OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/pam_krb5?expand=0&rev=5

2007-07-16 09:53:03 +00:00 · 2007-07-16 09:53:03 +00:00 · a66aae8587
commit a66aae8587
parent af82542df0
5 changed files with 35 additions and 20 deletions
--- a/pam_krb5-2.2.11-1-refresh-drop-restore-priv.dif
+++ b/pam_krb5-2.2.11-1-refresh-drop-restore-priv.dif
@ -1,6 +1,8 @@
--- src/auth.c
-+++ src/auth.c	2007/03/15 10:55:36
-@@ -418,9 +418,13 @@
+Index: src/auth.c
+===================================================================
+--- src/auth.c.orig
+++ src/auth.c
+@@ -422,9 +422,13 @@ pam_sm_setcred(pam_handle_t *pamh, int f
 		return pam_sm_open_session(pamh, flags, argc, argv);
 	}
 	if (flags & (PAM_REINITIALIZE_CRED | PAM_REFRESH_CRED)) {
@ -16,9 +18,11 @@
 		} else {
 			return PAM_IGNORE;
 		}
--- src/sly.c
-+++ src/sly.c	2007/03/15 10:46:36
-@@ -146,6 +146,21 @@
+Index: src/sly.c
+===================================================================
+--- src/sly.c.orig
+++ src/sly.c
+@@ -146,6 +146,21 @@ _pam_krb5_sly_looks_unsafe(void)
 	return 0;
 }
 
@ -40,7 +44,7 @@
 int
 _pam_krb5_sly_maybe_refresh(pam_handle_t *pamh, int flags,
 			    int argc, PAM_KRB5_MAYBE_CONST char **argv)
-@@ -159,6 +174,20 @@
+@@ -159,6 +174,20 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
 	int i, retval, stored;
 	char *v5ccname, *v4tktfile;
 
@ -61,7 +65,7 @@
 	/* Inexpensive checks. */
 	switch (_pam_krb5_sly_looks_unsafe()) {
 	case 0:
-@@ -166,18 +195,22 @@
+@@ -166,18 +195,22 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
 		break;
 	case 1:
 		warn("won't refresh credentials while running under sudo");
@ -84,7 +88,7 @@
 		return PAM_SERVICE_ERR;
 		break;
 	}
-@@ -185,6 +218,7 @@
+@@ -185,6 +218,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
 	/* Initialize Kerberos. */
 	if (_pam_krb5_init_ctx(&ctx, argc, argv) != 0) {
 		warn("error initializing Kerberos");
@ -92,7 +96,7 @@
 		return PAM_SERVICE_ERR;
 	}
 
-@@ -193,6 +227,7 @@
+@@ -193,6 +227,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
 	if (i != PAM_SUCCESS) {
 		warn("could not identify user name");
 		krb5_free_context(ctx);
@ -100,7 +104,7 @@
 		return i;
 	}
 
-@@ -201,6 +236,7 @@
+@@ -201,6 +236,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
 	if (options == NULL) {
 		warn("error parsing options (shouldn't happen)");
 		krb5_free_context(ctx);
@ -108,7 +112,7 @@
 		return PAM_SERVICE_ERR;
 	}
 	if (options->debug) {
-@@ -222,6 +258,7 @@
+@@ -222,6 +258,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
 		}
 		_pam_krb5_options_free(pamh, ctx, options);
 		krb5_free_context(ctx);
@ -116,7 +120,7 @@
 		return retval;
 	}
 
-@@ -233,6 +270,7 @@
+@@ -233,6 +270,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
 		_pam_krb5_user_info_free(ctx, userinfo);
 		_pam_krb5_options_free(pamh, ctx, options);
 		krb5_free_context(ctx);
@ -124,7 +128,7 @@
 		return PAM_IGNORE;
 	}
 
-@@ -244,6 +282,7 @@
+@@ -244,6 +282,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
 		_pam_krb5_user_info_free(ctx, userinfo);
 		_pam_krb5_options_free(pamh, ctx, options);
 		krb5_free_context(ctx);
@ -132,7 +136,7 @@
 		return PAM_SERVICE_ERR;
 	}
 
-@@ -331,5 +370,6 @@
+@@ -331,5 +370,6 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t
 		      pam_strerror(pamh, retval));
 	}
 
--- a/pam_krb5-2.2.13-1.tar.bz2
+++ b/pam_krb5-2.2.13-1.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7ec331fefec599ed719dae8629cb3b6b86175c29a1269fd47a7c4afd2513cb8e
-size 322810
--- a/pam_krb5-2.2.14-1.tar.bz2
+++ b/pam_krb5-2.2.14-1.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3bc58cf76e1ab98de4ee964edf9611d161c547d1af5c5a29b144ee5a4890141c
+size 322949
--- a/pam_krb5.changes
+++ b/pam_krb5.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Jul 16 10:34:08 CEST 2007 - mc@suse.de
+
+- version 2.2.14
+  * treat a "client revoked" error as an "unknown principal" error 
+  * some small bugfixes
+
 -------------------------------------------------------------------
 Fri Jul 13 10:31:01 CEST 2007 - mc@suse.de

--- a/pam_krb5.spec
+++ b/pam_krb5.spec
@ -1,5 +1,5 @@
 #
-# spec file for package pam_krb5 (Version 2.2.13)
+# spec file for package pam_krb5 (Version 2.2.14)
 #
 # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
@ -17,7 +17,7 @@ License:        GPL v2 or later
 Group:          Productivity/Networking/Security
 Provides:       pam_krb
 Autoreqprov:    on
-Version:        2.2.13
+Version:        2.2.14
 Release:        1
 Summary:        PAM Module for Kerberos Authentication
 URL:            http://sourceforge.net/projects/pam-krb5/
@ -75,6 +75,10 @@ rm -rf $RPM_BUILD_ROOT
 %attr(755,root,root) /usr/bin/afs5log

 %changelog
+* Mon Jul 16 2007 - mc@suse.de
+- version 2.2.14
+  * treat a "client revoked" error as an "unknown principal" error
+  * some small bugfixes
 * Fri Jul 13 2007 - mc@suse.de
 - version 2.2.13
  * make it possible to have more than one ccache (and tktfile) at