rpms/krb5/devel krb5.spec,1.242,1.243 krb5-1.7-pam.patch,1.4,1.5
Nalin Dahyabhai
nalin at fedoraproject.org
Wed Mar 3 16:09:47 UTC 2010
- Previous message: rpms/tracker/devel tracker-0.7-doc-build.patch, NONE, 1.1 .cvsignore, 1.19, 1.20 sources, 1.19, 1.20 tracker.spec, 1.64, 1.65 tracker-gmime26.patch, 1.1, NONE tracker-ldfind.patch, 1.1, NONE tracker-msword_filter.patch, 1.2, NONE
- Next message: rpms/krb5/F-11 krb5.spec,1.191,1.192 krb5-1.6.1-pam.patch,1.7,1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: nalin
Update of /cvs/extras/rpms/krb5/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29800/devel
Modified Files:
krb5.spec krb5-1.7-pam.patch
Log Message:
- fix a null pointer dereference and crash introduced in our PAM patch that
would happen if ftpd was given the name of a user who wasn't known to the
local system, limited to being triggerable by gssapi-authenticated clients by
the default xinetd config (Olivier Fourdan, #569472)
Index: krb5.spec
===================================================================
RCS file: /cvs/extras/rpms/krb5/devel/krb5.spec,v
retrieving revision 1.242
retrieving revision 1.243
diff -u -p -r1.242 -r1.243
--- krb5.spec 2 Mar 2010 23:01:23 -0000 1.242
+++ krb5.spec 3 Mar 2010 16:09:47 -0000 1.243
@@ -7,15 +7,19 @@
# For consistency with regular login.
%global login_pam_service remote
+# Temporary.
+%global appl_version 1.0
+
Summary: The Kerberos network authentication system
Name: krb5
-Version: 1.7.1
-Release: 5%{?dist}
+Version: 1.8
+Release: 0%{?dist}
# Maybe we should explode from the now-available-to-everybody tarball instead?
# http://web.mit.edu/kerberos/dist/krb5/1.7/krb5-1.7.1-signed.tar
Source0: krb5-%{version}.tar.gz
Source1: krb5-%{version}.tar.gz.asc
Source2: kpropd.init
+Source3: krb5-appl-%{appl_version}.tar.gz
Source4: kadmind.init
Source5: krb5kdc.init
Source6: krb5.conf
@@ -224,7 +228,7 @@ to obtain initial credentials from a KDC
certificate.
%prep
-%setup -q -a 23
+%setup -q -a 3 -a 23
ln -s README LICENSE
pushd src
%patch60 -p2 -b .pam
@@ -850,6 +854,12 @@ exit 0
%{krb5prefix}/sbin/uuserver
%changelog
+* Wed Mar 3 2010 Nalin Dahyabhai <nalin at redhat.com> - 1.7.1-6
+- fix a null pointer dereference and crash introduced in our PAM patch that
+ would happen if ftpd was given the name of a user who wasn't known to the
+ local system, limited to being triggerable by gssapi-authenticated clients by
+ the default xinetd config (Olivier Fourdan, #569472)
+
* Tue Mar 2 2010 Nalin Dahyabhai <nalin at redhat.com> - 1.7.1-5
- fix a regression (not labeling a kdb database lock file correctly, #569902)
krb5-1.7-pam.patch:
aclocal.m4 | 83 ++++++++
appl/bsd/Makefile.in | 11 -
appl/bsd/configure.in | 1
appl/bsd/krshd.c | 64 +++++-
appl/bsd/login.c | 61 ++++++
appl/bsd/pam.c | 433 +++++++++++++++++++++++++++++++++++++++++++
appl/bsd/pam.h | 65 ++++++
appl/gssftp/configure.in | 1
appl/gssftp/ftpd/Makefile.in | 8
appl/gssftp/ftpd/ftpd.c | 72 ++++++-
clients/ksu/Makefile.in | 7
clients/ksu/main.c | 75 +++++++
config/pre.in | 1
configure.in | 2
14 files changed, 862 insertions(+), 22 deletions(-)
Index: krb5-1.7-pam.patch
===================================================================
RCS file: /cvs/extras/rpms/krb5/devel/krb5-1.7-pam.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- krb5-1.7-pam.patch 3 Dec 2009 23:23:54 -0000 1.4
+++ krb5-1.7-pam.patch 3 Mar 2010 16:09:47 -0000 1.5
@@ -937,7 +937,7 @@ diff -up krb5-1.7/src/appl/gssftp/ftpd/f
+#ifdef USE_PAM
+ if (appl_pam_enabled(kcontext, "ftpd")) {
+ if (appl_pam_acct_mgmt(FTP_PAM_SERVICE, 0,
-+ pw->pw_name, "",
++ name, "",
+ hostname,
+ NULL,
+ FTP_PAM_SERVICE) != 0) {
@@ -971,7 +971,7 @@ diff -up krb5-1.7/src/appl/gssftp/ftpd/f
- if (pw == NULL || (!kpass(pw->pw_name, passwd) &&
- (want_creds || !*pw->pw_passwd ||
- strcmp(xpasswd, pw->pw_passwd)))) {
-+ if ((pw == NULL) ||
++ if ((pw == NULL) || (
+#ifdef USE_PAM
+ appl_pam_enabled(kcontext, "ftpd") ?
+ (appl_pam_authenticate(FTP_PAM_SERVICE, 0,
@@ -983,7 +983,7 @@ diff -up krb5-1.7/src/appl/gssftp/ftpd/f
+ (!kpass(pw->pw_name, passwd) &&
+ (want_creds ||
+ !*pw->pw_passwd ||
-+ strcmp(xpasswd, pw->pw_passwd)))) {
++ strcmp(xpasswd, pw->pw_passwd))))) {
pw = NULL;
sleep(5);
if (++login_attempts >= 3) {
- Previous message: rpms/tracker/devel tracker-0.7-doc-build.patch, NONE, 1.1 .cvsignore, 1.19, 1.20 sources, 1.19, 1.20 tracker.spec, 1.64, 1.65 tracker-gmime26.patch, 1.1, NONE tracker-ldfind.patch, 1.1, NONE tracker-msword_filter.patch, 1.2, NONE
- Next message: rpms/krb5/F-11 krb5.spec,1.191,1.192 krb5-1.6.1-pam.patch,1.7,1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list