Nalin Dahyabhai
259e2512e5
- fix a syntax error
2009-06-04 20:45:45 +00:00
Nalin Dahyabhai
379f28cb47
- also treat "nsAccountLock: TRUE" in directory entries as an indication of
...
an account having been disabled
2009-06-04 19:38:46 +00:00
Nalin Dahyabhai
55c161be92
- patch to label most files at create-time
2009-06-04 19:37:06 +00:00
Nalin Dahyabhai
8a5745ff76
- update of the PAM support patch
2009-06-04 19:35:17 +00:00
Nalin Dahyabhai
7520433037
- avoid double-logging in the servers by avoiding processing of the same
...
configuration file twice
2009-06-04 19:32:36 +00:00
Nalin Dahyabhai
f4932dde69
- suppress our indirect dependencies from the output of --libs, unless the
...
user also passed in the --deps flag
2009-06-04 19:30:50 +00:00
Nalin Dahyabhai
94d3c5951e
- try to be more resilient to comparisons of malformed principal structures
2009-06-04 19:29:44 +00:00
Nalin Dahyabhai
8c991219ab
- when we're not doing a recursive transfer, treat subdirectories as a
...
problem
2009-06-04 19:27:50 +00:00
Nalin Dahyabhai
6879d98ef2
- try to avoid locking up in rsh due to client and server blocking on
...
writes at the same time
2009-06-04 19:26:29 +00:00
Nalin Dahyabhai
0b6e153ff8
- use an in-memory ccache instead of an on-disk temporary to avoid
...
compile-time warnings about using mktemp()
2009-06-04 19:16:47 +00:00
Nalin Dahyabhai
dd70d4f4ef
- send the length of the file by printf()ing a long long instead of a long,
...
so that we don't break on large files on 32-bit machines
2009-06-04 19:15:24 +00:00
Nalin Dahyabhai
d067ec29b6
- link binaries to produce position-independent executables, and strip the
...
flags used to do so, and library path flags, from the output of
krb5-config
- install shared libraries with the execute bit set
- we used to override RPATH here, but configure takes --disable-rpath now
2009-06-04 19:09:04 +00:00
Nalin Dahyabhai
bc603de2a8
- forward-port long-present out-of-tree patch to support "ANY" keytab type,
...
which takes as its residual a comma-separated list of keytab names and
will search them all in turn when looking for a specific key
2009-06-04 19:05:20 +00:00
Nalin Dahyabhai
3c1272ff63
- add an auth stack to ksu's PAM configuration so that pam_setcred() calls
...
won't just fail
2009-05-19 23:21:48 +00:00
Nalin Dahyabhai
06c77ea1cd
- make PAM support for ksu also set PAM_RUSER
2009-05-11 18:19:08 +00:00
Nalin Dahyabhai
df43b1e2b6
yeah, actually bump the release number
2009-04-23 22:51:25 +00:00
Nalin Dahyabhai
5ebd815122
- extend PAM support to ksu: perform account and session management for the
...
target user
- pull up and merge James Leddy's changes to also set PAM_RHOST in
PAM-aware network-facing services
2009-04-23 22:43:26 +00:00
Nalin Dahyabhai
d3b2b69619
- fix a typo in a ksu error message (Marek Mahut)
2009-04-21 18:46:52 +00:00
Nalin Dahyabhai
27c8414969
- okay, finally remove this
2009-04-21 18:46:37 +00:00
Nalin Dahyabhai
8614c0dcd0
- "rev" works the way the test suite expects now, so don't disable tests
...
that use it
2009-04-21 18:46:16 +00:00
Nalin Dahyabhai
f0389e0488
note why we don't just run make check here
2009-04-20 21:15:12 +00:00
Nalin Dahyabhai
41d635cc23
- add empty Default-Start: statements to the init scripts
2009-04-20 20:33:32 +00:00
Nalin Dahyabhai
724545eab6
- add LSB-style informational headers to the init scripts
2009-04-20 20:32:02 +00:00
Nalin Dahyabhai
980855a07a
- explicitly run the pdf generation script using sh (part of #225974 )
2009-04-17 13:29:41 +00:00
Nalin Dahyabhai
f51ed46fff
- remove obsolete patch for CVE-2009-0845
...
- add patches for read overflow and null pointer dereference in the
implementation of the SPNEGO mechanism (CVE-2009-0844, CVE-2009-0845)
- add patch for attempt to free uninitialized pointer in libkrb5
(CVE-2009-0846)
- add patch to fix length validation bug in libkrb5 (CVE-2009-0847)
2009-04-07 18:16:28 +00:00
Nalin Dahyabhai
ebb2e9030e
- add patch to fix length validation bug in libkrb5 (CVE-2009-0847)
2009-04-07 18:15:43 +00:00
Nalin Dahyabhai
0d81cc8c03
- add patch for attempt to free uninitialized pointer in libkrb5
...
(CVE-2009-0846)
2009-04-07 18:15:12 +00:00
Nalin Dahyabhai
b28fb4b7da
- add patches for read overflow and null pointer dereference in the
...
implementation of the SPNEGO mechanism (CVE-2009-0844, CVE-2009-0845)
2009-04-07 18:14:43 +00:00
Nalin Dahyabhai
d43a03520f
- make the kpropd init script treat reload as restart (part of #225974 )
2009-04-06 20:33:44 +00:00
Nalin Dahyabhai
45bffcbf45
- take the execute bit off of the protocol docs (part of #225974 )
...
- unflag init scripts as configuration files (part of #225974 )
2009-04-06 18:22:58 +00:00
Nalin Dahyabhai
303d2c20d2
- fixup summary texts (part of #225974 )
2009-04-06 18:00:53 +00:00
Nalin Dahyabhai
fa314d1962
- escape possible macros in the changelog (part of #225974 )
2009-04-06 17:52:21 +00:00
Nalin Dahyabhai
5ee95cc082
- clean up buildprereq/prereqs, explicit mktemp requires, and add the
...
ldconfig for the -server-ldap subpackage (part of #225974 )
2009-04-06 17:45:29 +00:00
Nalin Dahyabhai
98a3610002
- make splitting up of the workstation bits unconditional
2009-04-06 16:46:35 +00:00
Nalin Dahyabhai
1644a79505
- move the libraries to /%{_lib}, but leave --libdir alone so that plugins
...
get installed and are searched for in the same locations (#473333 )
2009-04-06 16:22:45 +00:00
Nalin Dahyabhai
e61be4fa97
- turn off krb4 support (it won't be part of the 1.7 release, but do it
...
now)
- use triggeruns to properly shut down and disable krb524d when -server and
-workstation-servers gets upgraded, because it's gone now
2009-04-06 15:56:45 +00:00
Nalin Dahyabhai
434cefd85a
- libgssapi_krb5: backport fix for some errors which can occur when we fail
...
to set up the server half of a context (CVE-2009-0845)
2009-03-17 22:26:27 +00:00
Jesse Keating
78b02cd911
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
2009-02-25 11:58:27 +00:00
Nalin Dahyabhai
ab1cdb5d37
- add a patch to catch out-of-space errors rcp'ing files to NFS
...
destinations
2009-02-19 23:11:41 +00:00
Nalin Dahyabhai
2ef50f0d66
- flesh out the note to include why the patch isn't going anywhere
2009-02-19 22:35:32 +00:00
Nalin Dahyabhai
4e24fa3147
- add a hunk so that the db2 test will compile correctly
2009-02-19 22:34:47 +00:00
Nalin Dahyabhai
9d9088d1cc
- note the RT number for the upstream discussion
2009-02-19 22:32:32 +00:00
Nalin Dahyabhai
4c798e4ee7
aargh, what year is it?
2009-01-16 16:19:02 +00:00
Nalin Dahyabhai
2bf7daea40
rebuild
2009-01-16 16:17:56 +00:00
Nalin Dahyabhai
6df4ee1a7a
- krb5_fcc_generate_new(): unlock the fcc list lock before returning in the
...
non-mkstemp() case, don't unlock the lock twice before returning if we
happen to run out of memory (fixed in trunk by rewriting the function)
2008-10-28 21:36:18 +00:00
Nalin Dahyabhai
0d57fe8b86
- telnet can suspend itself if the calling shell supports job control, and
...
around here that's not unique to csh (#433947 ) Of course, if it turns
out that we do have a shell that doesn't support job control, we get to
change this to enumerate the ones that do. Which is sure to be all
kinds of fun.
2008-10-28 21:35:45 +00:00
Nalin Dahyabhai
b1efb9b86d
- if we successfully change the user's password during an attempt to get
...
initial credentials, but then fail to get initial creds from a
non-master using the new password, retry against the master (#432334 )
2008-09-04 15:13:51 +00:00
Tom Callaway
bb9aa2106c
fix license tag
2008-08-05 17:46:07 +00:00
Nalin Dahyabhai
2352d208e3
- define ASN1BUF_OMIT_INLINE_FUNCS at compile-time (for now) to keep
...
building
2008-07-16 21:54:24 +00:00
Nalin Dahyabhai
b5dfa8576a
quote %%{__cc} where needed because it includes whitespace now
2008-07-16 18:40:35 +00:00