1 files changed, 0 insertions, 118 deletions

diff --git a/debian/patches-applied/dont_freeze_password_chain b/debian/patches-applied/dont_freeze_password_chain
deleted file mode 100644
index 2f1cf43e..00000000
--- a/debian/patches-applied/dont_freeze_password_chain
+++ /dev/null
@@ -1,118 +0,0 @@
-Don't freeze the chain for chauthtok.
-
-bugzilla.novell.com#470337, LP: #303515.
-
-Author: Thorsten Kukuk  <kukuk@thkukuk.de>
-
-Upstream status: cherry-picked from upstream.
-
-=== modified file 'doc/man/pam_sm_chauthtok.3.xml'
-Index: doc/man/pam_sm_chauthtok.3.xml
-===================================================================
---- doc/man/pam_sm_chauthtok.3.xml.orig	2009-04-17 12:44:11.000000000 -0700
-+++ doc/man/pam_sm_chauthtok.3.xml	2009-04-17 12:47:40.000000000 -0700
-@@ -40,7 +40,7 @@
-       </citerefentry> interface.
-     </para>
-     <para>
--      This function is used to (re-)set the authentication token of the user. 
-+      This function is used to (re-)set the authentication token of the user.
-     </para>
-     <para>
-        Valid flags, which may be logically OR'd with
-@@ -60,10 +60,10 @@
-         <listitem>
-           <para>
-             This argument indicates to the module that the users
--            authentication token (password) should only be changed if 
--            it has expired. This flag is optional and 
--            <emphasis>must</emphasis> be combined with one of the 
--            following two flags. Note, however, the following two options 
-+            authentication token (password) should only be changed if
-+            it has expired. This flag is optional and
-+            <emphasis>must</emphasis> be combined with one of the
-+            following two flags. Note, however, the following two options
-             are <emphasis>mutually exclusive</emphasis>.
-           </para>
-         </listitem>
-@@ -72,15 +72,20 @@
-         <term>PAM_PRELIM_CHECK</term>
-         <listitem>
-           <para>
--            This indicates that the modules are being probed as to 
--            their ready status for altering the user's authentication 
--            token. If the module requires access to another system over 
--            some network it should attempt to verify it can connect to 
--            this system on receiving this flag. If a module cannot establish 
--            it is ready to update the user's authentication token it should 
-+            This indicates that the modules are being probed as to
-+            their ready status for altering the user's authentication
-+            token. If the module requires access to another system over
-+            some network it should attempt to verify it can connect to
-+            this system on receiving this flag. If a module cannot establish
-+            it is ready to update the user's authentication token it should
-             return <emphasis remap='B'>PAM_TRY_AGAIN</emphasis>, this
-             information will be passed back to the application.
-           </para>
-+          <para>
-+             If the control value <emphasis>sufficient</emphasis> is used in
-+             the password stack, the <emphasis>PAM_PRELIM_CHECK</emphasis> section
-+             of the modules following that control value is not always executed.
-+          </para>
-         </listitem>
-       </varlistentry>
-       <varlistentry>
-@@ -89,18 +94,18 @@
-           <para>
-             This informs the module that this is the call it should change
-             the authorization tokens. If the flag is logically OR'd with
--            <emphasis remap='B'>PAM_CHANGE_EXPIRED_AUTHTOK</emphasis>, the 
-+            <emphasis remap='B'>PAM_CHANGE_EXPIRED_AUTHTOK</emphasis>, the
-             token is only changed if it has actually expired.
-           </para>
-         </listitem>
-       </varlistentry>
-     </variablelist>
-     <para>
--      The PAM library calls this function twice in succession. The first 
--      time with <emphasis remap='B'>PAM_PRELIM_CHECK</emphasis> and then, 
--      if the module does not return 
-+      The PAM library calls this function twice in succession. The first
-+      time with <emphasis remap='B'>PAM_PRELIM_CHECK</emphasis> and then,
-+      if the module does not return
-       <emphasis remap='B'>PAM_TRY_AGAIN</emphasis>, subsequently with
--      <emphasis remap='B'>PAM_UPDATE_AUTHTOK</emphasis>. It is only on 
-+      <emphasis remap='B'>PAM_UPDATE_AUTHTOK</emphasis>. It is only on
-       the second call that the authorization token is (possibly) changed.
-     </para>
-   </refsect1>
-Index: libpam/pam_dispatch.c
-===================================================================
---- libpam/pam_dispatch.c.orig	2009-04-17 12:47:17.000000000 -0700
-+++ libpam/pam_dispatch.c	2009-04-17 12:47:40.000000000 -0700
-@@ -128,11 +128,10 @@
- 	}
- 
- 	/*
--	 * use_cached_chain is how we ensure that the setcred/close_session
--	 * and chauthtok(2) modules are called in the same order as they did
--	 * when they were invoked as auth/open_session/chauthtok(1). This
--	 * feature was added in 0.75 to make the behavior of pam_setcred
--	 * sane. It was debugged by release 0.76.
-+	 * use_cached_chain is how we ensure that the setcred and
-+         * close_session modules are called in the same order as they did
-+	 * when they were invoked as auth/open_session. This feature was
-+	 * added in 0.75 to make the behavior of pam_setcred sane.
- 	 */
- 	if (use_cached_chain != _PAM_PLEASE_FREEZE) {
- 
-@@ -342,9 +341,6 @@
- 	break;
-     case PAM_CHAUTHTOK:
- 	h = pamh->handlers.conf.chauthtok;
--	if (flags & PAM_UPDATE_AUTHTOK) {
--	    use_cached_chain = _PAM_MUST_BE_FROZEN;
--	}
- 	break;
-     default:
- 	pam_syslog(pamh, LOG_ERR, "undefined fn choice; %d", choice);