Nalin Dahyabhai
45d93c6d1c
Enable pyrad-based tests
...
- update a test wrapper to properly handle things that the new libkrad does,
and add python-pyrad as a build requirement so that we can run its tests
2013-12-19 11:17:28 -05:00
Nalin Dahyabhai
9f2cb9776b
For completeness, also initialize an unused field
2013-12-18 18:01:30 -05:00
Nalin Dahyabhai
82c5b9f9b2
Backport fixes for krb5_copy_context
...
- backport fixes to krb5_copy_context (RT#7807, #1044735/#1044739)
2013-12-18 17:38:54 -05:00
Nalin Dahyabhai
2550a37b4f
Pull in a fix for a mem leak from master (RT#7805)
...
- pull in fix from master to avoid a memory leak in a couple of error
cases which could occur while obtaining acceptor credentials (RT#7805, part
of #1043962 )
2013-12-18 14:33:23 -05:00
Nalin Dahyabhai
460d74d224
Pull in a fix for a mem leak from master (RT#7803)
...
- pull in fix from master to avoid a memory leak when a mechanism's
init_sec_context function fails (RT#7803, part of #1043962 )
2013-12-18 14:23:21 -05:00
Nalin Dahyabhai
39888b7c42
Pick up another interop fix from master (RT#7797)
...
- pull in fix from master to ignore an empty token from an acceptor if
we've already finished authenticating (RT#7797, part of #1043962 )
2013-12-18 14:22:24 -05:00
Nalin Dahyabhai
735b73ebbb
Pick up an interop fix from master (RT#7794)
...
- pull in fix from master to return a NULL pointer rather than allocating
zero bytes of memory if we read a zero-length input token (RT#7794, part of
#1043962 )
2013-12-18 14:20:57 -05:00
Nalin Dahyabhai
3a1e355f38
Update to 1.12 final
2013-12-11 10:52:40 -05:00
Nalin Dahyabhai
93ae18a6c5
Whoops, grab the beta 2 PDFs
2013-12-02 11:58:32 -05:00
Nalin Dahyabhai
f002059e62
Update to 1.12 beta2
...
- drop obsolete backports for storing KDC time offsets and expiration times
in keyring credential caches
2013-12-02 11:47:40 -05:00
Nalin Dahyabhai
88c0c528bd
Update to 1.12 beta
2013-11-19 18:08:43 -05:00
Nalin Dahyabhai
3c08a1616e
BuildRequire: pkgconfig and package pkgconfig data
2013-11-19 17:40:02 -05:00
Nalin Dahyabhai
f8f559ef32
Drop backports for RT#7656 and RT#7657
2013-11-19 17:39:59 -05:00
Nalin Dahyabhai
447ee6c9e6
Update for 1.12's removal of krb5_xfree()
2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
f619caa9c9
Drop OTP backport
2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
7448cea67e
Untweak for 1.11.3
2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
00cf6df3e6
Drop backport for RT#7590 and partial for RT#7680
2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
19bc209a19
Drop backport for RT#7709
2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
13b2f96a29
Drop backports for RT#7682
2013-11-19 17:38:46 -05:00
Nalin Dahyabhai
0b296b8b04
Drop obsolete patches to skip GSSRPC-over-UDP test
...
- drop patches from master to not test GSSRPC-over-UDP and to not
depend on the portmapper, which are areas where our build systems
often give us trouble, too; obsolete
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
25fe69d885
Drop backport for RT#7643
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
a2e5f1f872
Drop backport for RT#7642
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
9e1d45535e
Drop backport for RT#7172
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
bd8c46afd2
Drop backport for RT#7598
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
286168174b
Drop patch to teach config.* about aarch64-linux
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
11656c4fe0
Drop obsolete patch fixing a test use-before-init
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
9c8c2d53ba
Update for 1.12
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
d2ea586766
Update for 1.12
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
f618776e18
Update for 1.12
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
d175d043f1
Update for 1.12
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
daca172770
Update patch for 1.12
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
15dceb5da6
Drop backport for RT#7689
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
b1f558a0f5
Drop backported patch
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
8a39d5ff72
Start rebasing to 1.12 alpha1
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
a77ee55771
Pull in keyring expiration from RT#7769
...
- pull in fix to set expiration times on keyrings used for storing keyring
credential caches (RT#7769, #1031724 )
2013-11-18 18:02:20 -05:00
Nalin Dahyabhai
81715b1776
Pull in keyring offset storage from RT#7768
...
- pull in fix to store KDC time offsets in keyring credential caches
(RT#7768, #1030607 )
2013-11-18 17:14:07 -05:00
Nalin Dahyabhai
dee7ae00a4
Note where CVE-2013-6800 was fixed
...
CVE-2013-6800 appears to be fixed by the same patch that fixes
CVE-2013-1418, so mention the first in changelog entries that refer to
the second.
2013-11-18 16:24:33 -05:00
Nalin Dahyabhai
cac86c9df2
Bump the release to 1
2013-11-12 16:32:02 -05:00
Nalin Dahyabhai
8f876bbbeb
Drop patch for CVE-2013-1418, included in 1.11.4
2013-11-12 16:25:26 -05:00
Nalin Dahyabhai
1f02b0bc49
Drop patch for RT#7706, obsoleted as RT#7723
2013-11-12 16:23:38 -05:00
Nalin Dahyabhai
0c6ad14521
Drop patch for RT#7650, included in 1.11.4
2013-11-12 16:20:49 -05:00
Nalin Dahyabhai
2b359c527a
Start updating to 1.11.4
2013-11-12 16:20:31 -05:00
Nalin Dahyabhai
b3399eb8fb
Switch to the upstream patch for #1029110
...
Switch to the simplified version of the patch for #1029110 that ended up
being committed upstream (RT#7764).
2013-11-12 13:20:50 -05:00
Nalin Dahyabhai
11d14a1e7c
Fix a typo in a changelog entry
2013-11-11 14:34:29 -05:00
Nalin Dahyabhai
49c8edfa6b
Catch more strtol() failures when using KEYRINGs
...
- check more thorougly for errors when resolving KEYRING ccache names of type
"persistent", which should only have a numeric UID as the next part of the
name (#1029110 )
2013-11-11 14:11:29 -05:00
Nalin Dahyabhai
bfdc4351bf
Point to the RT for the patch for the right branch
2013-11-05 13:43:32 -05:00
Nalin Dahyabhai
a244d8f93c
Incorporate patch for RT#7755 (CVE-2013-1418)
...
- incorporate upstream patch for remote crash of KDCs which serve multiple
realms simultaneously (RT#7755, CVE-2013-1418)
2013-11-04 16:11:59 -05:00
Nalin Dahyabhai
a00c810e4e
Drop call-access()-more patch for ksu
...
- drop patch to add additional access() checks to ksu - they add to breakage
when non-FILE: caches are in use (#1026099 ), shouldn't be resulting in any
benefit, and clash with proposed changes to fix its cache handling
2013-11-04 10:26:41 -05:00
Nalin Dahyabhai
433fcb1772
Expand on comments in the daemon wrapper scripts
...
- add some minimal description to the top of the wrapper scripts we use
when starting krb5kdc and kadmind to describe why they exist (tooling)
2013-10-22 17:48:49 -04:00
Nalin Dahyabhai
31e8e33c43
Create and own /etc/gss ( #1019937 )
2013-10-16 18:12:24 -04:00