2006-12-19 00:16:52 +01:00
|
|
|
#
|
2007-07-13 17:58:15 +02:00
|
|
|
# spec file for package krb5 (Version 1.6.2)
|
2006-12-19 00:16:52 +01:00
|
|
|
#
|
2007-01-04 01:57:59 +01:00
|
|
|
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
2006-12-19 00:16:52 +01:00
|
|
|
# This file and all modifications and additions to the pristine
|
|
|
|
# package are under the same license as the package itself.
|
|
|
|
#
|
|
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
|
|
#
|
|
|
|
|
|
|
|
# norootforbuild
|
|
|
|
|
|
|
|
Name: krb5
|
2007-07-13 17:58:15 +02:00
|
|
|
Version: 1.6.2
|
2007-09-13 18:47:35 +02:00
|
|
|
Release: 18
|
2007-07-05 18:29:09 +02:00
|
|
|
BuildRequires: bison libcom_err-devel ncurses-devel
|
2007-01-26 17:41:59 +01:00
|
|
|
%if %{suse_version} > 1010
|
|
|
|
BuildRequires: keyutils keyutils-devel
|
|
|
|
%endif
|
2007-07-13 17:58:15 +02:00
|
|
|
%define srcRoot krb5-1.6.2
|
2006-12-19 00:16:52 +01:00
|
|
|
%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
|
|
|
|
%define krb5docdir %{_defaultdocdir}/%{name}
|
|
|
|
Provides: heimdal-lib
|
|
|
|
Obsoletes: heimdal-lib
|
|
|
|
Summary: MIT Kerberos5 Implementation--Libraries
|
|
|
|
License: X11/MIT
|
|
|
|
URL: http://web.mit.edu/kerberos/www/
|
|
|
|
Group: Productivity/Networking/Security
|
2007-07-13 17:58:15 +02:00
|
|
|
Source: krb5-1.6.2.tar.bz2
|
2006-12-19 00:16:52 +01:00
|
|
|
Source1: vendor-files.tar.bz2
|
|
|
|
Source2: README.Source
|
|
|
|
Source3: spx.c
|
|
|
|
Source4: EncryptWithMasterKey.c
|
2007-07-13 17:58:15 +02:00
|
|
|
Source5: krb5-1.6.1-rpmlintrc
|
2006-12-19 00:16:52 +01:00
|
|
|
Patch1: krb5-1.5.1-fix-too-few-arguments.dif
|
2007-04-17 00:35:48 +02:00
|
|
|
Patch2: krb5-1.6.1-compile_pie.dif
|
2006-12-19 00:16:52 +01:00
|
|
|
Patch3: krb5-1.4-fix-segfault.dif
|
2007-08-09 20:01:33 +02:00
|
|
|
Patch4: krb5-1.6.2-post.dif
|
2006-12-19 00:16:52 +01:00
|
|
|
Patch6: trunk-EncryptWithMasterKey.dif
|
|
|
|
Patch14: warning-fix-lib-crypto-des.dif
|
|
|
|
Patch15: warning-fix-lib-crypto-dk.dif
|
|
|
|
Patch16: warning-fix-lib-crypto.dif
|
|
|
|
Patch17: warning-fix-lib-crypto-enc_provider.dif
|
|
|
|
Patch18: warning-fix-lib-crypto-yarrow_arcfour.dif
|
|
|
|
Patch20: kprop-use-mkstemp.dif
|
|
|
|
Patch21: krb5-1.5.1-fix-var-used-before-value-set.dif
|
2007-01-26 17:41:59 +01:00
|
|
|
Patch22: krb5-1.5.1-fix-ftp-var-used-uninitialized.dif
|
|
|
|
#Patch23: trunk-install-preauth-header.dif
|
2007-02-02 14:20:45 +01:00
|
|
|
Patch24: krb5-1.5.1-fix-strncat-warning.dif
|
2007-05-11 10:36:44 +02:00
|
|
|
Patch25: krb5-1.6.1-init-salt-length.dif
|
|
|
|
Patch26: krb5-1.4.3-extra-check-kt_file.c.dif
|
2007-09-13 18:47:35 +02:00
|
|
|
Patch27: krb5-MITKRB5-SA-2007-006-fix-execute-code-2.dif
|
2006-12-19 00:16:52 +01:00
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
|
|
PreReq: mktemp, grep, /bin/touch
|
|
|
|
|
|
|
|
%description
|
|
|
|
Kerberos V5 is a trusted-third-party network authentication system,
|
|
|
|
which can improve your network's security by eliminating the insecure
|
|
|
|
practice of clear text passwords.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors:
|
|
|
|
--------
|
|
|
|
The MIT Kerberos Team
|
|
|
|
Sam Hartman <hartmans@mit.edu>
|
|
|
|
Ken Raeburn <raeburn@mit.edu>
|
|
|
|
Tom Yu <tlyu@mit.edu>
|
|
|
|
|
|
|
|
%package client
|
2007-06-15 00:26:00 +02:00
|
|
|
Summary: MIT Kerberos5 implementation - client programs
|
2006-12-19 00:16:52 +01:00
|
|
|
Group: Productivity/Networking/Security
|
|
|
|
Provides: heimdal-tools, heimdal-x11
|
|
|
|
Obsoletes: heimdal-tools, heimdal-x11
|
|
|
|
|
|
|
|
%description client
|
|
|
|
Kerberos V5 is a trusted-third-party network authentication system,
|
|
|
|
which can improve your network's security by eliminating the insecure
|
|
|
|
practice of cleartext passwords. This package includes some required
|
|
|
|
client programs, like kinit, kadmin, ...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors:
|
|
|
|
--------
|
|
|
|
The MIT Kerberos Team
|
|
|
|
Sam Hartman <hartmans@mit.edu>
|
|
|
|
Ken Raeburn <raeburn@mit.edu>
|
|
|
|
Tom Yu <tlyu@mit.edu>
|
|
|
|
|
|
|
|
%package server
|
|
|
|
Summary: MIT Kerberos5 implementation - server
|
|
|
|
Group: Productivity/Networking/Security
|
|
|
|
Provides: heimdal
|
|
|
|
Obsoletes: heimdal
|
|
|
|
Requires: perl-Date-Calc
|
|
|
|
PreReq: %insserv_prereq %fillup_prereq
|
|
|
|
|
|
|
|
%description server
|
|
|
|
Kerberos V5 is a trusted-third-party network authentication system,
|
|
|
|
which can improve your network's security by eliminating the insecure
|
|
|
|
practice of cleartext passwords. This package includes the kdc, kadmind
|
|
|
|
and more.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors:
|
|
|
|
--------
|
|
|
|
The MIT Kerberos Team
|
|
|
|
Sam Hartman <hartmans@mit.edu>
|
|
|
|
Ken Raeburn <raeburn@mit.edu>
|
|
|
|
Tom Yu <tlyu@mit.edu>
|
|
|
|
|
|
|
|
%package devel
|
|
|
|
Summary: MIT Kerberos5 - Include Files and Libraries
|
|
|
|
Group: Development/Libraries/C and C++
|
|
|
|
PreReq: %{name} = %{version}
|
2007-07-05 18:29:09 +02:00
|
|
|
Requires: libcom_err-devel
|
2007-01-26 17:41:59 +01:00
|
|
|
%if %{suse_version} > 1010
|
|
|
|
Requires: keyutils-devel
|
|
|
|
%endif
|
2006-12-19 00:16:52 +01:00
|
|
|
Provides: heimdal-tools-devel, heimdal-devel
|
|
|
|
Obsoletes: heimdal-tools-devel, heimdal-devel
|
|
|
|
|
|
|
|
%description devel
|
|
|
|
Kerberos V5 is a trusted-third-party network authentication system,
|
|
|
|
which can improve your network's security by eliminating the insecure
|
|
|
|
practice of cleartext passwords. This package includes Libraries and
|
|
|
|
Include Files for Development
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors:
|
|
|
|
--------
|
|
|
|
The MIT Kerberos Team
|
|
|
|
Sam Hartman <hartmans@mit.edu>
|
|
|
|
Ken Raeburn <raeburn@mit.edu>
|
|
|
|
Tom Yu <tlyu@mit.edu>
|
|
|
|
|
|
|
|
%package apps-servers
|
|
|
|
Summary: MIT Kerberos5 server applications
|
|
|
|
Group: Productivity/Networking/Security
|
|
|
|
|
|
|
|
%description apps-servers
|
|
|
|
Kerberos V5 is a trusted-third-party network authentication system,
|
|
|
|
which can improve your network's security by eliminating the insecure
|
|
|
|
practice of cleartext passwords. This package includes some kerberos
|
|
|
|
compatible server applications like ftpd, klogind, telnetd, ...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors:
|
|
|
|
--------
|
|
|
|
The MIT Kerberos Team
|
|
|
|
Sam Hartman <hartmans@mit.edu>
|
|
|
|
Ken Raeburn <raeburn@mit.edu>
|
|
|
|
Tom Yu <tlyu@mit.edu>
|
|
|
|
|
|
|
|
%package apps-clients
|
|
|
|
Summary: MIT Kerberos5 client applications
|
|
|
|
Group: Productivity/Networking/Security
|
|
|
|
|
|
|
|
%description apps-clients
|
|
|
|
Kerberos V5 is a trusted-third-party network authentication system,
|
|
|
|
which can improve your network's security by eliminating the insecure
|
|
|
|
practice of cleartext passwords. This package includes some kerberos
|
|
|
|
compatible client applications like ftp, rpc, rlogin, telnet, ...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors:
|
|
|
|
--------
|
|
|
|
The MIT Kerberos Team
|
|
|
|
Sam Hartman <hartmans@mit.edu>
|
|
|
|
Ken Raeburn <raeburn@mit.edu>
|
|
|
|
Tom Yu <tlyu@mit.edu>
|
|
|
|
|
|
|
|
%prep
|
|
|
|
%setup -q -n %{srcRoot}
|
|
|
|
%setup -a 1 -T -D -n %{srcRoot}
|
|
|
|
if [ -e %{_builddir}/%{srcRoot}/src/appl/telnet/libtelnet/spx.c ]
|
|
|
|
then
|
|
|
|
echo "spx.c contains potential legal risks."
|
|
|
|
exit 1;
|
|
|
|
else
|
|
|
|
cp %{_sourcedir}/spx.c %{_builddir}/%{srcRoot}/src/appl/telnet/libtelnet/spx.c
|
|
|
|
fi
|
|
|
|
%patch1
|
|
|
|
%patch2
|
|
|
|
%patch3
|
2007-08-09 20:01:33 +02:00
|
|
|
%patch4
|
2006-12-19 00:16:52 +01:00
|
|
|
%patch6
|
|
|
|
%patch14
|
|
|
|
%patch15
|
|
|
|
%patch16
|
|
|
|
%patch17
|
|
|
|
%patch18
|
|
|
|
%patch20
|
|
|
|
%patch21
|
|
|
|
%patch22
|
2007-01-26 17:41:59 +01:00
|
|
|
#%patch23
|
|
|
|
%patch24
|
2007-05-11 10:36:44 +02:00
|
|
|
%patch25
|
|
|
|
%patch26
|
2007-09-13 18:47:35 +02:00
|
|
|
%patch27
|
2006-12-19 00:16:52 +01:00
|
|
|
cp %{_sourcedir}/EncryptWithMasterKey.c %{_builddir}/%{srcRoot}/src/kadmin/dbutil/EncryptWithMasterKey.c
|
|
|
|
|
|
|
|
%build
|
|
|
|
cd src
|
|
|
|
%{?suse_update_config:%{suse_update_config -f}}
|
|
|
|
./util/reconf
|
2007-04-17 00:35:48 +02:00
|
|
|
CFLAGS="$RPM_OPT_FLAGS -I/usr/include/et -fno-strict-aliasing -D_GNU_SOURCE -fPIC " \
|
2006-12-19 00:16:52 +01:00
|
|
|
./configure \
|
|
|
|
--prefix=/usr/lib/mit \
|
|
|
|
--sysconfdir=%{_sysconfdir} \
|
|
|
|
--mandir=%{_mandir} \
|
|
|
|
--infodir=%{_infodir} \
|
|
|
|
--libexecdir=/usr/lib/mit/sbin \
|
|
|
|
--libdir=%{_libdir} \
|
|
|
|
--includedir=%{_includedir} \
|
|
|
|
--localstatedir=%{_localstatedir}/lib/kerberos \
|
|
|
|
--enable-shared \
|
|
|
|
--disable-static \
|
|
|
|
--enable-kdc-replay-cache \
|
|
|
|
--enable-dns-for-realm \
|
|
|
|
--with-system-et \
|
|
|
|
--with-system-ss
|
|
|
|
make %{?jobs:-j%jobs}
|
|
|
|
#make check
|
|
|
|
|
|
|
|
%install
|
|
|
|
rm -rf %{buildroot}
|
|
|
|
cd src
|
|
|
|
make DESTDIR=%{buildroot} install
|
|
|
|
cd ..
|
|
|
|
# install sample config files
|
|
|
|
# I'll probably do something about this later on
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir} %{buildroot}%{_localstatedir}/lib/kerberos/krb5kdc
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}
|
|
|
|
mkdir -p %{buildroot}/etc/profile.d/
|
|
|
|
mkdir -p %{buildroot}/var/log/krb5
|
2007-03-05 15:26:29 +01:00
|
|
|
mkdir -p %{buildroot}/etc/sysconfig/SuSEfirewall2.d/services/
|
2007-04-20 01:22:05 +02:00
|
|
|
# create plugin directories
|
|
|
|
mkdir -p %{buildroot}/%{_libdir}/krb5/plugins/kdb
|
|
|
|
mkdir -p %{buildroot}/%{_libdir}/krb5/plugins/preauth
|
|
|
|
mkdir -p %{buildroot}/%{_libdir}/krb5/plugins/libkrb5
|
2006-12-19 00:16:52 +01:00
|
|
|
install -m 644 %{vendorFiles}/krb5.conf %{buildroot}%{_sysconfdir}
|
|
|
|
install -m 600 %{vendorFiles}/kdc.conf %{buildroot}%{_localstatedir}/lib/kerberos/krb5kdc/
|
|
|
|
install -m 600 %{vendorFiles}/kadm5.acl %{buildroot}%{_localstatedir}/lib/kerberos/krb5kdc/
|
|
|
|
install -m 600 %{vendorFiles}/kadm5.dict %{buildroot}%{_localstatedir}/lib/kerberos/krb5kdc/
|
|
|
|
install -m 644 %{vendorFiles}/krb5.csh.profile %{buildroot}/etc/profile.d/krb5.csh
|
|
|
|
install -m 644 %{vendorFiles}/krb5.sh.profile %{buildroot}/etc/profile.d/krb5.sh
|
2007-03-05 15:26:29 +01:00
|
|
|
install -m 644 %{vendorFiles}/SuSEFirewall.kdc %{buildroot}/etc/sysconfig/SuSEfirewall2.d/services/kdc
|
|
|
|
install -m 644 %{vendorFiles}/SuSEFirewall.kadmind %{buildroot}/etc/sysconfig/SuSEfirewall2.d/services/kadmind
|
2006-12-19 00:16:52 +01:00
|
|
|
for n in ftpd.8 telnetd.8; do
|
|
|
|
mv %{buildroot}%{_mandir}/man8/${n} %{buildroot}%{_mandir}/man8/k${n}
|
|
|
|
done
|
|
|
|
for n in ftp.1 rlogin.1 rcp.1 rsh.1 telnet.1; do
|
|
|
|
mv %{buildroot}%{_mandir}/man1/${n} %{buildroot}%{_mandir}/man1/k${n}
|
|
|
|
done
|
|
|
|
# all libs must have permissions 0755
|
|
|
|
for lib in `find %{buildroot}/%{_libdir}/ -type f -name "*.so*"`
|
|
|
|
do
|
|
|
|
chmod 0755 ${lib}
|
|
|
|
done
|
2007-06-15 00:30:00 +02:00
|
|
|
# and binaries too
|
|
|
|
chmod 0755 %{buildroot}/usr/lib/mit/bin/v4rcp
|
|
|
|
chmod 0755 %{buildroot}/usr/lib/mit/bin/ksu
|
2006-12-19 00:16:52 +01:00
|
|
|
# install init scripts
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/init.d
|
|
|
|
install -m 755 %{vendorFiles}/kadmind.init %{buildroot}%{_sysconfdir}/init.d/kadmind
|
|
|
|
install -m 755 %{vendorFiles}/krb5kdc.init %{buildroot}%{_sysconfdir}/init.d/krb5kdc
|
|
|
|
install -m 755 %{vendorFiles}/kpropd.init %{buildroot}%{_sysconfdir}/init.d/kpropd
|
|
|
|
install -m 755 %{vendorFiles}/krb524d.init %{buildroot}%{_sysconfdir}/init.d/krb524d
|
|
|
|
# install xinetd files
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/xinetd.d
|
|
|
|
install -m 644 %{vendorFiles}/klogin.xinetd %{buildroot}%{_sysconfdir}/xinetd.d/klogin
|
|
|
|
install -m 644 %{vendorFiles}/krb5-telnet.xinetd %{buildroot}%{_sysconfdir}/xinetd.d/ktelnet
|
|
|
|
install -m 644 %{vendorFiles}/kshell.xinetd %{buildroot}%{_sysconfdir}/xinetd.d/kshell
|
|
|
|
# install logrotate files
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
|
2007-06-15 00:26:00 +02:00
|
|
|
install -m 644 %{vendorFiles}/krb5-server.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/krb5-server
|
2006-12-19 00:16:52 +01:00
|
|
|
find . -type f -name '*.ps' -exec gzip -9 {} \;
|
|
|
|
# create rc* links
|
|
|
|
mkdir -p %{buildroot}/usr/bin/
|
|
|
|
ln -sf ../../etc/init.d/kadmind %{buildroot}/usr/bin/rckadmind
|
|
|
|
ln -sf ../../etc/init.d/krb5kdc %{buildroot}/usr/bin/rckrb5kdc
|
|
|
|
ln -sf ../../etc/init.d/kpropd %{buildroot}/usr/bin/rckpropd
|
|
|
|
ln -sf ../../etc/init.d/krb524d %{buildroot}/usr/bin/rckrb524d
|
|
|
|
# create links for kinit and klist, because of the java ones
|
|
|
|
ln -sf ../../usr/lib/mit/bin/kinit %{buildroot}/usr/bin/kinit
|
|
|
|
ln -sf ../../usr/lib/mit/bin/klist %{buildroot}/usr/bin/klist
|
2007-06-15 00:26:00 +02:00
|
|
|
# install helper scripts
|
|
|
|
install -d -m 755 %{buildroot}/usr/lib/mit/helper
|
|
|
|
install -m 744 %{vendorFiles}/heimdal2mit-DumpConvert.pl %{buildroot}/usr/lib/mit/helper/heimdal2mit-DumpConvert.pl
|
|
|
|
install -m 744 %{vendorFiles}/simple_convert_krb5conf.pl %{buildroot}/usr/lib/mit/helper/simple_convert_krb5conf.pl
|
2006-12-19 00:16:52 +01:00
|
|
|
# install doc
|
|
|
|
install -d -m 755 %{buildroot}/%{krb5docdir}
|
|
|
|
install -m 644 %{vendorFiles}/README.ConvertHeimdalMIT %{buildroot}/%{krb5docdir}/README.ConvertHeimdalMIT
|
|
|
|
install -m 644 %{_builddir}/%{srcRoot}/README %{buildroot}/%{krb5docdir}/README
|
|
|
|
# cleanup
|
|
|
|
rm -f %{buildroot}/usr/share/man/man1/tmac.doc*
|
|
|
|
rm -f /usr/share/man/man1/tmac.doc*
|
|
|
|
rm -rf /usr/lib/mit/share
|
|
|
|
rm -rf %{buildroot}/usr/lib/mit/share
|
|
|
|
#####################################################
|
|
|
|
# krb5 pre/post/postun
|
|
|
|
#####################################################
|
|
|
|
|
|
|
|
%pre
|
|
|
|
# test update from heimdal-lib
|
|
|
|
if `ls usr/lib/libotp.so* 2>/dev/null 1>/dev/null`
|
|
|
|
then
|
|
|
|
# we update from heimdal
|
|
|
|
echo "backup /etc/krb5.conf to /etc/krb5.conf.heimdal"
|
|
|
|
mv etc/krb5.conf etc/krb5.conf.heimdal
|
|
|
|
touch var/adm/fillup-templates/heimdal-update
|
|
|
|
if [ -e etc/krb5.keytab ]
|
|
|
|
then
|
|
|
|
echo "backup /etc/krb5.keytab to /etc/krb5.keytab.heimdal"
|
|
|
|
mv etc/krb5.keytab etc/krb5.keytab.heimdal
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
%post
|
|
|
|
%run_ldconfig
|
|
|
|
if [ -e var/adm/fillup-templates/heimdal-update ]
|
|
|
|
then
|
2007-06-15 00:26:00 +02:00
|
|
|
/usr/lib/mit/helper/simple_convert_krb5conf.pl
|
2006-12-19 00:16:52 +01:00
|
|
|
rm -f /var/adm/fillup-templates/heimdal-update
|
|
|
|
fi
|
|
|
|
if [ ! -e etc/krb5.conf -a -e etc/krb5.conf.rpmnew ]
|
|
|
|
then
|
|
|
|
echo "moving /etc/krb5.conf.rpmnew to /etc/krb5.conf"
|
|
|
|
mv etc/krb5.conf.rpmnew etc/krb5.conf
|
|
|
|
fi
|
|
|
|
|
|
|
|
%postun
|
|
|
|
%run_ldconfig
|
|
|
|
#####################################################
|
|
|
|
# krb5-server preun/postun
|
|
|
|
#####################################################
|
|
|
|
|
|
|
|
%preun server
|
|
|
|
%stop_on_removal krb5kdc kadmind kpropd krb524d
|
|
|
|
|
|
|
|
%postun server
|
|
|
|
%restart_on_update krb5kdc kadmind kpropd krb524d
|
|
|
|
%{insserv_cleanup}
|
|
|
|
|
|
|
|
%clean
|
|
|
|
rm -rf %{buildroot}
|
|
|
|
########################################################
|
|
|
|
# files sections
|
|
|
|
########################################################
|
|
|
|
|
|
|
|
%files
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%dir %{krb5docdir}
|
2007-04-20 01:22:05 +02:00
|
|
|
# add plugin directories
|
|
|
|
%dir %{_libdir}/krb5
|
|
|
|
%dir %{_libdir}/krb5/plugins
|
|
|
|
%dir %{_libdir}/krb5/plugins/kdb
|
|
|
|
%dir %{_libdir}/krb5/plugins/preauth
|
|
|
|
%dir %{_libdir}/krb5/plugins/libkrb5
|
2007-06-15 00:26:00 +02:00
|
|
|
%dir /usr/lib/mit/helper
|
2007-04-20 01:22:05 +02:00
|
|
|
# add log directory
|
2006-12-19 00:16:52 +01:00
|
|
|
%attr(0700,root,root) %dir /var/log/krb5
|
|
|
|
%doc %{krb5docdir}/README
|
2007-06-15 00:26:00 +02:00
|
|
|
/usr/lib/mit/helper/simple_convert_krb5conf.pl
|
2006-12-19 00:16:52 +01:00
|
|
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/krb5.conf
|
|
|
|
%attr(0644,root,root) %config /etc/profile.d/krb5*
|
|
|
|
%{_libdir}/lib*.so.*
|
|
|
|
%{_libdir}/libgssapi_krb5.so
|
|
|
|
|
|
|
|
%files server
|
|
|
|
%defattr(-,root,root)
|
2007-06-15 00:26:00 +02:00
|
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/krb5-server
|
2006-12-19 00:16:52 +01:00
|
|
|
%{_sysconfdir}/init.d/kadmind
|
|
|
|
%{_sysconfdir}/init.d/krb5kdc
|
|
|
|
%{_sysconfdir}/init.d/kpropd
|
|
|
|
%{_sysconfdir}/init.d/krb524d
|
|
|
|
%dir %{krb5docdir}
|
|
|
|
%dir /usr/lib/mit
|
|
|
|
%dir /usr/lib/mit/sbin
|
2007-06-15 00:26:00 +02:00
|
|
|
%dir /usr/lib/mit/helper
|
2006-12-19 00:16:52 +01:00
|
|
|
%dir %{_localstatedir}/lib/kerberos/
|
|
|
|
%dir %{_localstatedir}/lib/kerberos/krb5kdc
|
|
|
|
%dir %{_libdir}/krb5
|
|
|
|
%dir %{_libdir}/krb5/plugins
|
|
|
|
%dir %{_libdir}/krb5/plugins/kdb
|
|
|
|
%doc %{krb5docdir}/README.ConvertHeimdalMIT
|
|
|
|
%attr(0600,root,root) %config(noreplace) %{_localstatedir}/lib/kerberos/krb5kdc/kdc.conf
|
|
|
|
%attr(0600,root,root) %config(noreplace) %{_localstatedir}/lib/kerberos/krb5kdc/kadm5.acl
|
|
|
|
%attr(0600,root,root) %config(noreplace) %{_localstatedir}/lib/kerberos/krb5kdc/kadm5.dict
|
|
|
|
/usr/bin/rc*
|
|
|
|
/usr/lib/mit/sbin/kadmin.local
|
|
|
|
/usr/lib/mit/sbin/kadmind
|
|
|
|
/usr/lib/mit/sbin/kpropd
|
|
|
|
/usr/lib/mit/sbin/kprop
|
|
|
|
/usr/lib/mit/sbin/kdb5_util
|
|
|
|
/usr/lib/mit/sbin/krb5kdc
|
|
|
|
/usr/lib/mit/sbin/krb524d
|
|
|
|
/usr/lib/mit/sbin/EncryptWithMasterKey
|
2007-06-15 00:26:00 +02:00
|
|
|
/usr/lib/mit/helper/heimdal2mit-DumpConvert.pl
|
2006-12-19 00:16:52 +01:00
|
|
|
%{_libdir}/krb5/plugins/kdb/*.so
|
|
|
|
%{_mandir}/man5/kdc.conf.5*
|
|
|
|
%{_mandir}/man8/kadmind.8*
|
|
|
|
%{_mandir}/man8/kadmin.local.8*
|
|
|
|
%{_mandir}/man8/kpropd.8*
|
|
|
|
%{_mandir}/man8/kprop.8*
|
|
|
|
%{_mandir}/man8/kdb5_util.8*
|
|
|
|
%{_mandir}/man8/krb5kdc.8*
|
|
|
|
%{_mandir}/man8/krb524d.8*
|
2007-03-05 15:26:29 +01:00
|
|
|
/etc/sysconfig/SuSEfirewall2.d/services/k*
|
2006-12-19 00:16:52 +01:00
|
|
|
|
|
|
|
%files client
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%dir /usr/lib/mit
|
|
|
|
%dir /usr/lib/mit/bin
|
|
|
|
%dir /usr/lib/mit/sbin
|
|
|
|
/usr/lib/mit/bin/kvno
|
|
|
|
/usr/lib/mit/bin/kinit
|
|
|
|
/usr/lib/mit/bin/kdestroy
|
|
|
|
/usr/lib/mit/bin/kpasswd
|
|
|
|
/usr/lib/mit/bin/klist
|
|
|
|
/usr/lib/mit/bin/krb524init
|
|
|
|
/usr/lib/mit/sbin/kadmin
|
|
|
|
/usr/lib/mit/sbin/ktutil
|
|
|
|
/usr/lib/mit/sbin/k5srvutil
|
|
|
|
/usr/bin/kinit
|
|
|
|
/usr/bin/klist
|
|
|
|
%{_mandir}/man1/kvno.1*
|
|
|
|
%{_mandir}/man1/kinit.1*
|
|
|
|
%{_mandir}/man1/krb524init.1*
|
|
|
|
%{_mandir}/man1/kdestroy.1*
|
|
|
|
%{_mandir}/man1/kpasswd.1*
|
|
|
|
%{_mandir}/man1/klist.1*
|
|
|
|
%{_mandir}/man1/kerberos.1*
|
2007-01-26 17:41:59 +01:00
|
|
|
%{_mandir}/man5/krb5.conf.5*
|
|
|
|
%{_mandir}/man5/.k5login.5*
|
2006-12-19 00:16:52 +01:00
|
|
|
%{_mandir}/man8/kadmin.8*
|
|
|
|
%{_mandir}/man8/ktutil.8*
|
|
|
|
%{_mandir}/man8/k5srvutil.8*
|
|
|
|
|
|
|
|
%files apps-servers
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%config(noreplace) %{_sysconfdir}/xinetd.d/klogin
|
|
|
|
%config(noreplace) %{_sysconfdir}/xinetd.d/kshell
|
|
|
|
%config(noreplace) %{_sysconfdir}/xinetd.d/ktelnet
|
|
|
|
%dir /usr/lib/mit
|
|
|
|
%dir /usr/lib/mit/sbin
|
|
|
|
/usr/lib/mit/sbin/ftpd
|
|
|
|
/usr/lib/mit/sbin/klogind
|
|
|
|
/usr/lib/mit/sbin/kshd
|
|
|
|
/usr/lib/mit/sbin/telnetd
|
|
|
|
/usr/lib/mit/sbin/uuserver
|
2007-02-19 21:42:34 +01:00
|
|
|
/usr/lib/mit/sbin/sserver
|
|
|
|
/usr/lib/mit/sbin/gss-server
|
|
|
|
/usr/lib/mit/sbin/sim_server
|
|
|
|
/usr/lib/mit/sbin/login.krb5
|
2006-12-19 00:16:52 +01:00
|
|
|
%{_mandir}/man8/kftpd.8*
|
|
|
|
%{_mandir}/man8/klogind.8*
|
|
|
|
%{_mandir}/man8/kshd.8*
|
|
|
|
%{_mandir}/man8/ktelnetd.8*
|
2007-02-19 21:42:34 +01:00
|
|
|
%{_mandir}/man8/sserver.8*
|
|
|
|
%{_mandir}/man8/login.krb5.8*
|
2006-12-19 00:16:52 +01:00
|
|
|
|
|
|
|
%files apps-clients
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%dir /usr/lib/mit
|
|
|
|
%dir /usr/lib/mit/bin
|
|
|
|
/usr/lib/mit/bin/ftp
|
|
|
|
/usr/lib/mit/bin/rlogin
|
|
|
|
# removed SUID bit, we will rely on su + pam_krb
|
|
|
|
%attr(0755,root,root) /usr/lib/mit/bin/ksu
|
|
|
|
/usr/lib/mit/bin/rcp
|
|
|
|
/usr/lib/mit/bin/rsh
|
|
|
|
/usr/lib/mit/bin/telnet
|
|
|
|
/usr/lib/mit/bin/uuclient
|
2007-02-19 21:42:34 +01:00
|
|
|
/usr/lib/mit/bin/sclient
|
|
|
|
/usr/lib/mit/bin/gss-client
|
|
|
|
/usr/lib/mit/bin/sim_client
|
2006-12-19 00:16:52 +01:00
|
|
|
# removed SUID bit
|
|
|
|
%attr(0755,root,root)/usr/lib/mit/bin/v4rcp
|
|
|
|
%{_mandir}/man1/kftp.1*
|
|
|
|
%{_mandir}/man1/krlogin.1*
|
|
|
|
%{_mandir}/man1/krsh.1*
|
|
|
|
%{_mandir}/man1/ktelnet.1*
|
|
|
|
%{_mandir}/man1/ksu.1*
|
|
|
|
%{_mandir}/man1/krcp.1*
|
|
|
|
%{_mandir}/man1/v4rcp.1*
|
2007-02-19 21:42:34 +01:00
|
|
|
%{_mandir}/man1/sclient.1*
|
2006-12-19 00:16:52 +01:00
|
|
|
|
|
|
|
%files devel
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%dir /usr/lib/mit
|
|
|
|
%dir /usr/lib/mit/bin
|
|
|
|
%dir /usr/lib/mit/sbin
|
|
|
|
/usr/lib/mit/bin/krb5-config
|
|
|
|
%{_libdir}/libdes425.so
|
|
|
|
%{_libdir}/libgssrpc.so
|
|
|
|
%{_libdir}/libk5crypto.so
|
|
|
|
%{_libdir}/libkadm5clnt.so
|
|
|
|
%{_libdir}/libkadm5srv.so
|
|
|
|
%{_libdir}/libkdb5.so
|
|
|
|
%{_libdir}/libkrb4.so
|
|
|
|
%{_libdir}/libkrb5.so
|
|
|
|
%{_libdir}/libkrb5support.so
|
|
|
|
%{_includedir}/*
|
|
|
|
/usr/lib/mit/sbin/krb5-send-pr
|
|
|
|
%{_mandir}/man1/krb5-send-pr.1*
|
|
|
|
%{_mandir}/man1/krb5-config.1*
|
|
|
|
|
2007-02-19 21:42:34 +01:00
|
|
|
%changelog
|
2007-09-13 18:47:35 +02:00
|
|
|
* Tue Sep 11 2007 - mc@suse.de
|
|
|
|
- update krb5-1.6.2-post.dif
|
|
|
|
* new -S sname option for kvno
|
|
|
|
* read_entropy_from_device on partial read will not fill buffer
|
|
|
|
* Bail out if encoded "ticket" doesn't decode correctly.
|
|
|
|
* patch for referrals loop
|
|
|
|
* Thu Sep 06 2007 - mc@suse.de
|
|
|
|
- fix a problem with the originally published patch
|
|
|
|
for MITKRB5-SA-2007-006 - CVE-2007-3999
|
|
|
|
[#302377]
|
|
|
|
* Wed Sep 05 2007 - mc@suse.de
|
|
|
|
- fix execute arbitrary code
|
|
|
|
(MITKRB5-SA-2007-006 - CVE-2007-3999,2007-4000)
|
|
|
|
[#302377]
|
2007-08-09 20:01:33 +02:00
|
|
|
* Tue Aug 07 2007 - mc@suse.de
|
|
|
|
- add krb5-1.6.2-post.dif
|
|
|
|
* during the referrals loop, check to see if the
|
|
|
|
session key enctype of a returned credential for the final
|
|
|
|
service is among the enctypes explicitly selected by the
|
|
|
|
application, and retry with old_use_conf_ktypes if it is not.
|
|
|
|
* If mkstemp() is available, the new ccache file gets created but
|
|
|
|
the subsequent open(O_CREAT|O_EXCL) call fails because the file
|
|
|
|
was already created by mkstemp(). Apply patch from Apple to keep
|
|
|
|
the file descriptor open.
|
2007-07-13 17:58:15 +02:00
|
|
|
* Thu Jul 12 2007 - mc@suse.de
|
|
|
|
- update to version 1.6.2
|
|
|
|
- remove krb5-1.6.1-post.dif all fixes are included in this release
|
2007-07-05 18:29:09 +02:00
|
|
|
* Thu Jul 05 2007 - mc@suse.de
|
|
|
|
- change requires to libcom_err-devel
|
2007-07-05 01:08:36 +02:00
|
|
|
* Mon Jul 02 2007 - mc@suse.de
|
|
|
|
- update krb5-1.6.1-post.dif
|
|
|
|
* fix leak in krb5_walk_realm_tree
|
|
|
|
* rd_req_decoded needs to deal with referral realms
|
|
|
|
* fix buffer overflow in kadmind
|
|
|
|
(MITKRB5-SA-2007-005 - CVE-2007-2798)
|
|
|
|
[#278689]
|
|
|
|
* fix kadmind code execution bug
|
|
|
|
(MITKRB5-SA-2007-004 - CVE-2007-2442 - CVE-2007-2443)
|
|
|
|
[#271191]
|
2007-06-15 00:30:00 +02:00
|
|
|
* Thu Jun 14 2007 - mc@suse.de
|
|
|
|
- fix unstripped-binary-or-object rpmlint warning
|
2007-06-15 00:26:00 +02:00
|
|
|
* Mon Jun 11 2007 - sschober@suse.de
|
|
|
|
- fixing rpmlint warnings and errors:
|
|
|
|
* merged logrotate scripts kadmin and krb5kdc into a single file
|
|
|
|
krb5-server.
|
|
|
|
* moved heimdal2mit-DumpConvert.pl and simple_convert_krb5conf.pl
|
|
|
|
from /usr/share/doc/packages/krb5 to /usr/lib/mit/helper.
|
|
|
|
adapted krb5.spec and README.ConvertHeimdalMIT accordingly.
|
|
|
|
* added surpression filter for
|
|
|
|
"devel-file-in-non-devel-package /usr/lib/libgssapi_krb5.so"
|
|
|
|
(see [#147912]).
|
|
|
|
* set default runlevel of init scripts in chkconfig line to 3 and
|
|
|
|
5
|
2007-05-11 10:36:44 +02:00
|
|
|
* Wed May 09 2007 - mc@suse.de
|
|
|
|
- fix uninitialized salt length
|
|
|
|
- add extra check for keytab file
|
2007-05-04 00:16:34 +02:00
|
|
|
* Thu May 03 2007 - mc@suse.de
|
|
|
|
- adding krb5-1.6.1-post.dif
|
|
|
|
* fix segfault in krb5_get_init_creds_password
|
|
|
|
* remove debug output in ftp client
|
|
|
|
* profile stores empty string values without double quotes
|
2007-04-23 23:17:31 +02:00
|
|
|
* Mon Apr 23 2007 - mc@suse.de
|
|
|
|
- update to final 1.6.1 version
|
2007-04-20 01:22:05 +02:00
|
|
|
* Wed Apr 18 2007 - mc@suse.de
|
|
|
|
- add plugin directories to main package
|
2007-04-17 00:35:48 +02:00
|
|
|
* Mon Apr 16 2007 - mc@suse.de
|
|
|
|
- update to version 1.6.1 Beta1
|
|
|
|
- remove obsolete patches
|
|
|
|
(krb5-1.6-post.dif, krb5-1.6-patchlevel.dif)
|
|
|
|
- rework compile_pie patch
|
2007-04-12 17:50:56 +02:00
|
|
|
* Wed Apr 11 2007 - mc@suse.de
|
|
|
|
- update krb5-1.6-post.dif
|
|
|
|
* fix kadmind stack overflow in krb5_klog_syslog
|
|
|
|
(MITKRB5-SA-2007-002 - CVE-2007-0957)
|
|
|
|
[#253548]
|
|
|
|
* fix double free attack in the RPC library
|
|
|
|
(MITKRB5-SA-2007-003 - CVE-2007-1216)
|
|
|
|
[#252487]
|
|
|
|
* fix krb5 telnetd login injection
|
|
|
|
(MIT-SA-2007-001 - CVE-2007-0956)
|
|
|
|
[#247765]
|
2007-03-29 17:14:52 +02:00
|
|
|
* Thu Mar 29 2007 - mc@suse.de
|
|
|
|
- add ncurses-devel and bison to BuildRequires
|
|
|
|
- rework some patches
|
2007-03-05 15:26:29 +01:00
|
|
|
* Mon Mar 05 2007 - mc@suse.de
|
|
|
|
- move SuSEFirewall service definitions to
|
|
|
|
/etc/sysconfig/SuSEfirewall2.d/services
|
2007-02-22 14:45:41 +01:00
|
|
|
* Thu Feb 22 2007 - mc@suse.de
|
|
|
|
- add firewall definition to krb5-server, FATE #300687
|
2007-02-19 21:42:34 +01:00
|
|
|
* Mon Feb 19 2007 - mc@suse.de
|
|
|
|
- update krb5-1.6-post.dif
|
|
|
|
- move some applications into the right package
|
2007-02-09 16:55:04 +01:00
|
|
|
* Fri Feb 09 2007 - mc@suse.de
|
|
|
|
- update krb5-1.6-post.dif
|
2007-02-02 14:20:45 +01:00
|
|
|
* Mon Jan 29 2007 - mc@suse.de
|
|
|
|
- krb5-1.6-fix-passwd-tcp.dif and krb5-1.6-fix-sendto_kdc-memset.dif
|
|
|
|
are now upstream. Remove patches.
|
|
|
|
- fix leak in krb5_kt_resolve and krb5_kt_wresolve
|
2007-01-26 17:41:59 +01:00
|
|
|
* Tue Jan 23 2007 - mc@suse.de
|
|
|
|
- fix "local variable used before set" in ftp.c
|
|
|
|
[#237684]
|
|
|
|
* Mon Jan 22 2007 - mc@suse.de
|
|
|
|
- krb5-devel should require keyutils-devel
|
|
|
|
* Mon Jan 22 2007 - mc@suse.de
|
|
|
|
- update to version 1.6
|
|
|
|
* Major changes in 1.6 include
|
|
|
|
* Partial client implementation to handle server name referrals.
|
|
|
|
* Pre-authentication plug-in framework, donated by Red Hat.
|
|
|
|
* LDAP KDB plug-in, donated by Novell.
|
|
|
|
- remove obsolete patches
|
2007-01-10 17:47:18 +01:00
|
|
|
* Wed Jan 10 2007 - mc@suse.de
|
|
|
|
- fix for
|
|
|
|
kadmind (via RPC library) calls uninitialized function pointer
|
|
|
|
(CVE-2006-6143)(Bug #225990)
|
|
|
|
krb5-1.5-MITKRB5-SA-2006-002-fix-code-exec.dif
|
|
|
|
- fix for
|
|
|
|
kadmind (via GSS-API mechglue) frees uninitialized pointers
|
|
|
|
(CVE-2006-6144)(Bug #225992)
|
|
|
|
krb5-1.5-MITKRB5-SA-2006-003-fix-free-of-uninitialized-pointer.dif
|
2007-01-04 01:57:59 +01:00
|
|
|
* Tue Jan 02 2007 - mc@suse.de
|
|
|
|
- Fix Requires in krb5-devel
|
|
|
|
[Bug #231008]
|
2006-12-19 00:16:52 +01:00
|
|
|
* Mon Nov 06 2006 - mc@suse.de
|
|
|
|
- fix "local variable used before set" [#217692]
|
|
|
|
- fix strncat warning
|
|
|
|
* Fri Oct 27 2006 - mc@suse.de
|
|
|
|
- add a default kadm5.dict file
|
|
|
|
- require $network on daemon start
|
|
|
|
* Wed Sep 13 2006 - mc@suse.de
|
|
|
|
- fix function call with too few arguments [#203837]
|
|
|
|
* Thu Aug 24 2006 - mc@suse.de
|
|
|
|
- update to version 1.5.1
|
|
|
|
- remove obsolete patches which are now included upstream
|
|
|
|
* krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif
|
|
|
|
* trunk-fix-uninitialized-vars.dif
|
|
|
|
* Fri Aug 11 2006 - mc@suse.de
|
|
|
|
- krb5 setuid return check fixes
|
|
|
|
krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif
|
|
|
|
[#182351]
|
|
|
|
* Mon Aug 07 2006 - mc@suse.de
|
|
|
|
- remove update-messages
|
|
|
|
* Mon Jul 24 2006 - mc@suse.de
|
|
|
|
- add check for krb5_prop in services to kpropd init script.
|
|
|
|
[#192446]
|
|
|
|
* Mon Jul 03 2006 - mc@suse.de
|
|
|
|
- update to version 1.5
|
|
|
|
* KDB abstraction layer, donated by Novell.
|
|
|
|
* plug-in architecture, allowing for extension modules to be
|
|
|
|
loaded at run-time.
|
|
|
|
* multi-mechanism GSS-API implementation ("mechglue"),
|
|
|
|
donated by Sun Microsystems
|
|
|
|
* Simple and Protected GSS-API negotiation mechanism ("SPNEGO")
|
|
|
|
implementation, donated by Sun Microsystems
|
|
|
|
- remove obsolete patches and add some new
|
|
|
|
* Fri May 26 2006 - ro@suse.de
|
|
|
|
- libcom is not in e2fsck-devel but in its own package now, change
|
|
|
|
Requires accordingly.
|
|
|
|
* Mon Mar 27 2006 - mc@suse.de
|
|
|
|
- add all daemons to %%stop_on_removal and %%restart_on_update
|
|
|
|
- add reload to kpropd init script
|
|
|
|
- add force-reload to all init scripts
|
|
|
|
* Mon Mar 13 2006 - mc@suse.de
|
|
|
|
- add libgssapi_krb5.so link to main package [#147912]
|
|
|
|
* Fri Feb 03 2006 - mc@suse.de
|
|
|
|
- fix logging section for kadmind in convert script
|
|
|
|
* Wed Jan 25 2006 - mls@suse.de
|
|
|
|
- converted neededforbuild to BuildRequires
|
|
|
|
* Fri Jan 13 2006 - mc@suse.de
|
|
|
|
- change the logging defaults
|
|
|
|
* Wed Jan 11 2006 - mc@suse.de
|
|
|
|
- add tools and README for heimdal => MIT update
|
|
|
|
* Mon Jan 09 2006 - mc@suse.de
|
|
|
|
- fix build problems, define _GNU_SOURCE
|
|
|
|
(krb5-1.4.3-set_gnu_source.dif )
|
|
|
|
* Tue Jan 03 2006 - mc@suse.de
|
|
|
|
- added "make %%{?jobs:-j%%jobs}"
|
|
|
|
* Fri Nov 18 2005 - mc@suse.de
|
|
|
|
- update to version 1.4.3
|
|
|
|
* some memmory leaks fixed
|
|
|
|
* fix for "AS_REP padata has wrong enctype"
|
|
|
|
* fix for "AS_REP padata missing PA-ETYPE-INFO"
|
|
|
|
* ... and more
|
|
|
|
* Wed Nov 02 2005 - dmueller@suse.de
|
|
|
|
- don't build as root
|
|
|
|
* Tue Oct 11 2005 - mc@suse.de
|
|
|
|
- update to version 1.4.2
|
|
|
|
- remove some obsolet patches
|
|
|
|
* Mon Aug 08 2005 - mc@suse.de
|
|
|
|
- build with --disable-static
|
|
|
|
* Thu Aug 04 2005 - ro@suse.de
|
|
|
|
- remove devel-static subpackage
|
|
|
|
* Thu Jun 30 2005 - mc@suse.de
|
|
|
|
- better patch for princ_comp problem
|
|
|
|
* Mon Jun 27 2005 - mc@suse.de
|
|
|
|
- update to version 1.4.1
|
|
|
|
- remove obsolet patches
|
|
|
|
- krb5-1.4-gcc4.dif
|
|
|
|
- krb5-1.4-reduce-namespace-polution.dif
|
|
|
|
- krb5-1.4-VUL-0-telnet.dif
|
|
|
|
* Thu Jun 23 2005 - mc@suse.de
|
|
|
|
- fixed krb5 KDC heap corruption by random free
|
|
|
|
[#80574, CAN-2005-1174, MITKRB5-SA-2005-002]
|
|
|
|
- fixed krb5 double free()
|
|
|
|
[#86768, CAN-2005-1689, MITKRB5-SA-2005-003]
|
|
|
|
- fix krb5 NULL pointer reference while comparing principals
|
|
|
|
[#91600]
|
|
|
|
* Fri Jun 17 2005 - mc@suse.de
|
|
|
|
- fix uninitialized variables
|
|
|
|
- compile with -fPIE/ link with -pie
|
|
|
|
* Wed Apr 20 2005 - mc@suse.de
|
|
|
|
- fixed wrong xinetd files [#77149]
|
|
|
|
* Fri Apr 08 2005 - mt@suse.de
|
|
|
|
- removed krb5-1.4-fix-error_tables.dif patch obsoleted
|
|
|
|
by libcom_err locking patches
|
|
|
|
* Thu Apr 07 2005 - mc@suse.de
|
|
|
|
- fixed missing descriptions in init files
|
|
|
|
[#76164, #76165, #76166, #76169]
|
|
|
|
* Wed Mar 30 2005 - mc@suse.de
|
|
|
|
- enhance $PATH via /etc/profile.d/ [#74018]
|
|
|
|
- remove the "links to important programs"
|
|
|
|
* Fri Mar 18 2005 - mc@suse.de
|
|
|
|
- fixed not running converter script [#72854]
|
|
|
|
* Thu Mar 17 2005 - mc@suse.de
|
|
|
|
- Fix CAN-2005-0469: Multiple Telnet Client slc_add_reply() Buffer
|
|
|
|
Overflow
|
|
|
|
- Fix CAN-2005-0468: Multiple Telnet Client env_opt_add() Buffer
|
|
|
|
Overflow
|
|
|
|
[#73618]
|
|
|
|
* Wed Mar 16 2005 - mc@suse.de
|
|
|
|
- fixed wrong PreReqs [#73020]
|
|
|
|
* Tue Mar 15 2005 - mc@suse.de
|
|
|
|
- add a simple krb5.conf converter [#72854]
|
|
|
|
* Mon Mar 14 2005 - mc@suse.de
|
|
|
|
- fixed: rckrb5kdc restart gives wrong status with non-running service
|
|
|
|
[#72446]
|
|
|
|
* Thu Mar 10 2005 - mc@suse.de
|
|
|
|
- add requires: e2fsprogs-devel to krb5-devel package [#71732]
|
|
|
|
* Fri Feb 25 2005 - mc@suse.de
|
|
|
|
- fix double free [#66534]
|
|
|
|
krb5-1.4-fix-error_tables.dif
|
|
|
|
* Fri Feb 11 2005 - mc@suse.de
|
|
|
|
- change mode for shared libraries to 755
|
|
|
|
* Fri Feb 04 2005 - mc@suse.de
|
|
|
|
- remove spx.c from tarball because of legal risk
|
|
|
|
- add README.Source which tell the user about this
|
|
|
|
action.
|
|
|
|
- add a check for spx.c in the spec-file
|
|
|
|
- use rich-text for update-messages [#50250]
|
|
|
|
* Tue Feb 01 2005 - mc@suse.de
|
|
|
|
- add krb5-1.4-reduce-namespace-polution.dif
|
|
|
|
reduce namespace polution in gssapi.h [#50356]
|
|
|
|
* Fri Jan 28 2005 - mc@suse.de
|
|
|
|
- update to version 1.4
|
|
|
|
- Add implementation of the RPCSEC_GSS authentication flavor to the
|
|
|
|
RPC library.
|
|
|
|
- Thread safety for krb5 libraries.
|
|
|
|
- Merged Athena telnetd changes for creating a new option for
|
|
|
|
requiring encryption.
|
|
|
|
- The kadmind4 backwards-compatibility admin server and the v5passwdd
|
|
|
|
backwards-compatibility password-changing server have been removed.
|
|
|
|
- Yarrow code now uses AES.
|
|
|
|
- Merged Athena changes to allow ftpd to require encrypted passwords.
|
|
|
|
- Incorporate gss_krb5_set_allowable_enctypes() and
|
|
|
|
gss_krb5_export_lucid_sec_context(), which are needed for NFSv4.
|
|
|
|
- remove obsolet patches
|
|
|
|
* Mon Jan 17 2005 - mc@suse.de
|
|
|
|
- add proofreaded update-messages
|
|
|
|
* Fri Jan 14 2005 - mc@suse.de
|
|
|
|
- remove Conflicts: and add Provides:
|
|
|
|
- add some insserv stuff
|
|
|
|
* Thu Jan 13 2005 - mc@suse.de
|
|
|
|
- move vendor files to vendor-files.tar.bz2
|
|
|
|
- add obsoletes: heimdal
|
|
|
|
- add %%pre and %%post sections to detect update
|
|
|
|
from heimdal and backup invalid configuration files
|
|
|
|
- add update-messages for heimdal update
|
|
|
|
* Mon Jan 10 2005 - mc@suse.de
|
|
|
|
- update to version 1.3.6
|
|
|
|
- fix for: heap buffer overflow in libkadm5srv
|
|
|
|
[CAN-2004-1189 / MITKRB5-SA-2004-004]
|
|
|
|
* Tue Dec 14 2004 - mc@suse.de
|
|
|
|
- build doc subpackage in an own specfile
|
|
|
|
- removed unnecessary neededforbuild requirements
|
|
|
|
* Wed Nov 24 2004 - coolo@suse.de
|
|
|
|
- fix build with gcc 4
|
|
|
|
* Mon Nov 15 2004 - mc@suse.de
|
|
|
|
- added Conflicts with heimdal*
|
|
|
|
- rename some manpages to avoid conflicts
|
|
|
|
* Thu Nov 04 2004 - mc@suse.de
|
|
|
|
- new init scripts
|
|
|
|
- fix logrotate scripts
|
|
|
|
- add some 64Bit fixes
|
|
|
|
- add default krb5.conf, kdc.conf and kadm5.acl
|
|
|
|
* Wed Nov 03 2004 - mc@suse.de
|
|
|
|
- add e2fsprogs to NFB
|
|
|
|
- use system-et and system-ss
|
|
|
|
- fix includes of com_err.h
|
|
|
|
* Thu Oct 28 2004 - mc@suse.de
|
|
|
|
- Initital checkin
|