[Pkg-shadow-commits] r845 - trunk/debian/patches

Nicolas FRANCOIS nekral-guest at costa.debian.org
Tue Feb 7 22:02:34 UTC 2006 

Author: nekral-guest
Date: 2006-02-07 22:02:30 +0000 (Tue, 07 Feb 2006)
New Revision: 845

Modified:
   trunk/debian/patches/463_login_delay_obeys_to_PAM
Log:
Do not use the delay variable and login.defs's FAIL_DELAY in the "#ifdef USE_PAM" code path.


Modified: trunk/debian/patches/463_login_delay_obeys_to_PAM
===================================================================
--- trunk/debian/patches/463_login_delay_obeys_to_PAM	2006-02-07 22:00:46 UTC (rev 844)
+++ trunk/debian/patches/463_login_delay_obeys_to_PAM	2006-02-07 22:02:30 UTC (rev 845)
@@ -5,11 +5,43 @@
 
 Status wrt upstream: Forwarded but not applied yet
 
-Index: shadow-4.0.13/src/login.c
+Index: shadow-4.0.14/src/login.c
 ===================================================================
---- shadow-4.0.13.orig/src/login.c	2005-10-27 16:10:53.130114016 +0200
-+++ shadow-4.0.13/src/login.c	2005-10-27 16:18:17.602543936 +0200
-@@ -595,10 +595,6 @@
+--- shadow-4.0.14.orig/src/login.c	2006-01-11 00:03:20.000000000 +0100
++++ shadow-4.0.14/src/login.c	2006-01-11 01:07:23.000000000 +0100
+@@ -327,7 +327,6 @@
+ 	char ptime[80];
+ #endif
+ 	int reason = PW_LOGIN;
+-	int delay;
+ 	int retries;
+ 	int failed;
+ 	int flag;
+@@ -346,6 +345,7 @@
+ 	pid_t child;
+ 	char *pam_user;
+ #else
++	int delay;
+ 	struct spwd *spwd = NULL;
+ #endif
+ 	/*
+@@ -568,7 +568,6 @@
+ 			alarm (timeout);
+ 
+ 		environ = newenvp;	/* make new environment active */
+-		delay = getdef_num ("FAIL_DELAY", 1);
+ 		retries = getdef_num ("LOGIN_RETRIES", RETRIES);
+ 
+ #ifdef USE_PAM
+@@ -584,17 +583,12 @@
+ 
+ 		/*
+ 		 * hostname & tty are either set to NULL or their correct values,
+-		 * depending on how much we know. We also set PAM's fail delay to
+-		 * ours.
++		 * depending on how much we know.
+ 		 */
+ 		retcode = pam_set_item (pamh, PAM_RHOST, hostname);
  		PAM_FAIL_CHECK;
  		retcode = pam_set_item (pamh, PAM_TTY, tty);
  		PAM_FAIL_CHECK;
@@ -20,25 +52,73 @@
  		/* if fflg == 1, then the user has already been authenticated */
  		if (!fflg || (getuid () != 0)) {
  			int failcount = 0;
-@@ -639,8 +635,6 @@
+@@ -635,8 +629,6 @@
  			  failed = 0;
- 			  
+ 
  			  failcount++;
 -			  if (delay > 0)
 -			    retcode = pam_fail_delay(pamh, 1000000*delay);
  
  			  retcode = pam_authenticate (pamh, 0);
- 			  
-@@ -915,10 +909,9 @@
+ 
+@@ -931,13 +923,16 @@
+ 		if (pwent.pw_passwd[0] == '\0')
+ 			pw_auth ("!", username, reason, (char *) 0);
+ 
++#ifndef USE_PAM
+ 		/*
+ 		 * Wait a while (a la SVR4 /usr/bin/login) before attempting
+ 		 * to login the user again. If the earlier alarm occurs
  		 * before the sleep() below completes, login will exit.
  		 */
- #ifndef USE_PAM
--		if (delay > 0)
--			sleep (delay);
-+ 		if (delay > 0)
-+		   sleep (delay); */
- #endif
--
++		delay = getdef_num ("FAIL_DELAY", 1);
+ 		if (delay > 0)
+ 			sleep (delay);
++#endif
+ 
  		puts (_("Login incorrect"));
  
- 		/* allow only one attempt with -r or -f */
+Index: shadow-4.0.14/debian/login.defs
+===================================================================
+--- shadow-4.0.14.orig/debian/login.defs	2006-01-11 00:03:20.000000000 +0100
++++ shadow-4.0.14/debian/login.defs	2006-01-11 01:07:15.000000000 +0100
+@@ -36,11 +36,6 @@
+ #MAIL_FILE      .mail
+ 
+ #
+-# Delay in seconds before being allowed another attempt after a login failure
+-#
+-FAIL_DELAY		3
+-
+-#
+ # Enable logging and display of /var/log/faillog login failure info.
+ # This option conflicts with the pam_tally PAM module.
+ #
+@@ -321,6 +316,7 @@
+ #ENV_HZ
+ #CHFN_AUTH
+ #CHSH_AUTH
++#FAIL_DELAY
+ 
+ ################# OBSOLETED #######################
+ #						  #
+Index: shadow-4.0.14/lib/getdef.c
+===================================================================
+--- shadow-4.0.14.orig/lib/getdef.c	2006-01-11 00:03:20.000000000 +0100
++++ shadow-4.0.14/lib/getdef.c	2006-01-11 01:07:15.000000000 +0100
+@@ -55,7 +55,6 @@
+ 	{"ENV_PATH", NULL},
+ 	{"ENV_SUPATH", NULL},
+ 	{"ERASECHAR", NULL},
+-	{"FAIL_DELAY", NULL},
+ 	{"FAILLOG_ENAB", NULL},
+ 	{"FAKE_SHELL", NULL},
+ 	{"FTMP_FILE", NULL},
+@@ -91,6 +90,7 @@
+ 	{"ENV_HZ", NULL},
+ 	{"ENV_TZ", NULL},
+ 	{"ENVIRON_FILE", NULL},
++	{"FAIL_DELAY", NULL},
+ 	{"ISSUE_FILE", NULL},
+ 	{"LASTLOG_ENAB", NULL},
+ 	{"LOGIN_STRING", NULL},

More information about the Pkg-shadow-commits mailing list