head 1.10; access; symbols pkgsrc-2023Q4:1.10.0.8 pkgsrc-2023Q4-base:1.10 pkgsrc-2023Q3:1.10.0.6 pkgsrc-2023Q3-base:1.10 pkgsrc-2023Q2:1.10.0.4 pkgsrc-2023Q2-base:1.10 pkgsrc-2023Q1:1.10.0.2 pkgsrc-2023Q1-base:1.10 pkgsrc-2022Q4:1.9.0.10 pkgsrc-2022Q4-base:1.9 pkgsrc-2022Q3:1.9.0.8 pkgsrc-2022Q3-base:1.9 pkgsrc-2022Q2:1.9.0.6 pkgsrc-2022Q2-base:1.9 pkgsrc-2022Q1:1.9.0.4 pkgsrc-2022Q1-base:1.9 pkgsrc-2021Q4:1.9.0.2 pkgsrc-2021Q4-base:1.9 pkgsrc-2021Q3:1.7.0.48 pkgsrc-2021Q3-base:1.7 pkgsrc-2021Q2:1.7.0.46 pkgsrc-2021Q2-base:1.7 pkgsrc-2021Q1:1.7.0.44 pkgsrc-2021Q1-base:1.7 pkgsrc-2020Q4:1.7.0.42 pkgsrc-2020Q4-base:1.7 pkgsrc-2020Q3:1.7.0.40 pkgsrc-2020Q3-base:1.7 pkgsrc-2020Q2:1.7.0.36 pkgsrc-2020Q2-base:1.7 pkgsrc-2020Q1:1.7.0.16 pkgsrc-2020Q1-base:1.7 pkgsrc-2019Q4:1.7.0.38 pkgsrc-2019Q4-base:1.7 pkgsrc-2019Q3:1.7.0.34 pkgsrc-2019Q3-base:1.7 pkgsrc-2019Q2:1.7.0.32 pkgsrc-2019Q2-base:1.7 pkgsrc-2019Q1:1.7.0.30 pkgsrc-2019Q1-base:1.7 pkgsrc-2018Q4:1.7.0.28 pkgsrc-2018Q4-base:1.7 pkgsrc-2018Q3:1.7.0.26 pkgsrc-2018Q3-base:1.7 pkgsrc-2018Q2:1.7.0.24 pkgsrc-2018Q2-base:1.7 pkgsrc-2018Q1:1.7.0.22 pkgsrc-2018Q1-base:1.7 pkgsrc-2017Q4:1.7.0.20 pkgsrc-2017Q4-base:1.7 pkgsrc-2017Q3:1.7.0.18 pkgsrc-2017Q3-base:1.7 pkgsrc-2017Q2:1.7.0.14 pkgsrc-2017Q2-base:1.7 pkgsrc-2017Q1:1.7.0.12 pkgsrc-2017Q1-base:1.7 pkgsrc-2016Q4:1.7.0.10 pkgsrc-2016Q4-base:1.7 pkgsrc-2016Q3:1.7.0.8 pkgsrc-2016Q3-base:1.7 pkgsrc-2016Q2:1.7.0.6 pkgsrc-2016Q2-base:1.7 pkgsrc-2016Q1:1.7.0.4 pkgsrc-2016Q1-base:1.7 pkgsrc-2015Q4:1.7.0.2 pkgsrc-2015Q4-base:1.7 pkgsrc-2015Q3:1.6.0.8 pkgsrc-2015Q3-base:1.6 pkgsrc-2015Q2:1.6.0.6 pkgsrc-2015Q2-base:1.6 pkgsrc-2015Q1:1.6.0.4 pkgsrc-2015Q1-base:1.6 pkgsrc-2014Q4:1.6.0.2 pkgsrc-2014Q4-base:1.6 pkgsrc-2014Q3:1.5.0.6 pkgsrc-2014Q3-base:1.5 pkgsrc-2014Q2:1.5.0.4 pkgsrc-2014Q2-base:1.5 pkgsrc-2014Q1:1.5.0.2 pkgsrc-2014Q1-base:1.5 pkgsrc-2013Q4:1.4.0.8 pkgsrc-2013Q4-base:1.4 pkgsrc-2013Q3:1.4.0.6 pkgsrc-2013Q3-base:1.4 pkgsrc-2013Q2:1.4.0.4 pkgsrc-2013Q2-base:1.4 pkgsrc-2013Q1:1.4.0.2 pkgsrc-2013Q1-base:1.4 pkgsrc-2012Q4:1.3.0.6 pkgsrc-2012Q4-base:1.3 pkgsrc-2012Q3:1.3.0.4 pkgsrc-2012Q3-base:1.3 pkgsrc-2012Q2:1.3.0.2 pkgsrc-2012Q2-base:1.3 pkgsrc-2012Q1:1.1.1.1.0.2 pkgsrc-2012Q1-base:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.10 date 2023.03.12.14.15.50; author wiz; state Exp; branches; next 1.9; commitid NELgtVGkSVV7fQgE; 1.9 date 2021.10.26.11.17.35; author nia; state Exp; branches; next 1.8; commitid PNswNV9GDLZeojeD; 1.8 date 2021.10.07.14.54.18; author nia; state Exp; branches; next 1.7; commitid nfjKlj1wTplMcTbD; 1.7 date 2015.11.04.01.18.00; author agc; state Exp; branches; next 1.6; commitid agUNgZr58GM2fIHy; 1.6 date 2014.11.10.21.55.31; author pettai; state Exp; branches; next 1.5; commitid 7zKJAOeqSnobDGXx; 1.5 date 2014.03.13.22.27.33; author pettai; state Exp; branches; next 1.4; commitid UiiIhTrkbaozAAsx; 1.4 date 2013.03.16.20.19.02; author pettai; state Exp; branches; next 1.3; 1.3 date 2012.06.16.23.21.14; author dholland; state Exp; branches; next 1.2; 1.2 date 2012.06.16.20.45.33; author pettai; state Exp; branches; next 1.1; 1.1 date 2012.03.13.15.32.47; author pettai; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2012.03.13.15.32.47; author pettai; state Exp; branches; next ; desc @@ 1.10 log @pam-yubico: update to 2.27. * Version 2.27 (released 2021-04-09) ** Add always_prompt configuration option. ** Add client certificate support for ldap. ** Add starttls support for ldap. ** Add ldap_bind_as_user support. ** Parsing, cleanliness and string fixes. ** Documentation and spelling fixes. * Version 2.26 (released 2018-04-20) ** Make sure to close authfile (CVE-2018-9275). ** Fix compiler warnings. ** Open file descriptors with O_CLOEXEC. ** Use mkostemp() instead of mkstemp(). * Version 2.25 (released 2018-03-27) ** Documentation updates. ** Only do OTP validation if it's a token that might be valid. ** Return early in case user has no valid tokens. ** Ldap, compare values only with yubi_attr attributes. ** Add nullok parameter. * Version 2.24 (released 2016-11-25) ** Debug mode changed, allows file output with debug_file. ** Fixup returning user-unknown correctly. * Version 2.23 (released 2016-06-15) ** Fix an issue where a failure to set permissions was wrongly outputted. * Version 2.22 (released 2016-05-23) ** Documentation improvements. ** Retain ownership and permission of challenge files (issue #92). ** Make dependency on yubico-c-client 2.15 clearer. * Version 2.21 (released 2016-02-19) ** Add proxy support for yubico-c-client. ** Check that conv is set before trying to use it fixes a crash bug with the osx loginwindow. ** Add building of a mac installer. * Version 2.20 (released 2015-09-22) ** Add cainfo option to allow usage of a cabundle instead of path. ** Support comments in authfile. ** For challenge response with system-wide directory, write the files as root instead of the user. * Version 2.19 (released 2015-03-23) ** Add new ldap functionality ldap_bind_user and ldap_bind_password for authenticated binds ldap_filter for using subtree search and a filter ldap_cacertfile to use a specific cacert for ldaps * Version 2.18 (released 2015-02-12) ** Fix a memory leak of the pam response data. ** Add more tests. ** Add version flag to ykpamcfg. @ text @$NetBSD: distinfo,v 1.9 2021/10/26 11:17:35 nia Exp $ BLAKE2s (pam_yubico-2.27.tar.gz) = f4ab41bcf05df439117f79def3277ee1440326968dab4110de41ae9ff3bce698 SHA512 (pam_yubico-2.27.tar.gz) = 7d341e18f884216fc3372bdb837491c637235737dc04029fea30d7451718ab917ea99dd4a1249cbb4d10fb64b6bb6753b84a02e9bffbce2223d224d7420aeced Size (pam_yubico-2.27.tar.gz) = 81374 bytes @ 1.9 log @security: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Unfetchable distfiles (fetched conditionally?): ./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2021/10/07 14:54:18 nia Exp $ d3 3 a5 4 BLAKE2s (pam_yubico-2.17.tar.gz) = 6ec2bf498d54cad9702f9c42b2d69fa5d6f219bdb61b4d31cd4b1c7d5a0b193b SHA512 (pam_yubico-2.17.tar.gz) = ee2a1527c2f2b29ca601588700cc76edc688e58d305ef44d311db3c5f184513a5bdc3d9052cefd85b11de96c6999daeca3d22986e93f588c9d64e5c301c37ee8 Size (pam_yubico-2.17.tar.gz) = 391559 bytes SHA1 (patch-Makefile_in) = 1312fb660c479e96c07da4cdd54eb31ba03b5144 @ 1.8 log @security: Remove SHA1 hashes for distfiles @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2015/11/04 01:18:00 agc Exp $ d3 1 a3 1 RMD160 (pam_yubico-2.17.tar.gz) = 76592896a697fda87c608a3f0f71743a85d708de @ 1.7 log @Add SHA512 digests for distfiles for security category Problems found locating distfiles: Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz Package libidea: missing distfile libidea-0.8.2b.tar.gz Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2 Package uvscan: missing distfile vlp4510e.tar.Z Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2014/11/10 21:55:31 pettai Exp $ a2 1 SHA1 (pam_yubico-2.17.tar.gz) = d239580cc03f4f3a0f16562ba505006dbcb7980e @ 1.6 log @Version 2.17 (released 2014-08-26) * Fix a bug with the 'urllist' parameter where urls would be forgotten. * Manpages converted to asciidoc. Version 2.16 (released 2014-06-10) * Fix a crashbug with the new parameter 'urllist' Version 2.15 (released 2014-04-30) * Added new parameter 'urllist' * Added pam_yubico(8) man page. * Fix memory leak. * Bump yubico-c-client version requirement to 2.12. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.5 2014/03/13 22:27:33 pettai Exp $ d5 1 @ 1.5 log @Version 2.14 (released 2013-09-27) * Don't install internal header files. * Don't print debug info when the "debug" parameter is not given. * Use PBKDF2 to process expected reply for challenge-response mode. * Fixup memory leaks and leaks of privilege. * Let return values reflect whether the user wasn't found or other error. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.4 2013/03/16 20:19:02 pettai Exp $ d3 3 a5 3 SHA1 (pam_yubico-2.14.tar.gz) = 3dd6bddce69785c5d61ae0f64ba568e1a81498a1 RMD160 (pam_yubico-2.14.tar.gz) = 898fbabdafa2279c56b24333ceff8e2af7ddf095 Size (pam_yubico-2.14.tar.gz) = 380023 bytes @ 1.4 log @Version 2.13 (released 2013-03-01) * Fix a bug in the version check to support major version > 2 (neo). Patch from https://github.com/wwest4 * Give ykpamcfg an option for specifying path. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.3 2012/06/16 23:21:14 dholland Exp $ d3 4 a6 4 SHA1 (pam_yubico-2.13.tar.gz) = 63de5cc19aa89122709eede7f4f272a00945535d RMD160 (pam_yubico-2.13.tar.gz) = 9f9280a5c4aea20e6c8b0a66c8fba2ba8fc6365b Size (pam_yubico-2.13.tar.gz) = 375151 bytes SHA1 (patch-Makefile_in) = 7981018066034283ae7fb67c5d502b0ac89191b6 @ 1.3 log @Add patch I've been carrying around to fix the MAKE_JOBS build. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2012/06/16 20:45:33 pettai Exp $ d3 3 a5 3 SHA1 (pam_yubico-2.12.tar.gz) = 37bc2c19b3aaa43f2394eb33241ce95fe37c24c6 RMD160 (pam_yubico-2.12.tar.gz) = 81aac096d20dd992edf06d8135a6fdb878c77e81 Size (pam_yubico-2.12.tar.gz) = 367164 bytes @ 1.2 log @Version 2.12 (released 2012-06-15) * Only use libyubikey when --with-cr is used. * Set correct permissions on tempfile. * YubiKey 2.2 contains a bug in challenge-response that makes it output the same response to all challenges unless HMAC_LT64 is set. Add warnings to ykpamcfg and a warning through conversate in the pam module. Keys programmed like this should be reprogrammed with the HMAC_LT64 flag set. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.1.1.1 2012/03/13 15:32:47 pettai Exp $ d6 1 @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 SHA1 (pam_yubico-2.11.tar.gz) = e841ab473fee7c28af96e4d18fef427a8e1a947b RMD160 (pam_yubico-2.11.tar.gz) = d3c379a809a4325522837df3d9ca92f52d4d3754 Size (pam_yubico-2.11.tar.gz) = 360380 bytes @ 1.1.1.1 log @The Yubico PAM module provides an easy way to integrate the Yubikey into your existing user authentication infrastructure. Imported from pkgsrc-wip @ text @@