SHA256
1
0
forked from pool/pam
OBS User unknown 2009-07-03 14:56:58 +00:00 committed by Git OBS Bridge
parent 408eab8861
commit b6040d5db8
3 changed files with 199 additions and 1 deletions

185
Linux-PAM-1.1.0-CVS.diff Normal file
View File

@ -0,0 +1,185 @@
? make.log
Index: ChangeLog
===================================================================
RCS file: /cvsroot/pam/Linux-PAM/ChangeLog,v
retrieving revision 1.464
retrieving revision 1.467
diff -u -r1.464 -r1.467
--- ChangeLog 19 Jun 2009 14:45:29 -0000 1.464
+++ ChangeLog 26 Jun 2009 12:23:28 -0000 1.467
@@ -1,3 +1,16 @@
+2009-06-26 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_unix/pam_unix_passwd.c: Remove dead SELinux
+ code.
+
+ * modules/pam_lastlog/pam_lastlog.c (last_login_failed): Fix
+ usage of wrong variable [bug#2809661].
+
+2009-06-25 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * configure.in: Rename crypt_gensalt_rn to crypt_gensalt_r
+ * modules/pam_unix/passverify.c: Likewise.
+
2009-06-19 Thorsten Kukuk <kukuk@thkukuk.de>
* release version 1.1.0
Index: configure.in
===================================================================
RCS file: /cvsroot/pam/Linux-PAM/configure.in,v
retrieving revision 1.135
retrieving revision 1.136
diff -u -r1.135 -r1.136
--- configure.in 19 Jun 2009 14:45:30 -0000 1.135
+++ configure.in 26 Jun 2009 09:55:25 -0000 1.136
@@ -363,8 +363,8 @@
AC_CHECK_HEADERS(xcrypt.h crypt.h)
BACKUP_LIBS=$LIBS
AC_SEARCH_LIBS([crypt],[xcrypt crypt], LIBCRYPT="-l$ac_lib", LIBCRYPT="")
-AC_CHECK_FUNCS(crypt_r crypt_gensalt_rn)
-LIBS=$BACKUP_LIBS
+AC_CHECK_FUNCS(crypt_r crypt_gensalt_r)
+Libs=$BACKUP_LIBS
AC_SUBST(LIBCRYPT)
if test "$LIBCRYPT" = "-lxcrypt" -a "$ac_cv_header_xcrypt_h" = "yes" ; then
AC_DEFINE([HAVE_LIBXCRYPT], 1, [Define to 1 if xcrypt support should be compiled in.])
Index: modules/pam_lastlog/pam_lastlog.c
===================================================================
RCS file: /cvsroot/pam/Linux-PAM/modules/pam_lastlog/pam_lastlog.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- modules/pam_lastlog/pam_lastlog.c 30 Sep 2008 14:40:39 -0000 1.24
+++ modules/pam_lastlog/pam_lastlog.c 26 Jun 2009 12:07:11 -0000 1.25
@@ -454,7 +454,7 @@
goto cleanup;
}
}
-
+
if (line != NULL || date != NULL || host != NULL) {
/* TRANSLATORS: "Last failed login: <date> from <host> on <terminal>" */
pam_info(pamh, _("Last failed login:%s%s%s"),
@@ -471,7 +471,7 @@
failed),
failed);
#else
- if (daysleft == 1)
+ if (failed == 1)
retval = asprintf(&line,
_("There was %d failed login attempt since the last successful login."),
failed);
Index: modules/pam_unix/pam_unix_passwd.c
===================================================================
RCS file: /cvsroot/pam/Linux-PAM/modules/pam_unix/pam_unix_passwd.c,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- modules/pam_unix/pam_unix_passwd.c 11 May 2009 14:52:31 -0000 1.55
+++ modules/pam_unix/pam_unix_passwd.c 26 Jun 2009 12:23:28 -0000 1.56
@@ -1,7 +1,7 @@
/*
* Main coding by Elliot Lee <sopwith@redhat.com>, Red Hat Software.
* Copyright (C) 1996.
- * Copyright (c) Jan Rêkorajski, 1999.
+ * Copyright (c) Jan Rêkorajski, 1999.
* Copyright (c) Red Hat, Inc., 2007, 2008.
*
* Redistribution and use in source and binary forms, with or without
@@ -61,11 +61,6 @@
#include <signal.h>
#include <errno.h>
#include <sys/wait.h>
-#ifdef WITH_SELINUX
-static int selinux_enabled=-1;
-#include <selinux/selinux.h>
-#define SELINUX_ENABLED (selinux_enabled!=-1 ? selinux_enabled : (selinux_enabled=is_selinux_enabled()>0))
-#endif
#include <security/_pam_macros.h>
@@ -196,7 +191,7 @@
snprintf(buffer, sizeof(buffer), "%d", remember);
args[4] = x_strdup(buffer);
-
+
execve(UPDATE_HELPER, args, envp);
/* should not get here: exit with error */
@@ -698,7 +693,7 @@
pass_new = NULL;
}
retval = _pam_unix_approve_pass(pamh, ctrl, pass_old, pass_new);
-
+
if (retval != PAM_SUCCESS && off(UNIX_NOT_SET_PASS, ctrl)) {
pam_set_item(pamh, PAM_AUTHTOK, NULL);
}
Index: modules/pam_unix/passverify.c
===================================================================
RCS file: /cvsroot/pam/Linux-PAM/modules/pam_unix/passverify.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- modules/pam_unix/passverify.c 25 Mar 2009 10:54:23 -0000 1.12
+++ modules/pam_unix/passverify.c 26 Jun 2009 09:55:25 -0000 1.13
@@ -274,7 +274,7 @@
}
if ((curdays - spent->sp_lstchg < spent->sp_min)
&& (spent->sp_min != -1)) {
- /*
+ /*
* The last password change was too recent. This error will be ignored
* if no password change is attempted.
*/
@@ -403,11 +403,11 @@
return crypted;
}
-#ifdef HAVE_CRYPT_GENSALT_RN
+#ifdef HAVE_CRYPT_GENSALT_R
if (on(UNIX_BLOWFISH_PASS, ctrl)) {
char entropy[17];
crypt_make_salt(entropy, sizeof(entropy) - 1);
- sp = crypt_gensalt_rn(algoid, rounds,
+ sp = crypt_gensalt_r (algoid, rounds,
entropy, sizeof(entropy),
salt, sizeof(salt));
} else {
@@ -420,7 +420,7 @@
/* For now be conservative so the resulting hashes
* are not too long. 8 bytes of salt prevents dictionary
* attacks well enough. */
-#ifdef HAVE_CRYPT_GENSALT_RN
+#ifdef HAVE_CRYPT_GENSALT_R
}
#endif
sp = crypt(password, salt);
@@ -684,7 +684,7 @@
D(("fflush or fsync error writing entries to old passwords file: %m"));
err = 1;
}
-
+
if (fclose(pwfile)) {
D(("fclose error writing entries to old passwords file: %m"));
err = 1;
@@ -804,7 +804,7 @@
D(("fflush or fsync error writing entries to password file: %m"));
err = 1;
}
-
+
if (fclose(pwfile)) {
D(("fclose error writing entries to password file: %m"));
err = 1;
@@ -930,7 +930,7 @@
D(("fflush or fsync error writing entries to shadow file: %m"));
err = 1;
}
-
+
if (fclose(pwfile)) {
D(("fclose error writing entries to shadow file: %m"));
err = 1;

View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Fri Jun 26 14:46:21 CEST 2009 - kukuk@suse.de
- Add fixes from CVS
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Jun 24 09:52:29 CEST 2009 - kukuk@suse.de Wed Jun 24 09:52:29 CEST 2009 - kukuk@suse.de

View File

@ -44,7 +44,7 @@ Obsoletes: pam-64bit
%endif %endif
# #
Version: 1.1.0 Version: 1.1.0
Release: 1 Release: 2
Summary: A Security Tool that Provides Authentication for Applications Summary: A Security Tool that Provides Authentication for Applications
Source: Linux-PAM-%{version}.tar.bz2 Source: Linux-PAM-%{version}.tar.bz2
Source1: Linux-PAM-%{version}-docs.tar.bz2 Source1: Linux-PAM-%{version}-docs.tar.bz2
@ -56,6 +56,7 @@ Source6: common-password.pamd
Source7: common-session.pamd Source7: common-session.pamd
Source8: etc.environment Source8: etc.environment
Patch: pam_tally-deprecated.diff Patch: pam_tally-deprecated.diff
Patch1: Linux-PAM-1.1.0-CVS.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description %description
@ -104,8 +105,15 @@ building both PAM-aware applications and modules for use with PAM.
%prep %prep
%setup -q -n Linux-PAM-%{version} -b 1 %setup -q -n Linux-PAM-%{version} -b 1
%patch -p0 %patch -p0
%patch1 -p0
%build %build
aclocal -I m4 --install --force
autoheader
libtoolize --force --automake --copy
automake --add-missing --copy
autoreconf
chmod 755 configure
CFLAGS="$RPM_OPT_FLAGS -DNDEBUG" \ CFLAGS="$RPM_OPT_FLAGS -DNDEBUG" \
./configure \ ./configure \
--infodir=%{_infodir} \ --infodir=%{_infodir} \