src/lib/krb5/krb/ChangeLog


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130

Mon Nov 21 15:30:07 1994  Theodore Y. Ts'o  (tytso@dcl)

	* encode_kdc.c (krb5_encode_kdc_rep): Now requires that the
		caller pass in the encryption block to be used for
		encrpyting the ticket.  That way, this routine doesn't
		need to create its own encryption block.

	* encrypt_tk.c (krb5_encrypt_tkt_part): Now requires that the
		caller pass in the encryption block to be used for
		encrpyting the ticket.  That way, this routine doesn't
		need to create its own encryption block.

Fri Nov 18 17:30:44 1994  Theodore Y. Ts'o  (tytso@dcl)

	* mk_req_ext.c (krb5_mk_req_extended): Encrypt the authenticator
		using the same encryption system used to encrypt the ticket.

Thu Nov 17 01:56:05 1994  Theodore Y. Ts'o  (tytso@dcl)

	* gc_via_tgt.c (krb5_get_cred_via_tgt): 
	* gc_2tgt.c (krb5_get_cred_via_2tgt): Set the encryption type of
		the session keyblock to be the type used to encrypt the
		ticket. 

Fri Nov 11 01:20:22 1994  Theodore Y. Ts'o  (tytso@dcl)

	* get_in_tkt.c (krb5_get_in_tkt): Set the encryption type of the
		session keyblock to be the type used to encrypt the
		ticket. 

Thu Nov 10 23:56:43 1994  Theodore Y. Ts'o  (tytso@dcl)

	* rd_rep.c (krb5_rd_rep): Set the encryption type in
		the subkey keyblock to be the encryption type used to
		encrypt the rd_rep message.

	* decrypt_tk.c (krb5_decrypt_tkt_part): Set the encryption type in
		the session keyblock to be the encryption type used to
		encrypt the ticket.

	* rd_req_dec.c (decrypt_authenticator): Set the encryption type in
		the subkey keyblock to be the encryption type used to
		encrypt the authenticator. 

Tue Nov  8 17:09:48 1994  Theodore Y. Ts'o  (tytso@dcl)

	* in_tkt_pwd.c (pwd_keyproc): Use the documented interface for
		calling krb5_string_to_key().

Tue Oct 25 23:34:57 1994  Theodore Y. Ts'o  (tytso@dcl)

	* srv_rcache.c (krb5_get_server_rcache): Added missing continue so
	 	that we don't copy both the unprintable character as well
		as the quoted version of it.

Mon Oct 24 15:50:19 1994  Theodore Y. Ts'o  (tytso@dcl)

	* configure.in: If KRB4 is defined, define KRB5_KRB4_COMPAT for
		compat_recv.c.

Thu Oct 13 17:26:28 1994  Theodore Y. Ts'o  (tytso@maytag)

	* configure.in: Add ISODE_DEFS

Tue Oct  4 16:29:19 1994  Theodore Y. Ts'o  (tytso@dcl)

	* in_tkt_sky.c (skey_keyproc):
	* in_tkt_pwd.c (pwd_keyproc): Add widen.h and narrow.h includes
		around pwd_keyproc, so that the keyproc input arguments
		are appropriately widened.

Fri Sep 30 21:58:15 1994  Theodore Y. Ts'o  (tytso@dcl)

	* preauth.c (preauth_systems): Add placeholder for magic number

Thu Sep 29 15:31:10 1994  Theodore Y. Ts'o  (tytso@dcl)

	* srv_rcache.c (krb5_get_server_rcache): cachename was not being
		properly null-terminated.

	* get_in_tkt.c (krb5_get_in_tkt): Return KRB5_IN_TKT_REALM_MISATCH
		if the client and server realms don't match.  Return
		KRB5_KDCREP_SKEW if the KDC reply has an unacceptible
		clock skew (instead of KDCREP_MODIFIED.)

	* gc_via_tgt.c (krb5_get_cred_via_tgt): Use a distinct error code
		for KDC skew separate from the standard KDCREP_MODIFIED

	* princ_comp.c (krb5_realm_compare): Added new function from
		OpenVision.

Wed Sep 21 17:57:35 1994  Theodore Y. Ts'o  (tytso@dcl)

	* rd_req_dec.c (krb5_rd_req_decoded): Added Changes from Cybersafe
		to do transited realm path checking.

	* chk_trans.c: Added donated module from CyberSafe.  It checks to
		see if a transited path is a legal one between two realms.

Thu Sep 15 11:08:39 1994  Theodore Y. Ts'o  (tytso@dcl)

	* rd_req_sim.c (krb5_rd_req_simple): Use krb5_rd_req instead of
		krb5_rd_req_decoded, to eliminate some code duplication.

Sat Aug 20 01:43:43 1994  Theodore Y. Ts'o  (tytso at tsx-11)

	* mk_req_ext.c (krb5_generate_authenticator): Fix pointer aliasing
	problem between newkey and authent->subkey.

Wed Aug 17 17:58:22 1994  Theodore Y. Ts'o  (tytso at tsx-11)

	* encode_kdc.c (krb5_encode_kdc_rep): Pass in to
	encode_krb5_enc_kdc_rep_part the msg_type which should be used.
	Old versions of Kerberos always assume TGS_REP; this merely allows
	the right msg_type to be passed down to the encoding routines.
	For now, the encoding routines will ignore this value and do
	things the old way, for compatibility's sake.

Mon Aug  8 22:38:16 1994  Theodore Y. Ts'o  (tytso at tsx-11)

	* preauth.c: Renamed preauthentication mechanism names to match
	what bcn and I agreed upon.

Tue Jun 28 19:35:07 1994  Tom Yu  (tlyu at dragons-lair)

	* decode_kdc.c: folding in Harry's changes
	* rd_req.c: ditto
	* rd_req_sim.c: ditto
	* configure.in: adding ISODE_DEFS