ChangeLog revision 142403
1142403Snectar2004-09-13 Johan Danielsson <joda@pdc.kth.se> 2142403Snectar 3142403Snectar * Release 0.6.3 4142403Snectar 5142403Snectar2004-09-05 Love H�rnquist �strand <lha@it.su.se> 6142403Snectar 7142403Snectar * lib/asn1/der_get.c (decode_enumerated): check that the tag 8142403Snectar length isn't longer the the length 9142403Snectar 10142403Snectar2004-08-31 Love H�rnquist �strand <lha@it.su.se> 11142403Snectar 12142403Snectar * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): 13142403Snectar kdc_reply can be set in case of failure too, clean on entry and 14142403Snectar free the exit unconditionally to avoid memory leak 15142403Snectar 16142403Snectar2004-08-20 Love H�rnquist �strand <lha@it.su.se> 17142403Snectar 18142403Snectar * lib/krb5/context.c: 1.93: (krb5_get_err_text): if neither of 19142403Snectar com_right nor strerror finds the error-code, return Unknown error. 20142403Snectar 21142403Snectar2004-08-13 Love H�rnquist �strand <lha@it.su.se> 22142403Snectar 23142403Snectar * kdc/kerberos5.c: based on 1.162: (get_pa_etype_info): check for 24142403Snectar dup enctypes from the client and filter them out. 25142403Snectar 26142403Snectar2004-06-21 Love H�rnquist �strand <lha@it.su.se> 27142403Snectar 28142403Snectar * admin/get.c: 1.23: (kt_get): catch errors from krb5_parse_name 29142403Snectar 30142403Snectar2004-06-21 Love H�rnquist �strand <lha@it.su.se> 31142403Snectar 32142403Snectar * lib/krb5/Makefile.am: man_MANS += krb5_set_password.3 33142403Snectar 34142403Snectar * lib/krb5/krb5_set_password.3: 1.1-1.3: change password manpage 35142403Snectar 36142403Snectar * lib/krb5/changepw.c: 1.49: implement 37142403Snectar krb5_set_password_using_ccache 1.47: add tcp support to the set 38142403Snectar protocol, should be cleaned up to enable sharing code with 39142403Snectar krb5_sendto 1.46: (process_reply): log into result_string if 40142403Snectar something goes bad, return 0 (even on failure), not the KPASSWD 41142403Snectar protocol error code 1.45: krb5_princ_realm -> 42142403Snectar krb5_principal_get_realm 1.44: (setpw_send_request): free 43142403Snectar ap_req_data on failure 1.41: ooops, remove cut and paste error 44142403Snectar 1.40: draft-ietf-cat-kerb-chg-password-02 and rfc3244 share the 45142403Snectar response packet sure more constants now that they exists 1.39: 46142403Snectar implement rfc3244, partly from shadow@dementia.org 47142403Snectar 48142403Snectar * lib/krb5/krb5.h: 1.211: some defines for rfc3244 49142403Snectar 50142403Snectar * lib/asn1/Makefile.am: 1.71: (gen_files): 51142403Snectar asn1_ChangePasswdDataMS.x for RFC3244 52142403Snectar 53142403Snectar * lib/asn1/k5.asn1: 1.30: add ChangePasswdDataMS, for RFC3244 54142403Snectar 55142403Snectar * kuser/kinit.c: 1.114: move "setpag if (argc < 1)" to common path 56142403Snectar 57142403Snectar2004-05-06 Johan Danielsson <joda@pdc.kth.se> 58142403Snectar 59142403Snectar * Release 0.6.2 60142403Snectar 61142403Snectar2004-04-02 Love H�rnquist �strand <lha@it.su.se> 62142403Snectar 63142403Snectar * kdc/connect.c: case size_t to unsigned long for LP64 platforms 64142403Snectar 65127808Snectar2004-04-01 Johan Danielsson <joda@pdc.kth.se> 66127808Snectar 67127808Snectar * Release 0.6.1 68127808Snectar 69127808Snectar2004-03-30 Love H�rnquist �strand <lha@it.su.se> 70127808Snectar 71127808Snectar * kdc/kerberos4.c: 1.46: stop the client from renewing tickets 72127808Snectar into the future From: Jeffrey Hutzelman <jhutz@cmu.edu> 73127808Snectar 74127808Snectar2004-03-10 Love H�rnquist �strand <lha@it.su.se> 75127808Snectar 76127808Snectar * lib/krb5/fcache.c: 1.43: (fcc_store_cred): NULL terminate 77127808Snectar krb5_config_get_bool_default' arglist 78127808Snectar 79127808Snectar2004-03-09 Love H�rnquist �strand <lha@it.su.se> 80127808Snectar 81127808Snectar * lib/krb5/krb5.conf.5: 1.44: document 82127808Snectar [libdefaults]fcc-mit-ticketflags=boolean 1.43: don't use path's in 83127808Snectar first .Nm, it confuses some locate.updatedb, use FILES section to 84127808Snectar describe where the file is instead. 85127808Snectar 86127808Snectar * lib/krb5/fcache.c (fcc_store_cred): default to use old format 87127808Snectar 88127808Snectar * lib/krb5/fcache.c: 1.42: (fcc_store_cred): use 89127808Snectar [libdefaults]fcc-mit-ticketflags=boolean to decide what format to 90127808Snectar write the fcc in. Default to mit format (aka heimdal 0.7 format) 91127808Snectar 1.41: (_krb5_xlock): handle that everything was ok, and don't put 92127808Snectar an error in the error strings then 93127808Snectar 94127808Snectar * lib/krb5/store.c: 1.43: add _krb5_store_creds_heimdal_0_7 and 95127808Snectar _krb5_store_creds_heimdal_pre_0_7 that store the creds in just 96127808Snectar that format make krb5_store_creds default to mit format 1.42: 97127808Snectar (krb5_ret_creds): Runtime detect the what is the higher bits of 98127808Snectar the bitfield 1.41: (krb5_store_creds): add disabled code that 99127808Snectar store the ticket flags in reverse order (bitswap32): new function 100127808Snectar 1.40: (krb5_ret_creds): if the higher ticket flags are set, its a 101127808Snectar mit cache, reverse the bits, bug pointed out by Sergio Gelato 102127808Snectar <Sergio.Gelato@astro.su.se> 103127808Snectar 104127808Snectar delta modfied to not change the behavior of krb5_store_creds 105127808Snectar 106127808Snectar2004-03-07 Love H�rnquist �strand <lha@it.su.se> 107127808Snectar 108127808Snectar * lib/krb5/mk_safe.c (krb5_mk_safe): fix assignment of usec2 109127808Snectar 110127808Snectar2004-03-06 Love H�rnquist �strand <lha@it.su.se> 111127808Snectar 112127808Snectar * lib/krb5/mcache.c: patch based on 1.17 and 1.18 but with 113127808Snectar threading code pulled out; 114127808Snectar 115127808Snectar 1.18: (mcc_get_principal): also check for primary_principal == 116127808Snectar NULL now that that isn't used as dead flag 1.17: don't overload 117127808Snectar the primary_principal == NULL as dead since that doesn't always 118127808Snectar work Based on patch from Jeffrey Hutzelman <jhutz@cmu.edu>, but 119127808Snectar tweek by me 120127808Snectar 121127808Snectar * lib/krb5/crypto.c: 1.94: (decrypt_internal_special): do not not 122127808Snectar modify the original data test case from Ronnie Sahlberg 123127808Snectar <ronnie_sahlberg@ozemail.com.au> 124127808Snectar 125127808Snectar2004-02-13 Love H�rnquist �strand <lha@it.su.se> 126127808Snectar 127127808Snectar * lib/krb5/verify_krb5_conf.c: 1.22->1.23: (check_host): don't 128127808Snectar check for EAI_NODATA, because its depricated in RFC3493 Pointed 129127808Snectar out by Hajimu UMEMOTO <ume@mahoroba.org> on heimdal-discuss 130127808Snectar 131127808Snectar * lib/krb5/eai_to_heim_errno.c: 1.3->1.4: EAI_ADDRFAMILY and 132127808Snectar EAI_NODATA is deprecated in RFC3493 133127808Snectar 134127808Snectar2004-02-09 Love H�rnquist �strand <lha@it.su.se> 135127808Snectar 136127808Snectar * lib/asn1/der_length.c: 1.16: Fix len_unsigned for certain 137127808Snectar negative integers, it got the length wrong, fix from Panasas, Inc. 138127808Snectar 139127808Snectar * lib/asn1/der_locl.h: 1.5: add _heim_len_unsigned, _heim_len_int 140127808Snectar 141127808Snectar2004-01-26 Love H�rnquist �strand <lha@it.su.se> 142127808Snectar 143127808Snectar * lib/asn1/gen_length.c: 1.14: (length_type): TSequenceOf: add up 144127808Snectar the size of all the elements, don't use just the size of the last 145127808Snectar element. 146127808Snectar 147127808Snectar * lib/krb5/fcache.c: 1.40: (_krb5_xlock): catch EINVAL and assume 148127808Snectar that it means that the filesystem doesn't support locking 1.39: 149127808Snectar (_krb5_xlock): fix compile error in last commit 1.38: internally 150127808Snectar export x{,un}lock and thus prefix them with _krb5_ 151127808Snectar 152127808Snectar2004-01-13 Love H�rnquist �strand <lha@it.su.se> 153127808Snectar 154127808Snectar * kuser/kinit.c: 1.106: (renew_validate): if renewable_flag and 155127808Snectar not time specifed, use "1 month" 156127808Snectar 1.105: make -9 work again 157127808Snectar 158127808Snectar2004-01-09 Love H�rnquist �strand <lha@it.su.se> 159127808Snectar 160127808Snectar * lib/krb5/get_for_creds.c: 1.36: (add_addrs): don't increase 161127808Snectar addr->len until in contains interesting data, use right iteration 162127808Snectar counter when clearing the addresses 1.39: krb5_princ_realm -> 163127808Snectar krb5_principal_get_realm 1.38: (krb5_get_forwarded_creds): use 164127808Snectar KRB5_AUTH_CONTEXT_DO_TIME if we want timestamp in forwarded 165127808Snectar krb-cred 1.39: (krb5_get_forwarded_creds): If tickets are 166127808Snectar address-less, forward address-less tickets. 1.40: 167127808Snectar (krb5_get_forwarded_creds): try to handle errors better for 168127808Snectar previous commit 1.41: (add_addrs): don't add same address multiple 169127808Snectar times 170127808Snectar 171127808Snectar * lib/krb5/get_cred.c: 1.96->1.97: rename get_krbtgt to 172127808Snectar _krb5_get_krbtgt and export it 173127808Snectar 174127808Snectar2003-12-14 Love H�rnquist �strand <lha@it.su.se> 175127808Snectar 176127808Snectar * kdc/kerberos5.c: part of 1.146->1.147: handle NULL client/server 177127808Snectar names 178127808Snectar 179127808Snectar2003-12-03 Love H�rnquist �strand <lha@it.su.se> 180127808Snectar 181127808Snectar * lib/krb5/crypto.c: 1.90->1.91: require cipher-text to be padded 182127808Snectar to padsize 1.91->1.92: (decrypt_internal_derived): move up padsize 183127808Snectar check to avoid memory leak 184127808Snectar 185127808Snectar2003-12-01 Love H�rnquist �strand <lha@it.su.se> 186127808Snectar 187127808Snectar * kuser/kinit.c: 1.103->1.104: (main): return the return value 188127808Snectar from simple_execvp 189127808Snectar 190127808Snectar2003-10-22 Love H�rnquist �strand <lha@it.su.se> 191127808Snectar 192127808Snectar * lib/krb5/transited.c: 1.13->1.14: (krb5_domain_x500_encode): 193127808Snectar always zero out encoding to make sure it have a defined value on 194127808Snectar failure 195127808Snectar 196127808Snectar * lib/krb5/transited.c: 1.12->1.13: (krb5_domain_x500_encode): if 197127808Snectar num_realms == 0, set encoding and return (avoids malloc(0)) check 198127808Snectar return value from malloc 199127808Snectar 200127808Snectar2003-10-21 Love H�rnquist �strand <lha@it.su.se> 201127808Snectar 202127808Snectar * doc/setup.texi: 1.35->1.36: spelling 203127808Snectar 204127808Snectar * kdc/kdc_locl.h: 1.58->1.59: add flag to always check transited 205127808Snectar policy 206127808Snectar 207127808Snectar * doc/setup.texi: 1.27->1.35: many changes 208127808Snectar 209127808Snectar * lib/krb5/get_cred.c: 1.95->1.96: get capath info from [capaths] 210127808Snectar section 211127808Snectar 212127808Snectar * lib/krb5/rd_req.c: 1.50->1.51: (krb5_decrypt_ticket): try to 213127808Snectar verify transited realms, unless the transited-policy-checked flag 214127808Snectar is set 215127808Snectar 216127808Snectar * lib/krb5/transited.c: 217127808Snectar 1.12: (krb5_domain_x500_decode): set *num_realms to zero not num_realms 218127808Snectar 1.11: (krb5_domain_x500_decode): handle zero length tr data; 219127808Snectar (krb5_check_transited): new function that does more useful stuff 220127808Snectar 221127808Snectar * kdc/kdc.8: 1.23->1.24: document enforce-transited-policy 222127808Snectar 223127808Snectar * kdc/config.c: 1.47->1.48: add flag to always check transited 224127808Snectar policy 225127808Snectar 226127808Snectar * kdc/kerberos5.c: 227127808Snectar 1.150: (fix_transited_encoding): also verify with policy, 228127808Snectar unless asked not to 229127808Snectar 1.151: always check transited policy if flag set either globally 230127808Snectar (on principal part of patch not pulled up) 231127808Snectar 1.152: (fix_transited_encoding): set transited type 232127808Snectar 1.153: (fix_transited_encoding): always print cross-realm information 233127808Snectar 234127808Snectar2003-10-06 Love H�rnquist �strand <lha@it.su.se> 235127808Snectar 236127808Snectar * lib/krb5/config_file.c: 1.48->1.49: 237127808Snectar (krb5_config_parse_file_debug): punt if there is binding before a 238127808Snectar section declaration. 239127808Snectar Bug found by Arkadiusz Miskiewicz <arekm@pld-linux.org> 240127808Snectar 241127808Snectar * kdc/kaserver.c: 1.21->1.23: 242127808Snectar (do_getticket): if times data is shorter then 8 bytes, request is 243127808Snectar malformed. 244127808Snectar (do_authenticate): if request length is less then 8 bytes, its a 245127808Snectar bad request and fail. Pointed out by Marco Foglia <marco@foglia.org> 246127808Snectar 247127808Snectar2003-09-22 Love H�rnquist �strand <lha@it.su.se> 248127808Snectar 249127808Snectar * lib/krb5/verify_krb5_conf.c: 1.17->1.18: add missing " within 250127808Snectar #if 0 From: stefan sokoll <stefansokoll@yahoo.de> 251127808Snectar 252127808Snectar2003-09-19 Love H�rnquist �strand <lha@it.su.se> 253127808Snectar 254127808Snectar * lib/krb5/rd_req.c: 255127808Snectar 1.47->1.48: (krb5_rd_req): allow caller to pass in a key 256127808Snectar in the auth_context, they way processes that doesn't use the 257127808Snectar keytab can still pass in the key of the service (matches behavior 258127808Snectar of MIT Kerberos). 259127808Snectar 260127808Snectar2003-09-18 Love H�rnquist �strand <lha@it.su.se> 261127808Snectar 262127808Snectar * lib/krb5/crypto.c: 263127808Snectar 1.87->1.88: (usage2arcfour): simplify, only 264127808Snectar include special cases From: Luke Howard <lukeh@PADL.COM> 265127808Snectar 1.86->1.87: (arcfour_checksum_p): return true when is arcfour, 266127808Snectar not when its not pointed out by Luke Howard 267127808Snectar 1.82->1.83: Do the arcfour checksum mapping for 268127808Snectar krb5_create_checksum and krb5_verify_checksum, From: Luke Howard 269127808Snectar <lukeh@PADL.COM> 270127808Snectar 1.81->1.82: (hmac): make it return an error 271127808Snectar when out of memory, update callsites to either return error or use 272127808Snectar krb5_abortx 273127808Snectar (krb5_hmac): expose hmac 274127808Snectar * lib/krb5/mk_req_ext.c: 1.26->1.27: (krb5_mk_req_internal): 275127808Snectar when using arcfour-hmac-md5, use an unkeyed checksum 276127808Snectar (rsa-md5), since Microsoft calculates the keyed checksum with 277127808Snectar the subkey of the authenticator. 278127808Snectar 279127808Snectar * lib/krb5/get_cred.c: 280127808Snectar 1.93->1.94 (init_tgs_req): make generation of subkey 281127808Snectar optional on configuration parameter 282127808Snectar [realms]realm={tgs_require_subkey=bool} 283127808Snectar defaults to off. The RFC1510 weakly defines the correct behavior, 284127808Snectar so old DCE secd apparently required the subkey to be there, and MS 285127808Snectar will use it when its there. But the request isn't encrypted in the 286127808Snectar subkey, so you get to choose if you want to talk to a MS mdc or a 287127808Snectar old DCE secd. 288127808Snectar 289127808Snectar partly 1.91->1.92: (init_tgs_req): in case of error, don't 290127808Snectar free in the req_body addresses since they where pass in by caller 291127808Snectar 292127808Snectar lib/krb5/get_in_tkt.c: 293127808Snectar 1.108->1.1.09: (krb5_get_in_tkt): for compatibility with with 294127808Snectar the mit implemtation, don't free `creds' argument when done, its up 295127808Snectar the the caller to do that, also allow a NULL ccache. 296127808Snectar 297127808Snectar * doc/ack.texi 298127808Snectar 1.16->1.17: update Luke Howard email address 299127808Snectar 300127808Snectar * lib/hdb/hdb-ldap.c: 301127808Snectar 1.13->1.14: code rewrite from Luke Howard <lukeh@PADL.COM> 302127808Snectar 1.12->1.13: (LDAP_store): log what principal/dn failed 303127808Snectar 1.11->1.12: use int2HDBFlags/HDBFlags2int 304127808Snectar From: Alberto Patino <jalbertop@aranea.com.mx>, 305127808Snectar Luke Howard <lukeh@PADL.COM> 306127808Snectar Pointed out by Andrew Bartlett of Samba 307127808Snectar 1.10->1.11: (LDAP__connect): bind sasl "EXTERNAL" to ldap connection 308127808Snectar (LDAP_store): remove superfluous argument to asprintf 309127808Snectar From Alberto Patino <jalbertop@aranea.com.mx> 310127808Snectar 311127808Snectar * lib/krb5/krb5.h: 312127808Snectar 1.214->1.2015: add KEYTYPE_ARCFOUR_56 313127808Snectar 314127808Snectar2003-09-12 Love H�rnquist �strand <lha@it.su.se> 315127808Snectar 316127808Snectar * lib/krb5/config_file.c: fix prototypes Fredrik Ljungberg 317127808Snectar <flag@pobox.se> 318127808Snectar 319127808Snectar2003-09-11 Love H�rnquist �strand <lha@it.su.se> 320127808Snectar 321127808Snectar * lib/hdb/hdb_locl.h: 1.18->1.19: include <limits.h> for ULONG_MAX 322127808Snectar noted by Wissler Magnus <M.Wissler@abalon.se> on heimdal-discuss 323127808Snectar 324127808Snectar2003-08-29 Love H�rnquist �strand <lha@it.su.se> 325127808Snectar 326127808Snectar * lib/hdb/db3.c: 1.8->1.9: patch for working with DB4 on 327127808Snectar heimdal-discuss From: Luke Howard <lukeh@PADL.COM> 1.9->1.10: try 328127808Snectar to include more db headers 329127808Snectar 330127808Snectar2003-08-25 Love H�rnquist �strand <lha@it.su.se> 331127808Snectar 332127808Snectar * kdc/connect.c: 1.92->1.93 (handle_tcp): handle recvfrom 333127808Snectar returning 0 (connection closed) 1.91->1.92: (grow_descr): 334127808Snectar increment the size after we succeed to allocate the space 335127808Snectar 336127808Snectar2003-08-15 Love H�rnquist �strand <lha@it.su.se> 337127808Snectar 338127808Snectar * lib/krb5/principal.c: 1.83->1.85: (unparse_name): len can't be 339127808Snectar zero, so, don't check for that 340127808Snectar (unparse_name): make sure there are space for a NUL, set *name to NULL 341127808Snectar when there is a failure (so caller can't get hold of a freed 342127808Snectar pointer) 343127808Snectar 344120945Snectar2003-05-08 Johan Danielsson <joda@ratatosk.pdc.kth.se> 345103423Snectar 346120945Snectar * Release 0.6 347103423Snectar 348120945Snectar2003-05-08 Love H�rnquist �strand <lha@it.su.se> 349103423Snectar 350120945Snectar * kuser/klist.c: 1.68->1.69: print tokens even if there isn't v4 351120945Snectar support 352103423Snectar 353120945Snectar * kuser/kdestroy.c: 1.14->1.15: destroy tokens even if there isn't 354120945Snectar v4 support 355103423Snectar 356120945Snectar * kuser/kinit.c: 1.90->1.91: print tokens even if there isn't v4 357120945Snectar support 358103423Snectar 359120945Snectar2003-05-06 Johan Danielsson <joda@pdc.kth.se> 360107207Snectar 361120945Snectar * lib/krb5/name-45-test.c: need to use empty krb5.conf for some 362120945Snectar tests 363107207Snectar 364120945Snectar * lib/asn1/check-gen.c: there is no \e escape sequence; replace 365120945Snectar everything with hex-codes, and cast to unsigned char* to make some 366120945Snectar compilers happy 367107207Snectar 368120945Snectar2003-05-06 Love H�rnquist �strand <lha@it.su.se> 369107207Snectar 370120945Snectar * lib/krb5/get_in_tkt.c (make_pa_enc_timestamp): make sure first 371120945Snectar argument to krb5_us_timeofday have correct type 372120945Snectar 373120945Snectar2003-05-05 Assar Westerlund <assar@kth.se> 374107207Snectar 375120945Snectar * include/make_crypto.c (main): include aes.h if ENABLE_AES 376107207Snectar 377120945Snectar2003-05-05 Love H�rnquist �strand <lha@it.su.se> 378107207Snectar 379120945Snectar * NEWS: 1.108->1.110: fix text about gssapi compat 380120945Snectar 381120945Snectar2003-04-28 Love H�rnquist �strand <lha@it.su.se> 382107207Snectar 383120945Snectar * kdc/v4_dump.c: 1.4->1.5: (v4_prop_dump): limit strings length, 384120945Snectar from openbsd 385103423Snectar 386120945Snectar2003-04-24 Love H�rnquist �strand <lha@it.su.se> 387107207Snectar 388120945Snectar * doc/programming.texi: 1.2-1.3: s/managment/management/, from jmc 389120945Snectar <jmc@prioris.mini.pw.edu.pl> 390103423Snectar 391120945Snectar2003-04-22 Love H�rnquist �strand <lha@it.su.se> 392103423Snectar 393120945Snectar * lib/krb5/krbhst.c: 1.43->1.44: copy NUL too, from janj@wenf.org 394120945Snectar via openbsd 395103423Snectar 396120945Snectar2003-04-17 Love H�rnquist �strand <lha@it.su.se> 397103423Snectar 398120945Snectar * lib/asn1/der_copy.c (copy_general_string): use strdup 399120945Snectar * lib/asn1/der_put.c: remove sprintf 400120945Snectar * lib/asn1/gen.c: remove strcpy/sprintf 401120945Snectar 402120945Snectar * lib/krb5/name-45-test.c: use a more unique name then ratatosk so 403120945Snectar that other (me) have such hosts in the local domain and the tests 404120945Snectar fails, to take hokkigai.pdc.kth.se instead 405120945Snectar 406120945Snectar * lib/krb5/test_alname.c: add --version and --help 407120945Snectar 408120945Snectar2003-04-16 Love H�rnquist �strand <lha@it.su.se> 409103423Snectar 410120945Snectar * lib/krb5/krb5_warn.3: add krb5_get_err_text 411120945Snectar 412120945Snectar * lib/krb5/transited.c: use strlcat/strlcpy, from openbsd 413120945Snectar * lib/krb5/krbhst.c (srv_find_realm): use strlcpy, from openbsd 414120945Snectar * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): use 415120945Snectar strlcpy, from openbsd 416120945Snectar * kdc/hpropd.c: s/strcat/strlcat/, inspired from openbsd 417120945Snectar * appl/kf/kfd.c: use strlcpy, from openbsd 418120945Snectar 419120945Snectar2003-04-16 Johan Danielsson <joda@pdc.kth.se> 420103423Snectar 421120945Snectar * configure.in: fix for large file support in AIX, _LARGE_FILES 422120945Snectar needs to be defined on the command line, since lex likes to 423120945Snectar include stdio.h before we get to config.h 424103423Snectar 425120945Snectar2003-04-16 Love H�rnquist �strand <lha@it.su.se> 426120945Snectar 427120945Snectar * lib/krb5/*.3: Change .Fd #include <header.h> to .In header.h, 428120945Snectar from Thomas Klausner <wiz@netbsd.org> 429120945Snectar 430120945Snectar * lib/krb5/krb5.conf.5: spelling, from Thomas Klausner 431120945Snectar <wiz@netbsd.org> 432103423Snectar 433120945Snectar2003-04-15 Love H�rnquist �strand <lha@it.su.se> 434103423Snectar 435120945Snectar * kdc/kerberos5.c: fix some more memory leaks 436120945Snectar 437120945Snectar2003-04-11 Love H�rnquist �strand <lha@it.su.se> 438103423Snectar 439120945Snectar * appl/kf/kf.1: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 440120945Snectar 441120945Snectar2003-04-08 Love H�rnquist �strand <lha@it.su.se> 442103423Snectar 443120945Snectar * admin/ktutil.8: typos, from jmc <jmc@acn.waw.pl> 444120945Snectar 445120945Snectar2003-04-06 Love H�rnquist �strand <lha@it.su.se> 446103423Snectar 447120945Snectar * lib/krb5/krb5.3: s/kerberos/Kerberos/ 448120945Snectar * lib/krb5/krb5_data.3: s/kerberos/Kerberos/ 449120945Snectar * lib/krb5/krb5_address.3: s/kerberos/Kerberos/ 450120945Snectar * lib/krb5/krb5_ccache.3: s/kerberos/Kerberos/ 451120945Snectar * lib/krb5/krb5.conf.5: s/kerberos/Kerberos/ 452120945Snectar * kuser/kinit.1: s/kerberos/Kerberos/ 453120945Snectar * kdc/kdc.8: s/kerberos/Kerberos/ 454120945Snectar 455120945Snectar2003-04-01 Love H�rnquist �strand <lha@it.su.se> 456103423Snectar 457120945Snectar * lib/krb5/test_alname.c: more krb5_aname_to_localname tests 458120945Snectar 459120945Snectar * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): when 460120945Snectar converting too root, make sure user is ok according to 461120945Snectar krb5_kuserok before allowing it. 462103423Snectar 463120945Snectar * lib/krb5/Makefile.am (noinst_PROGRAMS): += test_alname 464120945Snectar 465120945Snectar * lib/krb5/test_alname.c: add test for krb5_aname_to_localname 466120945Snectar 467120945Snectar * lib/krb5/crypto.c (krb5_DES_AFS3_CMU_string_to_key): used p1 468120945Snectar instead of the "illegal" salt #~, same change as kth-krb did 469120945Snectar 1999. Problems occur with crypt() that behaves like AT&T crypt 470120945Snectar (openssl does this). Pointed out by Marcus Watts. 471103423Snectar 472120945Snectar * admin/change.c (kt_change): collect all principals we are going 473120945Snectar to change, and pick the highest kvno and use that to guess what 474120945Snectar kvno the resulting kvno is going to be. Now two ktutil change in a 475120945Snectar row works. XXX fix the protocol to pass the kvno back. 476120945Snectar 477120945Snectar2003-03-31 Love H�rnquist �strand <lha@it.su.se> 478103423Snectar 479120945Snectar * appl/kf/kf.1: afs->AFS, from jmc <jmc@acn.waw.pl> 480120945Snectar 481120945Snectar2003-03-30 Love H�rnquist �strand <lha@it.su.se> 482103423Snectar 483120945Snectar * doc/setup.texi: add description on how to turn on v4, 524 and 484120945Snectar kaserver support 485103423Snectar 486120945Snectar2003-03-29 Love H�rnquist �strand <lha@it.su.se> 487103423Snectar 488120945Snectar * lib/krb5/verify_krb5_conf.c (appdefaults_entries): add afslog 489120945Snectar and afs-use-524 490103423Snectar 491120945Snectar2003-03-28 Love H�rnquist �strand <lha@it.su.se> 492103423Snectar 493120945Snectar * kdc/kerberos5.c (as_rep): when the second enctype_to_string 494120945Snectar failes, remember to free memory from the first enctype_to_string 495103423Snectar 496120945Snectar * lib/krb5/crypto.c (usage2arcfour): map KRB5_KU_TICKET to 2, 497120945Snectar from Harald Joerg <harald.joerg@fujitsu-siemens.com> 498120945Snectar (enctype_arcfour_hmac_md5): disable checksum_hmac_md5_enc 499103423Snectar 500120945Snectar * lib/hdb/mkey.c (hdb_unseal_keys_mkey): truncate key to the key 501120945Snectar length when key is longer then expected length, its probably 502120945Snectar longer since the encrypted data was padded, reported by Aidan 503120945Snectar Cully <aidan@kublai.com> 504103423Snectar 505120945Snectar * lib/krb5/crypto.c (krb5_enctype_keysize): return key size of 506120945Snectar encyption type, inspired by Aidan Cully <aidan@kublai.com> 507120945Snectar 508120945Snectar2003-03-27 Love H�rnquist �strand <lha@it.su.se> 509103423Snectar 510120945Snectar * lib/krb5/keytab.c (krb5_kt_get_entry): avoid printing 0 511120945Snectar (wildcard kvno) after principal when the keytab entry isn't found, 512120945Snectar reported by Chris Chiappa <chris@chiappa.net> 513120945Snectar 514120945Snectar2003-03-26 Love H�rnquist �strand <lha@it.su.se> 515103423Snectar 516120945Snectar * doc/misc.texi: update 2b example to match reality (from 517120945Snectar mattiasa@e.kth.se) 518103423Snectar 519120945Snectar * doc/misc.texi: spelling and add `Configuring AFS clients' 520120945Snectar subsection 521103423Snectar 522120945Snectar2003-03-25 Love H�rnquist �strand <lha@it.su.se> 523103423Snectar 524120945Snectar * lib/krb5/krb5.3: add krb5_free_data_contents.3 525120945Snectar 526120945Snectar * lib/krb5/data.c: add krb5_free_data_contents for compat with MIT 527120945Snectar API 528103423Snectar 529120945Snectar * lib/krb5/krb5_data.3: add krb5_free_data_contents for compat 530120945Snectar with MIT API 531103423Snectar 532120945Snectar * lib/krb5/krb5_verify_user.3: write more about how the ccache 533120945Snectar argument should be inited when used 534120945Snectar 535120945Snectar2003-03-25 Johan Danielsson <joda@pdc.kth.se> 536103423Snectar 537120945Snectar * lib/krb5/addr_families.c (krb5_print_address): make sure 538120945Snectar print_addr is defined for the given address type; make addrports 539120945Snectar printable 540103423Snectar 541120945Snectar * kdc/string2key.c: print the used enctype for kerberos 5 keys 542103423Snectar 543120945Snectar2003-03-25 Love H�rnquist �strand <lha@it.su.se> 544103423Snectar 545120945Snectar * lib/krb5/aes-test.c: add another arcfour test 546120945Snectar 547120945Snectar2003-03-22 Love H�rnquist �strand <lha@it.su.se> 548103423Snectar 549120945Snectar * lib/krb5/aes-test.c: sneek in a test for arcfour-hmac-md5 550120945Snectar 551120945Snectar2003-03-20 Love H�rnquist �strand <lha@it.su.se> 552120945Snectar 553120945Snectar * lib/krb5/krb5_ccache.3: update .Dd 554103423Snectar 555120945Snectar * lib/krb5/krb5.3: sort in krb5_data functions 556103423Snectar 557120945Snectar * lib/krb5/Makefile.am (man_MANS): += krb5_data.3 558103423Snectar 559120945Snectar * lib/krb5/krb5_data.3: document krb5_data 560103423Snectar 561120945Snectar * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): if 562120945Snectar prompter is NULL, don't try to ask for a password to 563120945Snectar change. reported by Iain Moffat @ ufl.edu via Howard Chu 564120945Snectar <hyc@highlandsun.com> 565103423Snectar 566120945Snectar2003-03-19 Love H�rnquist �strand <lha@it.su.se> 567103423Snectar 568120945Snectar * lib/krb5/krb5_keytab.3: spelling, from 569120945Snectar <jmc@prioris.mini.pw.edu.pl> 570103423Snectar 571120945Snectar * lib/krb5/krb5.conf.5: . means new line 572120945Snectar 573120945Snectar * lib/krb5/krb5.conf.5: spelling, from 574120945Snectar <jmc@prioris.mini.pw.edu.pl> 575103423Snectar 576120945Snectar * lib/krb5/krb5_auth_context.3: spelling, from 577120945Snectar <jmc@prioris.mini.pw.edu.pl> 578103423Snectar 579120945Snectar2003-03-18 Love H�rnquist �strand <lha@it.su.se> 580103423Snectar 581120945Snectar * kuser/Makefile.am: INCLUDES: -I$(srcdir)/../lib/krb5 582120945Snectar 583120945Snectar * lib/krb5/convert_creds.c: add _krb5_krb_life_to_time 584120945Snectar 585120945Snectar * lib/krb5/krb5-v4compat.h: add _krb5_krb_life_to_time 586103423Snectar 587120945Snectar * kdc/kdc_locl.h: 524 is independent of kerberos 4, so move out 588120945Snectar #ifdef KRB4 from enable_v4_cross_realm since 524 needs it 589120945Snectar 590120945Snectar * kdc/config.c: 524 is independent of kerberos 4, so move out 591120945Snectar enable_v4_cross_realm from #ifdef KRB4 since 524 needs it 592120945Snectar 593120945Snectar2003-03-17 Assar Westerlund <assar@kth.se> 594103423Snectar 595120945Snectar * kdc/kdc.8: document --kerberos4-cross-realm 596120945Snectar * kdc/kerberos4.c: pay attention to enable_v4_cross_realm 597120945Snectar * kdc/kdc_locl.h (enable_v4_cross_realm): add 598120945Snectar * kdc/524.c (encode_524_response): check the enable_v4_cross_realm 599120945Snectar flag before giving out v4 tickets for foreign v5 principals 600120945Snectar * kdc/config.c: add --enable-kerberos4-cross-realm option (default 601120945Snectar to off) 602103423Snectar 603120945Snectar2003-03-17 Love H�rnquist �strand <lha@it.su.se> 604103423Snectar 605120945Snectar * lib/krb5/Makefile.am (man_MANS) += krb5_aname_to_localname.3 606120945Snectar 607120945Snectar * lib/krb5/krb5_aname_to_localname.3: manpage for 608120945Snectar krb5_aname_to_localname 609103423Snectar 610120945Snectar * lib/krb5/krb5_kuserok.3: s/KRB5_USEROK/KRB5_KUSEROK/ 611120945Snectar 612120945Snectar2003-03-16 Love H�rnquist �strand <lha@it.su.se> 613103423Snectar 614120945Snectar * lib/krb5/Makefile.am (man_MANS): add krb5_set_default_realm.3 615103423Snectar 616120945Snectar * lib/krb5/krb5.3: add manpages from krb5_set_default_realm.3 617103423Snectar 618120945Snectar * lib/krb5/krb5_set_default_realm.3: Manpage for 619120945Snectar krb5_free_host_realm, krb5_get_default_realm, 620120945Snectar krb5_get_default_realms, krb5_get_host_realm, and 621120945Snectar krb5_set_default_realm. 622103423Snectar 623120945Snectar * admin/ktutil.8: s/entype/enctype/, from Igor Sobrado 624120945Snectar <sobrado@acm.org> via NetBSD 625103423Snectar 626120945Snectar * lib/krb5/krb5_keytab.3: add documention for krb5_kt_get_type 627102644Snectar 628120945Snectar * lib/krb5/keytab.c (krb5_kt_get_type): get prefix/type of keytab 629102644Snectar 630120945Snectar * lib/krb5/krb5.h (KRB5_KT_PREFIX_MAX_LEN): max length of prefix 631102644Snectar 632120945Snectar * lib/krb5/krb5_ccache.3: document krb5_cc_get_ops, add more 633120945Snectar types, add krb5_fcc_ops and krb5_mcc_ops 634102644Snectar 635120945Snectar * lib/krb5/cache.c (krb5_cc_get_ops): new function, return ops for 636120945Snectar a id 63790926Snectar 638120945Snectar2003-03-15 Love H�rnquist �strand <lha@it.su.se> 63990926Snectar 640120945Snectar * doc/intro.texi: add reference to source code, binaries and the 641120945Snectar manual 64290926Snectar 643120945Snectar * lib/krb5/krb5.3: krb5.h isn't in krb5 directory in heimdal 644120945Snectar 645120945Snectar2003-03-14 Love H�rnquist �strand <lha@it.su.se> 64690926Snectar 647120945Snectar * kdc/kdc.8: better/difrent english 64890926Snectar 649120945Snectar * kdc/kdc.8: . -> .\n, copyright/license 650120945Snectar 651120945Snectar * kdc/kdc.8: changed configuration file -> restart kdc 65290926Snectar 653120945Snectar * kdc/kerberos4.c: add krb4 into the most error messages written 654120945Snectar to the logfile 65590926Snectar 656120945Snectar * lib/krb5/krb5_ccache.3: add missing name of argument 657120945Snectar (krb5_context) to most functions 65890926Snectar 659120945Snectar2003-03-13 Love H�rnquist �strand <lha@it.su.se> 66090926Snectar 661120945Snectar * lib/krb5/kuserok.c (krb5_kuserok): preserve old behviour of 662120945Snectar function and return FALSE when there isn't a local account for 663120945Snectar `luser'. 66490926Snectar 665120945Snectar * lib/krb5/krb5_kuserok.3: fix prototype, spelling and more text 666120945Snectar describing the function 66790926Snectar 668120945Snectar2003-03-12 Love H�rnquist �strand <lha@it.su.se> 66990926Snectar 670120945Snectar * lib/krb5/cache.c (krb5_cc_default): if krb5_cc_default_name 671120945Snectar returned memory, don't return ENOMEM 67290926Snectar 673120945Snectar2003-03-11 Love H�rnquist �strand <lha@it.su.se> 67490926Snectar 675120945Snectar * lib/krb5/krb5.3: add krb5_address stuff and sort 676120945Snectar 677120945Snectar * lib/krb5/krb5_address.3: fix krb5_addr2sockaddr description 678120945Snectar 679120945Snectar * lib/krb5/Makefile.am (man_MANS): += krb5_address.3 680120945Snectar 681120945Snectar * lib/krb5/krb5_address.3: document types krb5_address and 682120945Snectar krb5_addresses and their helper functions 68390926Snectar 684120945Snectar2003-03-10 Love H�rnquist �strand <lha@it.su.se> 68590926Snectar 686120945Snectar * lib/krb5/Makefile.am (man_MANS): += krb5_kuserok.3 68790926Snectar 688120945Snectar * lib/krb5/krb5_kuserok.3: spelling, from cizzi@it.su.se 68990926Snectar 690120945Snectar * lib/krb5/Makefile.am (man_MANS): += krb5_ccache.3 69190926Snectar 692120945Snectar * lib/krb5/krb5_ccache.3: spelling, from cizzi@it.su.se 693120945Snectar 694120945Snectar * lib/krb5/krb5.3: add more functions 695120945Snectar 696120945Snectar * lib/krb5/krb5_ccache.3: document krb5_ccache and krb5_cc 697120945Snectar functions 69890926Snectar 699120945Snectar * lib/krb5/krb5_kuserok.3: document krb5_kuserok 700120945Snectar 701120945Snectar * lib/krb5/krb5_verify_user.3: document 702120945Snectar krb5_verify_opt_set_flags(opt, KRB5_VERIFY_LREALMS) behavior 70390926Snectar 704120945Snectar * lib/krb5/krb5_verify_user.3: document krb5_verify_opt* and 705120945Snectar krb5_verify_user_opt 70690926Snectar 707120945Snectar * lib/krb5/*.[0-9]: add copyright/licenses on more manpages 70890926Snectar 709120945Snectar * kuser/kdestroy.c (main): handle that krb5_cc_default_name can 710120945Snectar return NULL 71190926Snectar 712120945Snectar * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump minor 713120945Snectar (TESTS): add test_cc 71490926Snectar 715120945Snectar * lib/krb5/test_cc.c: test some 716120945Snectar krb5_cc_default_name/krb5_cc_set_default_name combinations 717120945Snectar 718120945Snectar * lib/krb5/context.c (init_context_from_config_file): set 719120945Snectar default_cc_name to NULL 720120945Snectar (krb5_free_context): free default_cc_name if set 72190926Snectar 722120945Snectar * lib/krb5/cache.c (krb5_cc_set_default_name): new function 723120945Snectar (krb5_cc_default_name): use krb5_cc_set_default_name 72490926Snectar 725120945Snectar * lib/krb5/krb5.h (krb5_context_data): add default_cc_name 726120945Snectar 727120945Snectar2003-02-25 Love H�rnquist �strand <lha@it.su.se> 72890926Snectar 729120945Snectar * appl/kf/kf.1: s/securly/securely/ from NetBSD 730120945Snectar 731120945Snectar2003-02-18 Love H�rnquist �strand <lha@it.su.se> 73290926Snectar 733120945Snectar * kdc/connect.c: s/intialize/initialize, from 734120945Snectar <jmc@prioris.mini.pw.edu.pl> 73590926Snectar 736120945Snectar2003-02-17 Love H�rnquist �strand <lha@it.su.se> 73790926Snectar 738120945Snectar * configure.in: add AM_MAINTAINER_MODE 739120945Snectar 740120945Snectar2003-02-16 Love H�rnquist �strand <lha@it.su.se> 74190926Snectar 742120945Snectar * **/*.[0-9]: add copyright/licenses on all manpages 74390926Snectar 744120945Snectar2003-14-16 Jacques Vidrine <nectar@kth.se> 74590926Snectar 746120945Snectar * lib/krb5/get_in_tkt.c (init_as_req): Send only a single 747120945Snectar PA-ENC-TIMESTAMP in the AS-REQ, using the first encryption 748120945Snectar type specified by the KDC. 74990926Snectar 750120945Snectar2003-02-15 Love H�rnquist �strand <lha@it.su.se> 75190926Snectar 752120945Snectar * fix-export: some autoconf put their version number in 753120945Snectar autom4te.cache, so remove autom4te*.cache 754120945Snectar 755120945Snectar * fix-export: make sure $1 is a directory 756120945Snectar 757120945Snectar2003-02-04 Love H�rnquist �strand <lha@it.su.se> 75890926Snectar 759120945Snectar * kpasswd/kpasswdd.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 76090926Snectar 761120945Snectar * kdc/kdc.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 762120945Snectar 763120945Snectar2003-01-31 Love H�rnquist �strand <lha@it.su.se> 76490926Snectar 765120945Snectar * kdc/hpropd.8: s/databases/a database/ s/Not/not/ 76690926Snectar 767120945Snectar * kdc/hprop.8: add missing . 768120945Snectar 769120945Snectar2003-01-30 Love H�rnquist �strand <lha@it.su.se> 77090926Snectar 771120945Snectar * lib/krb5/krb5.conf.5: documentation for of boolean, etypes, 772120945Snectar address, write out encryption type in sentences, s/Host/host 773120945Snectar 774120945Snectar2003-01-26 Love H�rnquist �strand <lha@it.su.se> 77590926Snectar 776120945Snectar * lib/asn1/check-gen.c: add checks for Authenticator too 777120945Snectar 778120945Snectar2003-01-25 Love H�rnquist �strand <lha@it.su.se> 77990926Snectar 780120945Snectar * doc/setup.texi: in the hprop example, use hprop and the first 781120945Snectar component, not host 78290926Snectar 783120945Snectar * lib/krb5/get_addrs.c (find_all_addresses): address-less 784120945Snectar point-to-point might not have an address, just ignore 785120945Snectar those. Reported by Harald Barth. 78690926Snectar 787120945Snectar2003-01-23 Love H�rnquist �strand <lha@it.su.se> 78890926Snectar 789120945Snectar * lib/krb5/verify_krb5_conf.c (check_section): when key isn't 790120945Snectar found, don't print out all known keys 79190926Snectar 792120945Snectar * lib/krb5/verify_krb5_conf.c (syslogvals): mark up where severity 793120945Snectar and facility start resp 794120945Snectar (check_log): find_value() returns -1 when key isn't found 79590926Snectar 796120945Snectar * lib/krb5/crypto.c (_krb5_aes_cts_encrypt): make key argument a 797120945Snectar 'const void *' to avoid AES_KEY being exposed in krb5-private.h 798120945Snectar 799120945Snectar * lib/krb5/krb5.conf.5: add [kdc]use_2b 80090926Snectar 801120945Snectar * kdc/524.c (encode_524_response): its 2b not b2 802120945Snectar 803120945Snectar * doc/misc.texi: quote @ where missing 804120945Snectar 805120945Snectar * lib/asn1/Makefile.am: add check-gen 806120945Snectar 807120945Snectar * lib/asn1/check-gen.c: add Principal check 808120945Snectar 809120945Snectar * lib/asn1/check-common.h: move generic asn1/der functions from 810120945Snectar check-der.c to here 81190926Snectar 812120945Snectar * lib/asn1/check-common.c: move generic asn1/der functions from 813120945Snectar check-der.c to here 81490926Snectar 815120945Snectar * lib/asn1/check-der.c: move out the generic asn1/der functions to 816120945Snectar a common file 81790926Snectar 818120945Snectar2003-01-22 Love H�rnquist �strand <lha@it.su.se> 81990926Snectar 820120945Snectar * doc/misc.texi: more text about afs, how to get get your KeyFile, 821120945Snectar and how to start use 2b tokens 82290926Snectar 823120945Snectar * lib/krb5/krb5.conf.5: spelling, from Jason McIntyre 824120945Snectar <jmc@cvs.openbsd.org> 825120945Snectar 826120945Snectar2003-01-21 Jacques Vidrine <nectar@kth.se> 82790926Snectar 828120945Snectar * kuser/kuser_locl.h: include crypto-headers.h for 829120945Snectar des_read_pw_string prototype 83090926Snectar 831120945Snectar2003-01-16 Love H�rnquist �strand <lha@it.su.se> 83290926Snectar 833120945Snectar * admin/ktutil.8: document -v, --verbose 83490926Snectar 835120945Snectar * admin/get.c (kt_get): make getarg usage consistent with other 836120945Snectar other parts of ktutil 83790926Snectar 838120945Snectar * admin/copy.c (kt_copy): remove adding verbose_flag to args 839120945Snectar struct, since it will overrun the args array (from Sumit Bose) 840120945Snectar 841120945Snectar2003-01-15 Love H�rnquist �strand <lha@it.su.se> 84290926Snectar 843120945Snectar * lib/krb5/krb5.conf.5: write more about [realms] REALM = { kdc = 844120945Snectar ... } 84590926Snectar 846120945Snectar * lib/krb5/aes-test.c: test vectors in aes-draft 847120945Snectar 848120945Snectar * lib/krb5/Makefile.am: add aes-test.c 84990926Snectar 850120945Snectar * lib/krb5/crypto.c: Add support for AES 851120945Snectar (draft-raeburn-krb-rijndael-krb-02), not enabled by default. 852120945Snectar (HMAC_SHA1_DES3_checksum): rename to SP_HMAC_SHA1_checksum and modify 853120945Snectar to support checksumtype that are have a shorter wireformat then 854120945Snectar their output block size. 855120945Snectar 856120945Snectar * lib/krb5/crypto.c (struct encryption_type): split the blocksize 857120945Snectar into blocksize and padsize, padsize is the minimum padding 858120945Snectar size. they are the same for now 859120945Snectar (enctype_*): add padsize 860120945Snectar (encrypt_internal): use padsize 861120945Snectar (encrypt_internal_derived): use padsize 862120945Snectar (wrapped_length): use padsize 863120945Snectar (wrapped_length_dervied): use padsize 86490926Snectar 865120945Snectar * lib/krb5/crypto.c: add extra `opaque' argument to string_to_key 866120945Snectar function for each enctype in preparation enctypes that uses 867120945Snectar `Encryption and Checksum Specifications for Kerberos 5' draft 86878527Sassar 869120945Snectar * lib/asn1/k5.asn1: add checksum and enctype for AES from 870120945Snectar draft-raeburn-krb-rijndael-krb-02.txt 87178527Sassar 872120945Snectar * lib/krb5/krb5.h (krb5_keytype): add KEYTYPE_AES128, 873120945Snectar KEYTYPE_AES256 87478527Sassar 875120945Snectar2003-01-14 Love H�rnquist �strand <lha@it.su.se> 87678527Sassar 877120945Snectar * lib/hdb/common.c (_hdb_fetch): handle error code from 878120945Snectar hdb_value2entry 87978527Sassar 880120945Snectar * kdc/Makefile.am: always include kerberos4.c and 524.c in 881120945Snectar kdc_SOURCES to support 524 88278527Sassar 883120945Snectar * kdc/524.c: always compile in support for 524 88478527Sassar 885120945Snectar * kdc/kdc_locl.h: move out krb/524 protos from under #ifdef KRB4 886120945Snectar 887120945Snectar * kdc/config.c: always compile in support for 524 888120945Snectar 889120945Snectar * kdc/connect.c: always compile in support for 524 890120945Snectar 891120945Snectar * kdc/kerberos4.c: export encode_v4_ticket() and get_des_key() 892120945Snectar even when we build without kerberos 4, 524 needs them 893120945Snectar 894120945Snectar * lib/krb5/convert_creds.c, lib/krb5/krb5-v4compat.h: Split out 895120945Snectar Kerberos 4 help functions/structures so other parts of the source 896120945Snectar tree can use it (like the KDC) 89778527Sassar 898