ryan@nardis.ca wrote:
Full_Name: Ryan Tandy Version: master, 2.4 OS: Debian URL: Submission from: (NULL) (24.68.37.4)
Thanks, pushed to git master.
updating the copied nss-pam-ldapd files:
ftp://ftp.openldap.org/incoming/20150405_rtandy_nssov-update-nss-pam-ldapd-files-to-0.9.4.patch
updating nssov for those changes, see commit msg for details:
ftp://ftp.openldap.org/incoming/20150405_rtandy_nssov-update-to-protocol-version-2.patch
while I'm in the code anyway, cleaning up a few compiler warnings (that were already there, I didn't introduce them :P). Cosmetic stuff: unused variables, return-type (void/non-void) mismatches, a couple of undeclared prototypes.
ftp://ftp.openldap.org/incoming/20150405_rtandy_nssov-clean-up-some-compiler-warnings.patch
Please note, the protocol change breaks backwards compat with older versions of the client libraries (per nss-pam-ldapd/README).
Tested on Linux. No idea about Solaris etc, sorry.
The DN field was removed from the pam protocol, so uid lookup happens on every connection now. I couldn't think of a safe way to avoid that; suggestions welcome.
--
(the following statements apply to patches 2 and 3 only; patch 1 is copied from work by Arthur de Jong, licensed LGPLv2.1)
The attached patch files are derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the preceding patches were developed by Ryan Tandy ryan@nardis.ca. I have not assigned rights and/or interest in this work to any party.
I, Ryan Tandy, hereby place the preceding modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice.