Hello community,
here is the log from the commit of package pam_krb5 for openSUSE:Factory
checked in at Mon Jun 15 16:50:24 CEST 2009.
--------
--- pam_krb5/pam_krb5.changes 2009-06-08 09:59:39.000000000 +0200
+++ /mounts/work_src_done/STABLE/pam_krb5/pam_krb5.changes 2009-06-15 15:33:26.000000000 +0200
@@ -1,0 +2,5 @@
+Mon Jun 15 15:32:11 CEST 2009 - mc@suse.de
+
+- compile fixes for krb5 1.7
+
+-------------------------------------------------------------------
@@ -4 +9 @@
-- update to version 2.333.5
+- update to version 2.3.5
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pam_krb5.spec ++++++
--- /var/tmp/diff_new_pack.ij2369/_old 2009-06-15 16:49:50.000000000 +0200
+++ /var/tmp/diff_new_pack.ij2369/_new 2009-06-15 16:49:50.000000000 +0200
@@ -31,7 +31,7 @@
%endif
#
Version: 2.3.5
-Release: 1
+Release: 2
Summary: PAM Module for Kerberos Authentication
Url: http://sourceforge.net/projects/pam-krb5/
Source: pam_krb5-%{version}-%{PAM_RELEASE}.tar.bz2
@@ -96,8 +96,10 @@
%attr(755,root,root) /usr/bin/afs5log
%changelog
+* Mon Jun 15 2009 mc@suse.de
+- compile fixes for krb5 1.7
* Mon Jun 08 2009 mc@suse.de
-- update to version 2.333.5
+- update to version 2.3.5
* make prompting behavior for non-existent accounts and users who
just press enter match up with those who aren't/don't (#502602,
CVE-2009-1384)
++++++ pam_krb5-2.3.5-1.tar.bz2 ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/ChangeLog new/pam_krb5-2.3.5-1/ChangeLog
--- old/pam_krb5-2.3.5-1/ChangeLog 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/ChangeLog 2009-06-15 15:28:45.000000000 +0200
@@ -1,3 +1,6 @@
+2009-06-09
+ * src/initopts.c,src/v5.c: compile fixes for krb5 1.7
+
2009-06-04
* src/prompter.c(_pam_krb5_generic_prompter): if the prompt looks
like a password prompt, use "Password: " instead
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/config.h.in new/pam_krb5-2.3.5-1/config.h.in
--- old/pam_krb5-2.3.5-1/config.h.in 2009-06-08 09:49:27.000000000 +0200
+++ new/pam_krb5-2.3.5-1/config.h.in 2009-06-15 15:29:36.000000000 +0200
@@ -172,6 +172,10 @@
/* Define to 1 if you have the `krb5_get_init_creds_opt_free' function. */
#undef HAVE_KRB5_GET_INIT_CREDS_OPT_FREE
+/* Define to 1 if you have the `krb5_get_init_creds_opt_set_canonicalize'
+ function. */
+#undef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_CANONICALIZE
+
/* Define to 1 if you have the
`krb5_get_init_creds_opt_set_change_password_prompt' function. */
#undef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_CHANGE_PASSWORD_PROMPT
@@ -216,6 +220,9 @@
/* Define if your krb5.h declares the krb5_os_localaddr() function. */
#undef HAVE_KRB5_OS_LOCALADDR
+/* Define to 1 if you have the `krb5_parse_name_flags' function. */
+#undef HAVE_KRB5_PARSE_NAME_FLAGS
+
/* Define to 1 if the system has the type `krb5_principal_data'. */
#undef HAVE_KRB5_PRINCIPAL_DATA
@@ -342,6 +349,10 @@
/* Define if krb5_get_init_creds_opt_free() takes two arguments. */
#undef KRB5_GET_INIT_CREDS_OPT_ALLOC_FREE_TAKES_2_ARGS
+/* Define if krb5_get_init_creds_opt_set_canonicalize() takes three arguments.
+ */
+#undef KRB5_GET_INIT_CREDS_OPT_SET_CANONICALIZE_TAKES_3_ARGS
+
/* Define if krb5_get_init_creds_opt_set_pkinit() takes 11 arguments. */
#undef KRB5_GET_INIT_CREDS_OPT_SET_PKINIT_TAKES_11_ARGS
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/configure new/pam_krb5-2.3.5-1/configure
--- old/pam_krb5-2.3.5-1/configure 2009-06-08 09:49:25.000000000 +0200
+++ new/pam_krb5-2.3.5-1/configure 2009-06-15 15:29:32.000000000 +0200
@@ -13206,7 +13206,9 @@
-for ac_func in krb_life_to_time krb_time_to_life krb5_init_secure_context krb5_free_unparsed_name krb5_free_default_realm krb5_set_principal_realm krb5_get_prompt_types krb_in_tkt in_tkt krb_save_credentials save_credentials krb5_get_init_creds_opt_alloc krb5_get_init_creds_opt_free krb5_get_init_creds_opt_set_pkinit krb5_get_init_creds_opt_set_pa krb5_get_init_creds_opt_set_change_password_prompt
+
+
+for ac_func in krb_life_to_time krb_time_to_life krb5_init_secure_context krb5_free_unparsed_name krb5_free_default_realm krb5_set_principal_realm krb5_get_prompt_types krb_in_tkt in_tkt krb_save_credentials save_credentials krb5_get_init_creds_opt_alloc krb5_get_init_creds_opt_free krb5_get_init_creds_opt_set_pkinit krb5_get_init_creds_opt_set_pa krb5_get_init_creds_opt_set_change_password_prompt krb5_get_init_creds_opt_set_canonicalize krb5_parse_name_flags
do
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
{ $as_echo "$as_me:$LINENO: checking for $ac_func" >&5
@@ -13399,6 +13401,60 @@
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
+if test x$ac_cv_func_krb5_get_init_creds_opt_set_canonicalize = xyes ; then
+ { $as_echo "$as_me:$LINENO: checking if krb5_get_init_creds_opt_set_canonicalize() takes a context" >&5
+$as_echo_n "checking if krb5_get_init_creds_opt_set_canonicalize() takes a context... " >&6; }
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include
+int
+main ()
+{
+
+ krb5_get_init_creds_opt_set_canonicalize(NULL, NULL, 0);
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
+$as_echo "$ac_try_echo") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+
+cat >>confdefs.h <<\_ACEOF
+#define KRB5_GET_INIT_CREDS_OPT_SET_CANONICALIZE_TAKES_3_ARGS 1
+_ACEOF
+
+ { $as_echo "$as_me:$LINENO: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ { $as_echo "$as_me:$LINENO: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
if test x$ac_cv_func_krb5_get_init_creds_opt_set_pkinit = xyes ; then
{ $as_echo "$as_me:$LINENO: checking if krb5_get_init_creds_opt_set_pkinit() takes a pool and a CRL" >&5
$as_echo_n "checking if krb5_get_init_creds_opt_set_pkinit() takes a pool and a CRL... " >&6; }
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/configure.ac new/pam_krb5-2.3.5-1/configure.ac
--- old/pam_krb5-2.3.5-1/configure.ac 2008-10-06 16:16:40.000000000 +0200
+++ new/pam_krb5-2.3.5-1/configure.ac 2009-06-15 15:28:45.000000000 +0200
@@ -181,7 +181,7 @@
LIBSsave="$LIBS"
LIBS="$LIBS $KRB5_LIBS $KRB4_LIBS"
-AC_CHECK_FUNCS(krb_life_to_time krb_time_to_life krb5_init_secure_context krb5_free_unparsed_name krb5_free_default_realm krb5_set_principal_realm krb5_get_prompt_types krb_in_tkt in_tkt krb_save_credentials save_credentials krb5_get_init_creds_opt_alloc krb5_get_init_creds_opt_free krb5_get_init_creds_opt_set_pkinit krb5_get_init_creds_opt_set_pa krb5_get_init_creds_opt_set_change_password_prompt)
+AC_CHECK_FUNCS(krb_life_to_time krb_time_to_life krb5_init_secure_context krb5_free_unparsed_name krb5_free_default_realm krb5_set_principal_realm krb5_get_prompt_types krb_in_tkt in_tkt krb_save_credentials save_credentials krb5_get_init_creds_opt_alloc krb5_get_init_creds_opt_free krb5_get_init_creds_opt_set_pkinit krb5_get_init_creds_opt_set_pa krb5_get_init_creds_opt_set_change_password_prompt krb5_get_init_creds_opt_set_canonicalize krb5_parse_name_flags)
LIBS="$LIBSsave"
headers='
#include
@@ -230,6 +230,15 @@
AC_MSG_RESULT([yes])],
AC_MSG_RESULT([no]))
fi
+if test x$ac_cv_func_krb5_get_init_creds_opt_set_canonicalize = xyes ; then
+ AC_MSG_CHECKING([if krb5_get_init_creds_opt_set_canonicalize() takes a context])
+ AC_COMPILE_IFELSE(AC_LANG_PROGRAM([#include ],[
+ krb5_get_init_creds_opt_set_canonicalize(NULL, NULL, 0);]),
+ [AC_DEFINE(KRB5_GET_INIT_CREDS_OPT_SET_CANONICALIZE_TAKES_3_ARGS,1,
+ [Define if krb5_get_init_creds_opt_set_canonicalize() takes three arguments.])
+ AC_MSG_RESULT([yes])],
+ AC_MSG_RESULT([no]))
+fi
if test x$ac_cv_func_krb5_get_init_creds_opt_set_pkinit = xyes ; then
AC_MSG_CHECKING([if krb5_get_init_creds_opt_set_pkinit() takes a pool and a CRL])
AC_COMPILE_IFELSE(AC_LANG_PROGRAM([#include ],[
Files old/pam_krb5-2.3.5-1/po/ca.gmo and new/pam_krb5-2.3.5-1/po/ca.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/ca.po new/pam_krb5-2.3.5-1/po/ca.po
--- old/pam_krb5-2.3.5-1/po/ca.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/ca.po 2009-06-15 15:30:35.000000000 +0200
@@ -20,7 +20,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-10-18 12:12+0200\n"
"Last-Translator: Xavier Conde Rueda \n"
"Language-Team: Catalan \n"
@@ -28,21 +28,21 @@
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Contrasenya: "
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%scontrasenya: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Nova %s%scontrasenya: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Repetiu la nova %s%scontrsenya: "
Files old/pam_krb5-2.3.5-1/po/cs.gmo and new/pam_krb5-2.3.5-1/po/cs.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/cs.po new/pam_krb5-2.3.5-1/po/cs.po
--- old/pam_krb5-2.3.5-1/po/cs.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/cs.po 2009-06-15 15:30:35.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: system-config-firewall.master\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-06-08 20:58+0200\n"
"Last-Translator: Miloslav Trmač \n"
"Language-Team: Czech \n"
@@ -20,21 +20,21 @@
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%"
"10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr ""
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr ""
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr ""
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr ""
Files old/pam_krb5-2.3.5-1/po/de.gmo and new/pam_krb5-2.3.5-1/po/de.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/de.po new/pam_krb5-2.3.5-1/po/de.po
--- old/pam_krb5-2.3.5-1/po/de.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/de.po 2009-06-15 15:30:35.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-03-13 16:08+0000\n"
"Last-Translator: Michael Calmer \n"
"Language-Team: Novell Language \n"
@@ -17,21 +17,21 @@
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Passwort: "
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%sPasswort: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Neues %s%sPasswort: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Neues %s%sPasswort wiederholen: "
Files old/pam_krb5-2.3.5-1/po/el.gmo and new/pam_krb5-2.3.5-1/po/el.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/el.po new/pam_krb5-2.3.5-1/po/el.po
--- old/pam_krb5-2.3.5-1/po/el.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/el.po 2009-06-15 15:30:35.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: el\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-04-10 22:03+0300\n"
"Last-Translator: Dimitris Glezos \n"
"Language-Team: Greek Fedora team \n"
@@ -19,21 +19,21 @@
"X-Generator: KBabel 1.11.4\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Συνθηματικό: "
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%sΣυνθηματικό: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Νέο %s%sσυνθηματικό: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Επανάληψη νέου %s%sσυνθηματικού: "
Files old/pam_krb5-2.3.5-1/po/es.gmo and new/pam_krb5-2.3.5-1/po/es.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/es.po new/pam_krb5-2.3.5-1/po/es.po
--- old/pam_krb5-2.3.5-1/po/es.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/es.po 2009-06-15 15:30:35.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-12-14 11:26-0200\n"
"Last-Translator: H. Daniel Cabrera \n"
"Language-Team: Spanish \n"
@@ -17,21 +17,21 @@
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\\\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Contraseña:"
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%sContraseña:"
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Nueva %s%sContraseña:"
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Repetir nueva %s%s Contraseña:"
Files old/pam_krb5-2.3.5-1/po/fa.gmo and new/pam_krb5-2.3.5-1/po/fa.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/fa.po new/pam_krb5-2.3.5-1/po/fa.po
--- old/pam_krb5-2.3.5-1/po/fa.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/fa.po 2009-06-15 15:30:35.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: 0.1\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2009-03-15 22:59+0330\n"
"Last-Translator: Mohsen Saeedi \n"
"Language-Team: Persian \n"
@@ -16,21 +16,21 @@
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "گذر واژه:"
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "«%s%s» گذرواژه: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "گذرواژه «%s%s» جدید:"
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "تکرار گذارواژه «%s%s» جدید:"
Files old/pam_krb5-2.3.5-1/po/fr.gmo and new/pam_krb5-2.3.5-1/po/fr.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/fr.po new/pam_krb5-2.3.5-1/po/fr.po
--- old/pam_krb5-2.3.5-1/po/fr.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/fr.po 2009-06-15 15:30:35.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: pam_krb5 2.3.2\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME \n"
"Language-Team: LANGUAGE \n"
@@ -17,21 +17,21 @@
"Content-Type: text/plain; charset=CHARSET\n"
"Content-Transfer-Encoding: 8bit\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr ""
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr ""
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr ""
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr ""
Files old/pam_krb5-2.3.5-1/po/hu.gmo and new/pam_krb5-2.3.5-1/po/hu.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/hu.po new/pam_krb5-2.3.5-1/po/hu.po
--- old/pam_krb5-2.3.5-1/po/hu.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/hu.po 2009-06-15 15:30:35.000000000 +0200
@@ -3,7 +3,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-04-30 07:23+0100\n"
"Last-Translator: Sulyok Péter \n"
"Language-Team: Hungarian \n"
@@ -15,21 +15,21 @@
"X-Poedit-Country: HUNGARY\n"
"X-Poedit-SourceCharset: utf-8\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Jelszó: "
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%sjelszó: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Új %s%sjelszó: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Ismét az új %s%sjelszó: "
Files old/pam_krb5-2.3.5-1/po/it.gmo and new/pam_krb5-2.3.5-1/po/it.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/it.po new/pam_krb5-2.3.5-1/po/it.po
--- old/pam_krb5-2.3.5-1/po/it.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/it.po 2009-06-15 15:30:35.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: it\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-04-16 20:38+0200\n"
"Last-Translator: Francesco Tombolini \n"
"Language-Team: Italiano \n"
@@ -18,21 +18,21 @@
"X-Generator: KBabel 1.11.4\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Password: "
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%sPassword: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Nuova %s%sPassword: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Ripetere la nuova %s%sPassword: "
Files old/pam_krb5-2.3.5-1/po/ms.gmo and new/pam_krb5-2.3.5-1/po/ms.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/ms.po new/pam_krb5-2.3.5-1/po/ms.po
--- old/pam_krb5-2.3.5-1/po/ms.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/ms.po 2009-06-15 15:30:35.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-10-29 22:02+0800\n"
"Last-Translator: Sharuzzaman Ahmat Raslan \n"
"Language-Team: Malay \n"
@@ -16,21 +16,21 @@
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Katalaluan:"
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%s Katalaluan: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Katalaluan %s%s Baru: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Ulang Katalaluan %s%s Baru: "
Files old/pam_krb5-2.3.5-1/po/nl.gmo and new/pam_krb5-2.3.5-1/po/nl.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/nl.po new/pam_krb5-2.3.5-1/po/nl.po
--- old/pam_krb5-2.3.5-1/po/nl.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/nl.po 2009-06-15 15:30:35.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-09-04 23:14+0200\n"
"Last-Translator: Peter van Egdom \n"
"Language-Team: Dutch \n"
@@ -17,21 +17,21 @@
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Wachtwoord: "
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%swachtwoord: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Nieuw %s%swachtwoord: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Nieuw %s%swachtwoord herhalen: "
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/pam_krb5.pot new/pam_krb5-2.3.5-1/po/pam_krb5.pot
--- old/pam_krb5-2.3.5-1/po/pam_krb5.pot 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/pam_krb5.pot 2009-06-15 15:30:35.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: pam_krb5 2.3.5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME \n"
"Language-Team: LANGUAGE \n"
@@ -17,21 +17,21 @@
"Content-Type: text/plain; charset=CHARSET\n"
"Content-Transfer-Encoding: 8bit\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr ""
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr ""
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr ""
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr ""
Files old/pam_krb5-2.3.5-1/po/pl.gmo and new/pam_krb5-2.3.5-1/po/pl.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/pl.po new/pam_krb5-2.3.5-1/po/pl.po
--- old/pam_krb5-2.3.5-1/po/pl.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/pl.po 2009-06-15 15:30:35.000000000 +0200
@@ -6,7 +6,7 @@
"Project-Id-Version: pl\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-04-10 21:56+0200\n"
"Last-Translator: Piotr Drąg \n"
"Language-Team: Polish \n"
@@ -14,21 +14,21 @@
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Hasło: "
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%sHasło: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Nowe %s%shasło: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Powtórz nowe %s%shasło: "
Files old/pam_krb5-2.3.5-1/po/pt_BR.gmo and new/pam_krb5-2.3.5-1/po/pt_BR.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/pt_BR.po new/pam_krb5-2.3.5-1/po/pt_BR.po
--- old/pam_krb5-2.3.5-1/po/pt_BR.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/pt_BR.po 2009-06-15 15:30:35.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-07-17 22:52-0300\n"
"Last-Translator: Taylon Silmer \n"
"Language-Team: Brazilian Portuguese \n"
@@ -18,21 +18,21 @@
"X-Poedit-Language: Portuguese\n"
"X-Poedit-Country: BRAZIL\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Senha: "
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%sSenha: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Nova %s%sSenha: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Repita a nova %s%ssenha: "
Files old/pam_krb5-2.3.5-1/po/ro.gmo and new/pam_krb5-2.3.5-1/po/ro.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/ro.po new/pam_krb5-2.3.5-1/po/ro.po
--- old/pam_krb5-2.3.5-1/po/ro.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/ro.po 2009-06-15 15:30:35.000000000 +0200
@@ -9,7 +9,7 @@
"Project-Id-Version: Pam_krbr5 VERSION\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2009-02-22 22:41+0200\n"
"Last-Translator: Florin Dăscălache \n"
"Language-Team: Romanian \n"
@@ -17,21 +17,21 @@
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Parola: "
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%sParola: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "%s%sParola nouă: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Repetaţi %s%sParola nouă: "
Files old/pam_krb5-2.3.5-1/po/sr.gmo and new/pam_krb5-2.3.5-1/po/sr.gmo differ
Files old/pam_krb5-2.3.5-1/po/sr@latin.gmo and new/pam_krb5-2.3.5-1/po/sr@latin.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/sr@latin.po new/pam_krb5-2.3.5-1/po/sr@latin.po
--- old/pam_krb5-2.3.5-1/po/sr@latin.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/sr@latin.po 2009-06-15 15:30:35.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-04-12 19:23+0100\n"
"Last-Translator: Miloš Komarčević \n"
"Language-Team: Serbian (sr) \n"
@@ -18,21 +18,21 @@
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%"
"10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Lozinka: "
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%slozinka: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Nova %s%slozinka: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Ponovite novu %s%slozinku: "
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/sr.po new/pam_krb5-2.3.5-1/po/sr.po
--- old/pam_krb5-2.3.5-1/po/sr.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/sr.po 2009-06-15 15:30:35.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-04-12 19:23+0100\n"
"Last-Translator: Miloš Komarčević \n"
"Language-Team: Serbian (sr) \n"
@@ -18,21 +18,21 @@
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%"
"10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Лозинка: "
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%sлозинка: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Нова %s%sлозинка: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Поновите нову %s%sлозинку: "
Files old/pam_krb5-2.3.5-1/po/sv.gmo and new/pam_krb5-2.3.5-1/po/sv.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/po/sv.po new/pam_krb5-2.3.5-1/po/sv.po
--- old/pam_krb5-2.3.5-1/po/sv.po 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/po/sv.po 2009-06-15 15:30:35.000000000 +0200
@@ -8,7 +8,7 @@
"Project-Id-Version: pam_krb5\n"
"Report-Msgid-Bugs-To: http://git.fedorahosted.org/git/?p=pam_krb5.git;a=blob;"
"f=AUTHORS;hb=HEAD\n"
-"POT-Creation-Date: 2009-05-27 18:48-0400\n"
+"POT-Creation-Date: 2009-06-15 15:30+0200\n"
"PO-Revision-Date: 2008-10-22 18:04+0100\n"
"Last-Translator: Daniel Nylander \n"
"Language-Team: Swedish \n"
@@ -16,22 +16,22 @@
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
-#: src/auth.c:132 src/auth.c:328
+#: src/auth.c:132 src/auth.c:325
msgid "Password: "
msgstr "Lösenord: "
# FIXME: Vad är %s?
-#: src/password.c:260
+#: src/password.c:257
#, c-format
msgid "%s%sPassword: "
msgstr "%s%sLösenord: "
-#: src/password.c:365
+#: src/password.c:362
#, c-format
msgid "New %s%sPassword: "
msgstr "Nytt %s%slösenord: "
-#: src/password.c:368
+#: src/password.c:365
#, c-format
msgid "Repeat New %s%sPassword: "
msgstr "Upprepa nytt %s%slösenord: "
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/acct.c new/pam_krb5-2.3.5-1/src/acct.c
--- old/pam_krb5-2.3.5-1/src/acct.c 2008-10-17 10:33:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/src/acct.c 2009-06-15 15:28:45.000000000 +0200
@@ -98,10 +98,7 @@
}
/* Get information about the user and the user's principal name. */
- userinfo = _pam_krb5_user_info_init(ctx, user, options->realm,
- options->user_check,
- options->n_mappings,
- options->mappings);
+ userinfo = _pam_krb5_user_info_init(ctx, user, options);
if (userinfo == NULL) {
if (options->ignore_unknown_principals == 0) {
retval = PAM_IGNORE;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/auth.c new/pam_krb5-2.3.5-1/src/auth.c
--- old/pam_krb5-2.3.5-1/src/auth.c 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/src/auth.c 2009-06-15 15:28:45.000000000 +0200
@@ -136,10 +136,7 @@
}
/* Get information about the user and the user's principal name. */
- userinfo = _pam_krb5_user_info_init(ctx, user, options->realm,
- options->user_check,
- options->n_mappings,
- options->mappings);
+ userinfo = _pam_krb5_user_info_init(ctx, user, options);
if (userinfo == NULL) {
if (options->ignore_unknown_principals) {
retval = PAM_IGNORE;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/initopts.c new/pam_krb5-2.3.5-1/src/initopts.c
--- old/pam_krb5-2.3.5-1/src/initopts.c 2009-03-05 09:45:54.000000000 +0100
+++ new/pam_krb5-2.3.5-1/src/initopts.c 2009-06-15 15:28:45.000000000 +0200
@@ -286,6 +286,18 @@
options);
}
}
+#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_CANONICALIZE
+ if (options->canonicalize != -1) {
+#ifdef KRB5_GET_INIT_CREDS_OPT_SET_CANONICALIZE_TAKES_3_ARGS
+ krb5_get_init_creds_opt_set_canonicalize(ctx,
+ k5_options,
+ options->canonicalize);
+#else
+ krb5_get_init_creds_opt_set_canonicalize(k5_options,
+ options->canonicalize);
+#endif
+ }
+#endif
}
void
@@ -297,4 +309,16 @@
krb5_get_init_creds_opt_set_renew_life(k5_options, 0);
krb5_get_init_creds_opt_set_forwardable(k5_options, 0);
krb5_get_init_creds_opt_set_proxiable(k5_options, 0);
+#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_CANONICALIZE
+ if (options->canonicalize != -1) {
+#ifdef KRB5_GET_INIT_CREDS_OPT_SET_CANONICALIZE_TAKES_3_ARGS
+ krb5_get_init_creds_opt_set_canonicalize(ctx,
+ k5_options,
+ options->canonicalize);
+#else
+ krb5_get_init_creds_opt_set_canonicalize(k5_options,
+ options->canonicalize);
+#endif
+ }
+#endif
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/minikafs.c new/pam_krb5-2.3.5-1/src/minikafs.c
--- old/pam_krb5-2.3.5-1/src/minikafs.c 2009-02-12 10:31:23.000000000 +0100
+++ new/pam_krb5-2.3.5-1/src/minikafs.c 2009-06-15 15:28:45.000000000 +0200
@@ -778,7 +778,7 @@
krb5_free_principal(ctx, client);
return -1;
}
- if (krb5_parse_name(ctx, principal, &server) != 0) {
+ if (v5_parse_name(ctx, options, principal, &server) != 0) {
warn("error parsing principal name '%s'", principal);
v5_free_unparsed_name(ctx, unparsed_client);
krb5_free_principal(ctx, client);
@@ -1205,7 +1205,8 @@
/* If we were given a principal name, try it. */
if ((hint_principal != NULL) && (strlen(hint_principal) > 0)) {
principal = NULL;
- if (krb5_parse_name(ctx, hint_principal, &principal) != 0) {
+ if (v5_parse_name(ctx, options,
+ hint_principal, &principal) != 0) {
principal = NULL;
}
if ((principal == NULL) ||
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/options.c new/pam_krb5-2.3.5-1/src/options.c
--- old/pam_krb5-2.3.5-1/src/options.c 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/src/options.c 2009-06-15 15:28:45.000000000 +0200
@@ -446,6 +446,19 @@
options->renewable == 0 ? " not renewable" : "");
}
+#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_CANONICALIZE
+ options->canonicalize = option_b(argc, argv,
+ ctx, options->realm,
+ service, NULL, NULL,
+ "canonicalize", -1);
+ if (options->debug && (options->canonicalize == 1)) {
+ debug("flag: canonicalize");
+ }
+ if (options->debug && (options->canonicalize == 0)) {
+ debug("flag: don't canonicalize");
+ }
+#endif
+
#ifdef HAVE_AFS
/* private option */
options->ignore_afs = option_b(argc, argv,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/options.h new/pam_krb5-2.3.5-1/src/options.h
--- old/pam_krb5-2.3.5-1/src/options.h 2009-06-08 09:47:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/src/options.h 2009-06-15 15:28:45.000000000 +0200
@@ -37,6 +37,9 @@
int debug;
int addressless;
+#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_CANONICALIZE
+ int canonicalize;
+#endif
int debug_sensitive;
int external;
int existing_ticket;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/password.c new/pam_krb5-2.3.5-1/src/password.c
--- old/pam_krb5-2.3.5-1/src/password.c 2009-03-05 09:45:54.000000000 +0100
+++ new/pam_krb5-2.3.5-1/src/password.c 2009-06-15 15:28:45.000000000 +0200
@@ -119,10 +119,7 @@
_pam_krb5_set_init_opts(ctx, gic_options, options);
/* Get information about the user and the user's principal name. */
- userinfo = _pam_krb5_user_info_init(ctx, user, options->realm,
- options->user_check,
- options->n_mappings,
- options->mappings);
+ userinfo = _pam_krb5_user_info_init(ctx, user, options);
if (userinfo == NULL) {
if (options->ignore_unknown_principals) {
retval = PAM_IGNORE;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/session.c new/pam_krb5-2.3.5-1/src/session.c
--- old/pam_krb5-2.3.5-1/src/session.c 2008-10-17 10:33:33.000000000 +0200
+++ new/pam_krb5-2.3.5-1/src/session.c 2009-06-15 15:28:45.000000000 +0200
@@ -103,10 +103,7 @@
}
/* Get information about the user and the user's principal name. */
- userinfo = _pam_krb5_user_info_init(ctx, user, options->realm,
- options->user_check,
- options->n_mappings,
- options->mappings);
+ userinfo = _pam_krb5_user_info_init(ctx, user, options);
if (userinfo == NULL) {
if (options->debug) {
debug("no user info for '%s'", user);
@@ -336,10 +333,7 @@
}
/* Get information about the user and the user's principal name. */
- userinfo = _pam_krb5_user_info_init(ctx, user, options->realm,
- options->user_check,
- options->n_mappings,
- options->mappings);
+ userinfo = _pam_krb5_user_info_init(ctx, user, options);
if (userinfo == NULL) {
if (options->ignore_unknown_principals) {
retval = PAM_IGNORE;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/sly.c new/pam_krb5-2.3.5-1/src/sly.c
--- old/pam_krb5-2.3.5-1/src/sly.c 2009-02-12 10:31:23.000000000 +0100
+++ new/pam_krb5-2.3.5-1/src/sly.c 2009-06-15 15:28:45.000000000 +0200
@@ -210,10 +210,7 @@
}
/* Get information about the user and the user's principal name. */
- userinfo = _pam_krb5_user_info_init(ctx, user, options->realm,
- options->user_check,
- options->n_mappings,
- options->mappings);
+ userinfo = _pam_krb5_user_info_init(ctx, user, options);
if (userinfo == NULL) {
if (options->ignore_unknown_principals) {
retval = PAM_IGNORE;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/userinfo.c new/pam_krb5-2.3.5-1/src/userinfo.c
--- old/pam_krb5-2.3.5-1/src/userinfo.c 2008-10-06 16:16:40.000000000 +0200
+++ new/pam_krb5-2.3.5-1/src/userinfo.c 2009-06-15 15:28:45.000000000 +0200
@@ -1,5 +1,5 @@
/*
- * Copyright 2003,2004,2005,2006 Red Hat, Inc.
+ * Copyright 2003,2004,2005,2006,2009 Red Hat, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -143,9 +143,8 @@
#endif
struct _pam_krb5_user_info *
-_pam_krb5_user_info_init(krb5_context ctx, const char *name, const char *realm,
- int check_user,
- int num_mappings, struct name_mapping *mappings)
+_pam_krb5_user_info_init(krb5_context ctx, const char *name,
+ struct _pam_krb5_options *options)
{
struct _pam_krb5_user_info *ret = NULL;
char local_name[LINE_MAX];
@@ -159,10 +158,10 @@
memset(ret, 0, sizeof(struct _pam_krb5_user_info));
/* See if we need to map this user name to a principal somehow. */
- if (map_lname_aname(mappings, num_mappings,
+ if (map_lname_aname(options->mappings, options->n_mappings,
name, mapped_name, sizeof(mapped_name)) == 0) {
if (strchr(mapped_name, '@') == NULL) {
- if (strlen(mapped_name) + 1 + strlen(realm) >=
+ if (strlen(mapped_name) + 1 + strlen(options->realm) >=
sizeof(qualified_name)) {
warn("principal name '%s' too long",
mapped_name);
@@ -170,7 +169,7 @@
return NULL;
}
snprintf(qualified_name, sizeof(qualified_name),
- "%s@%s", mapped_name, realm);
+ "%s@%s", mapped_name, options->realm);
} else {
if (strlen(mapped_name) >= sizeof(qualified_name)) {
warn("principal name '%s' too long",
@@ -183,14 +182,14 @@
}
} else {
if (strchr(name, '@') == NULL) {
- if (strlen(name) + 1 + strlen(realm) >=
+ if (strlen(name) + 1 + strlen(options->realm) >=
sizeof(qualified_name)) {
warn("principal name '%s' too long", name);
free(ret);
return NULL;
}
snprintf(qualified_name, sizeof(qualified_name),
- "%s@%s", name, realm);
+ "%s@%s", name, options->realm);
} else {
if (strlen(name) >= sizeof(qualified_name)) {
warn("principal name '%s' too long", name);
@@ -204,8 +203,8 @@
/* Parse the user's determined principal name into a principal
* structure. */
- if (krb5_parse_name(ctx, qualified_name,
- &ret->principal_name) != 0) {
+ if (v5_parse_name(ctx, options, qualified_name,
+ &ret->principal_name) != 0) {
warn("error parsing principal name '%s' derived from "
"user name '%s'", qualified_name, name);
free(ret);
@@ -225,7 +224,7 @@
strncpy(local_name, name, sizeof(local_name) - 1);
local_name[sizeof(local_name) - 1] = '\0';
- if (check_user) {
+ if (options->user_check) {
/* Look up the user's UID/GID. */
if (_get_pw_nam(local_name,
&ret->uid, &ret->gid,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/userinfo.h new/pam_krb5-2.3.5-1/src/userinfo.h
--- old/pam_krb5-2.3.5-1/src/userinfo.h 2008-04-17 14:04:00.000000000 +0200
+++ new/pam_krb5-2.3.5-1/src/userinfo.h 2009-06-15 15:28:45.000000000 +0200
@@ -45,10 +45,7 @@
struct _pam_krb5_user_info *_pam_krb5_user_info_init(krb5_context ctx,
const char *name,
- const char *realm,
- int check_user,
- int num_mappings,
- struct name_mapping *mappings);
+ struct _pam_krb5_options *options);
void _pam_krb5_user_info_free(krb5_context ctx,
struct _pam_krb5_user_info *info);
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/v5.c new/pam_krb5-2.3.5-1/src/v5.c
--- old/pam_krb5-2.3.5-1/src/v5.c 2009-05-28 12:12:23.000000000 +0200
+++ new/pam_krb5-2.3.5-1/src/v5.c 2009-06-15 15:28:45.000000000 +0200
@@ -157,6 +157,22 @@
#endif
}
+krb5_error_code
+v5_parse_name(krb5_context ctx, struct _pam_krb5_options *options,
+ const char *name, krb5_principal *principal)
+{
+#if defined(HAVE_KRB5_PARSE_NAME_FLAGS) && defined(HAVE_KRB5_GET_INIT_CREDS_OPT_SET_CANONICALIZE)
+ int flags;
+ flags = 0;
+ if (options->canonicalize == 1) {
+ flags |= KRB5_PRINCIPAL_PARSE_ENTERPRISE;
+ }
+ return krb5_parse_name_flags(ctx, name, flags, principal);
+#else
+ return krb5_parse_name(ctx, name, principal);
+#endif
+}
+
char *
v5_user_info_subst(krb5_context ctx,
const char *user,
@@ -408,6 +424,7 @@
#error "Don't know how to read principal name components!"
#endif
+/* Compare everything except the realms. */
static int
v5_principal_compare(krb5_context ctx, krb5_principal princ, const char *name)
{
@@ -740,6 +757,8 @@
{
int i;
char *principal;
+ krb5_data *comp;
+ krb5_principal princ;
krb5_keytab keytab;
krb5_kt_cursor cursor;
krb5_keytab_entry entry;
@@ -754,46 +773,85 @@
return PAM_SERVICE_ERR;
}
- /* Read the first key from the file. */
+ /* Set up to walk the keytab. */
memset(&cursor, 0, sizeof(cursor));
i = krb5_kt_start_seq_get(ctx, keytab, &cursor);
if (i != 0) {
- warn("error reading keytab, not verifying TGT");
- return PAM_IGNORE;
+ warn("error reading keytab '%s', not verifying TGT",
+ options->keytab);
+ krb5_kt_close(ctx, keytab);
+ return PAM_SERVICE_ERR;
}
- memset(&entry, 0, sizeof(entry));
- i = krb5_kt_next_entry(ctx, keytab, &entry, &cursor);
- if (i != 0) {
- warn("error reading keytab, not verifying TGT");
- krb5_kt_end_seq_get(ctx, keytab, &cursor);
+ /* Walk the keytab, looking for a good service key. Prefer a "host" in
+ * the client's realm, but try the first one if we don't find a
+ * suitable host key. */
+ princ = NULL;
+ while ((i = krb5_kt_next_entry(ctx, keytab, &entry, &cursor)) == 0) {
+ /* First entry? */
+ if (princ == NULL) {
+ i = krb5_copy_principal(ctx, entry.principal, &princ);
+ if (i != 0) {
+ warn("internal error copying principal name, "
+ "not verifying TGT");
+ krb5_kt_end_seq_get(ctx, keytab, &cursor);
+ krb5_kt_close(ctx, keytab);
+ return PAM_SERVICE_ERR;
+ }
+ } else
+ /* Better entry? */
+ if ((v5_princ_component_count(entry.principal) == 2) &&
+ krb5_realm_compare(ctx, entry.principal, creds->client)) {
+ if ((v5_princ_component_length(entry.principal,
+ 0) == 4) &&
+ (memcmp(v5_princ_component_contents(entry.principal,
+ 0),
+ "host", 4) == 0)) {
+ if (princ != NULL) {
+ krb5_free_principal(ctx, princ);
+ }
+ i = krb5_copy_principal(ctx, entry.principal,
+ &princ);
+ if (i != 0) {
+ warn("internal error copying "
+ "principal name, "
+ "not verifying TGT");
+ krb5_kt_end_seq_get(ctx, keytab,
+ &cursor);
+ krb5_kt_close(ctx, keytab);
+ return PAM_SERVICE_ERR;
+ }
+ }
+ }
+ }
+
+ /* Close the cursor here. Even though we're using cursors, the file
+ * handle is stored in the krb5_keytab structure, and it gets
+ * overwritten when the verify_init_creds() call below creates its own
+ * cursor, creating a leak. */
+ krb5_kt_end_seq_get(ctx, keytab, &cursor);
+ if (princ == NULL) {
+ warn("no suitable key found in keytab, not verifying TGT");
krb5_kt_close(ctx, keytab);
- return PAM_IGNORE;
+ return PAM_SERVICE_ERR;
}
- /* Get the principal to which the key belongs, for logging purposes. */
+ /* Get a text representation of the principal to which the key belongs,
+ * for logging purposes. */
principal = NULL;
- i = krb5_unparse_name(ctx, entry.principal, &principal);
+ i = krb5_unparse_name(ctx, princ, &principal);
if (i != 0) {
- warn("internal error parsing principal name, "
+ warn("internal error unparsing principal name, "
"not verifying TGT");
- krb5_kt_end_seq_get(ctx, keytab, &cursor);
+ krb5_free_principal(ctx, princ);
krb5_kt_close(ctx, keytab);
return PAM_SERVICE_ERR;
}
- /* Close the keytab here. Even though we're using cursors, the file
- * handle is stored in the krb5_keytab structure, and it gets
- * overwritten when the verify_init_creds() call below creates its own
- * cursor, creating a leak. */
- krb5_kt_end_seq_get(ctx, keytab, &cursor);
-
/* Perform the verification checks using the service key. */
krb5_verify_init_creds_opt_init(&opt);
- i = krb5_verify_init_creds(ctx, creds,
- entry.principal, keytab,
- NULL, &opt);
-
+ i = krb5_verify_init_creds(ctx, creds, princ, keytab, NULL, &opt);
+ krb5_free_principal(ctx, princ);
krb5_kt_close(ctx, keytab);
/* Log success or failure. */
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_krb5-2.3.5-1/src/v5.h new/pam_krb5-2.3.5-1/src/v5.h
--- old/pam_krb5-2.3.5-1/src/v5.h 2008-04-17 14:04:00.000000000 +0200
+++ new/pam_krb5-2.3.5-1/src/v5.h 2009-06-15 15:28:45.000000000 +0200
@@ -1,5 +1,5 @@
/*
- * Copyright 2003,2006,2007 Red Hat, Inc.
+ * Copyright 2003,2006,2007,2009 Red Hat, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -123,6 +123,10 @@
int v5_princ_realm_length(krb5_principal princ);
const char *v5_princ_realm_contents(krb5_principal princ);
+krb5_error_code v5_parse_name(krb5_context ctx,
+ struct _pam_krb5_options *options,
+ const char *name,
+ krb5_principal *principal);
krb5_error_code v5_alloc_get_init_creds_opt(krb5_context ctx,
krb5_get_init_creds_opt **opt);
void v5_free_get_init_creds_opt(krb5_context ctx,
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org