From nobody Sun Aug 27 13:54:33 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RYZtd2hzTz4rFd0; Sun, 27 Aug 2023 13:54:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RYZtd29rRz3bmP; Sun, 27 Aug 2023 13:54:33 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1693144473; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=T3Ha0p5ZajTSl4mJuT7YS3t+WsqeprvmHGE86ZYMiYU=; b=QhKG72qLk9hpDeL/RowPnv4dP6K04zgD4MI5P8+qKGagEUyyxNgFZBpkXmcetmbkvkKzrT VbGByhqlfvrwrZ3EbD9NhNBXdKsHF6bO6/hSvDakW/jbzUHcLaJjxaYv+/4b8rxTxbNftd /ZVJnkGIwBxllNPF+mWy0ZvzW+ajwtrp4xuHrR4KfSVLBDZ0mfJlKpKCccBI9rnW0AlkgU wMsN+UaiofbkH/JlRrkT4c/rk1GttqVrLzCabXpSvcwKYqdtxyrTGN89qHgV+aQZU7AVxC UmETKVmR3tXFTcM2QM31JIZM2Bx4lVRYCeuwxKltMQbHqwyNevdS/Yd1E2EPSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1693144473; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=T3Ha0p5ZajTSl4mJuT7YS3t+WsqeprvmHGE86ZYMiYU=; b=rborbr5upzXFdxguajUHj/3b54Q9x42vw2rv1m5xyHSRKu0sxybFRUHwCZLgFmhydCyvsB HQnm7lm/hAdT2I6MG01LNCTrybdlcGgS/pXUPCYkx0ljPgdfZnSzwYOTB4pih8rElkVwp/ leDMvwJxSC839OqJTgG5EBeqq28ncNIwm9IbuKB3qWOKiZLFIoo+/oUKm7UkBx52ba5eVr o+6cYqBDFFYQQvz1gzbA99Qxkt8dUc69c1Ev0QJ3JoP2ufiIgr97pRV4Enh+zZqcjFxFc1 EN+aNP/lUH5rgGw3nzi1OYBobJpLQlc5g3AGqaGM1UCLwd5HHmMFbsNOWBVjEw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1693144473; a=rsa-sha256; cv=none; b=hViJrXKqyh6/cov1lKuEcNXO3Sq7FCajhGXp11HbUbw76CRSFVTs4rbKl6xYEvC4CCHRfS JHU9o4HOo5bVAo2a0jqj2ZEa2elQV38K70AOvWIqkMzNYScPQlSRjHXbup9FUZqfKgPEW1 ZiS+IPuTNNiZx9OaKaQBHg2HNLQvLPmxbrIXSw1VmE1J+1Zvib0qS7JBHcCtv1RtZYZxfb htze8ui+QilhUsIkK2cO84YT9cCdLZ57xqKD2+wMepEFUXRlVWYvbqXRM/m6o+C96BfaWh 5b0gzEzS/MUg8KpsQRZCEAmPo4GkwUcoCtdzSI1lKS0f98WBcofmccKGSnhUPg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RYZtd1DXLzTpG; Sun, 27 Aug 2023 13:54:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 37RDsX7L026205; Sun, 27 Aug 2023 13:54:33 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 37RDsXmY026202; Sun, 27 Aug 2023 13:54:33 GMT (envelope-from git) Date: Sun, 27 Aug 2023 13:54:33 GMT Message-Id: <202308271354.37RDsXmY026202@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Ryan Steinmetz Subject: git: a01debe78c6a - main - net/nss-pam-ldapd: Add LCLASS Support List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: zi X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: a01debe78c6a48b2af17be589f4d13307e4d7b59 Auto-Submitted: auto-generated The branch main has been updated by zi: URL: https://cgit.FreeBSD.org/ports/commit/?id=a01debe78c6a48b2af17be589f4d13307e4d7b59 commit a01debe78c6a48b2af17be589f4d13307e4d7b59 Author: Ryan Steinmetz AuthorDate: 2023-08-27 13:53:30 +0000 Commit: Ryan Steinmetz CommitDate: 2023-08-27 13:53:30 +0000 net/nss-pam-ldapd: Add LCLASS Support PR: 220379 Submitted by: Marek Zarychta --- net/nss-pam-ldapd/Makefile | 6 ++- .../files/lclass-patches/patch-nslcd__attmap.c | 18 +++++++++ .../files/lclass-patches/patch-nslcd__attmap.h | 10 +++++ .../files/lclass-patches/patch-nslcd__passwd.c | 43 ++++++++++++++++++++++ .../files/lclass-patches/patch-nss__passwd.c | 13 +++++++ 5 files changed, 89 insertions(+), 1 deletion(-) diff --git a/net/nss-pam-ldapd/Makefile b/net/nss-pam-ldapd/Makefile index da980d0bc012..cbd58ca8a2c9 100644 --- a/net/nss-pam-ldapd/Makefile +++ b/net/nss-pam-ldapd/Makefile @@ -13,6 +13,7 @@ LICENSE= LGPL21 LGPL3 LICENSE_COMB= dual USES= cpe ldap + CPE_VENDOR= arthurdejong GNU_CONFIGURE= yes USE_RC_SUBR= nslcd @@ -24,9 +25,12 @@ NSLCD_PIDFILE?= /var/run/nslcd.pid NSLCD_VARDIR?= /var/run/nslcd NSLCD_SOCKET?= ${NSLCD_VARDIR}/nslcd.ctl -OPTIONS_DEFINE= KERBEROS +OPTIONS_DEFINE= KERBEROS LCLASS OPTIONS_DEFAULT= KERBEROS +LCLASS_EXTRA_PATCHES= ${PATCHDIR}/lclass-patches +LCLASS_DESC= Build with loginClass support + .if defined(SLAVE_PORT) OPTIONS_DEFINE+= SASL OPTIONS_MULTI= MG1 diff --git a/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.c b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.c new file mode 100644 index 000000000000..b326d1830662 --- /dev/null +++ b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.c @@ -0,0 +1,18 @@ +--- nslcd/attmap.c.orig 2019-11-02 16:23:45.000000000 +0100 ++++ nslcd/attmap.c 2023-05-29 19:22:02.233300000 +0200 +@@ -176,6 +176,7 @@ + if (strcasecmp(name, "gecos") == 0) return &attmap_passwd_gecos; + if (strcasecmp(name, "homeDirectory") == 0) return &attmap_passwd_homeDirectory; + if (strcasecmp(name, "loginShell") == 0) return &attmap_passwd_loginShell; ++ if (strcasecmp(name, "loginClass") ==0) return &attmap_passwd_loginClass; + } + else if (map == LM_PROTOCOLS) + { +@@ -230,6 +231,7 @@ + (var != &attmap_shadow_shadowWarning) && + (var != &attmap_shadow_shadowInactive) && + (var != &attmap_shadow_shadowExpire) && ++ (var != &attmap_passwd_loginClass) && + (var != &attmap_shadow_shadowFlag)) + return NULL; + /* the member attribute may only be set to an empty string */ diff --git a/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.h b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.h new file mode 100644 index 000000000000..7100e2924193 --- /dev/null +++ b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.h @@ -0,0 +1,10 @@ +--- nslcd/attmap.h.orig 2021-11-15 20:40:49.000000000 +0100 ++++ nslcd/attmap.h 2023-05-29 19:22:02.233912000 +0200 +@@ -67,6 +67,7 @@ + extern const char *attmap_shadow_shadowInactive; + extern const char *attmap_shadow_shadowExpire; + extern const char *attmap_shadow_shadowFlag; ++extern const char *attmap_passwd_loginClass; + + /* return a reference to the map specific base variable */ + const char **base_get_var(enum ldap_map_selector map); diff --git a/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__passwd.c b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__passwd.c new file mode 100644 index 000000000000..1689f2afec2a --- /dev/null +++ b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__passwd.c @@ -0,0 +1,43 @@ +--- nslcd/passwd.c.orig 2021-11-15 20:40:49.000000000 +0100 ++++ nslcd/passwd.c 2023-05-29 19:22:02.234797000 +0200 +@@ -63,6 +63,7 @@ + const char *attmap_passwd_gecos = "\"${gecos:-$cn}\""; + const char *attmap_passwd_homeDirectory = "homeDirectory"; + const char *attmap_passwd_loginShell = "loginShell"; ++const char *attmap_passwd_loginClass = "loginClass"; + + /* special properties for objectSid-based searches + (these are already LDAP-escaped strings) */ +@@ -150,6 +151,7 @@ + attmap_add_attributes(set, attmap_passwd_gecos); + attmap_add_attributes(set, attmap_passwd_homeDirectory); + attmap_add_attributes(set, attmap_passwd_loginShell); ++ attmap_add_attributes(set, attmap_passwd_loginClass); + passwd_attrs = set_tolist(set); + if (passwd_attrs == NULL) + { +@@ -428,6 +430,7 @@ + char gecos[1024]; + char homedir[256]; + char shell[64]; ++ char lclass[256]; + char passbuffer[BUFLEN_PASSWORDHASH]; + int i, j; + /* get the usernames for this entry */ +@@ -541,6 +544,8 @@ + myldap_get_dn(entry), attmap_passwd_homeDirectory); + /* get the shell for this entry */ + attmap_get_value(entry, attmap_passwd_loginShell, shell, sizeof(shell)); ++ /* get the login class for this entry */ ++ attmap_get_value(entry, attmap_passwd_loginClass, lclass, sizeof(lclass)); + /* write the entries */ + for (i = 0; usernames[i] != NULL; i++) + { +@@ -565,6 +570,7 @@ + WRITE_STRING(fp, gecos); + WRITE_STRING(fp, homedir); + WRITE_STRING(fp, shell); ++ WRITE_STRING(fp, lclass); + } + } + } diff --git a/net/nss-pam-ldapd/files/lclass-patches/patch-nss__passwd.c b/net/nss-pam-ldapd/files/lclass-patches/patch-nss__passwd.c new file mode 100644 index 000000000000..cad4bfffda85 --- /dev/null +++ b/net/nss-pam-ldapd/files/lclass-patches/patch-nss__passwd.c @@ -0,0 +1,13 @@ +--- nss/passwd.c.orig 2019-11-02 16:23:46.000000000 +0100 ++++ nss/passwd.c 2023-05-29 19:22:02.235416000 +0200 +@@ -45,8 +45,8 @@ + READ_BUF_STRING(fp, result->pw_dir); + READ_BUF_STRING(fp, result->pw_shell); + #ifdef HAVE_STRUCT_PASSWD_PW_CLASS +- /* set the user access class to an empty string */ +- result->pw_class = result->pw_name + strlen(result->pw_name); ++ /* set the user access class to an empty string only if empty */ ++ READ_BUF_STRING(fp, result->pw_class); + #endif /* HAVE_STRUCT_PASSWD_PW_CLASS */ + return NSS_STATUS_SUCCESS; + }