Date: Sat, 15 Mar 2008 13:31:39 +0100 From: "Fredrik Lindberg" <fli@shapeshifter.se> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/121732: Update port: security/pam_bsdbioapi Update to 1.5.1 Message-ID: <20080315123140.4B80F78C2F@mx1.h3q.net> Resent-Message-ID: <200803151240.m2FCe21h029977@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 121732 >Category: ports >Synopsis: Update port: security/pam_bsdbioapi Update to 1.5.1 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Sat Mar 15 12:40:01 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Fredrik Lindberg >Release: FreeBSD 8.0-CURRENT i386 >Organization: >Environment: System: FreeBSD nexus 8.0-CURRENT FreeBSD 8.0-CURRENT #1: Mon Oct 29 17:22:20 CET 2007 root@nexus:/usr/obj/usr/src/sys/NEXUS i386 >Description: * Update to pam_bsdbioapi 1.5.1 * Fix master site >How-To-Repeat: >Fix: --- pam_bsdbioapi-1.5.1.patch begins here --- Index: Makefile =================================================================== RCS file: /home/ncvs/ports/security/pam_bsdbioapi/Makefile,v retrieving revision 1.4 diff -u -p -r1.4 Makefile --- Makefile 4 Oct 2007 06:00:22 -0000 1.4 +++ Makefile 15 Mar 2008 11:39:42 -0000 @@ -6,10 +6,9 @@ # PORTNAME= pam_bsdbioapi -PORTVERSION= 1.5 -PORTREVISION= 1 +PORTVERSION= 1.5.1 CATEGORIES= security -MASTER_SITES= http://shapeshifter.se/pub/pam_bsdbioapi/ +MASTER_SITES= http://www.shapeshifter.se/pub/pam_bsdbioapi/ MAINTAINER= fli@shapeshifter.se COMMENT= PAM module for BioAPI Index: distinfo =================================================================== RCS file: /home/ncvs/ports/security/pam_bsdbioapi/distinfo,v retrieving revision 1.2 diff -u -p -r1.2 distinfo --- distinfo 18 Mar 2006 21:00:37 -0000 1.2 +++ distinfo 15 Mar 2008 11:39:42 -0000 @@ -1,3 +1,3 @@ -MD5 (pam_bsdbioapi-1.5.tar.gz) = 148a4dd4be43ba6a86554375264e2c88 -SHA256 (pam_bsdbioapi-1.5.tar.gz) = 8aed40bd942c9f3230eaba478736a3203be31e3d10574cdd812d4f03bf3cea78 -SIZE (pam_bsdbioapi-1.5.tar.gz) = 27827 +MD5 (pam_bsdbioapi-1.5.1.tar.gz) = 23802598b74265dc29c6d18c3b958654 +SHA256 (pam_bsdbioapi-1.5.1.tar.gz) = 7f715b2806dcfc5dbc42faa43caadc9f8c990c547c93ad322d0636d6c9850a1d +SIZE (pam_bsdbioapi-1.5.1.tar.gz) = 27927 Index: pkg-descr =================================================================== RCS file: /home/ncvs/ports/security/pam_bsdbioapi/pkg-descr,v retrieving revision 1.2 diff -u -p -r1.2 pkg-descr --- pkg-descr 18 Mar 2006 21:00:37 -0000 1.2 +++ pkg-descr 15 Mar 2008 11:39:42 -0000 @@ -5,4 +5,4 @@ Features includes support for multiple d BSP message callback translation for easy integration with graphical login managers such as GDM. -WWW: http://shapeshifter.se/code/pam_bsdbioapi +WWW: http://www.shapeshifter.se/code/pam_bsdbioapi Index: files/patch-src_pam_bsdbioapi_pam_bsdbioapi.8 =================================================================== RCS file: files/patch-src_pam_bsdbioapi_pam_bsdbioapi.8 diff -N files/patch-src_pam_bsdbioapi_pam_bsdbioapi.8 --- files/patch-src_pam_bsdbioapi_pam_bsdbioapi.8 23 Dec 2006 20:28:25 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,23 +0,0 @@ ---- src/pam_bsdbioapi/pam_bsdbioapi.8 Thu Feb 23 06:15:13 2006 -+++ src/pam_bsdbioapi/pam_bsdbioapi.8.orig Sun Dec 10 06:36:31 2006 -@@ -36,6 +36,7 @@ - .Ar pam_bsdbioapi - .Ar bsp-uuid - .Ar backend -+.Op -s - .Op -f birdb-path - .Op -m message-file - .Sh DESCRIPTION -@@ -69,6 +70,12 @@ - This option is required. - .Pp - .Bl -tag -width ".Fl m Ar message-file" -+.It Fl s -+Fail without prompting the user to swipe finger if the user has not enrolled -+yet. -+This is useful if only a handful of users has enrolled, but leaks whether the -+given user has enrolled, to whomever tries to authenticate as the user (e.g. -+an attacker outside). - .It Fl f Ar birdb-path - Specify an alternative path to the birdb.conf file for backend configuration. - The default is /usr/local/etc/birdb.conf Index: files/patch-src_pam_bsdbioapi_pam_bsdbioapi.c =================================================================== RCS file: files/patch-src_pam_bsdbioapi_pam_bsdbioapi.c diff -N files/patch-src_pam_bsdbioapi_pam_bsdbioapi.c --- files/patch-src_pam_bsdbioapi_pam_bsdbioapi.c 23 Dec 2006 20:28:25 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,51 +0,0 @@ ---- src/pam_bsdbioapi/pam_bsdbioapi.c Thu Feb 23 06:15:13 2006 -+++ src/pam_bsdbioapi/pam_bsdbioapi.c.orig Sun Dec 10 06:26:57 2006 -@@ -215,7 +215,7 @@ - int argc, const char *argv[]) - { - const char *user, *bsp_id, *dbid, *conf, *msgfile; -- int error, pam_retval = PAM_AUTH_ERR; -+ int error, pam_retval = PAM_AUTH_ERR, skip_unenrolled; - BioAPI_HANDLE *handle; - struct birdb_rec keyrec, **recs; - struct birdb_mod *bm; -@@ -241,9 +241,10 @@ - - conf = DEFCONFPATH; - msgfile = NULL; -+ skip_unenrolled = 0; - - optind = 2; -- while ((opt = getopt(argc, (char **)argv, "m:f:")) != -1) { -+ while ((opt = getopt(argc, (char **)argv, "m:f:s")) != -1) { - switch (opt) { - case 'm': - msgfile = argv[optind - 1]; -@@ -253,6 +254,9 @@ - conf = argv[optind - 1]; - PAM_LOG("Got birdb configuration file: %s", conf); - break; -+ case 's': -+ skip_unenrolled = 1; -+ break; - } - } - -@@ -271,7 +275,6 @@ - PAM_LOG("Got user: %s", user); - - setuid(euid); -- pam_info(pamh, "Initiating biometric authentication..."); - - error = bioapi_init(); - if (error) -@@ -312,7 +315,8 @@ - - keyrec.br_key = (char *)user; - recs = birdb_backend_get(bm, bmh, &keyrec); -- if (recs != NULL) { -+ if (recs != NULL && (!skip_unenrolled || recs[0] != NULL)) { -+ pam_info(pamh, "Initiating biometric authentication..."); - handle = bioapi_attach_bsp(bsp_id); - if (handle == NULL) { - PAM_VERBOSE_ERROR("Failed to attach the selected BSP"); --- pam_bsdbioapi-1.5.1.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080315123140.4B80F78C2F>