Changes 185:

* fix: LDAP write on userPassword fails when chasing referral and cached policy error is POLICY_ERROR_PASSWORD_EXPIRED * fix: only request attributes that are actually used * fix: canonicalize PAM_USER name
author: adam <adam@pkgsrc.org> 2010-10-28 08:06:19 +0000
committer: adam <adam@pkgsrc.org> 2010-10-28 08:06:19 +0000
commit: 27defc54d44fa45ab7bdb764d2ce0e23aa3d9ef3 (patch)
tree: 5627db84f4dfa8f44263a672caa0489a7d98ec42 /security/pam-ldap
parent: 75c196f66d4f76d086773222c5e41c6ae1fcd009 (diff)
download: pkgsrc-27defc54d44fa45ab7bdb764d2ce0e23aa3d9ef3.tar.gz
4 files changed, 73 insertions, 58 deletions
diff --git a/security/pam-ldap/Makefile b/security/pam-ldap/Makefile
index 1c143030fc3..7d997662c6c 100644
--- a/security/pam-ldap/Makefile
+++ b/security/pam-ldap/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.32 2010/01/17 12:02:43 wiz Exp $
+# $NetBSD: Makefile,v 1.33 2010/10/28 08:06:19 adam Exp $
 
-DISTNAME=	pam_ldap-184
+DISTNAME=	pam_ldap-185
 PKGNAME=	${DISTNAME:S/_/-/}
-PKGREVISION=	3
 CATEGORIES=	security
 MASTER_SITES=	ftp://ftp.padl.com/pub/ \
 		http://www.padl.com/download/
@@ -10,6 +9,7 @@ MASTER_SITES=	ftp://ftp.padl.com/pub/ \
 MAINTAINER=	rh@NetBSD.org
 HOMEPAGE=	http://www.padl.com/pam_ldap.html
 COMMENT=	Pluggable authentication module for LDAP directories
+LICENSE=	gnu-lgpl-v2
 
 PKG_DESTDIR_SUPPORT=	user-destdir
 
@@ -20,15 +20,13 @@ CONFIGURE_ARGS+=	--with-ldap-lib=openldap
 CONFIGURE_ARGS+=	--with-ldap-dir=${BUILDLINK_PREFIX.openldap-client}
 CONFIGURE_ARGS+=	--with-ldap-conf-file=${PKG_SYSCONFDIR}/pam_ldap.conf
 CONFIGURE_ARGS+=	--with-ldap-secret-file=${PKG_SYSCONFDIR}/pam_ldap.secret
-CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFDIR:Q}
-
-MAKE_ENV+=		SHLIBTOOL=${SHLIBTOOL:Q}
+CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFDIR}
 
 # Fix (workaround?) a bug with openpam/NetBSD
 # The bug is described in PR security/39313.
 #
 .include "../../mk/bsd.prefs.mk"
-#
+
 .if ${OPSYS} == "NetBSD"
 CFLAGS+=		-DNO_STATIC_MODULES
 .endif
diff --git a/security/pam-ldap/distinfo b/security/pam-ldap/distinfo
index 27523f8933d..825df86b1cd 100644
--- a/security/pam-ldap/distinfo
+++ b/security/pam-ldap/distinfo
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.10 2007/11/27 08:27:06 adam Exp $
+$NetBSD: distinfo,v 1.11 2010/10/28 08:06:19 adam Exp $
 
-SHA1 (pam_ldap-184.tar.gz) = 4fe29e57cc7f69eca3692fbaf88160aff2260939
-RMD160 (pam_ldap-184.tar.gz) = 00f08117c72ec3af3b1e32856ffeaf3a8768cde9
-Size (pam_ldap-184.tar.gz) = 128053 bytes
-SHA1 (patch-aa) = 4fb701c85005106c2b3d9cf90590856e16b668ff
-SHA1 (patch-ab) = 32827157c9f037a13589f4c584e300ce71fe4130
+SHA1 (pam_ldap-185.tar.gz) = 56dc89b38697ee50295dde3af52a3785f4a5442f
+RMD160 (pam_ldap-185.tar.gz) = bb8263aff8e9d9c7e6ffb8a1d2c449e488037a7e
+Size (pam_ldap-185.tar.gz) = 163467 bytes
+SHA1 (patch-aa) = d97777c44be0f845e68cbdcfe0294043b9895487
+SHA1 (patch-ab) = fe711cc64cc6e7eb520a3c5a34514fa7e7da9c55
diff --git a/security/pam-ldap/patches/patch-aa b/security/pam-ldap/patches/patch-aa
index 390454d2991..f958f0550c2 100644
--- a/security/pam-ldap/patches/patch-aa
+++ b/security/pam-ldap/patches/patch-aa
@@ -1,45 +1,62 @@
-$NetBSD: patch-aa,v 1.4 2005/08/29 09:49:07 drochner Exp $
+$NetBSD: patch-aa,v 1.5 2010/10/28 08:06:19 adam Exp $
 
---- Makefile.in.orig	2005-08-18 00:35:13.000000000 +0200
+--- Makefile.in.orig	2009-11-06 10:29:34.000000000 +0000
 +++ Makefile.in
-@@ -70,7 +70,7 @@ PACKAGE = @PACKAGE@
- VERSION = @VERSION@
- pam_ldap_so_LD = @pam_ldap_so_LD@
- 
--noinst_PROGRAMS = pam_ldap.so
+@@ -37,7 +37,7 @@ POST_UNINSTALL = :
+ build_triplet = @build@
+ host_triplet = @host@
+ target_triplet = @target@
+-noinst_PROGRAMS = pam_ldap.so$(EXEEXT)
 +noinst_PROGRAMS = pam_ldap.la
- EXTRA_DIST = COPYING.LIB CVSVersionInfo.txt ChangeLog README 	     ldap.conf pam.conf pam_ldap.spec pam.d
- 
- 
-@@ -100,6 +100,7 @@ pam_ldap_so_OBJECTS =  pam_ldap.o md5.o
+ DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \
+ 	$(srcdir)/Makefile.in $(srcdir)/config.h.in \
+ 	$(top_srcdir)/configure AUTHORS COPYING COPYING.LIB ChangeLog \
+@@ -54,14 +54,13 @@ mkinstalldirs = $(SHELL) $(top_srcdir)/m
+ CONFIG_HEADER = config.h
+ CONFIG_CLEAN_FILES =
+ PROGRAMS = $(noinst_PROGRAMS)
+-am_pam_ldap_so_OBJECTS = pam_ldap.$(OBJEXT) md5.$(OBJEXT) \
+-	vers.$(OBJEXT)
++am_pam_ldap_so_OBJECTS = pam_ldap.$(OBJEXT) md5.$(OBJEXT)
+ pam_ldap_so_OBJECTS = $(am_pam_ldap_so_OBJECTS)
  pam_ldap_so_LDADD = $(LDADD)
- pam_ldap_so_DEPENDENCIES = 
- CFLAGS = @CFLAGS@
-+LTCOMPILE = $(SHLIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
- COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+ DEFAULT_INCLUDES = -I. -I$(srcdir) -I.
+ depcomp = $(SHELL) $(top_srcdir)/depcomp
+ am__depfiles_maybe = depfiles
+-COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
++COMPILE = ${LIBTOOL} --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
  CCLD = $(CC)
- man5dir = $(mandir)/man5
-@@ -122,7 +123,7 @@ OBJECTS = $(pam_ldap_so_OBJECTS)
+ SOURCES = $(pam_ldap_so_SOURCES)
+@@ -189,7 +188,7 @@ all: config.h
+ 	$(MAKE) $(AM_MAKEFLAGS) all-am
  
- all: all-redirect
  .SUFFIXES:
--.SUFFIXES: .S .c .o .s
-+.SUFFIXES: .S .c .lo .o .s
- $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) 
- 	cd $(top_srcdir) && $(AUTOMAKE) --gnu Makefile
- 
-@@ -191,6 +192,9 @@ distclean-compile:
- 
- maintainer-clean-compile:
+-.SUFFIXES: .c .o .obj
++.SUFFIXES: .c .lo .o .obj
+ am--refresh:
+ 	@:
+ $(srcdir)/Makefile.in:  $(srcdir)/Makefile.am  $(am__configure_deps)
+@@ -243,6 +242,8 @@ distclean-hdr:
  
+ clean-noinstPROGRAMS:
+ 	-test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS)
 +pam_ldap.la: $(pam_ldap_so_OBJECTS:.o=.lo) $(pam_ldap_so_DEPENDENCIES)
-+	$(SHLIBTOOL) --mode=link $(CC) $(AM_LDFLAGS) $(LDFLAGS) $(pam_ldap_so_LDFLAGS) $(pam_ldap_so_OBJECTS:.o=.lo) -module -avoid-version -rpath $(libdir)/security -o $@ $(pam_ldap_so_LDADD) $(LIBS)
-+
- pam_ldap.so: $(pam_ldap_so_OBJECTS) $(pam_ldap_so_DEPENDENCIES)
- 	@rm -f pam_ldap.so
++	${LIBTOOL} --mode=link $(CC) $(AM_LDFLAGS) $(LDFLAGS) $(pam_ldap_so_LDFLAGS) $(pam_ldap_so_OBJECTS:.o=.lo) -module -avoid-version -rpath $(libdir)/security -o $@ $(pam_ldap_so_LDADD) $(LIBS)
+ pam_ldap.so$(EXEEXT): $(pam_ldap_so_OBJECTS) $(pam_ldap_so_DEPENDENCIES) 
+ 	@rm -f pam_ldap.so$(EXEEXT)
  	$(LINK) $(pam_ldap_so_LDFLAGS) $(pam_ldap_so_OBJECTS) $(pam_ldap_so_LDADD) $(LIBS)
-@@ -432,7 +436,14 @@ mostlyclean-generic distclean-generic cl
- maintainer-clean-generic clean mostlyclean distclean maintainer-clean
+@@ -257,7 +258,7 @@ distclean-compile:
+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_ldap.Po@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vers.Po@am__quote@
+ 
+-.c.o:
++.c.lo:
+ @am__fastdepCC_TRUE@	if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
+ @am__fastdepCC_TRUE@	then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
+ @AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@@ -592,7 +593,14 @@ uninstall-man: uninstall-man5
+ 	uninstall-man5
  
  
 -install-exec-local: pam_ldap.so
@@ -48,13 +65,13 @@ $NetBSD: patch-aa,v 1.4 2005/08/29 09:49:07 drochner Exp $
 +install-exec-local-libtool: pam_ldap.la
 +	@$(NORMAL_INSTALL)
 +	$(mkinstalldirs) $(DESTDIR)$(libdir)/security
-+	$(SHLIBTOOL) --mode=install $(INSTALL_PROGRAM) -c pam_ldap.la $(DESTDIR)$(libdir)/security
++	${LIBTOOL} --mode=install $(INSTALL_PROGRAM) -c pam_ldap.la $(DESTDIR)$(libdir)/security
 +
 +install-exec-local-so: pam_ldap.so
  	@$(NORMAL_INSTALL)
  	$(mkinstalldirs) $(DESTDIR)$(libdir)/security
  @EXTENSION_SO_TRUE@	$(INSTALL_PROGRAM) -o root -g root pam_ldap.so $(DESTDIR)$(libdir)/security/pam_ldap.so
-@@ -442,9 +453,9 @@ install-exec-local: pam_ldap.so
+@@ -602,9 +610,9 @@ install-exec-local: pam_ldap.so
  
  install-data-local:
  	@$(NORMAL_INSTALL)
diff --git a/security/pam-ldap/patches/patch-ab b/security/pam-ldap/patches/patch-ab
index 1bccd75bd8f..4eef7f829b9 100644
--- a/security/pam-ldap/patches/patch-ab
+++ b/security/pam-ldap/patches/patch-ab
@@ -1,6 +1,6 @@
-$NetBSD: patch-ab,v 1.7 2007/11/27 08:27:06 adam Exp $
+$NetBSD: patch-ab,v 1.8 2010/10/28 08:06:19 adam Exp $
 
---- pam_ldap.c.orig	2007-08-12 18:35:00.000000000 +0200
+--- pam_ldap.c.orig	2009-11-06 10:29:34.000000000 +0000
 +++ pam_ldap.c
 @@ -131,12 +131,7 @@
  #include "pam_ldap.h"
@@ -15,7 +15,7 @@ $NetBSD: patch-ab,v 1.7 2007/11/27 08:27:06 adam Exp $
  
  #ifndef HAVE_LDAP_MEMFREE
  #define ldap_memfree(x)	free(x)
-@@ -3281,7 +3276,7 @@ pam_sm_authenticate (pam_handle_t * pamh
+@@ -3411,7 +3406,7 @@ pam_sm_authenticate (pam_handle_t * pamh
    int rc;
    const char *username;
    char *p;
@@ -24,7 +24,7 @@ $NetBSD: patch-ab,v 1.7 2007/11/27 08:27:06 adam Exp $
    int i;
    pam_ldap_session_t *session = NULL;
    const char *configFile = NULL;
-@@ -3302,6 +3297,8 @@ pam_sm_authenticate (pam_handle_t * pamh
+@@ -3432,6 +3427,8 @@ pam_sm_authenticate (pam_handle_t * pamh
  	;
        else if (!strcmp (argv[i], "debug"))
  	;
@@ -33,7 +33,7 @@ $NetBSD: patch-ab,v 1.7 2007/11/27 08:27:06 adam Exp $
        else
  	syslog (LOG_ERR, "illegal option %s", argv[i]);
      }
-@@ -3315,6 +3312,22 @@ pam_sm_authenticate (pam_handle_t * pamh
+@@ -3445,6 +3442,22 @@ pam_sm_authenticate (pam_handle_t * pamh
      return rc;
  
    rc = pam_get_item (pamh, PAM_AUTHTOK, (CONST_ARG void **) &p);
@@ -56,7 +56,7 @@ $NetBSD: patch-ab,v 1.7 2007/11/27 08:27:06 adam Exp $
    if (rc == PAM_SUCCESS && (use_first_pass || try_first_pass))
      {
        rc = _do_authentication (pamh, session, username, p);
-@@ -3563,11 +3576,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
+@@ -3707,11 +3720,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
  		    {
  		      _conv_sendmsg (appconv, "Password change aborted",
  				     PAM_ERROR_MSG, no_warn);
@@ -72,7 +72,7 @@ $NetBSD: patch-ab,v 1.7 2007/11/27 08:27:06 adam Exp $
  		    }
  		  else
  		    {
-@@ -3581,7 +3594,7 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
+@@ -3725,7 +3738,7 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
  	  if (curpass == NULL)
  	    return PAM_MAXTRIES;	/* maximum tries exceeded */
  	  else
@@ -81,7 +81,7 @@ $NetBSD: patch-ab,v 1.7 2007/11/27 08:27:06 adam Exp $
  	}
        else
  	{
-@@ -3609,11 +3622,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
+@@ -3753,11 +3766,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
        syslog (LOG_ERR,
  	      "pam_ldap: error getting old authentication token (%s)",
  	      pam_strerror (pamh, rc));
@@ -97,7 +97,7 @@ $NetBSD: patch-ab,v 1.7 2007/11/27 08:27:06 adam Exp $
      }
  
    if (try_first_pass || use_first_pass)
-@@ -3623,11 +3636,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
+@@ -3767,11 +3780,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
  	newpass = NULL;
  
        if (use_first_pass && newpass == NULL)
@@ -113,7 +113,7 @@ $NetBSD: patch-ab,v 1.7 2007/11/27 08:27:06 adam Exp $
      }
  
    tries = 0;
-@@ -3677,11 +3690,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
+@@ -3821,11 +3834,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
  	}
        else
  	{
@@ -129,7 +129,7 @@ $NetBSD: patch-ab,v 1.7 2007/11/27 08:27:06 adam Exp $
  	}
  
        if (cmiscptr == NULL)
-@@ -3713,11 +3726,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
+@@ -3857,11 +3870,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
  		{
  		  _conv_sendmsg (appconv, "Password change aborted",
  				 PAM_ERROR_MSG, no_warn);
author	adam <adam@pkgsrc.org>	2010-10-28 08:06:19 +0000
committer	adam <adam@pkgsrc.org>	2010-10-28 08:06:19 +0000
commit	27defc54d44fa45ab7bdb764d2ce0e23aa3d9ef3 (patch)
tree	5627db84f4dfa8f44263a672caa0489a7d98ec42 /security/pam-ldap
parent	75c196f66d4f76d086773222c5e41c6ae1fcd009 (diff)
download	pkgsrc-27defc54d44fa45ab7bdb764d2ce0e23aa3d9ef3.tar.gz