rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity
540 Commits 9 Branches 52 Tags 8.1 MiB
767944b7d8
Commit Graph

355 Commits

Author SHA1 Message Date
Nathaniel McCallum
767944b7d8 fix release number 2012-01-26 12:17:35 -05:00
Nathaniel McCallum
a134a66915 add upstream crashfix patch 2012-01-26 11:58:18 -05:00
Nalin Dahyabhai
a04da4baa4 - note the RT number 2012-01-23 18:21:02 -05:00
Nalin Dahyabhai
cf65017ae3 - update to beta 1 2012-01-12 18:47:18 -05:00
Nalin Dahyabhai
3e2b8913b0 - add missing changelog item 2012-01-12 16:11:04 -05:00
Peter Robinson
c5fead3d7e mktemp was long obsoleted by coreutils 2012-01-11 10:36:49 +00:00
Nalin Dahyabhai
620baf13cd - modify the deltat grammar to also tell gcc (4.7) to suppress "maybe-uninitialized" warnings in addition to the "uninitialized" warnings it's already being told to suppress 2012-01-04 13:52:34 -05:00
Nalin Dahyabhai
2496d7a5c9 - update to alpha 2 
- drop a couple of patches which were integrated for alpha 2
 2011-12-20 13:18:27 -05:00
Nalin Dahyabhai
f28b57af20 - pull in patch for RT#7048: allow PAC verification to only bother trying to 
verify the signature with keys that it's given (still more of #761317)
 2011-12-13 10:50:02 -05:00
Nalin Dahyabhai
6d68d342c9 - pull in patch for RT#7047: allow tickets obtained via S4U2Proxy to be cached 
(more of #761317)
 2011-12-13 10:48:28 -05:00
Nalin Dahyabhai
fb7c02faff - pull in patch for RT#7046: tag a ccache containing credentials obtained via 
S4U2Proxy with the principal name of the proxying principal (part of #761317)
 2011-12-13 10:47:31 -05:00
Nalin Dahyabhai
03e76d7832 - apply upstream patch to fix a null pointer dereference when processing TGS requests (CVE-2011-1530, #753748) 2011-12-06 14:12:15 -05:00
Nalin Dahyabhai
4584a88e40 correct the release to match the changelog 2011-11-30 15:13:54 -05:00
Nalin Dahyabhai
635a422817 - correct a bug in the fix for #754001 so that the file creation context is consistently reset 2011-11-30 15:03:45 -05:00
Nalin Dahyabhai
a45a82724d - require libverto-module-base at build- and runtime so that tests which 
use verto can work properly
 2011-11-15 13:32:43 -05:00
Nalin Dahyabhai
1110ccd873 - bump to 1.10 alpha 1 2011-11-15 12:45:44 -05:00
Dennis Gilmore
39cc62dcc1 - Rebuilt for glibc bug#747377 2011-10-26 19:09:40 -05:00
Nalin Dahyabhai
af8b546790 - apply upstream patch to fix a null pointer dereference with the LDAP kdb backend (CVE-2011-1527, #744125), an assertion failure with multiple kdb backends (CVE-2011-1528), and a null pointer dereference with multiple kdb backends (CVE-2011-1529) (#737711) 2011-10-18 14:28:08 -04:00
Nalin Dahyabhai
73b7dd3ece - pull in patch from trunk to rename krb5int_pac_sign() to krb5_pac_sign() and 
make it public (#745533)
 2011-10-13 15:31:36 -04:00
Nalin Dahyabhai
28837545d5 - handle a harder-to-trigger assertion failure that starts cropping up when we 
exit the transmit loop on time (#739853)
 2011-10-07 16:29:28 -04:00
Nalin Dahyabhai
098a308f7e - kadmin.service: fix #723723 again 
- kadmin.service,krb5kdc.service: remove optional use of $KRB5REALM in command
  lines, because systemd parsing doesn't handle alternate value shell variable
  syntax
- kprop.service: add missing Type=forking so that systemd doesn't assume simple
- kprop.service: expect the ACL configuration to be there, not absent
 2011-10-07 15:10:35 -04:00
Tom "spot" Callaway
e645180a9a hardcode pid file path as option to krb5kdc.service 2011-10-02 15:05:51 +02:00
Tom "spot" Callaway
3545dd2571 fix typo 2011-09-30 12:20:58 +02:00
Tom "spot" Callaway
82129e3a0d convert to systemd 2011-09-19 14:45:57 -04:00
Nalin Dahyabhai
207fa55d00 - pull in upstream patch for RT#6952, confusion following referrals for cross-realm auth (#734341) 2011-09-06 00:19:38 -04:00
Nalin Dahyabhai
a26dd7c42c - switch to the upstream patch for #727829 2011-09-01 09:29:29 -04:00
Nalin Dahyabhai
57d5eabb48 - bump the release number 2011-08-31 13:33:23 -04:00
Nalin Dahyabhai
db0e796a50 - handle an assertion failure that starts cropping up when the patch for using poll (#701446) meets servers that aren't running KDCs or against which the connection fails for other reasons (#727829, #734172) 2011-08-31 13:31:58 -04:00
Nalin Dahyabhai
0ad36e9c38 - override the default build rules to not delete temporary y.tab.c files, 
so that they can be packaged, allowing debuginfo files which point to them
  do so usefully (#729044)
 2011-08-08 18:39:55 -04:00
Nalin Dahyabhai
ad0dcf5042 - pull in a patch to fix losing track of the replay cache FD, from SVN by way of Kevin Coffman 2011-07-22 16:57:35 -04:00
Nalin Dahyabhai
2202e378de - build shared libraries with partial RELRO support (#723995) 
- filter out potentially multiple instances of -Wl,-z,relro from krb5-config
  output, now that it's in the buildroot's default LDFLAGS
 2011-07-22 16:29:06 -04:00
Nalin Dahyabhai
a0e423054a - kadmind.init: drop the attempt to detect no-database-present errors (#723723) 2011-07-20 17:58:20 -04:00
Nalin Dahyabhai
4e66f1237b - backport RT#6905: use poll() so that we can use higher descriptor numbers when the client is talking to a KDC 2011-07-19 14:54:29 -04:00
Nalin Dahyabhai
ba9d039a3a - have a bug number for this now 2011-06-28 14:08:13 -04:00
Nalin Dahyabhai
da69bf39fa - pull a fix from SVN to use AI_ADDRCONFIG more often (RT#6923) 2011-06-23 16:07:40 -04:00
Nalin Dahyabhai
4a5ca5b2d3 - pull a fix from SVN to try to avoid triggering a PTR lookup in getaddrinfo() 
during krb5_sname_to_principal(), and to let getaddrinfo() decide whether or
  not to ask for an IPv6 address based on the set of configured interfaces
  (RT#6922)
 2011-06-23 16:05:54 -04:00
Nalin Dahyabhai
23ef754340 - fix that bug ID 2011-06-21 18:38:01 -04:00
Nalin Dahyabhai
092982212a - apply upstream patch by way of Burt Holzman to fall back to a non-referral 
method in cases where we might be derailed by a KDC that rejects the
  canonicalize option (for example, those from the RHEL 2.1 or 3 era) (#713518)
 2011-06-20 13:34:21 -04:00
Nalin Dahyabhai
e1fdb93038 - don't burn a release number 2011-06-14 14:44:36 -04:00
Nalin Dahyabhai
17c9104b1d - pull a fix from SVN to get libgssrpc clients (e.g. kadmin) authenticating 
using the old protocol over IPv4 again (RT#6920)
 2011-06-14 14:25:28 -04:00
Nalin Dahyabhai
6a7a118058 - incorporate a fix to teach the file labeling bits about when replay caches are expunged (#576093) 2011-06-14 14:15:55 -04:00
Nalin Dahyabhai
20266fd9d7 switch to the upstream patch for #707145 2011-05-26 10:55:11 -04:00
Nalin Dahyabhai
e14f89fa17 klist: don't trip over referral entries when invoked with -s (#707145, RT#6915) 2011-05-25 16:55:39 -04:00
Nalin Dahyabhai
7368cf9d38 - fixup URL in a comment 
- when built with NSS, require 3.12.10 rather than 3.12.9
 2011-05-06 10:09:53 -04:00
Nalin Dahyabhai
ac127d5263 - update to 1.9.1: 
- drop no-longer-needed patches for CVE-2010-4022, CVE-2011-0281,
    CVE-2011-0282, CVE-2011-0283, CVE-2011-0284, CVE-2011-0285
 2011-05-05 19:03:10 -04:00
Nalin Dahyabhai
d2ffb0c7c5 add the bug ID for that last fix 2011-04-13 17:21:33 -04:00
Nalin Dahyabhai
301c9d3ae2 - kadmind: add upstream patch to fix free() on an invalid pointer (MITKRB5-SA-2011-004, CVE-2011-0285) 2011-04-13 15:38:22 -04:00
Nalin Dahyabhai
5ad8efcad5 - don't discard the error code from an error message received in response 
to a change-password request (#658871, RT#6893)
 2011-04-04 19:04:05 -04:00
Nalin Dahyabhai
2ee39c5e61 - override INSTALL_SETUID at build-time so that ksu is installed into 
the buildroot with the right permissions (part of #225974)
 2011-04-01 15:52:29 -04:00
Nalin Dahyabhai
27e969332f - backport change from SVN to fix a computed-value-not-used warning in 
kpropd (#684065)
 2011-03-18 13:23:22 -04:00