From ace60f77734bfc30643927b307b8134272bfd68b Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Mon, 30 Apr 2018 12:08:36 -0400
Subject: [PATCH] Set error message on KCM get_princ failure

---
 Check-for-zero-argc-in-ksu.patch              | 29 --------------
 Move-zero-argc-check-earlier-in-ksu.patch     | 39 -------------------
 ...ror-message-on-KCM-get_princ-failure.patch |  2 +-
 krb5.spec                                     |  7 ++--
 4 files changed, 5 insertions(+), 72 deletions(-)
 delete mode 100644 Check-for-zero-argc-in-ksu.patch
 delete mode 100644 Move-zero-argc-check-earlier-in-ksu.patch

diff --git a/Check-for-zero-argc-in-ksu.patch b/Check-for-zero-argc-in-ksu.patch
deleted file mode 100644
index 32b0ae4..0000000
--- a/Check-for-zero-argc-in-ksu.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 2c88cf9966d2dad7902df3eeef1834b55000b246 Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Tue, 24 Apr 2018 14:31:35 -0400
-Subject: [PATCH] Check for zero argc in ksu
-
-Most programs in the tree will perform a null dereference when argc is
-zero, but as a setuid program ksu should be extra careful about memory
-errors, even if this one is harmless.  Check and exit with status 1
-immediately.
-
-ticket: 8661
-(cherry picked from commit c5b0a998d6349f8c90821a347db5666aed0e50eb)
----
- src/clients/ksu/main.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c
-index c6321c01b..6cb91e24f 100644
---- a/src/clients/ksu/main.c
-+++ b/src/clients/ksu/main.c
-@@ -144,6 +144,8 @@ main (argc, argv)
-         exit(1);
-     }
- 
-+    if (argc == 0)
-+        exit(1);
-     if (strrchr(argv[0], '/'))
-         argv[0] = strrchr(argv[0], '/')+1;
-     prog_name = argv[0];
diff --git a/Move-zero-argc-check-earlier-in-ksu.patch b/Move-zero-argc-check-earlier-in-ksu.patch
deleted file mode 100644
index ba14d3e..0000000
--- a/Move-zero-argc-check-earlier-in-ksu.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 292843b6a1d774198845d8e9511d1fa2ca5859e4 Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Tue, 24 Apr 2018 19:35:38 -0400
-Subject: [PATCH] Move zero argc check earlier in ksu
-
-For improved auditability, check for a zero argc value earlier in
-main() so that the first two calls to com_err() can't pass a NULL
-whoami value--which would be harmless, but that may not be obvious to
-a reader.
-
-ticket: 8661
-(cherry picked from commit e1b5b824f5d7388a67d0854b56d3906c4fbdd778)
----
- src/clients/ksu/main.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c
-index 6cb91e24f..b9a997fc2 100644
---- a/src/clients/ksu/main.c
-+++ b/src/clients/ksu/main.c
-@@ -127,6 +127,9 @@ main (argc, argv)
-     krb5_boolean restrict_creds;
-     krb5_deltat lifetime, rlife;
- 
-+    if (argc == 0)
-+        exit(1);
-+
-     params = (char **) xcalloc (2, sizeof (char *));
-     params[1] = NULL;
- 
-@@ -144,8 +147,6 @@ main (argc, argv)
-         exit(1);
-     }
- 
--    if (argc == 0)
--        exit(1);
-     if (strrchr(argv[0], '/'))
-         argv[0] = strrchr(argv[0], '/')+1;
-     prog_name = argv[0];
diff --git a/Set-error-message-on-KCM-get_princ-failure.patch b/Set-error-message-on-KCM-get_princ-failure.patch
index bb2e3cb..20cc5ba 100644
--- a/Set-error-message-on-KCM-get_princ-failure.patch
+++ b/Set-error-message-on-KCM-get_princ-failure.patch
@@ -1,4 +1,4 @@
-From fb73fe5af9c82c20630cbf72c08e3e89f57deeaf Mon Sep 17 00:00:00 2001
+From f9c9d683852eb4881e099b3042d4c6e5e1444efc Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Fri, 27 Apr 2018 13:51:39 -0400
 Subject: [PATCH] Set error message on KCM get_princ failure
diff --git a/krb5.spec b/krb5.spec
index 6abe00c..8062dad 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.16
 # for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces)
-Release: 25%{?dist}
+Release: 26%{?dist}
 
 # lookaside-cached sources; two downloads and a build artifact
 Source0: https://web.mit.edu/kerberos/dist/krb5/1.16/krb5-%{version}%{prerelease}.tar.gz
@@ -94,8 +94,6 @@ Patch67: Return-UPN-SANs-as-strings.patch
 Patch68: Restrict-pre-authentication-fallback-cases.patch
 Patch69: Merge-duplicate-subsections-in-profile-library.patch
 Patch70: Fix-KDC-null-dereference-on-large-TGS-replies.patch
-Patch71: Check-for-zero-argc-in-ksu.patch
-Patch72: Move-zero-argc-check-earlier-in-ksu.patch
 Patch73: Set-error-message-on-KCM-get_princ-failure.patch
 
 License: MIT
@@ -748,6 +746,9 @@ exit 0
 %{_libdir}/libkadm5srv_mit.so.*
 
 %changelog
+* Mon Apr 30 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-26
+- Set error message on KCM get_princ failure
+
 * Mon Apr 30 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-25
 - Set error message on KCM get_princ failure