Merge branch 'master' of ssh://vparabola/home/parabola/abslibre-pre-mips64el

Conflicts:
	community-testing/hostapd/PKGBUILD
	community-testing/hostapd/config.bz2
	community-testing/hostapd/hostap_allow-linking-with-libnl-3.2.patch
	community-testing/hostapd/hostapd
	community-testing/hostapd/hostapd.conf.d
	community-testing/hostapd/hostapd.install
	community-testing/ipvsadm/PKGBUILD
	community-testing/ipvsadm/ipvsadm.conf
	community-testing/ipvsadm/ipvsadm.rc
	community-testing/ipvsadm/ipvsadm.rules
	community-testing/keepalived/PKGBUILD
	community-testing/keepalived/ip_vs_moved.patch
	community-testing/keepalived/keepalived.conf
	community-testing/keepalived/keepalived.rc
	community-testing/knemo/PKGBUILD
	community-testing/knemo/knemo.install
	community-testing/simh/LICENSE
	community-testing/simh/PKGBUILD
	community-testing/simh/simh.install
	community/fityk/PKGBUILD
	community/ruby-gtk2/PKGBUILD
	community/sage-mathematics/PKGBUILD
	community/xylib/PKGBUILD
	core/kmod/0001-libkmod-module-probe-fix-infinite-loop-with-softdeps.patch
	extra/kradio/PKGBUILD
	extra/phonon-gstreamer/PKGBUILD
	extra/phonon-vlc/PKGBUILD
	testing/bluez/PKGBUILD
	testing/bluez/bluetooth.conf.d
	testing/bluez/fix-a2dp.patch
	testing/bluez/rc.bluetooth
	testing/crda/PKGBUILD
	testing/crda/crda.install
	testing/crda/crda.rc
	testing/crda/libnl32.patch
	testing/iw/PKGBUILD
	testing/kismet/PKGBUILD
	testing/kismet/kismet.changelog
	testing/kismet/kismet.install
	testing/libnl/PKGBUILD
	testing/libnl1/PKGBUILD
	testing/libnl1/fix-compilation.patch
	testing/libpcap/PKGBUILD
	testing/libpcap/libnl32.patch
	testing/net-snmp/PKGBUILD
	testing/net-snmp/libnl32.patch
	testing/net-snmp/snmpd.confd
	testing/net-snmp/snmpd.rc
	testing/networkmanager/NetworkManager.conf
	testing/networkmanager/PKGBUILD
	testing/networkmanager/disable_set_hostname.patch
	testing/networkmanager/networkmanager.install
	testing/ntrack/PKGBUILD
	testing/ntrack/libnl3.patch
	testing/wpa_supplicant/PKGBUILD
	testing/wpa_supplicant/config
	testing/wpa_supplicant/dbus.patch
	testing/wpa_supplicant/hostap_allow-linking-with-libnl-3.2.patch

5 files changed, 81 insertions, 111 deletions

diff --git a/core/shadow/PKGBUILD b/core/shadow/PKGBUILD
index e46251076..79fe34f29 100644
--- a/core/shadow/PKGBUILD
+++ b/core/shadow/PKGBUILD
@@ -1,10 +1,10 @@
-# $Id: PKGBUILD 144463 2011-12-06 10:57:36Z dreisner $
+# $Id: PKGBUILD 150333 2012-02-16 23:20:09Z dreisner $
 # Maintainer: Dave Reisner <dreisner@archlinux.org>
 # Maintainer: Aaron Griffin <aaron@archlinux.org>
 
 pkgname=shadow
-pkgver=4.1.4.3
-pkgrel=5
+pkgver=4.1.5
+pkgrel=3
 pkgdesc="Password and account management tool suite with support for shadow files and PAM"
 arch=('i686' 'x86_64' 'mips64el')
 url='http://pkg-shadow.alioth.debian.org/'
@@ -17,15 +17,26 @@ backup=(etc/login.defs
         etc/pam.d/{chfn,chgpasswd,groupmems,chsh}
         etc/default/useradd)
 options=('!libtool')
-install=shadow.install
-#http://pkg-shadow.alioth.debian.org/releases/shadow-$pkgver.tar.bz2
-# shadow 4.1.4.3 is just shadow 4.1.4.2 with shadow_CVE-2011-0721.patch applied
-source=(ftp://ftp.archlinux.org/other/shadow/shadow_4.1.4.2+svn3283.orig.tar.gz
-        adduser chgpasswd chpasswd defaults.pam login login.defs newusers
-        passwd shadow.cron.daily useradd.defaults LICENSE
-        xstrdup.patch shadow_CVE-2011-0721.patch shadow-strncpy-usage.patch
+install='shadow.install'
+source=("http://pkg-shadow.alioth.debian.org/releases/$pkgname-$pkgver.tar.bz2"{,.sig}
+        LICENSE
+        adduser
+        chgpasswd
+        chpasswd
+        defaults.pam
+        login
+        login.defs
+        newusers
+        passwd
+        shadow.cron.daily
+        useradd.defaults
+        nscd-error-reporting.patch
+        xstrdup.patch
+        shadow-strncpy-usage.patch
         shadow-add-missing-include.patch)
-sha1sums=('8b704b8f07718e329205f23d457c3121c0f3679e'
+sha1sums=('3ab1ae0e30af36d04445314fcb5a079bdf05de41'
+          '0a31aafceb948a91fe7370a6378cafd6fd883145'
+          '33a6cf1e44a1410e5c9726c89e5de68b78f5f922'
           '78ec184a499f9708adcfcf0b7a3b22a60bf39f91'
           '4ad0e059406a305c8640ed30d93c2a1f62c2f4ad'
           '12427b1ca92a9b85ca8202239f0d9f50198b818f'
@@ -36,39 +47,42 @@ sha1sums=('8b704b8f07718e329205f23d457c3121c0f3679e'
           '611be25d91c3f8f307c7fe2485d5f781e5dee75f'
           '5d83ba7e11c765c951867cbe00b0ae7ff57148fa'
           '9ae93de5987dd0ae428f0cc1a5a5a5cd53583f19'
-          '33a6cf1e44a1410e5c9726c89e5de68b78f5f922'
+          'ae6eebb842c433ac4022c493294a13ed68e06acc'
           '6010fffeed1fc6673ad9875492e1193b1a847b53'
-          '6bfe6528391eb38d338beacedd620407877b637d'
-          '9db9e62ad173f31e1039121c0124cf60826ffd7e'
+          '21e12966a6befb25ec123b403cd9b5c492fe5b16'
           '0697a21f7519de30821da7772677035652df4ad2')
 
 build() {
-  cd "$srcdir/$pkgname-4.1.4.2+svn3283"
+  cd "$pkgname-$pkgver"
+
+  # avoid transitive linking issues with binutils 2.22
+  sed -i '/^user\(mod\|add\)_LDADD/s|$| -lattr|' src/Makefile.am
 
-  #Ugh, force this to build shared libraries, for god's sake
-  sed -i "s/noinst_LTLIBRARIES/lib_LTLIBRARIES/g" lib/Makefile.am
-  libtoolize
-  autoreconf
-  export LDFLAGS="$LDFLAGS -lcrypt"
+  # link to glibc's crypt(3)
+  LDFLAGS+=" -lcrypt"
 
-  patch -p1 -i "$srcdir/xstrdup.patch"
-  patch -p1 -i "$srcdir/shadow_CVE-2011-0721.patch"
-  patch -p1 -i "$srcdir/shadow-strncpy-usage.patch"
-  patch -p1 -i "$srcdir/shadow-add-missing-include.patch"
+  patch -Np1 <"$srcdir/xstrdup.patch"
+  patch -Np1 <"$srcdir/shadow-strncpy-usage.patch"
+  patch -Np1 <"$srcdir/shadow-add-missing-include.patch"
+  patch -Np1 <"$srcdir/nscd-error-reporting.patch"
 
   # supress etc/pam.d/*, we provide our own
   sed -i '/^SUBDIRS/s/pam.d//' etc/Makefile.in
 
   ./configure \
-    --prefix=/usr --libdir=/lib \
-    --mandir=/usr/share/man --sysconfdir=/etc \
-    --enable-shared --disable-static \
-    --with-libpam --without-selinux
+    --prefix=/usr \
+    --libdir=/lib \
+    --mandir=/usr/share/man \
+    --sysconfdir=/etc \
+    --with-libpam \
+    --without-selinux
+
   make
 }
 
 package() {
-  cd "$srcdir/$pkgname-4.1.4.2+svn3283"
+  cd "$pkgname-$pkgver"
+
   make DESTDIR="$pkgdir" install
 
   # license
@@ -87,11 +101,9 @@ package() {
   install -Dm644 "$srcdir/login.defs" "$pkgdir/etc/login.defs"
 
   # PAM config - custom
-  install -Dm644 "$srcdir/login" "$pkgdir/etc/pam.d/login"
-  install -Dm644 "$srcdir/passwd" "$pkgdir/etc/pam.d/passwd"
-  install -Dm644 "$srcdir/chgpasswd" "$pkgdir/etc/pam.d/chgpasswd"
-  install -Dm644 "$srcdir/chpasswd" "$pkgdir/etc/pam.d/chpasswd"
-  install -Dm644 "$srcdir/newusers" "$pkgdir/etc/pam.d/newusers"
+  install -dm755 "$pkgdir/etc/pam.d"
+  install -t "$pkgdir/etc/pam.d" -m644 "$srcdir"/{login,passwd,chgpasswd,chpasswd,newusers}
+
   # PAM config - from tarball
   install -Dm644 etc/pam.d/groupmems "$pkgdir/etc/pam.d/groupmems"
 
diff --git a/core/shadow/nscd-error-reporting.patch b/core/shadow/nscd-error-reporting.patch
new file mode 100644
index 000000000..a4075756e
--- /dev/null
+++ b/core/shadow/nscd-error-reporting.patch
@@ -0,0 +1,17 @@
+diff --git a/upstream/trunk/lib/nscd.c b/upstream/trunk/lib/nscd.c
+index 227c205..7adb58f 100644
+--- a/lib/nscd.c
++++ b/lib/nscd.c
+@@ -39,8 +39,11 @@ int nscd_flush_cache (const char *service)
+ 		/* nscd is not installed, or it is installed but uses an
+ 		   interpreter that is missing.  Probably the former. */
+ 		return 0;
++	} else if (code == 1) {
++		/* nscd is installed, but it isn't active. */
++		return 0;
+ 	} else if (code != 0) {
+-		(void) fprintf (stderr, _("%s: nscd exited with status %d"),
++		(void) fprintf (stderr, _("%s: nscd exited with status %d\n"),
+ 		                Prog, code);
+ 		(void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+ 		return -1;
diff --git a/core/shadow/shadow-strncpy-usage.patch b/core/shadow/shadow-strncpy-usage.patch
index 46df74ace..5aba8fa01 100644
--- a/core/shadow/shadow-strncpy-usage.patch
+++ b/core/shadow/shadow-strncpy-usage.patch
@@ -1,27 +1,25 @@
-diff -ur shadow-4.1.4.3.orig/src/login.c shadow-4.1.4.3/src/login.c
---- shadow-4.1.4.3.orig/src/login.c	2011-03-05 22:17:10.032524948 -0800
-+++ shadow-4.1.4.3/src/login.c	2011-03-05 22:17:59.154342059 -0800
-@@ -748,8 +748,9 @@
- 			          sizeof (loginprompt),
+diff -u shadow-4.1.5/src/usermod.c.orig shadow-4.1.5/src/usermod.c
+--- shadow-4.1.5/src/usermod.c.orig	2012-02-13 08:19:43.792146449 -0500
++++ shadow-4.1.5/src/usermod.c	2012-02-13 08:21:19.375114500 -0500
+@@ -182,7 +182,7 @@
+ 	struct tm *tp;
+ 
+ 	if (date < 0) {
+-		strncpy (buf, "never", maxsize);
++		strncpy (buf, "never", maxsize - 1);
+ 	} else {
+ 		time_t t = (time_t) date;
+ 		tp = gmtime (&t);
+diff -u shadow-4.1.5/src/login.c.orig shadow-4.1.5/src/login.c
+--- shadow-4.1.5/src/login.c.orig	2012-02-13 08:19:50.951994454 -0500
++++ shadow-4.1.5/src/login.c	2012-02-13 08:21:04.490430937 -0500
+@@ -752,7 +752,8 @@
  			          _("%s login: "), hostn);
  		} else {
-+		        loginprompt[sizeof (loginprompt) - 1] = '\0';
  			strncpy (loginprompt, _("login: "),
 -			         sizeof (loginprompt));
 +			         sizeof (loginprompt) - 1);
++			loginprompt[sizeof (loginprompt) - 1] = '\0';
  		}
  
  		retcode = pam_set_item (pamh, PAM_USER_PROMPT, loginprompt);
-diff -ur shadow-4.1.4.3.orig/src/usermod.c shadow-4.1.4.3/src/usermod.c
---- shadow-4.1.4.3.orig/src/usermod.c	2011-03-05 22:17:10.029191265 -0800
-+++ shadow-4.1.4.3/src/usermod.c	2011-03-05 22:18:42.665576968 -0800
-@@ -182,7 +182,8 @@
- 	struct tm *tp;
- 
- 	if ((negativ != NULL) && (date < 0)) {
--		strncpy (buf, negativ, maxsize);
-+	        buf[maxsize - 1] = '\0';
-+		strncpy (buf, negativ, maxsize - 1);
- 	} else {
- 		time_t t = (time_t) date;
- 		tp = gmtime (&t);
diff --git a/core/shadow/shadow.install b/core/shadow/shadow.install
index e990bfe39..14384c333 100644
--- a/core/shadow/shadow.install
+++ b/core/shadow/shadow.install
@@ -2,7 +2,7 @@ post_upgrade() {
   grpck -r >/dev/null 2>&1
   if [ $? -eq 2 ]; then
     printf '%s\n' \
-      "==> Warning: /etc/group or /etc/gshadow are inconsistant." \
+      "==> Warning: /etc/group or /etc/gshadow are inconsistent." \
       "    Run 'grpck' to correct this."
   fi
   return 0
diff --git a/core/shadow/shadow_CVE-2011-0721.patch b/core/shadow/shadow_CVE-2011-0721.patch
deleted file mode 100644
index eb9ad80a2..000000000
--- a/core/shadow/shadow_CVE-2011-0721.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-Goal: Input sanitization for chfn and chsh
-
-Fixes: CVE-2011-0721
-
-Status wrt upstream: Already applied upstream (4.1.4.3)
-
---- a/src/chfn.c
-+++ b/src/chfn.c
-@@ -551,14 +551,14 @@
- static void check_fields (void)
- {
- 	int err;
--	err = valid_field (fullnm, ":,=");
-+	err = valid_field (fullnm, ":,=\n");
- 	if (err > 0) {
- 		fprintf (stderr, _("%s: name with non-ASCII characters: '%s'\n"), Prog, fullnm);
- 	} else if (err < 0) {
- 		fprintf (stderr, _("%s: invalid name: '%s'\n"), Prog, fullnm);
- 		fail_exit (E_NOPERM);
- 	}
--	err = valid_field (roomno, ":,=");
-+	err = valid_field (roomno, ":,=\n");
- 	if (err > 0) {
- 		fprintf (stderr, _("%s: room number with non-ASCII characters: '%s'\n"), Prog, roomno);
- 	} else if (err < 0) {
-@@ -566,17 +566,17 @@
- 		         Prog, roomno);
- 		fail_exit (E_NOPERM);
- 	}
--	if (valid_field (workph, ":,=") != 0) {
-+	if (valid_field (workph, ":,=\n") != 0) {
- 		fprintf (stderr, _("%s: invalid work phone: '%s'\n"),
- 		         Prog, workph);
- 		fail_exit (E_NOPERM);
- 	}
--	if (valid_field (homeph, ":,=") != 0) {
-+	if (valid_field (homeph, ":,=\n") != 0) {
- 		fprintf (stderr, _("%s: invalid home phone: '%s'\n"),
- 		         Prog, homeph);
- 		fail_exit (E_NOPERM);
- 	}
--	err = valid_field (slop, ":");
-+	err = valid_field (slop, ":\n");
- 	if (err > 0) {
- 		fprintf (stderr, _("%s: '%s' contains non-ASCII characters\n"), Prog, slop);
- 	} else if (err < 0) {
---- a/src/chsh.
-+++ b/src/chsh.c
-@@ -528,7 +528,7 @@
- 	 * users are restricted to using the shells in /etc/shells.
- 	 * The shell must be executable by the user.
- 	 */
--	if (valid_field (loginsh, ":,=") != 0) {
-+	if (valid_field (loginsh, ":,=\n") != 0) {
- 		fprintf (stderr, _("%s: Invalid entry: %s\n"), Prog, loginsh);
- 		fail_exit (1);
- 	}