1 files changed, 140 insertions, 0 deletions

diff --git a/security/pam_krb5/files/patch-ae b/security/pam_krb5/files/patch-ae
new file mode 100644
index 000000000000..494de5ec23dd
--- /dev/null
+++ b/security/pam_krb5/files/patch-ae
@@ -0,0 +1,140 @@
+--- pam_krb5_pass.c.orig	Tue Jan  4 19:08:51 2000
++++ pam_krb5_pass.c	Mon Nov  6 10:21:49 2000
+@@ -7,10 +7,14 @@
+ 
+ static const char rcsid[] = "$Id: pam_krb5_pass.c,v 1.3 1999/01/19 23:43:11 fcusack Exp $";
+ 
++#include <errno.h>
++#include <stdio.h>	/* sprintf */
++#include <stdlib.h>	/* malloc */
+ #include <syslog.h>	/* syslog */
+ #include <security/pam_appl.h>
+ #include <security/pam_modules.h>
+ #include <krb5.h>
++#include <com_err.h>
+ #include "pam_krb5.h"
+ 
+ /* A useful logging macro */
+@@ -27,7 +31,6 @@
+     krb5_context	pam_context;
+     krb5_creds		creds;
+     krb5_principal	princ;
+-    krb5_ccache		ccache;
+     krb5_get_init_creds_opt opts;
+ 
+     int		result_code;
+@@ -54,23 +57,23 @@
+     }
+ 
+     /* Get username */
+-    if (pam_get_item(pamh, PAM_USER, (void **) &name)) {
++    if ((pam_get_item(pamh, PAM_USER, (const void **) &name)) != 0) {
+ 	return PAM_SERVICE_ERR;
+     }
+ 
+     /* Get service name */
+-    (void) pam_get_item(pamh, PAM_SERVICE, (void **) &service);
++    (void) pam_get_item(pamh, PAM_SERVICE, (const void **) &service);
+     if (!service)
+ 	service = "unknown";
+ 
+     DLOG("entry", "");
+ 
+-    if (krb5_init_context(&pam_context)) {
++    if ((krbret = krb5_init_context(&pam_context)) != 0) {
+ 	DLOG("krb5_init_context()", error_message(krbret));
+ 	return PAM_SERVICE_ERR;
+     }
+ 
+-    if (krb5_init_context(&pam_context)) {
++    if ((krbret = krb5_init_context(&pam_context)) != 0) {
+ 	DLOG("krb5_init_context()", error_message(krbret));
+ 	return PAM_SERVICE_ERR;
+     }
+@@ -78,14 +81,14 @@
+     memset(&creds, 0, sizeof(krb5_creds));
+ 
+     /* Get principal name */
+-    if (krbret = krb5_parse_name(pam_context, name, &princ)) {
++    if ((krbret = krb5_parse_name(pam_context, name, &princ)) != 0) {
+ 	DLOG("krb5_parse_name()", error_message(krbret));
+ 	pamret = PAM_USER_UNKNOWN;
+ 	goto cleanup3;
+     }
+ 
+     /* Now convert the principal name into something human readable */
+-    if (krbret = krb5_unparse_name(pam_context, princ, &princ_name)) {
++    if ((krbret = krb5_unparse_name(pam_context, princ, &princ_name)) != 0) {
+ 	DLOG("krb5_unparse_name()", error_message(krbret));
+ 	pamret = PAM_SERVICE_ERR;
+ 	goto cleanup2;
+@@ -101,18 +104,19 @@
+     (void) sprintf(prompt, "Password for %s: ", princ_name);
+ 
+     if (try_first_pass || use_first_pass)
+-	(void) pam_get_item(pamh, PAM_AUTHTOK, (void **) &pass);
++	(void) pam_get_item(pamh, PAM_AUTHTOK, (const void **) &pass);
+ 
+ get_pass:
+     if (!pass) {
+ 	try_first_pass = 0;
+-	if (pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, &pass)) {
++	if ((pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, 
++	  &pass)) != 0) {
+ 	    DLOG("get_user_info()", pam_strerror(pamh, pamret));
+ 	    pamret = PAM_SERVICE_ERR;
+ 	    goto cleanup2;
+ 	}
+ 	/* We have to free pass. */
+-	if (pamret = pam_set_item(pamh, PAM_AUTHTOK, pass)) {
++	if ((pamret = pam_set_item(pamh, PAM_AUTHTOK, pass)) != 0) {
+ 	    DLOG("pam_set_item()", pam_strerror(pamh, pamret));
+ 	    free(pass);
+ 	    pamret = PAM_SERVICE_ERR;
+@@ -120,12 +124,11 @@
+ 	}
+ 	free(pass);
+ 	/* Now we get it back from the library. */
+-	(void) pam_get_item(pamh, PAM_AUTHTOK, (void **) &pass);
++	(void) pam_get_item(pamh, PAM_AUTHTOK, (const void **) &pass);
+     }
+ 
+-    if (krbret = krb5_get_init_creds_password(pam_context, &creds, princ,
+-					      pass, pam_prompter, pamh,
+-					      0, "kadmin/changepw", &opts)) {
++    if ((krbret = krb5_get_init_creds_password(pam_context, &creds, princ, 
++      pass, pam_prompter, pamh, 0, "kadmin/changepw", &opts)) != 0) {
+ 	DLOG("krb5_get_init_creds_password()", error_message(krbret));
+ 	if (try_first_pass && krbret == KRB5KRB_AP_ERR_BAD_INTEGRITY) {
+ 	    pass = NULL;
+@@ -138,14 +141,16 @@
+     /* Now get the new password */
+     free(prompt);
+     prompt = "Enter new password: ";
+-    if (pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, &pass)) {
++    if ((pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, &pass)) 
++      != 0) {
+ 	DLOG("get_user_info()", pam_strerror(pamh, pamret));
+ 	prompt = NULL;
+ 	pamret = PAM_SERVICE_ERR;
+ 	goto cleanup;
+     }
+     prompt = "Enter it again: ";
+-    if (pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, &pass2)) {
++    if ((pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, &pass2)) 
++      != 0) {
+ 	DLOG("get_user_info()", pam_strerror(pamh, pamret));
+ 	prompt = NULL;
+ 	pamret = PAM_SERVICE_ERR;
+@@ -160,9 +165,8 @@
+     }
+ 
+     /* Change it */
+-    if (krbret = krb5_change_password(pam_context, &creds, pass,
+-				      &result_code, &result_code_string,
+-				      &result_string)) {
++    if ((krbret = krb5_change_password(pam_context, &creds, pass,
++      &result_code, &result_code_string, &result_string)) != 0) {
+ 	DLOG("krb5_change_password()", error_message(krbret));
+ 	pamret = PAM_AUTHTOK_ERR;
+ 	goto cleanup;