12000-01-08 Assar Westerlund <assar@sics.se> 2 3 * Release 0.2m 4 52000-01-08 Assar Westerlund <assar@sics.se> 6 7 * lib/krb5/Makefile.am: bump version to 7:1:0 8 * lib/krb5/principal.c (krb5_sname_to_principal): use 9 krb5_expand_hostname 10 * lib/krb5/expand_hostname.c (krb5_expand_hostname): handle 11 ai_canonname being set in any of the addresses returnedby 12 getaddrinfo. glibc apparently returns the reverse lookup of every 13 address in ai_canonname. 14 152000-01-06 Assar Westerlund <assar@sics.se> 16 17 * Release 0.2l 18 192000-01-06 Assar Westerlund <assar@sics.se> 20 21 * lib/krb5/Makefile.am: set version to 7:0:0 22 * lib/krb5/principal.c (krb5_sname_to_principal): remove `hp' 23 24 * lib/hdb/Makefile.am: set version to 4:1:1 25 26 * kdc/hpropd.c (dump_krb4): use `krb5_get_default_realms' 27 * lib/krb5/get_in_tkt.c (add_padata): change types to make 28 everything work out 29 (krb5_get_in_cred): remove const to make types match 30 * lib/krb5/crypto.c (ARCFOUR_string_to_key): correct signature 31 * lib/krb5/principal.c (krb5_sname_to_principal): handle not 32 getting back a canonname 33 342000-01-06 Assar Westerlund <assar@sics.se> 35 36 * Release 0.2k 37 382000-01-06 Assar Westerlund <assar@sics.se> 39 40 * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): advance colon so that 41 we actually parse the port number. based on a patch from Leif 42 Johansson <leifj@it.su.se> 43 442000-01-02 Assar Westerlund <assar@sics.se> 45 46 * admin/purge.c: remove all non-current and old entries from a 47 keytab 48 49 * admin: break up ktutil.c into files 50 51 * admin/ktutil.c (list): support --verbose (also listning time 52 stamps) 53 (kt_add, kt_get): set timestamp in newly created entries 54 (kt_change): add `change' command 55 56 * admin/srvconvert.c (srvconv): set timestamp in newly created 57 entries 58 * lib/krb5/keytab_keyfile.c (akf_next_entry): set timetsamp, 59 always go the a predicatble position on error 60 * lib/krb5/keytab.c (krb5_kt_copy_entry_contents): copy timestamp 61 * lib/krb5/keytab_file.c (fkt_add_entry): store timestamp 62 (fkt_next_entry_int): return timestamp 63 * lib/krb5/krb5.h (krb5_keytab_entry): add timestamp 64 651999-12-30 Assar Westerlund <assar@sics.se> 66 67 * configure.in (krb4): use `-ldes' in tests 68 691999-12-26 Assar Westerlund <assar@sics.se> 70 71 * lib/hdb/print.c (event2string): handle events without principal. 72 From Luke Howard <lukeh@PADL.COM> 73 741999-12-25 Assar Westerlund <assar@sics.se> 75 76 * Release 0.2j 77 78Tue Dec 21 18:03:17 1999 Assar Westerlund <assar@sics.se> 79 80 * lib/hdb/Makefile.am (asn1_files): add $(EXEEXT) for cygwin and 81 related systems 82 83 * lib/asn1/Makefile.am (asn1_files): add $(EXEEXT) for cygwin and 84 related systems 85 86 * include/Makefile.am (krb5-types.h): add $(EXEEXT) for cygwin and 87 related systems 88 891999-12-20 Assar Westerlund <assar@sics.se> 90 91 * Release 0.2i 92 931999-12-20 Assar Westerlund <assar@sics.se> 94 95 * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to 6:3:1 96 97 * lib/krb5/send_to_kdc.c (send_via_proxy): free data 98 * lib/krb5/send_to_kdc.c (send_via_proxy): new function use 99 getaddrinfo instead of gethostbyname{,2} 100 * lib/krb5/get_for_creds.c: use getaddrinfo instead of 101 getnodebyname{,2} 102 1031999-12-17 Assar Westerlund <assar@sics.se> 104 105 * Release 0.2h 106 1071999-12-17 Assar Westerlund <assar@sics.se> 108 109 * Release 0.2g 110 1111999-12-16 Assar Westerlund <assar@sics.se> 112 113 * lib/krb5/Makefile.am: bump version to 6:2:1 114 115 * lib/krb5/principal.c (krb5_sname_to_principal): handle 116 ai_canonname not being set 117 * lib/krb5/expand_hostname.c (krb5_expand_hostname): handle 118 ai_canonname not being set 119 120 * appl/test/uu_server.c: print messages to stderr 121 * appl/test/tcp_server.c: print messages to stderr 122 * appl/test/nt_gss_server.c: print messages to stderr 123 * appl/test/gssapi_server.c: print messages to stderr 124 125 * appl/test/tcp_client.c (proto): remove shadowing `context' 126 * appl/test/common.c (client_doit): add forgotten ntohs 127 1281999-12-13 Assar Westerlund <assar@sics.se> 129 130 * configure.in (VERISON): bump to 0.2g-pre 131 1321999-12-12 Assar Westerlund <assar@sics.se> 133 134 * lib/krb5/principal.c (krb5_425_conv_principal_ext): be more 135 robust and handle extra dot at the beginning of default_domain 136 1371999-12-12 Assar Westerlund <assar@sics.se> 138 139 * Release 0.2f 140 1411999-12-12 Assar Westerlund <assar@sics.se> 142 143 * lib/krb5/Makefile.am: bump version to 6:1:1 144 145 * lib/krb5/changepw.c (get_kdc_address): use 146 `krb5_get_krb_changepw_hst' 147 148 * lib/krb5/krbhst.c (krb5_get_krb_changepw_hst): add 149 150 * lib/krb5/get_host_realm.c: add support for _kerberos.domain 151 (according to draft-ietf-cat-krb-dns-locate-01.txt) 152 1531999-12-06 Assar Westerlund <assar@sics.se> 154 155 * Release 0.2e 156 1571999-12-06 Assar Westerlund <assar@sics.se> 158 159 * lib/krb5/changepw.c (krb5_change_password): use the correct 160 address 161 162 * lib/krb5/Makefile.am: bump version to 6:0:1 163 164 * lib/asn1/Makefile.am: bump version to 1:4:0 165 1661999-12-04 Assar Westerlund <assar@sics.se> 167 168 * configure.in: move AC_KRB_IPv6 to make sure it's performed 169 before AC_BROKEN 170 (el_init): use new feature of AC_FIND_FUNC_NO_LIBS 171 172 * appl/test/uu_client.c: use client_doit 173 * appl/test/test_locl.h (client_doit): add prototype 174 * appl/test/tcp_client.c: use client_doit 175 * appl/test/nt_gss_client.c: use client_doit 176 * appl/test/gssapi_client.c: use client_doit 177 * appl/test/common.c (client_doit): move identical code here and 178 start using getaddrinfo 179 180 * appl/kf/kf.c (doit): rewrite to use getaddrinfo 181 * kdc/hprop.c: re-write to use getaddrinfo 182 * lib/krb5/principal.c (krb5_sname_to_principal): use getaddrinfo 183 * lib/krb5/expand_hostname.c (krb5_expand_hostname): use 184 getaddrinfo 185 * lib/krb5/changepw.c: re-write to use getaddrinfo 186 * lib/krb5/addr_families.c (krb5_parse_address): use getaddrinfo 187 1881999-12-03 Assar Westerlund <assar@sics.se> 189 190 * configure.in (BROKEN): check for freeaddrinfo, getaddrinfo, 191 getnameinfo, gai_strerror 192 (socklen_t): check for 193 1941999-11-23 Assar Westerlund <assar@sics.se> 195 196 * lib/krb5/crypto.c (ARCFOUR_string_to_key): change order of bytes 197 within unicode characters. this should probably be done in some 198 arbitrarly complex way to do it properly and you would have to 199 know what character encoding was used for the password and salt 200 string. 201 202 * lib/krb5/addr_families.c (ipv4_uninteresting): ignore 0.0.0.0 203 (INADDR_ANY) 204 (ipv6_uninteresting): remove unused macro 205 2061999-11-22 Johan Danielsson <joda@pdc.kth.se> 207 208 * lib/krb5/krb5.h: rc4->arcfour 209 210 * lib/krb5/crypto.c: rc4->arcfour 211 2121999-11-17 Assar Westerlund <assar@sics.se> 213 214 * lib/krb5/krb5_locl.h: add <rc4.h> 215 * lib/krb5/krb5.h (krb5_keytype): add KEYTYPE_RC4 216 * lib/krb5/crypto.c: some code for doing RC4/MD5/HMAC which might 217 not be totally different from some small company up in the 218 north-west corner of the US 219 220 * lib/krb5/get_addrs.c (find_all_addresses): change code to 221 actually increment buf_size 222 2231999-11-14 Assar Westerlund <assar@sics.se> 224 225 * lib/krb5/krb5.h (krb5_context_data): add `scan_interfaces' 226 * lib/krb5/get_addrs.c (krb5_get_all_client_addrs): make interaces 227 scanning optional 228 * lib/krb5/context.c (init_context_from_config_file): set 229 `scan_interfaces' 230 231 * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add add_et_list.c 232 * lib/krb5/add_et_list.c (krb5_add_et_list): new function 233 2341999-11-12 Assar Westerlund <assar@sics.se> 235 236 * lib/krb5/get_default_realm.c (krb5_get_default_realm, 237 krb5_get_default_realms): set realms if they were unset 238 * lib/krb5/context.c (init_context_from_config_file): don't 239 initialize default realms here. it's done lazily instead. 240 241 * lib/krb5/krb5.h (KRB5_TC_*): make constants unsigned 242 * lib/asn1/gen_glue.c (generate_2int, generate_units): make sure 243 bit constants are unsigned 244 * lib/asn1/gen.c (define_type): make length in sequences be 245 unsigned. 246 247 * configure.in: remove duplicate test for setsockopt test for 248 struct tm.tm_isdst 249 250 * lib/krb5/get_in_tkt.c (krb5_get_in_cred): generate 251 preauthentication information if we get back ERR_PREAUTH_REQUIRED 252 * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): remove 253 preauthentication generation code. it's now in krb5_get_in_cred 254 255 * configure.in (AC_BROKEN_SNPRINTF): add strptime check for struct 256 tm.tm_gmtoff and timezone 257 2581999-11-11 Johan Danielsson <joda@pdc.kth.se> 259 260 * kdc/main.c: make this work with multi-db 261 262 * kdc/kdc_locl.h: make this work with multi-db 263 264 * kdc/config.c: make this work with multi-db 265 2661999-11-09 Johan Danielsson <joda@pdc.kth.se> 267 268 * kdc/misc.c: update for multi-database code 269 270 * kdc/main.c: update for multi-database code 271 272 * kdc/kdc_locl.h: update 273 274 * kdc/config.c: allow us to have more than one database 275 2761999-11-04 Assar Westerlund <assar@sics.se> 277 278 * Release 0.2d 279 280 * lib/krb5/Makefile.am: bump version to 5:0:0 to be safe 281 (krb5_context_data has changed and some code do (might) access 282 fields directly) 283 284 * lib/krb5/krb5.h (krb5_context_data): add `etypes_des' 285 286 * lib/krb5/get_cred.c (init_tgs_req): use 287 krb5_keytype_to_enctypes_default 288 289 * lib/krb5/crypto.c (krb5_keytype_to_enctypes_default): new 290 function 291 292 * lib/krb5/context.c (set_etypes): new function 293 (init_context_from_config_file): set both `etypes' and `etypes_des' 294 2951999-11-02 Assar Westerlund <assar@sics.se> 296 297 * configure.in (VERSION): bump to 0.2d-pre 298 2991999-10-29 Assar Westerlund <assar@sics.se> 300 301 * lib/krb5/principal.c (krb5_parse_name): check memory allocations 302 3031999-10-28 Assar Westerlund <assar@sics.se> 304 305 * Release 0.2c 306 307 * lib/krb5/dump_config.c (print_tree): check for empty tree 308 309 * lib/krb5/string-to-key-test.c (tests): update the test cases 310 with empty principals so that they actually use an empty realm and 311 not the default. use the correct etype for 3DES 312 313 * lib/krb5/Makefile.am: bump version to 4:1:0 314 315 * kdc/config.c (configure): more careful with the port string 316 3171999-10-26 Assar Westerlund <assar@sics.se> 318 319 * Release 0.2b 320 3211999-10-20 Assar Westerlund <assar@sics.se> 322 323 * lib/krb5/Makefile.am: bump version to 4:0:0 324 (krb524_convert_creds_kdc and potentially some other functions 325 have changed prototypes) 326 327 * lib/hdb/Makefile.am: bump version to 4:0:1 328 329 * lib/asn1/Makefile.am: bump version to 1:3:0 330 331 * configure.in (LIB_roken): add dbopen. getcap in roken 332 references dbopen and with shared libraries we need to add this 333 dependency. 334 335 * lib/krb5/verify_krb5_conf.c (main): support speicifying the 336 configuration file to test on the command line 337 338 * lib/krb5/config_file.c (parse_binding): handle line with no 339 whitespace before = 340 (krb5_config_parse_file_debug): set lineno earlier so that we don't 341 use it unitialized 342 343 * configure.in (AM_INIT_AUTOMAKE): bump to 0.2b-pre opt*: need 344 more include files for these tests 345 346 * lib/krb5/set_default_realm.c (krb5_set_default_realm): use 347 krb5_config_get_strings, which means that your configuration file 348 should look like: 349 350 [libdefaults] 351 default_realm = realm1 realm2 realm3 352 353 * lib/krb5/set_default_realm.c (config_binding_to_list): fix 354 copy-o. From Michal Vocu <michal@karlin.mff.cuni.cz> 355 356 * kdc/config.c (configure): add a missing strdup. From Michal 357 Vocu <michal@karlin.mff.cuni.cz> 358 3591999-10-17 Assar Westerlund <assar@sics.se> 360 361 * Release 0.2a 362 363 * configure.in: only test for db.h with using berkeley_db. remember 364 to link with LIB_tgetent when checking for el_init. add xnlock 365 366 * appl/Makefile.am: add xnlock 367 368 * kdc/kerberos5.c (find_etype): support null keys 369 370 * kdc/kerberos4.c (get_des_key): support null keys 371 372 * lib/krb5/crypto.c (krb5_get_wrapped_length): more correct 373 calculation 374 3751999-10-16 Johan Danielsson <joda@pdc.kth.se> 376 377 * kuser/kinit.c (main): pass ccache to krb524_convert_creds_kdc 378 3791999-10-12 Johan Danielsson <joda@pdc.kth.se> 380 381 * lib/krb5/crypto.c (krb5_enctype_to_keytype): remove warning 382 3831999-10-10 Assar Westerlund <assar@sics.se> 384 385 * lib/krb5/mk_req.c (krb5_mk_req): use krb5_free_host_realm 386 387 * lib/krb5/krb5.h (krb5_ccache_data): make `ops' const 388 389 * lib/krb5/crypto.c (krb5_string_to_salttype): new function 390 391 * **/*.[ch]: const-ize 392 3931999-10-06 Assar Westerlund <assar@sics.se> 394 395 * lib/krb5/creds.c (krb5_compare_creds): const-ify 396 397 * lib/krb5/cache.c: clean-up and comment-up 398 399 * lib/krb5/copy_host_realm.c (krb5_copy_host_realm): copy all the 400 strings 401 402 * lib/krb5/verify_user.c (krb5_verify_user_lrealm): free the 403 correct realm part 404 405 * kdc/connect.c (handle_tcp): things work much better when ret is 406 initialized 407 4081999-10-03 Assar Westerlund <assar@sics.se> 409 410 * lib/krb5/convert_creds.c (krb524_convert_creds_kdc): look at the 411 type of the session key 412 413 * lib/krb5/crypto.c (krb5_enctypes_compatible_keys): spell 414 correctly 415 416 * lib/krb5/creds.c (krb5_compare_creds): fix spelling of 417 krb5_enctypes_compatible_keys 418 419 * lib/krb5/convert_creds.c (krb524_convert_creds_kdc): get new 420 credentials from the KDC if the existing one doesn't have a DES 421 session key. 422 423 * lib/45/get_ad_tkt.c (get_ad_tkt): update to new 424 krb524_convert_creds_kdc 425 4261999-10-03 Johan Danielsson <joda@pdc.kth.se> 427 428 * lib/krb5/keytab_keyfile.c: make krb5_akf_ops const 429 430 * lib/krb5/keytab_memory.c: make krb5_mkt_ops const 431 432 * lib/krb5/keytab_file.c: make krb5_fkt_ops const 433 4341999-10-01 Assar Westerlund <assar@sics.se> 435 436 * lib/krb5/config_file.c: rewritten to allow error messages 437 438 * lib/krb5/Makefile.am (bin_PROGRAMS): add verify_krb5_conf 439 (libkrb5_la_SOURCES): add config_file_netinfo.c 440 441 * lib/krb5/verify_krb5_conf.c: new program for verifying that 442 krb5.conf is corret 443 444 * lib/krb5/config_file_netinfo.c: moved netinfo code here from 445 config_file.c 446 4471999-09-28 Assar Westerlund <assar@sics.se> 448 449 * kdc/hpropd.c (dump_krb4): kludge default_realm 450 451 * lib/asn1/check-der.c: add test cases for Generalized time and 452 make sure we return the correct value 453 454 * lib/asn1/der_put.c: simplify by using der_put_length_and_tag 455 456 * lib/krb5/verify_user.c (krb5_verify_user_lrealm): ariant of 457 krb5_verify_user that tries in all the local realms 458 459 * lib/krb5/set_default_realm.c: add support for having several 460 default realms 461 462 * lib/krb5/kuserok.c (krb5_kuserok): use `krb5_get_default_realms' 463 464 * lib/krb5/get_default_realm.c (krb5_get_default_realms): add 465 466 * lib/krb5/krb5.h (krb5_context_data): change `default_realm' to 467 `default_realms' 468 469 * lib/krb5/context.c: change from `default_realm' to 470 `default_realms' 471 472 * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): use 473 krb5_get_default_realms 474 475 * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add copy_host_realm.c 476 477 * lib/krb5/copy_host_realm.c: new file 478 4791999-09-27 Johan Danielsson <joda@pdc.kth.se> 480 481 * lib/asn1/der_put.c (encode_generalized_time): encode length 482 483 * lib/krb5/recvauth.c: new function `krb5_recvauth_match_version' 484 that allows more intelligent matching of the application version 485 4861999-09-26 Assar Westerlund <assar@sics.se> 487 488 * lib/asn1/asn1_print.c: add err.h 489 490 * kdc/config.c (configure): use parse_bytes 491 492 * appl/test/nt_gss_common.c: use the correct header file 493 4941999-09-24 Johan Danielsson <joda@pdc.kth.se> 495 496 * kuser/klist.c: add a `--cache' flag 497 498 * kuser/kinit.c (main): only get default value for `get_v4_tgt' if 499 it's explicitly set in krb5.conf 500 5011999-09-23 Assar Westerlund <assar@sics.se> 502 503 * lib/asn1/asn1_print.c (tag_names); add another univeral tag 504 505 * lib/asn1/der.h: update universal tags 506 5071999-09-22 Assar Westerlund <assar@sics.se> 508 509 * lib/asn1/asn1_print.c (loop): print length of octet string 510 5111999-09-21 Johan Danielsson <joda@pdc.kth.se> 512 513 * admin/ktutil.c (kt_get): add `--help' 514 5151999-09-21 Assar Westerlund <assar@sics.se> 516 517 * kuser/Makefile.am: add kdecode_ticket 518 519 * kuser/kdecode_ticket.c: new debug program 520 521 * appl/test/nt_gss_server.c: new program to test against `Sample * 522 SSPI Code' in Windows 2000 RC1 SDK. 523 524 * appl/test/Makefile.am: add nt_gss_client and nt_gss_server 525 526 * lib/asn1/der_get.c (decode_general_string): remember to advance 527 ret over the length-len 528 529 * lib/asn1/Makefile.am: add asn1_print 530 531 * lib/asn1/asn1_print.c: new program for printing DER-structures 532 533 * lib/asn1/der_put.c: make functions more consistent 534 535 * lib/asn1/der_get.c: make functions more consistent 536 5371999-09-20 Johan Danielsson <joda@pdc.kth.se> 538 539 * kdc/kerberos5.c: be more informative in pa-data error messages 540 5411999-09-16 Assar Westerlund <assar@sics.se> 542 543 * configure.in: test for strlcpy, strlcat 544 5451999-09-14 Assar Westerlund <assar@sics.se> 546 547 * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): return 548 KRB5_LIBOS_PWDINTR when interrupted 549 550 * lib/krb5/get_in_tkt_pw.c (krb5_password_key_proc): check return 551 value from des_read_pw_string 552 553 * kuser/kinit.c (main): don't print any error if reading the 554 password was interrupted 555 556 * kpasswd/kpasswd.c (main): don't print any error if reading the 557 password was interrupted 558 559 * kdc/string2key.c (main): check the return value from fgets 560 561 * kdc/kstash.c (main): check return value from des_read_pw_string 562 563 * admin/ktutil.c (kt_add): check the return-value from fgets and 564 overwrite the password for paranoid reasons 565 566 * lib/krb5/keytab_keyfile.c (get_cell_and_realm): only remove the 567 newline if it's there 568 5691999-09-13 Assar Westerlund <assar@sics.se> 570 571 * kdc/hpropd.c (main): remove bogus error with `--print'. remove 572 sysloging of number of principals transferred 573 574 * kdc/hprop.c (ka_convert): set flags correctly for krbtgt/CELL 575 principals 576 (main): get rid of bogus opening of hdb database when propagating 577 ka-server database 578 5791999-09-12 Assar Westerlund <assar@sics.se> 580 581 * lib/krb5/krb5_locl.h (O_BINARY): add fallback definition 582 583 * lib/krb5/krb5.h (krb5_context_data): add keytab types 584 585 * configure.in: revert back awk test, not worked around in 586 roken.awk 587 588 * lib/krb5/keytab_krb4.c: remove O_BINARY 589 590 * lib/krb5/keytab_keyfile.c: some support for AFS KeyFile's. From 591 Love <lha@e.kth.se> 592 593 * lib/krb5/keytab_file.c: remove O_BINARY 594 595 * lib/krb5/keytab.c: move the list of keytab types to the context 596 597 * lib/krb5/fcache.c: remove O_BINARY 598 599 * lib/krb5/context.c (init_context_from_config_file): register all 600 standard cache and keytab types 601 (krb5_free_context): free `kt_types' 602 603 * lib/krb5/cache.c (krb5_cc_resolve): move the registration of the 604 standard types of credential caches to context 605 606 * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add keytab_keyfile.c 607 6081999-09-10 Assar Westerlund <assar@sics.se> 609 610 * lib/krb5/keytab.c: add comments and clean-up 611 612 * admin/ktutil.c: add `ktutil copy' 613 614 * lib/krb5/keytab_krb4.c: new file 615 616 * lib/krb5/krb5.h (krb5_kt_cursor): add a `data' field 617 618 * lib/krb5/Makefile.am: add keytab_krb4.c 619 620 * lib/krb5/keytab.c: add krb4 and correct some if's 621 622 * admin/srvconvert.c (srvconv): move common code 623 624 * lib/krb5/krb5.h (krb5_fkt_ops, krb5_mkt_ops): new variables 625 626 * lib/krb5/keytab.c: move out file and memory functions 627 628 * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add keytab_file.c, 629 keytab_memory.c 630 631 * lib/krb5/keytab_memory.c: new file 632 633 * lib/krb5/keytab_file.c: new file 634 635 * kpasswd/kpasswdd.c: move out password quality functions 636 6371999-09-07 Assar Westerlund <assar@sics.se> 638 639 * lib/hdb/Makefile.am (libhdb_la_SOURCES): add keytab.c. From 640 Love <lha@e.kth.se> 641 642 * lib/krb5/convert_creds.c (krb524_convert_creds_kdc): check 643 return value from `krb5_sendto_kdc' 644 6451999-09-06 Assar Westerlund <assar@sics.se> 646 647 * lib/krb5/send_to_kdc.c (send_and_recv): rename to recv_loop and 648 remove the sending of data. add a parameter `limit'. let callers 649 send the date themselves (and preferably with net_write on tcp 650 sockets) 651 (send_and_recv_tcp): read first the length field and then only that 652 many bytes 653 6541999-09-05 Assar Westerlund <assar@sics.se> 655 656 * kdc/connect.c (handle_tcp): try to print warning `TCP data of 657 strange type' less often 658 659 * lib/krb5/send_to_kdc.c (send_and_recv): handle EINTR properly. 660 return on EOF. always free data. check return value from 661 realloc. 662 (send_and_recv_tcp, send_and_recv_http): check advertised length 663 against actual length 664 6651999-09-01 Johan Danielsson <joda@pdc.kth.se> 666 667 * configure.in: check for sgi capabilities 668 6691999-08-27 Johan Danielsson <joda@pdc.kth.se> 670 671 * lib/krb5/get_addrs.c: krb5_get_all_server_addrs shouldn't return 672 extra addresses 673 674 * kpasswd/kpasswdd.c: use HDB keytabs; change some error messages; 675 add --realm flag 676 677 * lib/krb5/address.c (krb5_append_addresses): remove duplicates 678 6791999-08-26 Johan Danielsson <joda@pdc.kth.se> 680 681 * lib/hdb/keytab.c: HDB keytab backend 682 6831999-08-25 Johan Danielsson <joda@pdc.kth.se> 684 685 * lib/krb5/keytab.c 686 (krb5_kt_{start_seq_get,next_entry,end_seq_get}): check for NULL 687 pointer 688 6891999-08-24 Johan Danielsson <joda@pdc.kth.se> 690 691 * kpasswd/kpasswdd.c: add `--keytab' flag 692 6931999-08-23 Assar Westerlund <assar@sics.se> 694 695 * lib/krb5/addr_families.c (IN6_ADDR_V6_TO_V4): use `s6_addr' 696 instead of the non-standard `s6_addr32'. From Yoshinobu Inoue 697 <shin@kame.net> by way of the KAME repository 698 6991999-08-18 Assar Westerlund <assar@sics.se> 700 701 * configure.in (--enable-new-des3-code): remove check for `struct 702 addrinfo' 703 704 * lib/krb5/crypto.c (etypes): remove NEW_DES3_CODE, enable 705 des3-cbc-sha1 and keep old-des3-cbc-sha1 for backwards 706 compatability 707 708 * lib/krb5/krb5.h (krb5_enctype): des3-cbc-sha1 (with key 709 derivation) just got assigned etype 16 by <bcn@isi.edu>. keep the 710 old etype at 7. 711 7121999-08-16 Assar Westerlund <assar@sics.se> 713 714 * lib/krb5/sendauth.c (krb5_sendauth): only look at errno if 715 krb5_net_read actually returns -1 716 717 * lib/krb5/recvauth.c (krb5_recvauth): only look at errno if 718 krb5_net_read actually returns -1 719 720 * appl/kf/kf.c (proto): don't trust errno if krb5_net_read hasn't 721 returned -1 722 723 * appl/test/tcp_server.c (proto): only trust errno if 724 krb5_net_read actually returns -1 725 726 * appl/kf/kfd.c (proto): be more careful with the return value 727 from krb5_net_read 728 7291999-08-13 Assar Westerlund <assar@sics.se> 730 731 * lib/krb5/get_addrs.c (get_addrs_int): try the different ways 732 sequentially instead of just one. this helps if your heimdal was 733 built with v6-support but your kernel doesn't have it, for 734 example. 735 7361999-08-12 Assar Westerlund <assar@sics.se> 737 738 * kdc/hpropd.c: add inetd flag. default means try to figure out 739 if stdin is a socket or not. 740 741 * Makefile.am (ACLOCAL): just use `cf', this variable is only used 742 when the current directory is $(top_srcdir) anyways and having 743 $(top_srcdir) there breaks if it's a relative path 744 7451999-08-09 Johan Danielsson <joda@pdc.kth.se> 746 747 * configure.in: check for setproctitle 748 7491999-08-05 Assar Westerlund <assar@sics.se> 750 751 * lib/krb5/principal.c (krb5_sname_to_principal): remember to call 752 freehostent 753 754 * appl/test/tcp_client.c: call freehostent 755 756 * appl/kf/kf.c (doit): call freehostent 757 758 * appl/kf/kf.c: make v6 friendly and simplify 759 760 * appl/kf/kfd.c: make v6 friendly and simplify 761 762 * appl/test/tcp_server.c: simplify by using krb5_err instead of 763 errx 764 765 * appl/test/tcp_client.c: simplify by using krb5_err instead of 766 errx 767 768 * appl/test/tcp_server.c: make v6 friendly and simplify 769 770 * appl/test/tcp_client.c: make v6 friendly and simplify 771 7721999-08-04 Assar Westerlund <assar@sics.se> 773 774 * Release 0.1m 775 7761999-08-04 Assar Westerlund <assar@sics.se> 777 778 * kuser/kinit.c (main): some more KRB4-conditionalizing 779 780 * lib/krb5/get_in_tkt.c: type correctness 781 782 * lib/krb5/get_for_creds.c (krb5_fwd_tgs_creds): set forwarded in 783 flags. From Miroslav Ruda <ruda@ics.muni.cz> 784 785 * kuser/kinit.c (main): add config file support for forwardable 786 and krb4 support. From Miroslav Ruda <ruda@ics.muni.cz> 787 788 * kdc/kerberos5.c (as_rep): add an empty X500-compress string as 789 transited. 790 (fix_transited_encoding): check length. 791 From Miroslav Ruda <ruda@ics.muni.cz> 792 793 * kdc/hpropd.c (dump_krb4): check the realm so that we don't dump 794 principals in some other realm. From Miroslav Ruda 795 <ruda@ics.muni.cz> 796 (main): rename sa_len -> sin_len, sa_lan is a define on some 797 platforms. 798 799 * appl/kf/kfd.c: add regpag support. From Miroslav Ruda 800 <ruda@ics.muni.cz> 801 802 * appl/kf/kf.c: add `-G' and forwardable option in krb5.conf. 803 From Miroslav Ruda <ruda@ics.muni.cz> 804 805 * lib/krb5/config_file.c (parse_list): don't run past end of line 806 807 * appl/test/gss_common.h: new prototypes 808 809 * appl/test/gssapi_client.c: use gss_err instead of abort 810 811 * appl/test/gss_common.c (gss_verr, gss_err): add 812 8131999-08-03 Assar Westerlund <assar@sics.se> 814 815 * lib/krb5/Makefile.am (n_fold_test_LDADD): need to set this 816 otherwise it doesn't build with shared libraries 817 818 * kdc/hpropd.c: v6-ify 819 820 * kdc/hprop.c: v6-ify 821 8221999-08-01 Assar Westerlund <assar@sics.se> 823 824 * lib/krb5/mk_req.c (krb5_mk_req): use krb5_expand_hostname 825 8261999-07-31 Assar Westerlund <assar@sics.se> 827 828 * lib/krb5/get_host_realm.c (krb5_get_host_realm_int): new 829 function that takes a FQDN 830 831 * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add exapnd_hostname.c 832 833 * lib/krb5/expand_hostname.c: new file 834 8351999-07-28 Assar Westerlund <assar@sics.se> 836 837 * Release 0.1l 838 8391999-07-28 Assar Westerlund <assar@sics.se> 840 841 * lib/asn1/Makefile.am: bump version to 1:2:0 842 843 * lib/krb5/Makefile.am: bump version to 3:1:0 844 845 * configure.in: more inet_pton to roken 846 847 * lib/krb5/principal.c (krb5_sname_to_principal): use 848 getipnodebyname 849 8501999-07-26 Assar Westerlund <assar@sics.se> 851 852 * Release 0.1k 853 8541999-07-26 Johan Danielsson <joda@pdc.kth.se> 855 856 * lib/krb5/Makefile.am: bump version number (changed function 857 signatures) 858 859 * lib/hdb/Makefile.am: bump version number (changes to some 860 function signatures) 861 8621999-07-26 Assar Westerlund <assar@sics.se> 863 864 * lib/krb5/Makefile.am: bump version to 3:0:2 865 866 * lib/hdb/Makefile.am: bump version to 2:1:0 867 868 * lib/asn1/Makefile.am: bump version to 1:1:0 869 8701999-07-26 Assar Westerlund <assar@sics.se> 871 872 * Release 0.1j 873 8741999-07-26 Assar Westerlund <assar@sics.se> 875 876 * configure.in: rokenize inet_ntop 877 878 * lib/krb5/store_fd.c: lots of changes from size_t to ssize_t 879 880 * lib/krb5/store_mem.c: lots of changes from size_t to ssize_t 881 882 * lib/krb5/store_emem.c: lots of changes from size_t to ssize_t 883 884 * lib/krb5/store.c: lots of changes from size_t to ssize_t 885 (krb5_ret_stringz): check return value from realloc 886 887 * lib/krb5/mk_safe.c: some type correctness 888 889 * lib/krb5/mk_priv.c: some type correctness 890 891 * lib/krb5/krb5.h (krb5_storage): change return values of 892 functions from size_t to ssize_t 893 8941999-07-24 Assar Westerlund <assar@sics.se> 895 896 * Release 0.1i 897 898 * configure.in (AC_PROG_AWK): disable. mawk seems to mishandle \# 899 in lib/roken/roken.awk 900 901 * lib/krb5/get_addrs.c (find_all_addresses): try to use SA_LEN to 902 step over addresses if there's no `sa_lan' field 903 904 * lib/krb5/sock_principal.c (krb5_sock_to_principal): simplify by 905 using `struct sockaddr_storage' 906 907 * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): simplify by using 908 `struct sockaddr_storage' 909 910 * lib/krb5/changepw.c (krb5_change_password): simplify by using 911 `struct sockaddr_storage' 912 913 * lib/krb5/auth_context.c (krb5_auth_con_setaddrs_from_fd): 914 simplify by using `struct sockaddr_storage' 915 916 * kpasswd/kpasswdd.c (*): simplify by using `struct 917 sockaddr_storage' 918 919 * kdc/connect.c (*): simplify by using `struct sockaddr_storage' 920 921 * configure.in (sa_family_t): just test for existence 922 (sockaddr_storage): also specify include file 923 924 * configure.in (AM_INIT_AUTOMAKE): bump version to 0.1i 925 (sa_family_t): test for 926 (struct sockaddr_storage): test for 927 928 * kdc/hprop.c (propagate_database): typo, NULL should be 929 auth_context 930 931 * lib/krb5/get_addrs.c: conditionalize on HAVE_IPV6 instead of 932 AF_INET6 933 934 * appl/kf/kf.c (main): use warnx 935 936 * appl/kf/kf.c (proto): remove shadowing context 937 938 * lib/krb5/get_addrs.c (find_all_addresses): try to handle the 939 case of getting back an `sockaddr_in6' address when sizeof(struct 940 sockaddr_in6) > sizeof(struct sockaddr) and we have no sa_len to 941 tell us how large the address is. This obviously doesn't work 942 with unknown protocol types. 943 9441999-07-24 Assar Westerlund <assar@sics.se> 945 946 * Release 0.1h 947 9481999-07-23 Assar Westerlund <assar@sics.se> 949 950 * appl/kf/kfd.c: clean-up and more paranoia 951 952 * etc/services.append: add kf 953 954 * appl/kf/kf.c: rename tk_file to ccache for consistency. clean-up 955 9561999-07-22 Assar Westerlund <assar@sics.se> 957 958 * lib/krb5/n-fold-test.c (main): print the correct data 959 960 * appl/Makefile.am (SUBDIRS): add kf 961 962 * appl/kf: new program. From Miroslav Ruda <ruda@ics.muni.cz> 963 964 * kdc/hprop.c: declare some variables unconditionally to simplify 965 things 966 967 * kpasswd/kpasswdd.c: initialize kadm5 connection for every change 968 (otherwise the modifier in the database doesn't get set) 969 970 * kdc/hpropd.c: clean-up and re-organize 971 972 * kdc/hprop.c: clean-up and re-organize 973 974 * configure.in (SunOS): define to xy for SunOS x.y 975 9761999-07-19 Assar Westerlund <assar@sics.se> 977 978 * configure.in (AC_BROKEN): test for copyhostent, freehostent, 979 getipnodebyaddr, getipnodebyname 980 9811999-07-15 Assar Westerlund <assar@sics.se> 982 983 * lib/asn1/check-der.c: more test cases for integers 984 985 * lib/asn1/der_length.c (length_int): handle the case of the 986 largest negative integer by not calling abs 987 9881999-07-14 Assar Westerlund <assar@sics.se> 989 990 * lib/asn1/check-der.c (generic_test): check malloc return value 991 properly 992 993 * lib/krb5/Makefile.am: add string_to_key_test 994 995 * lib/krb5/prog_setup.c (krb5_program_setup): always initialize 996 the context 997 998 * lib/krb5/n-fold-test.c (main): return a relevant return value 999 1000 * lib/krb5/krbhst.c: do SRV lookups for admin server as well. 1001 some clean-up. 1002 10031999-07-12 Assar Westerlund <assar@sics.se> 1004 1005 * configure.in: handle not building X programs 1006 10071999-07-06 Assar Westerlund <assar@sics.se> 1008 1009 * lib/krb5/addr_families.c (ipv6_parse_addr): remove duplicate 1010 variable 1011 (ipv6_sockaddr2port): fix typo 1012 1013 * etc/services.append: beginning of a file with services 1014 1015 * lib/krb5/cache.c (krb5_cc_resolve): fall-back to files if 1016 there's no prefix. also clean-up a little bit. 1017 1018 * kdc/hprop.c (--kaspecials): new flag for handling special KA 1019 server entries. From "Brandon S. Allbery KF8NH" 1020 <allbery@kf8nh.apk.net> 1021 10221999-07-05 Assar Westerlund <assar@sics.se> 1023 1024 * kdc/connect.c (handle_tcp): make sure we have data before 1025 starting to look for HTTP 1026 1027 * kdc/connect.c (handle_tcp): always do getpeername, we can't 1028 trust recvfrom to return anything sensible 1029 10301999-07-04 Assar Westerlund <assar@sics.se> 1031 1032 * lib/krb5/get_in_tkt.c (add_padat): encrypt pre-auth data with 1033 all enctypes 1034 1035 * kpasswd/kpasswdd.c (change): fetch the salt-type from the entry 1036 1037 * admin/srvconvert.c (srvconv): better error messages 1038 10391999-07-03 Assar Westerlund <assar@sics.se> 1040 1041 * lib/krb5/principal.c (unparse_name): error check malloc properly 1042 1043 * lib/krb5/get_in_tkt.c (krb5_init_etype): error check malloc 1044 properly 1045 1046 * lib/krb5/crypto.c (*): do some malloc return-value checks 1047 properly 1048 1049 * lib/hdb/hdb.c (hdb_process_master_key): simplify by using 1050 krb5_data_alloc 1051 1052 * lib/hdb/hdb.c (hdb_process_master_key): check return value from 1053 malloc 1054 1055 * lib/asn1/gen_decode.c (decode_type): fix generation of decoding 1056 information for TSequenceOf. 1057 1058 * kdc/kerberos5.c (get_pa_etype_info): check return value from 1059 malloc 1060 10611999-07-02 Assar Westerlund <assar@sics.se> 1062 1063 * lib/asn1/der_copy.c (copy_octet_string): don't fail if length == 1064 0 and malloc returns NULL 1065 10661999-06-29 Assar Westerlund <assar@sics.se> 1067 1068 * lib/krb5/addr_families.c (ipv6_parse_addr): implement 1069 10701999-06-24 Assar Westerlund <assar@sics.se> 1071 1072 * lib/krb5/rd_cred.c (krb5_rd_cred): compare the sender's address 1073 as an addrport one 1074 1075 * lib/krb5/krb5.h (KRB5_ADDRESS_ADDRPORT, KRB5_ADDRESS_IPPORT): 1076 add 1077 (krb5_auth_context): add local and remote port 1078 1079 * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): get the 1080 local and remote address and add them to the krb-cred packet 1081 1082 * lib/krb5/auth_context.c: save the local and remove ports in the 1083 auth_context 1084 1085 * lib/krb5/address.c (krb5_make_addrport): create an address of 1086 type KRB5_ADDRESS_ADDRPORT from (addr, port) 1087 1088 * lib/krb5/addr_families.c (krb5_sockaddr2port): new function for 1089 grabbing the port number out of the sockaddr 1090 10911999-06-23 Assar Westerlund <assar@sics.se> 1092 1093 * admin/srvcreate.c (srvcreate): always take the DES-CBC-MD5 key. 1094 increase possible verbosity. 1095 1096 * lib/krb5/config_file.c (parse_list): handle blank lines at 1097 another place 1098 1099 * kdc/connect.c (add_port_string): don't return a value 1100 1101 * lib/kadm5/init_c.c (get_cred_cache): you cannot reuse the cred 1102 cache if the principals are different. close and NULL the old one 1103 so that we create a new one. 1104 1105 * configure.in: move around cgywin et al 1106 (LIB_kdb): set at the end of krb4-block 1107 (krb4): test for krb_enable_debug and krb_disable_debug 1108 11091999-06-16 Assar Westerlund <assar@sics.se> 1110 1111 * kuser/kdestroy.c (main): try to destroy v4 ticket even if the 1112 destruction of the v5 one fails 1113 1114 * lib/krb5/crypto.c (DES3_postproc): new version that does the 1115 right thing 1116 (*): don't put and recover length in 3DES encoding 1117 other small fixes 1118 11191999-06-15 Assar Westerlund <assar@sics.se> 1120 1121 * lib/krb5/get_default_principal.c: rewrite to use 1122 get_default_username 1123 1124 * lib/krb5/Makefile.am: add n-fold-test 1125 1126 * kdc/connect.c: add fallbacks for all lookups by service name 1127 (handle_tcp): break-up and clean-up 1128 11291999-06-09 Assar Westerlund <assar@sics.se> 1130 1131 * lib/krb5/addr_families.c (ipv6_uninteresting): don't consider 1132 the loopback address as uninteresting 1133 1134 * lib/krb5/get_addrs.c: new magic flag to get loopback address if 1135 there are no other addresses. 1136 (krb5_get_all_client_addrs): use that flag 1137 11381999-06-04 Assar Westerlund <assar@sics.se> 1139 1140 * lib/krb5/crypto.c (HMAC_SHA1_DES3_checksum): don't include the 1141 length 1142 (checksum_sha1, checksum_hmac_sha1_des3): blocksize should be 64 1143 (encrypt_internal_derived): don't include the length and don't 1144 decrease by the checksum size twice 1145 (_get_derived_key): the constant should be 5 bytes 1146 11471999-06-02 Johan Danielsson <joda@pdc.kth.se> 1148 1149 * configure.in: use KRB_CHECK_X 1150 1151 * configure.in: check for netinet/ip.h 1152 11531999-05-31 Assar Westerlund <assar@sics.se> 1154 1155 * kpasswd/kpasswdd.c (setup_passwd_quality_check): conditionalize 1156 on RTLD_NOW 1157 11581999-05-23 Assar Westerlund <assar@sics.se> 1159 1160 * appl/test/uu_server.c: removed unused stuff 1161 1162 * appl/test/uu_client.c: removed unused stuff 1163 11641999-05-21 Assar Westerlund <assar@sics.se> 1165 1166 * kuser/kgetcred.c (main): correct error message 1167 1168 * lib/krb5/crypto.c (verify_checksum): call (*ct->checksum) 1169 directly, avoiding redundant lookups and memory leaks 1170 1171 * lib/krb5/auth_context.c (krb5_auth_con_setaddrs_from_fd): free 1172 local and remote addresses 1173 1174 * lib/krb5/get_default_principal.c (get_logname): also try 1175 $USERNAME 1176 1177 * lib/asn1/Makefile.am (asn1_files): add $(EXEEXT) 1178 1179 * lib/krb5/principal.c (USE_RESOLVER): try to define only if we 1180 have a libresolv (currently by checking for res_search) 1181 11821999-05-18 Johan Danielsson <joda@pdc.kth.se> 1183 1184 * kdc/connect.c (handle_tcp): remove %-escapes in request 1185 11861999-05-14 Assar Westerlund <assar@sics.se> 1187 1188 * Release 0.1g 1189 1190 * admin/ktutil.c (kt_remove): -t should be -e 1191 1192 * configure.in (CHECK_NETINET_IP_AND_TCP): use 1193 1194 * kdc/hpropd.c: support for dumping to krb4. From Miroslav Ruda 1195 <ruda@ics.muni.cz> 1196 1197 * admin/ktutil.c (kt_add): new option `--no-salt'. From Miroslav 1198 Ruda <ruda@ics.muni.cz> 1199 1200 * configure.in: add cygwin and DOS tests replace sendmsg, recvmsg, 1201 and innetgr with roken versions 1202 1203 * kuser/kgetcred.c: new program 1204 1205Tue May 11 14:09:33 1999 Johan Danielsson <joda@pdc.kth.se> 1206 1207 * lib/krb5/mcache.c: fix paste-o 1208 12091999-05-10 Johan Danielsson <joda@pdc.kth.se> 1210 1211 * configure.in: don't use uname 1212 12131999-05-10 Assar Westerlund <assar@sics.se> 1214 1215 * acconfig.h (KRB_PUT_INT): if we don't have KRB4 use four 1216 arguments :-) 1217 1218 * appl/test/uu_server.c (setsockopt): cast to get rid of a warning 1219 1220 * appl/test/tcp_server.c (setsockopt): cast to get rid of a 1221 warning 1222 1223 * appl/test/tcp_client.c (proto): call krb5_sendauth with ccache 1224 == NULL 1225 1226 * appl/test/gssapi_server.c (setsockopt): cast to get rid of a 1227 warning 1228 1229 * lib/krb5/sendauth.c (krb5_sendauth): handle ccache == NULL by 1230 setting the default ccache. 1231 1232 * configure.in (getsockopt, setsockopt): test for 1233 (AM_INIT_AUTOMAKE): bump version to 0.1g 1234 1235 * appl/Makefile.am (SUBDIRS): add kx 1236 1237 * lib/hdb/convert_db.c (main): handle the case of no master key 1238 12391999-05-09 Assar Westerlund <assar@sics.se> 1240 1241 * Release 0.1f 1242 1243 * kuser/kinit.c: add --noaddresses 1244 1245 * lib/krb5/get_in_tkt.c (init_as_req): interpret `addrs' being an 1246 empty sit of list as to not ask for any addresses. 1247 12481999-05-08 Assar Westerlund <assar@sics.se> 1249 1250 * acconfig.h (_GNU_SOURCE): define this to enable (used) 1251 extensions on glibc-based systems such as linux 1252 12531999-05-03 Assar Westerlund <assar@sics.se> 1254 1255 * lib/krb5/get_cred.c (get_cred_from_kdc_flags): allocate and free 1256 `*out_creds' properly 1257 1258 * lib/krb5/creds.c (krb5_compare_creds): just verify that the 1259 keytypes/enctypes are compatible, not that they are the same 1260 1261 * kuser/kdestroy.c (cache): const-correctness 1262 12631999-05-03 Johan Danielsson <joda@pdc.kth.se> 1264 1265 * lib/hdb/hdb.c (hdb_set_master_key): initialise master key 1266 version 1267 1268 * lib/hdb/convert_db.c: add support for upgrading database 1269 versions 1270 1271 * kdc/misc.c: add flags to fetch 1272 1273 * kdc/kstash.c: unlink keyfile on failure, chmod to 400 1274 1275 * kdc/hpropd.c: add --print option 1276 1277 * kdc/hprop.c: pass flags to hdb_foreach 1278 1279 * lib/hdb/convert_db.c: add some flags 1280 1281 * lib/hdb/Makefile.am: remove extra LDFLAGS, update version to 2; 1282 build prototype headers 1283 1284 * lib/hdb/hdb_locl.h: update prototypes 1285 1286 * lib/hdb/print.c: move printable version of entry from kadmin 1287 1288 * lib/hdb/hdb.c: change hdb_{seal,unseal}_* to check if the key is 1289 sealed or not; add flags to hdb_foreach 1290 1291 * lib/hdb/ndbm.c: add flags to NDBM_seq, NDBM_firstkey, and 1292 NDBM_nextkey 1293 1294 * lib/hdb/db.c: add flags to DB_seq, DB_firstkey, and DB_nextkey 1295 1296 * lib/hdb/common.c: add flags to _hdb_{fetch,store} 1297 1298 * lib/hdb/hdb.h: add master_key_version to struct hdb, update 1299 prototypes 1300 1301 * lib/hdb/hdb.asn1: make mkvno optional, update version to 2 1302 1303 * configure.in: --enable-netinfo 1304 1305 * lib/krb5/config_file.c: HAVE_NETINFO_NI_H -> HAVE_NETINFO 1306 1307 * config.sub: fix for crays 1308 1309 * config.guess: new version from automake 1.4 1310 1311 * config.sub: new version from automake 1.4 1312 1313Wed Apr 28 00:21:17 1999 Assar Westerlund <assar@sics.se> 1314 1315 * Release 0.1e 1316 1317 * lib/krb5/mcache.c (mcc_get_next): get the current cursor 1318 correctly 1319 1320 * acconfig.h: correct definition of KRB_PUT_INT for old krb4 code. 1321 From Ake Sandgren <ake@cs.umu.se> 1322 13231999-04-27 Johan Danielsson <joda@pdc.kth.se> 1324 1325 * kdc/kerberos5.c: fix arguments to decrypt_ticket 1326 13271999-04-25 Assar Westerlund <assar@sics.se> 1328 1329 * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): try to handle old 1330 DCE secd's that are not able to handle MD5 checksums by defaulting 1331 to MD4 if the keytype was DES-CBC-CRC 1332 1333 * lib/krb5/mk_req.c (krb5_mk_req): use auth_context->keytype 1334 1335 * lib/krb5/krb5.h (krb5_auth_context_data): add `keytype' and 1336 `cksumtype' 1337 1338 * lib/krb5/get_cred.c (make_pa_tgs_req): remove old kludge for 1339 secd 1340 (init_tgs_req): add all supported enctypes for the keytype in 1341 `in_creds->session.keytype' if it's set 1342 1343 * lib/krb5/crypto.c (F_PSEUDO): new flag for non-protocol 1344 encryption types 1345 (do_checksum): new function 1346 (verify_checksum): take the checksum to use from the checksum message 1347 and not from the crypto struct 1348 (etypes): add F_PSEUDO flags 1349 (krb5_keytype_to_enctypes): new function 1350 1351 * lib/krb5/auth_context.c (krb5_auth_con_init): initalize keytype 1352 and cksumtype 1353 (krb5_auth_setcksumtype, krb5_auth_getcksumtype): implement 1354 (krb5_auth_setkeytype, krb5_auth_getkeytype): implement 1355 (krb5_auth_setenctype): comment out, it's rather bogus anyway 1356 1357Sun Apr 25 16:55:50 1999 Johan Danielsson <joda@pdc.kth.se> 1358 1359 * lib/krb5/krb5_locl.h: fix for stupid aix warnings 1360 1361 * lib/krb5/fcache.c (erase_file): don't malloc 1362 1363Sat Apr 24 18:35:21 1999 Johan Danielsson <joda@pdc.kth.se> 1364 1365 * kdc/config.c: pass context to krb5_config_file_free 1366 1367 * kuser/kinit.c: add `--fcache-version' to set cache version to 1368 create 1369 1370 * kuser/klist.c: print cache version if verbose 1371 1372 * lib/krb5/transited.c (krb5_domain_x500_decode): don't abort 1373 1374 * lib/krb5/principal.c: abort -> krb5_abortx 1375 1376 * lib/krb5/mk_rep.c: abort -> krb5_abortx 1377 1378 * lib/krb5/config_file.c: abort -> krb5_abortx 1379 1380 * lib/krb5/context.c (init_context_from_config_file): init 1381 fcache_version; add krb5_{get,set}_fcache_version 1382 1383 * lib/krb5/keytab.c: add support for reading (and writing?) old 1384 version keytabs 1385 1386 * lib/krb5/cache.c: add krb5_cc_get_version 1387 1388 * lib/krb5/fcache.c: add support for reading and writing old 1389 version cache files 1390 1391 * lib/krb5/store_mem.c (krb5_storage_from_mem): zero flags 1392 1393 * lib/krb5/store_emem.c (krb5_storage_emem): zero flags 1394 1395 * lib/krb5/store_fd.c (krb5_storage_from_fd): zero flags 1396 1397 * lib/krb5/store.c: add flags to change how various fields are 1398 stored, used for old cache version support 1399 1400 * lib/krb5/krb5.h: add support for reading and writing old version 1401 cache files, and keytabs 1402 1403Wed Apr 21 00:09:26 1999 Assar Westerlund <assar@sics.se> 1404 1405 * configure.in: fix test for readline.h remember to link with 1406 $LIB_tgetent when trying linking with readline 1407 1408 * lib/krb5/init_creds_pw.c (get_init_creds_common): if start_time 1409 is given, request a postdated ticket. 1410 1411 * lib/krb5/data.c (krb5_data_free): free data as long as it's not 1412 NULL 1413 1414Tue Apr 20 20:18:14 1999 Assar Westerlund <assar@sics.se> 1415 1416 * kpasswd/Makefile.am (kpasswdd_LDADD): add LIB_dlopen 1417 1418 * lib/krb5/krb5.h (KRB5_VERIFY_AP_REQ_IGNORE_INVALID): add 1419 1420 * lib/krb5/rd_req.c (krb5_decrypt_ticket): add `flags` and 1421 KRB5_VERIFY_AP_REQ_IGNORE_INVALID for ignoring that the ticket is 1422 invalid 1423 1424Tue Apr 20 12:42:08 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1425 1426 * kpasswd/kpasswdd.c: don't try to load library by default; get 1427 library and function name from krb5.conf 1428 1429 * kpasswd/sample_passwd_check.c: sample password checking 1430 functions 1431 1432Mon Apr 19 22:22:19 1999 Assar Westerlund <assar@sics.se> 1433 1434 * lib/krb5/store.c (krb5_storage_to_data, krb5_ret_data): use 1435 krb5_data_alloc and be careful with checking allocation and sizes. 1436 1437 * kuser/klist.c (--tokens): conditionalize on KRB4 1438 1439 * kuser/kinit.c (renew_validate): set all flags 1440 (main): fix cut-n-paste error when setting start-time 1441 1442 * kdc/kerberos5.c (check_tgs_flags): starttime of a validate 1443 ticket should be > than current time 1444 (*): send flags to krb5_verify_ap_req and krb5_decrypt_ticket 1445 1446 * kuser/kinit.c (renew_validate): use the client realm instead of 1447 the local realm when renewing tickets. 1448 1449 * lib/krb5/get_for_creds.c (krb5_fwd_tgs_creds): compat function 1450 (krb5_get_forwarded_creds): correct freeing of out_creds 1451 1452 * kuser/kinit.c (renew_validate): hopefully fix up freeing of 1453 memory 1454 1455 * configure.in: do all the krb4 tests with "$krb4" != "no" 1456 1457 * lib/krb5/keyblock.c (krb5_free_keyblock_contents): don't zero 1458 keyvalue if it's NULL. noticed by Ake Sandgren <ake@cs.umu.se> 1459 1460 * lib/krb5/get_in_tkt.c (add_padata): loop over all enctypes 1461 instead of just taking the first one. fix all callers. From 1462 "Brandon S. Allbery KF8NH" <allbery@kf8nh.apk.net> 1463 1464 * kdc/kdc_locl.h (enable_kaserver): declaration 1465 1466 * kdc/hprop.c (ka_convert): print the failing principal. AFS 3.4a 1467 creates krbtgt.REALMOFCELL as NOTGS+NOSEAL, work around. From 1468 "Brandon S. Allbery KF8NH" <allbery@kf8nh.apk.net> 1469 1470 * kdc/hpropd.c (open_socket): stupid cast to get rid of a warning 1471 1472 * kdc/connect.c (add_standard_ports, process_request): look at 1473 enable_kaserver. From "Brandon S. Allbery KF8NH" 1474 <allbery@kf8nh.apk.net> 1475 1476 * kdc/config.c: new flag --kaserver and config file option 1477 enable-kaserver. From "Brandon S. Allbery KF8NH" 1478 <allbery@kf8nh.apk.net> 1479 1480Mon Apr 19 12:32:04 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1481 1482 * configure.in: check for dlopen, and dlfcn.h 1483 1484 * kpasswd/kpasswdd.c: add support for dlopen:ing password quality 1485 check library 1486 1487 * configure.in: add appl/su 1488 1489Sun Apr 18 15:46:53 1999 Johan Danielsson <joda@blubb.pdc.kth.se> 1490 1491 * lib/krb5/cache.c: add krb5_cc_get_type that returns type of a 1492 cache 1493 1494Fri Apr 16 17:58:51 1999 Assar Westerlund <assar@sics.se> 1495 1496 * configure.in: LIB_kdb: -L should be before -lkdb 1497 test for prototype of strsep 1498 1499Thu Apr 15 11:34:38 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1500 1501 * lib/krb5/Makefile.am: update version 1502 1503 * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): use 1504 ALLOC_SEQ 1505 1506 * lib/krb5/fcache.c: add some support for reading and writing old 1507 cache formats; 1508 (fcc_store_cred): use krb5_store_creds; (fcc_read_cred): use 1509 krb5_ret_creds 1510 1511 * lib/krb5/store_mem.c (krb5_storage_from_mem): check malloc, 1512 initialize host_byteorder 1513 1514 * lib/krb5/store_fd.c (krb5_storage_from_fd): initialize 1515 host_byteorder 1516 1517 * lib/krb5/store_emem.c (krb5_storage_emem): initialize 1518 host_byteorder 1519 1520 * lib/krb5/store.c (krb5_storage_set_host_byteorder): add; 1521 (krb5_store_int32,krb5_ret_int32,krb5_store_int16,krb5_ret_int16): 1522 check host_byteorder flag; (krb5_store_creds): add; 1523 (krb5_ret_creds): add 1524 1525 * lib/krb5/krb5.h (krb5_storage): add `host_byteorder' flag for 1526 storage of numbers 1527 1528 * lib/krb5/heim_err.et: add `host not found' error 1529 1530 * kdc/connect.c: don't use data after clearing decriptor 1531 1532 * lib/krb5/auth_context.c: abort -> krb5_abortx 1533 1534 * lib/krb5/warn.c: add __attribute__; add *abort functions 1535 1536 * configure.in: check for __attribute__ 1537 1538 * kdc/connect.c: log bogus requests 1539 1540Tue Apr 13 18:38:05 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1541 1542 * lib/kadm5/create_s.c (kadm5_s_create_principal): create v4 salts 1543 for all DES keys 1544 15451999-04-12 Assar Westerlund <assar@sics.se> 1546 1547 * lib/krb5/get_cred.c (init_tgs_req): re-structure a little bit 1548 1549 * lib/krb5/get_cred.c (init_tgs_req): some more error checking 1550 1551 * lib/krb5/generate_subkey.c (krb5_generate_subkey): check return 1552 value from malloc 1553 1554Sun Apr 11 03:47:23 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1555 1556 * lib/krb5/krb5.conf.5: update to reality 1557 1558 * lib/krb5/krb5_425_conv_principal.3: update to reality 1559 15601999-04-11 Assar Westerlund <assar@sics.se> 1561 1562 * lib/krb5/get_host_realm.c: handle more than one realm for a host 1563 1564 * kpasswd/kpasswd.c (main): use krb5_program_setup and 1565 print_version 1566 1567 * kdc/string2key.c (main): use krb5_program_setup and 1568 print_version 1569 1570Sun Apr 11 02:35:58 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1571 1572 * lib/krb5/principal.c (krb5_524_conv_principal): make it actually 1573 work, and check built-in list of host-type first-components 1574 1575 * lib/krb5/krbhst.c: lookup SRV-records to find a kdc for a realm 1576 1577 * lib/krb5/context.c: add srv_* flags to context 1578 1579 * lib/krb5/principal.c: add default v4_name_convert entries 1580 1581 * lib/krb5/krb5.h: add srv_* flags to context 1582 1583Sat Apr 10 22:52:28 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1584 1585 * kadmin/kadmin.c: complain about un-recognised commands 1586 1587 * admin/ktutil.c: complain about un-recognised commands 1588 1589Sat Apr 10 15:41:49 1999 Assar Westerlund <assar@sics.se> 1590 1591 * kadmin/load.c (doit): fix error message 1592 1593 * lib/krb5/crypto.c (encrypt_internal): free checksum if lengths 1594 fail to match. 1595 (krb5_get_wrapped_length): new function 1596 1597 * configure.in: security/pam_modules.h: check for 1598 1599 * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): kludge 1600 around `ret_as_reply' semantics by only freeing it when ret == 0 1601 1602Fri Apr 9 20:24:04 1999 Assar Westerlund <assar@sics.se> 1603 1604 * kuser/klist.c (print_cred_verbose): handle the case of a bad 1605 enctype 1606 1607 * configure.in: test for more header files 1608 (LIB_roken): set 1609 1610Thu Apr 8 15:01:59 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1611 1612 * configure.in: fixes for building w/o krb4 1613 1614 * ltmain.sh: update to libtool 1.2d 1615 1616 * ltconfig: update to libtool 1.2d 1617 1618Wed Apr 7 23:37:26 1999 Assar Westerlund <assar@sics.se> 1619 1620 * kdc/hpropd.c: fix some error messages to be more understandable. 1621 1622 * kdc/hprop.c (ka_dump): remove unused variables 1623 1624 * appl/test/tcp_server.c: remove unused variables 1625 1626 * appl/test/gssapi_server.c: remove unused variables 1627 1628 * appl/test/gssapi_client.c: remove unused variables 1629 1630Wed Apr 7 14:05:15 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1631 1632 * lib/krb5/context.c (krb5_get_err_text): long -> krb5_error_code 1633 1634 * kuser/klist.c: make it compile w/o krb4 1635 1636 * kuser/kdestroy.c: make it compile w/o krb4 1637 1638 * admin/ktutil.c: fix {srv,key}2{srv,key}tab confusion; add help 1639 strings 1640 1641Mon Apr 5 16:13:46 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1642 1643 * configure.in: test for MIPS ABI; new test_package 1644 1645Thu Apr 1 11:00:40 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1646 1647 * include/Makefile.am: clean krb5-private.h 1648 1649 * Release 0.1d 1650 1651 * kpasswd/kpasswdd.c (doit): pass context to 1652 krb5_get_all_client_addrs 1653 1654 * kdc/connect.c (init_sockets): pass context to 1655 krb5_get_all_server_addrs 1656 1657 * lib/krb5/get_in_tkt.c (init_as_req): pass context to 1658 krb5_get_all_client_addrs 1659 1660 * lib/krb5/get_cred.c (get_cred_kdc_la): pass context to 1661 krb5_get_all_client_addrs 1662 1663 * lib/krb5/get_addrs.c (get_addrs_int): add extra host addresses 1664 1665 * lib/krb5/krb5.h: add support for adding an extra set of 1666 addresses 1667 1668 * lib/krb5/context.c: add support for adding an extra set of 1669 addresses 1670 1671 * lib/krb5/addr_families.c: add krb5_parse_address 1672 1673 * lib/krb5/address.c: krb5_append_addresses 1674 1675 * lib/krb5/config_file.c (parse_binding): don't zap everything 1676 after first whitespace 1677 1678 * kuser/kinit.c (renew_validate): don't allocate out 1679 1680 * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): don't 1681 allocate out_creds 1682 1683 * lib/krb5/get_cred.c (get_cred_kdc, get_cred_kdc_la): make 1684 out_creds pointer; 1685 (krb5_get_kdc_cred): allocate out_creds; (get_cred_from_kdc_flags): 1686 free more memory 1687 1688 * lib/krb5/crypto.c (encrypt_internal): free checksum 1689 1690 * lib/krb5/convert_creds.c (krb524_convert_creds_kdc): free reply, 1691 and ticket 1692 1693 * kuser/Makefile.am: remove kfoo 1694 1695 * lib/Makefile.am: add auth 1696 1697 * lib/kadm5/iprop.h: getarg.h 1698 1699 * lib/kadm5/replay_log.c: use getarg 1700 1701 * lib/kadm5/ipropd_slave.c: use getarg 1702 1703 * lib/kadm5/ipropd_master.c: use getarg 1704 1705 * lib/kadm5/dump_log.c: use getarg 1706 1707 * kpasswd/kpasswdd.c: use getarg 1708 1709 * Makefile.am.common: make a more working check-local target 1710 1711 * lib/asn1/main.c: use getargs 1712 1713Mon Mar 29 20:19:57 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1714 1715 * kuser/klist.c (print_cred_verbose): use krb5_print_address 1716 1717 * lib/kadm5/server.c: k_{put,get}_int -> _krb5_{put,get}_int 1718 1719 * lib/krb5/addr_families.c (krb5_print_address): handle unknown 1720 address types; (ipv6_print_addr): print in 16-bit groups (as it 1721 should) 1722 1723 * lib/krb5/crc.c: crc_{init_table,update} -> 1724 _krb5_crc_{init_table,update} 1725 1726 * lib/krb5/crypto.c: k_{put,get}_int -> _krb5_{put,get}_int 1727 crc_{init_table,update} -> _krb5_crc_{init_table,update} 1728 1729 * lib/krb5/send_to_kdc.c: k_{put,get}_int -> _krb5_{put,get}_int 1730 1731 * lib/krb5/store.c: k_{put,get}_int -> _krb5_{put,get}_int 1732 1733 * lib/krb5/krb5_locl.h: include krb5-private.h 1734 1735 * kdc/connect.c (addr_to_string): use krb5_print_address 1736 1737 * lib/krb5/addr_families.c (krb5_print_address): int -> size_t 1738 1739 * lib/krb5/addr_families.c: add support for printing ipv6 1740 addresses, either with inet_ntop, or ugly for-loop 1741 1742 * kdc/524.c: check that the ticket came from a valid address; use 1743 the address of the connection as the address to put in the v4 1744 ticket (if this address is AF_INET) 1745 1746 * kdc/connect.c: pass addr to do_524 1747 1748 * kdc/kdc_locl.h: prototype for do_524 1749 1750Sat Mar 27 17:48:31 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1751 1752 * configure.in: check for OSF C2; bind/bitypes.h, getudbnam, 1753 setlim; check for auth modules; siad.h, getpwnam_r; 1754 lib/auth/Makefile, lib/auth/sia/Makefile 1755 1756 * lib/krb5/crypto.c: n_fold -> _krb5_n_fold 1757 1758 * lib/krb5/n-fold.c: n_fold -> _krb5_n_fold 1759 1760Thu Mar 25 04:35:21 1999 Assar Westerlund <assar@sics.se> 1761 1762 * lib/kadm5/set_keys.c (_kadm5_set_keys): free salt when zapping 1763 it 1764 1765 * lib/kadm5/free.c (kadm5_free_principal_ent): free `key_data' 1766 1767 * lib/hdb/ndbm.c (NDBM_destroy): clear master key 1768 1769 * lib/hdb/db.c (DB_destroy): clear master key 1770 (DB_open): check malloc 1771 1772 * kdc/connect.c (init_sockets): free addresses 1773 1774 * kadmin/kadmin.c (main): make code more consistent. always free 1775 configuration information. 1776 1777 * kadmin/init.c (create_random_entry): free the entry 1778 1779Wed Mar 24 04:02:03 1999 Assar Westerlund <assar@sics.se> 1780 1781 * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): 1782 re-organize the code to always free `kdc_reply' 1783 1784 * lib/krb5/get_in_tkt.c (krb5_get_in_cred): be more careful about 1785 freeing memory 1786 1787 * lib/krb5/fcache.c (fcc_destroy): don't call fcc_close 1788 1789 * lib/krb5/crypto.c (krb5_crypto_destroy): free `crypto' 1790 1791 * lib/hdb/hdb_locl.h: try db_185.h first in case db.h is a DB 2.0 1792 header 1793 1794 * configure.in (db_185.h): check for 1795 1796 * admin/srvcreate.c: new file. contributed by Daniel Kouril 1797 <kouril@informatics.muni.cz> 1798 1799 * admin/ktutil.c: srvcreate: new command 1800 1801 * kuser/klist.c: add support for printing AFS tokens 1802 1803 * kuser/kdestroy.c: add support for destroying v4 tickets and AFS 1804 tokens. based on code by Love <lha@stacken.kth.se> 1805 1806 * kuser/Makefile.am (kdestroy_LDADD, klist_LDADD): more libraries 1807 1808 * configure.in: sys/ioccom.h: test for 1809 1810 * kuser/klist.c (main): don't print `no ticket file' with --test. 1811 From: Love <lha@e.kth.se> 1812 1813 * kpasswd/kpasswdd.c (doit): more braces to make gcc happy 1814 1815 * kdc/connect.c (init_socket): get rid of a stupid warning 1816 1817 * include/bits.c (my_strupr): cast away some stupid warnings 1818 1819Tue Mar 23 14:34:44 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1820 1821 * lib/krb5/get_host_realm.c (krb5_get_host_realm): no infinite 1822 loops, please 1823 1824Tue Mar 23 00:00:45 1999 Assar Westerlund <assar@sics.se> 1825 1826 * lib/kadm5/Makefile.am (install_build_headers): recover from make 1827 rewriting the names of the headers kludge to help solaris make 1828 1829 * lib/krb5/Makefile.am: kludge to help solaris make 1830 1831 * lib/hdb/Makefile.am: kludge to help solaris make 1832 1833 * configure.in (LIB_kdb): make sure there's a -L option in here by 1834 adding $(LIB_krb4) 1835 1836 * lib/asn1/gen_glue.c (generate_2int, generate_int2): int -> 1837 unsigned 1838 1839 * configure.in (SunOS): set to a number KRB4, KRB5 conditionals: 1840 remove the `dnl' to work around an automake flaw 1841 1842Sun Mar 21 15:08:49 1999 Johan Danielsson <joda@blubb.pdc.kth.se> 1843 1844 * lib/krb5/get_default_realm.c: char* -> krb5_realm 1845 1846Sun Mar 21 14:08:30 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1847 1848 * include/bits.c: <bind/bitypes.h> 1849 1850 * lib/krb5/Makefile.am: create krb5-private.h 1851 1852Sat Mar 20 00:08:59 1999 Assar Westerlund <assar@sics.se> 1853 1854 * configure.in (gethostname): remove duplicate 1855 1856Fri Mar 19 14:48:03 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1857 1858 * lib/hdb/Makefile.am: add version-info 1859 1860 * lib/gssapi/Makefile.am: add version-info 1861 1862 * lib/asn1/Makefile.am: use $(x:y=z) make syntax; move check-der 1863 to check_PROGRAMS 1864 1865 * lib/Makefile.am: add 45 1866 1867 * lib/kadm5/Makefile.am: split in client and server libraries 1868 (breaks shared libraries otherwise) 1869 1870Thu Mar 18 11:33:30 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1871 1872 * include/kadm5/Makefile.am: clean a lot of header files (since 1873 automake lacks a clean-hook) 1874 1875 * include/Makefile.am: clean a lot of header files (since automake 1876 lacks a clean-hook) 1877 1878 * lib/kadm5/Makefile.am: fix build-installation of headers 1879 1880 * lib/krb5/Makefile.am: remove include_dir hack 1881 1882 * lib/hdb/Makefile.am: remove include_dir hack 1883 1884 * lib/asn1/Makefile.am: remove include_dir hack 1885 1886 * include/Makefile.am: remove include_dir hack 1887 1888 * doc/whatis.texi: define sub for html 1889 1890 * configure.in: LIB_kdb, have_err_h, have_fnmatch_h, have_glob_h 1891 1892 * lib/asn1/Makefile.am: der.h 1893 1894 * kpasswd/kpasswdd.c: admin.h -> kadm5/admin.h 1895 1896 * kdc/Makefile.am: remove junk 1897 1898 * kadmin/Makefile.am: sl.a -> sl.la 1899 1900 * appl/afsutil/Makefile.am: remove EXTRA_bin_PROGRAMS 1901 1902 * admin/Makefile.am: sl.a -> sl.la 1903 1904 * configure.in: condition KRB5; AC_CHECK_XAU 1905 1906 * Makefile.am: include Makefile.am.common 1907 1908 * include/kadm5/Makefile.am: include Makefile.am.common; don't 1909 install headers from here 1910 1911 * include/Makefile.am: include Makefile.am.common; don't install 1912 headers from here 1913 1914 * doc/Makefile.am: include Makefile.am.common 1915 1916 * lib/krb5/Makefile.am: include Makefile.am.common 1917 1918 * lib/kadm5/Makefile.am: include Makefile.am.common 1919 1920 * lib/hdb/Makefile.am: include Makefile.am.common 1921 1922 * lib/gssapi/Makefile.am: include Makefile.am.common 1923 1924 * lib/asn1/Makefile.am: include Makefile.am.common 1925 1926 * lib/Makefile.am: include Makefile.am.common 1927 1928 * lib/45/Makefile.am: include Makefile.am.common 1929 1930 * kuser/Makefile.am: include Makefile.am.common 1931 1932 * kpasswd/Makefile.am: include Makefile.am.common 1933 1934 * kdc/Makefile.am: include Makefile.am.common 1935 1936 * kadmin/Makefile.am: include Makefile.am.common 1937 1938 * appl/test/Makefile.am: include Makefile.am.common 1939 1940 * appl/afsutil/Makefile.am: include Makefile.am.common 1941 1942 * appl/Makefile.am: include Makefile.am.common 1943 1944 * admin/Makefile.am: include Makefile.am.common 1945 1946Wed Mar 17 03:04:38 1999 Assar Westerlund <assar@sics.se> 1947 1948 * lib/krb5/store.c (krb5_store_stringz): braces fix 1949 1950 * lib/kadm5/get_s.c (kadm5_s_get_principal): braces fix 1951 1952 * lib/kadm5/ent_setup.c (_kadm5_setup_entry): braces fix 1953 1954 * kdc/connect.c (loop): braces fix 1955 1956 * lib/krb5/config_file.c: cast to unsigned char to make is* happy 1957 1958 * lib/krb5/log.c (krb5_addlog_dest): more braces to make gcc happy 1959 1960 * lib/krb5/crypto.c (krb5_verify_checksum): rename C -> cksum to 1961 be consistent 1962 1963 * kadmin/util.c (timeval2str): more braces to make gcc happy 1964 1965 * kadmin/load.c: cast in is* to get rid of stupid warning 1966 1967 * kadmin/dump.c (append_hex): cast in isalnum to get rid of stupid 1968 warning 1969 1970 * kdc/kaserver.c: malloc checks and fixes 1971 1972 * lib/krb5/get_host_realm.c (krb5_get_host_realm): include leading 1973 dot (if any) when looking up realms. 1974 1975Fri Mar 12 13:57:56 1999 Johan Danielsson <joda@blubb.pdc.kth.se> 1976 1977 * lib/krb5/get_host_realm.c: add dns support 1978 1979 * lib/krb5/set_default_realm.c: use krb5_free_host_realm 1980 1981 * lib/krb5/free_host_realm.c: check for NULL realmlist 1982 1983 * lib/krb5/context.c: don't print warning if there is no krb5.conf 1984 1985Wed Mar 10 19:29:46 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1986 1987 * configure.in: use AC_WFLAGS 1988 1989Mon Mar 8 11:49:43 1999 Johan Danielsson <joda@hella.pdc.kth.se> 1990 1991 * Release 0.1c 1992 1993 * kuser/klist.c: use print_version 1994 1995 * kuser/kdestroy.c: use print_version 1996 1997 * kdc/hpropd.c: use print_version 1998 1999 * kdc/hprop.c: use print_version 2000 2001 * kdc/config.c: use print_version 2002 2003 * kadmin/kadmind.c: use print_version 2004 2005 * kadmin/kadmin.c: use print_version 2006 2007 * appl/test/common.c: use print_version 2008 2009 * appl/afsutil/afslog.c: use print_version 2010 2011Mon Mar 1 10:49:14 1999 Johan Danielsson <joda@hella.pdc.kth.se> 2012 2013 * lib/krb5/get_addrs.c: SOCKADDR_HAS_SA_LEN -> 2014 HAVE_STRUCT_SOCKADDR_SA_LEN 2015 2016 * configure.in, acconfig.h, cf/*: update to automake 1.4/autoconf 2.13 2017 2018Sun Feb 28 18:19:20 1999 Johan Danielsson <joda@hella.pdc.kth.se> 2019 2020 * lib/asn1/gen.c: make `BIT STRING's unsigned 2021 2022 * lib/asn1/{symbol.h,gen.c}: add TUInteger type 2023 2024 * lib/krb5/verify_user.c (krb5_verify_user): pass prompter to 2025 krb5_get_init_creds_password 2026 2027 * lib/krb5/fcache.c (fcc_gen_new): implement 2028 2029Sat Feb 27 22:41:23 1999 Johan Danielsson <joda@hella.pdc.kth.se> 2030 2031 * doc/install.texi: krb4 is now automatically detected 2032 2033 * doc/misc.texi: update procedure to set supported encryption 2034 types 2035 2036 * doc/setup.texi: change some silly wordings 2037 2038Sat Feb 27 22:17:30 1999 Johan Danielsson <joda@blubb.pdc.kth.se> 2039 2040 * lib/krb5/keytab.c (fkt_remove_entry): make this work 2041 2042 * admin/ktutil.c: add minimally working `get' command 2043 2044Sat Feb 27 19:44:49 1999 Johan Danielsson <joda@hella.pdc.kth.se> 2045 2046 * lib/hdb/convert_db.c: more typos 2047 2048 * include/Makefile.am: remove EXTRA_DATA (as of autoconf 2049 2.13/automake 1.4) 2050 2051 * appl/Makefile.am: OTP_dir 2052 2053Fri Feb 26 17:37:00 1999 Johan Danielsson <joda@hella.pdc.kth.se> 2054 2055 * doc/setup.texi: add kadmin section 2056 2057 * lib/asn1/check-der.c: fix printf warnings 2058 2059Thu Feb 25 11:16:49 1999 Johan Danielsson <joda@hella.pdc.kth.se> 2060 2061 * configure.in: -O does not belong in WFLAGS 2062 2063Thu Feb 25 11:05:57 1999 Johan Danielsson <joda@blubb.pdc.kth.se> 2064 2065 * lib/asn1/der_put.c: fix der_put_int 2066 2067Tue Feb 23 20:35:12 1999 Johan Danielsson <joda@hella.pdc.kth.se> 2068 2069 * configure.in: use AC_BROKEN_GLOB 2070 2071Mon Feb 22 15:12:44 1999 Johan Danielsson <joda@blubb.pdc.kth.se> 2072 2073 * configure.in: check for glob 2074 2075Mon Feb 22 11:32:42 1999 Johan Danielsson <joda@hella.pdc.kth.se> 2076 2077 * Release 0.1b 2078 2079Sat Feb 20 15:48:06 1999 Johan Danielsson <joda@blubb.pdc.kth.se> 2080 2081 * lib/hdb/convert_db.c: convert DES3 keys to des3-cbc-sha1, and 2082 des3-cbc-md5 2083 2084 * lib/krb5/crypto.c (DES3_string_to_key): make this actually do 2085 what the draft said it should 2086 2087 * lib/hdb/convert_db.c: little program for database conversion 2088 2089 * lib/hdb/db.c (DB_open): try to open database w/o .db extension 2090 2091 * lib/hdb/ndbm.c (NDBM_open): add test for database format 2092 2093 * lib/hdb/db.c (DB_open): add test for database format 2094 2095 * lib/asn1/gen_glue.c (generate_2int): don't depend on flags being 2096 unsigned 2097 2098 * lib/hdb/hdb.c: change `hdb_set_master_key' to take an 2099 EncryptionKey, and add a new function `hdb_set_master_keyfile' to 2100 do what `hdb_set_master_key' used to do 2101 2102 * kdc/kstash.c: add `--convert-file' option to change keytype of 2103 existing master key file 2104 2105Fri Feb 19 07:04:14 1999 Assar Westerlund <assar@squid.pdc.kth.se> 2106 2107 * Release 0.1a 2108 2109Sat Feb 13 17:12:53 1999 Assar Westerlund <assar@sics.se> 2110 2111 * lib/krb5/mk_safe.c (krb5_mk_safe): sizeof(buf) -> buf_size, buf 2112 is now a `u_char *' 2113 2114 * lib/krb5/get_in_tkt.c (krb5_init_etype): etypes are now `int' 2115 2116 * lib/krb5/get_host_realm.c (krb5_get_host_realm): constize 2117 orig_host 2118 2119 (krb5_salttype_to_string): new function (RSA_MD5_DES_verify, 2120 RSA_MD5_DES3_verify): initialize ret 2121 2122 * lib/gssapi/init_sec_context.c (init_auth): remove unnecessary 2123 gssapi_krb5_init. ask for KEYTYPE_DES credentials 2124 2125 * kadmin/get.c (print_entry_long): print the keytypes and salts 2126 available for the principal 2127 2128 * configure.in (WFLAGS): add `-O' to catch unitialized variables 2129 and such 2130 (gethostname, mkstemp, getusershell, inet_aton): more tests 2131 2132 * lib/hdb/hdb.h: update prototypes 2133 2134 * configure.in: homogenize broken detection with krb4 2135 2136 * lib/kadm5/init_c.c (kadm5_c_init_with_context): remove unused 2137 `error' 2138 2139 * lib/asn1/Makefile.am (check-der): add 2140 2141 * lib/asn1/gen.c (define_type): map ASN1 Integer to `int' instead 2142 of `unsigned' 2143 2144 * lib/asn1/der_length.c (length_unsigned): new function 2145 (length_int): handle signed integers 2146 2147 * lib/asn1/der_put.c (der_put_unsigned): new function 2148 (der_put_int): handle signed integers 2149 2150 * lib/asn1/der_get.c (der_get_unsigned): new function 2151 (der_get_int): handle signed integers 2152 2153 * lib/asn1/der.h: all integer functions take `int' instead of 2154 `unsigned' 2155 2156 * lib/asn1/lex.l (filename): unused. remove. 2157 2158 * lib/asn1/check-der.c: new test program for der encoding and 2159 decoding. 2160 2161Mon Feb 1 04:09:06 1999 Assar Westerlund <assar@sics.se> 2162 2163 * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): only call 2164 gethostbyname2 with AF_INET6 if we actually have IPv6. From 2165 "Brandon S. Allbery KF8NH" <allbery@kf8nh.apk.net> 2166 2167 * lib/krb5/changepw.c (get_kdc_address): dito 2168 2169Sun Jan 31 06:26:36 1999 Assar Westerlund <assar@sics.se> 2170 2171 * kdc/connect.c (parse_prots): always bind to AF_INET, there are 2172 v6-implementations without support for `mapped V4 addresses'. 2173 From Jun-ichiro itojun Hagino <itojun@kame.net> 2174 2175Sat Jan 30 22:38:27 1999 Assar Westerlund <assar@juguete.sics.se> 2176 2177 * Release 0.0u 2178 2179Sat Jan 30 13:43:02 1999 Assar Westerlund <assar@sics.se> 2180 2181 * lib/krb5/Makefile.am: explicit rules for *.et files 2182 2183 * lib/kadm5/init_c.c (get_kadm_ticket): only remove creds if 2184 krb5_get_credentials was succesful. 2185 (get_new_cache): return better error codes and return earlier. 2186 (get_cred_cache): only delete default_client if it's different 2187 from client 2188 (kadm5_c_init_with_context): return a more descriptive error. 2189 2190 * kdc/kerberos5.c (check_flags): handle NULL client or server 2191 2192 * lib/krb5/sendauth.c (krb5_sendauth): return the error in 2193 `ret_error' iff != NULL 2194 2195 * lib/krb5/rd_error.c (krb5_free_error, krb5_free_error_contents): 2196 new functions 2197 2198 * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): more 2199 type-correctness 2200 2201 * lib/krb5/krb5.h (krb5_error): typedef to KRB_ERROR 2202 2203 * lib/krb5/init_creds_pw.c: KRB5_TGS_NAME: use 2204 2205 * lib/krb5/get_cred.c: KRB5_TGS_NAME: use 2206 2207 * lib/kafs/afskrb5.c (afslog_uid_int): update to changes 2208 2209 * lib/kadm5/rename_s.c (kadm5_s_rename_principal): call remove 2210 instead of rename, but shouldn't this just call rename? 2211 2212 * lib/kadm5/get_s.c (kadm5_s_get_principal): always return an 2213 error if the principal wasn't found. 2214 2215 * lib/hdb/ndbm.c (NDBM_seq): unseal key 2216 2217 * lib/hdb/db.c (DB_seq): unseal key 2218 2219 * lib/asn1/Makefile.am: added explicit rules for asn1_err.[ch] 2220 2221 * kdc/hprop.c (v4_prop): add krbtgt/THISREALM@OTHERREALM when 2222 finding cross-realm tgts in the v4 database 2223 2224 * kadmin/mod.c (mod_entry): check the number of arguments. check 2225 that kadm5_get_principal worked. 2226 2227 * lib/krb5/keytab.c (fkt_remove_entry): remove KRB5_KT_NOTFOUND if 2228 we weren't able to remove it. 2229 2230 * admin/ktutil.c: less drive-by-deleting. From Love 2231 <lha@e.kth.se> 2232 2233 * kdc/connect.c (parse_ports): copy the string before mishandling 2234 it with strtok_r 2235 2236 * kdc/kerberos5.c (tgs_rep2): print the principal with mismatching 2237 kvnos 2238 2239 * kadmin/kadmind.c (main): convert `debug_port' to network byte 2240 order 2241 2242 * kadmin/kadmin.c: allow specification of port number. 2243 2244 * lib/kadm5/kadm5_locl.h (kadm5_client_context): add 2245 `kadmind_port'. 2246 2247 * lib/kadm5/init_c.c (_kadm5_c_init_context): move up 2248 initalize_kadm5_error_table_r. 2249 allow specification of port number. 2250 2251 From Love <lha@stacken.kth.se> 2252 2253 * kuser/klist.c: add option -t | --test 2254 2255Sat Dec 5 19:49:34 1998 Johan Danielsson <joda@hella.pdc.kth.se> 2256 2257 * lib/krb5/context.c: remove ktype_is_etype 2258 2259 * lib/krb5/crypto.c, lib/krb5/krb5.h, acconfig.h: NEW_DES3_CODE 2260 2261 * configure.in: fix for AIX install; better tests for AIX dynamic 2262 AFS libs; `--enable-new-des3-code' 2263 2264Tue Dec 1 14:44:44 1998 Johan Danielsson <joda@hella.pdc.kth.se> 2265 2266 * appl/afsutil/Makefile.am: link with extra libs for aix 2267 2268 * kuser/Makefile.am: link with extra libs for aix 2269 2270Sun Nov 29 01:56:21 1998 Assar Westerlund <assar@sics.se> 2271 2272 * lib/krb5/get_addrs.c (krb5_get_all_server_addrs): add. almost 2273 the same as krb5_get_all_client_addrs except that it includes 2274 loopback addresses 2275 2276 * kdc/connect.c (init_socket): bind to a particular address 2277 (init_sockets): get all local addresses and bind to them all 2278 2279 * lib/krb5/addr_families.c (addr2sockaddr, print_addr): new 2280 methods 2281 (find_af, find_atype): new functions. use them. 2282 2283 * configure.in: add hesiod 2284 2285Wed Nov 25 11:37:48 1998 Johan Danielsson <joda@hella.pdc.kth.se> 2286 2287 * lib/krb5/krb5_err.et: add some codes from kerberos-revisions-03 2288 2289Mon Nov 23 12:53:48 1998 Assar Westerlund <assar@sics.se> 2290 2291 * lib/kadm5/log.c: rename delete -> remove 2292 2293 * lib/kadm5/delete_s.c: rename delete -> remove 2294 2295 * lib/hdb/common.c: rename delete -> remove 2296 2297Sun Nov 22 12:26:26 1998 Assar Westerlund <assar@sics.se> 2298 2299 * configure.in: check for environ and `struct spwd' 2300 2301Sun Nov 22 11:42:45 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 2302 2303 * kdc/kerberos5.c (as_rep): set keytype to sess_ktype if 2304 ktype_is_etype 2305 2306 * lib/krb5/encrypt.c (krb5_keytype_to_etypes): zero terminate 2307 etypes 2308 (em): sort entries 2309 2310Sun Nov 22 06:54:48 1998 Assar Westerlund <assar@sics.se> 2311 2312 * lib/krb5/init_creds_pw.c: more type correctness 2313 2314 * lib/krb5/get_cred.c: re-structure code. remove limits on ASN1 2315 generated bits. 2316 2317Sun Nov 22 01:49:50 1998 Johan Danielsson <joda@hella.pdc.kth.se> 2318 2319 * kdc/hprop.c (v4_prop): fix bogus indexing 2320 2321Sat Nov 21 21:39:20 1998 Assar Westerlund <assar@sics.se> 2322 2323 * lib/krb5/verify_init.c (fail_verify_is_ok): new function 2324 (krb5_verify_init_creds): if we cannot get a ticket for 2325 host/`hostname` and fail_verify_is_ok just return. use 2326 krb5_rd_req 2327 2328Sat Nov 21 23:12:27 1998 Assar Westerlund <assar@sics.se> 2329 2330 * lib/krb5/free.c (krb5_xfree): new function 2331 2332 * lib/krb5/creds.c (krb5_free_creds_contents): new function 2333 2334 * lib/krb5/context.c: more type correctness 2335 2336 * lib/krb5/checksum.c: more type correctness 2337 2338 * lib/krb5/auth_context.c (krb5_auth_con_init): more type 2339 correctness 2340 2341 * lib/asn1/der_get.c (der_get_length): fix test of len 2342 (der_get_tag): more type correctness 2343 2344 * kuser/klist.c (usage): void-ize 2345 2346 * admin/ktutil.c (kt_remove): some more type correctness. 2347 2348Sat Nov 21 16:49:20 1998 Johan Danielsson <joda@hella.pdc.kth.se> 2349 2350 * kuser/klist.c: try to list enctypes as keytypes 2351 2352 * kuser/kinit.c: remove extra `--cache' option, add `--enctypes' 2353 to set list of enctypes to use 2354 2355 * kadmin/load.c: load strings as hex 2356 2357 * kadmin/dump.c: dump hex as string is possible 2358 2359 * admin/ktutil.c: use print_version() 2360 2361 * configure.in, acconfig.h: test for hesiod 2362 2363Sun Nov 15 17:28:19 1998 Johan Danielsson <joda@hella.pdc.kth.se> 2364 2365 * lib/krb5/crypto.c: add some crypto debug code 2366 2367 * lib/krb5/get_in_tkt.c (_krb5_extract_ticket): don't use fixed 2368 buffer when encoding ticket 2369 2370 * lib/krb5/auth_context.c (re-)implement `krb5_auth_setenctype' 2371 2372 * kdc/kerberos5.c: allow mis-match of tgt session key, and service 2373 session key 2374 2375 * admin/ktutil.c: keytype -> enctype 2376 2377Fri Nov 13 05:35:48 1998 Assar Westerlund <assar@sics.se> 2378 2379 * lib/krb5/krb5.h (KRB5_TGS_NAME, KRB5_TGS_NAME_SIZE): added 2380 2381Sat Nov 7 19:56:31 1998 Assar Westerlund <assar@sics.se> 2382 2383 * lib/krb5/get_cred.c (add_cred): add termination NULL pointer 2384 2385Mon Nov 2 01:15:06 1998 Assar Westerlund <assar@sics.se> 2386 2387 * lib/krb5/rd_req.c: adapt to new crypto api 2388 2389 * lib/krb5/rd_rep.c: adapt to new crypto api 2390 2391 * lib/krb5/rd_priv.c: adopt to new crypto api 2392 2393 * lib/krb5/rd_cred.c: adopt to new crypto api 2394 2395 * lib/krb5/principal.c: ENOMEM -> ERANGE 2396 2397 * lib/krb5/mk_safe.c: cleanup and adopt to new crypto api 2398 2399 * lib/krb5/mk_req_ext.c: adopt to new crypto api 2400 2401 * lib/krb5/mk_req.c: get enctype from auth_context keyblock 2402 2403 * lib/krb5/mk_rep.c: cleanup and adopt to new crypto api 2404 2405 * lib/krb5/mk_priv.c: adopt to new crypto api 2406 2407 * lib/krb5/keytab.c: adopt to new crypto api 2408 2409 * lib/krb5/get_in_tkt_with_skey.c: adopt to new crypto api 2410 2411 * lib/krb5/get_in_tkt_with_keytab.c: adopt to new crypto api 2412 2413 * lib/krb5/get_in_tkt_pw.c: adopt to new crypto api 2414 2415 * lib/krb5/get_in_tkt.c: adopt to new crypto api 2416 2417 * lib/krb5/get_cred.c: adopt to new crypto api 2418 2419 * lib/krb5/generate_subkey.c: use new crypto api 2420 2421 * lib/krb5/context.c: rename etype functions to enctype ditto 2422 2423 * lib/krb5/build_auth.c: use new crypto api 2424 2425 * lib/krb5/auth_context.c: remove enctype and cksumtype from 2426 auth_context 2427 2428Mon Nov 2 01:15:06 1998 Assar Westerlund <assar@sics.se> 2429 2430 * kdc/connect.c (handle_udp, handle_tcp): correct type of `n' 2431 2432Tue Sep 15 18:41:38 1998 Johan Danielsson <joda@hella.pdc.kth.se> 2433 2434 * admin/ktutil.c: fix printing of unrecognized keytypes 2435 2436Tue Sep 15 17:02:33 1998 Johan Danielsson <joda@hella.pdc.kth.se> 2437 2438 * lib/kadm5/set_keys.c: add KEYTYPE_USE_AFS3_SALT to keytype if 2439 using AFS3 salt 2440 2441Tue Aug 25 23:30:52 1998 Assar Westerlund <assar@sics.se> 2442 2443 * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): care about 2444 `use_admin_kdc' 2445 2446 * lib/krb5/changepw.c (get_kdc_address): use 2447 krb5_get_krb_admin_hst 2448 2449 * lib/krb5/krbhst.c (krb5_get_krb_admin_hst): new function 2450 2451 * lib/krb5/krb5.h (krb5_context_data): add `use_admin_kdc' 2452 2453 * lib/krb5/context.c (krb5_get_use_admin_kdc, 2454 krb5_set_use_admin_kdc): new functions 2455 2456Tue Aug 18 22:24:12 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2457 2458 * lib/krb5/crypto.c: remove all calls to abort(); check return 2459 value from _key_schedule; 2460 (RSA_MD[45]_DES_verify): zero tmp and res; 2461 (RSA_MD5_DES3_{verify,checksum}): implement 2462 2463Mon Aug 17 20:18:46 1998 Assar Westerlund <assar@sics.se> 2464 2465 * kdc/kerberos4.c (swap32): conditionalize 2466 2467 * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): new function 2468 2469 * lib/krb5/get_host_realm.c (krb5_get_host_realm): if the hostname 2470 returned from gethostby*() isn't a FQDN, try with the original 2471 hostname 2472 2473 * lib/krb5/get_cred.c (make_pa_tgs_req): use krb5_mk_req_internal 2474 and correct key usage 2475 2476 * lib/krb5/crypto.c (verify_checksum): make static 2477 2478 * admin/ktutil.c (kt_list): use krb5_enctype_to_string 2479 2480Sun Aug 16 20:57:56 1998 Assar Westerlund <assar@sics.se> 2481 2482 * kadmin/cpw.c (do_cpw_entry): use asprintf for the prompt 2483 2484 * kadmin/ank.c (ank): print principal name in prompt 2485 2486 * lib/krb5/crypto.c (hmac): always allocate space for checksum. 2487 never trust c.checksum.length 2488 (_get_derived_key): try to return the derived key 2489 2490Sun Aug 16 19:48:42 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2491 2492 * lib/krb5/crypto.c (hmac): fix some peculiarities and bugs 2493 (get_checksum_key): assume usage is `formatted' 2494 (create_checksum,verify_checksum): moved the guts of the krb5_* 2495 functions here, both take `formatted' key-usages 2496 (encrypt_internal_derived): fix various bogosities 2497 (derive_key): drop key_type parameter (already given by the 2498 encryption_type) 2499 2500 * kdc/kerberos5.c (check_flags): handle case where client is NULL 2501 2502 * kdc/connect.c (process_request): return zero after processing 2503 kerberos 4 request 2504 2505Sun Aug 16 18:38:15 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 2506 2507 * lib/krb5/crypto.c: merge x-*.[ch] into one file 2508 2509 * lib/krb5/cache.c: remove residual from krb5_ccache_data 2510 2511Fri Aug 14 16:28:23 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2512 2513 * lib/krb5/x-crypto.c (derive_key): move DES3 specific code to 2514 separate function (will eventually end up someplace else) 2515 2516 * lib/krb5/x-crypto.c (krb5_string_to_key_derived): allocate key 2517 2518 * configure.in, acconfig.h: test for four valued krb_put_int 2519 2520Thu Aug 13 23:46:29 1998 Assar Westerlund <assar@emma.pdc.kth.se> 2521 2522 * Release 0.0t 2523 2524Thu Aug 13 22:40:17 1998 Assar Westerlund <assar@sics.se> 2525 2526 * lib/krb5/config_file.c (parse_binding): remove trailing 2527 whitespace 2528 2529Wed Aug 12 20:15:11 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2530 2531 * lib/krb5/x-checksum.c (krb5_verify_checksum): pass checksum type 2532 to krb5_create_checksum 2533 2534 * lib/krb5/x-key.c: implement DES3_string_to_key_derived; fix a 2535 few typos 2536 2537Wed Aug 5 12:39:54 1998 Assar Westerlund <assar@emma.pdc.kth.se> 2538 2539 * Release 0.0s 2540 2541Thu Jul 30 23:12:17 1998 Assar Westerlund <assar@sics.se> 2542 2543 * lib/krb5/mk_error.c (krb5_mk_error): realloc until you die 2544 2545Thu Jul 23 19:49:03 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2546 2547 * kdc/kdc_locl.h: proto for `get_des_key' 2548 2549 * configure.in: test for four valued el_init 2550 2551 * kuser/klist.c: keytype -> enctype 2552 2553 * kpasswd/kpasswdd.c (change): use new `krb5_string_to_key*' 2554 2555 * kdc/hprop.c (v4_prop, ka_convert): convert to a set of keys 2556 2557 * kdc/kaserver.c: use `get_des_key' 2558 2559 * kdc/524.c: use new crypto api 2560 2561 * kdc/kerberos4.c: use new crypto api 2562 2563 * kdc/kerberos5.c: always treat keytypes as enctypes; use new 2564 crypto api 2565 2566 * kdc/kstash.c: adapt to new crypto api 2567 2568 * kdc/string2key.c: adapt to new crypto api 2569 2570 * admin/srvconvert.c: add keys for all possible enctypes 2571 2572 * admin/ktutil.c: keytype -> enctype 2573 2574 * lib/gssapi/init_sec_context.c: get enctype from auth_context 2575 keyblock 2576 2577 * lib/hdb/hdb.c: remove hdb_*_keytype2key 2578 2579 * lib/kadm5/set_keys.c: adapt to new crypto api 2580 2581 * lib/kadm5/rename_s.c: adapt to new crypto api 2582 2583 * lib/kadm5/get_s.c: adapt to new crypto api 2584 2585 * lib/kadm5/create_s.c: add keys for des-cbc-crc, des-cbc-md4, 2586 des-cbc-md5, and des3-cbc-sha1 2587 2588 * lib/krb5/heim_err.et: error message for unsupported salt 2589 2590 * lib/krb5/codec.c: short-circuit these functions, since they are 2591 not needed any more 2592 2593 * lib/krb5/rd_safe.c: cleanup and adapt to new crypto api 2594 2595Mon Jul 13 23:00:59 1998 Assar Westerlund <assar@sics.se> 2596 2597 * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): don't advance 2598 hostent->h_addr_list, use a copy instead 2599 2600Mon Jul 13 15:00:31 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2601 2602 * lib/krb5/config_file.c (parse_binding, parse_section): make sure 2603 everything is ok before adding to linked list 2604 2605 * lib/krb5/config_file.c: skip ws before checking for comment 2606 2607Wed Jul 8 10:45:45 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2608 2609 * lib/asn1/k5.asn1: hmac-sha1-des3 = 12 2610 2611Tue Jun 30 18:08:05 1998 Assar Westerlund <assar@sics.se> 2612 2613 * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): do not close the 2614 unopened file 2615 2616 * lib/krb5/mk_priv.c: realloc correctly 2617 2618 * lib/krb5/get_addrs.c (find_all_addresses): init j 2619 2620 * lib/krb5/context.c (krb5_init_context): print error if parsing 2621 of config file produced an error. 2622 2623 * lib/krb5/config_file.c (parse_list, krb5_config_parse_file): 2624 ignore more spaces 2625 2626 * lib/krb5/codec.c (krb5_encode_EncKrbCredPart, 2627 krb5_encode_ETYPE_INFO): initialize `ret' 2628 2629 * lib/krb5/build_auth.c (krb5_build_authenticator): realloc 2630 correctly 2631 2632 * lib/kadm5/set_keys.c (_kadm5_set_keys): initialize `ret' 2633 2634 * lib/kadm5/init_c.c (get_cred_cache): try to do the right thing 2635 with default_client 2636 2637 * kuser/kinit.c (main): initialize `ticket_life' 2638 2639 * kdc/kerberos5.c (get_pa_etype_info): initialize `ret' 2640 (tgs_rep2): initialize `krbtgt' 2641 2642 * kdc/connect.c (do_request): check for errors from `sendto' 2643 2644 * kdc/524.c (do_524): initialize `ret' 2645 2646 * kadmin/util.c (foreach_principal): don't clobber `ret' 2647 2648 * kadmin/del.c (del_entry): don't apply on zeroth argument 2649 2650 * kadmin/cpw.c (do_cpw_entry): initialize `ret' 2651 2652Sat Jun 13 04:14:01 1998 Assar Westerlund <assar@juguete.sics.se> 2653 2654 * Release 0.0r 2655 2656Sun Jun 7 04:13:14 1998 Assar Westerlund <assar@sics.se> 2657 2658 * lib/krb5/addr_families.c: fall-back definition of 2659 IN6_ADDR_V6_TO_V4 2660 2661 * configure.in: only set CFLAGS if it wasn't set look for 2662 dn_expand and res_search 2663 2664Mon Jun 1 21:28:07 1998 Assar Westerlund <assar@sics.se> 2665 2666 * configure.in: remove duplicate seteuid 2667 2668Sat May 30 00:19:51 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2669 2670 * lib/krb5/convert_creds.c: import _krb_time_to_life, to avoid 2671 runtime dependencies on libkrb with some shared library 2672 implementations 2673 2674Fri May 29 00:09:02 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2675 2676 * kuser/kinit_options.c: Default options for kinit. 2677 2678 * kuser/kauth_options.c: Default options for kauth. 2679 2680 * kuser/kinit.c: Implement lots a new options. 2681 2682 * kdc/kerberos5.c (check_tgs_flags): make sure kdc-req-body->rtime 2683 is not NULL; set endtime to min of new starttime + old_life, and 2684 requested endtime 2685 2686 * lib/krb5/init_creds_pw.c (get_init_creds_common): if the 2687 forwardable or proxiable flags are set in options, set the 2688 kdc-flags to the value specified, and not always to one 2689 2690Thu May 28 21:28:06 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2691 2692 * kdc/kerberos5.c: Optionally compare client address to addresses 2693 in ticket. 2694 2695 * kdc/connect.c: Pass client address to as_rep() and tgs_rep(). 2696 2697 * kdc/config.c: Add check_ticket_addresses, and 2698 allow_null_ticket_addresses variables. 2699 2700Tue May 26 14:03:42 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2701 2702 * lib/kadm5/create_s.c: possibly make DES keys version 4 salted 2703 2704 * lib/kadm5/set_keys.c: check config file for kadmin/use_v4_salt 2705 before zapping version 4 salts 2706 2707Sun May 24 05:22:17 1998 Assar Westerlund <assar@sics.se> 2708 2709 * Release 0.0q 2710 2711 * lib/krb5/aname_to_localname.c: new file 2712 2713 * lib/gssapi/init_sec_context.c (repl_mutual): no output token 2714 2715 * lib/gssapi/display_name.c (gss_display_name): zero terminate 2716 output. 2717 2718Sat May 23 19:11:07 1998 Assar Westerlund <assar@sics.se> 2719 2720 * lib/gssapi/display_status.c: new file 2721 2722 * Makefile.am: send -I to aclocal 2723 2724 * configure.in: remove duplicate setenv 2725 2726Sat May 23 04:55:19 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2727 2728 * kadmin/util.c (foreach_principal): Check for expression before 2729 wading through the whole database. 2730 2731 * kadmin/kadmin.c: Pass NULL password to 2732 kadm5_*_init_with_password. 2733 2734 * lib/kadm5/init_c.c: Implement init_with_{skey,creds}*. Make use 2735 of `password' parameter to init_with_password. 2736 2737 * lib/kadm5/init_s.c: implement init_with_{skey,creds}* 2738 2739 * lib/kadm5/server.c: Better arguments for 2740 kadm5_init_with_password. 2741 2742Sat May 16 07:10:36 1998 Assar Westerlund <assar@sics.se> 2743 2744 * kdc/hprop.c: conditionalize ka-server reading support on 2745 KASERVER_DB 2746 2747 * configure.in: new option `--enable-kaserver-db' 2748 2749Fri May 15 19:39:18 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 2750 2751 * lib/krb5/get_cred.c: Better error if local tgt couldn't be 2752 found. 2753 2754Tue May 12 21:11:02 1998 Assar Westerlund <assar@sics.se> 2755 2756 * Release 0.0p 2757 2758 * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): only set 2759 encryption type in auth_context if it's compatible with the type 2760 of the session key 2761 2762Mon May 11 21:11:14 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2763 2764 * kdc/hprop.c: add support for ka-server databases 2765 2766 * appl/ftp/ftpd: link with -lcrypt, if needed 2767 2768Fri May 1 07:29:52 1998 Assar Westerlund <assar@sics.se> 2769 2770 * configure.in: don't test for winsock.h 2771 2772Sat Apr 18 21:43:11 1998 Johan Danielsson <joda@puffer.pdc.kth.se> 2773 2774 * Release 0.0o 2775 2776Sat Apr 18 00:31:11 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 2777 2778 * lib/krb5/sock_principal.c: Save hostname. 2779 2780Sun Apr 5 11:29:45 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2781 2782 * lib/krb5/mk_req_ext.c: Use same enctype as in ticket. 2783 2784 * kdc/hprop.c (v4_prop): Check for null key. 2785 2786Fri Apr 3 03:54:54 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 2787 2788 * lib/krb5/str2key.c: Fix DES3 string-to-key. 2789 2790 * lib/krb5/keytab.c: Get default keytab name from context. 2791 2792 * lib/krb5/context.c: Get `default_keytab_name' value. 2793 2794 * kadmin/util.c (foreach_principal): Print error message if 2795 `kadm5_get_principals' fails. 2796 2797 * kadmin/kadmind.c: Use `kadmind_loop'. 2798 2799 * lib/kadm5/server.c: Replace several other functions with 2800 `kadmind_loop'. 2801 2802Sat Mar 28 09:49:18 1998 Assar Westerlund <assar@sics.se> 2803 2804 * lib/krb5/keytab.c (fkt_add_entry): use an explicit seek instead 2805 of O_APPEND 2806 2807 * configure.in: generate ftp Makefiles 2808 2809 * kuser/klist.c (print_cred_verbose): print IPv4-address in a 2810 portable way. 2811 2812 * admin/srvconvert.c (srvconv): return 0 if successful 2813 2814Tue Mar 24 00:40:33 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2815 2816 * lib/krb5/keytab.c: MIT compatible changes: add and use sizes to 2817 keytab entries, and change default keytab to `/etc/krb5.keytab'. 2818 2819Mon Mar 23 23:43:59 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2820 2821 * lib/gssapi/wrap.c: Use `gss_krb5_getsomekey'. 2822 2823 * lib/gssapi/unwrap.c: Implement and use `gss_krb5_getsomekey'. 2824 Fix bug in checking of pad. 2825 2826 * lib/gssapi/{un,}wrap.c: Add support for just integrity 2827 protecting data. 2828 2829 * lib/gssapi/accept_sec_context.c: Use 2830 `gssapi_krb5_verify_8003_checksum'. 2831 2832 * lib/gssapi/8003.c: Implement `gssapi_krb5_verify_8003_checksum'. 2833 2834 * lib/gssapi/init_sec_context.c: Zero cred, and store session key 2835 properly in auth-context. 2836 2837Sun Mar 22 00:47:22 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2838 2839 * lib/kadm5/delete_s.c: Check immutable bit. 2840 2841 * kadmin/kadmin.c: Pass client name to kadm5_init. 2842 2843 * lib/kadm5/init_c.c: Get creds for client name passed in. 2844 2845 * kdc/hprop.c (v4_prop): Check for `changepw.kerberos'. 2846 2847Sat Mar 21 22:57:13 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2848 2849 * lib/krb5/mk_error.c: Verify that error_code is in the range 2850 [0,127]. 2851 2852 * kdc/kerberos5.c: Move checking of principal flags to new 2853 function `check_flags'. 2854 2855Sat Mar 21 14:38:51 1998 Assar Westerlund <assar@sics.se> 2856 2857 * lib/kadm5/get_s.c (kadm5_s_get_principal): handle an empty salt 2858 2859 * configure.in: define SunOS if running solaris 2860 2861Sat Mar 21 00:26:34 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2862 2863 * lib/kadm5/server.c: Unifdef test for same principal when 2864 changing password. 2865 2866 * kadmin/util.c: If kadm5_get_principals failes, we might still be 2867 able to perform the requested opreration (for instance someone if 2868 trying to change his own password). 2869 2870 * lib/kadm5/init_c.c: Try to get ticket via initial request, if 2871 not possible via tgt. 2872 2873 * lib/kadm5/server.c: Check for principals changing their own 2874 passwords. 2875 2876 * kdc/kerberos5.c (tgs_rep2): check for interesting flags on 2877 involved principals. 2878 2879 * kadmin/util.c: Fix order of flags. 2880 2881Thu Mar 19 16:54:10 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2882 2883 * kdc/kerberos4.c: Return sane error code if krb_rd_req fails. 2884 2885Wed Mar 18 17:11:47 1998 Assar Westerlund <assar@sics.se> 2886 2887 * acconfig.h: rename HAVE_STRUCT_SOCKADDR_IN6 to HAVE_IPV6 2888 2889Wed Mar 18 09:58:18 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2890 2891 * lib/krb5/get_in_tkt_with_keytab.c (krb5_keytab_key_proc): don't 2892 free keyseed; use correct keytab 2893 2894Tue Mar 10 09:56:16 1998 Assar Westerlund <assar@sics.se> 2895 2896 * acinclude.m4 (AC_KRB_IPV6): rewrote to avoid false positives 2897 2898Mon Mar 16 23:58:23 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2899 2900 * Release 0.0n 2901 2902Fri Mar 6 00:41:30 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2903 2904 * lib/gssapi/{accept_sec_context,release_cred}.c: Use 2905 krb5_kt_close/krb5_kt_resolve. 2906 2907 * lib/krb5/principal.c (krb5_425_conv_principal_ext): Use resolver 2908 to lookup hosts, so CNAMEs can be ignored. 2909 2910 * lib/krb5/send_to_kdc.c (krb5_sendto_kdc, send_and_recv_http): 2911 Add support for using proxy. 2912 2913 * lib/krb5/context.c: Initialize `http_proxy' from 2914 `libdefaults/http_proxy'. 2915 2916 * lib/krb5/krb5.h: Add `http_proxy' to context. 2917 2918 * lib/krb5/send_to_kdc.c: Recognize `http/' and `udp/' as protocol 2919 specifications. 2920 2921Wed Mar 4 01:47:29 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2922 2923 * admin/ktutil.c: Implement `add' and `remove' functions. Make 2924 `--keytab' a global option. 2925 2926 * lib/krb5/keytab.c: Implement remove with files. Add memory 2927 operations. 2928 2929Tue Mar 3 20:09:59 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2930 2931 * lib/krb5/keytab.c: Use function pointers. 2932 2933 * admin: Remove kdb_edit. 2934 2935Sun Mar 1 03:28:42 1998 Assar Westerlund <assar@sics.se> 2936 2937 * lib/kadm5/dump_log.c: print operation names 2938 2939Sun Mar 1 03:04:12 1998 Assar Westerlund <assar@sics.se> 2940 2941 * configure.in: add X-tests, and {bin,...}dir appl/{kx,kauth} 2942 2943 * lib/krb5/build_auth.c,mk_priv.c,rd_safe.c,mk_safe.c,mk_rep.c: 2944 remove arbitrary limit 2945 2946 * kdc/hprop-common.c: use krb5_{read,write}_message 2947 2948 * lib/kadm5/ipropd_master.c (send_diffs): more careful use 2949 krb5_{write,read}_message 2950 2951 * lib/kadm5/ipropd_slave.c (get_creds): get credentials for 2952 `iprop/master' directly. 2953 (main): use `krb5_read_message' 2954 2955Sun Mar 1 02:05:11 1998 Johan Danielsson <joda@emma.pdc.kth.se> 2956 2957 * kadmin/kadmin.c: Cleanup commands list, and add help strings. 2958 2959 * kadmin/get.c: Add long, short, and terse (equivalent to `list') 2960 output formats. Short is the default. 2961 2962 * kadmin/util.c: Add `include_time' flag to timeval2str. 2963 2964 * kadmin/init.c: Max-life and max-renew can, infact, be zero. 2965 2966 * kadmin/{cpw,del,ext,get}.c: Use `foreach_principal'. 2967 2968 * kadmin/util.c: Add function `foreach_principal', that loops over 2969 all principals matching an expression. 2970 2971 * kadmin/kadmin.c: Add usage string to `privileges'. 2972 2973 * lib/kadm5/get_princs_s.c: Also try to match aganist the 2974 expression appended with `@default-realm'. 2975 2976 * lib/krb5/principal.c: Add `krb5_unparse_name_fixed_short', that 2977 excludes the realm if it's the same as the default realm. 2978 2979Fri Feb 27 05:02:21 1998 Assar Westerlund <assar@sics.se> 2980 2981 * configure.in: more WFLAGS and WFLAGS_NOUNUSED added missing 2982 headers and functions error -> com_err 2983 2984 (krb5_get_init_creds_keytab): use krb5_keytab_key_proc 2985 2986 * lib/krb5/get_in_tkt_with_keytab.c: make `krb5_keytab_key_proc' 2987 global 2988 2989 * lib/kadm5/marshall.c (ret_principal_ent): set `n_tl_data' 2990 2991 * lib/hdb/ndbm.c: use `struct ndbm_db' everywhere. 2992 2993Fri Feb 27 04:49:24 1998 Assar Westerlund <assar@sics.se> 2994 2995 * lib/krb5/mk_priv.c (krb5_mk_priv): bump static limit to 10240. 2996 This should be fixed the correct way. 2997 2998 * lib/kadm5/ipropd_master.c (check_acl:) truncate buf correctly 2999 (send_diffs): compare versions correctly 3000 (main): reorder handling of events 3001 3002 * lib/kadm5/log.c (kadm5_log_previous): avoid bad type conversion 3003 3004Thu Feb 26 02:22:35 1998 Assar Westerlund <assar@sics.se> 3005 3006 * lib/kadm5/ipropd_{slave,master}.c: new files 3007 3008 * lib/kadm5/log.c (kadm5_log_get_version): take an `fd' as 3009 argument 3010 3011 * lib/krb5/krb5.h (krb5_context_data): `et_list' should be `struct 3012 et_list *' 3013 3014 * aux/make-proto.pl: Should work with perl4 3015 3016Mon Feb 16 17:20:22 1998 Johan Danielsson <joda@emma.pdc.kth.se> 3017 3018 * lib/krb5/krb5_locl.h: Remove <error.h> (it gets included via 3019 {asn1,krb5}_err.h). 3020 3021Thu Feb 12 03:28:40 1998 Assar Westerlund <assar@sics.se> 3022 3023 * lib/krb5/get_in_tkt.c (_krb5_extract_ticket): if time difference 3024 is larger than max_skew, return KRB5KRB_AP_ERR_SKEW 3025 3026 * lib/kadm5/log.c (get_version): globalize 3027 3028 * lib/kadm5/kadm5_locl.h: include <sys/file.h> 3029 3030 * lib/asn1/Makefile.am: add PA_KEY_INFO and PA_KEY_INFO_ENTRY 3031 3032 * kdc/kerberos5.c (get_pa_etype_info): remove gcc-ism of 3033 initializing local struct in declaration. 3034 3035Sat Jan 31 17:28:58 1998 Johan Danielsson <joda@emma.pdc.kth.se> 3036 3037 * kdc/524.c: Use krb5_decode_EncTicketPart. 3038 3039 * kdc/kerberos5.c: Check at runtime whether to use enctypes 3040 instead of keytypes. If so use the same value to encrypt ticket, 3041 and kdc-rep as well as `keytype' for session key. Fix some obvious 3042 bugs with the handling of additional tickets. 3043 3044 * lib/krb5/rd_req.c: Use krb5_decode_EncTicketPart, and 3045 krb5_decode_Authenticator. 3046 3047 * lib/krb5/rd_rep.c: Use krb5_decode_EncAPRepPart. 3048 3049 * lib/krb5/rd_cred.c: Use krb5_decode_EncKrbCredPart. 3050 3051 * lib/krb5/mk_rep.c: Make sure enc_part.etype is an encryption 3052 type, and not a key type. Use krb5_encode_EncAPRepPart. 3053 3054 * lib/krb5/init_creds_pw.c: Use krb5_decode_PA_KEY_INFO. 3055 3056 * lib/krb5/get_in_tkt.c: Use krb5_decode_Enc{AS,TGS}RepPart. 3057 3058 * lib/krb5/get_for_creds.c: Use krb5_encode_EncKrbCredPart. 3059 3060 * lib/krb5/get_cred.c: Use krb5_decode_Enc{AS,TGS}RepPart. 3061 3062 * lib/krb5/build_auth.c: Use krb5_encode_Authenticator. 3063 3064 * lib/krb5/codec.c: Enctype conversion stuff. 3065 3066 * lib/krb5/context.c: Ignore KRB5_CONFIG if *not* running 3067 setuid. Get configuration for libdefaults ktype_is_etype, and 3068 default_etypes. 3069 3070 * lib/krb5/encrypt.c: Add krb5_string_to_etype, rename 3071 krb5_convert_etype to krb5_decode_keytype, and add 3072 krb5_decode_keyblock. 3073 3074Fri Jan 23 00:32:09 1998 Johan Danielsson <joda@emma.pdc.kth.se> 3075 3076 * lib/krb5/{get_in_tkt,rd_req}.c: Use krb5_convert_etype. 3077 3078 * lib/krb5/encrypt.c: Add krb5_convert_etype function - converts 3079 from protocol keytypes (that really are enctypes) to internal 3080 representation. 3081 3082Thu Jan 22 21:24:36 1998 Johan Danielsson <joda@emma.pdc.kth.se> 3083 3084 * lib/asn1/k5.asn1: Add PA-KEY-INFO structure to hold information 3085 on keys in the database; and also a new `pa-key-info' padata-type. 3086 3087 * kdc/kerberos5.c: If pre-authentication fails, return a list of 3088 keytypes, salttypes, and salts. 3089 3090 * lib/krb5/init_creds_pw.c: Add better support for 3091 pre-authentication, by looking at hints from the KDC. 3092 3093 * lib/krb5/get_in_tkt.c: Add better support for specifying what 3094 pre-authentication to use. 3095 3096 * lib/krb5/str2key.c: Merge entries for KEYTYPE_DES and 3097 KEYTYPE_DES_AFS3. 3098 3099 * lib/krb5/krb5.h: Add pre-authentication structures. 3100 3101 * kdc/connect.c: Don't fail if realloc(X, 0) returns NULL. 3102 3103Wed Jan 21 06:20:40 1998 Assar Westerlund <assar@sics.se> 3104 3105 * lib/kadm5/init_s.c (kadm5_s_init_with_password_ctx): initialize 3106 `log_context.socket_name' and `log_context.socket_fd' 3107 3108 * lib/kadm5/log.c (kadm5_log_flush): send a unix domain datagram 3109 to inform the possible running ipropd of an update. 3110 3111Wed Jan 21 01:34:09 1998 Johan Danielsson <joda@emma.pdc.kth.se> 3112 3113 * lib/krb5/get_in_tkt.c: Return error-packet to caller. 3114 3115 * lib/krb5/free.c (krb5_free_kdc_rep): Free krb5_kdc_rep->error. 3116 3117 * kdc/kerberos5.c: Add some support for using enctypes instead of 3118 keytypes. 3119 3120 * lib/krb5/get_cred.c: Fixes to send authorization-data to the 3121 KDC. 3122 3123 * lib/krb5/build_auth.c: Only generate local subkey if there is 3124 none. 3125 3126 * lib/krb5/krb5.h: Add krb5_authdata type. 3127 3128 * lib/krb5/auth_context.c: Add 3129 krb5_auth_con_set{,localsub,remotesub}key. 3130 3131 * lib/krb5/init_creds_pw.c: Return some error if prompter 3132 functions return failure. 3133 3134Wed Jan 21 01:16:13 1998 Assar Westerlund <assar@sics.se> 3135 3136 * kpasswd/kpasswd.c: detect bad password. use krb5_err. 3137 3138 * kadmin/util.c (edit_entry): remove unused variables 3139 3140Tue Jan 20 22:58:31 1998 Assar Westerlund <assar@sics.se> 3141 3142 * kuser/kinit.c: rename `-s' to `-S' to be MIT-compatible. 3143 3144 * lib/kadm5/kadm5_locl.h: add kadm5_log_context and 3145 kadm5_log*-functions 3146 3147 * lib/kadm5/create_s.c (kadm5_s_create_principal): add change to 3148 log 3149 3150 * lib/kadm5/rename_s.c (kadm5_s_rename_principal): add change to 3151 log 3152 3153 * lib/kadm5/init_s.c (kadm5_s_init_with_password_ctx): initialize 3154 log_context 3155 3156 * lib/kadm5/delete_s.c (kadm5_s_delete_principal): add change to 3157 log 3158 3159 * lib/kadm5/modify_s.c (kadm5_s_modify_principal): add change to 3160 log 3161 3162 * lib/kadm5/randkey_s.c (kadm5_s_randkey_principal): add change to 3163 log 3164 3165 * lib/kadm5/chpass_s.c (kadm5_s_chpass_principal): add change to 3166 log 3167 3168 * lib/kadm5/Makefile.am: add log.c, dump_log and replay_log 3169 3170 * lib/kadm5/replay_log.c: new file 3171 3172 * lib/kadm5/dump_log.c: new file 3173 3174 * lib/kadm5/log.c: new file 3175 3176 * lib/krb5/str2key.c (get_str): initialize pad space to zero 3177 3178 * lib/krb5/config_file.c (krb5_config_vget_next): handle c == NULL 3179 3180 * kpasswd/kpasswdd.c: rewritten to use the kadm5 API 3181 3182 * kpasswd/Makefile.am: link with kadm5srv 3183 3184 * kdc/kerberos5.c (tgs_rep): initialize `i' 3185 3186 * kadmin/kadmind.c (main): use kadm5_server_{send,recv}_sp 3187 3188 * include/Makefile.am: added admin.h 3189 3190Sun Jan 18 01:41:34 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 3191 3192 * lib/asn1/gen_copy.c: Don't return ENOMEM if allocating 0 bytes. 3193 3194 * lib/krb5/mcache.c (mcc_store_cred): restore linked list if 3195 copy_creds fails. 3196 3197Tue Jan 6 04:17:56 1998 Assar Westerlund <assar@sics.se> 3198 3199 * lib/kadm5/server.c: add kadm5_server_{send,recv}{,_sp} 3200 3201 * lib/kadm5/marshall.c: add kadm5_{store,ret}_principal_ent_mask. 3202 3203 * lib/kadm5/init_c.c (kadm5_c_init_with_password_ctx): use 3204 krb5_getportbyname 3205 3206 * kadmin/kadmind.c (main): htons correctly. 3207 moved kadm5_server_{recv,send} 3208 3209 * kadmin/kadmin.c (main): only set admin_server if explicitly 3210 given 3211 3212Mon Jan 5 23:34:44 1998 Johan Danielsson <joda@emma.pdc.kth.se> 3213 3214 * lib/hdb/ndbm.c: Implement locking of database. 3215 3216 * kdc/kerberos5.c: Process AuthorizationData. 3217 3218Sat Jan 3 22:07:07 1998 Johan Danielsson <joda@blubb.pdc.kth.se> 3219 3220 * kdc/string2key.c: Use AFS string-to-key from libkrb5. 3221 3222 * lib/krb5/get_in_tkt.c: Handle pa-afs3-salt case. 3223 3224 * lib/krb5/krb5.h: Add value for AFS salts. 3225 3226 * lib/krb5/str2key.c: Add support for AFS string-to-key. 3227 3228 * lib/kadm5/rename_s.c: Use correct salt. 3229 3230 * lib/kadm5/ent_setup.c: Always enable client. Only set max-life 3231 and max-renew if != 0. 3232 3233 * lib/krb5/config_file.c: Add context to all krb5_config_*get_*. 3234 3235Thu Dec 25 17:03:25 1997 Assar Westerlund <assar@sics.se> 3236 3237 * kadmin/ank.c (ank): don't zero password if --random-key was 3238 given. 3239 3240Tue Dec 23 01:56:45 1997 Assar Westerlund <assar@sics.se> 3241 3242 * Release 0.0m 3243 3244 * lib/kadm5/ent_setup.c (attr_to_flags): try to set `client' 3245 3246 * kadmin/util.c (edit_time): only set mask if != 0 3247 (edit_attributes): only set mask if != 0 3248 3249 * kadmin/init.c (init): create `default' 3250 3251Sun Dec 21 09:44:05 1997 Assar Westerlund <assar@sics.se> 3252 3253 * kadmin/util.c (str2deltat, str2attr, get_deltat): return value 3254 as pointer and have return value indicate success. 3255 3256 (get_response): check NULL from fgets 3257 3258 (edit_time, edit_attributes): new functions for reading values and 3259 offering list of answers on '?' 3260 3261 (edit_entry): use edit_time and edit_attributes 3262 3263 * kadmin/ank.c (add_new_key): test the return value of 3264 `krb5_parse_name' 3265 3266 * kdc/kerberos5.c (tgs_check_authenticator): RFC1510 doesn't say 3267 that the checksum has to be keyed, even though later drafts do. 3268 Accept unkeyed checksums to be compatible with MIT. 3269 3270 * kadmin/kadmin_locl.h: add some prototypes. 3271 3272 * kadmin/util.c (edit_entry): return a value 3273 3274 * appl/afsutil/afslog.c (main): return a exit code. 3275 3276 * lib/krb5/get_cred.c (init_tgs_req): use krb5_keytype_to_enctypes 3277 3278 * lib/krb5/encrypt.c (krb5_keytype_to_enctypes): new function. 3279 3280 * lib/krb5/build_auth.c (krb5_build_authenticator): use 3281 krb5_{free,copy}_keyblock instead of the _contents versions 3282 3283Fri Dec 12 14:20:58 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3284 3285 * lib/krb5/{mk,rd}_priv.c: fix check for local/remote subkey 3286 3287Mon Dec 8 08:48:09 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3288 3289 * lib/krb5/context.c: don't look at KRB5_CONFIG if running setuid 3290 3291Sat Dec 6 10:09:40 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3292 3293 * lib/krb5/keyblock.c (krb5_free_keyblock): check for NULL 3294 keyblock 3295 3296Sat Dec 6 08:26:10 1997 Assar Westerlund <assar@sics.se> 3297 3298 * Release 0.0l 3299 3300Thu Dec 4 03:38:12 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3301 3302 * lib/krb5/send_to_kdc.c: Add TCP client support. 3303 3304 * lib/krb5/store.c: Add k_{put,get}_int. 3305 3306 * kadmin/ank.c: Set initial kvno to 1. 3307 3308 * kdc/connect.c: Send version 5 TCP-reply as length+data. 3309 3310Sat Nov 29 07:10:11 1997 Assar Westerlund <assar@sics.se> 3311 3312 * lib/krb5/rd_req.c (krb5_rd_req): fixed obvious bug 3313 3314 * kdc/kaserver.c (create_reply_ticket): use a random nonce in the 3315 reply packet. 3316 3317 * kdc/connect.c (init_sockets): less reallocing. 3318 3319 * **/*.c: changed `struct fd_set' to `fd_set' 3320 3321Sat Nov 29 05:12:01 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3322 3323 * lib/krb5/get_default_principal.c: More guessing. 3324 3325Thu Nov 20 02:55:09 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3326 3327 * lib/krb5/rd_req.c: Use principal from ticket if no server is 3328 given. 3329 3330Tue Nov 18 02:58:02 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3331 3332 * kuser/klist.c: Use krb5_err*(). 3333 3334Sun Nov 16 11:57:43 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3335 3336 * kadmin/kadmin.c: Add local `init', `load', `dump', and `merge' 3337 commands. 3338 3339Sun Nov 16 02:52:20 1997 Assar Westerlund <assar@sics.se> 3340 3341 * lib/krb5/mk_req_ext.c (krb5_mk_req_ext): figure out the correct 3342 `enctype' 3343 3344 * lib/krb5/mk_req.c (krb5_mk_req): use `(*auth_context)->enctype' 3345 if set. 3346 3347 * lib/krb5/get_cred.c: handle the case of a specific keytype 3348 3349 * lib/krb5/build_auth.c (krb5_build_authenticator): enctype as a 3350 parameter instead of guessing it. 3351 3352 * lib/krb5/build_ap_req.c (krb5_build_ap_req): new parameter 3353 `enctype' 3354 3355 * appl/test/common.c (common_setup): don't use `optarg' 3356 3357 * lib/krb5/keytab.c (krb5_kt_copy_entry_contents): new function 3358 (krb5_kt_get_entry): retrieve the latest version if kvno == 0 3359 3360 * lib/krb5/krb5.h: define KRB5_TC_MATCH_KEYTYPE 3361 3362 * lib/krb5/creds.c (krb5_compare_creds): check for 3363 KRB5_TC_MATCH_KEYTYPE 3364 3365 * lib/gssapi/8003.c (gssapi_krb5_create_8003_checksum): remove 3366 unused variable 3367 3368 * lib/krb5/creds.c (krb5_copy_creds_contents): only free the 3369 contents if we fail. 3370 3371Sun Nov 16 00:32:48 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3372 3373 * kpasswd/kpasswdd.c: Get password expiration time from config 3374 file. 3375 3376 * lib/asn1/{der_get,gen_decode}.c: Allow passing NULL size. 3377 3378Wed Nov 12 02:35:57 1997 Assar Westerlund <assar@sics.se> 3379 3380 * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): 3381 restructured and fixed. 3382 3383 * lib/krb5/addr_families.c (krb5_h_addr2addr): new function. 3384 3385Wed Nov 12 01:36:01 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3386 3387 * lib/krb5/get_addrs.c: Fall back to hostname's addresses if other 3388 methods fail. 3389 3390Tue Nov 11 22:22:12 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3391 3392 * kadmin/kadmin.c: Add `-l' flag to use local database. 3393 3394 * lib/kadm5/acl.c: Use KADM5_PRIV_ALL. 3395 3396 * lib/kadm5: Use function pointer trampoline for easier dual use 3397 (without radiation-hardening capability). 3398 3399Tue Nov 11 05:15:22 1997 Assar Westerlund <assar@sics.se> 3400 3401 * lib/krb5/encrypt.c (krb5_etype_valid): new function 3402 3403 * lib/krb5/creds.c (krb5_copy_creds_contents): zero target 3404 3405 * lib/krb5/context.c (valid_etype): remove 3406 3407 * lib/krb5/checksum.c: remove dead code 3408 3409 * lib/krb5/changepw.c (send_request): free memory on error. 3410 3411 * lib/krb5/build_ap_req.c (krb5_build_ap_req): check return value 3412 from malloc. 3413 3414 * lib/krb5/auth_context.c (krb5_auth_con_init): free memory on 3415 failure correctly. 3416 (krb5_auth_con_setaddrs_from_fd): return error correctly. 3417 3418 * lib/krb5/get_in_tkt_with_{keytab,skey}.c: new files 3419 3420Tue Nov 11 02:53:19 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3421 3422 * lib/krb5/auth_context.c: Implement auth_con_setuserkey. 3423 3424 * lib/gssapi/init_sec_context.c: Use krb5_auth_con_getkey. 3425 3426 * lib/krb5/keyblock.c: Rename krb5_free_keyblock to 3427 krb5_free_keyblock_contents, and reimplement krb5_free_keyblock. 3428 3429 * lib/krb5/rd_req.c: Use auth_context->keyblock if 3430 ap_options.use_session_key. 3431 3432Tue Nov 11 02:35:17 1997 Assar Westerlund <assar@sics.se> 3433 3434 * lib/krb5/net_{read,write}.c: change `int fd' to `void *p_fd'. 3435 fix callers. 3436 3437 * lib/krb5/krb5_locl.h: include <asn1.h> and <der.h> 3438 3439 * include/Makefile.am: add xdbm.h 3440 3441Tue Nov 11 01:58:22 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3442 3443 * lib/krb5/get_cred.c: Implement krb5_get_cred_from_kdc. 3444 3445Mon Nov 10 22:41:53 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3446 3447 * lib/krb5/ticket.c: Implement copy_ticket. 3448 3449 * lib/krb5/get_in_tkt.c: Make `options' parameter MIT-compatible. 3450 3451 * lib/krb5/data.c: Implement free_data and copy_data. 3452 3453Sun Nov 9 02:17:27 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3454 3455 * lib/kadm5: Implement kadm5_get_privs, and kadm5_get_principals. 3456 3457 * kadmin/kadmin.c: Add get_privileges function. 3458 3459 * lib/kadm5: Rename KADM5_ACL_* -> KADM5_PRIV_* to conform with 3460 specification. 3461 3462 * kdc/connect.c: Exit if no sockets could be bound. 3463 3464 * kadmin/kadmind.c: Check return value from krb5_net_read(). 3465 3466 * lib/kadm5,kadmin: Fix memory leaks. 3467 3468Fri Nov 7 02:45:26 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3469 3470 * lib/kadm5/create_s.c: Get some default values from `default' 3471 principal. 3472 3473 * lib/kadm5/ent_setup.c: Add optional default entry to get some 3474 values from. 3475 3476Thu Nov 6 00:20:41 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3477 3478 * lib/error/compile_et.awk: Remove generated destroy_*_error_table 3479 prototype 3480 3481 * kadmin/kadmind.c: Crude admin server. 3482 3483 * kadmin/kadmin.c: Update to use remote protocol. 3484 3485 * kadmin/get.c: Fix principal formatting. 3486 3487 * lib/kadm5: Add client support. 3488 3489 * lib/kadm5/error.c: Error code mapping. 3490 3491 * lib/kadm5/server.c: Kadmind support function. 3492 3493 * lib/kadm5/marshall.c: Kadm5 marshalling. 3494 3495 * lib/kadm5/acl.c: Simple acl system. 3496 3497 * lib/kadm5/kadm5_locl.h: Add client stuff. 3498 3499 * lib/kadm5/init_s.c: Initialize acl. 3500 3501 * lib/kadm5/*: Return values. 3502 3503 * lib/kadm5/create_s.c: Correct kvno. 3504 3505Wed Nov 5 22:06:50 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3506 3507 * lib/krb5/log.c: Fix parsing of log destinations. 3508 3509Mon Nov 3 20:33:55 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3510 3511 * lib/krb5/principal.c: Reduce number of reallocs in unparse_name. 3512 3513Sat Nov 1 01:40:53 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3514 3515 * kadmin: Simple kadmin utility. 3516 3517 * admin/ktutil.c: Print keytype. 3518 3519 * lib/kadm5/get_s.c: Set correct n_key_data. 3520 3521 * lib/kadm5/init_s.c: Add kadm5_s_init_with_password_ctx. Use 3522 master key. 3523 3524 * lib/kadm5/destroy_s.c: Check for allocated context. 3525 3526 * lib/kadm5/{create,chpass}_s.c: Use _kadm5_set_keys(). 3527 3528Sat Nov 1 00:21:00 1997 Assar Westerlund <assar@sics.se> 3529 3530 * configure.in: test for readv, writev 3531 3532Wed Oct 29 23:41:26 1997 Assar Westerlund <assar@sics.se> 3533 3534 * lib/krb5/warn.c (_warnerr): handle the case of an illegal error 3535 code 3536 3537 * kdc/kerberos5.c (encode_reply): return success 3538 3539Wed Oct 29 18:01:59 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3540 3541 * kdc/kerberos5.c (find_etype) Return correct index of selected 3542 etype. 3543 3544Wed Oct 29 04:07:06 1997 Assar Westerlund <assar@sics.se> 3545 3546 * Release 0.0k 3547 3548 * lib/krb5/context.c (krb5_init_context): support `KRB5_CONFIG' 3549 environment variable 3550 3551 * *: use the roken_get*-macros from roken.h for the benefit of 3552 Crays. 3553 3554 * configure.in: add --{enable,disable}-otp. check for compatible 3555 prototypes for gethostbyname, gethostbyaddr, getservbyname, and 3556 openlog (they have strange prototypes on Crays) 3557 3558 * acinclude.m4: new macro `AC_PROTO_COMPAT' 3559 3560Tue Oct 28 00:11:22 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3561 3562 * kdc/connect.c: Log bad requests. 3563 3564 * kdc/kerberos5.c: Move stuff that's in common between as_rep and 3565 tgs_rep to separate functions. 3566 3567 * kdc/kerberos5.c: Fix user-to-user authentication. 3568 3569 * lib/krb5/get_cred.c: Some restructuring of krb5_get_credentials: 3570 - add a kdc-options argument to krb5_get_credentials, and rename 3571 it to krb5_get_credentials_with_flags 3572 - honour the KRB5_GC_CACHED, and KRB5_GC_USER_USER options 3573 - add some more user-to-user glue 3574 3575 * lib/krb5/rd_req.c: Move parts of krb5_verify_ap_req into a new 3576 function, krb5_decrypt_ticket, so it is easier to decrypt and 3577 check a ticket without having an ap-req. 3578 3579 * lib/krb5/krb5.h: Add KRB5_GC_CACHED, and KRB5_GC_USER_USER 3580 flags. 3581 3582 * lib/krb5/crc.c (crc_init_table): Check if table is already 3583 inited. 3584 3585Sun Oct 26 04:51:02 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3586 3587 * lib/asn1/der_get.c (der_get_length, fix_dce): Special-case 3588 indefinite encoding. 3589 3590 * lib/asn1/gen_glue.c (generate_units): Check for empty 3591 member-list. 3592 3593Sat Oct 25 07:24:57 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3594 3595 * lib/error/compile_et.awk: Allow specifying table-base. 3596 3597Tue Oct 21 20:21:40 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3598 3599 * kdc/kerberos5.c: Check version number of krbtgt. 3600 3601Mon Oct 20 01:14:53 1997 Assar Westerlund <assar@sics.se> 3602 3603 * lib/krb5/prompter_posix.c (krb5_prompter_posix): implement the 3604 case of unhidden prompts. 3605 3606 * lib/krb5/str2key.c (string_to_key_internal): return error 3607 instead of aborting. always free memory 3608 3609 * admin/ktutil.c: add `help' command 3610 3611 * admin/kdb_edit.c: implement new commands: add_random_key(ark), 3612 change_password(cpw), change_random_key(crk) 3613 3614Thu Oct 16 05:16:36 1997 Assar Westerlund <assar@sics.se> 3615 3616 * kpasswd/kpasswdd.c: change all the keys in the database 3617 3618 * kdc: removed all unsealing, now done by the hdb layer 3619 3620 * lib/hdb/hdb.c: new functions `hdb_create', `hdb_set_master_key' 3621 and `hdb_clear_master_key' 3622 3623 * admin/misc.c: removed 3624 3625Wed Oct 15 22:47:31 1997 Assar Westerlund <assar@sics.se> 3626 3627 * kuser/klist.c: print year as YYYY iff verbose 3628 3629Wed Oct 15 20:02:13 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3630 3631 * kuser/klist.c: print etype from ticket 3632 3633Mon Oct 13 17:18:57 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3634 3635 * Release 0.0j 3636 3637 * lib/krb5/get_cred.c: Get the subkey from mk_req so it can be 3638 used to decrypt the reply from DCE secds. 3639 3640 * lib/krb5/auth_context.c: Add {get,set}enctype. 3641 3642 * lib/krb5/get_cred.c: Fix for DCE secd. 3643 3644 * lib/krb5/store.c: Store keytype twice, as MIT does. 3645 3646 * lib/krb5/get_in_tkt.c: Use etype from reply. 3647 3648Fri Oct 10 00:39:48 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3649 3650 * kdc/connect.c: check for leading '/' in http request 3651 3652Tue Sep 30 21:50:18 1997 Assar Westerlund <assar@assaris.pdc.kth.se> 3653 3654 * Release 0.0i 3655 3656Mon Sep 29 15:58:43 1997 Assar Westerlund <assar@sics.se> 3657 3658 * lib/krb5/rd_req.c (krb5_rd_req): redone because we don't know 3659 the kvno or keytype before receiving the AP-REQ 3660 3661 * lib/krb5/mk_safe.c (krb5_mk_safe): figure out what cksumtype to 3662 use from the keytype. 3663 3664 * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): figure out what 3665 cksumtype to use from the keytype. 3666 3667 * lib/krb5/mk_priv.c (krb5_mk_priv): figure out what etype to use 3668 from the keytype. 3669 3670 * lib/krb5/keytab.c (krb5_kt_get_entry): check the keytype 3671 3672 * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): figure out 3673 what etype to use from the keytype. 3674 3675 * lib/krb5/generate_seq_number.c (krb5_generate_seq_number): 3676 handle other key types than DES 3677 3678 * lib/krb5/encrypt.c (key_type): add `best_cksumtype' 3679 (krb5_keytype_to_cksumtype): new function 3680 3681 * lib/krb5/build_auth.c (krb5_build_authenticator): figure out 3682 what etype to use from the keytype. 3683 3684 * lib/krb5/auth_context.c (krb5_auth_con_init): set `cksumtype' 3685 and `enctype' to 0 3686 3687 * admin/extkeytab.c (ext_keytab): extract all keys 3688 3689 * appl/telnet/telnet/commands.c: INET6_ADDRSTRLEN kludge 3690 3691 * configure.in: check for <netinet6/in6.h>. check for -linet6 3692 3693Tue Sep 23 03:00:53 1997 Assar Westerlund <assar@sics.se> 3694 3695 * lib/krb5/encrypt.c: fix checksumtype for des3-cbc-sha1 3696 3697 * lib/krb5/rd_safe.c: fix check for keyed and collision-proof 3698 checksum 3699 3700 * lib/krb5/context.c (valid_etype): remove hard-coded constants 3701 (default_etypes): include DES3 3702 3703 * kdc/kerberos5.c: fix check for keyed and collision-proof 3704 checksum 3705 3706 * admin/util.c (init_des_key, set_password): DES3 keys also 3707 3708 * lib/krb/send_to_kdc.c (krb5_sendto_kdc): no data returned means 3709 no contact? 3710 3711 * lib/krb5/addr_families.c: fix typo in `ipv6_anyaddr' 3712 3713Mon Sep 22 11:44:27 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 3714 3715 * kdc/kerberos5.c: Somewhat fix the etype usage. The list sent by 3716 the client is used to select wich key to encrypt the kdc rep with 3717 (in case of as-req), and with the server info to select the 3718 session key type. The server key the ticket is encrypted is based 3719 purely on the keys in the database. 3720 3721 * kdc/string2key.c: Add keytype support. Default to version 5 3722 keys. 3723 3724 * lib/krb5/get_in_tkt.c: Fix a lot of etype/keytype misuse. 3725 3726 * lib/krb5/encrypt.c: Add des3-cbc-md5, and des3-cbc-sha1. Add 3727 many *_to_* functions. 3728 3729 * lib/krb5/str2key.c: Add des3 string-to-key. Add ktype argument 3730 to krb5_string_to_key(). 3731 3732 * lib/krb5/checksum.c: Some cleanup, and added: 3733 - rsa-md5-des3 3734 - hmac-sha1-des3 3735 - keyed and collision proof flags to each checksum method 3736 - checksum<->string functions. 3737 3738 * lib/krb5/generate_subkey.c: Use krb5_generate_random_keyblock. 3739 3740Sun Sep 21 15:19:23 1997 Assar Westerlund <assar@sics.se> 3741 3742 * kdc/connect.c: use new addr_families functions 3743 3744 * kpasswd/kpasswdd.c: use new addr_families functions. Now works 3745 over IPv6 3746 3747 * kuser/klist.c: use correct symbols for address families 3748 3749 * lib/krb5/sock_principal.c: use new addr_families functions 3750 3751 * lib/krb5/send_to_kdc.c: use new addr_families functions 3752 3753 * lib/krb5/krb5.h: add KRB5_ADDRESS_INET6 3754 3755 * lib/krb5/get_addrs.c: use new addr_families functions 3756 3757 * lib/krb5/changepw.c: use new addr_families functions. Now works 3758 over IPv6 3759 3760 * lib/krb5/auth_context.c: use new addr_families functions 3761 3762 * lib/krb5/addr_families.c: new file 3763 3764 * acconfig.h: AC_SOCKADDR_IN6 -> AC_STRUCT_SOCKADDR_IN6. Updated 3765 uses. 3766 3767 * acinclude.m4: new macro `AC_KRB_IPV6'. Use it. 3768 3769Sat Sep 13 23:04:23 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3770 3771 * kdc/hprop.c: Don't encrypt twice. Complain on non-convertable 3772 principals. 3773 3774Sat Sep 13 00:59:36 1997 Assar Westerlund <assar@sics.se> 3775 3776 * Release 0.0h 3777 3778 * appl/telnet/telnet/commands.c: AF_INET6 support 3779 3780 * admin/misc.c: new file 3781 3782 * lib/krb5/context.c: new configuration variable `max_retries' 3783 3784 * lib/krb5/get_addrs.c: fixes and better #ifdef's 3785 3786 * lib/krb5/config_file.c: implement krb5_config_get_int 3787 3788 * lib/krb5/auth_context.c, send_to_kdc.c, sock_principal.c: 3789 AF_INET6 support 3790 3791 * kuser/klist.c: support for printing IPv6-addresses 3792 3793 * kdc/connect.c: support AF_INET6 3794 3795 * configure.in: test for gethostbyname2 and struct sockaddr_in6 3796 3797Thu Sep 11 07:25:28 1997 Assar Westerlund <assar@sics.se> 3798 3799 * lib/asn1/k5.asn1: Use `METHOD-DATA' instead of `SEQUENCE OF 3800 PA-DATA' 3801 3802Wed Sep 10 21:20:17 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3803 3804 * kdc/kerberos5.c: Fixes for cross-realm, including (but not 3805 limited to): 3806 - allow client to be non-existant (should probably check for 3807 "local realm") 3808 - if server isn't found and it is a request for a krbtgt, try to 3809 find a realm on the way to the requested realm 3810 - update the transited encoding iff 3811 client-realm != server-realm != tgt-realm 3812 3813 * lib/krb5/get_cred.c: Several fixes for cross-realm. 3814 3815Tue Sep 9 15:59:20 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3816 3817 * kdc/string2key.c: Fix password handling. 3818 3819 * lib/krb5/encrypt.c: krb5_key_to_string 3820 3821Tue Sep 9 07:46:05 1997 Assar Westerlund <assar@sics.se> 3822 3823 * lib/krb5/get_addrs.c: rewrote. Now should be able to handle 3824 aliases and IPv6 addresses 3825 3826 * kuser/klist.c: try printing IPv6 addresses 3827 3828 * kdc/kerberos5.c: increase the arbitrary limit from 1024 to 8192 3829 3830 * configure.in: check for <netinet/in6_var.h> 3831 3832Mon Sep 8 02:57:14 1997 Assar Westerlund <assar@sics.se> 3833 3834 * doc: fixes 3835 3836 * admin/util.c (init_des_key): increase kvno 3837 (set_password): return -1 if `des_read_pw_string' failed 3838 3839 * admin/mod.c (doit2): check the return value from `set_password' 3840 3841 * admin/ank.c (doit): don't add a new entry if `set_password' 3842 failed 3843 3844Mon Sep 8 02:20:16 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 3845 3846 * lib/krb5/verify_init.c: fix ap_req_nofail semantics 3847 3848 * lib/krb5/transited.c: something that might resemble 3849 domain-x500-compress 3850 3851Mon Sep 8 01:24:42 1997 Assar Westerlund <assar@sics.se> 3852 3853 * kdc/hpropd.c (main): check number of arguments 3854 3855 * appl/popper/pop_init.c (pop_init): check number of arguments 3856 3857 * kpasswd/kpasswd.c (main): check number of arguments 3858 3859 * kdc/string2key.c (main): check number of arguments 3860 3861 * kuser/kdestroy.c (main): check number of arguments 3862 3863 * kuser/kinit.c (main): check number of arguments 3864 3865 * kpasswd/kpasswdd.c (main): use sigaction without SA_RESTART to 3866 break out of select when a signal arrives 3867 3868 * kdc/main.c (main): use sigaction without SA_RESTART to break out 3869 of select when a signal arrives 3870 3871 * kdc/kstash.c: default to HDB_DB_DIR "/m-key" 3872 3873 * kdc/config.c (configure): add `--version'. Check the number of 3874 arguments. Handle the case of there being no specification of port 3875 numbers. 3876 3877 * admin/util.c: seal and unseal key at appropriate places 3878 3879 * admin/kdb_edit.c (main): parse arguments, config file and read 3880 master key iff there's one. 3881 3882 * admin/extkeytab.c (ext_keytab): unseal key while extracting 3883 3884Sun Sep 7 20:41:01 1997 Assar Westerlund <assar@sics.se> 3885 3886 * lib/roken/roken.h: include <fcntl.h> 3887 3888 * kdc/kerberos5.c (set_salt_padata): new function 3889 3890 * appl/telnet/telnetd/telnetd.c: Rename some variables that 3891 conflict with cpp symbols on HP-UX 10.20 3892 3893 * change all calls of `gethostbyaddr' to cast argument 1 to `const 3894 char *' 3895 3896 * acconfig.h: only use SGTTY on nextstep 3897 3898Sun Sep 7 14:33:50 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3899 3900 * kdc/kerberos5.c: Check invalid flag. 3901 3902Fri Sep 5 14:19:38 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3903 3904 * lib/krb5/verify_user.c: Use get_init_creds/verify_init_creds. 3905 3906 * lib/kafs: Move functions common to krb/krb5 modules to new file, 3907 and make things more modular. 3908 3909 * lib/krb5/krb5.h: rename STRING -> krb5_config_string, and LIST 3910 -> krb5_config_list 3911 3912Thu Sep 4 23:39:43 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 3913 3914 * lib/krb5/get_addrs.c: Fix loopback test. 3915 3916Thu Sep 4 04:45:49 1997 Assar Westerlund <assar@sics.se> 3917 3918 * lib/roken/roken.h: fallback definition of `O_ACCMODE' 3919 3920 * lib/krb5/get_in_tkt.c (krb5_get_in_cred): be more careful when 3921 checking for a v4 reply 3922 3923Wed Sep 3 18:20:14 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3924 3925 * kdc/hprop.c: Add `--decrypt' and `--encrypt' flags. 3926 3927 * lib/hdb/hdb.c: new {seal,unseal}_keys functions 3928 3929 * kdc/{hprop,hpropd}.c: Add support to dump database to stdout. 3930 3931 * kdc/hprop.c: Don't use same master key as version 4. 3932 3933 * admin/util.c: Don't dump core if no `default' is found. 3934 3935Wed Sep 3 16:01:07 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 3936 3937 * kdc/connect.c: Allow run time port specification. 3938 3939 * kdc/config.c: Add flags for http support, and port 3940 specifications. 3941 3942Tue Sep 2 02:00:03 1997 Assar Westerlund <assar@sics.se> 3943 3944 * include/bits.c: Don't generate ifndef's in bits.h. Instead, use 3945 them when building the program. This makes it possible to include 3946 bits.h without having defined all HAVE_INT17_T symbols. 3947 3948 * configure.in: test for sigaction 3949 3950 * doc: updated documentation. 3951 3952Tue Sep 2 00:20:31 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3953 3954 * Release 0.0g 3955 3956Mon Sep 1 17:42:14 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3957 3958 * lib/krb5/data.c: don't return ENOMEM if len == 0 3959 3960Sun Aug 31 17:15:49 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3961 3962 * lib/hdb/hdb.asn1: Include salt type in salt. 3963 3964 * kdc/hprop.h: Change port to 754. 3965 3966 * kdc/hpropd.c: Verify who tries to transmit a database. 3967 3968 * appl/popper: Use getarg and krb5_log. 3969 3970 * lib/krb5/get_port.c: Add context parameter. Now takes port in 3971 host byte order. 3972 3973Sat Aug 30 18:48:19 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3974 3975 * kdc/connect.c: Add timeout to select, and log about expired tcp 3976 connections. 3977 3978 * kdc/config.c: Add `database' option. 3979 3980 * kdc/hpropd.c: Log about duplicate entries. 3981 3982 * lib/hdb/{db,ndbm}.c: Use common routines. 3983 3984 * lib/hdb/common.c: Implement more generic fetch/store/delete 3985 functions. 3986 3987 * lib/hdb/hdb.h: Add `replace' parameter to store. 3988 3989 * kdc/connect.c: Set filedecriptor to -1 on allocated decriptor 3990 entries. 3991 3992Fri Aug 29 03:13:23 1997 Assar Westerlund <assar@sics.se> 3993 3994 * lib/krb5/get_in_tkt.c: extract_ticket -> _krb5_extract_ticket 3995 3996 * aux/make-proto.pl: fix __P for stone age mode 3997 3998Fri Aug 29 02:45:46 1997 Johan Danielsson <joda@emma.pdc.kth.se> 3999 4000 * lib/45/mk_req.c: implementation of krb_mk_req that uses 524 4001 protocol 4002 4003 * lib/krb5/init_creds_pw.c: make change_password and 4004 get_init_creds_common static 4005 4006 * lib/krb5/krb5.h: Merge stuff from removed headerfiles. 4007 4008 * lib/krb5/fcache.c: fcc_ops -> krb5_fcc_ops 4009 4010 * lib/krb5/mcache.c: mcc_ops -> krb5_mcc_ops 4011 4012Fri Aug 29 01:45:25 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4013 4014 * lib/krb5/krb5.h: Remove all prototypes. 4015 4016 * lib/krb5/convert_creds.c: Use `struct credentials' instead of 4017 `CREDENTIALS'. 4018 4019Fri Aug 29 00:08:18 1997 Assar Westerlund <assar@sics.se> 4020 4021 * lib/asn1/gen_glue.c: new file. generates 2int and int2 functions 4022 and units for bit strings. 4023 4024 * admin/util.c: flags2int, int2flags, and flag_units are now 4025 generated by asn1_compile 4026 4027 * lib/roken/parse_units.c: generalised `parse_units' and 4028 `unparse_units' and added new functions `parse_flags' and 4029 `unparse_flags' that use these 4030 4031 * lib/krb5/krb5_locl.h: moved krb5_data* functions to krb5.h 4032 4033 * admin/util.c: Use {un,}parse_flags for printing and parsing 4034 hdbflags. 4035 4036Thu Aug 28 03:26:12 1997 Assar Westerlund <assar@sics.se> 4037 4038 * lib/krb5/get_addrs.c: restructured 4039 4040 * lib/krb5/warn.c (_warnerr): leak less memory 4041 4042 * lib/hdb/hdb.c (hdb_free_entry): zero keys 4043 (hdb_check_db_format): leak less memory 4044 4045 * lib/hdb/ndbm.c (NDBM_seq): check for valid hdb_entries implement 4046 NDBM__get, NDBM__put 4047 4048 * lib/hdb/db.c (DB_seq): check for valid hdb_entries 4049 4050Thu Aug 28 02:06:58 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4051 4052 * lib/krb5/send_to_kdc.c: Don't use sendto on connected sockets. 4053 4054Thu Aug 28 01:13:17 1997 Assar Westerlund <assar@sics.se> 4055 4056 * kuser/kinit.1, klist.1, kdestroy.1: new man pages 4057 4058 * kpasswd/kpasswd.1, kpasswdd.8: new man pages 4059 4060 * kdc/kstash.8, hprop.8, hpropd.8: new man pages 4061 4062 * admin/ktutil.8, admin/kdb_edit.8: new man pages 4063 4064 * admin/mod.c: new file 4065 4066 * admin/life.c: renamed gettime and puttime to getlife and putlife 4067 and moved them to life.c 4068 4069 * admin/util.c: add print_flags, parse_flags, init_entry, 4070 set_created_by, set_modified_by, edit_entry, set_password. Use 4071 them. 4072 4073 * admin/get.c: use print_flags 4074 4075 * admin: removed unused stuff. use krb5_{warn,err}* 4076 4077 * admin/ank.c: re-organized and abstracted. 4078 4079 * admin/gettime.c: removed 4080 4081Thu Aug 28 00:37:39 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4082 4083 * lib/krb5/{get_cred,get_in_tkt}.c: Check for v4 reply. 4084 4085 * lib/roken/base64.c: Add base64 functions. 4086 4087 * kdc/connect.c lib/krb5/send_to_kdc.c: Add http support. 4088 4089Wed Aug 27 00:29:20 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4090 4091 * include/Makefile.am: Don't make links to built files. 4092 4093 * admin/kdb_edit.c: Add command to set the database path. 4094 4095 * lib/hdb: Include version number in database. 4096 4097Tue Aug 26 20:14:54 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4098 4099 * admin/ktutil: Merged v4 srvtab conversion. 4100 4101Mon Aug 25 23:02:18 1997 Assar Westerlund <assar@sics.se> 4102 4103 * lib/roken/roken.h: add F_OK 4104 4105 * lib/gssapi/acquire_creds.c: fix typo 4106 4107 * configure.in: call AC_TYPE_MODE_T 4108 4109 * acinclude.m4: Add AC_TYPE_MODE_T 4110 4111Sun Aug 24 16:46:53 1997 Assar Westerlund <assar@sics.se> 4112 4113 * Release 0.0f 4114 4115Sun Aug 24 08:06:54 1997 Assar Westerlund <assar@sics.se> 4116 4117 * appl/popper/pop_pass.c: log poppers 4118 4119 * kdc/kaserver.c: some more checks 4120 4121 * kpasswd/kpasswd.c: removed `-p' 4122 4123 * kuser/kinit.c: removed `-p' 4124 4125 * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): If 4126 KDC_ERR_PREUATH_REQUIRED, add preauthentication and try again. 4127 4128 * lib/krb5/get_in_tkt.c (krb5_get_in_cred): don't print out 4129 krb-error text 4130 4131 * lib/gssapi/import_name.c (input_name): more names types. 4132 4133 * admin/load.c (parse_keys): handle the case of an empty salt 4134 4135 * kdc/kaserver.c: fix up memory deallocation 4136 4137 * kdc/kaserver.c: quick hack at talking kaserver protocol 4138 4139 * kdc/kerberos4.c: Make `db-fetch4' global 4140 4141 * configure.in: add --enable-kaserver 4142 4143 * kdc/rx.h, kdc/kerberos4.h: new header files 4144 4145 * lib/krb5/principal.c: fix krb5_build_principal_ext & c:o 4146 4147Sun Aug 24 03:52:44 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4148 4149 * lib/krb5/{get_in_tkt,mk_safe,mk_priv}.c: Fix some Cray specific 4150 type conflicts. 4151 4152 * lib/krb5/{get_cred,get_in_tkt}.c: Mask nonce to 32 bits. 4153 4154 * lib/des/{md4,md5,sha}.c: Now works on Crays. 4155 4156Sat Aug 23 18:15:01 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4157 4158 * appl/afsutil/afslog.c: If no cells or files specified, get 4159 tokens for all local cells. Better test for files. 4160 4161Thu Aug 21 23:33:38 1997 Assar Westerlund <assar@sics.se> 4162 4163 * lib/gssapi/v1.c: new file with v1 compatibility functions. 4164 4165Thu Aug 21 20:36:13 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4166 4167 * lib/kafs/afskrb5.c: Don't check ticket file for afs ticket. 4168 4169 * kdc/kerberos4.c: Check database when converting v4 principals. 4170 4171 * kdc/kerberos5.c: Include kvno in Ticket. 4172 4173 * lib/krb5/encrypt.c: Add kvno parameter to encrypt_EncryptedData. 4174 4175 * kuser/klist.c: Print version number of ticket, include more 4176 flags. 4177 4178Wed Aug 20 21:26:58 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4179 4180 * lib/kafs/afskrb5.c (get_cred): Check cached afs tickets for 4181 expiration. 4182 4183Wed Aug 20 17:40:31 1997 Assar Westerlund <assar@sics.se> 4184 4185 * lib/krb5/recvauth.c (krb5_recvauth): Send a KRB-ERROR iff 4186 there's an error. 4187 4188 * lib/krb5/sendauth.c (krb5_sendauth): correct the protocol 4189 documentation and process KRB-ERROR's 4190 4191Tue Aug 19 20:41:30 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4192 4193 * kdc/kerberos4.c: Fix memory leak in v4 protocol handler. 4194 4195Mon Aug 18 05:15:09 1997 Assar Westerlund <assar@sics.se> 4196 4197 * lib/gssapi/accept_sec_context.c: Added 4198 `gsskrb5_register_acceptor_identity' 4199 4200Sun Aug 17 01:40:20 1997 Assar Westerlund <assar@sics.se> 4201 4202 * lib/gssapi/accept_sec_context.c (gss_accept_sec_context): don't 4203 always pass server == NULL to krb5_rd_req. 4204 4205 * lib/gssapi: new files: canonicalize_name.c export_name.c 4206 context_time.c compare_name.c release_cred.c acquire_cred.c 4207 inquire_cred.c, from Luke Howard <lukeh@xedoc.com.au> 4208 4209 * lib/krb5/config_file.c: Add netinfo support from Luke Howard 4210 <lukeh@xedoc.com.au> 4211 4212 * lib/editline/sysunix.c: sgtty-support from Luke Howard 4213 <lukeh@xedoc.com.au> 4214 4215 * lib/krb5/principal.c: krb5_sname_to_principal fix from Luke 4216 Howard <lukeh@xedoc.com.au> 4217 4218Sat Aug 16 00:44:47 1997 Assar Westerlund <assar@koi.pdc.kth.se> 4219 4220 * Release 0.0e 4221 4222Sat Aug 16 00:23:46 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4223 4224 * appl/afsutil/afslog.c: Use new libkafs. 4225 4226 * lib/kafs/afskrb5.c: Get AFS tokens via 524 protocol. 4227 4228 * lib/krb5/warn.c: Fix format string for *x type. 4229 4230Fri Aug 15 22:15:01 1997 Assar Westerlund <assar@sics.se> 4231 4232 * admin/get.c (get_entry): print more information about the entry 4233 4234 * lib/des/Makefile.am: build destest, mdtest, des, rpw, speed 4235 4236 * lib/krb5/config_file.c: new functions `krb5_config_get_time' and 4237 `krb5_config_vget_time'. Use them. 4238 4239Fri Aug 15 00:09:37 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4240 4241 * admin/ktutil.c: Keytab manipulation program. 4242 4243 * lib/krb5/keytab.c: Return sane values from resolve and 4244 start_seq_get. 4245 4246 * kdc/kerberos5.c: Fix for old clients passing 0 for `no endtime'. 4247 4248 * lib/45/get_ad_tkt.c: Kerberos 4 get_ad_tkt using 4249 krb524_convert_creds_kdc. 4250 4251 * lib/krb5/convert_creds.c: Implementation of 4252 krb524_convert_creds_kdc. 4253 4254 * lib/asn1/k5.asn1: Make kdc-req-body.till OPTIONAL 4255 4256 * kdc/524.c: A somewhat working 524-protocol module. 4257 4258 * kdc/kerberos4.c: Add version 4 ticket encoding and encryption 4259 functions. 4260 4261 * lib/krb5/context.c: Fix kdc_timeout. 4262 4263 * lib/hdb/{ndbm,db}.c: Free name in close. 4264 4265 * kdc/kerberos5.c (tgs_check_autenticator): Return error code 4266 4267Thu Aug 14 21:29:03 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4268 4269 * kdc/kerberos5.c (tgs_make_reply): Fix endtime in reply. 4270 4271 * lib/krb5/store_emem.c: Fix reallocation bug. 4272 4273Tue Aug 12 01:29:46 1997 Assar Westerlund <assar@sics.se> 4274 4275 * appl/telnet/libtelnet/kerberos5.c, appl/popper/pop_init.c: Use 4276 `krb5_sock_to_principal'. Send server parameter to 4277 krb5_rd_req/krb5_recvauth. Set addresses in auth_context. 4278 4279 * lib/krb5/recvauth.c: Set addresses in auth_context if there 4280 aren't any 4281 4282 * lib/krb5/auth_context.c: New function 4283 `krb5_auth_con_setaddrs_from_fd' 4284 4285 * lib/krb5/sock_principal.c: new function 4286 `krb5_sock_to_principal' 4287 4288 * lib/krb5/time.c: new file with `krb5_timeofday' and 4289 `krb5_us_timeofday'. Use these functions. 4290 4291 * kuser/klist.c: print KDC offset iff verbose 4292 4293 * lib/krb5/get_in_tkt.c: implement KDC time offset and use it if 4294 [libdefaults]kdc_timesync is set. 4295 4296 * lib/krb5/fcache.c: Implement version 4 of the ccache format. 4297 4298Mon Aug 11 05:34:43 1997 Assar Westerlund <assar@sics.se> 4299 4300 * lib/krb5/rd_rep.c (krb5_free_ap_rep_enc_part): free all memory 4301 4302 * lib/krb5/principal.c (krb5_unparse_name): allocate memory 4303 properly 4304 4305 * kpasswd/kpasswd.c: Use `krb5_change_password' 4306 4307 * lib/krb5/init_creds_pw.c (init_cred): set realm of server 4308 correctly. 4309 4310 * lib/krb5/init_creds_pw.c: support changing of password when it 4311 has expired 4312 4313 * lib/krb5/changepw.c: new file 4314 4315 * kuser/klist.c: use getarg 4316 4317 * admin/init.c (init): add `kadmin/changepw' 4318 4319Mon Aug 11 04:30:47 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4320 4321 * lib/krb5/get_cred.c: Make get_credentials handle cross-realm. 4322 4323Mon Aug 11 00:03:24 1997 Assar Westerlund <assar@sics.se> 4324 4325 * lib/krb5/config_file.c: implement support for #-comments 4326 4327Sat Aug 9 02:21:46 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4328 4329 * kdc/hprop*.c: Add database propagation programs. 4330 4331 * kdc/connect.c: Max request size. 4332 4333Sat Aug 9 00:47:28 1997 Assar Westerlund <assar@sics.se> 4334 4335 * lib/otp: resurrected from krb4 4336 4337 * appl/push: new program for fetching mail with POP. 4338 4339 * appl/popper/popper.h: new include files. new fields in `POP' 4340 4341 * appl/popper/pop_pass.c: Implement both v4 and v5. 4342 4343 * appl/popper/pop_init.c: Implement both v4 and v5. 4344 4345 * appl/popper/pop_debug.c: use getarg. Talk both v4 and v5 4346 4347 * appl/popper: Popper from krb4. 4348 4349 * configure.in: check for inline and <netinet/tcp.h> generate 4350 files in appl/popper, appl/push, and lib/otp 4351 4352Fri Aug 8 05:51:02 1997 Assar Westerlund <assar@sics.se> 4353 4354 * lib/krb5/get_cred.c: clean-up and try to free memory even when 4355 there're errors 4356 4357 * lib/krb5/get_cred.c: adapt to new `extract_ticket' 4358 4359 * lib/krb5/get_in_tkt.c: reorganize. check everything and try to 4360 return memory even if there are errors. 4361 4362 * kuser/kverify.c: new file 4363 4364 * lib/krb5/free_host_realm.c: new file 4365 4366 * lib/krb5/principal.c (krb5_sname_to_principal): implement 4367 different nametypes. Also free memory. 4368 4369 * lib/krb5/verify_init.c: more functionality 4370 4371 * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): free the checksum 4372 4373 * lib/krb5/get_in_tkt.c (extract_ticket): don't copy over the 4374 principals in creds. Should also compare them with that received 4375 from the KDC 4376 4377 * lib/krb5/cache.c (krb5_cc_gen_new): copy the newly allocated 4378 krb5_ccache 4379 (krb5_cc_destroy): call krb5_cc_close 4380 (krb5_cc_retrieve_cred): delete the unused creds 4381 4382Fri Aug 8 02:30:40 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4383 4384 * lib/krb5/log.c: Allow better control of destinations of logging 4385 (like passing explicit destinations, and log-functions). 4386 4387Fri Aug 8 01:20:39 1997 Assar Westerlund <assar@sics.se> 4388 4389 * lib/krb5/get_default_principal.c: new file 4390 4391 * kpasswd/kpasswdd.c: use krb5_log* 4392 4393Fri Aug 8 00:37:47 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4394 4395 * lib/krb5/init_creds_pw.c: Implement krb5_get_init_creds_keytab. 4396 4397Fri Aug 8 00:37:17 1997 Assar Westerlund <assar@sics.se> 4398 4399 * lib/krb5/init_creds_pw.c: Use `krb5_get_default_principal'. 4400 Print password expire information. 4401 4402 * kdc/config.c: new variable `kdc_warn_pwexpire' 4403 4404 * kpasswd/kpasswd.c: converted to getarg and get_init_creds 4405 4406Thu Aug 7 22:17:09 1997 Assar Westerlund <assar@sics.se> 4407 4408 * lib/krb5/mcache.c: new file 4409 4410 * admin/gettime.c: new function puttime. Use it. 4411 4412 * lib/krb5/keyblock.c: Added krb5_free_keyblock and 4413 krb5_copy_keyblock 4414 4415 * lib/krb5/init_creds_pw.c: more functionality 4416 4417 * lib/krb5/creds.c: Added krb5_free_creds_contents and 4418 krb5_copy_creds. Changed callers. 4419 4420 * lib/krb5/config_file.c: new functions krb5_config_get and 4421 krb5_config_vget 4422 4423 * lib/krb5/cache.c: cleanup added mcache 4424 4425 * kdc/kerberos5.c: include last-req's of type 6 and 7, if 4426 applicable 4427 4428Wed Aug 6 20:38:23 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4429 4430 * lib/krb5/log.c: New parameter `log-level'. Default to `SYSLOG'. 4431 4432Tue Aug 5 22:53:54 1997 Assar Westerlund <assar@sics.se> 4433 4434 * lib/krb5/verify_init.c, init_creds_pw.c, init_creds.c, 4435 prompter_posix.c: the beginning of an implementation of the cygnus 4436 initial-ticket API. 4437 4438 * lib/krb5/get_in_tkt_pw.c: make `krb5_password_key_proc' global 4439 4440 * lib/krb5/get_in_tkt.c (krb5_get_in_cred): new function that is 4441 almost krb5_get_in_tkt but doesn't write the creds to the ccache. 4442 Small fixes in krb5_get_in_tkt 4443 4444 * lib/krb5/get_addrs.c (krb5_get_all_client_addrs): don't include 4445 loopback. 4446 4447Mon Aug 4 20:20:48 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4448 4449 * kdc: Make context global. 4450 4451Fri Aug 1 17:23:56 1997 Assar Westerlund <assar@sics.se> 4452 4453 * Release 0.0d 4454 4455 * lib/roken/flock.c: new file 4456 4457 * kuser/kinit.c: check for and print expiry information in the 4458 `kdc_rep' 4459 4460 * lib/krb5/get_in_tkt.c: Set `ret_as_reply' if != NULL 4461 4462 * kdc/kerberos5.c: Check the valid times on client and server. 4463 Check the password expiration. 4464 Check the require_preauth flag. 4465 Send an lr_type == 6 with pw_end. 4466 Set key.expiration to min(valid_end, pw_end) 4467 4468 * lib/hdb/hdb.asn1: new flags `require_preauth' and `change_pw' 4469 4470 * admin/util.c, admin/load.c: handle the new flags. 4471 4472Fri Aug 1 16:56:12 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4473 4474 * lib/hdb: Add some simple locking. 4475 4476Sun Jul 27 04:44:31 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4477 4478 * lib/krb5/log.c: Add some general logging functions. 4479 4480 * kdc/kerberos4.c: Add version 4 protocol handler. The requrement 4481 for this to work is that all involved principals has a des key in 4482 the database, and that the client has a version 4 (un-)salted 4483 key. Furthermore krb5_425_conv_principal has to do it's job, as 4484 present it's not very clever. 4485 4486 * lib/krb5/principal.c: Quick patch to make 425_conv work 4487 somewhat. 4488 4489 * lib/hdb/hdb.c: Add keytype->key and next key functions. 4490 4491Fri Jul 25 17:32:12 1997 Assar Westerlund <assar@sics.se> 4492 4493 * lib/krb5/build_auth.c (krb5_build_authenticator): don't free 4494 `cksum'. It's allocated and freed by the caller 4495 4496 * lib/krb5/get_cred.c (krb5_get_kdc_cred): Don't free `addresses'. 4497 4498 * kdc/kerberos5.c (tgs_rep2): make sure we also have an defined 4499 `client' to return as part of the KRB-ERROR 4500 4501Thu Jul 24 08:13:59 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4502 4503 * kdc/kerberos5.c: Unseal keys from database before use. 4504 4505 * kdc/misc.c: New functions set_master_key, unseal_key and 4506 free_key. 4507 4508 * lib/roken/getarg.c: Handle `-f arg' correctly. 4509 4510Thu Jul 24 01:54:43 1997 Assar Westerlund <assar@sics.se> 4511 4512 * kuser/kinit.c: implement `-l' aka `--lifetime' 4513 4514 * lib/roken/parse_units.c, parse_time.c: new files 4515 4516 * admin/gettime.c (gettime): use `parse_time' 4517 4518 * kdc/kerberos5.c (as_rep): Use `METHOD-DATA' when sending 4519 KRB5KDC_ERR_PREAUTH_REQUIRED, not PA-DATA. 4520 4521 * kpasswd/kpasswdd.c: fix freeing bug use sequence numbers set 4522 addresses in auth_context bind one socket per interface. 4523 4524 * kpasswd/kpasswd.c: use sequence numbers 4525 4526 * lib/krb5/rd_req.c (krb5_verify_ap_req): do abs when verifying 4527 the timestamps 4528 4529 * lib/krb5/rd_priv.c (krb5_rd_priv): Fetch the correct session key 4530 from auth_context 4531 4532 * lib/krb5/mk_priv.c (krb5_mk_priv): Fetch the correct session key 4533 from auth_context 4534 4535 * lib/krb5/mk_error.c (krb5_mk_error): return an error number and 4536 not a comerr'd number. 4537 4538 * lib/krb5/get_in_tkt.c (krb5_get_in_tkt): interpret the error 4539 number in KRB-ERROR correctly. 4540 4541 * lib/krb5/get_cred.c (krb5_get_kdc_cred): interpret the error 4542 number in KRB-ERROR correctly. 4543 4544 * lib/asn1/k5.asn1: Add `METHOD-DATA' 4545 4546 * removed some memory leaks. 4547 4548Wed Jul 23 07:53:18 1997 Assar Westerlund <assar@sics.se> 4549 4550 * Release 0.0c 4551 4552 * lib/krb5/rd_cred.c, get_for_creds.c: new files 4553 4554 * lib/krb5/get_host_realm.c: try default realm as last chance 4555 4556 * kpasswd/kpasswdd.c: updated to hdb changes 4557 4558 * appl/telnet/libtelnet/kerberos5.c: Implement forwarding 4559 4560 * appl/telnet/libtelnet: removed totally unused files 4561 4562 * admin/ank.c: fix prompts and generation of random keys 4563 4564Wed Jul 23 04:02:32 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4565 4566 * admin/dump.c: Include salt in dump. 4567 4568 * admin: Mostly updated for new db-format. 4569 4570 * kdc/kerberos5.c: Update to use new db format. Better checking of 4571 flags and such. More logging. 4572 4573 * lib/hdb/hdb.c: Use generated encode and decode functions. 4574 4575 * lib/hdb/hdb.h: Get hdb_entry from ASN.1 generated code. 4576 4577 * lib/krb5/get_cred.c: Get addresses from krbtgt if there are none 4578 in the reply. 4579 4580Sun Jul 20 16:22:30 1997 Assar Westerlund <assar@sics.se> 4581 4582 * kuser/kinit.c: break if des_read_pw_string() != 0 4583 4584 * kpasswd/kpasswdd.c: send a reply 4585 4586 * kpasswd/kpasswd.c: restructured code. better report on 4587 krb-error break if des_read_pw_string() != 0 4588 4589 * kdc/kerberos5.c: Check `require_enc_timestamp' malloc space for 4590 starttime and renew_till 4591 4592 * appl/telnet/libtelnet/kerberos5.c (kerberos5_is): Send a 4593 keyblock to krb5_verify_chekcsum 4594 4595Sun Jul 20 06:35:46 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4596 4597 * Release 0.0b 4598 4599 * kpasswd/kpasswd.c: Avoid using non-standard struct names. 4600 4601Sat Jul 19 19:26:23 1997 Assar Westerlund <assar@sics.se> 4602 4603 * lib/krb5/keytab.c (krb5_kt_get_entry): check return from 4604 `krb5_kt_start_seq_get'. From <map@stacken.kth.se> 4605 4606Sat Jul 19 04:07:39 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4607 4608 * lib/asn1/k5.asn1: Update with more pa-data types from 4609 draft-ietf-cat-kerberos-revisions-00.txt 4610 4611 * admin/load.c: Update to match current db-format. 4612 4613 * kdc/kerberos5.c (as_rep): Try all valid pa-datas before giving 4614 up. Send back an empty pa-data if the client has the v4 flag set. 4615 4616 * lib/krb5/get_in_tkt.c: Pass both version5 and version4 salted 4617 pa-data. DTRT if there is any pa-data in the reply. 4618 4619 * lib/krb5/str2key.c: XOR with some sane value. 4620 4621 * lib/hdb/hdb.h: Add `version 4 salted key' flag. 4622 4623 * kuser/kinit.c: Ask for password before calling get_in_tkt. This 4624 makes it possible to call key_proc more than once. 4625 4626 * kdc/string2key.c: Add flags to output version 5 (DES only), 4627 version 4, and AFS string-to-key of a password. 4628 4629 * lib/asn1/gen_copy.c: copy_* functions now returns an int (0 or 4630 ENOMEM). 4631 4632Fri Jul 18 02:54:58 1997 Assar Westerlund <assar@sics.se> 4633 4634 * lib/krb5/get_host_realm.c (krb5_get_host_realm): do the 4635 name2name thing 4636 4637 * kdc/misc.c: check result of hdb_open 4638 4639 * admin/kdb_edit: updated to new sl 4640 4641 * lib/sl: sl_func now returns an int. != 0 means to exit. 4642 4643 * kpasswd/kpasswdd: A crude (but somewhat working) implementation 4644 of `draft-ietf-cat-kerb-chg-password-00.txt' 4645 4646Fri Jul 18 00:55:39 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4647 4648 * kuser/krenew.c: Crude ticket renewing program. 4649 4650 * kdc/kerberos5.c: Rewritten flags parsing, it now might work to 4651 get forwarded and renewed tickets. 4652 4653 * kuser/kinit.c: Add `-r' flag. 4654 4655 * lib/krb5/get_cred.c: Move most of contents of get_creds to new 4656 function get_kdc_cred, that always contacts the kdc and doesn't 4657 save in the cache. This is a hack. 4658 4659 * lib/krb5/get_in_tkt.c: Pass starttime and renew_till in request 4660 (a bit kludgy). 4661 4662 * lib/krb5/mk_req_ext.c: Make an auth_context if none passed in. 4663 4664 * lib/krb5/send_to_kdc.c: Get timeout from context. 4665 4666 * lib/krb5/context.c: Add kdc_timeout to context struct. 4667 4668Thu Jul 17 20:35:45 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4669 4670 * kuser/klist.c: Print start time of ticket if available. 4671 4672 * lib/krb5/get_host_realm.c: Return error if no realm was found. 4673 4674Thu Jul 17 20:28:21 1997 Assar Westerlund <assar@sics.se> 4675 4676 * kpasswd: non-working kpasswd added 4677 4678Thu Jul 17 00:21:22 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4679 4680 * Release 0.0a 4681 4682 * kdc/main.c: Add -p flag to disable pa-enc-timestamp requirement. 4683 4684Wed Jul 16 03:37:41 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4685 4686 * kdc/kerberos5.c (tgs_rep2): Free ticket and ap_req. 4687 4688 * lib/krb5/auth_context.c (krb5_auth_con_free): Free remote 4689 subkey. 4690 4691 * lib/krb5/principal.c (krb5_free_principal): Check for NULL. 4692 4693 * lib/krb5/send_to_kdc.c: Check for NULL return from 4694 gethostbyname. 4695 4696 * lib/krb5/set_default_realm.c: Try to get realm of local host if 4697 no default realm is available. 4698 4699 * Remove non ASN.1 principal code. 4700 4701Wed Jul 16 03:17:30 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4702 4703 * kdc/kerberos5.c: Split tgs_rep in smaller functions. Add better 4704 error handing. Do some logging. 4705 4706 * kdc/log.c: Some simple logging facilities. 4707 4708 * kdc/misc.c (db_fetch): Take a krb5_principal. 4709 4710 * kdc/connect.c: Pass address of request to as_rep and 4711 tgs_rep. Send KRB-ERROR. 4712 4713 * lib/krb5/mk_error.c: Add more fields. 4714 4715 * lib/krb5/get_cred.c: Print normal error code if no e_text is 4716 available. 4717 4718Wed Jul 16 03:07:50 1997 Assar Westerlund <assar@sics.se> 4719 4720 * lib/krb5/get_in_tkt.c: implement `krb5_init_etype'. 4721 Change encryption type of pa_enc_timestamp to DES-CBC-MD5 4722 4723 * lib/krb5/context.c: recognize all encryption types actually 4724 implemented 4725 4726 * lib/krb5/auth_context.c (krb5_auth_con_init): Change default 4727 encryption type to `DES_CBC_MD5' 4728 4729 * lib/krb5/read_message.c, write_message.c: new files 4730 4731Tue Jul 15 17:14:21 1997 Assar Westerlund <assar@sics.se> 4732 4733 * lib/asn1: replaced asn1_locl.h by `der_locl.h' and `gen_locl.h'. 4734 4735 * lib/error/compile_et.awk: generate a prototype for the 4736 `destroy_foo_error_table' function. 4737 4738Mon Jul 14 12:24:40 1997 Assar Westerlund <assar@sics.se> 4739 4740 * lib/krb5/krbhst.c (krb5_get_krbhst): Get all kdc's and try also 4741 with `kerberos.REALM' 4742 4743 * kdc/kerberos5.c, lib/krb5/rd_priv.c, lib/krb5/rd_safe.c: use 4744 `max_skew' 4745 4746 * lib/krb5/rd_req.c (krb5_verify_ap_req): record authenticator 4747 subkey 4748 4749 * lib/krb5/build_auth.c (krb5_build_authenticator): always 4750 generate a subkey. 4751 4752 * lib/krb5/address.c: implement `krb5_address_order' 4753 4754 * lib/gssapi/import_name.c: Implement `gss_import_name' 4755 4756 * lib/gssapi/external.c: Use new OID 4757 4758 * lib/gssapi/encapsulate.c: New functions 4759 `gssapi_krb5_encap_length' and `gssapi_krb5_make_header'. Changed 4760 callers. 4761 4762 * lib/gssapi/decapsulate.c: New function 4763 `gssaspi_krb5_verify_header'. Changed callers. 4764 4765 * lib/asn1/gen*.c: Give tags to generated structs. 4766 Use `err' and `asprintf' 4767 4768 * appl/test/gss_common.c: new file 4769 4770 * appl/test/gssapi_server.c: removed all krb5 calls 4771 4772 * appl/telnet/libtelnet/kerberos5.c: Add support for genering and 4773 verifying checksums. Also start using session subkeys. 4774 4775Mon Jul 14 12:08:25 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4776 4777 * lib/krb5/rd_req.c (krb5_rd_req_with_keyblock): Split up. 4778 4779Sun Jul 13 03:07:44 1997 Assar Westerlund <assar@sics.se> 4780 4781 * lib/krb5/rd_safe.c, mk_safe.c: made bug-compatible with MIT 4782 4783 * lib/krb5/encrypt.c: new functions `DES_encrypt_null_ivec' and 4784 `DES_encrypt_key_ivec' 4785 4786 * lib/krb5/checksum.c: implement rsa-md4-des and rsa-md5-des 4787 4788 * kdc/kerberos5.c (tgs_rep): support keyed checksums 4789 4790 * lib/krb5/creds.c: new file 4791 4792 * lib/krb5/get_in_tkt.c: better freeing 4793 4794 * lib/krb5/context.c (krb5_free_context): more freeing 4795 4796 * lib/krb5/config_file.c: New function `krb5_config_file_free' 4797 4798 * lib/error/compile_et.awk: Generate a `destroy_' function. 4799 4800 * kuser/kinit.c, klist.c: Don't leak memory. 4801 4802Sun Jul 13 02:46:27 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4803 4804 * kdc/connect.c: Check filedescriptor in select. 4805 4806 * kdc/kerberos5.c: Remove most of the most common memory leaks. 4807 4808 * lib/krb5/rd_req.c: Free allocated data. 4809 4810 * lib/krb5/auth_context.c (krb5_auth_con_free): Free a lot of 4811 fields. 4812 4813Sun Jul 13 00:32:16 1997 Assar Westerlund <assar@sics.se> 4814 4815 * appl/telnet: Conditionalize the krb4-support. 4816 4817 * configure.in: Test for krb4 4818 4819Sat Jul 12 17:14:12 1997 Assar Westerlund <assar@sics.se> 4820 4821 * kdc/kerberos5.c: check if the pre-auth was decrypted properly. 4822 set the `pre_authent' flag 4823 4824 * lib/krb5/get_cred.c, lib/krb5/get_in_tkt.c: generate a random nonce. 4825 4826 * lib/krb5/encrypt.c: Made `generate_random_block' global. 4827 4828 * appl/test: Added gssapi_client and gssapi_server. 4829 4830 * lib/krb5/data.c: Add `krb5_data_zero' 4831 4832 * appl/test/tcp_client.c: try `mk_safe' and `mk_priv' 4833 4834 * appl/test/tcp_server.c: try `rd_safe' and `rd_priv' 4835 4836Sat Jul 12 16:45:58 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4837 4838 * lib/krb5/get_addrs.c: Fix for systems that has sa_len, but 4839 returns zero length from SIOCGIFCONF. 4840 4841Sat Jul 12 16:38:34 1997 Assar Westerlund <assar@sics.se> 4842 4843 * appl/test: new programs 4844 4845 * lib/krb5/rd_req.c: add address compare 4846 4847 * lib/krb5/mk_req_ext.c: allow no checksum 4848 4849 * lib/krb5/keytab.c (krb5_kt_ret_string): 0-terminate string 4850 4851 * lib/krb5/address.c: fix `krb5_address_compare' 4852 4853Sat Jul 12 15:03:16 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4854 4855 * lib/krb5/get_addrs.c: Fix ip4 address extraction. 4856 4857 * kuser/klist.c: Add verbose flag, and split main into smaller 4858 pieces. 4859 4860 * lib/krb5/fcache.c: Save ticket flags. 4861 4862 * lib/krb5/get_in_tkt.c (extract_ticket): Extract addresses and 4863 flags. 4864 4865 * lib/krb5/krb5.h: Add ticket_flags to krb5_creds. 4866 4867Sat Jul 12 13:12:48 1997 Assar Westerlund <assar@sics.se> 4868 4869 * configure.in: Call `AC_KRB_PROG_LN_S' 4870 4871 * acinclude.m4: Add `AC_KRB_PROG_LN_S' from krb4 4872 4873Sat Jul 12 00:57:01 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4874 4875 * lib/krb5/get_in_tkt.c: Use union of krb5_flags and KDCOptions to 4876 pass options. 4877 4878Fri Jul 11 15:04:22 1997 Assar Westerlund <assar@sics.se> 4879 4880 * appl/telnet: telnet & telnetd seems to be working. 4881 4882 * lib/krb5/config_file.c: Added krb5_config_v?get_list Fixed 4883 krb5_config_vget_next 4884 4885 * appl/telnet/libtelnet/kerberos5.c: update to current API 4886 4887Thu Jul 10 14:54:39 1997 Assar Westerlund <assar@sics.se> 4888 4889 * appl/telnet/libtelnet/kerberos5.c (kerberos5_status): call 4890 `krb5_kuserok' 4891 4892 * appl/telnet: Added. 4893 4894Thu Jul 10 05:09:25 1997 Johan Danielsson <joda@emma.pdc.kth.se> 4895 4896 * lib/error/compile_et.awk: Remove usage of sub, gsub, and 4897 functions for compatibility with awk. 4898 4899 * include/bits.c: Must use signed char. 4900 4901 * lib/krb5/context.c: Move krb5_get_err_text, and krb5_init_ets 4902 here. 4903 4904 * lib/error/error.c: Replace krb5_get_err_text with new function 4905 com_right. 4906 4907 * lib/error/compile_et.awk: Avoid using static variables. 4908 4909 * lib/error/error.c: Don't use krb5_locl.h 4910 4911 * lib/error/error.h: Move definitions of error_table and 4912 error_list from krb5.h. 4913 4914 * lib/error: Moved from lib/krb5. 4915 4916Wed Jul 9 07:42:04 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4917 4918 * lib/krb5/encrypt.c: Temporary hack to avoid des_rand_data. 4919 4920Wed Jul 9 06:58:00 1997 Assar Westerlund <assar@sics.se> 4921 4922 * lib/krb5/{rd,mk}_{*}.c: more checking for addresses and stuff 4923 according to pseudocode from 1510 4924 4925Wed Jul 9 06:06:06 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4926 4927 * lib/hdb/hdb.c: Add hdb_etype2key. 4928 4929 * kdc/kerberos5.c: Check authenticator. Use more general etype 4930 functions. 4931 4932Wed Jul 9 03:51:12 1997 Assar Westerlund <assar@sics.se> 4933 4934 * lib/asn1/k5.asn1: Made all `s_address' OPTIONAL according to 4935 draft-ietf-cat-kerberos-r-00.txt 4936 4937 * lib/krb5/principal.c (krb5_parse_name): default to local realm 4938 if none given 4939 4940 * kuser/kinit.c: New option `-p' and prompt 4941 4942Wed Jul 9 02:30:06 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4943 4944 * lib/krb5/keyblock.c: Keyblock generation functions. 4945 4946 * lib/krb5/encrypt.c: Use functions from checksum.c. 4947 4948 * lib/krb5/checksum.c: Move checksum functions here. Add 4949 krb5_cksumsize function. 4950 4951Wed Jul 9 01:15:38 1997 Assar Westerlund <assar@sics.se> 4952 4953 * lib/krb5/get_host_realm.c: implemented 4954 4955 * lib/krb5/config_file.c: Redid part. New functions: 4956 krb5_config_v?get_next 4957 4958 * kuser/kdestroy.c: new program 4959 4960 * kuser/kinit.c: new flag `-f' 4961 4962 * lib/asn1/k5.asn1: Made HostAddresses = SEQUENCE OF HostAddress 4963 4964 * acinclude.m4: Added AC_KRB_STRUCT_SOCKADDR_SA_LEN 4965 4966 * lib/krb5/krb5.h: krb5_addresses == HostAddresses. Changed all 4967 users. 4968 4969 * lib/krb5/get_addrs.c: figure out all local addresses, possibly 4970 even IPv6! 4971 4972 * lib/krb5/checksum.c: table-driven checksum 4973 4974Mon Jul 7 21:13:28 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4975 4976 * lib/krb5/encrypt.c: Make krb5_decrypt use the same struct as 4977 krb5_encrypt. 4978 4979Mon Jul 7 11:15:51 1997 Assar Westerlund <assar@sics.se> 4980 4981 * lib/roken/vsyslog.c: new file 4982 4983 * lib/krb5/encrypt.c: add des-cbc-md4. 4984 adjust krb5_encrypt and krb5_decrypt to reality 4985 4986Mon Jul 7 02:46:31 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 4987 4988 * lib/krb5/encrypt.c: Implement as a vector of function pointers. 4989 4990 * lib/krb5/{decrypt,encrypt}.c: Implement des-cbc-crc, and 4991 des-cbc-md5 in separate functions. 4992 4993 * lib/krb5/krb5.h: Add more checksum and encryption types. 4994 4995 * lib/krb5/krb5_locl.h: Add etype to krb5_decrypt. 4996 4997Sun Jul 6 23:02:59 1997 Assar Westerlund <assar@sics.se> 4998 4999 * lib/krb5/[gs]et_default_realm.c, kuserok.c: new files 5000 5001 * lib/krb5/config_file.[ch]: new c-based configuration reading 5002 stuff 5003 5004Wed Jul 2 23:12:56 1997 Assar Westerlund <assar@sics.se> 5005 5006 * configure.in: Set WFLAGS if using gcc 5007 5008Wed Jul 2 17:47:03 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5009 5010 * lib/asn1/der_put.c (der_put_int): Return size correctly. 5011 5012 * admin/ank.c: Be compatible with the asn1 principal format. 5013 5014Wed Jul 1 23:52:20 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5015 5016 * lib/asn1: Now all decode_* and encode_* functions now take a 5017 final size_t* argument, that they return the size in. Return 5018 values are zero for success, and anything else (such as some 5019 ASN1_* constant) for error. 5020 5021Mon Jun 30 06:08:14 1997 Assar Westerlund <assar@sics.se> 5022 5023 * lib/krb5/keytab.c (krb5_kt_add_entry): change open mode to 5024 O_WRONLY | O_APPEND 5025 5026 * lib/krb5/get_cred.c: removed stale prototype for 5027 `extract_ticket' and corrected call. 5028 5029 * lib/asn1/gen_length.c (length_type): Make the length functions 5030 for SequenceOf non-destructive 5031 5032 * admin/ank.c (doit): Fix reading of `y/n'. 5033 5034Mon Jun 16 05:41:43 1997 Assar Westerlund <assar@sics.se> 5035 5036 * lib/gssapi/wrap.c, unwrap.c: do encrypt and add sequence number 5037 5038 * lib/gssapi/get_mic.c, verify_mic.c: Add sequence number. 5039 5040 * lib/gssapi/accept_sec_context.c (gss_accept_sec_context): Set 5041 KRB5_AUTH_CONTEXT_DO_SEQUENCE. Verify 8003 checksum. 5042 5043 * lib/gssapi/8003.c: New file. 5044 5045 * lib/krb/krb5.h: Define a `krb_authenticator' as an ASN.1 5046 Authenticator. 5047 5048 * lib/krb5/auth_context.c: New functions 5049 `krb5_auth_setlocalseqnumber' and `krb5_auth_setremoteseqnumber' 5050 5051Tue Jun 10 00:35:54 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5052 5053 * lib/krb5: Preapre for use of some asn1-types. 5054 5055 * lib/asn1/*.c (copy_*): Constness. 5056 5057 * lib/krb5/krb5.h: Include asn1.h; krb5_data is now an 5058 octet_string. 5059 5060 * lib/asn1/der*,gen.c: krb5_data -> octet_string, char * -> 5061 general_string 5062 5063 * lib/asn1/libasn1.h: Moved stuff from asn1_locl.h that doesn't 5064 have anything to do with asn1_compile. 5065 5066 * lib/asn1/asn1_locl.h: Remove der.h. Add some prototypes. 5067 5068Sun Jun 8 03:51:55 1997 Assar Westerlund <assar@sics.se> 5069 5070 * kdc/kerberos5.c: Fix PA-ENC-TS-ENC 5071 5072 * kdc/connect.c(process_request): Set `new' 5073 5074 * lib/krb5/get_in_tkt.c: Do PA-ENC-TS-ENC the correct way. 5075 5076 * lib: Added editline,sl,roken. 5077 5078Mon Jun 2 00:37:48 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5079 5080 * lib/krb5/fcache.c: Move file cache from cache.c. 5081 5082 * lib/krb5/cache.c: Allow more than one cache type. 5083 5084Sun Jun 1 23:45:33 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5085 5086 * admin/extkeytab.c: Merged with kdb_edit. 5087 5088Sun Jun 1 23:23:08 1997 Assar Westerlund <assar@sics.se> 5089 5090 * kdc/kdc.c: more support for ENC-TS-ENC 5091 5092 * lib/krb5/get_in_tkt.c: redone to enable pre-authentication 5093 5094Sun Jun 1 22:45:11 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5095 5096 * lib/hdb/db.c: Merge fetch and store. 5097 5098 * admin: Merge to one program. 5099 5100 * lib/krb5/str2key.c: Fill in keytype and length. 5101 5102Sun Jun 1 16:31:23 1997 Assar Westerlund <assar@sics.se> 5103 5104 * lib/krb5/rd_safe.c, lib/krb5/rd_priv.c, lib/krb5/mk_rep.c, 5105 lib/krb5/mk_priv.c, lib/krb5/build_auth.c: Some support for 5106 KRB5_AUTH_CONTEXT_DO_SEQUENCE 5107 5108 * lib/krb5/get_in_tkt.c (get_in_tkt): be prepared to parse an 5109 KRB_ERROR. Some support for PA_ENC_TS_ENC. 5110 5111 * lib/krb5/auth_context.c: implemented seq_number functions 5112 5113 * lib/krb5/generate_subkey.c, generate_seq_number.c: new files 5114 5115 * lib/gssapi/gssapi.h: avoid including <krb5.h> 5116 5117 * lib/asn1/Makefile.am: SUFFIXES as a variable to make automake 5118 happy 5119 5120 * kdc/kdc.c: preliminary PREAUTH_ENC_TIMESTAMP 5121 5122 * configure.in: adapted to automake 1.1p 5123 5124Mon May 26 22:26:21 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5125 5126 * lib/krb5/principal.c: Add contexts to many functions. 5127 5128Thu May 15 20:25:37 1997 Johan Danielsson <joda@emma.pdc.kth.se> 5129 5130 * lib/krb5/verify_user.c: First stab at a verify user. 5131 5132 * lib/auth/sia/sia5.c: SIA module for Kerberos 5. 5133 5134Mon Apr 14 00:09:03 1997 Assar Westerlund <assar@sics.se> 5135 5136 * lib/gssapi: Enough of a gssapi-over-krb5 implementation to be 5137 able to (mostly) run gss-client and gss-server. 5138 5139 * lib/krb5/keytab.c: implemented krb5_kt_add_entry, 5140 krb5_kt_store_principal, krb5_kt_store_keyblock 5141 5142 * lib/des/md5.[ch], sha.[ch]: new files 5143 5144 * lib/asn1/der_get.c (generalizedtime2time): use `timegm' 5145 5146 * lib/asn1/timegm.c: new file 5147 5148 * admin/extkeytab.c: new program 5149 5150 * admin/admin_locl.h: new file 5151 5152 * admin/Makefile.am: Added extkeytab 5153 5154 * configure.in: moved config to include 5155 removed timezone garbage 5156 added lib/gssapi and admin 5157 5158 * Makefile.am: Added admin 5159 5160Mon Mar 17 11:34:05 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5161 5162 * kdc/kdc.c: Use new copying functions, and free some data. 5163 5164 * lib/asn1/Makefile.am: Try to not always rebuild generated files. 5165 5166 * lib/asn1/der_put.c: Add fix_dce(). 5167 5168 * lib/asn1/der_{get,length,put}.c: Fix include files. 5169 5170 * lib/asn1/der_free.c: Remove unused functions. 5171 5172 * lib/asn1/gen.c: Split into gen_encode, gen_decode, gen_free, 5173 gen_length, and gen_copy. 5174 5175Sun Mar 16 18:13:52 1997 Assar Westerlund <assar@sics.se> 5176 5177 * lib/krb5/sendauth.c: implemented functionality 5178 5179 * lib/krb5/rd_rep.c: Use `krb5_decrypt' 5180 5181 * lib/krb5/cache.c (krb5_cc_get_name): return default if `id' == 5182 NULL 5183 5184 * lib/krb5/principal.c (krb5_free_principal): added `context' 5185 argument. Changed all callers. 5186 5187 (krb5_sname_to_principal): new function 5188 5189 * lib/krb5/auth_context.c (krb5_free_authenticator): add `context' 5190 argument. Changed all callers 5191 5192 * lib/krb5/{net_write.c,net_read.c,recvauth.c}: new files 5193 5194 * lib/asn1/gen.c: Fix encoding and decoding of BitStrings 5195 5196Fri Mar 14 11:29:00 1997 Assar Westerlund <assar@sics.se> 5197 5198 * configure.in: look for *dbm? 5199 5200 * lib/asn1/gen.c: Fix filename in generated files. Check fopens. 5201 Put trailing newline in asn1_files. 5202 5203Fri Mar 14 05:06:44 1997 Johan Danielsson <joda@emma.pdc.kth.se> 5204 5205 * lib/krb5/get_in_tkt.c: Fix some memory leaks. 5206 5207 * lib/krb5/krbhst.c: Properly free hostlist. 5208 5209 * lib/krb5/decrypt.c: CRCs are 32 bits. 5210 5211Fri Mar 14 04:39:15 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5212 5213 * lib/asn1/gen.c: Generate one file for each type. 5214 5215Fri Mar 14 04:13:47 1997 Assar Westerlund <assar@sics.se> 5216 5217 * lib/asn1/gen.c: Generate `length_FOO' functions 5218 5219 * lib/asn1/der_length.c: new file 5220 5221 * kuser/klist.c: renamed stime -> printable_time to avoid conflict 5222 on HP/UX 5223 5224Fri Mar 14 03:37:23 1997 Johan Danielsson <joda@emma.pdc.kth.se> 5225 5226 * lib/hdb/ndbm.c: Return NOENTRY if fetch fails. Don't free 5227 datums. Don't add .db to filename. 5228 5229Fri Mar 14 02:49:51 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5230 5231 * kdc/dump.c: Database dump program. 5232 5233 * kdc/ank.c: Trivial database editing program. 5234 5235 * kdc/{kdc.c, load.c}: Use libhdb. 5236 5237 * lib/hdb: New database routine library. 5238 5239 * lib/krb5/error/Makefile.am: Add hdb_err. 5240 5241Wed Mar 12 17:41:14 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5242 5243 * kdc/kdc.c: Rewritten AS, and somewhat more working TGS support. 5244 5245 * lib/asn1/gen.c: Generate free functions. 5246 5247 * Some specific free functions. 5248 5249Wed Mar 12 12:30:13 1997 Assar Westerlund <assar@sics.se> 5250 5251 * lib/krb5/krb5_mk_req_ext.c: new file 5252 5253 * lib/asn1/gen.c: optimize the case with a simple type 5254 5255 * lib/krb5/get_cred.c (krb5_get_credentials): Use 5256 `mk_req_extended' and remove old code. 5257 5258 * lib/krb5/get_in_tkt.c (decrypt_tkt): First try with an 5259 EncASRepPart, then with an EncTGSRepPart. 5260 5261Wed Mar 12 08:26:04 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5262 5263 * lib/krb5/store_emem.c: New resizable memory storage. 5264 5265 * lib/krb5/{store.c, store_fd.c, store_mem.c}: Split of store.c 5266 5267 * lib/krb5/krb5.h: Add free entry to krb5_storage. 5268 5269 * lib/krb5/decrypt.c: Make keyblock const. 5270 5271Tue Mar 11 20:22:17 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5272 5273 * lib/krb5/krb5.h: Add EncTicketPart to krb5_ticket. 5274 5275 * lib/krb5/rd_req.c: Return whole asn.1 ticket in 5276 krb5_ticket->tkt. 5277 5278 * lib/krb5/get_in_tkt.c: TGS -> AS 5279 5280 * kuser/kfoo.c: Print error string rather than number. 5281 5282 * kdc/kdc.c: Some kind of non-working TGS support. 5283 5284Mon Mar 10 01:43:22 1997 Assar Westerlund <assar@sics.se> 5285 5286 * lib/asn1/gen.c: reduced generated code by 1/5 5287 5288 * lib/asn1/der_put.c: (der_put_length_and_tag): new function 5289 5290 * lib/asn1/der_get.c (der_match_tag_and_length): new function 5291 5292 * lib/asn1/der.h: added prototypes 5293 5294Mon Mar 10 01:15:43 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5295 5296 * lib/krb5/krb5.h: Include <asn1_err.h>. Add prototype for 5297 krb5_rd_req_with_keyblock. 5298 5299 * lib/krb5/rd_req.c: Add function krb5_rd_req_with_keyblock that 5300 takes a precomputed keyblock. 5301 5302 * lib/krb5/get_cred.c: Use krb5_mk_req rather than inlined code. 5303 5304 * lib/krb5/mk_req.c: Calculate checksum of in_data. 5305 5306Sun Mar 9 21:17:58 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5307 5308 * lib/krb5/error/compile_et.awk: Add a declaration of struct 5309 error_list, and multiple inclusion block to header files. 5310 5311Sun Mar 9 21:01:12 1997 Assar Westerlund <assar@sics.se> 5312 5313 * lib/krb5/rd_req.c: do some checks on times 5314 5315 * lib/krb/{mk_priv.c, rd_priv.c, sendauth.c, decrypt.c, 5316 address.c}: new files 5317 5318 * lib/krb5/auth_context.c: more code 5319 5320 * configure.in: try to figure out timezone 5321 5322Sat Mar 8 11:41:07 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5323 5324 * lib/krb5/error/error.c: Try strerror if error code wasn't found. 5325 5326 * lib/krb5/get_in_tkt.c: Remove realm parameter from 5327 krb5_get_salt. 5328 5329 * lib/krb5/context.c: Initialize error table. 5330 5331 * kdc: The beginnings of a kdc. 5332 5333Sat Mar 8 08:16:28 1997 Assar Westerlund <assar@sics.se> 5334 5335 * lib/krb5/rd_safe.c: new file 5336 5337 * lib/krb5/checksum.c (krb5_verify_checksum): New function 5338 5339 * lib/krb5/get_cred.c: use krb5_create_checksum 5340 5341 * lib/krb5/checksum.c: new file 5342 5343 * lib/krb5/store.c: no more arithmetic with void* 5344 5345 * lib/krb5/cache.c: now seems to work again 5346 5347Sat Mar 8 06:58:09 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5348 5349 * lib/krb5/Makefile.am: Add asn1_glue.c and error/*.c to libkrb5. 5350 5351 * lib/krb5/get_in_tkt.c: Moved some functions to asn1_glue.c. 5352 5353 * lib/krb5/asn1_glue.c: Moved some asn1-stuff here. 5354 5355 * lib/krb5/{cache,keytab}.c: Use new storage functions. 5356 5357 * lib/krb5/krb5.h: Protypes for new storage functions. 5358 5359 * lib/krb5/krb5.h: Make krb5_{ret,store}_* functions able to write 5360 data to more than file descriptors. 5361 5362Sat Mar 8 01:01:17 1997 Assar Westerlund <assar@sics.se> 5363 5364 * lib/krb5/encrypt.c: New file. 5365 5366 * lib/krb5/Makefile.am: More -I 5367 5368 * configure.in: Test for big endian, random, rand, setitimer 5369 5370 * lib/asn1/gen.c: perhaps even decodes bitstrings 5371 5372Thu Mar 6 19:05:29 1997 Johan Danielsson <joda@blubb.pdc.kth.se> 5373 5374 * lib/krb5/config_file.y: Better return values on error. 5375 5376Sat Feb 8 15:59:56 1997 Assar Westerlund <assar@pdc.kth.se> 5377 5378 * lib/asn1/parse.y: ifdef HAVE_STRDUP 5379 5380 * lib/asn1/lex.l: ifdef strdup 5381 brange-dead version of list of special characters to make stupid 5382 lex accept it. 5383 5384 * lib/asn1/gen.c: A DER integer should really be a `unsigned' 5385 5386 * lib/asn1/der_put.c: A DER integer should really be a `unsigned' 5387 5388 * lib/asn1/der_get.c: A DER integer should really be a `unsigned' 5389 5390 * lib/krb5/error/Makefile.am: It seems "$(SHELL) ./compile_et" is 5391 needed. 5392 5393 * lib/krb/mk_rep.c, lib/krb/rd_req.c, lib/krb/store.c, 5394 lib/krb/store.h: new files. 5395 5396 * lib/krb5/keytab.c: now even with some functionality. 5397 5398 * lib/asn1/gen.c: changed paramater from void * to Foo * 5399 5400 * lib/asn1/der_get.c (der_get_octet_string): Fixed bug with empty 5401 string. 5402 5403Sun Jan 19 06:17:39 1997 Assar Westerlund <assar@pdc.kth.se> 5404 5405 * lib/krb5/get_cred.c (krb5_get_credentials): Check for creds in 5406 cc before getting new ones. 5407 5408 * lib/krb5/krb5.h (krb5_free_keyblock): Fix prototype. 5409 5410 * lib/krb5/build_auth.c (krb5_build_authenticator): It seems the 5411 CRC should be stored LSW first. (?) 5412 5413 * lib/krb5/auth_context.c: Implement `krb5_auth_con_getkey' and 5414 `krb5_free_keyblock' 5415 5416 * lib/**/Makefile.am: Rename foo libfoo.a 5417 5418 * include/Makefile.in: Use test instead of [ 5419 -e does not work with /bin/sh on psoriasis 5420 5421 * configure.in: Search for awk 5422 create lib/krb/error/compile_et 5423 5424Tue Jan 14 03:46:26 1997 Assar Westerlund <assar@pdc.kth.se> 5425 5426 * lib/krb5/Makefile.am: replaced mit-crc.c by crc.c 5427 5428Wed Dec 18 00:53:55 1996 Johan Danielsson <joda@emma.pdc.kth.se> 5429 5430 * kuser/kinit.c: Guess principal. 5431 5432 * lib/krb5/error/compile_et.awk: Don't include krb5.h. Fix some 5433 warnings. 5434 5435 * lib/krb5/error/asn1_err.et: Add ASN.1 error messages. 5436 5437 * lib/krb5/mk_req.c: Get client from cache. 5438 5439 * lib/krb5/cache.c: Add better error checking some useful return 5440 values. 5441 5442 * lib/krb5/krb5.h: Fix krb5_auth_context. 5443 5444 * lib/asn1/der.h: Make krb5_data compatible with krb5.h 5445 5446Tue Dec 17 01:32:36 1996 Johan Danielsson <joda@emma.pdc.kth.se> 5447 5448 * lib/krb5/error: Add primitive error library. 5449 5450Mon Dec 16 16:30:20 1996 Johan Danielsson <joda@emma.pdc.kth.se> 5451 5452 * lib/krb5/cache.c: Get correct address type from cache. 5453 5454 * lib/krb5/krb5.h: Change int16 to int to be compatible with asn1. 5455 5456