Commit Graph

841 Commits

Author SHA1 Message Date
Nalin Dahyabhai
276a481e88 - update to 1.6.3, dropping now-integrated patches for CVE-2007-3999 and
CVE-2007-4000 (the new pkinit module is built conditionally and goes
    into the -pkinit-openssl package, at least for now, to make a buildreq
    loop with openssl avoidable)
2007-10-23 19:40:45 +00:00
Nalin Dahyabhai
a0f391756d - make proper use of pam_loginuid and pam_selinux in rshd and ftpd 2007-10-17 17:48:52 +00:00
Bill Nottingham
345c67344c makefile update to properly grab makefile.common 2007-10-15 18:56:42 +00:00
Nalin Dahyabhai
528eff0ac5 - make krb5.conf %%verify(not md5 size mtime) in addition to
%%config(noreplace), like /etc/nsswitch.conf (#329811)
2007-10-12 18:32:28 +00:00
Nalin Dahyabhai
6e3299423a - proposed fix for not being able to find delegated krb5 creds when using
spnego
2007-10-04 22:08:39 +00:00
Nalin Dahyabhai
359196dde6 - revert to the version that hit upstream SVN 2007-10-04 21:44:02 +00:00
Nalin Dahyabhai
1bb4c4c0c2 - reflect the adjustment just submitted to upstream RT #5802 2007-10-01 21:39:09 +00:00
Nalin Dahyabhai
1dd0ff3e30 - proposed patch to fix receipt of delegated creds in mod_auth_kerb 2007-10-01 19:40:47 +00:00
Nalin Dahyabhai
14a08486e8 - add the bug ID to the kadmind fixes, note Fran's patch was identical to
the one I thought we were already using in the F-7 branch
2007-09-17 20:47:02 +00:00
Nalin Dahyabhai
995166d33c - undef functions that we override before redefining them; ultimately this
will have to be completely reworked to not use preprocessor magic
    because it's gotten way uglier than originally planned
2007-09-17 20:46:21 +00:00
Nalin Dahyabhai
2688de92f1 - move the db2 kdb plugin from -server to -libs, because a multilib libkdb
might need it
2007-09-11 20:52:15 +00:00
Nalin Dahyabhai
f330d3856e - don't exit if we have a kldap db 2007-09-11 19:03:15 +00:00
Nalin Dahyabhai
83381c77e7 - also perform PAM session and credential management when ftpd accepts a
client using strong authentication, missed earlier
- also label kadmind log files and files created by the db2 plugin
2007-09-11 14:12:38 +00:00
Nalin Dahyabhai
71c80f37b5 - also label kadmind log files and files created by the db2 plugin 2007-09-11 14:12:03 +00:00
Nalin Dahyabhai
c6b195a8d3 - ftpd: also do PAM management for clients who use strong authentication 2007-09-11 14:11:22 +00:00
Nalin Dahyabhai
8684e97aa9 bye-bye obsolete patch 2007-09-06 21:03:00 +00:00
Nalin Dahyabhai
78cfdd7edb - incorporate updated fix for CVE-2007-3999 2007-09-06 20:20:55 +00:00
Nalin Dahyabhai
251df090d0 bump the revision 2007-09-06 20:09:14 +00:00
Nalin Dahyabhai
07adde54fa - incorporate updated fix for CVE-2007-3999 2007-09-06 20:08:19 +00:00
Nalin Dahyabhai
c4bb3c531c - fix incorrect call to test in the kadmin init script 2007-09-06 20:07:18 +00:00
Nalin Dahyabhai
b54c6a0718 - incorporate fixes for MITKRB5-SA-2007-006 (CVE-2007-3999, CVE-2007-4000) 2007-09-04 18:10:23 +00:00
Nalin Dahyabhai
9866e02a96 - Do what the rfc says we should do, rather than what the error message
suggests we're doing.
2007-09-04 16:34:44 +00:00
Nalin Dahyabhai
929680a650 add missing gawk buildrequirement 2007-08-25 05:12:34 +00:00
Nalin Dahyabhai
8499d2199c - actually bump the release number 2007-08-25 04:33:13 +00:00
Nalin Dahyabhai
5502d6651d - cover more cases in labeling files on creation 2007-08-25 04:31:34 +00:00
Nalin Dahyabhai
e0443e5457 - experimental ok-as-delegate setting patch (not applied) 2007-08-25 04:28:10 +00:00
Nalin Dahyabhai
79f8a98d4f rebuild 2007-08-23 20:50:42 +00:00
Nalin Dahyabhai
2f7dffc0f3 - include but don't apply 2007-07-26 19:08:20 +00:00
Nalin Dahyabhai
7f381af05d - test patch for login chdir when $HOME is on root-squashed nfs 2007-07-26 19:07:22 +00:00
Nalin Dahyabhai
c7cc1d7d29 - test patch for password expiration reporting 2007-07-26 19:06:51 +00:00
Nalin Dahyabhai
fbe8865459 - kdc.conf: default to listening for TCP clients, too (#248415) 2007-07-26 18:36:57 +00:00
Nalin Dahyabhai
34ce3fe705 - add a preliminary patch for #231147. initially not applied. 2007-07-23 21:01:33 +00:00
Nalin Dahyabhai
c0cd730c79 - update to 1.6.2
- add "buildrequires: texinfo-tex" to get texi2pdf
2007-07-19 16:50:28 +00:00
Nalin Dahyabhai
56d1413f95 - truncate the echoed string at the newline, not at the first non-cr/lf 2007-07-17 21:02:32 +00:00
Nalin Dahyabhai
147635188d add CVE identifiers to the more recent changelog 2007-06-27 18:39:06 +00:00
Nalin Dahyabhai
cd3f50fb19 - incorporate fixes for MITKRB5-SA-2007-004 and MITKRB5-SA-2007-005 2007-06-27 06:08:01 +00:00
Nalin Dahyabhai
196ea67f06 - add missing pam-devel build requirement, force selinux-or-fail build 2007-06-25 01:16:51 +00:00
Nalin Dahyabhai
cb76d1ea2b rebuild 2007-06-25 00:56:37 +00:00
Nalin Dahyabhai
d360ed53e4 - label all files at creation-time according to the SELinux policy
(#228157)
2007-06-25 00:55:25 +00:00
Nalin Dahyabhai
29d9e8c00d - apply a label to all files upon creation 2007-06-25 00:54:13 +00:00
Nalin Dahyabhai
5899ab24a3 - also don't error out in the --disable-shared case, which while it doesn't
actually build to completion, is pretty handy for testing build changes
2007-06-25 00:52:53 +00:00
Nalin Dahyabhai
dbbe71ef2d - adjust the login-specific bits for changes which were made for ftpd 2007-06-25 00:50:30 +00:00
Nalin Dahyabhai
8f7d649fe0 - that should work better 2007-06-22 23:21:07 +00:00
Nalin Dahyabhai
e773dcc288 - um, maybe not just yet 2007-06-22 22:33:07 +00:00
Nalin Dahyabhai
2ecf4e22d8 nope, we don't provide that file 2007-06-22 22:15:03 +00:00
Nalin Dahyabhai
70ccd082ae - oops, note that pam changes went in, too 2007-06-22 22:10:15 +00:00
Nalin Dahyabhai
117cdbbea7 - preprocess kerberos.ldif into a format FDS will like better, and include
that as a doc file as well
2007-06-22 22:06:27 +00:00
Nalin Dahyabhai
37416c24a6 - switch man pages to being generated with the right paths in them
- drop old, incomplete SELinux patch
- add patch from Greg Hudson to make srvtab routines report missing-file
    errors at same point that keytab routines do (#241805)
2007-06-22 22:04:38 +00:00
Nalin Dahyabhai
513d8d8504 - patch to make srvtab routines report missing-file errors at the same
point that the keytab routines do
2007-06-22 22:03:42 +00:00
Nalin Dahyabhai
547fdc81db - PAM support for rshd, login (used by telnet and rlogind), and ftpd 2007-06-22 22:03:14 +00:00