Various gssalloc fixes
This commit is contained in:
Robbie Harwood
parent
76d9979dc3
commit
02c0c74c74
@ -1,4 +1,4 @@
|
||||
From 1723d5cf07693d8fb249956ee73ca9f4436f95da Mon Sep 17 00:00:00 2001
|
||||
From 947ba07fe50c4bb6188d453fd3f6b0b9ef6d5288 Mon Sep 17 00:00:00 2001
|
||||
From: Simo Sorce <simo@redhat.com>
|
||||
Date: Tue, 4 Dec 2018 15:22:55 -0500
|
||||
Subject: [PATCH] Add dns_canonicalize_hostname=fallback support
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 5817cf4b254ab7f266d74ba30ca2a0ffa26e803e Mon Sep 17 00:00:00 2001
|
||||
From 15ac04c3e0d02c36643427ac943d344711cd8b50 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 15 Jan 2019 16:16:57 -0500
|
||||
Subject: [PATCH] Add function and enctype flag for deprecations
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 4928699bdfd051bf0d69afee0b15574c15f40a48 Mon Sep 17 00:00:00 2001
|
||||
From 98b86c4f1ca794a18cbe957b6d520380fe424240 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 21 May 2019 12:52:26 -0400
|
||||
Subject: [PATCH] Add missing newlines to deprecation warnings
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From a186597238ae40e167ce041857b5bd1f94ee2383 Mon Sep 17 00:00:00 2001
|
||||
From d80e1a0f07591c1fedc9cfc2cbb6ab7e54b55287 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Thu, 20 Jun 2019 10:45:18 -0400
|
||||
Subject: [PATCH] Add soft-pkcs11 source code
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From ae2475679b7b0e9381eac5d134c06cfc559d7d1b Mon Sep 17 00:00:00 2001
|
||||
From bb8109eaafe65f323052493f7539c88204799b70 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Thu, 22 Nov 2018 00:27:35 -0500
|
||||
Subject: [PATCH] Add tests for KCM ccache type
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 7fb0b432d9192360ec3439a7f5c33ad8366064f1 Mon Sep 17 00:00:00 2001
|
||||
From 90cf4ccec641d9bc466d4e404d36d486b3573a07 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Thu, 14 Mar 2019 11:26:44 -0400
|
||||
Subject: [PATCH] Add zapfreedata() convenience function
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From b54bce8e7b54c8700467fefcc74623fa50234046 Mon Sep 17 00:00:00 2001
|
||||
From 842ffb8cd2f47844346c6a88ff7575c6d131644b Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Sun, 30 Dec 2018 16:40:28 -0500
|
||||
Subject: [PATCH] Address some optimized-out memset() calls
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From c39a5710d0e4039a4f2bbd53ec284eb89d3b83c4 Mon Sep 17 00:00:00 2001
|
||||
From ceb6a10c14ec83b0d4d1bb6f792917e6945995d6 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Mon, 6 May 2019 15:14:49 -0400
|
||||
Subject: [PATCH] Avoid alignment warnings in openssl rc4.c
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 7491d9ed5c358960c6344c2581db9cafaf308f06 Mon Sep 17 00:00:00 2001
|
||||
From df3bfd244f8b4601f8750599270eb98cadccdafe Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schneider <asn@samba.org>
|
||||
Date: Thu, 3 Jan 2019 17:19:32 +0100
|
||||
Subject: [PATCH] Avoid allocating a register in zap() assembly
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 842524798c7f69edcef3f01cae7a9a6f126ed1dc Mon Sep 17 00:00:00 2001
|
||||
From 8eee70cc192adf9c0c11061c48d708e0157a9399 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Mon, 22 Apr 2019 14:26:42 -0400
|
||||
Subject: [PATCH] Check more errors in OpenSSL crypto backend
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 2f50c282127bf8d4c570986c212fbc1e910fb8c5 Mon Sep 17 00:00:00 2001
|
||||
From eb8d1bbf210b159384859dd482657a31de80a787 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 2 Apr 2019 14:18:57 -0400
|
||||
Subject: [PATCH] Clarify header comment for krb5_cc_start_seq_get()
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 6bd9bc03f2ad2aa5415d738c28180def7e17874f Mon Sep 17 00:00:00 2001
|
||||
From 24d3008698d6c654ab079413583c9f1359ad8f59 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Thu, 15 Nov 2018 13:40:43 -0500
|
||||
Subject: [PATCH] Clear forwardable flag instead of denying request
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 144eea330aba65a140c0e0bf66ad3cfe06f28899 Mon Sep 17 00:00:00 2001
|
||||
From 756e069368719f53444b5a819753fdeda5561994 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 21 May 2019 13:34:39 -0400
|
||||
Subject: [PATCH] Display unsupported enctype names
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 84bb2b804c69830ff2dc405b1a2bd7893291d8e6 Mon Sep 17 00:00:00 2001
|
||||
From 261e67018b25412c53a290c429612bb55569428e Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Wed, 10 Jul 2019 17:10:16 -0400
|
||||
Subject: [PATCH] Don't error on invalid enctypes in keytab
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From aa3b2bb07bf48375b2391b31e68d0abf7ba5e4ea Mon Sep 17 00:00:00 2001
|
||||
From 675edf995b497d681732a2909df21d8e4fe11e07 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 16 Jul 2019 00:15:42 -0400
|
||||
Subject: [PATCH] Filter enctypes in gss_set_allowable_enctypes()
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 28db01445d2807d51b5045c0a04d5e49905de504 Mon Sep 17 00:00:00 2001
|
||||
From 0acc96dccbb4f4e75584ee39239da392b919f5f8 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Sat, 20 Jul 2019 00:51:52 -0400
|
||||
Subject: [PATCH] Fix Coverity defects in soft-pkcs11 test code
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 7e81b8077cf2cf186dadb96b064573f7c221fbf3 Mon Sep 17 00:00:00 2001
|
||||
From 48dd1debf9bd7b04195aeb435d54eefde39bc35e Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Wed, 14 Aug 2019 13:52:27 -0400
|
||||
Subject: [PATCH] Fix KCM client time offset propagation
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From b3ccbf6ba3f662d0671b0abd10017562f76a190a Mon Sep 17 00:00:00 2001
|
||||
From fd25fce46c2454b7386d2725dba493471a2e3fe8 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Wed, 25 Sep 2019 12:57:56 -0400
|
||||
Subject: [PATCH] Fix KDC crash when logging PKINIT enctypes
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 7ed0d71eb3eef640e57f3c55f8aeac636cce3110 Mon Sep 17 00:00:00 2001
|
||||
From 508863ce900694d4a78af60361e23be59143aac8 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 16 Apr 2019 10:47:35 -0400
|
||||
Subject: [PATCH] Fix config realm change logic in FILE remove_cred
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 2c0d9a91c34f315f860fc857dd84863d048b6105 Mon Sep 17 00:00:00 2001
|
||||
From 5e0baa51f69ae9f67865d808213bda5872ee7dc6 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Sat, 16 Nov 2019 19:54:51 -0500
|
||||
Subject: [PATCH] Fix kadmin addprinc -randkey -kvno
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From e215c213a068d96599a3069339bfb3e4024ef61b Mon Sep 17 00:00:00 2001
|
||||
From 0bb94eb7c3b231279d8ded0484ecea10ebe89302 Mon Sep 17 00:00:00 2001
|
||||
From: Corene Casper <C.Casper@Dell.com>
|
||||
Date: Sat, 16 Feb 2019 00:49:26 -0500
|
||||
Subject: [PATCH] Fix memory leak in 'none' replay cache type
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 5cc80472e7a8b0fb3002f229ffb104dccf8bd120 Mon Sep 17 00:00:00 2001
|
||||
From 8087bdce8a5e9912f693ab199198a5bf4db54001 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Mon, 5 Aug 2019 01:53:51 -0400
|
||||
Subject: [PATCH] Fix memory leaks in soft-pkcs11 code
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From df5026b47d2f90729b76071fd7cae48d46c4d1f6 Mon Sep 17 00:00:00 2001
|
||||
From 0d27dbf488547b9ca6780f23e5e40fa820928385 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Fri, 8 Nov 2019 14:28:56 -0500
|
||||
Subject: [PATCH] Fix minor errors in softpkcs11
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 013037d7c4f6073d28ea2b0bd53eca04bae170ea Mon Sep 17 00:00:00 2001
|
||||
From 5917d1d1a51c2a4b243661710b3107b1bc43fff0 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 18 Apr 2019 13:39:37 -0400
|
||||
Subject: [PATCH] Fix potential close(-1) in cc_file.c
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 6f0b53aea2dfcccf1efe0c1c6142eeeaf998f2bb Mon Sep 17 00:00:00 2001
|
||||
From 3612a7873e5e07b51d47c6c38f8a83e0b3d51e20 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 2 May 2019 14:05:38 -0400
|
||||
Subject: [PATCH] Fix some return code handling bugs
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From ebc913ea73bfc439f293831f19db83ec83622d51 Mon Sep 17 00:00:00 2001
|
||||
From 43e56c3442e7601a6e041a010f0ca9acb6021d8f Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Mon, 1 Apr 2019 14:28:48 -0400
|
||||
Subject: [PATCH] Implement krb5_cc_remove_cred for remaining types
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From f9123277a5b4e27d5fea3dbae0889dcb527115fc Mon Sep 17 00:00:00 2001
|
||||
From 3f5781029e48d7f2f5a694a4d3e19691eefde87f Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Mon, 6 May 2019 13:13:16 -0400
|
||||
Subject: [PATCH] Improve error messages from kadmin change_password
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 0e1c9fa82ea2a5f32a6ce937ffe9b1aef21e133e Mon Sep 17 00:00:00 2001
|
||||
From d1bbb1c98c3c2deb3713959281a3eee2b5019480 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 15 Jan 2019 13:41:16 -0500
|
||||
Subject: [PATCH] In kpropd, debug-log proper ticket enctype names
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 92e46dabccaf7dfecfcb85bb87b773b734724ccb Mon Sep 17 00:00:00 2001
|
||||
From 803290c5773eb2e6a344f0ad0a01645e30c79031 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Mon, 14 Jan 2019 17:14:42 -0500
|
||||
Subject: [PATCH] In rd_req_dec, always log non-permitted enctypes
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From b448801a1ab19d89cc069e63f5ce5acbc9f3cd8d Mon Sep 17 00:00:00 2001
|
||||
From 17d1dbd3b2eb3961c061b140f8a7641405e59d44 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Fri, 9 Aug 2019 14:07:22 -0400
|
||||
Subject: [PATCH] Initialize life/rlife in kdcpolicy interface
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 0f05d25ddecba6d8dd5de5c1b2e31f45942b9a85 Mon Sep 17 00:00:00 2001
|
||||
From e4e58539348e886f9ac39881d576c7512fc37a2b Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 2 May 2019 13:36:38 -0400
|
||||
Subject: [PATCH] Initialize some data structure magic fields
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 3324eb7fcc3cf4effdde891cefdc37526ff20cf7 Mon Sep 17 00:00:00 2001
|
||||
From 78e9d11d8a6c05218d18b9b200d1de888a95503c Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Fri, 27 Sep 2019 16:55:37 -0400
|
||||
Subject: [PATCH] Log unknown enctypes as unsupported in KDC
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From c955111643b4ef9a005a083d8f2aa39ec4af81ec Mon Sep 17 00:00:00 2001
|
||||
From a50161ee09ef887493afcf5f3901f9d0a9c20fc5 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 8 Jan 2019 17:42:35 -0500
|
||||
Subject: [PATCH] Make etype names in KDC logs human-readable
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 945c21ddafbedfe57dfbf9ca3e7b0185cb4b7175 Mon Sep 17 00:00:00 2001
|
||||
From de5bdedc1d27ee3e9ff7072614ea1316064b222a Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 10 Jan 2019 16:34:54 -0500
|
||||
Subject: [PATCH] Mark deprecated enctypes when used
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From b68ee166602b787c5acabe3d1b4780e527d672a7 Mon Sep 17 00:00:00 2001
|
||||
From 4ebd1454a32df78d10c7de4c09ac8dc8ebb4f41b Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 11 Apr 2019 18:33:04 -0400
|
||||
Subject: [PATCH] Mark the doc/kadm5 tex files as historic
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From eb4fb8cb24e6cac194acc2c507b334658fc5431d Mon Sep 17 00:00:00 2001
|
||||
From c547bf2cae39d503de3ac3670d99b2cc324c6567 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 11 Apr 2019 18:25:41 -0400
|
||||
Subject: [PATCH] Modernize example enctypes in documentation
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From b3ccfda0de6a9dd1248d9b15f31819421e36848e Mon Sep 17 00:00:00 2001
|
||||
From 8fe3c4bde435c68a74c8075661a432cd1d3c17b9 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 2 May 2019 14:32:33 -0400
|
||||
Subject: [PATCH] Modernize exit path in gss_krb5int_copy_ccache()
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 4b087e84f6c399df56143eca50858c185d31633f Mon Sep 17 00:00:00 2001
|
||||
From 916861d361be090965e1b4df4f60fce64206cf79 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 14 Feb 2019 11:50:35 -0500
|
||||
Subject: [PATCH] Properly size #ifdef in k5_cccol_lock()
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 17365a6131488b518b0f50e08d24697acce79d44 Mon Sep 17 00:00:00 2001
|
||||
From bea06cc4cf4df3d545fb3da1a9429aa28f690d80 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 26 Mar 2019 18:51:10 -0400
|
||||
Subject: [PATCH] Remove 3des support
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 275df1b1b846a66c966a8108ba3b4d148f68ef6f Mon Sep 17 00:00:00 2001
|
||||
From 2bbf5046e0d1ad4a4927570ebed5aa661e322024 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 4 Apr 2019 14:37:38 -0400
|
||||
Subject: [PATCH] Remove Kerberos v4 support vestiges from ccapi
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 054cd1bad9941e6936345da3e9a839c8fdbd9ba3 Mon Sep 17 00:00:00 2001
|
||||
From a52788c294f56a023b7bc05286990717ec993158 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 18 Jun 2019 11:40:48 -0400
|
||||
Subject: [PATCH] Remove PKINIT draft 9 ASN.1 code and types
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From a3e44c1ab745535fe9e2c396a09ff8d713810cc4 Mon Sep 17 00:00:00 2001
|
||||
From f00a9416374087dbf135215a13c5316477ca2f45 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 18 Jun 2019 13:06:44 -0400
|
||||
Subject: [PATCH] Remove PKINIT draft 9 support
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 68fdf968da2ed338340a835a0c942991c7c02986 Mon Sep 17 00:00:00 2001
|
||||
From 8096d0c97bcb5ac1ad830b6f354b4e32c90ac4cf Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Wed, 3 Apr 2019 16:01:22 -0400
|
||||
Subject: [PATCH] Remove ccapi-related comments in configure.ac
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 46aa5ffd844a280f368d78c7c395bb1b2323dfbe Mon Sep 17 00:00:00 2001
|
||||
From 443754ab8140d87e2e5bbd595f39827461d6498a Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Mon, 13 May 2019 14:19:57 -0400
|
||||
Subject: [PATCH] Remove checksum type profile variables
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From f7b50b3e40ae43666fb10b0a1502f9cd88b6a2fe Mon Sep 17 00:00:00 2001
|
||||
From 0d471a72541952ebe090919610cf9ba8b31d1291 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Wed, 3 Apr 2019 14:58:19 -0400
|
||||
Subject: [PATCH] Remove confvalidator utility
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From cc4aace493d1caaca9edebcc5d836e847e358afd Mon Sep 17 00:00:00 2001
|
||||
From 20be29dfddcbc4afda79eae2bcd3d5de3bb0330d Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 2 May 2019 16:57:51 -0400
|
||||
Subject: [PATCH] Remove dead variable def_kslist from two files
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 8629596d91d41914a6996b897845f601af7b59fc Mon Sep 17 00:00:00 2001
|
||||
From 33c39a069022eab2d56ccbaf0be31b3b5b0071a2 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 4 Apr 2019 14:15:58 -0400
|
||||
Subject: [PATCH] Remove doxygen-generated HTML output for ccapi
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 43c7d037b5e6bac3345c069af70f3cd6fd947f3f Mon Sep 17 00:00:00 2001
|
||||
From e1e27c400736ca304c9cbdc52e2946c65e047a21 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 4 Apr 2019 16:14:46 -0400
|
||||
Subject: [PATCH] Remove kadmin RPC support for setting v4 key
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 343e236ed2637a826f4d53ff60d2b2bc349100d6 Mon Sep 17 00:00:00 2001
|
||||
From 6181039fc3f70c073e4125d98d8a28aec9c223bf Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 18 Apr 2019 17:27:07 -0400
|
||||
Subject: [PATCH] Remove krb5int_c_combine_keys()
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 740ab812bedd022ec60e7ef63bf4be12dd730d67 Mon Sep 17 00:00:00 2001
|
||||
From 067f8685648e4a316ea0dfe90694d5a7b64c8848 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 9 May 2019 14:07:24 -0400
|
||||
Subject: [PATCH] Remove more dead code
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 25418e054868301e1a1a5824913b74f2479e1b15 Mon Sep 17 00:00:00 2001
|
||||
From 3d6b547ca1454b8113c6f83161def1f995c04616 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Fri, 28 Jun 2019 13:09:47 -0400
|
||||
Subject: [PATCH] Remove now-unused checksum functions
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 09855e99697edcfb6228f266e8c7b6889ea48b23 Mon Sep 17 00:00:00 2001
|
||||
From 13df40bef90954d1c373c5e9cece1d5897c7afcf Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Fri, 30 Aug 2019 11:19:52 -0400
|
||||
Subject: [PATCH] Remove null check in krb5_gss_duplicate_name()
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 5125a9bd20b2fa2b0f420dc20780d08af1cc91a6 Mon Sep 17 00:00:00 2001
|
||||
From 019dc5d64d6e1c0fabaf9957bef5b633eb6fa475 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 22 Jan 2019 18:34:58 -0500
|
||||
Subject: [PATCH] Remove ovsec_adm_export dump format support
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From c742a3eacc7b2dc92bf8dc83f5e8ea602dded8c2 Mon Sep 17 00:00:00 2001
|
||||
From a768fb06f0df69f0b6985058e21c72448587d2a8 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Mon, 9 Oct 2017 15:58:33 -0400
|
||||
Subject: [PATCH] Remove srvtab support
|
||||
@ -194,7 +194,7 @@ index 6d119a2b6..e2e005d22 100644
|
||||
- return result;
|
||||
-}
|
||||
diff --git a/src/kadmin/testing/proto/krb5.conf.proto b/src/kadmin/testing/proto/krb5.conf.proto
|
||||
index 9c4bc1de7..f91cf70f3 100644
|
||||
index 00c442978..e710852d4 100644
|
||||
--- a/src/kadmin/testing/proto/krb5.conf.proto
|
||||
+++ b/src/kadmin/testing/proto/krb5.conf.proto
|
||||
@@ -1,6 +1,6 @@
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From bf8f84d2116af9aba33202f44fdaf04a76430410 Mon Sep 17 00:00:00 2001
|
||||
From 1aff5025ec486d1f8239e3a135156e33ea5e764d Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Thu, 6 Jun 2019 11:46:58 -0400
|
||||
Subject: [PATCH] Remove strerror() calls from k5_get_error()
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 9e71fcd5db98fb7ace02e8684486cc7f092d82ad Mon Sep 17 00:00:00 2001
|
||||
From f87c6fabd1073637c4798fcdd3fdab060edb0731 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Wed, 17 Apr 2019 17:07:46 -0400
|
||||
Subject: [PATCH] Remove support for no-flags SAM-2 preauth
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 2cc75213f2227cffeaf60ad0c4ef60b5466b073e Mon Sep 17 00:00:00 2001
|
||||
From c13f1fde8931a9199a7a15a5b011f02ed2615e9f Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Fri, 24 May 2019 13:12:03 -0400
|
||||
Subject: [PATCH] Remove support for single-DES and CRC
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 35395701a34f68e99abfe23d07b93c59cd63ad50 Mon Sep 17 00:00:00 2001
|
||||
From cebf1ea82c4d2dc4494ad0af7525fd324e6d92e2 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Fri, 24 May 2019 13:11:44 -0400
|
||||
Subject: [PATCH] Remove the v4 and afs3 salt types
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 6b50f9c5b2a1b856e65fa69de05e7c05d2b89614 Mon Sep 17 00:00:00 2001
|
||||
From 47fc137981db0b2b9834765e28f70b151a88cb83 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 23 Aug 2016 16:32:09 -0400
|
||||
Subject: [PATCH] Set a more modern default ksu CMD_PATH
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 3b4f517a3a403943877e925ae0eb1745611b996f Mon Sep 17 00:00:00 2001
|
||||
From 9c80f80f48f3b761145e97914a4488398435f2d6 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Sun, 5 May 2019 18:53:27 -0400
|
||||
Subject: [PATCH] Simplify SAM-2 as_key handling
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From f311350db606e8395930b8b1e4d821096133d3c4 Mon Sep 17 00:00:00 2001
|
||||
From 5ff802a443dfd47e2f43a37de0dc439a1c583849 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Thu, 22 Aug 2019 16:19:12 -0400
|
||||
Subject: [PATCH] Simplify krb5_dbe_def_search_enctype()
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 172390c584726ecd5747b064587acc1db44a98ca Mon Sep 17 00:00:00 2001
|
||||
From 8cc93c83241cd96a8565c427418f6c3f13609b65 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Mon, 6 May 2019 13:13:06 -0400
|
||||
Subject: [PATCH] Simply OpenSSL PKCS7 decryption code
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 345ffa545ef85ae5c6384c931759cc5353f4d434 Mon Sep 17 00:00:00 2001
|
||||
From 1b251fe463c1284381612aeb7f2271d28d171d9d Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Sat, 3 Aug 2019 13:30:28 -0400
|
||||
Subject: [PATCH] Skip URI tests when using asan
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From d52e7db97781dbdb518368e143c031ed5c6217cc Mon Sep 17 00:00:00 2001
|
||||
From dabc30f0500718ef39706849b778524d4fa2152d Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Fri, 30 Aug 2019 11:16:58 -0400
|
||||
Subject: [PATCH] Squash apparent forward-null in clnttcp_create()
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 2c00970b3fe53b38f976c79f648fdd75a2682287 Mon Sep 17 00:00:00 2001
|
||||
From d46ea68d04b91320aa7eb96f85ca77b98fd44e88 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 23 Aug 2016 16:47:44 -0400
|
||||
Subject: [PATCH] Support 389ds's lockout model
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 152e88043117927c334fead93bb3bd3dd74593b7 Mon Sep 17 00:00:00 2001
|
||||
From 12ffeca5a708add9461e71300d58a08ea99ed6e4 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 16 Apr 2019 14:16:39 -0400
|
||||
Subject: [PATCH] Update ASN.1 SAM tests to use a modern enctype
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 2957d2186ee2b60b80e6ba97a1f5d661ccb20f30 Mon Sep 17 00:00:00 2001
|
||||
From a3e73d1a874ad68c7ef0cb2ac0fa529b87b29710 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Mon, 20 May 2019 16:52:57 -0400
|
||||
Subject: [PATCH] Update default krb5kdc mkey manual-entry enctype
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 264cc429ce5fee191738d74f14d34ce91944ec2f Mon Sep 17 00:00:00 2001
|
||||
From 73e08f464b5a55c1d86b3d08f1fd0f391253548f Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 12 Nov 2019 13:38:59 -0500
|
||||
Subject: [PATCH] Update test suite cert message digest to sha256
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 8fe2563e133e904e56c3ed3b9b970bb632c843b6 Mon Sep 17 00:00:00 2001
|
||||
From ec9180a78e84c71940c3ef3834bb22aae1245d91 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Fri, 24 May 2019 13:11:55 -0400
|
||||
Subject: [PATCH] Update test suite to avoid single-DES enctypes
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 0e20daf7ccfe50518c89735c3dae2fde08d92325 Mon Sep 17 00:00:00 2001
|
||||
From b4099e1de59730ca7eb022891c1e1cce1d1eb001 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Fri, 15 Nov 2019 20:05:16 +0000
|
||||
Subject: [PATCH] Use backported version of OpenSSL-3 KDF interface
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 47e66724b9d5cfef84965d99c83d29e4739932e3 Mon Sep 17 00:00:00 2001
|
||||
From 3d1f71979d0a41e75f5169ecbdd594e171e8bbf6 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Thu, 20 Jun 2019 13:41:57 -0400
|
||||
Subject: [PATCH] Use imported soft-pkcs11 for tests
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 13cc24f4e631ee54176430eac73be14bcd9052d3 Mon Sep 17 00:00:00 2001
|
||||
From e2fc380331455d023001d74efbe9563e271cee10 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Wed, 24 Apr 2019 16:19:50 -0400
|
||||
Subject: [PATCH] Use secure_getenv() where appropriate
|
||||
|
||||
142
Various-gssalloc-fixes.patch
Normal file
142
Various-gssalloc-fixes.patch
Normal file
@ -0,0 +1,142 @@
|
||||
From 9e574469b639220a34bbf3dc36a96854ad0c269a Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Sat, 23 Nov 2019 11:42:59 -0500
|
||||
Subject: [PATCH] Various gssalloc fixes
|
||||
|
||||
The DEBUG_GSSALLOC version of gssalloc_realloc() must add the sentinel
|
||||
size to the byte count.
|
||||
|
||||
The mechglue gss_decapsulate_token(), gss_encapsulate_token(), and
|
||||
gss_export_sec_context() must use gssalloc_malloc() to allocate
|
||||
output buffers.
|
||||
|
||||
The krb5 mech's gss_export_name_composite() and gss_pseudo_random()
|
||||
implementations must use gssalloc_malloc() to allocate output buffers.
|
||||
|
||||
SPNEGO's gss_display_status() implementation must use gssalloc for the
|
||||
output buffer.
|
||||
|
||||
The sample GSS server must use gss_release_buffer() to free the result
|
||||
of gss_export_sec_context().
|
||||
|
||||
ticket: 8852 (new)
|
||||
tags: pullup
|
||||
target_version: 1.17-next
|
||||
target_version: 1.16-next
|
||||
|
||||
(cherry picked from commit ab5c4259bdbe51dd3f4b5c5aff22628188d04322)
|
||||
---
|
||||
src/appl/gss-sample/gss-server.c | 2 +-
|
||||
src/lib/gssapi/generic/gssapi_alloc.h | 2 +-
|
||||
src/lib/gssapi/krb5/naming_exts.c | 2 +-
|
||||
src/lib/gssapi/krb5/prf.c | 2 +-
|
||||
src/lib/gssapi/mechglue/g_decapsulate_token.c | 2 +-
|
||||
src/lib/gssapi/mechglue/g_encapsulate_token.c | 2 +-
|
||||
src/lib/gssapi/mechglue/g_exp_sec_context.c | 2 +-
|
||||
src/lib/gssapi/spnego/spnego_mech.c | 2 +-
|
||||
8 files changed, 8 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/src/appl/gss-sample/gss-server.c b/src/appl/gss-sample/gss-server.c
|
||||
index 6b5959a1c..793fefc9f 100644
|
||||
--- a/src/appl/gss-sample/gss-server.c
|
||||
+++ b/src/appl/gss-sample/gss-server.c
|
||||
@@ -391,7 +391,7 @@ test_import_export_context(gss_ctx_id_t *context)
|
||||
if (verbose && logfile)
|
||||
fprintf(logfile, "Importing context: %7.4f seconds\n",
|
||||
timeval_subtract(&tm1, &tm2));
|
||||
- free(context_token.value);
|
||||
+ (void) gss_release_buffer(&min_stat, &context_token);
|
||||
return 0;
|
||||
}
|
||||
|
||||
diff --git a/src/lib/gssapi/generic/gssapi_alloc.h b/src/lib/gssapi/generic/gssapi_alloc.h
|
||||
index 9a5cd9892..d0bd4b2b0 100644
|
||||
--- a/src/lib/gssapi/generic/gssapi_alloc.h
|
||||
+++ b/src/lib/gssapi/generic/gssapi_alloc.h
|
||||
@@ -80,7 +80,7 @@ gssalloc_realloc(void *value, size_t size)
|
||||
return gssalloc_malloc(size);
|
||||
if (memcmp(p, "gssalloc", 8) != 0)
|
||||
abort();
|
||||
- return (char *)realloc(p, size) + 8;
|
||||
+ return (char *)realloc(p, size + 8) + 8;
|
||||
}
|
||||
|
||||
#else /* not _WIN32 or DEBUG_GSSALLOC */
|
||||
diff --git a/src/lib/gssapi/krb5/naming_exts.c b/src/lib/gssapi/krb5/naming_exts.c
|
||||
index 41752d90b..2ac1aba33 100644
|
||||
--- a/src/lib/gssapi/krb5/naming_exts.c
|
||||
+++ b/src/lib/gssapi/krb5/naming_exts.c
|
||||
@@ -624,7 +624,7 @@ krb5_gss_export_name_composite(OM_uint32 *minor_status,
|
||||
exp_composite_name->length += 4; /* length of encoded attributes */
|
||||
if (attrs != NULL)
|
||||
exp_composite_name->length += attrs->length;
|
||||
- exp_composite_name->value = malloc(exp_composite_name->length);
|
||||
+ exp_composite_name->value = gssalloc_malloc(exp_composite_name->length);
|
||||
if (exp_composite_name->value == NULL) {
|
||||
code = ENOMEM;
|
||||
goto cleanup;
|
||||
diff --git a/src/lib/gssapi/krb5/prf.c b/src/lib/gssapi/krb5/prf.c
|
||||
index e897074fc..f87957bdf 100644
|
||||
--- a/src/lib/gssapi/krb5/prf.c
|
||||
+++ b/src/lib/gssapi/krb5/prf.c
|
||||
@@ -86,7 +86,7 @@ krb5_gss_pseudo_random(OM_uint32 *minor_status,
|
||||
if (desired_output_len == 0)
|
||||
return GSS_S_COMPLETE;
|
||||
|
||||
- prf_out->value = k5alloc(desired_output_len, &code);
|
||||
+ prf_out->value = gssalloc_malloc(desired_output_len);
|
||||
if (prf_out->value == NULL) {
|
||||
code = KG_INPUT_TOO_LONG;
|
||||
goto cleanup;
|
||||
diff --git a/src/lib/gssapi/mechglue/g_decapsulate_token.c b/src/lib/gssapi/mechglue/g_decapsulate_token.c
|
||||
index 934d2607c..1c04e2f27 100644
|
||||
--- a/src/lib/gssapi/mechglue/g_decapsulate_token.c
|
||||
+++ b/src/lib/gssapi/mechglue/g_decapsulate_token.c
|
||||
@@ -55,7 +55,7 @@ gss_decapsulate_token(gss_const_buffer_t input_token,
|
||||
if (minor != 0)
|
||||
return GSS_S_DEFECTIVE_TOKEN;
|
||||
|
||||
- output_token->value = malloc(body_size);
|
||||
+ output_token->value = gssalloc_malloc(body_size);
|
||||
if (output_token->value == NULL)
|
||||
return GSS_S_FAILURE;
|
||||
|
||||
diff --git a/src/lib/gssapi/mechglue/g_encapsulate_token.c b/src/lib/gssapi/mechglue/g_encapsulate_token.c
|
||||
index 6ce0eeb0f..850e3ee65 100644
|
||||
--- a/src/lib/gssapi/mechglue/g_encapsulate_token.c
|
||||
+++ b/src/lib/gssapi/mechglue/g_encapsulate_token.c
|
||||
@@ -51,7 +51,7 @@ gss_encapsulate_token(gss_const_buffer_t input_token,
|
||||
assert(tokenSize > 2);
|
||||
tokenSize -= 2; /* TOK_ID */
|
||||
|
||||
- output_token->value = malloc(tokenSize);
|
||||
+ output_token->value = gssalloc_malloc(tokenSize);
|
||||
if (output_token->value == NULL)
|
||||
return GSS_S_FAILURE;
|
||||
|
||||
diff --git a/src/lib/gssapi/mechglue/g_exp_sec_context.c b/src/lib/gssapi/mechglue/g_exp_sec_context.c
|
||||
index 1d7990b1c..a04afe3d1 100644
|
||||
--- a/src/lib/gssapi/mechglue/g_exp_sec_context.c
|
||||
+++ b/src/lib/gssapi/mechglue/g_exp_sec_context.c
|
||||
@@ -112,7 +112,7 @@ gss_buffer_t interprocess_token;
|
||||
|
||||
length = token.length + 4 + ctx->mech_type->length;
|
||||
interprocess_token->length = length;
|
||||
- interprocess_token->value = malloc(length);
|
||||
+ interprocess_token->value = gssalloc_malloc(length);
|
||||
if (interprocess_token->value == 0) {
|
||||
*minor_status = ENOMEM;
|
||||
status = GSS_S_FAILURE;
|
||||
diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
|
||||
index 9d6027ce8..412b4c41c 100644
|
||||
--- a/src/lib/gssapi/spnego/spnego_mech.c
|
||||
+++ b/src/lib/gssapi/spnego/spnego_mech.c
|
||||
@@ -3731,7 +3731,7 @@ negotiate_mech(gss_OID_set supported, gss_OID_set received,
|
||||
static spnego_token_t
|
||||
make_spnego_token(const char *name)
|
||||
{
|
||||
- return (spnego_token_t)strdup(name);
|
||||
+ return (spnego_token_t)gssalloc_strdup(name);
|
||||
}
|
||||
|
||||
static gss_buffer_desc
|
||||
@ -1,21 +0,0 @@
|
||||
From 37c9242bf19d63c6f35086a931b9a072d5b71caf Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 23 Aug 2016 16:52:01 -0400
|
||||
Subject: [PATCH] krb5-1.11-kpasswdtest.patch
|
||||
|
||||
---
|
||||
src/kadmin/testing/proto/krb5.conf.proto | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/kadmin/testing/proto/krb5.conf.proto b/src/kadmin/testing/proto/krb5.conf.proto
|
||||
index 00c442978..9c4bc1de7 100644
|
||||
--- a/src/kadmin/testing/proto/krb5.conf.proto
|
||||
+++ b/src/kadmin/testing/proto/krb5.conf.proto
|
||||
@@ -9,6 +9,7 @@
|
||||
__REALM__ = {
|
||||
kdc = __KDCHOST__:1750
|
||||
admin_server = __KDCHOST__:1751
|
||||
+ kpasswd_server = __KDCHOST__:1752
|
||||
database_module = foobar_db2_module_blah
|
||||
}
|
||||
|
||||
@ -1,44 +0,0 @@
|
||||
From 76a67da3510e761eb01822a6db551fa3092189a3 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Tue, 23 Aug 2016 16:49:57 -0400
|
||||
Subject: [PATCH] krb5-1.11-run_user_0.patch
|
||||
|
||||
A hack: if we're looking at creating a ccache directory directly below
|
||||
the /run/user/0 directory, and /run/user/0 doesn't exist, try to create
|
||||
it, too.
|
||||
---
|
||||
src/lib/krb5/ccache/cc_dir.c | 14 ++++++++++++++
|
||||
1 file changed, 14 insertions(+)
|
||||
|
||||
diff --git a/src/lib/krb5/ccache/cc_dir.c b/src/lib/krb5/ccache/cc_dir.c
|
||||
index 73f0fe62d..4850c0d07 100644
|
||||
--- a/src/lib/krb5/ccache/cc_dir.c
|
||||
+++ b/src/lib/krb5/ccache/cc_dir.c
|
||||
@@ -61,6 +61,8 @@
|
||||
|
||||
#include <dirent.h>
|
||||
|
||||
+#define ROOT_SPECIAL_DCC_PARENT "/run/user/0"
|
||||
+
|
||||
extern const krb5_cc_ops krb5_dcc_ops;
|
||||
extern const krb5_cc_ops krb5_fcc_ops;
|
||||
|
||||
@@ -237,6 +239,18 @@ verify_dir(krb5_context context, const char *dirname)
|
||||
|
||||
if (stat(dirname, &st) < 0) {
|
||||
if (errno == ENOENT) {
|
||||
+ if (strncmp(dirname, ROOT_SPECIAL_DCC_PARENT "/",
|
||||
+ sizeof(ROOT_SPECIAL_DCC_PARENT)) == 0 &&
|
||||
+ stat(ROOT_SPECIAL_DCC_PARENT, &st) < 0 &&
|
||||
+ errno == ENOENT) {
|
||||
+#ifdef USE_SELINUX
|
||||
+ selabel = krb5int_push_fscreatecon_for(ROOT_SPECIAL_DCC_PARENT);
|
||||
+#endif
|
||||
+ status = mkdir(ROOT_SPECIAL_DCC_PARENT, S_IRWXU);
|
||||
+#ifdef USE_SELINUX
|
||||
+ krb5int_pop_fscreatecon(selabel);
|
||||
+#endif
|
||||
+ }
|
||||
#ifdef USE_SELINUX
|
||||
selabel = krb5int_push_fscreatecon_for(dirname);
|
||||
#endif
|
||||
@ -1,4 +1,4 @@
|
||||
From 80b56b04d90fcacd9f78fed305c7d5528d863b38 Mon Sep 17 00:00:00 2001
|
||||
From 6048ef0ecbf45f239a6df3074975b926ce286e5a Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Fri, 9 Nov 2018 15:12:21 -0500
|
||||
Subject: [PATCH] krb5-1.17post6 FIPS with PRNG and RADIUS and MD4
|
||||
|
||||
@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system
|
||||
Name: krb5
|
||||
Version: 1.17
|
||||
# for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces)
|
||||
Release: 52%{?dist}
|
||||
Release: 53%{?dist}
|
||||
|
||||
# lookaside-cached sources; two downloads and a build artifact
|
||||
Source0: https://web.mit.edu/kerberos/dist/krb5/1.17/krb5-%{version}%{prerelease}.tar.gz
|
||||
@ -54,8 +54,6 @@ Patch27: krb5-1.17-beta1-selinux-label.patch
|
||||
Patch30: krb5-1.15-beta1-buildconf.patch
|
||||
Patch31: krb5-1.3.1-dns.patch
|
||||
Patch34: krb5-1.9-debuginfo.patch
|
||||
Patch35: krb5-1.11-run_user_0.patch
|
||||
Patch36: krb5-1.11-kpasswdtest.patch
|
||||
Patch90: Add-tests-for-KCM-ccache-type.patch
|
||||
Patch92: Address-some-optimized-out-memset-calls.patch
|
||||
Patch94: Avoid-allocating-a-register-in-zap-assembly.patch
|
||||
@ -129,6 +127,7 @@ Patch168: Update-test-suite-cert-message-digest-to-sha256.patch
|
||||
Patch169: Use-backported-version-of-OpenSSL-3-KDF-interface.patch
|
||||
Patch170: krb5-1.17post6-FIPS-with-PRNG-and-RADIUS-and-MD4.patch
|
||||
Patch171: Fix-kadmin-addprinc-randkey-kvno.patch
|
||||
Patch172: Various-gssalloc-fixes.patch
|
||||
|
||||
License: MIT
|
||||
URL: https://web.mit.edu/kerberos/www/
|
||||
@ -736,6 +735,9 @@ exit 0
|
||||
%{_libdir}/libkadm5srv_mit.so.*
|
||||
|
||||
%changelog
|
||||
* Wed Nov 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-53
|
||||
- Various gssalloc fixes
|
||||
|
||||
* Thu Nov 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-52
|
||||
- Turns out openssl has an epoch
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user