rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity
382 Commits 9 Branches 52 Tags 8.1 MiB
59f0148016
Commit Graph

382 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nalin Dahyabhai
f72d641eb4 - new source set 2009-06-04 22:15:04 +00:00
Nalin Dahyabhai
2f1613d440 - update to 1.7, second pass 2009-06-04 22:09:07 +00:00
Nalin Dahyabhai
259e2512e5 - fix a syntax error 2009-06-04 20:45:45 +00:00
Nalin Dahyabhai
379f28cb47 - also treat "nsAccountLock: TRUE" in directory entries as an indication of 
an account having been disabled
 2009-06-04 19:38:46 +00:00
Nalin Dahyabhai
55c161be92 - patch to label most files at create-time 2009-06-04 19:37:06 +00:00
Nalin Dahyabhai
8a5745ff76 - update of the PAM support patch 2009-06-04 19:35:17 +00:00
Nalin Dahyabhai
7520433037 - avoid double-logging in the servers by avoiding processing of the same 
configuration file twice
 2009-06-04 19:32:36 +00:00
Nalin Dahyabhai
f4932dde69 - suppress our indirect dependencies from the output of --libs, unless the 
user also passed in the --deps flag
 2009-06-04 19:30:50 +00:00
Nalin Dahyabhai
94d3c5951e - try to be more resilient to comparisons of malformed principal structures 2009-06-04 19:29:44 +00:00
Nalin Dahyabhai
8c991219ab - when we're not doing a recursive transfer, treat subdirectories as a 
problem
 2009-06-04 19:27:50 +00:00
Nalin Dahyabhai
6879d98ef2 - try to avoid locking up in rsh due to client and server blocking on 
writes at the same time
 2009-06-04 19:26:29 +00:00
Nalin Dahyabhai
0b6e153ff8 - use an in-memory ccache instead of an on-disk temporary to avoid 
compile-time warnings about using mktemp()
 2009-06-04 19:16:47 +00:00
Nalin Dahyabhai
dd70d4f4ef - send the length of the file by printf()ing a long long instead of a long, 
so that we don't break on large files on 32-bit machines
 2009-06-04 19:15:24 +00:00
Nalin Dahyabhai
d067ec29b6 - link binaries to produce position-independent executables, and strip the 
flags used to do so, and library path flags, from the output of
    krb5-config
- install shared libraries with the execute bit set
- we used to override RPATH here, but configure takes --disable-rpath now
 2009-06-04 19:09:04 +00:00
Nalin Dahyabhai
bc603de2a8 - forward-port long-present out-of-tree patch to support "ANY" keytab type, 
which takes as its residual a comma-separated list of keytab names and
    will search them all in turn when looking for a specific key
 2009-06-04 19:05:20 +00:00
Nalin Dahyabhai
3c1272ff63 - add an auth stack to ksu's PAM configuration so that pam_setcred() calls 
won't just fail
 2009-05-19 23:21:48 +00:00
Nalin Dahyabhai
06c77ea1cd - make PAM support for ksu also set PAM_RUSER 2009-05-11 18:19:08 +00:00
Nalin Dahyabhai
df43b1e2b6 yeah, actually bump the release number 2009-04-23 22:51:25 +00:00
Nalin Dahyabhai
5ebd815122 - extend PAM support to ksu: perform account and session management for the 
target user
- pull up and merge James Leddy's changes to also set PAM_RHOST in
    PAM-aware network-facing services
 2009-04-23 22:43:26 +00:00
Nalin Dahyabhai
d3b2b69619 - fix a typo in a ksu error message (Marek Mahut) 2009-04-21 18:46:52 +00:00
Nalin Dahyabhai
27c8414969 - okay, finally remove this 2009-04-21 18:46:37 +00:00
Nalin Dahyabhai
8614c0dcd0 - "rev" works the way the test suite expects now, so don't disable tests 
that use it
 2009-04-21 18:46:16 +00:00
Nalin Dahyabhai
f0389e0488 note why we don't just run make check here 2009-04-20 21:15:12 +00:00
Nalin Dahyabhai
41d635cc23 - add empty Default-Start: statements to the init scripts 2009-04-20 20:33:32 +00:00
Nalin Dahyabhai
724545eab6 - add LSB-style informational headers to the init scripts 2009-04-20 20:32:02 +00:00
Nalin Dahyabhai
980855a07a - explicitly run the pdf generation script using sh (part of #225974) 2009-04-17 13:29:41 +00:00
Nalin Dahyabhai
f51ed46fff - remove obsolete patch for CVE-2009-0845 
- add patches for read overflow and null pointer dereference in the
    implementation of the SPNEGO mechanism (CVE-2009-0844, CVE-2009-0845)
- add patch for attempt to free uninitialized pointer in libkrb5
    (CVE-2009-0846)
- add patch to fix length validation bug in libkrb5 (CVE-2009-0847)
 2009-04-07 18:16:28 +00:00
Nalin Dahyabhai
ebb2e9030e - add patch to fix length validation bug in libkrb5 (CVE-2009-0847) 2009-04-07 18:15:43 +00:00
Nalin Dahyabhai
0d81cc8c03 - add patch for attempt to free uninitialized pointer in libkrb5 
(CVE-2009-0846)
 2009-04-07 18:15:12 +00:00
Nalin Dahyabhai
b28fb4b7da - add patches for read overflow and null pointer dereference in the 
implementation of the SPNEGO mechanism (CVE-2009-0844, CVE-2009-0845)
 2009-04-07 18:14:43 +00:00
Nalin Dahyabhai
d43a03520f - make the kpropd init script treat reload as restart (part of #225974) 2009-04-06 20:33:44 +00:00
Nalin Dahyabhai
45bffcbf45 - take the execute bit off of the protocol docs (part of #225974) 
- unflag init scripts as configuration files (part of #225974)
 2009-04-06 18:22:58 +00:00
Nalin Dahyabhai
303d2c20d2 - fixup summary texts (part of #225974) 2009-04-06 18:00:53 +00:00
Nalin Dahyabhai
fa314d1962 - escape possible macros in the changelog (part of #225974) 2009-04-06 17:52:21 +00:00
Nalin Dahyabhai
5ee95cc082 - clean up buildprereq/prereqs, explicit mktemp requires, and add the 
ldconfig for the -server-ldap subpackage (part of #225974)
 2009-04-06 17:45:29 +00:00
Nalin Dahyabhai
98a3610002 - make splitting up of the workstation bits unconditional 2009-04-06 16:46:35 +00:00
Nalin Dahyabhai
1644a79505 - move the libraries to /%{_lib}, but leave --libdir alone so that plugins 
get installed and are searched for in the same locations (#473333)
 2009-04-06 16:22:45 +00:00
Nalin Dahyabhai
e61be4fa97 - turn off krb4 support (it won't be part of the 1.7 release, but do it 
now)
- use triggeruns to properly shut down and disable krb524d when -server and
-workstation-servers gets upgraded, because it's gone now
 2009-04-06 15:56:45 +00:00
Nalin Dahyabhai
434cefd85a - libgssapi_krb5: backport fix for some errors which can occur when we fail 
to set up the server half of a context (CVE-2009-0845)
 2009-03-17 22:26:27 +00:00
Jesse Keating
78b02cd911 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild 2009-02-25 11:58:27 +00:00
Nalin Dahyabhai
ab1cdb5d37 - add a patch to catch out-of-space errors rcp'ing files to NFS 
destinations
 2009-02-19 23:11:41 +00:00
Nalin Dahyabhai
2ef50f0d66 - flesh out the note to include why the patch isn't going anywhere 2009-02-19 22:35:32 +00:00
Nalin Dahyabhai
4e24fa3147 - add a hunk so that the db2 test will compile correctly 2009-02-19 22:34:47 +00:00
Nalin Dahyabhai
9d9088d1cc - note the RT number for the upstream discussion 2009-02-19 22:32:32 +00:00
Nalin Dahyabhai
4c798e4ee7 aargh, what year is it? 2009-01-16 16:19:02 +00:00
Nalin Dahyabhai
2bf7daea40 rebuild 2009-01-16 16:17:56 +00:00
Nalin Dahyabhai
6df4ee1a7a - krb5_fcc_generate_new(): unlock the fcc list lock before returning in the 
non-mkstemp() case, don't unlock the lock twice before returning if we
    happen to run out of memory (fixed in trunk by rewriting the function)
 2008-10-28 21:36:18 +00:00
Nalin Dahyabhai
0d57fe8b86 - telnet can suspend itself if the calling shell supports job control, and 
around here that's not unique to csh (#433947) Of course, if it turns
    out that we do have a shell that doesn't support job control, we get to
    change this to enumerate the ones that do. Which is sure to be all
    kinds of fun.
 2008-10-28 21:35:45 +00:00
Nalin Dahyabhai
b1efb9b86d - if we successfully change the user's password during an attempt to get 
initial credentials, but then fail to get initial creds from a
    non-master using the new password, retry against the master (#432334)
 2008-09-04 15:13:51 +00:00
Tom Callaway
bb9aa2106c fix license tag 2008-08-05 17:46:07 +00:00