first round of the otp plugin
This commit is contained in:
Nathaniel McCallum
parent
6fdbb463fc
commit
0efba32c47
3797
0001-add-libk5radius.patch
Normal file
3797
0001-add-libk5radius.patch
Normal file
File diff suppressed because it is too large
Load Diff
66
0002-Add-internal-KDC_DIR-macro.patch
Normal file
66
0002-Add-internal-KDC_DIR-macro.patch
Normal file
@ -0,0 +1,66 @@
|
||||
From 5caeecbc6753f526ccd620e29daed49973f8e21d Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 15 Jan 2013 11:11:27 -0500
|
||||
Subject: [PATCH 2/3] Add internal KDC_DIR macro
|
||||
|
||||
Define KDC_DIR in osconf.hin and use it for paths within the KDC
|
||||
directory.
|
||||
---
|
||||
src/include/osconf.hin | 21 +++++++++++----------
|
||||
1 file changed, 11 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/src/include/osconf.hin b/src/include/osconf.hin
|
||||
index c3a33c2..1bca991 100644
|
||||
--- a/src/include/osconf.hin
|
||||
+++ b/src/include/osconf.hin
|
||||
@@ -58,14 +58,15 @@
|
||||
#define DEFAULT_PLUGIN_BASE_DIR "@LIBDIR/krb5/plugins"
|
||||
#define PLUGIN_EXT "@DYNOBJEXT"
|
||||
|
||||
-#define DEFAULT_KDB_FILE "@LOCALSTATEDIR/krb5kdc/principal"
|
||||
-#define DEFAULT_KEYFILE_STUB "@LOCALSTATEDIR/krb5kdc/.k5."
|
||||
-#define KRB5_DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/krb5_adm.acl"
|
||||
+#define KDC_DIR "@LOCALSTATEDIR/krb5kdc"
|
||||
+#define DEFAULT_KDB_FILE KDC_DIR "/principal"
|
||||
+#define DEFAULT_KEYFILE_STUB KDC_DIR "/.k5."
|
||||
+#define KRB5_DEFAULT_ADMIN_ACL KDC_DIR "/krb5_adm.acl"
|
||||
/* Used by old admin server */
|
||||
-#define DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/kadm_old.acl"
|
||||
+#define DEFAULT_ADMIN_ACL KDC_DIR "/krb5kdc/kadm_old.acl"
|
||||
|
||||
/* Location of KDC profile */
|
||||
-#define DEFAULT_KDC_PROFILE "@LOCALSTATEDIR/krb5kdc/kdc.conf"
|
||||
+#define DEFAULT_KDC_PROFILE KDC_DIR "/krb5kdc/kdc.conf"
|
||||
#define KDC_PROFILE_ENV "KRB5_KDC_PROFILE"
|
||||
|
||||
#if TARGET_OS_MAC
|
||||
@@ -93,8 +94,8 @@
|
||||
/*
|
||||
* Defaults for the KADM5 admin system.
|
||||
*/
|
||||
-#define DEFAULT_KADM5_KEYTAB "@LOCALSTATEDIR/krb5kdc/kadm5.keytab"
|
||||
-#define DEFAULT_KADM5_ACL_FILE "@LOCALSTATEDIR/krb5kdc/kadm5.acl"
|
||||
+#define DEFAULT_KADM5_KEYTAB KDC_DIR "/kadm5.keytab"
|
||||
+#define DEFAULT_KADM5_ACL_FILE KDC_DIR "/kadm5.acl"
|
||||
#define DEFAULT_KADM5_PORT 749 /* assigned by IANA */
|
||||
|
||||
#define KRB5_DEFAULT_SUPPORTED_ENCTYPES \
|
||||
@@ -116,12 +117,12 @@
|
||||
* krb5 slave support follows
|
||||
*/
|
||||
|
||||
-#define KPROP_DEFAULT_FILE "@LOCALSTATEDIR/krb5kdc/slave_datatrans"
|
||||
-#define KPROPD_DEFAULT_FILE "@LOCALSTATEDIR/krb5kdc/from_master"
|
||||
+#define KPROP_DEFAULT_FILE KDC_DIR "/slave_datatrans"
|
||||
+#define KPROPD_DEFAULT_FILE KDC_DIR "/from_master"
|
||||
#define KPROPD_DEFAULT_KDB5_UTIL "@SBINDIR/kdb5_util"
|
||||
#define KPROPD_DEFAULT_KPROP "@SBINDIR/kprop"
|
||||
#define KPROPD_DEFAULT_KRB_DB DEFAULT_KDB_FILE
|
||||
-#define KPROPD_ACL_FILE "@LOCALSTATEDIR/krb5kdc/kpropd.acl"
|
||||
+#define KPROPD_ACL_FILE KDC_DIR "/kpropd.acl"
|
||||
|
||||
/*
|
||||
* GSS mechglue
|
||||
--
|
||||
1.8.1.4
|
||||
|
||||
1174
0003-add-otp-plugin.patch
Normal file
1174
0003-add-otp-plugin.patch
Normal file
File diff suppressed because it is too large
Load Diff
20
krb5.spec
20
krb5.spec
@ -30,7 +30,7 @@
|
||||
Summary: The Kerberos network authentication system
|
||||
Name: krb5
|
||||
Version: 1.11.1
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
# Maybe we should explode from the now-available-to-everybody tarball instead?
|
||||
# http://web.mit.edu/kerberos/dist/krb5/1.11/krb5-1.11.1-signed.tar
|
||||
Source0: krb5-%{version}.tar.gz
|
||||
@ -75,6 +75,10 @@ Patch105: krb5-kvno-230379.patch
|
||||
Patch113: krb5-1.11-alpha1-init.patch
|
||||
Patch114: krb5-lookup_etypes-leak.patch
|
||||
|
||||
Patch201: 0001-add-libk5radius.patch
|
||||
Patch202: 0002-Add-internal-KDC_DIR-macro.patch
|
||||
Patch203: 0003-add-otp-plugin.patch
|
||||
|
||||
License: MIT
|
||||
URL: http://web.mit.edu/kerberos/www/
|
||||
Group: System Environment/Libraries
|
||||
@ -149,6 +153,7 @@ Requires: %{name}-libs = %{version}-%{release}
|
||||
Requires: libcom_err-devel
|
||||
%endif
|
||||
Requires: keyutils-libs-devel, libselinux-devel
|
||||
Requires: libverto-devel
|
||||
|
||||
%description devel
|
||||
Kerberos is a network authentication system. The krb5-devel package
|
||||
@ -285,6 +290,11 @@ ln -s NOTICE LICENSE
|
||||
%patch113 -p1 -b .init
|
||||
%patch114 -p1 -b .lookup_etypes-leak
|
||||
|
||||
%patch201 -p1
|
||||
%patch202 -p1
|
||||
%patch203 -p1
|
||||
|
||||
|
||||
# Take the execute bit off of documentation.
|
||||
chmod -x doc/krb5-protocol/*.txt
|
||||
|
||||
@ -654,6 +664,8 @@ exit 0
|
||||
%dir %{_libdir}/krb5/plugins/kdb
|
||||
%dir %{_libdir}/krb5/plugins/preauth
|
||||
%dir %{_libdir}/krb5/plugins/authdata
|
||||
%{_libdir}/krb5/plugins/preauth/otp.so
|
||||
|
||||
|
||||
# Problem-reporting tool.
|
||||
%{_sbindir}/krb5-send-pr
|
||||
@ -725,6 +737,7 @@ exit 0
|
||||
%{_libdir}/libkadm5clnt_mit.so.*
|
||||
%{_libdir}/libkadm5srv_mit.so.*
|
||||
%{_libdir}/libkdb5.so.*
|
||||
%{_libdir}/libk5radius.so.*
|
||||
%if %{separate_usr}
|
||||
/%{_lib}/libkrb5.so.*
|
||||
/%{_lib}/libkrb5support.so.*
|
||||
@ -775,6 +788,7 @@ exit 0
|
||||
%{_libdir}/libkadm5srv.so
|
||||
%{_libdir}/libkadm5srv_mit.so
|
||||
%{_libdir}/libkdb5.so
|
||||
%{_libdir}/libk5radius.so
|
||||
%{_libdir}/libkrb5.so
|
||||
%{_libdir}/libkrb5support.so
|
||||
|
||||
@ -795,6 +809,10 @@ exit 0
|
||||
%{_sbindir}/uuserver
|
||||
|
||||
%changelog
|
||||
* Mon Mar 11 2013 Nathaniel McCallum <npmccallum@redhat.com> 1.11.1-4
|
||||
- Add libverto-devel requires for krb5-devel
|
||||
- Add otp support
|
||||
|
||||
* Thu Feb 28 2013 Nalin Dahyabhai <nalin@redhat.com> 1.11.1-3
|
||||
- fix a memory leak when acquiring credentials using a keytab (RT#7586, #911110)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user