diff options
| author | Robbie Harwood (frozencemetery) <rharwood@redhat.com> | 2015-10-08 19:24:12 +0000 |
|---|---|---|
| committer | Robbie Harwood (frozencemetery) <rharwood@redhat.com> | 2015-10-08 19:24:20 +0000 |
| commit | 4529758a74da48b1de1d4db7d5009225a1912b24 (patch) | |
| tree | f0f13081a29b0f7ddad2f379716545ce758783b3 | |
| parent | a89bdde4daaf07e39d14422a4de4779fe38d625e (diff) | |
| download | krb5-4529758a74da48b1de1d4db7d5009225a1912b24.tar.gz krb5-4529758a74da48b1de1d4db7d5009225a1912b24.tar.xz krb5-4529758a74da48b1de1d4db7d5009225a1912b24.zip | |
Work around KDC client prinicipal in referrals issue
Resolves: rhbz#1259844
| -rw-r--r-- | krb5-1.14-client_referral_principal.patch | 17 | ||||
| -rw-r--r-- | krb5.spec | 8 |
2 files changed, 24 insertions, 1 deletions
diff --git a/krb5-1.14-client_referral_principal.patch b/krb5-1.14-client_referral_principal.patch new file mode 100644 index 0000000..78b1906 --- /dev/null +++ b/krb5-1.14-client_referral_principal.patch @@ -0,0 +1,17 @@ +@@ -, +, @@ + wrong realm +--- + src/kdc/do_as_req.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) +--- a/src/kdc/do_as_req.c ++++ a/src/kdc/do_as_req.c +@@ -862,7 +862,7 @@ prepare_error_as(struct kdc_request_state *rstate, krb5_kdc_req *request, + return retval; + errpkt.error = error; + errpkt.server = request->server; +- errpkt.client = (error == KRB5KDC_ERR_WRONG_REALM) ? canon_client : ++ errpkt.client = (error == KDC_ERR_WRONG_REALM) ? canon_client : + request->client; + errpkt.text = string2data((char *)status); + +-- @@ -43,7 +43,7 @@ Summary: The Kerberos network authentication system Name: krb5 Version: 1.13.2 -Release: 12%{?dist} +Release: 13%{?dist} # - Maybe we should explode from the now-available-to-everybody tarball instead? # http://web.mit.edu/kerberos/dist/krb5/1.13/krb5-1.13.2-signed.tar # - The sources below are stored in a lookaside cache. Upload with @@ -91,6 +91,7 @@ Patch140: krb5-1.14-Support-KDC_ERR_MORE_PREAUTH_DATA_REQUIRED.patch Patch143: krb5-tests_use_libs_from_build.patch Patch144: krb5-1.13.3-bindresvport_sa_port_byte_swap_bug_triggering_selinux_avc_denial.patch Patch146: krb5-1.14-no_system_krb5_conf.patch +Patch147: krb5-1.14-client_referral_principal.patch License: MIT URL: http://web.mit.edu/kerberos/www/ @@ -279,6 +280,8 @@ ln NOTICE LICENSE %patch146 -p1 -b .no_system_krb5_conf %patch144 -p1 -b .krb5-1.13.3-bindresvport_sa_port_byte_swap_bug_triggering_selinux_avc_denial + +%patch147 -p1 -b .client_referral_principal.patch # Take the execute bit off of documentation. chmod -x doc/krb5-protocol/*.txt doc/ccapi/*.html @@ -889,6 +892,9 @@ exit 0 %changelog +* Thu Oct 08 2015 Robbie Harwood <rharwood@redhat.com> - 1.13.2-13 +- Work around KDC client prinicipal in referrals issue (#1259844) + * Thu Oct 01 2015 Robbie Harwood <rharwood@redhat.com> - 1.13.2-12 - Enable building with bad system /etc/krb5.conf |