/ ChangeLog.2000
ChangeLog.2000
1 2000-12-31 Assar Westerlund <assar@sics.se> 2 3 * lib/krb5/test_get_addrs.c (main): handle krb5_init_context 4 failure consistently 5 * lib/krb5/string-to-key-test.c (main): handle krb5_init_context 6 failure consistently 7 * lib/krb5/prog_setup.c (krb5_program_setup): handle 8 krb5_init_context failure consistently 9 * lib/hdb/convert_db.c (main): handle krb5_init_context failure 10 consistently 11 * kuser/kverify.c (main): handle krb5_init_context failure 12 consistently 13 * kuser/klist.c (main): handle krb5_init_context failure 14 consistently 15 * kuser/kinit.c (main): handle krb5_init_context failure 16 consistently 17 * kuser/kgetcred.c (main): handle krb5_init_context failure 18 consistently 19 * kuser/kdestroy.c (main): handle krb5_init_context failure 20 consistently 21 * kuser/kdecode_ticket.c (main): handle krb5_init_context failure 22 consistently 23 * kuser/generate-requests.c (generate_requests): handle 24 krb5_init_context failure consistently 25 * kpasswd/kpasswd.c (main): handle krb5_init_context failure 26 consistently 27 * kpasswd/kpasswd-generator.c (generate_requests): handle 28 krb5_init_context failure consistently 29 * kdc/main.c (main): handle krb5_init_context failure consistently 30 * appl/test/uu_client.c (proto): handle krb5_init_context failure 31 consistently 32 * appl/kf/kf.c (main): handle krb5_init_context failure 33 consistently 34 * admin/ktutil.c (main): handle krb5_init_context failure 35 consistently 36 37 * admin/get.c (kt_get): more error checking 38 39 2000-12-29 Assar Westerlund <assar@sics.se> 40 41 * lib/asn1/asn1_print.c (loop): check for length longer than data. 42 inspired by lha@stacken.kth.se 43 44 2000-12-16 Johan Danielsson <joda@pdc.kth.se> 45 46 * admin/ktutil.8: reflect recent changes 47 48 * admin/copy.c: don't copy an entry that already exists in the 49 keytab, and warn if the keyblock differs 50 51 2000-12-15 Johan Danielsson <joda@pdc.kth.se> 52 53 * admin/Makefile.am: merge srvconvert and srvcreate with copy 54 55 * admin/copy.c: merge srvconvert and srvcreate with copy 56 57 * lib/krb5/Makefile.am: always build keytab_krb4.c 58 59 * lib/krb5/context.c: always register the krb4 keytab functions 60 61 * lib/krb5/krb5.h: declare krb4_ftk_ops 62 63 * lib/krb5/keytab_krb4.c: We don't really need to include krb.h 64 here, since we only use the principal size macros, so define these 65 here. Theoretically someone could have a krb4 system where these 66 values are != 40, but this is unlikely, and 67 krb5_524_conv_principal also assume they are 40. 68 69 2000-12-13 Johan Danielsson <joda@pdc.kth.se> 70 71 * lib/krb5/krb5.h: s/krb5_donot_reply/krb5_donot_replay/ 72 73 * lib/krb5/replay.c: fix query-replace-o from MD5 API change, and 74 the struct is called krb5_donot_replay 75 76 2000-12-12 Assar Westerlund <assar@sics.se> 77 78 * admin/srvconvert.c (srvconvert): do not use data after free:ing 79 it 80 81 2000-12-11 Assar Westerlund <assar@sics.se> 82 83 * Release 0.3d 84 85 2000-12-11 Assar Westerlund <assar@sics.se> 86 87 * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): set version to 14:0:0 88 * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): update to 6:3:0 89 * lib/krb5/Makefile.am (libkrb5_la_LIBADD): add library 90 dependencies 91 92 2000-12-10 Johan Danielsson <joda@pdc.kth.se> 93 94 * lib/krb5/auth_context.c: implement krb5_auth_con_{get,set}rcache 95 96 2000-12-08 Assar Westerlund <assar@sics.se> 97 98 * lib/krb5/krb5.h (krb5_enctype): add ETYPE_DES3_CBC_NONE_IVEC as 99 a new pseudo-type 100 101 * lib/krb5/crypto.c (DES_AFS3_CMU_string_to_key): always treat 102 cell names as lower case 103 (krb5_encrypt_ivec, krb5_decrypt_ivec): new functions that allow an 104 explicit ivec to be specified. fix all sub-functions. 105 (DES3_CBC_encrypt_ivec): new function that takes an explicit ivec 106 107 2000-12-06 Johan Danielsson <joda@pdc.kth.se> 108 109 * lib/krb5/Makefile.am: actually build replay cache code 110 111 * lib/krb5/replay.c: implement krb5_get_server_rcache 112 113 * kpasswd/kpasswdd.c: de-pointerise auth_context parameter to 114 krb5_mk_rep 115 116 * lib/krb5/recvauth.c: de-pointerise auth_context parameter to 117 krb5_mk_rep 118 119 * lib/krb5/mk_rep.c: auth_context should not be a pointer 120 121 * lib/krb5/auth_context.c: implement krb5_auth_con_genaddrs, and 122 make setaddrs_from_fd use that 123 124 * lib/krb5/krb5.h: add some more KRB5_AUTH_CONTEXT_* flags 125 126 2000-12-05 Johan Danielsson <joda@pdc.kth.se> 127 128 * lib/krb5/Makefile.am: add kerberos.8 manpage 129 130 * lib/krb5/cache.c: check for NULL remove_cred function 131 132 * lib/krb5/fcache.c: pretend that empty files are non-existant 133 134 * lib/krb5/get_addrs.c (find_all_addresses): use getifaddrs, from 135 Jason Thorpe <thorpej@netbsd.org> 136 137 2000-12-01 Assar Westerlund <assar@sics.se> 138 139 * configure.in: remove configure-time generation of krb5-config 140 * tools/Makefile.am: add generation of krb5-config at make-time 141 instead of configure-time 142 143 * tools/krb5-config.in: add --prefix and --exec-prefix 144 145 2000-11-30 Assar Westerlund <assar@sics.se> 146 147 * tools/Makefile.am: add krb5-config.1 148 * tools/krb5-config.in: add kadm-client and kadm5-server as 149 libraries 150 151 2000-11-29 Assar Westerlund <assar@sics.se> 152 153 * tools/krb5-config.in: add --prefix, --exec-prefix and gssapi 154 155 2000-11-29 Johan Danielsson <joda@pdc.kth.se> 156 157 * configure.in: add roken/Makefile here, since it can't live in 158 rk_ROKEN 159 160 2000-11-16 Assar Westerlund <assar@sics.se> 161 162 * configure.in: use the libtool -rpath, do not rely on ld 163 understanding -rpath 164 165 * configure.in: fix the -Wl stuff for krb4 linking add some 166 gratuitous extra options when linking with an existing libdes 167 168 2000-11-15 Assar Westerlund <assar@sics.se> 169 170 * lib/hdb/hdb.c (hdb_next_enctype2key): const-ize a little bit 171 * lib/Makefile.am (SUBDIRS): try to only build des when needed 172 * kuser/klist.c: print key versions numbers of v4 tickets in 173 verbose mode 174 175 * kdc/kerberos5.c (tgs_rep2): adapt to new krb5_verify_ap_req2 176 * appl/test/gss_common.c (read_token): remove unused variable 177 178 * configure.in (krb4): add -Wl 179 (MD4Init et al): look for these in more libraries 180 (getmsg): only run test if we have the function 181 (AC_OUTPUT): create tools/krb5-config 182 183 * tools/krb5-config.in: new script for storing flags to use 184 * Makefile.am (SUBDIRS): add tools 185 186 * lib/krb5/get_cred.c (make_pa_tgs_req): update to new 187 krb5_mk_req_internal 188 * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): allow different 189 usages for the encryption. change callers 190 * lib/krb5/rd_req.c (decrypt_authenticator): add an encryption 191 `usage'. also try the old 192 (and wrong) usage of KRB5_KU_AP_REQ_AUTH for backwards compatibility 193 (krb5_verify_ap_req2): new function for specifying the usage different 194 from the default (KRB5_KU_AP_REQ_AUTH) 195 * lib/krb5/build_auth.c (krb5_build_authenticator): add a `usage' 196 parameter to permit the generation of authenticators with 197 different crypto usage 198 199 * lib/krb5/mk_req.c (krb5_mk_req_exact): new function that takes a 200 krb5_principal 201 (krb5_mk_req): use krb5_mk_req_exact 202 203 * lib/krb5/mcache.c (mcc_close): free data 204 (mcc_destroy): don't free data 205 206 2000-11-13 Assar Westerlund <assar@sics.se> 207 208 * lib/hdb/ndbm.c: handle both ndbm.h and gdbm/ndbm.h 209 * lib/hdb/hdb.c: handle both ndbm.h and gdbm/ndbm.h 210 211 2000-11-12 Johan Danielsson <joda@pdc.kth.se> 212 213 * kdc/hpropd.8: remove extra .Xc 214 215 2000-10-27 Johan Danielsson <joda@pdc.kth.se> 216 217 * kuser/kinit.c: fix v4 fallback lifetime calculation 218 219 2000-10-10 Johan Danielsson <joda@pdc.kth.se> 220 221 * kdc/524.c: fix log messge 222 223 2000-10-08 Assar Westerlund <assar@sics.se> 224 225 * lib/krb5/changepw.c (krb5_change_password): check for fd's being 226 too large to select on 227 * kpasswd/kpasswdd.c (add_new_tcp): check for the socket fd being 228 too large to select on 229 * kdc/connect.c (add_new_tcp): check for the socket fd being too 230 large to selct on 231 * kdc/connect.c (loop): check that the socket fd is not too large 232 to select on 233 * lib/krb5/send_to_kdc.c (recv_loop): check `fd' for being too 234 large to be able to select on 235 236 * kdc/kaserver.c (do_authenticate): check for time skew 237 238 2000-10-01 Assar Westerlund <assar@sics.se> 239 240 * kdc/524.c (set_address): allocate memory for storing addresses 241 in if the original request had an empty set of addresses 242 * kdc/524.c (set_address): fix bad return of pointer to automatic 243 data 244 245 * config.sub: update to version 2000-09-11 (aka 1.181) from 246 subversions.gnu.org 247 248 * config.guess: update to version 2000-09-05 (aka 1.156) from 249 subversions.gnu.org plus some minor tweaks 250 251 2000-09-20 Assar Westerlund <assar@juguete.sics.se> 252 253 * Release 0.3c 254 255 2000-09-19 Assar Westerlund <assar@sics.se> 256 257 * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to 258 13:1:0 259 260 * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 6:2:0 261 262 2000-09-17 Assar Westerlund <assar@sics.se> 263 264 * lib/krb5/rd_req.c (krb5_decrypt_ticket): plug some memory leak 265 (krb5_rd_req): try not to return an allocated auth_context on error 266 267 * lib/krb5/log.c (krb5_vlog_msg): fix const-ness 268 269 2000-09-10 Assar Westerlund <assar@sics.se> 270 271 * kdc/524.c: re-organize 272 * kdc/kerberos5.c (tgs_rep2): try to avoid leaking auth_context 273 * kdc/kerberos4.c (valid_princ): check return value of functions 274 (encode_v4_ticket): add some const 275 * kdc/misc.c (db_fetch): check malloc 276 (free_ent): new function 277 278 * lib/krb5/log.c (krb5_vlog_msg): log just the format string it we 279 fail to allocate the actual string to log, should at least provide 280 some hint as to where things went wrong 281 282 2000-09-10 Johan Danielsson <joda@pdc.kth.se> 283 284 * kdc/log.c: use DEFAULT_LOG_DEST 285 286 * kdc/config.c: use _PATH_KDC_CONF 287 288 * kdc/kdc_locl.h: add macro constants for kdc.conf, and kdc.log 289 290 2000-09-09 Assar Westerlund <assar@sics.se> 291 292 * lib/krb5/crypto.c (_key_schedule): re-use an existing schedule 293 294 2000-09-06 Johan Danielsson <joda@pdc.kth.se> 295 296 * configure.in: fix dpagaix test 297 298 2000-09-05 Assar Westerlund <assar@sics.se> 299 300 * configure.in: with_dce -> enable_dce. noticed by Ake Sandgren 301 <ake@cs.umu.se> 302 303 2000-09-01 Johan Danielsson <joda@pdc.kth.se> 304 305 * kdc/kstash.8: update manual page 306 307 * kdc/kstash.c: fix typo, and remove unused option 308 309 * lib/krb5/kerberos.7: short kerberos intro page 310 311 2000-08-27 Assar Westerlund <assar@sics.se> 312 313 * include/bits.c: add __attribute__ for gcc's pleasure 314 * lib/hdb/keytab.c: re-write to delay the opening of the database 315 till it's known which principal is being sought, thereby allowing 316 the usage of multiple databases, however they need to be specified 317 in /etc/krb5.conf since all the programs using this keytab do not 318 read kdc.conf 319 320 * appl/test/test_locl.h (keytab): add 321 * appl/test/common.c: add --keytab 322 * lib/krb5/crypto.c: remove trailing commas 323 (KRB5_KU_USAGE_SEQ): renamed from KRB5_KU_USAGE_MIC 324 325 2000-08-26 Assar Westerlund <assar@sics.se> 326 327 * lib/krb5/send_to_kdc.c (send_via_proxy): handle `http://' at the 328 beginning of the proxy specification. use getaddrinfo correctly 329 (krb5_sendto): always return a return code 330 331 * lib/krb5/krb5.h (KRB5_KU_USAGE_MIC): rename to KRB5_KU_USAGE_SEQ 332 * lib/krb5/auth_context.c (krb5_auth_con_free): handle 333 auth_context == NULL 334 335 2000-08-23 Assar Westerlund <assar@sics.se> 336 337 * kdc/kerberos5.c (find_type): make sure of always setting 338 `ret_etype' correctly. clean-up structure some 339 340 2000-08-23 Johan Danielsson <joda@pdc.kth.se> 341 342 * lib/krb5/mcache.c: implement resolve 343 344 2000-08-18 Assar Westerlund <assar@sics.se> 345 346 * kuser/kdecode_ticket.c: check return value from krb5_crypto_init 347 * kdc/kerberos5.c, kdc/524.c: check return value from krb5_crypto_init 348 * lib/krb5/*.c: check return value from krb5_crypto_init 349 350 2000-08-16 Assar Westerlund <assar@sics.se> 351 352 * Release 0.3b 353 354 2000-08-16 Assar Westerlund <assar@sics.se> 355 356 * lib/krb5/Makefile.am: bump version to 13:0:0 357 358 * lib/hdb/Makefile.am: set version to 6:1:0 359 360 * configure.in: do getmsg testing the same way as in krb4 361 362 * lib/krb5/config_file.c (krb5_config_parse_file_debug): make sure 363 of closing the file on error 364 365 * lib/krb5/crypto.c (encrypt_internal_derived): free the checksum 366 after use 367 368 * lib/krb5/warn.c (_warnerr): initialize args to make third, 369 purify et al happy 370 371 2000-08-13 Assar Westerlund <assar@sics.se> 372 373 * kdc/kerberos5.c: re-write search for keys code. loop over all 374 supported enctypes in order, looping over all keys of each type, 375 and picking the one with the v5 default salt preferably 376 377 2000-08-10 Assar Westerlund <assar@sics.se> 378 379 * appl/test/gss_common.c (enet_read): add and use 380 * lib/krb5/krb5.h (heimdal_version, heimdal_long_version): make 381 const 382 383 * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): add comment on 384 checksum type selection 385 386 * lib/krb5/context.c (krb5_init_context): do not leak memory on 387 failure 388 (default_etypes): prefer arcfour-hmac-md5 to des-cbc-md5 389 390 * lib/krb5/principal.c: add fnmatch.h 391 392 2000-08-09 Assar Westerlund <assar@sics.se> 393 394 * configure.in: call AC_PROG_CC and AC_PROG_CPP to make sure later 395 checks that should require them don't fail 396 * acconfig.h: add HAVE_UINT17_T 397 398 2000-08-09 Johan Danielsson <joda@pdc.kth.se> 399 400 * kdc/mit_dump.c: handle all sorts of weird MIT salt types 401 402 2000-08-08 Johan Danielsson <joda@pdc.kth.se> 403 404 * doc/setup.texi: port 212 -> 2121 405 406 * lib/krb5/principal.c: krb5_principal_match 407 408 2000-08-04 Johan Danielsson <joda@pdc.kth.se> 409 410 * lib/asn1/der_get.c: add comment on *why* DCE sometimes used BER 411 encoding 412 413 * kpasswd/Makefile.am: link with pidfile library 414 415 * kpasswd/kpasswdd.c: write a pid file 416 417 * kpasswd/kpasswd_locl.h: util.h 418 419 * kdc/Makefile.am: link with pidfile library 420 421 * kdc/main.c: write a pid file 422 423 * kdc/headers.h: util.h 424 425 2000-08-04 Assar Westerlund <assar@sics.se> 426 427 * lib/krb5/principal.c (krb5_425_conv_principal_ext): always put 428 hostnames in lower case 429 (default_v4_name_convert): add imap 430 431 2000-08-03 Assar Westerlund <assar@sics.se> 432 433 * lib/krb5/crc.c (_krb5_crc_update): const-ize (finally) 434 435 2000-07-31 Johan Danielsson <joda@pdc.kth.se> 436 437 * configure.in: check for uint*_t 438 * include/bits.c: define uint*_t 439 440 2000-07-29 Assar Westerlund <assar@sics.se> 441 442 * kdc/kerberos5.c (check_tgs_flags): set endtime correctly when 443 renewing, From Derrick J Brashear <shadow@dementia.org> 444 445 2000-07-28 Assar Westerlund <assar@juguete.sics.se> 446 447 * Release 0.3a 448 449 2000-07-27 Assar Westerlund <assar@sics.se> 450 451 * kdc/hprop.c (dump_database): write an empty message to signal 452 end of dump 453 454 2000-07-26 Assar Westerlund <assar@sics.se> 455 456 * lib/krb5/changepw.c (krb5_change_password): try to be more 457 careful when not to resend 458 459 * lib/hdb/db3.c: always create a cursor with db3. From Derrick J 460 Brashear <shadow@dementia.org> 461 462 2000-07-25 Johan Danielsson <joda@pdc.kth.se> 463 464 * lib/hdb/Makefile.am: bump version to 6:0:0 465 466 * lib/asn1/Makefile.am: bump version to 3:0:1 467 468 * lib/krb5/Makefile.am: bump version to 12:0:1 469 470 * lib/krb5/krb5_config.3: manpage 471 472 * lib/krb5/krb5_appdefault.3: manpage 473 474 * lib/krb5/appdefault.c: implementation of the krb5_appdefault set 475 of functions 476 477 2000-07-23 Assar Westerlund <assar@sics.se> 478 479 * lib/krb5/init_creds_pw.c (change_password): reset forwardable 480 and proxiable. copy preauthentication list correctly from 481 supplied options 482 483 * kdc/hpropd.c (main): check that the ticket was for `hprop/' for 484 paranoid reasons 485 486 * lib/krb5/sock_principal.c (krb5_sock_to_principal): look in 487 aliases for the real name 488 489 2000-07-22 Johan Danielsson <joda@pdc.kth.se> 490 491 * doc/setup.texi: say something about starting kadmind from the 492 command line 493 494 2000-07-22 Assar Westerlund <assar@sics.se> 495 496 * kpasswd/kpasswdd.c: use kadm5_s_chpass_principal_cond instead of 497 mis-doing it here 498 499 * lib/krb5/changepw.c (krb5_change_password): make timeout 1 + 500 2^{0,1,...}. also keep track if we got an old packet back and 501 then just wait without sending a new packet 502 * lib/krb5/changepw.c: use a datagram socket and remove the 503 sequence numbers 504 * lib/krb5/changepw.c (krb5_change_password): clarify an 505 expression, avoiding a warning 506 507 2000-07-22 Johan Danielsson <joda@pdc.kth.se> 508 509 * kuser/klist.c: make -a and -n aliases for -v 510 511 * lib/krb5/write_message.c: ws 512 513 * kdc/hprop-common.c: nuke extra definitions of 514 krb5_read_priv_message et.al 515 516 * lib/krb5/read_message.c (krb5_read_message): return error if EOF 517 518 2000-07-20 Assar Westerlund <assar@sics.se> 519 520 * kpasswd/kpasswd.c: print usage consistently 521 * kdc/hprop.h (HPROP_KEYTAB): use HDB for the keytab 522 * kdc/hpropd.c: add --keytab 523 * kdc/hpropd.c: don't care what principal we recvauth as 524 525 * lib/krb5/get_cred.c: be more careful of not returning creds at 526 all when an error is returned 527 * lib/krb5/fcache.c (fcc_gen_new): do mkstemp correctly 528 529 2000-07-19 Johan Danielsson <joda@pdc.kth.se> 530 531 * fix-export: use autoreconf 532 533 * configure.in: remove stuff that belong in roken, and remove some 534 obsolete constructs 535 536 2000-07-18 Johan Danielsson <joda@pdc.kth.se> 537 538 * configure.in: fix some typos 539 540 * appl/Makefile.am: dceutil*s* 541 542 * missing: update to missing from automake 1.4a 543 544 2000-07-17 Johan Danielsson <joda@pdc.kth.se> 545 546 * configure.in: try to get xlc flags from ibmcxx.cfg use 547 conditional for X use readline cf macro 548 549 * configure.in: subst AIX compiler flags 550 551 2000-07-15 Johan Danielsson <joda@pdc.kth.se> 552 553 * configure.in: pass sixth parameter to test-package; use some 554 newer autoconf constructs 555 556 * ltmain.sh: update to libtool 1.3c 557 558 * ltconfig: update to libtool 1.3c 559 560 * configure.in: update this to newer auto*/libtool 561 562 * appl/Makefile.am: use conditional for dce 563 564 * lib/Makefile.am: use conditional for dce 565 566 2000-07-11 Johan Danielsson <joda@pdc.kth.se> 567 568 * lib/krb5/write_message.c: krb5_write_{priv,save}_message 569 * lib/krb5/read_message.c: krb5_read_{priv,save}_message 570 * lib/krb5/convert_creds.c: try port kerberos/88 if no response on 571 krb524/4444 572 573 * lib/krb5/convert_creds.c: use krb5_sendto 574 575 * lib/krb5/send_to_kdc.c: add more generic krb5_sendto that send 576 to a port at arbitrary list of hosts 577 578 2000-07-10 Johan Danielsson <joda@pdc.kth.se> 579 580 * doc/misc.texi: language; say something about kadmin del_enctype 581 582 2000-07-10 Assar Westerlund <assar@sics.se> 583 584 * appl/kf/Makefile.am: actually install 585 586 2000-07-08 Assar Westerlund <assar@sics.se> 587 588 * configure.in (AM_INIT_AUTOMAKE): bump to 0.3a-pre 589 (AC_ROKEN): roken is now at 10 590 591 * lib/krb5/string-to-key-test.c: add a arcfour-hmac-md5 test case 592 * kdc/Makefile.am (INCLUDES): add ../lib/krb5 593 * configure.in: update for standalone roken 594 * lib/Makefile.am (SUBDIRS): make roken conditional 595 * kdc/hprop.c: update to new hdb_seal_keys_mkey 596 * lib/hdb/mkey.c (_hdb_unseal_keys_int, _hdb_seal_keys_int): 597 rename and export them 598 599 * kdc/headers.h: add krb5_locl.h (since we just use some stuff 600 from there) 601 602 2000-07-08 Johan Danielsson <joda@pdc.kth.se> 603 604 * kuser/klist.1: update for -f and add some more text for -v 605 606 * kuser/klist.c: use rtbl to format cred listing, add -f and -s 607 608 * lib/krb5/crypto.c: fix type in des3-cbc-none 609 610 * lib/hdb/mkey.c: add key usage 611 612 * kdc/kstash.c: remove writing of old keyfile, and treat 613 --convert-file as just reading and writing the keyfile without 614 asking for a new key 615 616 * lib/hdb/mkey.c (read_master_encryptionkey): handle old keytype 617 based files, and convert the key to cfb64 618 619 * lib/hdb/mkey.c (hdb_read_master_key): set mkey to NULL before 620 doing anything else 621 622 * lib/krb5/send_to_kdc.c: use krb5_eai_to_heim_errno 623 624 * lib/krb5/get_for_creds.c: use krb5_eai_to_heim_errno 625 626 * lib/krb5/changepw.c: use krb5_eai_to_heim_errno 627 628 * lib/krb5/addr_families.c: use krb5_eai_to_heim_errno 629 630 * lib/krb5/eai_to_heim_errno.c: convert getaddrinfo error codes to 631 something that can be passed to get_err_text 632 633 2000-07-07 Assar Westerlund <assar@sics.se> 634 635 * lib/hdb/hdb.c (hdb_next_enctype2key): make sure of skipping 636 `*key' 637 638 * kdc/kerberos4.c (get_des_key): rewrite some, be more careful 639 640 2000-07-06 Assar Westerlund <assar@sics.se> 641 642 * kdc/kerberos5.c (as_rep): be careful as to now overflowing when 643 calculating the end of lifetime of a ticket. 644 645 * lib/krb5/context.c (default_etypes): add ETYPE_ARCFOUR_HMAC_MD5 646 647 * lib/hdb/db3.c: only use a cursor when needed, from Derrick J 648 Brashear <shadow@dementia.org> 649 650 * lib/krb5/crypto.c: introduce the `special' encryption methods 651 that are not like all other encryption methods and implement 652 arcfour-hmac-md5 653 654 2000-07-05 Johan Danielsson <joda@pdc.kth.se> 655 656 * kdc/mit_dump.c: set initial master key version number to 0 657 instead of 1; if we lated bump the mkvno we don't risk using the 658 wrong key to decrypt 659 660 * kdc/hprop.c: only get master key if we're actually going to use 661 it; enable reading of MIT krb5 dump files 662 663 * kdc/mit_dump.c: read MIT krb5 dump files 664 665 * lib/hdb/mkey.c (read_master_mit): fix this 666 667 * kdc/kstash.c: make this work with the new mkey code 668 669 * lib/hdb/Makefile.am: add mkey.c, and bump version number 670 671 * lib/hdb/hdb.h: rewrite master key handling 672 673 * lib/hdb/mkey.c: rewrite master key handling 674 675 * lib/krb5/crypto.c: add some more pseudo crypto types 676 677 * lib/krb5/krb5.h: change some funny etypes to use negative 678 numbers, and add some more 679 680 2000-07-04 Assar Westerlund <assar@sics.se> 681 682 * lib/krb5/krbhst.c (get_krbhst): only try SRV lookup if there are 683 none in the configuration file 684 685 2000-07-02 Assar Westerlund <assar@sics.se> 686 687 * lib/krb5/keytab_keyfile.c (akf_add_entry): remove unused 688 variable 689 690 * kpasswd/kpasswd-generator.c: new test program 691 * kpasswd/Makefile.am: add kpasswd-generator 692 693 * include/Makefile.am (CLEANFILES): add rc4.h 694 695 * kuser/generate-requests.c: new test program 696 * kuser/Makefile.am (noinst_PROGRAMS): add generate-requests 697 698 2000-07-01 Assar Westerlund <assar@sics.se> 699 700 * configure.in: add --enable-dce and related stuff 701 * appl/Makefile.am (SUBDIRS): add $(APPL_dce) 702 703 2000-06-29 Assar Westerlund <assar@sics.se> 704 705 * kdc/kerberos4.c (get_des_key): fix thinkos/typos 706 707 2000-06-29 Johan Danielsson <joda@pdc.kth.se> 708 709 * admin/purge.c: use parse_time to parse age 710 711 * lib/krb5/log.c (krb5_vlog_msg): use krb5_format_time 712 713 * admin/list.c: add printing of timestamp and key data; some 714 cleanup 715 716 * lib/krb5/time.c (krb5_format_time): new function to format time 717 718 * lib/krb5/context.c (init_context_from_config_file): init 719 date_fmt, also do some cleanup 720 721 * lib/krb5/krb5.h: add date_fmt to context 722 723 2000-06-28 Johan Danielsson <joda@pdc.kth.se> 724 725 * kdc/{kerberos4,kaserver,524}.c (get_des_key): change to return 726 v4 or afs keys if possible 727 728 2000-06-25 Johan Danielsson <joda@pdc.kth.se> 729 730 * kdc/hprop.c (ka_convert): allow using null salt, and treat 0 731 pw_expire as never (from Derrick Brashear) 732 733 2000-06-24 Johan Danielsson <joda@pdc.kth.se> 734 735 * kdc/connect.c (add_standard_ports): only listen to port 750 if 736 serving v4 requests 737 738 2000-06-22 Assar Westerlund <assar@sics.se> 739 740 * lib/asn1/lex.l: fix includes, and lex stuff 741 * lib/asn1/lex.h (error_message): update prototype 742 (yylex): add 743 * lib/asn1/gen_length.c (length_type): fail on malloc error 744 * lib/asn1/gen_decode.c (decode_type): fail on malloc error 745 746 2000-06-21 Assar Westerlund <assar@sics.se> 747 748 * lib/krb5/get_for_creds.c: be more compatible with MIT code. 749 From Daniel Kouril <kouril@ics.muni.cz> 750 * lib/krb5/rd_cred.c: be more compatible with MIT code. From 751 Daniel Kouril <kouril@ics.muni.cz> 752 * kdc/kerberos5.c (get_pa_etype_info): do not set salttype if it's 753 vanilla pw-salt, that keeps win2k happy. also do the malloc check 754 correctly. From Daniel Kouril <kouril@ics.muni.cz> 755 756 2000-06-21 Johan Danielsson <joda@pdc.kth.se> 757 758 * kdc/hprop.c: add hdb keytabs 759 760 2000-06-20 Johan Danielsson <joda@pdc.kth.se> 761 762 * lib/krb5/principal.c: back out rev. 1.64 763 764 2000-06-19 Johan Danielsson <joda@pdc.kth.se> 765 766 * kdc/kerberos5.c: pa_* -> KRB5_PADATA_* 767 768 * kdc/hpropd.c: add realm override flag 769 770 * kdc/v4_dump.c: code for reading krb4 dump files 771 772 * kdc/hprop.c: generalize source database handing, add support for 773 non-standard local realms (from by Daniel Kouril 774 <kouril@ics.muni.cz> and Miroslav Ruda <ruda@ics.muni.cz>), and 775 support for using different ports (requested by the Czechs, but 776 implemented differently) 777 778 * lib/krb5/get_cred.c: pa_* -> KRB5_PADATA_* 779 780 * lib/krb5/get_in_tkt.c: pa_* -> KRB5_PADATA_* 781 782 * lib/krb5/krb5.h: use some definitions from asn1.h 783 784 * lib/hdb/hdb.asn1: use new import syntax 785 786 * lib/asn1/k5.asn1: use distinguished value integers 787 788 * lib/asn1/gen_length.c: support for distinguished value integers 789 790 * lib/asn1/gen_encode.c: support for distinguished value integers 791 792 * lib/asn1/gen_decode.c: support for distinguished value integers 793 794 * lib/asn1/gen.c: support for distinguished value integers 795 796 * lib/asn1/lex.l: add support for more standards like import 797 statements 798 799 * lib/asn1/parse.y: add support for more standards like import 800 statements, and distinguished value integers 801 802 2000-06-11 Assar Westerlund <assar@sics.se> 803 804 * lib/krb5/get_for_creds.c (add_addrs): ignore addresses of 805 unknown type 806 * lib/krb5/get_for_creds.c (add_addrs): zero memory before 807 starting to copy memory 808 809 2000-06-10 Assar Westerlund <assar@sics.se> 810 811 * lib/krb5/test_get_addrs.c: test program for get_addrs 812 * lib/krb5/get_addrs.c (find_all_addresses): remember to add in 813 the size of ifr->ifr_name when using SA_LEN. noticed by Ken 814 Raeburn <raeburn@MIT.EDU> 815 816 2000-06-07 Assar Westerlund <assar@sics.se> 817 818 * configure.in: add db3 detection stuff do not use streamsptys on 819 HP-UX 11 820 * lib/hdb/hdb.h (HDB): add dbc for db3 821 * kdc/connect.c (add_standard_ports): also listen on krb524 aka 822 4444 823 * etc/services.append (krb524): add 824 * lib/hdb/db3.c: add berkeley db3 interface. contributed by 825 Derrick J Brashear <shadow@dementia.org> 826 * lib/hdb/hdb.h (struct HDB): add 827 828 2000-06-07 Johan Danielsson <joda@pdc.kth.se> 829 830 * kdc/524.c: if 524 is not enabled, just generate error reply and 831 exit 832 833 * kdc/kerberos4.c: if v4 is not enabled, just generate error reply 834 and exit 835 836 * kdc/connect.c: only listen to port 4444 if 524 is enabled 837 838 * kdc/config.c: add options to enable/disable v4 and 524 requests 839 840 2000-06-06 Johan Danielsson <joda@pdc.kth.se> 841 842 * kdc/524.c: handle non-existant server principals (from Daniel 843 Kouril) 844 845 2000-06-03 Assar Westerlund <assar@sics.se> 846 847 * admin/ktutil.c: print name when failing to open keytab 848 849 * kuser/kinit.c: try also to fallback to v4 when no KDC is found 850 851 2000-05-28 Assar Westerlund <assar@sics.se> 852 853 * kuser/klist.c: continue even we have no v5 ccache. make showing 854 your krb4 tickets the default (if build with krb4 support) 855 * kuser/kinit.c: add a fallback that tries to get a v4 ticket if 856 built with krb4 support and we got back a version error from the 857 KDC 858 859 2000-05-23 Johan Danielsson <joda@pdc.kth.se> 860 861 * lib/krb5/keytab_keyfile.c: make this actually work 862 863 2000-05-19 Assar Westerlund <assar@sics.se> 864 865 * lib/krb5/store_emem.c (emem_store): make it write-compatible 866 * lib/krb5/store_fd.c (fd_store): make it write-compatible 867 * lib/krb5/store_mem.c (mem_store): make it write-compatible 868 * lib/krb5/krb5.h (krb5_storage): make store write-compatible 869 870 2000-05-18 Assar Westerlund <assar@sics.se> 871 872 * configure.in: add stdio.h in dbopen test 873 874 2000-05-16 Assar Westerlund <assar@assaris.sics.se> 875 876 * Release 0.2t 877 878 2000-05-16 Assar Westerlund <assar@sics.se> 879 880 * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): set version to 11:1:0 881 * lib/krb5/fcache.c: fix second lseek 882 * lib/krb5/principal.c (krb5_524_conv_principal): fix typo 883 884 2000-05-15 Assar Westerlund <assar@sics.se> 885 886 * Release 0.2s 887 888 2000-05-15 Assar Westerlund <assar@sics.se> 889 890 * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): set version to 11:0:0 891 * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): set version to 4:2:1 892 * lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump to 2:0:0 893 * lib/krb5/principal.c (krb5_524_conv_principal): comment-ize, and 894 simplify string copying 895 896 2000-05-12 Assar Westerlund <assar@sics.se> 897 898 * lib/krb5/fcache.c (scrub_file): new function 899 (erase_file): re-write, use scrub_file 900 * lib/krb5/krb5.h (KRB5_DEFAULT_CCFILE_ROOT): add 901 902 * configure.in (dbopen): add header files 903 904 * lib/krb5/krb5.h (krb5_key_usage): add some more 905 * lib/krb5/fcache.c (erase_file): try to detect symlink games. 906 also call revoke. 907 * lib/krb5/changepw.c (krb5_change_password): remember to close 908 the socket on error 909 910 * kdc/main.c (main): also call sigterm on SIGTERM 911 912 2000-05-06 Assar Westerlund <assar@sics.se> 913 914 * lib/krb5/config_file.c (krb5_config_vget_string_default, 915 krb5_config_get_string_default): add 916 917 2000-04-25 Assar Westerlund <assar@sics.se> 918 919 * lib/krb5/fcache.c (fcc_initialize): just forget about 920 over-writing the old cred cache. it's too much of a hazzle trying 921 to do this safely. 922 923 2000-04-11 Assar Westerlund <assar@sics.se> 924 925 * lib/krb5/crypto.c (krb5_get_wrapped_length): rewrite into 926 different parts for the derived and non-derived cases 927 * lib/krb5/crypto.c (krb5_get_wrapped_length): the padding should 928 be done after having added confounder and checksum 929 930 2000-04-09 Assar Westerlund <assar@sics.se> 931 932 * lib/krb5/get_addrs.c (find_all_addresses): apperently solaris 933 can return EINVAL when the buffer is too small. cope. 934 * lib/asn1/Makefile.am (gen_files): add asn1_UNSIGNED.x 935 * lib/asn1/gen_locl.h (filename): add prototype 936 (init_generate): const-ize 937 * lib/asn1/gen.c (filename): new function clean-up a little bit. 938 * lib/asn1/parse.y: be more tolerant in ranges 939 * lib/asn1/lex.l: count lines correctly. 940 (error_message): print filename in messages 941 942 2000-04-08 Assar Westerlund <assar@sics.se> 943 944 * lib/krb5/rd_safe.c (krb5_rd_safe): increment sequence number 945 after comparing 946 * lib/krb5/rd_priv.c (krb5_rd_priv): increment sequence number 947 after comparing 948 * lib/krb5/mk_safe.c (krb5_mk_safe): make `tmp_seq' unsigned 949 * lib/krb5/mk_priv.c (krb5_mk_priv): make `tmp_seq' unsigned 950 * lib/krb5/generate_seq_number.c (krb5_generate_seq_number): make 951 `seqno' be unsigned 952 * lib/krb5/mk_safe.c (krb5_mk_safe): increment local sequence 953 number after the fact and only increment it if we were successful 954 * lib/krb5/mk_priv.c (krb5_mk_priv): increment local sequence 955 number after the fact and only increment it if we were successful 956 * lib/krb5/krb5.h (krb5_auth_context_data): make sequence number 957 unsigned 958 959 * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): 960 `in_tkt_service' can be NULL 961 962 2000-04-06 Assar Westerlund <assar@sics.se> 963 964 * lib/asn1/parse.y: regonize INTEGER (0..UNIT_MAX). 965 (DOTDOT): add 966 * lib/asn1/lex.l (DOTDOT): add 967 * lib/asn1/k5.asn1 (UNSIGNED): add. use UNSIGNED for all sequence 968 numbers. 969 * lib/asn1/gen_length.c (length_type): add TUInteger 970 * lib/asn1/gen_free.c (free_type): add TUInteger 971 * lib/asn1/gen_encode.c (encode_type, generate_type_encode): add 972 TUInteger 973 * lib/asn1/gen_decode.c (decode_type, generate_type_decode): add 974 TUInteger 975 * lib/asn1/gen_copy.c (copy_type): add TUInteger 976 * lib/asn1/gen.c (define_asn1): add TUInteger 977 * lib/asn1/der_put.c (encode_unsigned): add 978 * lib/asn1/der_length.c (length_unsigned): add 979 * lib/asn1/der_get.c (decode_unsigned): add 980 * lib/asn1/der.h (decode_unsigned, encode_unsigned, 981 length_unsigned): add prototypes 982 983 * lib/asn1/k5.asn1: update pre-authentication types 984 * lib/krb5/krb5_err.et: add some error codes from pkinit 985 986 2000-04-05 Assar Westerlund <assar@sics.se> 987 988 * lib/hdb/hdb.c: add support for hdb methods (aka back-ends). 989 include ldap. 990 * lib/hdb/hdb-ldap.c: tweak the ifdef to OPENLDAP 991 * lib/hdb/Makefile.am: add hdb-ldap.c and openldap 992 * kdc/Makefile.am, kpasswd/Makefile.am, kadmin/Makefile.am: add 993 * configure.in: bump version to 0.2s-pre add options and testing 994 for (open)ldap 995 996 2000-04-04 Assar Westerlund <assar@sics.se> 997 998 * configure.in (krb4): fix the krb_mk_req test 999 1000 2000-04-03 Assar Westerlund <assar@sics.se> 1001 1002 * configure.in (krb4): add test for const arguments to krb_mk_req 1003 * lib/45/mk_req.c (krb_mk_req): conditionalize const-ness of 1004 arguments 1005 1006 2000-04-03 Assar Westerlund <assar@sics.se> 1007 1008 * Release 0.2r 1009 1010 2000-04-03 Assar Westerlund <assar@sics.se> 1011 1012 * lib/krb5/Makefile.am: set version to 10:0:0 1013 * lib/45/mk_req.c (krb_mk_req): const-ize the arguments 1014 1015 2000-03-30 Assar Westerlund <assar@sics.se> 1016 1017 * lib/krb5/principal.c (krb5_425_conv_principal_ext): add some 1018 comments. add fall-back on adding the realm name in lower case. 1019 1020 2000-03-29 Assar Westerlund <assar@sics.se> 1021 1022 * kdc/connect.c: remember to repoint all descr->sa to _ss after 1023 realloc as this might have moved the memory around. problem 1024 discovered and diagnosed by Brandon S. Allbery 1025 1026 2000-03-27 Assar Westerlund <assar@sics.se> 1027 1028 * configure.in: recognize solaris 2.8 1029 * config.guess, config.sub: update to current version from 1030 :pserver:anoncvs@subversions.gnu.org:/home/cvs 1031 1032 * lib/krb5/init_creds_pw.c (print_expire): do not assume anything 1033 about the size of time_t, i.e. make it 64-bit happy 1034 1035 2000-03-13 Assar Westerlund <assar@sics.se> 1036 1037 * kuser/klist.c: add support for display v4 tickets 1038 1039 2000-03-11 Assar Westerlund <assar@sics.se> 1040 1041 * kdc/kaserver.c (do_authenticate, do_getticket): call check_flags 1042 * kdc/kerberos4.c (do_version4): call check_flags. 1043 * kdc/kerberos5.c (check_flags): make global 1044 1045 2000-03-10 Assar Westerlund <assar@sics.se> 1046 1047 * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): evil 1048 hack to avoid recursion 1049 1050 2000-03-04 Assar Westerlund <assar@sics.se> 1051 1052 * kuser/kinit.c: add `krb4_get_tickets' per realm. add --anonymous 1053 * lib/krb5/krb5.h (krb5_get_init_creds_opt): add `anonymous' and 1054 KRB5_GET_INIT_CREDS_OPT_ANONYMOUS 1055 * lib/krb5/init_creds_pw.c (get_init_creds_common): set 1056 request_anonymous flag appropriatly 1057 * lib/krb5/init_creds.c (krb5_get_init_creds_opt_set_anonymous): 1058 add 1059 1060 * lib/krb5/get_in_tkt.c (_krb5_extract_ticket): new parameter to 1061 determine whetever to ignore client name of not. always copy 1062 client name from kdc. fix callers. 1063 1064 * kdc: add support for anonymous tickets 1065 1066 * kdc/string2key.8: add man-page for string2key 1067 1068 2000-03-03 Assar Westerlund <assar@sics.se> 1069 1070 * kdc/hpropd.c (dump_krb4): get expiration date from `valid_end' 1071 and not `pw_end' 1072 1073 * kdc/kadb.h (ka_entry): fix name pw_end -> valid_end. add some 1074 more fields 1075 1076 * kdc/hprop.c (v4_prop): set the `valid_end' from the v4 1077 expiration date instead of the `pw_expire' 1078 (ka_convert): set `valid_end' from ka expiration data and `pw_expire' 1079 from pw_change + pw_expire 1080 (main): add a default database for ka dumping 1081 1082 2000-02-28 Assar Westerlund <assar@sics.se> 1083 1084 * lib/krb5/context.c (init_context_from_config_file): change 1085 rfc2052 default to no. 2782 says that underscore should be used. 1086 1087 2000-02-24 Assar Westerlund <assar@sics.se> 1088 1089 * lib/krb5/fcache.c (fcc_initialize, fcc_store_cred): verify that 1090 stores and close succeed 1091 * lib/krb5/store.c (krb5_store_creds): check to see that the 1092 stores are succesful. 1093 1094 2000-02-23 Assar Westerlund <assar@sics.se> 1095 1096 * Release 0.2q 1097 1098 2000-02-22 Assar Westerlund <assar@sics.se> 1099 1100 * lib/krb5/Makefile.am: set version to 9:2:0 1101 1102 * lib/krb5/expand_hostname.c (krb5_expand_hostname_realms): copy 1103 the correct hostname 1104 1105 * kdc/connect.c (add_new_tcp): use the correct entries in the 1106 descriptor table 1107 * kdc/connect.c: initialize `descr' uniformly and correctly 1108 1109 2000-02-20 Assar Westerlund <assar@sics.se> 1110 1111 * Release 0.2p 1112 1113 2000-02-19 Assar Westerlund <assar@sics.se> 1114 1115 * lib/krb5/Makefile.am: set version to 9:1:0 1116 1117 * lib/krb5/expand_hostname.c (krb5_expand_hostname): make sure 1118 that realms is filled in even when getaddrinfo fails or does not 1119 return any canonical name 1120 1121 * kdc/connect.c (descr): add sockaddr and string representation 1122 (*): re-write to use the above mentioned 1123 1124 2000-02-16 Assar Westerlund <assar@sics.se> 1125 1126 * lib/krb5/addr_families.c (krb5_parse_address): use 1127 krb5_sockaddr2address to copy the result from getaddrinfo. 1128 1129 2000-02-14 Assar Westerlund <assar@sics.se> 1130 1131 * Release 0.2o 1132 1133 2000-02-13 Assar Westerlund <assar@sics.se> 1134 1135 * lib/krb5/Makefile.am: set version to 9:0:0 1136 1137 * kdc/kaserver.c (do_authenticate): return the kvno of the server 1138 and not the client. Thanks to Brandon S. Allbery KF8NH 1139 <allbery@kf8nh.apk.net> and Chaskiel M Grundman 1140 <cg2v@andrew.cmu.edu> for debugging. 1141 1142 * kdc/kerberos4.c (do_version4): if an tgs-req is received with an 1143 old kvno, return an error reply and write a message in the log. 1144 1145 2000-02-12 Assar Westerlund <assar@sics.se> 1146 1147 * appl/test/gssapi_server.c (proto): with `--fork', create a child 1148 and send over/receive creds with export/import_sec_context 1149 * appl/test/gssapi_client.c (proto): with `--fork', create a child 1150 and send over/receive creds with export/import_sec_context 1151 * appl/test/common.c: add `--fork' / `-f' (only used by gssapi) 1152 1153 2000-02-11 Assar Westerlund <assar@sics.se> 1154 1155 * kdc/kdc_locl.h: remove keyfile add explicit_addresses 1156 * kdc/connect.c (init_sockets): pay attention to 1157 explicit_addresses some more comments. better error messages. 1158 * kdc/config.c: add some comments. 1159 remove --key-file. 1160 add --addresses. 1161 1162 * lib/krb5/context.c (krb5_set_extra_addresses): const-ize and use 1163 proper abstraction 1164 1165 2000-02-07 Johan Danielsson <joda@pdc.kth.se> 1166 1167 * lib/krb5/changepw.c: use roken_getaddrinfo_hostspec 1168 1169 2000-02-07 Assar Westerlund <assar@sics.se> 1170 1171 * Release 0.2n 1172 1173 2000-02-07 Assar Westerlund <assar@sics.se> 1174 1175 * lib/krb5/Makefile.am: set version to 8:0:0 1176 * lib/krb5/keytab.c (krb5_kt_default_name): use strlcpy 1177 (krb5_kt_add_entry): set timestamp 1178 1179 2000-02-06 Assar Westerlund <assar@sics.se> 1180 1181 * lib/krb5/krb5.h: add macros for accessing krb5_realm 1182 * lib/krb5/time.c (krb5_timeofday): use `krb5_timestamp' instead 1183 of `int32_t' 1184 1185 * lib/krb5/replay.c (checksum_authenticator): update to new API 1186 for md5 1187 1188 * lib/krb5/krb5.h: remove des.h, it's not needed and applications 1189 should not have to make sure to find it. 1190 1191 2000-02-03 Assar Westerlund <assar@sics.se> 1192 1193 * lib/krb5/rd_req.c (get_key_from_keytab): rename parameter to 1194 `out_key' to avoid conflicting with label. reported by Sean Doran 1195 <smd@ebone.net> 1196 1197 2000-02-02 Assar Westerlund <assar@sics.se> 1198 1199 * lib/krb5/expand_hostname.c: remember to lower-case host names. 1200 bug reported by <amu@mit.edu> 1201 1202 * kdc/kerberos4.c (do_version4): look at check_ticket_addresses 1203 and emulate that by setting krb_ignore_ip_address (not a great 1204 interface but it doesn't seem like the time to go around fixing 1205 libkrb stuff now) 1206 1207 2000-02-01 Johan Danielsson <joda@pdc.kth.se> 1208 1209 * kuser/kinit.c: change --noaddresses into --no-addresses 1210 1211 2000-01-28 Assar Westerlund <assar@sics.se> 1212 1213 * kpasswd/kpasswd.c (main): make sure the ticket is not 1214 forwardable and not proxiable 1215 1216 2000-01-26 Assar Westerlund <assar@sics.se> 1217 1218 * lib/krb5/crypto.c: update to pseudo-standard APIs for 1219 md4,md5,sha. some changes to libdes calls to make them more 1220 portable. 1221 1222 2000-01-21 Assar Westerlund <assar@sics.se> 1223 1224 * lib/krb5/verify_init.c (krb5_verify_init_creds): make sure to 1225 clean up the correct creds. 1226 1227 2000-01-16 Assar Westerlund <assar@sics.se> 1228 1229 * lib/krb5/principal.c (append_component): change parameter to 1230 `const char *'. check malloc 1231 * lib/krb5/principal.c (append_component, va_ext_princ, va_princ): 1232 const-ize 1233 * lib/krb5/mk_req.c (krb5_mk_req): make `service' and `hostname' 1234 const 1235 * lib/krb5/principal.c (replace_chars): also add space here 1236 * lib/krb5/principal.c: (quotable_chars): add space 1237 1238 2000-01-12 Assar Westerlund <assar@sics.se> 1239 1240 * kdc/kerberos4.c (do_version4): check if preauth was required and 1241 bail-out if so since there's no way that could be done in v4. 1242 Return NULL_KEY as an error to the client (which is non-obvious, 1243 but what can you do?) 1244 1245 2000-01-09 Assar Westerlund <assar@sics.se> 1246 1247 * lib/krb5/principal.c (krb5_sname_to_principal): use 1248 krb5_expand_hostname_realms 1249 * lib/krb5/mk_req.c (krb5_km_req): use krb5_expand_hostname_realms 1250 * lib/krb5/expand_hostname.c (krb5_expand_hostname_realms): new 1251 variant of krb5_expand_hostname that tries until it expands into 1252 something that's digestable by krb5_get_host_realm, returning also 1253 the result from that function. 1254 1255 2000-01-08 Assar Westerlund <assar@sics.se> 1256 1257 * Release 0.2m 1258 1259 2000-01-08 Assar Westerlund <assar@sics.se> 1260 1261 * configure.in: replace AC_C_BIGENDIAN with KRB_C_BIGENDIAN 1262 1263 * lib/krb5/Makefile.am: bump version to 7:1:0 1264 1265 * lib/krb5/principal.c (krb5_sname_to_principal): use 1266 krb5_expand_hostname 1267 * lib/krb5/expand_hostname.c (krb5_expand_hostname): handle 1268 ai_canonname being set in any of the addresses returnedby 1269 getaddrinfo. glibc apparently returns the reverse lookup of every 1270 address in ai_canonname. 1271 1272 2000-01-06 Assar Westerlund <assar@sics.se> 1273 1274 * Release 0.2l 1275 1276 2000-01-06 Assar Westerlund <assar@sics.se> 1277 1278 * lib/krb5/Makefile.am: set version to 7:0:0 1279 * lib/krb5/principal.c (krb5_sname_to_principal): remove `hp' 1280 1281 * lib/hdb/Makefile.am: set version to 4:1:1 1282 1283 * kdc/hpropd.c (dump_krb4): use `krb5_get_default_realms' 1284 * lib/krb5/get_in_tkt.c (add_padata): change types to make 1285 everything work out 1286 (krb5_get_in_cred): remove const to make types match 1287 * lib/krb5/crypto.c (ARCFOUR_string_to_key): correct signature 1288 * lib/krb5/principal.c (krb5_sname_to_principal): handle not 1289 getting back a canonname 1290 1291 2000-01-06 Assar Westerlund <assar@sics.se> 1292 1293 * Release 0.2k 1294 1295 2000-01-06 Assar Westerlund <assar@sics.se> 1296 1297 * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): advance colon so that 1298 we actually parse the port number. based on a patch from Leif 1299 Johansson <leifj@it.su.se> 1300 1301 2000-01-02 Assar Westerlund <assar@sics.se> 1302 1303 * admin/purge.c: remove all non-current and old entries from a 1304 keytab 1305 1306 * admin: break up ktutil.c into files 1307 1308 * admin/ktutil.c (list): support --verbose (also listning time 1309 stamps) 1310 (kt_add, kt_get): set timestamp in newly created entries 1311 (kt_change): add `change' command 1312 1313 * admin/srvconvert.c (srvconv): set timestamp in newly created 1314 entries 1315 * lib/krb5/keytab_keyfile.c (akf_next_entry): set timetsamp, 1316 always go the a predicatble position on error 1317 * lib/krb5/keytab.c (krb5_kt_copy_entry_contents): copy timestamp 1318 * lib/krb5/keytab_file.c (fkt_add_entry): store timestamp 1319 (fkt_next_entry_int): return timestamp 1320 * lib/krb5/krb5.h (krb5_keytab_entry): add timestamp