From de410a8ae5f10cee848eb29d3d50b9f2b01ee6bf Mon Sep 17 00:00:00 2001 From: Alessio Sergi Date: Sun, 26 Feb 2017 19:54:59 +0100 Subject: [PATCH] shadow: update to 4.4 --- srcpkgs/shadow/patches/CVE-2016-6252.patch | 28 --------------- srcpkgs/shadow/patches/cross-id32bit.patch | 28 --------------- .../shadow/patches/fix-load_defaults.patch | 35 +++++++++++++++++++ srcpkgs/shadow/patches/fix-prototypes.patch | 33 +++++++++++++++++ srcpkgs/shadow/patches/fix-su-snprintf.patch | 17 +++++++++ .../patches/shadow-add-missing-include.patch | 10 ------ srcpkgs/shadow/template | 12 +++---- 7 files changed, 91 insertions(+), 72 deletions(-) delete mode 100644 srcpkgs/shadow/patches/CVE-2016-6252.patch delete mode 100644 srcpkgs/shadow/patches/cross-id32bit.patch create mode 100644 srcpkgs/shadow/patches/fix-load_defaults.patch create mode 100644 srcpkgs/shadow/patches/fix-prototypes.patch create mode 100644 srcpkgs/shadow/patches/fix-su-snprintf.patch delete mode 100644 srcpkgs/shadow/patches/shadow-add-missing-include.patch diff --git a/srcpkgs/shadow/patches/CVE-2016-6252.patch b/srcpkgs/shadow/patches/CVE-2016-6252.patch deleted file mode 100644 index cfeedf0506..0000000000 --- a/srcpkgs/shadow/patches/CVE-2016-6252.patch +++ /dev/null @@ -1,28 +0,0 @@ ---- lib/getulong.c -+++ lib/getulong.c -@@ -44,22 +44,19 @@ - */ - int getulong (const char *numstr, /*@out@*/unsigned long int *result) - { -- long long int val; -+ unsigned long int val; - char *endptr; - - errno = 0; -- val = strtoll (numstr, &endptr, 0); -+ val = strtoul (numstr, &endptr, 0); - if ( ('\0' == *numstr) - || ('\0' != *endptr) - || (ERANGE == errno) -- /*@+ignoresigns@*/ -- || (val != (unsigned long int)val) -- /*@=ignoresigns@*/ - ) { - return 0; - } - -- *result = (unsigned long int)val; -+ *result = val; - return 1; - } - diff --git a/srcpkgs/shadow/patches/cross-id32bit.patch b/srcpkgs/shadow/patches/cross-id32bit.patch deleted file mode 100644 index aa58b85d37..0000000000 --- a/srcpkgs/shadow/patches/cross-id32bit.patch +++ /dev/null @@ -1,28 +0,0 @@ -Added support to cache the value of the id32bit test, to allow cross compilation. - - --xtraeme - ---- configure.in.orig 2014-05-09 13:53:10.000000000 +0200 -+++ configure.in 2014-08-25 10:41:31.198567162 +0200 -@@ -335,6 +335,9 @@ if test "$enable_subids" != "no"; then - dnl - dnl FIXME: check if 32 bit UIDs/GIDs are supported by libc - dnl -+ AC_CACHE_CHECK( -+ [wheter subordinate IDs are supported], -+ [ac_cv_id32bit], [ - AC_RUN_IFELSE([AC_LANG_SOURCE([ - #include - int main(void) { -@@ -342,9 +345,9 @@ int main(void) { - gid_t g; - return (sizeof u < 4) || (sizeof g < 4); - } -- ])], [id32bit="yes"], [id32bit="no"]) -+ ])])], [ac_cv_id32bit="yes"], [ac_cv_id32bit="no"]) - -- if test "x$id32bit" = "xyes"; then -+ if test "x$ac_cv_id32bit" = "xyes"; then - AC_DEFINE(ENABLE_SUBIDS, 1, [Define to support the subordinate IDs.]) - enable_subids="yes" - else diff --git a/srcpkgs/shadow/patches/fix-load_defaults.patch b/srcpkgs/shadow/patches/fix-load_defaults.patch new file mode 100644 index 0000000000..c1a272f358 --- /dev/null +++ b/srcpkgs/shadow/patches/fix-load_defaults.patch @@ -0,0 +1,35 @@ +From 507f96cdeb54079fb636c7ce21e371f7a16a520e Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Thu, 25 Aug 2016 11:20:34 +0200 +Subject: [PATCH] Fix regression in useradd not loading defaults properly. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The get_defaults() has to be called before processing the flags. + +Signed-off-by: Tomáš Mráz +--- + src/useradd.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- src/useradd.c.orig ++++ src/useradd.c +@@ -2027,6 +2027,8 @@ int main (int argc, char **argv) + is_shadow_grp = sgr_file_present (); + #endif + ++ get_defaults (); ++ + process_flags (argc, argv); + + #ifdef ENABLE_SUBIDS +@@ -2036,8 +2038,6 @@ int main (int argc, char **argv) + (!user_id || (user_id <= uid_max && user_id >= uid_min)); + #endif /* ENABLE_SUBIDS */ + +- get_defaults (); +- + #ifdef ACCT_TOOLS_SETUID + #ifdef USE_PAM + { diff --git a/srcpkgs/shadow/patches/fix-prototypes.patch b/srcpkgs/shadow/patches/fix-prototypes.patch new file mode 100644 index 0000000000..244cdee5be --- /dev/null +++ b/srcpkgs/shadow/patches/fix-prototypes.patch @@ -0,0 +1,33 @@ +From 32c0b283ef5d68b63e4ec05fb22ed0db938fea67 Mon Sep 17 00:00:00 2001 +From: Mike Frysinger +Date: Mon, 5 Dec 2016 17:15:29 -0500 +Subject: [PATCH] include getdef.h for getdef_bool prototype + +Otherwise we get build warnings like: +sgroupio.c:255:6: warning: implicit declaration of function 'getdef_bool' [-Wimplicit-function-declaration] +shadowio.c:131:6: warning: implicit declaration of function 'getdef_bool' [-Wimplicit-function-declaration] +--- + lib/sgroupio.c | 1 + + lib/shadowio.c | 1 + + 2 files changed, 2 insertions(+) + +--- lib/sgroupio.c.orig ++++ lib/sgroupio.c +@@ -40,6 +40,7 @@ + #include "prototypes.h" + #include "defines.h" + #include "commonio.h" ++#include "getdef.h" + #include "sgroupio.h" + + /*@null@*/ /*@only@*/struct sgrp *__sgr_dup (const struct sgrp *sgent) +--- lib/shadowio.c.orig ++++ lib/shadowio.c +@@ -40,6 +40,7 @@ + #include + #include + #include "commonio.h" ++#include "getdef.h" + #include "shadowio.h" + #ifdef WITH_TCB + #include diff --git a/srcpkgs/shadow/patches/fix-su-snprintf.patch b/srcpkgs/shadow/patches/fix-su-snprintf.patch new file mode 100644 index 0000000000..077fa27f7e --- /dev/null +++ b/srcpkgs/shadow/patches/fix-su-snprintf.patch @@ -0,0 +1,17 @@ +https://github.com/shadow-maint/shadow/issues/32 + +Anyway, we use su from util-linux. + +--- src/su.c.orig 2016-12-01 20:41:50.000000000 +0100 ++++ src/su.c 2017-02-26 17:36:32.291904996 +0100 +@@ -373,8 +373,8 @@ + stderr); + (void) kill (-pid_child, caught); + +- snprintf (kill_msg, _(" ...killed.\n")); +- snprintf (wait_msg, _(" ...waiting for child to terminate.\n")); ++ snprintf (kill_msg, sizeof kill_msg, _(" ...killed.\n")); ++ snprintf (wait_msg, sizeof wait_msg, _(" ...waiting for child to terminate.\n")); + + (void) signal (SIGALRM, kill_child); + (void) alarm (2); diff --git a/srcpkgs/shadow/patches/shadow-add-missing-include.patch b/srcpkgs/shadow/patches/shadow-add-missing-include.patch deleted file mode 100644 index 85f3467418..0000000000 --- a/srcpkgs/shadow/patches/shadow-add-missing-include.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- libmisc/copydir.c 2010-09-05 11:35:26.000000000 -0400 -+++ libmisc/copydir.c 2011-06-26 01:26:52.000000000 -0400 -@@ -34,6 +34,7 @@ - - #ident "$Id: copydir.c 3283 2010-09-05 15:34:42Z nekral-guest $" - -+#include - #include - #include - #include diff --git a/srcpkgs/shadow/template b/srcpkgs/shadow/template index 0bc6cbff1f..3b55cb9bfe 100644 --- a/srcpkgs/shadow/template +++ b/srcpkgs/shadow/template @@ -1,12 +1,12 @@ # Template file for 'shadow' pkgname=shadow -version=4.2.1 -revision=15 +version=4.4 +revision=1 build_style=gnu-configure configure_args="--bindir=/usr/bin --sbindir=/usr/bin --libdir=/usr/lib --enable-shared --disable-static --with-libpam --without-selinux --with-acl --with-attr - --disable-nls --enable-subordinate-ids ac_cv_id32bit=yes" + --disable-nls --enable-subordinate-ids" hostmakedepends="automake libtool gettext-devel" makedepends="acl-devel pam-devel" depends="pam" @@ -28,9 +28,9 @@ conf_files=" short_desc="Shadow password file utilities" maintainer="Juan RP " license="BSD" -homepage="http://pkg-shadow.alioth.debian.org" -distfiles="http://pkg-shadow.alioth.debian.org/releases/$pkgname-$version.tar.xz" -checksum=3b0893d1476766868cd88920f4f1231c4795652aa407569faff802bcda0f3d41 +homepage="https://github.com/shadow-maint/shadow" +distfiles="${homepage}/releases/download/${version}/shadow-${version}.tar.xz" +checksum=61a9a4041b552eab9a253788d589e3664cf9b903bdd1f1ca73ea8aac4a71f03c pre_configure() { autoreconf -fi