FreeBSD Bugzilla – Attachment 185285 Details for
Bug 217623
security/sssd: support for current krb5 and samba releases / update to sssd 1.15.0 ??
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
[WIP] sssd 1.11.7 -> 1.15.3 patch
sssd.patch (text/plain), 21.38 KB, created by
Rick Miller
on 2017-08-11 12:33:59 UTC
(
hide
)
Description:
[WIP] sssd 1.11.7 -> 1.15.3 patch
Filename:
MIME Type:
Creator:
Rick Miller
Created:
2017-08-11 12:33:59 UTC
Size:
21.38 KB
patch
obsolete
>diff --git a/security/sssd/Makefile b/security/sssd/Makefile >index 8d7f55a..2788ef6 100644 >--- a/security/sssd/Makefile >+++ b/security/sssd/Makefile >@@ -2,8 +2,8 @@ > # $FreeBSD$ > > PORTNAME= sssd >-PORTVERSION= 1.11.7 >-PORTREVISION= 8 >+PORTVERSION= 1.15.3 >+PORTREVISION= 9 > CATEGORIES= security > MASTER_SITES= https://releases.pagure.org/SSSD/${PORTNAME}/ > >@@ -43,7 +43,9 @@ CONFIGURE_ARGS= --with-selinux=no --with-semanage=no \ > --with-db-path=/var/db/sss --with-pipe-path=/var/run/sss \ > --with-pubconf-path=/var/run/sss --with-mcache-path=/var/db/sss_mc \ > --with-unicode-lib=libunistring --with-autofs=no \ >- --disable-cifs-idmap-plugin --disable-config-lib >+ --disable-cifs-idmap-plugin --disable-config-lib \ >+ --without-nfsv4-idmapd-plugin --without-secrets \ >+ --without-python3-bindings --without-kcm > CFLAGS+= -fstack-protector-all > PLIST_SUB= PYTHON_VER=${PYTHON_VER} > #DEBUG_FLAGS= -g >diff --git a/security/sssd/distinfo b/security/sssd/distinfo >index 1e20527..fa25e8b 100644 >--- a/security/sssd/distinfo >+++ b/security/sssd/distinfo >@@ -1,2 +1,3 @@ >-SHA256 (sssd-1.11.7.tar.gz) = ff12d5730a6d7d08fe11140aa58e544900b75c63902b7a07bbbc12d6a99cb5b5 >-SIZE (sssd-1.11.7.tar.gz) = 3661227 >+TIMESTAMP = 1501774532 >+SHA256 (sssd-1.15.3.tar.gz) = 6e508dc71c0e132b15db1db29d2e309d610027e89f7097ead5d7c9867f6d6634 >+SIZE (sssd-1.15.3.tar.gz) = 5670079 >diff --git a/security/sssd/files/patch-Makefile.am b/security/sssd/files/patch-Makefile.am >index 8058665..0825fd8 100644 >--- a/security/sssd/files/patch-Makefile.am >+++ b/security/sssd/files/patch-Makefile.am >@@ -1,24 +1,22 @@ >-diff --git Makefile.am Makefile.am >-index fd74d85..4a7e6ae 100644 >---- Makefile.am >-+++ Makefile.am >-@@ -311,6 +311,7 @@ AM_CPPFLAGS = \ >- $(LIBNL_CFLAGS) \ >+--- Makefile.am.ga 2017-08-02 18:15:08.429436000 +0000 >++++ Makefile.am 2017-08-02 18:28:05.077591000 +0000 >+@@ -501,6 +501,7 @@ > $(OPENLDAP_CFLAGS) \ > $(GLIB2_CFLAGS) \ >+ $(JOURNALD_CFLAGS) \ > + -DHOST_NAME_MAX=_POSIX_HOST_NAME_MAX \ > -DLIBDIR=\"$(libdir)\" \ > -DVARDIR=\"$(localstatedir)\" \ >- -DSHLIBEXT=\"$(SHLIBEXT)\" \ >-@@ -378,6 +379,7 @@ SSSD_LIBS = \ >+ -DSSS_STATEDIR=\"$(sss_statedir)\" \ >+@@ -614,6 +615,7 @@ >+ $(COLLECTION_LIBS) \ > $(DHASH_LIBS) \ >- $(SSS_CRYPT_LIBS) \ > $(OPENLDAP_LIBS) \ > + $(LTLIBINTL) \ >+ $(SELINUX_LIBS) \ > $(TDB_LIBS) > >- PYTHON_BINDINGS_LIBS = \ >-@@ -433,6 +435,7 @@ dist_noinst_HEADERS = \ >+@@ -667,6 +669,7 @@ > src/util/sss_ssh.h \ > src/util/sss_ini.h \ > src/util/sss_format.h \ >@@ -26,7 +24,7 @@ index fd74d85..4a7e6ae 100644 > src/util/refcount.h \ > src/util/find_uid.h \ > src/util/user_info_msg.h \ >-@@ -1700,9 +1703,10 @@ endif >+@@ -3562,9 +3565,10 @@ > # Client Libraries # > #################### > >@@ -39,9 +37,9 @@ index fd74d85..4a7e6ae 100644 > src/sss_client/nss_passwd.c \ > src/sss_client/nss_group.c \ > src/sss_client/nss_netgroup.c \ >-@@ -1715,9 +1719,9 @@ libnss_sss_la_SOURCES = \ >- src/sss_client/nss_mc_passwd.c \ >+@@ -3578,9 +3582,9 @@ > src/sss_client/nss_mc_group.c \ >+ src/sss_client/nss_mc_initgr.c \ > src/sss_client/nss_mc.h > -libnss_sss_la_LIBADD = \ > +nss_sss_la_LIBADD = \ >@@ -51,11 +49,11 @@ index fd74d85..4a7e6ae 100644 > -module \ > -version-info 2:0:0 \ > -Wl,--version-script,$(srcdir)/src/sss_client/sss_nss.exports >-@@ -2086,6 +2090,7 @@ ldap_child_LDADD = \ >+@@ -4053,6 +4057,7 @@ >+ $(TALLOC_LIBS) \ > $(POPT_LIBS) \ >- $(OPENLDAP_LIBS) \ > $(DHASH_LIBS) \ > + $(LTLIBINTL) \ > $(KRB5_LIBS) > >- proxy_child_SOURCES = \ >+ if BUILD_SEMANAGE >diff --git a/security/sssd/files/patch-configure.ac b/security/sssd/files/patch-configure.ac >deleted file mode 100644 >index 4ce24d7..0000000 >--- a/security/sssd/files/patch-configure.ac >+++ /dev/null >@@ -1,21 +0,0 @@ >---- configure.ac.orig 2013-11-06 18:35:03 UTC >-+++ configure.ac >-@@ -5,15 +5,15 @@ AC_INIT([sssd], >- VERSION_NUMBER, >- [sssd-devel@lists.fedorahosted.org]) >- >-+AC_CONFIG_SRCDIR([BUILD.txt]) >-+AC_CONFIG_AUX_DIR([build]) >-+ >- m4_ifdef([AC_USE_SYSTEM_EXTENSIONS], >- [AC_USE_SYSTEM_EXTENSIONS], >- [AC_GNU_SOURCE]) >- >- CFLAGS="$CFLAGS -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE" >- >--AC_CONFIG_SRCDIR([BUILD.txt]) >--AC_CONFIG_AUX_DIR([build]) >-- >- AM_INIT_AUTOMAKE([-Wall foreign subdir-objects tar-pax]) >- AM_PROG_CC_C_O >- m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) >diff --git a/security/sssd/files/patch-src__external__krb5.m4 b/security/sssd/files/patch-src__external__krb5.m4 >index a5945ec..a45e3cd 100644 >--- a/security/sssd/files/patch-src__external__krb5.m4 >+++ b/security/sssd/files/patch-src__external__krb5.m4 >@@ -1,12 +1,9 @@ >-diff --git src/external/krb5.m4 src/external/krb5.m4 >-index 861c8c9..978ec03 100644 >---- src/external/krb5.m4 >-+++ src/external/krb5.m4 >-@@ -9,7 +9,7 @@ if test x$KRB5_CFLAGS != x; then >- KRB5_PASSED_CFLAGS=$KRB5_CFLAGS >+--- src/external/krb5.m4.ga 2017-07-25 10:09:02.000000000 +0000 >++++ src/external/krb5.m4 2017-08-03 16:57:39.646287000 +0000 >+@@ -10,6 +10,7 @@ > fi > >--AC_PATH_PROG(KRB5_CONFIG, krb5-config) >+ AC_PATH_TOOL(KRB5_CONFIG, krb5-config) > +AC_PATH_PROG(KRB5_CONFIG, krb5-config, [], [/usr/local/bin:$PATH]) > AC_MSG_CHECKING(for working krb5-config) > if test -x "$KRB5_CONFIG"; then >diff --git a/security/sssd/files/patch-src__providers__ldap__ldap_auth.c b/security/sssd/files/patch-src__providers__ldap__ldap_auth.c >index c533586..0913ad3 100644 >--- a/security/sssd/files/patch-src__providers__ldap__ldap_auth.c >+++ b/security/sssd/files/patch-src__providers__ldap__ldap_auth.c >@@ -1,7 +1,5 @@ >-diff --git src/providers/ldap/ldap_auth.c src/providers/ldap/ldap_auth.c >-index 2aacce0..e019cf7 100644 >---- src/providers/ldap/ldap_auth.c >-+++ src/providers/ldap/ldap_auth.c >+--- src/providers/ldap/ldap_auth.c.ga 2017-07-25 10:09:02.000000000 +0000 >++++ src/providers/ldap/ldap_auth.c 2017-08-03 18:07:22.269610000 +0000 > @@ -37,7 +37,6 @@ > #include <sys/time.h> > #include <strings.h> >@@ -10,9 +8,9 @@ index 2aacce0..e019cf7 100644 > #include <security/pam_modules.h> > > #include "util/util.h" >-@@ -56,6 +55,22 @@ enum pwexpire { >- PWEXPIRE_SHADOW >- }; >+@@ -52,6 +51,22 @@ >+ >+ #define LDAP_PWEXPIRE_WARNING_TIME 0 > > +struct spwd > +{ >@@ -22,31 +20,20 @@ index 2aacce0..e019cf7 100644 > + long int sp_min; /* Minimum number of days between changes. */ > + long int sp_max; /* Maximum number of days between changes. */ > + long int sp_warn; /* Number of days to warn user to change >-+ the password. */ >++ the password. */ > + long int sp_inact; /* Number of days the account may be >-+ inactive. */ >++ inactive. */ > + long int sp_expire; /* Number of days since 1970-01-01 until >-+ account expires. */ >++ account expires. */ > + unsigned long int sp_flag; /* Reserved. */ > +}; > + > static errno_t add_expired_warning(struct pam_data *pd, long exp_time) > { > int ret; >-@@ -109,6 +124,7 @@ static errno_t check_pwexpire_kerberos(const char *expire_date, time_t now, >- return EINVAL; >- } >- >-+ tzset(); >- expire_time = mktime(&tm); >- if (expire_time == -1) { >- DEBUG(SSSDBG_CRIT_FAILURE, >-@@ -116,12 +132,10 @@ static errno_t check_pwexpire_kerberos(const char *expire_date, time_t now, >- return EINVAL; >+@@ -97,9 +112,9 @@ > } > >-- tzset(); >-- expire_time -= timezone; > DEBUG(SSSDBG_TRACE_ALL, > - "Time info: tzname[0] [%s] tzname[1] [%s] timezone [%ld] " > - "daylight [%d] now [%ld] expire_time [%ld].\n", tzname[0], >@@ -57,25 +44,43 @@ index 2aacce0..e019cf7 100644 > > if (difftime(now, expire_time) > 0.0) { > DEBUG(SSSDBG_CONF_SETTINGS, "Kerberos password expired.\n"); >-@@ -924,7 +938,7 @@ void sdap_pam_chpass_handler(struct be_req *breq) >- DEBUG(SSSDBG_OP_FAILURE, >- "starting password change request for user [%s].\n", pd->user); >+@@ -935,7 +950,7 @@ > >+ state->pd = pd; >+ state->be_ctx = params->be_ctx; > - pd->pam_status = PAM_SYSTEM_ERR; > + pd->pam_status = PAM_SERVICE_ERR; > >- if (pd->cmd != SSS_PAM_CHAUTHTOK && pd->cmd != SSS_PAM_CHAUTHTOK_PRELIM) { >- DEBUG(SSSDBG_OP_FAILURE, >-@@ -1069,7 +1083,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req) >- dp_err = DP_ERR_OFFLINE; >+ switch (pd->cmd) { >+ case SSS_PAM_AUTHENTICATE: >+@@ -1038,7 +1053,7 @@ >+ state->pd->pam_status = PAM_BAD_ITEM; > break; > default: > - state->pd->pam_status = PAM_SYSTEM_ERR; > + state->pd->pam_status = PAM_SERVICE_ERR; >+ break; > } > >- done: >-@@ -1131,7 +1145,7 @@ static void sdap_pam_chpass_done(struct tevent_req *req) >+@@ -1131,7 +1146,7 @@ >+ DEBUG(SSSDBG_OP_FAILURE, >+ "starting password change request for user [%s].\n", pd->user); >+ >+- pd->pam_status = PAM_SYSTEM_ERR; >++ pd->pam_status = PAM_SERVICE_ERR; >+ >+ if (pd->cmd != SSS_PAM_CHAUTHTOK && pd->cmd != SSS_PAM_CHAUTHTOK_PRELIM) { >+ DEBUG(SSSDBG_OP_FAILURE, >+@@ -1280,7 +1295,7 @@ >+ be_mark_offline(state->be_ctx); >+ break; >+ default: >+- state->pd->pam_status = PAM_SYSTEM_ERR; >++ state->pd->pam_status = PAM_SERVICE_ERR; >+ break; >+ } >+ >+@@ -1342,7 +1357,7 @@ > state->sh, state->dn, > lastchanged_name); > if (subreq == NULL) { >@@ -84,30 +89,12 @@ index 2aacce0..e019cf7 100644 > goto done; > } > >-@@ -1152,7 +1166,7 @@ static void sdap_lastchange_done(struct tevent_req *req) >+@@ -1368,7 +1383,7 @@ >+ talloc_free(subreq); > >- ret = sdap_modify_shadow_lastchange_recv(req); > if (ret != EOK) { > - state->pd->pam_status = PAM_SYSTEM_ERR; > + state->pd->pam_status = PAM_SERVICE_ERR; > goto done; > } > >-@@ -1193,7 +1207,7 @@ void sdap_pam_auth_handler(struct be_req *breq) >- goto done; >- } >- >-- pd->pam_status = PAM_SYSTEM_ERR; >-+ pd->pam_status = PAM_SERVICE_ERR; >- >- switch (pd->cmd) { >- case SSS_PAM_AUTHENTICATE: >-@@ -1291,7 +1305,7 @@ static void sdap_pam_auth_done(struct tevent_req *req) >- state->pd->pam_status = PAM_NEW_AUTHTOK_REQD; >- break; >- default: >-- state->pd->pam_status = PAM_SYSTEM_ERR; >-+ state->pd->pam_status = PAM_SERVICE_ERR; >- dp_err = DP_ERR_FATAL; >- } >- >diff --git a/security/sssd/files/patch-src__providers__ldap__sdap_access.c b/security/sssd/files/patch-src__providers__ldap__sdap_access.c >index 5bc72a8..e435553 100644 >--- a/security/sssd/files/patch-src__providers__ldap__sdap_access.c >+++ b/security/sssd/files/patch-src__providers__ldap__sdap_access.c >@@ -1,21 +1,7 @@ >-diff --git src/providers/ldap/sdap_access.c src/providers/ldap/sdap_access.c >-index 880735e..d349dcf 100644 >---- src/providers/ldap/sdap_access.c >-+++ src/providers/ldap/sdap_access.c >-@@ -499,6 +499,7 @@ static bool nds_check_expired(const char *exp_time_str) >- return true; >- } >+--- src/providers/ldap/sdap_access.c.ga 2017-07-25 10:09:02.000000000 +0000 >++++ src/providers/ldap/sdap_access.c 2017-08-03 18:27:25.934434000 +0000 >+@@ -556,9 +556,9 @@ > >-+ tzset(); >- expire_time = mktime(&tm); >- if (expire_time == -1) { >- DEBUG(SSSDBG_CRIT_FAILURE, >-@@ -506,13 +507,11 @@ static bool nds_check_expired(const char *exp_time_str) >- return true; >- } >- >-- tzset(); >-- expire_time -= timezone; > now = time(NULL); > DEBUG(SSSDBG_TRACE_ALL, > - "Time info: tzname[0] [%s] tzname[1] [%s] timezone [%ld] " >diff --git a/security/sssd/files/patch-src__sss_client__common.c b/security/sssd/files/patch-src__sss_client__common.c >index 87a4b8d..cd04f89 100644 >--- a/security/sssd/files/patch-src__sss_client__common.c >+++ b/security/sssd/files/patch-src__sss_client__common.c >@@ -1,7 +1,5 @@ >-diff --git src/sss_client/common.c src/sss_client/common.c >-index ec5c708..5d17eed 100644 >---- src/sss_client/common.c >-+++ src/sss_client/common.c >+--- src/sss_client/common.c.ga 2017-07-25 10:09:02.000000000 +0000 >++++ src/sss_client/common.c 2017-08-03 18:50:08.436441000 +0000 > @@ -25,6 +25,7 @@ > #include "config.h" > >@@ -18,7 +16,7 @@ index ec5c708..5d17eed 100644 > > #if HAVE_PTHREAD > #include <pthread.h> >-@@ -124,7 +126,6 @@ static enum sss_status sss_cli_send_req(enum sss_cli_command cmd, >+@@ -124,7 +126,6 @@ > *errnop = error; > break; > case 0: >@@ -26,7 +24,7 @@ index ec5c708..5d17eed 100644 > break; > case 1: > if (pfd.revents & (POLLERR | POLLHUP | POLLNVAL)) { >-@@ -232,7 +233,6 @@ static enum sss_status sss_cli_recv_rep(enum sss_cli_command cmd, >+@@ -232,7 +233,6 @@ > *errnop = error; > break; > case 0: >@@ -34,7 +32,7 @@ index ec5c708..5d17eed 100644 > break; > case 1: > if (pfd.revents & (POLLHUP)) { >-@@ -669,7 +669,6 @@ static enum sss_status sss_cli_check_socket(int *errnop, const char *socket_name >+@@ -669,7 +669,6 @@ > *errnop = error; > break; > case 0: >@@ -42,7 +40,7 @@ index ec5c708..5d17eed 100644 > break; > case 1: > if (pfd.revents & (POLLERR | POLLHUP | POLLNVAL)) { >-@@ -719,23 +718,23 @@ enum nss_status sss_nss_make_request(enum sss_cli_command cmd, >+@@ -719,7 +718,7 @@ > /* avoid looping in the nss daemon */ > envval = getenv("_SSS_LOOPS"); > if (envval && strcmp(envval, "NO") == 0) { >@@ -51,12 +49,17 @@ index ec5c708..5d17eed 100644 > } > > ret = sss_cli_check_socket(errnop, SSS_NSS_SOCKET_NAME); >- if (ret != SSS_STATUS_SUCCESS) { >+@@ -729,7 +728,7 @@ >+ errno = 0; >+ return NSS_STATUS_NOTFOUND; >+ #else > - return NSS_STATUS_UNAVAIL; > + return NS_UNAVAIL; >+ #endif > } > >- ret = sss_cli_make_request_nochecks(cmd, rd, repbuf, replen, errnop); >+@@ -752,9 +751,9 @@ >+ } > switch (ret) { > case SSS_STATUS_TRYAGAIN: > - return NSS_STATUS_TRYAGAIN; >@@ -66,8 +69,13 @@ index ec5c708..5d17eed 100644 > + return NS_SUCCESS; > case SSS_STATUS_UNAVAIL: > default: >+ #ifdef NONSTANDARD_SSS_NSS_BEHAVIOUR >+@@ -762,7 +761,7 @@ >+ errno = 0; >+ return NSS_STATUS_NOTFOUND; >+ #else > - return NSS_STATUS_UNAVAIL; > + return NS_UNAVAIL; >+ #endif > } > } >- >diff --git a/security/sssd/files/patch-src__util__server.c b/security/sssd/files/patch-src__util__server.c >index 8c80dfd..ac56ebe 100644 >--- a/security/sssd/files/patch-src__util__server.c >+++ b/security/sssd/files/patch-src__util__server.c >@@ -1,12 +1,8 @@ >-diff --git src/util/server.c src/util/server.c >-index 343668c..f8a1627 100644 >---- src/util/server.c >-+++ src/util/server.c >-@@ -322,12 +322,14 @@ static void setup_signals(void) >+--- src/util/server.c 2017-08-08 13:00:54.275998000 +0000 >++++ src/util/server.c 2017-08-08 13:05:02.782158000 +0000 >+@@ -307,10 +307,13 @@ static void setup_signals(void) > BlockSignals(false, SIGTERM); > >- CatchSignal(SIGHUP, sig_hup); >-- > #ifndef HAVE_PRCTL > - /* If prctl is not defined on the system, try to handle > - * some common termination signals gracefully */ >diff --git a/security/sssd/files/patch-src__util__signal.c b/security/sssd/files/patch-src__util__signal.c >deleted file mode 100644 >index 85e2ae9..0000000 >--- a/security/sssd/files/patch-src__util__signal.c >+++ /dev/null >@@ -1,72 +0,0 @@ >-diff --git src/util/signal.c src/util/signal.c >-index 053457b..bb8f8be 100644 >---- src/util/signal.c >-+++ src/util/signal.c >-@@ -28,45 +28,6 @@ >- * @brief Signal handling >- */ >- >--/**************************************************************************** >-- Catch child exits and reap the child zombie status. >--****************************************************************************/ >-- >--static void sig_cld(int signum) >--{ >-- while (waitpid((pid_t)-1,(int *)NULL, WNOHANG) > 0) >-- ; >-- >-- /* >-- * Turns out it's *really* important not to >-- * restore the signal handler here if we have real POSIX >-- * signal handling. If we do, then we get the signal re-delivered >-- * immediately - hey presto - instant loop ! JRA. >-- */ >-- >--#if !defined(HAVE_SIGACTION) >-- CatchSignal(SIGCLD, sig_cld); >--#endif >--} >-- >--/**************************************************************************** >--catch child exits - leave status; >--****************************************************************************/ >-- >--static void sig_cld_leave_status(int signum) >--{ >-- /* >-- * Turns out it's *really* important not to >-- * restore the signal handler here if we have real POSIX >-- * signal handling. If we do, then we get the signal re-delivered >-- * immediately - hey presto - instant loop ! JRA. >-- */ >-- >--#if !defined(HAVE_SIGACTION) >-- CatchSignal(SIGCLD, sig_cld_leave_status); >--#endif >--} >-- >- /** >- Block sigs. >- **/ >-@@ -126,21 +87,3 @@ void (*CatchSignal(int signum,void (*handler)(int )))(int) >- return signal(signum, handler); >- #endif >- } >-- >--/** >-- Ignore SIGCLD via whatever means is necessary for this OS. >--**/ >-- >--void CatchChild(void) >--{ >-- CatchSignal(SIGCLD, sig_cld); >--} >-- >--/** >-- Catch SIGCLD but leave the child around so it's status can be reaped. >--**/ >-- >--void CatchChildLeaveStatus(void) >--{ >-- CatchSignal(SIGCLD, sig_cld_leave_status); >--} >diff --git a/security/sssd/files/patch-src__util__sss_ldap.c b/security/sssd/files/patch-src__util__sss_ldap.c >index 5d9e03c..f52eef2 100644 >--- a/security/sssd/files/patch-src__util__sss_ldap.c >+++ b/security/sssd/files/patch-src__util__sss_ldap.c >@@ -1,23 +1,12 @@ >-diff --git src/util/sss_ldap.c src/util/sss_ldap.c >-index dd63b4b..0764622 100644 >---- src/util/sss_ldap.c >-+++ src/util/sss_ldap.c >-@@ -206,6 +206,9 @@ static void sdap_async_sys_connect_done(struct tevent_context *ev, >- errno = 0; >- ret = connect(state->fd, (struct sockaddr *) &state->addr, >- state->addr_len); >+--- src/util/sss_ldap.c 2017-08-08 13:26:57.528648000 +0000 >++++ src/util/sss_ldap.c 2017-08-08 15:26:30.504250000 +0000 >+@@ -214,6 +214,9 @@ static errno_t unset_fcntl_flags(int fd, >+ flags &= ~fl_flags; >+ >+ ret = fcntl(fd, F_SETFL, flags); > + if (errno == EISCONN) { > + ret = EOK; > + } > if (ret != EOK) { > ret = errno; >- if (ret == EINPROGRESS || ret == EINTR) { >-@@ -346,7 +349,7 @@ struct tevent_req *sss_ldap_init_send(TALLOC_CTX *mem_ctx, >- "Using file descriptor [%d] for LDAP connection.\n", state->sd); >- >- subreq = sdap_async_sys_connect_send(state, ev, state->sd, >-- (struct sockaddr *) addr, addr_len); >-+ (struct sockaddr *) addr, sizeof(struct sockaddr)); >- if (subreq == NULL) { >- ret = ENOMEM; >- DEBUG(SSSDBG_CRIT_FAILURE, "sdap_async_sys_connect_send failed.\n"); >+ DEBUG(SSSDBG_CRIT_FAILURE, >diff --git a/security/sssd/files/patch-src__util__util.h b/security/sssd/files/patch-src__util__util.h >index f10b498..11b5c8d 100644 >--- a/security/sssd/files/patch-src__util__util.h >+++ b/security/sssd/files/patch-src__util__util.h >@@ -1,20 +1,10 @@ >-diff --git src/util/util.h src/util/util.h >-index 7a66846..5e63275 100644 >---- src/util/util.h >-+++ src/util/util.h >-@@ -227,8 +227,6 @@ void sig_term(int sig); >- #include <signal.h> >- void BlockSignals(bool block, int signum); >- void (*CatchSignal(int signum,void (*handler)(int )))(int); >--void CatchChild(void); >--void CatchChildLeaveStatus(void); >- >- /* from memory.c */ >- typedef int (void_destructor_fn_t)(void *); >-@@ -542,5 +540,6 @@ char * sss_replace_space(TALLOC_CTX *mem_ctx, >+--- src/util/util.h.ga 2017-08-08 16:36:09.070328000 +0000 >++++ src/util/util.h 2017-08-08 16:45:26.801638000 +0000 >+@@ -618,6 +618,7 @@ char * sss_replace_space(TALLOC_CTX *mem > char * sss_reverse_replace_space(TALLOC_CTX *mem_ctx, > const char *orig_name, > const char replace_char); > +#include "util/sss_bsd_errno.h" > >- #endif /* __SSSD_UTIL_H__ */ >+ #define GUID_BIN_LENGTH 16 >+ /* 16 2-digit hex values + 4 dashes + terminating 0 */ >diff --git a/security/sssd/files/patch-src_external_pac__responder.m4 b/security/sssd/files/patch-src_external_pac__responder.m4 >index a2d3f23..cb00c57 100644 >--- a/security/sssd/files/patch-src_external_pac__responder.m4 >+++ b/security/sssd/files/patch-src_external_pac__responder.m4 >@@ -1,22 +1,11 @@ >---- src/external/pac_responder.m4.orig 2014-09-17 13:01:37 UTC >-+++ src/external/pac_responder.m4 >-@@ -14,14 +14,17 @@ then >- PKG_CHECK_MODULES(NDR_KRB5PAC, ndr_krb5pac, ndr_krb5pac_ok=yes, >- AC_MSG_WARN([Cannot build pac responder without libndr_krb5pac])) >- >+--- src/external/pac_responder.m4.ga 2017-08-08 16:52:35.337535000 +0000 >++++ src/external/pac_responder.m4 2017-08-08 16:55:22.087338000 +0000 >+@@ -7,7 +7,7 @@ AC_ARG_ENABLE([pac-responder], >+ krb5_version_ok=no >+ if test x$build_pac_responder = xyes >+ then > - AC_PATH_PROG(KRB5_CONFIG, krb5-config) > + AC_PATH_PROG(KRB5_CONFIG, krb5-config, [], [/usr/local/bin:$PATH]) > AC_MSG_CHECKING(for supported MIT krb5 version) > KRB5_VERSION="`$KRB5_CONFIG --version`" > case $KRB5_VERSION in >- Kerberos\ 5\ release\ 1.9* | \ >- Kerberos\ 5\ release\ 1.10* | \ >- Kerberos\ 5\ release\ 1.11* | \ >-- Kerberos\ 5\ release\ 1.12*) >-+ Kerberos\ 5\ release\ 1.12* | \ >-+ Kerberos\ 5\ release\ 1.13* | \ >-+ Kerberos\ 5\ release\ 1.14* | \ >-+ Kerberos\ 5\ release\ 1.15*) >- krb5_version_ok=yes >- AC_MSG_RESULT([yes]) >- ;;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=185285">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 217623
:
185201
|
185284
| 185285