summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/Makefile39
-rw-r--r--debian/README.Debian25
-rw-r--r--debian/changelog119
-rw-r--r--debian/compat1
-rw-r--r--debian/control17
-rw-r--r--debian/copyright33
-rw-r--r--debian/gbp.conf5
-rwxr-xr-xdebian/libpam-pwdfile.dirs2
-rw-r--r--debian/libpam-pwdfile.docs2
-rwxr-xr-xdebian/libpam-pwdfile.install2
-rw-r--r--debian/libpam-pwdfile.lintian-overrides2
-rw-r--r--debian/patches/regular_crypt22
-rw-r--r--debian/patches/series2
-rw-r--r--debian/patches/visibility23
-rwxr-xr-xdebian/rules12
-rw-r--r--debian/source.lintian-overrides3
-rw-r--r--debian/source/format1
17 files changed, 310 insertions, 0 deletions
diff --git a/debian/Makefile b/debian/Makefile
new file mode 100644
index 0000000..965cf9d
--- /dev/null
+++ b/debian/Makefile
@@ -0,0 +1,39 @@
+# Modified Makefile to allow for building of the standalone module
+
+TITLE=pam_pwdfile
+
+CC = gcc
+LD = gcc
+CFLAGS += -fPIC -c -g -Wall -Wformat-security -fvisibility=hidden
+LDFLAGS += -Wl,-x --shared
+LDLIBS = -lcrypt -lpam
+LIBOBJ = $(TITLE).o md5_good.o md5_broken.o md5_crypt_good.o md5_crypt_broken.o bigcrypt.o
+LIBSHARED = $(TITLE).so
+
+all: $(LIBSHARED)
+
+md5_good.o: md5.c
+ $(CC) $(CFLAGS) $(CPPFLAGS) -DHIGHFIRST -D'MD5Name(x)=Good##x' \
+ $(TARGET_ARCH) $< -o $@
+
+md5_broken.o: md5.c
+ $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' \
+ $(TARGET_ARCH) $< -o $@
+
+md5_crypt_good.o: md5_crypt.c
+ $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Good##x' \
+ $(TARGET_ARCH) $< -o $@
+
+md5_crypt_broken.o: md5_crypt.c
+ $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' \
+ $(TARGET_ARCH) $< -o $@
+
+$(LIBSHARED): $(LIBOBJ)
+ $(LD) $(LDFLAGS) -o $@ $(LIBOBJ) $(LDLIBS)
+
+clean:
+ rm -f $(LIBOBJS) $(LIBSHARED) core *~
+
+extraclean: clean
+ rm -f *.a *.o *.so *.bak
+
diff --git a/debian/README.Debian b/debian/README.Debian
new file mode 100644
index 0000000..34d3253
--- /dev/null
+++ b/debian/README.Debian
@@ -0,0 +1,25 @@
+libpam-pwdfile for Debian
+-------------------------
+
+This module allows one to authenticate users via an arbitrary password file.
+The file follows the same format as /etc/passwd and /etc/shadow, although only
+the first two fields are required. In other words, each entry should start at
+the beginning of a line and use the following format:
+
+ [username]:[password-hash]
+
+
+The following command provides a quick way to generate an appropriate hash,
+which may then be copied into your password file.
+
+ perl -e '$salt=q($1$).int(rand(1e8)); print "password: "; chomp($passwd=<STDIN>); print crypt($passwd,$salt),"\n"'
+
+
+Here's an example of a working configuration... specifically, this is copied
+from my /etc/pam.d/dovecot file.
+
+ auth required pam_pwdfile.so pwdfile=/etc/dovecot/dovecot.passwd
+ @include common-account
+ @include common-session
+
+ -- Greg Norris <adric@debian.org> Wed, 16 Nov 2005 07:50:37 -0600
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..1ae7cde
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,119 @@
+libpam-pwdfile (0.99-5) unstable; urgency=low
+
+ * New Maintainer (Closes: #588877)
+ * debian/patches/regular_crypt: Use libc's crypt in the regular way to
+ support newer crypt types, esp. SHA2 based ones.
+ * Bump Standards-Version to 3.9.3.
+ * Bump dh compat level to 9.
+ * Enable Multi-Arch.
+ * Use source/format 3.0 (quilt).
+ * Move Makefile.Debian to debian/Makefile
+
+ -- Timo Weingärtner <timo@tiwe.de> Fri, 22 Jun 2012 10:35:36 +0200
+
+libpam-pwdfile (0.99-4) unstable; urgency=low
+
+ * Orphan this package (set maintainer to Debian QA Group).
+
+ -- Greg Norris <adric@debian.org> Mon, 12 Jul 2010 15:38:54 -0500
+
+libpam-pwdfile (0.99-3.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Link using gcc instead of ld (closes: #499203).
+ * Mark the pam_sm_* functions as __attribute__((visibility("default"))) and
+ build with -fvisibility=hidden.
+
+ -- Peter Palfrader <weasel@debian.org> Thu, 25 Sep 2008 12:50:11 +0200
+
+libpam-pwdfile (0.99-3) unstable; urgency=low
+
+ * Update doeumentation in README.Debian
+ * Updated to policy version 3.6.2 (no changes required)
+
+ -- Greg Norris <adric@debian.org> Wed, 16 Nov 2005 07:56:25 -0600
+
+libpam-pwdfile (0.99-2) unstable; urgency=low
+
+ * Include contrib/warwick_duncan-cyrus_without_system_accounts.txt under
+ /usr/share/doc/libpam-pwdfile.
+
+ -- Greg Norris <adric@debian.org> Mon, 22 Dec 2003 19:39:46 -0600
+
+libpam-pwdfile (0.99-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Greg Norris <adric@debian.org> Sat, 20 Dec 2003 14:36:09 -0600
+
+libpam-pwdfile (0.98-4) unstable; urgency=low
+
+ * Complete yesterday's pam_pwdfile.c update, in which I inadvertently omitted
+ a one-line change.
+
+ -- Greg Norris <adric@debian.org> Sat, 20 Dec 2003 13:53:24 -0600
+
+libpam-pwdfile (0.98-3) unstable; urgency=low
+
+ * Updated pam_pwdfile.c to distinguish between crypt and bigcrypt passwords,
+ and handle them appropriately. The patch has been forwarded upstream, and
+ Charl has indicated that it will be incorporated into the next release.
+ (closes: 220770)
+
+ -- Greg Norris <adric@debian.org> Fri, 19 Dec 2003 22:31:31 -0600
+
+libpam-pwdfile (0.98-2) unstable; urgency=low
+
+ * The previous upload failed because dpkg-buildpackage wanted to include
+ the source archive, but the existing file can't be overwritten. Bump the
+ revision number, and re-upload.
+
+ -- Greg Norris <adric@debian.org> Tue, 8 Jul 2003 21:17:49 -0500
+
+libpam-pwdfile (0.98-1) unstable; urgency=low
+
+ * Hijack this package, as the previous maintainer appears to have been
+ unreachable for quite some time. Guess I should have done this in the
+ first place. ;-)
+ * Miscellaneous updates to packaging files.
+
+ -- Greg Norris <adric@debian.org> Tue, 8 Jul 2003 18:10:15 -0500
+
+libpam-pwdfile (0.98-0.2) unstable; urgency=low
+
+ * NMU
+ * Build using -fPIC (closes: #200477)
+
+ -- Greg Norris <adric@debian.org> Tue, 8 Jul 2003 10:21:52 -0500
+
+libpam-pwdfile (0.98-0.1) unstable; urgency=low
+
+ * NMU
+ * New upstream release.
+ * Updated to policy version 3.5.10 (no changes required), in order to make
+ lintian happy.
+ * Removed obsolete call to dh_suidregister from debian/rules.
+
+ -- Greg Norris <adric@debian.org> Mon, 7 Jul 2003 20:20:12 -0500
+
+libpam-pwdfile (0.6-2) unstable; urgency=low
+
+ * Added debhelper to Build-Depends (Closes: Bug#77881).
+
+ -- Michael-John Turner <mj@debian.org> Fri, 24 Nov 2000 21:41:43 +0200
+
+libpam-pwdfile (0.6-1) unstable; urgency=low
+
+ * New upstream.
+
+ -- Michael-John Turner <mj@debian.org> Sat, 18 Nov 2000 21:24:03 +0200
+
+libpam-pwdfile (0.1-1) unstable; urgency=low
+
+ * Initial Release.
+
+ -- Michael-John Turner <mj@debian.org> Tue, 7 Dec 1999 12:02:43 +0200
+
+Local variables:
+mode: debian-changelog
+End:
diff --git a/debian/compat b/debian/compat
new file mode 100644
index 0000000..ec63514
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+9
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..ad49335
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,17 @@
+Source: libpam-pwdfile
+Section: admin
+Priority: extra
+Maintainer: Timo Weingärtner <timo@tiwe.de>
+Standards-Version: 3.9.3
+Build-Depends: debhelper (>= 9), dh-exec (>=0.3), libpam0g-dev
+Homepage: http://code.google.com/p/pam-pwdfile/
+
+Package: libpam-pwdfile
+Architecture: any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: PAM module allowing authentication via an /etc/passwd-like file
+ This PAM module lets you use an arbitrarily-named text file similar in
+ structure to /etc/passwd to authenticate users. It supports libc's crypt
+ plus md5crypt with a broken md5 and Digital UNIX's bigcrypt.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..331385f
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,33 @@
+This package was debianized by Michael-John Turner <mj@debian.org> on
+Tue, 7 Dec 1999 12:02:43 +0200. It is currently packaged by
+Greg Norris <adric@debian.org>.
+
+It was downloaded from http://cpbotha.net/pam_pwdfile.html
+
+Upstream Author: Charl P. Botha <cpbotha@ieee.org>
+
+Copyright:
+ Copyright (c) Charl P. Botha, 1999-2002. All rights reserved
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, and the entire permission notice in its entirety,
+ including the disclaimer of warranties.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the author may not be used to endorse or promote
+ products derived from this software without specific prior
+ written permission.
+
+ ALTERNATIVELY, this product may be distributed under the terms of
+ the GNU Public License, in which case the provisions of the GPL are
+ required INSTEAD OF the above restrictions. (This clause is
+ necessary due to a potential bad interaction between the GPL and
+ the restrictions contained in a BSD-style copyright.)
+
+On Debian GNU systems, a copy of the GNU GPL can be found in
+/usr/share/common-licenses/GPL
+
diff --git a/debian/gbp.conf b/debian/gbp.conf
new file mode 100644
index 0000000..a0dddf5
--- /dev/null
+++ b/debian/gbp.conf
@@ -0,0 +1,5 @@
+[DEFAULT]
+upstream-branch=master
+upstream-tag=v%(version)s
+debian-branch=debian
+pristine-tar=true
diff --git a/debian/libpam-pwdfile.dirs b/debian/libpam-pwdfile.dirs
new file mode 100755
index 0000000..5cd1ce0
--- /dev/null
+++ b/debian/libpam-pwdfile.dirs
@@ -0,0 +1,2 @@
+#!/usr/bin/dh-exec
+lib/${DEB_HOST_MULTIARCH}/security
diff --git a/debian/libpam-pwdfile.docs b/debian/libpam-pwdfile.docs
new file mode 100644
index 0000000..5c130d3
--- /dev/null
+++ b/debian/libpam-pwdfile.docs
@@ -0,0 +1,2 @@
+README
+contrib/warwick_duncan-cyrus_without_system_accounts.txt
diff --git a/debian/libpam-pwdfile.install b/debian/libpam-pwdfile.install
new file mode 100755
index 0000000..d0704c3
--- /dev/null
+++ b/debian/libpam-pwdfile.install
@@ -0,0 +1,2 @@
+#!/usr/bin/dh-exec
+pam_pwdfile.so lib/${DEB_HOST_MULTIARCH}/security/
diff --git a/debian/libpam-pwdfile.lintian-overrides b/debian/libpam-pwdfile.lintian-overrides
new file mode 100644
index 0000000..99542bc
--- /dev/null
+++ b/debian/libpam-pwdfile.lintian-overrides
@@ -0,0 +1,2 @@
+# spelling error came from upstream
+spelling-error-in-copyright GNU Public License GNU General Public License
diff --git a/debian/patches/regular_crypt b/debian/patches/regular_crypt
new file mode 100644
index 0000000..9895e33
--- /dev/null
+++ b/debian/patches/regular_crypt
@@ -0,0 +1,22 @@
+Description: Use libc's crypt in the regular way
+ * That should support newer crypt types.
+ * We do the check before the weird stuff but keep it to not break setups
+ using broken md5 hashing or bigcrypt.
+ * CRYPTED_BCPWD_LEN as an upper limit seems to be ok by now.
+Author: Timo Weingärtner <timo@tiwe.de>
+Forwarded: no
+Last-Update: 2012-06-20
+
+--- libpam-pwdfile-0.99.orig/pam_pwdfile.c
++++ libpam-pwdfile-0.99/pam_pwdfile.c
+@@ -348,6 +348,10 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+
+ temp_result = 0;
+
++ if (strcmp(crypt(password, stored_crypted_password), stored_crypted_password) == 0) {
++ D(_pam_log(LOG_ERR,"password matched using the systems crypt()"));
++ temp_result = 1;
++ }
+ /* Extract the salt and set the passwd length, depending on MD5 or DES */
+ if (strncmp(stored_crypted_password, "$1$", 3) == 0) {
+ D(_pam_log(LOG_ERR,"password hash type is 'md5'"));
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..fb3fb12
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1,2 @@
+visibility
+regular_crypt
diff --git a/debian/patches/visibility b/debian/patches/visibility
new file mode 100644
index 0000000..d121a1e
--- /dev/null
+++ b/debian/patches/visibility
@@ -0,0 +1,23 @@
+Description: Mark the pam_sm_* functions as __attribute__((visibility("default")))
+Author: Peter Palfrader <weasel@debian.org>
+Bug-Debian: http://bugs.debian.org/499203
+Last-Update: 2012-06-20
+
+--- libpam-pwdfile-0.99.orig/pam_pwdfile.c
++++ libpam-pwdfile-0.99/pam_pwdfile.c
+@@ -222,6 +222,7 @@
+ }
+
+ /* expected hook for auth service */
++__attribute__((visibility("default")))
+ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
+ int argc, const char **argv) {
+ int retval, pcnt, pwdfilename_found;
+@@ -408,6 +409,7 @@
+ }
+
+ /* another expected hook */
++__attribute__((visibility("default")))
+ PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags,
+ int argc, const char **argv)
+ {
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..9546ad8
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,12 @@
+#!/usr/bin/make -f
+
+%:
+ dh $@
+
+override_dh_auto_build:
+ $(MAKE) -f debian/Makefile
+
+override_dh_auto_clean:
+ $(MAKE) -f debian/Makefile extraclean
+
+override_dh_auto_install:
diff --git a/debian/source.lintian-overrides b/debian/source.lintian-overrides
new file mode 100644
index 0000000..0cd63ff
--- /dev/null
+++ b/debian/source.lintian-overrides
@@ -0,0 +1,3 @@
+# already in upstream tarball
+source-contains-cvs-control-dir contrib/CVS
+source-contains-cvs-control-dir CVS
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)