+++ /dev/null
-# Configuration for Travis-CI continuous integration.
-#
-# Copyright 2017, 2020 Russ Allbery <eagle@eyrie.org>
-#
-# SPDX-License-Identifier: MIT
-
-dist: bionic
-language: c
-compiler:
- - gcc
- - clang
-
-before_install:
- - sudo apt-get update -qq
- - sudo apt-get install -y krb5-config libkrb5-dev libtest-pod-perl perl
-env: AUTHOR_TESTING=1 C_TAP_VERBOSE=1
-script: ./bootstrap && ./configure && make warnings && make check
-
-branches:
- except:
- - /^debian\/.*/
- - pristine-tar
- - /^upstream\/.*/
# SPDX-License-Identifier: BSD-3-clause or GPL-1+
ACLOCAL_AMFLAGS = -I m4
-EXTRA_DIST = .gitignore .github .travis.yml LICENSE README.md bootstrap \
- ci/README ci/install ci/test docs/metadata docs/pam_krb5.pod \
+EXTRA_DIST = .gitignore .github LICENSE README.md bootstrap ci/README \
+ ci/install ci/test docs/metadata docs/pam_krb5.pod \
module/pam_krb5.map module/pam_krb5.sym tests/README tests/TESTS \
tests/config/README tests/data/generate-krb5-conf \
tests/data/krb5-pam.conf tests/data/krb5.conf tests/data/perl.conf \
For PKINIT support, Heimdal 0.8rc1 or later or MIT Kerberos 1.6.3 or
later are required. Earlier MIT Kerberos 1.6 releases have a bug in
- their handling of PKINIT options.
+ their handling of PKINIT options. MIT Kerberos 1.12 or later is
+ required to use the use_pkinit PAM option.
For FAST (Flexible Authentication Secure Tunneling) support, MIT
Kerberos 1.7 or higher is required. For anonymous FAST support,
anonymous authentication (generally anonymous PKINIT) support is
required in both the Kerberos libraries and in the local KDC.
- This module should work on Linux and Solaris (and build with gcc, clang,
- or the Sun C compiler), but has been far more heavily tested on Linux.
- There is beta-quality support for the AIX NAS Kerberos implementation.
- Other PAM implementations will probably require some porting, although
+ This module should work on Linux and build with gcc or clang. It may
+ still work on Solaris and build with the Sun C compiler, but I have only
+ tested it on Linux recently. There is beta-quality support for the AIX
+ NAS Kerberos implementation that has not been tested in years. Other
+ PAM implementations will probably require some porting, although
untested build system support is present for FreeBSD, Mac OS X, and
HP-UX. I personally can only test on Linux and rely on others to report
problems on other operating systems.
# pam-krb5 4.8
[![Build
-status](https://travis-ci.org/rra/pam-krb5.svg?branch=master)](https://travis-ci.org/rra/pam-krb5)
+status](https://github.com/rra/pam-krb5/workflows/build/badge.svg)](https://github.com/rra/pam-krb5/actions)
[![Debian
package](https://img.shields.io/debian/v/libpam-krb5)](https://tracker.debian.org/pkg/libpam-krb5)
For PKINIT support, Heimdal 0.8rc1 or later or MIT Kerberos 1.6.3 or later
are required. Earlier MIT Kerberos 1.6 releases have a bug in their
-handling of PKINIT options.
+handling of PKINIT options. MIT Kerberos 1.12 or later is required to use
+the use_pkinit PAM option.
For FAST (Flexible Authentication Secure Tunneling) support, MIT Kerberos
1.7 or higher is required. For anonymous FAST support, anonymous
authentication (generally anonymous PKINIT) support is required in both
the Kerberos libraries and in the local KDC.
-This module should work on Linux and Solaris (and build with gcc, clang,
-or the Sun C compiler), but has been far more heavily tested on Linux.
-There is beta-quality support for the AIX NAS Kerberos implementation.
-Other PAM implementations will probably require some porting, although
-untested build system support is present for FreeBSD, Mac OS X, and HP-UX.
-I personally can only test on Linux and rely on others to report problems
-on other operating systems.
+This module should work on Linux and build with gcc or clang. It may
+still work on Solaris and build with the Sun C compiler, but I have only
+tested it on Linux recently. There is beta-quality support for the AIX
+NAS Kerberos implementation that has not been tested in years. Other PAM
+implementations will probably require some porting, although untested
+build system support is present for FreeBSD, Mac OS X, and HP-UX. I
+personally can only test on Linux and rely on others to report problems on
+other operating systems.
Old versions of OpenSSH are known to call `pam_authenticate` followed by
`pam_setcred(PAM_REINITIALIZE_CRED)` without first calling
"browse": "https://git.eyrie.org/?p=kerberos/pam-krb5.git",
"github": "rra/pam-krb5",
"openhub": "https://www.openhub.net/p/pamkrb5",
- "travis": "rra/pam-krb5",
+ "status": {
+ "workflow": "build",
+ },
},
"readme": {
"sections": [