security/pleaser: update to 0.4.0

-No changelog provided upstream.
This commit is contained in:
pin 2021-04-24 18:52:58 +00:00
parent 0a18fa15f6
commit 3da5d46e6e
4 changed files with 118 additions and 10 deletions

View file

@ -1,7 +1,7 @@
# $NetBSD: Makefile,v 1.8 2021/03/11 08:08:02 pin Exp $
# $NetBSD: Makefile,v 1.9 2021/04/24 18:52:58 pin Exp $
DISTNAME= please-0.3.25
PKGNAME= pleaser-0.3.25
DISTNAME= please-0.4.0
PKGNAME= pleaser-0.4.0
CATEGORIES= security
MASTER_SITES= https://gitlab.com/edneville/please/-/archive/v${PKGVERSION_NOREV}/
@ -12,7 +12,7 @@ LICENSE= gnu-gpl-v3
.include "cargo-depends.mk"
WRKSRC= ${WRKDIR}/please-v0.3.25-b9e56e70908b194f494cdd88c59c20baba2e604d
WRKSRC= ${WRKDIR}/please-v0.4.0-d7209c091e843edcd3148ae77cd27608b316f244
USE_LANGUAGES+= c # rust, but needs a toolchain to link
SUBST_CLASSES+= prefix

View file

@ -1,4 +1,4 @@
# $NetBSD: cargo-depends.mk,v 1.4 2021/02/23 14:47:07 pin Exp $
# $NetBSD: cargo-depends.mk,v 1.5 2021/04/24 18:52:58 pin Exp $
CARGO_CRATE_DEPENDS+= addr2line-0.14.1
CARGO_CRATE_DEPENDS+= adler-0.2.3
@ -11,6 +11,7 @@ CARGO_CRATE_DEPENDS+= cfg-if-1.0.0
CARGO_CRATE_DEPENDS+= chrono-0.4.19
CARGO_CRATE_DEPENDS+= error-chain-0.11.0
CARGO_CRATE_DEPENDS+= getopts-0.2.21
CARGO_CRATE_DEPENDS+= getrandom-0.1.16
CARGO_CRATE_DEPENDS+= gimli-0.23.0
CARGO_CRATE_DEPENDS+= libc-0.2.86
CARGO_CRATE_DEPENDS+= log-0.4.14
@ -23,6 +24,11 @@ CARGO_CRATE_DEPENDS+= object-0.23.0
CARGO_CRATE_DEPENDS+= once_cell-1.6.0
CARGO_CRATE_DEPENDS+= pam-0.7.0
CARGO_CRATE_DEPENDS+= pam-sys-0.5.6
CARGO_CRATE_DEPENDS+= ppv-lite86-0.2.10
CARGO_CRATE_DEPENDS+= rand-0.7.3
CARGO_CRATE_DEPENDS+= rand_chacha-0.2.2
CARGO_CRATE_DEPENDS+= rand_core-0.5.1
CARGO_CRATE_DEPENDS+= rand_hc-0.2.0
CARGO_CRATE_DEPENDS+= regex-1.4.3
CARGO_CRATE_DEPENDS+= regex-syntax-0.6.22
CARGO_CRATE_DEPENDS+= rpassword-5.0.1
@ -33,6 +39,7 @@ CARGO_CRATE_DEPENDS+= time-0.1.44
CARGO_CRATE_DEPENDS+= unicode-width-0.1.8
CARGO_CRATE_DEPENDS+= users-0.8.1
CARGO_CRATE_DEPENDS+= users-0.10.0
CARGO_CRATE_DEPENDS+= wasi-0.9.0+wasi-snapshot-preview1
CARGO_CRATE_DEPENDS+= wasi-0.10.0+wasi-snapshot-preview1
CARGO_CRATE_DEPENDS+= winapi-0.3.9
CARGO_CRATE_DEPENDS+= winapi-i686-pc-windows-gnu-0.4.0

View file

@ -1,4 +1,4 @@
$NetBSD: distinfo,v 1.9 2021/03/11 08:08:02 pin Exp $
$NetBSD: distinfo,v 1.10 2021/04/24 18:52:58 pin Exp $
SHA1 (addr2line-0.14.1.crate) = 5e02a34c470fcb872eee8ee11037f0dce619404a
RMD160 (addr2line-0.14.1.crate) = a152b28f56c4bcf8fcbb9575764b2d85fe0d6256
@ -44,6 +44,10 @@ SHA1 (getopts-0.2.21.crate) = 9dd990ef7bee1b18b41f4e44d342b397134b0a38
RMD160 (getopts-0.2.21.crate) = 9584128851c5564984b1603741961447d57436ec
SHA512 (getopts-0.2.21.crate) = 5515ae6ccb0f03efb783683f46cfd1755342c4e83bb673ff8914c7f9dea0dae333f8d9703865e992659a359067df0e8b0e2253de0d4b0c7707cbe7d73401bb1f
Size (getopts-0.2.21.crate) = 18457 bytes
SHA1 (getrandom-0.1.16.crate) = ef6ee6ddbc3b1f40c8202a934d8cafb50d2233dc
RMD160 (getrandom-0.1.16.crate) = 531b3a9da432114e08beb70828f6291f32cdd3e1
SHA512 (getrandom-0.1.16.crate) = c5450c522c07c7a38b326f9a9062bac7d089630219d577ea4b55abad4e0c31d17b7cde385fc43912dfa100b42334e7a52422c55fda8b738caae428c6f9addb53
Size (getrandom-0.1.16.crate) = 25077 bytes
SHA1 (gimli-0.23.0.crate) = 45fea182ce86e5c803f31a0f8ff917a23b211e7f
RMD160 (gimli-0.23.0.crate) = b4d8bd59839440da29d2de0d7bb35b72100874ed
SHA512 (gimli-0.23.0.crate) = b5dce7b563ce7b8dd6cfec5258793323d370f217779d0d57265bbbe2b1eb2704dbf0f25c189ae6e9079989b6ac7d5341e10fe49457577e482a3904c745c89b5a
@ -92,10 +96,30 @@ SHA1 (pam-sys-0.5.6.crate) = 026da526179fe07837aa221581426c817fb0d1cf
RMD160 (pam-sys-0.5.6.crate) = c9ce1a53a6fff2c79da80d83acf068130494afbc
SHA512 (pam-sys-0.5.6.crate) = f1aeb09fe4ed8a2a330d5a176c3f6a8b10c7fde6215f09212485b9170c3738686193b306c658d38373bff622522d58e319517613c2778db6e08c729cef8d5a07
Size (pam-sys-0.5.6.crate) = 12738 bytes
SHA1 (please-0.3.25.tar.gz) = 23a03829283ee5a2f4325fa12b775f1c667bcef3
RMD160 (please-0.3.25.tar.gz) = df1a02acc69982666cf8665d111e488ad7d56e87
SHA512 (please-0.3.25.tar.gz) = be19cc05f2b5e0b9e0c57f6f50171c81647740567c44e997cef9f1ae765e57969879b3583d78afc33ae00598db51c5ed10dc7ef60b968d56188b6685a9ea7d75
Size (please-0.3.25.tar.gz) = 41935 bytes
SHA1 (please-0.4.0.tar.gz) = d6fad3037939e2ae72a9f9ae3ed8507765002820
RMD160 (please-0.4.0.tar.gz) = 0ba0b4ebc848851974260a0bb58a9a2ee4f4fc31
SHA512 (please-0.4.0.tar.gz) = 5690a648d73fc6097e0d337fe93ee6b7300954ecbc890b2399a4f1a00db44c127c003d3903f311d6e81ed0fa2cc2fca07ae72189e21cb1f6a4bb3401a7eab68f
Size (please-0.4.0.tar.gz) = 44837 bytes
SHA1 (ppv-lite86-0.2.10.crate) = 7a665cbfcc1d0a172d7d1d05a9596b7f3d6b83aa
RMD160 (ppv-lite86-0.2.10.crate) = 01d542acbb34f9c86111d6be7a2195dd95011fe6
SHA512 (ppv-lite86-0.2.10.crate) = c9941052e504b9b310024064026e4b1d540dd877705ef450a833d9ff6dee70ba874cdad68c46381a71d5b54482cd80b3dbb8e0c225758fd339069031a55195f1
Size (ppv-lite86-0.2.10.crate) = 20915 bytes
SHA1 (rand-0.7.3.crate) = e548545a074e3a0688241f6ad3c6f1f8a192280f
RMD160 (rand-0.7.3.crate) = f3fa7ec05927b3c0c4fc8e41e373f2228bef6dd6
SHA512 (rand-0.7.3.crate) = f9b68ef9446f1ca2c8092c50990f15c1b4cb5529eeeac4df8d69755e0b7253c663c587775e7cb0a7298c31edb444975dda34926759306541f6d43d0d3cf57b7e
Size (rand-0.7.3.crate) = 112246 bytes
SHA1 (rand_chacha-0.2.2.crate) = 95670770bcd7b3eb55be8bd2d91d92e58f9b4953
RMD160 (rand_chacha-0.2.2.crate) = c908686d3afd27f04df11c5fdf5ca7132272d47c
SHA512 (rand_chacha-0.2.2.crate) = 1e2117442e4ffdd834dcbf0ea1829e73202c0ff9041d5969d81a59330242145f2753f2a56de2fdbff65f26cf0d227c7d08b2094ab2f946b764aef88106a6ac84
Size (rand_chacha-0.2.2.crate) = 13267 bytes
SHA1 (rand_core-0.5.1.crate) = ec1af7811e3895c76debbc053feee953c2516aec
RMD160 (rand_core-0.5.1.crate) = 074195da5ce6cb4618a2cd046110bf0e1b355f05
SHA512 (rand_core-0.5.1.crate) = 4f7500b35e165e6c817fdd67a50745d5497d24e554bb554705097e37258751e8755c4d6b8a69fcb5e1977708ba78620bc35d640e4e018fcd4e88d9dbdbebdcbf
Size (rand_core-0.5.1.crate) = 21116 bytes
SHA1 (rand_hc-0.2.0.crate) = efd8d1e70c566f436ebdbc2ec4ea2f37e0ae237d
RMD160 (rand_hc-0.2.0.crate) = efa420ab36323d31e86851bc62a3563407011dc3
SHA512 (rand_hc-0.2.0.crate) = bca185612bed5cee4da76fb68fe854105da276f5bf2da464e596d586b925df798cc692ed881e276ab77c36b4b0551930966c93656be122ad05899d87853533b0
Size (rand_hc-0.2.0.crate) = 11670 bytes
SHA1 (regex-1.4.3.crate) = 9791be8e7a645b891dce0533a487dc3625e00ffe
RMD160 (regex-1.4.3.crate) = 9f2849315b430248cc777a2f73b202a32c465bbf
SHA512 (regex-1.4.3.crate) = bc0dbde01a79e7863997194b894c0e76e01ed209d56225bd611dcbccbbe997abd48bdc4640cbf349c5f16d96ec613f5b31740e81fc7da82082a4ed48fa06deac
@ -140,6 +164,10 @@ SHA1 (wasi-0.10.0+wasi-snapshot-preview1.crate) = 1e619deea4a6d2aa1edbd450060d14
RMD160 (wasi-0.10.0+wasi-snapshot-preview1.crate) = 5f49eac8985ca1724c17c215ac5512a7421f7ac1
SHA512 (wasi-0.10.0+wasi-snapshot-preview1.crate) = 88e2da617f50d9ebfb1e0c5857321fb86b5ee88ae8a8d199d3cc092e0f39688a2cb68503f7c6bb09dd6bc50a9a03597a1eb2e032150fbd0d0b8afa02ad771c88
Size (wasi-0.10.0+wasi-snapshot-preview1.crate) = 26964 bytes
SHA1 (wasi-0.9.0+wasi-snapshot-preview1.crate) = f906b20eeae7b0ae0d2a67225c9f58c8a2f93f99
RMD160 (wasi-0.9.0+wasi-snapshot-preview1.crate) = 3aed162b7fc9baba4cf37ea82fb9a4efdff3d40b
SHA512 (wasi-0.9.0+wasi-snapshot-preview1.crate) = dbe641f796ee3a5daafcaafc911ecc6dff170340f477c2df7a61fb4858a85aefc2637c9e61973ecce66a987aa8e08a736273a4aad3ef47eaf61ed4268dbf9c47
Size (wasi-0.9.0+wasi-snapshot-preview1.crate) = 31521 bytes
SHA1 (winapi-0.3.9.crate) = 25c427fe8e3df07658e2552d2585d2f167ba3125
RMD160 (winapi-0.3.9.crate) = 37e72db32b20588d61821e9bc5e72fb31b1ed089
SHA512 (winapi-0.3.9.crate) = ff8b7b78065f3d8999ec03c725a0460ebc059771bf071c7a3df3f0ecd733edf3b0a2450024d4e24e1aedddaecd9038ce1376c0d8bbf45132068cf45cf4a53a97
@ -152,3 +180,4 @@ SHA1 (winapi-x86_64-pc-windows-gnu-0.4.0.crate) = eadfdb146024d37b6887b5b9cb6a69
RMD160 (winapi-x86_64-pc-windows-gnu-0.4.0.crate) = 300417853d251d91cadb9650992a6aa98248619f
SHA512 (winapi-x86_64-pc-windows-gnu-0.4.0.crate) = 4a654af6a5d649dc87e00497245096b35a2894ae66f155cb62389902c3b93ddcc5cf7d0d8b9dd97b291d2d80bc686af2298e80abef6ac69883f4a54e79712513
Size (winapi-x86_64-pc-windows-gnu-0.4.0.crate) = 2947998 bytes
SHA1 (patch-src_util.rs) = cc673fdd46e168008526753f6bb6f46d644af51a

View file

@ -0,0 +1,72 @@
$NetBSD: patch-src_util.rs,v 1.1 2021/04/24 18:52:59 pin Exp $
NetBSD fixes by Ed Neville
--- src/util.rs.orig 2021-04-24 10:42:56.777765681 +0000
+++ src/util.rs
@@ -839,6 +839,31 @@ pub fn get_editor() -> String {
editor.to_string()
}
+/// handler.authenticate without the root privs part for linux
+#[cfg(target_os = "linux")]
+pub fn handler_shim<T: pam::Converse>(
+ _ro: &RunOptions,
+ handler: &mut Authenticator<T>,
+) -> Result<(), pam::PamError> {
+ handler.authenticate()
+}
+
+/// handler.authenticate needs esc_privs on netbsd
+#[cfg(not(target_os = "linux"))]
+pub fn handler_shim<T: pam::Converse>(
+ ro: &RunOptions,
+ handler: &mut Authenticator<T>,
+) -> Result<(), pam::PamError> {
+ if !esc_privs() {
+ std::process::exit(1);
+ }
+ let auth = handler.authenticate();
+ if !drop_privs(&ro) {
+ std::process::exit(1);
+ }
+ auth
+}
+
/// read password of user via rpassword
/// should pam require a password, and it is successful, then we set a token
pub fn challenge_password(ro: &RunOptions, entry: EnvOptions, service: &str) -> bool {
@@ -876,7 +901,7 @@ pub fn challenge_password(ro: &RunOption
let mut handler = Authenticator::with_handler(service, convo).expect("Cannot init PAM");
loop {
- let auth = handler.authenticate();
+ let auth = handler_shim(&ro, &mut handler);
if auth.is_ok() {
if handler.get_handler().passwd.is_some() {
@@ -1231,6 +1256,7 @@ pub fn create_token_dir() -> bool {
true
}
+#[cfg(target_os = "linux")]
pub fn boot_secs() -> libc::timespec {
let mut tp = libc::timespec {
tv_sec: 0 as i64,
@@ -1240,6 +1266,16 @@ pub fn boot_secs() -> libc::timespec {
tp
}
+#[cfg(not(target_os = "linux"))]
+pub fn boot_secs() -> libc::timespec {
+ let mut tp = libc::timespec {
+ tv_sec: 0 as i64,
+ tv_nsec: 0,
+ };
+ unsafe { libc::clock_gettime(libc::CLOCK_MONOTONIC, &mut tp) };
+ tp
+}
+
/// does the user have a valid token
/// return false if time stamp is in the future
/// return true if token was set within 600 seconds of wall and boot time