5d --- /dev/null +++ b/app-admin/skey/files/digest-skey-1.1.5-r5 @@ -0,0 +1 @@ +MD5 af816298e3a0bc722380d0fe480189d9 skey-1.1.5.tar.bz2 61911 diff --git a/app-admin/skey/files/skey-1.1.5-otp.diff b/app-admin/skey/files/skey-1.1.5-otp.diff new file mode 100644 index 000000000000..33c9b3dbac23 --- /dev/null +++ b/app-admin/skey/files/skey-1.1.5-otp.diff @@ -0,0 +1,59 @@ +diff -Nur skey-1.1.5.orig/skey.c skey-1.1.5/skey.c +--- skey-1.1.5.orig/skey.c 2004-11-12 23:09:02.382529123 +0100 ++++ skey-1.1.5/skey.c 2004-11-12 23:23:09.864378849 +0100 +@@ -46,6 +46,17 @@ + char passwd[SKEY_MAX_PW_LEN+1], key[SKEY_BINKEY_SIZE]; + char buf[33], *seed, *slash, *t; + ++ /* If we were called as otp-METHOD, set algorithm based on that */ ++ if ((slash = strrchr(argv[0], '/'))) ++ slash++; ++ else ++ slash = argv[0]; ++ if (strncmp(slash, "otp-", 4) == 0) { ++ slash += 4; ++ if (skey_set_algorithm(slash) == NULL) ++ errx(1, "Unknown hash algorithm %s", slash); ++ } ++ + while ((i = getopt(argc, argv, "fn:p:t:x")) != -1) { + switch(i) { + case 'f': +diff -Nur skey-1.1.5.orig/skey.1 skey-1.1.5/skey.1 +--- skey-1.1.5.orig/skey.1 2004-11-12 23:09:02.375530148 +0100 ++++ skey-1.1.5/skey.1 2004-11-12 23:41:43.298268426 +0100 +@@ -6,7 +6,7 @@ + .Dt SKEY 1 + .Os + .Sh NAME +-.Nm skey ++.Nm skey, otp-md4, otp-md5, otp-sha1 + .Nd respond to an OTP challenge + .Sh SYNOPSIS + .Nm +@@ -27,13 +27,24 @@ + .Pp + .Em S/Key + uses 64 bits of information, transformed by the +-.Tn MD4 ++.Tn MD5 + algorithm into 6 English words. + The user supplies the words to authenticate himself to programs like + .Xr login 1 + or + .Xr ftpd 8 . + .Pp ++When ++.Nm skey ++is invoked as ++.Nm otp-method , ++.Nm skey ++will use ++.Ar method ++as the hash function where ++.Ar method ++is currently one of md4, md5, or sha1. ++.Pp + Example use of the + .Em S/Key + program diff --git a/app-admin/skey/skey-1.1.5-r5.ebuild b/app-admin/skey/skey-1.1.5-r5.ebuild new file mode 100644 index 000000000000..2837b9474659 --- /dev/null +++ b/app-admin/skey/skey-1.1.5-r5.ebuild @@ -0,0 +1,109 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/skey/skey-1.1.5-r5.ebuild,v 1.1 2005/03/03 15:43:47 taviso Exp $ + +inherit flag-o-matic ccc eutils + +DESCRIPTION="Linux Port of OpenBSD Single-key Password System" +HOMEPAGE="http://www.sparc.spb.su/solaris/skey/" +SRC_URI="mirror://gentoo/${P}.tar.bz2" + +LICENSE="BSD X11" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="" + +DEPEND="sys-libs/cracklib + sys-apps/shadow + dev-lang/perl + virtual/libc" +# XXX: skeyaudit requires mailx. + +src_unpack() { + unpack ${A} ; cd ${S} + + # porting some updates to this skey implementation from the + # NetBSD project, some other updates and fixes, and the addition + # of some new features like shadow password and cracklib support. + # (05 Nov 2003) -taviso@gentoo.org + epatch ${FILESDIR}/skey-1.1.5-gentoo.diff.gz + + # glibc 2.2.x does not define LOGIN_NAME_MAX #33315 + # (12 Nov 2003) -taviso@gentoo.org + epatch ${FILESDIR}/skey-login_name_max.diff + + epatch ${FILESDIR}/${P}-fPIC.patch + + # allow invokation as otp-foo. #71015 + # (03 Mar 2005) -taviso. + epatch ${FILESDIR}/${P}-otp.diff + + # set the default hash function to md5, #63995 + # (14 Sep 2004) -taviso + append-flags -DSKEY_HASH_DEFAULT=1 + + # avoid suid related security issues. + append-ldflags -Wl,-z,now +} + +src_compile() { + # skeyprune wont honour @sysconfdir@ + sed -i 's#/etc/skeykeys#/etc/skey/skeykeys#g' skeyprune.pl skeyprune.8 + + # skeyprune uses a case sensitive regex to check for zeroed entries + sed -i 's#\(if ( ! /.*/\)#\1i#g' skeyprune.pl + + # skeyinit(1) describes md4 as the default hash algorithm, which + # is no longer the case. #64971 + sed -i \ + 's#\(md4\) \((the default)\), \(md5\) or \(sha1.\)#\1, \3 \2 or \4#g' \ + skeyinit.1 + + econf --sysconfdir=/etc/skey || die + emake || die +} + +src_install() { + doman skey.1 skeyaudit.1 skeyinfo.1 skeyinit.1 skeyprune.8 + dobin skey skeyinit skeyinfo || die + + dosym skey /usr/bin/otp-md4 + dosym skey /usr/bin/otp-sha1 + dosym skey /usr/bin/otp-md5 + + newsbin skeyprune.pl skeyprune + newbin skeyaudit.sh skeyaudit + dolib.a libskey.a + dolib.so libskey.so.1.1.5 libskey.so.1.1 libskey.so.1 libskey.so + + insinto /usr/include + doins skey.h + + dodir /etc/skey + + # only root needs to have access to these files. + fperms g-rx,o-rx /etc/skey + + # skeyinit and skeyinfo must be suid root so users + # can generate their passwords. + fperms u+s,og-r /usr/bin/skeyinit /usr/bin/skeyinfo + + dodoc README CHANGES md4.copyright md5.copyright + + prepallman +} + +pkg_postinst() { + # do not include /etc/skey/skeykeys in the package, as quickpkg + # may package sensitive information. + # This also fixes the etc-update issue with #64974. + + # skeyinit will not function if this file is not present. + touch /etc/skey/skeykeys + + # these permissions are applied by the skey system if missing. + chmod 0600 /etc/skey/skeykeys + + einfo "For an instroduction into using s/key authentication, take" + einfo "a look at the EXAMPLES section from the skey(1) manpage." +} |