Version bump. Remove old. Update the compatibility patch. Drop old patches.

Package-Manager: portage-2.1.7.16/cvs/Linux i686
author: Paweł Hajdan <phajdan.jr@gentoo.org> 2010-02-12 10:00:24 +0000
committer: Paweł Hajdan <phajdan.jr@gentoo.org> 2010-02-12 10:00:24 +0000
commit: b94e081c144ba17372f5b32c8508007dc5f69c03 (patch)
tree: 634500a5e91ce7f44258c7085afbaecca16b375c /sys-auth
parent: version bump (#297289) - dont pre-strip (#297989) (diff)
download: historical-b94e081c144ba17372f5b32c8508007dc5f69c03.tar.gz
historical-b94e081c144ba17372f5b32c8508007dc5f69c03.tar.bz2
historical-b94e081c144ba17372f5b32c8508007dc5f69c03.zip
7 files changed, 81 insertions, 261 deletions
diff --git a/sys-auth/tcb/ChangeLog b/sys-auth/tcb/ChangeLog
index 2c0b51630a1c..08bdcdd5bf5a 100644
--- a/sys-auth/tcb/ChangeLog
+++ b/sys-auth/tcb/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for sys-auth/tcb
 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/tcb/ChangeLog,v 1.6 2010/01/19 14:37:41 phajdan.jr Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/tcb/ChangeLog,v 1.7 2010/02/12 10:00:24 phajdan.jr Exp $
+
+*tcb-1.0.4 (12 Feb 2010)
+
+  12 Feb 2010; Pawel Hajdan jr <phajdan.jr@gentoo.org>
+  -files/tcb-1.0.2-build.patch, -tcb-1.0.3-r1.ebuild, -tcb-1.0.3-r2.ebuild,
+  +tcb-1.0.4.ebuild, files/tcb-gentoo.patch, -files/tcb-xcrypt.patch:
+  Version bump. Remove old. Update the compatibility patch. Drop old
+  patches.
 
   19 Jan 2010; Pawel Hajdan jr <phajdan.jr@gentoo.org>
   files/tcb-1.0.2-build.patch:
diff --git a/sys-auth/tcb/Manifest b/sys-auth/tcb/Manifest
index 306f2d1e204e..a7d56549167e 100644
--- a/sys-auth/tcb/Manifest
+++ b/sys-auth/tcb/Manifest
@@ -1,8 +1,5 @@
-AUX tcb-1.0.2-build.patch 1061 RMD160 5bb1d6291fa5e146d1e3a6557848b9fdd9051e24 SHA1 3a8a776f617da4c880db5fd0d5698b95830a4260 SHA256 ce2b79a60cd2164c91bd66b932d6c7981f8019c75b2a193e63b957b7002cec6c
-AUX tcb-gentoo.patch 3079 RMD160 284a3258d07943f772165ab4fa4a7c56feea1bd8 SHA1 703fd93f83654ee16b1fcb28de9266e2e0b35a67 SHA256 9477eac400f0317da89fde7a99d5c5b8a9fd3c462bf634ad502a2ff935d5c20f
-AUX tcb-xcrypt.patch 1512 RMD160 a470ebc0493f0b68165cbef9f3d19fb2cdd83234 SHA1 140f955f612f959dc8a9fab8278a75f17b7b5a68 SHA256 a28a41cf5ae153538c28f1eecb39659d31e6856e2f24cb2fa664af544ba8eefa
-DIST tcb-1.0.3.tar.gz 40573 RMD160 997896ee0d6ec4deaccff63351a0d976acdc17de SHA1 76284af350338d5f76ca3c0fa96def45af59b6e2 SHA256 3eda3953c5e8d3c0c6cbc0941a2bb9f6fe5a862b4cfbd01c23acf64ccbd73373
-EBUILD tcb-1.0.3-r1.ebuild 1258 RMD160 cf5d8448e3315b9395377ec3502ca871c6d911aa SHA1 3aef3020870d94ab06fe568229247ba174e2495a SHA256 b7c7c545c0c0ddec11a20c5b8cdc6ee75fc43eda03a5f8275c47b5f4188fadcc
-EBUILD tcb-1.0.3-r2.ebuild 1232 RMD160 a9e4effe1dff51c275084a1999b96b9b643b5925 SHA1 85709d698c6502f2ef949165e899def5c0c6bbc9 SHA256 d5062c0967c2baae5d9fd3bcf612f05146be1d52e595643d5df98158df36ca8a
-MISC ChangeLog 2791 RMD160 f793d93b7e5b8601d30fd24787e93521d93383bb SHA1 ff5830608abd2d38ac6ad1f9872431742bfde6ed SHA256 9a5e35aeb6dc76935d89b60a31e38fa13cb9c6abdb537c49a7cb4443a635e0e2
+AUX tcb-gentoo.patch 2430 RMD160 e1f1b37c6fdbdab22cfb12470d9fdf9f4cfd8221 SHA1 f37fbde0c7de7827398cbb8dbda0554d1b1c23f0 SHA256 083e44898573d295995ac68f5d49c61c28a1b14a4566168a573993760e750bf5
+DIST tcb-1.0.4.tar.gz 41089 RMD160 ab6dad36b4cc4ef6b73f22de401945f9c13a9fc7 SHA1 e9bfa9862dc21717f42083d82a6e34e296a93b11 SHA256 3f303e260133ae4babef657bc3125bd09c058f02701b7bc743c85710dc146fbf
+EBUILD tcb-1.0.4.ebuild 1406 RMD160 aa796663b49f33995441a83a76b4980c9642a77a SHA1 34518717fc14f7227ca9f25fff0257540233b010 SHA256 83b01eb3aa014fa373aa2c6c0f0afa289f2e7f4513d3d14c04f41462a776797c
+MISC ChangeLog 3099 RMD160 3339eb32e38e04494e8d27649535dfe588dfc953 SHA1 742efa53b036c0c82cf71dd2dd742e0706804c16 SHA256 6e6ccad8e5cacb10733b1b782a682034b35b07d0e120e8d303a7ae0f61999d1a
 MISC metadata.xml 264 RMD160 810ddb750010a91dd4396d8026577db947322856 SHA1 149b97dabb0453fff291f29c02f067b2677e19aa SHA256 28d63d15fc99d3fa478f0e1e43398d35be201ca9b56db207687631a02a315652
diff --git a/sys-auth/tcb/files/tcb-1.0.2-build.patch b/sys-auth/tcb/files/tcb-1.0.2-build.patch
deleted file mode 100644
index 60cc1c519354..000000000000
--- a/sys-auth/tcb/files/tcb-1.0.2-build.patch
+++ /dev/null
@@ -1,37 +0,0 @@
---- tcb-1.0/libs/Makefile
-+++ tcb-1.0/libs/Makefile
-@@ -17,13 +17,13 @@
- 	$(CC) $(CFLAGS) $(DBGFLAG) -c $< -o $@
- 
- $(LIBTCB_LONG): libtcb.o $(LIB_MAP)
--	$(CC) $(DBGFLAG) -shared -o $@ -Wl,-soname,$(LIBTCB) \
-+	$(CC) $(LDFLAGS) $(DBGFLAG) -shared -o $@ -Wl,-soname,$(LIBTCB) \
- 		-Wl,--version-script=$(LIB_MAP) $< -lc
- 	ln -sf $@ $(LIBTCB)
- 	ln -sf $(LIBTCB) libtcb.so
- 
- $(LIBNSS): nss.o $(NSS_MAP) $(LIBTCB_LONG)
--	$(CC) $(DBGFLAG) -shared -o $@ -Wl,--version-script=$(NSS_MAP) \
-+	$(CC) $(LDFLAGS) $(DBGFLAG) -shared -o $@ -Wl,-soname,$@ -Wl,--version-script=$(NSS_MAP) \
- 		$< -L. $(LIBNSL) -ltcb
- 
- .c.o:
---- tcb-1.0/progs/Makefile
-+++ tcb-1.0/progs/Makefile
-@@ -7,13 +7,13 @@
- all: $(CONVERT) $(UNCONVERT) $(CHKPWD)
- 
- $(CONVERT): $(CONVERT).o
--	$(CC) -o $@ $<
-+	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $<
- 
- $(UNCONVERT): $(UNCONVERT).o
--	$(CC) -o $@ $< -L../libs -ltcb
-+	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< -L../libs -ltcb
- 
- $(CHKPWD): $(CHKPWD).o
--	$(CC) -o $@ $< -lcrypt
-+	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< -lcrypt
- 
- .c.o:
- 	$(CC) $(CFLAGS) -c $< -o $@
diff --git a/sys-auth/tcb/files/tcb-gentoo.patch b/sys-auth/tcb/files/tcb-gentoo.patch
index ee681854f784..3cdab6e25879 100644
--- a/sys-auth/tcb/files/tcb-gentoo.patch
+++ b/sys-auth/tcb/files/tcb-gentoo.patch
@@ -1,121 +1,51 @@
 --- pam_tcb/support.c.orig	2010-01-17 12:22:29.000000000 +0100
-+++ pam_tcb/support.c	2010-01-17 15:47:38.000000000 +0100
-@@ -466,6 +466,39 @@
++++ pam_tcb/support.c	2010-02-12 10:47:37.000000000 +0100
+@@ -466,6 +466,44 @@
  	return retval;
  }
  
-+static char i64c(int i)
-+{
-+	if (i < 0)
-+		return '.';
-+	if (i > 63)
-+		return 'z';
-+	
-+	if (i == 0)
-+		return '.';
-+	if (i == 1)
-+		return '/';
-+	if (i >= 2 && i <= 11)
-+		return ('0' - 2 + i);
-+	if (i >= 12 && i <= 37)
-+		return ('A' - 12 + i);
-+	if (i >= 38 && i <= 63)
-+		return ('a' - 38 + i);
-+	
-+	return '\0';
-+}
++static unsigned char _crypt_itoa64[64 + 1] =
++	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
 +
-+static char *make_salt(const char *prefix, const char *entropy,
-+    int entropy_size)
++static char *crypt_gensalt_ra(const char *prefix, unsigned long count,
++    const char *entropy, int entropy_size)
 +{
-+	char salt[64];
++	if (count != 0)
++		return NULL;
++	if (entropy_size < 3)
++		return NULL;
++	char* salt = malloc(strlen(prefix) + entropy_size/3*4 + 1);
++	if (!salt)
++		return NULL;
 +	char *sp = stpcpy(salt, prefix);
 +	int i;
-+	for (i = 0; i < entropy_size / 2; i++)
-+		*sp++ = i64c(entropy[i] & 077);
++	for (i = 0; entropy_size >= 3 * (i + 1); i++) {
++		unsigned long value =
++			((unsigned long)(unsigned char)entropy[3 * i]) |
++			((unsigned long)(unsigned char)entropy[3 * i + 1] << 8) |
++			((unsigned long)(unsigned char)entropy[3 * i + 2] << 16);
++		*sp++ = _crypt_itoa64[value & 0x3f];
++		*sp++ = _crypt_itoa64[(value >> 6) & 0x3f];
++		*sp++ = _crypt_itoa64[(value >> 12) & 0x3f];
++		*sp++ = _crypt_itoa64[(value >> 18) & 0x3f];
++	}
 +	*sp = '\0';
-+	return strdup(salt);
++	return salt;
++}
++
++static char *crypt_ra(const char *key, const char *salt,
++    void **data, int *size)
++{
++	*size = sizeof(struct crypt_data);
++	if (!(*data = calloc(1, *size)))
++		return NULL;
++	return crypt_r(key, salt, *data);
 +}
 +
  static int check_crypt(pam_handle_t *pamh, const char *pass,
      const char *stored_hash)
  {
-@@ -481,11 +514,11 @@
- 
- 	/* This exists because of timing attacks. */
- 	memset(input, 0x55, sizeof(input));
--	fake_salt = crypt_gensalt_ra(pam_unix_param.crypt_prefix,
--	    pam_unix_param.count, input, sizeof(input));
-+	fake_salt = make_salt(pam_unix_param.crypt_prefix,
-+	    input, sizeof(input));
- 
- 	if (!fake_salt) {
--		pam_syslog(pamh, LOG_CRIT, "crypt_gensalt_ra: %m");
-+		pam_syslog(pamh, LOG_CRIT, "make_salt: %m");
- 		return PAM_BUF_ERR;
- 	}
- 
-@@ -816,22 +849,21 @@
- 	return PAM_SUCCESS;
- }
- 
--static char *crypt_wrapper_ra(pam_handle_t *pamh, const char *key,
-+static char *crypt_wrapper_r(pam_handle_t *pamh, const char *key,
-     const char *salt)
- {
--	char *retval;
--	void *data = NULL;
--	int size = 0;
-+	char *retval = NULL;
-+	struct crypt_data *cdata = malloc(sizeof(*cdata));
- 
--	retval = crypt_ra(key, salt, &data, &size);
--	if (retval)
--		retval = strdup(retval); /* we return NULL if strdup fails */
--	else
--		pam_syslog(pamh, LOG_CRIT, "crypt_ra: %m");
--	if (data) {
--		memset(data, 0, size);
--		free(data);
-+	if (cdata != NULL) {
-+		cdata->initialized = 0;
-+		retval = strdup(crypt_r(key, salt, cdata));
-+		if (!retval)
-+			pam_syslog(pamh, LOG_CRIT, "crypt_r: %m");
-+		memset(cdata, '\0', sizeof(*cdata));
-+		free(cdata);
- 	}
-+
- 	return retval;
- }
- 
-@@ -841,7 +873,7 @@
- 	char *retval;
- 
- 	if (off(UNIX_PLAIN_CRYPT))
--		return crypt_wrapper_ra(pamh, key, salt);
-+		return crypt_wrapper_r(pamh, key, salt);
- 
- 	errno = 0;
- 	retval = crypt(key, salt);
-@@ -873,13 +905,13 @@
- 	}
- 	close(fd);
- 
--	salt = crypt_gensalt_ra(pam_unix_param.crypt_prefix,
--	    pam_unix_param.count, entropy, sizeof(entropy));
-+	salt = make_salt(pam_unix_param.crypt_prefix,
-+	    entropy, sizeof(entropy));
- 
- 	memset(entropy, 0, sizeof(entropy));
- 
- 	if (!salt) {
--		pam_syslog(pamh, LOG_CRIT, "crypt_gensalt_ra: %m");
-+		pam_syslog(pamh, LOG_CRIT, "make_salt: %m");
- 		return NULL;
- 	}
- 
-@@ -1019,7 +1051,7 @@
+@@ -1019,28 +1057,16 @@
  		if (!parse_opt(pamh, *argv, the_cmdline_opts))
  			return 0;
  	param = get_optval("prefix=", the_cmdline_opts);
@@ -124,3 +54,27 @@
  
  	param = get_optval("helper=", the_cmdline_opts);
  	pam_unix_param.helper = param ?: CHKPWD_HELPER;
+ 
+ 	param = get_optval("count=", the_cmdline_opts);
+ 	if (param) {
+-		char *end;
+-		/*
+-		 * SUSv2 says:
+-		 * Because 0 and ULONG_MAX are returned on error and
+-		 * are also valid returns on success, an application
+-		 * wishing to check for error situations should set
+-		 * errno to 0, then call strtoul(), then check errno.
+-		 */
+-		errno = 0;
+-		pam_unix_param.count = strtoul(param, &end, 10);
+-		if (errno || !*param || *end) {
+-			pam_syslog(pamh, LOG_ERR,
+-			    "Invalid count= argument: %s", param);
+-			return 0;
+-		}
++		pam_syslog(pamh, LOG_ERR,
++			"count= parameter is not supported without Openwall libcrypt extensions");
++		return 0;
+ 	} else
+ 		pam_unix_param.count = 0;
+ 
diff --git a/sys-auth/tcb/files/tcb-xcrypt.patch b/sys-auth/tcb/files/tcb-xcrypt.patch
deleted file mode 100644
index ec7f08c0b37b..000000000000
--- a/sys-auth/tcb/files/tcb-xcrypt.patch
+++ /dev/null
@@ -1,50 +0,0 @@
---- pam_tcb/support.c.orig	2009-12-27 16:33:28.000000000 +0100
-+++ pam_tcb/support.c	2009-12-27 16:34:03.000000000 +0100
-@@ -10,7 +10,7 @@
- #include <signal.h>
- #include <pwd.h>
- #include <shadow.h>
--#include <crypt.h>
-+#include <xcrypt.h>
- #include <sys/types.h>
- #include <sys/wait.h>
- #include <rpcsvc/ypclnt.h>
-@@ -481,11 +481,11 @@
- 
- 	/* This exists because of timing attacks. */
- 	memset(input, 0x55, sizeof(input));
--	fake_salt = crypt_gensalt_ra(pam_unix_param.crypt_prefix,
-+	fake_salt = xcrypt_gensalt_ra(pam_unix_param.crypt_prefix,
- 	    pam_unix_param.count, input, sizeof(input));
- 
- 	if (!fake_salt) {
--		pam_syslog(pamh, LOG_CRIT, "crypt_gensalt_ra: %m");
-+		pam_syslog(pamh, LOG_CRIT, "xcrypt_gensalt_ra: %m");
- 		return PAM_BUF_ERR;
- 	}
- 
-@@ -823,11 +823,11 @@
- 	void *data = NULL;
- 	int size = 0;
- 
--	retval = crypt_ra(key, salt, &data, &size);
-+	retval = xcrypt_ra(key, salt, &data, &size);
- 	if (retval)
- 		retval = strdup(retval); /* we return NULL if strdup fails */
- 	else
--		pam_syslog(pamh, LOG_CRIT, "crypt_ra: %m");
-+		pam_syslog(pamh, LOG_CRIT, "xcrypt_ra: %m");
- 	if (data) {
- 		memset(data, 0, size);
- 		free(data);
---- pam_tcb/Makefile.orig	2009-12-27 16:38:53.000000000 +0100
-+++ pam_tcb/Makefile	2009-12-27 16:39:10.000000000 +0100
-@@ -13,7 +13,7 @@
- 
- $(PAM_TCB): $(LIBOBJ) $(PAM_MAP)
- 	$(CC) $(LDFLAGS) -shared -o $@ -Wl,--version-script=$(PAM_MAP) \
--		$(LIBOBJ) -lnsl -lcrypt -lpam -ltcb
-+		$(LIBOBJ) -lnsl -lxcrypt -lpam -ltcb
- 
- .c.o:
- 	$(CC) $(CFLAGS) -fPIC -c $< -o $@
diff --git a/sys-auth/tcb/tcb-1.0.3-r1.ebuild b/sys-auth/tcb/tcb-1.0.3-r1.ebuild
deleted file mode 100644
index 51c9ec111320..000000000000
--- a/sys-auth/tcb/tcb-1.0.3-r1.ebuild
+++ /dev/null
@@ -1,53 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/tcb/tcb-1.0.3-r1.ebuild,v 1.1 2010/01/12 17:59:48 phajdan.jr Exp $
-
-inherit eutils multilib
-
-DESCRIPTION="Libraries and tools implementing the tcb password shadowing scheme"
-HOMEPAGE="http://www.openwall.com/tcb/"
-SRC_URI="ftp://ftp.openwall.com/pub/projects/tcb/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="pam"
-
-DEPEND=">=sys-libs/libxcrypt-2.4
-	pam? ( >=sys-libs/pam-0.75 )"
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
-	for group in auth chkpwd shadow ; do
-		enewgroup ${group}
-	done
-
-	mymakeopts="
-		SLIBDIR=/$(get_libdir)
-		LIBDIR=/usr/$(get_libdir)
-		MANDIR=/usr/share/man
-		DESTDIR='${D}'"
-}
-
-src_unpack() {
-	unpack ${A}
-	cd "${S}"
-
-	epatch "${FILESDIR}"/${PN}-1.0.2-build.patch
-	epatch "${FILESDIR}"/${PN}-xcrypt.patch
-	use pam || sed -i '/pam/d' Makefile
-}
-
-src_compile() {
-	emake $mymakeopts || die "emake failed"
-}
-
-src_install() {
-	emake $mymakeopts install || die "emake install failed"
-	dodoc ChangeLog
-}
-
-pkg_postinst() {
-	einfo "You must now run /sbin/tcb_convert to convert your shadow to tcb"
-	einfo "To remove this you must first run /sbin/tcp_unconvert and then unmerge"
-}
diff --git a/sys-auth/tcb/tcb-1.0.3-r2.ebuild b/sys-auth/tcb/tcb-1.0.4.ebuild
index fab566c5e830..e4923a643ef3 100644
--- a/sys-auth/tcb/tcb-1.0.3-r2.ebuild
+++ b/sys-auth/tcb/tcb-1.0.4.ebuild
@@ -1,6 +1,8 @@
 # Copyright 1999-2010 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/tcb/tcb-1.0.3-r2.ebuild,v 1.1 2010/01/17 14:55:16 phajdan.jr Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/tcb/tcb-1.0.4.ebuild,v 1.1 2010/02/12 10:00:24 phajdan.jr Exp $
+
+EAPI="2"
 
 inherit eutils multilib
 
@@ -11,9 +13,9 @@ SRC_URI="ftp://ftp.openwall.com/pub/projects/tcb/${P}.tar.gz"
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="~amd64 ~x86"
-IUSE="pam"
+IUSE=""
 
-DEPEND="pam? ( >=sys-libs/pam-0.75 )"
+DEPEND=">=sys-libs/pam-0.75"
 RDEPEND="${DEPEND}"
 
 pkg_setup() {
@@ -28,13 +30,12 @@ pkg_setup() {
 		DESTDIR='${D}'"
 }
 
-src_unpack() {
-	unpack ${A}
-	cd "${S}"
-
-	epatch "${FILESDIR}"/${PN}-1.0.2-build.patch
+src_prepare() {
+	# We don't have Openwall glibc extensions. The patch makes it possible
+	# to run tcb with normal glibc. It has been reviewed by upstream, but
+	# is not going to be accepted. The plan is to add support for sha hashes
+	# to Openwall's crypto routines and use them when that's available.
 	epatch "${FILESDIR}"/${PN}-gentoo.patch
-	use pam || sed -i '/pam/d' Makefile
 }
 
 src_compile() {
author	Paweł Hajdan <phajdan.jr@gentoo.org>	2010-02-12 10:00:24 +0000
committer	Paweł Hajdan <phajdan.jr@gentoo.org>	2010-02-12 10:00:24 +0000
commit	b94e081c144ba17372f5b32c8508007dc5f69c03 (patch)
tree	634500a5e91ce7f44258c7085afbaecca16b375c /sys-auth
parent	version bump (#297289) - dont pre-strip (#297989) (diff)
download	historical-b94e081c144ba17372f5b32c8508007dc5f69c03.tar.gz historical-b94e081c144ba17372f5b32c8508007dc5f69c03.tar.bz2 historical-b94e081c144ba17372f5b32c8508007dc5f69c03.zip