fixing bug 465954 and bug 449940 in 265-r3

Package-Manager: portage-2.2.7/cvs/Linux x86_64
Manifest-Sign-Key: 0x2471EB3E40AC5AC3

5 files changed, 695 insertions, 15 deletions

diff --git a/sys-auth/nss_ldap/ChangeLog b/sys-auth/nss_ldap/ChangeLog
index b42d0183fa1d..5186109727f9 100644
--- a/sys-auth/nss_ldap/ChangeLog
+++ b/sys-auth/nss_ldap/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for sys-auth/nss_ldap
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.83 2014/01/26 12:06:44 ago Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.84 2014/02/17 05:41:10 prometheanfire Exp $
+
+*nss_ldap-265-r3 (17 Feb 2014)
+
+  17 Feb 2014; Matthew Thode <prometheanfire@gentoo.org>
+  +files/nss_ldap-265-fbsd.patch,
+  +files/nss_ldap-265-missing-entries-oneshot.patch, +nss_ldap-265-r3.ebuild:
+  fixing bug 465954 and bug 449940 in 265-r3
 
   26 Jan 2014; Agostino Sarubbo <ago@gentoo.org> nss_ldap-265-r2.ebuild:
   Stable for sparc, wrt bug #438692
diff --git a/sys-auth/nss_ldap/Manifest b/sys-auth/nss_ldap/Manifest
index e3108160cdb4..fe8e8e985b56 100644
--- a/sys-auth/nss_ldap/Manifest
+++ b/sys-auth/nss_ldap/Manifest
@@ -9,7 +9,9 @@ AUX nss_ldap-254-soname.patch 604 SHA256 b07482163f238d843a3a7a31008890e523dd178
 AUX nss_ldap-257-nss_max_group_depth.patch 3551 SHA256 66286a3d097b2ac425bd7f6078701a8f5b357ee535284d3faa4e0783b974fa37 SHA512 7810f8c053c8f6b01cc61bb1953441d457bc6d90b4e985d03f6c7e8a7ef60225c86dfa0248fe1107955418a3ed205b52510fd2bee07fefc1c559300a1417d1de WHIRLPOOL afdcf317d8fad283f66008546c0858a78c0e259aa2cc5dcb881d527b3e5a319e1c0ee41bd2e429e0057aeecfa22eeacce5b2eee88e1c98c09b42e302f4409dd2
 AUX nss_ldap-257.2-gssapi-headers.patch 2343 SHA256 1b920cfc6b5d62408fee019cdf8491a8cbc9884344775d9fb57cd8a419d32fd5 SHA512 51acfb4879c242582fc6f4d8543b96ff5e2e36e5bfacc3e8d8f1648f77a16957bbb7da0fa8d09ee1eea0ea19d81b0511ce72cc1c91ca2c68709203ec60369dde WHIRLPOOL b2e40760256bf9805b718d0aba40c9d00dcd6e9a5183491ccaa4398ec580c74aa53b7025d2ab460cdaa2dee13a04bbae391f21605ba3eaae27482bb7e66845bd
 AUX nss_ldap-264-disable-automagic.patch 4357 SHA256 7e8fbaa80a3174b68991d232a214af9e6f7eae7e7aaedd92d200828a8510d0e6 SHA512 4d7fc328f90dfc189ee0784db0298434b9a91ed5a9b2828dd94c2632c2116193e22df737de9ff7044746b337c47744284371aa4f32b83be61c5f0ec86edb7d35 WHIRLPOOL 85770ba891d1e11937d253a71d8e9b3939f62fcebc82dfacabf82f7a5cfdc8ff343f58f8438a130c500c1598e7ab60cce84b87f5c073a1b00087e588fc62252d
+AUX nss_ldap-265-fbsd.patch 14058 SHA256 d84d106bf2e99278cbd392a544ac33758b3962d05a40323b15f26cbb6c079c56 SHA512 e83ebc35f3a2dcd75734f30a91e0c9eb7e425240aa86499c6993ffcd2c0068935a83a7282cc7203e4bd60b5383e7cb555635fb29142ad98be421f0d4ac10e69d WHIRLPOOL 4e9d2f53ec3600e1076bf52843ed990d01b523ecddb8113ce754650f1372771c73e9f9a9c9f3c046bcb283330bc344648926f300ab5f6030f92a08e19f16ab08
 AUX nss_ldap-265-installdir.patch 1626 SHA256 68614bf9b3c6599e06a8ee2300ab9ab7266395605c683844b5ef4dd68d252b6e SHA512 7e86ff4fff320ef8132fff6f317dc58641845327c4de9be3b0d41004d27dab41fcc8752987682cee0b8e22230ab1034f0cf45a84ec405706aa37d499bbcc70b8 WHIRLPOOL 9ccd812f8a4f6d404d7fa1c6da0d9fa55caeef18e0d78b81298cc8a0468affef5dc6d9601ebb0ee1761be7a1098c12cded51ce5c4a1a47bc02a8c96aea68e855
+AUX nss_ldap-265-missing-entries-oneshot.patch 3734 SHA256 606fe41b1e1b65876cf96d2846151f42e950a1dd82852cf5f782e9bbb4a8bf0a SHA512 07136f98f5b195f4b794ede35d314db205b89e63168b14489964ad676714ecf861acdd5810fc99c2e784115af4e0e0a20f849672e7f6643dbb6e14db11c9cb05 WHIRLPOOL 38f1db40e3699b6c4df351f82e1fbc06a3d8fbdf87441fecdd4005d353c16899b310782bb6837e85bef193002cc9a232eb5cb646d2742cd5ce72283741b0c659
 AUX nss_ldap-265-pthread.patch 18698 SHA256 403d00a198f48fe5edda31fba3b09ab8898007e2885e110870b50400cb274610 SHA512 2afc8a8ee20043985b739923a4c7472f0e13c6854de6d3023ac6c843d3ba6ecf4cf7ee21da4d8dad907f27ab476eec646fa4603d8be725f079f60a4a220c025d WHIRLPOOL 4e37264f2dee13846cfac74e88d0b09ac7020e4fc04a04f1bdca0c5fab431852cd8028959ad43478ff5cc06731f6a4b8f41a29d21e1372abec98e60f9ef9a170
 AUX nss_ldap-265-reconnect-timeouts.patch 2806 SHA256 f1d3a308aac80fc1f33d4087a7839e01e45ece3aed284378adecb537bdcc53c3 SHA512 d9767cfaf32b9041d222c7b313c327a72ac2766d26fed7ce19cc1acff56cf2493d4e1e83b33852083505952f983ba64c00409e3cf09dcbf74676390968dd935b WHIRLPOOL c92858995a2d9950f47ad56a848d88470d829ecda81d5c83a55f9eb179d89750d382b05185502fae116aec9073a2115a2ceb70e13048d99b66ebf2126b656281
 AUX nsswitch.ldap.diff 575 SHA256 f3bf121d1fa4e3c0119d36ddd2445bcbbd955e2b7fe2f0fe65ebaa6d2808c43e SHA512 0d08d4dacea0213714cab864300e625158106245eeb34a7d4b983749dd4fa4156d3f36d6c2dd214efdf80cf926c37657eb00651bceb89907286a3310123399a0 WHIRLPOOL f03a8bbda19e40a4d4d6352c0f496bd32ed6e4001b14c5e169fd16638467602c2ca4620d819cfd3aa29844192f1cb5367190f2df30f920ddeec716062558cb80
@@ -27,23 +29,24 @@ EBUILD nss_ldap-264-r1.ebuild 2732 SHA256 ee3d43ad22bd71718fa710c55c3c0cb5ef976c
 EBUILD nss_ldap-264.ebuild 2670 SHA256 ca86d085fe02f4d5fd723ac6d7b1c9f8ee87296e6e695d2d3437c9fbfdca81ef SHA512 6f5442086ee653310bd553c1a9071300d741bf13b4e6fdb6e6ff03051e580537a70f8fa07f39b9395d8bf7d8903692bb694fb14df2a897a085273a0857d20a10 WHIRLPOOL c9ad055b7c7f1553679cf4dff8798a2b4ace11a690130ff7cbda6a032d799103ea612f5782d150ceeb6d24931e03a297f04aacef406d0a8b3c486d30b7c73f41
 EBUILD nss_ldap-265-r1.ebuild 3070 SHA256 1443cfc59b95bc122408f718004809b695e260d2c46be82a6d5e76eaf1c19cd7 SHA512 1dd3e117f96a53b9d1600fdc0cd606dfaac2e8391ad2eaf49f1e283075e1df88d9601b760928baeb35dde00c474619da02af13c1cd52a21773dd2cae5632e8fe WHIRLPOOL 94a17838db43446afbdcf28705df2b226d346fcedc4dd27209c6db23da565b3c230dbb75a6d8f33a4a9b6291544468ec53535dc63c9482f11b7c5da7d46d4141
 EBUILD nss_ldap-265-r2.ebuild 3217 SHA256 aa3359f132b0da70aee01deb0519426182024beeabd52b6386d1066813b15d49 SHA512 549b4fc26ef70ec1bb6b7ab09cf0289f1131f279ed4752d9bbda90299d954e83819570b431e3ea8827e96e317bc104aa0e5a1524cb423dbf80205ca4c8f75a2f WHIRLPOOL 6bfe1b147f01e0e4f1d497e86871584d42cfb0993eb006c186e11d4b04630fa72af616be457bd8acac45ef6de4e1e5bce6e127ef2518ff63f4b609616f76c2cf
+EBUILD nss_ldap-265-r3.ebuild 3728 SHA256 b2dcee79ae3892aae581b15fe7e03466faf8b1143652ebaf04d0a355437a5676 SHA512 151ab555c5b9461d89a92864cd43f972c00ba2a35ce3ad7ecbb81f81fa523cab32111411e9d034b5576639ebabedb9b25b8a3e45cc3ea084dc67b21ae59b14c0 WHIRLPOOL cf3cf0ba7e1ad75ebdf7d045fc4f046d2d6bbca0f2a078a383c0eeffc0216520d0501c7cc56d775db9117e1ad9277500508aa6326f40923efd1a06939d2760db
 EBUILD nss_ldap-265.ebuild 2814 SHA256 ed202b2c56cd1f1951c189d821e2ea3fa39b037ccdcbf2d80c4fae4b1ef76f03 SHA512 a1ff63edc5968f1a5697658bdd00d7eefa598da0c341b306612ee18c5bf97eda3363cbe74e191a9cd1a7b69135e45957618cb78675dc109e963491b9105d89d7 WHIRLPOOL dd1d0aef260c530eeaf1edeb05f0dc740c5ddb0f65a05e305a56f7a802d3cd38b18bdcb6483c783b284cb6cdec279dd5ebea86f9b057e5e69e18c171f80e234d
-MISC ChangeLog 18915 SHA256 ffebd7caaa7168a66b028547c2c5efe724925f21bfcfe928f997afe63d257941 SHA512 f72b773a83022ef0720f0e206cd63e6891f8c6df3523b2b11e6f622ce79812302f7ffbe89c95529151fe976d68c66fc559e322c13fa0fb4f4745737bb1038971 WHIRLPOOL 15b720f33bd7740827d480471d1467df82024f938d8ed2b572850e765305fa41f04efe385390d2a68b150a08d0ab7391ff88e4c83195331327a4401e3cac6855
+MISC ChangeLog 19173 SHA256 1de8683cca16aceada6a452027e5e2382812e2e7b1e8bd505b4bc06c629b8176 SHA512 62df5e611a810a58ca12ac434f9840f9f21770a210ae18f9a960518eb34ae39f66f0f90f87dab90db2ca7494edcc10166b246cc9d230aec249ba12b5fe165e8c WHIRLPOOL 4d63f2b64ef72feced99c40f47d94b0cc0add7110e3b454d4d0ed655533a71cc12582b4da1424d7c12f9e9993c71b693a71ba6c68a162641a84c83e4c446a9f2
 MISC metadata.xml 422 SHA256 af55fd73ad66818870015d6f9f974cc3ac24df6f8855c42945f918b00e7f6915 SHA512 352a70664672d38a9423c8c743d6dd370c986a18b04fdf71b27716b6ec19aa54b6782c97a7b0cc73d75e59f491a2757b79d0abbb30c31c569f733fd18651de5a WHIRLPOOL 2372666def3dfc947904deb2198f23275259ebd7ecfb75397660612fe638ab30eb3f72305a0de8deaab5d9de01b85a81530e58231f52f84eb1ffde7eb522946d
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
-iQIcBAEBCAAGBQJS5PpVAAoJELp701BxlEWfmsYQAJt11Grv93yOzri4fmerkfMi
-pBrPq0XIw4HpXq8BGm5BwFUqeVkj8BXnL5UdHCQruvGdsdyH/0PZBUAkhQaTTRzw
-tvMl0Qta/QPsdiigFblPyaq72IgCNjZk0uxrtSgkpEUYZZ8PeK8UxUCi2K+MrOzO
-FsN6HtIXpnO5yaP+5sUDEajUi8mBljQ3u1VyJQtW7E0ufXhT86w/E2G6RtFOXVbm
-ocgfvmOryLSaAL8dx8aaU0arPwDjh9I+ztDpSOe3XWQ2oJoRIB0HOlrHLwvov6xF
-w7u0vCdW6NQQ7XqUzmzsYMQKvkNwlA6kDxJDOsxAfLFsX1g0vc1xARPzMVbaUMEn
-WsOXHbhOPnWeIaiLMJh1fQwR96fUfpaOsPLsgIuUucytwdZkEhgC7ThZB/iUigSb
-LvEo75IUjsmgn4V8fPaW9kXepFl5eyneQjpbLG8XxJPVvXtoT+5PYT/2u7BF457s
-U/8G3NW7YnLkLNaCbSPAn4h7+R14RjGEtISw5yTnw00Fsc9Z24ifcbBh6Z66VDxw
-rf0wDkijzDKoWTg3gO9w9WerMMxv9nrhy3u948shDfL1apTpBYoToOgEY+gifcOa
-3DAD1HGjosUgqE0o+J1ttLtcFlKXlMdw61ku62lrXTy+WYksypxbwJSXtJxWN4bI
-HjY61nCgQqyBnTP0Ce8R
-=azcG
+iQIcBAEBCAAGBQJTAaEFAAoJECRx6z5ArFrDbF4P+wdYuOLwVvBz8FmmznsKbYYX
+sk/1w0Esv9jhJdc97Fs5c10naiKeCNh0kat86i6EQW/PQgiCW4zg5VH1oM3ELhzt
+Ehm62w/V1/lmU+Kuk9xHvcQgtFggmTVBqF7e7QnZmtzZGkNyJfsGIHTck95OEZXE
+0ZITE/2xvKmTAvG0cMqyddsQQMAJ0kkjp7h6RvQ77ddcfBLQqIRAdetncmZQtyfq
+NUW0+3XWifq1n1l+3Bxgy9WMYdAIosuE+/oIZNrs26cwPuRh5v0OY74w2RmRjqat
+0HVtoPWdHtjH23uYoT3Mdd0FhTj0MEeaJJ+oFmzTIdoMfYR72sxhZPptlOiDhlam
+zUfXwxB/UOR9LRqdTBYfh4JKB54ZRU5vYsG/CmGyRFL1XF+DiJrCJMlH2M23Q6gA
+8FS9SvUUrBtRZZ/qq5CXrHdkzvL+pRdBvcDE08ZAUhUEhe91aXrX0Fwx5Jj2aub6
+4mSbZwQGDanJ6UcaaqctJ3vLLh1ci+ziaztXgx5VNwFhIwIY80Er5I5OcUY83lG4
+c3jNqP7trgDFLWmv+c97/Ni6lXrTPj26t5rkcpnZfa/14qk/asPd1/ZmWzzsFtib
+JjDdM7wC8yCrWS8XFIFU+HYnYJQNV/d+8wmwmUZ/cbAOxv8kMYGTiJelCHWt6A/L
+SN/aM3m3cxZmCfMYexLw
+=5DKM
 -----END PGP SIGNATURE-----
diff --git a/sys-auth/nss_ldap/files/nss_ldap-265-fbsd.patch b/sys-auth/nss_ldap/files/nss_ldap-265-fbsd.patch
new file mode 100644
index 000000000000..6e2bf826d17f
--- /dev/null
+++ b/sys-auth/nss_ldap/files/nss_ldap-265-fbsd.patch
@@ -0,0 +1,432 @@
+--- Makefile.am.orig	2009-11-06 05:28:08.000000000 -0500
++++ Makefile.am		2010-01-12 23:24:17.000000000 -0500
+@@ -9,8 +9,12 @@
+ if AIX
+ INST_GID=system
+ else
++if FreeBSD
++INST_GID=wheel
++else
+ INST_GID=root
+ endif
++endif
+ 
+ EXTRA_DIST = CVSVersionInfo.txt ChangeLog \
+ 	     AUTHORS ANNOUNCE NEWS INSTALL README LICENSE.OpenLDAP COPYING\
+@@ -23,7 +27,7 @@
+ 	ldap-alias.c ldap-service.c ldap-schema.c ldap-ethers.c \
+ 	ldap-bp.c ldap-automount.c util.c ltf.c snprintf.c resolve.c \
+ 	dnsconfig.c irs-nss.c pagectrl.c ldap-sldap.c ldap-init-krb5-cache.c \
+-	vers.c
++	vers.c bsdnss.c
+ 
+ nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@
+ 
+@@ -103,11 +107,10 @@
+ 		$(mkinstalldirs) $(DESTDIR)$(dir $(NSS_LDAP_PATH_CONF)); \
+ 		$(INSTALL_DATA) -o $(INST_UID) -g $(INST_GID) $(srcdir)/ldap.conf $(DESTDIR)$(NSS_LDAP_PATH_CONF); \
+ 	fi
+-	$(INSTALL_DATA) -o $(INST_UID) -g $(INST_GID) $(srcdir)/nsswitch.ldap $(DESTDIR)$(sysconfdir)/nsswitch.ldap; 
+ 
+ uninstall-local:
+ 	@$(NORMAL_UNINSTALL)
+ 
+ vers.c: $(top_srcdir)/CVSVersionInfo.txt
+-	CVSVERSIONDIR=$(top_srcdir) ./vers_string -v
++	$(top_srcdir)/vers_string -v
+ 
+
+--- configure.in.orig		   2007-10-29 06:30:12.000000000 -0700
++++ configure.in		   2008-09-26 20:38:20.000000000 -0700
+@@ -97,11 +97,15 @@
+ linux*) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux" ;;
+ *) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic" ;;
+ esac
++case "$target_os" in
++freebsd*) TARGET_OS=FreeBSD ;;
++esac
+ 
+ AM_CONDITIONAL(GCC, test "$GCC" = "yes")
+ AM_CONDITIONAL(GLIBC, test "$target_os" = "linux" -o "$target_os" = "linux-gnu")
+ AM_CONDITIONAL(AIX, test "$TARGET_OS" = AIX)
+ AM_CONDITIONAL(HPUX, test "$TARGET_OS" = HPUX)
++AM_CONDITIONAL(FreeBSD, test "$TARGET_OS" = FreeBSD)
+ 
+ AM_CONDITIONAL(USE_NATIVE_LINKER, test -n "$nss_ldap_so_LD")
+ 
+@@ -153,7 +157,6 @@
+   aix*) AC_CHECK_HEADERS(irs.h usersec.h) ;;
+   hpux*) AC_CHECK_HEADERS(nsswitch.h) ;;
+   *) AC_CHECK_HEADERS(nss.h)
+-     AC_CHECK_HEADERS(nsswitch.h)
+      AC_CHECK_HEADERS(irs.h) ;;
+ esac
+ AC_CHECK_HEADERS(thread.h)
+@@ -232,7 +235,6 @@
+ AC_CHECK_FUNCS(gethostbyname)
+ AC_CHECK_FUNCS(nsdispatch)
+ AC_CHECK_LIB(pthread_nonshared, main)
+-AC_CHECK_FUNCS(pthread_atfork)
+ AC_CHECK_FUNCS(pthread_once)
+ AC_CHECK_FUNCS(ether_aton)
+ AC_CHECK_FUNCS(ether_ntoa)
+
+--- ldap-ethers.c.orig	2009-11-06 10:28:08.000000000 +0000
++++ ldap-ethers.c	2009-12-23 17:01:14.000000000 +0000
+@@ -217,9 +217,9 @@
+     }
+ 
+   snprintf(fullmac, sizeof(fullmac), "%02x:%02x:%02x:%02x:%02x:%02x",
+-	   addr->ether_addr_octet[0], addr->ether_addr_octet[1],
+-	   addr->ether_addr_octet[2], addr->ether_addr_octet[3],
+-	   addr->ether_addr_octet[4], addr->ether_addr_octet[5]);
++	   addr->octet[0], addr->octet[1],
++	   addr->octet[2], addr->octet[3],
++	   addr->octet[4], addr->octet[5]);
+ 
+   LA_INIT(a);
+   LA_STRING(a) = ether_ntoa(addr);
+@@ -343,14 +343,14 @@
+ 	if (i != 6)
+ 		return NULL;
+ 	for (i = 0; i < 6; i++)
+-		ep.ether_addr_octet[i] = t[i];
++		ep.octet[i] = t[i];
+ 
+	return &ep;
+ }
+ #endif /* !HAVE_ETHER_ATON */
+ 
+ #ifndef HAVE_ETHER_NTOA
+-#define EI(i)	(unsigned int)(e->ether_addr_octet[(i)])
++#define EI(i)	(unsigned int)(e->octet[(i)])
+ static char *ether_ntoa (const struct ether_addr *e)
+ {
+ 	static char s[18];
+
+--- ldap-ethers.h.orig	2009-11-06 10:28:08.000000000 +0000
++++ ldap-ethers.h	2009-12-23 17:02:06.000000000 +0000
+@@ -32,7 +32,7 @@
+ 
+ #ifndef HAVE_STRUCT_ETHER_ADDR
+ struct ether_addr {
+-  u_char ether_addr_octet[6];
++  u_char octet[6];
+ };
+ #endif
+ 
+--- ldap-nss.c.orig	Sat May 27 16:23:40 2006
++++ ldap-nss.c		Sat May 27 16:23:52 2006
+@@ -69,7 +69,7 @@
+ #endif
+ 
+ /* Try to handle systems with both SASL libraries installed */
+-#if defined(HAVE_SASL_SASL_H) && defined(HAVE_SASL_AUXPROP_REQUEST)
++#if defined(HAVE_SASL_SASL_H) 
+ #include <sasl/sasl.h>
+ #elif defined(HAVE_SASL_H)
+ #include <sasl.h>
+
+--- ldap-pwd.c.orig	2008-10-30 21:50:15.000000000 +0100
++++ ldap-pwd.c		2008-12-06 00:37:30.216966282 +0100
+@@ -21,7 +21,10 @@
+ static char rcsId[] =
+   "$Id: nss_ldap-265-fbsd.patch,v 1.1 2014/02/17 05:41:10 prometheanfire Exp $";
+ 
++#include <sys/types.h>
++#include <unistd.h>
+ #include "config.h"
++ 
+ 
+ #ifdef HAVE_PORT_BEFORE_H
+ #include <port_before.h>
+@@ -90,9 +93,13 @@
+   size_t tmplen;
+   char *tmp;
+ 
+-  if (_nss_ldap_oc_check (e, "shadowAccount") == NSS_SUCCESS)
+-    {
++/*  if (_nss_ldap_oc_check (e, "shadowAccount") == NSS_SUCCESS)
++ *   {
++ */
+       /* don't include password for shadowAccount */
++  if (geteuid() != 0) 
++  {
++    /* don't include password for non-root users */
+       if (buflen < 3)
+ 	return NSS_TRYAGAIN;
+ 
+@@ -163,6 +170,15 @@
+     }
++
++#ifdef HAVE_LOGIN_CLASSES 
++  stat =
++    _nss_ldap_assign_attrval (e, AT (loginClass), &pw->pw_class, &buffer,
++    			                &buflen);
++  if (stat != NSS_SUCCESS)
++    (void) _nss_ldap_assign_emptystring (&pw->pw_class, &buffer, &buflen);
++#endif
++
+ 
+   stat =
+     _nss_ldap_assign_attrval (e, AT (homeDirectory), &pw->pw_dir, &buffer,
+ 			      &buflen);
+   if (stat != NSS_SUCCESS)
+
+--- ldap-schema.c	2009-08-29 09:21:43.000000000 -0400
++++ ldap-schema.c	2009-08-28 12:09:52.000000000 -0400
+@@ -334,6 +334,9 @@
+ #ifdef HAVE_PASSWD_PW_EXPIRE
+   (*pwd_attrs)[i++] = AT (shadowExpire);
+ #endif /* HAVE_PASSWD_PW_EXPIRE */
++#ifdef HAVE_LOGIN_CLASSES
++  (*pwd_attrs)[i++] = AT (loginClass);
++#endif
+   (*pwd_attrs)[i] = NULL;
+ }
+ 
+--- ldap-schema.h	2009-08-29 09:21:43.000000000 -0400
++++ ldap-schema.h	2009-08-29 06:37:18.000000000 -0400
+@@ -24,7 +24,7 @@
+ #define _LDAP_NSS_LDAP_LDAP_SCHEMA_H
+ 
+ /* max number of attributes per object class */
+-#define ATTRTAB_SIZE	15
++#define ATTRTAB_SIZE	16
+ 
+ /**
+  * function to initialize global lookup filters.
+@@ -153,6 +153,10 @@
+ #define AT_gecos                  "gecos"
+ #define AT_homeDirectory          "homeDirectory"
+
++#ifdef HAVE_LOGIN_CLASSES
++/* FreeBSD extension -Jacob Myers <jacob@whotokspaz.org> */
++#define AT_loginClass           "loginClass"
++#endif
+ /*
+  * ( nisSchema.2.1 NAME 'shadowAccount' SUP top AUXILIARY
+  *   DESC 'Additional attributes for shadow passwords'            
+
+--- /dev/null	       2013-04-13 01:27:01.290932001 +0200
++++ bsdnss.c	       2013-04-14 03:17:47.794195349 +0200
+@@ -0,0 +1,219 @@
++#include <errno.h>
++#include <stdlib.h>
++#include <sys/param.h>
++#include <netinet/in.h>
++#include <pwd.h>
++#include <grp.h>
++#include <nss.h>
++#include <nsswitch.h>
++#include <netdb.h>
++
++extern enum nss_status _nss_ldap_getgrent_r(struct group *, char *, size_t,
++    int *);
++extern enum nss_status _nss_ldap_getgrnam_r(const char *, struct group *,
++    char *, size_t, int *);
++extern enum nss_status _nss_ldap_getgrgid_r(gid_t gid, struct group *, char *,
++    size_t, int *);
++extern enum nss_status _nss_ldap_setgrent(void);
++extern enum nss_status _nss_ldap_endgrent(void);
++extern enum nss_status _nss_ldap_initgroups_dyn(const char *, gid_t, long int *,
++	     		   long int *, gid_t **, long int, int *);
++
++extern enum nss_status _nss_ldap_getpwent_r(struct passwd *, char *, size_t,
++    int *);
++extern enum nss_status _nss_ldap_getpwnam_r(const char *, struct passwd *,
++    char *, size_t, int *);
++extern enum nss_status _nss_ldap_getpwuid_r(gid_t gid, struct passwd *, char *,
++    size_t, int *);
++extern enum nss_status _nss_ldap_setpwent(void);
++extern enum nss_status _nss_ldap_endpwent(void);
++
++extern enum nss_status _nss_ldap_gethostbyname_r (const char *name, struct hostent * result,
++	     		   char *buffer, size_t buflen, int *errnop,
++			   		    int *h_errnop);
++
++extern enum nss_status _nss_ldap_gethostbyname2_r (const char *name, int af, struct hostent * result,
++	     		    char *buffer, size_t buflen, int *errnop,
++			    	 	      int *h_errnop);
++extern enum nss_status _nss_ldap_gethostbyaddr_r (struct in_addr * addr, int len, int type,
++	     		   struct hostent * result, char *buffer,
++			   	  	     size_t buflen, int *errnop, int *h_errnop);
++
++NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_getgrgid_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_getgrent_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_setgrent);
++NSS_METHOD_PROTOTYPE(__nss_compat_endgrent);
++static NSS_METHOD_PROTOTYPE(__freebsd_getgroupmembership);
++
++NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r);
++NSS_METHOD_PROTOTYPE(__nss_compat_setpwent);
++NSS_METHOD_PROTOTYPE(__nss_compat_endpwent);
++
++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname);
++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname2);
++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyaddr);
++
++static ns_mtab methods[] = {
++{ NSDB_GROUP, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r },
++{ NSDB_GROUP, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r },
++{ NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r },
++{ NSDB_GROUP, "setgrent",   __nss_compat_setgrent,   _nss_ldap_setgrent },
++{ NSDB_GROUP, "endgrent",   __nss_compat_endgrent,   _nss_ldap_endgrent },
++{ NSDB_GROUP, "getgroupmembership",  __freebsd_getgroupmembership, NULL },
++
++{ NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r },
++{ NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r },
++{ NSDB_PASSWD, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r },
++{ NSDB_PASSWD, "setpwent",   __nss_compat_setpwent,   _nss_ldap_setpwent },
++{ NSDB_PASSWD, "endpwent",   __nss_compat_endpwent,   _nss_ldap_endpwent },
++
++{ NSDB_HOSTS, "gethostbyname", __nss_compat_gethostbyname, _nss_ldap_gethostbyname_r },
++{ NSDB_HOSTS, "gethostbyaddr", __nss_compat_gethostbyaddr, _nss_ldap_gethostbyaddr_r },
++{ NSDB_HOSTS, "gethostbyname2", __nss_compat_gethostbyname2, _nss_ldap_gethostbyname2_r },
++
++{ NSDB_GROUP_COMPAT, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r },
++{ NSDB_GROUP_COMPAT, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r },
++{ NSDB_GROUP_COMPAT, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r },
++{ NSDB_GROUP_COMPAT, "setgrent",   __nss_compat_setgrent,   _nss_ldap_setgrent },
++{ NSDB_GROUP_COMPAT, "endgrent",   __nss_compat_endgrent,   _nss_ldap_endgrent },
++
++{ NSDB_PASSWD_COMPAT, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r },
++{ NSDB_PASSWD_COMPAT, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r },
++{ NSDB_PASSWD_COMPAT, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r },
++{ NSDB_PASSWD_COMPAT, "setpwent",   __nss_compat_setpwent,   _nss_ldap_setpwent },
++{ NSDB_PASSWD_COMPAT, "endpwent",   __nss_compat_endpwent,   _nss_ldap_endpwent },
++
++};
++
++
++ns_mtab *
++nss_module_register(const char *source, unsigned int *mtabsize,
++    nss_module_unregister_fn *unreg)
++{
++	*mtabsize = sizeof(methods)/sizeof(methods[0]);
++	*unreg = NULL;
++	return (methods);
++}
++
++int __nss_compat_gethostbyname(void *retval, void *mdata, va_list ap)
++{
++	enum nss_status		(*fn)(const char *, struct hostent *, char *, size_t, int *, int *);
++	const char 		*name;
++	struct hostent 		*result;
++	char   			buffer[1024];
++	size_t				buflen = 1024;
++	int 				       errnop;
++	int					h_errnop;
++	int						af;
++	enum nss_status					status;
++	fn = mdata;
++	name = va_arg(ap, const char*);
++	af = va_arg(ap,int);
++	result = va_arg(ap,struct hostent *);
++	status = fn(name, result, buffer, buflen, &errnop, &h_errnop);
++	status = __nss_compat_result(status,errnop);
++	h_errno = h_errnop;
++	return (status);
++}
++
++int __nss_compat_gethostbyname2(void *retval, void *mdata, va_list ap)
++{
++	enum nss_status		(*fn)(const char *, struct hostent *, char *, size_t, int *, int *);
++	const char 		*name;
++	struct hostent 		*result;
++	char   			buffer[1024];
++	size_t				buflen = 1024;
++	int 				       errnop;
++	int					h_errnop;
++	int						af;
++	enum nss_status					status;
++	fn = mdata;
++	name = va_arg(ap, const char*);
++	af = va_arg(ap,int);
++	result = va_arg(ap,struct hostent *);
++	status = fn(name, result, buffer, buflen, &errnop, &h_errnop);
++	status = __nss_compat_result(status,errnop);
++	h_errno = h_errnop;
++	return (status);
++}
++
++int __nss_compat_gethostbyaddr(void *retval, void *mdata, va_list ap)
++{
++	struct in_addr	*addr;
++	int    		len;
++	int			type;
++	struct hostent		*result;
++	char   			buffer[1024];
++	size_t				buflen = 1024;
++	int				       errnop;
++	int					h_errnop;
++	enum nss_status (*fn)(struct in_addr *, int, int, struct hostent *, char *, size_t, int *, int *);
++	enum nss_status status;
++	fn = mdata;
++	addr = va_arg(ap, struct in_addr*);
++	len = va_arg(ap,int);
++	type = va_arg(ap,int);
++	result = va_arg(ap, struct hostent*);
++	status = fn(addr, len, type, result, buffer, buflen, &errnop, &h_errnop);
++	status = __nss_compat_result(status,errnop);
++	h_errno = h_errnop;
++	return (status);
++}
++
++static int
++__gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *groupc)
++{
++	int	ret, dupc;
++
++	/* skip duplicates */
++	for (dupc = 0; dupc < MIN(maxgrp, *groupc); dupc++) {
++	    if (groups[dupc] == gid)
++	       		     return 1;
++			     }
++
++	ret = 1;
++	if (*groupc < maxgrp)			/* add this gid */
++	   groups[*groupc] = gid;
++	   else
++		ret = 0;
++		(*groupc)++;
++		return ret;
++}
++
++static int __freebsd_getgroupmembership(void *retval, void *mdata, va_list ap)
++{
++	int err;
++	enum nss_status s;
++	const char *user	= va_arg(ap, const char *);
++	gid_t group 		  = va_arg(ap, gid_t);
++	gid_t *groups 		    = va_arg(ap, gid_t *);
++	int limit 		      = va_arg(ap, int);
++	int *size 		      	= va_arg(ap, int*);
++	gid_t *tmpgroups;
++	long int lstart, lsize;
++	int i;
++
++	tmpgroups = malloc(limit * sizeof(gid_t));
++	if (tmpgroups == NULL)
++	   return NS_TRYAGAIN;
++
++	/* insert primary membership */
++	__gr_addgid(group, groups, limit, size);
++
++	lstart = 0;
++	lsize = limit;
++	s = _nss_ldap_initgroups_dyn(user, group, &lstart, &lsize,
++	  &tmpgroups, 0, &err);
++	  if (s == NSS_STATUS_SUCCESS) {
++	     for (i = 0; i < lstart; i++)
++	     	     __gr_addgid(tmpgroups[i], groups, limit, size);
++		     			       s = NSS_STATUS_NOTFOUND;
++					       }
++
++	free(tmpgroups);
++
++	return __nss_compat_result(s, err);
++}
diff --git a/sys-auth/nss_ldap/files/nss_ldap-265-missing-entries-oneshot.patch b/sys-auth/nss_ldap/files/nss_ldap-265-missing-entries-oneshot.patch
new file mode 100644
index 000000000000..6730dc986dd1
--- /dev/null
+++ b/sys-auth/nss_ldap/files/nss_ldap-265-missing-entries-oneshot.patch
@@ -0,0 +1,101 @@
+Distinguish between contexts that are somewhat persistent and one-offs
+which are used to fulfill part of a larger request.
+
+diff -up nss_ldap-253/ldap-grp.c nss_ldap-253/ldap-grp.c
+--- nss_ldap-253/ldap-grp.c	2009-05-08 13:30:43.000000000 -0400
++++ nss_ldap-253/ldap-grp.c	2009-05-08 13:34:41.000000000 -0400
+@@ -857,7 +857,7 @@ ng_chase (const char *dn, ldap_initgroup
+   LA_STRING (a) = dn;
+   LA_TYPE (a) = LA_TYPE_STRING;
+ 
+-  if (_nss_ldap_ent_context_init_locked (&ctx) == NULL)
++  if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL)
+     {
+       return NSS_UNAVAIL;
+     }
+@@ -930,7 +930,7 @@ ng_chase_backlink (const char ** members
+   LA_STRING_LIST (a) = filteredMembersOf;
+   LA_TYPE (a) = LA_TYPE_STRING_LIST_OR;
+ 
+-  if (_nss_ldap_ent_context_init_locked (&ctx) == NULL)
++  if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL)
+     {
+       free (filteredMembersOf);
+       return NSS_UNAVAIL;
+diff -up nss_ldap-253/ldap-netgrp.c nss_ldap-253/ldap-netgrp.c
+--- nss_ldap-253/ldap-netgrp.c	2009-05-08 13:31:35.000000000 -0400
++++ nss_ldap-253/ldap-netgrp.c	2009-05-08 13:33:14.000000000 -0400
+@@ -691,7 +691,7 @@ do_innetgr_nested (ldap_innetgr_args_t *
+   LA_TYPE (a) = LA_TYPE_STRING;
+   LA_STRING (a) = nested;	/* memberNisNetgroup */
+ 
+-  if (_nss_ldap_ent_context_init_locked (&ctx) == NULL)
++  if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL)
+     {
+       debug ("<== do_innetgr_nested: failed to initialize context");
+       return NSS_UNAVAIL;
+diff -up nss_ldap-253/ldap-nss.c nss_ldap-253/ldap-nss.c
+--- nss_ldap-253/ldap-nss.c	2009-05-08 13:27:17.000000000 -0400
++++ nss_ldap-253/ldap-nss.c	2009-05-08 14:05:51.000000000 -0400
+@@ -1961,6 +1961,7 @@ _nss_ldap_ent_context_init_locked (ent_c
+ 	  debug ("<== _nss_ldap_ent_context_init_locked");
+ 	  return NULL;
+ 	}
++      ctx->ec_internal = 0;
+       *pctx = ctx;
+     }
+   else
+@@ -1990,6 +1991,15 @@ _nss_ldap_ent_context_init_locked (ent_c
+ 
+   return ctx;
+ }
++ent_context_t *
++_nss_ldap_ent_context_init_internal_locked (ent_context_t ** pctx)
++{
++  ent_context_t *ctx;
++  ctx = _nss_ldap_ent_context_init_locked (pctx);
++  if (ctx != NULL)
++    ctx->ec_internal = 1;
++  return ctx;
++}
+ 
+ /*
+  * Clears a given context; we require the caller
+@@ -2031,7 +2041,8 @@ _nss_ldap_ent_context_release (ent_conte
+ 
+   LS_INIT (ctx->ec_state);
+ 
+-  if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT))
++  if (!ctx->ec_internal &&
++      _nss_ldap_test_config_flag (NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT))
+     {
+       do_close ();
+     }
+diff -up nss_ldap-253/ldap-nss.h nss_ldap-253/ldap-nss.h
+--- nss_ldap-253/ldap-nss.h	2009-05-08 13:35:47.000000000 -0400
++++ nss_ldap-253/ldap-nss.h	2009-05-08 13:52:25.000000000 -0400
+@@ -560,6 +560,8 @@ struct ent_context
+   ldap_state_t ec_state;	/* eg. for services */
+   int ec_msgid;			/* message ID */
+   LDAPMessage *ec_res;		/* result chain */
++  int ec_internal;		/* this context is just a part of a larger
++				 * query for information */
+   ldap_service_search_descriptor_t *ec_sd;	/* current sd */
+   struct berval *ec_cookie;     /* cookie for paged searches */
+ };
+@@ -744,6 +746,15 @@ ent_context_t *_nss_ldap_ent_context_ini
+ ent_context_t *_nss_ldap_ent_context_init_locked (ent_context_t **);
+ 
+ /*
++ * _nss_ldap_ent_context_init_internal_locked() has the same
++ * behaviour, except it marks the context as one that's being
++ * used to fetch additional data used in answering a request, i.e.
++ * that this isn't the "main" context
++ */
++
++ent_context_t *_nss_ldap_ent_context_init_internal_locked (ent_context_t **);
++
++/*
+  * _nss_ldap_ent_context_release() is used to manually free a context 
+  */
+ void _nss_ldap_ent_context_release (ent_context_t *);
diff --git a/sys-auth/nss_ldap/nss_ldap-265-r3.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r3.ebuild
new file mode 100644
index 000000000000..7c3ceace8003
--- /dev/null
+++ b/sys-auth/nss_ldap/nss_ldap-265-r3.ebuild
@@ -0,0 +1,137 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/nss_ldap-265-r3.ebuild,v 1.1 2014/02/17 05:41:10 prometheanfire Exp $
+
+EAPI=5
+inherit fixheadtails eutils multilib autotools prefix
+
+IUSE="debug ssl sasl kerberos"
+
+DESCRIPTION="NSS LDAP Module"
+HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html"
+SRC_URI="http://www.padl.com/download/${P}.tar.gz"
+
+SLOT="0"
+LICENSE="LGPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux"
+
+DEPEND=">=net-nds/openldap-2.1.30-r5
+		sasl? ( dev-libs/cyrus-sasl )
+		kerberos? ( virtual/krb5 )
+		ssl? ( dev-libs/openssl )"
+RDEPEND="${DEPEND}
+		!<net-fs/autofs-4.1.3"
+
+src_prepare() {
+	if use prefix; then
+		epatch "${FILESDIR}"/${P}-installdir.patch
+		eprefixify Makefile.am
+	fi
+
+	# bug 438692
+	epatch "${FILESDIR}"/${P}-pthread.patch
+
+	epatch "${FILESDIR}"/nsswitch.ldap.diff
+
+	# Applied by upstream
+	#epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch
+
+	epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch
+
+	EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-265-reconnect-timeouts.patch
+
+	# Applied by upstream
+	#EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch
+
+	EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch
+
+	sed -i.orig \
+		-e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \
+		"${S}"/ldap.conf
+
+	# fix head/tail stuff
+	ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp
+
+	# fix build borkage
+	for i in Makefile.{in,am}; do
+	  sed -i.orig \
+	    -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \
+	    "${S}"/$i
+	done
+
+	epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch
+
+	# Bug #214750, no automagic deps
+	epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch
+
+	# Upstream forgets the version number sometimes
+	#sed -i \
+	#	-e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \
+	#	"${S}"/configure.in
+
+	# Include an SONAME
+	epatch "${FILESDIR}"/${PN}-254-soname.patch
+
+	#fix broken oneshot connections
+	epatch "${FILESDIR}/nss_ldap-265-missing-entries-oneshot.patch"
+
+	sed -i \
+		-e 's, vers_string , ./vers_string ,g' \
+		"${S}"/Makefile.am
+
+	if use kernel_FreeBSD; then
+		#fix broken fbsd support
+		EPATCH_OPTS="-p0 -d ${S}" epatch "${FILESDIR}/nss_ldap-265-fbsd.patch"
+	fi
+
+	eautoreconf
+}
+
+src_configure() {
+	local myconf=""
+	use debug && myconf="${myconf} --enable-debugging"
+	use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi"
+	# --enable-schema-mapping \
+	econf \
+		--with-ldap-lib=openldap \
+		--libdir="${EPREFIX}/$(get_libdir)" \
+		--with-ldap-conf-file="${EPREFIX}/etc/ldap.conf" \
+		--enable-paged-results \
+		--enable-rfc2307bis \
+		$(use_enable ssl) \
+		$(use_enable sasl) \
+		$(use_enable kerberos krb) \
+		${myconf}
+
+	if use kernel_FreeBSD; then
+		# configure.in does not properly handle include dependencies
+		echo "#define HAVE_NETINET_IF_ETHER_H 1" >> ${S}/config.h
+		echo "#define HAVE_NET_ROUTE_H 1" >> ${S}/config.h
+		echo "#define HAVE_RESOLV_H 1" >> ${S}/config.h
+	fi
+}
+
+src_install() {
+	dodir /$(get_libdir)
+
+	emake -j1 DESTDIR="${D}" install \
+		INST_UID=${PORTAGE_USER:-root} INST_GID=${PORTAGE_GROUP:-root}
+
+	insinto /etc
+	doins ldap.conf
+
+	# Append two blank lines and some skip entries
+	echo >>"${ED}"/etc/ldap.conf
+	echo >>"${ED}"/etc/ldap.conf
+	sed -i "${ED}"/etc/ldap.conf \
+		-e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres'
+
+	dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \
+		CVSVersionInfo.txt README nsswitch.ldap certutil
+	docinto docs; dodoc doc/*
+}
+
+pkg_postinst() {
+	elog "If you use a ldaps:// string in the 'uri' setting of"
+	elog "your /etc/ldap.conf, you must set 'ssl on'!"
+}