Revisions of pam_krb5
Automatic submission by obs-autosubmit
- update to version 2.4.4 * drop configuration settings that duplicated library settings * drop the existing_ticket option * drop krb4 support * add support for preserving configuration information in ccaches * add support for creating and cleaning up DIR: ccaches * finish cleaning up KEYRING: ccaches * add experimental "armor" and "armor_strategy" options * handle creation of /run/user/XXX for FILE: and DIR: caches * handle different function signatures for krb5_trace_callback * avoid overriding the primary when updating DIR: caches - obsolets patches (upstream): * pam_krb5-2.2.0-0.5-configure_ac.dif * use-urandom-for-tests.dif
license update: BSD-3-Clause or LGPL-2.1+ it is a dual license - hence the operator is ^or^ not ^and^ (forwarded request 157847 from babelworx)
- disable checks during build. Does not work reliable in the buildservice - update to version 2.3.13 * don't bother creating a v5 ccache in "external" mode * add a "trace" option to enable libkrb5 tracing, if available * avoid trying to get password-change creds twice * use an in-memory ccache when obtaining tokens using v5 creds * turn off creds==session in "sshd" * add a "validate_user_user" option to control trying to perform user-to-user authentication to validate TGTs when a keytab is not available * add an "ignore_k5login" option to control whether or not the module will use the krb5_kuserok() function to perform additional authorization checks * turn on validation by default - verify_ap_req_nofail controls how we treat errors reading keytab files now * add an "always_allow_localname" option when we can use krb5_aname_to_localname() to second-guess the krb5_kuserok() check * prefer krb5_change_password() to krb5_set_password()
Accepted submit request 63169 from user mcalmer
Accepted submit request 53542 from user coolo
Displaying revisions 1 - 20 of 60