rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity
1,135 Commits 9 Branches 52 Tags 8.1 MiB
d20ec5d3bc
Commit Graph

1135 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robbie Harwood
3c4e18f2f3 Omit PA_FOR_USER if we can't compute its checksum 2020-06-08 16:01:55 -04:00
Robbie Harwood
49849de329 Replace gssrpc tests with a Python script 2020-05-30 12:38:04 -04:00
Robbie Harwood
883355750a Default dns_canonicalize_hostname to "fallback" 2020-05-30 12:01:58 -04:00
Robbie Harwood
331a9df349 dns_canonicalize_hostname = fallback 2020-05-26 21:47:51 +00:00
Robbie Harwood
dec02b8411 Pass channel bindings through SPNEGO 2020-05-26 14:34:53 -04:00
Robbie Harwood
102adf5edf New upstream release (1.18.2) 2020-05-22 14:26:04 -04:00
Robbie Harwood
d370e2a431 Fix SPNEGO acceptor mech filtering 2020-05-22 13:28:09 -04:00
Robbie Harwood
0963a62bc3 Fix typo ("in in") in the ksu man page 2020-05-18 14:02:44 -04:00
Robbie Harwood
a9ccd6fd57 Omit KDC indicator check for S4U2Self requests 2020-05-08 14:14:22 -04:00
Robbie Harwood
19d5d2e504 Pass gss_localname() through SPNEGO 2020-04-28 13:12:21 -04:00
Robbie Harwood
46d8c677ae It usually helps if I commit the sources file 2020-04-14 15:50:03 -04:00
Robbie Harwood
7fca7fd076 New upstream version (1.18.1) 2020-04-14 15:45:43 -04:00
Robbie Harwood
66ec722479 Make ksu honor KRB5CCNAME again 2020-04-07 15:51:54 -04:00
Robbie Harwood
9f3201c4bc Do expiration warnings for all init_creds APIs 2020-04-02 14:03:07 -04:00
Robbie Harwood
c262ec69f6 Correctly import "service@" GSS host-based name 2020-04-01 14:24:49 -04:00
Robbie Harwood
4e7e5fe69b Eliminate redundant PKINIT responder invocation 2020-03-26 16:01:18 -04:00
Robbie Harwood
dd7e9481aa Add finalization safety check to com_err 2020-03-26 10:20:02 -04:00
Robbie Harwood
5c9732a545 Add maximum openssl version in preparation for openssl 3 2020-03-20 16:16:55 +00:00
Robbie Harwood
bea8330f52 Document client keytab usage 2020-03-17 15:26:56 -04:00
Robbie Harwood
bef2ba57a2 Update for new rpmlint shenanigans 2020-03-09 15:26:46 -04:00
Robbie Harwood
f6c62d5e63 Refresh manually acquired creds from client keytab 2020-03-03 12:34:50 -05:00
Robbie Harwood
812c07a94f Allow deletion of require_auth with LDAP KDB 2020-02-28 13:35:47 -05:00
Robbie Harwood
0ecf7a0e65 Allow certauth modules to set hw-authent flag 2020-02-27 16:13:51 -05:00
Robbie Harwood
3b6955d99e Fix AS-REQ checking of KDB-modified indicators 2020-02-21 13:16:49 -05:00
Robbie Harwood
48a220a102 Fix missing dist 2020-02-12 17:47:03 -05:00
Robbie Harwood
f287f939a9 New upstream version (1.18) 2020-02-12 22:29:13 +00:00
Robbie Harwood
dd3e136188 Don't assume OpenSSL failures are memory errors 2020-02-07 10:59:57 -05:00
Robbie Harwood
edfb00e001 Put KDB authdata first 2020-02-06 10:17:38 -05:00
Robbie Harwood
8fb4697062 New upstream beta release - 1.18-beta2 
Adjust naming convention for downstream patches
 2020-01-31 20:31:53 +00:00
Fedora Release Engineering
b3d5b8f719 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-01-29 07:50:49 +00:00
Robbie Harwood
7f642b1512 New upstream beta release - 1.18-beta1 2020-01-13 18:19:19 -05:00
Robbie Harwood
84aac1fa6d Fix LDAP policy enforcement of pw_expiration 
Fix handling of invalid CAMMAC service verifier
 2020-01-08 14:07:00 -05:00
Robbie Harwood
2496b50d00 Fix xdr_bytes() strict-aliasing violations 2020-01-06 16:36:41 -05:00
Robbie Harwood
fd463aed6a Don't warn in kadmin when no policy is specified 
Do not always canonicalize enterprise principals
 2020-01-03 11:36:21 -05:00
Robbie Harwood
d6ef09022c Enable the LMDB backend for the KDB 2019-12-13 19:11:07 +00:00
Robbie Harwood
9d642021d7 New upstream version - 1.17.1 
Stop building and packaging PDFs
 2019-12-12 18:42:51 +00:00
Robbie Harwood
4aee4bdd71 Qualify short hostnames when not using DNS 2019-12-06 13:44:42 -05:00
Robbie Harwood
02c0c74c74 Various gssalloc fixes 2019-11-27 12:36:19 -05:00
Robbie Harwood
76d9979dc3 Turns out openssl has an epoch 2019-11-21 22:06:25 +00:00
Robbie Harwood
4c128ec39a Fix runtime openssl version to actually propogate 2019-11-20 23:03:40 +00:00
Robbie Harwood
b9ea889e2a Add runtime openssl version requirement too 2019-11-20 21:13:58 +00:00
Robbie Harwood
4b8056ef08 Fix kadmin addprinc -randkey -kvno 2019-11-20 14:16:04 -05:00
Robbie Harwood
1404656ded Use OpenSSL's backported KDFs 
Restore MD4 in FIPS mode (for samba)
 2019-11-19 14:45:23 -05:00
Robbie Harwood
cbf35c8b1f Add default_principal_flags to example kdc.conf 2019-11-08 20:45:40 +00:00
Robbie Harwood
9ce53b906d Log unknown enctypes as unsupported in KDC 2019-10-02 11:19:07 -04:00
Robbie Harwood
1a6673d2ee Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) 2019-09-25 13:15:11 -04:00
Robbie Harwood
bff738a25d Static analyzer appeasement 2019-09-12 10:15:52 -04:00
Robbie Harwood
6ea5e5fa9a Simplify krb5_dbe_def_search_enctype() 2019-08-27 11:24:25 -04:00
Robbie Harwood
2dabf02464 Update FIPS patches to remove SPAKE 2019-08-22 15:54:34 -04:00
Robbie Harwood
4906d9dae9 Support building in COPR now that %{copr_username} is gone 2019-08-16 12:24:27 -04:00