source "package/python-networkmanager/Config.in"
source "package/python-nfc/Config.in"
source "package/python-numpy/Config.in"
+ source "package/python-pam/Config.in"
source "package/python-posix-ipc/Config.in"
source "package/python-protobuf/Config.in"
source "package/python-psutil/Config.in"
--- /dev/null
+[PATCH] fix two bugs in the PAM object deallocation
+
+Fixes https://bugzilla.redhat.com/show_bug.cgi?id=658955
+
+Downloaded from:
+http://pkgs.fedoraproject.org/cgit/PyPAM.git/plain/PyPAM-0.5.0-dealloc.patch
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+diff -up PyPAM-0.5.0/PAMmodule.c.dealloc PyPAM-0.5.0/PAMmodule.c
+--- PyPAM-0.5.0/PAMmodule.c.dealloc 2011-01-17 22:48:22.000000000 +0100
++++ PyPAM-0.5.0/PAMmodule.c 2011-01-18 21:24:59.000000000 +0100
+@@ -538,10 +538,11 @@ static void PyPAM_dealloc(PyPAMObject *s
+ free(self->service);
+ free(self->user);
+ free(self->conv);
+- pam_end(self->pamh, PAM_SUCCESS);
++ if (self->pamh)
++ pam_end(self->pamh, PAM_SUCCESS);
+ dlclose(self->dlh2);
+ dlclose(self->dlh1);
+- PyMem_DEL(self);
++ PyObject_Del(self);
+ }
+
+ static PyObject * PyPAM_getattr(PyPAMObject *self, char *name)
--- /dev/null
+[PATCH] deallocate the conversation response only in case of error
+
+Fixes https://bugzilla.redhat.com/show_bug.cgi?id=679714
+
+Downloaded from:
+http://pkgs.fedoraproject.org/cgit/PyPAM.git/plain/PyPAM-0.5.0-nofree.patch
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+diff --git a/PAMmodule.c b/PAMmodule.c
+index 03cb799..a7ff8a5 100644
+--- a/PAMmodule.c
++++ b/PAMmodule.c
+@@ -24,8 +24,6 @@ typedef struct {
+ char *service;
+ char *user;
+ PyObject *callback;
+- struct pam_response *response_data;
+- int response_len;
+ PyObject *user_data;
+ void *dlh1, *dlh2;
+ } PyPAMObject;
+@@ -54,15 +52,6 @@ static int PyPAM_conv(int num_msg, const struct pam_message **msg,
+
+ Py_INCREF(self);
+
+- if (NULL != self->response_data) {
+- for (int i = 0; i < self->response_len; i++) {
+- free(self->response_data[0].resp);
+- }
+- free(self->response_data);
+- self->response_data = NULL;
+- self->response_len = 0;
+- }
+-
+ PyObject* msgList = PyList_New(num_msg);
+
+ for (int i = 0; i < num_msg; i++) {
+@@ -92,6 +81,10 @@ static int PyPAM_conv(int num_msg, const struct pam_message **msg,
+ char* resp_text;
+ int resp_retcode = 0;
+ if (!PyArg_ParseTuple(respTuple, "si", &resp_text, &resp_retcode)) {
++ while (i > 0) {
++ free((--spr)->resp);
++ --i;
++ }
+ free(*resp);
+ Py_DECREF(respList);
+ return PAM_CONV_ERR;
+@@ -100,10 +93,6 @@ static int PyPAM_conv(int num_msg, const struct pam_message **msg,
+ spr->resp_retcode = resp_retcode;
+ Py_DECREF(respTuple);
+ }
+-
+- // Save this so we can free it later.
+- self->response_data = *resp;
+- self->response_len = PyList_Size(respList);
+
+ Py_DECREF(respList);
+
+@@ -144,8 +133,6 @@ static PyObject * PyPAM_pam(PyObject *self, PyObject *args)
+ p->user = NULL;
+ Py_INCREF(Py_None);
+ p->callback = Py_None;
+- p->response_data = NULL;
+- p->response_len = 0;
+ Py_INCREF(Py_None);
+ p->user_data = Py_None;
+
--- /dev/null
+[PATCH] Fix Double Free Corruption (CVE2012-1502)
+
+Downloaded from:
+http://pkgs.fedoraproject.org/cgit/PyPAM.git/plain/PyPAM-0.5.0-memory-errors.patch
+
+For details, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1502
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+diff -up PyPAM-0.5.0/PAMmodule.c.memory PyPAM-0.5.0/PAMmodule.c
+--- PyPAM-0.5.0/PAMmodule.c.memory 2012-05-07 17:22:54.503914026 +0200
++++ PyPAM-0.5.0/PAMmodule.c 2012-05-07 17:23:15.644381942 +0200
+@@ -37,33 +37,48 @@ static void PyPAM_Err(PyPAMObject *self,
+
+ err_msg = pam_strerror(self->pamh, result);
+ error = Py_BuildValue("(si)", err_msg, result);
+- Py_INCREF(PyPAM_Error);
+ PyErr_SetObject(PyPAM_Error, error);
++ Py_XDECREF(error);
+ }
+
+ static int PyPAM_conv(int num_msg, const struct pam_message **msg,
+ struct pam_response **resp, void *appdata_ptr)
+ {
+- PyObject *args;
+-
++ PyObject *args, *msgList, *respList, *item;
++ struct pam_response *response, *spr;
+ PyPAMObject* self = (PyPAMObject *) appdata_ptr;
++
+ if (self->callback == NULL)
+ return PAM_CONV_ERR;
+
+ Py_INCREF(self);
+
+- PyObject* msgList = PyList_New(num_msg);
+-
++ msgList = PyList_New(num_msg);
++ if (msgList == NULL) {
++ Py_DECREF(self);
++ return PAM_CONV_ERR;
++ }
++
+ for (int i = 0; i < num_msg; i++) {
+- PyList_SetItem(msgList, i,
+- Py_BuildValue("(si)", msg[i]->msg, msg[i]->msg_style));
++ item = Py_BuildValue("(si)", msg[i]->msg, msg[i]->msg_style);
++ if (item == NULL) {
++ Py_DECREF(msgList);
++ Py_DECREF(self);
++ return PAM_CONV_ERR;
++ }
++ PyList_SetItem(msgList, i, item);
+ }
+-
++
+ args = Py_BuildValue("(OO)", self, msgList);
+- PyObject* respList = PyEval_CallObject(self->callback, args);
++ if (args == NULL) {
++ Py_DECREF(self);
++ Py_DECREF(msgList);
++ return PAM_CONV_ERR;
++ }
++ respList = PyEval_CallObject(self->callback, args);
+ Py_DECREF(args);
+ Py_DECREF(self);
+-
++
+ if (respList == NULL)
+ return PAM_CONV_ERR;
+
+@@ -71,11 +86,15 @@ static int PyPAM_conv(int num_msg, const
+ Py_DECREF(respList);
+ return PAM_CONV_ERR;
+ }
+-
+- *resp = (struct pam_response *) malloc(
++
++ response = (struct pam_response *) malloc(
+ PyList_Size(respList) * sizeof(struct pam_response));
++ if (response == NULL) {
++ Py_DECREF(respList);
++ return PAM_CONV_ERR;
++ }
++ spr = response;
+
+- struct pam_response* spr = *resp;
+ for (int i = 0; i < PyList_Size(respList); i++, spr++) {
+ PyObject* respTuple = PyList_GetItem(respList, i);
+ char* resp_text;
+@@ -85,7 +104,7 @@ static int PyPAM_conv(int num_msg, const
+ free((--spr)->resp);
+ --i;
+ }
+- free(*resp);
++ free(response);
+ Py_DECREF(respList);
+ return PAM_CONV_ERR;
+ }
+@@ -95,7 +114,8 @@ static int PyPAM_conv(int num_msg, const
+ }
+
+ Py_DECREF(respList);
+-
++ *resp = response;
++
+ return PAM_SUCCESS;
+ }
+
+@@ -122,7 +142,11 @@ static PyObject * PyPAM_pam(PyObject *se
+ PyPAMObject_Type.ob_type = &PyType_Type;
+ p = (PyPAMObject *) PyObject_NEW(PyPAMObject, &PyPAMObject_Type);
+
++ if (p == NULL)
++ return NULL;
++
+ if ((spc = (struct pam_conv *) malloc(sizeof(struct pam_conv))) == NULL) {
++ Py_DECREF((PyObject *)p);
+ PyErr_SetString(PyExc_MemoryError, "out of memory");
+ return NULL;
+ }
+@@ -455,9 +479,15 @@ static PyObject * PyPAM_getenvlist(PyObj
+ }
+
+ retval = PyList_New(0);
++ if (retval == NULL)
++ return NULL;
+
+ while ((cp = *(result++)) != NULL) {
+ entry = Py_BuildValue("s", cp);
++ if (entry == NULL) {
++ Py_DECREF(retval);
++ return NULL;
++ }
+ PyList_Append(retval, entry);
+ Py_DECREF(entry);
+ }
--- /dev/null
+comment "python-pam needs a toolchain w/ wchar, locale, dynamic library"
+ depends on BR2_PACKAGE_PYTHON
+ depends on !BR2_ENABLE_LOCALE || !BR2_USE_WCHAR || BR2_PREFER_STATIC_LIB
+
+config BR2_PACKAGE_PYTHON_PAM
+ bool "python-pam"
+ depends on BR2_PACKAGE_PYTHON # C extension not compatible with python3
+ depends on BR2_ENABLE_LOCALE # linux-pam
+ depends on BR2_USE_WCHAR # linux-pam
+ depends on !BR2_PREFER_STATIC_LIB # linux-pam
+ select BR2_PACKAGE_LINUX_PAM
+ help
+ PAM (Pluggable Authentication Module) bindings for Python.
+
+ https://admin.fedoraproject.org/pkgdb/package/PyPAM/
--- /dev/null
+################################################################################
+#
+# python-pam
+#
+################################################################################
+
+PYTHON_PAM_VERSION = 0.5.0
+PYTHON_PAM_SOURCE = PyPAM-$(PYTHON_PAM_VERSION).tar.gz
+# pangalactic.org gone
+PYTHON_PAM_SITE = http://pkgs.fedoraproject.org/repo/pkgs/PyPAM/PyPAM-0.5.0.tar.gz/f1e7c2c56421dda28a75ace59a3c8871/
+PYTHON_PAM_SETUP_TYPE = distutils
+PYTHON_PAM_LICENSE = LGPLv2.1
+PYTHON_PAM_LICENSE_FILES = COPYING
+PYTHON_PAM_DEPENDENCIES = linux-pam
+
+$(eval $(python-package))