[nss-pam-ldapd] New upstream release 0.7.16; adjust patches accordingly
Jakub Hrozek
jhrozek at fedoraproject.org
Sat Apr 28 20:18:39 UTC 2012
commit 1e1125adb4174ac0f679eca2f9d62de957275325
Author: Jakub Hrozek <jhrozek at redhat.com>
Date: Sat Apr 28 21:47:50 2012 +0200
New upstream release 0.7.16; adjust patches accordingly
nss-pam-ldapd-0.7.x-dnssrv.patch | 38 ++----
nss-pam-ldapd-0.7.x-epipe.patch | 16 ++-
nss-pam-ldapd-0.7.x-uid-overflow.patch | 198 +++++++++-----------------------
nss-pam-ldapd.spec | 7 +-
4 files changed, 82 insertions(+), 177 deletions(-)
---
diff --git a/nss-pam-ldapd-0.7.x-dnssrv.patch b/nss-pam-ldapd-0.7.x-dnssrv.patch
index 939ecf0..1b874a3 100644
--- a/nss-pam-ldapd-0.7.x-dnssrv.patch
+++ b/nss-pam-ldapd-0.7.x-dnssrv.patch
@@ -1,17 +1,6 @@
-Parts of the upstream patch, adapted, plus a fix for a typo.
-
-commit e36a4270122f690927d17f06259ce5a9308cd1eb
-Author: arthur <arthur at ef36b2f9-881f-0410-afb5-c4e39611909c>
-Date: Wed Aug 24 18:51:55 2011 +0000
-
- support querying DNS SRV records from a different domain than the current one (based on a patch by James M. Leddy)
-
- git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1513 ef36b2f9-881f-0410-afb5-c4e39611909c
-
-diff --git a/man/nslcd.conf.5.xml b/man/nslcd.conf.5.xml
-index 6c0f9e3..51869f4 100644
---- a/man/nslcd.conf.5.xml
-+++ b/man/nslcd.conf.5.xml
+diff -up ./man/nslcd.conf.5.xml.dnssrv ./man/nslcd.conf.5.xml
+--- ./man/nslcd.conf.5.xml.dnssrv 2012-04-28 21:22:26.327729809 +0200
++++ ./man/nslcd.conf.5.xml 2012-04-28 21:22:26.330729794 +0200
@@ -127,9 +127,14 @@
<acronym>LDAP</acronym> over <acronym>TCP</acronym>,
<acronym>ICP</acronym> or <acronym>SSL</acronym> respectively (if
@@ -27,28 +16,27 @@ index 6c0f9e3..51869f4 100644
</para>
<para>
When using the ldapi scheme, %2f should be used to escape slashes
-diff --git a/nslcd/cfg.c b/nslcd/cfg.c
-index fee3286..ac354c0 100644
---- a/nslcd/cfg.c
-+++ b/nslcd/cfg.c
-@@ -184,13 +184,13 @@ static const char *cfg_getdomainname(const char *filename,int lnr)
+diff -up ./nslcd/cfg.c.dnssrv ./nslcd/cfg.c
+--- ./nslcd/cfg.c.dnssrv 2012-04-28 21:22:26.326729814 +0200
++++ ./nslcd/cfg.c 2012-04-28 21:22:26.330729794 +0200
+@@ -224,13 +224,13 @@ static char *cfg_getdomainname(const cha
/* add URIs by doing DNS queries for SRV records */
static void add_uris_from_dns(const char *filename,int lnr,
- struct ldap_config *cfg)
+ struct ldap_config *cfg,
-+ const char *domain)
++ char *domain)
{
- int ret=0;
+ int rc;
- char *domain;
char *hostlist=NULL,*nxt;
char buf[HOST_NAME_MAX+sizeof("ldap://")];
- domain=cfg_getdomainname(filename,lnr);
+ log_log(LOG_DEBUG,"query %s for SRV records",domain);
- ret=ldap_domain2hostlist(domain,&hostlist);
- /* FIXME: have better error handling */
- if ((hostlist==NULL)||(*hostlist=='\0'))
-@@ -856,7 +856,16 @@ static void cfg_read(const char *filename,struct ldap_config *cfg)
+ rc=ldap_domain2hostlist(domain,&hostlist);
+ if (rc!=LDAP_SUCCESS)
+ {
+@@ -848,7 +848,16 @@ static void cfg_read(const char *filenam
if (strcasecmp(token,"dns")==0)
{
#ifdef HAVE_LDAP_DOMAIN2HOSTLIST
diff --git a/nss-pam-ldapd-0.7.x-epipe.patch b/nss-pam-ldapd-0.7.x-epipe.patch
index 08d151d..810d44c 100644
--- a/nss-pam-ldapd-0.7.x-epipe.patch
+++ b/nss-pam-ldapd-0.7.x-epipe.patch
@@ -1,6 +1,6 @@
diff -up nss-pam-ldapd-0.7.15/common/tio.c.epipe nss-pam-ldapd-0.7.15/common/tio.c
--- nss-pam-ldapd-0.7.15/common/tio.c.epipe 2010-09-24 09:07:17.000000000 +0200
-+++ nss-pam-ldapd-0.7.15/common/tio.c 2012-03-15 11:39:00.945065541 +0100
++++ nss-pam-ldapd-0.7.15/common/tio.c 2012-03-15 12:21:06.776678846 +0100
@@ -2,7 +2,7 @@
tio.c - timed io functions
This file is part of the nss-pam-ldapd library.
@@ -84,7 +84,7 @@ diff -up nss-pam-ldapd-0.7.15/common/tio.c.epipe nss-pam-ldapd-0.7.15/common/tio
/* the caller has assured us that we can write to the file descriptor
diff -up nss-pam-ldapd-0.7.15/common/tio.h.epipe nss-pam-ldapd-0.7.15/common/tio.h
--- nss-pam-ldapd-0.7.15/common/tio.h.epipe 2010-09-24 09:07:17.000000000 +0200
-+++ nss-pam-ldapd-0.7.15/common/tio.h 2012-03-15 11:39:00.945065541 +0100
++++ nss-pam-ldapd-0.7.15/common/tio.h 2012-03-15 12:21:06.776678846 +0100
@@ -2,7 +2,7 @@
tio.h - timed io functions
This file is part of the nss-pam-ldapd library.
@@ -107,7 +107,7 @@ diff -up nss-pam-ldapd-0.7.15/common/tio.h.epipe nss-pam-ldapd-0.7.15/common/tio
/* Write the specified buffer to the stream. */
diff -up nss-pam-ldapd-0.7.15/nss/common.h.epipe nss-pam-ldapd-0.7.15/nss/common.h
--- nss-pam-ldapd-0.7.15/nss/common.h.epipe 2010-09-24 09:07:18.000000000 +0200
-+++ nss-pam-ldapd-0.7.15/nss/common.h 2012-03-15 11:40:13.106390324 +0100
++++ nss-pam-ldapd-0.7.15/nss/common.h 2012-03-15 12:21:41.347451558 +0100
@@ -2,7 +2,7 @@
common.h - common functions for NSS lookups
@@ -117,15 +117,19 @@ diff -up nss-pam-ldapd-0.7.15/nss/common.h.epipe nss-pam-ldapd-0.7.15/nss/common
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
-@@ -98,6 +98,7 @@
+@@ -97,8 +97,10 @@
+ READ_RESPONSE_CODE(fp); \
retv=readfn; \
/* close socket and we're done */ \
- if ((retv==NSS_STATUS_SUCCESS)||(retv==NSS_STATUS_TRYAGAIN)) \
+- if ((retv==NSS_STATUS_SUCCESS)||(retv==NSS_STATUS_TRYAGAIN)) \
++ if ((retv==NSS_STATUS_SUCCESS)||(retv==NSS_STATUS_TRYAGAIN)) { \
+ (void)tio_skip(fp,0); /* read any buffered data */ \
(void)tio_close(fp); \
++ } \
return retv;
-@@ -177,13 +178,14 @@
+ /* This macro can be used to generate a get..byname() function
+@@ -177,13 +179,14 @@
fp=NULL; /* file should be closed by now */ \
return retv;
diff --git a/nss-pam-ldapd-0.7.x-uid-overflow.patch b/nss-pam-ldapd-0.7.x-uid-overflow.patch
index f41cadc..431d353 100644
--- a/nss-pam-ldapd-0.7.x-uid-overflow.patch
+++ b/nss-pam-ldapd-0.7.x-uid-overflow.patch
@@ -1,73 +1,31 @@
-diff -up nss-pam-ldapd-0.7.14/configure.ac.biguid nss-pam-ldapd-0.7.14/configure.ac
---- nss-pam-ldapd-0.7.14/configure.ac.biguid 2011-12-16 18:23:12.728169692 +0100
-+++ nss-pam-ldapd-0.7.14/configure.ac 2011-12-16 18:24:29.335211970 +0100
-@@ -222,6 +222,7 @@ AC_C_CONST
- AC_CHECK_FUNCS([sigaction snprintf])
- AC_CHECK_FUNCS(gethostbyname)
- AC_SEARCH_LIBS(socket,socket)
-+AC_CHECK_FUNCS([strtoul strtoull])
- AC_CHECK_FUNCS([strcasecmp strncasecmp strchr strcspn strspn strtol])
- AC_CHECK_FUNCS([malloc realloc])
- AC_FUNC_FORK
-@@ -230,6 +231,11 @@ AC_FUNC_FORK
- AC_TYPE_MODE_T
- AC_TYPE_SIZE_T
- AC_TYPE_UID_T
-+AC_CHECK_SIZEOF(unsigned int)
-+AC_CHECK_SIZEOF(unsigned long int)
-+AC_CHECK_SIZEOF(unsigned long long int)
-+AC_CHECK_SIZEOF(uid_t)
-+AC_CHECK_SIZEOF(gid_t)
- AC_TYPE_PID_T
- AC_TYPE_INT32_T
- AC_TYPE_UINT8_T
-diff -up nss-pam-ldapd-0.7.14/nslcd/cfg.c.biguid nss-pam-ldapd-0.7.14/nslcd/cfg.c
---- nss-pam-ldapd-0.7.14/nslcd/cfg.c.biguid 2011-12-16 18:19:47.354737215 +0100
-+++ nss-pam-ldapd-0.7.14/nslcd/cfg.c 2011-12-16 18:19:57.480610621 +0100
-@@ -449,8 +449,9 @@ static void get_uid(const char *filename
- char *tmp;
- check_argumentcount(filename,lnr,keyword,get_token(line,token,sizeof(token))!=NULL);
- /* check if it is a valid numerical uid */
-- *var=(uid_t)strtol(token,&tmp,0);
-- if ((*token!='\0')&&(*tmp=='\0'))
-+ errno=0;
-+ *var=strtouid(token,&tmp,10);
-+ if ((*token!='\0')&&(*tmp=='\0')&&(errno==0))
- return;
- /* find by name */
- pwent=getpwnam(token);
-@@ -474,8 +475,9 @@ static void get_gid(const char *filename
- char *tmp;
- check_argumentcount(filename,lnr,keyword,get_token(line,token,sizeof(token))!=NULL);
- /* check if it is a valid numerical gid */
-- *var=(gid_t)strtol(token,&tmp,0);
-- if ((*token!='\0')&&(*tmp=='\0'))
-+ errno=0;
-+ *var=strtogid(token,&tmp,10);
-+ if ((*token!='\0')&&(*tmp=='\0')&&(errno==0))
- return;
- /* find by name */
- grent=getgrnam(token);
-diff -up nss-pam-ldapd-0.7.14/nslcd/common.c.biguid nss-pam-ldapd-0.7.14/nslcd/common.c
---- nss-pam-ldapd-0.7.14/nslcd/common.c.biguid 2011-12-16 18:20:13.916405148 +0100
-+++ nss-pam-ldapd-0.7.14/nslcd/common.c 2011-12-16 18:20:20.332324937 +0100
-@@ -147,3 +147,25 @@ int read_address(TFILE *fp,char *addr,in
- /* we're done */
+diff -up ./nslcd/common.c.overflow ./nslcd/common.c
+--- ./nslcd/common.c.overflow 2012-04-28 21:23:54.000000000 +0200
++++ ./nslcd/common.c 2012-04-28 21:38:03.263642985 +0200
+@@ -148,19 +148,25 @@ int read_address(TFILE *fp,char *addr,in
return 0;
}
+
+-#ifdef WANT_STRTOUI
+
-+/* provide a strtoui() implementation, similar to strtoul() but returning
-+ an range-checked unsigned int instead */
+ /* provide a strtoui() implementation, similar to strtoul() but returning
+ an range-checked unsigned int instead */
+-unsigned int strtoui(const char *nptr,char **endptr,int base)
+uint32_t strtoid(const char *nptr,char **endptr,int base)
-+{
+ {
+- unsigned long val;
+- val=strtoul(nptr,endptr,base);
+- if (val>UINT_MAX)
+ long long val;
+
+ val=strtoll(nptr,endptr,base);
+ if (val>UINT32_MAX)
-+ {
-+ errno=ERANGE;
+ {
+ errno=ERANGE;
+- return UINT_MAX;
+ return UINT32_MAX;
-+ }
+ }
+- /* If errno was set by strtoull, we'll pass it back as-is */
+- return (unsigned int)val;
+ else if (val<0)
+ {
+ errno=EINVAL;
@@ -76,10 +34,11 @@ diff -up nss-pam-ldapd-0.7.14/nslcd/common.c.biguid nss-pam-ldapd-0.7.14/nslcd/c
+
+ /* If errno was set, we'll pass it back as-is */
+ return (uint32_t) val;
-+}
-diff -up nss-pam-ldapd-0.7.14/nslcd/common.h.biguid nss-pam-ldapd-0.7.14/nslcd/common.h
---- nss-pam-ldapd-0.7.14/nslcd/common.h.biguid 2011-12-16 18:20:27.333237411 +0100
-+++ nss-pam-ldapd-0.7.14/nslcd/common.h 2011-12-16 18:20:58.588846664 +0100
+ }
+-#endif /* WANT_STRTOUI */
+diff -up ./nslcd/common.h.overflow ./nslcd/common.h
+--- ./nslcd/common.h.overflow 2012-04-28 21:39:08.670229101 +0200
++++ ./nslcd/common.h 2012-04-28 21:40:24.234750320 +0200
@@ -25,6 +25,7 @@
#define NSLCD__COMMON_H 1
@@ -88,87 +47,38 @@ diff -up nss-pam-ldapd-0.7.14/nslcd/common.h.biguid nss-pam-ldapd-0.7.14/nslcd/c
#include "nslcd.h"
#include "common/nslcd-prot.h"
-@@ -94,6 +95,11 @@ MYLDAP_ENTRY *uid2entry(MYLDAP_SESSION *
+@@ -94,31 +95,9 @@ MYLDAP_ENTRY *uid2entry(MYLDAP_SESSION *
/* transforms the uid into a DN by doing an LDAP lookup */
MUST_USE char *uid2dn(MYLDAP_SESSION *session,const char *uid,char *buf,size_t buflen);
+-/* provide strtouid() function alias */
+-#if SIZEOF_UID_T == SIZEOF_UNSIGNED_LONG_INT
+-#define strtouid (uid_t)strtoul
+-#elif SIZEOF_UID_T == SIZEOF_UNSIGNED_LONG_LONG_INT
+-#define strtouid (uid_t)strtoull
+-#elif SIZEOF_UID_T == SIZEOF_UNSIGNED_INT
+-#define WANT_STRTOUI 1
+-#define strtouid (uid_t)strtoui
+-#else
+-#error unable to find implementation for strtouid()
+-#endif
+-
+-/* provide strtouid() function alias */
+-#if SIZEOF_GID_T == SIZEOF_UNSIGNED_LONG_INT
+-#define strtogid (gid_t)strtoul
+-#elif SIZEOF_GID_T == SIZEOF_UNSIGNED_LONG_LONG_INT
+-#define strtogid (gid_t)strtoull
+-#elif SIZEOF_GID_T == SIZEOF_UNSIGNED_INT
+-#ifndef WANT_STRTOUI
+-#define WANT_STRTOUI 1
+-#endif
+-#define strtogid (uid_t)strtoui
+-#else
+-#error unable to find implementation for strtogid()
+-#endif
++uint32_t strtoid(const char *nptr,char **endptr,int base);
+#define strtouid (uid_t)strtoid
+#define strtogid (uid_t)strtoid
-+
-+uint32_t strtoid(const char *nptr,char **endptr,int base);
-+
- /* these are the functions for initialising the database specific
- modules */
- void alias_init(void);
-diff -up nss-pam-ldapd-0.7.14/nslcd/group.c.biguid nss-pam-ldapd-0.7.14/nslcd/group.c
---- nss-pam-ldapd-0.7.14/nslcd/group.c.biguid 2011-12-16 18:21:47.445235876 +0100
-+++ nss-pam-ldapd-0.7.14/nslcd/group.c 2011-12-16 18:21:58.471098034 +0100
-@@ -251,13 +251,20 @@ static int write_group(TFILE *fp,MYLDAP_
- }
- for (numgids=0;(gidvalues[numgids]!=NULL)&&(numgids<MAXGIDS_PER_ENTRY);numgids++)
- {
-- gids[numgids]=(gid_t)strtol(gidvalues[numgids],&tmp,0);
-+ errno=0;
-+ gids[numgids]=strtogid(gidvalues[numgids],&tmp,10);
- if ((*(gidvalues[numgids])=='\0')||(*tmp!='\0'))
- {
- log_log(LOG_WARNING,"group entry %s contains non-numeric %s value",
- myldap_get_dn(entry),attmap_group_gidNumber);
- return 0;
- }
-+ else if (errno!=0)
-+ {
-+ log_log(LOG_WARNING,"group entry %s contains too large %s value",
-+ myldap_get_dn(entry),attmap_group_gidNumber);
-+ return 0;
-+ }
- }
- }
- /* get group passwd (userPassword) (use only first entry) */
-diff -up nss-pam-ldapd-0.7.14/nslcd/passwd.c.biguid nss-pam-ldapd-0.7.14/nslcd/passwd.c
---- nss-pam-ldapd-0.7.14/nslcd/passwd.c.biguid 2011-12-16 18:22:12.893917723 +0100
-+++ nss-pam-ldapd-0.7.14/nslcd/passwd.c 2011-12-16 18:22:20.938817149 +0100
-@@ -338,13 +338,20 @@ static int write_passwd(TFILE *fp,MYLDAP
- }
- for (numuids=0;(numuids<MAXUIDS_PER_ENTRY)&&(tmpvalues[numuids]!=NULL);numuids++)
- {
-- uids[numuids]=(uid_t)strtol(tmpvalues[numuids],&tmp,0);
-+ errno=0;
-+ uids[numuids]=strtouid(tmpvalues[numuids],&tmp,10);
- if ((*(tmpvalues[numuids])=='\0')||(*tmp!='\0'))
- {
- log_log(LOG_WARNING,"passwd entry %s contains non-numeric %s value",
- myldap_get_dn(entry),attmap_passwd_uidNumber);
- return 0;
- }
-+ else if (errno!=0)
-+ {
-+ log_log(LOG_WARNING,"passwd entry %s contains too large %s value",
-+ myldap_get_dn(entry),attmap_passwd_uidNumber);
-+ return 0;
-+ }
- }
- }
- /* get the gid for this entry */
-@@ -355,13 +362,20 @@ static int write_passwd(TFILE *fp,MYLDAP
- myldap_get_dn(entry),attmap_passwd_gidNumber);
- return 0;
- }
-- gid=(gid_t)strtol(gidbuf,&tmp,0);
-+ errno=0;
-+ gid=strtogid(gidbuf,&tmp,10);
- if ((gidbuf[0]=='\0')||(*tmp!='\0'))
- {
- log_log(LOG_WARNING,"passwd entry %s contains non-numeric %s value",
- myldap_get_dn(entry),attmap_passwd_gidNumber);
- return 0;
- }
-+ else if (errno!=0)
-+ {
-+ log_log(LOG_WARNING,"passwd entry %s contains too large %s value",
-+ myldap_get_dn(entry),attmap_passwd_uidNumber);
-+ return 0;
-+ }
- /* get the gecos for this entry */
- attmap_get_value(entry,attmap_passwd_gecos,gecos,sizeof(gecos));
- /* get the home directory for this entry */
+
+ #ifdef WANT_STRTOUI
+ /* provide a strtoui() if it is needed */
diff --git a/nss-pam-ldapd.spec b/nss-pam-ldapd.spec
index c483657..e665123 100644
--- a/nss-pam-ldapd.spec
+++ b/nss-pam-ldapd.spec
@@ -13,8 +13,8 @@
%endif
Name: nss-pam-ldapd
-Version: 0.7.15
-Release: 2%{?dist}
+Version: 0.7.16
+Release: 1%{?dist}
Summary: An nsswitch module which uses directory servers
Group: System Environment/Base
License: LGPLv2+
@@ -263,6 +263,9 @@ exit 0
%endif
%changelog
+* Sat Apr 28 2012 Jakub Hrozek <jhrozek at redhat.com> 0.7.16-1
+- new upstream release 0.7.16
+
* Thu Mar 15 2012 Jakub Hrozek <jhrozek at redhat.com> 0.7.15-2
- Do not print "Broken Pipe" error message when requesting a large group
More information about the scm-commits
mailing list