12002-08-20 Jacques Vidrine <n@nectar.com> 2 3 * acquire_cred.c, inquire_cred.c, release_cred.c: Use default 4 credential resolution if gss_acquire_cred is called with 5 GSS_C_NO_NAME. 6 72002-06-20 Jacques Vidrine <n@nectar.com> 8 9 * import_name.c: Compare name types by value if pointers do 10 not match. Reported by: "Douglas E. Engert" <deengert@anl.gov> 11 122002-05-20 Jacques Vidrine <n@nectar.com> 13 14 * verify_mic.c (gss_verify_mic), unwrap.c (gss_unwrap): initialize 15 the qop_state parameter. from Doug Rabson <dfr@nlsystems.com> 16 172002-05-09 Jacques Vidrine <n@nectar.com> 18 19 * acquire_cred.c: handle GSS_C_INITIATE/GSS_C_ACCEPT/GSS_C_BOTH 20 212002-05-08 Jacques Vidrine <n@nectar.com> 22 23 * acquire_cred.c: initialize gssapi; handle null desired_name 24 252002-03-22 Johan Danielsson <joda@pdc.kth.se> 26 27 * Makefile.am: remove non-functional stuff accidentally committed 28 292002-03-11 Assar Westerlund <assar@sics.se> 30 31 * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:5:2 32 * 8003.c (gssapi_krb5_verify_8003_checksum): handle zero channel 33 bindings 34 352001-10-31 Jacques Vidrine <n@nectar.com> 36 37 * get_mic.c (mic_des3): MIC computation using DES3/SHA1 38 was bogusly appending the message buffer to the result, 39 overwriting a heap buffer in the process. 40 412001-08-29 Assar Westerlund <assar@sics.se> 42 43 * 8003.c (gssapi_krb5_verify_8003_checksum, 44 gssapi_krb5_create_8003_checksum): make more consistent by always 45 returning an gssapi error and setting minor status. update 46 callers 47 482001-08-28 Jacques Vidrine <n@nectar.com> 49 50 * accept_sec_context.c: Create a cache for delegated credentials 51 when needed. 52 532001-08-28 Assar Westerlund <assar@sics.se> 54 55 * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:4:2 56 572001-08-23 Assar Westerlund <assar@sics.se> 58 59 * *.c: handle minor_status more consistently 60 61 * display_status.c (gss_display_status): handle krb5_get_err_text 62 failing 63 642001-08-15 Johan Danielsson <joda@pdc.kth.se> 65 66 * gssapi_locl.h: fix prototype for gssapi_krb5_init 67 682001-08-13 Johan Danielsson <joda@pdc.kth.se> 69 70 * accept_sec_context.c (gsskrb5_register_acceptor_identity): init 71 context and check return value from kt_resolve 72 73 * init.c: return error code 74 752001-07-19 Assar Westerlund <assar@sics.se> 76 77 * Makefile.am (libgssapi_la_LDFLAGS): update to 3:3:2 78 792001-07-12 Assar Westerlund <assar@sics.se> 80 81 * Makefile.am (libgssapi_la_LIBADD): add required library 82 dependencies 83 842001-07-06 Assar Westerlund <assar@sics.se> 85 86 * accept_sec_context.c (gsskrb5_register_acceptor_identity): set 87 the keytab to be used for gss_acquire_cred too' 88 892001-07-03 Assar Westerlund <assar@sics.se> 90 91 * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:2:2 92 932001-06-18 Assar Westerlund <assar@sics.se> 94 95 * wrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey 96 and gss_krb5_get_remotekey 97 * verify_mic.c: update krb5_auth_con function names use 98 gss_krb5_get_remotekey 99 * unwrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey 100 and gss_krb5_get_remotekey 101 * gssapi_locl.h (gss_krb5_get_remotekey, gss_krb5_get_localkey): 102 add prototypes 103 * get_mic.c: update krb5_auth_con function names. use 104 gss_krb5_get_localkey 105 * accept_sec_context.c: update krb5_auth_con function names 106 1072001-05-17 Assar Westerlund <assar@sics.se> 108 109 * Makefile.am: bump version to 3:1:2 110 1112001-05-14 Assar Westerlund <assar@sics.se> 112 113 * address_to_krb5addr.c: adapt to new address functions 114 1152001-05-11 Assar Westerlund <assar@sics.se> 116 117 * try to return the error string from libkrb5 where applicable 118 1192001-05-08 Assar Westerlund <assar@sics.se> 120 121 * delete_sec_context.c (gss_delete_sec_context): remember to free 122 the memory used by the ticket itself. from <tmartin@mirapoint.com> 123 1242001-05-04 Assar Westerlund <assar@sics.se> 125 126 * gssapi_locl.h: add config.h for completeness 127 * gssapi.h: remove config.h, this is an installed header file 128 sys/types.h is not needed either 129 1302001-03-12 Assar Westerlund <assar@sics.se> 131 132 * acquire_cred.c (gss_acquire_cred): remove memory leaks. from 133 Jason R Thorpe <thorpej@zembu.com> 134 1352001-02-18 Assar Westerlund <assar@sics.se> 136 137 * accept_sec_context.c (gss_accept_sec_context): either return 138 gss_name NULL-ed or set 139 140 * import_name.c: set minor_status in some cases where it was not 141 done 142 1432001-02-15 Assar Westerlund <assar@sics.se> 144 145 * wrap.c: use krb5_generate_random_block for the confounders 146 1472001-01-30 Assar Westerlund <assar@sics.se> 148 149 * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:0:2 150 * acquire_cred.c, init_sec_context.c, release_cred.c: add support 151 for getting creds from a keytab, from fvdl@netbsd.org 152 153 * copy_ccache.c: add gss_krb5_copy_ccache 154 1552001-01-27 Assar Westerlund <assar@sics.se> 156 157 * get_mic.c: cast parameters to des function to non-const pointers 158 to handle the case where these functions actually take non-const 159 des_cblock * 160 1612001-01-09 Assar Westerlund <assar@sics.se> 162 163 * accept_sec_context.c (gss_accept_sec_context): use krb5_rd_cred2 164 instead of krb5_rd_cred 165 1662000-12-11 Assar Westerlund <assar@sics.se> 167 168 * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:3:1 169 1702000-12-08 Assar Westerlund <assar@sics.se> 171 172 * wrap.c (wrap_des3): use the checksum as ivec when encrypting the 173 sequence number 174 * unwrap.c (unwrap_des3): use the checksum as ivec when encrypting 175 the sequence number 176 * init_sec_context.c (init_auth): always zero fwd_data 177 1782000-12-06 Johan Danielsson <joda@pdc.kth.se> 179 180 * accept_sec_context.c: de-pointerise auth_context parameter to 181 krb5_mk_rep 182 1832000-11-15 Assar Westerlund <assar@sics.se> 184 185 * init_sec_context.c (init_auth): update to new 186 krb5_build_authenticator 187 1882000-09-19 Assar Westerlund <assar@sics.se> 189 190 * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:2:1 191 1922000-08-27 Assar Westerlund <assar@sics.se> 193 194 * init_sec_context.c: actually pay attention to `time_req' 195 * init_sec_context.c: re-organize. leak less memory. 196 * gssapi_locl.h (gssapi_krb5_encapsulate, gss_krb5_getsomekey): 197 update prototypes add assert.h 198 * gssapi.h (GSS_KRB5_CONF_C_QOP_DES, GSS_KRB5_CONF_C_QOP_DES3_KD): 199 add 200 * verify_mic.c: re-organize and add 3DES code 201 * wrap.c: re-organize and add 3DES code 202 * unwrap.c: re-organize and add 3DES code 203 * get_mic.c: re-organize and add 3DES code 204 * encapsulate.c (gssapi_krb5_encapsulate): do not free `in_data', 205 let the caller do that. fix the callers. 206 2072000-08-16 Assar Westerlund <assar@sics.se> 208 209 * Makefile.am: bump version to 2:1:1 210 2112000-07-29 Assar Westerlund <assar@sics.se> 212 213 * decapsulate.c (gssapi_krb5_verify_header): sanity-check length 214 2152000-07-25 Johan Danielsson <joda@pdc.kth.se> 216 217 * Makefile.am: bump version to 2:0:1 218 2192000-07-22 Assar Westerlund <assar@sics.se> 220 221 * gssapi.h: update OID for GSS_C_NT_HOSTBASED_SERVICE and other 222 details from rfc2744 223 2242000-06-29 Assar Westerlund <assar@sics.se> 225 226 * address_to_krb5addr.c (gss_address_to_krb5addr): actually use 227 `int' instead of `sa_family_t' for the address family. 228 2292000-06-21 Assar Westerlund <assar@sics.se> 230 231 * add support for token delegation. From Daniel Kouril 232 <kouril@ics.muni.cz> and Miroslav Ruda <ruda@ics.muni.cz> 233 2342000-05-15 Assar Westerlund <assar@sics.se> 235 236 * Makefile.am (libgssapi_la_LDFLAGS): set version to 1:1:1 237 2382000-04-12 Assar Westerlund <assar@sics.se> 239 240 * release_oid_set.c (gss_release_oid_set): clear set for 241 robustness. From GOMBAS Gabor <gombasg@inf.elte.hu> 242 * release_name.c (gss_release_name): reset input_name for 243 robustness. From GOMBAS Gabor <gombasg@inf.elte.hu> 244 * release_buffer.c (gss_release_buffer): set value to NULL to be 245 more robust. From GOMBAS Gabor <gombasg@inf.elte.hu> 246 * add_oid_set_member.c (gss_add_oid_set_member): actually check if 247 the oid is a member first. leave the oid_set unchanged if realloc 248 fails. 249 2502000-02-13 Assar Westerlund <assar@sics.se> 251 252 * Makefile.am: set version to 1:0:1 253 2542000-02-12 Assar Westerlund <assar@sics.se> 255 256 * gssapi_locl.h: add flags for import/export 257 * import_sec_context.c (import_sec_context: add flags for what 258 fields are included. do not include the authenticator for now. 259 * export_sec_context.c (export_sec_context: add flags for what 260 fields are included. do not include the authenticator for now. 261 * accept_sec_context.c (gss_accept_sec_context): set target in 262 context_handle 263 2642000-02-11 Assar Westerlund <assar@sics.se> 265 266 * delete_sec_context.c (gss_delete_sec_context): set context to 267 GSS_C_NO_CONTEXT 268 269 * Makefile.am: add {export,import}_sec_context.c 270 * export_sec_context.c: new file 271 * import_sec_context.c: new file 272 * accept_sec_context.c (gss_accept_sec_context): set trans flag 273 2742000-02-07 Assar Westerlund <assar@sics.se> 275 276 * Makefile.am: set version to 0:5:0 277 2782000-01-26 Assar Westerlund <assar@sics.se> 279 280 * delete_sec_context.c (gss_delete_sec_context): handle a NULL 281 output_token 282 283 * wrap.c: update to pseudo-standard APIs for md4,md5,sha. some 284 changes to libdes calls to make them more portable. 285 * verify_mic.c: update to pseudo-standard APIs for md4,md5,sha. 286 some changes to libdes calls to make them more portable. 287 * unwrap.c: update to pseudo-standard APIs for md4,md5,sha. some 288 changes to libdes calls to make them more portable. 289 * get_mic.c: update to pseudo-standard APIs for md4,md5,sha. some 290 changes to libdes calls to make them more portable. 291 * 8003.c: update to pseudo-standard APIs for md4,md5,sha. 292 2932000-01-06 Assar Westerlund <assar@sics.se> 294 295 * Makefile.am: set version to 0:4:0 296 2971999-12-26 Assar Westerlund <assar@sics.se> 298 299 * accept_sec_context.c (gss_accept_sec_context): always set 300 `output_token' 301 * init_sec_context.c (init_auth): always initialize `output_token' 302 * delete_sec_context.c (gss_delete_sec_context): always set 303 `output_token' 304 3051999-12-06 Assar Westerlund <assar@sics.se> 306 307 * Makefile.am: bump version to 0:3:0 308 3091999-10-20 Assar Westerlund <assar@sics.se> 310 311 * Makefile.am: set version to 0:2:0 312 3131999-09-21 Assar Westerlund <assar@sics.se> 314 315 * init_sec_context.c (gss_init_sec_context): initialize `ticket' 316 317 * gssapi.h (gss_ctx_id_t_desc): add ticket in here. ick. 318 319 * delete_sec_context.c (gss_delete_sec_context): free ticket 320 321 * accept_sec_context.c (gss_accept_sec_context): stove away 322 `krb5_ticket' in context so that ugly programs such as 323 gss_nt_server can get at it. uck. 324 3251999-09-20 Johan Danielsson <joda@pdc.kth.se> 326 327 * accept_sec_context.c: set minor_status 328 3291999-08-04 Assar Westerlund <assar@sics.se> 330 331 * display_status.c (calling_error, routine_error): right shift the 332 code to make it possible to index into the arrays 333 3341999-07-28 Assar Westerlund <assar@sics.se> 335 336 * gssapi.h (GSS_C_AF_INET6): add 337 338 * import_name.c (import_hostbased_name): set minor_status 339 3401999-07-26 Assar Westerlund <assar@sics.se> 341 342 * Makefile.am: set version to 0:1:0 343 344Wed Apr 7 14:05:15 1999 Johan Danielsson <joda@hella.pdc.kth.se> 345 346 * display_status.c: set minor_status 347 348 * init_sec_context.c: set minor_status 349 350 * lib/gssapi/init.c: remove donep (check gssapi_krb5_context 351 directly) 352 353