rpms/krb5 - krb5 - AlmaLinux OS Foundation Git Server

rpms/krb5

Author	SHA1	Message	Date
Nalin Dahyabhai	0bd95b4771	drop patch for RT#7858, fixed in 1.12.2	2014-08-15 14:50:08 -04:00
Nalin Dahyabhai	d41320b7c1	drop patch for RT#7836, fixed in 1.12.2	2014-08-15 14:37:24 -04:00
Nalin Dahyabhai	1d44a8f927	drop patch for RT#7818, fixed in 1.12.2	2014-08-15 14:35:45 -04:00
Nalin Dahyabhai	f543a683b0	Drop patch for #231147 , fixed in 1.12.2	2014-08-15 14:13:21 -04:00
Nalin Dahyabhai	e5a4698cf5	drop patch for RT#7820, merged in 1.12.2	2014-08-15 14:02:13 -04:00
Nalin Dahyabhai	c042f71c80	Update collection cache patch set for ksu - replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347)	2014-08-15 14:00:14 -04:00
Nalin Dahyabhai	b324000e34	fix MITKRB5-SA-2014-001 (CVE-2014-4345) - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345)	2014-08-07 19:25:49 -04:00
Nalin Dahyabhai	38595f5338	Add patch for CVE-2014-4344 - gssapi: pull in upstream fix for a possible NULL dereference in spnego (CVE-2014-4344)	2014-07-21 17:51:10 -04:00
Nalin Dahyabhai	24f7f1a446	Update to upstream patch Update to the as-committed version of this patch, which affects the comments it includes.	2014-07-21 17:19:42 -04:00
Nalin Dahyabhai	9594be4f3a	Add proposed fix for a double-free in gss clients - gssapi: pull in proposed fix for a double free in initiators (David Woodhouse, #1117963)	2014-07-16 15:14:38 -04:00
Tom Callaway	79897b3c5d	fix license handling	2014-07-12 18:45:11 -04:00
Nalin Dahyabhai	e2bc024559	Pull in fix for CVE-2014-4341/CVE-2014-4342 - pull in fix for denial of service by injection of malformed GSSAPI tokens (CVE-2014-4341, CVE-2014-4342, #1116181)	2014-07-07 17:56:12 -04:00
Nalin Dahyabhai	40e2189ede	Backport support for scanning /etc/gss/mech.d/.conf - pull in changes from upstream which add processing of the contents of /etc/gss/mech.d/.conf when loading GSS modules (#1102839)	2014-06-24 16:47:17 -04:00
Nalin Dahyabhai	47d56d9162	Fix FTBFS #1107061 using a patch from upstream - pull in fix for building against tcl 8.6 (#1107061)	2014-06-12 16:23:15 -04:00
Nalin Dahyabhai	790a56ba59	Add a buildrequires: on texlive-pdftex We were having trouble building the PDFs due to a missing pdfcolor.tex after the latest update to python-sphinx, but an even newer texlive-pdftex provides that, so add it as a BuildRequires:	2014-06-12 12:04:06 -04:00
Dennis Gilmore	dd2e1e4398	- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild	2014-06-07 22:22:03 -05:00
Nathaniel McCallum	44d0e80df0	Backport fix for change password requests when using FAST (RT#7868)	2014-03-04 11:22:42 -05:00
Nalin Dahyabhai	2550f0f56b	Backport fix for RT#7858 - spnego: pull in patch from master to restore preserving the OID of the mechanism the initiator requested when we have multiple OIDs for the same mechanism, so that we reply using the same mechanism OID and the initiator doesn't get confused (#1066000, RT#7858)	2014-02-17 21:06:07 -05:00
Nalin Dahyabhai	c0d64aa79f	Note that "runstatedir" changes are also #1040056	2014-02-10 14:17:15 -05:00
Nalin Dahyabhai	bdb8c58c53	Move the default directory for OTP sockets to /var/run/krb5kdc - pull in patch from master to move the default directory which the KDC uses when computing the socket path for a local OTP daemon from the database directory (/var/kerberos/krb5kdc) to the newly-added run directory (/run/krb5kdc), in line with what we're expecting in 1.13 (RT#7859) - add a tmpfiles.d configuration file to have /run/krb5kdc created at boot-time - own /var/run/krb5kdc	2014-02-07 16:13:29 -05:00
Nalin Dahyabhai	419c14d6ac	Pull from the right wrapper branches ... and add our local patch to fix the bind-then-connect case.	2014-02-04 15:31:21 -05:00
Nalin Dahyabhai	956ccfdfb4	refresh nss_wrapper, add socket_wrapper	2014-01-31 16:56:05 -05:00
Nalin Dahyabhai	5c7bab5883	Take x bit off of an html doc file, fix whitespace	2014-01-31 16:55:11 -05:00
Nalin Dahyabhai	9b18d26ce3	Add proposed ksu KEYRING+default_ccache_name patch - add currently-proposed changes to teach ksu about credential cache collections and the default_ccache_name setting (#1015559,#1026099)	2014-01-31 16:55:05 -05:00
Nalin Dahyabhai	2eb0567065	Backport changes to allow "rcache" credstores - pull in multiple changes to allow replay caches to be added to a GSS credential store as "rcache"-type credentials (RT#7818/#7819/#7836, #1056078/#1056080)	2014-01-21 18:52:57 -05:00
Nalin Dahyabhai	792d78fa47	Backport fixes for timesync with keyring caches add patch to always retrieve the KDC time offsets from keyring caches, so that we don't mistakenly interpret creds as expired before their time when our clock is ahead of the KDC's (RT#7820, #1030607)	2014-01-17 10:58:19 -05:00
Nalin Dahyabhai	4dec248a05	Drop obsolete patches	2014-01-17 10:55:16 -05:00
Nalin Dahyabhai	8ae5258eb3	Drop obsolete patch	2014-01-17 10:48:08 -05:00
Nalin Dahyabhai	29afef6c24	Drop obsolete patch	2014-01-17 10:47:01 -05:00
Nalin Dahyabhai	007e77a2b3	Drop obsolete patch	2014-01-17 10:17:19 -05:00
Nalin Dahyabhai	6a8573e3af	Drop obsolete patch	2014-01-17 10:08:58 -05:00
Nalin Dahyabhai	0b6ebaab00	Drop obsolete patch	2014-01-17 09:59:39 -05:00
Nalin Dahyabhai	6265fcabf5	Drop obsolete patch	2014-01-17 09:58:40 -05:00
Nalin Dahyabhai	aef7c262b1	Update the textrel patch for x86 - update the PIC patch for iaesx86.s to not use ELF relocations (RT#7815, #1045699) to the version that landed upstream	2014-01-13 11:41:47 -05:00
Nalin Dahyabhai	8fe7e82068	Note why we started saving ebx	2014-01-09 13:20:22 -05:00
Nalin Dahyabhai	6e03c5ada1	Link shared libs using -Wl,--warn-shared-textrel - pass -Wl,--warn-shared-textrel to the compiler when we're creating shared libraries	2014-01-09 13:13:30 -05:00
Nalin Dahyabhai	5de1fa728f	bump release for a new build	2014-01-09 11:03:45 -05:00
Nalin Dahyabhai	8a1df153c6	Save/restore ebx in functions where we modify it - amend the PIC patch for iaesx86.s to also save/restore ebx in the functions where we modify it	2014-01-09 11:02:26 -05:00
Nalin Dahyabhai	75edc7c7ca	Try to remove execmod from 32-bit AES-NI k5crypto - make a guess at making the 32-bit AES-NI implementation sufficiently position-independent to not require execmod permissions for libk5crypto (more of #1045699)	2014-01-06 18:53:03 -05:00
Nalin Dahyabhai	05c4140d32	Switch to as-committed version - grab a more-commented version of the most recent patch from upstream master	2014-01-06 15:58:20 -05:00
Nalin Dahyabhai	480b9efaa3	Add Dhiru Kholia's patch to restore noexecstack - add patch from Dhiru Kholia for the AES-NI implementations to allow libk5crypto to be properly marked as not needing an executable stack on arches where they're used (#1045699, and so many others)	2014-01-02 23:46:42 -05:00
Nalin Dahyabhai	13df2d5386	Remove the BuildRequires: on yasm for now Go back to not using AES-NI, until we sort out execstack (#1045699).	2014-01-02 17:08:52 -05:00
Nalin Dahyabhai	911b9e932d	Add the buildrequires: for AES-NI support - add yasm as a build requirement for AES-NI support, on arches that have yasm and AES-NI	2013-12-19 13:07:54 -05:00
Nalin Dahyabhai	e1cb527238	Pull in fix to improve SPNEGO error messages - pull in fix from master to make reporting of errors encountered by the SPNEGO mechanism work better (RT#7045, part of #1043962)	2013-12-19 11:52:30 -05:00
Nalin Dahyabhai	45d93c6d1c	Enable pyrad-based tests - update a test wrapper to properly handle things that the new libkrad does, and add python-pyrad as a build requirement so that we can run its tests	2013-12-19 11:17:28 -05:00
Nalin Dahyabhai	9f2cb9776b	For completeness, also initialize an unused field	2013-12-18 18:01:30 -05:00
Nalin Dahyabhai	82c5b9f9b2	Backport fixes for krb5_copy_context - backport fixes to krb5_copy_context (RT#7807, #1044735/#1044739)	2013-12-18 17:38:54 -05:00
Nalin Dahyabhai	2550a37b4f	Pull in a fix for a mem leak from master (RT#7805) - pull in fix from master to avoid a memory leak in a couple of error cases which could occur while obtaining acceptor credentials (RT#7805, part of #1043962)	2013-12-18 14:33:23 -05:00
Nalin Dahyabhai	460d74d224	Pull in a fix for a mem leak from master (RT#7803) - pull in fix from master to avoid a memory leak when a mechanism's init_sec_context function fails (RT#7803, part of #1043962)	2013-12-18 14:23:21 -05:00
Nalin Dahyabhai	39888b7c42	Pick up another interop fix from master (RT#7797) - pull in fix from master to ignore an empty token from an acceptor if we've already finished authenticating (RT#7797, part of #1043962)	2013-12-18 14:22:24 -05:00
Nalin Dahyabhai	735b73ebbb	Pick up an interop fix from master (RT#7794) - pull in fix from master to return a NULL pointer rather than allocating zero bytes of memory if we read a zero-length input token (RT#7794, part of #1043962)	2013-12-18 14:20:57 -05:00
Nalin Dahyabhai	3a1e355f38	Update to 1.12 final	2013-12-11 10:52:40 -05:00
Nalin Dahyabhai	93ae18a6c5	Whoops, grab the beta 2 PDFs	2013-12-02 11:58:32 -05:00
Nalin Dahyabhai	f002059e62	Update to 1.12 beta2 - drop obsolete backports for storing KDC time offsets and expiration times in keyring credential caches	2013-12-02 11:47:40 -05:00
Nalin Dahyabhai	88c0c528bd	Update to 1.12 beta	2013-11-19 18:08:43 -05:00
Nalin Dahyabhai	3c08a1616e	BuildRequire: pkgconfig and package pkgconfig data	2013-11-19 17:40:02 -05:00
Nalin Dahyabhai	f8f559ef32	Drop backports for RT#7656 and RT#7657	2013-11-19 17:39:59 -05:00
Nalin Dahyabhai	447ee6c9e6	Update for 1.12's removal of krb5_xfree()	2013-11-19 17:38:54 -05:00
Nalin Dahyabhai	f619caa9c9	Drop OTP backport	2013-11-19 17:38:54 -05:00
Nalin Dahyabhai	7448cea67e	Untweak for 1.11.3	2013-11-19 17:38:54 -05:00
Nalin Dahyabhai	00cf6df3e6	Drop backport for RT#7590 and partial for RT#7680	2013-11-19 17:38:54 -05:00
Nalin Dahyabhai	19bc209a19	Drop backport for RT#7709	2013-11-19 17:38:54 -05:00
Nalin Dahyabhai	13b2f96a29	Drop backports for RT#7682	2013-11-19 17:38:46 -05:00
Nalin Dahyabhai	0b296b8b04	Drop obsolete patches to skip GSSRPC-over-UDP test - drop patches from master to not test GSSRPC-over-UDP and to not depend on the portmapper, which are areas where our build systems often give us trouble, too; obsolete	2013-11-19 17:32:19 -05:00
Nalin Dahyabhai	25fe69d885	Drop backport for RT#7643	2013-11-19 17:32:19 -05:00
Nalin Dahyabhai	a2e5f1f872	Drop backport for RT#7642	2013-11-19 17:32:19 -05:00
Nalin Dahyabhai	9e1d45535e	Drop backport for RT#7172	2013-11-19 17:32:19 -05:00
Nalin Dahyabhai	bd8c46afd2	Drop backport for RT#7598	2013-11-19 17:32:19 -05:00
Nalin Dahyabhai	286168174b	Drop patch to teach config.* about aarch64-linux	2013-11-19 17:32:19 -05:00
Nalin Dahyabhai	11656c4fe0	Drop obsolete patch fixing a test use-before-init	2013-11-19 17:32:19 -05:00
Nalin Dahyabhai	9c8c2d53ba	Update for 1.12	2013-11-19 17:32:19 -05:00
Nalin Dahyabhai	d2ea586766	Update for 1.12	2013-11-19 17:32:19 -05:00
Nalin Dahyabhai	f618776e18	Update for 1.12	2013-11-19 17:32:18 -05:00
Nalin Dahyabhai	d175d043f1	Update for 1.12	2013-11-19 17:32:18 -05:00
Nalin Dahyabhai	daca172770	Update patch for 1.12	2013-11-19 17:32:18 -05:00
Nalin Dahyabhai	15dceb5da6	Drop backport for RT#7689	2013-11-19 17:32:18 -05:00
Nalin Dahyabhai	b1f558a0f5	Drop backported patch	2013-11-19 17:32:18 -05:00
Nalin Dahyabhai	8a39d5ff72	Start rebasing to 1.12 alpha1	2013-11-19 17:32:18 -05:00
Nalin Dahyabhai	a77ee55771	Pull in keyring expiration from RT#7769 - pull in fix to set expiration times on keyrings used for storing keyring credential caches (RT#7769, #1031724)	2013-11-18 18:02:20 -05:00
Nalin Dahyabhai	81715b1776	Pull in keyring offset storage from RT#7768 - pull in fix to store KDC time offsets in keyring credential caches (RT#7768, #1030607)	2013-11-18 17:14:07 -05:00
Nalin Dahyabhai	dee7ae00a4	Note where CVE-2013-6800 was fixed CVE-2013-6800 appears to be fixed by the same patch that fixes CVE-2013-1418, so mention the first in changelog entries that refer to the second.	2013-11-18 16:24:33 -05:00
Nalin Dahyabhai	cac86c9df2	Bump the release to 1	2013-11-12 16:32:02 -05:00
Nalin Dahyabhai	8f876bbbeb	Drop patch for CVE-2013-1418, included in 1.11.4	2013-11-12 16:25:26 -05:00
Nalin Dahyabhai	1f02b0bc49	Drop patch for RT#7706, obsoleted as RT#7723	2013-11-12 16:23:38 -05:00
Nalin Dahyabhai	0c6ad14521	Drop patch for RT#7650, included in 1.11.4	2013-11-12 16:20:49 -05:00
Nalin Dahyabhai	2b359c527a	Start updating to 1.11.4	2013-11-12 16:20:31 -05:00
Nalin Dahyabhai	b3399eb8fb	Switch to the upstream patch for #1029110 Switch to the simplified version of the patch for #1029110 that ended up being committed upstream (RT#7764).	2013-11-12 13:20:50 -05:00
Nalin Dahyabhai	11d14a1e7c	Fix a typo in a changelog entry	2013-11-11 14:34:29 -05:00
Nalin Dahyabhai	49c8edfa6b	Catch more strtol() failures when using KEYRINGs - check more thorougly for errors when resolving KEYRING ccache names of type "persistent", which should only have a numeric UID as the next part of the name (#1029110)	2013-11-11 14:11:29 -05:00
Nalin Dahyabhai	bfdc4351bf	Point to the RT for the patch for the right branch	2013-11-05 13:43:32 -05:00
Nalin Dahyabhai	a244d8f93c	Incorporate patch for RT#7755 (CVE-2013-1418) - incorporate upstream patch for remote crash of KDCs which serve multiple realms simultaneously (RT#7755, CVE-2013-1418)	2013-11-04 16:11:59 -05:00
Nalin Dahyabhai	a00c810e4e	Drop call-access()-more patch for ksu - drop patch to add additional access() checks to ksu - they add to breakage when non-FILE: caches are in use (#1026099), shouldn't be resulting in any benefit, and clash with proposed changes to fix its cache handling	2013-11-04 10:26:41 -05:00
Nalin Dahyabhai	433fcb1772	Expand on comments in the daemon wrapper scripts - add some minimal description to the top of the wrapper scripts we use when starting krb5kdc and kadmind to describe why they exist (tooling)	2013-10-22 17:48:49 -04:00
Nalin Dahyabhai	31e8e33c43	Create and own /etc/gss (#1019937 )	2013-10-16 18:12:24 -04:00
Nalin Dahyabhai	16e749771f	Pull up fix for reimporting ccaches in gssapi - pull up fix for importing previously-exported credential caches in the gssapi library (RT# 7706, #1019420)	2013-10-15 14:40:24 -04:00
Nalin Dahyabhai	84fe7d69da	Finish fixing the don't-call-NULL-prompters bug - extract the rest of the fix #965721/#1016690 from the changes for RT#7680	2013-10-14 14:07:56 -04:00
Nalin Dahyabhai	822059250e	Use the prompter callback for PEM files - backport the callback to use the libkrb5 prompter when we can't load PEM files for PKINIT (RT#7590, includes part of #965721/#1016690)	2013-10-14 14:07:19 -04:00
Nalin Dahyabhai	37f8b28f7d	fix trigger's invocation of sed (#1016945 ) - fix trigger scriptlet's invocation of sed (#1016945)	2013-10-14 12:42:56 -04:00
Nalin Dahyabhai	52b6b401df	- rebuild with keyutils 1.5.8 (part of #1012043 ) Rebuild against a keyutils which tags the new symbols we're using with a newer symbol version, so that RPM can tell the difference between versions of the package which contain a shared library that doesn't include them and versions of the package which contain a shared library which does.	2013-10-04 09:47:38 -04:00
Nalin Dahyabhai	494e7adbb0	Updated persistent-keyring changes, set as default - switch to the version of persistent-keyring that was just merged to master (RT#7711), along with related changes to kinit (RT#7689) - go back to setting default_ccache_name to a KEYRING type	2013-10-02 14:46:20 -04:00
Nalin Dahyabhai	682dc07d28	pull up fix to call kdb check-transited-path first - pull up fix for not calling a kdb plugin's check-transited-path method before calling the library's default version, which only knows how to read what's in the configuration file (RT#7709, #1013664)	2013-09-30 11:26:50 -04:00
Nalin Dahyabhai	43d2548f26	configure --without-krb5-config - configure --without-krb5-config so that we don't pull in the old default ccache name when we want to stop setting a default ccache name at configure- time	2013-09-26 14:38:01 -04:00
Nalin Dahyabhai	e43f75f274	- fix broken dependency on awk (rdieter) - fix broken dependency on awk (should be gawk, rdieter)	2013-09-25 12:34:03 -04:00
Nalin Dahyabhai	a375099fe1	add missing dependency on newer keyutils-libs - add missing dependency on newer keyutils-libs (#1012034)	2013-09-25 11:26:19 -04:00
Nalin Dahyabhai	3bc9a0ec21	Back to DIR: caches by default, for now - back out setting default_ccache_name to the new default for now, resetting it to the old default while the kernel/keyutils bits get sorted (sgallagh)	2013-09-24 17:10:48 -04:00
Nalin Dahyabhai	ee7be3f07f	buildrequire the newest keyutils - add explicit build-time dependency on a version of keyutils that's new enough to include keyctl_get_persistent() (more of #991148)	2013-09-23 13:32:21 -04:00
Nalin Dahyabhai	df24e0aeda	pull in an updated persistent_keyring.patch - incorporate Simo's updated backport of his updated persistent-keyring changes (more of #991148)	2013-09-19 16:29:52 -04:00
Nalin Dahyabhai	00da3519ec	Don't break during %%check with revoked keyrings If the session keyring is revoked, we'll to walk the ccache collections. Work around that so that we don't have to go and disable more tests.	2013-09-13 18:21:09 -04:00
Nalin Dahyabhai	21b73fcc00	pull the newer F21 defaults back to F20 (sgallagh)	2013-09-13 09:13:37 -04:00
Nalin Dahyabhai	5128324677	Only create /run/user/0 on releases where we use it - only apply the patch to autocreate /run/user/0 when we're hard-wiring the default ccache location to be under it; otherwise it's unnecessary	2013-09-09 13:15:18 -04:00
Nalin Dahyabhai	b81045ccea	Don't pass a "script" to ldconfig - don't let comments intended for one scriptlet become part of the "script" that gets passed to ldconfig as part of another one (Mattias Ellert, #1005675)	2013-09-09 09:43:05 -04:00
Nalin Dahyabhai	4404e63e31	Conditional triggerun to set default_ccache_name - on releases where we expect krb5.conf to be configured with a default_ccache_name, add it whenever we upgrade from an older version of the package that wouldn't have included it in its default configuration file (#991148)	2013-09-06 17:32:20 -04:00
Nalin Dahyabhai	16afa92610	Set the default ccname via config, not at build - restore build-time default DEFCCNAME on Fedora 21 and later and EL, and instead set it in the default krb5.conf's [libdefaults] section (#991148)	2013-09-06 16:05:14 -04:00
Nalin Dahyabhai	b0c672125e	- restore build-time default DEFCCNAME on F21, EL - restore build-time default DEFCCNAME on Fedora 21 and later and EL (#991148)	2013-09-06 14:13:31 -04:00
Nalin Dahyabhai	bf2b6cb4e7	- incorporate backported persistent-keyring (Simo) - incorporate Simo's backport of his persistent-keyring changes (#991148)	2013-09-06 14:12:24 -04:00
Nalin Dahyabhai	e6591a5194	ship an nss_wrappers snapshot, not a git repo - switch to just the snapshot of nss_wrapper we were using, since we no longer need to carry anything that isn't in the cwrap.org repository (ssorce)	2013-08-23 14:21:20 -04:00
Nalin Dahyabhai	c3f5bd1fb8	UnversionedDocdirs, take two - take another stab at accounting for UnversionedDocdirs for the -libs subpackage (spotted by ssorce)	2013-08-23 14:08:59 -04:00
Nalin Dahyabhai	6c46043c16	Do the horrible hostname check _before_ faking it	2013-08-15 01:50:42 -04:00
Nalin Dahyabhai	ee18500d9b	Fix error detection when starting kpropd/kadmind - drop a patch we're not applying - wrap kadmind and kpropd in scripts which check for the presence/absence of files which dictate particular exit codes before exec'ing the actual binaries, instead of trying to use ConditionPathExists in the unit files to accomplish that, so that we exit with failure properly when what we expect isn't actually in effect on the system (#800343)	2013-08-15 00:10:24 -04:00
Nalin Dahyabhai	272aaeef17	Assume 32 when __isa_bits isn't defined	2013-07-29 17:47:21 -04:00
Nalin Dahyabhai	d6a5b8b7d7	fixup for UnversionedDocdirs - attempt to account for UnversionedDocdirs for the -libs subpackage	2013-07-29 17:00:25 -04:00
Nalin Dahyabhai	4c8469c258	tweak configs used by tests - tweak configuration files used during tests to try to reduce the number of conflicts encountered when builds for multiple arches land on the same builder	2013-07-26 18:47:03 -04:00
Nalin Dahyabhai	66d9928651	Backport from RT#7682 - pull up changes to allow GSSAPI modules to provide more functions (RT#7682, #986564/#986565)	2013-07-22 14:23:24 -04:00
Nalin Dahyabhai	36dbacb706	Use LD_PRELOAD to be able to run more self-tests Use nss_wrapper (from cwrap.org) to be able to run more of the self-tests during %%check. Help it along a little bit by being more emphatic about cutting off access to DNS.	2013-07-19 15:52:31 -04:00
Nalin Dahyabhai	909ac318c3	Use %%{?_isa} when hard-coding deps on krb5-libs - specify dependencies on the same arch of krb5-libs by using the %%{?_isa} suffix, to avoid dragging 32-bit libraries onto 64-bit systems (#980155)	2013-07-01 11:48:17 -04:00
Nalin Dahyabhai	d00d276a47	Bring back "Back out the krb5-1.11-run_user_0.patch" This reverts commit `8a5a8d492c`. Special-case /run/user/0, attempting to create it when resolving a directory cache below it fails due to ENOENT and we find that it doesn't already exist, either, before attempting to create the directory cache (maybe helping, maybe just making things more confusing for #961235).	2013-06-13 13:23:54 -04:00
Nalin Dahyabhai	7b66f600ef	update to 1.11.3 - update to 1.11.3 - drop patch for RT#7605, fixed in this release - drop patch for CVE-2002-2443, fixed in this release - drop patch for RT#7369, fixed in this release - pull upstream fix for breaking t_skew.py by adding the patch for #961221	2013-06-04 11:13:25 -04:00
Nalin Dahyabhai	ff0ee94342	Respin with updated version of patch for RT#7650 Respin with updated version of patch for RT#7650, and don't forget to keep track of the bug ID (#969331).	2013-05-31 14:29:57 -04:00
Nalin Dahyabhai	8a5a8d492c	Back out the krb5-1.11-run_user_0.patch It's not a complete fix, and it may only muddy things further on systems that are having the kind of trouble it's trying to avoid, so hold off. For now, at least.	2013-05-30 15:10:35 -04:00
Nalin Dahyabhai	202006a85f	Pull a fix for kinit going on an only-masters path - pull in proposed fix for attempts to get initial creds, which end up following referrals, incorrectly trying to always use master KDCs if they talked to a master at any point (should fix RT#7650)	2013-05-30 12:32:10 -04:00
Nalin Dahyabhai	dc293b3d84	Add a hackish attempt at a workaround for #961235 Add a patch to create /run/user/0 if we're trying to resolve a DIR: ccache somewhere below it and neither the target location nor /run/user/0 exist yet. The better workaround is to set the location's owner to "linger" via logind, since even after we do what we're doing here, if the user logs in and logs back out, our location is still removed.	2013-05-30 12:26:42 -04:00
Nalin Dahyabhai	559c78a30a	Label DIR: ccache directories when we create them - don't forget to set the SELinux label when creating the directory for a DIR: ccache	2013-05-30 09:18:15 -04:00
Nalin Dahyabhai	11a4bca1fa	Turn off some tests that master stopped doing - pull in patches from master to not test GSSRPC-over-UDP and to not depend on the portmapper, which are areas where our build systems often give us trouble, too	2013-05-30 08:53:30 -04:00
Nalin Dahyabhai	bafcf02fa5	Actually bump the release number	2013-05-28 18:18:55 -04:00
Nalin Dahyabhai	e98d94d2bc	Add proposed fix for handling AS client clock skew In addition to basing the contents of an encrypted-timestamp preauth data item on the server's idea of the current time, go ahead and do the same for the times in the request.	2013-05-28 18:18:23 -04:00
Nalin Dahyabhai	827a48f7cc	Fix handling of empty passwords in get-init-creds	2013-05-28 17:21:45 -04:00
Nalin Dahyabhai	2fdc61e398	Fix transited realm checks in GSSAPI servers - backport fix for not being able to verify the list of transited realms in GSS acceptors (RT#7639, #959685)	2013-05-28 17:16:52 -04:00
Nalin Dahyabhai	325dca9ce4	Note the corresponding EL6 bug ID for reference	2013-05-28 17:13:23 -04:00
Nalin Dahyabhai	ee36e9e6b4	fix to make some use of DIR::... KRB5CCNAME values - pull in upstream fix to start treating a KRB5CCNAME value that begins with DIR:: the same as it would a DIR: value with just one ccache file in it (RT#7172, #965574)	2013-05-21 13:51:51 -04:00
Nalin Dahyabhai	fbd06d348b	pull up fix for kpasswd service ping-pong attack - pull up fix for UDP ping-pong flaw in kpasswd service (CVE-2002-2443, #962531,#962534)	2013-05-13 18:32:51 -04:00
Nathaniel McCallum	c0d2f3b96d	Update otp patch; add keycheck patch	2013-05-03 17:04:40 -04:00
Nalin Dahyabhai	fcc98d5403	make the default ccname change affect f19, too - pull the changing of the compiled-in default ccache location to DIR:/run/user/%%{uid}/krb5cc back into F19, in line with SSSD and the most recent pam_krb5 build	2013-04-23 17:39:34 -04:00
Nalin Dahyabhai	d54b8d87c6	correct some configuration file paths Correct some configuration file paths which the KDC_DIR patch inadvertently changed.	2013-04-17 10:42:46 -04:00
Nalin Dahyabhai	3ba00c4edc	keep track of the message type of FAST requests - pull in fix for keeping track of the message type when parsing FAST requests in the KDC (RT#7605, #951843)	2013-04-15 11:06:55 -04:00
Nalin Dahyabhai	61043181c7	update to 1.11.2 - update to 1.11.2 - drop pulled in patch for RT#7586, included in this release - drop pulled in patch for RT#7592, included in this release	2013-04-15 11:06:15 -04:00
Nalin Dahyabhai	fd7717242f	set DEFCCNAME to DIR:/run/user/%{uid}/krb5cc - move the compiled-in default ccache location from the previous default of FILE:/tmp/krb5cc_%{uid} to DIR:/run/user/%{uid}/krb5cc (part of #949588)	2013-04-12 09:24:16 -04:00
Nathaniel McCallum	8d291c8c0a	Update otp plugin backport patches	2013-04-09 14:06:33 -04:00
Nalin Dahyabhai	ffcebd6c2b	trying to get more of the tests to run on builders - when testing the RPC library, treat denials from the local portmapper the same as a portmapper-not-running situation, to allow other library tests to be run while building the package	2013-04-03 17:23:58 -04:00
Nalin Dahyabhai	46d5c735d6	add RT number for most recent patch	2013-04-01 10:23:20 -04:00
Nalin Dahyabhai	7b92138ee8	teach gss_acquire_cred_from() about "client_keytab" - pull in Simo's patch to recognize "client_keytab" as a key type which can be passed in to gss_acquire_cred_from()	2013-03-28 16:13:41 -04:00
Nalin Dahyabhai	30e39857ae	package the right client keytab directory - create and own /var/kerberos/krb5/user instead of /var/kerberos/kdc/user, since that's what the libraries actually look for - add buildrequires on nss-myhostname, in an attempt to get more of the tests to run properly during builds	2013-03-28 16:12:30 -04:00
Nalin Dahyabhai	e7b662f81f	pull in arm 64 (aarch64) build tweaks - go back to using reconf to run autoconf and autoheader (part of #925640) - add temporary patch to use newer config.guess/config.sub (more of #925640)	2013-03-26 16:48:29 -04:00
Nalin Dahyabhai	9d52c1d370	specify backup suffixes, like we do	2013-03-26 16:34:37 -04:00
Nalin Dahyabhai	c761eb0da7	pull up patch to mark imported gss contexts right - pull up Simo's patch to mark the correct mechanism on imported GSSAPI contexts (RT#7592)	2013-03-26 16:32:29 -04:00
Nalin Dahyabhai	557835fdb3	tweak buildrequires conditionals for el7 builds - fix a version comparison to expect newer texlive build requirements when %%{_rhel} > 6 rather than when it's > 7	2013-03-18 10:28:51 -04:00
Nathaniel McCallum	0efba32c47	first round of the otp plugin	2013-03-11 16:26:50 -04:00
Nalin Dahyabhai	6fdbb463fc	fix a memory leak when obtaining creds via keytabs - fix a memory leak when acquiring credentials using a keytab (RT#7586, #911110)	2013-02-28 16:37:33 -05:00
Nalin Dahyabhai	abff2e5117	escape uses of macros in comments (more of 884065) escape uses of macros in comments (more of #884065)	2013-02-27 18:16:30 -05:00
Nalin Dahyabhai	a47a2acb30	drop the kerberos-iv portreserve file drop the kerberos-iv portreserve file (long overdue), and drop the rest on systemd systems, since we don't currently poke portreserve when we're starting a service	2013-02-27 18:15:26 -05:00
Nalin Dahyabhai	460c5ab8b7	prebuild PDF docs to reduce multilib differences prebuild PDF docs to reduce multilib differences (internal tooling, #884065)	2013-02-27 14:59:35 -05:00
Nalin Dahyabhai	0c2dcfe3ef	update to 1.11.1 update to 1.11.1 - drop patch for noticing negative timeouts being passed to the poll() wrapper in the client transmit functions	2013-02-25 12:44:43 -05:00
Nalin Dahyabhai	977a60b72c	set "rdns = false" in the default krb5.conf set "rdns = false" in the default krb5.conf (#908323)	2013-02-08 10:29:14 -05:00
Nalin Dahyabhai	0597014fa8	update to 1.11 release - update to the 1.11 final release - drop the rawbuild tag from a couple of patches which we don't actually need to apply to get things to compile the way the package expects	2012-12-18 10:37:36 -05:00
Nalin Dahyabhai	9e98fec59e	update to 1.11 beta 2	2012-12-13 10:57:00 -05:00
Nalin Dahyabhai	38b95e7b3e	move a non-system libverto to the -libs subpackage - when building with our bundled copy of libverto, package it in with -libs rather than with -server (#886049)	2012-12-13 10:27:19 -05:00
Nalin Dahyabhai	78b3a524da	update to 1.11 beta 1	2012-11-21 15:56:57 -05:00
Nalin Dahyabhai	282fb3c1e0	packaging tweaks - handle releases where texlive packaging wasn't yet as complicated as it is in Fedora 18 - fix an uninitialized-variable error building one of the test programs	2012-11-16 17:19:59 -05:00
Nalin Dahyabhai	8cf49572ea	more tweaks to try to get doc building working	2012-11-16 15:58:51 -05:00
Nalin Dahyabhai	d97833d1ef	just drop package-level deps on tex altogether	2012-11-16 14:56:42 -05:00
Nalin Dahyabhai	b1e19fe613	sure, okay.	2012-11-16 14:51:53 -05:00
Nalin Dahyabhai	5816919080	require pdflatex and makeindex	2012-11-16 14:36:59 -05:00
Nalin Dahyabhai	d8fb585c09	don't dummy up required stylesheets, require them	2012-11-16 13:35:21 -05:00
Nalin Dahyabhai	9f497eac9f	also note the multilib impact in the docs	2012-11-16 13:14:55 -05:00
Nalin Dahyabhai	7404a3c685	more packaging fixups - move the rather large pile of html and pdf docs to -workstation, so that just having something that links to the libraries won't drag them onto a system - actually create %%{_var}/kerberos/kdc/user, so that it can be packaged - correct the list of packaged man pages	2012-11-16 13:01:56 -05:00
Nalin Dahyabhai	777f196e39	drop patches to fixup paths in man pages	2012-11-16 13:01:56 -05:00
Nalin Dahyabhai	d0f6217945	own /var/kerberos/kdc/user	2012-11-16 13:01:56 -05:00
Nalin Dahyabhai	18bdbb99e3	drop the only-weak-keys checker	2012-11-16 13:01:56 -05:00
Nalin Dahyabhai	0efe966105	update heed-nsaccountlock patch We lost explicit support for eDirectory per se, so just add a toggle to enable heeding the one native attribute that 389 adds to the mix.	2012-11-16 13:01:56 -05:00
Nalin Dahyabhai	8a943cb6b5	update selinux labeling patch	2012-11-16 13:01:55 -05:00
Nalin Dahyabhai	423d0d2f67	update the paths-in-man-pages patch	2012-11-15 18:03:30 -05:00
Nalin Dahyabhai	34c8bac7e3	drop backported fix for clock skew errors - drop backported fix for avoiding spurious clock skew when a TGT is decrypted long after the KDC sent it to the client which decrypts it	2012-11-15 15:23:18 -05:00
Nalin Dahyabhai	e5f60e0625	drop backports of patch for keytab-based kinit - drop backported patches to make keytab-based authentication attempts work better when the client tells the KDC that it supports a particular cipher, but doesn't have a key for it in the keytab	2012-11-15 15:21:19 -05:00
Nalin Dahyabhai	b47c708afc	drop backported PKINIT fix: directly-trusted KDCs - drop backported fix for teaching PKINIT clients which trust the KDC's certificate directly to verify signed-data messages that are signed with the KDC's certificate, when the blobs don't include a copy of the KDC's certificate	2012-11-15 15:19:00 -05:00
Nalin Dahyabhai	f1f0baeb82	drop backported patch for disabling replay caches - drop backported fix for disabling use of a replay cache when verifying initial credentials	2012-11-15 15:18:12 -05:00
Nalin Dahyabhai	e4244fc907	drop backported build patch	2012-11-15 15:15:47 -05:00
Nalin Dahyabhai	d86f9ffaaf	the new docs system generates PDFs, so we can stop	2012-11-15 15:14:28 -05:00
Nalin Dahyabhai	03522e1559	drop backported patches for RT #7406,#7407,#7408 - drop backported patch for RT #7406 - drop backported patch for RT #7407 - drop backported patch for RT #7408	2012-11-15 15:04:38 -05:00
Nalin Dahyabhai	6baa28a80d	start moving to 1.11	2012-11-15 15:03:00 -05:00
Nalin Dahyabhai	c7b12ecdfa	tag a couple more patches for %%{?_rawbuild} - tag a couple of other patches which we still need to be applied during %%{?_rawbuild} builds (zmraz)	2012-10-17 17:36:50 -04:00
Nalin Dahyabhai	51b608140a	- actually pull up the patch for RT#7063, and not some other ticket (#773496 )	2012-09-25 02:02:35 -04:00
Nalin Dahyabhai	3e1f3982d4	revise Filip's patch so that it more closely mimics the select() path	2012-09-10 18:47:48 -04:00
Nalin Dahyabhai	a4ad97ae22	abort the current transmit attempt if our timeout is negative - add patch from Filip Krska to abort a transmit attempt when we've given poll() a negative timeout (#838548)	2012-09-10 16:30:11 -04:00
Nalin Dahyabhai	4c51c8bc7e	more backported fixes for keytab-doesn't-have-all-key-types cases - add a backport of more patches to set the client's list of supported enctypes when using a keytab to be the list of types of keys in the keytab, plus the list of other types the client supports but for which it doesn't have keys, in that order, so that KDCs have a better chance of being able to issue tickets with session keys of types that the client can use (#837855)	2012-09-07 16:10:45 -04:00
Nalin Dahyabhai	e39bc82589	pull up patch for RT#7063 - KDC/client time skew - pull up patch for RT#7063, in which not noticing a prompt for a long time throws the client library's idea of the time difference between it and the KDC really far out of whack (#773496)	2012-09-07 14:05:10 -04:00
Nalin Dahyabhai	9a4c3f763b	conflict with broken libsmbclient builds on EL6, so that we don't break them - on EL6, conflict with libsmbclient before 3.5.10-124, which is when it stopped linking with a symbol which we no longer export (#771687)	2012-09-07 12:50:09 -04:00
Nalin Dahyabhai	cf693a2998	cut out an extraneous label configuration reload - cut down the number of times we load SELinux labeling configuration from a minimum of two times to actually one (more of #845125)	2012-09-06 18:42:40 -04:00
Nalin Dahyabhai	7f06579f48	backport patch from RT#7229 - backport patch to disable replay detection in krb5_verify_init_creds() while reading the AP-REQ that's generated in the same function (RT#7229)	2012-08-30 14:22:23 -04:00
Nalin Dahyabhai	ec0380bcae	merge and conditionalize some EL6isms - undo rename from krb5-pkinit-openssl to krb5-pkinit on EL6 - version the Obsoletes: on the krb5-pkinit-openssl to krb5-pkinit rename - reintroduce the init scripts for non-systemd releases - forward-port %%{_?rawbuild} annotations from EL6 packaging	2012-08-30 14:06:23 -04:00
Nalin Dahyabhai	81ca63cffc	- update to 1.10.3, rolling in MITKRB5-SA-2012-001	2012-08-09 11:11:24 -04:00
Nalin Dahyabhai	5d6308abab	cache the selabel context between uses (dwalsh) - selinux: hang on to the list of selinux contexts, freeing and reloading it only when the file we read it from is modified, freeing it when the shared library is being unloaded (#845125)	2012-08-02 18:50:32 -04:00
Nalin Dahyabhai	38e22af414	undo file-move fixes on Fedora 17 - go back to not messing with library file paths on Fedora 17: it breaks file path dependencies in other packages, and since Fedora 17 is already released, breaking that is our fault	2012-08-02 11:15:21 -04:00
Nalin Dahyabhai	899e166076	update bug numbers for this update	2012-07-31 14:34:09 -04:00
Nalin Dahyabhai	718a1573e1	fixes for MITKRB5-SA-2012-001 and .so symlinks - add upstream patch to fix freeing an uninitialized pointer and dereferencing another uninitialized pointer in the KDC (MITKRB5-SA-2012-001, CVE-2012-1014 and CVE-2012-1015, #838012) - fix a thinko in whether or not we mess around with devel .so symlinks on systems without a separate /usr (sbose)	2012-07-31 14:14:12 -04:00
Dennis Gilmore	a020fb0304	Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild	2012-07-27 00:46:48 -05:00
Nalin Dahyabhai	f60e9ef28c	backport RT#7183 - backport a fix to allow a PKINIT client to handle SignedData from a KDC that's signed with a certificate that isn't in the SignedData, but which is available as an anchor or intermediate on the client (RT#7183)	2012-06-22 14:07:46 -04:00
Nalin Dahyabhai	16a5c7affc	back out the recent labeling change, per dwalsh - back out this labeling change (dwalsh): - when building the new label for a file we're about to create, also mix in the current range, in addition to the current user	2012-06-05 16:24:15 -04:00
Nalin Dahyabhai	6e8c2c396c	add explicit buildrequires: on 'hostname' and 'net-tools' - add explicit buildrequires: on 'hostname', for the tests, on systems where it's in its own package, and require net-tools, which used to provide the command, everywhere	2012-06-01 16:31:50 -04:00
Nalin Dahyabhai	f06298144d	no-separate-/usr means we don't have to move shlibs - don't shuffle around any shared libraries on releases with no-separate-/usr, since /lib and /usr/lib are the same anyway	2012-06-01 15:41:01 -04:00
Nalin Dahyabhai	037ab925da	backport a fix for keytabs which don't have keys for all enctypes - add a backport of Stef's patch to set the client's list of supported enctypes to match the types of keys that we have when we are using a keytab to try to get initial credentials, so that a KDC won't send us an AS reply that we can't encrypt (RT#2131, #748528)	2012-06-01 15:24:41 -04:00
Nalin Dahyabhai	b8b71859bb	update to 1.10.2 - when building the new label for a file we're about to create, also mix in the current range, in addition to the current user - also package the PDF format admin, user, and install guides - drop some PDFs that no longer get built right	2012-06-01 14:05:55 -04:00
Nalin Dahyabhai	cd92a2cbb4	- skip the setfscreatecon() if fopen() is passed "rb" as the open mode (part of #819115 )	2012-05-07 17:28:51 -04:00
Nalin Dahyabhai	2057747130	- have -server require /usr/share/dict/words, which we set as the default dict_file in kdc.conf (#817089 )	2012-05-01 11:44:13 -04:00
Nalin Dahyabhai	f2a7c1df57	- comment out example.com examples in default krb5.conf (Stef Walter, #805320 )	2012-03-20 18:21:01 -04:00
Nalin Dahyabhai	f8503cf35b	- changelog that last change	2012-03-20 18:20:08 -04:00
Nalin Dahyabhai	70240d81c8	- update to 1.10.1 - drop the KDC crash fix - drop the KDC lookaside cache fix - drop the fix for kadmind RPC ACLs (CVE-2012-1012)	2012-03-09 18:37:47 -05:00
Nalin Dahyabhai	4093154587	- when removing -workstation, remove our files from the info index while the file is still there, in %%preun, rather than %%postun, and use the compressed file's name (#801035 )	2012-03-07 12:04:24 -05:00
Nathaniel McCallum	b44189a932	Fix string RPC ACLs (RT#7093); CVE-2012-1012	2012-02-21 15:40:50 -05:00
Nathaniel McCallum	1b8eb90a4f	add upstream lookaside cache fix RT#7082	2012-01-31 13:42:23 -05:00
Nalin Dahyabhai	9e5f5995cd	- add patch to accept keytab entries with vno==0 as matches when we're searching for an entry with a specific name/kvno (#230382/#782211,RT#3349)	2012-01-30 19:49:10 -05:00
Nalin Dahyabhai	6ac0d24fa5	- note the RT number	2012-01-30 12:51:02 -05:00
Nalin Dahyabhai	fbe4130509	- update to 1.10 final	2012-01-30 10:28:53 -05:00
Nathaniel McCallum	767944b7d8	fix release number	2012-01-26 12:17:35 -05:00
Nathaniel McCallum	a134a66915	add upstream crashfix patch	2012-01-26 11:58:18 -05:00
Nalin Dahyabhai	a04da4baa4	- note the RT number	2012-01-23 18:21:02 -05:00
Nalin Dahyabhai	cf65017ae3	- update to beta 1	2012-01-12 18:47:18 -05:00
Nalin Dahyabhai	3e2b8913b0	- add missing changelog item	2012-01-12 16:11:04 -05:00
Peter Robinson	c5fead3d7e	mktemp was long obsoleted by coreutils	2012-01-11 10:36:49 +00:00
Nalin Dahyabhai	620baf13cd	- modify the deltat grammar to also tell gcc (4.7) to suppress "maybe-uninitialized" warnings in addition to the "uninitialized" warnings it's already being told to suppress	2012-01-04 13:52:34 -05:00
Nalin Dahyabhai	2496d7a5c9	- update to alpha 2 - drop a couple of patches which were integrated for alpha 2	2011-12-20 13:18:27 -05:00
Nalin Dahyabhai	f28b57af20	- pull in patch for RT#7048: allow PAC verification to only bother trying to verify the signature with keys that it's given (still more of #761317)	2011-12-13 10:50:02 -05:00
Nalin Dahyabhai	6d68d342c9	- pull in patch for RT#7047: allow tickets obtained via S4U2Proxy to be cached (more of #761317)	2011-12-13 10:48:28 -05:00
Nalin Dahyabhai	fb7c02faff	- pull in patch for RT#7046: tag a ccache containing credentials obtained via S4U2Proxy with the principal name of the proxying principal (part of #761317)	2011-12-13 10:47:31 -05:00
Nalin Dahyabhai	03e76d7832	- apply upstream patch to fix a null pointer dereference when processing TGS requests (CVE-2011-1530, #753748 )	2011-12-06 14:12:15 -05:00
Nalin Dahyabhai	4584a88e40	correct the release to match the changelog	2011-11-30 15:13:54 -05:00
Nalin Dahyabhai	635a422817	- correct a bug in the fix for #754001 so that the file creation context is consistently reset	2011-11-30 15:03:45 -05:00
Nalin Dahyabhai	a45a82724d	- require libverto-module-base at build- and runtime so that tests which use verto can work properly	2011-11-15 13:32:43 -05:00
Nalin Dahyabhai	1110ccd873	- bump to 1.10 alpha 1	2011-11-15 12:45:44 -05:00
Dennis Gilmore	39cc62dcc1	- Rebuilt for glibc bug#747377	2011-10-26 19:09:40 -05:00
Nalin Dahyabhai	af8b546790	- apply upstream patch to fix a null pointer dereference with the LDAP kdb backend (CVE-2011-1527, #744125 ), an assertion failure with multiple kdb backends (CVE-2011-1528), and a null pointer dereference with multiple kdb backends (CVE-2011-1529) (#737711 )	2011-10-18 14:28:08 -04:00
Nalin Dahyabhai	73b7dd3ece	- pull in patch from trunk to rename krb5int_pac_sign() to krb5_pac_sign() and make it public (#745533)	2011-10-13 15:31:36 -04:00
Nalin Dahyabhai	28837545d5	- handle a harder-to-trigger assertion failure that starts cropping up when we exit the transmit loop on time (#739853)	2011-10-07 16:29:28 -04:00
Nalin Dahyabhai	098a308f7e	- kadmin.service: fix #723723 again - kadmin.service,krb5kdc.service: remove optional use of $KRB5REALM in command lines, because systemd parsing doesn't handle alternate value shell variable syntax - kprop.service: add missing Type=forking so that systemd doesn't assume simple - kprop.service: expect the ACL configuration to be there, not absent	2011-10-07 15:10:35 -04:00
Tom "spot" Callaway	e645180a9a	hardcode pid file path as option to krb5kdc.service	2011-10-02 15:05:51 +02:00
Tom "spot" Callaway	3545dd2571	fix typo	2011-09-30 12:20:58 +02:00
Tom "spot" Callaway	82129e3a0d	convert to systemd	2011-09-19 14:45:57 -04:00
Nalin Dahyabhai	207fa55d00	- pull in upstream patch for RT#6952, confusion following referrals for cross-realm auth (#734341 )	2011-09-06 00:19:38 -04:00
Nalin Dahyabhai	a26dd7c42c	- switch to the upstream patch for #727829	2011-09-01 09:29:29 -04:00
Nalin Dahyabhai	57d5eabb48	- bump the release number	2011-08-31 13:33:23 -04:00
Nalin Dahyabhai	db0e796a50	- handle an assertion failure that starts cropping up when the patch for using poll (#701446 ) meets servers that aren't running KDCs or against which the connection fails for other reasons (#727829 , #734172 )	2011-08-31 13:31:58 -04:00
Nalin Dahyabhai	0ad36e9c38	- override the default build rules to not delete temporary y.tab.c files, so that they can be packaged, allowing debuginfo files which point to them do so usefully (#729044)	2011-08-08 18:39:55 -04:00

... 3 4 5 6 7 ...

776 Commits