Compare commits
2 Commits
b9efabee8a
...
c192ddb5c0
| Author | SHA1 | Date | |
|---|---|---|---|
| c192ddb5c0 | |||
| 2f48f28d81 |
@ -1,20 +0,0 @@
|
|||||||
diff --git src/providers/krb5/krb5_delayed_online_authentication.c src/providers/krb5/krb5_delayed_online_authentication.c
|
|
||||||
index 1cb7eade0..4aaeb84b2 100644
|
|
||||||
--- src/providers/krb5/krb5_delayed_online_authentication.c
|
|
||||||
+++ src/providers/krb5/krb5_delayed_online_authentication.c
|
|
||||||
@@ -328,6 +328,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx,
|
|
||||||
struct tevent_context *ev)
|
|
||||||
{
|
|
||||||
int ret;
|
|
||||||
+#ifdef __linux__
|
|
||||||
hash_table_t *tmp_table;
|
|
||||||
|
|
||||||
ret = get_uid_table(krb5_ctx, &tmp_table);
|
|
||||||
@@ -347,6 +348,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx,
|
|
||||||
"hash_destroy failed [%s].\n", hash_error_string(ret));
|
|
||||||
return EFAULT;
|
|
||||||
}
|
|
||||||
+#endif /* __linux__ */
|
|
||||||
|
|
||||||
krb5_ctx->deferred_auth_ctx = talloc_zero(krb5_ctx,
|
|
||||||
struct deferred_auth_ctx);
|
|
||||||
@ -1,77 +0,0 @@
|
|||||||
--- src/config/cfg_rules.ini.orig 2024-04-24 13:37:15 UTC
|
|
||||||
+++ src/config/cfg_rules.ini
|
|
||||||
@@ -11,15 +11,15 @@ section_re = ^prompting/password$
|
|
||||||
section = kcm
|
|
||||||
section = session_recording
|
|
||||||
section_re = ^prompting/password$
|
|
||||||
-section_re = ^prompting/password/[^/\@]\+$
|
|
||||||
+section_re = ^prompting/password/[^/\@]\{1,\}$
|
|
||||||
section_re = ^prompting/2fa$
|
|
||||||
-section_re = ^prompting/2fa/[^/\@]\+$
|
|
||||||
+section_re = ^prompting/2fa/[^/\@]\{1,\}$
|
|
||||||
section_re = ^prompting/passkey$
|
|
||||||
-section_re = ^prompting/passkey/[^/\@]\+$
|
|
||||||
-section_re = ^domain/[^/\@]\+$
|
|
||||||
-section_re = ^domain/[^/\@]\+/[^/\@]\+$
|
|
||||||
-section_re = ^application/[^/\@]\+$
|
|
||||||
-section_re = ^certmap/[^/\@]\+/[^/\@]\+$
|
|
||||||
+section_re = ^prompting/passkey/[^/\@]\{1,\}$
|
|
||||||
+section_re = ^domain/[^/\@]\{1,\}$
|
|
||||||
+section_re = ^domain/[^/\@]\{1,\}/[^/\@]\{1,\}$
|
|
||||||
+section_re = ^application/[^/\@]\{1,\}$
|
|
||||||
+section_re = ^certmap/[^/\@]\{1,\}/[^/\@]\{1,\}$
|
|
||||||
|
|
||||||
|
|
||||||
[rule/allowed_sssd_options]
|
|
||||||
@@ -329,13 +329,13 @@ validator = ini_allowed_options
|
|
||||||
|
|
||||||
[rule/allowed_prompting_password_subsec_options]
|
|
||||||
validator = ini_allowed_options
|
|
||||||
-section_re = ^prompting/password/[^/\@]\+$
|
|
||||||
+section_re = ^prompting/password/[^/\@]\{1,\}$
|
|
||||||
|
|
||||||
option = password_prompt
|
|
||||||
|
|
||||||
[rule/allowed_prompting_2fa_subsec_options]
|
|
||||||
validator = ini_allowed_options
|
|
||||||
-section_re = ^prompting/2fa/[^/\@]\+$
|
|
||||||
+section_re = ^prompting/2fa/[^/\@]\{1,\}$
|
|
||||||
|
|
||||||
option = single_prompt
|
|
||||||
option = first_prompt
|
|
||||||
@@ -343,7 +343,7 @@ validator = ini_allowed_options
|
|
||||||
|
|
||||||
[rule/allowed_prompting_passkey_subsec_options]
|
|
||||||
validator = ini_allowed_options
|
|
||||||
-section_re = ^prompting/passkey/[^/\@]\+$
|
|
||||||
+section_re = ^prompting/passkey/[^/\@]\{1,\}$
|
|
||||||
|
|
||||||
option = interactive
|
|
||||||
option = interactive_prompt
|
|
||||||
@@ -352,7 +352,7 @@ validator = ini_allowed_options
|
|
||||||
|
|
||||||
[rule/allowed_domain_options]
|
|
||||||
validator = ini_allowed_options
|
|
||||||
-section_re = ^\(domain\|application\)/[^/]\+$
|
|
||||||
+section_re = ^(domain|application)/[^/]\{1,\}$
|
|
||||||
|
|
||||||
option = debug
|
|
||||||
option = debug_level
|
|
||||||
@@ -810,7 +810,7 @@ validator = ini_allowed_options
|
|
||||||
|
|
||||||
[rule/allowed_subdomain_options]
|
|
||||||
validator = ini_allowed_options
|
|
||||||
-section_re = ^domain/[^/\@]\+/[^/\@]\+$
|
|
||||||
+section_re = ^domain/[^/\@]+/[^/\@]\{1,\}$
|
|
||||||
|
|
||||||
option = ldap_search_base
|
|
||||||
option = ldap_user_search_base
|
|
||||||
@@ -832,7 +832,7 @@ validator = ini_allowed_options
|
|
||||||
|
|
||||||
[rule/allowed_certmap_options]
|
|
||||||
validator = ini_allowed_options
|
|
||||||
-section_re = ^certmap/[^/\@]\+/[^/\@]\+$
|
|
||||||
+section_re = ^certmap/[^/\@]+/[^/\@]\{1,\}$
|
|
||||||
|
|
||||||
option = matchrule
|
|
||||||
option = maprule
|
|
||||||
@ -1,6 +1,6 @@
|
|||||||
PORTNAME= sssd
|
PORTNAME= sssd
|
||||||
PORTVERSION= 2.9.4
|
PORTVERSION= 2.9.4
|
||||||
PORTREVISION= 5
|
PORTREVISION= 2
|
||||||
CATEGORIES= security
|
CATEGORIES= security
|
||||||
PKGNAMESUFFIX= 2
|
PKGNAMESUFFIX= 2
|
||||||
|
|
||||||
@ -34,7 +34,7 @@ LIB_DEPENDS= libcares.so:dns/c-ares \
|
|||||||
libjansson.so:devel/jansson \
|
libjansson.so:devel/jansson \
|
||||||
libjose.so:net/jose \
|
libjose.so:net/jose \
|
||||||
libkrb5.so:security/krb5 \
|
libkrb5.so:security/krb5 \
|
||||||
libldb.so:databases/ldb22 \
|
libldb.so:databases/ldb25 \
|
||||||
libndr-krb5pac.so:net/samba416 \
|
libndr-krb5pac.so:net/samba416 \
|
||||||
libndr-nbt.so:net/samba416 \
|
libndr-nbt.so:net/samba416 \
|
||||||
libndr-standard.so:net/samba416 \
|
libndr-standard.so:net/samba416 \
|
||||||
Reference in New Issue
Block a user