Tue Nov 16 09:53:50 2010 UTC ()
Changes 186:
* fix for BUG-424: build fails on Darwin


(adam)
diff -r1.34 -r1.35 pkgsrc/security/pam-ldap/Makefile
diff -r1.12 -r1.13 pkgsrc/security/pam-ldap/distinfo
diff -r1.8 -r1.9 pkgsrc/security/pam-ldap/patches/patch-ab
cvs diff -r1.34 -r1.35 pkgsrc/security/pam-ldap/Makefile (expand / switch to unified diff)

--- pkgsrc/security/pam-ldap/Makefile 2010/11/03 11:39:08 1.34
+++ pkgsrc/security/pam-ldap/Makefile 2010/11/16 09:53:50 1.35
@@ -1,41 +1,39 @@ @@ -1,41 +1,39 @@
1# $NetBSD: Makefile,v 1.34 2010/11/03 11:39:08 adam Exp $ 1# $NetBSD: Makefile,v 1.35 2010/11/16 09:53:50 adam Exp $
2 2
3DISTNAME= pam_ldap-185 3DISTNAME= pam_ldap-186
4PKGNAME= ${DISTNAME:S/_/-/} 4PKGNAME= ${DISTNAME:S/_/-/}
5PKGREVISION= 1 
6CATEGORIES= security 5CATEGORIES= security
7MASTER_SITES= ftp://ftp.padl.com/pub/ \ 6MASTER_SITES= ftp://ftp.padl.com/pub/ \
8 http://www.padl.com/download/ 7 http://www.padl.com/download/
9 8
10MAINTAINER= rh@NetBSD.org 9MAINTAINER= rh@NetBSD.org
11HOMEPAGE= http://www.padl.com/pam_ldap.html 10HOMEPAGE= http://www.padl.com/pam_ldap.html
12COMMENT= Pluggable authentication module for LDAP directories 11COMMENT= Pluggable authentication module for LDAP directories
13LICENSE= gnu-lgpl-v2 12LICENSE= gnu-lgpl-v2
14 13
15PKG_DESTDIR_SUPPORT= user-destdir 14PKG_DESTDIR_SUPPORT= user-destdir
16 15
17USE_LIBTOOL= yes 16USE_LIBTOOL= yes
18USE_TOOLS+= gmake 17USE_TOOLS+= gmake
19GNU_CONFIGURE= yes 18GNU_CONFIGURE= yes
20CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} 19CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
21CONFIGURE_ARGS+= --with-ldap-lib=openldap 20CONFIGURE_ARGS+= --with-ldap-lib=openldap
22CONFIGURE_ARGS+= --with-ldap-dir=${BUILDLINK_PREFIX.openldap-client} 21CONFIGURE_ARGS+= --with-ldap-dir=${BUILDLINK_PREFIX.openldap-client}
23CONFIGURE_ARGS+= --with-ldap-conf-file=${PKG_SYSCONFDIR}/ldap.conf 22CONFIGURE_ARGS+= --with-ldap-conf-file=${PKG_SYSCONFDIR}/ldap.conf
24CONFIGURE_ARGS+= --with-ldap-secret-file=${PKG_SYSCONFDIR}/ldap.secret 23CONFIGURE_ARGS+= --with-ldap-secret-file=${PKG_SYSCONFDIR}/ldap.secret
25 24
26# Fix (workaround?) a bug with openpam/NetBSD 25# Fix (workaround?) a bug with openpam/NetBSD
27# The bug is described in PR security/39313. 26# The bug is described in PR security/39313.
28# 
29.include "../../mk/bsd.prefs.mk" 27.include "../../mk/bsd.prefs.mk"
30 28
31.if ${OPSYS} == "NetBSD" 29.if ${OPSYS} == "NetBSD"
32CFLAGS+= -DNO_STATIC_MODULES 30CFLAGS+= -DNO_STATIC_MODULES
33.endif 31.endif
34 32
35# shared with databases/nss_ldap 33# shared with databases/nss_ldap
36EGDIR= ${PREFIX}/share/examples/${PKGBASE} 34EGDIR= ${PREFIX}/share/examples/${PKGBASE}
37CONF_FILES= ${EGDIR}/ldap.conf ${PKG_SYSCONFDIR}/ldap.conf 35CONF_FILES= ${EGDIR}/ldap.conf ${PKG_SYSCONFDIR}/ldap.conf
38 36
39INSTALL_MAKE_FLAGS= ${MAKE_FLAGS} sysconfdir=${EGDIR} 37INSTALL_MAKE_FLAGS= ${MAKE_FLAGS} sysconfdir=${EGDIR}
40INSTALL_TARGET= install install-data 38INSTALL_TARGET= install install-data
41 39
cvs diff -r1.12 -r1.13 pkgsrc/security/pam-ldap/distinfo (expand / switch to unified diff)

--- pkgsrc/security/pam-ldap/distinfo 2010/11/03 11:39:08 1.12
+++ pkgsrc/security/pam-ldap/distinfo 2010/11/16 09:53:50 1.13
@@ -1,7 +1,7 @@ @@ -1,7 +1,7 @@
1$NetBSD: distinfo,v 1.12 2010/11/03 11:39:08 adam Exp $ 1$NetBSD: distinfo,v 1.13 2010/11/16 09:53:50 adam Exp $
2 2
3SHA1 (pam_ldap-185.tar.gz) = 56dc89b38697ee50295dde3af52a3785f4a5442f 3SHA1 (pam_ldap-186.tar.gz) = abb37c92dde446687272849ed29eb5c0fe1a55a6
4RMD160 (pam_ldap-185.tar.gz) = bb8263aff8e9d9c7e6ffb8a1d2c449e488037a7e 4RMD160 (pam_ldap-186.tar.gz) = 54fb6da6560ef1d7082d1e00cfa96286801f40bf
5Size (pam_ldap-185.tar.gz) = 163467 bytes 5Size (pam_ldap-186.tar.gz) = 163437 bytes
6SHA1 (patch-aa) = 7bfec8025280db30de244c4f5d5b40d8ff30a485 6SHA1 (patch-aa) = 7bfec8025280db30de244c4f5d5b40d8ff30a485
7SHA1 (patch-ab) = fe711cc64cc6e7eb520a3c5a34514fa7e7da9c55 7SHA1 (patch-ab) = 37c084142853baad8949001466e344c6bcebb711
cvs diff -r1.8 -r1.9 pkgsrc/security/pam-ldap/patches/patch-ab (expand / switch to unified diff)

--- pkgsrc/security/pam-ldap/patches/patch-ab 2010/10/28 08:06:19 1.8
+++ pkgsrc/security/pam-ldap/patches/patch-ab 2010/11/16 09:53:50 1.9
@@ -1,147 +1,54 @@ @@ -1,147 +1,54 @@
1$NetBSD: patch-ab,v 1.8 2010/10/28 08:06:19 adam Exp $ 1$NetBSD: patch-ab,v 1.9 2010/11/16 09:53:50 adam Exp $
2 2
3--- pam_ldap.c.orig 2009-11-06 10:29:34.000000000 +0000 3--- pam_ldap.c.orig 2010-11-08 00:58:44.000000000 +0000
4+++ pam_ldap.c 4+++ pam_ldap.c
5@@ -131,12 +131,7 @@ 5@@ -3411,7 +3411,7 @@ pam_sm_authenticate (pam_handle_t * pamh
6 #include "pam_ldap.h" 
7 #include "md5.h" 
8  
9-#if defined(HAVE_SECURITY_PAM_MISC_H) || defined(HAVE_PAM_PAM_MISC_H) 
10- /* FIXME: is there something better to check? */ 
11 #define CONST_ARG const 
12-#else 
13-#define CONST_ARG 
14-#endif 
15  
16 #ifndef HAVE_LDAP_MEMFREE 
17 #define ldap_memfree(x) free(x) 
18@@ -3411,7 +3406,7 @@ pam_sm_authenticate (pam_handle_t * pamh 
19 int rc; 6 int rc;
20 const char *username; 7 const char *username;
21 char *p; 8 char *p;
22- int use_first_pass = 0, try_first_pass = 0, ignore_flags = 0; 9- int use_first_pass = 0, try_first_pass = 0, ignore_flags = 0;
23+ int use_first_pass = 0, try_first_pass = 0, ignore_flags = 0, migrate = 0; 10+ int use_first_pass = 0, try_first_pass = 0, ignore_flags = 0, migrate = 0;
24 int i; 11 int i;
25 pam_ldap_session_t *session = NULL; 12 pam_ldap_session_t *session = NULL;
26 const char *configFile = NULL; 13 const char *configFile = NULL;
27@@ -3432,6 +3427,8 @@ pam_sm_authenticate (pam_handle_t * pamh 14@@ -3432,6 +3432,8 @@ pam_sm_authenticate (pam_handle_t * pamh
28 ; 15 ;
29 else if (!strcmp (argv[i], "debug")) 16 else if (!strcmp (argv[i], "debug"))
30 ; 17 ;
31+ else if (!strcmp (argv[i], "migrate")) 18+ else if (!strcmp (argv[i], "migrate"))
32+ migrate = 1; 19+ migrate = 1;
33 else 20 else
34 syslog (LOG_ERR, "illegal option %s", argv[i]); 21 syslog (LOG_ERR, "illegal option %s", argv[i]);
35 } 22 }
36@@ -3445,6 +3442,22 @@ pam_sm_authenticate (pam_handle_t * pamh 23@@ -3445,6 +3447,22 @@ pam_sm_authenticate (pam_handle_t * pamh
37 return rc; 24 return rc;
38  25
39 rc = pam_get_item (pamh, PAM_AUTHTOK, (CONST_ARG void **) &p); 26 rc = pam_get_item (pamh, PAM_AUTHTOK, (CONST_ARG void **) &p);
40+ /* start of migrate facility in "pam_ldap authentication" */ 27+ /* start of migrate facility in "pam_ldap authentication" */
41+ if (migrate==1 && rc==PAM_SUCCESS) 28+ if (migrate==1 && rc==PAM_SUCCESS)
42+ { 29+ {
43+ /* check if specified username exists in LDAP */ 30+ /* check if specified username exists in LDAP */
44+ if (_get_user_info(session,username)==PAM_SUCCESS) 31+ if (_get_user_info(session,username)==PAM_SUCCESS)
45+ { 32+ {
46+ /* 33+ /*
47+ overwrite old LDAP userPassword with a new password 34+ overwrite old LDAP userPassword with a new password
48+ obtained during pam authentication process 35+ obtained during pam authentication process
49+ - rootbinddn and ldap.secret must be set 36+ - rootbinddn and ldap.secret must be set
50+ */ 37+ */
51+ rc=_update_authtok(pamh,session,username,NULL,p); 38+ rc=_update_authtok(pamh,session,username,NULL,p);
52+ return PAM_IGNORE; 39+ return PAM_IGNORE;
53+ } 40+ }
54+ } 41+ }
55+ /* end of migrate facility in "pam_ldap authentication" */ 42+ /* end of migrate facility in "pam_ldap authentication" */
56 if (rc == PAM_SUCCESS && (use_first_pass || try_first_pass)) 43 if (rc == PAM_SUCCESS && (use_first_pass || try_first_pass))
57 { 44 {
58 rc = _do_authentication (pamh, session, username, p); 45 rc = _do_authentication (pamh, session, username, p);
59@@ -3707,11 +3720,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i 46@@ -3721,7 +3739,7 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
60 { 
61 _conv_sendmsg (appconv, "Password change aborted", 
62 PAM_ERROR_MSG, no_warn); 
63-#ifdef PAM_AUTHTOK_RECOVERY_ERR 
64- return PAM_AUTHTOK_RECOVERY_ERR; 
65-#else 
66+#ifdef PAM_AUTHTOK_RECOVER_ERR 
67 return PAM_AUTHTOK_RECOVER_ERR; 
68-#endif /* PAM_AUTHTOK_RECOVERY_ERR */ 
69+#else 
70+ return PAM_AUTHTOK_RECOVERY_ERR; 
71+#endif 
72 } 
73 else 
74 { 
75@@ -3725,7 +3738,7 @@ pam_sm_chauthtok (pam_handle_t * pamh, i 
76 if (curpass == NULL) 47 if (curpass == NULL)
77 return PAM_MAXTRIES; /* maximum tries exceeded */ 48 return PAM_MAXTRIES; /* maximum tries exceeded */
78 else 49 else
79- pam_set_item (pamh, PAM_OLDAUTHTOK, (void *) curpass); 50- pam_set_item (pamh, PAM_OLDAUTHTOK, (void *) curpass);
80+ pam_set_item (pamh, PAM_OLDAUTHTOK, (void *) strdup(curpass)); 51+ pam_set_item (pamh, PAM_OLDAUTHTOK, (void *) strdup(curpass));
81 } 52 }
82 else 53 else
83 { 54 {
84@@ -3753,11 +3766,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i 
85 syslog (LOG_ERR, 
86 "pam_ldap: error getting old authentication token (%s)", 
87 pam_strerror (pamh, rc)); 
88-#ifdef PAM_AUTHTOK_RECOVERY_ERR 
89- return PAM_AUTHTOK_RECOVERY_ERR; 
90-#else 
91+#ifdef PAM_AUTHTOK_RECOVER_ERR 
92 return PAM_AUTHTOK_RECOVER_ERR; 
93-#endif /* PAM_AUTHTOK_RECOVERY_ERR */ 
94+#else 
95+ return PAM_AUTHTOK_RECOVERY_ERR; 
96+#endif /* PAM_AUTHTOK_RECOVER_ERR */ 
97 } 
98  
99 if (try_first_pass || use_first_pass) 
100@@ -3767,11 +3780,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i 
101 newpass = NULL; 
102  
103 if (use_first_pass && newpass == NULL) 
104-#ifdef PAM_AUTHTOK_RECOVERY_ERR 
105- return PAM_AUTHTOK_RECOVERY_ERR; 
106-#else 
107+#ifdef PAM_AUTHTOK_RECOVER_ERR 
108 return PAM_AUTHTOK_RECOVER_ERR; 
109-#endif /* PAM_AUTHTOK_RECOVERY_ERR */ 
110+#else 
111+ return PAM_AUTHTOK_RECOVERY_ERR; 
112+#endif /* PAM_AUTHTOK_RECOVER_ERR */ 
113 } 
114  
115 tries = 0; 
116@@ -3821,11 +3834,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i 
117 } 
118 else 
119 { 
120-#ifdef PAM_AUTHTOK_RECOVERY_ERR 
121- return PAM_AUTHTOK_RECOVERY_ERR; 
122-#else 
123+#ifdef PAM_AUTHTOK_RECOVER_ERR 
124 return PAM_AUTHTOK_RECOVER_ERR; 
125-#endif /* PAM_AUTHTOK_RECOVERY_ERR */ 
126+#else 
127+ return PAM_AUTHTOK_RECOVERY_ERR; 
128+#endif /* PAM_AUTHTOK_RECOVER_ERR */ 
129 } 
130  
131 if (cmiscptr == NULL) 
132@@ -3857,11 +3870,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i 
133 { 
134 _conv_sendmsg (appconv, "Password change aborted", 
135 PAM_ERROR_MSG, no_warn); 
136-#ifdef PAM_AUTHTOK_RECOVERY_ERR 
137- return PAM_AUTHTOK_RECOVERY_ERR; 
138-#else 
139+#ifdef PAM_AUTHTOK_RECOVER_ERR 
140 return PAM_AUTHTOK_RECOVER_ERR; 
141-#endif /* PAM_AUTHTOK_RECOVERY_ERR */ 
142+#else 
143+ return PAM_AUTHTOK_RECOVERY_ERR; 
144+#endif /* PAM_AUTHTOK_RECOVER_ERR */ 
145 } 
146 } 
147 else if (!strcmp (newpass, miscptr))