4ccaaa958f
- update to version 2.3.13
* don't bother creating a v5 ccache in "external" mode
* add a "trace" option to enable libkrb5 tracing, if available
* avoid trying to get password-change creds twice
* use an in-memory ccache when obtaining tokens using v5 creds
* turn off creds==session in "sshd"
* add a "validate_user_user" option to control trying to perform
user-to-user authentication to validate TGTs when a keytab is not
available
* add an "ignore_k5login" option to control whether or not the module
will use the krb5_kuserok() function to perform additional
authorization checks
* turn on validation by default - verify_ap_req_nofail controls how we
treat errors reading keytab files now
* add an "always_allow_localname" option when we can use
krb5_aname_to_localname() to second-guess the krb5_kuserok() check
* prefer krb5_change_password() to krb5_set_password()
OBS-URL: https://build.opensuse.org/request/show/79471
OBS-URL: https://build.opensuse.org/package/show/Linux-PAM/pam_krb5?expand=0&rev=19
4 lines
131 B
Plaintext
4 lines
131 B
Plaintext
version https://git-lfs.github.com/spec/v1
|
|
oid sha256:bcb8fd3a440a07738851bb5f726ccdf618d95ddf4dd57e026de6718b7b1ac157
|
|
size 432029
|