Rebase patch 463_login_delay_obeys_to_PAM

debian/patches/463_login_delay_obeys_to_PAM.patch

@@ -7,25 +7,27 @@ Status wrt upstream: Forwarded but not applied yet
 
 Note: If removed, FAIL_DELAY must be re-added to /etc/login.defs
 
---- a/src/login.c
-+++ b/src/login.c
-@@ -512,7 +512,6 @@
- #if !defined(USE_PAM)
- 	char ptime[80];
- #endif
--	unsigned int delay;
- 	unsigned int retries;
- 	bool subroot = false;
- #ifndef USE_PAM
-@@ -537,6 +536,7 @@
- 	pid_t child;
- 	char *pam_user = NULL;
+Index: shadow/src/login.c
+===================================================================
+--- shadow.orig/src/login.c
++++ shadow/src/login.c
+@@ -489,7 +489,6 @@ int main (int argc, char **argv)
+ 	const char     *tmptty;
+ 	const char     *cp;
+ 	const char     *tmp;
+-	unsigned int   delay;
+ 	unsigned int   retries;
+ 	unsigned int   timeout;
+ 	struct passwd  *pwd = NULL;
+@@ -499,6 +498,7 @@ int main (int argc, char **argv)
+ 	char           *pam_user = NULL;
+ 	pid_t          child;
  #else
-+	unsigned int delay;
++	unsigned int   delay;
+ 	bool is_console;
  	struct spwd *spwd = NULL;
- #endif
- 	/*
-@@ -701,7 +701,6 @@
+ # if defined(ENABLE_LASTLOG)
+@@ -667,7 +667,6 @@ int main (int argc, char **argv)
  	}
  
  	environ = newenvp;	/* make new environment active */
@@ -33,7 +35,7 @@ Note: If removed, FAIL_DELAY must be re-added to /etc/login.defs
  	retries = getdef_unum ("LOGIN_RETRIES", RETRIES);
  
  #ifdef USE_PAM
-@@ -717,8 +716,7 @@
+@@ -683,8 +682,7 @@ int main (int argc, char **argv)
  
  	/*
  	 * hostname & tty are either set to NULL or their correct values,
@@ -43,7 +45,7 @@ Note: If removed, FAIL_DELAY must be re-added to /etc/login.defs
  	 *
  	 * PAM_RHOST and PAM_TTY are used for authentication, only use
  	 * information coming from login or from the caller (e.g. no utmp)
-@@ -727,10 +725,6 @@
+@@ -693,10 +691,6 @@ int main (int argc, char **argv)
  	PAM_FAIL_CHECK;
  	retcode = pam_set_item (pamh, PAM_TTY, tty);
  	PAM_FAIL_CHECK;
@@ -53,8 +55,8 @@ Note: If removed, FAIL_DELAY must be re-added to /etc/login.defs
 -#endif
  	/* if fflg, then the user has already been authenticated */
  	if (!fflg) {
- 		unsigned int failcount = 0;
-@@ -771,12 +765,6 @@
+ 		char          hostn[256];
+@@ -734,12 +728,6 @@ int main (int argc, char **argv)
  			bool failed = false;
  
  			failcount++;
@@ -67,7 +69,7 @@ Note: If removed, FAIL_DELAY must be re-added to /etc/login.defs
  
  			retcode = pam_authenticate (pamh, 0);
  
-@@ -1110,14 +1098,17 @@
+@@ -1029,14 +1017,17 @@ int main (int argc, char **argv)
  		free (username);
  		username = NULL;
  
@@ -85,13 +87,15 @@ Note: If removed, FAIL_DELAY must be re-added to /etc/login.defs
  
  		(void) puts (_("Login incorrect"));
  
---- a/lib/getdef.c
-+++ b/lib/getdef.c
-@@ -77,7 +77,6 @@
+Index: shadow/lib/getdef.c
+===================================================================
+--- shadow.orig/lib/getdef.c
++++ shadow/lib/getdef.c
+@@ -83,7 +83,6 @@ static struct itemdef def_table[] = {
  	{"ENV_PATH", NULL},
  	{"ENV_SUPATH", NULL},
  	{"ERASECHAR", NULL},
 -	{"FAIL_DELAY", NULL},
- 	{"FAILLOG_ENAB", NULL},
  	{"FAKE_SHELL", NULL},
- 	{"FTMP_FILE", NULL},
+ 	{"GID_MAX", NULL},
+ 	{"GID_MIN", NULL},

debian/patches/series

@@ -5,7 +5,7 @@
 401_cppw_src.patch
 # 402 should be merged in 401, but should be reviewed by SE Linux experts first
 402_cppw_selinux.patch
-463_login_delay_obeys_to_PAM
+463_login_delay_obeys_to_PAM.patch
 501_commonio_group_shadow
 502_debian_useradd_defaults
 503_shadowconfig.8