fix-up commit for grafting svn history onto git history

1 files changed, 31 insertions, 0 deletions

diff --git a/debian/patches-applied/045_pam_dispatch_jump_is_ignore b/debian/patches-applied/045_pam_dispatch_jump_is_ignore
new file mode 100644
index 00000000..01d67d41
--- /dev/null
+++ b/debian/patches-applied/045_pam_dispatch_jump_is_ignore
@@ -0,0 +1,31 @@
+
+Previously jumps were treated as PAM_IGNORE in the freezing part of
+the chain and PAM_OK (aka required) in the frozen part of the chain.
+No one on pam-list was able to explain this behavior, so I changed it
+to be consistent.
+
+Index: Linux-PAM/libpam/pam_dispatch.c
+===================================================================
+--- Linux-PAM/libpam/pam_dispatch.c.orig
++++ Linux-PAM/libpam/pam_dispatch.c
+@@ -229,19 +229,7 @@
+ 	    if ( _PAM_ACTION_IS_JUMP(action) ) {
+ 
+ 		/* If we are evaluating a cached chain, we treat this
+-		   module as required (aka _PAM_ACTION_OK) as well as
+-		   executing the jump. */
+-
+-		if (use_cached_chain) {
+-		    if (impression == _PAM_UNDEF
+-			|| (impression == _PAM_POSITIVE
+-			    && status == PAM_SUCCESS) ) {
+-                	if ( retval != PAM_IGNORE || cached_retval == retval ) {
+-			    impression = _PAM_POSITIVE;
+-                    	    status = retval;
+-                	}
+-		    }
+-		}
++		   module as ignored as well as executing the jump. */
+ 
+ 		/* this means that we need to skip #action stacked modules */
+ 		do {