diff options
Diffstat (limited to 'src/lib/krb5/ccache/ChangeLog')
| -rw-r--r-- | src/lib/krb5/ccache/ChangeLog | 1075 |
1 files changed, 0 insertions, 1075 deletions
diff --git a/src/lib/krb5/ccache/ChangeLog b/src/lib/krb5/ccache/ChangeLog deleted file mode 100644 index 0c3c48aeb..000000000 --- a/src/lib/krb5/ccache/ChangeLog +++ /dev/null @@ -1,1075 +0,0 @@ -2006-04-02 Ken Raeburn <raeburn@mit.edu> - - * t_cc.c: Include autoconf.h. - - * Makefile.in (DEFS): Make empty. - -2005-12-02 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: increase the size of the PurgeRequest - -2005-10-27 Jeffrey Altman <jaltman@mit.edu> - * ccdefault.c: - (krb5int_cc_default) - add KFW support for multiple ccaches - -2005-10-20 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - - provide defaults for client and server names in purge - ticket routines - - properly size the buffers used to store the names. - -2005-06-15 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (dereference): Fix test is list-walking loop. - -2005-04-13 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define. - -2005-01-13 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (struct _krb5_fcc_data): Fields disk_file_lock, - file_is_locked deleted. - (krb5_fcc_open_file, krb5_fcc_close_file, dereference, - krb5_fcc_resolve, krb5_fcc_generate_new, krb5_fcc_set_flags): - Don't set or check them. - -2005-01-11 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - - do not free krb5_creds if krb5_copy_creds fails - - cause MSTicketToMITTicket to return failure if - krb5_copy_data fails - -2004-12-25 Ezra Peisach <epeisach@mit.edu> - - * cc_file.c (krb5_fcc_close): Free the cache id. - (dereference): When removing fcc_set entry from list, free the - pointer as well. - -2004-12-16 Jeffrey Altman <jaltman@mit.edu> - * cc_mslsa.c: - Temporarily deactivate support for KerbSubmitTicketMessage - and KerbQueryTicketCacheEx2Message until the new Platform SDK - becomes publicly available. - -2004-12-15 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - - Activate support for KerbSubmitTicketMessage - - Activate support for KerbQueryTicketCacheEx2Message - - Add locale support for regions which use MultiByte characters - -2004-11-19 Ken Raeburn <raeburn@mit.edu> - - * cc_mslsa.c (MSCredToMITCred): Don't create an empty array for - addresses, just use a null pointer now. - -2004-11-16 Ken Raeburn <raeburn@mit.edu> - - * cc_retr.c (krb5_cc_retrieve_cred_seq): Temporarily clear the - KRB5_TC_OPENCLOSE flag on the credentials cache while reading - multiple entries from it. - -2004-11-15 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_fcc_get_flags): New function. - (krb5_fcc_ops, krb5_cc_file_ops): Add it. - * cc_memory.c (krb5_mcc_get_flags): New function. - (krb5_mcc_ops): Add it. - * cc_mslsa.c (krb5_lcc_get_flags): New function. - (krb5_lcc_ops): Add it. - * ccfns.c (krb5_cc_get_flags): New function. - -2004-10-07 Jeffrey Altman <jaltman@mit.edu> - * cc_mslsa.c: Fix the forced setting of the Initial Ticket Flag - on Win2000 and add it to XP and 2003 SP1 - -2004-09-17 Jeffrey Altman <jaltman@mit.edu> - * cc_mslsa.c: Fix the error returned when krb5_lcc_start_seq_get() - discovers the cache is empty. Check for the new error in - krb5_lcc_initialize() - -2004-09-10 Jeffrey Altman <jaltman@mit.edu> - * cc_mslsa.c: Implement krb5_lcc_initialize() - Remove all tickets from the cache which have a client - principal that matches the input principal. - -2004-09-10 Jeffrey Altman <jaltman@mit.edu> - * cc_mslsa.c: Correct test for KerbQueryTicketCacheExMessage - -2004-09-09 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: The following functionality is being committed - but commented out because it is not presently - available in public Microsoft SDKs - - support for KerbSubmitTicket which allows a KERB_CRED - message to be forwarded to the LSA. (KERB_SUBMIT_TICKET) - - support for the KerbQueryTicketCacheEx2Message which - adds the Session Key Enctype to the contents of the - response from KerbQueryTicketCacheExMessage. - (HAVE_CACHE_INFO_EX2) - -2004-09-01 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - - Fix MITPrincToMSPrinc to prevent writing to the output - buffer if the input won't fit. - - Add internal UnicodeStringToMITPrinc function - - Rename internal MSPrincToMITPrinc to ExternalNameToMITPrinc - - Rename internal PurgeMSTGT to PurgeAllTickets - - Add internal PurgeTicket2000 - - Add internal PurgeTicketXP - - Since tickets can only be requested via KDC Opt Flags it is - not possible to specifically request the Initial ticket. If - more than one ticket exists which matching service names, - enctypes, and ticket flags the initial ticket flag may not be - set. If the caller requested the initial ticket, set the flag - manually. - - Add preliminary support for krb5_lcc_set_flags - - Modify krb5_lcc_initialize to return success - - Modify krb5_lcc_get_principal to support an LSA cache - which does not contain a TGT when krb5_lcc_resolve is - called. - - Implement krb5_lcc_remove_cred - - -2004-08-27 Ken Raeburn <raeburn@mit.edu> - - * t_cc.c (init_test_cred): Terminate argument list to - krb5_build_principal with NULL, not 0. Patch from Nalin - Dahyabhai. - -2004-08-15 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (struct _krb5_fcc_data): Add new mutex - disk_file_lock and flag file_is_locked. - (krb5_fcc_close_file): Unlock the mutex and clear the flag. - (krb5_fcc_open_file): Acquire the mutex before locking the file, - and set the flag after. - (krb5_fcc_resolve): Initialize the new mutex and flag. - (krb5_fcc_generate_new): Initialize both mutexes and the flag. - (dereference): Destroy the new mutex. - - * cc_file.c: Add buffering on reading. - (FCC_BUFSIZ): New macro. - (struct _krb5_fcc_data): Add new fields buf, valid_bytes, - cur_offset. - (krb5_fcc_resolve, krb5_fcc_generate_new): Initialize - valid_bytes. - (invalidate_cache): New function. - (krb5_fcc_write, krb5_fcc_open_file, krb5_fcc_destroy): Call - invalidate_cache. - (fcc_lseek): New function. - (krb5_fcc_skip_header, krb5_fcc_destroy, krb5_fcc_start_seq_get, - krb5_fcc_next_cred, krb5_fcc_store): Use fcc_lseek instead of - lseek. - (fcc_read): Use and maybe refill the buffer. - (dereference): Zap the contents of the buffer before freeing it. - - * cc_file.c (dereference): Lock mutex around call to - krb5_fcc_close_file. - -2004-08-12 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_fcc_close_file): Change first argument to be an - fcc-data pointer, not a krb5_ccache. All calls changed. - (struct fcc_set): Add a refcount member. (Definition - accidentally introduced without comment in an earlier patch.) - (krb5int_cc_file_mutex, fccs): New variables, for managing a - global list of open credential cache files. - (dereference): New function, with most of old close/destroy - operations. Decrements reference count and only frees the object - and removes it from the global list if the refcount hits zero. - (krb5_fcc_close, krb5_fcc_destroy): Call dereference. - (krb5_fcc_resolve): If a file cache is already open with the same - file name, increment its reference count and don't create a new - one. When a new one is created, add it to the global list. - * cc-int.h (krb5int_cc_file_mutex): Declare. - * ccbase.c (krb5int_cc_initialize): Initialize it. - (krb5int_cc_finalize): Destroy it, and krb5int_mcc_mutex. - -2004-08-05 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c: Remove USE_STDIO support. - -2004-07-25 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: is_windows_xp() should test for major version - > 5 not >= 5. - -2004-07-18 Ezra Peisach <epeisach@mit.edu> - - * cc_memory.c (krb5_mcc_store): When allocating krb5_mcc_link - memory - allocate sizeof() - not sizeof(sizeof()). - -2004-07-16 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c: Don't check for macsock.h. - -2004-07-15 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c (krb5_cc_default, krb5int_cc_default) - Removed default_ccprincipal field from krb5_context - -2004-07-14 Ken Raeburn <raeburn@mit.edu> - - * t_cc.c (cc_test): Rename one of the "resolve" cases so the - messages can be distinguished. - -2004-07-07 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Fix thread safety - -2004-07-07 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: When obtaining a TGT from MSLSA, do not ignore - the cache if the requested enctype is the NULL enctype. - -2004-06-30 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_fcc_data): Added a mutex. - (krb5_fcc_read*, krb5_fcc_write, krb5_fcc_store_*, - krb5_fcc_open_file, krb5_fcc_skip_header, - krb5_fcc_skip_principal): Verify that the mutex is locked. - (MAYBE_OPEN): Verify that the mutex is locked; unlock it if - returning an error. - (krb5_fcc_initialize, krb5_fcc_start_seq_get, - krb5_fcc_get_principal, krb5_fcc_store, krb5_fcc_set_flags): Lock - and unlock the mutex. - (krb5_fcc_close): Likewise. Destroy the mutex when done. - (krb5_fcc_destroy): Merge stdio and non-stdio versions a little - more. Destroy the mutex when done. - (krb5_fcc_resolve): Initialize and lock the mutex. - (krb5_fcc_next_cred): Lock and unlock the mutex. Merge the stdio - and non-stdio branches a little more. - -2004-06-29 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - - is_windows_2000() indicates the OS is Windows 2000 or higher - - is_windows_xp() indicates the OS is Windows XP or higher which - indicates that PKERB_QUERY_TKT_CACHE_EX_RESPONSE and - PKERB_TICKET_CACHE_INFO_EX are available. - - does_retrieve_ticket_cache_ticket() checks to see if a Microsoft - private fix is available which adds a new Cache Flag, - KERB_RETRIEVE_TICKET_CACHE_TICKET, which when set causes the - requested ticket to be stored in the LSA cache even when the - TicketFlags and EncType are not set to 0. - - KerbExternalTicketMatch() is a test to determine if two - Microsoft External Tickets are identical - + use the KerbQueryTicketCacheExMessage LSA call on XP or higher - + specify the KERB_RETRIEVE_TICKET_CACHE_TICKET flag when it is - available - = The combination of both + items will cause the ClientRealm - to be displayed properly for all cross realm tickets obtained - via the MSLSA - - -2004-06-29 Ken Raeburn <raeburn@mit.edu> - - * cc_memory.c (krb5_mcc_free): Don't destroy the mutex here. - -2004-06-28 Ken Raeburn <raeburn@mit.edu> - - * cc_memory.c: Include k5-thread.h. - (krb5int_mcc_mutex): New lock. - (krb5_mcc_store): Rewrite. - (NEED_WINDOWS): Don't define. - (krb5_mcc_*): All functions now static. - (struct _krb5_mcc_data): Delete 'next' pointer. Add a mutex. - (krb5_mcc_*): Lock and unlock the mutex as appropriate. - (struct krb5_mcc_list_node): New type, separates the linked-list - container from the data for individual nodes. - (mcc_head): Now points to krb5_mcc_list_node. - * cc-int.h (krb5int_mcc_mutex): Declare. - * ccbase.c (krb5int_cc_initialize): Initialize it. - -2004-06-24 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_fcc_read_data): Combine stdio and posix versions - of code with gratuitous minor differences. - (krb5_fcc_read_int32, krb5_fcc_next_cred): Likewise. - (krb5_fcc_read_addr): Likewise. Check that filled-in length field - matches the value we tried to store (i.e., that type conversion - didn't throw away information). - (krb5_fcc_read_authdatum): Likewise. - -2004-06-22 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (my_fopen): Function deleted. - (krb5_fcc_open_file): Use fopen, not my_fopen. - -2004-06-21 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Comment out call to FormatMessage() which fails - horribly on non-English systems. We do not need the output - or printf statements as part of a library. Therefore, we - will ignore this for the time being. When we decide we - want to log event to the Event Log then we can properly - implement this function. - -2004-06-18 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Enforce acceptable enctypes by checking against - the default_tgs_enctypes list instead of the permitted_enctypes - list; only enforce the desired enctype when retrieving tickets - to deliver to an application. do not enforce when attempting - to determine the current principal name. this is important - because specifying an enctype results in a TGS_REQ being sent - to the KDC; close memory leak of krb5_cred objects in - krb5_lcc_retrieve(). - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (MAC_SUBDIRS): Don't set. - -2004-05-27 Ezra Peisach <epeisach@mit.edu> - - * ccbase.c: Include cc-int.h. - - * cc-int.h (krb5int_cc_finalize): Add prototypes for - krb5int_cc_{finalize,initialize}. - -2004-05-25 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: GetMSTGT(). Initialize pTicketRequest to NULL - to prevent it being freed prior to allocation. Add krb5_context - parameter to allow krb5_get_permitted_enctype() to be called - instead of using a hardcoded list of enctypes which may change - in the future. - krb5_lcc_get_name(): fix return value if Kerberos is not supported. - - -2004-05-24 Ezra Peisach <epeisach@mit.edu> - - * t_cc.c (cc_test): Clean up memory leaks in tests. - -2004-05-15 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: The FAILED() macro only considered an error - to be a failure if the value is negative. ConstructTicketRequest() - returns positive errors. Do not use FAILED() to test the result. - Fix a potential leak of LSA allocated memory. Fix a leak of - LocalAlloc memory. - -2004-04-24 Ken Raeburn <raeburn@mit.edu> - - * ccbase.c: Include ctype.h. - (cc_typelist_lock): Use the new partial initializer. - (krb5int_cc_initialize): New function; finish the initialization. - (krb5int_cc_finalize): New function; destroy the mutex and free - any storage for registered types. - -2004-04-13 Jeffrey Altman <jaltman@mit.edu> - - * ccbase.c: - Since we have to reserve all the single letter - prefixes make them apply to all platforms - -2004-04-13 Jeffrey Altman <jaltman@mit.edu> - - * ccbase.c: - On Windows, if there is a ccache name provided without - a prefix but which appears to start with a drive letter, - treat it as a FILE: ccache instead of failing with a - ccache type unknown error. - -2004-04-13 Jeffrey Altman <jaltman@mit.edu> - - * ccbase.c: - krb5_cc_resolve() defines a function pointer ccresolver - which must be of type KRB5_CALLCONV - - -2004-04-06 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - In at least one case on Win2003 it appears that it is possible - for the logon session to be authenticated via NTLM and yet for - there to be Kerberos credentials obtained by the LSA on behalf - of the logged in user. Therefore, we are removing the test - for IsKerberosLogon() within krb5_lcc_resolve() - which was meant to avoid the need to perform GetMSTGT() when - there was no possibility of credentials being found. - -2004-03-31 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Add IsWindows2000() function and use it to return - errors whenever the MSLSA: ccache type is used on platforms - older than Windows 2000. This is needed to prevent calls to - the functions loaded from ADVAPI32.DLL and SECUR32.DLL which - do not exist on the Windows 9x platforms. - -2004-03-26 Sam Hartman <hartmans@mit.edu> - - * fcc.h: Remove all but the definition of krb5_cc_file_ops because - the rest is static in cc_file.c - - * Makefile.in (T_file): Remove (no longer builds, no longer used) - -2004-03-25 Sam Hartman <hartmans@mit.edu> - - * cc_file.c (krb5_fcc_generate_new): Use mkstemp not mktemp when possible - -2004-03-18 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - Add missing return statements in krb5_lcc_start_seq_get() - - Return error if principal name cannot be determined during - krb5_lcc_resolve() - - * cc-int.h: - New file - Add prototypes for cc internal functions - - * cc_retr.c - include cc-int.h - -2004-03-05 Ken Raeburn <raeburn@mit.edu> - - * ccbase.c: Include k5-thread.h. - (struct krb5_cc_typelist): Ops pointer now points to const. - (cc_typelist_lock): New mutex var. - (krb5_cc_register, krb5_cc_resolve): Lock it while working with - the type list. - -2004-02-04 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - Remove reference to <ntstatus.h> as it is not present in the August 2001 - Platform SDK used by Pismere. Instead copy the error value. - -2004-02-02 Jeffrey Altman <jaltman@mit.edu> - - * cc_msla.c: - GetMSCacheTicketFromCacheInfo() uses the tktinfo->TicketFlags as the - value to assign to TicketRequest->TicketFlags. This field is blindly - inserted into the kdc-options[0] field of the TGS_REQ. If there are - bits such as TRANSIT_POLICY_CHECKED in the TicketFlags, this will result - in an unknown TGS_OPTION being processed by the KDC. - - This has been fixed by mapping the Ticket Flags to KDC options. - We only map Forwardable, Forwarded, Proxiable, and Renewable. The others - should not be used. - -2004-02-02 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: the MSLSA code was crashing on Pismere machines when - logging on with cross realm credentials. On these machines there are - 8 tickets within the LSA cache from two different realms. One of the - krbtgt/CLIENT-REALM@CLIENT-REALM tickets (not the Initial ticket but - a Forwarded ticket) is inaccessible to the ms2mit.exe and leash32.exe - processes. The attempt to access the ticket returns a SubStatus code - of STATUS_LOGON_FAILURE (0xC000006DL) which is supposed to mean that - the logon attempt was invalid due to bad authentication information. - kerbtray has no problem listing this ticket. The other seven tickets - in the cache including the Initial Ticket are accessible. Modified - krb5_lcc_next_cred() to skip to the next ticket if an attempt to read - a single ticket fails. - -2004-01-31 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Optimize the get next logic by storing a handle to - the MS TGT in the lcc_cursor data structure - -2004-01-31 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Do not return tickets to the caller if they contain - NULL session keys. This is to prevent useless TGTs from being - placed into the MIT credential cache. - -2004-01-30 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: As per extensive conversations with Doug Engert we have - concluded that MS is not specifying a complete set of domain information - when it comes to service tickets other than the initial TGT. What happens - is the client principal domain cannot be derived from the fields they - export. Code has now been added to obtain the domain from the initial - TGT and use that when constructing the client principals for all tickets. - - This behavior can be turned off by setting a registry either on a per-user - or a system-wide basis: - - {HKCU,HKLM}\Software\MIT\Kerberos5 - PreserveInitialTicketIdentity = 0x0 (DWORD) - - -2004-01-06 Jeffrey Altman <jaltman@mit.edu> - - * cc_file.c, cc_memory.c: - Add stub implementations for unimplemented krb5_cc_remove_cred() - Returns KRB5_CC_NOSUPP - - * cc_mslsa.c: - Add implementation for krb5_cc_remove_cred(). Returns KRB5_CC_READONLY. - -2003-12-19 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: fix indirection of a krb5_creds structure which - is passed into MSCredToMITCred(). - -2003-12-18 Jeffrey Altman <jaltman@mit.edu> - - * cc_retr.c: Extract the test to determine if a credential matches - a requested credential according to the specified fields into - a private function: krb5int_cc_creds_match_request() - - * cc_mslsa.c: Extend the functionality of krb5_lcc_retrieve() to - perform a MS Kerberos LSA ticket request if there is no matching - credential in the cache. The MS Kerberos LSA places the following - restriction on what tickets it will place into the LSA cache: - tickets obtained by an application request for a specific - set of kerberos flags or enctype will not be cached. - Therefore, we first make a request with no flags or enctype in - the hope that we will be lucky and get the right ones anyway. - If not, we make the application's request and return that ticket - if it matches the other criteria. - - Implemented a similar technique for krb5_lcc_store(). Since we - can not write to the cache, when a store request is made we - instead perform a ticket request through the lsa for a matching - credential. If we receive one, we return success. Otherwise, - we return the KRB5_CC_READONLY error. - - With these changes I am now able to operate entirely with the MSLSA - ccache as the default cache provided the MS LSA credentials are - for the principal I wish to use. Obviously, one cannot change - principals while the MSLSA ccache is the default. - -2003-12-15 Jeffrey Altman <jaltman@mit.edu> - - * cc_msla.c: Enable purging of the MS Kerberos LSA cache when the TGT - has expired. This will force the LSA to get a new TGT instead of - returning the expired version. - -2003-12-15 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Perform a GetMSTGT() call as part of krb5_lcc_start_seq_get - to ensure that the tgt is refreshed - -2003-12-13 Jeffrey Altman <jaltman@mit.edu> - - * Makefile.in: Remove extranenous spaces in ##WIN32## constructs - defining MSLSA_SRC MSLSA_OBJ - -2003-12-12 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Move ##WIN32## constructs from inside - backslash-continued lists, as it was breaking them. Move explicit - dependency information from under automatic dependencies. - -2003-12-11 Jeffrey Altman <jaltman@mit.edu> - - * Makefile.in, ccbase.c, cc_mslsa.c (new) - - Remove all of the code which was duplicated between ms2mit.c - and the KfW Leash libraries (and who knows how many applications - shipped by third parties) and use it as the basis for a new - krb5_ccache type, "MSLSA:". The "MSLSA:" ccache type is a - read-only ccache which can be used either as a monitor of the - contents of the Microsoft LSA cache or as a source for copying - the contents to another ccache type. The purpose of migrating - this code to the krb5_32.dll is to avoid the need for applications - to be consistently updated each time Microsoft makes a change - to the behavior of the LSA cache. Changes have occurred with - the release of 2000, XP, and 2003 so far. Also, the code for - working with the MS LSA cache is not well documented and many - mistakes were made in the original versions of the ms2mit.c - code base. Unfortunately, the ms2mit.c code has been copied - into many other applications. - - With access to this new ccache type, the ms2mit.c source file - is reduced from 890 lines to 80 lines including the copyright - banner. - -2003-11-26 Jeffrey Altman <jaltman@mit.edu> - - * cc_default.c: Add support for Leash Kinit Dialog on Windows to - krb5int_c_default() - -2003-08-26 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_fcc_store_int32, krb5_fcc_store_ui_4) - (krb5_fcc_store_ui_2, krb5_fcc_store_octet): Remove gratuitous - conditionalizing of casts on USE_STDIO, left over from merge. - -2003-07-22 Sam Hartman <hartmans@mit.edu> - - * ccbase.c: Always register the file credentials cache type. If - we do not, then when USE_CCAPI is defined, it will not be - available. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - ($(OBJFILE)) [##WIN16##]: Omit CP action. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c: Remove Mac header goober and include - k5-int.h after KerberosLoginPrivate.h. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_cc_file_ops, krb5_fcc_ops): Now const. - * fcc.h (krb5_cc_file_ops): Update decl. - * cc_memory.c (krb5_mcc_ops): Now const. - * ccbase.c (krb5_mcc_ops): Update decl. - * ccdefops.c (krb5_cc_dfl_ops): Now points to const. - * t_cc.c (krb5_fcc_ops, krb5_mcc_ops): Update decls. - -2002-09-03 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c, cc_memory.c, cc_retr.c, ccbase.c, cccopy.c, - ccdefault.c, ser_cc.c, t_cc.c: Use prototype style function - definitions. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-15 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (ALLOC): Use calloc, not malloc. - (krb5_fcc_read_principal): Check bounds on number of components - before calling ALLOC. - -2002-08-15 Tom Yu <tlyu@mit.edu> - - * t_cc.c: Remove references to STDIO ccache. - -2002-08-14 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c: Merge in cc_stdio.c, under preprocessor test for - USE_STDIO. - (USE_STDIO): Define it if HAVE_SYS_TYPES_H. - (krb5_change_cache, krb5_get_notification_message): Always - define. - (ALLOC): New macro, with overflow checking. - (krb5_fcc_read_principal, krb5_fcc_read_addrs, - krb5_fcc_read_authdata): Use it, and fix other overflow checks. - (my_fopen): Support non-Mac environments. - (krb5_fcc_open_file) [USE_STDIO]: Always use my_fopen. - (NO_FILE): New macro. All functions changed to test or assign it - rather than -1 or (FILE*)NULL. - (krb5_fcc_read_keyblock, krb5_fcc_read_data): Rewrite bounds - check. - (BINARY_MODE): Always define. - (setvbuf) [!HAVE_SETVBUF]: Define as macro using setbuf. - (krb5_fcc_open_file): Change file descriptor variable to "f" and - combine newly matching stdio and file sections. Use setvbuf - instead of checking whether to use setbuf. - - * cc_stdio.c: Deleted. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Updated. - * ccdefops.c (krb5_cc_dfl_ops) [!USE_CCAPI]: Always use - krb5_fcc_ops. - -2002-08-09 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c: All functions except krb5_change_cache and - krb5_get_notification_message now static. Minor other shuffling - to become more similar to cc_stdio.c. - (krb5_fcc_data): Rename "fd" to "file"; change all uses. - * cc_stdio.c: All functions now static. Rename all krb5_scc_ - functions, data types and macros to use krb5_fcc_ prefix instead. - Minor other shuffling to become more similar to cc_file.c. - (krb5_fcc_data): Rename from krb5_scc_data; reorder some fields. - (krb5_fcc_close_file): Never call fflush on a read-only file. - (BINARY_MODE): New macro. - (krb5_fcc_open_file): Combine ANSI_STDIO and non-ANSI cases - statements by using BINARY_MODE and compile-time string - concatenation. Choose lock flag value separately from call to - krb5_lock_file. - (krb5_fcc_generate_new): Use BINARY_MODE. - -2002-07-09 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c: Put # for cpp directives in first column. - -2002-60-20 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Build cc accessor functions on Windows. - [pullup from 1-2-2-branch] - -2002-06-20 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c: updated to new KLL function name - - * ccdefault.c: swapped include of KerberosLoginPrivate with - k5-int.h to avoid problems with including CoreServices.h after - profile.h and krb.h - - * ccdefault.c: Updated Mac OS X headers to new framework layout - - * ccdefops.c: created #define for USE_CCAPI now that both Mac OS 9 - and Mac OS 10 use ccapi. - - [pullups from 1-2-2-branch] - -2002-04-10 Danilo Almeida <dalmeida@mit.edu> - - * cc_file.c: Use _WIN32 instead of _WINSOCKAPI_ because - _WINSOCKAPI_ depends on the Winsock header used (i.e., Winsock 2 - does not define this). What we are really trying to check for is - Win32. Include port-sockets.h for Win32. (NOTE: Why is - NEED_SOCKETS being defined after the inclusion of k5-int.h? That - is pretty useless... What we probably should do is more - consitently used NEED_SOCKETS instead of manually putting in - network code. However, some people would probably have issues - with the build being slower...) - -2001-10-10 Ezra Peisach <epeisach@mit.edu> - - * cc_file.c (krb5_fcc_read): Remove const from fourth argument to - function to match prototype earlier in file. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c, cc_memory.c, cc_stdio.c, ser_cc.c: Make prototypes - unconditional. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c, cc_stdio.c: Delete _MSDOS (win16) support. - - * cc_memory.c, ccbase.c, ccdefault.c, ccfns.c: Don't explicitly - declare pointers FAR any more. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c, ccbase.c, cccopy.c, ccdefault.c, fcc.h, ser_cc.c: - Don't use KRB5_DLLIMP. - -2000-10-30 Tom Yu <tlyu@mit.edu> - - * cc_stdio.c: Add a "mode" field to krb5_scc_data to keep track of - what mode the file was opened in. - (krb5_scc_close_file): Ignore EBADF from fflush() if the file was - opened for readonly access. For some reason NetBSD's fflush() - exhibits this behavior. - (krb5_scc_open_file): Save the mode with which the file was opened - in data->mode. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * cc_stdio.c, cc_file.c: Unsigned/signed int cleanup. - -2000-10-03 Ezra Peisach <epeisach@mit.edu> - - * ser_cc.c (krb5_ccache_externalize): Use krb5_cc_get_name instead - of krb5_rc_get_name on credential cache. - - * cc_file.c (krb5_fcc_get_name): - * cc_stdio.c (krb5_scc_get_name): - * cc_memory.c (krb5_mcc_get_name): - * ccfns.c (krb5_cc_get_name): Declare as returning const char *. - -2000-09-25 Ezra Peisach <epeisach@mit.edu> - - * cc_file.c ccbase.c, cc_stdio.c, cc_retr.c, cc_memory.c: More - signed/unsigned fixes. - -Sat Sep 23 23:42:32 2000 Ezra Peisach <epeisach@mit.edu> - - * t_cc.c: Code cleanup. Test more failure modes of the cache library. - - * cccopy.c (krb5_cc_copy_creds): Memory leak. Call krb5_cc_end_seq_get. - - * cc_file.c (krb5_fcc_generate_new): Set flags to - KRB5_TC_OPENCLOSE, otherwise parts of the library assumes that the - file is open, when it is not. - - * cc_stdio.c (krb5_scc_generate_new): Same as cc_file.c change. - - -2000-09-22 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (check-unix): Build and exectute t_cc. - - * t_cc.c: Test harness for memory, stdio and file caches. - -2000-07-20 Danilo Almeida <dalmeida@mit.edu> - - * cc_file.c, cc_stdio.c: Remove unused krb5_[fs]cc_default_name() - prototype. - - * cc_stdio.c: Fix calling convention for op functions. - - * ccfns.c (krb5_cc_get_type): Fix calling convention. - - * Makefile.in: Change ${CC} and ${OBJS} to $(CC) and $(OBJS) so - nmake does not freak out. - -2000-07-19 Ken Raeburn <raeburn@mit.edu> - - * cc_memory.c (mcc_head): Combine static declaration and - initialization. - -2000-07-14 Ken Raeburn <raeburn@mit.edu> - - * t_stdio.c, t_file.c, t_memory.c: Test cases copied from old - subdirectories. Currently unused. - * Makefile.in (t_stdio): New target, basically same as 'test' in - old stdio/Makefile.in. - * file, memory, stdio: Subdirectories deleted. - - * cc_file.c, cc_stdio.c, cc_memory.c: New files, built from source - files of appropriate subdirectories. - * fcc.h, scc.h: New files, copied from subdirectories; temporary. - * ccfns.c: New file, implementing what used to be krb5_cc_* macros - in krb5.h. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Updated. - (LOCAL_SUBDIRS): Now empty. - (LOCALINCLUDES): Remove file and stdio subdirs. - (MAC_SUBDIRS): Remove file, stdio, memory. - (##DOS## stuff, clean-windows): Delete file and memory parts. - - * cc_memory.c (mcc_head): Now static. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * ccdefault.c: Add newline at end of file (compiler warning) - -2000-5-31 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c: Changed kerberosPrincipal_V5 to kerberosVersion_V5 - to reflect the new constant name. - -2000-4-26 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c: Added version number to internal Kerberos Login - Library routine. - -2000-4-13 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c: Added Kerberos Login library support (with ifdefs - to control whether or not it is on. Also added support to store a - krb5_principal in the os_context along with the default ccache - name (if known, this principal is the same as the last time we - looked at the ccache. * ccdefname.c: Added support to store a - krb5_principal in the os_context along with the default ccache - name (if known, this principal is the same as the last time we - looked at the ccache. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-08-23 Ken Raeburn <raeburn@mit.edu> - - * cc_retr.c: New file. - (krb5_cc_retrieve_cred_seq): New function, derived from - fcc_retrieve but takes an optional list of enctypes to look for in - priority order. - (krb5_cc_retrieve_cred_default): New function. Same signature as - original fcc_retrieve but if new flag KRB5_TC_SUPPORTED_KTYPES is - set, calls krb5_get_tgs_ktypes to get a list of enctypes to look - for. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Add it. - -Tue May 18 19:52:56 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Remove - from recursive Win32 make invocation. - -Mon May 17 14:11:45 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Clean ccapi subdirectory in clean-windows target. - -Mon May 10 15:24:08 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1999-03-31 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * ccdefops.c: Change the default ccache type under windows to be - original FILE ccache type; this will get set to ccapi if - the krbcc32.dll can be found. - -Mon Feb 8 21:53:37 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in: Enable the ccapi directory for windows builds. - - * ccdefops.c: Make the ccapi the default ccache type for Windows - machines. - -1999-01-26 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Add ccapi to the include path so we can find stdcc.h - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Sat Dec 5 01:20:31 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in, ccdefops.c: Temporarily back out the ccapi ccache - under Windows so we can make sure the rest of the krb5 - tree builds correctly under Windows. (Note: I didn't - revert lib/krb5/os/ccdefname.c, so setting KRB5_CC_NAME to - FILE:C:\tmp\tkt is required to make things work.) - -1998-08-24 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Add windows build instructions to build CCache API - Cache implementation. - -Fri Aug 20 18:30:00 1998 Miro Jurisic <meeroh@mit.edu> - * Added Frank's CCache API cache implementation and made - it default on the Mac - -Thu Jul 30 13:12:30 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * ccbase.c: Enable memory ccache (merge adapted from Kerbnet) - -1998-05-27 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Add ccache/memory as a directory to be recursively - built by this makefile under Windows. - -Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Changed thisconfigdir to point at the lib/krb5 - directory, since we've moved the configure.in tests in - this directory to the toplevel lib/krb5 configure.in - -Wed Feb 18 16:19:12 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Thu Feb 12 16:17:46 1998 Tom Yu <tlyu@mit.edu> - - * configure.in: Add commented out AC_OUTPUT to force autoreconf to - rebuild the configure script. - -Wed Feb 11 22:56:49 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - - * configure.in: Create the makefiles for all of the subdirectories - and move all of the configure.in tests from the - subdirectories into this configure.in. - -Sat Dec 6 02:26:16 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Add cccopy.c. - - * cccopy.c: New file; krb5_cc_copy_creds from Cygnus. - -Mon Sep 15 15:14:16 1997 Ezra Peisach <epeisach@mit.edu> - - * ccbase.c (krb5_cc_resolve): Incoming cache name is const. - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - - * ccbase.c, ccdefault.c: - DLL export basic ccache functions - -Thu Jan 2 16:57:35 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new lib build procedure. - -Thu Jun 6 00:04:38 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (all-windows): Don't pass $(LIBCMD) on the command - line. It's set in the windows.in prologue for all - Makefiles anyway. - -Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Folded in danw's changes to allow - building Makefiles for the Macintosh. We now can build - MPW makefiles which are interpreted by CodeWarrior. - -Fri Nov 3 21:12:31 1995 Theodore Y. Ts'o <tytso@dcl> - - * configure.in: Added memory subdirectory - -Fri Oct 6 22:03:30 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Sep 25 16:56:30 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Tue Aug 29 13:35:23 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in, .Sanitize, ser_cc.c - Add new ccache handle serialization - routines. - -Fri Jun 9 19:31:13 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. Use DO_SUBDIRS to - recurse down subdirectories. - -Fri May 26 20:19:26 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for building shared libraries. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * ccbase.c: removed unneeded INTERFACE from non-api functions. - -Wed Mar 22 11:47:49 1995 <tytso@rsx-11.mit.edu> - - * Makefile.in (CFLAGS): Make -I options work when the build and - source tree are different. - -Fri Mar 17 19:19:07 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (LDFLAGS): Remove, duplicates config/pre.in. - (CFLAGS): Add -I options for file and stdio, to avoid paths in - #include statements. - (all-mac, clean-mac): Add. - * ccdefops.c: Avoid includes with pathnames, since they don't work - on the Mac. Configure the default cache based on whether the - system has <sys/types.h> (which defines types for low-level file - operations, among other things). - * configure.in (CONFIG_DIRS): Build stdio before file, for Mac - convenience (where file doesn't build). - -Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: cleaned up for the PC - -Tue Mar 7 19:53:05 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: take out ISODE_DEFS. - -Tue Mar 7 15:55:12 1995 Keith Vetter (keithv@fusion.com) - - * ccbase.c, ccdefault.c: added window INTERFACE keyword. - * Makefile.in: made to work on the PC. - -Tue Feb 28 00:35:33 1995 John Gilmore (gnu at toad.com) - - * ccbase.c, ccdefault.c: Avoid <krb5/...> includes. - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Added krb5_context to all krb5_routines - -Thu Oct 13 17:23:08 1994 Theodore Y. Ts'o (tytso@maytag) - - * configure.in: Add ISODE_DEFS - |