From 2168be7aac47683b35d67984a1a27e35ee6298fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20F=C3=B6rster?= Date: Sat, 16 Apr 2016 16:27:16 +0200 Subject: [PATCH] [sys-auth/pam_mysql] pull in a warning fix from Niels Laukens --- sys-auth/pam_mysql/Manifest | 1 + .../files/pam_mysql-0.7_rc1-crypt.patch | 44 +++++++++++++++++ .../files/pam_mysql-0.7_rc1-link-to-pam.diff | 9 ++++ .../files/pam_mysql-0.7_rc1-memleak.diff | 10 ++++ .../pam_mysql/pam_mysql-0.7_rc1-r6.ebuild | 47 +++++++++++++++++++ 5 files changed, 111 insertions(+) create mode 100644 sys-auth/pam_mysql/Manifest create mode 100644 sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-crypt.patch create mode 100644 sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-link-to-pam.diff create mode 100644 sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-memleak.diff create mode 100644 sys-auth/pam_mysql/pam_mysql-0.7_rc1-r6.ebuild diff --git a/sys-auth/pam_mysql/Manifest b/sys-auth/pam_mysql/Manifest new file mode 100644 index 0000000..0a9d651 --- /dev/null +++ b/sys-auth/pam_mysql/Manifest @@ -0,0 +1 @@ +DIST pam_mysql-0.7RC1.tar.gz 335240 SHA256 cb3cf89b9b51cb196ee8d731f85acbab72b4878a3a7c4183c5534161d4385ce7 SHA512 c057999c62d29dfa7a07db9a8d33d0cf0377dae4770c73019bd85f67c9c92fc9dac36fa606739162a5f7b0f9fbd849e5833fee827febfe4af883b8c2ddbd8b4f WHIRLPOOL 4d47d4be6c95ad70705884f2023975a719d06915ac41738d7c28ceff2d57e0c58187b52314e1f11e0e4bcfe3b3471525a3e97591d653342847f1d2ed66ecdc57 diff --git a/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-crypt.patch b/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-crypt.patch new file mode 100644 index 0000000..8715ed2 --- /dev/null +++ b/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-crypt.patch @@ -0,0 +1,44 @@ +From af6c8bb9e0375dda6cee20b3de6a23f5d7087635 Mon Sep 17 00:00:00 2001 +From: Niels Laukens +Date: Sun, 22 Nov 2015 16:30:08 +0100 +Subject: [PATCH] Bugfix spurious crypt() warning in log + +The crypt() function returns NULL on error, or the string otherwise. +Only in the case of an error (i.e. NULL return) is the value of errno +useful. + +On my system, crypt() works as expected, but errno is set to ENOENT, +because the last system call that was executed tried to open +'/proc/sys/crypto/fips_enabled', which does not exist on my system. +However, crypt() works fine without that file, but doesn't reset errno +to 0. + +This patch fixes that behaviour, by explicitly checking for a NULL +return value, and only then examining errno. + +It also works around undefined behaviour (strcmp with a NULL argument), +and makes sure that the password is considered NOT to match if crypt() +fails. +--- + pam_mysql.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/pam_mysql.c b/pam_mysql.c +index 1ba8dec..ace9d55 100644 +--- a/pam_mysql.c ++++ b/pam_mysql.c +@@ -2872,9 +2872,12 @@ static pam_mysql_err_t pam_mysql_check_passwd(pam_mysql_ctx_t *ctx, + + /* ENCRYPT */ + case 1: +- vresult = strcmp(row[0], crypt(passwd, row[0])); +- if (errno) { ++ char *crypted_password = crypt(passwd, row[0]); ++ if (crypted_password == NULL) { + syslog(LOG_AUTHPRIV | LOG_ERR, PAM_MYSQL_LOG_PREFIX "something went wrong when invoking crypt() - %s", strerror(errno)); ++ vresult = 1; // fail ++ } else { ++ vresult = strcmp(row[0], crypted_password); + } + break; + diff --git a/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-link-to-pam.diff b/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-link-to-pam.diff new file mode 100644 index 0000000..0b32b37 --- /dev/null +++ b/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-link-to-pam.diff @@ -0,0 +1,9 @@ +--- pam_mysql-0.7RC1/Makefile.am 2005-09-20 07:43:44.000000000 +0200 ++++ pam_mysql-0.7RC1-1/Makefile.am 2011-09-13 09:21:53.198200066 +0200 +@@ -3,5 +3,6 @@ + noinst_FILES=pam_mysql.la pam_mysql.a + pam_mysql_la_SOURCES=pam_mysql.c + pam_mysql_la_LDFLAGS=-module -avoid-version ++pam_mysql_la_LIBADD=-lpam + INCLUDES=@INCLUDES@ + EXTRA_DIST=COPYING NEWS README CREDITS ChangeLog INSTALL pam_mysql.spec.in install-sh missing mkinstalldirs pkg.m4 pam_mysql.spec diff --git a/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-memleak.diff b/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-memleak.diff new file mode 100644 index 0000000..e746be7 --- /dev/null +++ b/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-memleak.diff @@ -0,0 +1,10 @@ +--- pam_mysql-0.7RC1/pam_mysql.c 2006-01-09 11:35:59.000000000 +0100 ++++ pam_mysql-0.7RC1-1/pam_mysql.c 2011-10-18 20:26:38.655425994 +0200 +@@ -2338,6 +2338,7 @@ + } + + mysql_close(ctx->mysql_hdl); ++ mysql_library_end(); + + xfree(ctx->mysql_hdl); + ctx->mysql_hdl = NULL; diff --git a/sys-auth/pam_mysql/pam_mysql-0.7_rc1-r6.ebuild b/sys-auth/pam_mysql/pam_mysql-0.7_rc1-r6.ebuild new file mode 100644 index 0000000..e0be3a9 --- /dev/null +++ b/sys-auth/pam_mysql/pam_mysql-0.7_rc1-r6.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit autotools-utils pam + +DESCRIPTION="pam_mysql is a module for pam to authenticate users with mysql" +HOMEPAGE="http://pam-mysql.sourceforge.net/" + +SRC_URI="mirror://sourceforge/pam-mysql/${P/_rc/RC}.tar.gz" +DEPEND=" + openssl? ( dev-libs/openssl:0= ) + >=sys-libs/pam-0.72:0= + virtual/mysql:0= + " +RDEPEND="${DEPEND}" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 ppc sparc x86" +IUSE="openssl" +S="${WORKDIR}/${P/_rc/RC}" + +PATCHES=( + "${FILESDIR}/${P}-link-to-pam.diff" + "${FILESDIR}/${P}-memleak.diff" + "${FILESDIR}/${P}-crypt.patch" + ) +DOCS=( CREDITS ChangeLog NEWS README ) +AUTOTOOLS_AUTORECONF="yes" +AUTOTOOLS_PRUNE_LIBTOOL_FILES="modules" + +src_prepare() { + # Update autotools deprecated file name and macro for bug 468750 + mv configure.in configure.ac || die "configure rename failed" + sed -i s/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/ configure.ac || die "sed failed" + autotools-utils_src_prepare +} + +src_configure() { + local myeconfargs=( $(use_with openssl) ) + autotools-utils_src_configure +} + +src_install() { + autotools-utils_src_install libdir="$(getpam_mod_dir)" +}