ChangeLog revision 90926
190926Snectar2001-10-31 Jacques Vidrine <n@nectar.com> 290926Snectar 390926Snectar * get_mic.c (mic_des3): MIC computation using DES3/SHA1 490926Snectar was bogusly appending the message buffer to the result, 590926Snectar overwriting a heap buffer in the process. 690926Snectar 790926Snectar2001-08-29 Assar Westerlund <assar@sics.se> 890926Snectar 990926Snectar * 8003.c (gssapi_krb5_verify_8003_checksum, 1090926Snectar gssapi_krb5_create_8003_checksum): make more consistent by always 1190926Snectar returning an gssapi error and setting minor status. update 1290926Snectar callers 1390926Snectar 1490926Snectar2001-08-28 Jacques Vidrine <n@nectar.com> 1590926Snectar 1690926Snectar * accept_sec_context.c: Create a cache for delegated credentials 1790926Snectar when needed. 1890926Snectar 1990926Snectar2001-08-28 Assar Westerlund <assar@sics.se> 2090926Snectar 2190926Snectar * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:4:2 2290926Snectar 2390926Snectar2001-08-23 Assar Westerlund <assar@sics.se> 2490926Snectar 2590926Snectar * *.c: handle minor_status more consistently 2690926Snectar 2790926Snectar * display_status.c (gss_display_status): handle krb5_get_err_text 2890926Snectar failing 2990926Snectar 3090926Snectar2001-08-15 Johan Danielsson <joda@pdc.kth.se> 3190926Snectar 3290926Snectar * gssapi_locl.h: fix prototype for gssapi_krb5_init 3390926Snectar 3490926Snectar2001-08-13 Johan Danielsson <joda@pdc.kth.se> 3590926Snectar 3690926Snectar * accept_sec_context.c (gsskrb5_register_acceptor_identity): init 3790926Snectar context and check return value from kt_resolve 3890926Snectar 3990926Snectar * init.c: return error code 4090926Snectar 4190926Snectar2001-07-19 Assar Westerlund <assar@sics.se> 4290926Snectar 4390926Snectar * Makefile.am (libgssapi_la_LDFLAGS): update to 3:3:2 4490926Snectar 4590926Snectar2001-07-12 Assar Westerlund <assar@sics.se> 4690926Snectar 4790926Snectar * Makefile.am (libgssapi_la_LIBADD): add required library 4890926Snectar dependencies 4990926Snectar 5090926Snectar2001-07-06 Assar Westerlund <assar@sics.se> 5190926Snectar 5290926Snectar * accept_sec_context.c (gsskrb5_register_acceptor_identity): set 5390926Snectar the keytab to be used for gss_acquire_cred too' 5490926Snectar 5590926Snectar2001-07-03 Assar Westerlund <assar@sics.se> 5690926Snectar 5790926Snectar * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:2:2 5890926Snectar 5990926Snectar2001-06-18 Assar Westerlund <assar@sics.se> 6090926Snectar 6190926Snectar * wrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey 6290926Snectar and gss_krb5_get_remotekey 6390926Snectar * verify_mic.c: update krb5_auth_con function names use 6490926Snectar gss_krb5_get_remotekey 6590926Snectar * unwrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey 6690926Snectar and gss_krb5_get_remotekey 6790926Snectar * gssapi_locl.h (gss_krb5_get_remotekey, gss_krb5_get_localkey): 6890926Snectar add prototypes 6990926Snectar * get_mic.c: update krb5_auth_con function names. use 7090926Snectar gss_krb5_get_localkey 7190926Snectar * accept_sec_context.c: update krb5_auth_con function names 7290926Snectar 7378527Sassar2001-05-17 Assar Westerlund <assar@sics.se> 7478527Sassar 7578527Sassar * Makefile.am: bump version to 3:1:2 7678527Sassar 7778527Sassar2001-05-14 Assar Westerlund <assar@sics.se> 7878527Sassar 7978527Sassar * address_to_krb5addr.c: adapt to new address functions 8078527Sassar 8178527Sassar2001-05-11 Assar Westerlund <assar@sics.se> 8278527Sassar 8378527Sassar * try to return the error string from libkrb5 where applicable 8478527Sassar 8578527Sassar2001-05-08 Assar Westerlund <assar@sics.se> 8678527Sassar 8778527Sassar * delete_sec_context.c (gss_delete_sec_context): remember to free 8878527Sassar the memory used by the ticket itself. from <tmartin@mirapoint.com> 8978527Sassar 9078527Sassar2001-05-04 Assar Westerlund <assar@sics.se> 9178527Sassar 9278527Sassar * gssapi_locl.h: add config.h for completeness 9378527Sassar * gssapi.h: remove config.h, this is an installed header file 9478527Sassar sys/types.h is not needed either 9578527Sassar 9678527Sassar2001-03-12 Assar Westerlund <assar@sics.se> 9778527Sassar 9878527Sassar * acquire_cred.c (gss_acquire_cred): remove memory leaks. from 9978527Sassar Jason R Thorpe <thorpej@zembu.com> 10078527Sassar 10178527Sassar2001-02-18 Assar Westerlund <assar@sics.se> 10278527Sassar 10378527Sassar * accept_sec_context.c (gss_accept_sec_context): either return 10478527Sassar gss_name NULL-ed or set 10578527Sassar 10678527Sassar * import_name.c: set minor_status in some cases where it was not 10778527Sassar done 10878527Sassar 10978527Sassar2001-02-15 Assar Westerlund <assar@sics.se> 11078527Sassar 11178527Sassar * wrap.c: use krb5_generate_random_block for the confounders 11278527Sassar 11372445Sassar2001-01-30 Assar Westerlund <assar@sics.se> 11472445Sassar 11572445Sassar * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:0:2 11672445Sassar * acquire_cred.c, init_sec_context.c, release_cred.c: add support 11772445Sassar for getting creds from a keytab, from fvdl@netbsd.org 11872445Sassar 11972445Sassar * copy_ccache.c: add gss_krb5_copy_ccache 12072445Sassar 12172445Sassar2001-01-27 Assar Westerlund <assar@sics.se> 12272445Sassar 12372445Sassar * get_mic.c: cast parameters to des function to non-const pointers 12472445Sassar to handle the case where these functions actually take non-const 12572445Sassar des_cblock * 12672445Sassar 12772445Sassar2001-01-09 Assar Westerlund <assar@sics.se> 12872445Sassar 12972445Sassar * accept_sec_context.c (gss_accept_sec_context): use krb5_rd_cred2 13072445Sassar instead of krb5_rd_cred 13172445Sassar 13272445Sassar2000-12-11 Assar Westerlund <assar@sics.se> 13372445Sassar 13472445Sassar * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:3:1 13572445Sassar 13672445Sassar2000-12-08 Assar Westerlund <assar@sics.se> 13772445Sassar 13872445Sassar * wrap.c (wrap_des3): use the checksum as ivec when encrypting the 13972445Sassar sequence number 14072445Sassar * unwrap.c (unwrap_des3): use the checksum as ivec when encrypting 14172445Sassar the sequence number 14272445Sassar * init_sec_context.c (init_auth): always zero fwd_data 14372445Sassar 14472445Sassar2000-12-06 Johan Danielsson <joda@pdc.kth.se> 14572445Sassar 14672445Sassar * accept_sec_context.c: de-pointerise auth_context parameter to 14772445Sassar krb5_mk_rep 14872445Sassar 14972445Sassar2000-11-15 Assar Westerlund <assar@sics.se> 15072445Sassar 15172445Sassar * init_sec_context.c (init_auth): update to new 15272445Sassar krb5_build_authenticator 15372445Sassar 15472445Sassar2000-09-19 Assar Westerlund <assar@sics.se> 15572445Sassar 15672445Sassar * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:2:1 15772445Sassar 15872445Sassar2000-08-27 Assar Westerlund <assar@sics.se> 15972445Sassar 16072445Sassar * init_sec_context.c: actually pay attention to `time_req' 16172445Sassar * init_sec_context.c: re-organize. leak less memory. 16272445Sassar * gssapi_locl.h (gssapi_krb5_encapsulate, gss_krb5_getsomekey): 16372445Sassar update prototypes add assert.h 16472445Sassar * gssapi.h (GSS_KRB5_CONF_C_QOP_DES, GSS_KRB5_CONF_C_QOP_DES3_KD): 16572445Sassar add 16672445Sassar * verify_mic.c: re-organize and add 3DES code 16772445Sassar * wrap.c: re-organize and add 3DES code 16872445Sassar * unwrap.c: re-organize and add 3DES code 16972445Sassar * get_mic.c: re-organize and add 3DES code 17072445Sassar * encapsulate.c (gssapi_krb5_encapsulate): do not free `in_data', 17172445Sassar let the caller do that. fix the callers. 17272445Sassar 17372445Sassar2000-08-16 Assar Westerlund <assar@sics.se> 17472445Sassar 17572445Sassar * Makefile.am: bump version to 2:1:1 17672445Sassar 17772445Sassar2000-07-29 Assar Westerlund <assar@sics.se> 17872445Sassar 17972445Sassar * decapsulate.c (gssapi_krb5_verify_header): sanity-check length 18072445Sassar 18172445Sassar2000-07-25 Johan Danielsson <joda@pdc.kth.se> 18272445Sassar 18372445Sassar * Makefile.am: bump version to 2:0:1 18472445Sassar 18572445Sassar2000-07-22 Assar Westerlund <assar@sics.se> 18672445Sassar 18772445Sassar * gssapi.h: update OID for GSS_C_NT_HOSTBASED_SERVICE and other 18872445Sassar details from rfc2744 18972445Sassar 19072445Sassar2000-06-29 Assar Westerlund <assar@sics.se> 19172445Sassar 19272445Sassar * address_to_krb5addr.c (gss_address_to_krb5addr): actually use 19372445Sassar `int' instead of `sa_family_t' for the address family. 19472445Sassar 19572445Sassar2000-06-21 Assar Westerlund <assar@sics.se> 19672445Sassar 19772445Sassar * add support for token delegation. From Daniel Kouril 19872445Sassar <kouril@ics.muni.cz> and Miroslav Ruda <ruda@ics.muni.cz> 19972445Sassar 20072445Sassar2000-05-15 Assar Westerlund <assar@sics.se> 20172445Sassar 20272445Sassar * Makefile.am (libgssapi_la_LDFLAGS): set version to 1:1:1 20372445Sassar 20472445Sassar2000-04-12 Assar Westerlund <assar@sics.se> 20572445Sassar 20672445Sassar * release_oid_set.c (gss_release_oid_set): clear set for 20772445Sassar robustness. From GOMBAS Gabor <gombasg@inf.elte.hu> 20872445Sassar * release_name.c (gss_release_name): reset input_name for 20972445Sassar robustness. From GOMBAS Gabor <gombasg@inf.elte.hu> 21072445Sassar * release_buffer.c (gss_release_buffer): set value to NULL to be 21172445Sassar more robust. From GOMBAS Gabor <gombasg@inf.elte.hu> 21272445Sassar * add_oid_set_member.c (gss_add_oid_set_member): actually check if 21372445Sassar the oid is a member first. leave the oid_set unchanged if realloc 21472445Sassar fails. 21572445Sassar 21657419Smarkm2000-02-13 Assar Westerlund <assar@sics.se> 21757419Smarkm 21857419Smarkm * Makefile.am: set version to 1:0:1 21957419Smarkm 22057419Smarkm2000-02-12 Assar Westerlund <assar@sics.se> 22157419Smarkm 22257419Smarkm * gssapi_locl.h: add flags for import/export 22357419Smarkm * import_sec_context.c (import_sec_context: add flags for what 22457419Smarkm fields are included. do not include the authenticator for now. 22557419Smarkm * export_sec_context.c (export_sec_context: add flags for what 22657419Smarkm fields are included. do not include the authenticator for now. 22757419Smarkm * accept_sec_context.c (gss_accept_sec_context): set target in 22857419Smarkm context_handle 22957419Smarkm 23057419Smarkm2000-02-11 Assar Westerlund <assar@sics.se> 23157419Smarkm 23257419Smarkm * delete_sec_context.c (gss_delete_sec_context): set context to 23357419Smarkm GSS_C_NO_CONTEXT 23457419Smarkm 23557419Smarkm * Makefile.am: add {export,import}_sec_context.c 23657419Smarkm * export_sec_context.c: new file 23757419Smarkm * import_sec_context.c: new file 23857419Smarkm * accept_sec_context.c (gss_accept_sec_context): set trans flag 23957419Smarkm 24057416Smarkm2000-02-07 Assar Westerlund <assar@sics.se> 24157416Smarkm 24257416Smarkm * Makefile.am: set version to 0:5:0 24357416Smarkm 24457416Smarkm2000-01-26 Assar Westerlund <assar@sics.se> 24557416Smarkm 24657416Smarkm * delete_sec_context.c (gss_delete_sec_context): handle a NULL 24757416Smarkm output_token 24857416Smarkm 24957416Smarkm * wrap.c: update to pseudo-standard APIs for md4,md5,sha. some 25057416Smarkm changes to libdes calls to make them more portable. 25157416Smarkm * verify_mic.c: update to pseudo-standard APIs for md4,md5,sha. 25257416Smarkm some changes to libdes calls to make them more portable. 25357416Smarkm * unwrap.c: update to pseudo-standard APIs for md4,md5,sha. some 25457416Smarkm changes to libdes calls to make them more portable. 25557416Smarkm * get_mic.c: update to pseudo-standard APIs for md4,md5,sha. some 25657416Smarkm changes to libdes calls to make them more portable. 25757416Smarkm * 8003.c: update to pseudo-standard APIs for md4,md5,sha. 25857416Smarkm 25955682Smarkm2000-01-06 Assar Westerlund <assar@sics.se> 26055682Smarkm 26155682Smarkm * Makefile.am: set version to 0:4:0 26255682Smarkm 26355682Smarkm1999-12-26 Assar Westerlund <assar@sics.se> 26455682Smarkm 26555682Smarkm * accept_sec_context.c (gss_accept_sec_context): always set 26655682Smarkm `output_token' 26755682Smarkm * init_sec_context.c (init_auth): always initialize `output_token' 26855682Smarkm * delete_sec_context.c (gss_delete_sec_context): always set 26955682Smarkm `output_token' 27055682Smarkm 27155682Smarkm1999-12-06 Assar Westerlund <assar@sics.se> 27255682Smarkm 27355682Smarkm * Makefile.am: bump version to 0:3:0 27455682Smarkm 27555682Smarkm1999-10-20 Assar Westerlund <assar@sics.se> 27655682Smarkm 27755682Smarkm * Makefile.am: set version to 0:2:0 27855682Smarkm 27955682Smarkm1999-09-21 Assar Westerlund <assar@sics.se> 28055682Smarkm 28155682Smarkm * init_sec_context.c (gss_init_sec_context): initialize `ticket' 28255682Smarkm 28355682Smarkm * gssapi.h (gss_ctx_id_t_desc): add ticket in here. ick. 28455682Smarkm 28555682Smarkm * delete_sec_context.c (gss_delete_sec_context): free ticket 28655682Smarkm 28755682Smarkm * accept_sec_context.c (gss_accept_sec_context): stove away 28855682Smarkm `krb5_ticket' in context so that ugly programs such as 28955682Smarkm gss_nt_server can get at it. uck. 29055682Smarkm 29155682Smarkm1999-09-20 Johan Danielsson <joda@pdc.kth.se> 29255682Smarkm 29355682Smarkm * accept_sec_context.c: set minor_status 29455682Smarkm 29555682Smarkm1999-08-04 Assar Westerlund <assar@sics.se> 29655682Smarkm 29755682Smarkm * display_status.c (calling_error, routine_error): right shift the 29855682Smarkm code to make it possible to index into the arrays 29955682Smarkm 30055682Smarkm1999-07-28 Assar Westerlund <assar@sics.se> 30155682Smarkm 30255682Smarkm * gssapi.h (GSS_C_AF_INET6): add 30355682Smarkm 30455682Smarkm * import_name.c (import_hostbased_name): set minor_status 30555682Smarkm 30655682Smarkm1999-07-26 Assar Westerlund <assar@sics.se> 30755682Smarkm 30855682Smarkm * Makefile.am: set version to 0:1:0 30955682Smarkm 31055682SmarkmWed Apr 7 14:05:15 1999 Johan Danielsson <joda@hella.pdc.kth.se> 31155682Smarkm 31255682Smarkm * display_status.c: set minor_status 31355682Smarkm 31455682Smarkm * init_sec_context.c: set minor_status 31555682Smarkm 31655682Smarkm * lib/gssapi/init.c: remove donep (check gssapi_krb5_context 31755682Smarkm directly) 31855682Smarkm 319