pwsafe - a program to manage encrypted password databases.

ok alek@
2005-02-20 13:42:08 +00:00 · 2005-02-20 13:42:08 +00:00 · 22b898f0e9
commit 22b898f0e9
parent 86a7a2876c
5 changed files with 122 additions and 0 deletions
--- a/security/pwsafe/Makefile
+++ b/security/pwsafe/Makefile
@ -0,0 +1,25 @@
+# $OpenBSD: Makefile,v 1.1.1.1 2005/02/20 13:42:08 mbalmer Exp $
+
+COMMENT=		"program that manages encrypted password databases"
+DISTNAME=		pwsafe-0.1.6
+CATEGORIES=		security
+
+HOMEPAGE=		http://nsd.dyndns.org/pwsafe/
+
+MAINTAINER=		Marc Balmer <mbalmer@openbsd.org>
+
+#GPL
+PERMIT_PACKAGE_CDROM=	Yes
+PERMIT_PACKAGE_FTP=	Yes
+PERMIT_DISTFILES_CDROM=	Yes
+PERMIT_DISTFILES_FTP=	Yes
+
+WANTLIB=		Xmu m X11 ncurses crypto c stdc++ SM readline ICE
+
+MASTER_SITES=		${HOMEPAGE}releases/
+
+CONFIGURE_STYLE=        gnu
+USE_GMAKE=		Yes
+NO_REGRESS=		Yes
+
+.include <bsd.port.mk>
--- a/security/pwsafe/distinfo
+++ b/security/pwsafe/distinfo
@ -0,0 +1,4 @@
+MD5 (pwsafe-0.1.6.tar.gz) = 2a56d5d54d474524500f0b4258868478
+RMD160 (pwsafe-0.1.6.tar.gz) = ac3b7b2287e2cacda876ddc21bf653d700cd9e0b
+SHA1 (pwsafe-0.1.6.tar.gz) = 39b42f95517cdbf1e241f9da477fb1a9bca050bb
+SIZE (pwsafe-0.1.6.tar.gz) = 110027
--- a/security/pwsafe/patches/patch-pwsafe_cpp
+++ b/security/pwsafe/patches/patch-pwsafe_cpp
@ -0,0 +1,89 @@
+$OpenBSD: patch-pwsafe_cpp,v 1.1.1.1 2005/02/20 13:42:08 mbalmer Exp $
+--- pwsafe.cpp.orig	Tue Mar  2 07:27:56 2004
+++ pwsafe.cpp	Wed Feb 16 17:40:54 2005
+@@ -123,8 +123,8 @@ typedef struct option long_option;
+ 
+ // The name the program was run with, stripped of any leading path
+ const char *program_name = "pwsafe"; // make sure program_name always points to something valid so we can use it in constructors of globals
+-uid_t saved_uid;
+-gid_t saved_gid;
+// uid_t saved_uid;
+// gid_t saved_gid;
+ 
+ // Option flags and variables
+ const char* arg_dbname = NULL;
+@@ -377,14 +377,14 @@ int main(int argc, char **argv) {
+ 
+   try {
+     try {
+-      saved_uid = geteuid();
+-      saved_gid = getegid();
+      // saved_uid = geteuid();
+      // saved_gid = getegid();
+       
+       // if we are running suid, drop privileges now; we use seteuid() instead of setuid() so the saved uid remains root and we can become root again in order to mlock()
+-      if (saved_uid != getuid() || saved_gid != getgid()) {
+-        setegid(getgid());
+-        seteuid(getuid());
+-      }
+      // if (saved_uid != getuid() || saved_gid != getgid()) {
+      //   setegid(getgid());
+      //   seteuid(getuid());
+      // }
+ 
+ #if WITH_READLINE
+       rl_readline_name = const_cast<char*>(program_name); // so readline() can parse its config files and handle if (pwsafe) sections; some older readline's type rl_readline_name as char*, hence the const_cast
+@@ -2217,32 +2217,32 @@ secalloc::Pool::Pool(size_t n) : next(0)
+   top = z + ((bottom-z+pagesize+n+pagesize) & ~(pagesize-1)); // round top down to a page boundary
+ 
+   // mark level..top as non-swapabble
+-  int rc = mlock(level,top-level);
+-  if (rc && errno == EPERM && (saved_uid != geteuid() || saved_gid != getegid())) {
+  // int rc = mlock(level,top-level);
+  // if (rc && errno == EPERM && (saved_uid != geteuid() || saved_gid != getegid())) {
+     // try again as root (or whoever saved_uid really is)
+-    if (saved_uid != geteuid()) 
+-      seteuid(saved_uid);
+-    if (saved_gid != getegid())
+-      setegid(saved_gid);
+-    rc = mlock(level,top-level);
+-    setegid(getgid());
+-    seteuid(getuid());
+-  }
+-  if (rc) {
+-    static bool reported = false;
+-    if (!reported) {
+-      fprintf(stderr, "WARNING: %s unable to use secure ram (need to be setuid root)\n", program_name);
+-      reported = true;
+-    }
+-  }
+  //   if (saved_uid != geteuid()) 
+  //     seteuid(saved_uid);
+  //   if (saved_gid != getegid())
+  //     setegid(saved_gid);
+  //   rc = mlock(level,top-level);
+  //   setegid(getgid());
+  //   seteuid(getuid());
+  // }
+  // if (rc) {
+  //   static bool reported = false;
+  //   if (!reported) {
+  //     fprintf(stderr, "WARNING: %s unable to use secure ram (need to be setuid root)\n", program_name);
+  //     reported = true;
+  //   }
+  // }
+ }
+ 
+ secalloc::Pool::~Pool() {
+-  char*const z = 0;
+-  const size_t pagesize = secalloc::pagesize;
+  // char*const z = 0;
+  // const size_t pagesize = secalloc::pagesize;
+   memset(bottom, 0, top-bottom); // clear it once more, just in case everything wasn't properly deallocate()ed
+-  char*const l = z + ((bottom-z+pagesize-1) & ~(pagesize-1)); // recalculate original value we passed to mlock()
+-  munlock(l, top-l); // might fail; that's ok if it does
+  // char*const l = z + ((bottom-z+pagesize-1) & ~(pagesize-1)); // recalculate original value we passed to mlock()
+  // munlock(l, top-l); // might fail; that's ok if it does
+   free(bottom);
+ }
+ 
--- a/security/pwsafe/pkg/DESCR
+++ b/security/pwsafe/pkg/DESCR
@ -0,0 +1 @@
+pwsafe - commandline tool compatible with Counterpane's Passwordsafe
--- a/security/pwsafe/pkg/PLIST
+++ b/security/pwsafe/pkg/PLIST
@ -0,0 +1,3 @@
+@comment $OpenBSD: PLIST,v 1.1.1.1 2005/02/20 13:42:08 mbalmer Exp $
+bin/pwsafe
+@man man/man1/pwsafe.1
				`@ -0,0 +1 @@`
				`pwsafe - commandline tool compatible with Counterpane's Passwordsafe`