Hello community,
here is the log from the commit of package pam-modules for openSUSE:Factory checked in at 2012-04-12 09:44:32
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pam-modules (Old)
and /work/SRC/openSUSE:Factory/.pam-modules.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam-modules", Maintainer is "mc@suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/pam-modules/pam-modules.changes 2012-02-14 13:07:49.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.pam-modules.new/pam-modules.changes 2012-04-12 09:44:37.000000000 +0200
@@ -1,0 +2,5 @@
+Tue Apr 3 13:37:30 UTC 2012 - kukuk@suse.com
+
+- Update to pam_unix2 2.9.1 (merge of patches)
+
+-------------------------------------------------------------------
Old:
----
0001-gettext.diff
0002-change-default-crypt-to-sha512.diff
0005-catch-retval-magic-by-ow-crypt-libxcrypt.diff
pam_unix2-2.9.0-logindefs-thread.diff
pam_unix2-2.9.0.tar.bz2
New:
----
pam_unix2-2.9.1.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pam-modules.spec ++++++
--- /var/tmp/diff_new_pack.zI0Tus/_old 2012-04-12 09:44:38.000000000 +0200
+++ /var/tmp/diff_new_pack.zI0Tus/_new 2012-04-12 09:44:38.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package pam-modules
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -29,19 +29,15 @@
Version: 12.1
Release: 0
#
-Source0: pam_unix2-2.9.0.tar.bz2
+Source0: pam_unix2-2.9.1.tar.bz2
Source1: pam_pwcheck-3.13.tar.bz2
Source2: pam_homecheck-2.0.tar.bz2
Source6: baselibs.conf
Source21: unix2_chkpwd.c
Source41: unix2_chkpwd.8
Source50: dlopen.sh
-Patch0: 0001-gettext.diff
-Patch1: 0002-change-default-crypt-to-sha512.diff
-Patch2: 0003-use-crypt_gensalt_rn-from-glibc.diff
-Patch3: 0004-add-workarounds-for-blowfish-signedness-bug.diff
-Patch4: 0005-catch-retval-magic-by-ow-crypt-libxcrypt.diff
-Patch5: pam_unix2-2.9.0-logindefs-thread.diff
+Patch0: 0003-use-crypt_gensalt_rn-from-glibc.diff
+Patch1: 0004-add-workarounds-for-blowfish-signedness-bug.diff
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: permissions
@@ -71,10 +67,6 @@
pushd pam_unix2-*
%patch0 -p1
%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
gettextize -f
autoreconf -f -i
popd
++++++ pam_unix2-2.9.0.tar.bz2 -> pam_unix2-2.9.1.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/ChangeLog new/pam_unix2-2.9.1/ChangeLog
--- old/pam_unix2-2.9.0/ChangeLog 2011-09-22 15:42:13.000000000 +0200
+++ new/pam_unix2-2.9.1/ChangeLog 2012-04-03 15:25:57.000000000 +0200
@@ -1,5 +1,16 @@
+2012-04-03 Thorsten Kukuk
+
+ * release version 2.9.1
+
+ * etc/passwd: Make sha512 default for local files.
+ * src/logindefs.c: Check for NULL pointer, make thread safe.
+ * src/unix_passwd.c: Make sha512 default, check for ow-crypt
+ return values.
+
2011-09-22 Thorsten Kukuk
+ * release version 2.9.0
+
* src/unix_sess.c: Set kernel 2.6.40 version if user
matches an entry in /etc/security/uname26.conf.
* doc/pam_unix2.8: Document uname26.conf.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/NEWS new/pam_unix2-2.9.1/NEWS
--- old/pam_unix2-2.9.0/NEWS 2011-09-22 15:43:13.000000000 +0200
+++ new/pam_unix2-2.9.1/NEWS 2012-04-03 15:27:11.000000000 +0200
@@ -1,10 +1,14 @@
pam_unix2 NEWS -- history of user-visible changes.
-Copyright (C) 2005-2011 SUSE LINUX Products GmbH
+Copyright (C) 2005-2012 SUSE LINUX Products GmbH
Copyright (C) 2001-2004 SuSE Linux AG Nuernberg, Germany
Please send bug reports, questions and suggestions to .
+Version 2.9.1
+* Bug fixes
+* Make sha512 default for /etc/passwd
+
Version 2.9.0
* Add support to run special user with linux kernel version 2.4.60
below a 3.x kernel
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/configure new/pam_unix2-2.9.1/configure
--- old/pam_unix2-2.9.0/configure 2011-09-22 15:43:24.000000000 +0200
+++ new/pam_unix2-2.9.1/configure 2012-04-03 15:31:21.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.63 for pam_unix2 2.9.0.
+# Generated by GNU Autoconf 2.63 for pam_unix2 2.9.1.
#
# Report bugs to http://www.suse.de/feedback.
#
@@ -596,8 +596,8 @@
# Identity of this package.
PACKAGE_NAME='pam_unix2'
PACKAGE_TARNAME='pam_unix2'
-PACKAGE_VERSION='2.9.0'
-PACKAGE_STRING='pam_unix2 2.9.0'
+PACKAGE_VERSION='2.9.1'
+PACKAGE_STRING='pam_unix2 2.9.1'
PACKAGE_BUGREPORT='http://www.suse.de/feedback'
ac_unique_file="src/support.c"
@@ -1315,7 +1315,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures pam_unix2 2.9.0 to adapt to many kinds of systems.
+\`configure' configures pam_unix2 2.9.1 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1385,7 +1385,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of pam_unix2 2.9.0:";;
+ short | recursive ) echo "Configuration of pam_unix2 2.9.1:";;
esac
cat <<\_ACEOF
@@ -1484,7 +1484,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-pam_unix2 configure 2.9.0
+pam_unix2 configure 2.9.1
generated by GNU Autoconf 2.63
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1498,7 +1498,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by pam_unix2 $as_me 2.9.0, which was
+It was created by pam_unix2 $as_me 2.9.1, which was
generated by GNU Autoconf 2.63. Invocation command line was
$ $0 $@
@@ -2214,7 +2214,7 @@
# Define the identity of the package.
PACKAGE='pam_unix2'
- VERSION='2.9.0'
+ VERSION='2.9.1'
cat >>confdefs.h <<_ACEOF
@@ -8856,7 +8856,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by pam_unix2 $as_me 2.9.0, which was
+This file was extended by pam_unix2 $as_me 2.9.1, which was
generated by GNU Autoconf 2.63. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -8919,7 +8919,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_version="\\
-pam_unix2 config.status 2.9.0
+pam_unix2 config.status 2.9.1
configured by $0, generated by GNU Autoconf 2.63,
with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/configure.in new/pam_unix2-2.9.1/configure.in
--- old/pam_unix2-2.9.0/configure.in 2011-09-22 15:42:25.000000000 +0200
+++ new/pam_unix2-2.9.1/configure.in 2012-04-03 15:31:17.000000000 +0200
@@ -1,5 +1,5 @@
dnl Process this file with autoconf to produce a configure script.
-AC_INIT(pam_unix2, 2.9.0, http://www.suse.de/feedback, pam_unix2)
+AC_INIT(pam_unix2, 2.9.1, http://www.suse.de/feedback, pam_unix2)
AM_INIT_AUTOMAKE
AC_CONFIG_SRCDIR([src/support.c])
AM_CONFIG_HEADER(config.h)
@@ -93,7 +93,7 @@
LDFLAGS="${LDFLAGS} -G"
fi
-AM_GNU_GETTEXT_VERSION
+AM_GNU_GETTEXT_VERSION([0.12])
AM_GNU_GETTEXT([external])
AC_SUBST(LIBPAM)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/etc/passwd new/pam_unix2-2.9.1/etc/passwd
--- old/pam_unix2-2.9.0/etc/passwd 2004-07-26 15:10:26.000000000 +0200
+++ new/pam_unix2-2.9.1/etc/passwd 2012-04-03 15:18:24.000000000 +0200
@@ -1,27 +1,30 @@
# This file contains some information for
-# the passwd (1) command and other tools
+# the passwd (1) command and other tools
# creating or modifying passwords.
-# Define default crypt hash
-# CRYPT={des,md5,blowfish}
-CRYPT=des
+# Define default crypt hash.
+# CRYPT={des,md5,blowfish,sha256,sha512}
+CRYPT=sha512
-# Use another crypt hash for group passwowrds.
+# Use another crypt hash for group passwords.
# This is used by gpasswd, fallback is the CRYPT entry.
# GROUP_CRYPT=des
-
-# We can override the default for a special service
-# by appending the service name (FILES, YP, NISPLUS, LDAP)
-
-# for local files, use a more secure hash. We
+# We can override the default for a specific service
+# by appending the service name (FILES, YP, NISPLUS, LDAP).
+#
+# For local files, use a more secure hash. We
# don't need to be portable here:
-CRYPT_FILES=blowfish
-# sometimes we need to specify special options for
-# a hash (variable is prepended by the name of the
-# crypt hash).
-BLOWFISH_CRYPT_FILES=5
-
+CRYPT_FILES=sha512
+#
# For NIS, we should always use DES:
CRYPT_YP=des
+# sometimes we need to specify special options for a hash (variable
+# is prepended by the name of the crypt hash). In case of blowfish
+# and sha* this is the number of rounds
+# blowfish: 4-31
+# BLOWFISH_CRYPT_FILES=5
+# sha256/sha512: 1000-9999999
+# SHA512_CRYPT_FILES=1000
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/src/logindefs.c new/pam_unix2-2.9.1/src/logindefs.c
--- old/pam_unix2-2.9.0/src/logindefs.c 2006-01-12 18:16:30.000000000 +0100
+++ new/pam_unix2-2.9.1/src/logindefs.c 2012-04-03 15:21:41.000000000 +0200
@@ -33,7 +33,7 @@
struct item *next; /* pointer to next option. */
};
-static struct item *list = NULL;
+static __thread struct item *list = NULL;
void
free_getlogindefs_data (void)
@@ -82,7 +82,7 @@
while (ptr != NULL)
{
if (strcasecmp (name, ptr->name) == 0)
- return ptr->value;
+ return *ptr->value?ptr->value:NULL;
ptr = ptr->next;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/src/unix_passwd.c new/pam_unix2-2.9.1/src/unix_passwd.c
--- old/pam_unix2-2.9.0/src/unix_passwd.c 2011-05-12 16:31:04.000000000 +0200
+++ new/pam_unix2-2.9.1/src/unix_passwd.c 2012-04-03 15:24:51.000000000 +0200
@@ -557,7 +557,7 @@
if (crypt_str == NULL)
{
opt_str = "CRYPT";
- crypt_str = getlogindefs_str (opt_str, "DES");
+ crypt_str = getlogindefs_str (opt_str, data->service == S_YP?"des":"sha512");
}
if (strcasecmp (crypt_str, "des") == 0)
@@ -729,7 +729,9 @@
options->use_crypt);
return PAM_AUTHTOK_ERR;
}
- if (newpassword == NULL)
+ if (newpassword == NULL
+ /* catch retval magic by ow-crypt/libxcrypt */
+ || !strcmp(newpassword, "*0") || !strcmp(newpassword, "*1"))
{
__write_message (pamh, flags, PAM_ERROR_MSG,
_("crypt_r() returns NULL pointer"));
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org