2002-08-28 Assar Westerlund * kdc/config.c: add missing ifdef DAEMON 2002-08-28 Johan Danielsson * configure.in: use rk_SUNOS * kdc/config.c: add detach options * kdc/main.c: maybe detach from console? * kdc/kdc.8: markup changes * configure.in: AC_TEST_PACKAGE_NEW -> rk_TEST_PACKAGE * configure.in: use rk_TELNET, rename some other macros, and don't add -ldes to krb4 link command * kuser/kinit.1: whitespace fix (from NetBSD) * include/bits.c: we may need unistd.h for ssize_t 2002-08-26 Assar Westerlund * lib/krb5/principal.c (krb5_425_conv_principal_ext): lookup AAAA rrs before A ones when using the resolver to verify a mapping, also use getaddrinfo when resolver is not available * lib/hdb/keytab.c (find_db): const-correctness in parameters to krb5_config_get_next * lib/asn1/gen.c: include in the generated files (for memset) 2002-08-22 Assar Westerlund * lib/krb5/test_get_addrs.c, lib/krb5/krbhst-test.c: make it use getarg so that it can handle --help and --version (and thus make check can pass) * lib/asn1/check-der.c: make this build again 2002-08-22 Assar Westerlund * lib/asn1/der_get.c (der_get_int): handle len == 0. based on a patch from Love 2002-08-22 Johan Danielsson * lib/krb5/krb5.h: we seem to call KRB5KDC_ERR_KEY_EXP KRB5KDC_ERR_KEY_EXPIRED, so define the former to the latter * kdc/kdc.8: add blurb about adding and removing addresses; update kdc.conf section to match reality * configure.in: KRB_SENDAUTH_VLEN seems to always have existed, so don't define it 2002-08-21 Assar Westerlund * lib/asn1/asn1_print.c: print OIDs too, based on a patch from Love 2002-08-21 Johan Danielsson * kuser/kinit.c (do_v4_fallback): don't use krb_get_pw_in_tkt2 since it might not exist, and we don't actually care about the key 2002-08-20 Johan Danielsson * lib/krb5/krb5.conf.5: correct documentation for verify_ap_req_nofail * lib/krb5/log.c: rename syslog_data to avoid name conflicts (from Mattias Amnefelt) * kuser/klist.c (display_tokens): increase token buffer size, and add more checks of the kernel data (from Love) 2002-08-19 Johan Danielsson * fix-export: use make to parse Makefile.am instead of perl * configure.in: use argument-less AM_INIT_AUTOMAKE, now that it groks AC_INIT with package name etc. * kpasswd/kpasswdd.c: include * lib/asn1/asn1_print.c: include com_right.h * lib/krb5/addr_families.c: socklen_t -> krb5_socklen_t * include/bits.c: define krb5_socklen_t type; this should really go someplace else, but this was easy * lib/krb5/verify_krb5_conf.c: don't bail out if parsing of a file fails, just warn about it * kdc/log.c (kdc_openlog): no need for a config_file parameter * kdc/config.c: just treat kdc.conf like any other config file * lib/krb5/context.c (krb5_get_default_config_files): ignore duplicate files 2002-08-16 Johan Danielsson * lib/krb5/krb5.h: turn strings into pointers, so we can assign to them * lib/krb5/constants.c: turn strings into pointers, so we can assign to them * lib/krb5/get_addrs.c (get_addrs_int): initialise res if SCAN_INTERFACES is not set * lib/krb5/context.c: fix various borked stuff in previous commits 2002-08-16 Jacques Vidrine * lib/krb5/krbhst.c (kpasswd_get_next): if we fall back to using the `admin_server' entry for kpasswd, override the `proto' result to be UDP. 2002-08-15 Johan Danielsson * lib/krb5/auth_context.c: check return value of krb5_sockaddr2address * lib/krb5/addr_families.c: check return value of krb5_sockaddr2address * lib/krb5/context.c: get the default keytab from KRB5_KTNAME 2002-08-14 Johan Danielsson * lib/krb5/verify_krb5_conf.c: allow parsing of more than one file * lib/krb5/context.c: allow changing config files with the function krb5_set_config_files, there are also related functions krb5_get_default_config_files and krb5_free_config_files; these should work similar to their MIT counterparts * lib/krb5/config_file.c: allow the use of more than one config file by using the new function krb5_config_parse_file_multi 2002-08-12 Johan Danielsson * use sysconfdir instead of /etc * configure.in: require autoconf 2.53; rename dpagaix_LDFLAGS etc to appease automake; force sysconfdir and localstatedir to /etc and /var/heimdal for now * kdc/connect.c (addr_to_string): check return value of sockaddr2address 2002-08-09 Johan Danielsson * lib/krb5/rd_cred.c: if the remote address isn't an addrport, don't try comparing to one; this should make old clients work with new servers * lib/asn1/gen_decode.c: remove unused variable 2002-07-31 Johan Danielsson * kdc/{kerberos5,524}.c: ENOENT -> HDB_ERR_NOENTRY (from Derrick Brashear) * lib/krb5/principal.c: actually lower case the lower case instance name (spotted by Derrick Brashear) 2002-07-24 Johan Danielsson * fix-export: if DATEDVERSION is set, change the version to current date * configure.in: don't use AC_PROG_RANLIB, and use magic foo to set LTLIBOBJS 2002-07-04 Johan Danielsson * kdc/connect.c: add some cache-control-foo to the http responses (from Gombas Gabor) * lib/krb5/addr_families.c (krb5_print_address): don't copy size if ret_len == NULL 2002-06-28 Johan Danielsson * kuser/klist.c (display_tokens): don't bail out before we get EDOM (signaling the end of the tokens), the kernel can also return ENOTCONN, meaning that the index does not exist anymore (for example if the token has expired) 2002-06-06 Johan Danielsson * lib/krb5/changepw.c: make sure we return an error if there are no changepw hosts found; from Wynn Wilkes 2002-05-29 Johan Danielsson * lib/krb5/cache.c (krb5_cc_register): break out of loop when the same type is found; spotted by Wynn Wilkes 2002-05-15 Johan Danielsson * kdc/kerberos5.c: don't free encrypted padata until we're really done with it 2002-05-07 Johan Danielsson * kdc/kerberos5.c: when decrypting pa-data, try all keys matching enctype * kuser/kinit.1: document -a * kuser/kinit.c: add command line switch for extra addresses 2002-04-30 Johan Danielsson * configure.in: remove some duplicate tests * configure.in: use AC_HELP_STRING 2002-04-29 Johan Danielsson * lib/krb5/crypto.c (usage2arcfour): don't abort if the usage is unknown 2002-04-25 Johan Danielsson * configure.in: use rk_DESTDIRS 2002-04-22 Johan Danielsson * lib/krb5/krb5_verify_user.3: make it clear that _lrealm modifies the principal 2002-04-19 Johan Danielsson * lib/krb5/verify_init.c: fix typo in error string 2002-04-18 Johan Danielsson * acconfig.h: remove some stuff that is defined elsewhere * lib/krb5/krb5_locl.h: include * lib/krb5/acl.c: rename acl_string parameter * lib/krb5/Makefile.am: remove __P from protos, and put parameter names in comments * kuser/klist.c: better align some headers * kdc/kerberos4.c: storage tweaks * kdc/kaserver.c: storage tweaks * kdc/524.c: storage tweaks * lib/krb5/keytab_krb4.c: storage tweaks * lib/krb5/keytab_keyfile.c: storage tweaks * lib/krb5/keytab_file.c: storage tweaks; also try to handle zero sized keytab files * lib/krb5/keytab_any.c: use KRB5_KT_END instead of KRB5_CC_END * lib/krb5/fcache.c: storage tweaks * lib/krb5/store_mem.c: make the krb5_storage opaque, and add function wrappers for store/fetch/seek, and also make the eof-code configurable * lib/krb5/store_fd.c: make the krb5_storage opaque, and add function wrappers for store/fetch/seek, and also make the eof-code configurable * lib/krb5/store_emem.c: make the krb5_storage opaque, and add function wrappers for store/fetch/seek, and also make the eof-code configurable * lib/krb5/store.c: make the krb5_storage opaque, and add function wrappers for store/fetch/seek, and also make the eof-code configurable * lib/krb5/store-int.h: make the krb5_storage opaque, and add function wrappers for store/fetch/seek, and also make the eof-code configurable * lib/krb5/krb5.h: make the krb5_storage opaque, and add function wrappers for store/fetch/seek, and also make the eof-code configurable * include/bits.c: include to get socklen_t * kdc/kerberos5.c (get_pa_etype_info): sort ETYPE-INFOs by requested KDC-REQ etypes * kdc/hpropd.c: constify * kdc/hprop.c: constify * kdc/string2key.c: constify * kdc/kdc_locl.h: make port_str const * kdc/config.c: constify * lib/krb5/config_file.c: constify * kdc/kstash.c: constify * lib/krb5/verify_user.c: remove unnecessary cast * lib/krb5/recvauth.c: constify * lib/krb5/principal.c (krb5_parse_name): const qualify * lib/krb5/mcache.c (mcc_get_name): constify return type * lib/krb5/context.c (krb5_free_context): don't try to free the ccache prefix * lib/krb5/cache.c (krb5_cc_register): don't make a copy of the prefix * lib/krb5/krb5.h: constify some struct members * lib/krb5/log.c: constify * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): const qualify * lib/krb5/get_in_tkt.c (krb5_init_etype): constify * lib/krb5/crypto.c: constify some * lib/krb5/config_file.c: constify * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): constify local variable * lib/krb5/addr_families.c (ipv4_sockaddr2port): constify 2002-04-17 Johan Danielsson * lib/krb5/verify_krb5_conf.c: add some log checking * lib/krb5/log.c (krb5_addlog_dest): reorganise syslog parsing 2002-04-16 Johan Danielsson * lib/krb5/crypto.c (krb5_crypto_init): check that the key size matches the expected length 2002-03-27 Johan Danielsson * lib/krb5/send_to_kdc.c: rename send parameter to send_data * lib/krb5/mk_error.c: rename ctime parameter to client_time 2002-03-22 Johan Danielsson * kdc/kerberos5.c (find_etype): unsigned -> krb5_enctype (from Reinoud Zandijk) 2002-03-18 Johan Danielsson * lib/asn1/k5.asn1: add the GSS-API checksum type here 2002-03-11 Assar Westerlund * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to 18:3:1 * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 7:5:0 * lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump version to 6:0:0 2002-03-10 Assar Westerlund * lib/krb5/rd_cred.c: handle addresses with port numbers * lib/krb5/keytab_file.c, lib/krb5/keytab.c: store the kvno % 256 as the byte and the complete 32 bit kvno after the end of the current keytab entry * lib/krb5/init_creds_pw.c: handle LR_PW_EXPTIME and LR_ACCT_EXPTIME in the same way * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): handle ports giving for the remote address * lib/krb5/get_cred.c: get a ticket with no addresses if no-addresses is set * lib/krb5/crypto.c: rename functions DES_* to krb5_* to avoid colliding with modern openssl * lib/krb5/addr_families.c: make all functions taking 'struct sockaddr' actually take a socklen_t instead of int and that acts as an in-out parameter (indicating the maximum length of the sockaddr to be written) * kdc/kerberos4.c: make the kvno's in the krb4 universe by the real one % 256, since they cannot only be 8 bit, and the v5 ones are actually 32 bits 2002-02-15 Johan Danielsson * lib/krb5/keytab_keyfile.c (akf_add_entry): don't create the file before we need to write to it (from Åke Sandgren) 2002-02-14 Johan Danielsson * configure.in: rk_RETSIGTYPE and rk_BROKEN_REALLOC are called via rk_ROKEN (from Gombas Gabor); find inttypes by CHECK_TYPES directly * lib/krb5/rd_safe.c: actually use the correct key (from Daniel Kouril) 2002-02-12 Johan Danielsson * lib/krb5/context.c (krb5_get_err_text): protect against NULL context 2002-02-11 Johan Danielsson * admin/ktutil.c: no need to use the "modify" keytab anymore * lib/krb5/keytab_any.c: implement add and remove * lib/krb5/keytab_krb4.c: implement add and remove * lib/krb5/store_emem.c (emem_free): clear memory before freeing (this should perhaps be selectable with a flag) 2002-02-04 Johan Danielsson * kdc/config.c (get_dbinfo): if there are database specifications in the config file, don't automatically try to use the default values (from Gombas Gabor) * lib/krb5/log.c (krb5_closelog): don't pass pointer to pointer (from Gombas Gabor) 2002-01-30 Johan Danielsson * admin/list.c: get the default keytab from krb5.conf, and list all parts of an ANY type keytab * lib/krb5/context.c: default default_keytab_modify to NULL * lib/krb5/keytab.c (krb5_kt_default_modify_name): if no modify name is specified take it from the first component of the default keytab name 2002-01-29 Johan Danielsson * lib/krb5/keytab.c: compare keytab types case insensitively 2002-01-07 Assar Westerlund * lib/krb5/crypto.c (create_checksum): make usage `unsigned' (it's not really a krb5_key_usage). From Ben Harris * lib/krb5/get_in_tkt.c: use krb5_enctype consistently. From Ben Harris * lib/krb5/crypto.c: use krb5_enctype consistently. From Ben Harris * kdc/kerberos5.c: use krb5_enctype consistently. From Ben Harris