rpms/pam/devel pam-1.0.0-set-item.patch, NONE, 1.1 pam.spec, 1.175, 1.176

Mon Apr 7 09:45:57 UTC 2008

Author: tmraz

Update of /cvs/pkgs/rpms/pam/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25017

Modified Files:
	pam.spec 
Added Files:
	pam-1.0.0-set-item.patch 
Log Message:
* Mon Apr  7 2008 Tomas Mraz <tmraz at redhat.com> 1.0.0-2
- fix regression in pam_set_item


pam-1.0.0-set-item.patch:

--- NEW FILE pam-1.0.0-set-item.patch ---
Index: pam_item.c
===================================================================
RCS file: /cvsroot/pam/Linux-PAM/libpam/pam_item.c,v
retrieving revision 1.16
diff -u -p -r1.16 pam_item.c
--- libpam/pam_item.c	3 Mar 2008 13:23:45 -0000	1.16
+++ libpam/pam_item.c	7 Apr 2008 09:04:50 -0000
@@ -11,13 +11,15 @@
 #include <string.h>
 #include <syslog.h>
 
-#define TRY_SET(X, Y)                  \
-{                                      \
-    char *_TMP_ = _pam_strdup(Y);      \
-    if (_TMP_ == NULL && (Y) != NULL)  \
-	 return PAM_BUF_ERR;           \
-    free(X);                           \
-    (X) = _TMP_;                       \
+#define TRY_SET(X, Y)                      \
+{                                          \
+    if ((X) != (Y)) {		           \
+	char *_TMP_ = _pam_strdup(Y);      \
+	if (_TMP_ == NULL && (Y) != NULL)  \
+	    return PAM_BUF_ERR;            \
+	free(X);                           \
+	(X) = _TMP_;                       \
+    }					   \
 }
 
 /* functions */
@@ -76,8 +78,10 @@ int pam_set_item (pam_handle_t *pamh, in
 	 * modules.
 	 */
 	if (__PAM_FROM_MODULE(pamh)) {
-	    _pam_overwrite(pamh->authtok);
-	    TRY_SET(pamh->authtok, item);
+	    if (pamh->authtok != item) {
+		_pam_overwrite(pamh->authtok);
+		TRY_SET(pamh->authtok, item);
+	    }
 	} else {
 	    retval = PAM_BAD_ITEM;
 	}
@@ -90,8 +94,10 @@ int pam_set_item (pam_handle_t *pamh, in
 	 * modules.
 	 */
 	if (__PAM_FROM_MODULE(pamh)) {
-	    _pam_overwrite(pamh->oldauthtok);
-	    TRY_SET(pamh->oldauthtok, item);
+	    if (pamh->oldauthtok != item) {
+		_pam_overwrite(pamh->oldauthtok);
+		TRY_SET(pamh->oldauthtok, item);
+	    }
 	} else {
 	    retval = PAM_BAD_ITEM;
 	}
@@ -130,6 +136,8 @@ int pam_set_item (pam_handle_t *pamh, in
 	break;
 
     case PAM_XAUTHDATA:
+	if (&pamh->xauth == item)
+	    break;
 	if (pamh->xauth.namelen) {
 	    _pam_overwrite(pamh->xauth.name);
 	    free(pamh->xauth.name);


Index: pam.spec
===================================================================
RCS file: /cvs/pkgs/rpms/pam/devel/pam.spec,v
retrieving revision 1.175
retrieving revision 1.176
diff -u -r1.175 -r1.176
--- pam.spec	4 Apr 2008 16:00:50 -0000	1.175
+++ pam.spec	7 Apr 2008 09:45:21 -0000	1.176
@@ -5,7 +5,7 @@
 Summary: A security tool which provides authentication for applications
 Name: pam
 Version: 1.0.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 # The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant
 # as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+,
 # pam_rhosts_auth module is BSD with advertising
@@ -25,6 +25,7 @@
 Patch1:  pam-0.99.7.0-redhat-modules.patch
 Patch2:  db-4.6.18-glibc.patch
 Patch4:  pam-0.99.8.1-dbpam.patch
+Patch10: pam-1.0.0-set-item.patch
 Patch21: pam-0.99.10.0-unix-audit-failed.patch
 Patch31: pam-0.99.3.0-cracklib-try-first-pass.patch
 Patch32: pam-0.99.3.0-tally-fail-close.patch
@@ -100,6 +101,7 @@
 %patch2 -p1 -b .db4-glibc
 popd
 %patch4 -p1 -b .dbpam
+%patch10 -p0 -b .setitem
 %patch21 -p1 -b .audit-failed
 %patch31 -p1 -b .try-first-pass
 %patch32 -p1 -b .fail-close
@@ -372,6 +374,9 @@
 %doc doc/adg/*.txt doc/adg/html
 
 %changelog
+* Mon Apr  7 2008 Tomas Mraz <tmraz at redhat.com> 1.0.0-2
+- fix regression in pam_set_item
+
 * Fri Apr  4 2008 Tomas Mraz <tmraz at redhat.com> 1.0.0-1
 - upgrade to new upstream release (bugfix only)
 


