jellyfin, branch v10.3.5

Bump version for 10.3.5

2019-06-10T01:47:45Z

Merge pull request #1447 from joshuaboniface/implement-invalidauth

2019-06-09T19:36:25Z

Implement InvalidAuthProvider

Revert "Don't set a default reset provider"

2019-06-09T19:29:43Z

This reverts commit c230d49d7c37d4fbe77676b835c3afd6c8cb56e7. This reenables an edge case where an admin might want to reset, with the default auth provider, the password of an externally-provided user so they could "unlock" the account while it was failing. There might be minor security implications to this, but the malicious actor would need FS access to do it (as they would with any password resets) so it's probably best to keep it as-is. Removing this in the first place was due to a misunderstanding anyways so no harm.

Remove superfluous conditional

2019-06-09T17:57:49Z

This wasn't needed to prevent updating the policy on-disk from my tests and can be removed as suggested by @Bond-009

Don't set a default reset provider

2019-06-09T17:46:53Z

Use SecurityException for auth failure

2019-06-09T17:45:51Z

Apply suggestions from code review

2019-06-09T17:41:14Z

Co-Authored-By: Claus Vium Co-Authored-By: Bond-009

Add nicer log message and comment

2019-06-09T15:07:35Z

Implement InvalidAuthProvider

2019-06-09T02:54:31Z

Implements the InvalidAuthProvider, which acts as a fallback if a configured authentication provider, e.g. LDAP, is unavailable due to a load failure or removal. Until the user or the authentication plugin is corrected, this will cause users with the missing provider to be locked out, while throwing errors in the logs about the issue. Fixes #1445 part 2

Merge pull request #1443 from jellyfin/qemu

2019-06-07T22:41:35Z

Docker - Update arm* Dockerfiles for latest multiarch