446760b8bf- fix an unitialized length count which caused the plugin to attempt to read from an uninitialized pointer when reading back salted key which didn't include a non-default salt
Nalin Dahyabhai
2007-05-04 18:06:26 +0000
833ef8ff9f- fix incorrect doc: "ldap_server" refers to what the code expects is "ldap_servers"
Nalin Dahyabhai
2007-05-04 18:05:15 +0000
0067509b68- nope, a not-realm-specific value is only handled in appdefaults
Nalin Dahyabhai
2007-04-13 19:10:43 +0000
1739ef7213- move the default acl_file, dict_file, and admin_keytab settings to the part of the default/example kdc.conf where they'll actually have an effect (#236417)
Nalin Dahyabhai
2007-04-13 19:07:25 +0000
471b4b51f3- add patch to correct unauthorized access via krb5-aware telnet daemon (#229782, CVE-2007-0956) - add patch to fix buffer overflow in krb5kdc and kadmind (#231528, CVE-2007-0957) - add patch to fix double-free in kadmind (#231537, CVE-2007-1216)
Nalin Dahyabhai
2007-04-03 18:46:41 +0000
598e71ffbc- add a couple of ldap-specific data files as documentation, so that admins have the needed schema for their directory servers
Nalin Dahyabhai
2007-04-03 18:43:05 +0000
8c0e02598e- add patch for MITKRB5-SA-2007-002
Nalin Dahyabhai
2007-04-03 18:41:26 +0000
e200cf4e0c- add patch for MITKRB5-SA-2007-001
Nalin Dahyabhai
2007-04-03 18:30:50 +0000
1dc23da208- add patch for MITKRB5-SA-2007-003
Nalin Dahyabhai
2007-04-03 18:14:37 +0000
aece600301whoops, that won't work - can't do core -> extras deps
Nalin Dahyabhai
2007-03-22 20:17:58 +0000
5c8daeafa2- add buildrequires: on keyutils-libs-devel to enable use of keyring ccaches, dragging keyutils-libs in as a dependency for everyone
Nalin Dahyabhai
2007-03-22 19:37:26 +0000
da1eb7f057- add patch to build semi-useful static libraries, but don't apply it unless we need them
Nalin Dahyabhai
2007-02-28 20:35:53 +0000
4aefd50874- make profile.d scriptlets mode 644 instead of 755 (#225974)
Nalin Dahyabhai
2007-02-19 21:28:07 +0000
3299c4b519mock says "no resolv.conf for you!"
Nalin Dahyabhai
2007-01-30 21:21:21 +0000
cb68887273- clean up quoting of command-line arguments passed to the krsh/krlogin wrapper scripts
Nalin Dahyabhai
2007-01-30 21:01:21 +0000
6e6adec726- initial update to 1.6, making the package-split optional - move workstation daemons to a new subpackage (#81836, #216356, #217301), and make the new subpackage require xinetd (#211885) We don't get static libraries any more. Holding off on build until verification that this doesn't kill other things, or until we get them building in a semi-useful way.
Nalin Dahyabhai
2007-01-23 22:14:15 +0000
160a188e65- merge back changes made between fc6 and rawhide to date - somewhere in here we fixed the spelling of James's last name
Nalin Dahyabhai
2007-01-22 21:27:49 +0000
3108b87f72- backport of preauth plugin support from 1.6
Nalin Dahyabhai
2007-01-22 21:24:18 +0000
f3820b972d- preserve timestamps on profile.d shell scriptlets - first cut at making RPM scriptlets failproof for install-info - pull up pre-generated PDF docs so that we don't have multiarch differences due to document IDs, timestamps, and compressed data, - pull up the script to make sure that the PDF matches its source to guard against the package maintainer forgetting to update when we move to a new release
Nalin Dahyabhai
2007-01-22 21:23:54 +0000
a9e6df4ffc- apply fixes from Tom Yu for MITKRB5-SA-2006-002 (CVE-2006-6143) (#218456) - apply fixes from Tom Yu for MITKRB5-SA-2006-003 (CVE-2006-6144) (#218456) Related: #218456
Nalin Dahyabhai
2007-01-09 19:31:40 +0000
3ffdc43878- don't bail from the KDC init script if there's no database, it may be in a different location than the default (fenlason) - remove the [kdc] section from the default krb5.conf -- doesn't seem to have been applicable for a while
Nalin Dahyabhai
2006-10-23 20:23:05 +0000
54faf41556add newlines after new errors
Nalin Dahyabhai
2006-10-18 21:36:40 +0000
74169f4b3c- way-late application of added error info in kadmind.init (#65853)
Nalin Dahyabhai
2006-10-18 16:02:47 +0000
acad7e7e15call autoheader when needed
Nalin Dahyabhai
2006-10-13 21:23:35 +0000
0b70aa4de2- provide docs in PDF format instead of as tex source (Enrico Scholz, #209943)
Nalin Dahyabhai
2006-10-09 16:38:39 +0000
6f6f8aff91- add missing shebang headers to krsh and krlogin wrapper scripts (#209238)
Nalin Dahyabhai
2006-10-04 14:16:41 +0000
ee98daaf74actually bump the release
Nalin Dahyabhai
2006-09-06 20:28:20 +0000
2ad1703afbset SS_LIB at configure-time so that libss-using apps get working readline support (#197044)
Nalin Dahyabhai
2006-09-06 20:28:01 +0000
d859fd0556- switch to the updated patch for MITKRB-SA-2006-001
Nalin Dahyabhai
2006-08-18 16:50:54 +0000
8c4df25456- ensure that the gssapi library's been initialized before walking the internal mechanism list in gss_release_oid(), needed if called from gss_release_name() right after a gss_import_name() (#198092)
Nalin Dahyabhai
2006-08-07 17:52:52 +0000
12232351f7bumped for rebuild
Jesse Keating
2006-07-12 06:43:08 +0000
574f4b1c31finally think all the ducks are lined up
Nalin Dahyabhai
2006-07-06 21:25:26 +0000
28c66f7806- update to 1.5
Nalin Dahyabhai
2006-07-06 15:56:38 +0000
61838d068bSet the default PATH to the one set by login, with the addition of the /usr/X11R6/bin to the end of the list.
Nalin Dahyabhai
2006-07-06 15:50:46 +0000
7b01b2d58cThe version of "rev" in util-linux doesn't work as this script expects it to.
Nalin Dahyabhai
2006-07-06 15:50:10 +0000
efbd8d58ccEnsure that we don't accidentally attempt to use or fclose() a file which we have already fclose()d.
Nalin Dahyabhai
2006-07-06 15:49:31 +0000
2802804a49actually bump the release number
Nalin Dahyabhai
2006-06-23 15:51:41 +0000
a230e5aaed- add buildprereq for autoconf
Nalin Dahyabhai
2006-06-08 21:42:52 +0000
a7215484dc- further munge krb5-config so that 'libdir=/usr/lib' is given even on 64-bit architectures, to avoid multilib conflicts; other changes will conspire to strip out the -L flag which uses this, so it should be harmless (#192692)
Nalin Dahyabhai
2006-05-22 23:04:06 +0000
b3724c4388- adjust the patch which removes the use of rpath to also produce a krb5-config which is okay in multilib environments (#190118) - make the name-of-the-tempfile comment which compile_et adds to error code headers always list the same file to avoid conflicts on multilib installations - strip SIZEOF_LONG out of krb5.h so that it doesn't conflict on multilib boxes - strip GSS_SIZEOF_LONG out of gssapi.h so that it doesn't conflict on mulitlib boxes
Nalin Dahyabhai
2006-05-08 21:47:26 +0000
6944b2e68aChange the release number.
skasal
2006-04-14 11:25:22 +0000
77bf5aa481bump for bug in double-long on ppc(64)
Jesse Keating
2006-02-11 03:49:47 +0000
2118c17c6b- give a little bit more information to the user when kinit gets the catch-all I/O error (#180175)
Nalin Dahyabhai
2006-02-06 20:04:44 +0000
5bf2d7bd12- rebuild properly when pthread_mutexattr_setrobust_np() is defined but not declared, such as with recent glibc when _GNU_SOURCE isn't being used
Nalin Dahyabhai
2006-01-20 00:28:41 +0000
a6fb2997f1Use full paths in krb5.sh to avoid path lookups
Matthias Clasen
2006-01-19 18:05:28 +0000
a3fdad4949note to self
Nalin Dahyabhai
2005-12-02 01:48:17 +0000
f817e39736- login: don't truncate passwords before passing them into crypt(), in case they're significant (#149476)
Nalin Dahyabhai
2005-12-02 01:46:50 +0000
4584045a70- conditionalize installation of the new autoconf macro
Nalin Dahyabhai
2005-11-17 19:23:05 +0000
f54e522bb9- update to 1.4.3 - make ksu setuid again (#137934, others)
Nalin Dahyabhai
2005-11-17 18:43:13 +0000
533afdf392- add an (undocumented, so far) option to set the max_dgram_size default
Nalin Dahyabhai
2005-09-14 23:58:11 +0000
1237c021c7- mark %%{krb5prefix}/man so that files which are packaged within it are flagged as %%doc (#168163)
Nalin Dahyabhai
2005-09-13 20:26:57 +0000
552acc8a70- add an xinetd configuration file for encryption-only telnetd, parallelling the kshell/ekshell pair (#167535)
Nalin Dahyabhai
2005-09-06 14:05:59 +0000
1fcd49e050- change the default configured encryption type for KDC databases to the compiled-in default of des3-hmac-sha1 (#57847)
Nalin Dahyabhai
2005-08-31 19:37:54 +0000
f5b93c728eupdate to 1.4.2
Nalin Dahyabhai
2005-08-11 22:06:35 +0000
80238a2fd8merge fixes for MITKRB5-SA-2005-002 and MITKRB5-SA-2005-003
Nalin Dahyabhai
2005-07-12 18:09:21 +0000
73316152b6- fix double-close in keytab handling - add port of fixes for CAN-2004-0175 to krb5-aware rcp
Nalin Dahyabhai
2005-06-24 20:28:25 +0000
77a40621a2- prevent spurious EBADF in krshd when stdin is closed by the client while the command is running (#151111)
Nalin Dahyabhai
2005-05-13 23:16:55 +0000
ebda005fa9add deadlock patch, removed old patch
Martin Stransky
2005-05-13 11:36:41 +0000
2e8f6b3b97- update to 1.4.1, incorporating fixes for CAN-2005-0468 and CAN-2005-0469 - when starting the KDC or kadmind, if KRB5REALM is set via the /etc/sysconfig file for the service, pass it as an argument for the -r flag
Nalin Dahyabhai
2005-05-06 20:16:06 +0000
9142032a6f- add draft fix from Tom Yu for slc_add_reply() buffer overflow (CAN-2005-0469) - add draft fix from Tom Yu for env_opt_add() buffer overflow (CAN-2005-0468) will need to re-roll if the draft fix isn't the same as the final one *
Nalin Dahyabhai
2005-03-28 18:25:19 +0000
fe186e59d9- don't include <term.h> into the telnet client when we're not using curses
Nalin Dahyabhai
2005-03-16 22:59:54 +0000
d46e1d65be- use libncurses instead of libtermcap for the telnet client, because it provides setupterm(), which we can use instead of the internal version
Nalin Dahyabhai
2005-03-16 00:21:35 +0000
3759eb0dddnote to self: krb5_init_ets disappeared
Nalin Dahyabhai
2005-03-01 00:05:15 +0000
c22df5b059- add config: metatags to the init scripts
Nalin Dahyabhai
2005-02-25 19:20:44 +0000
6cf61960fa- add a doc file
Nalin Dahyabhai
2005-02-24 23:31:35 +0000
708fedd9ea- update to 1.4 - v1.4 kadmin client requires a v1.4 kadmind on the server, or use the "-O" flag to specify that it should communicate with the server using the older protocol - new libkrb5support library - v5passwdd and kadmind4 are gone - versioned symbols - pick up $KRB5KDC_ARGS from /etc/sysconfig/krb5kdc, if it exists, and pass it on to krb5kdc - pick up $KADMIND_ARGS from /etc/sysconfig/kadmin, if it exists, and pass it on to kadmind - pick up $KRB524D_ARGS from /etc/sysconfig/krb524, if it exists, and pass it on to krb524d *instead of* "-m" - set "forwardable" in [libdefaults] in the default krb5.conf to match the default setting which we supply for pam_krb5 - set a default of 24h for "ticket_lifetime" in [libdefaults], reflecting the compiled-in default
Nalin Dahyabhai
2005-02-24 23:16:08 +0000
d402e6c91ause a release number which is not already taken
Nalin Dahyabhai
2004-11-26 17:31:47 +0000
cd44405ec2- bump release to allow tagging of new file
Nalin Dahyabhai
2004-11-26 17:30:12 +0000
f2b2727a44- oops, forgot this one (Martin Stransky)
Nalin Dahyabhai
2004-11-26 17:29:18 +0000
36dc58b327- fix predictable-tempfile-name bug in krb5-send-pr (CAN-2004-0971, #140036) - silence compiler warning in kprop by using an in-memory ccache with a fixed name instead of an on-disk ccache with a name generated by tmpnam()
Nalin Dahyabhai
2004-11-23 05:09:46 +0000
0736a9651e- specify $TMPDIR directly because older mktemp versions didn't support -t, and the script already sets a default TMPDIR earlier
Nalin Dahyabhai
2004-11-23 02:38:51 +0000
cfebff4939- correctly check for errors from gethostbyname_r (#129059)
Nalin Dahyabhai
2004-11-02 00:30:48 +0000
310f94b436- update to 1.3.5, rolling in the last set of advisories
Nalin Dahyabhai
2004-09-13 19:47:24 +0000
6576f38483auto-import changelog data from krb5-1.3.4-7.src.rpm Tue Aug 31 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-7 - rebuild Tue Aug 24 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-6 - rebuild Tue Aug 24 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-5 - incorporate revised fixes from Tom Yu for CAN-2004-0642, CAN-2004-0644, CAN-2004-0772 Mon Aug 23 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-4 - rebuild Mon Aug 23 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-3 - incorporate fixes from Tom Yu for CAN-2004-0642, CAN-2004-0772 (MITKRB5-SA-2004-002, #130732) - incorporate fixes from Tom Yu for CAN-2004-0644 (MITKRB5-SA-2004-003, #130732)
cvsdist
2004-09-09 07:21:49 +0000
347d5c0161auto-import changelog data from krb5-1.3.4-2.src.rpm Tue Jul 27 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-2 - fix indexing error in server sorting patch (#127336)
cvsdist
2004-09-09 07:21:01 +0000
b6c4f1f7b6auto-import changelog data from krb5-1.3.4-1.src.rpm Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com> - rebuilt Mon Jun 14 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-0.1 - update to 1.3.4 final
cvsdist
2004-09-09 07:20:54 +0000
970a8dcb56auto-import changelog data from krb5-1.3.3-8.src.rpm Mon Jun 07 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-8 - rebuild Fri Jun 04 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-7 - rebuild Fri Jun 04 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-6 - apply updated patch from MITKRB5-SA-2004-001 (revision 2004-06-02) Tue Jun 01 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-5 - rebuild Tue Jun 01 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-4 - apply patch from MITKRB5-SA-2004-001 (#125001)
cvsdist
2004-09-09 07:20:43 +0000
d4f2fb9dc3auto-import changelog data from krb5-1.3.3-3.src.rpm Wed May 12 2004 Thomas Woerner <twoerner@redhat.com> 1.3.3-3 - removed rpath Thu Apr 15 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-2 - re-enable large file support, fell out in 1.3-1 - patch rcp to use long long and %lld format specifiers when reporting file sizes on large files
cvsdist
2004-09-09 07:18:32 +0000
7ebd8dc643auto-import changelog data from krb5-1.3.3-1.src.rpm Tue Apr 13 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-1 - update to 1.3.3
cvsdist
2004-09-09 07:17:58 +0000
68d4ec48b7auto-import changelog data from krb5-1.3.2-1.src.rpm Wed Mar 10 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.2-1 - update to 1.3.2 Mon Mar 08 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-12 - rebuild Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com> 1.3.1-11.1 - rebuilt Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com> 1.3.1-11 - rebuilt Mon Feb 09 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-10 - catch krb4 send_to_kdc cases in kdc preference patch Mon Feb 02 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-9 - remove patch to set TERM in klogind which, combined with the upstream fix in 1.3.1, actually produces the bug now (#114762) Mon Jan 19 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-8 - when iterating over lists of interfaces which are "up" from getifaddrs(), skip over those which have no address (#113347) Mon Jan 12 2004 Nalin Dahyabhai <nalin@redhat.com> - prefer the kdc which last replied to a request when sending requests to kdcs
cvsdist
2004-09-09 07:17:04 +0000
dc2fe09903auto-import changelog data from krb5-1.3.1-7.src.rpm Mon Nov 24 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-7 - fix combination of --with-netlib and --enable-dns Tue Nov 18 2003 Nalin Dahyabhai <nalin@redhat.com> - remove libdefault ticket_lifetime option from the default krb5.conf, it is ignored by libkrb5
cvsdist
2004-09-09 07:16:33 +0000
0b77dc9b0bauto-import changelog data from krb5-1.3.1-6.src.rpm Thu Sep 25 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-6 - fix bug in patch to make rlogind start login with a clean environment a la netkit rlogin, spotted and fixed by Scott McClung Tue Sep 23 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-5 - include profile.d scriptlets in krb5-devel so that krb5-config will be in the path, reported by Kir Kolyshkin Mon Sep 08 2003 Nalin Dahyabhai <nalin@redhat.com> - add more etypes (arcfour) to the default enctype list in kdc.conf - don't apply previous patch, refused upstream Fri Sep 05 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-4 - fix 32/64-bit bug storing and retrieving the issue_date in v4 credentials Wed Sep 03 2003 Dan Walsh <dwalsh@redhat.com> 1.3.1-3 - Don't check for write access on /etc/krb5.conf if SELinux Tue Aug 26 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-2 - fixup some int/pointer varargs wackiness Tue Aug 05 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-1 - rebuild Mon Aug 04 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-0 - update to 1.3.1 Thu Jul 24 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3-2 - pull fix for non-compliant encoding of salt field in etype-info2 preauth data from 1.3.1 beta 1, until 1.3.1 is released. Mon Jul 21 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3-1 - update to 1.3 Mon Jul 07 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.8-4 - correctly use stdargs Wed Jun 18 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3-0.beta.4 - test update to 1.3 beta 4 - ditch statglue build option - krb5-devel requires e2fsprogs-devel, which now provides libss and libcom_err Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com> - rebuilt Wed May 21 2003 Jeremy Katz <katzj@redhat.com> 1.2.8-2 - gcc 3.3 doesn't implement varargs.h, include stdarg.h instead Wed Apr 09 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.8-1 - update to 1.2.8
cvsdist
2004-09-09 07:16:22 +0000
f241d93ce5auto-import changelog data from krb5-1.2.7-14.src.rpm Mon Mar 31 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.7-14 - fix double-free of enc_part2 in krb524d
cvsdist
2004-09-09 07:14:47 +0000