xref: /freebsd/crypto/heimdal/ChangeLog (revision 5e9cd1ae3e10592ed70e7575551cba1bbab04d84) 
12001-02-05  Assar Westerlund  <assar@assaris.sics.se>
2
3	* Release 0.3e
4
52001-01-30  Assar Westerlund  <assar@sics.se>
6
7	* kdc/hprop.c (v4_get_masterkey): check kdb_verify_master_key
8	properly
9	(kdb_prop): decrypt key properly
10	* kdc/hprop.c: handle building with KRB4 always try to decrypt v4
11	data with the master key leave it up to the v5 how to encrypt with
12	that master key
13
14	* kdc/kstash.c: include file name in error messages
15	* kdc/hprop.c: fix a typo and check some more return values
16	* lib/hdb/hdb-ldap.c (LDAP__lookup_princ): call ldap_search_s
17	correctly.  From Jacques Vidrine <n@nectar.com>
18	* kdc/misc.c (db_fetch): HDB_ERR_NOENTRY makes more sense than
19	ENOENT
20
21	* lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to
22	15:0:0
23	* lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 7:0:0
24	* lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump version to 4:0:2
25	* kdc/misc.c (db_fetch): return an error code.  change callers to
26	look at this and try to print it in log messages
27
28	* lib/krb5/crypto.c (decrypt_internal_derived): check that there's
29	enough data
30
312001-01-29  Assar Westerlund  <assar@sics.se>
32
33	* kdc/hprop.c (realm_buf): move it so it becomes properly
34	conditional on KRB4
35
36	* lib/hdb/mkey.c (hdb_unseal_keys_mkey, hdb_seal_keys_mkey,
37	hdb_unseal_keys, hdb_seal_keys): check that we have the correct
38	master key and that we manage to decrypt the key properly,
39	returning an error code.  fix all callers to check return value.
40
41	* tools/krb5-config.in: use @LIB_des_appl@
42	* tools/Makefile.am (krb5-config): add LIB_des_appl
43	* configure.in (LIB_des): set correctly
44	(LIB_des_appl): add for the use by krb5-config.in
45
46	* lib/krb5/store_fd.c (fd_fetch, fd_store): use net_{read,write}
47	to make sure of not dropping data when doing it over a socket.
48	(this might break when used with ordinary files on win32)
49
50	* lib/hdb/hdb_err.et (NO_MKEY): add
51
52	* kdc/kerberos5.c (as_rep): be paranoid and check
53	krb5_enctype_to_string for failure, noted by <lha@stacken.kth.se>
54
55	* lib/krb5/krb5_init_context.3, lib/krb5/krb5_context.3,
56	lib/krb5/krb5_auth_context.3: add new man pages, contributed by
57	<lha@stacken.kth.se>
58
59	* use the openssl api for md4/md5/sha and handle openssl/*.h
60
61	* kdc/kaserver.c (do_getticket): check length of ticket.  noted by
62 	<lha@stacken.kth.se>
63
642001-01-28  Assar Westerlund  <assar@sics.se>
65
66	* configure.in: send -R instead of -rpath to libtool to set
67	runtime library paths
68
69	* lib/krb5/Makefile.am: remove all dependencies on libkrb
70
712001-01-27  Assar Westerlund  <assar@sics.se>
72
73	* appl/rcp: add port of bsd rcp changed to use existing rsh,
74	contributed by Richard Nyberg <rnyberg@it.su.se>
75
762001-01-27  Johan Danielsson  <joda@pdc.kth.se>
77
78	* lib/krb5/get_port.c: don't warn if the port name can't be found,
79	nobody cares anyway
80
812001-01-26  Johan Danielsson  <joda@pdc.kth.se>
82
83	* kdc/hprop.c: make it possible to convert a v4 dump file without
84	having any v4 libraries; the kdb backend still require them
85
86	* kdc/v4_dump.c: include shadow definition of kdb Principal, so we
87	don't have to depend on any v4 libraries
88
89	* kdc/hprop.h: include shadow definition of kdb Principal, so we
90	don't have to depend on any v4 libraries
91
92	* lib/hdb/print.c: reduce number of memory allocations
93
94	* lib/hdb/mkey.c: add support for reading krb4 /.k files
95
962001-01-19  Assar Westerlund  <assar@sics.se>
97
98	* lib/krb5/krb5.conf.5: document admin_server and kpasswd_server
99	for realms document capath better
100
101	* lib/krb5/krbhst.c (krb5_get_krb_changepw_hst): preferably look
102	at kpasswd_server before admin_server
103
104	* lib/krb5/get_cred.c (get_cred_from_kdc_flags): look in
105	[libdefaults]capath for better hint of realm to send request to.
106	this allows the client to specify `realm routing information' in
107	case it cannot be done at the server (which is preferred)
108
109	* lib/krb5/rd_priv.c (krb5_rd_priv): handle no sequence number as
110	zero when we were expecting a sequence number.  MIT krb5 cannot
111	generate a sequence number of zero, instead generating no sequence
112	number
113	* lib/krb5/rd_safe.c (krb5_rd_safe): dito
114
1152001-01-11  Assar Westerlund  <assar@sics.se>
116
117	* kpasswd/kpasswdd.c: add --port option
118
1192001-01-10  Assar Westerlund  <assar@sics.se>
120
121	* lib/krb5/appdefault.c (krb5_appdefault_string): fix condition
122	just before returning
123
1242001-01-09  Assar Westerlund  <assar@sics.se>
125
126	* appl/kf/kfd.c (proto): use krb5_rd_cred2 instead of krb5_rd_cred
127
1282001-01-05  Johan Danielsson  <joda@pdc.kth.se>
129
130	* kuser/kinit.c: call a time `time', and not `seconds'
131
132	* lib/krb5/init_creds.c: not much point in setting the anonymous
133	flag here
134
135	* lib/krb5/krb5_appdefault.3: document appdefault_time
136
1372001-01-04  Johan Danielsson  <joda@pdc.kth.se>
138
139	* lib/krb5/verify_user.c: use
140	krb5_get_init_creds_opt_set_default_flags
141
142	* kuser/kinit.c: use krb5_get_init_creds_opt_set_default_flags
143
144	* lib/krb5/init_creds.c: new function
145	krb5_get_init_creds_opt_set_default_flags to set options from
146	krb5.conf
147
148	* lib/krb5/rd_cred.c: make this match the MIT function
149
150	* lib/krb5/appdefault.c (krb5_appdefault_string): handle NULL
151	def_val
152	(krb5_appdefault_time): new function
153
1542001-01-03  Assar Westerlund  <assar@sics.se>
155
156	* kdc/hpropd.c (main): handle EOF when reading from stdin
157
158