diff options
| author | Tom Yu <tlyu@mit.edu> | 2004-02-11 02:49:58 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2004-02-11 02:49:58 +0000 |
| commit | 4417fd47169d933b105319d504f3ca3c5b9ce065 (patch) | |
| tree | 97261ac8915921dd366d1496295b592fdeef6123 /README | |
| parent | aa634f70d5269335446e9d5c451a9d503cf57328 (diff) | |
| download | krb5-4417fd47169d933b105319d504f3ca3c5b9ce065.tar.gz krb5-4417fd47169d933b105319d504f3ca3c5b9ce065.tar.xz krb5-4417fd47169d933b105319d504f3ca3c5b9ce065.zip | |
update for krb5-1.3.2-beta3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16054 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'README')
| -rw-r--r-- | README | 45 |
1 files changed, 39 insertions, 6 deletions
@@ -62,16 +62,26 @@ and logging in as "guest" with password "guest". Major changes in 1.3.2 ---------------------- -* [2040, 1471, 2067, 2077, 2079, 2167] Support for AES in GSSAPI has - been implemented. This corresponds to the in-progress work in the - IETF (CFX). +* [2040, 1471, 2067, 2077, 2079, 2166, 2167, 2220] Support for AES in + GSSAPI has been implemented. This corresponds to the in-progress + work in the IETF (CFX). -* [2049, 2139, 2148, 2153, 2182, 2183, 2184, 2190] Added a new ccache - type "MSLSA:" for read-only access to the MS Windows LSA cache. +* [2049, 2139, 2148, 2153, 2182, 2183, 2184, 2190, 2202] Added a new + ccache type "MSLSA:" for read-only access to the MS Windows LSA + cache. * [982] On windows, krb5.exe now has a checkbox to request addressless tickets. +* [2189] To avoid compatibility problems, unrecognized TGS options + will now be ignored. + +* [2218] 128-bit AES has been added to the default enctypes. + +* [2223] AES cryptosystem now chains IVs. This WILL break backwards + compatibility for the kcmd applications, if they are using AES + session keys. + Minor changes in 1.3.2 ---------------------- @@ -170,15 +180,38 @@ Minor changes in 1.3.2 * [2106] Return an error for unimplemented ccache functions, rather than calling through a null pointer. +* [2118] Applied patch from Will Fiveash to use correct parameter for + KDC TCP listening sockets. + * [2144] Memory management errors in the Windows gss.exe test client have been fixed. +* [2171] krb5_locate_kpasswd() now correctly calls htons() on the + kpasswd port number. Found by Arlene Berry. + * [2180] The profile library now includes pthread.h when compiled with USE_PTHREADS. -* [2181] A timeout has been added to gss-server, and a missing +* [2181, 2224] A timeout has been added to gss-server, and a missing parameter to sign_server() has been added. +* [2196] config.{guess,sub} have been updated from autoconf-2.59. + +* [2204] Windows gss.exe now has support for specifying credentials + cache, as well as some minor bugfixes. + +* [2210] GSSAPI accept_sec_context() no longer unconditionally sets + INTEG and CONF flags in contradiction to what the initiator sent. + +* [2212] The GSS sample application has some additional options to + support testing of SSPI vs GSSAPI. + +* [2217] Windows gss.exe has new UI elements to support more flag + settings. + +* [2225] In the gss sample client, some extraneous parameters have + been removed from client_establish_context(). + Notes, Major Changes, and Known Bugs for 1.3.1 ---------------------------------------------- |