diff options
| author | Adam Weinberger <adamw@FreeBSD.org> | 2014-07-29 14:30:10 +0000 |
|---|---|---|
| committer | Adam Weinberger <adamw@FreeBSD.org> | 2014-07-29 14:30:10 +0000 |
| commit | 1c30911ff0463c1215e15dd9f7acb886ca35a93d (patch) | |
| tree | 17783a29eefdfe8b1d45e4895ff0daaf7f6e92c3 /security/pam_ldap/files/patch-ab | |
| parent | - Update to 2.4.3 (diff) | |
Rename security/ patches to reflect the files they modify.
Notes
Notes:
svn path=/head/; revision=363328
Diffstat (limited to 'security/pam_ldap/files/patch-ab')
| -rw-r--r-- | security/pam_ldap/files/patch-ab | 65 |
1 files changed, 0 insertions, 65 deletions
diff --git a/security/pam_ldap/files/patch-ab b/security/pam_ldap/files/patch-ab deleted file mode 100644 index eeb031a603c4..000000000000 --- a/security/pam_ldap/files/patch-ab +++ /dev/null @@ -1,65 +0,0 @@ ---- pam_ldap.c.orig 2010-12-17 14:36:11.105528000 -0500 -+++ pam_ldap.c 2010-12-17 14:38:42.000000000 -0500 -@@ -131,12 +131,7 @@ - #include "pam_ldap.h" - #include "md5.h" - --#if defined(HAVE_SECURITY_PAM_MISC_H) || defined(HAVE_PAM_PAM_MISC_H) || defined(OPENPAM) -- /* FIXME: is there something better to check? */ - #define CONST_ARG const --#else --#define CONST_ARG --#endif - - #ifndef HAVE_LDAP_MEMFREE - #define ldap_memfree(x) free(x) -@@ -3411,7 +3406,7 @@ pam_sm_authenticate (pam_handle_t * pamh - int rc; - const char *username; - char *p; -- int use_first_pass = 0, try_first_pass = 0, ignore_flags = 0; -+ int use_first_pass = 0, try_first_pass = 0, ignore_flags = 0, migrate = 0; - int i; - pam_ldap_session_t *session = NULL; - const char *configFile = NULL; -@@ -3432,6 +3427,8 @@ pam_sm_authenticate (pam_handle_t * pamh - ; - else if (!strcmp (argv[i], "debug")) - ; -+ else if (!strcmp (argv[i], "migrate")) -+ migrate = 1; - else - syslog (LOG_ERR, "illegal option %s", argv[i]); - } -@@ -3445,6 +3442,22 @@ pam_sm_authenticate (pam_handle_t * pamh - return rc; - - rc = pam_get_item (pamh, PAM_AUTHTOK, (CONST_ARG void **) &p); -+ /* start of migrate facility in "pam_ldap authentication" */ -+ if (migrate==1 && rc==PAM_SUCCESS) -+ { -+ /* check if specified username exists in LDAP */ -+ if (_get_user_info(session,username)==PAM_SUCCESS) -+ { -+ /* -+ overwrite old LDAP userPassword with a new password -+ obtained during pam authentication process -+ - rootbinddn and ldap.secret must be set -+ */ -+ rc=_update_authtok(pamh,session,username,NULL,p); -+ return PAM_IGNORE; -+ } -+ } -+ /* end of migrate facility in "pam_ldap authentication" */ - if (rc == PAM_SUCCESS && (use_first_pass || try_first_pass)) - { - rc = _do_authentication (pamh, session, username, p); -@@ -3721,7 +3734,7 @@ pam_sm_chauthtok (pam_handle_t * pamh, i - if (curpass == NULL) - return PAM_MAXTRIES; /* maximum tries exceeded */ - else -- pam_set_item (pamh, PAM_OLDAUTHTOK, (void *) curpass); -+ pam_set_item (pamh, PAM_OLDAUTHTOK, (void *) strdup(curpass)); - } - else - { |