aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorale <ale@FreeBSD.org>2006-06-13 01:00:25 +0800
committerale <ale@FreeBSD.org>2006-06-13 01:00:25 +0800
commit9be81d4adcca26c92b37fa3373b989cd40ea97c0 (patch)
treea2e28f4a3db61d423864fe6116623d342afa659e /security
parentf48c3b6ef88ac8e5284ebf01be3a07500ffa5d59 (diff)
downloadfreebsd-ports-gnome-9be81d4adcca26c92b37fa3373b989cd40ea97c0.tar.gz
freebsd-ports-gnome-9be81d4adcca26c92b37fa3373b989cd40ea97c0.tar.zst
freebsd-ports-gnome-9be81d4adcca26c92b37fa3373b989cd40ea97c0.zip
Pam_p11 is a plugable authentication module (pam) package
for using crpytographic tokens such as smart cards and usb crypto tokens for authentication. Pam_p11 uses libp11 to access any PKCS#11 module. It should be compatible with any implementation, but it is primarely developed using OpenSC. Pam_p11 implements two authentication modules: * pam_p11_openssh authenticates the user using his openssh ~/.ssh/authorized_keys file. * pam_p11_opensc authenticates the user using certificates found in ~/.eid/authorized_certificates. Pam_p11 is very simple, it has no config file, no options other than the PKCS#11 module file, does not know about certificate chains, certificate authorities, revocation lists or OCSP. Perfect for the small installation with no frills. WWW: http://www.opensc-project.org/pam_p11/
Diffstat (limited to 'security')
-rw-r--r--security/Makefile1
-rw-r--r--security/pam_p11/Makefile35
-rw-r--r--security/pam_p11/distinfo3
-rw-r--r--security/pam_p11/files/patch-configure20
-rw-r--r--security/pam_p11/files/patch-src_pam_p11.c11
-rw-r--r--security/pam_p11/files/patch-src_test.c11
-rw-r--r--security/pam_p11/pkg-descr24
-rw-r--r--security/pam_p11/pkg-plist3
8 files changed, 108 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile
index 571b034f432f..a2be8fd688bb 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -452,6 +452,7 @@
SUBDIR += pam_krb5
SUBDIR += pam_ldap
SUBDIR += pam_mkhomedir
+ SUBDIR += pam_p11
SUBDIR += pam_per_user
SUBDIR += pam_pgina
SUBDIR += pam_pop3
diff --git a/security/pam_p11/Makefile b/security/pam_p11/Makefile
new file mode 100644
index 000000000000..d1b1bed63e0b
--- /dev/null
+++ b/security/pam_p11/Makefile
@@ -0,0 +1,35 @@
+# New ports collection makefile for: pam_p11
+# Date created: 1 Jun 2006
+# Whom: Alex Dupre <ale@FreeBSD.org>
+#
+# $FreeBSD$
+#
+
+PORTNAME= pam_p11
+PORTVERSION= 0.1.2
+CATEGORIES= security
+MASTER_SITES= http://www.opensc-project.org/files/${PORTNAME}/
+
+MAINTAINER= ale@FreeBSD.org
+COMMENT= A PAM module using crypto tokens for auth
+
+LIB_DEPENDS= p11.1:${PORTSDIR}/security/libp11
+
+USE_OPENSSL= yes
+GNU_CONFIGURE= yes
+USE_GNOME= pkgconfig
+
+CONFIGURE_ENV= OPENSSL_CFLAGS="-I${OPENSSLINC}" \
+ OPENSSL_LIBS="-L${OPENSSLLIB} -lssl"
+
+DOC_FILES= README *.sh *.xsl *.css *.html
+
+PORTDOCS= *
+
+.ifndef(NOPORTDOCS)
+post-install:
+ @${MKDIR} ${DOCSDIR}
+ @(cd ${WRKSRC}/doc && ${CP} -R ${DOC_FILES} ${DOCSDIR})
+.endif
+
+.include <bsd.port.mk>
diff --git a/security/pam_p11/distinfo b/security/pam_p11/distinfo
new file mode 100644
index 000000000000..eb7ac06a4b96
--- /dev/null
+++ b/security/pam_p11/distinfo
@@ -0,0 +1,3 @@
+MD5 (pam_p11-0.1.2.tar.gz) = de550f9d7cf921a7b8e35901e6bbfa25
+SHA256 (pam_p11-0.1.2.tar.gz) = 8e884842865f7f3b54f2aa2f187d781210863c8596b9fca94065bfbd4dc1a8a2
+SIZE (pam_p11-0.1.2.tar.gz) = 313774
diff --git a/security/pam_p11/files/patch-configure b/security/pam_p11/files/patch-configure
new file mode 100644
index 000000000000..dc08d1710120
--- /dev/null
+++ b/security/pam_p11/files/patch-configure
@@ -0,0 +1,20 @@
+--- configure.orig Thu Jun 1 15:05:28 2006
++++ configure Thu Jun 1 15:07:47 2006
+@@ -20823,7 +20823,7 @@
+ (exit $ac_status); }; then
+ pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl" 2>/dev/null`
+ else
+- pkg_failed=yes
++ pkg_cv_OPENSSL_CFLAGS=$ac_cv_env_OPENSSL_CFLAGS_value
+ fi
+ else
+ pkg_failed=untried
+@@ -20837,7 +20837,7 @@
+ (exit $ac_status); }; then
+ pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl" 2>/dev/null`
+ else
+- pkg_failed=yes
++ pkg_cv_OPENSSL_LIBS=$ac_cv_env_OPENSSL_LIBS_value
+ fi
+ else
+ pkg_failed=untried
diff --git a/security/pam_p11/files/patch-src_pam_p11.c b/security/pam_p11/files/patch-src_pam_p11.c
new file mode 100644
index 000000000000..c0bc737fbbf0
--- /dev/null
+++ b/security/pam_p11/files/patch-src_pam_p11.c
@@ -0,0 +1,11 @@
+--- src/pam_p11.c.orig Sun Jun 11 21:16:46 2006
++++ src/pam_p11.c Sun Jun 11 21:17:53 2006
+@@ -39,7 +39,7 @@
+ #define LOGNAME "pam_p11" /* name for log-file entries */
+
+ #define RANDOM_SOURCE "/dev/urandom"
+-#define RANDOM_SIZE 128
++#define RANDOM_SIZE 64
+ #define MAX_SIGSIZE 256
+
+ extern int match_user(X509 * x509, const char *login);
diff --git a/security/pam_p11/files/patch-src_test.c b/security/pam_p11/files/patch-src_test.c
new file mode 100644
index 000000000000..08158257b8d6
--- /dev/null
+++ b/security/pam_p11/files/patch-src_test.c
@@ -0,0 +1,11 @@
+--- src/test.c.orig Thu Jun 1 15:13:06 2006
++++ src/test.c Thu Jun 1 15:13:15 2006
+@@ -2,7 +2,7 @@
+ #include <stdlib.h>
+
+ #include <security/pam_appl.h>
+-#include <security/pam_misc.h>
++#include <security/pam_modules.h>
+
+ int main(int argc, char **argv)
+ {
diff --git a/security/pam_p11/pkg-descr b/security/pam_p11/pkg-descr
new file mode 100644
index 000000000000..9865f03da7d0
--- /dev/null
+++ b/security/pam_p11/pkg-descr
@@ -0,0 +1,24 @@
+Pam_p11 is a plugable authentication module (pam) package
+for using crpytographic tokens such as smart cards and
+usb crypto tokens for authentication.
+
+Pam_p11 uses libp11 to access any PKCS#11 module.
+It should be compatible with any implementation, but it
+is primarely developed using OpenSC.
+
+Pam_p11 implements two authentication modules:
+ * pam_p11_openssh authenticates the user using his
+ openssh ~/.ssh/authorized_keys file.
+ * pam_p11_opensc authenticates the user using
+ certificates found in ~/.eid/authorized_certificates.
+
+Pam_p11 is very simple, it has no config file, no options
+other than the PKCS#11 module file, does not know about
+certificate chains, certificate authorities, revocation
+lists or OCSP. Perfect for the small installation with no
+frills.
+
+WWW: http://www.opensc-project.org/pam_p11/
+
+- Alex Dupre
+ale@FreeBSD.org
diff --git a/security/pam_p11/pkg-plist b/security/pam_p11/pkg-plist
new file mode 100644
index 000000000000..c59242f132b4
--- /dev/null
+++ b/security/pam_p11/pkg-plist
@@ -0,0 +1,3 @@
+lib/security/pam_p11_opensc.so
+lib/security/pam_p11_openssh.so
+@dirrmtry lib/security