[proftpd-dfsg] 01/01: Patch for not_read_whole_passwd_db (#717235)
Hilmar Preuße
hilmar-guest at moszumanska.debian.org
Mon Sep 26 07:51:53 UTC 2016
This is an automated email from the git hooks/post-receive script.
hilmar-guest pushed a commit to branch master
in repository proftpd-dfsg.
commit c4f244fc1c494e9e72206c69fbbdc96d8bb8af31
Author: Hilmar Preuße <hille42 at web.de>
Date: Mon Sep 26 09:50:56 2016 +0200
Patch for not_read_whole_passwd_db (#717235)
---
debian/changelog | 7 ++++++
debian/patches/not_read_whole_passwd_db.diff | 37 ++++++++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 45 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index fd8b659..08723ce 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -16,6 +16,13 @@ proftpd-dfsg (1.3.5a-2) UNRELEASED; urgency=medium
* Use common-session-noninteractive PAM configuration fragment,
(instead of common-session) in pam config of proftpd-basic
(Closes: #804322).
+ * Apply patch to not request the whole passwd DB at each login. Thanks
+ to Arthur de Jong <adejong at debian.org>. (Closes: #717235).
+ <quote src=AdJ>
+ I still question the usefulness of setpwent()/getpwent() in the first
+ place as there is no guarantee that any resources opened for setpwent()
+ are used for other getpw{nam,uid}() calls.
+ </quote>
* Some files created during build were not removed during clean.
-- Mahyuddin Susanto <udienz at gmail.com> Wed, 24 Aug 2016 15:23:38 -0700
diff --git a/debian/patches/not_read_whole_passwd_db.diff b/debian/patches/not_read_whole_passwd_db.diff
new file mode 100644
index 0000000..b968194
--- /dev/null
+++ b/debian/patches/not_read_whole_passwd_db.diff
@@ -0,0 +1,37 @@
+Author: Arthur de Jong <adejong at debian.org>
+Last-Update: 2013-08-14
+Forwarded: <unknown>. Fixed in 1.3.6rc1
+Bug-Debian: http://bugs.debian.org/717235
+Description: not request the whole passwd DB at each login.
+
+Index: proftpd-dfsg-1.3.5a/modules/mod_auth.c
+===================================================================
+--- proftpd-dfsg-1.3.5a.orig/modules/mod_auth.c 2015-05-28 02:25:54.000000000 +0200
++++ proftpd-dfsg-1.3.5a/modules/mod_auth.c 2016-09-19 09:58:15.000000000 +0200
+@@ -838,16 +838,23 @@
+ }
+
+ static void ensure_open_passwd(pool *p) {
+- /* Make sure pass/group is open.
+- */
++ /* Make sure pass/group is open. */
+ pr_auth_setpwent(p);
+ pr_auth_setgrent(p);
+
+ /* On some unices the following is necessary to ensure the files
+- * are open. (BSDI 3.1)
++ * are open (BSDI 3.1)
+ */
+ pr_auth_getpwent(p);
+ pr_auth_getgrent(p);
++
++ /* Per Debian bug report:
++ * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717235
++ * we might want to do another set{pw,gr}ent(), to play better with
++ * some NSS modules.
++ */
++ pr_auth_setpwent(p);
++ pr_auth_setgrent(p);
+ }
+
+ /* Next function (the biggie) handles all authentication, setting
diff --git a/debian/patches/series b/debian/patches/series
index 5f78814..838d6ce 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -14,3 +14,4 @@ contrib_hardening_flags
FTBS_on_Hurd
large_files_SFTP.diff
reproducible_build
+not_read_whole_passwd_db.diff
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-proftpd/proftpd-dfsg.git
More information about the Pkg-proftpd-maintainers
mailing list