summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTavis Ormandy <taviso@gentoo.org>2005-03-03 15:43:47 +0000
committerTavis Ormandy <taviso@gentoo.org>2005-03-03 15:43:47 +0000
commit31308538e00ca21135f70a35a77d6673cbc7b0af (patch)
tree5cc021b53c84e26735bd072d4b74f0c4cf5f0344 /app-admin
parentnew upstream release (development branch). fixes bug #82807. (diff)
downloadgentoo-2-31308538e00ca21135f70a35a77d6673cbc7b0af.tar.gz
gentoo-2-31308538e00ca21135f70a35a77d6673cbc7b0af.tar.bz2
gentoo-2-31308538e00ca21135f70a35a77d6673cbc7b0af.zip
fixing #71015
(Portage version: 2.0.51.18)
Diffstat (limited to 'app-admin')
-rw-r--r--app-admin/skey/ChangeLog9
-rw-r--r--app-admin/skey/Manifest21
-rw-r--r--app-admin/skey/files/digest-skey-1.1.5-r51
-rw-r--r--app-admin/skey/files/skey-1.1.5-otp.diff59
-rw-r--r--app-admin/skey/skey-1.1.5-r5.ebuild109
5 files changed, 184 insertions, 15 deletions
diff --git a/app-admin/skey/ChangeLog b/app-admin/skey/ChangeLog
index 91e393adad9c..a3b4e1e309d5 100644
--- a/app-admin/skey/ChangeLog
+++ b/app-admin/skey/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for app-admin/skey
# Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/skey/ChangeLog,v 1.29 2005/02/07 18:02:40 gustavoz Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/skey/ChangeLog,v 1.30 2005/03/03 15:43:47 taviso Exp $
+
+*skey-1.1.5-r5 (03 Mar 2005)
+
+ 03 Mar 2005; Tavis Ormandy <taviso@gentoo.org> +files/skey-1.1.5-otp.diff,
+ +skey-1.1.5-r5.ebuild:
+ fixing #71015, add convienience links for skey invokation, otp-xxx.
+ Thanks to Ulrich Mueller for the patch.
07 Feb 2005; Gustavo Zacarias <gustavoz@gentoo.org> skey-1.1.5-r4.ebuild:
Stable on sparc
diff --git a/app-admin/skey/Manifest b/app-admin/skey/Manifest
index 8e87ab36df4c..6e94e1a1b421 100644
--- a/app-admin/skey/Manifest
+++ b/app-admin/skey/Manifest
@@ -1,19 +1,12 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
+MD5 f9ae9e48eb3c1c9115e24f5cf21dce4e skey-1.1.5-r4.ebuild 2865
+MD5 138cf9abba294be5ff7f491401e71ab2 skey-1.1.5-r3.ebuild 2276
+MD5 bb2821dc6a6fde3b56542fdb4aac1803 skey-1.1.5-r5.ebuild 2990
MD5 071de38de0a17deed54b1b7a145b7eba ChangeLog 3995
MD5 fb946a077c4e2ae03befc41f3a095b39 metadata.xml 1425
-MD5 138cf9abba294be5ff7f491401e71ab2 skey-1.1.5-r3.ebuild 2276
-MD5 f9ae9e48eb3c1c9115e24f5cf21dce4e skey-1.1.5-r4.ebuild 2865
-MD5 c402251257567c1f0321c9c426144ced files/digest-skey-1.1.5-r3 62
-MD5 c402251257567c1f0321c9c426144ced files/digest-skey-1.1.5-r4 62
MD5 ab3f803b5ad68dc89dfb5b544342b403 files/skey-1.1.5-fPIC.patch 271
MD5 c862d14e1478ec91ed4c5b97f124ea08 files/skey-1.1.5-gentoo.diff.gz 37614
+MD5 f227550f3aee8a1988f3bbc6176cbaf8 files/skey-1.1.5-otp.diff 1437
+MD5 c402251257567c1f0321c9c426144ced files/digest-skey-1.1.5-r3 62
+MD5 c402251257567c1f0321c9c426144ced files/digest-skey-1.1.5-r4 62
+MD5 c402251257567c1f0321c9c426144ced files/digest-skey-1.1.5-r5 62
MD5 2bc2fd632a13d33a3832ec3bf2449c1b files/skey-login_name_max.diff 386
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.2.6 (GNU/Linux)
-
-iD8DBQFCB61CKRy60XGEcJIRAvIGAJ413lONDK+o7A4bUYaEDuo+BwdfKgCdEMoV
-/qZjTna6W8XHIb9ZqUcIFXo=
-=T76P
------END PGP SIGNATURE-----
diff --git a/app-admin/skey/files/digest-skey-1.1.5-r5 b/app-admin/skey/files/digest-skey-1.1.5-r5
new file mode 100644
index 000000000000..2c986e527d5d
--- /dev/null
+++ b/app-admin/skey/files/digest-skey-1.1.5-r5
@@ -0,0 +1 @@
+MD5 af816298e3a0bc722380d0fe480189d9 skey-1.1.5.tar.bz2 61911
diff --git a/app-admin/skey/files/skey-1.1.5-otp.diff b/app-admin/skey/files/skey-1.1.5-otp.diff
new file mode 100644
index 000000000000..33c9b3dbac23
--- /dev/null
+++ b/app-admin/skey/files/skey-1.1.5-otp.diff
@@ -0,0 +1,59 @@
+diff -Nur skey-1.1.5.orig/skey.c skey-1.1.5/skey.c
+--- skey-1.1.5.orig/skey.c 2004-11-12 23:09:02.382529123 +0100
++++ skey-1.1.5/skey.c 2004-11-12 23:23:09.864378849 +0100
+@@ -46,6 +46,17 @@
+ char passwd[SKEY_MAX_PW_LEN+1], key[SKEY_BINKEY_SIZE];
+ char buf[33], *seed, *slash, *t;
+
++ /* If we were called as otp-METHOD, set algorithm based on that */
++ if ((slash = strrchr(argv[0], '/')))
++ slash++;
++ else
++ slash = argv[0];
++ if (strncmp(slash, "otp-", 4) == 0) {
++ slash += 4;
++ if (skey_set_algorithm(slash) == NULL)
++ errx(1, "Unknown hash algorithm %s", slash);
++ }
++
+ while ((i = getopt(argc, argv, "fn:p:t:x")) != -1) {
+ switch(i) {
+ case 'f':
+diff -Nur skey-1.1.5.orig/skey.1 skey-1.1.5/skey.1
+--- skey-1.1.5.orig/skey.1 2004-11-12 23:09:02.375530148 +0100
++++ skey-1.1.5/skey.1 2004-11-12 23:41:43.298268426 +0100
+@@ -6,7 +6,7 @@
+ .Dt SKEY 1
+ .Os
+ .Sh NAME
+-.Nm skey
++.Nm skey, otp-md4, otp-md5, otp-sha1
+ .Nd respond to an OTP challenge
+ .Sh SYNOPSIS
+ .Nm
+@@ -27,13 +27,24 @@
+ .Pp
+ .Em S/Key
+ uses 64 bits of information, transformed by the
+-.Tn MD4
++.Tn MD5
+ algorithm into 6 English words.
+ The user supplies the words to authenticate himself to programs like
+ .Xr login 1
+ or
+ .Xr ftpd 8 .
+ .Pp
++When
++.Nm skey
++is invoked as
++.Nm otp-method ,
++.Nm skey
++will use
++.Ar method
++as the hash function where
++.Ar method
++is currently one of md4, md5, or sha1.
++.Pp
+ Example use of the
+ .Em S/Key
+ program
diff --git a/app-admin/skey/skey-1.1.5-r5.ebuild b/app-admin/skey/skey-1.1.5-r5.ebuild
new file mode 100644
index 000000000000..2837b9474659
--- /dev/null
+++ b/app-admin/skey/skey-1.1.5-r5.ebuild
@@ -0,0 +1,109 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/skey/skey-1.1.5-r5.ebuild,v 1.1 2005/03/03 15:43:47 taviso Exp $
+
+inherit flag-o-matic ccc eutils
+
+DESCRIPTION="Linux Port of OpenBSD Single-key Password System"
+HOMEPAGE="http://www.sparc.spb.su/solaris/skey/"
+SRC_URI="mirror://gentoo/${P}.tar.bz2"
+
+LICENSE="BSD X11"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE=""
+
+DEPEND="sys-libs/cracklib
+ sys-apps/shadow
+ dev-lang/perl
+ virtual/libc"
+# XXX: skeyaudit requires mailx.
+
+src_unpack() {
+ unpack ${A} ; cd ${S}
+
+ # porting some updates to this skey implementation from the
+ # NetBSD project, some other updates and fixes, and the addition
+ # of some new features like shadow password and cracklib support.
+ # (05 Nov 2003) -taviso@gentoo.org
+ epatch ${FILESDIR}/skey-1.1.5-gentoo.diff.gz
+
+ # glibc 2.2.x does not define LOGIN_NAME_MAX #33315
+ # (12 Nov 2003) -taviso@gentoo.org
+ epatch ${FILESDIR}/skey-login_name_max.diff
+
+ epatch ${FILESDIR}/${P}-fPIC.patch
+
+ # allow invokation as otp-foo. #71015
+ # (03 Mar 2005) -taviso.
+ epatch ${FILESDIR}/${P}-otp.diff
+
+ # set the default hash function to md5, #63995
+ # (14 Sep 2004) -taviso
+ append-flags -DSKEY_HASH_DEFAULT=1
+
+ # avoid suid related security issues.
+ append-ldflags -Wl,-z,now
+}
+
+src_compile() {
+ # skeyprune wont honour @sysconfdir@
+ sed -i 's#/etc/skeykeys#/etc/skey/skeykeys#g' skeyprune.pl skeyprune.8
+
+ # skeyprune uses a case sensitive regex to check for zeroed entries
+ sed -i 's#\(if ( ! /.*/\)#\1i#g' skeyprune.pl
+
+ # skeyinit(1) describes md4 as the default hash algorithm, which
+ # is no longer the case. #64971
+ sed -i \
+ 's#\(md4\) \((the default)\), \(md5\) or \(sha1.\)#\1, \3 \2 or \4#g' \
+ skeyinit.1
+
+ econf --sysconfdir=/etc/skey || die
+ emake || die
+}
+
+src_install() {
+ doman skey.1 skeyaudit.1 skeyinfo.1 skeyinit.1 skeyprune.8
+ dobin skey skeyinit skeyinfo || die
+
+ dosym skey /usr/bin/otp-md4
+ dosym skey /usr/bin/otp-sha1
+ dosym skey /usr/bin/otp-md5
+
+ newsbin skeyprune.pl skeyprune
+ newbin skeyaudit.sh skeyaudit
+ dolib.a libskey.a
+ dolib.so libskey.so.1.1.5 libskey.so.1.1 libskey.so.1 libskey.so
+
+ insinto /usr/include
+ doins skey.h
+
+ dodir /etc/skey
+
+ # only root needs to have access to these files.
+ fperms g-rx,o-rx /etc/skey
+
+ # skeyinit and skeyinfo must be suid root so users
+ # can generate their passwords.
+ fperms u+s,og-r /usr/bin/skeyinit /usr/bin/skeyinfo
+
+ dodoc README CHANGES md4.copyright md5.copyright
+
+ prepallman
+}
+
+pkg_postinst() {
+ # do not include /etc/skey/skeykeys in the package, as quickpkg
+ # may package sensitive information.
+ # This also fixes the etc-update issue with #64974.
+
+ # skeyinit will not function if this file is not present.
+ touch /etc/skey/skeykeys
+
+ # these permissions are applied by the skey system if missing.
+ chmod 0600 /etc/skey/skeykeys
+
+ einfo "For an instroduction into using s/key authentication, take"
+ einfo "a look at the EXAMPLES section from the skey(1) manpage."
+}