Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 30 Oct 2006 09:46:30 GMT
From:      Michael Bushkov <bushman@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 108719 for review
Message-ID:  <200610300946.k9U9kUi2083760@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=108719

Change 108719 by bushman@bushman_nss_ldap_cached on 2006/10/30 09:45:51

	IFC

Affected files ...

.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/defaults/rc.conf#3 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/network.subr#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/pf.os#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/rc.d/ppp#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/rc.firewall#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/gmon/Makefile.inc#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/net/inet.3#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/resolv/res_send.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/stdio/xprintf.c#3 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/hashtable.h#1 branch
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_group.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_group.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_passwd.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_passwd.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_serv.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_serv.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldapconf.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldapconf.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldapconn.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldapsearch.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldapsearch.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldaputil.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldaputil.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/nss_ldap.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/nss_ldap.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/share/mk/bsd.lib.mk#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/config/config.5#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/config/config.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/config/config.y#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/config/main.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/config/mkmakefile.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fdcontrol/fdcontrol.8#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/Makefile#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/fwcontrol.8#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/fwcontrol.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/fwdv.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/fwmethods.h#1 branch
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/fwmpegts.c#1 branch
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/smbmsg/smbmsg.8#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/sysinstall/dist.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/sysinstall/install.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/sysinstall/sysinstall.h#2 integrate

Differences ...

==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/defaults/rc.conf#3 (text+ko) ====

@@ -15,7 +15,7 @@
 # For a more detailed explanation of all the rc.conf variables, please
 # refer to the rc.conf(5) manual page.
 #
-# $FreeBSD: src/etc/defaults/rc.conf,v 1.300 2006/10/15 15:55:00 ceri Exp $
+# $FreeBSD: src/etc/defaults/rc.conf,v 1.301 2006/10/28 20:08:12 phk Exp $
 
 ##############################################################
 ###  Important initial Boot-time options  ####################
@@ -104,6 +104,16 @@
 firewall_quiet="NO"		# Set to YES to suppress rule display
 firewall_logging="NO"		# Set to YES to enable events logging
 firewall_flags=""		# Flags passed to ipfw when type is a file
+firewall_myservices=""		# List of TCP ports on which this host
+				#  offers services
+firewall_allowservices=""	# List of IPs which has access to
+				#  $firewall_myservices
+firewall_trusted=""		# List of IPs which has full access to this host
+firewall_logdeny="NO"		# Set to YES to log default denied incoming
+				#  packets.
+firewall_nologports="135-139,445 1026,1027 1433,1434" # List of TCP/UDP ports
+				#  for which denied incoming packets are not
+				#  logged.
 ip_portrange_first="NO"		# Set first dynamically allocated port
 ip_portrange_last="NO"		# Set last dynamically allocated port
 ike_enable="NO"			# Enable IKE daemon (usually racoon or isakmpd)

==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/network.subr#2 (text+ko) ====

@@ -22,7 +22,7 @@
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 #
-# $FreeBSD: src/etc/network.subr,v 1.175 2006/10/07 15:45:56 ume Exp $
+# $FreeBSD: src/etc/network.subr,v 1.176 2006/10/29 13:29:49 mlaier Exp $
 #
 
 #
@@ -690,7 +690,7 @@
 		if [ ${rtsol_available} = yes -a ${rtsol_interface} = yes ]
 		then
 			case ${i} in
-			lo0|gif[0-9]*|stf[0-9]*|faith[0-9]*|lp[0-9]*|sl[0-9]*|tun[0-9]*)
+			lo0|gif[0-9]*|stf[0-9]*|faith[0-9]*|lp[0-9]*|sl[0-9]*|tun[0-9]*|pflog[0-9]*|pfsync[0-9]*)
 				;;
 			*)
 				rtsol_interfaces="${rtsol_interfaces} ${i}"

==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/pf.os#2 (text+ko) ====

@@ -1,5 +1,5 @@
-# $FreeBSD: src/etc/pf.os,v 1.3 2004/09/14 00:30:14 mlaier Exp $
-# $OpenBSD: pf.os,v 1.17 2004/04/28 01:01:27 deraadt Exp $
+# $FreeBSD: src/etc/pf.os,v 1.4 2006/10/23 05:09:44 delphij Exp $
+# $OpenBSD: pf.os,v 1.21 2006/07/28 21:51:12 david Exp $
 # passive OS fingerprinting
 # -------------------------
 #
@@ -223,9 +223,10 @@
 S4:64:1:60:M1360,S,T,N,W0:	Linux:google::Linux (Google crawlbot)
 
 S2:64:1:60:M*,S,T,N,W0:		Linux:2.4::Linux 2.4 (big boy)
-S3:64:1:60:M*,S,T,N,W0:		Linux:2.4:18-21:Linux 2.4.18 and newer
-S4:64:1:60:M*,S,T,N,W0:		Linux:2.4::Linux 2.4/2.6
-S4:64:1:60:M*,S,T,N,W0:		Linux:2.6::Linux 2.4/2.6
+S3:64:1:60:M*,S,T,N,W0:		Linux:2.4:.18-21:Linux 2.4.18 and newer
+S4:64:1:60:M*,S,T,N,W0:		Linux:2.4::Linux 2.4/2.6 <= 2.6.7
+S4:64:1:60:M*,S,T,N,W0:		Linux:2.6:.1-7:Linux 2.4/2.6 <= 2.6.7
+S4:64:1:60:M*,S,T,N,W7:		Linux:2.6:8:Linux 2.6.8 and newer (?)
 
 S3:64:1:60:M*,S,T,N,W1:		Linux:2.5::Linux 2.5 (sometimes 2.4)
 S4:64:1:60:M*,S,T,N,W1:		Linux:2.5-2.6::Linux 2.5/2.6
@@ -260,27 +261,28 @@
 
 # ----------------- FreeBSD -----------------
 
-16384:64:1:44:M*:		FreeBSD:2.0-2.2::FreeBSD 2.0-4.1
-16384:64:1:44:M*:		FreeBSD:3.0-3.5::FreeBSD 2.0-4.1
-16384:64:1:44:M*:		FreeBSD:4.0-4.1::FreeBSD 2.0-4.1
+16384:64:1:44:M*:		FreeBSD:2.0-2.2::FreeBSD 2.0-4.2
+16384:64:1:44:M*:		FreeBSD:3.0-3.5::FreeBSD 2.0-4.2
+16384:64:1:44:M*:		FreeBSD:4.0-4.2::FreeBSD 2.0-4.2
 16384:64:1:60:M*,N,W0,N,N,T:	FreeBSD:4.4::FreeBSD 4.4
 
 1024:64:1:60:M*,N,W0,N,N,T:	FreeBSD:4.4::FreeBSD 4.4
 
 57344:64:1:44:M*:		FreeBSD:4.6-4.8:noRFC1323:FreeBSD 4.6-4.8 (no RFC1323)
-57344:64:1:60:M*,N,W0,N,N,T:	FreeBSD:4.6-4.8::FreeBSD 4.6-4.8
+57344:64:1:60:M*,N,W0,N,N,T:	FreeBSD:4.6-4.9::FreeBSD 4.6-4.9
 
-32768:64:1:60:M*,N,W0,N,N,T:	FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X)
+32768:64:1:60:M*,N,W0,N,N,T:	FreeBSD:4.8-4.11::FreeBSD 4.8-5.1 (or MacOS X)
 32768:64:1:60:M*,N,W0,N,N,T:	FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W0,N,N,T:	FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W0,N,N,T:	FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W1,N,N,T:	FreeBSD:4.7-4.9::FreeBSD 4.7-5.1
-65535:64:1:60:M*,N,W1,N,N,T:	FreeBSD:5.0-5.1::FreeBSD 4.7-5.1
+65535:64:1:60:M*,N,W0,N,N,T:	FreeBSD:4.8-4.11::FreeBSD 4.8-5.2 (or MacOS X)
+65535:64:1:60:M*,N,W0,N,N,T:	FreeBSD:5.0-5.2::FreeBSD 4.8-5.2 (or MacOS X)
+65535:64:1:60:M*,N,W1,N,N,T:	FreeBSD:4.7-4.11::FreeBSD 4.7-5.2
+65535:64:1:60:M*,N,W1,N,N,T:	FreeBSD:5.0-5.2::FreeBSD 4.7-5.2
 
 # XXX need quirks support
-# 65535:64:1:60:M*,N,W0,N,N,T:Z:FreeBSD:5.1-current (1)
-# 65535:64:1:60:M*,N,W1,N,N,T:Z:FreeBSD:5.1-current (2)
-# 65535:64:1:60:M*,N,W2,N,N,T:Z:FreeBSD:5.1-current (3)
+# 65535:64:1:60:M*,N,W0,N,N,T:Z:FreeBSD:5.1-5.4::5.1-current (1)
+# 65535:64:1:60:M*,N,W1,N,N,T:Z:FreeBSD:5.1-5.4::5.1-current (2)
+# 65535:64:1:60:M*,N,W2,N,N,T:Z:FreeBSD:5.1-5.4::5.1-current (3)
+# 65535:64:1:44:M*:Z:FreeBSD:5.2::FreeBSD 5.2 (no RFC1323)
 
 # 16384:64:1:60:M*,N,N,N,N,N,N,T:FreeBSD:4.4:noTS:FreeBSD 4.4 (w/o timestamps)
 
@@ -297,12 +299,12 @@
 # ----------------- OpenBSD -----------------
 
 16384:64:0:60:M*,N,W0,N,N,T:		OpenBSD:2.6::NetBSD 1.3 (or OpenBSD 2.6)
-16384:64:1:64:M*,N,N,S,N,W0,N,N,T:	OpenBSD:3.0-3.5::OpenBSD 3.0-3.5
-16384:64:0:64:M*,N,N,S,N,W0,N,N,T:	OpenBSD:3.0-3.5:no-df:OpenBSD 3.0-3.5 (scrub no-df)
-57344:64:1:64:M*,N,N,S,N,W0,N,N,T:	OpenBSD:3.3-3.5::OpenBSD 3.3-3.5
-57344:64:0:64:M*,N,N,S,N,W0,N,N,T:	OpenBSD:3.3-3.5:no-df:OpenBSD 3.3-3.5 (scrub no-df)
+16384:64:1:64:M*,N,N,S,N,W0,N,N,T:	OpenBSD:3.0-4.0::OpenBSD 3.0-4.0
+16384:64:0:64:M*,N,N,S,N,W0,N,N,T:	OpenBSD:3.0-4.0:no-df:OpenBSD 3.0-4.0 (scrub no-df)
+57344:64:1:64:M*,N,N,S,N,W0,N,N,T:	OpenBSD:3.3-4.0::OpenBSD 3.3-4.0
+57344:64:0:64:M*,N,N,S,N,W0,N,N,T:	OpenBSD:3.3-4.0:no-df:OpenBSD 3.3-4.0 (scrub no-df)
 
-65535:64:1:64:M*,N,N,S,N,W0,N,N,T:	OpenBSD:3.0-3.5:opera:OpenBSD 3.0-3.5 (Opera)
+65535:64:1:64:M*,N,N,S,N,W0,N,N,T:	OpenBSD:3.0-4.0:opera:OpenBSD 3.0-4.0 (Opera)
 
 # ----------------- Solaris -----------------
 
@@ -317,7 +319,8 @@
 
 4096:64:0:44:M1460:			SunOS:4.1::SunOS 4.1.x
 
-S34:64:1:52:M*,N,W0,N,N,S:		Solaris:10::Solaris 10 (beta)
+S34:64:1:52:M*,N,W0,N,N,S:		Solaris:10:beta:Solaris 10 (beta)
+32850:64:1:64:M*,N,N,T,N,W1,N,N,S:	Solaris:10::Solaris 10 1203
 
 # ----------------- IRIX --------------------
 
@@ -329,6 +332,9 @@
 61440:64:0:48:M*,N,N,S:			IRIX:6.5:12-21:IRIX 6.5.12 - 6.5.21
 49152:64:0:48:M*,N,N,S:			IRIX:6.5:15-21:IRIX 6.5.15 - 6.5.21
 
+49152:60:0:64:M*,N,W2,N,N,T,N,N,S:	IRIX:6.5:IP27:IRIX 6.5 IP27
+
+
 # ----------------- Tru64 -------------------
 
 32768:64:1:48:M*,N,W0:			Tru64:4.0::Tru64 4.0 (or OS/2 Warp 4)
@@ -428,6 +434,11 @@
 16384:128:1:52:M536,N,W0,N,N,S:		Windows:2000:ZoneAlarm:Windows 2000 w/ZoneAlarm?
 2048:255:0:40:.:			Windows:.NET::Windows .NET Enterprise Server
 
+44620:64:0:48:M*,N,N,S:			Windows:ME::Windows ME no SP (?)
+S6:255:1:48:M536,N,N,S:			Windows:95:winsock2:Windows 95 winsock 2
+32768:32:1:52:M1460,N,W0,N,N,S:		Windows:2003:AS:Windows 2003 AS
+
+
 # No need to be more specific, it passes:
 # *:128:1:48:M*,N,N,S:U:-Windows:XP/2000 while downloading (leak!) XXX quirk
 # there is an equiv similar generic sig w/o the quirk
@@ -442,7 +453,6 @@
 # Whoa. Hardcore WSS.
 0:64:0:48:M*,W0,N:			HP-UX:B.11.00:A:HP-UX B.11.00 A (RFC1323)
 
-
 # ----------------- RiscOS ------------------
 
 # We don't yet support the ?12 TCP option
@@ -453,6 +463,7 @@
 # 4096:64:1:56:M1460,N,N,T:T:			RISC OS:3.70:freenet:RISC OS 3.70 freenet 2.00
 
 
+
 # ----------------- BSD/OS ------------------
 
 # Once again, power of two WSS is also shared by MacOS X with DF set
@@ -466,6 +477,7 @@
 
 # ---------------- NeXTSTEP -----------------
 
+S4:64:0:44:M1024:		NeXTSTEP:3.3::NeXTSTEP 3.3
 S8:64:0:44:M512:		NeXTSTEP:3.3::NeXTSTEP 3.3
 
 # ------------------ BeOS -------------------
@@ -501,15 +513,18 @@
 
 # ----------------- SCO ------------------
 S3:64:1:60:M1460,N,W0,N,N,T:	SCO:UnixWare:7.1:SCO UnixWare 7.1
+S17:64:1:60:M1380,N,W0,N,N,T:	SCO:UnixWare:7.1:SCO UnixWare 7.1.3 MP3
 S23:64:1:44:M1380:		SCO:OpenServer:5.0:SCO OpenServer 5.0
 
 # ------------------- DOS -------------------
 
 2048:255:0:44:M536:		DOS:WATTCP:1.05:DOS Arachne via WATTCP/1.05
+T2:255:0:44:M984:		DOS:WATTCP:1.05Arachne:Arachne via WATTCP/1.05 (eepro)
 
 # ------------------ OS/2 -------------------
 
 S56:64:0:44:M512:		OS/2:4::OS/2 4
+28672:64:0:44:M1460:		OS/2:4::OS/2 Warp 4.0
 
 # ----------------- TOPS-20 -----------------
 
@@ -517,6 +532,10 @@
 # XXX QUIRK 0:64:0:44:M1460:A:TOPS-20:version 7
 0:64:0:44:M1460:		TOPS-20:7::TOPS-20 version 7
 
+# ----------------- FreeMiNT ----------------
+
+S44:255:0:44:M536:		FreeMiNT:1:16A:FreeMiNT 1 patch 16A (Atari)
+
 # ------------------ AMIGA ------------------
 
 # XXX TCP option 12
@@ -539,7 +558,6 @@
 S12:64:1:44:M1460:			@Checkpoint:::Checkpoint (unknown 1)
 S12:64:1:48:N,N,S,M1460:		@Checkpoint:::Checkpoint (unknown 2)
 4096:32:0:44:M1460:			ExtremeWare:4.x::ExtremeWare 4.x
-60352:64:0:52:M1460,N,W2,N,N,S:		Clavister:7::Clavister firewall 7.x
 
 # XXX TCP option 12
 # S32:64:0:68:M512,N,W0,N,N,T,N,N,?12:.:Nokia:IPSO w/Checkpoint NG FP3
@@ -549,6 +567,9 @@
 
 8192:64:1:44:M1460:			Eagle:::Eagle Secure Gateway
 
+S52:128:1:48:M1260,N,N,N,N:		LinkSys:WRV54G::LinkSys WRV54G VPN router
+
+
 
 # ------- Switches and other stuff ----------
 
@@ -581,6 +602,10 @@
 
 16384:255:0:40:.:			Proxyblocker:::Proxyblocker (what's this?)
 
+65535:255:0:48:M*,N,N,S:		Redline:::Redline T|X 2200
+
+32696:128:0:40:M1460:			Spirent:Avalanche::Spirent Web Avalanche HTTP benchmarking engine
+
 # ----------- Embedded systems --------------
 
 S9:255:0:44:M536:			PalmOS:Tungsten:C:PalmOS Tungsten C
@@ -589,10 +614,15 @@
 S4:255:0:44:M536:			PalmOS:3:5:PalmOS 3.5
 2948:255:0:44:M536:			PalmOS:3:5:PalmOS 3.5.3 (Handera)
 S29:255:0:44:M536:			PalmOS:5::PalmOS 5.0
+16384:255:0:44:M1398:			PalmOS:5.2:Clie:PalmOS 5.2 (Clie)
+S14:255:0:44:M1350:			PalmOS:5.2:Treo:PalmOS 5.2.1 (Treo)
 
 S23:64:1:64:N,W1,N,N,T,N,N,S,M1460:	SymbianOS:7::SymbianOS 7
-8192:255:0:44:M1460:			SymbianOS:6048::SymbianOS 6048 (on Nokia 7650?)
-8192:255:0:44:M536:			SymbianOS:::SymbianOS (on Nokia 9210?)
+
+8192:255:0:44:M1460:			SymbianOS:6048::Symbian OS 6048 (Nokia 7650?)
+8192:255:0:44:M536:			SymbianOS:9210::Symbian OS (Nokia 9210?)
+S22:64:1:56:M1460,T,S:			SymbianOS:P800::Symbian OS ? (SE P800?)
+S36:64:1:56:M1360,T,S:			SymbianOS:6600::Symbian OS 60xx (Nokia 6600?)
 
 
 # Perhaps S4?
@@ -608,8 +638,8 @@
 
 S12:64:0:44:M1452:			AXIS:5600:v5.64:AXIS Printer Server 5600 v5.64
 
+3100:32:1:44:M1460:			Windows:CE:2.0:Windows CE 2.0
 
-
 ####################
 # Fancy signatures #
 ####################
@@ -619,11 +649,23 @@
 3072:64:0:40:.:				*NMAP:syn scan:3:NMAP syn scan (3)
 4096:64:0:40:.:				*NMAP:syn scan:4:NMAP syn scan (4)
 
+# Requires quirks support
+# 1024:64:0:40:.:A:*NMAP:TCP sweep probe (1)
+# 2048:64:0:40:.:A:*NMAP:TCP sweep probe (2)
+# 3072:64:0:40:.:A:*NMAP:TCP sweep probe (3)
+# 4096:64:0:40:.:A:*NMAP:TCP sweep probe (4)
+
 1024:64:0:60:W10,N,M265,T:		*NMAP:OS:1:NMAP OS detection probe (1)
 2048:64:0:60:W10,N,M265,T:		*NMAP:OS:2:NMAP OS detection probe (2)
 3072:64:0:60:W10,N,M265,T:		*NMAP:OS:3:NMAP OS detection probe (3)
 4096:64:0:60:W10,N,M265,T:		*NMAP:OS:4:NMAP OS detection probe (4)
 
+32767:64:0:40:.:			*NAST:::NASTsyn scan
+
+# Requires quirks support
+# 12345:255:0:40:.:A:-p0f:sendsyn utility
+
+
 #####################################
 # Generic signatures - just in case #
 #####################################
@@ -633,6 +675,8 @@
 
 *:128:1:52:M*,N,W0,N,N,S:		@Windows:XP:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
 *:128:1:52:M*,N,W0,N,N,S:		@Windows:2000:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
+*:128:1:52:M*,N,W*,N,N,S:		@Windows:XP:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
+*:128:1:52:M*,N,W*,N,N,S:		@Windows:2000:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
 *:128:1:64:M*,N,W0,N,N,T0,N,N,S:	@Windows:XP:RFC1323:Windows XP/2000 (RFC1323)
 *:128:1:64:M*,N,W0,N,N,T0,N,N,S:	@Windows:2000:RFC1323:Windows XP/2000 (RFC1323)
 *:128:1:64:M*,N,W*,N,N,T0,N,N,S:	@Windows:XP:RFC1323:Windows XP (RFC1323, w+)

==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/rc.d/ppp#2 (text+ko) ====

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $FreeBSD: src/etc/rc.d/ppp,v 1.11 2005/10/29 05:00:25 yar Exp $
+# $FreeBSD: src/etc/rc.d/ppp,v 1.12 2006/10/26 00:29:43 avatar Exp $
 #
 
 # PROVIDE: ppp
@@ -40,9 +40,10 @@
 
 ppp_postcmd()
 {
-	# Re-Sync ipfilter so it picks up any new network interfaces
+	# Re-Sync ipfilter and pf so they pick up any new network interfaces
 	#
 	/etc/rc.d/ipfilter resync
+	/etc/rc.d/pf resync
 }
 
 load_rc_config $name

==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/rc.firewall#2 (text+ko) ====

@@ -23,7 +23,7 @@
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 #
-# $FreeBSD: src/etc/rc.firewall,v 1.48 2005/11/18 02:23:59 ume Exp $
+# $FreeBSD: src/etc/rc.firewall,v 1.49 2006/10/28 20:08:12 phk Exp $
 #
 
 #
@@ -42,12 +42,14 @@
 
 ############
 # Define the firewall type in /etc/rc.conf.  Valid values are:
-#   open     - will allow anyone in
-#   client   - will try to protect just this machine
-#   simple   - will try to protect a whole network
-#   closed   - totally disables IP services except via lo0 interface
-#   UNKNOWN  - disables the loading of firewall rules.
-#   filename - will load the rules in the given filename (full path required)
+#   open        - will allow anyone in
+#   client      - will try to protect just this machine
+#   simple      - will try to protect a whole network
+#   closed      - totally disables IP services except via lo0 interface
+#   workstation - will try to protect just this machine using statefull
+#		  firewalling. See below for rc.conf variables used
+#   UNKNOWN     - disables the loading of firewall rules.
+#   filename    - will load the rules in the given filename (full path required)
 #
 # For ``client'' and ``simple'' the entries below should be customized
 # appropriately.
@@ -107,6 +109,8 @@
 #
 ${fwcmd} -f flush
 
+setup_loopback
+
 ############
 # Network Address Translation.  All packets are passed to natd(8)
 # before they encounter your remaining rules.  The firewall rules
@@ -140,7 +144,6 @@
 #
 case ${firewall_type} in
 [Oo][Pp][Ee][Nn])
-	setup_loopback
 	${fwcmd} add 65000 pass all from any to any
 	;;
 
@@ -155,8 +158,6 @@
 	mask="255.255.255.0"
 	ip="192.0.2.1"
 
-	setup_loopback
-
 	# Allow any traffic to or from my own net.
 	${fwcmd} add pass all from ${ip} to ${net}:${mask}
 	${fwcmd} add pass all from ${net}:${mask} to ${ip}
@@ -168,19 +169,19 @@
 	${fwcmd} add pass all from any to any frag
 
 	# Allow setup of incoming email
-	${fwcmd} add pass tcp from any to ${ip} 25 setup
+	${fwcmd} add pass tcp from any to me 25 setup
 
 	# Allow setup of outgoing TCP connections only
-	${fwcmd} add pass tcp from ${ip} to any setup
+	${fwcmd} add pass tcp from me to any setup
 
 	# Disallow setup of all other TCP connections
 	${fwcmd} add deny tcp from any to any setup
 
 	# Allow DNS queries out in the world
-	${fwcmd} add pass udp from ${ip} to any 53 keep-state
+	${fwcmd} add pass udp from me to any 53 keep-state
 
 	# Allow NTP queries out in the world
-	${fwcmd} add pass udp from ${ip} to any 123 keep-state
+	${fwcmd} add pass udp from me to any 123 keep-state
 
 	# Everything else is denied by default, unless the
 	# IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel
@@ -206,8 +207,6 @@
 	imask="255.255.255.240"
 	iip="192.0.2.17"
 
-	setup_loopback
-
 	# Stop spoofing
 	${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif}
 	${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif}
@@ -289,8 +288,100 @@
 	# config file.
 	;;
 
+[Ww][Oo][Rr][Kk][Ss][Tt][Aa][Tt][Ii][Oo][Nn])
+	# Configuration:
+	#  firewall_myservices:		List of TCP ports on which this host
+	#			 	 offers services.
+	#  firewall_allowservices:	List of IPs which has access to
+	#				 $firewall_myservices.
+	#  firewall_trusted:		List of IPs which has full access 
+	#				 to this host. Be very carefull 
+	#				 when setting this. This option can
+	#				 seriously degrade the level of 
+	#				 protection provided by the firewall.
+	#  firewall_logdeny:		Boolean (YES/NO) specifying if the
+	#				 default denied packets should be
+	#				 logged (in /var/log/security).
+	#  firewall_nologports:		List of TCP/UDP ports for which
+	#				 denied incomming packets are not
+	#				 logged.
+	
+	# Allow packets for which a state has been built.
+	${fwcmd} add check-state
+
+	# For services permitted below.
+	${fwcmd} add pass tcp  from me to any established
+
+	# Allow any connection out, adding state for each.
+	${fwcmd} add pass tcp  from me to any setup keep-state
+	${fwcmd} add pass udp  from me to any       keep-state
+	${fwcmd} add pass icmp from me to any       keep-state
+
+	# Allow DHCP.
+	${fwcmd} add pass udp  from 0.0.0.0 68 to 255.255.255.255 67 out
+	${fwcmd} add pass udp  from any 67     to me 68 in
+	${fwcmd} add pass udp  from any 67     to 255.255.255.255 68 in
+	# Some servers will ping the IP while trying to decide if it's 
+	# still in use.
+	${fwcmd} add pass icmp from any to any icmptype 8
+
+	# Allow "mandatory" ICMP in.
+	${fwcmd} add pass icmp from any to any icmptype 3,4,11
+	
+	# Add permits for this workstations published services below
+	# Only IPs and nets in firewall_allowservices is allowed in.
+	# If you really wish to let anyone use services on your 
+	# workstation, then set "firewall_allowservices='any'" in /etc/rc.conf
+	#
+	# Note: We don't use keep-state as that would allow DoS of
+	#       our statetable. 
+	#       You can add 'keep-state' to the lines for slightly
+	#       better performance if you fell that DoS of your
+	#       workstation won't be a problem.
+	#
+	for i in ${firewall_allowservices} ; do
+	  for j in ${firewall_myservices} ; do
+	    ${fwcmd} add pass tcp from $i to me $j
+	  done
+	done
+
+	# Allow all connections from trusted IPs.
+	# Playing with the content of firewall_trusted could seriously
+	# degrade the level of protection provided by the firewall.
+	for i in ${firewall_trusted} ; do
+	  ${fwcmd} add pass ip from $i to me
+	done
+	
+	${fwcmd} add 65000 count ip from any to any
+
+	# Drop packets to ports where we don't want logging
+	for i in ${firewall_nologports} ; do
+	  ${fwcmd} add deny { tcp or udp } from any to any $i in
+	done
+
+	# Broadcasts and muticasts
+	${fwcmd} add deny ip  from any to 255.255.255.255
+	${fwcmd} add deny ip  from any to 224.0.0.0/24 in	# XXX
+
+	# Noise from routers
+	${fwcmd} add deny udp from any to any 520 in
+
+	# Noise from webbrowsing.
+	# The statefull filter is a bit agressive, and will cause some
+	#  connection teardowns to be logged.
+	${fwcmd} add deny tcp from any 80,443 to any 1024-65535 in
+
+	# Deny and (if wanted) log the rest unconditionally.
+	log=""
+	if [ ${firewall_logdeny:-x} = "YES" -o ${firewall_logdeny:-x} = "yes" ] ; then
+	  log="log logamount 500"	# The default of 100 is too low.
+	  sysctl net.inet.ip.fw.verbose=1 >/dev/null
+	fi
+	${fwcmd} add deny $log ip from any to any
+	;;
+
 [Cc][Ll][Oo][Ss][Ee][Dd])
-	setup_loopback
+	${fwcmd} add 65000 deny ip from any to any
 	;;
 [Uu][Nn][Kk][Nn][Oo][Ww][Nn])
 	;;

==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/gmon/Makefile.inc#2 (text+ko) ====

@@ -1,5 +1,5 @@
 #	from @(#)Makefile.inc	8.1 (Berkeley) 6/4/93
-# $FreeBSD: src/lib/libc/gmon/Makefile.inc,v 1.11 2006/03/13 01:14:56 deischen Exp $
+# $FreeBSD: src/lib/libc/gmon/Makefile.inc,v 1.12 2006/10/28 13:34:35 bde Exp $
 
 # gmon sources
 .PATH: ${.CURDIR}/gmon
@@ -12,12 +12,6 @@
 
 MLINKS+=moncontrol.3 monstartup.3
 
-.if ${MACHINE_ARCH} == amd64
-# mcount needs to be compiled with frame pointers and without profiling
-mcount.po: mcount.c
-	${CC} ${CFLAGS} -fno-omit-frame-pointer -c ${.IMPSRC} -o ${.TARGET}
-.else
 # mcount cannot be compiled with profiling
 mcount.po: mcount.o
 	cp mcount.o mcount.po
-.endif

==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/net/inet.3#2 (text+ko) ====

@@ -30,7 +30,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     From: @(#)inet.3	8.1 (Berkeley) 6/4/93
-.\" $FreeBSD: src/lib/libc/net/inet.3,v 1.30 2005/02/13 22:25:12 ru Exp $
+.\" $FreeBSD: src/lib/libc/net/inet.3,v 1.31 2006/10/28 13:05:10 ru Exp $
 .\"
 .Dd June 14, 2004
 .Dt INET 3
@@ -299,5 +299,7 @@
 .Fn inet_ntoa
 resides in a static memory area.
 .Pp
-Inet_addr should return a
+The
+.Fn inet_addr
+function should return a
 .Fa struct in_addr .

==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/resolv/res_send.c#2 (text) ====

@@ -70,10 +70,10 @@
 
 #if defined(LIBC_SCCS) && !defined(lint)
 static const char sccsid[] = "@(#)res_send.c	8.1 (Berkeley) 6/4/93";
-static const char rcsid[] = "$Id: res_send.c,v 1.5.2.2.4.7 2005/08/15 02:04:41 marka Exp $";
+static const char rcsid[] = "$Id: res_send.c,v 1.5.2.2.4.8 2006/03/08 04:13:31 marka Exp $";
 #endif /* LIBC_SCCS and not lint */
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/lib/libc/resolv/res_send.c,v 1.3 2006/08/04 12:26:07 ume Exp $");
+__FBSDID("$FreeBSD: src/lib/libc/resolv/res_send.c,v 1.4 2006/10/24 14:41:43 ume Exp $");
 
 /*
  * Send query to name server and wait for reply.
@@ -145,7 +145,7 @@
 				int kq,
 #endif
 				const u_char *, int,
-				u_char *, int, int *, int,
+				u_char *, int, int *, int, int,
 				int *, int *);
 static void		Aerror(const res_state, FILE *, const char *, int,
 			       const struct sockaddr *, int);
@@ -490,7 +490,7 @@
 				    kq,
 #endif
 				    buf, buflen, ans, anssiz, &terrno,
-				    ns, &v_circuit, &gotsomewhere);
+				    ns, try, &v_circuit, &gotsomewhere);
 			if (n < 0)
 				goto fail;
 			if (n == 0)
@@ -812,8 +812,9 @@
 #ifdef USE_KQUEUE
 	int kq,
 #endif
-	const u_char *buf, int buflen, u_char *ans, int anssiz,
-	int *terrno, int ns, int *v_circuit, int *gotsomewhere)
+	const u_char *buf, int buflen, u_char *ans,
+	int anssiz, int *terrno, int ns, int try, int *v_circuit,
+	int *gotsomewhere)
 {
 	const HEADER *hp = (const HEADER *) buf;
 	HEADER *anhp = (HEADER *) ans;
@@ -914,7 +915,7 @@
 	/*
 	 * Wait for reply.
 	 */
-	seconds = (statp->retrans << ns);
+	seconds = (statp->retrans << try);
 	if (ns > 0)
 		seconds /= statp->nscount;
 	if (seconds <= 0)

==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/stdio/xprintf.c#3 (text+ko) ====

@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $FreeBSD: src/lib/libc/stdio/xprintf.c,v 1.4 2006/10/21 11:49:07 kib Exp $
+ * $FreeBSD: src/lib/libc/stdio/xprintf.c,v 1.5 2006/10/23 07:25:25 kib Exp $
  */
 
 #include <namespace.h>
@@ -261,7 +261,7 @@
 
 
 static int
-__v2printf(FILE *fp, const char *fmt0, unsigned pct, const va_list ap1)
+__v2printf(FILE *fp, const char *fmt0, unsigned pct, va_list ap)
 {
 	struct printf_info	*pi, *pil;
 	const char		*fmt;
@@ -274,9 +274,7 @@
 	int			ret = 0;
 	int			n;
 	struct __printf_io	io;
-	va_list			ap;
 
-	va_copy(ap, ap1);
 	__printf_init(&io);
 	io.fp = fp;
 
@@ -563,7 +561,6 @@
 			errx(1, "render[%c] = NULL", *fmt);
 	}
 	__printf_flush(&io);
-	va_end(ap);
 	return (ret);
 }
 

==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_group.c#2 (text+ko) ====

@@ -28,13 +28,15 @@
 
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
- 
+
+#include <sys/param.h>
 #include <assert.h>
 #include <errno.h>
 #include <nsswitch.h>
 #include <ldap.h>
 #include <grp.h>
 #include <stringlist.h>
+#include "hashtable.h"
 #include "ldapconn.h"
 #include "ldapschema.h"
 #include "ldapsearch.h"
@@ -43,9 +45,40 @@
 #include "ldapconf.h"
 #include "nss_ldap.h"
 
+#define NSS_LDAP_MAP_GROUP_HASH_ENTRY_INITIAL_SIZE (8)
+#define NSS_LDAP_MAP_GROUP_HASH_SIZE (127)
+#define NSS_LDAP_MAP_GROUP_DN_PROCESS_NESTED_FLAG (1)
+#define NSS_LDAP_MAP_GROUP_DN_USE_CACHE_FLAG (1 << 1)
+#define NSS_LDAP_MAP_GROUP_DN_USE_RDN_FLAG (1 << 2)
+
+struct mapped_group {
+	char *dn;
+};
+
+struct __mg_he {
+	HASHTABLE_ENTRY_HEAD(__mg_he_item, struct mapped_group) data;
+};
+
+struct map_group_dn_request {
+	StringList *next_requests;
+	HASHTABLE_HEAD(__mg_ht, __mg_he) groups;
+	int flags;
+};
+
+static int __mg_ht_item_cmp_func(const void *, const void *);
+static hashtable_index_t __mg_ht_item_hash_func(const void *, size_t);
+HASHTABLE_PROTOTYPE(__mg_ht, __mg_he, struct mapped_group);
+static int nss_ldap_map_group_dn(struct nss_ldap_search_context *, 
+	char const *, char **, size_t *, char *, size_t, void *);
+static int nss_ldap_parse_nested_group(struct nss_ldap_search_context *,
+	char const *, struct map_group_dn_request *, char ***, size_t *,
+	size_t *, char *, size_t);
+
 static int nss_ldap_parse_group(struct nss_ldap_parse_context *);
 	
-static int ldap_getgrnam_r(const char *, struct group *, char *, size_t,
+//static int ldap_getgrnam_r(const char *, struct group *, char *, size_t,
+//	struct group **);
+int ldap_getgrnam_r(const char *, struct group *, char *, size_t,
 	struct group **);
 static int ldap_getgrgid_r(gid_t, struct group *, char *, size_t,
 	struct group **);
@@ -53,96 +86,404 @@
 static void ldap_setgrent();
 
 static int
-nss_ldap_parse_group(struct nss_ldap_parse_context *pctx)
+__mg_ht_item_cmp_func(const void *p1, const void *p2)
+{
+	
+	return (strcmp(
+		((struct mapped_group *)p1)->dn,
+		((struct mapped_group *)p2)->dn));
+				
+}
+
+static hashtable_index_t
+__mg_ht_item_hash_func(const void *p, size_t cache_entries_size)
+{
+	struct mapped_group const *mg;
+        size_t i, len;
+        hashtable_index_t retval;
+
+        mg = p;
+        assert(mg->dn != NULL);
+
+	len = strlen(mg->dn);
+        retval = 0;
+        for (i = 0; i < len; ++i)
+            retval = (127 * retval + (unsigned char)mg->dn[i]) %
+                cache_entries_size;
+
+        return retval;	
+}
+
+HASHTABLE_GENERATE(__mg_ht, __mg_he, struct mapped_group, data,
+	__mg_ht_item_hash_func, __mg_ht_item_cmp_func);
+
+static int 
+nss_ldap_map_group_dn(struct nss_ldap_search_context *ctx, char const *dn,
+	char **res, size_t *res_size, char *buf, size_t bufsize, void *mdata)
 {
-	struct nss_ldap_schema *schema;
-	struct nss_ldap_search_context *sctx;
-	struct group *grp;
-	char *buf;
-	size_t buflen;
-	size_t len, memlen;
+	struct nss_ldap_search_request sreq;
+	struct mapped_group new_mg;
+	struct nss_ldap_search_context *newctx;
+	struct map_group_dn_request *req;
+	char **cp;
+	char const *uid_attr, *gid_attr;
+	struct mapped_group *hash_entry_data;
+	struct __mg_he *hash_entry;
+	hashtable_index_t hash;
 	int rv;
 	
-	assert(pctx != NULL);
+	assert(ctx != NULL);
+	assert(dn != NULL);
+	assert(res != NULL);
+	assert(res_size != NULL);
+	assert(buf != NULL);
+	assert(mdata != NULL);
+	
+	//printf("__ %s %d %s\n", __FILE__, __LINE__, dn);
+	
+	req = mdata;
+	newctx = NULL;
+
+
+	memset(&new_mg, 0, sizeof(new_mg));
+	new_mg.dn = (char *)dn;
+		
+	hash = HASHTABLE_CALCULATE_HASH(__mg_ht, &req->groups, &new_mg);
+	assert(hash > 0);
+	assert(hash < HASHTABLE_ENTRIES_COUNT(&req->groups));
+		
+	hash_entry = HASHTABLE_GET_ENTRY(&req->groups, hash);
+	hash_entry_data = HASHTABLE_ENTRY_FIND(__mg_ht, hash_entry, 
+		&new_mg);
+	if (hash_entry_data != NULL) {
+		rv = NSS_LDAP_SUCCESS;
+		*res_size = 0;
+		//printf("__ %s %d\n", __FILE__, __LINE__);
+		goto fin;
+	}
+
+	memset(&sreq, 0, sizeof(sreq));	
+	sreq.scope = LDAP_SCOPE_BASE;
+	sreq.filter = "(objectClass=*)";
+	sreq.search_base = (char *)dn;
+
+	uid_attr = _ATM(&ctx->conf->schema, PASSWD, uid);
+	gid_attr = _ATM(&ctx->conf->schema, GROUP, gidNumber);
+	sreq.attributes = sl_init();
+	rv = sl_add(sreq.attributes, (char *)uid_attr);
+	if (rv == -1) {
+		rv = NSS_LDAP_MEMORY_ERROR;
+		goto fin;
+	}
+
+	rv = sl_add(sreq.attributes, (char *)gid_attr);
+	if (rv == -1) {
+		rv = NSS_LDAP_MEMORY_ERROR;
+		goto fin;
+	}		
+
+	rv = sl_add(sreq.attributes, "objectClass");
+	if (rv == -1) {
+		rv = NSS_LDAP_MEMORY_ERROR;
+		goto fin;
+	}
+
+	rv = sl_add(sreq.attributes, NULL);
+	if (rv == -1) {
+		rv = NSS_LDAP_MEMORY_ERROR;
+		goto fin;
+	}
+	
+//		printf("__ %s %d\n", __FILE__, __LINE__);
+	newctx = __nss_ldap_start_search(&__nss_ldap_conf->search_method,
+		ctx->conn, ctx->conf, &sreq);
+//		printf("__ %s %d\n", __FILE__, __LINE__);
+	sl_free(sreq.attributes, 0);
+	sreq.attributes = NULL; /* just in case */
 	
-/*	int start, end;
-	int res;
-	printf("1\n");
-	res = __nss_ldap_parse_range("member;range=1-*", &start, &end);
-	printf("res: %d, start: %d, end: %d\n", res, start, end);
+	if (newctx == NULL) {
+		rv = NSS_LDAP_SUCCESS;
+		*res_size = 0;
+		goto fin2;
+	}
 	
-	printf("2\n");
-	res = __nss_ldap_parse_range("member;range=134-100", &start, &end);
-	printf("res: %d, start: %d, end: %d\n", res, start, end);
+	rv = __nss_ldap_search_next(&__nss_ldap_conf->search_method, 
+		newctx);
+	if (rv != NSS_LDAP_SUCCESS) {
+		rv = NSS_LDAP_SUCCESS;
+		*res_size = 0;		
+		goto fin2;
+	}
+
+	new_mg.dn = strdup(dn);
+	if (new_mg.dn == NULL) {
+		rv = NSS_LDAP_MEMORY_ERROR;
+		goto fin2;
+	}		
+
+	if (__nss_ldap_check_oc(newctx, _OC(&ctx->conf->schema, posixGroup)) == 
+		NSS_LDAP_SUCCESS) {
+		
+		rv = sl_add(req->next_requests, new_mg.dn);
+		if (rv == -1) {
+			free(new_mg.dn);
+			rv = NSS_LDAP_MEMORY_ERROR;
+			goto fin2;
+		}
 
-	printf("3\n");
-	res = __nss_ldap_parse_range("member;range=-*", &start, &end);
-	printf("res: %d, start: %d, end: %d\n", res, start, end);
+		rv = NSS_LDAP_SUCCESS;
+		*res_size = 0;
+	} else {
+		rv = __nss_ldap_assign_attr_str(newctx, uid_attr, res, 
+			res_size, buf, bufsize);
 
-	printf("4\n");
-	res = __nss_ldap_parse_range("member;range=1-", &start, &end);
-	printf("res: %d, start: %d, end: %d\n", res, start, end);
+		rv = HASHTABLE_ENTRY_STORE(__mg_ht, hash_entry, &new_mg);
+		if (rv == -1) {
+			free(new_mg.dn);
+			rv = NSS_LDAP_MEMORY_ERROR;	
+		} else
+			rv = NSS_LDAP_SUCCESS;
+	}
+	
+fin:
+	if (sreq.attributes != NULL)
+		sl_free(sreq.attributes, 0);
+		
+fin2:
+	if (newctx != NULL)
+		__nss_ldap_end_search(&__nss_ldap_conf->search_method, newctx);
+	
+	return (rv);
+}
 
-	printf("5\n");
-	res = __nss_ldap_parse_range("member;range=*-*", &start, &end);
-	printf("res: %d, start: %d, end: %d\n", res, start, end);
+static int 
+nss_ldap_parse_nested_group(struct nss_ldap_search_context *ctx,
+	char const *dn, struct map_group_dn_request *dnreq, char ***res, 
+	size_t *res_size, size_t *len, char *buf, size_t bufsize)
+{
+	struct nss_ldap_search_request sreq;
+	struct nss_ldap_search_context *newctx;
+	int rv;
+	
+	//printf("__ %s %d %s\n", __FILE__, __LINE__, dn);
+	memset(&sreq, 0, sizeof(sreq));	
+	sreq.scope = LDAP_SCOPE_BASE;
+	sreq.filter = "(objectClass=*)";
+	sreq.search_base = (char *)dn;
+	
+	//printf("__ %s %d\n", __FILE__, __LINE__);
+	newctx = __nss_ldap_start_search(&__nss_ldap_conf->search_method,
+		ctx->conn, ctx->conf, &sreq);
+	if (newctx == NULL)
+		return (NSS_LDAP_CONNECTION_ERROR);
+	
+	//printf("__ %s %d\n", __FILE__, __LINE__);
+	rv = __nss_ldap_search_next(&__nss_ldap_conf->search_method, 
+		newctx);

>>> TRUNCATED FOR MAIL (1000 lines) <<<



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610300946.k9U9kUi2083760>