[Pkg-freeipa-devel] [Git][freeipa-team/mod-auth-gssapi][upstream] 39 commits: [travis] Bring back virtualenv logic
Timo Aaltonen
gitlab at salsa.debian.org
Thu Jan 28 12:09:08 GMT 2021
Timo Aaltonen pushed to branch upstream at FreeIPA packaging / mod-auth-gssapi
Commits:
19bed646 by Robbie Harwood at 2018-04-23T14:10:56-04:00
[travis] Bring back virtualenv logic
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
85c9eebf by Robbie Harwood at 2018-04-23T14:12:11-04:00
Update package list for python-requests-gssapi
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
adc126ef by Will Saxon at 2018-04-24T16:31:00-04:00
Make ./configure alert on missing tools
- Fail if bison/flex are missing
- Emit a more specific error message when pkg-config is missing
Signed-off-by: Will Saxon <willsaxon.github at gmail.com>
[rharwood at redhat.com: Move pkg-config check, cleanup commit message]
Fixes: #172
- - - - -
6f30ac3f by Robbie Harwood at 2018-04-27T12:53:44-04:00
Remove $(LEXLIB) from Makefile
libfl expects a symbol from elsewhere. As a result, we end up linking
too much. And since we're making a plugin, this error isn't
recognized until load time.
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
83e15e08 by Robbie Harwood at 2018-04-27T12:53:44-04:00
[travis] Increase Debian to sid, since previous commit fixed it
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
b279695c by Robbie Harwood at 2018-05-31T12:55:02-04:00
Make description of GssapiConnectionBound scarier
Clarify that this is really only for NTLMSSP, and recommend that it be
left in the off position.
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
Reviewd-by: Simo Sorce <simo at redhat.com>
- - - - -
723ccf92 by Robbie Harwood at 2018-06-27T11:32:37-04:00
Clarify s4u2self/s4u2proxy in docs for GssapiImpersonate
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
Reviewed-by: Simo Sorce <simo at redhat.com>
Merges: #183
- - - - -
7e03a0b6 by Robbie Harwood at 2018-07-20T10:49:43-04:00
Allow building without ap_log_rdata()
Apache added ap_log_rdata() in 2.4.11. However, el7 only has apache
2.4.6, and it's not worth bumping our version requirement for just a
logging function.
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
Reviewed-by: Simo Sorce <simo at redhat.com>
Fixes: #184
- - - - -
46c20dd5 by Simo Sorce at 2018-09-17T14:56:26-04:00
Detect libcrypto function instead of using version
Instead of trying to guess which version introduced new openssl
functions we depend on, detect them in configure and declare them
only if they are not found.
Fixes #188
Signed-off-by: Simo Sorce <simo at redhat.com>
- - - - -
4a68fedd by Robbie Harwood at 2018-10-24T16:27:33-04:00
Remove dead variable "text"
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
2157b4bb by Robbie Harwood at 2018-10-24T16:27:33-04:00
Explicitly set umask before calling mkstemp()
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
1fc80aff by Ken Dreyer at 2018-11-13T13:56:45-05:00
README: reword GssapiLocalName description
Use the active voice to make this paragraph clearer.
- - - - -
881f98ee by Robbie Harwood at 2019-01-03T15:30:21-05:00
In tests, show the exception on failure
Otherwise, the user might get nothing at all out, depending on what failed.
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
751eb09e by Robbie Harwood at 2019-01-03T15:30:21-05:00
Fix tests to work with python3
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
b2e75851 by Robbie Harwood at 2019-01-03T15:30:21-05:00
Modernize Travis for new distros and python3
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
67599ba7 by Alejandro Perez at 2019-02-05T08:23:17-05:00
Update mod_auth_gssapi.spec
- - - - -
f89b876b by Robbie Harwood at 2019-02-19T15:10:57-05:00
Fix integer sizes used with ap_set_flag_slot()
ap_set_flag_slot() requires a field of type `int`. Previously we
passed type `bool` in two places, causing test failures on s390x
because logging was not correctly configured.
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
4f44208d by Robbie Harwood at 2019-03-11T14:27:21-04:00
Appease flake8 (E303) to fix Travis
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
6aa0a5bf by Robbie Harwood at 2019-03-18T13:00:21-04:00
[tests] Test suite fixes for virtualenv and clang
- Typo fix - VIRTUAL_ENV in magtests.py
- testenv object manipulation fix in magtests.py
- Work around -fstack-clash-protection problems in clang
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
9c555e2a by Alejandro Perez at 2019-03-25T11:58:25-04:00
Pass GSS_C_NO_OID as the mechanism to gss_localname.
Passing the actual mechanism name does not work as expected
with SPNEGO-wrapped names.
More details in http://krbdev.mit.edu/rt/Ticket/Display.html?id=8782
Signed-off-by: Alejandro Perez <alex.perez-mendez at jisc.ac.uk>
- - - - -
807747d8 by Alejandro Perez at 2019-03-25T13:29:02-04:00
Some improvements on the spec file
* Now, version is automatically taken from the configure script
* Added bison and flex as BuildRequire
Signed-off-by: Alejandro Perez <alex.perez-mendez at jisc.ac.uk>
- - - - -
d535dd4e by Simo Sorce at 2019-04-03T16:47:13-04:00
Add Yacc/Lex artifacts to .gitignore
Signed-off-by: Simo Sorce <simo at redhat.com>
- - - - -
318db0b0 by Simo Sorce at 2019-04-03T16:47:13-04:00
Fix mag_auth_basic function call.
In order to respect the API we'd have to return nech_type as a copy of
the mech found to correctly complete authentication.
It would need to be a copy because the actual_mechs variable is an array
of statically copied OIDs not an array of pointers.
Instead change mag_auth_basic to directly call mag_complete() and
mag_cache_basic on success. This is easier than attempting to handle
copying out OIDs and then freeing them in the caller as GSSAPI does not
offer standard APIs for copying OIDs.
As a side-effect we reduce the number of arguments to mag_auth_gssapi,
which is good, to the slight detriment of legibility in the main
function as now you need to know mag_auth_basic() is already calling
mag_complete(). The trade off is worth it though.
Signed-off-by: Simo Sorce <simo at redhat.com>
- - - - -
4a22af70 by Simo Sorce at 2019-04-03T16:47:13-04:00
Move check for persistent send
There are a few paths that lead to the done label being reached with a
success status (ret = OK) so the check for sending the persistent header
should probably be done after the done label to catch those other paths
too.
Signed-off-by: Simo Sorce <simo at redhat.com>
- - - - -
812fa38c by Robbie Harwood at 2019-06-26T17:37:28-04:00
[travis] Don't log on expected installation failure
python3-requests-gssapi isn't packaged everywhere, and the Travis
logic will fall back to pulling from PyPI. Remove the noise.
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
e51d5bb0 by Robbie Harwood at 2019-06-26T17:37:28-04:00
Adapt and document sweeper.py for gssproxy
Resolves: #207
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
28a61ed0 by Ken Dreyer at 2020-04-16T18:38:28-04:00
README: document default boolean config values
Prior to this change, we documented the default values for some of the
boolean configuration options, but not all of the options.
Document the default values for all the remaining boolean config
options.
- - - - -
dedf84d4 by Ken Dreyer at 2020-04-16T21:58:25-04:00
README: add warning for GssapiSSLonly
It's easy for users to accidentally set GssapiSSLonly to "Off" in
production, or instruct other users to turn this "Off" without
understanding the consequences.
Advise users that they should always use HTTPS in production.
- - - - -
a47d4d49 by Simo Sorce at 2020-04-25T17:58:56-04:00
Fix gss_localname with SPNEGO wrapping
This fixes a regression introduced with commit:
9c555e2a42653153c0f0159446b90a26c14e9465
Thanks to Matt Woodyard for patient help in debugging this issue.
Signed-off-by: Simo Sorce <simo at redhat.com>
- - - - -
dca7b51b by Simo Sorce at 2020-04-25T17:58:56-04:00
Add test for gss_localname
Signed-off-by: Simo Sorce <simo at redhat.com>
- - - - -
9112cc87 by Simo Sorce at 2020-04-26T14:30:41-04:00
Release version 1.6.2
Signed-off-by: Simo Sorce <simo at redhat.com>
- - - - -
6d9c0057 by Simo Sorce at 2020-05-15T13:24:54-04:00
Fix flake8 issues to pass build
Signed-off-by: Simo Sorce <simo at redhat.com>
Reviewed-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
eb6de7e9 by Simo Sorce at 2020-05-15T13:25:18-04:00
Fix distcheck
Signed-off-by: Simo Sorce <simo at redhat.com>
Reviewed-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
09df7584 by Simo Sorce at 2020-05-15T13:25:24-04:00
Add option to control timeout for Basic Auth
Adds new option and tests.
Adds optional dependency on libfaketime to test this feature.
Fixes: #210
Signed-off-by: Simo Sorce <simo at redhat.com>
Merges: #217
Reviewed-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
367120a1 by Robbie Harwood at 2020-05-15T20:12:40+00:00
[tests] Support Debian's libfaketime
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
e60384c0 by Robbie Harwood at 2020-05-15T20:12:40+00:00
[tests] Fixup virtualenv handling
Fixes an issue where virtualenv's PATH would get lost
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
98fb40ca by Robbie Harwood at 2020-05-15T20:12:40+00:00
[CI] Migrate to GitHub Actions
Drop centos builder since el7 isn't being updated and el8 is missing
dependencies. Move flake onto fedora-gcc.
Signed-off-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
3f9ed411 by Simo Sorce at 2020-05-15T16:29:15-04:00
Add ability to expose the used mechanism
A new option named GssapiPublishMech enables setting an environemnt
variable named GSS_MECH that exposed the authentication type and
mechanism used for authentication.
Signed-off-by: Simo Sorce <simo at redhat.com>
Merges: #206
Resolves: #199
Reviewed-by: Robbie Harwood <rharwood at redhat.com>
- - - - -
75ac8df5 by Simo Sorce at 2020-08-05T13:06:38-04:00
Release versio 1.6.3
Signed-off-by: Simo Sorce <simo at redhat.com>
- - - - -
30 changed files:
- + .github/workflows/ci.yml
- .gitignore
- − .travis.sh
- − .travis.yml
- README
- + ci/ci.sh
- + ci/run_dockerized.sh
- configure.ac
- contrib/mod_auth_gssapi.spec → contrib/mod_auth_gssapi.spec.in
- contrib/sweeper.py
- src/Makefile.am
- src/crypto.c
- src/environ.c
- src/environ.h
- src/mod_auth_gssapi.c
- src/mod_auth_gssapi.h
- tests/Makefile.am
- tests/httpd.conf
- + tests/localname.html
- tests/magtests.py
- + tests/mech.html
- tests/t_bad_acceptor_name.py
- tests/t_basic_k5.py
- tests/t_basic_k5_fail_second.py
- tests/t_basic_k5_two_users.py
- tests/t_basic_proxy.py
- + tests/t_basic_timeout.py
- + tests/t_localname.py
- + tests/t_mech_name.py
- tests/t_nonego.py
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/freeipa-team/mod-auth-gssapi/-/compare/d49615a95fd99e1eda8a7bf54e7f7216c4a7e6b1...75ac8df55b23e1907cd534d2716937579d6af027
--
View it on GitLab: https://salsa.debian.org/freeipa-team/mod-auth-gssapi/-/compare/d49615a95fd99e1eda8a7bf54e7f7216c4a7e6b1...75ac8df55b23e1907cd534d2716937579d6af027
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20210128/71951d93/attachment-0001.html>
More information about the Pkg-freeipa-devel
mailing list