Raise pam-p11 from the deads

6 files changed, 90 insertions, 0 deletions

diff --git a/security/pam-p11/DESCR b/security/pam-p11/DESCR
new file mode 100644
index 00000000000..fdd3eff0e47
--- /dev/null
+++ b/security/pam-p11/DESCR
@@ -0,0 +1,9 @@
+Pam_p11 is a plugable authentication module (PAM) package for using
+crpytographic PKCS#11 tokens such as smart cards and usb crypto
+tokens for local authentication.
+
+Pam_p11 implements two authentication modules:
+* pam_p11_openssh authenticates the user against public keys found
+in OpenSSH ~/.ssh/authorized_keys file.
+* pam_p11_opensc authenticates the user against certificates found
+in ~/.eid/authorized_certificates.
diff --git a/security/pam-p11/Makefile b/security/pam-p11/Makefile
new file mode 100644
index 00000000000..405e7183e0d
--- /dev/null
+++ b/security/pam-p11/Makefile
@@ -0,0 +1,25 @@
+# $NetBSD: Makefile,v 1.3 2010/07/14 07:13:59 manu Exp $
+#
+
+DISTNAME=	pam_p11-0.1.5
+CATEGORIES=	security
+MASTER_SITES=	http://www.opensc-project.org/files/pam_p11/
+
+MAINTAINER=	pkgsrc-users@NetBSD.org
+HOMEPAGE=	http://www.opensc-project.org/files/pam_p11/
+COMMENT=	Smart card PAM module
+LICENSE=	gnu-lgpl-v2.1
+
+PKG_DESTDIR_SUPPORT=	user-destdir
+USE_LIBTOOL=		yes
+GNU_CONFIGURE=		yes
+USE_TOOLS+=		gmake pkg-config
+
+.include "../../security/openssl/buildlink3.mk"
+.include "../../security/libp11/buildlink3.mk"
+.include "../../mk/pam.buildlink3.mk"
+
+GNU_CONFIGURE=	yes
+USE_LIBTOOL=	yes
+
+.include "../../mk/bsd.pkg.mk"
diff --git a/security/pam-p11/PLIST b/security/pam-p11/PLIST
new file mode 100644
index 00000000000..e50d7e54204
--- /dev/null
+++ b/security/pam-p11/PLIST
@@ -0,0 +1,3 @@
+@comment $NetBSD: PLIST,v 1.3 2010/07/14 07:13:59 manu Exp $
+lib/security/pam_p11_openssh.so
+lib/security/pam_p11_opensc.so
diff --git a/security/pam-p11/distinfo b/security/pam-p11/distinfo
new file mode 100644
index 00000000000..5cf1c72d452
--- /dev/null
+++ b/security/pam-p11/distinfo
@@ -0,0 +1,7 @@
+$NetBSD: distinfo,v 1.3 2010/07/14 07:13:59 manu Exp $
+
+SHA1 (pam_p11-0.1.5.tar.gz) = 4ff838140e452c84143445dcf6a3f158009b83b0
+RMD160 (pam_p11-0.1.5.tar.gz) = 57930c4b93182dd36cd2a1c81231638f813b47d2
+Size (pam_p11-0.1.5.tar.gz) = 348181 bytes
+SHA1 (patch-aa) = c82f6de3fdb094601f5250280c7a5727d41d983d
+SHA1 (patch-ab) = 701f8e878f928c98f0037b363099f9c12ece429e
diff --git a/security/pam-p11/patches/patch-aa b/security/pam-p11/patches/patch-aa
new file mode 100644
index 00000000000..021e5b6dd47
--- /dev/null
+++ b/security/pam-p11/patches/patch-aa
@@ -0,0 +1,15 @@
+$NetBSD: patch-aa,v 1.3 2010/07/14 07:14:29 manu Exp $
+--- src/test.c.orig	2010-06-25 16:25:28.000000000 +0200
++++ src/test.c	2010-06-25 16:25:39.000000000 +0200
+@@ -1,9 +1,11 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ 
+ #include <security/pam_appl.h>
++#ifndef OPENPAM
+ #include <security/pam_misc.h>
++#endif /* OPENPAM */
+ #include <security/pam_modules.h>
+ 
+ int main(int argc, char **argv)
+ {
diff --git a/security/pam-p11/patches/patch-ab b/security/pam-p11/patches/patch-ab
new file mode 100644
index 00000000000..659a98f38ce
--- /dev/null
+++ b/security/pam-p11/patches/patch-ab
@@ -0,0 +1,31 @@
+$NetBSD: patch-ab,v 1.3 2010/07/14 07:14:29 manu Exp $
+--- src/pam_p11.c.orig	2010-06-29 08:56:07.000000000 +0200
++++ src/pam_p11.c	2010-06-29 09:05:03.000000000 +0200
+@@ -21,10 +21,16 @@
+ #include <sys/stat.h>
+ #include <fcntl.h>
+ #include <unistd.h>
+ 
++#include <openssl/sha.h>
++
+ #include <libp11.h>
+ 
++#ifdef __NetBSD__
++#define NO_STATIC_MODULES
++#endif
++
+ /* We have to make this definitions before we include the pam header files! */
+ #define PAM_SM_AUTH
+ #define PAM_SM_ACCOUNT
+ #define PAM_SM_SESSION
+@@ -43,9 +49,9 @@
+ 
+ #define LOGNAME   "pam_p11"	/* name for log-file entries */
+ 
+ #define RANDOM_SOURCE "/dev/urandom"
+-#define RANDOM_SIZE 128
++#define RANDOM_SIZE SHA_DIGEST_LENGTH
+ #define MAX_SIGSIZE 256
+ 
+ extern int match_user(X509 * x509, const char *login);
+