diff options
| author | Nalin Dahyabhai <nalin@dahyabhai.net> | 2012-11-16 13:13:07 -0500 |
|---|---|---|
| committer | Nalin Dahyabhai <nalin@dahyabhai.net> | 2012-11-16 13:13:07 -0500 |
| commit | f68a6da68f9748225955a17e1ece8d80a5aa304b (patch) | |
| tree | 5ca871cca68b7bab967a1e87265e26bfbea5f1c7 | |
| parent | a08be40755456d21c92ccbfe5570a307387e2fdc (diff) | |
| download | krb5-f68a6da68f9748225955a17e1ece8d80a5aa304b.tar.gz krb5-f68a6da68f9748225955a17e1ece8d80a5aa304b.tar.xz krb5-f68a6da68f9748225955a17e1ece8d80a5aa304b.zip | |
drop a pair of obsoleted patches
| -rw-r--r-- | krb5-1.6.1-telnet-manual_z.patch | 13 | ||||
| -rw-r--r-- | replay.patch | 31 |
2 files changed, 0 insertions, 44 deletions
diff --git a/krb5-1.6.1-telnet-manual_z.patch b/krb5-1.6.1-telnet-manual_z.patch deleted file mode 100644 index 4ecf4cf..0000000 --- a/krb5-1.6.1-telnet-manual_z.patch +++ /dev/null @@ -1,13 +0,0 @@ -This proviso is incorrect on systems where shells other than the C shell -have implemented job control. Any ideas on how to test for this portably? ---- krb5-1.6.1/src/appl/telnet/telnet/telnet.1 2008-02-22 17:49:04.000000000 +0800 -+++ krb5-1.6.1/src/appl/telnet/telnet/telnet.1 2008-02-22 17:49:40.000000000 +0800 -@@ -1286,8 +1286,6 @@ commands. - .B z - Suspend - .BR telnet . --This command only works when the user's shell is --.IR csh (1). - .TP - \fB\&!\fP [\fIcommand\fP] - Execute a single command in a subshell on the local system. If diff --git a/replay.patch b/replay.patch deleted file mode 100644 index 193f139..0000000 --- a/replay.patch +++ /dev/null @@ -1,31 +0,0 @@ -commit f1783431cb8f146095067f5e2531e9155a8787bb -Author: Nalin Dahyabhai <nalin@dahyabhai.net> -Date: Wed Apr 18 14:01:39 2012 -0400 - - Turn off replay cache in krb5_verify_init_creds() - - The library isn't attempting a replay attack on itself, so any detected - replays are only going to be false-positives. - - ticket: 7229 (new) - -diff --git a/src/lib/krb5/krb/vfy_increds.c b/src/lib/krb5/krb/vfy_increds.c -index 14acb0a..e88a37f 100644 ---- a/src/lib/krb5/krb/vfy_increds.c -+++ b/src/lib/krb5/krb/vfy_increds.c -@@ -149,6 +149,15 @@ get_vfy_cred(krb5_context context, krb5_creds *creds, krb5_principal server, - authcon = NULL; - } - -+ /* Build an auth context that won't bother with replay checks -- it's -+ * not as if we're going to mount a replay attack on ourselves here. */ -+ ret = krb5_auth_con_init(context, &authcon); -+ if (ret) -+ goto cleanup; -+ ret = krb5_auth_con_setflags(context, authcon, 0); -+ if (ret) -+ goto cleanup; -+ - /* Verify the ap_req. */ - ret = krb5_rd_req(context, &authcon, &ap_req, server, keytab, NULL, NULL); - if (ret) |