Commit Graph

522 Commits

Author SHA1 Message Date
Nalin Dahyabhai
88c0c528bd Update to 1.12 beta 2013-11-19 18:08:43 -05:00
Nalin Dahyabhai
3c08a1616e BuildRequire: pkgconfig and package pkgconfig data 2013-11-19 17:40:02 -05:00
Nalin Dahyabhai
f8f559ef32 Drop backports for RT#7656 and RT#7657 2013-11-19 17:39:59 -05:00
Nalin Dahyabhai
447ee6c9e6 Update for 1.12's removal of krb5_xfree() 2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
f619caa9c9 Drop OTP backport 2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
7448cea67e Untweak for 1.11.3 2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
00cf6df3e6 Drop backport for RT#7590 and partial for RT#7680 2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
19bc209a19 Drop backport for RT#7709 2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
13b2f96a29 Drop backports for RT#7682 2013-11-19 17:38:46 -05:00
Nalin Dahyabhai
0b296b8b04 Drop obsolete patches to skip GSSRPC-over-UDP test
- drop patches from master to not test GSSRPC-over-UDP and to not
  depend on the portmapper, which are areas where our build systems
  often give us trouble, too; obsolete
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
25fe69d885 Drop backport for RT#7643 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
a2e5f1f872 Drop backport for RT#7642 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
9e1d45535e Drop backport for RT#7172 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
bd8c46afd2 Drop backport for RT#7598 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
286168174b Drop patch to teach config.* about aarch64-linux 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
11656c4fe0 Drop obsolete patch fixing a test use-before-init 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
9c8c2d53ba Update for 1.12 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
d2ea586766 Update for 1.12 2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
f618776e18 Update for 1.12 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
d175d043f1 Update for 1.12 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
daca172770 Update patch for 1.12 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
15dceb5da6 Drop backport for RT#7689 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
b1f558a0f5 Drop backported patch 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
8a39d5ff72 Start rebasing to 1.12 alpha1 2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
a77ee55771 Pull in keyring expiration from RT#7769
- pull in fix to set expiration times on keyrings used for storing keyring
  credential caches (RT#7769, #1031724)
2013-11-18 18:02:20 -05:00
Nalin Dahyabhai
81715b1776 Pull in keyring offset storage from RT#7768
- pull in fix to store KDC time offsets in keyring credential caches
  (RT#7768, #1030607)
2013-11-18 17:14:07 -05:00
Nalin Dahyabhai
dee7ae00a4 Note where CVE-2013-6800 was fixed
CVE-2013-6800 appears to be fixed by the same patch that fixes
CVE-2013-1418, so mention the first in changelog entries that refer to
the second.
2013-11-18 16:24:33 -05:00
Nalin Dahyabhai
cac86c9df2 Bump the release to 1 2013-11-12 16:32:02 -05:00
Nalin Dahyabhai
8f876bbbeb Drop patch for CVE-2013-1418, included in 1.11.4 2013-11-12 16:25:26 -05:00
Nalin Dahyabhai
1f02b0bc49 Drop patch for RT#7706, obsoleted as RT#7723 2013-11-12 16:23:38 -05:00
Nalin Dahyabhai
0c6ad14521 Drop patch for RT#7650, included in 1.11.4 2013-11-12 16:20:49 -05:00
Nalin Dahyabhai
2b359c527a Start updating to 1.11.4 2013-11-12 16:20:31 -05:00
Nalin Dahyabhai
b3399eb8fb Switch to the upstream patch for #1029110
Switch to the simplified version of the patch for #1029110 that ended up
being committed upstream (RT#7764).
2013-11-12 13:20:50 -05:00
Nalin Dahyabhai
11d14a1e7c Fix a typo in a changelog entry 2013-11-11 14:34:29 -05:00
Nalin Dahyabhai
49c8edfa6b Catch more strtol() failures when using KEYRINGs
- check more thorougly for errors when resolving KEYRING ccache names of type
  "persistent", which should only have a numeric UID as the next part of the
  name (#1029110)
2013-11-11 14:11:29 -05:00
Nalin Dahyabhai
bfdc4351bf Point to the RT for the patch for the right branch 2013-11-05 13:43:32 -05:00
Nalin Dahyabhai
a244d8f93c Incorporate patch for RT#7755 (CVE-2013-1418)
- incorporate upstream patch for remote crash of KDCs which serve multiple
  realms simultaneously (RT#7755, CVE-2013-1418)
2013-11-04 16:11:59 -05:00
Nalin Dahyabhai
a00c810e4e Drop call-access()-more patch for ksu
- drop patch to add additional access() checks to ksu - they add to breakage
  when non-FILE: caches are in use (#1026099), shouldn't be resulting in any
  benefit, and clash with proposed changes to fix its cache handling
2013-11-04 10:26:41 -05:00
Nalin Dahyabhai
433fcb1772 Expand on comments in the daemon wrapper scripts
- add some minimal description to the top of the wrapper scripts we use
  when starting krb5kdc and kadmind to describe why they exist (tooling)
2013-10-22 17:48:49 -04:00
Nalin Dahyabhai
31e8e33c43 Create and own /etc/gss (#1019937) 2013-10-16 18:12:24 -04:00
Nalin Dahyabhai
16e749771f Pull up fix for reimporting ccaches in gssapi
- pull up fix for importing previously-exported credential caches in the
  gssapi library (RT# 7706, #1019420)
2013-10-15 14:40:24 -04:00
Nalin Dahyabhai
84fe7d69da Finish fixing the don't-call-NULL-prompters bug
- extract the rest of the fix #965721/#1016690 from the changes for RT#7680
2013-10-14 14:07:56 -04:00
Nalin Dahyabhai
822059250e Use the prompter callback for PEM files
- backport the callback to use the libkrb5 prompter when we can't load
  PEM files for PKINIT (RT#7590, includes part of #965721/#1016690)
2013-10-14 14:07:19 -04:00
Nalin Dahyabhai
37f8b28f7d fix trigger's invocation of sed (#1016945)
- fix trigger scriptlet's invocation of sed (#1016945)
2013-10-14 12:42:56 -04:00
Nalin Dahyabhai
52b6b401df - rebuild with keyutils 1.5.8 (part of #1012043)
Rebuild against a keyutils which tags the new symbols we're using with a
newer symbol version, so that RPM can tell the difference between
versions of the package which contain a shared library that doesn't
include them and versions of the package which contain a shared library
which does.
2013-10-04 09:47:38 -04:00
Nalin Dahyabhai
494e7adbb0 Updated persistent-keyring changes, set as default
- switch to the version of persistent-keyring that was just merged to
  master (RT#7711), along with related changes to kinit (RT#7689)
- go back to setting default_ccache_name to a KEYRING type
2013-10-02 14:46:20 -04:00
Nalin Dahyabhai
682dc07d28 pull up fix to call kdb check-transited-path first
- pull up fix for not calling a kdb plugin's check-transited-path
  method before calling the library's default version, which only knows
  how to read what's in the configuration file (RT#7709, #1013664)
2013-09-30 11:26:50 -04:00
Nalin Dahyabhai
43d2548f26 configure --without-krb5-config
- configure --without-krb5-config so that we don't pull in the old default
  ccache name when we want to stop setting a default ccache name at configure-
  time
2013-09-26 14:38:01 -04:00
Nalin Dahyabhai
e43f75f274 - fix broken dependency on awk (rdieter)
- fix broken dependency on awk (should be gawk, rdieter)
2013-09-25 12:34:03 -04:00
Nalin Dahyabhai
a375099fe1 add missing dependency on newer keyutils-libs
- add missing dependency on newer keyutils-libs (#1012034)
2013-09-25 11:26:19 -04:00