Fix build failure in -1

This commit is contained in:
Robbie Harwood 2020-11-18 13:33:37 -05:00
parent 5facc9df4d
commit dc8775d11d
9 changed files with 28 additions and 25 deletions

View File

@ -1,4 +1,4 @@
From ba21ad84f7c8317a595ded1e657c7985fa4b90e1 Mon Sep 17 00:00:00 2001
From 4da87d7fe288f3f7087dca8396d42abfd958b8e4 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Wed, 17 Jun 2020 20:48:38 -0400
Subject: [PATCH] Add three kvno options from Heimdal kgetcred
@ -17,10 +17,10 @@ ticket: 8917 (new)
---
doc/user/user_commands/kvno.rst | 13 ++++
src/clients/kvno/Makefile.in | 3 +
src/clients/kvno/kvno.c | 113 +++++++++++++++++++++++---------
src/clients/kvno/kvno.c | 112 +++++++++++++++++++++++---------
src/clients/kvno/t_kvno.py | 75 +++++++++++++++++++++
src/man/kvno.man | 13 ++++
5 files changed, 185 insertions(+), 32 deletions(-)
5 files changed, 185 insertions(+), 31 deletions(-)
create mode 100644 src/clients/kvno/t_kvno.py
diff --git a/doc/user/user_commands/kvno.rst b/doc/user/user_commands/kvno.rst
@ -62,16 +62,16 @@ index 1c3f79392..5ba877271 100644
$(RM) kvno.o kvno
diff --git a/src/clients/kvno/kvno.c b/src/clients/kvno/kvno.c
index 8edd97361..55e7dd0ce 100644
index 8edd97361..c5f6bf700 100644
--- a/src/clients/kvno/kvno.c
+++ b/src/clients/kvno/kvno.c
@@ -47,15 +47,16 @@ xusage()
@@ -47,15 +47,17 @@ xusage()
"[-u | -S sname]" XUSAGE_BREAK
"[[{-F cert_file | {-I | -U} for_user} [-P]] | "
"--u2u ccache]" XUSAGE_BREAK
+ "[--cached-only] [--no-store] [--out-cache] "
"service1 service2 ...\n"),
- prog);
prog);
exit(1);
}
@ -86,7 +86,7 @@ index 8edd97361..55e7dd0ce 100644
const char *u2u_ccname);
#include <com_err.h>
@@ -65,18 +66,21 @@ static void extended_com_err_fn(const char *myprog, errcode_t code,
@@ -65,18 +67,21 @@ static void extended_com_err_fn(const char *myprog, errcode_t code,
int
main(int argc, char *argv[])
{
@ -115,7 +115,7 @@ index 8edd97361..55e7dd0ce 100644
setlocale(LC_ALL, "");
set_com_err_hook(extended_com_err_fn);
@@ -139,6 +143,12 @@ main(int argc, char *argv[])
@@ -139,6 +144,12 @@ main(int argc, char *argv[])
case OPTION_U2U:
u2u_ccname = optarg;
break;
@ -128,7 +128,7 @@ index 8edd97361..55e7dd0ce 100644
default:
xusage();
break;
@@ -163,8 +173,9 @@ main(int argc, char *argv[])
@@ -163,8 +174,9 @@ main(int argc, char *argv[])
xusage();
do_v5_kvno(argc - optind, argv + optind, ccachestr, etypestr, keytab_name,
@ -140,7 +140,7 @@ index 8edd97361..55e7dd0ce 100644
return 0;
}
@@ -278,14 +289,16 @@ static krb5_error_code
@@ -278,14 +290,16 @@ static krb5_error_code
kvno(const char *name, krb5_ccache ccache, krb5_principal me,
krb5_enctype etype, krb5_keytab keytab, const char *sname,
krb5_flags options, int unknown, krb5_principal for_user_princ,
@ -159,7 +159,7 @@ index 8edd97361..55e7dd0ce 100644
memset(&in_creds, 0, sizeof(in_creds));
if (sname != NULL) {
@@ -325,13 +338,12 @@ kvno(const char *name, krb5_ccache ccache, krb5_principal me,
@@ -325,13 +339,12 @@ kvno(const char *name, krb5_ccache ccache, krb5_principal me,
in_creds.client = for_user_princ;
in_creds.server = me;
ret = krb5_get_credentials_for_user(context, options, ccache,
@ -175,7 +175,7 @@ index 8edd97361..55e7dd0ce 100644
}
if (ret) {
@@ -340,7 +352,7 @@ kvno(const char *name, krb5_ccache ccache, krb5_principal me,
@@ -340,7 +353,7 @@ kvno(const char *name, krb5_ccache ccache, krb5_principal me,
}
/* We need a native ticket. */
@ -184,7 +184,7 @@ index 8edd97361..55e7dd0ce 100644
if (ret) {
com_err(prog, ret, _("while decoding ticket for %s"), princ);
goto cleanup;
@@ -366,15 +378,15 @@ kvno(const char *name, krb5_ccache ccache, krb5_principal me,
@@ -366,15 +379,15 @@ kvno(const char *name, krb5_ccache ccache, krb5_principal me,
}
if (proxy) {
@ -205,7 +205,7 @@ index 8edd97361..55e7dd0ce 100644
krb5_free_principal(context, in_creds.client);
if (ret) {
com_err(prog, ret, _("%s: constrained delegation failed"),
@@ -383,10 +395,13 @@ kvno(const char *name, krb5_ccache ccache, krb5_principal me,
@@ -383,10 +396,13 @@ kvno(const char *name, krb5_ccache ccache, krb5_principal me,
}
}
@ -220,7 +220,7 @@ index 8edd97361..55e7dd0ce 100644
krb5_free_unparsed_name(context, princ);
return ret;
}
@@ -432,19 +447,28 @@ cleanup:
@@ -432,19 +448,28 @@ cleanup:
static void
do_v5_kvno(int count, char *names[], char * ccachestr, char *etypestr,
@ -255,7 +255,7 @@ index 8edd97361..55e7dd0ce 100644
ret = krb5_init_context(&context);
if (ret) {
@@ -471,6 +495,14 @@ do_v5_kvno(int count, char *names[], char * ccachestr, char *etypestr,
@@ -471,6 +496,14 @@ do_v5_kvno(int count, char *names[], char * ccachestr, char *etypestr,
exit(1);
}
@ -270,7 +270,7 @@ index 8edd97361..55e7dd0ce 100644
if (keytab_name != NULL) {
ret = krb5_kt_resolve(context, keytab_name, &keytab);
if (ret) {
@@ -517,8 +549,25 @@ do_v5_kvno(int count, char *names[], char * ccachestr, char *etypestr,
@@ -517,8 +550,25 @@ do_v5_kvno(int count, char *names[], char * ccachestr, char *etypestr,
errors = 0;
for (i = 0; i < count; i++) {
if (kvno(names[i], ccache, me, etype, keytab, sname, options, unknown,

View File

@ -1,4 +1,4 @@
From cf853d10b13dca77acd08d1387e94527994f9ef5 Mon Sep 17 00:00:00 2001
From 833dfff1a11da3b1b9cf45a2bb09f17efa49cdba Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Tue, 22 Sep 2020 01:11:39 +0300
Subject: [PATCH] Adjust KDC alias helper function contract

View File

@ -1,4 +1,4 @@
From 5a9b4d190906a8b11a7e1f707d1ea1930ce2fd31 Mon Sep 17 00:00:00 2001
From e976a70ff23e600a76d1c3134f9c2f80753b6679 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Tue, 22 Sep 2020 01:17:11 +0300
Subject: [PATCH] Allow aliases when matching U2U second ticket

View File

@ -1,4 +1,4 @@
From f5987c71188138626030eef62145a126a84b62fb Mon Sep 17 00:00:00 2001
From e0fc680b2fb51513993c4cdaa2c25b292f57a073 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Wed, 30 Sep 2020 02:12:00 -0400
Subject: [PATCH] Avoid passing DB entry structures in KDC

View File

@ -1,4 +1,4 @@
From ae153c1dbb91782e1c8d5e80be9e133766eb81fd Mon Sep 17 00:00:00 2001
From 0de060366a1b75df47189f5cc0a7a92685cbe1d7 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Thu, 15 Oct 2020 18:15:29 -0400
Subject: [PATCH] Fix minor static analysis defects

View File

@ -1,4 +1,4 @@
From ec23f914a4be4f4ce5a8960ea72f0f45f7c8cf59 Mon Sep 17 00:00:00 2001
From dc03b33af17f2014baaa29412a1787cbcb140a62 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Fri, 4 Sep 2020 14:05:50 +0300
Subject: [PATCH] Improve KDC alias checking for S4U requests

View File

@ -1,4 +1,4 @@
From 62f5a8c4ef97f0f0f3ceddff8e0a768c5f3b544e Mon Sep 17 00:00:00 2001
From ce60c549887a7732a6079d6e7111eb645f279781 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Fri, 25 Sep 2020 11:12:34 -0400
Subject: [PATCH] Minimize usage of tgs_server in KDC

View File

@ -1,4 +1,4 @@
From 227828eb22ff0383f76b918899a03e1c7c97a7c0 Mon Sep 17 00:00:00 2001
From 00245d789edc6cf6263540d7c9d7ee45bbac58ce Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Wed, 5 Feb 2020 18:46:11 -0500
Subject: [PATCH] Refactor KDC authdata list management helpers

View File

@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system
Name: krb5
Version: 1.18.3
# for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces)
Release: 1%{?dist}
Release: 2%{?dist}
# rharwood has trust path to signing key and verifies on check-in
Source0: https://web.mit.edu/kerberos/dist/krb5/1.18/krb5-%{version}%{prerelease}.tar.gz
@ -627,6 +627,9 @@ exit 0
%{_libdir}/libkadm5srv_mit.so.*
%changelog
* Wed Nov 18 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.3-2
- Fix build failure in -1
* Wed Nov 18 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.3-1
- New upstream version (1.18.3)