svn commit: r418200 - in head: . security security/otpw security/otpw/files

Jung-uk Kim jkim at FreeBSD.org
Thu Jul 7 22:15:37 UTC 2016 

Author: jkim
Date: Thu Jul  7 22:15:35 2016
New Revision: 418200
URL: https://svnweb.freebsd.org/changeset/ports/418200

Log:
  OTPW is a one-time password system which is robust against the password
  list being stolen and race for the last digit attacks.
  
  WWW: https://www.cl.cam.ac.uk/~mgk25/otpw.html

Added:
  head/security/otpw/
  head/security/otpw/Makefile   (contents, props changed)
  head/security/otpw/distinfo   (contents, props changed)
  head/security/otpw/files/
  head/security/otpw/files/patch-Makefile   (contents, props changed)
  head/security/otpw/files/patch-otpw.c   (contents, props changed)
  head/security/otpw/files/patch-pam__otpw.c   (contents, props changed)
  head/security/otpw/pkg-descr   (contents, props changed)
  head/security/otpw/pkg-plist   (contents, props changed)
Modified:
  head/GIDs
  head/UIDs
  head/security/Makefile

Modified: head/GIDs
==============================================================================
--- head/GIDs	Thu Jul  7 20:58:23 2016	(r418199)
+++ head/GIDs	Thu Jul  7 22:15:35 2016	(r418200)
@@ -105,6 +105,7 @@ polipo:*:173:
 flowtools:*:174:
 twms:*:175:
 mlvpn:*:176:
+otpw:*:178:
 gdnsd:*:179:
 rt:*:180:
 nagios:*:181:

Modified: head/UIDs
==============================================================================
--- head/UIDs	Thu Jul  7 20:58:23 2016	(r418199)
+++ head/UIDs	Thu Jul  7 22:15:35 2016	(r418200)
@@ -111,6 +111,7 @@ polipo:*:173:173::0:0:polipo web cache:/
 flowtools:*:174:174::0:0:Flow-tools collector pseudo-user:/nonexistent:/usr/sbin/nologin
 twms:*:175:175::0:0:tWMS pseudo-user:/nonexistent:/usr/sbin/nologin
 mlvpn:*:176:176::0:0:mlVPN pseudo-user:/var/run/mlvpn:/usr/sbin/nologin
+otpw:*:178:178::0:0:OTPW pseudouser:/var/lib/otpw:/usr/sbin/nologin
 gdnsd:*:179:179::0:0:gDNSd pseudo-user:/nonexistent:/usr/sbin/nologin
 nagios:*:181:181::0:0:Nagios pseudo-user:/var/spool/nagios:/usr/sbin/nologin
 noc:*:182:182::0:0:NOC pseudo-user:/usr/local/noc:/bin/sh

Modified: head/security/Makefile
==============================================================================
--- head/security/Makefile	Thu Jul  7 20:58:23 2016	(r418199)
+++ head/security/Makefile	Thu Jul  7 22:15:35 2016	(r418200)
@@ -430,6 +430,7 @@
     SUBDIR += ossec-hids-local
     SUBDIR += ossec-hids-server
     SUBDIR += osslsigncode
+    SUBDIR += otpw
     SUBDIR += outguess
     SUBDIR += p11-kit
     SUBDIR += p5-Apache-Htpasswd

Added: head/security/otpw/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/otpw/Makefile	Thu Jul  7 22:15:35 2016	(r418200)
@@ -0,0 +1,28 @@
+# $FreeBSD$
+
+PORTNAME=	otpw
+PORTVERSION=	1.5
+CATEGORIES=	security
+MASTER_SITES=	https://www.cl.cam.ac.uk/~mgk25/download/ \
+		LOCAL/jkim
+
+MAINTAINER=	jkim at FreeBSD.org
+COMMENT=	One-time password login package by Markus Kuhn
+
+LICENSE=	GPLv2+
+
+GROUPS=		${PORTNAME}
+USERS=		${PORTNAME}
+
+MAKE_ARGS=	CC="${CC}"
+USES=		gmake
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/otpw-gen ${STAGEDIR}${PREFIX}/bin
+	${INSTALL_LIB} ${WRKSRC}/pam_otpw.so ${STAGEDIR}${PREFIX}/lib
+	${INSTALL_MAN} ${WRKSRC}/otpw-gen.1.gz \
+	    ${STAGEDIR}${MANPREFIX}/man/man1
+	${INSTALL_MAN} ${WRKSRC}/pam_otpw.8.gz \
+	    ${STAGEDIR}${MANPREFIX}/man/man8
+
+.include <bsd.port.mk>

Added: head/security/otpw/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/otpw/distinfo	Thu Jul  7 22:15:35 2016	(r418200)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1467921387
+SHA256 (otpw-1.5.tar.gz) = 98aca38a61c7713677b96f24426ca7053480c0fd077d91b1e99bc9f92ccb832a
+SIZE (otpw-1.5.tar.gz) = 45725

Added: head/security/otpw/files/patch-Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/otpw/files/patch-Makefile	Thu Jul  7 22:15:35 2016	(r418200)
@@ -0,0 +1,26 @@
+--- Makefile.orig	2014-08-07 19:21:15 UTC
++++ Makefile
+@@ -7,12 +7,12 @@
+ VERSION=1.5
+ 
+ CC=gcc
+-CFLAGS=-O -ggdb -W -Wall -Wno-unused-result -fPIC
++CFLAGS+=-fPIC
+ 
+ %.gz: %
+ 	gzip -9c $< >$@
+ 
+-TARGETS=otpw-gen demologin pam_otpw.so pam_otpw.8.gz otpw-gen.1.gz
++TARGETS=otpw-gen pam_otpw.so pam_otpw.8.gz otpw-gen.1.gz
+ 
+ all: $(TARGETS)
+ 
+@@ -28,7 +28,7 @@ rmd160.o: rmd160.c rmd160.h
+ otpw-l.o: otpw-l.c otpw.c otpw.h md.h
+ pam_otpw.o: pam_otpw.c otpw.h md.h
+ pam_otpw.so: pam_otpw.o otpw-l.o rmd160.o md.o
+-	ld --shared -o $@ $+ -lcrypt -lpam -lpam_misc
++	${LD} --shared -o $@ $+ -lcrypt -lpam
+ 
+ distribution:
+ 	git archive --prefix otpw-$(VERSION)/ -o otpw-$(VERSION).tar.gz v$(VERSION)

Added: head/security/otpw/files/patch-otpw.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/otpw/files/patch-otpw.c	Thu Jul  7 22:15:35 2016	(r418200)
@@ -0,0 +1,11 @@
+--- otpw.c.orig	2014-08-07 19:21:15 UTC
++++ otpw.c
+@@ -68,7 +68,7 @@ static struct otpw_pwdbuf *otpw_malloc_p
+   
+   buflen = sysconf(_SC_GETPW_R_SIZE_MAX); /* typical value: 1024 */
+   /* fprintf(stderr, "_SC_GETPW_R_SIZE_MAX = %ld\n", buflen); */
+-  if (buflen < 0) return NULL;
++  if (buflen < 0) buflen = 1024;
+   p = (struct otpw_pwdbuf *) malloc(sizeof(struct otpw_pwdbuf) + buflen);
+   if (p) p->buflen = buflen;
+   return p;

Added: head/security/otpw/files/patch-pam__otpw.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/otpw/files/patch-pam__otpw.c	Thu Jul  7 22:15:35 2016	(r418200)
@@ -0,0 +1,26 @@
+--- pam_otpw.c.orig	2014-08-07 19:21:15 UTC
++++ pam_otpw.c
+@@ -25,6 +25,9 @@
+ #define PAM_SM_AUTH
+ #define PAM_SM_SESSION
+ #include <security/pam_modules.h>
++#ifdef OPENPAM
++#include <security/pam_appl.h>
++#endif
+ 
+ #include "otpw.h"
+ 
+@@ -226,8 +229,13 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+   
+   /* get user name */
+   retval = pam_get_user(pamh, &username, "login: ");
++#ifdef OPENPAM
++  if (retval == PAM_CONV_ERR)
++    return PAM_CONV_ERR;
++#else
+   if (retval == PAM_CONV_AGAIN)
+     return PAM_INCOMPLETE;
++#endif
+   else if (retval != PAM_SUCCESS) {
+     log_message(LOG_NOTICE, pamh, "no username provided");
+     return PAM_USER_UNKNOWN;

Added: head/security/otpw/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/otpw/pkg-descr	Thu Jul  7 22:15:35 2016	(r418200)
@@ -0,0 +1,4 @@
+OTPW is a one-time password system which is robust against the password
+list being stolen and race for the last digit attacks.
+
+WWW: https://www.cl.cam.ac.uk/~mgk25/otpw.html

Added: head/security/otpw/pkg-plist
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/otpw/pkg-plist	Thu Jul  7 22:15:35 2016	(r418200)
@@ -0,0 +1,4 @@
+@(otpw,otpw,4555) bin/otpw-gen
+lib/pam_otpw.so
+man/man1/otpw-gen.1.gz
+man/man8/pam_otpw.8.gz

More information about the svn-ports-head mailing list