The Kerberos network authentication system
Go to file
Julien Rische 08803b1c46 Allow use of larger RADIUS attributes in krad library
In kr_attrset_decode(), explicitly treat the length byte as unsigned.
    Otherwise attributes longer than 125 characters will be rejected with
    EBADMSG.

    Add a 253-character-long NAS-Identifier attribute to the tests to make
    sure that attributes with the maximal number of characters are working
    as expected.

    [ghudson@mit.edu: used uint8_t cast per current practices; edited
    commit message]

    ticket: 9036 (new)

From upstream, needed in preparation for OAuth2 support for FreeIPA and
SSSD.

Resolves: rhbz#2100351

Signed-off-by: Julien Rische <jrische@redhat.com>
2022-06-23 14:48:11 +02:00
tests RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
.gitignore Merged update from upstream sources 2021-02-18 22:21:10 +00:00
Add-APIs-for-marshalling-credentials.patch Port to OpenSSL 3 (alpha 15) 2021-05-19 19:58:33 -04:00
Add-buildsystem-detection-of-the-OpenSSL-3-KDF-inter.patch Sync openssl3 patches with upstream 2021-06-21 13:24:29 -04:00
Add-configure-variable-for-default-PKCS-11-module.patch Use p11-kit as default PKCS11 module 2022-05-03 17:07:12 +02:00
Add-hostname-canonicalization-helper-to-k5test.py.patch Port to OpenSSL 3 (alpha 15) 2021-05-19 19:58:33 -04:00
Add-KCM_OP_GET_CRED_LIST-for-faster-iteration.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Allow-kinit-with-keytab-to-defer-canonicalization.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
downstream-Allow-krad-UDP-TCP-localhost-connection-with-FIPS.patch Fix OpenSSL 3 MD5 encryption in FIPS mode 2022-05-25 11:49:51 +02:00
downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch Fix OpenSSL 3 MD5 encryption in FIPS mode 2022-05-25 11:49:51 +02:00
downstream-fix-debuginfo-with-y.tab.c.patch Merged update from upstream sources 2021-02-18 22:21:10 +00:00
downstream-ksu-pam-integration.patch Merged update from upstream sources 2021-02-18 22:21:10 +00:00
downstream-netlib-and-dns.patch Merged update from upstream sources 2021-02-18 22:21:10 +00:00
downstream-Remove-3des-support.patch Merged update from upstream sources 2021-02-18 22:21:10 +00:00
downstream-SELinux-integration.patch Merged update from upstream sources 2021-02-18 22:21:10 +00:00
downstream-Use-newly-enforced-dejagnu-path-naming-convention.patch Fix global dejagnu test suite 2022-04-11 12:03:13 +02:00
Fix-k5tls-module-for-OpenSSL-3.patch Sync openssl3 patches with upstream 2021-06-21 13:24:29 -04:00
Fix-kadmin-k-with-fallback-or-referral-realm.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Fix-KCM-flag-transmission-for-remove_cred.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Fix-KCM-retrieval-support-for-sssd.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Fix-KDC-null-deref-on-bad-encrypted-challenge.patch Fix KDC null deref on bad encrypted challenge (CVE-2021-36222) 2021-07-20 14:51:15 -04:00
Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch Fix KDC null deref on TGS inner body null server (CVE-2021-37750) 2021-10-20 17:08:04 +02:00
Fix-softpkcs11-build-issues-with-openssl-3.0.patch Sync openssl3 patches with upstream 2021-06-21 13:24:29 -04:00
Fix-some-principal-realm-canonicalization-cases.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
gating.yaml Add gating definition for RHEL 9 2021-06-11 13:08:52 +00:00
Handle-OpenSSL-3-s-providers.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
kadm5.acl RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
kadmin.service RHEL 9.0.0 Alpha bootstrap 2020-11-18 09:51:25 -08:00
kadmin.sysconfig RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
kadmind.logrotate RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
kdc.conf RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
kprop.service RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
kprop.sysconfig RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
krb5-krad-larger-attrs.patch Allow use of larger RADIUS attributes in krad library 2022-06-23 14:48:11 +02:00
krb5-krad-remote.patch Fix libkrad client cleanup code 2022-06-23 14:47:18 +02:00
krb5-krb5kdc.conf RHEL 9.0.0 Alpha bootstrap 2020-11-18 09:51:25 -08:00
krb5.conf RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
krb5.rpmlintrc RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
krb5.spec Allow use of larger RADIUS attributes in krad library 2022-06-23 14:48:11 +02:00
krb5kdc.logrotate RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
krb5kdc.service RHEL 9.0.0 Alpha bootstrap 2020-11-18 09:51:25 -08:00
krb5kdc.sysconfig RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
ksu.pamd RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
Make-KCM-iteration-fallback-work-with-sssd-kcm.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Move-some-dejagnu-kadmin-tests-to-Python-tests.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Remove-deprecated-OpenSSL-calls-from-softpkcs11.patch Sync openssl3 patches with upstream 2021-06-21 13:24:29 -04:00
rpminspect.yaml Add rpminspect and clean up mass rebuild mess 2021-06-17 18:55:14 -04:00
sources Merged update from upstream sources 2021-02-18 22:21:10 +00:00
Support-host-based-GSS-initiator-names.patch Port to OpenSSL 3 (alpha 15) 2021-05-19 19:58:33 -04:00
Try-harder-to-avoid-password-change-replay-errors.patch Try harder to avoid password change replay errors 2022-04-26 15:32:34 +02:00
Use-KCM_OP_RETRIEVE-in-KCM-client.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Use-OpenSSL-s-KBKDF-and-KRB5KDF-for-deriving-long-te.patch Do not block KRB5KDF and MD4/5 in FIPS mode 2022-02-28 14:19:37 +01:00
Use-OpenSSL-s-SSKDF-in-PKINIT-when-available.patch Sync openssl3 patches with upstream 2021-06-21 13:24:29 -04:00
Use-SHA256-instead-of-SHA1-for-PKINIT-CMS-digest.patch Use SHA-256 instead of SHA-1 for PKINIT CMS digest 2022-03-16 17:49:06 +01:00