rpms/pam/devel pam-1.1.0-cracklib-authtok.patch, NONE, 1.1 pam.spec, 1.199, 1.200
Tomáš Mráz
tmraz at fedoraproject.org
Mon Jul 27 15:23:22 UTC 2009
Author: tmraz
Update of /cvs/pkgs/rpms/pam/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29281
Modified Files:
pam.spec
Added Files:
pam-1.1.0-cracklib-authtok.patch
Log Message:
* Mon Jul 27 2009 Tomas Mraz <tmraz at redhat.com> 1.1.0-3
- fix for pam_cracklib from upstream
pam-1.1.0-cracklib-authtok.patch:
pam_cracklib.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
--- NEW FILE pam-1.1.0-cracklib-authtok.patch ---
Reset the new authtok if weak.
diff -u -p -r1.33 -r1.34
--- modules/pam_cracklib/pam_cracklib.c 11 Dec 2008 19:41:49 -0000 1.33
+++ modules/pam_cracklib/pam_cracklib.c 21 Jul 2009 13:59:24 -0000 1.34
@@ -545,7 +545,7 @@ static int _pam_unix_approve_pass(pam_ha
const char *pass_new)
{
const char *msg = NULL;
- const void *user;
+ const char *user;
int retval;
if (pass_new == NULL || (pass_old && !strcmp(pass_old,pass_new))) {
@@ -556,7 +556,7 @@ static int _pam_unix_approve_pass(pam_ha
return PAM_AUTHTOK_ERR;
}
- retval = pam_get_item(pamh, PAM_USER, &user);
+ retval = pam_get_user(pamh, &user, NULL);
if (retval != PAM_SUCCESS || user == NULL) {
if (ctrl & PAM_DEBUG_ARG)
pam_syslog(pamh,LOG_ERR,"Can not get username");
@@ -658,6 +658,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
pam_error (pamh, _("BAD PASSWORD: %s"), crack_msg);
if (getuid() || (flags & PAM_CHANGE_EXPIRED_AUTHTOK))
{
+ pam_set_item (pamh, PAM_AUTHTOK, NULL);
retval = PAM_AUTHTOK_ERR;
continue;
}
@@ -670,6 +671,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
if (retval != PAM_SUCCESS) {
if (getuid() || (flags & PAM_CHANGE_EXPIRED_AUTHTOK))
{
+ pam_set_item(pamh, PAM_AUTHTOK, NULL);
retval = PAM_AUTHTOK_ERR;
continue;
}
Index: pam.spec
===================================================================
RCS file: /cvs/pkgs/rpms/pam/devel/pam.spec,v
retrieving revision 1.199
retrieving revision 1.200
diff -u -p -r1.199 -r1.200
--- pam.spec 25 Jul 2009 23:08:11 -0000 1.199
+++ pam.spec 27 Jul 2009 15:23:22 -0000 1.200
@@ -3,7 +3,7 @@
Summary: An extensible library which provides authentication for applications
Name: pam
Version: 1.1.0
-Release: 2%{?dist}
+Release: 3%{?dist}
# The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant
# as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+,
# pam_rhosts_auth module is BSD with advertising
@@ -24,6 +24,7 @@ Source13: config-util.5
Source14: 90-nproc.conf
Patch1: pam-1.0.90-redhat-modules.patch
Patch2: pam-1.0.91-std-noclose.patch
+Patch3: pam-1.1.0-cracklib-authtok.patch
%define _sbindir /sbin
%define _moduledir /%{_lib}/security
@@ -86,6 +87,7 @@ mv pam-redhat-%{pam_redhat_version}/* mo
%patch1 -p1 -b .redhat-modules
%patch2 -p1 -b .std-noclose
+%patch3 -p1 -b .authtok
libtoolize -f
autoreconf
@@ -325,6 +327,9 @@ fi
%doc doc/adg/*.txt doc/adg/html
%changelog
+* Mon Jul 27 2009 Tomas Mraz <tmraz at redhat.com> 1.1.0-3
+- fix for pam_cracklib from upstream
+
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
More information about the fedora-extras-commits
mailing list