From c1771eb25d1152d98adbbe142d8f67ced29b7748 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 5 Jun 2013 21:30:29 +0000 Subject: [PATCH 01/41] Initial setup of the repo --- .gitignore | 0 sources | 0 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 .gitignore create mode 100644 sources diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/sources b/sources new file mode 100644 index 0000000..e69de29 From f755dfce64f5da882e1c432a852a1c9d4d68f988 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 5 Jun 2013 23:54:56 +0200 Subject: [PATCH 02/41] Initial import (#949324) --- .gitignore | 1 + oath-toolkit-2.0.2-man-fix.patch | 59 +++++++++ oath-toolkit.spec | 202 +++++++++++++++++++++++++++++++ sources | 1 + 4 files changed, 263 insertions(+) create mode 100644 oath-toolkit-2.0.2-man-fix.patch create mode 100644 oath-toolkit.spec diff --git a/.gitignore b/.gitignore index e69de29..19d30f2 100644 --- a/.gitignore +++ b/.gitignore @@ -0,0 +1 @@ +/oath-toolkit-2.0.2.tar.gz diff --git a/oath-toolkit-2.0.2-man-fix.patch b/oath-toolkit-2.0.2-man-fix.patch new file mode 100644 index 0000000..9349065 --- /dev/null +++ b/oath-toolkit-2.0.2-man-fix.patch @@ -0,0 +1,59 @@ +diff --git a/libpskc/man/pskc_get_key_algparm_chall_max.3 b/libpskc/man/pskc_get_key_algparm_chall_max.3 +index 6ae79a3..2001320 100644 +--- a/libpskc/man/pskc_get_key_algparm_chall_max.3 ++++ b/libpskc/man/pskc_get_key_algparm_chall_max.3 +@@ -15,8 +15,8 @@ output variable indicating whether data was provided or not. + Get the PSKC KeyPackage Key AlgorithmParameters ChallengeFormat Max + value. This attribute defines the maximum size of the challenge + accepted by the device for CR mode and MUST be included. If the +-'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or +-'ALPHANUMERIC', this value indicates the maximum number of ++\&'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or ++\&'ALPHANUMERIC', this value indicates the maximum number of + digits/characters. If the 'Encoding' attribute is set to 'BASE64' + or 'BINARY', this value indicates the maximum number of bytes of + the unencoded value. +diff --git a/libpskc/man/pskc_get_key_algparm_chall_min.3 b/libpskc/man/pskc_get_key_algparm_chall_min.3 +index 85009d6..6e51e52 100644 +--- a/libpskc/man/pskc_get_key_algparm_chall_min.3 ++++ b/libpskc/man/pskc_get_key_algparm_chall_min.3 +@@ -15,8 +15,8 @@ output variable indicating whether data was provided or not. + Get the PSKC KeyPackage Key AlgorithmParameters ChallengeFormat Min + value. This attribute defines the minimum size of the challenge + accepted by the device for CR mode and MUST be included. If the +-'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or +-'ALPHANUMERIC', this value indicates the minimum number of ++\&'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or ++\&'ALPHANUMERIC', this value indicates the minimum number of + digits/characters. If the 'Encoding' attribute is set to 'BASE64' + or 'BINARY', this value indicates the minimum number of bytes of + the unencoded value. +diff --git a/libpskc/man/pskc_get_key_policy_pinmaxlength.3 b/libpskc/man/pskc_get_key_policy_pinmaxlength.3 +index be96a9a..d4ce51e 100644 +--- a/libpskc/man/pskc_get_key_policy_pinmaxlength.3 ++++ b/libpskc/man/pskc_get_key_policy_pinmaxlength.3 +@@ -16,9 +16,9 @@ Get the PSKC KeyPackage Key Policy PINPolicy MaxLength value. This + attribute indicates the maximum length of a PIN that can be set to + protect this key. It MUST NOT be possible to set a PIN longer than + this value. If the 'PINFormat' attribute is set to 'DECIMAL', +-'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates the number ++\&'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates the number + of digits/ characters. If the 'PINFormat' attribute is set to +-'BASE64' or 'BINARY', this value indicates the number of bytes of ++\&'BASE64' or 'BINARY', this value indicates the number of bytes of + the unencoded value. + + If \fIpresent\fP is non\-NULL, it will be 0 if the field is not present +diff --git a/libpskc/man/pskc_get_key_policy_pinminlength.3 b/libpskc/man/pskc_get_key_policy_pinminlength.3 +index c00523d..a5efe53 100644 +--- a/libpskc/man/pskc_get_key_policy_pinminlength.3 ++++ b/libpskc/man/pskc_get_key_policy_pinminlength.3 +@@ -16,7 +16,7 @@ Get the PSKC KeyPackage Key Policy PINPolicy MinLength value. This + attribute indicates the minimum length of a PIN that can be set to + protect the associated key. It MUST NOT be possible to set a PIN + shorter than this value. If the 'PINFormat' attribute is set to +-'DECIMAL', 'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates ++\&'DECIMAL', 'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates + the number of digits/ characters. If the 'PINFormat' attribute is + set to 'BASE64' or 'BINARY', this value indicates the number of + bytes of the unencoded value. diff --git a/oath-toolkit.spec b/oath-toolkit.spec new file mode 100644 index 0000000..d51a18b --- /dev/null +++ b/oath-toolkit.spec @@ -0,0 +1,202 @@ +Name: oath-toolkit +Version: 2.0.2 +Release: 3%{?dist} +License: GPLv3+ +Group: System Environment/Libraries +Summary: One-time password components +BuildRequires: xmlsec1-devel, pam-devel, gtk-doc, libtool, libtool-ltdl-devel +Source: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz +URL: http://www.nongnu.org/oath-toolkit/ +# Escape leading single quotes in man pages which are misinterpreted as macros, +# patch sent upstream, upstream ticket #108312 +Patch0: oath-toolkit-2.0.2-man-fix.patch + +%description +The OATH Toolkit provide components for building one-time password +authentication systems. It contains shared libraries, command line tools and a +PAM module. Supported technologies include the event-based HOTP algorithm +(RFC4226) and the time-based TOTP algorithm (RFC6238). OATH stands for Open +AuTHentication, which is the organization that specify the algorithms. For +managing secret key files, the Portable Symmetric Key Container (PSKC) format +described in RFC6030 is supported. + +%package -n liboath +Summary: Library for OATH handling +Group: Development/Libraries +License: LGPLv2+ +Requires(post): /sbin/ldconfig +Requires(postun): /sbin/ldconfig +# https://fedorahosted.org/fpc/ticket/174 +Provides: bundled(gnulib) + +%description -n liboath +OATH stands for Open AuTHentication, which is the organization that +specify the algorithms. Supported technologies include the event-based +HOTP algorithm (RFC4226) and the time-based TOTP algorithm (RFC6238). + +%package -n liboath-devel +Summary: Development files for liboath +Group: Development/Libraries +License: LGPLv2+ +Requires: liboath%{?_isa} = %{version}-%{release} + +%description -n liboath-devel +Development files for liboath. + +%package -n liboath-doc +Summary: Documentation files for liboath +Group: Development/Libraries +License: LGPLv2+ +Requires: liboath = %{version}-%{release} +Requires: gtk-doc +BuildArch: noarch + +%description -n liboath-doc +Documentation files for liboath. + +%package -n libpskc +Summary: Library for PSKC handling +Group: Development/Libraries +License: LGPLv2+ +Requires: xml-common +Requires(post): /sbin/ldconfig +Requires(postun): /sbin/ldconfig +# https://fedorahosted.org/fpc/ticket/174 +Provides: bundled(gnulib) + +%description -n libpskc +Library for managing secret key files, the Portable Symmetric Key +Container (PSKC) format described in RFC6030 is supported. + +%package -n libpskc-devel +Summary: Development files for libpskc +Group: Development/Libraries +License: LGPLv2+ +Requires: libpskc%{?_isa} = %{version}-%{release} + +%description -n libpskc-devel +Development files for libpskc. + +%package -n libpskc-doc +Summary: Documentation files for libpskc +Group: Development/Libraries +License: LGPLv2+ +Requires: libpskc = %{version}-%{release} +Requires: gtk-doc +BuildArch: noarch + +%description -n libpskc-doc +Documentation files for libpskc. + +%package -n oathtool +Summary: A command line tool for generating and validating OTPs +License: GPLv3+ +# https://fedorahosted.org/fpc/ticket/174 +Provides: bundled(gnulib) + +%description -n oathtool +A command line tool for generating and validating OTPs. + +%package -n pskctool +Summary: A command line tool for manipulating PSKC data +# https://fedorahosted.org/fpc/ticket/174 +Provides: bundled(gnulib) + +%description -n pskctool +A command line tool for manipulating PSKC data. + +%package -n pam_oath +Summary: A PAM module for pluggable login authentication for OATH +Group: Development/Libraries +Requires: pam + +%description -n pam_oath +A PAM module for pluggable login authentication for OATH. + +%prep +%setup -q +%patch0 -p1 -b .man-fix + +%build +%configure --with-pam-dir=%{_libdir}/security + +# Kill rpaths and link with --as-needed +for d in liboath libpskc oathtool pam_oath pskctool +do + sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' $d/libtool + sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' $d/libtool + sed -i 's| -shared | -Wl,--as-needed\0|g' $d/libtool +done + +make %{?_smp_mflags} + +%install +make %{?_smp_mflags} DESTDIR=%{buildroot} install + +# Remove static objects and libtool files +rm -f %{buildroot}%{_libdir}/*.{a,la} +rm -f %{buildroot}%{_libdir}/security/*.la + +# Make /etc/liboath directory +mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath + +%post -n liboath -p /sbin/ldconfig + +%postun -n liboath -p /sbin/ldconfig + +%post -n libpskc -p /sbin/ldconfig + +%postun -n libpskc -p /sbin/ldconfig + +%files -n liboath +%doc liboath/COPYING +%attr(0600, root, root) %dir %{_sysconfdir}/liboath +%{_libdir}/liboath.so.* + +%files -n liboath-devel +%{_includedir}/liboath +%{_libdir}/liboath.so +%{_libdir}/pkgconfig/liboath.pc + +%files -n liboath-doc +%{_mandir}/man3/oath* +%{_datadir}/gtk-doc/html/liboath/* + +%files -n libpskc +%doc libpskc/README +%{_libdir}/libpskc.so.* +%{_datadir}/xml/pskc + +%files -n libpskc-devel +%{_includedir}/pskc +%{_libdir}/libpskc.so +%{_libdir}/pkgconfig/libpskc.pc + +%files -n libpskc-doc +%{_mandir}/man3/pskc* +%{_datadir}/gtk-doc/html/libpskc/* + +%files -n oathtool +%doc oathtool/COPYING +%{_bindir}/oathtool +%{_mandir}/man1/oathtool.* + +%files -n pskctool +%{_bindir}/pskctool +%{_mandir}/man1/pskctool.* + +%files -n pam_oath +%doc pam_oath/README pam_oath/COPYING +%{_libdir}/security/pam_oath.so + +%changelog +* Wed Jun 5 2013 Jaroslav Škarvada - 2.0.2-3 +- Fixed requirements according to reviewer comments +- Linked with --as-needed +- Fixed man pages (by man-fix patch) + +* Mon Apr 8 2013 Jaroslav Škarvada - 2.0.2-2 +- Added /etc/liboath directory to hold configuration / user lists + +* Sun Apr 07 2013 Jaroslav Škarvada - 2.0.2-1 +- Initial version diff --git a/sources b/sources index e69de29..a5e2156 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +35232dfcaf0e77377f926d561fe5086d oath-toolkit-2.0.2.tar.gz From c47b59a586cfee60fb952e900cdbcd36ac61cbc5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 10 Jul 2013 11:59:53 +0200 Subject: [PATCH 03/41] New version Resolves: rhbz#982986 --- .gitignore | 1 + oath-toolkit.spec | 8 ++++++-- sources | 2 +- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 19d30f2..78b6ae5 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /oath-toolkit-2.0.2.tar.gz +/oath-toolkit-2.2.0.tar.gz diff --git a/oath-toolkit.spec b/oath-toolkit.spec index d51a18b..7ceceb4 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit -Version: 2.0.2 -Release: 3%{?dist} +Version: 2.2.0 +Release: 1%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -190,6 +190,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Wed Jul 10 2013 Jaroslav Škarvada - 2.2.0-1 +- New version + Resolves: rhbz#982986 + * Wed Jun 5 2013 Jaroslav Škarvada - 2.0.2-3 - Fixed requirements according to reviewer comments - Linked with --as-needed diff --git a/sources b/sources index a5e2156..4cf13c8 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -35232dfcaf0e77377f926d561fe5086d oath-toolkit-2.0.2.tar.gz +2afc64577936a1a79cff72b0718c9636 oath-toolkit-2.2.0.tar.gz From 7285d8345977fd8a1d414e0c8b4fcb97d646c69b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 23 Jul 2013 12:57:06 +0200 Subject: [PATCH 04/41] New version Resolves: rhbz#987378 --- .gitignore | 1 + oath-toolkit.spec | 6 +++++- sources | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 78b6ae5..1144d8a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ /oath-toolkit-2.0.2.tar.gz /oath-toolkit-2.2.0.tar.gz +/oath-toolkit-2.4.0.tar.gz diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 7ceceb4..0f83783 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,5 +1,5 @@ Name: oath-toolkit -Version: 2.2.0 +Version: 2.4.0 Release: 1%{?dist} License: GPLv3+ Group: System Environment/Libraries @@ -190,6 +190,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Tue Jul 23 2013 Jaroslav Škarvada - 2.4.0-1 +- New version + Resolves: rhbz#987378 + * Wed Jul 10 2013 Jaroslav Škarvada - 2.2.0-1 - New version Resolves: rhbz#982986 diff --git a/sources b/sources index 4cf13c8..059ab33 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -2afc64577936a1a79cff72b0718c9636 oath-toolkit-2.2.0.tar.gz +456774fbc37d5267e4e8920694b7ad48 oath-toolkit-2.4.0.tar.gz From 6f1a1931ca9dbddddbd42478a76580d582219945 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sat, 3 Aug 2013 09:41:19 -0500 Subject: [PATCH 05/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 0f83783..2be6088 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.4.0 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -190,6 +190,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Sat Aug 03 2013 Fedora Release Engineering - 2.4.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + * Tue Jul 23 2013 Jaroslav Škarvada - 2.4.0-1 - New version Resolves: rhbz#987378 From c18eaeb2ac93cae9077c9a18ad58dcc6fab9ea69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Thu, 13 Feb 2014 10:59:14 +0100 Subject: [PATCH 06/41] New version Resolves: rhbz#1064764 --- .gitignore | 1 + oath-toolkit.spec | 8 ++++++-- sources | 2 +- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 1144d8a..c02e5ac 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /oath-toolkit-2.0.2.tar.gz /oath-toolkit-2.2.0.tar.gz /oath-toolkit-2.4.0.tar.gz +/oath-toolkit-2.4.1.tar.gz diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 2be6088..30ea969 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit -Version: 2.4.0 -Release: 2%{?dist} +Version: 2.4.1 +Release: 1%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -190,6 +190,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu Feb 13 2014 Jaroslav Škarvada - 2.4.1-1 +- New version + Resolves: rhbz#1064764 + * Sat Aug 03 2013 Fedora Release Engineering - 2.4.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild diff --git a/sources b/sources index 059ab33..8914688 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -456774fbc37d5267e4e8920694b7ad48 oath-toolkit-2.4.0.tar.gz +951bafd1d86e6013903c10be3b6623bb oath-toolkit-2.4.1.tar.gz From df3176d3f4badddcdeba719e9de65e34e40ba90b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 17 Feb 2014 11:20:59 +0100 Subject: [PATCH 07/41] Added xmlsec1-openssl-devel to buildrequires --- oath-toolkit.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 30ea969..214b81d 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,10 +1,11 @@ Name: oath-toolkit Version: 2.4.1 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components BuildRequires: xmlsec1-devel, pam-devel, gtk-doc, libtool, libtool-ltdl-devel +BuildRequires: xmlsec1-openssl-devel Source: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz URL: http://www.nongnu.org/oath-toolkit/ # Escape leading single quotes in man pages which are misinterpreted as macros, @@ -190,6 +191,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Mon Feb 17 2014 Jaroslav Škarvada - 2.4.1-2 +- Added xmlsec1-openssl-devel to buildrequires + * Thu Feb 13 2014 Jaroslav Škarvada - 2.4.1-1 - New version Resolves: rhbz#1064764 From 67333c1cefaf3ab5464930b6c3de574c40000dd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Thu, 20 Feb 2014 12:08:27 +0100 Subject: [PATCH 08/41] Added xmlsec1-openssl to requires Resolves: rhbz#1066477 --- oath-toolkit.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 214b81d..f009052 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.4.1 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -102,6 +102,7 @@ A command line tool for generating and validating OTPs. Summary: A command line tool for manipulating PSKC data # https://fedorahosted.org/fpc/ticket/174 Provides: bundled(gnulib) +Requires: xmlsec1-openssl%{?_isa} %description -n pskctool A command line tool for manipulating PSKC data. @@ -191,6 +192,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu Feb 20 2014 Jaroslav Škarvada - 2.4.1-3 +- Added xmlsec1-openssl to requires + Resolves: rhbz#1066477 + * Mon Feb 17 2014 Jaroslav Škarvada - 2.4.1-2 - Added xmlsec1-openssl-devel to buildrequires From 0aed213bad6ed7813a42dd1f7d294ba78ce31cb2 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sat, 7 Jun 2014 10:23:46 -0500 Subject: [PATCH 09/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index f009052..f01cfc9 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.4.1 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -192,6 +192,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Sat Jun 07 2014 Fedora Release Engineering - 2.4.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + * Thu Feb 20 2014 Jaroslav Škarvada - 2.4.1-3 - Added xmlsec1-openssl to requires Resolves: rhbz#1066477 From 5921fb481706961ea6d8de6362b577e0a8c80cce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 5 Aug 2014 18:18:25 +0200 Subject: [PATCH 10/41] Added support for RHEL (i.e. no PSKC yet on RHEL) --- oath-toolkit.spec | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index f01cfc9..0b12087 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,11 +1,13 @@ Name: oath-toolkit Version: 2.4.1 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components -BuildRequires: xmlsec1-devel, pam-devel, gtk-doc, libtool, libtool-ltdl-devel -BuildRequires: xmlsec1-openssl-devel +BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel +%if ! 0%{?rhel:1} +BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel +%endif Source: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz URL: http://www.nongnu.org/oath-toolkit/ # Escape leading single quotes in man pages which are misinterpreted as macros, @@ -55,6 +57,7 @@ BuildArch: noarch %description -n liboath-doc Documentation files for liboath. +%if ! 0%{?rhel:1} %package -n libpskc Summary: Library for PSKC handling Group: Development/Libraries @@ -88,6 +91,7 @@ BuildArch: noarch %description -n libpskc-doc Documentation files for libpskc. +%endif %package -n oathtool Summary: A command line tool for generating and validating OTPs @@ -98,6 +102,7 @@ Provides: bundled(gnulib) %description -n oathtool A command line tool for generating and validating OTPs. +%if ! 0%{?rhel:1} %package -n pskctool Summary: A command line tool for manipulating PSKC data # https://fedorahosted.org/fpc/ticket/174 @@ -106,6 +111,7 @@ Requires: xmlsec1-openssl%{?_isa} %description -n pskctool A command line tool for manipulating PSKC data. +%endif %package -n pam_oath Summary: A PAM module for pluggable login authentication for OATH @@ -123,7 +129,7 @@ A PAM module for pluggable login authentication for OATH. %configure --with-pam-dir=%{_libdir}/security # Kill rpaths and link with --as-needed -for d in liboath libpskc oathtool pam_oath pskctool +for d in liboath %{!?rhel:libpskc pskctool} oathtool pam_oath do sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' $d/libtool sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' $d/libtool @@ -146,9 +152,11 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %postun -n liboath -p /sbin/ldconfig +%if ! 0%{?rhel:1} %post -n libpskc -p /sbin/ldconfig %postun -n libpskc -p /sbin/ldconfig +%endif %files -n liboath %doc liboath/COPYING @@ -164,6 +172,7 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_mandir}/man3/oath* %{_datadir}/gtk-doc/html/liboath/* +%if ! 0%{?rhel:1} %files -n libpskc %doc libpskc/README %{_libdir}/libpskc.so.* @@ -177,21 +186,27 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %files -n libpskc-doc %{_mandir}/man3/pskc* %{_datadir}/gtk-doc/html/libpskc/* +%endif %files -n oathtool %doc oathtool/COPYING %{_bindir}/oathtool %{_mandir}/man1/oathtool.* +%if ! 0%{?rhel:1} %files -n pskctool %{_bindir}/pskctool %{_mandir}/man1/pskctool.* +%endif %files -n pam_oath %doc pam_oath/README pam_oath/COPYING %{_libdir}/security/pam_oath.so %changelog +* Tue Aug 5 2014 Jaroslav Škarvada - 2.4.1-5 +- Added support for RHEL (i.e. no PSKC yet on RHEL) + * Sat Jun 07 2014 Fedora Release Engineering - 2.4.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild From 2965eda54fe1237551511b8010c504f433281b3c Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Sun, 17 Aug 2014 12:37:41 +0000 Subject: [PATCH 11/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 0b12087..6112656 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.4.1 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -204,6 +204,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Sun Aug 17 2014 Fedora Release Engineering - 2.4.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + * Tue Aug 5 2014 Jaroslav Škarvada - 2.4.1-5 - Added support for RHEL (i.e. no PSKC yet on RHEL) From f9a55d7324767934cadb2cd92db8fe991821bd77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 7 Nov 2014 11:03:27 +0100 Subject: [PATCH 12/41] Added check for strdup failure (by strdup-null-check patch) Resolves: rhbz#1161360 --- oath-toolkit-2.4.1-strdup-null-check.patch | 29 ++++++++++++++++++++++ oath-toolkit.spec | 9 ++++++- 2 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 oath-toolkit-2.4.1-strdup-null-check.patch diff --git a/oath-toolkit-2.4.1-strdup-null-check.patch b/oath-toolkit-2.4.1-strdup-null-check.patch new file mode 100644 index 0000000..37a0576 --- /dev/null +++ b/oath-toolkit-2.4.1-strdup-null-check.patch @@ -0,0 +1,29 @@ +diff --git a/pam_oath/pam_oath.c b/pam_oath/pam_oath.c +index 8379358..e2d3363 100644 +--- a/pam_oath/pam_oath.c ++++ b/pam_oath/pam_oath.c +@@ -146,6 +146,12 @@ pam_sm_authenticate (pam_handle_t * pamh, + char *query_prompt = NULL; + char *onlypasswd = strdup (""); /* empty passwords never match */ + ++ if (!onlypasswd) ++ { ++ retval = PAM_BUF_ERR; ++ goto done; ++ } ++ + parse_cfg (flags, argc, argv, &cfg); + + retval = pam_get_user (pamh, &user, NULL); +@@ -265,6 +271,11 @@ pam_sm_authenticate (pam_handle_t * pamh, + { + free (onlypasswd); + onlypasswd = strdup (password); ++ if (!onlypasswd) ++ { ++ retval = PAM_BUF_ERR; ++ goto done; ++ } + + /* user entered their system password followed by generated OTP? */ + diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 6112656..44cfc47 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.4.1 -Release: 6%{?dist} +Release: 7%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -13,6 +13,8 @@ URL: http://www.nongnu.org/oath-toolkit/ # Escape leading single quotes in man pages which are misinterpreted as macros, # patch sent upstream, upstream ticket #108312 Patch0: oath-toolkit-2.0.2-man-fix.patch +# Add null check to strdup calls, upstream ticket #108456 +Patch1: oath-toolkit-2.4.1-strdup-null-check.patch %description The OATH Toolkit provide components for building one-time password @@ -124,6 +126,7 @@ A PAM module for pluggable login authentication for OATH. %prep %setup -q %patch0 -p1 -b .man-fix +%patch1 -p1 -b .strdup-null-check %build %configure --with-pam-dir=%{_libdir}/security @@ -204,6 +207,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Fri Nov 7 2014 Jaroslav Škarvada - 2.4.1-7 +- Added check for strdup failure (by strdup-null-check patch) + Resolves: rhbz#1161360 + * Sun Aug 17 2014 Fedora Release Engineering - 2.4.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild From fb4e76041973949c8a6e489dadeec7f318a8a4e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 11 Nov 2014 14:05:47 +0100 Subject: [PATCH 13/41] Removed RHEL conditionals (not needed any more) --- oath-toolkit.spec | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 44cfc47..63438c3 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,13 +1,11 @@ Name: oath-toolkit Version: 2.4.1 -Release: 7%{?dist} +Release: 8%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel -%if ! 0%{?rhel:1} BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel -%endif Source: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz URL: http://www.nongnu.org/oath-toolkit/ # Escape leading single quotes in man pages which are misinterpreted as macros, @@ -59,7 +57,6 @@ BuildArch: noarch %description -n liboath-doc Documentation files for liboath. -%if ! 0%{?rhel:1} %package -n libpskc Summary: Library for PSKC handling Group: Development/Libraries @@ -93,7 +90,6 @@ BuildArch: noarch %description -n libpskc-doc Documentation files for libpskc. -%endif %package -n oathtool Summary: A command line tool for generating and validating OTPs @@ -104,7 +100,6 @@ Provides: bundled(gnulib) %description -n oathtool A command line tool for generating and validating OTPs. -%if ! 0%{?rhel:1} %package -n pskctool Summary: A command line tool for manipulating PSKC data # https://fedorahosted.org/fpc/ticket/174 @@ -113,7 +108,6 @@ Requires: xmlsec1-openssl%{?_isa} %description -n pskctool A command line tool for manipulating PSKC data. -%endif %package -n pam_oath Summary: A PAM module for pluggable login authentication for OATH @@ -132,7 +126,7 @@ A PAM module for pluggable login authentication for OATH. %configure --with-pam-dir=%{_libdir}/security # Kill rpaths and link with --as-needed -for d in liboath %{!?rhel:libpskc pskctool} oathtool pam_oath +for d in liboath libpskc pskctool oathtool pam_oath do sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' $d/libtool sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' $d/libtool @@ -155,11 +149,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %postun -n liboath -p /sbin/ldconfig -%if ! 0%{?rhel:1} %post -n libpskc -p /sbin/ldconfig %postun -n libpskc -p /sbin/ldconfig -%endif %files -n liboath %doc liboath/COPYING @@ -175,7 +167,6 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_mandir}/man3/oath* %{_datadir}/gtk-doc/html/liboath/* -%if ! 0%{?rhel:1} %files -n libpskc %doc libpskc/README %{_libdir}/libpskc.so.* @@ -189,24 +180,24 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %files -n libpskc-doc %{_mandir}/man3/pskc* %{_datadir}/gtk-doc/html/libpskc/* -%endif %files -n oathtool %doc oathtool/COPYING %{_bindir}/oathtool %{_mandir}/man1/oathtool.* -%if ! 0%{?rhel:1} %files -n pskctool %{_bindir}/pskctool %{_mandir}/man1/pskctool.* -%endif %files -n pam_oath %doc pam_oath/README pam_oath/COPYING %{_libdir}/security/pam_oath.so %changelog +* Tue Nov 11 2014 Jaroslav Škarvada - 2.4.1-8 +- Removed RHEL conditionals (not needed any more) + * Fri Nov 7 2014 Jaroslav Škarvada - 2.4.1-7 - Added check for strdup failure (by strdup-null-check patch) Resolves: rhbz#1161360 From 446d1339508abd4c10b0c4d8a1c460c8f5f7768f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 30 Jan 2015 15:59:35 +0100 Subject: [PATCH 14/41] Fixed invalid reads in libpskc due to references to old (freed) xmlDoc (by retain-original-xmldoc patch), patch provided by David Woodhouse Resolves: rhbz#1129491 --- gdoc | 913 ++++++++++++++++++ ...toolkit-2.4.1-retain-original-xmldoc.patch | 42 + oath-toolkit.spec | 25 +- 3 files changed, 977 insertions(+), 3 deletions(-) create mode 100644 gdoc create mode 100644 oath-toolkit-2.4.1-retain-original-xmldoc.patch diff --git a/gdoc b/gdoc new file mode 100644 index 0000000..0868329 --- /dev/null +++ b/gdoc @@ -0,0 +1,913 @@ +eval '(exit $?0)' && eval 'exec perl -S "$0" ${1+"$@"}' + & eval 'exec perl -S "$0" $argv:q' + if 0; +# Generate documentation from source code. + +## Copyright (c) 2002-2012 Simon Josefsson +## added -texinfo, -listfunc, -pkg-name +## man page revamp +## various improvements +## Copyright (c) 2001, 2002 Nikos Mavrogiannopoulos +## added -tex +## Copyright (c) 1998 Michael Zucchi + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# This will read a C source code file and scan for embedded comments +# in the style of gnome comments (+minor extensions - see below). + +# usage: +# gdoc [ -docbook | -html | -text | -man | -tex | -texinfo | -listfunc ] +# [ -sourceversion verno ] [ -include file | -includefuncprefix ] +# [ -bugsto address ] [ -pkg-name packagename ] +# [ -seeinfo infonode ] [ -copyright notice ] [ -verbatimcopying ] +# [ -function funcname [ -function funcname ...] ] c file(s)s > outputfile +# +# Set output format using one of -docbook, -html, -text, -man, -tex, +# -texinfo, or -listfunc. Default is man. +# +# -sourceversion +# Version number for source code, e.g. '1.0.4'. Used in 'man' headers. +# Defaults to using current date. +# +# -include FILE +# For man pages, mention #include in the synopsis. +# +# -includefuncprefix +# For man pages, mention a #include in the synopsis. +# The FILE derived from the function prefix. For example, a +# function gss_init_sec_context will generate an include +# statement of #include . +# +# -bugsto address +# For man pages, include a section about reporting bugs and mention +# the given e-mail address, e.g 'bug-libidn@gnu.org'. +# +# -pkg-name packagename +# For man pages when -bugsto is used, also include help URLs to the +# the project's home page. For example, "GNU Libidn". +# +# -seeinfo infonode +# For man pages, include a section that point to an info manual +# for more information. +# +# -copyright notice +# For man pages, include a copyright section with the given +# notice after a preamble. Use, e.g., '2002, 2003 Simon Josefsson'. +# +# -verbatimcopying +# For man pages, and when the -copyright parameter is used, +# add a licensing statement that say verbatim copying is permitted. +# +# -function funcname +# If set, then only generate documentation for the given function(s). All +# other functions are ignored. +# +# c files - list of 'c' files to process +# +# All output goes to stdout, with errors to stderr. + +# +# format of comments. +# In the following table, (...)? signifies optional structure. +# (...)* signifies 0 or more structure elements +# /** +# * function_name(:)? (- short description)? +# (* @parameterx: (description of parameter x)?)* +# (* a blank line)? +# * (Description:)? (Description of function)? +# * (Section header: (section description)? )* +# (*)?*/ +# +# So .. the trivial example would be: +# +# /** +# * my_function +# **/ +# +# If the Description: header tag is ommitted, then there must be a blank line +# after the last parameter specification. +# e.g. +# /** +# * my_function - does my stuff +# * @my_arg: its mine damnit +# * +# * Does my stuff explained. +# */ +# +# or, could also use: +# /** +# * my_function - does my stuff +# * @my_arg: its mine damnit +# * Description: Does my stuff explained. +# */ +# etc. +# +# All descriptions can be multiline, apart from the short function description. +# +# All descriptive text is further processed, scanning for the following special +# patterns, which are highlighted appropriately. +# +# 'funcname()' - function +# '$ENVVAR' - environmental variable OBSOLETE (?) +# '#struct_name' - name of a structure +# '@parameter' - name of a parameter +# '%CONST' - name of a constant. + +# +# Extensions for LaTeX: +# +# 1. the symbol '->' will be replaced with a rightarrow +# 2. x^y with ${x}^{y}$. +# 3. xxx\: with xxx: + +use POSIX qw(strftime); + +# match expressions used to find embedded type information +$type_constant = "\\\%(\\w+)"; +$type_func = "(\\w+\\(\\))"; +$type_param = "\\\@(\\w+)"; +$type_struct = "\\\#(\\w+)"; +$type_env = "(\\\$\\w+)"; + + +# Output conversion substitutions. +# One for each output format + +# these work fairly well +%highlights_html = ( $type_constant, "\$1", + $type_func, "\$1", + $type_struct, "\$1", + $type_param, "\$1" ); +$blankline_html = "

"; + +%highlights_texinfo = ( $type_constant, "\\\@code{\$1}", + $type_func, "\\\@code{\$1}", + $type_struct, "\\\@code{\$1}", + $type_param, "\\\@code{\$1}" ); +$blankline_texinfo = ""; + +%highlights_tex = ( $type_constant, "{\\\\it \$1}", + $type_func, "{\\\\bf \$1}", + $type_struct, "{\\\\it \$1}", + $type_param, "{\\\\bf \$1}" ); +$blankline_tex = "\\\\"; + +# sgml, docbook format +%highlights_sgml = ( $type_constant, "\$1", + $type_func, "\$1", + $type_struct, "\$1", + $type_env, "\$1", + $type_param, "\$1" ); +$blankline_sgml = "\n"; + +# these are pretty rough +%highlights_man = ( $type_constant, "\\\\fB\$1\\\\fP", + $type_func, "\\\\fB\$1\\\\fP", + $type_struct, "\\\\fB\$1\\\\fP", + $type_param, "\\\\fI\$1\\\\fP" ); +$blankline_man = ""; + +# text-mode +%highlights_text = ( $type_constant, "\$1", + $type_func, "\$1", + $type_struct, "\$1", + $type_param, "\$1" ); +$blankline_text = ""; + + +sub usage { + print "Usage: $0 [ -v ] [ -docbook | -html | -text | -man | -tex | -texinfo -listfunc ]\n"; + print " [ -sourceversion verno ] [ -include file | -includefuncprefix ]\n"; + print " [ -bugsto address ] [ -seeinfo infonode ] [ -copyright notice]\n"; + print " [ -verbatimcopying ] [ -pkg-name packagename ]\n"; + print " [ -function funcname [ -function funcname ...] ]\n"; + print " c source file(s) > outputfile\n"; + exit 1; +} + +# read arguments +if ($#ARGV==-1) { + usage(); +} + +$verbose = 0; +$output_mode = "man"; +%highlights = %highlights_man; +$blankline = $blankline_man; +$modulename = "API Documentation"; +$sourceversion = strftime "%Y-%m-%d", localtime; +$function_only = 0; +while ($ARGV[0] =~ m/^-(.*)/) { + $cmd = shift @ARGV; + if ($cmd eq "-html") { + $output_mode = "html"; + %highlights = %highlights_html; + $blankline = $blankline_html; + } elsif ($cmd eq "-man") { + $output_mode = "man"; + %highlights = %highlights_man; + $blankline = $blankline_man; + } elsif ($cmd eq "-tex") { + $output_mode = "tex"; + %highlights = %highlights_tex; + $blankline = $blankline_tex; + } elsif ($cmd eq "-texinfo") { + $output_mode = "texinfo"; + %highlights = %highlights_texinfo; + $blankline = $blankline_texinfo; + } elsif ($cmd eq "-text") { + $output_mode = "text"; + %highlights = %highlights_text; + $blankline = $blankline_text; + } elsif ($cmd eq "-docbook") { + $output_mode = "sgml"; + %highlights = %highlights_sgml; + $blankline = $blankline_sgml; + } elsif ($cmd eq "-listfunc") { + $output_mode = "listfunc"; + } elsif ($cmd eq "-module") { # not needed for sgml, inherits from calling document + $modulename = shift @ARGV; + } elsif ($cmd eq "-sourceversion") { + $sourceversion = shift @ARGV; + } elsif ($cmd eq "-include") { + $include = shift @ARGV; + } elsif ($cmd eq "-includefuncprefix") { + $includefuncprefix = 1; + } elsif ($cmd eq "-bugsto") { + $bugsto = shift @ARGV; + } elsif ($cmd eq "-pkg-name") { + $pkgname = shift @ARGV; + } elsif ($cmd eq "-copyright") { + $copyright = shift @ARGV; + } elsif ($cmd eq "-verbatimcopying") { + $verbatimcopying = 1; + } elsif ($cmd eq "-seeinfo") { + $seeinfo = shift @ARGV; + } elsif ($cmd eq "-function") { # to only output specific functions + $function_only = 1; + $function = shift @ARGV; + $function_table{$function} = 1; + } elsif ($cmd eq "-v") { + $verbose = 1; + } elsif (($cmd eq "-h") || ($cmd eq "--help")) { + usage(); + } +} + +## +# dumps section contents to arrays/hashes intended for that purpose. +# +sub dump_section { + my $name = shift @_; + my $contents = join "\n", @_; + + if ($name =~ m/$type_constant/) { + $name = $1; +# print STDERR "constant section '$1' = '$contents'\n"; + $constants{$name} = $contents; + } elsif ($name =~ m/$type_param/) { +# print STDERR "parameter def '$1' = '$contents'\n"; + $name = $1; + $parameters{$name} = $contents; + } else { +# print STDERR "other section '$name' = '$contents'\n"; + $sections{$name} = $contents; + push @sectionlist, $name; + } +} + +## +# output function +# +# parameters, a hash. +# function => "function name" +# parameterlist => @list of parameters +# parameters => %parameter descriptions +# sectionlist => @list of sections +# sections => %descriont descriptions +# + +sub repstr { + $pattern = shift; + $repl = shift; + $match1 = shift; + $match2 = shift; + $match3 = shift; + $match4 = shift; + + $output = $repl; + $output =~ s,\$1,$match1,g; + $output =~ s,\$2,$match2,g; + $output =~ s,\$3,$match3,g; + $output =~ s,\$4,$match4,g; + + eval "\$return = qq/$output/"; + +# print "pattern $pattern matched 1=$match1 2=$match2 3=$match3 4=$match4 replace $repl yielded $output interpolated $return\n"; + + $return; +} + +sub just_highlight { + my $contents = join "\n", @_; + my $line; + my $ret = ""; + + foreach $pattern (keys %highlights) { +# print "scanning pattern $pattern ($highlights{$pattern})\n"; + $contents =~ s:$pattern:repstr($pattern, $highlights{$pattern}, $1, $2, $3, $4):gse; + } + foreach $line (split "\n", $contents) { + if ($line eq ""){ + $ret = $ret . $lineprefix . $blankline; + } else { + $ret = $ret . $lineprefix . $line; + } + $ret = $ret . "\n"; + } + + return $ret; +} + +sub output_highlight { + print (just_highlight (@_)); +} + +# output in texinfo +sub output_texinfo { + my %args = %{$_[0]}; + my ($parameter, $section); + my $count; + + print "\@subheading ".$args{'function'}."\n"; + print "\@anchor{".$args{'function'}."}\n"; + print "\@deftypefun {" . $args{'functiontype'} . "} "; + print "{".$args{'function'}."} "; + print "("; + $count = 0; + foreach $parameter (@{$args{'parameterlist'}}) { + print $args{'parametertypes'}{$parameter}." \@var{".$parameter."}"; + if ($count != $#{$args{'parameterlist'}}) { + $count++; + print ", "; + } + } + print ")\n"; + foreach $parameter (@{$args{'parameterlist'}}) { + if ($args{'parameters'}{$parameter}) { + print "\@var{".$parameter."}: "; + output_highlight($args{'parameters'}{$parameter}); + print "\n"; + } + } + foreach $section (@{$args{'sectionlist'}}) { + print "\n\@strong{$section:} " if $section ne $section_default; + $args{'sections'}{$section} =~ s:([{}]):\@\1:gs; + output_highlight($args{'sections'}{$section}); + } + print "\@end deftypefun\n\n"; +} + +# output in html +sub output_html { + my %args = %{$_[0]}; + my ($parameter, $section); + my $count; + print "\n\n 

Function

\n"; + + print "".$args{'functiontype'}."\n"; + print "".$args{'function'}."\n"; + print "("; + $count = 0; + foreach $parameter (@{$args{'parameterlist'}}) { + print "".$args{'parametertypes'}{$parameter}." ".$parameter."\n"; + if ($count != $#{$args{'parameterlist'}}) { + $count++; + print ", "; + } + } + print ")\n"; + + print "

Arguments

\n"; + print "
\n"; + foreach $parameter (@{$args{'parameterlist'}}) { + print "
".$args{'parametertypes'}{$parameter}." ".$parameter."\n"; + print "
"; + output_highlight($args{'parameters'}{$parameter}); + } + print "
\n"; + foreach $section (@{$args{'sectionlist'}}) { + print "

$section

\n"; + print "
    \n"; + output_highlight($args{'sections'}{$section}); + print "
\n"; + } + print "
\n"; +} + +# output in tex +sub output_tex { + my %args = %{$_[0]}; + my ($parameter, $section); + my $count; + my $func = $args{'function'}; + my $param; + my $param2; + my $sec; + my $check; + my $type; + + $func =~ s/_/\\_/g; + + print "\n\n\\subsection{". $func . "}\n\\label{" . $args{'function'} . "}\n"; + + $type = $args{'functiontype'}; + $type =~ s/_/\\_/g; + + print "{\\it ".$type."}\n"; + print "{\\bf ".$func."}\n"; + print "("; + $count = 0; + foreach $parameter (@{$args{'parameterlist'}}) { + $param = $args{'parametertypes'}{$parameter}; + $param2 = $parameter; + $param =~ s/_/\\_/g; + $param2 =~ s/_/\\_/g; + + print "{\\it ".$param."} {\\bf ".$param2."}"; + if ($count != $#{$args{'parameterlist'}}) { + $count++; + print ", "; + } + } + print ")\n"; + + print "\n{\\large{Arguments}}\n"; + + print "\\begin{itemize}\n"; + $check=0; + foreach $parameter (@{$args{'parameterlist'}}) { + $param1 = $args{'parametertypes'}{$parameter}; + $param1 =~ s/_/\\_/g; + $param2 = $parameter; + $param2 =~ s/_/\\_/g; + + $check = 1; + print "\\item {\\it ".$param1."} {\\bf ".$param2."}: \n"; +# print "\n"; + + $param3 = $args{'parameters'}{$parameter}; + $param3 =~ s/#([a-zA-Z\_]+)/{\\it \1}/g; + + $out = just_highlight($param3); + $out =~ s/_/\\_/g; + print $out; + } + if ($check==0) { + print "\\item void\n"; + } + print "\\end{itemize}\n"; + + foreach $section (@{$args{'sectionlist'}}) { + $sec = $section; + $sec =~ s/_/\\_/g; + $sec =~ s/#([a-zA-Z\_]+)/{\\it \1}/g; + + print "\n{\\large{$sec}}\\\\\n"; + print "\\begin{rmfamily}\n"; + + $sec = $args{'sections'}{$section}; + $sec =~ s/\\:/:/g; + $sec =~ s/#([a-zA-Z\_]+)/{\\it \1}/g; + $sec =~ s/->/\$\\rightarrow\$/g; + $sec =~ s/([0-9]+)\^([0-9]+)/\$\{\1\}\^\{\2\}\$/g; + + $out = just_highlight($sec); + $out =~ s/_/\\_/g; + + print $out; + print "\\end{rmfamily}\n"; + } + print "\n"; +} + + +# output in sgml DocBook +sub output_sgml { + my %args = %{$_[0]}; + my ($parameter, $section); + my $count; + my $id; + + $id = $args{'module'}."-".$args{'function'}; + $id =~ s/[^A-Za-z0-9]/-/g; + + print "\n"; + print "\n"; + print "".$args{'function'}."\n"; + print "\n"; + print "\n"; + print " ".$args{'function'}."\n"; + print " \n"; + print " ".$args{'purpose'}."\n"; + print " \n"; + print "\n"; + + print "\n"; + print " Synopsis\n"; + print " \n"; + print " ".$args{'functiontype'}." "; + print "".$args{'function'}." "; + print "\n"; + +# print "\n"; +# print " Synopsis\n"; +# print " \n"; +# print " ".$args{'functiontype'}." "; +# print "".$args{'function'}." "; +# print "\n"; + + $count = 0; + if ($#{$args{'parameterlist'}} >= 0) { + foreach $parameter (@{$args{'parameterlist'}}) { + print " ".$args{'parametertypes'}{$parameter}; + print " $parameter\n"; + } + } else { + print " \n"; + } + print " \n"; + print "\n"; +# print "\n"; + + # print parameters + print "\n Arguments\n"; +# print "\nArguments\n"; + if ($#{$args{'parameterlist'}} >= 0) { + print " \n"; + foreach $parameter (@{$args{'parameterlist'}}) { + print " \n $parameter\n"; + print " \n \n"; + $lineprefix=" "; + output_highlight($args{'parameters'}{$parameter}); + print " \n \n \n"; + } + print " \n"; + } else { + print " \n None\n \n"; + } + print "\n"; + + # print out each section + $lineprefix=" "; + foreach $section (@{$args{'sectionlist'}}) { + print "\n $section\n \n"; +# print "\n$section\n"; + if ($section =~ m/EXAMPLE/i) { + print "\n"; + } + output_highlight($args{'sections'}{$section}); +# print ""; + if ($section =~ m/EXAMPLE/i) { + print "\n"; + } + print " \n\n"; + } + + print "\n\n"; +} + +## +# output in man +sub output_man { + my %args = %{$_[0]}; + my ($parameter, $section); + my $count; + + print ".\\\" DO NOT MODIFY THIS FILE! It was generated by gdoc.\n"; + print ".TH \"$args{'function'}\" 3 \"$args{'sourceversion'}\" \"". $args{'module'} . "\" \"". $args{'module'} . "\"\n"; + + print ".SH NAME\n"; + + print $args{'function'}; + if ($args{'purpose'}) { + print " \\- " . $args{'purpose'} . "\n"; + } else { + print " \\- API function\n"; + } + + print ".SH SYNOPSIS\n"; + print ".B #include <". $args{'include'} . ">\n" + if $args{'include'}; + print ".B #include <". lc((split /_/, $args{'function'})[0]) . ".h>\n" + if $args{'includefuncprefix'}; + print ".sp\n"; + print ".BI \"".$args{'functiontype'}." ".$args{'function'}."("; + $count = 0; + foreach $parameter (@{$args{'parameterlist'}}) { + print $args{'parametertypes'}{$parameter}." \" ".$parameter." \""; + if ($count != $#{$args{'parameterlist'}}) { + $count++; + print ", "; + } + } + print ");\"\n"; + + print ".SH ARGUMENTS\n"; + foreach $parameter (@{$args{'parameterlist'}}) { + print ".IP \"".$args{'parametertypes'}{$parameter}." ".$parameter."\" 12\n"; + $param = $args{'parameters'}{$parameter}; + $param =~ s/-/\\-/g; + output_highlight($param); + } + foreach $section (@{$args{'sectionlist'}}) { + print ".SH \"" . uc($section) . "\"\n"; + $sec = $args{'sections'}{$section}; + $sec =~ s/-/\\-/g; + output_highlight($sec); + } + + if ($args{'bugsto'}) { + print ".SH \"REPORTING BUGS\"\n"; + print "Report bugs to <". $args{'bugsto'} . ">.\n"; + if ($args{'pkgname'}) { + print $args{'pkgname'} . " home page: " . + "http://www.gnu.org/software/" . $args{'module'} . "/\n"; + } + print "General help using GNU software: http://www.gnu.org/gethelp/\n"; + } + + if ($args{'copyright'}) { + print ".SH COPYRIGHT\n"; + print "Copyright \\(co ". $args{'copyright'} . ".\n"; + if ($args{'verbatimcopying'}) { + print ".br\n"; + print "Copying and distribution of this file, with or without modification,\n"; + print "are permitted in any medium without royalty provided the copyright\n"; + print "notice and this notice are preserved.\n"; + } + } + + if ($args{'seeinfo'}) { + print ".SH \"SEE ALSO\"\n"; + print "The full documentation for\n"; + print ".B " . $args{'module'} . "\n"; + print "is maintained as a Texinfo manual. If the\n"; + print ".B info\n"; + print "and\n"; + print ".B " . $args{'module'} . "\n"; + print "programs are properly installed at your site, the command\n"; + print ".IP\n"; + print ".B info " . $args{'seeinfo'} . "\n"; + print ".PP\n"; + print "should give you access to the complete manual.\n"; + } +} + +sub output_listfunc { + my %args = %{$_[0]}; + print $args{'function'} . "\n"; +} + +## +# output in text +sub output_text { + my %args = %{$_[0]}; + my ($parameter, $section); + + print "Function = ".$args{'function'}."\n"; + print " return type: ".$args{'functiontype'}."\n\n"; + foreach $parameter (@{$args{'parameterlist'}}) { + print " ".$args{'parametertypes'}{$parameter}." ".$parameter."\n"; + print " -> ".$args{'parameters'}{$parameter}."\n"; + } + foreach $section (@{$args{'sectionlist'}}) { + print " $section:\n"; + print " -> "; + output_highlight($args{'sections'}{$section}); + } +} + +## +# generic output function - calls the right one based +# on current output mode. +sub output_function { +# output_html(@_); + eval "output_".$output_mode."(\@_);"; +} + + +## +# takes a function prototype and spits out all the details +# stored in the global arrays/hsahes. +sub dump_function { + my $prototype = shift @_; + + if ($prototype =~ m/^()([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/ || + $prototype =~ m/^(\w+)\s+([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/ || + $prototype =~ m/^(\w+\s*\*)\s*([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/ || + $prototype =~ m/^(\w+\s+\w+)\s+([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/ || + $prototype =~ m/^(\w+\s+\w+\s*\*)\s*([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/ || + $prototype =~ m/^(\w+\s+\w+\s+\w+\s*\*)\s*([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/) { + $return_type = $1; + $function_name = $2; + $args = $3; + +# print STDERR "ARGS = '$args'\n"; + + foreach $arg (split ',', $args) { + # strip leading/trailing spaces + $arg =~ s/^\s*//; + $arg =~ s/\s*$//; +# print STDERR "SCAN ARG: '$arg'\n"; + @args = split('\s', $arg); + +# print STDERR " -> @args\n"; + $param = pop @args; +# print STDERR " -> @args\n"; + if ($param =~ m/^(\*+)(.*)/) { + $param = $2; + push @args, $1; + } + if ($param =~ m/^(.*)(\[\])$/) { + $param = $1; + push @args, $2; + } +# print STDERR " :> @args\n"; + $type = join " ", @args; + + if ($parameters{$param} eq "" && $param != "void") { + $parameters{$param} = "-- undescribed --"; + print STDERR "warning: $lineno: Function parameter '$param' not described in '$function_name'\n"; + } + + push @parameterlist, $param; + $parametertypes{$param} = $type; + +# print STDERR "param = '$param', type = '$type'\n"; + } + } else { + print STDERR "warning: $lineno: Cannot understand prototype: '$prototype'\n"; + return; + } + + if ($function_only==0 || defined($function_table{$function_name})) { + output_function({'function' => $function_name, + 'module' => $modulename, + 'sourceversion' => $sourceversion, + 'include' => $include, + 'includefuncprefix' => $includefuncprefix, + 'bugsto' => $bugsto, + 'pkgname' => $pkgname, + 'copyright' => $copyright, + 'verbatimcopying' => $verbatimcopying, + 'seeinfo' => $seeinfo, + 'functiontype' => $return_type, + 'parameterlist' => \@parameterlist, + 'parameters' => \%parameters, + 'parametertypes' => \%parametertypes, + 'sectionlist' => \@sectionlist, + 'sections' => \%sections, + 'purpose' => $function_purpose + }); + } +} + +###################################################################### +# main +# states +# 0 - normal code +# 1 - looking for function name +# 2 - scanning field start. +# 3 - scanning prototype. +$state = 0; +$section = ""; + +$doc_special = "\@\%\$\#"; + +$doc_start = "^/\\*\\*\$"; +$doc_end = "\\*/"; +$doc_com = "\\s*\\*\\s*"; +$doc_func = $doc_com."(\\w+):?"; +$doc_sect = $doc_com."([".$doc_special."[:upper:]][\\w ]+):\\s*(.*)"; +$doc_content = $doc_com."(.*)"; + +%constants = (); +%parameters = (); +@parameterlist = (); +%sections = (); +@sectionlist = (); + +$contents = ""; +$section_default = "Description"; # default section +$section = $section_default; + +$lineno = 0; +foreach $file (@ARGV) { + if (!open(IN,"<$file")) { + print STDERR "Error: Cannot open file $file\n"; + next; + } + while () { + $lineno++; + + if ($state == 0) { + if (/$doc_start/o) { + $state = 1; # next line is always the function name + } + } elsif ($state == 1) { # this line is the function name (always) + if (/$doc_func/o) { + $function = $1; + $state = 2; + if (/-\s*(.*)/) { + $function_purpose = $1; + } else { + $function_purpose = ""; + } + if ($verbose) { + print STDERR "Info($lineno): Scanning doc for $function\n"; + } + } else { + print STDERR "warning: $lineno: Cannot understand $_ on line $lineno", + " - I thought it was a doc line\n"; + $state = 0; + } + } elsif ($state == 2) { # look for head: lines, and include content + if (/$doc_sect/o) { + $newsection = $1; + $newcontents = $2; + + if ($contents ne "") { + dump_section($section, $contents); + $section = $section_default; + } + + $contents = $newcontents; + if ($contents ne "") { + $contents .= "\n"; + } + $section = $newsection; + } elsif (/$doc_end/) { + + if ($contents ne "") { + dump_section($section, $contents); + $section = $section_default; + $contents = ""; + } + +# print STDERR "end of doc comment, looking for prototype\n"; + $prototype = ""; + $state = 3; + } elsif (/$doc_content/) { + # miguel-style comment kludge, look for blank lines after + # @parameter line to signify start of description + if ($1 eq "" && $section =~ m/^@/) { + dump_section($section, $contents); + $section = $section_default; + $contents = ""; + } else { + $contents .= $1."\n"; + } + } else { + # i dont know - bad line? ignore. + print STDERR "warning: $lineno: Bad line: $_"; + } + } elsif ($state == 3) { # scanning for function { (end of prototype) + if (m#\s*/\*\s+MACDOC\s*#io) { + # do nothing + } + elsif (/([^\{]*)/) { + $prototype .= $1; + } + if (/\{/) { + $prototype =~ s@/\*.*?\*/@@gos; # strip comments. + $prototype =~ s@[\r\n]+@ @gos; # strip newlines/cr's. + $prototype =~ s@^ +@@gos; # strip leading spaces + dump_function($prototype); + + $function = ""; + %constants = (); + %parameters = (); + %parametertypes = (); + @parameterlist = (); + %sections = (); + @sectionlist = (); + $prototype = ""; + + $state = 0; + } + } + } +} diff --git a/oath-toolkit-2.4.1-retain-original-xmldoc.patch b/oath-toolkit-2.4.1-retain-original-xmldoc.patch new file mode 100644 index 0000000..07530cd --- /dev/null +++ b/oath-toolkit-2.4.1-retain-original-xmldoc.patch @@ -0,0 +1,42 @@ +--- a/libpskc/build.c ++++ a/libpskc/build.c +@@ -510,7 +510,7 @@ pskc_build_xml (pskc_t * container, char **out, size_t * len) + + xmlDocSetRootElement (doc, keycont); + +- if (container->xmldoc) ++ if (container->xmldoc && container->xmldoc != container->original_xmldoc) + xmlFreeDoc (container->xmldoc); + container->xmldoc = doc; + doc = NULL; +--- a/libpskc/internal.h ++++ a/libpskc/internal.h +@@ -103,7 +103,7 @@ struct pskc_key + struct pskc + { + /* raw XML */ +- xmlDocPtr xmldoc; ++ xmlDocPtr xmldoc, original_xmldoc; + /* Is there a Signature element in xmldoc? */ + int signed_p; + +--- a/libpskc/parser.c ++++ a/libpskc/parser.c +@@ -677,6 +677,8 @@ pskc_done (pskc_t * container) + return; + + xmlFreeDoc (container->xmldoc); ++ if (container->original_xmldoc != container->xmldoc) ++ xmlFreeDoc (container->original_xmldoc); + + for (i = 0; i < container->nkeypackages; i++) + { +@@ -717,7 +719,7 @@ pskc_parse_from_memory (pskc_t * container, size_t len, const char *buffer) + if (xmldoc == NULL) + return PSKC_XML_ERROR; + +- container->xmldoc = xmldoc; ++ container->original_xmldoc = container->xmldoc = xmldoc; + + root = xmlDocGetRootElement (xmldoc); + parse_keycontainer (container, root, &rc); diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 63438c3..262b23a 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,18 +1,23 @@ Name: oath-toolkit Version: 2.4.1 -Release: 8%{?dist} +Release: 9%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel -BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel -Source: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz +BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel, autoconf, automake +Source0: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz +# Workaround for upstream issue #108719 +Source1: http://git.savannah.gnu.org/cgit/oath-toolkit.git/plain/libpskc/man/gdoc URL: http://www.nongnu.org/oath-toolkit/ # Escape leading single quotes in man pages which are misinterpreted as macros, # patch sent upstream, upstream ticket #108312 Patch0: oath-toolkit-2.0.2-man-fix.patch # Add null check to strdup calls, upstream ticket #108456 Patch1: oath-toolkit-2.4.1-strdup-null-check.patch +# Fix invalid reads due to references to old (freed) xmlDoc, +# upstream ticket #108736 +Patch2: oath-toolkit-2.4.1-retain-original-xmldoc.patch %description The OATH Toolkit provide components for building one-time password @@ -121,6 +126,15 @@ A PAM module for pluggable login authentication for OATH. %setup -q %patch0 -p1 -b .man-fix %patch1 -p1 -b .strdup-null-check +%patch2 -p1 -b .retain-original-xmldoc.patch + +# Workaround for upstream issue #108719 +cp %{SOURCE1} libpskc/man/gdoc +chmod 755 libpskc/man/gdoc +cp %{SOURCE1} liboath/man/gdoc +chmod 755 liboath/man/gdoc + +autoreconf -fi %build %configure --with-pam-dir=%{_libdir}/security @@ -195,6 +209,11 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Fri Jan 30 2015 Jaroslav Škarvada - 2.4.1-9 +- Fixed invalid reads in libpskc due to references to old (freed) xmlDoc + (by retain-original-xmldoc patch), patch provided by David Woodhouse + Resolves: rhbz#1129491 + * Tue Nov 11 2014 Jaroslav Škarvada - 2.4.1-8 - Removed RHEL conditionals (not needed any more) From 4ed1ade270af398ef0e521cdb916b3952f9b8760 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Thu, 21 May 2015 14:54:11 +0200 Subject: [PATCH 15/41] New version - Dropped strdup-null-check patch (upstreamed) --- .gitignore | 1 + oath-toolkit-2.4.1-strdup-null-check.patch | 29 ---------------------- oath-toolkit.spec | 23 ++++++----------- sources | 2 +- 4 files changed, 10 insertions(+), 45 deletions(-) delete mode 100644 oath-toolkit-2.4.1-strdup-null-check.patch diff --git a/.gitignore b/.gitignore index c02e5ac..c162b35 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ /oath-toolkit-2.2.0.tar.gz /oath-toolkit-2.4.0.tar.gz /oath-toolkit-2.4.1.tar.gz +/oath-toolkit-2.6.0.tar.gz diff --git a/oath-toolkit-2.4.1-strdup-null-check.patch b/oath-toolkit-2.4.1-strdup-null-check.patch deleted file mode 100644 index 37a0576..0000000 --- a/oath-toolkit-2.4.1-strdup-null-check.patch +++ /dev/null @@ -1,29 +0,0 @@ -diff --git a/pam_oath/pam_oath.c b/pam_oath/pam_oath.c -index 8379358..e2d3363 100644 ---- a/pam_oath/pam_oath.c -+++ b/pam_oath/pam_oath.c -@@ -146,6 +146,12 @@ pam_sm_authenticate (pam_handle_t * pamh, - char *query_prompt = NULL; - char *onlypasswd = strdup (""); /* empty passwords never match */ - -+ if (!onlypasswd) -+ { -+ retval = PAM_BUF_ERR; -+ goto done; -+ } -+ - parse_cfg (flags, argc, argv, &cfg); - - retval = pam_get_user (pamh, &user, NULL); -@@ -265,6 +271,11 @@ pam_sm_authenticate (pam_handle_t * pamh, - { - free (onlypasswd); - onlypasswd = strdup (password); -+ if (!onlypasswd) -+ { -+ retval = PAM_BUF_ERR; -+ goto done; -+ } - - /* user entered their system password followed by generated OTP? */ - diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 262b23a..d9f9873 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,23 +1,19 @@ Name: oath-toolkit -Version: 2.4.1 -Release: 9%{?dist} +Version: 2.6.0 +Release: 1%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel, autoconf, automake Source0: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz -# Workaround for upstream issue #108719 -Source1: http://git.savannah.gnu.org/cgit/oath-toolkit.git/plain/libpskc/man/gdoc URL: http://www.nongnu.org/oath-toolkit/ # Escape leading single quotes in man pages which are misinterpreted as macros, # patch sent upstream, upstream ticket #108312 Patch0: oath-toolkit-2.0.2-man-fix.patch -# Add null check to strdup calls, upstream ticket #108456 -Patch1: oath-toolkit-2.4.1-strdup-null-check.patch # Fix invalid reads due to references to old (freed) xmlDoc, # upstream ticket #108736 -Patch2: oath-toolkit-2.4.1-retain-original-xmldoc.patch +Patch1: oath-toolkit-2.4.1-retain-original-xmldoc.patch %description The OATH Toolkit provide components for building one-time password @@ -125,14 +121,7 @@ A PAM module for pluggable login authentication for OATH. %prep %setup -q %patch0 -p1 -b .man-fix -%patch1 -p1 -b .strdup-null-check -%patch2 -p1 -b .retain-original-xmldoc.patch - -# Workaround for upstream issue #108719 -cp %{SOURCE1} libpskc/man/gdoc -chmod 755 libpskc/man/gdoc -cp %{SOURCE1} liboath/man/gdoc -chmod 755 liboath/man/gdoc +%patch1 -p1 -b .retain-original-xmldoc.patch autoreconf -fi @@ -209,6 +198,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu May 21 2015 Jaroslav Škarvada - 2.6.0-1 +- New version +- Dropped strdup-null-check patch (upstreamed) + * Fri Jan 30 2015 Jaroslav Škarvada - 2.4.1-9 - Fixed invalid reads in libpskc due to references to old (freed) xmlDoc (by retain-original-xmldoc patch), patch provided by David Woodhouse diff --git a/sources b/sources index 8914688..6d9e34e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -951bafd1d86e6013903c10be3b6623bb oath-toolkit-2.4.1.tar.gz +f19f1c47eb7d1c609b3e244876b9ce63 oath-toolkit-2.6.0.tar.gz From 5660d8bfb410a12cb338cd6e51c0adb5ff48cc1f Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 17 Jun 2015 23:30:10 +0000 Subject: [PATCH 16/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index d9f9873..ddcb946 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.0 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -198,6 +198,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Wed Jun 17 2015 Fedora Release Engineering - 2.6.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + * Thu May 21 2015 Jaroslav Škarvada - 2.6.0-1 - New version - Dropped strdup-null-check patch (upstreamed) From 73f6e1020392313829f99f3ba0498ec155191c9e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 4 Aug 2015 18:22:05 +0200 Subject: [PATCH 17/41] New version --- .gitignore | 1 + oath-toolkit.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index c162b35..b238769 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ /oath-toolkit-2.4.0.tar.gz /oath-toolkit-2.4.1.tar.gz /oath-toolkit-2.6.0.tar.gz +/oath-toolkit-2.6.1.tar.gz diff --git a/oath-toolkit.spec b/oath-toolkit.spec index ddcb946..69bcfb6 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit -Version: 2.6.0 -Release: 2%{?dist} +Version: 2.6.1 +Release: 1%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -198,6 +198,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Tue Aug 4 2015 Jaroslav Škarvada - 2.6.1-1 +- New version + * Wed Jun 17 2015 Fedora Release Engineering - 2.6.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild diff --git a/sources b/sources index 6d9e34e..96e577c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -f19f1c47eb7d1c609b3e244876b9ce63 oath-toolkit-2.6.0.tar.gz +19ee7ed7c2b40c1dc92887f893ed2726 oath-toolkit-2.6.1.tar.gz From 26ada418f5168b2535dad3bd0bebe6a282e10c7d Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 4 Feb 2016 11:02:10 +0000 Subject: [PATCH 18/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 69bcfb6..e4c7c14 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.1 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -198,6 +198,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu Feb 04 2016 Fedora Release Engineering - 2.6.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + * Tue Aug 4 2015 Jaroslav Škarvada - 2.6.1-1 - New version From cacee4e408ea26a0bd415e1e2c5925ee51da4ce4 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 11 Feb 2017 00:26:16 +0000 Subject: [PATCH 19/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index e4c7c14..02a0edd 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.1 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -198,6 +198,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Sat Feb 11 2017 Fedora Release Engineering - 2.6.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + * Thu Feb 04 2016 Fedora Release Engineering - 2.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild From 915161ef78d812c2ef79e630b1734df89556f18d Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 27 Jul 2017 01:23:44 +0000 Subject: [PATCH 20/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 02a0edd..eed121e 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.1 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -198,6 +198,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu Jul 27 2017 Fedora Release Engineering - 2.6.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + * Sat Feb 11 2017 Fedora Release Engineering - 2.6.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild From 28b962b4390eb425a47d02e06a5c7f1231bc1837 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 3 Aug 2017 04:11:47 +0000 Subject: [PATCH 21/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index eed121e..c2b85cd 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.1 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -198,6 +198,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu Aug 03 2017 Fedora Release Engineering - 2.6.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + * Thu Jul 27 2017 Fedora Release Engineering - 2.6.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild From b6ce11c64c01a244131435c9f3df474815df6db9 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 8 Feb 2018 08:41:43 +0000 Subject: [PATCH 22/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index c2b85cd..43f1194 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.1 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -198,6 +198,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu Feb 08 2018 Fedora Release Engineering - 2.6.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + * Thu Aug 03 2017 Fedora Release Engineering - 2.6.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild From c2985cee37e91e01506051a0e7204186b634da97 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 13 Jul 2018 14:38:28 +0000 Subject: [PATCH 23/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 43f1194..2623dbe 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.1 -Release: 6%{?dist} +Release: 7%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -198,6 +198,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Fri Jul 13 2018 Fedora Release Engineering - 2.6.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + * Thu Feb 08 2018 Fedora Release Engineering - 2.6.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild From 68d511426a468bdd8884fe30f7515b0165df2632 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 8 Aug 2018 13:38:05 +0200 Subject: [PATCH 24/41] New version Fixed FTBFS Resolves: rhbz#1605276 --- .gitignore | 7 +- oath-toolkit-2.6.2-build-fix.patch | 874 +++++++++++++++++++++++++++++ oath-toolkit.spec | 17 +- sources | 2 +- 4 files changed, 888 insertions(+), 12 deletions(-) create mode 100644 oath-toolkit-2.6.2-build-fix.patch diff --git a/.gitignore b/.gitignore index b238769..4734e27 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1 @@ -/oath-toolkit-2.0.2.tar.gz -/oath-toolkit-2.2.0.tar.gz -/oath-toolkit-2.4.0.tar.gz -/oath-toolkit-2.4.1.tar.gz -/oath-toolkit-2.6.0.tar.gz -/oath-toolkit-2.6.1.tar.gz +oath-toolkit-*.tar.gz diff --git a/oath-toolkit-2.6.2-build-fix.patch b/oath-toolkit-2.6.2-build-fix.patch new file mode 100644 index 0000000..a2fc1ad --- /dev/null +++ b/oath-toolkit-2.6.2-build-fix.patch @@ -0,0 +1,874 @@ +diff --git a/liboath/gl/fflush.c b/liboath/gl/fflush.c +index 3664842..a140b7a 100644 +--- a/liboath/gl/fflush.c ++++ b/liboath/gl/fflush.c +@@ -1,18 +1,18 @@ + /* fflush.c -- allow flushing input streams +- Copyright (C) 2007-2016 Free Software Foundation, Inc. ++ Copyright (C) 2007-2018 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify +- it under the terms of the GNU Lesser General Public License as published by +- the Free Software Foundation; either version 2.1 of the License, or ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +- GNU Lesser General Public License for more details. ++ GNU General Public License for more details. + +- You should have received a copy of the GNU Lesser General Public License +- along with this program. If not, see . */ ++ You should have received a copy of the GNU General Public License ++ along with this program. If not, see . */ + + /* Written by Eric Blake. */ + +@@ -33,7 +33,8 @@ + #undef fflush + + +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++/* GNU libc, BeOS, Haiku, Linux libc5 */ + + /* Clear the stream's ungetc buffer, preserving the value of ftello (fp). */ + static void +@@ -51,7 +52,7 @@ static void + clear_ungetc_buffer (FILE *fp) + { + # if defined __sferror || defined __DragonFly__ || defined __ANDROID__ +- /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ ++ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */ + if (HASUB (fp)) + { + fp_->_p += fp_->_r; +@@ -63,7 +64,7 @@ clear_ungetc_buffer (FILE *fp) + fp->_ungetc_count = 0; + fp->_rcount = - fp->_rcount; + } +-# elif defined _IOERR /* Minix, AIX, HP-UX, IRIX, OSF/1, Solaris, OpenServer, mingw, NonStop Kernel */ ++# elif defined _IOERR /* Minix, AIX, HP-UX, IRIX, OSF/1, Solaris, OpenServer, mingw, MSVC, NonStop Kernel, OpenVMS */ + /* Nothing to do. */ + # else /* other implementations */ + fseeko (fp, 0, SEEK_CUR); +@@ -72,10 +73,11 @@ clear_ungetc_buffer (FILE *fp) + + #endif + +-#if ! (defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */) ++#if ! (defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1) ++/* GNU libc, BeOS, Haiku, Linux libc5 */ + + # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT +-/* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ ++/* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */ + + static int + disable_seek_optimization (FILE *fp) +@@ -98,7 +100,7 @@ update_fpos_cache (FILE *fp _GL_UNUSED_PARAMETER, + off_t pos _GL_UNUSED_PARAMETER) + { + # if defined __sferror || defined __DragonFly__ || defined __ANDROID__ +- /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ ++ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */ + # if defined __CYGWIN__ + /* fp_->_offset is typed as an integer. */ + fp_->_offset = pos; +@@ -148,7 +150,8 @@ rpl_fflush (FILE *stream) + if (stream == NULL || ! freading (stream)) + return fflush (stream); + +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++ /* GNU libc, BeOS, Haiku, Linux libc5 */ + + clear_ungetc_buffer_preserving_position (stream); + +@@ -199,7 +202,7 @@ rpl_fflush (FILE *stream) + } + + # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT +- /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ ++ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */ + + { + /* Disable seek optimization for the next fseeko call. This tells the +diff --git a/liboath/gl/fpurge.c b/liboath/gl/fpurge.c +index acf5905..f9c2d25 100644 +--- a/liboath/gl/fpurge.c ++++ b/liboath/gl/fpurge.c +@@ -62,7 +62,7 @@ fpurge (FILE *fp) + /* Most systems provide FILE as a struct and the necessary bitmask in + , because they need it for implementing getc() and putc() as + fast macros. */ +-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++# if defined _IO_ftrylockfile || __GNU_LIBRARY__ /* GNU libc, BeOS, Haiku, Linux libc5 */ + fp->_IO_read_end = fp->_IO_read_ptr; + fp->_IO_write_ptr = fp->_IO_write_base; + /* Avoid memory leak when there is an active ungetc buffer. */ +diff --git a/liboath/gl/freading.c b/liboath/gl/freading.c +index 8ab19fd..54c3d5a 100644 +--- a/liboath/gl/freading.c ++++ b/liboath/gl/freading.c +@@ -31,7 +31,7 @@ freading (FILE *fp) + /* Most systems provide FILE as a struct and the necessary bitmask in + , because they need it for implementing getc() and putc() as + fast macros. */ +-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++# if defined _IO_ftrylockfile || __GNU_LIBRARY__ /* GNU libc, BeOS, Haiku, Linux libc5 */ + return ((fp->_flags & _IO_NO_WRITES) != 0 + || ((fp->_flags & (_IO_NO_READS | _IO_CURRENTLY_PUTTING)) == 0 + && fp->_IO_read_base != NULL)); +diff --git a/liboath/gl/fseeko.c b/liboath/gl/fseeko.c +index 67bb9ec..5616221 100644 +--- a/liboath/gl/fseeko.c ++++ b/liboath/gl/fseeko.c +@@ -47,7 +47,7 @@ fseeko (FILE *fp, off_t offset, int whence) + #endif + + /* These tests are based on fpurge.c. */ +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_ftrylockfile || __GNU_LIBRARY__ /* GNU libc, BeOS, Haiku, Linux libc5 */ + if (fp->_IO_read_end == fp->_IO_read_ptr + && fp->_IO_write_ptr == fp->_IO_write_base + && fp->_IO_save_base == NULL) +@@ -123,7 +123,7 @@ fseeko (FILE *fp, off_t offset, int whence) + return -1; + } + +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_ftrylockfile || __GNU_LIBRARY__ /* GNU libc, BeOS, Haiku, Linux libc5 */ + fp->_flags &= ~_IO_EOF_SEEN; + fp->_offset = pos; + #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__ +diff --git a/liboath/gl/stdio-impl.h b/liboath/gl/stdio-impl.h +index 4c02c9f..393ef0c 100644 +--- a/liboath/gl/stdio-impl.h ++++ b/liboath/gl/stdio-impl.h +@@ -1,23 +1,29 @@ + /* Implementation details of FILE streams. +- Copyright (C) 2007-2008, 2010-2016 Free Software Foundation, Inc. ++ Copyright (C) 2007-2008, 2010-2018 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify +- it under the terms of the GNU Lesser General Public License as published by +- the Free Software Foundation; either version 2.1 of the License, or ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +- GNU Lesser General Public License for more details. ++ GNU General Public License for more details. + +- You should have received a copy of the GNU Lesser General Public License +- along with this program. If not, see . */ ++ You should have received a copy of the GNU General Public License ++ along with this program. If not, see . */ + + /* Many stdio implementations have the same logic and therefore can share + the same implementation of stdio extension API, except that some fields + have different naming conventions, or their access requires some casts. */ + ++/* Glibc 2.28 made _IO_IN_BACKUP private. For now, work around this ++ problem by defining it ourselves. FIXME: Do not rely on glibc ++ internals. */ ++#if !defined _IO_IN_BACKUP && defined _IO_EOF_SEEN ++# define _IO_IN_BACKUP 0x100 ++#endif + + /* BSD stdio derived implementations. */ + +@@ -29,10 +35,10 @@ + #include /* For detecting Plan9. */ + + #if defined __sferror || defined __DragonFly__ || defined __ANDROID__ +- /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ ++ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */ + + # if defined __DragonFly__ /* DragonFly */ +- /* See . */ ++ /* See . */ + # define fp_ ((struct { struct __FILE_public pub; \ + struct { unsigned char *_base; int _size; } _bf; \ + void *cookie; \ +@@ -49,30 +55,84 @@ + fpos_t _offset; \ + /* More fields, not relevant here. */ \ + } *) fp) +- /* See . */ ++ /* See . */ + # define _p pub._p + # define _flags pub._flags + # define _r pub._r + # define _w pub._w ++# elif defined __ANDROID__ /* Android */ ++ /* Up to this commit from 2015-10-12 ++ ++ the innards of FILE were public, and fp_ub could be defined like for OpenBSD, ++ see ++ and . ++ After this commit, the innards of FILE are hidden. */ ++# define fp_ ((struct { unsigned char *_p; \ ++ int _r; \ ++ int _w; \ ++ int _flags; \ ++ int _file; \ ++ struct { unsigned char *_base; size_t _size; } _bf; \ ++ int _lbfsize; \ ++ void *_cookie; \ ++ void *_close; \ ++ void *_read; \ ++ void *_seek; \ ++ void *_write; \ ++ struct { unsigned char *_base; size_t _size; } _ext; \ ++ unsigned char *_up; \ ++ int _ur; \ ++ unsigned char _ubuf[3]; \ ++ unsigned char _nbuf[1]; \ ++ struct { unsigned char *_base; size_t _size; } _lb; \ ++ int _blksize; \ ++ fpos_t _offset; \ ++ /* More fields, not relevant here. */ \ ++ } *) fp) + # else + # define fp_ fp + # endif + +-# if (defined __NetBSD__ && __NetBSD_Version__ >= 105270000) || defined __OpenBSD__ || defined __ANDROID__ /* NetBSD >= 1.5ZA, OpenBSD, Android */ ++# if (defined __NetBSD__ && __NetBSD_Version__ >= 105270000) || defined __OpenBSD__ || defined __minix /* NetBSD >= 1.5ZA, OpenBSD, Minix 3 */ + /* See +- and */ ++ and ++ and */ + struct __sfileext + { + struct __sbuf _ub; /* ungetc buffer */ + /* More fields, not relevant here. */ + }; + # define fp_ub ((struct __sfileext *) fp->_ext._base)->_ub +-# else /* FreeBSD, NetBSD <= 1.5Z, DragonFly, Mac OS X, Cygwin, Android */ ++# elif defined __ANDROID__ /* Android */ ++ struct __sfileext ++ { ++ struct { unsigned char *_base; size_t _size; } _ub; /* ungetc buffer */ ++ /* More fields, not relevant here. */ ++ }; ++# define fp_ub ((struct __sfileext *) fp_->_ext._base)->_ub ++# else /* FreeBSD, NetBSD <= 1.5Z, DragonFly, Mac OS X, Cygwin */ + # define fp_ub fp_->_ub + # endif + + # define HASUB(fp) (fp_ub._base != NULL) + ++# if defined __ANDROID__ /* Android */ ++ /* Needed after this commit from 2016-01-25 ++ */ ++# ifndef __SEOF ++# define __SLBF 1 ++# define __SNBF 2 ++# define __SRD 4 ++# define __SWR 8 ++# define __SRW 0x10 ++# define __SEOF 0x20 ++# define __SERR 0x40 ++# endif ++# ifndef __SOFF ++# define __SOFF 0x1000 ++# endif ++# endif ++ + #endif + + +@@ -81,7 +141,7 @@ + #ifdef __TANDEM /* NonStop Kernel */ + # ifndef _IOERR + /* These values were determined by the program 'stdioext-flags' at +- . */ ++ . */ + # define _IOERR 0x40 + # define _IOREAD 0x80 + # define _IOWRT 0x4 +@@ -99,6 +159,8 @@ + int _file; \ + unsigned int _flag; \ + } *) fp) ++# elif defined __VMS /* OpenVMS */ ++# define fp_ ((struct _iobuf *) fp) + # else + # define fp_ fp + # endif +@@ -110,4 +172,31 @@ + # define _flag __flag + # endif + ++#elif defined _WIN32 && ! defined __CYGWIN__ /* newer Windows with MSVC */ ++ ++/* does not define the innards of FILE any more. */ ++# define WINDOWS_OPAQUE_FILE ++ ++struct _gl_real_FILE ++{ ++ /* Note: Compared to older Windows and to mingw, it has the fields ++ _base and _cnt swapped. */ ++ unsigned char *_ptr; ++ unsigned char *_base; ++ int _cnt; ++ int _flag; ++ int _file; ++ int _charbuf; ++ int _bufsiz; ++}; ++# define fp_ ((struct _gl_real_FILE *) fp) ++ ++/* These values were determined by a program similar to the one at ++ . */ ++# define _IOREAD 0x1 ++# define _IOWRT 0x2 ++# define _IORW 0x4 ++# define _IOEOF 0x8 ++# define _IOERR 0x10 ++ + #endif +diff --git a/libpskc/gl/intprops.h b/libpskc/gl/intprops.h +index feb02c3..af456ff 100644 +--- a/libpskc/gl/intprops.h ++++ b/libpskc/gl/intprops.h +@@ -1,6 +1,6 @@ + /* intprops.h -- properties of integer types + +- Copyright (C) 2001-2016 Free Software Foundation, Inc. ++ Copyright (C) 2001-2018 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published +@@ -13,7 +13,7 @@ + GNU Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License +- along with this program. If not, see . */ ++ along with this program. If not, see . */ + + /* Written by Paul Eggert. */ + +@@ -21,13 +21,12 @@ + #define _GL_INTPROPS_H + + #include +-#include + + /* Return a value with the common real type of E and V and the value of V. */ + #define _GL_INT_CONVERT(e, v) (0 * (e) + (v)) + + /* Act like _GL_INT_CONVERT (E, -V) but work around a bug in IRIX 6.5 cc; see +- . */ ++ . */ + #define _GL_INT_NEGATE_CONVERT(e, v) (0 * (e) - (v)) + + /* The extra casts in the following macros work around compiler bugs, +@@ -47,12 +46,16 @@ + + /* Minimum and maximum values for integer types and expressions. */ + ++/* The width in bits of the integer type or expression T. ++ Padding bits are not supported; this is checked at compile-time below. */ ++#define TYPE_WIDTH(t) (sizeof (t) * CHAR_BIT) ++ + /* The maximum and minimum values for the integer type T. */ + #define TYPE_MINIMUM(t) ((t) ~ TYPE_MAXIMUM (t)) + #define TYPE_MAXIMUM(t) \ + ((t) (! TYPE_SIGNED (t) \ + ? (t) -1 \ +- : ((((t) 1 << (sizeof (t) * CHAR_BIT - 2)) - 1) * 2 + 1))) ++ : ((((t) 1 << (TYPE_WIDTH (t) - 2)) - 1) * 2 + 1))) + + /* The maximum and minimum values for the type of the expression E, + after integer promotion. E should not have side effects. */ +@@ -65,29 +68,23 @@ + ? _GL_SIGNED_INT_MAXIMUM (e) \ + : _GL_INT_NEGATE_CONVERT (e, 1)) + #define _GL_SIGNED_INT_MAXIMUM(e) \ +- (((_GL_INT_CONVERT (e, 1) << (sizeof ((e) + 0) * CHAR_BIT - 2)) - 1) * 2 + 1) ++ (((_GL_INT_CONVERT (e, 1) << (TYPE_WIDTH ((e) + 0) - 2)) - 1) * 2 + 1) ++ ++/* Work around OpenVMS incompatibility with C99. */ ++#if !defined LLONG_MAX && defined __INT64_MAX ++# define LLONG_MAX __INT64_MAX ++# define LLONG_MIN __INT64_MIN ++#endif + + /* This include file assumes that signed types are two's complement without + padding bits; the above macros have undefined behavior otherwise. + If this is a problem for you, please let us know how to fix it for your host. +- As a sanity check, test the assumption for some signed types that +- bounds. */ +-verify (TYPE_MINIMUM (signed char) == SCHAR_MIN); +-verify (TYPE_MAXIMUM (signed char) == SCHAR_MAX); +-verify (TYPE_MINIMUM (short int) == SHRT_MIN); +-verify (TYPE_MAXIMUM (short int) == SHRT_MAX); +-verify (TYPE_MINIMUM (int) == INT_MIN); +-verify (TYPE_MAXIMUM (int) == INT_MAX); +-verify (TYPE_MINIMUM (long int) == LONG_MIN); +-verify (TYPE_MAXIMUM (long int) == LONG_MAX); +-#ifdef LLONG_MAX +-verify (TYPE_MINIMUM (long long int) == LLONG_MIN); +-verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); +-#endif ++ This assumption is tested by the intprops-tests module. */ + + /* Does the __typeof__ keyword work? This could be done by + 'configure', but for now it's easier to do it by hand. */ +-#if (2 <= __GNUC__ || defined __IBM__TYPEOF__ \ ++#if (2 <= __GNUC__ \ ++ || (1210 <= __IBMC__ && defined __IBM__TYPEOF__) \ + || (0x5110 <= __SUNPRO_C && !__STDC__)) + # define _GL_HAVE___TYPEOF__ 1 + #else +@@ -116,8 +113,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + signed, this macro may overestimate the true bound by one byte when + applied to unsigned types of size 2, 4, 16, ... bytes. */ + #define INT_STRLEN_BOUND(t) \ +- (INT_BITS_STRLEN_BOUND (sizeof (t) * CHAR_BIT \ +- - _GL_SIGNED_TYPE_OR_EXPR (t)) \ ++ (INT_BITS_STRLEN_BOUND (TYPE_WIDTH (t) - _GL_SIGNED_TYPE_OR_EXPR (t)) \ + + _GL_SIGNED_TYPE_OR_EXPR (t)) + + /* Bound on buffer size needed to represent an integer type or expression T, +@@ -183,7 +179,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + /* Return 1 if A * B would overflow in [MIN,MAX] arithmetic. + See above for restrictions. Avoid && and || as they tickle + bugs in Sun C 5.11 2010/08/13 and other compilers; see +- . */ ++ . */ + #define INT_MULTIPLY_RANGE_OVERFLOW(a, b, min, max) \ + ((b) < 0 \ + ? ((a) < 0 \ +@@ -222,20 +218,27 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + ? (a) < (min) >> (b) \ + : (max) >> (b) < (a)) + +-/* True if __builtin_add_overflow (A, B, P) works when P is null. */ +-#define _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL (7 <= __GNUC__) ++/* True if __builtin_add_overflow (A, B, P) works when P is non-null. */ ++#if 5 <= __GNUC__ && !defined __ICC ++# define _GL_HAS_BUILTIN_OVERFLOW 1 ++#else ++# define _GL_HAS_BUILTIN_OVERFLOW 0 ++#endif ++ ++/* True if __builtin_add_overflow_p (A, B, C) works. */ ++#define _GL_HAS_BUILTIN_OVERFLOW_P (7 <= __GNUC__) + + /* The _GL*_OVERFLOW macros have the same restrictions as the + *_RANGE_OVERFLOW macros, except that they do not assume that operands + (e.g., A and B) have the same type as MIN and MAX. Instead, they assume + that the result (e.g., A + B) has that type. */ +-#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL +-# define _GL_ADD_OVERFLOW(a, b, min, max) +- __builtin_add_overflow (a, b, (__typeof__ ((a) + (b)) *) 0) +-# define _GL_SUBTRACT_OVERFLOW(a, b, min, max) +- __builtin_sub_overflow (a, b, (__typeof__ ((a) - (b)) *) 0) +-# define _GL_MULTIPLY_OVERFLOW(a, b, min, max) +- __builtin_mul_overflow (a, b, (__typeof__ ((a) * (b)) *) 0) ++#if _GL_HAS_BUILTIN_OVERFLOW_P ++# define _GL_ADD_OVERFLOW(a, b, min, max) \ ++ __builtin_add_overflow_p (a, b, (__typeof__ ((a) + (b))) 0) ++# define _GL_SUBTRACT_OVERFLOW(a, b, min, max) \ ++ __builtin_sub_overflow_p (a, b, (__typeof__ ((a) - (b))) 0) ++# define _GL_MULTIPLY_OVERFLOW(a, b, min, max) \ ++ __builtin_mul_overflow_p (a, b, (__typeof__ ((a) * (b))) 0) + #else + # define _GL_ADD_OVERFLOW(a, b, min, max) \ + ((min) < 0 ? INT_ADD_RANGE_OVERFLOW (a, b, min, max) \ +@@ -315,7 +318,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + _GL_BINARY_OP_OVERFLOW (a, b, _GL_ADD_OVERFLOW) + #define INT_SUBTRACT_OVERFLOW(a, b) \ + _GL_BINARY_OP_OVERFLOW (a, b, _GL_SUBTRACT_OVERFLOW) +-#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL ++#if _GL_HAS_BUILTIN_OVERFLOW_P + # define INT_NEGATE_OVERFLOW(a) INT_SUBTRACT_OVERFLOW (0, a) + #else + # define INT_NEGATE_OVERFLOW(a) \ +@@ -349,10 +352,6 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + #define INT_MULTIPLY_WRAPV(a, b, r) \ + _GL_INT_OP_WRAPV (a, b, r, *, __builtin_mul_overflow, INT_MULTIPLY_OVERFLOW) + +-#ifndef __has_builtin +-# define __has_builtin(x) 0 +-#endif +- + /* Nonzero if this compiler has GCC bug 68193 or Clang bug 25390. See: + https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68193 + https://llvm.org/bugs/show_bug.cgi?id=25390 +@@ -369,17 +368,17 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + the operation. BUILTIN is the builtin operation, and OVERFLOW the + overflow predicate. Return 1 if the result overflows. See above + for restrictions. */ +-#if 5 <= __GNUC__ || __has_builtin (__builtin_add_overflow) ++#if _GL_HAS_BUILTIN_OVERFLOW + # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) builtin (a, b, r) + #elif 201112 <= __STDC_VERSION__ && !_GL__GENERIC_BOGUS + # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) \ + (_Generic \ + (*(r), \ + signed char: \ +- _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned char, \ ++ _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ + signed char, SCHAR_MIN, SCHAR_MAX), \ + short int: \ +- _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned short int, \ ++ _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ + short int, SHRT_MIN, SHRT_MAX), \ + int: \ + _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ +@@ -393,10 +392,10 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + #else + # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) \ + (sizeof *(r) == sizeof (signed char) \ +- ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned char, \ ++ ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ + signed char, SCHAR_MIN, SCHAR_MAX) \ + : sizeof *(r) == sizeof (short int) \ +- ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned short int, \ ++ ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ + short int, SHRT_MIN, SHRT_MAX) \ + : sizeof *(r) == sizeof (int) \ + ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ +@@ -412,15 +411,14 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + # else + # define _GL_INT_OP_WRAPV_LONGISH(a, b, r, op, overflow) \ + _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, \ +- long int, LONG_MIN, LONG_MAX)) ++ long int, LONG_MIN, LONG_MAX) + # endif + #endif + + /* Store the low-order bits of A B into *R, where the operation + is given by OP. Use the unsigned type UT for calculation to avoid +- overflow problems. *R's type is T, with extremal values TMIN and +- TMAX. T must be a signed integer type. Return 1 if the result +- overflows. */ ++ overflow problems. *R's type is T, with extrema TMIN and TMAX. ++ T must be a signed integer type. Return 1 if the result overflows. */ + #define _GL_INT_OP_CALC(a, b, r, op, overflow, ut, t, tmin, tmax) \ + (sizeof ((a) op (b)) < sizeof (t) \ + ? _GL_INT_OP_CALC1 ((t) (a), (t) (b), r, op, overflow, ut, t, tmin, tmax) \ +@@ -429,17 +427,27 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + ((overflow (a, b) \ + || (EXPR_SIGNED ((a) op (b)) && ((a) op (b)) < (tmin)) \ + || (tmax) < ((a) op (b))) \ +- ? (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t, tmin, tmax), 1) \ +- : (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t, tmin, tmax), 0)) +- +-/* Return A B, where the operation is given by OP. Use the +- unsigned type UT for calculation to avoid overflow problems. +- Convert the result to type T without overflow by subtracting TMIN +- from large values before converting, and adding it afterwards. +- Compilers can optimize all the operations except OP. */ +-#define _GL_INT_OP_WRAPV_VIA_UNSIGNED(a, b, op, ut, t, tmin, tmax) \ +- (((ut) (a) op (ut) (b)) <= (tmax) \ +- ? (t) ((ut) (a) op (ut) (b)) \ +- : ((t) (((ut) (a) op (ut) (b)) - (tmin)) + (tmin))) ++ ? (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t), 1) \ ++ : (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t), 0)) ++ ++/* Return the low-order bits of A B, where the operation is given ++ by OP. Use the unsigned type UT for calculation to avoid undefined ++ behavior on signed integer overflow, and convert the result to type T. ++ UT is at least as wide as T and is no narrower than unsigned int, ++ T is two's complement, and there is no padding or trap representations. ++ Assume that converting UT to T yields the low-order bits, as is ++ done in all known two's-complement C compilers. E.g., see: ++ https://gcc.gnu.org/onlinedocs/gcc/Integers-implementation.html ++ ++ According to the C standard, converting UT to T yields an ++ implementation-defined result or signal for values outside T's ++ range. However, code that works around this theoretical problem ++ runs afoul of a compiler bug in Oracle Studio 12.3 x86. See: ++ https://lists.gnu.org/r/bug-gnulib/2017-04/msg00049.html ++ As the compiler bug is real, don't try to work around the ++ theoretical problem. */ ++ ++#define _GL_INT_OP_WRAPV_VIA_UNSIGNED(a, b, op, ut, t) \ ++ ((t) ((ut) (a) op (ut) (b))) + + #endif /* _GL_INTPROPS_H */ +diff --git a/oathtool/gl/intprops.h b/oathtool/gl/intprops.h +index e1fce5c..af456ff 100644 +--- a/oathtool/gl/intprops.h ++++ b/oathtool/gl/intprops.h +@@ -1,19 +1,19 @@ + /* intprops.h -- properties of integer types + +- Copyright (C) 2001-2016 Free Software Foundation, Inc. ++ Copyright (C) 2001-2018 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify it +- under the terms of the GNU General Public License as published +- by the Free Software Foundation; either version 3 of the License, or ++ under the terms of the GNU Lesser General Public License as published ++ by the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +- GNU General Public License for more details. ++ GNU Lesser General Public License for more details. + +- You should have received a copy of the GNU General Public License +- along with this program. If not, see . */ ++ You should have received a copy of the GNU Lesser General Public License ++ along with this program. If not, see . */ + + /* Written by Paul Eggert. */ + +@@ -21,13 +21,12 @@ + #define _GL_INTPROPS_H + + #include +-#include + + /* Return a value with the common real type of E and V and the value of V. */ + #define _GL_INT_CONVERT(e, v) (0 * (e) + (v)) + + /* Act like _GL_INT_CONVERT (E, -V) but work around a bug in IRIX 6.5 cc; see +- . */ ++ . */ + #define _GL_INT_NEGATE_CONVERT(e, v) (0 * (e) - (v)) + + /* The extra casts in the following macros work around compiler bugs, +@@ -47,12 +46,16 @@ + + /* Minimum and maximum values for integer types and expressions. */ + ++/* The width in bits of the integer type or expression T. ++ Padding bits are not supported; this is checked at compile-time below. */ ++#define TYPE_WIDTH(t) (sizeof (t) * CHAR_BIT) ++ + /* The maximum and minimum values for the integer type T. */ + #define TYPE_MINIMUM(t) ((t) ~ TYPE_MAXIMUM (t)) + #define TYPE_MAXIMUM(t) \ + ((t) (! TYPE_SIGNED (t) \ + ? (t) -1 \ +- : ((((t) 1 << (sizeof (t) * CHAR_BIT - 2)) - 1) * 2 + 1))) ++ : ((((t) 1 << (TYPE_WIDTH (t) - 2)) - 1) * 2 + 1))) + + /* The maximum and minimum values for the type of the expression E, + after integer promotion. E should not have side effects. */ +@@ -65,29 +68,23 @@ + ? _GL_SIGNED_INT_MAXIMUM (e) \ + : _GL_INT_NEGATE_CONVERT (e, 1)) + #define _GL_SIGNED_INT_MAXIMUM(e) \ +- (((_GL_INT_CONVERT (e, 1) << (sizeof ((e) + 0) * CHAR_BIT - 2)) - 1) * 2 + 1) ++ (((_GL_INT_CONVERT (e, 1) << (TYPE_WIDTH ((e) + 0) - 2)) - 1) * 2 + 1) ++ ++/* Work around OpenVMS incompatibility with C99. */ ++#if !defined LLONG_MAX && defined __INT64_MAX ++# define LLONG_MAX __INT64_MAX ++# define LLONG_MIN __INT64_MIN ++#endif + + /* This include file assumes that signed types are two's complement without + padding bits; the above macros have undefined behavior otherwise. + If this is a problem for you, please let us know how to fix it for your host. +- As a sanity check, test the assumption for some signed types that +- bounds. */ +-verify (TYPE_MINIMUM (signed char) == SCHAR_MIN); +-verify (TYPE_MAXIMUM (signed char) == SCHAR_MAX); +-verify (TYPE_MINIMUM (short int) == SHRT_MIN); +-verify (TYPE_MAXIMUM (short int) == SHRT_MAX); +-verify (TYPE_MINIMUM (int) == INT_MIN); +-verify (TYPE_MAXIMUM (int) == INT_MAX); +-verify (TYPE_MINIMUM (long int) == LONG_MIN); +-verify (TYPE_MAXIMUM (long int) == LONG_MAX); +-#ifdef LLONG_MAX +-verify (TYPE_MINIMUM (long long int) == LLONG_MIN); +-verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); +-#endif ++ This assumption is tested by the intprops-tests module. */ + + /* Does the __typeof__ keyword work? This could be done by + 'configure', but for now it's easier to do it by hand. */ +-#if (2 <= __GNUC__ || defined __IBM__TYPEOF__ \ ++#if (2 <= __GNUC__ \ ++ || (1210 <= __IBMC__ && defined __IBM__TYPEOF__) \ + || (0x5110 <= __SUNPRO_C && !__STDC__)) + # define _GL_HAVE___TYPEOF__ 1 + #else +@@ -116,8 +113,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + signed, this macro may overestimate the true bound by one byte when + applied to unsigned types of size 2, 4, 16, ... bytes. */ + #define INT_STRLEN_BOUND(t) \ +- (INT_BITS_STRLEN_BOUND (sizeof (t) * CHAR_BIT \ +- - _GL_SIGNED_TYPE_OR_EXPR (t)) \ ++ (INT_BITS_STRLEN_BOUND (TYPE_WIDTH (t) - _GL_SIGNED_TYPE_OR_EXPR (t)) \ + + _GL_SIGNED_TYPE_OR_EXPR (t)) + + /* Bound on buffer size needed to represent an integer type or expression T, +@@ -183,7 +179,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + /* Return 1 if A * B would overflow in [MIN,MAX] arithmetic. + See above for restrictions. Avoid && and || as they tickle + bugs in Sun C 5.11 2010/08/13 and other compilers; see +- . */ ++ . */ + #define INT_MULTIPLY_RANGE_OVERFLOW(a, b, min, max) \ + ((b) < 0 \ + ? ((a) < 0 \ +@@ -222,20 +218,27 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + ? (a) < (min) >> (b) \ + : (max) >> (b) < (a)) + +-/* True if __builtin_add_overflow (A, B, P) works when P is null. */ +-#define _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL (7 <= __GNUC__) ++/* True if __builtin_add_overflow (A, B, P) works when P is non-null. */ ++#if 5 <= __GNUC__ && !defined __ICC ++# define _GL_HAS_BUILTIN_OVERFLOW 1 ++#else ++# define _GL_HAS_BUILTIN_OVERFLOW 0 ++#endif ++ ++/* True if __builtin_add_overflow_p (A, B, C) works. */ ++#define _GL_HAS_BUILTIN_OVERFLOW_P (7 <= __GNUC__) + + /* The _GL*_OVERFLOW macros have the same restrictions as the + *_RANGE_OVERFLOW macros, except that they do not assume that operands + (e.g., A and B) have the same type as MIN and MAX. Instead, they assume + that the result (e.g., A + B) has that type. */ +-#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL +-# define _GL_ADD_OVERFLOW(a, b, min, max) +- __builtin_add_overflow (a, b, (__typeof__ ((a) + (b)) *) 0) +-# define _GL_SUBTRACT_OVERFLOW(a, b, min, max) +- __builtin_sub_overflow (a, b, (__typeof__ ((a) - (b)) *) 0) +-# define _GL_MULTIPLY_OVERFLOW(a, b, min, max) +- __builtin_mul_overflow (a, b, (__typeof__ ((a) * (b)) *) 0) ++#if _GL_HAS_BUILTIN_OVERFLOW_P ++# define _GL_ADD_OVERFLOW(a, b, min, max) \ ++ __builtin_add_overflow_p (a, b, (__typeof__ ((a) + (b))) 0) ++# define _GL_SUBTRACT_OVERFLOW(a, b, min, max) \ ++ __builtin_sub_overflow_p (a, b, (__typeof__ ((a) - (b))) 0) ++# define _GL_MULTIPLY_OVERFLOW(a, b, min, max) \ ++ __builtin_mul_overflow_p (a, b, (__typeof__ ((a) * (b))) 0) + #else + # define _GL_ADD_OVERFLOW(a, b, min, max) \ + ((min) < 0 ? INT_ADD_RANGE_OVERFLOW (a, b, min, max) \ +@@ -315,7 +318,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + _GL_BINARY_OP_OVERFLOW (a, b, _GL_ADD_OVERFLOW) + #define INT_SUBTRACT_OVERFLOW(a, b) \ + _GL_BINARY_OP_OVERFLOW (a, b, _GL_SUBTRACT_OVERFLOW) +-#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL ++#if _GL_HAS_BUILTIN_OVERFLOW_P + # define INT_NEGATE_OVERFLOW(a) INT_SUBTRACT_OVERFLOW (0, a) + #else + # define INT_NEGATE_OVERFLOW(a) \ +@@ -349,10 +352,6 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + #define INT_MULTIPLY_WRAPV(a, b, r) \ + _GL_INT_OP_WRAPV (a, b, r, *, __builtin_mul_overflow, INT_MULTIPLY_OVERFLOW) + +-#ifndef __has_builtin +-# define __has_builtin(x) 0 +-#endif +- + /* Nonzero if this compiler has GCC bug 68193 or Clang bug 25390. See: + https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68193 + https://llvm.org/bugs/show_bug.cgi?id=25390 +@@ -369,17 +368,17 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + the operation. BUILTIN is the builtin operation, and OVERFLOW the + overflow predicate. Return 1 if the result overflows. See above + for restrictions. */ +-#if 5 <= __GNUC__ || __has_builtin (__builtin_add_overflow) ++#if _GL_HAS_BUILTIN_OVERFLOW + # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) builtin (a, b, r) + #elif 201112 <= __STDC_VERSION__ && !_GL__GENERIC_BOGUS + # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) \ + (_Generic \ + (*(r), \ + signed char: \ +- _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned char, \ ++ _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ + signed char, SCHAR_MIN, SCHAR_MAX), \ + short int: \ +- _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned short int, \ ++ _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ + short int, SHRT_MIN, SHRT_MAX), \ + int: \ + _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ +@@ -393,10 +392,10 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + #else + # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) \ + (sizeof *(r) == sizeof (signed char) \ +- ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned char, \ ++ ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ + signed char, SCHAR_MIN, SCHAR_MAX) \ + : sizeof *(r) == sizeof (short int) \ +- ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned short int, \ ++ ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ + short int, SHRT_MIN, SHRT_MAX) \ + : sizeof *(r) == sizeof (int) \ + ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ +@@ -412,15 +411,14 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + # else + # define _GL_INT_OP_WRAPV_LONGISH(a, b, r, op, overflow) \ + _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, \ +- long int, LONG_MIN, LONG_MAX)) ++ long int, LONG_MIN, LONG_MAX) + # endif + #endif + + /* Store the low-order bits of A B into *R, where the operation + is given by OP. Use the unsigned type UT for calculation to avoid +- overflow problems. *R's type is T, with extremal values TMIN and +- TMAX. T must be a signed integer type. Return 1 if the result +- overflows. */ ++ overflow problems. *R's type is T, with extrema TMIN and TMAX. ++ T must be a signed integer type. Return 1 if the result overflows. */ + #define _GL_INT_OP_CALC(a, b, r, op, overflow, ut, t, tmin, tmax) \ + (sizeof ((a) op (b)) < sizeof (t) \ + ? _GL_INT_OP_CALC1 ((t) (a), (t) (b), r, op, overflow, ut, t, tmin, tmax) \ +@@ -429,17 +427,27 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); + ((overflow (a, b) \ + || (EXPR_SIGNED ((a) op (b)) && ((a) op (b)) < (tmin)) \ + || (tmax) < ((a) op (b))) \ +- ? (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t, tmin, tmax), 1) \ +- : (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t, tmin, tmax), 0)) +- +-/* Return A B, where the operation is given by OP. Use the +- unsigned type UT for calculation to avoid overflow problems. +- Convert the result to type T without overflow by subtracting TMIN +- from large values before converting, and adding it afterwards. +- Compilers can optimize all the operations except OP. */ +-#define _GL_INT_OP_WRAPV_VIA_UNSIGNED(a, b, op, ut, t, tmin, tmax) \ +- (((ut) (a) op (ut) (b)) <= (tmax) \ +- ? (t) ((ut) (a) op (ut) (b)) \ +- : ((t) (((ut) (a) op (ut) (b)) - (tmin)) + (tmin))) ++ ? (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t), 1) \ ++ : (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t), 0)) ++ ++/* Return the low-order bits of A B, where the operation is given ++ by OP. Use the unsigned type UT for calculation to avoid undefined ++ behavior on signed integer overflow, and convert the result to type T. ++ UT is at least as wide as T and is no narrower than unsigned int, ++ T is two's complement, and there is no padding or trap representations. ++ Assume that converting UT to T yields the low-order bits, as is ++ done in all known two's-complement C compilers. E.g., see: ++ https://gcc.gnu.org/onlinedocs/gcc/Integers-implementation.html ++ ++ According to the C standard, converting UT to T yields an ++ implementation-defined result or signal for values outside T's ++ range. However, code that works around this theoretical problem ++ runs afoul of a compiler bug in Oracle Studio 12.3 x86. See: ++ https://lists.gnu.org/r/bug-gnulib/2017-04/msg00049.html ++ As the compiler bug is real, don't try to work around the ++ theoretical problem. */ ++ ++#define _GL_INT_OP_WRAPV_VIA_UNSIGNED(a, b, op, ut, t) \ ++ ((t) ((ut) (a) op (ut) (b))) + + #endif /* _GL_INTPROPS_H */ diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 2623dbe..cc6571d 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit -Version: 2.6.1 -Release: 7%{?dist} +Version: 2.6.2 +Release: 1%{?dist} License: GPLv3+ Group: System Environment/Libraries Summary: One-time password components @@ -14,6 +14,8 @@ Patch0: oath-toolkit-2.0.2-man-fix.patch # Fix invalid reads due to references to old (freed) xmlDoc, # upstream ticket #108736 Patch1: oath-toolkit-2.4.1-retain-original-xmldoc.patch +# rhbz#1605276 +Patch2: oath-toolkit-2.6.2-build-fix.patch %description The OATH Toolkit provide components for building one-time password @@ -121,11 +123,11 @@ A PAM module for pluggable login authentication for OATH. %prep %setup -q %patch0 -p1 -b .man-fix -%patch1 -p1 -b .retain-original-xmldoc.patch - -autoreconf -fi +%patch1 -p1 -b .retain-original-xmldoc +%patch2 -p1 -b .build-fix %build +autoreconf -fi %configure --with-pam-dir=%{_libdir}/security # Kill rpaths and link with --as-needed @@ -198,6 +200,11 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Fri Jul 20 2018 Jaroslav Škarvada - 2.6.2-1 +- New version +- Fixed FTBFS + Resolves: rhbz#1605276 + * Fri Jul 13 2018 Fedora Release Engineering - 2.6.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild diff --git a/sources b/sources index 96e577c..58a4bc9 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -19ee7ed7c2b40c1dc92887f893ed2726 oath-toolkit-2.6.1.tar.gz +SHA512 (oath-toolkit-2.6.2.tar.gz) = 201a702a05a2e9fb3a66d04750e1a34e293342126caf02c344954a0d9fd0daafe73ca7f1fe273be129ae555a29b82b72fa2b4770ea2ad10711924e1926ec2cfb From 9b8a86e3a97e25798dad6f9624407b960ab7b444 Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Tue, 22 Jan 2019 18:40:32 +0100 Subject: [PATCH 25/41] Remove obsolete ldconfig scriptlets References: https://fedoraproject.org/wiki/Changes/RemoveObsoleteScriptlets Signed-off-by: Igor Gnatenko --- oath-toolkit.spec | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index cc6571d..c9c3812 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -30,8 +30,6 @@ described in RFC6030 is supported. Summary: Library for OATH handling Group: Development/Libraries License: LGPLv2+ -Requires(post): /sbin/ldconfig -Requires(postun): /sbin/ldconfig # https://fedorahosted.org/fpc/ticket/174 Provides: bundled(gnulib) @@ -65,8 +63,6 @@ Summary: Library for PSKC handling Group: Development/Libraries License: LGPLv2+ Requires: xml-common -Requires(post): /sbin/ldconfig -Requires(postun): /sbin/ldconfig # https://fedorahosted.org/fpc/ticket/174 Provides: bundled(gnulib) @@ -150,13 +146,9 @@ rm -f %{buildroot}%{_libdir}/security/*.la # Make /etc/liboath directory mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath -%post -n liboath -p /sbin/ldconfig +%ldconfig_scriptlets -n liboath -%postun -n liboath -p /sbin/ldconfig - -%post -n libpskc -p /sbin/ldconfig - -%postun -n libpskc -p /sbin/ldconfig +%ldconfig_scriptlets -n libpskc %files -n liboath %doc liboath/COPYING From 53a5fe7b073a35412cca257c995354e54dcc85f5 Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Mon, 28 Jan 2019 20:17:59 +0100 Subject: [PATCH 26/41] Remove obsolete Group tag References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag --- oath-toolkit.spec | 8 -------- 1 file changed, 8 deletions(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index c9c3812..b314df7 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -2,7 +2,6 @@ Name: oath-toolkit Version: 2.6.2 Release: 1%{?dist} License: GPLv3+ -Group: System Environment/Libraries Summary: One-time password components BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel, autoconf, automake @@ -28,7 +27,6 @@ described in RFC6030 is supported. %package -n liboath Summary: Library for OATH handling -Group: Development/Libraries License: LGPLv2+ # https://fedorahosted.org/fpc/ticket/174 Provides: bundled(gnulib) @@ -40,7 +38,6 @@ HOTP algorithm (RFC4226) and the time-based TOTP algorithm (RFC6238). %package -n liboath-devel Summary: Development files for liboath -Group: Development/Libraries License: LGPLv2+ Requires: liboath%{?_isa} = %{version}-%{release} @@ -49,7 +46,6 @@ Development files for liboath. %package -n liboath-doc Summary: Documentation files for liboath -Group: Development/Libraries License: LGPLv2+ Requires: liboath = %{version}-%{release} Requires: gtk-doc @@ -60,7 +56,6 @@ Documentation files for liboath. %package -n libpskc Summary: Library for PSKC handling -Group: Development/Libraries License: LGPLv2+ Requires: xml-common # https://fedorahosted.org/fpc/ticket/174 @@ -72,7 +67,6 @@ Container (PSKC) format described in RFC6030 is supported. %package -n libpskc-devel Summary: Development files for libpskc -Group: Development/Libraries License: LGPLv2+ Requires: libpskc%{?_isa} = %{version}-%{release} @@ -81,7 +75,6 @@ Development files for libpskc. %package -n libpskc-doc Summary: Documentation files for libpskc -Group: Development/Libraries License: LGPLv2+ Requires: libpskc = %{version}-%{release} Requires: gtk-doc @@ -110,7 +103,6 @@ A command line tool for manipulating PSKC data. %package -n pam_oath Summary: A PAM module for pluggable login authentication for OATH -Group: Development/Libraries Requires: pam %description -n pam_oath From d95224b09d5c47d4248a9b9eea52b1408bdf2aca Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 1 Feb 2019 16:42:42 +0000 Subject: [PATCH 27/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index b314df7..e902e88 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.2 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv3+ Summary: One-time password components BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel @@ -184,6 +184,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Fri Feb 01 2019 Fedora Release Engineering - 2.6.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + * Fri Jul 20 2018 Jaroslav Škarvada - 2.6.2-1 - New version - Fixed FTBFS From 2d254f62e2fab2f15d08505f082aa159c8bc9334 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 25 Jul 2019 22:44:50 +0000 Subject: [PATCH 28/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index e902e88..15aa332 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.2 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv3+ Summary: One-time password components BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel @@ -184,6 +184,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu Jul 25 2019 Fedora Release Engineering - 2.6.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + * Fri Feb 01 2019 Fedora Release Engineering - 2.6.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild From e66d35a6db14c600fddab626c2442cecce9bba28 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 29 Jan 2020 19:25:06 +0000 Subject: [PATCH 29/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 15aa332..040a662 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.2 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv3+ Summary: One-time password components BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel @@ -184,6 +184,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Wed Jan 29 2020 Fedora Release Engineering - 2.6.2-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + * Thu Jul 25 2019 Fedora Release Engineering - 2.6.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild From 6ef00250733e80b2ac9a507e70d147060fbc6e62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 4 May 2020 11:46:38 +0200 Subject: [PATCH 30/41] Added support for configurable lock file locations and set the default path Resolves: rhbz#1178036 --- oath-toolkit-2.6.2-lockfile.patch | 195 ++++++++++++++++++++++++++++++ oath-toolkit.spec | 8 +- 2 files changed, 202 insertions(+), 1 deletion(-) create mode 100644 oath-toolkit-2.6.2-lockfile.patch diff --git a/oath-toolkit-2.6.2-lockfile.patch b/oath-toolkit-2.6.2-lockfile.patch new file mode 100644 index 0000000..ef672bf --- /dev/null +++ b/oath-toolkit-2.6.2-lockfile.patch @@ -0,0 +1,195 @@ +diff --git a/liboath/global.c b/liboath/global.c +index 6fb51fd..251ad15 100644 +--- a/liboath/global.c ++++ b/liboath/global.c +@@ -25,9 +25,12 @@ + + #include /* For snprintf, getline. */ + #include /* For strverscmp. */ ++#include /* For free. */ + + #include "gc.h" + ++char *oath_lockfile_path = NULL; ++ + /** + * oath_init: + * +@@ -52,6 +55,8 @@ oath_init (void) + if (gc_init () != GC_OK) + return OATH_CRYPTO_ERROR; + ++ oath_lockfile_path = NULL; ++ + return OATH_OK; + } + +@@ -71,6 +76,11 @@ oath_done (void) + { + gc_done (); + ++ if (oath_lockfile_path) ++ { ++ free(oath_lockfile_path); ++ oath_lockfile_path = NULL; ++ } + return OATH_OK; + } + +@@ -99,3 +109,23 @@ oath_check_version (const char *req_version) + + return NULL; + } ++ ++int ++oath_set_lockfile_path(const char *lockfile) ++{ ++ int l; ++ ++ if (oath_lockfile_path) ++ { ++ free(oath_lockfile_path); ++ oath_lockfile_path = NULL; ++ } ++ ++ if (lockfile) ++ { ++ l = asprintf (&oath_lockfile_path, "%s", lockfile); ++ if (oath_lockfile_path == NULL || ((size_t) l) != strlen (lockfile)) ++ return OATH_PRINTF_ERROR; ++ } ++ return OATH_OK; ++} +diff --git a/liboath/liboath.map b/liboath/liboath.map +index 010c512..fd32e07 100644 +--- a/liboath/liboath.map ++++ b/liboath/liboath.map +@@ -75,6 +75,7 @@ LIBOATH_2.2.0 + global: + oath_totp_validate3; + oath_totp_validate3_callback; ++ oath_set_lockfile_path; + } LIBOATH_1.12.0; + + LIBOATH_2.6.0 +diff --git a/liboath/oath.h b/liboath/oath.h +index 7819c02..8bb5fc6 100644 +--- a/liboath/oath.h ++++ b/liboath/oath.h +@@ -136,11 +136,15 @@ typedef enum + + /* Global */ + ++extern char *oath_lockfile_path; ++ + extern OATHAPI int oath_init (void); + extern OATHAPI int oath_done (void); + + extern OATHAPI const char *oath_check_version (const char *req_version); + ++extern OATHAPI int oath_set_lockfile_path(const char *lockfile); ++ + /* Error handling */ + + extern OATHAPI const char *oath_strerror (int err); +diff --git a/liboath/oath.h.in b/liboath/oath.h.in +index 524e9ac..4d5cddc 100644 +--- a/liboath/oath.h.in ++++ b/liboath/oath.h.in +@@ -136,11 +136,15 @@ typedef enum + + /* Global */ + ++extern char *oath_lockfile_path; ++ + extern OATHAPI int oath_init (void); + extern OATHAPI int oath_done (void); + + extern OATHAPI const char *oath_check_version (const char *req_version); + ++extern OATHAPI int oath_set_lockfile_path(const char *lockfile); ++ + /* Error handling */ + + extern OATHAPI const char *oath_strerror (int err); +diff --git a/liboath/usersfile.c b/liboath/usersfile.c +index 3442fd2..066f936 100644 +--- a/liboath/usersfile.c ++++ b/liboath/usersfile.c +@@ -323,9 +323,18 @@ update_usersfile (const char *usersfile, + { + int l; + +- l = asprintf (&lockfile, "%s.lock", usersfile); +- if (lockfile == NULL || ((size_t) l) != strlen (usersfile) + 5) +- return OATH_PRINTF_ERROR; ++ if (oath_lockfile_path) ++ { ++ l = asprintf (&lockfile, "%s", oath_lockfile_path); ++ if (lockfile == NULL || ((size_t) l) != strlen (oath_lockfile_path)) ++ return OATH_PRINTF_ERROR; ++ } ++ else ++ { ++ l = asprintf (&lockfile, "%s.lock", usersfile); ++ if (lockfile == NULL || ((size_t) l) != strlen (usersfile) + 5) ++ return OATH_PRINTF_ERROR; ++ } + + lockfh = fopen (lockfile, "w"); + if (!lockfh) +diff --git a/pam_oath/pam_oath.c b/pam_oath/pam_oath.c +index 57fd33c..aa041e3 100644 +--- a/pam_oath/pam_oath.c ++++ b/pam_oath/pam_oath.c +@@ -70,6 +70,7 @@ struct cfg + int try_first_pass; + int use_first_pass; + char *usersfile; ++ char *lockfile; + unsigned digits; + unsigned window; + }; +@@ -84,6 +85,7 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) + cfg->try_first_pass = 0; + cfg->use_first_pass = 0; + cfg->usersfile = NULL; ++ cfg->lockfile = NULL; + cfg->digits = -1; + cfg->window = 5; + +@@ -99,6 +101,8 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) + cfg->use_first_pass = 1; + if (strncmp (argv[i], "usersfile=", 10) == 0) + cfg->usersfile = (char *) argv[i] + 10; ++ if (strncmp (argv[i], "lockfile=", 9) == 0) ++ cfg->lockfile = (char *) argv[i] + 9; + if (strncmp (argv[i], "digits=", 7) == 0) + cfg->digits = atoi (argv[i] + 7); + if (strncmp (argv[i], "window=", 7) == 0) +@@ -124,6 +128,7 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) + D (("try_first_pass=%d", cfg->try_first_pass)); + D (("use_first_pass=%d", cfg->use_first_pass)); + D (("usersfile=%s", cfg->usersfile ? cfg->usersfile : "(null)")); ++ D (("lockfile=%s", cfg->lockfile ? cfg->lockfile : "(null)")); + D (("digits=%d", cfg->digits)); + D (("window=%d", cfg->window)); + } +@@ -189,6 +194,17 @@ pam_sm_authenticate (pam_handle_t * pamh, + goto done; + } + ++ if (cfg.lockfile) ++ rc = oath_set_lockfile_path(cfg.lockfile); ++ else ++ rc = oath_set_lockfile_path("/var/lock/pam_oath.lock"); ++ if (rc != OATH_OK) ++ { ++ DBG (("oath_set_lockfile_path() failed (%d)", rc)); ++ retval = PAM_AUTHINFO_UNAVAIL; ++ goto done; ++ } ++ + if (password == NULL) + { + retval = pam_get_item (pamh, PAM_CONV, (const void **) &conv); diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 040a662..71e4357 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.2 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv3+ Summary: One-time password components BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel @@ -15,6 +15,7 @@ Patch0: oath-toolkit-2.0.2-man-fix.patch Patch1: oath-toolkit-2.4.1-retain-original-xmldoc.patch # rhbz#1605276 Patch2: oath-toolkit-2.6.2-build-fix.patch +Patch3: oath-toolkit-2.6.2-lockfile.patch %description The OATH Toolkit provide components for building one-time password @@ -113,6 +114,7 @@ A PAM module for pluggable login authentication for OATH. %patch0 -p1 -b .man-fix %patch1 -p1 -b .retain-original-xmldoc %patch2 -p1 -b .build-fix +%patch3 -p1 -b .lockfile %build autoreconf -fi @@ -184,6 +186,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Mon May 4 2020 Jaroslav Škarvada - 2.6.2-5 +- Added support for configurable lock file locations and set the default path + Resolves: rhbz#1178036 + * Wed Jan 29 2020 Fedora Release Engineering - 2.6.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild From 8aff76002c424f7544a80a2b693b2e46d28b67ed Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Tue, 28 Jul 2020 12:02:04 +0000 Subject: [PATCH 31/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 71e4357..fd9a136 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.2 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv3+ Summary: One-time password components BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel @@ -186,6 +186,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Tue Jul 28 2020 Fedora Release Engineering - 2.6.2-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + * Mon May 4 2020 Jaroslav Škarvada - 2.6.2-5 - Added support for configurable lock file locations and set the default path Resolves: rhbz#1178036 From 6a6380619780bf7e25f32fc8f94bd97783e1d724 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 9 Nov 2020 18:37:10 +0100 Subject: [PATCH 32/41] New version Resolves: rhbz#1895618 --- oath-toolkit-2.6.2-build-fix.patch | 874 ----------------------------- oath-toolkit.spec | 15 +- 2 files changed, 8 insertions(+), 881 deletions(-) delete mode 100644 oath-toolkit-2.6.2-build-fix.patch diff --git a/oath-toolkit-2.6.2-build-fix.patch b/oath-toolkit-2.6.2-build-fix.patch deleted file mode 100644 index a2fc1ad..0000000 --- a/oath-toolkit-2.6.2-build-fix.patch +++ /dev/null @@ -1,874 +0,0 @@ -diff --git a/liboath/gl/fflush.c b/liboath/gl/fflush.c -index 3664842..a140b7a 100644 ---- a/liboath/gl/fflush.c -+++ b/liboath/gl/fflush.c -@@ -1,18 +1,18 @@ - /* fflush.c -- allow flushing input streams -- Copyright (C) 2007-2016 Free Software Foundation, Inc. -+ Copyright (C) 2007-2018 Free Software Foundation, Inc. - - This program is free software: you can redistribute it and/or modify -- it under the terms of the GNU Lesser General Public License as published by -- the Free Software Foundation; either version 2.1 of the License, or -+ it under the terms of the GNU General Public License as published by -+ the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU Lesser General Public License for more details. -+ GNU General Public License for more details. - -- You should have received a copy of the GNU Lesser General Public License -- along with this program. If not, see . */ -+ You should have received a copy of the GNU General Public License -+ along with this program. If not, see . */ - - /* Written by Eric Blake. */ - -@@ -33,7 +33,8 @@ - #undef fflush - - --#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ -+#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 -+/* GNU libc, BeOS, Haiku, Linux libc5 */ - - /* Clear the stream's ungetc buffer, preserving the value of ftello (fp). */ - static void -@@ -51,7 +52,7 @@ static void - clear_ungetc_buffer (FILE *fp) - { - # if defined __sferror || defined __DragonFly__ || defined __ANDROID__ -- /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ -+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */ - if (HASUB (fp)) - { - fp_->_p += fp_->_r; -@@ -63,7 +64,7 @@ clear_ungetc_buffer (FILE *fp) - fp->_ungetc_count = 0; - fp->_rcount = - fp->_rcount; - } --# elif defined _IOERR /* Minix, AIX, HP-UX, IRIX, OSF/1, Solaris, OpenServer, mingw, NonStop Kernel */ -+# elif defined _IOERR /* Minix, AIX, HP-UX, IRIX, OSF/1, Solaris, OpenServer, mingw, MSVC, NonStop Kernel, OpenVMS */ - /* Nothing to do. */ - # else /* other implementations */ - fseeko (fp, 0, SEEK_CUR); -@@ -72,10 +73,11 @@ clear_ungetc_buffer (FILE *fp) - - #endif - --#if ! (defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */) -+#if ! (defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1) -+/* GNU libc, BeOS, Haiku, Linux libc5 */ - - # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT --/* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ -+/* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */ - - static int - disable_seek_optimization (FILE *fp) -@@ -98,7 +100,7 @@ update_fpos_cache (FILE *fp _GL_UNUSED_PARAMETER, - off_t pos _GL_UNUSED_PARAMETER) - { - # if defined __sferror || defined __DragonFly__ || defined __ANDROID__ -- /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ -+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */ - # if defined __CYGWIN__ - /* fp_->_offset is typed as an integer. */ - fp_->_offset = pos; -@@ -148,7 +150,8 @@ rpl_fflush (FILE *stream) - if (stream == NULL || ! freading (stream)) - return fflush (stream); - --#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ -+#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 -+ /* GNU libc, BeOS, Haiku, Linux libc5 */ - - clear_ungetc_buffer_preserving_position (stream); - -@@ -199,7 +202,7 @@ rpl_fflush (FILE *stream) - } - - # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT -- /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ -+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */ - - { - /* Disable seek optimization for the next fseeko call. This tells the -diff --git a/liboath/gl/fpurge.c b/liboath/gl/fpurge.c -index acf5905..f9c2d25 100644 ---- a/liboath/gl/fpurge.c -+++ b/liboath/gl/fpurge.c -@@ -62,7 +62,7 @@ fpurge (FILE *fp) - /* Most systems provide FILE as a struct and the necessary bitmask in - , because they need it for implementing getc() and putc() as - fast macros. */ --# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ -+# if defined _IO_ftrylockfile || __GNU_LIBRARY__ /* GNU libc, BeOS, Haiku, Linux libc5 */ - fp->_IO_read_end = fp->_IO_read_ptr; - fp->_IO_write_ptr = fp->_IO_write_base; - /* Avoid memory leak when there is an active ungetc buffer. */ -diff --git a/liboath/gl/freading.c b/liboath/gl/freading.c -index 8ab19fd..54c3d5a 100644 ---- a/liboath/gl/freading.c -+++ b/liboath/gl/freading.c -@@ -31,7 +31,7 @@ freading (FILE *fp) - /* Most systems provide FILE as a struct and the necessary bitmask in - , because they need it for implementing getc() and putc() as - fast macros. */ --# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ -+# if defined _IO_ftrylockfile || __GNU_LIBRARY__ /* GNU libc, BeOS, Haiku, Linux libc5 */ - return ((fp->_flags & _IO_NO_WRITES) != 0 - || ((fp->_flags & (_IO_NO_READS | _IO_CURRENTLY_PUTTING)) == 0 - && fp->_IO_read_base != NULL)); -diff --git a/liboath/gl/fseeko.c b/liboath/gl/fseeko.c -index 67bb9ec..5616221 100644 ---- a/liboath/gl/fseeko.c -+++ b/liboath/gl/fseeko.c -@@ -47,7 +47,7 @@ fseeko (FILE *fp, off_t offset, int whence) - #endif - - /* These tests are based on fpurge.c. */ --#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ -+#if defined _IO_ftrylockfile || __GNU_LIBRARY__ /* GNU libc, BeOS, Haiku, Linux libc5 */ - if (fp->_IO_read_end == fp->_IO_read_ptr - && fp->_IO_write_ptr == fp->_IO_write_base - && fp->_IO_save_base == NULL) -@@ -123,7 +123,7 @@ fseeko (FILE *fp, off_t offset, int whence) - return -1; - } - --#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ -+#if defined _IO_ftrylockfile || __GNU_LIBRARY__ /* GNU libc, BeOS, Haiku, Linux libc5 */ - fp->_flags &= ~_IO_EOF_SEEN; - fp->_offset = pos; - #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__ -diff --git a/liboath/gl/stdio-impl.h b/liboath/gl/stdio-impl.h -index 4c02c9f..393ef0c 100644 ---- a/liboath/gl/stdio-impl.h -+++ b/liboath/gl/stdio-impl.h -@@ -1,23 +1,29 @@ - /* Implementation details of FILE streams. -- Copyright (C) 2007-2008, 2010-2016 Free Software Foundation, Inc. -+ Copyright (C) 2007-2008, 2010-2018 Free Software Foundation, Inc. - - This program is free software: you can redistribute it and/or modify -- it under the terms of the GNU Lesser General Public License as published by -- the Free Software Foundation; either version 2.1 of the License, or -+ it under the terms of the GNU General Public License as published by -+ the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU Lesser General Public License for more details. -+ GNU General Public License for more details. - -- You should have received a copy of the GNU Lesser General Public License -- along with this program. If not, see . */ -+ You should have received a copy of the GNU General Public License -+ along with this program. If not, see . */ - - /* Many stdio implementations have the same logic and therefore can share - the same implementation of stdio extension API, except that some fields - have different naming conventions, or their access requires some casts. */ - -+/* Glibc 2.28 made _IO_IN_BACKUP private. For now, work around this -+ problem by defining it ourselves. FIXME: Do not rely on glibc -+ internals. */ -+#if !defined _IO_IN_BACKUP && defined _IO_EOF_SEEN -+# define _IO_IN_BACKUP 0x100 -+#endif - - /* BSD stdio derived implementations. */ - -@@ -29,10 +35,10 @@ - #include /* For detecting Plan9. */ - - #if defined __sferror || defined __DragonFly__ || defined __ANDROID__ -- /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ -+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */ - - # if defined __DragonFly__ /* DragonFly */ -- /* See . */ -+ /* See . */ - # define fp_ ((struct { struct __FILE_public pub; \ - struct { unsigned char *_base; int _size; } _bf; \ - void *cookie; \ -@@ -49,30 +55,84 @@ - fpos_t _offset; \ - /* More fields, not relevant here. */ \ - } *) fp) -- /* See . */ -+ /* See . */ - # define _p pub._p - # define _flags pub._flags - # define _r pub._r - # define _w pub._w -+# elif defined __ANDROID__ /* Android */ -+ /* Up to this commit from 2015-10-12 -+ -+ the innards of FILE were public, and fp_ub could be defined like for OpenBSD, -+ see -+ and . -+ After this commit, the innards of FILE are hidden. */ -+# define fp_ ((struct { unsigned char *_p; \ -+ int _r; \ -+ int _w; \ -+ int _flags; \ -+ int _file; \ -+ struct { unsigned char *_base; size_t _size; } _bf; \ -+ int _lbfsize; \ -+ void *_cookie; \ -+ void *_close; \ -+ void *_read; \ -+ void *_seek; \ -+ void *_write; \ -+ struct { unsigned char *_base; size_t _size; } _ext; \ -+ unsigned char *_up; \ -+ int _ur; \ -+ unsigned char _ubuf[3]; \ -+ unsigned char _nbuf[1]; \ -+ struct { unsigned char *_base; size_t _size; } _lb; \ -+ int _blksize; \ -+ fpos_t _offset; \ -+ /* More fields, not relevant here. */ \ -+ } *) fp) - # else - # define fp_ fp - # endif - --# if (defined __NetBSD__ && __NetBSD_Version__ >= 105270000) || defined __OpenBSD__ || defined __ANDROID__ /* NetBSD >= 1.5ZA, OpenBSD, Android */ -+# if (defined __NetBSD__ && __NetBSD_Version__ >= 105270000) || defined __OpenBSD__ || defined __minix /* NetBSD >= 1.5ZA, OpenBSD, Minix 3 */ - /* See -- and */ -+ and -+ and */ - struct __sfileext - { - struct __sbuf _ub; /* ungetc buffer */ - /* More fields, not relevant here. */ - }; - # define fp_ub ((struct __sfileext *) fp->_ext._base)->_ub --# else /* FreeBSD, NetBSD <= 1.5Z, DragonFly, Mac OS X, Cygwin, Android */ -+# elif defined __ANDROID__ /* Android */ -+ struct __sfileext -+ { -+ struct { unsigned char *_base; size_t _size; } _ub; /* ungetc buffer */ -+ /* More fields, not relevant here. */ -+ }; -+# define fp_ub ((struct __sfileext *) fp_->_ext._base)->_ub -+# else /* FreeBSD, NetBSD <= 1.5Z, DragonFly, Mac OS X, Cygwin */ - # define fp_ub fp_->_ub - # endif - - # define HASUB(fp) (fp_ub._base != NULL) - -+# if defined __ANDROID__ /* Android */ -+ /* Needed after this commit from 2016-01-25 -+ */ -+# ifndef __SEOF -+# define __SLBF 1 -+# define __SNBF 2 -+# define __SRD 4 -+# define __SWR 8 -+# define __SRW 0x10 -+# define __SEOF 0x20 -+# define __SERR 0x40 -+# endif -+# ifndef __SOFF -+# define __SOFF 0x1000 -+# endif -+# endif -+ - #endif - - -@@ -81,7 +141,7 @@ - #ifdef __TANDEM /* NonStop Kernel */ - # ifndef _IOERR - /* These values were determined by the program 'stdioext-flags' at -- . */ -+ . */ - # define _IOERR 0x40 - # define _IOREAD 0x80 - # define _IOWRT 0x4 -@@ -99,6 +159,8 @@ - int _file; \ - unsigned int _flag; \ - } *) fp) -+# elif defined __VMS /* OpenVMS */ -+# define fp_ ((struct _iobuf *) fp) - # else - # define fp_ fp - # endif -@@ -110,4 +172,31 @@ - # define _flag __flag - # endif - -+#elif defined _WIN32 && ! defined __CYGWIN__ /* newer Windows with MSVC */ -+ -+/* does not define the innards of FILE any more. */ -+# define WINDOWS_OPAQUE_FILE -+ -+struct _gl_real_FILE -+{ -+ /* Note: Compared to older Windows and to mingw, it has the fields -+ _base and _cnt swapped. */ -+ unsigned char *_ptr; -+ unsigned char *_base; -+ int _cnt; -+ int _flag; -+ int _file; -+ int _charbuf; -+ int _bufsiz; -+}; -+# define fp_ ((struct _gl_real_FILE *) fp) -+ -+/* These values were determined by a program similar to the one at -+ . */ -+# define _IOREAD 0x1 -+# define _IOWRT 0x2 -+# define _IORW 0x4 -+# define _IOEOF 0x8 -+# define _IOERR 0x10 -+ - #endif -diff --git a/libpskc/gl/intprops.h b/libpskc/gl/intprops.h -index feb02c3..af456ff 100644 ---- a/libpskc/gl/intprops.h -+++ b/libpskc/gl/intprops.h -@@ -1,6 +1,6 @@ - /* intprops.h -- properties of integer types - -- Copyright (C) 2001-2016 Free Software Foundation, Inc. -+ Copyright (C) 2001-2018 Free Software Foundation, Inc. - - This program is free software: you can redistribute it and/or modify it - under the terms of the GNU Lesser General Public License as published -@@ -13,7 +13,7 @@ - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License -- along with this program. If not, see . */ -+ along with this program. If not, see . */ - - /* Written by Paul Eggert. */ - -@@ -21,13 +21,12 @@ - #define _GL_INTPROPS_H - - #include --#include - - /* Return a value with the common real type of E and V and the value of V. */ - #define _GL_INT_CONVERT(e, v) (0 * (e) + (v)) - - /* Act like _GL_INT_CONVERT (E, -V) but work around a bug in IRIX 6.5 cc; see -- . */ -+ . */ - #define _GL_INT_NEGATE_CONVERT(e, v) (0 * (e) - (v)) - - /* The extra casts in the following macros work around compiler bugs, -@@ -47,12 +46,16 @@ - - /* Minimum and maximum values for integer types and expressions. */ - -+/* The width in bits of the integer type or expression T. -+ Padding bits are not supported; this is checked at compile-time below. */ -+#define TYPE_WIDTH(t) (sizeof (t) * CHAR_BIT) -+ - /* The maximum and minimum values for the integer type T. */ - #define TYPE_MINIMUM(t) ((t) ~ TYPE_MAXIMUM (t)) - #define TYPE_MAXIMUM(t) \ - ((t) (! TYPE_SIGNED (t) \ - ? (t) -1 \ -- : ((((t) 1 << (sizeof (t) * CHAR_BIT - 2)) - 1) * 2 + 1))) -+ : ((((t) 1 << (TYPE_WIDTH (t) - 2)) - 1) * 2 + 1))) - - /* The maximum and minimum values for the type of the expression E, - after integer promotion. E should not have side effects. */ -@@ -65,29 +68,23 @@ - ? _GL_SIGNED_INT_MAXIMUM (e) \ - : _GL_INT_NEGATE_CONVERT (e, 1)) - #define _GL_SIGNED_INT_MAXIMUM(e) \ -- (((_GL_INT_CONVERT (e, 1) << (sizeof ((e) + 0) * CHAR_BIT - 2)) - 1) * 2 + 1) -+ (((_GL_INT_CONVERT (e, 1) << (TYPE_WIDTH ((e) + 0) - 2)) - 1) * 2 + 1) -+ -+/* Work around OpenVMS incompatibility with C99. */ -+#if !defined LLONG_MAX && defined __INT64_MAX -+# define LLONG_MAX __INT64_MAX -+# define LLONG_MIN __INT64_MIN -+#endif - - /* This include file assumes that signed types are two's complement without - padding bits; the above macros have undefined behavior otherwise. - If this is a problem for you, please let us know how to fix it for your host. -- As a sanity check, test the assumption for some signed types that -- bounds. */ --verify (TYPE_MINIMUM (signed char) == SCHAR_MIN); --verify (TYPE_MAXIMUM (signed char) == SCHAR_MAX); --verify (TYPE_MINIMUM (short int) == SHRT_MIN); --verify (TYPE_MAXIMUM (short int) == SHRT_MAX); --verify (TYPE_MINIMUM (int) == INT_MIN); --verify (TYPE_MAXIMUM (int) == INT_MAX); --verify (TYPE_MINIMUM (long int) == LONG_MIN); --verify (TYPE_MAXIMUM (long int) == LONG_MAX); --#ifdef LLONG_MAX --verify (TYPE_MINIMUM (long long int) == LLONG_MIN); --verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); --#endif -+ This assumption is tested by the intprops-tests module. */ - - /* Does the __typeof__ keyword work? This could be done by - 'configure', but for now it's easier to do it by hand. */ --#if (2 <= __GNUC__ || defined __IBM__TYPEOF__ \ -+#if (2 <= __GNUC__ \ -+ || (1210 <= __IBMC__ && defined __IBM__TYPEOF__) \ - || (0x5110 <= __SUNPRO_C && !__STDC__)) - # define _GL_HAVE___TYPEOF__ 1 - #else -@@ -116,8 +113,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - signed, this macro may overestimate the true bound by one byte when - applied to unsigned types of size 2, 4, 16, ... bytes. */ - #define INT_STRLEN_BOUND(t) \ -- (INT_BITS_STRLEN_BOUND (sizeof (t) * CHAR_BIT \ -- - _GL_SIGNED_TYPE_OR_EXPR (t)) \ -+ (INT_BITS_STRLEN_BOUND (TYPE_WIDTH (t) - _GL_SIGNED_TYPE_OR_EXPR (t)) \ - + _GL_SIGNED_TYPE_OR_EXPR (t)) - - /* Bound on buffer size needed to represent an integer type or expression T, -@@ -183,7 +179,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - /* Return 1 if A * B would overflow in [MIN,MAX] arithmetic. - See above for restrictions. Avoid && and || as they tickle - bugs in Sun C 5.11 2010/08/13 and other compilers; see -- . */ -+ . */ - #define INT_MULTIPLY_RANGE_OVERFLOW(a, b, min, max) \ - ((b) < 0 \ - ? ((a) < 0 \ -@@ -222,20 +218,27 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - ? (a) < (min) >> (b) \ - : (max) >> (b) < (a)) - --/* True if __builtin_add_overflow (A, B, P) works when P is null. */ --#define _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL (7 <= __GNUC__) -+/* True if __builtin_add_overflow (A, B, P) works when P is non-null. */ -+#if 5 <= __GNUC__ && !defined __ICC -+# define _GL_HAS_BUILTIN_OVERFLOW 1 -+#else -+# define _GL_HAS_BUILTIN_OVERFLOW 0 -+#endif -+ -+/* True if __builtin_add_overflow_p (A, B, C) works. */ -+#define _GL_HAS_BUILTIN_OVERFLOW_P (7 <= __GNUC__) - - /* The _GL*_OVERFLOW macros have the same restrictions as the - *_RANGE_OVERFLOW macros, except that they do not assume that operands - (e.g., A and B) have the same type as MIN and MAX. Instead, they assume - that the result (e.g., A + B) has that type. */ --#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL --# define _GL_ADD_OVERFLOW(a, b, min, max) -- __builtin_add_overflow (a, b, (__typeof__ ((a) + (b)) *) 0) --# define _GL_SUBTRACT_OVERFLOW(a, b, min, max) -- __builtin_sub_overflow (a, b, (__typeof__ ((a) - (b)) *) 0) --# define _GL_MULTIPLY_OVERFLOW(a, b, min, max) -- __builtin_mul_overflow (a, b, (__typeof__ ((a) * (b)) *) 0) -+#if _GL_HAS_BUILTIN_OVERFLOW_P -+# define _GL_ADD_OVERFLOW(a, b, min, max) \ -+ __builtin_add_overflow_p (a, b, (__typeof__ ((a) + (b))) 0) -+# define _GL_SUBTRACT_OVERFLOW(a, b, min, max) \ -+ __builtin_sub_overflow_p (a, b, (__typeof__ ((a) - (b))) 0) -+# define _GL_MULTIPLY_OVERFLOW(a, b, min, max) \ -+ __builtin_mul_overflow_p (a, b, (__typeof__ ((a) * (b))) 0) - #else - # define _GL_ADD_OVERFLOW(a, b, min, max) \ - ((min) < 0 ? INT_ADD_RANGE_OVERFLOW (a, b, min, max) \ -@@ -315,7 +318,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - _GL_BINARY_OP_OVERFLOW (a, b, _GL_ADD_OVERFLOW) - #define INT_SUBTRACT_OVERFLOW(a, b) \ - _GL_BINARY_OP_OVERFLOW (a, b, _GL_SUBTRACT_OVERFLOW) --#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL -+#if _GL_HAS_BUILTIN_OVERFLOW_P - # define INT_NEGATE_OVERFLOW(a) INT_SUBTRACT_OVERFLOW (0, a) - #else - # define INT_NEGATE_OVERFLOW(a) \ -@@ -349,10 +352,6 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - #define INT_MULTIPLY_WRAPV(a, b, r) \ - _GL_INT_OP_WRAPV (a, b, r, *, __builtin_mul_overflow, INT_MULTIPLY_OVERFLOW) - --#ifndef __has_builtin --# define __has_builtin(x) 0 --#endif -- - /* Nonzero if this compiler has GCC bug 68193 or Clang bug 25390. See: - https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68193 - https://llvm.org/bugs/show_bug.cgi?id=25390 -@@ -369,17 +368,17 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - the operation. BUILTIN is the builtin operation, and OVERFLOW the - overflow predicate. Return 1 if the result overflows. See above - for restrictions. */ --#if 5 <= __GNUC__ || __has_builtin (__builtin_add_overflow) -+#if _GL_HAS_BUILTIN_OVERFLOW - # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) builtin (a, b, r) - #elif 201112 <= __STDC_VERSION__ && !_GL__GENERIC_BOGUS - # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) \ - (_Generic \ - (*(r), \ - signed char: \ -- _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned char, \ -+ _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ - signed char, SCHAR_MIN, SCHAR_MAX), \ - short int: \ -- _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned short int, \ -+ _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ - short int, SHRT_MIN, SHRT_MAX), \ - int: \ - _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ -@@ -393,10 +392,10 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - #else - # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) \ - (sizeof *(r) == sizeof (signed char) \ -- ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned char, \ -+ ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ - signed char, SCHAR_MIN, SCHAR_MAX) \ - : sizeof *(r) == sizeof (short int) \ -- ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned short int, \ -+ ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ - short int, SHRT_MIN, SHRT_MAX) \ - : sizeof *(r) == sizeof (int) \ - ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ -@@ -412,15 +411,14 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - # else - # define _GL_INT_OP_WRAPV_LONGISH(a, b, r, op, overflow) \ - _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, \ -- long int, LONG_MIN, LONG_MAX)) -+ long int, LONG_MIN, LONG_MAX) - # endif - #endif - - /* Store the low-order bits of A B into *R, where the operation - is given by OP. Use the unsigned type UT for calculation to avoid -- overflow problems. *R's type is T, with extremal values TMIN and -- TMAX. T must be a signed integer type. Return 1 if the result -- overflows. */ -+ overflow problems. *R's type is T, with extrema TMIN and TMAX. -+ T must be a signed integer type. Return 1 if the result overflows. */ - #define _GL_INT_OP_CALC(a, b, r, op, overflow, ut, t, tmin, tmax) \ - (sizeof ((a) op (b)) < sizeof (t) \ - ? _GL_INT_OP_CALC1 ((t) (a), (t) (b), r, op, overflow, ut, t, tmin, tmax) \ -@@ -429,17 +427,27 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - ((overflow (a, b) \ - || (EXPR_SIGNED ((a) op (b)) && ((a) op (b)) < (tmin)) \ - || (tmax) < ((a) op (b))) \ -- ? (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t, tmin, tmax), 1) \ -- : (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t, tmin, tmax), 0)) -- --/* Return A B, where the operation is given by OP. Use the -- unsigned type UT for calculation to avoid overflow problems. -- Convert the result to type T without overflow by subtracting TMIN -- from large values before converting, and adding it afterwards. -- Compilers can optimize all the operations except OP. */ --#define _GL_INT_OP_WRAPV_VIA_UNSIGNED(a, b, op, ut, t, tmin, tmax) \ -- (((ut) (a) op (ut) (b)) <= (tmax) \ -- ? (t) ((ut) (a) op (ut) (b)) \ -- : ((t) (((ut) (a) op (ut) (b)) - (tmin)) + (tmin))) -+ ? (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t), 1) \ -+ : (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t), 0)) -+ -+/* Return the low-order bits of A B, where the operation is given -+ by OP. Use the unsigned type UT for calculation to avoid undefined -+ behavior on signed integer overflow, and convert the result to type T. -+ UT is at least as wide as T and is no narrower than unsigned int, -+ T is two's complement, and there is no padding or trap representations. -+ Assume that converting UT to T yields the low-order bits, as is -+ done in all known two's-complement C compilers. E.g., see: -+ https://gcc.gnu.org/onlinedocs/gcc/Integers-implementation.html -+ -+ According to the C standard, converting UT to T yields an -+ implementation-defined result or signal for values outside T's -+ range. However, code that works around this theoretical problem -+ runs afoul of a compiler bug in Oracle Studio 12.3 x86. See: -+ https://lists.gnu.org/r/bug-gnulib/2017-04/msg00049.html -+ As the compiler bug is real, don't try to work around the -+ theoretical problem. */ -+ -+#define _GL_INT_OP_WRAPV_VIA_UNSIGNED(a, b, op, ut, t) \ -+ ((t) ((ut) (a) op (ut) (b))) - - #endif /* _GL_INTPROPS_H */ -diff --git a/oathtool/gl/intprops.h b/oathtool/gl/intprops.h -index e1fce5c..af456ff 100644 ---- a/oathtool/gl/intprops.h -+++ b/oathtool/gl/intprops.h -@@ -1,19 +1,19 @@ - /* intprops.h -- properties of integer types - -- Copyright (C) 2001-2016 Free Software Foundation, Inc. -+ Copyright (C) 2001-2018 Free Software Foundation, Inc. - - This program is free software: you can redistribute it and/or modify it -- under the terms of the GNU General Public License as published -- by the Free Software Foundation; either version 3 of the License, or -+ under the terms of the GNU Lesser General Public License as published -+ by the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU General Public License for more details. -+ GNU Lesser General Public License for more details. - -- You should have received a copy of the GNU General Public License -- along with this program. If not, see . */ -+ You should have received a copy of the GNU Lesser General Public License -+ along with this program. If not, see . */ - - /* Written by Paul Eggert. */ - -@@ -21,13 +21,12 @@ - #define _GL_INTPROPS_H - - #include --#include - - /* Return a value with the common real type of E and V and the value of V. */ - #define _GL_INT_CONVERT(e, v) (0 * (e) + (v)) - - /* Act like _GL_INT_CONVERT (E, -V) but work around a bug in IRIX 6.5 cc; see -- . */ -+ . */ - #define _GL_INT_NEGATE_CONVERT(e, v) (0 * (e) - (v)) - - /* The extra casts in the following macros work around compiler bugs, -@@ -47,12 +46,16 @@ - - /* Minimum and maximum values for integer types and expressions. */ - -+/* The width in bits of the integer type or expression T. -+ Padding bits are not supported; this is checked at compile-time below. */ -+#define TYPE_WIDTH(t) (sizeof (t) * CHAR_BIT) -+ - /* The maximum and minimum values for the integer type T. */ - #define TYPE_MINIMUM(t) ((t) ~ TYPE_MAXIMUM (t)) - #define TYPE_MAXIMUM(t) \ - ((t) (! TYPE_SIGNED (t) \ - ? (t) -1 \ -- : ((((t) 1 << (sizeof (t) * CHAR_BIT - 2)) - 1) * 2 + 1))) -+ : ((((t) 1 << (TYPE_WIDTH (t) - 2)) - 1) * 2 + 1))) - - /* The maximum and minimum values for the type of the expression E, - after integer promotion. E should not have side effects. */ -@@ -65,29 +68,23 @@ - ? _GL_SIGNED_INT_MAXIMUM (e) \ - : _GL_INT_NEGATE_CONVERT (e, 1)) - #define _GL_SIGNED_INT_MAXIMUM(e) \ -- (((_GL_INT_CONVERT (e, 1) << (sizeof ((e) + 0) * CHAR_BIT - 2)) - 1) * 2 + 1) -+ (((_GL_INT_CONVERT (e, 1) << (TYPE_WIDTH ((e) + 0) - 2)) - 1) * 2 + 1) -+ -+/* Work around OpenVMS incompatibility with C99. */ -+#if !defined LLONG_MAX && defined __INT64_MAX -+# define LLONG_MAX __INT64_MAX -+# define LLONG_MIN __INT64_MIN -+#endif - - /* This include file assumes that signed types are two's complement without - padding bits; the above macros have undefined behavior otherwise. - If this is a problem for you, please let us know how to fix it for your host. -- As a sanity check, test the assumption for some signed types that -- bounds. */ --verify (TYPE_MINIMUM (signed char) == SCHAR_MIN); --verify (TYPE_MAXIMUM (signed char) == SCHAR_MAX); --verify (TYPE_MINIMUM (short int) == SHRT_MIN); --verify (TYPE_MAXIMUM (short int) == SHRT_MAX); --verify (TYPE_MINIMUM (int) == INT_MIN); --verify (TYPE_MAXIMUM (int) == INT_MAX); --verify (TYPE_MINIMUM (long int) == LONG_MIN); --verify (TYPE_MAXIMUM (long int) == LONG_MAX); --#ifdef LLONG_MAX --verify (TYPE_MINIMUM (long long int) == LLONG_MIN); --verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); --#endif -+ This assumption is tested by the intprops-tests module. */ - - /* Does the __typeof__ keyword work? This could be done by - 'configure', but for now it's easier to do it by hand. */ --#if (2 <= __GNUC__ || defined __IBM__TYPEOF__ \ -+#if (2 <= __GNUC__ \ -+ || (1210 <= __IBMC__ && defined __IBM__TYPEOF__) \ - || (0x5110 <= __SUNPRO_C && !__STDC__)) - # define _GL_HAVE___TYPEOF__ 1 - #else -@@ -116,8 +113,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - signed, this macro may overestimate the true bound by one byte when - applied to unsigned types of size 2, 4, 16, ... bytes. */ - #define INT_STRLEN_BOUND(t) \ -- (INT_BITS_STRLEN_BOUND (sizeof (t) * CHAR_BIT \ -- - _GL_SIGNED_TYPE_OR_EXPR (t)) \ -+ (INT_BITS_STRLEN_BOUND (TYPE_WIDTH (t) - _GL_SIGNED_TYPE_OR_EXPR (t)) \ - + _GL_SIGNED_TYPE_OR_EXPR (t)) - - /* Bound on buffer size needed to represent an integer type or expression T, -@@ -183,7 +179,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - /* Return 1 if A * B would overflow in [MIN,MAX] arithmetic. - See above for restrictions. Avoid && and || as they tickle - bugs in Sun C 5.11 2010/08/13 and other compilers; see -- . */ -+ . */ - #define INT_MULTIPLY_RANGE_OVERFLOW(a, b, min, max) \ - ((b) < 0 \ - ? ((a) < 0 \ -@@ -222,20 +218,27 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - ? (a) < (min) >> (b) \ - : (max) >> (b) < (a)) - --/* True if __builtin_add_overflow (A, B, P) works when P is null. */ --#define _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL (7 <= __GNUC__) -+/* True if __builtin_add_overflow (A, B, P) works when P is non-null. */ -+#if 5 <= __GNUC__ && !defined __ICC -+# define _GL_HAS_BUILTIN_OVERFLOW 1 -+#else -+# define _GL_HAS_BUILTIN_OVERFLOW 0 -+#endif -+ -+/* True if __builtin_add_overflow_p (A, B, C) works. */ -+#define _GL_HAS_BUILTIN_OVERFLOW_P (7 <= __GNUC__) - - /* The _GL*_OVERFLOW macros have the same restrictions as the - *_RANGE_OVERFLOW macros, except that they do not assume that operands - (e.g., A and B) have the same type as MIN and MAX. Instead, they assume - that the result (e.g., A + B) has that type. */ --#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL --# define _GL_ADD_OVERFLOW(a, b, min, max) -- __builtin_add_overflow (a, b, (__typeof__ ((a) + (b)) *) 0) --# define _GL_SUBTRACT_OVERFLOW(a, b, min, max) -- __builtin_sub_overflow (a, b, (__typeof__ ((a) - (b)) *) 0) --# define _GL_MULTIPLY_OVERFLOW(a, b, min, max) -- __builtin_mul_overflow (a, b, (__typeof__ ((a) * (b)) *) 0) -+#if _GL_HAS_BUILTIN_OVERFLOW_P -+# define _GL_ADD_OVERFLOW(a, b, min, max) \ -+ __builtin_add_overflow_p (a, b, (__typeof__ ((a) + (b))) 0) -+# define _GL_SUBTRACT_OVERFLOW(a, b, min, max) \ -+ __builtin_sub_overflow_p (a, b, (__typeof__ ((a) - (b))) 0) -+# define _GL_MULTIPLY_OVERFLOW(a, b, min, max) \ -+ __builtin_mul_overflow_p (a, b, (__typeof__ ((a) * (b))) 0) - #else - # define _GL_ADD_OVERFLOW(a, b, min, max) \ - ((min) < 0 ? INT_ADD_RANGE_OVERFLOW (a, b, min, max) \ -@@ -315,7 +318,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - _GL_BINARY_OP_OVERFLOW (a, b, _GL_ADD_OVERFLOW) - #define INT_SUBTRACT_OVERFLOW(a, b) \ - _GL_BINARY_OP_OVERFLOW (a, b, _GL_SUBTRACT_OVERFLOW) --#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL -+#if _GL_HAS_BUILTIN_OVERFLOW_P - # define INT_NEGATE_OVERFLOW(a) INT_SUBTRACT_OVERFLOW (0, a) - #else - # define INT_NEGATE_OVERFLOW(a) \ -@@ -349,10 +352,6 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - #define INT_MULTIPLY_WRAPV(a, b, r) \ - _GL_INT_OP_WRAPV (a, b, r, *, __builtin_mul_overflow, INT_MULTIPLY_OVERFLOW) - --#ifndef __has_builtin --# define __has_builtin(x) 0 --#endif -- - /* Nonzero if this compiler has GCC bug 68193 or Clang bug 25390. See: - https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68193 - https://llvm.org/bugs/show_bug.cgi?id=25390 -@@ -369,17 +368,17 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - the operation. BUILTIN is the builtin operation, and OVERFLOW the - overflow predicate. Return 1 if the result overflows. See above - for restrictions. */ --#if 5 <= __GNUC__ || __has_builtin (__builtin_add_overflow) -+#if _GL_HAS_BUILTIN_OVERFLOW - # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) builtin (a, b, r) - #elif 201112 <= __STDC_VERSION__ && !_GL__GENERIC_BOGUS - # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) \ - (_Generic \ - (*(r), \ - signed char: \ -- _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned char, \ -+ _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ - signed char, SCHAR_MIN, SCHAR_MAX), \ - short int: \ -- _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned short int, \ -+ _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ - short int, SHRT_MIN, SHRT_MAX), \ - int: \ - _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ -@@ -393,10 +392,10 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - #else - # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) \ - (sizeof *(r) == sizeof (signed char) \ -- ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned char, \ -+ ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ - signed char, SCHAR_MIN, SCHAR_MAX) \ - : sizeof *(r) == sizeof (short int) \ -- ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned short int, \ -+ ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ - short int, SHRT_MIN, SHRT_MAX) \ - : sizeof *(r) == sizeof (int) \ - ? _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned int, \ -@@ -412,15 +411,14 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - # else - # define _GL_INT_OP_WRAPV_LONGISH(a, b, r, op, overflow) \ - _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, \ -- long int, LONG_MIN, LONG_MAX)) -+ long int, LONG_MIN, LONG_MAX) - # endif - #endif - - /* Store the low-order bits of A B into *R, where the operation - is given by OP. Use the unsigned type UT for calculation to avoid -- overflow problems. *R's type is T, with extremal values TMIN and -- TMAX. T must be a signed integer type. Return 1 if the result -- overflows. */ -+ overflow problems. *R's type is T, with extrema TMIN and TMAX. -+ T must be a signed integer type. Return 1 if the result overflows. */ - #define _GL_INT_OP_CALC(a, b, r, op, overflow, ut, t, tmin, tmax) \ - (sizeof ((a) op (b)) < sizeof (t) \ - ? _GL_INT_OP_CALC1 ((t) (a), (t) (b), r, op, overflow, ut, t, tmin, tmax) \ -@@ -429,17 +427,27 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); - ((overflow (a, b) \ - || (EXPR_SIGNED ((a) op (b)) && ((a) op (b)) < (tmin)) \ - || (tmax) < ((a) op (b))) \ -- ? (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t, tmin, tmax), 1) \ -- : (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t, tmin, tmax), 0)) -- --/* Return A B, where the operation is given by OP. Use the -- unsigned type UT for calculation to avoid overflow problems. -- Convert the result to type T without overflow by subtracting TMIN -- from large values before converting, and adding it afterwards. -- Compilers can optimize all the operations except OP. */ --#define _GL_INT_OP_WRAPV_VIA_UNSIGNED(a, b, op, ut, t, tmin, tmax) \ -- (((ut) (a) op (ut) (b)) <= (tmax) \ -- ? (t) ((ut) (a) op (ut) (b)) \ -- : ((t) (((ut) (a) op (ut) (b)) - (tmin)) + (tmin))) -+ ? (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t), 1) \ -+ : (*(r) = _GL_INT_OP_WRAPV_VIA_UNSIGNED (a, b, op, ut, t), 0)) -+ -+/* Return the low-order bits of A B, where the operation is given -+ by OP. Use the unsigned type UT for calculation to avoid undefined -+ behavior on signed integer overflow, and convert the result to type T. -+ UT is at least as wide as T and is no narrower than unsigned int, -+ T is two's complement, and there is no padding or trap representations. -+ Assume that converting UT to T yields the low-order bits, as is -+ done in all known two's-complement C compilers. E.g., see: -+ https://gcc.gnu.org/onlinedocs/gcc/Integers-implementation.html -+ -+ According to the C standard, converting UT to T yields an -+ implementation-defined result or signal for values outside T's -+ range. However, code that works around this theoretical problem -+ runs afoul of a compiler bug in Oracle Studio 12.3 x86. See: -+ https://lists.gnu.org/r/bug-gnulib/2017-04/msg00049.html -+ As the compiler bug is real, don't try to work around the -+ theoretical problem. */ -+ -+#define _GL_INT_OP_WRAPV_VIA_UNSIGNED(a, b, op, ut, t) \ -+ ((t) ((ut) (a) op (ut) (b))) - - #endif /* _GL_INTPROPS_H */ diff --git a/oath-toolkit.spec b/oath-toolkit.spec index fd9a136..a6c7ee5 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit -Version: 2.6.2 -Release: 6%{?dist} +Version: 2.6.3 +Release: 1%{?dist} License: GPLv3+ Summary: One-time password components BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel @@ -13,9 +13,7 @@ Patch0: oath-toolkit-2.0.2-man-fix.patch # Fix invalid reads due to references to old (freed) xmlDoc, # upstream ticket #108736 Patch1: oath-toolkit-2.4.1-retain-original-xmldoc.patch -# rhbz#1605276 -Patch2: oath-toolkit-2.6.2-build-fix.patch -Patch3: oath-toolkit-2.6.2-lockfile.patch +Patch2: oath-toolkit-2.6.2-lockfile.patch %description The OATH Toolkit provide components for building one-time password @@ -113,8 +111,7 @@ A PAM module for pluggable login authentication for OATH. %setup -q %patch0 -p1 -b .man-fix %patch1 -p1 -b .retain-original-xmldoc -%patch2 -p1 -b .build-fix -%patch3 -p1 -b .lockfile +%patch2 -p1 -b .lockfile %build autoreconf -fi @@ -186,6 +183,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Mon Nov 9 2020 Jaroslav Škarvada - 2.6.3-1 +- New version + Resolves: rhbz#1895618 + * Tue Jul 28 2020 Fedora Release Engineering - 2.6.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild From 1269057246b4a0c638122804d8732fd73e9c7d0f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 9 Nov 2020 18:37:42 +0100 Subject: [PATCH 33/41] New version Resolves: rhbz#1895618 --- sources | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources b/sources index 58a4bc9..5febff8 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (oath-toolkit-2.6.2.tar.gz) = 201a702a05a2e9fb3a66d04750e1a34e293342126caf02c344954a0d9fd0daafe73ca7f1fe273be129ae555a29b82b72fa2b4770ea2ad10711924e1926ec2cfb +SHA512 (oath-toolkit-2.6.3.tar.gz) = 878017638c7333b23e6abd7efcca8489e4f11fce0dd25cb588b95a9368f290c1235db1d44f93a01c1492e9f057000fb8864673d9fca448bbf336090fddcfc696 From 2f12245991cffbed3978e05fb9db305bd29673c5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Thu, 12 Nov 2020 13:26:28 +0100 Subject: [PATCH 34/41] New version Resolves: rhbz#1896920 --- oath-toolkit-2.0.2-man-fix.patch | 59 ------------------- ...toolkit-2.4.1-retain-original-xmldoc.patch | 42 ------------- ...patch => oath-toolkit-2.6.4-lockfile.patch | 14 ++--- oath-toolkit.spec | 18 +++--- sources | 2 +- 5 files changed, 15 insertions(+), 120 deletions(-) delete mode 100644 oath-toolkit-2.0.2-man-fix.patch delete mode 100644 oath-toolkit-2.4.1-retain-original-xmldoc.patch rename oath-toolkit-2.6.2-lockfile.patch => oath-toolkit-2.6.4-lockfile.patch (95%) diff --git a/oath-toolkit-2.0.2-man-fix.patch b/oath-toolkit-2.0.2-man-fix.patch deleted file mode 100644 index 9349065..0000000 --- a/oath-toolkit-2.0.2-man-fix.patch +++ /dev/null @@ -1,59 +0,0 @@ -diff --git a/libpskc/man/pskc_get_key_algparm_chall_max.3 b/libpskc/man/pskc_get_key_algparm_chall_max.3 -index 6ae79a3..2001320 100644 ---- a/libpskc/man/pskc_get_key_algparm_chall_max.3 -+++ b/libpskc/man/pskc_get_key_algparm_chall_max.3 -@@ -15,8 +15,8 @@ output variable indicating whether data was provided or not. - Get the PSKC KeyPackage Key AlgorithmParameters ChallengeFormat Max - value. This attribute defines the maximum size of the challenge - accepted by the device for CR mode and MUST be included. If the --'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or --'ALPHANUMERIC', this value indicates the maximum number of -+\&'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or -+\&'ALPHANUMERIC', this value indicates the maximum number of - digits/characters. If the 'Encoding' attribute is set to 'BASE64' - or 'BINARY', this value indicates the maximum number of bytes of - the unencoded value. -diff --git a/libpskc/man/pskc_get_key_algparm_chall_min.3 b/libpskc/man/pskc_get_key_algparm_chall_min.3 -index 85009d6..6e51e52 100644 ---- a/libpskc/man/pskc_get_key_algparm_chall_min.3 -+++ b/libpskc/man/pskc_get_key_algparm_chall_min.3 -@@ -15,8 +15,8 @@ output variable indicating whether data was provided or not. - Get the PSKC KeyPackage Key AlgorithmParameters ChallengeFormat Min - value. This attribute defines the minimum size of the challenge - accepted by the device for CR mode and MUST be included. If the --'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or --'ALPHANUMERIC', this value indicates the minimum number of -+\&'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or -+\&'ALPHANUMERIC', this value indicates the minimum number of - digits/characters. If the 'Encoding' attribute is set to 'BASE64' - or 'BINARY', this value indicates the minimum number of bytes of - the unencoded value. -diff --git a/libpskc/man/pskc_get_key_policy_pinmaxlength.3 b/libpskc/man/pskc_get_key_policy_pinmaxlength.3 -index be96a9a..d4ce51e 100644 ---- a/libpskc/man/pskc_get_key_policy_pinmaxlength.3 -+++ b/libpskc/man/pskc_get_key_policy_pinmaxlength.3 -@@ -16,9 +16,9 @@ Get the PSKC KeyPackage Key Policy PINPolicy MaxLength value. This - attribute indicates the maximum length of a PIN that can be set to - protect this key. It MUST NOT be possible to set a PIN longer than - this value. If the 'PINFormat' attribute is set to 'DECIMAL', --'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates the number -+\&'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates the number - of digits/ characters. If the 'PINFormat' attribute is set to --'BASE64' or 'BINARY', this value indicates the number of bytes of -+\&'BASE64' or 'BINARY', this value indicates the number of bytes of - the unencoded value. - - If \fIpresent\fP is non\-NULL, it will be 0 if the field is not present -diff --git a/libpskc/man/pskc_get_key_policy_pinminlength.3 b/libpskc/man/pskc_get_key_policy_pinminlength.3 -index c00523d..a5efe53 100644 ---- a/libpskc/man/pskc_get_key_policy_pinminlength.3 -+++ b/libpskc/man/pskc_get_key_policy_pinminlength.3 -@@ -16,7 +16,7 @@ Get the PSKC KeyPackage Key Policy PINPolicy MinLength value. This - attribute indicates the minimum length of a PIN that can be set to - protect the associated key. It MUST NOT be possible to set a PIN - shorter than this value. If the 'PINFormat' attribute is set to --'DECIMAL', 'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates -+\&'DECIMAL', 'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates - the number of digits/ characters. If the 'PINFormat' attribute is - set to 'BASE64' or 'BINARY', this value indicates the number of - bytes of the unencoded value. diff --git a/oath-toolkit-2.4.1-retain-original-xmldoc.patch b/oath-toolkit-2.4.1-retain-original-xmldoc.patch deleted file mode 100644 index 07530cd..0000000 --- a/oath-toolkit-2.4.1-retain-original-xmldoc.patch +++ /dev/null @@ -1,42 +0,0 @@ ---- a/libpskc/build.c -+++ a/libpskc/build.c -@@ -510,7 +510,7 @@ pskc_build_xml (pskc_t * container, char **out, size_t * len) - - xmlDocSetRootElement (doc, keycont); - -- if (container->xmldoc) -+ if (container->xmldoc && container->xmldoc != container->original_xmldoc) - xmlFreeDoc (container->xmldoc); - container->xmldoc = doc; - doc = NULL; ---- a/libpskc/internal.h -+++ a/libpskc/internal.h -@@ -103,7 +103,7 @@ struct pskc_key - struct pskc - { - /* raw XML */ -- xmlDocPtr xmldoc; -+ xmlDocPtr xmldoc, original_xmldoc; - /* Is there a Signature element in xmldoc? */ - int signed_p; - ---- a/libpskc/parser.c -+++ a/libpskc/parser.c -@@ -677,6 +677,8 @@ pskc_done (pskc_t * container) - return; - - xmlFreeDoc (container->xmldoc); -+ if (container->original_xmldoc != container->xmldoc) -+ xmlFreeDoc (container->original_xmldoc); - - for (i = 0; i < container->nkeypackages; i++) - { -@@ -717,7 +719,7 @@ pskc_parse_from_memory (pskc_t * container, size_t len, const char *buffer) - if (xmldoc == NULL) - return PSKC_XML_ERROR; - -- container->xmldoc = xmldoc; -+ container->original_xmldoc = container->xmldoc = xmldoc; - - root = xmlDocGetRootElement (xmldoc); - parse_keycontainer (container, root, &rc); diff --git a/oath-toolkit-2.6.2-lockfile.patch b/oath-toolkit-2.6.4-lockfile.patch similarity index 95% rename from oath-toolkit-2.6.2-lockfile.patch rename to oath-toolkit-2.6.4-lockfile.patch index ef672bf..befed30 100644 --- a/oath-toolkit-2.6.2-lockfile.patch +++ b/oath-toolkit-2.6.4-lockfile.patch @@ -1,5 +1,5 @@ diff --git a/liboath/global.c b/liboath/global.c -index 6fb51fd..251ad15 100644 +index 89c18c5..7fc7b8a 100644 --- a/liboath/global.c +++ b/liboath/global.c @@ -25,9 +25,12 @@ @@ -61,7 +61,7 @@ index 6fb51fd..251ad15 100644 + return OATH_OK; +} diff --git a/liboath/liboath.map b/liboath/liboath.map -index 010c512..fd32e07 100644 +index 5e31cef..436cd65 100644 --- a/liboath/liboath.map +++ b/liboath/liboath.map @@ -75,6 +75,7 @@ LIBOATH_2.2.0 @@ -73,7 +73,7 @@ index 010c512..fd32e07 100644 LIBOATH_2.6.0 diff --git a/liboath/oath.h b/liboath/oath.h -index 7819c02..8bb5fc6 100644 +index 0786453..14b579c 100644 --- a/liboath/oath.h +++ b/liboath/oath.h @@ -136,11 +136,15 @@ typedef enum @@ -93,7 +93,7 @@ index 7819c02..8bb5fc6 100644 extern OATHAPI const char *oath_strerror (int err); diff --git a/liboath/oath.h.in b/liboath/oath.h.in -index 524e9ac..4d5cddc 100644 +index 8654342..17fddd3 100644 --- a/liboath/oath.h.in +++ b/liboath/oath.h.in @@ -136,11 +136,15 @@ typedef enum @@ -113,7 +113,7 @@ index 524e9ac..4d5cddc 100644 extern OATHAPI const char *oath_strerror (int err); diff --git a/liboath/usersfile.c b/liboath/usersfile.c -index 3442fd2..066f936 100644 +index 9da30fe..d9bd943 100644 --- a/liboath/usersfile.c +++ b/liboath/usersfile.c @@ -323,9 +323,18 @@ update_usersfile (const char *usersfile, @@ -139,7 +139,7 @@ index 3442fd2..066f936 100644 lockfh = fopen (lockfile, "w"); if (!lockfh) diff --git a/pam_oath/pam_oath.c b/pam_oath/pam_oath.c -index 57fd33c..aa041e3 100644 +index 8ac4605..ef4d034 100644 --- a/pam_oath/pam_oath.c +++ b/pam_oath/pam_oath.c @@ -70,6 +70,7 @@ struct cfg @@ -175,7 +175,7 @@ index 57fd33c..aa041e3 100644 D (("digits=%d", cfg->digits)); D (("window=%d", cfg->window)); } -@@ -189,6 +194,17 @@ pam_sm_authenticate (pam_handle_t * pamh, +@@ -206,6 +211,17 @@ pam_sm_authenticate (pam_handle_t * pamh, goto done; } diff --git a/oath-toolkit.spec b/oath-toolkit.spec index a6c7ee5..144c2e6 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,5 +1,5 @@ Name: oath-toolkit -Version: 2.6.3 +Version: 2.6.4 Release: 1%{?dist} License: GPLv3+ Summary: One-time password components @@ -7,13 +7,7 @@ BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel, autoconf, automake Source0: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz URL: http://www.nongnu.org/oath-toolkit/ -# Escape leading single quotes in man pages which are misinterpreted as macros, -# patch sent upstream, upstream ticket #108312 -Patch0: oath-toolkit-2.0.2-man-fix.patch -# Fix invalid reads due to references to old (freed) xmlDoc, -# upstream ticket #108736 -Patch1: oath-toolkit-2.4.1-retain-original-xmldoc.patch -Patch2: oath-toolkit-2.6.2-lockfile.patch +Patch0: oath-toolkit-2.6.4-lockfile.patch %description The OATH Toolkit provide components for building one-time password @@ -109,9 +103,7 @@ A PAM module for pluggable login authentication for OATH. %prep %setup -q -%patch0 -p1 -b .man-fix -%patch1 -p1 -b .retain-original-xmldoc -%patch2 -p1 -b .lockfile +%patch0 -p1 -b .lockfile %build autoreconf -fi @@ -183,6 +175,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu Nov 12 2020 Jaroslav Škarvada - 2.6.4-1 +- New version + Resolves: rhbz#1896920 + * Mon Nov 9 2020 Jaroslav Škarvada - 2.6.3-1 - New version Resolves: rhbz#1895618 diff --git a/sources b/sources index 5febff8..38d025d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (oath-toolkit-2.6.3.tar.gz) = 878017638c7333b23e6abd7efcca8489e4f11fce0dd25cb588b95a9368f290c1235db1d44f93a01c1492e9f057000fb8864673d9fca448bbf336090fddcfc696 +SHA512 (oath-toolkit-2.6.4.tar.gz) = a77b3250769e763eb0fa5904339d82ec962709225aeff8176d65e460961826690a040c0de76969134256aad74429629891ca2bd8b9a8fc849d58d99ecf559197 From 00790e226960be4f580bbd8b7c4778b403c1eb98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 4 Jan 2021 18:35:30 +0100 Subject: [PATCH 35/41] New version Resolves: rhbz#1911419 --- ....4-lockfile.patch => oath-toolkit-2.6.5-lockfile.patch | 6 +++--- oath-toolkit.spec | 8 ++++++-- sources | 2 +- 3 files changed, 10 insertions(+), 6 deletions(-) rename oath-toolkit-2.6.4-lockfile.patch => oath-toolkit-2.6.5-lockfile.patch (97%) diff --git a/oath-toolkit-2.6.4-lockfile.patch b/oath-toolkit-2.6.5-lockfile.patch similarity index 97% rename from oath-toolkit-2.6.4-lockfile.patch rename to oath-toolkit-2.6.5-lockfile.patch index befed30..e26c0eb 100644 --- a/oath-toolkit-2.6.4-lockfile.patch +++ b/oath-toolkit-2.6.5-lockfile.patch @@ -73,7 +73,7 @@ index 5e31cef..436cd65 100644 LIBOATH_2.6.0 diff --git a/liboath/oath.h b/liboath/oath.h -index 0786453..14b579c 100644 +index 9d1a277..7ceeaa7 100644 --- a/liboath/oath.h +++ b/liboath/oath.h @@ -136,11 +136,15 @@ typedef enum @@ -139,7 +139,7 @@ index 9da30fe..d9bd943 100644 lockfh = fopen (lockfile, "w"); if (!lockfh) diff --git a/pam_oath/pam_oath.c b/pam_oath/pam_oath.c -index 8ac4605..ef4d034 100644 +index 89310b5..def004f 100644 --- a/pam_oath/pam_oath.c +++ b/pam_oath/pam_oath.c @@ -70,6 +70,7 @@ struct cfg @@ -175,7 +175,7 @@ index 8ac4605..ef4d034 100644 D (("digits=%d", cfg->digits)); D (("window=%d", cfg->window)); } -@@ -206,6 +211,17 @@ pam_sm_authenticate (pam_handle_t * pamh, +@@ -209,6 +214,17 @@ pam_sm_authenticate (pam_handle_t * pamh, goto done; } diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 144c2e6..488c621 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,5 +1,5 @@ Name: oath-toolkit -Version: 2.6.4 +Version: 2.6.5 Release: 1%{?dist} License: GPLv3+ Summary: One-time password components @@ -7,7 +7,7 @@ BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel, autoconf, automake Source0: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz URL: http://www.nongnu.org/oath-toolkit/ -Patch0: oath-toolkit-2.6.4-lockfile.patch +Patch0: oath-toolkit-2.6.5-lockfile.patch %description The OATH Toolkit provide components for building one-time password @@ -175,6 +175,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Mon Jan 4 2021 Jaroslav Škarvada - 2.6.5-1 +- New version + Resolves: rhbz#1911419 + * Thu Nov 12 2020 Jaroslav Škarvada - 2.6.4-1 - New version Resolves: rhbz#1896920 diff --git a/sources b/sources index 38d025d..491a930 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (oath-toolkit-2.6.4.tar.gz) = a77b3250769e763eb0fa5904339d82ec962709225aeff8176d65e460961826690a040c0de76969134256aad74429629891ca2bd8b9a8fc849d58d99ecf559197 +SHA512 (oath-toolkit-2.6.5.tar.gz) = 508eb87ef62117df28fc74f099d077a1092901e66de6b099ea7c2954fc552a252a243a34de972a2dd4e92cdafb1b831b1fb92c746ab0dc49a8588fca210843ba From 9d265ea15d11e6d1534af36974c51bcc3f4bb5fe Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Thu, 7 Jan 2021 06:07:44 +0000 Subject: [PATCH 36/41] Add BuildRequires: make https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot --- oath-toolkit.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 488c621..0eb2aaa 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -3,6 +3,7 @@ Version: 2.6.5 Release: 1%{?dist} License: GPLv3+ Summary: One-time password components +BuildRequires: make BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel, autoconf, automake Source0: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz From cc2a386fb336bd798e27da280a74762d1926182e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Thu, 21 Jan 2021 00:33:56 +0100 Subject: [PATCH 37/41] New version Resolves: rhbz#1918498 Updated source URL --- ...le.patch => oath-toolkit-2.6.6-lockfile.patch | 16 ++++++++-------- oath-toolkit.spec | 13 +++++++++---- sources | 2 +- 3 files changed, 18 insertions(+), 13 deletions(-) rename oath-toolkit-2.6.5-lockfile.patch => oath-toolkit-2.6.6-lockfile.patch (95%) diff --git a/oath-toolkit-2.6.5-lockfile.patch b/oath-toolkit-2.6.6-lockfile.patch similarity index 95% rename from oath-toolkit-2.6.5-lockfile.patch rename to oath-toolkit-2.6.6-lockfile.patch index e26c0eb..7c62440 100644 --- a/oath-toolkit-2.6.5-lockfile.patch +++ b/oath-toolkit-2.6.6-lockfile.patch @@ -1,5 +1,5 @@ diff --git a/liboath/global.c b/liboath/global.c -index 89c18c5..7fc7b8a 100644 +index d442cf3..cfe1cee 100644 --- a/liboath/global.c +++ b/liboath/global.c @@ -25,9 +25,12 @@ @@ -61,7 +61,7 @@ index 89c18c5..7fc7b8a 100644 + return OATH_OK; +} diff --git a/liboath/liboath.map b/liboath/liboath.map -index 5e31cef..436cd65 100644 +index 2f247ff..e8f8cdf 100644 --- a/liboath/liboath.map +++ b/liboath/liboath.map @@ -75,6 +75,7 @@ LIBOATH_2.2.0 @@ -73,10 +73,10 @@ index 5e31cef..436cd65 100644 LIBOATH_2.6.0 diff --git a/liboath/oath.h b/liboath/oath.h -index 9d1a277..7ceeaa7 100644 +index 04dc23d..5d4c0af 100644 --- a/liboath/oath.h +++ b/liboath/oath.h -@@ -136,11 +136,15 @@ typedef enum +@@ -155,11 +155,15 @@ typedef enum /* Global */ @@ -93,10 +93,10 @@ index 9d1a277..7ceeaa7 100644 extern OATHAPI const char *oath_strerror (int err); diff --git a/liboath/oath.h.in b/liboath/oath.h.in -index 8654342..17fddd3 100644 +index 709bb2b..b2f8a0f 100644 --- a/liboath/oath.h.in +++ b/liboath/oath.h.in -@@ -136,11 +136,15 @@ typedef enum +@@ -155,11 +155,15 @@ typedef enum /* Global */ @@ -113,7 +113,7 @@ index 8654342..17fddd3 100644 extern OATHAPI const char *oath_strerror (int err); diff --git a/liboath/usersfile.c b/liboath/usersfile.c -index 9da30fe..d9bd943 100644 +index 2c51da2..cb6a85f 100644 --- a/liboath/usersfile.c +++ b/liboath/usersfile.c @@ -323,9 +323,18 @@ update_usersfile (const char *usersfile, @@ -139,7 +139,7 @@ index 9da30fe..d9bd943 100644 lockfh = fopen (lockfile, "w"); if (!lockfh) diff --git a/pam_oath/pam_oath.c b/pam_oath/pam_oath.c -index 89310b5..def004f 100644 +index ba577b4..c0fd13e 100644 --- a/pam_oath/pam_oath.c +++ b/pam_oath/pam_oath.c @@ -70,6 +70,7 @@ struct cfg diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 0eb2aaa..e8bbb8f 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,14 +1,14 @@ Name: oath-toolkit -Version: 2.6.5 +Version: 2.6.6 Release: 1%{?dist} License: GPLv3+ Summary: One-time password components BuildRequires: make BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel, autoconf, automake -Source0: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz -URL: http://www.nongnu.org/oath-toolkit/ -Patch0: oath-toolkit-2.6.5-lockfile.patch +Source0: https://download.savannah.nongnu.org/releases/%{name}/%{name}-%{version}.tar.gz +URL: https://www.nongnu.org/oath-toolkit/ +Patch0: oath-toolkit-2.6.6-lockfile.patch %description The OATH Toolkit provide components for building one-time password @@ -176,6 +176,11 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Wed Jan 20 2021 Jaroslav Škarvada - 2.6.6-1 +- New version + Resolves: rhbz#1918498 +- Updated source URL + * Mon Jan 4 2021 Jaroslav Škarvada - 2.6.5-1 - New version Resolves: rhbz#1911419 diff --git a/sources b/sources index 491a930..24b6cda 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (oath-toolkit-2.6.5.tar.gz) = 508eb87ef62117df28fc74f099d077a1092901e66de6b099ea7c2954fc552a252a243a34de972a2dd4e92cdafb1b831b1fb92c746ab0dc49a8588fca210843ba +SHA512 (oath-toolkit-2.6.6.tar.gz) = f5b6beee6e2afdcb2edfa0046650cb5cc6dee2dc759ce5db3a0350d579d589d35efc51ebcab1f353f103138b7de0ccfb6f3246d0e11ae81f4b31b63cbf9908be From 762e2eda42d0838152727fdc41ed8a80cc6fe493 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Tue, 26 Jan 2021 21:49:57 +0000 Subject: [PATCH 38/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index e8bbb8f..3adfbbb 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.6 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv3+ Summary: One-time password components BuildRequires: make @@ -176,6 +176,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Tue Jan 26 2021 Fedora Release Engineering - 2.6.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + * Wed Jan 20 2021 Jaroslav Škarvada - 2.6.6-1 - New version Resolves: rhbz#1918498 From 62bbb9e144a4320df852c59fdb9317fd0248d7af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 3 May 2021 18:25:27 +0200 Subject: [PATCH 39/41] New version Resolves: rhbz#1955967 --- .gitignore | 2 +- gdoc | 913 ------------------ ...patch => oath-toolkit-2.6.7-lockfile.patch | 22 +- oath-toolkit.spec | 20 +- sources | 2 +- 5 files changed, 28 insertions(+), 931 deletions(-) delete mode 100644 gdoc rename oath-toolkit-2.6.6-lockfile.patch => oath-toolkit-2.6.7-lockfile.patch (90%) diff --git a/.gitignore b/.gitignore index 4734e27..537398d 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -oath-toolkit-*.tar.gz +/oath-toolkit-*.tar.gz diff --git a/gdoc b/gdoc deleted file mode 100644 index 0868329..0000000 --- a/gdoc +++ /dev/null @@ -1,913 +0,0 @@ -eval '(exit $?0)' && eval 'exec perl -S "$0" ${1+"$@"}' - & eval 'exec perl -S "$0" $argv:q' - if 0; -# Generate documentation from source code. - -## Copyright (c) 2002-2012 Simon Josefsson -## added -texinfo, -listfunc, -pkg-name -## man page revamp -## various improvements -## Copyright (c) 2001, 2002 Nikos Mavrogiannopoulos -## added -tex -## Copyright (c) 1998 Michael Zucchi - -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . - -# This will read a C source code file and scan for embedded comments -# in the style of gnome comments (+minor extensions - see below). - -# usage: -# gdoc [ -docbook | -html | -text | -man | -tex | -texinfo | -listfunc ] -# [ -sourceversion verno ] [ -include file | -includefuncprefix ] -# [ -bugsto address ] [ -pkg-name packagename ] -# [ -seeinfo infonode ] [ -copyright notice ] [ -verbatimcopying ] -# [ -function funcname [ -function funcname ...] ] c file(s)s > outputfile -# -# Set output format using one of -docbook, -html, -text, -man, -tex, -# -texinfo, or -listfunc. Default is man. -# -# -sourceversion -# Version number for source code, e.g. '1.0.4'. Used in 'man' headers. -# Defaults to using current date. -# -# -include FILE -# For man pages, mention #include in the synopsis. -# -# -includefuncprefix -# For man pages, mention a #include in the synopsis. -# The FILE derived from the function prefix. For example, a -# function gss_init_sec_context will generate an include -# statement of #include . -# -# -bugsto address -# For man pages, include a section about reporting bugs and mention -# the given e-mail address, e.g 'bug-libidn@gnu.org'. -# -# -pkg-name packagename -# For man pages when -bugsto is used, also include help URLs to the -# the project's home page. For example, "GNU Libidn". -# -# -seeinfo infonode -# For man pages, include a section that point to an info manual -# for more information. -# -# -copyright notice -# For man pages, include a copyright section with the given -# notice after a preamble. Use, e.g., '2002, 2003 Simon Josefsson'. -# -# -verbatimcopying -# For man pages, and when the -copyright parameter is used, -# add a licensing statement that say verbatim copying is permitted. -# -# -function funcname -# If set, then only generate documentation for the given function(s). All -# other functions are ignored. -# -# c files - list of 'c' files to process -# -# All output goes to stdout, with errors to stderr. - -# -# format of comments. -# In the following table, (...)? signifies optional structure. -# (...)* signifies 0 or more structure elements -# /** -# * function_name(:)? (- short description)? -# (* @parameterx: (description of parameter x)?)* -# (* a blank line)? -# * (Description:)? (Description of function)? -# * (Section header: (section description)? )* -# (*)?*/ -# -# So .. the trivial example would be: -# -# /** -# * my_function -# **/ -# -# If the Description: header tag is ommitted, then there must be a blank line -# after the last parameter specification. -# e.g. -# /** -# * my_function - does my stuff -# * @my_arg: its mine damnit -# * -# * Does my stuff explained. -# */ -# -# or, could also use: -# /** -# * my_function - does my stuff -# * @my_arg: its mine damnit -# * Description: Does my stuff explained. -# */ -# etc. -# -# All descriptions can be multiline, apart from the short function description. -# -# All descriptive text is further processed, scanning for the following special -# patterns, which are highlighted appropriately. -# -# 'funcname()' - function -# '$ENVVAR' - environmental variable OBSOLETE (?) -# '#struct_name' - name of a structure -# '@parameter' - name of a parameter -# '%CONST' - name of a constant. - -# -# Extensions for LaTeX: -# -# 1. the symbol '->' will be replaced with a rightarrow -# 2. x^y with ${x}^{y}$. -# 3. xxx\: with xxx: - -use POSIX qw(strftime); - -# match expressions used to find embedded type information -$type_constant = "\\\%(\\w+)"; -$type_func = "(\\w+\\(\\))"; -$type_param = "\\\@(\\w+)"; -$type_struct = "\\\#(\\w+)"; -$type_env = "(\\\$\\w+)"; - - -# Output conversion substitutions. -# One for each output format - -# these work fairly well -%highlights_html = ( $type_constant, "\$1", - $type_func, "\$1", - $type_struct, "\$1", - $type_param, "\$1" ); -$blankline_html = "

"; - -%highlights_texinfo = ( $type_constant, "\\\@code{\$1}", - $type_func, "\\\@code{\$1}", - $type_struct, "\\\@code{\$1}", - $type_param, "\\\@code{\$1}" ); -$blankline_texinfo = ""; - -%highlights_tex = ( $type_constant, "{\\\\it \$1}", - $type_func, "{\\\\bf \$1}", - $type_struct, "{\\\\it \$1}", - $type_param, "{\\\\bf \$1}" ); -$blankline_tex = "\\\\"; - -# sgml, docbook format -%highlights_sgml = ( $type_constant, "\$1", - $type_func, "\$1", - $type_struct, "\$1", - $type_env, "\$1", - $type_param, "\$1" ); -$blankline_sgml = "\n"; - -# these are pretty rough -%highlights_man = ( $type_constant, "\\\\fB\$1\\\\fP", - $type_func, "\\\\fB\$1\\\\fP", - $type_struct, "\\\\fB\$1\\\\fP", - $type_param, "\\\\fI\$1\\\\fP" ); -$blankline_man = ""; - -# text-mode -%highlights_text = ( $type_constant, "\$1", - $type_func, "\$1", - $type_struct, "\$1", - $type_param, "\$1" ); -$blankline_text = ""; - - -sub usage { - print "Usage: $0 [ -v ] [ -docbook | -html | -text | -man | -tex | -texinfo -listfunc ]\n"; - print " [ -sourceversion verno ] [ -include file | -includefuncprefix ]\n"; - print " [ -bugsto address ] [ -seeinfo infonode ] [ -copyright notice]\n"; - print " [ -verbatimcopying ] [ -pkg-name packagename ]\n"; - print " [ -function funcname [ -function funcname ...] ]\n"; - print " c source file(s) > outputfile\n"; - exit 1; -} - -# read arguments -if ($#ARGV==-1) { - usage(); -} - -$verbose = 0; -$output_mode = "man"; -%highlights = %highlights_man; -$blankline = $blankline_man; -$modulename = "API Documentation"; -$sourceversion = strftime "%Y-%m-%d", localtime; -$function_only = 0; -while ($ARGV[0] =~ m/^-(.*)/) { - $cmd = shift @ARGV; - if ($cmd eq "-html") { - $output_mode = "html"; - %highlights = %highlights_html; - $blankline = $blankline_html; - } elsif ($cmd eq "-man") { - $output_mode = "man"; - %highlights = %highlights_man; - $blankline = $blankline_man; - } elsif ($cmd eq "-tex") { - $output_mode = "tex"; - %highlights = %highlights_tex; - $blankline = $blankline_tex; - } elsif ($cmd eq "-texinfo") { - $output_mode = "texinfo"; - %highlights = %highlights_texinfo; - $blankline = $blankline_texinfo; - } elsif ($cmd eq "-text") { - $output_mode = "text"; - %highlights = %highlights_text; - $blankline = $blankline_text; - } elsif ($cmd eq "-docbook") { - $output_mode = "sgml"; - %highlights = %highlights_sgml; - $blankline = $blankline_sgml; - } elsif ($cmd eq "-listfunc") { - $output_mode = "listfunc"; - } elsif ($cmd eq "-module") { # not needed for sgml, inherits from calling document - $modulename = shift @ARGV; - } elsif ($cmd eq "-sourceversion") { - $sourceversion = shift @ARGV; - } elsif ($cmd eq "-include") { - $include = shift @ARGV; - } elsif ($cmd eq "-includefuncprefix") { - $includefuncprefix = 1; - } elsif ($cmd eq "-bugsto") { - $bugsto = shift @ARGV; - } elsif ($cmd eq "-pkg-name") { - $pkgname = shift @ARGV; - } elsif ($cmd eq "-copyright") { - $copyright = shift @ARGV; - } elsif ($cmd eq "-verbatimcopying") { - $verbatimcopying = 1; - } elsif ($cmd eq "-seeinfo") { - $seeinfo = shift @ARGV; - } elsif ($cmd eq "-function") { # to only output specific functions - $function_only = 1; - $function = shift @ARGV; - $function_table{$function} = 1; - } elsif ($cmd eq "-v") { - $verbose = 1; - } elsif (($cmd eq "-h") || ($cmd eq "--help")) { - usage(); - } -} - -## -# dumps section contents to arrays/hashes intended for that purpose. -# -sub dump_section { - my $name = shift @_; - my $contents = join "\n", @_; - - if ($name =~ m/$type_constant/) { - $name = $1; -# print STDERR "constant section '$1' = '$contents'\n"; - $constants{$name} = $contents; - } elsif ($name =~ m/$type_param/) { -# print STDERR "parameter def '$1' = '$contents'\n"; - $name = $1; - $parameters{$name} = $contents; - } else { -# print STDERR "other section '$name' = '$contents'\n"; - $sections{$name} = $contents; - push @sectionlist, $name; - } -} - -## -# output function -# -# parameters, a hash. -# function => "function name" -# parameterlist => @list of parameters -# parameters => %parameter descriptions -# sectionlist => @list of sections -# sections => %descriont descriptions -# - -sub repstr { - $pattern = shift; - $repl = shift; - $match1 = shift; - $match2 = shift; - $match3 = shift; - $match4 = shift; - - $output = $repl; - $output =~ s,\$1,$match1,g; - $output =~ s,\$2,$match2,g; - $output =~ s,\$3,$match3,g; - $output =~ s,\$4,$match4,g; - - eval "\$return = qq/$output/"; - -# print "pattern $pattern matched 1=$match1 2=$match2 3=$match3 4=$match4 replace $repl yielded $output interpolated $return\n"; - - $return; -} - -sub just_highlight { - my $contents = join "\n", @_; - my $line; - my $ret = ""; - - foreach $pattern (keys %highlights) { -# print "scanning pattern $pattern ($highlights{$pattern})\n"; - $contents =~ s:$pattern:repstr($pattern, $highlights{$pattern}, $1, $2, $3, $4):gse; - } - foreach $line (split "\n", $contents) { - if ($line eq ""){ - $ret = $ret . $lineprefix . $blankline; - } else { - $ret = $ret . $lineprefix . $line; - } - $ret = $ret . "\n"; - } - - return $ret; -} - -sub output_highlight { - print (just_highlight (@_)); -} - -# output in texinfo -sub output_texinfo { - my %args = %{$_[0]}; - my ($parameter, $section); - my $count; - - print "\@subheading ".$args{'function'}."\n"; - print "\@anchor{".$args{'function'}."}\n"; - print "\@deftypefun {" . $args{'functiontype'} . "} "; - print "{".$args{'function'}."} "; - print "("; - $count = 0; - foreach $parameter (@{$args{'parameterlist'}}) { - print $args{'parametertypes'}{$parameter}." \@var{".$parameter."}"; - if ($count != $#{$args{'parameterlist'}}) { - $count++; - print ", "; - } - } - print ")\n"; - foreach $parameter (@{$args{'parameterlist'}}) { - if ($args{'parameters'}{$parameter}) { - print "\@var{".$parameter."}: "; - output_highlight($args{'parameters'}{$parameter}); - print "\n"; - } - } - foreach $section (@{$args{'sectionlist'}}) { - print "\n\@strong{$section:} " if $section ne $section_default; - $args{'sections'}{$section} =~ s:([{}]):\@\1:gs; - output_highlight($args{'sections'}{$section}); - } - print "\@end deftypefun\n\n"; -} - -# output in html -sub output_html { - my %args = %{$_[0]}; - my ($parameter, $section); - my $count; - print "\n\n 

Function

\n"; - - print "".$args{'functiontype'}."\n"; - print "".$args{'function'}."\n"; - print "("; - $count = 0; - foreach $parameter (@{$args{'parameterlist'}}) { - print "".$args{'parametertypes'}{$parameter}." ".$parameter."\n"; - if ($count != $#{$args{'parameterlist'}}) { - $count++; - print ", "; - } - } - print ")\n"; - - print "

Arguments

\n"; - print "
\n"; - foreach $parameter (@{$args{'parameterlist'}}) { - print "
".$args{'parametertypes'}{$parameter}." ".$parameter."\n"; - print "
"; - output_highlight($args{'parameters'}{$parameter}); - } - print "
\n"; - foreach $section (@{$args{'sectionlist'}}) { - print "

$section

\n"; - print "
    \n"; - output_highlight($args{'sections'}{$section}); - print "
\n"; - } - print "
\n"; -} - -# output in tex -sub output_tex { - my %args = %{$_[0]}; - my ($parameter, $section); - my $count; - my $func = $args{'function'}; - my $param; - my $param2; - my $sec; - my $check; - my $type; - - $func =~ s/_/\\_/g; - - print "\n\n\\subsection{". $func . "}\n\\label{" . $args{'function'} . "}\n"; - - $type = $args{'functiontype'}; - $type =~ s/_/\\_/g; - - print "{\\it ".$type."}\n"; - print "{\\bf ".$func."}\n"; - print "("; - $count = 0; - foreach $parameter (@{$args{'parameterlist'}}) { - $param = $args{'parametertypes'}{$parameter}; - $param2 = $parameter; - $param =~ s/_/\\_/g; - $param2 =~ s/_/\\_/g; - - print "{\\it ".$param."} {\\bf ".$param2."}"; - if ($count != $#{$args{'parameterlist'}}) { - $count++; - print ", "; - } - } - print ")\n"; - - print "\n{\\large{Arguments}}\n"; - - print "\\begin{itemize}\n"; - $check=0; - foreach $parameter (@{$args{'parameterlist'}}) { - $param1 = $args{'parametertypes'}{$parameter}; - $param1 =~ s/_/\\_/g; - $param2 = $parameter; - $param2 =~ s/_/\\_/g; - - $check = 1; - print "\\item {\\it ".$param1."} {\\bf ".$param2."}: \n"; -# print "\n"; - - $param3 = $args{'parameters'}{$parameter}; - $param3 =~ s/#([a-zA-Z\_]+)/{\\it \1}/g; - - $out = just_highlight($param3); - $out =~ s/_/\\_/g; - print $out; - } - if ($check==0) { - print "\\item void\n"; - } - print "\\end{itemize}\n"; - - foreach $section (@{$args{'sectionlist'}}) { - $sec = $section; - $sec =~ s/_/\\_/g; - $sec =~ s/#([a-zA-Z\_]+)/{\\it \1}/g; - - print "\n{\\large{$sec}}\\\\\n"; - print "\\begin{rmfamily}\n"; - - $sec = $args{'sections'}{$section}; - $sec =~ s/\\:/:/g; - $sec =~ s/#([a-zA-Z\_]+)/{\\it \1}/g; - $sec =~ s/->/\$\\rightarrow\$/g; - $sec =~ s/([0-9]+)\^([0-9]+)/\$\{\1\}\^\{\2\}\$/g; - - $out = just_highlight($sec); - $out =~ s/_/\\_/g; - - print $out; - print "\\end{rmfamily}\n"; - } - print "\n"; -} - - -# output in sgml DocBook -sub output_sgml { - my %args = %{$_[0]}; - my ($parameter, $section); - my $count; - my $id; - - $id = $args{'module'}."-".$args{'function'}; - $id =~ s/[^A-Za-z0-9]/-/g; - - print "\n"; - print "\n"; - print "".$args{'function'}."\n"; - print "\n"; - print "\n"; - print " ".$args{'function'}."\n"; - print " \n"; - print " ".$args{'purpose'}."\n"; - print " \n"; - print "\n"; - - print "\n"; - print " Synopsis\n"; - print " \n"; - print " ".$args{'functiontype'}." "; - print "".$args{'function'}." "; - print "\n"; - -# print "\n"; -# print " Synopsis\n"; -# print " \n"; -# print " ".$args{'functiontype'}." "; -# print "".$args{'function'}." "; -# print "\n"; - - $count = 0; - if ($#{$args{'parameterlist'}} >= 0) { - foreach $parameter (@{$args{'parameterlist'}}) { - print " ".$args{'parametertypes'}{$parameter}; - print " $parameter\n"; - } - } else { - print " \n"; - } - print " \n"; - print "\n"; -# print "\n"; - - # print parameters - print "\n Arguments\n"; -# print "\nArguments\n"; - if ($#{$args{'parameterlist'}} >= 0) { - print " \n"; - foreach $parameter (@{$args{'parameterlist'}}) { - print " \n $parameter\n"; - print " \n \n"; - $lineprefix=" "; - output_highlight($args{'parameters'}{$parameter}); - print " \n \n \n"; - } - print " \n"; - } else { - print " \n None\n \n"; - } - print "\n"; - - # print out each section - $lineprefix=" "; - foreach $section (@{$args{'sectionlist'}}) { - print "\n $section\n \n"; -# print "\n$section\n"; - if ($section =~ m/EXAMPLE/i) { - print "\n"; - } - output_highlight($args{'sections'}{$section}); -# print ""; - if ($section =~ m/EXAMPLE/i) { - print "\n"; - } - print " \n\n"; - } - - print "\n\n"; -} - -## -# output in man -sub output_man { - my %args = %{$_[0]}; - my ($parameter, $section); - my $count; - - print ".\\\" DO NOT MODIFY THIS FILE! It was generated by gdoc.\n"; - print ".TH \"$args{'function'}\" 3 \"$args{'sourceversion'}\" \"". $args{'module'} . "\" \"". $args{'module'} . "\"\n"; - - print ".SH NAME\n"; - - print $args{'function'}; - if ($args{'purpose'}) { - print " \\- " . $args{'purpose'} . "\n"; - } else { - print " \\- API function\n"; - } - - print ".SH SYNOPSIS\n"; - print ".B #include <". $args{'include'} . ">\n" - if $args{'include'}; - print ".B #include <". lc((split /_/, $args{'function'})[0]) . ".h>\n" - if $args{'includefuncprefix'}; - print ".sp\n"; - print ".BI \"".$args{'functiontype'}." ".$args{'function'}."("; - $count = 0; - foreach $parameter (@{$args{'parameterlist'}}) { - print $args{'parametertypes'}{$parameter}." \" ".$parameter." \""; - if ($count != $#{$args{'parameterlist'}}) { - $count++; - print ", "; - } - } - print ");\"\n"; - - print ".SH ARGUMENTS\n"; - foreach $parameter (@{$args{'parameterlist'}}) { - print ".IP \"".$args{'parametertypes'}{$parameter}." ".$parameter."\" 12\n"; - $param = $args{'parameters'}{$parameter}; - $param =~ s/-/\\-/g; - output_highlight($param); - } - foreach $section (@{$args{'sectionlist'}}) { - print ".SH \"" . uc($section) . "\"\n"; - $sec = $args{'sections'}{$section}; - $sec =~ s/-/\\-/g; - output_highlight($sec); - } - - if ($args{'bugsto'}) { - print ".SH \"REPORTING BUGS\"\n"; - print "Report bugs to <". $args{'bugsto'} . ">.\n"; - if ($args{'pkgname'}) { - print $args{'pkgname'} . " home page: " . - "http://www.gnu.org/software/" . $args{'module'} . "/\n"; - } - print "General help using GNU software: http://www.gnu.org/gethelp/\n"; - } - - if ($args{'copyright'}) { - print ".SH COPYRIGHT\n"; - print "Copyright \\(co ". $args{'copyright'} . ".\n"; - if ($args{'verbatimcopying'}) { - print ".br\n"; - print "Copying and distribution of this file, with or without modification,\n"; - print "are permitted in any medium without royalty provided the copyright\n"; - print "notice and this notice are preserved.\n"; - } - } - - if ($args{'seeinfo'}) { - print ".SH \"SEE ALSO\"\n"; - print "The full documentation for\n"; - print ".B " . $args{'module'} . "\n"; - print "is maintained as a Texinfo manual. If the\n"; - print ".B info\n"; - print "and\n"; - print ".B " . $args{'module'} . "\n"; - print "programs are properly installed at your site, the command\n"; - print ".IP\n"; - print ".B info " . $args{'seeinfo'} . "\n"; - print ".PP\n"; - print "should give you access to the complete manual.\n"; - } -} - -sub output_listfunc { - my %args = %{$_[0]}; - print $args{'function'} . "\n"; -} - -## -# output in text -sub output_text { - my %args = %{$_[0]}; - my ($parameter, $section); - - print "Function = ".$args{'function'}."\n"; - print " return type: ".$args{'functiontype'}."\n\n"; - foreach $parameter (@{$args{'parameterlist'}}) { - print " ".$args{'parametertypes'}{$parameter}." ".$parameter."\n"; - print " -> ".$args{'parameters'}{$parameter}."\n"; - } - foreach $section (@{$args{'sectionlist'}}) { - print " $section:\n"; - print " -> "; - output_highlight($args{'sections'}{$section}); - } -} - -## -# generic output function - calls the right one based -# on current output mode. -sub output_function { -# output_html(@_); - eval "output_".$output_mode."(\@_);"; -} - - -## -# takes a function prototype and spits out all the details -# stored in the global arrays/hsahes. -sub dump_function { - my $prototype = shift @_; - - if ($prototype =~ m/^()([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/ || - $prototype =~ m/^(\w+)\s+([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/ || - $prototype =~ m/^(\w+\s*\*)\s*([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/ || - $prototype =~ m/^(\w+\s+\w+)\s+([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/ || - $prototype =~ m/^(\w+\s+\w+\s*\*)\s*([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/ || - $prototype =~ m/^(\w+\s+\w+\s+\w+\s*\*)\s*([a-zA-Z0-9_~:]+)\s*\(([^\)]*)\)/) { - $return_type = $1; - $function_name = $2; - $args = $3; - -# print STDERR "ARGS = '$args'\n"; - - foreach $arg (split ',', $args) { - # strip leading/trailing spaces - $arg =~ s/^\s*//; - $arg =~ s/\s*$//; -# print STDERR "SCAN ARG: '$arg'\n"; - @args = split('\s', $arg); - -# print STDERR " -> @args\n"; - $param = pop @args; -# print STDERR " -> @args\n"; - if ($param =~ m/^(\*+)(.*)/) { - $param = $2; - push @args, $1; - } - if ($param =~ m/^(.*)(\[\])$/) { - $param = $1; - push @args, $2; - } -# print STDERR " :> @args\n"; - $type = join " ", @args; - - if ($parameters{$param} eq "" && $param != "void") { - $parameters{$param} = "-- undescribed --"; - print STDERR "warning: $lineno: Function parameter '$param' not described in '$function_name'\n"; - } - - push @parameterlist, $param; - $parametertypes{$param} = $type; - -# print STDERR "param = '$param', type = '$type'\n"; - } - } else { - print STDERR "warning: $lineno: Cannot understand prototype: '$prototype'\n"; - return; - } - - if ($function_only==0 || defined($function_table{$function_name})) { - output_function({'function' => $function_name, - 'module' => $modulename, - 'sourceversion' => $sourceversion, - 'include' => $include, - 'includefuncprefix' => $includefuncprefix, - 'bugsto' => $bugsto, - 'pkgname' => $pkgname, - 'copyright' => $copyright, - 'verbatimcopying' => $verbatimcopying, - 'seeinfo' => $seeinfo, - 'functiontype' => $return_type, - 'parameterlist' => \@parameterlist, - 'parameters' => \%parameters, - 'parametertypes' => \%parametertypes, - 'sectionlist' => \@sectionlist, - 'sections' => \%sections, - 'purpose' => $function_purpose - }); - } -} - -###################################################################### -# main -# states -# 0 - normal code -# 1 - looking for function name -# 2 - scanning field start. -# 3 - scanning prototype. -$state = 0; -$section = ""; - -$doc_special = "\@\%\$\#"; - -$doc_start = "^/\\*\\*\$"; -$doc_end = "\\*/"; -$doc_com = "\\s*\\*\\s*"; -$doc_func = $doc_com."(\\w+):?"; -$doc_sect = $doc_com."([".$doc_special."[:upper:]][\\w ]+):\\s*(.*)"; -$doc_content = $doc_com."(.*)"; - -%constants = (); -%parameters = (); -@parameterlist = (); -%sections = (); -@sectionlist = (); - -$contents = ""; -$section_default = "Description"; # default section -$section = $section_default; - -$lineno = 0; -foreach $file (@ARGV) { - if (!open(IN,"<$file")) { - print STDERR "Error: Cannot open file $file\n"; - next; - } - while () { - $lineno++; - - if ($state == 0) { - if (/$doc_start/o) { - $state = 1; # next line is always the function name - } - } elsif ($state == 1) { # this line is the function name (always) - if (/$doc_func/o) { - $function = $1; - $state = 2; - if (/-\s*(.*)/) { - $function_purpose = $1; - } else { - $function_purpose = ""; - } - if ($verbose) { - print STDERR "Info($lineno): Scanning doc for $function\n"; - } - } else { - print STDERR "warning: $lineno: Cannot understand $_ on line $lineno", - " - I thought it was a doc line\n"; - $state = 0; - } - } elsif ($state == 2) { # look for head: lines, and include content - if (/$doc_sect/o) { - $newsection = $1; - $newcontents = $2; - - if ($contents ne "") { - dump_section($section, $contents); - $section = $section_default; - } - - $contents = $newcontents; - if ($contents ne "") { - $contents .= "\n"; - } - $section = $newsection; - } elsif (/$doc_end/) { - - if ($contents ne "") { - dump_section($section, $contents); - $section = $section_default; - $contents = ""; - } - -# print STDERR "end of doc comment, looking for prototype\n"; - $prototype = ""; - $state = 3; - } elsif (/$doc_content/) { - # miguel-style comment kludge, look for blank lines after - # @parameter line to signify start of description - if ($1 eq "" && $section =~ m/^@/) { - dump_section($section, $contents); - $section = $section_default; - $contents = ""; - } else { - $contents .= $1."\n"; - } - } else { - # i dont know - bad line? ignore. - print STDERR "warning: $lineno: Bad line: $_"; - } - } elsif ($state == 3) { # scanning for function { (end of prototype) - if (m#\s*/\*\s+MACDOC\s*#io) { - # do nothing - } - elsif (/([^\{]*)/) { - $prototype .= $1; - } - if (/\{/) { - $prototype =~ s@/\*.*?\*/@@gos; # strip comments. - $prototype =~ s@[\r\n]+@ @gos; # strip newlines/cr's. - $prototype =~ s@^ +@@gos; # strip leading spaces - dump_function($prototype); - - $function = ""; - %constants = (); - %parameters = (); - %parametertypes = (); - @parameterlist = (); - %sections = (); - @sectionlist = (); - $prototype = ""; - - $state = 0; - } - } - } -} diff --git a/oath-toolkit-2.6.6-lockfile.patch b/oath-toolkit-2.6.7-lockfile.patch similarity index 90% rename from oath-toolkit-2.6.6-lockfile.patch rename to oath-toolkit-2.6.7-lockfile.patch index 7c62440..0cd459a 100644 --- a/oath-toolkit-2.6.6-lockfile.patch +++ b/oath-toolkit-2.6.7-lockfile.patch @@ -73,10 +73,10 @@ index 2f247ff..e8f8cdf 100644 LIBOATH_2.6.0 diff --git a/liboath/oath.h b/liboath/oath.h -index 04dc23d..5d4c0af 100644 +index fe93b9e..6660fb3 100644 --- a/liboath/oath.h +++ b/liboath/oath.h -@@ -155,11 +155,15 @@ typedef enum +@@ -159,11 +159,15 @@ typedef enum /* Global */ @@ -93,10 +93,10 @@ index 04dc23d..5d4c0af 100644 extern OATHAPI const char *oath_strerror (int err); diff --git a/liboath/oath.h.in b/liboath/oath.h.in -index 709bb2b..b2f8a0f 100644 +index eee284c..536cd30 100644 --- a/liboath/oath.h.in +++ b/liboath/oath.h.in -@@ -155,11 +155,15 @@ typedef enum +@@ -159,11 +159,15 @@ typedef enum /* Global */ @@ -113,7 +113,7 @@ index 709bb2b..b2f8a0f 100644 extern OATHAPI const char *oath_strerror (int err); diff --git a/liboath/usersfile.c b/liboath/usersfile.c -index 2c51da2..cb6a85f 100644 +index ef03f39..7cc4347 100644 --- a/liboath/usersfile.c +++ b/liboath/usersfile.c @@ -323,9 +323,18 @@ update_usersfile (const char *usersfile, @@ -139,10 +139,10 @@ index 2c51da2..cb6a85f 100644 lockfh = fopen (lockfile, "w"); if (!lockfh) diff --git a/pam_oath/pam_oath.c b/pam_oath/pam_oath.c -index ba577b4..c0fd13e 100644 +index b2afed7..307ffc2 100644 --- a/pam_oath/pam_oath.c +++ b/pam_oath/pam_oath.c -@@ -70,6 +70,7 @@ struct cfg +@@ -75,6 +75,7 @@ struct cfg int try_first_pass; int use_first_pass; char *usersfile; @@ -150,7 +150,7 @@ index ba577b4..c0fd13e 100644 unsigned digits; unsigned window; }; -@@ -84,6 +85,7 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) +@@ -89,6 +90,7 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) cfg->try_first_pass = 0; cfg->use_first_pass = 0; cfg->usersfile = NULL; @@ -158,7 +158,7 @@ index ba577b4..c0fd13e 100644 cfg->digits = -1; cfg->window = 5; -@@ -99,6 +101,8 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) +@@ -104,6 +106,8 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) cfg->use_first_pass = 1; if (strncmp (argv[i], "usersfile=", 10) == 0) cfg->usersfile = (char *) argv[i] + 10; @@ -167,7 +167,7 @@ index ba577b4..c0fd13e 100644 if (strncmp (argv[i], "digits=", 7) == 0) cfg->digits = atoi (argv[i] + 7); if (strncmp (argv[i], "window=", 7) == 0) -@@ -124,6 +128,7 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) +@@ -129,6 +133,7 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) D (("try_first_pass=%d", cfg->try_first_pass)); D (("use_first_pass=%d", cfg->use_first_pass)); D (("usersfile=%s", cfg->usersfile ? cfg->usersfile : "(null)")); @@ -175,7 +175,7 @@ index ba577b4..c0fd13e 100644 D (("digits=%d", cfg->digits)); D (("window=%d", cfg->window)); } -@@ -209,6 +214,17 @@ pam_sm_authenticate (pam_handle_t * pamh, +@@ -327,6 +332,17 @@ pam_sm_authenticate (pam_handle_t * pamh, goto done; } diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 3adfbbb..4d437d3 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,14 +1,20 @@ Name: oath-toolkit -Version: 2.6.6 -Release: 2%{?dist} +Version: 2.6.7 +Release: 1%{?dist} License: GPLv3+ Summary: One-time password components BuildRequires: make -BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel -BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel, autoconf, automake +BuildRequires: pam-devel +BuildRequires: gtk-doc +BuildRequires: libtool +BuildRequires: libtool-ltdl-devel +BuildRequires: xmlsec1-devel +BuildRequires: xmlsec1-openssl-devel +BuildRequires: autoconf +BuildRequires: automake Source0: https://download.savannah.nongnu.org/releases/%{name}/%{name}-%{version}.tar.gz URL: https://www.nongnu.org/oath-toolkit/ -Patch0: oath-toolkit-2.6.6-lockfile.patch +Patch0: oath-toolkit-2.6.7-lockfile.patch %description The OATH Toolkit provide components for building one-time password @@ -176,6 +182,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Mon May 3 2021 Jaroslav Škarvada - 2.6.7-1 +- New version + Resolves: rhbz#1955967 + * Tue Jan 26 2021 Fedora Release Engineering - 2.6.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild diff --git a/sources b/sources index 24b6cda..2f0357d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (oath-toolkit-2.6.6.tar.gz) = f5b6beee6e2afdcb2edfa0046650cb5cc6dee2dc759ce5db3a0350d579d589d35efc51ebcab1f353f103138b7de0ccfb6f3246d0e11ae81f4b31b63cbf9908be +SHA512 (oath-toolkit-2.6.7.tar.gz) = 50edff75c8366887d69cf4740c4cc3bdfc3e43cbd4910ff40f735bca489f0953d7e5a21130f12782ac7a1f2fb00f0db313aff139085f23daba78a69bc7b2eb12 From b851818e3642cb889f476bfa17b5d02bc8914150 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 22 Jul 2021 16:28:51 +0000 Subject: [PATCH 40/41] - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- oath-toolkit.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 4d437d3..213cce4 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.7 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv3+ Summary: One-time password components BuildRequires: make @@ -182,6 +182,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu Jul 22 2021 Fedora Release Engineering - 2.6.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + * Mon May 3 2021 Jaroslav Škarvada - 2.6.7-1 - New version Resolves: rhbz#1955967 From baa9a09633bb20f766cd9c34d55551bbb76ec968 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Mon, 30 Oct 2023 23:34:52 +0300 Subject: [PATCH 41/41] Remove unnecessary files --- sources | 1 - 1 file changed, 1 deletion(-) delete mode 100644 sources diff --git a/sources b/sources deleted file mode 100644 index 2f0357d..0000000 --- a/sources +++ /dev/null @@ -1 +0,0 @@ -SHA512 (oath-toolkit-2.6.7.tar.gz) = 50edff75c8366887d69cf4740c4cc3bdfc3e43cbd4910ff40f735bca489f0953d7e5a21130f12782ac7a1f2fb00f0db313aff139085f23daba78a69bc7b2eb12