commit: 7cf68c1b39034ec6c2f7ba43468978c095fb8683 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> AuthorDate: Thu Jul 16 21:54:49 2015 +0000 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> CommitDate: Thu Jul 16 21:54:49 2015 +0000 URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=7cf68c1b
sys-auth/skey: two fixes. sys-auth/skey/Manifest | 6 ++ .../files/skey-1.1.5-add-include-paths_h.patch | 11 +++ sys-auth/skey/files/skey-1.1.5-ifndef__P.patch | 14 ++++ sys-auth/skey/metadata.xml | 29 ++++++++ sys-auth/skey/skey-1.1.5-r99.ebuild | 84 ++++++++++++++++++++++ 5 files changed, 144 insertions(+) diff --git a/sys-auth/skey/Manifest b/sys-auth/skey/Manifest new file mode 100644 index 0000000..d4e78d4 --- /dev/null +++ b/sys-auth/skey/Manifest @@ -0,0 +1,6 @@ +AUX skey-1.1.5-add-include-paths_h.patch 337 SHA256 23dd768cd9459a7f5f316925942c2dee62d4b2c72308a3280d32ed126ed69c44 SHA512 3a9f1d3c28015916828daa4324f67b50bcea8ca753da2c3bea5bb075d978f12e73174975cd0e31ba6ce4e57e10b24ae5d5d5c1a1f4f50e4e175edf7a4de64d1b WHIRLPOOL 86ef0b6af441158ce7b6de7464ed14b50f383064594ff4c382c8e8556f1447c47e7bac3a53d156ec5775ec67b1efca7c540de3ac5bd14f2110b05f886e551ad6 +AUX skey-1.1.5-ifndef__P.patch 441 SHA256 dfd20f625fd6c520cb4dffcbcd4e8c88fdbece1db76385803dca3e5f0e913152 SHA512 146ff7fb3024e870586d68ec93645862f519d32843dd1d829da7f5aedac8c48cb66d2ababf02a6881d724552d7d3e83e4edd116eedca863bda47234ad8cef7e0 WHIRLPOOL df44615618071d55c164f59a41e1eb6cb881ddf86d97aecc2aab8e7a5ca240002b1be0bcec079fe994e787a41f5947a358c737ad533b13d555ee17f95fabe86e +DIST skey-1.1.5-patches-3.tar.xz 33604 SHA256 adabe7b286f586d2cbe1a4b15f71310b7d8e25fc3187f8a89071359d7975badf SHA512 dcef6837e563ce3f68fe4eed35f16db1636e1798219dba95c86db505b5f67034b44bc6d02e0125faa95db8a5c39e9615bfed2dc3105905e576d96cf32016bc2f WHIRLPOOL bff241ecf0f59dae810db300bd858f76e18153f1958f2154c538f42040cc1040f049442d697767cfa7346996931d81370c2551d752c52810c9b18fe9e351c212 +DIST skey-1.1.5.tar.bz2 61911 SHA256 e21bcb7c618c0bc87a72d8f0f097d7517fffa4e881a0f295ee1ce2a7dccf4aef SHA512 4cbddc7e31134d5e23801a9b07de0d05c8357aaa8dddfb8426fceead3f54e539f77204f78a08b2a93890ef2f4f807a2208080f58f80818afa1b8cd4884b1fb37 WHIRLPOOL abf141fd679deeaee3f3883cd3076620c84e8775ecacc8f87d561c1812beae55299989f37ec331633bac29e25b4b8d145dc590ef119c73a137d8790815bb13f2 +EBUILD skey-1.1.5-r99.ebuild 2176 SHA256 02ecab8b17f6ae8a046fec78039de4d0134a5538903d3fdd4bcb50df3d8f817c SHA512 7b2cfd7d4a5f9f9b549bdea3617d4ebcda7832bc6b000db117f317214e26c0ffb78df65d84829368d2c1da29b3ce1466f60e3a06b668a09ecf078c55783ba09c WHIRLPOOL 203baab113282ce8ba8b43cdab8a47d88851c8c4e8c6863ce8f5d338bb5cc60d3391cf2dd54afb84e76eda45bffdfd730547b274b015522bd3db671a63ddcb41 +MISC metadata.xml 1418 SHA256 786262fdf7d44c395db41d8d273aa75a4aa390abd30348a2fa835e7a8eb64ffc SHA512 e1d9008e9ebf868ecd9d45704c4ae2c907e35550cbbc96ce9a757f90e80f6881bd7a4a26355fdc2fed2ae487dd6557e18c5426654e5373dea1863c379875a2b1 WHIRLPOOL 2783acc5a7b3f0361279dffe3a8fc8ec23afb97af5a2b30208e0ea1642a8cbb00282def5d25f358616f478c04ffcef37393ddecac0cafc8edb9f54606f62b974 diff --git a/sys-auth/skey/files/skey-1.1.5-add-include-paths_h.patch b/sys-auth/skey/files/skey-1.1.5-add-include-paths_h.patch new file mode 100644 index 0000000..a0e103c --- /dev/null +++ b/sys-auth/skey/files/skey-1.1.5-add-include-paths_h.patch @@ -0,0 +1,11 @@ +diff -Naur skey-1.1.5.orig/skeyinit.c skey-1.1.5/skeyinit.c +--- skey-1.1.5.orig/skeyinit.c 2015-07-16 21:23:26.325880927 +0000 ++++ skey-1.1.5/skeyinit.c 2015-07-16 21:26:13.129874652 +0000 +@@ -36,6 +36,7 @@ + #include <syslog.h> + #include <time.h> + #include <unistd.h> ++#include <paths.h> + #ifdef HAVE_CRYPT_H + #include <crypt.h> + #endif diff --git a/sys-auth/skey/files/skey-1.1.5-ifndef__P.patch b/sys-auth/skey/files/skey-1.1.5-ifndef__P.patch new file mode 100644 index 0000000..1c52102 --- /dev/null +++ b/sys-auth/skey/files/skey-1.1.5-ifndef__P.patch @@ -0,0 +1,14 @@ +diff -Naur skey-1.1.5.orig/skey.h skey-1.1.5/skey.h +--- skey-1.1.5.orig/skey.h 2015-07-16 21:23:26.097880936 +0000 ++++ skey-1.1.5/skey.h 2015-07-16 21:45:00.553832237 +0000 +@@ -67,6 +67,10 @@ + /* Location of random file for bogus challenges */ + #define _SKEY_RAND_FILE_PATH_ "/var/db/host.random" + ++#ifndef __P ++#define __P(x) x ++#endif ++ + /* Prototypes */ + void f __P ((char *)); + int keycrunch __P ((char *, const char *, const char *)); diff --git a/sys-auth/skey/metadata.xml b/sys-auth/skey/metadata.xml new file mode 100644 index 0000000..31fc6f4 --- /dev/null +++ b/sys-auth/skey/metadata.xml @@ -0,0 +1,29 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd";> +<pkgmetadata> +<maintainer> + <email>[email protected]</email> +</maintainer> +<longdescription lang="en"> + From RFC2289: + One form of attack on networked computing systems is eavesdropping on + network connections to obtain authentication information such as the + login IDs and passwords of legitimate users. Once this information is + captured, it can be used at a later time to gain access to the system. + One-time password systems are designed to counter this type of attack, + called a "replay attack." + + The authentication system described in this document uses a secret + pass-phrase to generate a sequence of one-time (single use) passwords. + With this system, the user's secret pass-phrase never needs to cross the + network at any time such as during authentication or during pass-phrase + changes. Thus, it is not vulnerable to replay attacks. Added security + is provided by the property that no secret information need be stored on + any system, including the server being protected. + + The OTP system protects against external passive attacks against the + authentication subsystem. It does not prevent a network eavesdropper from + gaining access to private information and does not provide protection + against either "social engineering" or active attacks. +</longdescription> +</pkgmetadata> diff --git a/sys-auth/skey/skey-1.1.5-r99.ebuild b/sys-auth/skey/skey-1.1.5-r99.ebuild new file mode 100644 index 0000000..9f7c3d5 --- /dev/null +++ b/sys-auth/skey/skey-1.1.5-r99.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-auth/skey/skey-1.1.5-r9.ebuild,v 1.2 2015/06/26 06:27:19 ulm Exp $ + +EAPI=5 + +inherit flag-o-matic eutils toolchain-funcs + +DESCRIPTION="Linux Port of OpenBSD Single-key Password System" +HOMEPAGE="http://www.openbsd.org/faq/faq8.html#SKey"; +SRC_URI="mirror://gentoo/${P}.tar.bz2 + http://dev.gentoo.org/~ulm/distfiles/${P}-patches-3.tar.xz"; + +LICENSE="BSD MIT RSA BEER-WARE" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="static-libs" + +DEPEND="dev-lang/perl + app-arch/xz-utils" +RDEPEND="dev-lang/perl + virtual/perl-Time-Local + sys-libs/cracklib" + +src_prepare() { + EPATCH_SUFFIX=patch epatch + epatch "${FILESDIR}"/${PN}-1.1.5-add-include-paths_h.patch + epatch "${FILESDIR}"/${PN}-1.1.5-ifndef__P.patch +} + +src_configure() { + tc-export CC + econf --sysconfdir=/etc/skey +} + +src_install() { + into / + dolib.so libskey.so{.${PV},.${PV%.*},.${PV%%.*},} + + into /usr + dobin skey skeyinit skeyinfo + newbin skeyaudit.sh skeyaudit + newsbin skeyprune.pl skeyprune + + dosym skey /usr/bin/otp-md4 + dosym skey /usr/bin/otp-md5 + dosym skey /usr/bin/otp-sha1 + + if use static-libs; then + dolib.a libskey.a + gen_usr_ldscript libskey.so + fi + + doman skey.1 skeyaudit.1 skeyinfo.1 skeyinit.1 skey.3 skeyprune.8 + + insinto /usr/include + doins skey.h + + keepdir /etc/skey + + # only root needs to have access to these files. + fperms go-rx /etc/skey + + # skeyinit and skeyinfo must be suid root so users + # can generate their passwords. + fperms u+s,go-r /usr/bin/skeyinit /usr/bin/skeyinfo + + dodoc README CHANGES +} + +pkg_postinst() { + # do not include /etc/skey/skeykeys in the package, as quickpkg + # may package sensitive information. + # This also fixes the etc-update issue with #64974. + + # skeyinit will not function if this file is not present. + touch /etc/skey/skeykeys + + # these permissions are applied by the skey system if missing. + chmod 0600 /etc/skey/skeykeys + + elog "For an introduction into using s/key authentication, take" + elog "a look at the EXAMPLES section from the skey(1) manpage." +}
