[krb5] - fix reading of keyUsage extensions when attempting to select pkinit client certs (part of #629022,

Nalin Dahyabhai nalin at fedoraproject.org
Thu Sep 16 23:33:21 UTC 2010 

commit f44b554d1bcf1d4111f1564232399efa9490896f
Author: Nalin Dahyabhai <nalin at redhat.com>
Date:   Thu Sep 16 19:32:06 2010 -0400

    - fix reading of keyUsage extensions when attempting to select pkinit client certs (part of #629022, RT#6775)
    - fix selection of pkinit client certs when one or more don't include a subjectAltName extension (part of #629022, RT#6774)

 krb5.spec |   12 +++++++++++-
 1 files changed, 11 insertions(+), 1 deletions(-)
---
diff --git a/krb5.spec b/krb5.spec
index fd3d112..3d58174 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -5,7 +5,7 @@
 Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.8.3
-Release: 3%{?dist}
+Release: 4%{?dist}
 # Maybe we should explode from the now-available-to-everybody tarball instead?
 # http://web.mit.edu/kerberos/dist/krb5/1.8/krb5-1.8.3-signed.tar
 Source0: krb5-%{version}.tar.gz
@@ -48,6 +48,8 @@ Patch63: krb5-1.8-selinux-label.patch
 Patch70: krb5-trunk-kpasswd_tcp2.patch
 Patch71: krb5-1.8-dirsrv-accountlock.patch
 Patch72: krb5-trunk-explife.patch
+Patch73: krb5-trunk-key_usage.patch
+Patch74: krb5-trunk-signed.patch
 
 License: MIT
 URL: http://web.mit.edu/kerberos/www/
@@ -186,6 +188,8 @@ ln -s NOTICE LICENSE
 #%patch70 -p0 -b .kpasswd_tcp2
 %patch71 -p1 -b .dirsrv-accountlock
 %patch72 -p0 -b .explife
+%patch73 -p0 -b .key_usage
+%patch74 -p0 -b .signed
 gzip doc/*.ps
 
 sed -i -e '1s!\[twoside\]!!;s!%\(\\usepackage{hyperref}\)!\1!' doc/api/library.tex
@@ -637,6 +641,12 @@ exit 0
 %{_sbindir}/uuserver
 
 %changelog
+* Wed Sep 15 2010 Nalin Dahyabhai <nalin at redhat.com> 1.8.3-4
+- fix reading of keyUsage extensions when attempting to select pkinit client
+  certs (part of #629022, RT#6775)
+- fix selection of pkinit client certs when one or more don't include a
+  subjectAltName extension (part of #629022, RT#6774)
+
 * Fri Sep  3 2010 Nalin Dahyabhai <nalin at redhat.com> 1.8.3-3
 - build with -fstack-protector-all instead of the default -fstack-protector,
   so that we add checking to more functions (i.e., all of them) (#629950)

More information about the scm-commits mailing list