ChangeLog revision 103423
12002-09-03 Johan Danielsson <joda@pdc.kth.se> 2 3 * wrap.c (wrap_des3): use ETYPE_DES3_CBC_NONE 4 5 * unwrap.c (unwrap_des3): use ETYPE_DES3_CBC_NONE 6 72002-09-02 Johan Danielsson <joda@pdc.kth.se> 8 9 * init_sec_context.c: we need to generate a local subkey here 10 112002-08-20 Jacques Vidrine <n@nectar.com> 12 13 * acquire_cred.c, inquire_cred.c, release_cred.c: Use default 14 credential resolution if gss_acquire_cred is called with 15 GSS_C_NO_NAME. 16 172002-06-20 Jacques Vidrine <n@nectar.com> 18 19 * import_name.c: Compare name types by value if pointers do 20 not match. Reported by: "Douglas E. Engert" <deengert@anl.gov> 21 222002-05-20 Jacques Vidrine <n@nectar.com> 23 24 * verify_mic.c (gss_verify_mic), unwrap.c (gss_unwrap): initialize 25 the qop_state parameter. from Doug Rabson <dfr@nlsystems.com> 26 272002-05-09 Jacques Vidrine <n@nectar.com> 28 29 * acquire_cred.c: handle GSS_C_INITIATE/GSS_C_ACCEPT/GSS_C_BOTH 30 312002-05-08 Jacques Vidrine <n@nectar.com> 32 33 * acquire_cred.c: initialize gssapi; handle null desired_name 34 352002-03-22 Johan Danielsson <joda@pdc.kth.se> 36 37 * Makefile.am: remove non-functional stuff accidentally committed 38 392002-03-11 Assar Westerlund <assar@sics.se> 40 41 * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:5:2 42 * 8003.c (gssapi_krb5_verify_8003_checksum): handle zero channel 43 bindings 44 452001-10-31 Jacques Vidrine <n@nectar.com> 46 47 * get_mic.c (mic_des3): MIC computation using DES3/SHA1 48 was bogusly appending the message buffer to the result, 49 overwriting a heap buffer in the process. 50 512001-08-29 Assar Westerlund <assar@sics.se> 52 53 * 8003.c (gssapi_krb5_verify_8003_checksum, 54 gssapi_krb5_create_8003_checksum): make more consistent by always 55 returning an gssapi error and setting minor status. update 56 callers 57 582001-08-28 Jacques Vidrine <n@nectar.com> 59 60 * accept_sec_context.c: Create a cache for delegated credentials 61 when needed. 62 632001-08-28 Assar Westerlund <assar@sics.se> 64 65 * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:4:2 66 672001-08-23 Assar Westerlund <assar@sics.se> 68 69 * *.c: handle minor_status more consistently 70 71 * display_status.c (gss_display_status): handle krb5_get_err_text 72 failing 73 742001-08-15 Johan Danielsson <joda@pdc.kth.se> 75 76 * gssapi_locl.h: fix prototype for gssapi_krb5_init 77 782001-08-13 Johan Danielsson <joda@pdc.kth.se> 79 80 * accept_sec_context.c (gsskrb5_register_acceptor_identity): init 81 context and check return value from kt_resolve 82 83 * init.c: return error code 84 852001-07-19 Assar Westerlund <assar@sics.se> 86 87 * Makefile.am (libgssapi_la_LDFLAGS): update to 3:3:2 88 892001-07-12 Assar Westerlund <assar@sics.se> 90 91 * Makefile.am (libgssapi_la_LIBADD): add required library 92 dependencies 93 942001-07-06 Assar Westerlund <assar@sics.se> 95 96 * accept_sec_context.c (gsskrb5_register_acceptor_identity): set 97 the keytab to be used for gss_acquire_cred too' 98 992001-07-03 Assar Westerlund <assar@sics.se> 100 101 * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:2:2 102 1032001-06-18 Assar Westerlund <assar@sics.se> 104 105 * wrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey 106 and gss_krb5_get_remotekey 107 * verify_mic.c: update krb5_auth_con function names use 108 gss_krb5_get_remotekey 109 * unwrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey 110 and gss_krb5_get_remotekey 111 * gssapi_locl.h (gss_krb5_get_remotekey, gss_krb5_get_localkey): 112 add prototypes 113 * get_mic.c: update krb5_auth_con function names. use 114 gss_krb5_get_localkey 115 * accept_sec_context.c: update krb5_auth_con function names 116 1172001-05-17 Assar Westerlund <assar@sics.se> 118 119 * Makefile.am: bump version to 3:1:2 120 1212001-05-14 Assar Westerlund <assar@sics.se> 122 123 * address_to_krb5addr.c: adapt to new address functions 124 1252001-05-11 Assar Westerlund <assar@sics.se> 126 127 * try to return the error string from libkrb5 where applicable 128 1292001-05-08 Assar Westerlund <assar@sics.se> 130 131 * delete_sec_context.c (gss_delete_sec_context): remember to free 132 the memory used by the ticket itself. from <tmartin@mirapoint.com> 133 1342001-05-04 Assar Westerlund <assar@sics.se> 135 136 * gssapi_locl.h: add config.h for completeness 137 * gssapi.h: remove config.h, this is an installed header file 138 sys/types.h is not needed either 139 1402001-03-12 Assar Westerlund <assar@sics.se> 141 142 * acquire_cred.c (gss_acquire_cred): remove memory leaks. from 143 Jason R Thorpe <thorpej@zembu.com> 144 1452001-02-18 Assar Westerlund <assar@sics.se> 146 147 * accept_sec_context.c (gss_accept_sec_context): either return 148 gss_name NULL-ed or set 149 150 * import_name.c: set minor_status in some cases where it was not 151 done 152 1532001-02-15 Assar Westerlund <assar@sics.se> 154 155 * wrap.c: use krb5_generate_random_block for the confounders 156 1572001-01-30 Assar Westerlund <assar@sics.se> 158 159 * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:0:2 160 * acquire_cred.c, init_sec_context.c, release_cred.c: add support 161 for getting creds from a keytab, from fvdl@netbsd.org 162 163 * copy_ccache.c: add gss_krb5_copy_ccache 164 1652001-01-27 Assar Westerlund <assar@sics.se> 166 167 * get_mic.c: cast parameters to des function to non-const pointers 168 to handle the case where these functions actually take non-const 169 des_cblock * 170 1712001-01-09 Assar Westerlund <assar@sics.se> 172 173 * accept_sec_context.c (gss_accept_sec_context): use krb5_rd_cred2 174 instead of krb5_rd_cred 175 1762000-12-11 Assar Westerlund <assar@sics.se> 177 178 * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:3:1 179 1802000-12-08 Assar Westerlund <assar@sics.se> 181 182 * wrap.c (wrap_des3): use the checksum as ivec when encrypting the 183 sequence number 184 * unwrap.c (unwrap_des3): use the checksum as ivec when encrypting 185 the sequence number 186 * init_sec_context.c (init_auth): always zero fwd_data 187 1882000-12-06 Johan Danielsson <joda@pdc.kth.se> 189 190 * accept_sec_context.c: de-pointerise auth_context parameter to 191 krb5_mk_rep 192 1932000-11-15 Assar Westerlund <assar@sics.se> 194 195 * init_sec_context.c (init_auth): update to new 196 krb5_build_authenticator 197 1982000-09-19 Assar Westerlund <assar@sics.se> 199 200 * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:2:1 201 2022000-08-27 Assar Westerlund <assar@sics.se> 203 204 * init_sec_context.c: actually pay attention to `time_req' 205 * init_sec_context.c: re-organize. leak less memory. 206 * gssapi_locl.h (gssapi_krb5_encapsulate, gss_krb5_getsomekey): 207 update prototypes add assert.h 208 * gssapi.h (GSS_KRB5_CONF_C_QOP_DES, GSS_KRB5_CONF_C_QOP_DES3_KD): 209 add 210 * verify_mic.c: re-organize and add 3DES code 211 * wrap.c: re-organize and add 3DES code 212 * unwrap.c: re-organize and add 3DES code 213 * get_mic.c: re-organize and add 3DES code 214 * encapsulate.c (gssapi_krb5_encapsulate): do not free `in_data', 215 let the caller do that. fix the callers. 216 2172000-08-16 Assar Westerlund <assar@sics.se> 218 219 * Makefile.am: bump version to 2:1:1 220 2212000-07-29 Assar Westerlund <assar@sics.se> 222 223 * decapsulate.c (gssapi_krb5_verify_header): sanity-check length 224 2252000-07-25 Johan Danielsson <joda@pdc.kth.se> 226 227 * Makefile.am: bump version to 2:0:1 228 2292000-07-22 Assar Westerlund <assar@sics.se> 230 231 * gssapi.h: update OID for GSS_C_NT_HOSTBASED_SERVICE and other 232 details from rfc2744 233 2342000-06-29 Assar Westerlund <assar@sics.se> 235 236 * address_to_krb5addr.c (gss_address_to_krb5addr): actually use 237 `int' instead of `sa_family_t' for the address family. 238 2392000-06-21 Assar Westerlund <assar@sics.se> 240 241 * add support for token delegation. From Daniel Kouril 242 <kouril@ics.muni.cz> and Miroslav Ruda <ruda@ics.muni.cz> 243 2442000-05-15 Assar Westerlund <assar@sics.se> 245 246 * Makefile.am (libgssapi_la_LDFLAGS): set version to 1:1:1 247 2482000-04-12 Assar Westerlund <assar@sics.se> 249 250 * release_oid_set.c (gss_release_oid_set): clear set for 251 robustness. From GOMBAS Gabor <gombasg@inf.elte.hu> 252 * release_name.c (gss_release_name): reset input_name for 253 robustness. From GOMBAS Gabor <gombasg@inf.elte.hu> 254 * release_buffer.c (gss_release_buffer): set value to NULL to be 255 more robust. From GOMBAS Gabor <gombasg@inf.elte.hu> 256 * add_oid_set_member.c (gss_add_oid_set_member): actually check if 257 the oid is a member first. leave the oid_set unchanged if realloc 258 fails. 259 2602000-02-13 Assar Westerlund <assar@sics.se> 261 262 * Makefile.am: set version to 1:0:1 263 2642000-02-12 Assar Westerlund <assar@sics.se> 265 266 * gssapi_locl.h: add flags for import/export 267 * import_sec_context.c (import_sec_context: add flags for what 268 fields are included. do not include the authenticator for now. 269 * export_sec_context.c (export_sec_context: add flags for what 270 fields are included. do not include the authenticator for now. 271 * accept_sec_context.c (gss_accept_sec_context): set target in 272 context_handle 273 2742000-02-11 Assar Westerlund <assar@sics.se> 275 276 * delete_sec_context.c (gss_delete_sec_context): set context to 277 GSS_C_NO_CONTEXT 278 279 * Makefile.am: add {export,import}_sec_context.c 280 * export_sec_context.c: new file 281 * import_sec_context.c: new file 282 * accept_sec_context.c (gss_accept_sec_context): set trans flag 283 2842000-02-07 Assar Westerlund <assar@sics.se> 285 286 * Makefile.am: set version to 0:5:0 287 2882000-01-26 Assar Westerlund <assar@sics.se> 289 290 * delete_sec_context.c (gss_delete_sec_context): handle a NULL 291 output_token 292 293 * wrap.c: update to pseudo-standard APIs for md4,md5,sha. some 294 changes to libdes calls to make them more portable. 295 * verify_mic.c: update to pseudo-standard APIs for md4,md5,sha. 296 some changes to libdes calls to make them more portable. 297 * unwrap.c: update to pseudo-standard APIs for md4,md5,sha. some 298 changes to libdes calls to make them more portable. 299 * get_mic.c: update to pseudo-standard APIs for md4,md5,sha. some 300 changes to libdes calls to make them more portable. 301 * 8003.c: update to pseudo-standard APIs for md4,md5,sha. 302 3032000-01-06 Assar Westerlund <assar@sics.se> 304 305 * Makefile.am: set version to 0:4:0 306 3071999-12-26 Assar Westerlund <assar@sics.se> 308 309 * accept_sec_context.c (gss_accept_sec_context): always set 310 `output_token' 311 * init_sec_context.c (init_auth): always initialize `output_token' 312 * delete_sec_context.c (gss_delete_sec_context): always set 313 `output_token' 314 3151999-12-06 Assar Westerlund <assar@sics.se> 316 317 * Makefile.am: bump version to 0:3:0 318 3191999-10-20 Assar Westerlund <assar@sics.se> 320 321 * Makefile.am: set version to 0:2:0 322 3231999-09-21 Assar Westerlund <assar@sics.se> 324 325 * init_sec_context.c (gss_init_sec_context): initialize `ticket' 326 327 * gssapi.h (gss_ctx_id_t_desc): add ticket in here. ick. 328 329 * delete_sec_context.c (gss_delete_sec_context): free ticket 330 331 * accept_sec_context.c (gss_accept_sec_context): stove away 332 `krb5_ticket' in context so that ugly programs such as 333 gss_nt_server can get at it. uck. 334 3351999-09-20 Johan Danielsson <joda@pdc.kth.se> 336 337 * accept_sec_context.c: set minor_status 338 3391999-08-04 Assar Westerlund <assar@sics.se> 340 341 * display_status.c (calling_error, routine_error): right shift the 342 code to make it possible to index into the arrays 343 3441999-07-28 Assar Westerlund <assar@sics.se> 345 346 * gssapi.h (GSS_C_AF_INET6): add 347 348 * import_name.c (import_hostbased_name): set minor_status 349 3501999-07-26 Assar Westerlund <assar@sics.se> 351 352 * Makefile.am: set version to 0:1:0 353 354Wed Apr 7 14:05:15 1999 Johan Danielsson <joda@hella.pdc.kth.se> 355 356 * display_status.c: set minor_status 357 358 * init_sec_context.c: set minor_status 359 360 * lib/gssapi/init.c: remove donep (check gssapi_krb5_context 361 directly) 362 363