summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* - use an in-memory ccache instead of an on-disk temporary to avoidNalin Dahyabhai2009-06-041-0/+29
| | | | compile-time warnings about using mktemp()
* - send the length of the file by printf()ing a long long instead of a long,Nalin Dahyabhai2009-06-041-0/+33
| | | | so that we don't break on large files on 32-bit machines
* - link binaries to produce position-independent executables, and strip theNalin Dahyabhai2009-06-041-0/+31
| | | | | | | flags used to do so, and library path flags, from the output of krb5-config - install shared libraries with the execute bit set - we used to override RPATH here, but configure takes --disable-rpath now
* - forward-port long-present out-of-tree patch to support "ANY" keytab type,Nalin Dahyabhai2009-06-041-0/+351
| | | | | which takes as its residual a comma-separated list of keytab names and will search them all in turn when looking for a specific key
* - add an auth stack to ksu's PAM configuration so that pam_setcred() callsNalin Dahyabhai2009-05-192-1/+6
| | | | won't just fail
* - make PAM support for ksu also set PAM_RUSERNalin Dahyabhai2009-05-112-12/+31
|
* yeah, actually bump the release numberkrb5-1_6_3-104_fc12krb5-1_6_3-104_fc11Nalin Dahyabhai2009-04-231-1/+1
|
* - extend PAM support to ksu: perform account and session management for theNalin Dahyabhai2009-04-233-23/+218
| | | | | | target user - pull up and merge James Leddy's changes to also set PAM_RHOST in PAM-aware network-facing services
* - fix a typo in a ksu error message (Marek Mahut)Nalin Dahyabhai2009-04-212-4/+20
|
* - okay, finally remove thisNalin Dahyabhai2009-04-211-45/+0
|
* - "rev" works the way the test suite expects now, so don't disable testsNalin Dahyabhai2009-04-211-19/+0
| | | | that use it
* note why we don't just run make check herekrb5-1_6_3-102_fc12Nalin Dahyabhai2009-04-201-1/+1
|
* - add empty Default-Start: statements to the init scriptsNalin Dahyabhai2009-04-203-0/+3
|
* - add LSB-style informational headers to the init scriptsNalin Dahyabhai2009-04-204-2/+36
|
* - explicitly run the pdf generation script using sh (part of #225974)Nalin Dahyabhai2009-04-171-1/+4
|
* - remove obsolete patch for CVE-2009-0845krb5-1_6_3-101_fc12Nalin Dahyabhai2009-04-072-22/+18
| | | | | | | | - add patches for read overflow and null pointer dereference in the implementation of the SPNEGO mechanism (CVE-2009-0844, CVE-2009-0845) - add patch for attempt to free uninitialized pointer in libkrb5 (CVE-2009-0846) - add patch to fix length validation bug in libkrb5 (CVE-2009-0847)
* - add patch to fix length validation bug in libkrb5 (CVE-2009-0847)Nalin Dahyabhai2009-04-071-0/+34
|
* - add patch for attempt to free uninitialized pointer in libkrb5Nalin Dahyabhai2009-04-071-0/+39
| | | | (CVE-2009-0846)
* - add patches for read overflow and null pointer dereference in theNalin Dahyabhai2009-04-071-0/+157
| | | | implementation of the SPNEGO mechanism (CVE-2009-0844, CVE-2009-0845)
* - make the kpropd init script treat reload as restart (part of #225974)Nalin Dahyabhai2009-04-062-1/+3
|
* - take the execute bit off of the protocol docs (part of #225974)Nalin Dahyabhai2009-04-061-3/+8
| | | | - unflag init scripts as configuration files (part of #225974)
* - fixup summary texts (part of #225974)Nalin Dahyabhai2009-04-061-9/+10
|
* - escape possible macros in the changelog (part of #225974)Nalin Dahyabhai2009-04-061-4/+5
|
* - clean up buildprereq/prereqs, explicit mktemp requires, and add theNalin Dahyabhai2009-04-061-11/+17
| | | | ldconfig for the -server-ldap subpackage (part of #225974)
* - make splitting up of the workstation bits unconditionalNalin Dahyabhai2009-04-061-17/+1
|
* - move the libraries to /%{_lib}, but leave --libdir alone so that pluginsNalin Dahyabhai2009-04-061-6/+23
| | | | get installed and are searched for in the same locations (#473333)
* - turn off krb4 support (it won't be part of the 1.7 release, but do itNalin Dahyabhai2009-04-063-114/+23
| | | | | | now) - use triggeruns to properly shut down and disable krb524d when -server and -workstation-servers gets upgraded, because it's gone now
* - libgssapi_krb5: backport fix for some errors which can occur when we failkrb5-1_6_3-19_fc11F-11-splitNalin Dahyabhai2009-03-172-1/+23
| | | | to set up the server half of a context (CVE-2009-0845)
* - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuildkrb5-1_6_3-18_fc11Jesse Keating2009-02-251-1/+4
|
* - add a patch to catch out-of-space errors rcp'ing files to NFSNalin Dahyabhai2009-02-191-0/+19
| | | | destinations
* - flesh out the note to include why the patch isn't going anywhereNalin Dahyabhai2009-02-191-1/+2
|
* - add a hunk so that the db2 test will compile correctlyNalin Dahyabhai2009-02-191-0/+12
|
* - note the RT number for the upstream discussionNalin Dahyabhai2009-02-191-1/+1
|
* aargh, what year is it?krb5-1_6_3-17_fc11Nalin Dahyabhai2009-01-161-1/+1
|
* rebuildNalin Dahyabhai2009-01-161-1/+4
|
* - krb5_fcc_generate_new(): unlock the fcc list lock before returning in theF-10-splitNalin Dahyabhai2008-10-281-0/+25
| | | | | non-mkstemp() case, don't unlock the lock twice before returning if we happen to run out of memory (fixed in trunk by rewriting the function)
* - telnet can suspend itself if the calling shell supports job control, andNalin Dahyabhai2008-10-281-0/+13
| | | | | | | around here that's not unique to csh (#433947) Of course, if it turns out that we do have a shell that doesn't support job control, we get to change this to enumerate the ones that do. Which is sure to be all kinds of fun.
* - if we successfully change the user's password during an attempt to getNalin Dahyabhai2008-09-042-0/+55
| | | | | initial credentials, but then fail to get initial creds from a non-master using the new password, retry against the master (#432334)
* fix license tagkrb5-1_6_3-16_fc10Tom Callaway2008-08-051-2/+5
|
* - define ASN1BUF_OMIT_INLINE_FUNCS at compile-time (for now) to keepNalin Dahyabhai2008-07-161-0/+5
| | | | building
* quote %%{__cc} where needed because it includes whitespace nowNalin Dahyabhai2008-07-161-1/+2
|
* - clear fuzz out of patches, dropping a man page patch which is no longerNalin Dahyabhai2008-07-167-27/+11
| | | | necessary
* - build with -fno-strict-aliasing, which is needed because the librarykrb5-1_6_3-15_fc10Nalin Dahyabhai2008-07-111-2/+8
| | | | triggers these warnings
* - rework how labeling is handled to avoid a bootstrapping problem inNalin Dahyabhai2008-07-112-35/+60
| | | | | headers - don't forget to label the principal database lock file
* generate include/krb5/krb5.h before building, fix conditional for sparcv9Tom Callaway2008-06-141-2/+10
|
* - whoops, forgot to go back and get the ITS entry numberNalin Dahyabhai2008-05-121-1/+1
|
* - ftp: use the correct local filename during mget when the 'case' option iskrb5-1_6_3-13_fc9F-9-splitNalin Dahyabhai2008-04-162-1/+26
| | | | enabled (#442713)
* Provide an option to make the KDC also listen on loopback interfaces forkrb5-1_6_3-12_fc9Nalin Dahyabhai2008-04-041-0/+247
| | | | | | | | | datagram requests. Adds an internal symbol to libkrb5 which the KDC will need if listening on loopback is enabled. The default might be better changed from FALSE to TRUE so that the default matches what we do with stream sockets. Or maybe that should be the default anyway, with no configuration option. FIXME: doesn't add documentation anywhere.
* - stop exporting kadmin keys to a keytab file when kadmind starts -- theNalin Dahyabhai2008-04-043-12/+9
| | | | | | daemon's been able to use the database directly for a long long time now - belatedly add aes128,aes256 to the default set of supported key types
* bump for buildNalin Dahyabhai2008-04-011-1/+1
|
generated by cgit (git 2.34.1) at 2025-09-30 17:24:16 +0000