From 857ef5b84a6d8ff475f8b51643053fc0fb12e672 Mon Sep 17 00:00:00 2001
From: SuvarnaMeenakshi <sumeenak@microsoft.com>
Date: Thu, 29 Aug 2019 13:19:31 -0700
Subject: [PATCH 1/3] Add patch to support IPv6

---
 ...rsing-of-IP-addr-and-port-number-str.patch | 26 +++++++++++++++++++
 src/tacacs/nss/Makefile                       |  1 +
 2 files changed, 27 insertions(+)
 create mode 100644 src/tacacs/nss/0005-libnss-Modify-parsing-of-IP-addr-and-port-number-str.patch

diff --git a/src/tacacs/nss/0005-libnss-Modify-parsing-of-IP-addr-and-port-number-str.patch b/src/tacacs/nss/0005-libnss-Modify-parsing-of-IP-addr-and-port-number-str.patch
new file mode 100644
index 000000000000..247972b63b55
--- /dev/null
+++ b/src/tacacs/nss/0005-libnss-Modify-parsing-of-IP-addr-and-port-number-str.patch
@@ -0,0 +1,26 @@
+From aa8af2b2400b7bbcbe7af0cb50047a98e93660ca Mon Sep 17 00:00:00 2001
+From: SuvarnaMeenakshi <sumeenak@microsoft.com>
+Date: Thu, 29 Aug 2019 09:44:24 -0700
+Subject: [PATCH] libnss: Modify parsing of IP addr and port number string to
+ support IPv6
+
+---
+ nss_tacplus.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/nss_tacplus.c b/nss_tacplus.c
+index f2a86e1..3ff3c35 100644
+--- a/nss_tacplus.c
++++ b/nss_tacplus.c
+@@ -98,7 +98,7 @@ static int parse_tac_server(char *srv_buf)
+                 hints.ai_socktype = SOCK_STREAM;
+ 
+                 srv = token + 7;
+-                port = strchr(srv, ':');
++                port = strrchr(srv, ':');
+                 if(port) {
+                     *port = '\0';
+                     port++;
+-- 
+2.17.1
+
diff --git a/src/tacacs/nss/Makefile b/src/tacacs/nss/Makefile
index 51a5d63ebd1b..b9e16e812d23 100644
--- a/src/tacacs/nss/Makefile
+++ b/src/tacacs/nss/Makefile
@@ -22,6 +22,7 @@ $(addprefix $(DEST)/, $(MAIN_TARGET)): $(DEST)/% :
 	git $(GIT_APPLY) ../0002-Enable-modifying-local-user-permission.patch
 	git $(GIT_APPLY) ../0003-management-vrf-support.patch
 	git $(GIT_APPLY) ../0004-Skip-accessing-tacacs-servers-for-local-non-tacacs-u.patch
+	git $(GIT_APPLY) ../0005-libnss-Modify-parsing-of-IP-addr-and-port-number-str.patch
 
 	dpkg-buildpackage -rfakeroot -b -us -uc
 	popd

From cfb043e0c127c1ddd2f49072dc78bb79c862b985 Mon Sep 17 00:00:00 2001
From: SuvarnaMeenakshi <sumeenak@microsoft.com>
Date: Thu, 29 Aug 2019 13:23:12 -0700
Subject: [PATCH 2/3] Add support for IPv6

---
 ...ng-of-IP-address-and-port-number-to-.patch | 57 +++++++++++++++++++
 src/tacacs/pam/Makefile                       |  1 +
 2 files changed, 58 insertions(+)
 create mode 100644 src/tacacs/pam/0005-pam-Modify-parsing-of-IP-address-and-port-number-to-.patch

diff --git a/src/tacacs/pam/0005-pam-Modify-parsing-of-IP-address-and-port-number-to-.patch b/src/tacacs/pam/0005-pam-Modify-parsing-of-IP-address-and-port-number-to-.patch
new file mode 100644
index 000000000000..7bf5850158ae
--- /dev/null
+++ b/src/tacacs/pam/0005-pam-Modify-parsing-of-IP-address-and-port-number-to-.patch
@@ -0,0 +1,57 @@
+From 264de96e8a1c411371f9fc20b0b5b00c10e7052d Mon Sep 17 00:00:00 2001
+From: SuvarnaMeenakshi <sumeenak@microsoft.com>
+Date: Thu, 29 Aug 2019 09:51:43 -0700
+Subject: [PATCH] pam: Modify parsing of IP address and port number to support
+ IPv6
+
+---
+ support.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/support.c b/support.c
+index 44efee3..7c00618 100644
+--- a/support.c
++++ b/support.c
+@@ -36,6 +36,7 @@ int tac_srv_no = 0;
+ char tac_service[64];
+ char tac_protocol[64];
+ char tac_prompt[64];
++char *__vrfname=NULL;
+ 
+ void _pam_log(int err, const char *format,...) {
+     char msg[256];
+@@ -225,11 +226,11 @@ int _pam_parse (int argc, const char **argv) {
+ 
+                 if (*server_buf == '[' && (close_bracket = strchr(server_buf, ']')) != NULL) { /* Check for URI syntax */
+                     server_name = server_buf + 1;
+-                    port = strchr(close_bracket, ':');
++                    port = strrchr(close_bracket, ':');
+                     *close_bracket = '\0';
+                 } else { /* Fall back to traditional syntax */
+                     server_name = server_buf;
+-                    port = strchr(server_buf, ':');
++                    port = strrchr(server_buf, ':');
+                 }
+                 if (port != NULL) {
+                     *port = '\0';
+@@ -271,6 +272,8 @@ int _pam_parse (int argc, const char **argv) {
+             } else { 
+                 tac_readtimeout_enable = 1;
+             }
++        } else if(!strncmp(*argv, "vrf=", 4)) {
++            __vrfname = strdup(*argv + 4);
+         } else {
+             _pam_log (LOG_WARNING, "unrecognized option: %s", *argv);
+         }
+@@ -282,7 +285,7 @@ int _pam_parse (int argc, const char **argv) {
+         _pam_log(LOG_DEBUG, "%d servers defined", tac_srv_no);
+ 
+         for(n = 0; n < tac_srv_no; n++) {
+-            _pam_log(LOG_DEBUG, "server[%d] { addr=%s, key='%s' }", n, tac_ntop(tac_srv[n].addr->ai_addr), tac_srv[n].key);
++            _pam_log(LOG_DEBUG, "server[%d] { addr=%s, key='%c*****' }", n, tac_ntop(tac_srv[n].addr->ai_addr), tac_srv[n].key[0]);
+         }
+ 
+         _pam_log(LOG_DEBUG, "tac_service='%s'", tac_service);
+-- 
+2.17.1
+
diff --git a/src/tacacs/pam/Makefile b/src/tacacs/pam/Makefile
index c35f1aff37b3..487cf975fd77 100644
--- a/src/tacacs/pam/Makefile
+++ b/src/tacacs/pam/Makefile
@@ -18,6 +18,7 @@ $(addprefix $(DEST)/, $(MAIN_TARGET)): $(DEST)/% :
 	git apply ../0002-Fix-libtac2-bin-install-directory-error.patch
 	git apply ../0003-Obfuscate-key-before-printing-to-syslog.patch
 	git apply ../0004-management-vrf-support.patch
+	git apply ../0005-pam-Modify-parsing-of-IP-address-and-port-number-to-.patch
 
 	dpkg-buildpackage -rfakeroot -b -us -uc
 	popd

From 7832c54a5dd4d7f87fe756917dbfd0fd664c11d4 Mon Sep 17 00:00:00 2001
From: SuvarnaMeenakshi <sumeenak@microsoft.com>
Date: Fri, 30 Aug 2019 14:10:31 -0700
Subject: [PATCH 3/3] Remove in-correct changes by IPv6 support patch

---
 ...ng-of-IP-address-and-port-number-to-.patch | 26 -------------------
 1 file changed, 26 deletions(-)

diff --git a/src/tacacs/pam/0005-pam-Modify-parsing-of-IP-address-and-port-number-to-.patch b/src/tacacs/pam/0005-pam-Modify-parsing-of-IP-address-and-port-number-to-.patch
index 7bf5850158ae..541333232b56 100644
--- a/src/tacacs/pam/0005-pam-Modify-parsing-of-IP-address-and-port-number-to-.patch
+++ b/src/tacacs/pam/0005-pam-Modify-parsing-of-IP-address-and-port-number-to-.patch
@@ -12,14 +12,6 @@ diff --git a/support.c b/support.c
 index 44efee3..7c00618 100644
 --- a/support.c
 +++ b/support.c
-@@ -36,6 +36,7 @@ int tac_srv_no = 0;
- char tac_service[64];
- char tac_protocol[64];
- char tac_prompt[64];
-+char *__vrfname=NULL;
- 
- void _pam_log(int err, const char *format,...) {
-     char msg[256];
 @@ -225,11 +226,11 @@ int _pam_parse (int argc, const char **argv) {
  
                  if (*server_buf == '[' && (close_bracket = strchr(server_buf, ']')) != NULL) { /* Check for URI syntax */
@@ -34,24 +26,6 @@ index 44efee3..7c00618 100644
                  }
                  if (port != NULL) {
                      *port = '\0';
-@@ -271,6 +272,8 @@ int _pam_parse (int argc, const char **argv) {
-             } else { 
-                 tac_readtimeout_enable = 1;
-             }
-+        } else if(!strncmp(*argv, "vrf=", 4)) {
-+            __vrfname = strdup(*argv + 4);
-         } else {
-             _pam_log (LOG_WARNING, "unrecognized option: %s", *argv);
-         }
-@@ -282,7 +285,7 @@ int _pam_parse (int argc, const char **argv) {
-         _pam_log(LOG_DEBUG, "%d servers defined", tac_srv_no);
- 
-         for(n = 0; n < tac_srv_no; n++) {
--            _pam_log(LOG_DEBUG, "server[%d] { addr=%s, key='%s' }", n, tac_ntop(tac_srv[n].addr->ai_addr), tac_srv[n].key);
-+            _pam_log(LOG_DEBUG, "server[%d] { addr=%s, key='%c*****' }", n, tac_ntop(tac_srv[n].addr->ai_addr), tac_srv[n].key[0]);
-         }
- 
-         _pam_log(LOG_DEBUG, "tac_service='%s'", tac_service);
 -- 
 2.17.1