Hello community, here is the log from the commit of package pam_krb5 for openSUSE:Factory checked in at Wed Mar 2 10:09:19 CET 2011.
-------- --- pam_krb5/pam_krb5.changes 2010-11-19 11:44:56.000000000 +0100 +++ /mounts/work_src_done/STABLE/pam_krb5/pam_krb5.changes 2011-03-01 17:43:01.000000000 +0100 @@ -1,0 +2,5 @@ +Tue Mar 1 17:41:57 CET 2011 - [email protected] + +- make pam_sm_setcred less verbose (bnc#641008) + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- bug-641008_pam_krb5-2.3.11-setcred-log.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam_krb5.spec ++++++ --- /var/tmp/diff_new_pack.oTXXyB/_old 2011-03-02 10:06:16.000000000 +0100 +++ /var/tmp/diff_new_pack.oTXXyB/_new 2011-03-02 10:06:16.000000000 +0100 @@ -1,7 +1,7 @@ # -# spec file for package pam_krb5 (Version 2.3.11) +# spec file for package pam_krb5 # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -31,7 +31,7 @@ %endif # Version: 2.3.11 -Release: 4 +Release: 9 Summary: PAM Module for Kerberos Authentication Url: http://sourceforge.net/projects/pam-krb5/ Source: pam_krb5-%{version}-%{PAM_RELEASE}.tar.bz2 @@ -42,6 +42,7 @@ Patch3: pam_krb5-LINGUAS.dif Patch4: pam_krb5-2.3.1-switch-perms-on-refresh.dif Patch5: pam_krb5-2.2.3-1-setcred-assume-establish.dif +Patch6: bug-641008_pam_krb5-2.3.11-setcred-log.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -56,6 +57,7 @@ %patch3 %patch4 -p1 %patch5 +%patch6 -p1 %build CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE " \ ++++++ bug-641008_pam_krb5-2.3.11-setcred-log.diff ++++++ diff -ur pam_krb5-2.3.11-1.orig/src/auth.c pam_krb5-2.3.11-1/src/auth.c --- pam_krb5-2.3.11-1.orig/src/auth.c 2010-09-21 15:58:10.021370000 +0200 +++ pam_krb5-2.3.11-1/src/auth.c 2010-09-21 17:02:33.329265000 +0200 @@ -522,13 +522,32 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, PAM_KRB5_MAYBE_CONST char **argv) { + krb5_context ctx; + struct _pam_krb5_options *options; struct _pam_krb5_perms *saved_perms; - notice("pam_setcred (%s) called", - (flags & PAM_ESTABLISH_CRED)?"establish credential": - (flags & PAM_REINITIALIZE_CRED)?"reinitialize credential": - (flags & PAM_REFRESH_CRED)?"refresh credential": - (flags & PAM_DELETE_CRED)?"delete credential":"unknown flag"); + + if (_pam_krb5_init_ctx(&ctx, argc, argv) != 0) { + warn("error initializing Kerberos"); + return PAM_SERVICE_ERR; + } + + options = _pam_krb5_options_init(pamh, argc, argv, ctx); + if (options == NULL) { + warn("error parsing options (shouldn't happen)"); + krb5_free_context(ctx); + return PAM_SERVICE_ERR; + } + + if (options->debug) { + debug("pam_setcred (%s) called", + (flags & PAM_ESTABLISH_CRED)?"establish credential": + (flags & PAM_REINITIALIZE_CRED)?"reinitialize credential": + (flags & PAM_REFRESH_CRED)?"refresh credential": + (flags & PAM_DELETE_CRED)?"delete credential":"unknown flag"); + } if (flags & PAM_ESTABLISH_CRED) { + _pam_krb5_options_free(pamh, ctx, options); + krb5_free_context(ctx); return pam_sm_open_session(pamh, flags, argc, argv); } if (flags & (PAM_REINITIALIZE_CRED | PAM_REFRESH_CRED)) { @@ -541,19 +560,29 @@ } saved_perms = NULL; + _pam_krb5_options_free(pamh, ctx, options); + krb5_free_context(ctx); return i; } else { - debug("looks unsafe - ignore refresh"); + if (options->debug) { + debug("looks unsafe - ignore refresh"); + } if (saved_perms != NULL) { _pam_krb5_restore_perms_r2e(saved_perms); } saved_perms = NULL; + _pam_krb5_options_free(pamh, ctx, options); + krb5_free_context(ctx); return PAM_IGNORE; } } if (flags & PAM_DELETE_CRED) { + _pam_krb5_options_free(pamh, ctx, options); + krb5_free_context(ctx); return pam_sm_close_session(pamh, flags, argc, argv); } warn("pam_setcred() called with no flags. Assume PAM_ESTABLISH_CRED"); + _pam_krb5_options_free(pamh, ctx, options); + krb5_free_context(ctx); return pam_sm_open_session(pamh, (flags | PAM_ESTABLISH_CRED), argc, argv); } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
