@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.34 2010/11/03 11:39:08 adam Exp $
+# $NetBSD: Makefile,v 1.35 2010/11/16 09:53:50 adam Exp $
-DISTNAME= pam_ldap-185
+DISTNAME= pam_ldap-186
PKGNAME= ${DISTNAME:S/_/-/}
-PKGREVISION= 1
CATEGORIES= security
MASTER_SITES= ftp://ftp.padl.com/pub/ \
http://www.padl.com/download/
@@ -25,7 +24,6 @@
# Fix (workaround?) a bug with openpam/NetBSD
# The bug is described in PR security/39313.
-#
.include "../../mk/bsd.prefs.mk"
.if ${OPSYS} == "NetBSD"
@@ -1,21 +1,8 @@
-$NetBSD: patch-ab,v 1.8 2010/10/28 08:06:19 adam Exp $
+$NetBSD: patch-ab,v 1.9 2010/11/16 09:53:50 adam Exp $
---- pam_ldap.c.orig 2009-11-06 10:29:34.000000000 +0000
+--- pam_ldap.c.orig 2010-11-08 00:58:44.000000000 +0000
+++ pam_ldap.c
-@@ -131,12 +131,7 @@
- #include "pam_ldap.h"
- #include "md5.h"
-
--#if defined(HAVE_SECURITY_PAM_MISC_H) || defined(HAVE_PAM_PAM_MISC_H)
-- /* FIXME: is there something better to check? */
- #define CONST_ARG const
--#else
--#define CONST_ARG
--#endif
-
- #ifndef HAVE_LDAP_MEMFREE
- #define ldap_memfree(x) free(x)
-@@ -3411,7 +3406,7 @@ pam_sm_authenticate (pam_handle_t * pamh
+@@ -3411,7 +3411,7 @@ pam_sm_authenticate (pam_handle_t * pamh
int rc;
const char *username;
char *p;
@@ -24,7 +11,7 @@
int i;
pam_ldap_session_t *session = NULL;
const char *configFile = NULL;
-@@ -3432,6 +3427,8 @@ pam_sm_authenticate (pam_handle_t * pamh
+@@ -3432,6 +3432,8 @@ pam_sm_authenticate (pam_handle_t * pamh
;
else if (!strcmp (argv[i], "debug"))
;
@@ -33,7 +20,7 @@
else
syslog (LOG_ERR, "illegal option %s", argv[i]);
}
-@@ -3445,6 +3442,22 @@ pam_sm_authenticate (pam_handle_t * pamh
+@@ -3445,6 +3447,22 @@ pam_sm_authenticate (pam_handle_t * pamh
return rc;
rc = pam_get_item (pamh, PAM_AUTHTOK, (CONST_ARG void **) &p);
@@ -56,23 +43,7 @@
if (rc == PAM_SUCCESS && (use_first_pass || try_first_pass))
{
rc = _do_authentication (pamh, session, username, p);
-@@ -3707,11 +3720,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
- {
- _conv_sendmsg (appconv, "Password change aborted",
- PAM_ERROR_MSG, no_warn);
--#ifdef PAM_AUTHTOK_RECOVERY_ERR
-- return PAM_AUTHTOK_RECOVERY_ERR;
--#else
-+#ifdef PAM_AUTHTOK_RECOVER_ERR
- return PAM_AUTHTOK_RECOVER_ERR;
--#endif /* PAM_AUTHTOK_RECOVERY_ERR */
-+#else
-+ return PAM_AUTHTOK_RECOVERY_ERR;
-+#endif
- }
- else
- {
-@@ -3725,7 +3738,7 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
+@@ -3721,7 +3739,7 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
if (curpass == NULL)
return PAM_MAXTRIES; /* maximum tries exceeded */
else
@@ -81,67 +52,3 @@
}
else
{
-@@ -3753,11 +3766,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
- syslog (LOG_ERR,
- "pam_ldap: error getting old authentication token (%s)",
- pam_strerror (pamh, rc));
--#ifdef PAM_AUTHTOK_RECOVERY_ERR
-- return PAM_AUTHTOK_RECOVERY_ERR;
--#else
-+#ifdef PAM_AUTHTOK_RECOVER_ERR
- return PAM_AUTHTOK_RECOVER_ERR;
--#endif /* PAM_AUTHTOK_RECOVERY_ERR */
-+#else
-+ return PAM_AUTHTOK_RECOVERY_ERR;
-+#endif /* PAM_AUTHTOK_RECOVER_ERR */
- }
-
- if (try_first_pass || use_first_pass)
-@@ -3767,11 +3780,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
- newpass = NULL;
-
- if (use_first_pass && newpass == NULL)
--#ifdef PAM_AUTHTOK_RECOVERY_ERR
-- return PAM_AUTHTOK_RECOVERY_ERR;
--#else
-+#ifdef PAM_AUTHTOK_RECOVER_ERR
- return PAM_AUTHTOK_RECOVER_ERR;
--#endif /* PAM_AUTHTOK_RECOVERY_ERR */
-+#else
-+ return PAM_AUTHTOK_RECOVERY_ERR;
-+#endif /* PAM_AUTHTOK_RECOVER_ERR */
- }
-
- tries = 0;
-@@ -3821,11 +3834,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
- }
- else
- {
--#ifdef PAM_AUTHTOK_RECOVERY_ERR
-- return PAM_AUTHTOK_RECOVERY_ERR;
--#else
-+#ifdef PAM_AUTHTOK_RECOVER_ERR
- return PAM_AUTHTOK_RECOVER_ERR;
--#endif /* PAM_AUTHTOK_RECOVERY_ERR */
-+#else
-+ return PAM_AUTHTOK_RECOVERY_ERR;
-+#endif /* PAM_AUTHTOK_RECOVER_ERR */
- }
-
- if (cmiscptr == NULL)
-@@ -3857,11 +3870,11 @@ pam_sm_chauthtok (pam_handle_t * pamh, i
- {
- _conv_sendmsg (appconv, "Password change aborted",
- PAM_ERROR_MSG, no_warn);
--#ifdef PAM_AUTHTOK_RECOVERY_ERR
-- return PAM_AUTHTOK_RECOVERY_ERR;
--#else
-+#ifdef PAM_AUTHTOK_RECOVER_ERR
- return PAM_AUTHTOK_RECOVER_ERR;
--#endif /* PAM_AUTHTOK_RECOVERY_ERR */
-+#else
-+ return PAM_AUTHTOK_RECOVERY_ERR;
-+#endif /* PAM_AUTHTOK_RECOVER_ERR */
- }
- }
- else if (!strcmp (newpass, miscptr))