summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLars Wendler <polynomial-c@gentoo.org>2018-10-24 14:05:16 +0200
committerLars Wendler <polynomial-c@gentoo.org>2018-10-24 14:05:48 +0200
commit3e50a2a015fe3d523bfc4e72ed2175d4d6033e97 (patch)
treefa50b8ad0ad18071493abe891638b11be9ad0f4e
parentsys-process/rtirq: version bump to 20180209 (diff)
downloadgentoo-3e50a2a015fe3d523bfc4e72ed2175d4d6033e97.tar.gz
gentoo-3e50a2a015fe3d523bfc4e72ed2175d4d6033e97.tar.bz2
gentoo-3e50a2a015fe3d523bfc4e72ed2175d4d6033e97.zip
sys-auth/pam_p11: Fixed build with openssl-1.1
Closes: https://bugs.gentoo.org/658036 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11
-rw-r--r--sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch76
-rw-r--r--sys-auth/pam_p11/pam_p11-0.2.0.ebuild10
2 files changed, 84 insertions, 2 deletions
diff --git a/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
new file mode 100644
index 000000000000..8c41e29bed1f
--- /dev/null
+++ b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch
@@ -0,0 +1,76 @@
+From 46a6079817c67a09e5ac493af3381c655bd91c26 Mon Sep 17 00:00:00 2001
+From: Peter Popovec <popovec.peter@gmail.com>
+Date: Tue, 21 Aug 2018 10:24:36 +0200
+Subject: [PATCH] Replacing deprecated OpenSSL API functions (#12)
+
+fixes https://github.com/OpenSC/pam_p11/issues/10
+---
+ configure.ac | 5 +++++
+ src/pam_p11.c | 17 ++++++++++++++---
+ 2 files changed, 19 insertions(+), 3 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 5bcbdd6..2854a99 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -85,6 +85,11 @@ PKG_CHECK_MODULES(
+ )]
+ )
+
++saved_LIBS="$LIBS"
++LIBS="$OPENSSL_LIBS $LIBS"
++AC_CHECK_FUNCS(EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset)
++LIBS="$saved_LIBS"
++
+ if test -z "${PAM_LIBS}"; then
+ AC_ARG_VAR([PAM_CFLAGS], [C compiler flags for pam])
+ AC_ARG_VAR([PAM_LIBS], [linker flags for pam])
+diff --git a/src/pam_p11.c b/src/pam_p11.c
+index 2b4bfbe..60380e5 100644
+--- a/src/pam_p11.c
++++ b/src/pam_p11.c
+@@ -31,6 +31,17 @@
+ #include <openssl/crypto.h>
+ #include <libp11.h>
+
++/* openssl deprecated API emulation */
++#ifndef HAVE_EVP_MD_CTX_NEW
++#define EVP_MD_CTX_new() EVP_MD_CTX_create()
++#endif
++#ifndef HAVE_EVP_MD_CTX_FREE
++#define EVP_MD_CTX_free(ctx) EVP_MD_CTX_destroy((ctx))
++#endif
++#ifndef HAVE_EVP_MD_CTX_RESET
++#define EVP_MD_CTX_reset(ctx) EVP_MD_CTX_cleanup((ctx))
++#endif
++
+ #ifdef ENABLE_NLS
+ #include <libintl.h>
+ #include <locale.h>
+@@ -578,7 +589,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
+ unsigned char signature[256];
+ unsigned int siglen = sizeof signature;
+ const EVP_MD *md = EVP_sha1();
+- EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
++ EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
+ EVP_PKEY *privkey = PKCS11_get_private_key(authkey);
+ EVP_PKEY *pubkey = PKCS11_get_public_key(authkey);
+
+@@ -596,7 +607,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
+ || !EVP_SignInit(md_ctx, md)
+ || !EVP_SignUpdate(md_ctx, challenge, sizeof challenge)
+ || !EVP_SignFinal(md_ctx, signature, &siglen, privkey)
+- || !EVP_MD_CTX_cleanup(md_ctx)
++ || !EVP_MD_CTX_reset(md_ctx)
+ || !EVP_VerifyInit(md_ctx, md)
+ || !EVP_VerifyUpdate(md_ctx, challenge, sizeof challenge)
+ || 1 != EVP_VerifyFinal(md_ctx, signature, siglen, pubkey)) {
+@@ -613,7 +624,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey)
+ if (NULL != privkey)
+ EVP_PKEY_free(privkey);
+ if (NULL != md_ctx) {
+- EVP_MD_CTX_destroy(md_ctx);
++ EVP_MD_CTX_free(md_ctx);
+ }
+ return ok;
+ }
diff --git a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild b/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
index cc81b3a08cbf..6156029daf1d 100644
--- a/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
+++ b/sys-auth/pam_p11/pam_p11-0.2.0.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
-inherit pam
+inherit autotools pam
DESCRIPTION="PAM module for authenticating against PKCS#11 tokens"
HOMEPAGE="https://github.com/opensc/pam_p11/wiki"
@@ -22,8 +22,14 @@ BDEPEND="virtual/pkgconfig"
PATCHES=(
"${FILESDIR}/${P}-build.patch"
+ "${FILESDIR}/${P}-openssl11.patch" #658036
)
+src_prepare() {
+ default
+ eautoreconf
+}
+
src_configure() {
econf --with-pamdir="$(getpam_mod_dir)"
}