ChangeLog revision 120945
1120945Snectar2003-05-08 Johan Danielsson <joda@ratatosk.pdc.kth.se> 2103423Snectar 3120945Snectar * Release 0.6 4103423Snectar 5120945Snectar2003-05-08 Love H�rnquist �strand <lha@it.su.se> 6103423Snectar 7120945Snectar * kuser/klist.c: 1.68->1.69: print tokens even if there isn't v4 8120945Snectar support 9103423Snectar 10120945Snectar * kuser/kdestroy.c: 1.14->1.15: destroy tokens even if there isn't 11120945Snectar v4 support 12103423Snectar 13120945Snectar * kuser/kinit.c: 1.90->1.91: print tokens even if there isn't v4 14120945Snectar support 15103423Snectar 16120945Snectar2003-05-06 Johan Danielsson <joda@pdc.kth.se> 17107207Snectar 18120945Snectar * lib/krb5/name-45-test.c: need to use empty krb5.conf for some 19120945Snectar tests 20107207Snectar 21120945Snectar * lib/asn1/check-gen.c: there is no \e escape sequence; replace 22120945Snectar everything with hex-codes, and cast to unsigned char* to make some 23120945Snectar compilers happy 24107207Snectar 25120945Snectar2003-05-06 Love H�rnquist �strand <lha@it.su.se> 26107207Snectar 27120945Snectar * lib/krb5/get_in_tkt.c (make_pa_enc_timestamp): make sure first 28120945Snectar argument to krb5_us_timeofday have correct type 29120945Snectar 30120945Snectar2003-05-05 Assar Westerlund <assar@kth.se> 31107207Snectar 32120945Snectar * include/make_crypto.c (main): include aes.h if ENABLE_AES 33107207Snectar 34120945Snectar2003-05-05 Love H�rnquist �strand <lha@it.su.se> 35107207Snectar 36120945Snectar * NEWS: 1.108->1.110: fix text about gssapi compat 37120945Snectar 38120945Snectar2003-04-28 Love H�rnquist �strand <lha@it.su.se> 39107207Snectar 40120945Snectar * kdc/v4_dump.c: 1.4->1.5: (v4_prop_dump): limit strings length, 41120945Snectar from openbsd 42103423Snectar 43120945Snectar2003-04-24 Love H�rnquist �strand <lha@it.su.se> 44107207Snectar 45120945Snectar * doc/programming.texi: 1.2-1.3: s/managment/management/, from jmc 46120945Snectar <jmc@prioris.mini.pw.edu.pl> 47103423Snectar 48120945Snectar2003-04-22 Love H�rnquist �strand <lha@it.su.se> 49103423Snectar 50120945Snectar * lib/krb5/krbhst.c: 1.43->1.44: copy NUL too, from janj@wenf.org 51120945Snectar via openbsd 52103423Snectar 53120945Snectar2003-04-17 Love H�rnquist �strand <lha@it.su.se> 54103423Snectar 55120945Snectar * lib/asn1/der_copy.c (copy_general_string): use strdup 56120945Snectar * lib/asn1/der_put.c: remove sprintf 57120945Snectar * lib/asn1/gen.c: remove strcpy/sprintf 58120945Snectar 59120945Snectar * lib/krb5/name-45-test.c: use a more unique name then ratatosk so 60120945Snectar that other (me) have such hosts in the local domain and the tests 61120945Snectar fails, to take hokkigai.pdc.kth.se instead 62120945Snectar 63120945Snectar * lib/krb5/test_alname.c: add --version and --help 64120945Snectar 65120945Snectar2003-04-16 Love H�rnquist �strand <lha@it.su.se> 66103423Snectar 67120945Snectar * lib/krb5/krb5_warn.3: add krb5_get_err_text 68120945Snectar 69120945Snectar * lib/krb5/transited.c: use strlcat/strlcpy, from openbsd 70120945Snectar * lib/krb5/krbhst.c (srv_find_realm): use strlcpy, from openbsd 71120945Snectar * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): use 72120945Snectar strlcpy, from openbsd 73120945Snectar * kdc/hpropd.c: s/strcat/strlcat/, inspired from openbsd 74120945Snectar * appl/kf/kfd.c: use strlcpy, from openbsd 75120945Snectar 76120945Snectar2003-04-16 Johan Danielsson <joda@pdc.kth.se> 77103423Snectar 78120945Snectar * configure.in: fix for large file support in AIX, _LARGE_FILES 79120945Snectar needs to be defined on the command line, since lex likes to 80120945Snectar include stdio.h before we get to config.h 81103423Snectar 82120945Snectar2003-04-16 Love H�rnquist �strand <lha@it.su.se> 83120945Snectar 84120945Snectar * lib/krb5/*.3: Change .Fd #include <header.h> to .In header.h, 85120945Snectar from Thomas Klausner <wiz@netbsd.org> 86120945Snectar 87120945Snectar * lib/krb5/krb5.conf.5: spelling, from Thomas Klausner 88120945Snectar <wiz@netbsd.org> 89103423Snectar 90120945Snectar2003-04-15 Love H�rnquist �strand <lha@it.su.se> 91103423Snectar 92120945Snectar * kdc/kerberos5.c: fix some more memory leaks 93120945Snectar 94120945Snectar2003-04-11 Love H�rnquist �strand <lha@it.su.se> 95103423Snectar 96120945Snectar * appl/kf/kf.1: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 97120945Snectar 98120945Snectar2003-04-08 Love H�rnquist �strand <lha@it.su.se> 99103423Snectar 100120945Snectar * admin/ktutil.8: typos, from jmc <jmc@acn.waw.pl> 101120945Snectar 102120945Snectar2003-04-06 Love H�rnquist �strand <lha@it.su.se> 103103423Snectar 104120945Snectar * lib/krb5/krb5.3: s/kerberos/Kerberos/ 105120945Snectar * lib/krb5/krb5_data.3: s/kerberos/Kerberos/ 106120945Snectar * lib/krb5/krb5_address.3: s/kerberos/Kerberos/ 107120945Snectar * lib/krb5/krb5_ccache.3: s/kerberos/Kerberos/ 108120945Snectar * lib/krb5/krb5.conf.5: s/kerberos/Kerberos/ 109120945Snectar * kuser/kinit.1: s/kerberos/Kerberos/ 110120945Snectar * kdc/kdc.8: s/kerberos/Kerberos/ 111120945Snectar 112120945Snectar2003-04-01 Love H�rnquist �strand <lha@it.su.se> 113103423Snectar 114120945Snectar * lib/krb5/test_alname.c: more krb5_aname_to_localname tests 115120945Snectar 116120945Snectar * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): when 117120945Snectar converting too root, make sure user is ok according to 118120945Snectar krb5_kuserok before allowing it. 119103423Snectar 120120945Snectar * lib/krb5/Makefile.am (noinst_PROGRAMS): += test_alname 121120945Snectar 122120945Snectar * lib/krb5/test_alname.c: add test for krb5_aname_to_localname 123120945Snectar 124120945Snectar * lib/krb5/crypto.c (krb5_DES_AFS3_CMU_string_to_key): used p1 125120945Snectar instead of the "illegal" salt #~, same change as kth-krb did 126120945Snectar 1999. Problems occur with crypt() that behaves like AT&T crypt 127120945Snectar (openssl does this). Pointed out by Marcus Watts. 128103423Snectar 129120945Snectar * admin/change.c (kt_change): collect all principals we are going 130120945Snectar to change, and pick the highest kvno and use that to guess what 131120945Snectar kvno the resulting kvno is going to be. Now two ktutil change in a 132120945Snectar row works. XXX fix the protocol to pass the kvno back. 133120945Snectar 134120945Snectar2003-03-31 Love H�rnquist �strand <lha@it.su.se> 135103423Snectar 136120945Snectar * appl/kf/kf.1: afs->AFS, from jmc <jmc@acn.waw.pl> 137120945Snectar 138120945Snectar2003-03-30 Love H�rnquist �strand <lha@it.su.se> 139103423Snectar 140120945Snectar * doc/setup.texi: add description on how to turn on v4, 524 and 141120945Snectar kaserver support 142103423Snectar 143120945Snectar2003-03-29 Love H�rnquist �strand <lha@it.su.se> 144103423Snectar 145120945Snectar * lib/krb5/verify_krb5_conf.c (appdefaults_entries): add afslog 146120945Snectar and afs-use-524 147103423Snectar 148120945Snectar2003-03-28 Love H�rnquist �strand <lha@it.su.se> 149103423Snectar 150120945Snectar * kdc/kerberos5.c (as_rep): when the second enctype_to_string 151120945Snectar failes, remember to free memory from the first enctype_to_string 152103423Snectar 153120945Snectar * lib/krb5/crypto.c (usage2arcfour): map KRB5_KU_TICKET to 2, 154120945Snectar from Harald Joerg <harald.joerg@fujitsu-siemens.com> 155120945Snectar (enctype_arcfour_hmac_md5): disable checksum_hmac_md5_enc 156103423Snectar 157120945Snectar * lib/hdb/mkey.c (hdb_unseal_keys_mkey): truncate key to the key 158120945Snectar length when key is longer then expected length, its probably 159120945Snectar longer since the encrypted data was padded, reported by Aidan 160120945Snectar Cully <aidan@kublai.com> 161103423Snectar 162120945Snectar * lib/krb5/crypto.c (krb5_enctype_keysize): return key size of 163120945Snectar encyption type, inspired by Aidan Cully <aidan@kublai.com> 164120945Snectar 165120945Snectar2003-03-27 Love H�rnquist �strand <lha@it.su.se> 166103423Snectar 167120945Snectar * lib/krb5/keytab.c (krb5_kt_get_entry): avoid printing 0 168120945Snectar (wildcard kvno) after principal when the keytab entry isn't found, 169120945Snectar reported by Chris Chiappa <chris@chiappa.net> 170120945Snectar 171120945Snectar2003-03-26 Love H�rnquist �strand <lha@it.su.se> 172103423Snectar 173120945Snectar * doc/misc.texi: update 2b example to match reality (from 174120945Snectar mattiasa@e.kth.se) 175103423Snectar 176120945Snectar * doc/misc.texi: spelling and add `Configuring AFS clients' 177120945Snectar subsection 178103423Snectar 179120945Snectar2003-03-25 Love H�rnquist �strand <lha@it.su.se> 180103423Snectar 181120945Snectar * lib/krb5/krb5.3: add krb5_free_data_contents.3 182120945Snectar 183120945Snectar * lib/krb5/data.c: add krb5_free_data_contents for compat with MIT 184120945Snectar API 185103423Snectar 186120945Snectar * lib/krb5/krb5_data.3: add krb5_free_data_contents for compat 187120945Snectar with MIT API 188103423Snectar 189120945Snectar * lib/krb5/krb5_verify_user.3: write more about how the ccache 190120945Snectar argument should be inited when used 191120945Snectar 192120945Snectar2003-03-25 Johan Danielsson <joda@pdc.kth.se> 193103423Snectar 194120945Snectar * lib/krb5/addr_families.c (krb5_print_address): make sure 195120945Snectar print_addr is defined for the given address type; make addrports 196120945Snectar printable 197103423Snectar 198120945Snectar * kdc/string2key.c: print the used enctype for kerberos 5 keys 199103423Snectar 200120945Snectar2003-03-25 Love H�rnquist �strand <lha@it.su.se> 201103423Snectar 202120945Snectar * lib/krb5/aes-test.c: add another arcfour test 203120945Snectar 204120945Snectar2003-03-22 Love H�rnquist �strand <lha@it.su.se> 205103423Snectar 206120945Snectar * lib/krb5/aes-test.c: sneek in a test for arcfour-hmac-md5 207120945Snectar 208120945Snectar2003-03-20 Love H�rnquist �strand <lha@it.su.se> 209120945Snectar 210120945Snectar * lib/krb5/krb5_ccache.3: update .Dd 211103423Snectar 212120945Snectar * lib/krb5/krb5.3: sort in krb5_data functions 213103423Snectar 214120945Snectar * lib/krb5/Makefile.am (man_MANS): += krb5_data.3 215103423Snectar 216120945Snectar * lib/krb5/krb5_data.3: document krb5_data 217103423Snectar 218120945Snectar * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): if 219120945Snectar prompter is NULL, don't try to ask for a password to 220120945Snectar change. reported by Iain Moffat @ ufl.edu via Howard Chu 221120945Snectar <hyc@highlandsun.com> 222103423Snectar 223120945Snectar2003-03-19 Love H�rnquist �strand <lha@it.su.se> 224103423Snectar 225120945Snectar * lib/krb5/krb5_keytab.3: spelling, from 226120945Snectar <jmc@prioris.mini.pw.edu.pl> 227103423Snectar 228120945Snectar * lib/krb5/krb5.conf.5: . means new line 229120945Snectar 230120945Snectar * lib/krb5/krb5.conf.5: spelling, from 231120945Snectar <jmc@prioris.mini.pw.edu.pl> 232103423Snectar 233120945Snectar * lib/krb5/krb5_auth_context.3: spelling, from 234120945Snectar <jmc@prioris.mini.pw.edu.pl> 235103423Snectar 236120945Snectar2003-03-18 Love H�rnquist �strand <lha@it.su.se> 237103423Snectar 238120945Snectar * kuser/Makefile.am: INCLUDES: -I$(srcdir)/../lib/krb5 239120945Snectar 240120945Snectar * lib/krb5/convert_creds.c: add _krb5_krb_life_to_time 241120945Snectar 242120945Snectar * lib/krb5/krb5-v4compat.h: add _krb5_krb_life_to_time 243103423Snectar 244120945Snectar * kdc/kdc_locl.h: 524 is independent of kerberos 4, so move out 245120945Snectar #ifdef KRB4 from enable_v4_cross_realm since 524 needs it 246120945Snectar 247120945Snectar * kdc/config.c: 524 is independent of kerberos 4, so move out 248120945Snectar enable_v4_cross_realm from #ifdef KRB4 since 524 needs it 249120945Snectar 250120945Snectar2003-03-17 Assar Westerlund <assar@kth.se> 251103423Snectar 252120945Snectar * kdc/kdc.8: document --kerberos4-cross-realm 253120945Snectar * kdc/kerberos4.c: pay attention to enable_v4_cross_realm 254120945Snectar * kdc/kdc_locl.h (enable_v4_cross_realm): add 255120945Snectar * kdc/524.c (encode_524_response): check the enable_v4_cross_realm 256120945Snectar flag before giving out v4 tickets for foreign v5 principals 257120945Snectar * kdc/config.c: add --enable-kerberos4-cross-realm option (default 258120945Snectar to off) 259103423Snectar 260120945Snectar2003-03-17 Love H�rnquist �strand <lha@it.su.se> 261103423Snectar 262120945Snectar * lib/krb5/Makefile.am (man_MANS) += krb5_aname_to_localname.3 263120945Snectar 264120945Snectar * lib/krb5/krb5_aname_to_localname.3: manpage for 265120945Snectar krb5_aname_to_localname 266103423Snectar 267120945Snectar * lib/krb5/krb5_kuserok.3: s/KRB5_USEROK/KRB5_KUSEROK/ 268120945Snectar 269120945Snectar2003-03-16 Love H�rnquist �strand <lha@it.su.se> 270103423Snectar 271120945Snectar * lib/krb5/Makefile.am (man_MANS): add krb5_set_default_realm.3 272103423Snectar 273120945Snectar * lib/krb5/krb5.3: add manpages from krb5_set_default_realm.3 274103423Snectar 275120945Snectar * lib/krb5/krb5_set_default_realm.3: Manpage for 276120945Snectar krb5_free_host_realm, krb5_get_default_realm, 277120945Snectar krb5_get_default_realms, krb5_get_host_realm, and 278120945Snectar krb5_set_default_realm. 279103423Snectar 280120945Snectar * admin/ktutil.8: s/entype/enctype/, from Igor Sobrado 281120945Snectar <sobrado@acm.org> via NetBSD 282103423Snectar 283120945Snectar * lib/krb5/krb5_keytab.3: add documention for krb5_kt_get_type 284102644Snectar 285120945Snectar * lib/krb5/keytab.c (krb5_kt_get_type): get prefix/type of keytab 286102644Snectar 287120945Snectar * lib/krb5/krb5.h (KRB5_KT_PREFIX_MAX_LEN): max length of prefix 288102644Snectar 289120945Snectar * lib/krb5/krb5_ccache.3: document krb5_cc_get_ops, add more 290120945Snectar types, add krb5_fcc_ops and krb5_mcc_ops 291102644Snectar 292120945Snectar * lib/krb5/cache.c (krb5_cc_get_ops): new function, return ops for 293120945Snectar a id 29490926Snectar 295120945Snectar2003-03-15 Love H�rnquist �strand <lha@it.su.se> 29690926Snectar 297120945Snectar * doc/intro.texi: add reference to source code, binaries and the 298120945Snectar manual 29990926Snectar 300120945Snectar * lib/krb5/krb5.3: krb5.h isn't in krb5 directory in heimdal 301120945Snectar 302120945Snectar2003-03-14 Love H�rnquist �strand <lha@it.su.se> 30390926Snectar 304120945Snectar * kdc/kdc.8: better/difrent english 30590926Snectar 306120945Snectar * kdc/kdc.8: . -> .\n, copyright/license 307120945Snectar 308120945Snectar * kdc/kdc.8: changed configuration file -> restart kdc 30990926Snectar 310120945Snectar * kdc/kerberos4.c: add krb4 into the most error messages written 311120945Snectar to the logfile 31290926Snectar 313120945Snectar * lib/krb5/krb5_ccache.3: add missing name of argument 314120945Snectar (krb5_context) to most functions 31590926Snectar 316120945Snectar2003-03-13 Love H�rnquist �strand <lha@it.su.se> 31790926Snectar 318120945Snectar * lib/krb5/kuserok.c (krb5_kuserok): preserve old behviour of 319120945Snectar function and return FALSE when there isn't a local account for 320120945Snectar `luser'. 32190926Snectar 322120945Snectar * lib/krb5/krb5_kuserok.3: fix prototype, spelling and more text 323120945Snectar describing the function 32490926Snectar 325120945Snectar2003-03-12 Love H�rnquist �strand <lha@it.su.se> 32690926Snectar 327120945Snectar * lib/krb5/cache.c (krb5_cc_default): if krb5_cc_default_name 328120945Snectar returned memory, don't return ENOMEM 32990926Snectar 330120945Snectar2003-03-11 Love H�rnquist �strand <lha@it.su.se> 33190926Snectar 332120945Snectar * lib/krb5/krb5.3: add krb5_address stuff and sort 333120945Snectar 334120945Snectar * lib/krb5/krb5_address.3: fix krb5_addr2sockaddr description 335120945Snectar 336120945Snectar * lib/krb5/Makefile.am (man_MANS): += krb5_address.3 337120945Snectar 338120945Snectar * lib/krb5/krb5_address.3: document types krb5_address and 339120945Snectar krb5_addresses and their helper functions 34090926Snectar 341120945Snectar2003-03-10 Love H�rnquist �strand <lha@it.su.se> 34290926Snectar 343120945Snectar * lib/krb5/Makefile.am (man_MANS): += krb5_kuserok.3 34490926Snectar 345120945Snectar * lib/krb5/krb5_kuserok.3: spelling, from cizzi@it.su.se 34690926Snectar 347120945Snectar * lib/krb5/Makefile.am (man_MANS): += krb5_ccache.3 34890926Snectar 349120945Snectar * lib/krb5/krb5_ccache.3: spelling, from cizzi@it.su.se 350120945Snectar 351120945Snectar * lib/krb5/krb5.3: add more functions 352120945Snectar 353120945Snectar * lib/krb5/krb5_ccache.3: document krb5_ccache and krb5_cc 354120945Snectar functions 35590926Snectar 356120945Snectar * lib/krb5/krb5_kuserok.3: document krb5_kuserok 357120945Snectar 358120945Snectar * lib/krb5/krb5_verify_user.3: document 359120945Snectar krb5_verify_opt_set_flags(opt, KRB5_VERIFY_LREALMS) behavior 36090926Snectar 361120945Snectar * lib/krb5/krb5_verify_user.3: document krb5_verify_opt* and 362120945Snectar krb5_verify_user_opt 36390926Snectar 364120945Snectar * lib/krb5/*.[0-9]: add copyright/licenses on more manpages 36590926Snectar 366120945Snectar * kuser/kdestroy.c (main): handle that krb5_cc_default_name can 367120945Snectar return NULL 36890926Snectar 369120945Snectar * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump minor 370120945Snectar (TESTS): add test_cc 37190926Snectar 372120945Snectar * lib/krb5/test_cc.c: test some 373120945Snectar krb5_cc_default_name/krb5_cc_set_default_name combinations 374120945Snectar 375120945Snectar * lib/krb5/context.c (init_context_from_config_file): set 376120945Snectar default_cc_name to NULL 377120945Snectar (krb5_free_context): free default_cc_name if set 37890926Snectar 379120945Snectar * lib/krb5/cache.c (krb5_cc_set_default_name): new function 380120945Snectar (krb5_cc_default_name): use krb5_cc_set_default_name 38190926Snectar 382120945Snectar * lib/krb5/krb5.h (krb5_context_data): add default_cc_name 383120945Snectar 384120945Snectar2003-02-25 Love H�rnquist �strand <lha@it.su.se> 38590926Snectar 386120945Snectar * appl/kf/kf.1: s/securly/securely/ from NetBSD 387120945Snectar 388120945Snectar2003-02-18 Love H�rnquist �strand <lha@it.su.se> 38990926Snectar 390120945Snectar * kdc/connect.c: s/intialize/initialize, from 391120945Snectar <jmc@prioris.mini.pw.edu.pl> 39290926Snectar 393120945Snectar2003-02-17 Love H�rnquist �strand <lha@it.su.se> 39490926Snectar 395120945Snectar * configure.in: add AM_MAINTAINER_MODE 396120945Snectar 397120945Snectar2003-02-16 Love H�rnquist �strand <lha@it.su.se> 39890926Snectar 399120945Snectar * **/*.[0-9]: add copyright/licenses on all manpages 40090926Snectar 401120945Snectar2003-14-16 Jacques Vidrine <nectar@kth.se> 40290926Snectar 403120945Snectar * lib/krb5/get_in_tkt.c (init_as_req): Send only a single 404120945Snectar PA-ENC-TIMESTAMP in the AS-REQ, using the first encryption 405120945Snectar type specified by the KDC. 40690926Snectar 407120945Snectar2003-02-15 Love H�rnquist �strand <lha@it.su.se> 40890926Snectar 409120945Snectar * fix-export: some autoconf put their version number in 410120945Snectar autom4te.cache, so remove autom4te*.cache 411120945Snectar 412120945Snectar * fix-export: make sure $1 is a directory 413120945Snectar 414120945Snectar2003-02-04 Love H�rnquist �strand <lha@it.su.se> 41590926Snectar 416120945Snectar * kpasswd/kpasswdd.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 41790926Snectar 418120945Snectar * kdc/kdc.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 419120945Snectar 420120945Snectar2003-01-31 Love H�rnquist �strand <lha@it.su.se> 42190926Snectar 422120945Snectar * kdc/hpropd.8: s/databases/a database/ s/Not/not/ 42390926Snectar 424120945Snectar * kdc/hprop.8: add missing . 425120945Snectar 426120945Snectar2003-01-30 Love H�rnquist �strand <lha@it.su.se> 42790926Snectar 428120945Snectar * lib/krb5/krb5.conf.5: documentation for of boolean, etypes, 429120945Snectar address, write out encryption type in sentences, s/Host/host 430120945Snectar 431120945Snectar2003-01-26 Love H�rnquist �strand <lha@it.su.se> 43290926Snectar 433120945Snectar * lib/asn1/check-gen.c: add checks for Authenticator too 434120945Snectar 435120945Snectar2003-01-25 Love H�rnquist �strand <lha@it.su.se> 43690926Snectar 437120945Snectar * doc/setup.texi: in the hprop example, use hprop and the first 438120945Snectar component, not host 43990926Snectar 440120945Snectar * lib/krb5/get_addrs.c (find_all_addresses): address-less 441120945Snectar point-to-point might not have an address, just ignore 442120945Snectar those. Reported by Harald Barth. 44390926Snectar 444120945Snectar2003-01-23 Love H�rnquist �strand <lha@it.su.se> 44590926Snectar 446120945Snectar * lib/krb5/verify_krb5_conf.c (check_section): when key isn't 447120945Snectar found, don't print out all known keys 44890926Snectar 449120945Snectar * lib/krb5/verify_krb5_conf.c (syslogvals): mark up where severity 450120945Snectar and facility start resp 451120945Snectar (check_log): find_value() returns -1 when key isn't found 45290926Snectar 453120945Snectar * lib/krb5/crypto.c (_krb5_aes_cts_encrypt): make key argument a 454120945Snectar 'const void *' to avoid AES_KEY being exposed in krb5-private.h 455120945Snectar 456120945Snectar * lib/krb5/krb5.conf.5: add [kdc]use_2b 45790926Snectar 458120945Snectar * kdc/524.c (encode_524_response): its 2b not b2 459120945Snectar 460120945Snectar * doc/misc.texi: quote @ where missing 461120945Snectar 462120945Snectar * lib/asn1/Makefile.am: add check-gen 463120945Snectar 464120945Snectar * lib/asn1/check-gen.c: add Principal check 465120945Snectar 466120945Snectar * lib/asn1/check-common.h: move generic asn1/der functions from 467120945Snectar check-der.c to here 46890926Snectar 469120945Snectar * lib/asn1/check-common.c: move generic asn1/der functions from 470120945Snectar check-der.c to here 47190926Snectar 472120945Snectar * lib/asn1/check-der.c: move out the generic asn1/der functions to 473120945Snectar a common file 47490926Snectar 475120945Snectar2003-01-22 Love H�rnquist �strand <lha@it.su.se> 47690926Snectar 477120945Snectar * doc/misc.texi: more text about afs, how to get get your KeyFile, 478120945Snectar and how to start use 2b tokens 47990926Snectar 480120945Snectar * lib/krb5/krb5.conf.5: spelling, from Jason McIntyre 481120945Snectar <jmc@cvs.openbsd.org> 482120945Snectar 483120945Snectar2003-01-21 Jacques Vidrine <nectar@kth.se> 48490926Snectar 485120945Snectar * kuser/kuser_locl.h: include crypto-headers.h for 486120945Snectar des_read_pw_string prototype 48790926Snectar 488120945Snectar2003-01-16 Love H�rnquist �strand <lha@it.su.se> 48990926Snectar 490120945Snectar * admin/ktutil.8: document -v, --verbose 49190926Snectar 492120945Snectar * admin/get.c (kt_get): make getarg usage consistent with other 493120945Snectar other parts of ktutil 49490926Snectar 495120945Snectar * admin/copy.c (kt_copy): remove adding verbose_flag to args 496120945Snectar struct, since it will overrun the args array (from Sumit Bose) 497120945Snectar 498120945Snectar2003-01-15 Love H�rnquist �strand <lha@it.su.se> 49990926Snectar 500120945Snectar * lib/krb5/krb5.conf.5: write more about [realms] REALM = { kdc = 501120945Snectar ... } 50290926Snectar 503120945Snectar * lib/krb5/aes-test.c: test vectors in aes-draft 504120945Snectar 505120945Snectar * lib/krb5/Makefile.am: add aes-test.c 50690926Snectar 507120945Snectar * lib/krb5/crypto.c: Add support for AES 508120945Snectar (draft-raeburn-krb-rijndael-krb-02), not enabled by default. 509120945Snectar (HMAC_SHA1_DES3_checksum): rename to SP_HMAC_SHA1_checksum and modify 510120945Snectar to support checksumtype that are have a shorter wireformat then 511120945Snectar their output block size. 512120945Snectar 513120945Snectar * lib/krb5/crypto.c (struct encryption_type): split the blocksize 514120945Snectar into blocksize and padsize, padsize is the minimum padding 515120945Snectar size. they are the same for now 516120945Snectar (enctype_*): add padsize 517120945Snectar (encrypt_internal): use padsize 518120945Snectar (encrypt_internal_derived): use padsize 519120945Snectar (wrapped_length): use padsize 520120945Snectar (wrapped_length_dervied): use padsize 52190926Snectar 522120945Snectar * lib/krb5/crypto.c: add extra `opaque' argument to string_to_key 523120945Snectar function for each enctype in preparation enctypes that uses 524120945Snectar `Encryption and Checksum Specifications for Kerberos 5' draft 52578527Sassar 526120945Snectar * lib/asn1/k5.asn1: add checksum and enctype for AES from 527120945Snectar draft-raeburn-krb-rijndael-krb-02.txt 52878527Sassar 529120945Snectar * lib/krb5/krb5.h (krb5_keytype): add KEYTYPE_AES128, 530120945Snectar KEYTYPE_AES256 53178527Sassar 532120945Snectar2003-01-14 Love H�rnquist �strand <lha@it.su.se> 53378527Sassar 534120945Snectar * lib/hdb/common.c (_hdb_fetch): handle error code from 535120945Snectar hdb_value2entry 53678527Sassar 537120945Snectar * kdc/Makefile.am: always include kerberos4.c and 524.c in 538120945Snectar kdc_SOURCES to support 524 53978527Sassar 540120945Snectar * kdc/524.c: always compile in support for 524 54178527Sassar 542120945Snectar * kdc/kdc_locl.h: move out krb/524 protos from under #ifdef KRB4 543120945Snectar 544120945Snectar * kdc/config.c: always compile in support for 524 545120945Snectar 546120945Snectar * kdc/connect.c: always compile in support for 524 547120945Snectar 548120945Snectar * kdc/kerberos4.c: export encode_v4_ticket() and get_des_key() 549120945Snectar even when we build without kerberos 4, 524 needs them 550120945Snectar 551120945Snectar * lib/krb5/convert_creds.c, lib/krb5/krb5-v4compat.h: Split out 552120945Snectar Kerberos 4 help functions/structures so other parts of the source 553120945Snectar tree can use it (like the KDC) 55478527Sassar 555