summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFabian Groffen <grobian@gentoo.org>2020-06-08 10:05:57 +0200
committerFabian Groffen <grobian@gentoo.org>2020-06-08 10:06:10 +0200
commit6a18f75bc0b98b1bc66844c82d5eee10eac9dfd7 (patch)
tree1fa91c0465f6ab4788b85aa02136423ca5d58127 /mail-mta
parentmail-mta/exim-4.94: add warning about local_part being renamed (diff)
downloadgentoo-6a18f75bc0b98b1bc66844c82d5eee10eac9dfd7.tar.gz
gentoo-6a18f75bc0b98b1bc66844c82d5eee10eac9dfd7.tar.bz2
gentoo-6a18f75bc0b98b1bc66844c82d5eee10eac9dfd7.zip
mail-mta/exim-4.94-r1: fix PAM expansion, bug #727310
Closes: https://bugs.gentoo.org/727310 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Fabian Groffen <grobian@gentoo.org>
Diffstat (limited to 'mail-mta')
-rw-r--r--mail-mta/exim/exim-4.94-r1.ebuild (renamed from mail-mta/exim/exim-4.94.ebuild)1
-rw-r--r--mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch35
2 files changed, 36 insertions, 0 deletions
diff --git a/mail-mta/exim/exim-4.94.ebuild b/mail-mta/exim/exim-4.94-r1.ebuild
index cc977b34b9a..52358f32bef 100644
--- a/mail-mta/exim/exim-4.94.ebuild
+++ b/mail-mta/exim/exim-4.94-r1.ebuild
@@ -114,6 +114,7 @@ src_prepare() {
eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
eapply "${FILESDIR}"/exim-4.94-localscan_dlopen.patch
+ eapply -p2 "${FILESDIR}"/exim-4.94-taint-pam-expansion.patch # drop on NR
if use maildir ; then
eapply "${FILESDIR}"/exim-4.94-maildir.patch
diff --git a/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch b/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch
new file mode 100644
index 00000000000..81863d340ed
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch
@@ -0,0 +1,35 @@
+From f7f933a199be8bb7362c715e0040545b514cddca Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Tue, 2 Jun 2020 14:50:31 +0100
+Subject: [PATCH] Taint: fix pam expansion condition. Bug 2587
+
+---
+ doc/doc-txt/ChangeLog | 5 +++++
+ src/src/auths/call_pam.c | 5 ++---
+ 2 files changed, 7 insertions(+), 3 deletions(-)
+
+modified for gentoo so the patch applies by dropping Changelog part
+
+diff --git a/src/src/auths/call_pam.c b/src/src/auths/call_pam.c
+index 2959cbbf3..80bb23ec3 100644
+--- a/src/src/auths/call_pam.c
++++ b/src/src/auths/call_pam.c
+@@ -83,8 +83,7 @@ for (int i = 0; i < num_msg; i++)
+ {
+ case PAM_PROMPT_ECHO_ON:
+ case PAM_PROMPT_ECHO_OFF:
+- arg = string_nextinlist(&pam_args, &sep, big_buffer, big_buffer_size);
+- if (!arg)
++ if (!(arg = string_nextinlist(&pam_args, &sep, NULL, 0)))
+ {
+ arg = US"";
+ pam_arg_ended = TRUE;
+@@ -155,7 +154,7 @@ pam_arg_ended = FALSE;
+ fail. PAM doesn't support authentication with an empty user (it prompts for it,
+ causing a potential mis-interpretation). */
+
+-user = string_nextinlist(&pam_args, &sep, big_buffer, big_buffer_size);
++user = string_nextinlist(&pam_args, &sep, NULL, 0);
+ if (user == NULL || user[0] == 0) return FAIL;
+
+ /* Start off PAM interaction */