727 lines
21 KiB
Plaintext
727 lines
21 KiB
Plaintext
|
2002-12-19 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/mk_rep.c: free allocated storage; reported by Howard
|
|||
|
Chu
|
|||
|
|
|||
|
2002-12-08 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kdc/kdc_locl.h: remove old encrypt_v4_ticket prototype
|
|||
|
|
|||
|
2002-12-02 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kpasswd/kpasswdd.c (doit): initialise sa_size to size of
|
|||
|
sockaddr_storage
|
|||
|
|
|||
|
* kdc/connect.c (init_socket): initialise sa_size to size of
|
|||
|
sockaddr_storage
|
|||
|
|
|||
|
2002-11-15 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/krb5.h: remove trailing comma in enum
|
|||
|
|
|||
|
2002-11-07 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kdc/524.c: implement crude b2 style (non-)conversion for use
|
|||
|
with afs
|
|||
|
|
|||
|
* kdc/kerberos4.c: move encrypt_v4_ticket to 524.c, since that's
|
|||
|
where it's used
|
|||
|
|
|||
|
2002-10-21 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/keytab_keyfile.c: more strcspn
|
|||
|
|
|||
|
* lib/krb5/store_emem.c (emem_store): limit how much we allocate
|
|||
|
(from Olaf Kirch)
|
|||
|
|
|||
|
* lib/krb5/principal.c: don't allow trailing backslashes in
|
|||
|
components
|
|||
|
|
|||
|
* kdc/connect.c: check that %-quotes are followed by two hex
|
|||
|
digits
|
|||
|
|
|||
|
* lib/krb5/keytab_any.c: properly close the open keytabs (from
|
|||
|
Larry Greenfield)
|
|||
|
|
|||
|
* kdc/kaserver.c: make sure life is positive (from John Godehn)
|
|||
|
|
|||
|
2002-10-17 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kuser/klist.c (display_tokens): allow tokens up to size of
|
|||
|
buffer (from Magnus Holmberg)
|
|||
|
|
|||
|
2002-09-29 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/changepw.c (process_reply): fix reply length check
|
|||
|
calculation (reported by various people)
|
|||
|
|
|||
|
2002-09-24 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/keytab_file.c (fkt_remove_entry): check return value
|
|||
|
from start_seq_get (from Wynn Wilkes)
|
|||
|
|
|||
|
2002-09-19 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/context.c (krb5_set_config_files): return ENXIO instead
|
|||
|
of ENOENT when "unconfigured"
|
|||
|
|
|||
|
2002-09-16 Jacques Vidrine <nectar@kth.se>
|
|||
|
|
|||
|
* lib/krb5/kuserok.c, lib/krb5/prompter_posix.c: use strcspn
|
|||
|
to convert the newline to NUL in fgets results.
|
|||
|
|
|||
|
2002-09-13 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kuser/kinit.1: remove unneeded Ns
|
|||
|
|
|||
|
* lib/krb5/krb5_appdefault.3: remove extra "application"
|
|||
|
|
|||
|
* fix-export: remove autom4ate.cache
|
|||
|
|
|||
|
2002-09-10 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* include/make_crypto.c: don't use function macros if possible
|
|||
|
|
|||
|
* lib/krb5/krb5_locl.h: get limits.h for UINT_MAX
|
|||
|
|
|||
|
* include/Makefile.am: use make_crypto to create crypto-headers.h
|
|||
|
|
|||
|
* include/make_crypto.c: crypto header generation tool
|
|||
|
|
|||
|
* configure.in: move crypto test to just after testing for krb4,
|
|||
|
and move roken tests to after both, this speeds up various failure
|
|||
|
cases with krb4
|
|||
|
|
|||
|
* lib/krb5/config_file.c: don't use NULL when we mean 0
|
|||
|
|
|||
|
* configure.in: we don't set package_libdir anymore, so no point
|
|||
|
in testing for it
|
|||
|
|
|||
|
* tools/Makefile.am: subst INCLUDE_des
|
|||
|
|
|||
|
* tools/krb5-config.in: add INCLUDE_des to cflags
|
|||
|
|
|||
|
* configure.in: use AC_CONFIG_SRCDIR
|
|||
|
|
|||
|
* fix-export: remove some unneeded stuff
|
|||
|
|
|||
|
* kuser/kinit.c (do_524init): free principals
|
|||
|
|
|||
|
2002-09-09 Jacques Vidrine <nectar@kth.se>
|
|||
|
|
|||
|
* kdc/kerberos5.c (get_pa_etype_info, fix_transited_encoding),
|
|||
|
kdc/kaserver.c (krb5_ret_xdr_data),
|
|||
|
lib/krb5/transited.c (krb5_domain_x500_decode): Validate some
|
|||
|
counts: Check that they are non-negative, and that they are small
|
|||
|
enough to avoid integer overflow when used in memory allocation
|
|||
|
calculations. Potential problem areas pointed out by
|
|||
|
Sebastian Krahmer <krahmer@suse.de>.
|
|||
|
|
|||
|
* lib/krb5/keytab_keyfile.c (akf_add_entry): Use O_EXCL when
|
|||
|
creating a new keyfile.
|
|||
|
|
|||
|
2002-09-09 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* configure.in: don't try to build pam module
|
|||
|
|
|||
|
2002-09-05 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* appl/kf/kf.c: fix warning string
|
|||
|
|
|||
|
* lib/krb5/log.c (krb5_vlog_msg): delay message formating till we
|
|||
|
know we need it
|
|||
|
|
|||
|
2002-09-04 Assar Westerlund <assar@kth.se>
|
|||
|
|
|||
|
* kdc/kerberos5.c (encode_reply): correct error logging
|
|||
|
|
|||
|
2002-09-04 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/sendauth.c: close ccache if we opened it
|
|||
|
|
|||
|
* appl/kf/kf.c: handle new protocol
|
|||
|
|
|||
|
* appl/kf/kfd.c: use krb5_err instead of sysloging directly,
|
|||
|
handle the new protocol, and bail out if an old client tries to
|
|||
|
connect
|
|||
|
|
|||
|
* appl/kf/kf_locl.h: we need a protocol version string
|
|||
|
|
|||
|
* lib/hdb/hdb-ldap.c: use ASN1_MALLOC_ENCODE
|
|||
|
|
|||
|
* kdc/kerberos5.c: use ASN1_MALLOC_ENCODE
|
|||
|
|
|||
|
* kdc/hprop.c: set AP_OPTS_USE_SUBKEY
|
|||
|
|
|||
|
* lib/hdb/common.c: use ASN1_MALLOC_ENCODE
|
|||
|
|
|||
|
* lib/asn1/gen.c: add convenience macro that allocates a buffer
|
|||
|
and encoded into that
|
|||
|
|
|||
|
* lib/krb5/get_cred.c (init_tgs_req): use
|
|||
|
in_creds->session.keytype literally instead of trying to convert
|
|||
|
to a list of enctypes (it should already be an enctype)
|
|||
|
|
|||
|
* lib/krb5/get_cred.c (init_tgs_req): init ret
|
|||
|
|
|||
|
2002-09-03 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/asn1/k5.asn1: remove ETYPE_DES3_CBC_NONE_IVEC
|
|||
|
|
|||
|
* lib/krb5/krb5.h: remove ENCTYPE_DES3_CBC_NONE_IVEC
|
|||
|
|
|||
|
* lib/krb5/crypto.c: get rid of DES3_CBC_encrypt_ivec, just use
|
|||
|
zero ivec in DES3_CBC_encrypt if passed ivec is NULL
|
|||
|
|
|||
|
* lib/krb5/Makefile.am: back out 1.144, since it will re-create
|
|||
|
krb5-protos.h at build-time, which requires perl, which is bad
|
|||
|
|
|||
|
* lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): don't
|
|||
|
blindly use the local subkey
|
|||
|
|
|||
|
* lib/krb5/crypto.c: add function krb5_crypto_getblocksize that
|
|||
|
extracts the required blocksize from a crypto context
|
|||
|
|
|||
|
* lib/krb5/build_auth.c: just get the length of the encoded
|
|||
|
authenticator instead of trying to grow a buffer
|
|||
|
|
|||
|
2002-09-03 Assar Westerlund <assar@kth.se>
|
|||
|
|
|||
|
* configure.in: add --disable-mmap option, and tests for
|
|||
|
sys/mman.h and mmap
|
|||
|
|
|||
|
2002-09-03 Jacques Vidrine <nectar@kth.se>
|
|||
|
|
|||
|
* lib/krb5/changepw.c: verify lengths in response
|
|||
|
|
|||
|
* lib/asn1/der_get.c (decode_integer, decode_unsigned): check for
|
|||
|
truncated integers
|
|||
|
|
|||
|
2002-09-02 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/mk_req_ext.c: generate a local subkey if
|
|||
|
AP_OPTS_USE_SUBKEY is set
|
|||
|
|
|||
|
* lib/krb5/build_auth.c: we don't have enough information about
|
|||
|
whether to generate a local subkey here, so don't try to
|
|||
|
|
|||
|
* lib/krb5/auth_context.c: new function
|
|||
|
krb5_auth_con_generatelocalsubkey
|
|||
|
|
|||
|
* lib/krb5/get_in_tkt.c: only set kdc_sec_offset if looking at an
|
|||
|
initial ticket
|
|||
|
|
|||
|
* lib/krb5/context.c (init_context_from_config_file): simplify
|
|||
|
initialisation of srv_lookup
|
|||
|
|
|||
|
* lib/krb5/changepw.c (send_request): set AP_OPTS_USE_SUBKEY
|
|||
|
|
|||
|
* lib/krb5/krb5.h: add AP_OPTS_USE_SUBKEY
|
|||
|
|
|||
|
2002-08-30 Assar Westerlund <assar@kth.se>
|
|||
|
|
|||
|
* lib/krb5/name-45-test.c: also test krb5_524_conv_principal
|
|||
|
* lib/krb5/Makefile.am (TESTS): add name-45-test
|
|||
|
* lib/krb5/name-45-test.c: add testcases for
|
|||
|
krb5_425_conv_principal
|
|||
|
|
|||
|
2002-08-29 Assar Westerlund <assar@kth.se>
|
|||
|
|
|||
|
* lib/krb5/parse-name-test.c: also test unparse_short functions
|
|||
|
* lib/asn1/asn1_print.c: use com_err/error_message API
|
|||
|
* lib/krb5/Makefile.am: add parse-name-test
|
|||
|
* lib/krb5/parse-name-test.c: add a program for testing parsing
|
|||
|
and unparsing principal names
|
|||
|
|
|||
|
2002-08-28 Assar Westerlund <assar@kth.se>
|
|||
|
|
|||
|
* kdc/config.c: add missing ifdef DAEMON
|
|||
|
|
|||
|
2002-08-28 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* configure.in: use rk_SUNOS
|
|||
|
|
|||
|
* kdc/config.c: add detach options
|
|||
|
|
|||
|
* kdc/main.c: maybe detach from console?
|
|||
|
|
|||
|
* kdc/kdc.8: markup changes
|
|||
|
|
|||
|
* configure.in: AC_TEST_PACKAGE_NEW -> rk_TEST_PACKAGE
|
|||
|
|
|||
|
* configure.in: use rk_TELNET, rename some other macros, and don't
|
|||
|
add -ldes to krb4 link command
|
|||
|
|
|||
|
* kuser/kinit.1: whitespace fix (from NetBSD)
|
|||
|
|
|||
|
* include/bits.c: we may need unistd.h for ssize_t
|
|||
|
|
|||
|
2002-08-26 Assar Westerlund <assar@kth.se>
|
|||
|
|
|||
|
* lib/krb5/principal.c (krb5_425_conv_principal_ext): lookup AAAA
|
|||
|
rrs before A ones when using the resolver to verify a mapping,
|
|||
|
also use getaddrinfo when resolver is not available
|
|||
|
|
|||
|
* lib/hdb/keytab.c (find_db): const-correctness in parameters to
|
|||
|
krb5_config_get_next
|
|||
|
|
|||
|
* lib/asn1/gen.c: include <string.h> in the generated files (for
|
|||
|
memset)
|
|||
|
|
|||
|
2002-08-22 Assar Westerlund <assar@kth.se>
|
|||
|
|
|||
|
* lib/krb5/test_get_addrs.c, lib/krb5/krbhst-test.c: make it use
|
|||
|
getarg so that it can handle --help and --version (and thus make
|
|||
|
check can pass)
|
|||
|
|
|||
|
* lib/asn1/check-der.c: make this build again
|
|||
|
|
|||
|
2002-08-22 Assar Westerlund <assar@kth.se>
|
|||
|
|
|||
|
* lib/asn1/der_get.c (der_get_int): handle len == 0. based on a
|
|||
|
patch from Love <lha@stacken.kth.se>
|
|||
|
|
|||
|
2002-08-22 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/krb5.h: we seem to call KRB5KDC_ERR_KEY_EXP
|
|||
|
KRB5KDC_ERR_KEY_EXPIRED, so define the former to the latter
|
|||
|
|
|||
|
* kdc/kdc.8: add blurb about adding and removing addresses; update
|
|||
|
kdc.conf section to match reality
|
|||
|
|
|||
|
* configure.in: KRB_SENDAUTH_VLEN seems to always have existed, so
|
|||
|
don't define it
|
|||
|
|
|||
|
2002-08-21 Assar Westerlund <assar@kth.se>
|
|||
|
|
|||
|
* lib/asn1/asn1_print.c: print OIDs too, based on a patch from
|
|||
|
Love <lha@stacken.kth.se>
|
|||
|
|
|||
|
2002-08-21 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kuser/kinit.c (do_v4_fallback): don't use krb_get_pw_in_tkt2
|
|||
|
since it might not exist, and we don't actually care about the key
|
|||
|
|
|||
|
2002-08-20 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/krb5.conf.5: correct documentation for
|
|||
|
verify_ap_req_nofail
|
|||
|
|
|||
|
* lib/krb5/log.c: rename syslog_data to avoid name conflicts (from
|
|||
|
Mattias Amnefelt)
|
|||
|
|
|||
|
* kuser/klist.c (display_tokens): increase token buffer size, and
|
|||
|
add more checks of the kernel data (from Love)
|
|||
|
|
|||
|
2002-08-19 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* fix-export: use make to parse Makefile.am instead of perl
|
|||
|
|
|||
|
* configure.in: use argument-less AM_INIT_AUTOMAKE, now that it
|
|||
|
groks AC_INIT with package name etc.
|
|||
|
|
|||
|
* kpasswd/kpasswdd.c: include <kadm5/private.h>
|
|||
|
|
|||
|
* lib/asn1/asn1_print.c: include com_right.h
|
|||
|
|
|||
|
* lib/krb5/addr_families.c: socklen_t -> krb5_socklen_t
|
|||
|
|
|||
|
* include/bits.c: define krb5_socklen_t type; this should really
|
|||
|
go someplace else, but this was easy
|
|||
|
|
|||
|
* lib/krb5/verify_krb5_conf.c: don't bail out if parsing of a file
|
|||
|
fails, just warn about it
|
|||
|
|
|||
|
* kdc/log.c (kdc_openlog): no need for a config_file parameter
|
|||
|
|
|||
|
* kdc/config.c: just treat kdc.conf like any other config file
|
|||
|
|
|||
|
* lib/krb5/context.c (krb5_get_default_config_files): ignore
|
|||
|
duplicate files
|
|||
|
|
|||
|
2002-08-16 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/krb5.h: turn strings into pointers, so we can assign to
|
|||
|
them
|
|||
|
|
|||
|
* lib/krb5/constants.c: turn strings into pointers, so we can
|
|||
|
assign to them
|
|||
|
|
|||
|
* lib/krb5/get_addrs.c (get_addrs_int): initialise res if
|
|||
|
SCAN_INTERFACES is not set
|
|||
|
|
|||
|
* lib/krb5/context.c: fix various borked stuff in previous commits
|
|||
|
|
|||
|
2002-08-16 Jacques Vidrine <n@nectar.com>
|
|||
|
|
|||
|
* lib/krb5/krbhst.c (kpasswd_get_next): if we fall back to using
|
|||
|
the `admin_server' entry for kpasswd, override the `proto' result
|
|||
|
to be UDP.
|
|||
|
|
|||
|
2002-08-15 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/auth_context.c: check return value of
|
|||
|
krb5_sockaddr2address
|
|||
|
|
|||
|
* lib/krb5/addr_families.c: check return value of
|
|||
|
krb5_sockaddr2address
|
|||
|
|
|||
|
* lib/krb5/context.c: get the default keytab from KRB5_KTNAME
|
|||
|
|
|||
|
2002-08-14 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/verify_krb5_conf.c: allow parsing of more than one file
|
|||
|
|
|||
|
* lib/krb5/context.c: allow changing config files with the
|
|||
|
function krb5_set_config_files, there are also related functions
|
|||
|
krb5_get_default_config_files and krb5_free_config_files; these
|
|||
|
should work similar to their MIT counterparts
|
|||
|
|
|||
|
* lib/krb5/config_file.c: allow the use of more than one config
|
|||
|
file by using the new function krb5_config_parse_file_multi
|
|||
|
|
|||
|
2002-08-12 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* use sysconfdir instead of /etc
|
|||
|
|
|||
|
* configure.in: require autoconf 2.53; rename dpagaix_LDFLAGS etc
|
|||
|
to appease automake; force sysconfdir and localstatedir to /etc
|
|||
|
and /var/heimdal for now
|
|||
|
|
|||
|
* kdc/connect.c (addr_to_string): check return value of
|
|||
|
sockaddr2address
|
|||
|
|
|||
|
2002-08-09 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/rd_cred.c: if the remote address isn't an addrport,
|
|||
|
don't try comparing to one; this should make old clients work with
|
|||
|
new servers
|
|||
|
|
|||
|
* lib/asn1/gen_decode.c: remove unused variable
|
|||
|
|
|||
|
2002-07-31 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kdc/{kerberos5,524}.c: ENOENT -> HDB_ERR_NOENTRY (from Derrick
|
|||
|
Brashear)
|
|||
|
|
|||
|
* lib/krb5/principal.c: actually lower case the lower case
|
|||
|
instance name (spotted by Derrick Brashear)
|
|||
|
|
|||
|
2002-07-24 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* fix-export: if DATEDVERSION is set, change the version to
|
|||
|
current date
|
|||
|
|
|||
|
* configure.in: don't use AC_PROG_RANLIB, and use magic foo to set
|
|||
|
LTLIBOBJS
|
|||
|
|
|||
|
2002-07-04 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kdc/connect.c: add some cache-control-foo to the http responses
|
|||
|
(from Gombas Gabor)
|
|||
|
|
|||
|
* lib/krb5/addr_families.c (krb5_print_address): don't copy size
|
|||
|
if ret_len == NULL
|
|||
|
|
|||
|
2002-06-28 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kuser/klist.c (display_tokens): don't bail out before we get
|
|||
|
EDOM (signaling the end of the tokens), the kernel can also return
|
|||
|
ENOTCONN, meaning that the index does not exist anymore (for
|
|||
|
example if the token has expired)
|
|||
|
|
|||
|
2002-06-06 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/changepw.c: make sure we return an error if there are
|
|||
|
no changepw hosts found; from Wynn Wilkes
|
|||
|
|
|||
|
2002-05-29 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/cache.c (krb5_cc_register): break out of loop when the
|
|||
|
same type is found; spotted by Wynn Wilkes
|
|||
|
|
|||
|
2002-05-28 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/keytab_file.c: check size of entry before trying to
|
|||
|
read 32-bit kvno; also fix typo in previous
|
|||
|
|
|||
|
2002-05-24 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* include/Makefile.am: only add to INCLUDES
|
|||
|
|
|||
|
* lib/45/mk_req.c: fix for storage change
|
|||
|
|
|||
|
* lib/hdb/print.c: fix for storage change
|
|||
|
|
|||
|
2002-05-15 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kdc/kerberos5.c: don't free encrypted padata until we're really
|
|||
|
done with it
|
|||
|
|
|||
|
2002-05-07 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kdc/kerberos5.c: when decrypting pa-data, try all keys matching
|
|||
|
enctype
|
|||
|
|
|||
|
* kuser/kinit.1: document -a
|
|||
|
|
|||
|
* kuser/kinit.c: add command line switch for extra addresses
|
|||
|
|
|||
|
2002-04-30 Johan Danielsson <joda@blubb.pdc.kth.se>
|
|||
|
|
|||
|
* configure.in: remove some duplicate tests
|
|||
|
|
|||
|
* configure.in: use AC_HELP_STRING
|
|||
|
|
|||
|
2002-04-29 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/crypto.c (usage2arcfour): don't abort if the usage is
|
|||
|
unknown
|
|||
|
|
|||
|
2002-04-25 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* configure.in: use rk_DESTDIRS
|
|||
|
|
|||
|
2002-04-22 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/krb5_verify_user.3: make it clear that _lrealm modifies
|
|||
|
the principal
|
|||
|
|
|||
|
2002-04-19 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/verify_init.c: fix typo in error string
|
|||
|
|
|||
|
2002-04-18 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* acconfig.h: remove some stuff that is defined elsewhere
|
|||
|
|
|||
|
* lib/krb5/krb5_locl.h: include <sys/file.h>
|
|||
|
|
|||
|
* lib/krb5/acl.c: rename acl_string parameter
|
|||
|
|
|||
|
* lib/krb5/Makefile.am: remove __P from protos, and put parameter
|
|||
|
names in comments
|
|||
|
|
|||
|
* kuser/klist.c: better align some headers
|
|||
|
|
|||
|
* kdc/kerberos4.c: storage tweaks
|
|||
|
|
|||
|
* kdc/kaserver.c: storage tweaks
|
|||
|
|
|||
|
* kdc/524.c: storage tweaks
|
|||
|
|
|||
|
* lib/krb5/keytab_krb4.c: storage tweaks
|
|||
|
|
|||
|
* lib/krb5/keytab_keyfile.c: storage tweaks
|
|||
|
|
|||
|
* lib/krb5/keytab_file.c: storage tweaks; also try to handle zero
|
|||
|
sized keytab files
|
|||
|
|
|||
|
* lib/krb5/keytab_any.c: use KRB5_KT_END instead of KRB5_CC_END
|
|||
|
|
|||
|
* lib/krb5/fcache.c: storage tweaks
|
|||
|
|
|||
|
* lib/krb5/store_mem.c: make the krb5_storage opaque, and add
|
|||
|
function wrappers for store/fetch/seek, and also make the eof-code
|
|||
|
configurable
|
|||
|
|
|||
|
* lib/krb5/store_fd.c: make the krb5_storage opaque, and add
|
|||
|
function wrappers for store/fetch/seek, and also make the eof-code
|
|||
|
configurable
|
|||
|
|
|||
|
* lib/krb5/store_emem.c: make the krb5_storage opaque, and add
|
|||
|
function wrappers for store/fetch/seek, and also make the eof-code
|
|||
|
configurable
|
|||
|
|
|||
|
* lib/krb5/store.c: make the krb5_storage opaque, and add function
|
|||
|
wrappers for store/fetch/seek, and also make the eof-code
|
|||
|
configurable
|
|||
|
|
|||
|
* lib/krb5/store-int.h: make the krb5_storage opaque, and add
|
|||
|
function wrappers for store/fetch/seek, and also make the eof-code
|
|||
|
configurable
|
|||
|
|
|||
|
* lib/krb5/krb5.h: make the krb5_storage opaque, and add function
|
|||
|
wrappers for store/fetch/seek, and also make the eof-code
|
|||
|
configurable
|
|||
|
|
|||
|
* include/bits.c: include <sys/socket.h> to get socklen_t
|
|||
|
|
|||
|
* kdc/kerberos5.c (get_pa_etype_info): sort ETYPE-INFOs by
|
|||
|
requested KDC-REQ etypes
|
|||
|
|
|||
|
* kdc/hpropd.c: constify
|
|||
|
|
|||
|
* kdc/hprop.c: constify
|
|||
|
|
|||
|
* kdc/string2key.c: constify
|
|||
|
|
|||
|
* kdc/kdc_locl.h: make port_str const
|
|||
|
|
|||
|
* kdc/config.c: constify
|
|||
|
|
|||
|
* lib/krb5/config_file.c: constify
|
|||
|
|
|||
|
* kdc/kstash.c: constify
|
|||
|
|
|||
|
* lib/krb5/verify_user.c: remove unnecessary cast
|
|||
|
|
|||
|
* lib/krb5/recvauth.c: constify
|
|||
|
|
|||
|
* lib/krb5/principal.c (krb5_parse_name): const qualify
|
|||
|
|
|||
|
* lib/krb5/mcache.c (mcc_get_name): constify return type
|
|||
|
|
|||
|
* lib/krb5/context.c (krb5_free_context): don't try to free the
|
|||
|
ccache prefix
|
|||
|
|
|||
|
* lib/krb5/cache.c (krb5_cc_register): don't make a copy of the
|
|||
|
prefix
|
|||
|
|
|||
|
* lib/krb5/krb5.h: constify some struct members
|
|||
|
|
|||
|
* lib/krb5/log.c: constify
|
|||
|
|
|||
|
* lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): const
|
|||
|
qualify
|
|||
|
|
|||
|
* lib/krb5/get_in_tkt.c (krb5_init_etype): constify
|
|||
|
|
|||
|
* lib/krb5/crypto.c: constify some
|
|||
|
|
|||
|
* lib/krb5/config_file.c: constify
|
|||
|
|
|||
|
* lib/krb5/aname_to_localname.c (krb5_aname_to_localname):
|
|||
|
constify local variable
|
|||
|
|
|||
|
* lib/krb5/addr_families.c (ipv4_sockaddr2port): constify
|
|||
|
|
|||
|
2002-04-17 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/verify_krb5_conf.c: add some log checking
|
|||
|
|
|||
|
* lib/krb5/log.c (krb5_addlog_dest): reorganise syslog parsing
|
|||
|
|
|||
|
2002-04-16 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/crypto.c (krb5_crypto_init): check that the key size
|
|||
|
matches the expected length
|
|||
|
|
|||
|
2002-03-27 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/send_to_kdc.c: rename send parameter to send_data
|
|||
|
|
|||
|
* lib/krb5/mk_error.c: rename ctime parameter to client_time
|
|||
|
|
|||
|
2002-03-22 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kdc/kerberos5.c (find_etype): unsigned -> krb5_enctype (from
|
|||
|
Reinoud Zandijk)
|
|||
|
|
|||
|
2002-03-18 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/asn1/k5.asn1: add the GSS-API checksum type here
|
|||
|
|
|||
|
2002-03-11 Assar Westerlund <assar@sics.se>
|
|||
|
|
|||
|
* lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to
|
|||
|
18:3:1
|
|||
|
* lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 7:5:0
|
|||
|
* lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump version to 6:0:0
|
|||
|
|
|||
|
2002-03-10 Assar Westerlund <assar@sics.se>
|
|||
|
|
|||
|
* lib/krb5/rd_cred.c: handle addresses with port numbers
|
|||
|
|
|||
|
* lib/krb5/keytab_file.c, lib/krb5/keytab.c:
|
|||
|
store the kvno % 256 as the byte and the complete 32 bit kvno after
|
|||
|
the end of the current keytab entry
|
|||
|
|
|||
|
* lib/krb5/init_creds_pw.c:
|
|||
|
handle LR_PW_EXPTIME and LR_ACCT_EXPTIME in the same way
|
|||
|
|
|||
|
* lib/krb5/get_for_creds.c (krb5_get_forwarded_creds):
|
|||
|
handle ports giving for the remote address
|
|||
|
|
|||
|
* lib/krb5/get_cred.c:
|
|||
|
get a ticket with no addresses if no-addresses is set
|
|||
|
|
|||
|
* lib/krb5/crypto.c:
|
|||
|
rename functions DES_* to krb5_* to avoid colliding with modern
|
|||
|
openssl
|
|||
|
|
|||
|
* lib/krb5/addr_families.c:
|
|||
|
make all functions taking 'struct sockaddr' actually take a socklen_t
|
|||
|
instead of int and that acts as an in-out parameter (indicating the
|
|||
|
maximum length of the sockaddr to be written)
|
|||
|
|
|||
|
* kdc/kerberos4.c:
|
|||
|
make the kvno's in the krb4 universe by the real one % 256, since they
|
|||
|
cannot only be 8 bit, and the v5 ones are actually 32 bits
|
|||
|
|
|||
|
2002-02-15 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/keytab_keyfile.c (akf_add_entry): don't create the file
|
|||
|
before we need to write to it
|
|||
|
(from <20>ke Sandgren)
|
|||
|
|
|||
|
2002-02-14 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* configure.in: rk_RETSIGTYPE and rk_BROKEN_REALLOC are called via
|
|||
|
rk_ROKEN (from Gombas Gabor); find inttypes by CHECK_TYPES
|
|||
|
directly
|
|||
|
|
|||
|
* lib/krb5/rd_safe.c: actually use the correct key (from Daniel
|
|||
|
Kouril)
|
|||
|
|
|||
|
2002-02-12 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/context.c (krb5_get_err_text): protect against NULL
|
|||
|
context
|
|||
|
|
|||
|
2002-02-11 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* admin/ktutil.c: no need to use the "modify" keytab anymore
|
|||
|
|
|||
|
* lib/krb5/keytab_any.c: implement add and remove
|
|||
|
|
|||
|
* lib/krb5/keytab_krb4.c: implement add and remove
|
|||
|
|
|||
|
* lib/krb5/store_emem.c (emem_free): clear memory before freeing
|
|||
|
(this should perhaps be selectable with a flag)
|
|||
|
|
|||
|
2002-02-04 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* kdc/config.c (get_dbinfo): if there are database specifications
|
|||
|
in the config file, don't automatically try to use the default
|
|||
|
values (from Gombas Gabor)
|
|||
|
|
|||
|
* lib/krb5/log.c (krb5_closelog): don't pass pointer to pointer
|
|||
|
(from Gombas Gabor)
|
|||
|
|
|||
|
2002-01-30 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* admin/list.c: get the default keytab from krb5.conf, and list
|
|||
|
all parts of an ANY type keytab
|
|||
|
|
|||
|
* lib/krb5/context.c: default default_keytab_modify to NULL
|
|||
|
|
|||
|
* lib/krb5/keytab.c (krb5_kt_default_modify_name): if no modify
|
|||
|
name is specified take it from the first component of the default
|
|||
|
keytab name
|
|||
|
|
|||
|
2002-01-29 Johan Danielsson <joda@pdc.kth.se>
|
|||
|
|
|||
|
* lib/krb5/keytab.c: compare keytab types case insensitively
|
|||
|
|
|||
|
2002-01-07 Assar Westerlund <assar@sics.se>
|
|||
|
|
|||
|
* lib/krb5/crypto.c (create_checksum): make usage `unsigned' (it's
|
|||
|
not really a krb5_key_usage). From Ben Harris <bjh21@netbsd.org>
|
|||
|
* lib/krb5/get_in_tkt.c: use krb5_enctype consistently. From Ben
|
|||
|
Harris <bjh21@netbsd.org>
|
|||
|
* lib/krb5/crypto.c: use krb5_enctype consistently. From Ben
|
|||
|
Harris <bjh21@netbsd.org>
|
|||
|
* kdc/kerberos5.c: use krb5_enctype consistently. From Ben Harris
|
|||
|
<bjh21@netbsd.org>
|