diff --git a/.gitignore b/.gitignore index cb34615..390a133 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/mod_auth_gssapi-1.3.1.tar.gz +SOURCES/mod_auth_gssapi-1.4.0.tar.gz diff --git a/.mod_auth_gssapi.metadata b/.mod_auth_gssapi.metadata index f4fc254..583904e 100644 --- a/.mod_auth_gssapi.metadata +++ b/.mod_auth_gssapi.metadata @@ -1 +1 @@ -ea991f44b0638a5327576c1d3ca5108d95b5646b SOURCES/mod_auth_gssapi-1.3.1.tar.gz +27aabcadf9ee1ae9a28b6b36104239f04588ebe4 SOURCES/mod_auth_gssapi-1.4.0.tar.gz diff --git a/SOURCES/0001-Implement-unique-ccache-names.patch b/SOURCES/0001-Implement-unique-ccache-names.patch deleted file mode 100644 index 1408cc9..0000000 --- a/SOURCES/0001-Implement-unique-ccache-names.patch +++ /dev/null @@ -1,369 +0,0 @@ -From 4b2643196c683b5ff300de2a1d41dd3cc900d4d1 Mon Sep 17 00:00:00 2001 -From: Robbie Harwood -Date: Sun, 8 May 2016 02:31:00 -0400 -Subject: [PATCH 1/2] Implement unique ccache names - -Unique ccache names may be requested using the GssapiDelegCcacheUnique -configuration option. This option is off by default. If both unique -ccache names and session use are enabled, then a mechanism for removing -old ccaches must be supplied. - -Signed-off-by: Robbie Harwood -Also-authored-by: Petr Vobornik -Reviewed-by: Simo Sorce ---- - README | 13 +++++++ - src/asn1c/GSSSessionData.c | 17 +++++++--- - src/asn1c/GSSSessionData.h | 2 +- - src/asn1c/Uint32.c | 1 - - src/asn1c/Uint32.h | 1 - - src/asn1c/session.asn1 | 3 +- - src/mod_auth_gssapi.c | 84 ++++++++++++++++++++++++++++++---------------- - src/mod_auth_gssapi.h | 4 +++ - src/sessions.c | 8 +++++ - 9 files changed, 96 insertions(+), 37 deletions(-) - -diff --git a/README b/README -index 9d25fb3fd774888c19a38100b256243c172e6f36..285a48f68379e2cb305af85737eefd85fbbaf025 100644 ---- a/README -+++ b/README -@@ -171,6 +171,19 @@ A user foo@EXAMPLE.COM delegating its credentials would cause the server to - create a ccache file named /var/run/httpd/clientcaches/foo@EXAMPLE.COM - - -+### GssapiDelegCcacheUnique -+ -+Enables using unique ccache names for delegation. ccache files will be placed -+in GssapiDelegCcacheDir and named using the principal and a six-digit unique -+suffix. -+ -+**Note:** Consuming application must delete the ccache otherwise it will -+litter the filesystem if sessions are used. An example sweeper can be found -+in the contrib directory. -+ -+#### Example -+ GssapiDelegCcacheUnique On -+ - ### GssapiUseS4U2Proxy - - Enables the use of the s4u2Proxy Kerberos extension also known as -diff --git a/src/asn1c/GSSSessionData.c b/src/asn1c/GSSSessionData.c -index 12a98e3f215c095131fe8a53453991f4134334f8..f0dcc2e721ac56b9c7741cc0e58de3e973be81c5 100644 ---- a/src/asn1c/GSSSessionData.c -+++ b/src/asn1c/GSSSessionData.c -@@ -2,7 +2,6 @@ - * Generated by asn1c-0.9.27 (http://lionet.info/asn1c) - * From ASN.1 module "GssapiSessionModule" - * found in "session.asn1" -- * `asn1c -fskeletons-copy` - */ - - #include "GSSSessionData.h" -@@ -62,6 +61,15 @@ static asn_TYPE_member_t asn_MBR_GSSSessionData_1[] = { - 0, - "basichash" - }, -+ { ATF_NOFLAGS, 0, offsetof(struct GSSSessionData, ccname), -+ (ASN_TAG_CLASS_CONTEXT | (6 << 2)), -+ +1, /* EXPLICIT tag at current level */ -+ &asn_DEF_OCTET_STRING, -+ 0, /* Defer constraints checking to the member type */ -+ 0, /* PER is not compiled, use -gen-PER */ -+ 0, -+ "ccname" -+ }, - }; - static ber_tlv_tag_t asn_DEF_GSSSessionData_tags_1[] = { - (ASN_TAG_CLASS_UNIVERSAL | (16 << 2)) -@@ -72,13 +80,14 @@ static asn_TYPE_tag2member_t asn_MAP_GSSSessionData_tag2el_1[] = { - { (ASN_TAG_CLASS_CONTEXT | (2 << 2)), 2, 0, 0 }, /* expiration */ - { (ASN_TAG_CLASS_CONTEXT | (3 << 2)), 3, 0, 0 }, /* username */ - { (ASN_TAG_CLASS_CONTEXT | (4 << 2)), 4, 0, 0 }, /* gssname */ -- { (ASN_TAG_CLASS_CONTEXT | (5 << 2)), 5, 0, 0 } /* basichash */ -+ { (ASN_TAG_CLASS_CONTEXT | (5 << 2)), 5, 0, 0 }, /* basichash */ -+ { (ASN_TAG_CLASS_CONTEXT | (6 << 2)), 6, 0, 0 } /* ccname */ - }; - static asn_SEQUENCE_specifics_t asn_SPC_GSSSessionData_specs_1 = { - sizeof(struct GSSSessionData), - offsetof(struct GSSSessionData, _asn_ctx), - asn_MAP_GSSSessionData_tag2el_1, -- 6, /* Count of tags in the map */ -+ 7, /* Count of tags in the map */ - 0, 0, 0, /* Optional elements (not needed) */ - -1, /* Start extensions */ - -1 /* Stop extensions */ -@@ -103,7 +112,7 @@ asn_TYPE_descriptor_t asn_DEF_GSSSessionData = { - /sizeof(asn_DEF_GSSSessionData_tags_1[0]), /* 1 */ - 0, /* No PER visible constraints */ - asn_MBR_GSSSessionData_1, -- 6, /* Elements count */ -+ 7, /* Elements count */ - &asn_SPC_GSSSessionData_specs_1 /* Additional specs */ - }; - -diff --git a/src/asn1c/GSSSessionData.h b/src/asn1c/GSSSessionData.h -index 53556d886347107d66bd640fea1241452e37b07a..4ae224f1bfacb47ec5567fda7ff38210cbc1abbb 100644 ---- a/src/asn1c/GSSSessionData.h -+++ b/src/asn1c/GSSSessionData.h -@@ -2,7 +2,6 @@ - * Generated by asn1c-0.9.27 (http://lionet.info/asn1c) - * From ASN.1 module "GssapiSessionModule" - * found in "session.asn1" -- * `asn1c -fskeletons-copy` - */ - - #ifndef _GSSSessionData_H_ -@@ -29,6 +28,7 @@ typedef struct GSSSessionData { - OCTET_STRING_t username; - OCTET_STRING_t gssname; - OCTET_STRING_t basichash; -+ OCTET_STRING_t ccname; - - /* Context for parsing across buffer boundaries */ - asn_struct_ctx_t _asn_ctx; -diff --git a/src/asn1c/Uint32.c b/src/asn1c/Uint32.c -index 794f98b54838466234fdca75def963e814c31ffd..f5d125aec0dfffa6f87a69569550bfa1739bd9b1 100644 ---- a/src/asn1c/Uint32.c -+++ b/src/asn1c/Uint32.c -@@ -2,7 +2,6 @@ - * Generated by asn1c-0.9.27 (http://lionet.info/asn1c) - * From ASN.1 module "GssapiSessionModule" - * found in "session.asn1" -- * `asn1c -fskeletons-copy` - */ - - #include "Uint32.h" -diff --git a/src/asn1c/Uint32.h b/src/asn1c/Uint32.h -index a0ed87608505e5ddc7b1ae86b70710ee39788753..436e26ea73af1a194bc81387d6edcbf8be898c68 100644 ---- a/src/asn1c/Uint32.h -+++ b/src/asn1c/Uint32.h -@@ -2,7 +2,6 @@ - * Generated by asn1c-0.9.27 (http://lionet.info/asn1c) - * From ASN.1 module "GssapiSessionModule" - * found in "session.asn1" -- * `asn1c -fskeletons-copy` - */ - - #ifndef _Uint32_H_ -diff --git a/src/mod_auth_gssapi.c b/src/mod_auth_gssapi.c -index a480997bfccb57641fb0d9d86cd7fdb39c392ee3..48eb76f982b1b0f053fe6d8de41dfdc5c3faf8b6 100644 ---- a/src/mod_auth_gssapi.c -+++ b/src/mod_auth_gssapi.c -@@ -225,10 +225,11 @@ static char *escape(apr_pool_t *pool, const char *name, - return escaped; - } - --static char *mag_gss_name_to_ccache_name(request_rec *req, -- char *dir, const char *gss_name) -+static char *get_ccache_name(request_rec *req, char *dir, const char *gss_name, -+ bool use_unique, struct mag_conn *mc) - { -- char *escaped; -+ char *ccname, *escaped; -+ int ccachefd; - - /* We need to escape away '/', we can't have path separators in - * a ccache file name */ -@@ -237,10 +238,24 @@ static char *mag_gss_name_to_ccache_name(request_rec *req, - /* then escape away the separator (/) if any */ - escaped = escape(req->pool, escaped, '/', "~"); - -- return apr_psprintf(req->pool, "%s/%s", dir, escaped); -+ if (use_unique == false) { -+ return apr_psprintf(req->pool, "%s/%s", dir, escaped); -+ } -+ -+ ccname = apr_psprintf(mc->pool, "%s/%s-XXXXXX", dir, escaped); -+ -+ ccachefd = mkstemp(ccname); -+ if (ccachefd == -1) { -+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, req, -+ "creating unique ccache file %s failed", ccname); -+ return NULL; -+ } -+ close(ccachefd); -+ return ccname; - } - --static void mag_set_KRB5CCANME(request_rec *req, char *ccname) -+static void mag_set_KRB5CCNAME(request_rec *req, const char *dir, -+ const char *ccname) - { - apr_status_t status; - apr_finfo_t finfo; -@@ -253,24 +268,20 @@ static void mag_set_KRB5CCANME(request_rec *req, char *ccname) - "KRB5CCNAME file (%s) lookup failed!", ccname); - } - -- value = apr_psprintf(req->pool, "FILE:%s", ccname); -+ value = apr_psprintf(req->pool, "FILE:%s/%s", dir, ccname); - apr_table_set(req->subprocess_env, "KRB5CCNAME", value); - } - --static void mag_store_deleg_creds(request_rec *req, -- char *dir, char *clientname, -- gss_cred_id_t delegated_cred, -- char **ccachefile) -+static void mag_store_deleg_creds(request_rec *req, const char *ccname, -+ gss_cred_id_t delegated_cred) - { - gss_key_value_element_desc element; - gss_key_value_set_desc store; -- char *ccname; - uint32_t maj, min; - element.key = "ccache"; - store.elements = &element; - store.count = 1; - -- ccname = mag_gss_name_to_ccache_name(req, dir, clientname); - element.value = apr_psprintf(req->pool, "FILE:%s", ccname); - - maj = gss_store_cred_into(&min, delegated_cred, GSS_C_INITIATE, -@@ -280,8 +291,6 @@ static void mag_store_deleg_creds(request_rec *req, - mag_error(req, "failed to store delegated creds", - maj, min)); - } -- -- *ccachefile = ccname; - } - #endif - -@@ -339,14 +348,8 @@ static void mag_set_req_data(request_rec *req, - req->ap_auth_type = apr_pstrdup(req->pool, - auth_types[mc->auth_type]); - req->user = apr_pstrdup(req->pool, mc->user_name); -- if (cfg->deleg_ccache_dir && mc->delegated) { -- char *ccname; -- ccname = mag_gss_name_to_ccache_name(req, -- cfg->deleg_ccache_dir, -- mc->gss_name); -- if (ccname) { -- mag_set_KRB5CCANME(req, ccname); -- } -+ if (cfg->deleg_ccache_dir && mc->delegated && mc->ccname) { -+ mag_set_KRB5CCNAME(req, cfg->deleg_ccache_dir, mc->ccname); - } - } - -@@ -943,18 +946,30 @@ complete: - - #ifdef HAVE_CRED_STORE - if (cfg->deleg_ccache_dir && delegated_cred != GSS_C_NO_CREDENTIAL) { -- char *ccachefile = NULL; -+ char *ccache_path; - -- mag_store_deleg_creds(req, cfg->deleg_ccache_dir, clientname, -- delegated_cred, &ccachefile); -+ mc->ccname = 0; -+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, req, -+ "requester: %s", mc->gss_name); - -- if (ccachefile) { -- mag_set_KRB5CCANME(req, ccachefile); -+ ccache_path = get_ccache_name(req, cfg->deleg_ccache_dir, mc->gss_name, -+ cfg->deleg_ccache_unique, mc); -+ if (ccache_path == NULL) { -+ goto done; - } - -- if (mc) { -- mc->delegated = true; -+ mag_store_deleg_creds(req, ccache_path, delegated_cred); -+ mc->delegated = true; -+ -+ if (!req_cfg->use_sessions && cfg->deleg_ccache_unique) { -+ /* queue removing ccache to avoid littering filesystem */ -+ apr_pool_cleanup_register(mc->pool, ccache_path, -+ (int (*)(void *)) unlink, -+ apr_pool_cleanup_null); - } -+ -+ /* extract filename from full path */ -+ mc->ccname = strrchr(ccache_path, '/') + 1; - } - #endif - -@@ -1084,6 +1099,15 @@ static const char *mag_use_s4u2p(cmd_parms *parms, void *mconfig, int on) - - return NULL; - } -+ -+static const char *mag_deleg_ccache_unique(cmd_parms *parms, void *mconfig, -+ int on) -+{ -+ struct mag_config *cfg = (struct mag_config *)mconfig; -+ cfg->deleg_ccache_unique = on ? true : false; -+ return NULL; -+} -+ - #endif - - static const char *mag_sess_key(cmd_parms *parms, void *mconfig, const char *w) -@@ -1338,6 +1362,8 @@ static const command_rec mag_commands[] = { - "Credential Store"), - AP_INIT_RAW_ARGS("GssapiDelegCcacheDir", mag_deleg_ccache_dir, NULL, - OR_AUTHCFG, "Directory to store delegated credentials"), -+ AP_INIT_FLAG("GssapiDelegCcacheUnique", mag_deleg_ccache_unique, NULL, -+ OR_AUTHCFG, "Use unique ccaches for delgation"), - #endif - #ifdef HAVE_GSS_ACQUIRE_CRED_WITH_PASSWORD - AP_INIT_FLAG("GssapiBasicAuth", mag_use_basic_auth, NULL, OR_AUTHCFG, -diff --git a/src/mod_auth_gssapi.h b/src/mod_auth_gssapi.h -index d73036b2473f0e8da66de699194eacc8e6f7d83a..b5032def3c1835105b4d0909ce19b5be795ae33d 100644 ---- a/src/mod_auth_gssapi.h -+++ b/src/mod_auth_gssapi.h -@@ -2,7 +2,9 @@ - - #include - #include -+#include - #include -+#include - - #define APR_WANT_STRFUNC - #include "apr_want.h" -@@ -56,6 +58,7 @@ struct mag_config { - bool use_s4u2proxy; - char *deleg_ccache_dir; - gss_key_value_set_desc *cred_store; -+ bool deleg_ccache_unique;; - #endif - struct seal_key *mag_skey; - -@@ -90,6 +93,7 @@ struct mag_conn { - int auth_type; - bool delegated; - struct databuf basic_hash; -+ const char *ccname; - }; - - #define discard_const(ptr) ((void *)((uintptr_t)(ptr))) -diff --git a/src/sessions.c b/src/sessions.c -index 70f39a291d4bcfa0117635cdd8c2fbb4ee8df305..c785d2784cd99845fff64529cf60a03892179242 100644 ---- a/src/sessions.c -+++ b/src/sessions.c -@@ -177,6 +177,12 @@ void mag_check_session(struct mag_req_cfg *cfg, struct mag_conn **conn) - memcpy(mc->basic_hash.value, - gsessdata->basichash.buf, gsessdata->basichash.size); - -+ /* ccname */ -+ mc->ccname = apr_pstrndup(mc->pool, -+ (char *)gsessdata->ccname.buf, -+ gsessdata->ccname.size); -+ if (!mc->ccname) goto done; -+ - /* OK we have a valid token */ - mc->established = true; - -@@ -222,6 +228,8 @@ void mag_attempt_session(struct mag_req_cfg *cfg, struct mag_conn *mc) - (const char *)mc->basic_hash.value, - mc->basic_hash.length) != 0) - goto done; -+ if (OCTET_STRING_fromString(&gsessdata.ccname, mc->ccname) != 0) -+ goto done; - ret = encode_GSSSessionData(req->pool, &gsessdata, - &plainbuf.value, &plainbuf.length); - if (ret == false) { --- -2.5.5 - diff --git a/SOURCES/0002-Fix-cred-cache-detection.patch b/SOURCES/0002-Fix-cred-cache-detection.patch deleted file mode 100644 index 90822b8..0000000 --- a/SOURCES/0002-Fix-cred-cache-detection.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 20ac4be6af9c3f5608063e96b5f1b4a04a9bc593 Mon Sep 17 00:00:00 2001 -From: Simo Sorce -Date: Tue, 7 Jun 2016 09:57:26 -0400 -Subject: [PATCH 2/2] Fix cred cache detection - -The stat call was not using the full path name, therefore it was always -failing. - -Signed-off-by: Simo Sorce -Reviewed-by: Jan Pazdziora -Close #91 ---- - src/mod_auth_gssapi.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/src/mod_auth_gssapi.c b/src/mod_auth_gssapi.c -index 48eb76f982b1b0f053fe6d8de41dfdc5c3faf8b6..7e2e7a83481386e8c4ee25e40913b42390b1d81a 100644 ---- a/src/mod_auth_gssapi.c -+++ b/src/mod_auth_gssapi.c -@@ -259,16 +259,19 @@ static void mag_set_KRB5CCNAME(request_rec *req, const char *dir, - { - apr_status_t status; - apr_finfo_t finfo; -+ char *path; - char *value; - -- status = apr_stat(&finfo, ccname, APR_FINFO_MIN, req->pool); -+ path = apr_psprintf(req->pool, "%s/%s", dir, ccname); -+ -+ status = apr_stat(&finfo, path, APR_FINFO_MIN, req->pool); - if (status != APR_SUCCESS && status != APR_INCOMPLETE) { - /* set the file cache anyway, but warn */ - ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, req, - "KRB5CCNAME file (%s) lookup failed!", ccname); - } - -- value = apr_psprintf(req->pool, "FILE:%s/%s", dir, ccname); -+ value = apr_psprintf(req->pool, "FILE:%s", path); - apr_table_set(req->subprocess_env, "KRB5CCNAME", value); - } - --- -2.5.5 - diff --git a/SOURCES/Fix-backport.patch b/SOURCES/Fix-backport.patch deleted file mode 100644 index 9d216ed..0000000 --- a/SOURCES/Fix-backport.patch +++ /dev/null @@ -1,85 +0,0 @@ -diff -uPr mod_auth_gssapi-1.3.1.orig/src/mod_auth_gssapi.c mod_auth_gssapi-1.3.1.new/src/mod_auth_gssapi.c ---- mod_auth_gssapi-1.3.1.orig/src/mod_auth_gssapi.c 2016-06-30 12:30:36.364868486 -0400 -+++ mod_auth_gssapi-1.3.1.new/src/mod_auth_gssapi.c 2016-06-30 13:24:26.042162365 -0400 -@@ -711,12 +711,10 @@ - uint32_t maj, min; - char *reply; - size_t replen; -- char *clientname; - gss_OID mech_type = GSS_C_NO_OID; - gss_OID_set desired_mechs = GSS_C_NO_OID_SET; - gss_buffer_desc lname = GSS_C_EMPTY_BUFFER; - struct mag_conn *mc = NULL; -- time_t expiration; - int i; - - type = ap_auth_type(req); -@@ -877,8 +875,6 @@ - mag_conn_clear(mc); - } - -- req->ap_auth_type = apr_pstrdup(req->pool, auth_types[auth_type]); -- - #ifdef HAVE_CRED_STORE - if (use_s4u2proxy(req_cfg)) { - cred_usage = GSS_C_BOTH; -@@ -941,11 +937,15 @@ - maj, min)); - goto done; - } -- clientname = apr_pstrndup(req->pool, name.value, name.length); -- apr_table_set(req->subprocess_env, "GSS_NAME", clientname); -- expiration = time(NULL) + vtime; -- apr_table_set(req->subprocess_env, "GSS_SESSION_EXPIRATION", -- apr_psprintf(req->pool, "%ld", (long)expiration)); -+ -+ if (!mc) { -+ mc = mag_new_conn_ctx(req->pool); -+ } -+ mc->gss_name = apr_pstrndup(req->pool, name.value, name.length); -+ if (vtime == GSS_C_INDEFINITE || vtime < MIN_SESS_EXP_TIME) { -+ vtime = MIN_SESS_EXP_TIME; -+ } -+ mc->expiration = time(NULL) + vtime; - - #ifdef HAVE_CRED_STORE - if (cfg->deleg_ccache_dir && delegated_cred != GSS_C_NO_CREDENTIAL) { -@@ -983,27 +983,21 @@ - mag_error(req, "gss_localname() failed", maj, min)); - goto done; - } -- req->user = apr_pstrndup(req->pool, lname.value, lname.length); -+ mc->user_name = apr_pstrndup(req->pool, lname.value, lname.length); - } else { -- req->user = clientname; -+ mc->user_name = mc->gss_name; - } - -- if (mc) { -- mc->user_name = apr_pstrdup(mc->pool, req->user); -- mc->gss_name = apr_pstrdup(mc->pool, clientname); -- mc->established = true; -- if (vtime == GSS_C_INDEFINITE || vtime < MIN_SESS_EXP_TIME) { -- vtime = MIN_SESS_EXP_TIME; -- } -- mc->expiration = expiration; -- mc->auth_type = auth_type; -- if (auth_type == AUTH_TYPE_BASIC) { -- mag_basic_cache(req_cfg, mc, ba_user, ba_pwd); -- } -- if (req_cfg->use_sessions) { -- mag_attempt_session(req_cfg, mc); -- } -+ mc->established = true; -+ mc->auth_type = auth_type; -+ if (auth_type == AUTH_TYPE_BASIC) { -+ mag_basic_cache(req_cfg, mc, ba_user, ba_pwd); - } -+ if (req_cfg->use_sessions) { -+ mag_attempt_session(req_cfg, mc); -+ } -+ -+ mag_set_req_data(req, cfg, mc); - - if (req_cfg->send_persist) - apr_table_set(req->headers_out, "Persistent-Auth", diff --git a/SPECS/mod_auth_gssapi.spec b/SPECS/mod_auth_gssapi.spec index 3a60a9e..d898168 100644 --- a/SPECS/mod_auth_gssapi.spec +++ b/SPECS/mod_auth_gssapi.spec @@ -1,6 +1,6 @@ Name: mod_auth_gssapi -Version: 1.3.1 -Release: 3%{?dist} +Version: 1.4.0 +Release: 1%{?dist} Summary: A GSSAPI Authentication module for Apache Group: System Environment/Daemons @@ -8,10 +8,6 @@ License: MIT URL: https://github.com/modauthgssapi/mod_auth_gssapi Source0: https://github.com/modauthgssapi/%{name}/releases/download/v%{version}/%name-%{version}.tar.gz -Patch0: 0001-Implement-unique-ccache-names.patch -Patch1: 0002-Fix-cred-cache-detection.patch -Patch2: Fix-backport.patch - BuildRequires: httpd-devel, krb5-devel, openssl-devel, autoconf, automake, libtool Requires: httpd-mmn = %{_httpd_mmn} Requires: krb5-libs >= 1.11.5 @@ -22,9 +18,6 @@ SPNEGO based HTTP Authentication protocol defined in RFC4559. %prep %setup -q -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 %build export APXS=%{_httpd_apxs} @@ -50,13 +43,10 @@ install -m 644 10-auth_gssapi.conf %{buildroot}%{_httpd_modconfdir} %{_httpd_moddir}/mod_auth_gssapi.so %changelog -* Thu Jun 30 2016 Simo Sorce 1.3.1-3 -- Fix backport issue -- related: #1347175 - -* Wed Jun 15 2016 Simo Sorce 1.3.1-2 -- Add Unique ccache support -- resolves: #1347175 +* Tue Jun 21 2016 Simo Sorce 1.4.0-1 +- Lunar Reconnaissance Orbiter (2009) release (1.4.0) +- resolves: #1346883 +- resolves: #1343422 * Thu Sep 3 2015 Simo Sorce 1.3.1-1 - Various bugfixes and minor new features