1 |
< |
2005-12-15 Love Hörnquist Åstrand <lha@it.su.se> |
1 |
> |
2005-12-15 Love Hörnquist Åstrand <lha@it.su.se> |
2 |
|
|
3 |
|
* kdc/kerberos5.c (tgs_make_reply): less const on hdb_entry_ex to |
4 |
|
make samba happy |
5 |
|
|
6 |
|
* fix-export: Build kdc-private.h. |
7 |
|
|
8 |
< |
2005-12-14 Love Hörnquist Åstrand <lha@it.su.se> |
8 |
> |
2005-12-14 Love Hörnquist Åstrand <lha@it.su.se> |
9 |
|
|
10 |
|
* kdc/kerberos5.c (tgs_rep2): also print the principal for which |
11 |
|
the enctype was missing |
12 |
|
|
13 |
< |
2005-12-13 Love Hörnquist Åstrand <lha@it.su.se> |
13 |
> |
2005-12-13 Love Hörnquist Åstrand <lha@it.su.se> |
14 |
|
|
15 |
|
* kdc/kaserver.c: Finish up transition from hdb_entry to |
16 |
|
hdb_entry_ex. |
35 |
|
|
36 |
|
* lib/hdb/db.c: memset hdb_entry_ex before use |
37 |
|
|
38 |
< |
2005-12-12 Love Hörnquist Åstrand <lha@it.su.se> |
38 |
> |
2005-12-12 Love Hörnquist Åstrand <lha@it.su.se> |
39 |
|
|
40 |
|
* lib/krb5/krb5.3: Add some more entrypoints. |
41 |
|
|
66 |
|
|
67 |
|
* Makefile.am: Split long line |
68 |
|
|
69 |
< |
* doc/apps.texi: Spelling, From Måns Nilsson. |
69 |
> |
* doc/apps.texi: Spelling, From MÃ¥ns Nilsson. |
70 |
|
|
71 |
< |
* doc/install.texi: spelling, From Måns Nilsson |
71 |
> |
* doc/install.texi: spelling, From MÃ¥ns Nilsson |
72 |
|
|
73 |
< |
2005-12-11 Love Hörnquist Åstrand <lha@it.su.se> |
73 |
> |
2005-12-11 Love Hörnquist Åstrand <lha@it.su.se> |
74 |
|
|
75 |
|
* lib/krb5/krb5_principal.3: Constify principal argument to on |
76 |
|
krb5_principal_get_ functions. |
78 |
|
* lib/krb5/principal.c: Constify principal argument to on |
79 |
|
krb5_principal_get_ functions. |
80 |
|
|
81 |
< |
2005-12-08 Love Hörnquist Åstrand <lha@it.su.se> |
81 |
> |
2005-12-08 Love Hörnquist Åstrand <lha@it.su.se> |
82 |
|
|
83 |
|
* lib/hdb: drop convert_db, 0.0 to 0.1 transition was a long long |
84 |
|
time ago |
85 |
|
|
86 |
< |
2005-12-05 Love Hörnquist Åstrand <lha@it.su.se> |
86 |
> |
2005-12-05 Love Hörnquist Åstrand <lha@it.su.se> |
87 |
|
|
88 |
|
* lib/krb5/test_keytab.c: more tests, From Andrew Bartlet |
89 |
|
|
91 |
|
NULL on success in the case 0 entries are allocated, From Andrew |
92 |
|
Bartlet |
93 |
|
|
94 |
< |
2005-12-02 Love Hörnquist Åstrand <lha@it.su.se> |
94 |
> |
2005-12-02 Love Hörnquist Åstrand <lha@it.su.se> |
95 |
|
|
96 |
|
* lib/krb5/acl.c (acl_parse_format): tmp needs to be freed too on |
97 |
|
failure to parse format specifier. |
105 |
|
|
106 |
|
* lib/krb5/derived-key-test.c: Free more of the allocated memory. |
107 |
|
|
108 |
< |
2005-12-01 Love Hörnquist Åstrand <lha@it.su.se> |
108 |
> |
2005-12-01 Love Hörnquist Åstrand <lha@it.su.se> |
109 |
|
|
110 |
< |
* doc/setup.texi: spelling, From Måns Nilsson |
110 |
> |
* doc/setup.texi: spelling, From MÃ¥ns Nilsson |
111 |
|
|
112 |
|
* lib/krb5/krb5_keytab.3: Memory keytab are now named and |
113 |
|
refcounted. |
117 |
|
* lib/krb5/keytab_memory.c: Index by name and start reference |
118 |
|
counting on entries. |
119 |
|
|
120 |
< |
2005-11-30 Love Hörnquist Åstrand <lha@it.su.se> |
120 |
> |
2005-11-30 Love Hörnquist Åstrand <lha@it.su.se> |
121 |
|
|
122 |
|
* lib/krb5/krb5.h (krb5_address_type): add |
123 |
|
KRB5_ADDRESS_NETBIOS (20) |
131 |
|
|
132 |
|
* kcm/connect.c (kcm_loop): Use HAVE_DOOR_CREATE, not HAVE_DOORS. |
133 |
|
|
134 |
< |
2005-11-29 Love Hörnquist Åstrand <lha@it.su.se> |
134 |
> |
2005-11-29 Love Hörnquist Åstrand <lha@it.su.se> |
135 |
|
|
136 |
|
* lib/krb5/verify_krb5_conf.c (libdefaults_entries): add |
137 |
|
default_cc_name |
162 |
|
|
163 |
|
* lib/hdb/db.c (hdb_db_create): use calloc to allocate memory |
164 |
|
|
165 |
< |
2005-11-28 Love Hörnquist Åstrand <lha@it.su.se> |
165 |
> |
2005-11-28 Love Hörnquist Åstrand <lha@it.su.se> |
166 |
|
|
167 |
|
* lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): use session |
168 |
|
key for delegated credentials |
170 |
|
* kdc/kerberos5.c (_kdc_as_rep): add comment when we send |
171 |
|
ETYPE-INFO and ETYPE-INFO2, from Andrew Bartlett |
172 |
|
|
173 |
< |
2005-11-25 Love Hörnquist Åstrand <lha@it.su.se> |
173 |
> |
2005-11-25 Love Hörnquist Åstrand <lha@it.su.se> |
174 |
|
|
175 |
|
* lib/krb5/keytab.c (krb5_kt_get_full_name): new function |
176 |
|
|
177 |
< |
2005-11-24 Love Hörnquist Åstrand <lha@it.su.se> |
177 |
> |
2005-11-24 Love Hörnquist Åstrand <lha@it.su.se> |
178 |
|
|
179 |
|
* lib/krb5/test_crypto.c: Split encryption and s2k iterations to |
180 |
|
diffrent counters, 38seconds of aes256 s2k is way too long. |
181 |
|
|
182 |
|
* lib/krb5/test_crypto.c: Add timing code for s2k function. |
183 |
|
|
184 |
< |
2005-11-07 Love Hörnquist Åstrand <lha@it.su.se> |
184 |
> |
2005-11-07 Love Hörnquist Åstrand <lha@it.su.se> |
185 |
|
|
186 |
|
* kdc/kerberos5.c: Print the time the principal expired, based on |
187 |
|
patch from Andrew Bartlett. |
188 |
|
|
189 |
< |
2005-11-01 Love Hörnquist Åstrand <lha@it.su.se> |
189 |
> |
2005-11-01 Love Hörnquist Åstrand <lha@it.su.se> |
190 |
|
|
191 |
|
* lib/krb5/cache.c (krb5_cc_get_full_name): Add |
192 |
|
|
193 |
< |
2005-11-01 Love Hörnquist Åstrand <lha@it.su.se> |
193 |
> |
2005-11-01 Love Hörnquist Åstrand <lha@it.su.se> |
194 |
|
|
195 |
|
* configure.in: Spelling, From Michael Banck <mbanck@debian.org> |
196 |
|
|
197 |
< |
2005-10-30 Love Hörnquist Åstrand <lha@it.su.se> |
197 |
> |
2005-10-30 Love Hörnquist Åstrand <lha@it.su.se> |
198 |
|
|
199 |
|
* kcm/headers.h: Maybe include <sys/param.h>. |
200 |
|
|
201 |
< |
2005-10-27 Love Hörnquist Åstrand <lha@it.su.se> |
201 |
> |
2005-10-27 Love Hörnquist Åstrand <lha@it.su.se> |
202 |
|
|
203 |
|
* lib/krb5/ticket.c (krb5_ticket_get_authorization_data_type): |
204 |
|
understand KRB5_AUTHDATA_IF_RELEVANT and KRB5_AUTHDATA_AND_OR (but |
205 |
|
have KRB5_AUTHDATA_KDC_ISSUED commented out for now) |
206 |
|
|
207 |
< |
2005-10-26 Love Hörnquist Åstrand <lha@it.su.se> |
207 |
> |
2005-10-26 Love Hörnquist Åstrand <lha@it.su.se> |
208 |
|
|
209 |
|
* kuser/klist.c: In the list caches view, rename the Status field |
210 |
|
to Expires. |
212 |
|
* lib/krb5/krb5_encrypt.3: Fix mdoc for |
213 |
|
krb5_encrypt_EncryptedData, Johnny Lam <jlam@pkgsrc.org> |
214 |
|
|
215 |
< |
2005-10-25 Love Hörnquist Åstrand <lha@it.su.se> |
215 |
> |
2005-10-25 Love Hörnquist Åstrand <lha@it.su.se> |
216 |
|
|
217 |
|
* appl/test/gssapi_client.c: Check return value from asprintf |
218 |
|
instead of string != NULL since it undefined behavior on |
219 |
< |
Linux. From Björn Sandell |
219 |
> |
Linux. From Björn Sandell |
220 |
|
|
221 |
< |
2005-10-21 Love Hörnquist Åstrand <lha@it.su.se> |
221 |
> |
2005-10-21 Love Hörnquist Åstrand <lha@it.su.se> |
222 |
|
|
223 |
|
* lib/krb5/pkinit.c (_krb5_dh_group_ok): if not enough bits are |
224 |
|
generated from the DH groups, fail. |
231 |
|
|
232 |
|
* kdc/kdc.h: Add pkinit_dh_min_bits to krb5_kdc_configuration. |
233 |
|
|
234 |
< |
2005-10-20 Love Hörnquist Åstrand <lha@it.su.se> |
234 |
> |
2005-10-20 Love Hörnquist Åstrand <lha@it.su.se> |
235 |
|
|
236 |
|
* lib/krb5/pkinit.c: Add option to require binding between reply |
237 |
|
and response for the win2k version of the protocol. |
238 |
|
|
239 |
< |
2005-10-19 Love Hörnquist Åstrand <lha@it.su.se> |
239 |
> |
2005-10-19 Love Hörnquist Åstrand <lha@it.su.se> |
240 |
|
|
241 |
|
* doc/programming.texi: Text about Kerberos errors. |
242 |
|
|
258 |
|
* lib/krb5/krb5_ccache.3: Add krb5_cc_start_seq_get and an |
259 |
|
example. |
260 |
|
|
261 |
< |
2005-10-18 Love Hörnquist Åstrand <lha@it.su.se> |
261 |
> |
2005-10-18 Love Hörnquist Åstrand <lha@it.su.se> |
262 |
|
|
263 |
|
* doc/programming.texi: Try to explain krb5_ccache, krb5_principal |
264 |
|
and errors. |
265 |
|
|
266 |
< |
2005-10-13 Love Hörnquist Åstrand <lha@it.su.se> |
266 |
> |
2005-10-13 Love Hörnquist Åstrand <lha@it.su.se> |
267 |
|
|
268 |
|
* lib/krb5/krb5_get_credentials.3: Add example how to use |
269 |
|
krb5_get_credentials. |
270 |
|
|
271 |
< |
2005-10-12 Love Hörnquist Åstrand <lha@it.su.se> |
271 |
> |
2005-10-12 Love Hörnquist Åstrand <lha@it.su.se> |
272 |
|
|
273 |
|
* lib/krb5/init_creds.c: Rename private to opt_private. |
274 |
|
|
280 |
|
* lib/krb5/krb5.h (krb5_get_init_creds_opt): rename element |
281 |
|
private to opt_private to make c++ picky compilers less upset. |
282 |
|
|
283 |
< |
2005-10-08 Love Hörnquist Åstrand <lha@it.su.se> |
283 |
> |
2005-10-08 Love Hörnquist Åstrand <lha@it.su.se> |
284 |
|
|
285 |
|
* lib/krb5/krbhst.c (_krb5_krbhost_info_move): new function |
286 |
|
(_krb5_free_krbhst_info): expose to internal use |
292 |
|
rename COMPAT_27 to COMPAT_IETF, pass down a krb5_krbhst_info for |
293 |
|
verification of KDC info, and general cleaning up. |
294 |
|
|
295 |
< |
2005-10-07 Love Hörnquist Åstrand <lha@it.su.se> |
295 |
> |
2005-10-07 Love Hörnquist Åstrand <lha@it.su.se> |
296 |
|
|
297 |
|
* lib/krb5/Makefile.am: Install krb5.moduli in sysconfdir. |
298 |
|
|
324 |
|
* lib/krb5/pkinit.c: Add support for reading a moduli-file for DH |
325 |
|
parameters. |
326 |
|
|
327 |
< |
2005-10-06 Love Hörnquist Åstrand <lha@it.su.se> |
327 |
> |
2005-10-06 Love Hörnquist Åstrand <lha@it.su.se> |
328 |
|
|
329 |
|
* kuser/klist.1: Document --list-caches |
330 |
|
|
331 |
|
* kuser/klist.c: Change short flag of --list-caches to -l (-v is |
332 |
|
already used). |
333 |
|
|
334 |
< |
2005-10-03 Love Hörnquist Åstrand <lha@it.su.se> |
334 |
> |
2005-10-03 Love Hörnquist Åstrand <lha@it.su.se> |
335 |
|
|
336 |
|
* lib/krb5/kerberos.8: RFC 1510 was obsoleted by 4120. |
337 |
|
|
340 |
|
(acc_get_cache_first): don't leak memory or abort on malloc |
341 |
|
failure |
342 |
|
|
343 |
< |
2005-10-02 Love Hörnquist Åstrand <lha@it.su.se> |
343 |
> |
2005-10-02 Love Hörnquist Åstrand <lha@it.su.se> |
344 |
|
|
345 |
|
* lib/krb5/kerberos.8: Update text about Kerberos RFC's. |
346 |
|
|
347 |
< |
2005-10-01 Love Hörnquist Åstrand <lha@it.su.se> |
347 |
> |
2005-10-01 Love Hörnquist Åstrand <lha@it.su.se> |
348 |
|
|
349 |
|
* kuser/klist.c: Add option --list-caches that lists the avaible |
350 |
|
caches and their status. |
356 |
|
lha/root@SU.SE 0 Expired |
357 |
|
lha@N.L.NXS.SE Initial default ccache Expired |
358 |
|
|
359 |
< |
2005-09-30 Love Hörnquist Åstrand <lha@it.su.se> |
359 |
> |
2005-09-30 Love Hörnquist Åstrand <lha@it.su.se> |
360 |
|
|
361 |
|
* lib/krb5/keytab_keyfile.c: Use all DES keys, not just |
362 |
|
des-cbc-md5, verify that they all are the same. |
372 |
|
|
373 |
|
* lib/krb5/krb5.h (krb5_cc_ops): add cache iteration functions |
374 |
|
|
375 |
< |
2005-09-25 Love Hörnquist Åstrand <lha@it.su.se> |
375 |
> |
2005-09-25 Love Hörnquist Åstrand <lha@it.su.se> |
376 |
|
|
377 |
|
* lib/krb5/krb5_mk_req.3: Remove leftovers, remove extra space. |
378 |
|
|
385 |
|
store it though), don't check the oid of the DH signedData for |
386 |
|
now. |
387 |
|
|
388 |
< |
2005-09-22 Love Hörnquist Åstrand <lha@it.su.se> |
388 |
> |
2005-09-22 Love Hörnquist Åstrand <lha@it.su.se> |
389 |
|
|
390 |
|
* lib/krb5/rd_cred.c (krb5_rd_cred): try both the session key and |
391 |
|
the sender subkey. Both RFC1510 and RFC4120 say that you have to |
392 |
|
use the session key, Heimdal uses subkey. |
393 |
|
|
394 |
< |
2005-09-21 Love Hörnquist Åstrand <lha@it.su.se> |
394 |
> |
2005-09-21 Love Hörnquist Åstrand <lha@it.su.se> |
395 |
|
|
396 |
|
* lib/krb5/pkinit.c: Don't check oid's too closely, they change in |
397 |
|
Windows Vista. |
398 |
|
|
399 |
< |
2005-09-20 Love Hörnquist Åstrand <lha@it.su.se> |
399 |
> |
2005-09-20 Love Hörnquist Åstrand <lha@it.su.se> |
400 |
|
|
401 |
|
* lib/krb5/pkinit.c: Disable sending -19, fix parsing -27 of the |
402 |
|
protocol. |
406 |
|
* lib/krb5/pkinit.c (pk_verify_chain_standard): set cert to NULL |
407 |
|
to make sure its not freed. |
408 |
|
|
409 |
< |
2005-09-19 Love Hörnquist Åstrand <lha@it.su.se> |
409 |
> |
2005-09-19 Love Hörnquist Åstrand <lha@it.su.se> |
410 |
|
|
411 |
|
* lib/krb5/crypto.c (krb5_DES_string_to_key): If the opaque length |
412 |
|
it set to 1, and content is 0x01, use the afs3 string-to-key. |
417 |
|
|
418 |
|
* lib/krb5/kcm.c: Remove signedness warnings. |
419 |
|
|
420 |
< |
2005-09-15 Love Hörnquist Åstrand <lha@it.su.se> |
420 |
> |
2005-09-15 Love Hörnquist Åstrand <lha@it.su.se> |
421 |
|
|
422 |
|
* configure.in: Use libtool's default values for building |
423 |
|
shared/static libaries, ie remove AC_ENABLE_SHARED(no), solves |
424 |
|
building problems users have on Mac OS X. |
425 |
|
|
426 |
< |
2005-09-08 Love Hörnquist Åstrand <lha@it.su.se> |
426 |
> |
2005-09-08 Love Hörnquist Åstrand <lha@it.su.se> |
427 |
|
|
428 |
|
* lib/krb5/changepw.c: Constify password. |
429 |
|
|
430 |
< |
2005-09-05 Love Hörnquist Åstrand <lha@it.su.se> |
430 |
> |
2005-09-05 Love Hörnquist Åstrand <lha@it.su.se> |
431 |
|
|
432 |
|
* lib/krb5/krb5_mk_req.3: Document krb5_rd_req. |
433 |
|
|
438 |
|
krb5_mk_rep, krb5_mk_rep_exact, krb5_mk_rep_extended, krb5_rd_rep, |
439 |
|
krb5_build_ap_req, krb5_verify_ap_req. |
440 |
|
|
441 |
< |
2005-09-01 Love Hörnquist Åstrand <lha@it.su.se> |
441 |
> |
2005-09-01 Love Hörnquist Åstrand <lha@it.su.se> |
442 |
|
|
443 |
|
* kdc/kerberos5.c (make_etype_info_entry): Dont send salttype at |
444 |
|
all, use KRB5-PADATA-AFS3-SALT |
445 |
|
|
446 |
< |
2005-08-31 Love Hörnquist Åstrand <lha@it.su.se> |
446 |
> |
2005-08-31 Love Hörnquist Åstrand <lha@it.su.se> |
447 |
|
|
448 |
|
* kdc/kerberos5.c (log_timestamp): endtime, not endtype |
449 |
|
|
450 |
< |
2005-08-30 Love Hörnquist Åstrand <lha@it.su.se> |
450 |
> |
2005-08-30 Love Hörnquist Åstrand <lha@it.su.se> |
451 |
|
|
452 |
|
* configure.in: Check for <sys/ucred.h>. |
453 |
|
|
456 |
|
|
457 |
|
* kcm/headers.h: include <sys/ucred.h> |
458 |
|
|
459 |
< |
2005-08-27 Love Hörnquist Åstrand <lha@it.su.se> |
459 |
> |
2005-08-27 Love Hörnquist Åstrand <lha@it.su.se> |
460 |
|
|
461 |
|
* lib/krb5/rd_req.c (check_transited): Allow empty content of type |
462 |
|
0 because that is was Microsoft generates in their TGT. |
464 |
|
* kdc/kerberos5.c (fix_transited_encoding): Allow empty content of |
465 |
|
type 0 because that is was Microsoft enerates in their TGT. |
466 |
|
|
467 |
< |
2005-08-26 Love Hörnquist Åstrand <lha@it.su.se> |
467 |
> |
2005-08-26 Love Hörnquist Åstrand <lha@it.su.se> |
468 |
|
|
469 |
|
* doc/intro.texi: RFC 4120 replaces RFC 1510 |
470 |
|
|
471 |
< |
2005-08-25 Love Hörnquist Åstrand <lha@it.su.se> |
471 |
> |
2005-08-25 Love Hörnquist Åstrand <lha@it.su.se> |
472 |
|
|
473 |
|
* configure.in: Add --disable-afs-support. |
474 |
|
|
475 |
< |
2005-08-23 Love Hörnquist Åstrand <lha@it.su.se> |
475 |
> |
2005-08-23 Love Hörnquist Åstrand <lha@it.su.se> |
476 |
|
|
477 |
|
* lib/krb5/Makefile.am: Add test_hostname to check_PROGRAMS but |
478 |
|
not TESTS, I have no same dns to use. |
492 |
|
krb5_config_free_strings |
493 |
|
(nothing). Mdoc nit. |
494 |
|
|
495 |
< |
2005-08-22 Love Hörnquist Åstrand <lha@it.su.se> |
495 |
> |
2005-08-22 Love Hörnquist Åstrand <lha@it.su.se> |
496 |
|
|
497 |
|
* kuser/klist.c (check_for_tgt): Re-order code so it only free the |
498 |
|
credential if one was returned. |
499 |
|
|
500 |
|
* lib/krb5/test_crypto_wrapping.c: Fix printing of size_t. |
501 |
|
|
502 |
< |
2005-08-19 Love Hörnquist Åstrand <lha@it.su.se> |
502 |
> |
2005-08-19 Love Hörnquist Åstrand <lha@it.su.se> |
503 |
|
|
504 |
|
* lib/hdb/dbinfo.c: provide interface to find databases |
505 |
|
|
506 |
|
* lib/hdb/mkey.c: hdb_seal_key_mkey): dont double encrypt keys |
507 |
|
|
508 |
< |
2005-08-15 Love Hörnquist Åstrand <lha@it.su.se> |
508 |
> |
2005-08-15 Love Hörnquist Åstrand <lha@it.su.se> |
509 |
|
|
510 |
|
* kdc/kdc_locl.h: Update prototype for _kdc_pk_mk_pa_reply. |
511 |
|
|
512 |
< |
2005-08-13 Love Hörnquist Åstrand <lha@it.su.se> |
512 |
> |
2005-08-13 Love Hörnquist Åstrand <lha@it.su.se> |
513 |
|
|
514 |
|
* lib/krb5/init_creds_pw.c: Save the request buffer so that |
515 |
|
pre-auth mechanism that needs it can verify the reply. |
516 |
|
|
517 |
< |
2005-08-12 Love Hörnquist Åstrand <lha@it.su.se> |
517 |
> |
2005-08-12 Love Hörnquist Åstrand <lha@it.su.se> |
518 |
|
|
519 |
|
* lib/krb5/test_mem.c: Rename logf to avoid shadowing. |
520 |
|
|
548 |
|
* kdc/kerberos5.c (_kdc_as_rep): Pass down the request buffer to |
549 |
|
_kdc_pk_mk_pa_reply. |
550 |
|
|
551 |
< |
2005-08-11 Love Hörnquist Åstrand <lha@it.su.se> |
551 |
> |
2005-08-11 Love Hörnquist Åstrand <lha@it.su.se> |
552 |
|
|
553 |
|
* lib/hdb/ext.c: HDB extensions access glue. |
554 |
|
|
570 |
|
|
571 |
|
* lib/hdb/hdb.asn1: Add support for HDB-extension. |
572 |
|
|
573 |
< |
2005-08-10 Love Hörnquist Åstrand <lha@it.su.se> |
573 |
> |
2005-08-10 Love Hörnquist Åstrand <lha@it.su.se> |
574 |
|
|
575 |
|
* lib/krb5/test_pkinit_dh2key.c: add tests vectors from |
576 |
|
"Liqiang(Larry) Zhu" <lzhu@windows.microsoft.com> |
579 |
|
|
580 |
|
* lib/krb5/test_pkinit_dh2key.c: even more bits, not done yet |
581 |
|
|
582 |
< |
2005-08-09 Love Hörnquist Åstrand <lha@it.su.se> |
582 |
> |
2005-08-09 Love Hörnquist Åstrand <lha@it.su.se> |
583 |
|
|
584 |
|
* kdc/kerberos5.c (_kdc_as_rep): preserve the error code in the |
585 |
|
ENC-TS case. From: Andrew Bartlett <abartlet@samba.org> |
603 |
|
instead of letting them slip though to d->cursor. Bug repport from |
604 |
|
Andrew Bartlett <abartlet@samba.org> |
605 |
|
|
606 |
< |
2005-07-29 Love Hörnquist Åstrand <lha@it.su.se> |
606 |
> |
2005-07-29 Love Hörnquist Åstrand <lha@it.su.se> |
607 |
|
|
608 |
|
* kdc/Makefile.am (kdc_LDADD): add LDADD |
609 |
|
|
610 |
< |
2005-07-28 Love Hörnquist Åstrand <lha@it.su.se> |
610 |
> |
2005-07-28 Love Hörnquist Åstrand <lha@it.su.se> |
611 |
|
|
612 |
|
* kdc/kerberos5.c (_kdc_as_rep): log what enctypes was using in |
613 |
|
ENC-TS preauth, both for failure and success. |
621 |
|
keyusage 0 in case the key was encrypted with MIT Kerberos (old |
622 |
|
patch from Johan) |
623 |
|
|
624 |
< |
2005-07-26 Love Hörnquist Åstrand <lha@it.su.se> |
624 |
> |
2005-07-26 Love Hörnquist Åstrand <lha@it.su.se> |
625 |
|
|
626 |
|
* kdc/pkinit.c: update to pkinit-27 |
627 |
|
|
628 |
< |
2005-07-23 Love Hörnquist Åstrand <lha@it.su.se> |
628 |
> |
2005-07-23 Love Hörnquist Åstrand <lha@it.su.se> |
629 |
|
|
630 |
|
* lib/krb5/pkinit.c: Adapt to IMPLICIT changes in CMS module. |
631 |
|
|
632 |
< |
2005-07-20 Love Hörnquist Åstrand <lha@it.su.se> |
632 |
> |
2005-07-20 Love Hörnquist Åstrand <lha@it.su.se> |
633 |
|
|
634 |
|
* lib/krb5/test_pkinit_dh2key.c: framework for testing |
635 |
|
_krb5_pk_octetstring2key |
643 |
|
* lib/krb5/crypto.c (_krb5_pk_octetstring2key): make sha1 output |
644 |
|
unsigned char to match openssl |
645 |
|
|
646 |
< |
2005-07-14 Love Hörnquist Åstrand <lha@it.su.se> |
646 |
> |
2005-07-14 Love Hörnquist Åstrand <lha@it.su.se> |
647 |
|
|
648 |
|
* lib/hdb/common.c: Check encoder lengths from ASN1_MALLOC_ENCODE. |
649 |
|
|
650 |
< |
2005-07-13 Love Hörnquist Åstrand <lha@it.su.se> |
650 |
> |
2005-07-13 Love Hörnquist Åstrand <lha@it.su.se> |
651 |
|
|
652 |
|
* lib/krb5/rd_cred.c (krb5_rd_cred): don't leak memory |
653 |
|
|
654 |
|
* lib/krb5/get_cred.c (krb5_get_credentials_with_flags): only call |
655 |
|
krb5_cc_retrieve_cred once, and plug memory leak. |
656 |
|
|
657 |
< |
2005-07-13 Love Hörnquist Åstrand <lha@it.su.se> |
657 |
> |
2005-07-13 Love Hörnquist Åstrand <lha@it.su.se> |
658 |
|
|
659 |
|
* lib/hdb/Makefile.am: the new asn.1 compiler includes the modules |
660 |
|
name in the depend file |
667 |
|
|
668 |
|
* lib/krb5/crypto.c (_krb5_pk_octetstring2key): fix arguments |
669 |
|
|
670 |
< |
2005-07-12 Love Hörnquist Åstrand <lha@it.su.se> |
670 |
> |
2005-07-12 Love Hörnquist Åstrand <lha@it.su.se> |
671 |
|
|
672 |
|
* lib/krb5/pkinit.c: clean up pk-init DH support, not finished |
673 |
|
yet; improve error reporting |
684 |
|
support for tags. This compiler support most of what is needed for |
685 |
|
PK-INIT, LDAP, X.509, PKCS-12 and many other protocols. |
686 |
|
|
687 |
< |
2005-07-10 Love Hörnquist Åstrand <lha@it.su.se> |
687 |
> |
2005-07-10 Love Hörnquist Åstrand <lha@it.su.se> |
688 |
|
|
689 |
|
* lib/asn1: make scope variables unique to avoid shadow warnings |
690 |
|
|
691 |
< |
2005-07-09 Love Hörnquist Åstrand <lha@it.su.se> |
691 |
> |
2005-07-09 Love Hörnquist Åstrand <lha@it.su.se> |
692 |
|
|
693 |
|
* lib/krb5/krb5.h: comment out paramenter name in typedef |
694 |
|
functions to avoid shadow warnings |
711 |
|
|
712 |
|
* lib/krb5/test_crypto.c (time_encryption): free cleartext buffer |
713 |
|
|
714 |
< |
2005-07-08 Love Hörnquist Åstrand <lha@it.su.se> |
714 |
> |
2005-07-08 Love Hörnquist Åstrand <lha@it.su.se> |
715 |
|
|
716 |
|
* configure.in: run AM_INIT_AUTOMAKE before AM_PROG_CC_C_O |
717 |
|
otherwise am_aux_dir will be expanded using ac_aux_dir before the |
724 |
|
|
725 |
|
* configure.in: add AM_PROG_CC_C_O for automake 1.9 |
726 |
|
|
727 |
< |
2005-07-06 Love Hörnquist Åstrand <lha@it.su.se> |
727 |
> |
2005-07-06 Love Hörnquist Åstrand <lha@it.su.se> |
728 |
|
|
729 |
|
* lib/krb5/keytab.c (krb5_kt_get_entry): clear error string when |
730 |
|
returning a new error |
735 |
|
* lib/krb5/verify_init.c (krb5_verify_init_creds): `entry' unused, |
736 |
|
remove From: "Henry B. Hotz" <hotz@jpl.nasa.gov> |
737 |
|
|
738 |
< |
2005-07-05 Love Hörnquist Åstrand <lha@it.su.se> |
738 |
> |
2005-07-05 Love Hörnquist Åstrand <lha@it.su.se> |
739 |
|
|
740 |
|
* doc/win2k.texi: arcfour-hmac-md5 support for windows cross was |
741 |
|
added in w2k3-sp1 From David Love |
747 |
|
|
748 |
|
* fix-export: build kdc-protos.h |
749 |
|
|
750 |
< |
2005-07-01 Love Hörnquist Åstrand <lha@it.su.se> |
750 |
> |
2005-07-01 Love Hörnquist Åstrand <lha@it.su.se> |
751 |
|
|
752 |
|
* kdc: prefix pkinit symbols with _kdc |
753 |
|
|
757 |
|
|
758 |
|
* kdc: adapt pkinit code to libkdc split |
759 |
|
|
760 |
< |
2005-06-30 Love Hörnquist Åstrand <lha@it.su.se> |
760 |
> |
2005-06-30 Love Hörnquist Åstrand <lha@it.su.se> |
761 |
|
|
762 |
|
* tools/Makefile.am: add depency on LIB_dlopen and LIB_door_create |
763 |
|
|
781 |
|
* configure.in: add --disable-afs-string-to-key to allow removal |
782 |
|
of support for afs string2key (and dependency on crypt) |
783 |
|
|
784 |
< |
2005-06-29 Love Hörnquist Åstrand <lha@it.su.se> |
784 |
> |
2005-06-29 Love Hörnquist Åstrand <lha@it.su.se> |
785 |
|
|
786 |
|
* kdc/kerberos5.c: Add logging of all timestamps in AS-REQ and |
787 |
|
TGS-REQ, for auditing |
798 |
|
* kcm/connect.c: don't send socket address in msghdr, it |
799 |
|
returns an already connected error on Linux |
800 |
|
|
801 |
< |
2005-06-24 Love Hörnquist Åstrand <lha@it.su.se> |
801 |
> |
2005-06-24 Love Hörnquist Åstrand <lha@it.su.se> |
802 |
|
|
803 |
|
* kdc/524.c: Always include <krb5-v4compat.h>. |
804 |
|
|
805 |
< |
2005-06-23 Love Hörnquist Åstrand <lha@it.su.se> |
805 |
> |
2005-06-23 Love Hörnquist Åstrand <lha@it.su.se> |
806 |
|
|
807 |
|
* doc/intro.texi: no more libdes, gssapi lib is complete |
808 |
|
|
821 |
|
|
822 |
|
* lib/hdb/db.c (DB_open): in case of error, close database |
823 |
|
|
824 |
< |
2005-06-20 Love Hörnquist Åstrand <lha@it.su.se> |
824 |
> |
2005-06-20 Love Hörnquist Åstrand <lha@it.su.se> |
825 |
|
|
826 |
|
* kcm/kcm.8: fix example |
827 |
|
|
828 |
< |
2005-06-17 Love Hörnquist Åstrand <lha@it.su.se> |
828 |
> |
2005-06-17 Love Hörnquist Åstrand <lha@it.su.se> |
829 |
|
|
830 |
|
* lib/krb5/rd_rep.c: indent |
831 |
|
|
884 |
|
|
885 |
|
* lib/krb5/crypto.c: rename `encrypt' to avoid shadow warning |
886 |
|
|
887 |
< |
2005-06-16 Love Hörnquist Åstrand <lha@it.su.se> |
887 |
> |
2005-06-16 Love Hörnquist Åstrand <lha@it.su.se> |
888 |
|
|
889 |
|
* lib/krb5/principal.c: rename index to idx |
890 |
|
|
944 |
|
* kdc/kerberos5.c (tgs_rep2): rename loop to nloop to avoid shadow |
945 |
|
warning |
946 |
|
|
947 |
< |
2005-06-15 Love Hörnquist Åstrand <lha@it.su.se> |
947 |
> |
2005-06-15 Love Hörnquist Åstrand <lha@it.su.se> |
948 |
|
|
949 |
|
* Release 0.7, see branch |
950 |
|
|
951 |
< |
2005-06-14 Love Hörnquist Åstrand <lha@it.su.se> |
951 |
> |
2005-06-14 Love Hörnquist Åstrand <lha@it.su.se> |
952 |
|
|
953 |
|
* lib/krb5/Makefile.am: TESTS += test_mem libkrb5_la_SOURCES += |
954 |
|
kcm.h |
966 |
|
* lib/krb5/verify_krb5_conf.c: Add more missig entires, from |
967 |
|
Mathias Feiler <feiler@uni-hohenheim.de> |
968 |
|
|
969 |
< |
2005-06-11 Love Hörnquist Åstrand <lha@it.su.se> |
969 |
> |
2005-06-11 Love Hörnquist Åstrand <lha@it.su.se> |
970 |
|
|
971 |
|
* kdc/pkinit.c (pk_principal_from_X509): remember to free |
972 |
|
KRB5PrincipalName |
974 |
|
* lib/krb5/log.c (krb5_closelog): free all content in |
975 |
|
krb5_log_facility |
976 |
|
|
977 |
< |
2005-06-08 Love Hörnquist Åstrand <lha@it.su.se> |
977 |
> |
2005-06-08 Love Hörnquist Åstrand <lha@it.su.se> |
978 |
|
|
979 |
|
* kdc/524.c: init kvno to please gcc |
980 |
|
|
993 |
|
|
994 |
|
* kcm/kcm_locl.h (disallow_getting_krbtgt): Declare. |
995 |
|
|
996 |
< |
2005-06-02 Love Hörnquist Åstrand <lha@it.su.se> |
996 |
> |
2005-06-02 Love Hörnquist Åstrand <lha@it.su.se> |
997 |
|
|
998 |
|
* kdc/mit_dump.c (mit_prop_dump): cast argument to |
999 |
|
krb5_parse_principal to avoid warning |
1002 |
|
mit_KRB5_TL_MOD_PRINC to hint its a constant originating from mit |
1003 |
|
codebase |
1004 |
|
|
1005 |
< |
2005-06-01 Love Hörnquist Åstrand <lha@it.su.se> |
1005 |
> |
2005-06-01 Love Hörnquist Åstrand <lha@it.su.se> |
1006 |
|
|
1007 |
|
* lib/krb5/store.c: If we are allocating 0 entires, avoid failing |
1008 |
|
if ALLOC returns NULL |
1012 |
|
* lib/krb5/cache.c: When returning a new error code, set error |
1013 |
|
string. |
1014 |
|
|
1015 |
< |
2005-05-31 Love Hörnquist Åstrand <lha@it.su.se> |
1015 |
> |
2005-05-31 Love Hörnquist Åstrand <lha@it.su.se> |
1016 |
|
|
1017 |
|
* lib/krb5/keytab_file.c: Adapt to changed signature of |
1018 |
|
_krb5_xunlock, clear more error string where needed. |
1020 |
|
* lib/krb5/fcache.c (_krb5_xunlock): catch the error and turn it |
1021 |
|
into something sensable |
1022 |
|
|
1023 |
< |
2005-05-30 Love Hörnquist Åstrand <lha@it.su.se> |
1023 |
> |
2005-05-30 Love Hörnquist Åstrand <lha@it.su.se> |
1024 |
|
|
1025 |
|
* kdc/kerberos5.c (tgs_make_reply): copy ok-as-delegate flag from |
1026 |
|
server entry to encrypted ticket flags |
1036 |
|
* kdc/main.c (sigterm): set exit_flag to signal causing exit; |
1037 |
|
(main): trap SIGXCPU |
1038 |
|
|
1039 |
< |
2005-05-30 Love Hörnquist Åstrand <lha@it.su.se> |
1039 |
> |
2005-05-30 Love Hörnquist Åstrand <lha@it.su.se> |
1040 |
|
|
1041 |
|
* kcm/kcm.8: document --disallow-getting-krbtgt and --door-path |
1042 |
|
|
1056 |
|
* kcm/events.c: if credentials have expired when attempting |
1057 |
|
to renew, attempt to reacquire them using initial creds |
1058 |
|
|
1059 |
< |
2005-05-29 Love Hörnquist Åstrand <lha@it.su.se> |
1059 |
> |
2005-05-29 Love Hörnquist Åstrand <lha@it.su.se> |
1060 |
|
|
1061 |
< |
* lib/krb5/krb5_principal.3: Spelling, from Björn Sandell |
1061 |
> |
* lib/krb5/krb5_principal.3: Spelling, from Björn Sandell |
1062 |
|
|
1063 |
< |
* doc/setup.texi: spelling, from Björn Sandell |
1063 |
> |
* doc/setup.texi: spelling, from Björn Sandell |
1064 |
|
|
1065 |
|
* lib/krb5/name-45-test.c: XXX don't run the test unless the |
1066 |
|
machine is in kth.se or su.se because it depends on local resolver |
1124 |
|
|
1125 |
|
* kcm/connect.c: add LOCAL_PEERCRED and experimental doors support |
1126 |
|
|
1127 |
< |
2005-05-27 Love Hörnquist Åstrand <lha@it.su.se> |
1127 |
> |
2005-05-27 Love Hörnquist Åstrand <lha@it.su.se> |
1128 |
|
|
1129 |
|
* appl/kf/kfd.c: case uid_t to unsigned long in printf format |
1130 |
|
|
1131 |
< |
2005-05-25 Love Hörnquist Åstrand <lha@it.su.se> |
1131 |
> |
2005-05-25 Love Hörnquist Åstrand <lha@it.su.se> |
1132 |
|
|
1133 |
|
* lib/krb5/krb5_auth_context.3: remove trailing space |
1134 |
|
|
1135 |
< |
2005-05-24 Love Hörnquist Åstrand <lha@it.su.se> |
1135 |
> |
2005-05-24 Love Hörnquist Åstrand <lha@it.su.se> |
1136 |
|
|
1137 |
|
* kcm/connect.c (do_request): use sendmsg to send the reply |
1138 |
|
|
1159 |
|
|
1160 |
|
* kcm/kcm.8: KRB5CCNAME needs an literal uid, not ${uid}, spelling |
1161 |
|
|
1162 |
< |
2005-05-23 Love Hörnquist Åstrand <lha@it.su.se> |
1162 |
> |
2005-05-23 Love Hörnquist Åstrand <lha@it.su.se> |
1163 |
|
|
1164 |
|
* kcm/protocol.c: Merge the description and function jumptables |
1165 |
|
into one structure. Use the length of the array when checking if |
1180 |
|
|
1181 |
|
* kdc/main.c: Don't test HAVE_DAEMON since roken supplies it. |
1182 |
|
|
1183 |
< |
2005-05-23 Love Hörnquist Åstrand <lha@it.su.se> |
1183 |
> |
2005-05-23 Love Hörnquist Åstrand <lha@it.su.se> |
1184 |
|
|
1185 |
|
* lib/krb5/krb5_keytab.3: document WRFILE and JAVA14 |
1186 |
|
|
1187 |
< |
2005-05-20 Love Hörnquist Åstrand <lha@it.su.se> |
1187 |
> |
2005-05-20 Love Hörnquist Åstrand <lha@it.su.se> |
1188 |
|
|
1189 |
|
* lib/krb5/krbhst.c (srv_get_hosts): if srv_get_hosts failes, |
1190 |
|
return and ignore the error |
1194 |
|
|
1195 |
|
* lib/krb5/test_keytab.c: tests all keytab format |
1196 |
|
|
1197 |
< |
2005-05-19 Love Hörnquist Åstrand <lha@it.su.se> |
1197 |
> |
2005-05-19 Love Hörnquist Åstrand <lha@it.su.se> |
1198 |
|
|
1199 |
|
* lib/krb5/pkinit.c (_krb5_pk_rd_pa_reply): non non asn1 decoding |
1200 |
|
errors, fail. Make sure we free memory on error. |
1229 |
|
krb5_kt_free_entry after each fkt_next_entry_int. From: Wynn |
1230 |
|
Wilkes <wwilkes@vintela.com> |
1231 |
|
|
1232 |
< |
2005-05-18 Love Hörnquist Åstrand <lha@it.su.se> |
1232 |
> |
2005-05-18 Love Hörnquist Åstrand <lha@it.su.se> |
1233 |
|
|
1234 |
|
* lib/krb5/Makefile.am: TESTS += test_keytab |
1235 |
|
|
1257 |
|
|
1258 |
|
* lib/krb5/krb5.3: add krb5_cc_new_unique |
1259 |
|
|
1260 |
< |
2005-05-17 Love Hörnquist Åstrand <lha@it.su.se> |
1260 |
> |
2005-05-17 Love Hörnquist Åstrand <lha@it.su.se> |
1261 |
|
|
1262 |
|
* lib/krb5/fcache.c (fcc_get_first): check return value from |
1263 |
|
malloc, memset the structure, make sure cursor doesn't point to |
1285 |
|
be unencrypted, for compatibility with mit kerberos and java |
1286 |
|
kerberos. krb5_javakt_ops: export |
1287 |
|
|
1288 |
< |
2005-05-16 Love Hörnquist Åstrand <lha@it.su.se> |
1288 |
> |
2005-05-16 Love Hörnquist Åstrand <lha@it.su.se> |
1289 |
|
|
1290 |
|
* lib/krb5/keytab_file.c: Add new keytab file format JAVA14 that |
1291 |
|
doesn't the use extended kvnos, as hinted, this is needed for |
1292 |
|
Java's Kerberos implementation. |
1293 |
|
|
1294 |
< |
2005-05-10 Love Hörnquist Åstrand <lha@it.su.se> |
1294 |
> |
2005-05-10 Love Hörnquist Åstrand <lha@it.su.se> |
1295 |
|
|
1296 |
|
* lib/krb5/pkinit.c: handle pkinit-9, pkinit-19, and pkinit-25 |
1297 |
|
enckey, still no DH |
1309 |
|
|
1310 |
|
* lib/krb5/{krb5_compare_creds.3,krb5_get_init_creds.3, |
1311 |
|
krb5_krbhst_init.3,krb5_storage.3}: |
1312 |
< |
make more pretty, from Björn Sandell |
1312 |
> |
make more pretty, from Björn Sandell |
1313 |
|
|
1314 |
|
2005-05-09 Dave Love <fx@gnu.org> |
1315 |
|
|
1316 |
|
* doc/setup.texi: Fix and clarify password quality check examples. |
1317 |
|
|
1318 |
< |
2005-05-09 Love Hörnquist Åstrand <lha@it.su.se> |
1318 |
> |
2005-05-09 Love Hörnquist Åstrand <lha@it.su.se> |
1319 |
|
|
1320 |
|
* lib/krb5/kuserok.c (krb5_kuserok): use POSIX_GETPWNAM_R instead |
1321 |
|
of HAVE_GETPWNAM_R From: Dave Love <d.love@dl.ac.uk> |
1322 |
|
|
1323 |
< |
2005-05-07 Love Hörnquist Åstrand <lha@it.su.se> |
1323 |
> |
2005-05-07 Love Hörnquist Åstrand <lha@it.su.se> |
1324 |
|
|
1325 |
|
* lib/krb5/addr_families.c (krb5_print_address): catch when the |
1326 |
< |
unknown adress don't fit. From Björn Sandell <biorn@dce.chalmers.se> |
1326 |
> |
unknown adress don't fit. From Björn Sandell <biorn@dce.chalmers.se> |
1327 |
|
|
1328 |
|
2005-05-05 Dave Love <d.love@dl.ac.uk> |
1329 |
|
|
1330 |
|
* configure.in: fix type right test, include <termios.h> for |
1331 |
|
sys/strtty.h, not sys/ptyvar.h |
1332 |
|
|
1333 |
< |
2005-05-05 Love Hörnquist Åstrand <lha@it.su.se> |
1333 |
> |
2005-05-05 Love Hörnquist Åstrand <lha@it.su.se> |
1334 |
|
|
1335 |
|
* lib/krb5/krb5.conf.5: spelling |
1336 |
|
|
1337 |
< |
2005-05-04 Love Hörnquist Åstrand <lha@it.su.se> |
1337 |
> |
2005-05-04 Love Hörnquist Åstrand <lha@it.su.se> |
1338 |
|
|
1339 |
|
* lib/krb5/krb5.conf.5: expand on what "trailing component" means |
1340 |
|
|
1349 |
|
* lib/krb5/kuserok.c: check the user's ~/.k5login.d directory for |
1350 |
|
access files, all of which is handled like the regular ~/.k5login |
1351 |
|
|
1352 |
< |
2005-05-03 Love Hörnquist Åstrand <lha@it.su.se> |
1352 |
> |
2005-05-03 Love Hörnquist Åstrand <lha@it.su.se> |
1353 |
|
|
1354 |
|
* doc/ack.texi: Clearify what version of libdes we are using and |
1355 |
|
who's code in it we are using. |
1367 |
|
|
1368 |
|
* configure.in: sys/tty.h (for sys/ptyvar.h) might need termios.h. |
1369 |
|
|
1370 |
< |
2005-05-02 Love Hörnquist Åstrand <lha@it.su.se> |
1370 |
> |
2005-05-02 Love Hörnquist Åstrand <lha@it.su.se> |
1371 |
|
|
1372 |
|
* tools/krb5-config.in: add com_err to required libs |
1373 |
|
|
1384 |
|
* lib/krb5/crypto.c: Don't declare des_salt &c as static with |
1385 |
|
incomplete type (invalid in c89, at least). |
1386 |
|
|
1387 |
< |
2005-05-02 Love Hörnquist Åstrand <lha@it.su.se> |
1387 |
> |
2005-05-02 Love Hörnquist Åstrand <lha@it.su.se> |
1388 |
|
|
1389 |
|
* lib/krb5/krb5_locl.h: include <crypt.h> |
1390 |
|
|
1394 |
|
namespace collision. |
1395 |
|
(handle_stream): Cast arg of krb5_warnx. |
1396 |
|
|
1397 |
< |
2005-04-30 Love Hörnquist Åstrand <lha@it.su.se> |
1397 |
> |
2005-04-30 Love Hörnquist Åstrand <lha@it.su.se> |
1398 |
|
|
1399 |
|
* lib/krb5/init_creds_pw.c: if we are using PKINIT, strip of the |
1400 |
|
highest bit to make windows PK-INIT happy. Also make the nonces |
1418 |
|
|
1419 |
|
* lib/krb5/Makefile.am: use LIB_com_err for libkrb5.la |
1420 |
|
|
1421 |
< |
2005-04-29 Love Hörnquist Åstrand <lha@it.su.se> |
1421 |
> |
2005-04-29 Love Hörnquist Åstrand <lha@it.su.se> |
1422 |
|
|
1423 |
|
* lib/asn1/Makefile.am: use $(LIB_com_err) |
1424 |
|
|
1425 |
< |
2005-04-28 Love Hörnquist Åstrand <lha@it.su.se> |
1425 |
> |
2005-04-28 Love Hörnquist Åstrand <lha@it.su.se> |
1426 |
|
|
1427 |
|
* lib/krb5/context.c (krb5_set_config_files): ignore permission |
1428 |
|
denied on configuration files, user might not be allowed to read |
1433 |
|
* lib/krb5/krb5_locl.h: define _POSIX_PTHREAD_SEMANTICS so we get |
1434 |
|
posix getpwnam_r |
1435 |
|
|
1436 |
< |
2005-04-25 Love Hörnquist Åstrand <lha@it.su.se> |
1436 |
> |
2005-04-25 Love Hörnquist Åstrand <lha@it.su.se> |
1437 |
|
|
1438 |
|
* lib/asn1/gen_glue.c: switch the units variable to a |
1439 |
|
function. gcc-4.1 needs the size of the structure if its defined |
1440 |
|
as extern struct units foo_units[] an we don't want to include |
1441 |
|
<parse_units.h> in the generate headerfile |
1442 |
|
|
1443 |
< |
2005-04-25 Love Hörnquist Åstrand <lha@it.su.se> |
1443 |
> |
2005-04-25 Love Hörnquist Åstrand <lha@it.su.se> |
1444 |
|
|
1445 |
|
* lib/hdb/hdb.schema: add EQUALITY rule for krb5ValidStart, |
1446 |
|
krb5ValidEnd, krb5PasswordEnd From Howard Chu |
1447 |
|
|
1448 |
< |
2005-04-24 Love Hörnquist Åstrand <lha@it.su.se> |
1448 |
> |
2005-04-24 Love Hörnquist Åstrand <lha@it.su.se> |
1449 |
|
|
1450 |
|
* doc/whatis.texi: comment out docbook stuff for now |
1451 |
|
|
1488 |
|
* doc/heimdal.texi: change the wrapping around the Top node to |
1489 |
|
ifnottex, make html generation work |
1490 |
|
|
1491 |
< |
* lib/krb5/krb5_krbhst_init.3: spelling, from Björn Sandell |
1491 |
> |
* lib/krb5/krb5_krbhst_init.3: spelling, from Björn Sandell |
1492 |
|
<biorn@dce.chalmers.se> |
1493 |
|
|
1494 |
< |
* lib/krb5/krb5_get_krbhst.3: spelling, from Björn Sandell |
1494 |
> |
* lib/krb5/krb5_get_krbhst.3: spelling, from Björn Sandell |
1495 |
|
<biorn@dce.chalmers.se> |
1496 |
|
|
1497 |
< |
* lib/krb5/krb5_data.3: spelling, from Björn Sandell |
1497 |
> |
* lib/krb5/krb5_data.3: spelling, from Björn Sandell |
1498 |
|
<biorn@dce.chalmers.se> |
1499 |
|
|
1500 |
< |
* lib/krb5/krb5_aname_to_localname.3: spelling, from Björn Sandell |
1500 |
> |
* lib/krb5/krb5_aname_to_localname.3: spelling, from Björn Sandell |
1501 |
|
<biorn@dce.chalmers.se> |
1502 |
|
|
1503 |
< |
* lib/krb5/krb5_address.3: spelling, from Björn Sandell |
1503 |
> |
* lib/krb5/krb5_address.3: spelling, from Björn Sandell |
1504 |
|
<biorn@dce.chalmers.se> |
1505 |
|
|
1506 |
< |
2005-04-23 Love Hörnquist Åstrand <lha@it.su.se> |
1506 |
> |
2005-04-23 Love Hörnquist Åstrand <lha@it.su.se> |
1507 |
|
|
1508 |
|
* kdc/config.c: Use the new Kerberos 4 functions in libkrb5 and so |
1509 |
|
kerberos 4 is always compiled in (still default disabled) |
1521 |
|
|
1522 |
|
* lib/krb5/krb5-v4compat.h: add more v4 defines |
1523 |
|
|
1524 |
< |
2005-04-22 Love Hörnquist Åstrand <lha@it.su.se> |
1524 |
> |
2005-04-22 Love Hörnquist Åstrand <lha@it.su.se> |
1525 |
|
|
1526 |
|
* kpasswd/kpasswdd.c: Support multi-realms databases, requires |
1527 |
|
that all the realms are configured on the KDC in krb5.conf with |
1528 |
|
[libdefaults]default_realm stanzas. |
1529 |
|
|
1530 |
< |
2005-04-21 Love Hörnquist Åstrand <lha@it.su.se> |
1530 |
> |
2005-04-21 Love Hörnquist Åstrand <lha@it.su.se> |
1531 |
|
|
1532 |
|
* kdc/kerberos5.c: spell succeeded correctly, From Sean Chittenden |
1533 |
|
|
1534 |
|
* lib/krb5/addr_families.c: catch two more snprintf problems |
1535 |
|
|
1536 |
< |
2005-04-20 Love Hörnquist Åstrand <lha@it.su.se> |
1536 |
> |
2005-04-20 Love Hörnquist Åstrand <lha@it.su.se> |
1537 |
|
|
1538 |
|
* lib/hdb/Makefile.am: this lib include com_err, add -com_err to |
1539 |
|
CHECK_SYMBOLS |
1541 |
|
* appl/test/http_client.c: cast ssize_t to unsigned long, fix |
1542 |
|
printf format |
1543 |
|
|
1544 |
< |
2005-04-19 Love Hörnquist Åstrand <lha@it.su.se> |
1544 |
> |
2005-04-19 Love Hörnquist Åstrand <lha@it.su.se> |
1545 |
|
|
1546 |
|
* lib/krb5/kuserok.c: use asprintf to avoid truncating pathnames |
1547 |
|
|
1563 |
|
|
1564 |
|
* lib/krb5/test_kuserok.c: test program for krb5_kuserok |
1565 |
|
|
1566 |
< |
2005-04-18 Love Hörnquist Åstrand <lha@it.su.se> |
1566 |
> |
2005-04-18 Love Hörnquist Åstrand <lha@it.su.se> |
1567 |
|
|
1568 |
|
* lib/krb5/acache.c (acc_resolve): if open_default_ccache failed |
1569 |
|
with ccErrCCacheNotFound try again with create_default_ccache, |
1580 |
|
* include/make_crypto.c: cast to unsigned char to make sure its |
1581 |
|
not negative when passing it to is* functions |
1582 |
|
|
1583 |
< |
2005-04-15 Love Hörnquist Åstrand <lha@it.su.se> |
1583 |
> |
2005-04-15 Love Hörnquist Åstrand <lha@it.su.se> |
1584 |
|
|
1585 |
|
* doc/programming.texi: remove manpage macro, add some more |
1586 |
|
references to manpages |
1594 |
|
|
1595 |
|
* lib/krb5/krb5_keyblock.3: document krb5_keyblock_init |
1596 |
|
|
1597 |
< |
2005-04-14 Love Hörnquist Åstrand <lha@it.su.se> |
1597 |
> |
2005-04-14 Love Hörnquist Åstrand <lha@it.su.se> |
1598 |
|
|
1599 |
|
* kdc/kaserver.c: AUTHENTICATE and AUTHENTICATE_V2 is almost the |
1600 |
|
same, and clients |
1604 |
|
* lib/krb5/keyblock.c: Add krb5_keyblock_init to allocate an fill |
1605 |
|
in a keyblock from key data. |
1606 |
|
|
1607 |
< |
2005-04-12 Love Hörnquist Åstrand <lha@it.su.se> |
1607 |
> |
2005-04-12 Love Hörnquist Åstrand <lha@it.su.se> |
1608 |
|
|
1609 |
|
* configure.in: rk_WIN32_EXPORT for roken |
1610 |
|
|
1611 |
< |
2005-04-10 Love Hörnquist Åstrand <lha@it.su.se> |
1611 |
> |
2005-04-10 Love Hörnquist Åstrand <lha@it.su.se> |
1612 |
|
|
1613 |
|
* appl/test/gssapi_server.c: print out client principla of |
1614 |
|
delegated credential |
1615 |
|
|
1616 |
< |
2005-04-07 Love Hörnquist Åstrand <lha@it.su.se> |
1616 |
> |
2005-04-07 Love Hörnquist Åstrand <lha@it.su.se> |
1617 |
|
|
1618 |
|
* lib/krb5/init_creds_pw.c (process_pa_data_to_key): also check |
1619 |
|
for KRB5_PADATA_PK_AS_REP_19, From: Douglas Engert |
1620 |
|
|
1621 |
< |
2005-04-07 Love Hörnquist Åstrand <lha@it.su.se> |
1621 |
> |
2005-04-07 Love Hörnquist Åstrand <lha@it.su.se> |
1622 |
|
|
1623 |
|
* .cvsignore: ignore more generate files |
1624 |
|
|
1625 |
< |
2005-04-04 Love Hörnquist Åstrand <lha@it.su.se> |
1625 |
> |
2005-04-04 Love Hörnquist Åstrand <lha@it.su.se> |
1626 |
|
|
1627 |
|
* lib/asn1/check-der.c: use size_t, print size_t by casting to |
1628 |
|
unsigned long |
1645 |
|
between PA-PK-AS-REP-19 and PA-PK-AS-REQ-Win2k, try harder to |
1646 |
|
verify both cases |
1647 |
|
|
1648 |
< |
2005-04-03 Love Hörnquist Åstrand <lha@it.su.se> |
1648 |
> |
2005-04-03 Love Hörnquist Åstrand <lha@it.su.se> |
1649 |
|
|
1650 |
|
* appl/test/uu_client.c: print size_t by casting to unsigned long |
1651 |
|
|
1670 |
|
* lib/asn1/gen.c: avoid const string warnings steming from |
1671 |
|
writeable-string |
1672 |
|
|
1673 |
< |
2005-03-28 Love Hörnquist Åstrand <lha@it.su.se> |
1673 |
> |
2005-03-28 Love Hörnquist Åstrand <lha@it.su.se> |
1674 |
|
|
1675 |
|
* lib/krb5/Makefile.am: TESTS += test_addr |
1676 |
|
|
1683 |
|
* lib/krb5/krb5_keytab.3: stop memory leak in example, expand on |
1684 |
|
wildcards |
1685 |
|
|
1686 |
< |
2005-03-26 Love Hörnquist Åstrand <lha@it.su.se> |
1686 |
> |
2005-03-26 Love Hörnquist Åstrand <lha@it.su.se> |
1687 |
|
|
1688 |
|
* lib/krb5/krb5_principal.3: spelling, from Tomas Olsson |
1689 |
|
|
1690 |
|
* lib/krb5/krb5_warn.3: spelling, from Tomas Olsson |
1691 |
|
|
1692 |
< |
2005-03-19 Love Hörnquist Åstrand <lha@it.su.se> |
1692 |
> |
2005-03-19 Love Hörnquist Åstrand <lha@it.su.se> |
1693 |
|
|
1694 |
|
* lib/krb5/acache.c: add mutex for global variables, clean up |
1695 |
|
returned error codes, implement storing addresses into the ccapi |
1708 |
|
* appl/test/http_client.c: Make constent with rest of the gssapi |
1709 |
|
test programs |
1710 |
|
|
1711 |
< |
2005-03-17 Love Hörnquist Åstrand <lha@it.su.se> |
1711 |
> |
2005-03-17 Love Hörnquist Åstrand <lha@it.su.se> |
1712 |
|
|
1713 |
|
* lib/hdb/keys.c: AES is enabled by default, remove ifdefs |
1714 |
|
|
1719 |
|
|
1720 |
|
* kdc/kerberos5.c: AES is enabled by default, remove ifdefs |
1721 |
|
|
1722 |
< |
2005-03-16 Love Hörnquist Åstrand <lha@it.su.se> |
1722 |
> |
2005-03-16 Love Hörnquist Åstrand <lha@it.su.se> |
1723 |
|
|
1724 |
|
* doc/setup.texi: Add some text about modifying the database |
1725 |
|
|
1726 |
< |
2005-03-15 Love Hörnquist Åstrand <lha@it.su.se> |
1726 |
> |
2005-03-15 Love Hörnquist Åstrand <lha@it.su.se> |
1727 |
|
|
1728 |
|
* kuser/kinit.c: widen lifetime/renewal warning text field, also |
1729 |
|
make use of unparse_time_approx, no need to be specific to the |
1737 |
|
* lib/krb5/crypto.c: fix signedness issues, prompted by report of |
1738 |
|
Magnus Ahltorp |
1739 |
|
|
1740 |
< |
2005-03-13 Love Hörnquist Åstrand <lha@it.su.se> |
1740 |
> |
2005-03-13 Love Hörnquist Åstrand <lha@it.su.se> |
1741 |
|
|
1742 |
|
* lib/krb5/krb5_keytab.3: more text about how to free returned |
1743 |
|
resources |
1744 |
|
|
1745 |
< |
2005-03-10 Love Hörnquist Åstrand <lha@it.su.se> |
1745 |
> |
2005-03-10 Love Hörnquist Åstrand <lha@it.su.se> |
1746 |
|
|
1747 |
|
* lib/krb5/pkinit.c: handle the -25 generation path |
1748 |
|
|
1750 |
|
|
1751 |
|
* lib/krb5/pkinit.c: fold in pk-init-25 asn1 changes |
1752 |
|
|
1753 |
< |
2005-03-09 Love Hörnquist Åstrand <lha@it.su.se> |
1753 |
> |
2005-03-09 Love Hörnquist Åstrand <lha@it.su.se> |
1754 |
|
|
1755 |
|
* kdc/pkinit.c: use generated oid's |
1756 |
|
|
1757 |
|
* lib/krb5/pkinit.c: use generated oid's |
1758 |
|
|
1759 |
< |
2005-03-08 Love Hörnquist Åstrand <lha@it.su.se> |
1759 |
> |
2005-03-08 Love Hörnquist Åstrand <lha@it.su.se> |
1760 |
|
|
1761 |
|
* kdc/pkinit.c: update to the asn1 structures used in -25's |
1762 |
|
|
1763 |
|
* lib/krb5/pkinit.c: update to the asn1 structures used in -25's |
1764 |
|
|
1765 |
< |
2005-03-04 Love Hörnquist Åstrand <lha@it.su.se> |
1765 |
> |
2005-03-04 Love Hörnquist Åstrand <lha@it.su.se> |
1766 |
|
|
1767 |
|
* lib/hdb/hdb-ldap.c: use the newly written hex function from |
1768 |
|
roken and remove the old implementation |
1769 |
|
|
1770 |
< |
2005-03-01 Love Hörnquist Åstrand <lha@it.su.se> |
1770 |
> |
2005-03-01 Love Hörnquist Åstrand <lha@it.su.se> |
1771 |
|
|
1772 |
|
* appl/test/http_client.c: allow specifing port to connect to |
1773 |
|
|
1774 |
< |
2005-02-24 Love Hörnquist Åstrand <lha@it.su.se> |
1774 |
> |
2005-02-24 Love Hörnquist Åstrand <lha@it.su.se> |
1775 |
|
|
1776 |
|
* lib/krb5/Makefile.am: bump version to 21:0:4 |
1777 |
|
|
1779 |
|
|
1780 |
|
* lib/asn1/Makefile.am: bump version to 7:0:1 |
1781 |
|
|
1782 |
< |
2005-02-23 Love Hörnquist Åstrand <lha@it.su.se> |
1782 |
> |
2005-02-23 Love Hörnquist Åstrand <lha@it.su.se> |
1783 |
|
|
1784 |
|
* lib/krb5/crypto.c (DES_string_to_key_int): must check for weak |
1785 |
|
keys after doing the DES_cbc_cksum |
1790 |
|
config_get_hosts() in kpasswd_get_next() |
1791 |
|
From: Wynn Wilkes <wynnw@vintela.com> |
1792 |
|
|
1793 |
< |
2005-02-15 Love Hörnquist Åstrand <lha@it.su.se> |
1793 |
> |
2005-02-15 Love Hörnquist Åstrand <lha@it.su.se> |
1794 |
|
|
1795 |
|
* lib/hdb/db3.c (DB_open): correct the check for O_RDONLY |
1796 |
|
From: Chaskiel M Grundman <cg2v@andrew.cmu.edu> |
1797 |
|
|
1798 |
< |
2005-02-09 Love Hörnquist Åstrand <lha@it.su.se> |
1798 |
> |
2005-02-09 Love Hörnquist Åstrand <lha@it.su.se> |
1799 |
|
|
1800 |
|
* lib/krb5/crypto.c (krb5_random_to_key): cast size_t to int to |
1801 |
|
make %d work |
1802 |
|
|
1803 |
< |
2005-02-08 Love Hörnquist Åstrand <lha@it.su.se> |
1803 |
> |
2005-02-08 Love Hörnquist Åstrand <lha@it.su.se> |
1804 |
|
|
1805 |
|
* lib/krb5/keytab.c (krb5_kt_get_entry): tell what enctype the |
1806 |
|
caller requested to provide the user with a glue what the caller |
1816 |
|
* kcm/config.c: allow KCM system ccache to be configured from |
1817 |
|
krb5.conf, in the system_ccache stanza of [kcm] |
1818 |
|
|
1819 |
< |
2005-02-03 Love Hörnquist Åstrand <lha@it.su.se> |
1819 |
> |
2005-02-03 Love Hörnquist Åstrand <lha@it.su.se> |
1820 |
|
|
1821 |
|
* kcm/protocol.c: use -1 as the invalid pid number |
1822 |
|
|
1849 |
|
|
1850 |
|
* kcm: add KCM daemon |
1851 |
|
|
1852 |
< |
2005-02-02 Love Hörnquist Åstrand <lha@it.su.se> |
1852 |
> |
2005-02-02 Love Hörnquist Åstrand <lha@it.su.se> |
1853 |
|
|
1854 |
|
* lib/krb5/send_to_kdc.c (send_and_recv_udp): make private again |
1855 |
|
|
1889 |
|
* kdc/kerberos5.c: don't crash when logging no server etype |
1890 |
|
support if client == NULL |
1891 |
|
|
1892 |
< |
2005-01-17 Love Hörnquist Åstrand <lha@it.su.se> |
1892 |
> |
2005-01-17 Love Hörnquist Åstrand <lha@it.su.se> |
1893 |
|
|
1894 |
|
* kdc/kstash.c: s/random_key/random_key_flag/, From Dave Love |
1895 |
|
<d.love@dl.ac.uk> |
1896 |
|
|
1897 |
< |
2005-01-12 Love Hörnquist Åstrand <lha@it.su.se> |
1897 |
> |
2005-01-12 Love Hörnquist Åstrand <lha@it.su.se> |
1898 |
|
|
1899 |
|
* doc/apps.texi: Texinfo fixes. Text about irix 6.5 using |
1900 |
|
PAM. From: Dave Love <d.love@dl.ac.uk> |
1901 |
|
|
1902 |
< |
2005-01-08 Love Hörnquist Åstrand <lha@it.su.se> |
1902 |
> |
2005-01-08 Love Hörnquist Åstrand <lha@it.su.se> |
1903 |
|
|
1904 |
|
* lib/krb5/verify_krb5_conf.c: cast argument to isdigit to |
1905 |
|
unsigned char |
1935 |
|
krb5_enctype_valid, so use the later since its older and the api |
1936 |
|
doesn't really need another entry point |
1937 |
|
|
1938 |
< |
2005-01-05 Love Hörnquist Åstrand <lha@it.su.se> |
1938 |
> |
2005-01-05 Love Hörnquist Åstrand <lha@it.su.se> |
1939 |
|
|
1940 |
|
* kpasswd/kpasswdd.8: document --addresses, controls what |
1941 |
|
addresses kpasswd should listen too |
1993 |
|
* lib/asn1/k5.asn1: add authorization data types for enctype |
1994 |
|
negotiation implementation |
1995 |
|
|
1996 |
< |
2005-01-04 Love Hörnquist Åstrand <lha@it.su.se> |
1996 |
> |
2005-01-04 Love Hörnquist Åstrand <lha@it.su.se> |
1997 |
|
|
1998 |
|
* lib/krb5/changepw.c (change_password_loop): on failing to find a |
1999 |
|
kdc, set result_code to KRB5_KPASSWD_HARDERROR |
2000 |
|
|
2001 |
< |
2005-01-01 Love Hörnquist Åstrand <lha@it.su.se> |
2001 |
> |
2005-01-01 Love Hörnquist Åstrand <lha@it.su.se> |
2002 |
|
|
2003 |
|
* doc/heimdal.texi: Happy New Year |
2004 |
|
|