Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 26 Sep 2008 21:33:56 -0700 (PDT)
From:      "Eugene M. Kim" <gene@nttmcl.com>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/127675: [patch] net/nss_ldap version 259, with fix for pw_{change, expire} overflow
Message-ID:  <200809270433.m8R4XuLO020815@doughboy.nttmcl.com>
Resent-Message-ID: <200809270440.m8R4e0nN008414@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         127675
>Category:       ports
>Synopsis:       [patch] net/nss_ldap version 259, with fix for pw_{change,expire} overflow
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Sat Sep 27 04:40:00 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Eugene M. Kim <gene@nttmcl.com>
>Release:        FreeBSD 6.2-STABLE i386
>Organization:
NTT Multimedia Communications Laboratories, Inc.
>Environment:
System: FreeBSD doughboy.nttmcl.com 6.2-STABLE FreeBSD 6.2-STABLE #7: Fri Sep 21 12:22:16 PDT 2007 gene@bbq.nttmcl.com:/home/FreeBSD/build/RELENG_6/obj/home/FreeBSD/build/RELENG_6/src/sys/DOUGHBOY i386
>Description:
Attached is the updated port for net/nss_ldap version 259.

This port also includes a fix for pw_{change,expire} overflow/wraparound
bug, which is triggered when shadowMax LDAP attribute set to 99999, a
conventional "password never expires" value.

With the fix, when the calculated value of pw_{change,expire} exceeds
the range of time_t, the value is reset to 0, effectively meaning
"(password or account) never expires".  This makes sense because the
system clock (of type time_t) will wrap around before ever reaching the
calculated value.

The port was tested with OpenLDAP 2.3.
>How-To-Repeat:
>Fix:
Replace the net/nss_ldap directory with the contents of the tarball
below:

begin 644 nss_ldap-1.259.tar.bz2
M0EIH.3%!629362_:$:X`%MQ_\/^P`,!______^___O_OW_J4````A`0`2&`5
M+WGOO;?7OIOO1IVZJ]WM\^>=WMGW?>WO"GKK;U4[M!R95K[E?=GU]V^GN.[)
M8@5W;IZUW=MEGW>Y"!+PDD0"9)M3&FDT--&35/4_4TQE)ZGIIJ,FC:1ZGJ/2
M,GHT3:3:30T>H,B`$R"9-1IHIIZ0-M)!IH#30/4&@`:````#()I-30*,GLJ'
MDF&IIH:`#:@T!H`T`````"32B1-33)DF3">@C)B:--'J-`:`#0&@``&@`"*0
M@)B)DQ)C13TR9,J?JGZ:H_2GI/4]0:;*>H#(`-!Z@R>H&@D2$`(!&%3QE-38
M5/33U39,4T-J:#30T`]0:#)H`!V]*1[4AW5U?JO1^[>S&6\B#YR8>5I##F3)
M`-90",X%.KM+.P["?;?:"F2E.*R]&HA2$%@2,P[`D%2#!C'#2(F"=DXI,X(E
M)R"Q11C1Q/$NO`8@^*Z'"W5*FM*Q=(7U&VVVJJ*DG)RX=`5(N("I:&!8M1@0
MLE(E-,G@RE)I5-!\XT5SJ!^YP]']WY_1\%7G%[`,Y)\8]IA#A@$,UYH.[CX>
M*6'WS2*K/>EMPJ10;3GTBIY$O)G<$[WW:#K-GH:WAKA-;4#V8PLT%%P(*@Q;
M:HT)A*&,U^SQ<*R\J&_5U[?I[LPM-KU.".<SO5U4*FV-@Z""L<C+-#1%R-EX
MPX(YW5KX>^G8W._'(!F(F8!+PH/C-,N7BA6Z-+U/7T6*U_2]3.EY`VV-IF_Z
M+N_L/>?;K>]WLYYFV5C$+^V)N/M,YH=>>$AA%B@IM!+P%/2IQPI[4.XD*30&
MI^%P&6<FS)OGXE#<9%DUA`G:\PU9,64M*UHA@>3<YRIA64&W"<8`:BJ[^LIT
MBA#&K.NY1ICE$E)DK;YM=S]',8)!VD0*,072=5T>!8:H#>R=V3N/JBH!#ZZC
M;&D%8-LW4/5WN9L-</I0U8-&IT'1RY'D#IG?O4D;_T<%5$8"P`X^8D]MB^$"
MH*E'#DP^#OG$W&W&]^EX1=]!L6"YKW32Q.+A6JKQ%+F0=[`Q3KL,W$-AW<]Y
M=Z+*3)CP.4$DOV2OFL0:Q+)&^.)<XW>+'-2.K%?9N3:Q(5?N8(4\QL$*C.J'
M,QGQ(@D3I"N(DO,J6IS5W?'64F8W$"92UD!JVOIV]6_?5S6+KS/<BG@13I^F
M+3T28?ACGCX',S,ZB,^;5L[[;_#I$'&DB_\)P)!A.T[73ID5ZW5'3T;!:JQ[
MNSR5MHN,BP&N*9F9F2@6";:.!11%5BBC11ODT>EO;^UZDVM9GT75+ES85_H,
MF=6;QV=]NG`6"NUM.(9))@\\)T@TFPO32Z_P9AN7QYFZ@MUQRD%!?)C1BU6'
M8IQV)Z13RI82UW(L5L`MG)HRZ9BKM$J6PC0>6DY`<^'/*3,)*#.7/VK81@.R
MUE#YW1@FSG&B"=(S\0=1(&ARB8A3$<GBJ^%Z.KHX%]YU&Y.?BI,D-+34<9FK
M"H)-*+L\A6Z-&Z7B0WOQH_F5M*HMU;\`0XP"&T&,U%D0($>AD](8A(AB&7#?
MM^@PS&[B<IW(>?USQ$Q6OID.<.YL))WP?XV'3YE#.0JCDL/8$/4>48[F##UH
M$#F].YJ^2CECCA+3VG@>S<RAYW^<6^X#S,A8L>]@SPYB'$FFPCO+-?&PV!$D
M(]2-9=@)(.2\B1%DA"C*-=D>8=R@0EBA`TS"S5Y...#J7XJ`X5_IZVF_=49*
M7NLW4::9^\-)>;AW0\BHVPH@4/X-\,*P-@%<%:S^A:C>OFK]]M[%SA=N^3%&
MA.]0H40Q\2O-+$@:H3.&$!66%C"\.G-T'E:&#:&M#=CBT:>$!(;LGOR=/!."
M)*Q@P7AD(<-98@PI!@:]Y=F_\,+QS0S3)`YH&0.WTNBU5>=,6(B)Q*+2]+P\
M3)VI1+U:E\4Y#[:L&;DLK1V+$T+SAI29R@8`6<!V$IA99M7`BZ5=.R=(UY>-
MR]2$&N>3H\?CW'-DYGQD<2AHE6Q/6*GP[*$>`&(G!]895]J#J'?>=DF9T.AF
M'M0M/(<-`L=K&]3PJSM*M?1$AQ'!8RJ`QTG`-H3$QFQ.5='"Y5!A"#`<UR>M
M@R3&@<5B;4GD,U#AK"(%3/RL[Z+#$*H@*8["!4A*KJ!1N`PB&-,">!91VYB5
M6'4C@SN2XZMLU#OH&VZ92J.L3TDZ*U9L/W1$6$V^!P;;>9O/Y38X=PQ;-DJM
M67ORSD&\PWXZA<);IQ`RV$>AG(JJ*(K.4I>HO0:00'#3IU:BL[P@@3NLHUD=
MUR*W#"*_(I^U2%2SB8Y?%S>WR^-S>WK]]I4(&0PRN3I%7(](N7$NY)=&MQ*7
M"JI`929FV@D1S@4#NCL7*E;P<G[7=>1(=(+,3DSC>.%,/%%BJ,-C-1TY6)B&
MD\,6<#2]F?2RY#1RV2NR5U13&!OE=L:^NCZX&8G&3)QM2#>V`^+G&J+,7M&9
M0(4$ZVK!T7/8.Q>%>.HG(6!U?R^_8%@B.2899<M8&&HVCA:?%L5G$NVZN9W-
M^R!L8MBJ@=R]E<Y,FYJ2]"42<0BF^Y`@,3G0LX2:S$Y(&($DA>:+&:NI/1^;
M;K@9;!*8L/-ND(QOT+G!L..S&UE#-`YB,4#GM3/&3G6%FSI,KD&[0_RP2R^,
M15!,-FI`92,HA+=T85DU'1(E5D%IA$TLF*HH-9DJX)8Q8\*JM<J)7H?<US$H
MK"D<JT;Q<E]IH9/"X8#&I?$V;3%1)`TI/3,V#1Q\&_O,[KXL]X'F:9QLMH*U
M<U9]2EKQ3KP/,1%,PO;QVH,R@D++H4*B*%!=HV(0]IY[Q8#D4]+2^*F?QV?I
MO85U-5&51=*E(54!0:2)LX(7D:7BN3]GWO7*T.7\'&&5"ZV0M`#",K.;ULG,
M`I0N&4Q/9^.L:^E_!^&%+`^JA`:_B+(`/43HAF0VO4^<K(CHUH?"WG8OI?#2
MB%J3=D9XG5BZ%"A[U#JL#S(E+Q*5A_GT#_AR7F%LM20EKA(PTWF`G/\K[[]*
MVN>3:%921L'H)+1;YUL7SXH+E&F2(.;2`IUA.F80T1(RY_=*T?3*K,\9LC(-
MR2-T3:*8,U25X\K)-#2J_2-EZ:T8#'#3EK]\I4U\J.4SWU\HQ`6J`-V2PC')
MLL>,'R`)1&BZJP@3Y(%2#@!*X;*X6Q#>+;:"9Q++:*TK&%O#8!AI81>=CX=_
M[[A;_'.JAB%,4I&W=A,2JN$N;:)HUF(Y@H,QX!*%.<B?+NWG.;QK+Q"S&0NV
MO1E/(W,D=L%FDT"9N6\:OY3D*E628T3W>CT[\J\^.I;19K]M8I;6*O(4UNQP
M,3&:78UP-]4KK3@)K<O'HS)HGR[<V&R+<(\.;?<==M:%+)(8OS:7N@S#-U#9
M6![2MV2%.N!0*H>D5(XSZM\Y6)(HRVHU[!H4Q%8*IP+1*,"R5K*A/J2)`&!,
M4T/IUIZ9<`1A4]2R(3(43A&`Z+J*D-*)7Q#&TA4T=17/6.:.W^R@1%`A:!A;
MBC$AK:6[=VU,V6&M3(KT`983,.-6*)>VG`K!+<(EB(88QA.#7MMS%BD*`+$R
MOA8H"N*89Q[!S*ED;V\FAVY!;*:R.IL+0,8*A9HN].20SG1BBUH=F2B;YGM2
M9`E<$23J4YV34.+D+*9(3GD84:%NQHJ30G`K`9FNA#]=AB-LH!U-CS1B<!%E
M\;;G14)PX\/#F&:O`Z)SQ#'K"]&QNL;A&NK,A5SP[O,ODB@@V?C]AZ_NK(V:
M+94*"UF9,F;*+(795J1RDPG9!#1Q+(*!=.LBJ`?A)"A6!01`9#R0$06C.%I8
M(L*5+ERA1118HHJBBP44VP]DAZL+#T=X_G-PB>`M;4PP_;5K>:C1AAA@8(&%
MAAAAAK0$N8#J$3U='SRED*YR!N+GN[O%O4[NEMTTSG-ME*42B)1JT*4HDBDV
MMAAAA<5"8%"%#[EQ]3!21:W'KL_+0]4@[:B26X$%&%\Y-V/#*=V36'8^15&L
M\K"=@R`#'06,:RHMDGY!?QYD:M<+6>_,/64-D0`B0L"\O:SHGT<B3=8D@1;%
M*@6`T2-@DW`L+<N#!L2X>BRY3I)4$3!8"!ZX;^"A83-&3*+0T(<"`%&N<=0)
M4([W?W9HC4'SV*=]V%E3#YIM`:E]YI^?VUQ6<W]DHR-;NAHE!VJ'*ED009H6
M(%#,DS5SN(1&EQYLA2,<S3#7;T/$KZB9NRTZ@"^+2;&>Y$#9S)BD,!L"LH0N
MLV"F=B`STYE8(DI)H@TW/[*5!$&!BLBYKE@DM[>%,J.43ACQR)@8ZAJYS00U
MI<2:N/=,<OGZO6-H@?P05Z!RV"X7JYT#,U!.W5Q:!=6IMQ^#GO+,VS?9%`*Z
M@*Q>!#TGNO;GM(KT:BN:,<,XD2B7=J.NUPG)5'9I,,\=%EH@@)7!E+MI+`Q#
M"05#-#16YV!07U?-Y/<NH97G$68N&VVVBA/,*!L:"4VVY[8S.O5=-$(YY5V$
M16=&!5:PKE1*5H+6M^84!S5!*EH+^O?9Z;ZAY`C-O5WB.P87WWPI$QALD.IN
MBB(B,1$;2B(B(BK!!MES):C&;@+`\:F_#+D=$D<'N];(?,>9B3@FN@YW=\K/
M/+T!OSOBY3SR%OV%=_,<^L3%"`ZF#.*[TM3)2Q`:!1OK"202F!"!5H/DG;(E
M@ZV._KD1!A]E''6VL*])!Y&9)[4I/$(.SV>F5OF]'\?/;>=6ONSM5!=W@+NJ
MJ4Q'4;'8,3"Q7,MUJHNQ6FV2"R7'.J8A=B5U[F'<4$3]TK5M0(9I.#C'8$B(
M;J406#;*P$0J42(A3(&38?)L)N<@YXB*J,A-J=O)CL:@/-FS)VE'`#110H3E
M3LSERS;G5`=1/;$!$BP^*1N:/."G`R&E\;2"P%G'!C%_'W0/+4.#S'AB+K8>
M`0,8VVQC)V>UO6!\^/A)^J!E%';EZD<UP7K:)@:CVX0$!-BV%W?$!;#!02J1
M0LW;3L?;9J$,-0TAOO37>#,QI#!!@VV/G&3V>)AYT)V'<>2##J6"T]!9!K01
M7NS@C+>A\=E$NJF@I/:M21)R%Q$PY!HO.Q9C)9U'7.BPWM]W;*BE:RH"SH9F
MTT5@I%4Q`K+L^EN,(C:#1!0Z@Q:1@194@>6!,<&C+A9JV,3L1-<ML!]W6&!Q
MJ<B2\(8$`+,3YKA"EBA,),`$SBG9P1Y6&L4V)H@>5I0WYX4=1=%1-#&"9(0A
MD1A0N*BU77A6M%@-/X;\Z"PEI-":0E-8T7.`W88F=7/1$16V,VGI1CG'KD*!
MA<@-6!>Y0)0P/V8S#1?'#RZFZ:$(IZQPG>","#1/2%;`7$J4U[=.1!8<S#(N
MT5B$6CT20JF![D&&%W;\G_+M]?;1VV4A'JH7P>?3L[Z)!K-)SI'`1Q8-#3&)
MIK<T+HD!@0F`81+8!1Z#(%!Z?.W)UIU88;G$7'OV#"KP#P1I5Y\M/>$,7DPP
M(5LR$A&9!V&:031,7";-3.C4`[,P'\H\I'<DB7>/RP:UBT@#40L\_LLJMX7:
M3A@CMJ*XKH#-K']C:ZD0.*RPW0%C!E%DD-FU49%(',,P-)-0=AF-W+)^[!6(
MDPNF1X!IR/FB<(UE@:B2\T[;D;LA;X7XB2E\UO!G@RZ&QO<_K02E3!3JF`88
M95&0G0X"3"<;P9C`I`=XZTTH99I"&B!HA=`:30N28)4EE$Q-+C%"G)VL]`P&
M)4)U,I80STX"Y1*;8LE9:;<`6S.5*%.%]*JS)4%(H]7'7M=.='`")!.HOF;"
M-0U(V(9`MGK4]V:=01`2++!76Q!"7(7J,C#XJR9"&[JA04BIB"DX5'5&9HSP
MHA8DPW]PM.F.`B>C_-FAJX(7B4=RS"N<H[*#P:Y>3MFN$DFZ,05I]IQ[GK+:
MRN7)'D6>>>[I=;S**NHUC$QA5!Y$J-"8_-F#(YFX#I(#5BWS,YDN@\=*L[D"
MH56H2""0\;-3B*2"@ZE/CR+RX8[,4T"Q*8IR+T@PYR`4*92BA?$,(D0G0C``
M?,(W%.N=21G,&BR3]<R8K43@$HTBX)B\K*4"BJ!I&^%TI!R*3DJZ3O:07)A(
M:"""`("$H*O';<]1%*0718JHN0!15`$)+K(@E4B<;;Z&8@%@E@7A.<U*HF+U
ML&A'2-=YB2$"[1!=!6T@(5-^CQE/CH:AKPLMC*!U2P,?)R<AD8C[$YICITF(
MP=1O(!OYS2*431XM551,WB]+A@0(3@Y,B.?/KOO%,4#H1;_.!/RI6KR$6J&[
M'Q[3=/("SL24.T?9"#,A"I\ZD;^P,3X(>DG;6CL2YF:B'KJ*B>PF\4HDKT'.
M0!"#0#`#_R1W64H$*XJ03F8$@+#@<C,<87S&0F-!8Q+/4:&XZ1;`\L(>4M2P
M,Y$/"RQ!.T-\.F$B)*G6B1^3>^2;AS1JGEFCT<721I(]T]CJ>#WL43($O_%W
))%.%"0+]H1K@
`
end
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200809270433.m8R4XuLO020815>