From 641678c9224b0b6e0eb7e484f86d1d0826839e1fe918389f3be662f214cb539f Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Sat, 14 Sep 2013 16:34:44 +0000
Subject: [PATCH] sssd-1.11.0 (samba changes should be in shortly)

OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=99
---
 sssd-1.11.0.tar.gz     |   3 +
 sssd-1.11.0.tar.gz.asc |   7 +++
 sssd-1.9.5.tar.gz      |   3 -
 sssd-1.9.5.tar.gz.asc  |   7 ---
 sssd-ldflags.diff      | 131 ++++++++++++++++++++++++++++++++---------
 sssd-no-ldb-check.diff |  28 ---------
 sssd.changes           |  14 +++++
 sssd.spec              |  12 ++--
 8 files changed, 136 insertions(+), 69 deletions(-)
 create mode 100644 sssd-1.11.0.tar.gz
 create mode 100644 sssd-1.11.0.tar.gz.asc
 delete mode 100644 sssd-1.9.5.tar.gz
 delete mode 100644 sssd-1.9.5.tar.gz.asc
 delete mode 100644 sssd-no-ldb-check.diff

diff --git a/sssd-1.11.0.tar.gz b/sssd-1.11.0.tar.gz
new file mode 100644
index 0000000..868bbd5
--- /dev/null
+++ b/sssd-1.11.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:bae84db6285123e9402619d194b009ecba8dcfcbe252e4e163cd5e9a21c678d3
+size 3346231
diff --git a/sssd-1.11.0.tar.gz.asc b/sssd-1.11.0.tar.gz.asc
new file mode 100644
index 0000000..73dd430
--- /dev/null
+++ b/sssd-1.11.0.tar.gz.asc
@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.14 (GNU/Linux)
+
+iEYEABECAAYFAlIeYtcACgkQHsardTLnvCV/QACgroDpJRMaPPFXQfdgQ9Yft1NM
+mxAAoJKtJNPWTzOpJ5U/+wfh0o9ZsrX9
+=9Bb+
+-----END PGP SIGNATURE-----
diff --git a/sssd-1.9.5.tar.gz b/sssd-1.9.5.tar.gz
deleted file mode 100644
index d7e73fb..0000000
--- a/sssd-1.9.5.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a377c436901e92d689de811d48e37d88764460e889e47bfddd90626f0a8a015c
-size 3106988
diff --git a/sssd-1.9.5.tar.gz.asc b/sssd-1.9.5.tar.gz.asc
deleted file mode 100644
index e0c1e92..0000000
--- a/sssd-1.9.5.tar.gz.asc
+++ /dev/null
@@ -1,7 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.13 (GNU/Linux)
-
-iEYEABECAAYFAlF2gY4ACgkQHsardTLnvCW6+QCg4VWHi8mlbi6FQufRtUXOTB2j
-5OAAniig5/DUZa/mrzUb+8kteg3nanNS
-=3VHJ
------END PGP SIGNATURE-----
diff --git a/sssd-ldflags.diff b/sssd-ldflags.diff
index 4ac562c..d6ae698 100644
--- a/sssd-ldflags.diff
+++ b/sssd-ldflags.diff
@@ -13,14 +13,14 @@ The patch fixes the location of library names, and also adds them
 to two program which need them.
 
 ---
- Makefile.am |   36 +++++++++++++++++++++---------------
- 1 file changed, 21 insertions(+), 15 deletions(-)
+ Makefile.am |   69 ++++++++++++++++++++++++++++++------------------------------
+ 1 file changed, 35 insertions(+), 34 deletions(-)
 
-Index: sssd-1.9.4/Makefile.am
+Index: sssd-1.10.0/Makefile.am
 ===================================================================
---- sssd-1.9.4.orig/Makefile.am
-+++ sssd-1.9.4/Makefile.am
-@@ -537,7 +537,8 @@ libipa_hbac_la_SOURCES = \
+--- sssd-1.10.0.orig/Makefile.am
++++ sssd-1.10.0/Makefile.am
+@@ -588,7 +588,8 @@ libipa_hbac_la_SOURCES = \
      src/providers/ipa/hbac_evaluator.c \
      src/util/sss_utf8.c
  libipa_hbac_la_LDFLAGS = \
@@ -30,12 +30,23 @@ Index: sssd-1.9.4/Makefile.am
      $(UNICODE_LIBS)
  
  dist_pkgconfig_DATA += src/lib/idmap/sss_idmap.pc
-@@ -651,11 +652,11 @@ sssd_be_LDADD = \
+@@ -604,8 +605,8 @@ libsss_nss_idmap_la_SOURCES = \
+     src/sss_client/idmap/sss_nss_idmap.c \
+     src/sss_client/common.c \
+     src/util/strtonum.c
++libsss_nss_idmap_la_LIBADD = $(CLIENT_LIBS)
+ libsss_nss_idmap_la_LDFLAGS = \
+-    $(CLIENT_LIBS) \
+     -version-info 0:1:0
+ 
+ include_HEADERS = \
+@@ -717,11 +718,11 @@ sssd_be_LDADD = \
      -ldl \
      $(SSSD_LIBS) \
      $(CARES_LIBS) \
-+    $(PAM_LIBS) \
-     libsss_util.la
+-    $(SSSD_INTERNAL_LTLIBS)
++    $(SSSD_INTERNAL_LTLIBS) \
++    $(PAM_LIBS)
  sssd_be_LDFLAGS = \
      -Wl,--version-script,$(srcdir)/src/providers/sssd_be.exports \
 -    -export-dynamic \
@@ -44,7 +55,70 @@ Index: sssd-1.9.4/Makefile.am
  
  if BUILD_PYTHON_BINDINGS
  sss_obfuscate_pythondir = $(sbindir)
-@@ -771,7 +772,7 @@ sss_sudo_cli_SOURCES = \
+@@ -757,10 +758,9 @@ sss_userdel_SOURCES = \
+     $(SSSD_LCL_TOOLS_OBJ)
+ sss_userdel_LDADD = \
+     $(TOOLS_LIBS) \
+-    $(SSSD_INTERNAL_LTLIBS)
+-sss_userdel_CFLAGS = $(AM_CFLAGS)
+-sss_userdel_LDFLAGS = \
++    $(SSSD_INTERNAL_LTLIBS) \
+     $(CLIENT_LIBS)
++sss_userdel_CFLAGS = $(AM_CFLAGS)
+ 
+ sss_groupadd_SOURCES = \
+     src/tools/sss_groupadd.c \
+@@ -774,30 +774,27 @@ sss_groupdel_SOURCES = \
+     $(SSSD_LCL_TOOLS_OBJ)
+ sss_groupdel_LDADD = \
+     $(TOOLS_LIBS) \
+-    $(SSSD_INTERNAL_LTLIBS)
+-sss_groupdel_CFLAGS = $(AM_CFLAGS)
+-sss_groupdel_LDFLAGS = \
++    $(SSSD_INTERNAL_LTLIBS) \
+     $(CLIENT_LIBS)
++sss_groupdel_CFLAGS = $(AM_CFLAGS)
+ 
+ sss_usermod_SOURCES = \
+     src/tools/sss_usermod.c \
+     $(SSSD_LCL_TOOLS_OBJ)
+ sss_usermod_LDADD = \
+     $(TOOLS_LIBS) \
+-    $(SSSD_INTERNAL_LTLIBS)
+-sss_usermod_CFLAGS = $(AM_CFLAGS)
+-sss_usermod_LDFLAGS = \
++    $(SSSD_INTERNAL_LTLIBS) \
+     $(CLIENT_LIBS)
++sss_usermod_CFLAGS = $(AM_CFLAGS)
+ 
+ sss_groupmod_SOURCES = \
+     src/tools/sss_groupmod.c \
+     $(SSSD_LCL_TOOLS_OBJ)
+ sss_groupmod_LDADD = \
+     $(TOOLS_LIBS) \
+-    $(SSSD_INTERNAL_LTLIBS)
+-sss_groupmod_CFLAGS = $(AM_CFLAGS)
+-sss_groupmod_LDFLAGS = \
++    $(SSSD_INTERNAL_LTLIBS) \
+     $(CLIENT_LIBS)
++sss_groupmod_CFLAGS = $(AM_CFLAGS)
+ 
+ sss_groupshow_SOURCES = \
+     src/tools/sss_groupshow.c \
+@@ -811,10 +808,9 @@ sss_cache_SOURCES = \
+     $(SSSD_LCL_TOOLS_OBJ)
+ sss_cache_LDADD = \
+     $(TOOLS_LIBS) \
+-    $(SSSD_INTERNAL_LTLIBS)
+-sss_cache_CFLAGS = $(AM_CFLAGS)
+-sss_cache_LDFLAGS = \
++    $(SSSD_INTERNAL_LTLIBS) \
+     $(CLIENT_LIBS)
++sss_cache_CFLAGS = $(AM_CFLAGS)
+ 
+ sss_debuglevel_SOURCES = \
+     src/tools/sss_debuglevel.c \
+@@ -837,7 +833,7 @@ sss_sudo_cli_SOURCES = \
      src/sss_client/sudo/sss_sudo_response.c \
      src/sss_client/sudo_testcli/sudo_testcli.c
  sss_sudo_cli_CFLAGS = $(AM_CFLAGS)
@@ -53,27 +127,29 @@ Index: sssd-1.9.4/Makefile.am
  endif
  
  if BUILD_SSH
-@@ -781,8 +782,8 @@ sss_ssh_authorizedkeys_SOURCES = \
+@@ -847,8 +843,8 @@ sss_ssh_authorizedkeys_SOURCES = \
      src/sss_client/ssh/sss_ssh_authorizedkeys.c
  sss_ssh_authorizedkeys_CFLAGS = $(AM_CFLAGS)
  sss_ssh_authorizedkeys_LDADD = \
-+    $(CLIENT_LIBS) \
-     libsss_util.la
--sss_ssh_authorizedkeys_LDFLAGS = $(CLIENT_LIBS)
+-    $(SSSD_INTERNAL_LTLIBS)
+-sss_ssh_authorizedkeys_LDFLAGS = $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS)
++    $(SSSD_INTERNAL_LTLIBS) \
++    $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS)
  
  sss_ssh_knownhostsproxy_SOURCES = \
      src/sss_client/common.c \
-@@ -790,8 +791,8 @@ sss_ssh_knownhostsproxy_SOURCES = \
+@@ -856,8 +852,8 @@ sss_ssh_knownhostsproxy_SOURCES = \
      src/sss_client/ssh/sss_ssh_knownhostsproxy.c
  sss_ssh_knownhostsproxy_CFLAGS = $(AM_CFLAGS)
  sss_ssh_knownhostsproxy_LDADD = \
-+    $(CLIENT_LIBS) \
-     libsss_util.la
--sss_ssh_knownhostsproxy_LDFLAGS = $(CLIENT_LIBS)
+-    $(SSSD_INTERNAL_LTLIBS)
+-sss_ssh_knownhostsproxy_LDFLAGS = $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS)
++    $(SSSD_INTERNAL_LTLIBS) \
++    $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS)
  endif
  
  #################
-@@ -1149,14 +1150,14 @@ noinst_PROGRAMS += autofs_test_client
+@@ -1309,7 +1305,7 @@ noinst_PROGRAMS += autofs_test_client
  endif
  
  pam_test_client_SOURCES = src/sss_client/pam_test_client.c
@@ -81,16 +157,17 @@ Index: sssd-1.9.4/Makefile.am
 +pam_test_client_LDADD = -lpam -lpam_misc
  
  if BUILD_AUTOFS
- autofs_test_client_SOURCES = src/sss_client/autofs/autofs_test_client.c \
- 			     src/sss_client/autofs/sss_autofs.c \
- 			     src/sss_client/common.c
+ autofs_test_client_SOURCES = \
+@@ -1317,7 +1313,7 @@ autofs_test_client_SOURCES = \
+     src/sss_client/autofs/sss_autofs.c \
+     src/sss_client/common.c
  autofs_test_client_CFLAGS = $(AM_CFLAGS)
 -autofs_test_client_LDFLAGS = -lpopt $(CLIENT_LIBS)
 +autofs_test_client_LDADD = -lpopt $(CLIENT_LIBS)
  endif
  
  ####################
-@@ -1178,10 +1179,11 @@ libnss_sss_la_SOURCES = \
+@@ -1340,10 +1336,11 @@ libnss_sss_la_SOURCES = \
      src/sss_client/nss_mc_group.c \
      src/sss_client/nss_mc.h
  libnss_sss_la_LDFLAGS = \
@@ -103,7 +180,7 @@ Index: sssd-1.9.4/Makefile.am
  
  pamlib_LTLIBRARIES = pam_sss.la
  pam_sss_la_SOURCES = \
-@@ -1192,11 +1194,12 @@ pam_sss_la_SOURCES = \
+@@ -1354,11 +1351,12 @@ pam_sss_la_SOURCES = \
      src/sss_client/sss_pam_macros.h
  
  pam_sss_la_LDFLAGS = \
@@ -118,7 +195,7 @@ Index: sssd-1.9.4/Makefile.am
  
  if BUILD_SUDO
  
-@@ -1207,8 +1210,9 @@ libsss_sudo_la_SOURCES = \
+@@ -1369,8 +1367,9 @@ libsss_sudo_la_SOURCES = \
      src/sss_client/sudo/sss_sudo.c \
      src/sss_client/sudo/sss_sudo.h \
      src/sss_client/sudo/sss_sudo_private.h
@@ -129,7 +206,7 @@ Index: sssd-1.9.4/Makefile.am
      -Wl,--version-script,$(srcdir)/src/sss_client/sss_sudo.exports \
      -module \
      -avoid-version
-@@ -1228,10 +1232,11 @@ libsss_autofs_la_SOURCES = \
+@@ -1388,10 +1387,11 @@ libsss_autofs_la_SOURCES = \
      src/sss_client/autofs/sss_autofs_private.h
  
  libsss_autofs_la_LDFLAGS = \
@@ -142,7 +219,7 @@ Index: sssd-1.9.4/Makefile.am
  endif
  
  dist_noinst_DATA += \
-@@ -1550,10 +1555,11 @@ sssd_pac_plugin_la_CFLAGS = \
+@@ -1725,10 +1725,11 @@ sssd_pac_plugin_la_CFLAGS = \
      $(AM_CFLAGS) \
      $(KRB5_CFLAGS)
  sssd_pac_plugin_la_LDFLAGS = \
diff --git a/sssd-no-ldb-check.diff b/sssd-no-ldb-check.diff
deleted file mode 100644
index e216a19..0000000
--- a/sssd-no-ldb-check.diff
+++ /dev/null
@@ -1,28 +0,0 @@
-From: Jan Engelhardt <jengelh@inai.de>
-Date: 2013-02-21 09:09:59.418801298 +0100
-Upstream: no
-
-Whenever ldb has a version number update, memberof.so aborts sssd
-loading. Arguably, LDB has not made any ABI stability promises
-says
-http://lists.fedorahosted.org/pipermail/sssd-devel/2013-February/013686.html
-but they are at least trying to, by keeping some versioned symbols.
-So, let's try this here for openSUSE.
-
----
- src/ldb_modules/memberof.c |    3 ---
- 1 file changed, 3 deletions(-)
-
-Index: sssd-1.9.4/src/ldb_modules/memberof.c
-===================================================================
---- sssd-1.9.4.orig/src/ldb_modules/memberof.c
-+++ sssd-1.9.4/src/ldb_modules/memberof.c
-@@ -4570,8 +4570,5 @@ const struct ldb_module_ops ldb_memberof
- 
- int ldb_init_module(const char *version)
- {
--#ifdef LDB_MODULE_CHECK_VERSION
--    LDB_MODULE_CHECK_VERSION(version);
--#endif
-     return ldb_register_module(&ldb_memberof_module_ops);
- }
diff --git a/sssd.changes b/sssd.changes
index f244907..68ce156 100644
--- a/sssd.changes
+++ b/sssd.changes
@@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Tue Sep  3 21:12:37 UTC 2013 - jengelh@inai.de
+
+- Update to new upstream release 1.11.0
+* The sudo integration was made more robust. SSSD is now able to
+  gracefully handle situations where it is not able to resolve the
+  client host name or sudo rules have multiple name attributes.
+* Several nested group membership bugs were fixed
+* The PAC responder was made more robust and efficient, modifying
+  existing cache entries instead of always recreating them.
+* The Kerberos provider now supports the new KEYRING ccache type.
+- Remove sssd-no-ldb-check.diff, now implemented through a
+  configure argument --disable-ldb-version-check
+
 -------------------------------------------------------------------
 Sun Jun 16 16:11:42 UTC 2013 - jengelh@inai.de
 
diff --git a/sssd.spec b/sssd.spec
index cd031f8..560e938 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -17,7 +17,7 @@
 
 
 Name:           sssd
-Version:        1.9.5
+Version:        1.11.0
 Release:        0
 Summary:        System Security Services Daemon
 License:        GPL-3.0+ and LGPL-3.0+
@@ -30,7 +30,6 @@ Source2:        https://fedorahosted.org/released/sssd/sssd-%version.tar.gz.asc
 Source3:        baselibs.conf
 Patch1:         0005-implicit-decl.diff
 Patch2:         sssd-ldflags.diff
-Patch3:         sssd-no-ldb-check.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %define servicename sssd
@@ -63,6 +62,7 @@ BuildRequires:  pkgconfig(ldb) >= 0.9.2
 BuildRequires:  pkgconfig(libcares)
 BuildRequires:  pkgconfig(libnl-1) >= 1.1
 BuildRequires:  pkgconfig(libpcre) >= 7
+BuildRequires:  pkgconfig(ndr_nbt)
 BuildRequires:  pkgconfig(openssl)
 BuildRequires:  pkgconfig(popt)
 BuildRequires:  pkgconfig(python)
@@ -85,7 +85,9 @@ BuildRequires:  libtevent-devel
 BuildRequires:  pcre-devel >= 7
 BuildRequires:  popt-devel
 BuildRequires:  python-devel
+BuildRequires:  samba-devel >= 4
 %endif
+BuildRequires:  samba-libs >= 4
 %if 0%{?suse_version} >= 1220
 BuildRequires:  libxml2-tools
 BuildRequires:  libxslt-tools
@@ -204,7 +206,7 @@ Security Services Daemon (sssd).
 %prep
 %{?gpg_verify: %gpg_verify %{S:2}}
 %setup -q
-%patch -P 1 -P 2 -P 3 -p1
+#%patch -P 1 -P 2 -p1
 
 %build
 %if 0%{?suse_version} < 1210
@@ -231,7 +233,9 @@ autoreconf -fi;
     --with-ldb-lib-dir="$LDB_DIR" \
     --with-selinux=no \
     --with-os=suse \
-    --with-semanage=no
+    --with-semanage=no \
+    --disable-ldb-version-check \
+    --disable-pac-responder
 
 make %{?_smp_mflags} all