NetBSD/crypto/dist/krb4/ChangeLog

5520 lines
141 KiB
Plaintext
Raw Blame History

2000-12-25
* configure.in (VERSION): bump to 1.0.5
2000-10-19
* include/Makefile.in (HEADERS): add md4.h, md5.h, sha.h and rc4.h
* appl/kip/common.c (WCOREDUMP): add fallback definition
2000-10-18
* lib/krb/dest_tkt.c (dest_tkt): only return valid error codes
back
* kadmin/admin_server.c: re-structure code to handle DoS attacks
better only allow a constant number of children (100 currently)
keep track of which children have gotten authentication
information and kill the non-authenticated children when there are
new connections
2000-10-16
* server/kerberos.c: handle a fixed number (100) of TCP
connections and kill some randomly if all are busy to try to
mitigate the effects of DoS attacks
2000-10-08
* lib/krb/send_to_kdc.c (send_recv): check that fds are not too
large to select on
* kadmin/admin_server.c (kadm_listen): check that fds are not too
large to select on
* appl/kip/common.c (*): check that fds are not too large to
select on
* appl/bsd/rshd.c (doit): check that fds are not too large to
select on
* appl/bsd/rsh.c (talk): check that fds are not too large to
select on
* appl/bsd/rlogin.c (reader): check that fds are not too large to
select on
* appl/bsd/kcmd.c (kcmd): check that fds are not too large to
select on
2000-09-25
* config.guess: update to version 2000-09-05 (aka 1.156) from
subversions.gnu.org plus some minor tweaks
* config.sub: update to version 2000-09-11 (aka 1.181) from
subversions.gnu.org
2000-09-09
* appl/kip/kipd.c: add back droped slash in kip-control
2000-08-16
* configure.in (getmsg): re-do so it possibly works on redhat 7.0
2000-08-09
* kuser/klist.c (display_srvtab): do not call warn with a variable
as format string
* appl/bsd/rshd.c (doit): do not call warnx with a variable as
format string
2000-07-30
* doc/install.texi: say something about siacfg
2000-06-28
* lib/krb/dest_tkt.c (dest_tkt): rewrite to lstat and compare
numbers
2000-06-10
* appl/bsd: work-around setuid and capabilities bug fixed in Linux
2.2.16
2000-06-08
* configure.in: do not use streams ptys on HP-UX 11
2000-05-15
* lib/krb/rw.c (krb_get_nir): add explicit lengths to the
parameters. before this the function `knew'. change callers.
2000-05-14
* appl/afsutil/aklog.c: look not only in /usr/vice/etc but also in
/usr/arla/etc for configuration files
2000-04-25
* lib/krb/tf_util.c (tf_create): just remove the over-writing of
the old ticket file.
2000-04-09
* lib/krb/getaddrs.c (k_get_all_addrs): apperently solaris can
return EINVAL when the buffer is too small. cope.
* appl/bsd/rshd.c (doit): exec the correct shell
2000-03-26
* config.guess, config.sub: update to current version from
:pserver:anoncvs@subversions.gnu.org:/home/cvs
* appl/bsd/rlogind.c (rlogind_logout, logwtmp): make sure to
always call time and ctime with `time_t's. there were some types
(like in lastlog) that we believed to always be time_t. this has
proven wrong on Solaris 8 in 64-bit mode, where they are stored as
32-bit quantities but time_t has gone up to 64 bits
* appl/bsd/login.c: dito
2000-03-20
* configure.in: add solaris2.8
2000-03-15
* configure.in: on all versions of aix, add `-bnolibpath' to the
linker. otherwise ld will interpret -L as run-time path for where
to find shared libraries and looking in ../../foo is a bad idea.
bug report from Niklas Edmundsson <nikke@ing.umu.se>
2000-03-09
* Release 1.0.1
1999-11-29
* Release 1.0
* lib/krb/krb-protos.h (tf_get_cred_addr): add prototype
* lib/krb/tf_util.c (tf_get_cred_addr): new function for fetching
the NAT addresses stored in the ticket file. From
<thn@stacken.kth.se>
* kuser/klist.c (display_tktfile): dump the IP address being used
when in NAT-mode. From <thn@stacken.kth.se>
1999-11-25
* appl/bsd/rlogind.c (main): getopt returns -1 and not EOF. From
<art@stacken.kth.se>
* lib/krb/krb_ip_realm.c (krb_add_our_ip_for_realm): new function
for obtaining the IP address that the KDC sees us as coming from.
From <thn@stacken.kth.se>
* lib/krb/tf_util.c (tf_get_addr, tf_store_addr): new functions
for storing the NAT-ed address per realm
(tf_get_cred): make sure to ignore all magic credentials
* lib/krb/get_in_tkt.c (krb_get_pw_in_tkt2): if using NAT, store
the address the the KDC saw. (krb_add_our_ip_for_realm)
* lib/krb/send_to_kdc.c: rewrite some. Make sure that we do not
do any hostname lookups when using http through a proxy (the proxy
is supposed to do that in the `real' name-space).
1999-11-19
* appl/bsd/rcmd_util.c (conv): add EXTA and EXTB
Tue Nov 16 1999
* lib/krb/defaults.c (krb_get_default_keyfile): Get value of
KEYFILE from /etc/krb.extra.
1999-11-13
* **/*.c (main): getopt returns -1 not EOF. From
<art@stacken.kth.se>
* configure.in: check for fields in `struct tm' and variable
`timezone', used by strftime
* configure.in (AC_BROKEN): strptime is a new function in roken
opt*: more header files for the tests
Tue Nov 2 1999
* lib/krb/krb.h (TKT_ROOT): Change the definition of TKT_ROOT to a
function call. The returned value is settable in /etc/krb.extra
with the construct krb_default_tkt_root = /tmp/tkt_.
1999-10-06
* lib/krb/verify_user.c: remove ERICSSON_COMPAT, it's apparently
no longer needed
Mon Oct 4 1999
* appl/bsd/klogin.c (multiple_get_tkt): Must use appropiate realm
name when calling krb_get_pw_in_tkt or else you will receive an
inter-realm TGT.
1999-10-03
* doc/problems.texi: add blurb about irix abi:s
1999-09-27
* lib/krb/tf_util.c (tf_init): cygwin work-around
1999-09-16
* configure.in: test for strlcpy, strlcat
* admin/kdb_util.c (main): support `-' as an alias for stdout.
originally from Fredrik Ljungberg <flag@astrogator.se>
1999-09-15
* include/Makefile.in: remove duplicate parse_time.h
* kadmin/ksrvutil_get.c (get_srvtab_ent): better error messages
1999-09-12
* configure.in: revert back awk test, now worked around in
roken.awk
1999-09-06
* doc/problems.texi: document a really working fix for the xlc
-qnolm bug
1999-09-04
* doc/problems.texi: comment about xlc -E brokenness
1999-09-01
* lib/krb/get_krbrlm.c (krb_get_lrealm_f): treat n = 0 the same as
if it were 1 (this should make it backwards compatible with apps
that pass 0 for n)
1999-08-25
* appl/bsd/login.c: surround SGI capability stuff with
`defined(HAVE_CAP_SET_PROC)'
1999-08-24
* kadmin/kadmin.c (add_new_key): add missing space when printing
generated passwords. bug reported by Per Eriksson DMC
<perixon@dsv.su.se>
* lib/krb/verify_user.c (krb_verify_user_srvtab): return last
error instead of KFAILURE when everything fails.
* appl/bsd/klogin.c (multiple_get_tkt): return last error instead
of KFAILURE when everything fails.
1999-08-18
* doc/problems.texi: some y2k stuff
* doc/kth-krb.texi: update copyright, and menu
* doc/intro.texi: remove unix-system section, since it's
impossible to keep up to date
1999-08-13
* configure.in: test for inet_pton include <sys/types.h> in all
utmp tests
1999-07-27
* configure.in: test for struct sockaddr_storage and sa_family
brokenize inet_ntop
1999-07-24
* kadmin/ksrvutil_get.c (get_srvtab_ent): try to print better
error messages
* configure.in (AC_PROG_AWK): disable. mawk seems to mishandle \#
in lib/roken/roken.awk
1999-07-22
* acconfig.h (SunOS): remove definition
* configure.in: define SunOS to xy for SunOS x.y
1999-07-19
* configure.in (AC_BROKEN): check for copyhostent, freehostent,
getipnodebyname, getipnodebyaddr
1999-07-13
* configure.in: use AC_FUNC_GETLOGIN
1999-07-07
* kadmin/admin_server.c (main): call krb_get_lrealm correctly
* appl/bsd/rlogind.c (lowtmp): fill in ut_id
1999-07-06
* include/bits.c: move around __attribute__ to make it work with
old gcc
* appl/bsd/rcp.c (rsource): remove trailing slashes which
otherwise makes us fail
1999-07-04
* appl/afsutil/aklog.c (epxand_cell_name): terminate on #
* lib/kadm/kadm_cli_wrap.c (kadm_cli_send): free the right memory
(none) when kadm_cli_out fails. based on a patch by Buck Huppmann
<Charles-Huppmann@UIowa.edu>
1999-06-24
* configure.in: check for sgi capability stuff
* appl/bsd/login.c: add some kind of sgi capability capability
1999-06-23
* acconfig.h (HAVE_KRB_DISABLE_DEBUG): always define. this makes
the telnet code easier when building heimdal with an older krb4
* lib/krb/kuserok.c (krb_kuserok): add support for multiple local
realms and de-support entries without realm in ~/.klogin
1999-06-19
* lib/krb/send_to_kdc.c: and a new variable `timeout' in krb.extra
instead of always having a timeout of four seconds. based on a
patch by Mattias Amnefelt <mattiasa@stacken.kth.se>
1999-06-17
* appl/bsd/rshd.c: use DES_RW_MAXWRITE instead of BUFSIZ (for
consistency)
* appl/bsd/rsh.c: use DES_RW_MAXWRITE instead of BUFSIZ.
Otherwise, des_enc_read might be buffering data to us and it can
get returned on a des_enc_read to another fd that the original one
:-(
* appl/bsd/bsd_locl.h: DES_RW_{MAXWRITE,BSIZE}
* appl/bsd/encrypt.c: move MAXWRITE and BSIZE to bsd_locl.h and
rename them to DES_RW_\1
1999-06-16
* kuser/kdestroy.c: make unlog and tickets function correctly
* configure.in: correct variables used for socks includes and libs
* lib/krb/{debug_decl.c,krb-protos.h}: add krb_disable_debug
1999-06-15
* kuser/klist.c (display_tokens): type correctness
* lib/krb/send_to_kdc.c (url_parse): always return the port in
network byte order (and be more careful when parsing the port
number)
* lib/krb/send_to_kdc.c (http_recv): handle both HTTP/1.0 and
HTTP/1.1 in reply
1999-06-06
* configure.in: use KRB_CHECK_X
* kuser/kdestroy.c: use print_version
Wed Jun 2 1999
* kadmin/kadmin.c: use print_version; (mod_entry): add command
line options
1999-05-21
* appl/bsd/login.c: limit more stuff for crays; fix call to
login_access
1999-05-19
* man/Makefile.in (install, uninstall): handle relative paths (fix
editline)
1999-05-18
* appl/bsd/bsd_locl.h: update prototype for login_access; declare
`struct aud_rec' to keep AIX xlc happy
1999-05-14
* appl/bsd/login_access.c: merge in more recent code
* configure.in (CHECK_NETINET_IP_AND_TCP): use
1999-05-10
* lib/krb/get_host.c (parse_address): remove trailing slash
* lib/krb/send_to_kdc.c (prog): nuke
(send_to_kdc): restructure. make sure we have used all of the
addresses from gethostbyname before calling send_recv
(send_recv): removed unused parameters
(url_parse): remove trailing slash
(http_recv): make sure the http transaction was succesful
1999-05-08
* configure.in: use the correct include files for the utmp tests
* appl/movemail/pop.c: rename getline -> pop_getline removed
duplicate prototypes
* configure.in: db.h: test for
(getmsg): check for existence before checking if it works (otherwise
it fails with glibc2.1 that implements an always failing getmsg)
* acconfig.h (_GNU_SOURCE): define this to enable (used)
extensions on glibc-based systems such as linux
* configure.in: test for strndup
1999-04-21
* configure.in: replace AC_TEST_PACKAGE with AC_TEST_PACKAGE_NEW
fix test for readline.h add test for four argument el_init
remember to link with $LIB_tgetent when trying linking with
readline
1999-04-16
* configure.in: check for prototype of strsep
Sat Apr 10 1999
* configure.in: fix readline logic
Fri Apr 9 1999
* man/Makefile.in: add editline and push. make install rules
handle paths
Wed Apr 7 1999
* appl/movemail/Makefile.in: fix names of hesiod variables
* configure.in: fix readline flags
Mon Mar 29 1999
* appl/bsd/utmpx_login.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_*
* appl/bsd/utmp_login.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_*
* appl/bsd/rlogind.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_*
* configure.in: include <sys/types.h> in test for ut_*; use
AC_CHECK_XAU
* configure.in: utmp{,x} -> struct utmp{,x}
Sat Mar 27 1999
* configure.in: AC_CHECK_OSFC2
Fri Mar 19 1999
* configure.in: use AC_SHARED_LIBS
* configure.in: remove AIX install hack (fixed in autoconf 2.13)
* server/kerberos.c: fix some printf format strings
Wed Mar 17 1999
* lib/krb/krb.h (KRB_VERIFY_NOT_SECURE): add for completeness
* lib/auth/sia/sia.c (common_auth): use KRB_VERIFY_SECURE instead
of 1
* lib/auth/pam/pam.c (doit): use KRB_VERIFY_SECURE instead of 1
* lib/auth/afskauthlib/verify.c (afs_verify): use
KRB_VERIFY_SECURE instead of 1
Tue Mar 16 1999
* lib/krb/verify_user.c (krb_verify_user): handle multiple local
realms
(krb_verify_user_multiple): remove
* lib/krb/krb-protos.h (krb_verify_user_multiple): remove
* lib/auth/pam/pam.c: krb_verify_user_multiple -> krb_verify_user
* lib/auth/sia/sia.c: krb_verify_user_multiple -> krb_verify_user
* lib/auth/afskauthlib/verify.c: krb_verify_user_multiple ->
krb_verify_user
* lib/krb/getaddrs.c: SOCKADDR_HAS_SA_LEN ->
HAVE_STRUCT_SOCKADDR_SA_LEN
Sat Mar 13 1999
* lib/kadm/check_password.c (kadm_check_pw): cast when calling is*
to get rid of a warning
* lib/acl/acl_files.c (nuke_whitespace): cast when calling is* to
get rid of a warning
* kadmin/ksrvutil.c (usage): update. improve error messages
* appl/bsd/sysv_default.c (trim): cast when calling is* to get rid
of a warning
* appl/bsd/rshd.c (doit): more parenthesis to make gcc happy
* appl/bsd/rsh.c: add `-p'
* appl/bsd/rlogin.c (main): more paranoid parsing of `-p'
* appl/bsd/rcp.c (sink): cast when calling is* to get rid of a
warning
* appl/bsd/login_access.c (login_access): cast when calling
isspace to get rid of a warning
* include/bits.c (my_strupr): rename to strupr and ifdef
(try_signed, try_unsigned): add __attribute__ junk to get rid of two
warnings
* appl/bsd/Makefile.in (SOURCES): add osfc2.c
* admin/kdb_util.c (update_ok_file): add fallback utimes (some
systems seem to fail updating the timestamp with open(), close())
* server/kerberos.c (main): more paranoid parsing of `-a' and `-p'
Thu Mar 11 1999
* configure.in: AC_BROKEN innetgr
* lib/krb/send_to_kdc.c: fix types in format string
* lib/krb/get_host.c: add some if-braces to keep gcc happy
* lib/kadm/kadm_supp.c: fix types in format string
* lib/auth/sia/Makefile.in: WFLAGS
* include/bits.c: fix types in format string
* appl/bsd/su.c: add some if-braces to keep gcc happy
* appl/bsd/rlogind.c: add some if-braces to keep gcc happy
* appl/bsd/rlogin.c: add some if-braces to keep gcc happy
* appl/bsd/login.c: add some if-braces to keep gcc happy
* appl/afsutil/pagsh.c: fix types in format string
Wed Mar 10 1999
* server/kerberos.c: remove unused k_instance
* lib/krb/krb-protos.h (read_service_key): add some consts to
prototype
* lib/krb/read_service_key.c (read_service_key): add some consts
to prototype
* appl/sample/sample_server.c: openlog -> roken_openlog
* appl/kip/kipd.c: openlog -> roken_openlog
* configure.in: use AC_WFLAGS
Mon Mar 1 1999
* acinclude.m4: add
* configure.in: typo
* Makefile.in: use aclocal
* Makefile.export: use aclocal
* configure.in: update to autoconf 2.13
* aclocal.m4.in: have-struct-field.m4, check-type-extra.m4
* acconfig.h: update to autoconf 2.13
* lib/auth/sia/sia.c: SIAENTITY_HAS_OUID -> HAVE_SIAENTITY_OUID
Tue Feb 23 1999
* configure.in: don't include afsl.exp in libkafs.a if building
with dynamic afs support (breaks egcs 1.1.1)
* configure.in: don't build rxkad if not building afs-support
Mon Feb 22 1999
* include/Makefile.in: clean up handling of missing system headers
* configure.in: clean up handling of missing system headers
* aclocal.m4.in: broken-snprintf.m4 broken-glob.m4
* acconfig.h: NEED_{SNPRINTF,GLOB}_PROTO
Mon Feb 15 1999
* configure.in (gethostname, mkstemp): test for prototype
* configure.in: homogenize broken detection with heimdal
Thu Feb 11 1999
* lib/krb/verify_user.c: If secure == KRB_VERIFY_SECURE_FAIL,
return ok if there isn't any service key (or if it can't be read).
* lib/krb/krb.h: KRB_VERIFY_SECURE, KRB_VERIFY_SECURE_FAIL
Wed Jan 13 1999
* kadmin/kadmin.c (add_new_key): enable the `-p password' option
and add the missing code.
* appl/bsd/login_fbtab.c (login_protect): remove `/*' from string
before reading the directory. From "Brandon S. Allbery"
<allbery@ece.cmu.edu>
Fri Dec 18 1998
* man/kadmin.8 (-t): add a note about using `kinit -p'
Mon Dec 14 1998
* lib/krb/name2name.c (krb_name_to_name): really verify we have an
alias before trying to use it as the primary name.
Fri Nov 27 1998
* lib/krb/send_to_kdc.c (url_parse): use correct length when
copying the hostname
Sun Nov 22 1998
* configure.in, acconfig.h: NEED_HSTRERROR_PROTO
* configure.in: use AC_KRB_STRUCT_SPWD
* slave/Makefile.in (WFLAGS): set
* server/Makefile.in (WFLAGS): set
* lib/krb/send_to_kdc.c (send_recv): add `int'
* lib/krb/decomp_ticket.c (decomp_ticket): if the realm is empty,
use the local realm.
* lib/krb/Makefile.in (WFLAGS): set
* lib/kdb/krb_lib.c (kerb_get_principal): correct test
(kerb_put_principal): remove unused variable
* lib/kdb/Makefile.in (WFLAGS): set
* lib/auth/pam/Makefile.in (WFLAGS): set
* lib/auth/afskauthlib/Makefile.in (WFLAGS): set
* lib/acl/Makefile.in (WFLAGS): set
* kuser/Makefile.in (WFLAGS): set
* kadmin/Makefile.in (WFLAGS): set
* include/Makefile.in (WFLAGS): set
* appl/sample/sample_client.c (main): remove unused variable
* appl/sample/Makefile.in (WFLAGS): set
* appl/movemail/Makefile.in (WFLAGS): set
* appl/kip/Makefile.in (WFLAGS): set
* appl/bsd/Makefile.in (WFLAGS): set
* appl/afsutil/pagsh.c (main): fall back to running /bin/sh if
execvp fails.
* appl/afsutil/Makefile.in (WFLAGS): set
* admin/kdb_edit.c (change_principal): remove unused variable
* admin/Makefile.in (WFLAGS): set
* configure.in: check for crypt, environ and struct spwd
Thu Nov 19 1998
* appl/movemail/Makefile.in: link and include hesiod
* configure.in: test for hesiod
Wed Nov 18 1998
* kadmin/kadm_locl.h: include <arpa/inet.h>
* configure.in (freebsd3): seems to like symbolic links for the
shared libraries
1998-11-07
* Makefile.export (ChangeLOG): handle emacs20-style changelog
entries
* lib/kdb/krb_dbm.c (kerb_db_get_principal, kerb_db_iterate):
check return value from `dbm_open'
Fri Oct 23 1998
* lib/kadm/kadm.h: enable new extended kadmin fields by default
Thu Oct 22 1998
* lib/krb/get_host.c (read_file): add more kinds of whitespace
* lib/krb/lsb_addr_comp.c: fix(?) calculations regrding
`firewall_address'
* kadmin/kadmin.c: change timeout to 5 minutes, (sigarlm): only
print message if any tickets were actually destroyed, (main): less
noise, (add_new_key): some cleanup, (del_entry): allow more than
one principal on command line, (get_entry): set more flags
* lib/kadm/kadm.h: add code to get modification date, modifier and
key version number
* lib/kadm/kadm_supp.c: add code to get modification date,
modifier and key version number
* lib/kadm/kadm_stream.c: add code to get modification date,
modifier and key version number
Tue Oct 13 1998
* lib/kadm/Makefile.in: ROKEN_RENAME
* lib/krb/roken_rename.h: add strnlen
* lib/krb/Makefile.in: add strnlen
Sat Oct 3 1998
* doc/install.texi: add comment about afskauthlib being in the
correct object format
Thu Oct 1 1998
* kadmin/kadmin.c (change_admin_password): add `alarm(0)' to
prevent it from timing out
* lib/krb/time.c (krb_kdctimeofday): set `tv'. fix from Thomas
Nystr<74>m <thn@stacken.kth.se>
Mon Sep 28 1998
* appl/bsd/osfc2.c: lots of C2 magic
* appl/bsd/{rshd,rcp_util,rcp}.c: do C2 stuff
* appl/bsd/login.c: move C2 stuff to osfc2.c
* appl/bsd/login.c: call `set_auth_parameters' if OSFC2
Sun Sep 27 1998
* appl/bsd/login.c: add some code to call setluid
Sat Sep 26 1998
* appl/sample/sample_client.c (main): correct test
Sat Sep 12 1998
* configure.in (XauReadAuth): reverse test and check for -lX11
before -lXau, otherwise the test fails on Irix 6.5
Sun Sep 6 1998
* lib/krb/krb-protos.h: fix prototypes for krb_net_{read,write}
* lib/krb/krb_net_{read,write}.c: new files
* lib/krb/Makefile.in: add krb_net_{read,write}
Fri Sep 4 1998
* lib/auth/sia/sia.c (siad_ses_launch, siad_ses_reauthent): use
krb_afslog_home
* lib/auth/pam/pam.c (pam_sm_open_session): use krb_afslog_home
* lib/auth/afskauthlib/verify.c (afs_verify): use
krb_afslog_uid_home
Sun Aug 30 1998
* lib/krb/get_host.c: patch from Derrick J Brashear
<shadow@dementia.org> for doing less DNS lookups
Sun Aug 23 1998
* lib/krb/ticket_memory.c (tf_save_cred): use memcpy to copy the
session key.
Tue Aug 18 1998
* kadmin/kadmin.c (change_password): add `--random'. From Love
H<>rnquist-<2D>strand <lha@elixir.e.kth.se>
Thu Aug 13 1998
* lib/kclient/KClient.c (KClientErrorText): copy the string.
Patch from Daniel Staaf <d96-dst@nada.kth.se>
Tue Jul 28 1998
* appl/bsd/rsh.c (main): make sure not to send `-K' before the
hostname when re-execing
* appl/bsd/su.c: openlog LOG_AUTH
Fri Jul 24 1998
* lib/krb/create_ciph.c: typo: s/tmp/rem/
Wed Jul 22 1998
* lib/krb/send_to_kdc.c (send_recv): return FALSE if recv failed
so that we try the next server
* configure.in (*-*-sunos): no lib_deps
* include/protos.H (utime): update prototype
Thu Jul 16 1998
* acconfig.h (DBDIR, MATCH_SUBDOMAINS): added
* configure.in (--enable-match-subdomains): added
(--with-db-dir): added
* lib/krb/getrealm.c (file_find_realm): fix MATCH_SUBDOMAINS code.
Patch originally from R Lindsay Todd <toddr@rpi.edu>
* lib/krb/dllmain.c: clean-up patch from <d96-dst@nada.kth.se>
* appl/krbmanager: patches from <d96-dst>
Mon Jul 13 1998
* appl/sample/sample_client.c (main): don't advance
hostent->h_addr_list, use a copy instead
* appl/bsd/kcmd.c (kcmd): don't advance hostent->h_addr_list, use
a copy instead
Fri Jul 10 1998
* lib/krb/net{read,write}.c: removed
* lib/krb/Makefile.in: grab net_{read,write}.c from roken
* lib/krb/roken_rename.h: add krb_net_{write,read}
* lib/krb/create_ciph.c (create_ciph): return KFAILURE instead of
NULL
* lib/kadm/kadm_cli_wrap.c (kadm_get): return KADM_NOMEM, not NULL
Wed Jul 8 1998
* server/kerberos.c (make_sockets): strdup the port specification
before strtok_r:ing it
* lib/krb/extra.c (define_variable): return 0
* kuser/klist.c (display_tktfile): only print time diff and
newline if using the longform
Tue Jun 30 1998
* lib/krb/send_to_kdc.c (send_to_kdc): be careful in not advancing
the h_addr_list pointer in the hostent structure
* lib/krb/time.c (krb_kdctimeofday): handle the case of `time_t'
and the type of `tv_sec' being different. patch originally from
<art@stacken.kth.se>
* man/afslog.1: add refs to kafs and kauth
* man/kauth.1: add refs to kafs
* lib/krb/krb_get_in_tkt.c (krb_mk_as_req): remove old code laying
around.
* lib/krb/Makefile.in: add strcat_truncate.c
* lib/auth/sia/krb4+c2_matrix.conf: fix broken lines and typos
* kuser/klist.c (display_tokens): print expired for expired tokens
Sat Jun 13 1998
* kadmin/kadm_ser_wrap.c (kadm_ser_init): new argument `addr'
* kadmin/admin_server.c: new argument `-i' for listening on a
single address
Mon Jun 8 1998
* Release 0.9.9
Wed Jun 3 1998
* lib/krb/extra.c: implement read_extra_file() for Win32
Fri May 29 1998
* configure.in: removed duplicate crypt
* lib/kdb/Makefile.in (roken_rename.h): remove dependency
* lib/acl/Makefile.in (roken_rename.h): remove dependency
* lib/krb/roken_rename.h: remove duplicate flock
* appl/afsutil/aklog.c (createuser): fclose the file
Wed May 27 1998
* lib/krb/Makefile.in (extra.c): add
* slave/kpropd.c: k_flock -> flock
* slave/kprop.c: k_flock -> flock
* lib/krb/tf_util.c: k_flock -> flock
* lib/krb/roken_rename.h: add base64* and flock
* lib/krb/kntoln.c: k_flock -> flock
* lib/kdb/krb_dbm.c: k_flock -> flock
* lib/kdb/Makefile.in: use ROKEN_RENAME to get hold of renames
symbols
Tue May 26 1998
* lib/krb/extra.c: add read flag, so we don't have to look for
non-existant files several times
* lib/krb/send_to_kdc.c: use krb_get_config_string()
* lib/krb/lsb_addr_comp.c: use krb_get_config_bool()
* lib/krb/krb_get_in_tkt.c: use krb_get_config_bool()
* lib/krb/extra.c: parse and use krb.extra file for special
configurations, to lessen the number of environment variables used
* lib/krb/getfile.c: cleanup and add `krb_get_krbextra'
* lib/krb/debug_decl.c: add krb_enable_debug
* lib/krb/lsb_addr_comp.c (lsb_time): if KRB_REVERSE_DIRECTION is
set, negate time (fix for some firewalls)
Mon May 25 1998
* lib/krb/Makefile.in (clean): try to remove shared library debris
(LIBDES and LIB_DEPS): try to figure out dependencies
* lib/kdb/Makefile.in (clean): try to remove shared library debris
* lib/kadm/Makefile.in (clean): try to remove shared library
debris
* configure.in: make symlink magic work with libsl
Mon May 18 1998
* appl/bsd/login.c: Hack for AIX 4.3.
Thu May 14 1998
* configure.in: mips-api support. From Derrick J Brashear
<shadow@dementia.org>
* configure.in: --enable-legacy-kdestroy: added. From Derrick J
Brashear <shadow@dementia.org>
* kuser/kdestroy.c: LEGACY_KDESTROY: add
Wed May 13 1998
* lib/krb/krb.h (const, signed): define when compiling with
non-ANSI comilers. From Derrick J Brashear <shadow@dementia.org>
Mon May 11 1998
* kadmin/admin_server.c: Fix reallocation bug.
Fri May 1 1998
* configure.in: don't test for winsock.h
* slave/kprop.c: unifdef -DHAVE_H_ERRNO
* appl/sample/sample_client.c: unifdef -DHAVE_H_ERRNO
* appl/movemail/pop.c: unifdef -DHAVE_H_ERRNO
* appl/kip/kip.c: unifdef -DHAVE_H_ERRNO
Mon Apr 27 1998
* appl/ftp/ftpd/krb4.c (krb4_adat): applied patch from Love
<lha@elixir.e.kth.se> for checking address in krb_rd_req
Sun Apr 26 1998
* appl/Makefile.in (SUBDIRS): add push
Sun Apr 19 1998
* configure.in: fix for the symlink magic. From Gregory S. Stark
<gsstark@mit.edu>
* doc/Makefile.in (install): ignore failures from install-info.
* lib/krb/Makefile.in (install): don't install include files with
x bit
* lib/kadm/Makefile.in (install): don't install include files with
x bit
* man/Makefile.in: don't install getusershell
* lib/krb/Makefile.in: add symlink magic for linux.
only link in com_err.o and error.o if building shared
* lib/kdb/Makefile.in: add symlink magic for linux
* lib/kadm/Makefile.in: add symlink magic for linux
* configure.in: add symlink magic for Linux
* appl/kx/common.c (connect_local_xsocket): update to try the list
of potential socket pathnames
Tue Apr 7 1998
* lib/krb/getaddrs.c: Don't bail out if various ioctl's fail.
* doc/Makefile.in (kth-krb.info): use `--no-split'
Mon Apr 6 1998
* configure.in: add --disable-cat-manpages
* configure.in: call the shared libraries so.0.9.9 on linux
Sat Apr 4 1998
* lib/Makefile.in (SUBDIRS): changed order so that editline is
built before sl
* lib/*/Makefile.in: shared library dependency information
* doc/Makefile.in (clean): remove *.info*
* merge in win32 changes from <flag@astrogator.se> and
<jfa@pobox.se>
* Makefile.export: aux -> cf
* Makefile.in: aux -> cf
* appl/voodoo/TelnetEngine.cpp (TelnetEngine::Connect): check the
return from `gethostbyname'
* appl/bsd/bsd_locl.h: Check for <io.h> and conditionalize
prepare_utmp. From <d96-mst@nada.kth.se>
* acconfig.h (__EMX__): define MAIL_USE_SYSTEM_LOCK. From
<d96-mst@nada.kth.se>
* include/bits.c: renamed `strupr' to `my_strupr' not to conflict
with any exiting strupr.
Sat Mar 28 1998
* Makefile.in (install): use DESTDIR
* include/Makefile.in (install): depend on all
* man/Makefile.in (install, uninstall): use transform correctly
Fri Mar 27 1998
* configure.in: don't look for dbopen. From Derrick J Brashear
<shadow@dementia.org>
(termcap.h): check for
* lib/krb/Makefile.in: fix for LD options on solaris. From
Derrick J Brashear <shadow@dementia.org>
Thu Mar 19 1998
* appl/kx/common.c: Trying binding sockets in the special
directories for some versions of Solaris and HP-UX
* lib/krb/kdc_reply.c: Check for error code of zero in error
packet from KDC.
Wed Mar 18 1998
* appl/kx/common.c (get_xsockets): try getting sockets in lots of
places
* appl/kauth/kauth.c: return error code from child (plus shell
magic)
* lib/krb/getrealm.c (krb_realmofhost), lib/krb/get_krbrlm.c
(krb_get_lrealm, krb_get_default_realm): When figuring out a
default local realm name avoid going into infinite loops.
Sun Mar 15 1998
* configure.in: test for <term.h> and search for `tgetent' in
ncurses. From Gregory S. Stark <gsstark@mit.edu>
* **/Makefile.in: add DESTDIR support and .PHONY
Sat Mar 7 1998
* kadmin/ksrvutil.c: Remove kvno zero restriction.
* configure.in: Add option `--disable-dynamic-afs' do disable AIX
dynamic loading of afs syscall library. This should hopefully also
work with AIX 3.
* kadmin/ksrvutil.c: Add `delete' function (from Chris Chiappa
<griffon+@cmu.edu>).
Thu Feb 26 1998
* kadmin/kadmin.c (do_init): fix check of return value from
krb_get_default_principal
* lib/kadm/kadm_stream.c (stv_string): use correct offset
Sat Feb 21 1998
* include/Makefile.in: add parse_time.h
* lib/krb/solaris_compat.c: new file with alternative entry points
compatible with solaris's libkrb.
Thu Feb 19 1998
* lib/krb/time.c: Various time related functions.
Tue Feb 17 1998
* lib/krb/send_to_kdc.c: Add some more connection debug traces.
Sun Feb 15 1998
* lib/krb/get_host.c (init_hosts): call k_getportbyname with proto
== "udp" instead of NULL. NULL would be the right thing, but some
libraries are not happy with that.
* appl/bsd/rcp.c: renamed `{local,foreign}' to \1_addr to avoid
conflicts with system header files on mklinux.
* lib/kadm/Makefile.in: Fix rules for kadm_err.[ch].
* lib/krb/krb_err.et: Fix for changes to compile_et.
* lib/com_err/{error.c,com_err.h,com_right.h}: Rename error.h to
com_right.h.
* lib/com_err/{compile_et.c,compile_et.h,lex.l,parse.y}: Switch
back to a yacc-based compile_et.
Tue Feb 10 1998
* appl/kx/kxd.c (doit): fix stupid mistake when marshalling
* lib/krb/Makefile.in: add strcpy_truncate
Sun Feb 8 1998
* lib/krb/netwrite.c (krb_net_write): restart if errno == EINTR
* lib/krb/netread.c (krb_net_read): restart if errno == EINTR
* appl/kx/rxterm.in: redirect std{in,out,err} of xterm to make
sure rshd does not hang.
Sat Feb 7 1998
* lib/acl/acl_files.c (acl_canonicalize_principal): use
krb_parse_name
* lib/krb/rw.c: add a parameter containting maximum size. Change
all callers.
* lots-of-files: replace {REALM_SZ, *_SZ, MaxPathLen,
MaxHostNameLen} + 1 with \1
* appl/bsd/rlogind.c (cleanup): logout -> rlogind_logout
* lib/acl/acl_files.c (acl_canonicalize_principal): use
strcpy_truncate
* include/Makefile.in: fnmatch.h
* appl/ftp/ftpd/ftpd.c: <fnmatch.h>
* lib/kadm/kadm_stream.c (stv_string): don't use strncpy
* lib/auth/sia/sia.c (siad_ses_suauthent): do ugly magic to make
sure `entity->name' is long enough.
* appl/ftp/ftpd/ftpcmd.y: HASSETPROCTITLE -> HAVE_SETPROCTITLE
* appl/bsd/rlogind.c (logout): renamed to rlogind_logout to avoid
conflict with logout() in libutil.
(doit): use forkpty_truncate it there's one
* appl/afsutil/kstring2key.c (krb5_string_to_key): don't use
strcat
* configure.in: add lots of functions and headers that were used
in the code but not tested for.
* lib/krb/send_to_kdc.c (url_parse): re-structured
* kadmin/kadm_locl.h: add prototype for random_password and remove
__P
* appl/bsd/forkpty.c (forkpty_truncate): new function.
use strcpy_truncate instead of strcpy
* appl/bsd/bsd_locl.h: include <libutil.h>.
prototype for forkpty_truncate()
* configure.in: test for <libutil.h>
Fri Feb 6 1998
* kadmin/random_password.c: Random password generation.
* kadmin/kadmin.c: Add some functionality to add_new_key, to make
it more useful with batch creation.
Wed Feb 4 1998
* appl/bsd/login.c (find_in_etc_securetty): new function
(rootterm): call `find_in_etc_securetty'
* appl/bsd/pathnames.h (_PATH_ETC_SECURETTY): add
Tue Feb 3 1998
* kadmin/kadmin.c: Fix `-t' flag. Centralize the calling of
alarm() to a modified sl_loop().
* kadmin/kadmin.c: Add support for `batch' processing, taking a
command from the command line. Remove the automatic destruction of
tickets, instead add a timeout (initially set to 1 minute), after
which any tickets will be destroyed. Option `-m' now sets this
timeout to 0 (disabling timeout). Options `-p' takes a full
principal, and `-u' takes a `username' that is used as the name of
the admin principal to use.
Sat Jan 31 1998
* lib/auth/sia/sia.c: Chown ticket file when doing reauth.
Thu Jan 29 1998
* lib/auth/sia/sia.c: Add support for reauthentication.
Mon Jan 26 1998
* appl/kauth/kauth.c (main): Add debug switch -d to kauth to aid
in finding miss-configurations.
Mon Jan 19 1998
* lib/krb/name2name.c: If inet_addr thinks host's a valid
ip-address, assume it is, and don't call gethostbyname(). This
should fix things like `rsh 1.2.3.4'.
Sat Jan 17 1998
* lib/krb/get_host.c: Check for http-srv records.
* lib/krb/get_host.c: Don't use getprotobyname. Check for `http'
as well as `udp' and `tcp'.
* lib/auth/sia/sia.c: Add password changing support.
* kadmin/new_pwd.c: Use kadm_check_pw.
* lib/kadm/check_password.c: Password quality check, moved from
kpasswd.c.
Fri Jan 16 1998
* kadmin/ksrvutil_get.c: Add `-u' flag to put each key in a
separate file.
Mon Jan 12 1998
* kadmin/admin_server.c: Fix broken realloc of pidarray.
Fri Jan 9 1998
* rename logwtmp -> ftpd_logwtmp not to conflict with libc.
Sun Dec 21 1997
* lib/krb/verify_user.c (krb_verify_user): new argument `srvtab'.
Changed all callers.
Sat Dec 13 1997
* lib/kdb/krb_dbm.c: check return value from dbm_store
Thu Dec 11 1997
* lib/krb/k_flock.c (k_flock): Re-included an implementaion of
k_flock. Changed all library and core application source to use
k_flock.
Tue Dec 9 1997
* appl/kx/kxd.c,common.c: more error testing from Love
H<>rnquist-<2D>strand <e96_lho@elixir.e.kth.se>
Use the correct number of X for mkstemp.
* Release 0.9.8
* Add `--disable-mmap' configure option, do disable all use of
mmap.
* Rename all k_afsklog to krb_afslog.
Mon Dec 8 1997
* kuser/klist.c: Add a header for tokens.
Fri Dec 5 1997
* lib/krb/krb.h: Moved prototypes to krb-protos.h, cruft to
krb-archaeology.h.
Thu Dec 4 1997
* appl/kauth/kauth.c: Use krb_get_pw_in_tkt2.
* lib/krb/get_in_tkt.c: krb_get_pw_in_tkt2 that returns key.
Sun Nov 30 1997
* configure.in: check for tgetent in libcurses
Mon Nov 24 1997
* appl/krbmanager: incorporate patches from <d96-dst@nada.kth.se>
for making sure there's only one instance of krbmanager.
Fri Nov 21 1997
* admin/ext_srvtab.c: use atexit() to stamp out secrets.
Thu Nov 20 1997
* server/kerberos.c: Log funny HTTP requests.
* server/kerberos.c: Add comma to list of port separators for
`-P'.
* appl/voodoo/TelnetEngine.cpp (TelnetEngine::Connect): better
error message (from <d96-dst@nada.kth.se>)
Wed Nov 12 1997
* kuser/klist.c (display_tokens): patch from <e96_lho@e.kth.se>
Sun Nov 9 1997
* Release 0.9.7
* configure.in: test for ssize_t
* appl/bsd/rlogind.c: Fill in ut_type, and ut_exit if they exist.
* appl/kx/common.c (create_and_write_cookie): Create temp file
with mkstemp.
* appl/ftp/ftpd/ftpd.c: conditionalize otp
* appl/bsd/login.c: conditionalize otp
* configure.in: add --disable-otp. update Makefile.in's
* configure.in: define CANONICAL_HOST
* configure.in, aclocal.m4: remove <bind/bitypes.h>. contains
bogus information on Crays.
* include/bits.c: stolen from Heimdal
* include/Makefile.in: replace ktypes.c with bits.c
* lib/krb/getaddrs.c (k_get_all_addrs): cray fix
* configure.in: updated header files
* slave/kpropd.c: Make sure it's the kprop service that tries to
send data.
Fri Nov 7 1997
* configure.in: Added option --with-afsws=/usr/afsws.
* lib/Makefile.in: Build lib/rxkad if we have include file rx/rx.h
Thu Nov 6 1997
* appl/ftp/ftp/ftp.c (sendrequest, recvrequest): do correct tests
for `-'
* appl/ftp/ftp/cmds.c (getit): removed stupid goto
* appl/kauth/kauth.c: Use krb_get_pw_in_tkt(), now that it is
fixed.
* appl/ftp/ftp/cmds.c: Don't retrieve files that start with `..'
or `/' without asking. Reverse test in confirm() to check for `y'
rather than not `n'. Use mkstemp.
* appl/ftp/ftp/ftp.c: Add extra parameter to recvrequest,
specifying if local filenames should be parsed as "-" and "|".
Mon Nov 3 1997
* configure.in: updated broken list. add fclose for proto check.
* kadmin/kadmin.c: updated functions to new style of sl
* appl/bsd/rcp.c, rlogin.c, rsh.c: setuid before doing kerberos
authentication. if that fails, exec ourselves with -K
* appl/bsd/pathnames.h: add _PATH_RCP
* configure.in: test for readv, writev
Fri Oct 24 1997
* lib/krb/tkt_string.c (krb_set_tkt_string): const-ized
* appl/ftp/ftp{,d}: new commands: kdestroy, krbtkfile and afslog.
* appl/afsutil/aklog.c (expand_cell_name): fix parsing of
CellServDB
Sat Oct 11 1997
* appl/telnet/telnetd/sys_term.c (start_login): moved `user' so it
works even if !defined(HAVE_UTMPX_H)
Fri Oct 10 1997
* lib/krb/send_to_kdc.c: Change send_recv* to use a lookup table
indexed by protocol.
Implement http proxy use, enabled via `krb4_proxy' environment
variable.
Thu Oct 9 1997
* lib/krb/getrealm.c: Don't lookup top-level domains. Try files
before doing DNS.
Thu Oct 2 1997
* appl/krbmanager: Turned into a ticket management program.
* lib/krb/{dllmain,ticket_memory}.c: Add some KrbManager
interaction.
Sat Sep 27 1997
* appl/voodoo: Major fixes of terminal emulation, and other
things.
Fri Sep 26 1997
* server/kerberos.c: Cleanup socket-opening code. Add HTTP
support.
* lib/krb/send_to_kdc.c: Add Kerberos over HTTP.
* lib/krb/get_host.c: Parse URL-style host-specifications.
* include/win32: add `version.h' and `ktypes.h'
* lib/kclient/KClient.def: rename kclnt32 to make Eudora
happy. Add SendTicketForService
* lib/kclient/KClient.c: implement SendTicketForService. Used by
Eudora.
* appl/voodoo/voodoo.mak: kclient renamed as kclnt32
Thu Sep 25 1997
* Moved various base64 implementations to roken.
Thu Sep 18 1997
* appl/telnet/telnetd/telnetd.c: Move the call to startslave()
into the telnet() loop. This way we'll maximise the chance that
the transmission is encrypted before starting login. This will
hopefully remove the irritating warning you would get with some
macintosh telnet clients.
Wed Sep 17 1997
* appl/telnet/telnetd/sys_term.c: Fix for duplicate `-- user'.
Tue Sep 9 1997
* server/kerberos.c: More detailed logging
Fri Sep 5 1997
* lib/kafs/afssysdefs.h: HP-UX 10.20 seems to use 48
Thu Sep 4 1997
* lib/des/Makefile.in: quote the test for $(CC) correctly
Wed Sep 3 1997
* include/ktypes.c: Move __BIT_TYPES_DEFINED__ to after including
other stuff.
* lib/rxkad/rxk_locl.c (rxkad_calc_header_iv): Simplify header IV
calculation.
* lib/rxkad/osi_alloc.c (osi_Alloc): Memory allocation routines
for user space. There is no longer any need for conditional
compilation of user/kernel-space versions of librxkad.a.
* lib/rxkad/rxk_clnt.c (rxkad_NewClientSecurityObject): Use
Transarc FC-crypto to generate random numbers. We no longer need
to link a DES library into the kernel.
Tue Sep 2 1997
* appl/ftp/ftpd/ftpd.c (pass): chown the ticket file is logging in
with clear-text passwords and using kerberos
* lib/krb/krb_log.h: new file
* lib/krb/krb.h: moved all logging functions to krb_log.h.
Include krb_log.h in appropriate places. From
<shadow@dementia.org>
Mon Sep 1 1997
* appl/kx/kx.c: more intelligent check for passive mode new option
`-P' to force passive mode
Sat Aug 23 1997
* lib/krb/krb_get_in_tkt.c: rename krb_as_req -> krb_mk_as_req
Wed Aug 20 1997
* lib/rxkad/rxkad.h, rxk_serv.c (server_CheckResponse): Increase
limit of ticket lengths to 1024 at server end.
* lib/rxkad/rxk_clnt.c (rxkad_NewClientSecurityObject): Support
for almost arbitrary ticket lengths.
Tue Aug 19 1997
* kadmin/ksrvutil_get.c: Make sure we're talking to the admin
server when getting ticket.
* lib/krb/send_to_kdc.c: Add flag to always use admin server.
Sun Aug 17 1997
* appl/kx/rxtelnet.in: reverse the looking for xterm loops Use
`-n' and not `-name' to xterm
* server/kerberos.c: implement `-i' for only listening on one
address
* lib/kadm/kadm_cli_wrap.c: Implement kadm_change_pw2 to be
compatible with CNS. From <shadow@dementia.org>
* appl/ftp/ftpd/ftpd.c: removed bogus reset of `debug'
* appl/ftp/ftpd/extern.h: define NBBY if needed
* configure.in: os2 fixes: -Zcrtdll and check for chroot
Wed Aug 13 1997
* lib/krb/get_in_tkt.c: Use new get_in_tkt functions, and
implement kerberos 5 salts.
* lib/krb/krb_get_in_tkt.c: Split krb_get_in_tkt in two functions
so it's possible to try several key-procs with just one request to
the KDC.
Wed Jul 23 1997
* lib/rxkad/rxk_serv.c (decode_krb4_ticket): New functions
decode_xxx_ticket so that it is possible to also decode kerberos
version 5 tickets.
Sat Jul 19 1997
* doc/Makefile.in: `test -f' is more portable than `test -e'
Tue Jul 15 1997
* lib/kafs/kafs.h, lib/krb/krb.h: swap order of <sys/cdefs.h> and
<ktypes.h>. Another fix form <shadow@dementia.org>
Fri Jul 11 1997
* lib/krb/krb.h: non-ANSI fix from <shadow@dementia.org>
Fri Jun 27 1997
* man/otp.1: `-o' option
* appl/otp/otp.c: List lock-time with `-l'. New option `-o' to
open an locked entry.
* lib/otp/otp_db.c (otp_get_internal): Save lock_time in returned
struct.
* lib/otp/otp.h: New field `lock_time' in OtpContext
Thu Jun 26 1997
* man/otp.1, man/otpprint.1: Update changed default to `md5'
* appl/bsd/rsh.c: Don't use a hard-coded constant in `select'
* configure.in, include/ktypes.c: Handle the case of there being
an old version of our `sys/bitypes.h'.
Sun Jun 22 1997
* lib/des: Merge in changes from libdes 4.01. The optimizations
written in assembler are not used since they in general wont't
work with shared libraries.
Fri Jun 20 1997
* lib/krb/netread.c, netwrite.c: Handle windows discrimation of
sockets.
Sun Jun 15 1997
* appl/kpopper/pop_init.c: Use `STDIN_FILENO' and `STDOUT_FILENO'
instead of `sp'. OSF's libc isn't quite prepared to have two
different FILEs refer to the same file descriptor.
Thu Jun 12 1997
* doc/dir: Add dir template file.
* appl/kauth/kauth.c (main): AFS style positional argument for -n
option.
* appl/xnlock/xnlock.c (verify): New resource destroyTickets and
corresponding option -nodestroytickets. First try local
authentication and if it fails try kerberos.
Sun Jun 8 1997
* appl/ftp/ftpd/popen.c (ftpd_popen): Correct initialization of
`foo' before call to `strtok_r'
Wed Jun 4 1997
* doc/*.texi: Use @url.
* doc/setup.texi: Added @ifinfo around @dircategory
Tue Jun 3 1997
* Release 0.9.6
* appl/kx/rxtelnet.in, appl/kx/rxterm.in: new argument '-w
term_emulator' for specifiying which terminal emulator to use.
Based on a patch from <arve@nada.kth.se>.
Mon Jun 2 1997
* appl/xnlock/Makefile.in, appl/kx/Makefile.in,
lib/auth/Makefile.in: fix the Makefile to do the for loops the
automake way.
Sun Jun 1 1997
* appl/xnlock/Makefile.in, appl/kx/Makefile.in: do install
correctly even if there are no programs to install
* configure.in: Check for `h_nerr'.
* lib/auth/pam/pam.c: Include <security/pam_appl.h> to make it
compile on Solaris 2.6
lib/sl/sl.c, lib/krb/realm_parse.c, appl/ftp/ftpd/popen.c,
appl/ftp/ftpd/ftpd.c, appl/bsd/login_fbtab.c,
appl/bsd/login_access.c: Initialize the `lasts' to NULL before
calling strtok_r the first time. With our strtok_r it's not
necessary, but the man-page on SGIs says it should be done.
Fri May 30 1997
* lib/krb/mk_req.c (krb_mk_req, get_ad_tkt): Support for
multi-realm ticket files by using the best matching TGT to define
the realm of the ticket holder.
* appl/bsd/utmpx_login.c (utmpx_update): Set `ut_id' if we're
using utmpx
* appl/telnet/telnetd/sys_term.c (start_login): Set `ut_id' if
we're using utmpx
Wed May 28 1997
* lib/roken/daemon.c: New file.
* include/protos.H: <sys/types.h> needed on solaris 2.4
Mon May 26 1997
* appl/bsd/su.c (kerberos): If kerberos password is zero length
immediately try next scheme.
* lib/kafs/afskrb.c (k_afsklog_uid): Token lifetime should be even
if we don't know the proper ViceId.
* Release 0.9.5
* man/Makefile.in: Install preformatted manual pages with correct
suffix on *BSD.
Sun May 25 1997
* appl/kpopper/popper.h: Remove XTND, and XTND XMIT. Rename XTND
XOVER to XOVER.
* appl/telnet/telnetd/sys_term.c: Only include <utmp.h> and
<utmpx.h> once
* fix-export: Also create cat manpages.
* appl/ftp/ftpd/logwtmp.c: Check for `_PATH_WTMP'
* appl/telnet/telnetd/sys_term.c: Ditto.
Remove stupid macros.
* appl/ftp/ftp/cmds.c (setpeer): Check for `__unix'. This is
(apparently) a standard with many representations.
* appl/ftp/ftpd/ftpcmd.y (SYST): Ditto.
* appl/ftp/ftpd/ftpd.c (retrieve): file must exist to apply a
command to it.
* appl/ftp/ftpd/ftpd.c (retrieve): Generalise list of commands and
basename argument.
* appl/ftp/ftpd/popen.c (ftpd_popen): Try standard binary if the
one in ~ftp fails.
* appl/telnet/telnetd/sys_term.c: Use `_getpty' if there's one
* appl/bsd/forkpty.c: Use `_getpty' if there's one
* configure.in: check for `_getpty'
* acconfig.h: correct test for IRIX
* lib/roken/snprintf.c: code for checking the correct functioning
of *nprintf is now #ifdef PARANOIA
* appl/bsd/rlogind.c: fix logging in wtmp and parsing of winsize
* appl/bsd/rlogin.c: New option `-p'.
* lib/des/fcrypt.c: removed `inline' from `des_set_key'
Thu May 22 1997
* lib/des/md5.c (MD5Final): Made signature compliant with FreeBSD.
* lib/des/md5.h: Remove digest from MD5_CTX, it is now an argument
to MD5Final instead.
* lib/des/fcrypt.c: Also support MD5 style crypt(2).
Tue May 20 1997
* appl/telnet/telnetd/sys_term.c: utmp stuff now seems to be
compatible with login
* appl/ftp/ftpd/logwtmp.c: Add support for logging to wtmpx
* (*/)*/Makefile.in:s (install): Avoid redundant multiple
recursion in install targets.
* Made things compile with socks5-v1.0r1.
* appl/telnet/telnetd/sys_term.c: changed utmp-stuff not to use
ut_id at all
* appl/bsd/utmpx_login.c: handle case where there's no wtmpx (such
as HP-UX 10)
* appl/bsd/rlogind.c: Added support for utmpx
Sun May 18 1997
* lib/roken: removed herror, strchr, and strrchr
* lib/krb/dest_tkt.c(dest_tkt): Only use `lstat' iff HAVE_LSTAT
* lib/krb: snprintf, strdup, strtok_r, and strcasecmp always live
in lib/roken and get linked here when needed.
* lib/roken: removed strchr, strrchr.
* appl/telnet/telnet/telnet.c: Always use our own `setupterm' for
compatibility reasons.
* appl/telnet/telnetd/telnetd.c: Removed <curses.h> and <term.h>.
They doesn't seem to be used and breaks on fujitsu.
* appl/kx/kx.c: try to give a better error message (than a core
dump :-) when talking to an old kxd.
* appl/kx/kxd.c, appl/kip/kipd.c, appl/kauth/kauthd.c: corrected
fencepost error with KRB_SENDAUTH_VLEN.
* appl/ftp/common/buffer.c: new file.
* configure.in: cray hides their bitypes in <bind/bitypes.h>.
Also check for this file.
* appl/telnet/telnet/telnet_locl.h: moved termios.h before
curses.h. This was needed to compile on cray, but will probably
break on some other host.
Thu May 15 1997
* server/kerberos.c: Implement changes to the tcp protocol, while
being compatible with the old protocol.
* lib/krb/send_to_kdc.c: The old method to signal end of
transmission by closing the sending side of the socket does not
work well through some firewalls. This is now changed so that the
client instead sends the length of the request as a four byte
integer (in network byte order) before sending the data.
Wed May 14 1997
* appl/telnet/telnetd/sys_term.c: HAVE_UTMPX -> HAVE_UTMPX_H. Fix
for OSF1.
* appl/bsd/utmp_login.c: UTMPX_DOES_UTMP_LOGGING -> HAVE_UTMPX_H
* appl/bsd/sysv_environ.c: Use k_concat rather than snprintf.
Tue May 13 1997
* kuser/klist.c: updated usage string
* lib/otp/otp_print.c: make word table and reverse word table
constant
Sun May 11 1997
* */*: Added some __attribute__ ((format (printf))) and fixes
where needed.
* appl/ftp/common/sockbuf.c: start probing at 4Mb
* appl/ftp/ftpd/ftpd.c: use MAP_FAILED
* appl/ftp/ftp/ftp.c: Use MAP_FAILED.
(alloc_buffer): new function for allocating a buffer of size
max(BUFSIZ, st.st_blksize) (Based on a patch from
<haba@pdc.kth.se>)
* appl/ftpd/ftpdcmd.y: hack for reget.
* appl/kx/kxd.c: Give a error message to old-version kx.
* replaced vsprintf with vsnprintf.
* lib/roken/vsyslog.c: not used. removed.
* Changed <sys/bitypes.h> -> <ktypes.h>
* include/Makefile.in: Added ktypes.h
* include/sys/Makefile.in: removed bitypes.h
Wed May 7 1997
* appl/ftp/ftp/ftp.c: Open files in binary mode.
* appl/ftp/ftpd/ftpd.c (checkaccess): Changed to make absent file
mean `allow'. Added shell matching to names (if fnmatch is
available).
* appl/ftp/ftpd/kauth.c (kauth): Use `DEFAULT_TKT_LIFE'
* appl/ftp/ftpd/ftpcmd.y, appl/ftp/ftpd/ftpd.c: always cast to
(long) before printing out an `off_t'
* lib/kdb/print_princ.c (krb_print_principal),
lib/kdb/krb_lib.c (kerb_put_principal),
admin/kdb_edit.c (change_principal),
admin/kdb_util.c (print_time) : gmtime should never return
tm_year > 1900
* appl/ftp/ftpd/ftpcmd.y: Year 2000 fix
* appl/telnet/telnetd/telnetd.c: removed code that used `getent'
* lib/roken/getent.c: removed
Mon May 5 1997
* appl/ftp/ftpd/ftpd.c: fix for mmap and restart_point
* kadmin/ksrvutil_get.c (ksrvutil_get): get correct default realm
Sun May 4 1997
* configure.in (REAL_PICFLAGS): Use `-fPIC' instead of `-fpic',
otherwise it's not possible to make libotp on hpux.
* configure.in: try sending picflags even when linking a shared
library with $CC
* lib/roken/getent.c: remove getstr
* configure.in: removed unneeded REAL_-variables working shared
libraries on *bsd*
* appl/kip/kip.h: Added <net/if_var.h>
* */Makefile.in: Use @LDSHARED@
* configure.in: Fix shared libraries on HP/UX.
check for curses.h
check for `getstr' and `cgetstr' in curses
* appl/telnet/telnet: clean-up
* lib/kafs/afssys.c: ifdef-out the code that is not used to avoid
referencing `syscall' on AIX.
* lib/krb/et_list.c: s/WEAK_PRAGMA/PRAGMA_WEAK/
* aclocal.m4 (AC_HAVE_PRAGMA_WEAK): redirect output
* lib/roken/snprintf.c: fix for the case of max_sz == 0
* doc/kth-krb.texi: Add @dircategory and @direntry to enable
`install-info' to install this entry in `dir'.
* appl/telnet/telnetd/Makefile.in: Don't link with getstr
* lib/auth/sia/krb4_matrix.conf: Fix entries for ses_release and
chk_user.
Sat May 3 1997
* lib/auth/sia/sia.c: Some cleanup.
Fri May 2 1997
* configure.in: only link the programs that need it with the
db/dbm library
* lib/auth/sia/sia.c: Merge code for for normal and su
authentication.
* Replaced sprintf with snprintf and asprintf all over the place.
* lib/roken/snprintf.c: Added asnprintf and vasnprintf
* lib/roken/snprintf.c: implemented asprintf, vasprintf
* lib/roken/snprintf.c: new file
Thu May 1 1997
* lib/kafs/afskrb.c (k_afsklog_all_local_cells): Use `k_concat'
Wed Apr 30 1997
* lib/krb/{get_host,get_krbrlm,getrealm,realm_parse}.c: Fix some
potential buffer overruns.
* lib/krb/k_concat.c: Safely concatenate two strings.
Sat Apr 26 1997
* appl/telnet/libtelnet/kerberos.c: removed stupid #if 0
* appl/bsd/rlogind.c (send_oob): different default for `last_oob'
to avoid losing first OOB packet
Fri Apr 25 1997
* appl/voodoo/AuthOption.cpp: provoke the telnetd in turning on
encryption
Wed Apr 23 1997
* lib/kafs/afskrb.c (realm_of_cell): don't overflow buffer with
result from `gethostbyaddr'
* lib/krb/name2name.c (krb_name_to_name): new parameter
`phost_size' to disable buffer overflowing. Changed all callers.
* lib/krb/k_getsockinst.c: New parameter `inst_size' to disable
buffer overflowing. Changed all callers.
* appl/kpopper/Makefile.in: soriasis make stupidity
* appl/kx/Makefile.in: don't include encdata.c in SOURCES_COMMON,
otherwise DEC make gets upset.
Tue Apr 22 1997
* lib/krb/k_getsockinst.c: Use same name as in krb_get_phost.
* acconfig.h: hp-ux 10 also has `pututxline' that writes both to
utmp and utmpx.
Sun Apr 20 1997
* include/win32/config.h: adapted to win95/NT
* appl/voodoo: Merged in win32-telnet from <d93-jka@nada.kth.se>
* lib/krb/tkt_string.c: dummy `getuid' function.
* lib/krb/ticket_memory.c (tf_setup): implement
* lib/roken/roken.mak, roken.def: new files
* lib/des/des.def: Removed des_random_{seed,key}
* lib/krb/dllmain.c: Rewrote `msg'.
Better explanation when it fails to spawn `krbmanager'.
* lib/krb/tf_util.c: backwards `in_tkt' added.
* lib/krb/in_tkt.c: removed
* lib/kclient/KClient: Reformatted and fixed.
Sat Apr 19 1997
* appl/ftp/ftpd/ftpd.c: Incorporate /etc/ftpusers changes from
NetBSD.
* appl/ftp/ftpd/ftpd.c: Handle oob-stuff better.
Fri Apr 18 1997
* appl/kpopper/pop_{dropinfo,send,updt}.c: Fix 'From ' line
parsing bug.
* appl/kpopper/pop_dropinfo.c: Add support for xover.
* appl/kpopper/pop_xover.c: Add some kind of xover support.
* appl/kpopper/pop_debug.c: New tiny popper debugging program.
Tue Apr 15 1997
* lib/krb/kdc_reply.c (kdc_reply_cred): fix sanity checks.
* appl/bsd/rshd.c: k_afsklog so that remote command gets a token.
fix usage string.
Sat Apr 12 1997
* appl/bsd/rcp.c (main): Rcp implements encrypted file transfer
without using the kshell service.
* lib/krb/mk_safe.c: Emit new checksum.
* lib/krb/rd_safe.c: New code to handle both new and old
checksums.
* lib/des/qud_cksm.c: Fix compatibility with mit deslib.
Fri Apr 11 1997
* lib/sl/sl.c (sl_match): initialize `partial_cmd'
Sun Apr 6 1997
* lib/kafs/kafs.h: Ugly addition of `_P'
* lib/kafs/afssys.c: <sys/socket.h> contains the definition of
`_IOW' on cygwin32.
* appl/telnet/telnet/utilities.c: <sys/socket.h> needed by
cygwin32
* doc/Makefile.in: always run $(MAKEINFO).
* lib/otp/otp_md.c (sha_finito_little_endian): byte-swap
correctly.
* include/sys/bitypes.H: Added #ifndef for types
* configure.in: test for types
* aclocal.m4: Stolen AC_GROK_TYPES? from heimdal
* appl/ftp/ftp/ftp.c: Fix passive mode.
Sat Apr 5 1997
* appl/kauth/ksrvtgt.in: New ksrvtgt script.
Fri Apr 4 1997
* lib/krb/kdc_reply.c: Add some range checking.
* lib/otp/otptest.c: Updated tests from `draft-ietf-otp-01.txt'.
Passes verification examples from appendix C.
* admin/kdb_util.c: All usage strings are now consistent (and even
with the code)!
Thu Apr 3 1997
* lib/kafs/afssys.c (k_pioctl): Separate syscall functionality and
kerberos convenience routines into afssys.c and afskrb.c. This to
make it possible to use k_pioctl() without linking in all
libraries in the world.
Tue Apr 1 1997
* appl/telnet/telnet/commands.c: Rename suspend to telnetsuspend,
since Unicos has one of its own.
Sun Mar 30 1997
* appl/bsd/{rsh,rlogin}.c: Don't look at argv[0].
* man/tenletxr.1: new file
* appl/kx/rxtelnet.in, appl/kx/rxterm.in, appl/kx/tenletxr.in:
Support `-k'
* appl/kx/tenletxr.in: new script for running kx in backwards
mode.
* appl/kx: New version of protocol.
* appl/kauth: Use err & c:o
* appl/kauth/encdata.c (read_encrypted): Give better return code
for EOF
* appl/ftp/ftp/krb4.c: Use stdout rather than stderr. Add newlines
to many strings.
* kuser/kdestroy.c: Use set_progname, make -q equal to -f, remove
bell.
* lib/roken/warnerr.c: New function set_progname.
* aclocal.m4: Invert test of AC_NEED_DECLARATION and rename it to
AC_CHECK_DECLARATION. Add new function AC_CHECK_VAR, that looks
for a variable, including a declaration.
* lib/roken/roken.h: Add optional declaration for __progname.
* lib/roken/*{err,warn}.c: Restructure err and warn functions.
Sat Mar 29 1997
* appl/telnet/telnet/sys_bsd.c: Maybe-fix for HP-UX 10: Ifdef
SO_OOBINLINE, don't even select for exceptional conditions.
* lib/otp/otp_md.c: always downcase the seed.
byte-swap the SHA result.
Thu Mar 27 1997
* appl/otp/otp.c: removed bad free of global data
Sun Mar 23 1997
* configure.in: moved version.h and config.h to include
* acconfig.h: Fix utmp/utmpx stuff on OSF/1.
* appl/bsd/rlogind.c (control): Rewritten to handle the case of
there being no `ws_xpixel' and `ws_ypixel'
* appl/bsd/rlogin.c (sendwindow): Rewritten to handle the case of
there being no `ws_xpixel' and `ws_ypixel'
* aclocal.m4 (AC_KRB_STRUCT_WINSIZE): Also test for `ws_xpixel'
and `ws_ypixel'
* lib/otp/otp.h: Change default global timeout
* lib/krb/tf_util.c (tf_setup): Also take `pname' and `pinst'
* appl/telnet/telnetd/sys_term.c, appl/bsd/utmpx_login.c: Do
gettimeofday and then copy the data for the sake of those systems
like SGI that can have different timevals in file and memory.
* configure.in: Allow `--with-readline'
* lib/editline/edit_compat.c (readline): strdup data before
returning it.
* appl/telnet/telnetd/state.c: Change size of subbuffer to 2k.
Thu Mar 20 1997
* lib/krb/decomp_ticket.c: Add some range checking.
* appl/ftp/ftpd/krb4.c: Check return value from krb_net_write.
* appl/ftp/ftp/ftp.c: Fix hash mark printing.
Wed Mar 19 1997
* appl/kauth/kauthd.c: more logging
* man/kx.1, man/kxd.8: Updated.
* appl/kx/kx.c, kxd.c: Hacked so that all TCP-connections are kx
-> kxd
* lib/editline/edit_compat.c: BSD libedit comatibility.
Wed Mar 12 1997
* appl/ftp/ftpd/ftpd.c: Set `byte_count' even when using mmap.
Log foreign IP address together with hostname.
Mon Mar 10 1997
* server/kerberos.c: Fix log file muddle.
Sun Mar 9 1997
* appl/bsd/kcmd.c (kcmd): check malloc for failure.
Tue Feb 25 1997
* man/ftpd.8: Documented the `-g' option.
* appl/ftp/ftpd/ftpd.c: New option `-g umask' for specifying the
umask for anonymous users.
* appl/ftp/ftpd/ftpd.c: conditionalize SIGURG
* appl/otp/otp.c: More fixes from Fabien COELHO
<coelho@cri.ensmp.fr>. Check for current OTP before allowing the
update.
Wed Feb 19 1997
* appl/otp/otp.c: updated help string
* appl/bsd/Makefile.in: Fixed installation of suid programs.
* appl/telnet/libtelnet/kerberos.c: fix some stuff to get
forwarding code to compile
* lib/otp/otp_db.c: fix for signed char overflow.
* lib/krb/resolve.c: Patch from J<>rgen Wahlsten
<wahlsten@pathfinder.com>: Zero out resource record, and send
correct length to dn_expand.
Mon Feb 17 1997
* lib/roken/roken.h: Check for `_setsid'
* appl/ftp/ftp/ftp.c: s/__CYGWIN32__/HAVE_H_ERRNO/
* include/Makefile.in: Generete krb_err.h and kadm_err.h before
linking/copying them
* aclocal.m4: AC_FIND_FUNC: Add the library at the beginning of
the list.
* configure.in: Use AC_PROG_RANLIB
Always use EMXOMF under OS/2
Check for sys/termio.h and _setsid
* configure.in: A preliminary fix for editline.
* appl/telnet/libtelnet/kerberos.c: Include ticket forwarding
stuff.
* lib/krb/krb_get_in_tkt.c: Use tf_setup.
* lib/krb/krb_get_in_tkt.c: New function tf_setup.
Sat Feb 15 1997
* man/otp.1: updated
* appl/otp/otp.c: New options `-d' and `-r'. From Fabien COELHO
<coelho@cri.ensmp.fr>
* lib/otp/otp.h: Changed default from md4 to md5
* lib/otp/otp_db.c (otp_get, otp_simple_get): New functions.
Thu Feb 13 1997
* appl/kx/rxtelnet.in: allow specification of port number
* appl/otp/otp.c: Add `-u' option
Sun Feb 9 1997
* appl/ftp/common/glob.c: Rename FOO -> CHAR_FOO to avoid
collision with symbol in sys/ioctl.h
Fri Feb 7 1997
* man/kpropd.8: updated
* appl/bsd/rcmd_util.c: warning needs to know what program is
used.
* slave/kpropd.c: New explicit flag `-i' for interactive. Don't
use AI to figure out if we have been started by inetd or not.
Thu Feb 6 1997
* appl/kx/rxtelnet.in, appl/kx/rxterm.in: Patch for sending -l to
kx. From <map@stacken.kth.se>
* kuser/klist.c: corrected alignment of `expired'
* appl/telnet/telnet/commands.c: replaced lots of \n by \r\n
Mon Feb 3 1997
* configure.in (socket, gethostbyname, getsockopt, setsockopt):
Better tests.
(HAVE_H_ERRNO): New test
* lib/roken/herror.c (herror): Check HAVE_H_ERRNO
lots of other files as well.
Sat Feb 1 1997
* appl/bsd/rcp.c: Work around the non-working getpw* in cygwin32
* lib/krb/logging.c: Init function for `std_log<6F>
* appl/telnet/telnet/utilities.c: Remove `upcase<73>
Check HAVE_SETSOCKOPT
* appl/telnet/telnet/telnet.c: Use `strupr<70> instead of `upcase<73>
* appl/telnet/telnet/commands.c, appl/movemail/pop.c,
appl/kauth/rkinit.c, appl/ftp/ftp/ftp.c,
appl/sample/sample_client.c: Ifdef around for the non-existence of
`h_errno' in cygwin32.
* lib/des/read_pwd.c: work-around for cygwin32
* appl/telnet/telnet/sys_bsd.c: work-around for cygwin32
Fri Jan 31 1997
* lib/krb/tf_util.c: gnu-win32 needs to open files with O_BINARY.
Sun Jan 26 1997
* configure.in: removed duplicate of initgroups and lstat
Use AC_KRB_STRUCT_WINSIZE
* aclocal.m4 (AC_KRB_STRUCT_WINSIZE): New test
* lib/krb/getaddrs.c: Check for SIOCGIFFLAGS and SIOCGIFADDR
* appl/bsd/rlogin.c: conditional on SIGWINCH
* appl/bsd/rcmd_util.c et al: conditional getsockopt
* configure.in (cygwin32): New target
(getsockopt, getsockopt): Test for
(herror, hstrerror): Better tests
* aclocal.m4 (AC_FIND_IF_NOT_BROKEN): Pass arguments to
AC_FIND_FUNC
Thu Jan 23 1997
* configure.in: Add EXECSUFFIX
* appl/kx/rxterm.in: rsh -n
* lib/krb/unparse_name.c (krb_unparse_name_long_r): new function
* lib/auth/sia/sia.c: Fix a bug with ticket filename. Add afs
support.
* lib/krb/get_host.c: Use KRB_SERVICE.
Wed Jan 22 1997
* lib/auth/sia/Makefile.in: Add linker magic fix for broken,
conflicting kerberos code in xdm.
Tue Jan 21 1997
* appl/xnlock/xnlock.c (verify): Change the "LOGOUT" password to
be manageable as X-resource XNlock*logoutPasswd. The password is
stored in UNIX crypt format so that it can be stored in a global
resource file for sites that whish to keep it a secret.
* configure.in: Check for winsize in sys/ioctl.h also.
Sat Jan 18 1997
* lib/krb/get_default_principal.c: Use principal from
KRB4PRINCIPAL before using uid.
Wed Jan 15 1997
* appl/telnet/telnet/sys_bsd.c: Use `get_window_size'
* lib/roken/get_window_size.c: New file
* appl/bsd/rlogin.c: Use `get_window_size'
* appl/bsd/forkpty.c, appl/bsd/rlogind.c: conditionalize on
TIOCSWINSZ
* configure.in: Check for `_scrsize' and `struct winsize'
Tue Jan 14 1997
* Makefile.in (install-strip, travelkit-strip): New targets.
Thu Jan 9 1997
* */Makefile.in: Use @foo_prefix@ and @program_transform_name@
Add code to uninstall target
Thu Dec 19 1996
* configure.in: Set LIBPREFIX
* config.sub: Add os2 as a system
* config.guess: Try to recognize i386-pc-os2_emx
* configure.in: case for *-*-os2_emx
NEED_PROTO for `strtok_r'
* aclocal.m4: ranlib is apparently calld EMXOMF on OS/2
(AC_KRB_PROG_LN_S): New test that uses cp if ln fails
Wed Dec 18 1996
* appl/bsd/login.c (main): First try to verify password using
standard UNIX method and if it fails try kerberos authentication.
Sat Dec 14 1996
* appl/bsd/rcp.c: consider case of no fchmod
* appl/kpopper/pop_init.c: Use k_getsockinst.
* lib/roken/{strupr,strlwr,strchr,strrchr,lstat,initgroups,chown,
fchown,rcmd}.c: new files
* appl/kpopper/pop_lower.c: Removed.
* Makefile.in (travelkit): New target.
Tue Dec 10 1996
* lib/krb/parse_name.c (kname_parse): Only copy realm if it is
specified.
* lib/krb/get_host.c (krb_get_host): Treat no realm as local
realm.
Mon Dec 9 1996
* appl/ftp/ftpd/ftpd.c: Get afs-tokens when logging in with
password.
* slave/kprop.c: flock with K_LOCK_SH
Wed Dec 4 1996
* appl/telnet/telnet/commands.c: Also export XAUTHORITY
Sun Dec 1 1996
* kadmin/ksrvutil.c: If realm is not specified, use the local one.
Sat Nov 30 1996
* appl/kauth/kauthd.c: Use KAUTH_VERSION. Try to give correct
error messages back to kauth.
* config.sub, config.guess: Merged in changes from autoconf 2.12
* appl/bsd/rsh.c: quick hack to make `-n' to the right thing.
* kadmin/kadm_locl.h: Add prototype for FascistCheck.
Thu Nov 28 1996
* man/afslog.1: Documented `-createuser'
* appl/afsutil/aklog.c: removed `cell_of_file' Added option
`-createuser' to run pts to create a foreign principal.
Tue Nov 26 1996
* lib/otp/otp_challenge.c: Initialize error string and check for
NULL from strdup.
* lib/roken/mini_inetd.c: Initialize `sin_family'
* appl/kpopper/pop_init.c: Add `-p' option and make `-a'
auth-style
* appl/bsd/rshd.c: Add `-p' option.
* appl/bsd/rlogind.c: Handle `-p' correctly.
* appl/bsd/login.c: Removed confusing initialization of
`login_timeout'
* appl/kpopper/pop_dropinfo.c: Remove white-space at the beginning
of UIDL-string.
Sun Nov 24 1996
* Release 0.9.3
Sat Nov 23 1996
* kadmin/ksrvutil_get.c: Use `krb_unparse_name_long' Better
defaults.
* lib/krb/krb.h: Added *_to_key
* lib/krb/get_svc_in_tkt.c (srvtab_to_key): Make public
* kadmin/kadmin.c (do_init): `-p' is a synonym for `-u'
(do_init): more logical defaults
(help): removed old code
better error messages
* lib/krb/get_in_tkt.c (passwd_to_key, passwd_to_afskey): Export
and remove functionality for reading passwords.
* lib/sl/sl.c: Nicer help output.
* lib/otp/otp_challenge.c: Initialize `challengep'
* lib/krb/Makefile.in: Removed get_pw_tkt.c
Fri Nov 22 1996
* lib/auth/sia/sia.c: Now compiles under Digital UNIX 4.0.
Wed Nov 20 1996
* lib/auth/pam/pam.c: Chown ticketfile to correct GID.
Tue Nov 19 1996
* appl/kx/rxtelnet.in: Try to set the screen number as well.
* Be careful not to thrust `h_length' from gethostby{name,addr}
* appl/bsd/rcmd_util.c (ip_options_and_die): New function.
* configure.in: moved headers before functions.
call AC_PATH_XTRA_XTRA.
Add strchr, index, rindex, and strrchr to AC_CHECK_FUNCS.
remove strchr and strrchr, add strtok_r from/to AC_BROKEN.
* aclocal.m4 (AC_PATH_XTRA_XTRA): New macro.
* aclocal.m4 (AC_FIND_FUNC, AC_FIND_FUNC_NO_LIBS): Two new
arguments: includes and arguments)
* configure.in: Need to supply arguments and includes to test for
`res_search' and `dn_expand'
* lib/kafs/afssys.c (k_setpag): Handle AFS_SYSCALL3
* Use `k_getpw{nam,uid}' instead of getpw{nam,uid}.
* Replace lots of `strtok' with `strtok_r'.
* lib/sl/sl.c: Allow unlimited number of arguments. Use
`strtok_r' to divide up string into arguments.
* lib/roken/roken.h: Added `strtok_r'
* configure.in: Test for `strtok_r'
* include/Makefile.in: Don't build in ss
* Makefile.export: Fixed ChangeLog-generation
* lib/sl/sl.c: Let `readline' to the \n-removal. Handle empty
lines. Don't store empty lines in the history.
Mon Nov 18 1996
* lib/sl/sl.c: Use readline compatible i/o.
* lib/otp/otp_locl.h: Changed location of otp database to /etc
* appl/otp/Makefile.in: Install otp setuid root.
* util/Makefile.in: don't build SS
* lib/sl: New directory.
* kadmin/kadmin.c: Replaced SS by SL.
Sun Nov 17 1996
* kadmin/kadm_funcs.c: Improved log messages.
* Use KRB_TICKET_GRANTING_TICKET.
* server/kerberos.c: Don't do any special logging when running as
slave.
* Lots of files: remove unnecessary `(void)'
* Lots of files: remove unnecessary `register' declaration.
* lib/krb/get_host.c: Only keep list of hosts from requested
realm.
* man/otpprint.1, otp.1: New files.
* appl/otp/otp.c: `-s' is now default.
* appl/otp/otp.c: removed count
* lib/des/destest.c: more general quad_cksum test.
* lib/otp/otp_print.c (otp_print_stddict_extended,
otp_print_hex_extended): New functions.
* lib/otp/otptest.c: New file.
* appl/ftp/ftpd/ftpd.c: Change default auth level to what was
formerly known as `user'.
* appl/ftp/ftpd/ftpd.c: Orthogonalize arguments to -a
* appl/kip/kip.c: Try all addresses we get back from the name
server.
* kadmin/kpasswd.c: updated to new functions.
* lib/otp/otp_db.c (otp_db_open): Do a few retries. Unlock in
case this file cannot be opened.
* doc/kth-krb.texi: New chapter about OTPs.
* appl/otp/otpprint.c, appl/otp/otp.c: Use OTP_ALG_DEFAULT.
Consistent language Check return value from des_read_pw_string.
* lib/otp/otp.h: Add OTP_ALG_DEFAULT
* lib/krb/parse_name.c: New function krb_parse_name
Sat Nov 16 1996
* appl/bsd/login.c: removed S/Key.
Added OTP with option `-a otp'
Reorganized verification loop.
* appl/bsd/Makefile.in (login): Remove skey and add OTP
* configure.in: Test for `uid_t' and `off_t'
* appl/telnet/telnetd/telnetd.c: Removed `-s' for securID and
added `-a otp' for OTP.
* appl/kpopper: removed s/key and added OTP support. Updated
man-page.
* lib/otp/otp.h: more fields in the struct and a new function.
* appl/ftp/ftpd/ftpd.c: Full OTP support.
* appl/kx/rxterm.in: Add options: -l username, -r args_to_rsh, and
-x args_to_xterm
* appl/kx/rxtelnet.in: Add options: -l username, -t
args_to_telnet, and -x args_to_xterm
* man/kx.cat1: regenerated
* man/kx.1: Added `-l' option.
* appl/kx/kxd.c: Accept username from `kx'
* appl/kx/kx.c: Introduced option `-l user' to be able to login as
some other user.
Fri Nov 15 1996
* appl/kx/kx.c: Print out display and not display_nr
* lib/auth/Makefile.in: Fix the case with empty SUBDIRS.
* */Makefile.in: Use $(LN_S) instead of ln -s
* */Makefile.in: Add @SET_MAKE@
* doc/latin1.tex: New file.
* doc/kth-krb.texi: Use latin1.tex to be able to use one letter
that some bear seem to think is important.
* doc/kth-krb.texi: Added acknowledgements.
* lib/auth/Makefile.in: Only build relevant subdirectories.
* configure.in: Set @LIB_AUTH_SUBDIRS@ to the subdirectories of
lib/auth that should be built.
* lib/kafs/afssys.c: Only get tokens for each cell once.
Thu Nov 14 1996
* man: Added man pages for movemail(1) and kerberos(8).
* kadmin/kadmin_cmds.ct: Add `add' for add_new_key and `passwd'
for change_password.
* lib/krb/logging.c: Now actually compiles!
* config.{guess,sub}: Merge changes from Autoconf
* lib/krb/{recv,send}auth.c: Don't return errno if there is a
system error.
Wed Nov 13 1996
* util/ss/Makefile.in: Now even compiles with BSD make!
* appl/kx: Now send the complete display from `kxd' to `kx'. This
should enable it to work better with Xlibraries that don't support
unix sockets.
* kuser/klist.c: conditionally include <sys/ioctl.h> and
<sys/ioccom.h> before <kafs.h>
* lib/krb/resolve.h: Add fallback for `T_TXT'.
* appl/otp/otp.c: removed print-functionality.
* appl/otp/otpprint.c: New file.
* appl/otp/Makefile.in: New program `otpprint'
* lots of Makefile.in: Now should be possible to build with makes
that have broken VPATH-handling.
* configure.in: Always replace REAL_SHARED & c:o so that some
libraries may be built as shared.
Removed unused AC_SUBST.
Only build afskauthlib on irix.
* lib/auth/afskauthlib/Makefile.in, lib/auth/sia/Makefile.in,
lib/auth/pam/Makefile.in: Always build as a shared library.
* appl/kx/rxtelnet.in, appl/kx/rxterm.in: export PATH (from
<jas@pdc.kth.se>).
* lib/krb/{pkt_cipher,fgetst}.c: Removed
* lib/krb/name2name.c: Renamed k_name_to_name to krb_name_to_name
Mon Nov 11 1996
* appl/telnet/telnetd/sys_term.c: Really remove bad stuff from
environment.
Fri Nov 8 1996
* appl/bsd/rlogind.c (main): `portnum' should be int.
* appl/bsd/sysv_environ.c: Use _PATH_ETC_ENVIRONMENT
* appl/bsd/pathnames.h: _PATH_ETC_ENVIRONMENT: new
* lib/krb/get_host.c (srv_find_realm): New parameter `service'
* lib/krb/unparse_name.c: New function.
Tue Nov 5 1996
* lib/auth/pam/pam.c: Add PAM Kerberos module.
Mon Nov 4 1996
* configure.in: configure in lib/auth/afskauthlib
* lib/kafs/afssys.c: New function `k_afsklog_uid'.
* lib/auth/afskauthlib: New library that works like
`afskauthlib.so' from Transarc.
*lib/krb/get_host.c, lib/krb/getrealm.c, lib/kafs/afssys.c: Use
dns_lookup().
* lib/krb/resolve.c (dns_lookup): Replaced several different
resolver functions with one more generalized.
Sun Nov 3 1996
* Add check target in lib/krb.
* appl/bsd/login.c (main): Sleep 10 seconds before bailing out so
that there is a chance of reading the error message.
* appl/bsd/rsh.c (main): When invoked as rlogin equivalent change
to real uid before execing rlogin.
Sat Nov 2 1996
* appl/bsd/utmp_login.c: Do the right thing on systems where
UTMPX_DOES_UTMP_LOGGING is defined.
* lib/krb/krb.h: names for `krb_kuserok' prototype
* lib/krb/get_host.c: Add tcp/kerberos.REALM as well.
* appl/bsd/su.c: Replace call to `kuserok' by `krb_kuserok'.
* lib/otp/otp_parse.c: Add support for parsing extended responses
(draft-ietf-otp-ext-01).
* lib/otp/otp.h: Define OTP_HEXPREFIX and OTP_WORDPREFIX.
* appl/otp/otp.c: Add option `-e' for printing responses in
extended mode (according to draft-ietf-otp-ext-01.txt).
* lib/krb/kuserok.c: Function krb_kuserok now takes name,
instance, realm rather than an AUTH_DAT.
Fri Nov 1 1996
* lib/auth/sia: Add SIA Kerberos module.
* lib/roken/roken.h: Need to include signal.h prior to defining
SIG_ERR.
* appl/bsd/utmpx_login.c (utmpx_update): Minor restructuring for
simplified maintainability.
* appl/bsd/utmp_login.c (utmp_login): Even when there are utmpx
files on this system we should also log to the utmp files. If
there are no utmp files we of course don't have to log to them.
* Makefile.export: now generate PROBLEMS and COPYRIGHT as well.
* PROBLEMS, COPYRIGHT, doc/kth-krb.info: removed
* doc/kth-krb.texi: Put copyrights in marketing order.
* appl/kpopper/popper.h: client and ipaddr should be char [] so
that we can store the names there.
* appl/kpopper/pop_init.c: save copies of addresses that otherwise
get overwritten.
Mon Oct 28 1996
* lib/krb/send_to_kdc.c (send_recv_it): Use `recv' not `recvfrom'
to make winsock happy. Also don't care anymore about from which
address we got the answer since we do a `connect'.
* admin/adm_locl.h, lib/kdb/kdb_locl.h, kadmin/kadm_locl.h,
lib/krb/krb_locl.h, lib/roken/strftime.c, server/kerberos.c: Do
not use #if, use #ifdef.
* configure.in: Test for `rand' and `getuid'
* slave/kprop.c: Don't terminate on trivial errors in slaves-file.
Sun Oct 27 1996
* doc/Makefile.in: Install from source directory if necessary.
* lib/krb/kuserok.c: Do not use `k_getpwnam' in libkrb.
* configure.in: You can't even use `unset', Ultrix sh does not
have it.
* several files: Check status from des_read_pw_string.
* server/kerberos.c: Make sure all data is recieved on a tcp
socket before trying to reply.
* lib/krb/krb.h: Add <time.h> for `struct tm'
* appl/kx/Makefile.in: Both kx and kxd requires @XauWriteAuth@
* configure.in: Fix test for `XauReadAuth'
Fri Oct 25 1996
* lib/krb/get_host.c (init_hosts): Must ntohs(KRB_PORT) on
machines running backwards.
* More consistent use of CRLF in telnet and telnetd.
* Removed redundant -I$(srcsdir)/../../include from compiler args.
* appl/ftp/ftpd/ftpd.c: New option `-a otp' to allow OTPs but no
ordinary passwords in cleartext.
* appl/ftp/ftpd/Makefile.in: Link `ftpd' with -lotp
* lib/Makefile.in: Add otp
* include/Makefile.in: Add otp.h
* configure.in: Test for ndbm.h
Generate Makefiles in lib/otp and appl/otp
* appl/otp: New program to set up and generate OTPs.
* lib/otp: New library for one-time passwords (RFC1938).
* lib/krb/get_host.c (srv_find_realm): Added parameter `proto'
* lib/des/Makefile.in: Add md4 and sha. run `mdtest' from check.
* lib/des/md4.h, lib/des/md4.c, lib/des/sha.c, lib/des/sha.h,
lib/des/mdtest.c: New files.
* appl/kauth/Makefile.in: Make $(libexedir) as well.
Thu Oct 24 1996
* appl/bsd/rlogind.c (setup_term): Actually set the speed of the
terminal.
* appl/bsd/rlogin.c (main): Do a `speed_t2int' before putting the
speed in the TERM variable.
* appl/bsd/rcmd_util.c: New functions: `speed_t2int' and
`int2speed_t'.
* appl/bsd/bsd_locl.h: Added prototype of `speed_t2int' and
`int2speed_t'.
Sun Oct 20 1996
* appl/bsd/login.c: Do `getspnam' before change the UID. Also call
`endspent'
* appl/krbmanager: New program used on PCs by kclient.
* lib/kclient: New library.
* lib/des, lib/krb: Added some PC-specific files.
* doc/kth-krb.info: Regenerated.
* doc/Makefile.in (kth-krb.info): Some stupid makes don't
understand $<
(kth-krb.html): New rule.
* doc/kth-krb.texi (Compiling from source): Added some references
about Socks.
Sat Oct 19 1996
* doc/kth-krb.texi: Added text about ``--with-socks''.
* configure.in: Use `AC_TEST_PACKAGE' for skey and socks.
* aclocal.m4: Replaced `AC_TEST_SOCKS' and `AC_TEST_SKEY' with the
more general `AC_TEST_PACKAGE'.
Fri Oct 18 1996
* configure.in: call AC_TEST_SOCKS
* acconfig.h: SOCKS
* aclocal.m4: Added AC_TEST_SOCKS
* lib/krb/send_to_kdc.c (send_to_kdc): Removed unused `f' and
close.
Thu Oct 17 1996
* man/popper.8: Option `-i'
* appl/kpopper/pop_send.c: clean-up
* appl/kpopper/popper.h: Removed old garbage and added SKEY.
* appl/kpopper/pop_xmit.c: clean up
* appl/kpopper/pop_user.c: SKEY-support
* appl/kpopper/pop_pass.c: Added support for spaces in passwords
and S/Key.
* appl/kpopper/pop_init.c: Moved some variables into struct pop
(main): Added support for `-i'
* appl/kpopper/pop_get_command.c: New command "HELP".
* appl/kpopper/Makefile.in: Add SKEY-stuff.
* lib/krb/get_host.c: Use `k_getportbyname(KRB_SERVICE,...)' as a
default instead of KRB_PORT
* lib/krb/getaddrs.c (k_get_all_addrs): Add
gethostbyname(k_gethostname()) as a fallback.
* lib/krb/k_getport.c (k_getportbyname): proto can be NULL
* lib/krb/krb.h: Only include <sys/types.h> if HAVE_SYS_TYPES_H
* lib/krb/prot.h: KRB_SERVICE: Added
* server/kerberos.c: Replaced linked list with a vector.
Wed Oct 16 1996
* server/kerberos.c: Add support for TCP connections.
* lib/krb/send_to_kdc.c: On stream sockets, use krb_net_read
rather than recvfrom.
Mon Oct 14 1996
* doc/kth-krb.texi: Only use `kdb_edit' to add the initial
`nisse.admin'. Add all other users with `kadmin'.
* doc/kth-krb.info: new file.
* doc/kth-krb.texi: Added some text about kx and ftp.
* appl/ftp/ftpd/ftpcmd.y,
util/ss/ct.y,
util/et/error_table.y :
Added code for handling the case of using `bison' and having no
`alloca'. Alloca is usually never called anyway, so we just use
`malloc'.
* appl/kx/kxd.c: All static variables are now global and in
common.c.
(doit_conn, doit): Turn on TCP_NODELAY.
(create_and_write_cookie, suspicious_address): Moved to common.c
* appl/kx/kx.c (connect_host): Try all addresses of `host'. Turn
on TCP_NODELAY.
(doit): prepare for TCP-only hosts.
(usage,main): add `-t'
(main): Passive mode is possible again.
* appl/kx/kx.h: More #ifdefs for include files. Declarations for
global variables.
* appl/kx/common.c (get_xsockets): Try to chmod
dirname(`X_UNIX_PATH')
(get_xsockets): Turn on TCP_NODELAY on TCP connections.
* doc/Makefile.in: New file
* Makefile.in: Added `doc' to `SUBDIRS'
* configure.in: Generate `doc/Makefile'
Sun Oct 13 1996
* appl/bsd/rcp.c (main): Made rcp AFS aware.
* lib/krb/kuserok.c (kuserok): Act as if luser@LOCALREALM is
always an entry of .klogin.
Sat Oct 12 1996
* appl/kx/rxtelnet.in: Start the `xterm' process correctly.
* lib/des/rnd_keys.c (sumFile): consider the case that `res' is
not longword-aligned.
* lib/krb/get_host.c (parse_address): `getservbyname' should
really get proto = NULL
* lib/krb/send_to_kdc.c (krb_udp_port): removed
(send_to_kdc): removed `addrlist'
* lib/krb/send_to_kdc.c: Support not only UDP.
* lib/krb/get_host.c (krb_get_admhst): Really ask for a admin host
if that's what we want.
Thu Oct 10 1996
* lib/krb/get_host.c: Simplified some code. Added stub-support for
SRV-records.
Wed Oct 9 1996
* appl/kx/rxtelnet.in, appl/kx/rxterm.in: PDC are unable to give
correct instructions to their users and therefore we have to add
strange directories to the PATH.
* appl/kx/rxtelnet.in: Support sending arguments to telnet.
* appl/kx/rxterm.in: rsh can reside in path or %bindir% support
extra arguments to xterm (from <jas@pdc.kth.se>).
* appl/kx/rxtelnet.in: Try to find some kind of terminal emulator
for X.
* appl/kx/rxterm.in, appl/kx/rxtelnet.in: Look for kx in $PATH and
%bindir%.
* appl/kx/common.c (get_xsockets): `mkdir' the correct directory.
From <jas@pdc.kth.se>
* lib/krb/send_to_kdc.c: Changes to allow other than udp port 750
connections.
* lib/krb/get_host.c: rewrite of krb_get_{adm,krb}hst.
Sun Oct 6 1996
* appl/ftp/ftpd/ftpd.c (retrieve): Got rid of `sprintf'.
* configure.in: Fix order for x libs. From <jas@pdc.kth.se>.
Check for `fcntl', `alloca', `winsock.h', and `io.h'.
* lib/krb/krb_locl.h: Check for <io.h> and <winsock.h>
* lib/krb/krb.h: Check for winsock.h
* lib/krb/k_flock.c: Better test for `fcntl' with locking.
* lib/krb/et_list.c: Hopefully correct pragma this time. From
<jas@pdc.kth.se>
Thu Oct 3 1996
* lib/krb/klog.c (klog): Do not forget to print the text.
* lib/krb/log.c (krb_log): Print space after time in log.
Wed Oct 2 1996
* appl/kpopper/popper.h: Add field msg_id to hold Message-Id for
UIDL command.
* appl/kpopper/pop_dropinfo.c (pop_dropinfo): Support for UIDL
command. Saves Message-Id to be used as unique id. Everything is
#ifdef:ed UIDL.
* appl/kpopper/pop_get_command.c: Recognize UIDL command.
* appl/kpopper/pop_uidl.c (pop_uidl): POP3 UIDL command
implementation.
* appl/kpopper/Makefile.in: New file pop_uidl.c.
* configure.in: Made some of the tests into macros defined in
aclocal.m4
* appl/telnet/libtelnet/kerberos.c: Given better error message
when user is not authorized to login.
* lib/roken/k_getpwuid.c, lib/roken/k_getpwnam.c: Call `endpwent'.
If we are using a BSD-kind of system we should not leave the
shadow password database open.
* appl/xnlock/xnlock.c: Got rid of all `register' declarations.
* appl/kx/rxterm.in, appl/kx/rxtelnet.in: Use `set --'
Mon Sep 30 1996
* lib/roken/k_getpwnam.c, lib/roken_k_getpwuid.c: Call `endspent'
to try to close the shadow password file.
* appl/ftp/ftpd/ftpd.c (retrieve): Cut the argument to the command
and the first character of the extension.
* lib/krb/send_to_kdc.c: Sun doesn't have any strerror so we can't
use that here. We are only printing debug messages anyway, so
just print errno for now.
* appl/kx/rxtelnet.in: Now using SIGUSR2.
* appl/kx/kx.c: Now using SIGUSR1 to mean `exit when number of
children goes down to zero'. SIGUSR2 is `exit when number of
children is equal to zero'.
* appl/xnlock/xnlock.c: More fixup of old code.
* appl/ftp/ftpd/ftpd.c: Only call `filename_check' for guest
users.
* configure.in: Added tests for more header files. Also added
more ifdefs when actually including those files.
* appl/kx/Makefile.in: Do not build programs if we have no X11.
Sun Sep 29 1996
* appl/xnlock/xnlock.c (main): Support for shadow passwords.
* lib/roken/k_getpwuid.c: New file, better support for shadow
passwords.
* appl/telnet/Makefile.in: Use SET_MAKE
* appl/ftp/ftpd/ftpcmd.y: Remove access to several commands for
anonymous users.
* lib/krb/get_krbhst.c: Look for kerberos-#.realm.
* appl/ftp/ftpd/popen.c: Execute files from ~ftp if possible.
* appl/ftp/ftpd/ftpd.c: Add find site command.
* appl/ftp/ftpd/ftpd.c: Add special handling of nonexistant files
with extensions {,.tar}{,.gz,Z}.
Sat Sep 28 1996
* configure.in: Check for sys/times.h, sys/param.h, and
sys/timeb.h
* lib/des: autoconfed a little to make it compile.
* lib/roken/roken.h: Add `max', `min', and definitions for broken
syslogs.
* appl/bsd/bsd_locl.h: Removed SYSLOG-garbage and max.
* appl/kx/kx.h: Remove prototype of childhandler.
* appl/kx/common.c: Remove childhandler. Not common any more.
* appl/kx/rxterm.in: Send SIGUSR1 to kx before starting xterm.
* appl/kx/rxtelnet.in: Send USR1 to kx at appropriate moment.
* appl/kx/kx.c: Die after receiving SIGUSR1 and when number of
children goes to zero.
* lib/roken/roken.h: Add STDERR_FILENO
* lib/roken/mini_inetd.c (mini_inetd): Also dup onto stderr.
* lib/kafs/Makefile.in (afslib.so): Change argument so they work
with `ld' instead of `cc'
* appl/kx/kxd.c: writeauth.c as separate file.
* appl/kx/kx.c: `-d' option to disable forking.
* appl/kx/Makefile.in: Compile and link writeauth.c if necessary.
For some stupid reason $< does not work correctly in BSD make.
Use $(srcdir) instead.
* appl/ftp/ftp/ftp_locl.h: Only include <roken.h> once.
* configure.in: Use strange X flags when looking for XauReadAuth.
Add XauWriteAuth if we need to include it.
Fri Sep 27 1996
* appl/sample: Sample programs work again.
* appl/kx/kxd.c (main): use `mini_inetd'
* appl/kx/kx.c: Use KX_PORT
* appl/kx/kx.h: Remove SOMAXCONN and add KX_PORT
* appl/kauth/kauthd.c (main): use `mini_inetd'
* appl/ftp/ftpd/ftpd.c: Removed `conn_wait' and use `mini_inetd'
instead.
* appl/bsd/bsd_locl.h: Prototypes for `get_shell_port' and
`get_login_port'
* appl/bsd/rcmd_util.c: New file.
* appl/bsd/Makefile.in: Added rcmd_util.c
* appl/bsd/rcp.c: Moved `get_shell_port' to rcmd_util.c
* appl/bsd/rsh.c: Moved `get_shell_port' to rcmd_util.c
* appl/bsd/rlogind.c (main): Use `mini_inetd'
* appl/bsd/rshd.c (main): Add support for interactive mode with
`-i'.
* appl/telnet/telnetd/telnetd.c (main): use `mini_inetd'
* lib/roken/roken.h: Added prototype for `mini_inetd', and
fallback definitions for SOMAXCONN, STDIN_FILENO, and
STDOUT_FILENO.
* lib/roken/Makefile.in: Added mini_inetd.o
* lib/roken/mini_inetd.c: New file.
Thu Sep 26 1996
* appl/kx/kxd.c (doit): read port number in ascii.
* appl/kx/kx.c (doit): write port number in ascii.
* appl/kauth/rkinit.c (doit_host): Check return value from
`read_encrypted'.
* appl/kauth/kauthd.c (doit): Removed unnecessary sprintf's before
syslog.
* lib/krb/krb_get_in_tkt.c (krb_get_in_tkt): Return error code
from `tf_create' and not always INTK_ERR.
* lib/krb/tf_util.c (tf_create): Correct check for return value
from `open'.
* lib/des/rnd_keys.c (des_rand_data): Try /dev/urandom as well.
Wed Sep 25 1996
* appl/afsutil/pagsh.c (main): One-of error hopefully fixed this
time.
* configure.in: Add test for <sys/un.h>
* kadmin/Makefile.in: Add back $(CRACKLIB)
Mon Sep 16 1996
* appl/kx/Makefile.in: Create rxterm and rxtelnet at compile time.
* kstring2key moved to appl/afsutil.
Sun Sep 15 1996
* appl/kx/kx.c (main): For now always use passive mode. That's
the only thing that has been tested and not a lot of people are
going to use non-passive anyways.
* appl/kx/kx.c (connect_host): write display_number in ascii.
* appl/kx/kxd.c (doit): read display_number in ascii.
* appl/kx/common.c (get_local_xsocket): Generate the
/tmp/.X11-unix directory with the sticky bit set.
* configure.in: Generate appl/kx/rxterm and appl/kx/rxtelnet.
* appl/kx/Makefile.in: Install rxterm and rxtelnet.
* appl/kx/rxterm.in, appl/kx/rxtelnet.in: New files.
* appl/kx/common.c (get_local_xsocket): try to bind the socket
instead of checking for existence with lstat.
* appl/kx/kxd.c: Detect remote termination and cleanup on exit.
Sat Sep 14 1996
* lib/des/rnd_keys.c: Hack for systems that lack setitimer (like
crays).
* appl/kx/kxd.c (doit): Send over the display number and the
authority file actually used to kx.
(create_and_write_cookie): New function to generate and write into a
file a local cookie used between this pseudo-server and the
clients on this host.
(start_session): New function to check and remove the local cookie
before the data is sent over to `kx'.
* appl/kx/kx.c (display_num, xauthfile): New variables. Now `kx'
prints out the values of those two variables and then goes to the
background to enable some script to set these on the other host.
(start_session): New function that adds a local cookie before sending
the rest of the connection to the local X-server.
(main): Also recognize "unix" as a local DISPLAY.
* appl/kx/kx.h: <X11/Xauth.h> used.
(get_local_xsocket): Changed parameter.
* appl/kx/common.c (get_local_xsocket): Now try to allocate the
first free socket in /tmp/.X11-unix. Also `mkdir' this directory
first. Return the number of the display opened.
* appl/kx/Makefile.in: Added X libraries.
* lib/des/des.h: Added prototype for `des_rand_data'.
* lib/des/rnd_keys.c: Made `des_rand_data' non-static. This
function is useful and now even used.
Wed Sep 11 1996
* appl/bsd/login.c: Use k_afs_cell_of_file() to get tokens for the
cell of the home catalog rather than the local cell.
* lib/kafs/afssys.c: Add k_afs_cell_of_file.
Tue Sep 10 1996
* appl/telnet/telnetd/telnetd.c, appl/telnet/telnetd/sys_term.c:
Removed all convex code.
Mon Sep 9 1996
* appl/telnet/telnetd/termstat.c: UNICOS5: removed
* appl/telnet/telnetd/telnetd.c, appl/telnet/telnetd/sys_term.c:
NEWINIT, UNICOS7x, UNICOS5: removed
STREAMSPTY: added variable `really_stream' Now able to handle the
case where the OS supports stream ptys but we run out of them and
start using ordinary BSD ones.
* appl/telnet/telnetd/state.c: UNICOS5: removed
* appl/telnet/telnetd/pathnames.h: BFTPPATH: removed
* appl/telnet/telnetd/ext.h, appl/telnet/telnetd/global.c:
BFTPDAEMON: removed.
UNICOS5: removed.
* appl/telnet/telnetd/ext.h: STREAMSPTY: added variable
`really_stream'.
* lib/krb/stime.c (krb_stime): argument should be `time_t'.
lib/krb/krb_locl.h: changed prototype.
Sun Sep 8 1996
* configure.in: Also generate `appl/sample/Makefile'
* appl/Makefile.in: Use @SET_MAKE@.
Include sample
* lib/krb/Makefile.in: Add krb_stime, krb_mk_auth, and
krb_check_auth.
* util/et/compile_et.c (main): Include <foo.h> in foo.c
* slave/kprop.c: exit with return code == 1 to indicate failure.
* server/kerberos.c (usage): Fixed usage string.
* lib/krb/tkt_string.c (tkt_string): Removed bogus extern
declaration of `getuid'.
* lib/krb/tf_util.c (tf_save_cred): Removed bogus extern
declaration of `lseek'.
* lib/krb/stime.c (stime): Renamed to `krb_stime'
* lib/krb/sendauth.c (krb_sendauth): reimplemented using
`krb_mk_auth' and `krb_check_auth'.
* lib/krb/send_to_kdc.c (send_recv): Removed stupid cast.
* lib/krb/recvauth.c: Removed KRB_SENDAUTH_VERS
* lib/krb/prot.h: create_auth_reply: correct prototype.
krb_create_death_packet: ditto.
KRB_SENDAUTH_VERS: moved here from sendauth.c and recvauth.c
* lib/krb/month_sname.c: Made `month_sname' const.
* lib/krb/mk_req.c: Remove stupid `register'
* lib/krb/log.c (krb_log): Use `krb_stime'
* lib/krb/kuserok.c (kuserok): Nightmare Filesystem might return
ESTALE. Treat it the same way as ENOENT.
* lib/krb/krb_locl.h: Added prototype for `krb_stime'
* lib/krb/krb_check_auth.c: New file with `krb_check_auth',
implemented for compatibility with CNS.
lib/krb/krb_mk_auth.c: Ditto.
* lib/krb/krb.h: Removed duplicate declarations of `get_request'
and `krb_get_admhst'.
Added declarations for `krb_mk_auth' and `krb_check_auth'.
* lib/krb/kparse.h: removed prototype for `strsave'
* lib/krb/kparse.c (fGetParameterSet): Use `strdup' instead of
`strsave'.
(strsave): Removed.
* lib/krb/kname_parse.c: Removed stupid `register' declarations.
* lib/krb/klog.c (klog): Use `krb_stime'
* lib/krb/get_phost.c: Handle the case where the name has no dots
in it by just returning it as-is.
* lib/knet/Imakefile, lib/knet/getkdata.c, lib/knet/phost.c,
lib/knet/sendkdata.c: removed unused files.
* lib/kadm/kadm_cli_wrap.c (kadm_init_link): use `k_getportbyname'
* kadmin/ksrvutil_get.c (get_srvtab_ent): Erase the key if
something goes wrong. Include realm in the message when writing a
key.
(parseinput): New function that removes quotes and backslashes
from input.
(ksrvutil_get): Use `parseinput' to read input.
* kadmin/ksrvutil.c (safe_read_stdin): Correct use of printf.
Removed bogus casts and fflush of stdin.
(main): Use `return' instead of `exit'.
* kadmin/kpasswd.c (main): Use `return' instead of `exit'.
* kadmin/admin_server.c: exit with return code == 1 to indicate
failure.
* appl/sample/sample_server.c: Rewrote to use all new functions.
* appl/sample/sample_client.c: Rewrote to use all new functions.
* appl/sample/sample.h: new file.
* appl/sample/Makefile.in: new file.
* appl/movemail/pop.c (socket_connection): use `k_getportbyname'
* appl/kpopper/pop_init.c: exit with return code == 1 to indicate
failure.
* appl/kauth/kauth.c (doexec): new-style definition. ret should
be a `pid_t'.
(main): new-style definition. Use `prog' instead of `argv[0]'
* appl/ftp/ftp/extern.h: Removed unused `abortsend'
* appl/ftp/Makefile.in: Use @SET_MAKE@
* appl/bsd/rsh.c: get_shell_port: use `k_getportbyname'
* appl/bsd/rlogin.c: get_login_port: use `k_getportbyname'
* appl/bsd/kcmd.c: Removed bogus casts to `caddr_t'
* admin/kstash.c: Removed bogus flushing of stderr. Replaced lots
of `exit(-1)' by `return 1'
* admin/kdb_util.c: Removed unused variable `aprinc'.
Removed bogus flushing of stderr.
Replaced lots of `exit(-1)' by `return 1'.
* admin/kdb_edit.c, admin/kdb_init.c: use `return' instead of
calling `exit' and use 1, not -1, for failure.
* Makefile.in: Use @SET_MAKE@
* aclocal.m4: AC_NEED_PROTO: need macro to determine if we need to
define a prototype for a function.
* configure.in: Reordered. Removed unused stuff. Start using
AC_NEED_PROTO.
* config.guess: merged in FSF version from 960908.
Tue Sep 3 1996
* include/protos.H: Added optarg, opterr, optind, optopt and
(fclose under Sunos 4). Removed these declarations from lots of
other files.
* acconfig.h: Add undefs for h_errno, h_errlist, optarg, optind,
opterr, and optopt.
* configure.in: Use `AC_NEED_DECLARATION' for h_errno, h_errlist,
optarg, optind, opterr, and optopt.
* aclocal.m4: New macro `AC_NEED_DECLARATION' to figure out if we
need to have an external declaration of a variable.
Mon Sep 2 1996
* lib/krb/krb.h: Removed unused `req_act_vno' and `k_log'.
Changed all callers.
* lib/krb/krb.h: Removed definition of `MAX_HSTNM'.
* lib/krb/send_to_kdc.c: Removed use of `MAX_HSTNM'.
* appl/afsutil/pagsh.c: Some reformatting and fixed the off-by-one
args bug.
Sat Aug 31 1996
* lib/krb/{send_to_kdc.c, getrealm.c}, appl/xnlock/xnlock.c,
appl/kauthkauth.c, appl/bsd/{rshd.c,rlogind.c}: Removed '#if 0'-ed
code.
* lib/krb/get_in_tkt.c: Removed '#if 0'-ed code and now compiles
with NOENCRYPTION.
* kadmin/ksrvutil.c: Now compiles with NOENCRYPTION.
* appl/ftp/ftpd/ftpcmd.y: Throw away passwd after use.
* appl/ftp/ftpd/ftpd.c: Fixed old comment.
* slave/kpropd.c: s/sa_len/salen/ Irix has a #define for sa_len.
* lib/kdb/krb_dbm.c: If key->dptr is not a `char *' we have to
cast it before adding to it.
* configure.in: Old test for `sa_len' in `struct sockaddr' fails
on IRIX 6.2. Try to compile a program refering to that field
instead of grepping for it in <sys/socket.h>.
* appl/bsd/kcmd.c: Removed old and broken code.
* configure.in: Check for `gethostname', `uname', and
<sys/utsname.h>
* lib/krb/k_gethostname.c: Try to use `uname' if we have no
`gethostname'.
* appl/ftp/ftpd/klogin.c: Incorrect use of `gethostname' replaced
by correct use of `k_gethostname'.
* lib/roken/verify.c: Change name verify_unix_user ->
unix_verify_user in analogy with krb_verify_user.
Fri Aug 30 1996
* appl/xnlock/Makefile.in: Install man-page.
* configure.in, */Makefile.in: Replace `-shared' with some other
option when not using gcc.
* lib/kafs/afssys.c: Do not start by checking if we have AFS in
`k_afsklog'.
* appl/bsd/rlogin.c: More kludges to make it work with rlogin on
linux: Do not select for an exceptional condition on `rem' after
having received EINVAL.
Also rewrote ifndef NOENCRYPTION stuff.
* appl/bsd/rlogind.c: More kludges to make it work with rlogin on
linux: Only send oob data just after having sent normal data to
make sure we never send two consecutive bytes of oob data.
Also rewrote ifndef NOENCRYPTION stuff.
Thu Aug 29 1996
* lib/kafs/Makefile.in: Use `ld' instead of `cc' for linking
afslib.so. Not everybody has cc.
Wed Aug 28 1996
* Release 0.9.2a
Mon Aug 26 1996
* appl/bsd/login.c: Clean-up. Made static a lot of functions and
variables. Rewrote some function definitions to ANSI-style.
* appl/bsd/sysv_environ.c: KRB4_MAILDIR may and may not contain a
trailing slash. We need to be very careful to make sure the
contents of $MAIL does not contain two, because RMAIL in emacs
uses it and emacs is no friend with double slashing.
* lib/kafs/afssys.c (k_afsklog_all_local_cells): Now should return
correct value.
Sun Aug 25 1996
* Release 0.9.2.
Sat Aug 24 1996
* lib/roken/hstrerror.c: Check for h_errlist prototype.
Thu Aug 22 1996
* lib/krb/send_to_kdc.c, etc/services.append, server/kerberos.c:
Changed `kerberos' to `kerberos-iv' now that it has been
registered with IANA.
* man/rshd.8, man/rlogind.8: updated documentation of `-a'
* lib/roken/roken.h: Added declaration of `h_errno'
* kuser/Makefile.in: Link kdestroy with KRB_KAFS_LIB
* appl/kauth/kauth.h: Stupid declarations for syslog.
* appl/kauth/kauthd.c: syslog errors and success.
* include/protos.H: Removed `h_errno', now in roken.h Declare
`getusershell' under solaris.
* configure.in, acconfig.h: Figure out if we have to declare
`h_errno'.
* appl/ftp/ftp/kauth.c: Added support for afs_string_to_key.
Wed Aug 21 1996
* lib/kafs/afssys.c: Look for AFS database servers in dns also.
* lib/kafs/afssys.c: Add support for a ~/.TheseCells-file.
Sun Aug 18 1996
* appl/bsd/rlogind.c: Removed unused `check_all' variable. Use
`inaddr2str'.
* appl/bsd/rshd.c: Use `inaddr2str'.
* appl/bsd/iruserok.c: Removed potential buffer overrun after
`gethostbyaddr'.
* lib/roken/inet_aton.c: Some const-ness.
* lib/roken/Makefile.in: Add `inaddr2str.o'.
* appl/ftp/ftpd/ftpd.c: Use `inaddr2str'.
* lib/roken/inaddr2str.c, lib/roken/roken.h: New function
`inaddr2str' to convert an IP address into a verified hostname or
a string of the form x.y.z.a
* lib/krb/{krb_locl.h, krb.h, k_name_to_name.c, k_getsockinst.c,
getrealm.c}: Some const-ness.
* appl/bsd/bsd_locl.h: Removed another prototype for `crypt'.
* appl/kpopper/popper.h: Some const-ness to get rid of a warning.
* appl/bsd/rshd.c: Always check reverse mapping. Removed
`local_domain' and `top_domain'. Added some const-ness.
Sat Aug 17 1996
* include/Makefile.in: Removed VPATH. With it this makefile does
not work correctly.
* lib/krb/rw.c, lib/krb/krb_locl.h: Changed parameters to
`krb_{get,put}'-functions to void *.
* include/protos.H: Add `getusershell' in solaris.
* appl/kauth/kauthd.c, appl/bsd/{rlogin.c,rlogind.c}: Less
warnings because of arguments to `setsockopt'.
* lib/roken/roken.h: Fixed prototype of `inet_aton'
Wed Aug 14 1996
* lib/roken/verify.c: Use <crypt.h> if there is one.
* lib/kafs/Makefile.in: AFS_EXTRA_LIBS is always called
`afslib.so'. Otherwise some makes get upset when there is no such
library to be made.
* appl/telnet/telnetd/telnetd.h: <protos.h> are needed to get
prototype for `ptsname'.
* appl/bsd/rlogind.c, appl/kpopper/pop_dropinfo.c,
appl/telnet/libtelnet/{auth.h,enc_des.c,kerberos.c},
appl/telnet/telnet/utilities.c, appl/telnet/telnetd/{sys_term.c,
telnetd.h, kadmin/admin_server.c, kuser/klist.c,
lib/kdb/{krb_cache.c, krb_dbm.c}, lib/krb/{fgetst.c, getst.c,
log.c, tf_util.c}: Include type `int' on all definitions and
remove unnecessary `register'.
* appl/bsd/login_access.c: Fix parameter declaration to
`netgroup_match'.
* appl/bsd/forkpty.c, include/protos.h: s/__sgi__/__sgi//g
* admin/kdb_util.c: Use `errno' for error message instead of
uninitialized variable.
Tue Aug 13 1996
* appl/kauth/rkinit.c: Default port should be the same in kauth
and kauthd.
Sun Aug 11 1996
* configure.in: Added `AC_REVISION'
* slave/kpropd.c: Cleaned up structure. Now returns useful value.
* lib/roken/verify.c: Broken OSes need declartion of `crypt'.
* lib/roken/roken.h: Added prototype for `verify_unix_user'.
* lib/krb/lsb_addr_comp.h: Added prototype for `lsb_time'.
* lib/krb/{get_admhst.c, get_default_principal.c, get_krbhst.c,
get_krbrlm.c, getrealm.c, realm_parse.c} : Check for buffer
overwrite correctly.
* lib/krb/rw.c, lib/krb/krb_locl.h: Prepended `krb_' to `get_int',
`put_int', `get_address', `put_address', `put_string',
`get_string', `get_nir', and `put_nir'. Changed all callers.
* lib/kdb/krb_db.h: Added prototype for `kerb_delete_principal'
and `kerb_db_delete_principal'.
* lib/kadm/kadm_cli_wrap.c: Removed unused variable.
* appl/telnet/telnetd/telnetd.c: Changed bogus `strncpy' to
`strcpy'.
* appl/bsd/su.c: Fixed error messages from execv.
* appl/bsd/rlogin.c: Fixed potential buffer overrun when reading
"TERM".
Thu Aug 8 1996
* appl/telnet/telnet/commands.c, appl/kauth/rkinit.c: Replaced
`herror' by `hstrerror'.
* appl/bsd/login.c: chmod the tty so that it is writable for group
tty.
* configure.in: Use AC_FIND_IF_NOT_BROKEN for herror and
hstrerror.
* aclocal.m4: New macro `AC_FIND_IF_NOT_BROKEN'
* config.guess: Add 686
Tue Aug 6 1996
* lib/krb/getrealm.c: Fallback for `T_TXT'
* configure.in: Look for `res_search' and `dn_expand' in
libresolv.
Mon Aug 5 1996
* */Makefile.in: Add Id to those missing it.
* configure.in: Small fix in comment.
* Release 0.9.1.
* appl/ftp/ftpd/ftpcmd.y: s/timeout/ftpd_timeout/
* appl/kstring2key/kstring2key.c: `usage' changed to void.
* lib/krb/mk_req.c: `build_request' changed to void.
* appl/ftp/ftp/ftp_locl.h: Changed order of includes.
* appl/bsd/login.c, appl/ftp/ftpd/*: s/timeout/login_timeout/
* lib/kafs/afssysdefs.h: undef AFS_SYSCALL if we are defining it.
Sun Aug 4 1996
* lib/kafs/afssys.c: AIX systems will now correctly (I hope)
detect whether AFS is loaded or not. This is currently a bit
kludgy, and involves loading an external shared library,
afslib.so, which can be put in athena/lib or pointed to with
environment variable AFSLIBPATH. This is only tested on AIX 4
(due to lack of an AIX 3 system).
* lib/krb/getrealm.c: Range-check the result from the DNS.
* lib/krb/get_krbrlm.c: Try to use the DNS to find out which realm
this host belongs to.
* kadmin/ksrvutil_get.c: Fixed error message.
* lib/kafs/*: Fix aix/afs brokenness.
* lib/kadm/kadm_stream.c (stv_string): Range check.
Fri Jul 26 1996
* appl/ftp/common/{ftp,ruserpass}.c: Less bogus domain name
handling.
Mon Jul 22 1996
* lib/krb/mk_req.c: Use encrypt_ktext()
* configure.in, lib/kafs/afssys.c: Add option to exclude AFS
support (this is useful only on AIX systems that doesn't have
AFS).
* configure.in: Removed configuration from subdirectories.
Sat Jul 13 1996
* appl/ftp/ftp/extern.h, appl/ftp/ftp/ftp.c: Substitute `struct
fd_set' with `fd_set'.
Mon Jul 8 1996
* Makefile.in: install should depend on all.
Sun Jul 7 1996
* appl/bsd/su.c: Allow root to set the uid without entering a
password.
Fri Jul 5 1996
* lib/krb/getrealm.c: Add automatic dns realm search.
Thu Jul 4 1996
* lib/krb/log.c (krb_log): Renamed k_log(...) to krb_log(...) for
compatibility with CNS. There is still a #define k_log krb_log.
* util/et/et_list.c: Hack to resolve _et_list in shared libraries.
Fri Jun 28 1996
* appl/bsd/rlogin.c (reader): If after a select rlogin fails to
read expected OOB data try to read ordinary data before continuing.
* appl/bsd/rlogin.c (oob_real): SunOS5 tty race kludge.
* appl/bsd/rlogind.c: Cleanup oobdata stuff.
Thu Jun 27 1996
* appl/bsd/login.c (main): Also check for complete tty name with
`rootterm'.
* lib/krb/check_time.c: New function `krb_check_tm'.
* lib/roken/tm2time.c: New function `tm2time', mktime generalized
to local timezone and UTC.
* kadmin, admin: Use `tm2time' and `krb_check_time' instead of
`maketime'.
Tue Jun 25 1996
* lib/krb/mk_priv.c (krb_mk_priv): Send correct address.
* appl/kauth/kauthd.c: Set ticket file to some sane default, and
add -i debugging switch.
Mon Jun 24 1996
* appl/xnlock, appl/kauth, appl/telnet/telnetd: Use BINDIR and not
`/usr/athena/bin'.
Wed Jun 19 1996
* appl/bsd/rlogin.c: consistent usage of oob_real.
* appl/bsd/rlogind.c: Do not send oob garbage when running
solaris? Seems that linux is unable to handle the duplicate
urgent data that is the result.
* appl/bsd/rlogind.c: Fix usage.
* appl/bsd/kcmd.c: Don't F_SETOWN.
Mon Jun 17 1996
* lib/krb/rw.c: Add get_address() and put_address().
* appl/telnet/telnetd/telnetd.c: updated usage
* appl/bsd/su.c: Replaced getpass by des_read_pw_string
* appl/bsd/forkpty.c (ptym_open): Removed unused `ptr2'.
* appl/bsd/rlogind.c: Removed unused functions and made others
static.
Sun Jun 16 1996
* Release 0.9.
* appl/ftp/ftpd/ftpd.c: Don't just send data in plain when doing
NLST.
* configure.in: test for setresgid.
* kadmin/ksrvutil_get.c: Fixed byte manipulations of keys.
Sat Jun 15 1996
* lib/des/rnd_keys.c (des_rand_data): At least `srandom'.
* appl/ftp/ftp/cmds.c: Support longer passwords when retrying
login.
* kadmin/admin_server.c, man/kadmind.8, kth-krb.texi: Reading key
file from file is now the default. Use `-m' to enter it manually.
`-n' is currently a no-op.
* appl/ftp/ftpd/ftpd.c: Add S/Key support.
* appl/ftp/ftpd/Makefile.in: Link with S/Key.
* appl/ftp/configure.in: Test for S/key.
* configure.in, aclocal.m4: Moved skey test
to aclocal.m4.
* appl/bsd/login.c: Correct argument to `skeyaccess'.
Fri Jun 14 1996
* lib/krb/verify_user.c: New parameter to specify service key
instance, NULL means "rcmd".
* lots of files: All ticket filenames uses `TKT_ROOT'.
* appl/bsd/rlogind.c: Check for uid == 0 and user != "root".
Tue Jun 11 1996
* appl/kpopper/pop_init.c(pop_init): Got rid of some old ifdef'ed
code.
* lib/kdb/krb_dbm.c: Add macro for `dbm_delete' for the people
that are ndbm challenged.
Mon Jun 10 1996
* lib/krb/kname_parse.c: Got rid of duplicate defintions.
* appl/ftp/ftp/ruserpass.c: Get hostname even if user has no
'.netrc' file.
* lib/kadm, lib/kdb, kadmin: Add database delete operation.
* lib/krb/kname_parse.c: Allow dots in instances.
* appl/bsd/rlogind.c (logwtmp): Only define `logwtmp' if it does
not exist. Log more garbage.
Sun Jun 9 1996
* appl/telnet/configure.in: Check for `logwtmp'.
* appl/ftp/configure.in: Use `AC_FUNC_MMAP'
* appl/bsd/forkpty.c: Removed all ugly pty search stuff from
ptym_open().
* configure.in: Modified the creation of version.h, now actually
shows up with ident.It is now also slightly more keen on creating
a new version.h.
Sat Jun 8 1996
* lib/roken/verify.c: <stdio.h> for NULL.
* appl/xnlock/xnlock.c (leave): Call XCloseDisplay, otherwise
screen saver changes are not updated before closing the X
connection.
* appl/bsd/utmp_login.c: Remove tty-prefix from ut_id; this field
is usually very short.
Fri Jun 7 1996
* slave/kpropd.c: Add option -m to merge rather then load
database.
Thu Jun 6 1996
* admin/kdb_util.c: Add a merge operation. (One day it might be
used to propagate only patches to the database)
Wed Jun 5 1996
* appl/kpopper: Support both POP3 and KPOP3.
* appl/xnlock/xnlock.c: Use `verify_unix_user'
* lib/roken/verify.c: verify_unix_user: New function from xnlock
for checking passwd in `/etc/passwd'.
* appl/telnet/telnetd/sys_term.c: gettimeofday buglet
* slave/kpropd.c: Rewrite of kpropd.
* admin/kdb_util.c: Sanity check on input to load_db.
* slave/kpropd.c: Use default value for fname.
* slave/kprop.c: Use some sane default values for data_file and
slaves_file.
* admin/kdb_util.c: If there isn't any database when loading,
create an empty one.
Mon Jun 3 1996
* appl/telnet/telnetd/sys_term.c: Somewhat changed the way utmpx
entries are created. It should now work on both Solaris and IRIX,
without stale login information.
Sat Jun 1 1996
* lib/krb/k_gethostname.c (k_gethostname): Fallback.
* lib/krb/send_to_kdc.c (send_to_kdc),
kadmin/kadm_ser_wrap.c (kadm_ser_init),
slave/kprop.c (prop_to_slaves),
slave/kpropd.c (main): Use `k_getportbyname'.
Fri May 31 1996
* Lots of files: more #includes ifdefad and cleaned up.
Thu May 30 1996
* Lots of files: Replaced bcopy/bzero/bcmp with
memcpy/memset/memcmp.
* lib/krb/get_default_principal.c: Use getlogin() if it is the BSD
variant that actually gives some information.
* lib/krb/create_ticket.c: Write correct address byteorder.
* lib/kadm/kadm_stream.c,kadm_cli_wrap.c: Don't assume int32_t is
four bytes.
* kadmin/kpasswd.c: Allow principal without -n.
* kadmin/kadmin.c: Use krb_get_default_principal.
* appl/ftp/ftpd/ftpd.c: Fix bare newline bug.
* appl/bsd/rlogind.c: Add -i and -p options to start rlogind from
command line (for debugging).
* INSTALL: Rewritten.
Wed May 29 1996
* appl/ftp/ftp/krb4.c: Handle different sizes of returned
checksum.
* appl/bsd/Makefile.in: Don't install login setuid.
Fri May 24 1996
* appl/bsd/rsh.c: Don't run away yelling if someone calls you
`remsh'.
Sun May 19 1996
* lib/krb/kdc_reply.c: Remove unused function decrypt_tkt. Sanity
check on decrypted ticket.
Wed May 15 1996
* server/kerberos.c: Should work with the new libkrb
* appl/kip: Support more than one tunnel device.
* lib/krb/*.c: All functions that create or decode kerberos
packets have been rewritten. Hopefully, everything still
works. This is to eliminate problems with wierd systems, like
Crays, that doesn't have any two or four byte integers. Some of
these changes could be a lot more pretty, and *many* assumptions
that sizeof(int32) == 4 still exist in the rest of the code,
though.
As a side effect, all packets sent are now in network byte order.
Mon May 13 1996
* configure.in: Shared libraries for Irix
* Several fixes for UNICOS.
* appl/ftp/ftp/krb4.c: Allow default data protection level through
a "prot level" in .netrc. This really should be done in a more
useful manner.
Sun May 12 1996
* appl/xnlock/xnlock.c: Cleaned up user verification code. Now
uses new function krb_verify_user. Also fixed a few problems with
the password prompt box.
* lib/krb/verify_user.c: New function krb_verify_user to verify a
user with kerberos.
* appl/kip: New program for forwarding IP packets over kerberised
connections using tunnel devices.
* appl/kauth/kauth.c, kadmin/ksrvutil.c: Use
krb_get_default_principal
* appl/bsd/rlogind.c: Do not change portnumber to host order if
using kerberos. This will cause the magic
`reverse-time-if-port-is-less-than' to fail.
* lib/des/GNUmakefile: Removed file. This file causes problem
when building in the source directory and when using GNU make
which prefers this file to the generated Makefile.
* appl/bsd/login.c: More careful when handling returned value from
`getspnam'.
Sat May 11 1996
* lib/krb/realm_parse.c: New function to expand a non-complete
realm to its official name, e.g nada -> NADA.KTH.SE.
* lib/krb/get_default_principal.c: New function to guess the
default principal to use. Looks at any existing ticket file first,
then at uid/logname etc.
* kadmin/kadmin.c: Use kname_parse and allow different instances
and realms.
* lib/roken/k_getpwnam.c: New function k_getpwnam that should work
with and without shadow passwords.
* Lots of files: s/getpwnam/k_&/g.
Tue May 7 1996
* lib/des/des_locl.h: DES library updated to version 3.23,
des_locl.h now includes configure.h to get HAVE_TERMIOS etc.
* lib/des/des.h: On the alpha define DES_LONG to unsigned int.
* kuser/kinit.c: Handle passwords longer than 16 characters.
* appl/xnlock/xnlock.c (GetPasswd): Handle longer passwords than
16 characters.
Sun May 5 1996
* Release 0.8.
* appl/ftp/ftpd/kauth.c: Klist command.
* appl/ftp/ftpd: Removed `-g' from calls to ls.
* appl/ftp/ftp/cmds.c (setpeer): Fix so that opening a second
connection to a specified port works.
* appl/telnet/telnet: Default is binary.
* appl: Now build under Ultrix.
* appl/kx: Now even builds on AIX.
Sat May 4 1996
* lib/des: Now merged in libdes 3.21 on main branch.
* appl/ftp/ftpd/logwtmp.c: Slightly different functionality. Works
on systems that has more fields in struct utmp such as OSF/1.
Still some questions about Solaris.
* lib/krb/lsb_addr_comp.c: Now byteorder independent.
* appl/kx: Rewrote kx & kxd to share more code. They are also now
able to talk both ways.
* lib/kdb/krb_dbm.c (kerb_db_rename): Now works properly when
using berkeley DB.
Thu Apr 25 1996
* lib/krb/get_krbrlm.c (krb_get_default_realm): New function for
SunOS5 compat.
* When building shared libraries link libkrb with libdes to be
compatible with SunOS5.
* Move lib/krb/krb_err.et to lib/kadm since it is only used there,
no longer need to link libkrb against libcom_err.
Wed Apr 24 1996
* lib/krb/lsb_addr_comp.h: Renamed ugly lsb_addr_comp.
* Some porting to UNICOS.
Tue Apr 23 1996
* Moved some junk from appl/bsd to libroken.
* lib/roken/Makefile.in (LIBNAME): Added header file roken.h for
library libroken.a.
* Add kerberized ftp.
* Add libroken.
Mon Apr 22 1996
* appl/kauth/kauth.c: When commands are given to kauth, a new
ticket file is used.
Sat Apr 20 1996
* appl/xnlock/xnlock.c: Fixed a potential overwrite bug. Also
works with more than one screen, only fancy stuff on screen 0,
though.
Fri Apr 19 1996
* appl/bsd/login.c, su.c, rshd.c, rlogind.c: Syslog and abort when
getpwnam returns uid == 0 but user is not root. This is usually
the result of an attack on NIS (former YP).
Wed Apr 17 1996
* kadmin/ksrvutil.c (get_key_from_password): Support for
generating AFS keys. From <flag@it.kth.se>
Sun Apr 14 1996
* appl/kx: New program for forwarding a X connection.
Mon Apr 8 1996
* appl/bsd/rsh.c (get_shell_port): Default port number for ekshell
changed from 2106 to 545.
* appl/bsd/login.c (doremotelogin): Remove terminal speed from the
value of $TERM in the case of an ancient rlogind being used.
Thu Apr 4 1996
* lib/kafs/afssys.c (k_afsklog): Try to read from
/usr/vice/etc/TheseCells for list of cells we should try to obtain
tokens for.
* appl/kauth/kauth.c (renew): Use cell even when renewing.
* appl/kauth/kauth.c, appl/xnlock/xnlock.c: Always call k_afsklog
with realm == NULL.
* lib/kafs/afssys.c: More thorough guessing of what realm a cell
belongs to.
Wed Apr 3 1996
* appl/bsd/login.c: If setuid() failes and not logging in as root,
exit.
Tue Apr 2 1996
* server/kerberos.c: Set name, inst, and realm to NULL in
APPL_REQUEST, error replies tend to look a bit funny otherwise.
Thu Mar 28 1996
* appl/bsd/iruserok.c (iruserok): Imported iruserok() FreeBSD.
Tue Mar 26 1996
* lib/des/Makefile.in: Removed enc_read.c enc_writ.c.
* appl/bsd/Makefile.in: New file with the old functions from
libdes.
* appl/bsd/utmp_login.c: Fixed (hopefully) double utmp-entries in
Solaris. Only put entries in one of utmp/utmpx, since they both
get updated by putut*ent() anyway.
Mon Mar 25 1996
* kuser/klist.c (main): Use verbose option (-v) to list key
version numbers.
* Release 0.7.
Sun Mar 24 1996
* appl/bsd/rlogin.c (doit): Moved signal junk (as far as possible)
to doit().
* configure.in: Check for getmsg with AC_TRY_RUN instead.
Otherwise it fails under AIx 3.2. Now rlogind works on this
so-called OS. Also cache value of berkeley db check.
* lib/kdb/krb_kdb_utils.c: New experimental masterkey generation,
enabled with --enable-random-mkey. This makes kdb_init et al
generate random master keys, based on random input from the
user. This comes in a package with auto-kstash, and possibility to
enter lost master keys as base64.
Moved default master key file from /.k to
/var/kerberos/master-key, override with --with-mkey=file.
* kadmin/kadmin.c (do_init): Handle the `-t' option to kadmin,
meaning do not get a new ticket file. (From CNS).
Fri Mar 22 1996
* appl/xnlock/xnlock.c: Removed some dead code, and a few unused
header files.
* kadmin/pw_check.c (kadm_pw_check): If kadm_pw_check()
fails *pw_msg can't be 0! At the very least use the
empty string but a descriptive error-message is preferred.
* libtelnet: add nonbroken signal() function.
Wed Mar 20 1996
* appl/kpopper/pop_pass.c (pop_pass): Use kuserok to determine if
user is allowed to fetch mail.
* appl/kpopper/*. Got rid of some ugly codes and some warnings.
* appl/bsd/Makefile.in: signal.o was not included in OBJECTS,
which made strange makes not doing what they should.
* configure.in, appl/kpopper/popper.h, appl/bsd/pathnames.h: Now
should work on systems that do not have mail spool files in
/var/spool/mail. Looks for MAILDIR or _PATH_MAILDIR, usually from
<paths.h> or <maillock.h>. Defaults to /var/spool/mail.
Mon Mar 18 1996
* appl/bsd/bsd_locl.h: TIOCPKT for those systems missing it.
Fri Mar 15 1996
* lib/kafs/kafs.h: Use <sys/ioctl.h> instead of <sys/ioccom.h>
* appl/bsd/rshd.c (doit): Don't set environ, send it as an
argument to execle instead.
* lib/kafs/kafs.h: Find definition of _IOW.
* configure.in: Check for random.
* appl/bsd/bsd_locl.h: Including <crypt.h> gives too many conflicts.
* appl/afsutil/pagsh.c: Check for random.
Thu Mar 14 1996
* appl/bsd/bsd_locl.h, appl/telnet/telnetd/defs.h: Default values
of `TIOCPKT_FLUSHWRITE' & c:o.
* appl/telnet/telnet{,d}/Makefile.in (telnetd): Change order of
linking in libraries.
* configure.in: Check for interesting functions in libsocket and
libnsl and not strange soriasis inventions.
Wed Mar 13 1996
* appl/bsd/bsd_locl.h (fatal): Only use prototype or iruserok if
the function does not exist.
Mon Mar 11 1996
* lib/krb/krb_err_txt.c (krb_get_err_text): Changed name of
krb_err_msg to krb_get_err_text(int) to be compatible with the CNS
distribution. This function is used for instance by CVS-1.7.
Sun Mar 10 1996
* configure.in, appl/Makefile.in: removed rkinit
* etc/inetd.conf.changes, etc/services.append: Added kauth.
* appl/kauth: Integrated rkinit into kauth.
* appl/kauth/kauth.c (main): Only look for principal name if no -p
has been given.
* lots of files: prototypes and other small fixes.
* appl/bsd/sysv_shadow.h: spwd multiple defined.
* appl/bsd/bsd_locl.h: include <crypt.h>
* configure.in: Added afsutil and rkinit.
* */Makefile.in: Do cd $$i && $(MAKE). Otherwise, if cd fails you
end up with an infinite recursion.
* kuser/klist.c (display_tktfile): Another warning removed.
Tue Mar 5 1996
* appl/bsd/forkpty.c (forkpty): Kludge for Ultrix, rlogind now
works properly also under this system.
* appl/afsutil: New aklog and pagsh
* lib/krb/krb_equiv.c (krb_equiv): Fix bugs with '\\'.
* lib/des/rnd_keys.c: Include <sys/time.h>.
Mon Mar 4 1996
* appl/kauth/kauth.c (main): Handle name when given after options.
Sun Mar 3 1996
* appl/rkinit/rkinit.c (getalladdrs): Check for herror. Solaris
apparently does not have any.
(main): Use memset instead of bzero.
* appl/rkinit/rkinitd.c (decrypt_remote_tkt): bcopy -> memcpy.
* kuser/kinit.c (main): Corrected lifetime.
* lib/krb/krb_equiv.c (krb_equiv): Now handles longer lines,
continuation lines and addresses of the form 193.10.156.0/24.
* kuser/Makefile.in (kdestroy): Link kdestroy with libkafs.
Wed Feb 28 1996
* Replaced all occurencies of krb_err_txt[] with new function
krb_err_msg(), that does some sanity checks before indexing
krb_err_txt.
Mon Feb 26 1996
* appl/telnet/telnetd: Added flags -z to have telnetd log
unauthenticated logins, such as when using an old telnet
client. Unfortunately in most of these cases, the user name is not
known.
There should also be a way to tell the difference between bad
authentication (such as with expired tickets) and no attempt to
provide authentication (such as with an old client).
Sun Feb 25 1996
* kuser/kdestroy.c: Remove afs-tokens as well as tickets, -t flags
added to prevent this.
Thu Feb 22 1996
* appl/rkinit/rkinitd.c (doit): Use k_getsockinst to make it work
correctly for multi-homed hosts.
* appl/rkinit: New program with rkinit functionality.
* lib/krb/k_getport.c: Function for finding port in /etc/services
with fallback.
* lib/krb/netread.c,netwrite.c (krb_net_{read,write}): Now correct
prototype with void * and size_t.
Wed Feb 21 1996
* kadmin/new_pwd.c (get_pw_new_pwd): Moved get_pw_new_pwd to
seperate file. Now called both from kadmin and kpasswd.
* kadmin/pw_check.c (kadm_pw_check): Handle the case of no
password provided. This is really a policy decision. The server
should be able to say `use a client that sends the password'.
* appl/bsd/rlogind.c (local_domain): MAXHOSTNAMELEN -> MaxHostNameLen.
Sun Feb 18 1996
* appl/bsd/rcp.c (answer_auth): Made rcp multihome aware.
* appl/bsd/rlogind.c (do_krb_login): Made rlogind multihome aware.
* appl/bsd/rshd.c (doit): Made rshd multihome aware.
* lib/krb/k_getsockinst.c (k_getsockinst): New function to figure
out the instance name of interfaces on multihomed hosts. Use this
function when making daemons multihome aware.
* appl/telnet/libtelnet/kerberos.c (kerberos4_is): Made telnetd
multihome aware.
Mon Feb 12 1996
* Release 0.6.
Sun Feb 11 1996
* lots of files: hacks to make it all compile.
* configure.in, appl/telnet/configure.in: More broken AIX.
* appl/bsd/bsd_locl.h: Fix for old syslogs (as in Ultrix).
* appl/telnet/libtelnet/encrypt.c: encrypt_verbose by default.
* appl/telnet/libtelnet/kerberos.c: Show difference between
MUTUAL and ONE_WAY KERBEROS4.
* appl/telnet/libtelnet/encrypt.c:
Print message about not encrypting when receiving WONT or DONT encrypt.
* configure.in: Automatic check for HAVE_NEW_DB.
* lib/krb/getaddrs.c (k_get_all_addrs): Fixed for systems with
SOCKADDR_HAS_SA_LEN, aka 4.4BSD-based.
* appl/telnet/telnetd/global.c: Removed some multiple defined
variables.
* appl/bsd/rlogind.c (cleanup): ifndef HAVE_VHANGUP.
* appl/bsd/sysv_shadow.h: Add DAY and DAY_NOW ifndef.
* configure.in: Check if `struct sockaddr' has `sa_len'.
Sat Feb 10 1996
* appl/telnet/telnetd/telnetd.c (recv_ayt): pty -> ourpty.
* appl/bsd/bsd_locl.h: More include-files: <sys/uio.h> and <userpw.h>
* appl/kpopper/popper.c (catchSIGHUP): Got rid of some warnings.
* lib/krb/log.c (new_log): Yet another year 2000.
* appl/bsd/sysv_environ.c (read_etc_environment): Support setting
environment variables from /etc/environment.
* appl/bsd/bsd_locl.h: <usersec.h>
* configure.in: check for setpcred, libs.a and <usersec.h>.
* appl/bsd/login.c (main): setpcred is used on AIX.
* appl/bsd/rshd.c (doit): Added setpcred for AIX.
* lib/krb/getaddrs.c: <sys/sockio.h> is sometimes needed.
* admin/kdb_init.c (main): Now verifies master key.
* lib/kdb/krb_kdb_utils.c (kdb_get_master_key): Added possibility
of asking for verfication.
* appl/bsd/bsd_locl.h: Try to include <sys/stream.h>
* appl/telnet/telnetd/utility.c (printsub): Mismatch arguments.
* lib/krb/send_to_kdc.c (send_to_kdc): Send to all A records and
accept an answer from anything we have sent to.
* appl/kauth/kauth.c (renew): Use strange return types for strange
OSes.
(doexec): Remove tokens.
* server/kerberos.c (main): Uses k_get_all_addrs and binds to each
of these addresses.
* kadmin/ksrvutil_get.c (ksrvutil_get): Added support for
specifying key to create on command line to get.
Wed Feb 7 1996
* lib/krb/log.c (k_log): Now using YYYY for years.
* lib/krb/klog.c (klog): Preparing for the year 2000.
* kuser/kinit.c (main): Added option -p to get changepw-tickets.
* lib/krb/getaddrs.c: New file to get all the addresses of all the
interfaces on this machine.
Tue Feb 6 1996
* configure.in: Support for S/Key in login.c. Use --with-skeylib
switch to configure. The code assumes that the skeylib.a comes
from logdaemon.
* General support for shadow password files if there is an
shadow.h.
* appl/bsd/su.c: Arrange so that it supports shadow passords.
Sun Feb 4 1996
* appl/telnet/*: Hacks to make it work on strange OSes.
* appl/bsd/bsd_locl.h: Check for sys/ptyvar.h
* appl/telnet/configure.in (telnet_msg): sys/str_tty.h, sys/uio.h
* configure.in: test for crypt.h and sys/ptyvar.h
* appl/telnet/telnetd/*.c: pty -> ourpty.
* telnetd: Changes to make more systems work better, specifically
AIX 4. Hopefully this will work on both STREAM and BSD
systems. Not tested on some systems, like CRAY and Linux.
* util/ss/mk_cmds.c: Generating cleaner code.
* lib/krb/krb_err_txt.c (krb_err_txt): Clarification.
* kadmin/admin_server.c: Less varnings.
* appl/xnlock/xnlock.c: Changed some types and added some casts.
* appl/movemail/movemail.c: Not using syswait.h anymore.
* appl/xnlock/xnlock.c: God rid of some warnings.
* util/ss/*.[ch]: cleanup
* util/et/*.[ch]: cleanup
* appl/bsd/rcp.c: Less warnings.
* kadmin/admin_server.c (kadm_listen): Get rid of another warning.
* kadmin/pw_check.c (kadm_pw_check): Support for letting cracklib
check the quality of the password.
* kadmin/pw_check.h (kadm_pw_check): New argument to
kadm_pw_check: list of useful strings to check for.
* kadmin/kadm_server.c (kadm_ser_cpw): Send a few `useful' strings
to kadm_pw_check (name, instance, and realm).
* kadmin/Makefile.in (kadmind): Linking with -lcrack.
* configure.in: Support for --with-cracklib and --with-dictpath.
* kadmin/ksrvutil_get.c: Now seems to be working.
* kadmin/ksrvutil.h: Some new parameters.
* kadmin/ksrvutil.c: Some reorganisation and uses a working
ksrvutil_get.
* appl/movemail/movemail.c: Some more include-files.
* appl/bsd/rlogind.c: Testing for the existence of vhangup.
Wed Jan 31 1996
* configure.in: Massaged the configure files so that we can build
under NEXTSTEP 3.3. Some kludges to prevent cpp bugs and link
errors where also neccessary.
Tue Jan 30 1996
* appl/xnlock/xnlock.c (main): Improved user feedback on password
input.
* appl/xnlock/xnlock.c: Applied patch made by flag@it.kth.se that
enables C-u to erase the password field.
* lib/krb/lifetime.c: configure now creates a version string which
is referenced here. Use what and grep version to figure out where,
when and by whom binaries where created.
* appl/bsd/forkpty.c (ptys_open): Call revoke before pty slave is
opened. Add revoke using vhangup for those system lacking revoke.
Also call vhangup when rlogind exits.
Mon Jan 29 1996
* lib/krb/send_to_kdc.c (send_to_kdc): Removed kludge for SunOS
3.2 and Ultrix 2.2 that prevented multihomed kerberos servers to
operate correctly.
* kadmin/kadmin.c (change_key): Add new subcommand change_key so
that it is possible to enter keys in the DB on binary form. Most
usefull for sites running AFS.
Fri Jan 26 1996
* appl/bsd/su.c (koktologin): New option -i root-instance. If you
want a user.afs ticket in a root shell and user.afs is on root's
ACL then do a "su -i afs".
* Makefile.in: Rearrange the order of object files to make shared
libraries slightly more efficient.
* appl/kauth/kauth.c (main): Always up case realm. Better error
messages on failed exec.
Mon Jan 22 1996
* appl/bsd/rshd.c (main): New option -P to prevent rshd from using
a new PAG. Expert use only!
* appl/bsd/rlogind.c (doit): Avoid race when setting tty size.
* appl/bsd/rlogin.c (reader): Use select rather than horrible
signal hacks to handle OOB data.
* appl/bsd/login.c (main) sysv_environ.c (sysv_newenv): Login does
now honor the -p switch when invoked by root. This is used by
telnetd to export environment variables.
Fri Jan 5 1996
* appl/bsd/signal.c (signal): New BSD compatible signal
function. Most r* applications assume reliable signals.
* appl/bsd/login.c (main): Check HAVE_ULIMIT.
* appl/bsd/bsd_locl.h: Include sys/ioctl.h.
* configure.in: Check for ulimit.
* admin/kdb_edit.c: Flush stdout after printing prompts.
* appl/kpopper/pop_xmit.c: Remember to include config.h.
Tue Jan 2 1996
* appl/bsd/login.c (main): New function stty_default to setup
default tty settings.
Fri Dec 29 1995
* appl/kstring2key/kstring2key.c (main): New program that converts
passwords to DES keys, either using des_string_to_key or
afs_string_to_key.
* server/kerberos.c: Kerberos server now listen on 2 ports,
kerberos/udp and kerberos-sec/udp.
Wed Dec 27 1995
* appl/bsd/rcp.c (main): Integrated -x option to rcp. This
required some real horrible hacks in lib/des/enc_{read,write}.c
* acconfig.h: Enabled MULTIHOMED_KADMIN in acconfig.h.
* Add RCSID stuff to telnet files.
Fri Dec 22 1995
* appl/bsd/login.c (main): The login program does now by default
read /etc/default/login, even on non Psoriasis systems. Unifdef
SYSV4, this was essentially only for prompting.
Mon Dec 18 1995
* appl/kpopper/popper.c (main): Integrate default timeout of 120
seconds from Qualcomm popper. Timeout is also set able with -T
seconds.
* lib/kadm/kadm_cli_wrap.c (kadm_change_pw_plain): If there's no
password, don't even send the empty string.
Thu Dec 7 1995
* lots of files: all debug messages now printed to stderr (from
<lama@pdc.kth.se>)
* lib/krb/tf_util.c (tf_create): New method for creating a new
ticket file. Remove the old old and then open with O_CREAT and
O_EXCL.
* server/kerberos.c, slave/kpropd.c: Some casts to get rid of warnings.
* configure.in: Added checks for unistd.h, memmove and const.
* appl/telnet/telnet/commands.c: Changed types of functions to
confirm with struct Command.
* appl/telnet/configure.in: Check for setpgid.
* appl/bsd/rlogin.c: Get rid of another warning.
* appl/bsd/bsd_locl.h, appl/telnet/acconfig.h: New synonym for
solaris.
Wed Dec 6 1995
* (movemail): Now from emacs-19.30. If you have a newish emacs
there is no reason to use this movemail.
* (kadm): Added support for server side password checks. Hopefully
this is compatible with kerberos 4.10. Old kpasswd:s will give
funny error messages. For examples of checks, see
kadmin/pw_check.c. Since this is mostly political matters,
kadm_pw_check() should probably return KADM_SUCCESS by default.
Mon Nov 27 1995
* appl/telnet/telnetd/telnetd.c (main): Kludge to fix encryption
problem with Mac NCSA telnet 2.6.
* lib/krb/stime.c: Now using YYYY for years. (2000 is soon here).
* appl/bsd/rsh.c, rcp.c, rlogin.c: Fixed fallback for port number
(added missing ntohs).
Sun Nov 12 1995
* (many files): More ANSI/ISO 9899-1990 to the people!
Now actually builds (not including util) with DEC "cc -std1" and
Sun "acc -Xc". There are still major prototype conflicts, but
there isn't much to do about this.
Sat Oct 28 1995
* lib/kadm/kadm_cli_wrap.c: Fallback for kerberos and
kerberos_master services.
Fri Oct 27 1995
* Released version 0.5
* lib/des/read_pwd.c: Redifine TIOCGETP and TIOCSETP so that the
same code is used both for posix termios and others.
* rsh, rlogin: Add environment variable RSTAR_NO_WARN which when
set to "yes" make warnings about "rlogin: warning, using standard
rlogin: remote host doesn't support Kerberos." go away.
Tue Oct 24 1995
* admin/kdb_util.c (load_db) lib/kdb/krb_dbm.c (kerb_db_update):
Optimized so that it can handle large databases, previously a
10000 entry DB would take *many* minutes, this can now be done in
under a minute.
Sat Oct 21 1995
* Changes in server/kerberos.c, kadmin/*.c slave/*.c to support 64
bit machines. Source should now be free of 64 bit assumptions.
* admin/copykey.c (copy_from_key): New functions for copying to
and from keys. Neccessary to solve som problems with longs on 64
bit machines in kdb_init, kdb_edit, kdb_util and ext_srvtab.
* lib/kdb/krb_kdb_utils.c (kdb_verify_master_key): More problems
with longs on 64 bit machines.
Mon Oct 16 1995
* appl/bsd/login.c (main): Lots of stuff to support Psoriasis
login. Courtesy of gertz@lysator.liu.se.
* configure.in, all Makefile.in's: Support for Linux shared
libraries. Courtesy of svedja@lysator.liu.se.
* lib/krb/cr_err_reply.c server/kerberos.c: Moved int req_act_vno
= KRB_PROT_VERSION; from server kode to libkrb where it really
belongs.
* appl/bsd/forkpty.c (forkpty): New function that allocates master
and slave ptys in a portable way. Used by rlogind.
* appl/telnet/telnetd/sys_term.c (start_login): Under SunOS5 the
same utmpx slot got used by sevral sessions. Courtesy of
gertz@lysator.liu.se.
Wed Oct 4 1995
* util/{ss, et}/Makefile.in (LEX): Use flex or lex. Courtesy of
svedja@lysator.liu.se.
* Fix the above Makefiles to work around bugs in Solaris and OSF/1
make rules that was triggered by VPATH functionality in the yacc
and lex rules.
Mon Oct 2 1995
* appl/kpopper/pop_log.c (pop_log) appl/kpopper/pop_msg.c (pop_msg):
Use stdarg instead of varargs. The code is still broken though,
you'll realize that on a machine with 64 bit pointers and 32 bit
int:s and no vsprintf, let's hope there will be no such beasts ;-).
* appl/telnet/telnetd/sys_term.c (getptyslave): Not all systems
have (or need) modules ttcompat and pckt so don't flag it as a
fatal error if they don't exist.
Mon Sep 25 1995
* kadmin/admin_server.c (kadm_listen) kadmind/kadm_ser_wrap.c
(kadm_listen): Add kludge for kadmind running on a multihomed
server. #ifdef:ed under MULTIHOMED_KADMIN. Change in acconfig.h
if you need this feature.
* appl/Makefile.in (SUBDIRS): Add applications movemail kpopper
and xnlock.
Wed Sep 20 1995
* appl/bsd/rlogin.c (main): New rlogind.c, forkpty() is not
implemented yet though.
Wed Sep 13 1995
* appl/xnlock/Makefile.in: Some stubs for X11 programs in
configure.in as well as a kerberized version of xnlock.
* appl/bsd/{rlogin.c, rsh.c, rcp.c}: Add code to support fallback
port numbers if they can not be found using getservbyname.
Tue Sep 12 1995
* appl/bsd/klogin.c (klogin): Use differnet ticket files for each
login so that a malicous user won't be able to destroy our tickets
with a failed login attempt.
* lib/kafs/afssys.c (k_afsklog): First we try afs.cell@REALM, if
there is no such thing try afs@CELL instead. There is now two
arguments to k_afslog(char *cell, char *realm).
Mon Sep 11 1995
* kadmin/admin_server.c (kadm_listen): If we are multihomed we
need to figure out which local address that is used this time
since it is used in "direction" comparison.
Wed Sep 6 1995
* kadmin/kadm_ser_wrap.c (kadm_ser_init): Fallback to use default
port number.
* lib/krb/send_to_kdc.c (send_to_kdc): Default port number
(KRB_PORT) was not in network byte order.
Tue Sep 5 1995
* lib/krb/send_to_kdc.c (send_recv): Linux clears timeout struct
when selecting.
Mon Sep 4 1995
* appl/bsd/rcp.c, appl/bsd/rlogin.c, appl/bsd/rsh.c:
Now does fallback if there isn't any entries in /etc/services for
klogin/kshell. This also made the code a bit more pretty.
* appl/bsd/login.c: Added support for lots of more struct utmp fields.
If there is no ttyslot() use setutent and friends.
* appl/bsd/Makefile.in, appl/bsd/rlogind.c, appl/bsd/rshd.c:
Added extern iruserok().
* appl/bsd/iruserok.c: Initial revision
* appl/bsd/bsd_locl.h: Must include sys/filio.h on Psoriasis.
* appl/bsd/Makefile.in: New install
* appl/bsd/pathnames.h: Fix default path, rsh and rlogin.
* appl/bsd/rshd.c: Extend default PATH with bindir to find rcp.
* appl/bsd/login.c (login): If there is no ttyslot use setutent
and friends. Added support for lots of more struct utmp fields.
* server/kerberos.c (main) lib/kafs/afssys.c appl/bsd/bsd_locl.h:
Must include sys/filio.h on Psoriasis to find _IOW and FIO* macros.
* appl/bsd/rlogind.c (doit): Use _PATH_DEFPATH rather than
_PATH_DEF.
* appl/bsd/login.c, su.c (main): Use fallback to bourne shell if
running as root.
* appl/bsd/su.c (main): Update usage message to reflect that '-'
option must come after the ordinary options and before login-id.
Sat Sep 2 1995
* appl/telnet/telnetd/telnetd.c (doit): If remote host name is to
long to fit into utmp try to remove domain part if it does match
our local domain.
(main): Add new option -L /bin/login so that it is possible to
specify an alternate login program.
* appl/telnet/telnet/commands.c (env_init): When exporting
variable DISPLAY and if hostname is not the full name, try to get
the full name from DNS.
* appl/telnet/telnet/main.c (main): Option -k realm was broken due
to a bogous external declaration.
Fri Sep 1 1995
* kadmin/kadmin.c (add_new_key): Kadmin now properly sets
lifetime, expiration date and attributes in add_new_key command.
Wed Aug 30 1995
* appl/bsd/su.c (main): Don't handle '-' option with getopt.
* appl/telnet/telnet/externs.h: Removed protection for multiple
inclusions of termio(s).h since it broke definition of termio
macro on POSIX systems.
Tue Aug 29 1995
* lib/krb/lifetime.c (krb_life_to_time): If you want to disable
AFS compatible long lifetimes set krb_no_long_lifetimes = 1.
Please note that the long lifetimes are 100% compatible up to
10h so this should rarely be necessary.
* lib/krb/krb_equiv.c (krb_equiv): If you don't want to use
ipaddress protection of tickets set krb_ignore_ip_address. This
makes it possible for an intruder to steal a ticket and then use
it from som other machine anywhere on the net.
Mon Aug 28 1995
* kadmin/kadm_ser_wrap.c (kadm_ser_init): Don't bind to only one
local address. Accept request on all interfaces.
* admin/kdb_edit.c (change_principal): Don't accept illegal
dates. Courtesy of gertz@lysator.liu.se.
Sat Aug 26 1995
* configure.in: AIX specific libraries needed when using standard
libc routine getttyent, IBM should be ashamed!
* lib/krb/recvauth.c (krb_recvauth): Long that should be int32_t
problem.
* Added strdup for su and rlogin.
* Fix for old syslog macros in appl/bsd/bsd_locl.
Fri Aug 25 1995
* lib/kdb/krb_dbm.c (kerb_db_rename) admin/kdb_destroy.c: New
ifdef HAVE_NEW_DB for new databases residing in one file only.
* appl/bsd/rlogin.c (oob): Add workaround for Linux.
Mon Aug 21 1995
* appl/bsd/getpass.c: New routine that reads up to 127 char
passwords. Used in su.c and login.c.
Tue Aug 15 1995
* appl/telnet/telnetd/sys_term.c (login_tty): Ioctl TIOCSCTTY
should not be used on HP-UX.
Mon Aug 14 1995
* appl/bsd/rlogin.c (main): Added dummy rlogind that tells user to
rather use telnet.
Thu Aug 10 1995
* lib/krb/ krb.h, decomp_ticket.c, getrealm.c, get_krbhst.c,
get_krbrlm.c, get_admhst.c:
Use multiple configuration directories for krb.conf and
krb.realms, KRB_CONF and KRB_REALM_TRANS macros substituted with
KRB_CNF_FILES and KRB_RLM_FILES. Currently /etc and
/etc/kerberosIV are searched. Directory specified by envioronment
variable KRBCONFDIR is searched first if set. No hardcoded
realmname or kerberos server. Instead use domainname for deafult
realm and kerberos.domain as kerberos server if they are not
listed in krb.conf and/or krb.realms. In the normal case there
should be no need for configuration files if administrators add a
CNAME pointing to the kerberos server.
* appl/bsd/Makefile.in and friends: GNU make should no longer be
neccessary unless building with VPATH.
Wed Aug 9 1995
* appl/bsd/klogin.c (klogin): Old ticket file need to be removed
before we call krb_get_pw_in_tkt or we might get a Kerberos intkt
error because the wrong user owns the file.
Tue Aug 8 1995
* configure.in : Telnet.beta2 is now official and has been moved
to appl/telnet.
* appl/bsd/su.c (main): Reenable -K flag, won't work if not
PASSWD_FALLBACK is enabled. Cosmetics for Password prompt.
Fri Aug 4 1995
* appl/bsd/su.c (kerberos): Don't allow su from possibly bogous
kerberos server. Controlled by #ifdef KLOGIN_PARANOID.
* lib/kafs/afssys.c (SIGSYS_handler): Need to reinstall handler on
SYSV.
Mon Jul 24 1995
* lib/kafs/afssys.c (k_afsklog): Use default realm on null argument.
* appl/bsd/rlogin.c, login.c: New programs.
Fri Jul 21 1995
* appl/bsd/kcmd.c rsh.c rlogin.c: Use POSIX signals.
* appl/telnet.95.05.31.NE/telnetd/sys_term.c, telnetd.c: Port to
IRIX.
Tue Jul 11 1995
* admin/kdb_init.c (main): Use new random generator. Dito in
admin/kdb_edit.c. Use master key to initialize random sequence.
Mon Jul 10 1995
* kadmin/kadmin.c (get_password): Fix for random passwords.
Dito for admin/kdb_edit.c
* appl/kauth/kauth.c (main): Updated for krb distribution, now
uses new library libkafs.
* appl/telnet.beta/telnet/main.c (main): New telnet with
encryption hacks from ftp.funet.fi:/pub/unix/security/esrasrc-1.0.
Encryption does not currently work though.
Tue Jun 20 1995
* New library to support AFS. Routines:
int k_hasafs(void);
int k_afsklog(...);
int k_setpag(void);
int k_unlog(void);
int k_pioctl(char *, int, struct ViceIoctl *, int);
Modified it to support more than one single entry point AFS
syscalls (needed by HPUX and OSF/1 when running DFS). Don't rely
on transarc headers or library code.
This has not been tested and will most probably need some
serious violence to get working under AIX. (AIX has since been
fixed to. /bg)
Fri Jun 16 1995
* lib/krb/krb_equiv.c (krb_equiv): Compare IP adresses using
krb_equiv() to allow for hosts with more than one address in files
rd_priv.c rd_req.c and rd_safe.c.
* slave/kpropd.c (main): Fix uninitialized variables and rewind
file in kprop.c.
Thu Jun 15 1995
* appl/bsd/rcp.c (allocbuf): Fix various bugs.
* slave/kpropd.c (main): Responder uses
KPROP_SERVICE_NAME.`hostname' and requestor always uses
KPROP_SERVICE_NAME.KRB_MASTER, i.e rcmd.kerberos in kprop/kpropd
protocol.
Wed Jun 14 1995
* appl/bsd/rshd.c (doit): Encryption should now work both ways.
Tue Jun 13 1995
* appl/bsd/pathnames.h: Fixup paths.
* server/Makefile.in and friends (install): Install daemons in in
libexec and administrator programs in sbin.
* Makefile.in: Joda (d91-jda) added install target
Wed Jun 7 1995
* lib/krb/k_strerror.c: New function k_strerror() to use instead
of the non portable sys_errlist[].