ChangeLog revision 72445
172445Sassar2001-02-05 Assar Westerlund <assar@assaris.sics.se> 257422Smarkm 372445Sassar * Release 0.3e 457422Smarkm 572445Sassar2001-01-30 Assar Westerlund <assar@sics.se> 657422Smarkm 772445Sassar * kdc/hprop.c (v4_get_masterkey): check kdb_verify_master_key 872445Sassar properly 972445Sassar (kdb_prop): decrypt key properly 1072445Sassar * kdc/hprop.c: handle building with KRB4 always try to decrypt v4 1172445Sassar data with the master key leave it up to the v5 how to encrypt with 1272445Sassar that master key 1357422Smarkm 1472445Sassar * kdc/kstash.c: include file name in error messages 1572445Sassar * kdc/hprop.c: fix a typo and check some more return values 1672445Sassar * lib/hdb/hdb-ldap.c (LDAP__lookup_princ): call ldap_search_s 1772445Sassar correctly. From Jacques Vidrine <n@nectar.com> 1872445Sassar * kdc/misc.c (db_fetch): HDB_ERR_NOENTRY makes more sense than 1972445Sassar ENOENT 2057422Smarkm 2172445Sassar * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to 2272445Sassar 15:0:0 2372445Sassar * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 7:0:0 2472445Sassar * lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump version to 4:0:2 2572445Sassar * kdc/misc.c (db_fetch): return an error code. change callers to 2672445Sassar look at this and try to print it in log messages 2757422Smarkm 2872445Sassar * lib/krb5/crypto.c (decrypt_internal_derived): check that there's 2972445Sassar enough data 3057422Smarkm 3172445Sassar2001-01-29 Assar Westerlund <assar@sics.se> 3257419Smarkm 3372445Sassar * kdc/hprop.c (realm_buf): move it so it becomes properly 3472445Sassar conditional on KRB4 3557419Smarkm 3672445Sassar * lib/hdb/mkey.c (hdb_unseal_keys_mkey, hdb_seal_keys_mkey, 3772445Sassar hdb_unseal_keys, hdb_seal_keys): check that we have the correct 3872445Sassar master key and that we manage to decrypt the key properly, 3972445Sassar returning an error code. fix all callers to check return value. 4057419Smarkm 4172445Sassar * tools/krb5-config.in: use @LIB_des_appl@ 4272445Sassar * tools/Makefile.am (krb5-config): add LIB_des_appl 4372445Sassar * configure.in (LIB_des): set correctly 4472445Sassar (LIB_des_appl): add for the use by krb5-config.in 4557419Smarkm 4672445Sassar * lib/krb5/store_fd.c (fd_fetch, fd_store): use net_{read,write} 4772445Sassar to make sure of not dropping data when doing it over a socket. 4872445Sassar (this might break when used with ordinary files on win32) 4957419Smarkm 5072445Sassar * lib/hdb/hdb_err.et (NO_MKEY): add 5157419Smarkm 5272445Sassar * kdc/kerberos5.c (as_rep): be paranoid and check 5372445Sassar krb5_enctype_to_string for failure, noted by <lha@stacken.kth.se> 5457419Smarkm 5572445Sassar * lib/krb5/krb5_init_context.3, lib/krb5/krb5_context.3, 5672445Sassar lib/krb5/krb5_auth_context.3: add new man pages, contributed by 5772445Sassar <lha@stacken.kth.se> 5857419Smarkm 5972445Sassar * use the openssl api for md4/md5/sha and handle openssl/*.h 6057419Smarkm 6172445Sassar * kdc/kaserver.c (do_getticket): check length of ticket. noted by 6272445Sassar <lha@stacken.kth.se> 6357419Smarkm 6472445Sassar2001-01-28 Assar Westerlund <assar@sics.se> 6557419Smarkm 6672445Sassar * configure.in: send -R instead of -rpath to libtool to set 6772445Sassar runtime library paths 6857419Smarkm 6972445Sassar * lib/krb5/Makefile.am: remove all dependencies on libkrb 7057416Smarkm 7172445Sassar2001-01-27 Assar Westerlund <assar@sics.se> 7257416Smarkm 7372445Sassar * appl/rcp: add port of bsd rcp changed to use existing rsh, 7472445Sassar contributed by Richard Nyberg <rnyberg@it.su.se> 7557416Smarkm 7672445Sassar2001-01-27 Johan Danielsson <joda@pdc.kth.se> 7757416Smarkm 7872445Sassar * lib/krb5/get_port.c: don't warn if the port name can't be found, 7972445Sassar nobody cares anyway 8057416Smarkm 8172445Sassar2001-01-26 Johan Danielsson <joda@pdc.kth.se> 8257416Smarkm 8372445Sassar * kdc/hprop.c: make it possible to convert a v4 dump file without 8472445Sassar having any v4 libraries; the kdb backend still require them 8557416Smarkm 8672445Sassar * kdc/v4_dump.c: include shadow definition of kdb Principal, so we 8772445Sassar don't have to depend on any v4 libraries 8857416Smarkm 8972445Sassar * kdc/hprop.h: include shadow definition of kdb Principal, so we 9072445Sassar don't have to depend on any v4 libraries 9157416Smarkm 9272445Sassar * lib/hdb/print.c: reduce number of memory allocations 9357416Smarkm 9472445Sassar * lib/hdb/mkey.c: add support for reading krb4 /.k files 9557416Smarkm 9672445Sassar2001-01-19 Assar Westerlund <assar@sics.se> 9757416Smarkm 9872445Sassar * lib/krb5/krb5.conf.5: document admin_server and kpasswd_server 9972445Sassar for realms document capath better 10057416Smarkm 10172445Sassar * lib/krb5/krbhst.c (krb5_get_krb_changepw_hst): preferably look 10272445Sassar at kpasswd_server before admin_server 10357416Smarkm 10472445Sassar * lib/krb5/get_cred.c (get_cred_from_kdc_flags): look in 10572445Sassar [libdefaults]capath for better hint of realm to send request to. 10672445Sassar this allows the client to specify `realm routing information' in 10772445Sassar case it cannot be done at the server (which is preferred) 10857416Smarkm 10972445Sassar * lib/krb5/rd_priv.c (krb5_rd_priv): handle no sequence number as 11072445Sassar zero when we were expecting a sequence number. MIT krb5 cannot 11172445Sassar generate a sequence number of zero, instead generating no sequence 11272445Sassar number 11372445Sassar * lib/krb5/rd_safe.c (krb5_rd_safe): dito 11457416Smarkm 11572445Sassar2001-01-11 Assar Westerlund <assar@sics.se> 11657416Smarkm 11772445Sassar * kpasswd/kpasswdd.c: add --port option 11857416Smarkm 11972445Sassar2001-01-10 Assar Westerlund <assar@sics.se> 12057416Smarkm 12172445Sassar * lib/krb5/appdefault.c (krb5_appdefault_string): fix condition 12272445Sassar just before returning 12357416Smarkm 12472445Sassar2001-01-09 Assar Westerlund <assar@sics.se> 12557416Smarkm 12672445Sassar * appl/kf/kfd.c (proto): use krb5_rd_cred2 instead of krb5_rd_cred 12757416Smarkm 12872445Sassar2001-01-05 Johan Danielsson <joda@pdc.kth.se> 12957416Smarkm 13072445Sassar * kuser/kinit.c: call a time `time', and not `seconds' 13157416Smarkm 13272445Sassar * lib/krb5/init_creds.c: not much point in setting the anonymous 13372445Sassar flag here 13457416Smarkm 13572445Sassar * lib/krb5/krb5_appdefault.3: document appdefault_time 13657416Smarkm 13772445Sassar2001-01-04 Johan Danielsson <joda@pdc.kth.se> 13857416Smarkm 13972445Sassar * lib/krb5/verify_user.c: use 14072445Sassar krb5_get_init_creds_opt_set_default_flags 14155682Smarkm 14272445Sassar * kuser/kinit.c: use krb5_get_init_creds_opt_set_default_flags 14355682Smarkm 14472445Sassar * lib/krb5/init_creds.c: new function 14572445Sassar krb5_get_init_creds_opt_set_default_flags to set options from 14672445Sassar krb5.conf 14755682Smarkm 14872445Sassar * lib/krb5/rd_cred.c: make this match the MIT function 14955682Smarkm 15072445Sassar * lib/krb5/appdefault.c (krb5_appdefault_string): handle NULL 15172445Sassar def_val 15272445Sassar (krb5_appdefault_time): new function 15355682Smarkm 15472445Sassar2001-01-03 Assar Westerlund <assar@sics.se> 15555682Smarkm 15672445Sassar * kdc/hpropd.c (main): handle EOF when reading from stdin 15755682Smarkm 158