openSUSE Commits
Threads by month
- ----- 2024 -----
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
July 2009
- 2 participants
- 999 discussions
Hello community,
here is the log from the commit of package drbd for openSUSE:Factory
checked in at Tue Jul 28 00:06:59 CEST 2009.
--------
--- drbd/drbd.changes 2009-07-15 12:49:54.000000000 +0200
+++ drbd/drbd.changes 2009-07-19 21:51:52.000000000 +0200
@@ -1,0 +2,5 @@
+Sun Jul 19 21:51:40 CEST 2009 - coolo(a)novell.com
+
+- trying to get installation right
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ drbd.spec ++++++
--- /var/tmp/diff_new_pack.ccw5v9/_old 2009-07-28 00:05:55.000000000 +0200
+++ /var/tmp/diff_new_pack.ccw5v9/_new 2009-07-28 00:05:55.000000000 +0200
@@ -21,7 +21,7 @@
BuildRequires: bison flex glib-devel kernel-source kernel-syms module-init-tools
Summary: Distributed Replicated Block Device
Version: 8.3.2
-Release: 1
+Release: 2
Source: %{name}-%{version}.tar.bz2
License: GPL v2 or later
Group: Productivity/Clustering/HA
@@ -90,6 +90,9 @@
mkdir $RPM_BUILD_ROOT/etc/bash_completion.d
cp scripts/drbdadm.bash_completion $RPM_BUILD_ROOT/etc/bash_completion.d/drbdadm.sh
cp scripts/drbd.rules $RPM_BUILD_ROOT/etc/udev/rules.d/65-drbd.rules
+# these files look like wrong installed documentation
+rm $RPM_BUILD_ROOT/etc/udev/rules.d/65-drbd.rules.disabled
+rm $RPM_BUILD_ROOT/usr/lib/ocf/resource.d/linbit/drbd
ln -sf ../etc/init.d/drbd $RPM_BUILD_ROOT/sbin/rcdrbd
mkdir -p $RPM_BUILD_ROOT/var/lib/drbd
#
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package freqtweak for openSUSE:Factory
checked in at Tue Jul 28 00:05:41 CEST 2009.
--------
--- freqtweak/freqtweak.changes 2008-11-10 16:51:44.000000000 +0100
+++ freqtweak/freqtweak.changes 2009-07-27 16:34:33.000000000 +0200
@@ -1,0 +2,8 @@
+Mon Jul 27 16:27:31 CEST 2009 - tiwai(a)suse.de
+
+- updated to version 0.7.2:
+ * misc configure fixes
+ * fixes for wx 2.8
+ * misc C++ related fixes
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
freqtweak-0.6.0-fix.dif
freqtweak-0.6.1.tar.bz2
freqtweak-jack-fix.diff
freqtweak-wx-2.8-fix.diff
New:
----
freqtweak-0.7.2.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ freqtweak.spec ++++++
--- /var/tmp/diff_new_pack.jEfBxW/_old 2009-07-28 00:04:38.000000000 +0200
+++ /var/tmp/diff_new_pack.jEfBxW/_new 2009-07-28 00:04:38.000000000 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package freqtweak (Version 0.6.1)
+# spec file for package freqtweak (Version 0.7.2)
#
-# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -21,8 +21,8 @@
Name: freqtweak
BuildRequires: SDL-devel fftw3-devel gcc-c++ jack-devel libmspack-devel libsigc++12-devel libtiff-devel libxml2-devel unixODBC-devel update-desktop-files wxGTK-devel
Summary: Real-Time Audio Spectral Visualization
-Version: 0.6.1
-Release: 288
+Version: 0.7.2
+Release: 1
License: GPL v2 or later
Group: Productivity/Multimedia/Sound/Visualization
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -30,11 +30,8 @@
Source: %{name}-%{version}.tar.bz2
Source1: freqtweak.desktop
Source2: freqtweak.png
-Patch: freqtweak-0.6.0-fix.dif
Patch1: freqtweak-0.6.1-gcc4.patch
-Patch2: freqtweak-jack-fix.diff
Patch3: freqtweak-0.6.1-wrong-var-ref.diff
-Patch4: freqtweak-wx-2.8-fix.diff
Patch5: freqtweak-gcc43-fixes.diff
Patch6: freqtweak-delete-array-fix.diff
@@ -55,13 +52,10 @@
%prep
%setup -q
-%patch
-%patch1
-%patch2
-%patch3
-%patch4
-%patch5
-%patch6
+%patch1 -p1
+%patch3 -p1
+%patch5 -p1
+%patch6 -p1
%build
autoreconf --force --install
++++++ freqtweak-0.6.1-gcc4.patch ++++++
--- /var/tmp/diff_new_pack.jEfBxW/_old 2009-07-28 00:04:38.000000000 +0200
+++ /var/tmp/diff_new_pack.jEfBxW/_new 2009-07-28 00:04:38.000000000 +0200
@@ -1,5 +1,11 @@
---- src/FTprocOrderDialog.cpp
-+++ src/FTprocOrderDialog.cpp
+---
+ src/FTprocOrderDialog.cpp | 8 ++++----
+ src/FTutils.hpp | 1 +
+ src/xml++.hpp | 5 +++++
+ 3 files changed, 10 insertions(+), 4 deletions(-)
+
+--- a/src/FTprocOrderDialog.cpp
++++ b/src/FTprocOrderDialog.cpp
@@ -20,7 +20,7 @@
#if HAVE_CONFIG_H
#include <config.h>
@@ -36,8 +42,8 @@
item.SetId (_targetList->GetItemCount());
_targetList->InsertItem(item);
---- src/xml++.hpp
-+++ src/xml++.hpp
+--- a/src/xml++.hpp
++++ b/src/xml++.hpp
@@ -9,10 +9,15 @@
#include <map>
#include <cstdio>
@@ -54,3 +60,13 @@
#ifndef __XMLPP_H
#define __XMLPP_H
+--- a/src/FTutils.hpp
++++ b/src/FTutils.hpp
+@@ -23,6 +23,7 @@
+ #include <iostream>
+ #include <sstream>
+ #include <cmath>
++#include <inttypes.h>
+
+ //#include <wx/string.h>
+
++++++ freqtweak-0.6.1-wrong-var-ref.diff ++++++
--- /var/tmp/diff_new_pack.jEfBxW/_old 2009-07-28 00:04:38.000000000 +0200
+++ /var/tmp/diff_new_pack.jEfBxW/_new 2009-07-28 00:04:38.000000000 +0200
@@ -1,5 +1,9 @@
---- src/FTmodulatorGui.cpp-dist 2007-01-09 14:37:24.000000000 +0100
-+++ src/FTmodulatorGui.cpp 2007-01-09 14:38:32.000000000 +0100
+---
+ src/FTmodulatorGui.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/FTmodulatorGui.cpp
++++ b/src/FTmodulatorGui.cpp
@@ -679,7 +679,7 @@
if (tmpstr.ToLong (&tmplong)
++++++ freqtweak-0.6.1.tar.bz2 -> freqtweak-0.7.2.tar.bz2 ++++++
++++ 19228 lines of diff (skipped)
++++++ freqtweak-delete-array-fix.diff ++++++
--- /var/tmp/diff_new_pack.jEfBxW/_old 2009-07-28 00:04:38.000000000 +0200
+++ /var/tmp/diff_new_pack.jEfBxW/_new 2009-07-28 00:04:38.000000000 +0200
@@ -1,5 +1,9 @@
---- src/FTmodRotate.cpp-dist 2008-11-10 16:46:52.000000000 +0100
-+++ src/FTmodRotate.cpp 2008-11-10 16:47:52.000000000 +0100
+---
+ src/FTmodRotate.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/FTmodRotate.cpp
++++ b/src/FTmodRotate.cpp
@@ -86,7 +86,7 @@
_fftN = fftn;
++++++ freqtweak-gcc43-fixes.diff ++++++
--- /var/tmp/diff_new_pack.jEfBxW/_old 2009-07-28 00:04:39.000000000 +0200
+++ /var/tmp/diff_new_pack.jEfBxW/_new 2009-07-28 00:04:39.000000000 +0200
@@ -1,5 +1,10 @@
---- src/ftlogo.xpm-dist 2007-10-23 13:44:04.000000000 +0200
-+++ src/ftlogo.xpm 2007-10-23 13:44:08.000000000 +0200
+---
+ configure.ac | 7 +++++++
+ src/ftlogo.xpm | 2 +-
+ 2 files changed, 8 insertions(+), 1 deletion(-)
+
+--- a/src/ftlogo.xpm
++++ b/src/ftlogo.xpm
@@ -1,5 +1,5 @@
/* XPM */
-static char * ftlogo_xpm[] = {
@@ -7,9 +12,9 @@
"70 40 752 2",
" c None",
". c #D6D6D6",
---- configure.ac-dist 2007-10-23 13:47:37.000000000 +0200
-+++ configure.ac 2007-10-23 12:37:51.000000000 +0200
-@@ -351,6 +351,13 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -393,6 +393,13 @@
doc/Makefile
])
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package kchmviewer for openSUSE:Factory
checked in at Tue Jul 28 00:03:31 CEST 2009.
--------
--- KDE/kchmviewer/kchmviewer.changes 2009-03-16 13:58:33.000000000 +0100
+++ kchmviewer/kchmviewer.changes 2009-07-25 21:18:58.000000000 +0200
@@ -1,0 +2,13 @@
+Sat Jul 25 20:56:19 CEST 2009 - beineri(a)opensuse.org
+
+- Update to 4.1:
+ * Updated Dutch and Turkish translations
+ * Default toolbar button order changed to standard -/+
+ * Automatic encoding detection for KHTMLPart/WebKit is now
+ disabled by default
+ * Fixed incorrest index string encoding for non-English strings
+ * Fixed text size auto-increase each time the file is loaded
+ for WebKit browser.
+ * License changed from GPLv2 to GPLv3
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
kchmviewer-4.0.tar.bz2
New:
----
kchmviewer-4.1.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ kchmviewer.spec ++++++
--- /var/tmp/diff_new_pack.t745G3/_old 2009-07-28 00:03:17.000000000 +0200
+++ /var/tmp/diff_new_pack.t745G3/_new 2009-07-28 00:03:17.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package kchmviewer (Version 4.0)
+# spec file for package kchmviewer (Version 4.1)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -21,10 +21,10 @@
Name: kchmviewer
BuildRequires: libkde4-devel
BuildRequires: chmlib-devel
-License: GPL v2 or later
+License: GPL v3 only
Group: Productivity/Office/Other
Summary: KDE chm Viewer (MS Windows Compressed HTML Documents)
-Version: 4.0
+Version: 4.1
Release: 1
Url: http://www.kchmviewer.net/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -51,16 +51,17 @@
%make_jobs
%install
- cd build
+ pushd build
%makeinstall
+ popd
%suse_update_desktop_file -G "Compressed HTML Viewer" %name Office Viewer
- #%kde_post_install
-# %find_lang %name
+ %kde_post_install
+ %find_lang %name
%clean
rm -rf $RPM_BUILD_ROOT
-%files
+%files -f %name.lang
%defattr(-,root,root)
/usr/bin/kchmviewer
%_libdir/kde4/kio_msits.so
++++++ kchmviewer-4.0.tar.bz2 -> kchmviewer-4.1.tar.bz2 ++++++
++++ 23725 lines of diff (skipped)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package kpackagekit for openSUSE:Factory
checked in at Tue Jul 28 00:03:01 CEST 2009.
--------
--- KDE/kpackagekit/kpackagekit.changes 2009-06-08 16:05:21.000000000 +0200
+++ kpackagekit/kpackagekit.changes 2009-07-25 23:28:20.000000000 +0200
@@ -1,0 +2,9 @@
+Sat Jul 25 22:40:53 CEST 2009 - beineri(a)opensuse.org
+
+- 0.4.1.1
+- With KDE >= 4.2.3 persistent notifications are working again so
+ the code to use it was commented out
+- Getting duplicated updates was trully fixed
+- Added "details" button on error notifications
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
84745-kpackagekit-0.4.1.tar.bz2
New:
----
84745-kpackagekit-0.4.1.1.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ kpackagekit.spec ++++++
--- /var/tmp/diff_new_pack.0vZ6Rv/_old 2009-07-28 00:01:46.000000000 +0200
+++ /var/tmp/diff_new_pack.0vZ6Rv/_new 2009-07-28 00:01:46.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package kpackagekit (Version 0.4.1)
+# spec file for package kpackagekit (Version 0.4.1.1)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -19,7 +19,7 @@
Summary: KDE interface for PackageKit
Name: kpackagekit
-Version: 0.4.1
+Version: 0.4.1.1
Release: 1
License: GPL v3 only
Group: System/Packages
@@ -27,14 +27,13 @@
Source0: http://www.kde-apps.org/CONTENT/content-files/84745-kpackagekit-%{version}.…
Url: http://www.kde-apps.org/content/show.php/KPackageKit?content=84745
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-BuildRequires: libkde4-devel
-BuildRequires: libpackagekit-qt11-devel
-Requires: libpackagekit-qt11
+BuildRequires: libkde4-devel libpackagekit-qt11-devel
Requires: PackageKit
Patch: desktop.diff
+%kde4_runtime_requires
%description
-KDE interface for PackageKit
+KDE interface for PackageKit package management.
@@ -73,6 +72,7 @@
%makeinstall
cd ..
%suse_update_desktop_file kpackagekit
+%kde_post_install
%clean
++++++ 84745-kpackagekit-0.4.1.tar.bz2 -> 84745-kpackagekit-0.4.1.1.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/AddRm/KpkAddRm.cpp new/KPackageKit/AddRm/KpkAddRm.cpp
--- old/KPackageKit/AddRm/KpkAddRm.cpp 2009-06-05 04:29:41.000000000 +0200
+++ new/KPackageKit/AddRm/KpkAddRm.cpp 2009-06-11 04:46:10.000000000 +0200
@@ -404,7 +404,7 @@
void KpkAddRm::save()
{
- KpkReviewChanges *frm = new KpkReviewChanges(m_pkg_model_main->selectedPackages(), this);
+ QPointer<KpkReviewChanges> frm = new KpkReviewChanges(m_pkg_model_main->selectedPackages(), this);
frm->setTitle(i18n("Review Changes"));
if (frm->exec() == QDialog::Accepted) {
m_pkg_model_main->uncheckAll();
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/KPackageKit/KpkBackendDetails.ui new/KPackageKit/KPackageKit/KpkBackendDetails.ui
--- old/KPackageKit/KPackageKit/KpkBackendDetails.ui 2009-06-05 04:30:06.000000000 +0200
+++ new/KPackageKit/KPackageKit/KpkBackendDetails.ui 2009-06-11 04:46:10.000000000 +0200
@@ -6,13 +6,10 @@
<rect>
<x>0</x>
<y>0</y>
- <width>399</width>
+ <width>407</width>
<height>454</height>
</rect>
</property>
- <property name="windowTitle">
- <string>Form</string>
- </property>
<layout class="QGridLayout" name="gridLayout_4">
<property name="margin">
<number>0</number>
@@ -26,7 +23,7 @@
</sizepolicy>
</property>
<property name="title">
- <string>General</string>
+ <string>About Backend</string>
</property>
<layout class="QGridLayout" name="gridLayout">
<item row="0" column="0">
@@ -39,7 +36,7 @@
<item row="0" column="1">
<widget class="QLabel" name="nameL">
<property name="text">
- <string>name</string>
+ <string>backend name here</string>
</property>
</widget>
</item>
@@ -53,7 +50,7 @@
<item row="1" column="1">
<widget class="QLabel" name="authorL">
<property name="text">
- <string>author</string>
+ <string>backend author name here</string>
</property>
</widget>
</item>
@@ -484,7 +481,7 @@
<bool>false</bool>
</property>
<property name="text">
- <string>Visible</string>
+ <string>Package is visible</string>
</property>
<property name="checkable">
<bool>true</bool>
@@ -532,7 +529,7 @@
<bool>false</bool>
</property>
<property name="text">
- <string>Free</string>
+ <string>Free software</string>
</property>
<property name="checkable">
<bool>true</bool>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/SmartIcon/KPackageKitSmartIcon.cpp new/KPackageKit/SmartIcon/KPackageKitSmartIcon.cpp
--- old/KPackageKit/SmartIcon/KPackageKitSmartIcon.cpp 2009-06-05 04:29:39.000000000 +0200
+++ new/KPackageKit/SmartIcon/KPackageKitSmartIcon.cpp 2009-06-11 04:46:09.000000000 +0200
@@ -44,15 +44,18 @@
this, SLOT(close()));
m_trayIcon = new KpkTransactionTrayIcon(this);
- connect(m_trayIcon, SIGNAL(close()), this, SLOT(prepareToClose()));
+ connect(m_trayIcon, SIGNAL(close()),
+ this, SLOT(prepareToClose()));
// This MUST be called after connecting all the signals or slots!
QTimer::singleShot(0, m_trayIcon, SLOT(checkTransactionList()));
m_updateIcon = new KpkUpdateIcon(this);
- connect(m_updateIcon, SIGNAL(close()), this, SLOT(prepareToClose()));
+ connect(m_updateIcon, SIGNAL(close()),
+ this, SLOT(prepareToClose()));
m_distroUpgrade = new KpkDistroUpgrade(this);
- connect(m_distroUpgrade, SIGNAL(close()), this, SLOT(prepareToClose()));
+ connect(m_distroUpgrade, SIGNAL(close()),
+ this, SLOT(prepareToClose()));
m_interface = new KpkInterface(this);
// connect the update signal from DBus to our update and distro classes
@@ -62,6 +65,8 @@
m_distroUpgrade, SLOT(checkDistroUpgrades()));
m_transWatcher = new KpkTransactionWatcher(this);
+ connect(m_transWatcher, SIGNAL(close()),
+ this, SLOT(prepareToClose()));
// connect the watch transaction coming through DBus to our watcher
connect(m_interface, SIGNAL(watchTransaction(const QString &)),
m_transWatcher, SLOT(watchTransaction(const QString &)));
@@ -98,6 +103,10 @@
if (m_distroUpgrade && m_distroUpgrade->isRunning()) {
return true;
}
+ if (m_transWatcher && m_transWatcher->isRunning()) {
+ return true;
+ }
+
return false;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/SmartIcon/KpkDistroUpgrade.cpp new/KPackageKit/SmartIcon/KpkDistroUpgrade.cpp
--- old/KPackageKit/SmartIcon/KpkDistroUpgrade.cpp 2009-06-05 04:29:39.000000000 +0200
+++ new/KPackageKit/SmartIcon/KpkDistroUpgrade.cpp 2009-06-11 04:46:09.000000000 +0200
@@ -54,9 +54,8 @@
Q_UNUSED(type)
kDebug() << "Distro upgrade found!" << name << description;
increaseRunning();
- // TODO kde4.2 does not work with KNotification::Persistent, when it's fixed we move back
- // otherwise we will leak
- KNotification *notify = new KNotification("DistroUpgradeAvailable", 0, KNotification::CloseOnTimeout);
+
+ KNotification *notify = new KNotification("DistroUpgradeAvailable", 0, KNotification::Persistent);
QString text;
text = i18n("Distribution upgrade available") + "<br/>";
@@ -70,14 +69,14 @@
connect(notify, SIGNAL(activated(uint)),
this, SLOT(handleDistroUpgradeAction(uint)));
connect(notify, SIGNAL(closed()),
- this , SLOT(handleDistroUpgradeActionClosed()));
+ this , SLOT(decreaseRunning()));
notify->sendEvent();
}
void KpkDistroUpgrade::handleDistroUpgradeAction(uint action)
{
// get the sender cause there might be more than one
- KNotification *notify = (KNotification *) sender();
+ KNotification *notify = qobject_cast<KNotification*>(sender());
switch(action) {
case 1:
// Check to see if there isn't another process running
@@ -102,12 +101,6 @@
notify->close();
}
-void KpkDistroUpgrade::handleDistroUpgradeActionClosed()
-{
- kDebug();
- decreaseRunning();
-}
-
void KpkDistroUpgrade::distroUpgradeFinished(int exitCode, QProcess::ExitStatus exitStatus)
{
decreaseRunning();
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/SmartIcon/KpkDistroUpgrade.h new/KPackageKit/SmartIcon/KpkDistroUpgrade.h
--- old/KPackageKit/SmartIcon/KpkDistroUpgrade.h 2009-06-05 04:29:39.000000000 +0200
+++ new/KPackageKit/SmartIcon/KpkDistroUpgrade.h 2009-06-11 04:46:09.000000000 +0200
@@ -42,7 +42,6 @@
void handleDistroUpgradeAction(uint action);
void distroUpgradeError(QProcess::ProcessError error);
void distroUpgradeFinished(int exitCode, QProcess::ExitStatus exitStatus);
- void handleDistroUpgradeActionClosed();
private:
QProcess *m_distroUpgradeProcess;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/SmartIcon/KpkTransactionTrayIcon.cpp new/KPackageKit/SmartIcon/KpkTransactionTrayIcon.cpp
--- old/KPackageKit/SmartIcon/KpkTransactionTrayIcon.cpp 2009-06-05 04:29:39.000000000 +0200
+++ new/KPackageKit/SmartIcon/KpkTransactionTrayIcon.cpp 2009-06-11 04:46:09.000000000 +0200
@@ -149,7 +149,6 @@
void KpkTransactionTrayIcon::createTransactionDialog(Transaction *t)
{
- kDebug();
increaseRunning();
// we need to close on finish otherwise smart-icon will timeout
KpkTransaction *trans = new KpkTransaction(t, KpkTransaction::CloseOnFinish, m_menu);
@@ -172,7 +171,7 @@
void KpkTransactionTrayIcon::transactionListChanged(const QList<PackageKit::Transaction*> &tids)
{
- kDebug() << tids.size();
+// kDebug() << tids.size();
if (tids.size()) {
setCurrentTransaction(tids.first());
} else {
@@ -347,10 +346,10 @@
void KpkTransactionTrayIcon::requireRestart(PackageKit::Client::RestartType type, Package *pkg)
{
-// decreaseRunning(); //TODO make it persistent when kde fixes that
+ increaseRunning();
m_restartPackages << pkg->name();
- KNotification *notify = new KNotification("RestartRequired");
+ KNotification *notify = new KNotification("RestartRequired", 0, KNotification::Persistent);
QString text("<b>" + i18n("The system update has completed") + "</b>");
text.append("<br />" + KpkStrings::restartType(type));
notify->setText(text);
@@ -359,11 +358,11 @@
switch (type) {
case Client::RestartSystem :
notify->setPixmap(KpkIcons::restartIcon(type).pixmap(64, 64));
- actions << i18n("Restart");
+ actions << i18nc("Restart the computer", "Restart");
actions << i18n("Not now");
m_restartType = Client::RestartSystem;
m_restartAction->setIcon(KpkIcons::restartIcon(type));
- m_restartAction->setText(i18n("Restart"));
+ m_restartAction->setText(i18nc("Restart the computer", "Restart"));
break;
case Client::RestartSession :
notify->setPixmap(KpkIcons::restartIcon(type).pixmap(64, 64));
@@ -392,6 +391,8 @@
notify->setActions(actions);
connect(notify, SIGNAL(activated(uint)),
this, SLOT(restartActivated(uint)));
+ connect(notify, SIGNAL(closed()),
+ this, SLOT(decreaseRunning()));
notify->sendEvent();
}
@@ -402,7 +403,7 @@
logout();
}
// in persistent mode we need to manually close it
-// notify->close();
+ qobject_cast<KNotification*>(sender())->close();
}
void KpkTransactionTrayIcon::logout()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/SmartIcon/KpkTransactionWatcher.cpp new/KPackageKit/SmartIcon/KpkTransactionWatcher.cpp
--- old/KPackageKit/SmartIcon/KpkTransactionWatcher.cpp 2009-06-05 04:29:39.000000000 +0200
+++ new/KPackageKit/SmartIcon/KpkTransactionWatcher.cpp 2009-06-11 04:46:09.000000000 +0200
@@ -25,8 +25,11 @@
#include <KNotification>
#include <KIcon>
+#include <KMessageBox>
#include <KDebug>
+Q_DECLARE_METATYPE(PackageKit::Client::ErrorType)
+
KpkTransactionWatcher::KpkTransactionWatcher(QObject *parent)
: KpkAbstractIsRunning(parent)
{
@@ -41,14 +44,14 @@
foreach(Transaction *trans, m_hiddenTransactions) {
if (trans->tid() == tid) {
// Oops we are already watching this one
- kDebug() << "Oops we are already watching this one" << tid;
+// kDebug() << "Oops we are already watching this one" << tid;
return;
}
}
foreach(Transaction *trans, Client::instance()->getTransactions()) {
if (trans->tid() == tid) {
// found it let's start watching
- kDebug() << "found it let's start watching" << tid;
+// kDebug() << "found it let's start watching" << tid;
m_hiddenTransactions.append(trans);
connect(trans, SIGNAL(finished(PackageKit::Transaction::ExitStatus, uint)),
this, SLOT(finished(PackageKit::Transaction::ExitStatus, uint)));
@@ -64,7 +67,7 @@
foreach(Transaction *trans, m_hiddenTransactions) {
if (trans->tid() == tid) {
// Found it, let's remove
- kDebug() << "found it let's remove" << tid;
+// kDebug() << "found it let's remove" << tid;
m_hiddenTransactions.removeOne(trans);
// disconnect to not show any notification
trans->disconnect();
@@ -83,53 +86,40 @@
void KpkTransactionWatcher::errorCode(PackageKit::Client::ErrorType err, const QString &details)
{
- Q_UNUSED(details)
- // TODO add a details button to show details in a message box
- // do not forget to increase count ^^
- KNotification* errorNotification = new KNotification("TransactionError", 0, KNotification::Persistent);
- errorNotification->setFlags(KNotification::Persistent);
- errorNotification->setText("<b>"+KpkStrings::error(err)+"</b><br />"+KpkStrings::errorMessage(err));
-// QStringList actions;
-// actions << i18n("Details");
-// errorNotification->setActions(actions);
+ increaseRunning();
+ KNotification *notify = new KNotification("TransactionError", 0, KNotification::Persistent);
+ notify->setText("<b>"+KpkStrings::error(err)+"</b><br />"+KpkStrings::errorMessage(err));
+ notify->setProperty("ErrorType", QVariant::fromValue(err));
+ notify->setProperty("Details", details);
+ QStringList actions;
+ actions << i18n("Details") << i18n("Ignore");
+ notify->setActions(actions);
KIcon icon("dialog-error");
// Use QSize for proper icon
- errorNotification->setPixmap(icon.pixmap(QSize(128, 128)));
- errorNotification->sendEvent();
-}
+ notify->setPixmap(icon.pixmap(QSize(128, 128)));
+ connect(notify, SIGNAL(activated(uint)),
+ this, SLOT(errorActivated(uint)));
+ connect(notify, SIGNAL(closed()),
+ this, SLOT(decreaseRunning()));
+ notify->sendEvent();
+}
+
+void KpkTransactionWatcher::errorActivated(uint action)
+{
+ KNotification *notify = qobject_cast<KNotification*>(sender());
+ // if the user clicked "Details"
+ if (action == 1) {
+ PackageKit::Client::ErrorType error = notify->property("ErrorType").value<PackageKit::Client::ErrorType>();
+ QString details = notify->property("Details").toString();
+ KMessageBox::detailedSorry(0,
+ KpkStrings::errorMessage(error),
+ QString(details).replace('\n', "<br />"),
+ KpkStrings::error(error),
+ KMessageBox::Notify);
+ }
-// //FIXME: Implement the proper dbus calls to restart things.
-// void KpkTransactionWatcher::showRestartMessage(PackageKit::Client::RestartType type, const QString &details)
-// {
-// if (type==Client::RestartNone) {
-// return;
-// }
-// KNotification *notify = new KNotification("RestartRequired");
-// QString text;
-// QStringList events;
-// KIcon icon;
-// switch(type) {
-// case Client::RestartApplication:
-// text = i18n("Restart the application for system changes to take effect.");
-// //FIXME: Need a way to detect which program it is
-// icon = KIcon("window-close");
-// break;
-// case Client::RestartSession:
-// text = i18n("You must logout and log back in for system changes to take effect.");
-// icon = KIcon("system-restart"); //FIXME: find the logout icon
-// break;
-// case Client::RestartSystem:
-// text = i18n("Please restart your computer for system changes to take effect.");
-// icon = KIcon("system-restart");
-// break;
-// case Client::RestartNone:
-// case Client::UnknownRestartType:
-// return;
-// }
-// // Use QSize for proper icon
-// notify->setPixmap(icon.pixmap(QSize(128, 128)));
-// notify->setText("<b>"+text+"</b><br />"+details);
-// notify->sendEvent();
-// }
+ // in persistent mode we need to manually close it
+ notify->close();
+}
#include "KpkTransactionWatcher.moc"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/SmartIcon/KpkTransactionWatcher.h new/KPackageKit/SmartIcon/KpkTransactionWatcher.h
--- old/KPackageKit/SmartIcon/KpkTransactionWatcher.h 2009-06-05 04:29:39.000000000 +0200
+++ new/KPackageKit/SmartIcon/KpkTransactionWatcher.h 2009-06-11 04:46:09.000000000 +0200
@@ -41,7 +41,7 @@
private slots:
void errorCode(PackageKit::Client::ErrorType, const QString&);
-// void showRestartMessage(PackageKit::Client::RestartType, const QString&);
+ void errorActivated(uint action);
void finished(PackageKit::Transaction::ExitStatus status, uint time);
private:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/SmartIcon/KpkUpdateIcon.cpp new/KPackageKit/SmartIcon/KpkUpdateIcon.cpp
--- old/KPackageKit/SmartIcon/KpkUpdateIcon.cpp 2009-06-05 04:29:39.000000000 +0200
+++ new/KPackageKit/SmartIcon/KpkUpdateIcon.cpp 2009-06-11 04:46:09.000000000 +0200
@@ -55,9 +55,9 @@
// this, SLOT(showSettings()));
// m_icon->contextMenu()->addAction(m_icon->actionCollection()->action(KStandardAction::name(KStandardAction::Preferences)));
- int m_inhibitCookie = Solid::PowerManagement::beginSuppressingSleep( i18n("Installing updates.") );
- if (m_inhibitCookie == -1)
- kDebug() << "Sleep suppression denied!";
+// int m_inhibitCookie = Solid::PowerManagement::beginSuppressingSleep( i18n("Installing updates.") );
+// if (m_inhibitCookie == -1)
+// kDebug() << "Sleep suppression denied!";
}
KpkUpdateIcon::~KpkUpdateIcon()
@@ -159,11 +159,8 @@
foreach(Package *p, m_updateList) {
packageGroups[p->state()].append(p);
- }
-
- foreach(const Package::State &state, packageGroups.keys()) {
- if (state>highState) {
- highState = state;
+ if (p->state() > highState) {
+ highState = p->state();
}
}
@@ -206,7 +203,7 @@
{
Q_UNUSED(runtime)
if (m_updateList.size() > 0) {
- kDebug() << "Found " << m_updateList.size() << " updates";
+// kDebug() << "Found " << m_updateList.size() << " updates";
Package::State highState = Package::StateInstalled;
//FIXME: This assumes that PackageKit shares our priority ranking.
foreach(Package *p, m_updateList) {
@@ -221,11 +218,11 @@
KConfigGroup checkUpdateGroup(&config, "CheckUpdate");
uint updateType = (uint) checkUpdateGroup.readEntry("autoUpdate", KpkEnum::AutoUpdateDefault);
if (updateType == KpkEnum::None) {
- kDebug() << "None.";
+// kDebug() << "None.";
notifyUpdates();
} else {
if (updateType == KpkEnum::All) {
- kDebug() << "All";
+// kDebug() << "All";
Client::instance()->setProxy(KProtocolManager::proxyFor("http"), KProtocolManager::proxyFor("ftp"));
if (Transaction* t = Client::instance()->updateSystem()) {
connect(t, SIGNAL(finished(PackageKit::Transaction::ExitStatus, uint)),
@@ -240,12 +237,12 @@
autoInstallNotify->sendEvent();
increaseRunning();
} else {
- kDebug() << "All Trans failed.";
+// kDebug() << "All Trans failed.";
notifyUpdates();
}
} else {
// Defaults to security
- kDebug() << "Security";
+// kDebug() << "Security";
QList<PackageKit::Package*> updateList;
foreach(PackageKit::Package *package, m_updateList) {
if (package->state() == Package::StateSecurity) {
@@ -267,11 +264,11 @@
autoInstallNotify->sendEvent();
increaseRunning();
} else {
- kDebug() << "security Trans failed.";
+// kDebug() << "security Trans failed.";
notifyUpdates();
}
} else {
- kDebug() << "No security updates.";
+// kDebug() << "No security updates.";
notifyUpdates();
}
}
@@ -307,7 +304,7 @@
void KpkUpdateIcon::handleUpdateAction(uint action)
{
- qDebug() << "action" << action;
+// kDebug() << "action" << action;
switch(action) {
case 1:
showUpdates();
@@ -329,7 +326,7 @@
void KpkUpdateIcon::handleUpdateActionClosed()
{
- kDebug();
+// kDebug();
m_updateNotify = 0;
decreaseRunning();
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/SmartIcon/main.cpp new/KPackageKit/SmartIcon/main.cpp
--- old/KPackageKit/SmartIcon/main.cpp 2009-06-05 04:29:39.000000000 +0200
+++ new/KPackageKit/SmartIcon/main.cpp 2009-06-11 04:46:09.000000000 +0200
@@ -50,6 +50,5 @@
}
kpackagekit::KPackageKit_Smart_Icon app;
- app.exec();
- return 0;
+ return app.exec();
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/Updater/KpkUpdate.cpp new/KPackageKit/Updater/KpkUpdate.cpp
--- old/KPackageKit/Updater/KpkUpdate.cpp 2009-06-05 04:29:40.000000000 +0200
+++ new/KPackageKit/Updater/KpkUpdate.cpp 2009-06-11 04:46:09.000000000 +0200
@@ -38,7 +38,7 @@
{
setupUi(this);
- updatePB->setIcon(KpkIcons::getIcon("package-update"));
+ selectAllPB->setIcon(KpkIcons::getIcon("package-update"));
refreshPB->setIcon(KpkIcons::getIcon("view-refresh"));
historyPB->setIcon(KpkIcons::getIcon("view-history"));
transactionBar->setBehaviors(KpkTransactionBar::AutoHide);
@@ -91,10 +91,9 @@
}
}
-void KpkUpdate::on_updatePB_clicked()
+void KpkUpdate::on_selectAllPB_clicked()
{
m_pkg_model_updates->checkAll();
- applyUpdates();
}
void KpkUpdate::load()
@@ -214,7 +213,7 @@
void KpkUpdate::on_historyPB_clicked()
{
- KpkHistory *frm = new KpkHistory(this);
+ QPointer<KpkHistory> frm = new KpkHistory(this);
frm->exec();
delete frm;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/Updater/KpkUpdate.h new/KPackageKit/Updater/KpkUpdate.h
--- old/KPackageKit/Updater/KpkUpdate.h 2009-06-05 04:29:40.000000000 +0200
+++ new/KPackageKit/Updater/KpkUpdate.h 2009-06-11 04:46:09.000000000 +0200
@@ -50,7 +50,7 @@
void refresh();
private slots:
- void on_updatePB_clicked();
+ void on_selectAllPB_clicked();
void on_refreshPB_clicked();
void on_historyPB_clicked();
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/Updater/KpkUpdate.ui new/KPackageKit/Updater/KpkUpdate.ui
--- old/KPackageKit/Updater/KpkUpdate.ui 2009-06-05 04:29:40.000000000 +0200
+++ new/KPackageKit/Updater/KpkUpdate.ui 2009-06-11 04:46:09.000000000 +0200
@@ -1,7 +1,8 @@
-<ui version="4.0" >
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
<class>KpkUpdate</class>
- <widget class="QWidget" name="KpkUpdate" >
- <property name="geometry" >
+ <widget class="QWidget" name="KpkUpdate">
+ <property name="geometry">
<rect>
<x>0</x>
<y>0</y>
@@ -9,100 +10,100 @@
<height>423</height>
</rect>
</property>
- <property name="locale" >
- <locale country="UnitedStates" language="English" />
+ <property name="locale">
+ <locale language="English" country="UnitedStates"/>
</property>
- <layout class="QGridLayout" name="gridLayout" >
- <property name="margin" >
+ <layout class="QGridLayout" name="gridLayout">
+ <property name="margin">
<number>0</number>
</property>
- <item row="2" column="0" >
- <widget class="QTreeView" name="packageView" >
- <property name="sizePolicy" >
- <sizepolicy vsizetype="MinimumExpanding" hsizetype="Expanding" >
+ <item row="2" column="0">
+ <widget class="QTreeView" name="packageView">
+ <property name="sizePolicy">
+ <sizepolicy hsizetype="Expanding" vsizetype="MinimumExpanding">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
- <property name="horizontalScrollBarPolicy" >
+ <property name="horizontalScrollBarPolicy">
<enum>Qt::ScrollBarAlwaysOff</enum>
</property>
- <property name="autoScroll" >
+ <property name="autoScroll">
<bool>false</bool>
</property>
- <property name="showDropIndicator" stdset="0" >
+ <property name="showDropIndicator" stdset="0">
<bool>false</bool>
</property>
- <property name="alternatingRowColors" >
+ <property name="alternatingRowColors">
<bool>true</bool>
</property>
- <property name="rootIsDecorated" >
+ <property name="rootIsDecorated">
<bool>true</bool>
</property>
- <property name="itemsExpandable" >
+ <property name="itemsExpandable">
<bool>true</bool>
</property>
- <property name="sortingEnabled" >
+ <property name="sortingEnabled">
<bool>true</bool>
</property>
- <property name="animated" >
+ <property name="animated">
<bool>false</bool>
</property>
- <property name="allColumnsShowFocus" >
+ <property name="allColumnsShowFocus">
<bool>false</bool>
</property>
- <property name="headerHidden" >
+ <property name="headerHidden">
<bool>false</bool>
</property>
- <property name="expandsOnDoubleClick" >
+ <property name="expandsOnDoubleClick">
<bool>true</bool>
</property>
</widget>
</item>
- <item row="3" column="0" >
- <widget class="KpkTransactionBar" native="1" name="transactionBar" />
+ <item row="3" column="0">
+ <widget class="KpkTransactionBar" name="transactionBar" native="true"/>
</item>
- <item row="4" column="0" >
- <layout class="QHBoxLayout" name="horizontalLayout_2" >
+ <item row="4" column="0">
+ <layout class="QHBoxLayout" name="horizontalLayout_2">
<item>
- <widget class="KPushButton" name="updatePB" >
- <property name="text" >
- <string>Apply all available updates</string>
+ <widget class="KPushButton" name="selectAllPB">
+ <property name="text">
+ <string>Select all updates</string>
</property>
</widget>
</item>
<item>
- <widget class="KPushButton" name="refreshPB" >
- <property name="text" >
+ <widget class="KPushButton" name="refreshPB">
+ <property name="text">
<string>Refresh</string>
</property>
</widget>
</item>
<item>
- <widget class="KPushButton" name="historyPB" >
- <property name="text" >
+ <widget class="KPushButton" name="historyPB">
+ <property name="text">
<string>History</string>
</property>
</widget>
</item>
</layout>
</item>
- <item row="0" column="0" >
- <widget class="QScrollArea" name="distroUpgradesSA" >
- <property name="maximumSize" >
+ <item row="0" column="0">
+ <widget class="QScrollArea" name="distroUpgradesSA">
+ <property name="maximumSize">
<size>
<width>16777215</width>
<height>100</height>
</size>
</property>
- <property name="frameShadow" >
+ <property name="frameShadow">
<enum>QFrame::Sunken</enum>
</property>
- <property name="widgetResizable" >
+ <property name="widgetResizable">
<bool>true</bool>
</property>
- <widget class="QWidget" name="scrollAreaWidgetContents" >
- <property name="geometry" >
+ <widget class="QWidget" name="scrollAreaWidgetContents">
+ <property name="geometry">
<rect>
<x>0</x>
<y>0</y>
@@ -110,13 +111,13 @@
<height>94</height>
</rect>
</property>
- <layout class="QVBoxLayout" name="verticalLayout" />
+ <layout class="QVBoxLayout" name="verticalLayout"/>
</widget>
</widget>
</item>
- <item row="1" column="0" >
- <widget class="Line" name="line" >
- <property name="orientation" >
+ <item row="1" column="0">
+ <widget class="Line" name="line">
+ <property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
</widget>
@@ -132,7 +133,7 @@
<customwidget>
<class>KpkTransactionBar</class>
<extends>QWidget</extends>
- <header location="global" >KpkTransactionBar.h</header>
+ <header location="global">KpkTransactionBar.h</header>
<container>1</container>
</customwidget>
</customwidgets>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/libkpackagekit/KpkPackageModel.cpp new/KPackageKit/libkpackagekit/KpkPackageModel.cpp
--- old/KPackageKit/libkpackagekit/KpkPackageModel.cpp 2009-06-05 04:29:41.000000000 +0200
+++ new/KPackageKit/libkpackagekit/KpkPackageModel.cpp 2009-06-11 04:46:09.000000000 +0200
@@ -86,32 +86,44 @@
if (column == 0) {
if (order == Qt::DescendingOrder) {
qSort(m_packages.begin(), m_packages.end(), packageNameSortGreaterThan);
- foreach(const Package::State &group, m_groups.keys()) {
- qSort(m_groups[group].begin(), m_groups[group].end(), packageNameSortGreaterThan);
+
+ QMap<Package::State, QList<Package*> >::const_iterator i = m_groups.constBegin();
+ while (i != m_groups.constEnd()) {
+ qSort(m_groups[i.key()].begin(), m_groups[i.key()].end(), packageNameSortGreaterThan);
+ ++i;
}
} else {
qSort(m_packages.begin(), m_packages.end(), packageNameSortLessThan);
- foreach(const Package::State &group, m_groups.keys()) {
- qSort(m_groups[group].begin(), m_groups[group].end(), packageNameSortLessThan);
+
+ QMap<Package::State, QList<Package*> >::const_iterator i = m_groups.constBegin();
+ while (i != m_groups.constEnd()) {
+ qSort(m_groups[i.key()].begin(), m_groups[i.key()].end(), packageNameSortLessThan);
+ ++i;
}
}
} else if (column == 1) {
if (order == Qt::DescendingOrder){
descendingSelectionSorter sort(m_checkedPackages);
qSort(m_packages.begin(), m_packages.end(), sort);
- foreach(const Package::State &group, m_groups.keys()) {
- qSort(m_groups[group].begin(), m_groups[group].end(), sort);
+
+ QMap<Package::State, QList<Package*> >::const_iterator i = m_groups.constBegin();
+ while (i != m_groups.constEnd()) {
+ qSort(m_groups[i.key()].begin(), m_groups[i.key()].end(), sort);
+ ++i;
}
} else {
ascendingSelectionSorter sort(m_checkedPackages);
qSort(m_packages.begin(), m_packages.end(), sort);
- foreach(const Package::State &group, m_groups.keys()) {
- qSort(m_groups[group].begin(), m_groups[group].end(), sort);
+
+ QMap<Package::State, QList<Package*> >::const_iterator i = m_groups.constBegin();
+ while (i != m_groups.constEnd()) {
+ qSort(m_groups[i.key()].begin(), m_groups[i.key()].end(), sort);
+ ++i;
}
}
}
if (m_grouped) {
- for (int i = 0;i<rowCount(QModelIndex());i++) {
+ for (int i = 0; i < rowCount(QModelIndex()); i++) {
QModelIndex group = index(i, 0);
emit dataChanged(index(0, 0, group), index(0, rowCount(group), group));
}
@@ -512,12 +524,14 @@
emit dataChanged(createIndex(0, 1),
createIndex(m_groups.size(), 1));
if (m_grouped) {
- foreach(const Package::State &group, m_groups.keys()) {
- QModelIndex groupIndex = index(m_groups.keys().indexOf(group), 0, QModelIndex());
+ QMap<Package::State, QList<Package*> >::const_iterator i = m_groups.constBegin();
+ while (i != m_groups.constEnd()) {
+ QModelIndex groupIndex = index(m_groups.keys().indexOf(i.key()), 0, QModelIndex());
emit dataChanged(index(0, 1, groupIndex),
- index(m_groups[group].size(),
+ index(m_groups[i.key()].size(),
1,
groupIndex));
+ ++i;
}
}
}
@@ -533,12 +547,14 @@
emit dataChanged(createIndex(0, 1),
createIndex(m_groups.size(), 1));
if (m_grouped) {
- foreach(const Package::State &group, m_groups.keys()) {
- QModelIndex groupIndex = index(m_groups.keys().indexOf(group), 0, QModelIndex());
+ QMap<Package::State, QList<Package*> >::const_iterator i = m_groups.constBegin();
+ while (i != m_groups.constEnd()) {
+ QModelIndex groupIndex = index(m_groups.keys().indexOf(i.key()), 0, QModelIndex());
emit dataChanged(index(0, 1, groupIndex),
- index(m_groups[group].size(),
+ index(m_groups[i.key()].size(),
1,
groupIndex));
+ ++i;
}
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/libkpackagekit/KpkReviewChanges.cpp new/KPackageKit/libkpackagekit/KpkReviewChanges.cpp
--- old/KPackageKit/libkpackagekit/KpkReviewChanges.cpp 2009-06-05 04:29:41.000000000 +0200
+++ new/KPackageKit/libkpackagekit/KpkReviewChanges.cpp 2009-06-11 04:46:09.000000000 +0200
@@ -142,8 +142,9 @@
connect(m_transactionReq, SIGNAL(errorCode(PackageKit::Client::ErrorType, const QString &)),
this, SLOT(errorCode(PackageKit::Client::ErrorType, const QString &)));
// Create a Transaction dialog to don't upset the user
- KpkTransaction* reqFinder = new KpkTransaction(m_transactionReq, KpkTransaction::CloseOnFinish | KpkTransaction::Modal, this);
+ QPointer<KpkTransaction> reqFinder = new KpkTransaction(m_transactionReq, KpkTransaction::CloseOnFinish | KpkTransaction::Modal, this);
reqFinder->exec();
+ delete reqFinder;
} else {
removePackages();
}
@@ -165,8 +166,9 @@
connect(m_transactionDep, SIGNAL(errorCode(PackageKit::Client::ErrorType, const QString &)),
this, SLOT(errorCode(PackageKit::Client::ErrorType, const QString &)));
// Create a Transaction dialog to don't upset the user
- KpkTransaction* reqFinder = new KpkTransaction(m_transactionDep, KpkTransaction::Modal | KpkTransaction::CloseOnFinish, this);
+ QPointer<KpkTransaction> reqFinder = new KpkTransaction(m_transactionDep, KpkTransaction::CloseOnFinish | KpkTransaction::Modal, this);
reqFinder->exec();
+ delete reqFinder;
} else {
installPackages();
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/libkpackagekit/KpkStrings.cpp new/KPackageKit/libkpackagekit/KpkStrings.cpp
--- old/KPackageKit/libkpackagekit/KpkStrings.cpp 2009-06-05 04:29:40.000000000 +0200
+++ new/KPackageKit/libkpackagekit/KpkStrings.cpp 2009-06-11 04:46:09.000000000 +0200
@@ -666,28 +666,28 @@
} else {
switch (state) {
case Package::StateLow :
- return i18np("1 trivial update", "%1 trivial updates, %2 selected", updates, selected);
+ return i18np("%1 trivial update", "%1 trivial updates, %2 selected", updates, selected);
case Package::StateNormal :
return i18ncp("Type of update, in the case it's just an update",
- "1 update", "%1 updates, %2 selected", updates, selected);
+ "%1 update", "%1 updates, %2 selected", updates, selected);
case Package::StateImportant :
- return i18np("1 important update", "%1 important updates, %2 selected", updates, selected);
+ return i18np("%1 important update", "%1 important updates, %2 selected", updates, selected);
case Package::StateSecurity :
- return i18np("1 security update", "%1 security updates, %2 selected", updates, selected);
+ return i18np("%1 security update", "%1 security updates, %2 selected", updates, selected);
case Package::StateBugfix :
- return i18np("1 bug fix update", "%1 bug fix updates, %2 selected", updates, selected);
+ return i18np("%1 bug fix update", "%1 bug fix updates, %2 selected", updates, selected);
case Package::StateEnhancement :
- return i18np("1 enhancement update", "%1 enhancement updates, %2 selected", updates, selected);
+ return i18np("%1 enhancement update", "%1 enhancement updates, %2 selected", updates, selected);
case Package::StateBlocked :
// Blocked updates aren't selectable
- return i18np("1 blocked update", "%1 blocked updates", updates);
+ return i18np("%1 blocked update", "%1 blocked updates", updates);
case Package::StateInstalled :
- return i18np("1 installed package", "%1 installed packages, %2 selected to be removed", updates, selected);
+ return i18np("%1 installed package", "%1 installed packages, %2 selected to be removed", updates, selected);
case Package::StateAvailable :
- return i18np("1 available package", "%1 available packages, %2 selected to be installed", updates, selected);
+ return i18np("%1 available package", "%1 available packages, %2 selected to be installed", updates, selected);
default : // In this case we don't want to map all enums
kDebug() << "update info unrecognised: " << state;
- return i18np("1 unknown update", "%1 unknown updates", updates);
+ return i18np("%1 unknown update", "%1 unknown updates", updates);
}
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/libkpackagekit/KpkTransaction.cpp new/KPackageKit/libkpackagekit/KpkTransaction.cpp
--- old/KPackageKit/libkpackagekit/KpkTransaction.cpp 2009-06-05 04:29:41.000000000 +0200
+++ new/KPackageKit/libkpackagekit/KpkTransaction.cpp 2009-06-11 04:46:09.000000000 +0200
@@ -200,53 +200,51 @@
void KpkTransaction::finishedDialog()
{
- slotButtonClicked(KDialog::User1);
+ if (!d->finished) {
+ // We are going to hide the transaction,
+ // which can make the user even close System Settings or KPackageKit
+ // so we call the tray icon to keep watching the transaction so if the
+ // transaction receives some error we can display them
+ QDBusMessage message;
+ message = QDBusMessage::createMethodCall("org.kde.KPackageKitSmartIcon",
+ "/",
+ "org.kde.KPackageKitSmartIcon",
+ QLatin1String("WatchTransaction"));
+ message << qVariantFromValue(m_trans->tid());
+ QDBusMessage reply = QDBusConnection::sessionBus().call(message);
+ if (reply.type() != QDBusMessage::ReplyMessage) {
+ kWarning() << "Message did not receive a reply";
+ }
+ // Always disconnect BEFORE emitting finished
+ m_trans->disconnect();
+ emit kTransactionFinished(Success);
+ }
}
void KpkTransaction::slotButtonClicked(int button)
{
switch(button) {
- case KDialog::Cancel :
- kDebug() << "KDialog::Cancel";
- m_trans->cancel();
- m_flags |= CloseOnFinish;
- break;
- case KDialog::User1 :
- kDebug() << "KDialog::User1";
- if (!d->finished) {
- // We are going to hide the transaction,
- // which can make the user even close System Settings or KPackageKit
- // so we call the tray icon to keep watching the transaction so if the
- // transaction receives some error we can display them
- QDBusMessage message;
- message = QDBusMessage::createMethodCall("org.kde.KPackageKitSmartIcon",
- "/",
- "org.kde.KPackageKitSmartIcon",
- QLatin1String("WatchTransaction"));
- message << qVariantFromValue(m_trans->tid());
- QDBusMessage reply = QDBusConnection::sessionBus().call(message);
- if (reply.type() != QDBusMessage::ReplyMessage) {
- kWarning() << "Message did not receive a reply";
- }
- // Always disconnect BEFORE emitting finished
- m_trans->disconnect();
- emit kTransactionFinished(Success);
- }
- // If you call Close it will
- // come back to hunt you with Cancel
- done(KDialog::User1);
- break;
- case KDialog::Close :
- kDebug() << "KDialog::Close";
- // Always disconnect BEFORE emitting finished
- m_trans->disconnect();
- emit kTransactionFinished(Cancelled);
- done(KDialog::Close);
- break;
- case KDialog::Details :
- d->showDetails = !d->showDetails;
- default : // Should be only details
- KDialog::slotButtonClicked(button);
+ case KDialog::Cancel :
+ kDebug() << "KDialog::Cancel";
+ m_trans->cancel();
+ m_flags |= CloseOnFinish;
+ break;
+ case KDialog::User1 :
+ kDebug() << "KDialog::User1";
+ // when we're done finishedDialog() is called
+ done(KDialog::User1);
+ break;
+ case KDialog::Close :
+ kDebug() << "KDialog::Close";
+ // Always disconnect BEFORE emitting finished
+ m_trans->disconnect();
+ emit kTransactionFinished(Cancelled);
+ done(KDialog::Close);
+ break;
+ case KDialog::Details :
+ d->showDetails = !d->showDetails;
+ default : // Should be only details
+ KDialog::slotButtonClicked(button);
}
}
@@ -344,10 +342,11 @@
m_handlingActionRequired = true;
}
- KpkLicenseAgreement *frm = new KpkLicenseAgreement(info, true, this);
+ QPointer<KpkLicenseAgreement> frm = new KpkLicenseAgreement(info, true, this);
if (frm->exec() == KDialog::Yes && Client::instance()->acceptEula(info)) {
m_handlingActionRequired = false;
}
+ delete frm;
// Well try again, if fail will show the erroCode
emit kTransactionFinished(ReQueue);
@@ -388,12 +387,14 @@
m_handlingActionRequired = true;
}
- KpkRepoSig *frm = new KpkRepoSig(info, true, this);
+ QPointer<KpkRepoSig> frm = new KpkRepoSig(info, true, this);
if (frm->exec() == KDialog::Yes &&
Client::instance()->installSignature(info.type, info.keyId, info.package)) {
m_handlingActionRequired = false;
}
- kDebug() << "Requeue!";
+ delete frm;
+
+// kDebug() << "Requeue!";
emit kTransactionFinished(ReQueue);
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/KPackageKit/libkpackagekit/version.h new/KPackageKit/libkpackagekit/version.h
--- old/KPackageKit/libkpackagekit/version.h 2009-06-05 04:48:25.000000000 +0200
+++ new/KPackageKit/libkpackagekit/version.h 2009-06-11 04:46:09.000000000 +0200
@@ -20,5 +20,5 @@
#ifndef KPKVERSION_H
#define KPKVERSION_H
-#define KPK_VERSION "0.4.1"
+#define KPK_VERSION "0.4.1.1"
#endif
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
![](https://seccdn.libravatar.org/avatar/e2145bc5cf53dda95c308a3c75e8fef3.jpg?s=120&d=mm&r=g)
28 Jul '09
Hello community,
here is the log from the commit of package krb5-plugin-preauth-pkinit-nss for openSUSE:Factory
checked in at Tue Jul 28 00:01:30 CEST 2009.
--------
--- krb5-plugin-preauth-pkinit-nss/krb5-plugin-preauth-pkinit-nss.changes 2009-07-16 14:50:37.000000000 +0200
+++ krb5-plugin-preauth-pkinit-nss/krb5-plugin-preauth-pkinit-nss.changes 2009-07-27 10:12:52.000000000 +0200
@@ -1,0 +2,7 @@
+Mon Jul 27 10:10:51 CEST 2009 - mc(a)novell.com
+
+- version 0.7.8
+ * upstream support for krb5 1.7 release.
+ * Refuse to participate when the client is using armoring.
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
fix-1.7.patch
pkinit-nss-0.7.7-1.tar.bz2
New:
----
pkinit-nss-0.7.8-1.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ krb5-plugin-preauth-pkinit-nss.spec ++++++
--- /var/tmp/diff_new_pack.bDT6c2/_old 2009-07-28 00:01:01.000000000 +0200
+++ /var/tmp/diff_new_pack.bDT6c2/_new 2009-07-28 00:01:01.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package krb5-plugin-preauth-pkinit-nss (Version 0.7.7)
+# spec file for package krb5-plugin-preauth-pkinit-nss (Version 0.7.8)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -19,8 +19,8 @@
Name: krb5-plugin-preauth-pkinit-nss
-Version: 0.7.7
-Release: 8
+Version: 0.7.8
+Release: 1
BuildRequires: keyutils-devel krb5-devel >= 1.6.1 mozilla-nss-devel >= 3.11.2 pkgconfig
Summary: MIT Kerberos5 Implementation--PKINIT preauth Plugin
License: LGPL v2.1 or later
@@ -31,7 +31,6 @@
Source: pkinit-nss-%{version}-1.tar.bz2
Patch0: pkinit-nss-0.6.1-match-default-realms.patch
Patch1: pkinit-nss-0.7.2-1-documentation.dif
-Patch2: fix-1.7.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -48,7 +47,6 @@
%setup -q -n pkinit-nss-%{version}-1
%patch0
%patch1
-%patch2 -p1
%build
#autoreconf -i -f
++++++ pkinit-nss-0.7.7-1.tar.bz2 -> pkinit-nss-0.7.8-1.tar.bz2 ++++++
++++ 59308 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/Makefile.am new/pkinit-nss-0.7.8-1/Makefile.am
--- old/pkinit-nss-0.7.7-1/Makefile.am 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/Makefile.am 2009-07-20 10:01:54.000000000 +0200
@@ -7,7 +7,8 @@
$(top_srcdir)/backport/*.h \
$(top_srcdir)/backport-1.6/krb5/*.h \
$(top_srcdir)/backport-1.6.1/krb5/*.h \
- $(top_srcdir)/backport-1.6.3/krb5/*.h
+ $(top_srcdir)/backport-1.6.3/krb5/*.h \
+ $(top_srcdir)/backport-1.7/krb5/*.h
VERSION=$(shell rpm -q --specfile $(top_srcdir)/pkinit-nss.spec --define 'dist %{nil}' --qf '%{version}\n' | head -n1)
RELEASE=$(shell rpm -q --specfile $(top_srcdir)/pkinit-nss.spec --define 'dist %{nil}' --qf '%{release}\n' | head -n1)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/NEWS new/pkinit-nss-0.7.8-1/NEWS
--- old/pkinit-nss-0.7.7-1/NEWS 2008-09-04 10:24:53.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/NEWS 2009-07-20 10:01:54.000000000 +0200
@@ -1,3 +1,7 @@
+0.7.8
+* Learn about the 1.7 release.
+* Refuse to participate when the client is using armoring.
+
0.7.7
* Learn to match certificates on email addresses, and to handle references to
parts of the relevant principal name in matching rules.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/backport-1.7/krb5/preauth_plugin.h new/pkinit-nss-0.7.8-1/backport-1.7/krb5/preauth_plugin.h
--- old/pkinit-nss-0.7.7-1/backport-1.7/krb5/preauth_plugin.h 1970-01-01 01:00:00.000000000 +0100
+++ new/pkinit-nss-0.7.8-1/backport-1.7/krb5/preauth_plugin.h 2009-07-20 10:01:54.000000000 +0200
@@ -0,0 +1,526 @@
+/*
+ * <krb5/preauth_plugin.h>
+ *
+ * Copyright (c) 2006 Red Hat, Inc.
+ * Portions copyright (c) 2006 Massachusetts Institute of Technology
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Red Hat, Inc., nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * Preauthentication plugin definitions for Kerberos 5.
+ */
+
+#ifndef KRB5_PREAUTH_PLUGIN_H_INCLUDED
+#define KRB5_PREAUTH_PLUGIN_H_INCLUDED
+#include <krb5/krb5.h>
+
+/*
+ * While arguments of these types are passed-in, for the most part a preauth
+ * module can treat them as opaque. If we need keying data, we can ask for
+ * it directly.
+ */
+struct _krb5_db_entry_new;
+struct _krb5_key_data;
+struct _krb5_preauth_client_rock;
+
+/*
+ * Preauth mechanism property flags, unified from previous definitions in the
+ * KDC and libkrb5 sources.
+ */
+
+/* Provides a real answer which we can send back to the KDC (client-only). The
+ * client assumes that one real answer will be enough. */
+#define PA_REAL 0x00000001
+
+/* Doesn't provide a real answer, but must be given a chance to run before any
+ * REAL mechanism callbacks (client-only). */
+#define PA_INFO 0x00000002
+
+/* Causes the KDC to include this mechanism in a list of supported preauth
+ * types if the user's DB entry flags the user as requiring hardware-based
+ * preauthentication (server-only). */
+#define PA_HARDWARE 0x00000004
+
+/* Causes the KDC to include this mechanism in a list of supported preauth
+ * types if the user's DB entry flags the user as requiring preauthentication,
+ * and to fail preauthentication if we can't verify the client data. The
+ * flipside of PA_SUFFICIENT (server-only). */
+#define PA_REQUIRED 0x00000008
+
+/* Causes the KDC to include this mechanism in a list of supported preauth
+ * types if the user's DB entry flags the user as requiring preauthentication,
+ * and to mark preauthentication as successful if we can verify the client
+ * data. The flipside of PA_REQUIRED (server-only). */
+#define PA_SUFFICIENT 0x00000010
+
+/* Marks this preauthentication mechanism as one which changes the key which is
+ * used for encrypting the response to the client. Modules which have this
+ * flag have their server_return_proc called before modules which do not, and
+ * are passed over if a previously-called module has modified the encrypting
+ * key (server-only). */
+#define PA_REPLACES_KEY 0x00000020
+
+/* Causes the KDC to check with this preauthentication module even if the
+ * client has no entry in the realm database. If the module returns a success
+ * code, continue processing and assume that its return_padata callback will
+ * supply us with a key for encrypting the AS reply (server-only). */
+/* #define PA_VIRTUAL (0x00000040 | PA_REPLACES_KEY) */
+
+/* Not really a padata type, so don't include it in any list of preauth types
+ * which gets sent over the wire. */
+#define PA_PSEUDO 0x00000080
+
+
+/***************************************************************************
+ *
+ * Client-side preauthentication plugin interface definition.
+ *
+ ***************************************************************************/
+
+/*
+ * A callback which will obtain the user's long-term AS key by prompting the
+ * user for the password, then salting it properly, and so on. For the moment,
+ * it's identical to the get_as_key callback used inside of libkrb5, but we
+ * define a new typedef here instead of making the existing one public to
+ * isolate ourselves from potential future changes.
+ */
+typedef krb5_error_code
+(*preauth_get_as_key_proc)(krb5_context,
+ krb5_principal,
+ krb5_enctype,
+ krb5_prompter_fct,
+ void *prompter_data,
+ krb5_data *salt,
+ krb5_data *s2kparams,
+ krb5_keyblock *as_key,
+ void *gak_data);
+
+/*
+ * A client module's callback functions are allowed to request various
+ * information to enable it to process a request.
+ */
+enum krb5plugin_preauth_client_request_type {
+ /* The returned krb5_data item holds the enctype expected to be used to encrypt the
+ * encrypted portion of the AS_REP packet. When handling a
+ * PREAUTH_REQUIRED error, this typically comes from etype-info2.
+ * When handling an AS reply, it is initialized from the AS reply itself.*/
+ krb5plugin_preauth_client_get_etype = 1,
+ /* Free the data returned from krb5plugin_preauth_client_req_get_etype */
+ krb5plugin_preauth_client_free_etype = 2,
+ /* The returned krb5_data contains the FAST armor key in a
+ * krb5_keyblock. Returns success with a NULL data item in the
+ * krb5_data if the client library supports FAST but is not using it.*/
+ krb5plugin_preauth_client_fast_armor = 3,
+ /* Frees return from KRB5PLUGIN_PREAUTH_CLIENT_FAST_ARMOR. It is
+ * acceptable to set data to NULL and free the keyblock using
+ * krb5_free_keyblock; in that case, this frees the krb5_data
+ * only.*/
+krb5plugin_preauth_client_free_fast_armor = 4,
+};
+typedef krb5_error_code
+(*preauth_get_client_data_proc)(krb5_context,
+ struct _krb5_preauth_client_rock *,
+ krb5_int32 request_type,
+ krb5_data **);
+
+/* Per-plugin initialization/cleanup. The init function is called
+ * by libkrb5 when the plugin is loaded, and the fini function is
+ * called before the plugin is unloaded. Both are optional and
+ * may be called multiple times in case the plugin is used in
+ * multiple contexts. The returned context lives the lifetime of
+ * the krb5_context */
+typedef krb5_error_code
+(*preauth_client_plugin_init_proc)(krb5_context context,
+ void **plugin_context);
+typedef void
+(*preauth_client_plugin_fini_proc)(krb5_context context,
+ void *plugin_context);
+
+/* A callback which returns flags indicating if the module is a "real" or
+ * an "info" mechanism, and so on. This function is called for each entry
+ * in the client_pa_type_list. */
+typedef int
+(*preauth_client_get_flags_proc)(krb5_context context,
+ krb5_preauthtype pa_type);
+
+/* Per-request initialization/cleanup. The request_init function is
+ * called when beginning to process a get_init_creds request and the
+ * request_fini function is called when processing of the request is
+ * complete. This is optional. It may be called multiple times in
+ * the lifetime of a krb5_context. */
+typedef void
+(*preauth_client_request_init_proc)(krb5_context context,
+ void *plugin_context,
+ void **request_context);
+typedef void
+(*preauth_client_request_fini_proc)(krb5_context context,
+ void *plugin_context,
+ void *request_context);
+
+/* Client function which processes server-supplied data in pa_data,
+ * returns created data in out_pa_data, storing any of its own state in
+ * client_context if data for the associated preauthentication type is
+ * needed. It is also called after the AS-REP is received if the AS-REP
+ * includes preauthentication data of the associated type.
+ * NOTE! the encoded_previous_request will be NULL the first time this
+ * function is called, because it is expected to only ever contain the data
+ * obtained from a previous call to this function. */
+typedef krb5_error_code
+(*preauth_client_process_proc)(krb5_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_get_init_creds_opt *opt,
+ preauth_get_client_data_proc get_data_proc,
+ struct _krb5_preauth_client_rock *rock,
+ krb5_kdc_req *request,
+ krb5_data *encoded_request_body,
+ krb5_data *encoded_previous_request,
+ krb5_pa_data *pa_data,
+ krb5_prompter_fct prompter,
+ void *prompter_data,
+ preauth_get_as_key_proc gak_fct,
+ void *gak_data,
+ krb5_data *salt,
+ krb5_data *s2kparams,
+ krb5_keyblock *as_key,
+ krb5_pa_data ***out_pa_data);
+
+/* Client function which can attempt to use e-data in the error response to
+ * try to recover from the given error. If this function is not NULL, and
+ * it stores data in out_pa_data which is different data from the contents
+ * of in_pa_data, then the client library will retransmit the request. */
+typedef krb5_error_code
+(*preauth_client_tryagain_proc)(krb5_context context,
+ void *plugin_context,
+ void *request_context,
+ krb5_get_init_creds_opt *opt,
+ preauth_get_client_data_proc get_data_proc,
+ struct _krb5_preauth_client_rock *rock,
+ krb5_kdc_req *request,
+ krb5_data *encoded_request_body,
+ krb5_data *encoded_previous_request,
+ krb5_pa_data *in_pa_data,
+ krb5_error *error,
+ krb5_prompter_fct prompter,
+ void *prompter_data,
+ preauth_get_as_key_proc gak_fct,
+ void *gak_data,
+ krb5_data *salt,
+ krb5_data *s2kparams,
+ krb5_keyblock *as_key,
+ krb5_pa_data ***out_pa_data);
+
+/*
+ * Client function which receives krb5_get_init_creds_opt information.
+ * The attr and value information supplied should be copied locally by
+ * the module if it wishes to reference it after returning from this call.
+ */
+typedef krb5_error_code
+(*preauth_client_supply_gic_opts_proc)(krb5_context context,
+ void *plugin_context,
+ krb5_get_init_creds_opt *opt,
+ const char *attr,
+ const char *value);
+
+/*
+ * The function table / structure which a preauth client module must export as
+ * "preauthentication_client_0". If the interfaces work correctly, future
+ * versions of the table will add either more callbacks or more arguments to
+ * callbacks, and in both cases we'll be able to wrap the v0 functions.
+ */
+typedef struct krb5plugin_preauth_client_ftable_v1 {
+ /* Not-usually-visible name. */
+ char *name;
+
+ /* Pointer to zero-terminated list of pa_types which this module can
+ * provide services for. */
+ krb5_preauthtype *pa_type_list;
+
+ /* Pointer to zero-terminated list of enc_types which this module claims
+ * to add support for. */
+ krb5_enctype *enctype_list;
+
+ /* Per-plugin initialization/cleanup. The init function is called
+ * by libkrb5 when the plugin is loaded, and the fini function is
+ * called before the plugin is unloaded. Both are optional and
+ * may be called multiple times in case the plugin is used in
+ * multiple contexts. The returned context lives the lifetime of
+ * the krb5_context */
+ preauth_client_plugin_init_proc init;
+ preauth_client_plugin_fini_proc fini;
+
+ /* A callback which returns flags indicating if the module is a "real" or
+ * an "info" mechanism, and so on. This function is called for each entry
+ * in the client_pa_type_list. */
+ preauth_client_get_flags_proc flags;
+
+ /* Per-request initialization/cleanup. The request_init function is
+ * called when beginning to process a get_init_creds request and the
+ * request_fini function is called when processing of the request is
+ * complete. This is optional. It may be called multiple times in
+ * the lifetime of a krb5_context. */
+ preauth_client_request_init_proc request_init;
+ preauth_client_request_fini_proc request_fini;
+
+ /* Client function which processes server-supplied data in pa_data,
+ * returns created data in out_pa_data, storing any of its own state in
+ * client_context if data for the associated preauthentication type is
+ * needed. It is also called after the AS-REP is received if the AS-REP
+ * includes preauthentication data of the associated type.
+ * NOTE! the encoded_previous_request will be NULL the first time this
+ * function is called, because it is expected to only ever contain the data
+ * obtained from a previous call to this function. */
+ preauth_client_process_proc process;
+
+ /* Client function which can attempt to use e-data in the error response to
+ * try to recover from the given error. If this function is not NULL, and
+ * it stores data in out_pa_data which is different data from the contents
+ * of in_pa_data, then the client library will retransmit the request. */
+ preauth_client_tryagain_proc tryagain;
+
+ /*
+ * Client function which receives krb5_get_init_creds_opt information.
+ * The attr and value information supplied should be copied locally by
+ * the module if it wishes to reference it after returning from this call.
+ */
+ preauth_client_supply_gic_opts_proc gic_opts;
+
+} krb5plugin_preauth_client_ftable_v1;
+
+
+/***************************************************************************
+ *
+ * Server-side preauthentication plugin interface definition.
+ *
+ ***************************************************************************/
+
+/*
+ * A server module's callback functions are allowed to request specific types
+ * of information about the given client or server record or request, even
+ * though the database records themselves are opaque to the module.
+ */
+enum krb5plugin_preauth_entry_request_type {
+ /* The returned krb5_data item holds a DER-encoded X.509 certificate. */
+ krb5plugin_preauth_entry_request_certificate = 1,
+ /* The returned krb5_data_item holds a krb5_deltat. */
+ krb5plugin_preauth_entry_max_time_skew = 2,
+ /* The returned krb5_data_item holds an array of krb5_keyblock structures,
+ * terminated by an entry with key type = 0.
+ * Each keyblock should have its contents freed in turn, and then the data
+ * item itself should be freed. */
+ krb5plugin_preauth_keys = 3,
+ /* The returned krb5_data_item holds the request structure, re-encoded
+ * using DER. Unless the client implementation is the same as the server
+ * implementation, there's a good chance that the result will not match
+ * what the client sent, so don't go creating any fatal errors if it
+ * doesn't match up. */
+ krb5plugin_preauth_request_body = 4,
+ /* The returned krb5_data contains a krb5_keyblock with the FAST
+ armor key. The data member is NULL if this method is not part
+ of a FAST tunnel */
+ krb5plugin_preauth_fast_armor = 5,
+ /* Frees a fast armor key; it is acceptable to set data to NULL
+ and free the keyblock using krb5_free_keyblock; in that case,
+ this function simply frees the data*/
+ krb5plugin_preauth_free_fast_armor = 6,
+ };
+
+typedef krb5_error_code
+(*preauth_get_entry_data_proc)(krb5_context,
+ krb5_kdc_req *,
+ struct _krb5_db_entry_new *,
+ krb5_int32 request_type,
+ krb5_data **);
+
+/* Preauth plugin initialization function */
+typedef krb5_error_code
+(*preauth_server_init_proc)(krb5_context context,
+ void **plugin_context,
+ const char** realmnames);
+
+/* Preauth plugin cleanup function */
+typedef void
+(*preauth_server_fini_proc)(krb5_context context, void *plugin_context);
+
+/* Return the flags which the KDC should use for this module. This is a
+ * callback instead of a static value because the module may or may not
+ * wish to count itself as a hardware preauthentication module (in other
+ * words, the flags may be affected by the configuration, for example if a
+ * site administrator can force a particular preauthentication type to be
+ * supported using only hardware). This function is called for each entry
+ * entry in the server_pa_type_list. */
+typedef int
+(*preauth_server_flags_proc)(krb5_context context, krb5_preauthtype patype);
+
+/* Get preauthentication data to send to the client as part of the "you
+ * need to use preauthentication" error. The module doesn't need to
+ * actually provide data if the protocol doesn't require it, but it should
+ * return either zero or non-zero to control whether its padata type is
+ * included in the list which is sent back to the client. Is not allowed
+ * to create a context because we have no guarantee that the client will
+ * ever call again (or that it will hit this server if it does), in which
+ * case a context might otherwise hang around forever. */
+typedef krb5_error_code
+(*preauth_server_edata_proc)(krb5_context,
+ krb5_kdc_req *request,
+ struct _krb5_db_entry_new *client,
+ struct _krb5_db_entry_new *server,
+ preauth_get_entry_data_proc,
+ void *pa_module_context,
+ krb5_pa_data *data);
+
+/* Verify preauthentication data sent by the client, setting the
+ * TKT_FLG_PRE_AUTH or TKT_FLG_HW_AUTH flag in the enc_tkt_reply's "flags"
+ * field as appropriate, and returning nonzero on failure. Can create
+ * context data for consumption by the return_proc or freepa_proc below. */
+typedef krb5_error_code
+(*preauth_server_verify_proc)(krb5_context context,
+ struct _krb5_db_entry_new *client,
+ krb5_data *req_pkt,
+ krb5_kdc_req *request,
+ krb5_enc_tkt_part *enc_tkt_reply,
+ krb5_pa_data *data,
+ preauth_get_entry_data_proc,
+ void *pa_module_context,
+ void **pa_request_context,
+ krb5_data **e_data,
+ krb5_authdata ***authz_data);
+
+/* Generate preauthentication response data to send to the client as part
+ * of the AS-REP. If it needs to override the key which is used to encrypt
+ * the response, it can do so. The module is expected (but not required,
+ * if a preauth_server_free_reqcontext_proc is also provided) to free any
+ * context data it saved in "pa_request_context". */
+typedef krb5_error_code
+(*preauth_server_return_proc)(krb5_context context,
+ krb5_pa_data * padata,
+ struct _krb5_db_entry_new *client,
+ krb5_data *req_pkt,
+ krb5_kdc_req *request,
+ krb5_kdc_rep *reply,
+ struct _krb5_key_data *client_keys,
+ krb5_keyblock *encrypting_key,
+ krb5_pa_data **send_pa,
+ preauth_get_entry_data_proc,
+ void *pa_module_context,
+ void **pa_request_context);
+
+/* Free up the server-side per-request context, in cases where
+ * server_return_proc() didn't or for whatever reason was not called.
+ * Can be NULL. */
+typedef krb5_error_code
+(*preauth_server_free_reqcontext_proc)(krb5_context,
+ void *pa_module_context,
+ void **request_pa_context);
+
+/*
+ * The function table / structure which a preauth server module must export as
+ * "preauthentication_server_0". NOTE: replace "0" with "1" for the type and
+ * variable names if this gets picked up by upstream. If the interfaces work
+ * correctly, future versions of the table will add either more callbacks or
+ * more arguments to callbacks, and in both cases we'll be able to wrap the v0
+ * functions.
+ */
+typedef struct krb5plugin_preauth_server_ftable_v1 {
+ /* Not-usually-visible name. */
+ char *name;
+
+ /* Pointer to zero-terminated list of pa_types which this module can
+ * provide services for. */
+ krb5_preauthtype *pa_type_list;
+
+ /* Per-plugin initialization/cleanup. The init function is called by the
+ * KDC when the plugin is loaded, and the fini function is called before
+ * the plugin is unloaded. Both are optional. */
+ preauth_server_init_proc init_proc;
+ preauth_server_fini_proc fini_proc;
+
+ /* Return the flags which the KDC should use for this module. This is a
+ * callback instead of a static value because the module may or may not
+ * wish to count itself as a hardware preauthentication module (in other
+ * words, the flags may be affected by the configuration, for example if a
+ * site administrator can force a particular preauthentication type to be
+ * supported using only hardware). This function is called for each entry
+ * entry in the server_pa_type_list. */
+ preauth_server_flags_proc flags_proc;
+
+ /* Get preauthentication data to send to the client as part of the "you
+ * need to use preauthentication" error. The module doesn't need to
+ * actually provide data if the protocol doesn't require it, but it should
+ * return either zero or non-zero to control whether its padata type is
+ * included in the list which is sent back to the client. Is not allowed
+ * to create a context because we have no guarantee that the client will
+ * ever call again (or that it will hit this server if it does), in which
+ * case a context might otherwise hang around forever. */
+ preauth_server_edata_proc edata_proc;
+
+ /* Verify preauthentication data sent by the client, setting the
+ * TKT_FLG_PRE_AUTH or TKT_FLG_HW_AUTH flag in the enc_tkt_reply's "flags"
+ * field as appropriate, and returning nonzero on failure. Can create
+ * context data for consumption by the return_proc or freepa_proc below. */
+ preauth_server_verify_proc verify_proc;
+
+ /* Generate preauthentication response data to send to the client as part
+ * of the AS-REP. If it needs to override the key which is used to encrypt
+ * the response, it can do so. The module is expected (but not required,
+ * if a freepa_proc is also provided) to free any context data it saved in
+ * "request_pa_context". */
+ preauth_server_return_proc return_proc;
+
+ /* Free up the server-side per-request context, in cases where
+ * server_return_proc() didn't or for whatever reason was not called.
+ * Can be NULL. */
+ preauth_server_free_reqcontext_proc freepa_reqcontext_proc;
+
+} krb5plugin_preauth_server_ftable_v1;
+
+
+/*
+ * This function allows a preauth plugin to obtain preauth
+ * options. The preauth_data returned from this function
+ * should be freed by calling krb5_get_init_creds_opt_free_pa().
+ *
+ * The 'opt' pointer supplied to this function must have been
+ * obtained using krb5_get_init_creds_opt_alloc()
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_get_init_creds_opt_get_pa
+ (krb5_context context,
+ krb5_get_init_creds_opt *opt,
+ int *num_preauth_data,
+ krb5_gic_opt_pa_data **preauth_data);
+
+/*
+ * This function frees the preauth_data that was returned by
+ * krb5_get_init_creds_opt_get_pa().
+ */
+void KRB5_CALLCONV
+krb5_get_init_creds_opt_free_pa
+ (krb5_context context,
+ int num_preauth_data,
+ krb5_gic_opt_pa_data *preauth_data);
+
+#endif /* KRB5_PREAUTH_PLUGIN_H_INCLUDED */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/config.h new/pkinit-nss-0.7.8-1/config.h
--- old/pkinit-nss-0.7.7-1/config.h 2008-09-05 11:26:43.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/config.h 2009-07-27 10:08:41.000000000 +0200
@@ -9,6 +9,10 @@
*/
#define BACKPORT_INTERFACE_1 1
+/* Define if the plugin interface includes information about whether or not
+ FAST is in use. */
+/* #undef BACKPORT_INTERFACE_1_HAS_FAST */
+
/* Define to the location of your NSS client databases */
#define DEFAULT_PKINIT_CLIENT_DBDIR "/etc/pki/nssdb"
@@ -88,6 +92,10 @@
/* Define to the location of your locale data. */
#define LOCALEDATADIR "NONE/share/locale"
+/* Define to the sub-directory in which libtool stores uninstalled libraries.
+ */
+#define LT_OBJDIR ".libs/"
+
/* Name of package */
#define PACKAGE "pkinit-nss"
@@ -98,13 +106,13 @@
#define PACKAGE_NAME "pkinit-nss"
/* Define to the full name and version of this package. */
-#define PACKAGE_STRING "pkinit-nss 0.7.7"
+#define PACKAGE_STRING "pkinit-nss 0.7.8"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "pkinit-nss"
/* Define to the version of this package. */
-#define PACKAGE_VERSION "0.7.7"
+#define PACKAGE_VERSION "0.7.8"
/* Define if your PAL doesn't provide an option for a supply_gic_opts_proc
callback function. */
@@ -121,4 +129,4 @@
#define STDC_HEADERS 1
/* Version number of package */
-#define VERSION "0.7.7"
+#define VERSION "0.7.8"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/config.h.in new/pkinit-nss-0.7.8-1/config.h.in
--- old/pkinit-nss-0.7.7-1/config.h.in 2008-09-05 11:26:24.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/config.h.in 2009-07-27 10:08:36.000000000 +0200
@@ -8,6 +8,10 @@
*/
#undef BACKPORT_INTERFACE_1
+/* Define if the plugin interface includes information about whether or not
+ FAST is in use. */
+#undef BACKPORT_INTERFACE_1_HAS_FAST
+
/* Define to the location of your NSS client databases */
#undef DEFAULT_PKINIT_CLIENT_DBDIR
@@ -87,6 +91,10 @@
/* Define to the location of your locale data. */
#undef LOCALEDATADIR
+/* Define to the sub-directory in which libtool stores uninstalled libraries.
+ */
+#undef LT_OBJDIR
+
/* Name of package */
#undef PACKAGE
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/configure.ac new/pkinit-nss-0.7.8-1/configure.ac
--- old/pkinit-nss-0.7.7-1/configure.ac 2008-09-04 10:24:53.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/configure.ac 2009-07-20 10:01:54.000000000 +0200
@@ -1,4 +1,4 @@
-AC_INIT(pkinit-nss,0.7.7)
+AC_INIT(pkinit-nss,0.7.8)
AM_INIT_AUTOMAKE(foreign)
AM_PROG_LIBTOOL
AM_GLIB_GNU_GETTEXT
@@ -63,7 +63,7 @@
AC_ARG_WITH(krb5-version,[AS_HELP_STRING([--with-krb5-version=AUTO],[Attempt to build for a specified version of MIT Kerberos.])],krb5_version=$withval,krb5_version=AUTO)
if test "x$krb5_version" = xAUTO ; then
AC_MSG_RESULT([Using backport preauth plugin header support.])
- AC_MSG_CHECKING([whether this is Kerberos 1.5, 1.6, 1.6.1/1.6.2, 1.6.3/1.6.4])
+ AC_MSG_CHECKING([whether this is Kerberos 1.5, 1.6, 1.6.1/1.6.2, 1.6.3/1.6.4, 1.7])
dnl if test x$ac_cv_have_decl_KRB5KDC_ERR_SVC_UNAVAILABLE = xyes ; then
dnl AC_MSG_RESULT([looks like 1.6.3.])
dnl krb5_version=1.6.3
@@ -85,6 +85,9 @@
elif test "$krb5_version" = 1.6.4 ; then
AC_MSG_RESULT([looks like 1.6.3 or 1.6.4.])
krb5_version=1.6.3
+ elif test "$krb5_version" = 1.7 ; then
+ AC_MSG_RESULT([looks like 1.7.])
+ krb5_version=1.7
else
AC_MSG_RESULT([looks like ${krb5_version}.])
fi
@@ -96,6 +99,14 @@
AC_MSG_RESULT([Requested build for $krb5_version.])
fi
case "$krb5_version" in
+ 1.7)
+ AC_MSG_RESULT([Building for Kerberos 1.7.])
+ if test x$ac_cv_header_krb5_preauth_plugin_h = xno ; then
+ BACKPORT_CPPFLAGS='-I$(top_srcdir)/backport-1.7'
+ fi
+ AC_DEFINE(BACKPORT_INTERFACE_1,1,[Define if version 1 of the preauth plugin interface should be implemented.])
+ AC_DEFINE(BACKPORT_INTERFACE_1_HAS_FAST,1,[Define if the plugin interface includes information about whether or not FAST is in use.])
+ ;;
1.6.3)
AC_MSG_RESULT([Building for Kerberos 1.6.3/1.6.4.])
if test x$ac_cv_header_krb5_preauth_plugin_h = xno ; then
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/doc/CONFIGURATION new/pkinit-nss-0.7.8-1/doc/CONFIGURATION
--- old/pkinit-nss-0.7.7-1/doc/CONFIGURATION 2008-09-04 10:24:53.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/doc/CONFIGURATION 2009-07-20 10:01:54.000000000 +0200
@@ -44,8 +44,10 @@
<EMAIL> Regular expression.
<COMPONENTS> Number.
<EKU> List of zero or more values, possibly
- including "pkinit", "msScLogin",
- "clientAuth", and "emailProtection".
+ including "pkinit" (for clients),
+ "pkinitKDC" (for KDCs), "msScLogin",
+ "clientAuth", "serverAuth", and
+ "emailProtection".
<KU> List of zero or more values, possibly
including "digitalSignature" and
"keyEncipherment".
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/pkinit-nss.spec new/pkinit-nss-0.7.8-1/pkinit-nss.spec
--- old/pkinit-nss-0.7.7-1/pkinit-nss.spec 2008-09-05 11:26:43.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/pkinit-nss.spec 2009-07-27 10:08:40.000000000 +0200
@@ -1,5 +1,5 @@
Name: pkinit-nss
-Version: 0.7.7
+Version: 0.7.8
Release: 1%{?dist}
Source: http://people.redhat.com/~nalin/pkinit-nss/%{name}-%{version}-1.tar.gz
License: LGPL
@@ -44,6 +44,10 @@
%{_libdir}/krb5
%changelog
+* Fri Jul 17 2009 Nalin Dahyabhai <nalin(a)redhat.com> 0.7.8-1
+- learn about the krb5-1.7 release
+- disable participation when FAST is in use
+
* Tue Sep 2 2008 Nalin Dahyabhai <nalin(a)redhat.com> 0.7.7-1
- add the ability to restrict matching of certificates by the number of
components in the principal name to which it is being compared
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/pkinit-nss.spec.in new/pkinit-nss-0.7.8-1/pkinit-nss.spec.in
--- old/pkinit-nss-0.7.7-1/pkinit-nss.spec.in 2008-09-04 10:24:53.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/pkinit-nss.spec.in 2009-07-20 10:01:54.000000000 +0200
@@ -44,6 +44,10 @@
%{_libdir}/krb5
%changelog
+* Fri Jul 17 2009 Nalin Dahyabhai <nalin(a)redhat.com> 0.7.8-1
+- learn about the krb5-1.7 release
+- disable participation when FAST is in use
+
* Tue Sep 2 2008 Nalin Dahyabhai <nalin(a)redhat.com> 0.7.7-1
- add the ability to restrict matching of certificates by the number of
components in the principal name to which it is being compared
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/po/LINGUAS new/pkinit-nss-0.7.8-1/po/LINGUAS
--- old/pkinit-nss-0.7.7-1/po/LINGUAS 1970-01-01 01:00:00.000000000 +0100
+++ new/pkinit-nss-0.7.8-1/po/LINGUAS 2009-05-19 11:32:33.000000000 +0200
@@ -0,0 +1,13 @@
+bal
+bg
+ca
+cs
+de
+fr
+hu
+it
+nl
+pl
+pt_BR
+sr
+sr@latin
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/po/Makefile.in.in new/pkinit-nss-0.7.8-1/po/Makefile.in.in
--- old/pkinit-nss-0.7.7-1/po/Makefile.in.in 2008-06-16 14:24:29.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/po/Makefile.in.in 2009-04-22 13:14:38.000000000 +0200
@@ -55,7 +55,7 @@
SOURCES =
POFILES = @POFILES@
GMOFILES = @GMOFILES@
-DISTFILES = ChangeLog Makefile.in.in POTFILES.in $(GETTEXT_PACKAGE).pot \
+DISTFILES = LINGUAS ChangeLog Makefile.in.in POTFILES.in $(GETTEXT_PACKAGE).pot \
$(POFILES) $(GMOFILES) $(SOURCES)
POTFILES = \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/aabag.c new/pkinit-nss-0.7.8-1/src/aabag.c
--- old/pkinit-nss-0.7.7-1/src/aabag.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/aabag.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: aabag.c,v 1.8 2007/06/20 21:27:27 nalin Exp $"
-
#include "../config.h"
#include <sys/types.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/aabag.h new/pkinit-nss-0.7.8-1/src/aabag.h
--- old/pkinit-nss-0.7.7-1/src/aabag.h 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/aabag.h 2009-07-20 10:01:54.000000000 +0200
@@ -22,7 +22,6 @@
#ifndef aabag_h
#define aabag_h
-#ident "$Id: aabag.h,v 1.3 2007/05/30 12:28:57 nalin Exp $"
#include <nspr.h>
#include <nss.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/aacat.c new/pkinit-nss-0.7.8-1/src/aacat.c
--- old/pkinit-nss-0.7.7-1/src/aacat.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/aacat.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: aacat.c,v 1.9 2007/06/20 21:27:27 nalin Exp $"
-
#include "../config.h"
#include <sys/types.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/bcmst.c new/pkinit-nss-0.7.8-1/src/bcmst.c
--- old/pkinit-nss-0.7.7-1/src/bcmst.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/bcmst.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: bcmst.c,v 1.30 2007/06/08 21:44:27 nalin Exp $"
-
#include "../config.h"
#include <errno.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/bcmst.h new/pkinit-nss-0.7.8-1/src/bcmst.h
--- old/pkinit-nss-0.7.7-1/src/bcmst.h 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/bcmst.h 2009-07-20 10:01:54.000000000 +0200
@@ -22,7 +22,6 @@
#ifndef bcmst_h
#define bcmst_h
-#ident "$Id: bcmst.h,v 1.11 2007/05/28 05:24:45 nalin Exp $"
#include <nspr.h>
#include <nss.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/bcmsutil.c new/pkinit-nss-0.7.8-1/src/bcmsutil.c
--- old/pkinit-nss-0.7.7-1/src/bcmsutil.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/bcmsutil.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: bcmsutil.c,v 1.13 2007/06/20 21:27:27 nalin Exp $"
-
#include "../config.h"
#include <sys/types.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/bpk5.c new/pkinit-nss-0.7.8-1/src/bpk5.c
--- old/pkinit-nss-0.7.7-1/src/bpk5.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/bpk5.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: bpk5.c,v 1.2 2007/06/20 12:11:19 nalin Exp $"
-
#include "../config.h"
#include <nspr.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/bpk5.h new/pkinit-nss-0.7.8-1/src/bpk5.h
--- old/pkinit-nss-0.7.7-1/src/bpk5.h 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/bpk5.h 2009-07-20 10:01:54.000000000 +0200
@@ -22,7 +22,6 @@
#ifndef bpk5_h
#define bpk5_h
-#ident "$Id: bpk5.h,v 1.1 2007/05/22 20:39:21 nalin Exp $"
#include <nspr.h>
#include <nss.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/certhash.c new/pkinit-nss-0.7.8-1/src/certhash.c
--- old/pkinit-nss-0.7.7-1/src/certhash.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/certhash.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: certhash.c,v 1.1 2007/05/22 20:48:23 nalin Exp $"
-
#include "../config.h"
#include <sys/types.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/certs.c new/pkinit-nss-0.7.8-1/src/certs.c
--- old/pkinit-nss-0.7.7-1/src/certs.c 2008-09-04 10:24:53.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/certs.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: certs.c,v 1.37 2007/06/08 21:44:27 nalin Exp $"
-
#include "../config.h"
#include <sys/types.h>
@@ -50,6 +48,7 @@
#define APPDEFAULT_LIST_SEPARATORS " \t,"
#define RULE_LIST_SEPARATORS " \t"
#define REGEX_SPECIAL_CHARS "[]{}().+?*|\\-^$"
+#define MATCHING_EXTENSIONS
static unsigned char oid_ms_sc_login_data[] = {0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02, 0x02};
static const SECOidData
@@ -452,6 +451,7 @@
q = p + 1 + strcspn(p + 1, "<");
pkinit_debug(mcontext, 2, "Clause: \"%.*s\".\n",
q - p, p);
+#ifdef MATCHING_EXTENSIONS
/* Save the expected size of the principal name. */
if (strncasecmp(p, "<COMPONENTS>", 12) == 0) {
p += 12;
@@ -466,6 +466,7 @@
record->size);
}
}
+#endif
/* Compile the regular expression for the subject name.
* */
if (strncasecmp(p, "<SUBJECT>", 9) == 0) {
@@ -543,6 +544,7 @@
pkinit_debug(mcontext, 3, "<SAN> \"%s\"\n",
pattern);
}
+#ifdef MATCHING_EXTENSIONS
/* Compile the regular expression for the
* subjectAlternativeName (rfc822Name type). */
if (strncasecmp(p, "<EMAIL>", 7) == 0) {
@@ -568,6 +570,7 @@
pkinit_debug(mcontext, 3, "<EMAIL> \"%s\"\n",
pattern);
}
+#endif
/* Make a copy of the keyUsage. */
if (strncasecmp(p, "<KU>", 4) == 0) {
p += 4;
@@ -798,6 +801,7 @@
}
}
+#ifdef MATCHING_EXTENSIONS
static char *
cert_match_expand_rule(PLArenaPool *pool,
krb5_context kcontext, krb5_principal principal,
@@ -875,6 +879,20 @@
}
return ret;
}
+#else
+static char *
+cert_match_expand_rule(PLArenaPool *pool,
+ krb5_context kcontext, krb5_principal principal,
+ const char *pattern, int length)
+{
+ char *ret;
+ ret = PORT_ArenaZAlloc(pool, length + 1);
+ if (ret != NULL) {
+ memcpy(ret, pattern, length);
+ }
+ return ret;
+}
+#endif
/* Check if the certificate contains the desired OID as an EKU value. */
static SECStatus
@@ -979,6 +997,14 @@
name);
oid = &oid_pkinit_key_purpose_client;
} else
+#ifdef MATCHING_EXTENSIONS
+ if (strcasecmp(name, "pkinitKDC") == 0) {
+ pkinit_debug(mcontext, 3,
+ "Checking for \"%s\" EKU.\n",
+ name);
+ oid = &oid_pkinit_key_purpose_kdc;
+ } else
+#endif
if (strcasecmp(name, "msScLogin") == 0) {
pkinit_debug(mcontext, 3,
"Checking for \"%s\" EKU.\n",
@@ -992,6 +1018,15 @@
tag = SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH;
oid = SECOID_FindOIDByTag(tag);
} else
+#ifdef MATCHING_EXTENSIONS
+ if (strcasecmp(name, "serverAuth") == 0) {
+ pkinit_debug(mcontext, 3,
+ "Checking for \"%s\" EKU.\n",
+ name);
+ tag = SEC_OID_EXT_KEY_USAGE_SERVER_AUTH;
+ oid = SECOID_FindOIDByTag(tag);
+ } else
+#endif
if (strcasecmp(name, "emailProtection") == 0) {
pkinit_debug(mcontext, 3,
"Checking for \"%s\" EKU.\n",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/certs.h new/pkinit-nss-0.7.8-1/src/certs.h
--- old/pkinit-nss-0.7.7-1/src/certs.h 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/certs.h 2009-07-20 10:01:54.000000000 +0200
@@ -23,7 +23,6 @@
#ifndef certs_h
#define certs_h
-#ident "$Id: certs.h,v 1.19 2007/06/08 21:44:27 nalin Exp $"
#include "aabag.h"
#include "bcmst.h"
#include "pkinit.h"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/commont.c new/pkinit-nss-0.7.8-1/src/commont.c
--- old/pkinit-nss-0.7.7-1/src/commont.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/commont.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: commont.c,v 1.19 2007/05/22 21:20:42 nalin Exp $"
-
#include "../config.h"
#include <errno.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/commont.h new/pkinit-nss-0.7.8-1/src/commont.h
--- old/pkinit-nss-0.7.7-1/src/commont.h 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/commont.h 2009-07-20 10:01:54.000000000 +0200
@@ -23,8 +23,6 @@
#ifndef commont_h
#define commont_h
-#ident "$Id: commont.h,v 1.15 2007/02/07 00:17:26 nalin Exp $"
-
#include <krb5.h>
#include <nspr.h>
#include <nss.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/deroid.c new/pkinit-nss-0.7.8-1/src/deroid.c
--- old/pkinit-nss-0.7.7-1/src/deroid.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/deroid.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: deroid.c,v 1.3 2006/10/10 20:13:10 nalin Exp $"
-
#include "../config.h"
/* You can only take figuring this stuff out manually so many times... */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/fragment/openp12.c new/pkinit-nss-0.7.8-1/src/fragment/openp12.c
--- old/pkinit-nss-0.7.7-1/src/fragment/openp12.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/fragment/openp12.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: openp12.c,v 1.2 2007/05/24 19:16:19 nalin Exp $"
-
#include "../../config.h"
#include <sys/types.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/get-pkinit-san.c new/pkinit-nss-0.7.8-1/src/get-pkinit-san.c
--- old/pkinit-nss-0.7.7-1/src/get-pkinit-san.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/get-pkinit-san.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: get-pkinit-san.c,v 1.2 2007/05/31 19:08:20 nalin Exp $"
-
#include "../config.h"
#include <sys/types.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/make-pkinit-san.c new/pkinit-nss-0.7.8-1/src/make-pkinit-san.c
--- old/pkinit-nss-0.7.7-1/src/make-pkinit-san.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/make-pkinit-san.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: make-pkinit-san.c,v 1.5 2007/01/25 21:32:03 nalin Exp $"
-
#include "../config.h"
#include <errno.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/map-file.c new/pkinit-nss-0.7.8-1/src/map-file.c
--- old/pkinit-nss-0.7.7-1/src/map-file.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/map-file.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: map-file.c,v 1.3 2007/05/22 21:19:02 nalin Exp $"
-
#include "../config.h"
#include <errno.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/map-file.h new/pkinit-nss-0.7.8-1/src/map-file.h
--- old/pkinit-nss-0.7.7-1/src/map-file.h 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/map-file.h 2009-07-20 10:01:54.000000000 +0200
@@ -23,8 +23,6 @@
#ifndef map_file_h
#define map_file_h
-#ident "$Id: map-file.h,v 1.2 2007/02/05 16:21:14 nalin Exp $"
-
#include "../config.h"
struct map_file;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/oakley.c new/pkinit-nss-0.7.8-1/src/oakley.c
--- old/pkinit-nss-0.7.7-1/src/oakley.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/oakley.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: oakley.c,v 1.7 2007/02/06 01:58:10 nalin Exp $"
-
#include "../config.h"
#include <keythi.h>
#include "oakley.h"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/oakley.h new/pkinit-nss-0.7.8-1/src/oakley.h
--- old/pkinit-nss-0.7.7-1/src/oakley.h 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/oakley.h 2009-07-20 10:01:54.000000000 +0200
@@ -22,7 +22,6 @@
#ifndef oakley_h
#define oakley_h
-#ident "$Id: oakley.h,v 1.4 2007/02/05 16:23:16 nalin Exp $"
#include "../config.h"
#include "commont.h"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/pkinit.c new/pkinit-nss-0.7.8-1/src/pkinit.c
--- old/pkinit-nss-0.7.7-1/src/pkinit.c 2008-09-04 10:24:53.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/pkinit.c 2009-07-20 10:01:54.000000000 +0200
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2006,2007 Red Hat, Inc.
+ * Copyright (C) 2006,2007,2009 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: pkinit.c,v 1.64 2007/10/23 20:48:47 nalin Exp $"
-
#include "../config.h"
#include <sys/types.h>
@@ -1669,14 +1667,79 @@
}
}
+#ifdef BACKPORT_INTERFACE_1_HAS_FAST
+/* Return non-zero if the client used FAST in this request. */
+static krb5_error_code
+server_get_req_uses_fast(krb5_context kcontext,
+ krb5_kdc_req *request,
+ struct _krb5_db_entry_new *client_db_entry,
+ preauth_get_entry_data_proc server_get_entry_data)
+{
+ krb5_error_code ret;
+ krb5_data *req_armor_key;
+ req_armor_key = NULL;
+ ret = (*server_get_entry_data)(kcontext, request, client_db_entry,
+ krb5plugin_preauth_fast_armor,
+ &req_armor_key);
+ /* Check if we actually got a keyblock. */
+ if ((ret == 0) && (req_armor_key != NULL)) {
+ if (req_armor_key->data != NULL) {
+ ret = EINVAL;
+ }
+ /* We don't actually need the keyblock, so free it. */
+ (*server_get_entry_data)(kcontext, request, client_db_entry,
+ krb5plugin_preauth_free_fast_armor,
+ &req_armor_key);
+ /* Bail if we found a keyblock. */
+ if (ret != 0) {
+ return ret;
+ }
+ }
+ return 0;
+}
+
+/* Return non-zero if the client is using FAST in this request. */
+static krb5_error_code
+client_get_req_uses_fast(krb5_context kcontext,
+ krb5_kdc_req *request,
+ preauth_get_client_data_proc get_data_proc,
+ struct _krb5_preauth_client_rock *rock)
+{
+ krb5_error_code ret;
+ krb5_data *client_armor_key;
+ /* If the client is using FAST in this request, bail now, because our
+ * behavior in the presence of armoring isn't specified yet. */
+ client_armor_key = NULL;
+ ret = (*get_data_proc)(kcontext, rock,
+ krb5plugin_preauth_client_fast_armor,
+ &client_armor_key);
+ if ((ret == 0) &&
+ (client_armor_key != NULL)) {
+ /* Check if we actually got a keyblock. */
+ if (client_armor_key->data != NULL) {
+ ret = EINVAL;
+ }
+ /* We don't actually need the keyblock, so free it. */
+ (*get_data_proc)(kcontext, rock,
+ krb5plugin_preauth_client_free_fast_armor,
+ &client_armor_key);
+ /* Bail if we found a keyblock. */
+ if (ret != 0) {
+ return ret;
+ }
+ }
+ return 0;
+}
+#endif
+
/* Obtain and return any preauthentication data (which is destined for the
* client) which matches type data->pa_type. */
static krb5_error_code
server_get_edata(krb5_context kcontext,
krb5_kdc_req *request,
- struct _krb5_db_entry_new *unused_client,
- struct _krb5_db_entry_new *unused_server,
- preauth_get_entry_data_proc unused_server_get_entry_data,
+ struct _krb5_db_entry_new *maybe_unused_client_db_entry,
+ struct _krb5_db_entry_new *unused_server_db_entry,
+ preauth_get_entry_data_proc maybe_unused_server_get_entry_data,
void *plugin_context,
krb5_pa_data *data)
{
@@ -1694,6 +1757,17 @@
return ret;
}
+#ifdef BACKPORT_INTERFACE_1_HAS_FAST
+ /* Since we don't know how to interact with FAST (yet), bail. */
+ if (server_get_req_uses_fast(kcontext, request,
+ maybe_unused_client_db_entry,
+ maybe_unused_server_get_entry_data) != 0) {
+ pkinit_debug(plugin_context, 2,
+ "Client wants to use FAST, skipping.\n");
+ return EINVAL;
+ }
+#endif
+
/* No data, but double-check that we do in fact support this type of
* preauthentication. */
if (data->pa_type != KRB5_PADATA_PK_AS_REQ) {
@@ -1848,6 +1922,16 @@
}
pkinit_debug(context, 2, "Called to handle a client request.\n");
+#ifdef BACKPORT_INTERFACE_1_HAS_FAST
+ /* Since we don't know how to interact with FAST (yet), bail. */
+ if (server_get_req_uses_fast(kcontext, request, client_db_entry,
+ server_get_entry_data) != 0) {
+ pkinit_debug(context, 2,
+ "Client wants to use FAST, skipping.\n");
+ return EINVAL;
+ }
+#endif
+
/* Load certificates and keys, if needed. */
load_certs(context);
@@ -2260,16 +2344,25 @@
krb5_error_code ret;
krb5_pa_data *tmp_pa_data;
+#ifdef BACKPORT_INTERFACE_1_HAS_FAST
+ /* Since we don't know how to interact with FAST (yet), bail. */
+ if (client_get_req_uses_fast(kcontext, request,
+ get_data_proc, rock) != 0) {
+ pkinit_debug(plugin_context, 2,
+ "Client wants to use FAST, skipping.\n");
+ return EINVAL;
+ }
+#endif
tmp_pa_data = NULL;
ret = client_process_0(kcontext, plugin_context, request_context,
- opt,
- get_data_proc, rock,
- request,
- encoded_request_body, encoded_previous_request,
- pa_data,
- prompter, prompter_data,
- gak_fct, gak_data, salt, s2kparams, as_key,
- &tmp_pa_data);
+ opt,
+ get_data_proc, rock,
+ request,
+ encoded_request_body, encoded_previous_request,
+ pa_data,
+ prompter, prompter_data,
+ gak_fct, gak_data, salt, s2kparams, as_key,
+ &tmp_pa_data);
if (tmp_pa_data != NULL) {
*out_pa_data = (krb5_pa_data **) make_pointer_list((void **) *out_pa_data, tmp_pa_data);
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/pkinit.h new/pkinit-nss-0.7.8-1/src/pkinit.h
--- old/pkinit-nss-0.7.7-1/src/pkinit.h 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/pkinit.h 2009-07-20 10:01:54.000000000 +0200
@@ -22,7 +22,6 @@
#ifndef pkinit_h
#define pkinit_h
-#ident "$Id: pkinit.h,v 1.6 2007/06/20 21:27:51 nalin Exp $"
#include "../config.h"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/pkinitt.c new/pkinit-nss-0.7.8-1/src/pkinitt.c
--- old/pkinit-nss-0.7.7-1/src/pkinitt.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/pkinitt.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: pkinitt.c,v 1.42 2007/06/08 21:46:31 nalin Exp $"
-
#include "../config.h"
#include <errno.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/pkinitt.h new/pkinit-nss-0.7.8-1/src/pkinitt.h
--- old/pkinit-nss-0.7.7-1/src/pkinitt.h 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/pkinitt.h 2009-07-20 10:01:54.000000000 +0200
@@ -22,7 +22,6 @@
#ifndef pkinitt_h
#define pkinitt_h
-#ident "$Id: pkinitt.h,v 1.20 2007/05/28 05:26:24 nalin Exp $"
#include <nspr.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pkinit-nss-0.7.7-1/src/show-cert-guid.c new/pkinit-nss-0.7.8-1/src/show-cert-guid.c
--- old/pkinit-nss-0.7.7-1/src/show-cert-guid.c 2008-08-29 10:16:51.000000000 +0200
+++ new/pkinit-nss-0.7.8-1/src/show-cert-guid.c 2009-07-20 10:01:54.000000000 +0200
@@ -20,8 +20,6 @@
* USA.
*/
-#ident "$Id: show-cert-guid.c,v 1.4 2007/01/25 21:32:03 nalin Exp $"
-
#include "../config.h"
#include <sys/types.h>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package pam_ccreds for openSUSE:Factory
checked in at Mon Jul 27 23:58:32 CEST 2009.
--------
--- pam_ccreds/pam_ccreds.changes 2009-06-24 19:28:16.000000000 +0200
+++ pam_ccreds/pam_ccreds.changes 2009-07-27 11:44:14.000000000 +0200
@@ -1,0 +2,7 @@
+Mon Jul 27 11:43:13 CEST 2009 - mc(a)novell.com
+
+- version 10
+ * don't try to store/validate empty passwords in cc_test
+ * fix dependencies
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
pam_ccreds-8.tar.bz2
New:
----
pam_ccreds-10.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pam_ccreds.spec ++++++
--- /var/tmp/diff_new_pack.GyJGzC/_old 2009-07-27 23:56:29.000000000 +0200
+++ /var/tmp/diff_new_pack.GyJGzC/_new 2009-07-27 23:56:29.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package pam_ccreds (Version 8)
+# spec file for package pam_ccreds (Version 10)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -23,8 +23,8 @@
License: GPL v2 or later
Group: Productivity/Security
AutoReqProv: on
-Version: 8
-Release: 47
+Version: 10
+Release: 1
Summary: Pam module to cache login credentials
Url: http://www.padl.com/OSS/pam_ccreds.html
Source: pam_ccreds-%{version}.tar.bz2
++++++ pam_ccreds-8.tar.bz2 -> pam_ccreds-10.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_ccreds-8/CVSVersionInfo.txt new/pam_ccreds-10/CVSVersionInfo.txt
--- old/pam_ccreds-8/CVSVersionInfo.txt 2007-12-07 01:19:22.000000000 +0100
+++ new/pam_ccreds-10/CVSVersionInfo.txt 2009-04-03 03:39:32.000000000 +0200
@@ -1,6 +1,6 @@
# Created and modified by checkpoint; do not edit
-# $Id: CVSVersionInfo.txt,v 1.10 2007/12/07 00:19:21 lukeh Exp $
-# $Name: pam_ccreds-8 $
+# $Id: CVSVersionInfo.txt,v 1.12 2009/04/03 01:39:31 lukeh Exp $
+# $Name: pam_ccreds-10 $
ProjectName: pam_ccreds
-ProjectVersion: 8
+ProjectVersion: 10
ProjectMaintainer: lukeh
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_ccreds-8/ChangeLog new/pam_ccreds-10/ChangeLog
--- old/pam_ccreds-8/ChangeLog 2007-12-07 01:19:22.000000000 +0100
+++ new/pam_ccreds-10/ChangeLog 2009-04-03 03:39:32.000000000 +0200
@@ -1,6 +1,14 @@
-$Id: ChangeLog,v 1.10 2007/12/07 00:19:13 lukeh Exp $
+$Id: ChangeLog,v 1.12 2009/04/03 01:39:05 lukeh Exp $
===============================================================
+10 Guido Guenther <agx(a)sigxcpu.org>
+
+ * don't try to store/validate empty passwords in cc_test
+
+9 Luke Howard <lukeh(a)padl.com>
+
+ * patch from Steven Brudenell to fix dependencies
+
8 Guido Guenther <agx(a)sigxcpu.org>
* remove ccreds_file parameter
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_ccreds-8/Makefile.am new/pam_ccreds-10/Makefile.am
--- old/pam_ccreds-8/Makefile.am 2007-12-07 01:19:22.000000000 +0100
+++ new/pam_ccreds-10/Makefile.am 2009-04-03 03:39:32.000000000 +0200
@@ -11,13 +11,16 @@
pam_ccreds_so_LDFLAGS = @pam_ccreds_so_LDFLAGS@
cc_test_SOURCES = cc_test.c
-cc_test_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security pam_ccreds.so -lpam -lpam_misc
+cc_test_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security
+cc_test_LDADD = pam_ccreds.so -lpam -lpam_misc
cc_dump_SOURCES = cc_dump.c
-cc_dump_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security pam_ccreds.so -lpam -lpam_misc
+cc_dump_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security
+cc_dump_LDADD = pam_ccreds.so -lpam -lpam_misc
ccreds_chkpwd_SOURCES = ccreds_chkpwd.c
-ccreds_chkpwd_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security pam_ccreds.so -lpam -lpam_misc
+ccreds_chkpwd_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security
+ccreds_chkpwd_LDADD = pam_ccreds.so -lpam -lpam_misc
DEFS = @DEFS@
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_ccreds-8/Makefile.in new/pam_ccreds-10/Makefile.in
--- old/pam_ccreds-8/Makefile.in 2007-12-07 01:19:22.000000000 +0100
+++ new/pam_ccreds-10/Makefile.in 2009-04-03 03:39:32.000000000 +0200
@@ -61,21 +61,18 @@
PROGRAMS = $(noinst_PROGRAMS) $(sbin_PROGRAMS)
am_cc_dump_OBJECTS = cc_dump.$(OBJEXT)
cc_dump_OBJECTS = $(am_cc_dump_OBJECTS)
-cc_dump_LDADD = $(LDADD)
-am__DEPENDENCIES_1 =
-cc_dump_DEPENDENCIES = $(am__DEPENDENCIES_1)
+cc_dump_DEPENDENCIES = pam_ccreds.so
am_cc_test_OBJECTS = cc_test.$(OBJEXT)
cc_test_OBJECTS = $(am_cc_test_OBJECTS)
-cc_test_LDADD = $(LDADD)
-cc_test_DEPENDENCIES = $(am__DEPENDENCIES_1)
+cc_test_DEPENDENCIES = pam_ccreds.so
am_ccreds_chkpwd_OBJECTS = ccreds_chkpwd.$(OBJEXT)
ccreds_chkpwd_OBJECTS = $(am_ccreds_chkpwd_OBJECTS)
-ccreds_chkpwd_LDADD = $(LDADD)
-ccreds_chkpwd_DEPENDENCIES = $(am__DEPENDENCIES_1)
+ccreds_chkpwd_DEPENDENCIES = pam_ccreds.so
am_pam_ccreds_so_OBJECTS = cc_db.$(OBJEXT) cc_lib.$(OBJEXT) \
cc_pam.$(OBJEXT)
pam_ccreds_so_OBJECTS = $(am_pam_ccreds_so_OBJECTS)
pam_ccreds_so_LDADD = $(LDADD)
+am__DEPENDENCIES_1 =
pam_ccreds_so_DEPENDENCIES = $(am__DEPENDENCIES_1)
DEFAULT_INCLUDES = -I. -I$(srcdir) -I.
depcomp = $(SHELL) $(top_srcdir)/depcomp
@@ -205,11 +202,14 @@
LDADD = $(LIBGCRYPT_LIBS)
pam_ccreds_so_SOURCES = cc_db.c cc_lib.c cc_pam.c cc.h
cc_test_SOURCES = cc_test.c
-cc_test_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security pam_ccreds.so -lpam -lpam_misc
+cc_test_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security
+cc_test_LDADD = pam_ccreds.so -lpam -lpam_misc
cc_dump_SOURCES = cc_dump.c
-cc_dump_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security pam_ccreds.so -lpam -lpam_misc
+cc_dump_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security
+cc_dump_LDADD = pam_ccreds.so -lpam -lpam_misc
ccreds_chkpwd_SOURCES = ccreds_chkpwd.c
-ccreds_chkpwd_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security pam_ccreds.so -lpam -lpam_misc
+ccreds_chkpwd_LDFLAGS = -Wl,-rpath -Wl,$(libdir)/security
+ccreds_chkpwd_LDADD = pam_ccreds.so -lpam -lpam_misc
@USE_NATIVE_LINKER_TRUE@NATIVE_LINK = $(pam_ccreds_so_LD) $(AM_LDFLAGS) -o $@
@USE_NATIVE_LINKER_FALSE@GNU_LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_ccreds-8/cc_test.c new/pam_ccreds-10/cc_test.c
--- old/pam_ccreds-8/cc_test.c 2007-12-07 01:19:22.000000000 +0100
+++ new/pam_ccreds-10/cc_test.c 2009-04-03 03:39:32.000000000 +0200
@@ -36,7 +36,7 @@
char *password;
char *ccredsfile;
char *action;
- const char *function;
+ const char *function = NULL;
unsigned int cc_flags;
if (argc < 5 || argc > 6) {
@@ -60,11 +60,11 @@
exit(rc);
}
- if (strcmp(action, "-validate") == 0) {
+ if (strcmp(action, "-validate") == 0 && password) {
rc = pam_cc_validate_credentials(pamcch, PAM_CC_TYPE_DEFAULT,
password, strlen(password));
function = "pam_cc_validate_credentials";
- } else if (strcmp(action, "-store") == 0) {
+ } else if (strcmp(action, "-store") == 0 && password) {
rc = pam_cc_store_credentials(pamcch, PAM_CC_TYPE_DEFAULT,
password, strlen(password));
function = "pam_cc_store_credentials";
@@ -75,7 +75,6 @@
function = "pam_cc_delete_credentials";
} else {
rc = usage();
- function = NULL;
}
if (function != NULL) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_ccreds-8/configure new/pam_ccreds-10/configure
--- old/pam_ccreds-8/configure 2007-12-07 01:19:22.000000000 +0100
+++ new/pam_ccreds-10/configure 2009-04-03 03:39:32.000000000 +0200
@@ -1703,7 +1703,7 @@
# Define the identity of the package.
PACKAGE=pam_ccreds
- VERSION=8
+ VERSION=10
cat >>confdefs.h <<_ACEOF
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_ccreds-8/configure.in new/pam_ccreds-10/configure.in
--- old/pam_ccreds-8/configure.in 2007-12-07 01:19:22.000000000 +0100
+++ new/pam_ccreds-10/configure.in 2009-04-03 03:39:32.000000000 +0200
@@ -2,7 +2,7 @@
AC_CANONICAL_SYSTEM
AC_PREFIX_DEFAULT()
-AM_INIT_AUTOMAKE(pam_ccreds, 8)
+AM_INIT_AUTOMAKE(pam_ccreds, 10)
AM_CONFIG_HEADER(config.h)
AM_MAINTAINER_MODE
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_ccreds-8/pam_ccreds.spec new/pam_ccreds-10/pam_ccreds.spec
--- old/pam_ccreds-8/pam_ccreds.spec 2007-12-07 01:19:22.000000000 +0100
+++ new/pam_ccreds-10/pam_ccreds.spec 2009-04-03 03:39:32.000000000 +0200
@@ -1,6 +1,6 @@
Summary: PAM cached credentials module
Name: pam_ccreds
-Version: 8
+Version: 10
Release: 1
Source0: ftp://ftp.padl.com/pub/%{name}-%{version}.tar.gz
URL: http://www.padl.com/
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package pam_krb5 for openSUSE:Factory
checked in at Mon Jul 27 23:56:15 CEST 2009.
--------
--- pam_krb5/pam_krb5.changes 2009-06-24 19:30:59.000000000 +0200
+++ pam_krb5/pam_krb5.changes 2009-07-27 11:55:10.000000000 +0200
@@ -1,0 +2,8 @@
+Mon Jul 27 11:53:30 CEST 2009 - mc(a)novell.com
+
+- version 2.3.7
+ * when refreshing credentials, store the new creds in the default
+ ccache if $KRB5CCNAME isn't set.
+ * prefer a "host" key, if one is found, when validating TGTs
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
pam_krb5-2.3.5-1.tar.bz2
New:
----
pam_krb5-2.3.7-1.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pam_krb5.spec ++++++
--- /var/tmp/diff_new_pack.96UUcN/_old 2009-07-27 23:54:22.000000000 +0200
+++ /var/tmp/diff_new_pack.96UUcN/_new 2009-07-27 23:54:22.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package pam_krb5 (Version 2.3.5)
+# spec file for package pam_krb5 (Version 2.3.7)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -30,8 +30,8 @@
Obsoletes: pam_krb5-64bit
%endif
#
-Version: 2.3.5
-Release: 3
+Version: 2.3.7
+Release: 1
Summary: PAM Module for Kerberos Authentication
Url: http://sourceforge.net/projects/pam-krb5/
Source: pam_krb5-%{version}-%{PAM_RELEASE}.tar.bz2
++++++ pam_krb5-2.3.5-1.tar.bz2 -> pam_krb5-2.3.7-1.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/ChangeLog new/pam_krb5-2.3.7-1/ChangeLog
--- old/pam_krb5-2.3.5-1/ChangeLog 2009-06-15 15:28:45.000000000 +0200
+++ new/pam_krb5-2.3.7-1/ChangeLog 2009-06-29 09:50:36.000000000 +0200
@@ -1,3 +1,21 @@
+2009-06-26
+ * src/options.c(option_b): don't leak the list of values
+
+2009-06-26
+ * src/sly.c(_pam_krb5_sly_maybe_refresh): refresh creds in the default
+ ccache location when KRB5CCNAME isn't set in the environment (#507984)
+
+2009-06-26
+ * src/stash.c: derive the stash name from the user some bits of the
+ configuration rather than the principal name which we end up hopefully
+ deriving using the user and those bits of the configuration.
+ * src/options.c: hang on to a copy of the mappings list, in its
+ original form, for use later
+
+2009-06-15
+ * src/v5.c(v5_validate): walk the keytab, looking for a host key,
+ and fall back to just using the first one (#450776)
+
2009-06-09
* src/initopts.c,src/v5.c: compile fixes for krb5 1.7
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/NEWS new/pam_krb5-2.3.7-1/NEWS
--- old/pam_krb5-2.3.5-1/NEWS 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.7-1/NEWS 2009-06-29 09:50:36.000000000 +0200
@@ -1,3 +1,7 @@
+- 2.3.7: * when refreshing credentials, store the new creds in the default
+ ccache if $KRB5CCNAME isn't set (#507984)
+- 2.3.6: * prefer a "host" key, if one is found, when validating TGTs
+ (#450776)
- 2.3.5: * make prompting behavior for non-existent accounts and users who
just press enter match up with those who aren't/don't (#502602,
CVE-2009-1384)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/pam_krb5.spec new/pam_krb5-2.3.7-1/pam_krb5.spec
--- old/pam_krb5-2.3.5-1/pam_krb5.spec 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.7-1/pam_krb5.spec 2009-06-29 09:50:36.000000000 +0200
@@ -1,6 +1,6 @@
Summary: A Pluggable Authentication Module for Kerberos 5.
Name: pam_krb5
-Version: 2.3.5
+Version: 2.3.7
Release: 1%{?dist}
Source0: pam_krb5-%{version}-1.tar.gz
License: BSD or LGPLv2+
@@ -50,6 +50,14 @@
%doc README* COPYING* ChangeLog NEWS
%changelog
+* Fri Jun 26 2009 Nalin Dahyabhai <nalin(a)redhat.com> - 2.3.7-1
+- when called to refresh credentials, store the new creds in the default
+ ccache location if $KRB5CCNAME isn't set (#507984)
+
+* Mon Jun 15 2009 Nalin Dahyabhai <nalin(a)redhat.com> - 2.3.6-1
+- prefer keys for services matching the pattern host/*@clientrealm when
+ validating (#450776)
+
* Fri Jun 5 2009 Nalin Dahyabhai <nalin(a)redhat.com> - 2.3.5-1
- when we get asked for the user's long-term key, use a plain Password:
prompt value rather than the library-supplied one
Files old/pam_krb5-2.3.5-1/po/ca.gmo and new/pam_krb5-2.3.7-1/po/ca.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/ca.po new/pam_krb5-2.3.7-1/po/ca.po
--- old/pam_krb5-2.3.5-1/po/ca.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/ca.po 2009-07-27 11:52:19.000000000 +0200
@@ -20,7 +20,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-10-18 12:12+0200\n"
"Last-Translator: Xavier Conde Rueda <xavi.conde(a)gmail.com>\n"
"Language-Team: Catalan <fedora(a)softcatala.net>\n"
Files old/pam_krb5-2.3.5-1/po/cs.gmo and new/pam_krb5-2.3.7-1/po/cs.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/cs.po new/pam_krb5-2.3.7-1/po/cs.po
--- old/pam_krb5-2.3.5-1/po/cs.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/cs.po 2009-07-27 11:52:19.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: system-config-firewall.master\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-06-08 20:58+0200\n"
"Last-Translator: Miloslav Trmač <mitr(a)volny.cz>\n"
"Language-Team: Czech <fedora-cs-list(a)redhat.com>\n"
Files old/pam_krb5-2.3.5-1/po/de.gmo and new/pam_krb5-2.3.7-1/po/de.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/de.po new/pam_krb5-2.3.7-1/po/de.po
--- old/pam_krb5-2.3.5-1/po/de.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/de.po 2009-07-27 11:52:19.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-03-13 16:08+0000\n"
"Last-Translator: Michael Calmer <mc(a)novell.com>\n"
"Language-Team: Novell Language <language(a)novell.com>\n"
Files old/pam_krb5-2.3.5-1/po/el.gmo and new/pam_krb5-2.3.7-1/po/el.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/el.po new/pam_krb5-2.3.7-1/po/el.po
--- old/pam_krb5-2.3.5-1/po/el.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/el.po 2009-07-27 11:52:19.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: el\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-04-10 22:03+0300\n"
"Last-Translator: Dimitris Glezos <dimitris(a)glezos.com>\n"
"Language-Team: Greek Fedora team <fedora-trans-el(a)redhat.com>\n"
Files old/pam_krb5-2.3.5-1/po/es.gmo and new/pam_krb5-2.3.7-1/po/es.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/es.po new/pam_krb5-2.3.7-1/po/es.po
--- old/pam_krb5-2.3.5-1/po/es.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/es.po 2009-07-27 11:52:19.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-12-14 11:26-0200\n"
"Last-Translator: H. Daniel Cabrera <h.daniel.cabrera(a)gmail.com>\n"
"Language-Team: Spanish <es(a)li.org>\n"
Files old/pam_krb5-2.3.5-1/po/fa.gmo and new/pam_krb5-2.3.7-1/po/fa.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/fa.po new/pam_krb5-2.3.7-1/po/fa.po
--- old/pam_krb5-2.3.5-1/po/fa.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/fa.po 2009-07-27 11:52:19.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: 0.1\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2009-03-15 22:59+0330\n"
"Last-Translator: Mohsen Saeedi <mohsen.saeedi(a)gmail.com>\n"
"Language-Team: Persian <mohsen.saeedi(a)gmail.com>\n"
Files old/pam_krb5-2.3.5-1/po/fr.gmo and new/pam_krb5-2.3.7-1/po/fr.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/fr.po new/pam_krb5-2.3.7-1/po/fr.po
--- old/pam_krb5-2.3.5-1/po/fr.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/fr.po 2009-07-27 11:52:19.000000000 +0200
@@ -9,12 +9,12 @@
"Project-Id-Version: pam_krb5 2.3.2\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL(a)li.org>\n"
"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: src/auth.c:132 src/auth.c:325
Files old/pam_krb5-2.3.5-1/po/hu.gmo and new/pam_krb5-2.3.7-1/po/hu.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/hu.po new/pam_krb5-2.3.7-1/po/hu.po
--- old/pam_krb5-2.3.5-1/po/hu.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/hu.po 2009-07-27 11:52:19.000000000 +0200
@@ -3,7 +3,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-04-30 07:23+0100\n"
"Last-Translator: Sulyok Péter <peti(a)sulyok.hu>\n"
"Language-Team: Hungarian <fedora-trans-hu(a)redhat.com>\n"
Files old/pam_krb5-2.3.5-1/po/it.gmo and new/pam_krb5-2.3.7-1/po/it.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/it.po new/pam_krb5-2.3.7-1/po/it.po
--- old/pam_krb5-2.3.5-1/po/it.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/it.po 2009-07-27 11:52:19.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: it\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-04-16 20:38+0200\n"
"Last-Translator: Francesco Tombolini <tombo(a)adamantio.net>\n"
"Language-Team: Italiano <fedora-trans-it(a)redhat.com>\n"
Files old/pam_krb5-2.3.5-1/po/ms.gmo and new/pam_krb5-2.3.7-1/po/ms.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/ms.po new/pam_krb5-2.3.7-1/po/ms.po
--- old/pam_krb5-2.3.5-1/po/ms.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/ms.po 2009-07-27 11:52:19.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-10-29 22:02+0800\n"
"Last-Translator: Sharuzzaman Ahmat Raslan <sharuzzaman(a)myrealbox.com>\n"
"Language-Team: Malay <translation-team-ms(a)lists.sourceforge.net>\n"
Files old/pam_krb5-2.3.5-1/po/nl.gmo and new/pam_krb5-2.3.7-1/po/nl.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/nl.po new/pam_krb5-2.3.7-1/po/nl.po
--- old/pam_krb5-2.3.5-1/po/nl.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/nl.po 2009-07-27 11:52:19.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-09-04 23:14+0200\n"
"Last-Translator: Peter van Egdom <p.van.egdom(a)gmail.com>\n"
"Language-Team: Dutch <fedora-trans-list(a)redhat.com>\n"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/pam_krb5.pot new/pam_krb5-2.3.7-1/po/pam_krb5.pot
--- old/pam_krb5-2.3.5-1/po/pam_krb5.pot 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/pam_krb5.pot 2009-07-27 11:52:19.000000000 +0200
@@ -6,10 +6,10 @@
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: pam_krb5 2.3.5\n"
+"Project-Id-Version: pam_krb5 2.3.7\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL(a)li.org>\n"
Files old/pam_krb5-2.3.5-1/po/pl.gmo and new/pam_krb5-2.3.7-1/po/pl.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/pl.po new/pam_krb5-2.3.7-1/po/pl.po
--- old/pam_krb5-2.3.5-1/po/pl.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/pl.po 2009-07-27 11:52:19.000000000 +0200
@@ -6,7 +6,7 @@
"Project-Id-Version: pl\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-04-10 21:56+0200\n"
"Last-Translator: Piotr Drąg <piotrdrag(a)gmail.com>\n"
"Language-Team: Polish <pl(a)li.org>\n"
Files old/pam_krb5-2.3.5-1/po/pt_BR.gmo and new/pam_krb5-2.3.7-1/po/pt_BR.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/pt_BR.po new/pam_krb5-2.3.7-1/po/pt_BR.po
--- old/pam_krb5-2.3.5-1/po/pt_BR.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/pt_BR.po 2009-07-27 11:52:19.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-07-17 22:52-0300\n"
"Last-Translator: Taylon Silmer <taylonsilva(a)gmail.com>\n"
"Language-Team: Brazilian Portuguese <fedora-trans-pt_br(a)redhat.com>\n"
Files old/pam_krb5-2.3.5-1/po/ro.gmo and new/pam_krb5-2.3.7-1/po/ro.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/ro.po new/pam_krb5-2.3.7-1/po/ro.po
--- old/pam_krb5-2.3.5-1/po/ro.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/ro.po 2009-07-27 11:52:19.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: Pam_krbr5 VERSION\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2009-02-22 22:41+0200\n"
"Last-Translator: Florin Dăscălache <floda61(a)yahoo.com>\n"
"Language-Team: Romanian <gnomero-list(a)lists.sourceforge.net>\n"
Files old/pam_krb5-2.3.5-1/po/sr.gmo and new/pam_krb5-2.3.7-1/po/sr.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/sr.po new/pam_krb5-2.3.7-1/po/sr.po
--- old/pam_krb5-2.3.5-1/po/sr.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/sr.po 2009-07-27 11:52:19.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-04-12 19:23+0100\n"
"Last-Translator: Miloš Komarčević <kmilos(a)gmial.com>\n"
"Language-Team: Serbian (sr) <fedora-trans-sr(a)redhat.com>\n"
Files old/pam_krb5-2.3.5-1/po/sr(a)latin.gmo and new/pam_krb5-2.3.7-1/po/sr(a)latin.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/sr(a)latin.po new/pam_krb5-2.3.7-1/po/sr(a)latin.po
--- old/pam_krb5-2.3.5-1/po/sr(a)latin.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/sr(a)latin.po 2009-07-27 11:52:19.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-04-12 19:23+0100\n"
"Last-Translator: Miloš Komarčević <kmilos(a)gmial.com>\n"
"Language-Team: Serbian (sr) <fedora-trans-sr(a)redhat.com>\n"
Files old/pam_krb5-2.3.5-1/po/sv.gmo and new/pam_krb5-2.3.7-1/po/sv.gmo differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/po/sv.po new/pam_krb5-2.3.7-1/po/sv.po
--- old/pam_krb5-2.3.5-1/po/sv.po 2009-06-15 15:30:35.000000000 +0200
+++ new/pam_krb5-2.3.7-1/po/sv.po 2009-07-27 11:52:19.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-06-15 15:30+0200\n"
+"POT-Creation-Date: 2009-07-27 11:52+0200\n"
"PO-Revision-Date: 2008-10-22 18:04+0100\n"
"Last-Translator: Daniel Nylander <po(a)danielnylander.se>\n"
"Language-Team: Swedish <tp-sv(a)listor.tp-sv.se>\n"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/acct.c new/pam_krb5-2.3.7-1/src/acct.c
--- old/pam_krb5-2.3.5-1/src/acct.c 2009-06-15 15:28:45.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/acct.c 2009-06-29 09:50:36.000000000 +0200
@@ -1,5 +1,5 @@
/*
- * Copyright 2003,2004,2005,2006,2007,2008 Red Hat, Inc.
+ * Copyright 2003,2004,2005,2006,2007,2008,2009 Red Hat, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -126,7 +126,7 @@
}
/* Get the stash for this user. */
- stash = _pam_krb5_stash_get(pamh, userinfo, options);
+ stash = _pam_krb5_stash_get(pamh, user, userinfo, options);
if (stash == NULL) {
_pam_krb5_user_info_free(ctx, userinfo);
_pam_krb5_options_free(pamh, ctx, options);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/auth.c new/pam_krb5-2.3.7-1/src/auth.c
--- old/pam_krb5-2.3.5-1/src/auth.c 2009-06-15 15:28:45.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/auth.c 2009-06-29 09:50:36.000000000 +0200
@@ -186,7 +186,7 @@
}
/* Get the stash for this user. */
- stash = _pam_krb5_stash_get(pamh, userinfo, options);
+ stash = _pam_krb5_stash_get(pamh, user, userinfo, options);
if (stash == NULL) {
warn("error retrieving stash for '%s' (shouldn't happen)",
user);
@@ -486,7 +486,7 @@
if (retval == PAM_SUCCESS) {
if (options->use_shmem) {
_pam_krb5_stash_shm_write(pamh, stash, options,
- userinfo);
+ user, userinfo);
}
notice("authentication succeeds for '%s' (%s)", user,
userinfo->unparsed_name);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/options.c new/pam_krb5-2.3.7-1/src/options.c
--- old/pam_krb5-2.3.5-1/src/options.c 2009-06-15 15:28:45.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/options.c 2009-06-29 09:50:36.000000000 +0200
@@ -106,11 +106,16 @@
if ((ret == -1) && (realm != NULL) &&
(service != NULL) && (strlen(service) > 0)) {
list = option_l(argc, argv, ctx, realm, s, "");
- for (i = 0; ((list != NULL) && (list[i] != NULL)); i++) {
- if (strcmp(list[i], service) == 0) {
- ret = 1;
- break;
+ if (list != NULL) {
+ for (i = 0;
+ ((list != NULL) && (list[i] != NULL));
+ i++) {
+ if (strcmp(list[i], service) == 0) {
+ ret = 1;
+ break;
+ }
}
+ free_l(list);
}
}
@@ -902,6 +907,8 @@
}
}
+ options->mappings_s = option_s(argc, argv,
+ ctx, options->realm, "mappings", "");
list = option_l(argc, argv, ctx, options->realm, "mappings", "");
for (i = 0; (list != NULL) && (list[i] != NULL); i++) {
/* nothing */
@@ -970,5 +977,7 @@
}
free(options->mappings);
options->mappings = NULL;
+ free(options->mappings_s);
+ options->mappings_s = NULL;
free(options);
};
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/options.h new/pam_krb5-2.3.7-1/src/options.h
--- old/pam_krb5-2.3.5-1/src/options.h 2009-06-15 15:28:45.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/options.h 2009-06-29 09:50:36.000000000 +0200
@@ -91,6 +91,7 @@
} *afs_cells;
int n_afs_cells;
+ char *mappings_s;
struct name_mapping {
char *pattern, *replacement;
} *mappings;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/pam_krb5.8 new/pam_krb5-2.3.7-1/src/pam_krb5.8
--- old/pam_krb5-2.3.5-1/src/pam_krb5.8 2009-06-15 15:30:21.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/pam_krb5.8 2009-07-27 11:52:13.000000000 +0200
@@ -4,13 +4,13 @@
pam_krb5 \- Kerberos 5 authentication
.SH SYNOPSIS
-.B auth required /lib/security/pam_krb5.so
+.B auth required /lib64/security/pam_krb5.so
.br
-.B session optional /lib/security/pam_krb5.so
+.B session optional /lib64/security/pam_krb5.so
.br
-.B account sufficient /lib/security/pam_krb5.so
+.B account sufficient /lib64/security/pam_krb5.so
.br
-.B password sufficient /lib/security/pam_krb5.so
+.B password sufficient /lib64/security/pam_krb5.so
.SH DESCRIPTION
The pam_krb5.so module is designed to allow smooth integration of Kerberos 5
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/pam_krb5_storetmp.8 new/pam_krb5-2.3.7-1/src/pam_krb5_storetmp.8
--- old/pam_krb5-2.3.5-1/src/pam_krb5_storetmp.8 2009-06-15 15:30:21.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/pam_krb5_storetmp.8 2009-07-27 11:52:13.000000000 +0200
@@ -1,7 +1,7 @@
.TH pam_krb5_storetmp 8 2005/10/05 "Red Hat Linux" "System Administrator's Manual"
.SH NAME
-/lib/security/pam_krb5/pam_krb5_storetmp \- Temporary file helper
+/lib64/security/pam_krb5/pam_krb5_storetmp \- Temporary file helper
.SH SYNOPSIS
.B pam_krb5_storetmp pattern [uid] [gid]
@@ -29,7 +29,7 @@
creating the file. The helper continues in its task if the attempt fails.
.SH FILES
-\fI/lib/security/pam_krb5.so\fR
+\fI/lib64/security/pam_krb5.so\fR
.br
.SH "SEE ALSO"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/pam_newpag.8 new/pam_krb5-2.3.7-1/src/pam_newpag.8
--- old/pam_krb5-2.3.5-1/src/pam_newpag.8 2009-06-15 15:30:21.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/pam_newpag.8 2009-07-27 11:52:13.000000000 +0200
@@ -4,9 +4,9 @@
pam_newpag \- create a new process authentication group
.SH SYNOPSIS
-.B auth optional /lib/security/pam_newpag.so
+.B auth optional /lib64/security/pam_newpag.so
.br
-.B session optional /lib/security/pam_newpag.so
+.B session optional /lib64/security/pam_newpag.so
.SH DESCRIPTION
The pam_newpag.so module's sole purpose is to provide a workaround for
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/password.c new/pam_krb5-2.3.7-1/src/password.c
--- old/pam_krb5-2.3.5-1/src/password.c 2009-06-15 15:28:45.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/password.c 2009-06-29 09:50:36.000000000 +0200
@@ -155,7 +155,7 @@
* second pass. It should have a low lifetime, so we needn't free it
* just now. */
retval = PAM_AUTH_ERR;
- stash = _pam_krb5_stash_get(pamh, userinfo, options);
+ stash = _pam_krb5_stash_get(pamh, user, userinfo, options);
/* If this is the first pass, just check the user's password by
* obtaining a password-changing initial ticket. */
@@ -466,7 +466,7 @@
if (options->use_shmem) {
_pam_krb5_stash_shm_write(pamh, stash,
options,
- userinfo);
+ user, userinfo);
}
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/session.c new/pam_krb5-2.3.7-1/src/session.c
--- old/pam_krb5-2.3.5-1/src/session.c 2009-06-15 15:28:45.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/session.c 2009-06-29 09:50:36.000000000 +0200
@@ -1,5 +1,5 @@
/*
- * Copyright 2003,2004,2005,2006,2007,2008 Red Hat, Inc.
+ * Copyright 2003,2004,2005,2006,2007,2008,2009 Red Hat, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -72,7 +72,7 @@
int argc, PAM_KRB5_MAYBE_CONST char **argv)
{
PAM_KRB5_MAYBE_CONST char *user;
- char envstr[PATH_MAX + 20];
+ char envstr[PATH_MAX + 20], *segname;
const char *ccname;
krb5_context ctx;
struct _pam_krb5_options *options;
@@ -140,7 +140,7 @@
}
/* Get the stash for this user. */
- stash = _pam_krb5_stash_get(pamh, userinfo, options);
+ stash = _pam_krb5_stash_get(pamh, user, userinfo, options);
if (stash == NULL) {
warn("no stash for '%s' (shouldn't happen)", user);
_pam_krb5_user_info_free(ctx, userinfo);
@@ -167,11 +167,11 @@
_pam_krb5_shm_remove(stash->v5shm_owner, stash->v5shm,
options->debug);
stash->v5shm = -1;
- snprintf(envstr, sizeof(envstr),
- PAM_KRB5_STASH_TEMPLATE
- PAM_KRB5_STASH_SHM5_SUFFIX,
- userinfo->unparsed_name);
- pam_putenv(pamh, envstr);
+ _pam_krb5_stash_shm5_name(options, user, &segname);
+ if (segname != NULL) {
+ pam_putenv(pamh, segname);
+ free(segname);
+ }
}
#ifdef USE_KRB4
if ((stash->v4shm != -1) && (stash->v4shm_owner != -1)) {
@@ -183,11 +183,11 @@
_pam_krb5_shm_remove(stash->v4shm_owner, stash->v4shm,
options->debug);
stash->v4shm = -1;
- snprintf(envstr, sizeof(envstr),
- PAM_KRB5_STASH_TEMPLATE
- PAM_KRB5_STASH_SHM4_SUFFIX,
- userinfo->unparsed_name);
- pam_putenv(pamh, envstr);
+ _pam_krb5_stash_shm4_name(options, user, &segname);
+ if (segname != NULL) {
+ pam_putenv(pamh, segname);
+ free(segname);
+ }
}
#endif
}
@@ -369,7 +369,7 @@
}
/* Get the stash for this user. */
- stash = _pam_krb5_stash_get(pamh, userinfo, options);
+ stash = _pam_krb5_stash_get(pamh, user, userinfo, options);
if (stash == NULL) {
warn("no stash for user %s (shouldn't happen)", user);
_pam_krb5_user_info_free(ctx, userinfo);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/sly.c new/pam_krb5-2.3.7-1/src/sly.c
--- old/pam_krb5-2.3.5-1/src/sly.c 2009-06-15 15:28:45.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/sly.c 2009-06-29 09:50:36.000000000 +0200
@@ -34,6 +34,8 @@
#include <sys/stat.h>
#include <errno.h>
+#include <limits.h>
+#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
@@ -159,7 +161,10 @@
int i, retval, stored;
uid_t uid;
gid_t gid;
- char *v5ccname, *v5filename, *v4tktfile;
+ const char *v5ccname, *v5filename, *v4tktfile;
+#ifdef TKT_ROOT
+ char v4tktfilebuf[PATH_MAX];
+#endif
/* Inexpensive checks. */
switch (_pam_krb5_sly_looks_unsafe()) {
@@ -237,7 +242,7 @@
}
/* Get the stash for this user. */
- stash = _pam_krb5_stash_get(pamh, userinfo, options);
+ stash = _pam_krb5_stash_get(pamh, user, userinfo, options);
if (stash == NULL) {
warn("error retrieving stash for '%s' (shouldn't happen)",
user);
@@ -249,15 +254,28 @@
retval = PAM_SERVICE_ERR;
- /* Save credentials in the right files. */
- v5ccname = getenv("KRB5CCNAME");
+ /* Save credentials in the right places. */
+ v5ccname = krb5_cc_default_name(ctx);
v5filename = NULL;
if (v5ccname == NULL) {
- /* Ignore us. We have nothing to do. */
- retval = PAM_SUCCESS;
- }
- if ((v5ccname != NULL) && (strncmp(v5ccname, "FILE:", 5) == 0)) {
- v5filename = v5ccname + 5;
+ /* This should never happen, but all we can do is tell libpam
+ * to ignore us. We have nothing to do. */
+ if (options->debug) {
+ debug("ignoring '%s' -- no default ccache name", user);
+ }
+ retval = PAM_IGNORE;
+ } else {
+ if (strncmp(v5ccname, "FILE:", 5) == 0) {
+ v5filename = v5ccname + 5;
+ if (options->debug) {
+ debug("ccache is a file named '%s'",
+ v5filename);
+ }
+ } else {
+ if (options->debug) {
+ debug("ccache '%s' is not a file", v5ccname);
+ }
+ }
}
stored = 0;
@@ -297,7 +315,8 @@
}
} else {
if (v5ccname != NULL) {
- /* Go ahead and update the current ccache. */
+ /* Go ahead and update the current not-a-file
+ * ccache. */
if (options->debug) {
debug("updating ccache '%s' for '%s'",
v5ccname, user);
@@ -306,9 +325,22 @@
stored = (retval == PAM_SUCCESS);
}
}
+ } else {
+ if (options->debug) {
+ debug("no credentials available to store in '%s'",
+ v5ccname);
+ }
+ retval = PAM_SUCCESS;
}
v4tktfile = getenv("KRBTKFILE");
+#ifdef TKT_ROOT
+ if ((v4tktfile == NULL) && (options->user_check)) {
+ snprintf(v4tktfilebuf, sizeof(v4tktfilebuf), "%s%ld",
+ TKT_ROOT, (long) uid);
+ v4tktfile = v4tktfilebuf;
+ }
+#endif
if ((stash->v4present) && (v4tktfile != NULL)) {
if (access(v4tktfile, R_OK | W_OK) == 0) {
if (lstat(v4tktfile, &st) == 0) {
@@ -333,11 +365,19 @@
} else {
if (errno == ENOENT) {
/* We have nothing to do. */
+ if (options->debug) {
+ debug("no preexisting ticket "
+ "file found");
+ }
retval = PAM_SUCCESS;
}
}
} else {
/* Touch nothing. */
+ if (options->debug) {
+ debug("unable to access preexisting ticket "
+ "file");
+ }
retval = PAM_SUCCESS;
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/stash.c new/pam_krb5-2.3.7-1/src/stash.c
--- old/pam_krb5-2.3.5-1/src/stash.c 2008-10-06 16:16:40.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/stash.c 2009-06-29 09:50:36.000000000 +0200
@@ -1,5 +1,5 @@
/*
- * Copyright 2003,2004,2005,2006,2007 Red Hat, Inc.
+ * Copyright 2003,2004,2005,2006,2007,2009 Red Hat, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,6 +70,61 @@
#include "v5.h"
#include "xstr.h"
+#define PAM_KRB5_STASH_TEMPLATE "_pam_krb5_stash_%s_%s_%s_%d"
+#define PAM_KRB5_STASH_SHM5_SUFFIX "_shm5"
+#define PAM_KRB5_STASH_SHM4_SUFFIX "_shm4"
+
+static void
+_pam_krb5_stash_name_with_suffix(struct _pam_krb5_options *options,
+ const char *user, const char *suffix,
+ char **name)
+{
+ int i;
+ *name = malloc(strlen(PAM_KRB5_STASH_TEMPLATE) +
+ strlen(user) + strlen(options->realm) +
+ (options->mappings_s ? strlen(options->mappings_s) : 0) +
+ 3 +
+ (suffix ? strlen(suffix) : 0) +
+ 1);
+ if (*name != NULL) {
+ sprintf(*name, PAM_KRB5_STASH_TEMPLATE "%s",
+ user, options->realm,
+ options->mappings_s ? options->mappings_s : NULL,
+ options->user_check,
+ suffix ? suffix : "");
+ for (i = 0; (*name)[i] != '\0'; i++) {
+ if (strchr("= ", (*name)[i]) != NULL) {
+ (*name)[i] = '_';
+ }
+ }
+ }
+}
+
+void
+_pam_krb5_stash_name(struct _pam_krb5_options *options,
+ const char *user, char **name)
+{
+ _pam_krb5_stash_name_with_suffix(options, user, NULL, name);
+}
+
+void
+_pam_krb5_stash_shm5_name(struct _pam_krb5_options *options,
+ const char *user, char **name)
+{
+ _pam_krb5_stash_name_with_suffix(options, user,
+ PAM_KRB5_STASH_SHM5_SUFFIX, name);
+}
+
+#ifdef USE_KRB4
+void
+_pam_krb5_stash_shm4_name(struct _pam_krb5_options *options,
+ const char *user, char **name)
+{
+ _pam_krb5_stash_name_with_suffix(options, user,
+ PAM_KRB5_STASH_SHM4_SUFFIX, name);
+}
+#endif
+
static int
_pam_krb5_get_data_stash(pam_handle_t *pamh, const char *key,
struct _pam_krb5_stash **stash)
@@ -215,9 +270,10 @@
static void
_pam_krb5_stash_shm_write_v5(pam_handle_t *pamh, struct _pam_krb5_stash *stash,
struct _pam_krb5_options *options,
+ const char *user,
struct _pam_krb5_user_info *userinfo)
{
- char variable[PATH_MAX + 6];
+ char variable[PATH_MAX + 6], *segname;
void *blob;
int *intblob;
size_t blob_size;
@@ -261,7 +317,7 @@
close(fd);
return;
}
- if (krb5_cc_initialize(ctx, ccache, userinfo->principal_name) != 0) {
+ if (krb5_cc_initialize(ctx, ccache, stash->v5creds.client) != 0) {
warn("error initializing credential cache file \"%s\"",
variable + 5);
krb5_cc_close(ctx, ccache);
@@ -306,19 +362,23 @@
close(fd);
if (key != -1) {
- snprintf(variable, sizeof(variable),
- PAM_KRB5_STASH_TEMPLATE
- PAM_KRB5_STASH_SHM5_SUFFIX
- "=%d/%ld",
- userinfo->unparsed_name, key, (long) getpid());
- pam_putenv(pamh, variable);
- if (options->debug) {
- debug("saved v5 credentials to shared memory "
- "segment %d (creator pid %ld)", key,
- (long) getpid());
+ segname = NULL;
+ _pam_krb5_stash_shm5_name(options, user, &segname);
+ if (segname != NULL) {
+ snprintf(variable, sizeof(variable),
+ "%s=%d/%ld",
+ segname, key, (long) getpid());
+ free(segname);
+ pam_putenv(pamh, variable);
+ if (options->debug) {
+ debug("saved v5 credentials to shared memory "
+ "segment %d (creator pid %ld)", key,
+ (long) getpid());
+ debug("set '%s' in environment", variable);
+ }
+ stash->v5shm = key;
+ stash->v5shm_owner = getpid();
}
- stash->v5shm = key;
- stash->v5shm_owner = getpid();
} else {
warn("error saving v5 credential state to shared "
"memory segment");
@@ -365,11 +425,12 @@
static void
_pam_krb5_stash_shm_write_v4(pam_handle_t *pamh, struct _pam_krb5_stash *stash,
struct _pam_krb5_options *options,
+ const char *user,
struct _pam_krb5_user_info *userinfo)
{
void *blob;
int *intblob, key;
- char variable[PATH_MAX];
+ char variable[PATH_MAX], *segname;
key = _pam_krb5_shm_new_from_blob(pamh, sizeof(int) * 2,
&stash->v4creds,
sizeof(stash->v4creds),
@@ -378,19 +439,22 @@
intblob = blob;
intblob[0] = stash->v4present;
intblob[1] = sizeof(stash->v4creds);
- snprintf(variable, sizeof(variable),
- PAM_KRB5_STASH_TEMPLATE
- PAM_KRB5_STASH_SHM4_SUFFIX
- "=%d/%ld",
- userinfo->unparsed_name, key, (long) getpid());
- pam_putenv(pamh, variable);
- if (options->debug) {
- debug("saved v4 credential state to shared "
- "memory segment %d (creator pid %ld)", key,
- (long) getpid());
+ _pam_krb5_stash_shm4_name(options, user, &segname);
+ if (segname != NULL) {
+ snprintf(variable, sizeof(variable),
+ "%s=%d/%ld",
+ segname, key, (long) getpid());
+ free(segname);
+ pam_putenv(pamh, variable);
+ if (options->debug) {
+ debug("saved v4 credential state to shared "
+ "memory segment %d (creator pid %ld)",
+ key, (long) getpid());
+ debug("set '%s' in environment", variable);
+ }
+ stash->v4shm = key;
+ stash->v4shm_owner = getpid();
}
- stash->v4shm = key;
- stash->v4shm_owner = getpid();
} else {
warn("error saving v4 credential state to shared "
"memory segment");
@@ -417,7 +481,8 @@
size_t blob_size;
/* Construct the name of a variable. */
- variable = malloc(strlen(partial_key) + 10);
+ variable = malloc(strlen(partial_key) +
+ 2 * strlen(PAM_KRB5_STASH_SHM5_SUFFIX) + 1);
if (variable == NULL) {
return;
}
@@ -511,11 +576,12 @@
void
_pam_krb5_stash_shm_write(pam_handle_t *pamh, struct _pam_krb5_stash *stash,
struct _pam_krb5_options *options,
+ const char *user,
struct _pam_krb5_user_info *userinfo)
{
- _pam_krb5_stash_shm_write_v5(pamh, stash, options, userinfo);
+ _pam_krb5_stash_shm_write_v5(pamh, stash, options, user, userinfo);
#ifdef USE_KRB4
- _pam_krb5_stash_shm_write_v4(pamh, stash, options, userinfo);
+ _pam_krb5_stash_shm_write_v4(pamh, stash, options, user, userinfo);
#endif
}
@@ -523,6 +589,7 @@
* exists, incorporate contents of the named ccache/tktfiles into the stash. */
static void
_pam_krb5_stash_external_read(pam_handle_t *pamh, struct _pam_krb5_stash *stash,
+ const char *user,
struct _pam_krb5_user_info *userinfo,
struct _pam_krb5_options *options)
{
@@ -575,7 +642,7 @@
princ = NULL;
} else {
if (options->debug) {
- debug("ccache is for a different principal, updating");
+ debug("ccache is for a new or different principal, updating");
}
/* Unparse the name. */
unparsed = NULL;
@@ -693,28 +760,24 @@
* pointer instead of making their own copy of the key, which could lead to
* crashes if we then deallocated the string. */
struct _pam_krb5_stash *
-_pam_krb5_stash_get(pam_handle_t *pamh, struct _pam_krb5_user_info *info,
+_pam_krb5_stash_get(pam_handle_t *pamh, const char *user,
+ struct _pam_krb5_user_info *info,
struct _pam_krb5_options *options)
{
krb5_context ctx;
struct _pam_krb5_stash *stash;
char *key;
- key = malloc(strlen(PAM_KRB5_STASH_TEMPLATE) +
- strlen(info->unparsed_name) +
- 1);
- if (key == NULL) {
- return NULL;
- }
- sprintf(key, PAM_KRB5_STASH_TEMPLATE, info->unparsed_name);
-
+ key = NULL;
stash = NULL;
- if ((_pam_krb5_get_data_stash(pamh, key, &stash) == PAM_SUCCESS) &&
+ _pam_krb5_stash_name(options, user, &key);
+ if ((key != NULL) &&
+ (_pam_krb5_get_data_stash(pamh, key, &stash) == PAM_SUCCESS) &&
(stash != NULL)) {
free(key);
if (options->external && (stash->v5attempted == 0)) {
_pam_krb5_stash_external_read(pamh, stash,
- info, options);
+ user, info, options);
if (stash->v5attempted && (stash->v5result == 0)) {
if ((_pam_krb5_init_ctx(&ctx, 0, NULL) == 0) &&
((options->v4 == 1) || (options->v4_for_afs == 1))) {
@@ -756,7 +819,7 @@
_pam_krb5_stash_shm_read(pamh, key, stash, options);
}
if (options->external && (stash->v5attempted == 0)) {
- _pam_krb5_stash_external_read(pamh, stash, info, options);
+ _pam_krb5_stash_external_read(pamh, stash, user, info, options);
if (stash->v5attempted && (stash->v5result == 0)) {
if ((_pam_krb5_init_ctx(&ctx, 0, NULL) == 0) &&
((options->v4 == 1) || (options->v4_for_afs == 1))) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/stash.h new/pam_krb5-2.3.7-1/src/stash.h
--- old/pam_krb5-2.3.5-1/src/stash.h 2008-04-17 14:04:00.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/stash.h 2009-06-29 09:50:36.000000000 +0200
@@ -1,5 +1,5 @@
/*
- * Copyright 2003,2007 Red Hat, Inc.
+ * Copyright 2003,2007,2009 Red Hat, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -35,10 +35,6 @@
#include "userinfo.h"
-#define PAM_KRB5_STASH_TEMPLATE "_pam_krb5_stash_%s"
-#define PAM_KRB5_STASH_SHM5_SUFFIX "_shm5"
-#define PAM_KRB5_STASH_SHM4_SUFFIX "_shm4"
-
struct _pam_krb5_ccname_list {
char *name;
struct _pam_krb5_ccname_list *next;
@@ -65,6 +61,7 @@
};
struct _pam_krb5_stash *_pam_krb5_stash_get(pam_handle_t *pamh,
+ const char *user,
struct _pam_krb5_user_info *info,
struct _pam_krb5_options *options);
void _pam_krb5_stash_clone_v5(krb5_context ctx, struct _pam_krb5_stash *stash,
@@ -87,6 +84,13 @@
void _pam_krb5_stash_shm_write(pam_handle_t *pamh,
struct _pam_krb5_stash *stash,
struct _pam_krb5_options *options,
+ const char *user,
struct _pam_krb5_user_info *userinfo);
+void _pam_krb5_stash_name(struct _pam_krb5_options *options,
+ const char *user, char **name);
+void _pam_krb5_stash_shm5_name(struct _pam_krb5_options *options,
+ const char *user, char **name);
+void _pam_krb5_stash_shm4_name(struct _pam_krb5_options *options,
+ const char *user, char **name);
#endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_krb5-2.3.5-1/src/v5.c new/pam_krb5-2.3.7-1/src/v5.c
--- old/pam_krb5-2.3.5-1/src/v5.c 2009-06-15 15:28:45.000000000 +0200
+++ new/pam_krb5-2.3.7-1/src/v5.c 2009-06-16 15:48:24.000000000 +0200
@@ -757,7 +757,6 @@
{
int i;
char *principal;
- krb5_data *comp;
krb5_principal princ;
krb5_keytab keytab;
krb5_kt_cursor cursor;
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package pam_mount for openSUSE:Factory
checked in at Mon Jul 27 23:53:26 CEST 2009.
--------
--- pam_mount/pam_mount.changes 2009-06-24 19:32:52.000000000 +0200
+++ pam_mount/pam_mount.changes 2009-07-27 12:08:06.000000000 +0200
@@ -1,0 +2,12 @@
+Mon Jul 27 12:01:46 CEST 2009 - mc(a)novell.com
+
+- update to version 1.27
+ * mounting: stdout from mount programs is now discarded
+ * config: do parse <cryptumount> elements from .xml
+ * mount: pass fstype to NFS mount program
+ * config: map "nfs4" fstype to NFSMOUNT
+ * pam_mount: PAM function return code audit
+ * config: warn about ignored "server" attribute in <volume>
+ * config: print error message on config file syntax error
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
pam_mount-1.25.tar.bz2
New:
----
pam_mount-1.27.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pam_mount.spec ++++++
--- /var/tmp/diff_new_pack.v1O4HB/_old 2009-07-27 23:51:32.000000000 +0200
+++ /var/tmp/diff_new_pack.v1O4HB/_new 2009-07-27 23:51:32.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package pam_mount (Version 1.25)
+# spec file for package pam_mount (Version 1.27)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -22,11 +22,11 @@
BuildRequires: perl-XML-Parser perl-XML-Writer
BuildRequires: libtool pam-devel >= 0.99 pkg-config >= 0.19
BuildRequires: libxml2-devel >= 2.6 openssl-devel >= 0.9.8
-BuildRequires: libHX-devel >= 2.5
+BuildRequires: libHX-devel >= 2.8
BuildRequires: linux-kernel-headers >= 2.6
Summary: A PAM Module that can Mount Volumes for a User Session
-Version: 1.25
-Release: 2
+Version: 1.27
+Release: 1
# psmisc: /bin/fuser
Recommends: cryptsetup
Recommends: cifs-mount xfsprogs
++++++ pam_mount-1.25.tar.bz2 -> pam_mount-1.27.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/Makefile.in new/pam_mount-1.27/Makefile.in
--- old/pam_mount-1.25/Makefile.in 2009-05-09 08:15:37.000000000 +0200
+++ new/pam_mount-1.27/Makefile.in 2009-07-01 03:09:21.000000000 +0200
@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.10c from Makefile.am.
+# Makefile.in generated by automake 1.11 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@@ -55,7 +55,7 @@
CONFIG_CLEAN_VPATH_FILES =
AM_V_GEN = $(am__v_GEN_$(V))
am__v_GEN_ = $(am__v_GEN_$(AM_DEFAULT_VERBOSITY))
-am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_0 = @echo " GEN " $@;
AM_V_at = $(am__v_at_$(V))
am__v_at_ = $(am__v_at_$(AM_DEFAULT_VERBOSITY))
am__v_at_0 = @
@@ -299,7 +299,7 @@
@rm -f stamp-h1
cd $(top_builddir) && $(SHELL) ./config.status config.h
$(srcdir)/config.h.in: $(am__configure_deps)
- $(am__cd) $(top_srcdir) && $(AUTOHEADER)
+ ($(am__cd) $(top_srcdir) && $(AUTOHEADER))
rm -f stamp-h1
touch $@
@@ -498,13 +498,14 @@
$(am__relativize); \
new_top_distdir=$$reldir; \
echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
- echo " am__remove_distdir=: am__skip_length_check=: distdir)"; \
+ echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
($(am__cd) $$subdir && \
$(MAKE) $(AM_MAKEFLAGS) \
top_distdir="$$new_top_distdir" \
distdir="$$new_distdir" \
am__remove_distdir=: \
am__skip_length_check=: \
+ am__skip_mode_fix=: \
distdir) \
|| exit 1; \
fi; \
@@ -512,7 +513,8 @@
$(MAKE) $(AM_MAKEFLAGS) \
top_distdir="$(top_distdir)" distdir="$(distdir)" \
dist-hook
- -find "$(distdir)" -type d ! -perm -777 -exec chmod a+rwx {} \; -o \
+ -test -n "$(am__skip_mode_fix)" \
+ || find "$(distdir)" -type d ! -perm -777 -exec chmod a+rwx {} \; -o \
! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \
! -type d ! -perm -400 -exec chmod a+r {} \; -o \
! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
@@ -576,6 +578,7 @@
test -d $(distdir)/_build || exit 0; \
dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \
&& dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \
+ && am__cwd=`pwd` \
&& $(am__cd) $(distdir)/_build \
&& ../configure --srcdir=.. --prefix="$$dc_install_base" \
$(DISTCHECK_CONFIGURE_FLAGS) \
@@ -598,7 +601,9 @@
&& rm -rf "$$dc_destdir" \
&& $(MAKE) $(AM_MAKEFLAGS) dist \
&& rm -rf $(DIST_ARCHIVES) \
- && $(MAKE) $(AM_MAKEFLAGS) distcleancheck
+ && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \
+ && cd "$$am__cwd" \
+ || exit 1
$(am__remove_distdir)
@(echo "$(distdir) archives ready for distribution: "; \
list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/aclocal.m4 new/pam_mount-1.27/aclocal.m4
--- old/pam_mount-1.25/aclocal.m4 2009-05-09 08:15:26.000000000 +0200
+++ new/pam_mount-1.27/aclocal.m4 2009-07-01 03:09:12.000000000 +0200
@@ -1,4 +1,4 @@
-# generated automatically by aclocal 1.10c -*- Autoconf -*-
+# generated automatically by aclocal 1.11 -*- Autoconf -*-
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
# 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc.
@@ -187,10 +187,10 @@
# generated from the m4 files accompanying Automake X.Y.
# (This private macro should not be called outside this file.)
AC_DEFUN([AM_AUTOMAKE_VERSION],
-[am__api_version='1.10c'
+[am__api_version='1.11'
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
dnl require some minimum version. Point them to the right macro.
-m4_if([$1], [1.10c], [],
+m4_if([$1], [1.11], [],
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
])
@@ -206,7 +206,7 @@
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
# This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
-[AM_AUTOMAKE_VERSION([1.10c])dnl
+[AM_AUTOMAKE_VERSION([1.11])dnl
m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/compile new/pam_mount-1.27/compile
--- old/pam_mount-1.25/compile 2009-05-09 08:15:36.000000000 +0200
+++ new/pam_mount-1.27/compile 2009-07-01 03:09:20.000000000 +0200
@@ -9,7 +9,7 @@
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3, or (at your option)
+# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/config/Makefile.in new/pam_mount-1.27/config/Makefile.in
--- old/pam_mount-1.25/config/Makefile.in 2009-05-09 08:15:36.000000000 +0200
+++ new/pam_mount-1.27/config/Makefile.in 2009-07-01 03:09:20.000000000 +0200
@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.10c from Makefile.am.
+# Makefile.in generated by automake 1.11 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@@ -54,7 +54,7 @@
CONFIG_CLEAN_VPATH_FILES =
AM_V_GEN = $(am__v_GEN_$(V))
am__v_GEN_ = $(am__v_GEN_$(AM_DEFAULT_VERBOSITY))
-am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_0 = @echo " GEN " $@;
AM_V_at = $(am__v_at_$(V))
am__v_at_ = $(am__v_at_$(AM_DEFAULT_VERBOSITY))
am__v_at_0 = @
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/config.guess new/pam_mount-1.27/config.guess
--- old/pam_mount-1.25/config.guess 2009-05-09 08:15:36.000000000 +0200
+++ new/pam_mount-1.27/config.guess 2009-07-01 03:09:20.000000000 +0200
@@ -4,7 +4,7 @@
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
# Free Software Foundation, Inc.
-timestamp='2009-02-03'
+timestamp='2009-04-27'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@@ -334,6 +334,9 @@
case `/usr/bin/uname -p` in
sparc) echo sparc-icl-nx7; exit ;;
esac ;;
+ s390x:SunOS:*:*)
+ echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit ;;
sun4H:SunOS:5.*:*)
echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit ;;
@@ -1125,8 +1128,11 @@
pc:*:*:*)
# Left here for compatibility:
# uname -m prints for DJGPP always 'pc', but it prints nothing about
- # the processor, so we play safe by assuming i386.
- echo i386-pc-msdosdjgpp
+ # the processor, so we play safe by assuming i586.
+ # Note: whatever this is, it MUST be the same as what config.sub
+ # prints for the "djgpp" host, or else GDB configury will decide that
+ # this is a cross-build.
+ echo i586-pc-msdosdjgpp
exit ;;
Intel:Mach:3*:*)
echo i386-pc-mach3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/config.sub new/pam_mount-1.27/config.sub
--- old/pam_mount-1.25/config.sub 2009-05-09 08:15:36.000000000 +0200
+++ new/pam_mount-1.27/config.sub 2009-07-01 03:09:20.000000000 +0200
@@ -4,7 +4,7 @@
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
# Free Software Foundation, Inc.
-timestamp='2009-02-03'
+timestamp='2009-04-17'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
@@ -272,6 +272,7 @@
| mipsisa64sr71k | mipsisa64sr71kel \
| mipstx39 | mipstx39el \
| mn10200 | mn10300 \
+ | moxie \
| mt \
| msp430 \
| nios | nios2 \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/configure new/pam_mount-1.27/configure
--- old/pam_mount-1.25/configure 2009-05-09 08:15:29.000000000 +0200
+++ new/pam_mount-1.27/configure 2009-07-01 03:09:15.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.63 for pam_mount 1.25.
+# Generated by GNU Autoconf 2.63 for pam_mount 1.27.
#
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
# 2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
@@ -743,8 +743,8 @@
# Identity of this package.
PACKAGE_NAME='pam_mount'
PACKAGE_TARNAME='pam_mount'
-PACKAGE_VERSION='1.25'
-PACKAGE_STRING='pam_mount 1.25'
+PACKAGE_VERSION='1.27'
+PACKAGE_STRING='pam_mount 1.27'
PACKAGE_BUGREPORT=''
# Factoring default headers for most tests.
@@ -1497,7 +1497,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures pam_mount 1.25 to adapt to many kinds of systems.
+\`configure' configures pam_mount 1.27 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1567,7 +1567,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of pam_mount 1.25:";;
+ short | recursive ) echo "Configuration of pam_mount 1.27:";;
esac
cat <<\_ACEOF
@@ -1683,7 +1683,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-pam_mount configure 1.25
+pam_mount configure 1.27
generated by GNU Autoconf 2.63
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1697,7 +1697,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by pam_mount $as_me 1.25, which was
+It was created by pam_mount $as_me 1.27, which was
generated by GNU Autoconf 2.63. Invocation command line was
$ $0 $@
@@ -2065,7 +2065,7 @@
ac_compiler_gnu=$ac_cv_c_compiler_gnu
-PACKAGE_RELDATE="2009-05-09"
+PACKAGE_RELDATE="2009-07-01"
ac_config_headers="$ac_config_headers config.h"
@@ -2194,7 +2194,7 @@
test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
-am__api_version='1.10c'
+am__api_version='1.11'
{ $as_echo "$as_me:$LINENO: checking whether build environment is sane" >&5
$as_echo_n "checking whether build environment is sane... " >&6; }
@@ -2551,7 +2551,7 @@
# Define the identity of the package.
PACKAGE='pam_mount'
- VERSION='1.25'
+ VERSION='1.27'
cat >>confdefs.h <<_ACEOF
@@ -12095,12 +12095,12 @@
pkg_cv_libHX_CFLAGS="$libHX_CFLAGS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
- { ($as_echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"libHX >= 2.5\"") >&5
- ($PKG_CONFIG --exists --print-errors "libHX >= 2.5") 2>&5
+ { ($as_echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"libHX >= 2.8\"") >&5
+ ($PKG_CONFIG --exists --print-errors "libHX >= 2.8") 2>&5
ac_status=$?
$as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; then
- pkg_cv_libHX_CFLAGS=`$PKG_CONFIG --cflags "libHX >= 2.5" 2>/dev/null`
+ pkg_cv_libHX_CFLAGS=`$PKG_CONFIG --cflags "libHX >= 2.8" 2>/dev/null`
else
pkg_failed=yes
fi
@@ -12111,12 +12111,12 @@
pkg_cv_libHX_LIBS="$libHX_LIBS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
- { ($as_echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"libHX >= 2.5\"") >&5
- ($PKG_CONFIG --exists --print-errors "libHX >= 2.5") 2>&5
+ { ($as_echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"libHX >= 2.8\"") >&5
+ ($PKG_CONFIG --exists --print-errors "libHX >= 2.8") 2>&5
ac_status=$?
$as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; then
- pkg_cv_libHX_LIBS=`$PKG_CONFIG --libs "libHX >= 2.5" 2>/dev/null`
+ pkg_cv_libHX_LIBS=`$PKG_CONFIG --libs "libHX >= 2.8" 2>/dev/null`
else
pkg_failed=yes
fi
@@ -12134,14 +12134,14 @@
_pkg_short_errors_supported=no
fi
if test $_pkg_short_errors_supported = yes; then
- libHX_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "libHX >= 2.5" 2>&1`
+ libHX_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "libHX >= 2.8" 2>&1`
else
- libHX_PKG_ERRORS=`$PKG_CONFIG --print-errors "libHX >= 2.5" 2>&1`
+ libHX_PKG_ERRORS=`$PKG_CONFIG --print-errors "libHX >= 2.8" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
echo "$libHX_PKG_ERRORS" >&5
- { { $as_echo "$as_me:$LINENO: error: Package requirements (libHX >= 2.5) were not met:
+ { { $as_echo "$as_me:$LINENO: error: Package requirements (libHX >= 2.8) were not met:
$libHX_PKG_ERRORS
@@ -12152,7 +12152,7 @@
and libHX_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.
" >&5
-$as_echo "$as_me: error: Package requirements (libHX >= 2.5) were not met:
+$as_echo "$as_me: error: Package requirements (libHX >= 2.8) were not met:
$libHX_PKG_ERRORS
@@ -13170,7 +13170,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by pam_mount $as_me 1.25, which was
+This file was extended by pam_mount $as_me 1.27, which was
generated by GNU Autoconf 2.63. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -13233,7 +13233,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_version="\\
-pam_mount config.status 1.25
+pam_mount config.status 1.27
configured by $0, generated by GNU Autoconf 2.63,
with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/configure.ac new/pam_mount-1.27/configure.ac
--- old/pam_mount-1.25/configure.ac 2009-05-09 08:11:39.000000000 +0200
+++ new/pam_mount-1.27/configure.ac 2009-07-01 03:08:13.000000000 +0200
@@ -7,8 +7,8 @@
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
-AC_INIT([pam_mount], [1.25])
-PACKAGE_RELDATE="2009-05-09"
+AC_INIT([pam_mount], [1.27])
+PACKAGE_RELDATE="2009-07-01"
AC_PREREQ([2.59])
AC_CONFIG_HEADERS([config.h])
AC_CONFIG_MACRO_DIR([m4])
@@ -55,7 +55,7 @@
[#include <linux/loop.h>])
AC_CHECK_FUNCS([getmntent getmntinfo])
-PKG_CHECK_MODULES([libHX], [libHX >= 2.5])
+PKG_CHECK_MODULES([libHX], [libHX >= 2.8])
PKG_CHECK_MODULES([libxml], [libxml-2.0 >= 2.6])
PKG_CHECK_MODULES([libcrypto], [libcrypto >= 0.9.8],
[AC_DEFINE_UNQUOTED([HAVE_LIBCRYPTO], [1],
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/depcomp new/pam_mount-1.27/depcomp
--- old/pam_mount-1.25/depcomp 2009-05-09 08:15:37.000000000 +0200
+++ new/pam_mount-1.27/depcomp 2009-07-01 03:09:20.000000000 +0200
@@ -8,7 +8,7 @@
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3, or (at your option)
+# the Free Software Foundation; either version 2, or (at your option)
# any later version.
# This program is distributed in the hope that it will be useful,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/dist/pam_mount.spec new/pam_mount-1.27/dist/pam_mount.spec
--- old/pam_mount-1.25/dist/pam_mount.spec 2009-05-09 08:11:39.000000000 +0200
+++ new/pam_mount-1.27/dist/pam_mount.spec 2009-07-01 03:08:13.000000000 +0200
@@ -1,6 +1,6 @@
Name: pam_mount
-Version: 1.25
+Version: 1.27
Release: 0
Group: System/Libraries
Summary: A PAM module that can mount volumes for a user session
@@ -10,7 +10,7 @@
Source: http://downloads.sf.net/pam-mount/%name-%version.tar.bz2
BuildRequires: libtool, pam-devel >= 0.99, pkg-config >= 0.19
BuildRequires: openssl-devel >= 0.9.8, libxml2-devel >= 2.6
-BuildRequires: libHX-devel >= 2.5
+BuildRequires: libHX-devel >= 2.8
%if "%_vendor" == "suse"
BuildRequires: linux-kernel-headers >= 2.6
Recommends: cifs-mount xfsprogs
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/doc/Makefile.in new/pam_mount-1.27/doc/Makefile.in
--- old/pam_mount-1.25/doc/Makefile.in 2009-05-09 08:15:36.000000000 +0200
+++ new/pam_mount-1.27/doc/Makefile.in 2009-07-01 03:09:20.000000000 +0200
@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.10c from Makefile.am.
+# Makefile.in generated by automake 1.11 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@@ -52,7 +52,7 @@
CONFIG_CLEAN_VPATH_FILES =
AM_V_GEN = $(am__v_GEN_$(V))
am__v_GEN_ = $(am__v_GEN_$(AM_DEFAULT_VERBOSITY))
-am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_0 = @echo " GEN " $@;
AM_V_at = $(am__v_at_$(V))
am__v_at_ = $(am__v_at_$(AM_DEFAULT_VERBOSITY))
am__v_at_0 = @
@@ -296,9 +296,9 @@
sed -n '/\.1[a-z]*$$/p'; \
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
- test -n "$$files" || exit 0; \
- echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \
- cd "$(DESTDIR)$(man1dir)" && rm -f $$files
+ test -z "$$files" || { \
+ echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \
+ cd "$(DESTDIR)$(man1dir)" && rm -f $$files; }
install-man5: $(dist_man_MANS) $(man_MANS)
@$(NORMAL_INSTALL)
test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)"
@@ -334,9 +334,9 @@
sed -n '/\.5[a-z]*$$/p'; \
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
- test -n "$$files" || exit 0; \
- echo " ( cd '$(DESTDIR)$(man5dir)' && rm -f" $$files ")"; \
- cd "$(DESTDIR)$(man5dir)" && rm -f $$files
+ test -z "$$files" || { \
+ echo " ( cd '$(DESTDIR)$(man5dir)' && rm -f" $$files ")"; \
+ cd "$(DESTDIR)$(man5dir)" && rm -f $$files; }
install-man8: $(dist_man_MANS) $(man_MANS)
@$(NORMAL_INSTALL)
test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
@@ -372,9 +372,9 @@
sed -n '/\.8[a-z]*$$/p'; \
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
- test -n "$$files" || exit 0; \
- echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \
- cd "$(DESTDIR)$(man8dir)" && rm -f $$files
+ test -z "$$files" || { \
+ echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \
+ cd "$(DESTDIR)$(man8dir)" && rm -f $$files; }
tags: TAGS
TAGS:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/doc/changelog.txt new/pam_mount-1.27/doc/changelog.txt
--- old/pam_mount-1.25/doc/changelog.txt 2009-05-09 08:11:39.000000000 +0200
+++ new/pam_mount-1.27/doc/changelog.txt 2009-07-01 03:08:13.000000000 +0200
@@ -2,10 +2,29 @@
For details, see the history as recorded in the git repository.
+v1.27 (July 01 2009)
+====================
+Changes:
+- mounting: stdout from mount programs is now discarded
+
+
+v1.26 (June 19 2009)
+====================
+Fixes:
+- config: do parse <cryptumount> elements from .xml
+Enhancements:
+- mount: pass fstype to NFS mount program
+- config: map "nfs4" fstype to NFSMOUNT
+- pam_mount: PAM function return code audit
+- config: warn about ignored "server" attribute in <volume>
+- config: print error message on config file syntax error
+
+
v1.25 (May 09 2009)
===================
Fixes:
- fix splitting of "NTDOMAIN\username" strings
+Enhancements:
- config: broaden variable expansion to resolve a case where it
did not do expected expansion with AUFS
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/doc/pam_mount.conf.5.in new/pam_mount-1.27/doc/pam_mount.conf.5.in
--- old/pam_mount-1.25/doc/pam_mount.conf.5.in 2009-05-09 08:11:39.000000000 +0200
+++ new/pam_mount-1.27/doc/pam_mount.conf.5.in 2009-07-01 03:08:13.000000000 +0200
@@ -67,11 +67,11 @@
may fail if the filesystem kernel module is not loaded yet, since \fBmount\fP(8)
will check /proc/partitions.
.IP ""
-The fstypes \fBcifs\fP, \fBencfs13\fP, \fBsmbfs\fP, \fBncpfs\fP, and \fBfuse\fP
-are overriden by pam_mount and we call the respective helpers
-directly without going thorugh \fBmount\fP(8), to have access to more options
-of the helper programs. See this manpage's section "Examples" below for more
-details.
+The fstypes \fBcifs\fP, \fBencfs13\fP, \fBsmbfs\fP, \fBncpfs\fP, \fBfuse\fP,
+\fBnfs\fP and \fBnfs\fP are overriden by pam_mount and we run the respective
+helper programs directly instead of invoking \fBmount\fP(8) with the basic
+default set of arguments which are often insufficient for networked
+filesystems. See this manpage's section "Examples" below for more details.
.TP
\fBnoroot="1"\fP
Call the mount program without root privileges. It defaults to yes for the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/doc/pam_mount.txt new/pam_mount-1.27/doc/pam_mount.txt
--- old/pam_mount-1.25/doc/pam_mount.txt 2009-05-09 08:11:39.000000000 +0200
+++ new/pam_mount-1.27/doc/pam_mount.txt 2009-07-01 03:08:13.000000000 +0200
@@ -1,4 +1,4 @@
-pam_mount(8) pam_mount 1.25 pam_mount(8)
+pam_mount(8) pam_mount 1.27 pam_mount(8)
@@ -187,4 +187,4 @@
-pam_mount 1.25 2009-05-09 pam_mount(8)
+pam_mount 1.27 2009-07-01 pam_mount(8)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/missing new/pam_mount-1.27/missing
--- old/pam_mount-1.25/missing 2009-05-09 08:15:36.000000000 +0200
+++ new/pam_mount-1.27/missing 2009-07-01 03:09:20.000000000 +0200
@@ -9,7 +9,7 @@
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3, or (at your option)
+# the Free Software Foundation; either version 2, or (at your option)
# any later version.
# This program is distributed in the hope that it will be useful,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/src/Makefile.in new/pam_mount-1.27/src/Makefile.in
--- old/pam_mount-1.25/src/Makefile.in 2009-05-09 08:15:37.000000000 +0200
+++ new/pam_mount-1.27/src/Makefile.in 2009-07-01 03:09:21.000000000 +0200
@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.10c from Makefile.am.
+# Makefile.in generated by automake 1.11 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@@ -142,7 +142,7 @@
$(AM_CFLAGS) $(CFLAGS)
AM_V_CC = $(am__v_CC_$(V))
am__v_CC_ = $(am__v_CC_$(AM_DEFAULT_VERBOSITY))
-am__v_CC_0 = @echo " CC " $@;
+am__v_CC_0 = @echo " CC " $@;
AM_V_at = $(am__v_at_$(V))
am__v_at_ = $(am__v_at_$(AM_DEFAULT_VERBOSITY))
am__v_at_0 = @
@@ -152,10 +152,10 @@
$(AM_LDFLAGS) $(LDFLAGS) -o $@
AM_V_CCLD = $(am__v_CCLD_$(V))
am__v_CCLD_ = $(am__v_CCLD_$(AM_DEFAULT_VERBOSITY))
-am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_0 = @echo " CCLD " $@;
AM_V_GEN = $(am__v_GEN_$(V))
am__v_GEN_ = $(am__v_GEN_$(AM_DEFAULT_VERBOSITY))
-am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_0 = @echo " GEN " $@;
SOURCES = $(pam_mount_la_SOURCES) $(autoloop_SOURCES) $(ismnt_SOURCES) \
$(mount_crypt_SOURCES) $(mount_encfs13_SOURCES) \
$(pmt_ehd_SOURCES) $(pmt_fd0ssh_SOURCES) $(pmt_ofl_SOURCES) \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/src/mount-bsd.c new/pam_mount-1.27/src/mount-bsd.c
--- old/pam_mount-1.25/src/mount-bsd.c 2009-05-09 08:11:39.000000000 +0200
+++ new/pam_mount-1.27/src/mount-bsd.c 2009-07-01 03:08:13.000000000 +0200
@@ -51,10 +51,7 @@
const struct local_statfs *mnt = &mntbuf[i];
int (*xcmp)(const char *, const char *);
- xcmp = (mnt->f_fstypename != NULL &&
- (strcmp(mnt->f_fstypename, "smbfs") == 0 ||
- strcmp(mnt->f_fstypename, "cifs") == 0 ||
- strcmp(mnt->f_fstypename, "ncpfs") == 0)) ?
+ xcmp = fstype_icase(mnt->f_fstypename) ?
strcasecmp : strcmp;
/*
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/src/mount-sysv.c new/pam_mount-1.27/src/mount-sysv.c
--- old/pam_mount-1.25/src/mount-sysv.c 2009-05-09 08:11:39.000000000 +0200
+++ new/pam_mount-1.27/src/mount-sysv.c 2009-07-01 03:08:13.000000000 +0200
@@ -26,8 +26,7 @@
return -1;
}
- xcmp = (vpt->type == CMD_SMBMOUNT || vpt->type == CMD_CIFSMOUNT ||
- vpt->type == CMD_NCPMOUNT) ? strcasecmp : strcmp;
+ xcmp = fstype2_icase(vpt->type) ? strcasecmp : strcmp;
cret = pmt_cmtab_mounted(dev, vpt->mountpoint);
sret = pmt_smtab_mounted(dev, vpt->mountpoint, xcmp);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/src/mount.c new/pam_mount-1.27/src/mount.c
--- old/pam_mount-1.25/src/mount.c 2009-05-09 08:11:39.000000000 +0200
+++ new/pam_mount-1.27/src/mount.c 2009-07-01 03:08:13.000000000 +0200
@@ -59,14 +59,17 @@
}
setvbuf(fp, NULL, _IOLBF, 0);
- if (fgets(buf, sizeof(buf), fp) != NULL) {
- if (cmsg != NULL)
- w4rn("%s", cmsg);
-
- do {
- l0g("%s", buf);
- } while (fgets(buf, sizeof(buf), fp) != NULL);
- }
+ do {
+ if (fgets(buf, sizeof(buf), fp) == NULL)
+ break;
+ HX_chomp(buf);
+ if (*buf != '\0' && cmsg != NULL) {
+ l0g("%s", cmsg);
+ cmsg = NULL;
+ }
+
+ l0g("%s\n", buf);
+ } while (true);
fclose(fp);
}
@@ -112,6 +115,19 @@
}
#endif
+static bool fstype_networked(enum command_type fstype)
+{
+ switch (fstype) {
+ case CMD_NFSMOUNT:
+ case CMD_CIFSMOUNT:
+ case CMD_SMBMOUNT:
+ case CMD_NCPMOUNT:
+ return true;
+ default:
+ return false;
+ }
+}
+
/**
* vol_to_dev -
* @vol: volume to analyze
@@ -144,6 +160,14 @@
break;
default:
+ if (!fstype_networked(vol->type) && vol->server != NULL)
+ /*
+ * Possible causes: we do not know about the fs yet.
+ * (Was once the case with NFS4, for example.)
+ */
+ l0g("The \"server\" attribute is ignored for this "
+ "filesystem (%s).\n", vol->fstype);
+
ret = HXmc_strinit(vol->volume);
break;
}
@@ -320,7 +344,7 @@
argv = arglist_build(config->command[type], vinfo);
memset(&proc, 0, sizeof(proc));
- proc.p_flags = HXPROC_VERBOSE | HXPROC_STDERR;
+ proc.p_flags = HXPROC_VERBOSE | HXPROC_NULL_STDOUT | HXPROC_STDERR;
proc.p_ops = &pmt_dropprivs_ops;
if ((ret = pmt_spawn_dq(argv, &proc)) <= 0) {
ret = 0;
@@ -510,20 +534,20 @@
arglist_log(argv);
mount_user = vpt->noroot ? vpt->user : NULL;
memset(&proc, 0, sizeof(proc));
- proc.p_flags = HXPROC_VERBOSE | HXPROC_STDIN | HXPROC_STDERR;
+ proc.p_flags = HXPROC_VERBOSE | HXPROC_STDIN |
+ HXPROC_NULL_STDOUT | HXPROC_STDERR;
proc.p_ops = &pmt_dropprivs_ops;
proc.p_data = const_cast1(char *, mount_user);
if ((ret = pmt_spawn_dq(argv, &proc)) <= 0)
return 0;
- if (vpt->type != CMD_NFSMOUNT)
- if (write(proc.p_stdin, password, strlen(password)) !=
- strlen(password))
- /* FIXME: clean: returns value of exit below */
- l0g("error sending password to mount\n");
+ if (write(proc.p_stdin, password, strlen(password)) !=
+ strlen(password))
+ /* FIXME: clean: returns value of exit below */
+ l0g("error sending password to mount\n");
close(proc.p_stdin);
- log_output(proc.p_stderr, "mount messages:\n");
+ log_output(proc.p_stderr, "Errors from underlying mount program:\n");
if ((ret = HXproc_wait(&proc)) < 0) {
l0g("error waiting for child: %s\n", strerror(-ret));
return 0;
@@ -674,3 +698,31 @@
vol->volume);
}
}
+
+/**
+ * fstype_icase - return whether the volume name is case-insensitive
+ * @fstype: filesystem type (cifs, etc.)
+ *
+ * For some filesystems, notably those which do not distinguish between case
+ * sensitivity, the volume ("share") name is usually also case-insensitive.
+ */
+bool fstype_icase(const char *fstype)
+{
+ if (fstype == NULL)
+ return false;
+ return strcasecmp(fstype, "cifs") == 0 ||
+ strcasecmp(fstype, "smbfs") == 0 ||
+ strcasecmp(fstype, "ncpfs") == 0;
+}
+
+bool fstype2_icase(enum command_type fstype)
+{
+ switch (fstype) {
+ case CMD_CIFSMOUNT:
+ case CMD_SMBMOUNT:
+ case CMD_NCPMOUNT:
+ return true;
+ default:
+ return false;
+ }
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/src/pam_mount.c new/pam_mount-1.27/src/pam_mount.c
--- old/pam_mount-1.25/src/pam_mount.c 2009-05-09 08:11:39.000000000 +0200
+++ new/pam_mount-1.27/src/pam_mount.c 2009-07-01 03:08:13.000000000 +0200
@@ -261,6 +261,8 @@
/*
* do NOT return %PAM_SERVICE_ERR or root will not be able to
* su to other users.
+ * Also, if we could not get the user's info, an earlier auth
+ * module (like pam_unix2) likely blocked login already.
*/
return PAM_SUCCESS;
}
@@ -346,6 +348,10 @@
}
}
common_exit();
+ /*
+ * pam_mount is not really meant to be an auth module. So we should not
+ * hinder the login process.
+ */
return PAM_SUCCESS;
}
@@ -543,6 +549,19 @@
unsetenv("KRB5CCNAME");
modify_pm_count(&Config, Config.user, "1");
envpath_restore();
+ if (getuid() == 0)
+ /* Make sure root can always log in. */
+ /* NB: I don't even wanna think of SELINUX's ambiguous UIDs... */
+ ret = PAM_SUCCESS;
+
+ /*
+ * If mounting something failed, e.g. ret = %PAM_SERVICE_ERR, we have
+ * to unravel everything and umount all volumes. But *only* if
+ * pam_mount was configured as a "required" module. How can this info
+ * be obtained?
+ * For now, always assume "optional", so that the volumes are
+ * definitely unmounted when the user logs out again.
+ */
ret = PAM_SUCCESS;
out:
w4rn("done opening session (ret=%d)\n", ret);
@@ -601,10 +620,6 @@
ret = pam_get_user(pamh, &pam_user, NULL);
if (ret != PAM_SUCCESS) {
l0g("could not get user\n");
- /*
- * do NOT return %PAM_SERVICE_ERR or root will not be able to
- * su to other users.
- */
goto out;
}
/*
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/src/pam_mount.h new/pam_mount-1.27/src/pam_mount.h
--- old/pam_mount-1.25/src/pam_mount.h 2009-05-09 08:11:39.000000000 +0200
+++ new/pam_mount-1.27/src/pam_mount.h 2009-07-01 03:08:13.000000000 +0200
@@ -292,6 +292,8 @@
extern int pmt_already_mounted(const struct config *,
const struct vol *, struct HXbtree *);
extern hxmc_t *pmt_vol_to_dev(const struct vol *);
+extern bool fstype_icase(const char *);
+extern bool fstype2_icase(enum command_type);
/*
* OFL-LIB.C
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_mount-1.25/src/rdconf1.c new/pam_mount-1.27/src/rdconf1.c
--- old/pam_mount-1.25/src/rdconf1.c 2009-05-09 08:11:39.000000000 +0200
+++ new/pam_mount-1.27/src/rdconf1.c 2009-07-01 03:08:13.000000000 +0200
@@ -64,7 +64,7 @@
struct pmt_command {
enum command_type type;
- const char *fs, *command_name, *def[9];
+ const char *fs, *def[9];
/*
* You will need to enlarge @def whenever the compiler
* (rightfully) complains.
@@ -349,6 +349,13 @@
for (i = 0; default_command[i].type != -1; ++i) {
struct HXdeque *cmd = config->command[default_command[i].type];
+ if (cmd->items > 0)
+ /*
+ * Already initialized by an earlier entry
+ * with same type.
+ */
+ continue;
+
for (j = 0; default_command[i].def[j] != NULL; ++j)
HXdeque_push(cmd, xstrdup(default_command[i].def[j]));
}
@@ -368,8 +375,10 @@
xmlDoc *doc;
xmlNode *ptr;
- if ((doc = xmlParseFile(file)) == NULL)
+ if ((doc = xmlParseFile(file)) == NULL) {
+ l0g("libxml detected a syntax error in %s\n", file);
return false;
+ }
ptr = xmlDocGetRootElement(doc);
if (ptr == NULL || xml_strcmp(ptr->name, "pam_mount") != 0) {
xmlFreeDoc(doc);
@@ -1328,27 +1337,29 @@
//-----------------------------------------------------------------------------
static const struct pmt_command default_command[] = {
- {CMD_SMBMOUNT, "smbfs", "smbmount", {"smbmount", "//%(SERVER)/%(VOLUME)", "%(MNTPT)", "-o", "username=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)", NULL}},
- {CMD_SMBUMOUNT, "smbfs", "smbumount", {"smbumount", "%(MNTPT)", NULL}},
- {CMD_CIFSMOUNT, "cifs", "cifsmount", {"mount", "-t", "cifs", "//%(SERVER)/%(VOLUME)", "%(MNTPT)", "-o", "user=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)", NULL}},
- {CMD_NCPMOUNT, "ncpfs", "ncpmount", {"ncpmount", "%(SERVER)/%(USER)", "%(MNTPT)", "-o", "pass-fd=0,volume=%(VOLUME)%(before=\",\" OPTIONS)", NULL}},
- {CMD_NCPUMOUNT, "ncpfs", "ncpumount", {"ncpumount", "%(MNTPT)", NULL}},
- {CMD_FUSEMOUNT, "fuse", "fusemount", {"mount.fuse", "%(VOLUME)", "%(MNTPT)", "%(ifnempty=\"-o\" OPTIONS)", "%(OPTIONS)", NULL}},
- {CMD_FUSEUMOUNT, "fuse", "fuseumount", {"fusermount", "-u", "%(MNTPT)", NULL}},
+ {CMD_SMBMOUNT, "smbfs", {"smbmount", "//%(SERVER)/%(VOLUME)", "%(MNTPT)", "-o", "username=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)", NULL}},
+ {CMD_SMBUMOUNT, "smbfs", {"smbumount", "%(MNTPT)", NULL}},
+ {CMD_CIFSMOUNT, "cifs", {"mount", "-t", "cifs", "//%(SERVER)/%(VOLUME)", "%(MNTPT)", "-o", "user=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)", NULL}},
+ {CMD_NCPMOUNT, "ncpfs", {"ncpmount", "%(SERVER)/%(USER)", "%(MNTPT)", "-o", "pass-fd=0,volume=%(VOLUME)%(before=\",\" OPTIONS)", NULL}},
+ {CMD_NCPUMOUNT, "ncpfs", {"ncpumount", "%(MNTPT)", NULL}},
+ {CMD_FUSEMOUNT, "fuse", {"mount.fuse", "%(VOLUME)", "%(MNTPT)", "%(ifnempty=\"-o\" OPTIONS)", "%(OPTIONS)", NULL}},
+ {CMD_FUSEUMOUNT, "fuse", {"fusermount", "-u", "%(MNTPT)", NULL}},
/* Do not use LCLMOUNT to avoid calling fsck */
- {CMD_NFSMOUNT, "nfs", "nfsmount", {"mount", "%(ifnempty=\"-o\" OPTIONS)", "%(OPTIONS)", "%(SERVER):%(VOLUME)", "%(MNTPT)", NULL}},
- {CMD_LCLMOUNT, NULL, "lclmount", {"mount", "-p0", "%(ifnempty=\"-o\" OPTIONS)", "%(OPTIONS)", "-t", "%(FSTYPE)", "%(VOLUME)", "%(MNTPT)", NULL}},
- {CMD_CRYPTMOUNT, "crypt", "cryptmount", {"mount.crypt", "%(ifnempty=\"-ocipher=\" CIPHER)%(CIPHER)", "%(ifnempty=\"-ofsk_cipher=\" FSKEYCIPHER)%(FSKEYCIPHER)", "%(ifnempty=\"-ofsk_hash=\" FSKEYHASH)%(FSKEYHASH)", "%(ifnempty=\"-okeyfile=\" FSKEYPATH)%(FSKEYPATH)", "%(ifnempty=\"-o\" OPTIONS)%(OPTIONS)", "%(VOLUME)", "%(MNTPT)", NULL}},
- {CMD_CRYPTUMOUNT, "crypt", "cryptumount", {"umount.crypt", "%(MNTPT)", NULL}},
- {CMD_UMOUNT, NULL, "umount", {"umount", "%(MNTPT)", NULL}},
- {CMD_FSCK, NULL, "fsck", {"fsck", "-p", "%(FSCKTARGET)", NULL}},
- {CMD_PMVARRUN, NULL, "pmvarrun", {"pmvarrun", "-u", "%(USER)", "-o", "%(OPERATION)", NULL}},
+ {CMD_NFSMOUNT, "nfs", {"mount", "%(ifnempty=\"-o\" OPTIONS)", "%(OPTIONS)", "-t", "%(FSTYPE)", "%(SERVER):%(VOLUME)", "%(MNTPT)", NULL}},
+ {CMD_NFSMOUNT, "nfs4"},
+ {CMD_LCLMOUNT, NULL, {"mount", "-p0", "%(ifnempty=\"-o\" OPTIONS)", "%(OPTIONS)", "-t", "%(FSTYPE)", "%(VOLUME)", "%(MNTPT)", NULL}},
+ {CMD_CRYPTMOUNT, "crypt", {"mount.crypt", "%(ifnempty=\"-ocipher=\" CIPHER)%(CIPHER)", "%(ifnempty=\"-ofsk_cipher=\" FSKEYCIPHER)%(FSKEYCIPHER)", "%(ifnempty=\"-ofsk_hash=\" FSKEYHASH)%(FSKEYHASH)", "%(ifnempty=\"-okeyfile=\" FSKEYPATH)%(FSKEYPATH)", "%(ifnempty=\"-o\" OPTIONS)%(OPTIONS)", "%(VOLUME)", "%(MNTPT)", NULL}},
+ {CMD_CRYPTUMOUNT, "crypt", {"umount.crypt", "%(MNTPT)", NULL}},
+ {CMD_UMOUNT, NULL, {"umount", "%(MNTPT)", NULL}},
+ {CMD_FSCK, NULL, {"fsck", "-p", "%(FSCKTARGET)", NULL}},
+ {CMD_PMVARRUN, NULL, {"pmvarrun", "-u", "%(USER)", "-o", "%(OPERATION)", NULL}},
{-1},
};
static const struct callbackmap cf_tags[] = {
{"cifsmount", rc_command, CMD_CIFSMOUNT},
{"cryptmount", rc_command, CMD_CRYPTMOUNT},
+ {"cryptumount", rc_command, CMD_CRYPTUMOUNT},
{"debug", rc_debug, CMD_NONE},
{"fd0ssh", rc_command, CMD_FD0SSH},
{"fsck", rc_command, CMD_FSCK},
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package perl-Algorithm-Diff for openSUSE:Factory
checked in at Mon Jul 27 23:51:16 CEST 2009.
--------
--- perl-Algorithm-Diff/perl-Algorithm-Diff.changes 2006-08-08 11:06:01.000000000 +0200
+++ perl-Algorithm-Diff/perl-Algorithm-Diff.changes 2009-07-27 14:21:30.000000000 +0200
@@ -1,0 +2,39 @@
+Sat Jul 25 19:28:48 CEST 2009 - chris(a)computersalat.de
+
+- spec mods
+ * removed ^----------
+ * removed ^#---------
+
+-------------------------------------------------------------------
+Fri Jul 24 13:55:20 CEST 2009 - coolo(a)novell.com
+
+- merge factory changes
+
+-------------------------------------------------------------------
+Fri Jun 19 01:09:36 CEST 2009 - chris(a)computersalat.de
+
+- spec fix for perl-macros
+
+-------------------------------------------------------------------
+Fri Jun 19 00:02:45 CEST 2009 - chris(a)computersalat.de
+
+- spec fix for perl-macros
+
+-------------------------------------------------------------------
+Tue Jun 16 12:48:56 CEST 2009 - chris(a)computersalat.de
+
+- comment on Provides
+- changed name for filelist
+
+-------------------------------------------------------------------
+Tue Jun 16 00:59:42 CEST 2009 - chris(a)computersalat.de
+
+- added perl-macros
+ o autogen filelist with perl_gen_filelist
+
+-------------------------------------------------------------------
+Sun Jun 14 16:45:07 CEST 2009 - chris(a)computersalat.de
+
+- fixed deps
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-Algorithm-Diff.spec ++++++
--- /var/tmp/diff_new_pack.zj7M25/_old 2009-07-27 23:40:30.000000000 +0200
+++ /var/tmp/diff_new_pack.zj7M25/_new 2009-07-27 23:40:30.000000000 +0200
@@ -19,46 +19,54 @@
Name: perl-Algorithm-Diff
-Url: http://search.cpan.org/
-License: Artistic License; GPL v2 or later
-Group: Development/Libraries/Perl
-Requires: perl = %{perl_version}
-AutoReqProv: on
+%define cpan_name %( echo %{name} | %{__sed} -e 's,perl-,,' )
Summary: Compute 'Intelligent' Differences Between Two Files or Lists
Version: 1.1902
-Release: 125
-Source: http://www.cpan.org/modules/by-category/06_Data_Type_Utilities/Algorithm/Al…
+Release: 126
+License: Artistic License ..
+Group: Development/Libraries/Perl
+Url: http://www.cpan.org
+Source0: %{cpan_name}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+BuildRequires: perl
+BuildRequires: perl-macros
+# other not perl || perl-base
+BuildRequires: patch
+Requires: perl = %{perl_version}
+# other not perl || perl-base
+Requires: patch
%description
-This Perl module helps to create differences between two files or
-lists. It is used by 'perl-diffmk'
-
+ %{cpan_name} module for perl
+ This is a module for computing the difference between two files, two
+ strings, or any other two lists of things. It uses an intelligent
+ algorithm similar to (or identical to) the one used by the Unix "diff"
+ program. It is guaranteed to find the *smallest possible* set of
+ differences.
+ Author: Tye McQueen (http://perlmonks.org/?node=tye)
%prep
-%setup -n Algorithm-Diff-%{version}
-%define perl_site %(TMP=%{perl_sitearch}; echo ${TMP%/*})
+%setup -q -n %{cpan_name}-%{version}
%build
-perl Makefile.PL
-make
-make test
+CFLAGS="$RPM_OPT_FLAGS" perl Makefile.PL
+%{__make}
+
+%check
+%{__make} test
%install
-rm -rf $RPM_BUILD_ROOT
-make DESTDIR=$RPM_BUILD_ROOT install_vendor
+%perl_make_install
%perl_process_packlist
+%perl_gen_filelist
%clean
-rm -rf $RPM_BUILD_ROOT
+%{__rm} -rf $RPM_BUILD_ROOT
-%files
+%files -f %{name}.files
+# normally you only need to check for doc files
%defattr(-,root,root)
-%doc MANIFEST Changes README
-%{perl_vendorarch}/auto/Algorithm
-%{perl_vendorlib}/Algorithm
-%{_mandir}/man3/Algorithm::Diff*.3pm.gz
-/var/adm/perl-modules/perl-Algorithm-Diff
+%doc Changes README
%changelog
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package perl-Class-Accessor for openSUSE:Factory
checked in at Mon Jul 27 23:40:17 CEST 2009.
--------
--- perl-Class-Accessor/perl-Class-Accessor.changes 2009-05-18 17:46:57.000000000 +0200
+++ perl-Class-Accessor/perl-Class-Accessor.changes 2009-07-25 19:29:17.000000000 +0200
@@ -1,0 +2,16 @@
+Sat Jul 25 19:29:15 CEST 2009 - chris(a)computersalat.de
+
+- spec mods
+ * removed ^----------
+ * removed ^#---------
+
+-------------------------------------------------------------------
+Sun Jun 28 16:09:41 CEST 2009 - chris(a)computersalat.de
+
+- added perl-macros
+ o autogen filelist with perl_gen_filelist
+- spec mods
+ o fixed deps
+ no usage of Carp::Assert since 0.15
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-Class-Accessor.spec ++++++
--- /var/tmp/diff_new_pack.sSkC6Y/_old 2009-07-27 23:39:07.000000000 +0200
+++ /var/tmp/diff_new_pack.sSkC6Y/_new 2009-07-27 23:39:07.000000000 +0200
@@ -19,51 +19,46 @@
Name: perl-Class-Accessor
-BuildRequires: perl-Carp-Assert
+%define cpan_name %( echo %{name} | %{__sed} -e 's,perl-,,' )
+Summary: Automated accessor generation
Version: 0.33
-Release: 1
-Requires: perl-Carp-Assert
-Requires: perl = %{perl_version}
-AutoReqProv: on
+Release: 2
+License: Artistic License ..
Group: Development/Libraries/Perl
-License: Artistic License
-Url: http://cpan.org/modules/by-module/Class/
-Summary: Automated accessor generation
-Source: Class-Accessor-%{version}.tar.bz2
+Url: http://search.cpan.org/dists/Class-Accessor
+Source: %{cpan_name}-%{version}.tar.bz2
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+BuildRequires: perl
+BuildRequires: perl-macros
+BuildRequires: perl(Sub::Name)
+Requires: perl = %{perl_version}
+Requires: perl(Carp)
+Requires: perl(Sub::Name)
%description
This module automatically generates accessor/mutators for your class.
-
-
-Authors:
---------
- Michael G Schwern <schwern(a)pobox.com>
-
+ Authors: Michael G Schwern <schwern(a)pobox.com>
%prep
-%setup -q -n Class-Accessor-%{version}
+%setup -q -n %{cpan_name}-%{version}
%build
-perl Makefile.PL
-make
-make test
+CFLAGS="$RPM_OPT_FLAGS" perl Makefile.PL
+%{__make}
+
+%check
+%{__make} test
%install
-rm -rf $RPM_BUILD_ROOT
-make DESTDIR=$RPM_BUILD_ROOT install_vendor
+%perl_make_install
%perl_process_packlist
-chmod 755 examples/benchmark
+%perl_gen_filelist
%clean
-rm -rf $RPM_BUILD_ROOT
+%{__rm} -rf $RPM_BUILD_ROOT
-%files
+%files -f %{name}.files
%defattr(-,root,root)
-%doc %{_mandir}/man?/*
-%doc Changes README examples
-%{perl_vendorlib}/Class
-%{perl_vendorarch}/auto/Class
-/var/adm/perl-modules/%{name}
+%doc Changes README
%changelog
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0