VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove Debian patches already applied in 4.1.0 (already marked as such in

Browse Source 
the changelog and in the patches).
This commit is contained in:
nekral-guest
2007-12-26 14:56:06 +00:00
parent 459433e461
commit 09e267dad4
11 changed files with 0 additions and 621 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
debian/patches/397_non_numerical_identifier vendored
View File

@@ -1,27 +0,0 @@
Goal: allow non numerical group identifier to be specified with useradd's
and usermod's -g options
Fixes: #381394, #381399, #381404, #381408, #381448
Status wrt upstream: Was applied in CVS for usermod
Will be fixed in 4.0.19
Index: shadow-4.0.18.1/src/useradd.c
===================================================================
--- shadow-4.0.18.1.orig/src/useradd.c 2006-09-17 12:25:16.499523435 +0200
+++ shadow-4.0.18.1/src/useradd.c 2006-09-17 12:25:28.379617865 +0200
@@ -206,12 +206,8 @@
char *errptr;
gid = strtol (grname, &errptr, 10);
- if (*errptr || errno == ERANGE || gid < 0) {
- fprintf (stderr,
- _("%s: invalid numeric argument '%s'\n"), Prog,
- grname);
- exit (E_BAD_ARG);
- }
+ if (*grname != '\0' && *errptr == '\0' && errno != ERANGE && gid >= 0)
+ return getgrgid (gid);
return getgrnam (grname);
}

29
debian/patches/405_su_no_pam_end_before_exec vendored
View File

@@ -1,29 +0,0 @@
Goal: Avoid terminating the PAM library in the forked child. This is done
later in the parent after closing the PAM session.
Note: OR'ing the status with PAM_DATA_SILENT should be sufficient, but it
is not supported by some modules, and the pam_end is not strictly needed
anyway.
Fixes: #412061
Status wrt upstream: Will be fixed in 4.0.19.
Index: shadow-4.0.18.1/src/su.c
===================================================================
--- shadow-4.0.18.1.orig/src/su.c 2007-02-25 14:22:54.000000000 +0100
+++ shadow-4.0.18.1/src/su.c 2007-02-25 14:29:01.000000000 +0100
@@ -196,7 +196,12 @@
child = fork ();
if (child == 0) { /* child shell */
- pam_end (pamh, PAM_SUCCESS);
+ /*
+ * PAM_DATA_SILENT is not supported by some modules, and
+ * there is no strong need to clean up the process space's
+ * memory since we will either call exec or exit.
+ pam_end (pamh, PAM_SUCCESS | PAM_DATA_SILENT);
+ */
if (doshell)
(void) shell (shellstr, (char *) args[0], envp);

249
debian/patches/409_man_generate_from_PO vendored
View File

@@ -1,249 +0,0 @@
Goal: Build the translated man pages at build time.
Note: Translators must list the manpages which are translated in the
man_MANS (and man_nopam) variables.
Status wrt upstream: Will be fixed in 4.0.19.
Index: shadow-4.0.18.2/man/Makefile.am
===================================================================
--- shadow-4.0.18.2.orig/man/Makefile.am 2007-10-28 17:50:38.000000000 +0100
+++ shadow-4.0.18.2/man/Makefile.am 2007-10-28 17:50:40.000000000 +0100
@@ -114,141 +114,20 @@
if ENABLE_REGENERATE_MAN
-chage.1: chage.1.xml
+%: %.xml
$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-chfn.1: chfn.1.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-chgpasswd.8: chgpasswd.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-chpasswd.8: chpasswd.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-chsh.1: chsh.1.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-expiry.1: expiry.1.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-faillog.5: faillog.5.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-faillog.8: faillog.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-gpasswd.1: gpasswd.1.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-groupadd.8: groupadd.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-groupdel.8: groupdel.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-groupmems.8: groupmems.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-groupmod.8: groupmod.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-groups.1: groups.1.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-grpck.8: grpck.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-gshadow.5: gshadow.5.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-id.1: id.1.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-lastlog.8: lastlog.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-limits.5: limits.5.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+grpconv.8 grpunconv.8 pwunconv.8: pwconv.8
-login.1: login.1.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+getspnam.3: shadow.3
-login.access.5: login.access.5.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+vigr.8: vipw.8
-login.defs.5: login.defs.5.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-logoutd.8: logoutd.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-newgrp.1: newgrp.1.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-newusers.8: newusers.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-nologin.8: nologin.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-passwd.1: passwd.1.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-passwd.5: passwd.5.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-porttime.5: porttime.5.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-pwck.8: pwck.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-grpconv.8 grpunconv.8 pwconv.8 pwunconv.8: pwconv.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-shadow.3 getspnam.3: shadow.3.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-shadow.5: shadow.5.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-sg.1: sg.1.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-su.1: su.1.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-sulogin.8: sulogin.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-suauth.5: suauth.5.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-useradd.8: useradd.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-userdel.8: userdel.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-usermod.8: usermod.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-vigr.8 vipw.8: vipw.8.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-CLEANFILES = $(man_MANS) $(ALL_TRANSLATED_XMLS)
+CLEANFILES = $(man_MANS)
POFILES = $(foreach lang, $(LINGUAS), $(lang)/$(lang).po)
-ALL_TRANSLATED_XMLS = $(foreach dir, $(LINGUAS), $(foreach xmlfile, $(man_XMANS), $(dir)/$(xmlfile)))
-
-all: $(POFILES) $(ALL_TRANSLATED_XMLS)
-
-gen-xmls: $(ALL_TRANSLATED_XMLS)
-$(ALL_TRANSLATED_XMLS): $(man_XMANS)
- xml2po -l $(strip $(subst /,, $(dir $@))) -p $(strip $(subst /,, $(dir $@)))/$(strip $(subst /,, $(dir $@))).po -o $@ $(notdir $@)
- sed -i 's:\(^<refentry .*\)>:\1 lang="$(strip $(subst /,, $(dir $@)))">:' $@
+all: $(POFILES)
$(POFILES): shadow-man-pages.pot
Index: shadow-4.0.18.2/man/de/Makefile.am
===================================================================
--- shadow-4.0.18.2.orig/man/de/Makefile.am 2007-10-28 17:50:37.000000000 +0100
+++ shadow-4.0.18.2/man/de/Makefile.am 2007-10-28 17:50:40.000000000 +0100
@@ -13,3 +13,6 @@
vipw.8
EXTRA_DIST = $(man_MANS)
+
+include ../generate_translations.mak
+
Index: shadow-4.0.18.2/man/fr/Makefile.am
===================================================================
--- shadow-4.0.18.2.orig/man/fr/Makefile.am 2007-10-28 17:50:37.000000000 +0100
+++ shadow-4.0.18.2/man/fr/Makefile.am 2007-10-28 17:50:40.000000000 +0100
@@ -53,3 +53,6 @@
EXTRA_DIST = \
$(man_MANS) \
$(man_nopam)
+
+include ../generate_translations.mak
+
Index: shadow-4.0.18.2/man/generate_translations.mak
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ shadow-4.0.18.2/man/generate_translations.mak 2007-10-28 17:50:40.000000000 +0100
@@ -0,0 +1,20 @@
+if ENABLE_REGENERATE_MAN
+
+LANG=$(notdir $(CURDIR))
+
+%.xml: ../%.xml $(LANG).po
+ xml2po -l $(LANG) -p $(LANG).po -o $@ ../$@
+ sed -i 's:\(^<refentry .*\)>:\1 lang="$(LANG)">:' $@
+
+%: %.xml
+ $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+
+grpconv.8 grpunconv.8 pwunconv.8: pwconv.8
+
+getspnam.3: shadow.3
+
+vigr.8: vipw.8
+
+CLEANFILES = .xml2po.mo $(man_MANS) $(addsuffix .xml,$(man_MANS))
+
+endif
Index: shadow-4.0.18.2/man/pl/Makefile.am
===================================================================
--- shadow-4.0.18.2.orig/man/pl/Makefile.am 2007-10-28 17:50:37.000000000 +0100
+++ shadow-4.0.18.2/man/pl/Makefile.am 2007-10-28 17:50:40.000000000 +0100
@@ -54,3 +54,6 @@
id.1 \
shadow.3 \
sulogin.8
+
+include ../generate_translations.mak
+
Index: shadow-4.0.18.2/man/ru/Makefile.am
===================================================================
--- shadow-4.0.18.2.orig/man/ru/Makefile.am 2007-10-28 17:50:37.000000000 +0100
+++ shadow-4.0.18.2/man/ru/Makefile.am 2007-10-28 17:50:40.000000000 +0100
@@ -58,3 +58,6 @@
$(man_nopam) \
id.1 \
sulogin.8
+
+include ../generate_translations.mak
+
Index: shadow-4.0.18.2/man/sv/Makefile.am
===================================================================
--- shadow-4.0.18.2.orig/man/sv/Makefile.am 2007-10-28 17:50:38.000000000 +0100
+++ shadow-4.0.18.2/man/sv/Makefile.am 2007-10-28 17:50:40.000000000 +0100
@@ -55,3 +55,6 @@
EXTRA_DIST = \
$(man_MANS) \
$(man_nopam)
+
+include ../generate_translations.mak
+
Index: shadow-4.0.18.2/man/it/Makefile.am
===================================================================
--- shadow-4.0.18.2.orig/man/it/Makefile.am 2007-10-28 17:51:43.000000000 +0100
+++ shadow-4.0.18.2/man/it/Makefile.am 2007-10-28 17:52:06.000000000 +0100
@@ -49,3 +49,5 @@
$(man_nopam) \
id.1
+include ../generate_translations.mak
+

22
debian/patches/410_newgrp_man_mention_sg vendored
View File

@@ -1,22 +0,0 @@
Goal: Mention sg(1) in newgrp(1)
Fixes: #396690
Note:
Status wrt upstream: Will be fixed in 4.0.19.
Index: shadow-4.0.18.1/man/newgrp.1.xml
===================================================================
--- shadow-4.0.18.1.orig/man/newgrp.1.xml 2007-06-17 07:37:04.471806587 +0200
+++ shadow-4.0.18.1/man/newgrp.1.xml 2007-06-17 07:37:32.970369504 +0200
@@ -93,6 +93,9 @@
<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
+ <refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
<refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>

26
debian/patches/411_chpasswd_document_no_pam vendored
View File

@@ -1,26 +0,0 @@
Goal: Document that chpasswd does not use PAM.
Fixes: #396726
Status wrt upstream: Will be fixed in 4.0.19.
Note: Even when PAM support is activated in chpasswd, this patch is valid. The
PAM support is only for the authentication of the caller.
Index: shadow-4.0.18.1/man/chpasswd.8.xml
===================================================================
--- shadow-4.0.18.1.orig/man/chpasswd.8.xml 2007-06-19 11:43:16.000000000 +0100
+++ shadow-4.0.18.1/man/chpasswd.8.xml 2007-06-19 11:47:10.000000000 +0100
@@ -79,6 +79,13 @@
Remember to set permissions or umask to prevent readability of
unencrypted files by other users.
</para>
+ <para>
+ <command>chpasswd</command> does not use PAM to update the passwords.
+ Thus, It only updates the passwords from the
+ <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>
+ databases, and does not support the various checks provided by PAM
+ modules.
+ </para>
</refsect1>
<refsect1 id='see_also'>

21
debian/patches/417_passwd_warndays vendored
View File

@@ -1,21 +0,0 @@
Goal: Use "warndays as long option for "-w" and not "warning"
Fixes: #445481
Status wrt upstream: Will be fixed in 4.0.19.
Note:
Index: shadow-4.0.18.1/src/passwd.c
===================================================================
--- shadow-4.0.18.1.orig/src/passwd.c
+++ shadow-4.0.18.1/src/passwd.c
@@ -655,7 +655,7 @@
{"repository", required_argument, NULL, 'r'},
{"status", no_argument, NULL, 'S'},
{"unlock", no_argument, NULL, 'u'},
- {"warning", required_argument, NULL, 'w'},
+ {"warndays", required_argument, NULL, 'w'},
{"maxdays", required_argument, NULL, 'x'},
{NULL, 0, NULL, '\0'}
};

62
debian/patches/468_duplicate_passwd_struct_before_usage vendored
View File

@@ -1,62 +0,0 @@
Goal:
The getpwnam man page specifies:
The getpwnam() and getpwuid() functions return a pointer to a passwd
structure, or NULL if the matching entry is not found or an error
occurs. If an error occurs, errno is set appropriately. If one wants
to check errno after the call, it should be set to zero before the
call.
The return value may point to static area, and may be overwritten by
subsequent calls to getpwent(), getpwnam(), or getpwuid().
There is no garranty that a PAM module will not use one of these
functions. (This is the case of pam_unix in PAM 0.76)
So the structure must be duplicated before being used (there are call
to PAM between the call to getpwnam and the usage of the passwd
structure).
In the GNU libc, only a call to the same function (getpwent(),
getpwnam(), or getpwuid()) overrides the static area.
This patch should fix this kind of issues for the GNU libc. However,
getpwuid is often called after the call to getpwnam in shaow. I did not
checked if there may be an issue for non-GNU libc.
Fixes: #341230
Status wrt upstream: Fixed differently in 4.0.19. (all the getpwnam, ...
reviewed)
Index: shadow-4.0.18.1/src/chfn.c
===================================================================
--- shadow-4.0.18.1.orig/src/chfn.c 2006-05-07 19:44:39.000000000 +0200
+++ shadow-4.0.18.1/src/chfn.c 2006-09-17 12:18:06.364103948 +0200
@@ -334,6 +334,11 @@
}
user = xstrdup (pw->pw_name);
}
+ pw = __pw_dup(pw);
+ if (!pw) {
+ fprintf (stderr, _("%s: out of memory\n"), Prog);
+ exit (E_NOPERM);
+ }
#ifdef USE_NIS
/*
Index: shadow-4.0.18.1/src/chsh.c
===================================================================
--- shadow-4.0.18.1.orig/src/chsh.c 2006-07-13 23:26:35.000000000 +0200
+++ shadow-4.0.18.1/src/chsh.c 2006-09-17 12:18:06.368103980 +0200
@@ -265,6 +265,11 @@
}
user = xstrdup (pw->pw_name);
}
+ pw = __pw_dup(pw);
+ if (!pw) {
+ fprintf (stderr, _("%s: out of memory\n"), Prog);
+ exit (1);
+ }
#ifdef USE_NIS
/*

26
debian/patches/493_pwck_no_SHADOWPWD vendored
View File

@@ -1,26 +0,0 @@
Goal: SHADOWPWD is now assumed (no more defined).
Fixes: pwck do not detect missing users in /etc/shadow.
Status wrt upstream: Will be fixed in 4.0.19.
Index: shadow-4.0.18.1/src/pwck.c
===================================================================
--- shadow-4.0.18.1.orig/src/pwck.c 2006-10-21 13:33:12.000000000 +0200
+++ shadow-4.0.18.1/src/pwck.c 2006-10-21 13:36:29.000000000 +0200
@@ -344,7 +344,6 @@
pwd->pw_name, pwd->pw_shell);
errors++;
}
-#ifdef SHADOWPWD
/*
* Make sure this entry exists in the /etc/gshadow file.
*/
@@ -397,7 +396,6 @@
}
}
}
-#endif
}
if (!is_shadow)

47
debian/patches/494_passwd_lock vendored
View File

@@ -1,47 +0,0 @@
Status wrt upstream: Will be fixed in 4.0.19.
Index: shadow-4.0.18.1/man/passwd.1.xml
===================================================================
--- shadow-4.0.18.1.orig/man/passwd.1.xml 2007-06-21 02:04:59.531851133 +0200
+++ shadow-4.0.18.1/man/passwd.1.xml 2007-06-21 02:28:19.460572933 +0200
@@ -188,7 +188,8 @@
<listitem>
<para>
Lock the named account. This option disables an account by changing
- the password to a value which matches no possible encrypted value.
+ the password to a value which matches no possible encrypted value,
+ and by setting the account expiry field to 1.
</para>
</listitem>
</varlistentry>
@@ -249,7 +250,8 @@
<para>
Unlock the named account. This option re-enables an account by
changing the password back to its previous value (to value before
- using <option>-l</option> option).
+ using <option>-l</option> option), and by resetting the account
+ expiry field.
</para>
</listitem>
</varlistentry>
Index: shadow-4.0.18.1/src/passwd.c
===================================================================
--- shadow-4.0.18.1.orig/src/passwd.c 2007-06-21 02:05:36.029992809 +0200
+++ shadow-4.0.18.1/src/passwd.c 2007-06-21 02:28:19.460572933 +0200
@@ -531,6 +531,16 @@
nsp->sp_inact = (inact * DAY) / SCALE;
if (do_update_age)
nsp->sp_lstchg = time ((time_t *) 0) / SCALE;
+ if (lflg)
+ {
+ /* Set the account expiry field to 1.
+ * Some PAM implementation consider zero as a non expired
+ * account.
+ */
+ nsp->sp_expire = 1;
+ }
+ if (uflg)
+ nsp->sp_expire = -1;
/*
* Force change on next login, like SunOS 4.x passwd -e or Solaris

88
debian/patches/495_salt_stack_smash vendored
View File

@@ -1,88 +0,0 @@
Goal: Do not break chpasswd/chgpasswd if compiled with
SSP (the -fstack-protector option in gcc 4.1) by fixing an
overflow in the 'salt' array
Fix: #377825
Author: Colin Watson <cjwatson@debian.org>
Status wrt upstream: Will be fixed in 4.0.19
This upstream section changed a lot.
Index: shadow-4.0.18.1/libmisc/salt.c
===================================================================
--- shadow-4.0.18.1.orig/libmisc/salt.c 2006-09-17 12:17:58.260039514 +0200
+++ shadow-4.0.18.1/libmisc/salt.c 2006-09-17 12:18:13.948164248 +0200
@@ -25,11 +25,13 @@
{
struct timeval tv;
static char result[40];
+ int max_salt_len = 8;
result[0] = '\0';
#ifndef USE_PAM
if (getdef_bool ("MD5_CRYPT_ENAB")) {
strcpy (result, "$1$"); /* magic for the new MD5 crypt() */
+ max_salt_len += 3;
}
#endif
@@ -40,8 +42,8 @@
strcat (result, l64a (tv.tv_usec));
strcat (result, l64a (tv.tv_sec + getpid () + clock ()));
- if (strlen (result) > 3 + 8) /* magic+salt */
- result[11] = '\0';
+ if (strlen (result) > max_salt_len)
+ result[max_salt_len] = '\0';
return result;
}
Index: shadow-4.0.18.1/src/chgpasswd.c
===================================================================
--- shadow-4.0.18.1.orig/src/chgpasswd.c 2006-09-17 12:17:58.260039514 +0200
+++ shadow-4.0.18.1/src/chgpasswd.c 2006-09-17 12:18:13.952164280 +0200
@@ -244,10 +244,16 @@
newpwd = cp;
if (!eflg) {
if (md5flg) {
- char salt[12] = "$1$";
+ char md5salt[12] = "$1$";
+ char *salt = crypt_make_salt ();
- strcat (salt, crypt_make_salt ());
- cp = pw_encrypt (newpwd, salt);
+ if (strncmp (salt, "$1$", 3) == 0) {
+ strncat (md5salt, salt, 11);
+ } else {
+ strcat (md5salt, "$1$");
+ strncat (md5salt, salt, 8);
+ }
+ cp = pw_encrypt (newpwd, md5salt);
} else
cp = pw_encrypt (newpwd, crypt_make_salt ());
}
Index: shadow-4.0.18.1/src/chpasswd.c
===================================================================
--- shadow-4.0.18.1.orig/src/chpasswd.c 2006-09-17 12:17:58.228039259 +0200
+++ shadow-4.0.18.1/src/chpasswd.c 2006-09-17 12:18:13.972164439 +0200
@@ -240,10 +240,16 @@
newpwd = cp;
if (!eflg) {
if (md5flg) {
- char salt[12] = "$1$";
+ char md5salt[12] = "";
+ char *salt = crypt_make_salt ();
- strcat (salt, crypt_make_salt ());
- cp = pw_encrypt (newpwd, salt);
+ if (strncmp (salt, "$1$", 3) == 0) {
+ strncat (md5salt, salt, 11);
+ } else {
+ strcat (md5salt, "$1$");
+ strncat (md5salt, salt, 8);
+ }
+ cp = pw_encrypt (newpwd, md5salt);
} else
cp = pw_encrypt (newpwd, crypt_make_salt ());
}

24
debian/patches/497_newgrp_primary_group vendored
View File

@@ -1,24 +0,0 @@
Goal: Do not request a password when a user uses newgrp to switch to her
primary group.
Fixes: #396691
Status wrt upstream: Will be fixed in 4.0.19
Index: shadow-4.0.18.1/src/newgrp.c
===================================================================
--- shadow-4.0.18.1.orig/src/newgrp.c 2007-04-15 15:25:01.000000000 +0200
+++ shadow-4.0.18.1/src/newgrp.c 2007-04-15 15:34:01.000000000 +0200
@@ -357,6 +357,12 @@
needspasswd = 1;
/*
+ * If it's her primary group, do not request a password.
+ */
+ if (grp->gr_gid == pwd->pw_gid)
+ needspasswd = 0;
+
+ /*
* If she does not have either a shadowed password, or a regular
* password, and the group has a password, she needs to give the
* group password.