Index: head/net/nss-pam-ldapd/Makefile =================================================================== --- head/net/nss-pam-ldapd/Makefile (revision 268322) +++ head/net/nss-pam-ldapd/Makefile (revision 268323) @@ -1,139 +1,140 @@ # Ports collection Makefile for: nss_ldapd # Date created: 23/7/2009 # Whom: melifaro@ipfw.ru # # $FreeBSD$ # PORTNAME= nss-pam-ldapd -PORTVERSION= 0.7.7 +PORTVERSION= 0.7.13 CATEGORIES= net MASTER_SITES= http://arthurdejong.org/nss-pam-ldapd/ \ http://static.ipfw.ru/files/ LICENSE= LGPL21 LGPL3 LICENSE_COMB= dual MAINTAINER= melifaro@ipfw.ru COMMENT= Advanced fork of nss_ldap GNU_CONFIGURE= yes USE_GMAKE= yes USE_OPENLDAP= yes USE_RC_SUBR= nslcd NSLCD_PIDFILE?= /var/run/nslcd.pid NSLCD_SOCKET?= /var/run/nslcd.ctl OPTIONS= SASL "Enable SASL" off \ PAM "Build pam_ldap" on \ NSS_COMPAT "Enable nss_ldap compatibility (DEPRECATED)" off USERS= nslcd GROUPS= nslcd .include .if ${OSVERSION} < 700000 IGNORE= problems with nss/libc TLS .endif CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include" \ LDFLAGS="-L${LOCALBASE}/lib" CONFIGURE_ARGS+= --with-nslcd-pidfile=${NSLCD_PIDFILE} \ --with-nslcd-socket=${NSLCD_SOCKET} \ - --with-ldap-lib=openldap --disable-kerberos + --with-ldap-lib=openldap --disable-kerberos \ + --with-nss-ldap-soname=nss_ldap.so.1 .if defined(WITHOUT_NSS) .undef NSS_COMPAT .endif .if defined(WITH_NSS_COMPAT) CONFIG_FILE= "nss_ldap.conf" CONFIGURE_ARGS+= --enable-nss_compat --disable-configfile-checking --with-ldap-conf-file=${PREFIX}/etc/${CONFIG_FILE} EXTRA_PATCHES+= ${FILESDIR}/nss_patch.diff PLIST_SUB+= CONFIG=${CONFIG_FILE} .else CONFIG_FILE= "nslcd.conf" CONFIGURE_ARGS+= --with-ldap-conf-file=${PREFIX}/etc/${CONFIG_FILE} PLIST_SUB+= CONFIG=${CONFIG_FILE} .endif .if defined(WITH_SASL) WANT_OPENLDAP_SASL= yes CONFIGURE_ARGS+= --enable-sasl .else CONFIGURE_ARGS+= --disable-sasl .endif .if defined(WITH_PAM) CONFIGURE_ARGS+= --enable-pam MAN8+= pam_ldap.8 CONFLICTS+= pam_ldap-1.* PLIST_SUB+= PAM="" .else CONFIGURE_ARGS+= --disable-pam PLIST_SUB+= PAM="@comment " .endif .if defined(WITHOUT_NSS) CONFIGURE_ARGS+= --disable-nss PLIST_SUB+= NSS="@comment " .else CONFIGURE_ARGS+= --enable-nss CONFLICTS+= nss_ldap-1.* PLIST_SUB+= NSS="" .endif .if defined(WITHOUT_NSLCD) CONFIGURE_ARGS+= --disable-nslcd PLIST_SUB+= NSLCD="@comment " .else CONFIGURE_ARGS+= --enable-nslcd PLIST_SUB+= NSLCD="" MAN5+= nslcd.conf.5 MAN8+= nslcd.8 .endif .if ${OSVERSION} < 800000 BROKEN= fails to patch on 7.X .endif post-extract: @${REINPLACE_CMD} -e 's/\(INSTALL_\)\(.*\)) -D /\1\2) /' ${WRKSRC}/Makefile.in ${WRKSRC}/nss/Makefile.in @${REINPLACE_CMD} -e 's/shadow.$$(OBJEXT)/shadow.$$(OBJEXT) bsdnss.$$(OBJEXT)/;s/shadow\.c/shadow.c bsdnss.c/' ${WRKSRC}/nss/Makefile.in @${REINPLACE_CMD} -e 's/^NSS_VERS = .*/NSS_VERS = 1/;s/libnss_ldap\.so/nss_ldap.so/' ${WRKSRC}/nss/Makefile.in @${REINPLACE_CMD} -e 's/$$(DESTDIR)$$(NSS_LDAP_PATH_CONF)/$$(DESTDIR)$$(NSS_LDAP_PATH_CONF).sample/' ${WRKSRC}/Makefile.in @${REINPLACE_CMD} -e '/^$$(ACLOCAL_M4/,+2d' ${WRKSRC}/Makefile.in post-configure: ${REINPLACE_CMD} -e 's/^\(CFLAGS.*\) \-O2 \(.*\)$$/\1 -O0 \2/' ${WRKSRC}/nss/Makefile post-install: @${ECHO_MSG} @${ECHO_MSG} ===================================================================== @${ECHO_MSG} .if defined(WITH_NSS_COMPAT) @${ECHO_MSG} " NSS_LDAP compatibility ENABLED." @${ECHO_MSG} " It is DEPRECATED now and will be removed." @${ECHO_MSG} @${ECHO_MSG} " LDAP configuration: ${PREFIX}/etc/${CONFIG_FILE}" @${ECHO_MSG} " Secret file: ${PREFIX}/etc/nss_ldap.secret" @${ECHO_MSG} " Sample configuration: ${PREFIX}/etc/${CONFIG_FILE}.sample" @${ECHO_MSG} @${ECHO_MSG} " Check if you need to adjust reconnect_* parameters" @${ECHO_MSG} " WARNING: nss_ldapd will use ONLY rootbinddn to access LDAP data" .else @${ECHO_MSG} " LDAP configuration: ${PREFIX}/etc/${CONFIG_FILE}" @${ECHO_MSG} " Sample configuration: ${PREFIX}/etc/${CONFIG_FILE}.sample" @${ECHO_MSG} .endif .if !defined(WITHOUT_NSS) @${ECHO_MSG} " WARNING: Be sure to set uid and gid configuration parameters" @${ECHO_MSG} " WARNING: to make nslcd run under unprivileged user" .endif @${ECHO_MSG} @${ECHO_MSG} ===================================================================== @${ECHO_MSG} .include Property changes on: head/net/nss-pam-ldapd/Makefile ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.6 \ No newline at end of property +1.7 \ No newline at end of property Index: head/net/nss-pam-ldapd/distinfo =================================================================== --- head/net/nss-pam-ldapd/distinfo (revision 268322) +++ head/net/nss-pam-ldapd/distinfo (revision 268323) @@ -1,3 +1,2 @@ -MD5 (nss-pam-ldapd-0.7.7.tar.gz) = 7b37cc13b465495f90248e1209a05595 -SHA256 (nss-pam-ldapd-0.7.7.tar.gz) = fd6397990595243d3116fed2da409f582187329cc42794af2e47943a66ed363d -SIZE (nss-pam-ldapd-0.7.7.tar.gz) = 457607 +SHA256 (nss-pam-ldapd-0.7.13.tar.gz) = 1bdba144669ac3220162d59bafe5ba4f83404f520bc9ead58b179745c82b8d4a +SIZE (nss-pam-ldapd-0.7.13.tar.gz) = 478944 Property changes on: head/net/nss-pam-ldapd/distinfo ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.4 \ No newline at end of property +1.5 \ No newline at end of property Index: head/net/nss-pam-ldapd/files/patch-nslcd__nslcd.c =================================================================== --- head/net/nss-pam-ldapd/files/patch-nslcd__nslcd.c (revision 268322) +++ head/net/nss-pam-ldapd/files/patch-nslcd__nslcd.c (nonexistent) @@ -1,11 +0,0 @@ ---- nslcd/nslcd.c.orig 2010-07-06 23:36:52.000000000 +0400 -+++ nslcd/nslcd.c 2010-07-06 23:40:01.000000000 +0400 -@@ -574,7 +574,7 @@ - char *error; - int *enable_flag; - /* try to load the NSS module */ -- handle=dlopen("libnss_ldap.so.2",RTLD_LAZY|RTLD_NODELETE); -+ handle=dlopen("nss_ldap.so.1",RTLD_LAZY|RTLD_NODELETE); - if (handle==NULL) - { - log_log(LOG_WARNING,"Warning: LDAP NSS module not loaded: %s",dlerror()); Property changes on: head/net/nss-pam-ldapd/files/patch-nslcd__nslcd.c ___________________________________________________________________ Deleted: cvs2svn:cvs-rev ## -1 +0,0 ## -1.3 \ No newline at end of property Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Index: head/net/nss-pam-ldapd/files/patch-nss__bsdnss.c =================================================================== --- head/net/nss-pam-ldapd/files/patch-nss__bsdnss.c (revision 268322) +++ head/net/nss-pam-ldapd/files/patch-nss__bsdnss.c (revision 268323) @@ -1,160 +1,237 @@ ---- nss/bsdnss.c.orig 2009-08-10 16:06:22.000000000 +0000 -+++ nss/bsdnss.c 2009-08-10 15:58:04.000000000 +0000 -@@ -0,0 +1,157 @@ +--- /dev/null 2011-01-14 20:44:13.000000000 +0000 ++++ nss/bsdnss.c 2011-01-14 20:33:39.000000000 +0000 +@@ -0,0 +1,234 @@ ++#include ++#include +#include +#include +#include +#include +#include +#include ++#include +#include + +#define BUFFER_SIZE 1024 + +extern enum nss_status _nss_ldap_getgrent_r(struct group *, char *, size_t, + int *); +extern enum nss_status _nss_ldap_getgrnam_r(const char *, struct group *, + char *, size_t, int *); +extern enum nss_status _nss_ldap_getgrgid_r(gid_t gid, struct group *, char *, + size_t, int *); +extern enum nss_status _nss_ldap_setgrent(void); +extern enum nss_status _nss_ldap_endgrent(void); + +extern enum nss_status _nss_ldap_getpwent_r(struct passwd *, char *, size_t, + int *); +extern enum nss_status _nss_ldap_getpwnam_r(const char *, struct passwd *, + char *, size_t, int *); +extern enum nss_status _nss_ldap_getpwuid_r(gid_t gid, struct passwd *, char *, + size_t, int *); +extern enum nss_status _nss_ldap_setpwent(void); +extern enum nss_status _nss_ldap_endpwent(void); + +extern enum nss_status _nss_ldap_gethostbyname_r (const char *name, struct hostent * result, + char *buffer, size_t buflen, int *errnop, + int *h_errnop); + +extern enum nss_status _nss_ldap_gethostbyname2_r (const char *name, int af, struct hostent * result, + char *buffer, size_t buflen, int *errnop, + int *h_errnop); +extern enum nss_status _nss_ldap_gethostbyaddr_r (struct in_addr * addr, int len, int type, + struct hostent * result, char *buffer, + size_t buflen, int *errnop, int *h_errnop); ++extern enum nss_status _nss_ldap_initgroups_dyn(const char *, gid_t, long int *, ++ long int *, gid_t **, long int, int *); + +NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r); +NSS_METHOD_PROTOTYPE(__nss_compat_getgrgid_r); +NSS_METHOD_PROTOTYPE(__nss_compat_getgrent_r); +NSS_METHOD_PROTOTYPE(__nss_compat_setgrent); +NSS_METHOD_PROTOTYPE(__nss_compat_endgrent); ++static NSS_METHOD_PROTOTYPE(__freebsd_getgroupmembership); + +NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r); +NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r); +NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r); +NSS_METHOD_PROTOTYPE(__nss_compat_setpwent); +NSS_METHOD_PROTOTYPE(__nss_compat_endpwent); + +NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname); +NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname2); +NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyaddr); + +static ns_mtab methods[] = { +{ NSDB_GROUP, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r }, +{ NSDB_GROUP, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r }, +{ NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r }, +{ NSDB_GROUP, "setgrent", __nss_compat_setgrent, _nss_ldap_setgrent }, +{ NSDB_GROUP, "endgrent", __nss_compat_endgrent, _nss_ldap_endgrent }, ++{ NSDB_GROUP, "getgroupmembership", __freebsd_getgroupmembership, NULL }, + +{ NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r }, +{ NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r }, +{ NSDB_PASSWD, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r }, +{ NSDB_PASSWD, "setpwent", __nss_compat_setpwent, _nss_ldap_setpwent }, +{ NSDB_PASSWD, "endpwent", __nss_compat_endpwent, _nss_ldap_endpwent }, + +{ NSDB_HOSTS, "gethostbyname", __nss_compat_gethostbyname, _nss_ldap_gethostbyname_r }, +{ NSDB_HOSTS, "gethostbyaddr", __nss_compat_gethostbyaddr, _nss_ldap_gethostbyaddr_r }, +{ NSDB_HOSTS, "gethostbyname2", __nss_compat_gethostbyname2, _nss_ldap_gethostbyname2_r }, + +{ NSDB_GROUP_COMPAT, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r }, +{ NSDB_GROUP_COMPAT, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r }, +{ NSDB_GROUP_COMPAT, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r }, +{ NSDB_GROUP_COMPAT, "setgrent", __nss_compat_setgrent, _nss_ldap_setgrent }, +{ NSDB_GROUP_COMPAT, "endgrent", __nss_compat_endgrent, _nss_ldap_endgrent }, + +{ NSDB_PASSWD_COMPAT, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r }, +{ NSDB_PASSWD_COMPAT, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r }, +{ NSDB_PASSWD_COMPAT, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r }, +{ NSDB_PASSWD_COMPAT, "setpwent", __nss_compat_setpwent, _nss_ldap_setpwent }, +{ NSDB_PASSWD_COMPAT, "endpwent", __nss_compat_endpwent, _nss_ldap_endpwent }, + +}; + + +int __nss_compat_gethostbyname(void *retval, void *mdata, va_list ap) +{ + enum nss_status (*fn)(const char *, struct hostent *, char *, size_t, int *, int *); + const char *name; + struct hostent *result; + char buffer[BUFFER_SIZE]; + int errnop; + int h_errnop; + int af; + enum nss_status status; + fn = mdata; + name = va_arg(ap, const char*); + af = va_arg(ap,int); + result = va_arg(ap,struct hostent *); + status = fn(name, result, buffer, sizeof(buffer), &errnop, &h_errnop); + status = __nss_compat_result(status,errnop); + h_errno = h_errnop; + return (status); +} + +int __nss_compat_gethostbyname2(void *retval, void *mdata, va_list ap) +{ + enum nss_status (*fn)(const char *, struct hostent *, char *, size_t, int *, int *); + const char *name; + struct hostent *result; + char buffer[BUFFER_SIZE]; + int errnop; + int h_errnop; + int af; + enum nss_status status; + fn = mdata; + name = va_arg(ap, const char*); + af = va_arg(ap,int); + result = va_arg(ap,struct hostent *); + status = fn(name, result, buffer, sizeof(buffer), &errnop, &h_errnop); + status = __nss_compat_result(status,errnop); + h_errno = h_errnop; + return (status); +} + +int __nss_compat_gethostbyaddr(void *retval, void *mdata, va_list ap) +{ + struct in_addr *addr; + int len; + int type; + struct hostent *result; + char buffer[BUFFER_SIZE]; + int errnop; + int h_errnop; + enum nss_status (*fn)(struct in_addr *, int, int, struct hostent *, char *, size_t, int *, int *); + enum nss_status status; + fn = mdata; + addr = va_arg(ap, struct in_addr*); + len = va_arg(ap,int); + type = va_arg(ap,int); + result = va_arg(ap, struct hostent*); + status = fn(addr, len, type, result, buffer, sizeof(buffer), &errnop, &h_errnop); + status = __nss_compat_result(status,errnop); + h_errno = h_errnop; + return (status); ++} ++ ++static int ++__gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *groupc) ++{ ++ int ret, dupc; ++ ++ /* skip duplicates */ ++ for (dupc = 0; dupc < MIN(maxgrp, *groupc); dupc++) { ++ if (groups[dupc] == gid) ++ return 1; ++ } ++ ++ ret = 1; ++ if (*groupc < maxgrp) /* add this gid */ ++ groups[*groupc] = gid; ++ else ++ ret = 0; ++ (*groupc)++; ++ return ret; ++} ++ ++static int ++__freebsd_getgroupmembership(void *retval, void *mdata, va_list ap) ++{ ++ ++ int err; ++ enum nss_status s; ++ gid_t group; ++ gid_t *tmpgroups; ++ size_t bufsize; ++ const char *user; ++ gid_t *groups; ++ gid_t agroup; ++ int maxgrp, *grpcnt; ++ int i, rv, ret_errno; ++ long int lstart, lsize; ++ ++ ++ user = va_arg(ap, const char *); ++ group = va_arg(ap, gid_t); ++ groups = va_arg(ap, gid_t *); ++ maxgrp = va_arg(ap, int); ++ grpcnt = va_arg(ap, int *); ++ ++ ++ tmpgroups = malloc(maxgrp * sizeof(gid_t)); ++ if (tmpgroups == NULL) { ++ printf("Tried to mallog %u * %u\n", maxgrp, sizeof(gid_t)); ++ return NS_TRYAGAIN; ++ } ++ ++ /* insert primary membership */ ++ __gr_addgid(group, groups, maxgrp, grpcnt); ++ ++ lstart = 0; ++ lsize = maxgrp; ++ s = _nss_ldap_initgroups_dyn(user, group, &lstart, &lsize, ++ &tmpgroups, 0, &err); ++ if (s == NSS_STATUS_SUCCESS) { ++ for (i = 0; i < lstart; i++) ++ if (! __gr_addgid(tmpgroups[i], groups, maxgrp, grpcnt)) { ++ ;; ++ } ++ s = NSS_STATUS_NOTFOUND; ++ } ++ ++ free(tmpgroups); ++ ++ return __nss_compat_result(s, 0); +} + +ns_mtab * +nss_module_register(const char *source, unsigned int *mtabsize, + nss_module_unregister_fn *unreg) +{ + *mtabsize = sizeof(methods)/sizeof(methods[0]); + *unreg = NULL; + return (methods); +} Property changes on: head/net/nss-pam-ldapd/files/patch-nss__bsdnss.c ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.2 \ No newline at end of property +1.3 \ No newline at end of property Index: head/net/nss-pam-ldapd/pkg-plist =================================================================== --- head/net/nss-pam-ldapd/pkg-plist (revision 268322) +++ head/net/nss-pam-ldapd/pkg-plist (revision 268323) @@ -1,5 +1,6 @@ +@unexec if cmp -s %D/etc/%%CONFIG%%.sample %D/etc/%%CONFIG%%; then rm -f %D/etc/%%CONFIG%%; fi etc/%%CONFIG%%.sample %%NSS%%lib/nss_ldap.so.1 %%NSLCD%%sbin/nslcd %%PAM%%lib/pam_ldap.so %%PAM%%lib/pam_ldap.so.1 Property changes on: head/net/nss-pam-ldapd/pkg-plist ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.3 \ No newline at end of property +1.4 \ No newline at end of property