summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
authorSteve Langasek <vorlon@debian.org>2008-07-26 13:10:57 -0700
committerSteve Langasek <steve.langasek@ubuntu.com>2019-01-03 17:01:54 -0800
commit993802d99815fa46617144aebc4836b394e335df (patch)
tree91f1bc07149f4d777d65c0053637aed7b66f0231 /debian
parent4a29ef333c8d76a6fdef5f1b52a1d7544e67e9e7 (diff)
refresh more patches for new upstream version
Diffstat (limited to 'debian')
-rw-r--r--debian/patches-applied/055_pam_unix_nullok_secure101
-rw-r--r--debian/patches-applied/PAM-manpage-section28
-rw-r--r--debian/patches-applied/series2
3 files changed, 71 insertions, 60 deletions
diff --git a/debian/patches-applied/055_pam_unix_nullok_secure b/debian/patches-applied/055_pam_unix_nullok_secure
index e62c20d1..7eb1dd12 100644
--- a/debian/patches-applied/055_pam_unix_nullok_secure
+++ b/debian/patches-applied/055_pam_unix_nullok_secure
@@ -7,11 +7,11 @@ Authors: Sam Hartman <hartmans@debian.org>,
Upstream status: not yet submitted
-Index: pam.debian/modules/pam_unix/support.c
+Index: pam.deb/modules/pam_unix/support.c
===================================================================
---- pam.debian.orig/modules/pam_unix/support.c
-+++ pam.debian/modules/pam_unix/support.c
-@@ -84,15 +84,22 @@
+--- pam.deb.orig/modules/pam_unix/support.c
++++ pam.deb/modules/pam_unix/support.c
+@@ -83,15 +83,22 @@
/* now parse the arguments to this module */
while (argc-- > 0) {
@@ -39,7 +39,16 @@ Index: pam.debian/modules/pam_unix/support.c
}
}
-@@ -469,6 +476,17 @@
+@@ -456,7 +463,7 @@
+ /* exec binary helper */
+ args[0] = strdup(CHKPWD_HELPER);
+ args[1] = x_strdup(user);
+- if (off(UNIX__NONULL, ctrl)) { /* this means we've succeeded */
++ if (_unix_blankpasswd(pamh, ctrl, name)) { /* this means we've succeeded */
+ args[2]=strdup("nullok");
+ } else {
+ args[2]=strdup("nonull");
+@@ -553,6 +560,17 @@
if (salt)
_pam_delete(salt);
@@ -57,31 +66,32 @@ Index: pam.debian/modules/pam_unix/support.c
return retval;
}
-@@ -689,7 +707,7 @@
- size_t salt_len = strlen(salt);
- if (!salt_len) {
- /* the stored password is NULL */
-- if (off(UNIX__NONULL, ctrl)) {/* this means we've succeeded */
-+ if (_unix_blankpasswd(pamh, ctrl, name)) {/* this means we've succeeded */
- D(("user has empty password - access granted"));
- retval = PAM_SUCCESS;
- } else {
-Index: pam.debian/modules/pam_unix/support.h
+@@ -612,7 +630,8 @@
+ }
+ }
+ } else {
+- retval = verify_pwd_hash(p, salt, off(UNIX__NONULL, ctrl));
++ retval = verify_pwd_hash(p, salt,
++ _unix_blankpasswd(pamh, ctrl, name));
+ }
+
+ if (retval == PAM_SUCCESS) {
+Index: pam.deb/modules/pam_unix/support.h
===================================================================
---- pam.debian.orig/modules/pam_unix/support.h
-+++ pam.debian/modules/pam_unix/support.h
-@@ -87,8 +87,9 @@
- #define UNIX_MAX_PASS_LEN 23 /* internal, for compatibility only */
- #define UNIX_MIN_PASS_LEN 24 /* Min length for password */
- #define UNIX_OBSCURE_CHECKS 25 /* enable obscure checks on passwords */
-+#define UNIX_NULLOK_SECURE 26 /* NULL passwords allowed only on secure ttys */
+--- pam.deb.orig/modules/pam_unix/support.h
++++ pam.deb/modules/pam_unix/support.h
+@@ -91,8 +91,9 @@
+ #define UNIX_MAX_PASS_LEN 26 /* internal, for compatibility only */
+ #define UNIX_MIN_PASS_LEN 27 /* Min length for password */
+ #define UNIX_OBSCURE_CHECKS 28 /* enable obscure checks on passwords */
++#define UNIX_NULLOK_SECURE 29 /* NULL passwords allowed only on secure ttys */
/* -------------- */
--#define UNIX_CTRLS_ 26 /* number of ctrl arguments defined */
-+#define UNIX_CTRLS_ 27 /* number of ctrl arguments defined */
+-#define UNIX_CTRLS_ 29 /* number of ctrl arguments defined */
++#define UNIX_CTRLS_ 30 /* number of ctrl arguments defined */
static const UNIX_Ctrls unix_args[UNIX_CTRLS_] =
-@@ -105,7 +106,7 @@
+@@ -109,7 +110,7 @@
/* UNIX_NOT_SET_PASS */ {"not_set_pass", _ALL_ON_, 0x40},
/* UNIX__PRELIM */ {NULL, _ALL_ON_^(0x180), 0x80},
/* UNIX__UPDATE */ {NULL, _ALL_ON_^(0x180), 0x100},
@@ -90,28 +100,29 @@ Index: pam.debian/modules/pam_unix/support.h
/* UNIX__QUIET */ {NULL, _ALL_ON_, 0x400},
/* UNIX_USE_AUTHTOK */ {"use_authtok", _ALL_ON_, 0x800},
/* UNIX_SHADOW */ {"shadow", _ALL_ON_, 0x1000},
-@@ -122,6 +123,7 @@
+@@ -129,6 +130,7 @@
/* UNIX_MAX_PASS_LEN */ {"max=", _ALL_ON_, 0},
- /* UNIX_MIN_PASS_LEN */ {"min=", _ALL_ON_, 0x400000},
- /* UNIX_OBSCURE_CHECKS */ {"obscure", _ALL_ON_, 0x800000},
-+/* UNIX_NULLOK_SECURE */ {"nullok_secure", _ALL_ON_^(0x200), 0x1000000},
+ /* UNIX_MIN_PASS_LEN */ {"min=", _ALL_ON_, 0x2000000},
+ /* UNIX_OBSCURE_CHECKS */ {"obscure", _ALL_ON_, 0x4000000},
++/* UNIX__NULLOK */ {"nullok_secure", _ALL_ON_^(0x200), 0x8000000},
};
#define UNIX_DEFAULTS (unix_args[UNIX__NONULL].flag)
-@@ -157,5 +159,8 @@
+@@ -163,6 +165,9 @@
+ ,const char *data_name
,const void **pass);
- extern int _unix_shadowed(const struct passwd *pwd);
+extern int _pammodutil_tty_secure(const pam_handle_t *pamh,
+ const char *uttyname);
+
- extern struct spwd *_unix_run_verify_binary(pam_handle_t *pamh, unsigned int ctrl, const char *user);
+ extern int _unix_run_verify_binary(pam_handle_t *pamh,
+ unsigned int ctrl, const char *user, int *daysleft);
#endif /* _PAM_UNIX_SUPPORT_H */
-Index: pam.debian/modules/pam_unix/Makefile.am
+Index: pam.deb/modules/pam_unix/Makefile.am
===================================================================
---- pam.debian.orig/modules/pam_unix/Makefile.am
-+++ pam.debian/modules/pam_unix/Makefile.am
-@@ -30,7 +30,8 @@
+--- pam.deb.orig/modules/pam_unix/Makefile.am
++++ pam.deb/modules/pam_unix/Makefile.am
+@@ -31,7 +31,8 @@
pam_unix_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
endif
pam_unix_la_LIBADD = @LIBCRACK@ @LIBNSL@ -L$(top_builddir)/libpam -lpam \
@@ -121,10 +132,10 @@ Index: pam.debian/modules/pam_unix/Makefile.am
securelib_LTLIBRARIES = pam_unix.la
-Index: pam.debian/modules/pam_unix/README
+Index: pam.deb/modules/pam_unix/README
===================================================================
---- pam.debian.orig/modules/pam_unix/README
-+++ pam.debian/modules/pam_unix/README
+--- pam.deb.orig/modules/pam_unix/README
++++ pam.deb/modules/pam_unix/README
@@ -57,7 +57,16 @@
The default action of this module is to not permit the user access to a
@@ -143,10 +154,10 @@ Index: pam.debian/modules/pam_unix/README
try_first_pass
-Index: pam.debian/modules/pam_unix/pam_unix.8
+Index: pam.deb/modules/pam_unix/pam_unix.8
===================================================================
---- pam.debian.orig/modules/pam_unix/pam_unix.8
-+++ pam.debian/modules/pam_unix/pam_unix.8
+--- pam.deb.orig/modules/pam_unix/pam_unix.8
++++ pam.deb/modules/pam_unix/pam_unix.8
@@ -62,7 +62,14 @@
.RS 4
The default action of this module is to not permit the user access to a service if their official password is blank\. The
@@ -163,10 +174,10 @@ Index: pam.debian/modules/pam_unix/pam_unix.8
.RE
.PP
\fBtry_first_pass\fR
-Index: pam.debian/modules/pam_unix/pam_unix.8.xml
+Index: pam.deb/modules/pam_unix/pam_unix.8.xml
===================================================================
---- pam.debian.orig/modules/pam_unix/pam_unix.8.xml
-+++ pam.debian/modules/pam_unix/pam_unix.8.xml
+--- pam.deb.orig/modules/pam_unix/pam_unix.8.xml
++++ pam.deb/modules/pam_unix/pam_unix.8.xml
@@ -135,7 +135,24 @@
<para>
The default action of this module is to not permit the
diff --git a/debian/patches-applied/PAM-manpage-section b/debian/patches-applied/PAM-manpage-section
index 0855d953..6aecae1b 100644
--- a/debian/patches-applied/PAM-manpage-section
+++ b/debian/patches-applied/PAM-manpage-section
@@ -1,33 +1,33 @@
-Index: pam/Linux-PAM/doc/man/PAM.8
+Index: pam.deb/doc/man/PAM.8
===================================================================
---- pam.orig/Linux-PAM/doc/man/PAM.8
-+++ pam/Linux-PAM/doc/man/PAM.8
+--- pam.deb.orig/doc/man/PAM.8
++++ pam.deb/doc/man/PAM.8
@@ -5,7 +5,7 @@
- .\" Manual: Linux\-PAM Manual
- .\" Source: Linux\-PAM Manual
+ .\" Manual: Linux-PAM Manual
+ .\" Source: Linux-PAM Manual
.\"
--.TH "PAM" "8" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
-+.TH "PAM" "7" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+-.TH "PAM" "8" "02/04/2008" "Linux-PAM Manual" "Linux-PAM Manual"
++.TH "PAM" "7" "02/04/2008" "Linux-PAM Manual" "Linux-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
-@@ -100,4 +100,4 @@
+@@ -104,4 +104,4 @@
\fBpam_authenticate\fR(3),
\fBpam_sm_setcred\fR(3),
\fBpam_strerror\fR(3),
-\fBPAM\fR(8)
+\fBPAM\fR(7)
-Index: pam/Linux-PAM/doc/man/pam.8
+Index: pam.deb/doc/man/pam.8
===================================================================
---- pam.orig/Linux-PAM/doc/man/pam.8
-+++ pam/Linux-PAM/doc/man/pam.8
+--- pam.deb.orig/doc/man/pam.8
++++ pam.deb/doc/man/pam.8
@@ -1 +1 @@
-.so man8/PAM.8
+.so man7/PAM.7
-Index: pam/Linux-PAM/doc/man/pam.8.xml
+Index: pam.deb/doc/man/pam.8.xml
===================================================================
---- pam.orig/Linux-PAM/doc/man/pam.8.xml
-+++ pam/Linux-PAM/doc/man/pam.8.xml
+--- pam.deb.orig/doc/man/pam.8.xml
++++ pam.deb/doc/man/pam.8.xml
@@ -6,7 +6,7 @@
<refmeta>
diff --git a/debian/patches-applied/series b/debian/patches-applied/series
index e1705f85..bdbd0a49 100644
--- a/debian/patches-applied/series
+++ b/debian/patches-applied/series
@@ -15,7 +15,7 @@ hurd_no_setfsuid
055_pam_unix_nullok_secure
057_pam_unix_passwd_OOM_check
065_pam_unix_cracklib_disable
-PAM-manpage-section -p2
+PAM-manpage-section
pam_env_ignore_garbage.patch -p2
pam_tally_audit.patch
autoconf.patch