Bug#649173: pu: package nss-pam-ldapd/0.7.16

[Arthur de Jong]

On Fri, 2012-01-20 at 13:22 +0000, Adam D. Barratt wrote:
> A debdiff would be great, just for final checks; thanks.

Attached is a debdiff for 0.7.15+squeeze1 which includes all three
changes as discussed.

Thanks,

-- 
-- arthur - adej...@debian.org - http://people.debian.org/~adejong --

diff -Nru nss-pam-ldapd-0.7.15/debian/changelog nss-pam-ldapd-0.7.15+squeeze1/debian/changelog
--- nss-pam-ldapd-0.7.15/debian/changelog	2011-10-02 11:14:58.000000000 +0200
+++ nss-pam-ldapd-0.7.15+squeeze1/debian/changelog	2012-01-20 15:35:34.000000000 +0100
@@ -1,3 +1,13 @@
+nss-pam-ldapd (0.7.15+squeeze1) stable; urgency=low
+
+  * fix an issue where changes in /etc/nsswitch.conf were not correctly
+    picked up and could lead to lookups being disabled on upgrade
+    (closes: #645599)
+  * fix an issue with detecting the uid of the calling process
+  * fix a problem in the disconnect logic code
+
+ -- Arthur de Jong <adej...@debian.org>  Fri, 20 Jan 2012 15:30:00 +0100
+
 nss-pam-ldapd (0.7.15) stable; urgency=low
 
   * in debconf, treat the "hard" value for tls_reqcert as if it was "demand"
diff -Nru nss-pam-ldapd-0.7.15/debian/libnss-ldapd.config nss-pam-ldapd-0.7.15+squeeze1/debian/libnss-ldapd.config
--- nss-pam-ldapd-0.7.15/debian/libnss-ldapd.config	2010-09-24 09:07:12.000000000 +0200
+++ nss-pam-ldapd-0.7.15+squeeze1/debian/libnss-ldapd.config	2012-01-20 11:27:43.000000000 +0100
@@ -14,11 +14,9 @@
 #
 
 # parse /etc/nsswitch.conf and see which services have ldap specified
-db_get libnss-ldapd/nsswitch
-if [ -z "$RET" ]
+configured=`sed -n 's/^\([a-z]*\):.*[[:space:]]ldap\([[:space:]].*\)\?/\1/p' /etc/nsswitch.conf`
+if [ -n "$configured" ]
 then
-  # find name services that currently use LDAP
-  configured=`sed -n 's/^\([a-z]*\):.*[[:space:]]ldap\([[:space:]].*\)\?/\1/p' /etc/nsswitch.conf`
   # separate by commas
   configured=`echo $configured | sed 's/ /, /g'`
   # store configured services
diff -Nru nss-pam-ldapd-0.7.15/nslcd/myldap.c nss-pam-ldapd-0.7.15+squeeze1/nslcd/myldap.c
--- nss-pam-ldapd-0.7.15/nslcd/myldap.c	2011-06-05 11:19:27.000000000 +0200
+++ nss-pam-ldapd-0.7.15+squeeze1/nslcd/myldap.c	2012-01-20 15:32:40.000000000 +0100
@@ -1198,7 +1198,7 @@
         }
         /* close connection on some connection problems */
         if ((rc==LDAP_UNAVAILABLE)||(rc==LDAP_SERVER_DOWN)||(rc==LDAP_SUCCESS)||
-            (rc==LDAP_TIMELIMIT_EXCEEDED)|(rc==LDAP_OPERATIONS_ERROR)||
+            (rc==LDAP_TIMELIMIT_EXCEEDED)||(rc==LDAP_OPERATIONS_ERROR)||
             (rc==LDAP_PROTOCOL_ERROR))
         {
           do_close(search->session);
diff -Nru nss-pam-ldapd-0.7.15/nslcd/nslcd.c nss-pam-ldapd-0.7.15+squeeze1/nslcd/nslcd.c
--- nss-pam-ldapd-0.7.15/nslcd/nslcd.c	2010-09-24 09:07:16.000000000 +0200
+++ nss-pam-ldapd-0.7.15+squeeze1/nslcd/nslcd.c	2012-01-20 15:23:49.000000000 +0100
@@ -357,9 +357,9 @@
   TFILE *fp;
   int32_t action;
   struct timeval readtimeout,writetimeout;
-  uid_t uid;
-  gid_t gid;
-  pid_t pid;
+  uid_t uid=(uid_t)-1;
+  gid_t gid=(gid_t)-1;
+  pid_t pid=(pid_t)-1;
   /* indicate new connection to logging module (genrates unique id) */
   log_newsession();
   /* log connection */

signature.asc
Description: This is a digitally signed message part