first round of the otp plugin
This commit is contained in:
Nathaniel McCallum
parent
6fdbb463fc
commit
0efba32c47
3797
0001-add-libk5radius.patch
Normal file
3797
0001-add-libk5radius.patch
Normal file
File diff suppressed because it is too large
Load Diff
66
0002-Add-internal-KDC_DIR-macro.patch
Normal file
66
0002-Add-internal-KDC_DIR-macro.patch
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
From 5caeecbc6753f526ccd620e29daed49973f8e21d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Greg Hudson <ghudson@mit.edu>
|
||||||
|
Date: Tue, 15 Jan 2013 11:11:27 -0500
|
||||||
|
Subject: [PATCH 2/3] Add internal KDC_DIR macro
|
||||||
|
|
||||||
|
Define KDC_DIR in osconf.hin and use it for paths within the KDC
|
||||||
|
directory.
|
||||||
|
---
|
||||||
|
src/include/osconf.hin | 21 +++++++++++----------
|
||||||
|
1 file changed, 11 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/include/osconf.hin b/src/include/osconf.hin
|
||||||
|
index c3a33c2..1bca991 100644
|
||||||
|
--- a/src/include/osconf.hin
|
||||||
|
+++ b/src/include/osconf.hin
|
||||||
|
@@ -58,14 +58,15 @@
|
||||||
|
#define DEFAULT_PLUGIN_BASE_DIR "@LIBDIR/krb5/plugins"
|
||||||
|
#define PLUGIN_EXT "@DYNOBJEXT"
|
||||||
|
|
||||||
|
-#define DEFAULT_KDB_FILE "@LOCALSTATEDIR/krb5kdc/principal"
|
||||||
|
-#define DEFAULT_KEYFILE_STUB "@LOCALSTATEDIR/krb5kdc/.k5."
|
||||||
|
-#define KRB5_DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/krb5_adm.acl"
|
||||||
|
+#define KDC_DIR "@LOCALSTATEDIR/krb5kdc"
|
||||||
|
+#define DEFAULT_KDB_FILE KDC_DIR "/principal"
|
||||||
|
+#define DEFAULT_KEYFILE_STUB KDC_DIR "/.k5."
|
||||||
|
+#define KRB5_DEFAULT_ADMIN_ACL KDC_DIR "/krb5_adm.acl"
|
||||||
|
/* Used by old admin server */
|
||||||
|
-#define DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/kadm_old.acl"
|
||||||
|
+#define DEFAULT_ADMIN_ACL KDC_DIR "/krb5kdc/kadm_old.acl"
|
||||||
|
|
||||||
|
/* Location of KDC profile */
|
||||||
|
-#define DEFAULT_KDC_PROFILE "@LOCALSTATEDIR/krb5kdc/kdc.conf"
|
||||||
|
+#define DEFAULT_KDC_PROFILE KDC_DIR "/krb5kdc/kdc.conf"
|
||||||
|
#define KDC_PROFILE_ENV "KRB5_KDC_PROFILE"
|
||||||
|
|
||||||
|
#if TARGET_OS_MAC
|
||||||
|
@@ -93,8 +94,8 @@
|
||||||
|
/*
|
||||||
|
* Defaults for the KADM5 admin system.
|
||||||
|
*/
|
||||||
|
-#define DEFAULT_KADM5_KEYTAB "@LOCALSTATEDIR/krb5kdc/kadm5.keytab"
|
||||||
|
-#define DEFAULT_KADM5_ACL_FILE "@LOCALSTATEDIR/krb5kdc/kadm5.acl"
|
||||||
|
+#define DEFAULT_KADM5_KEYTAB KDC_DIR "/kadm5.keytab"
|
||||||
|
+#define DEFAULT_KADM5_ACL_FILE KDC_DIR "/kadm5.acl"
|
||||||
|
#define DEFAULT_KADM5_PORT 749 /* assigned by IANA */
|
||||||
|
|
||||||
|
#define KRB5_DEFAULT_SUPPORTED_ENCTYPES \
|
||||||
|
@@ -116,12 +117,12 @@
|
||||||
|
* krb5 slave support follows
|
||||||
|
*/
|
||||||
|
|
||||||
|
-#define KPROP_DEFAULT_FILE "@LOCALSTATEDIR/krb5kdc/slave_datatrans"
|
||||||
|
-#define KPROPD_DEFAULT_FILE "@LOCALSTATEDIR/krb5kdc/from_master"
|
||||||
|
+#define KPROP_DEFAULT_FILE KDC_DIR "/slave_datatrans"
|
||||||
|
+#define KPROPD_DEFAULT_FILE KDC_DIR "/from_master"
|
||||||
|
#define KPROPD_DEFAULT_KDB5_UTIL "@SBINDIR/kdb5_util"
|
||||||
|
#define KPROPD_DEFAULT_KPROP "@SBINDIR/kprop"
|
||||||
|
#define KPROPD_DEFAULT_KRB_DB DEFAULT_KDB_FILE
|
||||||
|
-#define KPROPD_ACL_FILE "@LOCALSTATEDIR/krb5kdc/kpropd.acl"
|
||||||
|
+#define KPROPD_ACL_FILE KDC_DIR "/kpropd.acl"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* GSS mechglue
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
||||||
1174
0003-add-otp-plugin.patch
Normal file
1174
0003-add-otp-plugin.patch
Normal file
File diff suppressed because it is too large
Load Diff
20
krb5.spec
20
krb5.spec
@ -30,7 +30,7 @@
|
|||||||
Summary: The Kerberos network authentication system
|
Summary: The Kerberos network authentication system
|
||||||
Name: krb5
|
Name: krb5
|
||||||
Version: 1.11.1
|
Version: 1.11.1
|
||||||
Release: 3%{?dist}
|
Release: 4%{?dist}
|
||||||
# Maybe we should explode from the now-available-to-everybody tarball instead?
|
# Maybe we should explode from the now-available-to-everybody tarball instead?
|
||||||
# http://web.mit.edu/kerberos/dist/krb5/1.11/krb5-1.11.1-signed.tar
|
# http://web.mit.edu/kerberos/dist/krb5/1.11/krb5-1.11.1-signed.tar
|
||||||
Source0: krb5-%{version}.tar.gz
|
Source0: krb5-%{version}.tar.gz
|
||||||
@ -75,6 +75,10 @@ Patch105: krb5-kvno-230379.patch
|
|||||||
Patch113: krb5-1.11-alpha1-init.patch
|
Patch113: krb5-1.11-alpha1-init.patch
|
||||||
Patch114: krb5-lookup_etypes-leak.patch
|
Patch114: krb5-lookup_etypes-leak.patch
|
||||||
|
|
||||||
|
Patch201: 0001-add-libk5radius.patch
|
||||||
|
Patch202: 0002-Add-internal-KDC_DIR-macro.patch
|
||||||
|
Patch203: 0003-add-otp-plugin.patch
|
||||||
|
|
||||||
License: MIT
|
License: MIT
|
||||||
URL: http://web.mit.edu/kerberos/www/
|
URL: http://web.mit.edu/kerberos/www/
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -149,6 +153,7 @@ Requires: %{name}-libs = %{version}-%{release}
|
|||||||
Requires: libcom_err-devel
|
Requires: libcom_err-devel
|
||||||
%endif
|
%endif
|
||||||
Requires: keyutils-libs-devel, libselinux-devel
|
Requires: keyutils-libs-devel, libselinux-devel
|
||||||
|
Requires: libverto-devel
|
||||||
|
|
||||||
%description devel
|
%description devel
|
||||||
Kerberos is a network authentication system. The krb5-devel package
|
Kerberos is a network authentication system. The krb5-devel package
|
||||||
@ -285,6 +290,11 @@ ln -s NOTICE LICENSE
|
|||||||
%patch113 -p1 -b .init
|
%patch113 -p1 -b .init
|
||||||
%patch114 -p1 -b .lookup_etypes-leak
|
%patch114 -p1 -b .lookup_etypes-leak
|
||||||
|
|
||||||
|
%patch201 -p1
|
||||||
|
%patch202 -p1
|
||||||
|
%patch203 -p1
|
||||||
|
|
||||||
|
|
||||||
# Take the execute bit off of documentation.
|
# Take the execute bit off of documentation.
|
||||||
chmod -x doc/krb5-protocol/*.txt
|
chmod -x doc/krb5-protocol/*.txt
|
||||||
|
|
||||||
@ -654,6 +664,8 @@ exit 0
|
|||||||
%dir %{_libdir}/krb5/plugins/kdb
|
%dir %{_libdir}/krb5/plugins/kdb
|
||||||
%dir %{_libdir}/krb5/plugins/preauth
|
%dir %{_libdir}/krb5/plugins/preauth
|
||||||
%dir %{_libdir}/krb5/plugins/authdata
|
%dir %{_libdir}/krb5/plugins/authdata
|
||||||
|
%{_libdir}/krb5/plugins/preauth/otp.so
|
||||||
|
|
||||||
|
|
||||||
# Problem-reporting tool.
|
# Problem-reporting tool.
|
||||||
%{_sbindir}/krb5-send-pr
|
%{_sbindir}/krb5-send-pr
|
||||||
@ -725,6 +737,7 @@ exit 0
|
|||||||
%{_libdir}/libkadm5clnt_mit.so.*
|
%{_libdir}/libkadm5clnt_mit.so.*
|
||||||
%{_libdir}/libkadm5srv_mit.so.*
|
%{_libdir}/libkadm5srv_mit.so.*
|
||||||
%{_libdir}/libkdb5.so.*
|
%{_libdir}/libkdb5.so.*
|
||||||
|
%{_libdir}/libk5radius.so.*
|
||||||
%if %{separate_usr}
|
%if %{separate_usr}
|
||||||
/%{_lib}/libkrb5.so.*
|
/%{_lib}/libkrb5.so.*
|
||||||
/%{_lib}/libkrb5support.so.*
|
/%{_lib}/libkrb5support.so.*
|
||||||
@ -775,6 +788,7 @@ exit 0
|
|||||||
%{_libdir}/libkadm5srv.so
|
%{_libdir}/libkadm5srv.so
|
||||||
%{_libdir}/libkadm5srv_mit.so
|
%{_libdir}/libkadm5srv_mit.so
|
||||||
%{_libdir}/libkdb5.so
|
%{_libdir}/libkdb5.so
|
||||||
|
%{_libdir}/libk5radius.so
|
||||||
%{_libdir}/libkrb5.so
|
%{_libdir}/libkrb5.so
|
||||||
%{_libdir}/libkrb5support.so
|
%{_libdir}/libkrb5support.so
|
||||||
|
|
||||||
@ -795,6 +809,10 @@ exit 0
|
|||||||
%{_sbindir}/uuserver
|
%{_sbindir}/uuserver
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Mar 11 2013 Nathaniel McCallum <npmccallum@redhat.com> 1.11.1-4
|
||||||
|
- Add libverto-devel requires for krb5-devel
|
||||||
|
- Add otp support
|
||||||
|
|
||||||
* Thu Feb 28 2013 Nalin Dahyabhai <nalin@redhat.com> 1.11.1-3
|
* Thu Feb 28 2013 Nalin Dahyabhai <nalin@redhat.com> 1.11.1-3
|
||||||
- fix a memory leak when acquiring credentials using a keytab (RT#7586, #911110)
|
- fix a memory leak when acquiring credentials using a keytab (RT#7586, #911110)
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user