Hello community,
here is the log from the commit of package pam_yubico for openSUSE:Factory checked in at 2016-04-28 16:56:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pam_yubico (Old)
and /work/SRC/openSUSE:Factory/.pam_yubico.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam_yubico"
Changes:
--------
--- /work/SRC/openSUSE:Factory/pam_yubico/pam_yubico.changes 2015-10-14 16:44:30.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.pam_yubico.new/pam_yubico.changes 2016-04-28 17:02:03.000000000 +0200
@@ -1,0 +2,8 @@
+Mon Apr 25 20:18:57 UTC 2016 - t.gruner@katodev.de
+
+- Version 2.21 (released 2016-02-19)
+ - Add proxy support for yubico-c-client.
+ - Check that conv is set before trying to use it fixes a crash bug with the osx loginwindow.
+ - Add building of a mac installer.
+
+-------------------------------------------------------------------
Old:
----
pam_yubico-2.20.tar.gz
pam_yubico-2.20.tar.gz.sig
New:
----
pam_yubico-2.21.tar.gz
pam_yubico-2.21.tar.gz.sig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pam_yubico.spec ++++++
--- /var/tmp/diff_new_pack.YVmOPM/_old 2016-04-28 17:02:05.000000000 +0200
+++ /var/tmp/diff_new_pack.YVmOPM/_new 2016-04-28 17:02:05.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package pam_yubico
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: pam_yubico
-Version: 2.20
+Version: 2.21
Release: 0
Summary: Yubico Pluggable Authentication Module (PAM)
License: BSD-2-Clause
++++++ pam_yubico-2.20.tar.gz -> pam_yubico-2.21.tar.gz ++++++
++++ 2185 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/ChangeLog new/pam_yubico-2.21/ChangeLog
--- old/pam_yubico-2.20/ChangeLog 2015-09-22 08:14:23.000000000 +0200
+++ new/pam_yubico-2.21/ChangeLog 2016-02-19 12:18:10.000000000 +0100
@@ -1,3 +1,75 @@
+2016-02-19 Klas Lindfors
+
+ * NEWS: NEWS for 2.21
+
+2016-02-17 Klas Lindfors
+
+ * mac.mk: add first stab at makefile for mac installer fixes #76
+
+2016-02-17 Klas Lindfors
+
+ * pam_yubico.c, util.c: pass cfg->debug to check_firmware_version()
+ and let it use D macro
+
+2016-02-16 Klas Lindfors
+
+ * : Merge pull request #88 from
+ shankerwangmiao/bug-fix-for-null-conv add check for NULL conv
+
+2015-11-16 Klas Lindfors
+
+ * : commit e231b8217cdfc25bffc7181a1270dfd840a3aebf Author: mikemn
+ Date: Thu Nov 12 15:02:49 2015
+ -0600
+
+2015-11-11 mikemn
+
+ * pam_yubico.8.txt, pam_yubico.c: Add proxy support via Curl
+
+2015-11-13 Klas Lindfors
+
+ * tests/aux/build-and-test.sh: set -e later for travis and hope for
+ the best
+
+2015-11-13 Klas Lindfors
+
+ * tests/aux/build-and-test.sh: add brew update for travis
+
+2015-10-08 Klas Lindfors
+
+ * configure.ac, m4/valgrind-tests.m4: with more thought: remove
+ valgrind for tests since curl+gnutls seems to leave gnutls inited data around
+
+2015-10-08 Klas Lindfors
+
+ * configure.ac, m4/valgrind-tests.m4: add valgrind-tests
+
+2015-10-08 Klas Lindfors
+
+ * pam_yubico.c: use correct modifier for size_t print
+
+2015-10-08 Klas Lindfors
+
+ * .travis.yml, tests/aux/build-and-test.sh, tests/pam_test.c: setup
+ travis to do multi-os builds
+
+2015-10-08 Klas Lindfors
+
+ * tests/Makefile.am, tests/test.c: drop the non-portable test test it linked with the module and didn't really do anything, making the
+ test suite more fragile than necessary
+
+2015-10-05 Klas Lindfors
+
+ * README, doc/YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc,
+ doc/YubiKey_and_FreeRADIUS_via_PAM.adoc: remove forgotten references
+ to wiki There is no wiki for this project, that information is either in the
+ doc folder or in the project manpages. Both of which accessible from
+ https://developers.yubico.com/yubico-pam/ fixes #81
+
+2015-09-22 Klas Lindfors
+
+ * NEWS, configure.ac: bump versions
+
2015-09-22 Klas Lindfors
* NEWS: NEWS for 2.20
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/NEWS new/pam_yubico-2.21/NEWS
--- old/pam_yubico-2.20/NEWS 2015-09-22 08:14:05.000000000 +0200
+++ new/pam_yubico-2.21/NEWS 2016-02-19 12:17:55.000000000 +0100
@@ -1,5 +1,14 @@
pam_yubico NEWS -- History of user-visible changes. -*- outline -*-
+* Version 2.21 (released 2016-02-19)
+
+** Add proxy support for yubico-c-client.
+
+** Check that conv is set before trying to use it
+fixes a crash bug with the osx loginwindow.
+
+** Add building of a mac installer.
+
* Version 2.20 (released 2015-09-22)
** Add cainfo option to allow usage of a cabundle instead of path.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/README new/pam_yubico-2.21/README
--- old/pam_yubico-2.20/README 2015-03-17 09:32:47.000000000 +0100
+++ new/pam_yubico-2.21/README 2015-11-16 09:09:04.000000000 +0100
@@ -129,7 +129,7 @@
mv /usr/local/lib/security/pam_yubico.so /lib/security/
----
-For more information, see the project Wiki page.
+For more information, see the project documentation.
Supported PAM module parameters are:
@@ -188,6 +188,12 @@
required if 'https' or 'ldaps' are used in 'url' and 'ldap_uri'
respectively.
+proxy::
+specify a proxy to connect to the validation server. Valid schemes are
+socks4://, socks4a://, socks5:// or socks5h://. Socks5h asks the proxy
+to do the dns resolving. If no scheme or port is specified HTTP proxy
+port 1080 will be used.
+
verbose_otp::
This argument is used to show the OTP (One-Time Password) when it
is entered, i.e. to enable terminal echo of entered characters.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/build-aux/ar-lib new/pam_yubico-2.21/build-aux/ar-lib
--- old/pam_yubico-2.20/build-aux/ar-lib 2015-08-11 08:53:25.000000000 +0200
+++ new/pam_yubico-2.21/build-aux/ar-lib 2015-11-11 12:48:14.000000000 +0100
@@ -4,7 +4,7 @@
me=ar-lib
scriptversion=2012-03-01.08; # UTC
-# Copyright (C) 2010-2013 Free Software Foundation, Inc.
+# Copyright (C) 2010-2014 Free Software Foundation, Inc.
# Written by Peter Rosin .
#
# This program is free software; you can redistribute it and/or modify
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/build-aux/compile new/pam_yubico-2.21/build-aux/compile
--- old/pam_yubico-2.20/build-aux/compile 2015-08-11 08:53:25.000000000 +0200
+++ new/pam_yubico-2.21/build-aux/compile 2015-11-11 12:48:14.000000000 +0100
@@ -3,7 +3,7 @@
scriptversion=2012-10-14.11; # UTC
-# Copyright (C) 1999-2013 Free Software Foundation, Inc.
+# Copyright (C) 1999-2014 Free Software Foundation, Inc.
# Written by Tom Tromey .
#
# This program is free software; you can redistribute it and/or modify
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/build-aux/missing new/pam_yubico-2.21/build-aux/missing
--- old/pam_yubico-2.20/build-aux/missing 2015-08-11 08:53:25.000000000 +0200
+++ new/pam_yubico-2.21/build-aux/missing 2015-11-11 12:48:14.000000000 +0100
@@ -3,7 +3,7 @@
scriptversion=2013-10-28.13; # UTC
-# Copyright (C) 1996-2013 Free Software Foundation, Inc.
+# Copyright (C) 1996-2014 Free Software Foundation, Inc.
# Originally written by Fran,cois Pinard , 1996.
# This program is free software; you can redistribute it and/or modify
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/build-aux/test-driver new/pam_yubico-2.21/build-aux/test-driver
--- old/pam_yubico-2.20/build-aux/test-driver 2015-08-11 08:53:25.000000000 +0200
+++ new/pam_yubico-2.21/build-aux/test-driver 2015-11-11 12:48:15.000000000 +0100
@@ -3,7 +3,7 @@
scriptversion=2013-07-13.22; # UTC
-# Copyright (C) 2011-2013 Free Software Foundation, Inc.
+# Copyright (C) 2011-2014 Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -106,11 +106,14 @@
# Test script is run here.
"$@" >$log_file 2>&1
estatus=$?
+
if test $enable_hard_errors = no && test $estatus -eq 99; then
- estatus=1
+ tweaked_estatus=1
+else
+ tweaked_estatus=$estatus
fi
-case $estatus:$expect_failure in
+case $tweaked_estatus:$expect_failure in
0:yes) col=$red res=XPASS recheck=yes gcopy=yes;;
0:*) col=$grn res=PASS recheck=no gcopy=no;;
77:*) col=$blu res=SKIP recheck=no gcopy=yes;;
@@ -119,6 +122,12 @@
*:*) col=$red res=FAIL recheck=yes gcopy=yes;;
esac
+# Report the test outcome and exit status in the logs, so that one can
+# know whether the test passed or failed simply by looking at the '.log'
+# file, without the need of also peaking into the corresponding '.trs'
+# file (automake bug#11814).
+echo "$res $test_name (exit status: $estatus)" >>$log_file
+
# Report outcome to console.
echo "${col}${res}${std}: $test_name"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/configure.ac new/pam_yubico-2.21/configure.ac
--- old/pam_yubico-2.20/configure.ac 2015-09-11 13:55:29.000000000 +0200
+++ new/pam_yubico-2.21/configure.ac 2015-10-08 12:04:18.000000000 +0200
@@ -26,7 +26,7 @@
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-AC_INIT([pam_yubico], [2.20], [yubico-devel@googlegroups.com])
+AC_INIT([pam_yubico], [2.21], [yubico-devel@googlegroups.com])
AC_CONFIG_AUX_DIR([build-aux])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE([1.11 foreign -Wall -Werror])
@@ -160,7 +160,6 @@
gl_WARN_ADD([-fdiagnostics-show-option])
fi
-
AC_CONFIG_FILES(Makefile)
AC_CONFIG_FILES(tests/Makefile)
AC_OUTPUT
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/doc/YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc new/pam_yubico-2.21/doc/YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc
--- old/pam_yubico-2.20/doc/YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc 2014-10-30 08:10:39.000000000 +0100
+++ new/pam_yubico-2.21/doc/YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc 2015-10-05 10:06:52.000000000 +0200
@@ -62,12 +62,12 @@
Installation of pam_yubico module :
-----------------------------------
Build instructions for pam_yubico are available in the README.
-(https://github.com/Yubico/yubico-pam/wiki/ReadMe)
+(https://developers.yubico.com/yubico-pam/)
Configuration of pam_yubico module :
------------------------------------
Configuration instructions for pam_yubico are also available in the README.
-(https://github.com/Yubico/yubico-pam/wiki/ReadMe)
+(https://developers.yubico.com/yubico-pam/)
_Make sure you set your system up for either central authorization mapping,
or user level mapping, as this will control which users can connect to the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/doc/YubiKey_and_FreeRADIUS_via_PAM.adoc new/pam_yubico-2.21/doc/YubiKey_and_FreeRADIUS_via_PAM.adoc
--- old/pam_yubico-2.20/doc/YubiKey_and_FreeRADIUS_via_PAM.adoc 2014-11-03 11:23:32.000000000 +0100
+++ new/pam_yubico-2.21/doc/YubiKey_and_FreeRADIUS_via_PAM.adoc 2015-10-05 10:06:32.000000000 +0200
@@ -60,13 +60,13 @@
=== Installation of pam_yubico module ===
Build instructions for pam_yubico are available in the README.
-(https://github.com/Yubico/yubico-pam/wiki/ReadMe)
+(https://developers.yubico.com/yubico-pam/)
=== Configuration of pam_yubico module ===
Configuration instructions for pam_yubico are also available in the README.
-(https://github.com/Yubico/yubico-pam/wiki/ReadMe)
+(https://developers.yubico.com/yubico-pam/)
NOTE: Make sure you set your system up for either central authorization mapping,
or user level mapping, as this will control which users can connect to the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/pam_yubico.8 new/pam_yubico-2.21/pam_yubico.8
--- old/pam_yubico-2.20/pam_yubico.8 2015-09-15 15:00:08.000000000 +0200
+++ new/pam_yubico-2.21/pam_yubico.8 2016-02-18 13:12:48.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: pam_yubico
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1 http://docbook.sf.net/
-.\" Date: Version 2.20
+.\" Date: Version 2.21
.\" Manual: Yubico PAM Module Manual
.\" Source: yubico-pam
.\" Language: English
.\"
-.TH "PAM_YUBICO" "8" "Version 2\&.20" "yubico\-pam" "Yubico PAM Module Manual"
+.TH "PAM_YUBICO" "8" "Version 2\&.21" "yubico\-pam" "Yubico PAM Module Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -103,6 +103,11 @@
respectively\&.
.RE
.PP
+\fBproxy\fR=\fIproxy\fR
+.RS 4
+Specify a proxy to connect to the validation server\&. Valid schemes are socks4://, socks4a://, socks5:// or socks5h://\&. Socks5h asks the proxy to do the dns resolving\&. If no scheme or port is specified HTTP proxy port 1080 will be used\&. E\&.g\&. socks5h://user:pass@10\&.10\&.0\&.1:1080
+.RE
+.PP
\fBverbose_otp\fR
.RS 4
This argument is used to show the OTP (One Time Password) when it is entered, i\&.e\&. to enable terminal echo of entered characters\&. You are advised to not use this, if you are using two factor authentication because that will display your password on the screen\&. This requires the service using the PAM module to display custom fields\&. For example, OpenSSH requires you to configure "ChallengeResponseAuthentication no"\&.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/pam_yubico.8.txt new/pam_yubico-2.21/pam_yubico.8.txt
--- old/pam_yubico-2.20/pam_yubico.8.txt 2015-09-15 15:00:07.000000000 +0200
+++ new/pam_yubico-2.21/pam_yubico.8.txt 2016-02-18 13:11:05.000000000 +0100
@@ -50,6 +50,9 @@
*capath*=_path_::
Specify the path where X509 certificates are stored. This is required if 'https' or 'ldaps' are used in 'url' and 'ldap_uri' respectively.
+*proxy*=_proxy_::
+Specify a proxy to connect to the validation server. Valid schemes are socks4://, socks4a://, socks5:// or socks5h://. Socks5h asks the proxy to do the dns resolving. If no scheme or port is specified HTTP proxy port 1080 will be used. E.g. socks5h://user:pass@10.10.0.1:1080
+
*verbose_otp*::
This argument is used to show the OTP (One Time Password) when it is entered, i.e. to enable terminal echo of entered characters. You are advised to not use this, if you are using two factor authentication because that will display your password on the screen. This requires the service using the PAM module to display custom fields. For example, OpenSSH requires you to configure "ChallengeResponseAuthentication no".
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/pam_yubico.c new/pam_yubico-2.21/pam_yubico.c
--- old/pam_yubico-2.20/pam_yubico.c 2015-09-14 13:29:30.000000000 +0200
+++ new/pam_yubico-2.21/pam_yubico.c 2016-02-19 11:03:52.000000000 +0100
@@ -111,6 +111,7 @@
const char *auth_file;
const char *capath;
const char *cainfo;
+ const char *proxy;
const char *url;
const char *urllist;
const char *ldapserver;
@@ -300,7 +301,7 @@
if (cfg->user_attr && cfg->yubi_attr && cfg->ldapdn) {
i = (strlen(cfg->user_attr) + strlen(cfg->ldapdn) + strlen(user) + 3) * sizeof(char);
if ((find = malloc(i)) == NULL) {
- DBG (("Failed allocating %i bytes", i));
+ DBG (("Failed allocating %zu bytes", i));
retval = 0;
goto done;
}
@@ -406,11 +407,15 @@
return retval;
}
+ if(!conv || !conv->conv){
+ D(("conv() function invalid"));
+ return PAM_CONV_ERR;
+ }
pmsg[0] = &msg[0];
msg[0].msg = (char *) message; /* on some systems, pam_message.msg isn't const */
msg[0].msg_style = PAM_ERROR_MSG;
retval = conv->conv(1, pmsg, &resp, conv->appdata_ptr);
-
+
if (retval != PAM_SUCCESS) {
D(("conv returned error: %s", pam_strerror (pamh, retval)));
return retval;
@@ -456,7 +461,7 @@
goto out;
}
- if (! check_firmware_version(yk, false, true)) {
+ if (! check_firmware_version(yk, cfg->debug, true)) {
DBG(("YubiKey does not support Challenge-Response (version 2.2 required)"));
goto out;
}
@@ -710,6 +715,8 @@
cfg->capath = argv[i] + 7;
if (strncmp (argv[i], "cainfo=", 7) == 0)
cfg->cainfo = argv[i] + 7;
+ if (strncmp (argv[i], "proxy=", 6) == 0)
+ cfg->proxy = argv[i] + 6;
if (strncmp (argv[i], "url=", 4) == 0)
cfg->url = argv[i] + 4;
if (strncmp (argv[i], "urllist=", 8) == 0)
@@ -772,6 +779,7 @@
D (("urllist=%s", cfg->urllist ? cfg->urllist : "(null)"));
D (("capath=%s", cfg->capath ? cfg->capath : "(null)"));
D (("cainfo=%s", cfg->cainfo ? cfg->cainfo : "(null)"));
+ D (("proxy=%s", cfg->proxy ? cfg->proxy : "(null)"));
D (("token_id_length=%d", cfg->token_id_length));
D (("mode=%s", cfg->mode == CLIENT ? "client" : "chresp" ));
D (("chalresp_path=%s", cfg->chalresp_path ? cfg->chalresp_path : "(null)"));
@@ -883,6 +891,9 @@
if (cfg->cainfo)
ykclient_set_ca_info (ykc, cfg->cainfo);
+ if (cfg->proxy)
+ ykclient_set_proxy (ykc, cfg->proxy);
+
if (cfg->url)
{
rc = ykclient_set_url_template (ykc, cfg->url);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/tests/Makefile.am new/pam_yubico-2.21/tests/Makefile.am
--- old/pam_yubico-2.20/tests/Makefile.am 2015-04-07 16:33:41.000000000 +0200
+++ new/pam_yubico-2.21/tests/Makefile.am 2015-10-08 12:04:04.000000000 +0200
@@ -30,14 +30,13 @@
AM_LDFLAGS = -no-install
AM_CFLAGS=-I$(srcdir)/.. $(WARN_CFLAGS)
AM_CPPFLAGS = @YKPERS_CFLAGS@
-test_LDADD = ../pam_yubico.la
util_test_LDADD = ../libpam_util.la
pam_test_LDADD = ../libpam_real.la ../libpam_util.la @LTLIBYUBIKEY@ @LTLIBYKCLIENT@ @LIBLDAP@
pam_test_CPPFLAGS = -DSRCDIR=\"$(srcdir)\"
TESTS_ENVIRONMENT = export LDAPNOINIT=1;
-check_PROGRAMS = test util_test pam_test
+check_PROGRAMS = util_test pam_test
TESTS = $(check_PROGRAMS)
if ENABLE_COV
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/tests/pam_test.c new/pam_yubico-2.21/tests/pam_test.c
--- old/pam_yubico-2.20/tests/pam_test.c 2015-03-04 14:40:31.000000000 +0100
+++ new/pam_yubico-2.21/tests/pam_test.c 2016-02-18 10:44:39.000000000 +0100
@@ -38,7 +38,14 @@
#include
#include
+#ifdef HAVE_PAM_MODUTIL_DROP_PRIV
#include
+#else
+#include
+struct pam_modutil_privs {
+ int noop;
+};
+#endif
#define YKVAL_PORT1 "17502"
#define YKVAL_PORT2 "30559"
@@ -83,7 +90,11 @@
return &_data[(long)id];
}
+#ifdef OPENPAM
+const char * pam_strerror(const pam_handle_t *pamh, int errnum) {
+#else
const char * pam_strerror(pam_handle_t *pamh, int errnum) {
+#endif
fprintf(stderr, "in pam_strerror()\n");
return "error";
}
@@ -94,7 +105,16 @@
return PAM_SUCCESS;
}
+int pam_get_data(const pam_handle_t *pamh, const char *module_data_name, const void **data) {
+ fprintf(stderr, "in pam_get_data() %s\n", module_data_name);
+ return PAM_SUCCESS;
+}
+
+#ifdef OPENPAM
+int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt) {
+#else
int pam_get_user(const pam_handle_t *pamh, const char **user, const char *prompt) {
+#endif
fprintf(stderr, "in pam_get_user()\n");
*user = test_get_data((void*)pamh)->user;
return PAM_SUCCESS;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/tests/test.c new/pam_yubico-2.21/tests/test.c
--- old/pam_yubico-2.20/tests/test.c 2015-03-04 07:58:20.000000000 +0100
+++ new/pam_yubico-2.21/tests/test.c 1970-01-01 01:00:00.000000000 +0100
@@ -1,55 +0,0 @@
-/* Written by Simon Josefsson .
- * Copyright (c) 2007-2014 Yubico AB
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials provided
- * with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include
-#include
-
-/* These #defines must be present according to PAM documentation. */
-#define PAM_SM_AUTH
-
-#ifdef HAVE_SECURITY_PAM_APPL_H
-#include
-#endif
-#ifdef HAVE_SECURITY_PAM_MODULES_H
-#include
-#endif
-
-
-int
-main (int argc, const char **argv)
-{
- pam_handle_t *pamh = NULL;
- int rc;
-
- rc = pam_sm_authenticate (pamh, 0, 1, argv);
-
- printf ("rc %d\n", rc);
-
- return 0;
-}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/util.c new/pam_yubico-2.21/util.c
--- old/pam_yubico-2.20/util.c 2015-09-14 10:36:36.000000000 +0200
+++ new/pam_yubico-2.21/util.c 2016-02-19 11:03:52.000000000 +0100
@@ -206,10 +206,10 @@
}
if (verbose) {
- printf("Firmware version %d.%d.%d\n",
+ D(("YubiKey Firmware version: %d.%d.%d\n",
ykds_version_major(st),
ykds_version_minor(st),
- ykds_version_build(st));
+ ykds_version_build(st)));
fflush(stdout);
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pam_yubico-2.20/ykpamcfg.1 new/pam_yubico-2.21/ykpamcfg.1
--- old/pam_yubico-2.20/ykpamcfg.1 2015-08-18 14:11:50.000000000 +0200
+++ new/pam_yubico-2.21/ykpamcfg.1 2016-02-18 13:12:48.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: ykpamcfg
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1 http://docbook.sf.net/
-.\" Date: Version 2.20
+.\" Date: Version 2.21
.\" Manual: Yubico PAM Module Manual
.\" Source: yubico-pam
.\" Language: English
.\"
-.TH "YKPAMCFG" "1" "Version 2\&.20" "yubico\-pam" "Yubico PAM Module Manual"
+.TH "YKPAMCFG" "1" "Version 2\&.21" "yubico\-pam" "Yubico PAM Module Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------