172445SassarSat Dec 5 19:49:34 1998 Johan Danielsson <joda@hella.pdc.kth.se> 272445Sassar 372445Sassar * lib/krb5/context.c: remove ktype_is_etype 472445Sassar 572445Sassar * lib/krb5/crypto.c, lib/krb5/krb5.h, acconfig.h: NEW_DES3_CODE 672445Sassar 772445Sassar * configure.in: fix for AIX install; better tests for AIX dynamic 872445Sassar AFS libs; `--enable-new-des3-code' 972445Sassar 1072445SassarTue Dec 1 14:44:44 1998 Johan Danielsson <joda@hella.pdc.kth.se> 1172445Sassar 1272445Sassar * appl/afsutil/Makefile.am: link with extra libs for aix 1372445Sassar 1472445Sassar * kuser/Makefile.am: link with extra libs for aix 1572445Sassar 1672445SassarSun Nov 29 01:56:21 1998 Assar Westerlund <assar@sics.se> 1772445Sassar 1872445Sassar * lib/krb5/get_addrs.c (krb5_get_all_server_addrs): add. almost 1972445Sassar the same as krb5_get_all_client_addrs except that it includes 2072445Sassar loopback addresses 2172445Sassar 2272445Sassar * kdc/connect.c (init_socket): bind to a particular address 2372445Sassar (init_sockets): get all local addresses and bind to them all 2472445Sassar 2572445Sassar * lib/krb5/addr_families.c (addr2sockaddr, print_addr): new 2672445Sassar methods 2772445Sassar (find_af, find_atype): new functions. use them. 2872445Sassar 2972445Sassar * configure.in: add hesiod 3072445Sassar 3172445SassarWed Nov 25 11:37:48 1998 Johan Danielsson <joda@hella.pdc.kth.se> 3272445Sassar 3372445Sassar * lib/krb5/krb5_err.et: add some codes from kerberos-revisions-03 3472445Sassar 3572445SassarMon Nov 23 12:53:48 1998 Assar Westerlund <assar@sics.se> 3672445Sassar 3772445Sassar * lib/kadm5/log.c: rename delete -> remove 3872445Sassar 3972445Sassar * lib/kadm5/delete_s.c: rename delete -> remove 4072445Sassar 4172445Sassar * lib/hdb/common.c: rename delete -> remove 4272445Sassar 4372445SassarSun Nov 22 12:26:26 1998 Assar Westerlund <assar@sics.se> 4472445Sassar 4572445Sassar * configure.in: check for environ and `struct spwd' 4672445Sassar 4772445SassarSun Nov 22 11:42:45 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 4872445Sassar 4972445Sassar * kdc/kerberos5.c (as_rep): set keytype to sess_ktype if 5072445Sassar ktype_is_etype 5172445Sassar 5272445Sassar * lib/krb5/encrypt.c (krb5_keytype_to_etypes): zero terminate 5372445Sassar etypes 5472445Sassar (em): sort entries 5572445Sassar 5672445SassarSun Nov 22 06:54:48 1998 Assar Westerlund <assar@sics.se> 5772445Sassar 5872445Sassar * lib/krb5/init_creds_pw.c: more type correctness 5972445Sassar 6072445Sassar * lib/krb5/get_cred.c: re-structure code. remove limits on ASN1 6172445Sassar generated bits. 6272445Sassar 6372445SassarSun Nov 22 01:49:50 1998 Johan Danielsson <joda@hella.pdc.kth.se> 6472445Sassar 6572445Sassar * kdc/hprop.c (v4_prop): fix bogus indexing 6672445Sassar 6772445SassarSat Nov 21 21:39:20 1998 Assar Westerlund <assar@sics.se> 6872445Sassar 6972445Sassar * lib/krb5/verify_init.c (fail_verify_is_ok): new function 7072445Sassar (krb5_verify_init_creds): if we cannot get a ticket for 7172445Sassar host/`hostname` and fail_verify_is_ok just return. use 7272445Sassar krb5_rd_req 7372445Sassar 7472445SassarSat Nov 21 23:12:27 1998 Assar Westerlund <assar@sics.se> 7572445Sassar 7672445Sassar * lib/krb5/free.c (krb5_xfree): new function 7772445Sassar 7872445Sassar * lib/krb5/creds.c (krb5_free_creds_contents): new function 7972445Sassar 8072445Sassar * lib/krb5/context.c: more type correctness 8172445Sassar 8272445Sassar * lib/krb5/checksum.c: more type correctness 8372445Sassar 8472445Sassar * lib/krb5/auth_context.c (krb5_auth_con_init): more type 8572445Sassar correctness 8672445Sassar 8772445Sassar * lib/asn1/der_get.c (der_get_length): fix test of len 8872445Sassar (der_get_tag): more type correctness 8972445Sassar 9072445Sassar * kuser/klist.c (usage): void-ize 9172445Sassar 9272445Sassar * admin/ktutil.c (kt_remove): some more type correctness. 9372445Sassar 9472445SassarSat Nov 21 16:49:20 1998 Johan Danielsson <joda@hella.pdc.kth.se> 9572445Sassar 9672445Sassar * kuser/klist.c: try to list enctypes as keytypes 9772445Sassar 9872445Sassar * kuser/kinit.c: remove extra `--cache' option, add `--enctypes' 9972445Sassar to set list of enctypes to use 10072445Sassar 10172445Sassar * kadmin/load.c: load strings as hex 10272445Sassar 10372445Sassar * kadmin/dump.c: dump hex as string is possible 10472445Sassar 10572445Sassar * admin/ktutil.c: use print_version() 10672445Sassar 10772445Sassar * configure.in, acconfig.h: test for hesiod 10872445Sassar 10972445SassarSun Nov 15 17:28:19 1998 Johan Danielsson <joda@hella.pdc.kth.se> 11072445Sassar 11172445Sassar * lib/krb5/crypto.c: add some crypto debug code 11272445Sassar 11372445Sassar * lib/krb5/get_in_tkt.c (_krb5_extract_ticket): don't use fixed 11472445Sassar buffer when encoding ticket 11572445Sassar 11672445Sassar * lib/krb5/auth_context.c (re-)implement `krb5_auth_setenctype' 11772445Sassar 11872445Sassar * kdc/kerberos5.c: allow mis-match of tgt session key, and service 11972445Sassar session key 12072445Sassar 12172445Sassar * admin/ktutil.c: keytype -> enctype 12272445Sassar 12372445SassarFri Nov 13 05:35:48 1998 Assar Westerlund <assar@sics.se> 12472445Sassar 12572445Sassar * lib/krb5/krb5.h (KRB5_TGS_NAME, KRB5_TGS_NAME_SIZE): added 12672445Sassar 12772445SassarSat Nov 7 19:56:31 1998 Assar Westerlund <assar@sics.se> 12872445Sassar 12972445Sassar * lib/krb5/get_cred.c (add_cred): add termination NULL pointer 13072445Sassar 13172445SassarMon Nov 2 01:15:06 1998 Assar Westerlund <assar@sics.se> 13272445Sassar 13372445Sassar * lib/krb5/rd_req.c: adapt to new crypto api 13472445Sassar 13572445Sassar * lib/krb5/rd_rep.c: adapt to new crypto api 13672445Sassar 13772445Sassar * lib/krb5/rd_priv.c: adopt to new crypto api 13872445Sassar 13972445Sassar * lib/krb5/rd_cred.c: adopt to new crypto api 14072445Sassar 14172445Sassar * lib/krb5/principal.c: ENOMEM -> ERANGE 14272445Sassar 14372445Sassar * lib/krb5/mk_safe.c: cleanup and adopt to new crypto api 14472445Sassar 14572445Sassar * lib/krb5/mk_req_ext.c: adopt to new crypto api 14672445Sassar 14772445Sassar * lib/krb5/mk_req.c: get enctype from auth_context keyblock 14872445Sassar 14972445Sassar * lib/krb5/mk_rep.c: cleanup and adopt to new crypto api 15072445Sassar 15172445Sassar * lib/krb5/mk_priv.c: adopt to new crypto api 15272445Sassar 15372445Sassar * lib/krb5/keytab.c: adopt to new crypto api 15472445Sassar 15572445Sassar * lib/krb5/get_in_tkt_with_skey.c: adopt to new crypto api 15672445Sassar 15772445Sassar * lib/krb5/get_in_tkt_with_keytab.c: adopt to new crypto api 15872445Sassar 15972445Sassar * lib/krb5/get_in_tkt_pw.c: adopt to new crypto api 16072445Sassar 16172445Sassar * lib/krb5/get_in_tkt.c: adopt to new crypto api 16272445Sassar 16372445Sassar * lib/krb5/get_cred.c: adopt to new crypto api 16472445Sassar 16572445Sassar * lib/krb5/generate_subkey.c: use new crypto api 16672445Sassar 16772445Sassar * lib/krb5/context.c: rename etype functions to enctype ditto 16872445Sassar 16972445Sassar * lib/krb5/build_auth.c: use new crypto api 17072445Sassar 17172445Sassar * lib/krb5/auth_context.c: remove enctype and cksumtype from 17272445Sassar auth_context 17372445Sassar 17472445SassarMon Nov 2 01:15:06 1998 Assar Westerlund <assar@sics.se> 17572445Sassar 17672445Sassar * kdc/connect.c (handle_udp, handle_tcp): correct type of `n' 17772445Sassar 17872445SassarTue Sep 15 18:41:38 1998 Johan Danielsson <joda@hella.pdc.kth.se> 17972445Sassar 18072445Sassar * admin/ktutil.c: fix printing of unrecognized keytypes 18172445Sassar 18272445SassarTue Sep 15 17:02:33 1998 Johan Danielsson <joda@hella.pdc.kth.se> 18372445Sassar 18472445Sassar * lib/kadm5/set_keys.c: add KEYTYPE_USE_AFS3_SALT to keytype if 18572445Sassar using AFS3 salt 18672445Sassar 18772445SassarTue Aug 25 23:30:52 1998 Assar Westerlund <assar@sics.se> 18872445Sassar 18972445Sassar * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): care about 19072445Sassar `use_admin_kdc' 19172445Sassar 19272445Sassar * lib/krb5/changepw.c (get_kdc_address): use 19372445Sassar krb5_get_krb_admin_hst 19472445Sassar 19572445Sassar * lib/krb5/krbhst.c (krb5_get_krb_admin_hst): new function 19672445Sassar 19772445Sassar * lib/krb5/krb5.h (krb5_context_data): add `use_admin_kdc' 19872445Sassar 19972445Sassar * lib/krb5/context.c (krb5_get_use_admin_kdc, 20072445Sassar krb5_set_use_admin_kdc): new functions 20172445Sassar 20272445SassarTue Aug 18 22:24:12 1998 Johan Danielsson <joda@emma.pdc.kth.se> 20372445Sassar 20472445Sassar * lib/krb5/crypto.c: remove all calls to abort(); check return 20572445Sassar value from _key_schedule; 20672445Sassar (RSA_MD[45]_DES_verify): zero tmp and res; 20772445Sassar (RSA_MD5_DES3_{verify,checksum}): implement 20872445Sassar 20972445SassarMon Aug 17 20:18:46 1998 Assar Westerlund <assar@sics.se> 21072445Sassar 21172445Sassar * kdc/kerberos4.c (swap32): conditionalize 21272445Sassar 21372445Sassar * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): new function 21472445Sassar 21572445Sassar * lib/krb5/get_host_realm.c (krb5_get_host_realm): if the hostname 21672445Sassar returned from gethostby*() isn't a FQDN, try with the original 21772445Sassar hostname 21872445Sassar 21972445Sassar * lib/krb5/get_cred.c (make_pa_tgs_req): use krb5_mk_req_internal 22072445Sassar and correct key usage 22172445Sassar 22272445Sassar * lib/krb5/crypto.c (verify_checksum): make static 22372445Sassar 22472445Sassar * admin/ktutil.c (kt_list): use krb5_enctype_to_string 22572445Sassar 22672445SassarSun Aug 16 20:57:56 1998 Assar Westerlund <assar@sics.se> 22772445Sassar 22872445Sassar * kadmin/cpw.c (do_cpw_entry): use asprintf for the prompt 22972445Sassar 23072445Sassar * kadmin/ank.c (ank): print principal name in prompt 23172445Sassar 23272445Sassar * lib/krb5/crypto.c (hmac): always allocate space for checksum. 23372445Sassar never trust c.checksum.length 23472445Sassar (_get_derived_key): try to return the derived key 23572445Sassar 23672445SassarSun Aug 16 19:48:42 1998 Johan Danielsson <joda@emma.pdc.kth.se> 23772445Sassar 23872445Sassar * lib/krb5/crypto.c (hmac): fix some peculiarities and bugs 23972445Sassar (get_checksum_key): assume usage is `formatted' 24072445Sassar (create_checksum,verify_checksum): moved the guts of the krb5_* 24172445Sassar functions here, both take `formatted' key-usages 24272445Sassar (encrypt_internal_derived): fix various bogosities 24372445Sassar (derive_key): drop key_type parameter (already given by the 24472445Sassar encryption_type) 24572445Sassar 24672445Sassar * kdc/kerberos5.c (check_flags): handle case where client is NULL 24772445Sassar 24872445Sassar * kdc/connect.c (process_request): return zero after processing 24972445Sassar kerberos 4 request 25072445Sassar 25172445SassarSun Aug 16 18:38:15 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 25272445Sassar 25372445Sassar * lib/krb5/crypto.c: merge x-*.[ch] into one file 25472445Sassar 25572445Sassar * lib/krb5/cache.c: remove residual from krb5_ccache_data 25672445Sassar 25772445SassarFri Aug 14 16:28:23 1998 Johan Danielsson <joda@emma.pdc.kth.se> 25872445Sassar 25972445Sassar * lib/krb5/x-crypto.c (derive_key): move DES3 specific code to 26072445Sassar separate function (will eventually end up someplace else) 26172445Sassar 26272445Sassar * lib/krb5/x-crypto.c (krb5_string_to_key_derived): allocate key 26372445Sassar 26472445Sassar * configure.in, acconfig.h: test for four valued krb_put_int 26572445Sassar 26672445SassarThu Aug 13 23:46:29 1998 Assar Westerlund <assar@emma.pdc.kth.se> 26772445Sassar 26872445Sassar * Release 0.0t 26972445Sassar 27072445SassarThu Aug 13 22:40:17 1998 Assar Westerlund <assar@sics.se> 27172445Sassar 27272445Sassar * lib/krb5/config_file.c (parse_binding): remove trailing 27372445Sassar whitespace 27472445Sassar 27572445SassarWed Aug 12 20:15:11 1998 Johan Danielsson <joda@emma.pdc.kth.se> 27672445Sassar 27772445Sassar * lib/krb5/x-checksum.c (krb5_verify_checksum): pass checksum type 27872445Sassar to krb5_create_checksum 27972445Sassar 28072445Sassar * lib/krb5/x-key.c: implement DES3_string_to_key_derived; fix a 28172445Sassar few typos 28272445Sassar 28372445SassarWed Aug 5 12:39:54 1998 Assar Westerlund <assar@emma.pdc.kth.se> 28472445Sassar 28572445Sassar * Release 0.0s 28672445Sassar 28772445SassarThu Jul 30 23:12:17 1998 Assar Westerlund <assar@sics.se> 28872445Sassar 28972445Sassar * lib/krb5/mk_error.c (krb5_mk_error): realloc until you die 29072445Sassar 29172445SassarThu Jul 23 19:49:03 1998 Johan Danielsson <joda@emma.pdc.kth.se> 29272445Sassar 29372445Sassar * kdc/kdc_locl.h: proto for `get_des_key' 29472445Sassar 29572445Sassar * configure.in: test for four valued el_init 29672445Sassar 29772445Sassar * kuser/klist.c: keytype -> enctype 29872445Sassar 29972445Sassar * kpasswd/kpasswdd.c (change): use new `krb5_string_to_key*' 30072445Sassar 30172445Sassar * kdc/hprop.c (v4_prop, ka_convert): convert to a set of keys 30272445Sassar 30372445Sassar * kdc/kaserver.c: use `get_des_key' 30472445Sassar 30572445Sassar * kdc/524.c: use new crypto api 30672445Sassar 30772445Sassar * kdc/kerberos4.c: use new crypto api 30872445Sassar 30972445Sassar * kdc/kerberos5.c: always treat keytypes as enctypes; use new 31072445Sassar crypto api 31172445Sassar 31272445Sassar * kdc/kstash.c: adapt to new crypto api 31372445Sassar 31472445Sassar * kdc/string2key.c: adapt to new crypto api 31572445Sassar 31672445Sassar * admin/srvconvert.c: add keys for all possible enctypes 31772445Sassar 31872445Sassar * admin/ktutil.c: keytype -> enctype 31972445Sassar 32072445Sassar * lib/gssapi/init_sec_context.c: get enctype from auth_context 32172445Sassar keyblock 32272445Sassar 32372445Sassar * lib/hdb/hdb.c: remove hdb_*_keytype2key 32472445Sassar 32572445Sassar * lib/kadm5/set_keys.c: adapt to new crypto api 32672445Sassar 32772445Sassar * lib/kadm5/rename_s.c: adapt to new crypto api 32872445Sassar 32972445Sassar * lib/kadm5/get_s.c: adapt to new crypto api 33072445Sassar 33172445Sassar * lib/kadm5/create_s.c: add keys for des-cbc-crc, des-cbc-md4, 33272445Sassar des-cbc-md5, and des3-cbc-sha1 33372445Sassar 33472445Sassar * lib/krb5/heim_err.et: error message for unsupported salt 33572445Sassar 33672445Sassar * lib/krb5/codec.c: short-circuit these functions, since they are 33772445Sassar not needed any more 33872445Sassar 33972445Sassar * lib/krb5/rd_safe.c: cleanup and adapt to new crypto api 34072445Sassar 34172445SassarMon Jul 13 23:00:59 1998 Assar Westerlund <assar@sics.se> 34272445Sassar 34372445Sassar * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): don't advance 34472445Sassar hostent->h_addr_list, use a copy instead 34572445Sassar 34672445SassarMon Jul 13 15:00:31 1998 Johan Danielsson <joda@emma.pdc.kth.se> 34772445Sassar 34872445Sassar * lib/krb5/config_file.c (parse_binding, parse_section): make sure 34972445Sassar everything is ok before adding to linked list 35072445Sassar 35172445Sassar * lib/krb5/config_file.c: skip ws before checking for comment 35272445Sassar 35372445SassarWed Jul 8 10:45:45 1998 Johan Danielsson <joda@emma.pdc.kth.se> 35472445Sassar 35572445Sassar * lib/asn1/k5.asn1: hmac-sha1-des3 = 12 35672445Sassar 35772445SassarTue Jun 30 18:08:05 1998 Assar Westerlund <assar@sics.se> 35872445Sassar 35972445Sassar * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): do not close the 36072445Sassar unopened file 36172445Sassar 36272445Sassar * lib/krb5/mk_priv.c: realloc correctly 36372445Sassar 36472445Sassar * lib/krb5/get_addrs.c (find_all_addresses): init j 36572445Sassar 36672445Sassar * lib/krb5/context.c (krb5_init_context): print error if parsing 36772445Sassar of config file produced an error. 36872445Sassar 36972445Sassar * lib/krb5/config_file.c (parse_list, krb5_config_parse_file): 37072445Sassar ignore more spaces 37172445Sassar 37272445Sassar * lib/krb5/codec.c (krb5_encode_EncKrbCredPart, 37372445Sassar krb5_encode_ETYPE_INFO): initialize `ret' 37472445Sassar 37572445Sassar * lib/krb5/build_auth.c (krb5_build_authenticator): realloc 37672445Sassar correctly 37772445Sassar 37872445Sassar * lib/kadm5/set_keys.c (_kadm5_set_keys): initialize `ret' 37972445Sassar 38072445Sassar * lib/kadm5/init_c.c (get_cred_cache): try to do the right thing 38172445Sassar with default_client 38272445Sassar 38372445Sassar * kuser/kinit.c (main): initialize `ticket_life' 38472445Sassar 38572445Sassar * kdc/kerberos5.c (get_pa_etype_info): initialize `ret' 38672445Sassar (tgs_rep2): initialize `krbtgt' 38772445Sassar 38872445Sassar * kdc/connect.c (do_request): check for errors from `sendto' 38972445Sassar 39072445Sassar * kdc/524.c (do_524): initialize `ret' 39172445Sassar 39272445Sassar * kadmin/util.c (foreach_principal): don't clobber `ret' 39372445Sassar 39472445Sassar * kadmin/del.c (del_entry): don't apply on zeroth argument 39572445Sassar 39672445Sassar * kadmin/cpw.c (do_cpw_entry): initialize `ret' 39772445Sassar 39872445SassarSat Jun 13 04:14:01 1998 Assar Westerlund <assar@juguete.sics.se> 39972445Sassar 40072445Sassar * Release 0.0r 40172445Sassar 40272445SassarSun Jun 7 04:13:14 1998 Assar Westerlund <assar@sics.se> 40372445Sassar 40472445Sassar * lib/krb5/addr_families.c: fall-back definition of 40572445Sassar IN6_ADDR_V6_TO_V4 40672445Sassar 40772445Sassar * configure.in: only set CFLAGS if it wasn't set look for 40872445Sassar dn_expand and res_search 40972445Sassar 41072445SassarMon Jun 1 21:28:07 1998 Assar Westerlund <assar@sics.se> 41172445Sassar 41272445Sassar * configure.in: remove duplicate seteuid 41372445Sassar 41472445SassarSat May 30 00:19:51 1998 Johan Danielsson <joda@emma.pdc.kth.se> 41572445Sassar 41672445Sassar * lib/krb5/convert_creds.c: import _krb_time_to_life, to avoid 41772445Sassar runtime dependencies on libkrb with some shared library 41872445Sassar implementations 41972445Sassar 42072445SassarFri May 29 00:09:02 1998 Johan Danielsson <joda@emma.pdc.kth.se> 42172445Sassar 42272445Sassar * kuser/kinit_options.c: Default options for kinit. 42372445Sassar 42472445Sassar * kuser/kauth_options.c: Default options for kauth. 42572445Sassar 42672445Sassar * kuser/kinit.c: Implement lots a new options. 42772445Sassar 42872445Sassar * kdc/kerberos5.c (check_tgs_flags): make sure kdc-req-body->rtime 42972445Sassar is not NULL; set endtime to min of new starttime + old_life, and 43072445Sassar requested endtime 43172445Sassar 43272445Sassar * lib/krb5/init_creds_pw.c (get_init_creds_common): if the 43372445Sassar forwardable or proxiable flags are set in options, set the 43472445Sassar kdc-flags to the value specified, and not always to one 43572445Sassar 43672445SassarThu May 28 21:28:06 1998 Johan Danielsson <joda@emma.pdc.kth.se> 43772445Sassar 43872445Sassar * kdc/kerberos5.c: Optionally compare client address to addresses 43972445Sassar in ticket. 44072445Sassar 44172445Sassar * kdc/connect.c: Pass client address to as_rep() and tgs_rep(). 44272445Sassar 44372445Sassar * kdc/config.c: Add check_ticket_addresses, and 44472445Sassar allow_null_ticket_addresses variables. 44572445Sassar 44672445SassarTue May 26 14:03:42 1998 Johan Danielsson <joda@emma.pdc.kth.se> 44772445Sassar 44872445Sassar * lib/kadm5/create_s.c: possibly make DES keys version 4 salted 44972445Sassar 45072445Sassar * lib/kadm5/set_keys.c: check config file for kadmin/use_v4_salt 45172445Sassar before zapping version 4 salts 45272445Sassar 45372445SassarSun May 24 05:22:17 1998 Assar Westerlund <assar@sics.se> 45472445Sassar 45572445Sassar * Release 0.0q 45672445Sassar 45772445Sassar * lib/krb5/aname_to_localname.c: new file 45872445Sassar 45972445Sassar * lib/gssapi/init_sec_context.c (repl_mutual): no output token 46072445Sassar 46172445Sassar * lib/gssapi/display_name.c (gss_display_name): zero terminate 46272445Sassar output. 46372445Sassar 46472445SassarSat May 23 19:11:07 1998 Assar Westerlund <assar@sics.se> 46572445Sassar 46672445Sassar * lib/gssapi/display_status.c: new file 46772445Sassar 46872445Sassar * Makefile.am: send -I to aclocal 46972445Sassar 47072445Sassar * configure.in: remove duplicate setenv 47172445Sassar 47272445SassarSat May 23 04:55:19 1998 Johan Danielsson <joda@emma.pdc.kth.se> 47372445Sassar 47472445Sassar * kadmin/util.c (foreach_principal): Check for expression before 47572445Sassar wading through the whole database. 47672445Sassar 47772445Sassar * kadmin/kadmin.c: Pass NULL password to 47872445Sassar kadm5_*_init_with_password. 47972445Sassar 48072445Sassar * lib/kadm5/init_c.c: Implement init_with_{skey,creds}*. Make use 48172445Sassar of `password' parameter to init_with_password. 48272445Sassar 48372445Sassar * lib/kadm5/init_s.c: implement init_with_{skey,creds}* 48472445Sassar 48572445Sassar * lib/kadm5/server.c: Better arguments for 48672445Sassar kadm5_init_with_password. 48772445Sassar 48872445SassarSat May 16 07:10:36 1998 Assar Westerlund <assar@sics.se> 48972445Sassar 49072445Sassar * kdc/hprop.c: conditionalize ka-server reading support on 49172445Sassar KASERVER_DB 49272445Sassar 49372445Sassar * configure.in: new option `--enable-kaserver-db' 49472445Sassar 49572445SassarFri May 15 19:39:18 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 49672445Sassar 49772445Sassar * lib/krb5/get_cred.c: Better error if local tgt couldn't be 49872445Sassar found. 49972445Sassar 50072445SassarTue May 12 21:11:02 1998 Assar Westerlund <assar@sics.se> 50172445Sassar 50272445Sassar * Release 0.0p 50372445Sassar 50472445Sassar * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): only set 50572445Sassar encryption type in auth_context if it's compatible with the type 50672445Sassar of the session key 50772445Sassar 50872445SassarMon May 11 21:11:14 1998 Johan Danielsson <joda@emma.pdc.kth.se> 50972445Sassar 51072445Sassar * kdc/hprop.c: add support for ka-server databases 51172445Sassar 51272445Sassar * appl/ftp/ftpd: link with -lcrypt, if needed 51372445Sassar 51472445SassarFri May 1 07:29:52 1998 Assar Westerlund <assar@sics.se> 51572445Sassar 51672445Sassar * configure.in: don't test for winsock.h 51772445Sassar 51872445SassarSat Apr 18 21:43:11 1998 Johan Danielsson <joda@puffer.pdc.kth.se> 51972445Sassar 52072445Sassar * Release 0.0o 52172445Sassar 52272445SassarSat Apr 18 00:31:11 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 52372445Sassar 52472445Sassar * lib/krb5/sock_principal.c: Save hostname. 52572445Sassar 52672445SassarSun Apr 5 11:29:45 1998 Johan Danielsson <joda@emma.pdc.kth.se> 52772445Sassar 52872445Sassar * lib/krb5/mk_req_ext.c: Use same enctype as in ticket. 52972445Sassar 53072445Sassar * kdc/hprop.c (v4_prop): Check for null key. 53172445Sassar 53272445SassarFri Apr 3 03:54:54 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 53372445Sassar 53472445Sassar * lib/krb5/str2key.c: Fix DES3 string-to-key. 53572445Sassar 53672445Sassar * lib/krb5/keytab.c: Get default keytab name from context. 53772445Sassar 53872445Sassar * lib/krb5/context.c: Get `default_keytab_name' value. 53972445Sassar 54072445Sassar * kadmin/util.c (foreach_principal): Print error message if 54172445Sassar `kadm5_get_principals' fails. 54272445Sassar 54372445Sassar * kadmin/kadmind.c: Use `kadmind_loop'. 54472445Sassar 54572445Sassar * lib/kadm5/server.c: Replace several other functions with 54672445Sassar `kadmind_loop'. 54772445Sassar 54872445SassarSat Mar 28 09:49:18 1998 Assar Westerlund <assar@sics.se> 54972445Sassar 55072445Sassar * lib/krb5/keytab.c (fkt_add_entry): use an explicit seek instead 55172445Sassar of O_APPEND 55272445Sassar 55372445Sassar * configure.in: generate ftp Makefiles 55472445Sassar 55572445Sassar * kuser/klist.c (print_cred_verbose): print IPv4-address in a 55672445Sassar portable way. 55772445Sassar 55872445Sassar * admin/srvconvert.c (srvconv): return 0 if successful 55972445Sassar 56072445SassarTue Mar 24 00:40:33 1998 Johan Danielsson <joda@emma.pdc.kth.se> 56172445Sassar 56272445Sassar * lib/krb5/keytab.c: MIT compatible changes: add and use sizes to 56372445Sassar keytab entries, and change default keytab to `/etc/krb5.keytab'. 56472445Sassar 56572445SassarMon Mar 23 23:43:59 1998 Johan Danielsson <joda@emma.pdc.kth.se> 56672445Sassar 56772445Sassar * lib/gssapi/wrap.c: Use `gss_krb5_getsomekey'. 56872445Sassar 56972445Sassar * lib/gssapi/unwrap.c: Implement and use `gss_krb5_getsomekey'. 57072445Sassar Fix bug in checking of pad. 57172445Sassar 57272445Sassar * lib/gssapi/{un,}wrap.c: Add support for just integrity 57372445Sassar protecting data. 57472445Sassar 57572445Sassar * lib/gssapi/accept_sec_context.c: Use 57672445Sassar `gssapi_krb5_verify_8003_checksum'. 57772445Sassar 57872445Sassar * lib/gssapi/8003.c: Implement `gssapi_krb5_verify_8003_checksum'. 57972445Sassar 58072445Sassar * lib/gssapi/init_sec_context.c: Zero cred, and store session key 58172445Sassar properly in auth-context. 58272445Sassar 58372445SassarSun Mar 22 00:47:22 1998 Johan Danielsson <joda@emma.pdc.kth.se> 58472445Sassar 58572445Sassar * lib/kadm5/delete_s.c: Check immutable bit. 58672445Sassar 58772445Sassar * kadmin/kadmin.c: Pass client name to kadm5_init. 58872445Sassar 58972445Sassar * lib/kadm5/init_c.c: Get creds for client name passed in. 59072445Sassar 59172445Sassar * kdc/hprop.c (v4_prop): Check for `changepw.kerberos'. 59272445Sassar 59372445SassarSat Mar 21 22:57:13 1998 Johan Danielsson <joda@emma.pdc.kth.se> 59472445Sassar 59572445Sassar * lib/krb5/mk_error.c: Verify that error_code is in the range 59672445Sassar [0,127]. 59772445Sassar 59872445Sassar * kdc/kerberos5.c: Move checking of principal flags to new 59972445Sassar function `check_flags'. 60072445Sassar 60172445SassarSat Mar 21 14:38:51 1998 Assar Westerlund <assar@sics.se> 60272445Sassar 60372445Sassar * lib/kadm5/get_s.c (kadm5_s_get_principal): handle an empty salt 60472445Sassar 60572445Sassar * configure.in: define SunOS if running solaris 60672445Sassar 60772445SassarSat Mar 21 00:26:34 1998 Johan Danielsson <joda@emma.pdc.kth.se> 60872445Sassar 60972445Sassar * lib/kadm5/server.c: Unifdef test for same principal when 61072445Sassar changing password. 61172445Sassar 61272445Sassar * kadmin/util.c: If kadm5_get_principals failes, we might still be 61372445Sassar able to perform the requested opreration (for instance someone if 61472445Sassar trying to change his own password). 61572445Sassar 61672445Sassar * lib/kadm5/init_c.c: Try to get ticket via initial request, if 61772445Sassar not possible via tgt. 61872445Sassar 61972445Sassar * lib/kadm5/server.c: Check for principals changing their own 62072445Sassar passwords. 62172445Sassar 62272445Sassar * kdc/kerberos5.c (tgs_rep2): check for interesting flags on 62372445Sassar involved principals. 62472445Sassar 62572445Sassar * kadmin/util.c: Fix order of flags. 62672445Sassar 62772445SassarThu Mar 19 16:54:10 1998 Johan Danielsson <joda@emma.pdc.kth.se> 62872445Sassar 62972445Sassar * kdc/kerberos4.c: Return sane error code if krb_rd_req fails. 63072445Sassar 63172445SassarWed Mar 18 17:11:47 1998 Assar Westerlund <assar@sics.se> 63272445Sassar 63372445Sassar * acconfig.h: rename HAVE_STRUCT_SOCKADDR_IN6 to HAVE_IPV6 63472445Sassar 63572445SassarWed Mar 18 09:58:18 1998 Johan Danielsson <joda@emma.pdc.kth.se> 63672445Sassar 63772445Sassar * lib/krb5/get_in_tkt_with_keytab.c (krb5_keytab_key_proc): don't 63872445Sassar free keyseed; use correct keytab 63972445Sassar 64072445SassarTue Mar 10 09:56:16 1998 Assar Westerlund <assar@sics.se> 64172445Sassar 64272445Sassar * acinclude.m4 (AC_KRB_IPV6): rewrote to avoid false positives 64372445Sassar 64472445SassarMon Mar 16 23:58:23 1998 Johan Danielsson <joda@emma.pdc.kth.se> 64572445Sassar 64672445Sassar * Release 0.0n 64772445Sassar 64872445SassarFri Mar 6 00:41:30 1998 Johan Danielsson <joda@emma.pdc.kth.se> 64972445Sassar 65072445Sassar * lib/gssapi/{accept_sec_context,release_cred}.c: Use 65172445Sassar krb5_kt_close/krb5_kt_resolve. 65272445Sassar 65372445Sassar * lib/krb5/principal.c (krb5_425_conv_principal_ext): Use resolver 65472445Sassar to lookup hosts, so CNAMEs can be ignored. 65572445Sassar 65672445Sassar * lib/krb5/send_to_kdc.c (krb5_sendto_kdc, send_and_recv_http): 65772445Sassar Add support for using proxy. 65872445Sassar 65972445Sassar * lib/krb5/context.c: Initialize `http_proxy' from 66072445Sassar `libdefaults/http_proxy'. 66172445Sassar 66272445Sassar * lib/krb5/krb5.h: Add `http_proxy' to context. 66372445Sassar 66472445Sassar * lib/krb5/send_to_kdc.c: Recognize `http/' and `udp/' as protocol 66572445Sassar specifications. 66672445Sassar 66772445SassarWed Mar 4 01:47:29 1998 Johan Danielsson <joda@emma.pdc.kth.se> 66872445Sassar 66972445Sassar * admin/ktutil.c: Implement `add' and `remove' functions. Make 67072445Sassar `--keytab' a global option. 67172445Sassar 67272445Sassar * lib/krb5/keytab.c: Implement remove with files. Add memory 67372445Sassar operations. 67472445Sassar 67572445SassarTue Mar 3 20:09:59 1998 Johan Danielsson <joda@emma.pdc.kth.se> 67672445Sassar 67772445Sassar * lib/krb5/keytab.c: Use function pointers. 67872445Sassar 67972445Sassar * admin: Remove kdb_edit. 68072445Sassar 68172445SassarSun Mar 1 03:28:42 1998 Assar Westerlund <assar@sics.se> 68272445Sassar 68372445Sassar * lib/kadm5/dump_log.c: print operation names 68472445Sassar 68572445SassarSun Mar 1 03:04:12 1998 Assar Westerlund <assar@sics.se> 68672445Sassar 68772445Sassar * configure.in: add X-tests, and {bin,...}dir appl/{kx,kauth} 68872445Sassar 68972445Sassar * lib/krb5/build_auth.c,mk_priv.c,rd_safe.c,mk_safe.c,mk_rep.c: 69072445Sassar remove arbitrary limit 69172445Sassar 69272445Sassar * kdc/hprop-common.c: use krb5_{read,write}_message 69372445Sassar 69472445Sassar * lib/kadm5/ipropd_master.c (send_diffs): more careful use 69572445Sassar krb5_{write,read}_message 69672445Sassar 69772445Sassar * lib/kadm5/ipropd_slave.c (get_creds): get credentials for 69872445Sassar `iprop/master' directly. 69972445Sassar (main): use `krb5_read_message' 70072445Sassar 70172445SassarSun Mar 1 02:05:11 1998 Johan Danielsson <joda@emma.pdc.kth.se> 70272445Sassar 70372445Sassar * kadmin/kadmin.c: Cleanup commands list, and add help strings. 70472445Sassar 70572445Sassar * kadmin/get.c: Add long, short, and terse (equivalent to `list') 70672445Sassar output formats. Short is the default. 70772445Sassar 70872445Sassar * kadmin/util.c: Add `include_time' flag to timeval2str. 70972445Sassar 71072445Sassar * kadmin/init.c: Max-life and max-renew can, infact, be zero. 71172445Sassar 71272445Sassar * kadmin/{cpw,del,ext,get}.c: Use `foreach_principal'. 71372445Sassar 71472445Sassar * kadmin/util.c: Add function `foreach_principal', that loops over 71572445Sassar all principals matching an expression. 71672445Sassar 71772445Sassar * kadmin/kadmin.c: Add usage string to `privileges'. 71872445Sassar 71972445Sassar * lib/kadm5/get_princs_s.c: Also try to match aganist the 72072445Sassar expression appended with `@default-realm'. 72172445Sassar 72272445Sassar * lib/krb5/principal.c: Add `krb5_unparse_name_fixed_short', that 72372445Sassar excludes the realm if it's the same as the default realm. 72472445Sassar 72572445SassarFri Feb 27 05:02:21 1998 Assar Westerlund <assar@sics.se> 72672445Sassar 72772445Sassar * configure.in: more WFLAGS and WFLAGS_NOUNUSED added missing 72872445Sassar headers and functions error -> com_err 72972445Sassar 73072445Sassar (krb5_get_init_creds_keytab): use krb5_keytab_key_proc 73172445Sassar 73272445Sassar * lib/krb5/get_in_tkt_with_keytab.c: make `krb5_keytab_key_proc' 73372445Sassar global 73472445Sassar 73572445Sassar * lib/kadm5/marshall.c (ret_principal_ent): set `n_tl_data' 73672445Sassar 73772445Sassar * lib/hdb/ndbm.c: use `struct ndbm_db' everywhere. 73872445Sassar 73972445SassarFri Feb 27 04:49:24 1998 Assar Westerlund <assar@sics.se> 74072445Sassar 74172445Sassar * lib/krb5/mk_priv.c (krb5_mk_priv): bump static limit to 10240. 74272445Sassar This should be fixed the correct way. 74372445Sassar 74472445Sassar * lib/kadm5/ipropd_master.c (check_acl:) truncate buf correctly 74572445Sassar (send_diffs): compare versions correctly 74672445Sassar (main): reorder handling of events 74772445Sassar 74872445Sassar * lib/kadm5/log.c (kadm5_log_previous): avoid bad type conversion 74972445Sassar 75072445SassarThu Feb 26 02:22:35 1998 Assar Westerlund <assar@sics.se> 75172445Sassar 75272445Sassar * lib/kadm5/ipropd_{slave,master}.c: new files 75372445Sassar 75472445Sassar * lib/kadm5/log.c (kadm5_log_get_version): take an `fd' as 75572445Sassar argument 75672445Sassar 75772445Sassar * lib/krb5/krb5.h (krb5_context_data): `et_list' should be `struct 75872445Sassar et_list *' 75972445Sassar 76072445Sassar * aux/make-proto.pl: Should work with perl4 76172445Sassar 76272445SassarMon Feb 16 17:20:22 1998 Johan Danielsson <joda@emma.pdc.kth.se> 76372445Sassar 76472445Sassar * lib/krb5/krb5_locl.h: Remove <error.h> (it gets included via 76572445Sassar {asn1,krb5}_err.h). 76672445Sassar 76772445SassarThu Feb 12 03:28:40 1998 Assar Westerlund <assar@sics.se> 76872445Sassar 76972445Sassar * lib/krb5/get_in_tkt.c (_krb5_extract_ticket): if time difference 77072445Sassar is larger than max_skew, return KRB5KRB_AP_ERR_SKEW 77172445Sassar 77272445Sassar * lib/kadm5/log.c (get_version): globalize 77372445Sassar 77472445Sassar * lib/kadm5/kadm5_locl.h: include <sys/file.h> 77572445Sassar 77672445Sassar * lib/asn1/Makefile.am: add PA_KEY_INFO and PA_KEY_INFO_ENTRY 77772445Sassar 77872445Sassar * kdc/kerberos5.c (get_pa_etype_info): remove gcc-ism of 77972445Sassar initializing local struct in declaration. 78072445Sassar 78172445SassarSat Jan 31 17:28:58 1998 Johan Danielsson <joda@emma.pdc.kth.se> 78272445Sassar 78372445Sassar * kdc/524.c: Use krb5_decode_EncTicketPart. 78472445Sassar 78572445Sassar * kdc/kerberos5.c: Check at runtime whether to use enctypes 78672445Sassar instead of keytypes. If so use the same value to encrypt ticket, 78772445Sassar and kdc-rep as well as `keytype' for session key. Fix some obvious 78872445Sassar bugs with the handling of additional tickets. 78972445Sassar 79072445Sassar * lib/krb5/rd_req.c: Use krb5_decode_EncTicketPart, and 79172445Sassar krb5_decode_Authenticator. 79272445Sassar 79372445Sassar * lib/krb5/rd_rep.c: Use krb5_decode_EncAPRepPart. 79472445Sassar 79572445Sassar * lib/krb5/rd_cred.c: Use krb5_decode_EncKrbCredPart. 79672445Sassar 79772445Sassar * lib/krb5/mk_rep.c: Make sure enc_part.etype is an encryption 79872445Sassar type, and not a key type. Use krb5_encode_EncAPRepPart. 79972445Sassar 80072445Sassar * lib/krb5/init_creds_pw.c: Use krb5_decode_PA_KEY_INFO. 80172445Sassar 80272445Sassar * lib/krb5/get_in_tkt.c: Use krb5_decode_Enc{AS,TGS}RepPart. 80372445Sassar 80472445Sassar * lib/krb5/get_for_creds.c: Use krb5_encode_EncKrbCredPart. 80572445Sassar 80672445Sassar * lib/krb5/get_cred.c: Use krb5_decode_Enc{AS,TGS}RepPart. 80772445Sassar 80872445Sassar * lib/krb5/build_auth.c: Use krb5_encode_Authenticator. 80972445Sassar 81072445Sassar * lib/krb5/codec.c: Enctype conversion stuff. 81172445Sassar 81272445Sassar * lib/krb5/context.c: Ignore KRB5_CONFIG if *not* running 81372445Sassar setuid. Get configuration for libdefaults ktype_is_etype, and 81472445Sassar default_etypes. 81572445Sassar 81672445Sassar * lib/krb5/encrypt.c: Add krb5_string_to_etype, rename 81772445Sassar krb5_convert_etype to krb5_decode_keytype, and add 81872445Sassar krb5_decode_keyblock. 81972445Sassar 82072445SassarFri Jan 23 00:32:09 1998 Johan Danielsson <joda@emma.pdc.kth.se> 82172445Sassar 82272445Sassar * lib/krb5/{get_in_tkt,rd_req}.c: Use krb5_convert_etype. 82372445Sassar 82472445Sassar * lib/krb5/encrypt.c: Add krb5_convert_etype function - converts 82572445Sassar from protocol keytypes (that really are enctypes) to internal 82672445Sassar representation. 82772445Sassar 82872445SassarThu Jan 22 21:24:36 1998 Johan Danielsson <joda@emma.pdc.kth.se> 82972445Sassar 83072445Sassar * lib/asn1/k5.asn1: Add PA-KEY-INFO structure to hold information 83172445Sassar on keys in the database; and also a new `pa-key-info' padata-type. 83272445Sassar 83372445Sassar * kdc/kerberos5.c: If pre-authentication fails, return a list of 83472445Sassar keytypes, salttypes, and salts. 83572445Sassar 83672445Sassar * lib/krb5/init_creds_pw.c: Add better support for 83772445Sassar pre-authentication, by looking at hints from the KDC. 83872445Sassar 83972445Sassar * lib/krb5/get_in_tkt.c: Add better support for specifying what 84072445Sassar pre-authentication to use. 84172445Sassar 84272445Sassar * lib/krb5/str2key.c: Merge entries for KEYTYPE_DES and 84372445Sassar KEYTYPE_DES_AFS3. 84472445Sassar 84572445Sassar * lib/krb5/krb5.h: Add pre-authentication structures. 84672445Sassar 84772445Sassar * kdc/connect.c: Don't fail if realloc(X, 0) returns NULL. 84872445Sassar 84972445SassarWed Jan 21 06:20:40 1998 Assar Westerlund <assar@sics.se> 85072445Sassar 85172445Sassar * lib/kadm5/init_s.c (kadm5_s_init_with_password_ctx): initialize 85272445Sassar `log_context.socket_name' and `log_context.socket_fd' 85372445Sassar 85472445Sassar * lib/kadm5/log.c (kadm5_log_flush): send a unix domain datagram 85572445Sassar to inform the possible running ipropd of an update. 85672445Sassar 85772445SassarWed Jan 21 01:34:09 1998 Johan Danielsson <joda@emma.pdc.kth.se> 85872445Sassar 85972445Sassar * lib/krb5/get_in_tkt.c: Return error-packet to caller. 86072445Sassar 86172445Sassar * lib/krb5/free.c (krb5_free_kdc_rep): Free krb5_kdc_rep->error. 86272445Sassar 86372445Sassar * kdc/kerberos5.c: Add some support for using enctypes instead of 86472445Sassar keytypes. 86572445Sassar 86672445Sassar * lib/krb5/get_cred.c: Fixes to send authorization-data to the 86772445Sassar KDC. 86872445Sassar 86972445Sassar * lib/krb5/build_auth.c: Only generate local subkey if there is 87072445Sassar none. 87172445Sassar 87272445Sassar * lib/krb5/krb5.h: Add krb5_authdata type. 87372445Sassar 87472445Sassar * lib/krb5/auth_context.c: Add 87572445Sassar krb5_auth_con_set{,localsub,remotesub}key. 87672445Sassar 87772445Sassar * lib/krb5/init_creds_pw.c: Return some error if prompter 87872445Sassar functions return failure. 87972445Sassar 88072445SassarWed Jan 21 01:16:13 1998 Assar Westerlund <assar@sics.se> 88172445Sassar 88272445Sassar * kpasswd/kpasswd.c: detect bad password. use krb5_err. 88372445Sassar 88472445Sassar * kadmin/util.c (edit_entry): remove unused variables 88572445Sassar 88672445SassarTue Jan 20 22:58:31 1998 Assar Westerlund <assar@sics.se> 88772445Sassar 88872445Sassar * kuser/kinit.c: rename `-s' to `-S' to be MIT-compatible. 88972445Sassar 89072445Sassar * lib/kadm5/kadm5_locl.h: add kadm5_log_context and 89172445Sassar kadm5_log*-functions 89272445Sassar 89372445Sassar * lib/kadm5/create_s.c (kadm5_s_create_principal): add change to 89472445Sassar log 89572445Sassar 89672445Sassar * lib/kadm5/rename_s.c (kadm5_s_rename_principal): add change to 89772445Sassar log 89872445Sassar 89972445Sassar * lib/kadm5/init_s.c (kadm5_s_init_with_password_ctx): initialize 90072445Sassar log_context 90172445Sassar 90272445Sassar * lib/kadm5/delete_s.c (kadm5_s_delete_principal): add change to 90372445Sassar log 90472445Sassar 90572445Sassar * lib/kadm5/modify_s.c (kadm5_s_modify_principal): add change to 90672445Sassar log 90772445Sassar 90872445Sassar * lib/kadm5/randkey_s.c (kadm5_s_randkey_principal): add change to 90972445Sassar log 91072445Sassar 91172445Sassar * lib/kadm5/chpass_s.c (kadm5_s_chpass_principal): add change to 91272445Sassar log 91372445Sassar 91472445Sassar * lib/kadm5/Makefile.am: add log.c, dump_log and replay_log 91572445Sassar 91672445Sassar * lib/kadm5/replay_log.c: new file 91772445Sassar 91872445Sassar * lib/kadm5/dump_log.c: new file 91972445Sassar 92072445Sassar * lib/kadm5/log.c: new file 92172445Sassar 92272445Sassar * lib/krb5/str2key.c (get_str): initialize pad space to zero 92372445Sassar 92472445Sassar * lib/krb5/config_file.c (krb5_config_vget_next): handle c == NULL 92572445Sassar 92672445Sassar * kpasswd/kpasswdd.c: rewritten to use the kadm5 API 92772445Sassar 92872445Sassar * kpasswd/Makefile.am: link with kadm5srv 92972445Sassar 93072445Sassar * kdc/kerberos5.c (tgs_rep): initialize `i' 93172445Sassar 93272445Sassar * kadmin/kadmind.c (main): use kadm5_server_{send,recv}_sp 93372445Sassar 93472445Sassar * include/Makefile.am: added admin.h 93572445Sassar 93672445SassarSun Jan 18 01:41:34 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 93772445Sassar 93872445Sassar * lib/asn1/gen_copy.c: Don't return ENOMEM if allocating 0 bytes. 93972445Sassar 94072445Sassar * lib/krb5/mcache.c (mcc_store_cred): restore linked list if 94172445Sassar copy_creds fails. 94272445Sassar 94372445SassarTue Jan 6 04:17:56 1998 Assar Westerlund <assar@sics.se> 94472445Sassar 94572445Sassar * lib/kadm5/server.c: add kadm5_server_{send,recv}{,_sp} 94672445Sassar 94772445Sassar * lib/kadm5/marshall.c: add kadm5_{store,ret}_principal_ent_mask. 94872445Sassar 94972445Sassar * lib/kadm5/init_c.c (kadm5_c_init_with_password_ctx): use 95072445Sassar krb5_getportbyname 95172445Sassar 95272445Sassar * kadmin/kadmind.c (main): htons correctly. 95372445Sassar moved kadm5_server_{recv,send} 95472445Sassar 95572445Sassar * kadmin/kadmin.c (main): only set admin_server if explicitly 95672445Sassar given 95772445Sassar 95872445SassarMon Jan 5 23:34:44 1998 Johan Danielsson <joda@emma.pdc.kth.se> 95972445Sassar 96072445Sassar * lib/hdb/ndbm.c: Implement locking of database. 96172445Sassar 96272445Sassar * kdc/kerberos5.c: Process AuthorizationData. 96372445Sassar 96472445SassarSat Jan 3 22:07:07 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 96572445Sassar 96672445Sassar * kdc/string2key.c: Use AFS string-to-key from libkrb5. 96772445Sassar 96872445Sassar * lib/krb5/get_in_tkt.c: Handle pa-afs3-salt case. 96972445Sassar 97072445Sassar * lib/krb5/krb5.h: Add value for AFS salts. 97172445Sassar 97272445Sassar * lib/krb5/str2key.c: Add support for AFS string-to-key. 97372445Sassar 97472445Sassar * lib/kadm5/rename_s.c: Use correct salt. 97572445Sassar 97672445Sassar * lib/kadm5/ent_setup.c: Always enable client. Only set max-life 97772445Sassar and max-renew if != 0. 97872445Sassar 97972445Sassar * lib/krb5/config_file.c: Add context to all krb5_config_*get_*. 98072445Sassar 98172445SassarThu Dec 25 17:03:25 1997 Assar Westerlund <assar@sics.se> 98272445Sassar 98372445Sassar * kadmin/ank.c (ank): don't zero password if --random-key was 98472445Sassar given. 98572445Sassar 98672445SassarTue Dec 23 01:56:45 1997 Assar Westerlund <assar@sics.se> 98772445Sassar 98872445Sassar * Release 0.0m 98972445Sassar 99072445Sassar * lib/kadm5/ent_setup.c (attr_to_flags): try to set `client' 99172445Sassar 99272445Sassar * kadmin/util.c (edit_time): only set mask if != 0 99372445Sassar (edit_attributes): only set mask if != 0 99472445Sassar 99572445Sassar * kadmin/init.c (init): create `default' 99672445Sassar 99772445SassarSun Dec 21 09:44:05 1997 Assar Westerlund <assar@sics.se> 99872445Sassar 99972445Sassar * kadmin/util.c (str2deltat, str2attr, get_deltat): return value 100072445Sassar as pointer and have return value indicate success. 100172445Sassar 100272445Sassar (get_response): check NULL from fgets 100372445Sassar 100472445Sassar (edit_time, edit_attributes): new functions for reading values and 100572445Sassar offering list of answers on '?' 100672445Sassar 100772445Sassar (edit_entry): use edit_time and edit_attributes 100872445Sassar 100972445Sassar * kadmin/ank.c (add_new_key): test the return value of 101072445Sassar `krb5_parse_name' 101172445Sassar 101272445Sassar * kdc/kerberos5.c (tgs_check_authenticator): RFC1510 doesn't say 101372445Sassar that the checksum has to be keyed, even though later drafts do. 101472445Sassar Accept unkeyed checksums to be compatible with MIT. 101572445Sassar 101672445Sassar * kadmin/kadmin_locl.h: add some prototypes. 101772445Sassar 101872445Sassar * kadmin/util.c (edit_entry): return a value 101972445Sassar 102072445Sassar * appl/afsutil/afslog.c (main): return a exit code. 102172445Sassar 102272445Sassar * lib/krb5/get_cred.c (init_tgs_req): use krb5_keytype_to_enctypes 102372445Sassar 102472445Sassar * lib/krb5/encrypt.c (krb5_keytype_to_enctypes): new function. 102572445Sassar 102672445Sassar * lib/krb5/build_auth.c (krb5_build_authenticator): use 102772445Sassar krb5_{free,copy}_keyblock instead of the _contents versions 102872445Sassar 102972445SassarFri Dec 12 14:20:58 1997 Johan Danielsson <joda@emma.pdc.kth.se> 103072445Sassar 103172445Sassar * lib/krb5/{mk,rd}_priv.c: fix check for local/remote subkey 103272445Sassar 103372445SassarMon Dec 8 08:48:09 1997 Johan Danielsson <joda@emma.pdc.kth.se> 103472445Sassar 103572445Sassar * lib/krb5/context.c: don't look at KRB5_CONFIG if running setuid 103672445Sassar 103772445SassarSat Dec 6 10:09:40 1997 Johan Danielsson <joda@emma.pdc.kth.se> 103872445Sassar 103972445Sassar * lib/krb5/keyblock.c (krb5_free_keyblock): check for NULL 104072445Sassar keyblock 104172445Sassar 104272445SassarSat Dec 6 08:26:10 1997 Assar Westerlund <assar@sics.se> 104372445Sassar 104472445Sassar * Release 0.0l 104572445Sassar 104672445SassarThu Dec 4 03:38:12 1997 Johan Danielsson <joda@emma.pdc.kth.se> 104772445Sassar 104872445Sassar * lib/krb5/send_to_kdc.c: Add TCP client support. 104972445Sassar 105072445Sassar * lib/krb5/store.c: Add k_{put,get}_int. 105172445Sassar 105272445Sassar * kadmin/ank.c: Set initial kvno to 1. 105372445Sassar 105472445Sassar * kdc/connect.c: Send version 5 TCP-reply as length+data. 105572445Sassar 105672445SassarSat Nov 29 07:10:11 1997 Assar Westerlund <assar@sics.se> 105772445Sassar 105872445Sassar * lib/krb5/rd_req.c (krb5_rd_req): fixed obvious bug 105972445Sassar 106072445Sassar * kdc/kaserver.c (create_reply_ticket): use a random nonce in the 106172445Sassar reply packet. 106272445Sassar 106372445Sassar * kdc/connect.c (init_sockets): less reallocing. 106472445Sassar 106572445Sassar * **/*.c: changed `struct fd_set' to `fd_set' 106672445Sassar 106772445SassarSat Nov 29 05:12:01 1997 Johan Danielsson <joda@emma.pdc.kth.se> 106872445Sassar 106972445Sassar * lib/krb5/get_default_principal.c: More guessing. 107072445Sassar 107172445SassarThu Nov 20 02:55:09 1997 Johan Danielsson <joda@emma.pdc.kth.se> 107272445Sassar 107372445Sassar * lib/krb5/rd_req.c: Use principal from ticket if no server is 107472445Sassar given. 107572445Sassar 107672445SassarTue Nov 18 02:58:02 1997 Johan Danielsson <joda@emma.pdc.kth.se> 107772445Sassar 107872445Sassar * kuser/klist.c: Use krb5_err*(). 107972445Sassar 108072445SassarSun Nov 16 11:57:43 1997 Johan Danielsson <joda@emma.pdc.kth.se> 108172445Sassar 108272445Sassar * kadmin/kadmin.c: Add local `init', `load', `dump', and `merge' 108372445Sassar commands. 108472445Sassar 108572445SassarSun Nov 16 02:52:20 1997 Assar Westerlund <assar@sics.se> 108672445Sassar 108772445Sassar * lib/krb5/mk_req_ext.c (krb5_mk_req_ext): figure out the correct 108872445Sassar `enctype' 108972445Sassar 109072445Sassar * lib/krb5/mk_req.c (krb5_mk_req): use `(*auth_context)->enctype' 109172445Sassar if set. 109272445Sassar 109372445Sassar * lib/krb5/get_cred.c: handle the case of a specific keytype 109472445Sassar 109572445Sassar * lib/krb5/build_auth.c (krb5_build_authenticator): enctype as a 109672445Sassar parameter instead of guessing it. 109772445Sassar 109872445Sassar * lib/krb5/build_ap_req.c (krb5_build_ap_req): new parameter 109972445Sassar `enctype' 110072445Sassar 110172445Sassar * appl/test/common.c (common_setup): don't use `optarg' 110272445Sassar 110372445Sassar * lib/krb5/keytab.c (krb5_kt_copy_entry_contents): new function 110472445Sassar (krb5_kt_get_entry): retrieve the latest version if kvno == 0 110572445Sassar 110672445Sassar * lib/krb5/krb5.h: define KRB5_TC_MATCH_KEYTYPE 110772445Sassar 110872445Sassar * lib/krb5/creds.c (krb5_compare_creds): check for 110972445Sassar KRB5_TC_MATCH_KEYTYPE 111072445Sassar 111172445Sassar * lib/gssapi/8003.c (gssapi_krb5_create_8003_checksum): remove 111272445Sassar unused variable 111372445Sassar 111472445Sassar * lib/krb5/creds.c (krb5_copy_creds_contents): only free the 111572445Sassar contents if we fail. 111672445Sassar 111772445SassarSun Nov 16 00:32:48 1997 Johan Danielsson <joda@emma.pdc.kth.se> 111872445Sassar 111972445Sassar * kpasswd/kpasswdd.c: Get password expiration time from config 112072445Sassar file. 112172445Sassar 112272445Sassar * lib/asn1/{der_get,gen_decode}.c: Allow passing NULL size. 112372445Sassar 112472445SassarWed Nov 12 02:35:57 1997 Assar Westerlund <assar@sics.se> 112572445Sassar 112672445Sassar * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): 112772445Sassar restructured and fixed. 112872445Sassar 112972445Sassar * lib/krb5/addr_families.c (krb5_h_addr2addr): new function. 113072445Sassar 113172445SassarWed Nov 12 01:36:01 1997 Johan Danielsson <joda@emma.pdc.kth.se> 113272445Sassar 113372445Sassar * lib/krb5/get_addrs.c: Fall back to hostname's addresses if other 113472445Sassar methods fail. 113572445Sassar 113672445SassarTue Nov 11 22:22:12 1997 Johan Danielsson <joda@emma.pdc.kth.se> 113772445Sassar 113872445Sassar * kadmin/kadmin.c: Add `-l' flag to use local database. 113972445Sassar 114072445Sassar * lib/kadm5/acl.c: Use KADM5_PRIV_ALL. 114172445Sassar 114272445Sassar * lib/kadm5: Use function pointer trampoline for easier dual use 114372445Sassar (without radiation-hardening capability). 114472445Sassar 114572445SassarTue Nov 11 05:15:22 1997 Assar Westerlund <assar@sics.se> 114672445Sassar 114772445Sassar * lib/krb5/encrypt.c (krb5_etype_valid): new function 114872445Sassar 114972445Sassar * lib/krb5/creds.c (krb5_copy_creds_contents): zero target 115072445Sassar 115172445Sassar * lib/krb5/context.c (valid_etype): remove 115272445Sassar 115372445Sassar * lib/krb5/checksum.c: remove dead code 115472445Sassar 115572445Sassar * lib/krb5/changepw.c (send_request): free memory on error. 115672445Sassar 115772445Sassar * lib/krb5/build_ap_req.c (krb5_build_ap_req): check return value 115872445Sassar from malloc. 115972445Sassar 116072445Sassar * lib/krb5/auth_context.c (krb5_auth_con_init): free memory on 116172445Sassar failure correctly. 116272445Sassar (krb5_auth_con_setaddrs_from_fd): return error correctly. 116372445Sassar 116472445Sassar * lib/krb5/get_in_tkt_with_{keytab,skey}.c: new files 116572445Sassar 116672445SassarTue Nov 11 02:53:19 1997 Johan Danielsson <joda@emma.pdc.kth.se> 116772445Sassar 116872445Sassar * lib/krb5/auth_context.c: Implement auth_con_setuserkey. 116972445Sassar 117072445Sassar * lib/gssapi/init_sec_context.c: Use krb5_auth_con_getkey. 117172445Sassar 117272445Sassar * lib/krb5/keyblock.c: Rename krb5_free_keyblock to 117372445Sassar krb5_free_keyblock_contents, and reimplement krb5_free_keyblock. 117472445Sassar 117572445Sassar * lib/krb5/rd_req.c: Use auth_context->keyblock if 117672445Sassar ap_options.use_session_key. 117772445Sassar 117872445SassarTue Nov 11 02:35:17 1997 Assar Westerlund <assar@sics.se> 117972445Sassar 118072445Sassar * lib/krb5/net_{read,write}.c: change `int fd' to `void *p_fd'. 118172445Sassar fix callers. 118272445Sassar 118372445Sassar * lib/krb5/krb5_locl.h: include <asn1.h> and <der.h> 118472445Sassar 118572445Sassar * include/Makefile.am: add xdbm.h 118672445Sassar 118772445SassarTue Nov 11 01:58:22 1997 Johan Danielsson <joda@emma.pdc.kth.se> 118872445Sassar 118972445Sassar * lib/krb5/get_cred.c: Implement krb5_get_cred_from_kdc. 119072445Sassar 119172445SassarMon Nov 10 22:41:53 1997 Johan Danielsson <joda@emma.pdc.kth.se> 119272445Sassar 119372445Sassar * lib/krb5/ticket.c: Implement copy_ticket. 119472445Sassar 119572445Sassar * lib/krb5/get_in_tkt.c: Make `options' parameter MIT-compatible. 119672445Sassar 119772445Sassar * lib/krb5/data.c: Implement free_data and copy_data. 119872445Sassar 119972445SassarSun Nov 9 02:17:27 1997 Johan Danielsson <joda@emma.pdc.kth.se> 120072445Sassar 120172445Sassar * lib/kadm5: Implement kadm5_get_privs, and kadm5_get_principals. 120272445Sassar 120372445Sassar * kadmin/kadmin.c: Add get_privileges function. 120472445Sassar 120572445Sassar * lib/kadm5: Rename KADM5_ACL_* -> KADM5_PRIV_* to conform with 120672445Sassar specification. 120772445Sassar 120872445Sassar * kdc/connect.c: Exit if no sockets could be bound. 120972445Sassar 121072445Sassar * kadmin/kadmind.c: Check return value from krb5_net_read(). 121172445Sassar 121272445Sassar * lib/kadm5,kadmin: Fix memory leaks. 121372445Sassar 121472445SassarFri Nov 7 02:45:26 1997 Johan Danielsson <joda@emma.pdc.kth.se> 121572445Sassar 121672445Sassar * lib/kadm5/create_s.c: Get some default values from `default' 121772445Sassar principal. 121872445Sassar 121972445Sassar * lib/kadm5/ent_setup.c: Add optional default entry to get some 122072445Sassar values from. 122172445Sassar 122272445SassarThu Nov 6 00:20:41 1997 Johan Danielsson <joda@emma.pdc.kth.se> 122372445Sassar 122472445Sassar * lib/error/compile_et.awk: Remove generated destroy_*_error_table 122572445Sassar prototype 122672445Sassar 122772445Sassar * kadmin/kadmind.c: Crude admin server. 122872445Sassar 122972445Sassar * kadmin/kadmin.c: Update to use remote protocol. 123072445Sassar 123172445Sassar * kadmin/get.c: Fix principal formatting. 123272445Sassar 123372445Sassar * lib/kadm5: Add client support. 123472445Sassar 123572445Sassar * lib/kadm5/error.c: Error code mapping. 123672445Sassar 123772445Sassar * lib/kadm5/server.c: Kadmind support function. 123872445Sassar 123972445Sassar * lib/kadm5/marshall.c: Kadm5 marshalling. 124072445Sassar 124172445Sassar * lib/kadm5/acl.c: Simple acl system. 124272445Sassar 124372445Sassar * lib/kadm5/kadm5_locl.h: Add client stuff. 124472445Sassar 124572445Sassar * lib/kadm5/init_s.c: Initialize acl. 124672445Sassar 124772445Sassar * lib/kadm5/*: Return values. 124872445Sassar 124972445Sassar * lib/kadm5/create_s.c: Correct kvno. 125072445Sassar 125172445SassarWed Nov 5 22:06:50 1997 Johan Danielsson <joda@emma.pdc.kth.se> 125272445Sassar 125372445Sassar * lib/krb5/log.c: Fix parsing of log destinations. 125472445Sassar 125572445SassarMon Nov 3 20:33:55 1997 Johan Danielsson <joda@emma.pdc.kth.se> 125672445Sassar 125772445Sassar * lib/krb5/principal.c: Reduce number of reallocs in unparse_name. 125872445Sassar 125972445SassarSat Nov 1 01:40:53 1997 Johan Danielsson <joda@emma.pdc.kth.se> 126072445Sassar 126172445Sassar * kadmin: Simple kadmin utility. 126272445Sassar 126372445Sassar * admin/ktutil.c: Print keytype. 126472445Sassar 126572445Sassar * lib/kadm5/get_s.c: Set correct n_key_data. 126672445Sassar 126772445Sassar * lib/kadm5/init_s.c: Add kadm5_s_init_with_password_ctx. Use 126872445Sassar master key. 126972445Sassar 127072445Sassar * lib/kadm5/destroy_s.c: Check for allocated context. 127172445Sassar 127272445Sassar * lib/kadm5/{create,chpass}_s.c: Use _kadm5_set_keys(). 127372445Sassar 127472445SassarSat Nov 1 00:21:00 1997 Assar Westerlund <assar@sics.se> 127572445Sassar 127672445Sassar * configure.in: test for readv, writev 127772445Sassar 127872445SassarWed Oct 29 23:41:26 1997 Assar Westerlund <assar@sics.se> 127972445Sassar 128072445Sassar * lib/krb5/warn.c (_warnerr): handle the case of an illegal error 128172445Sassar code 128272445Sassar 128372445Sassar * kdc/kerberos5.c (encode_reply): return success 128472445Sassar 128572445SassarWed Oct 29 18:01:59 1997 Johan Danielsson <joda@emma.pdc.kth.se> 128672445Sassar 128772445Sassar * kdc/kerberos5.c (find_etype) Return correct index of selected 128872445Sassar etype. 128972445Sassar 129072445SassarWed Oct 29 04:07:06 1997 Assar Westerlund <assar@sics.se> 129172445Sassar 129272445Sassar * Release 0.0k 129372445Sassar 129472445Sassar * lib/krb5/context.c (krb5_init_context): support `KRB5_CONFIG' 129572445Sassar environment variable 129672445Sassar 129772445Sassar * *: use the roken_get*-macros from roken.h for the benefit of 129872445Sassar Crays. 129972445Sassar 130072445Sassar * configure.in: add --{enable,disable}-otp. check for compatible 130172445Sassar prototypes for gethostbyname, gethostbyaddr, getservbyname, and 130272445Sassar openlog (they have strange prototypes on Crays) 130372445Sassar 130472445Sassar * acinclude.m4: new macro `AC_PROTO_COMPAT' 130572445Sassar 130672445SassarTue Oct 28 00:11:22 1997 Johan Danielsson <joda@emma.pdc.kth.se> 130772445Sassar 130872445Sassar * kdc/connect.c: Log bad requests. 130972445Sassar 131072445Sassar * kdc/kerberos5.c: Move stuff that's in common between as_rep and 131172445Sassar tgs_rep to separate functions. 131272445Sassar 131372445Sassar * kdc/kerberos5.c: Fix user-to-user authentication. 131472445Sassar 131572445Sassar * lib/krb5/get_cred.c: Some restructuring of krb5_get_credentials: 131672445Sassar - add a kdc-options argument to krb5_get_credentials, and rename 131772445Sassar it to krb5_get_credentials_with_flags 131872445Sassar - honour the KRB5_GC_CACHED, and KRB5_GC_USER_USER options 131972445Sassar - add some more user-to-user glue 132072445Sassar 132172445Sassar * lib/krb5/rd_req.c: Move parts of krb5_verify_ap_req into a new 132272445Sassar function, krb5_decrypt_ticket, so it is easier to decrypt and 132372445Sassar check a ticket without having an ap-req. 132472445Sassar 132572445Sassar * lib/krb5/krb5.h: Add KRB5_GC_CACHED, and KRB5_GC_USER_USER 132672445Sassar flags. 132772445Sassar 132872445Sassar * lib/krb5/crc.c (crc_init_table): Check if table is already 132972445Sassar inited. 133072445Sassar 133172445SassarSun Oct 26 04:51:02 1997 Johan Danielsson <joda@emma.pdc.kth.se> 133272445Sassar 133372445Sassar * lib/asn1/der_get.c (der_get_length, fix_dce): Special-case 133472445Sassar indefinite encoding. 133572445Sassar 133672445Sassar * lib/asn1/gen_glue.c (generate_units): Check for empty 133772445Sassar member-list. 133872445Sassar 133972445SassarSat Oct 25 07:24:57 1997 Johan Danielsson <joda@emma.pdc.kth.se> 134072445Sassar 134172445Sassar * lib/error/compile_et.awk: Allow specifying table-base. 134272445Sassar 134372445SassarTue Oct 21 20:21:40 1997 Johan Danielsson <joda@emma.pdc.kth.se> 134472445Sassar 134572445Sassar * kdc/kerberos5.c: Check version number of krbtgt. 134672445Sassar 134772445SassarMon Oct 20 01:14:53 1997 Assar Westerlund <assar@sics.se> 134872445Sassar 134972445Sassar * lib/krb5/prompter_posix.c (krb5_prompter_posix): implement the 135072445Sassar case of unhidden prompts. 135172445Sassar 135272445Sassar * lib/krb5/str2key.c (string_to_key_internal): return error 135372445Sassar instead of aborting. always free memory 135472445Sassar 135572445Sassar * admin/ktutil.c: add `help' command 135672445Sassar 135772445Sassar * admin/kdb_edit.c: implement new commands: add_random_key(ark), 135872445Sassar change_password(cpw), change_random_key(crk) 135972445Sassar 136072445SassarThu Oct 16 05:16:36 1997 Assar Westerlund <assar@sics.se> 136172445Sassar 136272445Sassar * kpasswd/kpasswdd.c: change all the keys in the database 136372445Sassar 136472445Sassar * kdc: removed all unsealing, now done by the hdb layer 136572445Sassar 136672445Sassar * lib/hdb/hdb.c: new functions `hdb_create', `hdb_set_master_key' 136772445Sassar and `hdb_clear_master_key' 136872445Sassar 136972445Sassar * admin/misc.c: removed 137072445Sassar 137172445SassarWed Oct 15 22:47:31 1997 Assar Westerlund <assar@sics.se> 137272445Sassar 137372445Sassar * kuser/klist.c: print year as YYYY iff verbose 137472445Sassar 137572445SassarWed Oct 15 20:02:13 1997 Johan Danielsson <joda@emma.pdc.kth.se> 137672445Sassar 137772445Sassar * kuser/klist.c: print etype from ticket 137872445Sassar 137972445SassarMon Oct 13 17:18:57 1997 Johan Danielsson <joda@emma.pdc.kth.se> 138072445Sassar 138172445Sassar * Release 0.0j 138272445Sassar 138372445Sassar * lib/krb5/get_cred.c: Get the subkey from mk_req so it can be 138472445Sassar used to decrypt the reply from DCE secds. 138572445Sassar 138672445Sassar * lib/krb5/auth_context.c: Add {get,set}enctype. 138772445Sassar 138872445Sassar * lib/krb5/get_cred.c: Fix for DCE secd. 138972445Sassar 139072445Sassar * lib/krb5/store.c: Store keytype twice, as MIT does. 139172445Sassar 139272445Sassar * lib/krb5/get_in_tkt.c: Use etype from reply. 139372445Sassar 139472445SassarFri Oct 10 00:39:48 1997 Johan Danielsson <joda@emma.pdc.kth.se> 139572445Sassar 139672445Sassar * kdc/connect.c: check for leading '/' in http request 139772445Sassar 139872445SassarTue Sep 30 21:50:18 1997 Assar Westerlund <assar@assaris.pdc.kth.se> 139972445Sassar 140072445Sassar * Release 0.0i 140172445Sassar 140272445SassarMon Sep 29 15:58:43 1997 Assar Westerlund <assar@sics.se> 140372445Sassar 140472445Sassar * lib/krb5/rd_req.c (krb5_rd_req): redone because we don't know 140572445Sassar the kvno or keytype before receiving the AP-REQ 140672445Sassar 140772445Sassar * lib/krb5/mk_safe.c (krb5_mk_safe): figure out what cksumtype to 140872445Sassar use from the keytype. 140972445Sassar 141072445Sassar * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): figure out what 141172445Sassar cksumtype to use from the keytype. 141272445Sassar 141372445Sassar * lib/krb5/mk_priv.c (krb5_mk_priv): figure out what etype to use 141472445Sassar from the keytype. 141572445Sassar 141672445Sassar * lib/krb5/keytab.c (krb5_kt_get_entry): check the keytype 141772445Sassar 141872445Sassar * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): figure out 141972445Sassar what etype to use from the keytype. 142072445Sassar 142172445Sassar * lib/krb5/generate_seq_number.c (krb5_generate_seq_number): 142272445Sassar handle other key types than DES 142372445Sassar 142472445Sassar * lib/krb5/encrypt.c (key_type): add `best_cksumtype' 142572445Sassar (krb5_keytype_to_cksumtype): new function 142672445Sassar 142772445Sassar * lib/krb5/build_auth.c (krb5_build_authenticator): figure out 142872445Sassar what etype to use from the keytype. 142972445Sassar 143072445Sassar * lib/krb5/auth_context.c (krb5_auth_con_init): set `cksumtype' 143172445Sassar and `enctype' to 0 143272445Sassar 143372445Sassar * admin/extkeytab.c (ext_keytab): extract all keys 143472445Sassar 143572445Sassar * appl/telnet/telnet/commands.c: INET6_ADDRSTRLEN kludge 143672445Sassar 143772445Sassar * configure.in: check for <netinet6/in6.h>. check for -linet6 143872445Sassar 143972445SassarTue Sep 23 03:00:53 1997 Assar Westerlund <assar@sics.se> 144072445Sassar 144172445Sassar * lib/krb5/encrypt.c: fix checksumtype for des3-cbc-sha1 144272445Sassar 144372445Sassar * lib/krb5/rd_safe.c: fix check for keyed and collision-proof 144472445Sassar checksum 144572445Sassar 144672445Sassar * lib/krb5/context.c (valid_etype): remove hard-coded constants 144772445Sassar (default_etypes): include DES3 144872445Sassar 144972445Sassar * kdc/kerberos5.c: fix check for keyed and collision-proof 145072445Sassar checksum 145172445Sassar 145272445Sassar * admin/util.c (init_des_key, set_password): DES3 keys also 145372445Sassar 145472445Sassar * lib/krb/send_to_kdc.c (krb5_sendto_kdc): no data returned means 145572445Sassar no contact? 145672445Sassar 145772445Sassar * lib/krb5/addr_families.c: fix typo in `ipv6_anyaddr' 145872445Sassar 145972445SassarMon Sep 22 11:44:27 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 146072445Sassar 146172445Sassar * kdc/kerberos5.c: Somewhat fix the etype usage. The list sent by 146272445Sassar the client is used to select wich key to encrypt the kdc rep with 146372445Sassar (in case of as-req), and with the server info to select the 146472445Sassar session key type. The server key the ticket is encrypted is based 146572445Sassar purely on the keys in the database. 146672445Sassar 146772445Sassar * kdc/string2key.c: Add keytype support. Default to version 5 146872445Sassar keys. 146972445Sassar 147072445Sassar * lib/krb5/get_in_tkt.c: Fix a lot of etype/keytype misuse. 147172445Sassar 147272445Sassar * lib/krb5/encrypt.c: Add des3-cbc-md5, and des3-cbc-sha1. Add 147372445Sassar many *_to_* functions. 147472445Sassar 147572445Sassar * lib/krb5/str2key.c: Add des3 string-to-key. Add ktype argument 147672445Sassar to krb5_string_to_key(). 147772445Sassar 147872445Sassar * lib/krb5/checksum.c: Some cleanup, and added: 147972445Sassar - rsa-md5-des3 148072445Sassar - hmac-sha1-des3 148172445Sassar - keyed and collision proof flags to each checksum method 148272445Sassar - checksum<->string functions. 148372445Sassar 148472445Sassar * lib/krb5/generate_subkey.c: Use krb5_generate_random_keyblock. 148572445Sassar 148672445SassarSun Sep 21 15:19:23 1997 Assar Westerlund <assar@sics.se> 148772445Sassar 148872445Sassar * kdc/connect.c: use new addr_families functions 148972445Sassar 149072445Sassar * kpasswd/kpasswdd.c: use new addr_families functions. Now works 149172445Sassar over IPv6 149272445Sassar 149372445Sassar * kuser/klist.c: use correct symbols for address families 149472445Sassar 149572445Sassar * lib/krb5/sock_principal.c: use new addr_families functions 149672445Sassar 149772445Sassar * lib/krb5/send_to_kdc.c: use new addr_families functions 149872445Sassar 149972445Sassar * lib/krb5/krb5.h: add KRB5_ADDRESS_INET6 150072445Sassar 150172445Sassar * lib/krb5/get_addrs.c: use new addr_families functions 150272445Sassar 150372445Sassar * lib/krb5/changepw.c: use new addr_families functions. Now works 150472445Sassar over IPv6 150572445Sassar 150672445Sassar * lib/krb5/auth_context.c: use new addr_families functions 150772445Sassar 150872445Sassar * lib/krb5/addr_families.c: new file 150972445Sassar 151072445Sassar * acconfig.h: AC_SOCKADDR_IN6 -> AC_STRUCT_SOCKADDR_IN6. Updated 151172445Sassar uses. 151272445Sassar 151372445Sassar * acinclude.m4: new macro `AC_KRB_IPV6'. Use it. 151472445Sassar 151572445SassarSat Sep 13 23:04:23 1997 Johan Danielsson <joda@emma.pdc.kth.se> 151672445Sassar 151772445Sassar * kdc/hprop.c: Don't encrypt twice. Complain on non-convertable 151872445Sassar principals. 151972445Sassar 152072445SassarSat Sep 13 00:59:36 1997 Assar Westerlund <assar@sics.se> 152172445Sassar 152272445Sassar * Release 0.0h 152372445Sassar 152472445Sassar * appl/telnet/telnet/commands.c: AF_INET6 support 152572445Sassar 152672445Sassar * admin/misc.c: new file 152772445Sassar 152872445Sassar * lib/krb5/context.c: new configuration variable `max_retries' 152972445Sassar 153072445Sassar * lib/krb5/get_addrs.c: fixes and better #ifdef's 153172445Sassar 153272445Sassar * lib/krb5/config_file.c: implement krb5_config_get_int 153372445Sassar 153472445Sassar * lib/krb5/auth_context.c, send_to_kdc.c, sock_principal.c: 153572445Sassar AF_INET6 support 153672445Sassar 153772445Sassar * kuser/klist.c: support for printing IPv6-addresses 153872445Sassar 153972445Sassar * kdc/connect.c: support AF_INET6 154072445Sassar 154172445Sassar * configure.in: test for gethostbyname2 and struct sockaddr_in6 154272445Sassar 154372445SassarThu Sep 11 07:25:28 1997 Assar Westerlund <assar@sics.se> 154472445Sassar 154572445Sassar * lib/asn1/k5.asn1: Use `METHOD-DATA' instead of `SEQUENCE OF 154672445Sassar PA-DATA' 154772445Sassar 154872445SassarWed Sep 10 21:20:17 1997 Johan Danielsson <joda@emma.pdc.kth.se> 154972445Sassar 155072445Sassar * kdc/kerberos5.c: Fixes for cross-realm, including (but not 155172445Sassar limited to): 155272445Sassar - allow client to be non-existant (should probably check for 155372445Sassar "local realm") 155472445Sassar - if server isn't found and it is a request for a krbtgt, try to 155572445Sassar find a realm on the way to the requested realm 155672445Sassar - update the transited encoding iff 155772445Sassar client-realm != server-realm != tgt-realm 155872445Sassar 155972445Sassar * lib/krb5/get_cred.c: Several fixes for cross-realm. 156072445Sassar 156172445SassarTue Sep 9 15:59:20 1997 Johan Danielsson <joda@emma.pdc.kth.se> 156272445Sassar 156372445Sassar * kdc/string2key.c: Fix password handling. 156472445Sassar 156572445Sassar * lib/krb5/encrypt.c: krb5_key_to_string 156672445Sassar 156772445SassarTue Sep 9 07:46:05 1997 Assar Westerlund <assar@sics.se> 156872445Sassar 156972445Sassar * lib/krb5/get_addrs.c: rewrote. Now should be able to handle 157072445Sassar aliases and IPv6 addresses 157172445Sassar 157272445Sassar * kuser/klist.c: try printing IPv6 addresses 157372445Sassar 157472445Sassar * kdc/kerberos5.c: increase the arbitrary limit from 1024 to 8192 157572445Sassar 157672445Sassar * configure.in: check for <netinet/in6_var.h> 157772445Sassar 157872445SassarMon Sep 8 02:57:14 1997 Assar Westerlund <assar@sics.se> 157972445Sassar 158072445Sassar * doc: fixes 158172445Sassar 158272445Sassar * admin/util.c (init_des_key): increase kvno 158372445Sassar (set_password): return -1 if `des_read_pw_string' failed 158472445Sassar 158572445Sassar * admin/mod.c (doit2): check the return value from `set_password' 158672445Sassar 158772445Sassar * admin/ank.c (doit): don't add a new entry if `set_password' 158872445Sassar failed 158972445Sassar 159072445SassarMon Sep 8 02:20:16 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 159172445Sassar 159272445Sassar * lib/krb5/verify_init.c: fix ap_req_nofail semantics 159372445Sassar 159472445Sassar * lib/krb5/transited.c: something that might resemble 159572445Sassar domain-x500-compress 159672445Sassar 159772445SassarMon Sep 8 01:24:42 1997 Assar Westerlund <assar@sics.se> 159872445Sassar 159972445Sassar * kdc/hpropd.c (main): check number of arguments 160072445Sassar 160172445Sassar * appl/popper/pop_init.c (pop_init): check number of arguments 160272445Sassar 160372445Sassar * kpasswd/kpasswd.c (main): check number of arguments 160472445Sassar 160572445Sassar * kdc/string2key.c (main): check number of arguments 160672445Sassar 160772445Sassar * kuser/kdestroy.c (main): check number of arguments 160872445Sassar 160972445Sassar * kuser/kinit.c (main): check number of arguments 161072445Sassar 161172445Sassar * kpasswd/kpasswdd.c (main): use sigaction without SA_RESTART to 161272445Sassar break out of select when a signal arrives 161372445Sassar 161472445Sassar * kdc/main.c (main): use sigaction without SA_RESTART to break out 161572445Sassar of select when a signal arrives 161672445Sassar 161772445Sassar * kdc/kstash.c: default to HDB_DB_DIR "/m-key" 161872445Sassar 161972445Sassar * kdc/config.c (configure): add `--version'. Check the number of 162072445Sassar arguments. Handle the case of there being no specification of port 162172445Sassar numbers. 162272445Sassar 162372445Sassar * admin/util.c: seal and unseal key at appropriate places 162472445Sassar 162572445Sassar * admin/kdb_edit.c (main): parse arguments, config file and read 162672445Sassar master key iff there's one. 162772445Sassar 162872445Sassar * admin/extkeytab.c (ext_keytab): unseal key while extracting 162972445Sassar 163072445SassarSun Sep 7 20:41:01 1997 Assar Westerlund <assar@sics.se> 163172445Sassar 163272445Sassar * lib/roken/roken.h: include <fcntl.h> 163372445Sassar 163472445Sassar * kdc/kerberos5.c (set_salt_padata): new function 163572445Sassar 163672445Sassar * appl/telnet/telnetd/telnetd.c: Rename some variables that 163772445Sassar conflict with cpp symbols on HP-UX 10.20 163872445Sassar 163972445Sassar * change all calls of `gethostbyaddr' to cast argument 1 to `const 164072445Sassar char *' 164172445Sassar 164272445Sassar * acconfig.h: only use SGTTY on nextstep 164372445Sassar 164472445SassarSun Sep 7 14:33:50 1997 Johan Danielsson <joda@emma.pdc.kth.se> 164572445Sassar 164672445Sassar * kdc/kerberos5.c: Check invalid flag. 164772445Sassar 164872445SassarFri Sep 5 14:19:38 1997 Johan Danielsson <joda@emma.pdc.kth.se> 164972445Sassar 165072445Sassar * lib/krb5/verify_user.c: Use get_init_creds/verify_init_creds. 165172445Sassar 165272445Sassar * lib/kafs: Move functions common to krb/krb5 modules to new file, 165372445Sassar and make things more modular. 165472445Sassar 165572445Sassar * lib/krb5/krb5.h: rename STRING -> krb5_config_string, and LIST 165672445Sassar -> krb5_config_list 165772445Sassar 165872445SassarThu Sep 4 23:39:43 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 165972445Sassar 166072445Sassar * lib/krb5/get_addrs.c: Fix loopback test. 166172445Sassar 166272445SassarThu Sep 4 04:45:49 1997 Assar Westerlund <assar@sics.se> 166372445Sassar 166472445Sassar * lib/roken/roken.h: fallback definition of `O_ACCMODE' 166572445Sassar 166672445Sassar * lib/krb5/get_in_tkt.c (krb5_get_in_cred): be more careful when 166772445Sassar checking for a v4 reply 166872445Sassar 166972445SassarWed Sep 3 18:20:14 1997 Johan Danielsson <joda@emma.pdc.kth.se> 167072445Sassar 167172445Sassar * kdc/hprop.c: Add `--decrypt' and `--encrypt' flags. 167272445Sassar 167372445Sassar * lib/hdb/hdb.c: new {seal,unseal}_keys functions 167472445Sassar 167572445Sassar * kdc/{hprop,hpropd}.c: Add support to dump database to stdout. 167672445Sassar 167772445Sassar * kdc/hprop.c: Don't use same master key as version 4. 167872445Sassar 167972445Sassar * admin/util.c: Don't dump core if no `default' is found. 168072445Sassar 168172445SassarWed Sep 3 16:01:07 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 168272445Sassar 168372445Sassar * kdc/connect.c: Allow run time port specification. 168472445Sassar 168572445Sassar * kdc/config.c: Add flags for http support, and port 168672445Sassar specifications. 168772445Sassar 168872445SassarTue Sep 2 02:00:03 1997 Assar Westerlund <assar@sics.se> 168972445Sassar 169072445Sassar * include/bits.c: Don't generate ifndef's in bits.h. Instead, use 169172445Sassar them when building the program. This makes it possible to include 169272445Sassar bits.h without having defined all HAVE_INT17_T symbols. 169372445Sassar 169472445Sassar * configure.in: test for sigaction 169572445Sassar 169672445Sassar * doc: updated documentation. 169772445Sassar 169872445SassarTue Sep 2 00:20:31 1997 Johan Danielsson <joda@emma.pdc.kth.se> 169972445Sassar 170072445Sassar * Release 0.0g 170172445Sassar 170272445SassarMon Sep 1 17:42:14 1997 Johan Danielsson <joda@emma.pdc.kth.se> 170372445Sassar 170472445Sassar * lib/krb5/data.c: don't return ENOMEM if len == 0 170572445Sassar 170672445SassarSun Aug 31 17:15:49 1997 Johan Danielsson <joda@emma.pdc.kth.se> 170772445Sassar 170872445Sassar * lib/hdb/hdb.asn1: Include salt type in salt. 170972445Sassar 171072445Sassar * kdc/hprop.h: Change port to 754. 171172445Sassar 171272445Sassar * kdc/hpropd.c: Verify who tries to transmit a database. 171372445Sassar 171472445Sassar * appl/popper: Use getarg and krb5_log. 171572445Sassar 171672445Sassar * lib/krb5/get_port.c: Add context parameter. Now takes port in 171772445Sassar host byte order. 171872445Sassar 171972445SassarSat Aug 30 18:48:19 1997 Johan Danielsson <joda@emma.pdc.kth.se> 172072445Sassar 172172445Sassar * kdc/connect.c: Add timeout to select, and log about expired tcp 172272445Sassar connections. 172372445Sassar 172472445Sassar * kdc/config.c: Add `database' option. 172572445Sassar 172672445Sassar * kdc/hpropd.c: Log about duplicate entries. 172772445Sassar 172872445Sassar * lib/hdb/{db,ndbm}.c: Use common routines. 172972445Sassar 173072445Sassar * lib/hdb/common.c: Implement more generic fetch/store/delete 173172445Sassar functions. 173272445Sassar 173372445Sassar * lib/hdb/hdb.h: Add `replace' parameter to store. 173472445Sassar 173572445Sassar * kdc/connect.c: Set filedecriptor to -1 on allocated decriptor 173672445Sassar entries. 173772445Sassar 173872445SassarFri Aug 29 03:13:23 1997 Assar Westerlund <assar@sics.se> 173972445Sassar 174072445Sassar * lib/krb5/get_in_tkt.c: extract_ticket -> _krb5_extract_ticket 174172445Sassar 174272445Sassar * aux/make-proto.pl: fix __P for stone age mode 174372445Sassar 174472445SassarFri Aug 29 02:45:46 1997 Johan Danielsson <joda@emma.pdc.kth.se> 174572445Sassar 174672445Sassar * lib/45/mk_req.c: implementation of krb_mk_req that uses 524 174772445Sassar protocol 174872445Sassar 174972445Sassar * lib/krb5/init_creds_pw.c: make change_password and 175072445Sassar get_init_creds_common static 175172445Sassar 175272445Sassar * lib/krb5/krb5.h: Merge stuff from removed headerfiles. 175372445Sassar 175472445Sassar * lib/krb5/fcache.c: fcc_ops -> krb5_fcc_ops 175572445Sassar 175672445Sassar * lib/krb5/mcache.c: mcc_ops -> krb5_mcc_ops 175772445Sassar 175872445SassarFri Aug 29 01:45:25 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 175972445Sassar 176072445Sassar * lib/krb5/krb5.h: Remove all prototypes. 176172445Sassar 176272445Sassar * lib/krb5/convert_creds.c: Use `struct credentials' instead of 176372445Sassar `CREDENTIALS'. 176472445Sassar 176572445SassarFri Aug 29 00:08:18 1997 Assar Westerlund <assar@sics.se> 176672445Sassar 176772445Sassar * lib/asn1/gen_glue.c: new file. generates 2int and int2 functions 176872445Sassar and units for bit strings. 176972445Sassar 177072445Sassar * admin/util.c: flags2int, int2flags, and flag_units are now 177172445Sassar generated by asn1_compile 177272445Sassar 177372445Sassar * lib/roken/parse_units.c: generalised `parse_units' and 177472445Sassar `unparse_units' and added new functions `parse_flags' and 177572445Sassar `unparse_flags' that use these 177672445Sassar 177772445Sassar * lib/krb5/krb5_locl.h: moved krb5_data* functions to krb5.h 177872445Sassar 177972445Sassar * admin/util.c: Use {un,}parse_flags for printing and parsing 178072445Sassar hdbflags. 178172445Sassar 178272445SassarThu Aug 28 03:26:12 1997 Assar Westerlund <assar@sics.se> 178372445Sassar 178472445Sassar * lib/krb5/get_addrs.c: restructured 178572445Sassar 178672445Sassar * lib/krb5/warn.c (_warnerr): leak less memory 178772445Sassar 178872445Sassar * lib/hdb/hdb.c (hdb_free_entry): zero keys 178972445Sassar (hdb_check_db_format): leak less memory 179072445Sassar 179172445Sassar * lib/hdb/ndbm.c (NDBM_seq): check for valid hdb_entries implement 179272445Sassar NDBM__get, NDBM__put 179372445Sassar 179472445Sassar * lib/hdb/db.c (DB_seq): check for valid hdb_entries 179572445Sassar 179672445SassarThu Aug 28 02:06:58 1997 Johan Danielsson <joda@emma.pdc.kth.se> 179772445Sassar 179872445Sassar * lib/krb5/send_to_kdc.c: Don't use sendto on connected sockets. 179972445Sassar 180072445SassarThu Aug 28 01:13:17 1997 Assar Westerlund <assar@sics.se> 180172445Sassar 180272445Sassar * kuser/kinit.1, klist.1, kdestroy.1: new man pages 180372445Sassar 180472445Sassar * kpasswd/kpasswd.1, kpasswdd.8: new man pages 180572445Sassar 180672445Sassar * kdc/kstash.8, hprop.8, hpropd.8: new man pages 180772445Sassar 180872445Sassar * admin/ktutil.8, admin/kdb_edit.8: new man pages 180972445Sassar 181072445Sassar * admin/mod.c: new file 181172445Sassar 181272445Sassar * admin/life.c: renamed gettime and puttime to getlife and putlife 181372445Sassar and moved them to life.c 181472445Sassar 181572445Sassar * admin/util.c: add print_flags, parse_flags, init_entry, 181672445Sassar set_created_by, set_modified_by, edit_entry, set_password. Use 181772445Sassar them. 181872445Sassar 181972445Sassar * admin/get.c: use print_flags 182072445Sassar 182172445Sassar * admin: removed unused stuff. use krb5_{warn,err}* 182272445Sassar 182372445Sassar * admin/ank.c: re-organized and abstracted. 182472445Sassar 182572445Sassar * admin/gettime.c: removed 182672445Sassar 182772445SassarThu Aug 28 00:37:39 1997 Johan Danielsson <joda@emma.pdc.kth.se> 182872445Sassar 182972445Sassar * lib/krb5/{get_cred,get_in_tkt}.c: Check for v4 reply. 183072445Sassar 183172445Sassar * lib/roken/base64.c: Add base64 functions. 183272445Sassar 183372445Sassar * kdc/connect.c lib/krb5/send_to_kdc.c: Add http support. 183472445Sassar 183572445SassarWed Aug 27 00:29:20 1997 Johan Danielsson <joda@emma.pdc.kth.se> 183672445Sassar 183772445Sassar * include/Makefile.am: Don't make links to built files. 183872445Sassar 183972445Sassar * admin/kdb_edit.c: Add command to set the database path. 184072445Sassar 184172445Sassar * lib/hdb: Include version number in database. 184272445Sassar 184372445SassarTue Aug 26 20:14:54 1997 Johan Danielsson <joda@emma.pdc.kth.se> 184472445Sassar 184572445Sassar * admin/ktutil: Merged v4 srvtab conversion. 184672445Sassar 184772445SassarMon Aug 25 23:02:18 1997 Assar Westerlund <assar@sics.se> 184872445Sassar 184972445Sassar * lib/roken/roken.h: add F_OK 185072445Sassar 185172445Sassar * lib/gssapi/acquire_creds.c: fix typo 185272445Sassar 185372445Sassar * configure.in: call AC_TYPE_MODE_T 185472445Sassar 185572445Sassar * acinclude.m4: Add AC_TYPE_MODE_T 185672445Sassar 185772445SassarSun Aug 24 16:46:53 1997 Assar Westerlund <assar@sics.se> 185872445Sassar 185972445Sassar * Release 0.0f 186072445Sassar 186172445SassarSun Aug 24 08:06:54 1997 Assar Westerlund <assar@sics.se> 186272445Sassar 186372445Sassar * appl/popper/pop_pass.c: log poppers 186472445Sassar 186572445Sassar * kdc/kaserver.c: some more checks 186672445Sassar 186772445Sassar * kpasswd/kpasswd.c: removed `-p' 186872445Sassar 186972445Sassar * kuser/kinit.c: removed `-p' 187072445Sassar 187172445Sassar * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): If 187272445Sassar KDC_ERR_PREUATH_REQUIRED, add preauthentication and try again. 187372445Sassar 187472445Sassar * lib/krb5/get_in_tkt.c (krb5_get_in_cred): don't print out 187572445Sassar krb-error text 187672445Sassar 187772445Sassar * lib/gssapi/import_name.c (input_name): more names types. 187872445Sassar 187972445Sassar * admin/load.c (parse_keys): handle the case of an empty salt 188072445Sassar 188172445Sassar * kdc/kaserver.c: fix up memory deallocation 188272445Sassar 188372445Sassar * kdc/kaserver.c: quick hack at talking kaserver protocol 188472445Sassar 188572445Sassar * kdc/kerberos4.c: Make `db-fetch4' global 188672445Sassar 188772445Sassar * configure.in: add --enable-kaserver 188872445Sassar 188972445Sassar * kdc/rx.h, kdc/kerberos4.h: new header files 189072445Sassar 189172445Sassar * lib/krb5/principal.c: fix krb5_build_principal_ext & c:o 189272445Sassar 189372445SassarSun Aug 24 03:52:44 1997 Johan Danielsson <joda@emma.pdc.kth.se> 189472445Sassar 189572445Sassar * lib/krb5/{get_in_tkt,mk_safe,mk_priv}.c: Fix some Cray specific 189672445Sassar type conflicts. 189772445Sassar 189872445Sassar * lib/krb5/{get_cred,get_in_tkt}.c: Mask nonce to 32 bits. 189972445Sassar 190072445Sassar * lib/des/{md4,md5,sha}.c: Now works on Crays. 190172445Sassar 190272445SassarSat Aug 23 18:15:01 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 190372445Sassar 190472445Sassar * appl/afsutil/afslog.c: If no cells or files specified, get 190572445Sassar tokens for all local cells. Better test for files. 190672445Sassar 190772445SassarThu Aug 21 23:33:38 1997 Assar Westerlund <assar@sics.se> 190872445Sassar 190972445Sassar * lib/gssapi/v1.c: new file with v1 compatibility functions. 191072445Sassar 191172445SassarThu Aug 21 20:36:13 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 191272445Sassar 191372445Sassar * lib/kafs/afskrb5.c: Don't check ticket file for afs ticket. 191472445Sassar 191572445Sassar * kdc/kerberos4.c: Check database when converting v4 principals. 191672445Sassar 191772445Sassar * kdc/kerberos5.c: Include kvno in Ticket. 191872445Sassar 191972445Sassar * lib/krb5/encrypt.c: Add kvno parameter to encrypt_EncryptedData. 192072445Sassar 192172445Sassar * kuser/klist.c: Print version number of ticket, include more 192272445Sassar flags. 192372445Sassar 192472445SassarWed Aug 20 21:26:58 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 192572445Sassar 192672445Sassar * lib/kafs/afskrb5.c (get_cred): Check cached afs tickets for 192772445Sassar expiration. 192872445Sassar 192972445SassarWed Aug 20 17:40:31 1997 Assar Westerlund <assar@sics.se> 193072445Sassar 193172445Sassar * lib/krb5/recvauth.c (krb5_recvauth): Send a KRB-ERROR iff 193272445Sassar there's an error. 193372445Sassar 193472445Sassar * lib/krb5/sendauth.c (krb5_sendauth): correct the protocol 193572445Sassar documentation and process KRB-ERROR's 193672445Sassar 193772445SassarTue Aug 19 20:41:30 1997 Johan Danielsson <joda@emma.pdc.kth.se> 193872445Sassar 193972445Sassar * kdc/kerberos4.c: Fix memory leak in v4 protocol handler. 194072445Sassar 194172445SassarMon Aug 18 05:15:09 1997 Assar Westerlund <assar@sics.se> 194272445Sassar 194372445Sassar * lib/gssapi/accept_sec_context.c: Added 194472445Sassar `gsskrb5_register_acceptor_identity' 194572445Sassar 194672445SassarSun Aug 17 01:40:20 1997 Assar Westerlund <assar@sics.se> 194772445Sassar 194872445Sassar * lib/gssapi/accept_sec_context.c (gss_accept_sec_context): don't 194972445Sassar always pass server == NULL to krb5_rd_req. 195072445Sassar 195172445Sassar * lib/gssapi: new files: canonicalize_name.c export_name.c 195272445Sassar context_time.c compare_name.c release_cred.c acquire_cred.c 195372445Sassar inquire_cred.c, from Luke Howard <lukeh@xedoc.com.au> 195472445Sassar 195572445Sassar * lib/krb5/config_file.c: Add netinfo support from Luke Howard 195672445Sassar <lukeh@xedoc.com.au> 195772445Sassar 195872445Sassar * lib/editline/sysunix.c: sgtty-support from Luke Howard 195972445Sassar <lukeh@xedoc.com.au> 196072445Sassar 196172445Sassar * lib/krb5/principal.c: krb5_sname_to_principal fix from Luke 196272445Sassar Howard <lukeh@xedoc.com.au> 196372445Sassar 196472445SassarSat Aug 16 00:44:47 1997 Assar Westerlund <assar@koi.pdc.kth.se> 196572445Sassar 196672445Sassar * Release 0.0e 196772445Sassar 196872445SassarSat Aug 16 00:23:46 1997 Johan Danielsson <joda@emma.pdc.kth.se> 196972445Sassar 197072445Sassar * appl/afsutil/afslog.c: Use new libkafs. 197172445Sassar 197272445Sassar * lib/kafs/afskrb5.c: Get AFS tokens via 524 protocol. 197372445Sassar 197472445Sassar * lib/krb5/warn.c: Fix format string for *x type. 197572445Sassar 197672445SassarFri Aug 15 22:15:01 1997 Assar Westerlund <assar@sics.se> 197772445Sassar 197872445Sassar * admin/get.c (get_entry): print more information about the entry 197972445Sassar 198072445Sassar * lib/des/Makefile.am: build destest, mdtest, des, rpw, speed 198172445Sassar 198272445Sassar * lib/krb5/config_file.c: new functions `krb5_config_get_time' and 198372445Sassar `krb5_config_vget_time'. Use them. 198472445Sassar 198572445SassarFri Aug 15 00:09:37 1997 Johan Danielsson <joda@emma.pdc.kth.se> 198672445Sassar 198772445Sassar * admin/ktutil.c: Keytab manipulation program. 198872445Sassar 198972445Sassar * lib/krb5/keytab.c: Return sane values from resolve and 199072445Sassar start_seq_get. 199172445Sassar 199272445Sassar * kdc/kerberos5.c: Fix for old clients passing 0 for `no endtime'. 199372445Sassar 199472445Sassar * lib/45/get_ad_tkt.c: Kerberos 4 get_ad_tkt using 199572445Sassar krb524_convert_creds_kdc. 199672445Sassar 199772445Sassar * lib/krb5/convert_creds.c: Implementation of 199872445Sassar krb524_convert_creds_kdc. 199972445Sassar 200072445Sassar * lib/asn1/k5.asn1: Make kdc-req-body.till OPTIONAL 200172445Sassar 200272445Sassar * kdc/524.c: A somewhat working 524-protocol module. 200372445Sassar 200472445Sassar * kdc/kerberos4.c: Add version 4 ticket encoding and encryption 200572445Sassar functions. 200672445Sassar 200772445Sassar * lib/krb5/context.c: Fix kdc_timeout. 200872445Sassar 200972445Sassar * lib/hdb/{ndbm,db}.c: Free name in close. 201072445Sassar 201172445Sassar * kdc/kerberos5.c (tgs_check_autenticator): Return error code 201272445Sassar 201372445SassarThu Aug 14 21:29:03 1997 Johan Danielsson <joda@emma.pdc.kth.se> 201472445Sassar 201572445Sassar * kdc/kerberos5.c (tgs_make_reply): Fix endtime in reply. 201672445Sassar 201772445Sassar * lib/krb5/store_emem.c: Fix reallocation bug. 201872445Sassar 201972445SassarTue Aug 12 01:29:46 1997 Assar Westerlund <assar@sics.se> 202072445Sassar 202172445Sassar * appl/telnet/libtelnet/kerberos5.c, appl/popper/pop_init.c: Use 202272445Sassar `krb5_sock_to_principal'. Send server parameter to 202372445Sassar krb5_rd_req/krb5_recvauth. Set addresses in auth_context. 202472445Sassar 202572445Sassar * lib/krb5/recvauth.c: Set addresses in auth_context if there 202672445Sassar aren't any 202772445Sassar 202872445Sassar * lib/krb5/auth_context.c: New function 202972445Sassar `krb5_auth_con_setaddrs_from_fd' 203072445Sassar 203172445Sassar * lib/krb5/sock_principal.c: new function 203272445Sassar `krb5_sock_to_principal' 203372445Sassar 203472445Sassar * lib/krb5/time.c: new file with `krb5_timeofday' and 203572445Sassar `krb5_us_timeofday'. Use these functions. 203672445Sassar 203772445Sassar * kuser/klist.c: print KDC offset iff verbose 203872445Sassar 203972445Sassar * lib/krb5/get_in_tkt.c: implement KDC time offset and use it if 204072445Sassar [libdefaults]kdc_timesync is set. 204172445Sassar 204272445Sassar * lib/krb5/fcache.c: Implement version 4 of the ccache format. 204372445Sassar 204472445SassarMon Aug 11 05:34:43 1997 Assar Westerlund <assar@sics.se> 204572445Sassar 204672445Sassar * lib/krb5/rd_rep.c (krb5_free_ap_rep_enc_part): free all memory 204772445Sassar 204872445Sassar * lib/krb5/principal.c (krb5_unparse_name): allocate memory 204972445Sassar properly 205072445Sassar 205172445Sassar * kpasswd/kpasswd.c: Use `krb5_change_password' 205272445Sassar 205372445Sassar * lib/krb5/init_creds_pw.c (init_cred): set realm of server 205472445Sassar correctly. 205572445Sassar 205672445Sassar * lib/krb5/init_creds_pw.c: support changing of password when it 205772445Sassar has expired 205872445Sassar 205972445Sassar * lib/krb5/changepw.c: new file 206072445Sassar 206172445Sassar * kuser/klist.c: use getarg 206272445Sassar 206372445Sassar * admin/init.c (init): add `kadmin/changepw' 206472445Sassar 206572445SassarMon Aug 11 04:30:47 1997 Johan Danielsson <joda@emma.pdc.kth.se> 206672445Sassar 206772445Sassar * lib/krb5/get_cred.c: Make get_credentials handle cross-realm. 206872445Sassar 206972445SassarMon Aug 11 00:03:24 1997 Assar Westerlund <assar@sics.se> 207072445Sassar 207172445Sassar * lib/krb5/config_file.c: implement support for #-comments 207272445Sassar 207372445SassarSat Aug 9 02:21:46 1997 Johan Danielsson <joda@emma.pdc.kth.se> 207472445Sassar 207572445Sassar * kdc/hprop*.c: Add database propagation programs. 207672445Sassar 207772445Sassar * kdc/connect.c: Max request size. 207872445Sassar 207972445SassarSat Aug 9 00:47:28 1997 Assar Westerlund <assar@sics.se> 208072445Sassar 208172445Sassar * lib/otp: resurrected from krb4 208272445Sassar 208372445Sassar * appl/push: new program for fetching mail with POP. 208472445Sassar 208572445Sassar * appl/popper/popper.h: new include files. new fields in `POP' 208672445Sassar 208772445Sassar * appl/popper/pop_pass.c: Implement both v4 and v5. 208872445Sassar 208972445Sassar * appl/popper/pop_init.c: Implement both v4 and v5. 209072445Sassar 209172445Sassar * appl/popper/pop_debug.c: use getarg. Talk both v4 and v5 209272445Sassar 209372445Sassar * appl/popper: Popper from krb4. 209472445Sassar 209572445Sassar * configure.in: check for inline and <netinet/tcp.h> generate 209672445Sassar files in appl/popper, appl/push, and lib/otp 209772445Sassar 209872445SassarFri Aug 8 05:51:02 1997 Assar Westerlund <assar@sics.se> 209972445Sassar 210072445Sassar * lib/krb5/get_cred.c: clean-up and try to free memory even when 210172445Sassar there're errors 210272445Sassar 210372445Sassar * lib/krb5/get_cred.c: adapt to new `extract_ticket' 210472445Sassar 210572445Sassar * lib/krb5/get_in_tkt.c: reorganize. check everything and try to 210672445Sassar return memory even if there are errors. 210772445Sassar 210872445Sassar * kuser/kverify.c: new file 210972445Sassar 211072445Sassar * lib/krb5/free_host_realm.c: new file 211172445Sassar 211272445Sassar * lib/krb5/principal.c (krb5_sname_to_principal): implement 211372445Sassar different nametypes. Also free memory. 211472445Sassar 211572445Sassar * lib/krb5/verify_init.c: more functionality 211672445Sassar 211772445Sassar * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): free the checksum 211872445Sassar 211972445Sassar * lib/krb5/get_in_tkt.c (extract_ticket): don't copy over the 212072445Sassar principals in creds. Should also compare them with that received 212172445Sassar from the KDC 212272445Sassar 212372445Sassar * lib/krb5/cache.c (krb5_cc_gen_new): copy the newly allocated 212472445Sassar krb5_ccache 212572445Sassar (krb5_cc_destroy): call krb5_cc_close 212672445Sassar (krb5_cc_retrieve_cred): delete the unused creds 212772445Sassar 212872445SassarFri Aug 8 02:30:40 1997 Johan Danielsson <joda@emma.pdc.kth.se> 212972445Sassar 213072445Sassar * lib/krb5/log.c: Allow better control of destinations of logging 213172445Sassar (like passing explicit destinations, and log-functions). 213272445Sassar 213372445SassarFri Aug 8 01:20:39 1997 Assar Westerlund <assar@sics.se> 213472445Sassar 213572445Sassar * lib/krb5/get_default_principal.c: new file 213672445Sassar 213772445Sassar * kpasswd/kpasswdd.c: use krb5_log* 213872445Sassar 213972445SassarFri Aug 8 00:37:47 1997 Johan Danielsson <joda@emma.pdc.kth.se> 214072445Sassar 214172445Sassar * lib/krb5/init_creds_pw.c: Implement krb5_get_init_creds_keytab. 214272445Sassar 214372445SassarFri Aug 8 00:37:17 1997 Assar Westerlund <assar@sics.se> 214472445Sassar 214572445Sassar * lib/krb5/init_creds_pw.c: Use `krb5_get_default_principal'. 214672445Sassar Print password expire information. 214772445Sassar 214872445Sassar * kdc/config.c: new variable `kdc_warn_pwexpire' 214972445Sassar 215072445Sassar * kpasswd/kpasswd.c: converted to getarg and get_init_creds 215172445Sassar 215272445SassarThu Aug 7 22:17:09 1997 Assar Westerlund <assar@sics.se> 215372445Sassar 215472445Sassar * lib/krb5/mcache.c: new file 215572445Sassar 215672445Sassar * admin/gettime.c: new function puttime. Use it. 215772445Sassar 215872445Sassar * lib/krb5/keyblock.c: Added krb5_free_keyblock and 215972445Sassar krb5_copy_keyblock 216072445Sassar 216172445Sassar * lib/krb5/init_creds_pw.c: more functionality 216272445Sassar 216372445Sassar * lib/krb5/creds.c: Added krb5_free_creds_contents and 216472445Sassar krb5_copy_creds. Changed callers. 216572445Sassar 216672445Sassar * lib/krb5/config_file.c: new functions krb5_config_get and 216772445Sassar krb5_config_vget 216872445Sassar 216972445Sassar * lib/krb5/cache.c: cleanup added mcache 217072445Sassar 217172445Sassar * kdc/kerberos5.c: include last-req's of type 6 and 7, if 217272445Sassar applicable 217372445Sassar 217472445SassarWed Aug 6 20:38:23 1997 Johan Danielsson <joda@emma.pdc.kth.se> 217572445Sassar 217672445Sassar * lib/krb5/log.c: New parameter `log-level'. Default to `SYSLOG'. 217772445Sassar 217872445SassarTue Aug 5 22:53:54 1997 Assar Westerlund <assar@sics.se> 217972445Sassar 218072445Sassar * lib/krb5/verify_init.c, init_creds_pw.c, init_creds.c, 218172445Sassar prompter_posix.c: the beginning of an implementation of the cygnus 218272445Sassar initial-ticket API. 218372445Sassar 218472445Sassar * lib/krb5/get_in_tkt_pw.c: make `krb5_password_key_proc' global 218572445Sassar 218672445Sassar * lib/krb5/get_in_tkt.c (krb5_get_in_cred): new function that is 218772445Sassar almost krb5_get_in_tkt but doesn't write the creds to the ccache. 218872445Sassar Small fixes in krb5_get_in_tkt 218972445Sassar 219072445Sassar * lib/krb5/get_addrs.c (krb5_get_all_client_addrs): don't include 219172445Sassar loopback. 219272445Sassar 219372445SassarMon Aug 4 20:20:48 1997 Johan Danielsson <joda@emma.pdc.kth.se> 219472445Sassar 219572445Sassar * kdc: Make context global. 219672445Sassar 219772445SassarFri Aug 1 17:23:56 1997 Assar Westerlund <assar@sics.se> 219872445Sassar 219972445Sassar * Release 0.0d 220072445Sassar 220172445Sassar * lib/roken/flock.c: new file 220272445Sassar 220372445Sassar * kuser/kinit.c: check for and print expiry information in the 220472445Sassar `kdc_rep' 220572445Sassar 220672445Sassar * lib/krb5/get_in_tkt.c: Set `ret_as_reply' if != NULL 220772445Sassar 220872445Sassar * kdc/kerberos5.c: Check the valid times on client and server. 220972445Sassar Check the password expiration. 221072445Sassar Check the require_preauth flag. 221172445Sassar Send an lr_type == 6 with pw_end. 221272445Sassar Set key.expiration to min(valid_end, pw_end) 221372445Sassar 221472445Sassar * lib/hdb/hdb.asn1: new flags `require_preauth' and `change_pw' 221572445Sassar 221672445Sassar * admin/util.c, admin/load.c: handle the new flags. 221772445Sassar 221872445SassarFri Aug 1 16:56:12 1997 Johan Danielsson <joda@emma.pdc.kth.se> 221972445Sassar 222072445Sassar * lib/hdb: Add some simple locking. 222172445Sassar 222272445SassarSun Jul 27 04:44:31 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 222372445Sassar 222472445Sassar * lib/krb5/log.c: Add some general logging functions. 222572445Sassar 222672445Sassar * kdc/kerberos4.c: Add version 4 protocol handler. The requrement 222772445Sassar for this to work is that all involved principals has a des key in 222872445Sassar the database, and that the client has a version 4 (un-)salted 222972445Sassar key. Furthermore krb5_425_conv_principal has to do it's job, as 223072445Sassar present it's not very clever. 223172445Sassar 223272445Sassar * lib/krb5/principal.c: Quick patch to make 425_conv work 223372445Sassar somewhat. 223472445Sassar 223572445Sassar * lib/hdb/hdb.c: Add keytype->key and next key functions. 223672445Sassar 223772445SassarFri Jul 25 17:32:12 1997 Assar Westerlund <assar@sics.se> 223872445Sassar 223972445Sassar * lib/krb5/build_auth.c (krb5_build_authenticator): don't free 224072445Sassar `cksum'. It's allocated and freed by the caller 224172445Sassar 224272445Sassar * lib/krb5/get_cred.c (krb5_get_kdc_cred): Don't free `addresses'. 224372445Sassar 224472445Sassar * kdc/kerberos5.c (tgs_rep2): make sure we also have an defined 224572445Sassar `client' to return as part of the KRB-ERROR 224672445Sassar 224772445SassarThu Jul 24 08:13:59 1997 Johan Danielsson <joda@emma.pdc.kth.se> 224872445Sassar 224972445Sassar * kdc/kerberos5.c: Unseal keys from database before use. 225072445Sassar 225172445Sassar * kdc/misc.c: New functions set_master_key, unseal_key and 225272445Sassar free_key. 225372445Sassar 225472445Sassar * lib/roken/getarg.c: Handle `-f arg' correctly. 225572445Sassar 225672445SassarThu Jul 24 01:54:43 1997 Assar Westerlund <assar@sics.se> 225772445Sassar 225872445Sassar * kuser/kinit.c: implement `-l' aka `--lifetime' 225972445Sassar 226072445Sassar * lib/roken/parse_units.c, parse_time.c: new files 226172445Sassar 226272445Sassar * admin/gettime.c (gettime): use `parse_time' 226372445Sassar 226472445Sassar * kdc/kerberos5.c (as_rep): Use `METHOD-DATA' when sending 226572445Sassar KRB5KDC_ERR_PREAUTH_REQUIRED, not PA-DATA. 226672445Sassar 226772445Sassar * kpasswd/kpasswdd.c: fix freeing bug use sequence numbers set 226872445Sassar addresses in auth_context bind one socket per interface. 226972445Sassar 227072445Sassar * kpasswd/kpasswd.c: use sequence numbers 227172445Sassar 227272445Sassar * lib/krb5/rd_req.c (krb5_verify_ap_req): do abs when verifying 227372445Sassar the timestamps 227472445Sassar 227572445Sassar * lib/krb5/rd_priv.c (krb5_rd_priv): Fetch the correct session key 227672445Sassar from auth_context 227772445Sassar 227872445Sassar * lib/krb5/mk_priv.c (krb5_mk_priv): Fetch the correct session key 227972445Sassar from auth_context 228072445Sassar 228172445Sassar * lib/krb5/mk_error.c (krb5_mk_error): return an error number and 228272445Sassar not a comerr'd number. 228372445Sassar 228472445Sassar * lib/krb5/get_in_tkt.c (krb5_get_in_tkt): interpret the error 228572445Sassar number in KRB-ERROR correctly. 228672445Sassar 228772445Sassar * lib/krb5/get_cred.c (krb5_get_kdc_cred): interpret the error 228872445Sassar number in KRB-ERROR correctly. 228972445Sassar 229072445Sassar * lib/asn1/k5.asn1: Add `METHOD-DATA' 229172445Sassar 229272445Sassar * removed some memory leaks. 229372445Sassar 229472445SassarWed Jul 23 07:53:18 1997 Assar Westerlund <assar@sics.se> 229572445Sassar 229672445Sassar * Release 0.0c 229772445Sassar 229872445Sassar * lib/krb5/rd_cred.c, get_for_creds.c: new files 229972445Sassar 230072445Sassar * lib/krb5/get_host_realm.c: try default realm as last chance 230172445Sassar 230272445Sassar * kpasswd/kpasswdd.c: updated to hdb changes 230372445Sassar 230472445Sassar * appl/telnet/libtelnet/kerberos5.c: Implement forwarding 230572445Sassar 230672445Sassar * appl/telnet/libtelnet: removed totally unused files 230772445Sassar 230872445Sassar * admin/ank.c: fix prompts and generation of random keys 230972445Sassar 231072445SassarWed Jul 23 04:02:32 1997 Johan Danielsson <joda@emma.pdc.kth.se> 231172445Sassar 231272445Sassar * admin/dump.c: Include salt in dump. 231372445Sassar 231472445Sassar * admin: Mostly updated for new db-format. 231572445Sassar 231672445Sassar * kdc/kerberos5.c: Update to use new db format. Better checking of 231772445Sassar flags and such. More logging. 231872445Sassar 231972445Sassar * lib/hdb/hdb.c: Use generated encode and decode functions. 232072445Sassar 232172445Sassar * lib/hdb/hdb.h: Get hdb_entry from ASN.1 generated code. 232272445Sassar 232372445Sassar * lib/krb5/get_cred.c: Get addresses from krbtgt if there are none 232472445Sassar in the reply. 232572445Sassar 232672445SassarSun Jul 20 16:22:30 1997 Assar Westerlund <assar@sics.se> 232772445Sassar 232872445Sassar * kuser/kinit.c: break if des_read_pw_string() != 0 232972445Sassar 233072445Sassar * kpasswd/kpasswdd.c: send a reply 233172445Sassar 233272445Sassar * kpasswd/kpasswd.c: restructured code. better report on 233372445Sassar krb-error break if des_read_pw_string() != 0 233472445Sassar 233572445Sassar * kdc/kerberos5.c: Check `require_enc_timestamp' malloc space for 233672445Sassar starttime and renew_till 233772445Sassar 233872445Sassar * appl/telnet/libtelnet/kerberos5.c (kerberos5_is): Send a 233972445Sassar keyblock to krb5_verify_chekcsum 234072445Sassar 234172445SassarSun Jul 20 06:35:46 1997 Johan Danielsson <joda@emma.pdc.kth.se> 234272445Sassar 234372445Sassar * Release 0.0b 234472445Sassar 234572445Sassar * kpasswd/kpasswd.c: Avoid using non-standard struct names. 234672445Sassar 234772445SassarSat Jul 19 19:26:23 1997 Assar Westerlund <assar@sics.se> 234872445Sassar 234972445Sassar * lib/krb5/keytab.c (krb5_kt_get_entry): check return from 235072445Sassar `krb5_kt_start_seq_get'. From <map@stacken.kth.se> 235172445Sassar 235272445SassarSat Jul 19 04:07:39 1997 Johan Danielsson <joda@emma.pdc.kth.se> 235372445Sassar 235472445Sassar * lib/asn1/k5.asn1: Update with more pa-data types from 235572445Sassar draft-ietf-cat-kerberos-revisions-00.txt 235672445Sassar 235772445Sassar * admin/load.c: Update to match current db-format. 235872445Sassar 235972445Sassar * kdc/kerberos5.c (as_rep): Try all valid pa-datas before giving 236072445Sassar up. Send back an empty pa-data if the client has the v4 flag set. 236172445Sassar 236272445Sassar * lib/krb5/get_in_tkt.c: Pass both version5 and version4 salted 236372445Sassar pa-data. DTRT if there is any pa-data in the reply. 236472445Sassar 236572445Sassar * lib/krb5/str2key.c: XOR with some sane value. 236672445Sassar 236772445Sassar * lib/hdb/hdb.h: Add `version 4 salted key' flag. 236872445Sassar 236972445Sassar * kuser/kinit.c: Ask for password before calling get_in_tkt. This 237072445Sassar makes it possible to call key_proc more than once. 237172445Sassar 237272445Sassar * kdc/string2key.c: Add flags to output version 5 (DES only), 237372445Sassar version 4, and AFS string-to-key of a password. 237472445Sassar 237572445Sassar * lib/asn1/gen_copy.c: copy_* functions now returns an int (0 or 237672445Sassar ENOMEM). 237772445Sassar 237872445SassarFri Jul 18 02:54:58 1997 Assar Westerlund <assar@sics.se> 237972445Sassar 238072445Sassar * lib/krb5/get_host_realm.c (krb5_get_host_realm): do the 238172445Sassar name2name thing 238272445Sassar 238372445Sassar * kdc/misc.c: check result of hdb_open 238472445Sassar 238572445Sassar * admin/kdb_edit: updated to new sl 238672445Sassar 238772445Sassar * lib/sl: sl_func now returns an int. != 0 means to exit. 238872445Sassar 238972445Sassar * kpasswd/kpasswdd: A crude (but somewhat working) implementation 239072445Sassar of `draft-ietf-cat-kerb-chg-password-00.txt' 239172445Sassar 239272445SassarFri Jul 18 00:55:39 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 239372445Sassar 239472445Sassar * kuser/krenew.c: Crude ticket renewing program. 239572445Sassar 239672445Sassar * kdc/kerberos5.c: Rewritten flags parsing, it now might work to 239772445Sassar get forwarded and renewed tickets. 239872445Sassar 239972445Sassar * kuser/kinit.c: Add `-r' flag. 240072445Sassar 240172445Sassar * lib/krb5/get_cred.c: Move most of contents of get_creds to new 240272445Sassar function get_kdc_cred, that always contacts the kdc and doesn't 240372445Sassar save in the cache. This is a hack. 240472445Sassar 240572445Sassar * lib/krb5/get_in_tkt.c: Pass starttime and renew_till in request 240672445Sassar (a bit kludgy). 240772445Sassar 240872445Sassar * lib/krb5/mk_req_ext.c: Make an auth_context if none passed in. 240972445Sassar 241072445Sassar * lib/krb5/send_to_kdc.c: Get timeout from context. 241172445Sassar 241272445Sassar * lib/krb5/context.c: Add kdc_timeout to context struct. 241372445Sassar 241472445SassarThu Jul 17 20:35:45 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 241572445Sassar 241672445Sassar * kuser/klist.c: Print start time of ticket if available. 241772445Sassar 241872445Sassar * lib/krb5/get_host_realm.c: Return error if no realm was found. 241972445Sassar 242072445SassarThu Jul 17 20:28:21 1997 Assar Westerlund <assar@sics.se> 242172445Sassar 242272445Sassar * kpasswd: non-working kpasswd added 242372445Sassar 242472445SassarThu Jul 17 00:21:22 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 242572445Sassar 242672445Sassar * Release 0.0a 242772445Sassar 242872445Sassar * kdc/main.c: Add -p flag to disable pa-enc-timestamp requirement. 242972445Sassar 243072445SassarWed Jul 16 03:37:41 1997 Johan Danielsson <joda@emma.pdc.kth.se> 243172445Sassar 243272445Sassar * kdc/kerberos5.c (tgs_rep2): Free ticket and ap_req. 243372445Sassar 243472445Sassar * lib/krb5/auth_context.c (krb5_auth_con_free): Free remote 243572445Sassar subkey. 243672445Sassar 243772445Sassar * lib/krb5/principal.c (krb5_free_principal): Check for NULL. 243872445Sassar 243972445Sassar * lib/krb5/send_to_kdc.c: Check for NULL return from 244072445Sassar gethostbyname. 244172445Sassar 244272445Sassar * lib/krb5/set_default_realm.c: Try to get realm of local host if 244372445Sassar no default realm is available. 244472445Sassar 244572445Sassar * Remove non ASN.1 principal code. 244672445Sassar 244772445SassarWed Jul 16 03:17:30 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 244872445Sassar 244972445Sassar * kdc/kerberos5.c: Split tgs_rep in smaller functions. Add better 245072445Sassar error handing. Do some logging. 245172445Sassar 245272445Sassar * kdc/log.c: Some simple logging facilities. 245372445Sassar 245472445Sassar * kdc/misc.c (db_fetch): Take a krb5_principal. 245572445Sassar 245672445Sassar * kdc/connect.c: Pass address of request to as_rep and 245772445Sassar tgs_rep. Send KRB-ERROR. 245872445Sassar 245972445Sassar * lib/krb5/mk_error.c: Add more fields. 246072445Sassar 246172445Sassar * lib/krb5/get_cred.c: Print normal error code if no e_text is 246272445Sassar available. 246372445Sassar 246472445SassarWed Jul 16 03:07:50 1997 Assar Westerlund <assar@sics.se> 246572445Sassar 246672445Sassar * lib/krb5/get_in_tkt.c: implement `krb5_init_etype'. 246772445Sassar Change encryption type of pa_enc_timestamp to DES-CBC-MD5 246872445Sassar 246972445Sassar * lib/krb5/context.c: recognize all encryption types actually 247072445Sassar implemented 247172445Sassar 247272445Sassar * lib/krb5/auth_context.c (krb5_auth_con_init): Change default 247372445Sassar encryption type to `DES_CBC_MD5' 247472445Sassar 247572445Sassar * lib/krb5/read_message.c, write_message.c: new files 247672445Sassar 247772445SassarTue Jul 15 17:14:21 1997 Assar Westerlund <assar@sics.se> 247872445Sassar 247972445Sassar * lib/asn1: replaced asn1_locl.h by `der_locl.h' and `gen_locl.h'. 248072445Sassar 248172445Sassar * lib/error/compile_et.awk: generate a prototype for the 248272445Sassar `destroy_foo_error_table' function. 248372445Sassar 248472445SassarMon Jul 14 12:24:40 1997 Assar Westerlund <assar@sics.se> 248572445Sassar 248672445Sassar * lib/krb5/krbhst.c (krb5_get_krbhst): Get all kdc's and try also 248772445Sassar with `kerberos.REALM' 248872445Sassar 248972445Sassar * kdc/kerberos5.c, lib/krb5/rd_priv.c, lib/krb5/rd_safe.c: use 249072445Sassar `max_skew' 249172445Sassar 249272445Sassar * lib/krb5/rd_req.c (krb5_verify_ap_req): record authenticator 249372445Sassar subkey 249472445Sassar 249572445Sassar * lib/krb5/build_auth.c (krb5_build_authenticator): always 249672445Sassar generate a subkey. 249772445Sassar 249872445Sassar * lib/krb5/address.c: implement `krb5_address_order' 249972445Sassar 250072445Sassar * lib/gssapi/import_name.c: Implement `gss_import_name' 250172445Sassar 250272445Sassar * lib/gssapi/external.c: Use new OID 250372445Sassar 250472445Sassar * lib/gssapi/encapsulate.c: New functions 250572445Sassar `gssapi_krb5_encap_length' and `gssapi_krb5_make_header'. Changed 250672445Sassar callers. 250772445Sassar 250872445Sassar * lib/gssapi/decapsulate.c: New function 250972445Sassar `gssaspi_krb5_verify_header'. Changed callers. 251072445Sassar 251172445Sassar * lib/asn1/gen*.c: Give tags to generated structs. 251272445Sassar Use `err' and `asprintf' 251372445Sassar 251472445Sassar * appl/test/gss_common.c: new file 251572445Sassar 251672445Sassar * appl/test/gssapi_server.c: removed all krb5 calls 251772445Sassar 251872445Sassar * appl/telnet/libtelnet/kerberos5.c: Add support for genering and 251972445Sassar verifying checksums. Also start using session subkeys. 252072445Sassar 252172445SassarMon Jul 14 12:08:25 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 252272445Sassar 252372445Sassar * lib/krb5/rd_req.c (krb5_rd_req_with_keyblock): Split up. 252472445Sassar 252572445SassarSun Jul 13 03:07:44 1997 Assar Westerlund <assar@sics.se> 252672445Sassar 252772445Sassar * lib/krb5/rd_safe.c, mk_safe.c: made bug-compatible with MIT 252872445Sassar 252972445Sassar * lib/krb5/encrypt.c: new functions `DES_encrypt_null_ivec' and 253072445Sassar `DES_encrypt_key_ivec' 253172445Sassar 253272445Sassar * lib/krb5/checksum.c: implement rsa-md4-des and rsa-md5-des 253372445Sassar 253472445Sassar * kdc/kerberos5.c (tgs_rep): support keyed checksums 253572445Sassar 253672445Sassar * lib/krb5/creds.c: new file 253772445Sassar 253872445Sassar * lib/krb5/get_in_tkt.c: better freeing 253972445Sassar 254072445Sassar * lib/krb5/context.c (krb5_free_context): more freeing 254172445Sassar 254272445Sassar * lib/krb5/config_file.c: New function `krb5_config_file_free' 254372445Sassar 254472445Sassar * lib/error/compile_et.awk: Generate a `destroy_' function. 254572445Sassar 254672445Sassar * kuser/kinit.c, klist.c: Don't leak memory. 254772445Sassar 254872445SassarSun Jul 13 02:46:27 1997 Johan Danielsson <joda@emma.pdc.kth.se> 254972445Sassar 255072445Sassar * kdc/connect.c: Check filedescriptor in select. 255172445Sassar 255272445Sassar * kdc/kerberos5.c: Remove most of the most common memory leaks. 255372445Sassar 255472445Sassar * lib/krb5/rd_req.c: Free allocated data. 255572445Sassar 255672445Sassar * lib/krb5/auth_context.c (krb5_auth_con_free): Free a lot of 255772445Sassar fields. 255872445Sassar 255972445SassarSun Jul 13 00:32:16 1997 Assar Westerlund <assar@sics.se> 256072445Sassar 256172445Sassar * appl/telnet: Conditionalize the krb4-support. 256272445Sassar 256372445Sassar * configure.in: Test for krb4 256472445Sassar 256572445SassarSat Jul 12 17:14:12 1997 Assar Westerlund <assar@sics.se> 256672445Sassar 256772445Sassar * kdc/kerberos5.c: check if the pre-auth was decrypted properly. 256872445Sassar set the `pre_authent' flag 256972445Sassar 257072445Sassar * lib/krb5/get_cred.c, lib/krb5/get_in_tkt.c: generate a random nonce. 257172445Sassar 257272445Sassar * lib/krb5/encrypt.c: Made `generate_random_block' global. 257372445Sassar 257472445Sassar * appl/test: Added gssapi_client and gssapi_server. 257572445Sassar 257672445Sassar * lib/krb5/data.c: Add `krb5_data_zero' 257772445Sassar 257872445Sassar * appl/test/tcp_client.c: try `mk_safe' and `mk_priv' 257972445Sassar 258072445Sassar * appl/test/tcp_server.c: try `rd_safe' and `rd_priv' 258172445Sassar 258272445SassarSat Jul 12 16:45:58 1997 Johan Danielsson <joda@emma.pdc.kth.se> 258372445Sassar 258472445Sassar * lib/krb5/get_addrs.c: Fix for systems that has sa_len, but 258572445Sassar returns zero length from SIOCGIFCONF. 258672445Sassar 258772445SassarSat Jul 12 16:38:34 1997 Assar Westerlund <assar@sics.se> 258872445Sassar 258972445Sassar * appl/test: new programs 259072445Sassar 259172445Sassar * lib/krb5/rd_req.c: add address compare 259272445Sassar 259372445Sassar * lib/krb5/mk_req_ext.c: allow no checksum 259472445Sassar 259572445Sassar * lib/krb5/keytab.c (krb5_kt_ret_string): 0-terminate string 259672445Sassar 259772445Sassar * lib/krb5/address.c: fix `krb5_address_compare' 259872445Sassar 259972445SassarSat Jul 12 15:03:16 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 260072445Sassar 260172445Sassar * lib/krb5/get_addrs.c: Fix ip4 address extraction. 260272445Sassar 260372445Sassar * kuser/klist.c: Add verbose flag, and split main into smaller 260472445Sassar pieces. 260572445Sassar 260672445Sassar * lib/krb5/fcache.c: Save ticket flags. 260772445Sassar 260872445Sassar * lib/krb5/get_in_tkt.c (extract_ticket): Extract addresses and 260972445Sassar flags. 261072445Sassar 261172445Sassar * lib/krb5/krb5.h: Add ticket_flags to krb5_creds. 261272445Sassar 261372445SassarSat Jul 12 13:12:48 1997 Assar Westerlund <assar@sics.se> 261472445Sassar 261572445Sassar * configure.in: Call `AC_KRB_PROG_LN_S' 261672445Sassar 261772445Sassar * acinclude.m4: Add `AC_KRB_PROG_LN_S' from krb4 261872445Sassar 261972445SassarSat Jul 12 00:57:01 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 262072445Sassar 262172445Sassar * lib/krb5/get_in_tkt.c: Use union of krb5_flags and KDCOptions to 262272445Sassar pass options. 262372445Sassar 262472445SassarFri Jul 11 15:04:22 1997 Assar Westerlund <assar@sics.se> 262572445Sassar 262672445Sassar * appl/telnet: telnet & telnetd seems to be working. 262772445Sassar 262872445Sassar * lib/krb5/config_file.c: Added krb5_config_v?get_list Fixed 262972445Sassar krb5_config_vget_next 263072445Sassar 263172445Sassar * appl/telnet/libtelnet/kerberos5.c: update to current API 263272445Sassar 263372445SassarThu Jul 10 14:54:39 1997 Assar Westerlund <assar@sics.se> 263472445Sassar 263572445Sassar * appl/telnet/libtelnet/kerberos5.c (kerberos5_status): call 263672445Sassar `krb5_kuserok' 263772445Sassar 263872445Sassar * appl/telnet: Added. 263972445Sassar 264072445SassarThu Jul 10 05:09:25 1997 Johan Danielsson <joda@emma.pdc.kth.se> 264172445Sassar 264272445Sassar * lib/error/compile_et.awk: Remove usage of sub, gsub, and 264372445Sassar functions for compatibility with awk. 264472445Sassar 264572445Sassar * include/bits.c: Must use signed char. 264672445Sassar 264772445Sassar * lib/krb5/context.c: Move krb5_get_err_text, and krb5_init_ets 264872445Sassar here. 264972445Sassar 265072445Sassar * lib/error/error.c: Replace krb5_get_err_text with new function 265172445Sassar com_right. 265272445Sassar 265372445Sassar * lib/error/compile_et.awk: Avoid using static variables. 265472445Sassar 265572445Sassar * lib/error/error.c: Don't use krb5_locl.h 265672445Sassar 265772445Sassar * lib/error/error.h: Move definitions of error_table and 265872445Sassar error_list from krb5.h. 265972445Sassar 266072445Sassar * lib/error: Moved from lib/krb5. 266172445Sassar 266272445SassarWed Jul 9 07:42:04 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 266372445Sassar 266472445Sassar * lib/krb5/encrypt.c: Temporary hack to avoid des_rand_data. 266572445Sassar 266672445SassarWed Jul 9 06:58:00 1997 Assar Westerlund <assar@sics.se> 266772445Sassar 266872445Sassar * lib/krb5/{rd,mk}_{*}.c: more checking for addresses and stuff 266972445Sassar according to pseudocode from 1510 267072445Sassar 267172445SassarWed Jul 9 06:06:06 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 267272445Sassar 267372445Sassar * lib/hdb/hdb.c: Add hdb_etype2key. 267472445Sassar 267572445Sassar * kdc/kerberos5.c: Check authenticator. Use more general etype 267672445Sassar functions. 267772445Sassar 267872445SassarWed Jul 9 03:51:12 1997 Assar Westerlund <assar@sics.se> 267972445Sassar 268072445Sassar * lib/asn1/k5.asn1: Made all `s_address' OPTIONAL according to 268172445Sassar draft-ietf-cat-kerberos-r-00.txt 268272445Sassar 268372445Sassar * lib/krb5/principal.c (krb5_parse_name): default to local realm 268472445Sassar if none given 268572445Sassar 268672445Sassar * kuser/kinit.c: New option `-p' and prompt 268772445Sassar 268872445SassarWed Jul 9 02:30:06 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 268972445Sassar 269072445Sassar * lib/krb5/keyblock.c: Keyblock generation functions. 269172445Sassar 269272445Sassar * lib/krb5/encrypt.c: Use functions from checksum.c. 269372445Sassar 269472445Sassar * lib/krb5/checksum.c: Move checksum functions here. Add 269572445Sassar krb5_cksumsize function. 269672445Sassar 269772445SassarWed Jul 9 01:15:38 1997 Assar Westerlund <assar@sics.se> 269872445Sassar 269972445Sassar * lib/krb5/get_host_realm.c: implemented 270072445Sassar 270172445Sassar * lib/krb5/config_file.c: Redid part. New functions: 270272445Sassar krb5_config_v?get_next 270372445Sassar 270472445Sassar * kuser/kdestroy.c: new program 270572445Sassar 270672445Sassar * kuser/kinit.c: new flag `-f' 270772445Sassar 270872445Sassar * lib/asn1/k5.asn1: Made HostAddresses = SEQUENCE OF HostAddress 270972445Sassar 271072445Sassar * acinclude.m4: Added AC_KRB_STRUCT_SOCKADDR_SA_LEN 271172445Sassar 271272445Sassar * lib/krb5/krb5.h: krb5_addresses == HostAddresses. Changed all 271372445Sassar users. 271472445Sassar 271572445Sassar * lib/krb5/get_addrs.c: figure out all local addresses, possibly 271672445Sassar even IPv6! 271772445Sassar 271872445Sassar * lib/krb5/checksum.c: table-driven checksum 271972445Sassar 272072445SassarMon Jul 7 21:13:28 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 272172445Sassar 272272445Sassar * lib/krb5/encrypt.c: Make krb5_decrypt use the same struct as 272372445Sassar krb5_encrypt. 272472445Sassar 272572445SassarMon Jul 7 11:15:51 1997 Assar Westerlund <assar@sics.se> 272672445Sassar 272772445Sassar * lib/roken/vsyslog.c: new file 272872445Sassar 272972445Sassar * lib/krb5/encrypt.c: add des-cbc-md4. 273072445Sassar adjust krb5_encrypt and krb5_decrypt to reality 273172445Sassar 273272445SassarMon Jul 7 02:46:31 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 273372445Sassar 273472445Sassar * lib/krb5/encrypt.c: Implement as a vector of function pointers. 273572445Sassar 273672445Sassar * lib/krb5/{decrypt,encrypt}.c: Implement des-cbc-crc, and 273772445Sassar des-cbc-md5 in separate functions. 273872445Sassar 273972445Sassar * lib/krb5/krb5.h: Add more checksum and encryption types. 274072445Sassar 274172445Sassar * lib/krb5/krb5_locl.h: Add etype to krb5_decrypt. 274272445Sassar 274372445SassarSun Jul 6 23:02:59 1997 Assar Westerlund <assar@sics.se> 274472445Sassar 274572445Sassar * lib/krb5/[gs]et_default_realm.c, kuserok.c: new files 274672445Sassar 274772445Sassar * lib/krb5/config_file.[ch]: new c-based configuration reading 274872445Sassar stuff 274972445Sassar 275072445SassarWed Jul 2 23:12:56 1997 Assar Westerlund <assar@sics.se> 275172445Sassar 275272445Sassar * configure.in: Set WFLAGS if using gcc 275372445Sassar 275472445SassarWed Jul 2 17:47:03 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 275572445Sassar 275672445Sassar * lib/asn1/der_put.c (der_put_int): Return size correctly. 275772445Sassar 275872445Sassar * admin/ank.c: Be compatible with the asn1 principal format. 275972445Sassar 276072445SassarWed Jul 1 23:52:20 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 276172445Sassar 276272445Sassar * lib/asn1: Now all decode_* and encode_* functions now take a 276372445Sassar final size_t* argument, that they return the size in. Return 276472445Sassar values are zero for success, and anything else (such as some 276572445Sassar ASN1_* constant) for error. 276672445Sassar 276772445SassarMon Jun 30 06:08:14 1997 Assar Westerlund <assar@sics.se> 276872445Sassar 276972445Sassar * lib/krb5/keytab.c (krb5_kt_add_entry): change open mode to 277072445Sassar O_WRONLY | O_APPEND 277172445Sassar 277272445Sassar * lib/krb5/get_cred.c: removed stale prototype for 277372445Sassar `extract_ticket' and corrected call. 277472445Sassar 277572445Sassar * lib/asn1/gen_length.c (length_type): Make the length functions 277672445Sassar for SequenceOf non-destructive 277772445Sassar 277872445Sassar * admin/ank.c (doit): Fix reading of `y/n'. 277972445Sassar 278072445SassarMon Jun 16 05:41:43 1997 Assar Westerlund <assar@sics.se> 278172445Sassar 278272445Sassar * lib/gssapi/wrap.c, unwrap.c: do encrypt and add sequence number 278372445Sassar 278472445Sassar * lib/gssapi/get_mic.c, verify_mic.c: Add sequence number. 278572445Sassar 278672445Sassar * lib/gssapi/accept_sec_context.c (gss_accept_sec_context): Set 278772445Sassar KRB5_AUTH_CONTEXT_DO_SEQUENCE. Verify 8003 checksum. 278872445Sassar 278972445Sassar * lib/gssapi/8003.c: New file. 279072445Sassar 279172445Sassar * lib/krb/krb5.h: Define a `krb_authenticator' as an ASN.1 279272445Sassar Authenticator. 279372445Sassar 279472445Sassar * lib/krb5/auth_context.c: New functions 279572445Sassar `krb5_auth_setlocalseqnumber' and `krb5_auth_setremoteseqnumber' 279672445Sassar 279772445SassarTue Jun 10 00:35:54 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 279872445Sassar 279972445Sassar * lib/krb5: Preapre for use of some asn1-types. 280072445Sassar 280172445Sassar * lib/asn1/*.c (copy_*): Constness. 280272445Sassar 280372445Sassar * lib/krb5/krb5.h: Include asn1.h; krb5_data is now an 280472445Sassar octet_string. 280572445Sassar 280672445Sassar * lib/asn1/der*,gen.c: krb5_data -> octet_string, char * -> 280772445Sassar general_string 280872445Sassar 280972445Sassar * lib/asn1/libasn1.h: Moved stuff from asn1_locl.h that doesn't 281072445Sassar have anything to do with asn1_compile. 281172445Sassar 281272445Sassar * lib/asn1/asn1_locl.h: Remove der.h. Add some prototypes. 281372445Sassar 281472445SassarSun Jun 8 03:51:55 1997 Assar Westerlund <assar@sics.se> 281572445Sassar 281672445Sassar * kdc/kerberos5.c: Fix PA-ENC-TS-ENC 281772445Sassar 281872445Sassar * kdc/connect.c(process_request): Set `new' 281972445Sassar 282072445Sassar * lib/krb5/get_in_tkt.c: Do PA-ENC-TS-ENC the correct way. 282172445Sassar 282272445Sassar * lib: Added editline,sl,roken. 282372445Sassar 282472445SassarMon Jun 2 00:37:48 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 282572445Sassar 282672445Sassar * lib/krb5/fcache.c: Move file cache from cache.c. 282772445Sassar 282872445Sassar * lib/krb5/cache.c: Allow more than one cache type. 282972445Sassar 283072445SassarSun Jun 1 23:45:33 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 283172445Sassar 283272445Sassar * admin/extkeytab.c: Merged with kdb_edit. 283372445Sassar 283472445SassarSun Jun 1 23:23:08 1997 Assar Westerlund <assar@sics.se> 283572445Sassar 283672445Sassar * kdc/kdc.c: more support for ENC-TS-ENC 283772445Sassar 283872445Sassar * lib/krb5/get_in_tkt.c: redone to enable pre-authentication 283972445Sassar 284072445SassarSun Jun 1 22:45:11 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 284172445Sassar 284272445Sassar * lib/hdb/db.c: Merge fetch and store. 284372445Sassar 284472445Sassar * admin: Merge to one program. 284572445Sassar 284672445Sassar * lib/krb5/str2key.c: Fill in keytype and length. 284772445Sassar 284872445SassarSun Jun 1 16:31:23 1997 Assar Westerlund <assar@sics.se> 284972445Sassar 285072445Sassar * lib/krb5/rd_safe.c, lib/krb5/rd_priv.c, lib/krb5/mk_rep.c, 285172445Sassar lib/krb5/mk_priv.c, lib/krb5/build_auth.c: Some support for 285272445Sassar KRB5_AUTH_CONTEXT_DO_SEQUENCE 285372445Sassar 285472445Sassar * lib/krb5/get_in_tkt.c (get_in_tkt): be prepared to parse an 285572445Sassar KRB_ERROR. Some support for PA_ENC_TS_ENC. 285672445Sassar 285772445Sassar * lib/krb5/auth_context.c: implemented seq_number functions 285872445Sassar 285972445Sassar * lib/krb5/generate_subkey.c, generate_seq_number.c: new files 286072445Sassar 286172445Sassar * lib/gssapi/gssapi.h: avoid including <krb5.h> 286272445Sassar 286372445Sassar * lib/asn1/Makefile.am: SUFFIXES as a variable to make automake 286472445Sassar happy 286572445Sassar 286672445Sassar * kdc/kdc.c: preliminary PREAUTH_ENC_TIMESTAMP 286772445Sassar 286872445Sassar * configure.in: adapted to automake 1.1p 286972445Sassar 287072445SassarMon May 26 22:26:21 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 287172445Sassar 287272445Sassar * lib/krb5/principal.c: Add contexts to many functions. 287372445Sassar 287472445SassarThu May 15 20:25:37 1997 Johan Danielsson <joda@emma.pdc.kth.se> 287572445Sassar 287672445Sassar * lib/krb5/verify_user.c: First stab at a verify user. 287772445Sassar 287872445Sassar * lib/auth/sia/sia5.c: SIA module for Kerberos 5. 287972445Sassar 288072445SassarMon Apr 14 00:09:03 1997 Assar Westerlund <assar@sics.se> 288172445Sassar 288272445Sassar * lib/gssapi: Enough of a gssapi-over-krb5 implementation to be 288372445Sassar able to (mostly) run gss-client and gss-server. 288472445Sassar 288572445Sassar * lib/krb5/keytab.c: implemented krb5_kt_add_entry, 288672445Sassar krb5_kt_store_principal, krb5_kt_store_keyblock 288772445Sassar 288872445Sassar * lib/des/md5.[ch], sha.[ch]: new files 288972445Sassar 289072445Sassar * lib/asn1/der_get.c (generalizedtime2time): use `timegm' 289172445Sassar 289272445Sassar * lib/asn1/timegm.c: new file 289372445Sassar 289472445Sassar * admin/extkeytab.c: new program 289572445Sassar 289672445Sassar * admin/admin_locl.h: new file 289772445Sassar 289872445Sassar * admin/Makefile.am: Added extkeytab 289972445Sassar 290072445Sassar * configure.in: moved config to include 290172445Sassar removed timezone garbage 290272445Sassar added lib/gssapi and admin 290372445Sassar 290472445Sassar * Makefile.am: Added admin 290572445Sassar 290672445SassarMon Mar 17 11:34:05 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 290772445Sassar 290872445Sassar * kdc/kdc.c: Use new copying functions, and free some data. 290972445Sassar 291072445Sassar * lib/asn1/Makefile.am: Try to not always rebuild generated files. 291172445Sassar 291272445Sassar * lib/asn1/der_put.c: Add fix_dce(). 291372445Sassar 291472445Sassar * lib/asn1/der_{get,length,put}.c: Fix include files. 291572445Sassar 291672445Sassar * lib/asn1/der_free.c: Remove unused functions. 291772445Sassar 291872445Sassar * lib/asn1/gen.c: Split into gen_encode, gen_decode, gen_free, 291972445Sassar gen_length, and gen_copy. 292072445Sassar 292172445SassarSun Mar 16 18:13:52 1997 Assar Westerlund <assar@sics.se> 292272445Sassar 292372445Sassar * lib/krb5/sendauth.c: implemented functionality 292472445Sassar 292572445Sassar * lib/krb5/rd_rep.c: Use `krb5_decrypt' 292672445Sassar 292772445Sassar * lib/krb5/cache.c (krb5_cc_get_name): return default if `id' == 292872445Sassar NULL 292972445Sassar 293072445Sassar * lib/krb5/principal.c (krb5_free_principal): added `context' 293172445Sassar argument. Changed all callers. 293272445Sassar 293372445Sassar (krb5_sname_to_principal): new function 293472445Sassar 293572445Sassar * lib/krb5/auth_context.c (krb5_free_authenticator): add `context' 293672445Sassar argument. Changed all callers 293772445Sassar 293872445Sassar * lib/krb5/{net_write.c,net_read.c,recvauth.c}: new files 293972445Sassar 294072445Sassar * lib/asn1/gen.c: Fix encoding and decoding of BitStrings 294172445Sassar 294272445SassarFri Mar 14 11:29:00 1997 Assar Westerlund <assar@sics.se> 294372445Sassar 294472445Sassar * configure.in: look for *dbm? 294572445Sassar 294672445Sassar * lib/asn1/gen.c: Fix filename in generated files. Check fopens. 294772445Sassar Put trailing newline in asn1_files. 294872445Sassar 294972445SassarFri Mar 14 05:06:44 1997 Johan Danielsson <joda@emma.pdc.kth.se> 295072445Sassar 295172445Sassar * lib/krb5/get_in_tkt.c: Fix some memory leaks. 295272445Sassar 295372445Sassar * lib/krb5/krbhst.c: Properly free hostlist. 295472445Sassar 295572445Sassar * lib/krb5/decrypt.c: CRCs are 32 bits. 295672445Sassar 295772445SassarFri Mar 14 04:39:15 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 295872445Sassar 295972445Sassar * lib/asn1/gen.c: Generate one file for each type. 296072445Sassar 296172445SassarFri Mar 14 04:13:47 1997 Assar Westerlund <assar@sics.se> 296272445Sassar 296372445Sassar * lib/asn1/gen.c: Generate `length_FOO' functions 296472445Sassar 296572445Sassar * lib/asn1/der_length.c: new file 296672445Sassar 296772445Sassar * kuser/klist.c: renamed stime -> printable_time to avoid conflict 296872445Sassar on HP/UX 296972445Sassar 297072445SassarFri Mar 14 03:37:23 1997 Johan Danielsson <joda@emma.pdc.kth.se> 297172445Sassar 297272445Sassar * lib/hdb/ndbm.c: Return NOENTRY if fetch fails. Don't free 297372445Sassar datums. Don't add .db to filename. 297472445Sassar 297572445SassarFri Mar 14 02:49:51 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 297672445Sassar 297772445Sassar * kdc/dump.c: Database dump program. 297872445Sassar 297972445Sassar * kdc/ank.c: Trivial database editing program. 298072445Sassar 298172445Sassar * kdc/{kdc.c, load.c}: Use libhdb. 298272445Sassar 298372445Sassar * lib/hdb: New database routine library. 298472445Sassar 298572445Sassar * lib/krb5/error/Makefile.am: Add hdb_err. 298672445Sassar 298772445SassarWed Mar 12 17:41:14 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 298872445Sassar 298972445Sassar * kdc/kdc.c: Rewritten AS, and somewhat more working TGS support. 299072445Sassar 299172445Sassar * lib/asn1/gen.c: Generate free functions. 299272445Sassar 299372445Sassar * Some specific free functions. 299472445Sassar 299572445SassarWed Mar 12 12:30:13 1997 Assar Westerlund <assar@sics.se> 299672445Sassar 299772445Sassar * lib/krb5/krb5_mk_req_ext.c: new file 299872445Sassar 299972445Sassar * lib/asn1/gen.c: optimize the case with a simple type 300072445Sassar 300172445Sassar * lib/krb5/get_cred.c (krb5_get_credentials): Use 300272445Sassar `mk_req_extended' and remove old code. 300372445Sassar 300472445Sassar * lib/krb5/get_in_tkt.c (decrypt_tkt): First try with an 300572445Sassar EncASRepPart, then with an EncTGSRepPart. 300672445Sassar 300772445SassarWed Mar 12 08:26:04 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 300872445Sassar 300972445Sassar * lib/krb5/store_emem.c: New resizable memory storage. 301072445Sassar 301172445Sassar * lib/krb5/{store.c, store_fd.c, store_mem.c}: Split of store.c 301272445Sassar 301372445Sassar * lib/krb5/krb5.h: Add free entry to krb5_storage. 301472445Sassar 301572445Sassar * lib/krb5/decrypt.c: Make keyblock const. 301672445Sassar 301772445SassarTue Mar 11 20:22:17 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 301872445Sassar 301972445Sassar * lib/krb5/krb5.h: Add EncTicketPart to krb5_ticket. 302072445Sassar 302172445Sassar * lib/krb5/rd_req.c: Return whole asn.1 ticket in 302272445Sassar krb5_ticket->tkt. 302372445Sassar 302472445Sassar * lib/krb5/get_in_tkt.c: TGS -> AS 302572445Sassar 302672445Sassar * kuser/kfoo.c: Print error string rather than number. 302772445Sassar 302872445Sassar * kdc/kdc.c: Some kind of non-working TGS support. 302972445Sassar 303072445SassarMon Mar 10 01:43:22 1997 Assar Westerlund <assar@sics.se> 303172445Sassar 303272445Sassar * lib/asn1/gen.c: reduced generated code by 1/5 303372445Sassar 303472445Sassar * lib/asn1/der_put.c: (der_put_length_and_tag): new function 303572445Sassar 303672445Sassar * lib/asn1/der_get.c (der_match_tag_and_length): new function 303772445Sassar 303872445Sassar * lib/asn1/der.h: added prototypes 303972445Sassar 304072445SassarMon Mar 10 01:15:43 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 304172445Sassar 304272445Sassar * lib/krb5/krb5.h: Include <asn1_err.h>. Add prototype for 304372445Sassar krb5_rd_req_with_keyblock. 304472445Sassar 304572445Sassar * lib/krb5/rd_req.c: Add function krb5_rd_req_with_keyblock that 304672445Sassar takes a precomputed keyblock. 304772445Sassar 304872445Sassar * lib/krb5/get_cred.c: Use krb5_mk_req rather than inlined code. 304972445Sassar 305072445Sassar * lib/krb5/mk_req.c: Calculate checksum of in_data. 305172445Sassar 305272445SassarSun Mar 9 21:17:58 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 305372445Sassar 305472445Sassar * lib/krb5/error/compile_et.awk: Add a declaration of struct 305572445Sassar error_list, and multiple inclusion block to header files. 305672445Sassar 305772445SassarSun Mar 9 21:01:12 1997 Assar Westerlund <assar@sics.se> 305872445Sassar 305972445Sassar * lib/krb5/rd_req.c: do some checks on times 306072445Sassar 306172445Sassar * lib/krb/{mk_priv.c, rd_priv.c, sendauth.c, decrypt.c, 306272445Sassar address.c}: new files 306372445Sassar 306472445Sassar * lib/krb5/auth_context.c: more code 306572445Sassar 306672445Sassar * configure.in: try to figure out timezone 306772445Sassar 306872445SassarSat Mar 8 11:41:07 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 306972445Sassar 307072445Sassar * lib/krb5/error/error.c: Try strerror if error code wasn't found. 307172445Sassar 307272445Sassar * lib/krb5/get_in_tkt.c: Remove realm parameter from 307372445Sassar krb5_get_salt. 307472445Sassar 307572445Sassar * lib/krb5/context.c: Initialize error table. 307672445Sassar 307772445Sassar * kdc: The beginnings of a kdc. 307872445Sassar 307972445SassarSat Mar 8 08:16:28 1997 Assar Westerlund <assar@sics.se> 308072445Sassar 308172445Sassar * lib/krb5/rd_safe.c: new file 308272445Sassar 308372445Sassar * lib/krb5/checksum.c (krb5_verify_checksum): New function 308472445Sassar 308572445Sassar * lib/krb5/get_cred.c: use krb5_create_checksum 308672445Sassar 308772445Sassar * lib/krb5/checksum.c: new file 308872445Sassar 308972445Sassar * lib/krb5/store.c: no more arithmetic with void* 309072445Sassar 309172445Sassar * lib/krb5/cache.c: now seems to work again 309272445Sassar 309372445SassarSat Mar 8 06:58:09 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 309472445Sassar 309572445Sassar * lib/krb5/Makefile.am: Add asn1_glue.c and error/*.c to libkrb5. 309672445Sassar 309772445Sassar * lib/krb5/get_in_tkt.c: Moved some functions to asn1_glue.c. 309872445Sassar 309972445Sassar * lib/krb5/asn1_glue.c: Moved some asn1-stuff here. 310072445Sassar 310172445Sassar * lib/krb5/{cache,keytab}.c: Use new storage functions. 310272445Sassar 310372445Sassar * lib/krb5/krb5.h: Protypes for new storage functions. 310472445Sassar 310572445Sassar * lib/krb5/krb5.h: Make krb5_{ret,store}_* functions able to write 310672445Sassar data to more than file descriptors. 310772445Sassar 310872445SassarSat Mar 8 01:01:17 1997 Assar Westerlund <assar@sics.se> 310972445Sassar 311072445Sassar * lib/krb5/encrypt.c: New file. 311172445Sassar 311272445Sassar * lib/krb5/Makefile.am: More -I 311372445Sassar 311472445Sassar * configure.in: Test for big endian, random, rand, setitimer 311572445Sassar 311672445Sassar * lib/asn1/gen.c: perhaps even decodes bitstrings 311772445Sassar 311872445SassarThu Mar 6 19:05:29 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 311972445Sassar 312072445Sassar * lib/krb5/config_file.y: Better return values on error. 312172445Sassar 312272445SassarSat Feb 8 15:59:56 1997 Assar Westerlund <assar@pdc.kth.se> 312372445Sassar 312472445Sassar * lib/asn1/parse.y: ifdef HAVE_STRDUP 312572445Sassar 312672445Sassar * lib/asn1/lex.l: ifdef strdup 312772445Sassar brange-dead version of list of special characters to make stupid 312872445Sassar lex accept it. 312972445Sassar 313072445Sassar * lib/asn1/gen.c: A DER integer should really be a `unsigned' 313172445Sassar 313272445Sassar * lib/asn1/der_put.c: A DER integer should really be a `unsigned' 313372445Sassar 313472445Sassar * lib/asn1/der_get.c: A DER integer should really be a `unsigned' 313572445Sassar 313672445Sassar * lib/krb5/error/Makefile.am: It seems "$(SHELL) ./compile_et" is 313772445Sassar needed. 313872445Sassar 313972445Sassar * lib/krb/mk_rep.c, lib/krb/rd_req.c, lib/krb/store.c, 314072445Sassar lib/krb/store.h: new files. 314172445Sassar 314272445Sassar * lib/krb5/keytab.c: now even with some functionality. 314372445Sassar 314472445Sassar * lib/asn1/gen.c: changed paramater from void * to Foo * 314572445Sassar 314672445Sassar * lib/asn1/der_get.c (der_get_octet_string): Fixed bug with empty 314772445Sassar string. 314872445Sassar 314972445SassarSun Jan 19 06:17:39 1997 Assar Westerlund <assar@pdc.kth.se> 315072445Sassar 315172445Sassar * lib/krb5/get_cred.c (krb5_get_credentials): Check for creds in 315272445Sassar cc before getting new ones. 315372445Sassar 315472445Sassar * lib/krb5/krb5.h (krb5_free_keyblock): Fix prototype. 315572445Sassar 315672445Sassar * lib/krb5/build_auth.c (krb5_build_authenticator): It seems the 315772445Sassar CRC should be stored LSW first. (?) 315872445Sassar 315972445Sassar * lib/krb5/auth_context.c: Implement `krb5_auth_con_getkey' and 316072445Sassar `krb5_free_keyblock' 316172445Sassar 316272445Sassar * lib/**/Makefile.am: Rename foo libfoo.a 316372445Sassar 316472445Sassar * include/Makefile.in: Use test instead of [ 316572445Sassar -e does not work with /bin/sh on psoriasis 316672445Sassar 316772445Sassar * configure.in: Search for awk 316872445Sassar create lib/krb/error/compile_et 316972445Sassar 317072445SassarTue Jan 14 03:46:26 1997 Assar Westerlund <assar@pdc.kth.se> 317172445Sassar 317272445Sassar * lib/krb5/Makefile.am: replaced mit-crc.c by crc.c 317372445Sassar 317472445SassarWed Dec 18 00:53:55 1996 Johan Danielsson <joda@emma.pdc.kth.se> 317572445Sassar 317672445Sassar * kuser/kinit.c: Guess principal. 317772445Sassar 317872445Sassar * lib/krb5/error/compile_et.awk: Don't include krb5.h. Fix some 317972445Sassar warnings. 318072445Sassar 318172445Sassar * lib/krb5/error/asn1_err.et: Add ASN.1 error messages. 318272445Sassar 318372445Sassar * lib/krb5/mk_req.c: Get client from cache. 318472445Sassar 318572445Sassar * lib/krb5/cache.c: Add better error checking some useful return 318672445Sassar values. 318772445Sassar 318872445Sassar * lib/krb5/krb5.h: Fix krb5_auth_context. 318972445Sassar 319072445Sassar * lib/asn1/der.h: Make krb5_data compatible with krb5.h 319172445Sassar 319272445SassarTue Dec 17 01:32:36 1996 Johan Danielsson <joda@emma.pdc.kth.se> 319372445Sassar 319472445Sassar * lib/krb5/error: Add primitive error library. 319572445Sassar 319672445SassarMon Dec 16 16:30:20 1996 Johan Danielsson <joda@emma.pdc.kth.se> 319772445Sassar 319872445Sassar * lib/krb5/cache.c: Get correct address type from cache. 319972445Sassar 320072445Sassar * lib/krb5/krb5.h: Change int16 to int to be compatible with asn1. 320172445Sassar 3202