ChangeLog.2003 (178826) | ChangeLog.2003 (233294) |
---|---|
12003-12-19 Love H�rnquist �strand <lha@it.su.se> | 12003-12-19 Love H��rnquist ��strand <lha@it.su.se> |
2 3 * lib/krb5/error_string.c: protect error_string with mutex 4 5 * lib/krb5/context.c: allocate and destroy mutex in krb5_context 6 7 * lib/krb5/krb5.h (krb5_context_data): add mutex for error_string 8 | 2 3 * lib/krb5/error_string.c: protect error_string with mutex 4 5 * lib/krb5/context.c: allocate and destroy mutex in krb5_context 6 7 * lib/krb5/krb5.h (krb5_context_data): add mutex for error_string 8 |
92003-12-18 Love H�rnquist �strand <lha@it.su.se> | 92003-12-18 Love H��rnquist ��strand <lha@it.su.se> |
10 11 * kuser/kinit.c: make -9 work again 12 | 10 11 * kuser/kinit.c: make -9 work again 12 |
132003-12-17 Love H�rnquist �strand <lha@it.su.se> | 132003-12-17 Love H��rnquist ��strand <lha@it.su.se> |
14 15 * lib/krb5/init_creds_pw.c: try handle ts preauth better, still 16 not good, but at least it work with older heimdal releases that 17 doesn't send back KRB5KDC_ERR_PREAUTH_REQUIRED when preauth was 18 sent 19 | 14 15 * lib/krb5/init_creds_pw.c: try handle ts preauth better, still 16 not good, but at least it work with older heimdal releases that 17 doesn't send back KRB5KDC_ERR_PREAUTH_REQUIRED when preauth was 18 sent 19 |
202003-12-16 Love H�rnquist �strand <lha@it.su.se> | 202003-12-16 Love H��rnquist ��strand <lha@it.su.se> |
21 22 * lib/hdb/hdb.asn1: remove enforce-transited-policy, its no longer 23 used 24 | 21 22 * lib/hdb/hdb.asn1: remove enforce-transited-policy, its no longer 23 used 24 |
252003-12-11 Love H�rnquist �strand <lha@it.su.se> | 252003-12-11 Love H��rnquist ��strand <lha@it.su.se> |
26 27 * lib/krb5/pkinit.c (_krb5_pk_create_sign): fill in NULL as 28 parameters, required by CMS 29 | 26 27 * lib/krb5/pkinit.c (_krb5_pk_create_sign): fill in NULL as 28 parameters, required by CMS 29 |
302003-12-07 Love H�rnquist �strand <lha@it.su.se> | 302003-12-07 Love H��rnquist ��strand <lha@it.su.se> |
31 32 * lib/krb5/get_in_tkt_with_keytab.c (krb5_get_in_tkt_with_keytab): 33 avoid memory leak that snuck in when krb5_keytab_key_proc was 34 exported, pointed out by Panases Inc 35 36 * lib/krb5/keytab_file.c: do locking, found to be a problem for 37 Panasas Inc 38 --- 5 unchanged lines hidden (view full) --- 44 krb-cred 45 46 * lib/krb5/krb5_auth_context.3: some text about 47 krb5_auth_con_{add,remove}flags 48 49 * lib/krb5/auth_context.c: add krb5_auth_con_addflags and 50 krb5_auth_con_removeflags 51 | 31 32 * lib/krb5/get_in_tkt_with_keytab.c (krb5_get_in_tkt_with_keytab): 33 avoid memory leak that snuck in when krb5_keytab_key_proc was 34 exported, pointed out by Panases Inc 35 36 * lib/krb5/keytab_file.c: do locking, found to be a problem for 37 Panasas Inc 38 --- 5 unchanged lines hidden (view full) --- 44 krb-cred 45 46 * lib/krb5/krb5_auth_context.3: some text about 47 krb5_auth_con_{add,remove}flags 48 49 * lib/krb5/auth_context.c: add krb5_auth_con_addflags and 50 krb5_auth_con_removeflags 51 |
522003-12-03 Love H�rnquist �strand <lha@it.su.se> | 522003-12-03 Love H��rnquist ��strand <lha@it.su.se> |
53 54 * lib/krb5/crypto.c (decrypt_internal_derived): move up padsize to 55 avoid memory leak 56 | 53 54 * lib/krb5/crypto.c (decrypt_internal_derived): move up padsize to 55 avoid memory leak 56 |
572003-12-02 Love H�rnquist �strand <lha@it.su.se> | 572003-12-02 Love H��rnquist ��strand <lha@it.su.se> |
58 59 * lib/krb5/crypto.c: require cipher-text to be padded to padsize 60 61 * lib/krb5/eai_to_heim_errno.c: EAI_ADDRFAMILY and EAI_NODATA is 62 deprecated in RFC3493 63 64 * lib/krb5/verify_krb5_conf.c (check_host): don't check for 65 EAI_NODATA, because its depricated in RFC3493 Pointed out by 66 Hajimu UMEMOTO <ume@mahoroba.org> on heimdal-discuss 67 | 58 59 * lib/krb5/crypto.c: require cipher-text to be padded to padsize 60 61 * lib/krb5/eai_to_heim_errno.c: EAI_ADDRFAMILY and EAI_NODATA is 62 deprecated in RFC3493 63 64 * lib/krb5/verify_krb5_conf.c (check_host): don't check for 65 EAI_NODATA, because its depricated in RFC3493 Pointed out by 66 Hajimu UMEMOTO <ume@mahoroba.org> on heimdal-discuss 67 |
682003-12-01 Love H�rnquist �strand <lha@it.su.se> | 682003-12-01 Love H��rnquist ��strand <lha@it.su.se> |
69 70 * lib/krb5/Makefile.am: move test_crypto to noinst_PROGRAMS 71 72 * lib/krb5/test_crypto.c: add --version,--help 73 74 * kuser/kinit.c (main): return the return value from simple_execvp 75 | 69 70 * lib/krb5/Makefile.am: move test_crypto to noinst_PROGRAMS 71 72 * lib/krb5/test_crypto.c: add --version,--help 73 74 * kuser/kinit.c (main): return the return value from simple_execvp 75 |
762003-11-26 Love H�rnquist �strand <lha@it.su.se> | 762003-11-26 Love H��rnquist ��strand <lha@it.su.se> |
77 78 * kuser/kinit.c: don't use PKINIT DH per default since its too 79 slow 80 81 * lib/krb5/pkinit.c: tweek to make pkinit work with the fact the 82 asn1_compile can't generate code for context tagless optionals 83 84 * kdc/pkinit.c: add support for KDC side of DH PKINIT 85 86 * lib/krb5/pkinit.c: clean up error handling, make enc-type work 87 again 88 | 77 78 * kuser/kinit.c: don't use PKINIT DH per default since its too 79 slow 80 81 * lib/krb5/pkinit.c: tweek to make pkinit work with the fact the 82 asn1_compile can't generate code for context tagless optionals 83 84 * kdc/pkinit.c: add support for KDC side of DH PKINIT 85 86 * lib/krb5/pkinit.c: clean up error handling, make enc-type work 87 again 88 |
892003-11-25 Love H�rnquist �strand <lha@it.su.se> | 892003-11-25 Love H��rnquist ��strand <lha@it.su.se> |
90 91 * kuser/kinit.c: add flag to make it work with pkinit dh 92 93 * lib/krb5/pkinit.c: make PKINIT DH support work 94 | 90 91 * kuser/kinit.c: add flag to make it work with pkinit dh 92 93 * lib/krb5/pkinit.c: make PKINIT DH support work 94 |
952003-11-24 Love H�rnquist �strand <lha@it.su.se> | 952003-11-24 Love H��rnquist ��strand <lha@it.su.se> |
96 97 * lib/hdb/Makefile.am (LDADD): link with LIB_dlopen 98 99 * kdc/pkinit.c: clean up 100 101 * lib/krb5/krb5.h: make pkinit_win2k_compatible into a flag field 102 103 * lib/krb5/pkinit.c: remove most compile depencies clean up --- 10 unchanged lines hidden (view full) --- 114 * kdc/pkinit.c: PKINIT patch from Daniel Kouril and Petr Holub, I 115 removed the dependency on valicert asn1 parser, remove smartcard 116 and globus support (for now). Work to be done on this: DH support, 117 Globus support, Smartcard support, windows support (MS implements 118 -09 of the draft), make it conform to the new draft 119 120 * lib/krb5/pkinit.c: fix bugs, improve error reporting 121 | 96 97 * lib/hdb/Makefile.am (LDADD): link with LIB_dlopen 98 99 * kdc/pkinit.c: clean up 100 101 * lib/krb5/krb5.h: make pkinit_win2k_compatible into a flag field 102 103 * lib/krb5/pkinit.c: remove most compile depencies clean up --- 10 unchanged lines hidden (view full) --- 114 * kdc/pkinit.c: PKINIT patch from Daniel Kouril and Petr Holub, I 115 removed the dependency on valicert asn1 parser, remove smartcard 116 and globus support (for now). Work to be done on this: DH support, 117 Globus support, Smartcard support, windows support (MS implements 118 -09 of the draft), make it conform to the new draft 119 120 * lib/krb5/pkinit.c: fix bugs, improve error reporting 121 |
1222003-11-23 Love H�rnquist �strand <lha@it.su.se> | 1222003-11-23 Love H��rnquist ��strand <lha@it.su.se> |
123 124 * kuser/kinit.c: add some "struct foo;" glue for pkinit 125 structures that isn't used 126 127 * lib/krb5/pkinit.c: clean up, make remove depenency on openssl's 128 api 129 130 * lib/krb5/krb5_locl.h: add some glue for pkinit add reference 131 counter to _krb5_get_init_creds_opt_private 132 133 * lib/krb5/init_creds.c: reference count krb5_get_init_creds_opt 134 private component to avoid copy all the data in it 135 136 * lib/krb5/crypto.c (AES_string_to_key): fix memory leak 137 138 * lib/krb5/init_creds_pw.c (init_cred_loop): fix memory leak 139 140 * lib/krb5/heim_threads.h: include pthread.h in the pthread case 141 | 123 124 * kuser/kinit.c: add some "struct foo;" glue for pkinit 125 structures that isn't used 126 127 * lib/krb5/pkinit.c: clean up, make remove depenency on openssl's 128 api 129 130 * lib/krb5/krb5_locl.h: add some glue for pkinit add reference 131 counter to _krb5_get_init_creds_opt_private 132 133 * lib/krb5/init_creds.c: reference count krb5_get_init_creds_opt 134 private component to avoid copy all the data in it 135 136 * lib/krb5/crypto.c (AES_string_to_key): fix memory leak 137 138 * lib/krb5/init_creds_pw.c (init_cred_loop): fix memory leak 139 140 * lib/krb5/heim_threads.h: include pthread.h in the pthread case 141 |
1422003-11-18 Love H�rnquist �strand <lha@it.su.se> | 1422003-11-18 Love H��rnquist ��strand <lha@it.su.se> |
143 144 * kpasswd/kpasswdd.c (main): parse kdc.conf 145 From: Jeffrey Hutzelman <jhutz@cmu.edu> 146 | 143 144 * kpasswd/kpasswdd.c (main): parse kdc.conf 145 From: Jeffrey Hutzelman <jhutz@cmu.edu> 146 |
1472003-11-15 Love H�rnquist �strand <lha@it.su.se> | 1472003-11-15 Love H��rnquist ��strand <lha@it.su.se> |
148 149 * lib/krb5/Makefile.am (TESTS): add test_crypto 150 151 * lib/krb5/test_crypto.c: time crypto operations 152 | 148 149 * lib/krb5/Makefile.am (TESTS): add test_crypto 150 151 * lib/krb5/test_crypto.c: time crypto operations 152 |
1532003-11-14 Love H�rnquist �strand <lha@it.su.se> | 1532003-11-14 Love H��rnquist ��strand <lha@it.su.se> |
154 155 * doc/init-creds: spelling, Bruno Rohee <bruno@rohee.com> 156 | 154 155 * doc/init-creds: spelling, Bruno Rohee <bruno@rohee.com> 156 |
1572003-11-09 Love H�rnquist �strand <lha@it.su.se> | 1572003-11-09 Love H��rnquist ��strand <lha@it.su.se> |
158 159 * lib/krb5/rd_req.c (krb5_verify_ap_req2): krb5_free_ticket free 160 the ticket now, rewrite error handling to handle that 161 162 * kpasswd/kpasswdd.c (process): don't free ticket, 163 krb5_free_ticket does that now 164 165 * kdc/kerberos5.c (tgs_rep2): don't free ticket, krb5_free_ticket 166 does that now 167 168 * lib/krb5/ticket.c (krb5_free_ticket): free the ticket itself to 169 match mit behavior, pointed out by Derrick Brashear 170 171 * lib/krb5/krb5_ticket.3: krb5_free_ticket free the whole ticket 172 | 158 159 * lib/krb5/rd_req.c (krb5_verify_ap_req2): krb5_free_ticket free 160 the ticket now, rewrite error handling to handle that 161 162 * kpasswd/kpasswdd.c (process): don't free ticket, 163 krb5_free_ticket does that now 164 165 * kdc/kerberos5.c (tgs_rep2): don't free ticket, krb5_free_ticket 166 does that now 167 168 * lib/krb5/ticket.c (krb5_free_ticket): free the ticket itself to 169 match mit behavior, pointed out by Derrick Brashear 170 171 * lib/krb5/krb5_ticket.3: krb5_free_ticket free the whole ticket 172 |
1732003-11-08 Love H�rnquist �strand <lha@it.su.se> | 1732003-11-08 Love H��rnquist ��strand <lha@it.su.se> |
174 175 * lib/krb5/padata.c: add krb5_padata_add 176 177 * lib/krb5/krb5.h: krb5_context_data.pkinit_win2k_compatible 178 179 * lib/krb5/Makefile.am: add pkinit.c 180 181 * kuser/kinit.c: add pkinit support --- 8 unchanged lines hidden (view full) --- 190 191 * lib/krb5/pkinit.c: PKINIT patch from Daniel Kouril and Petr 192 Holub, I removed the dependency on valicert asn1 parser, remove 193 smartcard and globus support (for now). Work to be done on this: 194 DH support, Globus support, Smartcard support, windows support (MS 195 implements -09 of the draft), verify that it conforms the new 196 draft 197 | 174 175 * lib/krb5/padata.c: add krb5_padata_add 176 177 * lib/krb5/krb5.h: krb5_context_data.pkinit_win2k_compatible 178 179 * lib/krb5/Makefile.am: add pkinit.c 180 181 * kuser/kinit.c: add pkinit support --- 8 unchanged lines hidden (view full) --- 190 191 * lib/krb5/pkinit.c: PKINIT patch from Daniel Kouril and Petr 192 Holub, I removed the dependency on valicert asn1 parser, remove 193 smartcard and globus support (for now). Work to be done on this: 194 DH support, Globus support, Smartcard support, windows support (MS 195 implements -09 of the draft), verify that it conforms the new 196 draft 197 |
1982003-11-07 Love H�rnquist �strand <lha@it.su.se> | 1982003-11-07 Love H��rnquist ��strand <lha@it.su.se> |
199 200 * lib/asn1/der_copy.c (copy_oid): copy all components 201 2022003-10-27 Johan Danielsson <joda@pdc.kth.se> 203 204 * lib/krb5/krb5.conf.5: document capaths section 205 2062003-10-22 Johan Danielsson <joda@pdc.kth.se> --- 6 unchanged lines hidden (view full) --- 213 implemented) 214 215 * kdc/kdc_locl.h: change enforce_transited_policy to a tri-state 216 variable 217 218 * kdc/config.c: change enforce_transited_policy to a tri-state 219 variable 220 | 199 200 * lib/asn1/der_copy.c (copy_oid): copy all components 201 2022003-10-27 Johan Danielsson <joda@pdc.kth.se> 203 204 * lib/krb5/krb5.conf.5: document capaths section 205 2062003-10-22 Johan Danielsson <joda@pdc.kth.se> --- 6 unchanged lines hidden (view full) --- 213 implemented) 214 215 * kdc/kdc_locl.h: change enforce_transited_policy to a tri-state 216 variable 217 218 * kdc/config.c: change enforce_transited_policy to a tri-state 219 variable 220 |
2212003-10-22 Love H�rnquist �strand <lha@it.su.se> | 2212003-10-22 Love H��rnquist ��strand <lha@it.su.se> |
222 223 * lib/krb5/transited.c (krb5_domain_x500_encode): always zero out 224 encoding to make sure it have a defined value on failure 225 226 * lib/krb5/transited.c (krb5_domain_x500_encode): 227 if num_realms ==0, set encoding and return (avoids malloc(0)), 228 check return value for malloc 229 2302003-10-21 Johan Danielsson <joda@pdc.kth.se> 231 232 * kdc/kerberos5.c (fix_transited_encoding): always print 233 cross-realm information 234 | 222 223 * lib/krb5/transited.c (krb5_domain_x500_encode): always zero out 224 encoding to make sure it have a defined value on failure 225 226 * lib/krb5/transited.c (krb5_domain_x500_encode): 227 if num_realms ==0, set encoding and return (avoids malloc(0)), 228 check return value for malloc 229 2302003-10-21 Johan Danielsson <joda@pdc.kth.se> 231 232 * kdc/kerberos5.c (fix_transited_encoding): always print 233 cross-realm information 234 |
2352003-10-21 Love H�rnquist �strand <lha@it.su.se> | 2352003-10-21 Love H��rnquist ��strand <lha@it.su.se> |
236 237 * doc/setup.texi: spelling, From: Tracy Di Marco White 238 239 * kdc/kerberos5.c (fix_transited_encoding): set transited type 240 2412003-10-21 Johan Danielsson <joda@pdc.kth.se> 242 243 * kdc/kdc.8: document enforce-transited-policy 244 245 * kdc/kerberos5.c: always check transited policy if flag set 246 either globally or on principal 247 248 * kdc/config.c: add flag to always check transited policy 249 250 * lib/hdb/hdb.asn1: add flag to enforce transited policy 251 | 236 237 * doc/setup.texi: spelling, From: Tracy Di Marco White 238 239 * kdc/kerberos5.c (fix_transited_encoding): set transited type 240 2412003-10-21 Johan Danielsson <joda@pdc.kth.se> 242 243 * kdc/kdc.8: document enforce-transited-policy 244 245 * kdc/kerberos5.c: always check transited policy if flag set 246 either globally or on principal 247 248 * kdc/config.c: add flag to always check transited policy 249 250 * lib/hdb/hdb.asn1: add flag to enforce transited policy 251 |
2522003-10-21 Love H�rnquist �strand <lha@it.su.se> | 2522003-10-21 Love H��rnquist ��strand <lha@it.su.se> |
253 254 * lib/krb5/transited.c (krb5_domain_x500_decode): set *num_realms 255 to zero not num_realms 256 257 * kuser/kgetcred.1: add --no-transit-check 258 259 * kuser/kgetcred.c: add --no-transit-check 260 --- 15 unchanged lines hidden (view full) --- 276 2772003-10-16 Johan Danielsson <joda@pdc.kth.se> 278 279 * lib/krb5/fcache.c: Sleep forever waiting for lock. Previous 280 method doesn't work well with a large number of clients accessing 281 the cache at the same time, and there is no simple way to add a 282 timeout to the lock. 283 | 253 254 * lib/krb5/transited.c (krb5_domain_x500_decode): set *num_realms 255 to zero not num_realms 256 257 * kuser/kgetcred.1: add --no-transit-check 258 259 * kuser/kgetcred.c: add --no-transit-check 260 --- 15 unchanged lines hidden (view full) --- 276 2772003-10-16 Johan Danielsson <joda@pdc.kth.se> 278 279 * lib/krb5/fcache.c: Sleep forever waiting for lock. Previous 280 method doesn't work well with a large number of clients accessing 281 the cache at the same time, and there is no simple way to add a 282 timeout to the lock. 283 |
2842003-10-13 Love H�rnquist �strand <lha@it.su.se> | 2842003-10-13 Love H��rnquist ��strand <lha@it.su.se> |
285 286 * lib/krb5/verify_krb5_conf.c: print the error value 287 krb5_init_context failed with 288 289 * lib/krb5/config_file.c (krb5_config_parse_file_debug): punt if 290 there is binding before a section declaration. Bug found by 291 Arkadiusz Miskiewicz <arekm@pld-linux.org> 292 --- 4 unchanged lines hidden (view full) --- 297 298 * lib/krb5/fcache.c: implement locking 299 3002003-10-12 Johan Danielsson <joda@pdc.kth.se> 301 302 * kuser/klist.c (print_tickets): bail out if krb5_cc_next_cred 303 returns error other than KRB5_CC_END 304 | 285 286 * lib/krb5/verify_krb5_conf.c: print the error value 287 krb5_init_context failed with 288 289 * lib/krb5/config_file.c (krb5_config_parse_file_debug): punt if 290 there is binding before a section declaration. Bug found by 291 Arkadiusz Miskiewicz <arekm@pld-linux.org> 292 --- 4 unchanged lines hidden (view full) --- 297 298 * lib/krb5/fcache.c: implement locking 299 3002003-10-12 Johan Danielsson <joda@pdc.kth.se> 301 302 * kuser/klist.c (print_tickets): bail out if krb5_cc_next_cred 303 returns error other than KRB5_CC_END 304 |
3052003-10-07 Love H�rnquist �strand <lha@it.su.se> | 3052003-10-07 Love H��rnquist ��strand <lha@it.su.se> |
306 307 * lib/krb5/init_creds_pw.c: add some help function that is common 308 between ENC_TS and SAM2, free the etype{,2}-infos on failure, move 309 the pa counter into krb5_get_init_creds_ctx 310 | 306 307 * lib/krb5/init_creds_pw.c: add some help function that is common 308 between ENC_TS and SAM2, free the etype{,2}-infos on failure, move 309 the pa counter into krb5_get_init_creds_ctx 310 |
3112003-10-06 Love H�rnquist �strand <lha@it.su.se> | 3112003-10-06 Love H��rnquist ��strand <lha@it.su.se> |
312 313 * kdc/kaserver.c (do_getticket): if times data is shorter then 8 314 byte, request is malformed. 315 316 * kdc/kaserver.c (do_authenticate): if request length is less then 317 8 byte, its a bad request and fail. Pointed out by Marco Foglia 318 <marco@foglia.org> 319 320 * lib/krb5/verify_krb5_conf.c: add flag --warn-mit-syntax that 321 warns for mit syntax is used and just ignore the mit syntax when 322 its used 323 324 * lib/krb5/verify_krb5_conf.c: parse [kdc]use_2b and [gssapi] 325 | 312 313 * kdc/kaserver.c (do_getticket): if times data is shorter then 8 314 byte, request is malformed. 315 316 * kdc/kaserver.c (do_authenticate): if request length is less then 317 8 byte, its a bad request and fail. Pointed out by Marco Foglia 318 <marco@foglia.org> 319 320 * lib/krb5/verify_krb5_conf.c: add flag --warn-mit-syntax that 321 warns for mit syntax is used and just ignore the mit syntax when 322 its used 323 324 * lib/krb5/verify_krb5_conf.c: parse [kdc]use_2b and [gssapi] 325 |
3262003-10-04 Love H�rnquist �strand <lha@it.su.se> | 3262003-10-04 Love H��rnquist ��strand <lha@it.su.se> |
327 328 * lib/asn1/lex.l: add BOOLEAN 329 330 * lib/asn1/parse.y: add BOOLEAN 331 | 327 328 * lib/asn1/lex.l: add BOOLEAN 329 330 * lib/asn1/parse.y: add BOOLEAN 331 |
3322003-10-03 Love H�rnquist �strand <lha@it.su.se> | 3322003-10-03 Love H��rnquist ��strand <lha@it.su.se> |
333 334 * kuser/kinit.c: When running kinit in "fork mode" do pagsh 335 independent of krb4, also always do krb4 setup of cc. Always try 336 to destroy the v4 cc. 337 - add boolean --{,no-}request-pac that will request pac or not 338 339 * kuser/klist.c (check_for_tgt): set client as part of the 340 pattern/match cred --- 28 unchanged lines hidden (view full) --- 369 alway used 370 371 * lib/asn1/Makefile.am: add SAM types and PAC_REQUEST 372 373 * lib/asn1/k5.asn1: add more preauth types, add PA-PAC-REQUEST 374 375 * lib/asn1: add boolean support 376 | 333 334 * kuser/kinit.c: When running kinit in "fork mode" do pagsh 335 independent of krb4, also always do krb4 setup of cc. Always try 336 to destroy the v4 cc. 337 - add boolean --{,no-}request-pac that will request pac or not 338 339 * kuser/klist.c (check_for_tgt): set client as part of the 340 pattern/match cred --- 28 unchanged lines hidden (view full) --- 369 alway used 370 371 * lib/asn1/Makefile.am: add SAM types and PAC_REQUEST 372 373 * lib/asn1/k5.asn1: add more preauth types, add PA-PAC-REQUEST 374 375 * lib/asn1: add boolean support 376 |
3772003-10-02 Love H�rnquist �strand <lha@it.su.se> | 3772003-10-02 Love H��rnquist ��strand <lha@it.su.se> |
378 379 * lib/krb5/changepw.c (setpw_send_request): free ap_req_data on 380 failure 381 | 378 379 * lib/krb5/changepw.c (setpw_send_request): free ap_req_data on 380 failure 381 |
3822003-09-30 Love H�rnquist �strand <lha@it.su.se> | 3822003-09-30 Love H��rnquist ��strand <lha@it.su.se> |
383 384 * appl/test/http_client.c (do_connect): use ai_protocol 0 385 386 * lib/krb5/init_creds_pw.c (init_cred_loop): handle 387 KRB5KRB_ERR_RESPONSE_TOO_BIG and loop again, this time requesting 388 LARGE_MSG from send to kdc, and if this is the second time bail 389 out; try to free memory 390 --- 6 unchanged lines hidden (view full) --- 397 (krbhst_get_default_proto): new function, returns udp, or in case 398 large_msg was requested for the krb5_krbhst_data, use tcp. 399 (*): if the flag KD_LARGE_MSG was set on the krb5_krbhst_data, avoid 400 using udp, use krbhst_get_default_proto 401 402 * lib/krb5/krb5.h: flags for krb5_krbhst_init_flags (and 403 krb5_send_to_kdc_flags) 404 | 383 384 * appl/test/http_client.c (do_connect): use ai_protocol 0 385 386 * lib/krb5/init_creds_pw.c (init_cred_loop): handle 387 KRB5KRB_ERR_RESPONSE_TOO_BIG and loop again, this time requesting 388 LARGE_MSG from send to kdc, and if this is the second time bail 389 out; try to free memory 390 --- 6 unchanged lines hidden (view full) --- 397 (krbhst_get_default_proto): new function, returns udp, or in case 398 large_msg was requested for the krb5_krbhst_data, use tcp. 399 (*): if the flag KD_LARGE_MSG was set on the krb5_krbhst_data, avoid 400 using udp, use krbhst_get_default_proto 401 402 * lib/krb5/krb5.h: flags for krb5_krbhst_init_flags (and 403 krb5_send_to_kdc_flags) 404 |
4052003-09-23 Love H�rnquist �strand <lha@it.su.se> | 4052003-09-23 Love H��rnquist ��strand <lha@it.su.se> |
406 407 * lib/krb5/rd_req.c (krb5_rd_req): if we have a keyblock in auth 408 context, use that 409 410 * appl/test/uu_client.c: print authorization data if there are any 411 412 * lib/asn1/asn1_print.c: decode IA5Stringa and UTF8String 413 | 406 407 * lib/krb5/rd_req.c (krb5_rd_req): if we have a keyblock in auth 408 context, use that 409 410 * appl/test/uu_client.c: print authorization data if there are any 411 412 * lib/asn1/asn1_print.c: decode IA5Stringa and UTF8String 413 |
4142003-09-21 Love H�rnquist �strand <lha@it.su.se> | 4142003-09-21 Love H��rnquist ��strand <lha@it.su.se> |
415 416 * lib/krb5/init_creds_pw.c: use _krb5_get_init_creds_opt_copy 417 * lib/krb5/init_creds.c: don't export krb5_get_init_creds_opt_copy 418 419 * lib/hdb/Makefile.am: libhdb might depend on LIB_dlopen 420 421 * kuser/kinit.c: don't get v4 tickets by default 422 | 415 416 * lib/krb5/init_creds_pw.c: use _krb5_get_init_creds_opt_copy 417 * lib/krb5/init_creds.c: don't export krb5_get_init_creds_opt_copy 418 419 * lib/hdb/Makefile.am: libhdb might depend on LIB_dlopen 420 421 * kuser/kinit.c: don't get v4 tickets by default 422 |
4232003-09-20 Love H�rnquist �strand <lha@it.su.se> | 4232003-09-20 Love H��rnquist ��strand <lha@it.su.se> |
424 425 * kpasswd/kpasswdd.c (process): remove a abort() 426 427 * doc/win2k.texi: add some text about netdom.exe and trusts 428 429 * TODO-1.0: gssapi rc4 done 430 431 * kpasswd/kpasswdd.c: add support for Set password protocol as 432 defined by RFC3244 -- Microsoft Windows 2000 Kerberos Change 433 Password and Set Password Protocols 434 | 424 425 * kpasswd/kpasswdd.c (process): remove a abort() 426 427 * doc/win2k.texi: add some text about netdom.exe and trusts 428 429 * TODO-1.0: gssapi rc4 done 430 431 * kpasswd/kpasswdd.c: add support for Set password protocol as 432 defined by RFC3244 -- Microsoft Windows 2000 Kerberos Change 433 Password and Set Password Protocols 434 |
4352003-09-19 Love H�rnquist �strand <lha@it.su.se> | 4352003-09-19 Love H��rnquist ��strand <lha@it.su.se> |
436 437 * lib/hdb/db3.c: improve readability of ->open ifdef, check if 438 version >= 4.1 439 440 * lib/krb5/init_creds.c (krb5_get_init_creds_opt_copy): add 441 442 * lib/krb5/rd_req.c (krb5_rd_req): allow caller to pass in a key 443 in the auth_context, they way processes that doesn't use the 444 keytab can still pass in the key of the service (matches behavior 445 of MIT Kerberos). 446 | 436 437 * lib/hdb/db3.c: improve readability of ->open ifdef, check if 438 version >= 4.1 439 440 * lib/krb5/init_creds.c (krb5_get_init_creds_opt_copy): add 441 442 * lib/krb5/rd_req.c (krb5_rd_req): allow caller to pass in a key 443 in the auth_context, they way processes that doesn't use the 444 keytab can still pass in the key of the service (matches behavior 445 of MIT Kerberos). 446 |
4472003-09-18 Love H�rnquist �strand <lha@it.su.se> | 4472003-09-18 Love H��rnquist ��strand <lha@it.su.se> |
448 449 * lib/krb5/init_creds_pw.c: collect all init_creds context into a 450 structure so it can easier be passed around, also, while here, 451 change nonce for every request 452 453 * lib/krb5/get_in_tkt.c (init_as_req): don't realloc data before 454 the loop, add_padata() will handle that itself 455 456 * lib/krb5/get_for_creds.c (add_addrs): don't increase addr->len 457 until in contains interesting data, use right iteration counter 458 when clearing the addresses 459 460 * lib/krb5/log.c (log_realloc): increase len after realloc returns 461 sucessfully 462 | 448 449 * lib/krb5/init_creds_pw.c: collect all init_creds context into a 450 structure so it can easier be passed around, also, while here, 451 change nonce for every request 452 453 * lib/krb5/get_in_tkt.c (init_as_req): don't realloc data before 454 the loop, add_padata() will handle that itself 455 456 * lib/krb5/get_for_creds.c (add_addrs): don't increase addr->len 457 until in contains interesting data, use right iteration counter 458 when clearing the addresses 459 460 * lib/krb5/log.c (log_realloc): increase len after realloc returns 461 sucessfully 462 |
4632003-09-12 Love H�rnquist �strand <lha@it.su.se> | 4632003-09-12 Love H��rnquist ��strand <lha@it.su.se> |
464 465 * lib/krb5/config_file.c: fix prototypes 466 From: Fredrik Ljungberg <flag@pobox.se> 467 | 464 465 * lib/krb5/config_file.c: fix prototypes 466 From: Fredrik Ljungberg <flag@pobox.se> 467 |
4682003-09-10 Love H�rnquist �strand <lha@it.su.se> | 4682003-09-10 Love H��rnquist ��strand <lha@it.su.se> |
469 470 * appl/test/http_client.c: close socket when we are done, don't 471 allow the server to restart gssapi negotiation 472 473 * lib/hdb/hdb_locl.h: include <limits.h> for ULONG_MAX noted by 474 Wissler Magnus <M.Wissler@abalon.se> on heimdal-discuss 475 476 * appl/test/gssapi_client.c (proto): use select_mech --- 4 unchanged lines hidden (view full) --- 481 482 * appl/test/gss_common.c (select_mech): return the gss_OID from a 483 mech name 484 485 * appl/test/http_client.c: print both source and target 486 487 * appl/test/Makefile.am: build http_client 488 | 469 470 * appl/test/http_client.c: close socket when we are done, don't 471 allow the server to restart gssapi negotiation 472 473 * lib/hdb/hdb_locl.h: include <limits.h> for ULONG_MAX noted by 474 Wissler Magnus <M.Wissler@abalon.se> on heimdal-discuss 475 476 * appl/test/gssapi_client.c (proto): use select_mech --- 4 unchanged lines hidden (view full) --- 481 482 * appl/test/gss_common.c (select_mech): return the gss_OID from a 483 mech name 484 485 * appl/test/http_client.c: print both source and target 486 487 * appl/test/Makefile.am: build http_client 488 |
4892003-09-09 Love H�rnquist �strand <lha@it.su.se> | 4892003-09-09 Love H��rnquist ��strand <lha@it.su.se> |
490 491 * lib/asn1/asn1_print.c: add support for printing Enumerated 492 493 * appl/test/gssapi_client.c: allow user to select mech; krb5, 494 spnego, and no-oid 495 496 * appl/test/test_locl.h: add mech 497 498 * appl/test/common.c: add --mech,-m argument 499 500 * appl/test/gssapi_server.c: print the mech that was used 501 502 * kdc/kerberos5.c (only_older_enctype_p): check request if the 503 client only supports old enctypes, before it used the database 504 | 490 491 * lib/asn1/asn1_print.c: add support for printing Enumerated 492 493 * appl/test/gssapi_client.c: allow user to select mech; krb5, 494 spnego, and no-oid 495 496 * appl/test/test_locl.h: add mech 497 498 * appl/test/common.c: add --mech,-m argument 499 500 * appl/test/gssapi_server.c: print the mech that was used 501 502 * kdc/kerberos5.c (only_older_enctype_p): check request if the 503 client only supports old enctypes, before it used the database 504 |
5052003-09-08 Love H�rnquist �strand <lha@it.su.se> | 5052003-09-08 Love H��rnquist ��strand <lha@it.su.se> |
506 507 * **/*.c: add context argument to krb5_get_init_creds_opt_alloc 508 509 * lib/krb5/init_creds.c (krb5_get_init_creds_opt_alloc): add 510 context argument 511 512 * lib/krb5/krb5_get_init_creds.3: spelling 513 | 506 507 * **/*.c: add context argument to krb5_get_init_creds_opt_alloc 508 509 * lib/krb5/init_creds.c (krb5_get_init_creds_opt_alloc): add 510 context argument 511 512 * lib/krb5/krb5_get_init_creds.3: spelling 513 |
5142003-09-04 Love H�rnquist �strand <lha@it.su.se> | 5142003-09-04 Love H��rnquist ��strand <lha@it.su.se> |
515 516 * lib/krb5/context.c (add_file): make len argument an pointer to 517 an integer 518 519 * lib/asn1/k5.asn1: add SAM types 520 521 * lib/krb5/init_creds_pw.c: break out the encrypt timestamp 522 preauth to its function break out the pa_data_to_key_plain to its 523 own function make more variables const 524 5252003-09-04 Johan Danielsson <joda@pdc.kth.se> 526 527 * lib/krb5/krb5.conf.5: document appdefaults/{forward,encrypt} 528 | 515 516 * lib/krb5/context.c (add_file): make len argument an pointer to 517 an integer 518 519 * lib/asn1/k5.asn1: add SAM types 520 521 * lib/krb5/init_creds_pw.c: break out the encrypt timestamp 522 preauth to its function break out the pa_data_to_key_plain to its 523 own function make more variables const 524 5252003-09-04 Johan Danielsson <joda@pdc.kth.se> 526 527 * lib/krb5/krb5.conf.5: document appdefaults/{forward,encrypt} 528 |
5292003-09-03 Love H�rnquist �strand <lha@it.su.se> | 5292003-09-03 Love H��rnquist ��strand <lha@it.su.se> |
530 531 * lib/krb5/krb5.h: Add key usage for encryption of the 532 SAM-NONCE-OR-SAD field. 533 534 * include/make_crypto.c: include <openssl/ui.h> in the openssl 535 case 536 537 * kdc/hprop.h: use new DES_ api --- 54 unchanged lines hidden (view full) --- 592 a opt structure 593 (krb5_get_init_creds_opt_free): free a opt structure 594 (krb5_get_init_creds_opt_set_pa_password): set preauth info for 595 enc-timestamp 596 597 * lib/krb5/krb5_locl.h: add struct 598 _krb5_get_init_creds_opt_private 599 | 530 531 * lib/krb5/krb5.h: Add key usage for encryption of the 532 SAM-NONCE-OR-SAD field. 533 534 * include/make_crypto.c: include <openssl/ui.h> in the openssl 535 case 536 537 * kdc/hprop.h: use new DES_ api --- 54 unchanged lines hidden (view full) --- 592 a opt structure 593 (krb5_get_init_creds_opt_free): free a opt structure 594 (krb5_get_init_creds_opt_set_pa_password): set preauth info for 595 enc-timestamp 596 597 * lib/krb5/krb5_locl.h: add struct 598 _krb5_get_init_creds_opt_private 599 |
6002003-09-02 Love H�rnquist �strand <lha@it.su.se> | 6002003-09-02 Love H��rnquist ��strand <lha@it.su.se> |
601 602 * lib/krb5/krb5.h: add SAM keyusage numbers, add s2k proc typedef, 603 add a pointer to a private part of krb5_get_init_creds_opt 604 605 * kdc/string2key.c (main): avoid const warning by using a extra 606 variable 607 | 601 602 * lib/krb5/krb5.h: add SAM keyusage numbers, add s2k proc typedef, 603 add a pointer to a private part of krb5_get_init_creds_opt 604 605 * kdc/string2key.c (main): avoid const warning by using a extra 606 variable 607 |
6082003-08-31 Love H�rnquist �strand <lha@it.su.se> | 6082003-08-31 Love H��rnquist ��strand <lha@it.su.se> |
609 610 * lib/krb5/ticket.c (krb5_ticket_get_authorization_data_type): 611 reindent 612 613 * lib/krb5/ticket.c (krb5_copy_ticket): free all data when 614 failing, copy data to right memory, the later pointed out by Luke 615 Howard. 616 | 609 610 * lib/krb5/ticket.c (krb5_ticket_get_authorization_data_type): 611 reindent 612 613 * lib/krb5/ticket.c (krb5_copy_ticket): free all data when 614 failing, copy data to right memory, the later pointed out by Luke 615 Howard. 616 |
6172003-08-30 Love H�rnquist �strand <lha@it.su.se> | 6172003-08-30 Love H��rnquist ��strand <lha@it.su.se> |
618 619 * lib/krb5/krb5.h: cfx-01 use diffrent usage numbers 620 | 618 619 * lib/krb5/krb5.h: cfx-01 use diffrent usage numbers 620 |
6212003-08-29 Love H�rnquist �strand <lha@it.su.se> | 6212003-08-29 Love H��rnquist ��strand <lha@it.su.se> |
622 623 * lib/hdb/db3.c: try to include more db headers 624 625 * lib/hdb/db3.c: patch for working with DB4 on heimdal-discuss 626 From: Luke Howard <lukeh@PADL.COM> 627 | 622 623 * lib/hdb/db3.c: try to include more db headers 624 625 * lib/hdb/db3.c: patch for working with DB4 on heimdal-discuss 626 From: Luke Howard <lukeh@PADL.COM> 627 |
6282003-08-28 Love H�rnquist �strand <lha@it.su.se> | 6282003-08-28 Love H��rnquist ��strand <lha@it.su.se> |
629 630 * lib/krb5/krb5.h: add KEYTYPE_ARCFOUR_56 631 632 * appl/test/gssapi_client.c: send both INT and CONF wrapped token 633 634 * appl/test/gssapi_server.c: recv both INT and CONF wrapped token 635 636 * lib/asn1/k5.asn1: add KRB5_NT_SMTP_NAME and KRB5_NT_ENTERPRISE 637 | 629 630 * lib/krb5/krb5.h: add KEYTYPE_ARCFOUR_56 631 632 * appl/test/gssapi_client.c: send both INT and CONF wrapped token 633 634 * appl/test/gssapi_server.c: recv both INT and CONF wrapped token 635 636 * lib/asn1/k5.asn1: add KRB5_NT_SMTP_NAME and KRB5_NT_ENTERPRISE 637 |
6382003-08-27 Love H�rnquist �strand <lha@it.su.se> | 6382003-08-27 Love H��rnquist ��strand <lha@it.su.se> |
639 640 * appl/test/uu_client.c (proto): fill in client in the match cred 641 | 639 640 * appl/test/uu_client.c (proto): fill in client in the match cred 641 |
6422003-08-26 Love H�rnquist �strand <lha@it.su.se> | 6422003-08-26 Love H��rnquist ��strand <lha@it.su.se> |
643 644 * lib/krb5/krb5.h: CFX uses slightly diffrent usage numbers 645 646 * lib/krb5/crypto.c (usage2arcfour): simplify, only include 647 special cases From: Luke Howard <lukeh@PADL.COM> 648 | 643 644 * lib/krb5/krb5.h: CFX uses slightly diffrent usage numbers 645 646 * lib/krb5/crypto.c (usage2arcfour): simplify, only include 647 special cases From: Luke Howard <lukeh@PADL.COM> 648 |
6492003-08-25 Love H�rnquist �strand <lha@it.su.se> | 6492003-08-25 Love H��rnquist ��strand <lha@it.su.se> |
650 651 * lib/hdb/hdb-ldap.c: code rewrite from Luke Howard 652 <lukeh@PADL.COM> 653 654 * lib/krb5/crypto.c (arcfour_checksum_p): return true when is 655 arcfour, not when its not pointed out by Luke Howard 656 657 * doc/ack.texi: update Luke Howard email address 658 | 650 651 * lib/hdb/hdb-ldap.c: code rewrite from Luke Howard 652 <lukeh@PADL.COM> 653 654 * lib/krb5/crypto.c (arcfour_checksum_p): return true when is 655 arcfour, not when its not pointed out by Luke Howard 656 657 * doc/ack.texi: update Luke Howard email address 658 |
6592003-08-24 Love H�rnquist �strand <lha@it.su.se> | 6592003-08-24 Love H��rnquist ��strand <lha@it.su.se> |
660 661 * lib/krb5/krb5_encrypt.3: document: 662 krb5_crypto_getconfoundersize, krb5_crypto_getblocksize 663 krb5_crypto_getenctype, krb5_crypto_getpadsize 664 665 * lib/krb5/crypto.c (krb5_crypto_getpadsize, 666 krb5_crypto_getconfoundersize): added From: Luke Howard 667 <lukeh@PADL.COM> 668 | 660 661 * lib/krb5/krb5_encrypt.3: document: 662 krb5_crypto_getconfoundersize, krb5_crypto_getblocksize 663 krb5_crypto_getenctype, krb5_crypto_getpadsize 664 665 * lib/krb5/crypto.c (krb5_crypto_getpadsize, 666 krb5_crypto_getconfoundersize): added From: Luke Howard 667 <lukeh@PADL.COM> 668 |
6692003-08-23 Love H�rnquist �strand <lha@it.su.se> | 6692003-08-23 Love H��rnquist ��strand <lha@it.su.se> |
670 671 * kdc/connect.c (handle_tcp): handle recvfrom returning 0 672 (connection closed) 673 674 * kdc/connect.c (grow_descr): increment the size after we succeed 675 to allocate the space 676 677 * lib/krb5/krb5_create_checksum.3: text about when --- 6 unchanged lines hidden (view full) --- 684 krb5_crypto_get_checksum_type 685 686 * lib/krb5/crypto.c: add krb5_crypto_get_checksum_type 687 From: Luke Howard <lukeh@PADL.COM> 688 689 * lib/asn1/gen.c: s/UTF8String/heim_utf8_string/ in generated code 690 From: Luke Howard <lukeh@PADL.COM> 691 | 670 671 * kdc/connect.c (handle_tcp): handle recvfrom returning 0 672 (connection closed) 673 674 * kdc/connect.c (grow_descr): increment the size after we succeed 675 to allocate the space 676 677 * lib/krb5/krb5_create_checksum.3: text about when --- 6 unchanged lines hidden (view full) --- 684 krb5_crypto_get_checksum_type 685 686 * lib/krb5/crypto.c: add krb5_crypto_get_checksum_type 687 From: Luke Howard <lukeh@PADL.COM> 688 689 * lib/asn1/gen.c: s/UTF8String/heim_utf8_string/ in generated code 690 From: Luke Howard <lukeh@PADL.COM> 691 |
6922003-08-21 Love H�rnquist �strand <lha@it.su.se> | 6922003-08-21 Love H��rnquist ��strand <lha@it.su.se> |
693 694 * include/make_crypto.c: include aes.h inc in the local libdes 695 case too 696 6972003-08-20 Johan Danielsson <joda@pdc.kth.se> 698 699 * lib/asn1/der_free.c: set free'd poiners to NULL 700 701 * lib/asn1/gen_free.c: set free'd poiners to NULL 702 | 693 694 * include/make_crypto.c: include aes.h inc in the local libdes 695 case too 696 6972003-08-20 Johan Danielsson <joda@pdc.kth.se> 698 699 * lib/asn1/der_free.c: set free'd poiners to NULL 700 701 * lib/asn1/gen_free.c: set free'd poiners to NULL 702 |
7032003-08-20 Love H�rnquist �strand <lha@it.su.se> | 7032003-08-20 Love H��rnquist ��strand <lha@it.su.se> |
704 705 * lib/krb5/heim_threads.h: XXX don't use "plain" pthread support 706 on netbsd 707 708 * lib/krb5/crypto.c: Do the arcfour checksum mapping for 709 krb5_create_checksum and krb5_verify_checksum, From: Luke Howard 710 <lukeh@PADL.COM> 711 | 704 705 * lib/krb5/heim_threads.h: XXX don't use "plain" pthread support 706 on netbsd 707 708 * lib/krb5/crypto.c: Do the arcfour checksum mapping for 709 krb5_create_checksum and krb5_verify_checksum, From: Luke Howard 710 <lukeh@PADL.COM> 711 |
7122003-08-18 Love H�rnquist �strand <lha@it.su.se> | 7122003-08-18 Love H��rnquist ��strand <lha@it.su.se> |
713 714 * lib/krb5/test_config.c: check krb5_prepend_config_files_default 715 and krb5_prepend_config_files 716 717 * lib/krb5/context.c: add krb5_prepend_config_files and 718 krb5_prepend_config_files_default 719 | 713 714 * lib/krb5/test_config.c: check krb5_prepend_config_files_default 715 and krb5_prepend_config_files 716 717 * lib/krb5/context.c: add krb5_prepend_config_files and 718 krb5_prepend_config_files_default 719 |
7202003-08-17 Love H�rnquist �strand <lha@it.su.se> | 7202003-08-17 Love H��rnquist ��strand <lha@it.su.se> |
721 722 * lib/hdb/mkey.c (read_master_mit): krb5_ret_int16 takes a int16_t 723 as argument 724 725 * lib/krb5/parse-name-test.c: please lint (and me) 726 727 * kdc/config.c (configure): remove only set variable 'e' 728 --- 9 unchanged lines hidden (view full) --- 738 739 * lib/krb5/krb5_get_init_creds.3: begining of documentation of 740 krb5_get_init_creds 741 742 * lib/krb5/get_in_tkt.c (krb5_get_in_tkt): for compatibility with 743 with the mit implemtation, don't free `creds' argument when done, 744 its up the the caller to do that, also allow a NULL ccache. 745 | 721 722 * lib/hdb/mkey.c (read_master_mit): krb5_ret_int16 takes a int16_t 723 as argument 724 725 * lib/krb5/parse-name-test.c: please lint (and me) 726 727 * kdc/config.c (configure): remove only set variable 'e' 728 --- 9 unchanged lines hidden (view full) --- 738 739 * lib/krb5/krb5_get_init_creds.3: begining of documentation of 740 krb5_get_init_creds 741 742 * lib/krb5/get_in_tkt.c (krb5_get_in_tkt): for compatibility with 743 with the mit implemtation, don't free `creds' argument when done, 744 its up the the caller to do that, also allow a NULL ccache. 745 |
7462003-08-16 Love H�rnquist �strand <lha@it.su.se> | 7462003-08-16 Love H��rnquist ��strand <lha@it.su.se> |
747 748 * lib/krb5/krb5.conf.5: document tgs_require_subkey 749 750 * lib/asn1/Makefile.am: remove trance of generate tests files, its 751 not really for consumption yet 752 753 * lib/hdb/Makefile.am: split generated source from non generated 754 source we make-proto.pl can generate prototypes for non --- 6 unchanged lines hidden (view full) --- 761 defaults to off. The RFC1510 weakly defines the correct behavior, 762 so old DCE secd apparently required the subkey to be there, and MS 763 will use it when its there. But the request isn't encrypted in the 764 subkey, so you get to choose if you want to talk to a MS mdc or a 765 old DCE secd. 766 767 * kdc/kerberos5.c (*): handle krb5_unparse_name returning non-zero 768 | 747 748 * lib/krb5/krb5.conf.5: document tgs_require_subkey 749 750 * lib/asn1/Makefile.am: remove trance of generate tests files, its 751 not really for consumption yet 752 753 * lib/hdb/Makefile.am: split generated source from non generated 754 source we make-proto.pl can generate prototypes for non --- 6 unchanged lines hidden (view full) --- 761 defaults to off. The RFC1510 weakly defines the correct behavior, 762 so old DCE secd apparently required the subkey to be there, and MS 763 will use it when its there. But the request isn't encrypted in the 764 subkey, so you get to choose if you want to talk to a MS mdc or a 765 old DCE secd. 766 767 * kdc/kerberos5.c (*): handle krb5_unparse_name returning non-zero 768 |
7692003-08-15 Love H�rnquist �strand <lha@it.su.se> | 7692003-08-15 Love H��rnquist ��strand <lha@it.su.se> |
770 771 * lib/krb5/principal.c (unparse_name): len can't be zero, so, 772 don't check for that 773 | 770 771 * lib/krb5/principal.c (unparse_name): len can't be zero, so, 772 don't check for that 773 |
7742003-08-13 Love H�rnquist �strand <lha@it.su.se> | 7742003-08-13 Love H��rnquist ��strand <lha@it.su.se> |
775 776 * lib/krb5/principal.c (unparse_name): make sure there are space 777 for a NUL, set *name to NULL when there is a failure (so caller 778 can't get hold of a freed pointer) 779 | 775 776 * lib/krb5/principal.c (unparse_name): make sure there are space 777 for a NUL, set *name to NULL when there is a failure (so caller 778 can't get hold of a freed pointer) 779 |
7802003-07-26 Love H�rnquist �strand <lha@it.su.se> | 7802003-07-26 Love H��rnquist ��strand <lha@it.su.se> |
781 782 * lib/krb5/kerberos.8: remove duplicate manual, from 783 cjep@netbsd.org 784 | 781 782 * lib/krb5/kerberos.8: remove duplicate manual, from 783 cjep@netbsd.org 784 |
7852003-07-25 Love H�rnquist �strand <lha@it.su.se> | 7852003-07-25 Love H��rnquist ��strand <lha@it.su.se> |
786 787 * lib/krb5/cache.c: indent 788 789 * lib/krb5/cache.c (krb5_cc_set_default_name): only read 790 KRB5CCNAME when not suid 791 | 786 787 * lib/krb5/cache.c: indent 788 789 * lib/krb5/cache.c (krb5_cc_set_default_name): only read 790 KRB5CCNAME when not suid 791 |
7922003-07-24 Love H�rnquist �strand <lha@it.su.se> | 7922003-07-24 Love H��rnquist ��strand <lha@it.su.se> |
793 794 * lib/krb5/keytab_krb4.c (read_v4_entry): the des key is 8 bytes, 795 use a char array instead of des_cblock 796 | 793 794 * lib/krb5/keytab_krb4.c (read_v4_entry): the des key is 8 bytes, 795 use a char array instead of des_cblock 796 |
7972003-07-23 Love H�rnquist �strand <lha@it.su.se> | 7972003-07-23 Love H��rnquist ��strand <lha@it.su.se> |
798 799 * kdc/kerberos5.c: add support for KRB5_PADATA_ETYPE_INFO2 800 801 * lib/krb5/crypto.c (hmac): make it return an error when out of 802 memory, update callsites to either return error or use krb5_abortx 803 (krb5_hmac): expose hmac 804 | 798 799 * kdc/kerberos5.c: add support for KRB5_PADATA_ETYPE_INFO2 800 801 * lib/krb5/crypto.c (hmac): make it return an error when out of 802 memory, update callsites to either return error or use krb5_abortx 803 (krb5_hmac): expose hmac 804 |
8052003-07-22 Love H�rnquist �strand <lha@it.su.se> | 8052003-07-22 Love H��rnquist ��strand <lha@it.su.se> |
806 807 * lib/krb5/keyblock.c (krb5_keyblock_get_enctype): return enctype 808 of keyblock 809 810 * lib/krb5/Makefile.am (man_MANS): += krb5_keyblock.3 811 812 * lib/krb5/krb5_keyblock.3: some information about krb5_keyblock 813 and related functions --- 26 unchanged lines hidden (view full) --- 840 841 * lib/krb5/crypto.c (krb5_cksumtype_valid): check is checksum type 842 is a valid one 843 844 * lib/krb5/crypto.c (krb5_checksum_is_keyed): only set extented 845 error string when there is a context 846 (krb5_checksum_is_collision_proof): ditto 847 | 806 807 * lib/krb5/keyblock.c (krb5_keyblock_get_enctype): return enctype 808 of keyblock 809 810 * lib/krb5/Makefile.am (man_MANS): += krb5_keyblock.3 811 812 * lib/krb5/krb5_keyblock.3: some information about krb5_keyblock 813 and related functions --- 26 unchanged lines hidden (view full) --- 840 841 * lib/krb5/crypto.c (krb5_cksumtype_valid): check is checksum type 842 is a valid one 843 844 * lib/krb5/crypto.c (krb5_checksum_is_keyed): only set extented 845 error string when there is a context 846 (krb5_checksum_is_collision_proof): ditto 847 |
8482003-07-21 Love H�rnquist �strand <lha@it.su.se> | 8482003-07-21 Love H��rnquist ��strand <lha@it.su.se> |
849 850 * lib/krb5/mit_glue.c (krb5_c_get_checksum): make type and data 851 argument optional 852 (krb5_c_{encrypt,decrypt}): return "better" error codes for 853 invalid ivec length 854 855 * lib/krb5/krb5_c_make_checksum.3: update krb5_c_get_checksum 856 usage 857 858 * lib/krb5/crypto.c (krb5_crypto_getenctype): new function 859 860 * include/make_crypto.c: avoid redefining 861 OPENSSL_DES_LIBDES_COMPATIBILITY 862 863 * lib/krb5/krb5.h: add krb5_enc_data 864 | 849 850 * lib/krb5/mit_glue.c (krb5_c_get_checksum): make type and data 851 argument optional 852 (krb5_c_{encrypt,decrypt}): return "better" error codes for 853 invalid ivec length 854 855 * lib/krb5/krb5_c_make_checksum.3: update krb5_c_get_checksum 856 usage 857 858 * lib/krb5/crypto.c (krb5_crypto_getenctype): new function 859 860 * include/make_crypto.c: avoid redefining 861 OPENSSL_DES_LIBDES_COMPATIBILITY 862 863 * lib/krb5/krb5.h: add krb5_enc_data 864 |
8652003-07-19 Love H�rnquist �strand <lha@it.su.se> | 8652003-07-19 Love H��rnquist ��strand <lha@it.su.se> |
866 867 * lib/krb5/krb5.3: add krb5_c_ functions 868 869 * lib/krb5/mit_glue.c: support passing in NULL as the 870 cipher_state/ivec 871 872 * lib/krb5/aes-test.c: add test for krb5_c_encrypt_length and 873 krb5_c_decrypt 874 875 * lib/krb5/krb5_c_make_checksum.3: krb5_c encryption glue 876 877 * lib/krb5/crypto.c (wrapped_length/wrapped_length_derived): when 878 calculating the length of the encrypted data, use the keyed 879 checksum length if the enctype supports a keyed checksum. This 880 only matter for aes, for all other enctypes the key and unkeyed 881 checksum have the same length. 882 | 866 867 * lib/krb5/krb5.3: add krb5_c_ functions 868 869 * lib/krb5/mit_glue.c: support passing in NULL as the 870 cipher_state/ivec 871 872 * lib/krb5/aes-test.c: add test for krb5_c_encrypt_length and 873 krb5_c_decrypt 874 875 * lib/krb5/krb5_c_make_checksum.3: krb5_c encryption glue 876 877 * lib/krb5/crypto.c (wrapped_length/wrapped_length_derived): when 878 calculating the length of the encrypted data, use the keyed 879 checksum length if the enctype supports a keyed checksum. This 880 only matter for aes, for all other enctypes the key and unkeyed 881 checksum have the same length. 882 |
8832003-07-18 Love H�rnquist �strand <lha@it.su.se> | 8832003-07-18 Love H��rnquist ��strand <lha@it.su.se> |
884 885 * lib/krb5/mit_glue.c: first version of krb5_c encryption glue 886 887 * doc/install.texi: update pointer to luke ldap documentation 888 889 * lib/hdb/hdb.c (hdb_create): check for dynamic backend after 890 static to avoid warning from dynamic backend when using a known 891 static backend 892 | 884 885 * lib/krb5/mit_glue.c: first version of krb5_c encryption glue 886 887 * doc/install.texi: update pointer to luke ldap documentation 888 889 * lib/hdb/hdb.c (hdb_create): check for dynamic backend after 890 static to avoid warning from dynamic backend when using a known 891 static backend 892 |
8932003-07-16 Love H�rnquist �strand <lha@it.su.se> | 8932003-07-16 Love H��rnquist ��strand <lha@it.su.se> |
894 895 * lib/krb5/cache.c: don't return value in void function 896 | 894 895 * lib/krb5/cache.c: don't return value in void function 896 |
8972003-07-15 Love H�rnquist �strand <lha@it.su.se> | 8972003-07-15 Love H��rnquist ��strand <lha@it.su.se> |
898 899 * lib/krb5/creds.c (krb5_compare_creds): if client is specified in 900 the mcreds, check that too 901 902 * lib/krb5/{keytab_file.c,principal.c,mk_error.c,krb5.h,get_cred.c}: 903 prefix libasn1 types with heim_ 904 905 * lib/asn1: prefix typedefs and structs with heim_ 906 | 898 899 * lib/krb5/creds.c (krb5_compare_creds): if client is specified in 900 the mcreds, check that too 901 902 * lib/krb5/{keytab_file.c,principal.c,mk_error.c,krb5.h,get_cred.c}: 903 prefix libasn1 types with heim_ 904 905 * lib/asn1: prefix typedefs and structs with heim_ 906 |
9072003-07-13 Love H�rnquist �strand <lha@it.su.se> | 9072003-07-13 Love H��rnquist ��strand <lha@it.su.se> |
908 909 * lib/hdb/hdb.c: avoid unnecessary setting of variable 910 | 908 909 * lib/hdb/hdb.c: avoid unnecessary setting of variable 910 |
9112003-07-07 Love H�rnquist �strand <lha@it.su.se> | 9112003-07-07 Love H��rnquist ��strand <lha@it.su.se> |
912 913 * kuser/klist.c (check_for_tgt): use krb5_cc_clear_mcred 914 915 * appl/test/uu_client.c (proto): use krb5_cc_clear_mcred 916 917 * lib/krb5/get_cred.c (init_tgs_req): in case of error, don't free 918 in the req_body addresses since they where pass in by caller 919 (find_cred): use krb5_cc_clear_mcred 920 921 * lib/krb5/krb5_ccache.3: document krb5_cc_clear_mcred 922 923 * lib/krb5/cache.c (krb5_cc_clear_mcred): new function, clear a 924 krb5_creds to use with krb5_cc_retrieve_cred 925 | 912 913 * kuser/klist.c (check_for_tgt): use krb5_cc_clear_mcred 914 915 * appl/test/uu_client.c (proto): use krb5_cc_clear_mcred 916 917 * lib/krb5/get_cred.c (init_tgs_req): in case of error, don't free 918 in the req_body addresses since they where pass in by caller 919 (find_cred): use krb5_cc_clear_mcred 920 921 * lib/krb5/krb5_ccache.3: document krb5_cc_clear_mcred 922 923 * lib/krb5/cache.c (krb5_cc_clear_mcred): new function, clear a 924 krb5_creds to use with krb5_cc_retrieve_cred 925 |
9262003-06-30 Love H�rnquist �strand <lha@it.su.se> | 9262003-06-30 Love H��rnquist ��strand <lha@it.su.se> |
927 928 * lib/hdb/hdb.c (find_dynamic_method): if there isn't a prefix, 929 don't load anything 930 | 927 928 * lib/hdb/hdb.c (find_dynamic_method): if there isn't a prefix, 929 don't load anything 930 |
9312003-06-29 Love H�rnquist �strand <lha@it.su.se> | 9312003-06-29 Love H��rnquist ��strand <lha@it.su.se> |
932 933 * lib/hdb/hdb.c: Dynamic backend loading, based on patch from Luke 934 Howard <lukeh@PADL.COM> 935 936 * lib/hdb/hdb.h: add struct hdb_so_method and 937 HDB_INTERFACE_VERSION 938 | 932 933 * lib/hdb/hdb.c: Dynamic backend loading, based on patch from Luke 934 Howard <lukeh@PADL.COM> 935 936 * lib/hdb/hdb.h: add struct hdb_so_method and 937 HDB_INTERFACE_VERSION 938 |
9392003-06-28 Love H�rnquist �strand <lha@it.su.se> | 9392003-06-28 Love H��rnquist ��strand <lha@it.su.se> |
940 941 * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): when using 942 arcfour-hmac-md5, use an unkeyed checksum (rsa-md5), since 943 Microsoft calculates the keyed checksum with the subkey of the 944 authenticator. 945 946 * kuser/kinit.c: write out v4 credential caches with 947 _krb5_krb_tf_setup 948 949 * lib/krb5/krb5-v4compat.h: add _krb5_krb_tf_setup 950 951 * lib/krb5/convert_creds.c (_krb5_krb_tf_setup): create/append v4 952 credential to a new krb4 ticket file 953 9542003-06-27 Johan Danielsson <joda@pdc.kth.se> 955 956 * lib/krb5/krb5_kuserok.3: put Nd argument in double quotes since 957 it contains more than 9 words; from wiz 958 | 940 941 * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): when using 942 arcfour-hmac-md5, use an unkeyed checksum (rsa-md5), since 943 Microsoft calculates the keyed checksum with the subkey of the 944 authenticator. 945 946 * kuser/kinit.c: write out v4 credential caches with 947 _krb5_krb_tf_setup 948 949 * lib/krb5/krb5-v4compat.h: add _krb5_krb_tf_setup 950 951 * lib/krb5/convert_creds.c (_krb5_krb_tf_setup): create/append v4 952 credential to a new krb4 ticket file 953 9542003-06-27 Johan Danielsson <joda@pdc.kth.se> 955 956 * lib/krb5/krb5_kuserok.3: put Nd argument in double quotes since 957 it contains more than 9 words; from wiz 958 |
9592003-06-25 Love H�rnquist �strand <lha@it.su.se> | 9592003-06-25 Love H��rnquist ��strand <lha@it.su.se> |
960 961 * lib/krb5/verify_krb5_conf.c: add missing " within #if 0, from 962 stefan sokoll <stefansokoll@yahoo.de> 963 | 960 961 * lib/krb5/verify_krb5_conf.c: add missing " within #if 0, from 962 stefan sokoll <stefansokoll@yahoo.de> 963 |
9642003-06-24 Love H�rnquist �strand <lha@it.su.se> | 9642003-06-24 Love H��rnquist ��strand <lha@it.su.se> |
965 966 * lib/krb5/krb5_timeofday.3: improve krb5_set_real_time text 967 968 * lib/krb5/time.c: improve comment for krb5_set_real_time 969 9702003-06-23 Johan Danielsson <joda@pdc.kth.se> 971 972 * kuser/kinit.1: document -A 973 974 * kuser/kinit.c: add -A as an alias for --no-addresses 975 | 965 966 * lib/krb5/krb5_timeofday.3: improve krb5_set_real_time text 967 968 * lib/krb5/time.c: improve comment for krb5_set_real_time 969 9702003-06-23 Johan Danielsson <joda@pdc.kth.se> 971 972 * kuser/kinit.1: document -A 973 974 * kuser/kinit.c: add -A as an alias for --no-addresses 975 |
9762003-06-22 Love H�rnquist �strand <lha@it.su.se> | 9762003-06-22 Love H��rnquist ��strand <lha@it.su.se> |
977 978 * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): pass in a 979 krb5_timestamp to krb5_us_timeofday 980 981 * lib/krb5/mk_error.c (krb5_mk_error): pass in a krb5_timestamp to 982 krb5_us_timeofday 983 984 * lib/krb5/time.c (krb5_set_real_time): fix comment and make it 985 work 986 987 * lib/krb5/time.c, lib/krb5/krb5_timeofday.3, 988 lib/krb5/Makefile.am lib/krb5/test_time.c: 989 990 implement krb5_set_real_time, used by SAMBA, requested by Luke 991 Howard <lukeh@PADL.COM> 992 993 * lib/asn1/k5.asn1: make the aes and sha1 checksum types match 994 draft-ietf-krb-wg-crypto-05 995 | 977 978 * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): pass in a 979 krb5_timestamp to krb5_us_timeofday 980 981 * lib/krb5/mk_error.c (krb5_mk_error): pass in a krb5_timestamp to 982 krb5_us_timeofday 983 984 * lib/krb5/time.c (krb5_set_real_time): fix comment and make it 985 work 986 987 * lib/krb5/time.c, lib/krb5/krb5_timeofday.3, 988 lib/krb5/Makefile.am lib/krb5/test_time.c: 989 990 implement krb5_set_real_time, used by SAMBA, requested by Luke 991 Howard <lukeh@PADL.COM> 992 993 * lib/asn1/k5.asn1: make the aes and sha1 checksum types match 994 draft-ietf-krb-wg-crypto-05 995 |
9962003-06-21 Love H�rnquist �strand <lha@it.su.se> | 9962003-06-21 Love H��rnquist ��strand <lha@it.su.se> |
997 998 * lib/krb5/aes-test.c: add a test for aes kcrypto encrypted data 999 1000 * lib/krb5/crypto.c: clean up AES code to use a structure instead 1001 of a key array 1002 (_krb5_AES_string_to_default_iterator): set to 4096 as described in 1003 aes draft -04 1004 (derive_key): always remove the key->schedule since its 1005 will contain the wrong (parent key) info 1006 | 997 998 * lib/krb5/aes-test.c: add a test for aes kcrypto encrypted data 999 1000 * lib/krb5/crypto.c: clean up AES code to use a structure instead 1001 of a key array 1002 (_krb5_AES_string_to_default_iterator): set to 4096 as described in 1003 aes draft -04 1004 (derive_key): always remove the key->schedule since its 1005 will contain the wrong (parent key) info 1006 |
10072003-06-18 Love H�rnquist �strand <lha@it.su.se> | 10072003-06-18 Love H��rnquist ��strand <lha@it.su.se> |
1008 1009 * lib/krb5/aes-test.c: add aes256 test vectors from Ken Raeburn 1010 * doc/setup.texi: add more kdc's to the example 1011 | 1008 1009 * lib/krb5/aes-test.c: add aes256 test vectors from Ken Raeburn 1010 * doc/setup.texi: add more kdc's to the example 1011 |
10122003-06-17 Love H�rnquist �strand <lha@it.su.se> | 10122003-06-17 Love H��rnquist ��strand <lha@it.su.se> |
1013 1014 * lib/hdb/hdb-ldap.c: use int2HDBFlags/HDBFlags2int From: Alberto 1015 Patino <jalbertop@aranea.com.mx>, Luke Howard <lukeh@PADL.COM> 1016 Pointed out by Andrew Bartlett of Samba 1017 1018 * lib/krb5/heim_threads.h: remove freebsd comment, don't use debug 1019 pthread stubs by default 1020 1021 * lib/krb5/Makefile.am (man_MANS): drop krb5_free_addresses.3 1022 1023 * lib/krb5/krb5_free_addresses.3: removed file, functions are 1024 documented in krb5_address.3 1025 1026 * lib/krb5/codec.c: add krb5_{de,en}code_ETYPE_INFO2 1027 1028 * lib/krb5/crypto.c: add _krb5_AES_string_to_default_iterator add 1029 krb5_string_to_key_salt_opaque() fix keylengh for keytype_aes256 1030 | 1013 1014 * lib/hdb/hdb-ldap.c: use int2HDBFlags/HDBFlags2int From: Alberto 1015 Patino <jalbertop@aranea.com.mx>, Luke Howard <lukeh@PADL.COM> 1016 Pointed out by Andrew Bartlett of Samba 1017 1018 * lib/krb5/heim_threads.h: remove freebsd comment, don't use debug 1019 pthread stubs by default 1020 1021 * lib/krb5/Makefile.am (man_MANS): drop krb5_free_addresses.3 1022 1023 * lib/krb5/krb5_free_addresses.3: removed file, functions are 1024 documented in krb5_address.3 1025 1026 * lib/krb5/codec.c: add krb5_{de,en}code_ETYPE_INFO2 1027 1028 * lib/krb5/crypto.c: add _krb5_AES_string_to_default_iterator add 1029 krb5_string_to_key_salt_opaque() fix keylengh for keytype_aes256 1030 |
10312003-06-06 Love H�rnquist �strand <lha@it.su.se> | 10312003-06-06 Love H��rnquist ��strand <lha@it.su.se> |
1032 1033 * doc/setup.texi: Point out that slave needs /var/heimdal 1034 directory and masterkey From: Mans Nilsson <mansaxel@sunet.se>, 1035 Fix spelling while here 1036 | 1032 1033 * doc/setup.texi: Point out that slave needs /var/heimdal 1034 directory and masterkey From: Mans Nilsson <mansaxel@sunet.se>, 1035 Fix spelling while here 1036 |
10372003-06-02 Love H�rnquist �strand <lha@it.su.se> | 10372003-06-02 Love H��rnquist ��strand <lha@it.su.se> |
1038 1039 * lib/krb5/Makefile.am, krb5_get_in_cred.3, krb5.3: 1040 add manpage for: krb5_get_in_cred, krb5_get_in_tkt, 1041 krb5_get_in_tkt_with_keytab, krb5_get_in_tkt_with_password, 1042 krb5_get_in_tkt_with_skey 1043 10442003-05-28 Assar Westerlund <assar@kth.se> 1045 1046 * lib/krb5/heim_threads.h: Fix unlock/destroy macros for the 1047 non-threaded cases to work. Fix typo. 1048 10492003-05-27 Johan Danielsson <joda@pdc.kth.se> 1050 1051 * lib/asn1/{der_put.c,der_length.c,check-der.c}: Fix encoding of 1052 "unsigned" integers. If MSB is set, we need to pad with a zero 1053 byte. 1054 | 1038 1039 * lib/krb5/Makefile.am, krb5_get_in_cred.3, krb5.3: 1040 add manpage for: krb5_get_in_cred, krb5_get_in_tkt, 1041 krb5_get_in_tkt_with_keytab, krb5_get_in_tkt_with_password, 1042 krb5_get_in_tkt_with_skey 1043 10442003-05-28 Assar Westerlund <assar@kth.se> 1045 1046 * lib/krb5/heim_threads.h: Fix unlock/destroy macros for the 1047 non-threaded cases to work. Fix typo. 1048 10492003-05-27 Johan Danielsson <joda@pdc.kth.se> 1050 1051 * lib/asn1/{der_put.c,der_length.c,check-der.c}: Fix encoding of 1052 "unsigned" integers. If MSB is set, we need to pad with a zero 1053 byte. 1054 |
10552003-05-27 Love H�rnquist �strand <lha@it.su.se> | 10552003-05-27 Love H��rnquist ��strand <lha@it.su.se> |
1056 1057 * lib/krb5/krb5_c_make_checksum.3: some more mdoc fixes 1058 1059 * lib/hdb/hdb-ldap.c (LDAP__connect): bind sasl "EXTERNAL" to ldap 1060 connection 1061 (LDAP_store): remove superfluous argument to asprintf 1062 1063 From Alberto Patino <jalbertop@aranea.com.mx> 1064 | 1056 1057 * lib/krb5/krb5_c_make_checksum.3: some more mdoc fixes 1058 1059 * lib/hdb/hdb-ldap.c (LDAP__connect): bind sasl "EXTERNAL" to ldap 1060 connection 1061 (LDAP_store): remove superfluous argument to asprintf 1062 1063 From Alberto Patino <jalbertop@aranea.com.mx> 1064 |
10652003-05-26 Love H�rnquist �strand <lha@it.su.se> | 10652003-05-26 Love H��rnquist ��strand <lha@it.su.se> |
1066 1067 * lib/krb5/*.[0-9]: pacify mdoclink 1068 1069 * lib/krb5/krb5_ccache.3: document diffrences between mit and 1070 heimdal krb5_cc_gen_new ccache -> credential cache s/[\t ]+$// 1071 | 1066 1067 * lib/krb5/*.[0-9]: pacify mdoclink 1068 1069 * lib/krb5/krb5_ccache.3: document diffrences between mit and 1070 heimdal krb5_cc_gen_new ccache -> credential cache s/[\t ]+$// 1071 |
10722003-05-21 Love H�rnquist �strand <lha@it.su.se> | 10722003-05-21 Love H��rnquist ��strand <lha@it.su.se> |
1073 1074 * appl/test/gssapi_server.c (proto): start to use 1075 gss_krb5_copy_ccache 1076 1077 * appl/test/nt_gss_server.c (proto): comment out gss_ctx_id_t 1078 groveling for now 1079 | 1073 1074 * appl/test/gssapi_server.c (proto): start to use 1075 gss_krb5_copy_ccache 1076 1077 * appl/test/nt_gss_server.c (proto): comment out gss_ctx_id_t 1078 groveling for now 1079 |
10802003-05-20 Love H�rnquist �strand <lha@it.su.se> | 10802003-05-20 Love H��rnquist ��strand <lha@it.su.se> |
1081 1082 * lib/asn1: 1083 - add parser/generate glue for UTF8String and NULL 1084 (DER primitive encode/decode functions missing) 1085 - handle parsing of DEFAULT and, ... 1086 | 1081 1082 * lib/asn1: 1083 - add parser/generate glue for UTF8String and NULL 1084 (DER primitive encode/decode functions missing) 1085 - handle parsing of DEFAULT and, ... 1086 |
10872003-05-16 Love H�rnquist �strand <lha@it.su.se> | 10872003-05-16 Love H��rnquist ��strand <lha@it.su.se> |
1088 1089 * lib/krb5/heim_threads.h: add missing argument to mutex_init 1090 1091 * lib/krb5/crypto.c: protect the random initiator with a mutex 1092 1093 * lib/krb5/mcache.c: protect the mcc_head with a mutex 1094 1095 * lib/krb5/krb5_locl.h: include heim_threads.h 1096 1097 * lib/krb5/heim_threads.h: wrapper macros for thread 1098 synchronization primitives 1099 | 1088 1089 * lib/krb5/heim_threads.h: add missing argument to mutex_init 1090 1091 * lib/krb5/crypto.c: protect the random initiator with a mutex 1092 1093 * lib/krb5/mcache.c: protect the mcc_head with a mutex 1094 1095 * lib/krb5/krb5_locl.h: include heim_threads.h 1096 1097 * lib/krb5/heim_threads.h: wrapper macros for thread 1098 synchronization primitives 1099 |
11002003-05-15 Love H�rnquist �strand <lha@it.su.se> | 11002003-05-15 Love H��rnquist ��strand <lha@it.su.se> |
1101 1102 * lib/krb5/krb5_principal.3 1103 lib/krb5/Makefile.am: 1104 Add all Kerberos principal function to one manpage, add a few more 1105 principal function to it, remove old now dup manpages 1106 1107 * lib/krb5/krb5_build_principal.3: remove file 1108 * lib/krb5/krb5_free_principal.3: remove file 1109 * lib/krb5/krb5_sname_to_principal.3: remove file 1110 * lib/krb5/krb5_principal_get_realm.3: remove file 1111 | 1101 1102 * lib/krb5/krb5_principal.3 1103 lib/krb5/Makefile.am: 1104 Add all Kerberos principal function to one manpage, add a few more 1105 principal function to it, remove old now dup manpages 1106 1107 * lib/krb5/krb5_build_principal.3: remove file 1108 * lib/krb5/krb5_free_principal.3: remove file 1109 * lib/krb5/krb5_sname_to_principal.3: remove file 1110 * lib/krb5/krb5_principal_get_realm.3: remove file 1111 |
11122003-05-14 Love H�rnquist �strand <lha@it.su.se> | 11122003-05-14 Love H��rnquist ��strand <lha@it.su.se> |
1113 1114 * lib/krb5/verify_krb5_conf.8: sort sections, from netbsd 1115 1116 * lib/krb5/krb5_verify_user.3: .Sh EXAMPLE -> .Sh EXAMPLES, from 1117 netbsd 1118 1119 * lib/krb5/krb5_openlog.3: .Sh EXAMPLE -> .Sh EXAMPLES, sort 1120 sections, from netbsd --- 22 unchanged lines hidden (view full) --- 1143 * kdc/hprop.8: fix mdoc problem, from netbsd 1144 1145 * lib/krb5/krb5_krbhst_init.3: uppercase url, from Thomas Klausner 1146 <wiz@netbsd.org> 1147 1148 * kuser/kinit.1: setup -> set up, new sentence, new line from 1149 Thomas Klausner <wiz@netbsd.org> 1150 | 1113 1114 * lib/krb5/verify_krb5_conf.8: sort sections, from netbsd 1115 1116 * lib/krb5/krb5_verify_user.3: .Sh EXAMPLE -> .Sh EXAMPLES, from 1117 netbsd 1118 1119 * lib/krb5/krb5_openlog.3: .Sh EXAMPLE -> .Sh EXAMPLES, sort 1120 sections, from netbsd --- 22 unchanged lines hidden (view full) --- 1143 * kdc/hprop.8: fix mdoc problem, from netbsd 1144 1145 * lib/krb5/krb5_krbhst_init.3: uppercase url, from Thomas Klausner 1146 <wiz@netbsd.org> 1147 1148 * kuser/kinit.1: setup -> set up, new sentence, new line from 1149 Thomas Klausner <wiz@netbsd.org> 1150 |
11512003-05-13 Love H�rnquist �strand <lha@it.su.se> | 11512003-05-13 Love H��rnquist ��strand <lha@it.su.se> |
1152 1153 * kpasswd/kpasswd.1: handle setting passwords for multiple 1154 principals at the same time 1155 1156 * kpasswd/kpasswd.c: handle setting passwords for multiple 1157 principals at the same time 1158 1159 * lib/krb5/changepw.c: draft-ietf-cat-kerb-chg-password-02 and 1160 rfc3244 share the response packet sure more constants now that 1161 they exists 1162 | 1152 1153 * kpasswd/kpasswd.1: handle setting passwords for multiple 1154 principals at the same time 1155 1156 * kpasswd/kpasswd.c: handle setting passwords for multiple 1157 principals at the same time 1158 1159 * lib/krb5/changepw.c: draft-ietf-cat-kerb-chg-password-02 and 1160 rfc3244 share the response packet sure more constants now that 1161 they exists 1162 |
11632003-05-12 Love H�rnquist �strand <lha@it.su.se> | 11632003-05-12 Love H��rnquist ��strand <lha@it.su.se> |
1164 1165 * lib/krb5/krb5.h: some define for rfc3244 1166 1167 * lib/krb5/krb5.3: add krb5_change_password and krb5_set_password 1168 1169 * kpasswd/kpasswd.1: document --admin-principal 1170 1171 * kpasswd/kpasswd.c: use krb5_set_password --- 5 unchanged lines hidden (view full) --- 1177 shadow@dementia.org 1178 1179 * lib/asn1/Makefile.am (gen_files): asn1_ChangePasswdDataMS.x for 1180 RFC3244 1181 1182 * lib/asn1/k5.asn1: add ChangePasswdDataMS, for 1183 RFC3244 1184 | 1164 1165 * lib/krb5/krb5.h: some define for rfc3244 1166 1167 * lib/krb5/krb5.3: add krb5_change_password and krb5_set_password 1168 1169 * kpasswd/kpasswd.1: document --admin-principal 1170 1171 * kpasswd/kpasswd.c: use krb5_set_password --- 5 unchanged lines hidden (view full) --- 1177 shadow@dementia.org 1178 1179 * lib/asn1/Makefile.am (gen_files): asn1_ChangePasswdDataMS.x for 1180 RFC3244 1181 1182 * lib/asn1/k5.asn1: add ChangePasswdDataMS, for 1183 RFC3244 1184 |
11852003-05-08 Love H�rnquist �strand <lha@it.su.se> | 11852003-05-08 Love H��rnquist ��strand <lha@it.su.se> |
1186 1187 * kuser/kdestroy.c: destroy tokens even if there isn't v4 support 1188 1189 * kuser/kinit.c: get token even if there isn't v4 support 1190 1191 * kuser/klist.c: print tokens even if there isn't v4 support 1192 11932003-05-06 Johan Danielsson <joda@pdc.kth.se> 1194 1195 * lib/krb5/name-45-test.c: need to use empty krb5.conf for some 1196 tests 1197 1198 * lib/asn1/check-gen.c: there is no \e escape sequence; replace 1199 everything with hex-codes, and cast to unsigned char* to make some 1200 compilers happy 1201 | 1186 1187 * kuser/kdestroy.c: destroy tokens even if there isn't v4 support 1188 1189 * kuser/kinit.c: get token even if there isn't v4 support 1190 1191 * kuser/klist.c: print tokens even if there isn't v4 support 1192 11932003-05-06 Johan Danielsson <joda@pdc.kth.se> 1194 1195 * lib/krb5/name-45-test.c: need to use empty krb5.conf for some 1196 tests 1197 1198 * lib/asn1/check-gen.c: there is no \e escape sequence; replace 1199 everything with hex-codes, and cast to unsigned char* to make some 1200 compilers happy 1201 |
12022003-05-06 Love H�rnquist �strand <lha@it.su.se> | 12022003-05-06 Love H��rnquist ��strand <lha@it.su.se> |
1203 1204 * lib/krb5/get_in_tkt.c (make_pa_enc_timestamp): make sure first 1205 argument to krb5_us_timeofday have correct type 1206 12072003-05-05 Assar Westerlund <assar@kth.se> 1208 1209 * include/make_crypto.c (main): include aes.h if ENABLE_AES 1210 | 1203 1204 * lib/krb5/get_in_tkt.c (make_pa_enc_timestamp): make sure first 1205 argument to krb5_us_timeofday have correct type 1206 12072003-05-05 Assar Westerlund <assar@kth.se> 1208 1209 * include/make_crypto.c (main): include aes.h if ENABLE_AES 1210 |
12112003-05-05 Love H�rnquist �strand <lha@it.su.se> | 12112003-05-05 Love H��rnquist ��strand <lha@it.su.se> |
1212 1213 * make-release: when fixing a valid cvs tag from release name 1214 replace all number. to number- for all non-overlapping matches 1215 | 1212 1213 * make-release: when fixing a valid cvs tag from release name 1214 replace all number. to number- for all non-overlapping matches 1215 |
12162003-05-04 Love H�rnquist �strand <lha@it.su.se> | 12162003-05-04 Love H��rnquist ��strand <lha@it.su.se> |
1217 1218 * lib/asn1/Makefile.am: gen_files += asn1_ETYPE_INFO2.x and 1219 asn1_ETYPE_INFO2_ENTRY.x 1220 (libasn1_la_LDFLAGS): set version to 6:1:1 1221 1222 * doc/Makefile.am: add apps.texi 1223 1224 * doc/setup.texi: add move forward link to applications 1225 1226 * doc/heimdal.texi: add applications 1227 1228 * doc/misc.texi: move afs stuff to applications add link to 1229 applications 1230 1231 * doc/apps.texi: text about applications using kerberos 1232 move afs text here 1233 | 1217 1218 * lib/asn1/Makefile.am: gen_files += asn1_ETYPE_INFO2.x and 1219 asn1_ETYPE_INFO2_ENTRY.x 1220 (libasn1_la_LDFLAGS): set version to 6:1:1 1221 1222 * doc/Makefile.am: add apps.texi 1223 1224 * doc/setup.texi: add move forward link to applications 1225 1226 * doc/heimdal.texi: add applications 1227 1228 * doc/misc.texi: move afs stuff to applications add link to 1229 applications 1230 1231 * doc/apps.texi: text about applications using kerberos 1232 move afs text here 1233 |
12342003-05-03 Love H�rnquist �strand <lha@it.su.se> | 12342003-05-03 Love H��rnquist ��strand <lha@it.su.se> |
1235 1236 * doc/setup.texi: add cross realm text 1237 | 1235 1236 * doc/setup.texi: add cross realm text 1237 |
12382003-04-29 Love H�rnquist �strand <lha@it.su.se> | 12382003-04-29 Love H��rnquist ��strand <lha@it.su.se> |
1239 1240 * lib/krb5/krb5_crypto_init.3: document krb5_enctype_to_string and 1241 krb5_string_to_enctype 1242 | 1239 1240 * lib/krb5/krb5_crypto_init.3: document krb5_enctype_to_string and 1241 krb5_string_to_enctype 1242 |
12432003-04-28 Love H�rnquist �strand <lha@it.su.se> | 12432003-04-28 Love H��rnquist ��strand <lha@it.su.se> |
1244 1245 * kdc/v4_dump.c (v4_prop_dump): limit strings length, from openbsd 1246 | 1244 1245 * kdc/v4_dump.c (v4_prop_dump): limit strings length, from openbsd 1246 |
12472003-04-26 Love H�rnquist �strand <lha@it.su.se> | 12472003-04-26 Love H��rnquist ��strand <lha@it.su.se> |
1248 1249 * lib/krb5/aes-test.c: use _krb5_PKCS5_PBKDF2 1250 * lib/krb5/crypto.c: unexport krb5_PKCS5_PBKDF2 1251 12522003-04-25 Johan Danielsson <joda@pdc.kth.se> 1253 1254 * lib/krb5/build_auth.c (krb5_build_authenticator): if the local 1255 sequence number is non-zero, don't generate a new one --- 6 unchanged lines hidden (view full) --- 1262 1263 * lib/krb5/mk_priv.c lib/krb5/mk_safe.c lib/krb5/rd_priv.c 1264 lib/krb5/rd_safe.c lib/krb5/rd_cred.c: implement RET_SEQUENCE and 1265 RET_TIME 1266 1267 * lib/krb5/krb5.h (krb5_replay_data): make usec signed (matching 1268 asn1) 1269 | 1248 1249 * lib/krb5/aes-test.c: use _krb5_PKCS5_PBKDF2 1250 * lib/krb5/crypto.c: unexport krb5_PKCS5_PBKDF2 1251 12522003-04-25 Johan Danielsson <joda@pdc.kth.se> 1253 1254 * lib/krb5/build_auth.c (krb5_build_authenticator): if the local 1255 sequence number is non-zero, don't generate a new one --- 6 unchanged lines hidden (view full) --- 1262 1263 * lib/krb5/mk_priv.c lib/krb5/mk_safe.c lib/krb5/rd_priv.c 1264 lib/krb5/rd_safe.c lib/krb5/rd_cred.c: implement RET_SEQUENCE and 1265 RET_TIME 1266 1267 * lib/krb5/krb5.h (krb5_replay_data): make usec signed (matching 1268 asn1) 1269 |
12702003-04-24 Love H�rnquist �strand <lha@it.su.se> | 12702003-04-24 Love H��rnquist ��strand <lha@it.su.se> |
1271 1272 * doc/programming.texi: s/managment/management/, from jmc 1273 <jmc@prioris.mini.pw.edu.pl> 1274 | 1271 1272 * doc/programming.texi: s/managment/management/, from jmc 1273 <jmc@prioris.mini.pw.edu.pl> 1274 |
12752003-04-23 Love H�rnquist �strand <lha@it.su.se> | 12752003-04-23 Love H��rnquist ��strand <lha@it.su.se> |
1276 1277 * lib/krb5/context.c (default_etypes): also advertise that we 1278 handle aes encryption types 1279 1280 * lib/krb5/Makefile.am: add krb5_c_ checksum related functions 1281 1282 * lib/krb5/krb5_c_make_checksum.3: document krb5_c_ checksum 1283 related functions 1284 1285 * lib/krb5/mit_glue.c: add compat mit krb5_c checksum related 1286 functions 1287 1288 * lib/asn1/k5.asn1: add ETYPE-INFO2 and ETYPE-INFO2-ENTRY 1289 | 1276 1277 * lib/krb5/context.c (default_etypes): also advertise that we 1278 handle aes encryption types 1279 1280 * lib/krb5/Makefile.am: add krb5_c_ checksum related functions 1281 1282 * lib/krb5/krb5_c_make_checksum.3: document krb5_c_ checksum 1283 related functions 1284 1285 * lib/krb5/mit_glue.c: add compat mit krb5_c checksum related 1286 functions 1287 1288 * lib/asn1/k5.asn1: add ETYPE-INFO2 and ETYPE-INFO2-ENTRY 1289 |
12902003-04-22 Love H�rnquist �strand <lha@it.su.se> | 12902003-04-22 Love H��rnquist ��strand <lha@it.su.se> |
1291 1292 * lib/krb5/krbhst.c: copy NUL too, from janj@wenf.org via openbsd 1293 | 1291 1292 * lib/krb5/krbhst.c: copy NUL too, from janj@wenf.org via openbsd 1293 |
12942003-04-17 Love H�rnquist �strand <lha@it.su.se> | 12942003-04-17 Love H��rnquist ��strand <lha@it.su.se> |
1295 1296 * lib/asn1/der_copy.c (copy_general_string): use strdup 1297 * lib/asn1/der_put.c: remove sprintf 1298 * lib/asn1/gen.c: remove strcpy/sprintf 1299 1300 * lib/krb5/name-45-test.c: use a more unique name then ratatosk so 1301 that other (me) have such hosts in the local domain and the tests 1302 fails, to take hokkigai.pdc.kth.se instead 1303 1304 * lib/krb5/test_alname.c: add --version and --help 1305 | 1295 1296 * lib/asn1/der_copy.c (copy_general_string): use strdup 1297 * lib/asn1/der_put.c: remove sprintf 1298 * lib/asn1/gen.c: remove strcpy/sprintf 1299 1300 * lib/krb5/name-45-test.c: use a more unique name then ratatosk so 1301 that other (me) have such hosts in the local domain and the tests 1302 fails, to take hokkigai.pdc.kth.se instead 1303 1304 * lib/krb5/test_alname.c: add --version and --help 1305 |
13062003-04-16 Love H�rnquist �strand <lha@it.su.se> | 13062003-04-16 Love H��rnquist ��strand <lha@it.su.se> |
1307 1308 * lib/krb5/krb5_warn.3: add krb5_get_err_text 1309 1310 * lib/krb5/transited.c: use strlcat/strlcpy, from openbsd 1311 * lib/krb5/krbhst.c (srv_find_realm): use strlcpy, from openbsd 1312 * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): use 1313 strlcpy, from openbsd 1314 * kdc/hpropd.c: s/strcat/strlcat/, inspired from openbsd 1315 * appl/kf/kfd.c: use strlcpy, from openbsd 1316 13172003-04-16 Johan Danielsson <joda@pdc.kth.se> 1318 1319 * configure.in: fix for large file support in AIX, _LARGE_FILES 1320 needs to be defined on the command line, since lex likes to 1321 include stdio.h before we get to config.h 1322 | 1307 1308 * lib/krb5/krb5_warn.3: add krb5_get_err_text 1309 1310 * lib/krb5/transited.c: use strlcat/strlcpy, from openbsd 1311 * lib/krb5/krbhst.c (srv_find_realm): use strlcpy, from openbsd 1312 * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): use 1313 strlcpy, from openbsd 1314 * kdc/hpropd.c: s/strcat/strlcat/, inspired from openbsd 1315 * appl/kf/kfd.c: use strlcpy, from openbsd 1316 13172003-04-16 Johan Danielsson <joda@pdc.kth.se> 1318 1319 * configure.in: fix for large file support in AIX, _LARGE_FILES 1320 needs to be defined on the command line, since lex likes to 1321 include stdio.h before we get to config.h 1322 |
13232003-04-16 Love H�rnquist �strand <lha@it.su.se> | 13232003-04-16 Love H��rnquist ��strand <lha@it.su.se> |
1324 1325 * lib/krb5/*.3: Change .Fd #include <header.h> to .In header.h, 1326 from Thomas Klausner <wiz@netbsd.org> 1327 1328 * lib/krb5/krb5.conf.5: spelling, from Thomas Klausner 1329 <wiz@netbsd.org> 1330 | 1324 1325 * lib/krb5/*.3: Change .Fd #include <header.h> to .In header.h, 1326 from Thomas Klausner <wiz@netbsd.org> 1327 1328 * lib/krb5/krb5.conf.5: spelling, from Thomas Klausner 1329 <wiz@netbsd.org> 1330 |
13312003-04-15 Love H�rnquist �strand <lha@it.su.se> | 13312003-04-15 Love H��rnquist ��strand <lha@it.su.se> |
1332 1333 * kdc/kerberos5.c: fix some more memory leaks 1334 | 1332 1333 * kdc/kerberos5.c: fix some more memory leaks 1334 |
13352003-04-11 Love H�rnquist �strand <lha@it.su.se> | 13352003-04-11 Love H��rnquist ��strand <lha@it.su.se> |
1336 1337 * appl/kf/kf.1: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 1338 | 1336 1337 * appl/kf/kf.1: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 1338 |
13392003-04-08 Love H�rnquist �strand <lha@it.su.se> | 13392003-04-08 Love H��rnquist ��strand <lha@it.su.se> |
1340 1341 * admin/ktutil.8: typos, from jmc <jmc@acn.waw.pl> 1342 | 1340 1341 * admin/ktutil.8: typos, from jmc <jmc@acn.waw.pl> 1342 |
13432003-04-06 Love H�rnquist �strand <lha@it.su.se> | 13432003-04-06 Love H��rnquist ��strand <lha@it.su.se> |
1344 1345 * lib/krb5/krb5.3: s/kerberos/Kerberos/ 1346 * lib/krb5/krb5_data.3: s/kerberos/Kerberos/ 1347 * lib/krb5/krb5_address.3: s/kerberos/Kerberos/ 1348 * lib/krb5/krb5_ccache.3: s/kerberos/Kerberos/ 1349 * lib/krb5/krb5.conf.5: s/kerberos/Kerberos/ 1350 * kuser/kinit.1: s/kerberos/Kerberos/ 1351 * kdc/kdc.8: s/kerberos/Kerberos/ 1352 | 1344 1345 * lib/krb5/krb5.3: s/kerberos/Kerberos/ 1346 * lib/krb5/krb5_data.3: s/kerberos/Kerberos/ 1347 * lib/krb5/krb5_address.3: s/kerberos/Kerberos/ 1348 * lib/krb5/krb5_ccache.3: s/kerberos/Kerberos/ 1349 * lib/krb5/krb5.conf.5: s/kerberos/Kerberos/ 1350 * kuser/kinit.1: s/kerberos/Kerberos/ 1351 * kdc/kdc.8: s/kerberos/Kerberos/ 1352 |
13532003-04-01 Love H�rnquist �strand <lha@it.su.se> | 13532003-04-01 Love H��rnquist ��strand <lha@it.su.se> |
1354 1355 * lib/krb5/test_alname.c: more krb5_aname_to_localname tests 1356 1357 * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): when 1358 converting too root, make sure user is ok according to 1359 krb5_kuserok before allowing it. 1360 1361 * lib/krb5/Makefile.am (noinst_PROGRAMS): += test_alname --- 5 unchanged lines hidden (view full) --- 1367 1999. Problems occur with crypt() that behaves like AT&T crypt 1368 (openssl does this). Pointed out by Marcus Watts. 1369 1370 * admin/change.c (kt_change): collect all principals we are going 1371 to change, and pick the highest kvno and use that to guess what 1372 kvno the resulting kvno is going to be. Now two ktutil change in a 1373 row works. XXX fix the protocol to pass the kvno back. 1374 | 1354 1355 * lib/krb5/test_alname.c: more krb5_aname_to_localname tests 1356 1357 * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): when 1358 converting too root, make sure user is ok according to 1359 krb5_kuserok before allowing it. 1360 1361 * lib/krb5/Makefile.am (noinst_PROGRAMS): += test_alname --- 5 unchanged lines hidden (view full) --- 1367 1999. Problems occur with crypt() that behaves like AT&T crypt 1368 (openssl does this). Pointed out by Marcus Watts. 1369 1370 * admin/change.c (kt_change): collect all principals we are going 1371 to change, and pick the highest kvno and use that to guess what 1372 kvno the resulting kvno is going to be. Now two ktutil change in a 1373 row works. XXX fix the protocol to pass the kvno back. 1374 |
13752003-03-31 Love H�rnquist �strand <lha@it.su.se> | 13752003-03-31 Love H��rnquist ��strand <lha@it.su.se> |
1376 1377 * appl/kf/kf.1: afs->AFS, from jmc <jmc@acn.waw.pl> 1378 | 1376 1377 * appl/kf/kf.1: afs->AFS, from jmc <jmc@acn.waw.pl> 1378 |
13792003-03-30 Love H�rnquist �strand <lha@it.su.se> | 13792003-03-30 Love H��rnquist ��strand <lha@it.su.se> |
1380 1381 * doc/setup.texi: add description on how to turn on v4, 524 and 1382 kaserver support 1383 | 1380 1381 * doc/setup.texi: add description on how to turn on v4, 524 and 1382 kaserver support 1383 |
13842003-03-29 Love H�rnquist �strand <lha@it.su.se> | 13842003-03-29 Love H��rnquist ��strand <lha@it.su.se> |
1385 1386 * lib/krb5/verify_krb5_conf.c (appdefaults_entries): add afslog 1387 and afs-use-524 1388 | 1385 1386 * lib/krb5/verify_krb5_conf.c (appdefaults_entries): add afslog 1387 and afs-use-524 1388 |
13892003-03-28 Love H�rnquist �strand <lha@it.su.se> | 13892003-03-28 Love H��rnquist ��strand <lha@it.su.se> |
1390 1391 * kdc/kerberos5.c (as_rep): when the second enctype_to_string 1392 failes, remember to free memory from the first enctype_to_string 1393 1394 * lib/krb5/crypto.c (usage2arcfour): map KRB5_KU_TICKET to 2, 1395 from Harald Joerg <harald.joerg@fujitsu-siemens.com> 1396 (enctype_arcfour_hmac_md5): disable checksum_hmac_md5_enc 1397 1398 * lib/hdb/mkey.c (hdb_unseal_keys_mkey): truncate key to the key 1399 length when key is longer then expected length, its probably 1400 longer since the encrypted data was padded, reported by Aidan 1401 Cully <aidan@kublai.com> 1402 1403 * lib/krb5/crypto.c (krb5_enctype_keysize): return key size of 1404 encyption type, inspired by Aidan Cully <aidan@kublai.com> 1405 | 1390 1391 * kdc/kerberos5.c (as_rep): when the second enctype_to_string 1392 failes, remember to free memory from the first enctype_to_string 1393 1394 * lib/krb5/crypto.c (usage2arcfour): map KRB5_KU_TICKET to 2, 1395 from Harald Joerg <harald.joerg@fujitsu-siemens.com> 1396 (enctype_arcfour_hmac_md5): disable checksum_hmac_md5_enc 1397 1398 * lib/hdb/mkey.c (hdb_unseal_keys_mkey): truncate key to the key 1399 length when key is longer then expected length, its probably 1400 longer since the encrypted data was padded, reported by Aidan 1401 Cully <aidan@kublai.com> 1402 1403 * lib/krb5/crypto.c (krb5_enctype_keysize): return key size of 1404 encyption type, inspired by Aidan Cully <aidan@kublai.com> 1405 |
14062003-03-27 Love H�rnquist �strand <lha@it.su.se> | 14062003-03-27 Love H��rnquist ��strand <lha@it.su.se> |
1407 1408 * lib/krb5/keytab.c (krb5_kt_get_entry): avoid printing 0 1409 (wildcard kvno) after principal when the keytab entry isn't found, 1410 reported by Chris Chiappa <chris@chiappa.net> 1411 | 1407 1408 * lib/krb5/keytab.c (krb5_kt_get_entry): avoid printing 0 1409 (wildcard kvno) after principal when the keytab entry isn't found, 1410 reported by Chris Chiappa <chris@chiappa.net> 1411 |
14122003-03-26 Love H�rnquist �strand <lha@it.su.se> | 14122003-03-26 Love H��rnquist ��strand <lha@it.su.se> |
1413 1414 * doc/misc.texi: update 2b example to match reality (from 1415 mattiasa@e.kth.se) 1416 1417 * doc/misc.texi: spelling and add `Configuring AFS clients' 1418 subsection 1419 | 1413 1414 * doc/misc.texi: update 2b example to match reality (from 1415 mattiasa@e.kth.se) 1416 1417 * doc/misc.texi: spelling and add `Configuring AFS clients' 1418 subsection 1419 |
14202003-03-25 Love H�rnquist �strand <lha@it.su.se> | 14202003-03-25 Love H��rnquist ��strand <lha@it.su.se> |
1421 1422 * lib/krb5/krb5.3: add krb5_free_data_contents.3 1423 1424 * lib/krb5/data.c: add krb5_free_data_contents for compat with MIT 1425 API 1426 1427 * lib/krb5/krb5_data.3: add krb5_free_data_contents for compat 1428 with MIT API --- 4 unchanged lines hidden (view full) --- 14332003-03-25 Johan Danielsson <joda@pdc.kth.se> 1434 1435 * lib/krb5/addr_families.c (krb5_print_address): make sure 1436 print_addr is defined for the given address type; make addrports 1437 printable 1438 1439 * kdc/string2key.c: print the used enctype for kerberos 5 keys 1440 | 1421 1422 * lib/krb5/krb5.3: add krb5_free_data_contents.3 1423 1424 * lib/krb5/data.c: add krb5_free_data_contents for compat with MIT 1425 API 1426 1427 * lib/krb5/krb5_data.3: add krb5_free_data_contents for compat 1428 with MIT API --- 4 unchanged lines hidden (view full) --- 14332003-03-25 Johan Danielsson <joda@pdc.kth.se> 1434 1435 * lib/krb5/addr_families.c (krb5_print_address): make sure 1436 print_addr is defined for the given address type; make addrports 1437 printable 1438 1439 * kdc/string2key.c: print the used enctype for kerberos 5 keys 1440 |
14412003-03-25 Love H�rnquist �strand <lha@it.su.se> | 14412003-03-25 Love H��rnquist ��strand <lha@it.su.se> |
1442 1443 * lib/krb5/aes-test.c: add another arcfour test 1444 | 1442 1443 * lib/krb5/aes-test.c: add another arcfour test 1444 |
14452003-03-22 Love H�rnquist �strand <lha@it.su.se> | 14452003-03-22 Love H��rnquist ��strand <lha@it.su.se> |
1446 1447 * lib/krb5/aes-test.c: sneek in a test for arcfour-hmac-md5 1448 | 1446 1447 * lib/krb5/aes-test.c: sneek in a test for arcfour-hmac-md5 1448 |
14492003-03-20 Love H�rnquist �strand <lha@it.su.se> | 14492003-03-20 Love H��rnquist ��strand <lha@it.su.se> |
1450 1451 * lib/krb5/krb5_ccache.3: update .Dd 1452 1453 * lib/krb5/krb5.3: sort in krb5_data functions 1454 1455 * lib/krb5/Makefile.am (man_MANS): += krb5_data.3 1456 1457 * lib/krb5/krb5_data.3: document krb5_data 1458 1459 * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): if 1460 prompter is NULL, don't try to ask for a password to 1461 change. reported by Iain Moffat @ ufl.edu via Howard Chu 1462 <hyc@highlandsun.com> 1463 | 1450 1451 * lib/krb5/krb5_ccache.3: update .Dd 1452 1453 * lib/krb5/krb5.3: sort in krb5_data functions 1454 1455 * lib/krb5/Makefile.am (man_MANS): += krb5_data.3 1456 1457 * lib/krb5/krb5_data.3: document krb5_data 1458 1459 * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): if 1460 prompter is NULL, don't try to ask for a password to 1461 change. reported by Iain Moffat @ ufl.edu via Howard Chu 1462 <hyc@highlandsun.com> 1463 |
14642003-03-19 Love H�rnquist �strand <lha@it.su.se> | 14642003-03-19 Love H��rnquist ��strand <lha@it.su.se> |
1465 1466 * lib/krb5/krb5_keytab.3: spelling, from 1467 <jmc@prioris.mini.pw.edu.pl> 1468 1469 * lib/krb5/krb5.conf.5: . means new line 1470 1471 * lib/krb5/krb5.conf.5: spelling, from 1472 <jmc@prioris.mini.pw.edu.pl> 1473 1474 * lib/krb5/krb5_auth_context.3: spelling, from 1475 <jmc@prioris.mini.pw.edu.pl> 1476 | 1465 1466 * lib/krb5/krb5_keytab.3: spelling, from 1467 <jmc@prioris.mini.pw.edu.pl> 1468 1469 * lib/krb5/krb5.conf.5: . means new line 1470 1471 * lib/krb5/krb5.conf.5: spelling, from 1472 <jmc@prioris.mini.pw.edu.pl> 1473 1474 * lib/krb5/krb5_auth_context.3: spelling, from 1475 <jmc@prioris.mini.pw.edu.pl> 1476 |
14772003-03-18 Love H�rnquist �strand <lha@it.su.se> | 14772003-03-18 Love H��rnquist ��strand <lha@it.su.se> |
1478 1479 * kuser/Makefile.am: INCLUDES: -I$(srcdir)/../lib/krb5 1480 1481 * lib/krb5/convert_creds.c: add _krb5_krb_life_to_time 1482 1483 * lib/krb5/krb5-v4compat.h: add _krb5_krb_life_to_time 1484 1485 * kdc/kdc_locl.h: 524 is independent of kerberos 4, so move out --- 7 unchanged lines hidden (view full) --- 1493 * kdc/kdc.8: document --kerberos4-cross-realm 1494 * kdc/kerberos4.c: pay attention to enable_v4_cross_realm 1495 * kdc/kdc_locl.h (enable_v4_cross_realm): add 1496 * kdc/524.c (encode_524_response): check the enable_v4_cross_realm 1497 flag before giving out v4 tickets for foreign v5 principals 1498 * kdc/config.c: add --enable-kerberos4-cross-realm option (default 1499 to off) 1500 | 1478 1479 * kuser/Makefile.am: INCLUDES: -I$(srcdir)/../lib/krb5 1480 1481 * lib/krb5/convert_creds.c: add _krb5_krb_life_to_time 1482 1483 * lib/krb5/krb5-v4compat.h: add _krb5_krb_life_to_time 1484 1485 * kdc/kdc_locl.h: 524 is independent of kerberos 4, so move out --- 7 unchanged lines hidden (view full) --- 1493 * kdc/kdc.8: document --kerberos4-cross-realm 1494 * kdc/kerberos4.c: pay attention to enable_v4_cross_realm 1495 * kdc/kdc_locl.h (enable_v4_cross_realm): add 1496 * kdc/524.c (encode_524_response): check the enable_v4_cross_realm 1497 flag before giving out v4 tickets for foreign v5 principals 1498 * kdc/config.c: add --enable-kerberos4-cross-realm option (default 1499 to off) 1500 |
15012003-03-17 Love H�rnquist �strand <lha@it.su.se> | 15012003-03-17 Love H��rnquist ��strand <lha@it.su.se> |
1502 1503 * lib/krb5/Makefile.am (man_MANS) += krb5_aname_to_localname.3 1504 1505 * lib/krb5/krb5_aname_to_localname.3: manpage for 1506 krb5_aname_to_localname 1507 1508 * lib/krb5/krb5_kuserok.3: s/KRB5_USEROK/KRB5_KUSEROK/ 1509 | 1502 1503 * lib/krb5/Makefile.am (man_MANS) += krb5_aname_to_localname.3 1504 1505 * lib/krb5/krb5_aname_to_localname.3: manpage for 1506 krb5_aname_to_localname 1507 1508 * lib/krb5/krb5_kuserok.3: s/KRB5_USEROK/KRB5_KUSEROK/ 1509 |
15102003-03-16 Love H�rnquist �strand <lha@it.su.se> | 15102003-03-16 Love H��rnquist ��strand <lha@it.su.se> |
1511 1512 * lib/krb5/Makefile.am (man_MANS): add krb5_set_default_realm.3 1513 1514 * lib/krb5/krb5.3: add manpages from krb5_set_default_realm.3 1515 1516 * lib/krb5/krb5_set_default_realm.3: Manpage for 1517 krb5_free_host_realm, krb5_get_default_realm, 1518 krb5_get_default_realms, krb5_get_host_realm, and --- 9 unchanged lines hidden (view full) --- 1528 * lib/krb5/krb5.h (KRB5_KT_PREFIX_MAX_LEN): max length of prefix 1529 1530 * lib/krb5/krb5_ccache.3: document krb5_cc_get_ops, add more 1531 types, add krb5_fcc_ops and krb5_mcc_ops 1532 1533 * lib/krb5/cache.c (krb5_cc_get_ops): new function, return ops for 1534 a id 1535 | 1511 1512 * lib/krb5/Makefile.am (man_MANS): add krb5_set_default_realm.3 1513 1514 * lib/krb5/krb5.3: add manpages from krb5_set_default_realm.3 1515 1516 * lib/krb5/krb5_set_default_realm.3: Manpage for 1517 krb5_free_host_realm, krb5_get_default_realm, 1518 krb5_get_default_realms, krb5_get_host_realm, and --- 9 unchanged lines hidden (view full) --- 1528 * lib/krb5/krb5.h (KRB5_KT_PREFIX_MAX_LEN): max length of prefix 1529 1530 * lib/krb5/krb5_ccache.3: document krb5_cc_get_ops, add more 1531 types, add krb5_fcc_ops and krb5_mcc_ops 1532 1533 * lib/krb5/cache.c (krb5_cc_get_ops): new function, return ops for 1534 a id 1535 |
15362003-03-15 Love H�rnquist �strand <lha@it.su.se> | 15362003-03-15 Love H��rnquist ��strand <lha@it.su.se> |
1537 1538 * doc/intro.texi: add reference to source code, binaries and the 1539 manual 1540 1541 * lib/krb5/krb5.3: krb5.h isn't in krb5 directory in heimdal 1542 | 1537 1538 * doc/intro.texi: add reference to source code, binaries and the 1539 manual 1540 1541 * lib/krb5/krb5.3: krb5.h isn't in krb5 directory in heimdal 1542 |
15432003-03-14 Love H�rnquist �strand <lha@it.su.se> | 15432003-03-14 Love H��rnquist ��strand <lha@it.su.se> |
1544 1545 * kdc/kdc.8: better/difrent english 1546 1547 * kdc/kdc.8: . -> .\n, copyright/license 1548 1549 * kdc/kdc.8: changed configuration file -> restart kdc 1550 1551 * kdc/kerberos4.c: add krb4 into the most error messages written 1552 to the logfile 1553 1554 * lib/krb5/krb5_ccache.3: add missing name of argument 1555 (krb5_context) to most functions 1556 | 1544 1545 * kdc/kdc.8: better/difrent english 1546 1547 * kdc/kdc.8: . -> .\n, copyright/license 1548 1549 * kdc/kdc.8: changed configuration file -> restart kdc 1550 1551 * kdc/kerberos4.c: add krb4 into the most error messages written 1552 to the logfile 1553 1554 * lib/krb5/krb5_ccache.3: add missing name of argument 1555 (krb5_context) to most functions 1556 |
15572003-03-13 Love H�rnquist �strand <lha@it.su.se> | 15572003-03-13 Love H��rnquist ��strand <lha@it.su.se> |
1558 1559 * lib/krb5/kuserok.c (krb5_kuserok): preserve old behviour of 1560 function and return FALSE when there isn't a local account for 1561 `luser'. 1562 1563 * lib/krb5/krb5_kuserok.3: fix prototype, spelling and more text 1564 describing the function 1565 | 1558 1559 * lib/krb5/kuserok.c (krb5_kuserok): preserve old behviour of 1560 function and return FALSE when there isn't a local account for 1561 `luser'. 1562 1563 * lib/krb5/krb5_kuserok.3: fix prototype, spelling and more text 1564 describing the function 1565 |
15662003-03-12 Love H�rnquist �strand <lha@it.su.se> | 15662003-03-12 Love H��rnquist ��strand <lha@it.su.se> |
1567 1568 * lib/krb5/cache.c (krb5_cc_default): if krb5_cc_default_name 1569 returned memory, don't return ENOMEM 1570 | 1567 1568 * lib/krb5/cache.c (krb5_cc_default): if krb5_cc_default_name 1569 returned memory, don't return ENOMEM 1570 |
15712003-03-11 Love H�rnquist �strand <lha@it.su.se> | 15712003-03-11 Love H��rnquist ��strand <lha@it.su.se> |
1572 1573 * lib/krb5/krb5.3: add krb5_address stuff and sort 1574 1575 * lib/krb5/krb5_address.3: fix krb5_addr2sockaddr description 1576 1577 * lib/krb5/Makefile.am (man_MANS): += krb5_address.3 1578 1579 * lib/krb5/krb5_address.3: document types krb5_address and 1580 krb5_addresses and their helper functions 1581 | 1572 1573 * lib/krb5/krb5.3: add krb5_address stuff and sort 1574 1575 * lib/krb5/krb5_address.3: fix krb5_addr2sockaddr description 1576 1577 * lib/krb5/Makefile.am (man_MANS): += krb5_address.3 1578 1579 * lib/krb5/krb5_address.3: document types krb5_address and 1580 krb5_addresses and their helper functions 1581 |
15822003-03-10 Love H�rnquist �strand <lha@it.su.se> | 15822003-03-10 Love H��rnquist ��strand <lha@it.su.se> |
1583 1584 * lib/krb5/Makefile.am (man_MANS): += krb5_kuserok.3 1585 1586 * lib/krb5/krb5_kuserok.3: spelling, from cizzi@it.su.se 1587 1588 * lib/krb5/Makefile.am (man_MANS): += krb5_ccache.3 1589 1590 * lib/krb5/krb5_ccache.3: spelling, from cizzi@it.su.se --- 26 unchanged lines hidden (view full) --- 1617 default_cc_name to NULL 1618 (krb5_free_context): free default_cc_name if set 1619 1620 * lib/krb5/cache.c (krb5_cc_set_default_name): new function 1621 (krb5_cc_default_name): use krb5_cc_set_default_name 1622 1623 * lib/krb5/krb5.h (krb5_context_data): add default_cc_name 1624 | 1583 1584 * lib/krb5/Makefile.am (man_MANS): += krb5_kuserok.3 1585 1586 * lib/krb5/krb5_kuserok.3: spelling, from cizzi@it.su.se 1587 1588 * lib/krb5/Makefile.am (man_MANS): += krb5_ccache.3 1589 1590 * lib/krb5/krb5_ccache.3: spelling, from cizzi@it.su.se --- 26 unchanged lines hidden (view full) --- 1617 default_cc_name to NULL 1618 (krb5_free_context): free default_cc_name if set 1619 1620 * lib/krb5/cache.c (krb5_cc_set_default_name): new function 1621 (krb5_cc_default_name): use krb5_cc_set_default_name 1622 1623 * lib/krb5/krb5.h (krb5_context_data): add default_cc_name 1624 |
16252003-02-25 Love H�rnquist �strand <lha@it.su.se> | 16252003-02-25 Love H��rnquist ��strand <lha@it.su.se> |
1626 1627 * appl/kf/kf.1: s/securly/securely/ from NetBSD 1628 | 1626 1627 * appl/kf/kf.1: s/securly/securely/ from NetBSD 1628 |
16292003-02-18 Love H�rnquist �strand <lha@it.su.se> | 16292003-02-18 Love H��rnquist ��strand <lha@it.su.se> |
1630 1631 * kdc/connect.c: s/intialize/initialize, from 1632 <jmc@prioris.mini.pw.edu.pl> 1633 | 1630 1631 * kdc/connect.c: s/intialize/initialize, from 1632 <jmc@prioris.mini.pw.edu.pl> 1633 |
16342003-02-17 Love H�rnquist �strand <lha@it.su.se> | 16342003-02-17 Love H��rnquist ��strand <lha@it.su.se> |
1635 1636 * configure.in: add AM_MAINTAINER_MODE 1637 | 1635 1636 * configure.in: add AM_MAINTAINER_MODE 1637 |
16382003-02-16 Love H�rnquist �strand <lha@it.su.se> | 16382003-02-16 Love H��rnquist ��strand <lha@it.su.se> |
1639 1640 * **/*.[0-9]: add copyright/licenses on all manpages 1641 16422003-14-16 Jacques Vidrine <nectar@kth.se> 1643 1644 * lib/krb5/get_in_tkt.c (init_as_req): Send only a single 1645 PA-ENC-TIMESTAMP in the AS-REQ, using the first encryption 1646 type specified by the KDC. 1647 | 1639 1640 * **/*.[0-9]: add copyright/licenses on all manpages 1641 16422003-14-16 Jacques Vidrine <nectar@kth.se> 1643 1644 * lib/krb5/get_in_tkt.c (init_as_req): Send only a single 1645 PA-ENC-TIMESTAMP in the AS-REQ, using the first encryption 1646 type specified by the KDC. 1647 |
16482003-02-15 Love H�rnquist �strand <lha@it.su.se> | 16482003-02-15 Love H��rnquist ��strand <lha@it.su.se> |
1649 1650 * fix-export: some autoconf put their version number in 1651 autom4te.cache, so remove autom4te*.cache 1652 1653 * fix-export: make sure $1 is a directory 1654 | 1649 1650 * fix-export: some autoconf put their version number in 1651 autom4te.cache, so remove autom4te*.cache 1652 1653 * fix-export: make sure $1 is a directory 1654 |
16552003-02-04 Love H�rnquist �strand <lha@it.su.se> | 16552003-02-04 Love H��rnquist ��strand <lha@it.su.se> |
1656 1657 * kpasswd/kpasswdd.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 1658 1659 * kdc/kdc.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 1660 | 1656 1657 * kpasswd/kpasswdd.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 1658 1659 * kdc/kdc.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 1660 |
16612003-01-31 Love H�rnquist �strand <lha@it.su.se> | 16612003-01-31 Love H��rnquist ��strand <lha@it.su.se> |
1662 1663 * kdc/hpropd.8: s/databases/a database/ s/Not/not/ 1664 1665 * kdc/hprop.8: add missing . 1666 | 1662 1663 * kdc/hpropd.8: s/databases/a database/ s/Not/not/ 1664 1665 * kdc/hprop.8: add missing . 1666 |
16672003-01-30 Love H�rnquist �strand <lha@it.su.se> | 16672003-01-30 Love H��rnquist ��strand <lha@it.su.se> |
1668 1669 * lib/krb5/krb5.conf.5: documentation for of boolean, etypes, 1670 address, write out encryption type in sentences, s/Host/host 1671 | 1668 1669 * lib/krb5/krb5.conf.5: documentation for of boolean, etypes, 1670 address, write out encryption type in sentences, s/Host/host 1671 |
16722003-01-26 Love H�rnquist �strand <lha@it.su.se> | 16722003-01-26 Love H��rnquist ��strand <lha@it.su.se> |
1673 1674 * lib/asn1/check-gen.c: add checks for Authenticator too 1675 | 1673 1674 * lib/asn1/check-gen.c: add checks for Authenticator too 1675 |
16762003-01-25 Love H�rnquist �strand <lha@it.su.se> | 16762003-01-25 Love H��rnquist ��strand <lha@it.su.se> |
1677 1678 * doc/setup.texi: in the hprop example, use hprop and the first 1679 component, not host 1680 1681 * lib/krb5/get_addrs.c (find_all_addresses): address-less 1682 point-to-point might not have an address, just ignore 1683 those. Reported by Harald Barth. 1684 | 1677 1678 * doc/setup.texi: in the hprop example, use hprop and the first 1679 component, not host 1680 1681 * lib/krb5/get_addrs.c (find_all_addresses): address-less 1682 point-to-point might not have an address, just ignore 1683 those. Reported by Harald Barth. 1684 |
16852003-01-23 Love H�rnquist �strand <lha@it.su.se> | 16852003-01-23 Love H��rnquist ��strand <lha@it.su.se> |
1686 1687 * lib/krb5/verify_krb5_conf.c (check_section): when key isn't 1688 found, don't print out all known keys 1689 1690 * lib/krb5/verify_krb5_conf.c (syslogvals): mark up where severity 1691 and facility start resp 1692 (check_log): find_value() returns -1 when key isn't found 1693 --- 14 unchanged lines hidden (view full) --- 1708 check-der.c to here 1709 1710 * lib/asn1/check-common.c: move generic asn1/der functions from 1711 check-der.c to here 1712 1713 * lib/asn1/check-der.c: move out the generic asn1/der functions to 1714 a common file 1715 | 1686 1687 * lib/krb5/verify_krb5_conf.c (check_section): when key isn't 1688 found, don't print out all known keys 1689 1690 * lib/krb5/verify_krb5_conf.c (syslogvals): mark up where severity 1691 and facility start resp 1692 (check_log): find_value() returns -1 when key isn't found 1693 --- 14 unchanged lines hidden (view full) --- 1708 check-der.c to here 1709 1710 * lib/asn1/check-common.c: move generic asn1/der functions from 1711 check-der.c to here 1712 1713 * lib/asn1/check-der.c: move out the generic asn1/der functions to 1714 a common file 1715 |
17162003-01-22 Love H�rnquist �strand <lha@it.su.se> | 17162003-01-22 Love H��rnquist ��strand <lha@it.su.se> |
1717 1718 * doc/misc.texi: more text about afs, how to get get your KeyFile, 1719 and how to start use 2b tokens 1720 1721 * lib/krb5/krb5.conf.5: spelling, from Jason McIntyre 1722 <jmc@cvs.openbsd.org> 1723 17242003-01-21 Jacques Vidrine <nectar@kth.se> 1725 1726 * kuser/kuser_locl.h: include crypto-headers.h for 1727 des_read_pw_string prototype 1728 | 1717 1718 * doc/misc.texi: more text about afs, how to get get your KeyFile, 1719 and how to start use 2b tokens 1720 1721 * lib/krb5/krb5.conf.5: spelling, from Jason McIntyre 1722 <jmc@cvs.openbsd.org> 1723 17242003-01-21 Jacques Vidrine <nectar@kth.se> 1725 1726 * kuser/kuser_locl.h: include crypto-headers.h for 1727 des_read_pw_string prototype 1728 |
17292003-01-16 Love H�rnquist �strand <lha@it.su.se> | 17292003-01-16 Love H��rnquist ��strand <lha@it.su.se> |
1730 1731 * admin/ktutil.8: document -v, --verbose 1732 1733 * admin/get.c (kt_get): make getarg usage consistent with other 1734 other parts of ktutil 1735 1736 * admin/copy.c (kt_copy): remove adding verbose_flag to args 1737 struct, since it will overrun the args array (from Sumit Bose) 1738 | 1730 1731 * admin/ktutil.8: document -v, --verbose 1732 1733 * admin/get.c (kt_get): make getarg usage consistent with other 1734 other parts of ktutil 1735 1736 * admin/copy.c (kt_copy): remove adding verbose_flag to args 1737 struct, since it will overrun the args array (from Sumit Bose) 1738 |
17392003-01-15 Love H�rnquist �strand <lha@it.su.se> | 17392003-01-15 Love H��rnquist ��strand <lha@it.su.se> |
1740 1741 * lib/krb5/krb5.conf.5: write more about [realms] REALM = { kdc = 1742 ... } 1743 1744 * lib/krb5/aes-test.c: test vectors in aes-draft 1745 1746 * lib/krb5/Makefile.am: add aes-test.c 1747 --- 17 unchanged lines hidden (view full) --- 1765 `Encryption and Checksum Specifications for Kerberos 5' draft 1766 1767 * lib/asn1/k5.asn1: add checksum and enctype for AES from 1768 draft-raeburn-krb-rijndael-krb-02.txt 1769 1770 * lib/krb5/krb5.h (krb5_keytype): add KEYTYPE_AES128, 1771 KEYTYPE_AES256 1772 | 1740 1741 * lib/krb5/krb5.conf.5: write more about [realms] REALM = { kdc = 1742 ... } 1743 1744 * lib/krb5/aes-test.c: test vectors in aes-draft 1745 1746 * lib/krb5/Makefile.am: add aes-test.c 1747 --- 17 unchanged lines hidden (view full) --- 1765 `Encryption and Checksum Specifications for Kerberos 5' draft 1766 1767 * lib/asn1/k5.asn1: add checksum and enctype for AES from 1768 draft-raeburn-krb-rijndael-krb-02.txt 1769 1770 * lib/krb5/krb5.h (krb5_keytype): add KEYTYPE_AES128, 1771 KEYTYPE_AES256 1772 |
17732003-01-14 Love H�rnquist �strand <lha@it.su.se> | 17732003-01-14 Love H��rnquist ��strand <lha@it.su.se> |
1774 1775 * lib/hdb/common.c (_hdb_fetch): handle error code from 1776 hdb_value2entry 1777 1778 * kdc/Makefile.am: always include kerberos4.c and 524.c in 1779 kdc_SOURCES to support 524 1780 1781 * kdc/524.c: always compile in support for 524 --- 14 unchanged lines hidden --- | 1774 1775 * lib/hdb/common.c (_hdb_fetch): handle error code from 1776 hdb_value2entry 1777 1778 * kdc/Makefile.am: always include kerberos4.c and 524.c in 1779 kdc_SOURCES to support 524 1780 1781 * kdc/524.c: always compile in support for 524 --- 14 unchanged lines hidden --- |