Remove ChangeLog files from the source tree. From now on, the

subversion commit log entry needs to include information that would
have been in the changelog.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17893 dc483132-0cff-0310-8789-dd5450dbe970

4 files changed, 0 insertions, 4045 deletions

diff --git a/src/lib/gssapi/ChangeLog b/src/lib/gssapi/ChangeLog
deleted file mode 100644
index cca65a1538..0000000000
--- a/src/lib/gssapi/ChangeLog
+++ /dev/null
@@ -1,429 +0,0 @@
-2006-04-03  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (DEFS): Make empty.
-
-2006-03-31  Ken Raeburn  <raeburn@mit.edu>
-
-	* configure.in: Never define size_t.
-
-2006-03-30  Ken Raeburn  <raeburn@mit.edu>
-
-	* configure.in: Check for inttypes.h and handle it like xom.h and
-	stdint.h.  Don't check sizes of any types.
-
-2005-08-20  Ken Raeburn  <raeburn@mit.edu>
-
-	* configure.in: Use K5_AC_INIT instead of AC_INIT.
-
-2005-04-07  Tom Yu  <tlyu@mit.edu>
-
-	* configure.in: Use awk to work around Makefile quoting problems.
-
-2005-02-08  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (LIBINITFUNC, LIBFINIFUNC): Define.
-
-	* gss_libinit.c (gssint_lib_init, gssint_lib_fini)
-	[SHOW_INITFINI_FUNCS]: Print tracing messages.
-
-2005-02-02  Ken Raeburn  <raeburn@mit.edu>
-
-	* configure.in: Check for xom.h.  Set include_xom to a C include
-	directive or comment, and substitute it in the Makefiles.
-
-2005-01-17  Jeffrey Altman <jaltman@mit.edu>
-
-        * gss_libinit.c: implement cleanup of mutexes, static vars, etc for Windows
-
-2004-07-29  Sam Hartman  <hartmans@mit.edu>
-
-	* libgssapi_krb5.exports: Add lucid context routines and gss_krb5_set_allowable_enctypes
-
-2004-07-13  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (SHLIB_EXPDEPS): Use _DEPLIB variables.
-	(SHLIB_EXPLIBS): Add $(SUPPORT_LIB).
-
-	* gss_libinit.c (gssint_lib_init): Initialize new keytab-name
-	mutex, and register two new key values.
-
-2004-06-18  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (OBJFILELIST, OBJFILEDEP) [DOS]: Depend on locally
-	built objects too.
-	(OBJFILE, LIBOBJS) [DOS]: Define.
-	($(BUILDTOP)/include/gssapi/gssapi.h generic/gssapi.h
-	krb5/gssapi_err_krb5.h generic/gssapi_err_generic.h
-	krb5/gssapi_krb5.h) [DOS]: Disable dependencies on Windows.
-
-2004-06-16  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (MAC_SUBDIRS): Don't set.
-
-2004-06-15  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (SHLIB_EXPLIBS): Add $(LIBS).
-
-2004-06-10  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (krb5/gssapi_krb5.h): Depend on recursion rule.
-
-2004-06-08  Sam Hartman  <hartmans@mit.edu>
-
-	* configure.in: If stdint.h exists, include in gssapi_krb5.h
-
-2004-06-04  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (LIBBASE): Renamed from LIB.
-
-2004-06-02  Ken Raeburn  <raeburn@mit.edu>
-
-	* gss_libinit.c (gssint_lib_init): Initialize error tables here.
-	(gssint_initialize_library): Don't do it directly here.  Make sure
-	gssint_lib_init has been called, and return the status.
-	(gssint_lib_fini): Remove error tables here.
-	(gssint_cleanup_library): Function deleted.
-	(initialized): Variable deleted.
-
-2004-05-13  Ken Raeburn  <raeburn@mit.edu>
-
-	* libgssapi_krb5.exports: Remove et_*, generic_*, gssint_*,
-	initialize_*, kg_* symbols.
-
-2004-04-24  Ken Raeburn  <raeburn@mit.edu>
-
-	* gss_libinit.c: Include k5-platform.h.
-	(gssint_lib_init, gssint_lib_fini): New init/fini functions.
-	Create and clean up the mutex in kg_vdb.
-	(gssint_initialize_library): Verify the library initializer has
-	run successfully.
-
-2004-04-22  Ken Raeburn  <raeburn@mit.edu>
-
-	* libgssapi_krb5.exports: New file.
-
-2003-07-17  Tom Yu  <tlyu@mit.edu>
-
-	* gss_libinit.c (gssint_initialize_library): Don't call
-	kg_release_defcred(); it doesn't exist any more.
-
-2003-03-08  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in ($(BUILDTOP)/include/gssapi/gssapi.h,
-	generic/gssapi.h, generic/gssapi_err_generic.h,
-	krb5/gssapi_err_krb5.h): Comment out old rules and dependencies;
-	depend on all-recurse and supply a no-op rule.
-
-2003-03-07  Alexandra Ellwood  <lxs@mit.edu>
-
-    * gss_libinit.c: Changed USE_HARDCODED_FALLBACK_ERROR_TABLES macro 
-    to !USE_BUNDLE_ERROR_STRINGS so Darwin based builds get com_err
-    style error tables.
-
-2003-03-06  Alexandra Ellwood  <lxs@mit.edu>
-
-    * gss_libinit.c: Removed Mac header goober.
-    Fixed USE_HARDCODED_FALLBACK_ERROR_TABLES macro used by KfM.
-
-    * gss_libinit.h: do not use the same multiple include
-    protection macro as krb5_libinit.h.  Changed to GSSAPI_LIBINIT_H.
-
-2003-02-11  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in ($(BUILDTOP)/include/gssapi/gssapi.h): Add
-	dependencies and cause to invoke a differently-named target in
-	subdirectory.
-	(generic/gssapi.h): Make separate rule.
-	(generic/gssapi_err_generic.h, krb5/gssapi_err_krb5.h): New rules
-	to generate these files in subdirectories as needed.
-
-2003-02-10  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in ($(BUILDTOP)/include/gssapi/gssapi.h generic/gssapi.h): 
-	Don't depend on all-recurse, as it causes spurious rebuilds of
-	these header files.
-
-2003-01-10  Ken Raeburn  <raeburn@mit.edu>
-
-	* configure.in: Don't explicitly invoke AC_PROG_ARCHIVE,
-	AC_PROG_ARCHIVE_ADD, AC_PROG_INSTALL, AC_PROG_RANLIB.
-
-	* configure.in: Use V5_AC_OUTPUT_MAKEFILE instead of
-	K5_GEN_MAKEFILE and K5_AC_OUTPUT.
-
-	* Makefile.in: Add AC_SUBST_FILE marker for lib_frag and libobj_frag.
-
-2003-01-07  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.original: Deleted.
-
-2002-09-24  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in ($(BUILDTOP)/include/gssapi/gssapi.h,
-	generic/gssapi.h): Depend on all-recurse.
-
-2002-08-29  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-23  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-08-22  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (SUBDIROBJLISTS): New variable.
-
-2002-07-15  Ezra Peisach  <epeisach@bu.edu>
-
-	* gss_libinit.c (gssint_cleanup_library): Remove variable set but
-	not used.
-
-2002-07-14  Alexandra Ellwood <lxs@mit.edu>
-
-	* gss_libinit.c: Conditionalized error table loading for Mac OS X.
-	Error tables should always be loaded on other platforms.
-
-	* gss_libinit.c: updated for Mac OS X header paths and added
-	include of gssapiP_krb5.h to get function prototypes.
-
-	[pullups from 1-2-2-branch]
-
-2001-09-01  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (SRCS): Use $(srcdir) not $(subdir).
-
-2001-06-04  Ezra Peisach  <epeisach@mit.edu>
-
-	* gss_libinit.c: Include gssapiP_krb5.h for kg_release_defcred()
- 	prototype.
-
-2000-11-01  Ezra Peisach  <epeisach@mit.edu>
-
-	* configure.in: Use AC_TYPE_SIZE_T instead of AC_SIZE_T.
-
-2000-06-03  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in(LIBMINOR): Bump library version.
-
-2000-05-31  Wilfredo Sanchez  <tritan@mit.edu>
-
-	* configure.in: Check for existance of <memory.h>.
-	[from Nathan Neulinger <nneul@umr.edu>]
-
-Tue Feb 22 10:23:19 2000  Ezra Peisach  <epeisach@mit.edu>
-
-	* Makefile.in (clean-unix): Add clean-libobjs.
-
-2000-01-24  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in (STLIBOBJS): Properly add gss_libinit.o to permit
-	compiling.
-
-	* configure.in: Add libobj to Makefile frags.
-
-	* gss_libinit.c: Add terminating newline.  Use 0 and 1 instead of
-	false and true.
-
-Fri Jan 21 22:47:00 2000  Miro Jurisic  <meeroh@mit.edu>
-
-	* Makefile.in: added gss_libinit.[co]
-	* gss_libinit.[ch]: new files, contain library initialization
-		and cleanup code
-
-Tue May 18 19:52:56 1999  Danilo Almeida  <dalmeida@mit.edu>
-
-	* Makefile.in: Remove - from recursive Win32 make invocation.
-
-Mon May 10 15:21:50 1999  Danilo Almeida  <dalmeida@mit.edu>
-
-	* Makefile.in: Do win32 build in subdir.
-
-1999-02-19  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in (DLL_FILE_DEF): Tell the Makefile template that we
-		are building object files for the GSSAPI DLL.
-
-1998-11-13  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Set the myfulldir and mydir variables (which are
-		relative to buildtop and thisconfigdir, respectively.)
-
-	* configure.in: Use K5_AC_OUTPUT instead of K5_OUTPUT_FILES.
-
-Wed Apr 15 18:04:18 1998  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in (SHLIB_EXPDEPS): 
-	(SHLIB_EXPLIBS): Rename libcrypto -> libk5crypto.
-
-Wed Feb 18 16:10:38 1998  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in: Remove trailing slash from thisconfigdir.  Fix up
-	BUILDTOP for new conventions.
-
-Thu Feb 12 16:17:28 1998  Tom Yu  <tlyu@mit.edu>
-
-	* configure.in: Add commented out AC_OUTPUT to force autoreconf to
-	rebuild the configure script.
-
-Mon Feb  2 16:47:05 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
-	* configure.in: Create the makefiles for all of the subdirectories
-		and move all of the configure.in tests from the
-		subdirectories into this configure.in.
-	
-Wed Jan 21 19:12:42 1998  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in (LIBMINOR): Bump minor version due to internal
-	structure change.
-
-Sat Feb 22 01:21:06 1997  Sam Hartman  <hartmans@tertius.mit.edu>
-
-	* Makefile.in (SHLIB_EXPDEPS): s/so/$(SHLIBEXT)
-
-Thu Nov 21 11:55:16 EST 1996    Richard Basch   <basch@lehman.com>
-
-        * Makefile.in: win32 build
-
-Tue Jan 14 20:07:50 1997  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in:
-	* configure.in: Update to new library build procedure.
-
-Mon Nov 18 20:39:41 1996  Ezra Peisach  <epeisach@mit.edu>
-
-	* configure.in: Set shared library version to 1.0. [krb5-libs/201]
-
-Tue Jul 23 22:50:22 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* Makefile.in (MAC_SUBDIRS): Remove mechglue from the list of
-		Macintosh subdirectories.
-
-Thu Jun  6 00:04:38 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* Makefile.in (all-windows): Don't pass $(LIBCMD) on the command
-		line.  It's set in the windows.in prologue for all Makefiles anyway.
-
-Mon May 20 11:00:45 1996  Tom Yu  <tlyu@dragons-lair.MIT.EDU>
-
-	* Makefile.in (libgssapi.$(STEXT)): deal with new improved
-		libupdate
-
-Mon May  6 21:33:25 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* Makefile.in (clean-unix): Remove libgssapi_krb5.stamp.
-
-Wed Apr 17 21:48:15 1996  Marc Horowitz  <marc@mit.edu>
-
-	* Makefile.in, configure.in: Nothing in mechglue is used anymore,
- 	for now.
-
-Tue Feb 27 22:10:48 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in (all-windows, clean-windows): Add mechglue to the
-		list of directories which are recursively handled for
-		Windows.
-
-Wed Feb  7 00:23:18 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in: Folded in danw's changes to allow
-		building Makefiles for the Macintosh.  We now can build
-		MPW makefiles which are interpreted by CodeWarrior.
-
-Fri Jan 26 01:55:14 1996  Sam Hartman  <hartmans@tertius.mit.edu>
-
-	* configure.in: Fix path to library from lib
-
-Wed Jan 24 21:28:04 1996  Sam Hartman  <hartmans@tertius.mit.edu>
-
-	* configure.in: Remove LinkFileDir line for libgssapi as the
-        shared lib stuff does that.
-
-Tue Jan 23 12:12:49 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* Makefile.in (SHLIB_LIBS): Add lines for shared library building
-		depending on libkrb5, crypto, and com_err.
-
-Tue Jan 23 04:06:36 1996    <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Add support for building the gssapi library as a
-		shared library.
-
-Tue Jan 23 03:32:25 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* configure.in: Add the mechglue directory as a subdir
-
-	* Makefile.in (libgssapi_krb5.a): Include the object files in the
-		mechglue directory as well.
-
-Fri Oct  6 22:02:48 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in: Remove ##DOS!include of config/windows.in.
-		config/windows.in is now included by wconfig.
-
-Mon Sep 25 16:52:41 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
-		Makefile. 
-
-Wed Sep 13 11:11:38 1995 Keith Vetter (keithv@fusion.com)
-
-	* Makefile.in: Put back in all:: all-$(WHAT) rule--PC needs it.
-
-Thu Jun 15 18:02:16 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* Makefile.in - Remove explicit "all" rule at head of file, it causes
-		platform specific target to get done first.
-	* configure.in - Create symlinks for archive and shared library when
-		we build them.  Also, put explicit "all" rule at end of file
-		so that we do the subdirectory rules first.
-
-Fri Jun  9 18:55:01 1995    <tytso@rsx-11.mit.edu>
-
-	* configure.in: Remove standardized set of autoconf macros, which
-		are now handled by CONFIG_RULES.  Use DO_SUBDIRS to
-		recurse down subdirectories.
-
-Mon May 22 10:04:26 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* configure.in	- Add SUBDIRS for install target.
-
-Tue May  2 21:42:32 1995  Tom Yu  (tlyu@dragons-lair)
-
-	* Makefile.in: nuke spurious whitespace in blank line
-
-Wed Apr 26 14:39:18 1995 Keith Vetter (keithv@fusion.com)
-
-	* Makefile.in: passed wrong macro on the recursive makes.
-
-Tue Mar 21 19:08:51 1995 Keith Vetter (keithv@fusion.com)
-
-	* Makefile.in: changed the name of the library the PC
-           builds, and added xxx-mac targets to mimic xxx-unix.
-
-Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com)
-
-	* Makefile.in: cleaned up for the PC
-
-Mon Feb 20 21:38:20 1995 Keith Vetter (keithv@fusion.com)
-
-	* Makefile.in: made to work on the PC
-
-Fri Nov 18 00:17:29 1994  Mark Eichin  <eichin@cygnus.com>
-
-	* configure.in: move WITH_CCOPTS.
-
-Wed Oct 19 12:16:44 1994  Theodore Y. Ts'o  (tytso@dcl)
-
-	* Makefile.in: make install obey $(DESTDIR) completely
-
-Mon Oct  3 22:48:54 1994  Theodore Y. Ts'o  (tytso@dcl)
-
-	* Makefile.in: make install obey $(DESTDIR)
-
-Thu Aug  4 03:41:21 1994  Tom Yu  (tlyu@dragons-lair)
-
-	* configure.in: look for install program
-
-	* Makefile.in: make install fixes
-
diff --git a/src/lib/gssapi/generic/ChangeLog b/src/lib/gssapi/generic/ChangeLog
deleted file mode 100644
index 70e3f50d33..0000000000
--- a/src/lib/gssapi/generic/ChangeLog
+++ /dev/null
@@ -1,941 +0,0 @@
-2006-04-03  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (DEFS): Make empty.
-
-2006-03-30  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapiP_generic.h [!_WIN32]: Include autoconf.h.
-
-	* Makefile.in (include_stdint, include_inttypes): New make
-	macros.
-	(gssapi.h): Use them.  Don't pull SIZEOF_ macros from autoconf.h.
-
-	* gssapi.hin (gss_uint32, gss_int32): Define as uint32_t and
-	int32_t, respectively.
-
-	* util_token.c: Include limits.h.
-	(der_length_size, der_write_length): Test INT_MAX instead of
-	SIZEOF_INT.
-	(der_read_length): Test sizeof(int) instead of SIZEOF_INT.
-
-2006-03-27  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (include_xom): Define as "rem" instead of empty on
-	Windows.
-
-2006-03-11  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapi.h: Use autoconf.h from include rather than include/krb5.
-	If sed fails, error out.
-
-2006-03-10  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (generate-files-mac): Depend on gssapi.h.
-
-2005-09-22  Tom Yu  <tlyu@mit.edu>
-
-	* rel_buffer.c (generic_gss_release_buffer): Free buffer even if
-	length is zero.  This avoids memory leaks in some cases.
-
-2005-04-07  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in (gssapi.h): Use awk hack to work around quoting
-	problem.
-
-2005-02-02  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (gssapi.h): Change SIZEOF symbols to start with GSS_
-	when extracting from autoconf.h.  Don't look for HAVE_ or USE_
-	symbols.  Add ${include_xom} to the prologue.
-	(include_xom): New variable.
-	* gssapi.hin: Always include stddef.h unconditionally.  Don't
-	conditionally include xom.h here.
-	(GSS_SIZEOF_INT, GSS_SIZEOF_LONG, GSS_SIZEOF_SHORT): Don't
-	define, except on Windows.
-
-2004-06-22  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapi.hin: Don't test macintosh or __MWERKS__.
-
-2004-06-16  Ken Raeburn  <raeburn@mit.edu>
-
-	* util_validate.c (g_save): Call gssint_initialize_library.
-
-2004-06-08  Sam Hartman  <hartmans@mit.edu>
-
-	* util_validate.c utl_nohash_validate.c gssapiP_generic.h:
-	Support for lucid context validation 
-
-2004-06-02  Ken Raeburn  <raeburn@mit.edu>
-
-	* disp_com_err_status.c (init_et): Variable deleted.
-	(g_display_com_err_status): Don't call initialize_ggss_error_table
-	conditionally; instead, always call gssint_initialize_library.
-
-2004-04-24  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapiP_generic.h (G_SET_INIT): Use the new mutex partial
-	initializer now.
-
-2004-03-14  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapiP_generic.h (struct _g_set_elt, g_set_elt): Renamed from
-	non-_elt versions.
-	* util_set.c, util_validate.c: Uses updated.
-
-	* gssapiP_generic.h (g_set): New struct type.
-	(G_SET_INIT): New macro.
-	* util_validate.c (g_save, g_validate, g_delete): Change first
-	argument to take a g_set * rather than void **; use the address of
-	the void pointer from the structure.
-	(g_save_name, g_save_cred_id, g_save_ctx_id, g_validate_name,
-	g_validate_cred_id, g_validate_ctx_id, g_delete_name,
-	g_delete_cred_id, g_delete_ctx_id): Updated first argument type.
-	* gssapiP_generic.h: Declarations updated.
-
-	* gssapiP_generic.h: Include k5-thread.h.
-	(g_set): Add a mutex.
-	(G_SET_INIT): Initialize it.
-	* util_validate.c (g_save, g_validate, g_delete): Lock the mutex
-	while working on the set.  (BDB version untested.)
-
-2004-02-08  Ken Raeburn  <raeburn@mit.edu>
-
-	* util_ordering.c (g_queue_externalize, g_queue_internalize):
-	Check for sufficient buffer space.
-
-2003-12-19  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapi_generic.c (const_oids): Renamed from oids, and now const.
-	(oids): New macro, casts const_oids to non-const pointer for use
-	in initializers.
-
-2003-12-13  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapiP_generic.h: Include k5-platform.h.
-	(gssint_uint64): New typedef.
-	(g_order_init, g_order_check): Update decls.
-	* util_ordering.c (struct _queue): Change sequence number fields
-	to gssint_uint64.  Add mask field.
-	(queue_insert): Change sequence number to gssint_uint64.
-	(g_order_init): Change sequence numbers to gssint_uint64.  Add
-	"wide_nums" argument; initialize the queue mask field based on
-	it; all callers changed.  Store a -1 as the first element.
-	(g_order_check): Store and check elements as offsets from
-	firstnum.  Mask to 32 bits if desired.
-	* util_token.c (g_verify_token_header): Add new argument
-	indicating whether the pseudo-ASN.1 wrapper is required; all
-	callers changed.
-
-2003-07-17  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (LIBNAME) [##WIN16##]: Don't define.
-
-2003-05-14  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in ($(EHDRDIR)$(S)timestamp): New target, used for
-	ensuring $(EHDRDIR) exists.
-	(clean-unix): Delete the dummy file.
-	($(EHDRDIR)$(S)gssapi.h): Depend on it, instead of creating the
-	directory here.
-	($(EHDRDIR)$(S)gssapi_generic.h): Likewise.
-
-2003-03-06  Alexandra Ellwood  <lxs@mit.edu>
-
-    * disp_com_err_status.c, gssapi_generic.h:  
-    Removed Mac header goober.
-    
-    * gssapiP_generic.h, gssapi.hin: Removed macintosh check because 
-    we don't build on OS 9 anymore.
-    
-    * gssapi.hin: Removed enumsalwaysint because there are no typed
-    enums in this header.  Removed duplicate CFM-68K magic.  
-
-2003-02-12  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in: Remove stamp rules.  Explicitly creates header
-	directory if needed.
-	(gssapi.h): Tweak to avoid race conditions.
-
-2003-02-11  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in (gssapi-include): New rules to avoid coding
-	dependence on relative pathnames in parent Makefile.in.
-
-2003-02-11  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in: Another attempt... turns our that the "copy"
-	command on Windows preserves modtimes, so spurious rebuilds were
-	happening even with the stamp file, since the target in $(EHDRDIR)
-	is always out of date with respect to the stamp file.
-
-2003-02-10  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in: Fix $(EHDRDIR) creation to avoid spurious
-	rebuilds.
-
-2003-02-09  Ezra Peisach  <epeisach@bu,edu>
-
-	* gssapiP_generic.h, util_token.c (g_token_size): Return unsigned
-	int instead of int.
-
-2003-01-17  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in ($(EHDRDIR)$(S)gssapi.h): Depend on create-ehdrdir,
-	to make sure the directory is created before installation of the
-	file.
-	($(EHDRDIR)$(S)gssapi_generic.h): Likewise.
-	(create-ehdrdir): New target on UNIX.  Renamed from $(EHDRDIR) on
-	Windows and changed to check for an existing directory.
-
-2003-01-10  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in: Add AC_SUBST_FILE marker for libobj_frag.
-
-2003-01-07  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.original: Deleted.
-
-2002-12-05  Sam Hartman  <hartmans@mit.edu>
-
-	* util_token.c (g_verify_token_header g_make_token_header):
-	Accept -1 to mean  that no token type is expected; the token type
-	is purely an RFC 1964 artifact and is not used in other mechanisms
-	such as SPNEGO.
-
-2002-11-15  Ezra Peisach  <epeisach@bu.edu>
-
-	* gssapiP_generic.h, util_token.c: Change g_make_token_header and
-	g_verfy_token_header to take an unsigned length in.
-
-2002-10-07  Sam Hartman  <hartmans@mit.edu>
-
-	* Makefile.in : Add install-headers- support
-
-2002-08-29  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-27  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in ($(EHDRDIR)/gssapi.h, $(EHDRDIR)/gssapi_generic.h):
-	Quote target of copies.  Reverted.
-
-2002-08-23  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-07-15  Ezra Peisach  <epeisach@bu.edu>
-
-	* gssapiP_generic.h, util_token.c (g_verify_token_header): Make
-	length argument a pointer to an unsigned int.
-
-2002-07-12  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (SRCS, OBJS, STLIBOBJS): Don't build util_dup.c.
-	* util_set.c (g_set_destroy): Don't compile this unused function.
-
-2002-07-12  Alexandra Ellwood <lxs@mit.edu>
-
-	* gssapi_generic.h: allow inclusion by C++
-
-	* gssapi.hin: Conditionalized pragmas for Metrowerks
-
-	* gssapi.hin: Added check for CFM compiles.  Removed dependency on
-	PRAGMA_* macros.  Moved check struct alignment check before struct
-	declarations.
-
-	* disp_com_err_status.c, gssapi.hin, gssapi_generic.h: 
-	Updated Mac OS X headers to new framework layout
-
-	* gssapi_generic.h: Fixed check for Mac OS X includes.
-
-	[pullups from 1-2-2-branch]
-
-2002-07-12  Miro Jurisic  <meeroh@mit.edu>
-
-	* gssapiP_generic.h: use "" include for krb5.h
-	[pullup from 1-2-2-branch]
-
-2001-10-20  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapiP_generic.h (g_*): For every g_ function declared here,
-	first define the name as a macro using a gssint_ prefix to avoid
-	conflicting with glib function names.
-
-2001-10-09  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapi.hin, gssapiP_generic.h: Make prototypes unconditional.
-	* gssapi.hin (PROTOTYPE): Don't define.
-
-2001-10-05  Ken Raeburn  <raeburn@mit.edu>
-
-	Windows still requires DLL specs for variables.
-	* gssapi.hin (GSS_DLLIMP): Define, as before (from win-mac.h) for
-	Windows, empty otherwise.
-	(GSS_C_NT_USER_NAME, GSS_C_NT_MACHINE_UID_NAME,
-	GSS_C_NT_STRING_UID_NAME, GSS_C_NT_HOSTBASED_SERVICE_X,
-	GSS_C_NT_HOSTBASED_SERVICE, GSS_C_NT_ANONYMOUS,
-	GSS_C_NT_EXPORT_NAME): Use GSS_DLLIMP.
-	(KRB5_EXPORTVAR): Don't define.
-
-	* gssapi_generic.h (gss_nt_user_name, gss_nt_machine_uid_name,
-	gss_nt_string_uid_name, gss_nt_service_name): Use GSS_DLLIMP.
-	* gssapi_generic.c (gss_nt_user_name, gss_nt_machine_uid_name,
-	gss_nt_string_uid_name, gss_nt_service_name, GSS_C_NT_USER_NAME,
-	GSS_C_NT_MACHINE_UID_NAME, GSS_C_NT_STRING_UID_NAME,
-	GSS_C_NT_HOSTBASED_SERVICE_X, GSS_C_NT_HOSTBASED_SERVICE,
-	GSS_C_NT_ANONYMOUS, GSS_C_NT_EXPORT_NAME): Use GSS_DLLIMP.
-
-	* gssapi.hin: Drop FAR, NEAR, _MSDOS support.
-	* gssapiP_generic.h: Drop _MSDOS support.
-
-2001-10-03  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapi.hin, gssapi_generic.c, gssapi_generic.h: Don't use
-	GSS_DLLIMP.
-
-2001-06-25  Tom Yu  <tlyu@mit.edu>
-
-	* gssapi.hin, gssapi_generic.h, gssapi_generic.c:
-	added oids from rfc 2744.  Kept old oids for compatibility.
-	[pullup of lxs's changes]
-
-2001-06-21  Ezra Peisach  <epeisach@mit.edu>
-
-	* util_validate.c (g_save): Cleanup extraneous variable from last
- 	change.
-
-2001-06-21  Ezra Peisach  <epeisach@mit.edu>
-
-	* util_validate.c (g_validate, g_save, g_delete): If HAVE_BSD_TYPE
-	is not defined, declare static functions as taking a void *type for
-	passing to g_set_entry_add.
-
-2001-05-08  Ezra Peisach  <epeisach@mit.edu>
-
-	* disp_major_status.c (display_unknown): Remove unused variable. 
-
-	* util_token.c (g_make_token_header): Remove incorrect cast of
-	length argument to memcpy.
-
-	* oid_ops.c (generic_gss_str_to_oid): Cast argument of isxxx()
-	functions to int - avoids gcc warning when these are implemented
-	as macros indexing an array.
-
-2001-05-04  Ezra Peisach  <epeisach@mit.edu>
-
-	* disp_major_status.c (display_unknown): Declare as static. Remove
-	non-useful code.
-
-2001-04-17  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (unixmac): Target deleted.
-
-2001-03-10  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* oid_ops.c: Avoid the use of a variable named index.
-
-2000-10-03  Ezra Peisach  <epeisach@mit.edu>
-
-	* gssapiP_generic.h (g_OID_equal): Instead of casting argument to
-	memcmp as int, cast to unsigned int to match prototype.
-
-2000-08-03  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (SRCS, OBJS, STLIBOBJS): Remove util_canonhost.
-	* gssapiP_generic (g_canonicalize_host, g_local_host_name): Delete
-	declarations.
-
-2000-05-31  Wilfredo Sanchez  <tritan@mit.edu>
-
-	* util_token.c: Check for existance of <memory.h>.
-	[from Nathan Neulinger <nneul@umr.edu>]
-
-1999-10-26  Wilfredo Sanchez  <tritan@mit.edu>
-
-	* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
-	LOCAL_INCLUDES such that one can override CFLAGS from the command
-	line without losing CPP search patchs and defines. Some associated
-	Makefile cleanup.
-
-Wed May 19 13:23:16 1999  Danilo Almeida  <dalmeida@mit.edu>
-
-	* Makefile.in: Improve rule to create gssapi include dir under
-		windows.
-
-Wed May 19 11:39:05 1999  Danilo Almeida  <dalmeida@mit.edu>
-
-	* Makefile.in: Fix windows cleanup to ignore any errors while
-		removing gssapi include dir.
-
-Mon May 10 15:22:12 1999  Danilo Almeida  <dalmeida@mit.edu>
-
-	* Makefile.in: Do win32 build in subdir.
-
-Thu Mar 25 22:41:30 1999  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* disp_major_status.c (display_unknown): Fix the length of the
- 	 	buffer to be the size of the returned string, instead of
- 	 	something bigger than the returned string.
-
-1999-02-19  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in (DLL_FILE_DEF): Tell the Makefile template that we
-		are building object files for the GSSAPI DLL.
-
-	* gssapi.hin, gssapi_generic.c: Change use of KRB5_DLLIMP to be
-		GSS_DLLIMP.
-
-1998-11-13  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Set the myfulldir and mydir variables (which are
-		relative to buildtop and thisconfigdir, respectively.)
-
-1998-10-27  Marc Horowitz  <marc@mit.edu>
-
-	* gssapi.hin: define GSS_S_DUPLICATE_ELEMENT, GSS_S_NAME_NOT_MN,
-	and GSS_S_GAP_TOKEN as per gss v2 c bindings
-
-1998-06-08  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* oid_ops.c (generic_gss_release_oid): Recognize our own "self"
-		oids so that we don't free static oid's.  (exported_name
-		and nt_service_name_v2).
-
-Sun May 24 22:01:29 1998  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* util_buffer.c (g_make_string_buffer): Don't include the trailing
-		NULL of the string in the gss buffer's length.
-
-1998-05-18  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* util_ordering.c (g_order_free): 
-	* rel_oid_set.c (generic_gss_release_oid_set): 
-	* disp_major_status.c: General lint cleanup.
-
-	* util_oid.c (g_copy_OID_set): Copy the OID set with entirely
-		dynamic memory (don't alias the contents of the OID set).
-
-Wed Apr  1 16:33:27 1998  Tom Yu  <tlyu@mit.edu>
-
-	* disp_major_status.c (g_display_major_status): Fix a typo in
-	previous.
-
-1998-03-31  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* disp_major_status.c (display_unknown): Change to not return
-		GSS_S_CONTINUE_NEEDED, per the standard C bindings
-		specification.
-
-Wed Feb 18 16:11:15 1998  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in: Remove trailing slash from thisconfigdir.  Fix up
-	BUILDTOP for new conventions.
-
-Mon Feb  2 17:02:29 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
-Fri Jun 27 08:44:54 1997  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* gssapi.hin: Add definition of GSS_C_NO_NAME (per
-		draft-ietf-cbind-04.txt)
-
-Wed Nov 19 11:01:27 1997  Ezra Peisach  <epeisach@mit.edu>
-
-	* Makefile.in (clean-unix): Remove EXPORTED_BUILT_HEADERS as well.
-
-Sun Aug 17 14:31:26 1997  Ezra Peisach  <epeisach@mit.edu>
-
-	* util_token.c (g_verify_token_header): Change local char *
-	 	variable to unsigned char * to match usage.
-
-Tue Jul 29 22:54:40 1997  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* gssapi_generic.c: Add support for the new OID value for
-		host-based service name.
-
-Tue Jul  8 12:46:17 1997  Ezra Peisach  <epeisach@mit.edu>
-
-	* util_ordering.c: Include string.h for prototypes.
-
-Fri Mar 28 03:43:58 1997  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* gssapi_generic.c, gssapi_generic.h: Added definition for the
-		generic gsspi OID type "gss_nt_exported_name".
-
-Thu Mar 27 15:36:32 1997  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* gssapi.hin: Add the GSS_C_PROT_READY_FLAG and GSS_C_TRANS_FLAG
-		Add prototypes for the V2 functions gss_export_name(),
-		gss_duplicate_name(), and gss_canonicalize_name().
-
-Tue Mar 18 13:52:29 1997  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* gssapi.hin: Add 'extern "C"' for C++ compatibility; also check
-		for __cplusplus since some C++ compilers don't set
- 		__STDC__
-
-Mon Mar 17 14:42:33 1997  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* gssapi.hin: Fix header file so that winmac.h is #included when
-		compiling on the Macintosh.
-
-Sat Feb 22 18:57:56 1997  Richard Basch  <basch@lehman.com>
-
-	* Makefile.in: Use some of the new library list build rules in
-		win-post.in
-
-Sun Feb  9 11:41:08 1997  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in: Fix includes generation for unix after
-	libhack_branch merge.
-
-Thu Feb  6 11:11:17 1997  Ezra Peisach  (epeisach@mit.edu)
-
-	* configure.in: Remove the CopyHeader and CopySrcHeader rules as
-		they are handled in Makefile.in
-
-	* Makefile.in: Create include/gssapi on unix. Make clean removes
-		built gssapi.h
-
-Wed Feb  5 23:28:47 1997  Richard Basch  <basch@lehman.com>
-
-	* gssapi.hin: Make sure KRB5_EXPORTVAR is defined.
-
-Tue Feb  4 15:55:11 1997  Richard Basch  <basch@lehman.com>
-
-	* Makefile.in: Only override the object build of the error table
-		under Unix
-
-Thu Nov 21 11:55:16 EST 1996    Richard Basch   <basch@lehman.com>
-
-        * Makefile.in: win32 build
-
-	* gssapi.hin, gssapi_generic.c, gssapi_generic.h:
-	DLL export all public gssapi functions; move windows/mac stuff to
-	win-mac.h
-
-Tue Jan 14 20:16:46 1997  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in:
-	* configure.in: Update to new library build procedure.
-
-Wed Nov 20 13:59:58 1996  Ezra Peisach  <epeisach@mit.edu>
-
-	* Makefile.in (install): Install gssapi.h from the build tree.
-
-Tue Nov 19 16:43:16 1996  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in (gssapi.h): grep USE_.*_H out from autoconf.h as
-	well (some stuff was depending on USE_STRING_H).
-
-Mon Nov 18 12:38:34 1996  Tom Yu  <tlyu@mit.edu>
-
-	*gssapi.h: Renamed to gssapi.hin.
-
-	* gssapi.hin: Remove #ifdef USE_AUTOCONF_H; we're grepping symbols
-	directly from autoconf.h now.
-
-	* configure.in: Change CopySrcHeader to CopyHeader, as gssapi.h is
-	now generated in the build tree.
-
-	* Makefile.in: Add rules to generate gssapi.h from gssapi.hin,
-	similar to how krb5.h is generated from krb5.hin.  Remove
-	-DUSE_AUTOCONF_H from $(CFLAGS)
-
-Tue Nov  5 18:47:44 1996  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in (HDRS): Changes so that $(OBJS) will not get
-	recompiled gratuitously if someone touches the include directory.
-
-	* configure.in: Revert previous change re: CopySrcHeader.
-
-Tue Oct 29 10:20:58 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* Makefile.in: Use $(S) instead of / for productions which could
-		be used on both DOS and Unix systems.
-
-Mon Oct 21 16:16:26 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* util_ordering.c (g_queue_internalize, g_queue_externalize):
- 		Fixed typo so that the remaining length field is set
- 		correctly.
-
-Sat Oct 19 00:39:25 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* util_ordering.c (g_queue_externalize, g_queue_internalize,
-	 	g_queue_size):  New routines which allow the serailizing
-	 	routines to access the seqstate structure.
-
-Thu Oct 10 15:03:38 1996  Tom Yu  <tlyu@mit.edu>
-
-	* configure.in: Remove calls to CopySrcHeader.
-
-	* Makefile.in: More fixups; punt usage of CopySrcHeader and use
- 	explicit dependencies instead, thus avoiding abuse of double-colon
- 	rules.
-
-Wed Oct  9 14:12:27 1996  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in (all-unix): Fix up last change; depending on a phony
-	target causes everything all of $(OBJS) to get remade always.
-
-	* Makefile.in (all-unix): Fix up various rules that have
-	"includes" as dependencies in order to allow for makes that don't
-	do left-to-right ordering of dependencies.
-
-Wed Aug 28 17:44:06 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* utl_nohash_validate.c: 
-	* util_canonhost.c:
-	* util_validate.c: Only include sys/types.h if present.
-
-	* configure.in: Add check for limits.h and sys/types.h
-
-Fri Aug  2 13:37:10 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* gssapiP_generic.h: If not on a Mac or under Dos, and stdlib.h
-		exists, include it.
-
-	* configure.in: Check for stdlib.h
-
-Thu Jul 25 00:03:01 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* util_ordering.c (g_order_check): 
-	* util_ordering.c (g_order_init): Changed return code to be an int
-		32, since we return a com_err error code.  Change the type
-		of the sequence number to be an uint32.
-
-	* gssapi.h: Define gss_int32 -- needed for error code returns.
-
-	* Makefile.in (EHDRDIR): Use $(S) instead of /, so that EHDRDIR is
-		valid under windows.  Fix how the header file is copied in
-		under Windows.
-
-	* gssapiP_generic.h: Include gssapi_generic.h instead of gssapi.h,
-		so that we get the definitions of the nametype oids.
-
-Wed Jul 24 18:48:43 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* oid_ops.c (generic_gss_release_oid): Re-enable function.
-
-	* util_token.c (g_verify_token_header): Changed return code to be
-		an int 32, since we return a com_err error code.
-
-	* rel_buffer.c (generic_gss_release_buffer): 
-	* rel_oid_set.c (generic_gss_release_oid_set): Remove INTERFACE
- 		keyworded; not needed (and causes problems) since we're
- 		not exporting this function to the DLL.
-
-Tue Jul 23 16:44:50 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* util_validate.c: Only include <sys/file.h> if building with BSD_DB.
-
-	* gssapiP_generic.h: Must include k5-int.h on Windows and
-		Macintosh builds.
-
-	* Makefile.in (SRCS): Renamed release_buffer.c to rel_buffer.c,
-		and release_oid_set.c to rel_oid_set.c.  Marc broke the
-		DOS 8.3 renaming which Gilmore had done to conform with
-		DOS's filesystem constraints.
-
-Fri Jun 21 18:02:51 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* gssapi.h: Fix Win-16 build #defines for KRB5_CALLCONV and
-	 	KRB5_DLLIMP.
-
-Thu Jun 13 22:11:08 1996  Tom Yu  <tlyu@voltage-multiplier.mit.edu>
-
-	* configure.in: remove ref to ET_RULES
-
-Wed Jun 12 00:48:32 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Update special rule for gssapi_err_generic.obj
-		so that it uses the right Win-32 library command.
-
-Wed Jun 12 00:46:41 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* gssapi.h: Change INTERFACE to be KRB5_CALLCONV, which is where
-		the calling convention is defined.  Add KRB5_DLLIMP
-		which is where the DLL import/export should be put for
-		Win32.  (Win16 is just different.)  The correct way to
-		declare a function which will be used in a DLL is now:
-		KRB5_DLLIMP func_return_t KRB5_CALLCONV func(long)
-
-		Change function delcarations to use the new
-		convention.  Actually, it doesn't hurt to use the old
-		convention as long as func_return_t doesn't contain a
-		'*'.  But in the long run we should be exterminating
-		all uses of INTERFACE in favor of KRB5_CALLCONV and
-		KRB5_DLLIMP.
-
-Sun Apr 21 03:07:02 1996  Marc Horowitz  <marc@mit.edu>
-
-	* gssapi_generic.c, release_buffer.c, release_oid_set.c: added
- 	files which should have been added before, but either I or commit
- 	was confused.
-
-Wed Apr 17 20:59:23 1996  Marc Horowitz  <marc@mit.edu>
-
-	* oid_ops.c: moved from mechglue
-	
-	* util_canonhost.c (g_canonicalize_host): cast the return value of
- 	malloc()
-
-	* gssapiP_generic.h: Added prototypes for oid_ops.c
-
-	* gssapi.h: Make the types of OM_uint32 constants portable,
-	fix some minor compile-time nits
-
-	* Makefile.in: change the list of files which need to be built
-
-Tue Apr  2 15:31:25 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in (SRCS): Inlined list of source files for SRCS and
-		OBJS (for Macintosh build).
-
-Thu Feb 29 19:39:23 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* util_token.c (der_length_size, der_write_size): Fix to work on
-		16-bit platforms (we don't allow greater than 64k tokens
-		on these platforms).
-
-Tue Feb 27 17:49:54 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* gssapi.h (size_t): Make sure size_t and uid_t are defined under
-	        MS-DOS.
-
-Sat Feb 24 21:30:53 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* gssapi.h (GSS_S_DUPLICATE_ELEMENT): New error code function.
-		XXX Need to square number assigment with official C-binds
-		draft once it is issued.
-
-Wed Jan 24 20:48:15 1996  Tom Yu  <tlyu@dragons-lair.MIT.EDU>
-
-	* gssapi.h: Added definition of NPROTOTYPE to dtrt with Ultrix,
-		etc.  Also added special case for Ultrix (limited
-		prototype support).
-
-Tue Jan 23 03:28:41 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* gssapiP_generic.h: Removed prototypes of functions that have
-		been moved to the mechglue layer.
-
-	* Makefile.in: Removed gssapi_generic.c, oid_ops.c, rel_buffer.c,
-		and rel_oid_set.c --- these functions are now done in the
-		mechglue layer.  
-
-Wed Jan 10 21:31:42 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in (gssapi_err_generic.$(OBJEXT)): Added ##DOS
-		statements after gssapi_err_generic.$(OBJECT) to get it
-		added to library on Windows.  (Patch from Doug Engert).
-
-	* gssapi.h: Remove #if statement that used sizeof(xxx), since that
-		won't work for most C compilers/C preprocessors!
-
-Thu Jan  4 21:33:38 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* gssapiP_generic.h (TWRITE_INT16, TREAD_INT16): Added new macros
-		to read and write two byte integers from the wire.
-
-	* gssapiP_generic.h: Don't include <sys/types.h> since it's
-		already included by gssapi.h.
-
-	* gssapi.h: Add a #ifndef _MACINTOSH around include of <sys/types.h>
-
-Fri Nov 17 22:21:58 1995    <tytso@rsts-11.mit.edu>
-
-	* Makefile.in, ChangeLog: Add support to compile shared libraries.
-
-	* gssapi.h: Include sys/types.h, since that's where POSIX says
-		size_t is defined.
-
-Fri Oct  6 22:01:57 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in: Remove ##DOS!include of config/windows.in.
-		config/windows.in is now included by wconfig.
-
-Fri Sep 29 02:02:35 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* gssapi.h: For MS-DOS, use the brute force method of defining the
-		size of variables; we should really get an autoconf file
-		for MS-DOS.
-
-Mon Sep 28 12:00:00 1995  John Rivlin <jrivlin@fusion.com>
-	
-	* gssapi_generic.h: Modified to use build in compiler symbols rather
-		than relying on _MACINTOSH so the projects can include the file
-		without using our headers.
-
-	* Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
-		Makefile. 
-
-Mon Sep 25 16:53:00 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
-		Makefile. 
-
-Wed Sep 13 10:36:32 1995 Keith Vetter (keithv@fusion.com)
-
-	* oid_ops.c: signed/unsigned mismatch, removed unused variables.
-	* util_oid.c: changed int to a size_t.
-
-Wed Sep  6 12:00:00 1995  James Mattly  <mattly@fusion.com>
-	* gssapiP_generic.h:  changed a path bearing include for MACINTOSH
-	* gssapi_generic.h:  changed a path bearing include for MACINTOSH
-	* util_cannonhost.h:  changed a path bearing include for MACINTOSH
-	* utl_nohash_validate.h:  changed a path bearing include for MACINTOSH,
-		also we don't have limits.h
-
-
-Thu Aug 31 11:43:59 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* gssapi.h - Update to V2 API.  Also use autoconf.h if USE_AUTOCONF_H
-		is defined, otherwise resort to brute force.  Remove const_
-		gss_OID, as it's not defined in the API.
-	* gssapiP_generic.h - Add new V2 dispatch prototypes.  Update
-		arguments to be compatible with V2 API.
-	* disp_major_status.c - Describe new failure codes.  Update argument.
-	* gssapi_generic.c - Replace const_gss_OID.
-	* rel_oid_set.c - Free individual OID data also.
-	* util_token.c - Replace const_gss_OID.
-	* oid_ops.c - New V2 OID set manipulation routines.
-	* Makefile.in, .Sanitize - Add oid_ops.c.
-
-
-Tue Aug 29 13:30:29 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* gssapi.h - Add prototypes for gss_{im,ex}port_sec_context.
-
-
-Thu Jul 27 15:25:08 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* gssapiP_generic.h - Include k5-int.h instead of k5-config.h and
-		conditionally k5-sockets.h.
-
-
-Fri Jul 7 16:22:49 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* Makefile.in - Remove LDFLAGS, it's set by configure.
-
-Fri Jun  9 19:25:47 1995    <tytso@rsx-11.mit.edu>
-
-	* configure.in: Remove standardized set of autoconf macros, which
-		are now handled by CONFIG_RULES.
-
-Wed May 24 06:52:41 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* gssapiP_generic.h: Include k5-sockets.h now that k5-config.h
-		does not include netdb.h.
-
-Mon May 22 10:08:13 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* Makefile.in	- Install EXPORTED_HEADERS in gssapi subdirectory of
-			  KRB5_INCDIR.
-	* configure.in	- Find KRB5ROOT and install program.
-
-Sat Apr 29 15:29:15 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* gssapi.h: Only define PROTOTYPE if it is not deined at all.
-
-Fri Apr 21 10:57:44 1995  Ezra Peisach  (epeisach@kangaroo.mit.edu)
-
-	* gssapi.h: If !stdc and !windows, define PROTOTYPE properly.
-
-Thu Apr 20 14:23:14 1995 Keith Vetter (keithv@fusion.com)
-
-	* gssapi.h: fixed up the "windows specific hackery".
-
-Thu Apr 20 11:41:04 1995    <tytso@rsx-11.mit.edu>
-
-	* configure.in: Add checking for SIZEOF_SHORT, SIZEOF_INT, and
-		SIZEOF_LONG, so we don't need to depend on getting this
-		information from include/krb5/autoconf.h
-
-	* gssapi.h: Removed dependence on krb5 include files.
-
-	* gssapiP_generic.h: We need to include k5-config in order to get
-		Windows specific hackery.  Somewhat of a wart, but this is
-		a gssapi internal header file, so the rest of the world
-		doesn't have to see this.
-
-	* util_token.c: Define VALID_INT, instead of relying on this being
-		defined by krb5.h.
-
-Thu Apr 13 16:27:56 1995 Keith Vetter (keithv@fusion.com)
-
-	* gssapi_e.c: __STDC__ conditional also checks the _WINDOWS define.
-	* *.[ch]: removed unneeded INTERFACE from non-api functions.
-        * *.h added FAR to pointers visible at to the world.
-
-Tue Mar 28 18:28:03 1995  John Gilmore  (gnu at toad.com)
-
-	* Makefile.in (unixmac):  Add to build header files.
-
-Fri Mar 24 18:02:15 1995  Theodore Y. Ts'o  (tytso@rt-11)
-
-	* util_canonhost.c: Don't include sys/socket.h and netdb.h, since
-		they are included by k5-config.h
-
-Tue Mar 21 19:09:34 1995 Keith Vetter (keithv@fusion.com)
-
-	* Makefile.in: changed the name of the library the PC
-           builds, and added xxx-mac targets to mimic xxx-unix.
-
-Tue Mar 7 20:14:53 1995 Keith Vetter (keithv@fusion.com)
-
-	* disp_maj.c: added casts on int->long assignments.
-        * util_can.c: made to work with PC winsockets.
-        * util_dup.c: added system include for prototype info.
-        * util_tok.c: int/long problems.
-        * gssapip_.h: added casts on int->char assignments.
-
-Tue Feb 28 00:25:58 1995  John Gilmore  (gnu at toad.com)
-
-	* gssapi.h:  Avoid <krb5/...> includes.
-	* disp_com_err_status.c:  Use "com_err.h" not <com_err.h>.
-
-Mon Feb 20 18:50:33 1995 Keith Vetter (keithv@fusion.com)
-
-	* Makefile.in: made to work on the PC
-        * Added windows INTERFACE keyword
-          disp_com.c disp_maj.c rel_buff.c rel_oid_.c
-          util_buf.c util_can.c util_dup.c util_oid.c
-          util_tok.c util_val.c utl_noha.c
-        * gssapiP_generic.h: 
-          added INTERFACE keyword
-          removed inclusion
-        * util_tok.c: had to coerce long to int on TWRITE_STR.
-        * gssapi.h: made typedef for OM_uint32 machine independent and
-          added INTERFACE to prototypes.
-
-Mon Feb 20 12:00:00 1994  Keith Vetter (keithv@fusion.com)
-
-	More DOS 8.3 renames--for files created by make
-	* gssapi_generic_err.et   => gssapi_err_generic.et
-				  => gssapi_err_generic.h
-				  => gssapi_err_generic.c
-	* gssapiP_generic.h was changed to match
-	* Makefile.in was changed to match
-
-Fri Feb  3 00:18:11 1995  John Gilmore  <gnu@cygnus.com>
-
-	Rename files for DOS 8.3 uniqueness:
-	* display_com_err_status.c => disp_com_err_status.c
-	* display_major_status.c   => disp_major_status.c
-	* release_buffer.c         => rel_buffer.c
-	* release_oid_set.c        => rel_oid_set.c
-	* util_val_nohash.c        => utl_nohash_validate.c
-	* Makefile.in was changed to match.
-
-Sat Aug 20 01:34:46 1994  Theodore Y. Ts'o  (tytso at tsx-11)
-
-	* gss_generic.c (gss_OID_desc): Fix OID's!
-
-Thu Jul 14 03:29:25 1994  Tom Yu  (tlyu at dragons-lair)
-
-	* Makefile.in: remove spurious mkdir
-
-Tue Jun 21 01:17:35 1994  Mark W. Eichin  (eichin at mit.edu)
-
-	* configure.in: add AC_SIZE_T.
-
diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog
deleted file mode 100644
index ea60edfe81..0000000000
--- a/src/lib/gssapi/krb5/ChangeLog
+++ /dev/null
@@ -1,2299 +0,0 @@
-2006-04-03  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (DEFS): Make empty.
-
-2006-03-10  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (generate-files-mac): Depend on gssapi_krb5.h.
-
-2006-03-07  Jeffrey Altman <jaltman@mit.edu>
-
-	* acquire_cred.c: (acquire_init_cred)
-          If the leash32.dll is not available, fallback to opening the
-          default credential cache even when the desired_name is 
-          provided.
-
-2005-11-14  Jeffrey Altman <jaltman@mit.edu>
-
-	* gssapi_krb5.hin: include k5-int.h instead of krb5.h
-
-2005-10-20  Alexandra Ellwood <lxs@mit.edu>, Jeffrey Altman <jaltman@mit.edu>
-	
-	* acquire_cred.c (acquire_init_cred):
-	  If a specific principal has been requested, attempt to acquire
-          tickets and set the ccache name in the context to the ccache
-          containing the tickets if obtained. (KFM/KFW)  
-
-2005-10-20  Jeffrey Altman <jaltman@mit.edu>
-
-	* gssapi_krb5.hin: add missing GSS_DLLIMP to exported symbols
-
-2005-09-21  Tom Yu  <tlyu@mit.edu>
-
-	* import_name.c (krb5_gss_import_name): Add missing free of tmp in
-	an error case to fix a memory leak.
-
-	* inq_cred.c (krb5_gss_inquire_cred): Memory leak fixes: call
-	krb5_gss_release_cred() with address of cred, not cred; add
-	missing call to krb5_gss_release_cred() in an error case.
-
-	* duplicate_name.c (krb5_gss_duplicate_name):
-	* export_name.c (krb5_gss_export_name): Fix gsstest nit by
-	clearing minor_status if no errors.
-
-	* inq_cred.c (krb5_gss_inquire_cred): Initialize ret_name to
-	NULL.  Only call kg_save_name() if ret_name is actually non-NULL.
-	Return GSS_C_NO_NAME for now if no principal name in the cred.
-	Reported by Christoph Weizen.
-
-2005-08-11  Tom Yu  <tlyu@mit.edu>
-
-	* import_name.c: Include stdio.h regardless of presence of
-	getpwuid_r(), to ensure definition of BUFSIZ.  Reported by
-	Vladimir Terziev.
-
-2005-04-07  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in (gssapi_krb5.h): Use awk hack to work around quoting
-	problem.
-
-2005-03-25  Ken Raeburn  <raeburn@mit.edu>
-
-	* import_name.c (krb5_gss_import_name): Use k5_getpwuid_r.
-
-2005-01-13 Jeffrey Altman <jaltman@mit.edu>
-
-        * init_sec_context.c, acquire_cred.c: fix calls to 
-          krb5_gss_release_cred() to pass in the correct type.
-          This fixes a mutex leak.
-
-2004-08-27  Tom Yu  <tlyu@mit.edu>
-
-	* init_sec_context.c (make_ap_req_v1): Free checksum data
-	allocated by make_gss_checksum() to avoid leak.
-
-	* k5sealv3.c (gss_krb5int_unseal_token_v3): Free plain.data after
-	checksum is verified, to avoid leak.
-
-2004-08-26  Ken Raeburn  <raeburn@mit.edu>
-
-	* acquire_cred.c (krb5_gss_acquire_cred): Call
-	gssint_initialize_library.  Return correct error code on mutex
-	initialization failure.
-
-2004-07-29  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapi_krb5.c (kg_ccache_name): Variable deleted.
-	(kg_sync_ccache_name, kg_get_ccache_name, kg_set_ccache_name): Get
-	and set thread-specific values instead.
-
-2004-07-28  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapiP_krb5.h (struct _krb5_gss_cred_id_rec): Add a mutex.
-	(krb5_gss_validate_cred_1): Declare.
-	* accept_sec_context.c (rd_and_store_for_creds): Initialize mutex.
-	* acquire_cred.c (krb5_gss_acquire_cred): Initialize mutex.
-	* add_cred.c (krb5_gss_add_cred): Create the krb5 context
-	earlier.  Call krb5_gss_validate_cred_1.  Make sure the mutex is
-	locked.
-	* copy_ccache.c (gss_krb5_copy_ccache): Lock the mutex in the
-	source credential.
-	* init_sec_context.c (get_credentials, new_connection): Check that
-	the mutex is locked.
-	(mutual_auth): Delete unused credential argument.
-	(krb5_gss_init_sec_context): Lock the mutex.
-	* inq_cred.c (krb5_gss_inquire_cred): Lock the mutex.
-	* rel_cred.c (krb5_gss_release_cred): Destroy the mutex.
-	* set_allowable_enctypes.c (gss_krb5_set_allowable_enctypes): Lock
-	the mutex.
-	* val_cred.c (krb5_gss_validate_cred_1): New function, most of old
-	krb5_gss_validate_cred but requires that the krb5 context be
-	supplied, and returns with the credential mutex still locked if
-	successful, so the caller needn't re-lock it.
-	(krb5_gss_validate_cred): Use it.
-
-	* set_ccache.c (gss_krb5_ccache_name): Don't make a copy of the
-	string returned by kg_get_ccache_name.  Simplify some calls using
-	a temporary error code variable.
-
-	* gssapi_krb5.c (kg_get_ccache_name): Make a copy of the default
-	ccache name, because calling krb5_free_context will destroy it.
-	Make the copy always, not just in the local-context case.  Check
-	for errors in making the copy.
-
-2004-07-14  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapi_krb5.c (kg_sync_ccache_name): Add context argument
-	instead of calling kg_get_context.
-	(kg_get_ccache_name): Use a locally created krb5 context instead
-	of calling kg_get_context.
-	(kg_get_context): Deleted.
-	* acquire_cred.c (acquire_init_cred): Pass current context.
-	(krb5_gss_acquire_cred): Use a locally created krb5 context
-	instead of calling kg_get_context.
-	* add_cred.c (krb5_gss_add_cred): Call kg_sync_ccache_name.
-	* init_sec_context.c (krb5_gss_init_sec_context): Likewise.
-	* gssapiP_krb5.h (kg_sync_ccache_name): Update prototype.
-	(kg_get_context): Delete declaration.
-
-2004-07-13  Ken Raeburn  <raeburn@mit.edu>
-
-	* acquire_cred.c: Include gss_libinit.h.
-	(gssint_krb5_keytab_lock): New mutex.
-	(krb5_gss_register_acceptor_identity, acquire_accept_cred): Lock
-	the mutex while manipulating krb5_gss_keytab.
-	* gssapiP_krb5.h (gssint_krb5_keytab_lock): Declare.
-
-	* set_ccache.c (gss_krb5_ccache_name): Check thread-specific data
-	for the saved "old" name to free.  Save the new old name in
-	thread-specific data.
-
-2004-07-08  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (LOCALINCLUDES): Add $(srcdir)/.. to the list.
-
-2004-07-07  Ken Raeburn  <raeburn@mit.edu>
-
-	* disp_status.c: Include gss_libinit.h.
-	(init_et): Variable deleted.
-	(krb5_gss_display_status): Don't use init_et; instead, call
-	gssint_initialize_library.
-
-2004-07-06  Ken Raeburn  <raeburn@mit.edu>
-
-	* import_name.c [HAVE_GETPWUID_R]: Include stdio.h.
-	(krb5_gss_import_name) [HAVE_GETPWUID_R]: Use getpwuid_r instead
-	of getpwuid, for thread safety.
-
-2004-06-17  Tom Yu  <tlyu@mit.edu>
-
-	* ser_sctx.c (kg_ctx_size, kg_ctx_externalize):
-	(kg_ctx_internalize): Adjust for new field cred_rcache.
-
-2004-06-15  Tom Yu  <tlyu@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Only null
-	out the auth_context's rcache if it was provided by acceptor
-	creds; this prevents a leak.
-
-	* delete_sec_context.c (krb5_gss_delete_sec_context): Only null
-	out the auth_context's rcache if it was provided by acceptor
-	creds; this prevents a leak.
-
-	* gssapiP_krb5.h (krb5_gss_ctx_id_rec): Add cred_rcache to track
-	whether acceptor creds provided an rcache.
-
-2004-06-14  Tom Yu  <tlyu@mit.edu>
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Fix pointer
-	assignment when retrieving k5_context from existing
-	context_handle.
-
-2004-06-10  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (gssapi_krb5.h): Add Windows version of generation
-	rule.
-
-2004-06-09  Sam Hartman  <hartmans@mit.edu>
-
-	* Makefile.in (install-headers-unix install): install
-	gssapi_krb5.h from build directory not source directory 
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): If the
-	server provides channel bindings, these channel bindings must be
-	matched.  Thus clients can only provide null channel bindings if
-	the server provides no channel bindings. 
-
-2004-06-08  Sam Hartman  <hartmans@mit.edu>
-
-	* set_allowable_enctypes.c lucid_context.c:  new file
-
-	* gssapi_krb5.hin: Made file autogenerated; support  gss_uint64 type
-
-	* Makefile.in (gssapi_krb5.h): Include code to pull in stdint.h if available.
-
-	* gssapi_krb5.h: Add declarations for lucid_context support
-
-2004-04-24  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapi_krb5.c (kg_get_ccache_name): Don't test err while it's
-	still known to be 0.
-	(kg_set_ccache_name): Likewise.  Return after an error rather
-	than continuing.
-
-	* krb5_gss_glue.c (gss_import_name): Call
-	gssint_initialize_library and check the return status.
-
-2004-04-13  Jeffrey Altman <jaltman@mit.edu>
- 
-    * k5unseal.c: gss_krb5int_unseal_token_v3() takes a pointer to 
-      krb5_context
-    * import_sec_context.c: krb5_gss_ser_init() contains a function
-      pointer table.  this table must use pointers to functions of
-      type KRB5_CALLCONV.
-
-2004-03-20  Ken Raeburn  <raeburn@mit.edu>
-
-	* rel_cred.c (krb5_gss_release_cred): Create and destroy a local
-	krb5 context.
-	* rel_name.c (krb5_gss_release_name): Likewise.
-	* val_cred.c (krb5_gss_validate_cred): Likewise.
-
-2004-03-19  Ken Raeburn  <raeburn@mit.edu>
-
-	* add_cred.c (krb5_gss_add_cred): Create and destroy a local krb5
-	context.
-	* compare_name.c (krb5_gss_compare_name): Likewise.
-	* copy_ccache.c (gss_krb5_copy_ccache): Likewise.
-	* disp_name.c (krb5_gss_display_name): Likewise.
-	* duplicate_name.c (krb5_gss_duplicate_name): Likewise.
-	* inq_cred.c (krb5_gss_inquire_cred): Likewise.
-	* export_name.c (krb5_gss_export_name): Likewise.
-	* import_name.c (krb5_gss_import_name): Likewise.
-
-	* context_time.c (krb5_gss_context_time): Use the krb5 context in
-	the GSS security context.
-
-2004-03-15  Ken Raeburn  <raeburn@mit.edu>
-
-	* k5seal.c (kg_seal): Extract the krb5 context from the security
-	context instead of requiring it be passed in as an argument.
-	* k5unseal.c (kg_unseal): Likewise.
-	* gssapiP_krb5.h (kg_seal, kg_unseal): Declarations updated.
-	* delete_sec_context.c, process_context_token.c, seal.c, sign.c,
-	unseal.c, verify.c: Callers changed.
-	* inq_context.c (krb5_gss_inquire_context): Use krb5 context
-	contained in security context instead of calling kg_get_context.
-	* wrap_size_limit.c (krb5_gss_wrap_size_limit): Likewise.
-
-	* import_sec_context.c (krb5_gss_ser_init): New function.
-	(krb5_gss_import_sec_context): Create a krb5 context locally to
-	use for the import.
-	* export_sec_context.c (krb5_gss_export_sec_context): Use the
-	krb5 context in the security context.
-	* gssapiP_krb5.h (krb5_gss_ser_init): Declare.
-	* gssapi_krb5.c (kg_get_context): Don't call krb5 serialization
-	initialization code here.
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Free the
-	new krb5 context in an error case not caught before.
-
-2004-03-14  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Add a krb5
-	context object.
-	* init_sec_context.c (krb5_gss_init_sec_context): Create a new
-	krb5 context, and store it in the security context if
-	successful.  If there's already a security context, use the krb5
-	context in it.
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Create a
-	new krb5 context, and store it in the security context if
-	successful.
-	* delete_sec_context.c (krb5_gss_delete_sec_context): If the
-	security context has a krb5 context, free it.
-
-	* gssapi_krb5.c (kg_vdb): Change type to g_set and initialize.
-	* gssapiP_krb5.h (kg_vdb): Declaration updated.
-
-	* gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Delete fields
-	init_token and testing_unknown_tokid.
-	* init_sec_context.c (new_connection): Drop support (already
-	inside "#if 0") for them.
-	(krb5_gss_init_sec_context): Drop support for
-	testing_unknown_tokid.
-	(mutual_auth): Don't let major_status be used uninitialized.
-
-2004-03-08  Ezra Peisach  <epeisach@mit.edu>
-
-	* gssapiP_krb5.h: Add prototype for gss_krb5int_unseal_token_v3.
-
-2004-03-03  Ken Raeburn  <raeburn@mit.edu>
-
-	* disp_status.c (krb5_gss_display_status): Don't call
-	kg_get_context; delete local krb5_context variable.
-	* inq_cred.c (krb5_gss_inquire_cred_by_mech): Likewise.
-	* inq_names.c (krb5_gss_inquire_names_for_mech): Likewise.
-
-2004-02-26  Sam Hartman  <hartmans@avalanche-breakdown.mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Don't clear
-	the DO_TIME flag until after rd_req is called so a replay cache is
-	set up  even in the no_credential case. 
-
-2004-02-23  Ken Raeburn  <raeburn@mit.edu>
-
-	* wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix calculation
-	for confidential CFX tokens.
-
-2004-02-09  Ken Raeburn  <raeburn@mit.edu>
-
-	* ser_sctx.c (kg_oid_externalize): Check for errors.
-	(kg_oid_internalize): Check for errors.  Free allocated storage on
-	error.
-	(kg_queue_externalize): Check for errors.
-	(kg_queue_internalize): Check for errors.  Free allocated storage
-	on error.
-	(kg_ctx_size): Update for new context data.
-	(kg_ctx_externalize): Update for new context data.  Check for
-	error storing trailer.
-	(kg_ctx_internalize): Update for new context data.  Check for
-	errors in a few more cases.
-
-2004-02-05  Jeffrey Altman <jaltman@mit.edu>
-
-    * gssapiP_krb5.h:  remove KG_IMPLFLAGS macro
-
-    * init_sec_context.c (init_sec_context): Expand KG_IMPLFLAGS
-      macro with previous macro definition
-
-    * accept_sec_context.c (accept_sec_context): Replace KG_IMPLFLAGS
-      macro with new definition.  As per 1964 the INTEG and CONF flags
-      are supposed to indicate the availability of the services in 
-      the client.  By applying the previous definition of KG_IMPLFLAGS
-      the INTEG and CONF flags are always on.  This can be a problem
-      because some clients such as Microsoft's Kerberos SSPI allow
-      CONF and INTEG to be used independently.  By forcing the flags
-      on, we would end up with inconsist state with the client.
-
-2004-01-27  Ken Raeburn  <raeburn@mit.edu>
-
-	* init_sec_context.c (make_gss_checksum) [CFX_EXERCISE]: Don't
-	crash on null pointer in debugging code.
-	(new_connection): Disable CFX_EXERCISE unknown-token-id case
-	detection.
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context)
-	[CFX_EXERCISE]: Log to /tmp/gsslog whether delegation or extra
-	option bytes were present.
-
-2004-01-05  Ken Raeburn  <raeburn@mit.edu>
-
-	* init_sec_context.c: Include auth_con.h if CFX_EXERCISE is
-	defined.
-	(make_gss_checksum) [CFX_EXERCISE]: If the key enctype is aes256,
-	insert some stuff after the delegation slot.
-	(new_connection) [CFX_EXERCISE]: Don't send messages with bogus
-	token ids.
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Don't
-	discard the delegation flag; only look for a delegation if the
-	flag is set, and only look for delegation, not other options.
-	Ignore any other data there.
-
-2003-12-19  Ken Raeburn  <raeburn@mit.edu>
-
-	* util_crypt.c (kg_encrypt, kg_decrypt): Input pointer now points
-	to const.
-	* gssapiP_krb5.h: Declarations updated.
-	* util_seed.c (zeros): Now const.
-
-2003-12-19  Tom Yu  <tlyu@mit.edu>
-
-	* init_sec_context.c: Include k5-int.h for accessor.
-
-2003-12-18  Jeffrey Altman <jaltman@mit.edu>
-
-   * accept_sec_context.c, init_sec_context.c, ser_sctx.c:
-     Implement use of krb5int_accessor() for krb5int_c_mandatory_cksumtype,
-     krb5_ser_pack_int64, and krb5_ser_unpack_int64
-
-2003-12-13  Ken Raeburn  <raeburn@mit.edu>
-	    Sam Hartman  <hartmans@avalanche-breakdown.mit.edu>
-
-	* k5sealv3.c: New file, implements Wrap and MIC tokens for CFX
-	extensions.
-	* gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Added acceptor
-	subkey, 64-bit sequence numbers, checksum type, and hooks for
-	sending a bogus initial token for CFX testing.  Changed some flags
-	into bitfields.
-	(gss_krb5int_make_seal_token_v3): Declare.
-	* Makefile.in (SRCS, OBJS, STLIBOBJS): Build it.
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Add CFX
-	support.  For G_WRONG_TOKID, send back an error token with
-	AP_ERR_MSG_TYPE code and return a CONTINUE_NEEDED indication.
-	Initialize new fields in context.
-	* delete_sec_context.c (krb5_gss_delete_sec_context): Free
-	acceptor subkey field.
-	* init_sec_context.c (get_credentials): Drop enctypes argument;
-	callers changed.
-	(get_requested_enctypes): Deleted.
-	(setup_enc): Combine some common sections.  Do CFX initialization
-	for newer enctypes.
-	(new_connection) [CFX_EXERCISE]: If doing CFX, send a bogus
-	token.  Delete the enctype list manipulation.
-	(mutual_auth): If CFX, save acceptor's subkey.
-	* k5seal.c (make_seal_token_v1): Sequence number is now 64 bits.
-	(kg_seal): Call out to _v3 code for CFX.
-	* k5unseal.c (kg_unseal): For CFX, adjust token id numbers and
-	call out to _v3 code.
-	* wrap_size_limit.c (krb5_gss_wrap_size_limit): Implement CFX
-	support.
-
-	* gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Deleted fields
-	ctypes and nctypes.
-	* delete_sec_context.c, init_sec_context.c, ser_sctx.c: Removed
-	references.
-
-2003-12-11  Alexandra Ellwood <lxs@mit.edu>
-
-	* acquire_cred.c, gssapi_krb5.c, gssapiP_krb5.h, set_ccache.c:
-        Added kg_sync_ccache_name(), kg_get_ccache_name, and 
-        kg_set_ccache_name() and rewrote gss_krb5_ccache_name() and
-        added a call to kg_sync_ccache_name() to acquire_init_cred()
-        to fix a bug where on systems with multiple ccaches that GSSAPI
-        gets stuck on the ccache that was default when it launched.
-
-2003-07-19  Ezra Peisach  <epeisach@mit.edu>
-
-	* acquire_cred.c (krb5_gss_register_acceptor_identity): Allocate
-	enough memory to include the null at the end of the keytab char *.
-
-2003-07-17  Tom Yu  <tlyu@mit.edu>
-
-	* gssapiP_krb5.h: Delete kg_release_defcred(); it's no longer
-	used.
-
-	* gssapi_krb5.c: Delete defcred; it's no longer cached.
-	(kg_get_defcred): Don't cache.
-	(kg_release_defcred): Delete; it's no longer used.
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Break into more
-	manageable pieces.  Clean up a few error condition memory leaks
-	previously obscured by the sheer size of this function.
-	(setup_enc): New function; used to be part of
-	krb5_gss_init_sec_context() responsible for setting up enctypes,
-	keyblocks, related nastiness.
-	(get_requested_enctypes): New function; used to be part of
-	krb5_gss_init_sec_context() responsible for pruning the krb5
-	library's default enctype list to the limited set of enctypes
-	usable with GSSAPI.
-	(new_connection): New function; used to be part of
-	krb5_gss_init_sec_context() responsible for initial gss_ctx setup
-	and creating the AP-REQ.
-	(mutual_auth): New function; used to be part of
-	krb5_gss_init_sec_context() responsible for reading the AP-REP if
-	mutual auth was requested.
-
-	* inq_cred.c (krb5_gss_inquire_cred): Rearrange due to removal of
-	kg_release_defcred(), particularly to explicitly release the
-	defcred once it's obtained.
-
-	* rel_cred.c (krb5_gss_release_cred): Remove call to
-	kg_release_defcred(), and always succeed in releasing the null
-	credential.
-
-	* set_ccache.c (gss_krb5_ccache_name): Remove call to
-	kg_release_defcred().
-
-2003-07-17  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (LIBNAME) [##WIN16##]: Don't define.
-
-2003-07-14  Tom Yu  <tlyu@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Call
-	TREAD_STR with correct arguments.  Patch from Emily Ratliff.
-
-2003-07-10  Tom Yu  <tlyu@mit.edu>
-
-	* acquire_cred.c (acquire_init_cred): Close the ccache if
-	krb5_cc_set_flags() fails, as krb5int_cc_default succeeds even if
-	the file is not there, but krb5_cc_set_flags will fail in turning
-	off OPENCLOSE mode if the file can't be opened.  Thanks to Kent Wu.
-
-2003-06-13  Tom Yu  <tlyu@mit.edu>
-
-	* init_sec_context.c (make_ap_req_v1): Free checksum_data if
-	needed, to avoid leaking memory.  Found by Kent Wu.
-	(krb5_gss_init_sec_context): Free default_enctypes to avoid
-	leaking returned value from krb5_get_tgs_ktypes.
-
-	* k5unseal.c (kg_unseal_v1): Explicitly set token.value to NULL if
-	token.length == 0, to avoid spurious uninitialized memory
-	references when calling memcpy() with a zero length.
-
-2003-05-13  Tom Yu  <tlyu@mit.edu>
-
-	* gssapi_krb5.h: Remove check for GSS_RFC_COMPLIANT_OIDS.
-
-2003-05-09  Tom Yu  <tlyu@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Rename
-	remote_subkey -> recv_subkey.
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Rename
-	local_subkey -> send_subkey.
-
-2003-03-14  Sam Hartman  <hartmans@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Set
-	prot_ready here
-
-	* init_sec_context.c (krb5_gss_init_sec_context):  Set prot_ready
-	after context established
-
-	* gssapiP_krb5.h (KG_IMPLFLAGS): Don't claim prot_ready until the
-	context is established  because we don't currently support it.  
-
-2003-03-06  Alexandra Ellwood  <lxs@mit.edu>
-
-    * disp_status.c, gssapi_krb5.h, gssapiP_krb5.h: 
-    Removed Mac header goober.
-
-2003-03-05  Tom Yu  <tlyu@mit.edu>
-
-	* acquire_cred.c (krb5_gss_register_acceptor_identity): New
-	function.  Allows global override of default keytab for
-	gss_acquire_cred() purposes.
-	(acquire_accept_cred): Implement override.
-
-	* gssapi_krb5.h: Add krb5_gss_register_acceptor_identity.
-
-2003-03-04  Sam Hartman  <hartmans@mit.edu>
-
-	* accept_sec_context.c (rd_and_store_for_creds): Do not expect sequence number in incoming krb_cred message.
-
-2003-03-02  Sam Hartman  <hartmans@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Deal with
-	creds without rcache available.  They will be slower.
-
-	* add_cred.c (krb5_gss_add_cred): Deal with princ being null
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Populate
-	ctx->here from ticket->server instead of cred->princ.  If
-	cred->princ exists it will be the same, but the previous change
-	may make it null
-
-	* inq_cred.c (krb5_gss_inquire_cred): Allow for null princ
-	component of credentials
-
-	* acquire_cred.c: When acquiring acceptor credentials, allow
-	GSS_C_NO_NAME to mean that we accept any credential.  In this case
-	we do not look to see if the principal is found in the keytab and
-	we leave princ null in the context.  This means you get
-	GSS_C_NO_NAME out from inquire_cred.   If cred->princ is null
-	don't set up a rcache
-
-2003-03-01  Tom Yu  <tlyu@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Don't
-	validate verifier_cred_handle if GSS_C_NO_CREDENTIAL is passed in.
-
-2003-02-25  Tom Yu  <tlyu@mit.edu>
-
-	* set_ccache.c (gss_krb5_ccache_name): Don't return a pointer to
-	freed memory.
-
-2003-02-24  Tom Yu  <tlyu@mit.edu>
-
-	* gssapi_krb5.c (kg_get_defcred): Revert previous; it's probably
-	not appropriate for inquire_cred() to cause new credentials to be
-	fetched.
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Explicitly
-	release default cred in the NO_CREDENTIAL case, so it is always
-	refreshed.
-
-2003-02-21  Tom Yu  <tlyu@mit.edu>
-
-	* gssapi_krb5.c (kg_get_defcred): Check for invalid or expired
-	defcred if it exists, and call acquire_cred() again if necessary.
-
-2003-02-13  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in ($(GSSAPI_KRB5_HDR)): Use $(S) to avoid problems on
-	windows.
-
-2003-02-12  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in (includes): Delete gssapi_krb5.h rule.
-	($(GSSAPI_KRB5_HDR)): Add command to create header directory if
-	needed.
-	(all-unix): Add $(GSSAPI_KRB_HDR).
-
-2003-02-09  Ezra Peisach  <epeisach@bu.edu>
-
-	* init_sec_context.c (make_ap_req_v1): Unsigned/signed cleanup.
-
-2003-01-10  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in: Add AC_SUBST_FILE marker for libobj_frag.
-
-2003-01-07  Sam Hartman  <hartmans@mit.edu>
-
-	* init_sec_context.c (make_gss_checksum): New function to
-	construct the checksum in the authenticator, used directly  or
-	indirectly depending on whether krb5_cred is encrypted.
-	(make_ap_req_v1): use it
-
-2003-01-07  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.original: Deleted.
-
-2002-11-15  Ezra Peisach  <epeisach@bu.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Use unsigned
-	lengths for arguments to g_token_size and g_make_token_header.
-
-	* export_name.c (krb5_gss_export_name): Change local length
-	variable to unsigned.
-
-	* k5unseal.c (kg_unseal_v1): Seqnum variable changed from
-	krb5_int32 to krb5_ui_4.
-
-	* k5seal.c (make_seal_token_v1): Change seqnum argument to
-	krb5_ui_4 from krb5_int32 to match krb5_gss_ctx_id_rec struct.
-
-	* gssapiP_krb5.h, util_crypt.c, util_seqnum.c: kg_make_seq_num(),
-	kg_get_seq_num() changed to use krb5_ui_4 for sequence
-	numbers. kg_encrypt(), kg_decrypt() length argument now unsigned.
-
-2002-10-07  Sam Hartman  <hartmans@mit.edu>
-
-	* Makefile.in :  Add install-headers support
-
-2002-08-29  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-27  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in ($(GSSAPI_KRB5_HDR)): Quote target of copy.
-
-2002-08-23  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-07-15  Ezra Peisach  <epeisach@bu.edu>
-
-	* k5unseal.c (kg_unseal): Pass unsigned int * instead of int *
-	length return argument to g_verify_token_header.
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Pass
-	OM_uint32 * instead of krb5_error_code * to krb5_gss_release_cred.
-
-2002-07-14  Alexandra Ellwood <lxs@mit.edu>
-
-	* gssapi_krb5.h: Added #include of gssapi.h and gssapi_generic.h
-	for the Mac because we can't assume people will include them and
-	get the OID macro and the old names on the Mac.
-
-	* disp_status.c: Updated Mac OS X header paths.
-
-	* gssapiP_krb5.h: Updated Mac OS X header paths and added
-	prototype on Mac.
-
-	* gssapi_krb5.h: Updated Mac OS X headers to new framework layout
-
-	[pullups from 1-2-2-branch]
-
-2002-07-14  Miro Jurisic  <meeroh@mit.edu>
-
-	* gssapi_krb5.h, gssapi_krb5.c: Added oids from rfc 1964 using the
-	suggested names.
-	[pullup from 1-2-2-branch]
-
-2002-07-12  Ken Raeburn  <raeburn@mit.edu>
-
-	* accept_sec_context.c (rd_and_store_for_creds): Remove
-	registration of memory ccache type.  Don't declare krb5_mcc_ops.
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Instead of
-	asking for the enctypes supported by the GSS code, use that set as
-	a filter on the default enctypes and use the resulting list.
-	(make_ap_req_v2): Delete unused function.
-
-	* k5mech.c, pname_to_uid.c, util_ctxsetup.c: Deleted.
-	* Makefile.in (SRCS, OBJS, STLIBOBJS): Don't compile
-	util_ctxsetup.c.
-	* rel_oid.c (krb5_gss_internal_release_oid): Now static.
-	* util_crypt.c (kg_encrypt_size): Function deleted.
-	* gssapiP_krb5.h (struct kg2_option, kg2_parse_token,
-	kg2_intersect_ctypes, krb5_gss_internal_release_oid,
-	kg_encrypt_size): Declarations deleted.
-
-2002-07-01  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapi_krb5.c (gss_mech_krb5_v2, gss_mech_set_krb5_v2,
-	gss_mech_set_krb5_v1v2): Delete variables.
-	* gssapi_krb5.h (gss_mech_krb5_v2, gss_mech_set_krb5_v2,
-	gss_mech_set_krb5_v1v2): Delete declarations.
-	* add_cred.c (krb5_gss_add_cred): Delete uses of them.
-	* canon_name.c (krb5_gss_canonicalize_name): Ditto.
-	* disp_status.c (krb5_gss_display_status): Ditto.
-	* indicate_mechs.c (krb5_gss_indicate_mechs): Ditto.
-	* inq_cred.c (krb5_gss_inquire_cred_by_mech): Ditto.
-	* inq_names.c (krb5_gss_inquire_names_for_mech): Ditto.
-	* rel_oid.c (krb5_gss_internal_release_oid): Ditto.
-
-	* accept_sec_context.c (rd_and_store_for_creds): Extra parens
-	around assignments to quiet gcc.
-	(krb5_gss_accept_sec_context): Fix some type mismatches between
-	OM_uint32 and krb5_error_code.
-	* k5unseal.c (kg_unseal_v1): Move a variable declaration and
-	assignment to fix gcc "possibly uninitialized" warning.
-	* init_sec_context.c (get_credentials): Delete unused variable.
-
-2002-03-03  Sam Hartman  <hartmans@mit.edu>
-
-	* accept_sec_context.c (rd_and_store_for_creds): Patch from Steven
-	Michaud <smch@midway.uchicago.edu>  to accept encrypted or
-	unencrypted credentials.  This is important because Heimdal (and
-	sometimes Microsoft) send encrypted credentials.
-
-2001-11-18  Sam Hartman  <hartmans@mit.edu>
-
-	* init_sec_context.c (get_credentials): Override
-	default_tgs_enctypes rather than looping over credentials.  Avoids
-	hits on the KDC.
-
-2001-10-30  Ezra Peisach  <epeisach@mit.edu>
-
-	* k5unseal.c: Fix whitespace in copyright message.
-
-	* k5seal.c (make_seal_token_v1): Cleanup code for mic
-	tokens. Essentially revert code to Sam's 10/25 code, with one
-	correction - allocation of data_ptr - use msglen and not tmsglen.
-	Additionally, do not rely on malloc(0) being non-NULL. 
-	
-2001-10-27  Sam Hartman  <hartmans@mit.edu>
-
-	* k5seal.c (make_seal_token_v1): Use usage 15 only for mic tokens,
-	not for seal tokens without encryption
-
-2001-10-26  Ezra Peisach  <epeisach@mit.edu>
-
-	* k5seal.c (make_seal_token_v1): Correct errors in code pertaining
-	to case when signing message only. Fixes buffer overflows as found
-	by gssapi dejagnu testsuite.
-
-2001-10-25  Sam Hartman  <hartmans@mit.edu>
-
-	* k5unseal.c (kg_unseal_v1): same here.
-
-	* k5seal.c (make_seal_token_v1): Factor out usage type we claim
-	for signatures so we can do something different for  hmac-md5.
-	Microsoft uses a different usage number for  mic tokens and wrap  tokens.
-
-	* k5unseal.c (kg_unseal_v1):  Add arcfour checksum and decrypt support
-
-	* util_seqnum.c (kg_get_seq_num): support arcfour_hmac
-
-	* k5unseal.c (kg_unseal_v1): Get the sequence number before
-	decrypting the token so we can use it to decrypt arcfour 
-
-	* gssapiP_krb5.h util_crypt.c:  New function kg_arcfour_docrypt
-
-	* util_seqnum.c (kg_make_seq_num): Add rc4 support
-
-	* k5seal.c (make_seal_token_v1): Simplify logic significantly.
-	Don't worry so much about only allocating memory we use; allocate
-	a full token all the time  and only decide not to copy in data at
-	the last moment.  This significantly simplifies the control flow,
-	giving better testing coverage and allowing better reasoning about
-	the code. Add arcfour-hmac support
-
-	* util_crypt.c (kg_confounder_size): Special case arcfour to return 8
-
-2001-10-24  Sam Hartman  <hartmans@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Support rc4 enctype
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Support rc4 enctype
-
-	* gssapiP_krb5.h: Remove claim we don't support Microsoft sign alg
-
-2001-10-09  Ken Raeburn  <raeburn@mit.edu>
-
-	* gssapiP_krb5.h, gssapi_krb5.h, k5mech.c: Make prototypes
-	unconditional.
-
-2001-10-05  Ken Raeburn  <raeburn@mit.edu>
-
-	* accept_sec_context.c, gssapiP_krb5.h, import_sec_context.c,
-	krb5_gss_glue.c: Don't explicitly declare pointers FAR any more.
-
-	* pname_to_uid.c: Drop _MSDOS support.
-
-2001-10-04  Tom Yu  <tlyu@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Ignore
-	unrecognized options properly. [krb5-libs/738]
-
-2001-10-03  Ken Raeburn  <raeburn@mit.edu>
-
-	* copy_ccache.c, get_tkt_flags.c, gssapi_krb5.h, krb5_gss_glue.c,
-	set_ccache.c: Don't use GSS_DLLIMP.
-
-2001-10-01  Tom Yu  <tlyu@mit.edu>
-
-	* accept_sec_context.c (rd_and_store_for_creds): Handle error
-	returns from krb5_rd_cred more sanely.
-
-2001-07-27  Danilo Almeida  <dalmeida@mit.edu>
-
-	* gssapi_krb5.h: Unmark gss_mech_krb5 variable as an import.
-
-2001-07-27  Danilo Almeida  <dalmeida@mit.edu>
-
-	* gssapi_krb5.h: Mark gss_mech_krb5 variable as an import.
-
-2001-07-25  Ezra Peisach  <epeisach@mit.edu>
-
-	* import_sec_context.c (krb5_gss_import_sec_context): Get rid of
-	variable set but never used.
-	* ser_sctx.c (kg_queue_internalize): Ditto
-	
-2001-07-04  Ezra Peisach  <epeisach@mit.edu>
-
-	* ser_sctx.c: Declare kg_oid_size and kg_queue_size static.
-
-2001-06-21  Ezra Peisach  <epeisach@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Do not
-	shadow local variable ptr.
-
-2001-06-22  Danilo Almeida  <dalmeida@mit.edu>
-
-	* util_crypt.c (kg_encrypt, kg_decrypt): Use free() instead of
-	krb5_free_data_contents().
-
-	* util_cksum.c (kg_checksum_channel_bindings): Make sure that
-	returned memory is allocated with xmalloc() so that caller can use
-	xfree() on it.
-
-	* k5unseal.c (kg_unseal_v1):  Use krb5_free_data_contents()
-	instead of xfree().
-
-	* k5seal.c (make_seal_token_v1): Use krb5_free_data_contents()
-	instead of xfree().
-
-	* init_sec_context.c (make_ap_req_v1): Use xfree() instead of
-	free() to be consistent with xmalloc() usage.  Use
-	krb5_free_data_contents() instead of xfree().
-
-	* disp_name.c (krb5_gss_display_name): Use
-	krb5_free_unparsed_name() instead of xfree().
-
-	* add_cred.c (krb5_gss_add_cred): Use xfree() instead of free() to
-	be consistent with xmalloc() usage.
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Remove
-	variables that were effectively unused.  Use
-	krb5_free_data_contents() instead of xfree() where appropriate.
-
-2001-06-20  Ezra Peisach  <epeisach@mit.edu>
-
-	* acquire_cred.c (acquire_init_cred): Include "k5-int.h" for
-	krb5int-cc_default() prototype.
-
-2001-06-18  Ezra Peisach  <epeisach@mit.edu>
-
-	* accept_sec_context.c acquire_cred.c import_sec_context.c
-	init_sec_context.c inq_cred.c: Cast const gss_OID to gss_OID for
-	gssapi functions which are not speced with const in the RFC.
-
-2001-06-07  Ezra Peisach  <epeisach@mit.edu>
-
-	* ser_sctx.c (kg_oid_internalize): Do away with local variable
-	that was set but never used.
-
-2001-06-04  Ezra Peisach  <epeisach@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Cleanup
- 	assignments in conditionals.
-	* k5seal.c (make_seal_token_v1): Likewise.
-
-2001-05-14  Ezra Peisach  <epeisach@mit.edu>
-
-	* wrap_size_limit.c (krb5_gss_wrap_size_limit): Get rid of unused
-	variable.
-
-	* util_ctxsetup.c (kg2_parse_token): Fix erroneous assignment in
-	conditional. (code not used in current tree). 
-
-	* util_seed.c, util_seqnum.c, util_crypt.c, util_cksum.c: Cleanup
-	up assignments in conditionals.
-
-	* ser_sctx.c (kg_queue_internalize): Get rid of unused variable.
-
-	* gssapiP_krb5.h: Renable prototype for krb5_gss_release_oid() as
-	code is back (since 1996).
-
-	* k5unseal.c (kg_unseal_v1): Declare internal function static.
-
-	* init_sec_context.c (make_ap_req_v2): Comment out non-referenced
-	function.
-
-	* gssapi_krb5.c: Include k5-int.h for krb5_ser_* prototypes.
-
-2001-04-24  Ezra Peisach  <epeisach@mit.edu>
-
-	* util_crypt.c (kg_make_confounder): Change variable random to
- 	lrandom to prevent shadowing of global function.
-
-2000-12-07  Ken Raeburn  <raeburn@mit.edu>
-
-	* k5seal.c (make_seal_token_v1): Use ANSI-style definition,
-	instead of K&R plus prototype.  Don't use too-big numbers even as
-	placeholders.
-
-	* accept_sec_context.c (rd_and_store_for_creds): After creating an
-	auth context, set flags to require sequence numbers.
-	(krb5_gss_accept_sec_context): Likewise.
-	* init_sec_context.c (krb5_gss_init_sec_context): Likewise.
-
-2000-10-04  Ezra Peisach  <epeisach@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): If an error
-	occurs after the auth_context is established, but before the
-	krb5_gss_ctx_id_rec is established, release our pointer to the
-	replay cache and invoke krb5_auth_con_free(). (krb5-libs/855)
-
-2000-10-03  Ezra Peisach  <epeisach@mit.edu>
-
-	* add_cred.c (krb5_gss_add_cred): krb5_cc_get_type() and
-	krb5_cc_get_name() return const char *. Cleanup assigments in
-	conditionals warnings.
-
-Fri Sep 22 12:05:31 2000  Ezra Peisach  <epeisach@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): When
- 	GCC_S_NO_CHANNEL_BINDINGS is set by the server, skip over the
- 	bindings sent from the client. RFC-1964 indicates that the
- 	client's channel bindings are always sent in checksum field and
- 	need to be accounted for, evn if the server does not care.
-
-2000-09-01  Jeffrey Altman <jaltman@columbia.edu>
-
-        * accept_sec_context.c: krb5_gss_accept_sec_context()
-        It has been determined by Martin Rex that Windows 2000 is incapable
-        of supporting channel bindings.   This caused us to examine the
-        various RFCs affecting FTP GSSAPI to determine whether or not
-        channel bindings were a MUST for implementation of the FTP GSSAPI
-        protocol.  It was determined that the channel binding facility as
-        described in RFC2743 is optional.  Therefore, we cannot assume
-        that all clients or servers will support it.  The code was updated
-        to allow GSS_C_NO_CHANNEL_BINDINGS when specified by either the
-        client or server to indicate that channel bindings will not be
-        used.
-
-2000-06-27  Tom Yu  <tlyu@mit.edu>
-
-	* init_sec_context.c (get_credentials): Add initial iteration of
-	krb5_get_credentials in order to differentiate between an actual
-	missing credential and merely a bad match based on enctype.  This
-	was causing problems with kadmin.
-
-2000-06-09  Tom Yu  <tlyu@mit.edu>
-	    Ken Raeburn  <raeburn@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Remove
-	explicit check of mech OID against credential.
-
-	* util_crypt.c (kg_encrypt): Copy ivec, since c_encrypt() now
-	updates ivecs.
-	(kg_decrypt): Copy ivec, since c_decrypt() now updates ivecs.
-
-	* init_sec_context.c (get_credentials): Don't check each enctype
-	against a list from the krb5 library; instead, just try to use it,
-	and go on to the next if the error code indicates we can't use it.
-
-	* gssapiP_krb5.h (enum qop): New type, derived from spec but
-	currently not used.
-	* util_crypt.c (kg_encrypt, kg_decrypt): Added key derivation
-	usage value as an argument.  Prototypes and callers updated; all
-	callers use KG_USAGE_SEAL, except KG_USAGE_SEQ when encrypting
-	sequence numbers.
-	* 3des.txt: New file.
-
-	* gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Delete field
-	gsskrb5_version.
-	(struct _krb5_gss_cred_id_rec): Delete field rfcv2_mech.
-	* accept_sec_context.c, acquire_cred.c, add_cred.c, inq_cred.c,
-	k5seal.c, k5unseal.c, ser_ctx.c:
-	Delete krb5-mech2 support.
-
-	* init_sec_context.c (get_credentials): Enctype argument is now a
-	pointer to a list of enctypes.  Explicitly try each in order until
-	success or an error other than cryptosystem not being supported.
-	(krb5_gss_init_sec_context): Pass list of cryptosystems, starting
-	with 3DES.
-
-	* gssapiP_krb5.h (enum sgn_alg, enum seal_alg): New types,
-	giving symbolic names for values from RFC 1964, a Microsoft win2k
-	I-D, and our proposed 3des-sha1 values.
-	(KG_USAGE_SEAL, KG_USAGE_SIGN, KG_USAGE_SEQ): New macros.
-
-	* accept_sec_context.c (rd_req_keyproc): Already-disabled routine
-	deleted.
-	(krb5_gss_accept_sec_context): Use sgn_alg and seal_alg symbolic
-	names.  Add a case for des3-hmac-sha1.
-	* k5seal.c (make_seal_token_v1): Likewise.  Do key derivation for
-	checksums.
-	* k5unseal.c (kg_unseal_v1): Likewise.
-	* util_crypt.c (kg_encrypt, kg_decrypt): Do key derivation for
-	encryption.
-
-	* util_crypt.c (zeros): Unused variable deleted.
-
-	* wrap_size_limit.c: Remove mech2 support.  Add MIT copyright.
-
-2000-06-09  Nalin Dahyabhai  <nalin@redhat.com>
-
-	* add_cred.c (krb5_gss_add_cred): Don't overflow buffers "ktboth"
-	or "ccboth".
-
-2000-05-31  Wilfredo Sanchez  <tritan@mit.edu>
-
-	* accept_sec_context.c, gssapiP_krb5.h, init_sec_context.c,
-	k5unseal.c, util_cksum.c, util_crypt.c, util_seed.c: Check for
-	existance of <memory.h>.
-	[from Nathan Neulinger <nneul@umr.edu>]
-
-2000-5-19	Alexandra Ellwood <lxs@mit.edu>
-
-	* acquire_cred.c: Changed to use krb5int_cc_default.  This function 
-	supports the Kerberos Login Library and pops up a dialog if the cache does 
-	not contain valid tickets.  This is used to automatically get a tgt before
-	obtaining service tickets.  Note that this should be an internal function
-	because callers don't expect krb5_cc_default to pop up a dialog!
-	(We found this out the hard way :-)
-
-2000-04-08  Tom Yu  <tlyu@mit.edu>
-
-	* wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix up
-	wrap_size_limit() to deal with integrity wrap tokens properly.
-	The rfc1964 mech always pads and confounds regardless of whether
-	confidentiality is requested.
-
-2000-01-27  Ken Raeburn  <raeburn@mit.edu>
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Default to
-	des-cbc-crc.
-
-1999-10-26  Ken Raeburn  <raeburn@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Get rid of
-	unused variables 'err' and 'enctype'.
-
-	* k5seal.c (make_integ_token_v2): Set 'code' when malloc fails.
-
-1999-10-26  Wilfredo Sanchez  <tritan@mit.edu>
-
-	* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
-	LOCAL_INCLUDES such that one can override CFLAGS from the command
-	line without losing CPP search patchs and defines. Some associated
-	Makefile cleanup.
-
-Wed May 19 13:21:55 1999  Danilo Almeida  <dalmeida@mit.edu>
-
-	* Makefile.in: Improve rule to create gssapi include dir under
-		windows.
-
-Wed May 19 11:40:52 1999  Danilo Almeida  <dalmeida@mit.edu>
-
-	* Makefile.in: Add windows build rules for putting header files in
-		include dir.
-
-Mon May 10 15:22:27 1999  Danilo Almeida  <dalmeida@mit.edu>
-
-	* Makefile.in: Do win32 build in subdir.
-
-Fri Apr 30 12:27:14 1999  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* set_ccache.c (gss_krb5_ccache_name): Add call to free the
-		default credential changing the ccache name.
-
-Thu Apr 29 18:02:00 1999  Miro Jurisic  <meeroh@mit.edu>
-
-	* gssapi_krb5.h: Remove gssapi_generic.h includes because
-		this header file is public interface and gssapi_generic.h
-		isn't and shouldn't be included by clients.
-
-Fri Apr 23 00:31:17 1999  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix wrap_size
-		limit so that it correctly calculates its results, and
-		underestimates the correct size instead of overestimating
-		it, and not returning zero all the time.  (Which it used
-		to do after the March 25 fix.)
-
-Sat Apr 17 01:23:57 1999  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* gssapi_krb5.h, copy_ccache.c, get_tkt_flags.c, set_ccache.c:
- 		Make the krb5 extension functions exportable in a Windows
- 		DLL.
-
-Fri Mar 26 22:17:20 1999  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* acquire_cred.c (krb5_gss_acquire_cred): Don't use strcmp to
- 		compare against principal components (they aren't null
- 		terminated!)
-
-Thu Mar 25 22:43:54 1999  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* gssapi_krb5.c: Rearrange OID's so that the V1V2 mechanism set
-		returns all three mechanism ID's recognized by this
-		implementation, with the RFC1964 OID first (and thus
-		preferred). 
-
-	* import_sec_context.c (krb5_gss_convert_static_mech_oid): Make
-		the old convert_static_oid() function globally accessible
-		with a namespace compliant name, since init_sec_context()
-		needs to be able to use this function.
-
-	* indicate_mechs.c (krb5_gss_indicate_mechs): Return the v1v2
-		mechanism set OID, since we should return all the
-		mechanisms that we support.
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Make
- 		ctx->mech_used use a static OID, since it is returned by
- 		gss_inquire_context which must return a static OID.
-
-	* wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix bug where we
-		would overestimate the size of the allowable input message
-		by one byte, because we weren't passing the right estimate
-		of the wrapped data to g_token_size().
-
-1999-03-14  Miro Jurisic  <meeroh@mit.edu>
-
-	* gssapi_krb5.h: added extern "C" for C++ friendliness
-
-1999-03-14  Miro Jurisic  <meeroh@mit.edu>
-
-	* set_ccache.c (gss_krb5_ccache_name): Now compiles
-
-1999-03-11  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* set_ccache.c (gss_krb5_ccache_name): Added new Krb5 specific
-		interface to set the default credentials cache name.
-
-1999-02-19  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in (DLL_FILE_DEF): Tell the Makefile template that we
-		are building object files for the GSSAPI DLL.
-
-	* krb5_gss_glue.c: Change use of KRB5_DLLIMP to be GSS_DLLIMP.
-
-Mon Dec 21 19:50:04 1998  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Eliminate
- 		double free of ap_req.data, and initialize ctypes to be
- 		NULL to avoid freeing a pointer to stack garbage when
- 		doing a V1 mechanism accept_sec_contxt.
-
-	* init_sec_context.c: Re-arrange program logic to simplify and
-		factor out code; fix gss_init_sec_context() so that if the
-		default OID is passed to the init_sec_context, it will use
-		the V1 mechanism if a single DES enctype is used.   Error
-		handling was revamped to make it simpler and cleaner, and
-		to assure that we don't have memory leaks on error returns.
-
-1998-11-13  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Set the myfulldir and mydir variables (which are
-		relative to buildtop and thisconfigdir, respectively.)
-
-Fri Nov  6 09:19:23 1998  Ezra Peisach  <epeisach@mit.edu>
-
-	* k5unseal.c (kg2_unwrap_integ): Handle case of malloc(0)
-	returning NULL.
-
-1998-10-27  Marc Horowitz  <marc@mit.edu>
-
-	* Makefile.in, accept_sec_context.c, acquire_cred.c, canon_name.c,
-	delete_sec_context.c, disp_status.c, gssapiP_krb5.h,
-	gssapi_err_krb5.et, gssapi_krb5.c, gssapi_krb5.h,
-	init_sec_context.c, inq_cred.c, inq_names.c, k5seal.c, k5unseal.c,
-	rel_oid.c, ser_sctx.c, util_cksum.c, util_crypt.c, util_seed.c,
-	util_seqnum.c, wrap_size_limit.c: convert to new crypto api.
-	Implement new krb5 v2 gssapi mechanism.
-
-	* add_cred.c, util_ctxsetup.c: New files needed to implement the
-	krb5 v2 mech.
-
-Mon Sep 21 00:32:28 1998  Tom Yu  <tlyu@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Free authdat
-	even on success to avoid a memory leak.
-
-	* util_cksum.c (kg_checksum_channel_bindings): Fix memory leak by
- 	not allocating cksum->contents unless we have to return a
- 	zero-filled one.
-
-	* k5unseal.c (kg_unseal_v1): Fix memorly leak by not allocating
-	md5cksum.contents.
-
-	* k5seal.c (make_seal_token_v1): Fix memory leak by not allocating
-	md5cksum.contents.
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Only free
-	ap_req.data if it was allocated by kg2_parse_token(), otherwise we
-	lose very badly trying to free the middle of a potentially
-	malloc()'ed block, possibly coredumping.
-
-Thu Sep  3 19:35:44 1998  Tom Yu  <tlyu@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Fix typo;
-	bash the enctype in ctx->subkey->enctype rather than just
-	"enctype", which nothing checks.
-
-Fri Jul 24 21:13:53 1998  Tom Yu  <tlyu@mit.edu>
-
-	* wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix to round down
-	by 8 even if the req_output_size-ohlen is a multiple of 8, since
-	the wrap token is always padded regardless of whether it's a
-	mutiple of 8 bytes.
-
-1998-06-08  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* k5unseal.c (kg_unseal):  Clean up lint warnings.
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Don't return
-		an error token if we can't provide the server name to the
-		KRB5 error structure (because cred isn't initialized).
-
-	* gssapi_krb5.c, gssapi_krb5.h: Export the oid of static
-		arrays as krb5_gss_oid_array since it's needed by
-		gss_import_sec_context.
-
-	* import_sec_context.c: Fix up the OID of the mechanism in the
-		imported security context so that we use the static
-		OID if at all possible.  This is needed since
-		gss_inquire_context() must return a static OID.
-
-Sun May 24 21:57:03 1998  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* import_name.c (krb5_gss_import_name): Fix typo which caused
- 		import_name to incorrectly import names produced by
- 		gss_export_name().
-
-1998-05-24  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* copy_ccache.c (gss_krb5_copy_ccache): Fix bugs in copy_ccache.c,
-		which never compiled cleanly (since it wasn't added to the
-		Makefile correctly originally).
-
-	* k5seal.c (make_seal_token): Clean up -Wall flames
-
-1998-05-18  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* inq_cred.c (krb5_gss_inquire_cred): 
-	* inq_context.c (krb5_gss_inquire_context): 
-	* import_name.c (krb5_gss_import_name): 
-	* export_name.c (krb5_gss_export_name): 
-	* disp_name.c (krb5_gss_display_name): 
-	* context_time.c (krb5_gss_context_time): 
-	* acquire_cred.c (krb5_gss_acquire_cred): Clean up -Wall flames.
-
-	* indicate_mechs.c (krb5_gss_indicate_mechs): Return a dynamic OID
-		set.
-
-Fri Feb 27 18:41:08 1998  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* export_name.c (krb5_gss_export_name): Fix bug in
- 	 	gss_export_name.  The 2nd length field in the ASN.1 was 2
- 	 	bytes bigger than it should have been.
-
-Wed Feb 18 16:12:14 1998  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in: Remove trailing slash from thisconfigdir.  Fix up
-	BUILDTOP for new conventions.
-
-Fri Feb 13 13:23:18 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Don't
-		restrict mechanisms when accepting contexts.  (Allow
-		either pre-RFC or RFC-based mechanisms)
-
-Thu Feb 12 16:38:14 1998  Tom Yu  <tlyu@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Add lots of
-	explicit assignments to major_status to ensure that we actually
-	return an error when we mean to.  This was previously preventing
-	gssrpc authentication with the old ovsec_kadm interface from
-	working because the gssrpc server side functions were failing to
-	loop over a set of supplied credentials.
-
-	* init_sec_context.c: KLUDGE!! Add global variable
-	krb5_gss_dbg_client_expcreds to allow the client library to send
-	expired credentials for testing and debugging purposes.
-
-Mon Feb  2 17:02:29 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
-Wed Jan 28 16:57:05 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* configure.in, Makefile.in: Remove use of CopySrcHeader from
-		configure.in and move functionality to Makefile.in
-
-Thu Feb  5 22:39:44 1998  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix bug where if
-		the output header size is greater than the maximum
-		requested output size, return 0 rather than a very large
-		unsigned number.  :-)
-
-Fri Jan 30 23:07:40 1998  Tom Yu  <tlyu@mit.edu>
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Actually
-	initialize now before calling make_ap_req.
-
-Thu Jan 29 20:08:02 1998  Dan Winship  <danw@mit.edu>
-
-	* accept_sec_context.c (rd_and_store_for_creds): Don't mess with
-	krb5_cc_default--use a new mem-based ccache.
-
-	* Makefile.in: 
-	* gssapi_krb5.h: 
-	* copy_ccache.c (gss_krb5_copy_ccache): Routine to copy a
-	gss_cred_id_t (such as a forwarded creds) into an existing
-	krb5_ccache.
-
-Fri Jun 27 08:37:11 1997  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Will now
- 		obtain default credentials if no credentials are given.
-
-Wed Dec  3 02:16:18 1997  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* init_sec_context.c (make_ap_req): Enforce a stricter requirement
-		on the ticket expiration time of the credentials, since
-		accept_sec_context doesn't use the timeskew fudge for
-		checking ticket expirations.
-		(krb5_gss_init_sec_context): Return GSS_S_NO_CRED when
-		appropriate. 
-
-Wed Jan 21 19:14:09 1998  Tom Yu  <tlyu@mit.edu>
-
-	* gssapiP_krb5.h: Add rcache member to the creds
-	structure. [krb5-libs/370]
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Actually set
-	an rcache in auth context from the one saved in the creds
-	structure. [krb5-libs/370]
-
-	* acquire_cred.c (acquire_accept_cred): Set up an rcache for use
-	later. [krb5-libs/370]
-
-	* delete_sec_context.c (krb5_gss_delete_sec_context): Don't delete
-	the rcache when freeing the auth_context. [krb5-libs/370]
-
-	* rel_cred.c (krb5_gss_release_cred): Properly close the
-	rcache. [krb5-libs/370]
-
-Mon Dec 29 10:30:43 1997  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* Makefile.in (OBJS): Changed val_cred.$(OBJECT) to
-	        val_cred.$(OBJEXT) for windows building.
-
-Sun Dec  7 10:42:32 1997  Ezra Peisach  <epeisach@mit.edu>
-
-	* val_cred.c (krb5_gss_validate_cred): Free principal extracted
-		from credential cache when finished.
-
-Sat Nov 15 20:14:05 1997  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context), 
-	  init_sec_context.c (krb5_gss_init_sec_context),
-	  inq_cred.c (krb5_gss_inquire_cred): Call krb5_gss_validate_cred
-	  	to make sure the credential handle is still valid.
-
-	* val_cred.c (krb5_gss_validate_cred): New file which validates
-		the credential to make sure it is valid, including
-		checking to make sure the credentials cache still points
-		at the same krb5 principal as it did before.
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Return
- 		GSS_S_FAILURE if a non-NULL context handle is passed to
- 		it.
-
-Thu Sep 18 17:55:09 1997  Tom Yu  <tlyu@mit.edu>
-
-	* acquire_cred.c: Replace USE_STRING_H with something more sane.
-
-	* import_name.c: Replace USE_STRING_H with something more sane.
-
-Tue Jul 29 22:56:04 1997  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* inq_names.c (krb5_gss_inquire_names_for_mech): Add the 
- 		the new OID value for the host-based service name and 
- 		the exported name OID to the list of OID's supported by
-		this mechanism.
-	
-	* import_name.c (krb5_gss_import_name): Add support for the new
-		OID value for the host-based service name.
-
-Mon Jul 21 20:32:14 1997  Ezra Peisach  <epeisach@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Initialize
-		ctx before referenced in failure cases.
-
-Tue Jul 15 22:05:21 1997  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Always copy the
-		mechtype so that delete_sec_context() can safely release
-		the OID without smashing memory passed in by the application.
-
-Mon Jun 30 14:05:51 1997  Kevin L Mitchell  <klmitch@mit.edu>
-
-	* accept_sec_context.c: added code to return a valid delegated
-		credential handle if credentials were delegated.  The
-		GSS_C_DELEG_FLAG from the client is ignored, and the
-		option is only set if the client actually delegated
-		credentials.
-
-Fri Jun  6 15:26:27 1997  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Reorganized
- 		error handling code to be more compact (and correct!).  If
- 		an error occurs while we are doing mutual authentication,
- 		send an KRB_ERROR message back to the client, so that it
- 		knows what is going on.  (This is specified by RFC 1964;
- 		we just weren't implementing this previously.)
-           
-	* delete_sec_context.c (krb5_gss_delete_sec_context): Check to
- 		make sure pointers in the context are non-zero before
- 		freeing them.
-
-	* init_sec_context.c (krb5_gss_init_sec_context): If the server
-		sends a KRB_ERROR message, decode it and return an
-		appropriate minor status error code.
-
-Mon Mar 31 21:22:19 1997  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* krb5_gss_glue.c: Add GSSAPI V2 calls to the glue layer.
-
-Fri Mar 28 03:52:14 1997  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* import_name.c (krb5_gss_import_name): Add support for importing
-		the exported name call
-
-	* export_name.c (krb5_gss_export_name): Fix export_name emit the token
-		exactly as specified by RFC 2078.
-
-Thu Mar 27 15:52:04 1997  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Add canon_name.c, duplicate_name.c, export_name.c
-		to the GSSAPI library.
-	
-	* canon_name.c (krb5_gss_canonicalize_name): New GSSAPI V2 function
-
-	* duplicate_name.c (krb5_gss_duplicate_name): New GSSAPI V2 function
-
-	* export_name.c (krb5_gss_export_name): New GSSAPI V2 function
-
-	* gssapiP_krb5.h (KG_IMPLFLAGS): Add support for
-		GSS_C_PROT_STATE_READY and GSS_C_TRANS_FLAG
-
-Tue Mar 25 01:00:55 1997  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* init_sec_context.c (krb5_gss_init_sec_context): A zero-length
-		token should be treated like a GSS_C_NO_BUFFER during the
-		initial context establishment.  [krb5-libs/352]
-
-Sat Feb 22 18:59:42 1997  Richard Basch  <basch@lehman.com>
-
-	* Makefile.in: Use some of the new library list build rules in
-		win-post.in
-
-Wed Feb  5 20:27:50 1997  Richard Basch  <basch@lehman.com>
-
-	* util_crypt.c: Include k5-int.h as we need to dereference
-		the _cryptosystem_entry element of the krb5_encrypt_block.
-
-	* acquire_cred.c (acquire_accept_cred): Removed unused local variable
-
-Tue Feb  4 15:56:01 1997  Richard Basch  <basch@lehman.com>
-
-	* Makefile.in: Only override the object build of the error table
-		under Unix
-
-Tue Jan 14 20:20:10 1997  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in:
-	* configure.in: Update to new library build procedure.
-
-Wed Dec  4 13:06:13 1996  Barry Jaspan  <bjaspan@mit.edu>
-
-	* acquire_cred.c (acquire_accept_cred): use krb5_kt_get_entry
- 	instead of scanning through keytab to find matching principal
- 	[krb5-libs/210]
-
-Thu Nov 21 11:55:16 EST 1996    Richard Basch   <basch@lehman.com>
-
-        * Makefile.in: win32 build
-
-	* gssapiP_krb5.h krb5_gss_glue.c:
-	DLL export all public GSSAPI interfaces; adjusted some other
-	declarations accordingly (KRB5_CALLCONV, FAR keywords added)
-
-Wed Nov 20 19:55:29 1996  Marc Horowitz  <marc@cygnus.com>
-
-	* init_sec_context.c (make_ap_rep, krb5_gss_init_sec_context),
- 	accept_sec_context.c (krb5_gss_accept_sec_context): fix up use of
- 	gss flags.  under some circumstances, the context would not have
- 	checked for replay or sequencing, even if those features were
-	requested.
-
-	* init_sec_context.c (make_ap_req), (krb5_gss_init_sec_context):
- 	If delegation is requested, but forwarding the credentials fails,
-	instead of aborting the context setup, just don't forward
-	credentials.
-
-	* gssapiP_krb5.h (krb5_gss_ctx_id_t), ser_sctx.c
- 	(kg_ctx_externalize, kg_ctx_internalize), init_sec_context.c
- 	(krb5_gss_init_sec_context), get_tkt_flags.c
- 	(gss_krb5_get_tkt_flags), accept_sec_context.c
- 	(krb5_gss_accept_sec_context): rename ctx->flags to
- 	ctx->krb_flags, to disambiguate it from ctx->gss_flags
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): If the subkey
-	isn't present in the authenticator, then use the session key
-	instead.
-
-Sat Oct 19 00:38:22 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* ser_sctx.c (kg_oid_externalize, kg_oid_internalize,
- 		kg_oid_size): Add a GSSAPI OID magic number to the
- 		externalized OID, so that if the OID is skipped, (it is
- 		optional), the serialization code can resyncronize if
- 		necessary.
-		(kg_queue_internalize, kg_queue_externalize,
- 		kg_queue_size): New functions to externalize the gssapi
- 		queue.
-		(kg_ctx_size, kg_ctx_exteranlize, kg_ctx_import): Changed
- 		to include the mech_used field and to include the auth
- 		context.
-
-	* gssapi_krb5.c (kg_get_context): Add calls to correctly
- 		initialize the serializers needed by import and export sec
- 		context.
-
-	* delete_sec_context.c (krb5_gss_delete_sec_context): Remember to
-		release the mech_used OID if necessary!
-
-Wed Oct 16 17:53:17 1996  Marc Horowitz  <marc@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): return an
- 	error if the ticket endtime is in the past.  also, cleaned up
- 	some error cleanup code.
-
-Thu Oct 10 13:50:49 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* acquire_cred.c (krb5_gss_acquire_cred): Don't let the "timeleft"
- 		returned by krb5_gss_acquire_cred be negative!
-
-Wed Oct  9 18:02:43 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* gssapi_krb5.c: Definition of gss_nt_krb5_name was incorrect;
-		someone was being a bonehead.
-
-Wed Aug 28 17:45:55 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* util_cksum.c (kg_checksum_channel_bindings): Fix stupid bug;
-		don't free buf before it's allocated!
-
-Thu Aug 15 20:52:37 1996  Sam Hartman  <hartmans@tertius.mit.edu>
-
-	* init_sec_context.c (make_ap_req): Require des-cbc-crc for now;
-        DES3 support is broken.
-
-Fri Aug  2 13:40:16 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* acquire_cred.c (krb5_gss_acquire_cred): Add const to local
-		variable which is pointing to const data.
-
-Fri Jul 26 16:58:31 1996  Tom Yu  <tlyu@voltage-multiplier.mit.edu>
-
-	* Makefile.in (OBJS): Remove trailing backslash on a comment; it
-		was keeping HDRS from getting set.
-
-Fri Jul 26 00:40:43 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* configure.in: Add AC_PROG_INSTALL, since it's needed for a "make
-		install"
-
-Thu Jul 25 20:21:33 1996  Tom Yu  <tlyu@voltage-multiplier.mit.edu>
-
-	* Makefile.in: remove trailing backslash from comment under SRCS
-		because it was causing line that set OBJS variable to
-		become part of a comment
-
-Thu Jul 25 02:08:17 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Fixed error
- 		checking so that if you pass a bad mechanism type, it
- 		*will* get flagged as an error.
-
-Wed Jul 24 22:54:37 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* acquire_cred.c (krb5_gss_acquire_cred): Initialize variable
-		before use if GSS_C_NULL_OID_SET.
-
-Wed Jul 24 19:40:55 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* rel_oid.c (krb5_gss_release_oid): 
-	* krb5_gss_glue.c(gss_release_oid): Re-enable function
-
-	* ser_sctx.c (kg_oid_externalize): Add proper return code
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): 
-	* init_sec_context.c (krb5_gss_init_sec_context): Test (gss_flags &
-		XXXX) against 0 so that we pass a int value to
-		g_order_init.  Needed since int is 16 bits for Win16 build.
-
-Tue Jul 23 22:35:53 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* Makefile.in (all-windows): Fix broken Windows commands to copy
-		gssapi_krb5.h to include/gssapi.
-
-	* gssapiP_krb5.h: Must include k5-int.h on Windows and Macintosh
-		builds. 
-
-Thu Jul 18 19:48:48 1996  Marc Horowitz  <marc@mit.edu>
-
-	* init_sec_context.c (krb5_gss_init_sec_context),
- 	accept_sec_context.c (krb5_gss_accept_sec_context): ifdef'd out
- 	reference to 3des.
-
-Fri Jul  5 15:27:29 1996  Marc Horowitz  <marc@mit.edu>
-
-	* gssapi_krb5.h: Add declarations for _old mech set, and _both
- 	mech set
-
-Thu Jun 20 23:15:57 1996  Marc Horowitz  <marc@mit.edu>
-
-	* ser_sctx.c (kg_oid_size, kg_ctx_size): pull the oid-related code
- 	out of kg_ctx_size into kg_oid_size.
-	
-	* k5unseal.c (kg_unseal), k5seal.c (make_seal_token): == cannot be
- 	used to compare oid's.  The g_OID_equal macro must be used.
-
-	* init_sec_context.c (make_ap_req, krb5_gss_init_sec_context): -
- 	gss_init_sec_context should use the mech set in the credential.
-  	If the default mech is requested, but the old mech oid was
- 	explicitly passed to gss_acquire_cred, then the context should be
- 	the old mech, otherwise, the new mech.  If a mech was requested
- 	explicitly, then the code should insure that the credential is
- 	compatible.
-
-	* acquire_cred.c (krb5_gss_acquire_cred), gssapiP_krb5.h (struct
- 	_krb5_gss_cred_it_rec), gssapi_krb5.c (gss_mech_set_krb5*),
- 	inq_cred.c (krb5_gss_inquire_cred): gss_acquire_cred needs to be
- 	able to deal with both mech oid's.  It should return in
- 	actual_mechs the intersection of the set passed in and the
- 	{old,new} mechs, or if the default was requested, it should return
- 	both mech oid's.  This state should be stored in the credential
- 	handle, and regurgitated by gss_inquire_cred.
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): make sure
- 	that the oid in the token is compatible with the mechanisms
- 	specified by the credential.
-
-Thu Jun 13 22:11:30 1996  Tom Yu  <tlyu@voltage-multiplier.mit.edu>
-
-	* configure.in: remove ref to ET_RULES
-
-Wed Jun 12 00:48:32 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Update special rule for gssapi_err_krb5.obj so that
-		it uses the right Win-32 library command.
-
-	* pname_to_uid.c: Add #ifdef _WIN32 in places where we had #ifdef
-	 	_MSDOS
-
-Fri Jun  7 14:52:56 1996  Kevin L Mitchell  <klmitch@mit.edu>
-
-	* accept_sec_context.c, init_sec_context.c, inq_context.c,
- 		gssapiP_krb5.h: changed `mutual' element of struct
-		_krb5_gss_ctx_id_rec into more general `gss_flags' and
-		updated functions that process it
-
-Tue May 14 19:09:49 1996  Richard Basch  <basch@lehman.com>
-
-	* k5seal.c k5unseal.c util_cksum.c:
-		setup krb5_checksum "contents" and "length" field prior to
-		calling krb5_calculate_checksum().
-
-Tue May 14 04:42:11 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* init_sec_context.c (make_ap_req): Change call to
- 		krb5_auth_con_setcksumtype to use
- 		krb5_auth_con_set_req_cksumtype by default instead.
-
-Sun May 12 00:54:35 1996  Marc Horowitz  <marc@mit.edu>
-
-	* util_crypt.c (kg_encrypt): It used to be that krb5_encrypt could
- 	be used to encrypt in place.  That's broken now.  This would need
- 	to be fixed in several places in the crypto layer, and it's not
- 	clear what the right thing is, so it's worked around here in the
- 	interests of portability and reliablility, at the expense of a
- 	malloc/memcpy/free.
-
-	* Makefile.in, configure.in: gssapi_krb5.h should be installed
- 	inside the tree.  This is really only half the work, as it should
- 	be installed outside of the tree, too.
-
-Sat Apr 20 00:02:51 1996  Marc Horowitz  <marc@mit.edu>
-
-	* accept_sec_context.c, export_sec_context.c, gssapiP_krb5.h,
- 	import_sec_context.c, init_sec_context.c, k5seal.c, k5unseal.c,
- 	ser_sctx.c, wrap_size_limit.c: Implemented triple-des changes
- 	based on Richard's patches.
-
-Wed Apr 17 21:08:59 1996  Marc Horowitz  <marc@mit.edu>
-
-	* accept_sec_context.c (krb5_gss_set_backward_mode): removed
-
-	* krb5_gss_glue.c, wrap_size_limit.c: added
-	
-	* import_sec_context.c: intern the newly created context id so
- 	that the validation functions will accept it.
-	
-	* Makefile.in (CFLAGS): Don't need md5 header files anymore.
-  	(OBJS, SRCS): Change the list of files to build.
-
-	* export_sec_context.c, import_sec_context.c, gssapiP_krb5.h,
- 	ser_sctx.c: don't use the serialization abstraction, since it
- 	doesn't add anything, and is internal to kerberos.  Instead, make
- 	the {de,}serialization functions internal gssapi functions, and
- 	call those directly.
-
-	* accept_sec_context.c, acquire_cred.c, context_time.c,
- 	delete_sec_context.c, disp_name.c, disp_status.c,
- 	export_sec_context.c, gssapi_krb5.c (kg_get_context),
- 	import_name.c, import_sec_context.c, indicate_mechs.c,
- 	init_sec_context.c, inq_context.c, inq_cred.c, inq_names.c,
- 	process_context_token.c, rel_cred.c, rel_name.c, seal.c, sign.c,
- 	unseal.c, verify.c:
- 	Don't pass in the context from the caller.  Instead, call
- 	kg_get_context() to find out the kerberos library context.  Also,
- 	random minor compile-time fixes.
-
-	* accept_sec_context.c, gssapi_krb5.c (kg_get_defcred),
- 	gssapiP_krb5.h, init_sec_context.c, k5seal.c, k5unseal.c,
- 	util_cksum.c (kg_checksum_channel_bindings), util_seqnum.c
- 	(kg_make_seq_num, kg_get_seq_num), util_seed.c (kg_make_seed),
- 	util_crypt.c (kg_encrypt, kg_decrypt): 
-	pass the context to the kg_* functions which need it instead of
- 	determining it directly.
-
-Fri Apr 12 21:47:46 1996  Richard Basch  <basch@lehman.com>
-
-        * k5seal.c k5unseal.c:
-        Renamed MD5 routines to be preceded with krb5_
-
-Thu Apr 11 18:53:09 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* acquire_cred.c (acquire_init_cred): Return GSS_S_CRED_UNAVAIL on
-		if krb5_cc_set_flags() returns an error, since that's the
-		call that will return an error if the credentials files
-		doesn't exist.
-
-Wed Apr  3 16:10:24 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* init_sec_context.c (krb5_gss_init_sec_context): If make_ap_req()
-		returns KRB5APP_TKT_EXPIRED, then return
-		GSS_S_CREDENTIALS_EXPIRED as the major return code.
-
-Tue Apr  2 15:20:24 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in (SRCS): Inlined list of source files for SRCS and
-		OBJS (for Macintosh build).
-
-	* k5mech.c: Added Macintosh #ifdef so that the #include path is
-		right for the Macintosh.
-
-Wed Mar 20 20:25:53 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* rel_oid.c (krb5_gss_release_oid): Don't compile this procedure,
-		since it's not used.  The mechanism glue layer uses the
-		krb5_gss_internal_relase_oid() function.
-
-	* pname_to_uid.c: Comment out #ident line.  This causes the
-		Macintosh C compiler indigestion.  Remove #include of
-		gssapi/gssapi.h, since that gets included by
-		gssapiP_generic.h.
-
-Fri Mar  8 21:36:29 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* util_cksum.c (kg_checksum_channel_bindings): Change sizeof(long)
-		to sizeof(krb5_int32).
-
-Sat Mar  2 02:22:30 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* k5mech.c (krb5_gss_get_context): Initialize the serializers
-		here, instead of in export and import security context.
-		This will speed things up a little.
-
-	* export_sec_context.c (krb5_gss_export_sec_context): 
-	* import_sec_context.c (krb5_gss_import_sec_context): Don't create
-		a serialization context just for importing/exporting
-		credentials.  Use the passed-in gssapi context.  This
-		speeds things up significantly.  Assume the serializers
-		are initialized in krb5_gss_get_context.
-
-Tue Feb 27 17:53:22 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Remove dead
-		code which used geteuid().
-
-	* Makefile.in (gssapi_err_krb5.$(OBJEXT)): Add Windows production
-		to add file to library.
-
-	* pname_to_uid.c: Don't try to compile pname_to_uid.c for MS-DOS
-		or Macintosh.
-
-Mon Feb 26 18:08:57 1996  Sam Hartman  <hartmans@tertius.mit.edu>
-
-	* k5mech.c : do not declare kg_context static as it is declared in
-	        another file, and declared extern in a header.
-
-Sat Feb 24 00:06:37 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* k5mech.c (krb5_gss_initialize): No longer need to call
-		name-type/mechanism registration function.  This is now
-		done for us by the generic intialization function.
-		Add support for new V2 call gss_wrap_size_limit.
-
-Sat Feb 24 11:45:05 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* import_sec_context.c (krb5_gss_import_sec_context): Do not
-		shadow parameter ctx.
-
-	* inq_context.c (krb5_gss_inquire_context): Do not shadow
-		parameter ctx.
-
-	* rel_oid.c (krb5_gss_internal_release_oid): Change to match prototype.
-
-	* process_context_token.c (krb5_gss_process_context_token): Change
-		to match prototype.
-
-Sat Feb 24 00:06:37 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* gssapiP_krb5.h: Changed most krb5 gssapi functions to take a
-		void * as their first argument, instead of a krb5_context.
-		Makes for a cleaner interface to the mechanism glue layer.
-
-	* k5mech.c (krb5_gss_initialize): Call name-type/mechanism
-	        registration function so that mechanism glue layer knows
-		whether or not a name needs to be lazy evaluated or not.
-
-Tue Feb  6 23:55:45 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* pname_to_uid.c (krb5_pname_to_uid): Instead of using specialized
-		code to derive the username from a kerberos principal, use
-		krb5_aname_to_lname().  Added extra argument for the
-		context structure.
-
-Fri Jan 26 03:09:32 1996  Sam Hartman  <hartmans@tertius.mit.edu>
-
-	* init_sec_context.c (make_ap_req): Make sure we get a DES session key.
-
-Wed Jan 24 20:46:37 1996  Tom Yu  <tlyu@dragons-lair.MIT.EDU>
-
-	* pname_to_uid.c (krb5_pname_to_uid): Changed def'n of
-		krb5principalname to static so K&R compilers won't lose on
-		automatic aggregate initialization.
-
-Wed Jan 24 13:21:37 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* import_name.c (krb5_gss_import_name): Don't assume that the
-		input_name_buffer is null terminated, when it contains a
-		string.  Fix gcc warnings.
-
-Tue Jan 23 13:01:42 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* configure.in: Check for stdlib.h
-
-	* pname_to_uid.c: Include string.h and stdlib.h.
-
-	* init_sec_context.c (make_ap_req): Handle gcc warning.
-
-Tue Jan 23 04:05:23 1996    <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Add support for building GSSAPI as a shared
-	        library.
-
-Tue Jan 23 03:25:02 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* rel_oid.c (krb5_gss_internal_release_oid): Add the new interface
-		for the mechglue layer.
-
-	* inq_cred.c (krb5_gss_inquire_cred): Call gss_release_oid_set()
-		instead of generic_gss_release_oid_set().
-
-	* gssapiP_krb5.h: Added prototype for krb5_gss_internal_release_oid 
-
-	* Makefile.in (CCSRCS): Removed the file krb5_gss_glue.c and added
-		the file k5mech.c and pname_to_uid.c
-
-Tue Jan  9 22:11:25 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* gssapiP_krb5.h (KRB5_GSS_FOR_CREDS_OPTION): New constant added
-		for delegation (forwarding) of credentials.
-
-	* init_sec_context.c (make_ap_req): Add support for sending
-		delegated credentials.  Misc lint cleanups.
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Add support
-		for accepting delegated credentials.  Misc lint cleanups.
-
-Fri Dec  1 17:27:33 1995    <tytso@rsts-11.mit.edu>
-
-	* configure.in: Add rule for building shared object files.
-
-Fri Dec  1 17:11:43 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* gssapiP_krb5.h (KG_TOK_WRAP_MSG): Changed token ID for
-		KG_TOK_WRAP_MSG to match KG_TOK_SEAL_MSG both should be
-		0x0201.
-
-	* krb5_gss_glue.c (gss_inquire_names_for_mech): Added new context
-		argument to the call of krb5_gss_inquire_names_for_mech().
-
-	* inq_names.c (krb5_gss_inquire_names_for_mech): Added new context
-		argument to the arg list.
-
-Thu Nov 16 17:04:00 1995    <tytso@rsts-11.mit.edu>
-
-	* gssapiP_krb5.h (KG_TOK_MIC_MSG, KG_TOK_WRAP_MSG, KG_DEL_CTX):
-	        Fixed token type numbers so they conform with the protocol
-		spec.  Paul Park didn't realize that he wasn't allowed to
-		change these willy-nilly...
-
-Wed Oct 25 15:38:00 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* init_sec_context.c (make_ap_req): Change the input type of
-		do_mutual to be OM_int32 instead of an int, to prevent
-		lossage under windows, since the passed in type size is a
-		OM_int32.
-
-Fri Oct  6 22:02:24 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in: Remove ##DOS!include of config/windows.in.
-		config/windows.in is now included by wconfig.
-
-Mon Sep 25 16:52:49 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
-		Makefile. 
-
-Sun Sep 24 10:39:13 1995  John Rivlin (jrivlin@fusion.com)
-	* gssapiP_krb5.h: Fixed kb_seal_size prototype
-
-Wed Sep 13 10:39:13 1995 Keith Vetter (keithv@fusion.com)
-
-	* acquire_.c: changed int to size_t.
-	* gssapip_.h: added prototype for kg_seal_size.
-	* k5seal.c: 16/32 bit mismatch and removed unused variables.
-	* seal.c: 16/32 bit mismatch.
-	* sign.c: 16/32 bit mismatch.
-	* ser_sctx.c: added prototypes for all functions since they get 
-		assigned into a structure that has been prototyped.
-
-Sat Sep 16 03:18:02 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* gssapiP_krb5.h: Remove context and cred from the gssapi security
-		context, as they aren't needed.  kg_seal and kg_unseal now
-		take a krb5_context argument.
-
-	* ser_sctx.c (kg_ctx_size, kg_ctx_externalize,
-		kg_ctx_internalize): No longer serialize the context and
-		cred fields of the gssapi security context.
-
-	* krb5_gss_glue.c: Don't rely on the context field of the gssapi
-		security context.  Use kg_context instead.
-
-	* verify.c (krb5_gss_verify, krb5_gss_verify_mic): 
-	* unseal.c (krb5_gss_unwrap, krb5_gss_unseal): 
-	* sign.c (krb5_gss_sign, krb5_gss_get_mic): 
-	* seal.c (krb5_gss_seal, krb5_gss_wrap): 
-	* process_context_token.c (krb5_gss_process_context_token): 
-	* k5unseal.c (kg_unseal):
-	* k5seal.c (kg_seal_size): Add a krb5_context argument to this
-		function, so we don't have to depend on the context field
-		in the gssapi security context.
-
-	* init_sec_context.c (krb5_gss_init_sec_context): Don't initialize
-		the context and cred fields in the gssapi security
-		context.  Copy ctx->subkey to ctx->seq.key, so they are
-		separately allocated.
-
-	* gssapi_krb5.c (kg_get_context): When initialize kg_context, call
-		krb5_init_ets() so that the error tables are initialized.
-
-	* export_sec_context.c (krb5_gss_export_sec_context): Don't depend
-		on the context field from the gssapi security context.
-		Free ctx->seq.key.
-
-	* delete_sec_context.c (krb5_gss_delete_sec_context): kg_seal()
-		now takes a krb5_context argument.  Free ctx->seq.key.
-
-	* acquire_cred.c (krb5_gss_acquire_cred): Clear the gssapi
-		credential before setting it, to prevent purify from
-		complaining.
-
-	* accept_sec_context.c (krb5_gss_accept_sec_context): Remove
-		context and cred from the gssapi security context.  Make
-		sure the ticket is freed after we're done with it.
-
-Fri Sep 15 22:12:49 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* import_sec_context.c (krb5_gss_import_sec_context): Don't bash
-		the input interprocess_token.  Otherwise, it can't be
-		freed.  Don't depend on the context field in the gss
-		security context.
-
-Tue Sep 12 19:07:52 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* export_sec_context.c (krb5_gss_export_sec_context): Free the
-		auth context when freeing the GSSAPI context structure.
-
-	* delete_sec_context.c (krb5_gss_delete_sec_context): Free the
-		auth context when freeing the GSSAPI context structure.
-
-Tue Sep 12 13:05:51 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* k5seal.c, k5unseal.c, accept_sec_context.c: Undo MACINTOSH
-		change for paths. The old ones were correct.
-
-Wed Sep  6 12:00:00 1995  James Mattly  <mattly@fusion.com>
-
-	* gssapi_krb5.h:  changed a path bearing include for MACINTOSH
-
-	* accept_sec_context.c:  changed a path bearing include for MACINTOSH
-
-	* k5seal.c:  changed a path bearing include for MACINTOSH
-
-	* k5unseal.c:  changed a path bearing include for MACINTOSH
-	
-Sat Sep  9 00:16:34 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* krb5_gss_glue.c (gss_delete_sec_context): Add extra indirection
-		so that we actually fetch the context correctly.
-		(gss_accept_sec_context): Remove unused code.
-
-Wed Sep  6 16:12:28 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* init_sec_context.c (make_ap_req): Initialize mk_req_flags to
-		zero so that when we OR in flags, the result is
-		well-defined. 
-
-Wed Sep 06 14:20:57 1995   Chris Provenzano (proven@mit.edu)
-
-        * accept_sec_context.c, init_sec_context.c, util.c : 
-		s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g
-
-Tue Sep 05 22:10:34 1995   Chris Provenzano (proven@mit.edu)
-
-        * accept_sec_context.c, init_sec_context.c, util_seed.c : 
-		Remove krb5_enctype references, and replace with 
-		krb5_keytype where appropriate.
-
-Thu Aug 31 11:50:34 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* gssapiP_krb5.h - Add new V2 dispatch prototypes.  Update arguments
-		to be compatible with V2 API.  Add tokens for V2 integrity
-		and confidentiality services.
-	* k5seal.c - Add support for V2 tokens and add kg_seal_size() to
-		support gss_wrap_size_limit().
-	* k5unseal.c - Add support for V2 tokens.
-	* accept_sec_context,disp_status,gssapi_krb5,init_sec_context,
-		inq_context,rel_name.c - Update arguments to V2.
-	* acquire_cred,import_name,inq_cred,krb5_gss_glue,seal,sign,unseal,
-		verify.c - Update arguments to V2 and add new V2 functions.
-	* rel_oid.c, inq_names.c - New V2 modules.
-	* Makefile.in, .Sanitize - Add rel_oid.c and inq_names.c
-
-Tue Aug 29 22:38:54 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* init_sec_context.c (krb5_gss_init_sec_context):  Remove
-		duplicated cleanup code. 
-
-Tue Aug 29 17:48:40 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* {accept,init}_sec_context.c - Zero out the newly allocated context
-		because garbage in the uninitialized context messes up the
-		serializers.
-
-
-Tue Aug 29 13:31:46 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* Makefile.in, .Sanitize, {im,ex}port_sec_context.c, ser_sctx.c - Add
-		new modules to support {im,ex}port of GSSAPI context.
-	* krb5_gss_glue.c - Add krb5_gss_{im,ex}port_sec_context() wrapper
-		routines.
-	* gssapiP_krb5.h - Add prototypes for krb5_gss_{im,ex}port_sec_context
-		and kg_ser_context_init.
-	* gssapi_err_krb5.et - Add magic numbers for GSSAPI data structures.
-
-Mon Aug  7 19:08:52 1995  Theodore Y. Ts'o  <tytso@dcl>
-
-	* inq_cred.c (krb5_gss_inquire_cred): Use
-		generic_gss_release_oid_set() instead of gss_release_oid_set()
-		so that the krb5-specific mechanism can be linked in
-		without pulling in krb5_gss_glue.c
-
-Thu Jul 27 15:26:27 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* Makefile.in - Add -I$(srcdir)/../../crypto/md5 to get rsa-md5.h.
-	* accept_sec_context.c - Include "rsa-md5.h" instead of <krb5/...>.
-	* gssapiP_krb5.h - Replace k5-specific includes with k5-int.h
-	* k5[un]seal.c - Include "rsa-md5.h" instead of <krb5/...>.
-
-
-Fri Jul 7 16:23:17 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* Makefile.in - Remove LDFLAGS, it's set by configure.
-
-Sat Jun 10 23:04:52 1995  Tom Yu  (tlyu@dragons-lair)
-
-	* accept_sec_context.c, gssapiP_krb5.h, init_sec_context.c:
-		krb5_auth_context redefinitions
-
-Fri Jun  9 19:25:55 1995    <tytso@rsx-11.mit.edu>
-
-	* configure.in: Remove standardized set of autoconf macros, which
-		are now handled by CONFIG_RULES.
-
-Wed Jun  7 10:05:16 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* gssapiP_krb5.h: Include time.h (or sys/time.h) for struct tm
-		structure which is now in the los-proto.h file.
-
-Mon May 22 10:10:41 EDT 1995	Paul Park	(pjpark@mit.edu)
-	* Makefile.in	- Add null install target.
-	* inq_cred.c	- Don't mark credentials as expired if the expiration
-			  time is indefinite.
-
-Mon May 01 15:56:32 1995  Chris Provenzano (proven@mit.edu)
-
-	* init_sec_context.c (krb5_gss_init_sec_context()) :
-		The krb5_mk_rep() routine must always encode the data in
-		the keyblock of the ticket, not the subkey.
-
-Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com)
-
-	* *.[ch]: removed unneeded INTERFACE from non-api functions.
-        * *.h added FAR to pointers visible at to the world.
-        * gssapi_e.c: __STDC__ conditional also checks the _WINDOWS define.
-
-Thu Mar 30 16:00:30 1995 Keith Vetter (keithv@fusion.com)
-
-	* accept_sec_context.c: fixed wrong level of indirection on a 
-           parameter to getauthenticator.
-
-Mon Mar 27 07:56:26 1995 Chris Provenzano (proven@mit.edu)
-
-        * accept_sec_context.c: Use new calling convention for krb5_rd_req()
-		and krb5_mk_rep().
-
-Thu Mar 16 19:54:33 1995 Keith Vetter (keithv@fusion.com)
-
-	* init_sec_context.c: fixed signed/unsigned mismatch and
-           added a prototype which will later be removed.
-        * import_name.c: fixed for the PC--made conditional the
-           code dependent upon passwords.
-	* Makefile.in: changed the name of the library the PC
-	   builds, and added xxx-mac targets to mimic xxx-unix.
-
-Fri Mar 10 09:44:29 1995 Chris Provenzano (proven@mit.edu)
-
-	* init_sec_context.c (krb5_gss_init_sec_context())
-		Use new calling convention for krb5_mk_req_ext() and
-		krb5_rd_rep().
-
-	* gssapiP_krb5.h Added a krb5_auth_context pointer to the
-		krb5_gss_ctx_id_rec structure to store the auth_context
-		between multiple calls to krb5_gss_init_sec_context().
-
-Tue Mar 7 20:48:03 1995 Keith Vetter (keithv@fusion.com)
-
-	* accept_s.c, acqire_s.c, compare_.c, context_.c, delete_s.c,
-          disp_nam.c, disp_sta.c, get_tkt_.c, init_sec.c, inq_cont.c, 
-          inq_cred.c, k5seal.c, k5unseal.c, process_.c, rel_cred.c, 
-          rel_name.c, util_cks.c, util_cry.c: added casts on signed ->
-            unsigned assignments.
-        * util_seq.c: added casts on bit extraction code.
-        * gssapip_.h: pulls in los-proto.h for prototypes.
-
-Tue Feb 28 00:27:44 1995  John Gilmore  (gnu at toad.com)
-
-	* gssapi_krb5.h, gssapiP_krb5.h: Avoid <krb5/...> includes.
-	* disp_status.c:  Avoid <com_err.h>, use "com_err.h".
-
-Mon Feb 20 19:53:9 1995 Keith Vetter (keithv@fusion.com)
-
-	* accept_s.c: needed temp to avoid sign/unsigned mismatch on the PC.
-	* init_sec.c: needed temp to avoid sign/unsigned mismatch on the PC.
-        * gssapiP_krb5.h k5seal.c, k5unseal.c: removed netinet/in.h include.
-        * util_seq.c: changed int to 32bit int
-        * gssapiP_krb5.h, gssapi_krb5.h, *.c: added windows INTERFACE keyword
-
-Mon Feb 20 12:00:00 1995  keith Vetter (keithv@fusion.com)
-
-	Rename files for DOS 8.3 uniqueness--files created by Make
-	* gssapi_krb5_err.et => gssapi_err_krb5.et
-			     => gssapi_err_krb5.h
-			     => gssapi_err_krb5.c
-	* gssapiP_krb5.h changed to match
-	* Makefile.in changed to match
-
-Tue Feb 14 15:01:36 1995 Chris Provenzano (proven@mit.edu)
-
-    * init_sec_context.c (make_ap_req()) Use new API for 
-        krb5_mk_req_extended() and cleanup internal processing.
-
-Fri Feb  3 00:34:55 1995  John Gilmore  <gnu@cygnus.com>
-
-	Rename files for DOS 8.3 uniqueness:
-	* display_name.c    => disp_name.c
-	* display_status.c  => disp_status.c
-	* inquire_context.c => inq_context.c
-	* inquire_cred.c    => inq_cred.c
-	* release_cred.c    => rel_cred.c
-	* release_name.c    => rel_name.c
-	* Makefile.in changed to match.
-
-Fri Jan 27 14:41:12 1995  Chris Provenzano (proven@mit.edu)
-
-        * accept_sec_context.c (rd_req_keyproc() added krb5_keytype arg.
-
-Wed Jan 25 16:54:40 1995  Chris Provenzano (proven@mit.edu)
-
-        * Removed all narrow types and references to wide.h and narrow.h
-
-Sun Jan 22 18:26:32 1995  John Gilmore  (gnu at toad.com)
-
-	* acquire_cred.c (acquire_accept_cred):  Add context arg when
-	calling krb5_sname_to_principal.
-
-Fri Jan 13 15:23:47 1995  Chris Provenzano (proven@mit.edu)
-
-    * Added krb5_context to all krb5_routines
-
-Mon Jan  9 19:27:55 1995  Theodore Y. Ts'o  (tytso@dcl)
-
-	* display_name.c (krb5_gss_display_name): gss_display_name()
-		should return a name type OID, not a mechanism OID.
-
-Tue Oct  4 16:40:45 1994  Theodore Y. Ts'o  (tytso@dcl)
-
-	* accept_security_context.c (rd_req_keyproc): Add widen.h and
-		narrow.h to widen argument types of keyproc.
-
-Tue Sep 27 23:30:14 1994  Theodore Y. Ts'o  (tytso@dcl)
-
-	* accept_security_context.c (krb5_gss_accept_sec_context):
-		  krb5_rc_dfl_close now frees the rcache structure, so
-		  this routine shouldn't.
-
-Wed Aug 17 15:47:26 1994  Theodore Y. Ts'o  (tytso at tsx-11)
-
-	* gssapi_krb5.c: Fixed OID for the krb5 mechanism.  (Transcription
-	error.) 
-
-
-
-
-	
diff --git a/src/lib/gssapi/mechglue/ChangeLog b/src/lib/gssapi/mechglue/ChangeLog
deleted file mode 100644
index f24cdd5512..0000000000
--- a/src/lib/gssapi/mechglue/ChangeLog
+++ /dev/null
@@ -1,376 +0,0 @@
-2006-04-03  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (DEFS): Make empty.
-
-2004-09-22  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in: Delete @SHARED_RULE@ line.
-	(thisconfigdir): Fix.
-
-2004-06-22  Ken Raeburn  <raeburn@mit.edu>
-
-	* g_initialize.c, oid_ops.c: Don't test macintosh.
-	* mechglue.h: Don't test __MWERKS__, applec, THINK_C.
-
-2004-06-16  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (all-mac, clean-mac): Targets deleted.
-
-2002-08-29  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-23  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2001-10-09  Ken Raeburn  <raeburn@mit.edu>
-
-	* mechglue.h: Make prototypes unconditional.
-	* mglueP.h: Make all prototypes unconditional.
-	(NPROTOTYPE): Macro deleted.
-
-2001-10-05  Ken Raeburn  <raeburn@mit.edu>
-
-	* g_initialize.c, mglueP.h: Drop _MSDOS support.
-
-	* g_init_sec_context.c: Don't declare pointers FAR any more.
-
-2001-10-03  Ken Raeburn  <raeburn@mit.edu>
-
-	* g_acquire_cred.c, g_oid_ops.c: Don't use GSS_DLLIMP.
-
-2001-04-17  Ken Raeburn  <raeburn@mit.edu>
-
-	* Makefile.in (unixmac): Target deleted.
-
-1999-10-26  Wilfredo Sanchez  <tritan@mit.edu>
-
-	* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
-	LOCAL_INCLUDES such that one can override CFLAGS from the command
-	line without losing CPP search patchs and defines. Some associated
-	Makefile cleanup.
-
-Mon May 10 15:22:42 1999  Danilo Almeida  <dalmeida@mit.edu>
-
-	* Makefile.in: Do win32 build in subdir.
-
-1999-02-19  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in (DLL_FILE_DEF): Tell the Makefile template that we
-		are building object files for the GSSAPI DLL.
-
-	* g_acquire_cred.c, g_oid_ops.c: Change use of KRB5_DLLIMP to be
-		GSS_DLLIMP.
-
-1998-11-13  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Set the myfulldir and mydir variables (which are
-		relative to buildtop and thisconfigdir, respectively.)
-
-Wed Feb 18 16:12:43 1998  Tom Yu  <tlyu@mit.edu>
-
-	* Makefile.in: Remove trialing slash from thisconfigdir.  Fix up
-	BUILDTOP for new conventions.
-
-Mon Feb  2 17:02:29 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
-Wed Feb  5 10:37:00 1996  Richard Basch  <basch@lehman.com>
-
-	* g_accept_sec_context.c g_acquire_cred.c g_compare_name.c
-	  g_context_time.c g_delete_sec_context.c g_dsp_name.c
-	  g_dsp_status.c g_exp_sec_context.c g_imp_name.c
-	  g_imp_sec_context.c g_indicate_mechs.c g_init_sec_context.c
-	  g_inq_context.c g_inq_cred.c g_inq_names.c g_process_context.c
-	  g_rel_buffer.c g_rel_cred.c g_rel_name.c g_rel_oid_set.c
-	  g_seal.c g_sign.c g_unseal.c g_verify.c
-		Changed INTERFACE keyword to KRB5_CALLCONV
-
-Mon Nov 18 20:43:54 1996  Ezra Peisach  <epeisach@mit.edu>
-
-	* configure.in: Shared library version number to 1.0. [krb5-libs/201]
-
-Wed Jun 12 00:50:32 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>
-
-	* Makefile.in: Remove include of config/windows.in; that's done
-		automatically by wconfig.
-
-	* g_acquire_cred.c, g_oid_ops.c: Change to use new convention of
-		KRB5_CALLCONV and KRB5_DLLIMP instead of INTERFACE
-
-Wed May 22 07:48:21 1996  Sam Hartman  <hartmans@mit.edu>
-
-	* Makefile.in (libgssapi.$(STEXT)): Remove unnecessary install rule for libgssapi.a.
-
-Mon May 20 23:56:46 1996  Sam Hartman  <hartmans@mit.edu>
-
-	* configure.in: Don't make libgssapi.a on AIX.  It is handled incorrectly becaus all symbols are not resolved, and it isn't useful as a non-shared library.
-	
-
-Fri May  3 16:43:43 1996  Theodore Y. Ts'o  <tytso@mit.edu>
-
-	* g_inq_cred.c (gss_inquire_cred): Add code to support appropriate
-		behavior when the input credentials is NULL (i.e., the
-		default credential).  We use the default credential for
-		the "default mechanism", which is the first mechanism
-		registered with the library.
-
-Thu Apr 11 20:11:00 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* g_acquire_cred.c (gss_add_cred): Fixed code to correctly handle
-		errors reported from the mechanism layer.
-
-Wed Mar 27 00:05:37 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* mglueP.h: Don't include <sys/types.h> mechglue.h will take care
-		of this by including gssapi.h, which will include
-		sys/types.h if necessary.
-
-Thu Mar 21 00:12:07 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* g_imp_sec_context.c (gss_import_sec_context):
-	* g_exp_sec_context.c (gss_export_sec_context): Fix 16bit vs 32bit
-		lint flame.
-
-Wed Mar 20 20:20:38 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* g_glue.c: 
-	* g_initialize.c: Add include of string.h, as it is needed.
-
-	* g_acquire_cred.c: 
-	* g_inq_cred.c: Add include of time.h
-
-	* g_rel_oid_set.c (gss_release_oid_set): Removed unused variable.
-
-	* mechglue.h: Don't include <sys/types.h>; it's included if
-		necessary in gssapi/gssapi.h.  On a Macintosh, #include
-		gssapi.h instead of gssapi/gssapi.h.
-
-	* g_accept_sec_context.c, g_acquire_cred.c, g_compare_name.c,
-	g_context_time.c, g_delete_sec_context.c, g_dsp_name.c,
-	g_dsp_status.c, g_exp_sec_context.c, g_glue.c, g_imp_name.c,
-	g_imp_sec_context.c, g_indicate_mechs.c, g_init_sec_context.c,
-	g_initialize.c, g_inq_context.c, g_inq_cred.c, g_inq_names.c,
-	g_process_context.c, g_rel_buffer.c, g_rel_cred.c, g_rel_name.c,
-	g_rel_oid_set.c, g_seal.c, g_sign.c, g_unseal.c, g_verify.c,
-	gssd_pname_to_uid.c, mechglue.h, mglueP.h: Comment out #ident
-		line.  This causes the Macintosh C compiler indigestion.
-
-Tue Mar 12 23:28:57 1996  Ken Raeburn  <raeburn@cygnus.com>
-
-	* mechglue.h (gssd_pname_to_uid, gss_initialize): Use PROTOTYPE
-	macro in declarations.
-
-Sun Mar  3 12:49:25 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* g_imp_sec_context.c, g_exp_sec_context.c: Include string.h
-
-Thu Feb 29 11:32:16 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* g_glue.c (__gss_get_mech_type): Fix code to properly parse token
-		headers.  It was working only by serendipity....
-
-	* g_accept_sec_context.c (gss_accept_sec_context): Add error
-		checking and memory cleanup.  Make gss_accept_sec_context
-		work for mechanisms that use multiple token roundtrips.
-
-Wed Feb 28 20:33:47 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* mglueP.h: For MS-DOS, add #include of malloc.h
-
-	* g_acquire_cred.c (gss_acquire_cred): Fix so that the call works
-		when desired_name is NULL (meaning use the default
-		credentials).
-
-	* g_imp_sec_context.c (gss_import_sec_context): 
-	* g_exp_sec_context.c (gss_export_sec_context): Fix to 
-		import/export the framing security context (so that this
-		call actually works!).
-
-Tue Feb 27 18:44:51 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* g_initialize.c (gss_initialize): Don't fprintf to stderr on
-		Macintoshes and Windows.
-
-	* g_inq_context.c: Add INTERFACE keyword for Windows.
-
-	* oid_ops.c: Protect include of unistd.h with HAVE_UNISTD_H
-
-Sun Feb 25 15:39:08 1996  Mark W. Eichin  <eichin@cygnus.com>
-
-	* g_acquire_cred.c, g_delete_sec_context.c, g_dsp_name.c,
-	g_dsp_status.c, g_exp_sec_context.c, g_glue.c, g_imp_name.c,
-	g_imp_sec_context.c, g_indicate_mechs.c, g_init_sec_context.c,
-	g_inq_cred.c, g_rel_buffer.c, g_rel_cred.c, g_rel_name.c,
-	g_rel_oid_set.c: include stdio.h to actually get NULL.
-
-Sat Feb 24 16:19:30 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* Makefile.in, g_inquire_cred.c, g_inquire_names.c,
-		g_inquire_context.c: Renamed files to g_inq_cred.c,
-		g_inq_names.c, and g_inq_context.c, respectively.
-
-	* g_acquire_cred.c (gss_add_cred): New GSSAPI V2 function.
-
-	* g_inquire_cred.c (gss_inquire_cred_by_mech): New GSSAPI V2
-		function. 
-
-	* g_init_sec_context.c (gss_init_sec_context): Make sure we
-		convert the union credential into a mechanism specific
-		credential.
-
-	* g_glue.c (__gss_get_mechanism_cred): New function for returning
-		the mechanism-specific credential from a union credential.
-
-	* g_inquire_names.c (gss_inquire_names_for_mech): 
-	* g_oid_ops.c (gss_str_to_oid, gss_oid_to_str, 
-		gss_test_oid_set_member, gss_add_oid_set_member,
-		gss_create_empty_oid_set, gss_release_oid): 
-	* g_imp_sec_context.c (gss_import_sec_context): 
-	* g_exp_sec_context.c (gss_export_sec_context):
-	* g_inquire_cred.c (gss_inquire_cred): 
-	* g_rel_oid_set.c (gss_release_oid_set): 
-	* g_rel_buffer.c (gss_release_buffer): 
-	* g_rel_name.c (gss_release_name): 
-	* g_imp_name.c (gss_import_name): 
-	* g_dsp_name.c (gss_display_name): 
-	* g_compare_name.c (gss_compare_name):
-	* g_indicate_mechs.c (gss_indicate_mechs):
-	* g_dsp_status.c (gss_display_status): 
-	* g_unseal.c (gss_unseal, gss_unwrap): 
-	* g_seal.c (gss_seal, gss_wrap):
-	* g_verify.c (gss_verify, gss_verify_mic): 
-	* g_sign.c (gss_sign, gss_get_mic):
-	* g_context_time.c (gss_context_time): 
-	* g_delete_sec_context.c (gss_delete_sec_context): 
-	* g_process_context.c (gss_process_context): 
-	* g_accept_sec_context.c (gss_accept_sec_context): 
-	* g_init_sec_context.c (gss_init_sec_context): 
-	* g_rel_cred.c (gss_release_cred): 
-	* g_acquire_cred.c (gss_acquire_cred): Added INTERFACE keyword for
-		Windows.
-
-	* mglueP.h:
-	* g_seal.c: Add support for new V2 call gss_wrap_size_limit()
-
-	* g_mechname.c (gss_add_mech_name_type): Only mark a name-type as
-		being non-mechanism-specific if the mechanism doesn't
-		match the type currently associated with the name-type.
-
-	* g_init_sec_context.c (gss_init_security_context): If we are
-		using a mechanism-specific name, use the
-		mechanism-specific name directly, instead of calling
-		__gss_internal_import() on the external form of the name.
-		If the mechanism_type is unspecified, use the type of the
-		mechanism-specific name.  If the mechanism_type is
-		specified, it must match the type of the supplied name.
-
-	* g_acquire_cred.c (gss_acquire_cred): If we are acquiring
-		credentials for a mechanism-specific name, use the name
-		directly, instead of doing an __gss_internal_import() on
-		the name.  Also, if the desired_mechanisms oid is NULL,
-		default to using the mechanism-type of the
-		mechanism-specific name.
-
-	* g_compare_name.c (gss_compare_name): Add logic for comparing
-		mechanism-specific names.
-
-	* g_accept_sec_context.c (gss_accept_sec_context): Use
-		__gss_convert_name_to_union_name() to take the gss_name_t
-		returned by the mechanism accept_sec_context(), and
-		convert it into a mechanism-specific union name.
-
-	* g_inquire_context.c (gss_inquire_context):  Removed local static
-		function convert_name_to_union_name(), and changed
-		references to it use the generalized
-		__gss_convert_name_to_union_name() call.
-
-	* g_glue.c (__gss_convert_name_to_union_name): New function which
-		takes gss_name_t returned by a particular mechanism, and
-		converts it into a gss_union_name.
-
-	* g_rel_oid_set.c (gss_release_oid_set): Manually free the oids in
-		an OID set, since the containing structure is allocated as
-		an array.
-
-Sat Feb 24 12:21:03 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* mglueP.h (gss_config): Change int fields to OM_uint32 to match
-		arguments to procedure calls in gss_init_sec_context,
-		gss_accept_sec_context, and gss_display_status.
-
-Sat Feb 24 00:00:27 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* g_imp_name.c (gss_import_name): If the user passes in a
-		name-type which is mechanism specific, then import it
-		immediately; don't lazy evaluate it.
-
-	* g_mechname.c (gss_add_mech_name_type): New file for maintaining
-		a registry of name-types which are mechanism specific.
-
-	* g_dsp_name.c (gss_display_name): If there is a mechanism
-		specific name, use it when displaying the name.
-
-	* oid_ops.c (generic_gss_copy_oid): New function used to copy an
-		OID object.
-
-Fri Feb 23 18:27:20 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* g_rel_name.c (gss_release_name): Release the OID in the
-		mechanism name, as it is now allocated.  Release the
-		mechanism-specific name if it is present.
-
-	* g_imp_name.c (gss_import_name):  Copy the input OID, so we don't
-		have to worry about memory allocation problems later.
-		Initialize mech_type and mech_name in the union name to be
-		zero.  (for now)
-
-	* oid_ops.c (generic_gss_copy_oid): Added new function to copy OIDs.
-
-Thu Feb 22 21:48:44 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* mglueP.h: Add space for the mechanism name in gss_union_name.
-
-Sat Feb 10 18:38:43 1996  Tom Yu  <tlyu@dragons-lair.MIT.EDU>
-
-	* g_glue.c: grab stdlib.h to get NULL
-
-Fri Feb  9 09:04:50 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* g_inquire_context.c: Include stdlib.h if present
-
-Wed Feb  7 14:16:01 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* g_initialize.c: Need to include stdio.h, errno.h all the time.
-
-Tue Feb  6 23:59:49 1996  Theodore Y. Ts'o  <tytso@dcl>
-
-	* g_initialize.c (gss_initialize): Added code to try to
-		dynamically read in the GSSAPI mechanim library using
-		dlopen().
-
-Wed Jan 24 20:49:13 1996  Tom Yu  <tlyu@dragons-lair.MIT.EDU>
-
-	* g_compare_name.c, g_delete_sec_context.c, g_dsp_status.c,
-	g_exp_sec_context.c, g_imp_sec_context.c, g_rel_buffer.c,
-	g_rel_cred.c, g_rel_name.c, g_rel_oid_set.c, get_mechanism.c,
-	get_mtype.c: Include stdlib.h and string.h as needed
-
-	* mglueP.h: Add many invocations of NPROTOTYPE and PROTOTYPE to
-		prevent breakage.
-
-Tue Jan 23 11:52:24 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
-
-	* add_mechanism.c, g_inquire_cred.c, g_imp_name.c,
-	  g_dsp_name.c, g_indicate_mechs.c, g_accept_sec_context.c,
-	  g_init_sec_context.c, g_acquire_cred.c: Include stdlib.h, string.h
-
-	* configure.in: Check for stdlib.h
-
-	* Makefile.in (SRCS): Remove extraneous line with only a tab.
-		(SHLIB_LDFLAGS): Declare that krb5_gss_initialize is to be
-		unresolved. 
-
-