svn commit: r378208 - in head/security/sssd: . files
Thomas Zander
riggs at FreeBSD.org
Sat Jan 31 13:53:59 UTC 2015
Author: riggs
Date: Sat Jan 31 13:53:54 2015
New Revision: 378208
URL: https://svnweb.freebsd.org/changeset/ports/378208
QAT: https://qat.redports.org/buildarchive/r378208/
Log:
- Update to upstream version 1.11.7
- Add non-default SMB (samba) option
PR: 194155
Submitted by: syepes at gmail.com
Reviewed by: lukas.slebodnik at intrak.sk (maintainer), riggs
Approved by: lukas.slebodnik at intrak.sk (maintainer)
Added:
head/security/sssd/files/patch-src__util__signal.c (contents, props changed)
Deleted:
head/security/sssd/files/pam_macros.h
head/security/sssd/files/patch-src__man__pam_sss.8.xml
head/security/sssd/files/patch-src__providers__ad__ad_access.c
head/security/sssd/files/patch-src__providers__ad__ad_common.c
head/security/sssd/files/patch-src__providers__fail_over.c
head/security/sssd/files/patch-src__providers__ipa__ipa_common.c
head/security/sssd/files/patch-src__providers__ldap__sdap_async_sudo_hostinfo.c
head/security/sssd/files/patch-src__resolv__async_resolv.c
head/security/sssd/files/patch-src__sss_client__pam_sss.c
head/security/sssd/files/patch-src__sss_client__pam_test_client.c
Modified:
head/security/sssd/Makefile
head/security/sssd/distinfo
head/security/sssd/files/patch-Makefile.am
head/security/sssd/files/patch-src__confdb__confdb.c
head/security/sssd/files/patch-src__external__inotify.m4
head/security/sssd/files/patch-src__external__krb5.m4
head/security/sssd/files/patch-src__external__pac_responder.m4
head/security/sssd/files/patch-src__providers__krb5__krb5_delayed_online_authentication.c
head/security/sssd/files/patch-src__providers__ldap__ldap_auth.c
head/security/sssd/files/patch-src__providers__ldap__sdap_access.c
head/security/sssd/files/patch-src__sss_client__common.c
head/security/sssd/files/patch-src__sss_client__nss_group.c
head/security/sssd/files/patch-src__sss_client__sss_nss.exports
head/security/sssd/files/patch-src__util__crypto__libcrypto__crypto_sha512crypt.c
head/security/sssd/files/patch-src__util__crypto__nss__nss_sha512crypt.c
head/security/sssd/files/patch-src__util__find_uid.c
head/security/sssd/files/patch-src__util__server.c
head/security/sssd/files/patch-src__util__sss_ldap.c
head/security/sssd/files/patch-src__util__util.h
head/security/sssd/pkg-plist
Modified: head/security/sssd/Makefile
==============================================================================
--- head/security/sssd/Makefile Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/Makefile Sat Jan 31 13:53:54 2015 (r378208)
@@ -2,8 +2,7 @@
# $FreeBSD$
PORTNAME= sssd
-DISTVERSION= 1.9.6
-PORTREVISION= 9
+DISTVERSION= 1.11.7
CATEGORIES= security
MASTER_SITES= https://fedorahosted.org/released/${PORTNAME}/ \
http://mirrors.rit.edu/zi/
@@ -36,15 +35,15 @@ BUILD_DEPENDS= xmlcatalog:${PORTSDIR}/te
GNU_CONFIGURE= yes
CONFIGURE_ARGS= --with-selinux=no --with-semanage=no \
- --with-ldb-lib-dir=${LOCALBASE}/lib/shared-modules/ldb/ \
+ --with-ldb-lib-dir=${LOCALBASE}/lib/shared-modules/ldb \
--with-xml-catalog-path=${LOCALBASE}/share/xml/catalog \
--with-libnl=no --with-init-dir=no --datadir=${DATADIR} \
--docdir=${DOCSDIR} --with-pid-path=/var/run \
--localstatedir=/var --enable-pammoddir=${PREFIX}/lib \
--with-db-path=/var/db/sss --with-pipe-path=/var/run/sss \
--with-pubconf-path=/var/run/sss --with-mcache-path=/var/db/sss_mc \
- --with-unicode-lib=libunistring --with-autofs=no
-CONFIGURE_ENV= XMLLINT="/bin/echo"
+ --with-unicode-lib=libunistring --with-autofs=no \
+ --disable-cifs-idmap-plugin --disable-config-lib
CFLAGS+= -fstack-protector-all
PLIST_SUB= PYTHON_VER=${PYTHON_VER}
#DEBUG_FLAGS= -g
@@ -55,14 +54,23 @@ USE_AUTOTOOLS= libtoolize aclocal autoco
AUTOMAKE_ARGS= -a -c -f
USE_LDCONFIG= yes
USE_OPENLDAP= yes
-USES= gettext gmake iconv libtool pathfix pkgconfig python shebangfix
+USES= gettext gmake iconv libtool pathfix pkgconfig python:2 shebangfix
PATHFIX_MAKEFILEIN= Makefile.am
-SHEBANG_FILES= src/tools/sss_obfuscate
+
+python_CMD= ${SETENV} python2
+SHEBANG_FILES= src/tools/sss_obfuscate \
+ src/sbus/sbus_codegen
USE_RC_SUBR= ${PORTNAME}
PORTDATA= *
-OPTIONS_DEFINE= DOCS
+OPTIONS_DEFINE= DOCS SMB
+OPTIONS_DEFAULT= DOCS
+OPTIONS_SUB= yes
+
+SMB_DESC= Install IPA and AD providers (requires Samba4)
+SMB_BUILD_DEPENDS= samba41>=4.1.0:${PORTSDIR}/net/samba41
+SMB_CONFIGURE_WITH= samba
.include <bsd.port.options.mk>
@@ -72,35 +80,22 @@ BROKEN= Does not link on ia64, powerpc,
post-patch:
@${REINPLACE_CMD} -e 's|SIGCLD|SIGCHLD|g' ${WRKSRC}/src/util/signal.c
- @${REINPLACE_CMD} -e '/#define SIZE_T_MAX ((size_t) -1)/d' \
- ${WRKSRC}/src/util/util.h
- @${REINPLACE_CMD} -e '/pam_misc/d' \
- ${WRKSRC}/src/sss_client/pam_test_client.c
- @${REINPLACE_CMD} -e 's|security/pam_misc.h||g' \
- ${WRKSRC}/configure.ac ${WRKSRC}/src/external/pam.m4
@${REINPLACE_CMD} -e 's|NSS_STATUS_NOTFOUND|NS_NOTFOUND|g' \
-e 's|NSS_STATUS_UNAVAIL|NS_UNAVAIL|g' \
-e 's|NSS_STATUS_TRYAGAIN|NS_TRYAGAIN|g' \
-e '/ETIME/d' \
-e 's|NSS_STATUS_SUCCESS|NS_SUCCESS|g' \
${WRKSRC}/src/sss_client/common.c
- @${REINPLACE_CMD} -e 's|security/_pam_macros.h|pam_macros.h|g' \
- ${WRKSRC}/src/sss_client/sss_pam_macros.h
- @${REINPLACE_CMD} -e 's|#include <security/pam_modutil.h>||g' \
- -e 's|PAM_BAD_ITEM|PAM_USER_UNKNOWN|g' \
- -e 's|security/pam_ext.h|security/pam_appl.h|g' \
+ @${REINPLACE_CMD} \
-e 's|pam_modutil_getlogin(pamh)|getlogin()|g' \
- -e 's|pam_vsyslog(pamh,|vsyslog(|g' \
${WRKSRC}/src/sss_client/pam_sss.c
@${REINPLACE_CMD} \
-e 's|install-data-hook install-dist_initSCRIPTS|install-dist_initSCRIPTS|g' \
-e 's|install-data-hook|notinstall-data-hook|g' \
- -e 's| -lpam_misc||g' \
${WRKSRC}/Makefile.am
@${REINPLACE_CMD} -e 's|/etc/sssd/|${ETCDIR}/|g' \
-e 's|/etc/openldap/|${LOCALBASE}/etc/openldap/|g' \
${WRKSRC}/src/man/*xml
- @${CP} ${FILESDIR}/pam_macros.h ${WRKSRC}/pam_macros.h
@${CP} ${FILESDIR}/bsdnss.c ${WRKSRC}/src/sss_client/bsdnss.c
@${CP} ${FILESDIR}/sss_bsd_errno.h ${WRKSRC}/src/util/sss_bsd_errno.h
@@ -112,5 +107,9 @@ post-install:
.for VARDIRS in db/sss db/sss_mc log/sssd run/sss/krb5.include.d run/sss/private run/sss
@${RMDIR} ${STAGEDIR}/var/${VARDIRS}
.endfor
+ # clean unused man dirs
+.for i in nl/man1 nl/man5 pt/man1 pt/man5
+ @${RMDIR} ${STAGEDIR}${PREFIX}/man/${i}
+.endfor
.include <bsd.port.mk>
Modified: head/security/sssd/distinfo
==============================================================================
--- head/security/sssd/distinfo Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/distinfo Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,2 +1,2 @@
-SHA256 (sssd-1.9.6.tar.gz) = ca96e8d98eb4113396b13d9601dbdd20f4b2f2613d0f29a0157ffd05e3748601
-SIZE (sssd-1.9.6.tar.gz) = 3180066
+SHA256 (sssd-1.11.7.tar.gz) = ff12d5730a6d7d08fe11140aa58e544900b75c63902b7a07bbbc12d6a99cb5b5
+SIZE (sssd-1.11.7.tar.gz) = 3661227
Modified: head/security/sssd/files/patch-Makefile.am
==============================================================================
--- head/security/sssd/files/patch-Makefile.am Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-Makefile.am Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,17 +1,16 @@
-From e40f55767383f300f71103ca404b7839b8499104 Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 6 Nov 2013 22:01:20 +0100
-Subject: [PATCH 01/25] patch-Makefile.am
-
----
- Makefile.am | 10 ++++++----
- 1 file changed, 6 insertions(+), 4 deletions(-)
-
diff --git Makefile.am Makefile.am
-index 04df7cb..e2558f7 100644
+index fd74d85..4a7e6ae 100644
--- Makefile.am
+++ Makefile.am
-@@ -318,6 +318,7 @@ SSSD_LIBS = \
+@@ -311,6 +311,7 @@ AM_CPPFLAGS = \
+ $(LIBNL_CFLAGS) \
+ $(OPENLDAP_CFLAGS) \
+ $(GLIB2_CFLAGS) \
++ -DHOST_NAME_MAX=_POSIX_HOST_NAME_MAX \
+ -DLIBDIR=\"$(libdir)\" \
+ -DVARDIR=\"$(localstatedir)\" \
+ -DSHLIBEXT=\"$(SHLIBEXT)\" \
+@@ -378,6 +379,7 @@ SSSD_LIBS = \
$(DHASH_LIBS) \
$(SSS_CRYPT_LIBS) \
$(OPENLDAP_LIBS) \
@@ -19,24 +18,15 @@ index 04df7cb..e2558f7 100644
$(TDB_LIBS)
PYTHON_BINDINGS_LIBS = \
-@@ -369,6 +370,7 @@ dist_noinst_HEADERS = \
- src/util/sss_selinux.h \
- src/util/sss_utf8.h \
+@@ -433,6 +435,7 @@ dist_noinst_HEADERS = \
src/util/sss_ssh.h \
+ src/util/sss_ini.h \
+ src/util/sss_format.h \
+ src/util/sss_bsd_errno.h \
src/util/refcount.h \
src/util/find_uid.h \
src/util/user_info_msg.h \
-@@ -1170,7 +1172,7 @@ noinst_PROGRAMS += autofs_test_client
- endif
-
- pam_test_client_SOURCES = src/sss_client/pam_test_client.c
--pam_test_client_LDFLAGS = -lpam -lpam_misc
-+pam_test_client_LDFLAGS = -lpam
-
- if BUILD_AUTOFS
- autofs_test_client_SOURCES = src/sss_client/autofs/autofs_test_client.c \
-@@ -1184,9 +1186,10 @@ endif
+@@ -1700,9 +1703,10 @@ endif
# Client Libraries #
####################
@@ -49,16 +39,19 @@ index 04df7cb..e2558f7 100644
src/sss_client/nss_passwd.c \
src/sss_client/nss_group.c \
src/sss_client/nss_netgroup.c \
-@@ -1198,7 +1201,7 @@ libnss_sss_la_SOURCES = \
+@@ -1715,9 +1719,9 @@ libnss_sss_la_SOURCES = \
src/sss_client/nss_mc_passwd.c \
src/sss_client/nss_mc_group.c \
src/sss_client/nss_mc.h
+-libnss_sss_la_LIBADD = \
++nss_sss_la_LIBADD = \
+ $(CLIENT_LIBS)
-libnss_sss_la_LDFLAGS = \
+nss_sss_la_LDFLAGS = \
- $(CLIENT_LIBS) \
-module \
-version-info 2:0:0 \
-@@ -1532,6 +1535,7 @@ ldap_child_LDADD = \
+ -Wl,--version-script,$(srcdir)/src/sss_client/sss_nss.exports
+@@ -2086,6 +2090,7 @@ ldap_child_LDADD = \
$(POPT_LIBS) \
$(OPENLDAP_LIBS) \
$(DHASH_LIBS) \
@@ -66,6 +59,3 @@ index 04df7cb..e2558f7 100644
$(KRB5_LIBS)
proxy_child_SOURCES = \
---
-1.8.0
-
Modified: head/security/sssd/files/patch-src__confdb__confdb.c
==============================================================================
--- head/security/sssd/files/patch-src__confdb__confdb.c Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__confdb__confdb.c Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,14 +1,5 @@
-From 756e37d0ef957b15d782d5dd87d24e9359541931 Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 6 Nov 2013 22:01:20 +0100
-Subject: [PATCH 02/25] patch-src__confdb__confdb.c
-
----
- src/confdb/confdb.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
diff --git src/confdb/confdb.c src/confdb/confdb.c
-index 72c74fe..78b69b8 100644
+index 19d8884..67720f7 100644
--- src/confdb/confdb.c
+++ src/confdb/confdb.c
@@ -28,6 +28,11 @@
@@ -23,6 +14,3 @@ index 72c74fe..78b69b8 100644
#define CONFDB_ZERO_CHECK_OR_JUMP(var, ret, err, label) do { \
if (!var) { \
ret = err; \
---
-1.8.0
-
Modified: head/security/sssd/files/patch-src__external__inotify.m4
==============================================================================
--- head/security/sssd/files/patch-src__external__inotify.m4 Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__external__inotify.m4 Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,14 +1,5 @@
-From 558989d6ac329b4036e02873fb7c981c5912040c Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lslebodn at redhat.com>
-Date: Thu, 7 Nov 2013 13:28:13 +0100
-Subject: [PATCH] patch-src__external__inotify.m4
-
----
- src/external/inotify.m4 | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
diff --git src/external/inotify.m4 src/external/inotify.m4
-index 9572f6d2fefedf8a1d6a2468c712a83e7db2969f..2a5a8cf00d80e0979dca50fd102c3dc2872b2970 100644
+index 9572f6d..2a5a8cf 100644
--- src/external/inotify.m4
+++ src/external/inotify.m4
@@ -20,10 +20,10 @@ int main () {
@@ -24,6 +15,3 @@ index 9572f6d2fefedf8a1d6a2468c712a83e7d
)
AS_IF([test x"$inotify_works" = xyes],
---
-1.8.3.1
-
Modified: head/security/sssd/files/patch-src__external__krb5.m4
==============================================================================
--- head/security/sssd/files/patch-src__external__krb5.m4 Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__external__krb5.m4 Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,14 +1,5 @@
-From b7947258702e250dbf569bb9cd74f1e73f0c94bb Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 30 Oct 2013 08:53:42 +0100
-Subject: [PATCH 1/4] patch-src__external__krb5.m4
-
----
- src/external/krb5.m4 | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
diff --git src/external/krb5.m4 src/external/krb5.m4
-index 71239c9..63c8ece 100644
+index 861c8c9..978ec03 100644
--- src/external/krb5.m4
+++ src/external/krb5.m4
@@ -9,7 +9,7 @@ if test x$KRB5_CFLAGS != x; then
@@ -20,6 +11,3 @@ index 71239c9..63c8ece 100644
AC_MSG_CHECKING(for working krb5-config)
if test -x "$KRB5_CONFIG"; then
KRB5_CFLAGS="`$KRB5_CONFIG --cflags`"
---
-1.8.0
-
Modified: head/security/sssd/files/patch-src__external__pac_responder.m4
==============================================================================
--- head/security/sssd/files/patch-src__external__pac_responder.m4 Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__external__pac_responder.m4 Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,17 +1,8 @@
-From b52128bc333fd4717a96950ef8fb4171f25fabcf Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 30 Oct 2013 08:54:41 +0100
-Subject: [PATCH 2/4] patch-src__external__pac_responder.m4
-
----
- src/external/pac_responder.m4 | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
diff --git src/external/pac_responder.m4 src/external/pac_responder.m4
-index 49d5cbb..2b4ca5c 100644
+index 6e29452..50bf4a8 100644
--- src/external/pac_responder.m4
+++ src/external/pac_responder.m4
-@@ -14,7 +14,7 @@ then
+@@ -14,14 +14,15 @@ then
PKG_CHECK_MODULES(NDR_KRB5PAC, ndr_krb5pac, ndr_krb5pac_ok=yes,
AC_MSG_WARN([Cannot build pac responder without libndr_krb5pac]))
@@ -20,6 +11,12 @@ index 49d5cbb..2b4ca5c 100644
AC_MSG_CHECKING(for supported MIT krb5 version)
KRB5_VERSION="`$KRB5_CONFIG --version`"
case $KRB5_VERSION in
---
-1.8.0
-
+ Kerberos\ 5\ release\ 1.9* | \
+ Kerberos\ 5\ release\ 1.10* | \
+ Kerberos\ 5\ release\ 1.11* | \
+- Kerberos\ 5\ release\ 1.12*)
++ Kerberos\ 5\ release\ 1.12* | \
++ Kerberos\ 5\ release\ 1.13*)
+ krb5_version_ok=yes
+ AC_MSG_RESULT([yes])
+ ;;
Modified: head/security/sssd/files/patch-src__providers__krb5__krb5_delayed_online_authentication.c
==============================================================================
--- head/security/sssd/files/patch-src__providers__krb5__krb5_delayed_online_authentication.c Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__providers__krb5__krb5_delayed_online_authentication.c Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,17 +1,8 @@
-From eba3efda911eb0212a98353740e13ad619aaa282 Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 6 Nov 2013 22:01:20 +0100
-Subject: [PATCH 09/25] patch-src__providers__krb5__krb5_delayed_online_authentication.c
-
----
- src/providers/krb5/krb5_delayed_online_authentication.c | 2 ++
- 1 file changed, 2 insertions(+)
-
diff --git src/providers/krb5/krb5_delayed_online_authentication.c src/providers/krb5/krb5_delayed_online_authentication.c
-index d5dea3b..da6b6bb 100644
+index 33b839e..da6ccfc 100644
--- src/providers/krb5/krb5_delayed_online_authentication.c
+++ src/providers/krb5/krb5_delayed_online_authentication.c
-@@ -296,6 +296,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx,
+@@ -320,6 +320,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx,
struct tevent_context *ev)
{
int ret;
@@ -19,14 +10,11 @@ index d5dea3b..da6b6bb 100644
hash_table_t *tmp_table;
ret = get_uid_table(krb5_ctx, &tmp_table);
-@@ -314,6 +315,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx,
- DEBUG(1, ("hash_destroy failed [%s].\n", hash_error_string(ret)));
+@@ -339,6 +340,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx,
+ "hash_destroy failed [%s].\n", hash_error_string(ret));
return EFAULT;
}
+#endif /* __linux__ */
krb5_ctx->deferred_auth_ctx = talloc_zero(krb5_ctx,
struct deferred_auth_ctx);
---
-1.8.0
-
Modified: head/security/sssd/files/patch-src__providers__ldap__ldap_auth.c
==============================================================================
--- head/security/sssd/files/patch-src__providers__ldap__ldap_auth.c Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__providers__ldap__ldap_auth.c Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,14 +1,5 @@
-From ad4b85556ddea5d5d2d6bcc5f00a8492b0b15c46 Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Sat, 4 May 2013 16:08:11 +0200
-Subject: [PATCH 09/34] patch-src__providers__ldap__ldap_auth.c
-
----
- src/providers/ldap/ldap_auth.c | 60 ++++++++++++++++++++++++++----------------
- 1 file changed, 37 insertions(+), 23 deletions(-)
-
diff --git src/providers/ldap/ldap_auth.c src/providers/ldap/ldap_auth.c
-index b0dd30c..6b1ad83 100644
+index 2aacce0..e019cf7 100644
--- src/providers/ldap/ldap_auth.c
+++ src/providers/ldap/ldap_auth.c
@@ -37,7 +37,6 @@
@@ -42,82 +33,40 @@ index b0dd30c..6b1ad83 100644
static errno_t add_expired_warning(struct pam_data *pd, long exp_time)
{
int ret;
-@@ -110,17 +125,16 @@ static errno_t check_pwexpire_kerberos(const char *expire_date, time_t now,
+@@ -109,6 +124,7 @@ static errno_t check_pwexpire_kerberos(const char *expire_date, time_t now,
return EINVAL;
}
+ tzset();
expire_time = mktime(&tm);
if (expire_time == -1) {
- DEBUG(1, ("mktime failed to convert [%s].\n", expire_date));
+ DEBUG(SSSDBG_CRIT_FAILURE,
+@@ -116,12 +132,10 @@ static errno_t check_pwexpire_kerberos(const char *expire_date, time_t now,
return EINVAL;
}
- tzset();
- expire_time -= timezone;
-- DEBUG(9, ("Time info: tzname[0] [%s] tzname[1] [%s] timezone [%d] "
-- "daylight [%d] now [%d] expire_time [%d].\n", tzname[0],
-- tzname[1], timezone, daylight, now, expire_time));
-+ DEBUG(9, ("Time info: tzname[0] [%s] tzname[1] [%s]"
-+ "now [%d] expire_time [%d].\n", tzname[0],
-+ tzname[1], now, expire_time));
+ DEBUG(SSSDBG_TRACE_ALL,
+- "Time info: tzname[0] [%s] tzname[1] [%s] timezone [%ld] "
+- "daylight [%d] now [%ld] expire_time [%ld].\n", tzname[0],
+- tzname[1], timezone, daylight, now, expire_time);
++ "Time info: tzname[0] [%s] tzname[1] [%s] "
++ "now [%ld] expire_time [%ld].\n", tzname[0],
++ tzname[1], now, expire_time);
if (difftime(now, expire_time) > 0.0) {
- DEBUG(4, ("Kerberos password expired.\n"));
-@@ -762,7 +776,7 @@ void sdap_pam_chpass_handler(struct be_req *breq)
-
- DEBUG(2, ("starting password change request for user [%s].\n", pd->user));
+ DEBUG(SSSDBG_CONF_SETTINGS, "Kerberos password expired.\n");
+@@ -924,7 +938,7 @@ void sdap_pam_chpass_handler(struct be_req *breq)
+ DEBUG(SSSDBG_OP_FAILURE,
+ "starting password change request for user [%s].\n", pd->user);
- pd->pam_status = PAM_SYSTEM_ERR;
+ pd->pam_status = PAM_SERVICE_ERR;
if (pd->cmd != SSS_PAM_CHAUTHTOK && pd->cmd != SSS_PAM_CHAUTHTOK_PRELIM) {
- DEBUG(2, ("chpass target was called by wrong pam command.\n"));
-@@ -821,7 +835,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
- &pw_expire_type, &pw_expire_data);
- talloc_zfree(req);
- if (ret) {
-- state->pd->pam_status = PAM_SYSTEM_ERR;
-+ state->pd->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
-
-@@ -841,7 +855,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
- &result);
- if (ret != EOK) {
- DEBUG(1, ("check_pwexpire_shadow failed.\n"));
-- state->pd->pam_status = PAM_SYSTEM_ERR;
-+ state->pd->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
- break;
-@@ -850,14 +864,14 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
- state->breq->domain->pwd_expiration_warning);
- if (ret != EOK) {
- DEBUG(1, ("check_pwexpire_kerberos failed.\n"));
-- state->pd->pam_status = PAM_SYSTEM_ERR;
-+ state->pd->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
-
- if (result == SDAP_AUTH_PW_EXPIRED) {
- DEBUG(1, ("LDAP provider cannot change kerberos "
- "passwords.\n"));
-- state->pd->pam_status = PAM_SYSTEM_ERR;
-+ state->pd->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
- break;
-@@ -866,7 +880,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
- break;
- default:
- DEBUG(1, ("Unknow pasword expiration type.\n"));
-- state->pd->pam_status = PAM_SYSTEM_ERR;
-+ state->pd->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
- }
-@@ -906,7 +920,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
+ DEBUG(SSSDBG_OP_FAILURE,
+@@ -1069,7 +1083,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
dp_err = DP_ERR_OFFLINE;
break;
default:
@@ -126,25 +75,16 @@ index b0dd30c..6b1ad83 100644
}
done:
-@@ -929,7 +943,7 @@ static void sdap_pam_chpass_done(struct tevent_req *req)
- ret = sdap_exop_modify_passwd_recv(req, state, &result, &user_error_message);
- talloc_zfree(req);
- if (ret && ret != EIO) {
-- state->pd->pam_status = PAM_SYSTEM_ERR;
-+ state->pd->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
-
-@@ -970,7 +984,7 @@ static void sdap_pam_chpass_done(struct tevent_req *req)
- state->dn,
- lastchanged_name);
+@@ -1131,7 +1145,7 @@ static void sdap_pam_chpass_done(struct tevent_req *req)
+ state->sh, state->dn,
+ lastchanged_name);
if (subreq == NULL) {
- state->pd->pam_status = PAM_SYSTEM_ERR;
+ state->pd->pam_status = PAM_SERVICE_ERR;
goto done;
}
-@@ -991,7 +1005,7 @@ static void sdap_lastchange_done(struct tevent_req *req)
+@@ -1152,7 +1166,7 @@ static void sdap_lastchange_done(struct tevent_req *req)
ret = sdap_modify_shadow_lastchange_recv(req);
if (ret != EOK) {
@@ -153,7 +93,7 @@ index b0dd30c..6b1ad83 100644
goto done;
}
-@@ -1032,7 +1046,7 @@ void sdap_pam_auth_handler(struct be_req *breq)
+@@ -1193,7 +1207,7 @@ void sdap_pam_auth_handler(struct be_req *breq)
goto done;
}
@@ -162,52 +102,7 @@ index b0dd30c..6b1ad83 100644
switch (pd->cmd) {
case SSS_PAM_AUTHENTICATE:
-@@ -1090,7 +1104,7 @@ static void sdap_pam_auth_done(struct tevent_req *req)
- &pw_expire_type, &pw_expire_data);
- talloc_zfree(req);
- if (ret != EOK) {
-- state->pd->pam_status = PAM_SYSTEM_ERR;
-+ state->pd->pam_status = PAM_SERVICE_ERR;
- dp_err = DP_ERR_FATAL;
- goto done;
- }
-@@ -1102,7 +1116,7 @@ static void sdap_pam_auth_done(struct tevent_req *req)
- state->pd, &result);
- if (ret != EOK) {
- DEBUG(1, ("check_pwexpire_shadow failed.\n"));
-- state->pd->pam_status = PAM_SYSTEM_ERR;
-+ state->pd->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
- break;
-@@ -1112,7 +1126,7 @@ static void sdap_pam_auth_done(struct tevent_req *req)
- be_ctx->domain->pwd_expiration_warning);
- if (ret != EOK) {
- DEBUG(1, ("check_pwexpire_kerberos failed.\n"));
-- state->pd->pam_status = PAM_SYSTEM_ERR;
-+ state->pd->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
- break;
-@@ -1121,7 +1135,7 @@ static void sdap_pam_auth_done(struct tevent_req *req)
- be_ctx->domain->pwd_expiration_warning);
- if (ret != EOK) {
- DEBUG(1, ("check_pwexpire_ldap failed.\n"));
-- state->pd->pam_status = PAM_SYSTEM_ERR;
-+ state->pd->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
- break;
-@@ -1129,7 +1143,7 @@ static void sdap_pam_auth_done(struct tevent_req *req)
- break;
- default:
- DEBUG(1, ("Unknow pasword expiration type.\n"));
-- state->pd->pam_status = PAM_SYSTEM_ERR;
-+ state->pd->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
- }
-@@ -1151,7 +1165,7 @@ static void sdap_pam_auth_done(struct tevent_req *req)
+@@ -1291,7 +1305,7 @@ static void sdap_pam_auth_done(struct tevent_req *req)
state->pd->pam_status = PAM_NEW_AUTHTOK_REQD;
break;
default:
@@ -216,6 +111,3 @@ index b0dd30c..6b1ad83 100644
dp_err = DP_ERR_FATAL;
}
---
-1.8.0
-
Modified: head/security/sssd/files/patch-src__providers__ldap__sdap_access.c
==============================================================================
--- head/security/sssd/files/patch-src__providers__ldap__sdap_access.c Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__providers__ldap__sdap_access.c Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,205 +1,29 @@
-From 9a3d9a05b2c8790c771c166b42f8b80e76b4b336 Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 6 Nov 2013 22:01:20 +0100
-Subject: [PATCH 11/25] patch-src__providers__ldap__sdap_access.c
-
----
- src/providers/ldap/sdap_access.c | 46 +++++++++++++++++++---------------------
- 1 file changed, 22 insertions(+), 24 deletions(-)
-
diff --git src/providers/ldap/sdap_access.c src/providers/ldap/sdap_access.c
-index b198e04..1eaedf7 100644
+index 880735e..d349dcf 100644
--- src/providers/ldap/sdap_access.c
+++ src/providers/ldap/sdap_access.c
-@@ -22,9 +22,7 @@
- along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
--#define _XOPEN_SOURCE 500 /* for strptime() */
- #include <time.h>
--#undef _XOPEN_SOURCE
- #include <sys/param.h>
- #include <security/pam_modules.h>
- #include <talloc.h>
-@@ -109,7 +107,7 @@ void sdap_pam_access_handler(struct be_req *breq)
- pd);
- if (req == NULL) {
- DEBUG(1, ("Unable to start sdap_access request\n"));
-- sdap_access_reply(breq, PAM_SYSTEM_ERR);
-+ sdap_access_reply(breq, PAM_SERVICE_ERR);
- return;
- }
-
-@@ -149,7 +147,7 @@ sdap_access_send(TALLOC_CTX *mem_ctx,
-
- state->be_req = be_req;
- state->pd = pd;
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
- state->ev = ev;
- state->access_ctx = access_ctx;
- state->current_rule = 0;
-@@ -502,18 +500,17 @@ static bool nds_check_expired(const char *exp_time_str)
+@@ -499,6 +499,7 @@ static bool nds_check_expired(const char *exp_time_str)
return true;
}
+ tzset();
expire_time = mktime(&tm);
if (expire_time == -1) {
- DEBUG(1, ("mktime failed to convert [%s].\n", exp_time_str));
+ DEBUG(SSSDBG_CRIT_FAILURE,
+@@ -506,13 +507,11 @@ static bool nds_check_expired(const char *exp_time_str)
return true;
}
- tzset();
- expire_time -= timezone;
now = time(NULL);
-- DEBUG(9, ("Time info: tzname[0] [%s] tzname[1] [%s] timezone [%d] "
-- "daylight [%d] now [%d] expire_time [%d].\n", tzname[0],
-- tzname[1], timezone, daylight, now, expire_time));
-+ DEBUG(9, ("Time info: tzname[0] [%s] tzname[1] [%s] "
-+ "now [%d] expire_time [%d].\n", tzname[0],
-+ tzname[1], now, expire_time));
+ DEBUG(SSSDBG_TRACE_ALL,
+- "Time info: tzname[0] [%s] tzname[1] [%s] timezone [%ld] "
+- "daylight [%d] now [%ld] expire_time [%ld].\n", tzname[0],
+- tzname[1], timezone, daylight, now, expire_time);
++ "Time info: tzname[0] [%s] tzname[1] [%s] "
++ "now [%ld] expire_time [%ld].\n", tzname[0],
++ tzname[1], now, expire_time);
if (difftime(now, expire_time) > 0.0) {
- DEBUG(4, ("NDS account expired.\n"));
-@@ -662,7 +659,7 @@ static struct tevent_req *sdap_account_expired_send(TALLOC_CTX *mem_ctx,
- return NULL;
- }
-
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
-
- expire = dp_opt_get_cstring(access_ctx->id_ctx->opts->basic,
- SDAP_ACCOUNT_EXPIRE_POLICY);
-@@ -746,7 +743,7 @@ static void sdap_account_expired_done(struct tevent_req *subreq)
- talloc_zfree(subreq);
- if (ret != EOK) {
- DEBUG(1, ("Error retrieving access check result.\n"));
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
- tevent_req_error(req, ret);
- return;
- }
-@@ -806,7 +803,7 @@ static struct tevent_req *sdap_access_filter_send(TALLOC_CTX *mem_ctx,
- state->filter = NULL;
- state->be_req = be_req;
- state->username = username;
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
- state->sdap_ctx = access_ctx->id_ctx;
- state->ev = ev;
- state->access_ctx = access_ctx;
-@@ -953,7 +950,7 @@ static void sdap_access_filter_connect_done(struct tevent_req *subreq)
- false);
- if (subreq == NULL) {
- DEBUG(1, ("Could not start LDAP communication\n"));
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
- tevent_req_error(req, EIO);
- return;
- }
-@@ -984,13 +981,13 @@ static void sdap_access_filter_get_access_done(struct tevent_req *subreq)
- if (ret == EOK) {
- return;
- }
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
- } else if (dp_error == DP_ERR_OFFLINE) {
- sdap_access_filter_decide_offline(req);
- } else {
- DEBUG(1, ("sdap_get_generic_send() returned error [%d][%s]\n",
- ret, strerror(ret)));
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
- }
-
- goto done;
-@@ -1009,7 +1006,7 @@ static void sdap_access_filter_get_access_done(struct tevent_req *subreq)
- else if (results == NULL) {
- DEBUG(1, ("num_results > 0, but results is NULL\n"));
- ret = EIO;
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
- else if (num_results > 1) {
-@@ -1018,7 +1015,7 @@ static void sdap_access_filter_get_access_done(struct tevent_req *subreq)
- */
- DEBUG(1, ("Received multiple replies\n"));
- ret = EIO;
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
- goto done;
- }
- else { /* Ok, we got a single reply */
-@@ -1104,7 +1101,7 @@ static void sdap_access_filter_done(struct tevent_req *subreq)
- talloc_zfree(subreq);
- if (ret != EOK) {
- DEBUG(1, ("Error retrieving access check result.\n"));
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
- tevent_req_error(req, ret);
- return;
- }
-@@ -1244,7 +1241,7 @@ static void sdap_access_service_done(struct tevent_req *subreq)
- talloc_zfree(subreq);
- if (ret != EOK) {
- DEBUG(1, ("Error retrieving access check result.\n"));
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
- tevent_req_error(req, ret);
- return;
- }
-@@ -1269,7 +1266,7 @@ static struct tevent_req *sdap_access_host_send(
- struct ldb_message_element *el;
- unsigned int i;
- char *host;
-- char hostname[HOST_NAME_MAX+1];
-+ char hostname[_POSIX_HOST_NAME_MAX + 1];
-
- req = tevent_req_create(mem_ctx, &state, struct sdap_access_host_ctx);
- if (!req) {
-@@ -1285,11 +1282,12 @@ static struct tevent_req *sdap_access_host_send(
- goto done;
- }
-
-- if (gethostname(hostname, sizeof(hostname)) == -1) {
-+ if (gethostname(hostname, _POSIX_HOST_NAME_MAX) == -1) {
- DEBUG(1, ("Unable to get system hostname. Access denied\n"));
- ret = EOK;
- goto done;
- }
-+ hostname[_POSIX_HOST_NAME_MAX] = '\0';
-
- /* FIXME: PADL's pam_ldap also calls gethostbyname() on the hostname
- * in some attempt to get aliases and/or FQDN for the machine.
-@@ -1365,7 +1363,7 @@ static void sdap_access_host_done(struct tevent_req *subreq)
- talloc_zfree(subreq);
- if (ret != EOK) {
- DEBUG(1, ("Error retrieving access check result.\n"));
-- state->pam_status = PAM_SYSTEM_ERR;
-+ state->pam_status = PAM_SERVICE_ERR;
- tevent_req_error(req, ret);
- return;
- }
-@@ -1391,7 +1389,7 @@ sdap_access_recv(struct tevent_req *req, int *pam_status)
- static void sdap_access_done(struct tevent_req *req)
- {
- errno_t ret;
-- int pam_status = PAM_SYSTEM_ERR;
-+ int pam_status = PAM_SERVICE_ERR;
- struct be_req *breq =
- tevent_req_callback_data(req, struct be_req);
-
-@@ -1399,7 +1397,7 @@ static void sdap_access_done(struct tevent_req *req)
- talloc_zfree(req);
- if (ret != EOK) {
- DEBUG(1, ("Error retrieving access check result.\n"));
-- pam_status = PAM_SYSTEM_ERR;
-+ pam_status = PAM_SERVICE_ERR;
- }
-
- sdap_access_reply(breq, pam_status);
---
-1.8.0
-
+ DEBUG(SSSDBG_CONF_SETTINGS, "NDS account expired.\n");
Modified: head/security/sssd/files/patch-src__sss_client__common.c
==============================================================================
--- head/security/sssd/files/patch-src__sss_client__common.c Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__sss_client__common.c Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,12 +1,3 @@
-From 6874fb930a30eac6fe12104923ab97083f58bcf9 Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 6 Nov 2013 22:01:20 +0100
-Subject: [PATCH 14/25] patch-src__sss_client__common.c
-
----
- src/sss_client/common.c | 15 +++++++--------
- 1 file changed, 7 insertions(+), 8 deletions(-)
-
diff --git src/sss_client/common.c src/sss_client/common.c
index ec5c708..5d17eed 100644
--- src/sss_client/common.c
@@ -80,6 +71,3 @@ index ec5c708..5d17eed 100644
}
}
---
-1.8.0
-
Modified: head/security/sssd/files/patch-src__sss_client__nss_group.c
==============================================================================
--- head/security/sssd/files/patch-src__sss_client__nss_group.c Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__sss_client__nss_group.c Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,12 +1,3 @@
-From 5a0c2079efae0f9734d85932ed72645808b32091 Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 6 Nov 2013 22:01:20 +0100
-Subject: [PATCH 15/25] patch-src__sss_client__nss_group.c
-
----
- src/sss_client/nss_group.c | 70 ++++++++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 70 insertions(+)
-
diff --git src/sss_client/nss_group.c src/sss_client/nss_group.c
index e6ea54b..b27b671 100644
--- src/sss_client/nss_group.c
@@ -88,6 +79,3 @@ index e6ea54b..b27b671 100644
enum nss_status _nss_sss_getgrnam_r(const char *name, struct group *result,
char *buffer, size_t buflen, int *errnop)
{
---
-1.8.0
-
Modified: head/security/sssd/files/patch-src__sss_client__sss_nss.exports
==============================================================================
--- head/security/sssd/files/patch-src__sss_client__sss_nss.exports Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__sss_client__sss_nss.exports Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,12 +1,3 @@
-From d7dcd7c8796efbecd4e41931080d7d28f72f9ee1 Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Sat, 4 May 2013 16:08:11 +0200
-Subject: [PATCH 21/34] patch-src__sss_client__sss_nss.exports
-
----
- src/sss_client/sss_nss.exports | 18 ++++++++++++++++++
- 1 file changed, 18 insertions(+)
-
diff --git src/sss_client/sss_nss.exports src/sss_client/sss_nss.exports
index 1eefea8..8e85a05 100644
--- src/sss_client/sss_nss.exports
@@ -45,6 +36,3 @@ index 1eefea8..8e85a05 100644
#_nss_sss_getaliasbyname_r;
#_nss_sss_setaliasent;
#_nss_sss_getaliasent_r;
---
-1.8.0
-
Modified: head/security/sssd/files/patch-src__util__crypto__libcrypto__crypto_sha512crypt.c
==============================================================================
--- head/security/sssd/files/patch-src__util__crypto__libcrypto__crypto_sha512crypt.c Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__util__crypto__libcrypto__crypto_sha512crypt.c Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,22 +1,11 @@
-From 74422233fe8c6efa826b20c6b579f4c99e45ff87 Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 6 Nov 2013 22:01:21 +0100
-Subject: [PATCH 19/25] patch-src__util__crypto__libcrypto__crypto_sha512crypt.c
-
----
- src/util/crypto/libcrypto/crypto_sha512crypt.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
diff --git src/util/crypto/libcrypto/crypto_sha512crypt.c src/util/crypto/libcrypto/crypto_sha512crypt.c
-index 88628b6..4510403 100644
+index 34547d0..6901851 100644
--- src/util/crypto/libcrypto/crypto_sha512crypt.c
+++ src/util/crypto/libcrypto/crypto_sha512crypt.c
-@@ -28,6 +28,14 @@
+@@ -28,6 +28,12 @@
#include <openssl/evp.h>
#include <openssl/rand.h>
-+#define __stpncpy(x, y, z) stpncpy(x, y, z)
-+
+void *
+mempcpy (void *dest, const void *src, size_t n)
+{
@@ -26,6 +15,3 @@ index 88628b6..4510403 100644
/* Define our magic string to mark salt for SHA512 "encryption" replacement. */
const char sha512_salt_prefix[] = "$6$";
#define SALT_PREF_SIZE (sizeof(sha512_salt_prefix) - 1)
---
-1.8.0
-
Modified: head/security/sssd/files/patch-src__util__crypto__nss__nss_sha512crypt.c
==============================================================================
--- head/security/sssd/files/patch-src__util__crypto__nss__nss_sha512crypt.c Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__util__crypto__nss__nss_sha512crypt.c Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,22 +1,11 @@
-From be27b76238aa49ac0ace123f80c9957ae25501fa Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 6 Nov 2013 22:01:21 +0100
-Subject: [PATCH 20/25] patch-src__util__crypto__nss__nss_sha512crypt.c
-
----
- src/util/crypto/nss/nss_sha512crypt.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
diff --git src/util/crypto/nss/nss_sha512crypt.c src/util/crypto/nss/nss_sha512crypt.c
-index 2838c47..a6cf43f 100644
+index 9fedd5e..90192ac 100644
--- src/util/crypto/nss/nss_sha512crypt.c
+++ src/util/crypto/nss/nss_sha512crypt.c
-@@ -29,6 +29,14 @@
+@@ -29,6 +29,12 @@
#include <sechash.h>
#include <pk11func.h>
-+#define __stpncpy(x, y, z) stpncpy(x, y, z)
-+
+static void *
+mempcpy (void *dest, const void *src, size_t n)
+{
@@ -26,6 +15,3 @@ index 2838c47..a6cf43f 100644
/* Define our magic string to mark salt for SHA512 "encryption" replacement. */
const char sha512_salt_prefix[] = "$6$";
#define SALT_PREF_SIZE (sizeof(sha512_salt_prefix) - 1)
---
-1.8.0
-
Modified: head/security/sssd/files/patch-src__util__find_uid.c
==============================================================================
--- head/security/sssd/files/patch-src__util__find_uid.c Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__util__find_uid.c Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,14 +1,5 @@
-From ccc51217c877dde1857300662fdacab2298f5816 Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 6 Nov 2013 22:01:21 +0100
-Subject: [PATCH 21/25] patch-src__util__find_uid.c
-
----
- src/util/find_uid.c | 9 ++++-----
- 1 file changed, 4 insertions(+), 5 deletions(-)
-
diff --git src/util/find_uid.c src/util/find_uid.c
-index d34a4ab..9dec900 100644
+index 4c8f73a..40f3690 100644
--- src/util/find_uid.c
+++ src/util/find_uid.c
@@ -67,7 +67,7 @@ static errno_t get_uid_from_pid(const pid_t pid, uid_t *uid)
@@ -18,9 +9,9 @@ index d34a4ab..9dec900 100644
- ret = snprintf(path, PATHLEN, "/proc/%d/status", pid);
+ ret = snprintf(path, PATHLEN, "/compat/linux/proc/%d/status", pid);
if (ret < 0) {
- DEBUG(1, ("snprintf failed"));
+ DEBUG(SSSDBG_CRIT_FAILURE, "snprintf failed");
return EINVAL;
-@@ -201,12 +201,12 @@ static errno_t get_active_uid_linux(hash_table_t *table, uid_t search_uid)
+@@ -207,12 +207,12 @@ static errno_t get_active_uid_linux(hash_table_t *table, uid_t search_uid)
struct dirent *dirent;
int ret, err;
pid_t pid = -1;
@@ -34,8 +25,8 @@ index d34a4ab..9dec900 100644
+ proc_dir = opendir("/compat/linux/proc");
if (proc_dir == NULL) {
ret = errno;
- DEBUG(1, ("Cannot open proc dir.\n"));
-@@ -280,9 +280,8 @@ done:
+ DEBUG(SSSDBG_CRIT_FAILURE, "Cannot open proc dir.\n");
+@@ -287,9 +287,8 @@ done:
errno_t get_uid_table(TALLOC_CTX *mem_ctx, hash_table_t **table)
{
@@ -46,6 +37,3 @@ index d34a4ab..9dec900 100644
ret = hash_create_ex(INITIAL_TABLE_SIZE, table, 0, 0, 0, 0,
hash_talloc, hash_talloc_free, mem_ctx,
NULL, NULL);
---
-1.8.0
-
Modified: head/security/sssd/files/patch-src__util__server.c
==============================================================================
--- head/security/sssd/files/patch-src__util__server.c Sat Jan 31 13:32:06 2015 (r378207)
+++ head/security/sssd/files/patch-src__util__server.c Sat Jan 31 13:53:54 2015 (r378208)
@@ -1,17 +1,8 @@
-From cc6cab9e45ba978eaf33c6fa1860ee94166780be Mon Sep 17 00:00:00 2001
-From: Lukas Slebodnik <lukas.slebodnik at intrak.sk>
-Date: Wed, 6 Nov 2013 22:01:21 +0100
-Subject: [PATCH 22/25] patch-src__util__server.c
-
----
- src/util/server.c | 12 +++++++-----
- 1 file changed, 7 insertions(+), 5 deletions(-)
-
diff --git src/util/server.c src/util/server.c
-index b3073fc..ddc124f 100644
+index 343668c..f8a1627 100644
--- src/util/server.c
+++ src/util/server.c
-@@ -321,12 +321,14 @@ static void setup_signals(void)
+@@ -322,12 +322,14 @@ static void setup_signals(void)
BlockSignals(false, SIGTERM);
CatchSignal(SIGHUP, sig_hup);
@@ -31,6 +22,3 @@ index b3073fc..ddc124f 100644
#endif
}
---
-1.8.0
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-ports-all
mailing list