rpms/pam_pkcs11/devel pam_pkcs11-0.5.2-badstatic.patch, NONE, 1.1 pam_pkcs11-0.5.2-pki.patch, NONE, 1.1 pam_pkcs11.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
Tom Callaway (spot)
fedora-extras-commits at redhat.com
Mon Aug 29 03:15:29 UTC 2005
Author: spot
Update of /cvs/extras/rpms/pam_pkcs11/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12760/devel
Modified Files:
.cvsignore sources
Added Files:
pam_pkcs11-0.5.2-badstatic.patch pam_pkcs11-0.5.2-pki.patch
pam_pkcs11.spec
Log Message:
auto-import pam_pkcs11-0.5.2-2 on branch devel from pam_pkcs11-0.5.2-2.src.rpm
pam_pkcs11-0.5.2-badstatic.patch:
--- NEW FILE pam_pkcs11-0.5.2-badstatic.patch ---
--- pam_pkcs11-0.5.2/src/mappers/mapper.h.BAD 2005-08-17 17:00:22.000000000 -0500
+++ pam_pkcs11-0.5.2/src/mappers/mapper.h 2005-08-17 17:00:56.000000000 -0500
@@ -127,7 +127,7 @@
* provided as sample for debugging, not for real user
*/
#define _DEFAULT_MAPPER_FIND_ENTRIES \
-static char ** mapper_find_entries(X509 *x509) { \
+char ** mapper_find_entries(X509 *x509) { \
return NULL; \
}
@@ -136,7 +136,7 @@
* Should not be used except for debugging, as allways returns "nobody"
*/
#define _DEFAULT_MAPPER_FIND_USER \
-static char * mapper_find_user(X509 *x509) { \
+char * mapper_find_user(X509 *x509) { \
if ( !x509 ) return NULL; \
return "nobody"; \
}
@@ -150,7 +150,7 @@
* -1 on error
*/
#define _DEFAULT_MAPPER_MATCH_USER \
-static int mapper_match_user(X509 *x509, const char *login) { \
+int mapper_match_user(X509 *x509, const char *login) { \
char *username= mapper_find_user(x509); \
if (!x509) return -1; \
if (!login) return -1; \
pam_pkcs11-0.5.2-pki.patch:
--- NEW FILE pam_pkcs11-0.5.2-pki.patch ---
--- pam_pkcs11-0.5.2/src/pam_pkcs11/pam_config.c.BAD 2005-08-17 16:52:59.000000000 -0500
+++ pam_pkcs11-0.5.2/src/pam_pkcs11/pam_config.c 2005-08-17 16:53:56.000000000 -0500
@@ -32,7 +32,7 @@
*/
struct configuration_st configuration = {
- "/etc/pam_pkcs11/pam_pkcs11.conf", /* char * config_file; */
+ "/etc/pki/pam_pkcs11/pam_pkcs11.conf", /* char * config_file; */
NULL, /* scconf_context *ctx; */
0, /* int debug; */
0, /* int nullok; */
@@ -40,10 +40,10 @@
0, /* int use_first_pass; */
0, /* int use_authok; */
"default", /* const char *pkcs11_module; */
- "/etc/pam_pkcs11/pkcs11_module.so", /* const char *pkcs11_module_path; */
+ "/usr/lib/pam_pkcs11/pkcs11_module.so", /* const char *pkcs11_module_path; */
0, /* int slot_num; */
- "/etc/pam_pkcs11/cacerts", /* const char *ca_dir; */
- "/etc/pam_pkcs11/crls", /*const char *crl_dir; */
+ "/etc/pki/pam_pkcs11/cacerts", /* const char *ca_dir; */
+ "/etc/pki/pam_pkcs11/crls", /*const char *crl_dir; */
CRLP_NONE, /* int crl_policy; */
NULL /* char *username */
};
--- pam_pkcs11-0.5.2/etc/pam_pkcs11.conf.example.BAD 2005-08-17 17:15:39.000000000 -0500
+++ pam_pkcs11-0.5.2/etc/pam_pkcs11.conf.example 2005-08-17 17:16:52.000000000 -0500
@@ -99,7 +99,7 @@
debug = false;
module = /usr/lib/pam_pkcs11/subject_mapper.so;
ignorecase = false;
- mapfile = file:///etc/pam_pkcs11/subject_mapping;
+ mapfile = file:///etc/pki/pam_pkcs11/subject_mapping;
}
# Search public keys from $HOME/.ssh/authorized_keys to match users
@@ -130,7 +130,7 @@
debug = false;
module = /usr/lib/pam_pkcs11/ldap_mapper.so;
# where base directory resides
- basedir = /etc/pam_pkcs11/mapdir;
+ basedir = /etc/pki/pam_pkcs11/mapdir;
}
# Assume common name (CN) to be the login
@@ -148,7 +148,7 @@
module = /usr/lib/pam_pkcs11/mail_mapper.so;
# Declare mapfile or
# leave empty "" or "none" to use no map
- mapfile = file:///etc/pam_pkcs11/mail_mapping;
+ mapfile = file:///etc/pki/pam_pkcs11/mail_mapping;
# Some certs store email in uppercase. take care on this
ignorecase = true;
# Also check that host matches mx domain
@@ -191,7 +191,7 @@
# Select one of:
# "null","md2","md4","md5","sha","sha1","dss","dss1","ripemd160"
algorithm = "sha1";
- mapfile = file:///etc/pam_pkcs11/digest_mapping;
+ mapfile = file:///etc/pki/pam_pkcs11/digest_mapping;
# mapfile = "none";
}
}
--- pam_pkcs11-0.5.2/etc/pam_pkcs11.conf.example.BAD 2005-08-28 20:15:35.000000000 -0500
+++ pam_pkcs11-0.5.2/etc/pam_pkcs11.conf.example 2005-08-28 20:15:59.000000000 -0500
@@ -36,13 +36,13 @@
# Path to the directory where the CA certificates are stored. The
# directory must contain an openssl hash-link to each certificate.
- # The default value is /etc/pam_pkcs11/cacerts.
- ca_dir = /etc/pam_pkcs11/cacerts;
+ # The default value is /etc/pki/pam_pkcs11/cacerts.
+ ca_dir = /etc/pki/pam_pkcs11/cacerts;
# Path to the directory where the CRLs are stored. The directory
# must contain an openssl hash-link to each CRL. The default value
- # is /etc/pam_pkcs11/crls.
- crl_dir = /etc/pam_pkcs11/crls;
+ # is /etc/pki/pam_pkcs11/crls.
+ crl_dir = /etc/pki/pam_pkcs11/crls;
# Sets the CRL verification policy. None performs no verification
# at all, online downloads the CRL form the location given by the
@@ -61,8 +61,8 @@
module = /usr/lib/pam_pkcs11/pkcs11_module.so;
description = "Default pkcs#11 module";
slot_num = 0;
- ca_dir = /etc/pam_pkcs11/cacerts;
- crl_dir = /etc/pam_pkcs11/crls;
+ ca_dir = /etc/pki/pam_pkcs11/cacerts;
+ crl_dir = /etc/pki/pam_pkcs11/crls;
crl_policy = none;
}
--- NEW FILE pam_pkcs11.spec ---
Name: pam_pkcs11
Version: 0.5.2
Release: 2%{?dist}
Summary: PKCS #11 PAM login module
Group: System Environment/Base
License: LGPL
URL: http://www.opensc.org/pam_pkcs11
Source0: http://oasis.dit.upm.es/~jantonio/pam-pkcs11/downloads/%{name}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Patch0: pam_pkcs11-0.5.2-pki.patch
Patch1: pam_pkcs11-0.5.2-badstatic.patch
BuildRequires: pam-devel, openssl-devel, openldap-devel
%{?_with_curl:BuildRequires: curl-devel}
BuildRequires: libxslt docbook-style-xsl
Provides: pkcs11_login = %{version}-%{release}
%description
This Linux-PAM login module allows a X.509 certificate based user
login. The certificate and its dedicated private key are thereby
accessed by means of an appropriate PKCS #11 module. For the
verification of the users' certificates, locally stored CA
certificates as well as either online or locally accessible CRLs are
used.
%package tools
Group: Applications/System
Summary: Companion tools for pam_pkcs11
BuildRequires: pcsc-lite-devel
Requires: pcsc-lite
Requires: %{name} = %{version}-%{release}
Provides: pkcs11_login-tools = %{version}-%{release}
%description tools
This package contains several pam_pkcs11 related tools
- card_eventmgr: Generate card insert/removal events (pcsc-lite based)
- pkcs11_eventmgr: Generate actions on card insert/removal/timeout events
- pklogin_finder: Get the loginname that maps to a certificate
- pkcs11_inspect: Inspect the contents of a certificate
%prep
%setup -q
%patch0 -p1
%patch1 -p1
# 64bit arches
%ifarch ia64 sparc64 alpha ppc64 x86_64
for i in etc/pam_pkcs11.conf.example etc/pkcs11_eventmgr.conf.example etc/pam.d_login.example src/pam_pkcs11/pam_config.c src/tools/pkcs11_eventmgr.c; do
sed -i 's/usr\/lib/usr\/lib64/g' $i
done
%endif
%build
%configure --disable-dependency-tracking %{?_with_curl}
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT
# Nuke the static and libtool bits
rm -rf $RPM_BUILD_ROOT%{_libdir}/pam_pkcs11/*.*a
# 64 bit correction
%ifarch ia64 sparc64 alpha ppc64 x86_64
mv $RPM_BUILD_ROOT/lib $RPM_BUILD_ROOT/lib64
%endif
# Nuke %{_datadir}/pam_pkcs11
rm -rf $RPM_BUILD_ROOT%{_datadir}/pam_pkcs11
# Hardcoded defaults... no sysconfdir
mkdir -p $RPM_BUILD_ROOT/etc/pki/pkcs11/mapdir
install -dm 755 $RPM_BUILD_ROOT/etc/pki/pkcs11/cacerts
install -dm 755 $RPM_BUILD_ROOT/etc/pki/pkcs11/crls
install -m 644 etc/pam_pkcs11.conf.example $RPM_BUILD_ROOT/etc/pki/pkcs11/pam_pkcs11.conf
install -m 644 etc/card_eventmgr.conf.example $RPM_BUILD_ROOT/etc/pki/pkcs11/card_eventmgr.conf
install -m 644 etc/pkcs11_eventmgr.conf.example $RPM_BUILD_ROOT/etc/pki/pkcs11/pkcs11_eventmgr.conf
install -m 644 etc/digest_mapping.example $RPM_BUILD_ROOT/etc/pki/pkcs11/digest_mapping
install -m 644 etc/mail_mapping.example $RPM_BUILD_ROOT/etc/pki/pkcs11/mail_mapping
install -m 644 etc/subject_mapping.example $RPM_BUILD_ROOT/etc/pki/pkcs11/subject_mapping
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root,-)
%doc AUTHORS COPYING README TODO ChangeLog NEWS
%doc docs/pam_pkcs11.html
%doc docs/README.autologin
%doc docs/README.mappers
%doc etc/pam.d_login.example
%dir %{_sysconfdir}/pki/pkcs11
%config(noreplace) %{_sysconfdir}/pki/pkcs11/cacerts
%config(noreplace) %{_sysconfdir}/pki/pkcs11/crls
%config(noreplace) %{_sysconfdir}/pki/pkcs11/pam_pkcs11.conf
%config(noreplace) %{_sysconfdir}/pki/pkcs11/digest_mapping
%config(noreplace) %{_sysconfdir}/pki/pkcs11/mail_mapping
%config(noreplace) %{_sysconfdir}/pki/pkcs11/subject_mapping
%{_bindir}/make_hash_link.sh
%{_libdir}/pam_pkcs11/
/%{_lib}/security/pam_pkcs11.so
%{_mandir}/man8/*
%files tools
%defattr(-,root,root,-)
%dir %{_sysconfdir}/pki/pkcs11
%config(noreplace) %{_sysconfdir}/pki/pkcs11/card_eventmgr.conf
%config(noreplace) %{_sysconfdir}/pki/pkcs11/pkcs11_eventmgr.conf
%{_bindir}/card_eventmgr
%{_bindir}/pkcs11_eventmgr
%{_bindir}/pklogin_finder
%{_bindir}/pkcs11_inspect
%{_mandir}/man1/card_eventmgr.1.gz
%{_mandir}/man1/pkcs11_eventmgr.1.gz
%{_mandir}/man1/pkcs11_inspect.1.gz
%{_mandir}/man1/pklogin_finder.1.gz
%doc docs/README.eventmgr
%changelog
* Sun Aug 28 2005 Tom "spot" Callaway <tcallawa at redhat.com> 0.5.2-2
- don't need the datadir
- 64bit fixups
- Use /usr/lib(64)/pam_pkcs11/pkcs11_module.so
- add defattr to tools
* Wed Aug 17 2005 Tom "spot" Callaway <tcallawa at redhat.com> 0.5.2-1
- bump to 0.5.2
- fix license
- remove BR:automake
- own directories
- use /etc/pki
- use --disable-static
* Sat Aug 13 2005 Tom "spot" Callaway <tcallawa at redhat.com> 0.5.1-1
- minor cleanups (and naming change) for Fedora Extras
* Thu Apr 7 2005 Juan Antonio Martinez <jonsito at teleline.es 0:0.5.1-0
- patches to avoid autotools in compile from tgz
* Thu Mar 29 2005 Juan Antonio Martinez <jonsito at teleline.es 0:0.5-1
- upgrade to 0.5beta1 version
- BuildRequires now complains compilation of html manual from xml file
* Thu Feb 28 2005 Juan Antonio Martinez <jonsito at teleline.es> 0:0.4.4-2
- New pkcs11_eventmgr app in "tools" package
* Thu Feb 24 2005 Juan Antonio Martinez <jonsito at teleline.es> 0:0.4.4-1
- Fix pcsc-lite dependencies
* Thu Feb 15 2005 Juan Antonio Martinez <jonsito at teleline.es> 0:0.4.4-0
- Update to 0.4.4b2
* Sun Sep 12 2004 Ville Skyttä <ville.skytta at iki.fi> - 0:0.3b-0.fdr.1
- Update to 0.3b.
- Disable dependency tracking to speed up the build.
* Tue May 4 2004 Ville Skyttä <ville.skytta at iki.fi> - 0:0.3-0.fdr.1
- Update to 0.3.
- Do not use libcurl by default; rebuild using "--with curl" to use it.
* Mon Mar 29 2004 Ville Skyttä <ville.skytta at iki.fi> - 0:0.2-0.fdr.1
- Update to 0.2.
- Use libcurl by default; rebuild using "--without curl" to disable.
* Wed Jan 21 2004 Ville Skyttä <ville.skytta at iki.fi> - 0:0.1-0.fdr.0.2.beta5
- Add the user_mapping config file.
* Mon Jan 19 2004 Ville Skyttä <ville.skytta at iki.fi> - 0:0.1-0.fdr.0.1.beta5
- First build.
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/pam_pkcs11/devel/.cvsignore,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- .cvsignore 29 Aug 2005 03:14:48 -0000 1.1
+++ .cvsignore 29 Aug 2005 03:15:27 -0000 1.2
@@ -0,0 +1 @@
+pam_pkcs11-0.5.2.tar.gz
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/pam_pkcs11/devel/sources,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sources 29 Aug 2005 03:14:48 -0000 1.1
+++ sources 29 Aug 2005 03:15:27 -0000 1.2
@@ -0,0 +1 @@
+5b5c6ac1c718297fa250d8a5b6e7cb82 pam_pkcs11-0.5.2.tar.gz
More information about the scm-commits
mailing list