Accepting request 202695 from GNOME:Factory

- Add accountsservice-remotePW-verification.patch: treat NULL
  shadow entry as "password handled remotely" (bnc#844933,
  bgo#708997, fdo#70005). (forwarded request 202694 from dimstar)

OBS-URL: https://build.opensuse.org/request/show/202695
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/accountsservice?expand=0&rev=37

accountsservice-remotePW-verification.patch

@@ -0,0 +1,33 @@
+From 631c57790fe79ee70d79522eb1b3e461e2899d82 Mon Sep 17 00:00:00 2001
+From: Ray Strode <rstrode@redhat.com>
+Date: Tue, 01 Oct 2013 14:50:46 +0000
+Subject: user: treat NULL shadow entry as "password handled remotely"
+
+Right now we set the password mode of a user based on the password
+hash in shadow.  SSSD (and other remote login facilities
+presumably) don't send the password hash over the wire to the client,
+but of course those users do have a password set.
+
+This commit changes the code to notice when there's no shadow entry
+for a user and treat that case conservatively (assume user has a password).
+
+Related to: https://bugzilla.gnome.org/show_bug.cgi?id=708997
+
+https://bugs.freedesktop.org/show_bug.cgi?id=70005
+---
+diff --git a/src/user.c b/src/user.c
+index 1f28e78..76cb470 100644
+--- a/src/user.c
++++ b/src/user.c
+@@ -271,7 +271,7 @@ user_update_from_pwent (User          *user,
+                 g_object_notify (G_OBJECT (user), "locked");
+         }
+ 
+-        if (passwd && passwd[0] != 0) {
++        if (passwd == NULL || passwd[0] != 0) {
+                 mode = PASSWORD_MODE_REGULAR;
+         }
+         else {
+--
+cgit v0.9.0.2-2-gbebe
+

accountsservice.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Oct  9 11:51:08 UTC 2013 - dimstar@opensuse.org
+
+- Add accountsservice-remotePW-verification.patch: treat NULL
+  shadow entry as "password handled remotely" (bnc#844933,
+  bgo#708997, fdo#70005).
+
 -------------------------------------------------------------------
 Fri Jun 21 17:39:36 UTC 2013 - dimstar@opensuse.org
 

accountsservice.spec

@@ -29,6 +29,8 @@ Source:         http://www.freedesktop.org/software/accountsservice/%{name}-%{ve
 Patch0:         accountsservice-sysconfig.patch
 # PATCH-FIX-OPENSUSE accountsservice-filter-suse-accounts.patch vuntz@opensuse.org -- Filter out some system users that are specific to openSUSE
 Patch1:         accountsservice-filter-suse-accounts.patch
+# PATCH-FIX-UPSTREAM accountsservice-remotePW-verification.patch bnc#844933 bgo#708997 fdo#70005 dimstar@opensuse.org -- treat NULL shadow entry as "password handled remotely"
+Patch2:         accountsservice-remotePW-verification.patch
 # needed for patch0
 BuildRequires:  gnome-common
 BuildRequires:  gobject-introspection-devel
@@ -89,6 +91,7 @@ querying and manipulating user account information.
 %setup -q
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 %build
 # needed for patch0