gentoo resync : 25.11.2020

author: V3n3RiX <venerix@redcorelinux.org> 2020-11-25 22:39:15 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2020-11-25 22:39:15 +0000
commit: d934827bf44b7cfcf6711964418148fa60877668 (patch)
tree: 0625f358789b5e015e49db139cc1dbc9be00428f /sys-auth/sssd/files
parent: 2e34d110f164bf74d55fced27fe0000201b3eec5 (diff)
3 files changed, 0 insertions, 201 deletions
diff --git a/sys-auth/sssd/files/sssd-2.2.3-glibc-2.32-compat.patch b/sys-auth/sssd/files/sssd-2.2.3-glibc-2.32-compat.patch
deleted file mode 100644
index 9d59ae91be55..000000000000
--- a/sys-auth/sssd/files/sssd-2.2.3-glibc-2.32-compat.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-From fe9eeb51be06059721e873f77092b1e9ba08e6c1 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Michal=20=C5=BDidek?= <mzidek@redhat.com>
-Date: Thu, 27 Feb 2020 06:50:40 +0100
-Subject: [PATCH] nss: Collision with external nss symbol
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-One of our internal static function names started
-to collide with external nss symbol. Additional
-sss_ suffix was added to avoid the collision.
-
-This is needed to unblock Fedora Rawhide's
-SSSD build.
-
-Reviewed-by: Pavel Březina <pbrezina@redhat.com>
----
- src/responder/nss/nss_cmd.c | 18 ++++++++++--------
- 1 file changed, 10 insertions(+), 8 deletions(-)
-
-diff --git a/src/responder/nss/nss_cmd.c b/src/responder/nss/nss_cmd.c
-index 356aea1564..02706c4b94 100644
---- a/src/responder/nss/nss_cmd.c
-+++ b/src/responder/nss/nss_cmd.c
-@@ -731,11 +731,13 @@ static void nss_getent_done(struct tevent_req *subreq)
-     talloc_free(cmd_ctx);
- }
- 
--static void nss_setnetgrent_done(struct tevent_req *subreq);
-+static void sss_nss_setnetgrent_done(struct tevent_req *subreq);
- 
--static errno_t nss_setnetgrent(struct cli_ctx *cli_ctx,
--                               enum cache_req_type type,
--                               nss_protocol_fill_packet_fn fill_fn)
-+/* This function's name started to collide with external nss symbol,
-+ * so it has additional sss_* prefix unlike other functions here. */
-+static errno_t sss_nss_setnetgrent(struct cli_ctx *cli_ctx,
-+                                   enum cache_req_type type,
-+                                   nss_protocol_fill_packet_fn fill_fn)
- {
-     struct nss_ctx *nss_ctx;
-     struct nss_state_ctx *state_ctx;
-@@ -777,7 +779,7 @@ static errno_t nss_setnetgrent(struct cli_ctx *cli_ctx,
-         goto done;
-     }
- 
--    tevent_req_set_callback(subreq, nss_setnetgrent_done, cmd_ctx);
-+    tevent_req_set_callback(subreq, sss_nss_setnetgrent_done, cmd_ctx);
- 
-     ret = EOK;
- 
-@@ -790,7 +792,7 @@ static errno_t nss_setnetgrent(struct cli_ctx *cli_ctx,
-     return EOK;
- }
- 
--static void nss_setnetgrent_done(struct tevent_req *subreq)
-+static void sss_nss_setnetgrent_done(struct tevent_req *subreq)
- {
-     struct nss_cmd_ctx *cmd_ctx;
-     errno_t ret;
-@@ -1040,8 +1042,8 @@ static errno_t nss_cmd_initgroups_ex(struct cli_ctx *cli_ctx)
- 
- static errno_t nss_cmd_setnetgrent(struct cli_ctx *cli_ctx)
- {
--    return nss_setnetgrent(cli_ctx, CACHE_REQ_NETGROUP_BY_NAME,
--                           nss_protocol_fill_setnetgrent);
-+    return sss_nss_setnetgrent(cli_ctx, CACHE_REQ_NETGROUP_BY_NAME,
-+                               nss_protocol_fill_setnetgrent);
- }
- 
- static errno_t nss_cmd_getnetgrent(struct cli_ctx *cli_ctx)
diff --git a/sys-auth/sssd/files/sssd-curl-macros.patch b/sys-auth/sssd/files/sssd-curl-macros.patch
deleted file mode 100644
index 91e71e837875..000000000000
--- a/sys-auth/sssd/files/sssd-curl-macros.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From d3cdf9cbfbace4874c6e5c96f1e5ef5b342c813e Mon Sep 17 00:00:00 2001
-From: Mikle Kolyada <zlogene@gentoo.org>
-Date: Sun, 16 Dec 2018 20:42:39 +0300
-Subject: [PATCH] tev_curl.c: remove case duplication
-
-CURLE_SSL_CACERT and CURLE_PEER_FAILED_VERIFICATION macros are provided
-by net-misc/curl-7.62.0 and older
----
- tev_curl.c | 3 ---
- 1 file changed, 3 deletions(-)
-
-diff --git a/tev_curl.c b/tev_curl.c
-index 6a7a580..ce6fdba 100644
---- a/src/util/tev_curl.c
-+++ b/src/util/tev_curl.c
-@@ -97,7 +97,6 @@ static errno_t curl_code2errno(CURLcode crv)
-         return ETIMEDOUT;
-     case CURLE_SSL_ISSUER_ERROR:
-     case CURLE_SSL_CACERT_BADFILE:
--    case CURLE_SSL_CACERT:
-     case CURLE_SSL_CERTPROBLEM:
-         return ERR_INVALID_CERT;
- 
-@@ -110,8 +109,6 @@ static errno_t curl_code2errno(CURLcode crv)
-     case CURLE_SSL_ENGINE_NOTFOUND:
-     case CURLE_SSL_CONNECT_ERROR:
-         return ERR_SSL_FAILURE;
--    case CURLE_PEER_FAILED_VERIFICATION:
--        return ERR_UNABLE_TO_VERIFY_PEER;
-     case CURLE_COULDNT_RESOLVE_HOST:
-         return ERR_UNABLE_TO_RESOLVE_HOST;
-     default:
--- 
-2.19.2
-\ No newline at end of file
diff --git a/sys-auth/sssd/files/sssd-fix-CVE-2019-3811.patch b/sys-auth/sssd/files/sssd-fix-CVE-2019-3811.patch
deleted file mode 100644
index 87db45fd24bb..000000000000
--- a/sys-auth/sssd/files/sssd-fix-CVE-2019-3811.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-From 28792523a01a7d21bcc8931794164f253e691a68 Mon Sep 17 00:00:00 2001
-From: Tomas Halman <thalman@redhat.com>
-Date: Mon, 3 Dec 2018 14:11:31 +0100
-Subject: [PATCH] nss: sssd returns '/' for emtpy home directories
-
-For empty home directory in passwd file sssd returns "/". Sssd
-should respect system behaviour and return the same as nsswitch
-"files" module - return empty string.
-
-Resolves:
-https://pagure.io/SSSD/sssd/issue/3901
-
-Reviewed-by: Simo Sorce <simo@redhat.com>
-Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
-(cherry picked from commit 90f32399b4100ce39cf665649fde82d215e5eb49)
----
- src/confdb/confdb.c                      |  9 +++++++++
- src/man/include/ad_modified_defaults.xml | 19 +++++++++++++++++++
- src/responder/nss/nss_protocol_pwent.c   |  2 +-
- src/tests/intg/test_files_provider.py    |  2 +-
- 4 files changed, 30 insertions(+), 2 deletions(-)
-
-diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
-index a3eb9c66d9..17bb4f8274 100644
---- a/src/confdb/confdb.c
-+++ b/src/confdb/confdb.c
-@@ -1301,6 +1301,15 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb,
-             ret = ENOMEM;
-             goto done;
-         }
-+    } else {
-+        if (strcasecmp(domain->provider, "ad") == 0) {
-+            /* ad provider default */
-+            domain->fallback_homedir = talloc_strdup(domain, "/home/%d/%u");
-+            if (!domain->fallback_homedir) {
-+                ret = ENOMEM;
-+                goto done;
-+            }
-+        }
-     }
- 
-     tmp = ldb_msg_find_attr_as_string(res->msgs[0],
-diff --git a/src/man/include/ad_modified_defaults.xml b/src/man/include/ad_modified_defaults.xml
-index 818a2bf787..425b7e8ee0 100644
---- a/src/man/include/ad_modified_defaults.xml
-+++ b/src/man/include/ad_modified_defaults.xml
-@@ -76,4 +76,23 @@
-             </listitem>
-         </itemizedlist>
-     </refsect2>
-+    <refsect2 id='nss_modifications'>
-+        <title>NSS configuration</title>
-+        <itemizedlist>
-+            <listitem>
-+                <para>
-+                    fallback_homedir = /home/%d/%u
-+                </para>
-+                <para>
-+                    The AD provider automatically sets
-+                    "fallback_homedir = /home/%d/%u" to provide personal
-+                    home directories for users without the homeDirectory
-+                    attribute. If your AD Domain is properly
-+                    populated with Posix attributes, and you want to avoid
-+                    this fallback behavior, you can explicitly
-+                    set "fallback_homedir = %o".
-+                </para>
-+            </listitem>
-+        </itemizedlist>
-+    </refsect2>
- </refsect1>
-diff --git a/src/responder/nss/nss_protocol_pwent.c b/src/responder/nss/nss_protocol_pwent.c
-index af9e74fc86..86fa4ec465 100644
---- a/src/responder/nss/nss_protocol_pwent.c
-+++ b/src/responder/nss/nss_protocol_pwent.c
-@@ -118,7 +118,7 @@ nss_get_homedir(TALLOC_CTX *mem_ctx,
- 
-     homedir = nss_get_homedir_override(mem_ctx, msg, nss_ctx, domain, &hd_ctx);
-     if (homedir == NULL) {
--        return "/";
-+        return "";
-     }
- 
-     return homedir;
-diff --git a/src/tests/intg/test_files_provider.py b/src/tests/intg/test_files_provider.py
-index ead1cc4c34..4761f1bd15 100644
---- a/src/tests/intg/test_files_provider.py
-+++ b/src/tests/intg/test_files_provider.py
-@@ -678,7 +678,7 @@ def test_user_no_dir(setup_pw_with_canary, files_domain_only):
-     Test that resolving a user without a homedir defined works and returns
-     a fallback value
-     """
--    check_user(incomplete_user_setup(setup_pw_with_canary, 'dir', '/'))
-+    check_user(incomplete_user_setup(setup_pw_with_canary, 'dir', ''))
- 
- 
- def test_user_no_gecos(setup_pw_with_canary, files_domain_only):
author	V3n3RiX <venerix@redcorelinux.org>	2020-11-25 22:39:15 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2020-11-25 22:39:15 +0000
commit	d934827bf44b7cfcf6711964418148fa60877668 (patch)
tree	0625f358789b5e015e49db139cc1dbc9be00428f /sys-auth/sssd/files
parent	2e34d110f164bf74d55fced27fe0000201b3eec5 (diff)