SHA256
1
0
forked from pool/krb5
Dominique Leuenberger 2018-10-29 13:13:32 +00:00 committed by Git OBS Bridge
commit 6b8422d303
9 changed files with 184 additions and 104 deletions

View File

@ -31,9 +31,11 @@ The selabel APIs for looking up the context should be thread-safe (per
Red Hat #273081), so switching to using them instead of matchpathcon(),
which we used earlier, is some improvement.
--- krb5-1.13.orig/src/aclocal.m4
+++ krb5-1.13/src/aclocal.m4
@@ -87,6 +87,7 @@ AC_SUBST_FILE(libnodeps_frag)
Index: krb5-1.16.1/src/aclocal.m4
===================================================================
--- krb5-1.16.1.orig/src/aclocal.m4
+++ krb5-1.16.1/src/aclocal.m4
@@ -89,6 +89,7 @@ AC_SUBST_FILE(libnodeps_frag)
dnl
KRB5_AC_PRAGMA_WEAK_REF
WITH_LDAP
@ -41,7 +43,7 @@ which we used earlier, is some improvement.
KRB5_LIB_PARAMS
KRB5_AC_INITFINI
KRB5_AC_ENABLE_THREADS
@@ -1738,3 +1739,51 @@ AC_SUBST(PAM_LIBS)
@@ -1763,3 +1764,51 @@ AC_SUBST(PAM_LIBS)
AC_SUBST(PAM_MAN)
AC_SUBST(NON_PAM_MAN)
])dnl
@ -93,9 +95,11 @@ which we used earlier, is some improvement.
+LIBS="$old_LIBS"
+AC_SUBST(SELINUX_LIBS)
+])dnl
--- krb5-1.13.orig/src/config/pre.in
+++ krb5-1.13/src/config/pre.in
@@ -174,6 +174,7 @@ LD = $(PURE) @LD@
Index: krb5-1.16.1/src/config/pre.in
===================================================================
--- krb5-1.16.1.orig/src/config/pre.in
+++ krb5-1.16.1/src/config/pre.in
@@ -177,6 +177,7 @@ LD = $(PURE) @LD@
KRB_INCLUDES = -I$(BUILDTOP)/include -I$(top_srcdir)/include
LDFLAGS = @LDFLAGS@
LIBS = @LIBS@
@ -103,7 +107,7 @@ which we used earlier, is some improvement.
INSTALL=@INSTALL@
INSTALL_STRIP=
@@ -394,7 +395,7 @@ SUPPORT_LIB = -l$(SUPPORT_LIBNAME)
@@ -399,7 +400,7 @@ SUPPORT_LIB = -l$(SUPPORT_LIBNAME)
# HESIOD_LIBS is -lhesiod...
HESIOD_LIBS = @HESIOD_LIBS@
@ -111,10 +115,12 @@ which we used earlier, is some improvement.
+KRB5_BASE_LIBS = $(KRB5_LIB) $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB) $(GEN_LIB) $(LIBS) $(SELINUX_LIBS) $(DL_LIB)
KDB5_LIBS = $(KDB5_LIB) $(GSSRPC_LIBS)
GSS_LIBS = $(GSS_KRB5_LIB)
# needs fixing if ever used on Mac OS X!
--- krb5-1.13.orig/src/configure.in
+++ krb5-1.13/src/configure.in
@@ -1287,6 +1287,8 @@ AC_PATH_PROG(GROFF, groff)
# needs fixing if ever used on macOS!
Index: krb5-1.16.1/src/configure.in
===================================================================
--- krb5-1.16.1.orig/src/configure.in
+++ krb5-1.16.1/src/configure.in
@@ -1308,6 +1308,8 @@ AC_PATH_PROG(GROFF, groff)
KRB5_WITH_PAM
@ -123,9 +129,11 @@ which we used earlier, is some improvement.
# Make localedir work in autoconf 2.5x.
if test "${localedir+set}" != set; then
localedir='$(datadir)/locale'
--- krb5-1.13.orig/src/include/k5-int.h
+++ krb5-1.13/src/include/k5-int.h
@@ -127,6 +127,7 @@ typedef unsigned char u_char;
Index: krb5-1.16.1/src/include/k5-int.h
===================================================================
--- krb5-1.16.1.orig/src/include/k5-int.h
+++ krb5-1.16.1/src/include/k5-int.h
@@ -126,6 +126,7 @@ typedef unsigned char u_char;
#endif /* HAVE_SYS_TYPES_H */
#endif /* KRB5_SYSTYPES__ */
@ -133,8 +141,10 @@ which we used earlier, is some improvement.
#include "k5-platform.h"
Index: krb5-1.16.1/src/include/k5-label.h
===================================================================
--- /dev/null
+++ krb5-1.13/src/include/k5-label.h
+++ krb5-1.16.1/src/include/k5-label.h
@@ -0,0 +1,32 @@
+#ifndef _KRB5_LABEL_H
+#define _KRB5_LABEL_H
@ -168,8 +178,10 @@ which we used earlier, is some improvement.
+#define THREEPARAMOPEN(x,y,z) open(x,y,z)
+#endif
+#endif
--- krb5-1.13.orig/src/include/krb5/krb5.hin
+++ krb5-1.13/src/include/krb5/krb5.hin
Index: krb5-1.16.1/src/include/krb5/krb5.hin
===================================================================
--- krb5-1.16.1.orig/src/include/krb5/krb5.hin
+++ krb5-1.16.1/src/include/krb5/krb5.hin
@@ -87,6 +87,12 @@
#define THREEPARAMOPEN(x,y,z) open(x,y,z)
#endif
@ -183,8 +195,10 @@ which we used earlier, is some improvement.
#define KRB5_OLD_CRYPTO
#include <stdlib.h>
--- krb5-1.13.orig/src/kadmin/dbutil/dump.c
+++ krb5-1.13/src/kadmin/dbutil/dump.c
Index: krb5-1.16.1/src/kadmin/dbutil/dump.c
===================================================================
--- krb5-1.16.1.orig/src/kadmin/dbutil/dump.c
+++ krb5-1.16.1/src/kadmin/dbutil/dump.c
@@ -148,12 +148,21 @@ create_ofile(char *ofile, char **tmpname
{
int fd = -1;
@ -216,8 +230,10 @@ which we used earlier, is some improvement.
if (*fd == -1) {
com_err(progname, errno, _("while creating 'ok' file, '%s'"), file_ok);
exit_status++;
--- krb5-1.13.orig/src/build-tools/krb5-config.in
+++ krb5-1.13/src/build-tools/krb5-config.in
Index: krb5-1.16.1/src/build-tools/krb5-config.in
===================================================================
--- krb5-1.16.1.orig/src/build-tools/krb5-config.in
+++ krb5-1.16.1/src/build-tools/krb5-config.in
@@ -41,6 +41,7 @@ DL_LIB='@DL_LIB@'
DEFCCNAME='@DEFCCNAME@'
DEFKTNAME='@DEFKTNAME@'
@ -235,9 +251,11 @@ which we used earlier, is some improvement.
# here.
echo $lib_flags
--- krb5-1.15.orig/src/lib/kadm5/logger.c 2016-12-01 23:31:24.000000000 +0100
+++ krb5-1.15/src/lib/kadm5/logger.c 2016-12-03 21:08:16.107101435 +0100
@@ -414,7 +414,7 @@
Index: krb5-1.16.1/src/lib/kadm5/logger.c
===================================================================
--- krb5-1.16.1.orig/src/lib/kadm5/logger.c
+++ krb5-1.16.1/src/lib/kadm5/logger.c
@@ -414,7 +414,7 @@ krb5_klog_init(krb5_context kcontext, ch
*/
append = (cp[4] == ':') ? O_APPEND : 0;
if (append || cp[4] == '=') {
@ -246,7 +264,7 @@ which we used earlier, is some improvement.
S_IRUSR | S_IWUSR | S_IRGRP);
if (fd != -1)
f = fdopen(fd, append ? "a" : "w");
@@ -918,7 +918,7 @@
@@ -918,7 +918,7 @@ krb5_klog_reopen(krb5_context kcontext)
* In case the old logfile did not get moved out of the
* way, open for append to prevent squashing the old logs.
*/
@ -255,9 +273,11 @@ which we used earlier, is some improvement.
if (f) {
set_cloexec_file(f);
log_control.log_entries[lindex].lfu_filep = f;
--- krb5-1.15.orig/src/lib/krb5/keytab/kt_file.c 2016-12-01 23:31:25.000000000 +0100
+++ krb5-1.15/src/lib/krb5/keytab/kt_file.c 2016-12-03 17:33:05.520679326 +0100
@@ -1022,14 +1022,14 @@
Index: krb5-1.16.1/src/lib/krb5/keytab/kt_file.c
===================================================================
--- krb5-1.16.1.orig/src/lib/krb5/keytab/kt_file.c
+++ krb5-1.16.1/src/lib/krb5/keytab/kt_file.c
@@ -1024,14 +1024,14 @@ krb5_ktfileint_open(krb5_context context
KTCHECKLOCK(id);
errno = 0;
@ -274,9 +294,11 @@ which we used earlier, is some improvement.
if (!KTFILEP(id))
goto report_errno;
writevno = 1;
--- krb5-1.15.orig/src/plugins/kdb/db2/adb_openclose.c 2016-12-01 23:31:25.000000000 +0100
+++ krb5-1.15/src/plugins/kdb/db2/adb_openclose.c 2016-12-03 17:34:40.565150626 +0100
@@ -152,7 +152,7 @@
Index: krb5-1.16.1/src/plugins/kdb/db2/adb_openclose.c
===================================================================
--- krb5-1.16.1.orig/src/plugins/kdb/db2/adb_openclose.c
+++ krb5-1.16.1/src/plugins/kdb/db2/adb_openclose.c
@@ -152,7 +152,7 @@ osa_adb_init_db(osa_adb_db_t *dbp, char
* needs be open read/write so that write locking can work with
* POSIX systems
*/
@ -285,8 +307,10 @@ which we used earlier, is some improvement.
/*
* maybe someone took away write permission so we could only
* get shared locks?
--- krb5-1.13.orig/src/plugins/kdb/db2/libdb2/btree/bt_open.c
+++ krb5-1.13/src/plugins/kdb/db2/libdb2/btree/bt_open.c
Index: krb5-1.16.1/src/plugins/kdb/db2/libdb2/btree/bt_open.c
===================================================================
--- krb5-1.16.1.orig/src/plugins/kdb/db2/libdb2/btree/bt_open.c
+++ krb5-1.16.1/src/plugins/kdb/db2/libdb2/btree/bt_open.c
@@ -60,6 +60,7 @@ static char sccsid[] = "@(#)bt_open.c 8.
#include <string.h>
#include <unistd.h>
@ -304,8 +328,10 @@ which we used earlier, is some improvement.
goto err;
} else {
--- krb5-1.13.orig/src/plugins/kdb/db2/libdb2/hash/hash.c
+++ krb5-1.13/src/plugins/kdb/db2/libdb2/hash/hash.c
Index: krb5-1.16.1/src/plugins/kdb/db2/libdb2/hash/hash.c
===================================================================
--- krb5-1.16.1.orig/src/plugins/kdb/db2/libdb2/hash/hash.c
+++ krb5-1.16.1/src/plugins/kdb/db2/libdb2/hash/hash.c
@@ -51,6 +51,7 @@ static char sccsid[] = "@(#)hash.c 8.12
#include <assert.h>
#endif
@ -314,7 +340,7 @@ which we used earlier, is some improvement.
#include "db-int.h"
#include "hash.h"
#include "page.h"
@@ -140,7 +141,7 @@ __kdb2_hash_open(file, flags, mode, info
@@ -129,7 +130,7 @@ __kdb2_hash_open(file, flags, mode, info
new_table = 1;
}
if (file) {
@ -323,9 +349,11 @@ which we used earlier, is some improvement.
RETURN_ERROR(errno, error0);
(void)fcntl(hashp->fp, F_SETFD, 1);
}
--- krb5-1.13.orig/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
+++ krb5-1.13/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
@@ -178,7 +178,7 @@ done:
Index: krb5-1.16.1/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
===================================================================
--- krb5-1.16.1.orig/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
+++ krb5-1.16.1/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
@@ -203,7 +203,7 @@ kdb5_ldap_stash_service_password(int arg
/* set password in the file */
old_mode = umask(0177);
@ -334,7 +362,7 @@ which we used earlier, is some improvement.
if (pfile == NULL) {
com_err(me, errno, _("Failed to open file %s: %s"), file_name,
strerror (errno));
@@ -219,6 +219,9 @@ done:
@@ -244,6 +244,9 @@ kdb5_ldap_stash_service_password(int arg
* Delete the existing entry and add the new entry
*/
FILE *newfile;
@ -344,7 +372,7 @@ which we used earlier, is some improvement.
mode_t omask;
@@ -230,7 +233,13 @@ done:
@@ -255,7 +258,13 @@ kdb5_ldap_stash_service_password(int arg
}
omask = umask(077);
@ -358,9 +386,11 @@ which we used earlier, is some improvement.
umask (omask);
if (newfile == NULL) {
com_err(me, errno, _("Error creating file %s"), tmp_file);
--- krb5-1.13.orig/src/util/profile/prof_file.c
+++ krb5-1.13/src/util/profile/prof_file.c
@@ -30,6 +30,7 @@
Index: krb5-1.16.1/src/util/profile/prof_file.c
===================================================================
--- krb5-1.16.1.orig/src/util/profile/prof_file.c
+++ krb5-1.16.1/src/util/profile/prof_file.c
@@ -33,6 +33,7 @@
#endif
#include "k5-platform.h"
@ -368,7 +398,7 @@ which we used earlier, is some improvement.
struct global_shared_profile_data {
/* This is the head of the global list of shared trees */
@@ -411,7 +412,7 @@ static errcode_t write_data_to_file(prf_
@@ -423,7 +424,7 @@ static errcode_t write_data_to_file(prf_
errno = 0;
@ -377,9 +407,11 @@ which we used earlier, is some improvement.
if (!f) {
retval = errno;
if (retval == 0)
--- krb5-1.13.orig/src/util/support/Makefile.in
+++ krb5-1.13/src/util/support/Makefile.in
@@ -59,6 +59,7 @@ IPC_SYMS= \
Index: krb5-1.16.1/src/util/support/Makefile.in
===================================================================
--- krb5-1.16.1.orig/src/util/support/Makefile.in
+++ krb5-1.16.1/src/util/support/Makefile.in
@@ -69,6 +69,7 @@ IPC_SYMS= \
STLIBOBJS= \
threads.o \
@ -387,7 +419,7 @@ which we used earlier, is some improvement.
init-addrinfo.o \
plugins.o \
errors.o \
@@ -131,7 +132,7 @@ SRCS=\
@@ -149,7 +150,7 @@ SRCS=\
SHLIB_EXPDEPS =
# Add -lm if dumping thread stats, for sqrt.
@ -396,8 +428,10 @@ which we used earlier, is some improvement.
DEPLIBS=
Index: krb5-1.16.1/src/util/support/selinux.c
===================================================================
--- /dev/null
+++ krb5-1.13/src/util/support/selinux.c
+++ krb5-1.16.1/src/util/support/selinux.c
@@ -0,0 +1,381 @@
+/*
+ * Copyright 2007,2008,2009,2011,2012,2013 Red Hat, Inc. All Rights Reserved.
@ -780,9 +814,11 @@ which we used earlier, is some improvement.
+}
+
+#endif
--- krb5-1.13.orig/src/lib/krb5/rcache/rc_dfl.c
+++ krb5-1.13/src/lib/krb5/rcache/rc_dfl.c
@@ -794,6 +794,9 @@ krb5_rc_dfl_expunge_locked(krb5_context
Index: krb5-1.16.1/src/lib/krb5/rcache/rc_dfl.c
===================================================================
--- krb5-1.16.1.orig/src/lib/krb5/rcache/rc_dfl.c
+++ krb5-1.16.1/src/lib/krb5/rcache/rc_dfl.c
@@ -793,6 +793,9 @@ krb5_rc_dfl_expunge_locked(krb5_context
krb5_error_code retval = 0;
krb5_rcache tmp;
krb5_deltat lifespan = t->lifespan; /* save original lifespan */
@ -792,7 +828,7 @@ which we used earlier, is some improvement.
if (! t->recovering) {
name = t->name;
@@ -815,7 +818,17 @@ krb5_rc_dfl_expunge_locked(krb5_context
@@ -814,7 +817,17 @@ krb5_rc_dfl_expunge_locked(krb5_context
retval = krb5_rc_resolve(context, tmp, 0);
if (retval)
goto cleanup;
@ -810,8 +846,10 @@ which we used earlier, is some improvement.
if (retval)
goto cleanup;
for (q = t->a; q; q = q->na) {
--- krb5-1.13.orig/src/lib/krb5/ccache/cc_dir.c
+++ krb5-1.13/src/lib/krb5/ccache/cc_dir.c
Index: krb5-1.16.1/src/lib/krb5/ccache/cc_dir.c
===================================================================
--- krb5-1.16.1.orig/src/lib/krb5/ccache/cc_dir.c
+++ krb5-1.16.1/src/lib/krb5/ccache/cc_dir.c
@@ -183,10 +183,19 @@ write_primary_file(const char *primary_p
char *newpath = NULL;
FILE *fp = NULL;
@ -858,9 +896,11 @@ which we used earlier, is some improvement.
k5_setmsg(context, KRB5_FCC_NOFILE,
_("Credential cache directory %s does not exist"),
dirname);
--- krb5-1.13.orig/src/lib/krb5/os/trace.c
+++ krb5-1.13/src/lib/krb5/os/trace.c
@@ -397,7 +397,7 @@ krb5_set_trace_filename(krb5_context con
Index: krb5-1.16.1/src/lib/krb5/os/trace.c
===================================================================
--- krb5-1.16.1.orig/src/lib/krb5/os/trace.c
+++ krb5-1.16.1/src/lib/krb5/os/trace.c
@@ -398,7 +398,7 @@ krb5_set_trace_filename(krb5_context con
fd = malloc(sizeof(*fd));
if (fd == NULL)
return ENOMEM;
@ -869,9 +909,11 @@ which we used earlier, is some improvement.
if (*fd == -1) {
free(fd);
return errno;
--- krb5-1.13.orig/src/plugins/kdb/db2/kdb_db2.c
+++ krb5-1.13/src/plugins/kdb/db2/kdb_db2.c
@@ -695,8 +695,8 @@ ctx_create_db(krb5_context context, krb5
Index: krb5-1.16.1/src/plugins/kdb/db2/kdb_db2.c
===================================================================
--- krb5-1.16.1.orig/src/plugins/kdb/db2/kdb_db2.c
+++ krb5-1.16.1/src/plugins/kdb/db2/kdb_db2.c
@@ -694,8 +694,8 @@ ctx_create_db(krb5_context context, krb5
if (retval)
return retval;
@ -882,8 +924,10 @@ which we used earlier, is some improvement.
if (dbc->db_lf_file < 0) {
retval = errno;
goto cleanup;
--- krb5-1.13.orig/src/plugins/kdb/db2/libdb2/recno/rec_open.c
+++ krb5-1.13/src/plugins/kdb/db2/libdb2/recno/rec_open.c
Index: krb5-1.16.1/src/plugins/kdb/db2/libdb2/recno/rec_open.c
===================================================================
--- krb5-1.16.1.orig/src/plugins/kdb/db2/libdb2/recno/rec_open.c
+++ krb5-1.16.1/src/plugins/kdb/db2/libdb2/recno/rec_open.c
@@ -51,6 +51,7 @@ static char sccsid[] = "@(#)rec_open.c 8
#include <stdio.h>
#include <unistd.h>
@ -902,9 +946,11 @@ which we used earlier, is some improvement.
return (NULL);
if (fname != NULL && fcntl(rfd, F_SETFD, 1) == -1) {
--- krb5-1.13.orig/src/kdc/main.c
+++ krb5-1.13/src/kdc/main.c
@@ -847,7 +847,7 @@ write_pid_file(const char *path)
Index: krb5-1.16.1/src/kdc/main.c
===================================================================
--- krb5-1.16.1.orig/src/kdc/main.c
+++ krb5-1.16.1/src/kdc/main.c
@@ -873,7 +873,7 @@ write_pid_file(const char *path)
FILE *file;
unsigned long pid;
@ -913,9 +959,11 @@ which we used earlier, is some improvement.
if (file == NULL)
return errno;
pid = (unsigned long) getpid();
--- krb5-1.13.orig/src/lib/kdb/kdb_log.c
+++ krb5-1.13/src/lib/kdb/kdb_log.c
@@ -464,7 +464,7 @@ ulog_map(krb5_context context, const cha
Index: krb5-1.16.1/src/lib/kdb/kdb_log.c
===================================================================
--- krb5-1.16.1.orig/src/lib/kdb/kdb_log.c
+++ krb5-1.16.1/src/lib/kdb/kdb_log.c
@@ -484,7 +484,7 @@ ulog_map(krb5_context context, const cha
if (extend_file_to(ulogfd, filesize) < 0)
return errno;
} else {
@ -924,9 +972,11 @@ which we used earlier, is some improvement.
if (ulogfd == -1)
return errno;
}
--- krb5-1.13.orig/src/slave/kpropd.c
+++ krb5-1.13/src/slave/kpropd.c
@@ -460,7 +460,9 @@ doit(int fd)
Index: krb5-1.16.1/src/slave/kpropd.c
===================================================================
--- krb5-1.16.1.orig/src/slave/kpropd.c
+++ krb5-1.16.1/src/slave/kpropd.c
@@ -488,7 +488,9 @@ doit(int fd)
krb5_enctype etype;
int database_fd;
char host[INET6_ADDRSTRLEN + 1];
@ -937,7 +987,7 @@ which we used earlier, is some improvement.
signal_wrapper(SIGALRM, alarm_handler);
alarm(params.iprop_resync_timeout);
fromlen = sizeof(from);
@@ -516,9 +518,15 @@ doit(int fd)
@@ -543,9 +545,15 @@ doit(int fd)
free(name);
exit(1);
}

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:92bb5b613e42c62e3b693cd68ba1ea185eb26d5dcc2d168fce17706c150bebab
size 9386670

View File

@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAWutaxAy6CFdfg3LfAQJB8g/+NiCVQakhrLJt8AKwoSYM+MkDReKJNGur
4XY8uI0zDfvWH+fK+6KyNvjV0C4tbzEU7dC4pydLaR+5ptW3vOpNTaWoYiJMpSZQ
HnpCtlaeBFTVPX3EpqZxwnFyt/FJSAcxQMImSwgUWq2sn1ZG0TQ0cW4USclpkaHP
wn4tbAzITy9qxp71KOlc+H+Xghfgp46GOHA6qWfNF0uhaxmYOrGh/WtHnWiN66Cs
LIZHCzxPX8iKuJKKG+awyl1XBb+eSdTzkFCAOH3mWYyt6FHbDnSpGd9lILeomtjs
fZ7l9YEy9lMxQuj1QV29nkI37+SiX2rNGGheNXwiriqgQxGrLxyQBfDwJEQJFIM4
HWVLhFTtE7nko0UGLat2XpfHHRUVNsDFqOHw8yPcfYfsE0h4YKz6O7PO3t8GLrYs
LOSXPSIqgAciKmChhAxOGvJOk89LAQJpe664Agp5dD41lYEzGp/UUDWLMArqEB4x
hLKi5gXfKrrA+OBP007j15dJGwBhaE61xeBkmVI8Ds6kDAgmpNlTsNukOHvvlUOq
C6+OJUUSLI9f0fnPSOz0W7JAQsdp2D+5dYrTU8JgzIKU5r8vO1pzKkM9oNSSUUIA
Y9AMaZh8uBDlhzvGtWRgDnAn3y0g8Qjf5DcWHqNeWQrMOg7ekn0XutmepnGGvXHN
56JVACsg3Zw=
=SYgQ
-----END PGP SIGNATURE-----

3
krb5-1.16.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:214ffe394e3ad0c730564074ec44f1da119159d94281bbec541dc29168d21117
size 9477480

17
krb5-1.16.1.tar.gz.asc Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAWushEwy6CFdfg3LfAQJ+eBAAijTUBfXzCuxCwbDhCFYb1fIbHMkKkTuq
knFKv0VbALW1qUAj5v35A6GjDam6a33bMvGX8MzbGK/a9IDkpvaaXP/c37V4OfiQ
MhA6uQl0vxBMoCZqAFEVcWd6+M/0rY0WBZKpXRiZxxuSNPnSXn1l9fQAcrYKGb7I
YpaAWnzw+cc1k4Xi+GaaSghEYA4dX7TXh1fViJyHaNSESYZjH3J6wEdPm6LtZk6q
GwJw/ieMQi8djde0AhCbzMHWiaeW3jNPOJmpd3mpY04BAAkzGCyRiYGscxb6ge4u
ag2fojv7rbnJxDzy9RO0ZP0+fVPDMwInZ5GHPftbraSDFkTH2JBAYFudPsLDAoRK
FdjLeHpvuU5ifXWrLyshVYYfeXSe0fHz9Xhfhq2/OmfBD6vQl5k86z8IqxNm4ujy
ziypmTzHFnP/sBKlMgSMdDEKoKZHxevVQM5eJQd1XGexmwogkSPX8mwoEc0q4dtZ
h5w/fCu4ERA0BihvnQMZCZgwe32pO27ccPc6PqNHffUSLOq74J4gBHeoAoZ+SYPu
33oG7wxh+8WONzEGujl1lmxHFstij/njg8nULQ6bo6hSZnlMD0gU59mG9seC2jjr
E4aM4TXd1ixxPzM/cqxfI9SalytwYW0gn7Vuyj3P8xIZ5GQZiTsD7XWJqzb3xHmA
2JSQt4TK3Cc=
=9z9K
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,18 @@
-------------------------------------------------------------------
Tue Oct 9 20:13:24 UTC 2018 - James McDonough <jmcdonough@suse.com>
- Upgrade to 1.16.1
* kdc client cert matching on client principal entry
* Allow ktutil addent command to ignore key version and use
non-default salt string.
* add kpropd pidfile support
* enable "encrypted_challenge_indicator" realm option on tickets
obtained using FAST encrypted challenge pre-authentication.
* dates through 2106 accepted
* KDC support for trivially renewable tickets
* stop caching referral and alternate cross-realm TGTs to prevent
duplicate credential cache entries
-------------------------------------------------------------------
Fri May 4 09:48:36 UTC 2018 - michael@stroeder.com

View File

@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@ -21,7 +21,7 @@
%define _fillupdir /var/adm/fillup-templates
%endif
%define srcRoot krb5-1.15.3
%define srcRoot krb5-1.16.1
%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
%define krb5docdir %{_defaultdocdir}/krb5
@ -34,7 +34,7 @@ BuildRequires: keyutils-devel
BuildRequires: libcom_err-devel
BuildRequires: libselinux-devel
BuildRequires: ncurses-devel
Version: 1.15.3
Version: 1.16.1
Release: 0
Summary: MIT Kerberos5 implementation and libraries with minimal dependencies
License: MIT
@ -52,8 +52,8 @@ Conflicts: krb5-server
Conflicts: krb5-plugin-kdb-ldap
Conflicts: krb5-plugin-preauth-pkinit
Conflicts: krb5-plugin-preauth-otp
Source0: https://web.mit.edu/kerberos/dist/krb5/1.15/krb5-%{version}.tar.gz
Source1: https://web.mit.edu/kerberos/dist/krb5/1.15/krb5-%{version}.tar.gz.asc
Source0: https://web.mit.edu/kerberos/dist/krb5/1.16/krb5-%{version}.tar.gz
Source1: https://web.mit.edu/kerberos/dist/krb5/1.16/krb5-%{version}.tar.gz.asc
Source2: krb5.keyring
Source3: vendor-files.tar.bz2
Source4: baselibs.conf

View File

@ -1,3 +1,18 @@
-------------------------------------------------------------------
Tue Oct 9 20:00:21 UTC 2018 - James McDonough <jmcdonough@suse.com>
- Upgrade to 1.16.1
* kdc client cert matching on client principal entry
* Allow ktutil addent command to ignore key version and use
non-default salt string.
* add kpropd pidfile support
* enable "encrypted_challenge_indicator" realm option on tickets
obtained using FAST encrypted challenge pre-authentication.
* dates through 2106 accepted
* KDC support for trivially renewable tickets
* stop caching referral and alternate cross-realm TGTs to prevent
duplicate credential cache entries
-------------------------------------------------------------------
Mon Jun 18 11:02:57 UTC 2018 - mcepl@suse.com

View File

@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@ -30,7 +30,7 @@ BuildRequires: keyutils-devel
BuildRequires: libcom_err-devel
BuildRequires: libselinux-devel
BuildRequires: ncurses-devel
Version: 1.15.3
Version: 1.16.1
Release: 0
Summary: MIT Kerberos5 implementation
License: MIT
@ -46,8 +46,8 @@ BuildRequires: pkgconfig(systemd)
Obsoletes: krb5-64bit
%endif
Conflicts: krb5-mini
Source0: https://web.mit.edu/kerberos/dist/krb5/1.15/krb5-%{version}.tar.gz
Source1: https://web.mit.edu/kerberos/dist/krb5/1.15/krb5-%{version}.tar.gz.asc
Source0: https://web.mit.edu/kerberos/dist/krb5/1.16/krb5-%{version}.tar.gz
Source1: https://web.mit.edu/kerberos/dist/krb5/1.16/krb5-%{version}.tar.gz.asc
Source2: krb5.keyring
Source3: vendor-files.tar.bz2
Source4: baselibs.conf