Relevant BUGIDs:

Purpose of commit:

Commit summary:
---------------

bugfix: First round of Linux distributor patch merges

6 files changed, 20 insertions, 5 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 40f7a2c9..b4ea04b9 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -90,7 +90,17 @@ BerliOS Bugs are marked with (BerliOS #XXXX).
   module (Bug 1010142 - toady)
 * pam_userdb: applied patch from Paul Walmsley <paul@booyaka.com>
   it now indicates whether encrypted or plaintext passwords are stored
-  in the database needed for pam_userdb. (Bug XXXXXX - toady)
+  in the database needed for pam_userdb (BerliOS - toady)
+* pam_group: The module should also ignore PAM_REINITIALIZE_CRED to
+  avoid spurious errors (from Linux distributors - kukuk)
+* pam_cracklib: Clear the entire options structure (from Linux
+  distributors - kukuk)
+* pam_issue: We write a NUL to prompt_tmp[tot_size] later, so make sure
+  that the destination is part of the allocated block, make do_prompt
+  static (from Linux distributors - kukuk)
+* ldconfig: Only run full ldconfig, if we don't install into a FAKEROOT
+  environment, else let ldconfig only create the symlinks correct
+  (from Linux distributors - kukuk)
 
 
 0.77: Mon Sep 23 10:25:42 PDT 2002
diff --git a/libpam_misc/Makefile b/libpam_misc/Makefile
index 16ba07e6..88364a24 100644
--- a/libpam_misc/Makefile
+++ b/libpam_misc/Makefile
@@ -101,7 +101,9 @@ remove:
 	rm -f $(FAKEROOT)$(INCLUDED)/pam_misc.h
 	rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL)
 	rm -f $(FAKEROOT)$(libdir)/$(LIBNAMED)
+ifndef FAKEROOT
 	$(LDCONFIG)
+endif
 	rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDSTATIC)
 
 clean:
diff --git a/libpamc/Makefile b/libpamc/Makefile
index 49befe4b..0a302534 100644
--- a/libpamc/Makefile
+++ b/libpamc/Makefile
@@ -100,7 +100,9 @@ remove:
 	rm -f $(FAKEROOT)$(INCLUDED)/pam_client.h
 	rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL)
 	rm -f $(FAKEROOT)$(libdir)/$(LIBNAMED)
+ifndef FAKEROOT
 	$(LDCONFIG)
+endif
 	rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDSTATIC)
 
 clean:
diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c
index ff2c61f9..84eae9fb 100644
--- a/modules/pam_cracklib/pam_cracklib.c
+++ b/modules/pam_cracklib/pam_cracklib.c
@@ -559,6 +559,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
 
     D(("called."));
 
+    memset(&options, 0, sizeof(options));
     options.retry_times = CO_RETRY_TIMES;
     options.diff_ok = CO_DIFF_OK;
     options.diff_ignore = CO_DIFF_IGNORE;
diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c
index 4f6f34fb..77c909d0 100644
--- a/modules/pam_group/pam_group.c
+++ b/modules/pam_group/pam_group.c
@@ -771,7 +771,7 @@ PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags
     /* only interested in establishing credentials */
 
     setting = flags;
-    if (!(setting & PAM_ESTABLISH_CRED)) {
+    if (!(setting & (PAM_ESTABLISH_CRED | PAM_REINITIALIZE_CRED))) {
 	D(("ignoring call - not for establishing credentials"));
 	return PAM_SUCCESS;            /* don't fail because of this */
     }
diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c
index 67f40c85..985bfebc 100644
--- a/modules/pam_issue/pam_issue.c
+++ b/modules/pam_issue/pam_issue.c
@@ -38,7 +38,7 @@
 
 static int _user_prompt_set = 0;
 
-char *do_prompt (FILE *);
+static char *do_prompt (FILE *);
 
 /* --- authentication management functions (only) --- */
 
@@ -130,7 +130,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
 	{
 	    char *prompt_tmp_tmp = prompt_tmp;
 
-	    prompt_tmp = realloc(prompt_tmp, tot_size);
+	    prompt_tmp = realloc(prompt_tmp, tot_size + 1);
 	    if (prompt_tmp == NULL) {
 		prompt_tmp = prompt_tmp_tmp;
 		retval = PAM_IGNORE;
@@ -164,7 +164,7 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,
      return PAM_IGNORE;
 }
 
-char *do_prompt(FILE *fd)
+static char *do_prompt(FILE *fd)
 {
     int c, size = 1024;
     char *issue = (char *)malloc(size);