xref: /freebsd/crypto/heimdal/ChangeLog (revision 4b2eaea43fec8e8792be611dea204071a10b655a) 
12002-10-21  Johan Danielsson  <joda@pdc.kth.se>
2
3	* lib/krb5/store_emem.c: pull up 1.13; limit how much we allocate
4
5	* lib/krb5/principal.c: pull up 1.82; don't allow trailing
6	backslashes in components
7
8	* lib/krb5/keytab_keyfile.c: pull up 1.15; more strcspn
9
10	* lib/krb5/keytab_any.c: pull up 1.7; properly close the open
11	keytabs
12
13	* kdc/connect.c: pull up 1.87; check that %-quotes are followed by
14	two hex digits
15
16	* lib/krb5/prompter_posix.c: pull up 1.7; use strcspn to convert
17	the newline to NUL in fgets results.
18
19	* lib/krb5/kuserok.c: pull up 1.6; use strcspn to convert the
20	newline to NUL in fgets results.
21
22	* lib/krb5/keytab_file.c: pull up 1.12; check return value from
23	start_seq_get
24
25	* lib/krb5/context.c: pull up 1.82; return ENXIO instead of ENOENT
26	when "unconfigured"
27
28	* lib/krb5/changepw.c: pull up 1.38; fix reply length check
29	calculation
30
31	* kuser/klist.c: pull up 1.68; allow tokens up to size of buffer
32
33	* kdc/kaserver.c: pull up 1.21; make sure life is positive
34
35	* fix-export: pull up 1.28; remove autom4ate.cache
36
372002-09-10  Johan Danielsson  <joda@pdc.kth.se>
38
39	* Release 0.5
40
41	* include/make_crypto.c: don't use function macros if possible
42
43	* lib/krb5/krb5_locl.h: get limits.h for UINT_MAX
44
45	* include/Makefile.am: use make_crypto to create crypto-headers.h
46
47	* include/make_crypto.c: crypto header generation tool
48
49	* configure.in: move crypto test to just after testing for krb4,
50	and move roken tests to after both, this speeds up various failure
51	cases with krb4
52
53	* lib/krb5/config_file.c: don't use NULL when we mean 0
54
55	* configure.in: we don't set package_libdir anymore, so no point
56	in testing for it
57
58	* tools/Makefile.am: subst INCLUDE_des
59
60	* tools/krb5-config.in: add INCLUDE_des to cflags
61
62	* configure.in: use AC_CONFIG_SRCDIR
63
64	* fix-export: remove some unneeded stuff
65
66	* kuser/kinit.c (do_524init): free principals
67
682002-09-09  Jacques Vidrine  <nectar@kth.se>
69
70	* kdc/kerberos5.c (get_pa_etype_info, fix_transited_encoding),
71	kdc/kaserver.c (krb5_ret_xdr_data),
72	lib/krb5/transited.c (krb5_domain_x500_decode): Validate some
73	counts: Check that they are non-negative, and that they are small
74	enough to avoid integer overflow when used in memory allocation
75	calculations.  Potential problem areas pointed out by
76	Sebastian Krahmer <krahmer@suse.de>.
77
78	* lib/krb5/keytab_keyfile.c (akf_add_entry): Use O_EXCL when
79	creating a new keyfile.
80
812002-09-09  Johan Danielsson  <joda@pdc.kth.se>
82
83	* configure.in: don't try to build pam module
84
852002-09-05  Johan Danielsson  <joda@pdc.kth.se>
86
87	* appl/kf/kf.c: fix warning string
88
89	* lib/krb5/log.c (krb5_vlog_msg): delay message formating till we
90	know we need it
91
922002-09-04  Assar Westerlund  <assar@kth.se>
93
94	* kdc/kerberos5.c (encode_reply): correct error logging
95
962002-09-04  Johan Danielsson  <joda@pdc.kth.se>
97
98	* lib/krb5/sendauth.c: close ccache if we opened it
99
100	* appl/kf/kf.c: handle new protocol
101
102	* appl/kf/kfd.c: use krb5_err instead of sysloging directly,
103	handle the new protocol, and bail out if an old client tries to
104	connect
105
106	* appl/kf/kf_locl.h: we need a protocol version string
107
108	* lib/hdb/hdb-ldap.c: use ASN1_MALLOC_ENCODE
109
110	* kdc/kerberos5.c: use ASN1_MALLOC_ENCODE
111
112	* kdc/hprop.c: set AP_OPTS_USE_SUBKEY
113
114	* lib/hdb/common.c: use ASN1_MALLOC_ENCODE
115
116	* lib/asn1/gen.c: add convenience macro that allocates a buffer
117	and encoded into that
118
119	* lib/krb5/get_cred.c (init_tgs_req): use
120	in_creds->session.keytype literally instead of trying to convert
121	to a list of enctypes (it should already be an enctype)
122
123	* lib/krb5/get_cred.c (init_tgs_req): init ret
124
1252002-09-03  Johan Danielsson  <joda@pdc.kth.se>
126
127	* lib/asn1/k5.asn1: remove ETYPE_DES3_CBC_NONE_IVEC
128
129	* lib/krb5/krb5.h: remove ENCTYPE_DES3_CBC_NONE_IVEC
130
131	* lib/krb5/crypto.c: get rid of DES3_CBC_encrypt_ivec, just use
132	zero ivec in DES3_CBC_encrypt if passed ivec is NULL
133
134	* lib/krb5/Makefile.am: back out 1.144, since it will re-create
135	krb5-protos.h at build-time, which requires perl, which is bad
136
137	* lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): don't
138	blindly use the local subkey
139
140	* lib/krb5/crypto.c: add function krb5_crypto_getblocksize that
141	extracts the required blocksize from a crypto context
142
143	* lib/krb5/build_auth.c: just get the length of the encoded
144	authenticator instead of trying to grow a buffer
145
1462002-09-03  Assar Westerlund  <assar@kth.se>
147
148	* configure.in: add --disable-mmap option, and tests for
149	sys/mman.h and mmap
150
1512002-09-03  Jacques Vidrine  <nectar@kth.se>
152
153	* lib/krb5/changepw.c: verify lengths in response
154
155	* lib/asn1/der_get.c (decode_integer, decode_unsigned): check for
156	truncated integers
157
1582002-09-02  Johan Danielsson  <joda@pdc.kth.se>
159
160	* lib/krb5/mk_req_ext.c: generate a local subkey if
161	AP_OPTS_USE_SUBKEY is set
162
163	* lib/krb5/build_auth.c: we don't have enough information about
164	whether to generate a local subkey here, so don't try to
165
166	* lib/krb5/auth_context.c: new function
167	krb5_auth_con_generatelocalsubkey
168
169	* lib/krb5/get_in_tkt.c: only set kdc_sec_offset if looking at an
170	initial ticket
171
172	* lib/krb5/context.c (init_context_from_config_file): simplify
173	initialisation of srv_lookup
174
175	* lib/krb5/changepw.c (send_request): set AP_OPTS_USE_SUBKEY
176
177	* lib/krb5/krb5.h: add AP_OPTS_USE_SUBKEY
178
1792002-08-30  Assar Westerlund  <assar@kth.se>
180
181	* lib/krb5/name-45-test.c: also test krb5_524_conv_principal
182	* lib/krb5/Makefile.am (TESTS): add name-45-test
183	* lib/krb5/name-45-test.c: add testcases for
184	krb5_425_conv_principal
185
1862002-08-29  Assar Westerlund  <assar@kth.se>
187
188	* lib/krb5/parse-name-test.c: also test unparse_short functions
189	* lib/asn1/asn1_print.c: use com_err/error_message API
190	* lib/krb5/Makefile.am: add parse-name-test
191	* lib/krb5/parse-name-test.c: add a program for testing parsing
192	and unparsing principal names
193
1942002-08-28  Assar Westerlund  <assar@kth.se>
195
196	* kdc/config.c: add missing ifdef DAEMON
197
1982002-08-28  Johan Danielsson  <joda@pdc.kth.se>
199
200	* configure.in: use rk_SUNOS
201
202	* kdc/config.c: add detach options
203
204	* kdc/main.c: maybe detach from console?
205
206	* kdc/kdc.8: markup changes
207
208	* configure.in: AC_TEST_PACKAGE_NEW -> rk_TEST_PACKAGE
209
210	* configure.in: use rk_TELNET, rename some other macros, and don't
211	add -ldes to krb4 link command
212
213	* kuser/kinit.1: whitespace fix (from NetBSD)
214
215	* include/bits.c: we may need unistd.h for ssize_t
216
2172002-08-26  Assar Westerlund  <assar@kth.se>
218
219	* lib/krb5/principal.c (krb5_425_conv_principal_ext): lookup AAAA
220	rrs before A ones when using the resolver to verify a mapping,
221	also use getaddrinfo when resolver is not available
222
223	* lib/hdb/keytab.c (find_db): const-correctness in parameters to
224	krb5_config_get_next
225
226	* lib/asn1/gen.c: include <string.h> in the generated files (for
227	memset)
228
2292002-08-22  Assar Westerlund  <assar@kth.se>
230
231	* lib/krb5/test_get_addrs.c, lib/krb5/krbhst-test.c: make it use
232	getarg so that it can handle --help and --version (and thus make
233	check can pass)
234
235	* lib/asn1/check-der.c: make this build again
236
2372002-08-22  Assar Westerlund <assar@kth.se>
238
239	* lib/asn1/der_get.c (der_get_int): handle len == 0.  based on a
240	patch from Love <lha@stacken.kth.se>
241
2422002-08-22  Johan Danielsson  <joda@pdc.kth.se>
243
244	* lib/krb5/krb5.h: we seem to call KRB5KDC_ERR_KEY_EXP
245	KRB5KDC_ERR_KEY_EXPIRED, so define the former to the latter
246
247	* kdc/kdc.8: add blurb about adding and removing addresses; update
248	kdc.conf section to match reality
249
250	* configure.in: KRB_SENDAUTH_VLEN seems to always have existed, so
251	don't define it
252
2532002-08-21  Assar Westerlund  <assar@kth.se>
254
255	* lib/asn1/asn1_print.c: print OIDs too, based on a patch from
256	Love <lha@stacken.kth.se>
257
2582002-08-21  Johan Danielsson  <joda@pdc.kth.se>
259
260	* kuser/kinit.c (do_v4_fallback): don't use krb_get_pw_in_tkt2
261	since it might not exist, and we don't actually care about the key
262
2632002-08-20  Johan Danielsson  <joda@pdc.kth.se>
264
265	* lib/krb5/krb5.conf.5: correct documentation for
266	verify_ap_req_nofail
267
268	* lib/krb5/log.c: rename syslog_data to avoid name conflicts (from
269	Mattias Amnefelt)
270
271	* kuser/klist.c (display_tokens): increase token buffer size, and
272	add more checks of the kernel data (from Love)
273
2742002-08-19  Johan Danielsson  <joda@pdc.kth.se>
275
276	* fix-export: use make to parse Makefile.am instead of perl
277
278	* configure.in: use argument-less AM_INIT_AUTOMAKE, now that it
279	groks AC_INIT with package name etc.
280
281	* kpasswd/kpasswdd.c: include <kadm5/private.h>
282
283	* lib/asn1/asn1_print.c: include com_right.h
284
285	* lib/krb5/addr_families.c: socklen_t -> krb5_socklen_t
286
287	* include/bits.c: define krb5_socklen_t type; this should really
288	go someplace else, but this was easy
289
290	* lib/krb5/verify_krb5_conf.c: don't bail out if parsing of a file
291	fails, just warn about it
292
293	* kdc/log.c (kdc_openlog): no need for a config_file parameter
294
295	* kdc/config.c: just treat kdc.conf like any other config file
296
297	* lib/krb5/context.c (krb5_get_default_config_files): ignore
298	duplicate files
299
3002002-08-16  Johan Danielsson  <joda@pdc.kth.se>
301
302	* lib/krb5/krb5.h: turn strings into pointers, so we can assign to
303	them
304
305	* lib/krb5/constants.c: turn strings into pointers, so we can
306	assign to them
307
308	* lib/krb5/get_addrs.c (get_addrs_int): initialise res if
309	SCAN_INTERFACES is not set
310
311	* lib/krb5/context.c: fix various borked stuff in previous commits
312
3132002-08-16  Jacques Vidrine <n@nectar.com>
314
315	* lib/krb5/krbhst.c (kpasswd_get_next): if we fall back to using
316	the `admin_server' entry for kpasswd, override the `proto' result
317	to be UDP.
318
3192002-08-15  Johan Danielsson  <joda@pdc.kth.se>
320
321	* lib/krb5/auth_context.c: check return value of
322	krb5_sockaddr2address
323
324	* lib/krb5/addr_families.c: check return value of
325	krb5_sockaddr2address
326
327	* lib/krb5/context.c: get the default keytab from KRB5_KTNAME
328
3292002-08-14  Johan Danielsson  <joda@pdc.kth.se>
330
331	* lib/krb5/verify_krb5_conf.c: allow parsing of more than one file
332
333	* lib/krb5/context.c: allow changing config files with the
334	function krb5_set_config_files, there are also related functions
335	krb5_get_default_config_files and krb5_free_config_files; these
336	should work similar to their MIT counterparts
337
338	* lib/krb5/config_file.c: allow the use of more than one config
339	file by using the new function krb5_config_parse_file_multi
340
3412002-08-12  Johan Danielsson  <joda@pdc.kth.se>
342
343	* use sysconfdir instead of /etc
344
345	* configure.in: require autoconf 2.53; rename dpagaix_LDFLAGS etc
346	to appease automake; force sysconfdir and localstatedir to /etc
347	and /var/heimdal for now
348
349	* kdc/connect.c (addr_to_string): check return value of
350	sockaddr2address
351
3522002-08-09  Johan Danielsson  <joda@pdc.kth.se>
353
354	* lib/krb5/rd_cred.c: if the remote address isn't an addrport,
355	don't try comparing to one; this should make old clients work with
356	new servers
357
358	* lib/asn1/gen_decode.c: remove unused variable
359
3602002-07-31  Johan Danielsson  <joda@pdc.kth.se>
361
362	* kdc/{kerberos5,524}.c: ENOENT -> HDB_ERR_NOENTRY (from Derrick
363	Brashear)
364
365	* lib/krb5/principal.c: actually lower case the lower case
366	instance name (spotted by Derrick Brashear)
367
3682002-07-24  Johan Danielsson  <joda@pdc.kth.se>
369
370	* fix-export: if DATEDVERSION is set, change the version to
371	current date
372
373	* configure.in: don't use AC_PROG_RANLIB, and use magic foo to set
374	LTLIBOBJS
375
3762002-07-04  Johan Danielsson  <joda@pdc.kth.se>
377
378	* kdc/connect.c: add some cache-control-foo to the http responses
379	(from Gombas Gabor)
380
381	* lib/krb5/addr_families.c (krb5_print_address): don't copy size
382	if ret_len == NULL
383
3842002-06-28  Johan Danielsson  <joda@pdc.kth.se>
385
386	* kuser/klist.c (display_tokens): don't bail out before we get
387	EDOM (signaling the end of the tokens), the kernel can also return
388	ENOTCONN, meaning that the index does not exist anymore (for
389	example if the token has expired)
390
3912002-06-06  Johan Danielsson  <joda@pdc.kth.se>
392
393	* lib/krb5/changepw.c: make sure we return an error if there are
394	no changepw hosts found; from Wynn Wilkes
395
3962002-05-29  Johan Danielsson  <joda@pdc.kth.se>
397
398	* lib/krb5/cache.c (krb5_cc_register): break out of loop when the
399	same type is found; spotted by Wynn Wilkes
400
4012002-05-15  Johan Danielsson  <joda@pdc.kth.se>
402
403	* kdc/kerberos5.c: don't free encrypted padata until we're really
404	done with it
405
4062002-05-07  Johan Danielsson  <joda@pdc.kth.se>
407
408	* kdc/kerberos5.c: when decrypting pa-data, try all keys matching
409	enctype
410
411	* kuser/kinit.1: document -a
412
413	* kuser/kinit.c: add command line switch for extra addresses
414
4152002-04-30  Johan Danielsson  <joda@blubb.pdc.kth.se>
416
417	* configure.in: remove some duplicate tests
418
419	* configure.in: use AC_HELP_STRING
420
4212002-04-29  Johan Danielsson  <joda@pdc.kth.se>
422
423	* lib/krb5/crypto.c (usage2arcfour): don't abort if the usage is
424	unknown
425
4262002-04-25  Johan Danielsson  <joda@pdc.kth.se>
427
428	* configure.in: use rk_DESTDIRS
429
4302002-04-22  Johan Danielsson  <joda@pdc.kth.se>
431
432	* lib/krb5/krb5_verify_user.3: make it clear that _lrealm modifies
433	the principal
434
4352002-04-19  Johan Danielsson  <joda@pdc.kth.se>
436
437	* lib/krb5/verify_init.c: fix typo in error string
438
4392002-04-18  Johan Danielsson  <joda@pdc.kth.se>
440
441	* acconfig.h: remove some stuff that is defined elsewhere
442
443	* lib/krb5/krb5_locl.h: include <sys/file.h>
444
445	* lib/krb5/acl.c: rename acl_string parameter
446
447	* lib/krb5/Makefile.am: remove __P from protos, and put parameter
448	names in comments
449
450	* kuser/klist.c: better align some headers
451
452	* kdc/kerberos4.c: storage tweaks
453
454	* kdc/kaserver.c: storage tweaks
455
456	* kdc/524.c: storage tweaks
457
458	* lib/krb5/keytab_krb4.c: storage tweaks
459
460	* lib/krb5/keytab_keyfile.c: storage tweaks
461
462	* lib/krb5/keytab_file.c: storage tweaks; also try to handle zero
463	sized keytab files
464
465	* lib/krb5/keytab_any.c: use KRB5_KT_END instead of KRB5_CC_END
466
467	* lib/krb5/fcache.c: storage tweaks
468
469	* lib/krb5/store_mem.c: make the krb5_storage opaque, and add
470	function wrappers for store/fetch/seek, and also make the eof-code
471	configurable
472
473	* lib/krb5/store_fd.c: make the krb5_storage opaque, and add
474	function wrappers for store/fetch/seek, and also make the eof-code
475	configurable
476
477	* lib/krb5/store_emem.c: make the krb5_storage opaque, and add
478	function wrappers for store/fetch/seek, and also make the eof-code
479	configurable
480
481	* lib/krb5/store.c: make the krb5_storage opaque, and add function
482	wrappers for store/fetch/seek, and also make the eof-code
483	configurable
484
485	* lib/krb5/store-int.h: make the krb5_storage opaque, and add
486	function wrappers for store/fetch/seek, and also make the eof-code
487	configurable
488
489	* lib/krb5/krb5.h: make the krb5_storage opaque, and add function
490	wrappers for store/fetch/seek, and also make the eof-code
491	configurable
492
493	* include/bits.c: include <sys/socket.h> to get socklen_t
494
495	* kdc/kerberos5.c (get_pa_etype_info): sort ETYPE-INFOs by
496	requested KDC-REQ etypes
497
498	* kdc/hpropd.c: constify
499
500	* kdc/hprop.c: constify
501
502	* kdc/string2key.c: constify
503
504	* kdc/kdc_locl.h: make port_str const
505
506	* kdc/config.c: constify
507
508	* lib/krb5/config_file.c: constify
509
510	* kdc/kstash.c: constify
511
512	* lib/krb5/verify_user.c: remove unnecessary cast
513
514	* lib/krb5/recvauth.c: constify
515
516	* lib/krb5/principal.c (krb5_parse_name): const qualify
517
518	* lib/krb5/mcache.c (mcc_get_name): constify return type
519
520	* lib/krb5/context.c (krb5_free_context): don't try to free the
521	ccache prefix
522
523	* lib/krb5/cache.c (krb5_cc_register): don't make a copy of the
524	prefix
525
526	* lib/krb5/krb5.h: constify some struct members
527
528	* lib/krb5/log.c: constify
529
530	* lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): const
531	qualify
532
533	* lib/krb5/get_in_tkt.c (krb5_init_etype): constify
534
535	* lib/krb5/crypto.c: constify some
536
537	* lib/krb5/config_file.c: constify
538
539	* lib/krb5/aname_to_localname.c (krb5_aname_to_localname):
540	constify local variable
541
542	* lib/krb5/addr_families.c (ipv4_sockaddr2port): constify
543
5442002-04-17  Johan Danielsson  <joda@pdc.kth.se>
545
546	* lib/krb5/verify_krb5_conf.c: add some log checking
547
548	* lib/krb5/log.c (krb5_addlog_dest): reorganise syslog parsing
549
5502002-04-16  Johan Danielsson  <joda@pdc.kth.se>
551
552	* lib/krb5/crypto.c (krb5_crypto_init): check that the key size
553	matches the expected length
554
5552002-03-27  Johan Danielsson  <joda@pdc.kth.se>
556
557	* lib/krb5/send_to_kdc.c: rename send parameter to send_data
558
559	* lib/krb5/mk_error.c: rename ctime parameter to client_time
560
5612002-03-22  Johan Danielsson  <joda@pdc.kth.se>
562
563	* kdc/kerberos5.c (find_etype): unsigned -> krb5_enctype (from
564	Reinoud Zandijk)
565
5662002-03-18  Johan Danielsson  <joda@pdc.kth.se>
567
568	* lib/asn1/k5.asn1: add the GSS-API checksum type here
569
5702002-03-11  Assar Westerlund  <assar@sics.se>
571
572	* lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to
573	18:3:1
574	* lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 7:5:0
575	* lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump version to 6:0:0
576
5772002-03-10  Assar Westerlund  <assar@sics.se>
578
579	* lib/krb5/rd_cred.c: handle addresses with port numbers
580
581	* lib/krb5/keytab_file.c, lib/krb5/keytab.c:
582	store the kvno % 256 as the byte and the complete 32 bit kvno after
583	the end of the current keytab entry
584
585	* lib/krb5/init_creds_pw.c:
586	handle LR_PW_EXPTIME and LR_ACCT_EXPTIME in the same way
587
588	* lib/krb5/get_for_creds.c (krb5_get_forwarded_creds):
589	handle ports giving for the remote address
590
591	* lib/krb5/get_cred.c:
592	get a ticket with no addresses if no-addresses is set
593
594	* lib/krb5/crypto.c:
595	rename functions DES_* to krb5_* to avoid colliding with modern
596	openssl
597
598	* lib/krb5/addr_families.c:
599	make all functions taking 'struct sockaddr' actually take a socklen_t
600	instead of int and that acts as an in-out parameter (indicating the
601	maximum length of the sockaddr to be written)
602
603	* kdc/kerberos4.c:
604	make the kvno's in the krb4 universe by the real one % 256, since they
605	cannot only be 8 bit, and the v5 ones are actually 32 bits
606
6072002-02-15  Johan Danielsson  <joda@pdc.kth.se>
608
609	* lib/krb5/keytab_keyfile.c (akf_add_entry): don't create the file
610	before we need to write to it
611	(from �ke Sandgren)
612
6132002-02-14  Johan Danielsson  <joda@pdc.kth.se>
614
615	* configure.in: rk_RETSIGTYPE and rk_BROKEN_REALLOC are called via
616	rk_ROKEN (from Gombas Gabor); find inttypes by CHECK_TYPES
617	directly
618
619	* lib/krb5/rd_safe.c: actually use the correct key (from Daniel
620	Kouril)
621
6222002-02-12  Johan Danielsson  <joda@pdc.kth.se>
623
624	* lib/krb5/context.c (krb5_get_err_text): protect against NULL
625	context
626
6272002-02-11  Johan Danielsson  <joda@pdc.kth.se>
628
629	* admin/ktutil.c: no need to use the "modify" keytab anymore
630
631	* lib/krb5/keytab_any.c: implement add and remove
632
633	* lib/krb5/keytab_krb4.c: implement add and remove
634
635	* lib/krb5/store_emem.c (emem_free): clear memory before freeing
636	(this should perhaps be selectable with a flag)
637
6382002-02-04  Johan Danielsson  <joda@pdc.kth.se>
639
640	* kdc/config.c (get_dbinfo): if there are database specifications
641	in the config file, don't automatically try to use the default
642	values (from Gombas Gabor)
643
644	* lib/krb5/log.c (krb5_closelog): don't pass pointer to pointer
645	(from Gombas Gabor)
646
6472002-01-30  Johan Danielsson  <joda@pdc.kth.se>
648
649	* admin/list.c: get the default keytab from krb5.conf, and list
650	all parts of an ANY type keytab
651
652	* lib/krb5/context.c: default default_keytab_modify to NULL
653
654	* lib/krb5/keytab.c (krb5_kt_default_modify_name): if no modify
655	name is specified take it from the first component of the default
656	keytab name
657
6582002-01-29  Johan Danielsson  <joda@pdc.kth.se>
659
660	* lib/krb5/keytab.c: compare keytab types case insensitively
661
6622002-01-07  Assar Westerlund  <assar@sics.se>
663
664	* lib/krb5/crypto.c (create_checksum): make usage `unsigned' (it's
665	not really a krb5_key_usage).  From Ben Harris <bjh21@netbsd.org>
666	* lib/krb5/get_in_tkt.c: use krb5_enctype consistently.  From Ben
667	Harris <bjh21@netbsd.org>
668	* lib/krb5/crypto.c: use krb5_enctype consistently.  From Ben
669	Harris <bjh21@netbsd.org>
670	* kdc/kerberos5.c: use krb5_enctype consistently.  From Ben Harris
671	<bjh21@netbsd.org>
672