Hello community, here is the log from the commit of package pam-modules for openSUSE:Factory checked in at 2012-04-12 09:44:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pam-modules (Old) and /work/SRC/openSUSE:Factory/.pam-modules.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam-modules", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/pam-modules/pam-modules.changes 2012-02-14 13:07:49.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.pam-modules.new/pam-modules.changes 2012-04-12 09:44:37.000000000 +0200 @@ -1,0 +2,5 @@ +Tue Apr 3 13:37:30 UTC 2012 - [email protected] + +- Update to pam_unix2 2.9.1 (merge of patches) + +------------------------------------------------------------------- Old: ---- 0001-gettext.diff 0002-change-default-crypt-to-sha512.diff 0005-catch-retval-magic-by-ow-crypt-libxcrypt.diff pam_unix2-2.9.0-logindefs-thread.diff pam_unix2-2.9.0.tar.bz2 New: ---- pam_unix2-2.9.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam-modules.spec ++++++ --- /var/tmp/diff_new_pack.zI0Tus/_old 2012-04-12 09:44:38.000000000 +0200 +++ /var/tmp/diff_new_pack.zI0Tus/_new 2012-04-12 09:44:38.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package pam-modules # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,19 +29,15 @@ Version: 12.1 Release: 0 # -Source0: pam_unix2-2.9.0.tar.bz2 +Source0: pam_unix2-2.9.1.tar.bz2 Source1: pam_pwcheck-3.13.tar.bz2 Source2: pam_homecheck-2.0.tar.bz2 Source6: baselibs.conf Source21: unix2_chkpwd.c Source41: unix2_chkpwd.8 Source50: dlopen.sh -Patch0: 0001-gettext.diff -Patch1: 0002-change-default-crypt-to-sha512.diff -Patch2: 0003-use-crypt_gensalt_rn-from-glibc.diff -Patch3: 0004-add-workarounds-for-blowfish-signedness-bug.diff -Patch4: 0005-catch-retval-magic-by-ow-crypt-libxcrypt.diff -Patch5: pam_unix2-2.9.0-logindefs-thread.diff +Patch0: 0003-use-crypt_gensalt_rn-from-glibc.diff +Patch1: 0004-add-workarounds-for-blowfish-signedness-bug.diff # BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: permissions @@ -71,10 +67,6 @@ pushd pam_unix2-* %patch0 -p1 %patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 gettextize -f autoreconf -f -i popd ++++++ pam_unix2-2.9.0.tar.bz2 -> pam_unix2-2.9.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/ChangeLog new/pam_unix2-2.9.1/ChangeLog --- old/pam_unix2-2.9.0/ChangeLog 2011-09-22 15:42:13.000000000 +0200 +++ new/pam_unix2-2.9.1/ChangeLog 2012-04-03 15:25:57.000000000 +0200 @@ -1,5 +1,16 @@ +2012-04-03 Thorsten Kukuk <[email protected]> + + * release version 2.9.1 + + * etc/passwd: Make sha512 default for local files. + * src/logindefs.c: Check for NULL pointer, make thread safe. + * src/unix_passwd.c: Make sha512 default, check for ow-crypt + return values. + 2011-09-22 Thorsten Kukuk <[email protected]> + * release version 2.9.0 + * src/unix_sess.c: Set kernel 2.6.40 version if user matches an entry in /etc/security/uname26.conf. * doc/pam_unix2.8: Document uname26.conf. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/NEWS new/pam_unix2-2.9.1/NEWS --- old/pam_unix2-2.9.0/NEWS 2011-09-22 15:43:13.000000000 +0200 +++ new/pam_unix2-2.9.1/NEWS 2012-04-03 15:27:11.000000000 +0200 @@ -1,10 +1,14 @@ pam_unix2 NEWS -- history of user-visible changes. -Copyright (C) 2005-2011 SUSE LINUX Products GmbH +Copyright (C) 2005-2012 SUSE LINUX Products GmbH Copyright (C) 2001-2004 SuSE Linux AG Nuernberg, Germany Please send bug reports, questions and suggestions to <[email protected]>. +Version 2.9.1 +* Bug fixes +* Make sha512 default for /etc/passwd + Version 2.9.0 * Add support to run special user with linux kernel version 2.4.60 below a 3.x kernel diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/configure new/pam_unix2-2.9.1/configure --- old/pam_unix2-2.9.0/configure 2011-09-22 15:43:24.000000000 +0200 +++ new/pam_unix2-2.9.1/configure 2012-04-03 15:31:21.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.63 for pam_unix2 2.9.0. +# Generated by GNU Autoconf 2.63 for pam_unix2 2.9.1. # # Report bugs to <http://www.suse.de/feedback>. # @@ -596,8 +596,8 @@ # Identity of this package. PACKAGE_NAME='pam_unix2' PACKAGE_TARNAME='pam_unix2' -PACKAGE_VERSION='2.9.0' -PACKAGE_STRING='pam_unix2 2.9.0' +PACKAGE_VERSION='2.9.1' +PACKAGE_STRING='pam_unix2 2.9.1' PACKAGE_BUGREPORT='http://www.suse.de/feedback' ac_unique_file="src/support.c" @@ -1315,7 +1315,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures pam_unix2 2.9.0 to adapt to many kinds of systems. +\`configure' configures pam_unix2 2.9.1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1385,7 +1385,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of pam_unix2 2.9.0:";; + short | recursive ) echo "Configuration of pam_unix2 2.9.1:";; esac cat <<\_ACEOF @@ -1484,7 +1484,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -pam_unix2 configure 2.9.0 +pam_unix2 configure 2.9.1 generated by GNU Autoconf 2.63 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, @@ -1498,7 +1498,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by pam_unix2 $as_me 2.9.0, which was +It was created by pam_unix2 $as_me 2.9.1, which was generated by GNU Autoconf 2.63. Invocation command line was $ $0 $@ @@ -2214,7 +2214,7 @@ # Define the identity of the package. PACKAGE='pam_unix2' - VERSION='2.9.0' + VERSION='2.9.1' cat >>confdefs.h <<_ACEOF @@ -8856,7 +8856,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by pam_unix2 $as_me 2.9.0, which was +This file was extended by pam_unix2 $as_me 2.9.1, which was generated by GNU Autoconf 2.63. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -8919,7 +8919,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_version="\\ -pam_unix2 config.status 2.9.0 +pam_unix2 config.status 2.9.1 configured by $0, generated by GNU Autoconf 2.63, with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/configure.in new/pam_unix2-2.9.1/configure.in --- old/pam_unix2-2.9.0/configure.in 2011-09-22 15:42:25.000000000 +0200 +++ new/pam_unix2-2.9.1/configure.in 2012-04-03 15:31:17.000000000 +0200 @@ -1,5 +1,5 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT(pam_unix2, 2.9.0, http://www.suse.de/feedback, pam_unix2) +AC_INIT(pam_unix2, 2.9.1, http://www.suse.de/feedback, pam_unix2) AM_INIT_AUTOMAKE AC_CONFIG_SRCDIR([src/support.c]) AM_CONFIG_HEADER(config.h) @@ -93,7 +93,7 @@ LDFLAGS="${LDFLAGS} -G" fi -AM_GNU_GETTEXT_VERSION +AM_GNU_GETTEXT_VERSION([0.12]) AM_GNU_GETTEXT([external]) AC_SUBST(LIBPAM) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/etc/passwd new/pam_unix2-2.9.1/etc/passwd --- old/pam_unix2-2.9.0/etc/passwd 2004-07-26 15:10:26.000000000 +0200 +++ new/pam_unix2-2.9.1/etc/passwd 2012-04-03 15:18:24.000000000 +0200 @@ -1,27 +1,30 @@ # This file contains some information for -# the passwd (1) command and other tools +# the passwd (1) command and other tools # creating or modifying passwords. -# Define default crypt hash -# CRYPT={des,md5,blowfish} -CRYPT=des +# Define default crypt hash. +# CRYPT={des,md5,blowfish,sha256,sha512} +CRYPT=sha512 -# Use another crypt hash for group passwowrds. +# Use another crypt hash for group passwords. # This is used by gpasswd, fallback is the CRYPT entry. # GROUP_CRYPT=des - -# We can override the default for a special service -# by appending the service name (FILES, YP, NISPLUS, LDAP) - -# for local files, use a more secure hash. We +# We can override the default for a specific service +# by appending the service name (FILES, YP, NISPLUS, LDAP). +# +# For local files, use a more secure hash. We # don't need to be portable here: -CRYPT_FILES=blowfish -# sometimes we need to specify special options for -# a hash (variable is prepended by the name of the -# crypt hash). -BLOWFISH_CRYPT_FILES=5 - +CRYPT_FILES=sha512 +# # For NIS, we should always use DES: CRYPT_YP=des +# sometimes we need to specify special options for a hash (variable +# is prepended by the name of the crypt hash). In case of blowfish +# and sha* this is the number of rounds +# blowfish: 4-31 +# BLOWFISH_CRYPT_FILES=5 +# sha256/sha512: 1000-9999999 +# SHA512_CRYPT_FILES=1000 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/src/logindefs.c new/pam_unix2-2.9.1/src/logindefs.c --- old/pam_unix2-2.9.0/src/logindefs.c 2006-01-12 18:16:30.000000000 +0100 +++ new/pam_unix2-2.9.1/src/logindefs.c 2012-04-03 15:21:41.000000000 +0200 @@ -33,7 +33,7 @@ struct item *next; /* pointer to next option. */ }; -static struct item *list = NULL; +static __thread struct item *list = NULL; void free_getlogindefs_data (void) @@ -82,7 +82,7 @@ while (ptr != NULL) { if (strcasecmp (name, ptr->name) == 0) - return ptr->value; + return *ptr->value?ptr->value:NULL; ptr = ptr->next; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_unix2-2.9.0/src/unix_passwd.c new/pam_unix2-2.9.1/src/unix_passwd.c --- old/pam_unix2-2.9.0/src/unix_passwd.c 2011-05-12 16:31:04.000000000 +0200 +++ new/pam_unix2-2.9.1/src/unix_passwd.c 2012-04-03 15:24:51.000000000 +0200 @@ -557,7 +557,7 @@ if (crypt_str == NULL) { opt_str = "CRYPT"; - crypt_str = getlogindefs_str (opt_str, "DES"); + crypt_str = getlogindefs_str (opt_str, data->service == S_YP?"des":"sha512"); } if (strcasecmp (crypt_str, "des") == 0) @@ -729,7 +729,9 @@ options->use_crypt); return PAM_AUTHTOK_ERR; } - if (newpassword == NULL) + if (newpassword == NULL + /* catch retval magic by ow-crypt/libxcrypt */ + || !strcmp(newpassword, "*0") || !strcmp(newpassword, "*1")) { __write_message (pamh, flags, PAM_ERROR_MSG, _("crypt_r() returns NULL pointer")); -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
