This commit is contained in:
parent
408eab8861
commit
b6040d5db8
185
Linux-PAM-1.1.0-CVS.diff
Normal file
185
Linux-PAM-1.1.0-CVS.diff
Normal file
@ -0,0 +1,185 @@
|
|||||||
|
? make.log
|
||||||
|
Index: ChangeLog
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/pam/Linux-PAM/ChangeLog,v
|
||||||
|
retrieving revision 1.464
|
||||||
|
retrieving revision 1.467
|
||||||
|
diff -u -r1.464 -r1.467
|
||||||
|
--- ChangeLog 19 Jun 2009 14:45:29 -0000 1.464
|
||||||
|
+++ ChangeLog 26 Jun 2009 12:23:28 -0000 1.467
|
||||||
|
@@ -1,3 +1,16 @@
|
||||||
|
+2009-06-26 Thorsten Kukuk <kukuk@thkukuk.de>
|
||||||
|
+
|
||||||
|
+ * modules/pam_unix/pam_unix_passwd.c: Remove dead SELinux
|
||||||
|
+ code.
|
||||||
|
+
|
||||||
|
+ * modules/pam_lastlog/pam_lastlog.c (last_login_failed): Fix
|
||||||
|
+ usage of wrong variable [bug#2809661].
|
||||||
|
+
|
||||||
|
+2009-06-25 Thorsten Kukuk <kukuk@thkukuk.de>
|
||||||
|
+
|
||||||
|
+ * configure.in: Rename crypt_gensalt_rn to crypt_gensalt_r
|
||||||
|
+ * modules/pam_unix/passverify.c: Likewise.
|
||||||
|
+
|
||||||
|
2009-06-19 Thorsten Kukuk <kukuk@thkukuk.de>
|
||||||
|
|
||||||
|
* release version 1.1.0
|
||||||
|
Index: configure.in
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/pam/Linux-PAM/configure.in,v
|
||||||
|
retrieving revision 1.135
|
||||||
|
retrieving revision 1.136
|
||||||
|
diff -u -r1.135 -r1.136
|
||||||
|
--- configure.in 19 Jun 2009 14:45:30 -0000 1.135
|
||||||
|
+++ configure.in 26 Jun 2009 09:55:25 -0000 1.136
|
||||||
|
@@ -363,8 +363,8 @@
|
||||||
|
AC_CHECK_HEADERS(xcrypt.h crypt.h)
|
||||||
|
BACKUP_LIBS=$LIBS
|
||||||
|
AC_SEARCH_LIBS([crypt],[xcrypt crypt], LIBCRYPT="-l$ac_lib", LIBCRYPT="")
|
||||||
|
-AC_CHECK_FUNCS(crypt_r crypt_gensalt_rn)
|
||||||
|
-LIBS=$BACKUP_LIBS
|
||||||
|
+AC_CHECK_FUNCS(crypt_r crypt_gensalt_r)
|
||||||
|
+Libs=$BACKUP_LIBS
|
||||||
|
AC_SUBST(LIBCRYPT)
|
||||||
|
if test "$LIBCRYPT" = "-lxcrypt" -a "$ac_cv_header_xcrypt_h" = "yes" ; then
|
||||||
|
AC_DEFINE([HAVE_LIBXCRYPT], 1, [Define to 1 if xcrypt support should be compiled in.])
|
||||||
|
Index: modules/pam_lastlog/pam_lastlog.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/pam/Linux-PAM/modules/pam_lastlog/pam_lastlog.c,v
|
||||||
|
retrieving revision 1.24
|
||||||
|
retrieving revision 1.25
|
||||||
|
diff -u -r1.24 -r1.25
|
||||||
|
--- modules/pam_lastlog/pam_lastlog.c 30 Sep 2008 14:40:39 -0000 1.24
|
||||||
|
+++ modules/pam_lastlog/pam_lastlog.c 26 Jun 2009 12:07:11 -0000 1.25
|
||||||
|
@@ -454,7 +454,7 @@
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
-
|
||||||
|
+
|
||||||
|
if (line != NULL || date != NULL || host != NULL) {
|
||||||
|
/* TRANSLATORS: "Last failed login: <date> from <host> on <terminal>" */
|
||||||
|
pam_info(pamh, _("Last failed login:%s%s%s"),
|
||||||
|
@@ -471,7 +471,7 @@
|
||||||
|
failed),
|
||||||
|
failed);
|
||||||
|
#else
|
||||||
|
- if (daysleft == 1)
|
||||||
|
+ if (failed == 1)
|
||||||
|
retval = asprintf(&line,
|
||||||
|
_("There was %d failed login attempt since the last successful login."),
|
||||||
|
failed);
|
||||||
|
Index: modules/pam_unix/pam_unix_passwd.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/pam/Linux-PAM/modules/pam_unix/pam_unix_passwd.c,v
|
||||||
|
retrieving revision 1.55
|
||||||
|
retrieving revision 1.56
|
||||||
|
diff -u -r1.55 -r1.56
|
||||||
|
--- modules/pam_unix/pam_unix_passwd.c 11 May 2009 14:52:31 -0000 1.55
|
||||||
|
+++ modules/pam_unix/pam_unix_passwd.c 26 Jun 2009 12:23:28 -0000 1.56
|
||||||
|
@@ -1,7 +1,7 @@
|
||||||
|
/*
|
||||||
|
* Main coding by Elliot Lee <sopwith@redhat.com>, Red Hat Software.
|
||||||
|
* Copyright (C) 1996.
|
||||||
|
- * Copyright (c) Jan Rêkorajski, 1999.
|
||||||
|
+ * Copyright (c) Jan Rêkorajski, 1999.
|
||||||
|
* Copyright (c) Red Hat, Inc., 2007, 2008.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
@@ -61,11 +61,6 @@
|
||||||
|
#include <signal.h>
|
||||||
|
#include <errno.h>
|
||||||
|
#include <sys/wait.h>
|
||||||
|
-#ifdef WITH_SELINUX
|
||||||
|
-static int selinux_enabled=-1;
|
||||||
|
-#include <selinux/selinux.h>
|
||||||
|
-#define SELINUX_ENABLED (selinux_enabled!=-1 ? selinux_enabled : (selinux_enabled=is_selinux_enabled()>0))
|
||||||
|
-#endif
|
||||||
|
|
||||||
|
#include <security/_pam_macros.h>
|
||||||
|
|
||||||
|
@@ -196,7 +191,7 @@
|
||||||
|
|
||||||
|
snprintf(buffer, sizeof(buffer), "%d", remember);
|
||||||
|
args[4] = x_strdup(buffer);
|
||||||
|
-
|
||||||
|
+
|
||||||
|
execve(UPDATE_HELPER, args, envp);
|
||||||
|
|
||||||
|
/* should not get here: exit with error */
|
||||||
|
@@ -698,7 +693,7 @@
|
||||||
|
pass_new = NULL;
|
||||||
|
}
|
||||||
|
retval = _pam_unix_approve_pass(pamh, ctrl, pass_old, pass_new);
|
||||||
|
-
|
||||||
|
+
|
||||||
|
if (retval != PAM_SUCCESS && off(UNIX_NOT_SET_PASS, ctrl)) {
|
||||||
|
pam_set_item(pamh, PAM_AUTHTOK, NULL);
|
||||||
|
}
|
||||||
|
Index: modules/pam_unix/passverify.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/pam/Linux-PAM/modules/pam_unix/passverify.c,v
|
||||||
|
retrieving revision 1.12
|
||||||
|
retrieving revision 1.13
|
||||||
|
diff -u -r1.12 -r1.13
|
||||||
|
--- modules/pam_unix/passverify.c 25 Mar 2009 10:54:23 -0000 1.12
|
||||||
|
+++ modules/pam_unix/passverify.c 26 Jun 2009 09:55:25 -0000 1.13
|
||||||
|
@@ -274,7 +274,7 @@
|
||||||
|
}
|
||||||
|
if ((curdays - spent->sp_lstchg < spent->sp_min)
|
||||||
|
&& (spent->sp_min != -1)) {
|
||||||
|
- /*
|
||||||
|
+ /*
|
||||||
|
* The last password change was too recent. This error will be ignored
|
||||||
|
* if no password change is attempted.
|
||||||
|
*/
|
||||||
|
@@ -403,11 +403,11 @@
|
||||||
|
return crypted;
|
||||||
|
}
|
||||||
|
|
||||||
|
-#ifdef HAVE_CRYPT_GENSALT_RN
|
||||||
|
+#ifdef HAVE_CRYPT_GENSALT_R
|
||||||
|
if (on(UNIX_BLOWFISH_PASS, ctrl)) {
|
||||||
|
char entropy[17];
|
||||||
|
crypt_make_salt(entropy, sizeof(entropy) - 1);
|
||||||
|
- sp = crypt_gensalt_rn(algoid, rounds,
|
||||||
|
+ sp = crypt_gensalt_r (algoid, rounds,
|
||||||
|
entropy, sizeof(entropy),
|
||||||
|
salt, sizeof(salt));
|
||||||
|
} else {
|
||||||
|
@@ -420,7 +420,7 @@
|
||||||
|
/* For now be conservative so the resulting hashes
|
||||||
|
* are not too long. 8 bytes of salt prevents dictionary
|
||||||
|
* attacks well enough. */
|
||||||
|
-#ifdef HAVE_CRYPT_GENSALT_RN
|
||||||
|
+#ifdef HAVE_CRYPT_GENSALT_R
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
sp = crypt(password, salt);
|
||||||
|
@@ -684,7 +684,7 @@
|
||||||
|
D(("fflush or fsync error writing entries to old passwords file: %m"));
|
||||||
|
err = 1;
|
||||||
|
}
|
||||||
|
-
|
||||||
|
+
|
||||||
|
if (fclose(pwfile)) {
|
||||||
|
D(("fclose error writing entries to old passwords file: %m"));
|
||||||
|
err = 1;
|
||||||
|
@@ -804,7 +804,7 @@
|
||||||
|
D(("fflush or fsync error writing entries to password file: %m"));
|
||||||
|
err = 1;
|
||||||
|
}
|
||||||
|
-
|
||||||
|
+
|
||||||
|
if (fclose(pwfile)) {
|
||||||
|
D(("fclose error writing entries to password file: %m"));
|
||||||
|
err = 1;
|
||||||
|
@@ -930,7 +930,7 @@
|
||||||
|
D(("fflush or fsync error writing entries to shadow file: %m"));
|
||||||
|
err = 1;
|
||||||
|
}
|
||||||
|
-
|
||||||
|
+
|
||||||
|
if (fclose(pwfile)) {
|
||||||
|
D(("fclose error writing entries to shadow file: %m"));
|
||||||
|
err = 1;
|
@ -1,3 +1,8 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Jun 26 14:46:21 CEST 2009 - kukuk@suse.de
|
||||||
|
|
||||||
|
- Add fixes from CVS
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Jun 24 09:52:29 CEST 2009 - kukuk@suse.de
|
Wed Jun 24 09:52:29 CEST 2009 - kukuk@suse.de
|
||||||
|
|
||||||
|
10
pam.spec
10
pam.spec
@ -44,7 +44,7 @@ Obsoletes: pam-64bit
|
|||||||
%endif
|
%endif
|
||||||
#
|
#
|
||||||
Version: 1.1.0
|
Version: 1.1.0
|
||||||
Release: 1
|
Release: 2
|
||||||
Summary: A Security Tool that Provides Authentication for Applications
|
Summary: A Security Tool that Provides Authentication for Applications
|
||||||
Source: Linux-PAM-%{version}.tar.bz2
|
Source: Linux-PAM-%{version}.tar.bz2
|
||||||
Source1: Linux-PAM-%{version}-docs.tar.bz2
|
Source1: Linux-PAM-%{version}-docs.tar.bz2
|
||||||
@ -56,6 +56,7 @@ Source6: common-password.pamd
|
|||||||
Source7: common-session.pamd
|
Source7: common-session.pamd
|
||||||
Source8: etc.environment
|
Source8: etc.environment
|
||||||
Patch: pam_tally-deprecated.diff
|
Patch: pam_tally-deprecated.diff
|
||||||
|
Patch1: Linux-PAM-1.1.0-CVS.diff
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@ -104,8 +105,15 @@ building both PAM-aware applications and modules for use with PAM.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q -n Linux-PAM-%{version} -b 1
|
%setup -q -n Linux-PAM-%{version} -b 1
|
||||||
%patch -p0
|
%patch -p0
|
||||||
|
%patch1 -p0
|
||||||
|
|
||||||
%build
|
%build
|
||||||
|
aclocal -I m4 --install --force
|
||||||
|
autoheader
|
||||||
|
libtoolize --force --automake --copy
|
||||||
|
automake --add-missing --copy
|
||||||
|
autoreconf
|
||||||
|
chmod 755 configure
|
||||||
CFLAGS="$RPM_OPT_FLAGS -DNDEBUG" \
|
CFLAGS="$RPM_OPT_FLAGS -DNDEBUG" \
|
||||||
./configure \
|
./configure \
|
||||||
--infodir=%{_infodir} \
|
--infodir=%{_infodir} \
|
||||||
|
Loading…
Reference in New Issue
Block a user