ChangeLog revision 107207
1107207Snectar2002-10-21 Johan Danielsson <joda@pdc.kth.se> 2103423Snectar 3107207Snectar * lib/krb5/store_emem.c: pull up 1.13; limit how much we allocate 4103423Snectar 5107207Snectar * lib/krb5/principal.c: pull up 1.82; don't allow trailing 6107207Snectar backslashes in components 7103423Snectar 8107207Snectar * lib/krb5/keytab_keyfile.c: pull up 1.15; more strcspn 9103423Snectar 10107207Snectar * lib/krb5/keytab_any.c: pull up 1.7; properly close the open 11107207Snectar keytabs 12103423Snectar 13107207Snectar * kdc/connect.c: pull up 1.87; check that %-quotes are followed by 14107207Snectar two hex digits 15103423Snectar 16107207Snectar * lib/krb5/prompter_posix.c: pull up 1.7; use strcspn to convert 17107207Snectar the newline to NUL in fgets results. 18107207Snectar 19107207Snectar * lib/krb5/kuserok.c: pull up 1.6; use strcspn to convert the 20107207Snectar newline to NUL in fgets results. 21107207Snectar 22107207Snectar * lib/krb5/keytab_file.c: pull up 1.12; check return value from 23107207Snectar start_seq_get 24107207Snectar 25107207Snectar * lib/krb5/context.c: pull up 1.82; return ENXIO instead of ENOENT 26107207Snectar when "unconfigured" 27107207Snectar 28107207Snectar * lib/krb5/changepw.c: pull up 1.38; fix reply length check 29107207Snectar calculation 30107207Snectar 31107207Snectar * kuser/klist.c: pull up 1.68; allow tokens up to size of buffer 32107207Snectar 33107207Snectar * kdc/kaserver.c: pull up 1.21; make sure life is positive 34107207Snectar 35107207Snectar * fix-export: pull up 1.28; remove autom4ate.cache 36107207Snectar 37103423Snectar2002-09-10 Johan Danielsson <joda@pdc.kth.se> 38103423Snectar 39107207Snectar * Release 0.5 40107207Snectar 41103423Snectar * include/make_crypto.c: don't use function macros if possible 42103423Snectar 43103423Snectar * lib/krb5/krb5_locl.h: get limits.h for UINT_MAX 44103423Snectar 45103423Snectar * include/Makefile.am: use make_crypto to create crypto-headers.h 46103423Snectar 47103423Snectar * include/make_crypto.c: crypto header generation tool 48103423Snectar 49103423Snectar * configure.in: move crypto test to just after testing for krb4, 50103423Snectar and move roken tests to after both, this speeds up various failure 51103423Snectar cases with krb4 52103423Snectar 53103423Snectar * lib/krb5/config_file.c: don't use NULL when we mean 0 54103423Snectar 55103423Snectar * configure.in: we don't set package_libdir anymore, so no point 56103423Snectar in testing for it 57103423Snectar 58103423Snectar * tools/Makefile.am: subst INCLUDE_des 59103423Snectar 60103423Snectar * tools/krb5-config.in: add INCLUDE_des to cflags 61103423Snectar 62103423Snectar * configure.in: use AC_CONFIG_SRCDIR 63103423Snectar 64103423Snectar * fix-export: remove some unneeded stuff 65103423Snectar 66103423Snectar * kuser/kinit.c (do_524init): free principals 67103423Snectar 68103423Snectar2002-09-09 Jacques Vidrine <nectar@kth.se> 69103423Snectar 70103423Snectar * kdc/kerberos5.c (get_pa_etype_info, fix_transited_encoding), 71103423Snectar kdc/kaserver.c (krb5_ret_xdr_data), 72103423Snectar lib/krb5/transited.c (krb5_domain_x500_decode): Validate some 73103423Snectar counts: Check that they are non-negative, and that they are small 74103423Snectar enough to avoid integer overflow when used in memory allocation 75103423Snectar calculations. Potential problem areas pointed out by 76103423Snectar Sebastian Krahmer <krahmer@suse.de>. 77103423Snectar 78103423Snectar * lib/krb5/keytab_keyfile.c (akf_add_entry): Use O_EXCL when 79103423Snectar creating a new keyfile. 80103423Snectar 81103423Snectar2002-09-09 Johan Danielsson <joda@pdc.kth.se> 82103423Snectar 83103423Snectar * configure.in: don't try to build pam module 84103423Snectar 85103423Snectar2002-09-05 Johan Danielsson <joda@pdc.kth.se> 86103423Snectar 87103423Snectar * appl/kf/kf.c: fix warning string 88103423Snectar 89103423Snectar * lib/krb5/log.c (krb5_vlog_msg): delay message formating till we 90103423Snectar know we need it 91103423Snectar 92103423Snectar2002-09-04 Assar Westerlund <assar@kth.se> 93103423Snectar 94103423Snectar * kdc/kerberos5.c (encode_reply): correct error logging 95103423Snectar 96103423Snectar2002-09-04 Johan Danielsson <joda@pdc.kth.se> 97103423Snectar 98103423Snectar * lib/krb5/sendauth.c: close ccache if we opened it 99103423Snectar 100103423Snectar * appl/kf/kf.c: handle new protocol 101103423Snectar 102103423Snectar * appl/kf/kfd.c: use krb5_err instead of sysloging directly, 103103423Snectar handle the new protocol, and bail out if an old client tries to 104103423Snectar connect 105103423Snectar 106103423Snectar * appl/kf/kf_locl.h: we need a protocol version string 107103423Snectar 108103423Snectar * lib/hdb/hdb-ldap.c: use ASN1_MALLOC_ENCODE 109103423Snectar 110103423Snectar * kdc/kerberos5.c: use ASN1_MALLOC_ENCODE 111103423Snectar 112103423Snectar * kdc/hprop.c: set AP_OPTS_USE_SUBKEY 113103423Snectar 114103423Snectar * lib/hdb/common.c: use ASN1_MALLOC_ENCODE 115103423Snectar 116103423Snectar * lib/asn1/gen.c: add convenience macro that allocates a buffer 117103423Snectar and encoded into that 118103423Snectar 119103423Snectar * lib/krb5/get_cred.c (init_tgs_req): use 120103423Snectar in_creds->session.keytype literally instead of trying to convert 121103423Snectar to a list of enctypes (it should already be an enctype) 122103423Snectar 123103423Snectar * lib/krb5/get_cred.c (init_tgs_req): init ret 124103423Snectar 125103423Snectar2002-09-03 Johan Danielsson <joda@pdc.kth.se> 126103423Snectar 127103423Snectar * lib/asn1/k5.asn1: remove ETYPE_DES3_CBC_NONE_IVEC 128103423Snectar 129103423Snectar * lib/krb5/krb5.h: remove ENCTYPE_DES3_CBC_NONE_IVEC 130103423Snectar 131103423Snectar * lib/krb5/crypto.c: get rid of DES3_CBC_encrypt_ivec, just use 132103423Snectar zero ivec in DES3_CBC_encrypt if passed ivec is NULL 133103423Snectar 134103423Snectar * lib/krb5/Makefile.am: back out 1.144, since it will re-create 135103423Snectar krb5-protos.h at build-time, which requires perl, which is bad 136103423Snectar 137103423Snectar * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): don't 138103423Snectar blindly use the local subkey 139103423Snectar 140103423Snectar * lib/krb5/crypto.c: add function krb5_crypto_getblocksize that 141103423Snectar extracts the required blocksize from a crypto context 142103423Snectar 143103423Snectar * lib/krb5/build_auth.c: just get the length of the encoded 144103423Snectar authenticator instead of trying to grow a buffer 145103423Snectar 146103423Snectar2002-09-03 Assar Westerlund <assar@kth.se> 147103423Snectar 148103423Snectar * configure.in: add --disable-mmap option, and tests for 149103423Snectar sys/mman.h and mmap 150103423Snectar 151103423Snectar2002-09-03 Jacques Vidrine <nectar@kth.se> 152103423Snectar 153103423Snectar * lib/krb5/changepw.c: verify lengths in response 154103423Snectar 155103423Snectar * lib/asn1/der_get.c (decode_integer, decode_unsigned): check for 156103423Snectar truncated integers 157103423Snectar 158103423Snectar2002-09-02 Johan Danielsson <joda@pdc.kth.se> 159103423Snectar 160103423Snectar * lib/krb5/mk_req_ext.c: generate a local subkey if 161103423Snectar AP_OPTS_USE_SUBKEY is set 162103423Snectar 163103423Snectar * lib/krb5/build_auth.c: we don't have enough information about 164103423Snectar whether to generate a local subkey here, so don't try to 165103423Snectar 166103423Snectar * lib/krb5/auth_context.c: new function 167103423Snectar krb5_auth_con_generatelocalsubkey 168103423Snectar 169103423Snectar * lib/krb5/get_in_tkt.c: only set kdc_sec_offset if looking at an 170103423Snectar initial ticket 171103423Snectar 172103423Snectar * lib/krb5/context.c (init_context_from_config_file): simplify 173103423Snectar initialisation of srv_lookup 174103423Snectar 175103423Snectar * lib/krb5/changepw.c (send_request): set AP_OPTS_USE_SUBKEY 176103423Snectar 177103423Snectar * lib/krb5/krb5.h: add AP_OPTS_USE_SUBKEY 178103423Snectar 179103423Snectar2002-08-30 Assar Westerlund <assar@kth.se> 180103423Snectar 181103423Snectar * lib/krb5/name-45-test.c: also test krb5_524_conv_principal 182103423Snectar * lib/krb5/Makefile.am (TESTS): add name-45-test 183103423Snectar * lib/krb5/name-45-test.c: add testcases for 184103423Snectar krb5_425_conv_principal 185103423Snectar 186103423Snectar2002-08-29 Assar Westerlund <assar@kth.se> 187103423Snectar 188103423Snectar * lib/krb5/parse-name-test.c: also test unparse_short functions 189103423Snectar * lib/asn1/asn1_print.c: use com_err/error_message API 190103423Snectar * lib/krb5/Makefile.am: add parse-name-test 191103423Snectar * lib/krb5/parse-name-test.c: add a program for testing parsing 192103423Snectar and unparsing principal names 193103423Snectar 194102644Snectar2002-08-28 Assar Westerlund <assar@kth.se> 19590926Snectar 196102644Snectar * kdc/config.c: add missing ifdef DAEMON 19790926Snectar 198102644Snectar2002-08-28 Johan Danielsson <joda@pdc.kth.se> 19990926Snectar 200102644Snectar * configure.in: use rk_SUNOS 20190926Snectar 202102644Snectar * kdc/config.c: add detach options 20390926Snectar 204102644Snectar * kdc/main.c: maybe detach from console? 20590926Snectar 206102644Snectar * kdc/kdc.8: markup changes 20790926Snectar 208102644Snectar * configure.in: AC_TEST_PACKAGE_NEW -> rk_TEST_PACKAGE 20990926Snectar 210102644Snectar * configure.in: use rk_TELNET, rename some other macros, and don't 211102644Snectar add -ldes to krb4 link command 21290926Snectar 213102644Snectar * kuser/kinit.1: whitespace fix (from NetBSD) 21490926Snectar 215102644Snectar * include/bits.c: we may need unistd.h for ssize_t 21690926Snectar 217102644Snectar2002-08-26 Assar Westerlund <assar@kth.se> 21890926Snectar 219102644Snectar * lib/krb5/principal.c (krb5_425_conv_principal_ext): lookup AAAA 220102644Snectar rrs before A ones when using the resolver to verify a mapping, 221102644Snectar also use getaddrinfo when resolver is not available 22290926Snectar 223102644Snectar * lib/hdb/keytab.c (find_db): const-correctness in parameters to 224102644Snectar krb5_config_get_next 22590926Snectar 226102644Snectar * lib/asn1/gen.c: include <string.h> in the generated files (for 227102644Snectar memset) 22890926Snectar 229102644Snectar2002-08-22 Assar Westerlund <assar@kth.se> 23090926Snectar 231102644Snectar * lib/krb5/test_get_addrs.c, lib/krb5/krbhst-test.c: make it use 232102644Snectar getarg so that it can handle --help and --version (and thus make 233102644Snectar check can pass) 23490926Snectar 235102644Snectar * lib/asn1/check-der.c: make this build again 23690926Snectar 237102644Snectar2002-08-22 Assar Westerlund <assar@kth.se> 23890926Snectar 239102644Snectar * lib/asn1/der_get.c (der_get_int): handle len == 0. based on a 240102644Snectar patch from Love <lha@stacken.kth.se> 24190926Snectar 242102644Snectar2002-08-22 Johan Danielsson <joda@pdc.kth.se> 24390926Snectar 244102644Snectar * lib/krb5/krb5.h: we seem to call KRB5KDC_ERR_KEY_EXP 245102644Snectar KRB5KDC_ERR_KEY_EXPIRED, so define the former to the latter 246102644Snectar 247102644Snectar * kdc/kdc.8: add blurb about adding and removing addresses; update 248102644Snectar kdc.conf section to match reality 24990926Snectar 250102644Snectar * configure.in: KRB_SENDAUTH_VLEN seems to always have existed, so 251102644Snectar don't define it 252102644Snectar 253102644Snectar2002-08-21 Assar Westerlund <assar@kth.se> 254102644Snectar 255102644Snectar * lib/asn1/asn1_print.c: print OIDs too, based on a patch from 256102644Snectar Love <lha@stacken.kth.se> 25790926Snectar 258102644Snectar2002-08-21 Johan Danielsson <joda@pdc.kth.se> 25990926Snectar 260102644Snectar * kuser/kinit.c (do_v4_fallback): don't use krb_get_pw_in_tkt2 261102644Snectar since it might not exist, and we don't actually care about the key 262102644Snectar 263102644Snectar2002-08-20 Johan Danielsson <joda@pdc.kth.se> 26490926Snectar 265102644Snectar * lib/krb5/krb5.conf.5: correct documentation for 266102644Snectar verify_ap_req_nofail 26790926Snectar 268102644Snectar * lib/krb5/log.c: rename syslog_data to avoid name conflicts (from 269102644Snectar Mattias Amnefelt) 27090926Snectar 271102644Snectar * kuser/klist.c (display_tokens): increase token buffer size, and 272102644Snectar add more checks of the kernel data (from Love) 27390926Snectar 274102644Snectar2002-08-19 Johan Danielsson <joda@pdc.kth.se> 27590926Snectar 276102644Snectar * fix-export: use make to parse Makefile.am instead of perl 27790926Snectar 278102644Snectar * configure.in: use argument-less AM_INIT_AUTOMAKE, now that it 279102644Snectar groks AC_INIT with package name etc. 28090926Snectar 281102644Snectar * kpasswd/kpasswdd.c: include <kadm5/private.h> 28290926Snectar 283102644Snectar * lib/asn1/asn1_print.c: include com_right.h 28490926Snectar 285102644Snectar * lib/krb5/addr_families.c: socklen_t -> krb5_socklen_t 28690926Snectar 287102644Snectar * include/bits.c: define krb5_socklen_t type; this should really 288102644Snectar go someplace else, but this was easy 28990926Snectar 290102644Snectar * lib/krb5/verify_krb5_conf.c: don't bail out if parsing of a file 291102644Snectar fails, just warn about it 29290926Snectar 293102644Snectar * kdc/log.c (kdc_openlog): no need for a config_file parameter 29490926Snectar 295102644Snectar * kdc/config.c: just treat kdc.conf like any other config file 29690926Snectar 297102644Snectar * lib/krb5/context.c (krb5_get_default_config_files): ignore 298102644Snectar duplicate files 29990926Snectar 300102644Snectar2002-08-16 Johan Danielsson <joda@pdc.kth.se> 30190926Snectar 302102644Snectar * lib/krb5/krb5.h: turn strings into pointers, so we can assign to 303102644Snectar them 30490926Snectar 305102644Snectar * lib/krb5/constants.c: turn strings into pointers, so we can 306102644Snectar assign to them 30790926Snectar 308102644Snectar * lib/krb5/get_addrs.c (get_addrs_int): initialise res if 309102644Snectar SCAN_INTERFACES is not set 31090926Snectar 311102644Snectar * lib/krb5/context.c: fix various borked stuff in previous commits 31290926Snectar 313102644Snectar2002-08-16 Jacques Vidrine <n@nectar.com> 31490926Snectar 315102644Snectar * lib/krb5/krbhst.c (kpasswd_get_next): if we fall back to using 316102644Snectar the `admin_server' entry for kpasswd, override the `proto' result 317102644Snectar to be UDP. 31890926Snectar 319102644Snectar2002-08-15 Johan Danielsson <joda@pdc.kth.se> 32090926Snectar 321102644Snectar * lib/krb5/auth_context.c: check return value of 322102644Snectar krb5_sockaddr2address 32390926Snectar 324102644Snectar * lib/krb5/addr_families.c: check return value of 325102644Snectar krb5_sockaddr2address 32690926Snectar 327102644Snectar * lib/krb5/context.c: get the default keytab from KRB5_KTNAME 32890926Snectar 329102644Snectar2002-08-14 Johan Danielsson <joda@pdc.kth.se> 33090926Snectar 331102644Snectar * lib/krb5/verify_krb5_conf.c: allow parsing of more than one file 33290926Snectar 333102644Snectar * lib/krb5/context.c: allow changing config files with the 334102644Snectar function krb5_set_config_files, there are also related functions 335102644Snectar krb5_get_default_config_files and krb5_free_config_files; these 336102644Snectar should work similar to their MIT counterparts 33790926Snectar 338102644Snectar * lib/krb5/config_file.c: allow the use of more than one config 339102644Snectar file by using the new function krb5_config_parse_file_multi 34090926Snectar 341102644Snectar2002-08-12 Johan Danielsson <joda@pdc.kth.se> 34290926Snectar 343102644Snectar * use sysconfdir instead of /etc 34490926Snectar 345102644Snectar * configure.in: require autoconf 2.53; rename dpagaix_LDFLAGS etc 346102644Snectar to appease automake; force sysconfdir and localstatedir to /etc 347102644Snectar and /var/heimdal for now 34890926Snectar 349102644Snectar * kdc/connect.c (addr_to_string): check return value of 350102644Snectar sockaddr2address 35190926Snectar 352102644Snectar2002-08-09 Johan Danielsson <joda@pdc.kth.se> 35390926Snectar 354102644Snectar * lib/krb5/rd_cred.c: if the remote address isn't an addrport, 355102644Snectar don't try comparing to one; this should make old clients work with 356102644Snectar new servers 35790926Snectar 358102644Snectar * lib/asn1/gen_decode.c: remove unused variable 35990926Snectar 360102644Snectar2002-07-31 Johan Danielsson <joda@pdc.kth.se> 36190926Snectar 362102644Snectar * kdc/{kerberos5,524}.c: ENOENT -> HDB_ERR_NOENTRY (from Derrick 363102644Snectar Brashear) 36490926Snectar 365102644Snectar * lib/krb5/principal.c: actually lower case the lower case 366102644Snectar instance name (spotted by Derrick Brashear) 36790926Snectar 368102644Snectar2002-07-24 Johan Danielsson <joda@pdc.kth.se> 36990926Snectar 370102644Snectar * fix-export: if DATEDVERSION is set, change the version to 371102644Snectar current date 37290926Snectar 373102644Snectar * configure.in: don't use AC_PROG_RANLIB, and use magic foo to set 374102644Snectar LTLIBOBJS 37590926Snectar 376102644Snectar2002-07-04 Johan Danielsson <joda@pdc.kth.se> 37790926Snectar 378102644Snectar * kdc/connect.c: add some cache-control-foo to the http responses 379102644Snectar (from Gombas Gabor) 38090926Snectar 381102644Snectar * lib/krb5/addr_families.c (krb5_print_address): don't copy size 382102644Snectar if ret_len == NULL 38390926Snectar 384102644Snectar2002-06-28 Johan Danielsson <joda@pdc.kth.se> 38590926Snectar 386102644Snectar * kuser/klist.c (display_tokens): don't bail out before we get 387102644Snectar EDOM (signaling the end of the tokens), the kernel can also return 388102644Snectar ENOTCONN, meaning that the index does not exist anymore (for 389102644Snectar example if the token has expired) 39090926Snectar 391102644Snectar2002-06-06 Johan Danielsson <joda@pdc.kth.se> 39290926Snectar 393102644Snectar * lib/krb5/changepw.c: make sure we return an error if there are 394102644Snectar no changepw hosts found; from Wynn Wilkes 39590926Snectar 396102644Snectar2002-05-29 Johan Danielsson <joda@pdc.kth.se> 39790926Snectar 398102644Snectar * lib/krb5/cache.c (krb5_cc_register): break out of loop when the 399102644Snectar same type is found; spotted by Wynn Wilkes 40090926Snectar 401102644Snectar2002-05-15 Johan Danielsson <joda@pdc.kth.se> 40290926Snectar 403102644Snectar * kdc/kerberos5.c: don't free encrypted padata until we're really 404102644Snectar done with it 40590926Snectar 406102644Snectar2002-05-07 Johan Danielsson <joda@pdc.kth.se> 40790926Snectar 408102644Snectar * kdc/kerberos5.c: when decrypting pa-data, try all keys matching 409102644Snectar enctype 41090926Snectar 411102644Snectar * kuser/kinit.1: document -a 41290926Snectar 413102644Snectar * kuser/kinit.c: add command line switch for extra addresses 41490926Snectar 415102644Snectar2002-04-30 Johan Danielsson <joda@blubb.pdc.kth.se> 41690926Snectar 417102644Snectar * configure.in: remove some duplicate tests 41890926Snectar 419102644Snectar * configure.in: use AC_HELP_STRING 42090926Snectar 421102644Snectar2002-04-29 Johan Danielsson <joda@pdc.kth.se> 42290926Snectar 423102644Snectar * lib/krb5/crypto.c (usage2arcfour): don't abort if the usage is 424102644Snectar unknown 42590926Snectar 426102644Snectar2002-04-25 Johan Danielsson <joda@pdc.kth.se> 42790926Snectar 428102644Snectar * configure.in: use rk_DESTDIRS 42990926Snectar 430102644Snectar2002-04-22 Johan Danielsson <joda@pdc.kth.se> 43190926Snectar 432102644Snectar * lib/krb5/krb5_verify_user.3: make it clear that _lrealm modifies 433102644Snectar the principal 43490926Snectar 435102644Snectar2002-04-19 Johan Danielsson <joda@pdc.kth.se> 43690926Snectar 437102644Snectar * lib/krb5/verify_init.c: fix typo in error string 43890926Snectar 439102644Snectar2002-04-18 Johan Danielsson <joda@pdc.kth.se> 44090926Snectar 441102644Snectar * acconfig.h: remove some stuff that is defined elsewhere 44290926Snectar 443102644Snectar * lib/krb5/krb5_locl.h: include <sys/file.h> 44490926Snectar 445102644Snectar * lib/krb5/acl.c: rename acl_string parameter 44690926Snectar 447102644Snectar * lib/krb5/Makefile.am: remove __P from protos, and put parameter 448102644Snectar names in comments 44990926Snectar 450102644Snectar * kuser/klist.c: better align some headers 45190926Snectar 452102644Snectar * kdc/kerberos4.c: storage tweaks 45390926Snectar 454102644Snectar * kdc/kaserver.c: storage tweaks 45590926Snectar 456102644Snectar * kdc/524.c: storage tweaks 45790926Snectar 458102644Snectar * lib/krb5/keytab_krb4.c: storage tweaks 45990926Snectar 460102644Snectar * lib/krb5/keytab_keyfile.c: storage tweaks 46190926Snectar 462102644Snectar * lib/krb5/keytab_file.c: storage tweaks; also try to handle zero 463102644Snectar sized keytab files 46490926Snectar 465102644Snectar * lib/krb5/keytab_any.c: use KRB5_KT_END instead of KRB5_CC_END 46690926Snectar 467102644Snectar * lib/krb5/fcache.c: storage tweaks 46890926Snectar 469102644Snectar * lib/krb5/store_mem.c: make the krb5_storage opaque, and add 470102644Snectar function wrappers for store/fetch/seek, and also make the eof-code 471102644Snectar configurable 47290926Snectar 473102644Snectar * lib/krb5/store_fd.c: make the krb5_storage opaque, and add 474102644Snectar function wrappers for store/fetch/seek, and also make the eof-code 475102644Snectar configurable 47690926Snectar 477102644Snectar * lib/krb5/store_emem.c: make the krb5_storage opaque, and add 478102644Snectar function wrappers for store/fetch/seek, and also make the eof-code 479102644Snectar configurable 48090926Snectar 481102644Snectar * lib/krb5/store.c: make the krb5_storage opaque, and add function 482102644Snectar wrappers for store/fetch/seek, and also make the eof-code 483102644Snectar configurable 48490926Snectar 485102644Snectar * lib/krb5/store-int.h: make the krb5_storage opaque, and add 486102644Snectar function wrappers for store/fetch/seek, and also make the eof-code 487102644Snectar configurable 48890926Snectar 489102644Snectar * lib/krb5/krb5.h: make the krb5_storage opaque, and add function 490102644Snectar wrappers for store/fetch/seek, and also make the eof-code 491102644Snectar configurable 49290926Snectar 493102644Snectar * include/bits.c: include <sys/socket.h> to get socklen_t 49490926Snectar 495102644Snectar * kdc/kerberos5.c (get_pa_etype_info): sort ETYPE-INFOs by 496102644Snectar requested KDC-REQ etypes 49790926Snectar 498102644Snectar * kdc/hpropd.c: constify 49990926Snectar 500102644Snectar * kdc/hprop.c: constify 50190926Snectar 502102644Snectar * kdc/string2key.c: constify 50390926Snectar 504102644Snectar * kdc/kdc_locl.h: make port_str const 50590926Snectar 506102644Snectar * kdc/config.c: constify 50790926Snectar 508102644Snectar * lib/krb5/config_file.c: constify 50990926Snectar 510102644Snectar * kdc/kstash.c: constify 51190926Snectar 512102644Snectar * lib/krb5/verify_user.c: remove unnecessary cast 51390926Snectar 514102644Snectar * lib/krb5/recvauth.c: constify 51590926Snectar 516102644Snectar * lib/krb5/principal.c (krb5_parse_name): const qualify 51790926Snectar 518102644Snectar * lib/krb5/mcache.c (mcc_get_name): constify return type 51990926Snectar 520102644Snectar * lib/krb5/context.c (krb5_free_context): don't try to free the 521102644Snectar ccache prefix 52290926Snectar 523102644Snectar * lib/krb5/cache.c (krb5_cc_register): don't make a copy of the 524102644Snectar prefix 52590926Snectar 526102644Snectar * lib/krb5/krb5.h: constify some struct members 52790926Snectar 528102644Snectar * lib/krb5/log.c: constify 52990926Snectar 530102644Snectar * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): const 531102644Snectar qualify 53290926Snectar 533102644Snectar * lib/krb5/get_in_tkt.c (krb5_init_etype): constify 53490926Snectar 535102644Snectar * lib/krb5/crypto.c: constify some 53690926Snectar 537102644Snectar * lib/krb5/config_file.c: constify 53890926Snectar 539102644Snectar * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): 540102644Snectar constify local variable 54190926Snectar 542102644Snectar * lib/krb5/addr_families.c (ipv4_sockaddr2port): constify 54390926Snectar 544102644Snectar2002-04-17 Johan Danielsson <joda@pdc.kth.se> 54590926Snectar 546102644Snectar * lib/krb5/verify_krb5_conf.c: add some log checking 54778527Sassar 548102644Snectar * lib/krb5/log.c (krb5_addlog_dest): reorganise syslog parsing 54978527Sassar 550102644Snectar2002-04-16 Johan Danielsson <joda@pdc.kth.se> 55178527Sassar 552102644Snectar * lib/krb5/crypto.c (krb5_crypto_init): check that the key size 553102644Snectar matches the expected length 55478527Sassar 555102644Snectar2002-03-27 Johan Danielsson <joda@pdc.kth.se> 55678527Sassar 557102644Snectar * lib/krb5/send_to_kdc.c: rename send parameter to send_data 55878527Sassar 559102644Snectar * lib/krb5/mk_error.c: rename ctime parameter to client_time 56078527Sassar 561102644Snectar2002-03-22 Johan Danielsson <joda@pdc.kth.se> 56278527Sassar 563102644Snectar * kdc/kerberos5.c (find_etype): unsigned -> krb5_enctype (from 564102644Snectar Reinoud Zandijk) 56578527Sassar 566102644Snectar2002-03-18 Johan Danielsson <joda@pdc.kth.se> 56778527Sassar 568102644Snectar * lib/asn1/k5.asn1: add the GSS-API checksum type here 56978527Sassar 570102644Snectar2002-03-11 Assar Westerlund <assar@sics.se> 57178527Sassar 572102644Snectar * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to 573102644Snectar 18:3:1 574102644Snectar * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 7:5:0 575102644Snectar * lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump version to 6:0:0 57678527Sassar 577102644Snectar2002-03-10 Assar Westerlund <assar@sics.se> 57878527Sassar 579102644Snectar * lib/krb5/rd_cred.c: handle addresses with port numbers 58078527Sassar 581102644Snectar * lib/krb5/keytab_file.c, lib/krb5/keytab.c: 582102644Snectar store the kvno % 256 as the byte and the complete 32 bit kvno after 583102644Snectar the end of the current keytab entry 58478527Sassar 585102644Snectar * lib/krb5/init_creds_pw.c: 586102644Snectar handle LR_PW_EXPTIME and LR_ACCT_EXPTIME in the same way 58778527Sassar 588102644Snectar * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): 589102644Snectar handle ports giving for the remote address 59078527Sassar 591102644Snectar * lib/krb5/get_cred.c: 592102644Snectar get a ticket with no addresses if no-addresses is set 59378527Sassar 594102644Snectar * lib/krb5/crypto.c: 595102644Snectar rename functions DES_* to krb5_* to avoid colliding with modern 596102644Snectar openssl 59778527Sassar 598102644Snectar * lib/krb5/addr_families.c: 599102644Snectar make all functions taking 'struct sockaddr' actually take a socklen_t 600102644Snectar instead of int and that acts as an in-out parameter (indicating the 601102644Snectar maximum length of the sockaddr to be written) 60278527Sassar 603102644Snectar * kdc/kerberos4.c: 604102644Snectar make the kvno's in the krb4 universe by the real one % 256, since they 605102644Snectar cannot only be 8 bit, and the v5 ones are actually 32 bits 60678527Sassar 607102644Snectar2002-02-15 Johan Danielsson <joda@pdc.kth.se> 60878527Sassar 609102644Snectar * lib/krb5/keytab_keyfile.c (akf_add_entry): don't create the file 610102644Snectar before we need to write to it 611102644Snectar (from �ke Sandgren) 61278527Sassar 613102644Snectar2002-02-14 Johan Danielsson <joda@pdc.kth.se> 61478527Sassar 615102644Snectar * configure.in: rk_RETSIGTYPE and rk_BROKEN_REALLOC are called via 616102644Snectar rk_ROKEN (from Gombas Gabor); find inttypes by CHECK_TYPES 617102644Snectar directly 61878527Sassar 619102644Snectar * lib/krb5/rd_safe.c: actually use the correct key (from Daniel 620102644Snectar Kouril) 62178527Sassar 622102644Snectar2002-02-12 Johan Danielsson <joda@pdc.kth.se> 62378527Sassar 624102644Snectar * lib/krb5/context.c (krb5_get_err_text): protect against NULL 625102644Snectar context 62678527Sassar 627102644Snectar2002-02-11 Johan Danielsson <joda@pdc.kth.se> 62878527Sassar 629102644Snectar * admin/ktutil.c: no need to use the "modify" keytab anymore 63078527Sassar 631102644Snectar * lib/krb5/keytab_any.c: implement add and remove 63278527Sassar 633102644Snectar * lib/krb5/keytab_krb4.c: implement add and remove 63478527Sassar 635102644Snectar * lib/krb5/store_emem.c (emem_free): clear memory before freeing 636102644Snectar (this should perhaps be selectable with a flag) 63778527Sassar 638102644Snectar2002-02-04 Johan Danielsson <joda@pdc.kth.se> 63978527Sassar 640102644Snectar * kdc/config.c (get_dbinfo): if there are database specifications 641102644Snectar in the config file, don't automatically try to use the default 642102644Snectar values (from Gombas Gabor) 64378527Sassar 644102644Snectar * lib/krb5/log.c (krb5_closelog): don't pass pointer to pointer 645102644Snectar (from Gombas Gabor) 64678527Sassar 647102644Snectar2002-01-30 Johan Danielsson <joda@pdc.kth.se> 64878527Sassar 649102644Snectar * admin/list.c: get the default keytab from krb5.conf, and list 650102644Snectar all parts of an ANY type keytab 65178527Sassar 652102644Snectar * lib/krb5/context.c: default default_keytab_modify to NULL 65378527Sassar 654102644Snectar * lib/krb5/keytab.c (krb5_kt_default_modify_name): if no modify 655102644Snectar name is specified take it from the first component of the default 656102644Snectar keytab name 65778527Sassar 658102644Snectar2002-01-29 Johan Danielsson <joda@pdc.kth.se> 65978527Sassar 660102644Snectar * lib/krb5/keytab.c: compare keytab types case insensitively 66178527Sassar 662102644Snectar2002-01-07 Assar Westerlund <assar@sics.se> 66378527Sassar 664102644Snectar * lib/krb5/crypto.c (create_checksum): make usage `unsigned' (it's 665102644Snectar not really a krb5_key_usage). From Ben Harris <bjh21@netbsd.org> 666102644Snectar * lib/krb5/get_in_tkt.c: use krb5_enctype consistently. From Ben 667102644Snectar Harris <bjh21@netbsd.org> 668102644Snectar * lib/krb5/crypto.c: use krb5_enctype consistently. From Ben 669102644Snectar Harris <bjh21@netbsd.org> 670102644Snectar * kdc/kerberos5.c: use krb5_enctype consistently. From Ben Harris 671102644Snectar <bjh21@netbsd.org> 672