krb5.git/src/windows/identity/kcreddb, branch proxymech MIT Kerberos patches Delete Network Identity Manager 2011-10-17T19:34:08+00:00 Tom Yu tlyu@mit.edu 2011-10-17T19:34:08+00:00 eb06a8e77810afeb718f7f42ece5759d4330d940 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25363 dc483132-0cff-0310-8789-dd5450dbe970 
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25363 dc483132-0cff-0310-8789-dd5450dbe970
make mark-cstyle 2009-10-31T00:48:38+00:00 Tom Yu tlyu@mit.edu 2009-10-31T00:48:38+00:00 02d6bcbc98a214e7aeaaa9f45f0db8784a7b743b make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970 
make reindent

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
Set svn:eol-style on a bunch of text-looking files that didn't have it 2007-09-24T22:05:56+00:00 Ken Raeburn raeburn@mit.edu 2007-09-24T22:05:56+00:00 5386b775b2fbce68cbc846f7dac3ef495e72457a git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19972 dc483132-0cff-0310-8789-dd5450dbe970 
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19972 dc483132-0cff-0310-8789-dd5450dbe970
Move the removal of the vc70.pdb and vc80.pdb files to the 2007-09-22T05:11:04+00:00 Jeffrey Altman jaltman@secure-endpoints.com 2007-09-22T05:11:04+00:00 c30fdcd7fddcf0ca8c368959c2ab7c6f7361bb13 global clean rule in config/Makefile.w32. No need to replicate them in each individual Makefile. ticket: 5756 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19966 dc483132-0cff-0310-8789-dd5450dbe970 
global clean rule in config/Makefile.w32.  No need to replicate
them in each individual Makefile.

ticket: 5756

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19966 dc483132-0cff-0310-8789-dd5450dbe970
Windows\Identity Makefile "clean" more 2007-09-18T21:08:01+00:00 Jeffrey Altman jaltman@secure-endpoints.com 2007-09-18T21:08:01+00:00 5f9b0e9084d4c1bfb898259ff52461661bd4c80a make sure that we clean up vc70.pdb, vc80.pdb, and temporary files generated during the build process. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19955 dc483132-0cff-0310-8789-dd5450dbe970 
make sure that we clean up vc70.pdb, vc80.pdb, and 
temporary files generated during the build process.

ticket: new
component: windows

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19955 dc483132-0cff-0310-8789-dd5450dbe970
NIM: 64-bit Windows Support and Removal of Compile Time Warnings 2007-08-28T20:58:45+00:00 Jeffrey Altman jaltman@secure-endpoints.com 2007-08-28T20:58:45+00:00 cb6064f5175f850ff094aa58c899a4a1ad5b6cb7 This patch permits Network Identity Manager to be built for 64-bit Windows. In the process all compile time warnings have been taken care of. For 64-bit Windows, we do not build the Kerberos v4 Credential Provider and we will not attempt to load the krb524 library. Note that when testing the 64-bit NIM, there is no CCAPI at the moment so you must manually specify a FILE: ccache as part of the identity's Kerberos v5 configuration if you want to use cache's other than the MSLSA. This patch also consolidates the computation of the default ccache name into utility functions: khm_krb5_get_identity_default_ccache khm_krb5_get_identity_default_ccacheA ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19891 dc483132-0cff-0310-8789-dd5450dbe970 
This patch permits Network Identity Manager to be built for 64-bit Windows.
In the process all compile time warnings have been taken care of.  

For 64-bit Windows, we do not build the Kerberos v4 Credential Provider
and we will not attempt to load the krb524 library.  

Note that when testing the 64-bit NIM, there is no CCAPI at the 
moment so you must manually specify a FILE: ccache as part of the 
identity's Kerberos v5 configuration if you want to use cache's 
other than the MSLSA.

This patch also consolidates the computation of the default ccache 
name into utility functions:

  khm_krb5_get_identity_default_ccache
  khm_krb5_get_identity_default_ccacheA

ticket: new
component: windows

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19891 dc483132-0cff-0310-8789-dd5450dbe970
All exports in nidmgr32.dll are declared as __declspec(dllexport) 2007-06-22T18:47:16+00:00 Jeffrey Altman jaltman@secure-endpoints.com 2007-06-22T18:47:16+00:00 65f9b75e71f9ec13c6b0d86a7ddce50f58369a74 using the KHMEXP macro in the header files. However, since the same header files are used to declare imports when building applications and plug-ins that use nidmgr32.dll, the KHMEXP macro should switch to __declspec(import) so that the relevant import table entries are created. To make this switch, the source files that go into nidmgr32.dll are compiled with the special macro _NIMLIB_ defined that indicates that the KHMEXP should expand to __declspec(dllexport). In the absence of this macro, KHMEXP will expand to __declspec(dllimport). ticket: 5584 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19618 dc483132-0cff-0310-8789-dd5450dbe970 
using the KHMEXP macro in the header files.  However, since the same
header files are used to declare imports when building applications
and plug-ins that use nidmgr32.dll, the KHMEXP macro should switch to
__declspec(import) so that the relevant import table entries are
created.

To make this switch, the source files that go into nidmgr32.dll are
compiled with the special macro _NIMLIB_ defined that indicates that
the KHMEXP should expand to __declspec(dllexport).  In the absence of
this macro, KHMEXP will expand to __declspec(dllimport).

ticket: 5584

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19618 dc483132-0cff-0310-8789-dd5450dbe970
set svn:eol-style to native for *.[ch] 2007-06-20T01:19:59+00:00 Ken Raeburn raeburn@mit.edu 2007-06-20T01:19:59+00:00 78ec90d925e1f672639762e6c9fa674bf7ff0a64 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19596 dc483132-0cff-0310-8789-dd5450dbe970 
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19596 dc483132-0cff-0310-8789-dd5450dbe970
KFW 3.2 Beta 2 commits 2007-04-12T03:40:25+00:00 Jeffrey Altman jaltman@secure-endpoints.com 2007-04-12T03:40:25+00:00 533ef6384b14e3e9309f1bd3cd71e290781b883e NetIDMgr 1.2.0.2 ================ nidmgr32.dll - When the root credential set is touched, trigger an identity refresh. This is necessary to ensure that the identity list has a complete state of the world when the identity provider attempts to initialize an initial default identity when none previously existed. (see krb5cred.dll section) - Don't set the enabled state for KHUI_ACTION_DESTROY_CRED and KHUI_ACTION_RENEW_CRED actions. They are set elsewhere. krb5common.obj - Initialize variables to prevent uninitialized use. krb4cred.dll - Re-order controls and use CheckRadioButton() for manipulating the radio buttons which select the ticket acquisition method. - Use symbolic constants instead of numbers. - If Kerberos 4 is enabled for a specific identity, then that setting takes precedence over the global setting. The global setting is merely a default if a per-identity setting is not specified. However, a per-identity setting is only read for the default identity. - If the validity of an identity is not known, assume that it is still being checked and don't display any credential text. - When handling WM_COMMAND messages for the new credentials panel, only update the data when a BN_CLICKED message is received and only update the display if the IDC_NCK4_OBTAIN checkbox is toggled. - Remove unused symbols from langres.h krb5cred.dll - When renewing an identity which was imported, first try to import it again. If that fails to obtain newer tickets, then try initializing the MSLSA cache and then importing again. - Correct spelling: k5_ident_valiate_name() -> k5_ident_validate_name(). - Refactor the code for setting an identity as the default so we can call it internally. - When setting the initial default identity, if there is no current default ccache and no known last default identity, then look through the list of ccaches with credentials and pick one with valid tickets. If all else fails, then pick any of the ccaches. netidmgr.exe - Credentials Window - Consistently use KHUI_CW_O_RELIDENT as a necessary and sufficient indicator that the identity needs to be released when freeing an outline node. - Properly initialize an outline node. - Don't group similar credentials if we aren't sorting/grouping by any specific column. - Use the KHUI_CW_O_EMPTY flag to indicate that an outline node contains no children. - Handle the case where we aren't sorting/grouping by any column. - Make sure outline nodes have valid idx_start and idx_end values. - Use consistent logic when painting and handling mouse hotspots. - Don't use WS_EX_TRANSPARENT when creating the notification window. - Use a fixed height for the notification window. - Update the outline when the default identity changes. - Hypertext Window - Correctly handle the "center" attribute in the "p" element. - Use a system brush for painting the background instead of creating one of our own. - Correct the handling of scroll_left and scroll_top when calculating the coordinates for text. - Don't check if the rectangle for the text is inside the visible area of the window before drawing. - Handle WM_ERASEBKGND and use a system color brush to erase the background. - When the size changes, force the extents to be recomputed. This will also update the scroll bars. - Use the proper return value after handling WM_PAINT. - The scrollbar messages send the operation code in the low word of wParam, not the high word. - Use GetScrollInfo() with SIF_POS when the operation is SB_ENDSCROLL or SB_THUMBPOSITION. - When the hottracked link changes for a transparent window, don't invalidate the entire parent window. Instead use MapWindowPoints() to calculate the affected rectangle and invalidate that. - Misc - Change the text of the IDS_NO_CREDS message so that it renders better on a small window. - Initialize COM when starting the GUI. - When showing and hiding the main window and the new credentials window, add a button to the task bar. This allows the user to switch focus to the window if it's obstructed. - Remove unused symbols from resource.h - New Credentials Window - Ignore the validity state of the identity when showing a password change dialog. We don't expect the identity provider to validate the identity when changing the password. ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19426 dc483132-0cff-0310-8789-dd5450dbe970 
NetIDMgr 1.2.0.2
================

nidmgr32.dll

- When the root credential set is touched, trigger an identity
  refresh.  This is necessary to ensure that the identity list
  has a complete state of the world when the identity provider
  attempts to initialize an initial default identity when none
  previously existed.  (see krb5cred.dll section)

- Don't set the enabled state for KHUI_ACTION_DESTROY_CRED and
  KHUI_ACTION_RENEW_CRED actions.  They are set elsewhere.

krb5common.obj

- Initialize variables to prevent uninitialized use.

krb4cred.dll

- Re-order controls and use CheckRadioButton() for manipulating the
  radio buttons which select the ticket acquisition method.

- Use symbolic constants instead of numbers.

- If Kerberos 4 is enabled for a specific identity, then that setting
  takes precedence over the global setting.  The global setting is
  merely a default if a per-identity setting is not specified.
  However, a per-identity setting is only read for the default
  identity.

- If the validity of an identity is not known, assume that it is still
  being checked and don't display any credential text.

- When handling WM_COMMAND messages for the new credentials panel,
  only update the data when a BN_CLICKED message is received and only
  update the display if the IDC_NCK4_OBTAIN checkbox is toggled.

- Remove unused symbols from langres.h

krb5cred.dll

- When renewing an identity which was imported, first try to import it
  again.  If that fails to obtain newer tickets, then try initializing
  the MSLSA cache and then importing again.

- Correct spelling: k5_ident_valiate_name() ->
  k5_ident_validate_name().

- Refactor the code for setting an identity as the default so we can
  call it internally.

- When setting the initial default identity, if there is no current
  default ccache and no known last default identity, then look through
  the list of ccaches with credentials and pick one with valid
  tickets.  If all else fails, then pick any of the ccaches.

netidmgr.exe

- Credentials Window

  - Consistently use KHUI_CW_O_RELIDENT as a necessary and sufficient
    indicator that the identity needs to be released when freeing an
    outline node.

  - Properly initialize an outline node.

  - Don't group similar credentials if we aren't sorting/grouping by
    any specific column.

  - Use the KHUI_CW_O_EMPTY flag to indicate that an outline node
    contains no children.

  - Handle the case where we aren't sorting/grouping by any column.

  - Make sure outline nodes have valid idx_start and idx_end values.

  - Use consistent logic when painting and handling mouse hotspots.

  - Don't use WS_EX_TRANSPARENT when creating the notification window.

  - Use a fixed height for the notification window.

  - Update the outline when the default identity changes.

- Hypertext Window

  - Correctly handle the "center" attribute in the "p" element.

  - Use a system brush for painting the background instead of creating
    one of our own.

  - Correct the handling of scroll_left and scroll_top when
    calculating the coordinates for text.

  - Don't check if the rectangle for the text is inside the visible
    area of the window before drawing.

  - Handle WM_ERASEBKGND and use a system color brush to erase the
    background.

  - When the size changes, force the extents to be recomputed.  This
    will also update the scroll bars.

  - Use the proper return value after handling WM_PAINT.

  - The scrollbar messages send the operation code in the low word of
    wParam, not the high word.

  - Use GetScrollInfo() with SIF_POS when the operation is
    SB_ENDSCROLL or SB_THUMBPOSITION.

  - When the hottracked link changes for a transparent window, don't
    invalidate the entire parent window.  Instead use
    MapWindowPoints() to calculate the affected rectangle and
    invalidate that.

- Misc

  - Change the text of the IDS_NO_CREDS message so that it renders
    better on a small window.

  - Initialize COM when starting the GUI.

  - When showing and hiding the main window and the new credentials
    window, add a button to the task bar.  This allows the user to
    switch focus to the window if it's obstructed.

  - Remove unused symbols from resource.h

- New Credentials Window

  - Ignore the validity state of the identity when showing a password
    change dialog.  We don't expect the identity provider to validate
    the identity when changing the password.

ticket: new
component: windows
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19426 dc483132-0cff-0310-8789-dd5450dbe970
NIM: New Default View and miscellaneous fixes 2007-03-20T20:41:52+00:00 Jeffrey Altman jaltman@secure-endpoints.com 2007-03-20T20:41:52+00:00 25e6fa5ec31981a3ec7d732fad6e46a997d29654 ================================ KfW 3.1 Alpha (NetIDMgr 1.1.11.0) -- nidmgr32.dll - Only one action in a menu is allowed to have KHUI_ACTIONREF_DEFAULT flag set. This marks the action as being the default action for the menu and will be rendered as such. - Newly created identities start off with the KCDB_IDENT_FLAG_EMPTY flag set. Once credentials are associated with the identity and the identity is refreshed, the flag will be cleared. - When creating actions, enforce the name length. - khm_value_exists() now handles shadowed configuration spaces. - Add new action KHUI_ACTION_LAYOUT_MINI which toggles between 'Advanced' and 'Basic' views. - Add support for F11 and F12 keys in khui_get_cmd_accel_string(). - New option for alerts to indicate that instead of just setting the response field in the alert, the UI should dispatch the command that the user has selected. -- krb5common.obj - khm_krb5_initialize() can return a handle to a krb5_ccache that has already been closed. Now it doesn't. - Also import 'krb5_string_to_deltat()'. - Work around conditioned symbol definitions in ntsecapi.h in the Vista Platform SDK that affect Win 2000. -- krb5cred.dll - Don't clear the prompts when the options for an identity changes. The prompter code relies on the prompts being around so that the values that the user has entered can be retained if the new set of prompts is the same as the old one. - Use the same code in the new credentials acquisition and the identity configuration code to obtain krb5 parameters for an identity. - Reset the 'IMPORTED' flag when we get new credentials using a password. - If the validity of a principal is not known, then we restrict the options that can be specified when calling krb5_get_init_creds_password() so that we can reliably determine if the principal is valid. If we need to get new credentials for the principal, we need to make another call using the correct options. - The return codes from the prompter need to indicate that the password read operation was cancelled instead of arbiraty non-zero values. - When reading identity settings, if a particular setting is not defined in the registry, then default to reading the settings out of krb5.ini. - Refer to credentials as 'credentials' or 'tickets' instead of 'creds'. - If an identity has imported credentials, don't import for the same identity again. - When importing an identity, create the identity configuration in the registry if we don't already have any settings there. - Work around conditioned symbol definitions in ntsecapi.h in the Vista Platform SDK that affect Win 2000. - Rearrange declarations for clarity. - Use the correct APIs to parse configuration values from krb5.ini. -- krb4cred.dll - The dialog layout was updated to accomodate a localized string that no longer fit in its control. - Remove a spurious inclusion of ntsecapi.h and work around conditioned symbol definition in the Vista Platform SDK. -- netidmgr.exe - Fix the menu creation code to correctly tag the default action so that it will be rendered properly. - Update the menu enumeration code to use documented functions instead of accessing acton lists directly. - Pool of per-identity actions now include a set of actions for obtaining credentials for specific identities. - The default action performed when the notification icon is clicked is now configurable. When displaying the context menu in the notification area, the default action is highlighted. - Remove unnecessary handlers from the notifcation event handler. - Only handle NIN_SELECT instead of both NIN_SELECT and WM_LBUTTONUP in the notification event handler. When the user clicks the notication icon, both events are generated. NIN_SELECT is canonical. - When the handling NIN_BALLOONUSERCLICK in the notification event handler, reset balloon_alert before displaying any new alerts so that we won't overwrite it later. - Reset the notification alert icon after displaying an alert. - If a renewal fails, the displayed alert contains a button that the user can click to initiate the process of acquiring new credentials for the identity. - Alerts can optionally dispatch the commands that were added to it using the KHUI_ALERT_FLAG_DISPATCH_CMD flag. - Increase the size of the About dialog. - Correct the action text for the IDS_ACTION_OPEN_APP and IDS_ACTION_CLOSE_APP to say 'Show' and 'Hide' instead of 'Open' and 'Close'. These actions only control the visible state of the NIM window. - Add additional notification which signals that the commandline has finished processing. - Add an 'acquire' action to the per-identity actions. - The per identity actions (renew, destroy, acquire) now have useful captions, names and tooltips. - Use WM_NEXTDLGCTL message when changing the focus of dialog controls. SetFocus() is insufficient. - If we get a request to show a new credential acquisition dialog and we are already showing one, bring that one to the foreground instead of trying to display a new one or waiting quietly. - New configuration schema for the UI that include definitions for the new default view. - The alerter window can now show more than one alert at once. - If we are about to show queued alerts, then check if the alerts that are waiting are related and if they can be grouped together. If so, show them in a single alert window instead of multiple ones. - If new alerts are issued while a set of alerts are being displayed and if the new alert is related to the alerts that are being displayed, then add the new alert to the list being displayed. - Make sure we have a lock on the alert when we are manipulating or accessing it. - Set the focus to the correct control when displaying an alert. - When adding alerts from the alert queue, make sure we iterate through the queue properly. - Allow keyboard navigation inside the alert window and support scroll bars. - Check if we have a valid code pointer before invoking a UI callback. - Make sure the main window is in the normal configuration before switching to a layout that rquires it. - When moving the main window around, if it comes close to an edge of the working area of the display, snap to it. - Maintain two sets of settings for the main window placement. One for the mini mode and one for the normal mode. - When processing saved window placement information from the configuration, handle docking hints which note which edges of the screen the main window should be adjacent to, if any. - Switching to the 'Basic' view disables the layout and column selection menus. - Position the new credentials dialog above the main window if the main window is visible. - The alert that is displayed to indicate that an identity has expired, now contains a command button that can be used to invoke the new credentials dialog for that identity. -- source - Update the documentation to reflect the change in behavior regarding KHUI_ACTIONREF_DEFAULT in khui_menu_insert_action() and khui_menu_insert_paction(). - Remove notes about menu access functions being not thread safe. This is no longer true. - Update the documentation for khui_alert_show() to document new behavior regarding KHUI_ALERT_FLAG_DISPATCH_CMD. - Update documentation to indicate which KHUI_ALERT_FLAG_* flags are internal and document the new KHUI_ALERT_FLAG_DISPATCH_CMD flag. - Augment the queue handling macros to support additional operations. Also add new tree data structure with an ordered list of children. - Code reorganization to reuse code for obtaining the caption and tooltip for a system defined action in netidmgr.exe. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19238 dc483132-0cff-0310-8789-dd5450dbe970 
================================
KfW 3.1 Alpha (NetIDMgr 1.1.11.0)

-- nidmgr32.dll

- Only one action in a menu is allowed to have KHUI_ACTIONREF_DEFAULT
  flag set.  This marks the action as being the default action for the
  menu and will be rendered as such.

- Newly created identities start off with the KCDB_IDENT_FLAG_EMPTY
  flag set.  Once credentials are associated with the identity and the
  identity is refreshed, the flag will be cleared.

- When creating actions, enforce the name length.

- khm_value_exists() now handles shadowed configuration spaces.

- Add new action KHUI_ACTION_LAYOUT_MINI which toggles between
  'Advanced' and 'Basic' views.

- Add support for F11 and F12 keys in khui_get_cmd_accel_string().

- New option for alerts to indicate that instead of just setting the
  response field in the alert, the UI should dispatch the command
  that the user has selected.

-- krb5common.obj

- khm_krb5_initialize() can return a handle to a krb5_ccache that has
  already been closed.  Now it doesn't.

- Also import 'krb5_string_to_deltat()'.

- Work around conditioned symbol definitions in ntsecapi.h in the
  Vista Platform SDK that affect Win 2000.

-- krb5cred.dll

- Don't clear the prompts when the options for an identity changes.
  The prompter code relies on the prompts being around so that the
  values that the user has entered can be retained if the new set of
  prompts is the same as the old one.

- Use the same code in the new credentials acquisition and the
  identity configuration code to obtain krb5 parameters for an
  identity.

- Reset the 'IMPORTED' flag when we get new credentials using a
  password.

- If the validity of a principal is not known, then we restrict the
  options that can be specified when calling
  krb5_get_init_creds_password() so that we can reliably determine if
  the principal is valid.  If we need to get new credentials for the
  principal, we need to make another call using the correct options.

- The return codes from the prompter need to indicate that the
  password read operation was cancelled instead of arbiraty non-zero
  values.

- When reading identity settings, if a particular setting is not
  defined in the registry, then default to reading the settings out of
  krb5.ini.

- Refer to credentials as 'credentials' or 'tickets' instead of
  'creds'.

- If an identity has imported credentials, don't import for the same
  identity again.

- When importing an identity, create the identity configuration in the
  registry if we don't already have any settings there.

- Work around conditioned symbol definitions in ntsecapi.h in the
  Vista Platform SDK that affect Win 2000.

- Rearrange declarations for clarity.

- Use the correct APIs to parse configuration values from krb5.ini.

-- krb4cred.dll

- The dialog layout was updated to accomodate a localized string that
  no longer fit in its control.

- Remove a spurious inclusion of ntsecapi.h and work around
  conditioned symbol definition in the Vista Platform SDK.

-- netidmgr.exe

- Fix the menu creation code to correctly tag the default action so
  that it will be rendered properly.

- Update the menu enumeration code to use documented functions instead
  of accessing acton lists directly.

- Pool of per-identity actions now include a set of actions for
  obtaining credentials for specific identities.

- The default action performed when the notification icon is clicked
  is now configurable.  When displaying the context menu in the
  notification area, the default action is highlighted.

- Remove unnecessary handlers from the notifcation event handler.

- Only handle NIN_SELECT instead of both NIN_SELECT and WM_LBUTTONUP
  in the notification event handler.  When the user clicks the
  notication icon, both events are generated. NIN_SELECT is canonical.

- When the handling NIN_BALLOONUSERCLICK in the notification event
  handler, reset balloon_alert before displaying any new alerts so
  that we won't overwrite it later.

- Reset the notification alert icon after displaying an alert.

- If a renewal fails, the displayed alert contains a button that the
  user can click to initiate the process of acquiring new credentials
  for the identity.

- Alerts can optionally dispatch the commands that were added to it
  using the KHUI_ALERT_FLAG_DISPATCH_CMD flag.

- Increase the size of the About dialog.

- Correct the action text for the IDS_ACTION_OPEN_APP and
  IDS_ACTION_CLOSE_APP to say 'Show' and 'Hide' instead of 'Open' and
  'Close'.  These actions only control the visible state of the NIM
  window.

- Add additional notification which signals that the commandline has
  finished processing.

- Add an 'acquire' action to the per-identity actions.

- The per identity actions (renew, destroy, acquire) now have useful
  captions, names and tooltips.

- Use WM_NEXTDLGCTL message when changing the focus of dialog
  controls.  SetFocus() is insufficient.

- If we get a request to show a new credential acquisition dialog and
  we are already showing one, bring that one to the foreground instead
  of trying to display a new one or waiting quietly.

- New configuration schema for the UI that include definitions for the
  new default view.

- The alerter window can now show more than one alert at once.

- If we are about to show queued alerts, then check if the alerts that
  are waiting are related and if they can be grouped together.  If so,
  show them in a single alert window instead of multiple ones.

- If new alerts are issued while a set of alerts are being displayed
  and if the new alert is related to the alerts that are being
  displayed, then add the new alert to the list being displayed.

- Make sure we have a lock on the alert when we are manipulating or
  accessing it.

- Set the focus to the correct control when displaying an alert.

- When adding alerts from the alert queue, make sure we iterate
  through the queue properly.

- Allow keyboard navigation inside the alert window and support scroll
  bars.

- Check if we have a valid code pointer before invoking a UI callback.

- Make sure the main window is in the normal configuration before
  switching to a layout that rquires it.

- When moving the main window around, if it comes close to an edge of
  the working area of the display, snap to it.

- Maintain two sets of settings for the main window placement.  One
  for the mini mode and one for the normal mode.

- When processing saved window placement information from the
  configuration, handle docking hints which note which edges of the
  screen the main window should be adjacent to, if any.

- Switching to the 'Basic' view disables the layout and column
  selection menus.

- Position the new credentials dialog above the main window if the
  main window is visible.

- The alert that is displayed to indicate that an identity has
  expired, now contains a command button that can be used to invoke
  the new credentials dialog for that identity.


-- source

- Update the documentation to reflect the change in behavior regarding
  KHUI_ACTIONREF_DEFAULT in khui_menu_insert_action() and
  khui_menu_insert_paction().

- Remove notes about menu access functions being not thread safe.
  This is no longer true.

- Update the documentation for khui_alert_show() to document new
  behavior regarding KHUI_ALERT_FLAG_DISPATCH_CMD.

- Update documentation to indicate which KHUI_ALERT_FLAG_* flags are
  internal and document the new KHUI_ALERT_FLAG_DISPATCH_CMD flag.

- Augment the queue handling macros to support additional operations.
  Also add new tree data structure with an ordered list of children.

- Code reorganization to reuse code for obtaining the caption and
  tooltip for a system defined action in netidmgr.exe.

ticket: new
component: windows

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19238 dc483132-0cff-0310-8789-dd5450dbe970