Accepting request 979732 from home:dirkmueller:Factory
- update to 1.20.0:
* Added a "disable_pac" realm relation to suppress adding PAC authdata
to tickets, for realms which do not need to support S4U requests.
* Most credential cache types will use atomic replacement when a cache
is reinitialized using kinit or refreshed from the client keytab.
* kprop can now propagate databases with a dump size larger than 4GB,
if both the client and server are upgraded.
* kprop can now work over NATs that change the destination IP address,
if the client is upgraded.
* Updated the KDB interface. The sign_authdata() method is replaced
with the issue_pac() method, allowing KDB modules to add logon info
and other buffers to the PAC issued by the KDC.
* Host-based initiator names are better supported in the GSS krb5
mechanism.
* Replaced AD-SIGNEDPATH authdata with minimal PACs.
* To avoid spurious replay errors, password change requests will not
be attempted over UDP until the attempt over TCP fails.
* PKINIT will sign its CMS messages with SHA-256 instead of SHA-1.
* Updated all code using OpenSSL to be compatible with OpenSSL 3.
* Reorganized the libk5crypto build system to allow the OpenSSL
back-end to pull in material from the builtin back-end depending on
the OpenSSL version.
* Simplified the PRNG logic to always use the platform PRNG.
* Converted the remaining Tcl tests to Python.
OBS-URL: https://build.opensuse.org/request/show/979732
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=259
This commit is contained in:
Git OBS Bridge
parent
ff3493d16b
commit
7383de009b
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:56d04863cfddc9d9eb7af17556e043e3537d41c6e545610778676cf551b9dcd0
|
||||
size 8741343
|
||||
@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmIrr24ACgkQDLoIV1+D
|
||||
ct+h+A//W9AfniKl4SAZ5OWmn+B/1ge7U7KWxVdn8yJtUTfKzBujPe6LLCMpsn/F
|
||||
+ddq2Powml+lEQHhAJBgGogPJ6Fs+/Y7jmhskz/d2dU1lTWEAoTGxz6fGZnx4kei
|
||||
yciPWYnQrvPLdgh2I3rQyt5VDe6pEo5xvFhzEDpQPkXXQGAXVVokcSz5tvoRI8xF
|
||||
V/oKIXJ7iSpc/prcrirdC+vKe04E3PmX1Cjd5dAH97gzYGJMsouB3/8/PxzLBb3y
|
||||
be4XeLLJA9FwjBeEx68nBal2o3p1Xkq24v3XMI62xqBZDrWtwJ5NkR1GZje2X00H
|
||||
SAd1xI6ye+f+6mxje/hen7cqfN53/7l2j3fayoT+35F6OzmiXSf9TKO6P1HElA0t
|
||||
qXOm5oMi9GK1mVRwek15pxCcLEFWrUGNGnILFrep4exxIAOPjgyVN1DolK6c3V3t
|
||||
yCsRGwhZaN6rNuaHEibVpL4JG+3fEy8Ovb02pqqPP6LXc9/1b+EIAufWTpJtbQSy
|
||||
3JvSmzFYHVJjaS+n0vsbMJtDsf+uuYy77liIh0LblId1xpU5pdLd7jy8qZ6jEt/J
|
||||
8PX3C5oc4iKq8Z7epd8T3itD3ECPG5g+A7GU8kApAfgpY/GP1rvg1RSaalWRQP+x
|
||||
dKY7eMHSHHhBjuC7EdzNIJWo8v311KWogcHkVfzmbx+6HT/iAgM=
|
||||
=D86e
|
||||
-----END PGP SIGNATURE-----
|
||||
3
krb5-1.20.tar.gz
Normal file
3
krb5-1.20.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:7e022bdd3c851830173f9faaa006a230a0e0fdad4c953e85bff4bf0da036e12f
|
||||
size 8660756
|
||||
16
krb5-1.20.tar.gz.asc
Normal file
16
krb5-1.20.tar.gz.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmKO3iYACgkQDLoIV1+D
|
||||
ct/OCxAAvGE7Qi/GMlft3t56wK4FwIwENHJ7cnDJw1tkah94zO3hytphYqvCMSu/
|
||||
9OnLOynuI/XEU518avHdk5eqWI0oe2XRLbAfXuXH0Uccyun2kP/H5Smvw2JVxiOO
|
||||
O5DhhMXvjB/ifpfK3u12RFSBHEZsxV79eeVAgQV3LPyokceHH3uOeAlMPYAgzmnp
|
||||
0drDTYIErmlxhUxGUWvVvckz5wOR8TXt4nKJ2+zixBeOYQu1WZ+WJLlc4nVG4e/I
|
||||
3otns5aYPPbPMSDq3BZeaUCYqjxMJ0LgqFRZMJGAAeE9HR3tmxhfUMpAQnQgc/MZ
|
||||
6Nf3rrCj5AETZ2CtiTcKoICEa6MDG4CYhGMIW9R+5eQke1Oq+V9NVu3RdaD0R4rq
|
||||
snMYk69zF/QhiSOK3ulRm+t8RHAquDimpFlpMinl0DbK5h+A/kgfC7fyfxEHe1dj
|
||||
H2vCj946LNS2OgqJ5WbV867Fk7+unP0AZ1cy3+hedODRjqNfcu1MuLhxs/e0eLy5
|
||||
MmBDSZtJc27IVEs1IUntBy14WuJt3csjGb0jzMnWrbDcjvWAGC5yV4b5HfvZvOt8
|
||||
E2HCVWMycTuNFZHgtITqvmb2tYOc9bSOYUCRp7clCn9vvFtAKKzZiGzUsnyshLqq
|
||||
N6a1sTudU9otnIR52+K5v1rLlChS2UlIek0Nj6ejlTcTk9Go6aw=
|
||||
=z5Ek
|
||||
-----END PGP SIGNATURE-----
|
||||
@ -24,13 +24,13 @@
|
||||
%define _fillupdir %{_localstatedir}/adm/fillup-templates
|
||||
%endif
|
||||
Name: krb5-mini
|
||||
Version: 1.19.3
|
||||
Version: 1.20
|
||||
Release: 0
|
||||
Summary: MIT Kerberos5 implementation and libraries with minimal dependencies
|
||||
License: MIT
|
||||
URL: https://kerberos.org/dist/
|
||||
Source0: https://kerberos.org/dist/krb5/1.19/krb5-%{version}.tar.gz
|
||||
Source1: https://kerberos.org/dist/krb5/1.19/krb5-%{version}.tar.gz.asc
|
||||
Source0: https://kerberos.org/dist/krb5/1.20/krb5-%{version}.tar.gz
|
||||
Source1: https://kerberos.org/dist/krb5/1.20/krb5-%{version}.tar.gz.asc
|
||||
Source2: krb5.keyring
|
||||
Source3: vendor-files.tar.bz2
|
||||
Source4: baselibs.conf
|
||||
|
||||
28
krb5.changes
28
krb5.changes
@ -1,3 +1,31 @@
|
||||
-------------------------------------------------------------------
|
||||
Sun May 29 19:14:02 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 1.20.0:
|
||||
* Added a "disable_pac" realm relation to suppress adding PAC authdata
|
||||
to tickets, for realms which do not need to support S4U requests.
|
||||
* Most credential cache types will use atomic replacement when a cache
|
||||
is reinitialized using kinit or refreshed from the client keytab.
|
||||
* kprop can now propagate databases with a dump size larger than 4GB,
|
||||
if both the client and server are upgraded.
|
||||
* kprop can now work over NATs that change the destination IP address,
|
||||
if the client is upgraded.
|
||||
* Updated the KDB interface. The sign_authdata() method is replaced
|
||||
with the issue_pac() method, allowing KDB modules to add logon info
|
||||
and other buffers to the PAC issued by the KDC.
|
||||
* Host-based initiator names are better supported in the GSS krb5
|
||||
mechanism.
|
||||
* Replaced AD-SIGNEDPATH authdata with minimal PACs.
|
||||
* To avoid spurious replay errors, password change requests will not
|
||||
be attempted over UDP until the attempt over TCP fails.
|
||||
* PKINIT will sign its CMS messages with SHA-256 instead of SHA-1.
|
||||
* Updated all code using OpenSSL to be compatible with OpenSSL 3.
|
||||
* Reorganized the libk5crypto build system to allow the OpenSSL
|
||||
back-end to pull in material from the builtin back-end depending on
|
||||
the OpenSSL version.
|
||||
* Simplified the PRNG logic to always use the platform PRNG.
|
||||
* Converted the remaining Tcl tests to Python.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Apr 9 11:31:42 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
|
||||
@ -21,13 +21,13 @@
|
||||
%define _fillupdir %{_localstatedir}/adm/fillup-templates
|
||||
%endif
|
||||
Name: krb5
|
||||
Version: 1.19.3
|
||||
Version: 1.20
|
||||
Release: 0
|
||||
Summary: MIT Kerberos5 implementation
|
||||
License: MIT
|
||||
URL: https://kerberos.org/dist/
|
||||
Source0: https://kerberos.org/dist/krb5/1.19/krb5-%{version}.tar.gz
|
||||
Source1: https://kerberos.org/dist/krb5/1.19/krb5-%{version}.tar.gz.asc
|
||||
Source0: https://kerberos.org/dist/krb5/1.20/krb5-%{version}.tar.gz
|
||||
Source1: https://kerberos.org/dist/krb5/1.20/krb5-%{version}.tar.gz.asc
|
||||
Source2: krb5.keyring
|
||||
Source3: vendor-files.tar.bz2
|
||||
Source4: baselibs.conf
|
||||
|
||||
Loading…
Reference in New Issue
Block a user