1120945Snectar2002-12-19 Johan Danielsson <joda@pdc.kth.se> 2120945Snectar 3120945Snectar * lib/krb5/mk_rep.c: free allocated storage; reported by Howard 4120945Snectar Chu 5120945Snectar 6120945Snectar2002-12-08 Johan Danielsson <joda@pdc.kth.se> 7120945Snectar 8120945Snectar * kdc/kdc_locl.h: remove old encrypt_v4_ticket prototype 9120945Snectar 10120945Snectar2002-12-02 Johan Danielsson <joda@pdc.kth.se> 11120945Snectar 12120945Snectar * kpasswd/kpasswdd.c (doit): initialise sa_size to size of 13120945Snectar sockaddr_storage 14120945Snectar 15120945Snectar * kdc/connect.c (init_socket): initialise sa_size to size of 16120945Snectar sockaddr_storage 17120945Snectar 18120945Snectar2002-11-15 Johan Danielsson <joda@pdc.kth.se> 19120945Snectar 20120945Snectar * lib/krb5/krb5.h: remove trailing comma in enum 21120945Snectar 22120945Snectar2002-11-07 Johan Danielsson <joda@pdc.kth.se> 23120945Snectar 24120945Snectar * kdc/524.c: implement crude b2 style (non-)conversion for use 25120945Snectar with afs 26120945Snectar 27120945Snectar * kdc/kerberos4.c: move encrypt_v4_ticket to 524.c, since that's 28120945Snectar where it's used 29120945Snectar 30120945Snectar2002-10-21 Johan Danielsson <joda@pdc.kth.se> 31120945Snectar 32120945Snectar * lib/krb5/keytab_keyfile.c: more strcspn 33120945Snectar 34120945Snectar * lib/krb5/store_emem.c (emem_store): limit how much we allocate 35120945Snectar (from Olaf Kirch) 36120945Snectar 37120945Snectar * lib/krb5/principal.c: don't allow trailing backslashes in 38120945Snectar components 39120945Snectar 40120945Snectar * kdc/connect.c: check that %-quotes are followed by two hex 41120945Snectar digits 42120945Snectar 43120945Snectar * lib/krb5/keytab_any.c: properly close the open keytabs (from 44120945Snectar Larry Greenfield) 45120945Snectar 46120945Snectar * kdc/kaserver.c: make sure life is positive (from John Godehn) 47120945Snectar 48120945Snectar2002-10-17 Johan Danielsson <joda@pdc.kth.se> 49120945Snectar 50120945Snectar * kuser/klist.c (display_tokens): allow tokens up to size of 51120945Snectar buffer (from Magnus Holmberg) 52120945Snectar 53120945Snectar2002-09-29 Johan Danielsson <joda@pdc.kth.se> 54120945Snectar 55120945Snectar * lib/krb5/changepw.c (process_reply): fix reply length check 56120945Snectar calculation (reported by various people) 57120945Snectar 58120945Snectar2002-09-24 Johan Danielsson <joda@pdc.kth.se> 59120945Snectar 60120945Snectar * lib/krb5/keytab_file.c (fkt_remove_entry): check return value 61120945Snectar from start_seq_get (from Wynn Wilkes) 62120945Snectar 63120945Snectar2002-09-19 Johan Danielsson <joda@pdc.kth.se> 64120945Snectar 65120945Snectar * lib/krb5/context.c (krb5_set_config_files): return ENXIO instead 66120945Snectar of ENOENT when "unconfigured" 67120945Snectar 68120945Snectar2002-09-16 Jacques Vidrine <nectar@kth.se> 69120945Snectar 70120945Snectar * lib/krb5/kuserok.c, lib/krb5/prompter_posix.c: use strcspn 71120945Snectar to convert the newline to NUL in fgets results. 72120945Snectar 73120945Snectar2002-09-13 Johan Danielsson <joda@pdc.kth.se> 74120945Snectar 75120945Snectar * kuser/kinit.1: remove unneeded Ns 76120945Snectar 77120945Snectar * lib/krb5/krb5_appdefault.3: remove extra "application" 78120945Snectar 79120945Snectar * fix-export: remove autom4ate.cache 80120945Snectar 81120945Snectar2002-09-10 Johan Danielsson <joda@pdc.kth.se> 82120945Snectar 83120945Snectar * include/make_crypto.c: don't use function macros if possible 84120945Snectar 85120945Snectar * lib/krb5/krb5_locl.h: get limits.h for UINT_MAX 86120945Snectar 87120945Snectar * include/Makefile.am: use make_crypto to create crypto-headers.h 88120945Snectar 89120945Snectar * include/make_crypto.c: crypto header generation tool 90120945Snectar 91120945Snectar * configure.in: move crypto test to just after testing for krb4, 92120945Snectar and move roken tests to after both, this speeds up various failure 93120945Snectar cases with krb4 94120945Snectar 95120945Snectar * lib/krb5/config_file.c: don't use NULL when we mean 0 96120945Snectar 97120945Snectar * configure.in: we don't set package_libdir anymore, so no point 98120945Snectar in testing for it 99120945Snectar 100120945Snectar * tools/Makefile.am: subst INCLUDE_des 101120945Snectar 102120945Snectar * tools/krb5-config.in: add INCLUDE_des to cflags 103120945Snectar 104120945Snectar * configure.in: use AC_CONFIG_SRCDIR 105120945Snectar 106120945Snectar * fix-export: remove some unneeded stuff 107120945Snectar 108120945Snectar * kuser/kinit.c (do_524init): free principals 109120945Snectar 110120945Snectar2002-09-09 Jacques Vidrine <nectar@kth.se> 111120945Snectar 112120945Snectar * kdc/kerberos5.c (get_pa_etype_info, fix_transited_encoding), 113120945Snectar kdc/kaserver.c (krb5_ret_xdr_data), 114120945Snectar lib/krb5/transited.c (krb5_domain_x500_decode): Validate some 115120945Snectar counts: Check that they are non-negative, and that they are small 116120945Snectar enough to avoid integer overflow when used in memory allocation 117120945Snectar calculations. Potential problem areas pointed out by 118120945Snectar Sebastian Krahmer <krahmer@suse.de>. 119120945Snectar 120120945Snectar * lib/krb5/keytab_keyfile.c (akf_add_entry): Use O_EXCL when 121120945Snectar creating a new keyfile. 122120945Snectar 123120945Snectar2002-09-09 Johan Danielsson <joda@pdc.kth.se> 124120945Snectar 125120945Snectar * configure.in: don't try to build pam module 126120945Snectar 127120945Snectar2002-09-05 Johan Danielsson <joda@pdc.kth.se> 128120945Snectar 129120945Snectar * appl/kf/kf.c: fix warning string 130120945Snectar 131120945Snectar * lib/krb5/log.c (krb5_vlog_msg): delay message formating till we 132120945Snectar know we need it 133120945Snectar 134120945Snectar2002-09-04 Assar Westerlund <assar@kth.se> 135120945Snectar 136120945Snectar * kdc/kerberos5.c (encode_reply): correct error logging 137120945Snectar 138120945Snectar2002-09-04 Johan Danielsson <joda@pdc.kth.se> 139120945Snectar 140120945Snectar * lib/krb5/sendauth.c: close ccache if we opened it 141120945Snectar 142120945Snectar * appl/kf/kf.c: handle new protocol 143120945Snectar 144120945Snectar * appl/kf/kfd.c: use krb5_err instead of sysloging directly, 145120945Snectar handle the new protocol, and bail out if an old client tries to 146120945Snectar connect 147120945Snectar 148120945Snectar * appl/kf/kf_locl.h: we need a protocol version string 149120945Snectar 150120945Snectar * lib/hdb/hdb-ldap.c: use ASN1_MALLOC_ENCODE 151120945Snectar 152120945Snectar * kdc/kerberos5.c: use ASN1_MALLOC_ENCODE 153120945Snectar 154120945Snectar * kdc/hprop.c: set AP_OPTS_USE_SUBKEY 155120945Snectar 156120945Snectar * lib/hdb/common.c: use ASN1_MALLOC_ENCODE 157120945Snectar 158120945Snectar * lib/asn1/gen.c: add convenience macro that allocates a buffer 159120945Snectar and encoded into that 160120945Snectar 161120945Snectar * lib/krb5/get_cred.c (init_tgs_req): use 162120945Snectar in_creds->session.keytype literally instead of trying to convert 163120945Snectar to a list of enctypes (it should already be an enctype) 164120945Snectar 165120945Snectar * lib/krb5/get_cred.c (init_tgs_req): init ret 166120945Snectar 167120945Snectar2002-09-03 Johan Danielsson <joda@pdc.kth.se> 168120945Snectar 169120945Snectar * lib/asn1/k5.asn1: remove ETYPE_DES3_CBC_NONE_IVEC 170120945Snectar 171120945Snectar * lib/krb5/krb5.h: remove ENCTYPE_DES3_CBC_NONE_IVEC 172120945Snectar 173120945Snectar * lib/krb5/crypto.c: get rid of DES3_CBC_encrypt_ivec, just use 174120945Snectar zero ivec in DES3_CBC_encrypt if passed ivec is NULL 175120945Snectar 176120945Snectar * lib/krb5/Makefile.am: back out 1.144, since it will re-create 177120945Snectar krb5-protos.h at build-time, which requires perl, which is bad 178120945Snectar 179120945Snectar * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): don't 180120945Snectar blindly use the local subkey 181120945Snectar 182120945Snectar * lib/krb5/crypto.c: add function krb5_crypto_getblocksize that 183120945Snectar extracts the required blocksize from a crypto context 184120945Snectar 185120945Snectar * lib/krb5/build_auth.c: just get the length of the encoded 186120945Snectar authenticator instead of trying to grow a buffer 187120945Snectar 188120945Snectar2002-09-03 Assar Westerlund <assar@kth.se> 189120945Snectar 190120945Snectar * configure.in: add --disable-mmap option, and tests for 191120945Snectar sys/mman.h and mmap 192120945Snectar 193120945Snectar2002-09-03 Jacques Vidrine <nectar@kth.se> 194120945Snectar 195120945Snectar * lib/krb5/changepw.c: verify lengths in response 196120945Snectar 197120945Snectar * lib/asn1/der_get.c (decode_integer, decode_unsigned): check for 198120945Snectar truncated integers 199120945Snectar 200120945Snectar2002-09-02 Johan Danielsson <joda@pdc.kth.se> 201120945Snectar 202120945Snectar * lib/krb5/mk_req_ext.c: generate a local subkey if 203120945Snectar AP_OPTS_USE_SUBKEY is set 204120945Snectar 205120945Snectar * lib/krb5/build_auth.c: we don't have enough information about 206120945Snectar whether to generate a local subkey here, so don't try to 207120945Snectar 208120945Snectar * lib/krb5/auth_context.c: new function 209120945Snectar krb5_auth_con_generatelocalsubkey 210120945Snectar 211120945Snectar * lib/krb5/get_in_tkt.c: only set kdc_sec_offset if looking at an 212120945Snectar initial ticket 213120945Snectar 214120945Snectar * lib/krb5/context.c (init_context_from_config_file): simplify 215120945Snectar initialisation of srv_lookup 216120945Snectar 217120945Snectar * lib/krb5/changepw.c (send_request): set AP_OPTS_USE_SUBKEY 218120945Snectar 219120945Snectar * lib/krb5/krb5.h: add AP_OPTS_USE_SUBKEY 220120945Snectar 221120945Snectar2002-08-30 Assar Westerlund <assar@kth.se> 222120945Snectar 223120945Snectar * lib/krb5/name-45-test.c: also test krb5_524_conv_principal 224120945Snectar * lib/krb5/Makefile.am (TESTS): add name-45-test 225120945Snectar * lib/krb5/name-45-test.c: add testcases for 226120945Snectar krb5_425_conv_principal 227120945Snectar 228120945Snectar2002-08-29 Assar Westerlund <assar@kth.se> 229120945Snectar 230120945Snectar * lib/krb5/parse-name-test.c: also test unparse_short functions 231120945Snectar * lib/asn1/asn1_print.c: use com_err/error_message API 232120945Snectar * lib/krb5/Makefile.am: add parse-name-test 233120945Snectar * lib/krb5/parse-name-test.c: add a program for testing parsing 234120945Snectar and unparsing principal names 235120945Snectar 236120945Snectar2002-08-28 Assar Westerlund <assar@kth.se> 237120945Snectar 238120945Snectar * kdc/config.c: add missing ifdef DAEMON 239120945Snectar 240120945Snectar2002-08-28 Johan Danielsson <joda@pdc.kth.se> 241120945Snectar 242120945Snectar * configure.in: use rk_SUNOS 243120945Snectar 244120945Snectar * kdc/config.c: add detach options 245120945Snectar 246120945Snectar * kdc/main.c: maybe detach from console? 247120945Snectar 248120945Snectar * kdc/kdc.8: markup changes 249120945Snectar 250120945Snectar * configure.in: AC_TEST_PACKAGE_NEW -> rk_TEST_PACKAGE 251120945Snectar 252120945Snectar * configure.in: use rk_TELNET, rename some other macros, and don't 253120945Snectar add -ldes to krb4 link command 254120945Snectar 255120945Snectar * kuser/kinit.1: whitespace fix (from NetBSD) 256120945Snectar 257120945Snectar * include/bits.c: we may need unistd.h for ssize_t 258120945Snectar 259120945Snectar2002-08-26 Assar Westerlund <assar@kth.se> 260120945Snectar 261120945Snectar * lib/krb5/principal.c (krb5_425_conv_principal_ext): lookup AAAA 262120945Snectar rrs before A ones when using the resolver to verify a mapping, 263120945Snectar also use getaddrinfo when resolver is not available 264120945Snectar 265120945Snectar * lib/hdb/keytab.c (find_db): const-correctness in parameters to 266120945Snectar krb5_config_get_next 267120945Snectar 268120945Snectar * lib/asn1/gen.c: include <string.h> in the generated files (for 269120945Snectar memset) 270120945Snectar 271120945Snectar2002-08-22 Assar Westerlund <assar@kth.se> 272120945Snectar 273120945Snectar * lib/krb5/test_get_addrs.c, lib/krb5/krbhst-test.c: make it use 274120945Snectar getarg so that it can handle --help and --version (and thus make 275120945Snectar check can pass) 276120945Snectar 277120945Snectar * lib/asn1/check-der.c: make this build again 278120945Snectar 279120945Snectar2002-08-22 Assar Westerlund <assar@kth.se> 280120945Snectar 281120945Snectar * lib/asn1/der_get.c (der_get_int): handle len == 0. based on a 282120945Snectar patch from Love <lha@stacken.kth.se> 283120945Snectar 284120945Snectar2002-08-22 Johan Danielsson <joda@pdc.kth.se> 285120945Snectar 286120945Snectar * lib/krb5/krb5.h: we seem to call KRB5KDC_ERR_KEY_EXP 287120945Snectar KRB5KDC_ERR_KEY_EXPIRED, so define the former to the latter 288120945Snectar 289120945Snectar * kdc/kdc.8: add blurb about adding and removing addresses; update 290120945Snectar kdc.conf section to match reality 291120945Snectar 292120945Snectar * configure.in: KRB_SENDAUTH_VLEN seems to always have existed, so 293120945Snectar don't define it 294120945Snectar 295120945Snectar2002-08-21 Assar Westerlund <assar@kth.se> 296120945Snectar 297120945Snectar * lib/asn1/asn1_print.c: print OIDs too, based on a patch from 298120945Snectar Love <lha@stacken.kth.se> 299120945Snectar 300120945Snectar2002-08-21 Johan Danielsson <joda@pdc.kth.se> 301120945Snectar 302120945Snectar * kuser/kinit.c (do_v4_fallback): don't use krb_get_pw_in_tkt2 303120945Snectar since it might not exist, and we don't actually care about the key 304120945Snectar 305120945Snectar2002-08-20 Johan Danielsson <joda@pdc.kth.se> 306120945Snectar 307120945Snectar * lib/krb5/krb5.conf.5: correct documentation for 308120945Snectar verify_ap_req_nofail 309120945Snectar 310120945Snectar * lib/krb5/log.c: rename syslog_data to avoid name conflicts (from 311120945Snectar Mattias Amnefelt) 312120945Snectar 313120945Snectar * kuser/klist.c (display_tokens): increase token buffer size, and 314120945Snectar add more checks of the kernel data (from Love) 315120945Snectar 316120945Snectar2002-08-19 Johan Danielsson <joda@pdc.kth.se> 317120945Snectar 318120945Snectar * fix-export: use make to parse Makefile.am instead of perl 319120945Snectar 320120945Snectar * configure.in: use argument-less AM_INIT_AUTOMAKE, now that it 321120945Snectar groks AC_INIT with package name etc. 322120945Snectar 323120945Snectar * kpasswd/kpasswdd.c: include <kadm5/private.h> 324120945Snectar 325120945Snectar * lib/asn1/asn1_print.c: include com_right.h 326120945Snectar 327120945Snectar * lib/krb5/addr_families.c: socklen_t -> krb5_socklen_t 328120945Snectar 329120945Snectar * include/bits.c: define krb5_socklen_t type; this should really 330120945Snectar go someplace else, but this was easy 331120945Snectar 332120945Snectar * lib/krb5/verify_krb5_conf.c: don't bail out if parsing of a file 333120945Snectar fails, just warn about it 334120945Snectar 335120945Snectar * kdc/log.c (kdc_openlog): no need for a config_file parameter 336120945Snectar 337120945Snectar * kdc/config.c: just treat kdc.conf like any other config file 338120945Snectar 339120945Snectar * lib/krb5/context.c (krb5_get_default_config_files): ignore 340120945Snectar duplicate files 341120945Snectar 342120945Snectar2002-08-16 Johan Danielsson <joda@pdc.kth.se> 343120945Snectar 344120945Snectar * lib/krb5/krb5.h: turn strings into pointers, so we can assign to 345120945Snectar them 346120945Snectar 347120945Snectar * lib/krb5/constants.c: turn strings into pointers, so we can 348120945Snectar assign to them 349120945Snectar 350120945Snectar * lib/krb5/get_addrs.c (get_addrs_int): initialise res if 351120945Snectar SCAN_INTERFACES is not set 352120945Snectar 353120945Snectar * lib/krb5/context.c: fix various borked stuff in previous commits 354120945Snectar 355120945Snectar2002-08-16 Jacques Vidrine <n@nectar.com> 356120945Snectar 357120945Snectar * lib/krb5/krbhst.c (kpasswd_get_next): if we fall back to using 358120945Snectar the `admin_server' entry for kpasswd, override the `proto' result 359120945Snectar to be UDP. 360120945Snectar 361120945Snectar2002-08-15 Johan Danielsson <joda@pdc.kth.se> 362120945Snectar 363120945Snectar * lib/krb5/auth_context.c: check return value of 364120945Snectar krb5_sockaddr2address 365120945Snectar 366120945Snectar * lib/krb5/addr_families.c: check return value of 367120945Snectar krb5_sockaddr2address 368120945Snectar 369120945Snectar * lib/krb5/context.c: get the default keytab from KRB5_KTNAME 370120945Snectar 371120945Snectar2002-08-14 Johan Danielsson <joda@pdc.kth.se> 372120945Snectar 373120945Snectar * lib/krb5/verify_krb5_conf.c: allow parsing of more than one file 374120945Snectar 375120945Snectar * lib/krb5/context.c: allow changing config files with the 376120945Snectar function krb5_set_config_files, there are also related functions 377120945Snectar krb5_get_default_config_files and krb5_free_config_files; these 378120945Snectar should work similar to their MIT counterparts 379120945Snectar 380120945Snectar * lib/krb5/config_file.c: allow the use of more than one config 381120945Snectar file by using the new function krb5_config_parse_file_multi 382120945Snectar 383120945Snectar2002-08-12 Johan Danielsson <joda@pdc.kth.se> 384120945Snectar 385120945Snectar * use sysconfdir instead of /etc 386120945Snectar 387120945Snectar * configure.in: require autoconf 2.53; rename dpagaix_LDFLAGS etc 388120945Snectar to appease automake; force sysconfdir and localstatedir to /etc 389120945Snectar and /var/heimdal for now 390120945Snectar 391120945Snectar * kdc/connect.c (addr_to_string): check return value of 392120945Snectar sockaddr2address 393120945Snectar 394120945Snectar2002-08-09 Johan Danielsson <joda@pdc.kth.se> 395120945Snectar 396120945Snectar * lib/krb5/rd_cred.c: if the remote address isn't an addrport, 397120945Snectar don't try comparing to one; this should make old clients work with 398120945Snectar new servers 399120945Snectar 400120945Snectar * lib/asn1/gen_decode.c: remove unused variable 401120945Snectar 402120945Snectar2002-07-31 Johan Danielsson <joda@pdc.kth.se> 403120945Snectar 404120945Snectar * kdc/{kerberos5,524}.c: ENOENT -> HDB_ERR_NOENTRY (from Derrick 405120945Snectar Brashear) 406120945Snectar 407120945Snectar * lib/krb5/principal.c: actually lower case the lower case 408120945Snectar instance name (spotted by Derrick Brashear) 409120945Snectar 410120945Snectar2002-07-24 Johan Danielsson <joda@pdc.kth.se> 411120945Snectar 412120945Snectar * fix-export: if DATEDVERSION is set, change the version to 413120945Snectar current date 414120945Snectar 415120945Snectar * configure.in: don't use AC_PROG_RANLIB, and use magic foo to set 416120945Snectar LTLIBOBJS 417120945Snectar 418120945Snectar2002-07-04 Johan Danielsson <joda@pdc.kth.se> 419120945Snectar 420120945Snectar * kdc/connect.c: add some cache-control-foo to the http responses 421120945Snectar (from Gombas Gabor) 422120945Snectar 423120945Snectar * lib/krb5/addr_families.c (krb5_print_address): don't copy size 424120945Snectar if ret_len == NULL 425120945Snectar 426120945Snectar2002-06-28 Johan Danielsson <joda@pdc.kth.se> 427120945Snectar 428120945Snectar * kuser/klist.c (display_tokens): don't bail out before we get 429120945Snectar EDOM (signaling the end of the tokens), the kernel can also return 430120945Snectar ENOTCONN, meaning that the index does not exist anymore (for 431120945Snectar example if the token has expired) 432120945Snectar 433120945Snectar2002-06-06 Johan Danielsson <joda@pdc.kth.se> 434120945Snectar 435120945Snectar * lib/krb5/changepw.c: make sure we return an error if there are 436120945Snectar no changepw hosts found; from Wynn Wilkes 437120945Snectar 438120945Snectar2002-05-29 Johan Danielsson <joda@pdc.kth.se> 439120945Snectar 440120945Snectar * lib/krb5/cache.c (krb5_cc_register): break out of loop when the 441120945Snectar same type is found; spotted by Wynn Wilkes 442120945Snectar 443120945Snectar2002-05-28 Johan Danielsson <joda@pdc.kth.se> 444120945Snectar 445120945Snectar * lib/krb5/keytab_file.c: check size of entry before trying to 446120945Snectar read 32-bit kvno; also fix typo in previous 447120945Snectar 448120945Snectar2002-05-24 Johan Danielsson <joda@pdc.kth.se> 449120945Snectar 450120945Snectar * include/Makefile.am: only add to INCLUDES 451120945Snectar 452120945Snectar * lib/45/mk_req.c: fix for storage change 453120945Snectar 454120945Snectar * lib/hdb/print.c: fix for storage change 455120945Snectar 456120945Snectar2002-05-15 Johan Danielsson <joda@pdc.kth.se> 457120945Snectar 458120945Snectar * kdc/kerberos5.c: don't free encrypted padata until we're really 459120945Snectar done with it 460120945Snectar 461120945Snectar2002-05-07 Johan Danielsson <joda@pdc.kth.se> 462120945Snectar 463120945Snectar * kdc/kerberos5.c: when decrypting pa-data, try all keys matching 464120945Snectar enctype 465120945Snectar 466120945Snectar * kuser/kinit.1: document -a 467120945Snectar 468120945Snectar * kuser/kinit.c: add command line switch for extra addresses 469120945Snectar 470120945Snectar2002-04-30 Johan Danielsson <joda@blubb.pdc.kth.se> 471120945Snectar 472120945Snectar * configure.in: remove some duplicate tests 473120945Snectar 474120945Snectar * configure.in: use AC_HELP_STRING 475120945Snectar 476120945Snectar2002-04-29 Johan Danielsson <joda@pdc.kth.se> 477120945Snectar 478120945Snectar * lib/krb5/crypto.c (usage2arcfour): don't abort if the usage is 479120945Snectar unknown 480120945Snectar 481120945Snectar2002-04-25 Johan Danielsson <joda@pdc.kth.se> 482120945Snectar 483120945Snectar * configure.in: use rk_DESTDIRS 484120945Snectar 485120945Snectar2002-04-22 Johan Danielsson <joda@pdc.kth.se> 486120945Snectar 487120945Snectar * lib/krb5/krb5_verify_user.3: make it clear that _lrealm modifies 488120945Snectar the principal 489120945Snectar 490120945Snectar2002-04-19 Johan Danielsson <joda@pdc.kth.se> 491120945Snectar 492120945Snectar * lib/krb5/verify_init.c: fix typo in error string 493120945Snectar 494120945Snectar2002-04-18 Johan Danielsson <joda@pdc.kth.se> 495120945Snectar 496120945Snectar * acconfig.h: remove some stuff that is defined elsewhere 497120945Snectar 498120945Snectar * lib/krb5/krb5_locl.h: include <sys/file.h> 499120945Snectar 500120945Snectar * lib/krb5/acl.c: rename acl_string parameter 501120945Snectar 502120945Snectar * lib/krb5/Makefile.am: remove __P from protos, and put parameter 503120945Snectar names in comments 504120945Snectar 505120945Snectar * kuser/klist.c: better align some headers 506120945Snectar 507120945Snectar * kdc/kerberos4.c: storage tweaks 508120945Snectar 509120945Snectar * kdc/kaserver.c: storage tweaks 510120945Snectar 511120945Snectar * kdc/524.c: storage tweaks 512120945Snectar 513120945Snectar * lib/krb5/keytab_krb4.c: storage tweaks 514120945Snectar 515120945Snectar * lib/krb5/keytab_keyfile.c: storage tweaks 516120945Snectar 517120945Snectar * lib/krb5/keytab_file.c: storage tweaks; also try to handle zero 518120945Snectar sized keytab files 519120945Snectar 520120945Snectar * lib/krb5/keytab_any.c: use KRB5_KT_END instead of KRB5_CC_END 521120945Snectar 522120945Snectar * lib/krb5/fcache.c: storage tweaks 523120945Snectar 524120945Snectar * lib/krb5/store_mem.c: make the krb5_storage opaque, and add 525120945Snectar function wrappers for store/fetch/seek, and also make the eof-code 526120945Snectar configurable 527120945Snectar 528120945Snectar * lib/krb5/store_fd.c: make the krb5_storage opaque, and add 529120945Snectar function wrappers for store/fetch/seek, and also make the eof-code 530120945Snectar configurable 531120945Snectar 532120945Snectar * lib/krb5/store_emem.c: make the krb5_storage opaque, and add 533120945Snectar function wrappers for store/fetch/seek, and also make the eof-code 534120945Snectar configurable 535120945Snectar 536120945Snectar * lib/krb5/store.c: make the krb5_storage opaque, and add function 537120945Snectar wrappers for store/fetch/seek, and also make the eof-code 538120945Snectar configurable 539120945Snectar 540120945Snectar * lib/krb5/store-int.h: make the krb5_storage opaque, and add 541120945Snectar function wrappers for store/fetch/seek, and also make the eof-code 542120945Snectar configurable 543120945Snectar 544120945Snectar * lib/krb5/krb5.h: make the krb5_storage opaque, and add function 545120945Snectar wrappers for store/fetch/seek, and also make the eof-code 546120945Snectar configurable 547120945Snectar 548120945Snectar * include/bits.c: include <sys/socket.h> to get socklen_t 549120945Snectar 550120945Snectar * kdc/kerberos5.c (get_pa_etype_info): sort ETYPE-INFOs by 551120945Snectar requested KDC-REQ etypes 552120945Snectar 553120945Snectar * kdc/hpropd.c: constify 554120945Snectar 555120945Snectar * kdc/hprop.c: constify 556120945Snectar 557120945Snectar * kdc/string2key.c: constify 558120945Snectar 559120945Snectar * kdc/kdc_locl.h: make port_str const 560120945Snectar 561120945Snectar * kdc/config.c: constify 562120945Snectar 563120945Snectar * lib/krb5/config_file.c: constify 564120945Snectar 565120945Snectar * kdc/kstash.c: constify 566120945Snectar 567120945Snectar * lib/krb5/verify_user.c: remove unnecessary cast 568120945Snectar 569120945Snectar * lib/krb5/recvauth.c: constify 570120945Snectar 571120945Snectar * lib/krb5/principal.c (krb5_parse_name): const qualify 572120945Snectar 573120945Snectar * lib/krb5/mcache.c (mcc_get_name): constify return type 574120945Snectar 575120945Snectar * lib/krb5/context.c (krb5_free_context): don't try to free the 576120945Snectar ccache prefix 577120945Snectar 578120945Snectar * lib/krb5/cache.c (krb5_cc_register): don't make a copy of the 579120945Snectar prefix 580120945Snectar 581120945Snectar * lib/krb5/krb5.h: constify some struct members 582120945Snectar 583120945Snectar * lib/krb5/log.c: constify 584120945Snectar 585120945Snectar * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): const 586120945Snectar qualify 587120945Snectar 588120945Snectar * lib/krb5/get_in_tkt.c (krb5_init_etype): constify 589120945Snectar 590120945Snectar * lib/krb5/crypto.c: constify some 591120945Snectar 592120945Snectar * lib/krb5/config_file.c: constify 593120945Snectar 594120945Snectar * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): 595120945Snectar constify local variable 596120945Snectar 597120945Snectar * lib/krb5/addr_families.c (ipv4_sockaddr2port): constify 598120945Snectar 599120945Snectar2002-04-17 Johan Danielsson <joda@pdc.kth.se> 600120945Snectar 601120945Snectar * lib/krb5/verify_krb5_conf.c: add some log checking 602120945Snectar 603120945Snectar * lib/krb5/log.c (krb5_addlog_dest): reorganise syslog parsing 604120945Snectar 605120945Snectar2002-04-16 Johan Danielsson <joda@pdc.kth.se> 606120945Snectar 607120945Snectar * lib/krb5/crypto.c (krb5_crypto_init): check that the key size 608120945Snectar matches the expected length 609120945Snectar 610120945Snectar2002-03-27 Johan Danielsson <joda@pdc.kth.se> 611120945Snectar 612120945Snectar * lib/krb5/send_to_kdc.c: rename send parameter to send_data 613120945Snectar 614120945Snectar * lib/krb5/mk_error.c: rename ctime parameter to client_time 615120945Snectar 616120945Snectar2002-03-22 Johan Danielsson <joda@pdc.kth.se> 617120945Snectar 618120945Snectar * kdc/kerberos5.c (find_etype): unsigned -> krb5_enctype (from 619120945Snectar Reinoud Zandijk) 620120945Snectar 621120945Snectar2002-03-18 Johan Danielsson <joda@pdc.kth.se> 622120945Snectar 623120945Snectar * lib/asn1/k5.asn1: add the GSS-API checksum type here 624120945Snectar 625120945Snectar2002-03-11 Assar Westerlund <assar@sics.se> 626120945Snectar 627120945Snectar * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to 628120945Snectar 18:3:1 629120945Snectar * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 7:5:0 630120945Snectar * lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump version to 6:0:0 631120945Snectar 632120945Snectar2002-03-10 Assar Westerlund <assar@sics.se> 633120945Snectar 634120945Snectar * lib/krb5/rd_cred.c: handle addresses with port numbers 635120945Snectar 636120945Snectar * lib/krb5/keytab_file.c, lib/krb5/keytab.c: 637120945Snectar store the kvno % 256 as the byte and the complete 32 bit kvno after 638120945Snectar the end of the current keytab entry 639120945Snectar 640120945Snectar * lib/krb5/init_creds_pw.c: 641120945Snectar handle LR_PW_EXPTIME and LR_ACCT_EXPTIME in the same way 642120945Snectar 643120945Snectar * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): 644120945Snectar handle ports giving for the remote address 645120945Snectar 646120945Snectar * lib/krb5/get_cred.c: 647120945Snectar get a ticket with no addresses if no-addresses is set 648120945Snectar 649120945Snectar * lib/krb5/crypto.c: 650120945Snectar rename functions DES_* to krb5_* to avoid colliding with modern 651120945Snectar openssl 652120945Snectar 653120945Snectar * lib/krb5/addr_families.c: 654120945Snectar make all functions taking 'struct sockaddr' actually take a socklen_t 655120945Snectar instead of int and that acts as an in-out parameter (indicating the 656120945Snectar maximum length of the sockaddr to be written) 657120945Snectar 658120945Snectar * kdc/kerberos4.c: 659120945Snectar make the kvno's in the krb4 universe by the real one % 256, since they 660120945Snectar cannot only be 8 bit, and the v5 ones are actually 32 bits 661120945Snectar 662120945Snectar2002-02-15 Johan Danielsson <joda@pdc.kth.se> 663120945Snectar 664120945Snectar * lib/krb5/keytab_keyfile.c (akf_add_entry): don't create the file 665120945Snectar before we need to write to it 666233294Sstas (from ��ke Sandgren) 667120945Snectar 668120945Snectar2002-02-14 Johan Danielsson <joda@pdc.kth.se> 669120945Snectar 670120945Snectar * configure.in: rk_RETSIGTYPE and rk_BROKEN_REALLOC are called via 671120945Snectar rk_ROKEN (from Gombas Gabor); find inttypes by CHECK_TYPES 672120945Snectar directly 673120945Snectar 674120945Snectar * lib/krb5/rd_safe.c: actually use the correct key (from Daniel 675120945Snectar Kouril) 676120945Snectar 677120945Snectar2002-02-12 Johan Danielsson <joda@pdc.kth.se> 678120945Snectar 679120945Snectar * lib/krb5/context.c (krb5_get_err_text): protect against NULL 680120945Snectar context 681120945Snectar 682120945Snectar2002-02-11 Johan Danielsson <joda@pdc.kth.se> 683120945Snectar 684120945Snectar * admin/ktutil.c: no need to use the "modify" keytab anymore 685120945Snectar 686120945Snectar * lib/krb5/keytab_any.c: implement add and remove 687120945Snectar 688120945Snectar * lib/krb5/keytab_krb4.c: implement add and remove 689120945Snectar 690120945Snectar * lib/krb5/store_emem.c (emem_free): clear memory before freeing 691120945Snectar (this should perhaps be selectable with a flag) 692120945Snectar 693120945Snectar2002-02-04 Johan Danielsson <joda@pdc.kth.se> 694120945Snectar 695120945Snectar * kdc/config.c (get_dbinfo): if there are database specifications 696120945Snectar in the config file, don't automatically try to use the default 697120945Snectar values (from Gombas Gabor) 698120945Snectar 699120945Snectar * lib/krb5/log.c (krb5_closelog): don't pass pointer to pointer 700120945Snectar (from Gombas Gabor) 701120945Snectar 702120945Snectar2002-01-30 Johan Danielsson <joda@pdc.kth.se> 703120945Snectar 704120945Snectar * admin/list.c: get the default keytab from krb5.conf, and list 705120945Snectar all parts of an ANY type keytab 706120945Snectar 707120945Snectar * lib/krb5/context.c: default default_keytab_modify to NULL 708120945Snectar 709120945Snectar * lib/krb5/keytab.c (krb5_kt_default_modify_name): if no modify 710120945Snectar name is specified take it from the first component of the default 711120945Snectar keytab name 712120945Snectar 713120945Snectar2002-01-29 Johan Danielsson <joda@pdc.kth.se> 714120945Snectar 715120945Snectar * lib/krb5/keytab.c: compare keytab types case insensitively 716120945Snectar 717120945Snectar2002-01-07 Assar Westerlund <assar@sics.se> 718120945Snectar 719120945Snectar * lib/krb5/crypto.c (create_checksum): make usage `unsigned' (it's 720120945Snectar not really a krb5_key_usage). From Ben Harris <bjh21@netbsd.org> 721120945Snectar * lib/krb5/get_in_tkt.c: use krb5_enctype consistently. From Ben 722120945Snectar Harris <bjh21@netbsd.org> 723120945Snectar * lib/krb5/crypto.c: use krb5_enctype consistently. From Ben 724120945Snectar Harris <bjh21@netbsd.org> 725120945Snectar * kdc/kerberos5.c: use krb5_enctype consistently. From Ben Harris 726120945Snectar <bjh21@netbsd.org> 727