xref: /freebsd/crypto/heimdal/ChangeLog.2002 (revision d22c735e033e47d58878a9c00aa09e90e6e83f06)
12002-12-19  Johan Danielsson  <joda@pdc.kth.se>
2
3	* lib/krb5/mk_rep.c: free allocated storage; reported by Howard
4	Chu
5
62002-12-08  Johan Danielsson  <joda@pdc.kth.se>
7
8	* kdc/kdc_locl.h: remove old encrypt_v4_ticket prototype
9
102002-12-02  Johan Danielsson  <joda@pdc.kth.se>
11
12	* kpasswd/kpasswdd.c (doit): initialise sa_size to size of
13	sockaddr_storage
14
15	* kdc/connect.c (init_socket): initialise sa_size to size of
16	sockaddr_storage
17
182002-11-15  Johan Danielsson  <joda@pdc.kth.se>
19
20	* lib/krb5/krb5.h: remove trailing comma in enum
21
222002-11-07  Johan Danielsson  <joda@pdc.kth.se>
23
24	* kdc/524.c: implement crude b2 style (non-)conversion for use
25	with afs
26
27	* kdc/kerberos4.c: move encrypt_v4_ticket to 524.c, since that's
28	where it's used
29
302002-10-21  Johan Danielsson  <joda@pdc.kth.se>
31
32	* lib/krb5/keytab_keyfile.c: more strcspn
33
34	* lib/krb5/store_emem.c (emem_store): limit how much we allocate
35	(from Olaf Kirch)
36
37	* lib/krb5/principal.c: don't allow trailing backslashes in
38	components
39
40	* kdc/connect.c: check that %-quotes are followed by two hex
41	digits
42
43	* lib/krb5/keytab_any.c: properly close the open keytabs (from
44	Larry Greenfield)
45
46	* kdc/kaserver.c: make sure life is positive (from John Godehn)
47
482002-10-17  Johan Danielsson  <joda@pdc.kth.se>
49
50	* kuser/klist.c (display_tokens): allow tokens up to size of
51	buffer (from Magnus Holmberg)
52
532002-09-29  Johan Danielsson  <joda@pdc.kth.se>
54
55	* lib/krb5/changepw.c (process_reply): fix reply length check
56	calculation (reported by various people)
57
582002-09-24  Johan Danielsson  <joda@pdc.kth.se>
59
60	* lib/krb5/keytab_file.c (fkt_remove_entry): check return value
61	from start_seq_get (from Wynn Wilkes)
62
632002-09-19  Johan Danielsson  <joda@pdc.kth.se>
64
65	* lib/krb5/context.c (krb5_set_config_files): return ENXIO instead
66	of ENOENT when "unconfigured"
67
682002-09-16  Jacques Vidrine  <nectar@kth.se>
69
70	* lib/krb5/kuserok.c, lib/krb5/prompter_posix.c: use strcspn
71	to convert the newline to NUL in fgets results.
72
732002-09-13  Johan Danielsson  <joda@pdc.kth.se>
74
75	* kuser/kinit.1: remove unneeded Ns
76
77	* lib/krb5/krb5_appdefault.3: remove extra "application"
78
79	* fix-export: remove autom4ate.cache
80
812002-09-10  Johan Danielsson  <joda@pdc.kth.se>
82
83	* include/make_crypto.c: don't use function macros if possible
84
85	* lib/krb5/krb5_locl.h: get limits.h for UINT_MAX
86
87	* include/Makefile.am: use make_crypto to create crypto-headers.h
88
89	* include/make_crypto.c: crypto header generation tool
90
91	* configure.in: move crypto test to just after testing for krb4,
92	and move roken tests to after both, this speeds up various failure
93	cases with krb4
94
95	* lib/krb5/config_file.c: don't use NULL when we mean 0
96
97	* configure.in: we don't set package_libdir anymore, so no point
98	in testing for it
99
100	* tools/Makefile.am: subst INCLUDE_des
101
102	* tools/krb5-config.in: add INCLUDE_des to cflags
103
104	* configure.in: use AC_CONFIG_SRCDIR
105
106	* fix-export: remove some unneeded stuff
107
108	* kuser/kinit.c (do_524init): free principals
109
1102002-09-09  Jacques Vidrine  <nectar@kth.se>
111
112	* kdc/kerberos5.c (get_pa_etype_info, fix_transited_encoding),
113	kdc/kaserver.c (krb5_ret_xdr_data),
114	lib/krb5/transited.c (krb5_domain_x500_decode): Validate some
115	counts: Check that they are non-negative, and that they are small
116	enough to avoid integer overflow when used in memory allocation
117	calculations.  Potential problem areas pointed out by
118	Sebastian Krahmer <krahmer@suse.de>.
119
120	* lib/krb5/keytab_keyfile.c (akf_add_entry): Use O_EXCL when
121	creating a new keyfile.
122
1232002-09-09  Johan Danielsson  <joda@pdc.kth.se>
124
125	* configure.in: don't try to build pam module
126
1272002-09-05  Johan Danielsson  <joda@pdc.kth.se>
128
129	* appl/kf/kf.c: fix warning string
130
131	* lib/krb5/log.c (krb5_vlog_msg): delay message formating till we
132	know we need it
133
1342002-09-04  Assar Westerlund  <assar@kth.se>
135
136	* kdc/kerberos5.c (encode_reply): correct error logging
137
1382002-09-04  Johan Danielsson  <joda@pdc.kth.se>
139
140	* lib/krb5/sendauth.c: close ccache if we opened it
141
142	* appl/kf/kf.c: handle new protocol
143
144	* appl/kf/kfd.c: use krb5_err instead of sysloging directly,
145	handle the new protocol, and bail out if an old client tries to
146	connect
147
148	* appl/kf/kf_locl.h: we need a protocol version string
149
150	* lib/hdb/hdb-ldap.c: use ASN1_MALLOC_ENCODE
151
152	* kdc/kerberos5.c: use ASN1_MALLOC_ENCODE
153
154	* kdc/hprop.c: set AP_OPTS_USE_SUBKEY
155
156	* lib/hdb/common.c: use ASN1_MALLOC_ENCODE
157
158	* lib/asn1/gen.c: add convenience macro that allocates a buffer
159	and encoded into that
160
161	* lib/krb5/get_cred.c (init_tgs_req): use
162	in_creds->session.keytype literally instead of trying to convert
163	to a list of enctypes (it should already be an enctype)
164
165	* lib/krb5/get_cred.c (init_tgs_req): init ret
166
1672002-09-03  Johan Danielsson  <joda@pdc.kth.se>
168
169	* lib/asn1/k5.asn1: remove ETYPE_DES3_CBC_NONE_IVEC
170
171	* lib/krb5/krb5.h: remove ENCTYPE_DES3_CBC_NONE_IVEC
172
173	* lib/krb5/crypto.c: get rid of DES3_CBC_encrypt_ivec, just use
174	zero ivec in DES3_CBC_encrypt if passed ivec is NULL
175
176	* lib/krb5/Makefile.am: back out 1.144, since it will re-create
177	krb5-protos.h at build-time, which requires perl, which is bad
178
179	* lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): don't
180	blindly use the local subkey
181
182	* lib/krb5/crypto.c: add function krb5_crypto_getblocksize that
183	extracts the required blocksize from a crypto context
184
185	* lib/krb5/build_auth.c: just get the length of the encoded
186	authenticator instead of trying to grow a buffer
187
1882002-09-03  Assar Westerlund  <assar@kth.se>
189
190	* configure.in: add --disable-mmap option, and tests for
191	sys/mman.h and mmap
192
1932002-09-03  Jacques Vidrine  <nectar@kth.se>
194
195	* lib/krb5/changepw.c: verify lengths in response
196
197	* lib/asn1/der_get.c (decode_integer, decode_unsigned): check for
198	truncated integers
199
2002002-09-02  Johan Danielsson  <joda@pdc.kth.se>
201
202	* lib/krb5/mk_req_ext.c: generate a local subkey if
203	AP_OPTS_USE_SUBKEY is set
204
205	* lib/krb5/build_auth.c: we don't have enough information about
206	whether to generate a local subkey here, so don't try to
207
208	* lib/krb5/auth_context.c: new function
209	krb5_auth_con_generatelocalsubkey
210
211	* lib/krb5/get_in_tkt.c: only set kdc_sec_offset if looking at an
212	initial ticket
213
214	* lib/krb5/context.c (init_context_from_config_file): simplify
215	initialisation of srv_lookup
216
217	* lib/krb5/changepw.c (send_request): set AP_OPTS_USE_SUBKEY
218
219	* lib/krb5/krb5.h: add AP_OPTS_USE_SUBKEY
220
2212002-08-30  Assar Westerlund  <assar@kth.se>
222
223	* lib/krb5/name-45-test.c: also test krb5_524_conv_principal
224	* lib/krb5/Makefile.am (TESTS): add name-45-test
225	* lib/krb5/name-45-test.c: add testcases for
226	krb5_425_conv_principal
227
2282002-08-29  Assar Westerlund  <assar@kth.se>
229
230	* lib/krb5/parse-name-test.c: also test unparse_short functions
231	* lib/asn1/asn1_print.c: use com_err/error_message API
232	* lib/krb5/Makefile.am: add parse-name-test
233	* lib/krb5/parse-name-test.c: add a program for testing parsing
234	and unparsing principal names
235
2362002-08-28  Assar Westerlund  <assar@kth.se>
237
238	* kdc/config.c: add missing ifdef DAEMON
239
2402002-08-28  Johan Danielsson  <joda@pdc.kth.se>
241
242	* configure.in: use rk_SUNOS
243
244	* kdc/config.c: add detach options
245
246	* kdc/main.c: maybe detach from console?
247
248	* kdc/kdc.8: markup changes
249
250	* configure.in: AC_TEST_PACKAGE_NEW -> rk_TEST_PACKAGE
251
252	* configure.in: use rk_TELNET, rename some other macros, and don't
253	add -ldes to krb4 link command
254
255	* kuser/kinit.1: whitespace fix (from NetBSD)
256
257	* include/bits.c: we may need unistd.h for ssize_t
258
2592002-08-26  Assar Westerlund  <assar@kth.se>
260
261	* lib/krb5/principal.c (krb5_425_conv_principal_ext): lookup AAAA
262	rrs before A ones when using the resolver to verify a mapping,
263	also use getaddrinfo when resolver is not available
264
265	* lib/hdb/keytab.c (find_db): const-correctness in parameters to
266	krb5_config_get_next
267
268	* lib/asn1/gen.c: include <string.h> in the generated files (for
269	memset)
270
2712002-08-22  Assar Westerlund  <assar@kth.se>
272
273	* lib/krb5/test_get_addrs.c, lib/krb5/krbhst-test.c: make it use
274	getarg so that it can handle --help and --version (and thus make
275	check can pass)
276
277	* lib/asn1/check-der.c: make this build again
278
2792002-08-22  Assar Westerlund <assar@kth.se>
280
281	* lib/asn1/der_get.c (der_get_int): handle len == 0.  based on a
282	patch from Love <lha@stacken.kth.se>
283
2842002-08-22  Johan Danielsson  <joda@pdc.kth.se>
285
286	* lib/krb5/krb5.h: we seem to call KRB5KDC_ERR_KEY_EXP
287	KRB5KDC_ERR_KEY_EXPIRED, so define the former to the latter
288
289	* kdc/kdc.8: add blurb about adding and removing addresses; update
290	kdc.conf section to match reality
291
292	* configure.in: KRB_SENDAUTH_VLEN seems to always have existed, so
293	don't define it
294
2952002-08-21  Assar Westerlund  <assar@kth.se>
296
297	* lib/asn1/asn1_print.c: print OIDs too, based on a patch from
298	Love <lha@stacken.kth.se>
299
3002002-08-21  Johan Danielsson  <joda@pdc.kth.se>
301
302	* kuser/kinit.c (do_v4_fallback): don't use krb_get_pw_in_tkt2
303	since it might not exist, and we don't actually care about the key
304
3052002-08-20  Johan Danielsson  <joda@pdc.kth.se>
306
307	* lib/krb5/krb5.conf.5: correct documentation for
308	verify_ap_req_nofail
309
310	* lib/krb5/log.c: rename syslog_data to avoid name conflicts (from
311	Mattias Amnefelt)
312
313	* kuser/klist.c (display_tokens): increase token buffer size, and
314	add more checks of the kernel data (from Love)
315
3162002-08-19  Johan Danielsson  <joda@pdc.kth.se>
317
318	* fix-export: use make to parse Makefile.am instead of perl
319
320	* configure.in: use argument-less AM_INIT_AUTOMAKE, now that it
321	groks AC_INIT with package name etc.
322
323	* kpasswd/kpasswdd.c: include <kadm5/private.h>
324
325	* lib/asn1/asn1_print.c: include com_right.h
326
327	* lib/krb5/addr_families.c: socklen_t -> krb5_socklen_t
328
329	* include/bits.c: define krb5_socklen_t type; this should really
330	go someplace else, but this was easy
331
332	* lib/krb5/verify_krb5_conf.c: don't bail out if parsing of a file
333	fails, just warn about it
334
335	* kdc/log.c (kdc_openlog): no need for a config_file parameter
336
337	* kdc/config.c: just treat kdc.conf like any other config file
338
339	* lib/krb5/context.c (krb5_get_default_config_files): ignore
340	duplicate files
341
3422002-08-16  Johan Danielsson  <joda@pdc.kth.se>
343
344	* lib/krb5/krb5.h: turn strings into pointers, so we can assign to
345	them
346
347	* lib/krb5/constants.c: turn strings into pointers, so we can
348	assign to them
349
350	* lib/krb5/get_addrs.c (get_addrs_int): initialise res if
351	SCAN_INTERFACES is not set
352
353	* lib/krb5/context.c: fix various borked stuff in previous commits
354
3552002-08-16  Jacques Vidrine <n@nectar.com>
356
357	* lib/krb5/krbhst.c (kpasswd_get_next): if we fall back to using
358	the `admin_server' entry for kpasswd, override the `proto' result
359	to be UDP.
360
3612002-08-15  Johan Danielsson  <joda@pdc.kth.se>
362
363	* lib/krb5/auth_context.c: check return value of
364	krb5_sockaddr2address
365
366	* lib/krb5/addr_families.c: check return value of
367	krb5_sockaddr2address
368
369	* lib/krb5/context.c: get the default keytab from KRB5_KTNAME
370
3712002-08-14  Johan Danielsson  <joda@pdc.kth.se>
372
373	* lib/krb5/verify_krb5_conf.c: allow parsing of more than one file
374
375	* lib/krb5/context.c: allow changing config files with the
376	function krb5_set_config_files, there are also related functions
377	krb5_get_default_config_files and krb5_free_config_files; these
378	should work similar to their MIT counterparts
379
380	* lib/krb5/config_file.c: allow the use of more than one config
381	file by using the new function krb5_config_parse_file_multi
382
3832002-08-12  Johan Danielsson  <joda@pdc.kth.se>
384
385	* use sysconfdir instead of /etc
386
387	* configure.in: require autoconf 2.53; rename dpagaix_LDFLAGS etc
388	to appease automake; force sysconfdir and localstatedir to /etc
389	and /var/heimdal for now
390
391	* kdc/connect.c (addr_to_string): check return value of
392	sockaddr2address
393
3942002-08-09  Johan Danielsson  <joda@pdc.kth.se>
395
396	* lib/krb5/rd_cred.c: if the remote address isn't an addrport,
397	don't try comparing to one; this should make old clients work with
398	new servers
399
400	* lib/asn1/gen_decode.c: remove unused variable
401
4022002-07-31  Johan Danielsson  <joda@pdc.kth.se>
403
404	* kdc/{kerberos5,524}.c: ENOENT -> HDB_ERR_NOENTRY (from Derrick
405	Brashear)
406
407	* lib/krb5/principal.c: actually lower case the lower case
408	instance name (spotted by Derrick Brashear)
409
4102002-07-24  Johan Danielsson  <joda@pdc.kth.se>
411
412	* fix-export: if DATEDVERSION is set, change the version to
413	current date
414
415	* configure.in: don't use AC_PROG_RANLIB, and use magic foo to set
416	LTLIBOBJS
417
4182002-07-04  Johan Danielsson  <joda@pdc.kth.se>
419
420	* kdc/connect.c: add some cache-control-foo to the http responses
421	(from Gombas Gabor)
422
423	* lib/krb5/addr_families.c (krb5_print_address): don't copy size
424	if ret_len == NULL
425
4262002-06-28  Johan Danielsson  <joda@pdc.kth.se>
427
428	* kuser/klist.c (display_tokens): don't bail out before we get
429	EDOM (signaling the end of the tokens), the kernel can also return
430	ENOTCONN, meaning that the index does not exist anymore (for
431	example if the token has expired)
432
4332002-06-06  Johan Danielsson  <joda@pdc.kth.se>
434
435	* lib/krb5/changepw.c: make sure we return an error if there are
436	no changepw hosts found; from Wynn Wilkes
437
4382002-05-29  Johan Danielsson  <joda@pdc.kth.se>
439
440	* lib/krb5/cache.c (krb5_cc_register): break out of loop when the
441	same type is found; spotted by Wynn Wilkes
442
4432002-05-28  Johan Danielsson  <joda@pdc.kth.se>
444
445	* lib/krb5/keytab_file.c: check size of entry before trying to
446	read 32-bit kvno; also fix typo in previous
447
4482002-05-24  Johan Danielsson  <joda@pdc.kth.se>
449
450	* include/Makefile.am: only add to INCLUDES
451
452	* lib/45/mk_req.c: fix for storage change
453
454	* lib/hdb/print.c: fix for storage change
455
4562002-05-15  Johan Danielsson  <joda@pdc.kth.se>
457
458	* kdc/kerberos5.c: don't free encrypted padata until we're really
459	done with it
460
4612002-05-07  Johan Danielsson  <joda@pdc.kth.se>
462
463	* kdc/kerberos5.c: when decrypting pa-data, try all keys matching
464	enctype
465
466	* kuser/kinit.1: document -a
467
468	* kuser/kinit.c: add command line switch for extra addresses
469
4702002-04-30  Johan Danielsson  <joda@blubb.pdc.kth.se>
471
472	* configure.in: remove some duplicate tests
473
474	* configure.in: use AC_HELP_STRING
475
4762002-04-29  Johan Danielsson  <joda@pdc.kth.se>
477
478	* lib/krb5/crypto.c (usage2arcfour): don't abort if the usage is
479	unknown
480
4812002-04-25  Johan Danielsson  <joda@pdc.kth.se>
482
483	* configure.in: use rk_DESTDIRS
484
4852002-04-22  Johan Danielsson  <joda@pdc.kth.se>
486
487	* lib/krb5/krb5_verify_user.3: make it clear that _lrealm modifies
488	the principal
489
4902002-04-19  Johan Danielsson  <joda@pdc.kth.se>
491
492	* lib/krb5/verify_init.c: fix typo in error string
493
4942002-04-18  Johan Danielsson  <joda@pdc.kth.se>
495
496	* acconfig.h: remove some stuff that is defined elsewhere
497
498	* lib/krb5/krb5_locl.h: include <sys/file.h>
499
500	* lib/krb5/acl.c: rename acl_string parameter
501
502	* lib/krb5/Makefile.am: remove __P from protos, and put parameter
503	names in comments
504
505	* kuser/klist.c: better align some headers
506
507	* kdc/kerberos4.c: storage tweaks
508
509	* kdc/kaserver.c: storage tweaks
510
511	* kdc/524.c: storage tweaks
512
513	* lib/krb5/keytab_krb4.c: storage tweaks
514
515	* lib/krb5/keytab_keyfile.c: storage tweaks
516
517	* lib/krb5/keytab_file.c: storage tweaks; also try to handle zero
518	sized keytab files
519
520	* lib/krb5/keytab_any.c: use KRB5_KT_END instead of KRB5_CC_END
521
522	* lib/krb5/fcache.c: storage tweaks
523
524	* lib/krb5/store_mem.c: make the krb5_storage opaque, and add
525	function wrappers for store/fetch/seek, and also make the eof-code
526	configurable
527
528	* lib/krb5/store_fd.c: make the krb5_storage opaque, and add
529	function wrappers for store/fetch/seek, and also make the eof-code
530	configurable
531
532	* lib/krb5/store_emem.c: make the krb5_storage opaque, and add
533	function wrappers for store/fetch/seek, and also make the eof-code
534	configurable
535
536	* lib/krb5/store.c: make the krb5_storage opaque, and add function
537	wrappers for store/fetch/seek, and also make the eof-code
538	configurable
539
540	* lib/krb5/store-int.h: make the krb5_storage opaque, and add
541	function wrappers for store/fetch/seek, and also make the eof-code
542	configurable
543
544	* lib/krb5/krb5.h: make the krb5_storage opaque, and add function
545	wrappers for store/fetch/seek, and also make the eof-code
546	configurable
547
548	* include/bits.c: include <sys/socket.h> to get socklen_t
549
550	* kdc/kerberos5.c (get_pa_etype_info): sort ETYPE-INFOs by
551	requested KDC-REQ etypes
552
553	* kdc/hpropd.c: constify
554
555	* kdc/hprop.c: constify
556
557	* kdc/string2key.c: constify
558
559	* kdc/kdc_locl.h: make port_str const
560
561	* kdc/config.c: constify
562
563	* lib/krb5/config_file.c: constify
564
565	* kdc/kstash.c: constify
566
567	* lib/krb5/verify_user.c: remove unnecessary cast
568
569	* lib/krb5/recvauth.c: constify
570
571	* lib/krb5/principal.c (krb5_parse_name): const qualify
572
573	* lib/krb5/mcache.c (mcc_get_name): constify return type
574
575	* lib/krb5/context.c (krb5_free_context): don't try to free the
576	ccache prefix
577
578	* lib/krb5/cache.c (krb5_cc_register): don't make a copy of the
579	prefix
580
581	* lib/krb5/krb5.h: constify some struct members
582
583	* lib/krb5/log.c: constify
584
585	* lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): const
586	qualify
587
588	* lib/krb5/get_in_tkt.c (krb5_init_etype): constify
589
590	* lib/krb5/crypto.c: constify some
591
592	* lib/krb5/config_file.c: constify
593
594	* lib/krb5/aname_to_localname.c (krb5_aname_to_localname):
595	constify local variable
596
597	* lib/krb5/addr_families.c (ipv4_sockaddr2port): constify
598
5992002-04-17  Johan Danielsson  <joda@pdc.kth.se>
600
601	* lib/krb5/verify_krb5_conf.c: add some log checking
602
603	* lib/krb5/log.c (krb5_addlog_dest): reorganise syslog parsing
604
6052002-04-16  Johan Danielsson  <joda@pdc.kth.se>
606
607	* lib/krb5/crypto.c (krb5_crypto_init): check that the key size
608	matches the expected length
609
6102002-03-27  Johan Danielsson  <joda@pdc.kth.se>
611
612	* lib/krb5/send_to_kdc.c: rename send parameter to send_data
613
614	* lib/krb5/mk_error.c: rename ctime parameter to client_time
615
6162002-03-22  Johan Danielsson  <joda@pdc.kth.se>
617
618	* kdc/kerberos5.c (find_etype): unsigned -> krb5_enctype (from
619	Reinoud Zandijk)
620
6212002-03-18  Johan Danielsson  <joda@pdc.kth.se>
622
623	* lib/asn1/k5.asn1: add the GSS-API checksum type here
624
6252002-03-11  Assar Westerlund  <assar@sics.se>
626
627	* lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to
628	18:3:1
629	* lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 7:5:0
630	* lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump version to 6:0:0
631
6322002-03-10  Assar Westerlund  <assar@sics.se>
633
634	* lib/krb5/rd_cred.c: handle addresses with port numbers
635
636	* lib/krb5/keytab_file.c, lib/krb5/keytab.c:
637	store the kvno % 256 as the byte and the complete 32 bit kvno after
638	the end of the current keytab entry
639
640	* lib/krb5/init_creds_pw.c:
641	handle LR_PW_EXPTIME and LR_ACCT_EXPTIME in the same way
642
643	* lib/krb5/get_for_creds.c (krb5_get_forwarded_creds):
644	handle ports giving for the remote address
645
646	* lib/krb5/get_cred.c:
647	get a ticket with no addresses if no-addresses is set
648
649	* lib/krb5/crypto.c:
650	rename functions DES_* to krb5_* to avoid colliding with modern
651	openssl
652
653	* lib/krb5/addr_families.c:
654	make all functions taking 'struct sockaddr' actually take a socklen_t
655	instead of int and that acts as an in-out parameter (indicating the
656	maximum length of the sockaddr to be written)
657
658	* kdc/kerberos4.c:
659	make the kvno's in the krb4 universe by the real one % 256, since they
660	cannot only be 8 bit, and the v5 ones are actually 32 bits
661
6622002-02-15  Johan Danielsson  <joda@pdc.kth.se>
663
664	* lib/krb5/keytab_keyfile.c (akf_add_entry): don't create the file
665	before we need to write to it
666	(from Åke Sandgren)
667
6682002-02-14  Johan Danielsson  <joda@pdc.kth.se>
669
670	* configure.in: rk_RETSIGTYPE and rk_BROKEN_REALLOC are called via
671	rk_ROKEN (from Gombas Gabor); find inttypes by CHECK_TYPES
672	directly
673
674	* lib/krb5/rd_safe.c: actually use the correct key (from Daniel
675	Kouril)
676
6772002-02-12  Johan Danielsson  <joda@pdc.kth.se>
678
679	* lib/krb5/context.c (krb5_get_err_text): protect against NULL
680	context
681
6822002-02-11  Johan Danielsson  <joda@pdc.kth.se>
683
684	* admin/ktutil.c: no need to use the "modify" keytab anymore
685
686	* lib/krb5/keytab_any.c: implement add and remove
687
688	* lib/krb5/keytab_krb4.c: implement add and remove
689
690	* lib/krb5/store_emem.c (emem_free): clear memory before freeing
691	(this should perhaps be selectable with a flag)
692
6932002-02-04  Johan Danielsson  <joda@pdc.kth.se>
694
695	* kdc/config.c (get_dbinfo): if there are database specifications
696	in the config file, don't automatically try to use the default
697	values (from Gombas Gabor)
698
699	* lib/krb5/log.c (krb5_closelog): don't pass pointer to pointer
700	(from Gombas Gabor)
701
7022002-01-30  Johan Danielsson  <joda@pdc.kth.se>
703
704	* admin/list.c: get the default keytab from krb5.conf, and list
705	all parts of an ANY type keytab
706
707	* lib/krb5/context.c: default default_keytab_modify to NULL
708
709	* lib/krb5/keytab.c (krb5_kt_default_modify_name): if no modify
710	name is specified take it from the first component of the default
711	keytab name
712
7132002-01-29  Johan Danielsson  <joda@pdc.kth.se>
714
715	* lib/krb5/keytab.c: compare keytab types case insensitively
716
7172002-01-07  Assar Westerlund  <assar@sics.se>
718
719	* lib/krb5/crypto.c (create_checksum): make usage `unsigned' (it's
720	not really a krb5_key_usage).  From Ben Harris <bjh21@netbsd.org>
721	* lib/krb5/get_in_tkt.c: use krb5_enctype consistently.  From Ben
722	Harris <bjh21@netbsd.org>
723	* lib/krb5/crypto.c: use krb5_enctype consistently.  From Ben
724	Harris <bjh21@netbsd.org>
725	* kdc/kerberos5.c: use krb5_enctype consistently.  From Ben Harris
726	<bjh21@netbsd.org>
727