| 12002-09-16 Jacques Vidrine <nectar@kth.se> 2 3 * lib/krb5/kuserok.c, lib/krb5/prompter_posix.c: use strcspn 4 to convert the newline to NUL in fgets results. 5 62002-09-13 Johan Danielsson <joda@pdc.kth.se> 7 8 * kuser/kinit.1: remove unneeded Ns 9 10 * lib/krb5/krb5_appdefault.3: remove extra "application" 11 12 * fix-export: remove autom4ate.cache 13 142002-09-10 Johan Danielsson <joda@pdc.kth.se> 15 16 * include/make_crypto.c: don't use function macros if possible 17 18 * lib/krb5/krb5_locl.h: get limits.h for UINT_MAX 19 20 * include/Makefile.am: use make_crypto to create crypto-headers.h 21 22 * include/make_crypto.c: crypto header generation tool 23 24 * configure.in: move crypto test to just after testing for krb4, 25 and move roken tests to after both, this speeds up various failure 26 cases with krb4 27 28 * lib/krb5/config_file.c: don't use NULL when we mean 0 29 30 * configure.in: we don't set package_libdir anymore, so no point 31 in testing for it 32 33 * tools/Makefile.am: subst INCLUDE_des 34 35 * tools/krb5-config.in: add INCLUDE_des to cflags 36 37 * configure.in: use AC_CONFIG_SRCDIR 38 39 * fix-export: remove some unneeded stuff 40 41 * kuser/kinit.c (do_524init): free principals 42 432002-09-09 Jacques Vidrine <nectar@kth.se> 44 45 * kdc/kerberos5.c (get_pa_etype_info, fix_transited_encoding), 46 kdc/kaserver.c (krb5_ret_xdr_data), 47 lib/krb5/transited.c (krb5_domain_x500_decode): Validate some 48 counts: Check that they are non-negative, and that they are small 49 enough to avoid integer overflow when used in memory allocation 50 calculations. Potential problem areas pointed out by 51 Sebastian Krahmer <krahmer@suse.de>. 52 53 * lib/krb5/keytab_keyfile.c (akf_add_entry): Use O_EXCL when 54 creating a new keyfile. 55 562002-09-09 Johan Danielsson <joda@pdc.kth.se> 57 58 * configure.in: don't try to build pam module 59 602002-09-05 Johan Danielsson <joda@pdc.kth.se> 61 62 * appl/kf/kf.c: fix warning string 63 64 * lib/krb5/log.c (krb5_vlog_msg): delay message formating till we 65 know we need it 66 672002-09-04 Assar Westerlund <assar@kth.se> 68 69 * kdc/kerberos5.c (encode_reply): correct error logging 70 712002-09-04 Johan Danielsson <joda@pdc.kth.se> 72 73 * lib/krb5/sendauth.c: close ccache if we opened it 74 75 * appl/kf/kf.c: handle new protocol 76 77 * appl/kf/kfd.c: use krb5_err instead of sysloging directly, 78 handle the new protocol, and bail out if an old client tries to 79 connect 80 81 * appl/kf/kf_locl.h: we need a protocol version string 82 83 * lib/hdb/hdb-ldap.c: use ASN1_MALLOC_ENCODE 84 85 * kdc/kerberos5.c: use ASN1_MALLOC_ENCODE 86 87 * kdc/hprop.c: set AP_OPTS_USE_SUBKEY 88 89 * lib/hdb/common.c: use ASN1_MALLOC_ENCODE 90 91 * lib/asn1/gen.c: add convenience macro that allocates a buffer 92 and encoded into that 93 94 * lib/krb5/get_cred.c (init_tgs_req): use 95 in_creds->session.keytype literally instead of trying to convert 96 to a list of enctypes (it should already be an enctype) 97 98 * lib/krb5/get_cred.c (init_tgs_req): init ret 99 1002002-09-03 Johan Danielsson <joda@pdc.kth.se> 101 102 * lib/asn1/k5.asn1: remove ETYPE_DES3_CBC_NONE_IVEC 103 104 * lib/krb5/krb5.h: remove ENCTYPE_DES3_CBC_NONE_IVEC 105 106 * lib/krb5/crypto.c: get rid of DES3_CBC_encrypt_ivec, just use 107 zero ivec in DES3_CBC_encrypt if passed ivec is NULL 108 109 * lib/krb5/Makefile.am: back out 1.144, since it will re-create 110 krb5-protos.h at build-time, which requires perl, which is bad 111 112 * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): don't 113 blindly use the local subkey 114 115 * lib/krb5/crypto.c: add function krb5_crypto_getblocksize that 116 extracts the required blocksize from a crypto context 117 118 * lib/krb5/build_auth.c: just get the length of the encoded 119 authenticator instead of trying to grow a buffer 120 1212002-09-03 Assar Westerlund <assar@kth.se> 122 123 * configure.in: add --disable-mmap option, and tests for 124 sys/mman.h and mmap 125 1262002-09-03 Jacques Vidrine <nectar@kth.se> 127 128 * lib/krb5/changepw.c: verify lengths in response 129 130 * lib/asn1/der_get.c (decode_integer, decode_unsigned): check for 131 truncated integers 132 1332002-09-02 Johan Danielsson <joda@pdc.kth.se> 134 135 * lib/krb5/mk_req_ext.c: generate a local subkey if 136 AP_OPTS_USE_SUBKEY is set 137 138 * lib/krb5/build_auth.c: we don't have enough information about 139 whether to generate a local subkey here, so don't try to 140 141 * lib/krb5/auth_context.c: new function 142 krb5_auth_con_generatelocalsubkey 143 144 * lib/krb5/get_in_tkt.c: only set kdc_sec_offset if looking at an 145 initial ticket 146 147 * lib/krb5/context.c (init_context_from_config_file): simplify 148 initialisation of srv_lookup 149 150 * lib/krb5/changepw.c (send_request): set AP_OPTS_USE_SUBKEY 151 152 * lib/krb5/krb5.h: add AP_OPTS_USE_SUBKEY 153 1542002-08-30 Assar Westerlund <assar@kth.se> 155 156 * lib/krb5/name-45-test.c: also test krb5_524_conv_principal 157 * lib/krb5/Makefile.am (TESTS): add name-45-test 158 * lib/krb5/name-45-test.c: add testcases for 159 krb5_425_conv_principal 160 1612002-08-29 Assar Westerlund <assar@kth.se> 162 163 * lib/krb5/parse-name-test.c: also test unparse_short functions 164 * lib/asn1/asn1_print.c: use com_err/error_message API 165 * lib/krb5/Makefile.am: add parse-name-test 166 * lib/krb5/parse-name-test.c: add a program for testing parsing 167 and unparsing principal names 168
|