diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..7811b1a
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/gssproxy-0.8.0.tar.gz
diff --git a/.gssproxy.metadata b/.gssproxy.metadata
new file mode 100644
index 0000000..4cb1476
--- /dev/null
+++ b/.gssproxy.metadata
@@ -0,0 +1 @@
+51f38bd9e0adf6018e4d3008bb06311c9cd12381 SOURCES/gssproxy-0.8.0.tar.gz
diff --git a/SOURCES/Add-a-safety-timeout-to-epoll.patch b/SOURCES/Add-a-safety-timeout-to-epoll.patch
new file mode 100644
index 0000000..d909965
--- /dev/null
+++ b/SOURCES/Add-a-safety-timeout-to-epoll.patch
@@ -0,0 +1,48 @@
+From b4b7e3fc0f2008967202f2453e9c33b378e7a000 Mon Sep 17 00:00:00 2001
+From: Simo Sorce <simo@redhat.com>
+Date: Wed, 6 Mar 2019 10:36:11 -0500
+Subject: [PATCH] Add a safety timeout to epoll
+
+Add a safety timeout just in case something goes wrong with the use of
+timerfd. This way the process should't be stuck forever.
+
+Signed-off-by: Simo Sorce <simo@redhat.com>
+[rharwood@redhat.com: remove outdated comment]
+Reviewed-by: Robbie Harwood <rharwood@redhat.com>
+Merges: #241
+(cherry picked from commit d55be9fa2455fe52b6eb904ad427f22141ab3f26)
+(cherry picked from commit a494f23b6d8d43fe1a824cd69c3dd93a18fc75a1)
+---
+ src/client/gpm_common.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/src/client/gpm_common.c b/src/client/gpm_common.c
+index 36df5cc..808f350 100644
+--- a/src/client/gpm_common.c
++++ b/src/client/gpm_common.c
+@@ -14,6 +14,7 @@
+ #define FRAGMENT_BIT (1 << 31)
+
+ #define RESPONSE_TIMEOUT 15
++#define SAFETY_TIMEOUT RESPONSE_TIMEOUT * 10 * 1000
+ #define MAX_TIMEOUT_RETRY 3
+
+ struct gpm_ctx {
+@@ -291,7 +292,7 @@ static int gpm_epoll_wait(struct gpm_ctx *gpmctx, uint32_t event_flags)
+ }
+
+ do {
+- epoll_ret = epoll_wait(gpmctx->epollfd, events, 2, -1);
++ epoll_ret = epoll_wait(gpmctx->epollfd, events, 2, SAFETY_TIMEOUT);
+ } while (epoll_ret < 0 && errno == EINTR);
+
+ if (epoll_ret < 0) {
+@@ -299,8 +300,6 @@ static int gpm_epoll_wait(struct gpm_ctx *gpmctx, uint32_t event_flags)
+ ret = errno;
+ gpm_epoll_close(gpmctx);
+ } else if (epoll_ret == 0) {
+- /* Shouldn't happen as timeout == -1; treat it like a timeout
+- * occurred. */
+ ret = ETIMEDOUT;
+ gpm_epoll_close(gpmctx);
+ } else if (epoll_ret == 1 && events[0].data.fd == gpmctx->timerfd) {
diff --git a/SOURCES/Always-choose-highest-requested-debug-level.patch b/SOURCES/Always-choose-highest-requested-debug-level.patch
new file mode 100644
index 0000000..59acb8e
--- /dev/null
+++ b/SOURCES/Always-choose-highest-requested-debug-level.patch
@@ -0,0 +1,107 @@
+From d284ec7dc9fe0a824b177873078aeb36a25b7878 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Wed, 11 Apr 2018 16:15:00 -0400
+Subject: [PATCH] Always choose highest requested debug level
+
+Allowing the CLI to lower the debug level specified in a config file
+is dubious, and previously broken since we don't distinguish "default
+value" from "explicitly requested value of 0" in popt. This resulted
+in "Debug Enabled (level: 0)" even when the log level was not actually
+0, which is confusing for users.
+
+Remove the gp_debug_args() function since it is no longer used.
+
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+Reviewed-by: Simo Sorce <simo@redhat.com>
+Merges: #229
+(cherry picked from commit 5a714768aec776dc875237dd729c85389932a688)
+---
+ src/gp_debug.c | 34 ++++++++--------------------------
+ src/gp_debug.h | 3 +--
+ src/gssproxy.c | 2 +-
+ 3 files changed, 10 insertions(+), 29 deletions(-)
+
+diff --git a/src/gp_debug.c b/src/gp_debug.c
+index 4a141fc..a0f51f0 100644
+--- a/src/gp_debug.c
++++ b/src/gp_debug.c
+@@ -1,4 +1,4 @@
+-/* Copyright (C) 2011 the GSS-PROXY contributors, see COPYING for license */
++/* Copyright (C) 2011,2018 the GSS-PROXY contributors, see COPYING for license */
+
+ #include "config.h"
+ #include <stdbool.h>
+@@ -7,35 +7,17 @@
+ #include "gp_log.h"
+
+ /* global debug switch */
+-int gp_debug;
+-
+-int gp_debug_args(int level) {
+- static int args_level = 0;
+-
+- if (level != 0) {
+- args_level = level;
+- }
+- return args_level;
+-}
++int gp_debug = 0;
+
+ void gp_debug_toggle(int level)
+ {
+- static bool krb5_trace_set = false;
++ if (level <= gp_debug)
++ return;
+
+- /* Command line and environment options override config file */
+- gp_debug = gp_debug_args(0);
+- if (gp_debug == 0) {
+- gp_debug = level;
+- }
+- if (level >= 3) {
+- if (!getenv("KRB5_TRACE")) {
+- setenv("KRB5_TRACE", "/dev/stderr", 1);
+- krb5_trace_set = true;
+- }
+- } else if (krb5_trace_set) {
+- unsetenv("KRB5_TRACE");
+- krb5_trace_set = false;
+- }
++ if (level >= 3 && !getenv("KRB5_TRACE"))
++ setenv("KRB5_TRACE", "/dev/stderr", 1);
++
++ gp_debug = level;
+ GPDEBUG("Debug Enabled (level: %d)\n", level);
+ }
+
+diff --git a/src/gp_debug.h b/src/gp_debug.h
+index 1c2f8a3..4932bfd 100644
+--- a/src/gp_debug.h
++++ b/src/gp_debug.h
+@@ -1,4 +1,4 @@
+-/* Copyright (C) 2011 the GSS-PROXY contributors, see COPYING for license */
++/* Copyright (C) 2011,2018 the GSS-PROXY contributors, see COPYING for license */
+
+ #ifndef _GP_DEBUG_H_
+ #define _GP_DEBUG_H_
+@@ -10,7 +10,6 @@
+
+ extern int gp_debug;
+
+-int gp_debug_args(int level);
+ void gp_debug_toggle(int);
+ void gp_debug_printf(const char *format, ...);
+ void gp_debug_time_printf(const char *format, ...);
+diff --git a/src/gssproxy.c b/src/gssproxy.c
+index 6d36a5d..db6e89b 100644
+--- a/src/gssproxy.c
++++ b/src/gssproxy.c
+@@ -208,7 +208,7 @@ int main(int argc, const char *argv[])
+
+ if (opt_debug || opt_debug_level > 0) {
+ if (opt_debug_level == 0) opt_debug_level = 1;
+- gp_debug_args(opt_debug_level);
++ gp_debug_toggle(opt_debug_level);
+ }
+
+ if (opt_daemon && opt_interactive) {
diff --git a/SOURCES/Always-initialize-out-cred-in-gp_import_gssx_cred.patch b/SOURCES/Always-initialize-out-cred-in-gp_import_gssx_cred.patch
new file mode 100644
index 0000000..b1387f3
--- /dev/null
+++ b/SOURCES/Always-initialize-out-cred-in-gp_import_gssx_cred.patch
@@ -0,0 +1,34 @@
+From 8f787b66bc23b8317d95c6cf64fe6e0e6409f869 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Mon, 15 Apr 2019 19:54:17 -0400
+Subject: [PATCH] Always initialize out cred in gp_import_gssx_cred()
+
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+Reviewed-by: Simo Sorce <simo@redhat.com>
+Merges: #244
+(cherry picked from commit 5697dfd94345c945f93070c40b9d4480f3d3d7ea)
+---
+ src/gp_export.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/gp_export.c b/src/gp_export.c
+index 5e8e160..403e339 100644
+--- a/src/gp_export.c
++++ b/src/gp_export.c
+@@ -449,6 +449,8 @@ uint32_t gp_import_gssx_cred(uint32_t *min, struct gp_call_ctx *gpcall,
+ uint32_t ret_min = 0;
+ int ret;
+
++ *out = GSS_C_NO_CREDENTIAL;
++
+ handle = gp_service_get_creds_handle(gpcall->service);
+ if (!handle) {
+ ret_maj = GSS_S_FAILURE;
+@@ -470,7 +472,6 @@ uint32_t gp_import_gssx_cred(uint32_t *min, struct gp_call_ctx *gpcall,
+ if (ret) {
+ /* Allow for re-issuance of the keytab. */
+ GPDEBUG("Stored ccache failed to decrypt; treating as empty\n");
+- *out = GSS_C_NO_CREDENTIAL;
+ goto done;
+ }
+
diff --git a/SOURCES/Always-use-the-encype-we-selected.patch b/SOURCES/Always-use-the-encype-we-selected.patch
new file mode 100644
index 0000000..afbf251
--- /dev/null
+++ b/SOURCES/Always-use-the-encype-we-selected.patch
@@ -0,0 +1,43 @@
+From 64bf7f099fe52a214794486d16e3383ff25e8682 Mon Sep 17 00:00:00 2001
+From: Simo Sorce <simo@redhat.com>
+Date: Tue, 27 Feb 2018 11:59:25 -0500
+Subject: [PATCH] Always use the encype we selected
+
+The enctype is selected from the keytab or from the fallback code.
+Either way make sure to use the enctype stored in the key block.
+
+Signed-off-by: Simo Sorce <simo@redhat.com>
+Reviewed-by: Robbie Harwood <rharwood@redhat.com>
+Merges: #226
+(cherry picked from commit d73c96d658059ce64ecd41ff2924071d86f2b54f)
+---
+ src/gp_export.c | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/src/gp_export.c b/src/gp_export.c
+index c9f5fd4..5e8e160 100644
+--- a/src/gp_export.c
++++ b/src/gp_export.c
+@@ -168,11 +168,10 @@ uint32_t gp_init_creds_handle(uint32_t *min, const char *svc_name,
+ GP_CREDS_HANDLE_KEY_ENCTYPE, 0,
+ &handle->key);
+ if (ret == 0) {
+- ret = krb5_c_make_random_key(handle->context,
+- GP_CREDS_HANDLE_KEY_ENCTYPE,
++ ret = krb5_c_make_random_key(handle->context, handle->key->enctype,
+ handle->key);
+ GPDEBUG("Service: %s, Enckey: [ephemeral], Enctype: %d\n",
+- svc_name, GP_CREDS_HANDLE_KEY_ENCTYPE);
++ svc_name, handle->key->enctype);
+ }
+ if (ret) {
+ ret_min = ret;
+@@ -254,7 +253,7 @@ static int gp_decrypt_buffer(krb5_context context, krb5_keyblock *key,
+
+ memset(&enc_handle, '\0', sizeof(krb5_enc_data));
+
+- enc_handle.enctype = GP_CREDS_HANDLE_KEY_ENCTYPE;
++ enc_handle.enctype = key->enctype;
+ enc_handle.ciphertext.data = in->octet_string_val;
+ enc_handle.ciphertext.length = in->octet_string_len;
+
diff --git a/SOURCES/Avoid-uninitialized-free-when-allocating-buffers.patch b/SOURCES/Avoid-uninitialized-free-when-allocating-buffers.patch
new file mode 100644
index 0000000..aaf5478
--- /dev/null
+++ b/SOURCES/Avoid-uninitialized-free-when-allocating-buffers.patch
@@ -0,0 +1,39 @@
+From 160f7a7c66e7e3d249de853cd5a1ebe0becd9fe1 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Wed, 1 May 2019 11:27:13 -0400
+Subject: [PATCH] Avoid uninitialized free when allocating buffers
+
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+Reviewed-by: Simo Sorce <simo@redhat.com>
+Resolves: #248
+(cherry picked from commit eafa3c9272c95646400123f8e4d6fb50cf36d36c)
+---
+ src/gp_export.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/gp_export.c b/src/gp_export.c
+index dbfddeb..a5681c0 100644
+--- a/src/gp_export.c
++++ b/src/gp_export.c
+@@ -300,6 +300,7 @@ static int gp_encrypt_buffer(krb5_context context, krb5_keyblock *key,
+ &data_in,
+ &enc_handle);
+ if (ret) {
++ free(enc_handle.ciphertext.data);
+ ret = EINVAL;
+ goto done;
+ }
+@@ -308,12 +309,12 @@ static int gp_encrypt_buffer(krb5_context context, krb5_keyblock *key,
+ enc_handle.ciphertext.data,
+ out);
+ if (ret) {
++ free(enc_handle.ciphertext.data);
+ goto done;
+ }
+
+ done:
+ free(padded);
+- free(enc_handle.ciphertext.data);
+ return ret;
+ }
+
diff --git a/SOURCES/Change-the-way-we-handle-encrypted-buffers.patch b/SOURCES/Change-the-way-we-handle-encrypted-buffers.patch
new file mode 100644
index 0000000..bfce327
--- /dev/null
+++ b/SOURCES/Change-the-way-we-handle-encrypted-buffers.patch
@@ -0,0 +1,193 @@
+From 51bba6bf325716534c509e0528d2ccfd0050d28c Mon Sep 17 00:00:00 2001
+From: Simo Sorce <simo@redhat.com>
+Date: Wed, 17 Apr 2019 18:00:59 -0400
+Subject: [PATCH] Change the way we handle encrypted buffers
+
+The previous change has backwards incompatible behavior that may also
+lead to buffer overruns.
+
+Because we have no easy way to indicate a format change and to maintain
+backwards compatibility for the ciphers that were working (those that
+added padding were hopelessly borken anyway) introduce code to simply
+add padding that we can recognize and remove when we read back the token.
+
+On ciphers that do not add padding this is basically a no op and the
+tokens will be identical to the ones we previously emitted.
+
+On ciphers that add padding we pad the plaintext so that we hit a block
+boundary and cause no extra padding to be added by krb5_c_encrypt
+itself. On decryption we check if padding bytes are appended to the
+buffer and remove them.
+
+Signed-off-by: Simo Sorce <simo@redhat.com>
+Reviewed-by: Robbie Harwood <rharwood@redhat.com>
+Merges: #246
+(cherry picked from commit 839be8aa7e54e93819e8291b570e4c7cfe7e98f1)
+---
+ src/gp_export.c | 110 +++++++++++++++++++++++++++++++++++++-----------
+ 1 file changed, 86 insertions(+), 24 deletions(-)
+
+diff --git a/src/gp_export.c b/src/gp_export.c
+index aa0a8ec..dbfddeb 100644
+--- a/src/gp_export.c
++++ b/src/gp_export.c
+@@ -193,9 +193,15 @@ done:
+ return ret_maj;
+ }
+
+-/* We need to include a length in our payloads because krb5_c_decrypt() will
+- * pad the contents for some enctypes, and gss_import_cred() doesn't like
+- * having extra bytes on tokens. */
++#define ENC_MIN_PAD_LEN 8
++
++/* We need to pad our payloads because krb5_c_decrypt() may pad the
++ * contents for some enctypes, and gss_import_cred() doesn't like
++ * having extra bytes on tokens.
++ * Explicit padding and depadding is used in order to maintain backwards
++ * compatibility over upgrades (and downgrades), it would have been
++ * better if we simply had a better formatting of the returned blob
++ * so we could simply change a "blob version" number */
+ static int gp_encrypt_buffer(krb5_context context, krb5_keyblock *key,
+ size_t len, void *buf, octet_string *out)
+ {
+@@ -203,8 +209,9 @@ static int gp_encrypt_buffer(krb5_context context, krb5_keyblock *key,
+ krb5_data data_in;
+ krb5_enc_data enc_handle;
+ size_t cipherlen;
+- char *packed = NULL;
+- uint32_t netlen;
++ size_t padcheck;
++ uint8_t pad = 0;
++ char *padded = NULL;
+
+ if (len > (uint32_t)(-1)) {
+ /* Needs to fit in 4 bytes of payload, so... */
+@@ -212,28 +219,72 @@ static int gp_encrypt_buffer(krb5_context context, krb5_keyblock *key,
+ goto done;
+ }
+
+- packed = malloc(len);
+- if (!packed) {
+- ret = errno;
++ ret = krb5_c_encrypt_length(context,
++ key->enctype,
++ len, &cipherlen);
++ if (ret) {
+ goto done;
+ }
+
+- netlen = htonl(len);
+- memcpy(packed, (uint8_t *)&netlen, 4);
+- memcpy(packed + 4, buf, len);
+-
+- data_in.length = len + 4;
+- data_in.data = packed;
+-
+- memset(&enc_handle, '\0', sizeof(krb5_enc_data));
+-
++ /* try again with len + 1 to see if padding is required */
+ ret = krb5_c_encrypt_length(context,
+ key->enctype,
+- data_in.length,
+- &cipherlen);
++ len + 1, &padcheck);
+ if (ret) {
+ goto done;
+ }
++ if (padcheck == cipherlen) {
++ int i;
++ /* padding required */
++ pad = ENC_MIN_PAD_LEN;
++ /* always add enough padding that it makes it extremely unlikley
++ * legitimate plaintext will be incorrectly depadded in the
++ * decrypt function */
++ ret = krb5_c_encrypt_length(context,
++ key->enctype,
++ len + pad, &cipherlen);
++ if (ret) {
++ goto done;
++ }
++ /* we support only block sizes up to 16 bytes as this is the largest
++ * supported block size in krb ciphers for now */
++ for (i = 0; i < 15; i++) {
++ /* find the point at which padcheck increases, that's when we
++ * cross a blocksize boundary internally and we can calculate
++ * the padding that will be used */
++ ret = krb5_c_encrypt_length(context,
++ key->enctype,
++ len + pad + i + 1, &padcheck);
++ if (ret) {
++ goto done;
++ }
++ if (padcheck > cipherlen) {
++ pad += i;
++ break;
++ }
++ }
++ if (i > 15) {
++ ret = EINVAL;
++ goto done;
++ }
++ }
++
++ if (pad != 0) {
++ padded = malloc(len + pad);
++ if (!padded) {
++ ret = errno;
++ goto done;
++ }
++
++ memcpy(padded, buf, len);
++ memset(padded + len, pad, pad);
++
++ data_in.length = len + pad;
++ data_in.data = padded;
++ } else {
++ data_in.length = len;
++ data_in.data = buf;
++ }
+
+ enc_handle.ciphertext.length = cipherlen;
+ enc_handle.ciphertext.data = malloc(enc_handle.ciphertext.length);
+@@ -261,7 +312,7 @@ static int gp_encrypt_buffer(krb5_context context, krb5_keyblock *key,
+ }
+
+ done:
+- free(packed);
++ free(padded);
+ free(enc_handle.ciphertext.data);
+ return ret;
+ }
+@@ -273,7 +324,8 @@ static int gp_decrypt_buffer(krb5_context context, krb5_keyblock *key,
+ int ret;
+ krb5_data data_out;
+ krb5_enc_data enc_handle;
+- uint32_t netlen;
++ uint8_t pad;
++ int i, j;
+
+ memset(&enc_handle, '\0', sizeof(krb5_enc_data));
+
+@@ -295,9 +347,19 @@ static int gp_decrypt_buffer(krb5_context context, krb5_keyblock *key,
+ }
+
+ /* And handle the padding. */
+- memcpy(&netlen, buf, 4);
+- *len = ntohl(netlen);
+- memmove(buf, buf + 4, *len);
++ i = data_out.length - 1;
++ pad = data_out.data[i];
++ if (pad >= ENC_MIN_PAD_LEN && pad < i) {
++ j = pad;
++ while (j > 0) {
++ j--;
++ if (pad != data_out.data[i - j]) break;
++ }
++ if (j == 0) {
++ data_out.length -= pad;
++ }
++ }
++ *len = data_out.length;
+
+ return 0;
+ }
diff --git a/SOURCES/Clarify-debug-and-debug_level-in-man-pages.patch b/SOURCES/Clarify-debug-and-debug_level-in-man-pages.patch
new file mode 100644
index 0000000..1a5f224
--- /dev/null
+++ b/SOURCES/Clarify-debug-and-debug_level-in-man-pages.patch
@@ -0,0 +1,74 @@
+From d71d354f1020a7deac57f26cc7c2cafb3fa675a3 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Wed, 11 Apr 2018 16:01:21 -0400
+Subject: [PATCH] Clarify debug and debug_level in man pages
+
+In particular, add debug_level to gssproxy(5) since it was previously
+accepted but not documented.
+
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+Reviewed-by: Simo Sorce <simo@redhat.com>
+Merges: #229
+(cherry picked from commit e0e96e46be03102903533a9816b4deefe1adfaf8)
+---
+ man/gssproxy.8.xml | 24 +++++++++++++++++++++++-
+ man/gssproxy.conf.5.xml | 5 ++++-
+ 2 files changed, 27 insertions(+), 2 deletions(-)
+
+diff --git a/man/gssproxy.8.xml b/man/gssproxy.8.xml
+index 1df4b0d..21f7e6a 100644
+--- a/man/gssproxy.8.xml
++++ b/man/gssproxy.8.xml
+@@ -118,13 +118,35 @@
+ </para>
+ </listitem>
+ </varlistentry>
++
+ <varlistentry>
+ <term>
+ <option>-d</option>,<option>--debug</option>
+ </term>
+ <listitem>
+ <para>
+- Turn on debugging.
++ Turn on debugging. This option is identical to
++ --debug-level=1.
++ </para>
++ </listitem>
++ </varlistentry>
++
++ <varlistentry>
++ <term>
++ <option>--debug-level=</option>
++ </term>
++ <listitem>
++ <para>
++ Turn on debugging at the specified level. 0
++ corresponds to no logging, while 1 turns on basic
++ debug logging. Level 2 increases verbosity, including
++ more detailed credential verification.
++ </para>
++ <para>
++ At level 3 and above, KRB5_TRACE output is logged. If
++ KRB5_TRACE was already set in the execution
++ environment, trace output is sent to its value
++ instead.
+ </para>
+ </listitem>
+ </varlistentry>
+diff --git a/man/gssproxy.conf.5.xml b/man/gssproxy.conf.5.xml
+index de846b4..21c9653 100644
+--- a/man/gssproxy.conf.5.xml
++++ b/man/gssproxy.conf.5.xml
+@@ -192,7 +192,10 @@
+ <varlistentry>
+ <term>debug (boolean)</term>
+ <listitem>
+- <para>Enable debugging to syslog.</para>
++ <para>
++ Enable debugging to syslog. Setting to true is
++ identical to setting debug_level to 1.
++ </para>
+ <para>Default: debug = false</para>
+ </listitem>
+ </varlistentry>
diff --git a/SOURCES/Close-epoll-fd-within-the-lock.patch b/SOURCES/Close-epoll-fd-within-the-lock.patch
new file mode 100644
index 0000000..129b316
--- /dev/null
+++ b/SOURCES/Close-epoll-fd-within-the-lock.patch
@@ -0,0 +1,159 @@
+From 01ff7b67bfaad9b4f6cebc7c46ac9b1d99671d4f Mon Sep 17 00:00:00 2001
+From: Simo Sorce <simo@redhat.com>
+Date: Wed, 6 Mar 2019 10:31:13 -0500
+Subject: [PATCH] Close epoll fd within the lock
+
+A race condition may happen where we close the epoll socket, after
+another thread grabbed the lock and is using epoll itself.
+On some kernels this may cause epoll to not fire any event leaving the
+thread stuck forever.
+
+Signed-off-by: Simo Sorce <simo@redhat.com>
+[rharwood@redhat.com: cleanup commit message, adjusted function ordering]
+Reviewed-by: Robbie Harwood <rharwood@redhat.com>
+Merges: #241
+(cherry picked from commit 0ccfd32f8ef16caf65698c5319dfa251d43433af)
+
+Squashed with:
+
+Reorder functions
+
+Keep related functions closer together like before
+
+Signed-off-by: Simo Sorce <simo@redhat.com>
+Reviewed-by: Robbie Harwood <rharwood@redhat.com>
+Resolves: #242
+(cherry picked from commit 6accc0afead574e11447447c949f2abcb1a34826)
+(cherry picked from commit c33de0c213d570f370fd954869c2ad99901b2cf3)
+---
+ src/client/gpm_common.c | 96 ++++++++++++++++++++++-------------------
+ 1 file changed, 51 insertions(+), 45 deletions(-)
+
+diff --git a/src/client/gpm_common.c b/src/client/gpm_common.c
+index c254280..36df5cc 100644
+--- a/src/client/gpm_common.c
++++ b/src/client/gpm_common.c
+@@ -139,43 +139,6 @@ static void gpm_close_socket(struct gpm_ctx *gpmctx)
+ gpmctx->fd = -1;
+ }
+
+-static int gpm_grab_sock(struct gpm_ctx *gpmctx)
+-{
+- int ret;
+- pid_t p;
+- uid_t u;
+- gid_t g;
+-
+- ret = pthread_mutex_lock(&gpmctx->lock);
+- if (ret) {
+- return ret;
+- }
+-
+- /* Detect fork / setresuid and friends */
+- p = getpid();
+- u = geteuid();
+- g = getegid();
+-
+- if (gpmctx->fd != -1 &&
+- (p != gpmctx->pid || u != gpmctx->uid || g != gpmctx->gid)) {
+- gpm_close_socket(gpmctx);
+- }
+-
+- if (gpmctx->fd == -1) {
+- ret = gpm_open_socket(gpmctx);
+- }
+-
+- if (ret) {
+- pthread_mutex_unlock(&gpmctx->lock);
+- }
+- return ret;
+-}
+-
+-static int gpm_release_sock(struct gpm_ctx *gpmctx)
+-{
+- return pthread_mutex_unlock(&gpmctx->lock);
+-}
+-
+ static void gpm_timer_close(struct gpm_ctx *gpmctx)
+ {
+ if (gpmctx->timerfd < 0) {
+@@ -253,6 +216,57 @@ static int gpm_epoll_setup(struct gpm_ctx *gpmctx)
+ return ret;
+ }
+
++static int gpm_release_sock(struct gpm_ctx *gpmctx)
++{
++ gpm_epoll_close(gpmctx);
++ gpm_timer_close(gpmctx);
++ return pthread_mutex_unlock(&gpmctx->lock);
++}
++
++static int gpm_grab_sock(struct gpm_ctx *gpmctx)
++{
++ int ret;
++ pid_t p;
++ uid_t u;
++ gid_t g;
++
++ ret = pthread_mutex_lock(&gpmctx->lock);
++ if (ret) {
++ return ret;
++ }
++
++ /* Detect fork / setresuid and friends */
++ p = getpid();
++ u = geteuid();
++ g = getegid();
++
++ if (gpmctx->fd != -1 &&
++ (p != gpmctx->pid || u != gpmctx->uid || g != gpmctx->gid)) {
++ gpm_close_socket(gpmctx);
++ }
++
++ if (gpmctx->fd == -1) {
++ ret = gpm_open_socket(gpmctx);
++ if (ret) {
++ goto done;
++ }
++ }
++
++ /* setup timer */
++ ret = gpm_timer_setup(gpmctx, RESPONSE_TIMEOUT);
++ if (ret) {
++ goto done;
++ }
++ /* create epoll fd as well */
++ ret = gpm_epoll_setup(gpmctx);
++
++done:
++ if (ret) {
++ gpm_release_sock(gpmctx);
++ }
++ return ret;
++}
++
+ static int gpm_epoll_wait(struct gpm_ctx *gpmctx, uint32_t event_flags)
+ {
+ int ret;
+@@ -530,11 +544,6 @@ static int gpm_send_recv_loop(struct gpm_ctx *gpmctx, char *send_buffer,
+ int ret;
+ int retry_count;
+
+- /* setup timer */
+- ret = gpm_timer_setup(gpmctx, RESPONSE_TIMEOUT);
+- if (ret)
+- return ret;
+-
+ for (retry_count = 0; retry_count < MAX_TIMEOUT_RETRY; retry_count++) {
+ /* send to proxy */
+ ret = gpm_send_buffer(gpmctx, send_buffer, send_length);
+@@ -761,9 +770,6 @@ int gpm_make_call(int proc, union gp_rpc_arg *arg, union gp_rpc_res *res)
+ }
+
+ done:
+- gpm_timer_close(gpmctx);
+- gpm_epoll_close(gpmctx);
+-
+ if (sockgrab) {
+ gpm_release_sock(gpmctx);
+ }
diff --git a/SOURCES/Handle-gss_import_cred-failure-when-importing-gssx-c.patch b/SOURCES/Handle-gss_import_cred-failure-when-importing-gssx-c.patch
new file mode 100644
index 0000000..ddc7faa
--- /dev/null
+++ b/SOURCES/Handle-gss_import_cred-failure-when-importing-gssx-c.patch
@@ -0,0 +1,31 @@
+From 0379411547792a58b3d36c9928354072b5f6cabf Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Mon, 15 Apr 2019 19:56:50 -0400
+Subject: [PATCH] Handle gss_import_cred() failure when importing gssx creds
+
+Otherwise, we might attempt to set options on a non-existent handle,
+leading to a segfault.
+
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+Reviewed-by: Simo Sorce <simo@redhat.com>
+Merges: #244
+(cherry picked from commit 84cf88f6c6cfeb8e3fd2c26ed0fe9fe5bf3810d2)
+---
+ src/gp_export.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/gp_export.c b/src/gp_export.c
+index 403e339..7ad8037 100644
+--- a/src/gp_export.c
++++ b/src/gp_export.c
+@@ -476,6 +476,10 @@ uint32_t gp_import_gssx_cred(uint32_t *min, struct gp_call_ctx *gpcall,
+ }
+
+ ret_maj = gss_import_cred(&ret_min, &token, out);
++ if (ret_maj) {
++ GPDEBUG("gss_import_cred failed when importing gssx cred\n");
++ goto done;
++ }
+
+ /* check if there is any client option we need to set on credentials */
+ gp_set_cred_options(cred, *out);
diff --git a/SOURCES/Include-length-when-using-krb5_c_decrypt.patch b/SOURCES/Include-length-when-using-krb5_c_decrypt.patch
new file mode 100644
index 0000000..dcff9c3
--- /dev/null
+++ b/SOURCES/Include-length-when-using-krb5_c_decrypt.patch
@@ -0,0 +1,98 @@
+From 5dec1aeb0a6080ea661061b52248e60afc969426 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Tue, 16 Apr 2019 16:08:32 -0400
+Subject: [PATCH] Include length when using krb5_c_decrypt()
+
+For some enctypes, krb5_c_decrypt() will add padding bytes which are
+included in the returned length. However, functions which use the
+objects we're storing aren't always prepared for that: in particular,
+gss_import_cred() will declare a token invalid if there's trailing
+garbage.
+
+Work around this by including 4 bytes of length on encrypted objects.
+
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+Reviewed-by: Simo Sorce <simo@redhat.com>
+Merges: #244
+(cherry picked from commit 87957caf541114f6f15a495dd7d30556dc5801d9)
+---
+ src/gp_export.c | 35 +++++++++++++++++++++++++++++++----
+ 1 file changed, 31 insertions(+), 4 deletions(-)
+
+diff --git a/src/gp_export.c b/src/gp_export.c
+index 7ad8037..aa0a8ec 100644
+--- a/src/gp_export.c
++++ b/src/gp_export.c
+@@ -193,6 +193,9 @@ done:
+ return ret_maj;
+ }
+
++/* We need to include a length in our payloads because krb5_c_decrypt() will
++ * pad the contents for some enctypes, and gss_import_cred() doesn't like
++ * having extra bytes on tokens. */
+ static int gp_encrypt_buffer(krb5_context context, krb5_keyblock *key,
+ size_t len, void *buf, octet_string *out)
+ {
+@@ -200,9 +203,27 @@ static int gp_encrypt_buffer(krb5_context context, krb5_keyblock *key,
+ krb5_data data_in;
+ krb5_enc_data enc_handle;
+ size_t cipherlen;
++ char *packed = NULL;
++ uint32_t netlen;
+
+- data_in.length = len;
+- data_in.data = buf;
++ if (len > (uint32_t)(-1)) {
++ /* Needs to fit in 4 bytes of payload, so... */
++ ret = ENOMEM;
++ goto done;
++ }
++
++ packed = malloc(len);
++ if (!packed) {
++ ret = errno;
++ goto done;
++ }
++
++ netlen = htonl(len);
++ memcpy(packed, (uint8_t *)&netlen, 4);
++ memcpy(packed + 4, buf, len);
++
++ data_in.length = len + 4;
++ data_in.data = packed;
+
+ memset(&enc_handle, '\0', sizeof(krb5_enc_data));
+
+@@ -240,16 +261,19 @@ static int gp_encrypt_buffer(krb5_context context, krb5_keyblock *key,
+ }
+
+ done:
++ free(packed);
+ free(enc_handle.ciphertext.data);
+ return ret;
+ }
+
++/* See comment above on gp_encrypt_buffer(). */
+ static int gp_decrypt_buffer(krb5_context context, krb5_keyblock *key,
+- octet_string *in, size_t *len, void *buf)
++ octet_string *in, size_t *len, char *buf)
+ {
+ int ret;
+ krb5_data data_out;
+ krb5_enc_data enc_handle;
++ uint32_t netlen;
+
+ memset(&enc_handle, '\0', sizeof(krb5_enc_data));
+
+@@ -270,7 +294,10 @@ static int gp_decrypt_buffer(krb5_context context, krb5_keyblock *key,
+ return ret;
+ }
+
+- *len = data_out.length;
++ /* And handle the padding. */
++ memcpy(&netlen, buf, 4);
++ *len = ntohl(netlen);
++ memmove(buf, buf + 4, *len);
+
+ return 0;
+ }
diff --git a/SOURCES/Update-NFS-service-name-in-systemd-unit.patch b/SOURCES/Update-NFS-service-name-in-systemd-unit.patch
new file mode 100644
index 0000000..6ee71e5
--- /dev/null
+++ b/SOURCES/Update-NFS-service-name-in-systemd-unit.patch
@@ -0,0 +1,27 @@
+From 9860e73b5da0f0448594ecc700ccc7ba08177718 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Wed, 24 Apr 2019 12:07:47 -0400
+Subject: [PATCH] Update NFS service name in systemd unit
+
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+Reviewed-by: Simo Sorce <simo@redhat.com>
+Merges: #247
+(cherry picked from commit 1a789a645175d5aea109a3c0831806b94337b20e)
+(cherry picked from commit aa4f43049d1037d1c23becd78ad2f7dd601132f4)
+---
+ systemd/gssproxy.service.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/systemd/gssproxy.service.in b/systemd/gssproxy.service.in
+index f50f526..ac37df6 100644
+--- a/systemd/gssproxy.service.in
++++ b/systemd/gssproxy.service.in
+@@ -2,7 +2,7 @@
+ Description=GSSAPI Proxy Daemon
+ # GSSPROXY will not be started until syslog is
+ After=syslog.target
+-Before=nfs-secure.service nfs-secure-server.service
++Before=rpc-gssd.service
+
+ [Service]
+ Environment=KRB5RCACHEDIR=/var/lib/gssproxy/rcache
diff --git a/SOURCES/Use-pthread-keys-for-thread-local-storage.patch b/SOURCES/Use-pthread-keys-for-thread-local-storage.patch
new file mode 100644
index 0000000..e49ad31
--- /dev/null
+++ b/SOURCES/Use-pthread-keys-for-thread-local-storage.patch
@@ -0,0 +1,150 @@
+From e0b142320342ef16260b6072f1c83d6fcf4142e6 Mon Sep 17 00:00:00 2001
+From: Simo Sorce <simo@redhat.com>
+Date: Thu, 20 Sep 2018 17:37:53 -0400
+Subject: [PATCH] Use pthread keys for thread local storage
+
+This interface is slower but also more portable, and more importantly
+it provides a way to specify destructor that is called when a thread
+is canceled so we stop leaking memory.
+
+Signed-off-by: Simo Sorce <simo@redhat.com>
+Reviewed-by: Robbie Harwood <rharwood@redhat.com>
+Merges: #233
+(cherry picked from commit 0faccc1441bc7a6b3e8bd806f22c8a961e5f586e)
+(cherry picked from commit 89dc0ee157caa4617d32fd72287849296d7fe26d)
+---
+ src/client/gpm_common.c | 2 ++
+ src/client/gpm_display_status.c | 57 ++++++++++++++++++++++-----------
+ src/client/gssapi_gpm.h | 1 +
+ 3 files changed, 42 insertions(+), 18 deletions(-)
+
+diff --git a/src/client/gpm_common.c b/src/client/gpm_common.c
+index dd29519..c254280 100644
+--- a/src/client/gpm_common.c
++++ b/src/client/gpm_common.c
+@@ -55,6 +55,8 @@ static void gpm_init_once(void)
+ gpm_global_ctx.next_xid = rand_r(&seedp);
+
+ pthread_mutexattr_destroy(&attr);
++
++ gpm_display_status_init_once();
+ }
+
+ static int get_pipe_name(char *name)
+diff --git a/src/client/gpm_display_status.c b/src/client/gpm_display_status.c
+index bbb546f..e3aa4ea 100644
+--- a/src/client/gpm_display_status.c
++++ b/src/client/gpm_display_status.c
+@@ -1,27 +1,47 @@
+ /* Copyright (C) 2011 the GSS-PROXY contributors, see COPYING for license */
+
+ #include "gssapi_gpm.h"
++#include <pthread.h>
+
+-__thread gssx_status *tls_last_status = NULL;
++static pthread_key_t gpm_last_status;
+
+-/* Thread local storage for return status.
+- * FIXME: it's not the most portable construct, so may need fixing in future */
++static void gpm_destroy_last_status(void *arg)
++{
++ gssx_status *status = (gssx_status *)arg;
++ xdr_free((xdrproc_t)xdr_gssx_status, (char *)status);
++ free(status);
++}
++
++void gpm_display_status_init_once(void)
++{
++ (void)pthread_key_create(&gpm_last_status, gpm_destroy_last_status);
++}
++
++/* Portable thread local storage for return status. */
+ void gpm_save_status(gssx_status *status)
+ {
++ gssx_status *last_status;
+ int ret;
+
+- if (tls_last_status) {
+- xdr_free((xdrproc_t)xdr_gssx_status, (char *)tls_last_status);
+- free(tls_last_status);
++ last_status = (gssx_status *)pthread_getspecific(gpm_last_status);
++ if (last_status != NULL) {
++ /* store NULL first so we do not risk a double free if we are
++ * racing on a pthread_cancel */
++ pthread_setspecific(gpm_last_status, NULL);
++ gpm_destroy_last_status(last_status);
+ }
+
+- ret = gp_copy_gssx_status_alloc(status, &tls_last_status);
+- if (ret) {
+- /* make sure tls_last_status is zeored on error */
+- tls_last_status = NULL;
++ ret = gp_copy_gssx_status_alloc(status, &last_status);
++ if (ret == 0) {
++ pthread_setspecific(gpm_last_status, last_status);
+ }
+ }
+
++gssx_status *gpm_get_saved_status(void)
++{
++ return (gssx_status *)pthread_getspecific(gpm_last_status);
++}
++
+ /* This funciton is used to record internal mech errors that are
+ * generated by the proxy client code */
+ void gpm_save_internal_status(uint32_t err, char *err_str)
+@@ -47,15 +67,16 @@ OM_uint32 gpm_display_status(OM_uint32 *minor_status,
+ OM_uint32 *message_context,
+ gss_buffer_t status_string)
+ {
++ gssx_status *last_status = gpm_get_saved_status();
+ utf8string tmp;
+ int ret;
+
+ switch(status_type) {
+ case GSS_C_GSS_CODE:
+- if (tls_last_status &&
+- tls_last_status->major_status == status_value &&
+- tls_last_status->major_status_string.utf8string_len) {
+- ret = gp_copy_utf8string(&tls_last_status->major_status_string,
++ if (last_status &&
++ last_status->major_status == status_value &&
++ last_status->major_status_string.utf8string_len) {
++ ret = gp_copy_utf8string(&last_status->major_status_string,
+ &tmp);
+ if (ret) {
+ *minor_status = ret;
+@@ -70,9 +91,9 @@ OM_uint32 gpm_display_status(OM_uint32 *minor_status,
+ return GSS_S_UNAVAILABLE;
+ }
+ case GSS_C_MECH_CODE:
+- if (tls_last_status &&
+- tls_last_status->minor_status == status_value &&
+- tls_last_status->minor_status_string.utf8string_len) {
++ if (last_status &&
++ last_status->minor_status == status_value &&
++ last_status->minor_status_string.utf8string_len) {
+
+ if (*message_context) {
+ /* we do not support multiple messages for now */
+@@ -80,7 +101,7 @@ OM_uint32 gpm_display_status(OM_uint32 *minor_status,
+ return GSS_S_FAILURE;
+ }
+
+- ret = gp_copy_utf8string(&tls_last_status->minor_status_string,
++ ret = gp_copy_utf8string(&last_status->minor_status_string,
+ &tmp);
+ if (ret) {
+ *minor_status = ret;
+diff --git a/src/client/gssapi_gpm.h b/src/client/gssapi_gpm.h
+index 22beecf..61124e0 100644
+--- a/src/client/gssapi_gpm.h
++++ b/src/client/gssapi_gpm.h
+@@ -23,6 +23,7 @@ OM_uint32 gpm_release_name(OM_uint32 *minor_status,
+ OM_uint32 gpm_release_buffer(OM_uint32 *minor_status,
+ gss_buffer_t buffer);
+
++void gpm_display_status_init_once(void);
+ void gpm_save_status(gssx_status *status);
+ void gpm_save_internal_status(uint32_t err, char *err_str);
+
diff --git a/SPECS/gssproxy.spec b/SPECS/gssproxy.spec
new file mode 100644
index 0000000..0ad789f
--- /dev/null
+++ b/SPECS/gssproxy.spec
@@ -0,0 +1,457 @@
+Name: gssproxy
+
+Version: 0.8.0
+Release: 14%{?dist}
+Summary: GSSAPI Proxy
+
+Group: System Environment/Libraries
+License: MIT
+URL: https://pagure.io/gssproxy
+Source0: https://releases.pagure.org/%{name}/%{name}-%{version}.tar.gz
+
+%global servicename gssproxy
+%global pubconfpath %{_sysconfdir}/gssproxy
+%global gpstatedir %{_localstatedir}/lib/gssproxy
+
+### Patches ###
+Patch0: Always-use-the-encype-we-selected.patch
+Patch1: Clarify-debug-and-debug_level-in-man-pages.patch
+Patch2: Always-choose-highest-requested-debug-level.patch
+Patch3: Use-pthread-keys-for-thread-local-storage.patch
+Patch4: Close-epoll-fd-within-the-lock.patch
+Patch5: Add-a-safety-timeout-to-epoll.patch
+Patch7: Update-NFS-service-name-in-systemd-unit.patch
+Patch8: Always-initialize-out-cred-in-gp_import_gssx_cred.patch
+Patch9: Handle-gss_import_cred-failure-when-importing-gssx-c.patch
+Patch10: Include-length-when-using-krb5_c_decrypt.patch
+Patch11: Change-the-way-we-handle-encrypted-buffers.patch
+Patch12: Avoid-uninitialized-free-when-allocating-buffers.patch
+
+### Dependencies ###
+Requires: krb5-libs >= 1.12.0
+Requires: keyutils-libs
+Requires: libverto-module-base
+Requires: libini_config >= 1.2.0
+Requires(post): systemd-units
+Requires(preun): systemd-units
+Requires(postun): systemd-units
+
+# We use a Conflicts: here so as not to interfere with users who make
+# their own policy. The version is the last time someone has filed a
+# bug about gssproxy being broken with selinux.
+Conflicts: selinux-policy < 3.13.1-283.5
+
+### Build Dependencies ###
+BuildRequires: autoconf
+BuildRequires: automake
+BuildRequires: docbook-style-xsl
+BuildRequires: doxygen
+BuildRequires: findutils
+BuildRequires: gettext-devel
+BuildRequires: keyutils-libs-devel
+BuildRequires: krb5-devel >= 1.12.0
+BuildRequires: libini_config-devel >= 1.2.0
+BuildRequires: libselinux-devel
+BuildRequires: libtool
+BuildRequires: libverto-devel
+BuildRequires: libxml2
+BuildRequires: libxslt
+BuildRequires: m4
+BuildRequires: pkgconfig
+BuildRequires: popt-devel
+BuildRequires: systemd-units
+
+BuildRequires: git
+
+%description
+A proxy for GSSAPI credential handling
+
+%prep
+%autosetup -S git
+
+%build
+autoreconf -f -i
+%configure \
+ --with-pubconf-path=%{pubconfpath} \
+ --with-initscript=systemd \
+ --disable-static \
+ --disable-rpath \
+ --with-gpp-default-behavior=REMOTE_FIRST
+
+make %{?_smp_mflags} all
+make test_proxymech
+
+%install
+rm -rf %{buildroot}
+make install DESTDIR=%{buildroot}
+rm -f %{buildroot}%{_libdir}/gssproxy/proxymech.la
+install -d -m755 %{buildroot}%{_sysconfdir}/gssproxy
+install -m644 examples/gssproxy.conf %{buildroot}%{_sysconfdir}/gssproxy/gssproxy.conf
+install -m644 examples/99-nfs-client.conf %{buildroot}%{_sysconfdir}/gssproxy/99-nfs-client.conf
+mkdir -p %{buildroot}%{_sysconfdir}/gss/mech.d
+install -m644 examples/mech %{buildroot}%{_sysconfdir}/gss/mech.d/gssproxy.conf
+mkdir -p %{buildroot}%{gpstatedir}/rcache
+
+
+%files
+%license COPYING
+%{_unitdir}/gssproxy.service
+%{_sbindir}/gssproxy
+%attr(755,root,root) %dir %{pubconfpath}
+%attr(755,root,root) %dir %{gpstatedir}
+%attr(700,root,root) %dir %{gpstatedir}/clients
+%attr(700,root,root) %dir %{gpstatedir}/rcache
+%attr(0600,root,root) %config(noreplace) /%{_sysconfdir}/gssproxy/gssproxy.conf
+%attr(0600,root,root) %config(noreplace) /%{_sysconfdir}/gssproxy/99-nfs-client.conf
+%attr(0644,root,root) %config(noreplace) /%{_sysconfdir}/gss/mech.d/gssproxy.conf
+%dir %{_libdir}/gssproxy
+%{_libdir}/gssproxy/proxymech.so
+%{_mandir}/man5/gssproxy.conf.5*
+%{_mandir}/man8/gssproxy.8*
+%{_mandir}/man8/gssproxy-mech.8*
+
+%post
+%systemd_post gssproxy.service
+
+%preun
+%systemd_preun gssproxy.service
+
+%postun
+%systemd_postun_with_restart gssproxy.service
+
+%changelog
+* Mon May 13 2019 Robbie Harwood <rharwood@redhat.com> - 0.8.0-14
+- Fix explicit NULL deref around encrypted token processing
+- Resolves: #1700539
+
+* Fri May 03 2019 Robbie Harwood <rharwood@redhat.com> - 0.8.0-13
+- Update NFS service name in systemd unit
+- Resolves: #1701820
+
+* Wed May 01 2019 Robbie Harwood <rharwood@redhat.com> - 0.8.0-12
+- Avoid uninitialized free when allocating buffers
+- Resolves: #1682281
+
+* Fri Mar 22 2019 Robbie Harwood <rharwood@redhat.com> - 0.8.0-11
+- Fix race condition around epoll and socket release
+- Resolves: #1690082
+
+* Fri Mar 22 2019 Robbie Harwood <rharwood@redhat.com> - 0.8.0-10
+- Add a safety timeout to epoll
+- Resolves: #1690082
+
+* Wed Mar 20 2019 Robbie Harwood <rharwood@redhat.com> - 0.8.0-9
+- Bump to re-run gating
+- Resolves: #1682281
+
+* Tue Mar 19 2019 Robbie Harwood <rharwood@redhat.com> - 0.8.0-8
+- Bump to re-run gating
+- Resolves: #1682281
+
+* Mon Mar 18 2019 Robbie Harwood <rharwood@redhat.com> - 0.8.0-7
+- Use pthread keys for thread local storage
+- Resolves: #1631564
+
+* Wed Mar 13 2019 Robbie Harwood <rharwood@redhat.com> - 0.8.0-6
+- Add gating tests
+- Resolves: #1682281
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.0-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Thu Apr 12 2018 Robbie Harwood <rharwood@redhat.com> - 0.8.0-4
+- Drop patch level by one (woo!)
+
+* Thu Apr 12 2018 Robbie Harwood <rharwood@redhat.com> - 0.8.0-3
+- Always choose highest requested debug level
+- Update man pages about debugging
+
+* Tue Feb 27 2018 Robbie Harwood <rharwood@redhat.com> - 0.8.0-2
+- Always use the encype we selected
+
+* Fri Feb 09 2018 Robbie Harwood <rharwood@redhat.com> - 0.8.0-1
+- Release version 0.8.0
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.0-30
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Wed Dec 13 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-29
+- Conditionally reload kernel interface on SIGHUP
+
+* Tue Dec 12 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-28
+- Fixup previous
+
+* Tue Dec 12 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-27
+- More code hygeine fixes from upstream
+- Reorder patches to match el7
+
+* Tue Dec 05 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-26
+- Properly initialize ccaches before storing into them
+
+* Fri Dec 01 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-25
+- Properly locate credentials in collection caches in mechglue
+
+* Tue Oct 31 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-24
+- Only empty FILE ccaches when storing remote creds
+
+* Mon Oct 30 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-23
+- Fix error message handling in gp_config_from_dir()
+
+* Fri Oct 27 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-22
+- Fix concurrency issue in server socket handling
+
+* Mon Oct 02 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-21
+- Off-by-one error fix in selinux-policy version
+
+* Mon Oct 02 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-20
+- Change selinux-policy versioning to Conflicts
+
+* Fri Sep 29 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-19
+- Add explicit selinux-policy dependency after some fixes
+
+* Fri Sep 29 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-18
+- Fix silent death if config file has duplicate sections
+
+* Thu Sep 21 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-17
+- Handle outdated encrypted ccaches
+
+* Fri Sep 15 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-16
+- Backport updates to epoll logic
+
+* Tue Sep 12 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-15
+- Backport two security fixes
+
+* Tue Aug 22 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-14
+- Non-blocking IO + Extended request debug logging
+
+* Sun Aug 20 2017 Ville Skyttä <ville.skytta@iki.fi> - 0.7.0-13
+- Own the %%{_libdir}/gssproxy dir
+- Mark COPYING as %%license
+
+* Mon Jul 31 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-12
+- Add client ID to debug messages
+- Move packaging to autosetup
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.0-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Mon Jun 19 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-10
+ - Fix potential explicit NULL deref of program name
+
+* Thu May 25 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-9
+- Make proc failure loud but nonfatal
+
+* Wed May 24 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-8
+- Remove (buggy?) logic around NFS snippet.
+
+* Wed May 17 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-7
+- Remove NFS server stanza if nfs-utils not present
+- Also update gcc7 patch to match upstream
+
+* Tue May 16 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-6
+- Fix segfault when no configuration files are found
+- Various build fixes for gcc7
+
+* Mon May 01 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-5
+- Update systemd unit file (nfs removal, reload capability)
+
+* Mon Apr 03 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-4
+- Backport fix for double unlock
+
+* Tue Mar 28 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-3
+- Drop NFS server snippet (removes dependency on nfs kernel component)
+
+* Tue Mar 14 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-2
+- Fix credential renewal and impersonator checking for m_a_g
+
+* Tue Mar 07 2017 Robbie Harwood <rharwood@redhat.com> - 0.7.0-1
+- New upstream release - 0.7.0
+
+* Mon Mar 06 2017 Robbie Harwood <rharwood@redhat.com> - 0.6.2-4
+- Actually apply the patches I just added
+- Also include a Coverity fix.
+
+* Tue Feb 28 2017 Robbie Harwood <rharwood@redhat.com> - 0.6.2-2
+- Include other non-null fix and various things from master
+
+* Thu Feb 23 2017 Robbie Harwood <rharwood@redhat.com> - 0.6.2-1
+- Fix incorrect use of non-null string in xdr
+- Also move version number to better reflect what is inside
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Mon Jan 23 2017 Robbie Harwood <rharwood@redhat.com> - 0.6.1-2
+- Fix allocation issue of cred store
+- Resolves: #1415400
+
+* Fri Jan 20 2017 Robbie Harwood <rharwood@redhat.com> - 0.6.1-1
+- New upstream release v0.6.1
+- Resolves: #1415090
+
+* Wed Jan 18 2017 Robbie Harwood <rharwood@redhat.com> - 0.6.0-1
+- New upstream release v0.6.0
+
+* Tue Sep 27 2016 Robbie Harwood <rharwood@redhat.com> - 0.5.1-3
+- Adjust libverto dependency to not use a specific backend
+- Resolves: #1379812
+
+* Tue Jun 14 2016 Robbie Harwood <rharwood@redhat.com> - 0.5.1-2
+- Own /var/lib/gssproxy/rcache
+
+* Mon Jun 13 2016 Robbie Harwood <rharwood@redhat.com> - 0.5.1-1
+- Update to upstream release v0.5.1
+- Resolves: #1345871
+
+* Tue Jun 07 2016 Robbie Harwood <rharwood@redhat.com> - 0.5.0-5
+- Acquire new socket for fork/permission drops on clients
+
+* Mon May 09 2016 Robbie Harwood <rharwood@redhat.com> - 0.5.0-4
+- Do not package mod_auth_gssapi conf file
+ - This ensures gssproxy works even when the apache user does not exist
+
+* Thu May 05 2016 Robbie Harwood <rharwood@redhat.com> - 0.5.0-3
+- Ensure we actually package the config files
+
+* Thu May 05 2016 Simo Sorce <simo@redhat.com> - 0.5.0-2
+- Fix typo in requires
+
+* Wed May 04 2016 Robbie Harwood <rharwood@redhat.com> - 0.5.0-1
+- Release new upstream version
+- Bump ini_config version for `ini_config_augment()`
+
+* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.4.1-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Wed Dec 16 2015 Robbie Harwood <rharwood@redhat.com> - 0.4.1-4
+- Fix issues with 1.14
+- Fix bogus date in changelog (March 30 2015 was a Monday)
+
+* Wed Oct 21 2015 Robbie Harwood <rharwood@redhat.com> - 0.4.1-3
+- Clear message buffer to fix segfault on arm
+- resolves: #1235902
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Mon Mar 30 2015 Simo Sorce <simo@redhat.com> 0.4.1-1
+- New upstream release
+- Fix issues with paths in config files
+
+* Tue Mar 24 2015 Simo Sorce <simo@redhat.com> 0.4.0-2
+- Workaround rawhide bug (bz1204646) with krb5-config by switching to
+ pkg-config (patch from upstream)
+
+* Tue Mar 24 2015 Simo Sorce <simo@redhat.com> 0.4.0-1
+- New upstream realease
+ Added optional support for running GSS-Proxy as an unprivileged user
+ Uses new /etc/gss/mech.d configuration directory for gss mechanisms
+ Kernel related fixes
+ General bug fixing, many minor errors or incorrect behaviours have been corrected
+- drop all patches, they are all included upstream
+
+* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.1-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Thu May 29 2014 Simo Sorce <simo@redhat.com> 0.3.1-2
+- Rebuild as new ding-libs brings in soname bump
+
+* Thu Mar 13 2014 Guenther Deschner <gdeschner@redhat.com> 0.3.1-1
+- Fix flags handling in gss_init_sec_context()
+- resolves: https://fedorahosted.org/gss-proxy/ticket/112
+- Fix nfsd startup
+- resolves: https://fedorahosted.org/gss-proxy/ticket/114
+- Fix potential mutex deadlock
+- resolves: https://fedorahosted.org/gss-proxy/ticket/120
+- Fix segfault in gssi_inquire_context
+- resolves: https://fedorahosted.org/gss-proxy/ticket/117
+- resolves: #1061133
+
+* Tue Nov 26 2013 Guenther Deschner <gdeschner@redhat.com> 0.3.1-0
+- New upstream release 0.3.1:
+ * Fix use of gssproxy for client initiation
+ * Add new enforcing and filtering options for context initialization
+ * Fix potential thread safety issues
+- resolves: https://fedorahosted.org/gss-proxy/ticket/110
+- resolves: https://fedorahosted.org/gss-proxy/ticket/111
+
+* Tue Nov 19 2013 Guenther Deschner <gdeschner@redhat.com> 0.3.0-3
+- Fix flags handling in gss_init_sec_context()
+- resolves: https://fedorahosted.org/gss-proxy/ticket/106
+- Fix OID handling in gss_inquire_cred_by_mech()
+- resolves: https://fedorahosted.org/gss-proxy/ticket/107
+- Fix continuation processing for not yet fully established contexts.
+- resolves: https://fedorahosted.org/gss-proxy/ticket/108
+- Add flags filtering and flags enforcing.
+- resolves: https://fedorahosted.org/gss-proxy/ticket/109
+
+* Wed Oct 23 2013 Guenther Deschner <gdeschner@redhat.com> 0.3.0-0
+- New upstream release 0.3.0:
+ * Add support for impersonation (depends on s4u2self/s4u2proxy on the KDC)
+ * Add support for new rpc.gssd mode of operation that forks and changes uid
+ * Add 2 new options allow_any_uid and cred_usage
+
+* Fri Oct 18 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.3-8
+- Fix default proxymech documentation and fix LOCAL_FIRST implementation
+- resolves: https://fedorahosted.org/gss-proxy/ticket/105
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.2.3-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Wed Jul 24 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.3-6
+- Add better default gssproxy.conf file for nfs client and server usage
+
+* Thu Jun 06 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.3-5
+- New upstream release
+
+* Fri May 31 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.2-5
+- Require libverto-tevent to make sure libverto initialization succeeds
+
+* Wed May 29 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.2-4
+- Modify systemd unit files for nfs-secure services
+
+* Wed May 22 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.2-3
+- Fix cred_store handling w/o client keytab
+
+* Thu May 16 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.2-2
+- New upstream release
+
+* Tue May 07 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.1-2
+- New upstream release
+
+* Wed Apr 24 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.0-1
+- New upstream release
+
+* Mon Apr 01 2013 Simo Sorce <simo@redhat.com> - 0.1.0-0
+- New upstream release
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.0.3-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Tue Nov 06 2012 Guenther Deschner <gdeschner@redhat.com> 0.0.3-7
+- Update to 0.0.3
+
+* Wed Aug 22 2012 Guenther Deschner <gdeschner@redhat.com> 0.0.2-6
+- Use new systemd-rpm macros
+- resolves: #850139
+
+* Wed Jul 18 2012 Guenther Deschner <gdeschner@redhat.com> 0.0.2-5
+- More spec file fixes
+
+* Mon Jul 16 2012 Guenther Deschner <gdeschner@redhat.com> 0.0.2-4
+- Fix systemd service file
+
+* Fri Jul 13 2012 Guenther Deschner <gdeschner@redhat.com> 0.0.2-3
+- Fix various packaging issues
+
+* Mon Jul 02 2012 Guenther Deschner <gdeschner@redhat.com> 0.0.1-2
+- Add systemd packaging
+
+* Wed Mar 28 2012 Guenther Deschner <gdeschner@redhat.com> 0.0.1-1
+- Various fixes
+
+* Mon Dec 12 2011 Simo Sorce <simo@redhat.com> - 0.0.2-0
+- Automated build of the gssproxy daemon