LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9319 Commits
1 Branch
46 MiB
Tree: 442bcb56fb
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '442bcb56fb'
${ noResults }
openwrt-packages-dist/libs/libpam/patches/0007-Check-if-innetgr-is-av...

106 lines
3.9 KiB
Raw Normal View History

libpam: fix build. - Update PKG_MD5SUM. - Update PKG_RELEASE. - Update patch 0001- to always use /lib directory. - Refresh other patches. Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
9 years ago
libpam: bump to 1.2.0 - Add configure options --disable-nis, --disable-regenerate-docu - 000-OE-libpam-xtests.patch is not relevant in OpenWrt - 001-no_nis.patch was dropped because we now --disable-nis - 002-no_yywrap.patch was dropped be cause it was fixed in 1.2.0 - 003-no_doc was dropped because we ignore doc/ with --disable-regenreate-docu - 004-fix_lib64 was replaced by new 0001-build-use-host_cpu... - pam_rhosts will not be built with musl because ruserok{,_af{ are not available - pam_lastlog will not be built with musl because logwtmp is missing Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
9 years ago
Added Linux-PAM and updated description. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10 years ago
libpam: bump to 1.2.0 - Add configure options --disable-nis, --disable-regenerate-docu - 000-OE-libpam-xtests.patch is not relevant in OpenWrt - 001-no_nis.patch was dropped because we now --disable-nis - 002-no_yywrap.patch was dropped be cause it was fixed in 1.2.0 - 003-no_doc was dropped because we ignore doc/ with --disable-regenreate-docu - 004-fix_lib64 was replaced by new 0001-build-use-host_cpu... - pam_rhosts will not be built with musl because ruserok{,_af{ are not available - pam_lastlog will not be built with musl because logwtmp is missing Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
9 years ago
Added Linux-PAM and updated description. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10 years ago
libpam: bump to 1.2.0 - Add configure options --disable-nis, --disable-regenerate-docu - 000-OE-libpam-xtests.patch is not relevant in OpenWrt - 001-no_nis.patch was dropped because we now --disable-nis - 002-no_yywrap.patch was dropped be cause it was fixed in 1.2.0 - 003-no_doc was dropped because we ignore doc/ with --disable-regenreate-docu - 004-fix_lib64 was replaced by new 0001-build-use-host_cpu... - pam_rhosts will not be built with musl because ruserok{,_af{ are not available - pam_lastlog will not be built with musl because logwtmp is missing Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
9 years ago
Added Linux-PAM and updated description. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10 years ago
libpam: bump to 1.2.0 - Add configure options --disable-nis, --disable-regenerate-docu - 000-OE-libpam-xtests.patch is not relevant in OpenWrt - 001-no_nis.patch was dropped because we now --disable-nis - 002-no_yywrap.patch was dropped be cause it was fixed in 1.2.0 - 003-no_doc was dropped because we ignore doc/ with --disable-regenreate-docu - 004-fix_lib64 was replaced by new 0001-build-use-host_cpu... - pam_rhosts will not be built with musl because ruserok{,_af{ are not available - pam_lastlog will not be built with musl because logwtmp is missing Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
9 years ago
Added Linux-PAM and updated description. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10 years ago
libpam: bump to 1.2.0 - Add configure options --disable-nis, --disable-regenerate-docu - 000-OE-libpam-xtests.patch is not relevant in OpenWrt - 001-no_nis.patch was dropped because we now --disable-nis - 002-no_yywrap.patch was dropped be cause it was fixed in 1.2.0 - 003-no_doc was dropped because we ignore doc/ with --disable-regenreate-docu - 004-fix_lib64 was replaced by new 0001-build-use-host_cpu... - pam_rhosts will not be built with musl because ruserok{,_af{ are not available - pam_lastlog will not be built with musl because logwtmp is missing Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
9 years ago
Added Linux-PAM and updated description. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10 years ago
libpam: bump to 1.2.0 - Add configure options --disable-nis, --disable-regenerate-docu - 000-OE-libpam-xtests.patch is not relevant in OpenWrt - 001-no_nis.patch was dropped because we now --disable-nis - 002-no_yywrap.patch was dropped be cause it was fixed in 1.2.0 - 003-no_doc was dropped because we ignore doc/ with --disable-regenreate-docu - 004-fix_lib64 was replaced by new 0001-build-use-host_cpu... - pam_rhosts will not be built with musl because ruserok{,_af{ are not available - pam_lastlog will not be built with musl because logwtmp is missing Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
9 years ago
Added Linux-PAM and updated description. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10 years ago
libpam: bump to 1.2.0 - Add configure options --disable-nis, --disable-regenerate-docu - 000-OE-libpam-xtests.patch is not relevant in OpenWrt - 001-no_nis.patch was dropped because we now --disable-nis - 002-no_yywrap.patch was dropped be cause it was fixed in 1.2.0 - 003-no_doc was dropped because we ignore doc/ with --disable-regenreate-docu - 004-fix_lib64 was replaced by new 0001-build-use-host_cpu... - pam_rhosts will not be built with musl because ruserok{,_af{ are not available - pam_lastlog will not be built with musl because logwtmp is missing Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
9 years ago
Added Linux-PAM and updated description. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10 years ago
libpam: bump to 1.2.0 - Add configure options --disable-nis, --disable-regenerate-docu - 000-OE-libpam-xtests.patch is not relevant in OpenWrt - 001-no_nis.patch was dropped because we now --disable-nis - 002-no_yywrap.patch was dropped be cause it was fixed in 1.2.0 - 003-no_doc was dropped because we ignore doc/ with --disable-regenreate-docu - 004-fix_lib64 was replaced by new 0001-build-use-host_cpu... - pam_rhosts will not be built with musl because ruserok{,_af{ are not available - pam_lastlog will not be built with musl because logwtmp is missing Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
9 years ago
 
  1. From c681bd104627139eac2f40fe303e1f67676233e8 Mon Sep 17 00:00:00 2001
  2. From: Yousong Zhou <yszhou4tech@gmail.com>
  3. Date: Wed, 17 Jun 2015 15:33:43 +0800
  4. Subject: [PATCH 7/7] Check if innetgr is available at compile time.
  5. 

  6. innetgr may not be there so make sure that when innetgr is not present
  7. then we inform about it and not use it.
  8. 

  9. * modules/pam_group/pam_group.c: ditto
  10. * modules/pam_succeed_if/pam_succeed_if.c: ditto
  11. * modules/pam_time/pam_time.c: ditto
  12. 

  13. Signed-off-by: Khem Raj <raj.khem at gmail.com>
  14. Signed-off-by: Yousong Zhou <yszhou4tech at gmail.com>
  15. ---

  16.  modules/pam_group/pam_group.c           |    4 ++++
  17.  modules/pam_succeed_if/pam_succeed_if.c |   17 +++++++++++++----
  18.  modules/pam_time/pam_time.c             |    4 ++++
  19.  3 files changed, 21 insertions(+), 4 deletions(-)
  20. 

  21. diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c

  22. index be5f20f..6a065ca 100644

  23. --- a/modules/pam_group/pam_group.c

  24. +++ b/modules/pam_group/pam_group.c

  25. @@ -656,7 +656,11 @@ static int check_account(pam_handle_t *pamh, const char *service,

  26.  	}
  27.  	/* If buffer starts with @, we are using netgroups */
  28.  	if (buffer[0] == '@')
  29. +#ifdef HAVE_INNETGR

  30.  	  good &= innetgr (&buffer[1], NULL, user, NULL);
  31. +#else

  32. +	  pam_syslog (pamh, LOG_ERR, "pam_group does not have netgroup support");

  33. +#endif

  34.  	/* otherwise, if the buffer starts with %, it's a UNIX group */
  35.  	else if (buffer[0] == '%')
  36.            good &= pam_modutil_user_in_group_nam_nam(pamh, user, &buffer[1]);
  37. diff --git a/modules/pam_succeed_if/pam_succeed_if.c b/modules/pam_succeed_if/pam_succeed_if.c

  38. index aa828fc..c0c68a0 100644

  39. --- a/modules/pam_succeed_if/pam_succeed_if.c

  40. +++ b/modules/pam_succeed_if/pam_succeed_if.c

  41. @@ -231,18 +231,27 @@ evaluate_notingroup(pam_handle_t *pamh, const char *user, const char *group)

  42.  }
  43.  /* Return PAM_SUCCESS if the (host,user) is in the netgroup. */
  44.  static int
  45. -evaluate_innetgr(const char *host, const char *user, const char *group)

  46. +evaluate_innetgr(const pam_handle_t* pamh, const char *host, const char *user, const char *group)

  47.  {
  48. +#ifdef HAVE_INNETGR

  49.  	if (innetgr(group, host, user, NULL) == 1)
  50.  		return PAM_SUCCESS;
  51. +#else

  52. +	pam_syslog (pamh, LOG_ERR, "pam_succeed_if does not have netgroup support");

  53. +#endif

  54. +

  55.  	return PAM_AUTH_ERR;
  56.  }
  57.  /* Return PAM_SUCCESS if the (host,user) is NOT in the netgroup. */
  58.  static int
  59. -evaluate_notinnetgr(const char *host, const char *user, const char *group)

  60. +evaluate_notinnetgr(const pam_handle_t* pamh, const char *host, const char *user, const char *group)

  61.  {
  62. +#ifdef HAVE_INNETGR

  63.  	if (innetgr(group, host, user, NULL) == 0)
  64.  		return PAM_SUCCESS;
  65. +#else

  66. +	pam_syslog (pamh, LOG_ERR, "pam_succeed_if does not have netgroup support");

  67. +#endif

  68.  	return PAM_AUTH_ERR;
  69.  }
  70.  
  71. @@ -387,14 +396,14 @@ evaluate(pam_handle_t *pamh, int debug,

  72.  		const void *rhost;
  73.  		if (pam_get_item(pamh, PAM_RHOST, &rhost) != PAM_SUCCESS)
  74.  			rhost = NULL;
  75. -		return evaluate_innetgr(rhost, user, right);

  76. +		return evaluate_innetgr(pamh, rhost, user, right);

  77.  	}
  78.  	/* (Rhost, user) is not in this group. */
  79.  	if (strcasecmp(qual, "notinnetgr") == 0) {
  80.  		const void *rhost;
  81.  		if (pam_get_item(pamh, PAM_RHOST, &rhost) != PAM_SUCCESS)
  82.  			rhost = NULL;
  83. -		return evaluate_notinnetgr(rhost, user, right);

  84. +		return evaluate_notinnetgr(pamh, rhost, user, right);

  85.  	}
  86.  	/* Fail closed. */
  87.  	return PAM_SERVICE_ERR;
  88. diff --git a/modules/pam_time/pam_time.c b/modules/pam_time/pam_time.c

  89. index c94737c..0b34a14 100644

  90. --- a/modules/pam_time/pam_time.c

  91. +++ b/modules/pam_time/pam_time.c

  92. @@ -555,7 +555,11 @@ check_account(pam_handle_t *pamh, const char *service,

  93.  	  }
  94.  	  /* If buffer starts with @, we are using netgroups */
  95.  	  if (buffer[0] == '@')
  96. +#ifdef HAVE_INNETGR

  97.  	    good &= innetgr (&buffer[1], NULL, user, NULL);
  98. +#else

  99. +	    pam_syslog (pamh, LOG_ERR, "pam_time does not have netgroup support");

  100. +#endif

  101.  	  else
  102.  	    good &= logic_field(pamh, user, buffer, count, is_same);
  103.  	  D(("with user: %s", good ? "passes":"fails" ));
  104. -- 

  105. 1.7.10.4
  106.