summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5
diff options
context:
space:
mode:
authorSam Hartman <hartmans@mit.edu>2006-04-11 21:28:48 +0000
committerSam Hartman <hartmans@mit.edu>2006-04-11 21:28:48 +0000
commit779066fca01df6c4354ccd4f80dcafe4e96d891c (patch)
tree45813dea9d0492f0411ea537cd3b521544767a94 /src/lib/krb5
parent4e4c10590e698cfbb138bfb85bd1455b74919ec7 (diff)
downloadkrb5-779066fca01df6c4354ccd4f80dcafe4e96d891c.tar.gz
krb5-779066fca01df6c4354ccd4f80dcafe4e96d891c.tar.xz
krb5-779066fca01df6c4354ccd4f80dcafe4e96d891c.zip
Remove ChangeLog files from the source tree. From now on, the
subversion commit log entry needs to include information that would have been in the changelog. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17893 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5')
-rw-r--r--src/lib/krb5/ChangeLog608
-rw-r--r--src/lib/krb5/asn.1/ChangeLog1297
-rw-r--r--src/lib/krb5/ccache/ChangeLog1075
-rw-r--r--src/lib/krb5/ccache/ccapi/ChangeLog237
-rw-r--r--src/lib/krb5/error_tables/ChangeLog484
-rw-r--r--src/lib/krb5/keytab/ChangeLog686
-rw-r--r--src/lib/krb5/krb/ChangeLog3633
-rw-r--r--src/lib/krb5/os/ChangeLog3093
-rw-r--r--src/lib/krb5/posix/ChangeLog268
-rw-r--r--src/lib/krb5/rcache/ChangeLog509
10 files changed, 0 insertions, 11890 deletions
diff --git a/src/lib/krb5/ChangeLog b/src/lib/krb5/ChangeLog
deleted file mode 100644
index 3f84fd3b82..0000000000
--- a/src/lib/krb5/ChangeLog
+++ /dev/null
@@ -1,608 +0,0 @@
-2006-04-02 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (DEFS): Make empty.
-
-2006-03-26 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_libinit.c (krb5int_lib_init): Register callback function
- for lower-level error-info support routines.
- (krb5int_lib_fini): Clear the callback function.
- * libkrb5.exports: Export new error-message functions.
-
-2005-11-14 Jeffrey Altman <jaltman@mit.edu>
-
- * krb5_libinit.c: include k5-int.h instead of krb5.h
-
-2005-08-20 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Use K5_AC_INIT instead of AC_INIT.
-
-2005-02-17 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_libinit.c (krb5int_lib_fini): Only show "skipping" message
- if SHOW_INITFINI_FUNCS is defined.
-
-2005-02-08 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_libinit.c (krb5int_lib_init, krb5int_lib_fini): If
- SHOW_INITFINI_FUNCS is defined, print tracing messages.
-
- * Makefile.in (LIBINITFUNC, LIBFINIFUNC): Define.
-
-2005-01-17 Jeffrey Altman <jaltman@mit.edu>
-
- * krb5_libinit.c: implement library cleanup of mutexes, static vars, etc
-
-2005-01-04 Jeffrey Altman <jaltman@mit.edu>
-
- * libkrb5.exports: add krb5_is_thread_safe
-
-2004-11-18 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (SHLIB_EXPLIBS): Remove -ldl accidentally added in
- last change.
-
-2004-11-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (SHLIB_EXPDEPS, SHLIB_EXPLIBS): Add support
- library.
-
-2004-08-08 Ken Raeburn <raeburn@mit.edu>
-
- * libkrb5.exports: Remove memory ccache symbols except ops table.
-
-2004-06-18 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (OBJFILEDEP, OBJFILELIST) [DOS]: Include locally
- built object files.
- (OBJFILE, LIBOBJS, LOCALINCLUDES) [DOS]: Define.
-
-2004-06-16 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (MAC_SUBDIRS): Don't set.
-
-2004-06-15 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LOCALINCLUDES): Add $srcdir/os.
-
- * krb5_libinit.c: Include os-proto.h.
- (krb5int_lib_init): Initialize krb5int_us_time_mutex.
-
- * libkrb5.exports: Drop krb5_init_ets, krb5_free_ets,
- krb5_kt_default_vno, and krb5int_profile_shared_data.
-
-2004-06-04 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBBASE): Renamed from LIB.
-
-2004-06-02 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_libinit.c (initialized): Variable deleted, all references
- removed.
- (krb5int_lib_init): Initialize error tables here, including k524.
- (krb5int_initialize_library): Don't do it here.
- (krb5int_lib_fini): Remove k524 error table too.
-
-2004-05-27 Ezra Peisach <epeisach@mit.edu>
-
- * Makefile.in (LOCALINCLUDES): Include ccache, keytab and rcache
- directories.
-
- * krb5_libinit.c: Include cc-int.h, kt-int.h, rc-int.h for
- init/fini prototypes.
-
-2004-05-05 Ken Raeburn <raeburn@mit.edu>
-
- * libkrb5.exports: Export krb5int_foreach_localaddr for now.
-
-2004-04-24 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_libinit.c: Include k5-platform.h.
- (krb5int_lib_init, krb5int_lib_fini): New init/fini functions.
- Call the corresponding functions for the ccache, keytab, and
- rcache code. Incorporate the finalization code from
- krb5int_cleanup_library.
- (krb5int_initialize_library): Make sure the init function runs
- successfully.
- (krb5int_cleanup_library): Now empty.
-
-2004-04-22 Ken Raeburn <raeburn@mit.edu>
-
- * libkrb5.exports: New file.
-
-2003-12-23 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Remove basic checks for header files and
- functions, now moved into include/configure.in.
-
-2003-08-21 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Don't substitute LIBOBJS, newer autoconfs don't
- like it.
-
-2003-08-20 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Don't replace any missing system functions. Just
- set LIBOBJS empty for now and substitute it.
-
-2003-08-13 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Don't check for or replace vfprintf, vsprintf,
- strerror, memmove, or sscanf, all part of C 89.
-
-2003-07-15 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_libinit.c: Include autoconf.h.
-
-2003-03-07 Alexandra Ellwood <lxs@mit.edu>
-
- * krb5_libinit.c: Changed USE_HARDCODED_FALLBACK_ERROR_TABLES macro
- to !USE_BUNDLE_ERROR_STRINGS so Darwin based builds get com_err
- style error tables.
-
-2003-03-06 Alexandra Ellwood <lxs@mit.edu>
-
- * krb5_libinit.c: Removed Mac OS X header goober. Conditionalize
- CCAPI calls on USE_CCAPI so Darwin builds work.
-
-2003-02-04 Tom Yu <tlyu@mit.edu>
-
- * configure.in: Add KRB5_SIGTYPE and CHECK_SIGNALS for
- os/prompter.c.
-
-2003-01-10 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Don't explicitly invoke AC_PROG_INSTALL.
-
- * configure.in: Use V5_AC_OUTPUT_MAKEFILE instead of
- K5_GEN_MAKEFILE and K5_AC_OUTPUT.
-
- * Makefile.in: Add AC_SUBST_FILE marker for lib_frag and libobj_frag.
-
-2002-08-29 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-08-22 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (SUBDIROBJLISTS): New variable.
-
-2002-07-09 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_libinit.c: Put # for cpp directives in first column.
-
-2002-07-03 Alexandra Ellwood <lxs@mit.edu>
-
- * krb5_libinit.c: Conditionalized error table loading for
- Mac OS X. Error tables should always be loaded on other
- platforms.
-
- * krb5_libinit.c: Added an include for com_err.h since
- it is not included by error table headers on Mac OS X. Also
- fixed busted check for Mac OS
-
- [pullups form 1-2-2-branch]
-
-2002-06-25 Alexandra Ellwood <lxs@mit.edu>
-
- * krb5_libinit.c: Added an include for com_err.h since
- it is not included by error table headers on Mac OS X. Also
- fixed busted check for Mac OS
-
- * krb5_libinit.c: added #define for Mac OS X so
- that krb5int_cleanup_library calls krb5_stdcc_shutdown.
-
- [pullups from 1-2-2-branch]
-
-2002-06-09 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Don't set up keytab/file or keytab/srvtab
- subdirectories.
- * Makefile.in (STOBJLISTS): Delete keytab/file/OBJS.ST and
- keytab/srvtab/OBJS.ST.
-
-2002-03-06 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBMINOR): Bump due to changes in error tables.
-
-2001-10-05 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_libinit.c: Drop _MSDOS support.
-
-2001-09-01 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (SRCS): Use $(srcdir) not $(subdir).
-
-2001-07-30 Ezra Peisach <epeisach@mit.edu>
-
- * configure.in: Add KRB5_GETSOCKNAME_ARGS and KRB5_GETPEERNAME_ARGS.
-
-2001-06-11 Ezra Peisach <epeisach@mit.edu>
-
- * configure.in: Test for strptime() prototype. Debian linux has
- strptime in the C library but does not provide a prototype.
-
-2001-04-26 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Don't use HAS_ANSI_VOLATILE.
-
-2001-04-25 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Moved test for socklen_t to include directory.
-
-2001-03-05 Tom Yu <tlyu@mit.edu>
-
- * configure.in: Check for sys/filio.h for FIONBIO.
-
-2000-12-18 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Look for socklen_t, define HAVE_SOCKLEN_T if
- found.
-
-2000-11-01 Ezra Peisach <epeisach@mit.edu>
-
- * configure.in: Use AC_C_CONST instead of AC_CONST.
-
-2000-10-17 Ezra Peisach <epeisach@mit.edu>
-
- * krb5_libinit.c: Include krb5_libinit.h for prototypes.
-
-2000-10-10 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Check for getifaddrs and ifaddrs.h.
-
-2000-09-21 Ezra Peisach <epeisach@mit.edu>
-
- * configure.in: Add AC_TYPE_OFF_T for off_t declaraion.
-
-2000-08-29 Tom Yu <tlyu@mit.edu>
-
- * configure.in: Don't generate keytab/db/Makefile, since it isn't
- used.
-
- * Makefile.in: Garbage collect a little. Don't include keytab/*
- directories directly on $(LOCAL_SUBDIRS), as keytab/Makefile.in
- lists them itself.
-
-2000-07-14 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Don't generate Makefile in ccache/file,
- ccache/stdio, ccache/memory.
- * Makefile.in (LOCAL_SUBDIRS, LIB_SUBDIRS, LIBDONE, STOBJLISTS):
- Delete references to those directories.
-
-2000-07-01 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in (SHLIB_EXPLIBS): Use $(LIBS) not @RESOLV_LIB@ in
- order to get -lnsl, -lsocket, etc. if necessary.
-
-2000-06-23 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in (LIBMAJOR, LIBMINOR): Bump version.
-
-2000-06-23 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (SHLIB_EXPLIBS): Add @RESOLV_LIB@.
-
-2000-05-31 Wilfredo Sanchez <tritan@mit.edu>
-
- * configure.in: Check for existance of <memory.h>.
- [from Nathan Neulinger <nneul@umr.edu>]
-
-2000-03-14 Ken Raeburn <raeburn@mit.edu>
-
- * configure.in: Check for gethostbyname2.
-
-Tue Feb 22 10:20:57 2000 Ezra Peisach <epeisach@mit.edu>
-
- * Makefile.in (clean-unix): Add clean-libobjs.
-
-2000-01-24 Tom Yu <tlyu@mit.edu>
-
- * krb5_libinit.c: Conditionalize call to stdcc_shutdown().
-
- * configure.in: Fix to build library objects in this directory.
-
- * Makefile.in (STOBJLISTS): Fix to actually build krb5_libinit.o.
-
- * krb5_libinit.c: Fix to use 0 and 1 instead of false and true.
-
-Fri Jan 21 22:47:00 2000 Miro Jurisic <meeroh@mit.edu>
-
- * Makefile.in: added krb5_libinit.[co]
- * krb5_libinit.[ch]: new files, contain library initialization
- and cleanup code
-
-1999-12-01 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBMINOR): Update to 2.
-
-1999-06-13 Geoffrey King <gjking@mit.edu>
-
- * Makefile.in:
- * configure.in: Add new subdirectory keytab/srvtab.
-
-Tue May 18 19:52:56 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Remove - from recursive Win32 make invocation.
-
-Mon May 17 14:09:28 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Make directories for clean-windows target lowercase
- like everywhere else.
-
-Mon May 10 15:23:34 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Do win32 build in subdir.
-
-1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Set the myfulldir and mydir variables (which are
- relative to buildtop and thisconfigdir, respectively.)
-
- * configure.in: Add test for the fcntl.h header file.
-
-Thu Jul 30 13:12:57 1998 Sam Hartman <hartmans@utwig.mesas.com>
-
- * configure.in: Test for sa_len so localaddr works on NetBSD.
-
-Sun Jul 26 17:46:47 1998 Sam Hartman <hartmans@utwig.mesas.com>
-
- * Makefile.in (LIBMAJOR): bump to 2
-
-Wed Apr 15 18:07:20 1998 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in (SHLIB_EXPDEPS):
- (SHLIB_EXPLIBS): Rename libcrypto -> libk5crypto.
-
-Fri Feb 27 23:15:28 1998 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in (SHLIB_EXPLIBS): Replace @SHLIB_GEN@ with @GEN_LIB@
-
-Fri Feb 27 18:00:15 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * configure.in: Move the regular expression function tests into
- aclocal.m4, since they also need to be shared by
- lib/kadm5's configure script.
-
- * configure.in: Move tests from all of krb5's subdirectories into
- this configure.in, and make it generate makefiles for all
- of the subdirectories.
-
- * Makefile.in: Add a LOCAL_SUBDIRS macro for all subdirectories in
- the krb5 library.
-
-Wed Feb 18 16:18:18 1998 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Remove trailing slash from thisconfigdir. Fix up
- BUILDTOP for new conventions.
-
-Sat Feb 14 10:37:26 1998 Ezra Peisach <epeisach@mit.edu>
-
- * configure.in: Remove USE_ANAME, and the defines for ANAME_DBDEP and
- ANAME_DBLIB as they are no longer used.
-
- * Makefile.in: Remove unused ANAME_DBDEP and ANAME_DBLIB definitions.
-
-Fri Feb 13 15:26:42 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in, configure.in: Remove the free directory from the
- list of subdirectories to be built. (All functions moved
- into lib/krb5/free/kfree.c)
-
-Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * configure.in: Use AC_CONFIG_DIRS instead of CONFIG_DIRS, and
- remove use of DO_SUBDIRS.
-
- * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
-Fri Jul 25 15:24:41 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Bump version due to et changes.
-
-Sat Feb 22 01:37:03 1997 Sam Hartman <hartmans@luminous.MIT.EDU>
-
- * Makefile.in (LIBMINOR): Bump minor version
-
-Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com>
-
- * Makefile.in: win32 build
-
-Fri Feb 7 21:48:10 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Add rule to install libraries.
-
-Fri Jan 3 16:47:59 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in:
- * configure.in: Update to use new KRB5_BUILD_LIBRARY_WITH_DEPS
- macro.
-
- * Makefile.in:
- * configure.in: Update to new library build procedure.
-
-Mon Nov 18 20:42:39 1996 Ezra Peisach <epeisach@mit.edu>
-
- * configure.in: Set shared library version to 1.0. [krb5-libs/201]
-
-Wed Oct 23 01:15:40 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * configure.in, Makefile.in: Check to see if the -lgen library
- exists; if so, add it to the SHLIB_LIBS line, since it
- will be needed by an_to_ln.c, in all probability.
-
-Fri Jun 7 17:38:09 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * Makefile.in (all-windows, clean-windows): Use full directory
- name "error_tables" when building under Windows so that
- the build will work correctly under VFAT and NTFS filesystems.
-
-Thu Jun 6 00:04:38 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * Makefile.in (all-windows): Don't pass $(LIBCMD) on the command
- line. It's set in the windows.in prologue for all Makefiles anyway.
-
-Mon May 20 10:56:51 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU>
-
- * Makefile.in (libkrb5.$(STEXT)): fix sense of test; also deal
- with new improved libupdate
-
-Tue Apr 30 16:31:50 1996 Ken Raeburn <raeburn@cygnus.com>
-
- * Makefile.in (libkrb5.$(STEXT)): Set a variable with or without
- "--force" and use it, instead of duplicating the rest of the
- code. Use LIBDONE as list to process, so berk_db will be skipped
- when not in use. Check exit status of LIBUPDATE invocation.
- Remove library before creating as workaround for libupdate bug.
-
-Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Folded in danw's changes to allow
- building Makefiles for the Macintosh. We now can build
- MPW makefiles which are interpreted by CodeWarrior.
-
-Sat Jan 27 18:25:42 1996 Sam Hartman <hartmans@tertius.mit.edu>
-
- * configure.in (hashloc): Fix quoting so it makes it into the Makefile.
-
-Mon Jan 22 15:23:05 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * configure.in: Merge in berk_db library if needed.
-
- * Makefile.in (LIB_SUBDIRS): Get location of berk_db from
- configure if needed.
-
-Wed Dec 13 07:09:30 1995 Chris Provenzano (proven@mit.edu)
-
- * Makefile.in : Move db keytab routines to lib/kdb.
-
-Tue Dec 5 20:57:06 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * Makefile.in: Removed dependency on krb4 library in building
- shared library.
-
-Fri Nov 3 21:31:44 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Added the ccache/memory subdirectory.
-
-Fri Oct 6 22:05:44 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Remove ##DOS!include of config/windows.in.
- config/windows.in is now included by wconfig.
-
-Mon Oct 2 11:12:24 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * configure.in (V5_MAKE_SHARED_LIB): Change rule to install
- version 0.1 of the library. Pass the libcrypto and
- libcom_err version number to Makefile
-
- * Makefile.in (CRYPTO_VER): Get the proper libcrypto version number
-
-Mon Sep 25 17:01:48 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
- Makefile.
-
-Wed Sep 13 11:11:38 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: Put back in all:: all-$(WHAT) rule--PC needs it.
-
-Fri Jun 30 14:43:38 EDT 1995 Paul Park (pjpark@mit.edu)
- * Makefile.in - Add Berkeley database code here. Remove typo in
- libupdate section.
-
-Wed Jun 28 21:25:29 1995 Mark Eichin <eichin@cygnus.com>
-
- * configure.in: with static libs, we need install-unix, not install.
-
-Mon Jun 26 17:36:53 1995 Sam Hartman <hartmans@tardis.MIT.EDU>
-
- * Makefile.in (install-unix): This should be generated by configure.in, not Makefile.in. My typo was there, not here.
-
-Sun Jun 25 08:24:46 1995 Tom Yu (tlyu@dragons-lair)
-
- * Makefile.in: Typo: install-mac was really supposed to be
- install-unix
-
-Fri Jun 23 12:15:02 1995 Sam Hartman <hartmans@tardis.MIT.EDU>
-
- * configure.in: Typo: krb5_cv_staticlibs_enabled, not
- krb5_cv_enable_staticlibs
-
-Thu Jun 22 18:03:35 1995 Sam Hartman (hartmans@tardis)
-
- * Makefile.in: Treat libcom_err.a as shared, use new conventions
- regarding static version.
-
-
-Fri Jun 16 11:16:44 EDT 1995 Paul Park (pjpark@mit.edu)
- * configure.in - Add shared library install target.
-
-
-Thu Jun 15 18:08:12 EDT 1995 Paul Park (pjpark@mit.edu)
- * Makefile.in - Add definitions for shared library build rules. Also,
- remove explicit "all" target at front so we do subdirectories
- first.
- * configure.in - Create symlinks for archive and shared library when
- we build them.
-
-Fri Jun 9 18:51:24 1995 <tytso@rsx-11.mit.edu>
-
- * configure.in: Remove standardized set of autoconf macros, which
- are now handled by CONFIG_RULES. Use DO_SUBDIRS to
- recurse down subdirectories.
-
-Fri May 26 20:12:37 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in, Makefile.in: Add support for building shared libraries.
-
-Sat Apr 22 10:58:49 1995 Ezra Peisach (epeisach@kangaroo.mit.edu)
-
- * configure.in: Add rule for make check to descend to subdirs
-
-Fri Apr 21 20:47:35 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * Makefile.in: Added the profile directory for the profile routines.
-
-Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: cleaned up for the PC
-
-Wed Mar 15 12:26:21 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: made so it recurses into the subdirs for the PC.
-
-Fri Nov 18 00:17:47 1994 Mark Eichin <eichin@cygnus.com>
-
- * configure.in: move WITH_CCOPTS, WITH_KRB5ROOT.
-
-Wed Nov 2 02:35:44 1994 Mark W. Eichin (eichin@paycheck.cygnus.com)
-
- * Makefile.in (libkrb5.a): done needs a trailing semicolon if it
- isn't followed by a newline, as does fi, with certain shells.
-
-Tue Nov 1 14:56:47 1994 (tytso@rsx-11)
-
- * Makefile.in: Change the way libupdate works so that we use
- libkrb5.stamp to determine whether or not $arcmd needs to
- be rerun.
-
- * Makefile.in:
- * configure.in: Change the way the library is built to use the
- libupdate script.
-
-Mon Oct 3 21:11:19 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * Makefile.in: make install obey $(DESTDIR)
-
-Thu Aug 4 03:42:31 1994 Tom Yu (tlyu@dragons-lair)
-
- * configure.in: oops look for install program
-
- * Makefile.in: make install fixes
-
diff --git a/src/lib/krb5/asn.1/ChangeLog b/src/lib/krb5/asn.1/ChangeLog
deleted file mode 100644
index cb01f9e4d6..0000000000
--- a/src/lib/krb5/asn.1/ChangeLog
+++ /dev/null
@@ -1,1297 +0,0 @@
-2006-04-02 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (DEFS): Make empty.
-
-2005-11-14 Jeffrey Altman <jaltman@mit.edu>
-
- * krb5_decode.c, krb5_encode.c: include k5-int.h instead of krb5.h
-
-2005-10-03 Tom Yu <tlyu@mit.edu>
-
- * asn1_get.c (asn1_get_tag_2): Patch from Zhihong Zhang to properly
- handle tag numbers >= 30.
-
-2005-03-04 Ken Raeburn <raeburn@mit.edu>
-
- * asn1_encode.c (asn1_encode_generaltime): If gmtime_r returns int
- instead of pointer, do the appropriate error checking.
-
-2004-12-28 Ezra Peisach <epeisach@mit.edu>
-
- * asn1_decode.c (asn1_decode_generaltime): Fix memory leak when
- time sent is "19700101000000Z".
-
-2004-08-31 Tom Yu <tlyu@mit.edu>
-
- * asn1buf.c: Fix denial-of-service bug.
-
- * asn1buf.c:
- * krb5_decode.c: Fix double-free vulnerabilities.
-
-2004-06-10 Ken Raeburn <raeburn@mit.edu>
-
- * asn1_encode.c (asn1_encode_generaltime): Fix memcpy argument to
- actually be a pointer.
- (asn1_encode_enumerated): Drop "const" from scalar argument type.
- * asn1_encode.h (asn1_encode_integer, asn1_encode_enumerated,
- asn1_encode_unsigned_integer, asn1_encode_octetstring,
- asn1_encode_charstring, asn1_encode_printablestring,
- asn1_encode_ia5string, asn1_encode_generaltime,
- asn1_encode_generalstring): Drop "const" from scalar argument
- types.
-
-2004-06-04 Ken Raeburn <raeburn@mit.edu>
-
- * asn1_encode.c (asn1_encode_generaltime): Use gmtime_r if
- available.
-
-2004-04-24 Ken Raeburn <raeburn@mit.edu>
-
- * asn1_decode.c (asn1_decode_generaltime): If the input string is
- the magic UNIX time zero, bypass all the arithmetic and return 0.
- * asn1_encode.c (asn1_encode_generaltime): If the input time
- value is the UNIX epoch, use a hardcoded string instead of doing
- the math.
-
-2003-10-08 Tom Yu <tlyu@mit.edu>
-
- * asn1_k_encode.c (asn1_encode_krb_saved_safe_body): New function;
- kludge to insert a raw pre-encoded KRB-SAFE-BODY.
-
- * asn1_k_encode.h (asn1_encode_krb_saved_safe_body): Add
- prototype.
-
- * krb5_decode.c (decode_krb5_safe_with_body): New function; saves
- a copy of the encoding of the KRB-SAFE-BODY to avoid problems
- caused by re-encoding it during verification.
-
- * krb5_encode.c (encode_krb5_safe_with_body): New function;
- re-encode a KRB-SAFE using a saved KRB-SAFE-BODY encoding, to
- avoid trouble with re-encoding a KRB-SAFE-BODY.
-
-2003-07-22 Sam Hartman <hartmans@avalanche-breakdown.mit.edu>
-
- * asn1_k_decode.c (asn1_decode_etype_info2_entry_1_3): Decoder for
- the broken 1.3 ASN.1 behavior for etype_info2; see bug 1681.
-
- * asn1_k_decode.h (asn1_decode_etype_info2): Add v1_3_behavior
- flag for parsing the broken 1.3 behavior of using an octetString
- instead of generalString
-
- * asn1_k_decode.c (asn1_decode_etype_info2_entry): Expect etype_info2 as generalstring not octetstring
-
-2003-07-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBNAME) [##WIN16##]: Don't define.
-
-2003-06-20 Sam Hartman <hartmans@mit.edu>
-
- * asn1_k_decode.h (asn1_decode_etype_info2): Prototype. Also
- deleted prototype for asn1_decode_etype_info_entry as that is not
- used outside asn1_k_decode.c
-
- * krb5_decode.c (decode_krb5_etype_info2): Call etype_info2 decoder
-
- * asn1_k_decode.c (asn1_decode_etype_info_entry): Split out
- etype_info2 and etype_info decoder so we ignore tag 2 in the
- heimdal encoder
- (asn1_decode_etype_info2): new function
-
-2003-05-23 Sam Hartman <hartmans@mit.edu>
-
- * asn1_k_decode.c (asn1_decode_etype_info_entry): Fix logic error
- that incorrectly set up s2kparams.data
-
-2003-05-20 Ezra Peisach <epeisach@bu.edu>
-
- * asn1_k_encode.c (asn1_encode_krb_safe_body): Use
- asn1_encode_unsigned_integer for sequence number.
-
- * asn1_k_decode.c (asn1_decode_krb_safe_body): Use
- asn1_decode_seqnum to decode sequence number.
-
-
-2003-05-18 Tom Yu <tlyu@mit.edu>
-
- * asn1_decode.c (asn1_decode_maybe_unsigned): New function; decode
- negative 32-bit numbers into positive unsigned numbers for the
- sake of backwards compatibility with old code.
-
- * asn1_decode.h: Add prototype for asn1_decode_maybe_unsigned.
-
- * asn1_k_decode.c (asn1_decode_seqnum): New function; wrapper
- around asn1_decode_maybe_unsigned.
-
- * asn1_k_decode.h: Add prototype for asn1_decode_seqnum.
-
- * krb5_decode.c (decode_krb5_authenticator)
- (decode_krb5_ap_rep_enc_part, decode_krb5_enc_priv_part): Sequence
- numbers are now unsigned. Use asn1_decode_seqnum to handle
- backwards compat with negative sequence numbers.
-
- * krb5_encode.c (encode_krb5_authenticator)
- (encode_krb5_ap_rep_enc_part, encode_krb5_enc_priv_part): Sequence
- numbers are now unsigned.
-
-2003-05-06 Sam Hartman <hartmans@mit.edu>
-
- * krb5_decode.c (decode_krb5_etype_info2): New function; currently
- the same code as decode_krb5_etype_info. This means that we can
- manage to accept s2kparams in etype_info which is wrong but
- probably harmless.
-
- * asn1_k_decode.c (asn1_decode_etype_info_entry): Add etype_info2
- support
-
- * asn1_k_encode.c (asn1_encode_etype_info_entry): Add support for
- etype-info2
-
- * krb5_encode.c (encode_krb5_etype_info2): New function
-
-2003-04-15 Sam Hartman <hartmans@mit.edu>
-
- * krb5_encode.c (encode_krb5_setpw_req): new function
-
-2003-04-13 Ezra Peisach <epeisach@mit.edu>
-
- * asn1_k_decode.c (asn1_decode_kdc_req_body): Fix memory leak if
- optional server field is lacking,
-
-2003-03-11 Ken Raeburn <raeburn@mit.edu>
-
- * asn1_get.c (asn1_get_tag): Deleted.
- (asn1_get_tag_2): Renamed from asn1_get_tag_indef, now uses a
- pointer to taginfo rather than a bunch of pointer args.
- (asn1_get_id, asn1_get_length): Folded into asn1_get_tag_2.
- (asn1_get_sequence): Call asn1_get_tag_2.
- * asn1_get.h (taginfo): New structure.
- (asn1_get_tag_indef, asn1_get_tag, asn1_get_id, asn1_get_length):
- Declarations deleted.
- (asn1_get_tag_2): Declare.
- * asn1_decode.c (setup): Declare only a taginfo variable.
- (asn1class, construction, tagnum, length): New macros.
- (tag): Call asn1_get_tag_2.
- * asn1_k_decode.c (next_tag, get_eoc, apptag, end_sequence_of,
- end_sequence_of_no_tagvars, asn1_decode_krb5_flags): Call
- asn1_get_tag_2; if no error, copy out values into scalar
- variables.
- (asn1_decode_ticket): Call asn1_get_tag_2.
- * asn1buf.c (asn1buf_skiptail): Call asn1_get_tag_2.
- * krb5_decode.c (check_apptag, next_tag, get_eoc): Call
- asn1_get_tag_2; if no error, copy out values into scalar
- variables.
- (decode_krb5_enc_kdc_rep_part): Call asn1_get_tag_2.
-
-2003-01-10 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag.
-
-2002-12-23 Ezra Peisach <epeisach@bu.edu>
-
- * asn1_k_decode.c (asn1_decode_sam_challenge_2_body): Add
- unused_var declaration to cleanup warnings. Signed/unsigned fix as
- well.
-
-2002-11-07 Ezra Peisach <epeisach@bu.edu>
-
- * asn1_k_encode.c (asn1_encode_sam_challenge_2): Test for error
- returned from asn1buf_insert_oxtetstring and cleanup strctures
- properly.
-
- * asn1_k_decode.c (asn1_decode_sam_challenge_2_body): Change
- sequence_of/end_sequence_of to use
- sequence_of_no_tagvars/end_sequence_of_no_tagravs to avoid
- shadowing variables.
-
-2002-11-07 Ezra Peisach <epeisach@bu.edu>
-
- * asn1_k_encode.c (add_optstring): Add optional string only if
- length > 0.
-
-2002-11-05 Tom Yu <tlyu@mit.edu>
-
- * asn1_encode.h (asn1_encode_oid):
- * asn1_encode.c (asn1_encode_oid): New function.
-
- * asn1_decode.h (asn1_decode_oid):
- * asn1_decode.c (asn1_decode_oid): New function.
-
-2002-10-30 Ken Hornstein <kenh@cmf.nrl.navy.mil>
-
- * KRB5-asn.py: Fix definition for sam-pk-for-sad element.
-
-2002-10-24 Ken Hornstein <kenh@cmf.nrl.navy.mil>
-
- * KRB5-asn.py, asn1_k_decode.c, asn1_k_decode.h, asn1_k_encode.c,
- asn1_k_encode.h, krb5_decode.c, krb5_encode.c: New functions,
- prototypes, and ASN.1 definitions for the new hardware
- preauthentication protocol.
-
-2002-07-02 Sam Hartman <hartmans@mit.edu>
-
- * asn1_encode.h: Document asn1_encode_enumerated
-
- * asn1_encode.c (asn1_encode_enumerated): New function; split out
- asn1_encode_integer's guts into asn1_encode_integer_interal and
- add this function to add different universal tag for enumerated
-
- * krbasn1.h (ASN1_ENUMERATED): enumerated is universal 10
-
-2002-10-07 Tom Yu <tlyu@mit.edu>
-
- * asn1_get.c (asn1_get_tag_indef): Stomp on asn1class,
- construction, retlen, and indef, even if we've hit the end of the
- buffer, to avoid passing uninitialized values around.
-
- * asn1_k_decode.c: Reformat somewhat and add comments to demystify
- things a little.
- (opt_field): Fix to explicitly check for end of subbuf before
- verifying the pre-fetched tag, which may have been stomped on by
- asn1_get_tag_indef() encountering end-of-buffer.
-
- * krb5_decode.c (opt_field, opt_lenfield): Fix to explicitly check
- for end of subbuf before verifying the pre-fetched tag, which may
- have been stomped on by asn1_get_tag_indef() encountering
- end-of-buffer.
-
-2002-09-02 Ken Raeburn <raeburn@mit.edu>
-
- * asn1_decode.c, asn1_encode.c, asn1_get.c, asn1_get.h,
- asn1_k_decode.c, asn1_k_encode.c, asn1_make.c, asn1_make.h,
- asn1buf,c. asn1buf.h, krb5_decode.c, krb5_encode.c: Use prototype
- style definitions for functions. Avoid variable name "class".
-
-2002-08-29 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-06-24 Tom Yu <tlyu@mit.edu>
-
- * asn1_encode.c (asn1_encode_generaltime): Remove call to
- unix_time_to_msl_time(), as it's Mac OS 9 specific and was missed
- in the previous change.
-
-2002-06-24 Alexandra Ellwood <lxs@mit.edu>
-
- * asn1_encode.c: Removed unused Mac OS 9 code
- [pullup from 1-2-2-branch]
-
-2000-06-24 Miro Jurisic <meeroh@mit.edu>
-
- * asn1_encode.c (asn1_encode_generaltime): Fixed the Mac code to
- use the correct epoch.
-
- * asn1_encode.c: Updated Utilities.h #include
-
- [pullups from 1-2-2-branch]
-
-2002-06-24 Tom Yu <tlyu@mit.edu>
-
- * asn1_get.c (asn1_get_length): Check for negative length.
- [pullup from 1-2-2-branch]
-
-2002-04-09 Ken Raeburn <raeburn@mit.edu>
-
- * asn1buf.c (asn1buf_remove_octetstring,
- asn1buf_remove_charstring): Fix bounds test for correctness in
- overflow cases.
-
-2001-10-09 Ken Raeburn <raeburn@mit.edu>
-
- * asn1_decode.c, asn1_decode.h, asn1_encode.h, asn1_get.h,
- asn1_k_decode.h, asn1_k_encode.h, asn1_make.h, asn1_misc.h,
- asn1buf.h: Make prototypes unconditional.
-
-2001-07-24 Ezra Peisach <epeisach@mit.edu>
-
- * asn1_k_encode.c: (asn1_encode_predicted_sam_response): Use
- asn1_encode_charstring() instead of asn1_decode_octetstring() for
- krb5_data. (signed vs. unsigned)
-
-2001-06-12 Ezra Peisach <epeisach@mit.edu>
-
- * asn1_k_decode.c (asn1_decode_predicted_sam_response): Use
- asn1_decode_charstring() instead of asn1_decode_octetstring() to
- decode krb5_data.
-
-2000-10-26 Tom Yu <tlyu@mit.edu>
-
- * asn1buf.c (asn1buf_sync): Add new arguments to include the full
- complement of data about a prefetched tag, as well as to indicate
- whether the prefetched tag or the surrounding sequence is of an
- indefinite length.
- (asn1buf_skiptail): Add new arguments to indicate whether the
- prefetched tag is indefinite, as well as its length. This
- facilitates proper skipping of trailing garbage.
- (asn1buf_remains): Add new argument to indicate whether the
- surrounding encoding is indefinite. Don't advance buf->next if an
- EOC encoding is detected; the caller will do that.
-
- * asn1buf.h: Update prototypes.
-
- * asn1_get.c (asn1_get_tag_indef): Don't treat EOC encoding as
- special anymore, since previous behavior was overloading the
- tag number in a bad way. Also, report a MISMATCH_INDEF error if
- the tag encoding is for the forbidden primitive constructed
- encoding.
-
- * asn1_k_decode.c (next_tag): Call get_tag_indef() in order to get
- information about whether the length is indefinite. Don't check
- the tag class and construction explicitly.
- (get_eoc): New macro to get a tag and check if it is an EOC
- encoding.
- (get_field, opt_field): Move the check for the tag class and
- construction to here.
- (get_field_body, get_lenfield_body): Call get_eoc() instead of
- next_tag() if we are decoding a constructed indefinite encoding.
- (begin_structure): Use a different variable to indicate whether
- the sequence is indefinite as opposed to whether an individual
- field is indefinite.
- (end_structure): Update to new calling convention of
- asn1buf_sync().
- (sequence_of): Rewrite significantly.
- (sequence_of_common): Move the bulk of previous sequence_of()
- macro to here. Does not declare some variables that sequence_of()
- declares.
- (sequence_of_no_tagvars): Similar to sequence_of() macro but
- declares different variables for the purpose of prefetching the
- final tag.
- (end_sequence_of_no_tagvars): Similar to end_sequence_of() macro
- but uses variables declared by the sequence_of_no_tagvars() macro
- to prefetch the final tag.
- (asn1_decode_principal_name): Update for new asn1buf_remains()
- calling convention. Call sequence_of_no_tagvars(), etc. instead
- of sequence_of(), etc. in order to not declare shadowing
- block-local variables.
- (decode_array_body): Update for new asn1buf_remains() calling
- convention.
- (asn1_decode_sequence_of_enctype): Update for new
- asn1buf_remains() calling convention.
-
- * krb5_decode.c (next_tag): Call get_tag_indef() in order to get
- information about whether the length is indefinite. Don't check
- the tag class and construction explicitly.
- (get_eoc): New macro to get a tag and check if it is an EOC
- encoding.
- (get_field, opt_field): Move the check for the tag class and
- construction to here.
- (get_field_body, get_lenfield_body): Call get_eoc() instead of
- next_tag() if we are decoding a constructed indefinite encoding.
- (begin_structure): Use a different variable to indicate whether
- the sequence is indefinite as opposed to whether an individual
- field is indefinite.
- (end_structure): Update to new calling convention of
- asn1buf_sync().
-
-2000-10-17 Ezra Peisach <epeisach@mit.edu>
-
- * asn1buf.h: Lengths are now unsigned int for
- asn1buf_ensure_space(), asn1buf_expand(), asn1buf_imbed(),
- asn1buf_sync(), asn1buf_insert_octetstring(),
- asn1buf_insert_charstring(), asn1_remove_octetstring(),
- asn1buf_remove_charstring(),
-
- * krb5_decode.c, krb5_encode.c: Length fields are unsigned ints.
-
- * asn1_make.c, asn1_make.h: Prototypes changed to use an unsigned
- int * in_len and retlen for: asn1_make_etag(), asn1_make_tag(),
- asn1_make_sequence(), asn1_make_set(), asn1_make_string(),
- asn1_make_length(), asn1_make_id().
-
- * asn1_k_encode.h, asn1_k_encode.c: Change length fields to
- unsigned ints for all functions.
- (asn1_encode_etype_info_entry): Test for KRB5_ETYPE_NO_SALT
- instead of -1.
-
- * asn1_k_decode.c (asn1_decode_etype_info_entry): Use a length of
- KRB5_ETYPE_NO_SALT to indicate the optional salt not being
- present. (instead of -1).
- (setup): Length is now unsigned int.
-
- * asn1_get.c, asn1_get.h: Change retlent to unsigned int * for
- asn1_get_tag(), asn1_get_tag_indef(), asn1_get_sequence,
- asn1_get_length().
-
- * asn1_encode.c, asn1_encode.h: Change retlen to unsigned int *
- for asn1_encode_integer(), asn1_encode_unsigned_integer(),
- asn1_encode_octetstring(), asn1_encode_charstring(),
- asn1_encode_printable_string(), asn1_encode_ia5string(),
- asn1_encode_generaltime(), asn1_encode_generalstring()
-
- * asn1_decode.c, asn1_decode.h: Change retlen to unsigned int *
- for asn1_decode_octetstring(), asn1_decode_generalstring(),
- asn1_decode_charstring(),
-
-2000-09-26 Tom Yu <tlyu@mit.edu>
-
- * asn1_get.c (asn1_get_tag_indef): Fix to not deref random garbage
- while checking for EOC encoding. At least the indefinite decoding
- breaks consistently now.
-
-2000-08-07 Ezra Peisach <epeisach@mit.edu>
-
- * asn1_k_decode.c (asn1_decode_last_req_entry): Decode the lr_type
- as an int32. Handle backwards compatibility if KRB5_GENEROUS_LR_TYPE
- is defined.
-
- * krbasn1.h: Define KRB5_GENEROUS_LR_TYPE for compatibility with
- one byte negative lr_types which are sent as a positive integer.
-
-2000-06-29 Tom Yu <tlyu@mit.edu>
-
- * asn1buf.h (asn1buf_insert_octet): Define using __inline__ rather
- than inline in order to shut up gcc -pedantic.
-
-2000-06-28 Ezra Peisach <epeisach@mit.edu>
-
- * asn1_get.c (asn1_get_tag): Remove unused variable.
-
-2000-02-06 Ken Raeburn <raeburn@mit.edu>
-
- Patches from Frank Cusack for helping in preauth replay
- detection and spec (passwd-04 draft) compliance.
- * asn1_k_decode.c (asn1_decode_enc_sam_response_enc): Update for
- field name change.
- (asn1_decode_predicted_sam_response): Handle new fields.
- * asn1_k_encode.c (asn1_encode_enc_sam_response_enc): Update for
- field name change.
- (asn1_encode_predicted_sam_response): Handle new fields.
-
-2000-02-01 Danilo Almeida <dalmeida@mit.edu>
-
- * krb5_decode.c (krb5_decode_ticket): Add function to provide
- decode_krb5_ticket functionality as part of krb5 API.
-
-1999-11-01 Tom Yu <tlyu@mit.edu>
-
- * krb5_decode.c (begin_structure): Update to deal with indefinite
- encodings better; also call asn1_get_sequence().
-
- * asn1_k_decode.c (sequence_of): Update to deal with indefinite
- encodings better.
- (begin_structure): Update to deal with indefinite encodings
- better; also call asn1_get_sequence().
-
- * asn1_get.h: Update prototypes for asn1_get_tag_indef(),
- asn1_get_tag(), asn1_get_sequence(), asn1_get_length().
-
- * asn1_get.c (asn1_get_tag_indef): New function; get tag info,
- lengths, etc. as well as flag indicating whether the length is
- indefinite.
- (asn1_get_tag): Modify to just call asn1_get_tag_indef().
- (asn1_get_sequence): Call asn1_get_tag_indef() in order to
- determine whether encoding is indefinite length.
- (asn1_get_length): Add "indef" arg to indicate whether an encoding
- has an indefinite length.
-
- * asn1buf.h: Update asn1buf_imbed() prototype.
-
- * asn1buf.c (asn1buf_imbed): Add "indef" arg so that we don't
- treat a definite zero-length encoding as an indefinite encoding.
-
-1999-10-26 Wilfredo Sanchez <tritan@mit.edu>
-
- * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
- LOCAL_INCLUDES such that one can override CFLAGS from the command
- line without losing CPP search patchs and defines. Some associated
- Makefile cleanup.
-
-1999-10-06 Ken Raeburn <raeburn@mit.edu>
-
- * asn1_decode.c (asn1_decode_integer): Initialize "n", to keep gcc
- happy.
-
-Sat Jul 10 10:21:40 1999 Tom Yu <chaoself@mit.edu>
-
- * asn1_decode.c (asn1_decode_integer): Fix to deal with overflows
- and negative integers.
- (asn1_decode_unsigned_integer): Fix to deal with overflows and to
- return errors on encountering negative integers.
-
-1999-07-06 Ken Raeburn <raeburn@mit.edu>
-
- * KRB5-asn.py (PA-SAM-RESPONSE): Fix syntax error -- comma
- separating sequence components doesn't belong buried in a
- comment.
-
-1999-07-03 Tom Yu <tlyu@mit.edu>
-
- * asn1buf.c (asn1buf_sync): Add length parameter to disambiguate
- constructed-indefinite encoding from constructed-definite encoding
- which happens to end at the same place as the enclosing buf.
-
- * asn1buf.h: Update to match definition.
-
- * krb5_decode.c (end_structure): Update to deal with additional
- length parameter to asn1buf_sync().
-
- * asn1_k_decode.c (end_sequence_of, end_structure): Update to deal
- with additional length parameter to asn1buf_sync().
-
- * asn1buf.h: New prototpyes for asn1buf_sync() and
- asn1buf_skiptail().
-
- * asn1buf.c (asn1buf_sync): Fix to deal with
- constructed-indefinite encodings with trailing fields. As a
- result, this requires that the most recently read tag number be
- passed in.
- (asn1buf_skiptail): New helper function to skip trailing fields in
- a constructed-indefinite encoding.
-
- * krb5_decode.c (end_structure): Hack to deal with changed
- asn1buf_sync().
-
- * asn1_k_decode.c (end_structure, end_sequence_of): Hack to deal
- with changed asn1buf_sync().
-
-1999-06-30 Tom Yu <tlyu@mit.edu>
-
- * asn1buf.c (asn1buf_sync): Interim fix for DCE compat problem
- with indefinite length encodings.
-
-1999-06-15 Tom Yu <tlyu@mit.edu>
-
- * asn1_encode.c (asn1_encode_generaltime): Fix minor bug in
- bounds-checking for tm_year: 1900 + 8099 = 9999.
-
-Mon May 10 15:23:51 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Do win32 build in subdir.
-
-1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Set the myfulldir and mydir variables (which are
- relative to buildtop and thisconfigdir, respectively.)
-
-Thu Dec 3 19:41:06 1998 Tom Yu <tlyu@mit.edu>
-
-
- * asn1_k_decode.c (asn1_decode_krb5_flags): Fix previous to
- properly left-justify bit strings less than 32 bits.
-
- * asn1_k_decode.c (asn1_decode_krb5_flags): Modify to deal with
- BIT STRING values that are not exactly 32 bits. Throw away bits
- beyond number 31 in a bit string for now. Deal with masking out
- unused bits.
-
-1998-10-27 Marc Horowitz <marc@mit.edu>
-
- * asn1buf.c (asn1buf_sync): interoperation testing against heimdal
- revealed a bug. if extra fields are present in a SEQUENCE, they
- are not ignored and skipped. This caused the decoder to get out
- of sync.
-
-Thu Jul 2 15:30:25 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * asn1_encode.c: Make the magic Macintosh EPOCH offset be 70 years
- instead of 66 years, since CodeWarrior Pro 2 now bases
- everything off of 1900.
-
-Thu Apr 16 17:01:27 1998 Tom Yu <tlyu@mit.edu>
-
- * asn1_encode.c (asn1_encode_generaltime): Sanity check the return
- from gmtime() to avoid overruns.
-
-Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Changed thisconfigdir to point at the lib/krb5
- directory, since we've moved the configure.in tests in
- this directory to the toplevel lib/krb5 configure.in
-
-Wed Feb 18 16:18:46 1998 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Remove trailing slash from thisconfigdir. Fix up
- BUILDTOP for new conventions.
-
-Fri Feb 13 22:32:06 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * asn1buf.h (asn1buf_insert_octet): Use static inline function to
- define asn1_insert_octet, since the GCC specific hack
- we're using doesn't work on GCC compilers that also have
- Objective C enabled.
-
- * asn1buf.c: define ASN1BUF_OMIT_INLINE_FUNCS before including
- asn1buf.h, since we don't want inline functions declared
- when we're defining the linkable version of the functions.
-
-Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
-Fri Jan 2 21:18:30 1998 Tom Yu <tlyu@mit.edu>
-
- * asn1buf.c (asn12krb5_buf): Check return value of
- malloc. [krb5-libs/518]
-
-Tue Sep 30 19:03:34 1997 Tom Yu <tlyu@mit.edu>
-
- * krbasn1.h: Replace HAS_STDLIB_H with something more sane.
-
-Thu Jul 31 15:38:10 1997 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * asn1buf.h (asn1buf_remove_octet, asn1buf_size, asn1buf_free,
- asn1buf_ensure_space, asn1buf_len): Add macro versions.
- (asn1buf_insert_octet) [__GNUC__ >= 2]: Ditto, using a GNU C
- extension.
- * asn1buf.c (asn1buf_remove_octet, asn1buf_size, asn1buf_free,
- asn1buf_ensure_space, asn1buf_len, asn1buf_insert_octet): Undef
- macros before defining as functions.
- [Kerbnet changes made by raeburn@cygnus.com]
-
-Thu Jul 31 12:34:43 1997 Ezra Peisach <epeisach@mit.edu>
-
- * asn1buf.h (asn1buf_expand): Remove "const" from int arg in
- prototype.
-
- * asn1buf.c (asn1buf_remove_charstring, asn1buf_create,
- asn1buf_remove_octetstring, asn12krb5_buf): Call malloc instead of
- calloc.
- (asn1buf_unparse, asn1buf_hex_unparse): Ditto. Also don't
- allocate extra byte, since sizeof(STRING) does count the trailing
- null.
- (asn1buf_expand): Adjust bound based on increment
- value used, not value specified by caller.
-
- [Kerbnet changes made by raeburn@cygnus.com]
-
-Thu Jul 31 11:17:06 1997 Ezra Peisach <epeisach@mit.edu>
-
- * Makefile.in (SRCS): Add / after $(srcdir) in SRCS line.
-
-Sat Feb 22 22:13:35 1997 Richard Basch <basch@lehman.com>
-
- * Makefile.in: Use some of the new library list build rules in
- win-post.in
-
-Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com>
-
- * Makefile.in: win32 build
-
-Thu Jan 2 16:56:10 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in:
- * configure.in: Update to new library build procedure.
-
-Thu Nov 14 20:57:55 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * asn1_k_encode.c (asn1_encode_principal_name): Be liberal about
- accepting a principal with a zero-length component where
- the data pointer is NULL. After all,
- asn1_decode_principal_name generates them that way! [PR#188]
- (asn1_encode_encrypted_data):
- (asn1_encode_krb5_authdata_elt):
- (asn1_encode_encryption_key):
- (asn1_encode_checksum):
- (asn1_encode_realm): If the length is zero, allow the data
- field to be NULL.
-
-Thu Jun 27 10:31:34 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * asn1buf.c (asn12krb5_buf): Initialize magic fields of structure.
- (asn1buf_expand): If pre-allocating memory for future use, store
- proper end of buffer.
-
-Wed Jun 12 14:25:11 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * asn1_k_encode.h, asn1_k_decode.h: Add prototypes for the SAM
- encoding and decoding functions, which are necessary for
- the Win32 port (and a good idea in general).
-
-Wed Jun 5 15:37:50 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * asn1_k_decode.c (asn1_decode_enc_kdc_rep_part): If starttime is
- not sent over the wire, set equal to authtime.
-
-Thu May 2 21:59:23 1996 Mark Eichin <eichin@cygnus.com>
-
- * krb5_decode.c (decode_krb5_enc_tkt_part): use tagnum correctly
- to handle optional starttime (previous code *always* replaced
- starttime with authtime.)
-
-Tue Apr 9 22:51:36 1996 Mark Eichin <eichin@cygnus.com>
-
- * krb5_decode.c (decode_krb5_sam_challenge,
- decode_krb5_enc_sam_key, decode_krb5_enc_sam_response_enc,
- decode_krb5_sam_response, decode_krb5_predicted_sam_response):
- Change to new indirect interface.
-
- * asn1_k_decode.c (opt_encfield): macro for handling optional
- encrypted_data fields (see asn1_decode_kdc_req_body for original
- version.)
- (asn1_decode_sam_response): use opt_encfield, since we're making
- sam_enc_key optional (as it is reserved for future use.)
- * asn1_k_encode.c (asn1_encode_sam_response): check sam_enc_key
- for content before adding it.
- * KRB5-asn.py: note sam-enc-key as OPTIONAL regardless of future
- plans.
-
-Wed Mar 20 22:43:17 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * asn1_k_decode.c: Decode pa_type in the krb5_pa_data structure as
- a krb5_int32, since it is now type krb5_preauthtype.
- (asn1_decode_etype_info_entry): Decode etype in the
- krb5_etype_info_entry as krb5_enctype.
-
- * krb5_decode.c (decode_krb5_pa_enc_ts): Fix 16 bit vs. 32bit
- error in the encoded timestamp structure.
-
-Wed Mar 13 12:52:32 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * krb5_decode.c (decode_krb5_ticket, decode_krb5_enc_tkt_part,
- decode_krb5_authenticator, decode_krb5_error,
- decode_krb5_ap_req, decode_krb5_ap_rep,
- decode_krb5_ap_rep_enc_part, decode_krb5_safe,
- decode_krb5_priv, decode_krb5_enc_priv_part,
- decode_krb5_cred, decode_krb5_enc_part): Add magic values.
-
- * asn1_k_decode.c (asn1_decode_passwdsequence): Set magic values
- in structures.
- (asn1_decode_kdc_req_body): Set magic in
- authorization_data if not sent OTW.
-
-Tue Feb 27 19:23:55 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * krb5_decode.c (decode_krb5_enc_tkt_part): If starttime is not
- set, then use authtime as a default. (This fixes the bug
- where if you try to immediately use a TGT to get a ticket,
- you get a time skew error.)
-
-Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Folded in danw's changes to allow
- building Makefiles for the Macintosh. We now can build
- MPW makefiles which are interpreted by CodeWarrior.
-
-Wed Nov 8 20:00:13 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * asn1_k_decode.c (asn1_decode_etype_info_entry): If the optional
- salt element is not present, set etype.length to -1.
-
- * asn1_k_encode.c (asn1_encode_etype_info_entry): When encoding
- the etype_info_entry structure, use length == -1 to mean
- that the optional salt structure should not be sent. (It
- used to be if length == -1.)
-
-Tue Oct 31 20:06:49 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * krb5_decode.c (decode_krb5_pa_enc_ts, decode_krb5_enc_data):
- Added new functions.
-
- * krb5_encode.c (encode_krb5_pa_enc_ts, encode_krb5_enc_data):
- Added new functions.
-
- * KRB5-asn.py (PA-ENC-TS-ENC): Added new definition for the
- krb5_pa_enc_ts structure.
-
-Fri Oct 6 22:03:01 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Remove ##DOS!include of config/windows.in.
- config/windows.in is now included by wconfig.
-
-Thu Sep 28 23:35:06 1995 Mark W. Eichin <eichin@cygnus.com>
-
- * krb5_encode.c (krb5_cleanup): If asn1buf_destroy fails, don't
- call it again. (Not that it can ever fail anyhow.)
-
-Tue Sep 26 19:59:56 1995 <tytso@rsts-11.mit.edu>
-
- * krb5_decode.c: Systematic rework of all the cleanup code to make
- the generated object file subtatially (40% on the i386
- platform) smaller. The cleanup is now handled with a
- "goto error_out" statement, which prevents the cleanup
- statements from being replicated many, many, many times
- throughout the entire file.
-
-Mon Sep 25 16:56:13 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
- Makefile.
-
-Fri Sep 22 22:27:33 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * asn1_k_decode.c (asn1_decode_etype_info_entry):
- * krb5_decode.c (decode_krb5_alt_method): Remove the (int) cast,
- since you can't take address of a value which has been
- casted. Instead we change the underlying type in the
- structure to be an int.
-
-Wed Sep 13 10:51:31 1995 Keith Vetter (keithv@fusion.com)
-
- * asn1_k_decode.c, asn1_k_encode.c, krb5_dec.c, krb5_enc.c: 32
- bit word being passed as an int.
-
-Wed Sep 20 11:50:35 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * krb5_decode.c (setup_buf_only): Declare cleanup routine as
- void and propogate through file.
-
-Mon Sep 18 14:17:15 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * asn1_encode.c (asn1_encode_generaltime): Don't modify a const
- input variable val; copy it to a scratch variable and
- modify that.
-
-Wed Sep 13 19:53:30 1995 Mark Eichin <eichin@cygnus.com>
-
- * krb5_decode.c (clean_krb5_authenticator, clean_krb5_ticket,
- clean_krb5_enc_tkt_part,clean_krb5_ap_req,
- clean_krb5_ap_rep_enc_part, clean_krb5_safe,
- clean_krb5_priv_enc_part, clean_krb5_cred_enc_part,
- clean_krb5_error): new static functions to free objects that may
- be partially constructed.
- (setup_buf_only, setup_no_tagnum, setup_no_length, setup): define
- in terms of each other to remove duplication, then add local
- variable error_cleanup to common declarations.
- (clean_return): new macro, uses error_cleanup on rep if possible
- and the allows the argument to be returned.
- (alloc_field, check_apptag, next_tag, begin_structure,
- get_field_body, get_field, get_lenfield_body, get_lenfield): use
- clean_return.
- (free_field): new macro to simplify the writing of clean_*.
- (clear_field): macro to clean up preparation of fields for later
- use by clean_* functions.
- (decode_krb5_authenticator, decode_krb5_ticket,
- decode_krb5_encryption_key, decode_krb5_enc_tkt_part,
- decode_krb5_enc_kdc_rep_part, decode_krb5_as_rep,
- decode_krb5_tgs_rep, decode_krb5_ap_req, decode_krb5_ap_rep,
- decode_krb5_ap_rep_enc_part, decode_krb5_as_req,
- decode_krb5_tgs_req, decode_krb5_kdc_req_body, decode_krb5_safe,
- decode_krb5_priv, decode_krb5_enc_priv_part, decode_krb5_cred,
- decode_krb5_enc_cred_part, decode_krb5_error,
- decode_krb5_authdata, decode_krb5_pwd_sequence,
- decode_krb5_pwd_data, decode_krb5_padata_sequence,
- decode_krb5_alt_method, decode_krb5_etype_info): change setup
- macro to pass a cleanup method (or just free if there were no
- partial allocations, or 0 for the two cases with no allocation at
- all.) Also explicitly zero pointer subfields, since calloc is not
- a safe way to assure that. Generally, provide for automatic
- deallocation of storage on error.
-
-Sun Sep 10 12:00:00 1995 <mattly@fusion.com>
-
- * asn1_encode.c: Removed use of localtime for encoding of generaltime.
-
-Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu)
-
- * asn1_k_decode.c, asn1_k_decode.h, asn1_k_encode.c, asn1_k_encode.h,
- * krb5_decode.c, krb5_encode.c: s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g
-
-Wed Sept 6 12:00:00 1995 <mattly@fusion.com>
-
- * asn1_encode.c: added EPOCH to account for macintosh time keeping
- differences in asn1_encode_generaltime.
-
- * asn1buf.c: removed some debugging cruft.
-
-Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu)
-
- * asn1_k_decode.c, asn1_k_decode.h, asn1_k_encode.c, asn1_k_encode.h
- * krb5_decode.c : Remove krb5_enctype references, and replace with
- krb5_keytype where appropriate
-
-Mon Aug 28 12:54:05 1995 <tytso@rsts-11.mit.edu>
-
- * krb5_decode.c (decode_krb5_alt_method,
- decode_krb5_etype_info): New functions for
- decoding some new data structures.
-
- * krb5_encode.c (encode_krb5_alt_method, encode_krb5_etype_info):
- New functions for encoding some new data structures.
-
- * asn1_k_decode.c (asn1_decode_etype_info_entry,
- asn1_decode_etype_info): Added new functions to decode
- some new data structures.
-
- * asn1_k_encode.c (asn1_encode_etype_info_entry,
- asn1_encode_etype_info): Added new functions to encode
- some new data structures.
-
-Fri Aug 25 21:43:42 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * krb5_encode.c (encode_krb5_padata_sequence): New function which
- encodes a sequence of pa_data elements
-
- * krb5_decode.c (decode_krb5_padata_sequence): New function which
- decodes a sequence of pa_data elements.
-
- * asn1_k_encode.c (asn1_encode_sequence_of_pa_data): Make it
- possible to encode sequence of zero pa_data elements.
-
- * asn1_k_decode.c (decode_array_body): Make it possible to decode
- SEQUENCE OF encodinges of zero items (which is legal
- according to ASN.1)
-
-Sat Jun 17 00:00:33 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * asn1_get.c (asn1_get_tag): Added change to allow for
- ASN.1 indefinite encoding; needed for DCE compatibility.
-
-Fri Jun 9 19:34:05 1995 <tytso@rsx-11.mit.edu>
-
- * configure.in: Remove standardized set of autoconf macros, which
- are now handled by CONFIG_RULES.
-
-Fri May 26 20:19:15 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in, Makefile.in: Add support for building shared libraries.
-
-Tue May 23 16:22:57 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * asn1_decode.c: Rearrange #include files so that krb5.h gets
- included first, so that the debugging information can be
- more efficiently collapsed since the type numbers will be
- the same.
-
- * asn1_encode.h: Rearrange the #include files so that the type
- numbers are the same.
-
-Thu Apr 13 20:13:38 1995 Keith Vetter (keithv@fusion.com)
-
- * asn1_k_decode.c: fixed up 'unreferenced local variable' problems.
-
-Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com)
-
- * *.[ch]: removed unneeded INTERFACE from non-api functions.
-
-Wed Mar 22 09:39:55 1995 <tytso@rsx-11.mit.edu>
-
- * asn1_k_decode.c (setup, next_tag, apptag, get_field_body,
- get_lenfield_body, asn1_decode_ticket): Use the
- taglength to determine whether or not the indefinite
- encoding was used, and if so skip over the termination
- flag bytes in the ASN.1 stream.
-
- * asn1buf.c (asn1buf_imbed, asn1buf_remains): Make changes to
- allow for indefinite encodings. asn1buf_remains() is now
- only used for decoding structures and arrays (i.e., asn.1
- constructs which terminate indefinite encodings with two
- zero octets.
-
- [ Note these fixes to support indefinite encoding
- aren't terribly clean; some invalid encodings may
- be accepted when they should not be. This should be
- looked at in more detail later.]
-
- * asn1_get.c (asn1_get_tag): Inline original asn1buf_remains()
- code, since asn1_get_tag doesn't use asn1buf_remains in
- the context of a structure or an array.
-
-Sat Mar 25 14:12:31 1995 Tom Yu (tlyu@dragons-lair)
-
- * asn1_decode.c: move declaration of gmt_mktime() outside of
- asn1_decode_generaltime() so that compilers like Ultrix cc that
- don't support prototypes within function bodies don't break
-
-Fri Mar 17 19:05:22 1995 John Gilmore (gnu at toad.com)
-
- * Makefile.in: Remove redundant definitions from config/pre.in
- (clean-mac): Add.
- * asn1_misc.c: Avoid <malloc.h> and <memory.h> includes, for Mac.
- (asn1_krb5_realm_copy): Use malloc, not calloc, since we're
- about to clobber the storage anyway.
- * configure.in (WITH_KRB5ROOT): Remove, not needed.
- * krbasn1.h: Document that <limits.h> is needed for INT_MAX.
-
-Fri Mar 10 15:39:24 1995 Theodore Y. Ts'o (tytso@kenmore)
-
- * asn1buf.c. asn1buf.h (asn1buf_insert_octet): Make the second
- argument of asn1buf_insert_octet be an int, instead of
- asn1_octet. ANSI C narrow types screws us again....
-
-Tue Mar 7 21:40:18 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: changed library name for the PC.
-
-Wed Mar 1 18:00:00 1995 Keith Vetter (keithv@fusion.com)
-
- * asn1_decode.c, asn1_encode.c, ans1_k_encode.c, asn1_misc.c: 16 vs
- 32 bit casts.
- * asn1_k_encode.h: added missing INTERFACE to a prototype
-
-Tue Feb 28 00:32:48 1995 John Gilmore (gnu at toad.com)
-
- * asn1_decode.h, asn1_encode.h, asn1_get.h, asn1_k_decode.h,
- asn1_k_encode.h, asn1_make.h asn1_misc.h, asn1_buf.h, glue2.c,
- krb5_decode.c, krb5_encode.c, krbasn1.h: Avoid <krb5/...> includes.
-
-Tue Feb 21 12:00:00 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: made to work for the PC
- * *.c, *.h: added windows INTERFACE keyword to all functions
-
-Tue Feb 21 20:11:30 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * asn1_k_decode.h(asn1_decode_kvno, asn1_decode_krb_safe_body):
- Removed duplicate declarations.
-
- * asn1_k_decode.h(asn1_decode_passwdsequence,
- asn1_decode_sequence_of_passwdsequence): Added missing
- declarations.
-
-Thu Feb 16 19:29:59 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * asn1_k_encode.h(asn1_encode_enc_kdc_rep_part): Remove duplicate
- declaration of asn1_encode_enc_kdc_rep_part.
-
-Fri Feb 10 15:30:45 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * asn1_k_encode.c: Remove #include of krb5_encode.h (it's not
- needed).
-
- * krb5_encode.h:
- * krb5_decode.h: These files removed; their contents have been
- poured into include/krb5/asn1.h.
-
- * Makefile.isode.in: Removed.
-
- * process.perl: Removed (isode cruft).
-
- * Makefile.sane.in: Removed; contents moved to Makefile.in
-
- * configure.in:
- * Makefile.in: Removed isode croft. (Makefile.in was
- Makefile.sane.in)
-
-Fri Feb 3 01:02:43 1995 John Gilmore <gnu@cygnus.com>
-
- * asn1_decode_k.c => asn1_k_decode.c
- * asn1_decode_k.h => asn1_k_decode.h
- * asn1_encode_k.c => asn1_k_encode.c
- * asn1_encode_k.h => asn1_k_encode.h
- * Makefile.sane.in, krb5_decode.c, krb5_encode.c,
- asn1_k_encode.c, asn1_k_decode.c: updated to match.
-
-Fri Nov 18 16:24:35 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * krb5_decode.c (decode_krb5_encryption_key): Add magic number to
- keyblock structure.
-
-Thu Nov 10 21:51:55 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * asn1_decode_k.c (asn1_decode_principal_name,
- asn1_decode_checksum, asn1_decode_encrypted_data,
- asn1_decode_transited_encoding,
- asn1_decode_enc_kdc_rep_part, asn1_decode_ticket,
- asn1_decode_kdc_req, asn1_decode_kdc_req_body,
- asn1_decode_safe_body, asn1_decode_host_address,
- asn1_decode_kdc_rep, asn1_decode_authdata_elt,
- asn1_decode_krb_cred_info, asn1_decode_pa_data,
- asn1_decode_last_req_entry): Initialize magic number field
- in the relevant structures.
-
- * asn1_decode_k.c (asn1_decode_encryption_key): Add appropriate
- magic number and encryption type.
-
-Wed Nov 2 23:10:36 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in: Add WITH_CPPOPTS since we're not using
- CONFIG_RULES (yet).
-
-Thu Oct 27 22:32:13 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * Makefile.sane.in: Remove duplicate definitions for DEFS, CC,
- CCOPTS, and LIBS. (now defined in config/pre.in).
-
-Wed Oct 19 10:51:16 1994 Theodore Y. Ts'o (tytso@maytag)
-
- * err2kerr.c (KRB5_KRB__ERROR2krb5_error): The e_data field
- wasn't being decoded when it should have been.
-
- * qbuf2data.c (qbuf2krb5_data): Set magic number field to zero.
-
- * asn1_decode_k.c (asn1_decode_kdc_req_body): If the authorization
- field is not present, fill in the authorization data
- fields with all zeros. Don't set kvno (that's *key*
- version number, not *Kerberos* version number) to 5.
-
-Tue Oct 18 23:07:20 1994 Theodore Y. Ts'o (tytso@maytag)
-
- * tgrq2ktgrq.c (KRB5_KDC__REQ__BODY2krb5_kdc_req): Allow the
- service principal to be optional.
-
- * ktgrq2tgrq.c (krb5_kdc_req2KRB5_KDC__REQ__BODY): Allow the
- server principal to be optional.
-
-Fri Oct 7 15:05:35 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * Makefile.isode.in: Add -DKRB5_USE_ISODE so that include files
- are right.
-
-Tue Oct 4 16:13:45 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * asn1_decode_k.c (asn1_decode_kerberos_time): Don't assume that
- krb5_timestamp and time_t are the same.
-
-Thu Sep 29 14:26:34 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * asn1buf.c (asn1buf_remove_octetstring, asn1buf_remove_charstring):
- If the length is zero, don't call calloc(0,1); instead
- return a NULL pointer. This way, we get consistent
- behavior even on systems where malloc(0) returns a
- non-null pointer.
-
-Tue Sep 27 23:31:50 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * krb5_encode.c (encode_krb5_enc_kdc_rep_part): = should have been
- == in commented-out code. Get it right for the future...
-
-Wed Sep 21 00:18:12 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * krb5_decode.c (decode_krb5_authdata): Initialize variable where
- the authdata is returned to NULL first. (Caller shouldn't
- have to do this.)
-
- * asn1_decode.c (asn1_decode_generaltime): Plug memory leak caused
- by not freeing temporary string.
-
-Wed Aug 17 16:07:06 1994 Theodore Y. Ts'o (tytso at tsx-11)
-
- * krb5_encode.c (encode_krb5_enc_kdc_rep_part): Older versions of
- the Kerberos are always sending the enc_kdc_rep_part structure
- with an application tag of #26, instead of using the application
- tag of #25 (AS REP) or #26 (AS REP) as necessary. Worse yet, they
- will only accept a tag of #26, so we need to follow this for
- backwards compatibility. #defining KRB5_ENCKRB5KDCREPPART_COMPAT
- will preserve this wrong (but compatible) behavior.
-
- * krb5_decode.c (decode_krb5_enc_kdc_rep_part): Record the tag
- value of the ASN.1 sequence in the rkb5_enc_kdc_rep structure.
- Allow both tag #25 and #26 (although old software was always
- sending tag #26).
-
- * krb5_decode.c (decode_krb5_as_rep, decode_krb5_tgs_rep,
- decode_krb5_ap_req, decode_krb5_ap_rep, decode_krb5_as_req,
- decode_krb5_tgs_req, decode_krb5_safe, decode_krb5_priv,
- decode_krb5_cred, decode_krb5_error): Only check the ASN.1 message
- type if KRB5_MSGTYPE_STRICT is defined. "Be strict in what you
- send out, liberal in what you receive..."
-
- * asn1_decode_k.c (asn1_decode_msgtype): Stop checking the
- validity of the message type here. Each routine that calls
- asn1_decode_msgtype is checking the message type anyway, so it's
- just duplicated effort.
-
-Sat Aug 13 03:40:16 1994 Mark Eichin (eichin@perdiem)
-
- * krbasn1.h: include stdlib.h for calloc declaration (if we can)
-
-Thu Aug 11 00:38:10 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * asn1_encode_k.c (asn1_encode_kdc_req): Add extra argument which
- specifies the msg_type of the encoding; don't use req->msg_type
- which is generally not set right. (That output is only as a place
- to stash the msg_type from decode). All callers updated.
-
- * asn1_encode_k.c (asn1_encode_kdc_rep): Add extra argument which
- specifies the msg_type of the encoding; don't use rep->msg_type
- which is generally not set right. (That output is only as a place
- to stash the msg_type from decode). All callers updated.
-
- * asn1_encode_k.c (asn1_encode_msgtype): Routine removed. Not
- really necessary, since a msg_type is really just an integer.
-
-
-Thu Aug 4 13:19:14 1994 Tom Yu (tlyu@dragons-lair)
-
- * asn1_decode_k.c (asn1_decode_sequence_of_enctype): fix typo
-
-Tue Aug 2 07:22:57 1994 Tom Yu (tlyu@dragons-lair)
-
- * asn1_decode_k.c (asn1_decode_sequence_of_enctype): more fixing
- of realloc(NULL) returning NULL
-
-Sat Jul 23 08:48:18 1994 Tom Yu (tlyu@dragons-lair)
-
- * asn1buf.h: include ext-proto.h now to avoid type warnings
-
-Sat Jul 16 00:19:18 1994 Tom Yu (tlyu at dragons-lair)
-
- * asn1_encode_k.c (asn1_encode_transited_encoding): whoops don't
- bomb if val->tr_contents.dlength == 0
-
- * asn1_decode_k.c (asn1_decode_encrypted_data): oops looks like
- Harry made a brain fart here.... default value for kvno was 5, not
- 0.
-
-Thu Jul 14 11:37:59 1994 Theodore Y. Ts'o (tytso at tsx-11)
-
- * asn1_*.[ch]:
- * krb5_*.[ch]: Add MIT Copyright notices.
-
-Thu Jul 14 01:26:22 1994 Tom Yu (tlyu at dragons-lair)
-
- * asn1_encode_k.c (asn1_encode_pa_data): oops still check NULL if
- length != 0
-
-Sat Jul 9 00:26:48 1994 Tom Yu (tlyu at dragons-lair)
-
- * asn1_encode_k.c (asn1_encode_pa_data): the contents field of a
- krb5_pa_data structure can be NULL (e.g.
- salt_type==KRB5_KDB_SALTTYPE_V4), and the encoder was treating
- this as a missing required field
-
-Fri Jul 8 17:32:29 1994 Tom Yu (tlyu at dragons-lair)
-
- * asn1_decode_k.c: yet another instance of the SunOS realloc bug
-
- * asn1buf.c: whee SunOS realloc of a NULL pointer returns NULL.
- sigh.
-
-Wed Jul 6 13:21:35 1994 Mark Eichin (eichin@cygnus.com)
-
- * an1buf.c: Harry saves vs. Unix again. Making sure that anything
- that can call calloc with a zero argument won't return ENOMEM if
- calloc retuns NULL in this case. This was prompted by breakage
- under linux.
-
- * asn1_encode.c (asn1_encode_generaltime): don't use strftime on
- the output of gmtime -- under Solaris, it mutates it! (seems to be
- doing a timezone offset.) Besides, sprintf is quite sufficient.
- Also rename local variable time to gtime to avoid name collision.
- (asn1_decode_generaltime): the fixed-point method below doesn't
- actually work because it doesn't handle the current timezone
- offset. Simpler, and more general -- always call gmt_mktime, which
- is now provided in lib/krb5/os/gmt_mktime.c.
-
-Sun Jul 3 04:43:42 1994 Tom Yu (tlyu at dragons-lair)
-
- * asn1_encode_k.h:
- * asn1buf.c:
- * krbasn1.h: punt stdlib.h in favor of stdio.h. It looks like
- Harry was assuming that NULL gets defined in stdlib instead of
- stdio
-
-Fri Jul 1 13:03:39 1994 Mark Eichin (eichin@cygnus.com)
-
- * asn1_encode_k.c (asn1_encode_msgtype): comment out krb5_msgtype
- decl of val arg, use int (to match prototype in header.) Throw out
- OLDDECLARG, DECLARG, and use old-style definition to match style
- of the rest of the code.
- (asn1_encode_ui_4): comment out krb5_ui_4 decl of val arg, use int
- (to match prototype in header.) Also rewrote definition header.
-
- * asn1_decode.c (asn1_decode_generaltime): tm_gmtoff is *not* in
- System V either. The only portable way to find the delta is to
- subtract gmtime from localtime at a fixed point (epoch+24hours is
- an easy way to simplify the arithmetic.)
- HAVE_GMTOFF: might someday be defined, but for now merely labels
- what the code original did/was intended to do.
-
- * configure.in: redo "autoconf frobbage" since the old way didn't
- work with srcdir. Now, AC_OUTPUT generates all three Makefiles,
- and ISODEMAKEFILE is subst'ed in to be either Makefile.isode or
- Makefile.sane. EXTRA_RULES_IN is used to append the extra stuff to
- the end of the "real" one of the two.
- * configure.in: krb5_encode.h and krb5_encode.h are source, not
- generated, so use CopySrcHeader instead.
-
-
-Tue Jun 28 19:57:28 1994 Tom Yu (tlyu at dragons-lair)
-
- * configure.in:
- * Makefile.in: autoconf frobbage
-
diff --git a/src/lib/krb5/ccache/ChangeLog b/src/lib/krb5/ccache/ChangeLog
deleted file mode 100644
index 0c3c48aebd..0000000000
--- a/src/lib/krb5/ccache/ChangeLog
+++ /dev/null
@@ -1,1075 +0,0 @@
-2006-04-02 Ken Raeburn <raeburn@mit.edu>
-
- * t_cc.c: Include autoconf.h.
-
- * Makefile.in (DEFS): Make empty.
-
-2005-12-02 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: increase the size of the PurgeRequest
-
-2005-10-27 Jeffrey Altman <jaltman@mit.edu>
- * ccdefault.c:
- (krb5int_cc_default) - add KFW support for multiple ccaches
-
-2005-10-20 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c:
- - provide defaults for client and server names in purge
- ticket routines
- - properly size the buffers used to store the names.
-
-2005-06-15 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (dereference): Fix test is list-walking loop.
-
-2005-04-13 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define.
-
-2005-01-13 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (struct _krb5_fcc_data): Fields disk_file_lock,
- file_is_locked deleted.
- (krb5_fcc_open_file, krb5_fcc_close_file, dereference,
- krb5_fcc_resolve, krb5_fcc_generate_new, krb5_fcc_set_flags):
- Don't set or check them.
-
-2005-01-11 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c:
- - do not free krb5_creds if krb5_copy_creds fails
- - cause MSTicketToMITTicket to return failure if
- krb5_copy_data fails
-
-2004-12-25 Ezra Peisach <epeisach@mit.edu>
-
- * cc_file.c (krb5_fcc_close): Free the cache id.
- (dereference): When removing fcc_set entry from list, free the
- pointer as well.
-
-2004-12-16 Jeffrey Altman <jaltman@mit.edu>
- * cc_mslsa.c:
- Temporarily deactivate support for KerbSubmitTicketMessage
- and KerbQueryTicketCacheEx2Message until the new Platform SDK
- becomes publicly available.
-
-2004-12-15 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c:
- - Activate support for KerbSubmitTicketMessage
- - Activate support for KerbQueryTicketCacheEx2Message
- - Add locale support for regions which use MultiByte characters
-
-2004-11-19 Ken Raeburn <raeburn@mit.edu>
-
- * cc_mslsa.c (MSCredToMITCred): Don't create an empty array for
- addresses, just use a null pointer now.
-
-2004-11-16 Ken Raeburn <raeburn@mit.edu>
-
- * cc_retr.c (krb5_cc_retrieve_cred_seq): Temporarily clear the
- KRB5_TC_OPENCLOSE flag on the credentials cache while reading
- multiple entries from it.
-
-2004-11-15 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (krb5_fcc_get_flags): New function.
- (krb5_fcc_ops, krb5_cc_file_ops): Add it.
- * cc_memory.c (krb5_mcc_get_flags): New function.
- (krb5_mcc_ops): Add it.
- * cc_mslsa.c (krb5_lcc_get_flags): New function.
- (krb5_lcc_ops): Add it.
- * ccfns.c (krb5_cc_get_flags): New function.
-
-2004-10-07 Jeffrey Altman <jaltman@mit.edu>
- * cc_mslsa.c: Fix the forced setting of the Initial Ticket Flag
- on Win2000 and add it to XP and 2003 SP1
-
-2004-09-17 Jeffrey Altman <jaltman@mit.edu>
- * cc_mslsa.c: Fix the error returned when krb5_lcc_start_seq_get()
- discovers the cache is empty. Check for the new error in
- krb5_lcc_initialize()
-
-2004-09-10 Jeffrey Altman <jaltman@mit.edu>
- * cc_mslsa.c: Implement krb5_lcc_initialize()
- Remove all tickets from the cache which have a client
- principal that matches the input principal.
-
-2004-09-10 Jeffrey Altman <jaltman@mit.edu>
- * cc_mslsa.c: Correct test for KerbQueryTicketCacheExMessage
-
-2004-09-09 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: The following functionality is being committed
- but commented out because it is not presently
- available in public Microsoft SDKs
- - support for KerbSubmitTicket which allows a KERB_CRED
- message to be forwarded to the LSA. (KERB_SUBMIT_TICKET)
- - support for the KerbQueryTicketCacheEx2Message which
- adds the Session Key Enctype to the contents of the
- response from KerbQueryTicketCacheExMessage.
- (HAVE_CACHE_INFO_EX2)
-
-2004-09-01 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c:
- - Fix MITPrincToMSPrinc to prevent writing to the output
- buffer if the input won't fit.
- - Add internal UnicodeStringToMITPrinc function
- - Rename internal MSPrincToMITPrinc to ExternalNameToMITPrinc
- - Rename internal PurgeMSTGT to PurgeAllTickets
- - Add internal PurgeTicket2000
- - Add internal PurgeTicketXP
- - Since tickets can only be requested via KDC Opt Flags it is
- not possible to specifically request the Initial ticket. If
- more than one ticket exists which matching service names,
- enctypes, and ticket flags the initial ticket flag may not be
- set. If the caller requested the initial ticket, set the flag
- manually.
- - Add preliminary support for krb5_lcc_set_flags
- - Modify krb5_lcc_initialize to return success
- - Modify krb5_lcc_get_principal to support an LSA cache
- which does not contain a TGT when krb5_lcc_resolve is
- called.
- - Implement krb5_lcc_remove_cred
-
-
-2004-08-27 Ken Raeburn <raeburn@mit.edu>
-
- * t_cc.c (init_test_cred): Terminate argument list to
- krb5_build_principal with NULL, not 0. Patch from Nalin
- Dahyabhai.
-
-2004-08-15 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (struct _krb5_fcc_data): Add new mutex
- disk_file_lock and flag file_is_locked.
- (krb5_fcc_close_file): Unlock the mutex and clear the flag.
- (krb5_fcc_open_file): Acquire the mutex before locking the file,
- and set the flag after.
- (krb5_fcc_resolve): Initialize the new mutex and flag.
- (krb5_fcc_generate_new): Initialize both mutexes and the flag.
- (dereference): Destroy the new mutex.
-
- * cc_file.c: Add buffering on reading.
- (FCC_BUFSIZ): New macro.
- (struct _krb5_fcc_data): Add new fields buf, valid_bytes,
- cur_offset.
- (krb5_fcc_resolve, krb5_fcc_generate_new): Initialize
- valid_bytes.
- (invalidate_cache): New function.
- (krb5_fcc_write, krb5_fcc_open_file, krb5_fcc_destroy): Call
- invalidate_cache.
- (fcc_lseek): New function.
- (krb5_fcc_skip_header, krb5_fcc_destroy, krb5_fcc_start_seq_get,
- krb5_fcc_next_cred, krb5_fcc_store): Use fcc_lseek instead of
- lseek.
- (fcc_read): Use and maybe refill the buffer.
- (dereference): Zap the contents of the buffer before freeing it.
-
- * cc_file.c (dereference): Lock mutex around call to
- krb5_fcc_close_file.
-
-2004-08-12 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (krb5_fcc_close_file): Change first argument to be an
- fcc-data pointer, not a krb5_ccache. All calls changed.
- (struct fcc_set): Add a refcount member. (Definition
- accidentally introduced without comment in an earlier patch.)
- (krb5int_cc_file_mutex, fccs): New variables, for managing a
- global list of open credential cache files.
- (dereference): New function, with most of old close/destroy
- operations. Decrements reference count and only frees the object
- and removes it from the global list if the refcount hits zero.
- (krb5_fcc_close, krb5_fcc_destroy): Call dereference.
- (krb5_fcc_resolve): If a file cache is already open with the same
- file name, increment its reference count and don't create a new
- one. When a new one is created, add it to the global list.
- * cc-int.h (krb5int_cc_file_mutex): Declare.
- * ccbase.c (krb5int_cc_initialize): Initialize it.
- (krb5int_cc_finalize): Destroy it, and krb5int_mcc_mutex.
-
-2004-08-05 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c: Remove USE_STDIO support.
-
-2004-07-25 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: is_windows_xp() should test for major version
- > 5 not >= 5.
-
-2004-07-18 Ezra Peisach <epeisach@mit.edu>
-
- * cc_memory.c (krb5_mcc_store): When allocating krb5_mcc_link
- memory - allocate sizeof() - not sizeof(sizeof()).
-
-2004-07-16 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c: Don't check for macsock.h.
-
-2004-07-15 Alexandra Ellwood <lxs@mit.edu>
-
- * ccdefault.c (krb5_cc_default, krb5int_cc_default)
- Removed default_ccprincipal field from krb5_context
-
-2004-07-14 Ken Raeburn <raeburn@mit.edu>
-
- * t_cc.c (cc_test): Rename one of the "resolve" cases so the
- messages can be distinguished.
-
-2004-07-07 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: Fix thread safety
-
-2004-07-07 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: When obtaining a TGT from MSLSA, do not ignore
- the cache if the requested enctype is the NULL enctype.
-
-2004-06-30 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (krb5_fcc_data): Added a mutex.
- (krb5_fcc_read*, krb5_fcc_write, krb5_fcc_store_*,
- krb5_fcc_open_file, krb5_fcc_skip_header,
- krb5_fcc_skip_principal): Verify that the mutex is locked.
- (MAYBE_OPEN): Verify that the mutex is locked; unlock it if
- returning an error.
- (krb5_fcc_initialize, krb5_fcc_start_seq_get,
- krb5_fcc_get_principal, krb5_fcc_store, krb5_fcc_set_flags): Lock
- and unlock the mutex.
- (krb5_fcc_close): Likewise. Destroy the mutex when done.
- (krb5_fcc_destroy): Merge stdio and non-stdio versions a little
- more. Destroy the mutex when done.
- (krb5_fcc_resolve): Initialize and lock the mutex.
- (krb5_fcc_next_cred): Lock and unlock the mutex. Merge the stdio
- and non-stdio branches a little more.
-
-2004-06-29 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c:
- - is_windows_2000() indicates the OS is Windows 2000 or higher
- - is_windows_xp() indicates the OS is Windows XP or higher which
- indicates that PKERB_QUERY_TKT_CACHE_EX_RESPONSE and
- PKERB_TICKET_CACHE_INFO_EX are available.
- - does_retrieve_ticket_cache_ticket() checks to see if a Microsoft
- private fix is available which adds a new Cache Flag,
- KERB_RETRIEVE_TICKET_CACHE_TICKET, which when set causes the
- requested ticket to be stored in the LSA cache even when the
- TicketFlags and EncType are not set to 0.
- - KerbExternalTicketMatch() is a test to determine if two
- Microsoft External Tickets are identical
- + use the KerbQueryTicketCacheExMessage LSA call on XP or higher
- + specify the KERB_RETRIEVE_TICKET_CACHE_TICKET flag when it is
- available
- = The combination of both + items will cause the ClientRealm
- to be displayed properly for all cross realm tickets obtained
- via the MSLSA
-
-
-2004-06-29 Ken Raeburn <raeburn@mit.edu>
-
- * cc_memory.c (krb5_mcc_free): Don't destroy the mutex here.
-
-2004-06-28 Ken Raeburn <raeburn@mit.edu>
-
- * cc_memory.c: Include k5-thread.h.
- (krb5int_mcc_mutex): New lock.
- (krb5_mcc_store): Rewrite.
- (NEED_WINDOWS): Don't define.
- (krb5_mcc_*): All functions now static.
- (struct _krb5_mcc_data): Delete 'next' pointer. Add a mutex.
- (krb5_mcc_*): Lock and unlock the mutex as appropriate.
- (struct krb5_mcc_list_node): New type, separates the linked-list
- container from the data for individual nodes.
- (mcc_head): Now points to krb5_mcc_list_node.
- * cc-int.h (krb5int_mcc_mutex): Declare.
- * ccbase.c (krb5int_cc_initialize): Initialize it.
-
-2004-06-24 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (krb5_fcc_read_data): Combine stdio and posix versions
- of code with gratuitous minor differences.
- (krb5_fcc_read_int32, krb5_fcc_next_cred): Likewise.
- (krb5_fcc_read_addr): Likewise. Check that filled-in length field
- matches the value we tried to store (i.e., that type conversion
- didn't throw away information).
- (krb5_fcc_read_authdatum): Likewise.
-
-2004-06-22 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (my_fopen): Function deleted.
- (krb5_fcc_open_file): Use fopen, not my_fopen.
-
-2004-06-21 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: Comment out call to FormatMessage() which fails
- horribly on non-English systems. We do not need the output
- or printf statements as part of a library. Therefore, we
- will ignore this for the time being. When we decide we
- want to log event to the Event Log then we can properly
- implement this function.
-
-2004-06-18 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: Enforce acceptable enctypes by checking against
- the default_tgs_enctypes list instead of the permitted_enctypes
- list; only enforce the desired enctype when retrieving tickets
- to deliver to an application. do not enforce when attempting
- to determine the current principal name. this is important
- because specifying an enctype results in a TGS_REQ being sent
- to the KDC; close memory leak of krb5_cred objects in
- krb5_lcc_retrieve().
-
-2004-06-16 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (MAC_SUBDIRS): Don't set.
-
-2004-05-27 Ezra Peisach <epeisach@mit.edu>
-
- * ccbase.c: Include cc-int.h.
-
- * cc-int.h (krb5int_cc_finalize): Add prototypes for
- krb5int_cc_{finalize,initialize}.
-
-2004-05-25 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: GetMSTGT(). Initialize pTicketRequest to NULL
- to prevent it being freed prior to allocation. Add krb5_context
- parameter to allow krb5_get_permitted_enctype() to be called
- instead of using a hardcoded list of enctypes which may change
- in the future.
- krb5_lcc_get_name(): fix return value if Kerberos is not supported.
-
-
-2004-05-24 Ezra Peisach <epeisach@mit.edu>
-
- * t_cc.c (cc_test): Clean up memory leaks in tests.
-
-2004-05-15 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: The FAILED() macro only considered an error
- to be a failure if the value is negative. ConstructTicketRequest()
- returns positive errors. Do not use FAILED() to test the result.
- Fix a potential leak of LSA allocated memory. Fix a leak of
- LocalAlloc memory.
-
-2004-04-24 Ken Raeburn <raeburn@mit.edu>
-
- * ccbase.c: Include ctype.h.
- (cc_typelist_lock): Use the new partial initializer.
- (krb5int_cc_initialize): New function; finish the initialization.
- (krb5int_cc_finalize): New function; destroy the mutex and free
- any storage for registered types.
-
-2004-04-13 Jeffrey Altman <jaltman@mit.edu>
-
- * ccbase.c:
- Since we have to reserve all the single letter
- prefixes make them apply to all platforms
-
-2004-04-13 Jeffrey Altman <jaltman@mit.edu>
-
- * ccbase.c:
- On Windows, if there is a ccache name provided without
- a prefix but which appears to start with a drive letter,
- treat it as a FILE: ccache instead of failing with a
- ccache type unknown error.
-
-2004-04-13 Jeffrey Altman <jaltman@mit.edu>
-
- * ccbase.c:
- krb5_cc_resolve() defines a function pointer ccresolver
- which must be of type KRB5_CALLCONV
-
-
-2004-04-06 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c:
- In at least one case on Win2003 it appears that it is possible
- for the logon session to be authenticated via NTLM and yet for
- there to be Kerberos credentials obtained by the LSA on behalf
- of the logged in user. Therefore, we are removing the test
- for IsKerberosLogon() within krb5_lcc_resolve()
- which was meant to avoid the need to perform GetMSTGT() when
- there was no possibility of credentials being found.
-
-2004-03-31 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: Add IsWindows2000() function and use it to return
- errors whenever the MSLSA: ccache type is used on platforms
- older than Windows 2000. This is needed to prevent calls to
- the functions loaded from ADVAPI32.DLL and SECUR32.DLL which
- do not exist on the Windows 9x platforms.
-
-2004-03-26 Sam Hartman <hartmans@mit.edu>
-
- * fcc.h: Remove all but the definition of krb5_cc_file_ops because
- the rest is static in cc_file.c
-
- * Makefile.in (T_file): Remove (no longer builds, no longer used)
-
-2004-03-25 Sam Hartman <hartmans@mit.edu>
-
- * cc_file.c (krb5_fcc_generate_new): Use mkstemp not mktemp when possible
-
-2004-03-18 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c:
- Add missing return statements in krb5_lcc_start_seq_get()
-
- Return error if principal name cannot be determined during
- krb5_lcc_resolve()
-
- * cc-int.h:
- New file - Add prototypes for cc internal functions
-
- * cc_retr.c - include cc-int.h
-
-2004-03-05 Ken Raeburn <raeburn@mit.edu>
-
- * ccbase.c: Include k5-thread.h.
- (struct krb5_cc_typelist): Ops pointer now points to const.
- (cc_typelist_lock): New mutex var.
- (krb5_cc_register, krb5_cc_resolve): Lock it while working with
- the type list.
-
-2004-02-04 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c:
- Remove reference to <ntstatus.h> as it is not present in the August 2001
- Platform SDK used by Pismere. Instead copy the error value.
-
-2004-02-02 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_msla.c:
- GetMSCacheTicketFromCacheInfo() uses the tktinfo->TicketFlags as the
- value to assign to TicketRequest->TicketFlags. This field is blindly
- inserted into the kdc-options[0] field of the TGS_REQ. If there are
- bits such as TRANSIT_POLICY_CHECKED in the TicketFlags, this will result
- in an unknown TGS_OPTION being processed by the KDC.
-
- This has been fixed by mapping the Ticket Flags to KDC options.
- We only map Forwardable, Forwarded, Proxiable, and Renewable. The others
- should not be used.
-
-2004-02-02 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: the MSLSA code was crashing on Pismere machines when
- logging on with cross realm credentials. On these machines there are
- 8 tickets within the LSA cache from two different realms. One of the
- krbtgt/CLIENT-REALM@CLIENT-REALM tickets (not the Initial ticket but
- a Forwarded ticket) is inaccessible to the ms2mit.exe and leash32.exe
- processes. The attempt to access the ticket returns a SubStatus code
- of STATUS_LOGON_FAILURE (0xC000006DL) which is supposed to mean that
- the logon attempt was invalid due to bad authentication information.
- kerbtray has no problem listing this ticket. The other seven tickets
- in the cache including the Initial Ticket are accessible. Modified
- krb5_lcc_next_cred() to skip to the next ticket if an attempt to read
- a single ticket fails.
-
-2004-01-31 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: Optimize the get next logic by storing a handle to
- the MS TGT in the lcc_cursor data structure
-
-2004-01-31 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: Do not return tickets to the caller if they contain
- NULL session keys. This is to prevent useless TGTs from being
- placed into the MIT credential cache.
-
-2004-01-30 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: As per extensive conversations with Doug Engert we have
- concluded that MS is not specifying a complete set of domain information
- when it comes to service tickets other than the initial TGT. What happens
- is the client principal domain cannot be derived from the fields they
- export. Code has now been added to obtain the domain from the initial
- TGT and use that when constructing the client principals for all tickets.
-
- This behavior can be turned off by setting a registry either on a per-user
- or a system-wide basis:
-
- {HKCU,HKLM}\Software\MIT\Kerberos5
- PreserveInitialTicketIdentity = 0x0 (DWORD)
-
-
-2004-01-06 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_file.c, cc_memory.c:
- Add stub implementations for unimplemented krb5_cc_remove_cred()
- Returns KRB5_CC_NOSUPP
-
- * cc_mslsa.c:
- Add implementation for krb5_cc_remove_cred(). Returns KRB5_CC_READONLY.
-
-2003-12-19 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: fix indirection of a krb5_creds structure which
- is passed into MSCredToMITCred().
-
-2003-12-18 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_retr.c: Extract the test to determine if a credential matches
- a requested credential according to the specified fields into
- a private function: krb5int_cc_creds_match_request()
-
- * cc_mslsa.c: Extend the functionality of krb5_lcc_retrieve() to
- perform a MS Kerberos LSA ticket request if there is no matching
- credential in the cache. The MS Kerberos LSA places the following
- restriction on what tickets it will place into the LSA cache:
- tickets obtained by an application request for a specific
- set of kerberos flags or enctype will not be cached.
- Therefore, we first make a request with no flags or enctype in
- the hope that we will be lucky and get the right ones anyway.
- If not, we make the application's request and return that ticket
- if it matches the other criteria.
-
- Implemented a similar technique for krb5_lcc_store(). Since we
- can not write to the cache, when a store request is made we
- instead perform a ticket request through the lsa for a matching
- credential. If we receive one, we return success. Otherwise,
- we return the KRB5_CC_READONLY error.
-
- With these changes I am now able to operate entirely with the MSLSA
- ccache as the default cache provided the MS LSA credentials are
- for the principal I wish to use. Obviously, one cannot change
- principals while the MSLSA ccache is the default.
-
-2003-12-15 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_msla.c: Enable purging of the MS Kerberos LSA cache when the TGT
- has expired. This will force the LSA to get a new TGT instead of
- returning the expired version.
-
-2003-12-15 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_mslsa.c: Perform a GetMSTGT() call as part of krb5_lcc_start_seq_get
- to ensure that the tgt is refreshed
-
-2003-12-13 Jeffrey Altman <jaltman@mit.edu>
-
- * Makefile.in: Remove extranenous spaces in ##WIN32## constructs
- defining MSLSA_SRC MSLSA_OBJ
-
-2003-12-12 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Move ##WIN32## constructs from inside
- backslash-continued lists, as it was breaking them. Move explicit
- dependency information from under automatic dependencies.
-
-2003-12-11 Jeffrey Altman <jaltman@mit.edu>
-
- * Makefile.in, ccbase.c, cc_mslsa.c (new)
-
- Remove all of the code which was duplicated between ms2mit.c
- and the KfW Leash libraries (and who knows how many applications
- shipped by third parties) and use it as the basis for a new
- krb5_ccache type, "MSLSA:". The "MSLSA:" ccache type is a
- read-only ccache which can be used either as a monitor of the
- contents of the Microsoft LSA cache or as a source for copying
- the contents to another ccache type. The purpose of migrating
- this code to the krb5_32.dll is to avoid the need for applications
- to be consistently updated each time Microsoft makes a change
- to the behavior of the LSA cache. Changes have occurred with
- the release of 2000, XP, and 2003 so far. Also, the code for
- working with the MS LSA cache is not well documented and many
- mistakes were made in the original versions of the ms2mit.c
- code base. Unfortunately, the ms2mit.c code has been copied
- into many other applications.
-
- With access to this new ccache type, the ms2mit.c source file
- is reduced from 890 lines to 80 lines including the copyright
- banner.
-
-2003-11-26 Jeffrey Altman <jaltman@mit.edu>
-
- * cc_default.c: Add support for Leash Kinit Dialog on Windows to
- krb5int_c_default()
-
-2003-08-26 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (krb5_fcc_store_int32, krb5_fcc_store_ui_4)
- (krb5_fcc_store_ui_2, krb5_fcc_store_octet): Remove gratuitous
- conditionalizing of casts on USE_STDIO, left over from merge.
-
-2003-07-22 Sam Hartman <hartmans@mit.edu>
-
- * ccbase.c: Always register the file credentials cache type. If
- we do not, then when USE_CCAPI is defined, it will not be
- available.
-
-2003-07-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBNAME) [##WIN16##]: Don't define.
- ($(OBJFILE)) [##WIN16##]: Omit CP action.
-
-2003-03-06 Alexandra Ellwood <lxs@mit.edu>
-
- * ccdefault.c: Remove Mac header goober and include
- k5-int.h after KerberosLoginPrivate.h.
-
-2003-01-10 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag.
-
-2003-01-07 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (krb5_cc_file_ops, krb5_fcc_ops): Now const.
- * fcc.h (krb5_cc_file_ops): Update decl.
- * cc_memory.c (krb5_mcc_ops): Now const.
- * ccbase.c (krb5_mcc_ops): Update decl.
- * ccdefops.c (krb5_cc_dfl_ops): Now points to const.
- * t_cc.c (krb5_fcc_ops, krb5_mcc_ops): Update decls.
-
-2002-09-03 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c, cc_memory.c, cc_retr.c, ccbase.c, cccopy.c,
- ccdefault.c, ser_cc.c, t_cc.c: Use prototype style function
- definitions.
-
-2002-08-29 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-08-15 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c (ALLOC): Use calloc, not malloc.
- (krb5_fcc_read_principal): Check bounds on number of components
- before calling ALLOC.
-
-2002-08-15 Tom Yu <tlyu@mit.edu>
-
- * t_cc.c: Remove references to STDIO ccache.
-
-2002-08-14 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c: Merge in cc_stdio.c, under preprocessor test for
- USE_STDIO.
- (USE_STDIO): Define it if HAVE_SYS_TYPES_H.
- (krb5_change_cache, krb5_get_notification_message): Always
- define.
- (ALLOC): New macro, with overflow checking.
- (krb5_fcc_read_principal, krb5_fcc_read_addrs,
- krb5_fcc_read_authdata): Use it, and fix other overflow checks.
- (my_fopen): Support non-Mac environments.
- (krb5_fcc_open_file) [USE_STDIO]: Always use my_fopen.
- (NO_FILE): New macro. All functions changed to test or assign it
- rather than -1 or (FILE*)NULL.
- (krb5_fcc_read_keyblock, krb5_fcc_read_data): Rewrite bounds
- check.
- (BINARY_MODE): Always define.
- (setvbuf) [!HAVE_SETVBUF]: Define as macro using setbuf.
- (krb5_fcc_open_file): Change file descriptor variable to "f" and
- combine newly matching stdio and file sections. Use setvbuf
- instead of checking whether to use setbuf.
-
- * cc_stdio.c: Deleted.
- * Makefile.in (STLIBOBJS, OBJS, SRCS): Updated.
- * ccdefops.c (krb5_cc_dfl_ops) [!USE_CCAPI]: Always use
- krb5_fcc_ops.
-
-2002-08-09 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c: All functions except krb5_change_cache and
- krb5_get_notification_message now static. Minor other shuffling
- to become more similar to cc_stdio.c.
- (krb5_fcc_data): Rename "fd" to "file"; change all uses.
- * cc_stdio.c: All functions now static. Rename all krb5_scc_
- functions, data types and macros to use krb5_fcc_ prefix instead.
- Minor other shuffling to become more similar to cc_file.c.
- (krb5_fcc_data): Rename from krb5_scc_data; reorder some fields.
- (krb5_fcc_close_file): Never call fflush on a read-only file.
- (BINARY_MODE): New macro.
- (krb5_fcc_open_file): Combine ANSI_STDIO and non-ANSI cases
- statements by using BINARY_MODE and compile-time string
- concatenation. Choose lock flag value separately from call to
- krb5_lock_file.
- (krb5_fcc_generate_new): Use BINARY_MODE.
-
-2002-07-09 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c: Put # for cpp directives in first column.
-
-2002-60-20 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Build cc accessor functions on Windows.
- [pullup from 1-2-2-branch]
-
-2002-06-20 Alexandra Ellwood <lxs@mit.edu>
-
- * ccdefault.c: updated to new KLL function name
-
- * ccdefault.c: swapped include of KerberosLoginPrivate with
- k5-int.h to avoid problems with including CoreServices.h after
- profile.h and krb.h
-
- * ccdefault.c: Updated Mac OS X headers to new framework layout
-
- * ccdefops.c: created #define for USE_CCAPI now that both Mac OS 9
- and Mac OS 10 use ccapi.
-
- [pullups from 1-2-2-branch]
-
-2002-04-10 Danilo Almeida <dalmeida@mit.edu>
-
- * cc_file.c: Use _WIN32 instead of _WINSOCKAPI_ because
- _WINSOCKAPI_ depends on the Winsock header used (i.e., Winsock 2
- does not define this). What we are really trying to check for is
- Win32. Include port-sockets.h for Win32. (NOTE: Why is
- NEED_SOCKETS being defined after the inclusion of k5-int.h? That
- is pretty useless... What we probably should do is more
- consitently used NEED_SOCKETS instead of manually putting in
- network code. However, some people would probably have issues
- with the build being slower...)
-
-2001-10-10 Ezra Peisach <epeisach@mit.edu>
-
- * cc_file.c (krb5_fcc_read): Remove const from fourth argument to
- function to match prototype earlier in file.
-
-2001-10-09 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c, cc_memory.c, cc_stdio.c, ser_cc.c: Make prototypes
- unconditional.
-
-2001-10-05 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c, cc_stdio.c: Delete _MSDOS (win16) support.
-
- * cc_memory.c, ccbase.c, ccdefault.c, ccfns.c: Don't explicitly
- declare pointers FAR any more.
-
-2001-10-03 Ken Raeburn <raeburn@mit.edu>
-
- * cc_file.c, ccbase.c, cccopy.c, ccdefault.c, fcc.h, ser_cc.c:
- Don't use KRB5_DLLIMP.
-
-2000-10-30 Tom Yu <tlyu@mit.edu>
-
- * cc_stdio.c: Add a "mode" field to krb5_scc_data to keep track of
- what mode the file was opened in.
- (krb5_scc_close_file): Ignore EBADF from fflush() if the file was
- opened for readonly access. For some reason NetBSD's fflush()
- exhibits this behavior.
- (krb5_scc_open_file): Save the mode with which the file was opened
- in data->mode.
-
-2000-10-17 Ezra Peisach <epeisach@mit.edu>
-
- * cc_stdio.c, cc_file.c: Unsigned/signed int cleanup.
-
-2000-10-03 Ezra Peisach <epeisach@mit.edu>
-
- * ser_cc.c (krb5_ccache_externalize): Use krb5_cc_get_name instead
- of krb5_rc_get_name on credential cache.
-
- * cc_file.c (krb5_fcc_get_name):
- * cc_stdio.c (krb5_scc_get_name):
- * cc_memory.c (krb5_mcc_get_name):
- * ccfns.c (krb5_cc_get_name): Declare as returning const char *.
-
-2000-09-25 Ezra Peisach <epeisach@mit.edu>
-
- * cc_file.c ccbase.c, cc_stdio.c, cc_retr.c, cc_memory.c: More
- signed/unsigned fixes.
-
-Sat Sep 23 23:42:32 2000 Ezra Peisach <epeisach@mit.edu>
-
- * t_cc.c: Code cleanup. Test more failure modes of the cache library.
-
- * cccopy.c (krb5_cc_copy_creds): Memory leak. Call krb5_cc_end_seq_get.
-
- * cc_file.c (krb5_fcc_generate_new): Set flags to
- KRB5_TC_OPENCLOSE, otherwise parts of the library assumes that the
- file is open, when it is not.
-
- * cc_stdio.c (krb5_scc_generate_new): Same as cc_file.c change.
-
-
-2000-09-22 Ezra Peisach <epeisach@mit.edu>
-
- * Makefile.in (check-unix): Build and exectute t_cc.
-
- * t_cc.c: Test harness for memory, stdio and file caches.
-
-2000-07-20 Danilo Almeida <dalmeida@mit.edu>
-
- * cc_file.c, cc_stdio.c: Remove unused krb5_[fs]cc_default_name()
- prototype.
-
- * cc_stdio.c: Fix calling convention for op functions.
-
- * ccfns.c (krb5_cc_get_type): Fix calling convention.
-
- * Makefile.in: Change ${CC} and ${OBJS} to $(CC) and $(OBJS) so
- nmake does not freak out.
-
-2000-07-19 Ken Raeburn <raeburn@mit.edu>
-
- * cc_memory.c (mcc_head): Combine static declaration and
- initialization.
-
-2000-07-14 Ken Raeburn <raeburn@mit.edu>
-
- * t_stdio.c, t_file.c, t_memory.c: Test cases copied from old
- subdirectories. Currently unused.
- * Makefile.in (t_stdio): New target, basically same as 'test' in
- old stdio/Makefile.in.
- * file, memory, stdio: Subdirectories deleted.
-
- * cc_file.c, cc_stdio.c, cc_memory.c: New files, built from source
- files of appropriate subdirectories.
- * fcc.h, scc.h: New files, copied from subdirectories; temporary.
- * ccfns.c: New file, implementing what used to be krb5_cc_* macros
- in krb5.h.
- * Makefile.in (STLIBOBJS, OBJS, SRCS): Updated.
- (LOCAL_SUBDIRS): Now empty.
- (LOCALINCLUDES): Remove file and stdio subdirs.
- (MAC_SUBDIRS): Remove file, stdio, memory.
- (##DOS## stuff, clean-windows): Delete file and memory parts.
-
- * cc_memory.c (mcc_head): Now static.
-
-2000-06-28 Ezra Peisach <epeisach@mit.edu>
-
- * ccdefault.c: Add newline at end of file (compiler warning)
-
-2000-5-31 Alexandra Ellwood <lxs@mit.edu>
-
- * ccdefault.c: Changed kerberosPrincipal_V5 to kerberosVersion_V5
- to reflect the new constant name.
-
-2000-4-26 Alexandra Ellwood <lxs@mit.edu>
-
- * ccdefault.c: Added version number to internal Kerberos Login
- Library routine.
-
-2000-4-13 Alexandra Ellwood <lxs@mit.edu>
-
- * ccdefault.c: Added Kerberos Login library support (with ifdefs
- to control whether or not it is on. Also added support to store a
- krb5_principal in the os_context along with the default ccache
- name (if known, this principal is the same as the last time we
- looked at the ccache. * ccdefname.c: Added support to store a
- krb5_principal in the os_context along with the default ccache
- name (if known, this principal is the same as the last time we
- looked at the ccache.
-
-1999-10-26 Wilfredo Sanchez <tritan@mit.edu>
-
- * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
- LOCAL_INCLUDES such that one can override CFLAGS from the command
- line without losing CPP search patchs and defines. Some associated
- Makefile cleanup.
-
-1999-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * cc_retr.c: New file.
- (krb5_cc_retrieve_cred_seq): New function, derived from
- fcc_retrieve but takes an optional list of enctypes to look for in
- priority order.
- (krb5_cc_retrieve_cred_default): New function. Same signature as
- original fcc_retrieve but if new flag KRB5_TC_SUPPORTED_KTYPES is
- set, calls krb5_get_tgs_ktypes to get a list of enctypes to look
- for.
- * Makefile.in (STLIBOBJS, OBJS, SRCS): Add it.
-
-Tue May 18 19:52:56 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Remove - from recursive Win32 make invocation.
-
-Mon May 17 14:11:45 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Clean ccapi subdirectory in clean-windows target.
-
-Mon May 10 15:24:08 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Do win32 build in subdir.
-
-1999-03-31 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * ccdefops.c: Change the default ccache type under windows to be
- original FILE ccache type; this will get set to ccapi if
- the krbcc32.dll can be found.
-
-Mon Feb 8 21:53:37 1999 Theodore Y. Ts'o <tytso@mit.edu>
-
- * Makefile.in: Enable the ccapi directory for windows builds.
-
- * ccdefops.c: Make the ccapi the default ccache type for Windows
- machines.
-
-1999-01-26 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Add ccapi to the include path so we can find stdcc.h
-
-1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Set the myfulldir and mydir variables (which are
- relative to buildtop and thisconfigdir, respectively.)
-
-Sat Dec 5 01:20:31 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * Makefile.in, ccdefops.c: Temporarily back out the ccapi ccache
- under Windows so we can make sure the rest of the krb5
- tree builds correctly under Windows. (Note: I didn't
- revert lib/krb5/os/ccdefname.c, so setting KRB5_CC_NAME to
- FILE:C:\tmp\tkt is required to make things work.)
-
-1998-08-24 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Add windows build instructions to build CCache API
- Cache implementation.
-
-Fri Aug 20 18:30:00 1998 Miro Jurisic <meeroh@mit.edu>
- * Added Frank's CCache API cache implementation and made
- it default on the Mac
-
-Thu Jul 30 13:12:30 1998 Sam Hartman <hartmans@utwig.mesas.com>
-
- * ccbase.c: Enable memory ccache (merge adapted from Kerbnet)
-
-1998-05-27 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Add ccache/memory as a directory to be recursively
- built by this makefile under Windows.
-
-Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Changed thisconfigdir to point at the lib/krb5
- directory, since we've moved the configure.in tests in
- this directory to the toplevel lib/krb5 configure.in
-
-Wed Feb 18 16:19:12 1998 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Remove trailing slash from thisconfigdir. Fix up
- BUILDTOP for new conventions.
-
-Thu Feb 12 16:17:46 1998 Tom Yu <tlyu@mit.edu>
-
- * configure.in: Add commented out AC_OUTPUT to force autoreconf to
- rebuild the configure script.
-
-Wed Feb 11 22:56:49 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
- * configure.in: Create the makefiles for all of the subdirectories
- and move all of the configure.in tests from the
- subdirectories into this configure.in.
-
-Sat Dec 6 02:26:16 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Add cccopy.c.
-
- * cccopy.c: New file; krb5_cc_copy_creds from Cygnus.
-
-Mon Sep 15 15:14:16 1997 Ezra Peisach <epeisach@mit.edu>
-
- * ccbase.c (krb5_cc_resolve): Incoming cache name is const.
-
-Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com>
-
- * Makefile.in: win32 build
-
- * ccbase.c, ccdefault.c:
- DLL export basic ccache functions
-
-Thu Jan 2 16:57:35 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in:
- * configure.in: Update to new lib build procedure.
-
-Thu Jun 6 00:04:38 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * Makefile.in (all-windows): Don't pass $(LIBCMD) on the command
- line. It's set in the windows.in prologue for all
- Makefiles anyway.
-
-Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Folded in danw's changes to allow
- building Makefiles for the Macintosh. We now can build
- MPW makefiles which are interpreted by CodeWarrior.
-
-Fri Nov 3 21:12:31 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * configure.in: Added memory subdirectory
-
-Fri Oct 6 22:03:30 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Remove ##DOS!include of config/windows.in.
- config/windows.in is now included by wconfig.
-
-Mon Sep 25 16:56:30 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
- Makefile.
-
-Tue Aug 29 13:35:23 EDT 1995 Paul Park (pjpark@mit.edu)
- * Makefile.in, .Sanitize, ser_cc.c - Add new ccache handle serialization
- routines.
-
-Fri Jun 9 19:31:13 1995 <tytso@rsx-11.mit.edu>
-
- * configure.in: Remove standardized set of autoconf macros, which
- are now handled by CONFIG_RULES. Use DO_SUBDIRS to
- recurse down subdirectories.
-
-Fri May 26 20:19:26 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in, Makefile.in: Add support for building shared libraries.
-
-Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com)
-
- * ccbase.c: removed unneeded INTERFACE from non-api functions.
-
-Wed Mar 22 11:47:49 1995 <tytso@rsx-11.mit.edu>
-
- * Makefile.in (CFLAGS): Make -I options work when the build and
- source tree are different.
-
-Fri Mar 17 19:19:07 1995 John Gilmore (gnu at toad.com)
-
- * Makefile.in (LDFLAGS): Remove, duplicates config/pre.in.
- (CFLAGS): Add -I options for file and stdio, to avoid paths in
- #include statements.
- (all-mac, clean-mac): Add.
- * ccdefops.c: Avoid includes with pathnames, since they don't work
- on the Mac. Configure the default cache based on whether the
- system has <sys/types.h> (which defines types for low-level file
- operations, among other things).
- * configure.in (CONFIG_DIRS): Build stdio before file, for Mac
- convenience (where file doesn't build).
-
-Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: cleaned up for the PC
-
-Tue Mar 7 19:53:05 1995 Mark Eichin <eichin@cygnus.com>
-
- * configure.in: take out ISODE_DEFS.
-
-Tue Mar 7 15:55:12 1995 Keith Vetter (keithv@fusion.com)
-
- * ccbase.c, ccdefault.c: added window INTERFACE keyword.
- * Makefile.in: made to work on the PC.
-
-Tue Feb 28 00:35:33 1995 John Gilmore (gnu at toad.com)
-
- * ccbase.c, ccdefault.c: Avoid <krb5/...> includes.
-
-Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
-
- * Added krb5_context to all krb5_routines
-
-Thu Oct 13 17:23:08 1994 Theodore Y. Ts'o (tytso@maytag)
-
- * configure.in: Add ISODE_DEFS
-
diff --git a/src/lib/krb5/ccache/ccapi/ChangeLog b/src/lib/krb5/ccache/ccapi/ChangeLog
deleted file mode 100644
index e35231ad49..0000000000
--- a/src/lib/krb5/ccache/ccapi/ChangeLog
+++ /dev/null
@@ -1,237 +0,0 @@
-2006-04-03 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (DEFS): Make empty.
- * stdcc_util.h: Include autoconf.h.
-
-2005-11-14 Jeffrey Altman <jaltman@mit.edu>
-
- * winccld.c, stdcc.c: include k5-int.h before stdcc.h
-
-2004-11-15 Ken Raeburn <raeburn@mit.edu>
-
- * stdcc.c (krb5_stdcc_get_flags): New function.
- (krb5_cc_stdcc_ops): Add it.
- * stdcc.h (krb5_stdcc_get_flags): Declare.
-
-2004-06-22 Ken Raeburn <raeburn@mit.edu>
-
- * stdcc_util.c (dupK5toCC): Don't test macintosh.
-
-2003-07-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBNAME) [##WIN16##]: Don't define.
-
-2003-03-06 Alexandra Ellwood <lxs@mit.edu>
-
- * stdcc.h, stdcc_util.h: Removed Mac header goober.
-
-2003-01-07 Ken Raeburn <raeburn@mit.edu>
-
- * winccld.c (krb5_fcc_ops): Updated decl.
-
-2002-08-29 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-06-20 Danilo Almeida <dalmeida@mit.edu>
-
- * winccld.c: Include k5-int.h to get hidden ops struct.
- [pullup from 1-2-2-branch]
-
-2002-06-20 Alexandra Ellwood <lxs@mit.edu>
-
- * stdcc.h: Added prototype for krb5_stdcc_shutdown.
-
- * stdcc.h, stdcc_util.h, stdcc_util.c: Updated Mac OS X headers to new
- framework layout
-
- * stdcc.c: Removed unused variables and fixed macros to reduce warnings
-
- [pullups from 1-2-2-branch]
-
-2002-06-20 Miro Jurisic <meeroh@mit.edu>
-
- * stdcc.c: Replaced cc_* macros with functions
- * stdcc.h, stdcc_util.h: Updated Mac OS #defines and #includes for new
- header layout and Mac OS X frameworks
- [pullup from 1-2-2-branch]
-
-2002-04-01 Danilo Almeida <dalmeida@mit.edu>
-
- * stdcc_util.c: Include errno.h.
-
-2001-10-09 Ken Raeburn <raeburn@mit.edu>
-
- * stdcc.h: Make prototypes unconditional.
-
-2001-10-05 Ken Raeburn <raeburn@mit.edu>
-
- * stdcc.c, stdcc.h, stdcc_util.c, stdcc_util.h, winccld.c: Delete
- _MSDOS support.
-
-2001-10-03 Ken Raeburn <raeburn@mit.edu>
-
- * stdcc.h, winccld.c: Don't use KRB5_DLLIMP.
-
-2000-10-03 Ezra Peisach <epeisach@mit.edu>
-
- * stdcc.c, stdcc.h (krb5_stdcc_get_name): Declare as returning
- const char *.
-
-2000-07-20 Danilo Almeida <dalmeida@mit.edu>
-
- * stdcc.h: Include k5-int.h to get krb5_ccache definition.
-
-2000-06-08 Alexandra Ellwood <lxs@mit.edu>
-
- * stdcc_util.c (dupCCtoK5, dupK5toCC):
- Fixed code that stores times in localtime, not in kdc time.
-
-2000-05-18 Danilo Almeida <dalmeida@mit.edu>
-
- * stdcc_util.c (dupK5toCC): Remove unused variables.
-
- * stdcc_util.c: Reindent to krb5 coding style. Remove whitespace
- at end of lines. Replace C++ comments with C comments.
-
- * stdcc_util.h: Replace C++ comments with C comments.
-
- * winccld.h: Do not define or try to load cc_lock_request, which is
- not actually used anywhere in the code.
-
-2000-05-04 Miro Jurisic <meeroh@mit.edu>
-
- * stdcc_util.c (dupCCtoK5, dupK5toCC):
- Conditionalized local/KDC time conversions for Mac-only
- until we figure out what to do about that
-
-2000-04-18 Danilo Almeida <dalmeida@mit.edu>
-
- * winccld.h: Define CC_API_VER2 for all Windows code using ccapi.
- Update dynamic loading declarations to use CC_API_VER2.
-
- * stdcc.c: Define CC_API_VER2 if not defined rather than just if
- not Windows.
-
- * winccld.c (LoadFuncs): Get error on DLL load failure even though
- we do not use it in case we are doing source-level debugging.
-
-2000-04-07 Jeffrey Altman <jaltman@columbia.edu>
-
- * stdcc_util.c (copyCCDataArrayToK5, copyCCDataArrayToK5):
- * stdcc_util.c (dupCCtoK5, dupK5toCC):
-
- memory was being allocated as (sizeof(foo) * count + 1)
- instead of (sizeof(foo) * (count + 1))
-
-2000-04-03 Jeffrey Altman <jaltman@columbia.edu>
-
- * stdcc_util.c (copyCCDataArrayToK5, copyCCDataArrayToK5):
- * stdcc_util.c (dupCCtoK5, dupK5toCC):
-
- Changed all references to the type UInt32 to unsigned int
- since UInt32 is not a standard type on Unix or Win32
-
-2000-03-24 Alexandra Ellwood <lxs@mit.edu>
-
- * stdcc_util.c (copyCCDataArrayToK5, copyCCDataArrayToK5):
- Modified to copy authdata as well... this code may have
- bugs since I couldn't get a good case where authdata != NULL
-
- * stdcc_util.c (dupCCtoK5, dupK5toCC):
- Added code to store times in localtime, not in kdc time.
-
-2000-03-15 Danilo Almeida <dalmeida@mit.edu>
-
- * stdcc.c (krb5_stdcc_destroy): Do not mask KRB5_FCC_NOFILE error
- on destroy.
-
-2000-02-10 Miro Jurisic <meeroh@mit.edu>
-
- * stdcc_util.c: Fixed lxs' fix
-
-2000-02-10 Alexandra Ellwood <lxs@mit.edu>
-
- * stdcc_util.c: Added +1 to strlen()'s so that the null terminator
- will fit in the buffer.
-
-2000-02-04 Scott McGuire <smcguire@mit.edu>
-
- * stdcc.c (krb5_stdcc_initialize): Removed calls that destroyed
- and recreated ccapi_data->NamedCache; instead close
- and call create on it again. (This makes sure the data stays
- in the same cache the whole time so external pointers don't
- get confused.)
-
-1999-11-22 Miro Jurisic <meeroh@mit.edu>
-
- * stdcc.h, stdcc_util.h: use CCache2.h under MacOS for CCAPI v2
- compatibility
-
-1999-10-26 Wilfredo Sanchez <tritan@mit.edu>
-
- * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
- LOCAL_INCLUDES such that one can override CFLAGS from the command
- line without losing CPP search patchs and defines. Some associated
- Makefile cleanup.
-
-1999-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * stdcc.c (krb5_stdcc_retrieve): Replace with a version that calls
- krb5_cc_retrieve_cred_default.
-
-1999-08-05 Alexandra Ellwood <lxs@mit.edu>
-
- * stdcc_util.c (deep_free_cc_v5_creds):
- Added free(creds) so that the cc_creds gets freed when a
- cred_union gets freed. Before it was leaking memory.
-
- I searched the k5 sources for folks calling deep_free_cc_v5_creds
- and my change seems to not break anyone else.
-
-1999-08-03 Alexandra Ellwood <lxs@mit.edu>
-
- * stdcc.c (krb5_stdcc_destroy):
- Added code to free the krb5_ccache like krb5_stdcc_close does
- so we don't leak memory.
-
-1999-06-10 Danilo Almeida <dalmeida@mit.edu>
-
- * stdcc.c (cache_changed): Use PostMessage instead of SendMessage
- so that we don't block.
-
-1999-06-08 Danilo Almeida <dalmeida@mit.edu>
-
- * winccld.h: Remove references to cc_*_instance functions.
-
-Thu May 13 18:01:58 1999 Theodore Y. Ts'o <tytso@mit.edu>
-
- * winccld.c (krb5_win_ccdll_load): Register the FILE ccache type
- if we are using ccapi, so that we make sure the FILE
- ccache type will work if the user specifies it in an
- environment variable.
-
-Mon May 10 15:24:36 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Do win32 build in subdir.
-
-Thu Apr 8 16:09:08 1999 Theodore Y. Ts'o <tytso@mit.edu>
-
- * winccld.c: Only compile this file on Windows (to avoid screwing
- up the Macintosh build).
-
-1999-03-31 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * winccld.c, winccld.h, stdcc.c: Add files to dynamically load
- krbcc32.dll, so that we can fall back and use the built-in
- file ccache type if krbcc32.dll doesn't exist.
-
-1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Set the myfulldir and mydir variables (which are
- relative to buildtop and thisconfigdir, respectively.)
-
diff --git a/src/lib/krb5/error_tables/ChangeLog b/src/lib/krb5/error_tables/ChangeLog
deleted file mode 100644
index 18efb6fd31..0000000000
--- a/src/lib/krb5/error_tables/ChangeLog
+++ /dev/null
@@ -1,484 +0,0 @@
-2006-04-02 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (DEFS): Make empty.
-
-2006-03-11 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (EHDRDIR): Don't use krb5 subdirectory.
-
-2006-03-06 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_err.et (KRB5_PLUGIN_NO_HANDLE): New error code.
-
-2006-01-27 Sam Hartman <hartmans@mit.edu>
-
- * kdb5_err.et: New error codes for plugin errors
-
-2004-10-13 Alexandra Ellwood <lxs@mit.edu>
-
- * krb5_err.et: added KRB5_DELTAT_BADFORMAT for
- krb5_string_to_deltat.
-
-2004-06-02 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (STLIBOBJS, OBJS, SRCS): Drop init_ets code.
-
-2004-01-06 Jeffrey Altman <jaltman@mit.edu>
-
- * krb5_err.et (KRB5_CC_NOSUPP) new ccache error code
-
-2003-12-12 Jeffrey Altman <jaltman@mit.edu>
-
- * krb5_err.et (KRB5_CC_READONLY) new ccache error code
-
-2003-07-19 Ezra Peisach <epeisach@mit.edu>
-
- * init_ets.c (krb5_init_ets): Only initialize error tables once -
- so that init_conext/free_context loops do not result in memory
- leaks.
-
-2003-07-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBNAME) [##WIN16##]: Don't define.
-
-2003-06-03 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_err.et (KRB5_ERR_NO_SERVICE): New error code.
-
-2003-05-24 Ken Raeburn <raeburn@mit.edu>
-
- * krb524_err.et: New file, moved from ../../../krb524. Add new
- error code KRB524_KRB4_DISABLED.
- * Makefile.in (STLIBOBJS, HDRS, OBJS, ETSRCS, SRCS, awk-windows):
- Add it.
- ($(OUTPRE)krb524_err.$(OBJEXT)): List dependence on .c file.
- * init_ets.c (krb5_init_ets): Call initialize_k524_error_table.
-
-2003-03-04 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_err.et (KRB5_ERR_BAD_S2K_PARAMS): New error code.
-
-2003-01-10 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag.
-
-2002-11-14 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Remove references to adm_err.et. It's not used,
- and conflicts with the krb4 kadm error table.
-
-2002-10-24 Ken Hornstein <kenh@cmf.nrl.navy.mil
-
- * kv5m_err.et: Add magic numbers for new hardware preauth structures.
-
- * krb5_err.et (KRB5_SAM_INVALID_ETYPE, KRB5_SAM_NO_CHECKSUM,
- KRB5_SAM_BAD_CHECKSUM): New error codes for the new hardware
- preauthentication code.
-
-2002-09-02 Ken Raeburn <raeburn@mit.edu>
-
- * init_ets.c (krb5_init_ets, krb5_free_ets): Use prototype style
- function definitions.
-
-2002-08-29 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-27 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (awk-windows): Put quotes around $(EHDRDIR) since it
- contains forward slashes now.
-
-2002-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-07-09 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_err.et (KRB5_ERR_NUMERIC_REALM): New error code.
-
-2002-06-09 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_err.et (KRB5KRB_AP_PATH_NOT_ACCEPTED,
- KRB5KRB_ERR_RESPONSE_TOO_BIG): New error codes.
-
-2002-03-06 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_err.et: Change several "credentials cache file" messages to
- just say "credentials cache", so as to be applicable in the ccapi
- case too. (Miro's change from 1.2.x branch.)
-
-2002-01-08 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_err.et (KRB5_EAI_FAIL, KRB5_EAI_NODATA, KRB5_EAI_NONAME,
- KRB5_EAI_SERVICE): New error codes for getaddrinfo failures.
-
-2001-10-24 Tom Yu <tlyu@mit.edu>
-
- * kdb5_err.et: Add KRB5_KDB_NO_PERMITTED_KEY,
- KRB5_KDB_NO_MATCHING_KEY for libkdb so we can return something
- other than ENOENT (which was Just Wrong).
-
-2001-04-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (includes): New target. Copy headers into proper
- include directory.
- (unixmac): Target deleted.
- (THDRDIR): New variable.
-
-2000-10-26 Tom Yu <tlyu@mit.edu>
-
- * asn1_err.et: Add error codes MISMATCH_INDEF and MISSING_EOC.
-
-2000-06-30 Ezra Peisach <epeisach@mit.edu>
-
- * init_ets.c: Remove unused variable.
-
-1999-12-01 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_err.et (KRB5_OBSOLETE_FN): New error code.
-
-1999-11-02 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_err.et (KRB5_CONFIG_ETYPE_NOSUPP): New error code.
-
-1999-10-26 Wilfredo Sanchez <tritan@mit.edu>
-
- * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
- LOCAL_INCLUDES such that one can override CFLAGS from the command
- line without losing CPP search patchs and defines. Some associated
- Makefile cleanup.
-
-1999-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * krb5_err.et (KRB5_CC_NOT_KTYPE): New error code.
-
-1999-07-29 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Delete dependency info for isode error table that
- was removed in early 1995.
-
-Mon May 10 15:25:19 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Do win32 build in subdir.
-
-1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Set the myfulldir and mydir variables (which are
- relative to buildtop and thisconfigdir, respectively.)
-
-Mon May 18 17:09:22 1998 Tom Yu <tlyu@mit.edu>
-
- * krb5_err.et: Clarify error for REALM_CANT_RESOLVE.
-
-Thu Apr 16 20:51:40 1998 Tom Yu <tlyu@mit.edu>
-
- * asn1_err.et (ASN1_BAD_GMTIME): Add code for case where bad
- values are returned from gmtime().
-
-Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Changed thisconfigdir to point at the lib/krb5
- directory, since we've moved the configure.in tests in
- this directory to the toplevel lib/krb5 configure.in
-
-Wed Feb 18 16:21:57 1998 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Remove trailing slash from thisconfigdir. Fix up
- BUILDTOP for new conventions.
-
-Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
-Thu Feb 5 22:58:09 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * krb5_err.et: Add a comment about the low 128 error codes being
- defined by the Krb5 protocol spec.
-
-Sat Dec 6 02:27:37 1997 Tom Yu <tlyu@mit.edu>
-
- * krb5_err.et: Add codes for Cygnus chpw.
-
-Fri Jul 25 15:25:02 1997 Tom Yu <tlyu@mit.edu>
-
- * kdb5_err.et: Add error code for bad creation flags.
-
-Sat Feb 22 22:26:16 1997 Richard Basch <basch@lehman.com>
-
- * Makefile.in: Use some of the new library list build rules in
- win-post.in
-
-Sat Feb 15 15:41:58 1997 Richard Basch <basch@lehman.com>
-
- * init_ets.c (krb5_finish_ets):
- New routine to cleanup krb5 error tables
-
-Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com>
-
- * Makefile.in: win32 build
-
- * init_ets.c: dll export krb5_init_ets()
-
-Thu Jan 2 17:07:07 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in:
- * configure.in: Update to new library build procedure.
-
-Fri Dec 13 14:55:43 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * krb5_err.et: Added the error codes KRB5_APPL_EXPIRED and
- KRB5_LIB_EXPIRED.
-
-Tue Nov 19 17:06:26 1996 Barry Jaspan <bjaspan@mit.edu>
-
- * krb5_err.et: add KRB5_KT_KVNONOTFOUND [krb5-libs/198]
-
-Wed Nov 6 11:15:32 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * krb5_err.et: Make the KRB5_CONFIG_CANTOPEN and
- KRB5_CONFIG_BADFORMAT error messages more clear that the
- problem is with the _Kerberos_ configuration file.
-
-Fri Oct 18 17:49:51 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * kv5m_err.et: Add magic code for GSSAPI OID and GSSAPI QUEUE,
- which are needed for the serialization routines.
-
-Wed Jul 24 16:03:52 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * krb5_err.et: Added new error code KRB5_KT_NAME_TOOLONG
-
-Thu Jun 13 21:43:23 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu>
-
- * configure.in: remove ref to SS_RULES, ET_RULES
-
-Sat Mar 30 22:55:26 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in (SRCS): Inlined the list of et-build source files in
- SRCS, so that they are correctly included in the Mac
- build.
-
-Wed Mar 13 13:05:46 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * kv5m_err.et: Add KV5M_PASSWD_PHRASE_ELEMENT
-
-Fri Feb 16 12:04:06 1996 Theodore Y. Ts'o <tytso@pao.MIT.EDU>
-
- * krb5_err.et: Added new error table code KRB5_CONFIG_NODEFREALM.
-
-Fri Jan 5 12:23:44 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * krb5_err.et: Added error table code KRB5_FWD_BAD_PRINCIPAL.
-
-Thu Dec 21 18:46:45 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * krb5_err.et: Changed KRB5_SENDAUTH_MUTUAL_FAILED to
- KRB5_MUTUAL_FAILED (since the error code is no longer used
- in sendauth). Added KRB5_CC_FORMAT for indicating a
- problem in the credentials cache format.
-
-Wed Nov 8 02:45:56 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * kv5m_err.et: Added magic number for krb5_preauth_ops.
-
-Mon Oct 23 21:24:12 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * krb5_err.et: Added new error code KRB5_GET_IN_TKT_LOOP.
-
-Fri Oct 6 22:03:44 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Remove ##DOS!include of config/windows.in.
- config/windows.in is now included by wconfig.
-
-Mon Sep 25 16:57:06 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
- Makefile.
-
-Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu)
-
- * kdb5_err.et : Change KRB5_KDB_BAD_KEYTYPE to KRB5_KDB_BAD_ENCTYPE
- * krb5_err.et : Change KRB5_BAD_KEYTYPE to KRB5_BAD_ENCTYPE
-
-Tue Aug 29 13:37:14 EDT 1995 Paul Park (pjpark@mit.edu)
- * kv5m_err.et - Add magic numbers for DB_CONTEXT, AUTH_CONTEXT, KEYTAB
- RCACHE and CCACHE.
-
-Mon Aug 28 12:53:01 1995 <tytso@rsts-11.mit.edu>
-
- * kv5m_err.et: Added new error codes KV5M_ALT_METHOD and
- KV5M_ETYPE_INFO_ENTRY.
-
-Mon Aug 07 11:29:49 1995 Chris Provenzano (proven@mit.edu)
-
- * krb5_err.et: Add new error KRB5_KDB_BAD_KEYTYPE.
-
-Thu Aug 03 12:35:47 1995 Chris Provenzano (proven@mit.edu)
-
- * krb5_err.et: Add new error KRB5_KDB_BAD_SALTTYPE.
-
-Fri Jun 9 19:34:12 1995 <tytso@rsx-11.mit.edu>
-
- * configure.in: Remove standardized set of autoconf macros, which
- are now handled by CONFIG_RULES.
-
-Thu Jun 8 23:46:29 1995 Tom Yu (tlyu@dragons-lair)
-
- * Makefile.in: don't install et-generated headers in the build tree
-
-Fri May 26 20:19:59 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in, Makefile.in: Add support for building shared libraries.
-
-Tue May 23 16:46:30 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * Makefile.in: Don't install the error table header files; they
- shouldn't be needed by an end-programmer.
-
-Tue Apr 25 21:58:23 1995 Chris Provenzano (proven@mit.edu)
-
- * krb5_err.et: Add new error KRB5_TKT_NOT_FORWARDABLE.
-
-Thu Apr 13 16:36:10 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: clean target was cleaning too much for the PC.
-
-Wed Apr 5 16:29:25 1995 Keith Vetter (keithv@fusion.com)
-
- * krb5_err.et: added KRB5_REALM_CANT_RESOLVE for more precise
- handling of not finding KDC.
-
-Fri Mar 31 16:06:21 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * Makefile.in (BUILDTOP2, etc): Back out previous change so that
- it doesn't break people who are using VPATH to have
- separate build directories. (See comments in the Makefile.)
-
-Tue Mar 28 18:29:44 1995 John Gilmore (gnu at toad.com)
-
- * Makefile.in (BUILDTOP2, etc): Make it possible
- to build the error tables on Unix before a Mac build.
- (all-mac): Don't build $(HDRS) on Mac.
- (unixmac): Build `includes'.
- (clean-mac): Add.
- (includes, clean, .SUFFIXES, .et.h, .et.c): Add, to make it
- possible to run `make -f Makefile.in unixmac' successfully.
- * configure.in (ASN1_{HDRS,OBJS,SRCS, BOGUS): Remove, unused.
- (CopyHeader rules): Remove, they're now in Makefile.in.
-
-Fri Mar 24 14:25:15 1995 <tytso@rsx-11.mit.edu>
-
- * Makefile.in (install): Add install rule for the error table
- headers.
-
-Tue Mar 21 21:06:06 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in (all-unix): The "includes" target is *not* obsolete;
- it's necessary to copy the header files to the build tree.
-
-Fri Mar 17 19:42:45 1995 John Gilmore (gnu at toad.com)
-
- * Makefile.in (LDFLAGS): Eliminate, duplicate.
- (SRCS): Eliminate $(srcdir) which causes mac problems.
- (all-unix): Eliminate obsolete "includes".
- (all-mac): Add.
- (unixmac): Add $(SRCS) so that the .c source files will be created
- here in the original "configure tree on Unix" stage of the build.
-
-Wed Mar 15 12:24:25 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: disabled the awk part of the makefile.
-
-Tue Mar 7 21:40:18 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: changed library name for the PC.
-
-Thu Mar 2 23:33:21 1995 John Gilmore (gnu at toad.com)
-
- * Makefile.in (unixmac): New target, runs on Unix to build include
- files for Mac build.
-
-Tue Feb 28 00:37:58 1995 John Gilmore (gnu at toad.com)
-
- * init_ets.c: Avoid <krb5/...> includes.
-
-Tue Feb 21 18:25:51 1995 Mark Eichin (eichin@tweedledumber.cygnus.com)
-
- * init_ets.c (krb5_init_ets): use old-style definition.
-
-Tue Feb 21 0:57:40 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: made to work for PC
- * init_ets.c:
- added INTERFACE for windows
- removed PROTOTYPE macro from the function
-
-Fri Feb 10 14:56:57 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile:
- * configure.in:
- * init_ets.c (krb5_init_ets): Remove isode cruft.
-
-Thu Feb 2 20:49:10 1995 Mark Eichin (eichin@cygnus.com)
-
- * krb5_err.et (KRB5KRB_AP_ERR_V4_REPLY): new error code for V4
- reply to a V5 request.
-
-Mon Dec 19 17:10:13 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * krb5_err.et (KV5M_CONTEXT, KV5M_OS_CONTEXT): Add new error codes.
-
-Fri Nov 18 15:29:55 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * krb5_err.et (KV5M_KEYTAB_ENTRY): Add new error code
-
-Fri Nov 18 00:23:51 1994 Mark Eichin <eichin@cygnus.com>
-
- * Makefile.in (clean): remove $(BOGUS)
- (HDRS): use ASN1_HDRS, not ASN1_SRCS. (from epeisach)
-
-Thu Nov 17 00:41:39 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * krb5_err.et (KRB5_CC_WRITE_ERR): Add new error code.
-
-Fri Nov 11 07:10:25 1994 Tom Yu (tlyu@dragons-lair)
-
- * Makefile.in: fix some typos for kv5m_err.et
-
-Thu Nov 10 22:12:43 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * kv5m_err.et: Add support for krb5_address table; rename
- KV5M_AUTH_DATA to follow the convention properly.
-
-Thu Nov 3 16:39:49 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in:
- * Makefile.in:
- * kv5m_err.et: Add the kv5m error table.
-
-Fri Oct 14 23:07:48 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * init_ets.c (krb5_init_ets): Fix typo in spelling of KRB5_USE_ISODE.
-
-Thu Sep 29 15:09:03 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * krb5_err.et (KRB5_KDCREP_SKEW, KRB5_IN_TKT_REALM_MISMATCH,
- KRB5_SERVICE_UNKNOWN):
- Added two new error codes.
-
-Wed Sep 21 18:00:25 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * krb5_err.et (KRB5KRB_AP_ERR_ILL_CR_TKT): Added new error code.
-
-Sat Jul 16 05:59:53 1994 Tom Yu (tlyu at dragons-lair)
-
- * krb5_err.et: missing space between comma and doublequote
-
-Tue Jun 28 19:11:43 1994 Tom Yu (tlyu at dragons-lair)
-
- * Makefile.in: doing the right thing with new error tables
-
- * configure.in: adding ISODE_DEFS
- * init_ets.c: folding in Harry's changes
-
diff --git a/src/lib/krb5/keytab/ChangeLog b/src/lib/krb5/keytab/ChangeLog
deleted file mode 100644
index cbfff99b8b..0000000000
--- a/src/lib/krb5/keytab/ChangeLog
+++ /dev/null
@@ -1,686 +0,0 @@
-2006-04-02 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (DEFS): Make empty.
-
-2006-03-31 Ken Raeburn <raeburn@mit.edu>
-
- * kt_file.c (krb5_ktf_keytab_externalize,
- krb5_ktf_keytab_internalize): Read and write file position as 64
- bits rather than trying to figure out size of long.
-
-2005-04-13 Ken Raeburn <raeburn@mit.edu>
-
- * kt_file.c (NEED_SOCKETS): Don't define.
- * kt_srvtab.c (NEED_SOCKETS): Don't define.
-
-2004-11-26 Ken Raeburn <raeburn@mit.edu>
-
- * kt_file.c (krb5_ktfile_wresolve): Initialize mutex here too.
-
-2004-11-23 Ken Raeburn <raeburn@mit.edu>
-
- * kt_file.c (struct _krb5_ktfile_data): Add mutex and buffer.
- (KTFILEBUFP, KTLOCK, KTUNLOCK, KTCHECKLOCK): New macros.
- (krb5_ktfile_resolve): Initialize mutex.
- (krb5_ktfile_close): Zap data buffer before freeing.
- (krb5_ktfile_get_entry, krb5_ktfile_start_seq_get,
- krb5_ktfile_get_next, krb5_ktfile_end_get, krb5_ktfile_add,
- krb5_ktfile_remove): Lock and unlock the mutex.
- (krb5_ktfileint_open): Check that the mutex is locked. Set the
- stdio buffer to the new buffer in the ktfile data.
- (krb5_ktfileint_write_entry, krb5_ktfileint_find_slot): Check that
- the mutex is locked. Don't call setbuf. Flush the stdio buffer
- after writing.
-
-2004-11-23 Tom Yu <tlyu@mit.edu>
-
- * kt_file.c (krb5_ktfileint_open): Update previous change by
- explicitly setting errno=0 prior to calling fopen(). Also, return
- EMFILE, not ENFILE, for compatibility with Solaris 8, which does
- set errno when out of file descriptors.
-
-2004-11-19 Tom Yu <tlyu@mit.edu>
-
- * kt_file.c (krb5_ktfileint_open): Patch from Roland Dowdeswell to
- return ENFILE when fopen() returns NULL but doesn't set errno.
-
-2004-06-22 Ken Raeburn <raeburn@mit.edu>
-
- * kt_file.c (krb5_ktf_keytab_externalize,
- krb5_ktf_keytab_internalize): Don't test macintosh.
-
-2004-06-15 Ken Raeburn <raeburn@mit.edu>
-
- * kt_file.c (krb5_kt_default_vno): Replaced variable with macro.
-
-2004-05-27 Ezra Peisach <epeisach@mit.edu>
-
- * ktbase.c: Include kt-int.h
-
- * kt-int.h: Create file with prototypes for krb5int_kt_initialize and
- krb5int_kt_finalize(void);
-
-
-2004-04-24 Ken Raeburn <raeburn@mit.edu>
-
- * ktbase.c: Include ctype.h.
- (k5_typehead_lock): Use new partial initializer.
- (krb5int_kt_initialize): New function; finish mutex
- initialization.
- (krb5int_kt_finalize): New function; destroy the mutex and free
- storage associated with registered types.
-
-2004-04-13 Jeffrey Altman <jaltman@mit.edu>
-
- * ktbase.c:
- Since we have to reserve all the single letter
- prefixes make them apply to all platforms
-
-2004-04-13 Jeffrey Altman <jaltman@mit.edu>
-
- * ktbase.c: On Windows, improve the treat drive letter
- prefix string as a FILE: keytab change to work if the
- default keytab type was changed to not be of type FILE:
-
-2004-04-08 Jeffrey Altman <jaltman@mit.edu>
-
- * ktbase.c: Restore the thread safety fixes
-
-2004-04-08 Jeffrey Altman <jaltman@mit.edu>
-
- * ktbase.c: On Windows, if we see a colon do not assume it means
- we found a prefix string unless the length of the prefix is
- not equal to one. If it is one, it means we found a drive letter
- and not a prefix.
-
-2004-03-05 Ken Raeburn <raeburn@mit.edu>
-
- * ktbase.c: Include k5-thread.h.
- (k5_typehead_lock): New mutex variable.
- (krb5_kt_register, krb5_kt_resolve): Lock it while accessing the
- type list.
- (krb5_kt_register): Ops table is now const.
- (struct krb5_kt_typelist): "next" pointer now points to const.
- (krb5_kt_typelist_wrfile, krb5_kt_typelist_file,
- krb5_kt_typelist_srvtab): Now const.
- (kt_typehead): Now points to const.
-
-2003-07-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBNAME) [##WIN16##]: Don't define.
-
-2003-05-22 Tom Yu <tlyu@mit.edu>
-
- * kt_file.c (krb5_ktfile_get_entry): Check principal name prior to
- checking enctype. Suggested by Wyllys Ingersoll.
-
-2003-05-19 Sam Hartman <hartmans@mit.edu>
-
- * ktbase.c: Register writable keytab by default
-
-2003-04-01 Nalin Dahyabhai <nalin@redhat.com>
-
- * kt_file.c (krb5_ktfileint_internal_read_entry): Use
- krb5_princ_size instead of direct field access.
- (krb5_ktfileint_write_entry, krb5_ktfileint_size_entry):
- Likewise.
-
-2003-02-08 Tom Yu <tlyu@mit.edu>
-
- * kt_file.c (krb5_ktfile_get_entry): Fix comment; not going to
- redesign key storage architecture for 1.3.
-
-2003-01-10 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag.
-
-2002-10-31 Ken Raeburn <raeburn@mit.edu>
-
- * kt_file.c (krb5_ktf_ops, krb5_ktf_writable_ops): Now const.
- Drop cast of serializer entry initializer.
- (fopen_mode_rbplus, fopen_mode_rb): Now const.
- * kt_srvtab.c (krb5_kts_ops): Now const.
- * ktbase.c (krb5_ktf_ops, krb5_kts_ops): Update declarations.
- (struct krb5_kt_typelist): Field ops now points to const.
-
-2002-09-03 Ken Raeburn <raeburn@mit.edu>
-
- * kt_file.c, kt_srvtab.c, ktadd.c, ktbase.c, ktdefault.c,
- ktfr_entry.c, ktremove.c, read_servi.c: Use prototype style
- function definitions.
-
- * kt_file.c (errno), kt_srvtab.c (errno): Don't declare.
-
-2002-08-29 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-06-18 Danilo Almeida <dalmeida@mit.edu>
-
- * ktfr_entry.c: Rename krb5_kt_free_entry_contents as
- krb5_free_keytab_entry_contents to make it consistent with rest of
- API.
- [pullup from 1-2-2-branch]
-
-2002-06-18 Ken Raeburn <raeburn@mit.edu>
-
- * ktfr_entry.c (krb5_kt_free_entry_contents): Rename from
- krb5_kt_free_entry, keep old name as wrapper.
- [pullup from 1-2-2-branch]
-
-2002-06-11 Ken Raeburn <raeburn@mit.edu>
-
- * kt_file.c: Undo non-logged part of last change that added
- inclusion of netinet/in.h; k5-int.h should pull it in with
- NEED_SOCKETS defined.
-
-2002-06-09 Ken Raeburn <raeburn@mit.edu>
-
- * kt_srvtab.c: New file, combines all srvtab functions. All
- functions now static, only the ops table is exported.
- * srvtab/*: All files deleted.
- * kt_file.c: New file, combines all file/wrfile functions.
- * file/*: All files deleted.
- * Makefile.in (LOCAL_SUBDIRS, MAC_SUBDIRS): Deleted.
- (STLIBOBJS, OBJS, SRCS): Added new files.
- (all-windows): Skip subdirs target.
- (subdirs, file\$(OUTPRE)file.lst, srvtab\$(OUTPRE)file.lst)[DOS]:
- Deleted targets.
- ($(OBJFILE))[DOS]: Skip subdir stuff.
- (clean-windows): Don't go into subdirs.
-
-2002-03-06 Ken Raeburn <raeburn@mit.edu>
-
- * srvtab/kts_g_ent.c (krb5_ktsrvtab_get_entry): If a specific DES
- enctype was requested, set the key's enctype to it, instead of
- always returning des-cbc-crc.
-
- * file/ktf_g_ent.c (krb5_ktfile_get_entry): For non-zero kvno,
- match only low 8 bits. For zero kvno, if any kvno in the keytab
- is over 240, assume we're dealing with numbers 128
- through (127+256) instead. This allows for wrapping at 256 while
- retaining a small set of consecutively numbered prior keys in the
- keytab.
-
-2002-02-22 Ken Raeburn <raeburn@mit.edu>
-
- * ktbase.c (krb5_kt_resolve): Use const instead of krb5_const.
-
-2001-11-19 Tom Yu <tlyu@mit.edu>
-
- * file/ktf_g_ent.c (krb5_ktfile_get_entry): Coerce enctype for now
- to restore 1.0.x enctype similarity behavior.
-
-2001-10-15 Danilo Almeida <dalmeida@mit.edu>
-
- * ktfns.c (krb5_kt_get_type): KRB5_CALLCONV.
-
-2001-10-12 Ken Raeburn <raeburn@mit.edu>
-
- * ktfns.c: New file.
- * Makefile.in (STLIBOBJS, OBJS, SRCS): Build it.
-
-2001-10-09 Ken Raeburn <raeburn@mit.edu>
-
- * ktbase.c: Make prototypes unconditional.
- * srvtab/ktsrvtab.h: Make prototypes unconditional.
- * file/ktfile.h, file/ser_ktf.c: Make prototypes unconditional.
-
-2001-10-05 Ken Raeburn <raeburn@mit.edu>
-
- * file/ser_ktf.c: Drop _MSDOS support.
-
-2001-10-03 Ken Raeburn <raeburn@mit.edu>
-
- * ktadd.c, ktbase.c, ktdefault.c, ktfr_entry.c, ktremove.c,
- read_servi.c: Don't use KRB5_DLLIMP. Don't explicitly declare
- pointers FAR any more.
-
-2000-10-17 Ezra Peisach <epeisach@mit.edu>
-
- * ktbase.c (krb5_kt_resolve): Signed/unsigned int
- cleanups. Maintain const char * attribute of incomming name.
-
- * srvtab/kts_g_name.c, srvtab/ktsrvtab.h (krb5_ktsrvtab_get_name):
- Uses unsigned int length now.
-
- * file/ktf_util.c: Unsigned/signed int cleanups.
-
- * file/ktf_g_name.c, file/ktfile.h (krb5_ktfile_get_name): Length
- field now unsigned int.
-
-2000-09-25 Ezra Peisach <epeisach@mit.edu>
-
- * file/ser_ktf.c (krb5_ktf_keytab_externalize): Do not violate
- const char * declaration of ktfile_def_name.
-
- * file/ktf_util.c (xfwrite): Cast length field to fwrite/fread as
- unsigned.
-
-2000-06-28 Ezra Peisach <epeisach@mit.edu>
-
- * srvtab/kts_util.c (read_field): Cleanup unused variable.
-
-2000-03-12 Ezra Peisach <epeisach@mit.edu>
-
- * ktbase.c (krb5_kt_resolve): Change prototype from const to
- krb5_const to match krb5.hin
-
-Fri Jan 28 19:53:44 2000 Ezra Peisach <epeisach@mit.edu>
-
- * srvtab/kts_g_ent.c, srvtab/ktsrvtab.h (krb5_ktsrvtab_get_entry):
- Change the third argument to krb5_const_principal (from
- krb5_principal) to agree with krb5_kts_ops entries.
-
-1999-10-26 Wilfredo Sanchez <tritan@mit.edu>
-
- * Makefile.in, file/Makefile.in, srvtab/Makefile.in: Clean up
- usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, LOCAL_INCLUDES such that
- one can override CFLAGS from the command line without losing CPP
- search patchs and defines. Some associated Makefile cleanup.
-
-1999-06-15 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Fix windows build.
-
- * srvtab/Makefile.in: Fix windows build.
-
- * srvtab/ktsrvtab.h, srvtab/kts_resolv.c (krb5_ktsrvtab_resolve),
- srvtab/kts_g_name.c (krb5_ktsrvtab_get_name),
- srvtab/kts_close.c (krb5_ktsrvtab_close),
- srvtab/kts_g_ent.c (krb5_ktsrvtab_get_entry),
- srvtab/kts_ssget.c (krb5_ktsrvtab_start_seq_get),
- srvtab/kts_next.c (krb5_ktsrvtab_get_next),
- srvtab/kts_endget.c (krb5_ktsrvtab_end_get): Fix calling
- convention.
-
-1999-06-13 Geoffrey King <gjking@mit.edu>
-
- * Makefile.in: Add new subdirectory srvtab.
-
- * srvtab: Initial checkin of ghudson's code to implement the
- SRVTAB keytab type, which can read a krb4 srvtab.
-
- * ktbase.c: Support FILE and SRVTAB types by default. Use
- krb5_ktf_ops instead of krb5_dfl_ops.
-
-Tue May 18 19:52:56 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Remove - from recursive Win32 make invocation.
-
-Mon May 10 15:25:32 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in, file/Makefile.in: Do win32 build in subdir.
-
-1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in, file/Makefile.in: Set the myfulldir and mydir
- variables (which are relative to buildtop and thisconfigdir,
- respectively.)
-
-1998-10-27 Marc Horowitz <marc@mit.edu>
-
- * file/ktf_g_ent.c (krb5_ktfile_get_entry): restructure the code
- to use the compare_enctypes function and not leak memory
-
-Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in, file/Makefile.in: Changed thisconfigdir to point at
- the lib/krb5 directory, since we've moved the configure.in tests
- in this directory to the toplevel lib/krb5 configure.in
-
-Wed Feb 18 16:22:33 1998 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in, file/Makefile.in: Remove trailing slash from
- thisconfigdir. Fix up BUILDTOP for new conventions.
-
-Thu Feb 12 16:18:05 1998 Tom Yu <tlyu@mit.edu>
-
- * configure.in: Add commented out AC_OUTPUT to force autoreconf to
- rebuild the configure script.
-
-Mon Feb 2 16:47:05 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in, file/Makefile.in: Define BUILDTOP and thisconfigdir
- in the Makefile
-
- * configure.in: Create the makefiles for the file subdirectory
- and move all of the configure.in tests from in the
- subdirectory into this configure.in.
-
-Tue Oct 28 10:53:10 1997 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * ktf_wreslv.c, ktf_resolv.c:Initialize version element of
- krb5_ktfile_data structure.
-
-Mon Sep 15 15:15:33 1997 Ezra Peisach <epeisach@mit.edu>
-
- * ktfile.h, ktf_g_ent.c (krb5_ktfile_get_entry): Incoming principal
- is krb5_const_principal.
-
-Sat Feb 22 22:27:53 1997 Richard Basch <basch@lehman.com>
-
- * Makefile.in: Use some of the new library list build rules in
- win-post.in
-
-Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com>
-
- * Makefile.in: win32 build
-
- * ktadd.c,ktbase.c,ktdefault.c,ktfr_entry.c,ktremove.c,read_servi.c:
- DLL export the keytab dispatch functions
-
- * file/Makefile.in: win32 build
-
- * file/ktf_add.c, file/ktf_close.c, file/ktf_g_ent.c,
- file/ktf_g_name.c, file/ktf_next.c, file/ktf_remove.c,
- file/ktf_resolv.c, file/ktf_ssget.c, file/ktf_wreslv.c,
- file/ktfile.h: Change the functions declarations to include FAR
- pointers and KRB5_CALLCONV so that they can be utilized by a DLL.
-
-Thu Jan 2 17:11:59 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in, configure.in, file/Makefile.in, file/configure.in:
- Update to new library build procedure.
-
-Tue Nov 19 17:06:59 1996 Barry Jaspan <bjaspan@mit.edu>
-
- * file/ktf_g_ent.c (krb5_ktfile_get_entry): return
- KRB5_KT_KVNONOTFOUND when appropriate [krb5-libs/198]
-
-Wed Jul 24 17:10:11 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * file/ktf_g_name.c (krb5_ktfile_get_name): Use the error code
- KRB5_KT_NAME_TOOLONG instead of ENAMETOOLONG, which isn't
- portable.
-
-Fri Jul 12 21:16:50 1996 Marc Horowitz <marc@mit.edu>
-
- * file/ktf_g_name.c (krb5_ktfile_get_name): include the prefix in
- the returned name.
-
-Wed Jun 12 01:09:01 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * file/ser_ktf.c: Add #ifdef _WIN32 in places where we had #ifdef
- _MSDOS
-
-Thu Jun 6 00:04:38 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * Makefile.in (all-windows): Don't pass $(LIBCMD) on the command
- line. It's set in the windows.in prologue for all Makefiles anyway.
-
-Thu May 9 03:05:51 1996 Richard Basch <basch@lehman.com>
-
- * file/ktf_g_ent.c (krb5_ktfile_get_entry): don't skip over keytab
- entries with kvno=0.
-
-Tue Mar 19 22:28:43 1996 Richard Basch <basch@lehman.com>
-
- * file/ktf_g_ent.c (krb5_ktfile_get_entry): all des enctypes are
- equivalent
-
-Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Folded in danw's changes to allow
- building Makefiles for the Macintosh. We now can build
- MPW makefiles which are interpreted by CodeWarrior.
-
-Thu Jan 25 15:52:34 1996 Sam Hartman <hartmans@tertius.mit.edu>
-
- * file/ktf_g_ent.c (krb5_ktfile_get_entry): Match against enctype.
-
-Fri Jan 5 04:50:41 1996 Ezra Peisach (epeisach@kangaroo.mit.edu)
-
- * file/ser_ktf.c (krb5_ktf_keytab_internalize): Take care of gcc
- warning under OSF/1.
-
-Wed Dec 13 07:09:30 1995 Chris Provenzano (proven@mit.edu)
-
- * configure.in : Remove subdirectory db.
-
-Tue Dec 12 01:26:30 1995 Chris Provenzano (proven@mit.edu)
-
- * configure.in : Added subdirectory db.
-
-Fri Oct 6 22:04:28 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in, file/Makefile.in: Remove ##DOS!include of
- config/windows.in. config/windows.in is now included by
- wconfig.
-
-Mon Sep 25 16:57:28 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in, file/Makefile.in: Removed "foo:: foo-$(WHAT)" lines
- from the Makefile.
-
-Wed Sep 13 10:57:08 1995 Keith Vetter (keithv@fusion.com)
-
- * file/ser_ktf.c: Added MSDOS to wherever MACINTOSH was used.
-
-Mon Sep 11 21:22:44 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * file/ser_ktf.c (krb5_ktf_keytab_externalize): On Macintosh,
- keytab file is not left open
-
-Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu)
-
- * read_servi.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g
-
- * file/ktf_g_ent.c, file/ktf_remove.c, file/ktf_util.c,
- file/ktfile.h : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g
-
-Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu)
-
- * file/ktf_util.c : Remove krb5_enctype references, and replace with
- krb5_keytype where appropriate
-
-Tue Aug 29 13:37:56 EDT 1995 Paul Park (pjpark@mit.edu)
-
- * ktbase.c - Add routines to deal with externalizing krb5_keytab. These
- search the registered keytab types for a match and dispatch
- via the serializer handle.
- * file/Makefile.in, file/.Sanitize, file/ser_ktf.c - Add new module to support
- serialization of [WR]FILE keytabs.
- * file/ktf_{defops,ops,wops}.c - Add serializer entry.
- * file/ktf_{resolv,wreslv}.c - Set magic number in successfully resolved
- keytab.
-
-Wed Aug 16 02:45:19 1995 Chris Provenzano <proven@mit.edu>
-
- * file/ktf_util.c: Pass fds to krb5_lock_file() and krb5_unlock_file()
-
-Tue Aug 15 01:34:57 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU>
-
- * file/ktf_util.c: return KRB5_KEYTAB_BADVNO instead of -1
-
-Fri Aug 4 21:48:41 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU>
-
- * read_servi.c (krb5_kt_read_service_key): add more parens to shut
- up gcc -Wall
-
- * ktdefault.c (krb5_kt_default): add more parens to shut up gcc
- -Wall
-
- * file/ktf_util.c: shut up gcc -Wall
-
- * file/ktf_remove.c: more stuff to shut up gcc -Wall
-
- * file/ktf_next.c: Add more parens to shut up gcc -Wall
-
- * file/ktf_g_ent.c (krb5_ktfile_get_entry): Add more parens to shut up
- gcc -Wall
-
- * file/ktf_add.c (krb5_ktfile_add): Add parens to shut up gcc -Wall
-
-Wed Jun 28 12:05:34 1995 <tytso@rsx-11.mit.edu>
-
- * file/ktf_g_ent.c (krb5_ktfile_get_entry): If the key version number
- is specified, check to make sure that the entry has the
- correct key version number.
-
-Fri Jun 9 19:33:33 1995 <tytso@rsx-11.mit.edu>
-
- * configure.in: Remove standardized set of autoconf macros, which
- are now handled by CONFIG_RULES. Use DO_SUBDIRS to
- recurse down subdirectories.
-
- * file/configure.in: Remove standardized set of autoconf macros,
- which are now handled by CONFIG_RULES.
-
-Fri May 26 20:20:18 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in, Makefile.in, file/configure.in, file/Makefile.in:
- Add support for building shared libraries.
-
-Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com)
-
- * *.c, file/*.[ch]: removed unneeded INTERFACE from non-api
- functions.
-
-Fri Mar 17 19:46:07 1995 John Gilmore (gnu at toad.com)
-
- * Makefile.in (LDFLAGS): Zap duplicate defn.
- (all-mac, clean-mac): Add.
- * file/Makefile.in (LDFLAGS): Zap duplicate.
-
-Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: cleaned up for the PC
-
-Tue Mar 7 21:40:18 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in, file/Makefile.in: changed library name for the PC.
-
-Tue Mar 7 19:53:56 1995 Mark Eichin <eichin@cygnus.com>
-
- * configure.in, file/configure.in: take out ISODE_DEFS.
-
-Wed Mar 3 16:30:00 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: changed LIB to LIBCMD for the PC
-
-Thu Mar 2 11:50:00 1995 Keith Vetter (keithv@fusion.com)
-
- * file/ktf_util.c: Changed NEED_WINSOCK_H to NEED_SOCKETS
-
-Wed Mar 1 16:30:00 1995 Keith Vetter (keithv@fusion.com)
-
- * file/ktf_util.c: fixed up some 16 vs 32 bit conversions.
-
-Tue Feb 28 00:59:22 1995 John Gilmore (gnu at toad.com)
-
- * *.c, file/*.c: Avoid <krb5/...> includes.
-
-Wed Feb 22 01:38:54 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: made to work on the PC
- * *.c: added windows INTERFACE keyword
-
- * file/Makefile.in: made to work on the PC
- * file/*.c, file/ktfile.h: added windows INTERFACE keyword
- * file/ktf_util.c: removed include of <netinet/in.h>
- cast some 32bit ints to size_t ints
-
-Fri Feb 3 01:53:44 1995 John Gilmore <gnu@cygnus.com>
-
- Rename files for DOS 8.3 uniqueness:
- * file/ktf_get_en.c => ktf_g_ent.c
- * file/ktf_get_na.c => ktf_g_name.c
- * file/Makefile.in: changed to match.
-
-Fri Jan 27 12:54:54 1995 Chris Provenzano (proven@mit.edu)
-
- * file/ktf_get_en.c, file/ktfile.h (krb5_ktfile_get_entry())
- Added krb5_keytype arg.
-
-Wed Jan 25 16:54:40 1995 Chris Provenzano (proven@mit.edu)
-
- * Removed all narrow types and references to wide.h and narrow.h
- * file/ktf_util.c : Use a constant size for file data not subfield
- size from krb5_keytab_entry
-
-Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
-
- * read_servi.c (krb5_kt_read_service_key) Add krb5_keytype arg.
-
-Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
-
- * Added krb5_context to all krb5_routines
-
-Fri Nov 18 15:34:35 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * file/ktf_util.c (krb5_ktfileint_internal_read_entry): Add magic
- numbers for keytab, principal, and keyblock.
-
-Wed Oct 26 14:41:31 1994 (tytso@rsx-11)
-
- * file/ktf_get_en.c (krb5_ktfile_get_entry): If the requested kvno
- is IGNORE_KVNO, fix the error return so that 0 (no error)
- is returned instead of KTF_NOT_FOUND.
-
-Fri Oct 14 23:09:02 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in: Add ISODE_DEFS rule.
-
-Thu Oct 13 17:26:12 1994 Theodore Y. Ts'o (tytso@maytag)
-
- * file/configure.in: Add ISODE_DEFS
-
-Tue Oct 4 22:06:15 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * ktfr_entry.c (krb5_kt_free_entry): Only try to free
- entry->key.contents if it is non-NULL. If entry is NULL,
- return.
-
- * file/ktf_get_en.c (krb5_ktfile_get_entry): Fix to compare using
- new_entry instead of cur_entry. (Bug made in modification
- on Sep 28th). Don't free cur_entry twice on errors.
-
- * file/ktfile.h
- * file/ktf_wreslv.c (krb5_ktfile_wresolve):
- * file/ktf_resolv.c (krb5_ktf_resolv): Resolv's first argument is now a
- const char *.
-
-Fri Sep 30 21:56:02 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * file/ktf_ops.c (krb5_ktf_ops):
- file/ktf_wops.c (krb5_ktf_writable_ops):
- file/ktf_defops.c (krb5_kt_dfl_ops): Add placeholder for magic number.
-
-Thu Sep 29 23:19:06 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * ktbase.c (krb5_kt_resolve_name): If the prefix "FILE:" is not
- given, assume the default operations list (whcih is
- krb5_kt_dfl_ops).
-
-Wed Sep 28 21:14:49 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * file/ktf_get_en.c (krb5_ktfile_get_entry): Modified to return the
- most recent key (with the greatest kvno), instead of the
- first.
-
-Thu Sep 22 21:51:53 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * file/ktf_get_en.c (krb5_ktfile_get_entry):
- * file/ktf_next.c (krb5_ktfile_get_next):
- * file/ktf_remove.c (krb5_ktfile_remove):
- * file/ktf_util.c (krb5_ktfileint_read_entry,
- krb5_ktfileint_internal_read_entry):
- * file/ktfile.h: Change the interface of krb5_ktfile_read_entry and
- krb5_ktfile_internal_read_entry so that they don't
- allocate memory for the top-level structure. All of their
- callers didn't need it and were freeing it anyway.
-
- * file/ktf_remove.c (krb5_ktfile_remove): Fix memory leak caused by not
- freeing the top-level structure.
-
-Wed Sep 14 21:56:15 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * file/ktf_util.c (krb5_ktfileint_delete_entry): Fixed bug reported by
- Bill Sommerfeld where a missing byte-swap on a
- little-endian machine causes the delete operation fail.
-
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
deleted file mode 100644
index f0794dbf57..0000000000
--- a/src/lib/krb5/krb/ChangeLog
+++ /dev/null
@@ -1,3633 +0,0 @@
-2006-04-02 Ken Raeburn <raeburn@mit.edu>
-
- * t_kerb.c: Include autoconf.h.
-
- * Makefile.in (DEFS): Make empty.
-
-2006-03-26 Ken Raeburn <raeburn@mit.edu>
-
- * kerrs.c: New file.
- * Makefile.in (SRCS, OBJS, STLIBOBJS): Add it.
-
- * gc_via_tkt.c (krb5_get_cred_via_tkt): If the KDC returns
- KRB_ERR_GENERIC, store the e-text field as the error message.
-
-2006-03-13 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (check-unix): Use RUN_SETUP for t_deltat.
-
-2006-01-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (t_deltat): Include support library.
-
-2005-12-30 Tom Yu <tlyu@mit.edu>
-
- * gc_frm_kdc.c: Rewrite to modularize significantly. (~400-line
- functions do not deserve to live.) The outer loop no longer
- explicitly attempts the direct path to the target; that attempt
- has been folded into the inner loop. Remove some redundant
- credential lookups present in the old code. Treat unexpected
- realm referrals as soft errors, in case some intermediate KDC
- disagrees with client regarding a transit path.
-
-2005-12-28 Tom Yu <tlyu@mit.edu>
-
- * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Cause free_tgt and
- free_otgt to track the states of tgt and otgt correctly, to avoid
- a double-free condition which previously happened when this
- function returned to krb5_get_credentials(), which proceeded to
- free a previously freed TGT in the returned TGT list.
-
-2005-10-19 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (t_ser): Add dl library and thread link options,
- since kdb5 library is linked in and needs them.
-
-2005-09-22 Tom Yu <tlyu@mit.edu>
-
- * mk_req_ext.c (krb5int_generate_and_save_subkey): Check for and
- free pre-existing subkeys before clobbering the pointers. This
- fixes some memory leaks.
-
-2005-08-23 Ezra Peisach <epeisach@mit.edu>
-
- * t_ser.c (ser_kcontext_test): Remove statement declaring an
- unused variable using a non-portable gcc extension.
-
-2005-08-15 Tom Yu <tlyu@mit.edu>
-
- * get_in_tkt.c (krb5_get_init_creds): Free tempstr on non-error
- returns from krb5_string_to_deltat() to avoid memory leak.
-
-2005-07-12 Tom Yu <tlyu@mit.edu>
-
- * recvauth.c (recvauth_common): Avoid double-free on invalid
- version string. Thanks to Magnus Hagander. Fix for
- MITKRB5-SA-2005-003 [CAN-2005-1689, VU#623332].
-
- * unparse.c (krb5_unparse_name_ext): Account for zero-component
- principal, to avoid single-byte overflow. Thanks to Daniel
- Wachdorf. Part of fix for MITKRB5-SA-2005-002 [CAN-2005-1175,
- VU#885830].
-
-2005-06-29 Ken Raeburn <raeburn@mit.edu>
-
- * t_ser.c (ser_data): Don't initialize db serialization code that
- doesn't exist any more.
- (ser_kcontext_test): Don't create and destroy databases.
-
-2005-05-19 Sam Hartman <hartmans@mit.edu>
-
- * kfree.c (krb5_free_keyblock_contents krb5_free_keyblock): Make
- stubs into libk5crypto so that libk5crypto can call these.
- * init_keyblock.c (krb5_init_keyblock): As above.
-
-2005-04024 Jeffrey Altman <jaltman@mit.edu>
-
- * get_creds.c:
- the purpose of the krb5_get_credentials call is to
- obtain a set of credentials for the caller. the
- krb5_cc_store_cred() call is to optimize performance
- for future calls. Ignore any errors, since the credentials
- are still valid even if we fail to store them in the cache.
-
-
-2005-04-13 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (BISONFLAGS): Drop -v.
- ($(srcdir)/deltat.c): Change to source directory before
- rebuilding, so path to source tree doesn't get inserted.
-
- * fwd_tgt.c (NEED_SOCKETS): Don't define.
- * recvauth.c (NEED_SOCKETS): Don't define.
- * sendauth.c (NEED_SOCKETS): Don't define.
-
-2005-03-22 Tom Yu <tlyu@mit.edu>
-
- * x-deltat.y (wsnum): Add missing semicolon following YYERROR,
- which was preventing bison-1.75 from producing compilable C
- output.
-
- * gic_keytab.c (krb5_get_init_creds_keytab): When calling
- krb5_get_init_creds() for the second time (with use_master=1),
- also accept KRB5_REALM_UNKNOWN as a soft error, and use the result
- from the first call to krb5_get_init_creds(). This can happen
- when no master KDC is configured.
-
-2005-03-14 Jeffrey Altman <jaltman@mit.edu>
-
- * Makefile.in: fix maintainer mode since it is not supported on
- Windows.
-
-2005-03-03 Ken Raeburn <raeburn@mit.edu>
-
- * x-deltat.y (tok_WS): Renamed terminal from "WS", which conflicts
- with HP-UX 10 header files. Updated all productions.
- (mylex): Updated.
- * Makefile.in ($(srcdir)/deltat.c): Enable dependencies in
- maintainer mode.
- * deltat.c: Updated.
-
-2005-02-16 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (init_common): Delete redundant library
- initialization call that was run only on UNIX. Test assertion
- that krb5_ui_8 really did get a proper 64-bit type.
-
-2005-02-09 Tom Yu <tlyu@mit.edu>
-
- * gic_pwd.c (krb5_get_init_creds_password): Fix so empty password
- string causes prompting and doesn't cause truncation of password
- to zero characters.
-
-2005-01-28 Ezra Peisach <epeisach@mit.edu>
-
- * t_walk_rtree.c (main): Free context at end to allow searching
- for memory leaks.
-
-2005-01-17 Jeffrey Altman <jaltman@mit.edu>
- * unparse.c: krb5_unparse_name, krb5_unparse_name_ext()
- prevent null pointer dereferencing if either 'name' or 'size'
- are NULL.
-
-2005-01-17 Ezra Peisach <epeisach@mit.edu>
-
- * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): More memory leaks
- fixed as introduced in ticket #2541. Do not rely on knowledge that
- upon failure from krb5_cc_retrieve_cred, returned credential data
- is untouched.
-
-2005-01-17 Ezra Peisach <epeisach@mit.edu>
-
- * preauth2.c (krb5_do_preauth): Upon error in decoding
- krb5_type_info{,2}, on failure, do not call krb5_free_type_info
- with a null pointer.
-
-2005-01-15 Jeffrey Altman <jaltman@mit.edu>
-
- * cp_key_cnt.c, copy_princ.c:
- prevent krb5_copy_principal() and krb5_copy_keyblock() from
- calling malloc(0). On platforms in which malloc(0) returns
- NULL, these functions will return an ENOMEM error the way
- they were written.
-
-2005-01-11 Ken Raeburn <raeburn@mit.edu>
-
- * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Free credentials
- retrieved from ccache before returning. Based on patch from
- fumihiko kakuma <kakuma@valinux.co.jp>.
-
-2005-01-03 Ken Raeburn <raeburn@mit.edu>
-
- * parse.c (krb5_parse_name): Don't cache the default realm name.
-
-2004-10-26 Tom Yu <tlyu@mit.edu>
-
- * mk_req_ext.c (krb5_mk_req_extended): Free keyblock before
- copying new one in.
-
-2004-10-14 Tom Yu <tlyu@mit.edu>
-
- * t_deltat.c (main): Unadorned integer no longer fails now that we
- default to seconds.
-
-2004-10-13 Alexandra Ellwood <lxs@mit.edu>
-
- * deltat.c, x-deltat.y: Default to seconds if no unit is provided.
-
-2004-09-24 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in (LOCALINCLUDES): Include SRCTOP to get patchlevel.h.
-
- * brand.c: Use patchlevel.h as master version stamp file.
-
-2004-09-21 Tom Yu <tlyu@mit.edu>
-
- * rd_cred.c (decrypt_credencdata): Clear and free ppart to avoid
- leak, reported by Derrick Schommer.
-
-2004-08-31 Tom Yu <tlyu@mit.edu>
-
- * rd_rep.c:
- * send_tgs.c: Fix double-free vulnerabilities.
-
-2004-08-27 Ken Raeburn <raeburn@mit.edu>
-
- * conv_princ.c (krb5_425_conv_principal): Terminate argument list
- to krb5_build_principal with NULL, not 0. Patch from Nalin
- Dahyabhai.
-
-2004-08-12 Alexandra Ellwood <lxs@mit.edu>
-
- * get_in_tkt.c (get_init_creds):
- Support ticket_lifetime libdefault.
- Made aware of 32 bit min and max for times.
- Allow renew_until time < expiration time.
-
-2004-08-03 Ken Raeburn <raeburn@mit.edu>
-
- * srv_rcache.c (krb5_get_server_rcache): Call
- krb5_rc_recover_or_initialize.
-
-2004-06-22 Ken Raeburn <raeburn@mit.edu>
-
- * parse.c (krb5_parse_name): Don't test macintosh.
-
-2004-06-04 Ken Raeburn <raeburn@mit.edu>
-
- * str_conv.c (krb5_string_to_timestamp): Use localtime_r if
- available.
- (krb5_timestamp_to_string, krb5_timestamp_to_sfstring): Likewise.
-
- * parse.c (krb5_parse_name): Use assert and abort, not exit.
-
- * srv_rcache.c (krb5_get_server_rcache): Don't forget to actually
- include the cache type in the cache name, after looking it up.
-
-2004-06-02 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (init_common): Don't call krb5_init_ets.
- (krb5_free_context): Don't call krb5_free_ets.
-
- * srv_rcache.c (krb5_get_server_rcache): Use krb5_rc_resolve_full
- instead of constructing an rcache object locally.
-
-2004-05-25 Ezra Peisach <epeisach@mit.edu>
-
- * conv_creds.c (krb5int_encode_v4tkt): Unsigned vs signed warning fix.
-
-2004-05-24 Ezra Peisach <epeisach@mit.edu>
-
- * t_ser.c (ser_keytab_test): Cleanup memory leak of forgetting to
- close keytab.
-
- * chpw.c: Add parenthesis around assignments in conditionals.
-
-2004-05-12 Jeffrey Altman <jaltman@mit.edu>
-
- * send_tgs.c: krb5_send_tgs() was broken in the case of a KRB_ERROR
- message. The krb5_response message_type field was never set
- resulting in stack garbage being used instead. This would
- break code which used transitive cross-realm to obtain service
- tickets.
-
-2004-04-24 Ken Raeburn <raeburn@mit.edu>
-
- * conv_creds.c (krb524_init_ets, krb524_convert_creds_kdc): Add
- forward declarations to silence gcc warnings.
-
- * init_ctx.c (init_common): In UNIX case, check the return value
- from krb5int_initialize_library.
-
-2004-04-16 Sam Hartman <hartmans@mit.edu>
-
- * gic_pwd.c (krb5int_populate_gic_opt): Take credentials and
- populate lifetime options based on them.
-
- * gic_keytab.c gic_pwd.c : update callers
-
-2004-04-15 Sam Hartman <hartmans@mit.edu>
-
- * gic_pwd.c (krb5_get_init_creds_password): Free the as reply in
- the !use_master case (Thanks to Lijian Liu)
-
-2004-03-09 Ken Hornstein <kenh@cmf.nrl.navy.mil>
-
- * gic_keytab.c (krb5_get_in_tkt_with_keytab): Fix a case I missed
- originally.
-
-2004-02-27 Ken Raeburn <raeburn@mit.edu>
-
- * gic_pwd.c (krb5_get_in_tkt_with_password): Fix a case Jeff
- missed.
-
-2004-02-26 Jeffrey Altman <jaltman@mit.edu>
-
- * get_in_tkt.c, gic_keytab.c, gic_pwd.c, send_tgs.c:
- Implement changes to support the use of
- krb5_get_init_creds_password's use_master as an in/out
- parameter. This allows us to prevent a duplicate request
- being sent to the KDC in the situation that the password
- used is incorrect. This behavior results a negative user
- experience and had to be corrected.
-
-2004-02-13 Ken Raeburn <raeburn@mit.edu>
-
- * sendauth.c: Don't specify defaults for
- GET{PEER,SOCK}NAME_ARG{2,3}_TYPE macros.
-
-2004-02-06 Sam Hartman <hartmans@avalanche-breakdown.mit.edu>
-
- * init_ctx.c (DEFAULT_ETYPE_LIST): Include aes128-cts
-
-2003-12-19 Ken Raeburn <raeburn@mit.edu>
-
- * get_in_tkt.c (get_in_tkt_enctypes): Now const.
-
-2003-12-16 Ken Raeburn <raeburn@mit.edu>
-
- * conv_creds.c (krb5int_encode_v4tkt): Zero out unused parts of
- ticket. Use a temorary in case krb5_int32 isn't "int".
- (decode_v4tkt): Use a temorary in case krb5_int32 isn't "int".
-
-2003-12-13 Ken Raeburn <raeburn@mit.edu>
-
- * mk_req_ext.c (krb5int_generate_and_save_subkey): New function,
- split out from krb5_mk_req_extended.
- (krb5_mk_req_extended): Call it.
- * mk_rep.c (krb5_mk_rep): If KRB5_AUTH_CONTEXT_USE_SUBKEY flag is
- set, call krb5int_generate_and_save_subkey to set up a new subkey
- to send to the client.
-
- * serialize.c (krb5_ser_pack_int64, krb5_ser_unpack_int64): New
- functions.
-
-2003-10-30 Tom Yu <tlyu@mit.edu>
-
- * gen_seqnum.c (krb5_generate_seq_number): Fix mask; was short by
- 4 bits.
-
-2003-10-08 Tom Yu <tlyu@mit.edu>
-
- * rd_safe.c (krb5_rd_safe_basic): Save the encoded KRB-SAFE-BODY
- to avoid trouble caused by re-encoding. Also, handle correctly
- implemented RFC 1510 KRB-SAFE, i.e., checksummed over
- KRB-SAFE-BODY only.
-
-2003-09-02 Tom Yu <tlyu@mit.edu>
-
- * conv_creds.c (krb524_convert_creds_plain): Apply patch from
- Cesar Garcia to fix lifetime computation.
-
-2003-08-19 SamHartman <hartmans@avalanche-breakdown.mit.edu>
-
- * rd_cred.c (decrypt_credencdata): Don't double free credentials.
-
-2003-08-08 Tom Yu <tlyu@mit.edu>
-
- * gic_pwd.c (krb5_get_init_creds_password): If DNS SRV support is
- turned off, the second call to get_init_creds() will fail with
- KRB5_REALM_UNKNOWN under certain circumstances. If that happens,
- return the error from the first call to get_init_creds(), which
- will be more useful to the user.
-
-2003-07-22 Sam Hartman <hartmans@avalanche-breakdown.mit.edu>
-
- * preauth2.c (krb5_do_preauth): Use the etype_info2 decoder for decoding etype_info2
- (krb5_do_preauth): If an invalid encoding of etype_info or
- etype_info2 is received, ignore it rather than failing the request
-
-2003-07-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBNAME) [##WIN16##]: Don't define.
-
-2003-07-15 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (STLIBOBJS, OBJS, T_SER_OBJS): Drop ser_eblk.o.
-
-2003-06-03 Alexandra Ellwood <lxs@mit.edu>
-
- * init_ctx.c: Export krb5_get_permitted_enctypes for Samba.
-
-2003-06-27 Tom Yu <tlyu@mit.edu>
-
- * gic_keytab.c (krb5_get_in_tkt_with_keytab): Pass (void*)keytab,
- not &keytab, to get_init_creds. Thanks to Herb Lewis.
-
-2003-06-16 Sam Hartman <hartmans@mit.edu>
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): Set use_conf_ktypes to true while getting the TGT key
-
-2003-06-13 Tom Yu <tlyu@mit.edu>
-
- * rd_rep.c (krb5_rd_rep): Free subkeys before replacing them, if
- needed. This avoids a memory leak.
-
-2003-06-11 Tom Yu <tlyu@mit.edu>
-
- * srv_rcache.c (krb5_get_server_rcache): Octal escapes begin with
- hyphen now, since backslash is a pathname separator on DOS.
-
-2003-06-06 Sam Hartman <hartmans@mit.edu>
-
- * get_in_tkt.c (krb5_get_init_creds): Mask out renewable_ok if the
- request is for a renewable ticket with rtime greater than till
-
-2003-06-06 Ezra Peisach <epeisach@mit.edu>
-
- * mk_req_ext.c (krb5_generate_authenticator): Sequence numbers are
- unsigned now.
-
-2003-05-30 Ken Raeburn <raeburn@mit.edu>
-
- * get_in_tkt.c (krb5_get_init_creds): Change hardcoded default
- ticket lifetime from 10 hours to 24 hours.
-
- * init_ctx.c (DEFAULT_KDC_TIMESYNC): Define as 1 always.
- (DEFAULT_CCACHE_TYPE): Define as 4 always.
-
-2003-05-30 Alexandra Ellwood <lxs@mit.edu>
-
- * get_in_tkt.c: (verify_as_reply) Only check the renewable lifetime
- of tickets whose request options included KDC_OPT_RENEWABLE_OK
- if those options did not also include KDC_OPT_RENEWABLE. Otherwise
- verify_as_reply() will fail for all renewable tickets.
-
-2003-05-27 Ken Raeburn <raeburn@mit.edu>
-
- * conv_creds.c: Enable support on Windows always.
- (krb5_524_convert_creds): Renamed from krb524_convert_creds_kdc.
- (krb524_convert_creds_kdc, krb524_init_ets) [!_WIN32]: Backwards
- compatibility functions.
-
-2003-05-27 Sam Hartman <hartmans@mit.edu>
-
- * gic_keytab.c (krb5_get_in_tkt_with_keytab): as below
-
- * gic_pwd.c (krb5_get_in_tkt_with_password): Store client and
- server principals to avoid memory leak
-
-2003-05-24 Ken Raeburn <raeburn@mit.edu>
-
- * conv_creds.c: New file, moved from krb524/conv_creds.c and
- krb524/encode.c. Rename exported encode routine, make other
- encode and decode routines static. If KRB5_KRB4_COMPAT is not
- defined, return an error.
- * v4lifetime.c: New file, moved from lib/krb4/lifetime.c. Renamed
- functions, changed interface to use krb5 types.
- * Makefile.in (STLIBOBJS, OBJS, SRCS): Add them.
-
-2003-05-23 Sam Hartman <hartmans@mit.edu>
-
- * get_in_tkt.c (krb5_get_init_creds): Initialize options based on
- context.kdc_default_options
-2003-05-22 Tom Yu <tlyu@mit.edu>
-
- * gen_seqnum.c (krb5_generate_seq_number): Fix think-o on sequence
- number mask.
-
- * auth_con.c (krb5int_auth_con_chkseqnum): New function; implement
- heuristic for broken Heimdal sequence number encoding.
- (chk_heimdal_seqnum): Auxiliary function for above.
-
- * auth_con.h: Add flags for sequence number heuristic.
-
- * rd_priv.c: Use krb5int_auth_con_chkseqnum.
-
- * rd_safe.c: Use krb5int_auth_con_chkseqnum.
-
-2003-05-22 Sam Hartman <hartmans@mit.edu>
-
- * gic_pwd.c (krb5int_populate_gic_opt): returns void
-
-2003-05-21 Tom Yu <tlyu@mit.edu>
-
- * gic_pwd.c (krb5_get_in_tkt_with_password): Set pw0.length
- correctly if a password is passed in.
-
-2003-05-20 Sam Hartman <hartmans@mit.edu>
-
- * get_in_tkt.c: get_in_tkt only supports old (non-etype-info2)
- enctypes.
-
- * Makefile.in (SRCS): Remove in_ktb.c
-
- * gic_keytab.c (krb5_get_in_tkt_with_keytab): Move from
- in_tkt_keytab.c and rewrite to use krb5_get_init_creds
-
- * gic_pwd.c (krb5_get_in_tkt_with_password): Moved here from
- in_tkt_pwd.c so it can share code with
- krb5_get_init_creds_password. Rewritten to call
- krb5_get_in_tkt_password
-
- * Makefile.in (SRCS): Delete in_tkt_pwd.c
-
-2003-05-18 Tom Yu <tlyu@mit.edu>
-
- * auth_con.h: Sequence numbers are now unsigned.
-
- * gen_seqnum.c (krb5_generate_seq_number): Constrain initial
- sequence number space to facilitate backwards compatibility.
-
-2003-05-16 Ken Raeburn <raeburn@mit.edu>
-
- * ser_ctx.c (krb5_context_internalize): Copy read-in OS context
- data into krb5_context and free up the newly allocated OS
- context.
-
- * chpw.c (krb5int_rd_chpw_rep): Allow new kpasswd error codes up
- through _INITIAL_FLAG_NEEDED.
-
-2003-05-13 Sam Hartman <hartmans@mit.edu>
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): Try with no specified enctype if
- forwarding a specific enctype fails. l
-
- * get_in_tkt.c (krb5_get_init_creds): Free s2kparams
-
- * preauth2.c (krb5_do_preauth): Fix memory management
- (pa_salt): Use copy_data_contents
-
- * copy_data.c (krb5int_copy_data_contents): New function
-
-2003-05-09 Sam Hartman <hartmans@mit.edu>
-
- * preauth2.c: Patch from Sun to reorganize code for handling
- etype_info requests. More efficient and easier to implement etype_info2
- (krb5_do_preauth): Support enctype_info2
-
-2003-05-08 Sam Hartman <hartmans@mit.edu>
-
- * preauth2.c: Add s2kparams to the declaration of a preauth
- function, to every instance of a preauth function and to every
- call to gak_fct
-
- * get_in_tkt.c (krb5_get_init_creds): Add s2kparams support
-
- * gic_keytab.c (krb5_get_as_key_keytab): Add s2kparams
-
- * gic_pwd.c (krb5_get_as_key_password): Add s2kparams support
-
-2003-05-09 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (init_common): Copy tgs_ktypes array to
- conf_tgs_ktypes. Clear use_conf_ktypes.
- (krb5_free_context): Free conf_tgs_ktypes.
- (krb5_get_tgs_ktypes): Use use_conf_ktypes to choose between
- tgs_ktypes and conf_tgs_ktypes.
-
- * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Set use_conf_ktypes
- in context to 1 for all operations except the acquisition of the
- desired service ticket.
-
-2003-05-09 Tom Yu <tlyu@mit.edu>
-
- * auth_con.c (krb5_auth_con_setsendsubkey)
- (krb5_auth_con_setrecvsubkey, krb5_auth_con_getsendsubkey)
- (krb5_auth_con_getrecvsubkey): New functions. Set or retrieve
- subkeys from an auth_context.
- (krb5_auth_con_getlocalsubkey, krb5_auth_con_getremotesubkey):
- Reimplement in terms of the above.
-
- * auth_con.h, ser_actx.c: Rename {local,remote}_subkey ->
- {send,recv}_subkey.
-
- * chpw.c (krb5int_rd_chpw_rep): Save send_subkey prior to rd_rep;
- use saved send_subkey to smash recv_subkey obtained from rd_rep.
-
- * mk_req_ext.c (krb5_mk_req_extended): Rename
- {local,remote}_subkey -> {send,recv}_subkey. Set both subkeys if
- subkey generation is requested.
-
- * mk_cred.c, mk_priv.c, mk_safe.c: Rename {local,remote}_subkey ->
- {send,recv}_subkey. Use either send_subkey or keyblock, in that
- order.
-
- * rd_cred.c, rd_priv.c, rd_safe.c: Rename {local,remote}_subkey ->
- {send,recv}_subkey. Use either recv_subkey or keyblock, in that
- order.
-
- * rd_rep.c (krb5_rd_rep): Rename {local,remote}_subkey ->
- {send,recv}_subkey. Set both subkeys if a subkey is present in
- the AP-REP message.
-
- * rd_req_dec.c (krb5_rd_req_decoded_opt): Rename
- {local,remote}_subkey -> {send,recv}_subkey. Set both subkeys if
- a subkey is present in the AP-REQ message.
-
-2003-05-06 Sam Hartman <hartmans@mit.edu>
-
- * kfree.c (krb5_free_etype_info): Free s2kparams
-
-2003-04-27 Sam Hartman <hartmans@mit.edu>
-
- * chpw.c (krb5int_setpw_result_code_string): Make internal
-
-2003-04-25 Sam Hartman <hartmans@mit.edu>
-
- * chpw.c (krb5int_rd_setpw_rep): Fix error handling; allow
- krberrors to be read correctly; fix memory alloctaion so that
- allocated structures are freed.
-
-2003-04-16 Sam Hartman <hartmans@mit.edu>
-
- * chpw.c (krb5int_mk_setpw_req): Use encode_krb5_setpw_req. Fix
- memory handling to free data that is allocated
-
-2003-04-15 Sam Hartman <hartmans@mit.edu>
-
- * chpw.c (krb5int_mk_setpw_req krb5int_rd_setpw_rep): New function
-
-2003-04-24 Ezra Peisach <epeisach@mit.edu>
-
- * kfree.c (krb5_free_pwd_sequences): Correction to previous
- fix. Free contents of krb5_data - not just the pointer.
-
-2003-04-23 Ezra Peisach <epeisach@mit.edu>
-
- * kfree.c (krb5_free_pwd_sequences): Actually free the entire
- sequence of passwd_phase_elements and not just the first one.
-
-2003-04-13 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (DEFAULT_ETYPE_LIST): Add AES with 256 bits at the
- front of the list. No 128-bit support by default.
-
-2003-04-01 Nalin Dahyabhai <nalin@redhat.com>
-
- * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Check principal name
- length before examining components.
-
- * parse.c (krb5_parse_name): Double-check principal name length
- before filling in components.
-
- * srv_rcache.c (krb5_get_server_rcache): Check for null pointer
- supplied in place of name.
-
- * unparse.c (krb5_unparse_name_ext): Don't move buffer pointer
- backwards if nothing has been put into the buffer yet.
-
-2003-04-01 Sam Hartman <hartmans@mit.edu>
-
- * rd_req.c (krb5_rd_req): If AUTH_CONTEXT_DO_TIME is cleared,
- don't set up a replay cache.
-
-2003-03-08 Ezra Peisach <epeisach@mit.edu>
-
- * t_kerb.c: Only include krb.h if krb4 support compiled in,
- otherwise define ANAME_SZ, INST_SZ and REALM_SZ.
-
-2003-03-06 Tom Yu <tlyu@mit.edu>
-
- * preauth2.c (pa_sam_2): Add intermediate size_t variable to hold
- output of krb5_c_encrypt_length().
-
-2003-03-06 Alexandra Ellwood <lxs@mit.edu>
-
- * appdefault.c: Fix constness to avoid warning.
-
- * init_ctx.c: Do the same stuff on the Mac as on Unix.
-
- * preauth2.c: Added cast to fix warning.
-
-2003-03-04 Tom Yu <tlyu@mit.edu>
-
- * srv_rcache.c (krb5_get_server_rcache): Fix missed
- isinvalidrcname -> isvalidrcname.
-
-2003-03-02 Sam Hartman <hartmans@mit.edu>
-
- * srv_rcache.c (krb5_get_server_rcache): If punctuation or graphic characters in replay ccache name then use escaping
-
- * rd_req.c (krb5_rd_req): Allow initializing the replay cache from the ticket
-
-2003-02-25 Tom Yu <tlyu@mit.edu>
-
- * gic_pwd.c (krb5_get_init_creds_password): Don't pass a NULL
- pointer to sprintf().
-
-2003-02-14 Sam Hartman <hartmans@mit.edu>
-
- * preauth2.c (krb5_do_preauth): Sort incoming etype info based on
- preference order in request
-
-2003-02-13 Sam Hartman <hartmans@mit.edu>
-
- * gic_keytab.c (krb5_get_as_key_keytab): Nathan Neulinger points
- out that the AS key is double freed; fix.
-
-2003-02-11 Sam Hartman <hartmans@mit.edu>
-
- * rd_cred.c (krb5_rd_cred): Free creds using krb5_free_tgt_creds
- and make sure they are set to null in case of error.
-
-2003-02-07 Sam Hartman <hartmans@mit.edu>
-
- * rd_cred.c (krb5_rd_cred): Allow the tickets to be encrypted the
- session key as well as the subsession key; for GSSAPI this tends
- to be what happens.
-
-2003-02-04 Sam Hartman <hartmans@mit.edu>
-
- * get_in_tkt.c (krb5_get_init_creds): Default to addressless tickets
-
-2003-01-12 Ezra Peisach <epeisach@bu.edu>
-
- * send_tgs.c (krb5_send_tgs): Free memory leak of TGS_REQ.
-
-2003-01-10 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag.
-
-2003-01-09 Sam Hartman <hartmans@mit.edu>
-
- * get_creds.c (krb5_get_credentials_core): Patch from Ben Cox
- <cox-work@djehuti.com> to not use expired service credentials if
- the endtime is null but instead to search for unexpired
- credentials. If none are found, get new credentials.
-
-
-2003-01-08 Sam Hartman <hartmans@mit.edu>
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): Don't require hostname to be supplied unless you are using addresses in the ticket.
-
-2003-01-07 Ken Raeburn <raeburn@mit.edu>
-
- * appdefault.c (conf_yes, conf_no): Now const.
-
-2003-01-07 Sam Hartman <hartmans@mit.edu>
-
- * mk_req_ext.c (krb5_mk_req_extended): Fix logic error in checksum function handling
- (krb5_mk_req_extended): For consistency with Microsoft, never use a subkey before calling the checksum callback
-
-2003-01-06 Sam Hartman <hartmans@mit.edu>
-
- * mk_req_ext.c (krb5_mk_req_extended): Inf no in_data is provided
- but krb5_auth_con_set_checksum_func has been called, then use that
- callback to generate the in_data.
-
- * auth_con.c (krb5_auth_con_init): Initialize checksum_func fields
- (krb5_auth_con_set_checksum_func): new function-- set the mk_req
- checksum function
- (krb5_auth_con_get_checksum_func): return the same
-
- * auth_con.h: Add checksum_func and checksum_func_data
-
-2002-12-23 Ezra Peisach <epeisach@bu.edu>
-
- * t_kerb.c: Include string.h for strcmp prototype.
-
-2002-12-19 Ken Raeburn <raeburn@mit.edu>
-
- * conv_princ.c (krb5_524_conv_principal): Clean up use of "const"
- in API.
-
-2002-11-14 Ezra Peisach <epeisach@bu.edu>
-
- * get_in_tkt.c (krb5_get_in_tkt): Do not pass NULL when an
- integer 0 is intended to send_as_request().
-
-2002-11-07 Ezra Peisach <epeisach@bu.edu>
-
- * conv_princ.c (strnchr): Make length argument unsigned int.
-
- * preauth2.c: Add parentheses around assignment used as truth
- value. Cleanup unused variable.
-
-
-2002-10-30 Tom Yu <tlyu@mit.edu>
-
- * chk_trans.c (krb5_check_transited_list): Style nit: check
- character against '\0' not NULL.
-
-2002-10-30 Sam Hartman <hartmans@mit.edu>
-
- * chk_trans.c: Ignore trailing null in transited encoding; older
- versions of MIT code included this.
-
-2002-10-28 Ken Raeburn <raeburn@mit.edu>
-
- * get_in_tkt.c (conf_yes, conf_no): Now const. References
- updated.
- * preauth.c (preauth_systems): Now const. References updated.
- * preauth2.c (pa_types): Now const.
- (krb5_do_preauth): Local array paorder now const.
-
-2002-10-28 Sam Hartman <hartmans@mit.edu>
-
- * gic_keytab.c (krb5_get_init_creds_keytab): Don't allow failure
- to resolve master KDC to mask error from a slave we did talk to.
-
-2002-10-24 Ken Hornstein <kenh@cmf.nrl.navy.mil>
-
- * gic_pwd.c (krb5_get_init_creds_password): Exit out of the loop
- when preauth fails.
-
- * kfree.c: Add various free functions for new preauth
- data structures.
-
- * preauth2.c (pa_sam): Fix up support for "old" hardware preauth.
- Also implement new hardware preauth in pa_sam2().
-
-2002-10-23 Ken Hornstein <kenh@cmf.nrl.navy.mil>
-
- * gic_pwd.c (krb5_get_init_creds_password): Fix bug in previous
- password expiration warning; also, check for password expiration
- warnings via LRQ type from krb-clarifications.
-
-2002-09-11 Sam Hartman <hartmans@mit.edu>
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): If our initial tickets don't
- have addresses, neither should forwarded tickets. Also, noticed
- that cc was being used before initialized in some cases; fixed.
-
-2002-09-02 Ken Raeburn <raeburn@mit.edu>
-
- * addr_comp.c, addr_order.c, addr_srch.c, appdefault.c,
- auth_con.c, bld_princ.c, chpw.c, cleanup.h, conv_princ.c,
- copy_addrs.c, copy_athctr.c, copy_auth.c, copy_cksum.c,
- copy_creds.c, copy_data.c, copy_key.c, copy_princ.c, copy_tick.c,
- cp_key_cnt.c, decode_kdc.c, decrypt_tk.c, enc_helper.c,
- encode_kdc.c, encrypt_tk.c, free_rtree.c, fwd_tgt.c, gc_frm_kdc.c,
- gc_via_tkt.c, gen_seqnum.c, gen_subkey.c, get_creds.c,
- get_in_tkt.c, gic_keytab.c, gic_opt.c, gic_pwd.c, in_tkt_ktb.c,
- in_tkt_pwd.c, in_tkt_sky.c, init_ctx.c, kdc_rep_dc.c, kfree.c,
- mk_cred.c, mk_error.c, mk_priv.c, mk_rep.c, mk_req.c,
- mk_req_ext.c, mk_safe.c, parse.c, pr_to_salt.c, preauth.c,
- preauth2.c, princ_comp.c, rd_cred.c, rd_error.c, rd_priv.c,
- rd_rep.c, rd_req.c, rd_req_dec.c, rd_safe.c, recvauth.c,
- send_tgs.c, sendauth.c, ser_actx.c, ser_adata.c, ser_addr.c,
- ser_auth.c, ser_cksum.c, ser_ctx.c, ser_key.c, ser_princ.c,
- serialize.c, set_realm.c, srv_rcache.c, str_conv.c, t_deltat.c,
- t_kerb.c, t_ser.c, t_walk_rtree.c, tgtname.c, unparse.c,
- valid_times.c, vfy_increds.c, vic_opt.c, walk_rtree.c,
- x-deltat.y: Use prototype style function definitions.
- * deltat.c: Regenerated.
- * bld_princ.c: Include stdarg.h before k5-int.h.
- * cleanup.h (struct cleanup): Include prototype for function
- pointer field 'func'.
-
-2002-08-29 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-08-22 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (init_common): Initialize udp_pref_limit field.
-
-2002-08-15 Tom Yu <tlyu@mit.edu>
-
- * t_ser.c (ser_ccache_test): Remove references to STDIO ccaches.
-
-2002-08-01 Tom Yu <tlyu@mit.edu>
-
- * unparse.c (krb5_unparse_name_ext): Error out if passed a NULL
- pointer. Patch from Mark Levinson; fixes [krb5-admin/1140].
-
-2002-06-26 Ezra Peisach <epeisach@bu.edu>
-
- * appdefault.c (conf_boolean): Change variable from char ** to
- const char ** to prevent warning of const to non-const.
-
- * get_in_tkt.c (_krb5_conf_boolean): Same
-
-2002-06-25 Alexandra Ellwood <lxs@mit.edu>
-
- * appdefault.c, get_in_tkt.c: made conf_yes and conf_no const to
- improve load time on Mach-O
-
- * init_ctx: fixed Mac OS macros
-
- [pullups from 1-2-2-branch]
-
-2001-06-25 Miro Jurisic <meeroh@mit.edu>
-
- * rd_safe.c, rd_priv.c, rd_cred.c, preauth.c, mk_safe.c,
- mk_cred.c, appdefault.c: use "" includes for krb5.h, k5-int.h and
- syslog.h
- [pullup from 1-2-2-branch]
-
-2002-06-18 Ken Raeburn <raeburn@mit.edu>
-
- * sendauth.c (ECONNABORTED): Don't define here now that it's
- defined in port-sockets.h.
-
-2002-06-18 Danilo Almeida <dalmeida@mit.edu>
-
- * princ_comp.c (krb5_realm_compare), auth_con.c
- (krb5_auth_con_setports, krb5_auth_con_getaddrs,
- krb5_auth_con_initivector), addr_order.c (krb5_address_order),
- addr_comp.c (krb5_address_compare): Make KRB5_CALLCONV.
- [pullup from 1-2-2-branch]
-
-2002-06-18 Danilo Almeida <dalmeida@mit.edu>
-
- * bld_princ.c (krb5_build_principal_va): Make
- krb5_build_principal_va() KRB5_CALLCONV.
- [pullup from 1-2-2-branch]
-
-2002-06-12 Ken Raeburn <raeburn@mit.edu>
-
- * preauth.c: Don't include syslog.h.
-
-2002-06-10 Ken Raeburn <raeburn@mit.edu>
-
- * get_in_tkt.c (send_as_request): Update arg list for
- sendto_kdc. If a RESPONSE_TOO_BIG error is returned from the KDC,
- use a TCP connection.
- * send_tgs.c (krb5_send_tgs): Update arg list for sendto_kdc. If
- a RESPONSE_TOO_BIG error is returned from the KDC, use a TCP
- connection.
-
-2002-04-12 Ezra Peisach <epeisach@bu.edu>
-
- * Makefile.in (clean): Remove t_expand and t_expand.o
-
-2002-04-12 Ken Raeburn <raeburn@mit.edu>
-
- * conv_princ.c (struct krb_convert): Add new field 'len'.
- (RC, R, NR): New macros.
- (sconv_list): Use them.
- (krb5_524_conv_principal): Compare lengths and then use memcmp.
-
- * recvauth.c (sendauth_version): Now a const array.
- * sendauth.c (sendauth_version): Now a const array.
- (krb5_sendauth): Cast address when assigning to outbuf data
- field.
-
-2002-04-05 Ken Raeburn <raeburn@mit.edu>
-
- * decrypt_tk.c (krb5_decrypt_tkt_part): Call krb5_c_valid_enctype
- instead of valid_enctype.
- * encode_kdc.c (krb5_encode_kdc_rep): Likewise.
- * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Likewise.
- * gic_keytab.c (krb5_get_as_key_keytab): Likewise.
- * in_tkt_ktb.c (keytab_keyproc): Likewise.
- * in_tkt_sky.c (skey_keyproc): Likewise.
- * init_ctx.c (krb5_set_default_in_tkt_ktypes,
- krb5_set_default_tgs_enctypes): Likewise.
- * send_tgs.c (krb5_send_tgs): Likewise.
-
- * mk_safe.c (krb5_mk_safe_basic): Call krb5_c_valid_cksumtype,
- krb5_c_is_coll_proof_cksum, krb5_c_is_keyed_cksum instead of
- non-prefixed forms.
- * rd_safe.c (krb5_rd_safe_basic): Likewise.
-
-2002-03-28 Sam Hartman <hartmans@mit.edu>
-
- * Makefile.in : New file init_keyblock.c
-
- * init_keyblock.c (krb5_init_keyblock): New function
-
-2002-03-16 Sam Hartman <hartmans@mit.edu>
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): Fix merge of patch from 1.2.2
- back to mainline.
-
-2002-03-14 Sam Hartman <hartmans@mit.edu>
-
- * walk_rtree.c (krb5_walk_realm_tree): Fix handling of null client or server realm
-
-2002-03-06 Ken Raeburn <raeburn@mit.edu>
-
- * ser_actx.c (krb5_auth_context_externalize): Do bounds checking
- on converted size value.
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): If no session key has been set,
- try getting credentials and use the session key type as a hint
- for the enctype to use for the forwarded credentials.
-
-2002-02-27 Sam Hartman <hartmans@mit.edu>
-
- * rd_cred.c (krb5_rd_cred_basic): Don't check IP addresses; if
- someone knows the key and wants to give us credentials, that's OK.
- No reflection attack is possible in most protocols since krb_cred
- is almost always client->server. Address checking created
- significant problems for NATs. We also ran into problems
- getting our code to work with Heimdal and removing checking was
- easier than a staged upgrade to fix the problems.
- (krb5_rd_cred): Don't pass in addresses
-
-2002-02-22 Ken Raeburn <raeburn@mit.edu>
-
- * addr_comp.c, addr_order.c, addr_srch.c, bld_pr_ext.c,
- bld_princ.c, enc_helper.c, encrypt_tk.c, gen_seqnum.c,
- gen_subkey.c, preauth.c: Use const instead of krb5_const.
- * bld_pr_ext.c, bld_princ.c: Always use stdarg macros and not
- varargs.
-
-2002-01-08 Sam Hartman <hartmans@mit.edu>
-
- * gen_subkey.c (krb5_generate_subkey): Label entropy sources
-
- * init_ctx.c (init_common): Use /dev/urandom if present for random data
-
-2001-12-05 Ezra Peisach <epeisach@mit.edu>
-
- * t_ser.c (main): Free context on failure exit route.
-
- 2001-11-24 Sam Hartman <hartmans@mit.edu>
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): Get a session key for the
- forwarded tgt that is the same as the session key for the
- auth_context. This is an enctype we know the remote side
- supports.
-
-2001-11-26 Sam Hartman <hartmans@mit.edu>
-
- * gen_seqnum.c (krb5_generate_seq_number): add entropy source id
-
- * sendauth.c (krb5_sendauth): Add entropy source ID
-
- * mk_req_ext.c (krb5_mk_req_extended): Add entropy source ID to random seed call
-
- * init_ctx.c (init_common): Specify entropy source for random seed
-
-2001-11-16 Sam Hartman <hartmans@mit.edu>
-
- * init_ctx.c (krb5_set_default_tgs_enctypes): rename from
- set_default_ktypes; old function provided as APIA
-
-2001-11-16 Ezra Peisach <epeisach@mit.edu>
-
- * init_ctx.c (DEFAULT_ETYPE_LIST): Ensure space present after
- arcfour-hmac-md5 entry for when ANSI strings concatenated the
- des-cbc-crc entry was dropped.
-
-2001-11-07 Sam Hartman <hartmans@mit.edu>
-
- * init_ctx.c (DEFAULT_ETYPE_LIST): Add arcfour-hmac-md5; it really
- is probably at least as good as DES
-
-2001-10-10 Danilo Almeida <dalmeida@mit.edu>
-
- * gic_pwd.c (krb5_get_as_key_password),
- gic_keytab.c (krb5_get_as_key_keytab): Use ANSI-style
- declaration in definition.
-
-2001-10-09 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (init_common): After fetching kdc_default_options
- value from krb5.conf, actually use that value. Pointed out by
- Emily Ratliff, <ratliff@austin.ibm.com>.
-
- * get_in_tkt.c, in_tkt_ktb.c, in_tkt_pwd.c, in_tkt_sky.c,
- int-proto.h, mk_req_ext.c, pr_to_salt.c, rd_req_dec.c, ser_actx.c,
- ser_adata.c, ser_addr.c, ser_auth.c, ser_cksum.c, ser_ctx.c,
- ser_eblk.c, ser_key.c, ser_princ.c, t_kerb.c: Make prototypes
- unconditional.
-
-2001-10-05 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c, preauth.c: Drop _MSDOS support.
-
-2001-10-03 Ken Raeburn <raeburn@mit.edu>
-
- * appdefault.c, auth_con.c, bld_pr_ext.c, bld_princ.c, chpw.c,
- conv_princ.c, copy_addrs.c, copy_athctr.c, copy_auth.c,
- copy_cksum.c, copy_creds.c, copy_data.c, copy_key.c, copy_princ.c,
- copy_tick.c, cp_key_cnt.c, decrypt_tk.c, fwd_tgt.c, get_creds.c,
- get_in_tkt.c, gic_keytab.c, gic_opt.c, gic_pwd.c, in_tkt_ktb.c,
- in_tkt_pwd.c, in_tkt_sky.c, init_ctx.c, kfree.c, mk_cred.c,
- mk_error.c, mk_priv.c, mk_rep.c, mk_req.c, mk_req_ext.c,
- mk_safe.c, parse.c, princ_comp.c, rd_cred.c, rd_error.c,
- rd_priv.c, rd_rep.c, rd_req.c, rd_safe.c, recvauth.c, sendauth.c,
- ser_actx.c, ser_ctx.c, serialize.c, set_realm.c, srv_rcache.c,
- str_conv.c, unparse.c, vfy_increds.c, vic_opt.c, x-deltat.y: Don't
- use KRB5_DLLIMP. Don't explicitly declare pointers FAR any more.
-
-2001-09-07 Ken Raeburn <raeburn@mit.edu>
-
- * t_expand.c: New file.
- * Makefile.in (SRCS): Add test-case source files; rebuilt
- dependencies.
- (t_expand.o): Build from t_expand.c now, no special build rule.
-
-2001-09-07 Ken Raeburn <raeburn@mit.edu>
-
- * rd_req_dec.c (krb5_rd_req_decoded_opt): Pass server realm to
- transited-list check, not local realm, in case they're different.
-
-2001-08-21 Ken Raeburn <raeburn@mit.edu>
-
- * walk_rtree.c (krb5_walk_realm_tree): Initialize slen to silence
- compiler warning.
-
-2001-08-08 <epeisach@mit.edu>
-
- * walk_rtree.c (krb5_walk_realm_tree): Do not try to free const char *.
-
- * mk_safe.c (krb5_mk_safe_basic): Do not declare local_addr and
- remote_addr const and then cast the attribute away.
-
- * mk_req_ext.c (krb5_generate_authenticator): Static function -
- remove const attribute from cksum pointer.
-
- * gc_via_tkt.c (krb5_get_cred_via_tkt): Cast unsigned integer
- krb5_error error_value to signed before adding
- ERROR_TABLE_BASE_krb5.
-
-2001-07-31 Ken Raeburn <raeburn@mit.edu>
-
- * chk_trans.c (krb5_check_transited_list): Pointer args now point
- to const.
-
-2001-07-31 Ezra Peisach <epeisach@mit.edu>
-
- * get_in_tkt.c: Cast to unsigned krb5_error error value to
- krb5_error_code before trying to add to ERROR_TABLE_BASE_krb5.
-
-2001-07-30 Ezra Peisach <epeisach@mit.edu>
-
- * sendauth.c (krb5_sendauth): Instead of casting second argument
- to getpeername() and getsockname() to "struct sockaddr *", cast to
- system specific type as determined by autoconf.
-
-2001-07-24 Ezra Peisach <epeisach@mit.edu>
-
- * in_tkt_sky.c (krb5_get_in_tkt_with_skey): Change cast from
- krb5_pointer to krb5_const_pointer to ensure const integrity of
- parameter.
-
- * in_tkt_ktb.c (keytab_keyproc): Add const argument to cast of
- keyseed to struct keytab_keyproc_arg to maintain const status.
-
- * conv_princ.c (krb5_524_conv_principal): Cast argument to memcpy
- to size_t.
-
-2001-07-06 Ezra Peisach <epeisach@mit.edu>
-
- * conv_princ.c (krb5_425_conv_principal): Cast argument to tolower
- to int.
-
- * get_in_tkt.c: Include os-proto.h for _krb5_conf_boolean prototype.
-
- * Makefile.in (LOCALINCLUDES): Add -I$(srcdir)/../os so os-proto.h
- can be included.
-
-2001-06-29 Tom Yu <tlyu@mit.edu>
-
- * init_ctx.c (get_profile_etype_list): Fix etype-counting loop so
- that trailing separator characters (as in the DEFAULT_ETYPE_LIST)
- don't cause another iteration, which was causing the following
- loop to fall off the end of the string due to count being one too
- great.
-
-2001-06-28 Ezra Peisach <epeisach@mit.edu>
-
- * chk_trans.c (foreach_realm): Cleanup loal variable set but never
- used.
-
-2001-06-21 Ezra Peisach <epeisach@mit.edu>
-
- * chk_trans.c: Cast length arguments of %.*s in formats to int.
-
-2001-06-20 Ezra Peisach <epeisach@mit.edu>
-
- * Makefile.in (check-unix): Add $(RUN_SETUP) before invocation of
- transit-tests for shared library environment variables.
-
-2001-06-19 Ken Raeburn <raeburn@mit.edu>
-
- * chk_trans.c: Reimplemented from scratch.
- * transit-tests: New file.
- * Makefile.in (t_expand, t_expand.o): New targets. Build test
- program from chk_trans.c.
- (T_EXPAND_OBJS): New variable.
- (TEST_PROGS): Add t_expand.
- (check-unix): Run transit-tests.
- * t_krb5.conf: Added capaths section.
-
-2001-06-16 Ken Raeburn <raeburn@mit.edu>
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): Copy enctype for new creds from
- tgt.
-
-2001-06-12 Ezra Peisach <epeisach@mit.edu>
-
- * Makefile.in (t_walk_rtree, t_kerb): Do not link against kdb libraries
- for these test executables.
-
- * srv_rcache.c (krb5_get_server_rcache): Cast argument to
- isgraph() to int.
-
- * init_ctx.c: Cast arguments to isspace() to int. If unix is defined,
- include ../krb5_libinit.h. There has to be a better was for windows.
-
- * conv_princ.c (krb5_425_conv_principal): Cast argument to isupper().
- to int.
-
-2001-06-11 Ezra Peisach <epeisach@mit.edu>
-
- * str_conv.c: If strptime() is present on system without a
- prototype, provide one.
-
-2001-06-07 Ezra Peisach <epeisach@mit.edu>
-
- * vfy_increds.c (krb5_verify_init_creds): Get rid of a variable
- that was set in a conditional and never used afterwards.
-
-2001-06-01 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (get_profile_etype_list): Zero out multiple separator
- characters between tokens, so the second can be recognized
- properly.
-
-2001-04-04 Tom Yu <tlyu@mit.edu>
-
- * mk_safe.c (krb5_mk_safe): Only use safe_cksumtype from the
- auth_context (derived from the config file or hardcoded default)
- if it's suitable for the enctype of the key we're going to
- use. [pullup from krb5-1-2-2-branch]
-
-2001-03-28 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (DEFAULT_ETYPE_LIST): New macro. Old etype list,
- plus des-md4, with des-crc before des-mdX for now.
- (get_profile_etype_list): Use DEFAULT_ETYPE_LIST.
-
-2001-03-10 Ezra Peisach <epeisach@mit.edu>
-
- * init_ctx.c: Provide a full prototype for init_common().
-
- * recvauth.c (recvauth_common): Declare recvauth_common as static.
-
- * parse.c, sendauth.c: Changes to prevent shadowing of local
- variables.
-
- * get_in_tkt.c, tgtname.c: Include int-proto.h for prototypes.
-
-2001-03-03 Ken Raeburn <raeburn@mit.edu>
-
- * preauth2.c (pa_sam): Return an error if no prompter was
- provided.
-
-2001-02-15 Ezra Peisach <epeisach@mit.edu>
-
- * t_deltat.c (main): Test of overflow and underflow of krb5_int32.
-
- * x-deltat.y: Test for over/underflow of krb5_int32 for a
- krb5_deltat. Return EINVAL. [krb5-libs/922]
-
- * deltat.c: Regenerated from x-deltat.y
-
- * str_conv.c (krb5_string_to_timestamp): Do not accept a time
- format that only partially matches the input string. [krb5-lib/922]
-
-2001-01-30 Tom Yu <tlyu@mit.edu>
-
- * preauth.c (krb5_obtain_padata): Don't dereference a NULL pointer
- if we receive an empty ETYPE_INFO preauth. [krb5-libs/903 from
- craziboy77@hotmail.com]
-
- * preauth2.c (krb5_do_preauth): Don't dereference a NULL pointer
- if we receive an empty ETYPE_INFO preauth. [krb5-libs/903 from
- craziboy77@hotmail.com]
-
-2001-01-30 Ezra Peisach <epeisach@mit.edu>
-
- * rd_req_dec.c (krb5_rd_req_decrypt_tkt_part): Free
- krb5_keytab_entry if call to krb5_decrypt_tkt_part()
- fails. [krb5-libs/855 reported by guy@packeteer.com]
-
-2001-01-19 Ken Raeburn <raeburn@mit.edu>
-
- * preauth.c: Don't use PROTOTYPE macro, just always use the
- prototypes.
-
-2001-01-19 Tom Yu <tlyu@mit.edu>
-
- * preauth.c: Remove uses of KRB5_NPROTOTYPE() macro.
-
-2000-10-26 Ezra Peisach <epeisach@mit.edu>
-
- * t_ser.c: Cast getpid() calls to int as arguments to sprintf.
-
- * ser_actx.c: Move prototypes (listed below) to int-proto.h
-
- * int-proto.h: Add prototypes for krb5_ser_authdata_init,
- krb5_ser_address_init, krb5_ser_authenticator_init,
- krb5_ser_checksum_init, krb5_ser_keyblock_init,
- krb5_ser_principal_init.
-
- * ser_adata.c, ser_addr.c, ser_auth.c, ser_cksum.c, ser_key.c,
- ser_princ.c: Include int-proto.h for prototypes.
-
-2000-10-17 Ezra Peisach <epeisach@mit.edu>
-
- * bld_pr_ext.c, bld_princ.c (krb5_build_principal_ext,
- krb5_build_principal_va, krb5_build_principal): Take an unsigned
- int realm length.
-
- * get_in_tkt.c (krb5_get_init_creds): Use SALT_TYPE_AFS_LENGTH
- instead of -1.
-
- * gic_pwd.c (krb5_get_as_key_password): Use SALT_TYPE_AFS_LENGTH
- instead of -1.
-
- * in_tkt_pwd.c (pwd_keyproc): Argument to krb5_read_password is
- unsigned int.
-
- * pr_to_salt.c (krb5_principal2salt_internal): Declare as
- static. Unsigned int fix.
-
- * preauth.c (krb5_obtain_padata): Use SALT_TYPE_AFS_LENGTH instead
- of -1.
-
- * preauth2.c (pa_salt): Use SALT_TYPE_AFS_LENGTH instead of -1.
-
- * conv_princ.c, copy_auth.c, copy_princ.c, gc_frm_kdc.c, parse.c,
- send_tgs.c, srv_rcache.c: Unsigned/signed int cleanup.
-
- * unparse.c (krb5_unparse_name_ext): size parameter changed to
- unsigned int *.
-
-2000-10-04 Ezra Peisach <epeisach@mit.edu>
-
- * rd_req_dec.c (krb5_rd_req_decrypt_tkt_part): Fix memory leak if
- krb5_decrypt_tkt_part() fails. [krb5-libs/855]
-
-2000-10-03 Ezra Peisach <epeisach@mit.edu>
-
- * srv_rcache.c (krb5_get_server_rcache): Signed vs unsigned int
- warning fix.
-
- * pr_to_salt.c (krb5_principal2salt_internal): Add prototype for
- internal function, and declare static.
-
- * copy_addrs.c (krb5_copy_addresses): Cleanup unsigned vs signed
- warnings as arguments to malloc().
-
-Tue Sep 26 13:00:54 2000 Ezra Peisach <epeisach@mit.edu>
-
- * conv_princ.c (krb5_425_conv_principal): Call profile_free_list
- on v4realms during the iteration loop. Do not call
- profile_release_string with a NULL pointer.
-
-2000-09-25 Ezra Peisach <epeisach@mit.edu>
-
- * t_kerb.c: Add prototypes for test functions.
-
-2000-08-29 Ken Raeburn <raeburn@mit.edu>
-
- * get_creds.c (krb5_get_credentials_core): If the supplied enctype
- is not supported, return an error; can't satisfy both
- TC_SUPPORTED_KTYPES and TC_MATCH_KTYPE that way. Delete unused
- arguments CCACHE and OUT_CREDS; fix callers.
-
-2000-07-18 Ezra Peisach <epeisach@mit.edu>
-
- * vfy_increds.c: include int-proto.h for krb5_libdefault_boolean
- prototype.
-
- * t_ser.c (ser_eblock_test): ifdef out old eblock serialization
- test which is no longer called. (see 1999-09-01 ChangeLog)
-
- * t_kerb.c: Cast argument to fprintf to long to agree with format
- string.
-
- * t_deltat.c: If MIN is defined, undef before redefined as 60.
-
- * str_conv.c: Provide strptime prototype if the system header
- files fail to provide a prototype.
-
- * int-proto.h: Add prototype for krb5_libdefault_boolean()
-
-2000-06-30 Tom Yu <tlyu@mit.edu>
-
- * conv_princ.c (krb5_425_conv_principal): NULL, not nil.
-
-2000-06-30 Miro Jurisic <meeroh@mit.edu>
-
- * conv_princ.c (krb5_425_conv_principal): Fixed a memory leak
-
-2000-06-29 Ezra Peisach <epeisach@engrailed.mit.edu>
-
- * t_walk_rtree.c (main): Declare as returning int.
-
- * get_in_tkt.c (_krb5_conf_boolean): Declare as taking a const char *
-
- * str_conv.c (krb5_timestamp_to_string): Work around gcc's warning
- that %c format in strftime might return only two digits for the
- year.
-
- * mk_safe.c, rd_rep.c, send_tgs.c: Remove unused goto label.
-
- * kdc_rep_dc.c (krb5_kdc_rep_decrypt_proc): Remove code with no
- effect.
-
- * init_ctx.c: Make krb5_brand[] look used.
-
- * chpw.c, decode_kdc.c, decrypt_tk.c, enc_helper.c, get_creds.c,
- get_in_tkt.c, gic_keytab.c, gic_pwd.c, preauth2.c, vfy_increds.c:
- Add parentheses around assignment used as truth value
-
-2000-06-28 Ezra Peisach <epeisach@mit.edu>
-
- * conv_princ.c, get_creds.c, get_in_tkt.c, mk_rep.c, parse.c,
- send_tgs.c: Remove unused variable.
-
-2000-06-23 Miro Jurisic <meeroh@mit.edu>
-
- * conv_princ.c (krb5_425_conv_principal): Fixed v4->v5 realm
- name conversion
-
- * conv_princ.c (krb5_425_conv_principal): Honor v4/v5 realm name
- differences when convertion from v4 principals to v5.
-
-2000-06-23 Tom Yu <tlyu@mit.edu>
-
- * get_creds.c (krb5_get_credentials): Translate KRB5_CC_NOTFOUND
- returned from krb5_get_cred_from_kdc() if a prior call to
- krb5_cc_retrieve_cred() returned KRB5_CC_NOT_KTYPE.
-
- * rd_priv.c (krb5_rd_priv_basic): Delete code that was incorrectly
- doing explicit ivec chaining; c_decrypt() does it now.
-
- * mk_priv.c (krb5_mk_priv_basic): Delete code that was incorrectly
- doing explicit ivec chaining; c_encrypt() does it now.
-
- * conv_princ.c (krb5_524_conv_principal): Make a copy of the krb5
- realm that is nul-terminated to avoid falling off the end of the
- krb5 realm, which is not necessarily nul-terminated.
-
-2000-06-23 Danilo Almeida <dalmeida@mit.edu>
-
- * init_ctx.c (krb5_get_tgs_ktypes, krb5_free_ktypes): Fix linkage to
- be KRB5_CALLCONV.
-
-2000-06-23 Ken Raeburn <raeburn@mit.edu>
-
- * get_in_tkt.c (krb5_get_in_tkt): If enctypes are specified, send
- the server the intersection of that list and the supported types,
- in the order requested.
-
- * recvauth.c (krb5_recvauth_version): New routine, takes a
- krb5_data in which to store the client's application version
- string.
- (recvauth_common): Renamed from krb5_recvauth, added above
- functionality depending on extra argument values.
- (krb5_recvauth): New stub, calls above routine with extra dummy
- values.
-
- * kfree.c: Remove unneeded "return" statements at the end of many
- functions.
- (krb5_free_*_content, krb5_free_*_contents,
- krb5_free_cred_enc_part, krb5_free_pwd_sequences): Set freed
- pointer members to null when containing structure isn't being
- freed.
-
- * t_kerb.c (test_524_conv_principal): New test code, to exercise
- bbense's code addition.
- (main, usage): Updated.
- * t_krb5.conf: Added stanford.edu->IR.STANFORD.EDU mapping, and a
- test case for improperly long v4 realm names.
- * Makefile.in (check-unix): Run 524 conversion test for some test
- Athena and Stanford names.
- * t_ref_kerb.out: Updated.
-
- * init_ctx.c (init_common): Feed current-microsecond time and
- process-id into PRNG, instead of just current-second time.
- * mk_req_ext.c (krb5_mk_req_extended): Feed current time into
- PRNG if a subkey will be generated.
- * sendauth.c (krb5_sendauth): Feed local and remote addresses of
- socket, if they can be determined, into the PRNG if a subkey will
- be used.
-
- * init_ctx.c (krb5_free_ktypes): New routine, to free values
- returned by krb5_get_tgs_ktypes, krb5_get_permitted_enctypes, and
- krb5_get_default_in_tkt_ktypes.
- (krb5_set_default_tgs_ktypes, krb5_is_permitted_enctype): Use it.
- (get_profile_etype_list): Use passed-in enctype list if the
- passed-in count is non-zero, instead of checking the
- in_tkt_ktype_count value in the context.
-
-2000-06-23 Ken Raeburn <raeburn@mit.edu>
- Nalin Dahyabhai <nalin@redhat.com>
-
- * conv_princ.c (krb5_524_conv_principal): Return an error if name
- is too long. Use memcpy for character data since we already know
- the length.
-
-2000-06-23 Nalin Dahyabhai <nalin@redhat.com>
-
- * kfree.c (krb5_free_keyblock_contents): Set contents pointer to
- null after freeing.
-
- * chk_trans.c (krb5_check_transited_list): Don't overflow buffers
- "prev" and "next".
- * conv_princ.c (krb5_425_conv_principal): Don't overflow buffer
- "buf".
-
-2000-06-23 Ken Raeburn <raeburn@mit.edu>
- Booker C. Bense <bbense@networking.stanford.edu>
-
- * conv_princ.c (krb5_524_conv_principal): Look up v4_realm in
- config file, in case site's krb4 realm name isn't the same as the
- krb5 realm name.
-
-2000-05-31 Wilfredo Sanchez <tritan@mit.edu>
-
- * fwd_tgt.c: Check for existance of <memory.h>.
- [from Nathan Neulinger <nneul@umr.edu>]
-
-2000-5-19 Alexandra Ellwood <lxs@mit.edu>
-
- * sendauth.c, fwd_tgt.c: Changed to use krb5int_cc_default. This function
- supports the Kerberos Login Library and pops up a dialog if the cache does
- not contain valid tickets. This is used to automatically get a tgt before
- obtaining service tickets. Note that this should be an internal function
- because callers don't expect krb5_cc_default to pop up a dialog!
- (We found this out the hard way :-)
-
-2000-05-15 Jeffrey Altman <jaltman@columbia.edu>
-
- * Added new source file appdefault.c
- Implements new public functions
-
- krb5_appdefault_string
- krb5_appdefault_boolean
-
-2000-04-28 Alexandra Ellwood <lxs@mit.edu>
-
- * gic_pwd.c (krb5_init_creds_password) added code to return to
- login library if the password is expired (login library handles
- this error appropriately).
-
-2000-04-08 Tom Yu <tlyu@mit.edu>
-
- * vfy_increds.c (krb5_verify_init_creds): appdefault_boolean ->
- libdefault_boolean; it somehow got missed earlier.
-
-2000-04-07 Jeffrey Altman <jaltman@columbia.edu>
-
- * gic_pwd.c (krb5_get_init_creds_keytab), gic_pwd.c
- (krb5_get_init_creds_password) when determining whether or not to
- retry with a "master kdc" do not retry if the return value from
- the first attempt was KRB5_REALM_CANT_RESOLV. Also, do not
- overwrite the return code if the return value from the access to
- the "master kdc" was KRB5_REALM_CANT_RESOLV.
-
-2000-03-15 Danilo Almeida <dalmeida@mit.edu>
-
- * init_ctx.c (init_common), gic_pwd.c (krb5_get_as_key_password,
- krb5_get_init_creds_password), preauth2.c (pa_sam): Add support
- for krb5_get_prompt_types().
-
-2000-03-13 Ken Raeburn <raeburn@mit.edu>
-
- * preauth2.c (pa_function): Called function now takes new
- krb5_enctype pointer argument.
- (pa_salt, pa_sam): Accept new arg, ignore it.
- (pa_enc_timestamp): Accept new arg. If value pointed to is
- nonzero, pass it to get-AS-key fn instead of first requested
- enctype. Added some debugging fprintf calls, conditionally
- compiled.
- (krb5_do_preauth): Accept new arg, and pass it through to the
- specific preauth functions. Added some debugging fprintf calls,
- conditionally compiled.
-
- * get_in_tkt.c (krb5_get_init_creds): Pass etype pointer to
- krb5_do_preauth.
-
-2000-03-12 Ezra Peisach <epeisach@mit.edu>
-
- * addr_comp.c, addr_order.c, addr_srch.c, bld_pr_ext.c,
- bld_princ.c, encrypt_tk.c, gen_seqnum.c, gen_subkey.c: Change
- prototypes to use krb5_const instead of const to match the entries
- in krb5.hin
-
-2000-03-10 Miro Jurisic <meeroh@mit.edu>
-
- * get_in_tkt.c (krb5_get_init_creds): Always initialize local_as_reply
- to avoid returning garbage on error returns.
-
-2000-02-25 Ken Raeburn <raeburn@mit.edu>
-
- * preauth2.c (krb5_do_preauth): Check paorder[h] not h for
- PA_REAL. Fix from Matt Crawford.
-
-2000-02-16 Ken Raeburn <raeburn@mit.edu>
-
- * preauth2.c (pa_sam): In send-encrypted-sad mode, check for magic
- salt length and generate a salt from the principal name if found;
- use the password and salt to generate a key. Provide timestamp if
- nonce is zero, regardless of preauth mode. (Patch from Chas
- Williams.)
-
-2000-02-07 Ken Raeburn <raeburn@mit.edu>
-
- * gic_pwd.c (krb5_get_as_key_password): If the as_key enctype is
- already set to the correct type, do continue and ask for the
- password anyways. (Patch from Chas Williams, PR krb5-libs/730.)
-
- * preauth2.c (pa_sam): If no sam_flags were set, return
- KRB5_PREAUTH_BAD_TYPE, because we don't currently handle that
- case.
-
-2000-02-06 Ken Raeburn <raeburn@mit.edu>
-
- * preauth2.c (pa_sam): Remove unused variable use_sam_key.
- (SAMDATA): Cast first result to int, which is what sprintf needs.
- (pa_salt): Delete unused variable ret.
-
- Patches from Frank Cusack:
- * kfree.c (krb5_free_predicted_sam_response_contents): Fix typo.
- Free new data fields if needed.
- (krb5_free_enc_sam_response_enc_contents): Update for field name
- change.
- * preauth.c (obtain_sam_padata): Update for field name change.
- * preauth2.c (pa_sam): Likewise.
-
-2000-01-27 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (get_profile_etype_list): Discard DESONLY changes
- from 1999-09-01, and revert call sites.
-
-1999-12-02 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (get_profile_etype_list): Report an error if no
- recognized enctypes are found in the config file.
-
-1999-11-23 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (init_common): Renamed from krb5_init_context, now
- static. New argument SECURE provides initialization of
- profile_secure field.
- (krb5_init_context): Call it.
- (krb5_init_secure_context): New function.
-
- * in_tkt_ktb.c (keytab_keyproc): Now static.
- * in_tkt_pwd.c (pwd_keyproc): Now static.
- * in_tkt_sky.c (skey_keyproc): Now static.
-
- * preauth2.c (krb5_do_preauth): Fix syntax in switch statement.
- Cast padata contents pointer to avoid warning.
- (pa_types): Now static.
-
- * str_conv.c (krb5_deltat_to_string): Always write to a local
- temporary buffer that's guaranteed to be large enough, then see if
- the supplied output buffer is big enough.
- (krb5_string_to_deltat): Deleted.
- * x-deltat.y, deltat.c: New files.
- * Makefile.in (deltat.c): Add rule for building from x-deltat.y,
- but comment out dependencies for easier maintenance.
- (BISON, BISONFLAGS): New variables.
-
- * str_conv.c: Removed most static char arrays, substituting the
- values in place.
- (krb5_string_to_timestamp): Move atime_format_table inside here.
- (krb5_timestamp_to_sfstring): Move sftime_format_table inside
- here.
-
- * str_conv.c: If strftime or strptime are not available, include
- the renamed NetBSD versions, and define the function names as
- macros to map them to the replacement names.
- (__P, _CurrentTimeLocale, dummy_locale_info, TM_YEAR_BASE,
- DAYSPERLYEAR, DAYSPERNYEAR, DAYSPERWEEK, isleap, tzname, tzset):
- Define some dummies for strftime/strptime to use.
- (strptime): Deleted old stub version.
- (krb5_timestamp_to_string, krb5_timestamp_to_sfstring): Always
- assume strftime is available.
- (krb5_string_to_timestamp): Assume strptime is always available.
- * strftime.c, strptime.c: New files, based on NetBSD versions.
- Modified to rename the functions and not export any symbols.
-
- * Makefile.in (T_DELTAT_OBJS): New variable.
- (TEST_PROGS): Add t_deltat.
- (t_deltat): Add rule.
- (clean): Added t_deltat stuff. Run rm only once.
- * t_deltat.c: New file.
-
-1999-11-02 Ken Raeburn <raeburn@mit.edu>
-
- * t_ref_kerb.out: Fix expected zephyr/zephyr output.
-
-1999-10-26 Wilfredo Sanchez <tritan@mit.edu>
-
- * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
- LOCAL_INCLUDES such that one can override CFLAGS from the command
- line without losing CPP search patchs and defines. Some associated
- Makefile cleanup.
-
-1999-10-12 Ken Raeburn <raeburn@mit.edu>
-
- * conv_princ.c (sconv_list): Don't do conversion for "zephyr"
- principal. (Noticed by Derrick Brashear.) Delete about a dozen
- duplicate entries.
-
-1999-09-01 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (get_profile_etype_list): Update name of the des3
- entry in the default etype list.
-
- * init_ctx.c (get_profile_etype_list): New argument DESONLY; if
- set, ignore any ktype values other than NULL, DES_CBC_CRC, and
- DES_CBC_MD5.
- (krb5_get_default_in_tkt_ktypes, krb5_get_tgs_ktypes): Set it.
- (krb5_get_permitted_enctypes): Don't set it.
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): Use KRB5_TC_SUPPORTED_KTYPES
- when calling krb5_cc_retrieve_cred.
- * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Ditto.
- * get_creds.c (krb5_get_credentials_core): Set that flag.
- (krb5_get_credentials): Check for KRB5_CC_NOT_KTYPE error return.
-
- * t_ser.c (main): Disable eblock serialization test, since the
- code it tests was disabled nearly a year ago.
-
- * str_conv.c (krb5_timestamp_to_sfstring): Don't pass extra
- argument to sprintf.
-
-1999-08-10 Alexandra Ellwood <lxs@mit.edu>
-
- * chpw.c (krb5_mk_chpw_req):
- Added call to free cipherpw.data. cipherpw.data is allocated
- by krb5_mk_priv and passed back. Since cipherpw is never
- passed back, krb5_mk_chpw_req should free it.
-
-1999-08-05 Danilo Almeida <dalmeida@mit.edu>
-
- * init_ctx.c (krb5_init_context): Document why krb5_win_ccdll_load
- is called way early in code. (It is because we need to have the
- ccapi stuff loaded before trying to get the OS-specific context
- initialization where we figure out default cache names and such.)
-
-1999-08-05 Danilo Almeida <dalmeida@mit.edu>
-
- * init_ctx.c (get_profile_etype_list): Use profile_release_string
- to free string allocated by profile_get_string.
- (krb5_init_context): Use a real context for krb5_win_ccdll_load.
-
- * get_in_tkt.c (krb5_appdefault_string):
- * conv_princ.c (krb5_425_conv_principal): Use profile_free_list
- to free values allocated by profile_get_values.
-
-1999-08-04 Danilo Almeida <dalmeida@mit.edu>
-
- * get_in_tkt.c (_krb5_conf_boolean, krb5_appdefault_boolean):
- Rename krb5_conf_boolean to _krb5_conf_boolean to denote that
- it is not public so that folks outside the libraries won't
- be tempted to use it.
-
-1999-08-03 Danilo Almeida <dalmeida@mit.edu>
-
- * get_creds.c (krb5_validate_or_renew_creds): Intialize out_creds
- pointer to 0 and then check whether it is 0 before trying to
- dereference it, in case lower-level routine failed to assign
- a value to it.
-
-1999-07-22 Jeffrey Altman <jaltman@columbia.edu>
-
- get_in_tkt.c: rename conf_boolean to krb5_conf_boolean so that
- it may be used in additional modules.
-
-1999-06-28 Tom Yu <tlyu@mit.edu>
-
- * enc_helper.c (krb5_encrypt_helper): NULL out the pointer to the
- ciphertext if there is an error; this prevents stuff farther up
- from freeing freed memory.
-
-1999-06-18 Ken Raeburn <raeburn@mit.edu>
-
- * init_ctx.c (krb5_free_context): Set field pointers to NULL after
- freeing targets, in case higher-level code retains pointers into
- the context structure. (From Jeffrey Altman.)
-
-Thu May 13 17:31:34 1999 Theodore Y. Ts'o <tytso@mit.edu>
-
- * init_ctx.c (krb5_init_context): Pass the context to
- kkrb5_win_ccdll_load so that it can register the FILE
- ccache type if using ccapi (so that the FILE ccache type
- will always work).
-
-Mon May 10 15:26:00 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Do win32 build in subdir.
-
-1999-04-09 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * kfree.c (krb5_free_sam_challenge, krb5_free_sam_challenge_contents,
- krb5_free_sam_response, krb5_free_sam_response_contents,
- krb5_free_predicted_sam_response,
- krb5_free_predicted_sam_response_contents,
- krb5_free_enc_sam_response_enc,
- krb5_free_enc_sam_response_enc_contents,
- krb5_free_pa_enc_ts): Added new functions. Part of
- patches from [krb5-kdc/662]
-
- * gic_pwd.c (krb5_get_init_creds_password): Add new argument to
- calls to the prompter function. Part of patches from
- [krb5-kdc/662].
-
- * preauth2.c (pa_enc_timestamp, pa_sam): Update calls to new
- prompter function. [krb5-kdc/662].
-
-1999-03-31 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * init_ctx.c (krb5_init_context): Call krb5_win_ccdll_load() to
- load the krbcc32.dll under windows.
-
-Mon Mar 8 22:39:01 1999 Tom Yu <tlyu@mit.edu>
-
- * sendauth.c (krb5_sendauth): Set credspout to NULL if it's
- destined to be returned to avoid freeing it. Also,
- unconditionally free credspout if it's non-NULL so that if someone
- doesn't pass in a ticket and doesn't give us a non-NULL out_creds,
- we don't leak it. [krb5-libs/699]
-
-1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Set the myfulldir and mydir variables (which are
- relative to buildtop and thisconfigdir, respectively.)
-
-Mon Nov 2 19:00:23 1998 Tom Yu <tlyu@mit.edu>
-
- * str_conv.c: Remove krb5_cksumtype_to_string after merge.
-
-1998-10-27 Marc Horowitz <marc@mit.edu>
-
- * vfy_increds.c: rearrange the code a bit to make it more clear
- that the logic is correct.
-
- * str_conv.c: remove enctype and cksumtype string converstions.
- They're in the crypto library now, since the information drops
- right into the enctype table.
-
- * ser_eblk.c: ifdef the whole file out, since it's not used
- anywhere. it should probably be deleted, but I'm not sure about
- backward-compatibility issues yet.
-
- * rd_req_dec.c: check the auth_context permit-all flag and
- permitted_enctypes list, and reject the request if the policy
- check fails.
-
- * init_ctx.c: add code to initialize the prng. It's not great,
- but can be improved, and the prng is reseeded when new keys are
- processed. Read permitted_enctypes from the krb5.conf file, and
- provide accessor functions for it. Make the various etype list
- parsers share code as a side effect.
-
- * get_creds.c: add krb5_get_{validat,renew}ed_creds functions,
- which are part of the new init_creds api. The prototypes were
- already in, krb5.hin but there was no implementing code.
-
- * auth_con.c, auth_con.h: add a list of permitted enctypes to the
- auth_context for rd_req to check, and create accessor functions
- for this list.
-
- * Makefile.in, enc_helper.c: add enc_helper.c. This provides a
- wrapper around the conventional way the library encrypts and wraps
- encoded asn.1 structures, so the code isn't repeated in a dozen
- places.
-
-Wed Aug 19 17:27:51 1998 Tom Yu <tlyu@mit.edu>
-
- * conv_princ.c: Add some additional entries to sconv_list that
- were forgotten.
-
-Wed Jul 15 11:46:05 1998 Ezra Peisach <epeisach@mit.edu>
-
- * gic_pwd.c (krb5_get_init_creds_password): Remove unused argument
- to sprintf().
-
- * t_ref_kerb.out: Fix test case for zephyr principal to reflect
- addition to conv_princ.c
-
-Tue Jul 7 17:06:13 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * conv_princ.c: Add additional commonly seen Kerberos V4 services
- to the hard-coded list.
-
-Tue Jul 7 16:59:03 1998 Tom Yu <tlyu@mit.edu>
-
- * chk_trans.c: Fix up previous fix; short-circuit out when
- trans->length == 0.
-
-Wed Jul 1 17:59:26 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * chk_trans.c (krb5_check_transited_list): Fix use of an
- uninitialized variable; apparently the code was depending
- on the stack garbage being non-zero(!)
-
-1998-05-26 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * srv_rcache.c (krb5_get_server_rcache):
- * auth_con.c (krb5_auth_con_setrcache): Export this function in
- Windows DLL.
-
-1998-05-12 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * str_conv.c (krb5_timestamp_to_sfstring): Make sure the date
- string printed uses 4 digit years.
-
-1998-05-08 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * str_conv.c (krb5_string_to_timestamp, strptime): Fix routines to
- be able to properly parse Y2K dates.
-
- * t_kerb.c: Add ability to test krb5_string_to_timestamp
-
-1998-05-06 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * t_ser.c (main): POSIX states that getopt returns -1
- when it is done parsing options, not EOF.
-
-1998-05-05 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * get_in_tkt.c (krb5_get_init_creds): If
- libdefaults/{REALM}/noaddresses is true, then don't put
- any addresses in the ticket request.
-
-Mon May 4 15:54:07 1998 Tom Yu <tlyu@mit.edu>
-
- * get_in_tkt.c: Add prototype for make_preauth_list.
-
-Sat May 2 21:46:02 1998 Tom Yu <tlyu@mit.edu>
-
- * get_in_tkt.c (krb5_get_in_tkt): Add missing argument to call to
- make_preauth_list to avoid stack smashing. Pointed out by lxs.
-
-Mon Mar 16 19:50:55 1998 Tom Yu <tlyu@mit.edu>
-
- * chk_trans.c (krb5_check_transited_list): Check lengths when
- appending to next and prev.
-
-Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Changed thisconfigdir to point at the lib/krb5
- directory, since we've moved the configure.in tests in
- this directory to the toplevel lib/krb5 configure.in
-
-Thu Feb 19 19:03:20 1998 Tom Yu <tlyu@mit.edu>
-
- * recvauth.c (krb5_recvauth): Add some bookkeeping flags so we
- know how much stuff to free upon cleanup. Fix the up cleanup
- code.
-
-Wed Feb 18 16:24:02 1998 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Remove trailing slash from thisconfigdir. Fix up
- BUILDTOP for new conventions.
-
-Fri Feb 13 15:27:35 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Added new file kfree.c, which contained all of the
- functions previously in the lib/krb5/free directory.
-
-Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
-Thu Feb 5 23:48:34 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * rd_cred.c (krb5_rd_cred):
- * rd_safe.c (krb5_rd_safe):
- * rd_priv.c (krb5_rd_priv): Use the remote_subkey first, since the
- mk_* routines try to use their local_subkey first.
- Otherwise, the wrong keys will get used if subkeys are
- used in both directions.
-
-Fri Jan 2 21:21:29 1998 Tom Yu <tlyu@mit.edu>
-
- * preauth.c (handle_sam_labels):
- (obtain_sam_padata): Check return of malloc. [krb5-libs/518]
-
- * chpw.c (krb5_mk_chpw_req): Check return of malloc.
- (krb5_rd_chpw_rep): Check return of malloc. [krb5-libs/518]
-
-Tue Dec 16 00:08:33 1997 Tom Yu <tlyu@mit.edu>
-
- * mk_req_ext.c (krb5_mk_req_extended): Check enctype of session
- key, not that of the ticket, which we really shouldn't care about.
-
-Sun Dec 7 07:24:23 1997 Ezra Peisach <epeisach@dumpster.rose.brandeis.edu>
-
- * gic_pwd.c (krb5_get_init_creds_password): Change fourth argument
- in call to prompter (which is an int) from NULL to 0.
-
-Sat Dec 6 02:28:17 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Add files chpw.c, gic_*, preauth2.c, vfy_increds.c,
- vic_opt.c.
-
- * chpw.c: New file; implement Cygnus chpw.
-
- * get_in_tkt.c: Implement support for Cygnus initial credentials
- API.
-
- * gic_keytab.c: New file; Cygnus initial creds.
-
- * gic_opt.c: New file; Cygnus initial creds.
-
- * gic_pwd.c: New file; Cygnus initial creds.
-
- * preauth.c: Add more SAM support (from Cygnus).
-
- * preauth2.c: New file; additional SAM support from Cygnus.
-
- * send_tgs.c: Account for additional parameter to sendto_kdc.
-
- * vfy_increds.c: New file; Cygnus initial creds.
-
- * vic_opt.c: New file; Cygnus initial creds.
-
-Wed Oct 22 00:29:33 1997 Theodore Y. Ts'o <tytso@mit.edu>
-
- * send_tgs.c (krb5_send_tgs): Don't send a zero endtime; if the
- requested endtime is zero, set it equal to the TGT endtime.
-
-Mon Oct 6 12:07:19 1997 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * set_realm.c (krb5_set_principal_realm): Allocate extra byte for
- \0 after realm.
-
-Mon Sep 1 21:38:16 1997 Tom Yu <tlyu@mit.edu>
-
- * rd_cred.c (krb5_rd_cred_basic): Fix swapped args to memset.
-
-Fri Aug 29 16:41:25 1997 Tom Yu <tlyu@mit.edu>
-
- * get_in_tkt.c (krb5_get_in_tkt): Move nulling out of
- request.padata before the os_localaddr call in order to avoid
- freeing a null pointer in the cleanup code.
-
-Tue Aug 12 09:13:22 1997 Ezra Peisach <epeisach@mit.edu>
-
- * init_ctx.c (krb5_init_context): Initialize local variable ctx
- before calling krb5_init_ets.
-
-Fri Aug 8 17:04:54 1997 Tom Yu <tlyu@mit.edu>
-
- * rd_cred.c (krb5_rd_cred_basic): Check remote_addr and
- encpart.s_address before calling krb5_address_compare. Fixes
- krb5-libs/456.
-
-Fri Jul 25 15:25:32 1997 Tom Yu <tlyu@mit.edu>
-
- * t_ser.c: Add support for changed kdb API.
-
-Tue Jul 15 22:15:09 1997 Theodore Y. Ts'o <tytso@mit.edu>
-
- * serialize.c (krb5_register_serializer): Only copy over the old
- table when there's an old table to copy over. Otherwise,
- BoundsChecker complains about memcpy(foo, NULL, 0).
-
-Tue Mar 25 00:32:55 1997 Theodore Y. Ts'o <tytso@mit.edu>
-
- * preauth.c (obtain_sam_padata): Fix handling of the sam-timestamp
- and sam-usec fields, which should always be set if the
- nonce is not available, not just SAM_USE_SAD_AS_KEY is
- being used. [krb5-libs/325]
-
-Mon Mar 24 12:21:38 1997 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * t_ser.c: Clean up error reporting for krb5_init_context(). Also
- report errors for each subtest, so we know which subtest
- failed.
-
-Sat Feb 22 22:39:49 1997 Richard Basch <basch@lehman.com>
-
- * Makefile.in: Use some of the new library list build rules in
- win-post.in
-
-Fri Feb 21 18:38:06 1997 Sam Hartman <hartmans@tertius.mit.edu>
-
- * crypto_glue.c: Move into libcrypto as krb5_glue.c; I need to
- avoid libcrypto depending on libkrb5
-
-Wed Feb 19 14:21:12 1997 Theodore Y. Ts'o <tytso@mit.edu>
-
- * t_kerb.c (test_set_realm): New function used to test
- krb5_set_principal_realm(). Called by using the new "set_realm"
- command to t_kerb.
-
- * set_realm.c (krb5_set_principal_realm): New function which sets
- the realm of a principal.
-
-Thu Feb 13 14:17:00 1997 Richard Basch <basch@lehman.com>
-
- * get_in_tkt.c (krb5_get_in_tkt): Initialize as_reply; if
- krb5_os_localaddr() returns an error, the cleanup
- routine may try to free a garbage pointer (as_reply).
-
-Wed Feb 12 20:47:30 1997 Tom Yu <tlyu@mit.edu>
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): Use the client's realm rather
- than the server's realm for constructing the tgs principal.
- Remove TC_MATCH_SRV_NAMEONLY from call to retrieve_cred()
- because we want to get an exact match.
-
-Mon Feb 10 10:41:36 1997 Ezra Peisach <epeisach@mit.edu>
-
- * crypto_glue.c (krb5_calculate_checksum): Add krb5_const to
- krb5_pointer of in data to match prototype.
-
-Sat Feb 8 15:02:39 1997 Richard Basch <basch@lehman.com>
-
- * get_creds.c:
- Export krb5_get_credentials_{renew,validate} (win32)
- Removed unused variable.
-
-Fri Feb 7 09:41:33 1997 Richard Basch <basch@lehman.com>
-
- * mk_cred.c (krb5_mk_ncred): Declare ncred as krb5_int32 so that
- the right value is pushed onto the stack when calling
- krb5_mk_ncred_basic()
-
- * copy_addrs.c fwd_tgt.c mk_cred.c:
- Use FAR keyword in pointer declarations.
-
- * sendauth.c (krb5_sendauth): Do not free the credentials if they
- are being returned to the caller [krb5-libs/357]
-
-Sun Feb 2 20:57:15 1997 Richard Basch <basch@lehman.com>
-
- * serialize.c: Added FAR declarations to pointer arguments for
- all functions declared as KRB5_DLLIMP.
-
-Thu Jan 30 21:44:37 1997 Richard Basch <basch@lehman.com>
-
- * crypto_glue.c:
- Export more crypto-layer functions:
- krb5_encrypt, krb5_decrypt, krb5_eblock_enctype,
- krb5_process_key, krb5_finish_key, krb5_string_to_key,
- krb5_init_random_key, krb5_finish_random_key, krb5_random_key
-
-Sat Feb 8 18:41:42 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in:
- * configure.in: Update to new program build procedure.
-
-Thu Jan 2 17:16:18 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in:
- * configure.in: Update to new library build procedure.
-
-Mon Dec 23 17:20:03 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * Makefile.in (SRCS): Add brand.c to the SRCS line so that the
- kerbsrc.mac.tar includes brand.c
-
-Sat Dec 21 01:26:11 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * brand.c: New file, which allows a release engineer to "brand"
- the krb5 library or a binary application program
- statically linked against the krb5 library. This file is
- statically included by init_ctx.c, to force it be in a
- binary library or application program.
-
- * init_ctx.c (krb5_init_context): Use new call krb5_vercheck() for
- Windows timebomb checking; this call returns an error
- code, which is returned to the user if the timebomb should
- be activated.
-
-Thu Nov 21 14:55:16 EST 1996 Richard Basch <basch@lehman.com>
-
- * Makefile.in: win32 build
-
- * auth_con.c bld_pr_ext.c conv_princ.c copy_addrs.c copy_athctr.c
- copy_auth.c copy_cksum.c copy_creds.c copy_data.c copy_key.c
- copy_princ.c copy_tick.c cp_key_cnt.c decrypt_tk.c fwd_tgt.c
- gc_via_tkt.c get_creds.c get_in_tkt.c in_tkt_ktb.c in_tkt_pwd.c
- in_tkt_sky.c init_ctx.c mk_cred.c mk_error.c mk_priv.c mk_rep.c
- mk_req.c mk_req_ext.c mk_safe.c parse.c princ_comp.c rd_cred.c
- rd_error.c rd_priv.c rd_rep.c rd_req.c rd_safe.c recvauth.c
- sendauth.c str_conv.c unparse.c valid_times.c
- DLL export various functions (see lib/krb5.def for full list)
-
-Thu Nov 21 13:54:01 1996 Ezra Peisach <epeisach@mit.edu>
-
- * recvauth.c (krb5_recvauth): If there is an error, and the server
- argument to krb5_recvauth is NULL, create a dummy server
- entry for the krb5_error structure so that krb5_mk_error
- will not die with missing required fields. [krb5-libs/209]
-
-Wed Nov 13 14:30:47 1996 Tom Yu <tlyu@mit.edu>
-
- * init_ctx.c: Revert previous kt_default_name changes.
-
-Tue Nov 12 22:07:33 1996 Tom Yu <tlyu@mit.edu>
-
- * init_ctx.c (krb5_init_context): Oops. Initialize kt_default_name
- to NULL.
-
- * init_ctx.c (krb5_free_context): Free kt_default_name if it's
- non-NULL.
-
-Sat Nov 9 14:19:28 1996 Ezra Peisach <epeisach@mit.edu>
-
- * Makefile.in (check-unix): Invoking t_ser requires that
- KRB5_CONFIG points to a valid krb5.conf
-
- * t_ser.c (main): If verbose flag is set and there is an error,
- display error message.
-
-Wed Nov 6 14:02:21 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * init_ctx.c (krb5_init_context): Initialize the error tables, so
- applications don't need to call krb5_init_ets().
-
-Tue Nov 5 08:09:23 1996 Ezra Peisach <epeisach@mit.edu>
-
- * serialize.c (krb5_register_serializer): Do not free a NULL pointer.
-
-Thu Oct 31 13:48:14 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * init_ctx.c (krb5_init_context): Make it more obvious that
- default ticket lifetimes is not yet supported.
-
-Tue Sep 24 20:59:14 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * get_in_tkt.c (make_preauth_list): Correctly null-terminate the
- preauth list generated by make_preauth_list.
-
-Thu Sep 19 12:29:59 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * unparse.c (krb5_unparse_name_ext): Make unparse correctly handle
- a all cases where a principal contains a nulls, backspace,
- newlines, or tabs.
-
- * t_kerb.c (test_parse_principal): Add test for checking
- krb5_parse_principal()
-
- * parse.c (krb5_parse_name): Set all of the magic field values.
-
-Wed Jul 24 17:09:39 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * preauth.c (find_pa_system): Change type of first argument to be
- krb5_preauthtype, to eliminate compiler warnings under
- Windows.
-
-Wed Jul 10 20:22:41 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * init_ctx.c (krb5_init_context): Add a call to krb5_win_do_init()
- on Win16 and Win32 machines. This is where we do timebomb
- and version server checking.
-
-Sun Jul 7 15:14:43 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * get_creds.c: (krb5_get_credentials_val_renew_core) Combine
- common internals needed from krb5_get_credentials_validate()
- and used by new function krb5_get_credentials_renew()
-
- * gc_frm_kdc.c (krb5_get_cred_from_kdc_renew): A wrapper that
- passes KDC_OPT_RENEW to the static
- krb5_get_cred_from_kdc_opt so that kinit can use it.
-
-
-Mon Jun 24 09:45:04 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * bld_princ.c (krb5_build_principal_va): Change const to
- krb5_const, so that it works on compilers that don't
- support const.
-
-Mon Jun 17 20:23:48 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * str_conv.c (krb5_string_to_timestamp): Ensure that all fields of
- the timestamp are filled in if strptime does not fill in
- unspecified fields.
-
-Wed Jun 12 01:10:09 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * sendauth.c (krb5_sendauth): If ECCONABORTED is not defined, try
- using the Winsock equivalent (WSAECONNABORTED).
-
-Mon Jun 10 21:47:21 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * parse.c (krb5_parse_name): Change use of _WINDOWS to _MSDOS, and
- add check for _WIN32.
-
-Thu Jun 6 00:06:18 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * get_creds.c (krb5_get_credentials_core): A static function must
- not use the INTERFACE keyword.
-
-Tue May 14 18:39:22 1996 Richard Basch <basch@lehman.com>
-
- * mk_req_ext.c mk_safe.c send_tgs.c:
- set the length field of the krb5_checksum structure before
- calling krb5_calculate_checksum.
-
- * str_conv.c: replaced sha-des3 cksum with hmac-sha.
-
-Tue May 14 02:53:42 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * ser_ctx.c (krb5_context_size, krb5_context_externalize,
- krb5_context_internalize): Add missing fields from the
- serialized context: clockskew, default_kdc_req_sumtype,
- default_ap_req_sumtype, default_safe_sumtype,
- kdc_default_options, library_options, profile_secure,
- fcc_default_format, scc_default_format.
-
- * ser_actx.c (krb5_auth_context_size, krb5_auth_context_externalize,
- krb5_auth_context_internalize): Serialize the two fields
- req_cksumtype and safe_cksumtype, instead of the one
- cksumtype field.
-
- * mk_safe.c (krb_mk_safe): Use safe_cksumtype instead of cksumtype
- in the auth context.
-
- * mk_req_ext.c (krb5_mk_req_extended): Use req_cksumtype instead
- of cksumtype in the auth context.
-
- * init_ctx.c (krb5_init_context): Add support for new profile
- relations libdefaults/tkt_lifetime,
- libdefaults/kdc_req_checksum_type,
- libdefaults/ap_req_cksumtype,
- libdefaults/safe_checksumtype, and
- libdefaults/kdc_default_options.
-
- * auth_con.h: Remove old cksumtype element, and replace it with
- req_cksumtype and safe_cksumtype.
-
- * auth_con.c (krb5_auth_con_init): Initialize the req_cksumtype
- and safe_cksumtype from the context's default
- req_cksumtype and safe_cksumtype.
- (krb5_auth_con_set_req_cksumtype,
- krb5_auth_con_set_safe_cksumtype): New functions, to
- replace old krb5_auth_con_setcksumtype
-
-Fri May 10 18:48:38 EDT 1996 Richard Basch <basch@lehman.com>
-
- * init_ctx.c: Removed des3-cbc-md5 default support
-
-Fri May 10 02:51:17 1996 Richard Basch <basch@lehman.com>
-
- * str_conv.c: changes des3-md5 to des3-sha & added sha cksum types
-
-Sun May 5 09:46:18 1996 Ezra Peisach (epeisach@kangaroo.mit.edu)
-
- * preauth.c: Add casts and const keywords as needed.
-
-Fri May 3 00:15:18 1996 Mark Eichin <eichin@cygnus.com>
-
- * get_creds.c (krb5_get_credentials_core): new function. Common
- part of krb5_get_credentials and krb5_get_credentials_validate.
- Some formerly local variables are now arguments.
- (krb5_get_credentials): same as before, but calls _core to do some
- of the work.
- (krb5_get_credentials_validate): uses
- krb5_get_cred_from_kdc_validate and only stores the returned
- credential in the cache, instead of storing all of them.
-
-Thu May 2 22:48:56 1996 Mark Eichin <eichin@cygnus.com>
-
- * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): new function. Same
- body as krb5_get_cred_from_kdc, but takes one new argument,
- kdcopts, and combines it with the other kdc options when calling
- krb5_get_cred_via_tkt. This is static and only called by
- (krb5_get_cred_from_kdc): a wrapper that provides the same
- function it did before, and
- (krb5_get_cred_from_kdc_validate): a wrapper that passes
- KDC_OPT_VALIDATE, so that kinit can use it.
- We'll probably need another one for renewing tickets as well.
-
- * rd_req_dec.c (krb5_rd_req_decoded_opt): new function. Same body
- as krb5_rd_req_decoded, but takes one new argument,
- check_valid_flag, to determine whether or not to check if the
- "invalid flag" is set in the ticket. Also made static, so that it
- is only called via:
- (krb5_rd_req_decoded): wrapper for krb5_rd_req_decoded_opt that
- specifies the "invalid flag" gets checked, and
- (krb5_rd_req_decoded_anyflag): wrapper for krb5_rd_req_decoded_opt
- that specifies that the "invalid flag" doesn't get checked. (This
- version is only called from kdc_util.c:kdc_process_tgs_req.)
-
-Wed May 1 14:30:29 1996 Richard Basch <basch@lehman.com>
-
- * srv_rcache.c (krb5_get_server_rcache): include the uid in the
- default server replay cachename, for systems with geteuid.
-
- * configure.in: test if the system has geteuid()
-
-Wed May 1 02:26:53 1996 Mark Eichin <eichin@cygnus.com>
-
- * str_conv.c (krb5_string_to_timestamp): double check that
- strptime at least parsed *some* of the string, avoid degenerate
- cases from GNU libc strptime.
-
-Tue Apr 30 18:19:01 1996 Ken Raeburn <raeburn@cygnus.com>
-
- * t_ser.c (stuff): New variable.
- (ser_acontext_test, ser_eblock_test, ser_cksum_test): Use it,
- instead of assuming it's valid to treat &FUNCTION as a data
- pointer.
-
- * conv_princ.c (sconv_list): Now const.
- (krb5_*_conv_principal): Use pointer to const for it.
-
- Tue Apr 23 19:39:59 1996 Mark Eichin <eichin@cygnus.com>
-
- * get_creds.c (krb5_get_credentials): this isn't the kernel, so
- don't return negative errno values.
-
-Sat Apr 27 19:14:21 1996 Richard Basch <basch@lehman.com>
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): fixed a possible null dereference.
-
-Wed Apr 17 14:22:10 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * conv_princ.c: Added ftp and ecat to the list of services which
- should be converted. This really ought to be something
- that's configurable in the profile...
-
-Thu Apr 11 21:30:23 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * init_ctx.c (krb5_init_context): On a Macintosh, turn on
- kdc_timesync and use the v4 credentials cache by default.
-
- * get_in_tkt.c (stash_as_reply, verify_as_reply): Move time offset
- code from stash_as_reply to verify_as_reply, and fix it so
- that it actually works.
-
-Wed Apr 3 16:04:36 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * rd_req_dec.c (krb5_rd_req_decoded): Move code which
- validated the ticket times to krb5_validate_times.
-
- * valid_times.c (krb5_validate_times): New function which
- determines whether or not the ticket times are valid.
-
- * mk_req_ext.c (krb5_mk_req_extended): Call krb5_validate_time()
- to determine whether or not the ticket in passed-in
- credentials is valid. If it isn't, return an error right
- away.
-
-Wed Mar 27 17:05:47 1996 Richard Basch <basch@lehman.com>
-
- * in_tkt_ktb.c (keytab_keyproc): Do not check to see that the
- enctype of the key is identical; there are several equivalent
- DES enctypes.
-
- * in_tkt_ktb.c (krb5_get_in_tkt_with_keytab): Removed the fancy
- logic to only request the keytypes that correspond to those in
- the keytab. There were too many fencepost conditions that could
- get you into trouble. Either it should be there and *fully*
- functional, or not in there at all. Besides, there are too many
- other components in Kerberos that expect the end-service to know
- all its keys that this sanity check is overkill.
-
-Tue Mar 26 14:45:03 1996 Richard Basch <basch@lehman.com>
-
- * conv_princ.c: added "imap" service to the conversion list as
- requiring domain conversion for the instance. (imap/<host> is used
- by some of the new imap mail implementations)
-
-Sun Mar 24 01:34:14 1996 Sam Hartman <hartmans@tertius.mit.edu>
-
- * send_tgs.c (krb5_send_tgs_basic): You want to setup the eblock
- used for the authenticator using the in_cred->keyblock, *not*
- request.ticket.enc_part.enctype. Under a multi-enctype system,
- the session key may be different from the ticket key.
-
-Wed Mar 20 23:00:59 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * walk_rtree.c (krb5_walk_realm_tree): Fix 16bit vs. 32bit error.
- (cap_code should been a krb5_error_code, not an int!)
-
- * mk_cred.c (krb5_mk_ncred_basic): Fix windows lint flame.
-
- * get_in_tkt.c (krb5_get_in_tkt): Fix 16bit vs. 32bit error.
- (do_more should not have been an int!)
-
-Tue Mar 19 13:03:26 1996 Richard Basch <basch@lehman.com>
-
- * in_tkt_ktb.c (krb5_get_in_tkt_with_keytab):
- Only request keytypes that correspond to those in the keytab.
-
-Mon Mar 18 21:49:39 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * configure.in: Add KRB5_RUN_FLAGS
-
- * Makefile.in: Use runtime flags.
-
-Sun Mar 17 20:32:08 1996 Ezra Peisach <epeisach@dumpster.rose.brandeis.edu>
-
- * configure.in: Add USE_ANAME, USE_KRB5_LIBRARY, KRB5_LIBRARIES so
- that Makefile does not have to know build tree layout.
-
- * Makefile.in: Rework to be consistant with configure defines so
- that configure can specify other needed libraries.
-
-Sun Mar 17 02:10:19 1996 Mark W. Eichin <eichin@cygnus.com>
-
- * copy_addrs.c (krb5_copy_addr): make non-static so we can use it
- in mk_cred.
- * mk_cred.c (krb5_mk_ncred_basic): copy local_addr and remote_addr
- instead of just aliasing them, so we can safely free them ourselves.
-
-Fri Mar 15 14:29:00 1996 Richard Basch <basch@lehman.com>
-
- * in_tkt_ktb.c: Close the keytab if we opened it, not if the
- caller opened it.
-
-Wed Mar 13 17:31:30 1996 Ken Raeburn <raeburn@cygnus.com>
-
- * configure.in: Use AC_HEADER_STDARG.
-
-Mon Mar 11 11:15:26 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * str_conv.c (krb5_timestamp_to_string): Handle statement not
- reached warning.
-
- * ser_addr.c (krb5_address_internalize): Add magic numbers
-
-Thu Feb 29 11:49:38 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * fwd_tgt.c (NEED_SOCKETS): Use NEED_SOCKETS instead of #including
- <netdb.h>
-
-Sat Feb 24 16:27:54 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * gc_via_tkt.c (krb5_get_cred_via_tkt): Fix memory leak; free
- enctypes after use.
-
-Thu Jan 25 01:35:52 1996 Sam Hartman <hartmans@tertius.mit.edu>
-
- * rd_req_dec.c (krb5_rd_req_decrypt_tkt_part): Remove outdated
- comment about mapping etype to ktype.
-
- * gc_via_tkt.c (krb5_get_cred_via_tkt): If the keyblock.enctype is
- non-null in in_cred, then request that particular key.
-
-Wed Jan 24 21:48:53 1996 Sam Hartman <hartmans@tertius.mit.edu>
-
- * get_creds.c (krb5_get_credentials): Only match against enctype
- if it is non-null in increds.
-
-Sun Jan 21 23:32:53 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU>
-
- * gc_via_tkt.c (krb5_kdcrep2creds): Set is_skey so get_creds won't
- break trying to match is_skey in the ccache. This way we
- won't end up with many copies of user-to-user tickets.
-
-Fri Jan 19 23:16:17 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * mk_req.c (krb5_mk_req): krb5_get_credentials does not take
- default_kdc_options.
-
- * sendauth.c (krb5_sendauth): krb5_get_credentials does not take
- default_kdc_options.
-
-Wed Jan 10 21:01:36 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * init_ctx.c (krb5_init_context): Added checking of profile for
- DCE compatability options (ccache type, and checksum type).
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): Initialize addrs to 0 so that we
- don't try to free stack garbage on an error.
-
- * krbconfig.c, Makefile.in: Removed krbconfig.c; it contained
- global variables which are no longer used.
-
- * recvauth.c: Removed the global extern of
- krb5_kdc_default_options, which wasn't being used anyway.
-
- * mk_req.c (krb5_mk_req): Replace use of krb5_kdc_default_options
- with context->kdc_default_options.
-
- * gc_frm_kdc.c: Remove the global extern of krb5_kdc_req_sumtype,
- which wasn't being used anymore anyway.
-
- * send_tgs.c (krb5_send_tgs_basic): Remove use of the global
- variable krb5_kdc_req_sumtype, and use the kdc_req_sumtype
- in the context structure instead.
-
- * walk_rtree.c (krb5_walk_realm_tree): Applied patch submitted by
- Doug Engbert, so that the configurable authentication
- patch takes into account the null entry at the end of the
- list.
-
-Tue Jan 9 22:04:09 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * fwd_tgt.c (krb5_fwd_tgt_creds): New function which handles all
- of the dirty work of forwarding TGT's.
-
- * rd_cred.c (krb5_rd_cred_basic): Clean up memory allocation
- discpline to remove memory leaks.
-
- * mk_cred.c (krb5_mk_ncred_basic, krb5_mk_ncred, krb5_mk_1cred):
- Clean up memory allocation discpline to remove memory
- leaks.
-
- * init_ctx.c (krb5_get_tgs_ktypes): Clean up parsing of the etype
- list. Don't overrun the string containing the etype list.
-
-Wed Jan 3 21:32:59 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * rd_cred.c (krb5_rd_cred_basic): When the keyblock is NULL,
- assume we're being called from the gssapi code, which
- doesn't have access to the sender or receive address
- information, don't check the sender address, since it
- won't be available.
-
- * rd_cred.c (decrypt_credencdata): When calling krb5_rd_credd(),
- if the keyblock is null, just copy the encoded structure
- from the "ciphertext" part of the structure and decode it.
-
- * mk_cred.c (encrypt_credencpart): When calling krb5_mk_cred(), if
- the keyblock is NULL, don't encrypt it; just encode it and
- leave it in the ciphertext area of the structure.
-
-Thu Dec 21 18:47:54 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * rd_rep.c (krb5_rd_rep): Change use of
- KRB5_SENDAUTH_MUTUAL_FAILED to KRB5_MUTUAL_FAILED.
-
-Tue Dec 19 17:15:40 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * rd_cred.c (krb5_rd_cred_basic): Missing parenthesis meant that
- wrong number of bytes was being allocated.
-
-Sun Dec 3 11:49:09 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * Makefile.in (SRCS/OBJS): Move compat_recv.c to krb5util library.
-
-Fri Dec 1 17:04:43 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * recvauth.c (krb5_recvauth): Initialize rcache to zero, so that
- on cleanup we don't try to free stack garbage.
-
-Sun Nov 26 19:31:18 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU>
-
- * preauth.c: Ultrix is broken. Prototype obtain_enc_ts_padata()
- and process_pw_salt() explicitly rather than using the
- typedef in k5-int.h becaus that typedef is to a function
- pointer now.
-
-Fri Nov 17 22:35:52 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * get_in_tkt.c (decrypt_as_reply):
- * preauth.c (process_pw_salt): When fetching the key to decrypting
- the encrypted kdc reply, use the etype associated with the
- etype reply, not the etype associated with the included
- ticket.
-
- * encode_kdc.c: Remove eblock argument from krb5_encode_kdc_rep;
- set the eblock type from the client_key's enctype.
-
-Thu Nov 16 20:29:17 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * srv_rcache.c (krb5_get_server_rcache): Use krb5_rc_default_type
- instead of assuming default rcache type is "dfl".
-
-Mon Nov 13 14:40:05 1995 <tytso@rsts-11.mit.edu>
-
- * walk_rtree.c (krb5_walk_realm_tree): Added ANL changes to
- support configuration authentication paths.
-
-Mon Nov 13 12:57:12 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * preauth.c (krb5_process_padata): Added generalized processing
- for preauth information which is returned by the KDC.
- This should be general enough to support the AFS3_SALT
- preauth type, the SNK4 preauth type, and the public-key
- mods to Kerberos.
- (process_pw_salt): New function for processing the KRB5_PW_SALT
- preauthentication type.
-
- * get_in_tkt.c (decrypt_as_reply): Removed temporary kludge for
- processing the PW_SALT preauth type; that's now done in
- preauth.c
- (krb5_get_in_tkt): Call krb5_process_padata with new arguments so
- that the preauth code can set the decryption_key if
- necessary.
-
-Thu Nov 09 17:05:57 1995 Chris Provenzano (proven@mit.edu)
-
- * in_tkt_pwd.c : Remove krb5_enctype from krb5_string_to_key() args.
-
-Thu Nov 9 00:02:43 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * get_in_tkt.c (krb5_get_in_tkt): Remove the etype_info argument
- from the call to krb5_obtain_padata.
-
- * preauth.c (krb5_obtain_padata): Use the PADATA_ETYPE_INFO
- preauth, if it exists, to determine which salt type to use
- when encrypting the preauthentication data. Remove the
- etype_info argument.
-
-Wed Nov 8 02:50:59 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * krbconfig.c: Removed the krb5_clockskew variable.
-
- * srv_rcache.c (krb5_get_server_rcache):
- * rd_safe.c (krb5_rd_safe):
- * rd_req_dec.c (krb5_rd_req_decoded):
- * rd_priv.c (krb5_rd_priv):
- * rd_cred.c (krb5_rd_cred):
- * gc_via_tkt.c (krb5_get_cred_via_tkt):
- * get_in_tkt.c (verify_as_reply): Replace use of krb5_clockskew
- with context->clockskew.
-
- * encrypt_tk.c (cleanup_scratch): Changed interface to no longer
- require an eblock; we can use our own and figure out the
- enctype from the passed-in key.
-
- * get_in_tkt.c (krb5_get_in_tkt): Added calls to
- krb5_obtain_padata().
-
- * preauth.c: Completely restructured file to support
- preauthentication.
-
-
-Fri Oct 27 22:15:33 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * get_in_tkt.c (krb5_get_in_tkt): Extensive reworking of the
- structure of this file to make it possible to support
- preauthentication.
-
-Mon Oct 23 17:08:59 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * in_tkt_pwd.c (krb5_get_in_tkt_with_password): Fix to properly
- malloc password buffer.
-
-Mon Oct 23 11:09:56 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * rd_req_dec.c (krb5_rd_req_decoded): For heirarchal cross-realm,
- set the length after initializing string.
-
- * rd_req.c (krb5_rd_req): If a new auth_context is created
- and then there is an error, make sure return pointer is not
- looking at freed memory.
-
-Fri Oct 6 22:04:42 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Remove ##DOS!include of config/windows.in.
- config/windows.in is now included by wconfig.
-
-Fri Sep 29 00:08:53 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * gc_via_tkt.c (krb5_get_cred_via_tkt): Only check the returned
- starttime to make sure it matches the requested starttime
- if we requested a postdated ticket.
-
-Thu Sep 28 22:58:53 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * conv_princ.c (krb5_425_conv_principal): Only convert instances
- which don't have a '.' in them. If they have a '.',
- assume that they are fully qualified already.
-
-Thu Sep 28 12:00:00 1995 John Rivlin <jrivlin@fusion.com)
-
- * gc_via_tkt.c: Cleaned up corrupt ticket error testing to
- make it more debugable and I think work around a compiler
- bug.
-
-Mon Sep 25 16:57:59 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
- Makefile.
-
-Wed Sep 13 10:58:20 1995 Keith Vetter (keithv@fusion.com)
-
- * get_in_t.c: removed unused variable.
- * rd_cred.c: removed INTERFACE keyword.
- * ser_auth.c: passing int32 where a size_t is wanted.
- * ser_ctx.c: 16/32 bit int size mismatch.
-
-Sun Sep 17 23:41:19 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * rd_safe.c: Fix typo error.
-
-Sat Sep 16 01:23:14 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * sendauth.c (krb5_sendauth): Make sure the scratch credentials
- structure may have possible been used be freed..
-
- * rd_safe.c (krb5_rd_safe_basic): Fall through to the cleanup code
- at the end, to make sure the decoded message in message is
- freed.
-
- * rd_req_dec.c (krb5_rd_req_decoded): Use krb5_copy_keyblock to
- copy authent->subkey to auth_context->remote_subkey.
- Keeping them separate avoids aliasing problems.
-
- * mk_req_ext.c (krb5_generate_authenticator): Fix memory leak.
- Don't bash authent->subkey with key after carefully
- copying it using krb5_copy_keyblock!
-
- * recvauth.c (krb5_recvauth): krb5_get_server_rcache() already
- opens the rcache; doing it again merely causes a memory leak.
-
-Fri Sep 15 17:20:08 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * gen_subkey.c (krb5_generate_subkey): Eliminate memory leak.
- krb5_init_random_key() does its own allocation of the
- keyblock.
-
- * gc_via_tkt.c (krb5_kdcrep2creds): Fix memory leak.
-
- * srv_rcache.c (krb5_get_server_rcache): Fix memory leak.
-
- * rd_safe.c (krb5_rd_safe_basic): Fix memory leak.
-
-Tue Sep 12 12:40:30 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * t_ser.c (ser_cksum_test): Work around an optimizer bug unser
- OSF/1 and gcc.
-
-Sun Sep 10 12:00:00 1995 James Mattly (mattly@fusion.com)
-
- * gen_seqnum.c: change usage of krb5_crypto_us_timeofday to krb5_timeofday
- * get_in_tkt.c: change usage of krb5_crypto_us_timeofday to krb5_timeofday
- * mk_priv.c: change usage of krb5_crypto_us_timeofday to krb5_timeofday
- * mk_req_ext.c: change usage of krb5_crypto_us_timeofday to krb5_timeofday
- * send_tgs.c: change usage of krb5_timeofday over to krb5_crypto_us_timeofday
-
-Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu)
-
- * auth_con.c, decrypt_tk.c, encode_kdc.c, encrypt_tk.c,
- * gc_frm_kdc.c, gen_seqnum.c, get_creds.c, get_in_tkt.c,
- * in_tkt_ktb.c, in_tkt_pwd.c, in_tkt_sky.c, init_ctx.c,
- * kdc_rep_dc.c, mk_cred.c, mk_priv.c, mk_rep.c, mk_req._ext.c,
- * preauth.c, rd_cred.c, rd_priv.c, rd_rep.c, rd_req_dec.c,
- * send_tgs.c, sendauth.c, ser_actx.c, ser_ctx.c, ser_eblk.c,
- * ser_key.c, t_ser.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g
-
-Wed Sept 6 12:00:00 EDT 1995 James Mattly (mattly@fusion.com)
-
- * get_in_tkt.c: change usage of krb5_timeofday to krb5_crypto_us_timeofday
- * mk_req_ext.c: change usage of timeofday
- * parse.c: disabled a usage of exit for macintosh
- * send_tgs.c: change usage of krb5_timeofday over to
- krb5_crypto_us_timeofday
- * unparse.c: include <stdio.h>
-
-
-Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu)
-
- * decode_kdc.c, decrypt_tk.c, encode_kdc.c, encrypt_tk.c, gc_frm_kdc.c
- * gc_via_tkt.c, get_in_tkt.c, in_tkt_ktb.c, in_tkt_pwd.c, in_tkt_sky.c
- * init_ctx.c, kdc_rep_dc.c, mk_cred.c, mk_priv.c, mk_rep.c
- * mk_req_ext.c, rd_cred.c, rd_priv.c, rd_rep.c, rd_req_dec.c,
- * send_tgs.c, ser_ctx.c, ser_eblk.c, ser_key.c, t_ser.c:
- Remove krb5_enctype references, and replace with
- krb5_keytype where appropriate
-
-Fri Sep 1 20:03:41 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * get_in_tkt.c (krb5_get_in_tkt): If kdc_settime is enabled, then
- set the time_offset fields from the returned ticket's
- authtime value.
-
- * init_ctx.c (krb5_init_context): Initialize new fields in
- krb5_context (clockskew, kdc_req_sumtype, and
- kdc_default_options).
-
- * gc_via_tkt.c (krb5_get_cred_via_tkt): Perform the necessary
- sanity checking on the KDC response to make sure we detect
- tampering.
-
- * send_tgs.c (krb5_send_tgs): Set the expected nonce in the
- response structure.
-
- * krbconfig.c: Set the default checksum to use MD5
-
-Fri Sep 1 11:16:43 EDT 1995 Paul Park (pjpark@mit.edu)
- * ser_ctx.c - Add handling of new time offset fields in the os_context.
-
-
-Tue Aug 29 14:14:26 EDT 1995 Paul Park (pjpark@mit.edu)
- * Makefile.in, .Sanitize, ser_{actx,adata,addr,auth,cksum,ctx,eblk,key,
- princ}.c, serialize.c, t_ser.c - Add serialization operations
- for data structures required to serialize krb5_context, krb5_
- auth_context, krb5_encrypt_block and krb5_principal.
- * auth_con.h - Add magic number.
- * auth_con.c - Add static routine to copy an address and use this
- instead of the other code. Set the magic number when initing
- an auth_context. Use krb5_free_address to release an address.
- * init_ctx.c - Free the allocated serializers when releasing context.
- * rd_rep.c - Copy the keyblock from the message instead of setting
- a pointer into it.
-
-Thu Aug 24 18:55:50 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * .Sanitize: Update file list.
-
-Mon Aug 7 18:54:35 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * in_tkt_ktb.c (keytab_keyproc): If there is an error looking up
- the key, make sure the keytab is closed as part of the
- cleanup.
-
-Fri Aug 4 22:04:08 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU>
-
- * conv_princ.c: Add braces to initializer to shut up gcc -Wall
-
-Fri Jul 7 16:31:06 EDT 1995 Paul Park (pjpark@mit.edu)
- * Makefile.in - Find com_err in TOPLIBD.
- * rd_safe.c - Use checksum verifier instead of doing it manually.
-
-Thu Jul 6 17:31:40 1995 Tom Yu <tlyu@lothlorien.MIT.EDU>
-
- * rd_safe.c (krb5_rd_safe_basic): Pass context to os_localaddr.
-
- * rd_priv.c (krb5_rd_priv_basic): Pass context to os_localaddr.
-
- * rd_cred.c (krb5_rd_cred_basic): Pass context to os_localaddr.
-
- * get_in_tkt.c (krb5_get_in_tkt): Pass context to os_localaddr.
-
-Wed July 5 15:52:31 1995 James Mattly <mattly@fusion.com>
- * added condition for _MACINTOSH
-
-Sun Jul 2 18:59:53 1995 Sam Hartman <hartmans@tertius.mit.edu>
-
- * recvauth.c (krb5_recvauth): recvauth should send an error reply
- if problem is not zero. Removed if that caused it to only send a
- reply on success.
-
-Fri Jun 16 22:11:21 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * get_in_tkt.c (krb5_get_in_tkt): Allow the credentials cache
- argument to be optional; allow it to be NULL, meaning that
- the credentials shouldn't be stored in a credentials cache.
-
-Mon Jun 12 16:49:42 1995 Chris Provenzano (proven@mit.edu)
-
- A couple bug reports/patches from Ed Phillips (flaregun@udel.edu)
- * in_tkt_ktb.c (keytab_keyproc()): Fix memory leak.
- * recvauth.c (krb5_recvauth()): Don't open a new rcache if
- the auth_context already has one.
- * auth_con.c (krb5_auth_con_free()): Close rcache is the
- auth_context has one set.
- * auth_con.c (krb5_auth_con_getrcache()): Return pointer
- to the rcache set in the auth_context.
-
-Sun Jun 11 12:31:39 1995 Ezra Peisach (epeisach@kangaroo.mit.edu)
-
- * auth_con.c (krb5_auth_con_init): Zero newly allocated
- krb5_auth_context. (Fixed error in redefinitions).
-
-Sat Jun 10 23:05:51 1995 Tom Yu (tlyu@dragons-lair)
-
- * auth_con.c, compat_recv.c, mk_cred.c, mk_priv.c, mk_rep.c,
- mk_req.c, mk_req_ext.c, mk_safe.c, rd_cred.c, rd_priv.c,
- rd_rep.c, rd_req.c rd_req_dec.c, rd_safe.c, recvauth.c,
- sendauth.c: krb5_auth_context redefinitions
-
-Fri Jun 9 18:48:43 1995 <tytso@rsx-11.mit.edu>
-
- * rd_req_dec.c (krb5_rd_req_decoded): Fix -Wall nits
-
- * configure.in: Remove standardized set of autoconf macros, which
- are now handled by CONFIG_RULES.
-
- * Makefile.in, faddr_ordr.c: Remove faddr_ordr.c; its function,
- krb5_fulladdr_order, isn't used anywhere.
-
-Fri Jun 9 02:42:54 1995 Tom Yu (tlyu@dragons-lair)
-
- * rd_cred.c (krb5_rd_cred_basic): fix typo (extra "context"
- argument passed to krb5_xfree)
-
-Thu Jun 8 22:48:27 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * rd_cred.c (krb5_rd_cred_basic): Fix problem where the ticket
- field was assigned with a krb5_data, which was then
- immediately freed.
-
-Thu Jun 8 16:06:44 1995 <tytso@rsx-11.mit.edu>
-
- * compat_recv.c, auth_con.c, chk_trans.c, encrypt_tk.c,
- gc_frm_kdc.c, gc_via_tkt.c, gen_seqnum.c, gen_subkey.c,
- get_creds.c, get_in_tkt.c, in_tkt_ktb.c, in_tkt_pwd.c,
- in_tkt_skey.c, init_ctx.c, kdc_rep_dc.c, mk_cred.c,
- mk_error.c, mk_priv.c, mk_rep.c, mk_req.c, mk_req_ext.c,
- mk_cred.c, mk_safe.c, parse.c, preauth.c, rd_cred.c,
- rd_rep.c, rd_req.c, rd_req_dec.c, rd_safe.c, recvauth.c,
- sendauth.c, send_tgs.c, srv_rcache.c, walk_rtree.c: Clean
- up GCC -Wall flames.
-
-Wed Jun 7 15:23:21 1995 <tytso@rsx-11.mit.edu>
-
- * conv_princ.c (krb5_425_conv_principal): Remove old CONFIG_FILES
- code.
-
-Fri May 26 10:18:28 1995 Keith Vetter (keithv@fusion.com)
-
- * makefile.in: removed for the PC creating shared directory.
- (still bug with the '@SHARED_RULE@' line but I'm waiting
- on tytso for that since I don't want to break Unix).
-
-Thu May 25 09:58:42 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * gc_via_tkt.c (krb5_kdcrep2creds): Fix syntax error in the
- freeing of the keyblock.
-
-Wed May 24 18:19:17 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * Makefile.in, configure.in: Add rules for building shared library.
-
- * gc_via_tkt.c (krb5_kdcrep2creds): On an error, free the keyblock.
-
-Tue May 23 16:28:42 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * gc_frm_kdc.c, preauth.c, t_kerb.c, t_walk_rtree.c, unparse.c:
- Rearrange #include files so that krb5.h gets included
- first, so that the debugging information can be more
- efficiently collapsed since the type numbers will be the
- same.
-
-Sat May 20 14:01:16 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * rd_safe.c (krb5_rd_safe): Increment remote_seq_number if
- KRB5_AUTH_CONTEXT_DO_SEQUENCE is set.
-
-Thu May 11 22:42:30 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * rd_cred.c (krb5_rd_cred_basic): If address don't match, return
- KRB5KRB_AP_ERR_BADADDR (add missing retval).
-
-Thu May 11 18:30:21 1995 Chris Provenzano (proven@mit.edu)
-
- * mk_cred.c (krb5_mk_cred()), mk_priv.c (krb5_mk_priv()),
- * mk_safe.c (krb5_mk_safe()), rd_cred.c (krb5_rd_cred()),
- * rd_priv.c (krb5_rd_prev()), rd_safe.c (krb5_rd_safe()):
- Pass the contents pointer returned from krb5_make_fulladdr()
- to free() not the address of the pointer.
-
-Tue May 9 08:34:21 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * Makefile.in (clean): Remove t_kerb and t_kerb.o
-
-Fri May 5 00:06:24 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * conv_princ.c (krb5_425_conv_principal): Use new calling
- convention of krb5_get_realm_domain, which is that it
- returns the realm *without* the leading dot.
-
- Also use the profile code to look up individual instance
- conversions using [realms]/<realm>/v4_instance_convert/<inst>
- This allows special case handling of mit.edu and
- lithium.lcs.mit.edu.
-
- * t_kerb.c: New file for testing krb library functions. Currently
- only tests krb5_425_conv_principal.
-
-Wed May 03 03:30:51 1995 Chris Provenzano (proven@mit.edu)
-
- * recvauth.c, compat_recv.c (krb5_recvauth()):
- * compat_recv.c (krb5_compat_recvauth()):
- No longer needs the rc_type arg.
-
-Tue May 02 19:29:18 1995 Chris Provenzano (proven@mit.edu)
-
- * mk_cred.c (mk_cred()), mk_priv.c (mk_priv()), mk_safe.c (mk_safe()),
- * rd_cred.c (rd_cred()), rd_priv.c (rd_priv()), rd_safe.c (rd_safe()):
- Don't call krb5_make_fulladdrs() if a port isn't specified.
-
-Mon May 01 15:56:32 1995 Chris Provenzano (proven@mit.edu)
-
- * auth_con.c (krb5_auth_con_free()) :
- Free all the data associated with the auth_context.
-
- * auth_con.c (krb5_auth_con_setkey()) : Removed.
- * mk_rep.c (mk_rep()),
- The krb5_mk_rep() routine must always encode the data in
- the keyblock of the ticket, not the subkey.
-
- * cleanup.h, auth_con.c (krb5_auth_con_setports()) : Added.
- * auth_con.h, mk_cred.c (mk_cred()), mk_priv.c (mk_priv()),
- * mk_safe.c (mk_safe()), rd_cred.c (rd_cred()),
- * rd_priv.c (rd_priv()), rd_safe.c (rd_safe()) :
- Changes to auth_context to better support full addresses.
-
-Sat Apr 29 00:09:40 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * srv_rcache.c (krb5_get_server_rcache): Fix fencepost error which
- caused an access beyond the allocated memory of piece->data.
-
- * rd_priv.c (krb5_rd_priv_basic): Call krb5_free_priv_enc_part to free
- the entire privenc_msg structure.
-
-Fri Apr 28 09:54:51 EDT 1995 Paul Park (pjpark@mit.edu)
-
- Move adm_rw.c from libkrb5 to libkadm.
-
-Fri Apr 28 08:36:03 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu>
-
- * init_ctx.c (krb5_free_context): Extra semicolon meant the etypes
- field in the context was never being freed.
-
-Fri Apr 28 01:44:51 1995 Chris Provenzano (proven@mit.edu)
-
- * send_tgs.c (krb5_send_tgs()), gc_via_tkt.c (krb5_get_cred_via_tkt()):
- Removed krb5_cksumtype argument.
-
-Thu Apr 27 21:36:01 1995 Chris Provenzano (proven@mit.edu)
-
- * auth_con.c (krb5_auth_con_getaddrs() and krb5_auth_con_getflags()):
- Added for completeness.
- * mk_req_ext.c (krb5_mk_req_extended()) : Don't send the
- AP_OPTS_USE_SUBKEY option over the wire.
-
-Thu Apr 27 17:40:20 1995 Keith Vetter (keithv@fusion.com)
-
- * adm_rw.c, mk_cred.c, rd_cred.c:
- malloc on the PC must be size SIZE_T not int32.
- * adm_rw.c: krb5_free_adm_data second argument now a krb5_int32.
-
-Thu Apr 27 16:33:17 EDT 1995 Paul Park (pjpark@mit.edu)
-
- * mk_priv.c - Back out previous change which always put in
- timestamp, regardless of DO_TIME setting and
- instead, clear out the replaydata before calling
- mk_priv_basic from mk_priv.
- * mk_safe.c - Same replaydata fix.
-
-Thu Apr 26 15:59:51 EDT 1995 Paul Park (pjpark@mit.edu)
-
- * Add adm_rw.c - routines to read and write commands from/to the
- administrative (kpasswd/kadmin) server.
-
-Wed Apr 27 11:30:00 1995 Keith Vetter (keithv@fusion.com)
-
- * init_ctx.c: krb5_init_context wasn't checking return values.
- * mk_req.c: deleted unused local variable.
-
-Wed Apr 26 22:49:18 1995 Chris Provenzano (proven@mit.edu)
-
- * gc_via_tgt.c, and gc_2tgt.c : Removed.
- * Makefile.in, gc_via_tkt.c, gc_frm_kdc.c, and, int-proto.h :
- Replaced get_cred_via_tgt() and get_cred_via_2tgt()
- with more general function get_cred_via_tkt().
-
-Tue Apr 25 21:58:23 1995 Chris Provenzano (proven@mit.edu)
-
- * Makefile.in : Added gc_via_tkt.c and removed get_fcreds.c
- * auth_con.c (krb5_auth_con_setaddrs()) : Fixed so it allocates
- space and copies addresses, not just pointer.
- * mk_cred.c: Completely rewritten from sources donated by asriniva.
- * rd_cred.c: Completely rewritten from sources donated by asriniva.
- * mk_priv.c (krb5_mk_priv()), mk_safe.c (krb5_mk_safe()),
- rd_priv.c (krb5_rd_priv()), and rd_safe (krb5_rd_safe()) :
- Try using a subkey before using the session key for encryption.
- * recvauth.c (krb5_recvauth()): Don't close the rcache on success.
-
-Mon Apr 24 23:12:21 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in, configure.in (t_walk_rtree): Add WITH_NETLIBS and
- $(LIBS), so that t_walk_rtree can compile under solaris.
-
-Mon Apr 24 17:09:36 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * parse.c (krb5_parse_name): Add magic number to new structure
-
- * get_creds.c: Fix comments describing operation
-
- * gc_frm_kdc.c: Fix comments describing operation
-
- * copy_cksum.c (krb5_copy_checksum): Fix comment in file
-
- * copy_addrs.c (krb5_append_addresses): ifdef out unused
- krb5_append_addresses function. (no API or prototype
- existed).
-
- * copy_data.c (krb5_copy_data): Initialize magic number
-
- * init_ctx.c (krb5_init_context): If an error is returned from
- krb5_set_default_in_tkt_etypes or krb5_os_init_context,
- pass to caller instead of stack garbage.
-
-Sat Apr 22 11:06:45 1995 Ezra Peisach (epeisach@kangaroo.mit.edu)
-
- * Makefile.in: t_walk_rtree needs libcrypto
-
- * t_walk_rtree.c: error in checking for argument count
-
-Thu Apr 20 16:23:23 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * copy_addrs.c, copy_athctr.c, copy_auth.c, copy_cksum.c,
- copy_creds.c, copy_key.c, copy_princ.c, copy_tick.c,
- gc_2tgt.c, gc_frm_kdc.c, gc_via_tgt.c, get_creds.c,
- mk_req_ext.c: Unless HAVE_C_STRUCTURE_ASSIGNMENT is defined, use
- memcpy to copy structures around, instead of using
- structure assignments. (Which aren't guaranteed to work
- on some broken compilers.)
-
- * mk_req.c (krb5_mk_req): Use krb5_sname_to_principal() in order
- to create the service principal from the service and
- hostname pair. This allows for the host cannoncialization
- to work correctly.
-
- * mk_req_ext.c (krb5_mk_req_extended): Revamp checksum handling
- code so that no checksum is performed in in_data is NULL,
- and the special case handing of cksumtype == 0x8003 for
- the GSSAPI library is handled correctly.
-
-Wed Apr 19 13:39:34 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * init_ctx.c: (krb5_init_context) initialize context default
- realm. (krb5_free_context) free default realm.
-
-Fri Apr 14 15:05:51 1995 <tytso@rsx-11.mit.edu>
-
- * sendauth.c (krb5_sendauth): initialize error return parameter
-
- * copy_princ.c (krb5_copy_principal): Fix bug where
- krb5_copy_principal can fail if it is asked to copy a
- principal with a zero-length component on a system where
- malloc(0) returns null.
-
-Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com)
-
- * *.[ch]: removed unneeded INTERFACE from non-api functions.
-
-Fri Mar 31 16:45:47 1995 Keith Vetter (keithv@fusion.com)
-
- * krb5_get_in_tkt: changed error return value for when clocks
- are out of skew to be KRB5_KDCREP_SKEW.
-
-Fri Mar 31 00:44:26 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * rd_req.c (krb5_rd_req): Fix typo which caused new_keytab to not
- get freed, causing a memory leak.
-
-Thu Mar 30 15:49:27 1995 Keith Vetter (keithv@fusion.com)
-
- * rd_req.c: removed unused local variable.
-
-Tue Mar 28 18:34:20 1995 John Gilmore (gnu at toad.com)
-
- * rd_req_sim.c: Really remove the file.
-
-Mon Mar 27 08:34:49 1995 Chris Provenzano (proven@mit.edu)
-
- * Makefile.in: Removed rd_req_sim.c
-
- * auth_con.c: Default cksumtype is now CKSUMTYPE_RSA_MD4_DES.
-
- * auth_con.c: Added krb5_auth_con_setuseruserkey(),
- krb5_auth_con_getkey(),
- krb5_auth_con_getremotesubkey(),
- krb5_auth_con_getauthenticator(),
- krb5_auth_con_getremoteseqnumber(),
- krb5_auth_con_initivector().
-
- * auth_con.c: Fixed krb5_auth_con_getlocalsubkey() to check for
- a valid local_subkey before calling krb5_copy_keyblock().
-
- * auth_con.h: Fixed some comments.
-
- * mk_req_ext.c (krb5_mk_req_extended()): Always pass in a seed
- (the keyblock contents) to krb5_calculate_checksum()
-
- * rd_rep.c (krb5_rd_rep()): Use appropriate key to decode reply.
-
- * rd_safe.c (krb5_rd_safe()): Don't pass checksum to
- krb5_rd_safe_basic(), it's unnecessary.
-
- * compat_recv.c (krb5_compat_recvauth()):
- * mk_rep.c (krb5_mk_rep()):
- * rd_req.c (krb5_rd_req()):
- * rd_req_dec.c (krb5_rd_req_decode()):
- * recvauth.c (krb5_recvauth()):
- Added a krb5_auth_context argument and eliminated many of
- the other arguments because they are included in the
- krb5_auth_context structure.
-
-
-Tue Mar 21 19:22:51 1995 Keith Vetter (keithv@fusion.com)
-
- * mk_safe.c: fixed signed/unsigned mismatch.
- * rd_safe.c: removed unused local variable currentime.
- * mk_req_e.c: fixed signed/unsigned mismatch.
-
-Sat Mar 18 18:58:02 1995 John Gilmore (gnu at toad.com)
-
- * bld_pr_ext.c, bld_princ.c: Replace STDARG_PROTOTYPES with
- HAVE_STDARG_H for consistency.
-
-Fri Mar 17 19:48:07 1995 John Gilmore (gnu at toad.com)
-
- * Makefile.in (check-mac): Add.
- * compat_recv.c, get_fcreds.c, recvauth.c: Eliminate Unix socket
- #includes, which are now handled by k5-int.h (via k5-config.h).
- * conv_princ.c: Rename variable "comp" to another name; "comp"
- apparently bothers the MPW compiler...
- * rd_cred.c: Avoid (void) casts of void functions, for MPW.
- * t_walk_rtree.c: Put com_err.h after k5_int for <sys/types> stuff.
- (main): Declare and initialize the krb5_context that's being
- passed to everything.
-
-Fri Mar 10 10:58:59 1995 Chris Provenzano (proven@mit.edu)
-
- * auth_con.h auth_con.c Added for krb5_auth_con definition and
- support routines.
-
- * mk_req.c (krb5_mk_req())
- * mk_req_ext.c (krb5_mk_req_extended())
- * rd_rep.c (krb5_rd_rep())
- * sendauth.c (krb5_sendauth())
- * mk_priv.c (krb5_mk_priv())
- * mk_safe.c (krb5_mk_safe())
- * rd_priv.c (krb5_rd_priv())
- * rd_safe.c (krb5_rd_safe())
- Added a krb5_auth_context argument and eliminated many of
- the other arguments because they are included in the
- krb5_auth_context structure.
-
- * send_tgs.c (krb5_send_tgs()) Eliminate call to krb5_mk_req_extended(),
- which does far more than krb5_send_tgs() needs.
-
-Tue Mar 7 19:57:34 1995 Mark Eichin <eichin@cygnus.com>
-
- * configure.in: take out ISODE_INCLUDE.
-
-Tue Mar 7 13:20:06 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: changed library name on the pc.
- * parse.c: disabled for the PC error messages to stderr.
- * chk_trans.c: fixed signed/unsigned assignment.
-
-Thu Mar 2 11:45:00 1995 Keith Vetter (keithv@fusion.com)
-
- * compat_recv.c, get_fcre.c, recvauth.c, sendauth.c: changed
- NEED_WINSOCK_H to NEED_SOCKETS.
-
-Wed Mar 1 20:15:00 1995 Keith Vetter (keithv@fusion.com)
-
- * compat_r.c, copy_pri.c, get_fcre.c, get_in_t.c, init_ctx.c, in_tkt_p.c
- in_tkt_s.c, preauth.c, princ_co.c, pr_to_sa.c, rd_req_d.c, recvauth.c
- sendauth.c, send_tgs.c, unparse.c: 16 vs 32 bit casts, removed some
- unused local variables, and pulled in winsock.h for network byte
- ordering.
-
-Tue Feb 28 01:14:57 1995 John Gilmore (gnu at toad.com)
-
- * *.c: Avoid <krb5/...> includes.
- * parse.c: Exdent #ifndef to left margin for old compilers.
-
-Wed Feb 22 17:14:31 1995 Keith Vetter (keithv@fusion.com)
-
- * walk_rtr.c (krb5_walk_realm_tree): formal parameter wasn't declared.
- * send_tgs.c: const in wrong place in the prototype.
- * get_in_tkt.c, preauth.c, rd_cred.c, rd_priv.c, rd_req_dec.c,
- rd_safe.c: needed a 32 bit abs() function.
- * parse.c: removed call to fprintf on error the windows version
- * send_auth.c: defined for windows the ECONNABORTED errno (will
- be removed when the socket layer is fully implemented).
-
-Tue Feb 21 23:38:34 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * mk_cred.c (krb5_mk_cred): Fix argument type to
- krb5_free_cred_enc_part().
-
-Mon Feb 13 20:25:20 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * get_in_tkt.c (krb5_get_in_tkt): Fix memory leak --- the default
- encryption types was not being freed.
-
-Fri Feb 10 15:45:59 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * rd_req.c (krb5_rd_req): Remove ISODE cruft.
-
-Thu Feb 9 17:43:04 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * gc_via_tgt.c (krb5_get_cred_via_tgt): Set up the keyblock's
- etype field correctly (after copying the keyblock, so it
- doesn't get overwritten!)
-
-Mon Feb 06 17:19:04 1995 Chris Provenzano (proven@mit.edu)
-
- * get_in_tkt.c (krb5_get_in_tkt())
- * in_tkt_sky.c (krb5_get_in_tkt_with_skey())
- * in_tkt_pwd.c (krb5_get_in_tkt_with_password())
- Removed krb5_keytype, changed krb5_enctype to krb5_enctype *,
- changed krb5_preauthtype to krb5_preauthtype *.
-
- Changed the args to the key_proc arg of krb5_get_in_tkt()
- to be the following (krb5_context, const krb5_keytype,
- krb5_data *, krb5_const_pointer, krb5_keyblock **)
-
- * in_tkt_ktb.c (krb5_get_in_tkt_with_keytab()) Added this routine
- to replace krb5_get_in_tkt_with_skey() in kinit.
-
- * Makefile.in Added new source file in_tkt_ktb.c.
-
-Fri Feb 3 16:41:19 1995 Mark Eichin (eichin@cygnus.com)
-
- * get_in_tkt.c (krb5_get_in_tkt): also check for the version
- number of the reply being whatever we had in the first byte of the
- request.
-
-Fri Feb 3 08:07:55 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * compat_recv.c (krb_v4_recvauth): Use explicit 32 bit types so
- this will work on an Alpha.
-
-Fri Feb 3 00:43:48 1995 Tom Yu (tlyu@dragons-lair)
-
- * get_in_tkt.c (krb5_get_in_tkt): fix typo
-
-Thu Feb 2 20:51:55 1995 Mark Eichin (eichin@cygnus.com)
-
- * get_in_tkt.c (krb5_get_in_tkt): if krb5_is_as_rep fails, check
- if the packet might be a V4 error packet. Use modified V4 check so
- that it compiles under SCO.
-
-Mon Jan 30 15:46:14 1995 Chris Provenzano (proven@mit.edu)
-
- * int-proto.h Update prototypes for krb5_get_cred_via_tgt(), and
- krb5_get_cred_via_2tgt().
-
- * get_fcreds.c (krb5_get_for_creds())
- * gc_via_tgt.c (krb5_get_cred_via_tgt())
- * gc_2tgt.c (krb5_get_cred_via_2tgt())
- Removed krb5_enctype argument. Pass NULL list of encryption
- types to krb5_send_tgs to get default encryption types.
-
- * gc_frm_kdc.c Removed krb5_enctype argument passed to
- krb5_get_cred_via_tgt()
-
- * send_tgs.c (krb5_send_tgs()) Changed krb5_enctype arg to
- krb5_enctype *, a NULL terminated array of encryption
- types. If argument is NULL then krb5_send_tgs() will
- use defaul list of encryption types.
-
- * send_tgs.c (krb5_send_tgs()) To encrypt request ticket use
- usecred->keyblock.etype instead of (and now defunct)
- krb5_enctype arg.
-
- * init_ctx.c Added krb5_set_default_in_tkt_etypes() and
- krb5_get_default_in_tkt_etypes().
-
- * rd_req.c, rd_req_decode.c Removed typedef for rdreq_key_proc
- and use krb5_rd_req_decoded in its place.
-
-Mon Jan 30 11:26:05 1995 Chris Provenzano (proven@mit.edu)
-
- * get_fcreds.c Really needs #include<krb5/asn1.h> for definition
- of krb5_is_krb_error()
-
-Sat Jan 28 14:45:55 1995 Chris Provenzano (proven@mit.edu)
-
- * in_tkt_sky.c (skey_keyproc()), rd_req_dec.c (krb5_rd_req_decoded())
- use new API for krb5_kt_get_entry.
-
-Fri Jan 27 15:45:45 1995 Chris Provenzano (proven@mit.edu)
-
- * get_fcreds.c Removed #include<krb5/crc-32.h> and #include<krb5/asn1.h>
-
-Wed Jan 25 16:54:40 1995 Chris Provenzano (proven@mit.edu)
-
- * Removed all narrow types and references to wide.h and narrow.h
-
-Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
-
- * Added krb5_context to all krb5_routines
-
-Mon Dec 19 21:55:44 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * init_ctx.c: New file. Initializes and frees the krb5_context
- structure.
-
-Wed Dec 7 17:52:08 1994 <tytso@localhost>
-
- * rd_req_dec.c (decrypt_authenticator): If the subkey doesn't
- exist, don't try to set the subkey's etype.
-
-Wed Nov 30 17:10:39 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * bld_princ.c (krb5_build_principal_va): Set the principal's type
- and magic number.
-
- * Makefile.in: Build new test driver (t_walk_rtree) for
- krb5_walk_realm_tree.
-
- * walk_realm_tree.c (krb5_walk_realm_tree): Fix bug which occured
- when the client or the server is a subdomain of the other;
- walk_realm_tree would return the wrong answer, and suffer
- from memory access errors.
-
- * unparse.c (krb5_unparse_name_ext): Quote the '/' and '@'
- characters properly.
-
- * configure.in: Add appropriate help text for the --with-krb4
- option. Remove ISODE_DEFS call, since ISODE_INCLUDES now
- defines ISODE automatically.
-
-Mon Nov 21 15:30:07 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * mk_req_ext.c (krb5_mk_req_extended): Sanitize how memory is
- freed in both error and normal cases, to remove memory
- leaks.
-
- * mk_req_ext.c (krb5_mk_req_extended): Use the encryption type
- specified by the ticket to generate the authenticator.
-
- * encode_kdc.c (krb5_encode_kdc_rep): Now requires that the
- caller pass in the encryption block to be used for
- encrpyting the ticket. That way, this routine doesn't
- need to create its own encryption block.
-
- * encrypt_tk.c (krb5_encrypt_tkt_part): Now requires that the
- caller pass in the encryption block to be used for
- encrpyting the ticket. That way, this routine doesn't
- need to create its own encryption block.
-
-Fri Nov 18 17:30:44 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * mk_req_ext.c (krb5_mk_req_extended): Encrypt the authenticator
- using the same encryption system used to encrypt the ticket.
-
-Thu Nov 17 01:56:05 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * gc_via_tgt.c (krb5_get_cred_via_tgt):
- * gc_2tgt.c (krb5_get_cred_via_2tgt): Set the encryption type of
- the session keyblock to be the type used to encrypt the
- ticket.
-
-Fri Nov 11 01:20:22 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * get_in_tkt.c (krb5_get_in_tkt): Set the encryption type of the
- session keyblock to be the type used to encrypt the
- ticket.
-
-Thu Nov 10 23:56:43 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * rd_rep.c (krb5_rd_rep): Set the encryption type in
- the subkey keyblock to be the encryption type used to
- encrypt the rd_rep message.
-
- * decrypt_tk.c (krb5_decrypt_tkt_part): Set the encryption type in
- the session keyblock to be the encryption type used to
- encrypt the ticket.
-
- * rd_req_dec.c (decrypt_authenticator): Set the encryption type in
- the subkey keyblock to be the encryption type used to
- encrypt the authenticator.
-
-Tue Nov 8 17:09:48 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * in_tkt_pwd.c (pwd_keyproc): Use the documented interface for
- calling krb5_string_to_key().
-
-Tue Oct 25 23:34:57 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * srv_rcache.c (krb5_get_server_rcache): Added missing continue so
- that we don't copy both the unprintable character as well
- as the quoted version of it.
-
-Mon Oct 24 15:50:19 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in: If KRB4 is defined, define KRB5_KRB4_COMPAT for
- compat_recv.c.
-
-Thu Oct 13 17:26:28 1994 Theodore Y. Ts'o (tytso@maytag)
-
- * configure.in: Add ISODE_DEFS
-
-Tue Oct 4 16:29:19 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * in_tkt_sky.c (skey_keyproc):
- * in_tkt_pwd.c (pwd_keyproc): Add widen.h and narrow.h includes
- around pwd_keyproc, so that the keyproc input arguments
- are appropriately widened.
-
-Fri Sep 30 21:58:15 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * preauth.c (preauth_systems): Add placeholder for magic number
-
-Thu Sep 29 15:31:10 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * srv_rcache.c (krb5_get_server_rcache): cachename was not being
- properly null-terminated.
-
- * get_in_tkt.c (krb5_get_in_tkt): Return KRB5_IN_TKT_REALM_MISATCH
- if the client and server realms don't match. Return
- KRB5_KDCREP_SKEW if the KDC reply has an unacceptible
- clock skew (instead of KDCREP_MODIFIED.)
-
- * gc_via_tgt.c (krb5_get_cred_via_tgt): Use a distinct error code
- for KDC skew separate from the standard KDCREP_MODIFIED
-
- * princ_comp.c (krb5_realm_compare): Added new function from
- OpenVision.
-
-Wed Sep 21 17:57:35 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * rd_req_dec.c (krb5_rd_req_decoded): Added Changes from Cybersafe
- to do transited realm path checking.
-
- * chk_trans.c: Added donated module from CyberSafe. It checks to
- see if a transited path is a legal one between two realms.
-
-Thu Sep 15 11:08:39 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * rd_req_sim.c (krb5_rd_req_simple): Use krb5_rd_req instead of
- krb5_rd_req_decoded, to eliminate some code duplication.
-
-Sat Aug 20 01:43:43 1994 Theodore Y. Ts'o (tytso at tsx-11)
-
- * mk_req_ext.c (krb5_generate_authenticator): Fix pointer aliasing
- problem between newkey and authent->subkey.
-
-Wed Aug 17 17:58:22 1994 Theodore Y. Ts'o (tytso at tsx-11)
-
- * encode_kdc.c (krb5_encode_kdc_rep): Pass in to
- encode_krb5_enc_kdc_rep_part the msg_type which should be used.
- Old versions of Kerberos always assume TGS_REP; this merely allows
- the right msg_type to be passed down to the encoding routines.
- For now, the encoding routines will ignore this value and do
- things the old way, for compatibility's sake.
-
-Mon Aug 8 22:38:16 1994 Theodore Y. Ts'o (tytso at tsx-11)
-
- * preauth.c: Renamed preauthentication mechanism names to match
- what bcn and I agreed upon.
-
-Tue Jun 28 19:35:07 1994 Tom Yu (tlyu at dragons-lair)
-
- * decode_kdc.c: folding in Harry's changes
- * rd_req.c: ditto
- * rd_req_sim.c: ditto
- * configure.in: adding ISODE_DEFS
-
diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog
deleted file mode 100644
index e3dea8f343..0000000000
--- a/src/lib/krb5/os/ChangeLog
+++ /dev/null
@@ -1,3093 +0,0 @@
-2006-04-02 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (DEFS): Make empty.
-
-2006-03-31 Ken Raeburn <raeburn@mit.edu>
-
- * dnsglue.c, dnsglue.h, dnssrv.c: Include autoconf.h.
-
-2006-03-08 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (module_locate_server): Don't set cbdata.lp at
- initialization time.
-
-2006-03-07 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c: Include k5-locate.h instead of k5-plugin.h.
-
-2006-03-06 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (DEFINES): New variable.
- (t_locate_kdc.o): Depend on dnssrv.c and dnsglue.c too.
-
- * init_os_ctx.c (krb5_os_init_context): Initialize new fields.
- (krb5_os_free_context): Close opened plugin files.
-
- * locate_kdc.c: Include k5-plugin.h.
- (get_port): Deleted.
- (grow_addrlist): Update for new fields in structure.
- (krb5int_free_addrlist): Call the free function in the structure,
- if the function pointer is non-null.
- (add_addrinfo_to_list): Update for new fields. Shorten up debug
- output.
- (call_freeaddrinfo): New function.
- (krb5int_add_host_to_list): Update for new fields.
- (prof_locate_server, dns_locate_server): New functions, broken out
- from krb5int_locate_server; use the new enum type for service
- choice.
- (objdir): New variable.
- (struct module_callback_data): New struct.
- (module_callback, module_locate_server): New functions.
- (krb5int_locate_server): Use the above method-specific locator
- functions. Change argument list to take enum and not multiple
- strings and numbers.
- (krb5_locate_kdc): Updated for new interface.
-
- * send524.c (krb5int_524_sendto_kdc): Update for new locate_server
- interface.
- * changepw.c (krb5_locate_kpasswd): Likewise.
- (krb5_change_set_password): Update for new fields.
-
- * accessor.c (krb5int_accessor): Don't fill in locate_server
- field.
-
- * t_locate_kdc.c: Include dnsglue.c and dnssrv.c.
- (print_addrs): Update for new fields.
- * t_std_conf.c (test_locate_kdc): Update for new fields.
-
- * sendto_kdc.c (krb5int_debug_fprint): No longer static. Print
- more info.
- (krb5int_print_addrlist): New function.
- (merge_addrlists): Update for new fields.
- (in_addrlist): New function.
- (krb5_sendto_kdc): Use it. Update for new fields.
- (krb5int_sendto): Update for new fields. Print more info when
- debugging.
-
-2006-02-24 Jeffrey Altman <jaltman@mit.edu>
-
- * gmt_mktime.c, read_pwd.c: changes to support 64-bit builds
- on Windows
-
-2005-11-14 Jeffrey Altman <jaltman@mit.edu>
-
- * toffset.c: (krb5_set_real_time, krb5_set_debugging_time,
- krb5_get_time_offsets, krb5_set_time_offsets)
- * timeofday.c:(krb5_timeofday)
- * ustime.c: (krb5_us_timeofday)
-
- Change type of "seconds" parameter from krb5_int32 to krb5_timestamp
- This does not alter the ABI on existing platforms but will provide
- consistency when we need to consider changing krb5_timestamp to a
- 64-bit value.
-
-2005-09-16 Tom Yu <tlyu@mit.edu>
-
- * dnsglue.c (USE_RES_NINIT): Fix braino: define to 1, not empty
- string.
-
-2005-09-08 Tom Yu <tlyu@mit.edu>
-
- * dnsglue.c: Implement better logic for choosing whether to use
- res_ninit(). If res_ndestroy() doesn't exist, assume that
- res_ninit() is broken and use res_init(), res_search(),
- etc. instead, on the theory that the OS vendor has made the older
- interfaces thread-safe.
-
-2005-06-09 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (service_fds): Don't create a select_state on the
- stack; take an additional argument pointing to it.
- (krb5int_sendto): Don't create a select_state on the stack;
- instead, allocate two on the heap, passing the second as the new
- argument to service_fds.
-
-2005-04-22 Jeffrey Altman <jaltman@mit.edu>
-
- * init_os_ctx.c: use krb5_init_ctx and krb5_free_ctx
- to initialize and cleanup the winsock stack. WSAStartup/
- WSACleanup are only supposed to increment/decrement a
- reference counter if they have been previously called
- within the application.
-
-2005-04-13 Ken Raeburn <raeburn@mit.edu>
-
- * accessor.c (NEED_SOCKETS): Don't define.
- * c_ustime.c (NEED_SOCKETS): Don't define.
- * changepw.c (NEED_SOCKETS): Don't define.
- * dnsglue.h (NEED_SOCKETS): Don't define.
- * full_ipadr.c (NEED_SOCKETS): Don't define.
- * gen_rname.c (NEED_SOCKETS): Don't define.
- * genaddrs.c (NEED_SOCKETS): Don't define.
- * hostaddr.c (NEED_SOCKETS): Don't define.
- * hst_realm.c (NEED_SOCKETS): Don't define.
- * krbfileio.c (NEED_LOWLEVEL_IO): Don't define.
- * localaddr.c (NEED_SOCKETS): Don't define.
- * locate_kdc.c (NEED_SOCKETS): Don't define.
- * mk_faddr.c (NEED_SOCKETS): Don't define.
- * net_read.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define.
- * net_write.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define.
- * port2ip.c (NEED_SOCKETS): Don't define.
- * read_msg.c (NEED_SOCKETS): Don't define.
- * send524.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define.
- * sendto_kdc.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define.
- * sn2princ.c (NEED_SOCKETS): Don't define.
- * write_msg.c (NEED_SOCKETS): Don't define.
-
-2005-03-25 Ken Raeburn <raeburn@mit.edu>
-
- * kuserok.c (krb5_kuserok): Use k5_getpwnam_r.
-
-2005-03-22 Tom Yu <tlyu@mit.edu>
-
- * dnsglue.h: Define ns_rr_class to ns_rr_cl if ns_rr_class doesn't
- exist.
-
-2005-03-05 Jeffrey Altman <jaltman@mit.edu>
-
- * sn2princ.c (krb5_sname_to_principal):
- conditionalize the use of reverse dns lookups. The default
- is to use the existing behavior. rdns can be disabled by
- specifying [libdefaults] rdns=false
-
-2005-01-12 Tom Yu <tlyu@mit.edu>
-
- * dnsglue.c (krb5int_dns_fini): Reorder to make more correct.
- (krb5int_dns_init): Rework error handling. Call res_ndestroy() or
- res_nclose() as appropriate to avoid leaking resources allocated
- by res_ninit().
-
-2005-01-03 Jeffrey Altman <jaltman@mit.edu>
-
- * thread_safe.c: (new file) krb5_is_thread_safe()
-
-2004-12-08 Ken Raeburn <raeburn@mit.edu>
-
- * accessor.c (krb5int_accessor): Set new field use_dns_kdc.
-
-2004-12-06 Tom Yu <tlyu@mit.edu>
-
- * locate_kdc.c (krb5_locate_srv_dns_1): Don't compile if
- KRB5_DNS_LOOKUP is not defined.
-
-2004-11-19 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (krb5int_add_host_to_list): If debugging, log the
- requested family and socket type. If AI_NUMERICSERV is defined,
- set it in ai_flags. If getaddrinfo returns an error with
- debugging enabled, log the error.
- (krb5_locate_srv_conf_1): When logging an error from
- add_host_to_list, include the corresponding error string.
-
- * t_locate_kdc.c: Include port-sockets.h, instead of sys/socket.h,
- netdb.h, netinet/in.h, and arpa/inet.h.
- * Makefile.in ($(OUTPRE)t_locate_kdc.exe): New target.
-
-2004-10-20 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c: Include stdarg.h.
- (Tprintf): New function, prints to stderr or not depending on TEST
- macro.
- (add_addrinfo_to_list, krb5int_add_host_to_list,
- krb5_locate_srv_conf_1, krb5_locate_srv_dns_1,
- krb5int_locate_server): Call it instead of conditionally calling
- fprintf.
-
-2004-10-19 Ken Raeburn <raeburn@mit.edu>
-
- * dnssrv.c (krb5int_make_srv_query_realm): Append a dot to the
- hostname, if there's room in the buffer, to avoid domain search
- paths.
-
-2004-10-19 Tom Yu <tlyu@mit.edu>
-
- * dnsglue.c (initparse): Skip query type and class when we lack
- ns_initparse().
- (krb5int_dns_nextans) [!HAVE_NS_INITPARSE]: Pass correct pointer
- to dn_skipname(). Actually skip the RR name.
-
-2004-10-18 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (TEST_PROGS): Add t_locate_kdc.
- (check-unix): Run t_locate_kdc to test fetching DNS SRV records.
- (EXTRADEPSRCS): Define.
-
-2004-10-06 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (foreach_localaddr): Be more careful not to walk
- past the end of the ifreq array.
- (get_ifreq_array): Return 0 in success case, not errno.
- (print_addr): If getnameinfo returns EAI_SYSTEM, report what the
- system error is.
-
- * localaddr.c (get_ifreq_array): Split out from foreach_localaddr
- general version.
- (foreach_localaddr): Call it.
-
-2004-10-05 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (foreach_localaddr) [HAVE_STRUCT_IF_LADDRCONF && 0]:
- Fix if_laddrreq.iflr_name field name not properly adjusted. The
- iflr_addr field is an HP-UX specific sockaddr_ext with sa_ field
- name prefixes.
-
-2004-10-01 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (get_if_laddrconf, foreach_localaddr): New
- implementation for HP-UX 11, based on Solaris support and
- information from Doug Engert. Disabled for now, until it can be
- tested.
-
-2004-09-30 Jeffrey Altman <jaltman@mit.edu>
-
- * hst_realm.c: provide definition for MAXDNAME if
- KRB5_DNS_LOOKUP is not defined.
-
-2004-09-22 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (T_STD_CONF_OBJS): Include dnsglue.o.
-
-2004-09-21 Tom Yu <tlyu@mit.edu>
-
- * dnsglue.c: Conditionalize some stuff on ns_initparse() instead
- of assuming that the presence of res_nsearch() means
- ns_initparse() is available.
-
-2004-09-20 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in (STLIBOBJS, OBJS, SRCS): Add dnsglue.c.
-
- * dnsglue.c: New file. Implement resolver glue layer to abstract
- away the details of calling res_search or res_nsearch, and of
- parsing the reply packet.
-
- * dnsglue.h: New file.
-
- * dnssrv.c (krb5int_make_srv_query_realm): Use dnsglue. Use
- MAXDNAME from dnsglue.h or resolv.h instead of MAX_DNS_NAMELEN.
-
- * hst_realm.c (krb5_try_realm_txt_rr): Use dnsglue. Use MAXDNAME
- from dnsglue.h or resolv.h instead of MAX_DNS_NAMELEN.
-
-2004-09-13 Tom Yu <tlyu@mit.edu>
-
- * dnssrv.c:
- * hst_realm.c:
- * locate_kdc.c: Include netinet/in.h as a prerequisite for
- resolv.h.
-
-2004-08-27 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (start_connection) [DEBUG]: Log the local socket
- address.
-
-2004-08-12 Alexandra Ellwood <lxs@mit.edu>
-
- * ccdefname.c (krb5_cc_set_default_name, krb5_cc_default_name):
- Look up the default ccache name in krb5_cc_default_name, not
- krb5_cc_set_default_name so that krb5_init_context doesn't
- have to do work it might never use.
-
-2004-07-22 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (get_lifconf): Define only if "struct lifconf" is
- available.
- (foreach_localaddr): Use get_lifconf only if "struct lifconf" is
- available.
-
-2004-07-16 Ken Raeburn <raeburn@mit.edu>
-
- * genaddrs.c, localaddr.c, lock_file.c, mk_faddr.c: Don't check
- for macsock.h.
-
-2004-07-15 Alexandra Ellwood <lxs@mit.edu>
-
- * init_os_ctx.c (krb5_os_init_context, krb5_os_free_context)
- ccdefname.c (krb5_cc_set_default_name):
- Removed default_ccprincipal field from krb5_context
-
-2004-07-04 Ken Raeburn <raeburn@mit.edu>
-
- * dnssrv.c (krb5int_make_srv_query_realm) [HAVE_RES_NSEARCH]: Use
- res_nsearch instead of res_search.
- * hst_realm.c (krb5_try_realm_txt_rr) [HAVE_RES_NSEARCH]:
- Likewise.
-
-2004-07-02 Ken Raeburn <raeburn@mit.edu>
-
- * an_to_ln.c: Include string.h.
-
-2004-06-22 Ken Raeburn <raeburn@mit.edu>
-
- * an_to_ln.c (db_an_to_ln): Don't test macintosh.
- * krbfileio.c (krb5_sync_disk_file): Likewise.
- * kuserok.c: Likewise.
- * prompter.c: Likewise.
- * promptusr.c: Likewise.
- * read_pwd.c: Likewise.
-
-2004-06-15 Ken Raeburn <raeburn@mit.edu>
-
- * c_ustime.c: Include k5-thread.h.
- (get_time_now): New function, holds system-dependent code.
- (krb5int_us_time_mutex): New mutex.
- (struct time_now): New type.
- (last_time): New variable, replaces old last_tv, last_sec,
- last_usec.
- (krb5_crypto_us_timeofday): Rewrite. Do locking around access to
- previously returned value, and ensure that we don't return
- duplicate values.
- * os-proto.h: Include k5-thread.h.
- (krb5int_us_time_mutex): Declare.
-
-2004-06-04 Ken Raeburn <raeburn@mit.edu>
-
- * kuserok.c (krb5_kuserok): Handle draft POSIX versions of
- getpwnam_r.
-
-2004-06-02 Tom Yu <tlyu@mit.edu>
-
- * an_to_ln.c (do_replacement): Patch from Bill Dodd to fix missing
- braces in previous security patch.
-
-2004-06-01 Sam Hartman <hartmans@mit.edu>
-
- * an_to_ln.c (rule_an_to_ln): Fix buffer overflow when parsing
- principal names into components.
- (do_replacement): likewise
- (aname_replacer): Support error return from do_replacement
-
-2004-05-07 Sam Hartman <hartmans@mit.edu>
-
- * an_to_ln.c: Patch from Matt Crawford to allow matching on
- realms of cross-realm principals.
-
-2004-05-05 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c: Incorporate foreach_localaddr implementation.
- Export it as krb5int_foreach_localaddr. Include foreachaddr.h,
- not foreachaddr.c.
-
-2004-03-22 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (krb5int_sendto): Initialize select_state.end_time.
- (get_so_error): New function.
- (service_tcp_fd): Call it for write fds as well as exception fds.
-
-2004-03-18 Ezra Peisach <epeisach@mit.edu>
-
- * sendto_kdc.c (krb5_sendto_kdc): Change passing pointer to value of
- use_master parameter to krb5_locate_kdc.
-
-2004-03-05 Ken Raeburn <raeburn@mit.edu>
-
- * lock_file.c (krb5_lock_file): Initialize flock data on entry,
- but don't bother with a static version to copy from.
-
-2004-02-26 Jeffrey Altman <jaltman@mit.edu>
-
- * sendto_kdc.c, send524.c:
- The use_master parameter of sendto_kdc is now an in/out
- parameter used to report to the caller whether or not
- the responding KDC was in fact the master. This is
- necessary to allow callers to prevent making an unnecessary
- additional call to query the master if the original
- query did not explicitly state that the master should be
- queried.
-
-2004-02-25 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (start_connection): Close socket if connect() call
- fails for an unexpected reason.
-
-2004-02-13 Ken Raeburn <raeburn@mit.edu>
-
- * genaddrs.c: Don't specify defaults for
- GET{PEER,SOCK}NAME_ARG{2,3}_TYPE macros.
-
-2004-02-09 Sam Hartman <hartmans@mit.edu>
-
- * changepw.c (krb5_locate_kpasswd): Run htons on the default port
-
-2003-12-22 Jeffrey Altman <jaltman@mit.edu>
-
- * dnssrv.c: wrap within #ifdef KRB5_DNS_LOOKUP to prevent references
- to resolver functions when DNS support is not being compiled
-
-2003-12-19 Ken Raeburn <raeburn@mit.edu>
-
- * realm_iter.c (krb5_realm_iterator_create): Array NAMES is now
- const.
-
- * prompter.c (catch_signals, restore_signals): Take pointer to old
- signal handler info as new argument.
- (osiginfo): New typedef.
- (setup_tty, restore_tty): Take pointer to old signal handler info
- and old termios settings as new arguments.
- (krb5_prompter_posix): Pass the extra arguments, addresses of new
- automatic variables.
- (osigint, saveparm): Variables deleted.
-
- * Makefile.in (STLIBOBJS, OBJS, SRCS): Don't build promptusr.c.
-
- * sendto_kdc.c (default_debug_handler, put, putstr): Define only
- if DEBUG is defined.
- (DEBUG): Don't define.
- (krb5int_sendtokdc_debug_handler): Initialize to null if DEBUG is
- not defined.
-
-2003-12-18 Jeffrey Altman <jaltman@mit.edu>
-
- * accessor.c: Add new functions for use by gssapi
-
-2003-12-12 Tom Yu <tlyu@mit.edu>
-
- * an_to_ln.c (krb5_aname_to_localname): Don't write one byte past
- the end of a string. Found by Christopher Nebergall.
-
-2003-10-27 Jeffrey Altman <jaltman@mit.edu>
-
- * sendto_kdc.c: sockets must be closed with closesocket() and
- and not close() in order to ensure portability among different
- operating systems.
-
-2003-08-21 Ken Raeburn <raeburn@mit.edu>
-
- * dnssrv.c: New file; split out DNS SRV RR query support...
- * locate_kdc.c: ...from here. Always compile in the calls.
- * Makefile.in (STLIBOBJS, OBJS, SRCS): Add it.
-
-2003-07-25 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (krb5_locate_kdc): Always pass 0 to locate_server
- as the get_masters argument. Instead, if get_masters is set,
- look up "master_kdc" in the config file instead of "kdc".
-
-2003-07-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBNAME) [##WIN16##]: Don't define.
-
-2003-07-09 Alexandra Ellwood <lxs@mit.edu>
-
- * toffset.c: Export krb5_set_real_time for Samba.
-
-2003-06-06 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (struct srv_dns_entry): Moved to k5-int.h.
- (krb5int_make_srv_query_realm): Renamed from make_srv_query_realm.
- (krb5int_free_srv_dns_data): New function.
- (krb5_locate_srv_dns_1): Use it.
-
- * accessor.c (krb5int_accessor): Fill in make_srv_query_realm and
- free_srv_dns_data fields.
-
-2003-06-05 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (make_srv_query_realm): Punt if strdup fails.
- Always return what data we can, even if memory allocation or other
- problems prevent us from returning more.
- (krb5_locate_srv_dns_1): Always return what data we can. Fix
- memory leak. Free up temporary storage as quickly as possible,
- while building up address list to return.
-
-2003-06-03 Ken Raeburn <raeburn@mit.edu>
-
- * accessor.c (krb5int_accessor): Initialize restored locate_server
- field.
-
- * locate_kdc.c (struct srv_dns_entry): Move to top level.
- (make_srv_query_realm): Separate from krb5_locate_srv_dns_1; just
- do query and return results.
- (krb5_locate_srv_dns_1): Call it, and build addlist entries.
- Check for one RR with a target of ".", and return an error.
- (krb5_locate_srv_dns): Deleted.
-
- * t_locate_kdc.c (main): Call krb5_locate_srv_dns_1.
-
- * changepw.c (krb5_locate_kpasswd): Check specifically for certain
- errors before using fallback heuristics.
-
-2003-06-03 Alexandra Ellwood <lxs@mit.edu>
-
- * init_os_ctx.c: Included header to get __KLAllowHomeDirectoryAccess().
-
-2003-05-27 Ken Raeburn <raeburn@mit.edu>
-
- * send524.c (krb5int_524_sendto_kdc): Enable support on Windows
- always.
-
-2003-05-24 Ken Raeburn <raeburn@mit.edu>
-
- * send524.c: New file, moved from krb524/sendmsg.c. Rename
- function to have krb5int_ prefix. If KRB5_KRB4_COMPAT not
- defined, return an error.
- * accessor.c (krb5int_accessor): Update for deleted and added
- fields. If KRB5_KRB4_COMPAT is not defined, just use null
- pointers for the new fields.
-
-2003-05-06 Alexandra Ellwood <lxs@mit.edu>
-
- * init_os_ctx.c: Added support for KLL's __KLAllowHomeDirectoryAccess()
- function so that krb4, krb5 and gssapi will not access the user's homedir
- if the application forbids it.
-
-2003-04-28 Sam Hartman <hartmans@mit.edu>
-
- * changepw.c (krb5_change_set_password): Locate server in realm of
- creds.server, not in realm of target principal because target
- principal is null in the changepw case.
-
-2003-04-28 Ken Raeburn <raeburn@mit.edu>
-
- * init_os_ctx.c (krb5_os_init_context, krb5_os_free_context):
- Don't allocate or free the os_context, since it's now a direct
- member of the krb5_context, not separately allocated storage.
-
-2003-04-27 Sam Hartman <hartmans@mit.edu>
-
- * changepw.c (krb5_change_set_password): Call
- krb5_setpw_result_code_string not krb5_setpw_result_code_string
-
-2003-04-24 Sam Hartman <hartmans@mit.edu>
-
- * changepw.c (krb5_change_set_password): return error from
- auth_con_setaddrs not last socket errno if auth_con_setaddrs fails
-
-2003-04-15 Sam Hartman <hartmans@mit.edu>
-
- * changepw.c (krb5_change_set_password): Patches from Paul Nelson
- to implement Microsoft set password protocol
- (krb5_set_password_using_ccache): Use kadmin/changepw in target realm, not local realm and use a two-component principal
- (krb5_change_set_password): Find the kpasswd server for the realm
- of the target principal not the client
-
-2003-04-13 Ken Raeburn <raeburn@mit.edu>
-
- * read_pwd.c (krb5_read_password): Always free temporary storage
- used for verification version of password.
-
-2003-03-06 Alexandra Ellwood <lxs@mit.edu>
-
- * c_ustime.c: Removed Mac OS 9 code.
-
- * ccdefname.c: Conditionalize on USE_CCAPI and not TARGET_OS_MAC
- so Darwin builds work.
-
- * init_os_ctx.c: Modified to use DEFAULT_SECURE_PROFILE_PATH and
- DEFAULT_PROFILE_PATH for KfM homedir-relative config files.
-
- * read_pwd.c: Cast to remove const warnings.
-
- * timeofday.c: Do the same thing on the Mac as on Unix.
-
-2003-03-04 Sam Hartman <hartmans@mit.edu>
-
- * sendto_kdc.c (service_tcp_fd): Don't call shutdown on end of write because some implementations cannot deal with half-closed TCP sockets.
-
-2003-02-08 Tom Yu <tlyu@mit.edu>
-
- * prompter.c (krb5_prompter_posix): Kill echo before printing
- prompt to avoid possible race conditions in test suite.
-
-2003-02-06 Tom Yu <tlyu@mit.edu>
-
- * prompter.c (krb5_prompter_posix, setup_tty, restore_tty): Fix to
- use the actual file descriptor we dup()'ed to in case tcsetattr()
- doesn't actually change the underlying device modes and instead
- only affects the specific file descriptor.
-
-2003-02-06 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (translate_ai_error): Handle EAI_ADDRFAMILY like
- EAI_NONAME.
- (krb5int_add_host_to_list): Translate errors returned from the
- second getaddrinfo call.
-
-2003-02-04 Tom Yu <tlyu@mit.edu>
-
- * prompter.c (krb5_prompter_posix): Rewrite to no longer use
- longjmp(), as well as to get a non-buffered stdio stream on stdin
- to avoid passwords staying around in stdio buffers. This does
- have the side effect of possibly losing pre-buffered input from an
- application that reads from stdin using stdio functions prior to
- calling the prompter, but hopefully those are rare.
-
-2003-01-10 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag.
-
-2003-01-07 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (state_strings): Now const.
-
-2002-12-06 Tom Yu <tlyu@mit.edu>
-
- * accessor.c (krb5int_accessor): Add add_host_to_list.
-
- * changepw.c (krb5_locate_kpasswd): Update calls to
- krb5_locate_kdc().
-
- * locate_kdc.c (add_host_to_list): Renamed to
- krb5int_add_host_to_list(), with macro to deal with existing
- callers in this file. Now takes an argument to indicate protocol
- family. Callers updated accordingly to also take protocol family
- arguments.
-
- * os-proto.h: Update prototype of krb5_locate_kdc().
-
- * sendto_kdc.c (krb5_sendto_kdc): Update calls to
- krb5_locate_kdc().
- (krb5int_sendto): UDP reply length is in.pos-in.buf, not
- in.bufsize.
-
- * t_locate_kdc.c (main): Update call to krb5_locate_kdc().
-
- * t_std_conf.c (test_locate_kdc): Update call to krb5_locate_kdc().
-
-2002-11-14 Tom Yu <tlyu@mit.edu>
-
- * changepw.c: Remove reference to adm_err.h.
-
-2002-11-12 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (t_locate_kdc): Use normal CC_LINK rule for linking
- test program.
-
-2002-10-28 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (print_addr) [TEST]: Don't mix size_t and socklen_t,
- just assume socklen macro will return a socklen_t value. Cast
- buffer size to socklen_t in getnameinfo call.
-
-2002-10-22 Ezra Peisach <epeisach@bu.edu>
-
- * sendto_kdc.c (service_tcp_fd): If DEBUG defined, ensure that
- initialization of variable not bypassed by goto.
-
-2002-10-15 Tom Yu <tlyu@mit.edu>
-
- * hst_realm.c (krb5_try_realm_txt_rr): Apply patch from Nalin
- Dahyabhai to bounds-check return value from res_search().
-
- * locate_kdc.c (krb5_locate_srv_dns_1): Apply patch from Nalin
- Dahyabhai to bounds-check return value from res_search().
-
-2002-10-11 Tom Yu <tlyu@mit.edu>
-
- * read_pwd.c (krb5_read_password): Restore name of size_return.
- Set *size_return after successful call to krb5_prompter_posix,
- since some callers were actually checking, e.g. kadm5.
-
-2002-10-10 Sam Hartman <hartmans@mit.edu>
-
- * read_pwd.c (krb5_read_password): Reimplement in terms of krb5_prompter_posix for unix
-
-
-2002-09-26 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (krb5int_cm_call_select): Fix last change.
-
-
-2002-09-19 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (krb5int_cm_call_select): If timeout value has
- tv_sec==0, treat it as meaning "no timeout".
- (krb5int_debug_fprint): Handle null timeval pointer.
-
-2002-09-18 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c: Include cm.h.
- (struct select_state, SSF_READ, SSF_WRITE, SSF_EXCEPTION): Moved
- to cm.h.
- (DEBUG): Define.
- (krb5int_debug_sendto_kdc): Initialize to zero.
- (default_debug_handler, put, putstr): New functions.
- (krb5int_sendtokdc_debug_handler): New variable.
- (krb5int_debug_fprint): Don't write to stderr; instead, pass
- strings to the debug output handlers above.
- (struct incoming_krb5_message): Broken out from struct
- conn_state.
- (krb5int_cm_call_select): Renamed from call_select; callers
- updated. Now extern. Display max fd number in debugging call,
- not nfds.
-
-2002-09-17 Sam Hartman <hartmans@mit.edu>
-
- * genaddrs.c (krb5_auth_con_genaddrs): Return errno if getpeername fails
-
-2002-09-14 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (service_fds): Fix bug in last change.
- (krb5int_debug_fprint): Use 'out' consistently, minimize explicit
- references to stderr. Flush output before returning.
- (dperror) [_WIN32]: Shorten message.
- (start_connection, service_tcp_fd, service_fds, krb5int_sendto):
- Use dprint instead of dfprintf.
-
-2002-09-13 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (struct conn_state): Add new function pointer field
- 'service' for the fd service routine.
- (setup_connection): Initialize it.
- (service_fd): Deleted.
- (service_fds): Incorporate debug output from service_fd. Call
- service routine indicated in connection info. Decrement select fd
- count for each flag set for a file descriptor. Ensure that the
- index into the conns array doesn't run off the end.
- (krb5int_debug_fprint): Fetch correct type for %E.
-
-2002-09-11 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (get_port): Skip service name lookup, just use the
- supplied numbers.
- (add_host_to_list): If a second port number is supplied, look up
- AF_INET addresses only, and only for SOCK_DGRAM type entries.
- Ignore errors in the second address lookup.
- (krb5_locate_srv_conf_1) [TEST]: More debugging code.
-
- * t_locate_kdc.c (main): Add new argument -m for looking up master
- KDC addresses.
-
-
-2002-09-03 Ken Raeburn <raeburn@mit.edu>
-
- * accessor.c, an_to_ln.c, c_ustime.c, ccdefname.c, changepw.c,
- def_realm.c, free_hstrl.c, free_krbhs.c, full_ipadr.c, gen_port.c,
- gen_rname.c, genaddrs.c, get_krbhst.c, gmt_mktime.c, hostaddr.c,
- hst_realm.c, init_os_ctx.c, krbfileio.c, ktdefname.c, kuserok.c,
- localaddr.c, locate_kdc.c, lock_file.c, mk_faddr.c, net_read.c,
- net_write.c, port2ip.c, prompter.c, promptusr.c, read_msg.c,
- read_pwd.c, realm_dom.c, realm_iter.c, sendto_kdc.c, sn2princ.c,
- t_an_to_ln.c, t_gifconf.c, t_locate_kdc.c, t_realm_iter.c,
- t_std_conf.c, timeofday.c, toffset.c, unlck_file.c, ustime.c,
- write_msg.c: Use prototype-style function definitions.
-
- * c_ustime.c, timeofday.c: Don't declare errno.
- * hst_realm.c (krb5_try_realm_txt_rr), locate_kdc.c
- (krb5_locate_srv_dns_1): Avoid variable name "class".
- * sendto_kdc.c (enum conn_states): Define separately from
- conn_state 'state' field declaration.
-
-2002-08-29 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (merge_addrlists): Truncate source address list
- after copying its data into the destination list.
-
- * Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-08-22 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (krb5int_grow_addrlist): Renamed from grow_list,
- now external.
- (grow_list): New macro.
- (krb5_locate_kdc): Don't look up kerberos-sec for TCP service.
-
- * sendto_kdc.c (MAX_PASS, dprint): New macros.
- (krb5int_debug_fprint, merge_addrlists): New function.
- (krb5int_debug_sendto_kdc): New variable.
- (krb5_sendto_kdc): Use dprint. Call krb5int_locate_kdc in two
- places, with socket type selection done separately.
- (debug_log_connect): Function deleted; use dprint instead.
- (dperror): Use dprint.
- (print_fdsets): Function deleted; use dprint instead.
- (struct conn_state): Use struct instead of union so incoming and
- outgoing buffer pointers can co-exist. Add INITIALIZING state.
- (state_strings): Add INITIALIZING.
- (krb5int_sendto_udp, krb5int_sendto_tcp): Functions integrated
- into krb5int_sendto.
- (call_select): Use dprint.
- (setup_connection): New function, handles data structure
- initialization.
- (start_connection): Renamed from start_tcp_connection. Don't do
- data structure initialization, just start connection, and transmit
- UDP datagrams. Use dprint.
- (maybe_send): Create socket for "INITIALIZING" connections;
- transmit datagrams.
- (kill_conn): New function split out from service_tcp_fd.
- (SSF_READ, SSF_WRITE, SSF_EXCEPTION): New macros.
- (service_tcp_fd): Accept a flag word rather than separate int
- arguments for read, write, exception. Use dprint.
- (service_udp_fd): New function.
- (service_fd): New function, calls one of the above two.
- (service_fds): Call it. Use a flag word instead of separate r/w/x
- values.
- * accessor.c (krb5int_accessor): Use krb5int_sendto instead of
- krb5int_sendto_udp.
-
-2002-08-15 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (DEFAULT_UDP_PREF_LIMIT, HARD_UDP_LIMIT): New
- macros.
- (debug_log_connect): Look up "udp_preference_limit" in libdefaults
- part of profile; try TCP before UDP if the packet size is larger
- than specified. Don't try UDP at all if the packet is over about
- 32K.
-
-2002-07-23 Ezra Peisach <epeisach@bu.edu>
-
- * localaddr.c (get_localaddrs): Add prototype before being used
- for static function.
-
-2002-07-09 Ken Raeburn <raeburn@mit.edu>
-
- * sn2princ.c: Include fake-addrinfo.h.
- (krb5_sname_to_principal): Use getaddrinfo and getnameinfo instead
- of gethostbyname and gethostbyaddr.
-
- * hst_realm.c (krb5_get_host_realm): Return KRB5_ERR_NUMERIC_REALM
- if the hostname is a numeric-address form.
-
-2002-07-08 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (get_localaddrs): Split out main body of
- krb5_os_localaddr, add an argument to indicate whether addresses
- listed in the profile should be included.
- (krb5_os_localaddr): Call it.
- (krb5int_local_addresses): Call get_localaddrs but skip
- profile-listed addresses.
-
- * sendto_kdc.c (krb5int_sendto_udp): Accept new args for optional
- location to store local address used to contact server.
- (krb5_sendto_kdc): Update call to pass 0.
-
-2002-07-05 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c (service_tcp_fd): sockerrlen should have type
- socklen_t.
-
-2002-07-03 Alexandra Ellwood <lxs@mit.edu>
-
- * init_os_ctx.c: krb4 needs to get the os config files so it can use
- the profile too. Define these functions on Mac OS X now.
-
- * init_os_ctx.c: Removed use of FSSpecs because these cause serious
- performance problems on Mac OS X. We now search paths the same way
- the rest of the Unix platforms do.
-
- [pullups from 1-2-2-branch]
-
-2002-06-22 Tom Yu <tlyu@mit.edu>
-
- * c_ustime.c: Remove various things missed in 1-2-2-branch MacOS
- microseconds timer removal.
-
-2001-06-22 Miro Jurisic <meeroh@mit.edu>
-
- * c_ustime.c: punted the accurate microseconds timing code because it
- wasn't so accurate after all.
- [pullup from 1-2-2-branch]
-
-2002-06-22 Alexandra Ellwood <lxs@mit.edu>
-
- * init_os_ctx.c: Add CoreServices.h before k5-int.h so we don't get
- multiple definitions for FSSpec. Also removed an unused variable in
- Mac OS X code and added casts for Mac OS X code so FSSpecs are cast
- to profile file types (code deals properly on the other side)
-
- * timeofday.c: Added casts to remove warnings
-
- * ccdefname.c, init_os_ctx.c, timeofday.c: Updated Mac OS X
- headers to new framework layout and updated Mac OS macros
-
- * read_pwd.c: Removed #defines for Mac OS X (__MACH__) because we
- now export krb5_read_password on Mac OS X
-
- [pullups from 1-2-2-branch]
-
-2002-06-19 Ken Raeburn <raeburn@mit.edu>
-
- * init_os_ctx.c: Don't include sys/ioctl.h or sys/filio.h.
- (krb5_os_init_context): Drop /dev/[u]random support, the Yarrow
- code will deal with that now.
-
-2002-06-18 Danilo Almeida <dalmeida@mit.edu>
-
- * toffset.c (krb5_get_time_offsets), an_to_ln.c
- (krb5_aname_to_localname): Make KRB5_CALLCONV.
- [pullup from 1-2-2-branch]
-
-2002-06-18 Ken Raeburn <raeburn@mit.edu>
-
- * changepw.c (ECONNABORTED, ECONNREFUSED, EHOSTUNREACH,
- ETIMEDOUT): Don't define here now that they're defined in
- port-sockets.h.
- * read_msg.c (ECONNABORTED): Ditto.
-
- * sendto_kdc.c: Include sys/timeb.h on Windows.
- (ENABLE_TCP): Macro deleted, always enable code.
- (krb5_sendto_kdc): Don't try UDP if outgoing message is 1500
- bytes or larger. Print info on arguments if DEBUG defined.
- (bogus_strerror) [_WIN32 && DEBUG]: New function.
- (dperror, dfprintf): New macros.
- (krb5int_sendto_udp): Use SOCKET_ERRNO where appropriate. Log
- more info if DEBUG defined; use dperror and dfprintf.
- (struct conn_state): Use new scatter-gather definitions from
- port-sockets.h. Don't try to reuse data structures for both
- input and output.
- (struct select_state): Add exception fd set.
- (print_fdsets) [DEBUG]: Print exception fd set; callers changed.
- (getcurtime): New function.
- (call_select): Call it. Pass exception fd set to select.
- (make_nonblocking, iov_advance): Deleted.
- (start_tcp_connection): Expand non-blocking setting inline; set
- linger period to zero. Use new scatter-gather framework. Log
- more info if DEBUG defined.
- (service_tcp_fd): New argument indicates exception; handle
- exception fd set. Print more info if DEBUG. Use SOCKET_*
- macros, scatter-gather support, SHUTDOWN_* macros. Adjust for
- new conn_state definitions.
- (krb5int_sendto_tcp): Set up exception fd set. Adjust for new
- conn_state definitions. Use new scatter-gather support.
-
-2002-06-11 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c: Include sys/ioctl.h and sys/filio.h only if
- ENABLE_TCP is set and _WIN32 is not defined.
-
-2002-06-10 Ken Raeburn <raeburn@mit.edu>
-
- * sendto_kdc.c: Include sys/ioctl.h and sys/filio.h if
- available. Define ENABLE_TCP as 0 on Windows, 1 otherwise.
- (debug_log_connect): New function.
- (dperror, dfprintf): New macros.
- (krb5int_sendto_udp): Use dperror, dfprintf, and
- debug_log_connect.
- (state_strings): New variable.
- (struct conn_state, struct select_state): New types.
- (print_fdsets, call_select, make_nonblocking,
- start_tcp_connection, iov_advance, service_tcp_fd, service_fds,
- krb5int_sendto_tcp): New functions.
- (krb5_sendto_kdc): New argument TCP_ONLY. Try UDP first unless
- told otherwise, then try TCP.
-
- * t_std_conf.c: Include fake-addrinfo.h.
- (test_locate_kdc): Update arg list to locate_kdc. Print IPv6 as
- well as IPv4 addresses.
-
- * t_locate_kdc.c (main): Free storage allocated by library before
- exiting.
-
-2002-06-04 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (krb5_locate_srv_conf_1): New argument socktype
- indicates what type of addrinfo entries to add.
- (krb5int_locate_server): Change argument is_stream to socktype.
- Pass the value to krb5_locate_srv_conf_1.
- (krb5_locate_kdc): New argument socktype.
- * sendto_kdc.c (krb5int_sendto_udp): New function, containing most
- of the network code from krb5_sendto_kdc.
- (krb5_sendto_kdc): Call it.
- * accessor.c (krb5int_accessor): Set new sendto_udp field.
- * os-proto.h (krb5_locate_kdc): Update prototype. Add forward
- declaration for struct addrlist.
- * t_locate_kdc.c (main): Update call to krb5_locate_kdc.
-
- * locate_kdc.c: Include fake-addrinfo.h before k5-int.h.
- (grow_list, krb5int_free_addrlist)
- (add_addrinfo_to_list): Incorporate list-updating code from
- add_sockaddr_to_list. Store an addrinfo pointer, and set the
- ai_next field to null.
- (add_host_to_list): New arg SOCKTYPE. Write port numbers into
- buffers and let getaddrinfo fill in the sin*_port fields. Call
- getaddrinfo twice, and use two loops to add entries to the
- addrlist structure.
- (add_sockaddr_to_list, set_port_num): Deleted.
- (krb5_locate_srv_conf_1, krb5_locate_srv_dns_1): Pass extra arg
- to add_host_to_list.
- (krb5int_locate_server): New value 2 for is_stream arg means
- accept both UDP and TCP.
- * changepw.c: Include fake-addrinfo.h.
- (krb5_locate_passwd, krb5_change_password): Update for addrlist
- changes.
- * sendto_kdc.c: Include fake-addrinfo.h.
- (krb5_sendto_kdc): Update for addrlist changes. Skip any
- addresses that are not SOCK_DGRAM.
- * t_locate_kdc.c (stypename): New function.
- (print_addrs): Update for addrlist changes. Print socket type
- with address and port.
-
-2002-04-12 Ken Raeburn <raeburn@mit.edu>
-
- * lock_file.c (krb5_lock_file) [POSIX_FILE_LOCKS]: Make static
- "zero" variable const.
-
- * prompter.c (krb5_prompter_posix): Initialize 'i' and make it
- volatile.
-
- * locate_kdc.c (add_addrinfo_to_list) [TEST]: Print out socket
- type before returning.
- (add_host_to_list): Don't need to initialize err. Supply
- getaddrinfo hint to select datagram addresses only. Delete AIX
- bug workaround code.
-
-2002-04-10 Danilo Almeida <dalmeida@mit.edu>
-
- * locate_kdc.c (translate_ai_error), hst_realm.c
- (krb5int_translate_gai_error): Test some EAI_ error definitions
- so that we will also build correctly on Win32 (Winsock 2).
-
-2002-03-26 Ken Raeburn <raeburn@mit.edu>
-
- * hostaddr.c (FAI_PREFIX): Delete.
- * hst_realm.c (FAI_PREFIX): Delete.
- * localaddr.c [TEST || DEBUG]: Include fake-addrinfo.h, not
- fake-addrinfo.c.
- (FAI_PREFIX) [TEST || DEBUG]: Delete.
- * locate_kdc.c: Include fake-addrinfo.h, not fake-addrinfo.c.
- (FAI_PREFIX): Delete.
-
-2002-02-20 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c: Include foreachaddr.c.
- (printaddr, printifaddr, addr_eq, grow_or_free, get_ifconf,
- get_lifconf, get_linux_ipv6_addrs, foreach_localaddr): Deleted.
- * Makefile.in (localaddr.o): Update dependencies.
-
-2002-02-10 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (LINUX_IPV6_HACK) [__linux__&& KRB5_USE_INET6]:
- Define macro.
- (get_linux_ipv6_addrs) [LINUX_IPV6_HACK]: New function, reads
- addresses from /proc/net/if_inet6.
- (foreach_localaddr) [!HAVE_IFADDRS_H && !SIOCGLIFNUM &&
- LINUX_IPV6_HACK]: Include ipv6 addresses.
-
-2002-01-09 Ken Raeburn <raeburn@mit.edu>
-
- * hst_realm.c (EAFNOSUPPORT): On Windows, translate to
- WSAEAFNOSUPPORT.
-
-2002-01-08 Ken Raeburn <raeburn@mit.edu>
-
- * hst_realm.c (krb5int_get_fq_hostname): New function. Use
- getaddrinfo instead of gethostbyname.
- (krb5int_get_fq_local_hostname): New function.
- (krb5_get_host_realm): Call it.
- * def_realm.c (krb5_get_default_realm): Call it.
-
- * Makefile.in (t_localaddr): Link against $(LIBS).
-
-2001-12-05 Ezra Peisach <epeisach@mit.edu>
-
- * sendto_kdc.c (krb5_sendto_kdc): Get rid of unecessary casts.
-
-2001-10-24 Sam Hartman <hartmans@mit.edu>
-
- * accessor.c (krb5int_accessor): Add fields for struct version 4
-
-2001-10-17 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (add_host_to_list): If sa_len field exists and is
- zero, try to fill it in. Another AIX 4.3.3 bug workaround.
-
- * sendto_kdc.c (krb5_sendto_kdc) [DEBUG]: More fprintf calls for
- tracing through.
-
-2001-10-10 Ezra Peisach <epeisach@mit.edu>
-
- * localaddr.c (krb5_os_localaddr_profile): Cast argument to
- isspace() to int.
-
-2001-10-09 Ken Raeburn <raeburn@mit.edu>
-
- * os-proto.h: Make prototypes unconditional.
-
-2001-10-05 Ken Raeburn <raeburn@mit.edu>
-
- * an_to_ln.c, c_ustime.c, ccdefname.c, init_os_ctx.c, ktdefname.c,
- kuserok.c, localaddr.c, lock_file.c, prompter.c, promptusr.c,
- read_pwd.c: Drop _MSDOS support.
-
- * ccdefname.c, def_realm.c, free_hstrl.c, hst_realm.c,
- ktdefname.c, localaddr.c, mk_faddr.c, read_pwd.c, sn2princ.c,
- timeofday.c, ustime.c: Don't explicitly declare pointers FAR any
- more.
-
-2001-10-03 Ken Raeburn <raeburn@mit.edu>
-
- * accessor.c, ccdefname.c, changepw.c, def_realm.c, free_hstrl.c,
- genaddrs.c, hst_realm.c, init_os_ctx.c, ktdefname.c, localaddr.c,
- prompter.c, realm_dom.c, realm_iter.c, sn2princ.c, timeofday.c,
- ustime.c: Don't use KRB5_DLLIMP.
-
-2001-09-29 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (add_host_to_list): If address family in sockaddr
- structure is zero, copy it in from the addrinfo structure. Bug
- workaround for AIX 4.3.3.
-
-2001-09-28 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c: Retrieve IPv6 addresses on Solaris 8.
- (get_lifconf) [SIOCGLIFCONF]: New function.
- (foreach_localaddr) [SIOCFLIGNUM]: New section, using new lifconf
- and lifreq structures and related ioctls.
- (Tprintf, Tperror): New macros. Print stuff if TEST is defined,
- otherwise be silent but cause same evaluations to happen.
-
- * localaddr.c (TEST || DEBUG): Include fake-addrinfo.c, not
- fake-addrinfo.h.
-
-2001-08-31 Ken Raeburn <raeburn@mit.edu>
-
- * hostaddr.c (krb5_os_hostaddr): Don't use AI_DEFAULT.
-
- * genaddrs.c (struct addrpair): New type.
- (cvtaddr): New function. Fills in krb5_address structures
- referencing port and address parts of a sockaddr. Converts
- IPv4-mapped IPv6 addresses to plain IPv4 addresses.
- (krb5_auth_con_genaddrs): Use sockaddr_storage for addresses. Use
- addrpairs to pass to cvtaddr, then set up pointers to the elements
- as needed.
-
-2001-08-30 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c: Include fake-addrinfo.c instead of
- fake-addrinfo.h.
- (FAI_IMPLEMENTATION): Deleted.
-
-2001-08-01 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c: Include ctype.h.
- [TEST || DEBUG]: Defined FAI_PREFIX and include fake-addrinfo.h.
- (foreach_localaddr) [TEST]: Change whitespace in some debug
- messages.
- (print_addr) [TEST]: Delete non-getnameinfo version of code.
- Change some messages.
- (struct localaddr_data): New field CUR_SIZE.
- (allocate): Grow existing storage, if already allocated.
- (krb5_os_localaddr_profile): New function. Looks up
- "extra_addresses" in "libdefaults" section, separates on
- whitespace, looks up addresses, adds them to the list.
- (krb5_os_localaddr): Call krb5_os_localaddr_profile first; ignore
- any errors it reports.
- (krb5_os_localaddr) [DEBUG]: More debugging code.
-
- * hostaddr.c (krb5_os_hostaddr): Only retry non-numeric lookup
- after numeric lookup if AI_NUMERICHOST is nonzero.
-
-2001-07-31 Ezra Peisach <epeisach@mit.edu>
-
- * genaddrs.c: Use GETPEERNAME_ARG2_TYPE, GETPEERNAME_ARG3_TYPE
- instead of assuming types.
-
- * changepw.c: Use GETSOCKNAME_ARG3_TYPE instead of int in casts.
-
-2001-07-26 Ezra Peisach <epeisach@mit.edu>
-
- * gen_port.c (krb5_gen_portaddr): Add const to cast of
- krb5_const_pointer to maintain const status.
-
-2001-07-24 Ezra Peisach <epeisach@mit.edu>
-
- * sn2princ.c: Do not cast away const char * in call to strdup.
-
-2001-07-24 Jeffrey Altman <jaltman@columbia.edu>
-
- * def_realm.c:
- krb5_get_default_realm() required a profile file
- even when KRB5_DNS_LOOKUP was defined.
-
-2001-07-19 Ken Raeburn <raeburn@mit.edu>
-
- * hostaddr.c: Include fake-addrinfo.h.
- (FAI_PREFIX): Define macro.
- (krb5_os_hostaddr): Use getaddrinfo, to get ipv6 support and
- thread safety. Support numeric addresses as well.
-
- * t_locate_kdc.c: New file.
- * Makefile.in (t_locate_kdc.o, t_locate_kdc): New targets.
-
- * locate_kdc.c: Include fake-addrinfo.h.
- (FAI_PREFIX, FAI_IMPLEMENTATION): Define macros.
- (get_port, add_sockaddr_to_list, add_host_to_list): Drop
- gethostbyname/getservbyname support, always use getnameinfo, which
- should be thread-safe.
- (translate_ai_error, set_port_num): Now always defined.
- (set_port_num): Only check for AF_INET6 if KRB5_USE_INET6.
-
-2001-07-06 Ezra Peisach <epeisach@mit.edu>
-
- * sn2princ.c (krb5_sname_to_principal): Cast tolower argument to int.
-
- * hst_realm.c (krb5_get_host_realm): Cast argument to toupper and
- tolower to int.
-
-2001-06-21 Ezra Peisach <epeisach@mit.edu>
-
- * t_std_conf.c (test_locate_kdc): Get rid of unused variable.
-
-2001-06-20 Ezra Peisach <epeisach@mit.edu>
-
- * t_std_conf.c (test_locate_kdc): Update to new krb5_locate_kdc
- interface.
-
-2001-06-19 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (struct addrlist, ADDRLIST_INIT): Moved to
- k5-int.h.
- (krb5int_free_addrlist): Renamed from free_list; no longer
- static.
- (krb5_locate_srv_conf, krb5_locate_srv_dns, krb5int_locate_server,
- krb5_locate_kdc): Use addrlist in interface.
-
- * sendto_kdc.c (krb5_sendto_kdc): Use new struct addrlist
- interface.
-
- * changepw.c (krb5_locate_kpasswd): Use addrlist structure in
- interface and implementation.
- (krb5_change_password): Likewise.
-
- * accessor.c (krb5int_accessor): Fill in free_addrlist function
- pointer field.
-
- * os-proto.h (krb5_locate_kdc): Update prototype.
-
-2001-06-12 Ezra Peisach <epeisach@mit.edu>
-
- * sn2princ.c, hst_realm.c, an_to_ln.c: Cast argument to
- isupper()/isspace()/islower() to int.
-
- * t_std_conf.c (test_locate_kdc): krb5_locate_kdc expects a struct
- sockaddr *** as a third argument instead of sockaddr **.
-
-2001-06-07 Ezra Peisach <epeisach@mit.edu>
-
- * ktdefname.c (krb5_kt_default_name): Get rid of a variable that
- was set in a conditional but never used.
-
-2001-05-08 Danilo Almeida <dalmeida@mit.edu>
-
- * locate_kdc.c (add_host_to_list): Initialize stack variable err
- which would otherwise get returned without being set in certain
- circumstances.
-
-2001-05-07 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (add_sockaddr_to_list) [TEST]: If getnameinfo is
- available, use it instead of inet_ntoa to get the printable
- address.
- (add_host_to_list): Share declaration sections as much as
- possible. Propagate errors back correctly from gethostbyname
- path.
-
-2001-04-26 Ken Raeburn <raeburn@mit.edu>
-
- * hst_realm.c (T_TXT): Define if not defined by header files.
-
- * locate_kdc.c (krb5int_locate_server): New function, replaces
- functionality of krb5_locate_srv_conf and _dns, including checking
- whether DNS lookup is desired.
- (krb5_locate_srv_conf, krb5_locate_srv_dns): Define only if macro
- TEST is defined. Added another level of indirection in the
- address pointer argument.
- (krb5_locate_srv_dns_1, krb5_locate_srv_conf_1,
- translate_ai_error, get_port, struct addrlist, ADDRLIST_INIT,
- grow_list, free_list, add_sockaddr_to_list, add_addrinfo_to_list,
- set_port_num, add_host_to_list): New helper functions.
- (krb5_locate_kdc): Added another level of indirection in the
- address pointer argument. Call krb5int_locate_server.
- (KPASSWD_PORTNAME): Deleted.
-
- * os-proto.h (krb5_locate_kdc): Updated prototype.
-
- * sendto_kdc.c (krb5_sendto_kdc): Updates for change in
- krb5_locate_kdc interface.
-
- * changepw.c (krb5_locate_kpasswd): Call krb5int_locate_server.
- Add another level of indirection in address pointer. Now gives
- preference to _kpasswd info from DNS over admin_server info in
- config file, if kpasswd_server is not set.
- (krb5_change_password): Use struct sockaddr_storage for all
- automatic address variables. Ignore any non-IPv4 addresses
- returned from krb5_locate_kpasswd; return an error if all
- addresses are non-IPv4. Update for new krb5_locate_kpasswd
- interface.
-
- * accessor.c (krb5int_accessor): Set krb5_locate_server field.
-
-2001-04-25 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (socklen_t, socklen): Deleted; definitions now in
- k5-int.h instead.
- (foreach_localaddr): Use SIOCGIFNUM if it's available and
- SIOCGSIZIFCONF is not (e.g., Solaris 7 and 8).
- (print_addr) [!HAVE_GETNAMEINFO]: Only declare variable buf if
- AF_INET6 is defined.
-
-2001-03-31 Ken Raeburn <raeburn@mit.edu>
-
- * t_gifconf.c: New file.
-
-2001-03-10 Ezra Peisach <epeisach@mit.edu>
-
- * def_realm.c: Move prototype for krb5_try_realm_txt_rr() to
- os-proto.h.
-
- * init_os_ctx.c: Include os-proto.h
-
- * changepw.c, locate_kdc.c: Do not shadow sin() with local
- variable name.
-
- * os-proto.h: Add prototypes for krb5_try_realm_txt_rr() and the
- obsolete krb5_secure_config_files().
-
-2001-03-05 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (krb5_os_localaddr): Don't look for -1 return value
- from foreach_localaddr.
- (print_addr): Only process AF_INET6 addresses if AF_INET6 is
- defined.
-
- * gmt_mktime.c (gmt_mktime): Handle years earlier than 1970.
- (main) [TEST_LEAP]: New routine, driver for testing.
- * Makefile.in (t_mktime): New target.
-
-2001-03-05 Sam Hartman <hartmans@mit.edu>
-
- * kuserok.c: Set max_username to 65 not 10. 65 should be enough
- for a null terminated string from most current Unixes usernames.
- The previous limit of 10 was too low. I don't know how the
- previous limit was chosen nor why this is not a dynamic buffer.
-
-2001-03-05 Tom Yu <tlyu@mit.edu>
-
- * init_os_ctx.c: Get sys/ioctl.h for Solaris to get FIONBIO.
-
-2001-03-03 Ken Raeburn <raeburn@mit.edu>
-
- * init_os_ctx.c: If not Mac or Windows, define USE_RANDOM_DEVICE
- and include sys/ioctl.h.
- (krb5_os_init_context) [USE_RANDOM_DEVICE]: Read some bytes from
- /dev/urandom or /dev/random and use them to re-seed the PRNG.
-
-2001-02-05 Tom Yu <tlyu@mit.edu>
-
- * prompter.c (krb5_prompter_posix): Fix up terminal modes if we're
- interrupted. [reported by Booker Bense]
-
-2000-12-18 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LCLINT, LCLINTOPTS): New variables.
- (lclint-localaddr): New target.
-
- * localaddr.c (grow_or_free, get_ifconf, make_addr): Split out
- from foreach_localaddr and friends for simpler lclint analysis.
- (socklen): New function.
- (print_addr): Use getnameinfo if available.
- (struct localaddr_data, count_addrs, allocate, add_addr,
- make_addr): Define only if not testing.
- (foreach_addr): Call new functions. Annotate for lclint.
-
-2000-10-17 Ezra Peisach <epeisach@mit.edu>
-
- * changepw.c: Cast length argument to recvfrom/sendto to int.
-
- * os-proto.h: Moved extern definition of krb5_max_dgram_size,
- krb5_max_skdc_timeout, krb5_skdc_timeout_shift,
- krb5_skdc_timeout_1 here.
-
- * accessor.c: Definition for krb5_max_dgram_size,
- krb5_max_skdc_timeout, krb5_skdc_timeout_shift,
- krb5_skdc_timeout_1 moved to os-proto.h
-
- * osconfig.c: Changed definition for krb5_max_dgram_size,
- krb5_max_skdc_timeout, krb5_skdc_timeout_shift,
- krb5_skdc_timeout_1 to unsigned int.
-
- * get_krbhst.c, init_os_context.c, locate_kdc.c, prompter.c:
- Unsigned/signed int cleanup.
-
- * read_pwd.c (krb5_read_password): Change size_return to unsigned
- int *.
-
- * sendto_kdc.c: Remove definition for krb5_max_dgram_size,
- krb5_max_skdc_timeout, krb5_skdc_timeout_shift,
- krb5_skdc_timeout_1. (moved to os-proto.h). Cast arguments to int
- for send() and recv().
-
-2000-10-09 Ken Raeburn <raeburn@mit.edu>
-
- Support for getifaddrs() interface added in BSD.
- * localaddr.c (printaddr, printifaddr) [HAVE_IFADDRS_H && DEBUG]:
- New functions for debugging new ifaddrs code.
- (addr_eq) [HAVE_IFADDRS_H]: New function, for comparing addresses
- found with getifaddrs.
- (foreach_localaddr) [HAVE_IFADDRS_H]: New implementation, relies
- on C library function to retrieve data.
- (foreach_localaddr) [!HAVE_IFADDRS_H && TEST]: Print info about
- each address and why it might not be used.
- (print_addr, main) [TEST]: Print out the local addresses.
- * Makefile.in (t_localaddr): New target.
-
-2000-09-26 Ezra Peisach <epeisach@mit.edu>
-
- * an_to_ln.c: Unsigned vs signed int fixes.
-
- * t_std_conf.c: Declare local functions static, do not shadow
- sin() with local variable.
-
-2000-08-31 Jeffrey Altman <jaltman@columbia.edu>
-
- * locate_kdc.c: krb5_locate_srv_dns()
- Ensure that res_search() is called with a query string
- that is terminated by a '.' in order to disable the
- expansion of dns-search lists.
-
-2000-07-22 Tom Yu <tlyu@mit.edu>
-
- * accessor.c: Add NEED_SOCKETS in order to get prototype for
- krb5_locate_kdc().
-
-2000-07-19 Danilo Almeida <dalmeida@mit.edu>
-
- * accessor.c (krb5int_accessor): Add krb5int_accessor() to access
- internal krb5 functions from outside the library (so that we don't
- have to export them for the krb525 and gssapi libraries). The
- goal is to make this function eventually do nothing.
-
- * Makefile.in: Compile accessor.c.
-
-2000-07-18 Ezra Peisach <epeisach@mit.edu>
-
- * locate_kdc.c, hst_realm.c, def_realm.c, changepw.c: Include
- os-proto.h for internal prototypes.
-
- * os-proto.h: Prototypes for _krb5_use_dns_realm(),
- _krb5_use_dns_kdc(), _krb5_conf_boolean().
-
- * t_std_conf.c: Include k5-int.h for internal function prototypes.
-
-2000-06-30 Ezra Peisach <epeisach@mit.edu>
-
- * t_an_to_ln.c: Include <stdio.h> for prototypes.
-
- * locate_kdc.c (krb5_locate_srv_dns): Remove unused variable.
-
- * changepw.c, sendto_kdc.c, sn2princ.c: Add parentheses around
- assignment used as truth value.
-
- * ccdefname.c (get_from_os): Cast return from getuid() to long and
- indicate use of format in sprintf.
-
-2000-06-28 Ezra Peisach <epeisach@mit.edu>
-
- * def_realm.c: Add newline at end of file.
-
- * gmt_mktime.c: Define days_in_month as type int.
-
- * locate_kdc.c (krb5_locate_srv_dns): Cleanup unused variables.
-
-2000-06-23 Miro Jurisic <meeroh@mit.edu>
-
- * init_os_ctx.c (os_get_default_config_files): Return ENOENT when
- file is not found on MacOS (not ENFILE). Use Kerberos Preferences
- library to locate the config files on Mac OS. Eliminated some
- dead code.
-
-2000-06-23 Nalin Dahyabhai <nalin@redhat.com>
-
- * an_to_ln.c (do_replacement): Don't overflow buffers "in" or "out".
- * hst_realm.c (krb5_try_realm_txt_rr): Don't overfill "host" when
- malformed DNS responses are received.
-
- * ccdefname.c (get_from_os): Don't overflow buffer "name_buf".
- * kuserok.c (krb5_kuserok): Don't overflow buffer "pbuf".
-
-2000-06-23 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c: Include stddef.h.
- (foreach_localaddr): Check each address against previously used
- addresses, and skip duplicates, in case multiple interfaces have
- the same address. If called functions fail, drop out of loop and
- return nonzero. Use SIOCGSIZIFCONF ioctl if available to get the
- buffer size needed for SIOCGIFCONF, and skip the silly heuristics
- if it returns a reasonable value.
- (krb5_os_localaddr): Increment count of addresses to include null
- pointer terminator. Delete check for zero count.
-
- * locate_kdc.c (maybe_use_dns): Renamed from _krb5_use_dns. Now
- takes an arg to indicate a key to look up in krb5.conf, falling
- back to "dns_fallback", and an arg indicating the default value if
- no config file entries match.
- (_krb5_use_dns_realm): New routine; use "dns_lookup_realm" and
- KRB5_DNS_LOOKUP_REALM setting.
- (_krb5_use_dns_kdc): New routine; use "dns_lookup_kdc" and
- KRB5_DNS_LOOKUP_KDC.
- (krb5_locate_kdc): Call _krb5_use_dns_kdc.
- * changepw.c (krb5_locate_kpasswd): Call _krb5_use_dns_kdc.
- * def_realm.c (krb5_get_default_realm): Call _krb5_use_dns_realm.
- * hst_realm.c (krb5_get_host_realm): Call _krb5_use_dns_realm.
-
-2000-06-23 Alexandra Ellwood <lxs@mit.edu>
-
- * ccdefname.c: Added support to store a krb5_principal in the os_context
- along with the default ccache name (if known, this principal is the same
- as the last time we looked at the ccache.
-
-2000-05-09 Alexandra Ellwood <lxs@mit.edu>
-
- *localaddr.c: Fixed the local_addr_fallback_kludge so that it actually does something.
- Before that the error code it was handling was blowing it away in cleanup.
-
-2000-04-29 Jeffrey Altman <jaltman@columbia.edu>
-
- * hst_realm.c (krb5_get_host_realm)
- remove the searchlist and defaultrealm _kerberos queries
-
-2000-04-18 Danilo Almeida <dalmeida@mit.edu>
-
- * prompter.c (krb5int_set_prompt_types): Set to actual value
- intead of 0.
-
-2000-4-13 Alexandra Ellwood <lxs@mit.edu>
-
- * init_os_ctx.c: Added support to store a krb5_principal in the os_context
- along with the default ccache name (if known, this principal is the same
- as the last time we looked at the ccache.
-
-2000-03-20 Miro Jurisic <meeroh@mit.edu>
-
- * def_realm.c (krb5_free_default_realm): Added, use to free
- result of krb5_get_default_realm
-
-2000-03-15 Danilo Almeida <dalmeida@mit.edu>
-
- * prompter.c: Add krb5int_set_prompt_types() and
- krb5_get_prompt_types().
-
-2000-03-14 Ken Raeburn <raeburn@mit.edu>
-
- * init_os_ctx.c (os_get_default_config_files): Remove unused
- variable.
-
- * def_realm.c: Include netinet/in.h if available.
-
-2000-02-25 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (foreach_localaddr): Broken out from old
- krb5_os_localaddr. Iterates over all active interface addresses,
- invoking callback functions; knows nothing about Kerberos.
- (count_addrs, allocate, add_addr): New callback functions.
- (krb5_os_localaddr): Use the above.
- (allocate): Make room for NULL value at the end.
-
-2000-02-16 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (krb5_os_localaddr): Dynamically grow buffer used
- for SIOCGIFCONF until it appears to have been big enough.
- Dynamically grow internal address pointer array as needed.
-
-2000-02-11 Marshall Vale <mjv@mit.edu>
-
- * init_os_ctx.c (os_get_default_config_files.c): Added new
- file name "Kerberos Preferences" to the of valid configuration
- file names on Mac OS. The others will be removed at a later
- date.
-
-2000-02-08 Marshall Vale <mjv@mit.edu>
-
- * init_os_ctx.c (os_get_default_config_files.c): Added
- Application Support folder to list of locations to look
- for krb5 configuration file. Only looks at top level which
- needs to be improved.
- (GetMacProfileFileSpec): Added a parameter to declare which
- folder constants to use for file spec creation. Previously it
- had assumed just the Preferences folder.
-
-2000-02-07 Scott McGuire <smcguire@mit.edu>
-
- * changepw.c (krb5_locate_kpasswd): fixed memory trashing
- caused by incorrect pointer arithmetic when assigning
- DEFAULT_KPASSWD_PORT in DNS code also.
-
-2000-02-04 Scott McGuire <smcguire@mit.edu>
-
- * changepw.c (krb5_locate_kpasswd): fixed memory trashing
- caused by incorrect pointer arithmetic when assigning
- DEFAULT_KPASSWD_PORT in non-DNS code.
-
-1999-12-03 Danilo Almeida <dalmeida@mit.edu>
-
- * changepw.c: Define ETIMEDOUT for Windows.
-
-1999-12-01 Ken Raeburn <raeburn@mit.edu>
-
- * init_os_ctx.c (krb5_secure_config_files): Do define; always
- return an error, but perform old functionality in case the error
- is ignored. Delete when we can make a major version number
- change.
-
-1999-11-23 Ken Raeburn <raeburn@mit.edu>
-
- * an_to_ln.c (default_an_to_ln): Avoid stomping byte after
- supplied buffer. Thanks to Matt Crawford.
-
- * init_os_ctx.c (os_init_paths): Delete SECURE argument; read the
- value from the profile structure instead.
- (krb5_os_init_context, krb5_get_profile): Don't pass SECURE
- argument.
- (os_init_paths, krb5_get_profile): Cast first arg to
- profile_init.
- (krb5_secure_config_files): Don't define.
-
-1999-11-22 Miro Jurisic <meeroh@mit.edu>
-
- * ccdefname.c (get_from_os): Replaced Kerberos5GlobalsLib calls
- with CCAPI v3 calls
-
-1999-11-02 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (krb5_os_localaddr): Conditionalize INET6 support on
- new KRB5_USE_INET6 macro.
-
-1999-10-26 Wilfredo Sanchez <tritan@mit.edu>
-
- * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
- LOCAL_INCLUDES such that one can override CFLAGS from the command
- line without losing CPP search patchs and defines. Some associated
- Makefile cleanup.
-
-1999-10-22 Ken Raeburn <raeburn@mit.edu>
-
- * prompter.c (krb5_prompter_posix): Make ointrfunc, fd, and
- errcode volatile.
- * promptusr.c (krb5_os_get_tty_uio): Make ointrfunc and retval
- volatile.
- * read_pwd.c (krb5_read_password): Make ointrfunc volatile. Fix
- volatile decl for readin_string (pointer is volatile, doesn't
- point to volatile).
-
- * changepw.c (krb5_change_password): Wait only two minutes, not
- indefinitely, for a response from the kpasswd server.
-
-1999-10-18 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (krb5_os_localaddr): Don't bother trying to create
- inet6 socket; any socket type will do.
-
-1999-10-17 Ken Raeburn <raeburn@mit.edu>
-
- * localaddr.c (krb5_os_localaddr): Raise buffer size to 10K.
- Handle INET6 addresses. If INET6 support is built in but the
- socket creation fails, fall back to INET.
-
-1999-09-28 Ken Raeburn <raeburn@mit.edu>
-
- * changepw.c (krb5_locate_kpasswd): Declare local variable i even
- when DNS code is not in use.
- (krb5_locate_srv_conf, krb5_locate_srv_dns): Delete declarations.
-
-1999-09-21 Ken Raeburn <raeburn@mit.edu>
-
- Changes from Jeffrey Altman to look up kpasswd server using DNS.
- * changepw.c: (krb5_locate_kpasswd): New function, split out from
- krb5_change_password. Calls krb5_locate_srv_dns if use of DNS is
- desired, and krb5_locate_srv_conf to check config file.
- (krb5_change_password): Call it to find the server.
- * locate_kdc.c (krb5_locate_srv_conf): No longer static. Choose
- default port numbers based on service name rather than a single
- hard-coded value.
- (krb5_locate_srv_dns): No longer static.
-
-1999-09-17 Tom Yu <tlyu@mit.edu>
-
- * def_realm.c: Patch from jaltman@columbia.edu to allow compiling
- under non-Windows platforms with DNS lookup enabled.
-
-1999-09-01 Danilo Almeida <dalmeida@mit.edu>
-
- * kuserok.c (krb5_kuserok): Fix improper negation in
- non-Unix localname check. Also fix calling convention
- before this function is exported by the Windows DLL.
-
- * localaddr.c (krb5_os_localaddr): Fix memset to clear
- right address list. (Thanks to jaltman@columbia.edu).
-
-1999-09-01 Ken Raeburn <raeburn@mit.edu>
-
- * get_krbhst.c (krb5_get_krbhst): Fix double-indirection
- confusion. Do actually copy string contents to newly allocated
- storage.
-
-1999-08-21 Danilo Almeida <dalmeida@mit.edu>
-
- * localaddr.c (krb5_os_localaddr): Use multiple addresses, if
- present, on Mac and Windows.
-
-1999-08-10 Alexandra Ellwood <lxs@mit.edu>
-
- * changepw.c (krb5_change_password):
- Reorganized code so that krb5_change_password actually frees
- everything it allocated on error. Also fixed some memory
- leaks which happened even without an error occurring.
-
-1999-08-09 Danilo Almeida <dalmeida@mit.edu>
-
- * prompter.c (krb5_prompter_posix): Provide Win32 implementation
- so that kinit and such work under Win32.
-
-1999-08-06 Danilo Almeida <dalmeida@mit.edu>
-
- * def_realm.c (krb5_get_default_realm):
- * hst_realm.c (krb5_get_host_realm): Make sure we have FQDN
- in the case where we use gethostname.
-
- * def_realm.c (krb5_get_default_realm): Check that we have
- a realm before trying to copy it (since profile_get_string
- may return no error but not get anything).
-
- * init_os_ctx.c (krb5_get_profile): Fix calling convention.
-
-1999-08-05 Danilo Almeida <dalmeida@mit.edu>
-
- * t_std_conf.c (test_get_krbhst): Use krb5_free_krbhst to
- free buffers allocated by krb5_get_krbhst.
-
- * locate_kdc.c (_krb5_use_dns): Add _krb_use_dns to abstract
- away looking up of whether we use DNS or not in the profile.
-
- * ktdefname.c (krb5_kt_default_name): Use profile_release_string
- instead of free to free string allocated by profile_get_string.
-
- * get_krbhst.c (krb5_get_krbhst): Copy results from profile_get_values
- into malloc'ed buffers so we can safely free them later. Also call
- profile_free_list on the original values.
-
- * locate_kdc.c (krb5_locate_kdc):
- * hst_realm.c (krb5_get_host_realm):
- * def_realm.c (krb5_get_default_realm): Use _krb5_use_dns to figure
- out whether to use DNS or not instead of directly reading the
- profile in this routine.
-
- * realm_dom.c (krb5_get_realm_domain):
- * hst_realm.c (krb5_get_host_realm):
- * def_realm.c (krb5_get_default_realm): Copy results of
- profile_get_string into malloc'ed buffer so it can safely be free'd
- later.
-
- * locate_kdc.c (krb5_locate_srv_conf):
- * def_realm.c (krb5_get_default_realm):
- * changepw.c (krb5_change_password):
- * an_to_ln.c (krb5_aname_to_localname): Use profile_free_list
- to free values allocated by profile_get_values.
-
-1999-08-04 Danilo Almeida <dalmeida@mit.edu>
-
- * init_os_ctx.c (os_init_paths): Wrap use of ctx->profile_in_memory
- with KRB5_DNS_LOOKUP. Use pointer value to determine whether to free
- files by checking the files value rather than depending on the
- return value.
-
-1999-07-27 Miro Jurisic <meeroh@mit.edu>
-
- * init_os_ctx.c (GetMacProfileFileSpec): removed bogus string conversion
-
-1999-07-26 Miro Jurisic <meeroh@mit.edu>
-
- * c_ustime.c (krb5_crypto_us_timeofday): Merged in changes from the
- Mac_V2_0_derivatives branch -- microseconds support and guaranteed
- monotonically increasing microseconds on MacOS
-
- * init_os_ctx.c (os_get_default_config_files): Merged in changes from the
- Mac_V2_0_derivatives branch -- NRL config file name
-
- * init_os_ctx.c (krb5_get_profile): added krb5_get_profile
-
-1999-07-22 Jeffrey Altman <jaltman@columbia.edu>
-
- * init_os_ctx.c (os_init_paths)
- If profile_init() is unable to open a profile and returns ENOENT,
- remember in the context that the profile_in_memory and then
- call profile_init() with a NULL filespec.
-
- * def_realm.c (krb5_get_default_realm)
- * hst_realm.c (krb5_get_host_realm)
- * locate_kdc.c (krb5_locate_kdc)
- Use the profile entry [libdefaults] dns_fallback to determine
- if DNS SRV and TXT records should be used to find realms and
- servers if they are not found in the profile.
-
-
-1999-07-21 Ken Raeburn <raeburn@mit.edu>
-
- * init_os_ctx.c (os_get_default_config_files): Fix some typos and
- missed name changes in the patch Miro just checked in but forgot
- to mention here, in which Mac filespecs are used instead of
- filenames.
- (krb5_free_config_files): Ditto.
-
-1999-06-30 Ken Raeburn <raeburn@mit.edu>
-
- * locate_kdc.c (krb5_locate_kdc): Kerberos admin service name is
- "kerberos-adm", not "kadmin", so look up "_kerberos-adm._tcp" in
- DNS.
-
-1999-06-21 Ken Raeburn <raeburn@mit.edu>
- and Jeffrey Altman and Ken Hornstein
-
- * def_realm.c (MAXHOSTNAMELEN) [KRB5_DNS_LOOKUP]: Define if not
- already defined.
- (MAX_DNS_NAMELEN) [KRB5_DNS_LOOKUP]: New macro.
- (krb5_get_default_realm): Return an error if an empty realm name
- is found.
- (krb5_get_default_realm) [KRB5_DNS_LOOKUP]: Use
- krb5_try_realm_txt_rr to determine the realm of the local host or
- domain.
-
- * hst_realm.c [KRB5_DNS_LOOKUP]: Pull in some extra header files
- for resolver functionality.
- (MAX_DNS_NAMELEN): New macro.
- (krb5_try_realm_txt_rr) [KRB5_DNS_LOOKUP]: New function; looks up
- a TXT record.
- (krb5_get_host_realm): Use MAX_DNS_NAMELEN for buffer size.
- (krb5_get_host_realm) [KRB5_DNS_LOOKUP]: Use DNS lookup if config
- file doesn't contain a match.
-
- * locate_kdc.c [KRB5_DNS_LOOKUP]: Pull in some extra header files
- for resolver functionality.
- (MAXHOSTNAMELEN) [KRB5_DNS_LOOKUP]: Define if not already
- defined.
- (MAX_DNS_NAMELEN) [KRB5_DNS_LOOKUP]: New macro.
- (krb5_locate_srv_conf): Renamed from krb5_locate_kdc; now static;
- extra char* argument replaces fixed "kdc" in array of names to
- look up in profile.
- (krb5_locate_srv_dns) [KRB5_DNS_LOOKUP]: New function; looks up
- SRV records, and returns addresses sorted by priority.
- (krb5_locate_kdc): New function, calls above routines.
-
-1999-06-16 Danilo Almeida <dalmeida@mit.edu>
-
- * ccdefname.c (get_from_registry_indirect, try_dir, get_from_os):
- Extra robustness to win32 code.
-
- * init_os_ctx.c (krb5_get_config_files, krb5_free_config_files):
- Add function to get config files being used for current
- context with corresponding free function.
-
-1999-06-16 Danilo Almeida <dalmeida@mit.edu>
-
- * init_os_ctx.c (os_init_paths): Enhance win32 heuristics to use
- environment variable (like Unix) and to use the registry
- too. Will try executable's dir before windows dir if
- not secure.
-
- * ccdefname.c (get_from_os): Enhance win32 heuristics to use
- registry properly, default to API: properly,
- and to use temp dirs before the windows dir.
-
-1999-06-11 Miro Jurisic <meeroh@mit.edu>
-
- * init_os_ctx.c (os_init_paths): added NRL config file name correctly
- (thanks dalmeida)
-
-1999-06-09 Miro Jurisic <meeroh@mit.edu>
-
- * c_ustime.c (krb5_crypto_us_timeofday): fixed Mac PPC #ifdef
-
-1999-06-09 Miro Jurisic <meeroh@mit.edu>
-
- * c_ustime.c (krb5_crypto_us_timeofday): #ifdefed microseconds on Mac to be
- PPC-only
-
-1999-06-09 Miro Jurisic <meeroh@mit.edu>
-
- * c_ustime.c (AbsoluteToSecsNanosecs): Fixed the UInt64 division
- * c_ustime.c (krb5_crypto_us_timeofday): now returning the correct value
-
-1999-06-09 Miro Jurisic <meeroh@mit.edu>
-
- * c_ustime.c (AbsoluteToSecsNanosecs): Fixed the UInt64 comparison
-
-1999-06-09 Miro Jurisic <meeroh@mit.edu>
-
- * net_read.c, net_write.c: now setting errno on Mac too
-
-1999-06-09 Miro Jurisic <meeroh@mit.edu>
-
- * c_ustime.c (krb5_crypto_us_timeofday, HaveAccurateTime,
- AbsoluteToSecsNanosecs): Added support for microseconds or
- better timers on the Mac when available
-
- * c_ustime.c (krb5_crypto_us_timeofday): fixed usecs counting bug
- (From Chas Williams)
-
- * init_os_ctx.c (GetMacProfilePathname): removed hardcoded config file name
- (From Chas Williams)
-
- * init_os_ctx.c (os_init_paths): added NRL config file name
- (From Chas Williams)
-
-Tue Jun 8 15:26:21 1999 Alexandra Ellwood <lxs@mit.edu>
-
- * changepw.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO
- after socket operations to work with new Mac OT SocketsLib.
-
- * hst_realm.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO
- after socket operations to work with new Mac OT SocketsLib.
-
- * localaddr.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO
- after socket operations to work with new Mac OT SocketsLib.
-
- * net_read.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO
- after socket operations to work with new Mac OT SocketsLib.
-
- * net_write.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO
- after socket operations to work with new Mac OT SocketsLib.
-
- * sn2princ.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO
- after socket operations to work with new Mac OT SocketsLib.
-
-Mon May 10 15:26:20 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Do win32 build in subdir.
-
-Fri May 7 18:04:48 1999 Danilo D Almeida <dalmeida@mit.edu>
-
- * locate_kdc.c (krb5_locate_kdc): Fixed typo.
-
-Fri May 7 14:39:08 1999 Theodore Y. Ts'o <tytso@mit.edu>
-
- * locate_kdc.c (krb5_locate_kdc): Return KRB5_REALM_UNKNOWN if
- profile_get_values returns PROF_NO_RELATION or
- PROF_NO_SECTION.
-
-1999-04-01 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * prompter.c (krb5_prompter_posix): Update to use new prompter
- prototype which takes an extra argument for the window
- titlebar name. (From Frank Cusack) [krb5-kdc/662]
-
-Thu Mar 25 18:45:48 1999 Tom Yu <tlyu@mit.edu>
-
- * promptusr.c (krb5_os_get_tty_uio): getchar() returns int, not
- char.
-
-1999-03-12 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * init_os_ctx.c (krb5_os_init_context, krb5_os_free_context):
- Sample the ccdefault name at the time when we create the
- context. Free the ccdefault name when we free the os
- context.
-
- * ccdefname.c (krb5_cc_default_name, krb5_cc_set_default_name):
- Check to make sure the context is valid and return an
- error if it isn't.
-
-1999-03-11 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * ccdefname.c (get_from_os): Add missing call to get_from_registry
- under windows.
-
-Fri Feb 19 20:49:18 1999 Tom Yu <tlyu@mit.edu>
-
- * ccdefname.c (get_from_os): Add missing close-paren; also replace
- #elif just in case.
-
-Fri Feb 5 01:05:43 1999 Theodore Y. Ts'o <tytso@mit.edu>
-
- * ccdefname.c (get_from_os): On the Windows platform,
- automatically generate the correct default cache name
- based on what krb5_cc_dfl_ops is set to.
-
- * realm_dom.c (krb5_get_realm_domain): Add modifiers so that this
- function can get exported in a Windows DLL.
-
-Tue Feb 2 16:01:58 1999 Tom Yu <tlyu@mit.edu>
-
- * read_pwd.c: Remove reference to CPP symbol "unix".
-
-1999-01-29 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * ccdefname.c: Add a new function krb5_cc_set_default_name(),
- which is used set the default ccname stored in the
- krb5_context. All of the OS-specific functions to
- determine the default ccname is moved to this function.
- The krb5_cc_default_name() function now just reads the
- default ccname from the os_context, and will call
- krb5_cc_set_default_name() to set the default ccname if
- necessary.
-
- * t_std_conf: Added functions to test krb5_cc_default_name and
- krb5_cc_set_default_name(). Fixed the call to
- krb5_locate_kdc to support the new variables added by
- the Cygnus initial ticket API merge.
-
-1999-01-27 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * localaddr.c: On the macintosh, check to see if getmyipaddr
- returns NULL, and return an error in that case.
-
-Tue Jan 5 00:11:49 1999 Theodore Y. Ts'o <tytso@mit.edu>
-
- * sn2princ.c (krb5_sname_to_principal): Windows NT5's broken
- resolver gratuitously tacks on a trailing period to the
- hostname (at least it does in Beta2). Deal with this
- brain-damage.
-
-Tue Dec 22 01:22:24 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * changepw.c: Add a test for _WIN16 as well as _WIN32 for sockets
- workaround (in case we do want to build the 16 bit library
- again someday)
-
-Sat Dec 5 01:12:25 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * localaddr.c: Added missing KRB5_DLLIMP and KRB5_CALLCONF macros
- from the function definition.
-
-1998-12-04 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * realm_iter.c: New function which iterators over the realms in
- the krb5.conf file.
-
-1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Set the myfulldir and mydir variables (which are
- relative to buildtop and thisconfigdir, respectively.)
-
- * lock_file.c (krb5_lock_file): Fix bug where if the fcntl-style
- lock succeeded, we should return immediately instead of
- trying to do flock-style locking. Also check for
- HAVE_FCNTL_H and defined(F_SETLKW) and
- defined(F_RDLCK) instead of POSIX_FILE_LOCKS (so we
- can get rid of a non-standard autoconf symbol.)
-
-1998-10-31 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * lock_file.c (krb5_lock_file): Move the flock() fallback code
- from fcc_maybe.c into krb5_lock_file(). This works around
- the bug that certain lossy operating systems (mainly from
- our good friends at SunSoft) do not support
- POSIX_FILE_LOCKS on all filesystems (namely tmpfs) but do
- support flock on those filesystems.
-
-1998-10-27 Marc Horowitz <marc@mit.edu>
-
- * c_ustime.c, localaddr.c: moved here from lib/crypto
-
- * ktdefname.c (krb5_kt_default_name): there is code in the tree
- (notably, the admin server code) which uses globals to set the
- keytab which will be used by gssapi. this is gross, and we need a
- better answer. However, even that didn't work if there was an env
- var or krb5.conf variable, since those override krb5_defkeyname.
- Add a new global, krb5_overridekeyname, which really does override
- all the other keytab locators. While I'm at it, make the buffer
- overflow checks sane.
-
-Fri Sep 25 22:32:16 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * ccdefname.c: We shouldn't try to use the CCache API on Unix
- systems. (The maze of #ifdef's was confusing.)
-
-Tue Sep 1 15:44:11 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * ccdefname.c (krb5_cc_default_name): Changed the PC version to
- use the CCache API by default. Removed the old Macintosh
- code that had been commented out. (If we need to
- ressurect it, we'll get it from CVS.)
-
-Fri Aug 21 17:37:00 1998 Miro Jurisic <meeroh@mit.edu>
-
- * ccdefname.c.c (krb5_cc_default_name): Changed the Mac
- version to use CCache API by default.
-
-Thu Jul 16 09:59:34 1998 Ezra Peisach <epeisach@mit.edu>
-
- * changepw.c (krb5_change_password): Changes casts from char * to
- krb5_octet * to match krb5_address structure elements.
-
-Wed Jul 1 17:54:56 1998 Theodore Y. Ts'o <tytso@mit.edu>
-
- * macsock.c(inet_ntoa): Fix obvious bug where we were returning a
- pointer to an automatic variable which should have been a
- static. Fortunately nothing in the Mac tree was using
- inet_ntoa()....
-
-1998-05-06 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * t_std_conf.c (main): POSIX states that getopt returns -1
- when it is done parsing options, not EOF.
-
-Wed Sep 24 12:10:29 1997 Marshall Vale <mjv@mit.edu> (Checked in 1/13/98)
-
- * init_os_ctx.c: Changed all PBGetCatInfo to PBGetCatInfoSync for new
- Universal Headers.
-
- * ccdefname.c: Changed all PBGetCatInfo to PBGetCatInfoSync for new
- Universal Headers.
-
-Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Changed thisconfigdir to point at the lib/krb5
- directory, since we've moved the configure.in tests in
- this directory to the toplevel lib/krb5 configure.in
-
-Wed Feb 18 16:24:39 1998 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Remove trailing slash from thisconfigdir. Fix up
- BUILDTOP for new conventions.
-
-Mon Feb 2 17:02:19 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
-Fri Jan 30 15:56:15 1998 Tom Yu <tlyu@mit.edu>
-
- * changepw.c (krb5_change_password): KRB5_USE_INET ->
- HAVE_NETINET_IN_H.
-
-Fri Jan 2 21:28:56 1998 Tom Yu <tlyu@mit.edu>
-
- * locate_kdc.c (krb5_locate_kdc): Check return of
- malloc. [krb5-libs/518]
-
- * changepw.c (krb5_change_password): Check return of
- malloc. [krb5-libs/518]
-
-Tue Dec 16 11:00:18 1997 Ezra Peisach <epeisach@mit.edu>
-
- * locate_kdc.c (krb5_locate_kdc): Free hostlist array elements
- when finished with them.
-
-Sat Dec 6 23:12:23 1997 Ezra Peisach <epeisach@mit.edu>
-
- * locate_kdc.c (krb5_locate_kdc): Get rid of extra krb5_xfree
- which caused freeing of memory twice.
-
-Sat Dec 6 02:34:50 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Add changepw.c, prompter.c.
-
- * changepw.c: New file; Cygnus password changing protocol.
-
- * locate_kdc.c: Add parameter to indicate master KDC.
-
- * os-proto.h: Reflect changes to locate_kdc.
-
- * prompter.c: New file; Cygnus initial creds.
-
- * sendto_kdc.c: Add parameter to indicate master KDC.
-
-Mon Oct 6 11:40:11 1997 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * t_std_conf.c (main): Call krb5_free_context when done.
-
-Wed Oct 1 04:58:34 1997 Tom Yu <tlyu@mit.edu>
-
- * configure.in: Punt some things that are otherwise gotten from
- include/krb5/configure.in.
-
- * gmt_mktime.c: Get k5-int.h to get some autoconf symbols.
-
-Tue Sep 30 19:57:27 1997 Tom Yu <tlyu@mit.edu>
-
- * timeofday.c: Replaace erroneously named POSIX_TYPES and timetype
- with plain old time_t, since we're using AC_CHECK_TYPE now to
- handle it.
-
-Thu Sep 25 21:24:54 1997 Tom Yu <tlyu@mit.edu>
-
- * mk_faddr.c: Replace KRB5_USE_INET with something more sane.
-
- * port2ip.c: Replace KRB5_USE_INET with something more sane.
-
- * os-proto.h: Replace KRB5_USE_INET with something more sane.
-
- * locate_kdc.c: Replace KRB5_USE_INET with something more sane.
-
- * genaddrs.c (krb5_auth_con_genaddrs): Replace KRB5_USE_INET with
- something more sane.
-
- * gen_port.c (krb5_gen_portaddr): Replace KRB5_USE_INET with
- something more sane.
-
- * full_ipadr.c: Replace KRB5_USE_INET with something more sane.
-
-Thu Sep 18 17:56:00 1997 Tom Yu <tlyu@mit.edu>
-
- * hst_realm.c: Replace USE_STRING_H with something more sane.
-
-Mon Sep 15 15:21:12 1997 Ezra Peisach <epeisach@mit.edu>
-
- * ccdefname.c (krb5_cc_default_name): Returns a const char *.
-
-Sat Aug 16 10:11:20 1997 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * gmt_mktime.c (days_in_month): Now const.
- Originally by raeburn@cygnus.com from the Kerbnet release
-
-Tue Feb 25 00:29:33 1997 Richard Basch <basch@lehman.com>
-
- * read_pwd.c: Define Windows interface for krb5_read_password
- * win-pwd.rc: Resource file for Windows password dialog box
- * win-pwd.h: Support definitions for Windows krb5_read_password
-
-Sat Feb 22 22:41:02 1997 Richard Basch <basch@lehman.com>
-
- * Makefile.in: Use some of the new library list build rules in
- win-post.in
-
-Fri Feb 21 20:06:55 1997 Ezra Peisach <epeisach@mit.edu>
-
- * def_realm.c: Remove extern declaration of un-used krb5_config_file.
-
-Fri Feb 7 11:11:18 1997 Richard Basch <basch@lehman.com>
-
- * mk_faddr.c (krb5_make_fulladdr): Add FAR declarations (win16)
-
-Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com>
-
- * Makefile.in: win32 build
-
- * ccdefname.c, def_realm.c, free_hstrl.c, genaddrs.c, hst_realm.c,
- init_os_ctx.c, ktdefname.c, localaddr.c, sn2princ.c, timeofday.c,
- ustime.c
- DLL export several more common functions (see lib/krb5.def
- for the full list of functions exported)
-
-Thu Feb 6 15:46:24 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in:
- * configure.in: Update to new program build procedure.
-
-Thu Jan 2 17:19:11 1997 Tom Yu <tlyu@mit.edu>
-
- * configure.in: Update to new library build procedure.
-
-Wed Nov 13 02:53:31 1996 Tom Yu <tlyu@mit.edu>
-
- * osconfig.c: Add warning re: global variables.
-
- * ktdefname.c, osconfig.c: Revert previous kt_default_name
- changes.
-
- * ktdefname.c (krb5_kt_default_name): Fix a few memory-leak type
- problems in previous changes.
-
-Tue Nov 12 22:07:55 1996 Tom Yu <tlyu@mit.edu>
-
- * osconfig.c: Remove krb5_defkeyname to catch other things that
- may break.
-
- * ktdefname.c (krb5_kt_default_name): Change logic to no longer
- use a global variable; also add krb5_kt_set_default_name() to
- allow for the changing of the default keytab name in the context.
-
-Wed Nov 6 16:24:56 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * init_os_ctx.c (os_init_paths): Don't ignore errors found from
- parsing the config file. Currently, we return an error if
- the profile isn't found. In the future we can maybe do
- something better with intelligent defaulting if krb5.conf
- doesn't exist, but we don't have this today.
-
-Thu Aug 22 15:19:47 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * an_to_ln.c (db_an_to_ln): Remove references to dead BERK_DB_DBM
- code.
-
-Tue Jul 30 19:15:55 1996 Sam Hartman <hartmans@tertius.mit.edu>
-
- * Makefile.in (check-unix): Comment out an_2_ln tests that use
- database.
-
- * an_to_ln.c (krb5_aname_to_localname): Make the db lookup verison
- of aname_2_localname optional.
-
-Sun Jul 28 22:39:12 1996 Tom Yu <tlyu@mit.edu>
-
- * an_to_ln.c (aname_do_match): #elif HAVE_REGEXP_H should have
- been HAVE_REGEXPR_H
-
-Fri Jul 26 15:58:32 1996 Marc Horowitz <marc@mit.edu>
-
- * configure.in, an_to_ln.c (do_replacement, aname_do_match): use
- the compile() function in -lgen on solaris. Check for the
- relevant stuff at configure-time
-
-Fri Jul 12 21:38:15 1996 Marc Horowitz <marc@mit.edu>
-
- * ktdefname.c (krb5_kt_default_name): allow the default keytab name
- to be specified in the config file.
-
-Wed Jun 12 01:12:32 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * net_read.c (krb5_net_read):
- * net_write.c (krb5_net_write): In case of an error, on Windows
- machines, set errno from SOCKET_ERRNO, since the interface
- assumes the error is passed back the errno global
- varaible. This really needs to be fixed sometime...
-
- * read_msg.c: If ECONNABORTED is not defined, try using the
- Winsock version of the error code (WSAECONNABORTED).
-
-Mon Jun 10 21:48:45 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * read_pwd.c:
- * promptusr.c:
- * lock_file.c:
- * kuserok.c:
- * ktdefname.c (krb5_kt_default_name):
- * init_os_ctx.c (os_init_paths):
- * ccdefname.c:
- * an_to_ln.c (db_an_to_ln): Change _WINDOWS to _MSDOS, and add
- check for _WIN32.
-
-Thu Apr 18 16:24:44 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * macsock.c (getsockname, getpeername): Correctly implement
- getsockname(), so it does getsockname(), not
- getpeername(), and add the function getpeername().
-
-Sat May 11 10:08:15 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * configure.in: Need to include sys/types.h before regexp.h in
- test to see if regcomp works.
- Add V5_USE_SHARED_LIB for the tests that are built.
-
-Tue Apr 30 17:51:47 1996 Ken Raeburn <raeburn@cygnus.com>
-
- * configure.in: Test that regcomp actually works.
-
- * Makefile.in (check-unix): Use $(RM).
-
- * t_an_to_ln.c (main): Print principal name when an error is
- detected.
-
-Thu Apr 11 22:15:44 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * ustime.c (krb5_us_timeofday): When doing the time offset
- adjustments, make sure the microseconds field doesn't go
- negative.
-
-Thu Mar 28 17:20:12 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * DNR.c: Replace eight-year-old version of this file with the
- latest version from the Code Warrior MacTCP files.
-
- * macsock.c: Use new MacTCP header files.
-
-Wed Mar 27 18:31:44 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * macsock.c (gethostbyname, gethostbyaddr): Use universal
- procedure pointers (UPP), which are required on the Mac
- Power PC.
-
-Mon Mar 18 21:49:39 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * configure.in: Add KRB5_RUN_FLAGS
-
- * Makefile.in: Use runtime flags.
-
-Mon Mar 18 17:30:54 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * sn2princ.c (krb5_sname_to_principal): Add casting to avoid warnings.
-
-Mon Mar 18 14:18:58 EST 1996 Richard Basch <basch@lehman.com>
-
- * sn2princ.c: Do not try to re-assign const variables.
-
-Sun Mar 17 20:42:17 1996 Ezra Peisach <epeisach@mit.edu>
-
- * configure.in: Add USE_ANAME, KRB5_LIBRARIES
-
- * Makefile.in: Properly use libraries as specified by configure
-
-Wed Mar 13 13:11:49 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * t_std_conf.c: Include string.h
-
-Thu Feb 29 16:14:46 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * sendto_kdc.c (krb5_sendto_kdc): Take out calls to
- SOCKET_INITIALIZE and SOCKET_CLEANUP. This gets done in
- win_glue.c, and we only need to do this once. (XXX What
- about Macintosh?)
-
-Tue Feb 27 18:48:03 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * hostaddr.c (krb5_os_hostaddr): Use #define NEED_SOCKETS instead
- of #including <netdb.h> (this breaks under windows).
-
-Mon Feb 26 17:04:26 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * promptusr.c: Don't compile promptusr for Windows or Macintosh.
-
-Sat Feb 24 18:57:56 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * ktdefname.c (krb5_kt_default_name): Under Windows, assume that
- the keytab file is located in the Windows directory.
-
-Thu Feb 22 13:16:16 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * Makefile.in (check-unix): Set LD_LIBRARY_PATH for kdb5_anadd.
-
- * hostaddr.c (krb5_os_hostaddr): Set magic number in structure.
-
- * full_ipadr.c (krb5_make_full_ipaddr): Set magic number in structure.
-
-Sat Feb 17 00:05:38 1996 Theodore Y. Ts'o <tytso@pao.MIT.EDU>
-
- * def_realm.c (krb5_get_default_realm): If the configuration file
- does not exist (context->profile == NULL) return
- KRB5_CONFIG_CANTOPEN; if the default realm is not defined
- in the configuration file, return an error message saying
- so. These changes just make the diagnostic error
- messages more clear.
-
-Thu Jan 11 18:32:54 1996 Ezra Peisach (epeisach@paris)
-
- * Makefile.in (check-unix): Ultrix test does not support -x.
-
-Fri Jan 5 09:00:47 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * locate_kdc.c (krb5_locate_kdc): Add parrentheses for assignment
- in conditional. (gcc -Wall)
-
- * init_os_ctx.c (krb5_os_init_context): Remove unused variables
-
- * an_to_ln.c (aname_do_match): Initialize local variable before
- referenced.
-
-Thu Jan 4 22:23:04 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * hostaddr.c (krb5_os_hostaddr): New function which takes a
- hostname and returns a list of krb5 addresses. (This is
- basically a glue routine that converts the result of
- gethostbyname() to krb5 addresses.)
-
-Thu Dec 21 17:51:58 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in (t_an_to_ln): Use $(LD) instead of $(CC) to link
- final executables, so that we can more easily use purify.
-
- * hst_realm.c (krb5_get_host_realm): Eliminate memory leak; realm
- was already being allocated by the profile library; no
- reason to reallocate it again.
-
-Wed Nov 15 10:53:16 1995 <tytso@rsts-11.mit.edu>
-
- * promptusr.c: New function for doing generic tty input and output.
- Eventually read_password should use this function.
-
-Wed Nov 15 20:40:03 1995 Mark Eichin <eichin@cygnus.com>
-
- * lock_file.c (krb5_lock_file): initialize lock_arg to a copy of a
- static (thus zero) struct flock, to avoid panic'ing sunos 4.1.4.
-
-Sun Nov 12 05:31:21 1995 Mark W. Eichin <eichin@cygnus.com>
-
- * def_realm.c (krb5_get_default_realm): check for PROF_NO_PROFILE
- and return KRB5_CONFIG_CANTOPEN instead of BADFORMAT so that the
- user in the end knows what is going on.
-
-Mon Oct 9 19:05:24 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * ktdefname.c (krb5_kt_default_name): If profile_secure flag is
- set in the context then do not allow changing the location
- of the default keytab with an environment variable.
-
-Fri Oct 6 22:04:57 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Remove ##DOS!include of config/windows.in.
- config/windows.in is now included by wconfig.
-
-Thu Oct 5 07:49:26 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * init_os_ctx.c (krb5_secure_config_files): New function that
- will set flag and path to prevent user from overriding
- configuration files with environment variables.
-
-Mon Oct 2 17:36:38 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * init_os_ctx.c (krb5_os_init_context): Put back in the
- KRB5_CONFIG environment before setting to default.
-
-Tue Sep 26 22:46:01 1995 Mark Eichin <eichin@cygnus.com>
-
- * init_os_ctx.c (krb5_os_init_context): use profile_init_path for
- unix, and DEFAULT_PROFILE_PATH.
-
-Fri Sep 29 16:31:47 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * osconfig.c: Remove krb5_lname_file; it's not used any more.
-
-Mon Sep 25 16:58:17 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
- Makefile.
-
-Fri Sep 22 15:57:33 1995 Mark Eichin <eichin@cygnus.com>
-
- * write_msg.c (krb5_write_message): check the real length
- variable, not the net version.
-
-Wed Sep 20 12:00:00 1995 James Mattly <mattly@fusion.com>
-
- * macsock.c: Added TCP streams to the emulation package. gethostname
- now no longer returns true cannonical hostnames.
-
-Wed Sep 13 11:01:18 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: had to define away DBFLAGS for the PC.
-
-Mon Sep 11 17:46:18 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * genaddrs.c (krb5_auth_con_genaddrs): Replace function
- declaration back to int instead of SOCKET due to prototype
- mismatching.
-
-Sun Sep 10 12:00:00 1995 James Mattly <mattly@fusion.com>
-
- * ustime.c: use the version of getTimeZoneOffset in :os:crypto: for
- _MACINTOSH.
-
-Wed Sep 6 12:00:00 1995 James Mattly <mattly@fusion.com>
-
- * localaddr.c changed name to oslocaladdr.c for metrowerks project
- file management.
-
- * ustime.c: changed mac version of krb5_crypto_us_timeofday to compile
- with contemporary header files for metrowerks
-
- * macsock.c: added tcp stream support to suppliment the udp. Added
- getsockname. Fixed gethostname to stop appending '.' to the
- end of a connonical hostname.
-
- * net_write.c: need to cast file descriptors to SOCKETs
-
- * net_read.c: need to cast file descriptors to SOCKETs
-
- * krbfileio.c: mac doesn't support fsync, define the usage out
-
- * init_os_cxt.c: move the default location of the krb conf file to
- the preferences folder. Added some routines to take a
- mac FSSpec and turn it into a mac pathname string.
-
- * hst_realm.c: assign a NULL to retrealms to clean up a warning.
-
- * genaddrs.c: support getsockname from macsock
-
- * ccdefname.c: move the cred cache to the preferneces folder for mac
-
- * an_to_ln.c: turn functions off because I don't have a dbm library
-
- * timeofday.c: make krb5_timeofday use krb5_crypto_us_timeofday to
- incorperate the epoch difference between mac and unix.
-
-Fri Sep 1 00:47:27 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in (check-unix): Add a test case to make sure
- krb5_get_host_realm does something sane when passed in a
- hostname which doesn't have a default domain.
-
- * hst_realm.c (krb5_get_host_realm): If an hostname does not have
- a domain, don't try to get a domain default (which
- results in a strange error being returned).
-
- * toffset.c: Added new file which implements the abstract
- interfaces for manipulating the time offset fields in the
- os context.
-
- * ustime.c (krb5_us_timeofday): Add support for using the time
- offset fields in the os context.
-
- * timeofday.c (krb5_timeofday): Add support for using the time
- offset fields in the os context.
-
- * init_os_ctx.c (krb5_os_init_context): Initialize the time offset
- and flags fields in the os context.
-
-Thu Aug 31 17:24:48 EDT 1995 Paul Park (pjpark@mit.edu)
-
- * t_an_to_ln.c - Translate until error and return status.
- * Makefile.in - Test aname_to_lname under check-unix.
-
-Thu Aug 24 18:56:35 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * .Sanitize: Update file list.
-
-Wed Aug 16 02:45:19 1995 Chris Provenzano <proven@mit.edu>
-
- * lock_file.c (krb5_lock_file()), unlck_file.c (krb5_unlock_file()):
- Pass the fd in instead of converting it from FILE *.
-
-Fri Aug 4 22:51:15 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU>
-
- * kuserok.c (krb5_kuserok): Add parens to shut up gcc -Wall
-
- * genaddrs.c (krb5_auth_con_genaddrs): Add parens to shut up gcc
- -Wall
-
- * an_to_ln.c: Include ctype.h to get some prototypes; also add
- parens to shut up gcc -Wall
-
-Fri Jul 28 23:28:11 1995 Sam Hartman <hartmans@tertius.mit.edu>
-
- * sn2princ.c (krb5_sname_to_principal): GDon't use default realm
- just because we are on local machine. Instead, go through normal
- translations.
-
-Fri Jul 7 16:32:41 EDT 1995 Paul Park (pjpark@mit.edu)
- * Makefile.in - Find com_err in TOPLIBD.
-
-Thu Jul 6 17:26:03 1995 Tom Yu <tlyu@lothlorien.MIT.EDU>
-
- * localaddr.c: moved to lib/crypto/os; just a stub here.
-
- * ustime.c: moved to lib/crypto/os; just a stub here.
-
-Thu Jul 6 09:56:56 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * Makefile.in (clean): Remove t_an_to_ln.o
-
-Wed July 5 15:52:31 1995 James Mattly <mattly@fusion.com>
- * an_to_ln.c added _MACINTOSH conditions
- * genaddrs.c added HAS_MACSOCK_H conditions
- * krbfileio.c added THREEPARAMOPEN
- * kuserok.c added THREEPARAMOPEN
- * macsock.c added stub for gethostnameA
- * mk_faddr.c added HAS_MACSOCK_H conditions
- * read_pwd.c added _MACINTOSH condition
- * sys_log.c added _MACINTOSH condition
-
-Fri Jun 30 14:44:17 EDT 1995 Paul Park (pjpark@mit.edu)
- * an_to_ln.c - Add profile logic to aname_to_lname. We can now
- specify databases, rules and explicit mappings to convert
- between auth name and local name.
- * t_an_to_ln.c - Rudimentary test procedure. Needs work to be automatic
- * configure.in - Add --with-aname-dbm to select between Berkeley and
- DBM aname database format.
- * Makefile.in - Add definitions to select aname rules.
-
-Tue Jun 27 15:48:41 EDT 1995 Paul Park (pjpark@mit.edu)
- * read_pwd.c(intr_routine) - Add signal name argument to signal handler
- to conform to prototype.
-
-Sat Jun 10 23:07:27 1995 Tom Yu (tlyu@dragons-lair)
-
- * genaddrs.c: krb5_auth_context redefinitions
-
-Fri Jun 9 22:08:33 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * gmt_mktime.c (gmt_mktime): Change assertion to check to make
- sure that the day of the month is >= 1, not 0.
-
-Fri Jun 9 19:34:29 1995 <tytso@rsx-11.mit.edu>
-
- * configure.in: Remove standardized set of autoconf macros, which
- are now handled by CONFIG_RULES.
-
-Wed Jun 7 14:43:56 1995 <tytso@rsx-11.mit.edu>
-
- * def_realm.c (krb5_get_default_realm), get_krbhst.c
- (krb5_get_krbhst), hst_realm.c (krb5_get_host_realm),
- init_os_ctx.c (krb5_os_init_context), osconfig.c,
- realm_dom.c (krb5_get_realm_domain): Remove old ifdef'ed
- code which read in krb.conf and krb.realms.
-
- * read_pwd.c (krb5_read_password): Remove old #ifdef notdef code.
- Significantly simplified and cleaned up function.
- Removed BSD 4.3 compatibility code. (If we ever need
- to make this work on a non-POSIX system, we'll supply
- POSIX termios emulation functions in src/lib/krb5/posix.)
-
-Fri Jun 2 17:54:12 1995 Keith Vetter (keithv@fusion.com)
-
- * net_read.c, net_write.c: made to work with sockets.
-
-Fri May 26 20:20:58 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in, Makefile.in: Add support for building shared libraries.
-
-Thu May 25 15:33:45 1995 Keith Vetter (keithv@fusion.com)
-
- * os-proto.h: moved prototype for krb5_make_fulladdr to
- los-proto.h since it's needed by the krb directory.
- * ktdefnam.c: fixed signed/unsigned mismatch.
- * read_pwd.c: pc stub didn't track changes to the real routines
- parameter list (const was added).
-
-Tue May 23 16:29:24 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * t_std_conf.c, timeofday.c, unlck_file.c: Rearrange #include
- files so that krb5.h gets included first, so that the
- debugging information can be more efficiently collapsed
- since the type numbers will be the same.
-
-Tue May 16 10:33:03 EDT 1995 Paul Park (pjpark@mit.edu)
- * gmt_mktime.c - Use the actual year instead of the number of years
- since 1900 when determining if a year has a leapday.
- Makes dates after February in the year 2000 correct.
-
-Mon May 15 05:08:05 1995 <tytso@rsx-11.mit.edu>
-
- * ktdefname.c (krb5_kt_default_name): Use the KRB5_KTNAME
- environment variable to override the default location of
- the keytab.
-
-Mon May 8 22:19:23 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * read_pwd.c (krb5_read_password): use volatile on all
- systems. Let configure define volatile to nothing on
- systems without.
-
- * configure.in: Add HAS_ANSI_VOLATILE
-
- * mk_faddr.c (krb5_make_fulladdr): Allocate enough memory for
- raddr contents.
-
- * read_pwd.c (krb5_read_password): Make arguments prompt and
- prompt2 const char * for convenience to callers.
-
-Mon May 1 17:05:21 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * init_os_ctx.c (krb5_set_config_files): Added required const to
- function declaration to be compatbile with call to
- profile_init.
-
-Mon May 01 15:56:32 1995 Chris Provenzano (proven@mit.edu)
-
- * genaddrs.c (krb5_auth_con_genaddrs()),
- * mk_faddr.c (krb5_make_fulladdr()), os-proto.h :
- Changes to auth_context to better support full addresses.
-
-Sun Apr 30 16:03:59 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * osconfig.c: Global variables krb5_config_file and
- krb5_trans_file conditionalized on OLD_CONFIG_FILES.
-
-Sat Apr 29 07:07:22 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu>
-
- * init_os_ctx.c (krb5_set_config_files): New function. Provides a
- way to set a new set of config files for a particular OS
- context.
-
- * init_os_ctx.c (krb5_os_init_context): Don't return an error if
- profile_init() returns an error.
-
-Fri Apr 28 09:58:31 EDT 1995 Paul Park (pjpark@mit.edu)
-
- Move adm_conn.c from libkrb5 to libkadm.
-
-Thu Apr 27 17:50:14 1995 Keith Vetter (keithv@fusion.com)
-
- * adm_conn.c: added constant to pull in needed PC code, and
- removed two unused variables.
- * genaddrs.c: needed casts on getsockname and getpeername calls.
- * mk_faddr.c: the int->byte code needed explicit casts.
- * os-proto.h: added missing prototype for krb5_make_fulladdr.
-
-Wed Apr 26 16:00:52 EDT 1995 Paul Park (pjpark@mit.edu)
-
- * Add adm_conn.c - module to provide a connection to an administrative
- (kpasswd/kadmin) server.
-
-Wed Apr 27 11:30:00 1995 Keith Vetter (keithv@fusion.com)
-
- * osconfig.c: krb5_find_config_files only used for OLD_CONFIG_FILES.
- * init_os_.c: Get config file location via windows ini files.
-
-Thu Apr 27 13:04:54 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * Makefile.in (clean): Remove t_std_conf.o
-
-Tue Apr 25 21:58:23 1995 Chris Procenzano (proven@mit.edu)
-
- * Makefile.in : Added source files mk_faddr.c and genaddrs.c.
- * mk_faddr.c (krb5_mk_fulladdr()): Makes a full address from
- a struct sockaddr_in.
- * genaddrs.c (krb5_auth_con_genaddrs()) : Generate a full address
- from the active file descriptor and place it in the
- auth_context for the calls mk_safe(), mk_priv(), mk_safe(),
- rd_cred(), rd_priv(), and rd_safe().
- * gen_rname.c (krb5_gen_replay_name()) : Fixed to take any type of
- krb5_address and generate a rcache name.
- * os-proto.h (krb5_make_full_ipaddr()) : Removed prototype.
-
-Tue Apr 25 14:09:26 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * t_std_conf.c (main): Add declaration of optarg.
-
-Tue Apr 25 04:50:13 1995 Chris Procenzano (proven@mit.edu)
-
- * locate_kdc.c (krb5_locate_kdc()): Pass a NUL terminated realm
- to profile_get_values().
-
-Mon Apr 24 17:20:14 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
-
- * locate_kdc.c (krb5_locate_kdc): Don't deref NULL pointer
- returned from profile_get_values if profile is not set.
-
-Sat Apr 22 00:11:12 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * Makefile.in, configure.in, t_std_conf.c: Add test program to
- test the standard configuration krb5 routines.
-
- * osconfig.c: Don't define krb5_kdc_udp_portname and
- krb5_kdc_sec_portname any more. There's no real point...
-
- * hst_realm.c (krb5_get_krbhst): Strip off the trailing dot from
- the hostname if present.
-
- * locate_kdc.c (krb5_locate_kdc): Use the profile code to get the
- list of Kerberos servers (plus port numbers) for a
- particular realm from [realms]/<realm>/kdc
-
-Fri Apr 21 11:38:45 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu>
-
- * def_realm.c (krb5_get_default_realm): Use the profile code to
- get the default realm from [libdefaults]/default_realm.
-
- * get_krbhst.c (krb5_get_krbhst): Use the profile code to get the
- list of Kerberos servers for a particular realm from
- [realms]/<realm>/kdc
-
- * realm_dom.c (krb5_get_realm_domain): Use the profile code to
- get the default domain postfix for a realm (used only to
- convert V4 -> V5 principals) from
- [realms]/<realm>/default_domain
-
- * hst_realm.c (krb5_get_host_realm): Use the profile code to get
- the default realm given a particular host from
- [domain_realm]/<host|domain>
-
- * init_os_ctx.c (krb5_os_init_context): When the OS context is
- initialized, also initialize the profile file. This loads
- in the /etc/krb5.conf file.
-
-Wed Apr 19 13:50:19 1995 Ezra Peisach (epeisach@kangaroo.mit.edu)
-
- * def_realm.c: (krb5_get_default_realm) - remove global default realm.
- Moved into the context. (krb5_set_default_realm) added.
-
-Fri Apr 14 22:15:00 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu>
-
- * an_to_ln.c (dbm_an_to_ln): Don't compile dbm_an_to_ln() if
- USE_DBM_LNAME isn't defined.
-
-Fri Apr 14 15:15:48 1995 <tytso@rsx-11.mit.edu>
-
- * hst_realm.c (krb5_get_host_realm): Eliminate memory leak in the
- unlikely case that gethostname fails.
-
- If the krb.realms file isn't available, use the default
- realm of the host.
-
-Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com)
-
- * *.[ch]: removed unneeded INTERFACE from non-api functions.
- * read_pwd.c: __STDC__ conditional also checks the _WINDOWS define.
-
-Fri Apr 7 15:32:04 1995 Keith Vetter (keithv@fusion.com)
-
- * ccdefname.c:
- changed windows stored filename syntax--dropped the 'FILE:' part.
- changed buffer from malloc to static since we don't want it
- ever to fail, and nobody checks it for errors.
-
-Wed Apr 5 16:32:07 1995 Keith Vetter (keithv@fusion.com)
-
- * get_krbh.c: better error handling--old return values were
- being overwritten.
- * locate_kdc.c: added new error code KRB5_REALM_CANT_RESOLVE for
- when we have realm names but can't find their addresses.
- Also, fixed up indenting of an if clause.
- * sendto_kdc.c: added winsock init/destroy calls because some
- PC tcp/ip stacks seem to need it.
-
-Fri Mar 31 16:30:03 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * realm_dom.c (krb5_get_realm_domain): Don't indent #ifdef's!
-
- * hst_realm.c (krb5_get_host_realm): Don't indent #ifdef's!
-
-Thu Mar 30 15:54:54 1995 Keith Vetter (keithv@fusion.com)
-
- * localaddr.c: in Windows/Mac code, fixed bug due to wrong level
- of indirection on memcpy call.
-
-Tue Mar 28 19:22:28 1995 Keith Vetter (keithv@fusion.com)
-
- For Windows, added calls to get the default config, realms and
- ccache files out of a windows ini file.
- * ccdefname.c: does this for the credential cache.
- * osconfig.c: does this for the config and realms files.
- * get_krbh.c, realm_do.c, hst_real.c, def_real.c: added calls to
- set the default values.
-
-Tue Mar 28 18:35:20 1995 John Gilmore (gnu at toad.com)
-
- * DNR.c: Add Apple MacTCP source file for domain name resolution.
- * macsock.c: Add fake socket support routines for MacTCP.
- * Makefile.in (OBJS, SRCS): Add DNR and macsock.
- * ccdefname.c: On Mac, default cred cache is "STDIO:krb5cc" for now.
- FIXME, this needs to find the Preferences folder and use that.
- FIXME, shouldn't be conditioned on HAVE_MACSOCK_H.
- * gmt_mktime.c: Use HAVE_SYS_TYPES_H.
- * krbfileio.c: Remove <sys/types.h>.
- * localaddr.c, sendto_kdc.c: Convert to more generic socket
- support. Use closesocket instead of close, SOCKET_ERRNO rather
- than errno, SOCKET rather than int, etc.
- * localaddr.c: Use getmyipaddr() from macsock.c, if on Mac.
- Add FIXME for multiple local addresses.
- * lock_file.c: Provide a dummy version for MacOS.
- * read_pwd.c (ECHO_PASSWORD): Add #ifdef's to avoid all the ioctls
- and other stuff that turn off echoing. This is useful for debugging
- on MacOS. FIXME: ECHO_PASSWORD needs to be added to configure.in.
- * ustime.c: Bring in Mac-specific time-and-timezone code. It
- probably isn't hooked up correctly, yet.
-
-Mon Mar 27 14:16:39 1995 John Gilmore (gnu at toad.com)
-
- * full_ipadr.c, gen_rname.c, port2ip.c, read_msg.c, write_msg.c:
- Remove explicit includes of socket files.
- * locate_kdc.c: Remove <sys/types.h> and "os-proto.h".
-
- * macsock.c (connect, send, recv): Add for K5 compatability.
- (getmyipaddr): Add for use in K5.
-
- * macsock.c: Add Mac socket support file, verbatim from K4 release.
-
-Fri Mar 24 17:58:15 1995 Theodore Y. Ts'o (tytso@rt-11)
-
- * locate_kdc.c: Don't include sys/socket.h, netdb.h, netinet/in.h,
- since these files are already included by k5-config.h
-
- * sendto_kdc.c: Don't include sys/socket.h, since it is already
- included by k5-config.h
-
- * sn2princ.c: Don't include netdb.h, since it is already included
- by k5-config.h
-
-Thu Mar 23 23:11:36 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * realm_dom.c (krb5_get_realm_domain): Don't indent preprocessor
- directives. (Not portable).
-
- * hst_realm.c (krb5_get_host_realm): Don't indent preprocessor
- directives. Removed excess close paren introduced by
- Keith.
-
-Wed Mar 22 18:59:47 1995 Keith Vetter (keithv@fusion.com)
-
- * hst_realm.c, realm_dom.c: windows DLL can't use fscanf so had
- to write a couple of routines to read what we need from the file.
-
-Wed Mar 22 13:30:35 1995 Keith Vetter (keithv@fusion.com)
-
- * an_to_ln.c, kuserok.c: last two os routines ported to the PC.
-
-Fri Mar 17 19:56:39 1995 John Gilmore (gnu at toad.com)
-
- * Makefile.in (LDFLAGS): Eliminate, duplicates config/pre.in.
- * localaddr.c: Remove socket include files now handled in k5-int.h.
-
-Wed Mar 15 12:19:47 1995 Keith Vetter (keithv@fusion.com)
-
- * sendto_kdc.c: made to work on the PC.
-
-Tue Mar 7 22:15:00 1995 Keith Vetter <keithv@fusion.com>
-
- * sendto_kdc.c: stubbed on the PC for now.
-
-Tue Mar 7 19:54:17 1995 Mark Eichin <eichin@cygnus.com>
-
- * configure.in: take out ISODE_DEFS, ISODE_INCLUDE.
-
-Tue Mar 7 13:35:21 1995 Keith Vetter (keithv@fusion.com)
-
- * *.c: ported all the c files except an_to_ln, kuserok, and
- sendto_kdc which have windows stubs.
- * Makefile.in: reflects above changes.
-
-Wed Mar 1 17:30:00 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: made to work on the PC
- * ustime.c: added section for time on the PC
- * localaddr.c: added section for the PC--returns local IP address
- N.B. not sure how we're going to handle different machine dependent
- code changes. For now it's just added to the end of the file. Later,
- we have to decide on a solution for all.
-
-Tue Feb 28 01:07:37 1995 John Gilmore (gnu at toad.com)
-
- * *.c: Avoid <krb5/...> includes.
-
-Fri Feb 3 08:24:18 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * gmt_mktime.c (gmt_mktime): Don't double count the leap day in a
- leap year.
-
-Sun Jan 22 18:23:37 1995 John Gilmore (gnu@cygnus.com)
-
- * get_krbhst.c (krb5_get_krbhst): Declare realm argument const,
- to match prototype.
-
-Wed Jan 18 11:08:59 1995 <tytso@rsx-11.mit.edu>
-
- * sendto_kdc.c (krb5_sendto_kdc): Fix use of connected sockets;
- previously krb5_sendto_kdc only used one socket per
- address family. This doesn't work; it now uses one
- socket per address. (krb5-bugs #938)
-
-Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
-
- * Actually move the file init_ctx.c to init_os_ctx.c in the CVS
- repository and also rename the routine krb5_free_os_context()
- to krb5_os_free_context().
-
-Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
-
- * Added krb5_context to all krb5_routines
-
- * Moved init_ctx.c to init_os_ctx.c because a library cannot
- have more than on file with the same name. See krb/init_ctx.c
-
-Mon Dec 19 15:20:35 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * init_ctx.c: New file. Initializes and frees the krb5_os_context
- structure.
-
- * realm_dom.c (krb5_get_realm_domain): Fixed minor bug where the
- length of the returned domain was calculated incorrectly.
-
-Mon Oct 31 17:04:08 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * lock_file.c: Back out POSIX_FILE_LOCKS change. (Should be
- depending on autoconf.h to supply this #define if
- necessary.)
-
-Thu Oct 13 17:24:31 1994 Theodore Y. Ts'o (tytso@maytag)
-
- * configure.in: Add ISODE_DEFS
-
-Fri Oct 7 13:23:18 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in: Add test for unistd.h
-
- * lock_file.c: Use POSIX_FILE_LOCKS if _POSIX_VERSION is defined
- in unistd.h
-
-Thu Sep 22 20:46:08 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in: Put in correct dependency order of configure.in
- lines.
-
-Wed Jul 6 13:26:59 1994 Mark Eichin (eichin@cygnus.com)
-
- * gmt_mktime.c (gmt_mktime): New file, new function. Similar to
- POSIX mktime, but always works in GMT.
- configure.in, Makefile.in: build gmt_mktime.
-
-Wed Jun 22 15:49:30 1994 Theodore Y. Ts'o (tytso at tsx-11)
-
- * locate_kdc.c (krb5_locate_kdc): Fixed default port numbers so
- they are loaded in network byte order instead of host byte order.
-
-
diff --git a/src/lib/krb5/posix/ChangeLog b/src/lib/krb5/posix/ChangeLog
deleted file mode 100644
index a1186cc6a2..0000000000
--- a/src/lib/krb5/posix/ChangeLog
+++ /dev/null
@@ -1,268 +0,0 @@
-2006-04-02 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (DEFS): Make empty.
-
-2004-06-22 Ken Raeburn <raeburn@mit.edu>
-
- * getuid.c: Don't test __MWERKS__.
- * syslog.c: Don't test macintosh.
-
-2004-06-16 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (MACSRCS): Don't set.
-
-2004-02-24 Ken Raeburn <raeburn@mit.edu>
-
- * daemon.c: Moved to util/apputils.
-
-2003-08-21 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (STLIBOBJS, OBJS): Empty.
-
-2003-08-13 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (OBJS, STLIBOBJS): Drop setenv.o.
- * setenv.c: Deleted.
- * pos-obsolete.h: Deleted.
-
-2003-07-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBNAME, LIBOJS) [##WIN16##]: Don't define.
-
-2003-01-10 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag.
-
-2003-01-05 Sam Hartman <hartmans@mit.edu>
-
- * syslog.c (vsyslog): Remove declaration of errno
-
-2002-08-29 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-06-12 Ken Raeburn <raeburn@mit.edu>
-
- * syslog.c: Include syslog.h instead of sys/syslog.h.
-
-2001-10-05 Ken Raeburn <raeburn@mit.edu>
-
- * syslog.c: Drop _MSDOS support.
-
-2001-10-03 Ken Raeburn <raeburn@mit.edu>
-
- * sscanf.c: Don't use KRB5_DLLIMP.
-
-2001-07-08 Ezra Peisach <epeisach@mit.edu>
-
- * setenv.c: Include pos-obsolete.h
-
- * pos-obsolete.h: Add for obsolete functions until they can be
- removed from the library. Contains setenv functions.
-
-2000-06-30 Ezra Peisach <epeisach@mit.edu>
-
- * setenv.c: Do not provide prototype for static function unless
- defined.
-
-2000-04-28 Ken Raeburn <raeburn@mit.edu>
- Nalin Dahyabhai <nalin@redhat.com>
-
- * syslog.c (vsyslog): Use strncpy and strncat instead of strcpy
- and strcat when adding to buffer "tbuf". If calling vsprintf,
- abort if it appears to have overrun the buffer.
-
-1999-10-26 Wilfredo Sanchez <tritan@mit.edu>
-
- * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
- LOCAL_INCLUDES such that one can override CFLAGS from the command
- line without losing CPP search patchs and defines. Some associated
- Makefile cleanup.
-
-Mon May 10 15:26:38 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Do win32 build in subdir.
-
-1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Set the myfulldir and mydir variables (which are
- relative to buildtop and thisconfigdir, respectively.)
-
-Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Changed thisconfigdir to point at the lib/krb5
- directory, since we've moved the configure.in tests in
- this directory to the toplevel lib/krb5 configure.in
-
-Fri Feb 27 11:55:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * daemon.c: Change use of HAS_PATHS_H to be HAVE_PATHS_H.
- Change use of HAS_SETSID to be HAVE_SETSID.
-
-Wed Feb 18 16:25:07 1998 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Remove trailing slash from thisconfigdir. Fix up
- BUILDTOP for new conventions.
-
-Mon Feb 2 17:02:00 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
-Thu Sep 18 17:56:29 1997 Tom Yu <tlyu@mit.edu>
-
- * strcasecmp.c: Replace USE_STRING_H with something more sane.
-
- * memmove.c: Replace USE_STRING_H with something more sane.
-
-Sat Feb 22 22:42:10 1997 Richard Basch <basch@lehman.com>
-
- * Makefile.in: Use some of the new library list build rules in
- win-post.in
-
-Tue Feb 4 15:54:11 1997 Richard Basch <basch@lehman.com>
-
- * Makefile.in: Only build sscanf for Win16
- * sscanf.c: Export sscanf in Windows DLL
-
-Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com>
-
- * Makefile.in: win32 build
-
-Thu Jan 2 17:20:30 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in:
- * configure.in: Update to new library build procedure.
-
-Mon Jun 10 21:51:35 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * syslog.c: Change _WINDOWS to _MSDOS, and add check for _WIN32.
-
-Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Folded in danw's changes to allow
- building Makefiles for the Macintosh. We now can build
- MPW makefiles which are interpreted by CodeWarrior.
-
-Wed Jan 3 22:25:52 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * configure.in: Check for presense of setenv(), unsetenv(), and
- getenv() from the C library.
-
- * Makefile.in: New file: setenv.c --- provides routines for
- setting the environment.
-
-Tue Dec 19 17:29:21 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * configure.in: Don't drag in syslog.c if vsyslog() is not
- defined. Only drag it in if syslog() isn't available.
-
-Fri Oct 6 22:05:16 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Remove ##DOS!include of config/windows.in.
- config/windows.in is now included by wconfig.
-
-Mon Sep 25 16:58:28 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
- Makefile.
-
-Wed Sep 13 11:02:21 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: PC needs sscanf.c.
- * sscanf.c: cleanup to compile cleanly on the PC, mostly fixing
- signed/unsigned mismatches.
-
-Mon Sep 11 20:20:39 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * sscanf.c (sscanf): Initial version of a sscanf() replacement,
- for those platforms (like Macroloss) that don't have
- sscanf().
-
-Wed Sep 6 12:00:00 1995 James Mattly <mattly@fusion.com>
-
- * getuid.c: turn off getuid for metrowerks which has one (which
- is also a farce), but leave it on for MPW.
-
-Wed July 5 15:52:31 1995 James Mattly <mattly@fusion.com>
- * vfprintf.c included <stdio.h>
-
-Fri Jun 9 19:34:34 1995 <tytso@rsx-11.mit.edu>
-
- * configure.in: Remove standardized set of autoconf macros, which
- are now handled by CONFIG_RULES.
-
-Fri May 26 20:21:09 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in, Makefile.in: Add support for building shared libraries.
-
-Tue May 23 16:30:03 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * daemon.c: Rearrange #include files so that krb5.h gets included
- first, so that the debugging information can be more
- efficiently collapsed since the type numbers will be the
- same.
-
-Fri Apr 28 08:37:58 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu>
-
- * daemon.c (daemon): Lint cleanup; explicitly declare that
- daemon() returns an int.
-
-Thu Apr 13 16:44:55 1995 Keith Vetter (keithv@fusion.com)
-
- * syslog.c: __STDC__ conditional also checks the _WINDOWS define.
-
-Tue Mar 28 18:46:55 1995 John Gilmore (gnu at toad.com)
-
- * configure.in (AC_REPLACE_FUNCS): Add getuid to the list.
- * getuid.c: Simple getuid() to fake out single-user systems.
- * strcasecmp.c: Remove duplicated <sys/types.h> and u_char.
-
-Fri Mar 17 20:24:51 1995 John Gilmore (gnu at toad.com)
-
- * Makefile.in (LDFLAGS): Zap duplicate.
- (all-mac): Add.
-
-Tue Mar 7 19:57:50 1995 Mark Eichin <eichin@cygnus.com>
-
- * configure.in: take out ISODE_INCLUDE.
-
-Tue Mar 7 12:30:45 1995 Keith Vetter (keithv@fusion.com)
-
- * syslog.c: a disabled stub provided for satisfying the linker
- on the pc.
- * Makefile.in: made to work on the pc but only for syslog.c
-
-Tue Feb 28 01:05:42 1995 John Gilmore (gnu at toad.com)
-
- * daemon.c, memmove.c, strcasecmp.c, strdup.c: Avoid <krb5/...>
- includes.
- * memmove.c: Use HAS_SYS_TYPES_H.
-
-Thu Dec 22 16:33:02 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in:
- * strcasecmp.c: Add strcasecmp replacement if necessary.
-
- * daemon.c:
- * memmove.c: Add #include for <sys/types.h>
-
-Wed Dec 7 00:01:59 1994 <tytso@rsx-11.mit.edu>
-
- * configure.in: Add check for HAS_SETSID test for daemon.c
-
-Sat Jul 16 01:24:01 1994 Tom Yu (tlyu at dragons-lair)
-
- * daemon.c: <fcntl.h>, not <sys/fcntl.h>
-
-Tue Jun 21 00:52:24 1994 Mark W. Eichin (eichin at mit.edu)
-
- * configure.in: add AC_CONST for v*printf.
-
-Mon Jun 20 19:37:38 1994 Theodore Y. Ts'o (tytso at tsx-11)
-
- * memmove.c: #include <krb5/config.h> so that build works using imake.
-
diff --git a/src/lib/krb5/rcache/ChangeLog b/src/lib/krb5/rcache/ChangeLog
deleted file mode 100644
index 455884cf0a..0000000000
--- a/src/lib/krb5/rcache/ChangeLog
+++ /dev/null
@@ -1,509 +0,0 @@
-2006-04-02 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (DEFS): Make empty.
-
-2005-11-14 Jeffrey Altman <jaltman@mit.edu>
-
- * rc_io.c: include k5-int.h instead of krb5.h
-
-2005-04-13 Ken Raeburn <raeburn@mit.edu>
-
- * rc_io.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define.
-
-2005-01-15 Jeffrey Altman <jaltman@mit.edu>
-
- * rc_dfl.c: Move the extraction of the struct dfl_data
- from the krb5_rcache after obtaining the lock, not before.
-
-2004-08-03 Ken Raeburn <raeburn@mit.edu>
-
- * rc-int.h (struct _krb5_rc_ops): Add new member,
- recover_or_init.
- * rc_dfl.c (krb5_rc_dfl_init_locked): New function, with most of
- the content of old krb5_rc_dfl_init.
- (krb5_rc_dfl_init): Call it.
- (krb5_rc_dfl_recover_or_init): New function.
- * rc_dfl.h (krb5_rc_dfl_recover_or_init): Declare.
- * rcdef.c (krb5_rc_dfl_ops): Initialize new field.
- * rc_none.c (krb5_rc_none_recover_or_init): New macro.
- (krb5_rc_none_ops): Initialize new field.
- * rcfns.c (krb5_rc_recover_or_initialize): New function.
-
-2004-07-30 Ken Raeburn <raeburn@mit.edu>
-
- * rc_none.c: New file.
- * Makefile.in (SRCS, STLIBOBJS, OBJS): Build it.
- * rc-int.h (krb5_rc_none_ops): Declare.
- * rc_base.c (none): New variable.
- (krb5_rc_typelist_dfl): Add it into the linked list.
-
-2004-07-16 Ken Raeburn <raeburn@mit.edu>
-
- * rc_io.c: Don't check for macsock.h.
-
-2004-06-22 Ken Raeburn <raeburn@mit.edu>
-
- * rc_io.c (krb5_rc_io_move, krb5_rc_io_sync): Don't test
- macintosh.
-
-2004-06-15 Ken Raeburn <raeburn@mit.edu>
-
- * rc_io.c (dir, dirlen): Top-level variables deleted.
- (getdir): Now returns the pointer, doesn't set top-level
- variables.
- (GETDIR): Set local variables dir and dirlen using the function's
- return value.
- (krb5_rc_io_creat, krb5_rc_io_open_internal): Add the new local
- variables.
-
-2004-06-02 Ken Raeburn <raeburn@mit.edu>
-
- * rc-int.h (struct krb5_rc_st, struct _krb5_rc_ops, krb5_rc_ops):
- Move type definitions here from k5-int.h.
- (krb5_rc_register_type, krb5_rc_dfl_ops): Move declarations here
- from k5-int.h.
- * rc_dfl.c, rcdef.c, rcfns.c: Include rc-int.h.
-
-2004-05-27 Ezra Peisach <epeisach@mit.edu>
-
- * rc_base.c: Include rc-int.h
-
- * rc-int.h: Create file with prototypes for krb5int_rc_finish_init and
- krb5int_rc_terminate.
-
-2004-05-24 Ezra Peisach <epeisach@mit.edu>
-
- * rc_io.c (krb5_rc_io_open_internal): If file could not be open,
- do not invoke close negative argument.
-
-2004-05-03 Kenneth Raeburn <raeburn@mit.edu>
-
- * rc_dfl.c (krb5_rc_dfl_expunge_locked): Declare before use.
-
-2004-04-30 Ken Raeburn <raeburn@mit.edu>
-
- * rc_base.c (krb5_rc_resolve_type): Initialize the mutex in the
- replay cache structure.
- (krb5_rc_default, krb5_rc_resolve_full): Destroy it if creation of
- the replay cache fails.
- * rc_dfl.c (krb5_rc_dfl_get_span, krb5_rc_dfl_init): Lock the
- mutex while operating on the replay cache object.
- (krb5_rc_dfl_expunge_locked): Renamed from krb5_rc_dfl_expunge and
- made static. Call krb5_rc_dfl_recover_locked.
- (krb5_rc_dfl_expunge): New wrapper function, locks the mutex.
- (krb5_rc_dfl_recover_locked): Renamed from krb5_rc_dfl_recover and
- made static. Call krb5_rc_dfl_expunge_locked.
- (krb5_rc_dfl_recover): New wrapper function, locks the mutex.
- (krb5_rc_dfl_store): Lock the mutex. Call _expunge_locked.
-
-2004-04-24 Ken Raeburn <raeburn@mit.edu>
-
- * rc_base.c (rc_typelist_lock): Use new partial initializer.
- (krb5int_rc_finish_init): New function, finish the mutex
- initialization.
- (krb5int_rc_terminate): New function, destroy the mutex and free
- storage associated with registered types.
-
-2004-03-05 Ken Raeburn <raeburn@mit.edu>
-
- * rc_base.c: Include k5-thread.h.
- (rc_typelist_lock): New mutex var.
- (krb5_rc_register_type, krb5_rc_resolve_type): Lock it while
- working with the type list.
-
-2004-03-03 Ken Raeburn <raeburn@mit.edu>
-
- * rc_base.c: Delete unused and untested semaphore support.
-
-2003-08-26 Ken Raeburn <raeburn@mit.edu>
-
- * rc_dfl.c (alive): Take a timestamp argument instead of the
- context, and don't check the current time here. All callers
- changed to pass in the current time.
- (rc_store): Take a timestamp argument. All callers changed to
- pass in the current time.
-
-2003-07-17 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in (LIBNAME) [##WIN16##]: Don't define.
-
-2003-01-10 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag.
-
-2003-01-07 Ken Raeburn <raeburn@mit.edu>
-
- * rc_base.c (struct krb5_rc_typelist): Field "ops" now points to
- const.
- (krb5_rc_register_type): Likewise for "ops" argument.
- * rcdef.c (krb5_rc_dfl_ops): Now const.
- * rc_dfl.h (krb5_rc_dfl_ops): Declaration deleted.
-
-2002-09-05 Ken Raeburn <raeburn@mit.edu>
-
- * rc_io.c (krb5_rc_io_move): Missed a variable name change.
-
-2002-09-03 Ken Raeburn <raeburn@mit.edu>
-
- * rc_base.c, rc_conv.c, rc_io.c, ser_rc.c: Use prototype style
- function definitions.
-
- * rc_io.c (errno): Don't declare.
- (krb5_rc_io_move): Avoid variable name "new".
- * rc_dfl.c (cmp, alive): Avoid variable name "new".
-
-2002-08-29 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Revert $(S)=>/ change, for Windows support.
-
-2002-08-23 Ken Raeburn <raeburn@mit.edu>
-
- * Makefile.in: Change $(S)=>/ and $(U)=>.. globally.
-
-2002-06-14 Miro Jurisic <meeroh@mit.edu>
-
- * rc_io.c, rc_dfl.c: use "" includes for krb5.h and k5-int.h
- [pullup from 1-2-2-branch]
-
-2001-10-09 Ken Raeburn <raeburn@mit.edu>
-
- * rc_dfl.h, rc_io.h, ser_rc.c: Make prototypes unconditional.
-
-2001-10-05 Ken Raeburn <raeburn@mit.edu>
-
- * rc_io.c: Drop _MSDOS support.
-
- * rcfns.c: Don't explicitly declare pointers FAR any more.
-
-2001-10-03 Ken Raeburn <raeburn@mit.edu>
-
- * ser_rc.c: Don't use KRB5_DLLIMP.
-
-2001-07-24 Ezra Peisach <epeisach@mit.edu>
-
- * rc_dfl.c (krb5_rc_io_fetch): Once length element read from
- cache, and verified to be positive, put into unsigned int variable
- for passing to other functions that expect such.
-
-2001-07-04 Ezra Peisach <epeisach@mit.edu>
-
- * rc_io.c: Declare krb5_rc_io_open_internal static.
-
-2001-06-21 Danilo Almeida <dalmeida@mit.edu>
-
- * rc_io.c (krb5_rc_io_creat): Make cleanup code easier to read.
- (krb5_rc_io_open_internal): Include code previously in
- krb5_rc_open(). Add a new full pathname parameter so that a file
- can be opened by its full pathname. Make cleanup code easier to
- read.
- (krb5_rc_io_open): Call krb5_rc_io_open_internal().
- (krb5_rc_io_move): Fix Windows implementation so that it works
- where it is used (only called by krb5_rc_dfl_expunge()).
- (krb5_rc_io_sync): Fix function header to comply with coding
- standard. Add implementation for Windows.
- (krb5_rc_io_close): Close file descriptor only if it is not -1.
- Set file descriptor to -1 if it is successfully closed.
-
- * rc_dfl.c (krb5_rc_dfl_close_no_free): Leave file descriptor
- check for krb5_rc_io_close().
- (krb5_rc_dfl_expunge): Do better resource cleanup on error.
-
-2001-06-20 Danilo Almeida <dalmeida@mit.edu>
-
- * rc_dfl.c, rc_io.c: More compliance with coding standards: use
- ANSI function declarations, use curly braces to fix up #ifdef
- reindenting under Emacs, reindent code, strip trailing whitespace,
- wrap lines, fix commans. Not finished: fix indenting of curly
- braces in control structures.
-
-2001-01-23 Tom Yu <tlyu@mit.edu>
-
- * rc_io.c (getdir): Subtract one from dirlen, since sizeof
- includes the terminating NUL character. Avoid redundant path
- separators.
- (krb5_rc_io_move): When renaming OLD to NEW, don't copy the
- filename. This was causing temporary files to get leaked.
- (krb5_rc_io_close): Don't FREE if d->fn is NULL.
-
-2001-01-16 Ken Raeburn <raeburn@mit.edu>
-
- * rcfns.c: New file, with function versions of former dispatch
- macros from krb5.h.
- * Makefile.in (STLIBOBJS, OBJS, SRCS): Add it.
-
-2000-09-21 Ezra Peisach <epeisach@mit.edu>
-
- * rc_io.h (struct krb5_rc_iostuff): Internal structure - change
- position in file from long to off_t (as argument for lseek).
-
- * rc_io.c (krb5_rc_io_read, krb5_rc_io_write): Unsigned vs signed
- warnings cleanup.
-
- * rc_dfl.c (alive): Do not shadow time() with variable named for same.
-
- * rc_base.c (krb5_rc_resolve_full): Cleanup unsigned vs. signed
- warnings.
-
-
-2000-06-29 Ezra Peisach <epeisach@engrailed.mit.edu>
-
- * rc_io.c (krb5_rc_io_creat): Cast getpid() to int.
- (Use of a long might overflow buffer if pid_t is 64 bits */
-
-2000-04-28 Nalin Dahyabhai <nalin@redhat.com>
-
- * rc_io.c (getdir): Don't check dirlen again, the call sites
- always do. Fix dirlen calculation.
-
-1999-10-26 Wilfredo Sanchez <tritan@mit.edu>
-
- * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
- LOCAL_INCLUDES such that one can override CFLAGS from the command
- line without losing CPP search patchs and defines. Some associated
- Makefile cleanup.
-
-1999-09-21 Ken Raeburn <raeburn@mit.edu>
-
- * rc_dfl.c (krb5_rc_io_fetch): Set client and server fields to
- NULL after freeing them in the error case.
-
-Mon May 10 15:26:53 1999 Danilo Almeida <dalmeida@mit.edu>
-
- * Makefile.in: Do win32 build in subdir.
-
-Tue Apr 6 16:10:44 1999 Theodore Y. Ts'o <tytso@mit.edu>
-
- * rc_io.c (krb5_rc_io_move): Workaround the fact that Windows has
- really poor emulation of POSIX functions such as rename.
- (In fact, it has completely different semantics for this
- call!) Fix supplied by Tom Sanfilippo (txn# 2184 in krb5dev)
-
-1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Set the myfulldir and mydir variables (which are
- relative to buildtop and thisconfigdir, respectively.)
-
-Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Changed thisconfigdir to point at the lib/krb5
- directory, since we've moved the configure.in tests in
- this directory to the toplevel lib/krb5 configure.in
-
-Wed Feb 18 16:25:34 1998 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in: Remove trailing slash from thisconfigdir. Fix up
- BUILDTOP for new conventions.
-
-Mon Feb 2 17:01:50 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
-
-Thu Sep 25 21:28:41 1997 Tom Yu <tlyu@mit.edu>
-
- * rc_io.c: Replace KRB5_USE_INET with something more sane.
-
-Tue Mar 25 01:15:39 1997 Theodore Y. Ts'o <tytso@mit.edu>
-
- * rc_io.c (krb5_rc_io_open): rcache owner should be checked against
- the effective uid, not the real uid. [krb5-libs/366]
-
-Sat Feb 22 22:44:15 1997 Richard Basch <basch@lehman.com>
-
- * Makefile.in: Use some of the new library list build rules in
- win-post.in
-
-Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com>
-
- * Makefile.in: win32 build
-
- * rc_dfl.c, rc_dfl.h: Win32/DLL calling conventions for rcache
- functions. (Most rcache routines are still not exported
- pending an API review).
-
-Thu Jan 2 17:21:44 1997 Tom Yu <tlyu@mit.edu>
-
- * Makefile.in:
- * configure.in: Update to new library build procedure.
-
-Mon Nov 18 15:25:51 1996 Theodore Y. Ts'o <tytso@mit.edu>
-
- * rc_dfl.c: Apply jik's fix to allow the expunging of the replay
- cache to happen correctly. [174,132]
-
-Mon Jun 10 21:52:38 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
-
- * rc_io.c: Change _WINDOWS to _MSDOS, and add check for _WIN32.
-
-Sat Feb 24 18:53:33 1996 Theodore Y. Ts'o <tytso@dcl>
-
- * rc_io.c (krb5_rc_io_creat, krb5_rc_io_open): Use Windows path
- separator, if appropriate. Under Windows also use the
- environment variables TEMP and TMP for the replay cache.
-
-Fri Dec 1 17:07:24 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * rc_io.c (krb5_rc_io_creat): In case of permission problems,
- don't unlink the old replay cache; make it a hard
- (repeatable) error. This also reduces the chance we
- accidentally delete valuable data.
-
-Mon Nov 27 14:52:23 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU>
-
- * rc_dfl.c (krb5_rc_dfl_init): default lifespan to
- context->clockskew in case some app can't get at the
- internals of the context struct.
-
-Fri Oct 6 22:05:31 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Remove ##DOS!include of config/windows.in.
- config/windows.in is now included by wconfig.
-
-Mon Sep 25 16:58:40 1995 Theodore Y. Ts'o <tytso@dcl>
-
- * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
- Makefile.
-
-Wed Sep 6 12:00:00 1995 James Mattly <mattly@fusion.com>
- * rc_io.c: turn off a call to fsync which MACINTOSH doesn't support
-
-
-Thu Aug 31 14:13:21 EDT 1995 Paul Park (pjpark@mit.edu)
- * rc_base.c - Set magic number in rcache structure after successfully
- resolving the replay cache.
-
-
-Tue Aug 29 14:19:54 EDT 1995 Paul Park (pjpark@mit.edu)
- * Makefile.in, .Sanitize, ser_rc.c - Add routines to serialize rcache.
-
-Fri Aug 4 22:07:46 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU>
-
- * rc_conv.c (krb5_auth_to_rep): Add parens to shut up gcc -Wall
-
- * rc_io.c: Add parens to shut up gcc -Wall
-
- * rc_dfl.c: Add parens to shut up gcc -Wall
-
- * rc_base.c: Add parens to shut up gcc -Wall
-
-Thu Jul 20 22:34:47 1995 Mark Eichin <eichin@cygnus.com>
-
- * rc_dfl.c (rc_store): rename from store() to avoid conflict with
- dbm function of same name (and different prototype.)
-
-Wed July 5 15:52:31 1995 James Mattly <mattly@fusion.com>
- * rc_io.c added HAVE_MACSOCK_H, change open to THREEPARAMOPEN
-
-Fri Jun 9 19:34:38 1995 <tytso@rsx-11.mit.edu>
-
- * configure.in: Remove standardized set of autoconf macros, which
- are now handled by CONFIG_RULES.
-
-Fri May 26 20:21:19 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in, Makefile.in: Add support for building shared libraries.
-
-Tue May 23 16:30:29 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * rc_io.c: Rearrange #include files so that krb5.h gets included
- first, so that the debugging information can be more
- efficiently collapsed since the type numbers will be the
- same.
-
-Mon May 1 23:10:26 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * rc_dfl.c (krb5_rc_dfl_recover): Fix memory leaks in this
- function. The krb5_donot_replay structure was not being
- freed properly.
-
-Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com)
-
- * *.[ch]: removed unneeded INTERFACE from non-api functions.
-
-Fri Mar 31 16:44:34 1995 Theodore Y. Ts'o (tytso@dcl)
-
- * rc_dfl.c (krb5_rc_dfl_expunage): Close the old, temporary reply
- cache after we're done expunging it.
-
- * rc_io.c (krb5_rc_io_move): Make duplicate copies of the filename
- and the file descriptor (via malloc/strcpy and dup), so
- that the old rc_io object can be cleanly closed without
- affecting the new rc_io object.
-
-Fri Mar 17 20:27:41 1995 John Gilmore (gnu at toad.com)
-
- * Makefile.in (LDFLAGS): Eliminate duplicate of config/pre.in.
-
-Tue Mar 7 21:40:18 1995 Keith Vetter (keithv@fusion.com)
-
- * Makefile.in: changed library name for the PC.
-
-Tue Mar 7 19:54:32 1995 Mark Eichin <eichin@cygnus.com>
-
- * configure.in: take out ISODE_DEFS, ISODE_INCLUDE.
-
-Tue Mar 7 12:33:29 1995 Keith Vetter (keithv@fusion.com)
-
- * rc_io.c: moved the enabling defines for low-level io, e.g. read,
- write, lseek, etc., out of here and into k5-config.h.
-
-Thu Mar 2 11:55:00 1995 Keith Vetter (keithv@fusion.com)
-
- * rc_io.c: changed NEED_WINSOCK_H to NEED_SOCKETS
-
-Wed Mar 1 12:03:30 1995 Keith Vetter (keithv@fusion.com)
-
- * *.c, *.h Added windows INTERFACE keyword
- * Makefile.in: made to work on the PC.
- * rc_dfl.c: Some int/long changes for the PC
- * rc_io.c: hack to get Microsoft C in std-c mode to allow
- low-level i/o routines. Probably not a permanent solution
- but keep until we decide on a better method.
- * rc_io.h: added 2 missing prototypes
- * rc_dfl.h: added 2 missing prototypes
-
-Tue Feb 28 01:03:34 1995 John Gilmore (gnu at toad.com)
-
- * *.c: Avoid <krb5/...> includes.
-
-Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
-
- * Added krb5_context to all krb5_routines
-
-Thu Dec 22 15:44:50 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in: Add test for uid_t.
-
-Fri Oct 14 23:12:00 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * configure.in: Add ISODE_DEFS rule.
-
-Mon Oct 3 19:32:59 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * rc_def.c (krb5_rc_dfl_recover): krb5_rc_io_size was being called
- (still) with the wrong type argument. Should have been &t->d.
-
-Fri Sep 30 21:59:08 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * rc_def.c (krb5_rc_dfl_ops): Add placeholder for magic number
-
-Thu Sep 29 22:11:20 1994 Theodore Y. Ts'o (tytso@dcl)
-
- * rc_dfl.c (krb5_rc_dfl_recover): krb5_rc_io_size was being called
- with the wrong type argument. I have no idea how it was
-
-
-Thu Sep 8 23:34:53 1994 Theodore Y. Ts'o (tytso@pinata)
-
- * rc_io.c: The variables dirlen and dir were declared global, and
- didn't need to be; changed to be static.
-
-Sat Aug 20 00:09:37 1994 Theodore Y. Ts'o (tytso at tsx-11)
-
- * rc_dfl.c (krb5_rc_dfl_expunge): name (t->name) was getting freed
- and we tried to use it. Clear t->name to stop it from being
- freed, and then free it later.
-
-Mon Jun 20 19:37:13 1994 Theodore Y. Ts'o (tytso at tsx-11)
-
- * rc_base.h: #include <krb5/osconf.h> so that build works using imake.
-
generated by cgit (git 2.34.1) at 2026-01-01 15:21:04 +0000