rpms/krb5/devel krb5-1.7-opte.patch,NONE,1.1 krb5.spec,1.232,1.233

Fri Jan 15 20:24:36 UTC 2010

Author: nalin

Update of /cvs/extras/rpms/krb5/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv7743

Modified Files:
	krb5.spec 
Added Files:
	krb5-1.7-opte.patch 
Log Message:
- krb5_get_init_creds_password: check opte->flags instead of options->flags
  when checking whether or not we get to use the prompter callback (#555875)


krb5-1.7-opte.patch:
 gic_pwd.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- NEW FILE krb5-1.7-opte.patch ---
Check opte->flags instead of options->flags, because we know that opte has
been initialized to the library defaults if options was NULL.
diff -up krb5-1.7/src/lib/krb5/krb/gic_pwd.c krb5-1.7/src/lib/krb5/krb/gic_pwd.c
--- krb5-1.7/src/lib/krb5/krb/gic_pwd.c	2010-01-15 15:07:52.000000000 -0500
+++ krb5-1.7/src/lib/krb5/krb/gic_pwd.c	2010-01-15 15:07:56.000000000 -0500
@@ -200,7 +200,7 @@ krb5_get_init_creds_password(krb5_contex
      * to prompt.  Prompting is only disabled if the option has been set
      * and the value has been set to false.
      */
-    if (!(options->flags & KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT))
+    if (!(opte->flags & KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT))
 	goto cleanup;
 
     /* ok, we have an expired password.  Give the user a few chances


Index: krb5.spec
===================================================================
RCS file: /cvs/extras/rpms/krb5/devel/krb5.spec,v
retrieving revision 1.232
retrieving revision 1.233
diff -u -p -r1.232 -r1.233
--- krb5.spec	14 Jan 2010 21:14:25 -0000	1.232
+++ krb5.spec	15 Jan 2010 20:24:36 -0000	1.233
@@ -10,7 +10,7 @@
 Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.7
-Release: 19%{?dist}
+Release: 20%{?dist}
 # Maybe we should explode from the now-available-to-everybody tarball instead?
 # http://web.mit.edu/kerberos/dist/krb5/1.7/krb5-1.7-signed.tar
 Source0: krb5-%{version}.tar.gz
@@ -84,6 +84,7 @@ Patch91: krb5-1.7-spnego-deleg.patch
 Patch92: http://web.mit.edu/kerberos/advisories/2009-003-patch.txt
 Patch93: krb5-1.7-create_on_load.patch
 Patch94: http://web.mit.edu/kerberos/advisories/2009-004-patch_1.7.txt
+Patch95: krb5-1.7-opte.patch
 
 License: MIT
 URL: http://web.mit.edu/kerberos/www/
@@ -222,6 +223,10 @@ to obtain initial credentials from a KDC
 certificate.
 
 %changelog
+* Fri Jan 15 2010 Nalin Dahyabhai <nalin at redhat.com> - 1.7-20
+- krb5_get_init_creds_password: check opte->flags instead of options->flags
+  when checking whether or not we get to use the prompter callback (#555875)
+
 * Thu Jan 14 2010 Nalin Dahyabhai <nalin at redhat.com> - 1.7-19
 - use portreserve to make sure the KDC can always bind to the kerberos-iv
   port, kpropd can always bind to the krb5_prop port, and that kadmind can
@@ -1556,6 +1561,7 @@ popd
 %patch92 -p1 -b .2009-003
 %patch93 -p1 -b .create_on_load
 %patch94 -p0 -b .2009-004
+%patch95 -p1 -b .opte
 gzip doc/*.ps
 
 sed -i -e '1s!\[twoside\]!!;s!%\(\\usepackage{hyperref}\)!\1!' doc/api/library.tex

