svn commit: r372604 - in branches/2014Q4/net/nss_ldap: . files

Dag-Erling Smørgrav des at FreeBSD.org
Sat Nov 15 15:44:07 UTC 2014 

Author: des
Date: Sat Nov 15 15:44:05 2014
New Revision: 372604
URL: https://svnweb.freebsd.org/changeset/ports/372604
QAT: https://qat.redports.org/buildarchive/r372604/

Log:
  MFH: r372540
  
  Add patches for a couple of issues I found while researching #190055:
  
   - Use GID_MAX instead of LONG_MAX, they are not the same on 64-bit.
   - Correctly restore the egid after reading the krb5 credential cache.
  
  Approved by:	ports-secteam (rea)

Added:
  branches/2014Q4/net/nss_ldap/files/patch-ldap-grp.c
     - copied unchanged from r372540, head/net/nss_ldap/files/patch-ldap-grp.c
Modified:
  branches/2014Q4/net/nss_ldap/Makefile
  branches/2014Q4/net/nss_ldap/files/patch-ldap-init-krb5-cache.c
Directory Properties:
  branches/2014Q4/   (props changed)

Modified: branches/2014Q4/net/nss_ldap/Makefile
==============================================================================
--- branches/2014Q4/net/nss_ldap/Makefile	Sat Nov 15 15:08:48 2014	(r372603)
+++ branches/2014Q4/net/nss_ldap/Makefile	Sat Nov 15 15:44:05 2014	(r372604)
@@ -3,7 +3,7 @@
 
 PORTNAME=	nss_ldap
 PORTVERSION=	1.${NSS_LDAP_VERSION}
-PORTREVISION=	11
+PORTREVISION=	12
 CATEGORIES=	net
 MASTER_SITES=	http://www.padl.com/download/ \
 		LOCAL/martymac

Copied: branches/2014Q4/net/nss_ldap/files/patch-ldap-grp.c (from r372540, head/net/nss_ldap/files/patch-ldap-grp.c)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2014Q4/net/nss_ldap/files/patch-ldap-grp.c	Sat Nov 15 15:44:05 2014	(r372604, copy of r372540, head/net/nss_ldap/files/patch-ldap-grp.c)
@@ -0,0 +1,11 @@
+--- ldap-grp.c.orig
++++ ldap-grp.c
+@@ -687,7 +687,7 @@
+   gid = strtoul (values[0], (char **) NULL, 10);
+   ldap_value_free (values);
+ 
+-  if (gid == LONG_MAX && errno == ERANGE)
++  if (gid == GID_MAX && errno == ERANGE)
+     {
+       /* invalid group, skip it */
+       return NSS_NOTFOUND;

Modified: branches/2014Q4/net/nss_ldap/files/patch-ldap-init-krb5-cache.c
==============================================================================
--- branches/2014Q4/net/nss_ldap/files/patch-ldap-init-krb5-cache.c	Sat Nov 15 15:08:48 2014	(r372603)
+++ branches/2014Q4/net/nss_ldap/files/patch-ldap-init-krb5-cache.c	Sat Nov 15 15:44:05 2014	(r372604)
@@ -1,5 +1,5 @@
---- ldap-init-krb5-cache.c.orig	2009-11-06 11:28:08.000000000 +0100
-+++ ldap-init-krb5-cache.c	2014-03-26 21:42:54.575385677 +0100
+--- ldap-init-krb5-cache.c.orig
++++ ldap-init-krb5-cache.c
 @@ -109,14 +109,14 @@
  #include <gssapi/gssapi.h>
  #include <gssapi/gssapi_krb5.h>
@@ -47,6 +47,15 @@
  	{
  	  debug ("==> krb5_cache_kt_is_accessible: kt type = FILE");
  	  uid_t ruid = getuid ();
+@@ -243,7 +254,7 @@
+ 	    {
+ 	      setreuid (ruid, euid);
+ 	    }
+-	  if (rgid != rgid)
++	  if (rgid != egid)
+ 	    {
+ 	      setregid (rgid, egid);
+ 	    }
 @@ -542,7 +553,7 @@
      }
    profile_release (profile);

More information about the svn-ports-branches mailing list