--- libpam-ccreds-10.orig/debian/dirs +++ libpam-ccreds-10/debian/dirs @@ -0,0 +1,2 @@ +usr/sbin +lib/security --- libpam-ccreds-10.orig/debian/copyright +++ libpam-ccreds-10/debian/copyright @@ -0,0 +1,33 @@ +This package was debianized by Guido Guenther on +Tue, 5 Apr 2005 12:47:13 +0200. + +It was downloaded from http://www.padl.com/OSS/pam_ccreds.html + +Upstream Author: + + Luke Howard + +Copyright: + + (c) 2004 PADL Software Pty Ltd. + (c) W. Michael Petullo, 2005. + +License: + + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this package; if not, write to the Free Software Foundation, + Inc., 51 Franklin St, Fifth Floor, Boston, N: MA 02110-1301, USA. + +On Debian systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. + --- libpam-ccreds-10.orig/debian/control +++ libpam-ccreds-10/debian/control @@ -0,0 +1,20 @@ +Source: libpam-ccreds +Section: admin +Priority: extra +Maintainer: Guido Günther +Build-Depends: debhelper (>= 7), autotools-dev, libgcrypt11-dev, libpam0g-dev, libdb-dev, automake1.9, autoconf, quilt, cdbs +Standards-Version: 3.8.2 +Homepage: http://www.padl.com/OSS/pam_ccreds.html +Vcs-Browser: http://git.debian.org/?p=users/agx/libpam-ccreds +Vcs-Git: git://git.debian.org/users/agx/libpam-ccreds + +Package: libpam-ccreds +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Suggests: nss-updatedb +Description: Pam module to cache authentication credentials + This package provides the means for Linux workstations to locally + authenticate using an enterprise identity when the network is unavailable. + Used in conjunction with the nss_updatedb utility, it provides a mechanism for + disconnected use of network directories. They are designed to work with + libpam-ldap and libnss-ldap. --- libpam-ccreds-10.orig/debian/changelog +++ libpam-ccreds-10/debian/changelog @@ -0,0 +1,157 @@ +libpam-ccreds (10-2) unstable; urgency=low + + * [e85a2c3] switch to debhelper version 7 + * [95d5160] exclude ccreds_chkpwd from dh_fixperms (Closes: #539446) + * [9cd4ac6] fix lintian overrides file name + * [ae51eb3] revert direct source code changes in preparation for new + source format + * [026a04d] bump standards version + + -- Guido Günther Sat, 01 Aug 2009 19:59:50 +0200 + +libpam-ccreds (10-1) unstable; urgency=low + + * [5d11679] debian/control: add Vcs-{Git,Browser} + * [c42e688] debian/control: change section to admin + * [985bc43] Imported Upstream version 9 + * [0a8a249] Imported Upstream version 10 + * [3352d79] debian/watch: allow multiple digits in version + * [f2275de] drop 0002-don-t-store-validate-with-empty-passwords.patch + applied upstream + + -- Guido Günther Fri, 03 Apr 2009 09:30:20 +0200 + +libpam-ccreds (8-2) unstable; urgency=low + + * [fe5bd17] switch to use patch-queue branch + * [3229bcf] fix maintainer + * [d18559b] update copyright information + * [6127e04] bump standards version + * [4239196] switch to cdbs + * [68363cf] don't store/validate with empty passwords (Closes: #519944) + + -- Guido Günther Wed, 25 Mar 2009 22:30:54 +0100 + +libpam-ccreds (8-1) unstable; urgency=low + + * New Upstream Version + + -- Guido Guenther Fri, 07 Dec 2007 09:42:32 +0100 + +libpam-ccreds (7-2) unstable; urgency=low + + * add watch file + * add Homepage: + + -- Guido Guenther Wed, 28 Nov 2007 09:37:57 +0100 + +libpam-ccreds (7-1) unstable; urgency=low + + * New Upstream Version + * drop 01_use-gcrypt.diff - applied upstream + * drop unneeded acconfig.h + + -- Guido Guenther Mon, 05 Nov 2007 20:00:30 +0100 + +libpam-ccreds (5-2) unstable; urgency=low + + * 01-use_gcrypt.diff: make openssl/gcrypt usage selectable via ./configure + + -- Guido Guenther Mon, 05 Nov 2007 18:37:26 +0100 + +libpam-ccreds (5-1) unstable; urgency=low + + * New upstream version + * drop 00_chkpwd.diff, 02_fix-db3-build.diff, 03_cc_dump-print-help.diff + applied upstream + + -- Guido Guenther Sun, 28 Oct 2007 11:36:16 +0100 + +libpam-ccreds (4-3) unstable; urgency=low + + * Add a setuid ccreds_chkpwd binary to allow non root programs to verify the + password. Patch based on http://bugzilla.padl.com/show_bug.cgi?id=227 with + numerous cleanups. (Closes: #358818) + + -- Guido Guenther Fri, 26 Oct 2007 16:31:09 +0200 + +libpam-ccreds (4-2) unstable; urgency=low + + * build against libdb4.6-dev (Closes: #442660) + * Bump standards version to 3.7.2 + * drop 03_am-maintainer-mode.dpatch + * switch from dpatch to quilt and refresh the patches + * cc_dump: add "-h" to print help + + -- Guido Guenther Sun, 30 Sep 2007 17:16:06 +0200 + +libpam-ccreds (4-1) unstable; urgency=low + + * New Upstream Version (Closes: #398482) + * remove autogenerated files from the package + + -- Guido Guenther Tue, 14 Nov 2006 09:25:16 +0100 + +libpam-ccreds (3-2) unstable; urgency=low + + * rework the patch/autoreconf logic a bit so we don't depend on the + configure's timestamp (Closes: #364664) + + -- Guido Guenther Wed, 26 Apr 2006 21:31:25 +0200 + +libpam-ccreds (3-1) unstable; urgency=low + + * New upstream version that allows us to drop these patches: + - 03_fix-cc_test-minus-arg.dpatch + - 04_pam-ccreds-dump-last-char.dpatch + - 05_pam-ccreds-no-first-pass.dpatch + - 07_fix_example.dpatch + * update ./missing so autreconf works as expected + + -- Guido Guenther Sun, 23 Apr 2006 16:45:58 +0200 + +libpam-ccreds (1-6) unstable; urgency=low + + * fix example pam.conf: let's fail properly after a bad password + + -- Guido Guenther Fri, 3 Mar 2006 15:25:27 +0100 + +libpam-ccreds (1-5) unstable; urgency=low + + * add 06_db_get_dont_overflow_buffer: fix data buffer size check + (by Nicolas Boullis ) + + -- Guido Guenther Thu, 29 Sep 2005 00:06:34 +0200 + +libpam-ccreds (1-4) unstable; urgency=low + + * add 03_fix-cc_test-minus-arg.dpatch (Closes: #329301) + * add 04_pam-ccreds-dump-last-char.dpatch: fix off by one error when + printing the hashes (by Nicolas Boullis ) + * add 05_pam-ccreds-no-first-pass.dpatch: behave sanely when neither + try_first_pass nor use_first_pass was given (by Nicolas Boullis + ) + * bump standards version to 3.6.2 (no source changes) + + -- Guido Guenther Thu, 22 Sep 2005 12:08:25 +0200 + +libpam-ccreds (1-3) unstable; urgency=low + + * add 02_fix-db3-build.dpatch + + -- Guido Guenther Thu, 21 Apr 2005 12:23:38 +0200 + +libpam-ccreds (1-2) unstable; urgency=low + + * build-depend on dpatch + * fix build with db3 + + -- Guido Guenther Thu, 21 Apr 2005 11:27:01 +0200 + +libpam-ccreds (1-1) unstable; urgency=low + + * Initial release (Closes: #303240) + * patch to use gcrypt11 instead of openssl + + -- Guido Guenther Thu, 7 Apr 2005 23:08:51 +0200 + --- libpam-ccreds-10.orig/debian/install +++ libpam-ccreds-10/debian/install @@ -0,0 +1,2 @@ +cc_dump /usr/sbin +cc_test /usr/sbin --- libpam-ccreds-10.orig/debian/libpam-ccreds.lintian-overrides +++ libpam-ccreds-10/debian/libpam-ccreds.lintian-overrides @@ -0,0 +1,2 @@ +# yes, we know it's suid, that's the whole point... +libpam-ccreds: setuid-binary sbin/ccreds_chkpwd 4755 root/root --- libpam-ccreds-10.orig/debian/watch +++ libpam-ccreds-10/debian/watch @@ -0,0 +1,9 @@ +# Example watch control file for uscan +# Rename this file to "watch" and then you can run the "uscan" command +# to check for upstream updates and more. +# See uscan(1) for format + +# Compulsory line, this is a version 3 file +version=3 + +http://www.padl.com/download/pam_ccreds-(\d+)\.tar\.gz --- libpam-ccreds-10.orig/debian/libpam-ccreds.examples +++ libpam-ccreds-10/debian/libpam-ccreds.examples @@ -0,0 +1 @@ +pam.conf --- libpam-ccreds-10.orig/debian/compat +++ libpam-ccreds-10/debian/compat @@ -0,0 +1 @@ +7 --- libpam-ccreds-10.orig/debian/rules +++ libpam-ccreds-10/debian/rules @@ -0,0 +1,21 @@ +#!/usr/bin/make -f + +include /usr/share/cdbs/1/rules/debhelper.mk +include /usr/share/cdbs/1/class/autotools.mk +include /usr/share/cdbs/1/rules/patchsys-quilt.mk + +DEB_FIXPERMS_EXCLUDE=/sbin/ccreds_chkpwd + +DEB_CONFIGURE_EXTRA_FLAGS := \ + --host=$(DEB_HOST_GNU_TYPE) \ + --build=$(DEB_BUILD_GNU_TYPE) \ + --prefix=/usr \ + --mandir=\$${prefix}/share/man \ + --infodir=\$${prefix}/share/info\ + --sbindir=/sbin \ + --libdir=/lib \ + --enable-gcrypt + +binary-install/libpam-ccreds:: + chown root:root debian/libpam-ccreds/sbin/ccreds_chkpwd + chmod 4755 debian/libpam-ccreds/sbin/ccreds_chkpwd --- libpam-ccreds-10.orig/debian/docs +++ libpam-ccreds-10/debian/docs @@ -0,0 +1 @@ +README --- libpam-ccreds-10.orig/debian/patches/series +++ libpam-ccreds-10/debian/patches/series @@ -0,0 +1 @@ +0001-make-sure-we-don-t-overflow-the-data-buffer.patch --- libpam-ccreds-10.orig/debian/patches/0001-make-sure-we-don-t-overflow-the-data-buffer.patch +++ libpam-ccreds-10/debian/patches/0001-make-sure-we-don-t-overflow-the-data-buffer.patch @@ -0,0 +1,22 @@ +From: Nicolas Boullis +Date: Mon, 23 Mar 2009 10:46:44 +0100 +Subject: [PATCH] make sure we don't overflow the data buffer + +--- + cc_db.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/cc_db.c b/cc_db.c +index c0e0488..9371c4d 100644 +--- a/cc_db.c ++++ b/cc_db.c +@@ -199,7 +199,7 @@ int pam_cc_db_get(void *_db, const char *keyname, size_t keylength, + return (rc == DB_NOTFOUND) ? PAM_AUTHINFO_UNAVAIL : PAM_SERVICE_ERR; + } + +- if (val.size < *size) { ++ if (val.size > *size) { + return PAM_BUF_ERR; + } + +--