[pam_ldap] - don't overwrite an explicitly-configured search base when we're using DNS to locate the server (
Nalin Dahyabhai
nalin at fedoraproject.org
Mon Sep 12 21:20:30 UTC 2011
commit aa9acb185c0b9fcec2fd5ff701984ae8aba4c0cd
Author: Nalin Dahyabhai <nalin at dahyabhai.net>
Date: Mon Sep 12 17:20:11 2011 -0400
- don't overwrite an explicitly-configured search base when we're using DNS
to locate the server (#735375)
pam_ldap-185-dnsconfig.patch | 13 ++++++++-----
pam_ldap.spec | 6 +++++-
2 files changed, 13 insertions(+), 6 deletions(-)
---
diff --git a/pam_ldap-185-dnsconfig.patch b/pam_ldap-185-dnsconfig.patch
index 191ac5f..3cdd5cc 100644
--- a/pam_ldap-185-dnsconfig.patch
+++ b/pam_ldap-185-dnsconfig.patch
@@ -52,7 +52,7 @@
AC_CACHE_CHECK(whether gethostbyname_r takes 6 arguments, xad_cv_gethostbyname_r_args, [
--- /dev/null 2004-10-19 17:45:17.794252000 -0400
+++ pam_ldap-176/dnsconfig.c 2004-10-28 17:32:36.915435096 -0400
-@@ -0,0 +1,214 @@
+@@ -0,0 +1,217 @@
+
+/* Copyright (C) 1997-2001 Luke Howard.
+ This file started off as part of the nss_ldap library.
@@ -253,11 +253,14 @@
+#endif /* SSL */
+
+ /* DN */
-+ stat = _pam_ldap_getdnsdn (_res.defdname, &result->base);
-+ if (stat != PAM_SUCCESS)
++ if (result->base == NULL)
+ {
-+ dns_free_data (r);
-+ return stat;
++ stat = _pam_ldap_getdnsdn (_res.defdname, &result->base);
++ if (stat != PAM_SUCCESS)
++ {
++ dns_free_data (r);
++ return stat;
++ }
+ }
+ }
+ }
diff --git a/pam_ldap.spec b/pam_ldap.spec
index 003d29a..74dc89d 100644
--- a/pam_ldap.spec
+++ b/pam_ldap.spec
@@ -7,7 +7,7 @@
Summary: PAM module for LDAP
Name: pam_ldap
Version: 185
-Release: 10%{?dist}
+Release: 11%{?dist}
URL: http://www.padl.com/OSS/pam_ldap.html
License: LGPLv2+
Group: System Environment/Base
@@ -131,6 +131,10 @@ fi
%attr(0600,root,root) %ghost %config(noreplace) /etc/%{name}.secret
%changelog
+* Mon Sep 12 2011 Nalin Dahyabhai <nalin at redhat.com> 185-11
+- don't overwrite an explicitly-configured search base when we're using DNS
+ to locate the server (#735375)
+
* Thu Mar 17 2011 Nalin Dahyabhai <nalin at redhat.com> 185-10
- add Ross Tyler's patch to always require authentication during password
change requests for expired passwords, so that modules which check password
More information about the scm-commits
mailing list