Accepting request 37899 from network
Copy from network/krb5 based on submit request 37899 from user mcalmer OBS-URL: https://build.opensuse.org/request/show/37899 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=49
This commit is contained in:
commit
34e58b5036
@ -5,7 +5,7 @@ Index: src/lib/krb5/os/changepw.c
|
||||
===================================================================
|
||||
--- src/lib/krb5/os/changepw.c.orig
|
||||
+++ src/lib/krb5/os/changepw.c
|
||||
@@ -271,10 +271,22 @@ change_set_password(krb5_context context
|
||||
@@ -280,10 +280,22 @@ change_set_password(krb5_context context
|
||||
NULL
|
||||
))) {
|
||||
|
||||
|
@ -1,71 +0,0 @@
|
||||
Index: src/lib/gssapi/spnego/spnego_mech.c
|
||||
===================================================================
|
||||
--- src/lib/gssapi/spnego/spnego_mech.c.orig
|
||||
+++ src/lib/gssapi/spnego/spnego_mech.c
|
||||
@@ -1576,7 +1576,7 @@ spnego_gss_accept_sec_context(
|
||||
spnego_gss_ctx_id_t sc = NULL;
|
||||
spnego_gss_cred_id_t spcred = NULL;
|
||||
OM_uint32 mechstat = GSS_S_FAILURE;
|
||||
- int sendTokenInit = 0;
|
||||
+ int sendTokenInit = 0, tmpret;
|
||||
|
||||
mechtok_in = mic_in = mic_out = GSS_C_NO_BUFFER;
|
||||
|
||||
@@ -1609,7 +1609,6 @@ spnego_gss_accept_sec_context(
|
||||
if (delegated_cred_handle != NULL)
|
||||
*delegated_cred_handle = GSS_C_NO_CREDENTIAL;
|
||||
if (input_token->length == 0) {
|
||||
- sendTokenInit = 1;
|
||||
ret = acc_ctx_hints(minor_status,
|
||||
context_handle, spcred,
|
||||
&mic_out,
|
||||
@@ -1617,6 +1616,7 @@ spnego_gss_accept_sec_context(
|
||||
&return_token);
|
||||
if (ret != GSS_S_COMPLETE)
|
||||
goto cleanup;
|
||||
+ sendTokenInit = 1;
|
||||
ret = GSS_S_CONTINUE_NEEDED;
|
||||
} else {
|
||||
/* Can set negState to REQUEST_MIC */
|
||||
@@ -1664,27 +1664,21 @@ spnego_gss_accept_sec_context(
|
||||
&negState, &return_token);
|
||||
}
|
||||
cleanup:
|
||||
- if (return_token != NO_TOKEN_SEND && return_token != CHECK_MIC) {
|
||||
- /* For acceptor-sends-first send a tokenInit */
|
||||
- int tmpret;
|
||||
-
|
||||
+ if (return_token == INIT_TOKEN_SEND && sendTokenInit) {
|
||||
assert(sc != NULL);
|
||||
-
|
||||
- if (sendTokenInit) {
|
||||
- tmpret = make_spnego_tokenInit_msg(sc,
|
||||
- 1,
|
||||
- mic_out,
|
||||
- 0,
|
||||
- GSS_C_NO_BUFFER,
|
||||
- return_token,
|
||||
- output_token);
|
||||
- } else {
|
||||
- tmpret = make_spnego_tokenTarg_msg(negState,
|
||||
- sc ? sc->internal_mech : GSS_C_NO_OID,
|
||||
- &mechtok_out, mic_out,
|
||||
- return_token,
|
||||
- output_token);
|
||||
- }
|
||||
+ tmpret = make_spnego_tokenInit_msg(sc, 1, mic_out, 0,
|
||||
+ GSS_C_NO_BUFFER,
|
||||
+ return_token, output_token);
|
||||
+ if (tmpret < 0)
|
||||
+ ret = GSS_S_FAILURE;
|
||||
+ } else if (return_token != NO_TOKEN_SEND &&
|
||||
+ return_token != CHECK_MIC) {
|
||||
+ tmpret = make_spnego_tokenTarg_msg(negState,
|
||||
+ sc ? sc->internal_mech :
|
||||
+ GSS_C_NO_OID,
|
||||
+ &mechtok_out, mic_out,
|
||||
+ return_token,
|
||||
+ output_token);
|
||||
if (tmpret < 0)
|
||||
ret = GSS_S_FAILURE;
|
||||
}
|
@ -1,315 +0,0 @@
|
||||
Index: doc/admin.texinfo
|
||||
===================================================================
|
||||
--- doc/admin.texinfo.orig
|
||||
+++ doc/admin.texinfo
|
||||
@@ -516,13 +516,6 @@ DCE do not support the default cache as
|
||||
Kerberos. Use a value of 1 on DCE 1.0.3a systems, and a value of 2 on
|
||||
DCE 1.1 systems. The default value is @value{DefaultCcacheType}.
|
||||
|
||||
-@ignore
|
||||
-@itemx tkt_lifetime
|
||||
-The default lifetime of a ticket. The default is
|
||||
-@value{DefaultTktLifetime}. This is currently not supported by the
|
||||
-code.
|
||||
-@end ignore
|
||||
-
|
||||
@itemx dns_lookup_kdc
|
||||
Indicate whether DNS SRV records should be used to locate the KDCs and
|
||||
other servers for a realm, if they are not listed in the information for
|
||||
@@ -583,6 +576,11 @@ If this flag is set, then an attempt to
|
||||
fail if the client machine does not have a keytab. The default for the
|
||||
flag is @value{DefaultVerifyApReqNofail}.
|
||||
|
||||
+@itemx ticket_lifetime
|
||||
+The value of this tag is the default lifetime for
|
||||
+initial tickets. The default value for the tag is
|
||||
+@value{DefaultTktLifetime}.
|
||||
+
|
||||
@itemx renew_lifetime
|
||||
The value of this tag is the default renewable lifetime for
|
||||
initial tickets. The default value for the tag is
|
||||
Index: src/include/krb5/krb5.hin
|
||||
===================================================================
|
||||
--- src/include/krb5/krb5.hin.orig
|
||||
+++ src/include/krb5/krb5.hin
|
||||
@@ -1066,7 +1066,7 @@ krb5_verify_checksum(krb5_context contex
|
||||
#define KRB5_AUTHDATA_SESAME 65
|
||||
#define KRB5_AUTHDATA_WIN2K_PAC 128
|
||||
#define KRB5_AUTHDATA_ETYPE_NEGOTIATION 129 /* RFC 4537 */
|
||||
-#define KRB5_AUTHDATA_SIGNTICKET 142
|
||||
+#define KRB5_AUTHDATA_SIGNTICKET 512 /* formerly 142 in krb5 1.8 */
|
||||
#define KRB5_AUTHDATA_FX_ARMOR 71
|
||||
/* password change constants */
|
||||
|
||||
@@ -1184,6 +1184,19 @@ typedef struct _krb5_pa_data {
|
||||
krb5_octet *contents;
|
||||
} krb5_pa_data;
|
||||
|
||||
+/* typed data */
|
||||
+/*
|
||||
+ * The FAST error handling logic currently assumes that this structure and
|
||||
+ * krb5_pa_data * can be safely cast to each other if this structure changes,
|
||||
+ * that code needs to be updated to copy.
|
||||
+ */
|
||||
+typedef struct _krb5_typed_data {
|
||||
+ krb5_magic magic;
|
||||
+ krb5_int32 type;
|
||||
+ unsigned int length;
|
||||
+ krb5_octet *data;
|
||||
+} krb5_typed_data;
|
||||
+
|
||||
typedef struct _krb5_kdc_req {
|
||||
krb5_magic magic;
|
||||
krb5_msgtype msg_type; /* AS_REQ or TGS_REQ? */
|
||||
Index: src/include/k5-int-pkinit.h
|
||||
===================================================================
|
||||
--- src/include/k5-int-pkinit.h.orig
|
||||
+++ src/include/k5-int-pkinit.h
|
||||
@@ -101,17 +101,6 @@ typedef struct _krb5_trusted_ca {
|
||||
} u;
|
||||
} krb5_trusted_ca;
|
||||
|
||||
-/* typed data */
|
||||
-/* The FAST error handling logic currently assumes that this structure and krb5_pa_data * can be safely cast to each other
|
||||
- * if this structure changes, that code needs to be updated to copy.
|
||||
- */
|
||||
-typedef struct _krb5_typed_data {
|
||||
- krb5_magic magic;
|
||||
- krb5_int32 type;
|
||||
- unsigned int length;
|
||||
- krb5_octet *data;
|
||||
-} krb5_typed_data;
|
||||
-
|
||||
/* PA-PK-AS-REQ (Draft 9 -- PA TYPE 14) */
|
||||
typedef struct _krb5_pa_pk_as_req_draft9 {
|
||||
krb5_octet_data signedAuthPack;
|
||||
Index: src/kdc/kdc_authdata.c
|
||||
===================================================================
|
||||
--- src/kdc/kdc_authdata.c.orig
|
||||
+++ src/kdc/kdc_authdata.c
|
||||
@@ -934,8 +934,12 @@ verify_ad_signedpath(krb5_context contex
|
||||
enc_sp.length = sp_authdata[0]->length;
|
||||
|
||||
code = decode_krb5_ad_signedpath(&enc_sp, &sp);
|
||||
- if (code != 0)
|
||||
+ if (code != 0) {
|
||||
+ /* Treat an invalid signedpath authdata element as a missing one, since
|
||||
+ * we believe MS is using the same number for something else. */
|
||||
+ code = 0;
|
||||
goto cleanup;
|
||||
+ }
|
||||
|
||||
code = verify_ad_signedpath_checksum(context,
|
||||
krbtgt,
|
||||
Index: src/kdc/do_tgs_req.c
|
||||
===================================================================
|
||||
--- src/kdc/do_tgs_req.c.orig
|
||||
+++ src/kdc/do_tgs_req.c
|
||||
@@ -1215,6 +1215,7 @@ prep_reprocess_req(krb5_kdc_req *request
|
||||
strlcpy(comp1_str,comp1->data,comp1->length+1);
|
||||
|
||||
if ((krb5_princ_type(kdc_context, request->server) == KRB5_NT_SRV_HST ||
|
||||
+ krb5_princ_type(kdc_context, request->server) == KRB5_NT_SRV_INST ||
|
||||
(krb5_princ_type(kdc_context, request->server) == KRB5_NT_UNKNOWN &&
|
||||
kdc_active_realm->realm_host_based_services != NULL &&
|
||||
(krb5_match_config_pattern(kdc_active_realm->realm_host_based_services,
|
||||
Index: src/clients/kpasswd/kpasswd.c
|
||||
===================================================================
|
||||
--- src/clients/kpasswd/kpasswd.c.orig
|
||||
+++ src/clients/kpasswd/kpasswd.c
|
||||
@@ -47,7 +47,7 @@ int main(int argc, char *argv[])
|
||||
{
|
||||
krb5_error_code ret;
|
||||
krb5_context context;
|
||||
- krb5_principal princ;
|
||||
+ krb5_principal princ = NULL;
|
||||
char *pname;
|
||||
krb5_ccache ccache;
|
||||
krb5_get_init_creds_opt *opts = NULL;
|
||||
@@ -84,23 +84,27 @@ int main(int argc, char *argv[])
|
||||
com_err(argv[0], ret, "parsing client name");
|
||||
exit(1);
|
||||
}
|
||||
- } else if ((ret = krb5_cc_default(context, &ccache)) != KRB5_CC_NOTFOUND) {
|
||||
- if (ret) {
|
||||
+ } else {
|
||||
+ ret = krb5_cc_default(context, &ccache);
|
||||
+ if (ret != 0) {
|
||||
com_err(argv[0], ret, "opening default ccache");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
- if ((ret = krb5_cc_get_principal(context, ccache, &princ))) {
|
||||
+ ret = krb5_cc_get_principal(context, ccache, &princ);
|
||||
+ if (ret != 0 && ret != KRB5_CC_NOTFOUND && ret != KRB5_FCC_NOFILE) {
|
||||
com_err(argv[0], ret, "getting principal from ccache");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
- if ((ret = krb5_cc_close(context, ccache))) {
|
||||
+ ret = krb5_cc_close(context, ccache);
|
||||
+ if (ret != 0) {
|
||||
com_err(argv[0], ret, "closing ccache");
|
||||
exit(1);
|
||||
}
|
||||
- } else {
|
||||
- get_name_from_passwd_file(argv[0], context, &princ);
|
||||
+
|
||||
+ if (princ == NULL)
|
||||
+ get_name_from_passwd_file(argv[0], context, &princ);
|
||||
}
|
||||
|
||||
if ((ret = krb5_get_init_creds_opt_alloc(context, &opts))) {
|
||||
Index: src/config-files/krb5.conf.M
|
||||
===================================================================
|
||||
--- src/config-files/krb5.conf.M.orig
|
||||
+++ src/config-files/krb5.conf.M
|
||||
@@ -220,6 +220,10 @@ If this flag is set, then an attempt to
|
||||
fail if the client machine does not have a keytab. The default for the
|
||||
flag is false.
|
||||
|
||||
+.IP ticket_lifetime
|
||||
+The value of this tag is the default lifetime for initial tickets. The
|
||||
+default value for the tag is 1 day (1d).
|
||||
+
|
||||
.IP renew_lifetime
|
||||
The value of this tag is the default renewable lifetime for initial
|
||||
tickets. The default value for the tag is 0.
|
||||
Index: src/lib/gssapi/spnego/spnego_mech.c
|
||||
===================================================================
|
||||
--- src/lib/gssapi/spnego/spnego_mech.c.orig
|
||||
+++ src/lib/gssapi/spnego/spnego_mech.c
|
||||
@@ -1687,6 +1687,7 @@ cleanup:
|
||||
if (sc->internal_name != GSS_C_NO_NAME &&
|
||||
src_name != NULL) {
|
||||
*src_name = sc->internal_name;
|
||||
+ sc->internal_name = GSS_C_NO_NAME;
|
||||
}
|
||||
release_spnego_ctx(&sc);
|
||||
} else if (ret != GSS_S_CONTINUE_NEEDED) {
|
||||
@@ -2572,6 +2573,8 @@ release_spnego_ctx(spnego_gss_ctx_id_t *
|
||||
(void) generic_gss_release_oid(&minor_stat,
|
||||
&context->internal_mech);
|
||||
|
||||
+ (void) gss_release_name(&minor_stat, &context->internal_name);
|
||||
+
|
||||
if (context->optionStr != NULL) {
|
||||
free(context->optionStr);
|
||||
context->optionStr = NULL;
|
||||
Index: src/lib/kadm5/srv/svr_principal.c
|
||||
===================================================================
|
||||
--- src/lib/kadm5/srv/svr_principal.c.orig
|
||||
+++ src/lib/kadm5/srv/svr_principal.c
|
||||
@@ -858,8 +858,8 @@ kadm5_get_principal(void *server_handle,
|
||||
if (! (mask & KADM5_MOD_TIME))
|
||||
entry->mod_date = 0;
|
||||
if (! (mask & KADM5_MOD_NAME)) {
|
||||
- krb5_free_principal(handle->context, entry->principal);
|
||||
- entry->principal = NULL;
|
||||
+ krb5_free_principal(handle->context, entry->mod_name);
|
||||
+ entry->mod_name = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -871,10 +871,12 @@ kadm5_get_principal(void *server_handle,
|
||||
if (kdb.key_data[i].key_data_kvno > entry->kvno)
|
||||
entry->kvno = kdb.key_data[i].key_data_kvno;
|
||||
|
||||
- ret = krb5_dbe_get_mkvno(handle->context, &kdb, master_keylist,
|
||||
- &entry->mkvno);
|
||||
- if (ret)
|
||||
- goto done;
|
||||
+ if (mask & KADM5_MKVNO) {
|
||||
+ ret = krb5_dbe_get_mkvno(handle->context, &kdb, master_keylist,
|
||||
+ &entry->mkvno);
|
||||
+ if (ret)
|
||||
+ goto done;
|
||||
+ }
|
||||
|
||||
if (mask & KADM5_MAX_RLIFE)
|
||||
entry->max_renewable_life = kdb.max_renewable_life;
|
||||
Index: src/lib/krb5/os/changepw.c
|
||||
===================================================================
|
||||
--- src/lib/krb5/os/changepw.c.orig
|
||||
+++ src/lib/krb5/os/changepw.c
|
||||
@@ -65,20 +65,23 @@ locate_kpasswd(krb5_context context, con
|
||||
int sockType = (useTcp ? SOCK_STREAM : SOCK_DGRAM);
|
||||
|
||||
code = krb5int_locate_server (context, realm, addrlist,
|
||||
- locate_service_kpasswd, sockType, AF_INET);
|
||||
+ locate_service_kpasswd, sockType, AF_UNSPEC);
|
||||
|
||||
if (code == KRB5_REALM_CANT_RESOLVE || code == KRB5_REALM_UNKNOWN) {
|
||||
code = krb5int_locate_server (context, realm, addrlist,
|
||||
locate_service_kadmin, SOCK_STREAM,
|
||||
- AF_INET);
|
||||
+ AF_UNSPEC);
|
||||
if (!code) {
|
||||
/* Success with admin_server but now we need to change the
|
||||
port number to use DEFAULT_KPASSWD_PORT and the socktype. */
|
||||
size_t i;
|
||||
for (i=0; i<addrlist->naddrs; i++) {
|
||||
struct addrinfo *a = addrlist->addrs[i].ai;
|
||||
+ krb5_ui_2 kpasswd_port = htons(DEFAULT_KPASSWD_PORT);
|
||||
if (a->ai_family == AF_INET)
|
||||
- sa2sin (a->ai_addr)->sin_port = htons(DEFAULT_KPASSWD_PORT);
|
||||
+ sa2sin (a->ai_addr)->sin_port = kpasswd_port;
|
||||
+ if (a->ai_family == AF_INET6)
|
||||
+ sa2sin6 (a->ai_addr)->sin6_port = kpasswd_port;
|
||||
if (sockType != SOCK_STREAM)
|
||||
a->ai_socktype = sockType;
|
||||
}
|
||||
@@ -131,10 +134,16 @@ kpasswd_sendto_msg_callback(struct conn_
|
||||
/* some brain-dead OS's don't return useful information from
|
||||
* the getsockname call. Namely, windows and solaris. */
|
||||
|
||||
- if (ss2sin(&local_addr)->sin_addr.s_addr != 0) {
|
||||
+ if (local_addr.ss_family == AF_INET &&
|
||||
+ ss2sin(&local_addr)->sin_addr.s_addr != 0) {
|
||||
local_kaddr.addrtype = ADDRTYPE_INET;
|
||||
local_kaddr.length = sizeof(ss2sin(&local_addr)->sin_addr);
|
||||
local_kaddr.contents = (krb5_octet *) &ss2sin(&local_addr)->sin_addr;
|
||||
+ } else if (local_addr.ss_family == AF_INET6 &&
|
||||
+ ss2sin6(&local_addr)->sin6_addr.s6_addr != 0) {
|
||||
+ local_kaddr.addrtype = ADDRTYPE_INET6;
|
||||
+ local_kaddr.length = sizeof(ss2sin6(&local_addr)->sin6_addr);
|
||||
+ local_kaddr.contents = (krb5_octet *) &ss2sin6(&local_addr)->sin6_addr;
|
||||
} else {
|
||||
krb5_address **addrs;
|
||||
|
||||
@@ -290,9 +299,19 @@ change_set_password(krb5_context context
|
||||
break;
|
||||
}
|
||||
|
||||
- remote_kaddr.addrtype = ADDRTYPE_INET;
|
||||
- remote_kaddr.length = sizeof(ss2sin(&remote_addr)->sin_addr);
|
||||
- remote_kaddr.contents = (krb5_octet *) &ss2sin(&remote_addr)->sin_addr;
|
||||
+ if (remote_addr.ss_family == AF_INET) {
|
||||
+ remote_kaddr.addrtype = ADDRTYPE_INET;
|
||||
+ remote_kaddr.length = sizeof(ss2sin(&remote_addr)->sin_addr);
|
||||
+ remote_kaddr.contents =
|
||||
+ (krb5_octet *) &ss2sin(&remote_addr)->sin_addr;
|
||||
+ } else if (remote_addr.ss_family == AF_INET6) {
|
||||
+ remote_kaddr.addrtype = ADDRTYPE_INET6;
|
||||
+ remote_kaddr.length = sizeof(ss2sin6(&remote_addr)->sin6_addr);
|
||||
+ remote_kaddr.contents =
|
||||
+ (krb5_octet *) &ss2sin6(&remote_addr)->sin6_addr;
|
||||
+ } else {
|
||||
+ break;
|
||||
+ }
|
||||
|
||||
if ((code = krb5_auth_con_setaddrs(callback_ctx.context,
|
||||
callback_ctx.auth_context,
|
||||
Index: src/lib/krb5/krb/gic_pwd.c
|
||||
===================================================================
|
||||
--- src/lib/krb5/krb/gic_pwd.c.orig
|
||||
+++ src/lib/krb5/krb/gic_pwd.c
|
||||
@@ -218,7 +218,7 @@ krb5_get_init_creds_password(krb5_contex
|
||||
* to prompt. Prompting is only disabled if the option has been set
|
||||
* and the value has been set to false.
|
||||
*/
|
||||
- if (!(options->flags & KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT))
|
||||
+ if (options && !(options->flags & KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT))
|
||||
goto cleanup;
|
||||
|
||||
/* ok, we have an expired password. Give the user a few chances
|
3
krb5-1.8.1.tar.bz2
Normal file
3
krb5-1.8.1.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:215e71364b4ac6e49cfb2629a109a2f473845d68643859eccc038834de1f4746
|
||||
size 9960127
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:10890ef19905e36e99d82cbe7caa6e8b0875b2a304f9a9e2d05137c87aff8212
|
||||
size 9958816
|
@ -1,3 +1,8 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 9 12:45:30 CEST 2010 - mc@suse.de
|
||||
|
||||
- update to version 1.8.1
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 23 12:38:29 CET 2010 - mc@suse.de
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
#
|
||||
# spec file for package krb5-doc (Version 1.8)
|
||||
# spec file for package krb5-doc (Version 1.8.1)
|
||||
#
|
||||
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
#
|
||||
@ -20,18 +20,17 @@
|
||||
|
||||
Name: krb5-doc
|
||||
BuildRequires: ghostscript-library latex2html texlive
|
||||
Version: 1.8
|
||||
Release: 2
|
||||
%define srcRoot krb5-1.8
|
||||
Version: 1.8.1
|
||||
Release: 1
|
||||
%define srcRoot krb5-1.8.1
|
||||
Summary: MIT Kerberos5 Implementation--Documentation
|
||||
License: MIT License (or similar)
|
||||
Url: http://web.mit.edu/kerberos/www/
|
||||
Group: Documentation/Other
|
||||
Source: krb5-1.8.tar.bz2
|
||||
Source: krb5-1.8.1.tar.bz2
|
||||
Source3: %{name}-%{version}-rpmlintrc
|
||||
Patch0: krb5-1.3.5-perlfix.dif
|
||||
Patch1: krb5-1.6.3-texi2dvi-fix.dif
|
||||
Patch2: krb5-1.8-POST.dif
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
BuildArch: noarch
|
||||
|
||||
@ -54,7 +53,6 @@ Authors:
|
||||
%setup -n %{srcRoot}
|
||||
%patch0
|
||||
%patch1
|
||||
%patch2
|
||||
|
||||
%build
|
||||
|
||||
|
@ -1,3 +1,15 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 9 12:43:44 CEST 2010 - mc@suse.de
|
||||
|
||||
- update to version 1.8.1
|
||||
* include krb5-1.8-POST.dif
|
||||
* include MITKRB5-SA-2010-002
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 6 14:14:56 CEST 2010 - mc@suse.de
|
||||
|
||||
- update krb5-1.8-POST.dif
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 23 14:32:41 CET 2010 - mc@suse.de
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
#
|
||||
# spec file for package krb5-mini (Version 1.8)
|
||||
# spec file for package krb5-mini (Version 1.8.1)
|
||||
#
|
||||
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
#
|
||||
@ -18,7 +18,7 @@
|
||||
# norootforbuild
|
||||
|
||||
%define build_mini 1
|
||||
%define srcRoot krb5-1.8
|
||||
%define srcRoot krb5-1.8.1
|
||||
%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
|
||||
%define krb5docdir %{_defaultdocdir}/krb5
|
||||
|
||||
@ -27,8 +27,8 @@ License: MIT License (or similar)
|
||||
Url: http://web.mit.edu/kerberos/www/
|
||||
BuildRequires: bison libcom_err-devel ncurses-devel
|
||||
BuildRequires: keyutils keyutils-devel
|
||||
Version: 1.8
|
||||
Release: 2
|
||||
Version: 1.8.1
|
||||
Release: 1
|
||||
%if ! 0%{?build_mini}
|
||||
BuildRequires: libopenssl-devel openldap2-devel
|
||||
# bug437293
|
||||
@ -42,7 +42,7 @@ Group: Productivity/Networking/Security
|
||||
Summary: MIT Kerberos5 Implementation--Libraries
|
||||
Group: Productivity/Networking/Security
|
||||
%endif
|
||||
Source: krb5-1.8.tar.bz2
|
||||
Source: krb5-1.8.1.tar.bz2
|
||||
Source1: vendor-files.tar.bz2
|
||||
Source2: baselibs.conf
|
||||
Source5: krb5-%{version}-rpmlintrc
|
||||
@ -55,8 +55,6 @@ Patch34: krb5-1.6.3-gssapi_improve_errormessages.dif
|
||||
Patch41: krb5-1.6.3-kpasswd_tcp.patch
|
||||
Patch44: krb5-1.6.3-ktutil-manpage.dif
|
||||
Patch46: krb5-1.6.3-fix-ipv6-query.dif
|
||||
Patch47: krb5-1.7-MITKRB5-SA-2010-002.dif
|
||||
Patch50: krb5-1.8-POST.dif
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
PreReq: mktemp, grep, /bin/touch, coreutils
|
||||
PreReq: %insserv_prereq %fillup_prereq
|
||||
@ -204,8 +202,6 @@ Authors:
|
||||
%patch41
|
||||
%patch44 -p1
|
||||
%patch46 -p1
|
||||
%patch47
|
||||
%patch50
|
||||
# Rename the man pages so that they'll get generated correctly.
|
||||
pushd src
|
||||
cat %{SOURCE10} | while read manpage ; do
|
||||
|
12
krb5.changes
12
krb5.changes
@ -1,3 +1,15 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 9 12:43:44 CEST 2010 - mc@suse.de
|
||||
|
||||
- update to version 1.8.1
|
||||
* include krb5-1.8-POST.dif
|
||||
* include MITKRB5-SA-2010-002
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 6 14:14:56 CEST 2010 - mc@suse.de
|
||||
|
||||
- update krb5-1.8-POST.dif
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 23 14:32:41 CET 2010 - mc@suse.de
|
||||
|
||||
|
14
krb5.spec
14
krb5.spec
@ -1,5 +1,5 @@
|
||||
#
|
||||
# spec file for package krb5 (Version 1.8)
|
||||
# spec file for package krb5 (Version 1.8.1)
|
||||
#
|
||||
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
#
|
||||
@ -18,7 +18,7 @@
|
||||
# norootforbuild
|
||||
|
||||
%define build_mini 0
|
||||
%define srcRoot krb5-1.8
|
||||
%define srcRoot krb5-1.8.1
|
||||
%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
|
||||
%define krb5docdir %{_defaultdocdir}/krb5
|
||||
|
||||
@ -27,8 +27,8 @@ License: MIT License (or similar)
|
||||
Url: http://web.mit.edu/kerberos/www/
|
||||
BuildRequires: bison libcom_err-devel ncurses-devel
|
||||
BuildRequires: keyutils keyutils-devel
|
||||
Version: 1.8
|
||||
Release: 2
|
||||
Version: 1.8.1
|
||||
Release: 1
|
||||
%if ! 0%{?build_mini}
|
||||
BuildRequires: libopenssl-devel openldap2-devel
|
||||
# bug437293
|
||||
@ -42,7 +42,7 @@ Group: Productivity/Networking/Security
|
||||
Summary: MIT Kerberos5 Implementation--Libraries
|
||||
Group: Productivity/Networking/Security
|
||||
%endif
|
||||
Source: krb5-1.8.tar.bz2
|
||||
Source: krb5-1.8.1.tar.bz2
|
||||
Source1: vendor-files.tar.bz2
|
||||
Source2: baselibs.conf
|
||||
Source5: krb5-%{version}-rpmlintrc
|
||||
@ -55,8 +55,6 @@ Patch34: krb5-1.6.3-gssapi_improve_errormessages.dif
|
||||
Patch41: krb5-1.6.3-kpasswd_tcp.patch
|
||||
Patch44: krb5-1.6.3-ktutil-manpage.dif
|
||||
Patch46: krb5-1.6.3-fix-ipv6-query.dif
|
||||
Patch47: krb5-1.7-MITKRB5-SA-2010-002.dif
|
||||
Patch50: krb5-1.8-POST.dif
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
PreReq: mktemp, grep, /bin/touch, coreutils
|
||||
PreReq: %insserv_prereq %fillup_prereq
|
||||
@ -204,8 +202,6 @@ Authors:
|
||||
%patch41
|
||||
%patch44 -p1
|
||||
%patch46 -p1
|
||||
%patch47
|
||||
%patch50
|
||||
# Rename the man pages so that they'll get generated correctly.
|
||||
pushd src
|
||||
cat %{SOURCE10} | while read manpage ; do
|
||||
|
Loading…
Reference in New Issue
Block a user