Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 20 Dec 2009 19:14:12 GMT
From:      "Alexander V. Chernikov" <melifaro@ipfw.ru>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/141822: [maintainer update] net/nss_ldapd update
Message-ID:  <200912201914.nBKJECJR024080@www.freebsd.org>
Resent-Message-ID: <200912201920.nBKJK0vN036817@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         141822
>Category:       ports
>Synopsis:       [maintainer update] net/nss_ldapd update
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Sun Dec 20 19:20:00 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Alexander V. Chernikov
>Release:        FreeBSD 9.0-CURRENT
>Organization:
>Environment:
FreeBSD ws.ipfw.ru 9.0-CURRENT FreeBSD 9.0-CURRENT #0: Fri Oct 23 22:14:57 MSD 2009     root@ws.ipfw.ru:/var/ports_tmp/usj/obj/usr/src/sys/WS  amd64
>Description:
* Update to 0.7.1
* Add pam module option
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

diff -urN net/nss_ldapd.orig/Makefile net/nss_ldapd/Makefile
--- net/nss_ldapd.orig/Makefile	2009-08-25 02:44:16.000000000 +0400
+++ net/nss_ldapd/Makefile	2009-12-20 22:07:24.000000000 +0300
@@ -6,12 +6,11 @@
 #
 
 PORTNAME=		nss_ldapd
-PORTVERSION=		0.6.11
-PORTREVISION=		1
+PORTVERSION=		0.7.1
 CATEGORIES=		net
-MASTER_SITES=		http://arthurdejong.org/nss-ldapd/ \
+MASTER_SITES=		http://arthurdejong.org/nss-pam-ldapd/ \
 			http://static.ipfw.ru/files/
-DISTNAME=		nss-ldapd-${PORTVERSION}
+DISTNAME=		nss-pam-ldapd-${PORTVERSION}
 
 MAINTAINER=		melifaro@ipfw.ru
 COMMENT=		Advanced fork of nss_ldap
@@ -26,7 +25,8 @@
 NSLCD_SOCKET?=		/var/run/nslcd.ctl
 
 OPTIONS=		NSS_COMPAT	"Enable nss_ldap compatibility" on \
-			SASL		"Enable SASL" off
+			SASL		"Enable SASL" off \
+			PAM		"Build pam_ldap" on
 
 .include <bsd.port.pre.mk>
 
@@ -46,9 +46,8 @@
 .endif
 
 .if defined(WITH_NSS_COMPAT)
-CONFIGURE_ARGS+=	--with-ldap-conf-file=${PREFIX}/etc/nss_ldap.conf
+CONFIGURE_ARGS+=	--enable-nss_compat --disable-configfile-checking --with-ldap-conf-file=${PREFIX}/etc/nss_ldap.conf
 PLIST_SUB+=		CONFIG="nss_ldap"
-EXTRA_PATCHES+=		${PATCHDIR}/nss_compat.diff
 .else
 CONFIGURE_ARGS+=	--with-ldap-conf-file=${PREFIX}/etc/nss_ldapd.conf
 PLIST_SUB+=		CONFIG="nss_ldapd"
@@ -63,8 +62,12 @@
 
 .if defined(WITH_PAM)
 CONFIGURE_ARGS+=	--enable-pam
+MAN8+=			pam_ldap.8
+CONFLICTS+=		pam_ldap-1.*
+PLIST_SUB+=		PAM=""
 .else
 CONFIGURE_ARGS+=	--disable-pam
+PLIST_SUB+=		PAM="@comment "
 .endif
 
 .if defined(WITHOUT_NSS)
@@ -82,16 +85,14 @@
 .else
 CONFIGURE_ARGS+=	--enable-nslcd
 PLIST_SUB+=		NSLCD=""
-MAN8=			nslcd.8
+MAN5+=			nslcd.conf.5
+MAN8+=			nslcd.8
 .endif
 
-MAN5=			nss-ldapd.conf.5
-
 post-extract:
 	@${REINPLACE_CMD} -e 's/\(INSTALL_\)\(.*\)) -D /\1\2) /' ${WRKSRC}/Makefile.in ${WRKSRC}/nss/Makefile.in
 	@${REINPLACE_CMD} -e 's/shadow.$$(OBJEXT)/shadow.$$(OBJEXT) bsdnss.$$(OBJEXT)/;s/shadow\.c/shadow.c bsdnss.c/;s/exports\.linux/exports.freebsd/' ${WRKSRC}/nss/Makefile.in
 	@${REINPLACE_CMD} -e 's/^NSS_VERS = .*/NSS_VERS = 1/;s/libnss_ldap\.so/nss_ldap.so/' ${WRKSRC}/nss/Makefile.in
-	@${MV} ${WRKSRC}/nss/exports.linux ${WRKSRC}/nss/exports.freebsd
 	@${REINPLACE_CMD} -e 's/$$(DESTDIR)$$(NSS_LDAP_PATH_CONF)/$$(DESTDIR)$$(NSS_LDAP_PATH_CONF).sample/' ${WRKSRC}/Makefile.in
 
 post-install:
diff -urN net/nss_ldapd.orig/distinfo net/nss_ldapd/distinfo
--- net/nss_ldapd.orig/distinfo	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/distinfo	2009-12-20 14:05:28.000000000 +0300
@@ -1,3 +1,3 @@
-MD5 (nss-ldapd-0.6.11.tar.gz) = 8e5087f74a128f2c12f974c176803747
-SHA256 (nss-ldapd-0.6.11.tar.gz) = ac41292c8c7c2a4fb2e77ee9bc165ecefc84e8c33682f8c87ee69381830a8aff
-SIZE (nss-ldapd-0.6.11.tar.gz) = 415271
+MD5 (nss-pam-ldapd-0.7.1.tar.gz) = 11a31772554a452a5d978b39665fcf80
+SHA256 (nss-pam-ldapd-0.7.1.tar.gz) = c1a80ecb7def43171b36600f48ba32fe7822aa07541f90edb9481c641539467f
+SIZE (nss-pam-ldapd-0.7.1.tar.gz) = 430508
diff -urN net/nss_ldapd.orig/files/nss_compat.diff net/nss_ldapd/files/nss_compat.diff
--- net/nss_ldapd.orig/files/nss_compat.diff	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/files/nss_compat.diff	1970-01-01 03:00:00.000000000 +0300
@@ -1,75 +0,0 @@
---- nslcd/cfg.c.orig	2009-06-19 16:03:14.000000000 +0400
-+++ nslcd/cfg.c	2009-08-10 20:41:31.000000000 +0400
-@@ -33,6 +33,7 @@
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <unistd.h>
-+#include <libgen.h>
- #include <errno.h>
- #include <netdb.h>
- #include <sys/socket.h>
-@@ -649,13 +650,31 @@
- {
-   FILE *fp;
-   int lnr=0;
--  char linebuf[MAX_LINE_LENGTH];
-+  char linebuf[MAX_LINE_LENGTH], secret_path[512];
-   char *line;
-   char keyword[32];
-   char token[64];
-   int i;
-   int rc;
-   char *value;
-+
-+  /* get secret password */
-+  snprintf(secret_path, sizeof(secret_path), "%s/nss_ldap.secret", dirname(filename));
-+  if ((fp=fopen(secret_path,"r"))==NULL)
-+  {
-+    log_log(LOG_ERR,"cannot open secret file (%s): %s",secret_path,strerror(errno));
-+    /* exit(EXIT_FAILURE); */
-+  }
-+  else if (fgets(linebuf,MAX_LINE_LENGTH,fp)!=NULL)
-+  {
-+    i=strlen(linebuf);
-+    if (i>0)
-+      linebuf[i-1]='\0';
-+    cfg->ldc_bindpw=strdup(linebuf);
-+  }
-+  if (fp!=NULL)
-+    fclose(fp);
-+
-   /* open config file */
-   if ((fp=fopen(filename,"r"))==NULL)
-   {
-@@ -724,13 +743,14 @@
-       get_int(filename,lnr,keyword,&line,&cfg->ldc_version);
-       get_eol(filename,lnr,keyword,&line);
-     }
--    else if (strcasecmp(keyword,"binddn")==0)
-+    else if (strcasecmp(keyword,"rootbinddn")==0)
-     {
-       get_restdup(filename,lnr,keyword,&line,&cfg->ldc_binddn);
-     }
-     else if (strcasecmp(keyword,"bindpw")==0)
-     {
--      get_restdup(filename,lnr,keyword,&line,&cfg->ldc_bindpw);
-+      if (cfg->ldc_bindpw == NULL)
-+        get_restdup(filename,lnr,keyword,&line,&cfg->ldc_bindpw);
-     }
-     /* SASL authentication options */
-     else if (strcasecmp(keyword,"sasl_authcid")==0)
-@@ -931,12 +951,14 @@
-       get_int(filename,lnr,keyword,&line,&cfg->ldc_pagesize);
-       get_eol(filename,lnr,keyword,&line);
-     }
-+#if 0    
-     /* fallthrough */
-     else
-     {
-       log_log(LOG_ERR,"%s:%d: unknown keyword: '%s'",filename,lnr,keyword);
-       exit(EXIT_FAILURE);
-     }
-+#endif    
-   }
-   /* we're done reading file, close */
-   fclose(fp);
diff -urN net/nss_ldapd.orig/files/nss_patch.diff net/nss_ldapd/files/nss_patch.diff
--- net/nss_ldapd.orig/files/nss_patch.diff	1970-01-01 03:00:00.000000000 +0300
+++ net/nss_ldapd/files/nss_patch.diff	2009-12-20 20:12:32.000000000 +0300
@@ -0,0 +1,83 @@
+--- configure.ac.orig	2009-10-17 20:09:01.000000000 +0400
++++ configure.ac	2009-12-20 19:58:24.000000000 +0300
+@@ -160,6 +160,20 @@
+   AC_DEFINE(ENABLE_CONFIGFILE_CHECKING,1,[Whether to check configfile options.])
+ fi
+ 
++# check whether nss_compat options should be checked
++AC_MSG_CHECKING([whether to check nss_compat option])
++AC_ARG_ENABLE(nss_compat_checking,
++              AS_HELP_STRING([--enable-nss_compat],
++                             [check nss_compat option [[default=no]]]),
++              [nss_compat_checking=$enableval],
++              [nss_compat_checking="no"])
++AC_MSG_RESULT($nss_compat_checking)
++if test "x$nss_compat_checking" = "xyes"
++then
++  AC_CHECK_HEADERS([libgen.h], [], [AC_MSG_ERROR([libgen.h is required for nss_compat])])
++  AC_DEFINE(ENABLE_NSS_COMPAT,1,[Whether to check nss_compat options.])
++fi
++
+ # check the name of the configuration file
+ AC_ARG_WITH(ldap-conf-file,
+             AS_HELP_STRING([--with-ldap-conf-file=PATH],
+--- nslcd/cfg.c.orig	2009-10-05 21:47:47.000000000 +0400
++++ nslcd/cfg.c	2009-12-20 18:10:37.000000000 +0300
+@@ -33,6 +33,9 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <unistd.h>
++#ifdef ENABLE_NSS_COMPAT
++#include <libgen.h>
++#endif
+ #include <errno.h>
+ #include <netdb.h>
+ #include <sys/socket.h>
+@@ -665,6 +668,25 @@
+   int rc;
+   char *value;
+ #endif
++#ifdef ENABLE_NSS_COMPAT
++  /* get secret password */
++  snprintf(linebuf, sizeof(linebuf), "%s/nss_ldap.secret", dirname(filename));
++  if ((fp=fopen(linebuf,"r"))==NULL)
++  {
++    log_log(LOG_ERR,"cannot open secret file (%s): %s",linebuf,strerror(errno));
++    /* exit(EXIT_FAILURE); */
++  }
++  else if (fgets(linebuf,MAX_LINE_LENGTH,fp)!=NULL)
++  {
++    i=strlen(linebuf);
++    if (i>0)
++      linebuf[i-1]='\0';
++    cfg->ldc_bindpw=strdup(linebuf);
++  }
++  if (fp!=NULL)
++    fclose(fp);
++#endif
++
+   /* open config file */
+   if ((fp=fopen(filename,"r"))==NULL)
+   {
+@@ -733,13 +755,20 @@
+       get_int(filename,lnr,keyword,&line,&cfg->ldc_version);
+       get_eol(filename,lnr,keyword,&line);
+     }
++#ifdef ENABLE_NSS_COMPAT
++    else if (strcasecmp(keyword,"rootbinddn")==0)
++#else
+     else if (strcasecmp(keyword,"binddn")==0)
++#endif
+     {
+       get_restdup(filename,lnr,keyword,&line,&cfg->ldc_binddn);
+     }
+     else if (strcasecmp(keyword,"bindpw")==0)
+     {
+-      get_restdup(filename,lnr,keyword,&line,&cfg->ldc_bindpw);
++#ifdef ENABLE_NSS_COMPAT
++      if (cfg->ldc_bindpw == NULL)
++#endif
++        get_restdup(filename,lnr,keyword,&line,&cfg->ldc_bindpw);
+     }
+     /* SASL authentication options */
+     else if (strcasecmp(keyword,"sasl_authcid")==0)
diff -urN net/nss_ldapd.orig/files/patch-configure net/nss_ldapd/files/patch-configure
--- net/nss_ldapd.orig/files/patch-configure	1970-01-01 03:00:00.000000000 +0300
+++ net/nss_ldapd/files/patch-configure	2009-12-20 20:12:04.000000000 +0300
@@ -0,0 +1,212 @@
+--- config.h.in.orig	2009-12-20 17:49:41.000000000 +0300
++++ config.h.in	2009-12-20 17:41:46.000000000 +0300
+@@ -3,6 +3,9 @@
+ /* Whether to check configfile options. */
+ #undef ENABLE_CONFIGFILE_CHECKING
+ 
++/* Whether to check nss_compat options. */
++#undef ENABLE_NSS_COMPAT
++
+ /* Define to 1 if you have the <aliases.h> header file. */
+ #undef HAVE_ALIASES_H
+ 
+--- configure.orig	19:44:43.000000000 +0300
++++ configure	2009-12-20 19:47:20.000000000 +0300
+@@ -779,6 +779,7 @@
+ enable_sasl
+ enable_kerberos
+ enable_configfile_checking
++enable_nss_compat
+ with_ldap_conf_file
+ with_nslcd_pidfile
+ with_nslcd_socket
+@@ -1437,6 +1438,7 @@
+   --disable-kerberos      disable Kerberos support [default=yes]
+   --disable-configfile-checking
+                           check configfile options [default=yes]
++  --enable-nss_compat     check nss_compat option [default=no]
+ 
+ Optional Packages:
+   --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
+@@ -5117,6 +5119,181 @@
+ 
+ fi
+ 
++# check whether nss_compat options should be checked
++{ $as_echo "$as_me:$LINENO: checking whether to check nss_compat option" >&5
++$as_echo_n "checking whether to check nss_compat option... " >&6; }
++# Check whether --enable-nss_compat was given.
++if test "${enable_nss_compat+set}" = set; then
++  enableval=$enable_nss_compat; nss_compat=$enableval
++else
++  nss_compat="no"
++fi
++
++{ $as_echo "$as_me:$LINENO: result: $nss_compat" >&5
++$as_echo "$nss_compat" >&6; }
++if test "x$nss_compat" = "xyes"
++then
++
++for ac_header in libgen.h
++do
++as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
++if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
++  { $as_echo "$as_me:$LINENO: checking for $ac_header" >&5
++$as_echo_n "checking for $ac_header... " >&6; }
++if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
++  $as_echo_n "(cached) " >&6
++fi
++ac_res=`eval 'as_val=${'$as_ac_Header'}
++		 $as_echo "$as_val"'`
++	       { $as_echo "$as_me:$LINENO: result: $ac_res" >&5
++$as_echo "$ac_res" >&6; }
++else
++  # Is the header compilable?
++{ $as_echo "$as_me:$LINENO: checking $ac_header usability" >&5
++$as_echo_n "checking $ac_header usability... " >&6; }
++cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++$ac_includes_default
++#include <$ac_header>
++_ACEOF
++rm -f conftest.$ac_objext
++if { (ac_try="$ac_compile"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_compile") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++	 test -z "$ac_c_werror_flag" ||
++	 test ! -s conftest.err
++       } && test -s conftest.$ac_objext; then
++  ac_header_compiler=yes
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++	ac_header_compiler=no
++fi
++
++rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++{ $as_echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
++$as_echo "$ac_header_compiler" >&6; }
++
++# Is the header present?
++{ $as_echo "$as_me:$LINENO: checking $ac_header presence" >&5
++$as_echo_n "checking $ac_header presence... " >&6; }
++cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++#include <$ac_header>
++_ACEOF
++if { (ac_try="$ac_cpp conftest.$ac_ext"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } >/dev/null && {
++	 test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
++	 test ! -s conftest.err
++       }; then
++  ac_header_preproc=yes
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++  ac_header_preproc=no
++fi
++
++rm -f conftest.err conftest.$ac_ext
++{ $as_echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
++$as_echo "$ac_header_preproc" >&6; }
++
++# So?  What about this header?
++case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
++  yes:no: )
++    { $as_echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
++$as_echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
++    { $as_echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
++$as_echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
++    ac_header_preproc=yes
++    ;;
++  no:yes:* )
++    { $as_echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
++$as_echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
++    { $as_echo "$as_me:$LINENO: WARNING: $ac_header:     check for missing prerequisite headers?" >&5
++$as_echo "$as_me: WARNING: $ac_header:     check for missing prerequisite headers?" >&2;}
++    { $as_echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
++$as_echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
++    { $as_echo "$as_me:$LINENO: WARNING: $ac_header:     section \"Present But Cannot Be Compiled\"" >&5
++$as_echo "$as_me: WARNING: $ac_header:     section \"Present But Cannot Be Compiled\"" >&2;}
++    { $as_echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
++$as_echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
++    { $as_echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
++$as_echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
++    ( cat <<\_ASBOX
++## -------------------------------------- ##
++## Report this to arthur@arthurdejong.org ##
++## -------------------------------------- ##
++_ASBOX
++     ) | sed "s/^/$as_me: WARNING:     /" >&2
++    ;;
++esac
++{ $as_echo "$as_me:$LINENO: checking for $ac_header" >&5
++$as_echo_n "checking for $ac_header... " >&6; }
++if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
++  $as_echo_n "(cached) " >&6
++else
++  eval "$as_ac_Header=\$ac_header_preproc"
++fi
++ac_res=`eval 'as_val=${'$as_ac_Header'}
++		 $as_echo "$as_val"'`
++	       { $as_echo "$as_me:$LINENO: result: $ac_res" >&5
++$as_echo "$ac_res" >&6; }
++
++fi
++if test `eval 'as_val=${'$as_ac_Header'}
++		 $as_echo "$as_val"'` = yes; then
++  cat >>confdefs.h <<_ACEOF
++#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
++_ACEOF
++
++else
++  { { $as_echo "$as_me:$LINENO: error: libgen.h is required for nss_compat" >&5
++$as_echo "$as_me: error: libgen.h is required for nss_compat" >&2;}
++   { (exit 1); exit 1; }; }
++fi
++
++done
++
++
++cat >>confdefs.h <<\_ACEOF
++#define ENABLE_NSS_COMPAT 1
++_ACEOF
++
++fi
++
+ # check the name of the configuration file
+ 
+ # Check whether --with-ldap-conf-file was given.
diff -urN net/nss_ldapd.orig/files/patch-nslcd__cfg.c net/nss_ldapd/files/patch-nslcd__cfg.c
--- net/nss_ldapd.orig/files/patch-nslcd__cfg.c	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/files/patch-nslcd__cfg.c	2009-12-20 18:11:26.000000000 +0300
@@ -1,23 +1,60 @@
---- ./nslcd/cfg.c.orig	2009-08-02 22:32:27.000000000 +0000
-+++ ./nslcd/cfg.c	2009-08-02 22:49:26.000000000 +0000
-@@ -37,14 +37,13 @@
+--- nslcd/cfg.c.orig	2009-10-05 21:47:47.000000000 +0400
++++ nslcd/cfg.c	2009-12-20 18:10:37.000000000 +0300
+@@ -33,6 +33,9 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <unistd.h>
++#ifdef ENABLE_NSS_COMPAT
++#include <libgen.h>
++#endif
  #include <errno.h>
  #include <netdb.h>
  #include <sys/socket.h>
--#ifdef HAVE_GSSAPI_H
--#include <gssapi.h>
--#endif /* HAVE_GSSAPI_H */
--#ifdef HAVE_GSSAPI_GSSAPI_KRB5_H
-+#if HAVE_GSSAPI_GSSAPI_H
- #include <gssapi/gssapi.h>
--#include <gssapi/gssapi_krb5.h>
--#endif /* HAVE_GSSAPI_GSSAPI_KRB5_H */
--#include <sys/types.h>
-+#elif HAVE_GSSAPI_GSSAPI_GENERIC_H
-+#include <gssapi/gssapi_generic.h>
-+#elif HAVE_GSSAPI_H
-+#include <gssapi.h>
+@@ -665,6 +668,25 @@
+   int rc;
+   char *value;
+ #endif
++#ifdef ENABLE_NSS_COMPAT
++  /* get secret password */
++  snprintf(linebuf, sizeof(linebuf), "%s/nss_ldap.secret", dirname(filename));
++  if ((fp=fopen(linebuf,"r"))==NULL)
++  {
++    log_log(LOG_ERR,"cannot open secret file (%s): %s",linebuf,strerror(errno));
++    /* exit(EXIT_FAILURE); */
++  }
++  else if (fgets(linebuf,MAX_LINE_LENGTH,fp)!=NULL)
++  {
++    i=strlen(linebuf);
++    if (i>0)
++      linebuf[i-1]='\0';
++    cfg->ldc_bindpw=strdup(linebuf);
++  }
++  if (fp!=NULL)
++    fclose(fp);
++#endif
++
+   /* open config file */
+   if ((fp=fopen(filename,"r"))==NULL)
+   {
+@@ -733,13 +755,20 @@
+       get_int(filename,lnr,keyword,&line,&cfg->ldc_version);
+       get_eol(filename,lnr,keyword,&line);
+     }
++#ifdef ENABLE_NSS_COMPAT
++    else if (strcasecmp(keyword,"rootbinddn")==0)
++#else
+     else if (strcasecmp(keyword,"binddn")==0)
++#endif
+     {
+       get_restdup(filename,lnr,keyword,&line,&cfg->ldc_binddn);
+     }
+     else if (strcasecmp(keyword,"bindpw")==0)
+     {
+-      get_restdup(filename,lnr,keyword,&line,&cfg->ldc_bindpw);
++#ifdef ENABLE_NSS_COMPAT
++      if (cfg->ldc_bindpw == NULL)
 +#endif
- #include <pwd.h>
- #include <grp.h>
- 
++        get_restdup(filename,lnr,keyword,&line,&cfg->ldc_bindpw);
+     }
+     /* SASL authentication options */
+     else if (strcasecmp(keyword,"sasl_authcid")==0)
diff -urN net/nss_ldapd.orig/files/patch-nslcd__common.c net/nss_ldapd/files/patch-nslcd__common.c
--- net/nss_ldapd.orig/files/patch-nslcd__common.c	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/files/patch-nslcd__common.c	1970-01-01 03:00:00.000000000 +0300
@@ -1,12 +0,0 @@
---- ./nslcd/common.c.orig	2009-02-27 17:27:08.000000000 +0000
-+++ ./nslcd/common.c	2009-08-02 22:32:27.000000000 +0000
-@@ -27,6 +27,9 @@
- #include <stdarg.h>
- #include <sys/types.h>
- #include <sys/socket.h>
-+#ifdef __FreeBSD__
-+#include <netinet/in.h>
-+#endif
- #include <arpa/inet.h>
- #include <strings.h>
- #include <limits.h>
diff -urN net/nss_ldapd.orig/files/patch-nslcd__common.h net/nss_ldapd/files/patch-nslcd__common.h
--- net/nss_ldapd.orig/files/patch-nslcd__common.h	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/files/patch-nslcd__common.h	1970-01-01 03:00:00.000000000 +0300
@@ -1,30 +0,0 @@
---- ./nslcd/common.h.orig	2009-06-03 10:31:05.000000000 +0000
-+++ ./nslcd/common.h	2009-08-02 22:32:27.000000000 +0000
-@@ -124,9 +124,9 @@
- int nslcd_network_byname(TFILE *fp,MYLDAP_SESSION *session);
- int nslcd_network_byaddr(TFILE *fp,MYLDAP_SESSION *session);
- int nslcd_network_all(TFILE *fp,MYLDAP_SESSION *session);
--int nslcd_passwd_byname(TFILE *fp,MYLDAP_SESSION *session);
--int nslcd_passwd_byuid(TFILE *fp,MYLDAP_SESSION *session);
--int nslcd_passwd_all(TFILE *fp,MYLDAP_SESSION *session);
-+int nslcd_passwd_byname(TFILE *fp,MYLDAP_SESSION *session,uid_t uid);
-+int nslcd_passwd_byuid(TFILE *fp,MYLDAP_SESSION *session,uid_t uid);
-+int nslcd_passwd_all(TFILE *fp,MYLDAP_SESSION *session,uid_t uid);
- int nslcd_protocol_byname(TFILE *fp,MYLDAP_SESSION *session);
- int nslcd_protocol_bynumber(TFILE *fp,MYLDAP_SESSION *session);
- int nslcd_protocol_all(TFILE *fp,MYLDAP_SESSION *session);
-@@ -145,8 +145,12 @@
- int nslcd_pam_pwmod(TFILE *fp,MYLDAP_SESSION *session);
- 
- /* macro for generating service handling code */
--#define NSLCD_HANDLE(db,fn,readfn,logcall,action,mkfilter,writefn) \
--  int nslcd_##db##_##fn(TFILE *fp,MYLDAP_SESSION *session) \
-+#define COMMA	,
-+#define NSLCD_HANDLE(db,fn,readfn,logcall,action,mkfilter,writefn)	NSLCD_HANDLE_PARAMS(db,fn,,readfn,logcall,action,mkfilter,writefn)
-+#define NSLCD_HANDLE_UID(db,fn,readfn,logcall,action,mkfilter,writefn)	NSLCD_HANDLE_PARAMS(db,fn,COMMA uid_t calleruid,readfn,logcall,action,mkfilter,writefn)
-+
-+#define NSLCD_HANDLE_PARAMS(db,fn,params,readfn,logcall,action,mkfilter,writefn) \
-+  int nslcd_##db##_##fn(TFILE *fp,MYLDAP_SESSION *session params ) \
-   { \
-     /* define common variables */ \
-     int32_t tmpint32; \
diff -urN net/nss_ldapd.orig/files/patch-nslcd__nslcd.c net/nss_ldapd/files/patch-nslcd__nslcd.c
--- net/nss_ldapd.orig/files/patch-nslcd__nslcd.c	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/files/patch-nslcd__nslcd.c	1970-01-01 03:00:00.000000000 +0300
@@ -1,15 +0,0 @@
---- ./nslcd/nslcd.c.orig	2009-06-12 21:53:18.000000000 +0000
-+++ ./nslcd/nslcd.c	2009-08-02 22:32:27.000000000 +0000
-@@ -398,9 +398,9 @@
-     case NSLCD_ACTION_NETWORK_BYNAME:   (void)nslcd_network_byname(fp,session); break;
-     case NSLCD_ACTION_NETWORK_BYADDR:   (void)nslcd_network_byaddr(fp,session); break;
-     case NSLCD_ACTION_NETWORK_ALL:      (void)nslcd_network_all(fp,session); break;
--    case NSLCD_ACTION_PASSWD_BYNAME:    (void)nslcd_passwd_byname(fp,session); break;
--    case NSLCD_ACTION_PASSWD_BYUID:     (void)nslcd_passwd_byuid(fp,session); break;
--    case NSLCD_ACTION_PASSWD_ALL:       (void)nslcd_passwd_all(fp,session); break;
-+    case NSLCD_ACTION_PASSWD_BYNAME:    (void)nslcd_passwd_byname(fp,session,uid); break;
-+    case NSLCD_ACTION_PASSWD_BYUID:     (void)nslcd_passwd_byuid(fp,session,uid); break;
-+    case NSLCD_ACTION_PASSWD_ALL:       (void)nslcd_passwd_all(fp,session,uid); break;
-     case NSLCD_ACTION_PROTOCOL_BYNAME:  (void)nslcd_protocol_byname(fp,session); break;
-     case NSLCD_ACTION_PROTOCOL_BYNUMBER:(void)nslcd_protocol_bynumber(fp,session); break;
-     case NSLCD_ACTION_PROTOCOL_ALL:     (void)nslcd_protocol_all(fp,session); break;
diff -urN net/nss_ldapd.orig/files/patch-nslcd__passwd.c net/nss_ldapd/files/patch-nslcd__passwd.c
--- net/nss_ldapd.orig/files/patch-nslcd__passwd.c	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/files/patch-nslcd__passwd.c	1970-01-01 03:00:00.000000000 +0300
@@ -1,61 +0,0 @@
---- ./nslcd/passwd.c.orig	2009-06-29 19:04:54.000000000 +0000
-+++ ./nslcd/passwd.c	2009-08-02 22:32:27.000000000 +0000
-@@ -292,7 +292,7 @@
- #define MAXUIDS_PER_ENTRY 5
- 
- static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
--                        const uid_t *requid)
-+                        const uid_t *requid,uid_t calleruid)
- {
-   int32_t tmpint32;
-   const char **tmpvalues;
-@@ -323,7 +323,7 @@
-   else
-   {
-     passwd=get_userpassword(entry,attmap_passwd_userPassword);
--    if (passwd==NULL)
-+    if ((passwd==NULL) || (calleruid!=0))
-       passwd=default_passwd_userPassword;
-   }
-   /* get the uids for this entry */
-@@ -451,7 +451,7 @@
-   return 0;
- }
- 
--NSLCD_HANDLE(
-+NSLCD_HANDLE_UID(
-   passwd,byname,
-   char name[256];
-   char filter[1024];
-@@ -463,10 +463,10 @@
-   log_log(LOG_DEBUG,"nslcd_passwd_byname(%s)",name);,
-   NSLCD_ACTION_PASSWD_BYNAME,
-   mkfilter_passwd_byname(name,filter,sizeof(filter)),
--  write_passwd(fp,entry,name,NULL)
-+  write_passwd(fp,entry,name,NULL,calleruid)
- )
- 
--NSLCD_HANDLE(
-+NSLCD_HANDLE_UID(
-   passwd,byuid,
-   uid_t uid;
-   char filter[1024];
-@@ -474,15 +474,15 @@
-   log_log(LOG_DEBUG,"nslcd_passwd_byuid(%d)",(int)uid);,
-   NSLCD_ACTION_PASSWD_BYUID,
-   mkfilter_passwd_byuid(uid,filter,sizeof(filter)),
--  write_passwd(fp,entry,NULL,&uid)
-+  write_passwd(fp,entry,NULL,&uid,calleruid)
- )
- 
--NSLCD_HANDLE(
-+NSLCD_HANDLE_UID(
-   passwd,all,
-   const char *filter;
-   /* no parameters to read */,
-   log_log(LOG_DEBUG,"nslcd_passwd_all()");,
-   NSLCD_ACTION_PASSWD_ALL,
-   (filter=passwd_filter,0),
--  write_passwd(fp,entry,NULL,NULL)
-+  write_passwd(fp,entry,NULL,NULL,calleruid)
- )
diff -urN net/nss_ldapd.orig/files/patch-nss__bsdnss.c net/nss_ldapd/files/patch-nss__bsdnss.c
--- net/nss_ldapd.orig/files/patch-nss__bsdnss.c	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/files/patch-nss__bsdnss.c	2009-12-20 16:07:10.000000000 +0300
@@ -1,5 +1,5 @@
---- ./nss/bsdnss.c.orig	2009-08-10 16:06:22.000000000 +0000
-+++ ./nss/bsdnss.c	2009-08-10 15:58:04.000000000 +0000
+--- nss/bsdnss.c.orig	2009-08-10 16:06:22.000000000 +0000
++++ nss/bsdnss.c	2009-08-10 15:58:04.000000000 +0000
 @@ -0,0 +1,157 @@
 +#include <errno.h>
 +#include <sys/param.h>
diff -urN net/nss_ldapd.orig/files/patch-nss__exports.freebsd net/nss_ldapd/files/patch-nss__exports.freebsd
--- net/nss_ldapd.orig/files/patch-nss__exports.freebsd	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/files/patch-nss__exports.freebsd	2009-12-20 15:59:38.000000000 +0300
@@ -1,9 +1,86 @@
---- ./nss/exports.freebsd.orig	2007-12-31 16:49:01.000000000 +0000
-+++ ./nss/exports.freebsd	2009-08-02 22:32:27.000000000 +0000
-@@ -78,6 +78,27 @@
-     _nss_ldap_getspent_r;
-     _nss_ldap_endspent;
- 
+--- nss/exports.freebsd.orig	2009-12-20 15:58:25.000000000 +0300
++++ nss/exports.freebsd	2009-12-20 15:57:47.000000000 +0300
+@@ -0,0 +1,106 @@
++EXPORTED {
++
++  # published NSS service functions
++  global:
++
++    # aliases - mail aliases
++    _nss_ldap_getaliasbyname_r;
++    _nss_ldap_setaliasent;
++    _nss_ldap_getaliasent_r;
++    _nss_ldap_endaliasent;
++
++    # ethers - ethernet numbers
++    _nss_ldap_gethostton_r;
++    _nss_ldap_getntohost_r;
++    _nss_ldap_setetherent;
++    _nss_ldap_getetherent_r;
++    _nss_ldap_endetherent;
++
++    # group - groups of users
++    _nss_ldap_getgrnam_r;
++    _nss_ldap_getgrgid_r;
++    _nss_ldap_initgroups_dyn;
++    _nss_ldap_setgrent;
++    _nss_ldap_getgrent_r;
++    _nss_ldap_endgrent;
++
++    # hosts - host names and numbers
++    _nss_ldap_gethostbyname_r;
++    _nss_ldap_gethostbyname2_r;
++    _nss_ldap_gethostbyaddr_r;
++    _nss_ldap_sethostent;
++    _nss_ldap_gethostent_r;
++    _nss_ldap_endhostent;
++
++    # netgroup - list of host and users
++    _nss_ldap_setnetgrent;
++    _nss_ldap_getnetgrent_r;
++    _nss_ldap_endnetgrent;
++
++    # networks - network names and numbers
++    _nss_ldap_getnetbyname_r;
++    _nss_ldap_getnetbyaddr_r;
++    _nss_ldap_setnetent;
++    _nss_ldap_getnetent_r;
++    _nss_ldap_endnetent;
++
++    # passwd - user database and passwords
++    _nss_ldap_getpwnam_r;
++    _nss_ldap_getpwuid_r;
++    _nss_ldap_setpwent;
++    _nss_ldap_getpwent_r;
++    _nss_ldap_endpwent;
++
++    # protocols - network protocols
++    _nss_ldap_getprotobyname_r;
++    _nss_ldap_getprotobynumber_r;
++    _nss_ldap_setprotoent;
++    _nss_ldap_getprotoent_r;
++    _nss_ldap_endprotoent;
++
++    # rpc - remote procedure call names and numbers
++    _nss_ldap_getrpcbyname_r;
++    _nss_ldap_getrpcbynumber_r;
++    _nss_ldap_setrpcent;
++    _nss_ldap_getrpcent_r;
++    _nss_ldap_endrpcent;
++
++    # services - network services
++    _nss_ldap_getservbyname_r;
++    _nss_ldap_getservbyport_r;
++    _nss_ldap_setservent;
++    _nss_ldap_getservent_r;
++    _nss_ldap_endservent;
++
++    # shadow - extended user information
++    _nss_ldap_getspnam_r;
++    _nss_ldap_setspent;
++    _nss_ldap_getspent_r;
++    _nss_ldap_endspent;
++
 +    # compat 4 bsd 
 +    __nss_compat_getgrnam_r;
 +    __nss_compat_getgrgid_r;
@@ -25,6 +102,8 @@
 +    nss_module_register;
 +
 +
-   # everything else should not be exported
-   local:
-     *;
++  # everything else should not be exported
++  local:
++    *;
++
++};
diff -urN net/nss_ldapd.orig/files/patch-nss__prototypes.h net/nss_ldapd/files/patch-nss__prototypes.h
--- net/nss_ldapd.orig/files/patch-nss__prototypes.h	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/files/patch-nss__prototypes.h	2009-12-20 15:39:25.000000000 +0300
@@ -1,24 +1,19 @@
---- ./nss/prototypes.h.orig	2008-05-02 21:00:10.000000000 +0000
-+++ ./nss/prototypes.h	2009-08-02 22:32:27.000000000 +0000
-@@ -24,13 +24,40 @@
+--- nss/prototypes.h.orig	2009-09-04 15:55:35.000000000 +0400
++++ nss/prototypes.h	2009-12-20 15:37:57.000000000 +0300
+@@ -24,7 +24,9 @@
  #define _NSS_EXPORTS_H 1
  
  #include <nss.h>
--#include <aliases.h>
-+#ifndef __FreeBSD__
- #include <netinet/ether.h>
-+#else
-+#include <net/ethernet.h>
-+#include <sys/socket.h>
-+#endif
- #include <sys/types.h>
- #include <grp.h>
- #include <netdb.h>
- #include <pwd.h>
-+#ifdef HAVE_SHADOW_H
- #include <shadow.h>
++#ifdef HAVE_ALIASES_H
+ #include <aliases.h>
 +#endif
-+
+ #ifdef HAVE_NETINET_ETHER_H
+ #include <netinet/ether.h>
+ #endif /* HAVE_NETINET_ETHER_H */
+@@ -84,6 +86,27 @@
+   void *nip; /* changed from `service_user *nip' */
+ };
+ 
 +#ifdef __FreeBSD__
 +/* 
 + * Import from aliases.h
@@ -39,10 +34,11 @@
 +};
 +
 +#endif
- 
- /* We define struct etherent here because it does not seem to
-    be defined in any publicly available header file exposed
-@@ -160,10 +187,12 @@
++
+ /*
+    These are prototypes for functions exported from the ldap NSS module.
+    For more complete definitions of these functions check the GLIBC
+@@ -166,10 +189,12 @@
  enum nss_status _nss_ldap_getservent_r(struct servent *result,char *buffer,size_t buflen,int *errnop);
  enum nss_status _nss_ldap_endservent(void);
  
diff -urN net/nss_ldapd.orig/files/patch-nss__shadow.c net/nss_ldapd/files/patch-nss__shadow.c
--- net/nss_ldapd.orig/files/patch-nss__shadow.c	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/files/patch-nss__shadow.c	2009-12-20 16:07:19.000000000 +0300
@@ -1,5 +1,5 @@
---- ./nss/shadow.c.orig	2009-05-29 21:23:03.000000000 +0000
-+++ ./nss/shadow.c	2009-08-02 22:32:27.000000000 +0000
+--- nss/shadow.c.orig	2009-05-29 21:23:03.000000000 +0000
++++ nss/shadow.c	2009-08-02 22:32:27.000000000 +0000
 @@ -22,6 +22,7 @@
  
  #include "config.h"
diff -urN net/nss_ldapd.orig/files/patch-pam__makefile.in net/nss_ldapd/files/patch-pam__makefile.in
--- net/nss_ldapd.orig/files/patch-pam__makefile.in	1970-01-01 03:00:00.000000000 +0300
+++ net/nss_ldapd/files/patch-pam__makefile.in	2009-12-20 20:49:36.000000000 +0300
@@ -0,0 +1,12 @@
+--- pam/Makefile.in.orig	2009-12-20 20:47:00.000000000 +0300
++++ pam/Makefile.in	2009-12-20 20:48:30.000000000 +0300
+@@ -470,7 +470,8 @@
+ 
+ # install pam_ldap.so
+ install-pam_ldap_so: pam_ldap.so
+-	$(INSTALL_PROGRAM) -D pam_ldap.so $(DESTDIR)$(libdir)/security/pam_ldap.so
++	$(INSTALL_PROGRAM) pam_ldap.so $(DESTDIR)$(libdir)/pam_ldap.so.1
++	ln -s $(DESTDIR)$(libdir)/pam_ldap.so.1 $(DESTDIR)$(libdir)/pam_ldap.so
+ uninstall-pam_ldap_so:
+ 	-rm -f $(DESTDIR)$(libdir)/security/pam_ldap.so
+ 
diff -urN net/nss_ldapd.orig/pkg-plist net/nss_ldapd/pkg-plist
--- net/nss_ldapd.orig/pkg-plist	2009-08-14 05:46:44.000000000 +0400
+++ net/nss_ldapd/pkg-plist	2009-12-20 20:51:29.000000000 +0300
@@ -1,3 +1,5 @@
 etc/%%CONFIG%%.conf.sample
 %%NSS%%lib/nss_ldap.so.1
 %%NSLCD%%sbin/nslcd
+%%PAM%%lib/pam_ldap.so
+%%PAM%%lib/pam_ldap.so.1


>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200912201914.nBKJECJR024080>