Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: tags/krb5-1-9-…
Commits on Dec 16, 2010
  1. Create tag krb5-1-9-beta3

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/tags/krb5-1-9-beta3@24579 dc483132-0cff-0310-8789-dd5450dbe970
  2. README and patchlevel.h for krb5-1.9-beta3

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24578 dc483132-0cff-0310-8789-dd5450dbe970
  3. make depend

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24577 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Dec 15, 2010
  1. update acknowledgments

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24576 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Dec 14, 2010
  1. ticket: 6842

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24568 from trunk
    
     ------------------------------------------------------------------------
     r24568 | ghudson | 2010-12-14 13:46:46 -0500 (Tue, 14 Dec 2010) | 10 lines
    
     ticket: 6842
     subject: Ensure time() is prototyped in g_accept_sec_context.c
     tags: pullup
     target_version: 1.9
    
     r22736 added a call to time() in g_accept_sec_context.c.  Include
     <time.h> to ensure that this call is correctly prototyped.  Previously
     <time.h> was only included implicitly through <pthread.h>, which
     doesn't apply when thread support is disabled.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24573 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 6841

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24567 from trunk
    
     ------------------------------------------------------------------------
     r24567 | tlyu | 2010-12-14 12:34:48 -0500 (Tue, 14 Dec 2010) | 7 lines
    
     ticket: 6841
     subject: memory leak in changepw.c
     tags: pullup
     target_version: 1.9
    
     Apply patch from Marcus Watts to avoid a memory leak in changepw.c.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24572 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 6840

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24565 from trunk
    
     ------------------------------------------------------------------------
     r24565 | tlyu | 2010-12-14 12:24:21 -0500 (Tue, 14 Dec 2010) | 7 lines
    
     ticket: 6840
     subject: typo in plugin-related error message
     tags: pullup
     target_version: 1.9
    
     Apply patch from Marcus Watts to fix error message typo.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24571 dc483132-0cff-0310-8789-dd5450dbe970
  4. ticket: 6838

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24566 from trunk
    
     ------------------------------------------------------------------------
     r24566 | ghudson | 2010-12-14 12:28:38 -0500 (Tue, 14 Dec 2010) | 9 lines
    
     ticket: 6838
     tags: pullups
     target_version: 1.9
    
     Fix a regression in the client-side ticket renewal code where KDC
     options were not folded into the renewal request (most notably, the
     KDC_OPT_RENEWABLE flag), so we didn't request renewable renewed
     tickets.  Add a simple test case for ticket renewal.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24570 dc483132-0cff-0310-8789-dd5450dbe970
  5. ticket: 6839

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24564 from trunk
    
     ------------------------------------------------------------------------
     r24564 | tlyu | 2010-12-09 20:06:26 -0500 (Thu, 09 Dec 2010) | 18 lines
    
     ticket: 6839
     subject: handle MS PACs that lack server checksum
     target_version 1.9
     tags: pullup
    
     Apple Mac OS X Server's Open Directory KDC issues MS PAC like
     authorization data that lacks a server checksum.  If this checksum is
     missing, mark the PAC as unverfied, but allow
     krb5int_authdata_verify() to succeed.  Filter out the unverified PAC
     in subsequent calls to krb5_authdata_get_attribute().  Add trace
     points to indicate where this behavior occurs.
    
     Thanks to Helmut Grohne for help with analysis.  This bug is also
     Debian Bug #604925:
     http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604925
    
     This change should also get backported to krb5-1.8.x.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24569 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Dec 3, 2010
  1. krb5-1.9-beta2-postrelease

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24559 dc483132-0cff-0310-8789-dd5450dbe970
  2. README and patchlevel.h for krb5-1.9-beta2

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24557 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 1219

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24555 from trunk
    
     ------------------------------------------------------------------------
     r24555 | tlyu | 2010-12-03 07:34:53 -0500 (Fri, 03 Dec 2010) | 6 lines
    
     ticket: 1219
     target_version: 1.9
     tags: pullup
    
     Test for key rollover for TGT, including purging old keys.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24556 dc483132-0cff-0310-8789-dd5450dbe970
  4. ticket: 6826

    tlyu authored
    status: resolved
    
    Fix svn:eol-style properties.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24554 dc483132-0cff-0310-8789-dd5450dbe970
  5. ticket: 6826

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24469, r24530, r24533, r24534, r24535, r24537 from trunk
    
     ------------------------------------------------------------------------
     r24537 | ghudson | 2010-11-30 12:46:10 -0500 (Tue, 30 Nov 2010) | 5 lines
    
     ticket: 6826
    
     Install gssapi_ext.h on Windows.  Include gssapi_ext.h in the header
     files considered by def-check.pl in verify-calling-conventions-gssapi.
    
     ------------------------------------------------------------------------
     r24535 | ghudson | 2010-11-26 11:37:14 -0500 (Fri, 26 Nov 2010) | 5 lines
    
     ticket: 6826
    
     Supply static ordinals for new symbols in gssapi32.def and krb5_32.def,
     for consistency with KFW 3.x.
    
     ------------------------------------------------------------------------
     r24534 | ghudson | 2010-11-25 15:34:06 -0500 (Thu, 25 Nov 2010) | 5 lines
    
     ticket: 6826
    
     Fix how gssapi.h is rebuilt on Windows; accidentally omitted from
     r24533.
    
     ------------------------------------------------------------------------
     r24533 | ghudson | 2010-11-25 15:28:30 -0500 (Thu, 25 Nov 2010) | 29 lines
    
     ticket: 6826
     subject: Fix Windows build
     target_version: 1.9
     tags: pullup
    
     Repair the Windows build.  Tested with the prepare-on-Unix method.
     Some specific changes include:
    
     * Removed the IPC finalizer (no longer used after r20787) from
       ccapi/lib/ccapi_ipc.c, as it was creating a difficult dependency
       chain for the pingtest build in ccapi/test.  Also updated pingtest
       to use the k5_ipc_stream interfaces since cci_stream is gone.
    
     * Reverted the apparently non-functional r20277.
    
     * klist -V prints just "Kerberos for Windows", since it has no access
       to PACKAGE_NAME and PACKAGE_VERSION from autoconf.  This should be
       addressed correctly.
    
     * krb5, telnet, gssftp, and NIM are removed from the build.
    
     * Some files had CRLFs; these were replaced with LFs and the
       svn:eol-style property set on the files.  Otherwise the CRLFs became
       CRCRLFs after the zip transfer.
    
     * Windows does not have opendir/readdir, so added Windows code to
       prof_parse.c for includedir.  Probable fodder for a libkrb5support
       portability shim.
    
     ------------------------------------------------------------------------
     r24530 | ghudson | 2010-11-23 13:50:12 -0500 (Tue, 23 Nov 2010) | 3 lines
    
     Set svn:eol-style on some Windows files and remove the CRs from their
     repository representations.
    
     ------------------------------------------------------------------------
     r24469 | ghudson | 2010-10-21 20:01:56 -0400 (Thu, 21 Oct 2010) | 3 lines
    
     Make it possible to override CRYPTO_IMPL_CFLAGS and CRYPTO_IMPL_LIBS at
     make time.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24553 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Dec 1, 2010
  1. ticket: 6829

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24550 from trunk
    
     ------------------------------------------------------------------------
     r24550 | ghudson | 2010-12-01 17:36:38 -0500 (Wed, 01 Dec 2010) | 4 lines
    
     ticket: 6829
    
     Correct typo in admin documentation for restrict_anonymous_to_tgt.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24552 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 6828

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24539 from trunk
    
     ------------------------------------------------------------------------
     r24539 | hartmans | 2010-11-30 17:46:54 -0500 (Tue, 30 Nov 2010) | 7 lines
    
     ticket: 6828
     Subject: Install kadm5_hook_plugin.h
     target_version: 1.9
     tags: pullup
    
     Install the kadm5 hook plugin header
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24551 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 6829

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24547 from trunk
    
     ------------------------------------------------------------------------
     r24547 | ghudson | 2010-12-01 15:01:46 -0500 (Wed, 01 Dec 2010) | 10 lines
    
     ticket: 6829
     subject: Implement restrict_anonymous_to_tgt realm flag
     target_version: 1.9
     tags: pullup
    
     Implement a new realm flag to reject ticket requests from anonymous
     principals to any principal other than the local TGT.  Allows FAST to
     be deployed using anonymous tickets as armor in realms where the set
     of authenticatable users must be constrained.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24549 dc483132-0cff-0310-8789-dd5450dbe970
  4. ticket: 6815

    tlyu authored
    version_fixed: 1.9
    
    Apply ported patch.
    
     If kdb5_util load (without -update) fails--say, due to an invalid dump
     file--it calls krb5_db_destroy to destroy the temporary DB.
     Unfortunately, this results in the destruction of the real DB instead.
    
     Luckily, this bug only applies to krb5 1.9, which hasn't been released
     yet.  In krb5 1.8 the destroy operation fails before it does any damage.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24548 dc483132-0cff-0310-8789-dd5450dbe970
  5. ticket: 6825

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24529, r24532 from trunk
    
     ------------------------------------------------------------------------
     r24532 | tlyu | 2010-11-23 18:51:50 -0500 (Tue, 23 Nov 2010) | 6 lines
    
     ticket: 6825
    
     Update krb5_gic_opt_private and related code to reflect the change of
     krb5_expire_callback_func from a function typedef to a function
     pointer typedef.  This was causing segfaults.
    
     ------------------------------------------------------------------------
     r24529 | ghudson | 2010-11-22 23:50:40 -0500 (Mon, 22 Nov 2010) | 9 lines
    
     ticket: 6825
     subject: Add missing KRB5_CALLCONV in callback declaration
     target_version: 1.9
     tags: pullup
    
     krb5_get_init_creds_opt_set_expire_callback was correctly tagged with
     KRB5_CALLCONV but the corresponding callback type was not.  Add that
     in.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24546 dc483132-0cff-0310-8789-dd5450dbe970
  6. ticket: 6824

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24528 from trunk
    
     ------------------------------------------------------------------------
     r24528 | ghudson | 2010-11-22 23:41:08 -0500 (Mon, 22 Nov 2010) | 7 lines
    
     ticket: 6824
     subject: Export krb5_tkt_creds_get
     target_version: 1.9
     tags: pullup
    
     krb5_tkt_creds_get was overlooked in the export list; add it.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24545 dc483132-0cff-0310-8789-dd5450dbe970
  7. ticket: 6823

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24526, r24527 from trunk
    
     ------------------------------------------------------------------------
     r24527 | ghudson | 2010-11-21 22:58:15 -0500 (Sun, 21 Nov 2010) | 4 lines
    
     ticket: 6823
    
     Correct typo in r24526.
    
     ------------------------------------------------------------------------
     r24526 | hartmans | 2010-11-21 22:33:22 -0500 (Sun, 21 Nov 2010) | 9 lines
    
     ticket: 6823
     subject: getdate.y: declare yyparse
     target_version: 1.9
     tags: pullup
    
     At least on lucid, byacc doesn't declare yyparse, which creates
     problems because lucid treats calls to unprototyped functions as
     errors.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24544 dc483132-0cff-0310-8789-dd5450dbe970
  8. ticket: 6822

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24524 from trunk
    
     ------------------------------------------------------------------------
     r24524 | ghudson | 2010-11-19 19:31:46 -0500 (Fri, 19 Nov 2010) | 8 lines
    
     ticket: 6822
     subject: Implement Camellia-CTS-CMAC instead of Camellia-CCM
     target_verion: 1.9
     tags: pullup
    
     Replace the Camellia-CCM enctypes with Camellia-CTS-CMAC.  Still not
     compiled in by default since we don't have enctype assignments yet.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24543 dc483132-0cff-0310-8789-dd5450dbe970
  9. ticket: 6820

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24519 from trunk
    
     ------------------------------------------------------------------------
     r24519 | ghudson | 2010-11-15 21:54:26 -0500 (Mon, 15 Nov 2010) | 8 lines
    
     ticket: 6820
     subject: Read KDC profile settings in kpropd
     target_version: 1.9
     tags: pullup
    
     kpropd can modify the KDB with ulog_replay(), so it should read the
     KDC profile settings in case the KDB configuration is in there.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24542 dc483132-0cff-0310-8789-dd5450dbe970
  10. ticket: 6819

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24518 from trunk
    
     ------------------------------------------------------------------------
     r24518 | ghudson | 2010-11-15 21:30:16 -0500 (Mon, 15 Nov 2010) | 12 lines
    
     ticket: 6819
     subject: Handle referral realm in kprop client principal
     target_version: 1.9
     tags: pullup
    
     kprop uses krb5_sname_to_principal() to determine its client
     principal.  If the local hostname cannot be mapped to a realm based on
     the profile's domain_realm section, krb5_sname_to_principal() will (as
     of 1.6) return a principal with the referral realm (""), which does
     not work in a client principal.  Handle this by substituting the
     default realm.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24541 dc483132-0cff-0310-8789-dd5450dbe970
  11. ticket: 6827

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24538 from trunk
    
     ------------------------------------------------------------------------
     r24538 | ghudson | 2010-11-30 16:20:49 -0500 (Tue, 30 Nov 2010) | 27 lines
    
     ticket: 6827
     subject: SA-2010-007 Checksum vulnerabilities (CVE-2010-1324 and others)
    
     Fix multiple checksum handling bugs, as described in:
       CVE-2010-1324
       CVE-2010-1323
       CVE-2010-4020
       CVE-2010-4021
    
     * Return the correct (keyed) checksums as the mandatory checksum type
       for DES enctypes.
     * Restrict simplified-profile checksums to their corresponding etypes.
     * Add internal checks to reduce the risk of stream ciphers being used
       with simplified-profile key derivation or other algorithms relying
       on the block encryption primitive.
     * Use the mandatory checksum type for the PKINIT KDC signature,
       instead of the first-listed keyed checksum.
     * Use the mandatory checksum type when sending KRB-SAFE messages by
       default, instead of the first-listed keyed checksum.
     * Use the mandatory checksum type for the t_kperf test program.
     * Use the mandatory checksum type (without additional logic) for the
       FAST request checksum.
     * Preserve the existing checksum choices (unkeyed checksums for DES
       enctypes) for the authenticator checksum, using explicit logic.
     * Ensure that SAM checksums received from the KDC are keyed.
     * Ensure that PAC checksums are keyed.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24540 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 2, 2010
  1. krb5-1.9-beta1-postrelease

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24504 dc483132-0cff-0310-8789-dd5450dbe970
  2. README and patchlevel.h for krb5-1.9-beta1

    tlyu authored
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24502 dc483132-0cff-0310-8789-dd5450dbe970
Commits on Nov 1, 2010
  1. ticket: 6812

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24488 from trunk
    
     ------------------------------------------------------------------------
     r24488 | ghudson | 2010-10-27 13:05:05 -0400 (Wed, 27 Oct 2010) | 5 lines
    
     ticket: 6812
    
     Don't fail out from krb5_get_credentials() if we can't store a ticket
     into the ccache.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24501 dc483132-0cff-0310-8789-dd5450dbe970
  2. ticket: 6811

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24486 from trunk
    
     ------------------------------------------------------------------------
     r24486 | ghudson | 2010-10-26 13:34:41 -0400 (Tue, 26 Oct 2010) | 8 lines
    
     ticket: 6811
     subject: Mark Camellia-CCM code as experimental
     target_version: 1.9
     tags: pullup
    
     Add a comment noting that the Camellia-CCM code in 1.9 is
     experimental.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24500 dc483132-0cff-0310-8789-dd5450dbe970
  3. ticket: 6796

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24481 from trunk
    
     ------------------------------------------------------------------------
     r24481 | ghudson | 2010-10-25 16:17:54 -0400 (Mon, 25 Oct 2010) | 7 lines
    
     ticket: 6796
     target_version: 1.9
     tags: pullup
    
     Use safer output parameter handling in
     krb5_gss_acquire_cred_impersonate_name and its subsidiary helpers.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24499 dc483132-0cff-0310-8789-dd5450dbe970
  4. ticket: 6809

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24483 from trunk
    
     ------------------------------------------------------------------------
     r24483 | ghudson | 2010-10-26 10:17:38 -0400 (Tue, 26 Oct 2010) | 8 lines
    
     ticket: 6809
     target_version: 1.9
     tags: pullup
    
     Set *conf_state on successful return from
     gss_krb5int_make_seal_token_v3_iov, fixing a case where it wasn't
     always set by gss_wrap_iov.  Patch from aberry@likewise.com.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24498 dc483132-0cff-0310-8789-dd5450dbe970
  5. ticket: 6787

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24482 from trunk
    
     ------------------------------------------------------------------------
     r24482 | ghudson | 2010-10-25 17:55:54 -0400 (Mon, 25 Oct 2010) | 8 lines
    
     ticket: 6787
     target_version: 1.9
     tags: pullup
    
     When we create a temporary memory ccache for use within a
     krb5_gss_cred_id_rec, set a flag to indicate that the ccache should be
     destroyed rather than closed.  Patch from aberry@likewise.com.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24497 dc483132-0cff-0310-8789-dd5450dbe970
  6. ticket: 6793

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24480 from trunk
    
     ------------------------------------------------------------------------
     r24480 | ghudson | 2010-10-25 15:37:03 -0400 (Mon, 25 Oct 2010) | 8 lines
    
     ticket: 6793
     target_version: 1.9
     tags: pullup
    
     In acquire_init_cred in the GSS krb5 mech, don't intern cred->name,
     since it's not used as an output parameter.  Fixes a memory leak.
     Reported by aberry@likewise.com.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24496 dc483132-0cff-0310-8789-dd5450dbe970
  7. ticket: 6810

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24470 from trunk
    
     ------------------------------------------------------------------------
     r24470 | ghudson | 2010-10-22 20:38:17 -0400 (Fri, 22 Oct 2010) | 10 lines
    
     ticket: 6810
     subject: Better	libk5crypto NSS	fork safety
     target_version:	1.9
     tags: pullup
    
     Use SECMOD_RestartModules() from the forthcoming NSS 3.12.9 release to
     make the libk5crypto back end work after a fork.  Add a test program
     to exercise fork detection in the NSS back end.  Add a configure-time
     version check to ensure that we're using NSS 3.12.9 or later.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24495 dc483132-0cff-0310-8789-dd5450dbe970
  8. ticket: 6807

    tlyu authored
    version_fixed: 1.9
    status: resolved
    
    pull up r24467 from trunk
    
     ------------------------------------------------------------------------
     r24467 | hartmans | 2010-10-19 15:50:48 -0400 (Tue, 19 Oct 2010) | 8 lines
    
     ticket: 6807
     subject: SecurID build support
     target_version: 1.9
     tags: pullup
    
     Integrate SecurID into the build if libaceclnt is found.
     Add a README file with an example of how to build it.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24494 dc483132-0cff-0310-8789-dd5450dbe970
Something went wrong with that request. Please try again.