From 8cc75d9a9ec8273b7d17aa6a2486777d1e0835b8 Mon Sep 17 00:00:00 2001 From: Tomas Janousek Date: Oct 01 2007 13:56:15 +0000 Subject: cyrus-imapd-2.3.9-getgrouplist.patch --- diff --git a/cyrus-imapd-2.3.8-getgrouplist.patch b/cyrus-imapd-2.3.8-getgrouplist.patch deleted file mode 100644 index c597bb6..0000000 --- a/cyrus-imapd-2.3.8-getgrouplist.patch +++ /dev/null @@ -1,84 +0,0 @@ -diff -Naur cyrus-imapd-2.3.8.orig/configure.in cyrus-imapd-2.3.8/configure.in ---- cyrus-imapd-2.3.8.orig/configure.in Thu Nov 30 18:11:16 2006 -+++ cyrus-imapd-2.3.8/configure.in Tue Jun 12 15:40:12 2007 -@@ -119,7 +119,7 @@ - - AC_CHECK_HEADERS(unistd.h sys/select.h sys/param.h stdarg.h) - AC_REPLACE_FUNCS(memmove strcasecmp ftruncate strerror) --AC_CHECK_FUNCS(strlcat strlcpy) -+AC_CHECK_FUNCS(strlcat strlcpy getgrouplist) - AC_HEADER_DIRENT - - dnl do this before Berkeley DB/IPv6 detection -diff -Naur cyrus-imapd-2.3.8.orig/lib/auth_unix.c cyrus-imapd-2.3.8/lib/auth_unix.c ---- cyrus-imapd-2.3.8.orig/lib/auth_unix.c Thu Nov 30 18:11:22 2006 -+++ cyrus-imapd-2.3.8/lib/auth_unix.c Tue Jun 12 15:42:22 2007 -@@ -224,6 +224,12 @@ - struct passwd *pwd; - struct group *grp; - char **mem; -+#ifdef HAVE_GETGROUPLIST -+ gid_t gid; -+ int ret, ngroups; -+ gid_t *groupids = 0; -+ int i; -+#endif - - identifier = mycanonifyid(identifier, 0); - if (!identifier) return 0; -@@ -239,7 +245,45 @@ - return newstate; - - pwd = getpwnam(identifier); -- -+#ifdef HAVE_GETGROUPLIST -+ gid = pwd ? pwd->pw_gid : (gid_t) -1; -+ -+ // get number of groups user is member of into newstate->ngroups -+ getgrouplist(identifier, gid, NULL, &(newstate->ngroups)); -+ // get the actual group ids. -+ do { -+ if (groupids) -+ free(groupids); -+ groupids = (gid_t *)xmalloc(newstate->ngroups * sizeof(gid_t)); -+ -+ ngroups = newstate->ngroups; -+ ret = getgrouplist(identifier, gid, groupids, &(newstate->ngroups)); -+ /* -+ * This is tricky. We do this as long as getgrouplist tells us to -+ * realloc _and_ the number of groups changes. It tells us to realloc -+ * also in the case of failure... -+ */ -+ } while (ret != -1 && ngroups != newstate->ngroups); -+ -+ if (ret == -1) { -+ newstate->ngroups = 0; -+ newstate->group = NULL; -+ goto err; -+ } -+ -+ newstate->group = (char **)xmalloc(newstate->ngroups * sizeof(char *)); -+ for (i = 0; i < newstate->ngroups; ++i ) { -+ struct group *group; -+ -+ if (pwd || groupids[i] != gid) { -+ if ((group = getgrgid(groupids[i]))) -+ newstate->group[i] = xstrdup(group->gr_name); -+ } -+ } -+ -+err: -+ free( groupids ); -+#else - setgrent(); - while ((grp = getgrent())) { - for (mem = grp->gr_mem; *mem; mem++) { -@@ -254,6 +298,8 @@ - } - } - endgrent(); -+#endif -+ - return newstate; - } - diff --git a/cyrus-imapd-2.3.9-getgrouplist.patch b/cyrus-imapd-2.3.9-getgrouplist.patch new file mode 100644 index 0000000..7201eb7 --- /dev/null +++ b/cyrus-imapd-2.3.9-getgrouplist.patch @@ -0,0 +1,81 @@ +--- cyrus/lib/auth_unix.c 2007/02/13 16:42:49 1.41 ++++ cyrus/lib/auth_unix.c 2007/09/17 14:36:40 1.45 +@@ -41,7 +41,7 @@ + */ + + /* +- * $Id: auth_unix.c,v 1.41 2007/02/13 16:42:49 murch Exp $ ++ * $Id: auth_unix.c,v 1.45 2007/09/17 14:36:40 murch Exp $ + */ + + #include +@@ -224,6 +224,10 @@ static struct auth_state *mynewstate(con + struct passwd *pwd; + struct group *grp; + char **mem; ++#ifdef HAVE_GETGROUPLIST ++ gid_t gid, *groupids = NULL; ++ int ret, ngroups = 0; ++#endif + + identifier = mycanonifyid(identifier, 0); + if (!identifier) return 0; +@@ -239,7 +243,48 @@ static struct auth_state *mynewstate(con + return newstate; + + pwd = getpwnam(identifier); +- ++ ++#ifdef HAVE_GETGROUPLIST ++ gid = pwd ? pwd->pw_gid : (gid_t) -1; ++ ++ /* get number of groups user is member of into ngroups */ ++ getgrouplist(identifier, gid, NULL, &ngroups); ++ ++ /* get the actual group ids */ ++ do { ++ groupids = (gid_t *)xrealloc((gid_t *)groupids, ++ ngroups * sizeof(gid_t)); ++ ++ newstate->ngroups = ngroups; /* copy of ngroups for comparision */ ++ ret = getgrouplist(identifier, gid, groupids, &ngroups); ++ /* ++ * This is tricky. We do this as long as getgrouplist tells us to ++ * realloc _and_ the number of groups changes. It tells us to realloc ++ * also in the case of failure... ++ */ ++ } while (ret != -1 && ngroups != newstate->ngroups); ++ ++ if (ret == -1) { ++ newstate->ngroups = 0; ++ newstate->group = NULL; ++ goto err; ++ } ++ ++ newstate->ngroups = 0; ++ newstate->group = (char **)xmalloc(ngroups * sizeof(char *)); ++ while (ngroups--) { ++ if (pwd || groupids[ngroups] != gid) { ++ if ((grp = getgrgid(groupids[ngroups]))) { ++ newstate->ngroups++; ++ newstate->group[newstate->ngroups-1] = xstrdup(grp->gr_name); ++ } ++ } ++ } ++ ++err: ++ if (groupids) free(groupids); ++ ++#else /* !HAVE_GETGROUPLIST */ + setgrent(); + while ((grp = getgrent())) { + for (mem = grp->gr_mem; *mem; mem++) { +@@ -254,6 +299,8 @@ static struct auth_state *mynewstate(con + } + } + endgrent(); ++#endif /* HAVE_GETGROUPLIST */ ++ + return newstate; + } +