diff options
author | timur <timur@FreeBSD.org> | 2009-08-14 09:46:44 +0800 |
---|---|---|
committer | timur <timur@FreeBSD.org> | 2009-08-14 09:46:44 +0800 |
commit | 3a48b6e78e54e229cfa5628a66f9eeddf6f0fade (patch) | |
tree | 0681ea04f9fcfc54bf1058f6d7a4110be571815c /net/nss-pam-ldapd | |
parent | d0846dd8e81c033a004ffa853fef17835c516f4a (diff) | |
download | freebsd-ports-gnome-3a48b6e78e54e229cfa5628a66f9eeddf6f0fade.tar.gz freebsd-ports-gnome-3a48b6e78e54e229cfa5628a66f9eeddf6f0fade.tar.zst freebsd-ports-gnome-3a48b6e78e54e229cfa5628a66f9eeddf6f0fade.zip |
Advanced fork of nss_ldap module with standalone daemon.
PR: 137349
Submitted by: melifaro@ipfw.ru
Diffstat (limited to 'net/nss-pam-ldapd')
-rw-r--r-- | net/nss-pam-ldapd/Makefile | 121 | ||||
-rw-r--r-- | net/nss-pam-ldapd/distinfo | 3 | ||||
-rw-r--r-- | net/nss-pam-ldapd/files/nslcd.in | 24 | ||||
-rw-r--r-- | net/nss-pam-ldapd/files/nss_compat.diff | 75 | ||||
-rw-r--r-- | net/nss-pam-ldapd/files/patch-nslcd__cfg.c | 23 | ||||
-rw-r--r-- | net/nss-pam-ldapd/files/patch-nslcd__common.c | 12 | ||||
-rw-r--r-- | net/nss-pam-ldapd/files/patch-nslcd__common.h | 30 | ||||
-rw-r--r-- | net/nss-pam-ldapd/files/patch-nslcd__nslcd.c | 15 | ||||
-rw-r--r-- | net/nss-pam-ldapd/files/patch-nslcd__passwd.c | 61 | ||||
-rw-r--r-- | net/nss-pam-ldapd/files/patch-nss__bsdnss.c | 160 | ||||
-rw-r--r-- | net/nss-pam-ldapd/files/patch-nss__exports.freebsd | 30 | ||||
-rw-r--r-- | net/nss-pam-ldapd/files/patch-nss__prototypes.h | 57 | ||||
-rw-r--r-- | net/nss-pam-ldapd/files/patch-nss__shadow.c | 17 | ||||
-rw-r--r-- | net/nss-pam-ldapd/pkg-descr | 11 | ||||
-rw-r--r-- | net/nss-pam-ldapd/pkg-plist | 3 |
15 files changed, 642 insertions, 0 deletions
diff --git a/net/nss-pam-ldapd/Makefile b/net/nss-pam-ldapd/Makefile new file mode 100644 index 000000000000..cf96beabc8a8 --- /dev/null +++ b/net/nss-pam-ldapd/Makefile @@ -0,0 +1,121 @@ +# Ports collection Makefile for: nss_ldapd +# Date created: 23/7/2009 +# Whom: melifaro@ipfw.ru +# +# $FreeBSD$ +# + +PORTNAME= nss_ldapd +PORTVERSION= 0.6.11 +CATEGORIES= net +MASTER_SITES= http://arthurdejong.org/nss-ldapd/ +DISTNAME= nss-ldapd-${PORTVERSION} + +MAINTAINER= melifaro@ipfw.ru +COMMENT= Advanced fork of nss_ldap + +GNU_CONFIGURE= yes +USE_GMAKE= yes +USE_LDCONFIG= yes +USE_OPENLDAP= yes +USE_RC_SUBR= nslcd + +NSLCD_PIDFILE?= /var/run/nslcd.pid +NSLCD_SOCKET?= /var/run/nslcd.ctl + +OPTIONS= NSS_COMPAT "Enable nss_ldap compatibility" on \ + SASL "Enable SASL" off + +.include <bsd.port.pre.mk> + +.if ${OSVERSION} < 700000 +IGNORE= problems with nss/libc TLS +.endif + +CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include" \ + LDFLAGS="-L${LOCALBASE}/lib" + +CONFIGURE_ARGS+= --with-nslcd-pidfile=${NSLCD_PIDFILE} \ + --with-nslcd-socket=${NSLCD_SOCKET} \ + --with-ldap-lib=openldap --disable-kerberos + +.if defined(WITHOUT_NSS) +.undef NSS_COMPAT +.endif + +.if defined(WITH_NSS_COMPAT) +CONFIGURE_ARGS+= --with-ldap-conf-file=${PREFIX}/etc/nss_ldap.conf +PLIST_SUB+= CONFIG="nss_ldap" +EXTRA_PATCHES+= ${PATCHDIR}/nss_compat.diff +.else +CONFIGURE_ARGS+= --with-ldap-conf-file=${PREFIX}/etc/nss_ldapd.conf +PLIST_SUB+= CONFIG="nss_ldapd" +.endif + +.if defined(WITH_SASL) +WANT_OPENLDAP_SASL= yes +CONFIGURE_ARGS+= --enable-sasl +.else +CONFIGURE_ARGS+= --disable-sasl +.endif + +.if defined(WITH_PAM) +CONFIGURE_ARGS+= --enable-pam +.else +CONFIGURE_ARGS+= --disable-pam +.endif + +.if defined(WITHOUT_NSS) +CONFIGURE_ARGS+= --disable-nss +PLIST_SUB+= NSS="@comment " +.else +CONFIGURE_ARGS+= --enable-nss +CONFLICTS+= nss_ldap-1.* +PLIST_SUB+= NSS="" +.endif + +.if defined(WITHOUT_NSLCD) +CONFIGURE_ARGS+= --disable-nslcd +PLIST_SUB+= NSLCD="@comment " +.else +CONFIGURE_ARGS+= --enable-nslcd +PLIST_SUB+= NSLCD="" +MAN8= nslcd.8 +.endif + +MAN5= nss-ldapd.conf.5 + +post-extract: + @${REINPLACE_CMD} -e 's/\(INSTALL_\)\(.*\)) -D /\1\2) /' ${WRKSRC}/Makefile.in ${WRKSRC}/nss/Makefile.in + @${REINPLACE_CMD} -e 's/shadow.$$(OBJEXT)/shadow.$$(OBJEXT) bsdnss.$$(OBJEXT)/;s/shadow\.c/shadow.c bsdnss.c/;s/exports\.linux/exports.freebsd/' ${WRKSRC}/nss/Makefile.in + @${REINPLACE_CMD} -e 's/^NSS_VERS = .*/NSS_VERS = 1/;s/libnss_ldap\.so/nss_ldap.so/' ${WRKSRC}/nss/Makefile.in + @${MV} ${WRKSRC}/nss/exports.linux ${WRKSRC}/nss/exports.freebsd + @${REINPLACE_CMD} -e 's/$$(DESTDIR)$$(NSS_LDAP_PATH_CONF)/$$(DESTDIR)$$(NSS_LDAP_PATH_CONF).sample/' ${WRKSRC}/Makefile.in + +post-install: + @${ECHO_MSG} + @${ECHO_MSG} ===================================================================== + @${ECHO_MSG} +.if defined(WITH_NSS_COMPAT) + @${ECHO_MSG} " NSS_LDAP compatibility ENABLED." + @${ECHO_MSG} + @${ECHO_MSG} " LDAP configuration: ${PREFIX}/etc/nss_ldap.conf" + @${ECHO_MSG} " Secret file: ${PREFIX}/etc/nss_ldap.secret" + @${ECHO_MSG} " Sample configuration: ${PREFIX}/etc/nss_ldap.conf.sample" + @${ECHO_MSG} + @${ECHO_MSG} " Check if you need to adjust reconnect_* parameters" + @${ECHO_MSG} " WARNING: nss_ldapd will use ONLY rootbinddn to access LDAP data" +.else + @${ECHO_MSG} " LDAP configuration: ${PREFIX}/etc/nss_ldapd.conf" + @${ECHO_MSG} " Sample configuration: ${PREFIX}/etc/nss_ldapd.conf.sample" + @${ECHO_MSG} +.endif +.if !defined(WITHOUT_NSS) + @${ECHO_MSG} " WARNING: Be sure to set uid and gid configuration parameters" + @${ECHO_MSG} " WARNING: to make nslcd run under unprivileged user" +.endif + @${ECHO_MSG} + @${ECHO_MSG} ===================================================================== + @${ECHO_MSG} + +.include <bsd.port.post.mk> diff --git a/net/nss-pam-ldapd/distinfo b/net/nss-pam-ldapd/distinfo new file mode 100644 index 000000000000..5c023d153828 --- /dev/null +++ b/net/nss-pam-ldapd/distinfo @@ -0,0 +1,3 @@ +MD5 (nss-ldapd-0.6.11.tar.gz) = 8e5087f74a128f2c12f974c176803747 +SHA256 (nss-ldapd-0.6.11.tar.gz) = ac41292c8c7c2a4fb2e77ee9bc165ecefc84e8c33682f8c87ee69381830a8aff +SIZE (nss-ldapd-0.6.11.tar.gz) = 415271 diff --git a/net/nss-pam-ldapd/files/nslcd.in b/net/nss-pam-ldapd/files/nslcd.in new file mode 100644 index 000000000000..bf7623d11854 --- /dev/null +++ b/net/nss-pam-ldapd/files/nslcd.in @@ -0,0 +1,24 @@ +#!/bin/sh +# +# $FreeBSD$ +# +# PROVIDE: nslcd +# REQUIRE: DAEMON ldconfig resolv +# +# Add the following line to /etc/rc.conf to enable the nslcd daemon: +# +# nslcd_enable="YES" +# + +nslcd_enable=${nslcd_enable-"NO"} + +. %%RC_SUBR%% + +name=nslcd +rcvar=$(set_rcvar) + +command="%%PREFIX%%/sbin/%{name}" +pidfile="/var/run/${name}.pid" + +load_rc_config ${name} +run_rc_command "$1" diff --git a/net/nss-pam-ldapd/files/nss_compat.diff b/net/nss-pam-ldapd/files/nss_compat.diff new file mode 100644 index 000000000000..03d527af7de0 --- /dev/null +++ b/net/nss-pam-ldapd/files/nss_compat.diff @@ -0,0 +1,75 @@ +--- nslcd/cfg.c.orig 2009-06-19 16:03:14.000000000 +0400 ++++ nslcd/cfg.c 2009-08-10 20:41:31.000000000 +0400 +@@ -33,6 +33,7 @@ + #include <sys/types.h> + #include <sys/stat.h> + #include <unistd.h> ++#include <libgen.h> + #include <errno.h> + #include <netdb.h> + #include <sys/socket.h> +@@ -649,13 +650,31 @@ + { + FILE *fp; + int lnr=0; +- char linebuf[MAX_LINE_LENGTH]; ++ char linebuf[MAX_LINE_LENGTH], secret_path[512]; + char *line; + char keyword[32]; + char token[64]; + int i; + int rc; + char *value; ++ ++ /* get secret password */ ++ snprintf(secret_path, sizeof(secret_path), "%s/nss_ldap.secret", dirname(filename)); ++ if ((fp=fopen(secret_path,"r"))==NULL) ++ { ++ log_log(LOG_ERR,"cannot open secret file (%s): %s",secret_path,strerror(errno)); ++ /* exit(EXIT_FAILURE); */ ++ } ++ else if (fgets(linebuf,MAX_LINE_LENGTH,fp)!=NULL) ++ { ++ i=strlen(linebuf); ++ if (i>0) ++ linebuf[i-1]='\0'; ++ cfg->ldc_bindpw=strdup(linebuf); ++ } ++ if (fp!=NULL) ++ fclose(fp); ++ + /* open config file */ + if ((fp=fopen(filename,"r"))==NULL) + { +@@ -724,13 +743,14 @@ + get_int(filename,lnr,keyword,&line,&cfg->ldc_version); + get_eol(filename,lnr,keyword,&line); + } +- else if (strcasecmp(keyword,"binddn")==0) ++ else if (strcasecmp(keyword,"rootbinddn")==0) + { + get_restdup(filename,lnr,keyword,&line,&cfg->ldc_binddn); + } + else if (strcasecmp(keyword,"bindpw")==0) + { +- get_restdup(filename,lnr,keyword,&line,&cfg->ldc_bindpw); ++ if (cfg->ldc_bindpw == NULL) ++ get_restdup(filename,lnr,keyword,&line,&cfg->ldc_bindpw); + } + /* SASL authentication options */ + else if (strcasecmp(keyword,"sasl_authcid")==0) +@@ -931,12 +951,14 @@ + get_int(filename,lnr,keyword,&line,&cfg->ldc_pagesize); + get_eol(filename,lnr,keyword,&line); + } ++#if 0 + /* fallthrough */ + else + { + log_log(LOG_ERR,"%s:%d: unknown keyword: '%s'",filename,lnr,keyword); + exit(EXIT_FAILURE); + } ++#endif + } + /* we're done reading file, close */ + fclose(fp); diff --git a/net/nss-pam-ldapd/files/patch-nslcd__cfg.c b/net/nss-pam-ldapd/files/patch-nslcd__cfg.c new file mode 100644 index 000000000000..17ddb62fc0f0 --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-nslcd__cfg.c @@ -0,0 +1,23 @@ +--- ./nslcd/cfg.c.orig 2009-08-02 22:32:27.000000000 +0000 ++++ ./nslcd/cfg.c 2009-08-02 22:49:26.000000000 +0000 +@@ -37,14 +37,13 @@ + #include <errno.h> + #include <netdb.h> + #include <sys/socket.h> +-#ifdef HAVE_GSSAPI_H +-#include <gssapi.h> +-#endif /* HAVE_GSSAPI_H */ +-#ifdef HAVE_GSSAPI_GSSAPI_KRB5_H ++#if HAVE_GSSAPI_GSSAPI_H + #include <gssapi/gssapi.h> +-#include <gssapi/gssapi_krb5.h> +-#endif /* HAVE_GSSAPI_GSSAPI_KRB5_H */ +-#include <sys/types.h> ++#elif HAVE_GSSAPI_GSSAPI_GENERIC_H ++#include <gssapi/gssapi_generic.h> ++#elif HAVE_GSSAPI_H ++#include <gssapi.h> ++#endif + #include <pwd.h> + #include <grp.h> + diff --git a/net/nss-pam-ldapd/files/patch-nslcd__common.c b/net/nss-pam-ldapd/files/patch-nslcd__common.c new file mode 100644 index 000000000000..63bf26253df8 --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-nslcd__common.c @@ -0,0 +1,12 @@ +--- ./nslcd/common.c.orig 2009-02-27 17:27:08.000000000 +0000 ++++ ./nslcd/common.c 2009-08-02 22:32:27.000000000 +0000 +@@ -27,6 +27,9 @@ + #include <stdarg.h> + #include <sys/types.h> + #include <sys/socket.h> ++#ifdef __FreeBSD__ ++#include <netinet/in.h> ++#endif + #include <arpa/inet.h> + #include <strings.h> + #include <limits.h> diff --git a/net/nss-pam-ldapd/files/patch-nslcd__common.h b/net/nss-pam-ldapd/files/patch-nslcd__common.h new file mode 100644 index 000000000000..e8fb8c95cc51 --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-nslcd__common.h @@ -0,0 +1,30 @@ +--- ./nslcd/common.h.orig 2009-06-03 10:31:05.000000000 +0000 ++++ ./nslcd/common.h 2009-08-02 22:32:27.000000000 +0000 +@@ -124,9 +124,9 @@ + int nslcd_network_byname(TFILE *fp,MYLDAP_SESSION *session); + int nslcd_network_byaddr(TFILE *fp,MYLDAP_SESSION *session); + int nslcd_network_all(TFILE *fp,MYLDAP_SESSION *session); +-int nslcd_passwd_byname(TFILE *fp,MYLDAP_SESSION *session); +-int nslcd_passwd_byuid(TFILE *fp,MYLDAP_SESSION *session); +-int nslcd_passwd_all(TFILE *fp,MYLDAP_SESSION *session); ++int nslcd_passwd_byname(TFILE *fp,MYLDAP_SESSION *session,uid_t uid); ++int nslcd_passwd_byuid(TFILE *fp,MYLDAP_SESSION *session,uid_t uid); ++int nslcd_passwd_all(TFILE *fp,MYLDAP_SESSION *session,uid_t uid); + int nslcd_protocol_byname(TFILE *fp,MYLDAP_SESSION *session); + int nslcd_protocol_bynumber(TFILE *fp,MYLDAP_SESSION *session); + int nslcd_protocol_all(TFILE *fp,MYLDAP_SESSION *session); +@@ -145,8 +145,12 @@ + int nslcd_pam_pwmod(TFILE *fp,MYLDAP_SESSION *session); + + /* macro for generating service handling code */ +-#define NSLCD_HANDLE(db,fn,readfn,logcall,action,mkfilter,writefn) \ +- int nslcd_##db##_##fn(TFILE *fp,MYLDAP_SESSION *session) \ ++#define COMMA , ++#define NSLCD_HANDLE(db,fn,readfn,logcall,action,mkfilter,writefn) NSLCD_HANDLE_PARAMS(db,fn,,readfn,logcall,action,mkfilter,writefn) ++#define NSLCD_HANDLE_UID(db,fn,readfn,logcall,action,mkfilter,writefn) NSLCD_HANDLE_PARAMS(db,fn,COMMA uid_t calleruid,readfn,logcall,action,mkfilter,writefn) ++ ++#define NSLCD_HANDLE_PARAMS(db,fn,params,readfn,logcall,action,mkfilter,writefn) \ ++ int nslcd_##db##_##fn(TFILE *fp,MYLDAP_SESSION *session params ) \ + { \ + /* define common variables */ \ + int32_t tmpint32; \ diff --git a/net/nss-pam-ldapd/files/patch-nslcd__nslcd.c b/net/nss-pam-ldapd/files/patch-nslcd__nslcd.c new file mode 100644 index 000000000000..fb6128ca2065 --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-nslcd__nslcd.c @@ -0,0 +1,15 @@ +--- ./nslcd/nslcd.c.orig 2009-06-12 21:53:18.000000000 +0000 ++++ ./nslcd/nslcd.c 2009-08-02 22:32:27.000000000 +0000 +@@ -398,9 +398,9 @@ + case NSLCD_ACTION_NETWORK_BYNAME: (void)nslcd_network_byname(fp,session); break; + case NSLCD_ACTION_NETWORK_BYADDR: (void)nslcd_network_byaddr(fp,session); break; + case NSLCD_ACTION_NETWORK_ALL: (void)nslcd_network_all(fp,session); break; +- case NSLCD_ACTION_PASSWD_BYNAME: (void)nslcd_passwd_byname(fp,session); break; +- case NSLCD_ACTION_PASSWD_BYUID: (void)nslcd_passwd_byuid(fp,session); break; +- case NSLCD_ACTION_PASSWD_ALL: (void)nslcd_passwd_all(fp,session); break; ++ case NSLCD_ACTION_PASSWD_BYNAME: (void)nslcd_passwd_byname(fp,session,uid); break; ++ case NSLCD_ACTION_PASSWD_BYUID: (void)nslcd_passwd_byuid(fp,session,uid); break; ++ case NSLCD_ACTION_PASSWD_ALL: (void)nslcd_passwd_all(fp,session,uid); break; + case NSLCD_ACTION_PROTOCOL_BYNAME: (void)nslcd_protocol_byname(fp,session); break; + case NSLCD_ACTION_PROTOCOL_BYNUMBER:(void)nslcd_protocol_bynumber(fp,session); break; + case NSLCD_ACTION_PROTOCOL_ALL: (void)nslcd_protocol_all(fp,session); break; diff --git a/net/nss-pam-ldapd/files/patch-nslcd__passwd.c b/net/nss-pam-ldapd/files/patch-nslcd__passwd.c new file mode 100644 index 000000000000..1f4f05fa0fd9 --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-nslcd__passwd.c @@ -0,0 +1,61 @@ +--- ./nslcd/passwd.c.orig 2009-06-29 19:04:54.000000000 +0000 ++++ ./nslcd/passwd.c 2009-08-02 22:32:27.000000000 +0000 +@@ -292,7 +292,7 @@ + #define MAXUIDS_PER_ENTRY 5 + + static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser, +- const uid_t *requid) ++ const uid_t *requid,uid_t calleruid) + { + int32_t tmpint32; + const char **tmpvalues; +@@ -323,7 +323,7 @@ + else + { + passwd=get_userpassword(entry,attmap_passwd_userPassword); +- if (passwd==NULL) ++ if ((passwd==NULL) || (calleruid!=0)) + passwd=default_passwd_userPassword; + } + /* get the uids for this entry */ +@@ -451,7 +451,7 @@ + return 0; + } + +-NSLCD_HANDLE( ++NSLCD_HANDLE_UID( + passwd,byname, + char name[256]; + char filter[1024]; +@@ -463,10 +463,10 @@ + log_log(LOG_DEBUG,"nslcd_passwd_byname(%s)",name);, + NSLCD_ACTION_PASSWD_BYNAME, + mkfilter_passwd_byname(name,filter,sizeof(filter)), +- write_passwd(fp,entry,name,NULL) ++ write_passwd(fp,entry,name,NULL,calleruid) + ) + +-NSLCD_HANDLE( ++NSLCD_HANDLE_UID( + passwd,byuid, + uid_t uid; + char filter[1024]; +@@ -474,15 +474,15 @@ + log_log(LOG_DEBUG,"nslcd_passwd_byuid(%d)",(int)uid);, + NSLCD_ACTION_PASSWD_BYUID, + mkfilter_passwd_byuid(uid,filter,sizeof(filter)), +- write_passwd(fp,entry,NULL,&uid) ++ write_passwd(fp,entry,NULL,&uid,calleruid) + ) + +-NSLCD_HANDLE( ++NSLCD_HANDLE_UID( + passwd,all, + const char *filter; + /* no parameters to read */, + log_log(LOG_DEBUG,"nslcd_passwd_all()");, + NSLCD_ACTION_PASSWD_ALL, + (filter=passwd_filter,0), +- write_passwd(fp,entry,NULL,NULL) ++ write_passwd(fp,entry,NULL,NULL,calleruid) + ) diff --git a/net/nss-pam-ldapd/files/patch-nss__bsdnss.c b/net/nss-pam-ldapd/files/patch-nss__bsdnss.c new file mode 100644 index 000000000000..059be6179fe1 --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-nss__bsdnss.c @@ -0,0 +1,160 @@ +--- ./nss/bsdnss.c.orig 2009-08-10 16:06:22.000000000 +0000 ++++ ./nss/bsdnss.c 2009-08-10 15:58:04.000000000 +0000 +@@ -0,0 +1,157 @@ ++#include <errno.h> ++#include <sys/param.h> ++#include <netinet/in.h> ++#include <pwd.h> ++#include <grp.h> ++#include <nss.h> ++#include <netdb.h> ++ ++#define BUFFER_SIZE 1024 ++ ++extern enum nss_status _nss_ldap_getgrent_r(struct group *, char *, size_t, ++ int *); ++extern enum nss_status _nss_ldap_getgrnam_r(const char *, struct group *, ++ char *, size_t, int *); ++extern enum nss_status _nss_ldap_getgrgid_r(gid_t gid, struct group *, char *, ++ size_t, int *); ++extern enum nss_status _nss_ldap_setgrent(void); ++extern enum nss_status _nss_ldap_endgrent(void); ++ ++extern enum nss_status _nss_ldap_getpwent_r(struct passwd *, char *, size_t, ++ int *); ++extern enum nss_status _nss_ldap_getpwnam_r(const char *, struct passwd *, ++ char *, size_t, int *); ++extern enum nss_status _nss_ldap_getpwuid_r(gid_t gid, struct passwd *, char *, ++ size_t, int *); ++extern enum nss_status _nss_ldap_setpwent(void); ++extern enum nss_status _nss_ldap_endpwent(void); ++ ++extern enum nss_status _nss_ldap_gethostbyname_r (const char *name, struct hostent * result, ++ char *buffer, size_t buflen, int *errnop, ++ int *h_errnop); ++ ++extern enum nss_status _nss_ldap_gethostbyname2_r (const char *name, int af, struct hostent * result, ++ char *buffer, size_t buflen, int *errnop, ++ int *h_errnop); ++extern enum nss_status _nss_ldap_gethostbyaddr_r (struct in_addr * addr, int len, int type, ++ struct hostent * result, char *buffer, ++ size_t buflen, int *errnop, int *h_errnop); ++ ++NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_getgrgid_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_getgrent_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_setgrent); ++NSS_METHOD_PROTOTYPE(__nss_compat_endgrent); ++ ++NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_setpwent); ++NSS_METHOD_PROTOTYPE(__nss_compat_endpwent); ++ ++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname); ++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname2); ++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyaddr); ++ ++static ns_mtab methods[] = { ++{ NSDB_GROUP, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r }, ++{ NSDB_GROUP, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r }, ++{ NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r }, ++{ NSDB_GROUP, "setgrent", __nss_compat_setgrent, _nss_ldap_setgrent }, ++{ NSDB_GROUP, "endgrent", __nss_compat_endgrent, _nss_ldap_endgrent }, ++ ++{ NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r }, ++{ NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r }, ++{ NSDB_PASSWD, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r }, ++{ NSDB_PASSWD, "setpwent", __nss_compat_setpwent, _nss_ldap_setpwent }, ++{ NSDB_PASSWD, "endpwent", __nss_compat_endpwent, _nss_ldap_endpwent }, ++ ++{ NSDB_HOSTS, "gethostbyname", __nss_compat_gethostbyname, _nss_ldap_gethostbyname_r }, ++{ NSDB_HOSTS, "gethostbyaddr", __nss_compat_gethostbyaddr, _nss_ldap_gethostbyaddr_r }, ++{ NSDB_HOSTS, "gethostbyname2", __nss_compat_gethostbyname2, _nss_ldap_gethostbyname2_r }, ++ ++{ NSDB_GROUP_COMPAT, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r }, ++{ NSDB_GROUP_COMPAT, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r }, ++{ NSDB_GROUP_COMPAT, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r }, ++{ NSDB_GROUP_COMPAT, "setgrent", __nss_compat_setgrent, _nss_ldap_setgrent }, ++{ NSDB_GROUP_COMPAT, "endgrent", __nss_compat_endgrent, _nss_ldap_endgrent }, ++ ++{ NSDB_PASSWD_COMPAT, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r }, ++{ NSDB_PASSWD_COMPAT, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r }, ++{ NSDB_PASSWD_COMPAT, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r }, ++{ NSDB_PASSWD_COMPAT, "setpwent", __nss_compat_setpwent, _nss_ldap_setpwent }, ++{ NSDB_PASSWD_COMPAT, "endpwent", __nss_compat_endpwent, _nss_ldap_endpwent }, ++ ++}; ++ ++ ++int __nss_compat_gethostbyname(void *retval, void *mdata, va_list ap) ++{ ++ enum nss_status (*fn)(const char *, struct hostent *, char *, size_t, int *, int *); ++ const char *name; ++ struct hostent *result; ++ char buffer[BUFFER_SIZE]; ++ int errnop; ++ int h_errnop; ++ int af; ++ enum nss_status status; ++ fn = mdata; ++ name = va_arg(ap, const char*); ++ af = va_arg(ap,int); ++ result = va_arg(ap,struct hostent *); ++ status = fn(name, result, buffer, sizeof(buffer), &errnop, &h_errnop); ++ status = __nss_compat_result(status,errnop); ++ h_errno = h_errnop; ++ return (status); ++} ++ ++int __nss_compat_gethostbyname2(void *retval, void *mdata, va_list ap) ++{ ++ enum nss_status (*fn)(const char *, struct hostent *, char *, size_t, int *, int *); ++ const char *name; ++ struct hostent *result; ++ char buffer[BUFFER_SIZE]; ++ int errnop; ++ int h_errnop; ++ int af; ++ enum nss_status status; ++ fn = mdata; ++ name = va_arg(ap, const char*); ++ af = va_arg(ap,int); ++ result = va_arg(ap,struct hostent *); ++ status = fn(name, result, buffer, sizeof(buffer), &errnop, &h_errnop); ++ status = __nss_compat_result(status,errnop); ++ h_errno = h_errnop; ++ return (status); ++} ++ ++int __nss_compat_gethostbyaddr(void *retval, void *mdata, va_list ap) ++{ ++ struct in_addr *addr; ++ int len; ++ int type; ++ struct hostent *result; ++ char buffer[BUFFER_SIZE]; ++ int errnop; ++ int h_errnop; ++ enum nss_status (*fn)(struct in_addr *, int, int, struct hostent *, char *, size_t, int *, int *); ++ enum nss_status status; ++ fn = mdata; ++ addr = va_arg(ap, struct in_addr*); ++ len = va_arg(ap,int); ++ type = va_arg(ap,int); ++ result = va_arg(ap, struct hostent*); ++ status = fn(addr, len, type, result, buffer, sizeof(buffer), &errnop, &h_errnop); ++ status = __nss_compat_result(status,errnop); ++ h_errno = h_errnop; ++ return (status); ++} ++ ++ns_mtab * ++nss_module_register(const char *source, unsigned int *mtabsize, ++ nss_module_unregister_fn *unreg) ++{ ++ *mtabsize = sizeof(methods)/sizeof(methods[0]); ++ *unreg = NULL; ++ return (methods); ++} diff --git a/net/nss-pam-ldapd/files/patch-nss__exports.freebsd b/net/nss-pam-ldapd/files/patch-nss__exports.freebsd new file mode 100644 index 000000000000..4691824f10df --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-nss__exports.freebsd @@ -0,0 +1,30 @@ +--- ./nss/exports.freebsd.orig 2007-12-31 16:49:01.000000000 +0000 ++++ ./nss/exports.freebsd 2009-08-02 22:32:27.000000000 +0000 +@@ -78,6 +78,27 @@ + _nss_ldap_getspent_r; + _nss_ldap_endspent; + ++ # compat 4 bsd ++ __nss_compat_getgrnam_r; ++ __nss_compat_getgrgid_r; ++ __nss_compat_getgrent_r; ++ __nss_compat_setgrent; ++ __nss_compat_endgrent; ++ ++ __nss_compat_getpwnam_r; ++ __nss_compat_getpwuid_r; ++ __nss_compat_getpwent_r; ++ __nss_compat_setpwent; ++ __nss_compat_endpwent; ++ ++ __nss_compat_gethostbyname; ++ __nss_compat_gethostbyname2; ++ __nss_compat_gethostbyaddr; ++ ++ # module init ++ nss_module_register; ++ ++ + # everything else should not be exported + local: + *; diff --git a/net/nss-pam-ldapd/files/patch-nss__prototypes.h b/net/nss-pam-ldapd/files/patch-nss__prototypes.h new file mode 100644 index 000000000000..5f17cb2ef350 --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-nss__prototypes.h @@ -0,0 +1,57 @@ +--- ./nss/prototypes.h.orig 2008-05-02 21:00:10.000000000 +0000 ++++ ./nss/prototypes.h 2009-08-02 22:32:27.000000000 +0000 +@@ -24,13 +24,40 @@ + #define _NSS_EXPORTS_H 1 + + #include <nss.h> +-#include <aliases.h> ++#ifndef __FreeBSD__ + #include <netinet/ether.h> ++#else ++#include <net/ethernet.h> ++#include <sys/socket.h> ++#endif + #include <sys/types.h> + #include <grp.h> + #include <netdb.h> + #include <pwd.h> ++#ifdef HAVE_SHADOW_H + #include <shadow.h> ++#endif ++ ++#ifdef __FreeBSD__ ++/* ++ * Import from aliases.h ++ */ ++struct aliasent ++ { ++ char *alias_name; ++ size_t alias_members_len; ++ char **alias_members; ++ int alias_local; ++ }; ++ ++struct rpcent ++{ ++ char *r_name; /* Name of server for this rpc program. */ ++ char **r_aliases; /* Alias list. */ ++ int r_number; /* RPC program number. */ ++}; ++ ++#endif + + /* We define struct etherent here because it does not seem to + be defined in any publicly available header file exposed +@@ -160,10 +187,12 @@ + enum nss_status _nss_ldap_getservent_r(struct servent *result,char *buffer,size_t buflen,int *errnop); + enum nss_status _nss_ldap_endservent(void); + ++#ifdef HAVE_SHADOW_H + /* shadow - extended user information */ + enum nss_status _nss_ldap_getspnam_r(const char *name,struct spwd *result,char *buffer,size_t buflen,int *errnop); + enum nss_status _nss_ldap_setspent(int stayopen); + enum nss_status _nss_ldap_getspent_r(struct spwd *result,char *buffer,size_t buflen,int *errnop); + enum nss_status _nss_ldap_endspent(void); ++#endif + + #endif /* not NSS_EXPORTS */ diff --git a/net/nss-pam-ldapd/files/patch-nss__shadow.c b/net/nss-pam-ldapd/files/patch-nss__shadow.c new file mode 100644 index 000000000000..9212ca6d4518 --- /dev/null +++ b/net/nss-pam-ldapd/files/patch-nss__shadow.c @@ -0,0 +1,17 @@ +--- ./nss/shadow.c.orig 2009-05-29 21:23:03.000000000 +0000 ++++ ./nss/shadow.c 2009-08-02 22:32:27.000000000 +0000 +@@ -22,6 +22,7 @@ + + #include "config.h" + ++#ifdef HAVE_SHADOW_H + #include <string.h> + #include <nss.h> + #include <errno.h> +@@ -73,3 +74,6 @@ + { + NSS_ENDENT(spentfp); + } ++ ++#endif ++ diff --git a/net/nss-pam-ldapd/pkg-descr b/net/nss-pam-ldapd/pkg-descr new file mode 100644 index 000000000000..7534ff69d43c --- /dev/null +++ b/net/nss-pam-ldapd/pkg-descr @@ -0,0 +1,11 @@ +nss_ldapd is a NSS module which provides an LDAP backend for C library +functions such as getpwnam(3), getgrnam(3), and gethostbyname(3). It +is compliant with RFC 2307, ``An Approach for Using LDAP as a Network +Information Service''. + +Key differences from nss_ldap: +* lighter nss library (no ldap* dependings) +* server-side connection caching + + +WWW: http://arthurdejong.org/nss-ldapd/ diff --git a/net/nss-pam-ldapd/pkg-plist b/net/nss-pam-ldapd/pkg-plist new file mode 100644 index 000000000000..79cc79128932 --- /dev/null +++ b/net/nss-pam-ldapd/pkg-plist @@ -0,0 +1,3 @@ +etc/%%CONFIG%%.conf.sample +%%NSS%%lib/nss_ldap.so.1 +%%NSLCD%%sbin/nslcd |