From: Clinton Ebadi Date: Wed, 30 Apr 2014 03:07:48 +0000 (-0400) Subject: Merge branch 'debian' X-Git-Tag: debian/0.66.1-1_bpo70+hcoop1~1 X-Git-Url: https://git.hcoop.net/hcoop/debian/courier-authlib.git/commitdiff_plain/f77892e671e1261ec26e5133f86b8a52635f3dd2?hp=-c Merge branch 'debian' Conflicts: debian/changelog --- f77892e671e1261ec26e5133f86b8a52635f3dd2 diff --combined authpam.c index 37f4de8,9d40e69..2f2152b --- a/authpam.c +++ b/authpam.c @@@ -1,5 -1,5 +1,5 @@@ /* - ** Copyright 1998 - 2006 Double Precision, Inc. See COPYING for + ** Copyright 1998 - 2012 Double Precision, Inc. See COPYING for ** distribution information. */ @@@ -16,7 -16,7 +16,7 @@@ #endif #include "auth.h" #include "authwait.h" - #include "authstaticlist.h" + #include "courierauthstaticlist.h" #include "courierauthdebug.h" #if HAVE_SECURITY_PAM_APPL_H @@@ -27,7 -27,6 +27,6 @@@ #include #endif - static const char rcsid[]="$Id: authpam.c,v 1.24 2006/10/28 19:22:52 mrsam Exp $"; static const char *pam_username, *pam_password, *pam_service; @@@ -92,18 -91,21 +91,21 @@@ static struct pam_conv conv = NULL }; - static int dopam(pam_handle_t **pamh) + static int dopam(pam_handle_t **pamh, int *started) { - int retval; + int retval; DPRINTF("pam_service=%s, pam_username=%s", pam_service ? pam_service : "", pam_username ? pam_username : ""); + *started=1; + retval=pam_start(pam_service, pam_username, &conv, pamh); if (retval != PAM_SUCCESS) { DPRINTF("pam_start failed, result %d [Hint: bad PAM configuration?]", retval); + *started=0; } #if 0 @@@ -126,20 -128,19 +128,20 @@@ } } -#if 0 #if HAVE_PAM_SETCRED + fprintf(stderr, "pam_setcred...\n"); if (retval == PAM_SUCCESS) { retval=pam_setcred(*pamh, PAM_ESTABLISH_CRED); if (retval != PAM_SUCCESS) { - DPRINTF("pam_setcred failed, result %d", retval); + fprintf(stderr, "pam_setcred failed, result %d\n", retval); } + fprintf(stderr, "pam_setcred done\n"); } #endif -#endif + if (retval == PAM_SUCCESS) { @@@ -221,12 -222,17 +223,17 @@@ char buf[1] if (p == 0) { + int started; + close(pipefd[0]); - retval=dopam(&pamh); + retval=dopam(&pamh, &started); if (retval == PAM_SUCCESS) if (write(pipefd[1], "", 1) < 0) ; /* ignore gcc warning */ close(pipefd[1]); + + if (started) + pam_end(pamh, retval); _exit(0); } @@@ -248,51 -254,6 +255,6 @@@ free(s); errno=EPERM; return (-1); - - #if 0 - free(s); - close(pipefd[0]); - - retval=dopam(&pamh); - - if (retval == PAM_SUCCESS) - retval=pam_open_session(pamh, 0); - - if (retval != PAM_SUCCESS) - { - if (pam_end(pamh, retval) != PAM_SUCCESS) - perror("Unable to release PAM tokens"); - - /* Wait for child to terminate */ - - close(pipefd[1]); /* Tell the child to shut down */ - while (wait(&waitstat) != p) - ; - return (-1); - } - - /* Tell child process to run in authenticated state */ - - write(pipefd[1], "", 1); - close(pipefd[1]); - - /* Wait for child process to finish */ - - while (wait(&waitstat) != p) - ; - - retval=pam_close_session(pamh, 0); - if (retval != PAM_SUCCESS) - perror("pam_close_session"); - - if (pam_end(pamh, retval) != PAM_SUCCESS) - perror("Unable to release PAM tokens"); - - if (WIFEXITED(waitstat)) - exit(WEXITSTATUS(waitstat)); - exit(255); - return (1); - #endif } extern int auth_pam_pre(const char *userid, const char *service, diff --combined courier_auth_config.h index 7c9ded2,29f019e..21906a6 --- a/courier_auth_config.h +++ b/courier_auth_config.h @@@ -1,5 -1,5 +1,5 @@@ /* courier_auth_config.h. Generated from courier_auth_config.h.in by configure. */ - /* courier_auth_config.h.in. Generated from configure.in by autoheader. */ + /* courier_auth_config.h.in. Generated from configure.ac by autoheader. */ /* Define to 1 if you have the `argz_add' function. */ #define HAVE_ARGZ_ADD 1 @@@ -201,11 -201,14 +201,14 @@@ /* #undef LTDL_DLOPEN_DEPLIBS */ /* Define to the system default library search path. */ - #define LT_DLSEARCH_PATH "/lib64:/usr/lib64:/lib:/usr/lib:/usr/lib64/atlas:/usr/lib64/mysql:/usr/lib64/qt-3.3/lib:/usr/lib64/xulrunner-1.9.1" + #define LT_DLSEARCH_PATH "/lib64:/usr/lib64:/lib:/usr/lib:/usr/lib64/atlas:/usr/lib64/dyninst:/usr/lib64/llvm:/usr/lib64/mysql:/usr/lib64/tracker-0.16:/usr/lib64/xulrunner" /* The archive extension */ #define LT_LIBEXT "a" + /* The archive prefix */ + #define LT_LIBPREFIX "lib" + /* Define to the extension used for runtime loadable modules, say, ".so". */ #define LT_MODULE_EXT ".so" @@@ -217,6 -220,9 +220,9 @@@ */ #define LT_OBJDIR ".libs/" + /* Define to the shared library suffix, say, ".dylib". */ + /* #undef LT_SHARED_EXT */ + /* Whether we must a prototype for crypt() */ #define NEED_CRYPT_PROTOTYPE 0 @@@ -238,6 -244,9 +244,9 @@@ /* Define to the one symbol short name of this package. */ /* #undef PACKAGE_TARNAME */ + /* Define to the home page for this package. */ + /* #undef PACKAGE_URL */ + /* Define to the version of this package. */ /* #undef PACKAGE_VERSION */ @@@ -245,7 -254,7 +254,7 @@@ #define STDC_HEADERS 1 /* Location of the userdb database */ -#define USERDB "/usr/local/etc/authlib/userdb" +#define USERDB "/etc/courier/userdb" /* Version number of package */ /* #undef VERSION */ diff --combined debian/changelog index 6638f2c,00b3c65..4dd64b5 --- a/debian/changelog +++ b/debian/changelog @@@ -1,9 -1,13 +1,19 @@@ + courier-authlib (0.66.1-1) unstable; urgency=low + + * New upstream release. + + [Willi Mann ] + + * Fix libtool breakage by explicitly using /bin/bash in debian/rules. + + -- Stefan Hornburg (Racke) Mon, 28 Oct 2013 11:38:37 +0100 + +courier-authlib (0.63.0-6+hcoop1) unstable; urgency=medium + + * Merged HCoop changes + + -- Clinton Ebadi Tue, 29 Apr 2014 20:17:45 -0400 + courier-authlib (0.63.0-6) unstable; urgency=low [Martin Orr ] @@@ -96,18 -100,6 +106,18 @@@ courier-authlib (0.62.2-1) unstable; ur -- Stefan Hornburg (Racke) Mon, 02 Mar 2009 16:09:05 +0100 +courier-authlib (0.61.0-1+lenny1hcoop1) lenny; urgency=low + + * Merge from Debian. Remaining changes: + + authpam.c: + - Revert the disabling of pam_setcred so that IMAP works on AFS. + + courier_auth_config.h: + - Set the userdb path to be /etc/courier/userdb. + + preauthuserdbcommon.c: + - Get AFS tokens. + + -- Michael Olson (HCoop) Thu, 09 Apr 2009 23:43:21 -0400 + courier-authlib (0.61.0-1+lenny1) testing-security; urgency=high * Non-maintainer upload by the security team @@@ -136,50 -128,6 +146,50 @@@ courier-authlib (0.60.1-2.1) unstable; -- Steffen Joeris Mon, 09 Jun 2008 15:29:23 +0000 +courier-authlib (0.60.2-0hcoop7) unstable; urgency=low + + * Revert last change. Now the AFS token code is before the callback. + + -- Michael Olson (HCoop) Thu, 07 Feb 2008 22:37:30 -0500 + +courier-authlib (0.60.2-0hcoop6) unstable; urgency=low + + * Move acquiting of AFS vmail tokens to just after callback. + + -- Michael Olson (HCoop) Sat, 02 Feb 2008 20:29:01 -0500 + +courier-authlib (0.60.2-0hcoop5) unstable; urgency=low + + * Move acquiring of AFS vmail tokens to preauthuserdbcommon.c. + + -- Michael Olson (HCoop) Fri, 01 Feb 2008 21:55:37 -0500 + +courier-authlib (0.60.2-0hcoop4) unstable; urgency=low + + * authuserdb: Try using a separate get-token script. + + -- Michael Olson (HCoop) Wed, 30 Jan 2008 13:17:14 -0500 + +courier-authlib (0.60.2-0hcoop3) unstable; urgency=low + + * Fix bug in previous patch. + + -- Michael Olson (HCoop) Sun, 27 Jan 2008 16:19:18 -0500 + +courier-authlib (0.60.2-0hcoop2) unstable; urgency=low + + * Get token after authenticating a vmail user. + + -- Michael Olson (HCoop) Sat, 26 Jan 2008 15:28:19 -0500 + +courier-authlib (0.60.2-0hcoop1) unstable; urgency=low + + * New upstream release. Remaining changes: + - Revert the disabling of pam_setcred so that IMAP works as expected. + - Set the userdb path to be /etc/courier/userdb. + + -- Michael Olson (HCoop) Fri, 25 Jan 2008 19:24:41 -0500 + courier-authlib (0.60.1-2) unstable; urgency=low * added LSB dependency info to init scripts (Closes: #460221, thanks to @@@ -187,14 -135,6 +197,14 @@@ -- Stefan Hornburg (Racke) Mon, 7 Apr 2008 13:21:37 +0200 +courier-authlib (0.60.1-1hcoop1) unstable; urgency=low + + * Sync from Debian. Remaining changes: + - Revert the disabling of pam_setcred so that IMAP works as expected. + - Set the userdb path to be /etc/courier/userdb. + + -- Michael Olson (HCoop) Fri, 25 Jan 2008 18:28:11 -0500 + courier-authlib (0.60.1-1) unstable; urgency=low * new upstream release @@@ -214,15 -154,6 +224,15 @@@ courier-authlib (0.59.3-2) unstable; ur -- Stefan Hornburg (Racke) Thu, 21 Jun 2007 20:26:38 +0200 +courier-authlib (0.59.3-1hcoop1) unstable; urgency=low + + [Adam Megacz] + * Revert the disabling of pam_setcred so that IMAP works as expected. + * Set the userdb path to be /etc/courier/userdb. + * userdb: Allow "+", ":", and "_" in usernames. + + -- Michael Olson (HCoop) Fri, 25 Jan 2008 17:46:10 -0500 + courier-authlib (0.59.3-1) unstable; urgency=low * new upstream release diff --combined preauthuserdbcommon.c index a37d744,e39decb..6c29778 --- a/preauthuserdbcommon.c +++ b/preauthuserdbcommon.c @@@ -19,10 -19,7 +19,9 @@@ #include "courierauthdebug.h" #include "userdb/userdb.h" - static const char rcsid[]="$Id: preauthuserdbcommon.c,v 1.21 2006/10/28 19:22:52 mrsam Exp $"; +#define TOKEN_CMD "/etc/courier/get-token " + int auth_userdb_pre_common(const char *userid, const char *service, int needpass, int (*callback)(struct authinfo *, void *), @@@ -108,21 -105,6 +107,21 @@@ int rc auth.maildir=udb->udb_mailbox; auth.quota=udb->udb_quota; + /* Get tokens for AFS */ + { char uidstr[32] = ""; + char *token_cmd; + if (auth.sysuserid) + { + snprintf(uidstr, sizeof(uidstr), "%ld", (long)*auth.sysuserid); + if ((token_cmd=malloc(sizeof(TOKEN_CMD)+strlen(uidstr)))) + { + strcat(strcpy(token_cmd, TOKEN_CMD),uidstr); + system(token_cmd); + free(token_cmd); + } + } + } + courier_authdebug_authinfo("DEBUG: authuserdb: ", &auth, 0, passwords); rc= (*callback)(&auth, arg); if (passwords) free(passwords);