- krb5_get_init_creds_password: check opte->flags instead of options->flags
when checking whether or not we get to use the prompter callback
(#555875)
This commit is contained in:
Nalin Dahyabhai
parent
2baf72c02f
commit
da536a5974
14
krb5-1.7-opte.patch
Normal file
14
krb5-1.7-opte.patch
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
Check opte->flags instead of options->flags, because we know that opte has
|
||||||
|
been initialized to the library defaults if options was NULL.
|
||||||
|
diff -up krb5-1.7/src/lib/krb5/krb/gic_pwd.c krb5-1.7/src/lib/krb5/krb/gic_pwd.c
|
||||||
|
--- krb5-1.7/src/lib/krb5/krb/gic_pwd.c 2010-01-15 15:07:52.000000000 -0500
|
||||||
|
+++ krb5-1.7/src/lib/krb5/krb/gic_pwd.c 2010-01-15 15:07:56.000000000 -0500
|
||||||
|
@@ -200,7 +200,7 @@ krb5_get_init_creds_password(krb5_contex
|
||||||
|
* to prompt. Prompting is only disabled if the option has been set
|
||||||
|
* and the value has been set to false.
|
||||||
|
*/
|
||||||
|
- if (!(options->flags & KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT))
|
||||||
|
+ if (!(opte->flags & KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT))
|
||||||
|
goto cleanup;
|
||||||
|
|
||||||
|
/* ok, we have an expired password. Give the user a few chances
|
||||||
@ -10,7 +10,7 @@
|
|||||||
Summary: The Kerberos network authentication system
|
Summary: The Kerberos network authentication system
|
||||||
Name: krb5
|
Name: krb5
|
||||||
Version: 1.7
|
Version: 1.7
|
||||||
Release: 19%{?dist}
|
Release: 20%{?dist}
|
||||||
# Maybe we should explode from the now-available-to-everybody tarball instead?
|
# Maybe we should explode from the now-available-to-everybody tarball instead?
|
||||||
# http://web.mit.edu/kerberos/dist/krb5/1.7/krb5-1.7-signed.tar
|
# http://web.mit.edu/kerberos/dist/krb5/1.7/krb5-1.7-signed.tar
|
||||||
Source0: krb5-%{version}.tar.gz
|
Source0: krb5-%{version}.tar.gz
|
||||||
@ -84,6 +84,7 @@ Patch91: krb5-1.7-spnego-deleg.patch
|
|||||||
Patch92: http://web.mit.edu/kerberos/advisories/2009-003-patch.txt
|
Patch92: http://web.mit.edu/kerberos/advisories/2009-003-patch.txt
|
||||||
Patch93: krb5-1.7-create_on_load.patch
|
Patch93: krb5-1.7-create_on_load.patch
|
||||||
Patch94: http://web.mit.edu/kerberos/advisories/2009-004-patch_1.7.txt
|
Patch94: http://web.mit.edu/kerberos/advisories/2009-004-patch_1.7.txt
|
||||||
|
Patch95: krb5-1.7-opte.patch
|
||||||
|
|
||||||
License: MIT
|
License: MIT
|
||||||
URL: http://web.mit.edu/kerberos/www/
|
URL: http://web.mit.edu/kerberos/www/
|
||||||
@ -222,6 +223,10 @@ to obtain initial credentials from a KDC using a private key and a
|
|||||||
certificate.
|
certificate.
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Jan 15 2010 Nalin Dahyabhai <nalin@redhat.com> - 1.7-20
|
||||||
|
- krb5_get_init_creds_password: check opte->flags instead of options->flags
|
||||||
|
when checking whether or not we get to use the prompter callback (#555875)
|
||||||
|
|
||||||
* Thu Jan 14 2010 Nalin Dahyabhai <nalin@redhat.com> - 1.7-19
|
* Thu Jan 14 2010 Nalin Dahyabhai <nalin@redhat.com> - 1.7-19
|
||||||
- use portreserve to make sure the KDC can always bind to the kerberos-iv
|
- use portreserve to make sure the KDC can always bind to the kerberos-iv
|
||||||
port, kpropd can always bind to the krb5_prop port, and that kadmind can
|
port, kpropd can always bind to the krb5_prop port, and that kadmind can
|
||||||
@ -1556,6 +1561,7 @@ popd
|
|||||||
%patch92 -p1 -b .2009-003
|
%patch92 -p1 -b .2009-003
|
||||||
%patch93 -p1 -b .create_on_load
|
%patch93 -p1 -b .create_on_load
|
||||||
%patch94 -p0 -b .2009-004
|
%patch94 -p0 -b .2009-004
|
||||||
|
%patch95 -p1 -b .opte
|
||||||
gzip doc/*.ps
|
gzip doc/*.ps
|
||||||
|
|
||||||
sed -i -e '1s!\[twoside\]!!;s!%\(\\usepackage{hyperref}\)!\1!' doc/api/library.tex
|
sed -i -e '1s!\[twoside\]!!;s!%\(\\usepackage{hyperref}\)!\1!' doc/api/library.tex
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user