Index: head/security/pam_ssh_agent_auth/Makefile =================================================================== --- head/security/pam_ssh_agent_auth/Makefile (revision 566221) +++ head/security/pam_ssh_agent_auth/Makefile (revision 566222) @@ -1,35 +1,36 @@ # Created by: Martin Wilke # $FreeBSD$ PORTNAME= pam_ssh_agent_auth PORTVERSION= 0.10.4 +PORTREVISION= 1 CATEGORIES= security MAINTAINER= matthew@FreeBSD.org COMMENT= PAM module which permits authentication via ssh-agent USE_GITHUB= yes GH_ACCOUNT= jbeverly GH_TAGNAME= 7ff7858 GH_TUPLE= floodyberry:ed25519-donna:8757bd4:floodyberry_ed25519_donna/ed25519-donna BROKEN_mips64= fails to compile: ed25519-donna-portable.h:85:4: Need a uint128_t implementation! BROKEN_FreeBSD_11_powerpc64= fails to compile on powerpc64 elfv1: ed25519-donna-portable.h: warning: ALIGN redefined BROKEN_FreeBSD_12_powerpc64= fails to compile on powerpc64 elfv1: ed25519-donna-portable.h: warning: ALIGN redefined USES= perl5 ssl tar:bzip2 USE_PERL5= build GNU_CONFIGURE= yes CONFIGURE_ENV= ac_cv_func_strnvis=no PERL=/usr/bin/false CONFIGURE_ARGS= --libexecdir=${LOCALBASE}/lib \ --with-ssl-dir=${OPENSSLBASE} \ --without-openssl-header-check PLIST_FILES= lib/pam_ssh_agent_auth.so \ man/man8/pam_ssh_agent_auth.8.gz post-install: ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/pam_ssh_agent_auth.so .include Index: head/security/pam_ssh_agent_auth/files/patch-ssh-ecdsa.c =================================================================== --- head/security/pam_ssh_agent_auth/files/patch-ssh-ecdsa.c (nonexistent) +++ head/security/pam_ssh_agent_auth/files/patch-ssh-ecdsa.c (revision 566222) @@ -0,0 +1,42 @@ +--- ssh-ecdsa.c.orig 2019-07-08 16:36:13 UTC ++++ ssh-ecdsa.c +@@ -46,7 +46,7 @@ ssh_ecdsa_sign(const Key *key, u_char **sigp, u_int *l + u_int len, dlen; + Buffer b, bb; + #if OPENSSL_VERSION_NUMBER >= 0x10100005L +- BIGNUM *r, *s; ++ BIGNUM *r = NULL, *s = NULL; + #endif + + if (key == NULL || key->type != KEY_ECDSA || key->ecdsa == NULL) { +@@ -137,20 +137,27 @@ ssh_ecdsa_verify(const Key *key, const u_char *signatu + + /* parse signature */ + if ((sig = ECDSA_SIG_new()) == NULL) +- pamsshagentauth_fatal("ssh_ecdsa_verify: DSA_SIG_new failed"); ++ pamsshagentauth_fatal("ssh_ecdsa_verify: ECDSA_SIG_new failed"); + + pamsshagentauth_buffer_init(&b); + pamsshagentauth_buffer_append(&b, sigblob, len); + #if OPENSSL_VERSION_NUMBER < 0x10100005L + if ((pamsshagentauth_buffer_get_bignum2_ret(&b, sig->r) == -1) || + (pamsshagentauth_buffer_get_bignum2_ret(&b, sig->s) == -1)) ++ pamsshagentauth_fatal("ssh_ecdsa_verify:" ++ "pamsshagentauth_buffer_get_bignum2_ret failed"); + #else +- DSA_SIG_get0(sig, &r, &s); ++ if ((r = BN_new()) == NULL) ++ pamsshagentauth_fatal("ssh_ecdsa_verify: BN_new failed"); ++ if ((s = BN_new()) == NULL) ++ pamsshagentauth_fatal("ssh_ecdsa_verify: BN_new failed"); + if ((pamsshagentauth_buffer_get_bignum2_ret(&b, r) == -1) || + (pamsshagentauth_buffer_get_bignum2_ret(&b, s) == -1)) +-#endif + pamsshagentauth_fatal("ssh_ecdsa_verify:" + "pamsshagentauth_buffer_get_bignum2_ret failed"); ++ if (ECDSA_SIG_set0(sig, r, s) != 1) ++ pamsshagentauth_fatal("ssh_ecdsa_verify: ECDSA_SIG_set0 failed"); ++#endif + + /* clean up */ + memset(sigblob, 0, len); Property changes on: head/security/pam_ssh_agent_auth/files/patch-ssh-ecdsa.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property