pam-plugin-ccreds: remove local patches

As our patches were merged upstream [1] we can safely remove them and use the new upstream revision. [1] https://github.com/PADL/pam_ccreds/pull/1 Signed-off-by: Richard Leitner <richard.leitner@skidata.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
author: Richard Leitner <richard.leitner@skidata.com> 2018-08-02 10:45:06 +0200
committer: Khem Raj <raj.khem@gmail.com> 2018-08-02 11:23:03 -0700
commit: f7ed3cfdf80ecd5e35201e74650a794f90ba981b (patch)
tree: 1fba75296330cc1a7380262be6dec618d85d2bbc /meta-oe/recipes-extended
parent: dacc1f30c7f0cd59a9fe170a1c368ecf3bf71ef7 (diff)
download: meta-openembedded-f7ed3cfdf80ecd5e35201e74650a794f90ba981b.tar.gz
4 files changed, 3 insertions, 174 deletions
diff --git a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0001-make-sure-we-don-t-overflow-the-data-buffer.patch b/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0001-make-sure-we-don-t-overflow-the-data-buffer.patch
deleted file mode 100644
index d7f8f5a96..000000000
--- a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0001-make-sure-we-don-t-overflow-the-data-buffer.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 59a95494002ce57ace17d676544101e88a55265d Mon Sep 17 00:00:00 2001
-From: Nicolas Boullis <nicolas.boullis@ecp.fr>
-Date: Mon, 23 Mar 2009 10:46:44 +0100
-Subject: [PATCH 1/3] make sure we don't overflow the data buffer
-This patch was taken from Debian's libpam-ccreds v10-6 source:
-        0001-make-sure-we-don-t-overflow-the-data-buffer.patch
-Reviewed-by: Richard Leitner <richard.leitner@skidata.com>
---
- cc_db.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/cc_db.c b/cc_db.c
-index c0e0488..9371c4d 100644
--- a/cc_db.c
-+++ b/cc_db.c
-@@ -199,7 +199,7 @@ int pam_cc_db_get(void *_db, const char *keyname, size_t keylength,
-                return (rc == DB_NOTFOUND) ? PAM_AUTHINFO_UNAVAIL : PAM_SERVICE_ERR;
-        }
- 
-       if (val.size < *size) {
-+       if (val.size > *size) {
-                return PAM_BUF_ERR;
-        }
- 
-- 
-2.11.0
diff --git a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0002-add-minimum_uid-option.patch b/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0002-add-minimum_uid-option.patch
deleted file mode 100644
index adc464924..000000000
--- a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0002-add-minimum_uid-option.patch
+++ /dev/null
@@ -1,97 +0,0 @@
-From 21e3ab24836c5087f3531d2d3270242cea857a79 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
-Date: Thu, 13 May 2010 12:36:26 +0200
-Subject: [PATCH 2/3] add minimum_uid option
-Closes: #580037
-This patch was taken from Debian's libpam-ccreds v10-6 source:
-        0002-add-minimum_uid-option.patch
-Reviewed-by: Richard Leitner <richard.leitner@skidata.com>
---
- cc_pam.c | 39 +++++++++++++++++++++++++++++++++++++++
- 1 file changed, 39 insertions(+)
-diff --git a/cc_pam.c b/cc_pam.c
-index d096117..56776aa 100644
--- a/cc_pam.c
-+++ b/cc_pam.c
-@@ -20,6 +20,7 @@
- #include <errno.h>
- #include <limits.h>
- #include <syslog.h>
-+#include <pwd.h>
- 
- #include "cc_private.h"
- 
-@@ -45,6 +46,30 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh,
-                                int flags, int argc, const char **argv);
- #endif
- 
-+
-+/*
-+ * Given the PAM arguments and the user we're authenticating, see if we should
-+ * ignore that user because they're root or have a low-numbered UID and we
-+ * were configured to ignore such users.  Returns true if we should ignore
-+ * them, false otherwise.
-+ */
-+static int
-+_pamcc_should_ignore(const char *username, int minimum_uid)
-+{
-+       struct passwd *pwd;
-+
-+       if (minimum_uid > 0) {
-+               pwd = getpwnam(username);
-+               if (pwd != NULL && pwd->pw_uid < (unsigned long) minimum_uid) {
-+                       syslog(LOG_DEBUG, "ignoring low-UID user (%lu < %d)",
-+                               (unsigned long) pwd->pw_uid, minimum_uid);
-+                       return 1;
-+               }
-+       }
-+       return 0;
-+}
-+
-+
- static int _pam_sm_interact(pam_handle_t *pamh,
-                            int flags,
-                            const char **authtok)
-@@ -291,7 +316,9 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh,
-        unsigned int sm_flags = 0, sm_action = 0;
-        const char *ccredsfile = NULL;
-        const char *action = NULL;
-+       const char *name = NULL;
-        int (*selector)(pam_handle_t *, int, unsigned int, const char *);
-+       int minimum_uid = 0;
- 
-        for (i = 0; i < argc; i++) {
-                if (strcmp(argv[i], "use_first_pass") == 0)
-@@ -300,6 +327,8 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh,
-                        sm_flags |= SM_FLAGS_TRY_FIRST_PASS;
-                else if (strcmp(argv[i], "service_specific") == 0)
-                        sm_flags |= SM_FLAGS_SERVICE_SPECIFIC;
-+               else if (strncmp(argv[i], "minimum_uid=", sizeof("minimum_uid=") - 1) == 0)
-+                       minimum_uid = atoi(argv[i] + sizeof("minimum_uid=") - 1);
-                else if (strncmp(argv[i], "ccredsfile=", sizeof("ccredsfile=") - 1) == 0)
-                        ccredsfile = argv[i] + sizeof("ccredsfile=") - 1;
-                else if (strncmp(argv[i], "action=", sizeof("action=") - 1) == 0)
-@@ -321,6 +350,16 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh,
-                syslog(LOG_ERR, "pam_ccreds: invalid action \"%s\"", action);
-        }
- 
-+       rc = pam_get_user(pamh, &name, NULL);
-+       if (rc != PAM_SUCCESS || name == NULL) {
-+               if (rc == PAM_CONV_AGAIN)
-+                       return PAM_INCOMPLETE;
-+               else
-+                       return PAM_SERVICE_ERR;
-+       }
-+       if (_pamcc_should_ignore(name, minimum_uid))
-+               return PAM_USER_UNKNOWN;
-+
-        switch (sm_action) {
-        case SM_ACTION_VALIDATE_CCREDS:
-                selector = _pam_sm_validate_cached_credentials;
-- 
-2.11.0
diff --git a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0003-Set-EXTENSION_SO-for-all-linux-targets.patch b/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0003-Set-EXTENSION_SO-for-all-linux-targets.patch
deleted file mode 100644
index 988c37442..000000000
--- a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0003-Set-EXTENSION_SO-for-all-linux-targets.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 2b137b0364c57505a95cb498660e3b97b557540d Mon Sep 17 00:00:00 2001
-From: Richard Leitner <richard.leitner@skidata.com>
-Date: Fri, 1 Jun 2018 13:24:15 +0200
-Subject: [PATCH 3/3] Set EXTENSION_SO for all linux* targets
-As EXTENSION_SO gets already set for linux and linux-gnu targets we
-should set it for all linux* targets. This is done by introducing a new
-"LINUX" value for the "TARGET_OS" helper variable.
-Signed-off-by: Richard Leitner <richard.leitner@skidata.com>
---
- configure.in | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-diff --git a/configure.in b/configure.in
-index 0dbdf79..3829d9f 100644
--- a/configure.in
-+++ b/configure.in
-@@ -35,7 +35,8 @@ hpux*) pam_ccreds_so_LD="/bin/ld"
-   TARGET_OS="HPUX" ;;
- solaris*) pam_ccreds_so_LD="/usr/ccs/bin/ld"
-   pam_ccreds_so_LDFLAGS="-B dynamic -M \$(srcdir)/exports.solaris -G -B group -lc" ;;
-linux*) pam_ccreds_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux" ;;
-+linux*) pam_ccreds_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux"
-+  TARGET_OS="LINUX" ;;
- *) pam_ccreds_so_LDFLAGS="-shared" ;;
- esac
- 
-@@ -43,7 +44,7 @@ AC_SUBST(pam_ccreds_so_LD)
- AC_SUBST(pam_ccreds_so_LDFLAGS)
- 
- AM_CONDITIONAL(USE_NATIVE_LINKER, test -n "$pam_ccreds_so_LD")
-AM_CONDITIONAL(EXTENSION_SO, test "$target_os" = "linux" -o "$target_os" = "linux-gnu")
-+AM_CONDITIONAL(EXTENSION_SO, test "$TARGET_OS" = "LINUX")
- AM_CONDITIONAL(EXTENSION_1, test "$TARGET_OS" = "HPUX")
- 
- if test -z "$use_gcrypt"; then
-- 
-2.11.0
diff --git a/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb b/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb
index 9a21d9045..95d879dc6 100644
--- a/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb
+++ b/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb
@@ -9,14 +9,9 @@ DEPENDS = "libpam openssl db"
 inherit distro_features_check
 REQUIRED_DISTRO_FEATURES = "pam"
-SRCREV = "376bb189ceb3a113954f1012c45be7ff09e148ba"
+SRCREV = "e2145df09469bf84878e4729b4ecd814efb797d1"
-SRC_URI = " \
+SRC_URI = "git://github.com/PADL/pam_ccreds"
-    git://github.com/PADL/pam_ccreds \
-    file://0001-make-sure-we-don-t-overflow-the-data-buffer.patch \
-    file://0002-add-minimum_uid-option.patch \
-    file://0003-Set-EXTENSION_SO-for-all-linux-targets.patch \
-"
 S = "${WORKDIR}/git"
author	Richard Leitner <richard.leitner@skidata.com>	2018-08-02 10:45:06 +0200
committer	Khem Raj <raj.khem@gmail.com>	2018-08-02 11:23:03 -0700
commit	f7ed3cfdf80ecd5e35201e74650a794f90ba981b (patch)
tree	1fba75296330cc1a7380262be6dec618d85d2bbc /meta-oe/recipes-extended
parent	dacc1f30c7f0cd59a9fe170a1c368ecf3bf71ef7 (diff)
download	meta-openembedded-f7ed3cfdf80ecd5e35201e74650a794f90ba981b.tar.gz

diff --git a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0001-make-sure-we-don-t-overflow-the-data-buffer.patch b/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0001-make-sure-we-don-t-overflow-the-data-buffer.patch deleted file mode 100644 index d7f8f5a96..000000000 --- a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0001-make-sure-we-don-t-overflow-the-data-buffer.patch +++ /dev/null
@@ -1,29 +0,0 @@
1	From 59a95494002ce57ace17d676544101e88a55265d Mon Sep 17 00:00:00 2001
2	From: Nicolas Boullis <nicolas.boullis@ecp.fr>
3	Date: Mon, 23 Mar 2009 10:46:44 +0100
4	Subject: [PATCH 1/3] make sure we don't overflow the data buffer
5
6	This patch was taken from Debian's libpam-ccreds v10-6 source:
7	0001-make-sure-we-don-t-overflow-the-data-buffer.patch
8
9	Reviewed-by: Richard Leitner <richard.leitner@skidata.com>
10	---
11	cc_db.c \| 2 +-
12	1 file changed, 1 insertion(+), 1 deletion(-)
13
14	diff --git a/cc_db.c b/cc_db.c
15	index c0e0488..9371c4d 100644
16	--- a/cc_db.c
17	+++ b/cc_db.c
18	@@ -199,7 +199,7 @@ int pam_cc_db_get(void _db, const char keyname, size_t keylength,
19	return (rc == DB_NOTFOUND) ? PAM_AUTHINFO_UNAVAIL : PAM_SERVICE_ERR;
20	}
21
22	- if (val.size < *size) {
23	+ if (val.size > *size) {
24	return PAM_BUF_ERR;
25	}
26
27	--
28	2.11.0
29


diff --git a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0002-add-minimum_uid-option.patch b/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0002-add-minimum_uid-option.patch deleted file mode 100644 index adc464924..000000000 --- a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0002-add-minimum_uid-option.patch +++ /dev/null
@@ -1,97 +0,0 @@
1	From 21e3ab24836c5087f3531d2d3270242cea857a79 Mon Sep 17 00:00:00 2001
2	From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
3	Date: Thu, 13 May 2010 12:36:26 +0200
4	Subject: [PATCH 2/3] add minimum_uid option
5
6	Closes: #580037
7
8	This patch was taken from Debian's libpam-ccreds v10-6 source:
9	0002-add-minimum_uid-option.patch
10
11	Reviewed-by: Richard Leitner <richard.leitner@skidata.com>
12	---
13	cc_pam.c \| 39 +++++++++++++++++++++++++++++++++++++++
14	1 file changed, 39 insertions(+)
15
16	diff --git a/cc_pam.c b/cc_pam.c
17	index d096117..56776aa 100644
18	--- a/cc_pam.c
19	+++ b/cc_pam.c
20	@@ -20,6 +20,7 @@
21	#include <errno.h>
22	#include <limits.h>
23	#include <syslog.h>
24	+#include <pwd.h>
25
26	#include "cc_private.h"
27
28	@@ -45,6 +46,30 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh,
29	int flags, int argc, const char **argv);
30	#endif
31
32	+
33	+/*
34	+ * Given the PAM arguments and the user we're authenticating, see if we should
35	+ * ignore that user because they're root or have a low-numbered UID and we
36	+ * were configured to ignore such users. Returns true if we should ignore
37	+ * them, false otherwise.
38	+ */
39	+static int
40	+_pamcc_should_ignore(const char *username, int minimum_uid)
41	+{
42	+ struct passwd *pwd;
43	+
44	+ if (minimum_uid > 0) {
45	+ pwd = getpwnam(username);
46	+ if (pwd != NULL && pwd->pw_uid < (unsigned long) minimum_uid) {
47	+ syslog(LOG_DEBUG, "ignoring low-UID user (%lu < %d)",
48	+ (unsigned long) pwd->pw_uid, minimum_uid);
49	+ return 1;
50	+ }
51	+ }
52	+ return 0;
53	+}
54	+
55	+
56	static int _pam_sm_interact(pam_handle_t *pamh,
57	int flags,
58	const char **authtok)
59	@@ -291,7 +316,9 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh,
60	unsigned int sm_flags = 0, sm_action = 0;
61	const char *ccredsfile = NULL;
62	const char *action = NULL;
63	+ const char *name = NULL;
64	int (selector)(pam_handle_t , int, unsigned int, const char *);
65	+ int minimum_uid = 0;
66
67	for (i = 0; i < argc; i++) {
68	if (strcmp(argv[i], "use_first_pass") == 0)
69	@@ -300,6 +327,8 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh,
70	sm_flags \|= SM_FLAGS_TRY_FIRST_PASS;
71	else if (strcmp(argv[i], "service_specific") == 0)
72	sm_flags \|= SM_FLAGS_SERVICE_SPECIFIC;
73	+ else if (strncmp(argv[i], "minimum_uid=", sizeof("minimum_uid=") - 1) == 0)
74	+ minimum_uid = atoi(argv[i] + sizeof("minimum_uid=") - 1);
75	else if (strncmp(argv[i], "ccredsfile=", sizeof("ccredsfile=") - 1) == 0)
76	ccredsfile = argv[i] + sizeof("ccredsfile=") - 1;
77	else if (strncmp(argv[i], "action=", sizeof("action=") - 1) == 0)
78	@@ -321,6 +350,16 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh,
79	syslog(LOG_ERR, "pam_ccreds: invalid action \"%s\"", action);
80	}
81
82	+ rc = pam_get_user(pamh, &name, NULL);
83	+ if (rc != PAM_SUCCESS \|\| name == NULL) {
84	+ if (rc == PAM_CONV_AGAIN)
85	+ return PAM_INCOMPLETE;
86	+ else
87	+ return PAM_SERVICE_ERR;
88	+ }
89	+ if (_pamcc_should_ignore(name, minimum_uid))
90	+ return PAM_USER_UNKNOWN;
91	+
92	switch (sm_action) {
93	case SM_ACTION_VALIDATE_CCREDS:
94	selector = _pam_sm_validate_cached_credentials;
95	--
96	2.11.0
97


diff --git a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0003-Set-EXTENSION_SO-for-all-linux-targets.patch b/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0003-Set-EXTENSION_SO-for-all-linux-targets.patch deleted file mode 100644 index 988c37442..000000000 --- a/meta-oe/recipes-extended/pam/pam-plugin-ccreds/0003-Set-EXTENSION_SO-for-all-linux-targets.patch +++ /dev/null
@@ -1,40 +0,0 @@
1	From 2b137b0364c57505a95cb498660e3b97b557540d Mon Sep 17 00:00:00 2001
2	From: Richard Leitner <richard.leitner@skidata.com>
3	Date: Fri, 1 Jun 2018 13:24:15 +0200
4	Subject: [PATCH 3/3] Set EXTENSION_SO for all linux* targets
5
6	As EXTENSION_SO gets already set for linux and linux-gnu targets we
7	should set it for all linux* targets. This is done by introducing a new
8	"LINUX" value for the "TARGET_OS" helper variable.
9
10	Signed-off-by: Richard Leitner <richard.leitner@skidata.com>
11	---
12	configure.in \| 5 +++--
13	1 file changed, 3 insertions(+), 2 deletions(-)
14
15	diff --git a/configure.in b/configure.in
16	index 0dbdf79..3829d9f 100644
17	--- a/configure.in
18	+++ b/configure.in
19	@@ -35,7 +35,8 @@ hpux*) pam_ccreds_so_LD="/bin/ld"
20	TARGET_OS="HPUX" ;;
21	solaris*) pam_ccreds_so_LD="/usr/ccs/bin/ld"
22	pam_ccreds_so_LDFLAGS="-B dynamic -M \$(srcdir)/exports.solaris -G -B group -lc" ;;
23	-linux*) pam_ccreds_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux" ;;
24	+linux*) pam_ccreds_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux"
25	+ TARGET_OS="LINUX" ;;
26	*) pam_ccreds_so_LDFLAGS="-shared" ;;
27	esac
28
29	@@ -43,7 +44,7 @@ AC_SUBST(pam_ccreds_so_LD)
30	AC_SUBST(pam_ccreds_so_LDFLAGS)
31
32	AM_CONDITIONAL(USE_NATIVE_LINKER, test -n "$pam_ccreds_so_LD")
33	-AM_CONDITIONAL(EXTENSION_SO, test "$target_os" = "linux" -o "$target_os" = "linux-gnu")
34	+AM_CONDITIONAL(EXTENSION_SO, test "$TARGET_OS" = "LINUX")
35	AM_CONDITIONAL(EXTENSION_1, test "$TARGET_OS" = "HPUX")
36
37	if test -z "$use_gcrypt"; then
38	--
39	2.11.0
40


diff --git a/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb b/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb index 9a21d9045..95d879dc6 100644 --- a/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb +++ b/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb
@@ -9,14 +9,9 @@ DEPENDS = "libpam openssl db"
9	inherit distro_features_check	9	inherit distro_features_check
10	REQUIRED_DISTRO_FEATURES = "pam"	10	REQUIRED_DISTRO_FEATURES = "pam"
11		11
12	SRCREV = "376bb189ceb3a113954f1012c45be7ff09e148ba"	12	SRCREV = "e2145df09469bf84878e4729b4ecd814efb797d1"
13		13
14	SRC_URI = " \	14	SRC_URI = "git://github.com/PADL/pam_ccreds"
15	git://github.com/PADL/pam_ccreds \
16	file://0001-make-sure-we-don-t-overflow-the-data-buffer.patch \
17	file://0002-add-minimum_uid-option.patch \
18	file://0003-Set-EXTENSION_SO-for-all-linux-targets.patch \
19	"
20		15
21	S = "${WORKDIR}/git"	16	S = "${WORKDIR}/git"
22		17