diff options
author | Nalin Dahyabhai <nalin@fedoraproject.org> | 2006-08-07 17:52:52 +0000 |
---|---|---|
committer | Nalin Dahyabhai <nalin@fedoraproject.org> | 2006-08-07 17:52:52 +0000 |
commit | 8c4df25456585c69b4f4369eeb60905d9cd2b05b (patch) | |
tree | 6454c0e5f4dc2fa823f53561f605a907500e645f | |
parent | 92a65fb1b1307b5efef5f63b2be732ed70198009 (diff) | |
download | krb5-8c4df25456585c69b4f4369eeb60905d9cd2b05b.tar.gz krb5-8c4df25456585c69b4f4369eeb60905d9cd2b05b.tar.xz krb5-8c4df25456585c69b4f4369eeb60905d9cd2b05b.zip |
- ensure that the gssapi library's been initialized before walking thekrb5-1_5-4
internal mechanism list in gss_release_oid(), needed if called from
gss_release_name() right after a gss_import_name() (#198092)
-rw-r--r-- | krb5-1.5-gssinit.patch | 19 | ||||
-rw-r--r-- | krb5.spec | 9 |
2 files changed, 27 insertions, 1 deletions
diff --git a/krb5-1.5-gssinit.patch b/krb5-1.5-gssinit.patch new file mode 100644 index 0000000..1c5845b --- /dev/null +++ b/krb5-1.5-gssinit.patch @@ -0,0 +1,19 @@ +Don't crash in gss_release_oid() when the application is doing nothing +more than importing a name and freeing it (gss_release_name() calls +gss_release_oid(), but gss_import_name() doesn't initialize the library, +so gss_release_oid() hits an assertion failure when it tries to lock the +mechanism list). + +Upstream RT #4088/4096. + +--- krb5-1.5/src/lib/gssapi/mechglue/g_initialize.c 2006-08-07 13:10:19.000000000 -0400 ++++ krb5-1.5/src/lib/gssapi/mechglue/g_initialize.c 2006-08-07 13:10:13.000000000 -0400 +@@ -91,6 +91,8 @@ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); ++ if (gssint_initialize_library()) ++ return GSS_S_FAILURE; + + *minor_status = 0; + @@ -10,7 +10,7 @@ Summary: The Kerberos network authentication system. Name: krb5 Version: 1.5 -Release: 3 +Release: 4 # Maybe we should explode from the now-available-to-everybody tarball instead? # http://web.mit.edu/kerberos/dist/krb5/1.5/krb5-1.5-signed.tar Source0: krb5-%{version}.tar.gz @@ -65,6 +65,7 @@ Patch39: krb5-1.4.1-api.patch Patch40: krb5-1.4.1-telnet-environ.patch Patch41: krb5-1.2.7-login-lpass.patch Patch44: krb5-1.4.3-enospc.patch +Patch45: krb5-1.5-gssinit.patch License: MIT, freely distributable. URL: http://web.mit.edu/kerberos/www/ @@ -130,6 +131,11 @@ network uses Kerberos, this package should be installed on every workstation. %changelog +* Mon Aug 7 2006 Nalin Dahyabhai <nalin@redhat.com> - 1.5-4 +- ensure that the gssapi library's been initialized before walking the + internal mechanism list in gss_release_oid(), needed if called from + gss_release_name() right after a gss_import_name() (#198092) + * Tue Jul 25 2006 Nalin Dahyabhai <nalin@redhat.com> - 1.5-3 - rebuild @@ -930,6 +936,7 @@ workstation. %patch40 -p1 -b .telnet-environ %patch41 -p1 -b .login-lpass %patch44 -p1 -b .enospc +%patch45 -p1 -b .gssinit cp src/krb524/README README.krb524 gzip doc/*.ps cd src |