git: c2900ff6c818 - main - security/sssd: unbreak the port
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 05 Jul 2024 12:32:38 UTC
The branch main has been updated by jhixson:
URL: https://cgit.FreeBSD.org/ports/commit/?id=c2900ff6c81837e4c58774ceeacfa2f14b9bbbb7
commit c2900ff6c81837e4c58774ceeacfa2f14b9bbbb7
Author: John Hixson <jhixson@FreeBSD.org>
AuthorDate: 2024-07-05 12:30:10 +0000
Commit: John Hixson <jhixson@FreeBSD.org>
CommitDate: 2024-07-05 12:32:24 +0000
security/sssd: unbreak the port
---
security/sssd/Makefile | 2 +-
security/sssd/files/bsdnss.c | 27 +++++--
security/sssd/files/patch-Makefile.am | 82 +++++++++++-----------
security/sssd/files/patch-configure.ac | 18 ++---
security/sssd/files/patch-src__confdb__confdb.c | 4 +-
.../sssd/files/patch-src__external__inotify.m4 | 4 +-
security/sssd/files/patch-src__external__krb5.m4 | 6 +-
security/sssd/files/patch-src__external__ldap.m4 | 14 ++--
security/sssd/files/patch-src__external__python.m4 | 8 ++-
.../patch-src__lib__certmap__sss_certmap.exports | 10 +++
...rc__lib__winbind_idmap_sss__winbind_idmap_sss.h | 4 +-
.../files/patch-src__providers__ad__ad_common.c | 10 ++-
.../files/patch-src__providers__ad__ad_gpo_ndr.c | 10 +--
.../sssd/files/patch-src__providers__ad__ad_pac.h | 4 +-
.../files/patch-src__providers__data_provider_fo.c | 6 +-
.../files/patch-src__providers__ipa__ipa_common.c | 4 +-
...c__providers__ipa__ipa_deskprofile_rules_util.c | 4 +-
...ers__krb5__krb5_delayed_online_authentication.c | 8 +--
.../files/patch-src__providers__ldap__ldap_auth.c | 28 ++++----
.../files/patch-src__providers__ldap__ldap_child.c | 6 +-
.../patch-src__providers__ldap__sdap_access.c | 8 +--
...patch-src__providers__ldap__sdap_async_groups.c | 4 +-
...h-src__providers__ldap__sdap_async_initgroups.c | 12 ++--
...rc__providers__ldap__sdap_async_initgroups_ad.c | 8 +--
...rc__providers__ldap__sdap_async_sudo_hostinfo.c | 8 +--
.../patch-src__providers__ldap__sdap_async_users.c | 4 +-
.../files/patch-src__resolv__async_resolv_utils.c | 4 +-
security/sssd/files/patch-src__sbus__sbus_codegen | 6 +-
.../sssd/files/patch-src__sss_client__common.c | 68 +++++++++++++++---
.../sssd/files/patch-src__sss_client__nss_group.c | 4 +-
.../sssd/files/patch-src__sss_client__pam_sss.c | 15 ++--
.../files/patch-src__sss_client__sss_nss.exports | 35 +++++----
.../files/patch-src__tests__cmocka__test_authtok.c | 4 +-
.../patch-src__tests__cmocka__test_negcache_2.c | 18 +++--
.../files/patch-src__tests__cmocka__test_pam_srv.c | 4 +-
...atch-src__tests__cwrap__test_responder_common.c | 6 +-
.../files/patch-src__tests__cwrap__test_server.c | 4 +-
.../sssd/files/patch-src__tests__dlopen-tests.c | 4 +-
...__util__crypto__libcrypto__crypto_sha512crypt.c | 4 +-
...patch-src__util__crypto__nss__nss_sha512crypt.c | 4 +-
security/sssd/files/patch-src__util__find_uid.c | 10 ++-
security/sssd/files/patch-src__util__nss_dl_load.c | 8 +--
security/sssd/files/patch-src__util__server.c | 4 +-
security/sssd/files/patch-src__util__sss_endian.h | 4 +-
security/sssd/files/patch-src__util__sss_krb5.c | 4 +-
security/sssd/files/patch-src__util__sss_sockets.c | 10 +--
security/sssd/files/patch-src__util__util.c | 6 +-
security/sssd/files/patch-src__util__util.h | 6 +-
security/sssd/pkg-plist | 10 +--
security/sssd2/files/bsdnss.c | 17 +++++
50 files changed, 302 insertions(+), 260 deletions(-)
diff --git a/security/sssd/Makefile b/security/sssd/Makefile
index 4ba425fb1bbf..ee98e270d779 100644
--- a/security/sssd/Makefile
+++ b/security/sssd/Makefile
@@ -1,6 +1,6 @@
PORTNAME= sssd
PORTVERSION= 1.16.5
-PORTREVISION= 12
+PORTREVISION= 13
CATEGORIES= security
MASTER_SITES= https://releases.pagure.org/SSSD/${PORTNAME}/
diff --git a/security/sssd/files/bsdnss.c b/security/sssd/files/bsdnss.c
index 6a1152100c67..21484bdca1f5 100644
--- a/security/sssd/files/bsdnss.c
+++ b/security/sssd/files/bsdnss.c
@@ -6,6 +6,24 @@
#include <nss.h>
#include <netdb.h>
+NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r);
+NSS_METHOD_PROTOTYPE(__nss_compat_getgrgid_r);
+NSS_METHOD_PROTOTYPE(__nss_compat_getgrent_r);
+NSS_METHOD_PROTOTYPE(__nss_compat_setgrent);
+NSS_METHOD_PROTOTYPE(__nss_compat_endgrent);
+
+NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r);
+NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r);
+NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r);
+NSS_METHOD_PROTOTYPE(__nss_compat_setpwent);
+NSS_METHOD_PROTOTYPE(__nss_compat_endpwent);
+
+NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname);
+NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname2);
+NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyaddr);
+
+NSS_METHOD_PROTOTYPE(__nss_compat_getgroupmembership);
+
extern enum nss_status _nss_sss_getgrent_r(struct group *, char *, size_t,
int *);
extern enum nss_status _nss_sss_getgrnam_r(const char *, struct group *,
@@ -66,7 +84,6 @@ static ns_mtab methods[] = {
{ NSDB_GROUP, "getgrnam_r", __nss_compat_getgrnam_r, _nss_sss_getgrnam_r },
{ NSDB_GROUP, "getgrgid_r", __nss_compat_getgrgid_r, _nss_sss_getgrgid_r },
{ NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, _nss_sss_getgrent_r },
-{ NSDB_GROUP, "getgroupmembership", __nss_compat_getgroupmembership, _nss_sss_getgroupmembership },
{ NSDB_GROUP, "setgrent", __nss_compat_setgrent, _nss_sss_setgrent },
{ NSDB_GROUP, "endgrent", __nss_compat_endgrent, _nss_sss_endgrent },
@@ -76,9 +93,9 @@ static ns_mtab methods[] = {
{ NSDB_PASSWD, "setpwent", __nss_compat_setpwent, _nss_sss_setpwent },
{ NSDB_PASSWD, "endpwent", __nss_compat_endpwent, _nss_sss_endpwent },
-// { NSDB_HOSTS, "gethostbyname", __nss_compat_gethostbyname, _nss_sss_gethostbyname_r },
-//{ NSDB_HOSTS, "gethostbyaddr", __nss_compat_gethostbyaddr, _nss_sss_gethostbyaddr_r },
-//{ NSDB_HOSTS, "gethostbyname2", __nss_compat_gethostbyname2, _nss_sss_gethostbyname2_r },
+{ NSDB_HOSTS, "gethostbyname", __nss_compat_gethostbyname, _nss_sss_gethostbyname_r },
+{ NSDB_HOSTS, "gethostbyaddr", __nss_compat_gethostbyaddr, _nss_sss_gethostbyaddr_r },
+{ NSDB_HOSTS, "gethostbyname2", __nss_compat_gethostbyname2, _nss_sss_gethostbyname2_r },
{ NSDB_GROUP_COMPAT, "getgrnam_r", __nss_compat_getgrnam_r, _nss_sss_getgrnam_r },
{ NSDB_GROUP_COMPAT, "getgrgid_r", __nss_compat_getgrgid_r, _nss_sss_getgrgid_r },
@@ -92,6 +109,8 @@ static ns_mtab methods[] = {
{ NSDB_PASSWD_COMPAT, "setpwent", __nss_compat_setpwent, _nss_sss_setpwent },
{ NSDB_PASSWD_COMPAT, "endpwent", __nss_compat_endpwent, _nss_sss_endpwent },
+{ NSDB_GROUP, "getgroupmembership", __nss_compat_getgroupmembership, _nss_sss_getgroupmembership },
+
};
diff --git a/security/sssd/files/patch-Makefile.am b/security/sssd/files/patch-Makefile.am
index 12e49bf033c6..facbd10dcd13 100644
--- a/security/sssd/files/patch-Makefile.am
+++ b/security/sssd/files/patch-Makefile.am
@@ -1,8 +1,6 @@
-diff --git Makefile.am Makefile.am
-index be17d6a59..03386d1f8 100644
---- Makefile.am
+--- Makefile.am.orig 2024-07-05 11:41:32 UTC
+++ Makefile.am
-@@ -61,7 +61,7 @@ sssdapiplugindir = $(sssddatadir)/sssd.api.d
+@@ -61,7 +61,7 @@ dbusservicedir = $(datadir)/dbus-1/system-services
sssdtapscriptdir = $(sssddatadir)/systemtap
dbuspolicydir = $(sysconfdir)/dbus-1/system.d
dbusservicedir = $(datadir)/dbus-1/system-services
@@ -11,7 +9,7 @@ index be17d6a59..03386d1f8 100644
runstatedir = @runstatedir@
localedir = @localedir@
nsslibdir = @nsslibdir@
-@@ -378,12 +378,6 @@ sssdlib_LTLIBRARIES += \
+@@ -382,12 +382,6 @@ endif
libsss_ad.la
endif
@@ -24,7 +22,7 @@ index be17d6a59..03386d1f8 100644
ldblib_LTLIBRARIES = \
memberof.la
-@@ -610,6 +604,7 @@ SSSD_FAILOVER_OBJ = \
+@@ -623,6 +617,7 @@ SSSD_LIBS = \
SSSD_LIBS = \
$(TALLOC_LIBS) \
@@ -32,7 +30,7 @@ index be17d6a59..03386d1f8 100644
$(TEVENT_LIBS) \
$(POPT_LIBS) \
$(LDB_LIBS) \
-@@ -664,6 +659,7 @@ dist_noinst_HEADERS = \
+@@ -677,6 +672,7 @@ dist_noinst_HEADERS = \
src/util/sss_ssh.h \
src/util/sss_ini.h \
src/util/sss_format.h \
@@ -40,7 +38,7 @@ index be17d6a59..03386d1f8 100644
src/util/refcount.h \
src/util/find_uid.h \
src/util/user_info_msg.h \
-@@ -1358,6 +1354,7 @@ sssd_LDADD = \
+@@ -1372,6 +1368,7 @@ sssd_LDADD = \
$(SSSD_LIBS) \
$(INOTIFY_LIBS) \
$(LIBNL_LIBS) \
@@ -48,55 +46,48 @@ index be17d6a59..03386d1f8 100644
$(KEYUTILS_LIBS) \
$(SYSTEMD_DAEMON_LIBS) \
$(SSSD_INTERNAL_LTLIBS)
-@@ -1381,6 +1378,7 @@ sssd_nss_SOURCES = \
- sssd_nss_LDADD = \
+@@ -1396,6 +1393,7 @@ sssd_nss_LDADD = \
+ $(LIBADD_DL) \
$(TDB_LIBS) \
$(SSSD_LIBS) \
+ $(LTLIBINTL) \
libsss_idmap.la \
libsss_cert.la \
$(SYSTEMD_DAEMON_LIBS) \
-@@ -1397,6 +1395,7 @@ sssd_pam_SOURCES = \
- sssd_pam_LDADD = \
+@@ -1418,6 +1416,7 @@ sssd_pam_LDADD = \
+ $(LIBADD_DL) \
$(TDB_LIBS) \
$(SSSD_LIBS) \
+ $(LTLIBINTL) \
$(SELINUX_LIBS) \
$(PAM_LIBS) \
$(SYSTEMD_DAEMON_LIBS) \
-@@ -1414,6 +1413,7 @@ sssd_sudo_SOURCES = \
- $(SSSD_RESPONDER_OBJ)
+@@ -1436,6 +1435,8 @@ sssd_sudo_LDADD = \
sssd_sudo_LDADD = \
+ $(LIBADD_DL) \
$(SSSD_LIBS) \
+ $(LTLIBINTL) \
- $(SYSTEMD_DAEMON_LIBS) \
- $(SSSD_INTERNAL_LTLIBS)
- endif
-@@ -1426,6 +1426,7 @@ sssd_autofs_SOURCES = \
- $(SSSD_RESPONDER_OBJ)
- sssd_autofs_LDADD = \
- $(SSSD_LIBS) \
+ $(LTLIBINTL) \
$(SYSTEMD_DAEMON_LIBS) \
$(SSSD_INTERNAL_LTLIBS)
endif
-@@ -1441,6 +1442,7 @@ sssd_ssh_SOURCES = \
- $(NULL)
+@@ -1464,6 +1465,7 @@ sssd_ssh_LDADD = \
sssd_ssh_LDADD = \
+ $(LIBADD_DL) \
$(SSSD_LIBS) \
+ $(LTLIBINTL) \
$(SSSD_INTERNAL_LTLIBS) \
$(SYSTEMD_DAEMON_LIBS) \
libsss_cert.la \
-@@ -1481,6 +1483,7 @@ sssd_ifp_CFLAGS = \
- $(AM_CFLAGS)
+@@ -1506,6 +1508,7 @@ sssd_ifp_LDADD = \
sssd_ifp_LDADD = \
+ $(LIBADD_DL) \
$(SSSD_LIBS) \
+ $(LTLIBINTL) \
$(SYSTEMD_DAEMON_LIBS) \
$(SSSD_INTERNAL_LTLIBS) \
libsss_cert.la \
-@@ -1604,6 +1607,7 @@ sssd_be_SOURCES = \
+@@ -1631,6 +1634,7 @@ sssd_be_LDADD = \
sssd_be_LDADD = \
$(LIBADD_DL) \
$(SSSD_LIBS) \
@@ -104,7 +95,7 @@ index be17d6a59..03386d1f8 100644
$(CARES_LIBS) \
$(PAM_LIBS) \
$(SSSD_INTERNAL_LTLIBS)
-@@ -1726,6 +1730,7 @@ sss_signal_SOURCES = \
+@@ -1753,6 +1757,7 @@ sss_signal_LDADD = \
src/tools/common/sss_process.c
$(NULL)
sss_signal_LDADD = \
@@ -112,7 +103,7 @@ index be17d6a59..03386d1f8 100644
libsss_debug.la \
$(NULL)
-@@ -2318,6 +2323,7 @@ test_ssh_client_CFLAGS = \
+@@ -2347,6 +2352,7 @@ test_ssh_client_LDADD = \
test_ssh_client_LDADD = \
$(SSSD_INTERNAL_LTLIBS) \
$(SSSD_LIBS) \
@@ -120,7 +111,7 @@ index be17d6a59..03386d1f8 100644
$(NULL)
if BUILD_DBUS_TESTS
-@@ -2602,6 +2608,7 @@ test_authtok_LDADD = \
+@@ -2657,6 +2663,7 @@ test_authtok_LDADD = \
$(CMOCKA_LIBS) \
$(DHASH_LIBS) \
$(POPT_LIBS) \
@@ -128,7 +119,7 @@ index be17d6a59..03386d1f8 100644
libsss_test_common.la \
libsss_debug.la \
$(NULL)
-@@ -2622,6 +2629,7 @@ deskprofile_utils_tests_SOURCES = \
+@@ -2692,6 +2699,7 @@ deskprofile_utils_tests_LDADD = \
deskprofile_utils_tests_CFLAGS = \
$(AM_CFLAGS)
deskprofile_utils_tests_LDADD = \
@@ -136,7 +127,7 @@ index be17d6a59..03386d1f8 100644
$(CMOCKA_LIBS) \
$(SSSD_INTERNAL_LTLIBS) \
libsss_test_common.la
-@@ -2654,6 +2662,7 @@ domain_resolution_order_tests_CFLAGS = \
+@@ -2724,6 +2732,7 @@ domain_resolution_order_tests_LDADD = \
$(AM_CFLAGS)
domain_resolution_order_tests_LDADD = \
$(CMOCKA_LIBS) \
@@ -144,7 +135,7 @@ index be17d6a59..03386d1f8 100644
$(SSSD_INTERNAL_LTLIBS) \
libsss_test_common.la
-@@ -2738,6 +2747,7 @@ test_search_bases_LDADD = \
+@@ -2809,6 +2818,7 @@ test_search_bases_LDADD = \
$(CMOCKA_LIBS) \
$(TALLOC_LIBS) \
$(SSSD_INTERNAL_LTLIBS) \
@@ -152,7 +143,7 @@ index be17d6a59..03386d1f8 100644
libsss_ldap_common.la \
libsss_test_common.la \
libdlopen_test_providers.la \
-@@ -3545,6 +3555,7 @@ test_inotify_LDADD = \
+@@ -3619,6 +3629,7 @@ test_inotify_LDADD = \
$(CMOCKA_LIBS) \
$(SSSD_LIBS) \
$(SSSD_INTERNAL_LTLIBS) \
@@ -160,7 +151,7 @@ index be17d6a59..03386d1f8 100644
$(LIBADD_DL) \
libsss_test_common.la \
$(NULL)
-@@ -3637,9 +3648,6 @@ endif
+@@ -3711,9 +3722,6 @@ endif
if BUILD_WITH_LIBCURL
noinst_PROGRAMS += tcurl-test-tool
endif
@@ -170,7 +161,7 @@ index be17d6a59..03386d1f8 100644
if BUILD_AUTOFS
autofs_test_client_SOURCES = \
-@@ -3730,9 +3738,10 @@ intgcheck:
+@@ -3806,9 +3814,10 @@ intgcheck:
# Client Libraries #
####################
@@ -183,7 +174,7 @@ index be17d6a59..03386d1f8 100644
src/sss_client/nss_passwd.c \
src/sss_client/nss_group.c \
src/sss_client/nss_netgroup.c \
-@@ -3748,9 +3757,9 @@ libnss_sss_la_SOURCES = \
+@@ -3824,9 +3833,9 @@ libnss_sss_la_SOURCES = \
src/sss_client/nss_mc_group.c \
src/sss_client/nss_mc_initgr.c \
src/sss_client/nss_mc.h
@@ -195,7 +186,7 @@ index be17d6a59..03386d1f8 100644
-module \
-version-info 2:0:0 \
-Wl,--version-script,$(srcdir)/src/sss_client/sss_nss.exports
-@@ -3908,6 +3917,7 @@ libsss_ldap_common_la_LIBADD = \
+@@ -3985,6 +3994,7 @@ libsss_ldap_common_la_LIBADD = \
$(OPENLDAP_LIBS) \
$(DHASH_LIBS) \
$(KRB5_LIBS) \
@@ -203,7 +194,7 @@ index be17d6a59..03386d1f8 100644
libsss_krb5_common.la \
libsss_idmap.la \
libsss_certmap.la \
-@@ -4271,6 +4281,7 @@ ldap_child_CFLAGS = \
+@@ -4353,6 +4363,7 @@ ldap_child_LDADD = \
$(KRB5_CFLAGS)
ldap_child_LDADD = \
libsss_debug.la \
@@ -211,7 +202,7 @@ index be17d6a59..03386d1f8 100644
$(TALLOC_LIBS) \
$(POPT_LIBS) \
$(DHASH_LIBS) \
-@@ -4313,6 +4324,7 @@ gpo_child_CFLAGS = \
+@@ -4395,6 +4406,7 @@ gpo_child_LDADD = \
$(SMBCLIENT_CFLAGS)
gpo_child_LDADD = \
libsss_debug.la \
@@ -219,7 +210,7 @@ index be17d6a59..03386d1f8 100644
$(TALLOC_LIBS) \
$(POPT_LIBS) \
$(DHASH_LIBS) \
-@@ -4329,6 +4341,7 @@ proxy_child_CFLAGS = \
+@@ -4411,6 +4423,7 @@ proxy_child_LDADD = \
proxy_child_LDADD = \
$(PAM_LIBS) \
$(SSSD_LIBS) \
@@ -227,7 +218,7 @@ index be17d6a59..03386d1f8 100644
$(SSSD_INTERNAL_LTLIBS)
p11_child_SOURCES = \
-@@ -4361,6 +4374,7 @@ endif
+@@ -4443,6 +4456,7 @@ p11_child_LDADD = \
p11_child_LDADD = \
libsss_debug.la \
@@ -235,3 +226,12 @@ index be17d6a59..03386d1f8 100644
$(TALLOC_LIBS) \
$(DHASH_LIBS) \
$(POPT_LIBS) \
+@@ -5094,7 +5108,7 @@ endif
+ endif
+ endif
+
+-install-data-hook:
++notnotinstall-data-hook:
+ rm $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2 \
+ $(DESTDIR)/$(nsslibdir)/libnss_sss.so
+ mv $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2.0.0 $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2
diff --git a/security/sssd/files/patch-configure.ac b/security/sssd/files/patch-configure.ac
index b62547432984..4dc61dafc774 100644
--- a/security/sssd/files/patch-configure.ac
+++ b/security/sssd/files/patch-configure.ac
@@ -1,6 +1,6 @@
---- configure.ac 2020-03-17 13:31:28 UTC
+--- configure.ac.orig 2020-03-17 13:31:28 UTC
+++ configure.ac
-@@ -44,8 +44,6 @@ AM_CONDITIONAL([HAVE_GCC], [test "$ac_cv_prog_gcc" = y
+@@ -44,8 +44,6 @@ AC_CONFIG_HEADER(config.h)
AC_CHECK_HEADERS(stdint.h dlfcn.h)
AC_CONFIG_HEADER(config.h)
@@ -9,10 +9,10 @@
m4_include([src/build_macros.m4])
BUILD_WITH_SHARED_BUILD_DIR
-@@ -62,4 +60,18 @@
-
+@@ -62,6 +60,20 @@ AM_CONDITIONAL([HAVE_PTHREAD], [test x"$HAVE_PTHREAD"
+
AM_CONDITIONAL([HAVE_PTHREAD], [test x"$HAVE_PTHREAD" != "x"])
-+
+
+saved_CFLAGS="$CFLAGS"
+CFLAGS="-Werror"
+AC_COMPILE_IFELSE(
@@ -26,12 +26,14 @@
+CFLAGS="$saved_CFLAGS"
+
+AM_CONDITIONAL([HAVE_MEMPCPY], [test x"$HAVE_MEMPCPY" != "x"])
-
++
# Check library for the timer_create function
-@@ -356,8 +358,8 @@ them please use argument --without-python3-bindings wh
+ SAVE_LIBS=$LIBS
+ LIBS=
+@@ -356,8 +368,8 @@ them please use argument --without-python3-bindings wh
AM_CHECK_PYTHON_HEADERS([],
AC_MSG_ERROR([Could not find python3 headers]))
-
+
- AC_SUBST([py3execdir], [$pyexecdir])
- AC_SUBST([python3dir], [$pythondir])
+ AC_SUBST([py3execdir], [$(eval echo $pyexecdir)])
diff --git a/security/sssd/files/patch-src__confdb__confdb.c b/security/sssd/files/patch-src__confdb__confdb.c
index 006f9810a3be..0db5562a301f 100644
--- a/security/sssd/files/patch-src__confdb__confdb.c
+++ b/security/sssd/files/patch-src__confdb__confdb.c
@@ -1,6 +1,4 @@
-diff --git src/confdb/confdb.c src/confdb/confdb.c
-index e55f88e4e..81fd3417a 100644
---- src/confdb/confdb.c
+--- src/confdb/confdb.c.orig 2020-03-17 13:31:28 UTC
+++ src/confdb/confdb.c
@@ -28,6 +28,11 @@
#include "util/strtonum.h"
diff --git a/security/sssd/files/patch-src__external__inotify.m4 b/security/sssd/files/patch-src__external__inotify.m4
index 9acf30c5d281..7b99442f016d 100644
--- a/security/sssd/files/patch-src__external__inotify.m4
+++ b/security/sssd/files/patch-src__external__inotify.m4
@@ -1,6 +1,4 @@
-diff --git src/external/inotify.m4 src/external/inotify.m4
-index 3ae5ae314..e88bd3ffc 100644
---- src/external/inotify.m4
+--- src/external/inotify.m4.orig 2020-03-17 13:31:28 UTC
+++ src/external/inotify.m4
@@ -20,10 +20,10 @@ int main () {
AS_IF([test x"$inotify_works" != xyes],
diff --git a/security/sssd/files/patch-src__external__krb5.m4 b/security/sssd/files/patch-src__external__krb5.m4
index fd36f02e61ee..a7d0d6c58b3b 100644
--- a/security/sssd/files/patch-src__external__krb5.m4
+++ b/security/sssd/files/patch-src__external__krb5.m4
@@ -1,8 +1,6 @@
-diff --git src/external/krb5.m4 src/external/krb5.m4
-index b844c2fbe..856ef56fe 100644
---- src/external/krb5.m4
+--- src/external/krb5.m4.orig 2020-03-17 13:31:28 UTC
+++ src/external/krb5.m4
-@@ -9,7 +9,7 @@ if test x$KRB5_CFLAGS != x; then
+@@ -9,7 +9,7 @@ fi
KRB5_PASSED_CFLAGS=$KRB5_CFLAGS
fi
diff --git a/security/sssd/files/patch-src__external__ldap.m4 b/security/sssd/files/patch-src__external__ldap.m4
index 682de45f5f0d..8939c02bdeeb 100644
--- a/security/sssd/files/patch-src__external__ldap.m4
+++ b/security/sssd/files/patch-src__external__ldap.m4
@@ -1,8 +1,6 @@
-diff --git src/external/ldap.m4 src/external/ldap.m4
-index cd13fde62..73ca93674 100644
---- src/external/ldap.m4
+--- src/external/ldap.m4.orig 2020-03-17 13:31:28 UTC
+++ src/external/ldap.m4
-@@ -32,8 +32,7 @@ dnl Check for other libraries we need to link with to get the main routines.
+@@ -32,8 +32,7 @@ test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, lda
test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes], , -llber) }
test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes], , -llber -lkrb) }
test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes with_ldap_des=yes], , -llber -lkrb -ldes) }
@@ -12,13 +10,13 @@ index cd13fde62..73ca93674 100644
dnl Recently, we need -lber even though the main routines are elsewhere,
dnl because otherwise we get link errors w.r.t. ber_pvt_opt_on. So just
dnl check for that (it's a variable not a fun but that doesn't seem to
-@@ -42,6 +41,9 @@ dnl stick it in always shouldn't hurt, I don't think) ... #### Someone who
+@@ -41,6 +40,9 @@ test "$with_ldap_lber" != "yes" && { AC_CHECK_LIB(lber
+ dnl stick it in always shouldn't hurt, I don't think) ... #### Someone who
dnl #### understands LDAP needs to fix this properly.
test "$with_ldap_lber" != "yes" && { AC_CHECK_LIB(lber, ber_pvt_opt_on, with_ldap_lber=yes) }
-
++
+CFLAGS=$SAVE_CFLAGS
+LIBS=$SAVE_LIBS
-+
+
if test "$with_ldap" = "yes"; then
if test "$with_ldap_des" = "yes" ; then
- OPENLDAP_LIBS="${OPENLDAP_LIBS} -ldes"
diff --git a/security/sssd/files/patch-src__external__python.m4 b/security/sssd/files/patch-src__external__python.m4
index 8453814e053c..12987976c2fb 100644
--- a/security/sssd/files/patch-src__external__python.m4
+++ b/security/sssd/files/patch-src__external__python.m4
@@ -1,9 +1,11 @@
---- src/external/python.m4 2020-03-17 09:31:28.000000000 -0400
-+++ src/external/python.m4 2022-02-22 22:55:04.425467000 -0500
-@@ -37,5 +37,5 @@
+--- src/external/python.m4.orig 2020-03-17 13:31:28 UTC
++++ src/external/python.m4
+@@ -36,7 +36,7 @@ --without-$1-bindings when running configure.]))
+ if test $? -eq 0; then
PYTHON_DLOPEN_LIB="` $PYTHON_CONFIG --libs --embed | grep -o -- '-lpython@<:@^ @:>@*' |sed -e 's/^-l/lib/'`"
if test x"$PYTHON_DLOPEN_LIB" != x; then
- python_lib_path="` $PYTHON_CONFIG --ldflags | grep -o -- '-L/@<:@^ @:>@*' | sed -e 's/^-L//'`"
+ python_lib_path="` $PYTHON_CONFIG --ldflags | sed -n 's/.*-L\(@<:@^ @:>@*\).*/\1/p'`"
if test x"$python_lib_path" != x; then
PYTHON_DLOPEN_LIB=$python_lib_path"/"$PYTHON_DLOPEN_LIB
+ fi
diff --git a/security/sssd/files/patch-src__lib__certmap__sss_certmap.exports b/security/sssd/files/patch-src__lib__certmap__sss_certmap.exports
new file mode 100644
index 000000000000..df8fac78ac91
--- /dev/null
+++ b/security/sssd/files/patch-src__lib__certmap__sss_certmap.exports
@@ -0,0 +1,10 @@
+--- src/lib/certmap/sss_certmap.exports.orig 2024-01-12 12:05:40 UTC
++++ src/lib/certmap/sss_certmap.exports
+@@ -2,7 +2,6 @@ SSS_CERTMAP_0.0 {
+ global:
+ sss_certmap_init;
+ sss_certmap_free_ctx;
+- sss_certmap_err_msg;
+ sss_certmap_add_rule;
+ sss_certmap_match_cert;
+ sss_certmap_get_search_filter;
diff --git a/security/sssd/files/patch-src__lib__winbind_idmap_sss__winbind_idmap_sss.h b/security/sssd/files/patch-src__lib__winbind_idmap_sss__winbind_idmap_sss.h
index 28013210fe9c..272d51672ba8 100644
--- a/security/sssd/files/patch-src__lib__winbind_idmap_sss__winbind_idmap_sss.h
+++ b/security/sssd/files/patch-src__lib__winbind_idmap_sss__winbind_idmap_sss.h
@@ -1,6 +1,4 @@
-diff --git src/lib/winbind_idmap_sss/winbind_idmap_sss.h src/lib/winbind_idmap_sss/winbind_idmap_sss.h
-index 868049fff..cb1604ef1 100644
---- src/lib/winbind_idmap_sss/winbind_idmap_sss.h
+--- src/lib/winbind_idmap_sss/winbind_idmap_sss.h.orig 2020-03-17 13:31:28 UTC
+++ src/lib/winbind_idmap_sss/winbind_idmap_sss.h
@@ -29,6 +29,8 @@
#include <stdbool.h>
diff --git a/security/sssd/files/patch-src__providers__ad__ad_common.c b/security/sssd/files/patch-src__providers__ad__ad_common.c
index 178dfb870821..abf17a992994 100644
--- a/security/sssd/files/patch-src__providers__ad__ad_common.c
+++ b/security/sssd/files/patch-src__providers__ad__ad_common.c
@@ -1,8 +1,6 @@
-diff --git src/providers/ad/ad_common.c src/providers/ad/ad_common.c
-index 0d154ca57..407d37a37 100644
---- src/providers/ad/ad_common.c
+--- src/providers/ad/ad_common.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ad/ad_common.c
-@@ -419,7 +419,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
+@@ -420,7 +420,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
char *server;
char *realm;
char *ad_hostname;
@@ -11,7 +9,7 @@ index 0d154ca57..407d37a37 100644
char *case_sensitive_opt;
const char *opt_override;
-@@ -458,7 +458,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
+@@ -459,7 +459,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
*/
ad_hostname = dp_opt_get_string(opts->basic, AD_HOSTNAME);
if (ad_hostname == NULL) {
@@ -20,7 +18,7 @@ index 0d154ca57..407d37a37 100644
if (gret != 0) {
ret = errno;
DEBUG(SSSDBG_FATAL_FAILURE,
-@@ -466,7 +466,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
+@@ -467,7 +467,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx,
strerror(ret));
goto done;
}
diff --git a/security/sssd/files/patch-src__providers__ad__ad_gpo_ndr.c b/security/sssd/files/patch-src__providers__ad__ad_gpo_ndr.c
index 7bb5a0c1f476..33f2aaafc884 100644
--- a/security/sssd/files/patch-src__providers__ad__ad_gpo_ndr.c
+++ b/security/sssd/files/patch-src__providers__ad__ad_gpo_ndr.c
@@ -1,6 +1,6 @@
---- src/providers/ad/ad_gpo_ndr.c-orig 2020-11-28 22:21:39.860006000 +0000
-+++ src/providers/ad/ad_gpo_ndr.c 2020-11-28 22:23:15.849602000 +0000
-@@ -105,7 +105,7 @@
+--- src/providers/ad/ad_gpo_ndr.c.orig 2020-03-17 13:31:28 UTC
++++ src/providers/ad/ad_gpo_ndr.c
+@@ -105,7 +105,7 @@ ndr_pull_security_ace_object_type(struct ndr_pull *ndr
union security_ace_object_type *r)
{
uint32_t level;
@@ -9,7 +9,7 @@
NDR_PULL_CHECK_FLAGS(ndr, ndr_flags);
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_pull_union_align(ndr, 4));
-@@ -135,7 +135,7 @@
+@@ -135,7 +135,7 @@ ndr_pull_security_ace_object_inherited_type(struct ndr
union security_ace_object_inherited_type *r)
{
uint32_t level;
@@ -18,7 +18,7 @@
NDR_PULL_CHECK_FLAGS(ndr, ndr_flags);
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_pull_union_align(ndr, 4));
-@@ -198,7 +198,7 @@
+@@ -198,7 +198,7 @@ ndr_pull_security_ace_object_ctr(struct ndr_pull *ndr,
union security_ace_object_ctr *r)
{
uint32_t level;
diff --git a/security/sssd/files/patch-src__providers__ad__ad_pac.h b/security/sssd/files/patch-src__providers__ad__ad_pac.h
index eb495780b53d..038a52963d46 100644
--- a/security/sssd/files/patch-src__providers__ad__ad_pac.h
+++ b/security/sssd/files/patch-src__providers__ad__ad_pac.h
@@ -1,6 +1,4 @@
-diff --git src/providers/ad/ad_pac.h src/providers/ad/ad_pac.h
-index 34f1e92c7..00a53cccd 100644
---- src/providers/ad/ad_pac.h
+--- src/providers/ad/ad_pac.h.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ad/ad_pac.h
@@ -32,6 +32,8 @@
#ifdef ldb_val
diff --git a/security/sssd/files/patch-src__providers__data_provider_fo.c b/security/sssd/files/patch-src__providers__data_provider_fo.c
index 4be41ef91a87..0b1b5ba212b7 100644
--- a/security/sssd/files/patch-src__providers__data_provider_fo.c
+++ b/security/sssd/files/patch-src__providers__data_provider_fo.c
@@ -1,8 +1,6 @@
-diff --git src/providers/data_provider_fo.c src/providers/data_provider_fo.c
-index 473b667e5..63f2dd131 100644
---- src/providers/data_provider_fo.c
+--- src/providers/data_provider_fo.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/data_provider_fo.c
-@@ -235,18 +235,18 @@ errno_t be_fo_set_dns_srv_lookup_plugin(struct be_ctx *be_ctx,
+@@ -235,18 +235,18 @@ errno_t be_fo_set_dns_srv_lookup_plugin(struct be_ctx
const char *hostname)
{
struct fo_resolve_srv_dns_ctx *srv_ctx = NULL;
diff --git a/security/sssd/files/patch-src__providers__ipa__ipa_common.c b/security/sssd/files/patch-src__providers__ipa__ipa_common.c
index 14c01fff88c9..cf16a396cf09 100644
--- a/security/sssd/files/patch-src__providers__ipa__ipa_common.c
+++ b/security/sssd/files/patch-src__providers__ipa__ipa_common.c
@@ -1,6 +1,4 @@
-diff --git src/providers/ipa/ipa_common.c src/providers/ipa/ipa_common.c
-index 17d14e6b0..681ac8615 100644
---- src/providers/ipa/ipa_common.c
+--- src/providers/ipa/ipa_common.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ipa/ipa_common.c
@@ -49,7 +49,7 @@ int ipa_get_options(TALLOC_CTX *memctx,
char *realm;
diff --git a/security/sssd/files/patch-src__providers__ipa__ipa_deskprofile_rules_util.c b/security/sssd/files/patch-src__providers__ipa__ipa_deskprofile_rules_util.c
index 91fe3ac37b8b..ba7a847dc4fc 100644
--- a/security/sssd/files/patch-src__providers__ipa__ipa_deskprofile_rules_util.c
+++ b/security/sssd/files/patch-src__providers__ipa__ipa_deskprofile_rules_util.c
@@ -1,6 +1,4 @@
-diff --git src/providers/ipa/ipa_deskprofile_rules_util.c src/providers/ipa/ipa_deskprofile_rules_util.c
-index 991c6053d..59483b452 100644
---- src/providers/ipa/ipa_deskprofile_rules_util.c
+--- src/providers/ipa/ipa_deskprofile_rules_util.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ipa/ipa_deskprofile_rules_util.c
@@ -25,6 +25,8 @@
#include "providers/ipa/ipa_rules_common.h"
diff --git a/security/sssd/files/patch-src__providers__krb5__krb5_delayed_online_authentication.c b/security/sssd/files/patch-src__providers__krb5__krb5_delayed_online_authentication.c
index 84fcfcd99001..3de6e4d92293 100644
--- a/security/sssd/files/patch-src__providers__krb5__krb5_delayed_online_authentication.c
+++ b/security/sssd/files/patch-src__providers__krb5__krb5_delayed_online_authentication.c
@@ -1,8 +1,6 @@
-diff --git src/providers/krb5/krb5_delayed_online_authentication.c src/providers/krb5/krb5_delayed_online_authentication.c
-index 1cb7eade0..4aaeb84b2 100644
---- src/providers/krb5/krb5_delayed_online_authentication.c
+--- src/providers/krb5/krb5_delayed_online_authentication.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/krb5/krb5_delayed_online_authentication.c
-@@ -328,6 +328,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx,
+@@ -328,6 +328,7 @@ errno_t init_delayed_online_authentication(struct krb5
struct tevent_context *ev)
{
int ret;
@@ -10,7 +8,7 @@ index 1cb7eade0..4aaeb84b2 100644
hash_table_t *tmp_table;
ret = get_uid_table(krb5_ctx, &tmp_table);
-@@ -347,6 +348,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx,
+@@ -347,6 +348,7 @@ errno_t init_delayed_online_authentication(struct krb5
"hash_destroy failed [%s].\n", hash_error_string(ret));
return EFAULT;
}
diff --git a/security/sssd/files/patch-src__providers__ldap__ldap_auth.c b/security/sssd/files/patch-src__providers__ldap__ldap_auth.c
index ae1bfc922d00..10fc2479bf3a 100644
--- a/security/sssd/files/patch-src__providers__ldap__ldap_auth.c
+++ b/security/sssd/files/patch-src__providers__ldap__ldap_auth.c
@@ -1,6 +1,4 @@
-diff --git src/providers/ldap/ldap_auth.c src/providers/ldap/ldap_auth.c
-index de22689ae..fdfd67cf4 100644
---- src/providers/ldap/ldap_auth.c
+--- src/providers/ldap/ldap_auth.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ldap/ldap_auth.c
@@ -37,7 +37,6 @@
#include <sys/time.h>
@@ -33,7 +31,7 @@ index de22689ae..fdfd67cf4 100644
static errno_t add_expired_warning(struct pam_data *pd, long exp_time)
{
int ret;
-@@ -97,9 +112,9 @@ static errno_t check_pwexpire_kerberos(const char *expire_date, time_t now,
+@@ -97,9 +112,9 @@ static errno_t check_pwexpire_kerberos(const char *exp
}
DEBUG(SSSDBG_TRACE_ALL,
@@ -80,7 +78,7 @@ index de22689ae..fdfd67cf4 100644
goto immediately;
case SSS_PAM_ACCT_MGMT:
-@@ -1015,7 +1030,7 @@ static void sdap_pam_auth_handler_done(struct tevent_req *subreq)
+@@ -1015,7 +1030,7 @@ static void sdap_pam_auth_handler_done(struct tevent_r
state->be_ctx->domain->pwd_expiration_warning);
if (ret == EINVAL) {
/* Unknown password expiration type. */
@@ -89,7 +87,7 @@ index de22689ae..fdfd67cf4 100644
goto done;
}
}
-@@ -1049,7 +1064,7 @@ static void sdap_pam_auth_handler_done(struct tevent_req *subreq)
+@@ -1049,7 +1064,7 @@ static void sdap_pam_auth_handler_done(struct tevent_r
state->pd->pam_status = PAM_BAD_ITEM;
break;
default:
@@ -98,7 +96,7 @@ index de22689ae..fdfd67cf4 100644
break;
}
-@@ -1271,7 +1286,7 @@ sdap_pam_chpass_handler_send(TALLOC_CTX *mem_ctx,
+@@ -1273,7 +1288,7 @@ sdap_pam_chpass_handler_send(TALLOC_CTX *mem_ctx,
DEBUG(SSSDBG_OP_FAILURE,
"starting password change request for user [%s].\n", pd->user);
@@ -107,7 +105,7 @@ index de22689ae..fdfd67cf4 100644
if (pd->cmd != SSS_PAM_CHAUTHTOK && pd->cmd != SSS_PAM_CHAUTHTOK_PRELIM) {
DEBUG(SSSDBG_OP_FAILURE,
-@@ -1282,7 +1297,7 @@ sdap_pam_chpass_handler_send(TALLOC_CTX *mem_ctx,
+@@ -1284,7 +1299,7 @@ sdap_pam_chpass_handler_send(TALLOC_CTX *mem_ctx,
subreq = auth_send(state, params->ev, auth_ctx,
pd->user, pd->authtok, true);
if (subreq == NULL) {
@@ -116,7 +114,7 @@ index de22689ae..fdfd67cf4 100644
goto immediately;
}
-@@ -1335,7 +1350,7 @@ static void sdap_pam_chpass_handler_auth_done(struct tevent_req *subreq)
+@@ -1337,7 +1352,7 @@ static void sdap_pam_chpass_handler_auth_done(struct t
if (ret == ERR_PASSWORD_EXPIRED) {
DEBUG(SSSDBG_CRIT_FAILURE, "LDAP provider cannot change "
"kerberos passwords.\n");
@@ -125,7 +123,7 @@ index de22689ae..fdfd67cf4 100644
goto done;
}
break;
-@@ -1344,7 +1359,7 @@ static void sdap_pam_chpass_handler_auth_done(struct tevent_req *subreq)
+@@ -1346,7 +1361,7 @@ static void sdap_pam_chpass_handler_auth_done(struct t
break;
default:
DEBUG(SSSDBG_CRIT_FAILURE, "Unknown password expiration type.\n");
@@ -134,7 +132,7 @@ index de22689ae..fdfd67cf4 100644
goto done;
}
}
-@@ -1369,7 +1384,7 @@ static void sdap_pam_chpass_handler_auth_done(struct tevent_req *subreq)
+@@ -1371,7 +1386,7 @@ static void sdap_pam_chpass_handler_auth_done(struct t
if (subreq == NULL) {
DEBUG(SSSDBG_OP_FAILURE, "Failed to change password for "
"%s\n", state->pd->user);
@@ -143,7 +141,7 @@ index de22689ae..fdfd67cf4 100644
goto done;
}
-@@ -1401,7 +1416,7 @@ static void sdap_pam_chpass_handler_auth_done(struct tevent_req *subreq)
+@@ -1403,7 +1418,7 @@ static void sdap_pam_chpass_handler_auth_done(struct t
be_mark_offline(state->be_ctx);
break;
default:
@@ -152,7 +150,7 @@ index de22689ae..fdfd67cf4 100644
break;
}
-@@ -1437,7 +1452,7 @@ static void sdap_pam_chpass_handler_chpass_done(struct tevent_req *subreq)
+@@ -1439,7 +1454,7 @@ static void sdap_pam_chpass_handler_chpass_done(struct
state->pd->pam_status = PAM_AUTHTOK_ERR;
break;
default:
@@ -161,7 +159,7 @@ index de22689ae..fdfd67cf4 100644
break;
}
-@@ -1463,7 +1478,7 @@ static void sdap_pam_chpass_handler_chpass_done(struct tevent_req *subreq)
+@@ -1465,7 +1480,7 @@ static void sdap_pam_chpass_handler_chpass_done(struct
state->sh, state->dn,
lastchanged_name);
if (subreq == NULL) {
@@ -170,7 +168,7 @@ index de22689ae..fdfd67cf4 100644
goto done;
}
-@@ -1489,7 +1504,7 @@ static void sdap_pam_chpass_handler_last_done(struct tevent_req *subreq)
+@@ -1491,7 +1506,7 @@ static void sdap_pam_chpass_handler_last_done(struct t
talloc_free(subreq);
if (ret != EOK) {
diff --git a/security/sssd/files/patch-src__providers__ldap__ldap_child.c b/security/sssd/files/patch-src__providers__ldap__ldap_child.c
index 745687d00267..11dd67f0e0e9 100644
--- a/security/sssd/files/patch-src__providers__ldap__ldap_child.c
+++ b/security/sssd/files/patch-src__providers__ldap__ldap_child.c
@@ -1,8 +1,6 @@
-diff --git src/providers/ldap/ldap_child.c src/providers/ldap/ldap_child.c
-index 368bb91e1..1bc86ecb5 100644
---- src/providers/ldap/ldap_child.c
+--- src/providers/ldap/ldap_child.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ldap/ldap_child.c
-@@ -324,14 +324,14 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
+@@ -324,14 +324,14 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_
full_princ = talloc_strdup(tmp_ctx, princ_str);
}
} else {
diff --git a/security/sssd/files/patch-src__providers__ldap__sdap_access.c b/security/sssd/files/patch-src__providers__ldap__sdap_access.c
index 5b9e5efc1e1e..4ad743cec9eb 100644
--- a/security/sssd/files/patch-src__providers__ldap__sdap_access.c
+++ b/security/sssd/files/patch-src__providers__ldap__sdap_access.c
@@ -1,6 +1,4 @@
-diff --git src/providers/ldap/sdap_access.c src/providers/ldap/sdap_access.c
-index dd04ec512..58a3766fc 100644
---- src/providers/ldap/sdap_access.c
+--- src/providers/ldap/sdap_access.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ldap/sdap_access.c
@@ -562,9 +562,9 @@ bool nds_check_expired(const char *exp_time_str)
@@ -15,7 +13,7 @@ index dd04ec512..58a3766fc 100644
if (difftime(now, expire_time) > 0.0) {
DEBUG(SSSDBG_CONF_SETTINGS, "NDS account expired.\n");
-@@ -1247,7 +1247,7 @@ static errno_t sdap_access_host(struct ldb_message *user_entry)
+@@ -1247,7 +1247,7 @@ static errno_t sdap_access_host(struct ldb_message *us
struct ldb_message_element *el;
unsigned int i;
char *host;
@@ -24,7 +22,7 @@ index dd04ec512..58a3766fc 100644
el = ldb_msg_find_element(user_entry, SYSDB_AUTHORIZED_HOST);
if (!el || el->num_values == 0) {
-@@ -1255,12 +1255,12 @@ static errno_t sdap_access_host(struct ldb_message *user_entry)
+@@ -1255,12 +1255,12 @@ static errno_t sdap_access_host(struct ldb_message *us
return ERR_ACCESS_DENIED;
}
diff --git a/security/sssd/files/patch-src__providers__ldap__sdap_async_groups.c b/security/sssd/files/patch-src__providers__ldap__sdap_async_groups.c
index 4cebe5fbd6c4..998f97ce4599 100644
--- a/security/sssd/files/patch-src__providers__ldap__sdap_async_groups.c
+++ b/security/sssd/files/patch-src__providers__ldap__sdap_async_groups.c
@@ -1,6 +1,4 @@
-diff --git src/providers/ldap/sdap_async_groups.c src/providers/ldap/sdap_async_groups.c
-index 09e15bc3d..c74e4c3ea 100644
---- src/providers/ldap/sdap_async_groups.c
+--- src/providers/ldap/sdap_async_groups.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ldap/sdap_async_groups.c
@@ -505,6 +505,7 @@ static int sdap_save_group(TALLOC_CTX *memctx,
struct sysdb_attrs *group_attrs;
diff --git a/security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups.c b/security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups.c
index 2803124e583b..78b4f54bbbc8 100644
--- a/security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups.c
+++ b/security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups.c
@@ -1,8 +1,6 @@
-diff --git src/providers/ldap/sdap_async_initgroups.c src/providers/ldap/sdap_async_initgroups.c
-index 620782b6f..9831ac1d6 100644
---- src/providers/ldap/sdap_async_initgroups.c
+--- src/providers/ldap/sdap_async_initgroups.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ldap/sdap_async_initgroups.c
-@@ -45,6 +45,7 @@ errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb,
+@@ -45,6 +45,7 @@ errno_t sdap_add_incomplete_groups(struct sysdb_ctx *s
const char *uuid = NULL;
char **missing;
gid_t gid;
@@ -10,7 +8,7 @@ index 620782b6f..9831ac1d6 100644
int ret;
errno_t sret;
bool in_transaction = false;
-@@ -146,7 +147,8 @@ errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb,
+@@ -146,7 +147,8 @@ errno_t sdap_add_incomplete_groups(struct sysdb_ctx *s
/* Convert the SID into a UNIX group ID */
ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str,
@@ -20,7 +18,7 @@ index 620782b6f..9831ac1d6 100644
if (ret == EOK) {
DEBUG(SSSDBG_TRACE_INTERNAL,
"Group [%s] has mapped gid [%lu]\n",
-@@ -3305,6 +3307,7 @@ static void sdap_get_initgr_done(struct tevent_req *subreq)
+@@ -3305,6 +3307,7 @@ static void sdap_get_initgr_done(struct tevent_req *su
int ret;
TALLOC_CTX *tmp_ctx;
gid_t primary_gid;
@@ -28,7 +26,7 @@ index 620782b6f..9831ac1d6 100644
char *gid;
char *sid_str;
char *dom_sid_str;
-@@ -3411,8 +3414,9 @@ static void sdap_get_initgr_done(struct tevent_req *subreq)
+@@ -3411,8 +3414,9 @@ static void sdap_get_initgr_done(struct tevent_req *su
/* Convert the SID into a UNIX group ID */
ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, group_sid_str,
diff --git a/security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups_ad.c b/security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups_ad.c
index b7feb84f1507..209b70aff503 100644
--- a/security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups_ad.c
+++ b/security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups_ad.c
@@ -1,8 +1,6 @@
-diff --git src/providers/ldap/sdap_async_initgroups_ad.c src/providers/ldap/sdap_async_initgroups_ad.c
-index 3c58f5bc4..7e0a5169d 100644
---- src/providers/ldap/sdap_async_initgroups_ad.c
+--- src/providers/ldap/sdap_async_initgroups_ad.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ldap/sdap_async_initgroups_ad.c
-@@ -851,6 +851,7 @@ errno_t sdap_ad_save_group_membership_with_idmapping(const char *username,
+@@ -851,6 +851,7 @@ errno_t sdap_ad_save_group_membership_with_idmapping(c
size_t i;
time_t now;
gid_t gid;
@@ -10,7 +8,7 @@ index 3c58f5bc4..7e0a5169d 100644
char **groups = NULL;
size_t num_groups;
errno_t ret;
-@@ -881,7 +882,8 @@ errno_t sdap_ad_save_group_membership_with_idmapping(const char *username,
+@@ -881,7 +882,8 @@ errno_t sdap_ad_save_group_membership_with_idmapping(c
sid = sids[i];
DEBUG(SSSDBG_TRACE_LIBS, "Processing membership SID [%s]\n", sid);
diff --git a/security/sssd/files/patch-src__providers__ldap__sdap_async_sudo_hostinfo.c b/security/sssd/files/patch-src__providers__ldap__sdap_async_sudo_hostinfo.c
index 78deda7d99fa..e3091d63446a 100644
--- a/security/sssd/files/patch-src__providers__ldap__sdap_async_sudo_hostinfo.c
+++ b/security/sssd/files/patch-src__providers__ldap__sdap_async_sudo_hostinfo.c
@@ -1,8 +1,6 @@
-diff --git src/providers/ldap/sdap_async_sudo_hostinfo.c src/providers/ldap/sdap_async_sudo_hostinfo.c
-index a3c3e1068..f33299304 100644
---- src/providers/ldap/sdap_async_sudo_hostinfo.c
+--- src/providers/ldap/sdap_async_sudo_hostinfo.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ldap/sdap_async_sudo_hostinfo.c
-@@ -357,7 +357,7 @@ static struct tevent_req *sdap_sudo_get_hostnames_send(TALLOC_CTX *mem_ctx,
+@@ -357,7 +357,7 @@ static struct tevent_req *sdap_sudo_get_hostnames_send
struct tevent_req *subreq = NULL;
struct sdap_sudo_get_hostnames_state *state = NULL;
char *dot = NULL;
@@ -11,7 +9,7 @@ index a3c3e1068..f33299304 100644
int ret;
req = tevent_req_create(mem_ctx, &state,
-@@ -380,14 +380,14 @@ static struct tevent_req *sdap_sudo_get_hostnames_send(TALLOC_CTX *mem_ctx,
+@@ -380,14 +380,14 @@ static struct tevent_req *sdap_sudo_get_hostnames_send
/* get hostname */
errno = 0;
diff --git a/security/sssd/files/patch-src__providers__ldap__sdap_async_users.c b/security/sssd/files/patch-src__providers__ldap__sdap_async_users.c
index 4e5fcbb6008c..e835f542d46d 100644
--- a/security/sssd/files/patch-src__providers__ldap__sdap_async_users.c
+++ b/security/sssd/files/patch-src__providers__ldap__sdap_async_users.c
@@ -1,6 +1,4 @@
-diff --git src/providers/ldap/sdap_async_users.c src/providers/ldap/sdap_async_users.c
-index 92eeda1d3..8847be79b 100644
---- src/providers/ldap/sdap_async_users.c
+--- src/providers/ldap/sdap_async_users.c.orig 2020-03-17 13:31:28 UTC
+++ src/providers/ldap/sdap_async_users.c
@@ -61,7 +61,8 @@ sdap_get_idmap_primary_gid(struct sdap_options *opts,
{
diff --git a/security/sssd/files/patch-src__resolv__async_resolv_utils.c b/security/sssd/files/patch-src__resolv__async_resolv_utils.c
index 27457a3399d6..d0bd69b25801 100644
--- a/security/sssd/files/patch-src__resolv__async_resolv_utils.c
*** 610 LINES SKIPPED ***