klist: don't trip over referral entries when invoked with -s (#707145, RT#6915)

author: Nalin Dahyabhai <nalin@dahyabhai.net> 2011-05-25 16:56:10 -0400
committer: Nalin Dahyabhai <nalin@dahyabhai.net> 2011-05-25 16:56:10 -0400
commit: 6ec2e67b2e7e1588604797d2814be92446caa68e (patch)
tree: a37ad84d84b2fc3e5dddd4976cc262e9ab092e3e
parent: b84472097695084d82e88c40402c4516bf894fd5 (diff)
download: krb5-6ec2e67b2e7e1588604797d2814be92446caa68e.tar.gz
krb5-6ec2e67b2e7e1588604797d2814be92446caa68e.tar.xz
krb5-6ec2e67b2e7e1588604797d2814be92446caa68e.zip
2 files changed, 21 insertions, 1 deletions
diff --git a/krb5-klist_s.patch b/krb5-klist_s.patch
new file mode 100644
index 0000000..3a219ee
--- /dev/null
+++ b/krb5-klist_s.patch
@@ -0,0 +1,14 @@
+Don't trip over referral entries.  RT#6915
+
+Index: krb5/src/clients/klist/klist.c
+===================================================================
+--- krb5/src/clients/klist/klist.c	(revision 24943)
++++ krb5/src/clients/klist/klist.c	(working copy)
+@@ -386,6 +386,7 @@
+             continue;
+         if (status_only) {
+             if (exit_status && creds.server->length == 2 &&
++                creds.server->realm.length > 0 &&
+                 strcmp(creds.server->realm.data, princ->realm.data) == 0 &&
+                 strcmp((char *)creds.server->data[0].data, "krbtgt") == 0 &&
+                 strcmp((char *)creds.server->data[1].data,
diff --git a/krb5.spec b/krb5.spec
index d5550c2..8320c12 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -6,7 +6,7 @@
 Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.9
-Release: 7%{?dist}
+Release: 8%{?dist}
 # Maybe we should explode from the now-available-to-everybody tarball instead?
 # http://web.mit.edu/kerberos/dist/krb5/1.9/krb5-1.9-signed.tar
 Source0: krb5-%{version}.tar.gz
@@ -54,6 +54,7 @@ Patch74: http://web.mit.edu/kerberos/advisories/2011-002-patch.txt
 Patch75: http://web.mit.edu/kerberos/advisories/2011-003-patch.txt
 Patch76: krb5-1.9-paren.patch
 Patch77: http://web.mit.edu/kerberos/advisories/2011-004-patch.txt
+Patch78: krb5-klist_s.patch
 
 License: MIT
 URL: http://web.mit.edu/kerberos/www/
@@ -196,6 +197,7 @@ ln -s NOTICE LICENSE
 %patch75 -p1 -b .2011-003
 %patch76 -p1 -b .paren
 %patch77 -p1 -b .2011-004
+%patch78 -p1 -b .klist_s
 gzip doc/*.ps
 
 sed -i -e '1s!\[twoside\]!!;s!%\(\\usepackage{hyperref}\)!\1!' doc/api/library.tex
@@ -654,6 +656,10 @@ exit 0
 %{_sbindir}/uuserver
 
 %changelog
+* Wed May 25 2011 Nalin Dahyabhai <nalin@redhat.com> 1.9-8
+- klist: don't trip over referral entries when invoked with -s (#707145,
+  RT#6915)
+
 * Wed Apr 13 2011 Nalin Dahyabhai <nalin@redhat.com> 1.9-7
 - kadmind: add upstream patch to fix free() on an invalid pointer (#696343,
   MITKRB5-SA-2011-004, CVE-2011-0285)
author	Nalin Dahyabhai <nalin@dahyabhai.net>	2011-05-25 16:56:10 -0400
committer	Nalin Dahyabhai <nalin@dahyabhai.net>	2011-05-25 16:56:10 -0400
commit	6ec2e67b2e7e1588604797d2814be92446caa68e (patch)
tree	a37ad84d84b2fc3e5dddd4976cc262e9ab092e3e
parent	b84472097695084d82e88c40402c4516bf894fd5 (diff)
download	krb5-6ec2e67b2e7e1588604797d2814be92446caa68e.tar.gz krb5-6ec2e67b2e7e1588604797d2814be92446caa68e.tar.xz krb5-6ec2e67b2e7e1588604797d2814be92446caa68e.zip