ports/176264: [PATCH] security/pam_ssh_agent_auth breaks PAM
Constantin Stefanov
cstef at parallel.ru
Tue Feb 19 14:40:01 UTC 2013
>Number: 176264
>Category: ports
>Synopsis: [PATCH] security/pam_ssh_agent_auth breaks PAM
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Feb 19 14:40:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Constantin Stefanov
>Release: 9.1-RELEASE
>Organization:
RCC MSU
>Environment:
FreeBSD hosting.srcc.msu.ru 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec 4 09:23:10 UTC 2012 root at farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
After upgrading to pam_ssh_agent_auth-0.9.4 (security/pam_ssh_agent_auth) any program using it as PAM module (sudo in my case) fails to initialize PAM. The cause is that pam_ssh_user_agent.so want some external symbols which are not defined anywhere. These symbols like pamsshagentauth___b64_ntop should be defined and reference correct variant, but that does not happen.
The attached patch (which should be placed into /usr/ports/security/pam_ssh_agent_auth/files fixes the problem, defining necessary functions.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
diff -ur openbsd-compat/base64.h openbsd-compat/base64.h
--- openbsd-compat/base64.h 2013-02-19 17:52:53.000000000 +0400
+++ openbsd-compat/base64.h 2013-02-19 17:49:44.000000000 +0400
@@ -54,6 +54,7 @@
# endif /* !HAVE_B64_NTOP */
# define pamsshagentauth___b64_ntop(a,b,c,d) b64_ntop(a,b,c,d)
#endif /* HAVE___B64_NTOP */
+#define pamsshagentauth___b64_ntop(a,b,c,d) __b64_ntop(a,b,c,d)
#ifndef HAVE___B64_PTON
# ifndef HAVE_B64_PTON
@@ -61,5 +62,6 @@
# endif /* !HAVE_B64_PTON */
# define pamsshagentauth___b64_pton(a,b,c) b64_pton(a,b,c)
#endif /* HAVE___B64_PTON */
+#define pamsshagentauth___b64_pton(a,b,c) __b64_pton(a,b,c)
#endif /* _BSD_BASE64_H */
diff -ur openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-arc4random.c
--- openbsd-compat/bsd-arc4random.c 2012-06-28 05:47:49.000000000 +0400
+++ openbsd-compat/bsd-arc4random.c 2013-02-19 18:02:38.000000000 +0400
@@ -82,4 +82,17 @@
rc4_ready = REKEY_BYTES;
}
+#else /* HAVE_ARC4RANDOM */
+
+unsigned int
+pamsshagentauth_arc4random(void)
+{
+ return arc4random();
+}
+
+void
+pamsshagentauth_arc4random_stir(void)
+{
+ arc4random_stir();
+}
#endif /* !HAVE_ARC4RANDOM */
diff -ur openbsd-compat/strlcat.c openbsd-compat/strlcat.c
--- openbsd-compat/strlcat.c 2012-06-28 05:47:49.000000000 +0400
+++ openbsd-compat/strlcat.c 2013-02-19 18:03:34.000000000 +0400
@@ -59,4 +59,10 @@
return(dlen + (s - src)); /* count does not include NUL */
}
+#else /* HAVE_STRLCAT */
+size_t
+pamsshagentauth_strlcat(char *dst, const char *src, size_t siz)
+{
+ return strlcat(dst, src, siz);
+}
#endif /* !HAVE_STRLCAT */
diff -ur openbsd-compat/strlcpy.c openbsd-compat/strlcpy.c
--- openbsd-compat/strlcpy.c 2012-06-28 05:47:49.000000000 +0400
+++ openbsd-compat/strlcpy.c 2013-02-19 18:04:18.000000000 +0400
@@ -55,4 +55,10 @@
return(s - src - 1); /* count does not include NUL */
}
+#else /* HAVE_STRLCPY */
+size_t
+pamsshagentauth_strlcpy(char *dst, const char *src, size_t siz)
+{
+ return strlcpy(dst, src, siz);
+}
#endif /* !HAVE_STRLCPY */
diff -ur openbsd-compat/strtonum.c openbsd-compat/strtonum.c
--- openbsd-compat/strtonum.c 2012-06-28 05:47:49.000000000 +0400
+++ openbsd-compat/strtonum.c 2013-02-19 18:05:16.000000000 +0400
@@ -69,4 +69,11 @@
return (ll);
}
-#endif /* HAVE_STRTONUM */
+#else /* HAVE_STRTONUM */
+long long
+pamsshagentauth_strtonum(const char *numstr, long long minval, long long maxval,
+ const char **errstrp)
+{
+ return strtonum(numstr, minval, maxval, errstrp);
+}
+#endif /* i!HAVE_STRTONUM */
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list