diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2014-11-13 21:46:11 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2014-11-13 21:46:11 +0000 |
| commit | 4dcfac20dd83d25a12abbe3c5f8a1f650b7c7b51 (patch) | |
| tree | d710d21e1c25aab9a25dbd52c8f49456ef7f86f9 /net/nss_ldap/files | |
| parent | - Allow overriding the user/group as which the service is run (diff) | |
Add patches for a couple of issues I found while researching #190055:
- Use GID_MAX instead of LONG_MAX, they are not the same on 64-bit.
- Correctly restore the egid after reading the krb5 credential cache.
MFH: 2014Q4
Diffstat (limited to 'net/nss_ldap/files')
| -rw-r--r-- | net/nss_ldap/files/patch-ldap-grp.c | 11 | ||||
| -rw-r--r-- | net/nss_ldap/files/patch-ldap-init-krb5-cache.c | 13 |
2 files changed, 22 insertions, 2 deletions
diff --git a/net/nss_ldap/files/patch-ldap-grp.c b/net/nss_ldap/files/patch-ldap-grp.c new file mode 100644 index 000000000000..5886498b8e4c --- /dev/null +++ b/net/nss_ldap/files/patch-ldap-grp.c @@ -0,0 +1,11 @@ +--- ldap-grp.c.orig ++++ ldap-grp.c +@@ -687,7 +687,7 @@ + gid = strtoul (values[0], (char **) NULL, 10); + ldap_value_free (values); + +- if (gid == LONG_MAX && errno == ERANGE) ++ if (gid == GID_MAX && errno == ERANGE) + { + /* invalid group, skip it */ + return NSS_NOTFOUND; diff --git a/net/nss_ldap/files/patch-ldap-init-krb5-cache.c b/net/nss_ldap/files/patch-ldap-init-krb5-cache.c index 7fc9aa4641ba..9352aea3a493 100644 --- a/net/nss_ldap/files/patch-ldap-init-krb5-cache.c +++ b/net/nss_ldap/files/patch-ldap-init-krb5-cache.c @@ -1,5 +1,5 @@ ---- ldap-init-krb5-cache.c.orig 2009-11-06 11:28:08.000000000 +0100 -+++ ldap-init-krb5-cache.c 2014-03-26 21:42:54.575385677 +0100 +--- ldap-init-krb5-cache.c.orig ++++ ldap-init-krb5-cache.c @@ -109,14 +109,14 @@ #include <gssapi/gssapi.h> #include <gssapi/gssapi_krb5.h> @@ -47,6 +47,15 @@ { debug ("==> krb5_cache_kt_is_accessible: kt type = FILE"); uid_t ruid = getuid (); +@@ -243,7 +254,7 @@ + { + setreuid (ruid, euid); + } +- if (rgid != rgid) ++ if (rgid != egid) + { + setregid (rgid, egid); + } @@ -542,7 +553,7 @@ } profile_release (profile); |