summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDane Smith <c1pher@gentoo.org>2013-05-13 13:19:34 -0400
committerDane Smith <c1pher@gentoo.org>2013-05-13 13:19:34 -0400
commite3b7c425ea3b4bc5130944b78e17d9c53e350fe7 (patch)
tree0b8f02bf21e0a1ea32de9ff4bc278f7ee309af9d /sys-auth
parentgo version bump for my testing. (diff)
downloadc1pher-e3b7c425ea3b4bc5130944b78e17d9c53e350fe7.tar.gz
c1pher-e3b7c425ea3b4bc5130944b78e17d9c53e350fe7.tar.bz2
c1pher-e3b7c425ea3b4bc5130944b78e17d9c53e350fe7.zip
Allow time configuration.
Diffstat (limited to 'sys-auth')
-rw-r--r--sys-auth/libpam-google-authenticator/Manifest6
-rw-r--r--sys-auth/libpam-google-authenticator/files/allow_time_config.patch65
-rw-r--r--sys-auth/libpam-google-authenticator/libpam-google-authenticator-1.0.ebuild14
3 files changed, 80 insertions, 5 deletions
diff --git a/sys-auth/libpam-google-authenticator/Manifest b/sys-auth/libpam-google-authenticator/Manifest
index bd20b65..5ca2680 100644
--- a/sys-auth/libpam-google-authenticator/Manifest
+++ b/sys-auth/libpam-google-authenticator/Manifest
@@ -1,2 +1,4 @@
-DIST libpam-google-authenticator-1.0-source.tar.bz2 32708 RMD160 ce26a2f805f36a82a7ab3d930116a73fb444e037 SHA1 017b7d89989f1624e360abe02d6b27a6298d285d SHA256 80426045d13ce7a2bf56c692ccfb1751cef3c7484752ad40738facf729264d4b
-EBUILD libpam-google-authenticator-1.0.ebuild 627 RMD160 95b8b8c213930976e5a47d624ae7ad0aaa852582 SHA1 63048eeef57535f1079e7596b72797fa91545bad SHA256 859bd5f93cc36c154b8bddaa7ccc9788da8bec0d329986be1108ae729d201b7c
+AUX allow_time_config.patch 2229 SHA256 b6baddfe1c30f3a4d4f3326795693fff8504c7f8bf0d8b5bc2d5eadced31fddc SHA512 b1f00fdee909f1020dbc662474c2380d6e69639845df97d162df6a90d8b44bdec9d6664adf3ee179f517132520558cbf15116c7a01fd311d66f1ddd19d6ecb9c WHIRLPOOL a81ad7c079455e54d4eb6cba402f3477eec54bfee19d33d3ab231db524ae00c1cd2074a1b83640cd10cf11c720381ab0e96a4b3b5edfa94f8b076f3139a8f3e2
+DIST libpam-google-authenticator-1.0-source.tar.bz2 32708 SHA256 80426045d13ce7a2bf56c692ccfb1751cef3c7484752ad40738facf729264d4b SHA512 92ec473b07e2e46f969cd0a1a6f5707892800418442ad7d046ebc1195bbd1654e396f53245056c7eee38decaeb1997102f9aa988b7da1d734dcd2b104402ef8c WHIRLPOOL fff94006035d0751ff690f81d827a33c5d304f86a48809fa889138bb29ae1f9c47315fb0c3548d29dae545cac63db9f35a9bb6e439f49cd4a6571241a43e4c6a
+EBUILD libpam-google-authenticator-1.0.ebuild 758 SHA256 48b78cc12150732399906633f99c564106557ac8af9ba84d9fe0a7abe2b12c87 SHA512 a60ac6e15d8f992bade946d239a34dfb36d8a2be40186189e50ab6e29125c72b6cc8311b72273caef44c1e823d2a0583afc0a25074615bb6605c90c3b40fac53 WHIRLPOOL 7e690d6a2026f12e6796e329ab764a9f8f84439958f8ec0f5428ca43a6b046f595a4340eb3fda32cbb4c75ab29480b45cd44f6afeda207c2d880da7f1bc8cc2a
+MISC TODO 23 SHA256 4929fa9118a621134d43b84969fe4c79c89a342ab5f56447cf936ff07eefbf58 SHA512 0422ce060bf4aa0506429c4e0a66df2e511b3e8f29ecddc76e5258f7f29003f4a62998269588f86c5d6cee0a5e271082a5f72edd0332018ca95c0689824d457b WHIRLPOOL f4deebbeb38a5ddf0d7cb89a82821d075e624587a453cc0978faf23d88224033280b1cff44ef818c707c5cf106228fdafe7cf0b1ea60b4685333a8c9981e063b
diff --git a/sys-auth/libpam-google-authenticator/files/allow_time_config.patch b/sys-auth/libpam-google-authenticator/files/allow_time_config.patch
new file mode 100644
index 0000000..85c48b0
--- /dev/null
+++ b/sys-auth/libpam-google-authenticator/files/allow_time_config.patch
@@ -0,0 +1,65 @@
+From ab2b4ba85e417eb0b4a497da84cd31b7e4a2bbe8 Mon Sep 17 00:00:00 2001
+From: Brian Ristuccia <brian@ristuccia.com>
+Date: Tue, 14 Aug 2012 11:42:55 -0400
+Subject: [PATCH] Add configuration option for TOTP time step size. Previously the time step
+ was hardcoded to 30 seconds, which is now the default.
+
+---
+ libpam/FILEFORMAT | 2 ++
+ libpam/pam_google_authenticator.c | 19 ++++++++++++++++---
+ 2 files changed, 18 insertions(+), 3 deletions(-)
+
+diff --git a/libpam/FILEFORMAT b/libpam/FILEFORMAT
+index 0f0ad8a..b267b68 100644
+--- a/libpam/FILEFORMAT
++++ b/libpam/FILEFORMAT
+@@ -54,6 +54,8 @@ Currently, the following options are recognized:
+ for most users as invalid login attempts and generated-but-not-used
+ tokens both contribute to synchronization problems.
+
++ TIME_STEP_SIZE n
++ the default value time step size is 30 seconds.
+
+ Any all-numeric sequence of eight-digit numbers are randomly generated
+ one-time tokens. The user can enter any arbitrary one-time code
+diff --git a/libpam/pam_google_authenticator.c b/libpam/pam_google_authenticator.c
+index 159e89e..e8dd5ab 100644
+--- a/libpam/pam_google_authenticator.c
++++ b/libpam/pam_google_authenticator.c
+@@ -502,8 +502,8 @@ static time_t get_time(void) {
+ }
+ #endif
+
+-static int get_timestamp(void) {
+- return get_time()/30;
++static int get_timestamp(int step_size) {
++ return get_time()/step_size;
+ }
+
+ static int comparator(const void *a, const void *b) {
+@@ -1160,8 +1160,21 @@ static int check_timebased_code(pam_handle_t *pamh, const char*secret_filename,
+ return 1;
+ }
+
++ const char *step_size_str = get_cfg_value(pamh, "TIME_STEP_SIZE", *buf);
++ if (step_size_str == &oom) {
++ // Out of memory. This is a fatal error
++ return -1;
++ }
++
++ // Default step size of 30s
++ int step_size = 30;
++ if (step_size_str) {
++ step_size = (int)strtol(step_size_str, NULL, 10);
++ }
++ free((void *)step_size_str);
++
+ // Compute verification codes and compare them with user input
+- const int tm = get_timestamp();
++ const int tm = get_timestamp(step_size);
+ const char *skew_str = get_cfg_value(pamh, "TIME_SKEW", *buf);
+ if (skew_str == &oom) {
+ // Out of memory. This is a fatal error
+--
+1.7.2.5
+
diff --git a/sys-auth/libpam-google-authenticator/libpam-google-authenticator-1.0.ebuild b/sys-auth/libpam-google-authenticator/libpam-google-authenticator-1.0.ebuild
index e716524..6a6a31a 100644
--- a/sys-auth/libpam-google-authenticator/libpam-google-authenticator-1.0.ebuild
+++ b/sys-auth/libpam-google-authenticator/libpam-google-authenticator-1.0.ebuild
@@ -3,7 +3,7 @@
# $Header: $
EAPI=4
-inherit pam
+inherit eutils pam toolchain-funcs
DESCRIPTION="Google Authentiator PAM plugin"
HOMEPAGE="http://code.google.com/p/google-authenticator/"
@@ -17,7 +17,15 @@ IUSE=""
DEPEND="sys-libs/pam"
RDEPEND="${DEPEND}"
-src_install(){
+src_prepare() {
+ epatch "${FILESDIR}/allow_time_config.patch"
+}
+
+src_compile() {
+ emake CC=$(tc-getCC)
+}
+
+src_install() {
insinto $(getpam_mod_dir)
doins pam_google_authenticator.so
dobin google-authenticator
@@ -25,6 +33,6 @@ src_install(){
dodoc README
}
-pkg_postinst(){
+pkg_postinst() {
elog "For setup information check the installed README"
}