diff options
-rw-r--r-- | debian/Makefile | 39 | ||||
-rw-r--r-- | debian/README.Debian | 25 | ||||
-rw-r--r-- | debian/changelog | 119 | ||||
-rw-r--r-- | debian/compat | 1 | ||||
-rw-r--r-- | debian/control | 17 | ||||
-rw-r--r-- | debian/copyright | 33 | ||||
-rw-r--r-- | debian/gbp.conf | 5 | ||||
-rwxr-xr-x | debian/libpam-pwdfile.dirs | 2 | ||||
-rw-r--r-- | debian/libpam-pwdfile.docs | 2 | ||||
-rwxr-xr-x | debian/libpam-pwdfile.install | 2 | ||||
-rw-r--r-- | debian/libpam-pwdfile.lintian-overrides | 2 | ||||
-rw-r--r-- | debian/patches/regular_crypt | 22 | ||||
-rw-r--r-- | debian/patches/series | 2 | ||||
-rw-r--r-- | debian/patches/visibility | 23 | ||||
-rwxr-xr-x | debian/rules | 12 | ||||
-rw-r--r-- | debian/source.lintian-overrides | 3 | ||||
-rw-r--r-- | debian/source/format | 1 |
17 files changed, 310 insertions, 0 deletions
diff --git a/debian/Makefile b/debian/Makefile new file mode 100644 index 0000000..965cf9d --- /dev/null +++ b/debian/Makefile @@ -0,0 +1,39 @@ +# Modified Makefile to allow for building of the standalone module + +TITLE=pam_pwdfile + +CC = gcc +LD = gcc +CFLAGS += -fPIC -c -g -Wall -Wformat-security -fvisibility=hidden +LDFLAGS += -Wl,-x --shared +LDLIBS = -lcrypt -lpam +LIBOBJ = $(TITLE).o md5_good.o md5_broken.o md5_crypt_good.o md5_crypt_broken.o bigcrypt.o +LIBSHARED = $(TITLE).so + +all: $(LIBSHARED) + +md5_good.o: md5.c + $(CC) $(CFLAGS) $(CPPFLAGS) -DHIGHFIRST -D'MD5Name(x)=Good##x' \ + $(TARGET_ARCH) $< -o $@ + +md5_broken.o: md5.c + $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' \ + $(TARGET_ARCH) $< -o $@ + +md5_crypt_good.o: md5_crypt.c + $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Good##x' \ + $(TARGET_ARCH) $< -o $@ + +md5_crypt_broken.o: md5_crypt.c + $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' \ + $(TARGET_ARCH) $< -o $@ + +$(LIBSHARED): $(LIBOBJ) + $(LD) $(LDFLAGS) -o $@ $(LIBOBJ) $(LDLIBS) + +clean: + rm -f $(LIBOBJS) $(LIBSHARED) core *~ + +extraclean: clean + rm -f *.a *.o *.so *.bak + diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 0000000..34d3253 --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,25 @@ +libpam-pwdfile for Debian +------------------------- + +This module allows one to authenticate users via an arbitrary password file. +The file follows the same format as /etc/passwd and /etc/shadow, although only +the first two fields are required. In other words, each entry should start at +the beginning of a line and use the following format: + + [username]:[password-hash] + + +The following command provides a quick way to generate an appropriate hash, +which may then be copied into your password file. + + perl -e '$salt=q($1$).int(rand(1e8)); print "password: "; chomp($passwd=<STDIN>); print crypt($passwd,$salt),"\n"' + + +Here's an example of a working configuration... specifically, this is copied +from my /etc/pam.d/dovecot file. + + auth required pam_pwdfile.so pwdfile=/etc/dovecot/dovecot.passwd + @include common-account + @include common-session + + -- Greg Norris <adric@debian.org> Wed, 16 Nov 2005 07:50:37 -0600 diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..1ae7cde --- /dev/null +++ b/debian/changelog @@ -0,0 +1,119 @@ +libpam-pwdfile (0.99-5) unstable; urgency=low + + * New Maintainer (Closes: #588877) + * debian/patches/regular_crypt: Use libc's crypt in the regular way to + support newer crypt types, esp. SHA2 based ones. + * Bump Standards-Version to 3.9.3. + * Bump dh compat level to 9. + * Enable Multi-Arch. + * Use source/format 3.0 (quilt). + * Move Makefile.Debian to debian/Makefile + + -- Timo Weingärtner <timo@tiwe.de> Fri, 22 Jun 2012 10:35:36 +0200 + +libpam-pwdfile (0.99-4) unstable; urgency=low + + * Orphan this package (set maintainer to Debian QA Group). + + -- Greg Norris <adric@debian.org> Mon, 12 Jul 2010 15:38:54 -0500 + +libpam-pwdfile (0.99-3.1) unstable; urgency=low + + * Non-maintainer upload. + * Link using gcc instead of ld (closes: #499203). + * Mark the pam_sm_* functions as __attribute__((visibility("default"))) and + build with -fvisibility=hidden. + + -- Peter Palfrader <weasel@debian.org> Thu, 25 Sep 2008 12:50:11 +0200 + +libpam-pwdfile (0.99-3) unstable; urgency=low + + * Update doeumentation in README.Debian + * Updated to policy version 3.6.2 (no changes required) + + -- Greg Norris <adric@debian.org> Wed, 16 Nov 2005 07:56:25 -0600 + +libpam-pwdfile (0.99-2) unstable; urgency=low + + * Include contrib/warwick_duncan-cyrus_without_system_accounts.txt under + /usr/share/doc/libpam-pwdfile. + + -- Greg Norris <adric@debian.org> Mon, 22 Dec 2003 19:39:46 -0600 + +libpam-pwdfile (0.99-1) unstable; urgency=low + + * New upstream release. + + -- Greg Norris <adric@debian.org> Sat, 20 Dec 2003 14:36:09 -0600 + +libpam-pwdfile (0.98-4) unstable; urgency=low + + * Complete yesterday's pam_pwdfile.c update, in which I inadvertently omitted + a one-line change. + + -- Greg Norris <adric@debian.org> Sat, 20 Dec 2003 13:53:24 -0600 + +libpam-pwdfile (0.98-3) unstable; urgency=low + + * Updated pam_pwdfile.c to distinguish between crypt and bigcrypt passwords, + and handle them appropriately. The patch has been forwarded upstream, and + Charl has indicated that it will be incorporated into the next release. + (closes: 220770) + + -- Greg Norris <adric@debian.org> Fri, 19 Dec 2003 22:31:31 -0600 + +libpam-pwdfile (0.98-2) unstable; urgency=low + + * The previous upload failed because dpkg-buildpackage wanted to include + the source archive, but the existing file can't be overwritten. Bump the + revision number, and re-upload. + + -- Greg Norris <adric@debian.org> Tue, 8 Jul 2003 21:17:49 -0500 + +libpam-pwdfile (0.98-1) unstable; urgency=low + + * Hijack this package, as the previous maintainer appears to have been + unreachable for quite some time. Guess I should have done this in the + first place. ;-) + * Miscellaneous updates to packaging files. + + -- Greg Norris <adric@debian.org> Tue, 8 Jul 2003 18:10:15 -0500 + +libpam-pwdfile (0.98-0.2) unstable; urgency=low + + * NMU + * Build using -fPIC (closes: #200477) + + -- Greg Norris <adric@debian.org> Tue, 8 Jul 2003 10:21:52 -0500 + +libpam-pwdfile (0.98-0.1) unstable; urgency=low + + * NMU + * New upstream release. + * Updated to policy version 3.5.10 (no changes required), in order to make + lintian happy. + * Removed obsolete call to dh_suidregister from debian/rules. + + -- Greg Norris <adric@debian.org> Mon, 7 Jul 2003 20:20:12 -0500 + +libpam-pwdfile (0.6-2) unstable; urgency=low + + * Added debhelper to Build-Depends (Closes: Bug#77881). + + -- Michael-John Turner <mj@debian.org> Fri, 24 Nov 2000 21:41:43 +0200 + +libpam-pwdfile (0.6-1) unstable; urgency=low + + * New upstream. + + -- Michael-John Turner <mj@debian.org> Sat, 18 Nov 2000 21:24:03 +0200 + +libpam-pwdfile (0.1-1) unstable; urgency=low + + * Initial Release. + + -- Michael-John Turner <mj@debian.org> Tue, 7 Dec 1999 12:02:43 +0200 + +Local variables: +mode: debian-changelog +End: diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +9 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..ad49335 --- /dev/null +++ b/debian/control @@ -0,0 +1,17 @@ +Source: libpam-pwdfile +Section: admin +Priority: extra +Maintainer: Timo Weingärtner <timo@tiwe.de> +Standards-Version: 3.9.3 +Build-Depends: debhelper (>= 9), dh-exec (>=0.3), libpam0g-dev +Homepage: http://code.google.com/p/pam-pwdfile/ + +Package: libpam-pwdfile +Architecture: any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: PAM module allowing authentication via an /etc/passwd-like file + This PAM module lets you use an arbitrarily-named text file similar in + structure to /etc/passwd to authenticate users. It supports libc's crypt + plus md5crypt with a broken md5 and Digital UNIX's bigcrypt. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..331385f --- /dev/null +++ b/debian/copyright @@ -0,0 +1,33 @@ +This package was debianized by Michael-John Turner <mj@debian.org> on +Tue, 7 Dec 1999 12:02:43 +0200. It is currently packaged by +Greg Norris <adric@debian.org>. + +It was downloaded from http://cpbotha.net/pam_pwdfile.html + +Upstream Author: Charl P. Botha <cpbotha@ieee.org> + +Copyright: + Copyright (c) Charl P. Botha, 1999-2002. All rights reserved + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, and the entire permission notice in its entirety, + including the disclaimer of warranties. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the author may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + ALTERNATIVELY, this product may be distributed under the terms of + the GNU Public License, in which case the provisions of the GPL are + required INSTEAD OF the above restrictions. (This clause is + necessary due to a potential bad interaction between the GPL and + the restrictions contained in a BSD-style copyright.) + +On Debian GNU systems, a copy of the GNU GPL can be found in +/usr/share/common-licenses/GPL + diff --git a/debian/gbp.conf b/debian/gbp.conf new file mode 100644 index 0000000..a0dddf5 --- /dev/null +++ b/debian/gbp.conf @@ -0,0 +1,5 @@ +[DEFAULT] +upstream-branch=master +upstream-tag=v%(version)s +debian-branch=debian +pristine-tar=true diff --git a/debian/libpam-pwdfile.dirs b/debian/libpam-pwdfile.dirs new file mode 100755 index 0000000..5cd1ce0 --- /dev/null +++ b/debian/libpam-pwdfile.dirs @@ -0,0 +1,2 @@ +#!/usr/bin/dh-exec +lib/${DEB_HOST_MULTIARCH}/security diff --git a/debian/libpam-pwdfile.docs b/debian/libpam-pwdfile.docs new file mode 100644 index 0000000..5c130d3 --- /dev/null +++ b/debian/libpam-pwdfile.docs @@ -0,0 +1,2 @@ +README +contrib/warwick_duncan-cyrus_without_system_accounts.txt diff --git a/debian/libpam-pwdfile.install b/debian/libpam-pwdfile.install new file mode 100755 index 0000000..d0704c3 --- /dev/null +++ b/debian/libpam-pwdfile.install @@ -0,0 +1,2 @@ +#!/usr/bin/dh-exec +pam_pwdfile.so lib/${DEB_HOST_MULTIARCH}/security/ diff --git a/debian/libpam-pwdfile.lintian-overrides b/debian/libpam-pwdfile.lintian-overrides new file mode 100644 index 0000000..99542bc --- /dev/null +++ b/debian/libpam-pwdfile.lintian-overrides @@ -0,0 +1,2 @@ +# spelling error came from upstream +spelling-error-in-copyright GNU Public License GNU General Public License diff --git a/debian/patches/regular_crypt b/debian/patches/regular_crypt new file mode 100644 index 0000000..9895e33 --- /dev/null +++ b/debian/patches/regular_crypt @@ -0,0 +1,22 @@ +Description: Use libc's crypt in the regular way + * That should support newer crypt types. + * We do the check before the weird stuff but keep it to not break setups + using broken md5 hashing or bigcrypt. + * CRYPTED_BCPWD_LEN as an upper limit seems to be ok by now. +Author: Timo Weingärtner <timo@tiwe.de> +Forwarded: no +Last-Update: 2012-06-20 + +--- libpam-pwdfile-0.99.orig/pam_pwdfile.c ++++ libpam-pwdfile-0.99/pam_pwdfile.c +@@ -348,6 +348,10 @@ PAM_EXTERN int pam_sm_authenticate(pam_h + + temp_result = 0; + ++ if (strcmp(crypt(password, stored_crypted_password), stored_crypted_password) == 0) { ++ D(_pam_log(LOG_ERR,"password matched using the systems crypt()")); ++ temp_result = 1; ++ } + /* Extract the salt and set the passwd length, depending on MD5 or DES */ + if (strncmp(stored_crypted_password, "$1$", 3) == 0) { + D(_pam_log(LOG_ERR,"password hash type is 'md5'")); diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..fb3fb12 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,2 @@ +visibility +regular_crypt diff --git a/debian/patches/visibility b/debian/patches/visibility new file mode 100644 index 0000000..d121a1e --- /dev/null +++ b/debian/patches/visibility @@ -0,0 +1,23 @@ +Description: Mark the pam_sm_* functions as __attribute__((visibility("default"))) +Author: Peter Palfrader <weasel@debian.org> +Bug-Debian: http://bugs.debian.org/499203 +Last-Update: 2012-06-20 + +--- libpam-pwdfile-0.99.orig/pam_pwdfile.c ++++ libpam-pwdfile-0.99/pam_pwdfile.c +@@ -222,6 +222,7 @@ + } + + /* expected hook for auth service */ ++__attribute__((visibility("default"))) + PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, + int argc, const char **argv) { + int retval, pcnt, pwdfilename_found; +@@ -408,6 +409,7 @@ + } + + /* another expected hook */ ++__attribute__((visibility("default"))) + PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, + int argc, const char **argv) + { diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..9546ad8 --- /dev/null +++ b/debian/rules @@ -0,0 +1,12 @@ +#!/usr/bin/make -f + +%: + dh $@ + +override_dh_auto_build: + $(MAKE) -f debian/Makefile + +override_dh_auto_clean: + $(MAKE) -f debian/Makefile extraclean + +override_dh_auto_install: diff --git a/debian/source.lintian-overrides b/debian/source.lintian-overrides new file mode 100644 index 0000000..0cd63ff --- /dev/null +++ b/debian/source.lintian-overrides @@ -0,0 +1,3 @@ +# already in upstream tarball +source-contains-cvs-control-dir contrib/CVS +source-contains-cvs-control-dir CVS diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) |