NEWS revision 57419
1Changes in release 0.2o: 2 3 * gss_{import,export}_sec_context added to libgssapi 4 5 * new option --addresses to kdc (for listening on an explicit set of 6 addresses) 7 8 * bug fixes in the krb4 and kaserver emulation part of the kdc 9 10 * other bug fixes 11 12Changes in release 0.2n: 13 14 * more robust parsing of dump files in kadmin 15 * changed default timestamp format for log messages to extended ISO 16 8601 format (Y-M-DTH:M:S) 17 * changed md4/md5/sha1 APIes to be de-facto `standard' 18 * always make hostname into lower-case before creating principal 19 * small bits of more MIT-compatability 20 * bug fixes 21 22Changes in release 0.2m: 23 24 * handle glibc's getaddrinfo() that returns several ai_canonname 25 26 * new endian test 27 28 * man pages fixes 29 30Changes in release 0.2l: 31 32 * bug fixes 33 34Changes in release 0.2k: 35 36 * better IPv6 test 37 38 * make struct sockaddr_storage in roken work better on alphas 39 40 * some missing [hn]to[hn]s fixed. 41 42 * allow users to change their own passwords with kadmin (with initial 43 tickets) 44 45 * fix stupid bug in parsing KDC specification 46 47 * add `ktutil change' and `ktutil purge' 48 49Changes in release 0.2j: 50 51 * builds on Irix 52 53 * ftpd works in passive mode 54 55 * should build on cygwin 56 57 * work around broken IPv6-code on OpenBSD 2.6, also add configure 58 option --disable-ipv6 59 60Changes in release 0.2i: 61 62 * use getaddrinfo in the missing places. 63 64 * fix SRV lookup for admin server 65 66 * use get{addr,name}info everywhere. and implement it in terms of 67 getipnodeby{name,addr} (which uses gethostbyname{,2} and 68 gethostbyaddr) 69 70Changes in release 0.2h: 71 72 * fix typo in kx (now compiles) 73 74Changes in release 0.2g: 75 76 * lots of bug fixes: 77 * push works 78 * repair appl/test programs 79 * sockaddr_storage works on solaris (alignment issues) 80 * works better with non-roken getaddrinfo 81 * rsh works 82 * some non standard C constructs removed 83 84Changes in release 0.2f: 85 86 * support SRV records for kpasswd 87 * look for both _kerberos and krb5-realm when doing host -> realm mapping 88 89Changes in release 0.2e: 90 91 * changed copyright notices to remove `advertising'-clause. 92 * get{addr,name}info added to roken and used in the other code 93 (this makes things work much better with hosts with both v4 and v6 94 addresses, among other things) 95 * do pre-auth for both password and key-based get_in_tkt 96 * support for having several databases 97 * new command `del_enctype' in kadmin 98 * strptime (and new strftime) add to roken 99 * more paranoia about finding libdb 100 * bug fixes 101 102Changes in release 0.2d: 103 104 * new configuration option [libdefaults]default_etypes_des 105 * internal ls in ftpd builds without KRB4 106 * kx/rsh/push/pop_debug tries v5 and v4 consistenly 107 * build bug fixes 108 * other bug fixes 109 110Changes in release 0.2c: 111 112 * bug fixes (see ChangeLog's for details) 113 114Changes in release 0.2b: 115 116 * bug fixes 117 * actually bump shared library versions 118 119Changes in release 0.2a: 120 121 * a new program verify_krb5_conf for checking your /etc/krb5.conf 122 * add 3DES keys when changing password 123 * support null keys in database 124 * support multiple local realms 125 * implement a keytab backend for AFS KeyFile's 126 * implement a keytab backend for v4 srvtabs 127 * implement `ktutil copy' 128 * support password quality control in v4 kadmind 129 * improvements in v4 compat kadmind 130 * handle the case of having the correct cred in the ccache but with 131 the wrong encryption type better 132 * v6-ify the remaining programs. 133 * internal ls in ftpd 134 * rename strcpy_truncate/strcat_truncate to strlcpy/strlcat 135 * add `ank --random-password' and `cpw --random-password' in kadmin 136 * some programs and documentation for trying to talk to a W2K KDC 137 * bug fixes 138 139Changes in release 0.1m: 140 141 * support for getting default from krb5.conf for kinit/kf/rsh/telnet. 142 From Miroslav Ruda <ruda@ics.muni.cz> 143 * v6-ify hprop and hpropd 144 * support numeric addresses in krb5_mk_req 145 * shadow support in login and su. From Miroslav Ruda <ruda@ics.muni.cz> 146 * make rsh/rshd IPv6-aware 147 * make the gssapi sample applications better at reporting errors 148 * lots of bug fixes 149 * handle systems with v6-aware libc and non-v6 kernels (like Linux 150 with glibc 2.1) better 151 * hide failure of ERPT in ftp 152 * lots of bug fixes 153 154Changes in release 0.1l: 155 156 * make ftp and ftpd IPv6-aware 157 * add inet_pton to roken 158 * more IPv6-awareness 159 * make mini_inetd v6 aware 160 161Changes in release 0.1k: 162 163 * bump shared libraries versions 164 * add roken version of inet_ntop 165 * merge more changes to rshd 166 167Changes in release 0.1j: 168 169 * restore back to the `old' 3DES code. This was supposed to be done 170 in 0.1h and 0.1i but I did a CVS screw-up. 171 * make telnetd handle v6 connections 172 173Changes in release 0.1i: 174 175 * start using `struct sockaddr_storage' which simplifies the code 176 (with a fallback definition if it's not defined) 177 * bug fixes (including in hprop and kf) 178 * don't use mawk which seems to mishandle roken.awk 179 * get_addrs should be able to handle v6 addresses on Linux (with the 180 required patch to the Linux kernel -- ask within) 181 * rshd builds with shadow passwords 182 183Changes in release 0.1h: 184 185 * kf: new program for forwarding credentials 186 * portability fixes 187 * make forwarding credentials work with MIT code 188 * better conversion of ka database 189 * add etc/services.append 190 * correct `modified by' from kpasswdd 191 * lots of bug fixes 192 193Changes in release 0.1g: 194 195 * kgetcred: new program for explicitly obtaining tickets 196 * configure fixes 197 * krb5-aware kx 198 * bug fixes 199 200Changes in release 0.1f; 201 202 * experimental support for v4 kadmin protokoll in kadmind 203 * bug fixes 204 205Changes in release 0.1e: 206 207 * try to handle old DCE and MIT kdcs 208 * support for older versions of credential cache files and keytabs 209 * postdated tickets work 210 * support for password quality checks in kpasswdd 211 * new flag --enable-kaserver for kdc 212 * renew fixes 213 * prototype su program 214 * updated (some) manpages 215 * support for KDC resource records 216 * should build with --without-krb4 217 * bug fixes 218 219Changes in release 0.1d: 220 221 * Support building with DB2 (uses 1.85-compat API) 222 * Support krb5-realm.DOMAIN in DNS 223 * new `ktutil srvcreate' 224 * v4/kafs support in klist/kdestroy 225 * bug fixes 226 227Changes in release 0.1c: 228 229 * fix ASN.1 encoding of signed integers 230 * somewhat working `ktutil get' 231 * some documentation updates 232 * update to Autoconf 2.13 and Automake 1.4 233 * the usual bug fixes 234 235Changes in release 0.1b: 236 237 * some old -> new crypto conversion utils 238 * bug fixes 239 240Changes in release 0.1a: 241 242 * new crypto code 243 * more bug fixes 244 * make sure we ask for DES keys in gssapi 245 * support signed ints in ASN1 246 * IPv6-bug fixes 247 248Changes in release 0.0u: 249 250 * lots of bug fixes 251 252Changes in release 0.0t: 253 254 * more robust parsing of krb5.conf 255 * include net{read,write} in lib/roken 256 * bug fixes 257 258Changes in release 0.0s: 259 260 * kludges for parsing options to rsh 261 * more robust parsing of krb5.conf 262 * removed some arbitrary limits 263 * bug fixes 264 265Changes in release 0.0r: 266 267 * default options for some programs 268 * bug fixes 269 270Changes in release 0.0q: 271 272 * support for building shared libraries with libtool 273 * bug fixes 274 275Changes in release 0.0p: 276 277 * keytab moved to /etc/krb5.keytab 278 * avoid false detection of IPv6 on Linux 279 * Lots of more functionality in the gssapi-library 280 * hprop can now read ka-server databases 281 * bug fixes 282 283Changes in release 0.0o: 284 285 * FTP with GSSAPI support. 286 * Bug fixes. 287 288Changes in release 0.0n: 289 290 * Incremental database propagation. 291 * Somewhat improved kadmin ui; the stuff in admin is now removed. 292 * Some support for using enctypes instead of keytypes. 293 * Lots of other improvement and bug fixes, see ChangeLog for details. 294