14137ff4cSJacques Vidrine2001-10-31 Jacques Vidrine <n@nectar.com> 24137ff4cSJacques Vidrine 34137ff4cSJacques Vidrine * get_mic.c (mic_des3): MIC computation using DES3/SHA1 44137ff4cSJacques Vidrine was bogusly appending the message buffer to the result, 54137ff4cSJacques Vidrine overwriting a heap buffer in the process. 64137ff4cSJacques Vidrine 74137ff4cSJacques Vidrine2001-08-29 Assar Westerlund <assar@sics.se> 84137ff4cSJacques Vidrine 94137ff4cSJacques Vidrine * 8003.c (gssapi_krb5_verify_8003_checksum, 104137ff4cSJacques Vidrine gssapi_krb5_create_8003_checksum): make more consistent by always 114137ff4cSJacques Vidrine returning an gssapi error and setting minor status. update 124137ff4cSJacques Vidrine callers 134137ff4cSJacques Vidrine 144137ff4cSJacques Vidrine2001-08-28 Jacques Vidrine <n@nectar.com> 154137ff4cSJacques Vidrine 164137ff4cSJacques Vidrine * accept_sec_context.c: Create a cache for delegated credentials 174137ff4cSJacques Vidrine when needed. 184137ff4cSJacques Vidrine 194137ff4cSJacques Vidrine2001-08-28 Assar Westerlund <assar@sics.se> 204137ff4cSJacques Vidrine 214137ff4cSJacques Vidrine * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:4:2 224137ff4cSJacques Vidrine 234137ff4cSJacques Vidrine2001-08-23 Assar Westerlund <assar@sics.se> 244137ff4cSJacques Vidrine 254137ff4cSJacques Vidrine * *.c: handle minor_status more consistently 264137ff4cSJacques Vidrine 274137ff4cSJacques Vidrine * display_status.c (gss_display_status): handle krb5_get_err_text 284137ff4cSJacques Vidrine failing 294137ff4cSJacques Vidrine 304137ff4cSJacques Vidrine2001-08-15 Johan Danielsson <joda@pdc.kth.se> 314137ff4cSJacques Vidrine 324137ff4cSJacques Vidrine * gssapi_locl.h: fix prototype for gssapi_krb5_init 334137ff4cSJacques Vidrine 344137ff4cSJacques Vidrine2001-08-13 Johan Danielsson <joda@pdc.kth.se> 354137ff4cSJacques Vidrine 364137ff4cSJacques Vidrine * accept_sec_context.c (gsskrb5_register_acceptor_identity): init 374137ff4cSJacques Vidrine context and check return value from kt_resolve 384137ff4cSJacques Vidrine 394137ff4cSJacques Vidrine * init.c: return error code 404137ff4cSJacques Vidrine 414137ff4cSJacques Vidrine2001-07-19 Assar Westerlund <assar@sics.se> 424137ff4cSJacques Vidrine 434137ff4cSJacques Vidrine * Makefile.am (libgssapi_la_LDFLAGS): update to 3:3:2 444137ff4cSJacques Vidrine 454137ff4cSJacques Vidrine2001-07-12 Assar Westerlund <assar@sics.se> 464137ff4cSJacques Vidrine 474137ff4cSJacques Vidrine * Makefile.am (libgssapi_la_LIBADD): add required library 484137ff4cSJacques Vidrine dependencies 494137ff4cSJacques Vidrine 504137ff4cSJacques Vidrine2001-07-06 Assar Westerlund <assar@sics.se> 514137ff4cSJacques Vidrine 524137ff4cSJacques Vidrine * accept_sec_context.c (gsskrb5_register_acceptor_identity): set 534137ff4cSJacques Vidrine the keytab to be used for gss_acquire_cred too' 544137ff4cSJacques Vidrine 554137ff4cSJacques Vidrine2001-07-03 Assar Westerlund <assar@sics.se> 564137ff4cSJacques Vidrine 574137ff4cSJacques Vidrine * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:2:2 584137ff4cSJacques Vidrine 594137ff4cSJacques Vidrine2001-06-18 Assar Westerlund <assar@sics.se> 604137ff4cSJacques Vidrine 614137ff4cSJacques Vidrine * wrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey 624137ff4cSJacques Vidrine and gss_krb5_get_remotekey 634137ff4cSJacques Vidrine * verify_mic.c: update krb5_auth_con function names use 644137ff4cSJacques Vidrine gss_krb5_get_remotekey 654137ff4cSJacques Vidrine * unwrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey 664137ff4cSJacques Vidrine and gss_krb5_get_remotekey 674137ff4cSJacques Vidrine * gssapi_locl.h (gss_krb5_get_remotekey, gss_krb5_get_localkey): 684137ff4cSJacques Vidrine add prototypes 694137ff4cSJacques Vidrine * get_mic.c: update krb5_auth_con function names. use 704137ff4cSJacques Vidrine gss_krb5_get_localkey 714137ff4cSJacques Vidrine * accept_sec_context.c: update krb5_auth_con function names 724137ff4cSJacques Vidrine 73adb0ddaeSAssar Westerlund2001-05-17 Assar Westerlund <assar@sics.se> 74adb0ddaeSAssar Westerlund 75adb0ddaeSAssar Westerlund * Makefile.am: bump version to 3:1:2 76adb0ddaeSAssar Westerlund 77adb0ddaeSAssar Westerlund2001-05-14 Assar Westerlund <assar@sics.se> 78adb0ddaeSAssar Westerlund 79adb0ddaeSAssar Westerlund * address_to_krb5addr.c: adapt to new address functions 80adb0ddaeSAssar Westerlund 81adb0ddaeSAssar Westerlund2001-05-11 Assar Westerlund <assar@sics.se> 82adb0ddaeSAssar Westerlund 83adb0ddaeSAssar Westerlund * try to return the error string from libkrb5 where applicable 84adb0ddaeSAssar Westerlund 85adb0ddaeSAssar Westerlund2001-05-08 Assar Westerlund <assar@sics.se> 86adb0ddaeSAssar Westerlund 87adb0ddaeSAssar Westerlund * delete_sec_context.c (gss_delete_sec_context): remember to free 88adb0ddaeSAssar Westerlund the memory used by the ticket itself. from <tmartin@mirapoint.com> 89adb0ddaeSAssar Westerlund 90adb0ddaeSAssar Westerlund2001-05-04 Assar Westerlund <assar@sics.se> 91adb0ddaeSAssar Westerlund 92adb0ddaeSAssar Westerlund * gssapi_locl.h: add config.h for completeness 93adb0ddaeSAssar Westerlund * gssapi.h: remove config.h, this is an installed header file 94adb0ddaeSAssar Westerlund sys/types.h is not needed either 95adb0ddaeSAssar Westerlund 96adb0ddaeSAssar Westerlund2001-03-12 Assar Westerlund <assar@sics.se> 97adb0ddaeSAssar Westerlund 98adb0ddaeSAssar Westerlund * acquire_cred.c (gss_acquire_cred): remove memory leaks. from 99adb0ddaeSAssar Westerlund Jason R Thorpe <thorpej@zembu.com> 100adb0ddaeSAssar Westerlund 101adb0ddaeSAssar Westerlund2001-02-18 Assar Westerlund <assar@sics.se> 102adb0ddaeSAssar Westerlund 103adb0ddaeSAssar Westerlund * accept_sec_context.c (gss_accept_sec_context): either return 104adb0ddaeSAssar Westerlund gss_name NULL-ed or set 105adb0ddaeSAssar Westerlund 106adb0ddaeSAssar Westerlund * import_name.c: set minor_status in some cases where it was not 107adb0ddaeSAssar Westerlund done 108adb0ddaeSAssar Westerlund 109adb0ddaeSAssar Westerlund2001-02-15 Assar Westerlund <assar@sics.se> 110adb0ddaeSAssar Westerlund 111adb0ddaeSAssar Westerlund * wrap.c: use krb5_generate_random_block for the confounders 112adb0ddaeSAssar Westerlund 1135e9cd1aeSAssar Westerlund2001-01-30 Assar Westerlund <assar@sics.se> 1145e9cd1aeSAssar Westerlund 1155e9cd1aeSAssar Westerlund * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:0:2 1165e9cd1aeSAssar Westerlund * acquire_cred.c, init_sec_context.c, release_cred.c: add support 1175e9cd1aeSAssar Westerlund for getting creds from a keytab, from fvdl@netbsd.org 1185e9cd1aeSAssar Westerlund 1195e9cd1aeSAssar Westerlund * copy_ccache.c: add gss_krb5_copy_ccache 1205e9cd1aeSAssar Westerlund 1215e9cd1aeSAssar Westerlund2001-01-27 Assar Westerlund <assar@sics.se> 1225e9cd1aeSAssar Westerlund 1235e9cd1aeSAssar Westerlund * get_mic.c: cast parameters to des function to non-const pointers 1245e9cd1aeSAssar Westerlund to handle the case where these functions actually take non-const 1255e9cd1aeSAssar Westerlund des_cblock * 1265e9cd1aeSAssar Westerlund 1275e9cd1aeSAssar Westerlund2001-01-09 Assar Westerlund <assar@sics.se> 1285e9cd1aeSAssar Westerlund 1295e9cd1aeSAssar Westerlund * accept_sec_context.c (gss_accept_sec_context): use krb5_rd_cred2 1305e9cd1aeSAssar Westerlund instead of krb5_rd_cred 1315e9cd1aeSAssar Westerlund 1325e9cd1aeSAssar Westerlund2000-12-11 Assar Westerlund <assar@sics.se> 1335e9cd1aeSAssar Westerlund 1345e9cd1aeSAssar Westerlund * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:3:1 1355e9cd1aeSAssar Westerlund 1365e9cd1aeSAssar Westerlund2000-12-08 Assar Westerlund <assar@sics.se> 1375e9cd1aeSAssar Westerlund 1385e9cd1aeSAssar Westerlund * wrap.c (wrap_des3): use the checksum as ivec when encrypting the 1395e9cd1aeSAssar Westerlund sequence number 1405e9cd1aeSAssar Westerlund * unwrap.c (unwrap_des3): use the checksum as ivec when encrypting 1415e9cd1aeSAssar Westerlund the sequence number 1425e9cd1aeSAssar Westerlund * init_sec_context.c (init_auth): always zero fwd_data 1435e9cd1aeSAssar Westerlund 1445e9cd1aeSAssar Westerlund2000-12-06 Johan Danielsson <joda@pdc.kth.se> 1455e9cd1aeSAssar Westerlund 1465e9cd1aeSAssar Westerlund * accept_sec_context.c: de-pointerise auth_context parameter to 1475e9cd1aeSAssar Westerlund krb5_mk_rep 1485e9cd1aeSAssar Westerlund 1495e9cd1aeSAssar Westerlund2000-11-15 Assar Westerlund <assar@sics.se> 1505e9cd1aeSAssar Westerlund 1515e9cd1aeSAssar Westerlund * init_sec_context.c (init_auth): update to new 1525e9cd1aeSAssar Westerlund krb5_build_authenticator 1535e9cd1aeSAssar Westerlund 1545e9cd1aeSAssar Westerlund2000-09-19 Assar Westerlund <assar@sics.se> 1555e9cd1aeSAssar Westerlund 1565e9cd1aeSAssar Westerlund * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:2:1 1575e9cd1aeSAssar Westerlund 1585e9cd1aeSAssar Westerlund2000-08-27 Assar Westerlund <assar@sics.se> 1595e9cd1aeSAssar Westerlund 1605e9cd1aeSAssar Westerlund * init_sec_context.c: actually pay attention to `time_req' 1615e9cd1aeSAssar Westerlund * init_sec_context.c: re-organize. leak less memory. 1625e9cd1aeSAssar Westerlund * gssapi_locl.h (gssapi_krb5_encapsulate, gss_krb5_getsomekey): 1635e9cd1aeSAssar Westerlund update prototypes add assert.h 1645e9cd1aeSAssar Westerlund * gssapi.h (GSS_KRB5_CONF_C_QOP_DES, GSS_KRB5_CONF_C_QOP_DES3_KD): 1655e9cd1aeSAssar Westerlund add 1665e9cd1aeSAssar Westerlund * verify_mic.c: re-organize and add 3DES code 1675e9cd1aeSAssar Westerlund * wrap.c: re-organize and add 3DES code 1685e9cd1aeSAssar Westerlund * unwrap.c: re-organize and add 3DES code 1695e9cd1aeSAssar Westerlund * get_mic.c: re-organize and add 3DES code 1705e9cd1aeSAssar Westerlund * encapsulate.c (gssapi_krb5_encapsulate): do not free `in_data', 1715e9cd1aeSAssar Westerlund let the caller do that. fix the callers. 1725e9cd1aeSAssar Westerlund 1735e9cd1aeSAssar Westerlund2000-08-16 Assar Westerlund <assar@sics.se> 1745e9cd1aeSAssar Westerlund 1755e9cd1aeSAssar Westerlund * Makefile.am: bump version to 2:1:1 1765e9cd1aeSAssar Westerlund 1775e9cd1aeSAssar Westerlund2000-07-29 Assar Westerlund <assar@sics.se> 1785e9cd1aeSAssar Westerlund 1795e9cd1aeSAssar Westerlund * decapsulate.c (gssapi_krb5_verify_header): sanity-check length 1805e9cd1aeSAssar Westerlund 1815e9cd1aeSAssar Westerlund2000-07-25 Johan Danielsson <joda@pdc.kth.se> 1825e9cd1aeSAssar Westerlund 1835e9cd1aeSAssar Westerlund * Makefile.am: bump version to 2:0:1 1845e9cd1aeSAssar Westerlund 1855e9cd1aeSAssar Westerlund2000-07-22 Assar Westerlund <assar@sics.se> 1865e9cd1aeSAssar Westerlund 1875e9cd1aeSAssar Westerlund * gssapi.h: update OID for GSS_C_NT_HOSTBASED_SERVICE and other 1885e9cd1aeSAssar Westerlund details from rfc2744 1895e9cd1aeSAssar Westerlund 1905e9cd1aeSAssar Westerlund2000-06-29 Assar Westerlund <assar@sics.se> 1915e9cd1aeSAssar Westerlund 1925e9cd1aeSAssar Westerlund * address_to_krb5addr.c (gss_address_to_krb5addr): actually use 1935e9cd1aeSAssar Westerlund `int' instead of `sa_family_t' for the address family. 1945e9cd1aeSAssar Westerlund 1955e9cd1aeSAssar Westerlund2000-06-21 Assar Westerlund <assar@sics.se> 1965e9cd1aeSAssar Westerlund 1975e9cd1aeSAssar Westerlund * add support for token delegation. From Daniel Kouril 1985e9cd1aeSAssar Westerlund <kouril@ics.muni.cz> and Miroslav Ruda <ruda@ics.muni.cz> 1995e9cd1aeSAssar Westerlund 2005e9cd1aeSAssar Westerlund2000-05-15 Assar Westerlund <assar@sics.se> 2015e9cd1aeSAssar Westerlund 2025e9cd1aeSAssar Westerlund * Makefile.am (libgssapi_la_LDFLAGS): set version to 1:1:1 2035e9cd1aeSAssar Westerlund 2045e9cd1aeSAssar Westerlund2000-04-12 Assar Westerlund <assar@sics.se> 2055e9cd1aeSAssar Westerlund 2065e9cd1aeSAssar Westerlund * release_oid_set.c (gss_release_oid_set): clear set for 2075e9cd1aeSAssar Westerlund robustness. From GOMBAS Gabor <gombasg@inf.elte.hu> 2085e9cd1aeSAssar Westerlund * release_name.c (gss_release_name): reset input_name for 2095e9cd1aeSAssar Westerlund robustness. From GOMBAS Gabor <gombasg@inf.elte.hu> 2105e9cd1aeSAssar Westerlund * release_buffer.c (gss_release_buffer): set value to NULL to be 2115e9cd1aeSAssar Westerlund more robust. From GOMBAS Gabor <gombasg@inf.elte.hu> 2125e9cd1aeSAssar Westerlund * add_oid_set_member.c (gss_add_oid_set_member): actually check if 2135e9cd1aeSAssar Westerlund the oid is a member first. leave the oid_set unchanged if realloc 2145e9cd1aeSAssar Westerlund fails. 2155e9cd1aeSAssar Westerlund 216283d988cSMark Murray2000-02-13 Assar Westerlund <assar@sics.se> 217283d988cSMark Murray 218283d988cSMark Murray * Makefile.am: set version to 1:0:1 219283d988cSMark Murray 220283d988cSMark Murray2000-02-12 Assar Westerlund <assar@sics.se> 221283d988cSMark Murray 222283d988cSMark Murray * gssapi_locl.h: add flags for import/export 223283d988cSMark Murray * import_sec_context.c (import_sec_context: add flags for what 224283d988cSMark Murray fields are included. do not include the authenticator for now. 225283d988cSMark Murray * export_sec_context.c (export_sec_context: add flags for what 226283d988cSMark Murray fields are included. do not include the authenticator for now. 227283d988cSMark Murray * accept_sec_context.c (gss_accept_sec_context): set target in 228283d988cSMark Murray context_handle 229283d988cSMark Murray 230283d988cSMark Murray2000-02-11 Assar Westerlund <assar@sics.se> 231283d988cSMark Murray 232283d988cSMark Murray * delete_sec_context.c (gss_delete_sec_context): set context to 233283d988cSMark Murray GSS_C_NO_CONTEXT 234283d988cSMark Murray 235283d988cSMark Murray * Makefile.am: add {export,import}_sec_context.c 236283d988cSMark Murray * export_sec_context.c: new file 237283d988cSMark Murray * import_sec_context.c: new file 238283d988cSMark Murray * accept_sec_context.c (gss_accept_sec_context): set trans flag 239283d988cSMark Murray 24013e3f4d6SMark Murray2000-02-07 Assar Westerlund <assar@sics.se> 24113e3f4d6SMark Murray 24213e3f4d6SMark Murray * Makefile.am: set version to 0:5:0 24313e3f4d6SMark Murray 24413e3f4d6SMark Murray2000-01-26 Assar Westerlund <assar@sics.se> 24513e3f4d6SMark Murray 24613e3f4d6SMark Murray * delete_sec_context.c (gss_delete_sec_context): handle a NULL 24713e3f4d6SMark Murray output_token 24813e3f4d6SMark Murray 24913e3f4d6SMark Murray * wrap.c: update to pseudo-standard APIs for md4,md5,sha. some 25013e3f4d6SMark Murray changes to libdes calls to make them more portable. 25113e3f4d6SMark Murray * verify_mic.c: update to pseudo-standard APIs for md4,md5,sha. 25213e3f4d6SMark Murray some changes to libdes calls to make them more portable. 25313e3f4d6SMark Murray * unwrap.c: update to pseudo-standard APIs for md4,md5,sha. some 25413e3f4d6SMark Murray changes to libdes calls to make them more portable. 25513e3f4d6SMark Murray * get_mic.c: update to pseudo-standard APIs for md4,md5,sha. some 25613e3f4d6SMark Murray changes to libdes calls to make them more portable. 25713e3f4d6SMark Murray * 8003.c: update to pseudo-standard APIs for md4,md5,sha. 25813e3f4d6SMark Murray 259b528cefcSMark Murray2000-01-06 Assar Westerlund <assar@sics.se> 260b528cefcSMark Murray 261b528cefcSMark Murray * Makefile.am: set version to 0:4:0 262b528cefcSMark Murray 263b528cefcSMark Murray1999-12-26 Assar Westerlund <assar@sics.se> 264b528cefcSMark Murray 265b528cefcSMark Murray * accept_sec_context.c (gss_accept_sec_context): always set 266b528cefcSMark Murray `output_token' 267b528cefcSMark Murray * init_sec_context.c (init_auth): always initialize `output_token' 268b528cefcSMark Murray * delete_sec_context.c (gss_delete_sec_context): always set 269b528cefcSMark Murray `output_token' 270b528cefcSMark Murray 271b528cefcSMark Murray1999-12-06 Assar Westerlund <assar@sics.se> 272b528cefcSMark Murray 273b528cefcSMark Murray * Makefile.am: bump version to 0:3:0 274b528cefcSMark Murray 275b528cefcSMark Murray1999-10-20 Assar Westerlund <assar@sics.se> 276b528cefcSMark Murray 277b528cefcSMark Murray * Makefile.am: set version to 0:2:0 278b528cefcSMark Murray 279b528cefcSMark Murray1999-09-21 Assar Westerlund <assar@sics.se> 280b528cefcSMark Murray 281b528cefcSMark Murray * init_sec_context.c (gss_init_sec_context): initialize `ticket' 282b528cefcSMark Murray 283b528cefcSMark Murray * gssapi.h (gss_ctx_id_t_desc): add ticket in here. ick. 284b528cefcSMark Murray 285b528cefcSMark Murray * delete_sec_context.c (gss_delete_sec_context): free ticket 286b528cefcSMark Murray 287b528cefcSMark Murray * accept_sec_context.c (gss_accept_sec_context): stove away 288b528cefcSMark Murray `krb5_ticket' in context so that ugly programs such as 289b528cefcSMark Murray gss_nt_server can get at it. uck. 290b528cefcSMark Murray 291b528cefcSMark Murray1999-09-20 Johan Danielsson <joda@pdc.kth.se> 292b528cefcSMark Murray 293b528cefcSMark Murray * accept_sec_context.c: set minor_status 294b528cefcSMark Murray 295b528cefcSMark Murray1999-08-04 Assar Westerlund <assar@sics.se> 296b528cefcSMark Murray 297b528cefcSMark Murray * display_status.c (calling_error, routine_error): right shift the 298b528cefcSMark Murray code to make it possible to index into the arrays 299b528cefcSMark Murray 300b528cefcSMark Murray1999-07-28 Assar Westerlund <assar@sics.se> 301b528cefcSMark Murray 302b528cefcSMark Murray * gssapi.h (GSS_C_AF_INET6): add 303b528cefcSMark Murray 304b528cefcSMark Murray * import_name.c (import_hostbased_name): set minor_status 305b528cefcSMark Murray 306b528cefcSMark Murray1999-07-26 Assar Westerlund <assar@sics.se> 307b528cefcSMark Murray 308b528cefcSMark Murray * Makefile.am: set version to 0:1:0 309b528cefcSMark Murray 310b528cefcSMark MurrayWed Apr 7 14:05:15 1999 Johan Danielsson <joda@hella.pdc.kth.se> 311b528cefcSMark Murray 312b528cefcSMark Murray * display_status.c: set minor_status 313b528cefcSMark Murray 314b528cefcSMark Murray * init_sec_context.c: set minor_status 315b528cefcSMark Murray 316b528cefcSMark Murray * lib/gssapi/init.c: remove donep (check gssapi_krb5_context 317b528cefcSMark Murray directly) 318b528cefcSMark Murray 319