| 1 |
< |
2006-12-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 1 |
> |
2006-12-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 2 |
|
|
| 3 |
|
* kdc/process.c: Handle kx509 requests. |
| 4 |
|
|
| 26 |
|
* lib/krb5/digest.c (krb5_ntlm_rep_get_sessionkey): return value |
| 27 |
|
is krb5_error_code |
| 28 |
|
|
| 29 |
< |
2006-12-27 Love Hörnquist Åstrand <lha@it.su.se> |
| 29 |
> |
2006-12-27 Love Hörnquist Åstrand <lha@it.su.se> |
| 30 |
|
|
| 31 |
|
* lib/krb5/mk_req_ext.c (_krb5_mk_req_internal): use md5 for |
| 32 |
|
des-cbc-md4 and des-cbc-md5. This is for (older) windows that |
| 33 |
|
will be unhappy anything else. From Inna Bort-Shatsky |
| 34 |
|
|
| 35 |
< |
2006-12-26 Love Hörnquist Åstrand <lha@it.su.se> |
| 35 |
> |
2006-12-26 Love Hörnquist Åstrand <lha@it.su.se> |
| 36 |
|
|
| 37 |
|
* kdc/digest.c: Prefix internal symbol with _kdc_. |
| 38 |
|
|
| 48 |
|
|
| 49 |
|
* kdc/digest.c: Add digest acl's |
| 50 |
|
|
| 51 |
< |
2006-12-22 Love Hörnquist Åstrand <lha@it.su.se> |
| 51 |
> |
2006-12-22 Love Hörnquist Åstrand <lha@it.su.se> |
| 52 |
|
|
| 53 |
|
* fix-export: build ntlm-private.h |
| 54 |
|
|
| 55 |
< |
2006-12-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 55 |
> |
2006-12-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 56 |
|
|
| 57 |
|
* include/make_crypto.c: Include <.../hmac.h>. |
| 58 |
|
|
| 65 |
|
* kdc/digest.c: Add support for generating NTLM2 session security |
| 66 |
|
answer. |
| 67 |
|
|
| 68 |
< |
2006-12-19 Love Hörnquist Åstrand <lha@it.su.se> |
| 68 |
> |
2006-12-19 Love Hörnquist Åstrand <lha@it.su.se> |
| 69 |
|
|
| 70 |
|
* lib/krb5/digest.c: Add sessionkey accessor functions. |
| 71 |
|
|
| 72 |
< |
2006-12-18 Love Hörnquist Åstrand <lha@it.su.se> |
| 72 |
> |
2006-12-18 Love Hörnquist Åstrand <lha@it.su.se> |
| 73 |
|
|
| 74 |
|
* kdc/digest.c: Unwrap the NTLM session key and return it to the |
| 75 |
|
server. |
| 76 |
|
|
| 77 |
< |
2006-12-17 Love Hörnquist Åstrand <lha@it.su.se> |
| 77 |
> |
2006-12-17 Love Hörnquist Åstrand <lha@it.su.se> |
| 78 |
|
|
| 79 |
|
* lib/krb5/store.c (krb5_ret_principal): Fix a bug in the malloc |
| 80 |
|
failure part, noticed by Arnaud Lacombe in NetBSD coverity scan. |
| 81 |
|
|
| 82 |
< |
2006-12-15 Love Hörnquist Åstrand <lha@it.su.se> |
| 82 |
> |
2006-12-15 Love Hörnquist Åstrand <lha@it.su.se> |
| 83 |
|
|
| 84 |
|
* lib/krb5/fcache.c (fcc_get_cache_next): avoid const warning. |
| 85 |
|
|
| 111 |
|
* lib/krb5/krb5_locl.h: Expand the default root for some of the cc |
| 112 |
|
type names. |
| 113 |
|
|
| 114 |
< |
2006-12-14 Love Hörnquist Åstrand <lha@it.su.se> |
| 114 |
> |
2006-12-14 Love Hörnquist Åstrand <lha@it.su.se> |
| 115 |
|
|
| 116 |
|
* lib/krb5/init_creds_pw.c (free_paid): free the krb5_data |
| 117 |
|
structure too. Bug report from Stefan Metzmacher. |
| 118 |
|
|
| 119 |
< |
2006-12-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 119 |
> |
2006-12-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 120 |
|
|
| 121 |
|
* kuser/kinit.c: Read the appdefault configration before we try to |
| 122 |
|
use the flags. Bug reported by Ingemar Nilsson. |
| 125 |
|
|
| 126 |
|
* kuser/kdigest-commands.in: prefix digest commands with digest- |
| 127 |
|
|
| 128 |
< |
2006-12-10 Love Hörnquist Åstrand <lha@it.su.se> |
| 128 |
> |
2006-12-10 Love Hörnquist Åstrand <lha@it.su.se> |
| 129 |
|
|
| 130 |
|
* kdc/hprop.c: Return error codes on failure, improve error |
| 131 |
|
reporting. |
| 132 |
|
|
| 133 |
< |
2006-12-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 133 |
> |
2006-12-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 134 |
|
|
| 135 |
|
* lib/krb5/pkinit.c: sprinkle more _krb5_pk_copy_error |
| 136 |
|
|
| 137 |
|
* lib/krb5/pkinit.c: Copy more hx509 error strings to krb5 error |
| 138 |
|
strings |
| 139 |
|
|
| 140 |
< |
2006-12-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 140 |
> |
2006-12-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 141 |
|
|
| 142 |
|
* include/Makefile.am: CLEANFILES += vis.h |
| 143 |
|
|
| 144 |
< |
2006-12-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 144 |
> |
2006-12-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 145 |
|
|
| 146 |
|
* kdc/kerberos5.c (_kdc_as_rep): add AD-INITAL-VERIFIED-CAS to the |
| 147 |
|
encrypted ticket |
| 164 |
|
really should be the trust anchors of the client. |
| 165 |
|
|
| 166 |
|
* kuser/generate-requests.c: Use strcspn to remove \n from |
| 167 |
< |
string returned by fgets. From Björn Sandell |
| 167 |
> |
string returned by fgets. From Björn Sandell |
| 168 |
|
|
| 169 |
|
* kpasswd/kpasswd-generator.c: Use strcspn to remove \n from |
| 170 |
< |
string returned by fgets. From Björn Sandell |
| 170 |
> |
string returned by fgets. From Björn Sandell |
| 171 |
|
|
| 172 |
< |
2006-12-05 Love Hörnquist Åstrand <lha@it.su.se> |
| 172 |
> |
2006-12-05 Love Hörnquist Åstrand <lha@it.su.se> |
| 173 |
|
|
| 174 |
|
* lib/hdb/hdb-ldap.c: Clear errno before calling the strtol |
| 175 |
< |
functions. From Paul Stoeber to OpenBSD by Ray Lai and Björn |
| 175 |
> |
functions. From Paul Stoeber to OpenBSD by Ray Lai and Björn |
| 176 |
|
Sandell. |
| 177 |
|
|
| 178 |
|
* lib/krb5/config_file.c: Use strcspn to remove \n from fgets |
| 179 |
< |
result. Prompted by change by Ray Lai of OpenBSD via Björn |
| 179 |
> |
result. Prompted by change by Ray Lai of OpenBSD via Björn |
| 180 |
|
Sandell. |
| 181 |
|
|
| 182 |
|
* kdc/string2key.c: Use strcspn to remove \n from fgets |
| 183 |
< |
result. Prompted by change by Ray Lai of OpenBSD via Björn |
| 183 |
> |
result. Prompted by change by Ray Lai of OpenBSD via Björn |
| 184 |
|
Sandell. |
| 185 |
|
|
| 186 |
< |
2006-11-30 Love Hörnquist Åstrand <lha@it.su.se> |
| 186 |
> |
2006-11-30 Love Hörnquist Åstrand <lha@it.su.se> |
| 187 |
|
|
| 188 |
|
* lib/krb5/krbhst.c (plugin_get_hosts): be more paranoid and pass |
| 189 |
|
in a NULLed plugin list |
| 190 |
|
|
| 191 |
< |
2006-11-29 Love Hörnquist Åstrand <lha@it.su.se> |
| 191 |
> |
2006-11-29 Love Hörnquist Åstrand <lha@it.su.se> |
| 192 |
|
|
| 193 |
|
* lib/krb5/verify_krb5_conf.c: add more pkinit options. |
| 194 |
|
|
| 201 |
|
|
| 202 |
|
* lib/hdb/Makefile.am: Add LIB_com_err to pacify AIX |
| 203 |
|
|
| 204 |
< |
2006-11-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 204 |
> |
2006-11-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 205 |
|
|
| 206 |
|
* lib/hdb/hdb-ldap.c: Make build again from the hdb_entry |
| 207 |
|
wrapping. Patch from Andreas Hasenack. |
| 209 |
|
* kdc/pkinit.c: Need better code in the DH parameter rejection |
| 210 |
|
case, add comment to that effect. |
| 211 |
|
|
| 212 |
< |
2006-11-27 Love Hörnquist Åstrand <lha@it.su.se> |
| 212 |
> |
2006-11-27 Love Hörnquist Åstrand <lha@it.su.se> |
| 213 |
|
|
| 214 |
|
* kdc/krb5tgs.c: Reply KRB5KRB_ERR_RESPONSE_TOO_BIG for too large |
| 215 |
|
packets when using datagram based transports. |
| 218 |
|
|
| 219 |
|
* lib/krb5/pkinit.c (build_auth_pack): set supportedCMSTypes. |
| 220 |
|
|
| 221 |
< |
2006-11-26 Love Hörnquist Åstrand <lha@it.su.se> |
| 221 |
> |
2006-11-26 Love Hörnquist Åstrand <lha@it.su.se> |
| 222 |
|
|
| 223 |
|
* lib/krb5/pkinit.c: Pass down hx509_peer_info. |
| 224 |
|
|
| 228 |
|
* kdc/pkinit.c (_kdc_pk_rd_padata): Pick up supportedCMSTypes and |
| 229 |
|
pass in into hx509_cms_create_signed_1 via hx509_peer_info blob. |
| 230 |
|
|
| 231 |
< |
2006-11-24 Love Hörnquist Åstrand <lha@it.su.se> |
| 231 |
> |
2006-11-24 Love Hörnquist Åstrand <lha@it.su.se> |
| 232 |
|
|
| 233 |
|
* lib/krb5/send_to_kdc.c: Set the large_msg_size to 1400, lets not |
| 234 |
|
fragment packets and avoid stupid linklayers that doesn't allow |
| 235 |
|
fragmented packets (unix dgram sockets on Mac OS X) |
| 236 |
|
|
| 237 |
< |
2006-11-23 Love Hörnquist Åstrand <lha@it.su.se> |
| 237 |
> |
2006-11-23 Love Hörnquist Åstrand <lha@it.su.se> |
| 238 |
|
|
| 239 |
|
* lib/krb5/pkinit.c (_krb5_pk_create_sign): stuff down the users |
| 240 |
|
certs in the pool to make sure a path is returned, without this |
| 241 |
|
proxy certificates wont work. |
| 242 |
|
|
| 243 |
< |
2006-11-21 Love Hörnquist Åstrand <lha@it.su.se> |
| 243 |
> |
2006-11-21 Love Hörnquist Åstrand <lha@it.su.se> |
| 244 |
|
|
| 245 |
|
* kdc/config.c: Make all pkinit options prefixed with pkinit_ |
| 246 |
|
|
| 257 |
|
* lib/krb5/get_cred.c: Use KRB5_KU_OTHER_CKSUM for the impersonate |
| 258 |
|
checksum. |
| 259 |
|
|
| 260 |
< |
2006-11-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 260 |
> |
2006-11-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 261 |
|
|
| 262 |
|
* lib/krb5/verify_user.c: Make krb5_get_init_creds_opt_free take a |
| 263 |
|
context argument. |
| 286 |
|
* appl/gssmask/gssmask.c: Make krb5_get_init_creds_opt_free take a |
| 287 |
|
context argument. |
| 288 |
|
|
| 289 |
< |
2006-11-19 Love Hörnquist Åstrand <lha@it.su.se> |
| 289 |
> |
2006-11-19 Love Hörnquist Åstrand <lha@it.su.se> |
| 290 |
|
|
| 291 |
|
* doc/setup.texi: fix pkinit option (s/-/_/) |
| 292 |
|
|
| 293 |
|
* kdc/config.c: revert the enable-pkinit change, and make it |
| 294 |
|
consistant with all other other enable- options |
| 295 |
|
|
| 296 |
< |
2006-11-17 Love Hörnquist Åstrand <lha@it.su.se> |
| 296 |
> |
2006-11-17 Love Hörnquist Åstrand <lha@it.su.se> |
| 297 |
|
|
| 298 |
|
* doc/setup.texi: Make all pkinit options prefixed with pkinit_ |
| 299 |
|
|
| 310 |
|
* lib/krb5/mit_glue.c (krb5_c_keylength): mit changed the api, |
| 311 |
|
deal. |
| 312 |
|
|
| 313 |
< |
2006-11-13 Love Hörnquist Åstrand <lha@it.su.se> |
| 313 |
> |
2006-11-13 Love Hörnquist Åstrand <lha@it.su.se> |
| 314 |
|
|
| 315 |
|
* lib/krb5/pac.c (fill_zeros): stop using MIN. |
| 316 |
|
|
| 325 |
|
* lib/krb5/krbhst.c: Use plugin for the other realm locate types |
| 326 |
|
too. |
| 327 |
|
|
| 328 |
< |
2006-11-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 328 |
> |
2006-11-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 329 |
|
|
| 330 |
|
* lib/krb5/krb5_locl.h: Add plugin api |
| 331 |
|
|
| 344 |
|
|
| 345 |
|
* lib/krb5/krb5.h: Add struct krb5_pac. |
| 346 |
|
|
| 347 |
< |
2006-11-09 Love Hörnquist Åstrand <lha@it.su.se> |
| 347 |
> |
2006-11-09 Love Hörnquist Åstrand <lha@it.su.se> |
| 348 |
|
|
| 349 |
|
* lib/krb5/test_pac.c: PAC testing. |
| 350 |
|
|
| 362 |
|
|
| 363 |
|
* lib/krb5/mit_glue.c: Add krb5_c_keylength. |
| 364 |
|
|
| 365 |
< |
2006-11-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 365 |
> |
2006-11-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 366 |
|
|
| 367 |
|
* lib/krb5/pac.c: Almost enough code to do PAC parsing and |
| 368 |
|
verification, missing in the unix2NTTIME and ucs2 corner. The |
| 372 |
|
|
| 373 |
|
* kdc/hpropd.c: Remove support dumping to a kerberos 4 database. |
| 374 |
|
|
| 375 |
< |
2006-11-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 375 |
> |
2006-11-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 376 |
|
|
| 377 |
|
* lib/krb5/context.c: rename krb5_[gs]et_time_wrap to |
| 378 |
|
krb5_[gs]et_max_time_skew |
| 382 |
|
|
| 383 |
|
* lib/krb5/rd_req.c: Add more krb5_rd_req_out_get functions. |
| 384 |
|
|
| 385 |
< |
2006-11-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 385 |
> |
2006-11-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 386 |
|
|
| 387 |
|
* lib/krb5/krb5.h: krb5_rd_req{,_in,_out}_ctx. |
| 388 |
|
|
| 390 |
|
dancing version of the krb5_rd_req and implement krb5_rd_req and |
| 391 |
|
krb5_rd_req_with_keyblock using it. |
| 392 |
|
|
| 393 |
< |
2006-11-04 Love Hörnquist Åstrand <lha@it.su.se> |
| 393 |
> |
2006-11-04 Love Hörnquist Åstrand <lha@it.su.se> |
| 394 |
|
|
| 395 |
|
* kdc/kerberos5.c (_kdc_as_rep): More verbose time skew logging. |
| 396 |
|
|
| 397 |
< |
2006-11-03 Love Hörnquist Åstrand <lha@it.su.se> |
| 397 |
> |
2006-11-03 Love Hörnquist Åstrand <lha@it.su.se> |
| 398 |
|
|
| 399 |
|
* lib/krb5/expand_hostname.c: Rename various routines and |
| 400 |
|
constants from canonize to canonicalize. From Andrew Bartlett |
| 407 |
|
* appl/gssmask/common.c (add_list): fix alloc statement. |
| 408 |
|
From Alex Deiter |
| 409 |
|
|
| 410 |
< |
2006-10-25 Love Hörnquist Åstrand <lha@it.su.se> |
| 410 |
> |
2006-10-25 Love Hörnquist Åstrand <lha@it.su.se> |
| 411 |
|
|
| 412 |
|
* include/Makefile.am: Move version.h and version.h.in to |
| 413 |
|
DISTCLEANFILES. |
| 414 |
|
|
| 415 |
< |
2006-10-24 Love Hörnquist Åstrand <lha@it.su.se> |
| 415 |
> |
2006-10-24 Love Hörnquist Åstrand <lha@it.su.se> |
| 416 |
|
|
| 417 |
|
* appl/gssmask/gssmask.c: Only log when there are resources left. |
| 418 |
|
|
| 421 |
|
* appl/gssmask/gssmask.c (AcquireCreds): free |
| 422 |
|
krb5_get_init_creds_opt |
| 423 |
|
|
| 424 |
< |
2006-10-23 Love Hörnquist Åstrand <lha@it.su.se> |
| 424 |
> |
2006-10-23 Love Hörnquist Åstrand <lha@it.su.se> |
| 425 |
|
|
| 426 |
|
* configure.in: heimdal 0.8-RC1 |
| 427 |
|
|
| 428 |
< |
2006-10-22 Love Hörnquist Åstrand <lha@it.su.se> |
| 428 |
> |
2006-10-22 Love Hörnquist Åstrand <lha@it.su.se> |
| 429 |
|
|
| 430 |
|
* lib/krb5/digest.c: Try to not leak memory. |
| 431 |
|
|
| 459 |
|
|
| 460 |
|
* lib/krb5/crypto.c (AES_string_to_key): Try to not leak memory. |
| 461 |
|
|
| 462 |
< |
2006-10-21 Love Hörnquist Åstrand <lha@it.su.se> |
| 462 |
> |
2006-10-21 Love Hörnquist Åstrand <lha@it.su.se> |
| 463 |
|
|
| 464 |
|
* tools/heimdal-build.sh: Add --test-environment |
| 465 |
|
|
| 468 |
|
* lib/hdb/Makefile.am: remove dependency on et files covert_db |
| 469 |
|
that now is removed |
| 470 |
|
|
| 471 |
< |
2006-10-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 471 |
> |
2006-10-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 472 |
|
|
| 473 |
|
* include/Makefile.am: add gssapi to subdirs |
| 474 |
|
|
| 507 |
|
|
| 508 |
|
* lib/krb5/Makefile.am: add more files |
| 509 |
|
|
| 510 |
< |
2006-10-19 Love Hörnquist Åstrand <lha@it.su.se> |
| 510 |
> |
2006-10-19 Love Hörnquist Åstrand <lha@it.su.se> |
| 511 |
|
|
| 512 |
|
* tools/Makefile.am: Add heimdal-build.sh to EXTRA_DIST. |
| 513 |
|
|
| 521 |
|
|
| 522 |
|
* configure.in: make --disable-pk-init help text also negative |
| 523 |
|
|
| 524 |
< |
2006-10-18 Love Hörnquist Åstrand <lha@it.su.se> |
| 524 |
> |
2006-10-18 Love Hörnquist Åstrand <lha@it.su.se> |
| 525 |
|
|
| 526 |
|
* kuser/kgetcred.c: Avoid memory leak. |
| 527 |
|
|
| 538 |
|
|
| 539 |
|
* lib/krb5/test_princ.c: Test principal parsing and unparsing. |
| 540 |
|
|
| 541 |
< |
2006-10-17 Love Hörnquist Åstrand <lha@it.su.se> |
| 541 |
> |
2006-10-17 Love Hörnquist Åstrand <lha@it.su.se> |
| 542 |
|
|
| 543 |
|
* lib/krb5/get_host_realm.c (krb5_get_host_realm): make sure we |
| 544 |
|
don't recurse |
| 591 |
|
|
| 592 |
|
* kdc/kerberos5.c: Prefix asn1 primitives with der_. |
| 593 |
|
|
| 594 |
< |
2006-10-16 Love Hörnquist Åstrand <lha@it.su.se> |
| 594 |
> |
2006-10-16 Love Hörnquist Åstrand <lha@it.su.se> |
| 595 |
|
|
| 596 |
|
* fix-export: Build lib/asn1/der-protos.h. |
| 597 |
|
|
| 598 |
< |
2006-10-14 Love Hörnquist Åstrand <lha@it.su.se> |
| 598 |
> |
2006-10-14 Love Hörnquist Åstrand <lha@it.su.se> |
| 599 |
|
|
| 600 |
|
* appl/gssmask/Makefile.am: Add explit depenency on libroken. |
| 601 |
|
|
| 618 |
|
|
| 619 |
|
* lib/krb5/data.c: Prefix der primitives with der_. |
| 620 |
|
|
| 621 |
< |
2006-10-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 621 |
> |
2006-10-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 622 |
|
|
| 623 |
|
* kdc/pkinit.c (pk_mk_pa_reply_enckey): add missing break. From |
| 624 |
|
Olga Kornievskaia. |
| 627 |
|
|
| 628 |
|
* include/bits.c: Include Xint64 types. |
| 629 |
|
|
| 630 |
< |
2006-10-10 Love Hörnquist Åstrand <lha@it.su.se> |
| 630 |
> |
2006-10-10 Love Hörnquist Åstrand <lha@it.su.se> |
| 631 |
|
|
| 632 |
|
* tools/heimdal-build.sh: Add socketwrapper and cputime limit. |
| 633 |
|
|
| 634 |
|
* kdc/connect.c (loop): Log that the kdc have started. |
| 635 |
|
|
| 636 |
< |
2006-10-09 Love Hörnquist Åstrand <lha@it.su.se> |
| 636 |
> |
2006-10-09 Love Hörnquist Åstrand <lha@it.su.se> |
| 637 |
|
|
| 638 |
|
* kdc/connect.c (do_request): tell krb5_kdc_process_request if its |
| 639 |
|
a datagram reply or not |
| 658 |
|
* kdc/krb5tgs.c (tgs_parse_request): set cusec, not csec from |
| 659 |
|
auth->cusec. |
| 660 |
|
|
| 661 |
< |
2006-10-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 661 |
> |
2006-10-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 662 |
|
|
| 663 |
|
* fix-export: dist_-ify libkadm5clnt_la_SOURCES too |
| 664 |
|
|
| 677 |
|
checksum is done over the whole packet. Reported by Olga |
| 678 |
|
Kornievskaia |
| 679 |
|
|
| 680 |
< |
2006-10-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 680 |
> |
2006-10-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 681 |
|
|
| 682 |
|
* include/Makefile.am: crypto-headers.h is a nodist header |
| 683 |
|
|
| 698 |
|
* kdc/kerberos5.c: Adapt to signature change of |
| 699 |
|
_krb5_principalname2krb5_principal. |
| 700 |
|
|
| 701 |
< |
2006-10-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 701 |
> |
2006-10-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 702 |
|
|
| 703 |
|
* lib/krb5/krbhst.c (common_init): don't try DNS when there is |
| 704 |
|
realm w/o a dot. |
| 736 |
|
|
| 737 |
|
* appl/gssmask/common.h: Maybe include <sys/wait.h>. |
| 738 |
|
|
| 739 |
< |
2006-10-05 Love Hörnquist Åstrand <lha@it.su.se> |
| 739 |
> |
2006-10-05 Love Hörnquist Åstrand <lha@it.su.se> |
| 740 |
|
|
| 741 |
|
* appl/gssmask/common.h: disable ENABLE_PTHREAD_SUPPORT and |
| 742 |
|
explain why |
| 749 |
|
|
| 750 |
|
* tools/heimdal-build.sh: first cut |
| 751 |
|
|
| 752 |
< |
2006-10-04 Love Hörnquist Åstrand <lha@it.su.se> |
| 752 |
> |
2006-10-04 Love Hörnquist Åstrand <lha@it.su.se> |
| 753 |
|
|
| 754 |
|
* configure.in: Call AB_INIT. |
| 755 |
|
|
| 762 |
|
|
| 763 |
|
* lib/krb5/krb5_digest.3: Add all protos |
| 764 |
|
|
| 765 |
< |
2006-10-03 Love Hörnquist Åstrand <lha@it.su.se> |
| 765 |
> |
2006-10-03 Love Hörnquist Åstrand <lha@it.su.se> |
| 766 |
|
|
| 767 |
|
* lib/krb5/krb5_digest.3: Basic krb5_digest manpage. |
| 768 |
|
|
| 769 |
< |
2006-10-02 Love Hörnquist Åstrand <lha@it.su.se> |
| 769 |
> |
2006-10-02 Love Hörnquist Åstrand <lha@it.su.se> |
| 770 |
|
|
| 771 |
|
* fix-export: build gssapi mech private files |
| 772 |
|
|
| 786 |
|
|
| 787 |
|
* fix-export: build gssapi mech private files |
| 788 |
|
|
| 789 |
< |
2006-09-26 Love Hörnquist Åstrand <lha@it.su.se> |
| 789 |
> |
2006-09-26 Love Hörnquist Åstrand <lha@it.su.se> |
| 790 |
|
|
| 791 |
|
* appl/gssmask/gssmaestro.c: Handle FIRST_CALL in the context |
| 792 |
|
building, better error handling. |
| 799 |
|
* appl/gssmask/gssmaestro.c: Check that the pre-wrapped data is |
| 800 |
|
the same as afterward. |
| 801 |
|
|
| 802 |
< |
2006-09-25 Love Hörnquist Åstrand <lha@it.su.se> |
| 802 |
> |
2006-09-25 Love Hörnquist Åstrand <lha@it.su.se> |
| 803 |
|
|
| 804 |
|
* appl/gssmask/gssmaestro.c: Remove stray GSS_C_DCE_STYLE. |
| 805 |
|
|
| 806 |
|
* appl/gssmask/gssmaestro.c: Add logsocket support. |
| 807 |
|
|
| 808 |
< |
2006-09-22 Love Hörnquist Åstrand <lha@it.su.se> |
| 808 |
> |
2006-09-22 Love Hörnquist Åstrand <lha@it.su.se> |
| 809 |
|
|
| 810 |
|
* appl/gssmask/gssmaestro.c (build_context): print the step the |
| 811 |
|
context exchange. |
| 812 |
|
|
| 813 |
< |
2006-09-21 Love Hörnquist Åstrand <lha@it.su.se> |
| 813 |
> |
2006-09-21 Love Hörnquist Åstrand <lha@it.su.se> |
| 814 |
|
|
| 815 |
|
* appl/gssmask/gssmaestro.c: Add GSS_C_INTEG_FLAG|GSS_C_CONF_FLAG |
| 816 |
|
to all context flags |
| 826 |
|
* lib/krb5/rd_req.c: disable ETypeList parsing usage for now, cfx |
| 827 |
|
seems broken and its not good to upgrade to a broken enctype. |
| 828 |
|
|
| 829 |
< |
2006-09-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 829 |
> |
2006-09-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 830 |
|
|
| 831 |
|
* appl/gssmask/gssmask.c: Add wrap/unwrap ops |
| 832 |
|
|
| 842 |
|
* appl/gssmask/gssmaestro.c: test self context building and all |
| 843 |
|
permutation of clients |
| 844 |
|
|
| 845 |
< |
2006-09-19 Love Hörnquist Åstrand <lha@it.su.se> |
| 845 |
> |
2006-09-19 Love Hörnquist Åstrand <lha@it.su.se> |
| 846 |
|
|
| 847 |
|
* appl/gssmask/gssmask.c: add --logfile option, use htons() on |
| 848 |
|
port number |
| 851 |
|
|
| 852 |
|
* configure.in: Make pk-init turned on by default. |
| 853 |
|
|
| 854 |
< |
2006-09-18 Love Hörnquist Åstrand <lha@it.su.se> |
| 854 |
> |
2006-09-18 Love Hörnquist Åstrand <lha@it.su.se> |
| 855 |
|
|
| 856 |
|
* fix-export: Build lib/hx509/{hx509-protos.h,hx509-private.h}. |
| 857 |
|
|
| 864 |
|
* kdc/krb5tgs.c: Check the adtkt in the constrained delegation |
| 865 |
|
case too. |
| 866 |
|
|
| 867 |
< |
2006-09-16 Love Hörnquist Åstrand <lha@it.su.se> |
| 867 |
> |
2006-09-16 Love Hörnquist Åstrand <lha@it.su.se> |
| 868 |
|
|
| 869 |
|
* kdc/main.c (sigterm): don't _exit, let loop() catch the signal |
| 870 |
|
instead. |
| 871 |
|
|
| 872 |
< |
* lib/krb5/krb5_timeofday.3: Fixes from Björn Sandell. |
| 872 |
> |
* lib/krb5/krb5_timeofday.3: Fixes from Björn Sandell. |
| 873 |
|
|
| 874 |
< |
* lib/krb5/krb5_get_init_creds.3: Fixes from Björn Sandell. |
| 874 |
> |
* lib/krb5/krb5_get_init_creds.3: Fixes from Björn Sandell. |
| 875 |
|
|
| 876 |
< |
2006-09-15 Love Hörnquist Åstrand <lha@it.su.se> |
| 876 |
> |
2006-09-15 Love Hörnquist Åstrand <lha@it.su.se> |
| 877 |
|
|
| 878 |
|
* tools/krb5-config.in: Add "kafs" option. |
| 879 |
|
|
| 880 |
< |
2006-09-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 880 |
> |
2006-09-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 881 |
|
|
| 882 |
|
* lib/hdb/db.c: By using full function calling conversion (*func) |
| 883 |
|
we avoid problem when close(fd) is overridden using a macro. |
| 886 |
|
conversion (*func) we avoid problem when close(fd) is overridden |
| 887 |
|
using a macro. |
| 888 |
|
|
| 889 |
< |
2006-09-11 Love Hörnquist Åstrand <lha@it.su.se> |
| 889 |
> |
2006-09-11 Love Hörnquist Åstrand <lha@it.su.se> |
| 890 |
|
|
| 891 |
|
* kdc/kerberos5.c: Signing outgoing tickets. |
| 892 |
|
|
| 896 |
|
* lib/krb5/pkinit.c: Adapt to new signature of |
| 897 |
|
hx509_cms_unenvelope. |
| 898 |
|
|
| 899 |
< |
2006-09-09 Love Hörnquist Åstrand <lha@it.su.se> |
| 899 |
> |
2006-09-09 Love Hörnquist Åstrand <lha@it.su.se> |
| 900 |
|
|
| 901 |
|
* lib/krb5/pkinit.c (pk_verify_host): set errorstrings in a |
| 902 |
|
sensable way |
| 903 |
|
|
| 904 |
< |
2006-09-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 904 |
> |
2006-09-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 905 |
|
|
| 906 |
|
* lib/krb5/krb5_init_context.3: Prevent a font generation warning, |
| 907 |
|
from Jason McIntyre. |
| 908 |
|
|
| 909 |
< |
2006-09-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 909 |
> |
2006-09-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 910 |
|
|
| 911 |
|
* lib/krb5/context.c (krb5_init_ets): Add the hx errortable |
| 912 |
|
|
| 915 |
|
* lib/krb5/pkinit.c (_krb5_pk_verify_sign): catch the error string |
| 916 |
|
from the hx509 lib |
| 917 |
|
|
| 918 |
< |
2006-09-04 Love Hörnquist Åstrand <lha@it.su.se> |
| 918 |
> |
2006-09-04 Love Hörnquist Åstrand <lha@it.su.se> |
| 919 |
|
|
| 920 |
|
* lib/krb5/init_creds.c (krb5_get_init_creds_opt_set_default_flags): |
| 921 |
|
fix argument to krb5_get_init_creds_opt_set_addressless. |
| 945 |
|
instead of passing in the empty set of address into |
| 946 |
|
krb5_get_init_creds_opt_set_addresses. |
| 947 |
|
|
| 948 |
< |
2006-09-01 Love Hörnquist Åstrand <lha@it.su.se> |
| 948 |
> |
2006-09-01 Love Hörnquist Åstrand <lha@it.su.se> |
| 949 |
|
|
| 950 |
|
* kuser/kinit.c (renew_validate): inherit the proxiable and |
| 951 |
|
forwardable from the orignal ticket, pointed out by Bernard |
| 952 |
|
Antoine of CERN. |
| 953 |
|
|
| 954 |
|
* doc/setup.texi: More text about the acl_file entry and |
| 955 |
< |
hdb-ldap-structural-object. From Rüdiger Ranft. |
| 955 |
> |
hdb-ldap-structural-object. From Rüdiger Ranft. |
| 956 |
|
|
| 957 |
|
* lib/krb5/krbhst.c (fallback_get_hosts): limit the fallback |
| 958 |
|
lookups to 5. Patch from Wesley Craig, umich.edu |
| 963 |
|
* appl/test/tcp_server.c (proto): use keytab for krb5_recvauth |
| 964 |
|
Patch from Ingemar Nilsson <init@pdc.kth.se> |
| 965 |
|
|
| 966 |
< |
2006-08-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 966 |
> |
2006-08-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 967 |
|
|
| 968 |
|
* kuser/kdigest.c (help): use sl_slc_help(). |
| 969 |
|
|
| 971 |
|
|
| 972 |
|
* lib/krb5/digest.c: Catch more error. |
| 973 |
|
|
| 974 |
< |
2006-08-25 Love Hörnquist Åstrand <lha@it.su.se> |
| 974 |
> |
2006-08-25 Love Hörnquist Åstrand <lha@it.su.se> |
| 975 |
|
|
| 976 |
|
* doc/setup.texi: language. |
| 977 |
|
|
| 984 |
|
* lib/krb5/digest.c: In the case where we get a DigestError back, |
| 985 |
|
save the error string and code. |
| 986 |
|
|
| 987 |
< |
2006-08-24 Love Hörnquist Åstrand <lha@it.su.se> |
| 987 |
> |
2006-08-24 Love Hörnquist Åstrand <lha@it.su.se> |
| 988 |
|
|
| 989 |
|
* kdc/kerberos5.c: Remove _kdc_find_etype(), its no longer used. |
| 990 |
|
|
| 1027 |
|
tgt etype, now the krbtgt can be a aes-only key without the need |
| 1028 |
|
to support not-as-good etypes for the krbtgt. |
| 1029 |
|
|
| 1030 |
< |
2006-08-23 Love Hörnquist Åstrand <lha@it.su.se> |
| 1030 |
> |
2006-08-23 Love Hörnquist Åstrand <lha@it.su.se> |
| 1031 |
|
|
| 1032 |
|
* kdc/misc.c: Change _kdc_db_fetch() to return the database |
| 1033 |
|
pointer to if needed by the consumer. |
| 1059 |
|
|
| 1060 |
|
* lib/krb5/digest.c: Add digest support to the client side. |
| 1061 |
|
|
| 1062 |
< |
2006-08-21 Love Hörnquist Åstrand <lha@it.kth.se> |
| 1062 |
> |
2006-08-21 Love Hörnquist Åstrand <lha@it.kth.se> |
| 1063 |
|
|
| 1064 |
|
* lib/krb5/rd_rep.c (krb5_rd_rep): free krb5_ap_rep_enc_part on |
| 1065 |
|
error and set return pointer to NULL |
| 1066 |
|
(krb5_free_ap_rep_enc_part): permit freeing of NULL |
| 1067 |
|
|
| 1068 |
< |
2006-08-18 Love Hörnquist Åstrand <lha@it.kth.se> |
| 1068 |
> |
2006-08-18 Love Hörnquist Åstrand <lha@it.kth.se> |
| 1069 |
|
|
| 1070 |
|
* kdc/{Makefile.am,kdigest.c,kdigest-commands.in}: |
| 1071 |
|
Frontend for remote digest service in KDC |
| 1081 |
|
* lib/krb5/init_creds.c (krb5_get_init_creds_opt_get_error): clear |
| 1082 |
|
error string on error. |
| 1083 |
|
|
| 1084 |
< |
2006-07-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 1084 |
> |
2006-07-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 1085 |
|
|
| 1086 |
|
* lib/krb5/crypto.c: remove aes-192 (CMS) |
| 1087 |
|
|
| 1089 |
|
|
| 1090 |
|
* lib/krb5/crypto.c: Remove CMS symmetric encryption support. |
| 1091 |
|
|
| 1092 |
< |
2006-07-13 Love Hörnquist Åstrand <lha@it.su.se> |
| 1092 |
> |
2006-07-13 Love Hörnquist Åstrand <lha@it.su.se> |
| 1093 |
|
|
| 1094 |
|
* kdc/pkinit.c (_kdc_pk_check_client): make it not crash when |
| 1095 |
|
there are no acl |
| 1105 |
|
|
| 1106 |
|
* lib/hdb/ext.c: Add hdb_entry_get_pkinit_hash(). |
| 1107 |
|
|
| 1108 |
< |
2006-07-10 Love Hörnquist Åstrand <lha@it.su.se> |
| 1108 |
> |
2006-07-10 Love Hörnquist Åstrand <lha@it.su.se> |
| 1109 |
|
|
| 1110 |
|
* kuser/kinit.c: If --password-file gets STDIN, read the password |
| 1111 |
|
from the standard input. |
| 1114 |
|
|
| 1115 |
|
* lib/krb5/krb5_string_to_key.3: Remove duplicate to. |
| 1116 |
|
|
| 1117 |
< |
2006-07-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 1117 |
> |
2006-07-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 1118 |
|
|
| 1119 |
|
* kdc/krb5tgs.c: (tgs_build_reply): when checking for removed |
| 1120 |
|
principals, check the second component of the krbtgt, otherwise |
| 1121 |
|
cross realm wont work. Prompted by report from Mattias Amnefelt. |
| 1122 |
|
|
| 1123 |
< |
2006-07-05 Love Hörnquist Åstrand <lha@it.su.se> |
| 1123 |
> |
2006-07-05 Love Hörnquist Åstrand <lha@it.su.se> |
| 1124 |
|
|
| 1125 |
|
* kdc/connect.c (handle_vanilla_tcp): use unsigned integer for for |
| 1126 |
|
length |
| 1127 |
|
(handle_tcp): if the high bit it set in the unknown case, send |
| 1128 |
|
back a KRB_ERR_FIELD_TOOLONG |
| 1129 |
|
|
| 1130 |
< |
2006-07-03 Love Hörnquist Åstrand <lha@it.su.se> |
| 1130 |
> |
2006-07-03 Love Hörnquist Åstrand <lha@it.su.se> |
| 1131 |
|
|
| 1132 |
|
* appl/gssmask/gssmaestro.c: Add get_version_capa, cache |
| 1133 |
|
target_name. |
| 1143 |
|
* appl/gssmask/gssmaestro.c: break out out the build context |
| 1144 |
|
function |
| 1145 |
|
|
| 1146 |
< |
2006-07-01 Love Hörnquist Åstrand <lha@it.su.se> |
| 1146 |
> |
2006-07-01 Love Hörnquist Åstrand <lha@it.su.se> |
| 1147 |
|
|
| 1148 |
|
* appl/gssmask/gssmaestro.c: externalize slave handling, add |
| 1149 |
|
GetTargetName glue |
| 1160 |
|
* appl/gssmask: break out common function; add gssmaestro (that |
| 1161 |
|
only tests one context for now) |
| 1162 |
|
|
| 1163 |
< |
2006-06-30 Love Hörnquist Åstrand <lha@it.su.se> |
| 1163 |
> |
2006-06-30 Love Hörnquist Åstrand <lha@it.su.se> |
| 1164 |
|
|
| 1165 |
|
* lib/krb5/store_fd.c (krb5_storage_from_fd): don't leak fd on |
| 1166 |
|
malloc failure |
| 1173 |
|
* lib/krb5/cache.c (krb5_cc_new_unique): use KRB5_DEFAULT_CCNAME |
| 1174 |
|
as the default prefix |
| 1175 |
|
|
| 1176 |
< |
2006-06-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 1176 |
> |
2006-06-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 1177 |
|
|
| 1178 |
|
* doc/heimdal.texi: Add Doug Rabson's license |
| 1179 |
|
|
| 1180 |
< |
2006-06-22 Love Hörnquist Åstrand <lha@it.su.se> |
| 1180 |
> |
2006-06-22 Love Hörnquist Åstrand <lha@it.su.se> |
| 1181 |
|
|
| 1182 |
|
* lib/krb5/init_creds.c: Add storing and getting KRB-ERROR in the |
| 1183 |
|
krb5_get_init_creds_opt structure. |
| 1187 |
|
* lib/krb5/krb5_locl.h (_krb5_get_init_creds_opt_private): add |
| 1188 |
|
KRB-ERROR |
| 1189 |
|
|
| 1190 |
< |
2006-06-21 Love Hörnquist Åstrand <lha@it.su.se> |
| 1190 |
> |
2006-06-21 Love Hörnquist Åstrand <lha@it.su.se> |
| 1191 |
|
|
| 1192 |
|
* doc/setup.texi: section about verify_krb5_conf and kadmin check |
| 1193 |
|
|
| 1194 |
< |
2006-06-15 Love Hörnquist Åstrand <lha@it.su.se> |
| 1194 |
> |
2006-06-15 Love Hörnquist Åstrand <lha@it.su.se> |
| 1195 |
|
|
| 1196 |
|
* lib/krb5/init_creds_pw.c (get_init_creds_common): drop cred |
| 1197 |
|
argument, its unused |
| 1200 |
|
|
| 1201 |
|
* lib/krb5/krb5_get_creds.3: new file |
| 1202 |
|
|
| 1203 |
< |
2006-06-14 Love Hörnquist Åstrand <lha@it.su.se> |
| 1203 |
> |
2006-06-14 Love Hörnquist Åstrand <lha@it.su.se> |
| 1204 |
|
|
| 1205 |
|
* lib/hdb/hdb-ldap.c: don't use the sambaNTPassword if there is |
| 1206 |
|
ARCFOUR key already. Idea from Andreas Hasenack. While here, set |
| 1211 |
|
|
| 1212 |
|
* kdc/kdc.h: Add enable_v4_per_principal |
| 1213 |
|
|
| 1214 |
< |
2006-06-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 1214 |
> |
2006-06-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 1215 |
|
|
| 1216 |
|
* kdc/kerberos5.c (_kdc_as_rep): if kdc_time + |
| 1217 |
|
config->kdc_warn_pwexpire is past pw_end, add expiration |
| 1222 |
|
|
| 1223 |
|
* kdc/kerberos5.c: indent. |
| 1224 |
|
|
| 1225 |
< |
2006-06-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 1225 |
> |
2006-06-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 1226 |
|
|
| 1227 |
|
* kdc/kerberos5.c: constify |
| 1228 |
|
|
| 1229 |
< |
2006-06-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 1229 |
> |
2006-06-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 1230 |
|
|
| 1231 |
|
* lib/krb5/get_cred.c: Allow setting additional tickets in the |
| 1232 |
|
tgs-req |
| 1252 |
|
* lib/krb5/krb5.h: Add krb5_get_creds_opt_data and some more |
| 1253 |
|
KRB5_GC flags. |
| 1254 |
|
|
| 1255 |
< |
2006-06-01 Love Hörnquist Åstrand <lha@it.su.se> |
| 1255 |
> |
2006-06-01 Love Hörnquist Åstrand <lha@it.su.se> |
| 1256 |
|
|
| 1257 |
|
* lib/hdb/ext.c (hdb_entry_get_ConstrainedDelegACL): new function. |
| 1258 |
|
|
| 1271 |
|
* kdc/kerberos5.c: split out krb5 tgs req to make it easier to |
| 1272 |
|
reorganize the code. |
| 1273 |
|
|
| 1274 |
< |
2006-05-29 Love Hörnquist Åstrand <lha@it.su.se> |
| 1274 |
> |
2006-05-29 Love Hörnquist Åstrand <lha@it.su.se> |
| 1275 |
|
|
| 1276 |
< |
* lib/krb5/krb5_get_init_creds.3: spelling Björn Sandell |
| 1276 |
> |
* lib/krb5/krb5_get_init_creds.3: spelling Björn Sandell |
| 1277 |
|
|
| 1278 |
< |
* lib/krb5/krb5_get_in_cred.3: spelling Björn Sandell |
| 1278 |
> |
* lib/krb5/krb5_get_in_cred.3: spelling Björn Sandell |
| 1279 |
|
|
| 1280 |
< |
2006-05-13 Love Hörnquist Åstrand <lha@it.su.se> |
| 1280 |
> |
2006-05-13 Love Hörnquist Åstrand <lha@it.su.se> |
| 1281 |
|
|
| 1282 |
|
* kpasswd/kpasswdd.c (change): select the realm based on the |
| 1283 |
|
target principal From Gabor Gombas |
| 1286 |
|
|
| 1287 |
|
* lib/krb5/krb5.h: Add KRB5_PROMPT_TYPE_INFO |
| 1288 |
|
|
| 1289 |
< |
2006-05-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 1289 |
> |
2006-05-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 1290 |
|
|
| 1291 |
|
* lib/krb5/pkinit.c: Hidden field of hx509 prompter is removed. |
| 1292 |
|
Fix a warning. |
| 1307 |
|
* lib/krb5/krb5_acl_match_file.3: Various tweaks, from Jason |
| 1308 |
|
McIntyre. |
| 1309 |
|
|
| 1310 |
< |
2006-05-11 Love Hörnquist Åstrand <lha@it.su.se> |
| 1310 |
> |
2006-05-11 Love Hörnquist Åstrand <lha@it.su.se> |
| 1311 |
|
|
| 1312 |
|
* kuser/kinit.c: Move parsing of the PK-INIT configuration file to |
| 1313 |
|
the library so application doesn't need to deal with it. |
| 1322 |
|
* lib/krb5/pkinit.c (hx_pass_prompter): return 0 on success and 1 |
| 1323 |
|
on failure. Pointed out by Douglas E. Engert. |
| 1324 |
|
|
| 1325 |
< |
2006-05-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 1325 |
> |
2006-05-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 1326 |
|
|
| 1327 |
|
* lib/krb5/crypto.c: Catches both keyed checkout w/o crypto |
| 1328 |
|
context cases and doesn't reset the string, and corrects the |
| 1331 |
|
* lib/krb5/crypto.c: Drop aes-cbc, rc2 and CMS padding support, |
| 1332 |
|
its all containted in libhcrypto and libhx509 now. |
| 1333 |
|
|
| 1334 |
< |
2006-05-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 1334 |
> |
2006-05-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 1335 |
|
|
| 1336 |
|
* lib/krb5/pkinit.c (_krb5_pk_verify_sign): Use |
| 1337 |
|
hx509_get_one_cert. |
| 1339 |
|
* lib/krb5/crypto.c (create_checksum): provide a error message |
| 1340 |
|
that a key checksum needs a key. From Andew Bartlett. |
| 1341 |
|
|
| 1342 |
< |
2006-05-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 1342 |
> |
2006-05-06 Love Hörnquist Åstrand <lha@it.su.se> |
| 1343 |
|
|
| 1344 |
|
* lib/krb5/pkinit.c: Now that hcrypto supports DH, remove check |
| 1345 |
|
for hx509 null DH. |
| 1357 |
|
* kcm/acl.c: Multicache kcm interation isn't done yet, let wait |
| 1358 |
|
with this enum. |
| 1359 |
|
|
| 1360 |
< |
2006-05-05 Love Hörnquist Åstrand <lha@it.su.se> |
| 1360 |
> |
2006-05-05 Love Hörnquist Åstrand <lha@it.su.se> |
| 1361 |
|
|
| 1362 |
< |
* lib/krb5/krb5_set_default_realm.3: Spelling/mdoc from Björn |
| 1362 |
> |
* lib/krb5/krb5_set_default_realm.3: Spelling/mdoc from Björn |
| 1363 |
|
Sandell |
| 1364 |
|
|
| 1365 |
< |
* lib/krb5/krb5_rcache.3: Spelling/mdoc from Björn Sandell |
| 1365 |
> |
* lib/krb5/krb5_rcache.3: Spelling/mdoc from Björn Sandell |
| 1366 |
|
|
| 1367 |
< |
* lib/krb5/krb5_keytab.3: Spelling/mdoc from Björn Sandell |
| 1367 |
> |
* lib/krb5/krb5_keytab.3: Spelling/mdoc from Björn Sandell |
| 1368 |
|
|
| 1369 |
< |
* lib/krb5/krb5_get_in_cred.3: Spelling/mdoc from Björn Sandell |
| 1369 |
> |
* lib/krb5/krb5_get_in_cred.3: Spelling/mdoc from Björn Sandell |
| 1370 |
|
|
| 1371 |
< |
* lib/krb5/krb5_expand_hostname.3: Spelling/mdoc from Björn |
| 1371 |
> |
* lib/krb5/krb5_expand_hostname.3: Spelling/mdoc from Björn |
| 1372 |
|
Sandell |
| 1373 |
|
|
| 1374 |
< |
* lib/krb5/krb5_c_make_checksum.3: Spelling/mdoc from Björn |
| 1374 |
> |
* lib/krb5/krb5_c_make_checksum.3: Spelling/mdoc from Björn |
| 1375 |
|
Sandell |
| 1376 |
|
|
| 1377 |
|
* lib/krb5/keytab_file.c (fkt_next_entry_int): read the 32 bit |
| 1399 |
|
|
| 1400 |
|
* lib/krb5/store.c: Rewrite the krb5_ret_u as proposed by Johan. |
| 1401 |
|
|
| 1402 |
< |
2006-05-04 Love Hörnquist Åstrand <lha@it.su.se> |
| 1402 |
> |
2006-05-04 Love Hörnquist Åstrand <lha@it.su.se> |
| 1403 |
|
|
| 1404 |
|
* kdc/kerberos4.c: Use the new unsigned integer storage types. |
| 1405 |
|
|
| 1417 |
|
|
| 1418 |
|
* lib/krb5/test_store.c: Test the integer storage types. |
| 1419 |
|
|
| 1420 |
< |
2006-05-03 Love Hörnquist Åstrand <lha@it.su.se> |
| 1420 |
> |
2006-05-03 Love Hörnquist Åstrand <lha@it.su.se> |
| 1421 |
|
|
| 1422 |
|
* lib/krb5/store.c (krb5_store_principal): make it take a |
| 1423 |
|
krb5_const_principal, indent |
| 1432 |
|
|
| 1433 |
|
* kdc/config.c: read [kdc]pki-kdc-ocsp |
| 1434 |
|
|
| 1435 |
< |
2006-05-02 Love Hörnquist Åstrand <lha@it.su.se> |
| 1435 |
> |
2006-05-02 Love Hörnquist Åstrand <lha@it.su.se> |
| 1436 |
|
|
| 1437 |
|
* kdc/pkinit.c (_kdc_pk_mk_pa_reply): send back ocsp response if |
| 1438 |
|
it seems to be valid, simplfy the pkinit-windows DH case (it |
| 1439 |
|
doesn't exists). |
| 1440 |
|
|
| 1441 |
< |
2006-05-01 Love Hörnquist Åstrand <lha@it.su.se> |
| 1441 |
> |
2006-05-01 Love Hörnquist Åstrand <lha@it.su.se> |
| 1442 |
|
|
| 1443 |
< |
* lib/krb5/krb5_warn.3: Spelling/mdoc changes, from Björn Sandell. |
| 1443 |
> |
* lib/krb5/krb5_warn.3: Spelling/mdoc changes, from Björn Sandell. |
| 1444 |
|
|
| 1445 |
< |
* lib/krb5/krb5_verify_user.3: Spelling/mdoc changes, from Björn |
| 1445 |
> |
* lib/krb5/krb5_verify_user.3: Spelling/mdoc changes, from Björn |
| 1446 |
|
Sandell. |
| 1447 |
|
|
| 1448 |
|
* lib/krb5/krb5_verify_init_creds.3: Spelling/mdoc changes, from |
| 1449 |
< |
Björn Sandell. |
| 1449 |
> |
Björn Sandell. |
| 1450 |
|
|
| 1451 |
< |
* lib/krb5/krb5_timeofday.3: Spelling/mdoc changes, from Björn |
| 1451 |
> |
* lib/krb5/krb5_timeofday.3: Spelling/mdoc changes, from Björn |
| 1452 |
|
Sandell. |
| 1453 |
|
|
| 1454 |
< |
* lib/krb5/krb5_ticket.3: Spelling/mdoc changes, from Björn |
| 1454 |
> |
* lib/krb5/krb5_ticket.3: Spelling/mdoc changes, from Björn |
| 1455 |
|
Sandell. |
| 1456 |
|
|
| 1457 |
< |
* lib/krb5/krb5_rd_safe.3: Spelling/mdoc changes, from Björn |
| 1457 |
> |
* lib/krb5/krb5_rd_safe.3: Spelling/mdoc changes, from Björn |
| 1458 |
|
Sandell. |
| 1459 |
|
|
| 1460 |
< |
* lib/krb5/krb5_rcache.3: Spelling/mdoc changes, from Björn |
| 1460 |
> |
* lib/krb5/krb5_rcache.3: Spelling/mdoc changes, from Björn |
| 1461 |
|
Sandell. |
| 1462 |
|
|
| 1463 |
< |
* lib/krb5/krb5_principal.3: Spelling/mdoc changes, from Björn |
| 1463 |
> |
* lib/krb5/krb5_principal.3: Spelling/mdoc changes, from Björn |
| 1464 |
|
Sandell. |
| 1465 |
|
|
| 1466 |
< |
* lib/krb5/krb5_parse_name.3: Spelling/mdoc changes, from Björn |
| 1466 |
> |
* lib/krb5/krb5_parse_name.3: Spelling/mdoc changes, from Björn |
| 1467 |
|
Sandell. |
| 1468 |
|
|
| 1469 |
< |
* lib/krb5/krb5_mk_safe.3: Spelling/mdoc changes, from Björn |
| 1469 |
> |
* lib/krb5/krb5_mk_safe.3: Spelling/mdoc changes, from Björn |
| 1470 |
|
Sandell. |
| 1471 |
|
|
| 1472 |
< |
* lib/krb5/krb5_keyblock.3: Spelling/mdoc changes, from Björn |
| 1472 |
> |
* lib/krb5/krb5_keyblock.3: Spelling/mdoc changes, from Björn |
| 1473 |
|
Sandell. |
| 1474 |
|
|
| 1475 |
|
* lib/krb5/krb5_is_thread_safe.3: Spelling/mdoc changes, from |
| 1476 |
< |
Björn Sandell. |
| 1476 |
> |
Björn Sandell. |
| 1477 |
|
|
| 1478 |
|
* lib/krb5/krb5_generate_random_block.3: Spelling/mdoc changes, |
| 1479 |
< |
from Björn Sandell. |
| 1479 |
> |
from Björn Sandell. |
| 1480 |
|
|
| 1481 |
|
* lib/krb5/krb5_generate_random_block.3: Spelling/mdoc changes, |
| 1482 |
< |
from Björn Sandell. |
| 1482 |
> |
from Björn Sandell. |
| 1483 |
|
|
| 1484 |
|
* lib/krb5/krb5_expand_hostname.3: Spelling/mdoc changes, from |
| 1485 |
< |
Björn Sandell. |
| 1485 |
> |
Björn Sandell. |
| 1486 |
|
|
| 1487 |
|
* lib/krb5/krb5_check_transited.3: Spelling/mdoc changes, from |
| 1488 |
< |
Björn Sandell. |
| 1488 |
> |
Björn Sandell. |
| 1489 |
|
|
| 1490 |
|
* lib/krb5/krb5_c_make_checksum.3: Spelling/mdoc changes, from |
| 1491 |
< |
Björn Sandell. |
| 1491 |
> |
Björn Sandell. |
| 1492 |
|
|
| 1493 |
|
* lib/krb5/krb5_address.3: Spelling/mdoc changes, from |
| 1494 |
< |
Björn Sandell. |
| 1494 |
> |
Björn Sandell. |
| 1495 |
|
|
| 1496 |
|
* lib/krb5/krb5_acl_match_file.3: Spelling/mdoc changes, from |
| 1497 |
< |
Björn Sandell. |
| 1497 |
> |
Björn Sandell. |
| 1498 |
|
|
| 1499 |
< |
* lib/krb5/krb5.3: Spelling, from Björn Sandell. |
| 1499 |
> |
* lib/krb5/krb5.3: Spelling, from Björn Sandell. |
| 1500 |
|
|
| 1501 |
< |
* doc/ack.texi: add Björn |
| 1501 |
> |
* doc/ack.texi: add Björn |
| 1502 |
|
|
| 1503 |
< |
2006-04-30 Love Hörnquist Åstrand <lha@it.su.se> |
| 1503 |
> |
2006-04-30 Love Hörnquist Åstrand <lha@it.su.se> |
| 1504 |
|
|
| 1505 |
|
* lib/krb5/pkinit.c (cert2epi): don't include subject if its null |
| 1506 |
|
|
| 1507 |
< |
2006-04-29 Love Hörnquist Åstrand <lha@it.su.se> |
| 1507 |
> |
2006-04-29 Love Hörnquist Åstrand <lha@it.su.se> |
| 1508 |
|
|
| 1509 |
|
* lib/krb5/pkinit.c: Send over what trust anchors the client have |
| 1510 |
|
configured. |
| 1516 |
|
* kdc/pkinit.c (_kdc_pk_check_client): reorganize and make log |
| 1517 |
|
when a SAN matches. |
| 1518 |
|
|
| 1519 |
< |
2006-04-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 1519 |
> |
2006-04-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 1520 |
|
|
| 1521 |
|
* doc/setup.texi: More options and some text about windows |
| 1522 |
|
clients, certificate and KDCs. |
| 1529 |
|
|
| 1530 |
|
* lib/hdb/hdb.h: Bump hdb interface version to 4. |
| 1531 |
|
|
| 1532 |
< |
2006-04-27 Love Hörnquist Åstrand <lha@it.su.se> |
| 1532 |
> |
2006-04-27 Love Hörnquist Åstrand <lha@it.su.se> |
| 1533 |
|
|
| 1534 |
|
* kuser/kdestroy.1: Document --credential=principal. |
| 1535 |
|
|
| 1556 |
|
the entry and pass it in as a seprate argument. Add more flags to |
| 1557 |
|
->hdb_get(). Re-indent. |
| 1558 |
|
|
| 1559 |
< |
2006-04-26 Love Hörnquist Åstrand <lha@it.su.se> |
| 1559 |
> |
2006-04-26 Love Hörnquist Åstrand <lha@it.su.se> |
| 1560 |
|
|
| 1561 |
|
* doc/setup.texi: document pki-allow-proxy-certificate |
| 1562 |
|
|
| 1576 |
|
* kdc/kerberos5.c (find_keys): add client_name and server_name |
| 1577 |
|
argument and use them, and adapt callers. |
| 1578 |
|
|
| 1579 |
< |
2006-04-25 Love Hörnquist Åstrand <lha@it.su.se> |
| 1579 |
> |
2006-04-25 Love Hörnquist Åstrand <lha@it.su.se> |
| 1580 |
|
|
| 1581 |
|
* kuser/kinit.1: document option password-file |
| 1582 |
|
|
| 1594 |
|
* lib/hdb/keys.c (parse_key_set): handle error case better |
| 1595 |
|
(hdb_generate_key_set): return better error |
| 1596 |
|
|
| 1597 |
< |
2006-04-24 Love Hörnquist Åstrand <lha@it.su.se> |
| 1597 |
> |
2006-04-24 Love Hörnquist Åstrand <lha@it.su.se> |
| 1598 |
|
|
| 1599 |
|
* lib/hdb/hdb.c (hdb_create): print out what we don't support |
| 1600 |
|
|
| 1619 |
|
* lib/krb5/init_creds_pw.c: Pass down realm to |
| 1620 |
|
_krb5_pk_rd_pa_reply |
| 1621 |
|
|
| 1622 |
< |
2006-04-23 Love Hörnquist Åstrand <lha@it.su.se> |
| 1622 |
> |
2006-04-23 Love Hörnquist Åstrand <lha@it.su.se> |
| 1623 |
|
|
| 1624 |
|
* lib/krb5/pkinit.c (pk_verify_host): Add begining of finding |
| 1625 |
|
subjectAltName_otherName pk-init-san and verifing it. |
| 1639 |
|
|
| 1640 |
|
* tools/kdc-log-analyze.pl: count v5 cross realms too |
| 1641 |
|
|
| 1642 |
< |
2006-04-22 Love Hörnquist Åstrand <lha@it.su.se> |
| 1642 |
> |
2006-04-22 Love Hörnquist Åstrand <lha@it.su.se> |
| 1643 |
|
|
| 1644 |
|
* kdc/pkinit.c: Adapt to change in hx509_cms_create_signed_1. |
| 1645 |
|
|
| 1646 |
|
* lib/krb5/pkinit.c: Adapt to change in hx509_cms_create_signed_1. |
| 1647 |
|
|
| 1648 |
< |
2006-04-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 1648 |
> |
2006-04-20 Love Hörnquist Åstrand <lha@it.su.se> |
| 1649 |
|
|
| 1650 |
|
* kdc/pkinit.c (_kdc_pk_rd_padata): use |
| 1651 |
|
hx509_cms_unwrap_ContentInfo. |
| 1658 |
|
* kdc/config.c: Rename pki-chain to pki-pool to match rest of |
| 1659 |
|
code. |
| 1660 |
|
|
| 1661 |
< |
2006-04-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 1661 |
> |
2006-04-12 Love Hörnquist Åstrand <lha@it.su.se> |
| 1662 |
|
|
| 1663 |
|
* lib/krb5/rd_priv.c: Fix argument to krb5_data_zero. |
| 1664 |
|
|
| 1673 |
|
* lib/krb5/pkinit.c (_krb5_pk_load_id): Added certificate revoke |
| 1674 |
|
information, ie CRL's |
| 1675 |
|
|
| 1676 |
< |
2006-04-10 Love Hörnquist Åstrand <lha@it.su.se> |
| 1676 |
> |
2006-04-10 Love Hörnquist Åstrand <lha@it.su.se> |
| 1677 |
|
|
| 1678 |
|
* lib/krb5/replay.c (krb5_rc_resolve_full): make compile again. |
| 1679 |
|
|
| 1718 |
|
calloc. removed check that was never really used. Coverity NetBSD |
| 1719 |
|
CID#2370 |
| 1720 |
|
|
| 1721 |
< |
2006-04-09 Love Hörnquist Åstrand <lha@it.su.se> |
| 1721 |
> |
2006-04-09 Love Hörnquist Åstrand <lha@it.su.se> |
| 1722 |
|
|
| 1723 |
< |
* lib/krb5/rd_req.c (krb5_verify_ap_req2): make sure `ticket´ |
| 1723 |
> |
* lib/krb5/rd_req.c (krb5_verify_ap_req2): make sure `ticket´ |
| 1724 |
|
points to NULL in case of error, add error handling, use calloc. |
| 1725 |
|
|
| 1726 |
|
* kpasswd/kpasswdd.c (doit): when done, close all fd in the |
| 1727 |
|
sockets array and free it. Coverity NetBSD CID#1916 |
| 1728 |
|
|
| 1729 |
< |
2006-04-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 1729 |
> |
2006-04-08 Love Hörnquist Åstrand <lha@it.su.se> |
| 1730 |
|
|
| 1731 |
|
* lib/krb5/store.c (krb5_ret_principal): fix memory leak Coverity, |
| 1732 |
|
NetBSD CID#1695 |
| 1734 |
|
* kdc/524.c (_kdc_do_524): Handle memory allocation failure |
| 1735 |
|
Coverity, NetBSD CID#2752 |
| 1736 |
|
|
| 1737 |
< |
2006-04-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 1737 |
> |
2006-04-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 1738 |
|
|
| 1739 |
|
* lib/krb5/keytab_file.c (krb5_kt_ret_principal): plug a memory |
| 1740 |
|
leak Coverity NetBSD CID#1890 |
| 1749 |
|
|
| 1750 |
|
* kdc/hprop.c (main): remove dead code. Coverity NetBSD CID#633 |
| 1751 |
|
|
| 1752 |
< |
2006-04-04 Love Hörnquist Åstrand <lha@it.su.se> |
| 1752 |
> |
2006-04-04 Love Hörnquist Åstrand <lha@it.su.se> |
| 1753 |
|
|
| 1754 |
|
* kpasswd/kpasswd-generator.c (read_words): catch empty file case, |
| 1755 |
|
will cause PBE (division by zero) later. From Tobias Stoeckmann. |
| 1756 |
|
|
| 1757 |
< |
2006-04-02 Love Hörnquist Åstrand <lha@it.su.se> |
| 1757 |
> |
2006-04-02 Love Hörnquist Åstrand <lha@it.su.se> |
| 1758 |
|
|
| 1759 |
|
* lib/hdb/keytab.c: Remove a delta from last revision that should |
| 1760 |
|
have gone in later. |
| 1832 |
|
* lib/krb5/log.c (krb5_addlog_dest): make string length match |
| 1833 |
|
strings in strcasecmp. Found by IBM checker. |
| 1834 |
|
|
| 1835 |
< |
2006-03-30 Love Hörnquist Åstrand <lha@it.su.se> |
| 1835 |
> |
2006-03-30 Love Hörnquist Åstrand <lha@it.su.se> |
| 1836 |
|
|
| 1837 |
|
* lib/hdb/hdb-ldap.c (LDAP_message2entry): in declaration set |
| 1838 |
|
variable_name as "hdb_entry_ex" |
| 1846 |
|
* kuser/kinit.c: Add pool of certificates to help certificate path |
| 1847 |
|
building for clients sending incomplete path in the signedData. |
| 1848 |
|
|
| 1849 |
< |
2006-03-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 1849 |
> |
2006-03-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 1850 |
|
|
| 1851 |
|
* kdc/pkinit.c: Add pool of certificates to help certificate path |
| 1852 |
|
building for clients sending incomplete path in the signedData. |
| 1855 |
|
path building for clients sending incomplete path in the |
| 1856 |
|
signedData. |
| 1857 |
|
|
| 1858 |
< |
2006-03-27 Love Hörnquist Åstrand <lha@it.su.se> |
| 1858 |
> |
2006-03-27 Love Hörnquist Åstrand <lha@it.su.se> |
| 1859 |
|
|
| 1860 |
|
* kdc/config.c: Allow passing in related certificates used to |
| 1861 |
|
build the chain. |
| 1872 |
|
|
| 1873 |
|
* tools/Makefile.am: Add hx509 when using PK-INIT. |
| 1874 |
|
|
| 1875 |
< |
2006-03-26 Love Hörnquist Åstrand <lha@it.su.se> |
| 1875 |
> |
2006-03-26 Love Hörnquist Åstrand <lha@it.su.se> |
| 1876 |
|
|
| 1877 |
|
* lib/krb5/acache.c: Use ticket flags definition, might fix Mac OS |
| 1878 |
|
X Kerberos.app problems. |
| 1896 |
|
|
| 1897 |
|
* lib/krb5/pkinit.c: Switch to hx509. |
| 1898 |
|
|
| 1899 |
< |
2006-03-24 Love Hörnquist Åstrand <lha@it.su.se> |
| 1899 |
> |
2006-03-24 Love Hörnquist Åstrand <lha@it.su.se> |
| 1900 |
|
|
| 1901 |
|
* kdc/kerberos5.c (log_patypes): log the patypes requested by the |
| 1902 |
|
client |
| 1903 |
|
|
| 1904 |
< |
2006-03-23 Love Hörnquist Åstrand <lha@it.su.se> |
| 1904 |
> |
2006-03-23 Love Hörnquist Åstrand <lha@it.su.se> |
| 1905 |
|
|
| 1906 |
|
* lib/krb5/pkinit.c (_krb5_pk_rd_pa_reply): pass down the |
| 1907 |
|
req_buffer in the w2k case too. From Douglas E. Engert. |
| 1908 |
|
|
| 1909 |
< |
2006-03-19 Love Hörnquist Åstrand <lha@it.su.se> |
| 1909 |
> |
2006-03-19 Love Hörnquist Åstrand <lha@it.su.se> |
| 1910 |
|
|
| 1911 |
|
* lib/krb5/mk_req_ext.c (_krb5_mk_req_internal): on failure, goto |
| 1912 |
|
error handling. Fixes Coverity NetBSD CID 2591 by catching a |
| 1913 |
|
failing krb5_copy_keyblock() |
| 1914 |
|
|
| 1915 |
< |
2006-03-17 Love Hörnquist Åstrand <lha@it.su.se> |
| 1915 |
> |
2006-03-17 Love Hörnquist Åstrand <lha@it.su.se> |
| 1916 |
|
|
| 1917 |
|
* lib/krb5/addr_families.c (krb5_free_addresses): reset val,len in |
| 1918 |
|
address when free-ing. Fixes Coverity NetBSD bug #2605 |
| 1919 |
|
(krb5_parse_address): reset val,len before possibly return errors |
| 1920 |
|
Fixes Coverity NetBSD bug #2605 |
| 1921 |
|
|
| 1922 |
< |
2006-03-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 1922 |
> |
2006-03-07 Love Hörnquist Åstrand <lha@it.su.se> |
| 1923 |
|
|
| 1924 |
|
* lib/krb5/send_to_kdc.c (recv_loop): it should never happen, but |
| 1925 |
|
make sure nbytes > 0 |
| 1930 |
|
* lib/krb5/crypto.c (decrypt_*): handle the case where the |
| 1931 |
|
plaintext is 0 bytes long, realloc might then return NULL. |
| 1932 |
|
|
| 1933 |
< |
2006-02-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 1933 |
> |
2006-02-28 Love Hörnquist Åstrand <lha@it.su.se> |
| 1934 |
|
|
| 1935 |
|
* lib/krb5/krb5_string_to_key.3: Drop krb5_string_to_key_derived. |
| 1936 |
|
|
| 1949 |
|
else, they should be around the example, not inside it, and |
| 1950 |
|
probably shouldn't be used in html at all |
| 1951 |
|
|
| 1952 |
< |
2006-02-18 Love Hörnquist Åstrand <lha@it.su.se> |
| 1952 |
> |
2006-02-18 Love Hörnquist Åstrand <lha@it.su.se> |
| 1953 |
|
|
| 1954 |
|
* lib/krb5/krb5_warn.3: Document that applications want to use |
| 1955 |
|
krb5_get_error_message, add example. |
| 1956 |
|
|
| 1957 |
< |
2006-02-16 Love Hörnquist Åstrand <lha@it.su.se> |
| 1957 |
> |
2006-02-16 Love Hörnquist Åstrand <lha@it.su.se> |
| 1958 |
|
|
| 1959 |
|
* lib/krb5/crypto.c (krb5_generate_random_block): check return |
| 1960 |
|
value from RAND_bytes |
| 1961 |
|
|
| 1962 |
|
* lib/krb5/error_string.c: Change indentation, update (c) |
| 1963 |
|
|
| 1964 |
< |
2006-02-14 Love Hörnquist Åstrand <lha@it.su.se> |
| 1964 |
> |
2006-02-14 Love Hörnquist Åstrand <lha@it.su.se> |
| 1965 |
|
|
| 1966 |
|
* lib/krb5/pkinit.c: Make struct krb5_dh_moduli available when |
| 1967 |
|
compiling w/o pkinit. |
| 1968 |
|
|
| 1969 |
< |
2006-02-13 Love Hörnquist Åstrand <lha@it.su.se> |
| 1969 |
> |
2006-02-13 Love Hörnquist Åstrand <lha@it.su.se> |
| 1970 |
|
|
| 1971 |
|
* lib/krb5/pkinit.c: update to new paChecksum definition, update |
| 1972 |
|
the dhgroup handling |
| 1974 |
|
* kdc/pkinit.c: update to new paChecksum definition, use |
| 1975 |
|
hdb_entry_ex |
| 1976 |
|
|
| 1977 |
< |
2006-02-09 Love Hörnquist Åstrand <lha@it.su.se> |
| 1977 |
> |
2006-02-09 Love Hörnquist Åstrand <lha@it.su.se> |
| 1978 |
|
|
| 1979 |
|
* lib/krb5/krb5_locl.h: Move Configurable options to last in the |
| 1980 |
|
file. |
| 1981 |
|
|
| 1982 |
|
* lib/krb5/krb5_locl.h: Wrap KRB5_ADDRESSLESS_DEFAULT with #ifndef |
| 1983 |
|
|
| 1984 |
< |
2006-02-03 Love Hörnquist Åstrand <lha@it.su.se> |
| 1984 |
> |
2006-02-03 Love Hörnquist Åstrand <lha@it.su.se> |
| 1985 |
|
|
| 1986 |
|
* kpasswd/kpasswdd.c: Send back a better error-message to the |
| 1987 |
|
client in case the password change was rejected. |
| 2011 |
|
* lib/krb5/krb5_locl.h: Introduce KRB5_ADDRESSLESS_DEFAULT that |
| 2012 |
|
controlls all address-less behavior. Defaults to false. |
| 2013 |
|
|
| 2014 |
< |
2006-02-01 Love Hörnquist Åstrand <lha@it.su.se> |
| 2014 |
> |
2006-02-01 Love Hörnquist Åstrand <lha@it.su.se> |
| 2015 |
|
|
| 2016 |
|
* lib/krb5/n-fold-test.c: main is not a KRB5_LIB_FUNCTION |
| 2017 |
|
|
| 2018 |
|
* lib/krb5/mk_priv.c (krb5_mk_priv): abort if ASN1_MALLOC_ENCODE |
| 2019 |
|
failes to produce the matching lenghts. |
| 2020 |
|
|
| 2021 |
< |
2006-01-27 Love Hörnquist Åstrand <lha@it.su.se> |
| 2021 |
> |
2006-01-27 Love Hörnquist Åstrand <lha@it.su.se> |
| 2022 |
|
|
| 2023 |
|
* kcm/protocol.c (kcm_op_retrieve): remove unused variable |
| 2024 |
|
|
| 2025 |
< |
2006-01-15 Love Hörnquist Åstrand <lha@it.su.se> |
| 2025 |
> |
2006-01-15 Love Hörnquist Åstrand <lha@it.su.se> |
| 2026 |
|
|
| 2027 |
|
* tools/krb5-config.in: Move depenency on @LIB_dbopen@ to |
| 2028 |
|
kadm-server, kerberos library doesn't depend on db-library. |
| 2029 |
|
|
| 2030 |
< |
2006-01-13 Love Hörnquist Åstrand <lha@it.su.se> |
| 2030 |
> |
2006-01-13 Love Hörnquist Åstrand <lha@it.su.se> |
| 2031 |
|
|
| 2032 |
|
* include/Makefile.am: Don't clean crypto headers, they now live |
| 2033 |
|
in hcrypto/. Add hcrypto to SUBDIRS. |
| 2039 |
|
* include/make_crypto.c: Include more crypto headerfiles. Remove |
| 2040 |
|
support for old hash names. |
| 2041 |
|
|
| 2042 |
< |
2006-01-02 Love Hörnquist Åstrand <lha@it.su.se> |
| 2042 |
> |
2006-01-02 Love Hörnquist Åstrand <lha@it.su.se> |
| 2043 |
|
|
| 2044 |
|
* kdc/misc.c (_kdc_db_fetch): use calloc to allocate the entry, |
| 2045 |
|
from Andrew Bartlet. |
