fixing bug 465954 and bug 449940 in 265-r3

(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key 0x2471eb3e40ac5ac3)
author: Matthew Thode <prometheanfire@gentoo.org> 2014-02-17 05:41:10 +0000
committer: Matthew Thode <prometheanfire@gentoo.org> 2014-02-17 05:41:10 +0000
commit: 7419f4906f66fd6893bcc1cf32d8ca9b77aad643 (patch)
tree: 8053350eafbd4064eb5a62e64994d4c11c22ce52 /sys-auth/nss_ldap
parent: old (diff)
download: gentoo-2-7419f4906f66fd6893bcc1cf32d8ca9b77aad643.tar.gz
gentoo-2-7419f4906f66fd6893bcc1cf32d8ca9b77aad643.tar.bz2
gentoo-2-7419f4906f66fd6893bcc1cf32d8ca9b77aad643.zip
4 files changed, 678 insertions, 1 deletions
diff --git a/sys-auth/nss_ldap/ChangeLog b/sys-auth/nss_ldap/ChangeLog
index b42d0183fa1d..5186109727f9 100644
--- a/sys-auth/nss_ldap/ChangeLog
+++ b/sys-auth/nss_ldap/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for sys-auth/nss_ldap
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.83 2014/01/26 12:06:44 ago Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.84 2014/02/17 05:41:10 prometheanfire Exp $
+
+*nss_ldap-265-r3 (17 Feb 2014)
+
+  17 Feb 2014; Matthew Thode <prometheanfire@gentoo.org>
+  +files/nss_ldap-265-fbsd.patch,
+  +files/nss_ldap-265-missing-entries-oneshot.patch, +nss_ldap-265-r3.ebuild:
+  fixing bug 465954 and bug 449940 in 265-r3
 
   26 Jan 2014; Agostino Sarubbo <ago@gentoo.org> nss_ldap-265-r2.ebuild:
   Stable for sparc, wrt bug #438692
diff --git a/sys-auth/nss_ldap/files/nss_ldap-265-fbsd.patch b/sys-auth/nss_ldap/files/nss_ldap-265-fbsd.patch
new file mode 100644
index 000000000000..6e2bf826d17f
--- /dev/null
+++ b/sys-auth/nss_ldap/files/nss_ldap-265-fbsd.patch
@@ -0,0 +1,432 @@
+--- Makefile.am.orig	2009-11-06 05:28:08.000000000 -0500
++++ Makefile.am		2010-01-12 23:24:17.000000000 -0500
+@@ -9,8 +9,12 @@
+ if AIX
+ INST_GID=system
+ else
++if FreeBSD
++INST_GID=wheel
++else
+ INST_GID=root
+ endif
++endif
+ 
+ EXTRA_DIST = CVSVersionInfo.txt ChangeLog \
+ 	     AUTHORS ANNOUNCE NEWS INSTALL README LICENSE.OpenLDAP COPYING\
+@@ -23,7 +27,7 @@
+ 	ldap-alias.c ldap-service.c ldap-schema.c ldap-ethers.c \
+ 	ldap-bp.c ldap-automount.c util.c ltf.c snprintf.c resolve.c \
+ 	dnsconfig.c irs-nss.c pagectrl.c ldap-sldap.c ldap-init-krb5-cache.c \
+-	vers.c
++	vers.c bsdnss.c
+ 
+ nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@
+ 
+@@ -103,11 +107,10 @@
+ 		$(mkinstalldirs) $(DESTDIR)$(dir $(NSS_LDAP_PATH_CONF)); \
+ 		$(INSTALL_DATA) -o $(INST_UID) -g $(INST_GID) $(srcdir)/ldap.conf $(DESTDIR)$(NSS_LDAP_PATH_CONF); \
+ 	fi
+-	$(INSTALL_DATA) -o $(INST_UID) -g $(INST_GID) $(srcdir)/nsswitch.ldap $(DESTDIR)$(sysconfdir)/nsswitch.ldap; 
+ 
+ uninstall-local:
+ 	@$(NORMAL_UNINSTALL)
+ 
+ vers.c: $(top_srcdir)/CVSVersionInfo.txt
+-	CVSVERSIONDIR=$(top_srcdir) ./vers_string -v
++	$(top_srcdir)/vers_string -v
+ 
+
+--- configure.in.orig		   2007-10-29 06:30:12.000000000 -0700
++++ configure.in		   2008-09-26 20:38:20.000000000 -0700
+@@ -97,11 +97,15 @@
+ linux*) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux" ;;
+ *) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic" ;;
+ esac
++case "$target_os" in
++freebsd*) TARGET_OS=FreeBSD ;;
++esac
+ 
+ AM_CONDITIONAL(GCC, test "$GCC" = "yes")
+ AM_CONDITIONAL(GLIBC, test "$target_os" = "linux" -o "$target_os" = "linux-gnu")
+ AM_CONDITIONAL(AIX, test "$TARGET_OS" = AIX)
+ AM_CONDITIONAL(HPUX, test "$TARGET_OS" = HPUX)
++AM_CONDITIONAL(FreeBSD, test "$TARGET_OS" = FreeBSD)
+ 
+ AM_CONDITIONAL(USE_NATIVE_LINKER, test -n "$nss_ldap_so_LD")
+ 
+@@ -153,7 +157,6 @@
+   aix*) AC_CHECK_HEADERS(irs.h usersec.h) ;;
+   hpux*) AC_CHECK_HEADERS(nsswitch.h) ;;
+   *) AC_CHECK_HEADERS(nss.h)
+-     AC_CHECK_HEADERS(nsswitch.h)
+      AC_CHECK_HEADERS(irs.h) ;;
+ esac
+ AC_CHECK_HEADERS(thread.h)
+@@ -232,7 +235,6 @@
+ AC_CHECK_FUNCS(gethostbyname)
+ AC_CHECK_FUNCS(nsdispatch)
+ AC_CHECK_LIB(pthread_nonshared, main)
+-AC_CHECK_FUNCS(pthread_atfork)
+ AC_CHECK_FUNCS(pthread_once)
+ AC_CHECK_FUNCS(ether_aton)
+ AC_CHECK_FUNCS(ether_ntoa)
+
+--- ldap-ethers.c.orig	2009-11-06 10:28:08.000000000 +0000
++++ ldap-ethers.c	2009-12-23 17:01:14.000000000 +0000
+@@ -217,9 +217,9 @@
+     }
+ 
+   snprintf(fullmac, sizeof(fullmac), "%02x:%02x:%02x:%02x:%02x:%02x",
+-	   addr->ether_addr_octet[0], addr->ether_addr_octet[1],
+-	   addr->ether_addr_octet[2], addr->ether_addr_octet[3],
+-	   addr->ether_addr_octet[4], addr->ether_addr_octet[5]);
++	   addr->octet[0], addr->octet[1],
++	   addr->octet[2], addr->octet[3],
++	   addr->octet[4], addr->octet[5]);
+ 
+   LA_INIT(a);
+   LA_STRING(a) = ether_ntoa(addr);
+@@ -343,14 +343,14 @@
+ 	if (i != 6)
+ 		return NULL;
+ 	for (i = 0; i < 6; i++)
+-		ep.ether_addr_octet[i] = t[i];
++		ep.octet[i] = t[i];
+ 
+	return &ep;
+ }
+ #endif /* !HAVE_ETHER_ATON */
+ 
+ #ifndef HAVE_ETHER_NTOA
+-#define EI(i)	(unsigned int)(e->ether_addr_octet[(i)])
++#define EI(i)	(unsigned int)(e->octet[(i)])
+ static char *ether_ntoa (const struct ether_addr *e)
+ {
+ 	static char s[18];
+
+--- ldap-ethers.h.orig	2009-11-06 10:28:08.000000000 +0000
++++ ldap-ethers.h	2009-12-23 17:02:06.000000000 +0000
+@@ -32,7 +32,7 @@
+ 
+ #ifndef HAVE_STRUCT_ETHER_ADDR
+ struct ether_addr {
+-  u_char ether_addr_octet[6];
++  u_char octet[6];
+ };
+ #endif
+ 
+--- ldap-nss.c.orig	Sat May 27 16:23:40 2006
++++ ldap-nss.c		Sat May 27 16:23:52 2006
+@@ -69,7 +69,7 @@
+ #endif
+ 
+ /* Try to handle systems with both SASL libraries installed */
+-#if defined(HAVE_SASL_SASL_H) && defined(HAVE_SASL_AUXPROP_REQUEST)
++#if defined(HAVE_SASL_SASL_H) 
+ #include <sasl/sasl.h>
+ #elif defined(HAVE_SASL_H)
+ #include <sasl.h>
+
+--- ldap-pwd.c.orig	2008-10-30 21:50:15.000000000 +0100
++++ ldap-pwd.c		2008-12-06 00:37:30.216966282 +0100
+@@ -21,7 +21,10 @@
+ static char rcsId[] =
+   "$Id: nss_ldap-265-fbsd.patch,v 1.1 2014/02/17 05:41:10 prometheanfire Exp $";
+ 
++#include <sys/types.h>
++#include <unistd.h>
+ #include "config.h"
++ 
+ 
+ #ifdef HAVE_PORT_BEFORE_H
+ #include <port_before.h>
+@@ -90,9 +93,13 @@
+   size_t tmplen;
+   char *tmp;
+ 
+-  if (_nss_ldap_oc_check (e, "shadowAccount") == NSS_SUCCESS)
+-    {
++/*  if (_nss_ldap_oc_check (e, "shadowAccount") == NSS_SUCCESS)
++ *   {
++ */
+       /* don't include password for shadowAccount */
++  if (geteuid() != 0) 
++  {
++    /* don't include password for non-root users */
+       if (buflen < 3)
+ 	return NSS_TRYAGAIN;
+ 
+@@ -163,6 +170,15 @@
+     }
++
++#ifdef HAVE_LOGIN_CLASSES 
++  stat =
++    _nss_ldap_assign_attrval (e, AT (loginClass), &pw->pw_class, &buffer,
++    			                &buflen);
++  if (stat != NSS_SUCCESS)
++    (void) _nss_ldap_assign_emptystring (&pw->pw_class, &buffer, &buflen);
++#endif
++
+ 
+   stat =
+     _nss_ldap_assign_attrval (e, AT (homeDirectory), &pw->pw_dir, &buffer,
+ 			      &buflen);
+   if (stat != NSS_SUCCESS)
+
+--- ldap-schema.c	2009-08-29 09:21:43.000000000 -0400
++++ ldap-schema.c	2009-08-28 12:09:52.000000000 -0400
+@@ -334,6 +334,9 @@
+ #ifdef HAVE_PASSWD_PW_EXPIRE
+   (*pwd_attrs)[i++] = AT (shadowExpire);
+ #endif /* HAVE_PASSWD_PW_EXPIRE */
++#ifdef HAVE_LOGIN_CLASSES
++  (*pwd_attrs)[i++] = AT (loginClass);
++#endif
+   (*pwd_attrs)[i] = NULL;
+ }
+ 
+--- ldap-schema.h	2009-08-29 09:21:43.000000000 -0400
++++ ldap-schema.h	2009-08-29 06:37:18.000000000 -0400
+@@ -24,7 +24,7 @@
+ #define _LDAP_NSS_LDAP_LDAP_SCHEMA_H
+ 
+ /* max number of attributes per object class */
+-#define ATTRTAB_SIZE	15
++#define ATTRTAB_SIZE	16
+ 
+ /**
+  * function to initialize global lookup filters.
+@@ -153,6 +153,10 @@
+ #define AT_gecos                  "gecos"
+ #define AT_homeDirectory          "homeDirectory"
+
++#ifdef HAVE_LOGIN_CLASSES
++/* FreeBSD extension -Jacob Myers <jacob@whotokspaz.org> */
++#define AT_loginClass           "loginClass"
++#endif
+ /*
+  * ( nisSchema.2.1 NAME 'shadowAccount' SUP top AUXILIARY
+  *   DESC 'Additional attributes for shadow passwords'            
+
+--- /dev/null	       2013-04-13 01:27:01.290932001 +0200
++++ bsdnss.c	       2013-04-14 03:17:47.794195349 +0200
+@@ -0,0 +1,219 @@
++#include <errno.h>
++#include <stdlib.h>
++#include <sys/param.h>
++#include <netinet/in.h>
++#include <pwd.h>
++#include <grp.h>
++#include <nss.h>
++#include <nsswitch.h>
++#include <netdb.h>
++
++extern enum nss_status _nss_ldap_getgrent_r(struct group *, char *, size_t,
++    int *);
++extern enum nss_status _nss_ldap_getgrnam_r(const char *, struct group *,
++    char *, size_t, int *);
++extern enum nss_status _nss_ldap_getgrgid_r(gid_t gid, struct group *, char *,
++    size_t, int *);
++extern enum nss_status _nss_ldap_setgrent(void);
++extern enum nss_status _nss_ldap_endgrent(void);
++extern enum nss_status _nss_ldap_initgroups_dyn(const char *, gid_t, long int *,
++	     		   long int *, gid_t **, long int, int *);
++
++extern enum nss_status _nss_ldap_getpwent_r(struct passwd *, char *, size_t,
++    int *);
++extern enum nss_status _nss_ldap_getpwnam_r(const char *, struct passwd *,
++    char *, size_t, int *);
++extern enum nss_status _nss_ldap_getpwuid_r(gid_t gid, struct passwd *, char *,
++    size_t, int *);
++extern enum nss_status _nss_ldap_setpwent(void);
++extern enum nss_status _nss_ldap_endpwent(void);
++
++extern enum nss_status _nss_ldap_gethostbyname_r (const char *name, struct hostent * result,
++	     		   char *buffer, size_t buflen, int *errnop,
++			   		    int *h_errnop);
++
++extern enum nss_status _nss_ldap_gethostbyname2_r (const char *name, int af, struct hostent * result,
++	     		    char *buffer, size_t buflen, int *errnop,
++			    	 	      int *h_errnop);
++extern enum nss_status _nss_ldap_gethostbyaddr_r (struct in_addr * addr, int len, int type,
++	     		   struct hostent * result, char *buffer,
++			   	  	     size_t buflen, int *errnop, int *h_errnop);
++
++NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_getgrgid_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_getgrent_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_setgrent);
++NSS_METHOD_PROTOTYPE(__nss_compat_endgrent);
++static NSS_METHOD_PROTOTYPE(__freebsd_getgroupmembership);
++
++NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_setpwent);
++NSS_METHOD_PROTOTYPE(__nss_compat_endpwent);
++
++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname);
++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname2);
++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyaddr);
++
++static ns_mtab methods[] = {
++{ NSDB_GROUP, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r },
++{ NSDB_GROUP, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r },
++{ NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r },
++{ NSDB_GROUP, "setgrent",   __nss_compat_setgrent,   _nss_ldap_setgrent },
++{ NSDB_GROUP, "endgrent",   __nss_compat_endgrent,   _nss_ldap_endgrent },
++{ NSDB_GROUP, "getgroupmembership",  __freebsd_getgroupmembership, NULL },
++
++{ NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r },
++{ NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r },
++{ NSDB_PASSWD, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r },
++{ NSDB_PASSWD, "setpwent",   __nss_compat_setpwent,   _nss_ldap_setpwent },
++{ NSDB_PASSWD, "endpwent",   __nss_compat_endpwent,   _nss_ldap_endpwent },
++
++{ NSDB_HOSTS, "gethostbyname", __nss_compat_gethostbyname, _nss_ldap_gethostbyname_r },
++{ NSDB_HOSTS, "gethostbyaddr", __nss_compat_gethostbyaddr, _nss_ldap_gethostbyaddr_r },
++{ NSDB_HOSTS, "gethostbyname2", __nss_compat_gethostbyname2, _nss_ldap_gethostbyname2_r },
++
++{ NSDB_GROUP_COMPAT, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r },
++{ NSDB_GROUP_COMPAT, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r },
++{ NSDB_GROUP_COMPAT, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r },
++{ NSDB_GROUP_COMPAT, "setgrent",   __nss_compat_setgrent,   _nss_ldap_setgrent },
++{ NSDB_GROUP_COMPAT, "endgrent",   __nss_compat_endgrent,   _nss_ldap_endgrent },
++
++{ NSDB_PASSWD_COMPAT, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r },
++{ NSDB_PASSWD_COMPAT, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r },
++{ NSDB_PASSWD_COMPAT, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r },
++{ NSDB_PASSWD_COMPAT, "setpwent",   __nss_compat_setpwent,   _nss_ldap_setpwent },
++{ NSDB_PASSWD_COMPAT, "endpwent",   __nss_compat_endpwent,   _nss_ldap_endpwent },
++
++};
++
++
++ns_mtab *
++nss_module_register(const char *source, unsigned int *mtabsize,
++    nss_module_unregister_fn *unreg)
++{
++	*mtabsize = sizeof(methods)/sizeof(methods[0]);
++	*unreg = NULL;
++	return (methods);
++}
++
++int __nss_compat_gethostbyname(void *retval, void *mdata, va_list ap)
++{
++	enum nss_status		(*fn)(const char *, struct hostent *, char *, size_t, int *, int *);
++	const char 		*name;
++	struct hostent 		*result;
++	char   			buffer[1024];
++	size_t				buflen = 1024;
++	int 				       errnop;
++	int					h_errnop;
++	int						af;
++	enum nss_status					status;
++	fn = mdata;
++	name = va_arg(ap, const char*);
++	af = va_arg(ap,int);
++	result = va_arg(ap,struct hostent *);
++	status = fn(name, result, buffer, buflen, &errnop, &h_errnop);
++	status = __nss_compat_result(status,errnop);
++	h_errno = h_errnop;
++	return (status);
++}
++
++int __nss_compat_gethostbyname2(void *retval, void *mdata, va_list ap)
++{
++	enum nss_status		(*fn)(const char *, struct hostent *, char *, size_t, int *, int *);
++	const char 		*name;
++	struct hostent 		*result;
++	char   			buffer[1024];
++	size_t				buflen = 1024;
++	int 				       errnop;
++	int					h_errnop;
++	int						af;
++	enum nss_status					status;
++	fn = mdata;
++	name = va_arg(ap, const char*);
++	af = va_arg(ap,int);
++	result = va_arg(ap,struct hostent *);
++	status = fn(name, result, buffer, buflen, &errnop, &h_errnop);
++	status = __nss_compat_result(status,errnop);
++	h_errno = h_errnop;
++	return (status);
++}
++
++int __nss_compat_gethostbyaddr(void *retval, void *mdata, va_list ap)
++{
++	struct in_addr	*addr;
++	int    		len;
++	int			type;
++	struct hostent		*result;
++	char   			buffer[1024];
++	size_t				buflen = 1024;
++	int				       errnop;
++	int					h_errnop;
++	enum nss_status (*fn)(struct in_addr *, int, int, struct hostent *, char *, size_t, int *, int *);
++	enum nss_status status;
++	fn = mdata;
++	addr = va_arg(ap, struct in_addr*);
++	len = va_arg(ap,int);
++	type = va_arg(ap,int);
++	result = va_arg(ap, struct hostent*);
++	status = fn(addr, len, type, result, buffer, buflen, &errnop, &h_errnop);
++	status = __nss_compat_result(status,errnop);
++	h_errno = h_errnop;
++	return (status);
++}
++
++static int
++__gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *groupc)
++{
++	int	ret, dupc;
++
++	/* skip duplicates */
++	for (dupc = 0; dupc < MIN(maxgrp, *groupc); dupc++) {
++	    if (groups[dupc] == gid)
++	       		     return 1;
++			     }
++
++	ret = 1;
++	if (*groupc < maxgrp)			/* add this gid */
++	   groups[*groupc] = gid;
++	   else
++		ret = 0;
++		(*groupc)++;
++		return ret;
++}
++
++static int __freebsd_getgroupmembership(void *retval, void *mdata, va_list ap)
++{
++	int err;
++	enum nss_status s;
++	const char *user	= va_arg(ap, const char *);
++	gid_t group 		  = va_arg(ap, gid_t);
++	gid_t *groups 		    = va_arg(ap, gid_t *);
++	int limit 		      = va_arg(ap, int);
++	int *size 		      	= va_arg(ap, int*);
++	gid_t *tmpgroups;
++	long int lstart, lsize;
++	int i;
++
++	tmpgroups = malloc(limit * sizeof(gid_t));
++	if (tmpgroups == NULL)
++	   return NS_TRYAGAIN;
++
++	/* insert primary membership */
++	__gr_addgid(group, groups, limit, size);
++
++	lstart = 0;
++	lsize = limit;
++	s = _nss_ldap_initgroups_dyn(user, group, &lstart, &lsize,
++	  &tmpgroups, 0, &err);
++	  if (s == NSS_STATUS_SUCCESS) {
++	     for (i = 0; i < lstart; i++)
++	     	     __gr_addgid(tmpgroups[i], groups, limit, size);
++		     			       s = NSS_STATUS_NOTFOUND;
++					       }
++
++	free(tmpgroups);
++
++	return __nss_compat_result(s, err);
++}
diff --git a/sys-auth/nss_ldap/files/nss_ldap-265-missing-entries-oneshot.patch b/sys-auth/nss_ldap/files/nss_ldap-265-missing-entries-oneshot.patch
new file mode 100644
index 000000000000..6730dc986dd1
--- /dev/null
+++ b/sys-auth/nss_ldap/files/nss_ldap-265-missing-entries-oneshot.patch
@@ -0,0 +1,101 @@
+Distinguish between contexts that are somewhat persistent and one-offs
+which are used to fulfill part of a larger request.
+
+diff -up nss_ldap-253/ldap-grp.c nss_ldap-253/ldap-grp.c
+--- nss_ldap-253/ldap-grp.c	2009-05-08 13:30:43.000000000 -0400
++++ nss_ldap-253/ldap-grp.c	2009-05-08 13:34:41.000000000 -0400
+@@ -857,7 +857,7 @@ ng_chase (const char *dn, ldap_initgroup
+   LA_STRING (a) = dn;
+   LA_TYPE (a) = LA_TYPE_STRING;
+ 
+-  if (_nss_ldap_ent_context_init_locked (&ctx) == NULL)
++  if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL)
+     {
+       return NSS_UNAVAIL;
+     }
+@@ -930,7 +930,7 @@ ng_chase_backlink (const char ** members
+   LA_STRING_LIST (a) = filteredMembersOf;
+   LA_TYPE (a) = LA_TYPE_STRING_LIST_OR;
+ 
+-  if (_nss_ldap_ent_context_init_locked (&ctx) == NULL)
++  if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL)
+     {
+       free (filteredMembersOf);
+       return NSS_UNAVAIL;
+diff -up nss_ldap-253/ldap-netgrp.c nss_ldap-253/ldap-netgrp.c
+--- nss_ldap-253/ldap-netgrp.c	2009-05-08 13:31:35.000000000 -0400
++++ nss_ldap-253/ldap-netgrp.c	2009-05-08 13:33:14.000000000 -0400
+@@ -691,7 +691,7 @@ do_innetgr_nested (ldap_innetgr_args_t *
+   LA_TYPE (a) = LA_TYPE_STRING;
+   LA_STRING (a) = nested;	/* memberNisNetgroup */
+ 
+-  if (_nss_ldap_ent_context_init_locked (&ctx) == NULL)
++  if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL)
+     {
+       debug ("<== do_innetgr_nested: failed to initialize context");
+       return NSS_UNAVAIL;
+diff -up nss_ldap-253/ldap-nss.c nss_ldap-253/ldap-nss.c
+--- nss_ldap-253/ldap-nss.c	2009-05-08 13:27:17.000000000 -0400
++++ nss_ldap-253/ldap-nss.c	2009-05-08 14:05:51.000000000 -0400
+@@ -1961,6 +1961,7 @@ _nss_ldap_ent_context_init_locked (ent_c
+ 	  debug ("<== _nss_ldap_ent_context_init_locked");
+ 	  return NULL;
+ 	}
++      ctx->ec_internal = 0;
+       *pctx = ctx;
+     }
+   else
+@@ -1990,6 +1991,15 @@ _nss_ldap_ent_context_init_locked (ent_c
+ 
+   return ctx;
+ }
++ent_context_t *
++_nss_ldap_ent_context_init_internal_locked (ent_context_t ** pctx)
++{
++  ent_context_t *ctx;
++  ctx = _nss_ldap_ent_context_init_locked (pctx);
++  if (ctx != NULL)
++    ctx->ec_internal = 1;
++  return ctx;
++}
+ 
+ /*
+  * Clears a given context; we require the caller
+@@ -2031,7 +2041,8 @@ _nss_ldap_ent_context_release (ent_conte
+ 
+   LS_INIT (ctx->ec_state);
+ 
+-  if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT))
++  if (!ctx->ec_internal &&
++      _nss_ldap_test_config_flag (NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT))
+     {
+       do_close ();
+     }
+diff -up nss_ldap-253/ldap-nss.h nss_ldap-253/ldap-nss.h
+--- nss_ldap-253/ldap-nss.h	2009-05-08 13:35:47.000000000 -0400
++++ nss_ldap-253/ldap-nss.h	2009-05-08 13:52:25.000000000 -0400
+@@ -560,6 +560,8 @@ struct ent_context
+   ldap_state_t ec_state;	/* eg. for services */
+   int ec_msgid;			/* message ID */
+   LDAPMessage *ec_res;		/* result chain */
++  int ec_internal;		/* this context is just a part of a larger
++				 * query for information */
+   ldap_service_search_descriptor_t *ec_sd;	/* current sd */
+   struct berval *ec_cookie;     /* cookie for paged searches */
+ };
+@@ -744,6 +746,15 @@ ent_context_t *_nss_ldap_ent_context_ini
+ ent_context_t *_nss_ldap_ent_context_init_locked (ent_context_t **);
+ 
+ /*
++ * _nss_ldap_ent_context_init_internal_locked() has the same
++ * behaviour, except it marks the context as one that's being
++ * used to fetch additional data used in answering a request, i.e.
++ * that this isn't the "main" context
++ */
++
++ent_context_t *_nss_ldap_ent_context_init_internal_locked (ent_context_t **);
++
++/*
+  * _nss_ldap_ent_context_release() is used to manually free a context 
+  */
+ void _nss_ldap_ent_context_release (ent_context_t *);
diff --git a/sys-auth/nss_ldap/nss_ldap-265-r3.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r3.ebuild
new file mode 100644
index 000000000000..7c3ceace8003
--- /dev/null
+++ b/sys-auth/nss_ldap/nss_ldap-265-r3.ebuild
@@ -0,0 +1,137 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/nss_ldap-265-r3.ebuild,v 1.1 2014/02/17 05:41:10 prometheanfire Exp $
+
+EAPI=5
+inherit fixheadtails eutils multilib autotools prefix
+
+IUSE="debug ssl sasl kerberos"
+
+DESCRIPTION="NSS LDAP Module"
+HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html"
+SRC_URI="http://www.padl.com/download/${P}.tar.gz"
+
+SLOT="0"
+LICENSE="LGPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux"
+
+DEPEND=">=net-nds/openldap-2.1.30-r5
+		sasl? ( dev-libs/cyrus-sasl )
+		kerberos? ( virtual/krb5 )
+		ssl? ( dev-libs/openssl )"
+RDEPEND="${DEPEND}
+		!<net-fs/autofs-4.1.3"
+
+src_prepare() {
+	if use prefix; then
+		epatch "${FILESDIR}"/${P}-installdir.patch
+		eprefixify Makefile.am
+	fi
+
+	# bug 438692
+	epatch "${FILESDIR}"/${P}-pthread.patch
+
+	epatch "${FILESDIR}"/nsswitch.ldap.diff
+
+	# Applied by upstream
+	#epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch
+
+	epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch
+
+	EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-265-reconnect-timeouts.patch
+
+	# Applied by upstream
+	#EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch
+
+	EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch
+
+	sed -i.orig \
+		-e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \
+		"${S}"/ldap.conf
+
+	# fix head/tail stuff
+	ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp
+
+	# fix build borkage
+	for i in Makefile.{in,am}; do
+	  sed -i.orig \
+	    -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \
+	    "${S}"/$i
+	done
+
+	epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch
+
+	# Bug #214750, no automagic deps
+	epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch
+
+	# Upstream forgets the version number sometimes
+	#sed -i \
+	#	-e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \
+	#	"${S}"/configure.in
+
+	# Include an SONAME
+	epatch "${FILESDIR}"/${PN}-254-soname.patch
+
+	#fix broken oneshot connections
+	epatch "${FILESDIR}/nss_ldap-265-missing-entries-oneshot.patch"
+
+	sed -i \
+		-e 's, vers_string , ./vers_string ,g' \
+		"${S}"/Makefile.am
+
+	if use kernel_FreeBSD; then
+		#fix broken fbsd support
+		EPATCH_OPTS="-p0 -d ${S}" epatch "${FILESDIR}/nss_ldap-265-fbsd.patch"
+	fi
+
+	eautoreconf
+}
+
+src_configure() {
+	local myconf=""
+	use debug && myconf="${myconf} --enable-debugging"
+	use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi"
+	# --enable-schema-mapping \
+	econf \
+		--with-ldap-lib=openldap \
+		--libdir="${EPREFIX}/$(get_libdir)" \
+		--with-ldap-conf-file="${EPREFIX}/etc/ldap.conf" \
+		--enable-paged-results \
+		--enable-rfc2307bis \
+		$(use_enable ssl) \
+		$(use_enable sasl) \
+		$(use_enable kerberos krb) \
+		${myconf}
+
+	if use kernel_FreeBSD; then
+		# configure.in does not properly handle include dependencies
+		echo "#define HAVE_NETINET_IF_ETHER_H 1" >> ${S}/config.h
+		echo "#define HAVE_NET_ROUTE_H 1" >> ${S}/config.h
+		echo "#define HAVE_RESOLV_H 1" >> ${S}/config.h
+	fi
+}
+
+src_install() {
+	dodir /$(get_libdir)
+
+	emake -j1 DESTDIR="${D}" install \
+		INST_UID=${PORTAGE_USER:-root} INST_GID=${PORTAGE_GROUP:-root}
+
+	insinto /etc
+	doins ldap.conf
+
+	# Append two blank lines and some skip entries
+	echo >>"${ED}"/etc/ldap.conf
+	echo >>"${ED}"/etc/ldap.conf
+	sed -i "${ED}"/etc/ldap.conf \
+		-e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres'
+
+	dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \
+		CVSVersionInfo.txt README nsswitch.ldap certutil
+	docinto docs; dodoc doc/*
+}
+
+pkg_postinst() {
+	elog "If you use a ldaps:// string in the 'uri' setting of"
+	elog "your /etc/ldap.conf, you must set 'ssl on'!"
+}
author	Matthew Thode <prometheanfire@gentoo.org>	2014-02-17 05:41:10 +0000
committer	Matthew Thode <prometheanfire@gentoo.org>	2014-02-17 05:41:10 +0000
commit	7419f4906f66fd6893bcc1cf32d8ca9b77aad643 (patch)
tree	8053350eafbd4064eb5a62e64994d4c11c22ce52 /sys-auth/nss_ldap
parent	old (diff)
download	gentoo-2-7419f4906f66fd6893bcc1cf32d8ca9b77aad643.tar.gz gentoo-2-7419f4906f66fd6893bcc1cf32d8ca9b77aad643.tar.bz2 gentoo-2-7419f4906f66fd6893bcc1cf32d8ca9b77aad643.zip