Commit Graph

529 Commits

Author SHA1 Message Date
Nalin Dahyabhai
2550a37b4f Pull in a fix for a mem leak from master (RT#7805)
- pull in fix from master to avoid a memory leak in a couple of error
  cases which could occur while obtaining acceptor credentials (RT#7805, part
  of #1043962)
2013-12-18 14:33:23 -05:00
Nalin Dahyabhai
460d74d224 Pull in a fix for a mem leak from master (RT#7803)
- pull in fix from master to avoid a memory leak when a mechanism's
  init_sec_context function fails (RT#7803, part of #1043962)
2013-12-18 14:23:21 -05:00
Nalin Dahyabhai
39888b7c42 Pick up another interop fix from master (RT#7797)
- pull in fix from master to ignore an empty token from an acceptor if
  we've already finished authenticating (RT#7797, part of #1043962)
2013-12-18 14:22:24 -05:00
Nalin Dahyabhai
735b73ebbb Pick up an interop fix from master (RT#7794)
- pull in fix from master to return a NULL pointer rather than allocating
  zero bytes of memory if we read a zero-length input token (RT#7794, part of
  #1043962)
2013-12-18 14:20:57 -05:00
Nalin Dahyabhai
3a1e355f38 Update to 1.12 final 2013-12-11 10:52:40 -05:00
Nalin Dahyabhai
93ae18a6c5 Whoops, grab the beta 2 PDFs 2013-12-02 11:58:32 -05:00
Nalin Dahyabhai
f002059e62 Update to 1.12 beta2
- drop obsolete backports for storing KDC time offsets and expiration times
  in keyring credential caches
2013-12-02 11:47:40 -05:00
Nalin Dahyabhai
88c0c528bd Update to 1.12 beta 2013-11-19 18:08:43 -05:00
Nalin Dahyabhai
3c08a1616e BuildRequire: pkgconfig and package pkgconfig data 2013-11-19 17:40:02 -05:00
Nalin Dahyabhai
f8f559ef32 Drop backports for RT#7656 and RT#7657 2013-11-19 17:39:59 -05:00
Nalin Dahyabhai
447ee6c9e6 Update for 1.12's removal of krb5_xfree() 2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
f619caa9c9 Drop OTP backport 2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
7448cea67e Untweak for 1.11.3 2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
00cf6df3e6 Drop backport for RT#7590 and partial for RT#7680 2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
19bc209a19 Drop backport for RT#7709 2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
13b2f96a29 Drop backports for RT#7682 2013-11-19 17:38:46 -05:00
Nalin Dahyabhai
0b296b8b04 Drop obsolete patches to skip GSSRPC-over-UDP test
- drop patches from master to not test GSSRPC-over-UDP and to not
  depend on the portmapper, which are areas where our build systems
  often give us trouble, too; obsolete
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
25fe69d885 Drop backport for RT#7643 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
a2e5f1f872 Drop backport for RT#7642 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
9e1d45535e Drop backport for RT#7172 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
bd8c46afd2 Drop backport for RT#7598 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
286168174b Drop patch to teach config.* about aarch64-linux 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
11656c4fe0 Drop obsolete patch fixing a test use-before-init 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
9c8c2d53ba Update for 1.12 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
d2ea586766 Update for 1.12 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
f618776e18 Update for 1.12 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
d175d043f1 Update for 1.12 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
daca172770 Update patch for 1.12 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
15dceb5da6 Drop backport for RT#7689 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
b1f558a0f5 Drop backported patch 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
8a39d5ff72 Start rebasing to 1.12 alpha1 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
a77ee55771 Pull in keyring expiration from RT#7769
- pull in fix to set expiration times on keyrings used for storing keyring
  credential caches (RT#7769, #1031724)
2013-11-18 18:02:20 -05:00
Nalin Dahyabhai
81715b1776 Pull in keyring offset storage from RT#7768
- pull in fix to store KDC time offsets in keyring credential caches
  (RT#7768, #1030607)
2013-11-18 17:14:07 -05:00
Nalin Dahyabhai
dee7ae00a4 Note where CVE-2013-6800 was fixed
CVE-2013-6800 appears to be fixed by the same patch that fixes
CVE-2013-1418, so mention the first in changelog entries that refer to
the second.
2013-11-18 16:24:33 -05:00
Nalin Dahyabhai
cac86c9df2 Bump the release to 1 2013-11-12 16:32:02 -05:00
Nalin Dahyabhai
8f876bbbeb Drop patch for CVE-2013-1418, included in 1.11.4 2013-11-12 16:25:26 -05:00
Nalin Dahyabhai
1f02b0bc49 Drop patch for RT#7706, obsoleted as RT#7723 2013-11-12 16:23:38 -05:00
Nalin Dahyabhai
0c6ad14521 Drop patch for RT#7650, included in 1.11.4 2013-11-12 16:20:49 -05:00
Nalin Dahyabhai
2b359c527a Start updating to 1.11.4 2013-11-12 16:20:31 -05:00
Nalin Dahyabhai
b3399eb8fb Switch to the upstream patch for #1029110
Switch to the simplified version of the patch for #1029110 that ended up
being committed upstream (RT#7764).
2013-11-12 13:20:50 -05:00
Nalin Dahyabhai
11d14a1e7c Fix a typo in a changelog entry 2013-11-11 14:34:29 -05:00
Nalin Dahyabhai
49c8edfa6b Catch more strtol() failures when using KEYRINGs
- check more thorougly for errors when resolving KEYRING ccache names of type
  "persistent", which should only have a numeric UID as the next part of the
  name (#1029110)
2013-11-11 14:11:29 -05:00
Nalin Dahyabhai
bfdc4351bf Point to the RT for the patch for the right branch 2013-11-05 13:43:32 -05:00
Nalin Dahyabhai
a244d8f93c Incorporate patch for RT#7755 (CVE-2013-1418)
- incorporate upstream patch for remote crash of KDCs which serve multiple
  realms simultaneously (RT#7755, CVE-2013-1418)
2013-11-04 16:11:59 -05:00
Nalin Dahyabhai
a00c810e4e Drop call-access()-more patch for ksu
- drop patch to add additional access() checks to ksu - they add to breakage
  when non-FILE: caches are in use (#1026099), shouldn't be resulting in any
  benefit, and clash with proposed changes to fix its cache handling
2013-11-04 10:26:41 -05:00
Nalin Dahyabhai
433fcb1772 Expand on comments in the daemon wrapper scripts
- add some minimal description to the top of the wrapper scripts we use
  when starting krb5kdc and kadmind to describe why they exist (tooling)
2013-10-22 17:48:49 -04:00
Nalin Dahyabhai
31e8e33c43 Create and own /etc/gss (#1019937) 2013-10-16 18:12:24 -04:00
Nalin Dahyabhai
16e749771f Pull up fix for reimporting ccaches in gssapi
- pull up fix for importing previously-exported credential caches in the
  gssapi library (RT# 7706, #1019420)
2013-10-15 14:40:24 -04:00
Nalin Dahyabhai
84fe7d69da Finish fixing the don't-call-NULL-prompters bug
- extract the rest of the fix #965721/#1016690 from the changes for RT#7680
2013-10-14 14:07:56 -04:00
Nalin Dahyabhai
822059250e Use the prompter callback for PEM files
- backport the callback to use the libkrb5 prompter when we can't load
  PEM files for PKINIT (RT#7590, includes part of #965721/#1016690)
2013-10-14 14:07:19 -04:00