diff options
Diffstat (limited to 'src/lib')
51 files changed, 0 insertions, 29428 deletions
diff --git a/src/lib/ChangeLog b/src/lib/ChangeLog deleted file mode 100644 index eb4bdc8c1..000000000 --- a/src/lib/ChangeLog +++ /dev/null @@ -1,832 +0,0 @@ -2006-03-27 Ken Raeburn <raeburn@mit.edu> - - * krb5_32.def: Add the new error-message functions. - -2006-02-24 Jeffrey Altman <jaltman@mit.edu> - - * Makefile.in: support for 64-bit Windows builds - -2005-10-31 Jeffrey Altman <jaltman@mit.edu> - - * gssapi32.def: export missing functions - gss_krb5_set_allowable_enctypes - gss_krb5_export_lucid_sec_context - gss_krb5_free_lucid_sec_context - -2005-06-20 Ken Raeburn <raeburn@mit.edu> - - Novell merge. - * Makefile.in (LOCAL_SUBDIRS): Build kdb after rpc. - * krb5.saber.source: Deleted. - -2005-04-22 Jeffrey Altman <jaltman@mit.edu> - - * win_glue.c: Remove calls to WSAStartup/WSACleanup because - they can result in deadlocks when called from DllMain(). - -2005-04-13 Ken Raeburn <raeburn@mit.edu> - - * win_glue.c (NEED_SOCKETS): Don't define. - -2005-02-16 Jeffrey Altman <jaltman@mit.edu> - - * gssapi32.def: export the missing DATA symbols - -2005-01-03 Jeffrey Altman <jaltman@mit.edu> - - * krb5_32.def: export krb5_is_thread_safe() - -2004-12-18 Jeffrey Altman <jaltman@mit.edu> - - * krb5_32.def: mark krb5_principal2salt as using the wrong - calling convention. - -2004-12-15 Jeffrey Altman <jaltman@mit.edu> - - *.cvsignore, Makefile.in: rename krb5support32.def to k5sprt32.def - -2004-09-24 Tom Yu <tlyu@mit.edu> - - * Makefile.in (RCFLAGS): Add -I$(SRCTOP) to get patchlevel.h. - -2004-06-18 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SLIBS, SDEF, S_GLUE, COMERR_GLUE, PROF_GLUE, - SGLUE): New variables. - (NO_GLUE): Deleted. - (CGLUE, PGLUE): Use new separate glue files instead of no_glue. - (SRES) [WIN32]: New variable. - ($(SRES), $(SLIB)) [WIN32]: New targets. - ($(CLIB), $(PLIB), $(KLIB), $(GLIB)) [WIN32]: Depend on and link - against $(SLIB) too. - ($(SDEF)): New target. Generate Windows export list from common - symbol list. - ($(COMERR_GLUE), $(PROF_GLUE), $(S_GLUE)): New targets. - - * win_glue.c (control): Reference add/remove_error_table only if - building for krb4 library. Add calls to library init/fini - functions for other libraries. For support library, also call a - hook function on DLL_THREAD_DETACH. If no recognized - library-specific macro is defined, don't compile. - (DllMain): Do call control() on DLL_THREAD_DETACH. - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (MAC_SUBDIRS): Don't set. - (all-mac, clean-mac): Targets deleted. - -2004-06-15 Ken Raeburn <raeburn@mit.edu> - - * exports.crypto, exports.des425, exports.kdb5, exports.krb5: - Unused files deleted. - -2004-03-31 Jeffrey Altman <jaltman@mit.edu> - - * Makefile.in: Delay Load the ADVAPI32.DLL and SECUR32.DLL libraries - to enable the KRB5_32.DLL to load on Windows 9x systems which do - not support the LSA Kerberos functionality. - -2004-03-08 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LOCAL_SUBDIRS): Renamed from MY_SUBDIRS. - -2004-02-26 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (MY_SUBDIRS): Add apputils. - (CLEANLIBS): Add libapputils.a. - -2003-12-18 Jeffrey Altman <jaltman@mit.edu> - - * krb5_32.def: Remove exports added on 2003-12-13. Moved - to krb5int_accessor - -2003-12-13 Jeffrey Altman <jaltman@mit.edu> - - * krb4_32.def: Remove exports from KfM not yet compiled in KfW - krb_ad_tkt, krb_pw_tkt, kuserok, tkt_string, FSp_xxx - - * krb5_32.def: Add exports of private functions necessary for - building new gssapi32.dll: - krb5int_c_mandatory_cksumtype ; PRIVATE GSSAPI k5-int.h - krb5_ser_pack_int64 ; PRIVATE GSSAPI k5-int.h - krb5_ser_unpack_int64 ; PRIVATE GSSAPI k5-int.h - -2003-12-11 Jeffrey Altman <jaltman@mit.edu> - - * Makefile.in: Add secur32.lib to libraries necessary to build - krb5_32.dll. Necessary to support the new MSLSA ccache type. - -2003-12-08 Jeffrey Altman <jaltman@mit.edu> - - * krb4_32.def: Add exports for functions exported by KfM - -2003-07-21 Alexandra Ellwood <lxs@mit.edu> - - * krb5_32.def: Export krb5_principal2salt. - -2003-07-18 Jeffrey Altman <jaltman@mit.edu> - - * gssapi32.def: Export GSS OID constants - -2003-07-09 Alexandra Ellwood <lxs@mit.edu> - - * krb5_32.def: Export krb5_get_permitted_enctypes and - krb5_set_real_time for Samba. - -2003-05-27 Ken Raeburn <raeburn@mit.edu> - - * krb5_32.def: Add krb5_524_convert_creds. - -2003-05-08 Sam Hartman <hartmans@mit.edu> - - * krb5_32.def: Add krb5_c_string_to_key_with_params - -2003-05-09 Tom Yu <tlyu@mit.edu> - - * krb5_32.def: Add krb5_auth_con_getrecvsubkey, - krb5_auth_con_getsendsubkey, krb5_auth_con_setrecvsubkey, - krb5_auth_con_setsendsubkey. - -2003-04-15 Sam Hartman <hartmans@mit.edu> - - * krb5_32.def: Add krb5_set_password and krb5_set_password_using_ccache - -2003-02-10 Tom Yu <tlyu@mit.edu> - - * Makefile.in (K4LIBS): Revert previous. - - * krb5_32.def: Add afs_string_to_key, which is now needed by the - krb4 library. - - * Makefile.in (K4LIBS): Add des425.lib. - -2003-01-17 Ken Raeburn <raeburn@mit.edu> - - * krb5_32.def: Export krb5_rc_close, krb5_free_enc_tkt_part, and - krb5_decrypt_tkt_part, for GSSAPI. - -2003-01-12 Tom Yu <tlyu@mit.edu> - - * krb5_32.def: Merge from 1-2-2-branch. - -2003-01-06 Sam Hartman <hartmans@mit.edu> - - * krb5_32.def: Export krb5_auth_con_*_checksum_func - -2002-12-02 Tom Yu <tlyu@mit.edu> - - * win_glue.c: Put kadm_err.et references back in. - -2002-11-18 Tom Yu <tlyu@mit.edu> - - * win_glue.c (control): Remove references to the "kadm" error - table for now. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-06-25 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (MY_SUBDIRS): Don't list krb5util. - (CLEANLIBS): Don't delete libkrb5util.a. - -2002-06-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (WINLIBS): Use ws2_32.lib instead of wsock32.lib. - -2001-11-16 Sam Hartman <hartmans@mit.edu> - - * krb5_32.def: Export krb5_set_default_tgs_enctypes - -2001-10-15 Danilo Almeida <dalmeida@mit.edu> - - * krb5_32.def: Add krb5_kt_* functions: krb5_kt_close, - krb5_kt_get_entry, krb5_kt_get_name, krb5_kt_get_type, - krb5_kt_start_seq_get, krb5_kt_next_entry, and krb5_kt_end_seq_get. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (RCFLAGS): Don't define _MSDOS_. - - * win_glue.c: Don't explicitly declare pointers FAR any more. - -2001-07-27 Danilo Almeida <dalmeida@mit.edu> - - * gssapi32.def: Do no export gss_mech_krb5. - -2001-07-27 Danilo Almeida <dalmeida@mit.edu> - - * gssapi32.def: Export gss_mech_krb5 as DATA. Mark all exported - variables as DATA. - -2001-01-22 Danilo Almeida <dalmeida@mit.edu> - - * krb5_32.def: Add krb5_rc_close() so gssapi builds. - -2000-07-29 Danilo Almeida <dalmeida@mit.edu> - - * krb5_32.def: Add missing krb5_cc_store_cred(). - -2000-07-20 Danilo Almeida <dalmeida@mit.edu> - - * krb5_32.def: Add krb5_cc_* functions. - -2000-07-19 Danilo Almeida <dalmeida@mit.edu> - - * krb4_32.def: Add krb_in_tkt. - - * krb5_32.def: Add krb5int_accessor. - -2000-06-02 Danilo Almeida <dalmeida@mit.edu> - - * win_glue.c (GetCallingAppVerInfo, krb5_vercheck): Use - APPVERINFO_SIZE-sized buffers instead of hard-coding a number - everywhere. Document the buffer size in funciton documentation. - - * krb5_32.def: Add krb5int_cc_default for the benefit of GSS API DLL. - -2000-05-23 Nalin Dahyabhai <nalin@redhat.com> - - * win_glue.c (GetCallingAppVerInfo): Don't overfill buffers - "AppTitle", "AppVer", and "AppIni". - -2000-05-15 Jeffrey Altman <jaltman@columbia.edu> - - * krb5_32.def -- Added exports for new public functions - - krb5_appdefault_string - krb5_appdefault_boolean - -2000-05-04 Danilo Almeida <dalmeida@mit.edu> - - * krb5_32.def: Reflect something closer to the reality of - what we would like to do for 1.3. - -2000-05-03 Nalin Dahyabhai <nalin@redhat.com> - - * win_glue.c (do_timebomb): Don't overflow buffer "buf". - -2000-04-29 Jeffrey Altman <jaltman@columbia.edu> - - * krb5_32.def: Add krb5_get_tgs_ktypes, krb5_free_ktypes for gssapi - -2000-03-15 Danilo Almeida <dalmeida@mit.edu> - - * krb5_32.def: Add krb5_get_prompt_types. - -2000-02-01 Danilo Almeida <dalmeida@mit.edu> - - * krb5_32.def: Replace decode_krb5_ticket with krb5_decode_ticket. - Add documentation about adding things to DEF file. - -1999-12-03 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Use DLL_LINKOPTS to link DLL. Remove dependence of - mit directory for version server support. Remove references to - SAP. Remove DNS defines. - - * winsock.def, comerr16.def, gssapi16.def, krb4_16.def, - krb5_16.def, sapgss16.def, sapkrb16.def, xpprof16.def: Remove - obsolete DEF files. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-08-26 Danilo Almeida <dalmeida@mit.edu> - - * krb5_32.def: Export krb5_kuserok. - -1999-07-22 Jeffrey Altman <jaltman@columbia.edu> - - * krb5_32.def - add additional exports: - - krb5_address_search - krb5_auth_con_getrcache - krb5_c_enctype_compare - -1999-06-30 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Fix jaltman's changes so they don't break the unix - build. - -1999-06-16 Danilo Almeida <dalmeida@mit.edu> - - * krb5_32.def: Add krb5_get_default_config_files and - krb5_free_config_files. - -1999-06-08 Danilo Almeida <dalmeida@mit.edu> - - * win_glue.c (krb5_vercheck): Only do version checking once per - use of the DLL. - -Tue May 18 19:52:56 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Remove - from recursive Win32 make invocation. - -Mon May 17 19:50:53 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Use only one resource file per binary. - - * krb5.rc: Remove silly _MSDOS #ifdef. - -Mon May 17 12:37:25 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Get rid of win16 support/clutter. Build separate - resource files for each library. Link resource files - directly instead of excplicitly converting to object - files. - -Wed May 12 00:27:37 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * gssapi32.def: Add krb5-specific extensions so they are exported - from the DLL. - -Mon May 10 15:14:34 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -Fri May 7 18:27:08 1999 Danilo Almeida <dalmeida@mit.edu> - - * xpprof32.def, krb4_32.def, gssapi32.def, comerr32.del: Remove - Win16 directives to get rid of warnings. - -Fri May 7 12:10:50 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * xpprof32.def: Add profile_abandon to the list of exported - functions. - -Sat Apr 17 01:21:15 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * krb5_32.def: Add krb5_cc_set_default_name to the list of - exported functions. - - * gssapi32.def: Add krb5 specific extension functions: - gss_krb5_get_tkt_flags, gss_krb5_copy_ccache, and - gss_krb5_ccache_name... to the list of exported functions - in the DLL. - -1999-03-31 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * win_glue.c (control): Call krb5_stdcc_shutdown when detaching - the krb5 library. - - * Makefile.in: Remove reference to the windows Krbcc32.dll - library, since this is now dynamically loaded. - -Mon Feb 8 22:08:22 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in: Link in the ccapi import library under windows. - - * krb5_16.def, krb5_32.def: Added a number of miscellaneous - functions to the DLL exports list so that things build - under Windows again. - -1999-01-27 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in, configure.in: Move the responsibility for - generating the Makefile in this directory to the top-level - configure script. The local configure.in script has been - deleted. - -Sat Dec 5 01:11:00 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * krb5_32.def: Fixed exports file to reflect new crypto library - and related changes. - -1998-05-26 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * krb5_32.def: Change the DLL export list to include - krb5_auth_con_setrcache, krb5_get_server_rcache, - krb5_cc_default_name, krb5_change_password, - krb5_mcc_ops, and all of the Cygnus - krb5_get_init_creds functions. Remove the old libkadm - functions, as they are no longer available. - -Sun May 24 22:31:39 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (CLEANLIBS): Remove lib/kadm from the list of - directories built in the windows build. - -Wed Feb 18 16:04:58 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (thisconfigdir): Remove trailing slash. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in: Use AC_CONFIG_DIRS instead of CONFIG_DIRS, and - remove use of DO_SUBDIRS. - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Wed Nov 19 10:33:19 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (clean-unix): Do not remove libraries here as the - Makefile that created the symlink now removes it. - -Tue Oct 21 23:29:18 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * win_glue.c: Add checks so that code doesn't bomb out if the - version resource is missing a Title or Version record. - -Fri Aug 1 22:03:24 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in, krb5.rc, version.rc: Add support for adding a - Windows Version resource to all of the DLL files. - -Tue Jul 29 23:09:31 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in: Remove msvcrt.lib from the explicit WINLIBS link - line since we're now using /MD and have removed the - /nodefaultlibs switch. For now, build debug versions of - the libraries. - - * krb5_16.def, krb5_32.def, sapkrb16.def: Add decode_krb5_ap_req - to the exported functions list, since the GSSAPI krb5 - mechanism routine needs access to this internal routine. - -Thu May 1 22:56:04 1997 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in, win_glue.c, sapkrb16.def, sapkrb32.def: Write - special case hack for the SAP kerberos libraries since we - can't make the version server code correctly read out the - version resource from SAPGUI.EXE for some reason.... - -Tue Apr 29 06:22:03 1997 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * win_glue.c (CallVersionServer): Add code to get the version - resource from the calling application and use that to call - the Version server. - -Fri Mar 28 01:51:09 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * gssapi16.def, gssapi32.def: Added the V2 calls - gss_canonicalize_name(), gss_export_name(), - gss_duplicate_name() to the list of calls exported by the - DLL. - -Wed Mar 19 14:15:42 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in: Fix up name of the SAP Kerberos glue library to be - platform dependent (sapkrb16.dll, sapkrb32.dll). Fix - makefile rules to work correctly after NT port. - -Mon Mar 3 14:52:58 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (MAC_SUBDIRS): Change KRB5 to krb5 for Mac subdirs. - -Tue Feb 25 01:03:41 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: krb5_32.lib now also depends on gdi32.lib - -Thu Feb 20 23:30:32 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Build krb4 dll; it built all the objs (win16/32) - -Mon Feb 17 19:40:55 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Build krb4 library under Win16/Win32 - * krb4_16.def krb4_32.def: DLL definition files for krb4 library - * krb5_16.def krb5_32.def: Export various des routines (krb4 dll) - * win_glue.c: krb4 library support added - -Fri Feb 14 16:40:03 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Build separate ComErr DLL - * comerr16.def comerr32.def: ComErr exported API - * krb5_16.def krb5_32.def: Removed ComErr/Win16 entries - * no_glue.c: Dummy stub for ComErr (win16/win32) - * win_glue.c: Win32 DLL startup/exit code added - -Sat Feb 8 12:21:53 1997 Richard Basch <basch@lehman.com> - - * krb5_16.def krb5_32.def: - Export krb5_get_credentials_renew,krb5_get_credentials_validate - - * Makefile.in: - Use WLIB definition in config/windows.in - Attempt at making a functional SAP library build - -Tue Feb 4 15:52:34 1997 Richard Basch <basch@lehman.com> - - * krb5_16.def krb5_32.def: New ComErr interface definitions - - * gssapi32.def krb5_32.def: - Remove unsupported statements (EXETYPE, RESIDENTNAME) - - * gssapi16.def krb5_16.def: Need to declare the library name (win16) - -Thu Jan 30 21:27:07 1997 Richard Basch <basch@lehman.com> - - * krb5_16.def krb5_32.def: - Export krb5_decrypt, krb5_encrypt, - krb5_string_to_key, krb5_process_key, krb5_finish_key, - krb5_init_random_key, krb5_finish_random_key, - krb5_random_key, krb5_eblock_enctype - * Makefile.in - Win32 - Link against MSVCRT.LIB (runtime library) - -Sat Dec 21 01:23:48 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * win_glue.c: Change the timebomb to be June 1, 1997. Make the - timebomb exit the application more gracefully. - -Fri Dec 20 18:20:32 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * krb5_16.def: Change name of library in file to be krb5_16.def - [PR#302] - -Sat Nov 23 00:25:25 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * libkrb5.def: Renamed to krb5_16.def [PR#204] - - * Makefile.in (all-windows): Change name of dll from krb5_16.dll, - which will be the final name of the DLL. [PR#204] - -Wed Nov 20 18:28:47 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (clean-windows): Change the name of the Windows (16) - dll to be krb516.dll, instead of libkrb5.dll - -Fri Jul 12 20:32:29 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * win_glue.c: Added TIMEBOMB_INFO string which tells the user the - URL to look for more information about getting the new - version of the product. - -Wed Jul 10 20:32:22 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * win_glue.c (krb5_win_do_init): New routine which does the - timebomb and version server checking. Windows 3.1 doesn't - allow you to do any messaging calls in LibMain, so the - timebomb and version server code was moved to - krb5_win_do_init(), which is called by krb5_init_context(). - -Tue Jul 9 17:31:57 1996 Marc Horowitz <marc@mit.edu> - - * configure.in (CONFIG_DIRS): add rpc subdir - -Tue Jul 9 16:44:22 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * win_glue.c: Add a quick hack so we can time-bomb the libkrb5.dll - and sapkrb5.dll when we compile them at MIT. - - * Makefile.in (sap_glue.obj): Build the sapkrb5.dll with the - timebomb enabled (since we couldn't get the version server - code working). - -Wed Jun 12 12:52:30 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (lib-windows): Replace spaces with tab - -Mon Jun 10 23:40:48 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in (lib-windows): Add production rule for sapkrb5.dll. - Don't include config/windows.in, since that's included - by wconfig. - - * win_glue.c: Add a quick hack for krb5-SAP so that we call - the version server --- this is conditionalized on - SAP_VERSERV, which is only defined when we build - sapkrb5.dll. - -Sat Jun 8 09:58:41 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Remove kdb4 library building - -Thu Jun 6 00:04:38 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (all-windows): Don't pass $(LIBCMD) on the command - line. It's set in the windows.in prologue for all Makefiles anyway. - -Tue May 7 20:18:13 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: libdes425 now depends on libkrb5. - -Fri Mar 15 15:21:32 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (CLEANLIBS): Add libkrb5util.a and libgssapi.a - -Thu Feb 29 16:49:33 1996 Theodore Y. Ts'o <tytso@dcl> - - * win_glue.c: Make sure WSACleanup() is called when the DLL exits. - Note that calls to WSAStartup and WSACleanup must be in - matched pairs. If there is a missing WSACleanup call when - a program exits, under Lan Workplace, the name resolver - will stop working. - -Tue Feb 27 18:47:17 1996 Theodore Y. Ts'o <tytso@dcl> - - * gssapi.def: We have implemented gss_inquire_names_for_mech, not - gss_inquire_mechs_for_name. - -Sat Feb 24 18:47:41 1996 Theodore Y. Ts'o <tytso@dcl> - - * gssapi.def: Add new GSSAPI V2 calls. (XXX we still need to get - the official function numbers defined for them.) - -Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Folded in danw's changes to allow - building Makefiles for the Macintosh. We now can build - MPW makefiles which are interpreted by CodeWarrior. - -Sun Dec 3 11:50:09 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Move krb5 before krb4 and add krb5util. - -Wed Oct 25 14:56:26 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (lib-windows): For the windows, add the oldnames - library to the link lines for gssapi.dll and libkrb5.dll - -Tue Oct 10 21:45:51 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Added the "/nod" option to the gssapi.dll and - libkrb5.dll linker commands. This prevents the linker - from searching the llibcew.lib library for some externals - which are already in ldllcew.lib. This is what we want - since we are building a DLL. Without the "/nod" option we - get a bunch of duplicate definitions. - -Fri Sep 29 14:19:44 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (CLEANLIBS): Clean up make clean procedures. The - files to be removed are defined in CLEANLIBS, for both the - Unix and Mac platforms. - -Mon Sep 25 16:26:53 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - - * configure.in: Remove custom MAKE_SUBDIRS line with the - standard DO_SUBDIRS rule, which works now that we're - revamping how the foo-$(WHAT) system works. - -Wed Jul 12 12:25:15 EDT 1995 Paul Park (pjpark@mit.edu) - * configure.in - Temporarily add --with-kdb4 to select building of - kdb4 directory. Default is disabled. - - -Thu Jun 15 17:57:26 EDT 1995 Paul Park (pjpark@mit.edu) - * configure.in - Do not build K4 directories if we're not supposed to. - Remove LinkFile() logic and put it in each subdirectory. - -Wed Jun 14 07:36:46 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (clean-unix): Remove shared library symlinks - - * configure.in: Create symlinks to libdes425.a - If shared libraries enabled, symlink the .so libraries - -Fri Jun 9 18:53:30 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Sun Jun 4 20:50:31 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Change order of library building to allow for - proper dependency order for shared libraries. - -Tue May 30 18:54:42 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: removed des425 stuff for Windows. - -Tue May 30 17:38:47 1995 Keith Vetter (keithv@fusion.com) - - * libkrb5.def: added missing kadm routine name. - -Tue May 30 10:21:21 1995 Keith Vetter (keithv@fusion.com) - - * libkrb5.def: added kadm exported routines. - -Fri May 26 10:18:04 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: add kadm directory for the PC. - -Tue May 23 22:25:03 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (clean-unix): Remove symlinks to libkrb4.a and - libkdb4.a. - -Tue May 2 21:39:26 1995 Tom Yu (tlyu@dragons-lair) - - * Makefile.in: nuke spurious whitespace from blank line - - -Fri Apr 28 15:32:54 EDT 1995 Paul Park (pjpark@mit.edu) - Add kadm to list of directories to be built. - -Thu Apr 27 14:31:01 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: make links for libkrb4 and libkdb4. - -Wed Apr 27 11:00:00 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: need to include profile.lib in the DLL. - -Thu Apr 27 13:32:35 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: add kdb4 directory. - -Thu Apr 27 11:54:19 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: add krb4 directory (still needs to be - conditionalized on unix) - -Thu Apr 20 12:16:50 1995 Keith Vetter (keithv@fusion.com) - - * win_glue.c: include k5-int.h instead of krb5.h. - -Mon Apr 17 17:47:07 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: forgot about the rule to make gssapi.lib on the PC. - -Wed Apr 12 14:40:30 1995 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in, configure.in: Move dependency for all-$WHAT back - into Makefile.in so that the Windows port can pick up the - line (since it doesn't use configure). Instead, change - the name of target which causes the subdirectories to be - built under Unix, and make that a dependency for all-unix. - Gross, but this should fix things for both DOS and Windows. - -Thu Apr 13 16:56:50 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in, libkrb5.def, gssapi.def (new): - Spec says we need a gssapi.dll & gssapi.lib. - * Makefile.in: re-inserted make-$(ALL) rule. - -Wed Apr 5 16:27:53 1995 Keith Vetter (keithv@fusion.com) - - * libkrb5.def: added krb5_us_timeofday to export list - -Fri Mar 31 16:15:59 1995 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in, configure.in: Move the dependency which causes - all-$(WHAT) to be built so that it occurs after the "make - all" subdirectories rule. - -Thu Mar 30 15:46:23 1995 Keith Vetter (keithv@fusion.com) - - * libkrb5.def: removed the masses of exported files, leaving just - the ones needed by telnet and cns plus the gssapi ones. - -Tue Mar 28 18:26:01 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (clean-mac): Add. - * configure.in (LinkFile's): Put `./' on libraries to ease Mac - translation. - (AppendRule all-unix): Rename from AppendRule all. - -Thu Mar 23 14:26:35 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: also produces a map for the dll. - -Tue Mar 21 18:59:15 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: added xxx-MAC targets for macintosh compatibility, - and added gssapi to libkrb5 dll. - * libkrb5.def: added gssapi routines to the export section. - -Thu Mar 16 15:00:00 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: fixed up a typo. - -Wed Mar 15 22:45:33 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: I had missed some dependencies on the PC build. - -Wed Mar 15 20:45:33 1995 Keith Vetter (keithv@fusion.com) - - * libkrb5.def, winsock.def, win_glue.c: new files for making DLL. - * Makefile.in: On the PC it recurses into all subdirs and builds - libkrb5.dll. - -Tue Feb 28 01:33:52 1995 John Gilmore (gnu at toad.com) - - * glue4.c: Avoid <krb5/...> includes. - -Thu Oct 6 20:06:06 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Add recursive "make check" target. - -Mon Oct 3 23:38:03 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Don't build the krb425 library. It is deprecated. - -Fri Sep 30 16:35:16 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: Also delete libkdb5.a on make clean. - -Thu Aug 4 03:39:23 1994 Tom Yu (tlyu@dragons-lair) - - * Makefile.in: make install fixes - diff --git a/src/lib/apputils/ChangeLog b/src/lib/apputils/ChangeLog deleted file mode 100644 index 4bac8bfb1..000000000 --- a/src/lib/apputils/ChangeLog +++ /dev/null @@ -1,18 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use K5_AC_INIT instead of AC_INIT. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBBASE): Renamed from LIB. - -2004-02-26 Ken Raeburn <raeburn@mit.edu> - - * New directory. - * Makefile.in, configure.in, dummy.c, daemon.c: Moved here from - util/apputils. - diff --git a/src/lib/ccapi/ChangeLog b/src/lib/ccapi/ChangeLog deleted file mode 100644 index aaa59da72..000000000 --- a/src/lib/ccapi/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2004-10-27 Jeffrey Altman <jaltman@mit.edu> - - * Initial commit of C CCAPI implementation - diff --git a/src/lib/ccapi/client/ChangeLog b/src/lib/ccapi/client/ChangeLog deleted file mode 100644 index aaa59da72..000000000 --- a/src/lib/ccapi/client/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2004-10-27 Jeffrey Altman <jaltman@mit.edu> - - * Initial commit of C CCAPI implementation - diff --git a/src/lib/ccapi/client/mac/ChangeLog b/src/lib/ccapi/client/mac/ChangeLog deleted file mode 100644 index aaa59da72..000000000 --- a/src/lib/ccapi/client/mac/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2004-10-27 Jeffrey Altman <jaltman@mit.edu> - - * Initial commit of C CCAPI implementation - diff --git a/src/lib/ccapi/client/windows/ChangeLog b/src/lib/ccapi/client/windows/ChangeLog deleted file mode 100644 index aaa59da72..000000000 --- a/src/lib/ccapi/client/windows/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2004-10-27 Jeffrey Altman <jaltman@mit.edu> - - * Initial commit of C CCAPI implementation - diff --git a/src/lib/ccapi/include/ChangeLog b/src/lib/ccapi/include/ChangeLog deleted file mode 100644 index aaa59da72..000000000 --- a/src/lib/ccapi/include/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2004-10-27 Jeffrey Altman <jaltman@mit.edu> - - * Initial commit of C CCAPI implementation - diff --git a/src/lib/ccapi/mac/ChangeLog b/src/lib/ccapi/mac/ChangeLog deleted file mode 100644 index aaa59da72..000000000 --- a/src/lib/ccapi/mac/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2004-10-27 Jeffrey Altman <jaltman@mit.edu> - - * Initial commit of C CCAPI implementation - diff --git a/src/lib/ccapi/server/ChangeLog b/src/lib/ccapi/server/ChangeLog deleted file mode 100644 index aaa59da72..000000000 --- a/src/lib/ccapi/server/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2004-10-27 Jeffrey Altman <jaltman@mit.edu> - - * Initial commit of C CCAPI implementation - diff --git a/src/lib/ccapi/server/mac/ChangeLog b/src/lib/ccapi/server/mac/ChangeLog deleted file mode 100644 index aaa59da72..000000000 --- a/src/lib/ccapi/server/mac/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2004-10-27 Jeffrey Altman <jaltman@mit.edu> - - * Initial commit of C CCAPI implementation - diff --git a/src/lib/ccapi/server/windows/ChangeLog b/src/lib/ccapi/server/windows/ChangeLog deleted file mode 100644 index aaa59da72..000000000 --- a/src/lib/ccapi/server/windows/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2004-10-27 Jeffrey Altman <jaltman@mit.edu> - - * Initial commit of C CCAPI implementation - diff --git a/src/lib/ccapi/unit-test/ChangeLog b/src/lib/ccapi/unit-test/ChangeLog deleted file mode 100644 index aaa59da72..000000000 --- a/src/lib/ccapi/unit-test/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2004-10-27 Jeffrey Altman <jaltman@mit.edu> - - * Initial commit of C CCAPI implementation - diff --git a/src/lib/ccapi/windows/ChangeLog b/src/lib/ccapi/windows/ChangeLog deleted file mode 100644 index aaa59da72..000000000 --- a/src/lib/ccapi/windows/ChangeLog +++ /dev/null @@ -1,4 +0,0 @@ -2004-10-27 Jeffrey Altman <jaltman@mit.edu> - - * Initial commit of C CCAPI implementation - diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog deleted file mode 100644 index 7c837afb1..000000000 --- a/src/lib/crypto/ChangeLog +++ /dev/null @@ -1,1121 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-01-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_nfold$(EXEEXT)): Include support library. - -2006-01-11 Sam Hartman <hartmans@mit.edu> - - * keyblocks.c (krb5int_c_free_keyblock): Remove krb5_callconv modifier - -2005-11-28 Tom Yu <tlyu@mit.edu> - - * t_cts.c, vectors.c: Don't include krb5.h. - -2005-11-17 Ken Raeburn <raeburn@mit.edu> - - * t_hmac.c, t_pkcs5.c: Don't include krb5.h. - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use K5_AC_INIT instead of AC_INIT. - -2005-05-24 Ken Raeburn <raeburn@mit.edu> - - * keyblocks.c (krb5int_c_free_keyblock): Call - krb5int_c_free_keyblock_contents instead of - krb5_free_keyblock_contents. - -2005-05-19 Sam Hartman <hartmans@mit.edu> - - * keyblocks.c : File to contain memory management for keyblocks - moved from libkrb5 - - * Makefile.in (SRCS): keyblocks.c is new - - * etypes.c: Add PRF for AES - - * Makefile.in (t_prf$(EXEEXT)): New output for prf test framework - -2005-05-18 Sam Hartman <hartmans@mit.edu> - - * Makefile.in : Add prf.c - - * prf.c t_prf.c: New file - - * etypes.c: Adjust structures to support the PRF declarations. - -2005-03-15 Jeffrey Altman <jaltman@mit.edu> - - * keyed_cksum.c: (krb5_c_is_keyed_cksum): this is a boolean - function. It should not return -1U on error. Instead return - 0 (false) so that the caller doesn't think it succeeded. - - The only two callers are rd_safe and mk_safe. Neither checks - for special cases. - -2005-01-13 Ken Raeburn <raeburn@mit.edu> - - * prng.c (krb5int_prng_init): Incorporate do_yarrow_init body. - Don't check inited variable. - (inited): Variable deleted. - (krb5_c_random_make_octets, krb5int_prng_cleanup): Don't check - it. - (do_yarrow_init): Deleted. - -2005-01-12 Tom Yu <tlyu@mit.edu> - - * prng.c (read_entropy_from_device): Use ssize_t, not size_t, so - read() returning -1 doesn't cause trouble. - -2004-11-17 Ken Raeburn <raeburn@mit.edu> - - * prng.c (do_yarrow_init): Move mutex initialization here. - (krb5int_prng_init): Don't do it here. - -2004-11-15 Sam Hartman <hartmans@mit.edu> - - * t_prng.expected t_prng.reseedtest-expected : Update expected - PRNG test output and confirm that reseeds and gates happen correctly. - -2004-10-29 Ken Raeburn <raeburn@mit.edu> - - * prng.c (yarrow_lock): Rename to krb5int_yarrow_lock via macro, - and change to be non-static. - (krb5int_prng_init): Call do_yarrow_init here. - (krb5_c_random_add_entropy): Don't call it here. Don't lock the - mutex, either. - (krb5_c_random_make_octets): Don't lock the mutex. - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (MAC_SUBDIRS): Don't set. - -2004-06-15 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SHLIB_DIRS, SHLIB_EXPLIBS, SHLIB_EXPDEPLIBS): Set - to depend on the new support library. - (SHLIB_LIBS): Don't define. - (SHLIB_RDIRS): Set. - - * configure.in: Use BUILD_LIBRARY_WITH_DEPS instead of the no-deps - version. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBBASE): Renamed from LIB. - -2004-06-02 Ken Raeburn <raeburn@mit.edu> - - * prng.c (init_once): Variable deleted. - (krb5_c_random_add_entropy): Do the initialization once, using - the yarrow_lock mutex instead of k5_once to protect it. - -2004-05-24 Ezra Peisach <epeisach@mit.edu> - - * t_nfold.c (fold_kerberos): Change nbytes argument to unsigned. - - * t_encrypt.c (compare_results): Declare static. - (main): Free allocated memory before exit. - -2004-05-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_encrypt, t_prng, t_hmac, t_pkcs5, vectors, - t_cts): Link test programs against thread support library. - -2004-05-12 Ken Raeburn <raeburn@mit.edu> - - * libk5crypto.exports: Add the DES tables back in; libdes425 uses - them directly. - -2004-05-07 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Check for endian.h and machine/endian.h. - -2004-04-30 Ken Raeburn <raeburn@mit.edu> - - * crypto_libinit.c (initialized): Variable deleted. - (cryptoint_initialize_library, cryptoint_cleanup_library): Use new - macros for automatic shared library init/fini functions. - (prng_cleanup): Declaration deleted. - (krb5int_prng_init, krb5int_prng_cleanup): Declare. - (cryptoint_initialize_library): Call krb5int_prng_init. - (krb5int_crypto_init): New function, checks that - cryptoint_initialize_library was called successfully. - (cryptoint_cleanup_library): Call krb5int_prng_cleanup only if the - initializer ran. - * crypto_libinit.h: Deleted. - * prng.c: Include k5-thread.h. - (init_once, init_error, yarrow_lock): New variables. - (krb5int_prng_init): New function; finish initializing the mutex - lock. - (do_yarrow_init): New function. - (krb5_c_random_add_entropy): Call it once only. Lock the mutex - before processing the input. - (krb5_c_random_make_octets): Lock the mutex before extracting - random bytes. - (krb5int_prng_cleanup): Destroy the mutex. - - * Makefile.in (LIBINITFUNC, LIBFINIFUNC): New variables. - - * libk5crypto.exports: Drop the library init/fini functions and - the DES tables from the export list. - -2004-04-22 Ken Raeburn <raeburn@mit.edu> - - * libk5crypto.exports: New file. - -2004-03-22 Ken Raeburn <raeburn@mit.edu> - - * pbkdf2.c (hmac1): Make a local copy of the supplied keyblock - structure, in case we want to modify it. - -2004-03-17 Ken Raeburn <raeburn@mit.edu> - - * prng.c (krb5int_prng_cleanup): Renamed from prng_cleanup. - * crypto_libinit.c: Include k5-int.h. - (cryptoint_cleanup_library): Updated call. - -2004-03-04 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't check for --enable-athena and don't define - ATHENA_DES3_KLUDGE. - -2004-02-24 Sam Hartman <hartmans@avalanche-breakdown.mit.edu> - - * etypes.c: Remove ENCTYPE_LOCAL_DES3_HMAC_SHA1 - -2004-02-18 Ken Raeburn <raeburn@mit.edu> - - * block_size.c, checksum_length.c, cksumtype_to_string.c, - coll_proof_cksum.c, decrypt.c, encrypt.c, encrypt_length.c, - enctype_compare.c, enctype_to_string.c, hmac.c, - keyed_checksum_types.c, keyed_cksum.c, make_checksum.c, - make_random_key.c, nfold.c, old_api_glue.c, prng.c, - string_to_cksumtype.c, string_to_enctype.c, string_to_key.c, - valid_cksumtype.c, valid_enctype.c, verify_checksum.c: Use ANSI C - style function definitions. - -2004-02-13 Ken Raeburn <raeburn@mit.edu> - - * t_encrypt.c (compare_results): New function. - (main): Use it to check decryption results against the original - plaintext. When testing with cipher state, encrypt and then - decrypt (and verify) two messages. - * Makefile.in (t_encrypt$(EXEEXT)): Depend on CRYPTO_DEPLIB. - -2004-02-09 Ken Raeburn <raeburn@mit.edu> - - * t_cts.c (test_cts): Process encryption and decryption IVs - separately, make sure they match, and display the value. - -2003-12-13 Ken Raeburn <raeburn@mit.edu> - - * etypes.c (krb5_enctypes_list): Fill in required_ctype field. - * mandatory_sumtype.c: New file. - * Makefile.in (SRCS, OBJS, STLIBOBJS): Build it. - -2003-07-22 Ken Raeburn <raeburn@mit.edu> - - * block_size.c (krb5_c_block_size): Read new numeric fields for - key/block/hash sizes instead of calling functions. - * checksum_length.c (krb5_c_checksum_length): Likewise. - * combine_keys.c (krb5int_c_combine_keys, dr): Likewise. - * hmac.c (krb5_hmac): Likewise. - * make_checksum.c (krb5_c_make_checksum): Likewise. - * make_random_key.c (krb5_c_make_random_key): Likewise. - * pbkdf2.c (hmac1): Likewise. - * string_to_key.c (krb5_c_string_to_key_with_params): Likewise. - * t_hmac.c (hmac1): Likewise. - -2003-07-13 Ken Raeburn <raeburn@mit.edu> - - * pbkdf2.c (foo): Never call com_err. - -2003-06-25 Ken Raeburn <raeburn@mit.edu> - - * checksum_length.c (krb5_c_checksum_length): Handle trunc_size. - -2003-06-23 Ken Raeburn <raeburn@mit.edu> - - * cksumtypes.c (krb5_cksumtypes_list): Add aes128/256 hmacs, with - new trunc_size field. - - * make_checksum.c (krb5_c_make_checksum): If trunc_size is - specified, shrink the computed checksum down to the indicated - size. - -2003-06-05 Sam Hartman <hartmans@mit.edu> - - * string_to_key.c (krb5_c_string_to_key_with_params): Only allow - AFS s2k for DES enctypes - -2003-05-15 Sam Hartman <hartmans@mit.edu> - - * combine_keys.c (enctype_ok): new function to determine if we support combine_keys for a particular enctype - -2003-05-13 Ken Raeburn <raeburn@mit.edu> - - * etypes.c (krb5_enctypes_list): Add names aes128-cts and - aes256-cts as aliases. - -2003-05-13 Sam Hartman <hartmans@mit.edu> - - * t_encrypt.c: Add aes enctypes - -2003-05-08 Sam Hartman <hartmans@mit.edu> - - * string_to_key.c: Move krb5_c_string_to_key_with_params to krb5.h - -2003-04-13 Ken Raeburn <raeburn@mit.edu> - - * pbkdf2.c (krb5int_pbkdf2): Provide a temporary buffer for the - output from F, if the remaining space in the output buffer isn't - big enough. Free the temporary buffers before returning. - - * etypes.c (krb5_enctypes_list): Use krb5int_aes_encrypt_length, - and krb5int_aes_dk_encrypt, and krb5int_aes_dk_decrypt for AES. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * prng.c: use Unix randomness sources on Mac OS X. - -2003-03-05 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (OBJFILELIST, OBJFILEDEP) [##DOS]: Add aes.lst. - (all-windows, clean-windows, check-windows): Process aes - directory. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * etypes.c: Include aes_s2k.h. - (krb5_enctypes): Add AES enctypes. Update s2k function names. - * pbkdf2.c (krb5int_pbkdf2): Now static. Output data descriptor - is const. - (krb5int_pbkdf2_hmac_sha1_128, krb5int_pbkdf2_hmac_sha1_256): - Deleted. - * string_to_key.c (krb5_c_string_to_key_with_params): Renamed from - krb5_c_string_to_key, takes new params argument and passes it - through. Declare before use. - (krb5_c_string_to_key): New function, passes null params. - - * t_pkcs5.c (test_pbkdf2_rfc3211): Update calls to - krb5int_pbkdf2_hmac_sha1 for new API. - * vectors.c (test_mit_des_s2k): Update krb5_des_string_to_key call - for new API. - * Makefile.in: Update dependencies. - -2003-03-03 Ken Raeburn <raeburn@mit.edu> - - * pbkdf2.c (F): Now takes krb5_data for password and salt. - (krb5int_pbkdf2, krb5int_pbkdf2_hmac_sha1, - krb5int_pbkdf2_hmac_sha1_128, krb5int_pbkdf2_hmac_sha1_256): - Likewise, and for output also. - * vectors.c (test_pbkdf2): Calls updated. - (main): Run pbkdf2 tests. - -2003-02-03 Ken Raeburn <raeburn@mit.edu> - - * aes: New directory, containing AES implementation from Brian - Gladstone, tweaked a little for the krb5 build system. - * configure.in: Build its makefile. - * Makefile.in (LOCAL_SUBDIRS, LOCALINCLUDES, STOBJLISTS, - SUBDIROBJLISTS): Add aes entries. - - * t_cts.c: New test file. - * Makefile.in (EXTRADEPSRCS): Add t_cts. - (t_cts$(EXEEXT)): New rule. - - * Makefile.in (SRCS, OBJS, STLIBOBJS): Add pbkdf2. - (EXTRADEPSRCS): Remove pbkdf2.c. - (t_pkcs5$(EXEEXT)): Don't list pbkdf2.$(OBJEXT). - - * t_nfold.c (fold_kerberos): New function. - (main): Call it with different lengths. - * vectors.c: Include ctype.h and hash_provider.h. - (test_nfold, test_mit_des_s2k, test_s2k, test_dr_dk): Test case - data now static and const. - (test_nfold): Add "Q" and "ba" tests from Simon Josefsson. - (GCLEF): New macro. - (test_mit_des_s2k): Add GCLEF test case. Fill in "key" at run - time, not as initialization. - (test_s2k): Added GCLEF test case. - (krb5int_enc_aes128, krb5int_enc_aes256): Declare. - (combine_keys, test_des3_combine, k5_des3_make_key): Functions - deleted. - (whoami): New variable. - (printd, printk): New functions. - (test_pbkdf2): New function. - (main): Initialize whoami. Test nfold only for now. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't explicitly invoke AC_PROG_ARCHIVE, - AC_PROG_ARCHIVE_ADD, AC_PROG_RANLIB, AC_PROG_INSTALL. - - * configure.in: Use V5_AC_OUTPUT_MAKEFILE instead of - K5_GEN_MAKEFILE and K5_AC_OUTPUT. - - * Makefile.in: Add AC_SUBST_FILE marker for lib_frag and libobj_frag. - -2002-12-23 Ezra Peisach <epeisach@bu.edu> - - * pbkdf2.c, t_encrypt.c, t_hmac.c, t_nfold.c: Cleanup unused - variables. Signed vs unsigned cleanup. Ensure variables set before - use. - -2002-12-19 Ken Raeburn <raeburn@mit.edu> - - * old_api_glue.c (krb5_encrypt, krb5_decrypt, - krb5_calculate_checksum, krb5_verify_checksum): Clean up use of - "const" in API. - -2002-12-06 Ezra Peisach <epeisach@bu.edu> - - * Makefile.in (clean): Clean up more test executables and object - files. - -2002-11-03 Ken Hornstein <kenh@cmf.nrl.navy.mil> - - * combine_keys.c: Fix up calling convention to match prototype - in k5-int.h - -2002-10-31 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (check-unix): Don't run t_pkcs5. - -2002-10-24 Ken Hornstein <kenh@cmf.nrl.navy.mil> - - * Makefile.in, combine_keys.c: New file to implement - key-combination algorithm. - -2002-10-09 Ken Raeburn <raeburn@mit.edu> - - * pbkdf2.c, t_hmac.c, t_pkcs5.c: New files. - * Makefile.in (EXTRADEPSRCS): New variable. - (t_hmac$(EXEEXT), t_pkcs5$(EXEEXT), vectors$(EXEEXT)): New - targets. - (check-unix): Depend on and run t_hmac and t_pkcs5. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-22 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SUBDIROBJLISTS): New variable. - -2002-06-19 Ezra Peisach <epeisach@bu.edu> - - * Makefile.in (clean): Add t_prng and t_prng.o - -2002-06-07 Alexandra Ellwood <lxs@mit.edu> - - * crypto_libinit.h: Changed macros so you can include - crypto_libinit.h and krb5_libinit.h at the same time. - [pullup from 1-2-2-branch] - -2002-04-05 Ken Raeburn <raeburn@mit.edu> - - * coll_proof_cksum.c (krb5_c_is_coll_proof_cksum): Rename function - from is_coll_proof_cksum, keeping old name as a wrapper function. - * keyed_cksum.c (krb5_c_is_keyed_cksum): Likewise. - * valid_cksumtype.c (krb5_c_valid_cksumtype): Likewise. - * valid_enctype.c (krb5_c_valid_enctype): Likewise. - -2002-03-28 Sam Hartman <hartmans@mit.edu> - - * t_encrypt.c (main): Test krb5_init_keyblock - -2002-01-14 Sam Hartman <hartmans@mit.edu> - - * t_prng.expected: Update to be correct for 0 MSW in v_i calculation. - -2002-01-08 Sam Hartman <hartmans@tir-na-nogth.mit.edu> - - * prng.c (krb5_c_random_os_entropy): Implement. - -2001-12-05 Ezra Peisach <epeisach@mit.edu> - - * t_encrypt.c (main): Free memory when finished to test for memory - leaks. - -2001-11-20 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (check-unix): Use $(srcdir) in file specification - for input to t_prng. - -2001-11-19 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (check-unix): Run t_prng - -2001-11-19 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do yarrow subdir on Windows. - -2001-11-19 Sam Hartman <hartmans@mit.edu> - - * t_prng.c (main): Fix seeding bug in t_prng - - * t_prng.reseedtest: New test; description in t_prng.reseedtest-comments - - * t_prng.c (main): If we request 0 bytes of output don't try to - get output - -2001-11-15 Sam Hartman <hartmans@mit.edu> - - * t_prng.c: New file for PRNG tests - - * prng.c (krb5_c_random_seed): Deprecated in favor of - krb5_c_random_add_entropy - -2001-11-14 Sam Hartman <hartmans@mit.edu> - - * prng.c : adapt to yarrow - -2001-11-09 Sam Hartman <hartmans@mit.edu> - - * configure.in Makefile.in: Generate makefile for yarrow - -2001-11-07 Ken Raeburn <raeburn@mit.edu> - - * state.c (krb5_c_init_state, krb5_c_free_state): Use - KRB5_CALLCONV. - -2001-11-06 Sam Hartman <hartmans@tir-na-nogth.mit.edu> - - * state.c: New file - - * default_state.c: New file. - -2001-10-29 Jeff Altman <jaltman@columbia.edu> - - * Makefile.in - Windows configuration for src/lib/crypto/arcfour - directory - -2001-10-24 Ezra Peisach <epeisach@mit.edu> - - * t_encrypt.c: Argument to krb5_c_encrypt_length must be size_t - instead of int (which is the length in krb5_data) or unaligned - access occurs on Dec OSF machines. - -2001-10-23 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (RUN_SETUP): Include so make check works correctly - - * etypes.c: Add Heimdal aliases arcfour-hmac-md5 - - * cksumtypes.c: hmac-md5-rc4 keyed checksum added - - * etypes.c: arcfour-hmac enctype added - - * configure.in Makefile.in : New subdir: arcfour - - * verify_checksum.c (krb5_c_verify_checksum): Add usage argument to verify call - -2001-10-22 Sam Hartman <hartmans@mit.edu> - - * make_checksum.c (krb5_c_make_checksum): Include key usage - -2001-10-19 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (check-unix): Run t_encrypt - - * t_encrypt.c: New file to contain generic encryption system - black-box tests ; currently primitive, but useful for rc4 work - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * block_size.c, checksum_length.c, cksumtype_to_string.c, - coll_proof_cksum.c, decrypt.c, encrypt.c, encrypt_length.c, - enctype_compare.c, enctype_to_string.c, keyed_checksum_types.c, - keyed_cksum.c, make_checksum.c, make_random_key.c, old_api_glue.c, - prng.c, string_to_cksumtype.c, string_to_enctype.c, - string_to_key.c, valid_cksumtype.c, valid_enctype.c, - verify_checksum.c: Don't use KRB5_DLLIMP. Don't explicitly - declare pointers FAR any more. - -2001-09-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SRCS): Use $(srcdir) not $(subdir). - -2001-07-08 Ezra Peisach <epeisach@mit.edu> - - * crypto_libinit.c: Include crypto_libinit.h for prototypes. - -2001-07-05 Ken Raeburn <raeburn@mit.edu> - - * vectors.c: Include string.h. - (printhex, printstringhex, printdata, printkey, test_nfold, - test_mit_des_s2k, test_s2k, test_des3_s2k, test_des3_combine): Now - static. - (test_nfold): Pass unsigned first arg to printhex. - (test_mit_des_s2k, test_s2k, combine_keys, test_des3_combine, - spew_keys, test_dr_dk): Change structure field initializations to - assignments, to be palatable to more compilers. - (test_s2k): Remove superfluous argument to printf. - (test_des3_combine): Return type is void. - (keyToData): Drop "inline" spec. - (main): Only run some of the tests. - -2001-06-21 Ken Raeburn <raeburn@mit.edu> - - * vectors.c: New file. - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * t_nfold.c (main): Cast argument to printf to be consistant with - format. - -2001-04-10 Ken Raeburn <raeburn@mit.edu> - - * make_checksum.c (krb5_c_make_checksum): Add cast assigning to - krb5_data data field. - * make_random_key.c (krb5_c_make_random_key): Likewise. - * hmac.c (krb5_hmac): Likewise. - * old-api_glue.c (krb5_init_random_key, krb5_decrypt_data): - Likewise. - * prng.c (krb5_c_make_random_octets): Likewise. - * verify_checksum.c (krb5_c_verify_checksum): Likewise. - - * prng.c (krb5_c_random_seed): Cast argument to krb5_nfold. - - * keyed_cksum.c (is_keyed_cksum): Use -1U to keep compiler quiet, - since return type is not signed. - -2001-03-14 Ken Raeburn <raeburn@mit.edu> - - * t_nfold.c: Include assert.h. - (printhex, printstringhex, rfc_tests): New routines. - (ASIZE): New macro. - (main): Call rfc_tests. - -2001-03-10 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * make_random_key.c, old_api_glue.c: Do not use a variable named - random that might shadow a system header file definition. - -2001-03-09 Ken Raeburn <raeburn@mit.edu> - - * cksumtypes.c, etypes.c, prng.c: Use krb5int_ prefix for internal - "provider" structures. - -2001-03-05 Ken Raeburn <raeburn@mit.edu> - - * prng.c: Clean up some comments. - (enc): Use des3 now. - - * decrypt.c, encrypt.c, hmac.c, make_checksum.c, nfold.c, - old_api_glue.c, string_to_key.c, verify_checksum.c: Use const - instead of krb5_const. - -2001-01-29 Ken Raeburn <raeburn@mit.edu> - - * make_checksum.c (krb5_c_make_checksum): Clear checksum contents - pointer after freeing it in error case. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * nfold.c (krb5_nfold): inbots and outbits are now unsigned int. - - * prng.c: Local variable random_count is now unsigned int. - -2000-06-30 Ezra Peisach <epeisach@mit.edu> - - * crypto_libinit.c: Add prototype for prng_cleanup(). - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * prng.c (prng_cleanup): Ensure memory allocated before calling free. - -2000-06-03 Tom Yu <tlyu@mit.edu> - - * Makefile.in(LIBMAJOR, LIBMINOR): Bump library version. - -2000-05-31 Wilfredo Sanchez <tritan@mit.edu> - - * configure.in, nfold.c: Check for existance of <memory.h>. - [from Nathan Neulinger <nneul@umr.edu>] - -2000-01-24 Tom Yu <tlyu@mit.edu> - - * crypto_libinit.c: Add terminating newline; use 0 and 1 instead - of false and true. - -Fri Jan 21 22:47:00 2000 Miro Jurisic <meeroh@mit.edu> - - * Makefile.in: added crypto_libinit.[co] - * crypto_libinit.[ch]: new files, contain library initialization - and cleanup code - -2000-01-21 Ken Raeburn <raeburn@mit.edu> - - * cksumtypes.c (krb5_cksumtypes_list, krb5_cksumtypes_length): Now - const. - * cksumtypes.h (krb5_cksumtypes_list, krb5_cksumtypes_length): - Updated decls. - * etypes.c (krb5_enctypes_list, krb5_enctypes_length): Now const. - * etypes.h (krb5_enctypes_list, krb5_enctypes_length): Updated - decls. - * make_random_key.c (krb5_c_make_random_key): Pointers to - enc_provider table now point to const. - * prng.c (enc): Now static and const, and points to const. - * string_to_key.c (krb5_c_string_to_key): Ditto. - - * hmac.c (krb5_hmac): Put extra parens around if(a=b) constructs - to keep gcc happy. - * make_random_key.c (krb5_c_make_random_key): Ditto. - * old_api_glue.c (krb5_encrypt, krb5_decrypt, krb5_random_key, - krb5_calculate_checksum, krb5_verify_checksum, krb5_encrypt_data, - krb5_decrypt_data): Ditto. - * prng.c (krb5_c_random_make_octets): Ditto. - * string_to_key.c (krb5_c_string_to_key): Ditto. - * verify_checksum.c (krb5_c_verify_checksum): Ditto. - - * make_checksum.c: Include dk.h. - - * nfold.c (krb5_nfold): Delete unused variables. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-08-26 Tom Yu <tlyu@mit.edu> - - * etypes.c: Add aliases "des" for "des-cbc-md5", "des3-hmac-sha1" - and "des3-cbc-sha1-kd" for "des3-cbc-sha1". - - * cksumtypes.c: Add alias "hmac-sha1-des3-kd". - -1999-08-18 Tom Yu <tlyu@mit.edu> - - * etypes.c: Update des3-cbc-sha1 to alignt with new number - assignments. - - * cksumtypes.c: Update hmac-sha1-des3 to align with new number - assignments. - -Tue May 18 19:52:56 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Remove - from recursive Win32 make invocation. - -Mon May 10 15:15:00 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -Tue Jan 5 00:06:02 1999 Tom Yu <tlyu@mit.edu> - - * make_checksum.c (krb5_c_make_checksum): Note the fact that we're - punting on dealing with backwards compat with length-included - checksums. - - * etypes.c: Add ENCTYPE_LOCAL_DES3_HMAC_SHA1 as a temporary - kludge. Note that this is added to the end of the array so other - code can lop off the last member of the array and the right thing - will happen so that it is possible to disable des3-marc-hmac-sha1 - from the KDC command line, for instance. - - * configure.in: Conditionalize ATHENA_DES3_KLUDGE on - --enable-athena. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Thu Dec 3 23:37:28 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in: Added missing "cd .." necessary for making this - compile under Windows. Also added missing *.lst files to - OBJFILELIST. - -Fri Nov 6 10:23:32 1998 Ezra Peisach <epeisach@mit.edu> - - * keyhash_provider/Makefile.in: Fix to allow building out of the - source tree. - -Tue Sep 22 21:19:01 1998 Tom Yu <tlyu@mit.edu> - - * prng.c (krb5_c_random_make_octets): Fix to nfold into 15 bytes, - not one byte. - -Mon Sep 21 15:23:19 1998 Tom Yu <tlyu@mit.edu> - - * prng.c (krb5_c_random_seed): Fix memory leak. - -Mon Sep 14 23:21:17 1998 Tom Yu <tlyu@mit.edu> - - * old/decrypt.c (krb5_old_decrypt): Fix memory leak. - -Tue Sep 1 19:33:38 1998 Tom Yu <tlyu@mit.edu> - - * etypes.c: Add ETYPE_LOCAL_DES3_HMAC_SHA1 to deal with marc's - des3 code. ETYPE_DES3_HMAC_SHA1 remains the same for now. - -Mon Aug 17 23:40:11 1998 Tom Yu <tlyu@mit.edu> - - * keyhash_provider/k5_md4des.c (k5_md4des_verify): Add - compatibility for krb5-beta5 checksums. - - * keyhash_provider/k5_md5des.c (k5_md5des_verify): Add - compatibility for krb5-beta5 checksums. Fix typos similar to - those corrected in k5_md4des.c. - -Sun Jul 19 12:00:00 1998 Marc Horowitz <marc@mit.edu> - - * *.c: replace the crypto layer. - -Wed Apr 15 18:02:44 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (LIB): Rename to k5crypto. - -Wed Feb 18 16:05:11 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 15:19:37 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define LOCAL_SUBDIRS to recurse into the - subdirectories (crc32, md5, os, etc.) - - * configure.in: Create the makefiles for all of the subdirectories - and move all of the configure.in tests from the - subdirectories into this configure.in. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in: Use AC_CONFIG_DIRS instead of CONFIG_DIRS, and - remove use of DO_SUBDIRS. - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Tue Oct 14 15:34:44 1997 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * Makefile.in: Bump major version due to possible size changes. - -Fri Feb 21 18:40:13 1997 Sam Hartman <hartmans@tertius.mit.edu> - - * Makefile.in (OBJS): Move in crypto_glue.c as krb5_glue.c; avoid - libcrypto depending on libkrb5 - - -Sat Feb 22 01:37:23 1997 Sam Hartman <hartmans@luminous.MIT.EDU> - - * Makefile.in (LIBMINOR): Bump minor version - -Sun Dec 29 21:52:44 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to use new library build procedure. - -Sat Nov 23 00:22:20 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * cryptoconf.c: Also zero out the entries in cryptoconf, to make - sure no one tries to use triple DES and SHA. - -Fri Nov 22 20:49:13 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in (enableval): Disable triple DES and SHA, since - what's there isn't the final triple DES. [PR#231] - -Mon Nov 18 20:38:24 1996 Ezra Peisach <epeisach@mit.edu> - [krb5-libs/201] - * configure.in: Set shared library version to 1.0. - -Thu Jun 6 00:04:38 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (all-windows): Don't pass $(LIBCMD) on the command - line. It's set in the windows.in prologue for all Makefiles anyway. - -Thu Jun 6 00:03:05 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (MAC_SUBDIRS): Include sha in the list of - subdirectories for the Macintosh - -Mon May 20 10:59:23 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * Makefile.in (libcrypto.$(STEXT): deal with new improved - libupdate - -Sat May 18 13:34:01 1996 Ezra Peisach (epeisach@paris) - - * des3_sha.c: Add static keywords in function declarartions to - match earlier declarations. - -Tue May 14 15:14:20 1996 Richard Basch <basch@lehman.com> - - * cryptoconf.c: - replaced sha-des3 cksum with hmac-sha - - * des_crc.c des_md5.c: - set the length field of the cksum structure. - - * des3_sha.c: - Increase the confounder length to 24 bytes. - Set the length of the cksum structure. - -Fri May 10 01:34:46 1996 Richard Basch <basch@lehman.com> - - * configure.in cryptoconf.c des3_sha.c: - Support enctype-des3-sha, cksum-sha, cksum-sha-des3 - - * Removed des3_md5.c (and all des3-md5 support). - -Tue Apr 30 00:38:14 1996 Ken Raeburn <raeburn@cygnus.com> - - * Makefile.in (libcrypto.$(STEXT)): Remove before creating. - -Thu May 2 18:48:35 1996 Richard Basch <basch@lehman.com> - - * des3_md5.c des3_raw.c: use the new common random routines for - des & des3 (the old des3 routines have been removed) - -Sat Mar 30 22:52:46 1996 Theodore Y. Ts'o <tytso@dcl> - - * cryptoconf.c: Fixed comments describing the various checksum - types. (Added numbers, and fixed a mistake in a - description of an undefined checksum type.) - -Thu Mar 28 09:49:08 1996 Richard Basch <basch@lehman.com> - - * cryptoconf.c: Added support for CKSUMTYPE_RSA_MD5_DES3 and - ENCTYPE_DES3_CBC_RAW - - * des3_md5.c: Abstraction correction: use sizeof(mit_des3_cblock) - - * configure.in: - Cosmetic renaming of des-cbc-raw configuration vars. - Added support for des3-cbc-raw. - - * des3_raw.c: New file (support ENCTYPE_DES3_CBC_RAW) - -Mon Mar 11 10:59:40 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * des_crc.c (mit_des_crc_decrypt_func): Add const to pointer - cast for suncc warning. - -Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Folded in danw's changes to allow - building Makefiles for the Macintosh. We now can build - MPW makefiles which are interpreted by CodeWarrior. - -Mon Nov 13 11:30:10 1995 Theodore Y. Ts'o <tytso@dcl> - - * encrypt_data.c (krb5_encrypt_data): New file. A generic routine - for encrypting data in a krb5_data structure. Fills in a - krb5_enc_data structure. - - * decrypt_data.c (krb5_decrypt_data): New file. A generic routine - for decrypting data in a krb5_enc_data structure. Fills - in a krb5_data structure. - - * Makefile.in (SRCS): Added decrypt_data.c and encrypt_data.c to - list of files to be compiled. - -Fri Oct 6 22:01:04 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Thu Oct 5 21:32:33 1995 Theodore Y. Ts'o <tytso@dcl> - - * cryptoconf.c: Change types of krb5_max_enctype and - krb5_max_cksumtype to be krb5_enctype and krb5_cksumtype, - to fix some gcc -Wall flames. - -Mon Oct 2 10:34:12 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in (V5_MAKE_SHARED_LIB): Change for version 0.1 of - shared library. Remove install lines which are in aclocal.m4 - -Mon Sep 25 16:26:53 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - - * configure.in: Don't include "all:: all-$(WHAT)" at the end of - the Makefile. That's now included at the very beginning - by pre.in - -Wed Sep 13 10:26:37 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: moved shared rule to all-unix:: target. - * des_crc.c, des_md5.c, raw_des.c: had a volatile/const mismatch - which needs a cast to resolve. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * cryptoconf.c, des_crc.c, des_md5.c raw_des.c - s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * cryptoconf.c : Remove krb5_csarray. - * cryptoconf.c, des_crc.c, des_md5.c, raw_des.c : Remove krb5_enctype - references, and replace with krb5_keytype where appropriate. - -Thu Aug 24 17:55:47 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * des_crc.c, des_md5.c, raw_des.c: Remove casting in call to - mit_des_cbc_encrypt. - -Thu Jul 27 15:15:46 EDT 1995 Paul Park (pjpark@mit.edu) - * configure.in - Add --enable-{des-cbc-md5,des-cbc-crc,raw-des-cbc, - des-cbc-cksum,crc32,rsa-md4,rsa-md5} which set the appropriate - preprocessor flags which used to be set in k5-config.h. - * cryptoconf.c - Set the KEYTYPE_DES entry to the DES-CBC-MD5 entry - if enabled, then the DES-CBC-CRC entry, if enabled, then to - null. - -Fri Jun 23 12:16:52 1995 Sam Hartman <hartmans@tardis.MIT.EDU> - - * configure.in: krb5_cv_staticlibs_enabled, not - krb5_cv_enable_staticlibs - -Thu Jun 22 18:34:26 1995 Sam Hartman (hartmans@tardis) - - * configure.in: Changed to new scheme for static libs. - - - -Fri Jun 16 11:14:50 EDT 1995 Paul Park (pjpark@mit.edu) - * configure.in - Add install target for shared library. - - -Thu Jun 15 17:58:41 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Add definitions for shared library building rules. - Add explicit dependency on "shared" since we probably need it. - * configure.in - Create symlinks for archive and shared library when - we build them. - -Fri Jun 9 18:52:19 1995 <tytso@rsx-11.mit.edu> - - * des_crc.c, des_md5.c: Fix -Wall nits. - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. Use DO_SUBDIRS to - recurse down subdirectories. - -Thu May 25 22:15:18 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for shared libraries. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - * *.h added FAR to pointers visible at to the world. - -Tue Mar 28 20:00:00 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: more of nmake's strange behavior. Problem goes - away with the addition of a nop line. - -Wed Mar 22 11:28:08 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: put back '##DOSLIBNAME' since it makes the .c.obj rule - put the object file into that library. - * Makefile.in: strange nmake error 'missing ) on macro invocation' - which only appeared intermitantly and only when invoked - recursively. Fixed (I hope) by interchanging some lines. - -Thu Mar 16 21:10:37 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (CFLAGS): Avoid continuation line that starts with - dash; it confuses the Unix->MPW makefile converter. - (##DOSLIBNAME): No longer needed since DLL built one level up. - (all-mac): Add. - (libcrypto.a): Use explicit "./" on paths to DONE files, to - help Unix->MPW makefile converter with rotten Mac pathname conventions. - -Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: cleaned up for the PC - -Tue Mar 14 17:31:01 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: removed all DLL stuff--it now happens up a directory. - * win_glue.c, libcrypto.def: removed - -Tue Mar 7 17:26:06 1995 Keith Vetter (keithv@fusion.com) - - * cryptoco.c: Added more windows syntactic sugar for segmenting. - -Fri Mar 3 19:15:54 1995 Keith Vetter (keithv@fusion.com) - - * libcrypto.def: added 3 entry points for methods for pulling - in data from a DLL. - * Makefile.in: libcrypto.lib depends upon libcrypto.def - -Thu Mar 2 17:43:25 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: added rules to make a DLL from a lib. - * win_glue.c, librcrypto.def: needed for making a DLL. - -Tue Feb 28 00:15:06 1995 John Gilmore (gnu at toad.com) - - * cryptoconf.c, des_md5.c: Avoid <krb5/...> includes. - -Fri Feb 3 02:44:07 1995 John Gilmore <gnu@cygnus.com> - - Rename files so that they work in the DOS LIB command, - which amazingly finds dashes in mid-name and treats them - like option switches. - - * des-crc.c => des_crc.c - * des-md5.c => des_md5.c - * raw-des.c => raw_des.c - * Makefile.in: changed to match. - -Thu Feb 2 02:59:58 1995 John Gilmore <gnu@cygnus.com> - - * Makefile.in (CFLAGS): Handle $(srcdir) properly in -I options. - -Wed Jan 25 19:55:59 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (CFLAGS): Add -I options to pick up include files - from the various algorithm subdirs. - * cryptoconf.c, des-crc.c, des-md5.c, raw-des.c: Replace most - <.../...> include files with "..." includes. - -Tue Oct 18 15:46:01 1994 Mark Eichin (eichin@cygnus.com) - - * des-crc.c (mit_des_crc_decrypt_func): cast key->key->contents to - krb5_pointer to satisfy sunos cc about :? argument types. - (mit_des_crc_encrypt_funct): ditto. - * raw-des.c (mit_raw_des_decrypt_func): ditto. - (mit_raw_des_encrypt_func): ditto. - * des-md5.c (mit_des_md5_decrypt_funct): cast zero_ivec. - (mit_des_md5_encrypt_funct): ditto. - -Fri Oct 14 00:37:08 1994 Theodore Y. Ts'o (tytso@dcl) - - * cryptoconf.c: Add support for the new cryptosystem DES/MD5. - - * Makefile.in: Add support for new files des-crc.c, des-md5.c, and - raw-des.c - -Thu Oct 6 20:07:41 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Add recursive "make check" target. - -Mon Oct 3 21:11:56 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: make install obey $(DESTDIR) - -Thu Aug 4 03:40:24 1994 Tom Yu (tlyu@dragons-lair) - - * configure.in: oops check for install - - * Makefile.in: make install fixes - diff --git a/src/lib/crypto/aes/ChangeLog b/src/lib/crypto/aes/ChangeLog deleted file mode 100644 index 421f81570..000000000 --- a/src/lib/crypto/aes/ChangeLog +++ /dev/null @@ -1,94 +0,0 @@ -2006-04-02 Ken Raeburn <raeburn@mit.edu> - - * uitypes.h: Include autoconf.h. - -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-30 Ken Raeburn <raeburn@mit.edu> - - * aesopt.h: Include autoconf.h. - -2005-05-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (aes-gen): Use CC_LINK. Reported by Mike Friedman. - -2005-04-13 Ken Raeburn <raeburn@mit.edu> - - * aesopt.h: On PalmOS, include FloatMgr.h to get endianness flag. - (ENC_UNROLL, DEC_UNROLL, ENC_ROUND, LAST_ENC_ROUND, DEC_ROUND, - LAST_DEC_ROUND, KEY_SCHED): If CONFIG_SMALL is defined, set to - NONE or NO_TABLES as appropriate. - - * aes_s2k.c (krb5int_aes_string_to_key): Widen bytes of iteration - count before shifting. - - * Makefile.in (all-unix): Don't build aes-gen by default, leave it - for 'make check'. - -2004-09-28 Ken Raeburn <raeburn@mit.edu> - - * vbaxam.doc: File deleted. - -2004-05-25 Tom Yu <tlyu@mit.edu> - - * aesopt.h (PLATFORM_BYTE_ORDER): Treat _WIN32 as always - little-endian. Default to little-endian if there's no other - compile-time way to detect endianness, noting it as a guess. - (SAFE_IO): Error out if SAFE_IO is not set and endianness was - guessed. - -2004-05-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (aes-test): Link test program against thread support - library. - -2004-05-07 Ken Raeburn <raeburn@mit.edu> - - * aesopt.h (PLATFORM_BYTE_ORDER): Check for _MIPSEB, _MIPSEL. If - endian.h or machine/endian.h is available, include it instead of - sys/param.h. Don't mess around with multibyte character - constants. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-05-13 Ken Raeburn <raeburn@mit.edu> - - * aes_s2k.c (DEFAULT_ITERATION_COUNT): New macro; define to 4096. - (MAX_ITERATION_COUNT): New macro. - (krb5int_aes_string_to_key): Use them. - -2003-04-29 Ken Raeburn <raeburn@mit.edu> - - * uitypes.h: Use inttypes.h if HAVE_INTTYPES_H is defined. - -2003-04-13 Ken Raeburn <raeburn@mit.edu> - - * aes_s2k.c (krb5int_aes_string_to_key): Return an error if the - supplied iteration count is really, really large. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * aes_s2k.c, aes_s2k.h: New files. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Build aes_s2k. - (LOCALINCLUDES): Add dk directory. - (GEN_OBJS): New variable. - (aes-gen): Use GEN_OBJS. - -2003-02-28 Ezra Peisach <epeisach@bu.edu> - - * Makefile.in (clean): Cleanup testing objects and outputs - -2003-02-05 Ezra Peisach <epeisach@.bu.edu> - - * Makefile.in (run-aes-test): Add $(RUN_SETUP) so that if - compiling only shared libraries, LD_LIBRARY_PATH is set for test. - -2003-02-03 Ken Raeburn <raeburn@mit.edu> - - * New directory, with Briad Gladstone's implementation of AES, - tweaked for the MIT krb5 build system. - diff --git a/src/lib/crypto/arcfour/ChangeLog b/src/lib/crypto/arcfour/ChangeLog deleted file mode 100644 index fb2680c4d..000000000 --- a/src/lib/crypto/arcfour/ChangeLog +++ /dev/null @@ -1,119 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2005-10-19 Ken Raeburn <raeburn@mit.edu> - - * arcfour_s2k.c (asctouni): Counter should be size_t, like len. - -2005-07-02 Ken Raeburn <raeburn@mit.edu> - - * arcfour_s2k.c: Renamed from string_to_key.c. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Updated accordingly. - -2004-09-21 Sam Hartman <hartmans@mit.edu> - - * string_to_key.c (krb5int_arcfour_string_to_key): Free the copy - of the password, thanks to Derrick Schommer - -2004-02-18 Ken Raeburn <raeburn@mit.edu> - - * arcfour.c: Use ANSI C style function definitions. - -2003-12-19 Ken Raeburn <raeburn@mit.edu> - - * arcfour.c (l40): Now const. - -2003-07-22 Ken Raeburn <raeburn@mit.edu> - - * arcfour.c (krb5_arcfour_encrypt_length, krb5_arcfour_encrypt, - krb5_arcfour_decrypt): Use new numeric fields for block/hash/key - sizes instead of calling functions. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * arcfour.c (krb5int_arcfour_string_to_key): Renamed from - krb5_... and added new s2k-params argument, which must be null. - * arcfour.h: Updated. - -2003-02-03 Sam Hartman <hartmans@mit.edu> - - * arcfour.c (krb5_arcfour_encrypt_length): l40, the 40-bit - constant should be static - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-05-13 Sam Hartman <hartmans@mit.edu> - - * arcfour.c: Microsoft indicates that they have changed some key - usage numbers to be closer to the Kerberos spec; reflect those - changes. This is OK because currently no one actually sends any - authorization data in that space. -2002-02-22 Ken Raeburn <raeburn@mit.edu> - - * arcfour.h, arcfour.c, string_to_key.c: Use const instead of - krb5_const. - -2001-12-05 Ezra Peisach <epeisach@mit.edu> - - * string_to_key.c (krb5_arcfour_string_to_key): Use size_t instead - of int for local variable. - (asctouni): Length argument now size_t instead of int. - -2001-11-07 Sam Hartman <hartmans@mit.edu> - - * arcfour.c (krb5_arcfour_encrypt): Set output length - (ms_translate_usage): Be consistent with latest mail from Microsoft - -2001-11-06 Sam Hartman <hartmans@mit.edu> - - * arcfour-int.h: Structure for arcfour cipher state - -2001-10-26 Ezra Peisach <epeisach@mit.edu> - - * string_to_key.c (krb5_arcfour_string_to_key): Cleanup variables - defined but not used. - -2001-10-25 Sam Hartman <hartmans@mit.edu> - - * arcfour.c: GSSAPI usage translations - -2001-10-24 Ezra Peisach <epeisach@mit.edu> - - * arcfour.h: Declare krb5int_enc_arcfour extern so that multiple - copies are not generated (etypes.c, and arcfour.c). - -2001-10-22 Sam Hartman <hartmans@mit.edu> - - * arcfour-int.h: Make krb5int_arcfour_translate_usage non-static so the hash can use it - - -2001-10-19 Sam Hartman <hartmans@mit.edu> - - * string_to_key.c (krb5_arcfour_string_to_key): Ignore salt - (krb5_arcfour_string_to_key): Use memset not bzero - - * arcfour.c (krb5_arcfour_decrypt): Return error if salt cannot be allocated - (krb5_arcfour_encrypt): Only memset bits of key to known value on export-grade crypto - -2001-10-18 Sam Hartman <hartmans@mit.edu> - - * arcfour.c (arcfour_translate_usage): Attempt to implement based - on draft-brezak-win2k-krb-rc4-hmac-03. Several usages remain unclear. - Make 40-bit string not unsigned to avoid warning - (krb5_arcfour_encrypt krb5_arcfour_decrypt): cast to avoid pointer warnings - diff --git a/src/lib/crypto/crc32/ChangeLog b/src/lib/crypto/crc32/ChangeLog deleted file mode 100644 index b8712ac79..000000000 --- a/src/lib/crypto/crc32/ChangeLog +++ /dev/null @@ -1,258 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2005-12-02 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_crc): Build against support library. - (check-unix): Use $(RUN_SETUP). - -2005-05-01 Ken Raeburn <raeburn@mit.edu> - - * t_crc.c (main): Don't run timing test for now. - -2005-01-07 Ken Raeburn <raeburn@mit.edu> - - * crc-32.h (mit_crc32): Remove gratuitous "const" in argument - declaration. - -2004-03-21 Ken Raeburn <raeburn@mit.edu> - - * t_crc.c (timetest): Free 'block' before returning. - (verify): Fix minor type error in call to gethexstr. - -2004-02-18 Ken Raeburn <raeburn@mit.edu> - - * crc32.c: Use ANSI C style function definitions. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-12-23 Ezra Peisach <epeisach@bu.edu> - - * t_crc.c: Declare local functions static. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-06-19 Ezra Peisach <epeisach@bu.edu> - - * Makefile.in (clean-unix): Remove t_crc.o and t_crc. - -2002-01-07 Tom Yu <tlyu@mit.edu> - - * crc.pl: New file; perl script to do generate some test vectors - and CRC tables. - - * CRC.pm: New file; perl module to implement CRCs in terms of - polynomial arithmetic (verrrry slooow). - - * Poly.pm: New file; perl module to do polynomial arithmetic in - the field of integers mod 2. - - * t_crc.c: New file; do some sanity checks (and timing checks, - more useful when building shift-4 as well). - - * Makefile.in (check-unix): Add rules for building, running - t_crc. - - * crc32.c (mit_crc32_shift4): Add new function, usually not - compiled, for shift-4 implementation of CRC32. - - * crc-32.h: Add (conditionalized) prototype for the shift-4 - function; remove checksum_entry (it's no longer used). - - * crctest.c: Removed. - - * crc-test: Removed. - - * crc.c: Removed. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * crc.c: Make prototypes unconditional. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * crc.c: Don't declare pointers FAR any more. - -2001-03-14 Ken Raeburn <raeburn@mit.edu> - - * crc-32.h: Stop using PROTOTYPE macro. - -2001-03-05 Ken Raeburn <raeburn@mit.edu> - - * crc-32.h, crc.c, crc32.c: Use const instead of krb5_const. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:15:59 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Sun Jul 19 12:00:00 1998 Marc Horowitz <marc@mit.edu> - - * *.c: replace the crypto layer. - -Wed Feb 18 16:05:45 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. Fix up usage of $(C). - -Fri Feb 13 15:20:54 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in (thisconfigdir), configure.in: Point the - configuration directory at our parent, and remove our - local configure.in - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Sat Feb 22 18:46:38 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Move list file construction to win-post.in - -Thu Jan 30 21:30:32 1997 Richard Basch <basch@lehman.com> - - * crc.c: Declare the functions to take const pointers, where possible. - -Thu Nov 21 00:58:04 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: Win32 build - -Sun Dec 29 21:53:25 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to use new library building procedure. - -Tue May 14 19:33:27 1996 Richard Basch <basch@lehman.com> - - * crc.c: ensure the cksum content length is sufficient - - * crctest.c: set the cksum length field. - -Sat Mar 30 22:54:12 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (SRCS): Removed crctest.c from the SRCS list, since - it's only a test program and it confuses the Macintosh build. - -Fri Oct 6 21:59:30 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (CFLAGS): Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Sep 25 16:48:23 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 13 10:28:47 1995 Keith Vetter (keithv@fusion.com) - - * crc.c: put function prototype back in. - -Fri Jul 7 16:10:52 EDT 1995 Paul Park (pjpark@mit.edu) - * crc.c - Use CRC32_CKSUM_LENGTH where appropriate. Add checksum - verifier procedure. - -Wed Jun 21 10:51:33 1995 <tytso@rsx-11.mit.edu> - - * crc.c: Change PROTOTYPE -> KRB5_PROTOTYPE - -Fri Jun 9 19:18:36 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Thu May 25 22:15:49 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for shared libraries. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - * *.h added FAR to pointers visible at to the world. - -Thu Mar 16 21:14:15 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (crctest, crctest.exe): Replace crctest-unix and - crctest-windows with versions that work for Mac too. - (check): Build and run crctest$(EXEEXT). This runs on MPW now. - -Tue Mar 14 17:20:47 1995 Keith Vetter (keithv@fusion.com) - - * crc.c: removed method for pulling in a data structure (windows), - and turned an int into a size_t for corrected 'signed'ness. - -Fri Mar 3 19:01:59 1995 Keith Vetter (keithv@fusion.com) - - * crc.c: added a method to pull in a data structure - from outside a dll. - -Thu Mar 2 17:48:08 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed LIBNAME for the PC - * crc.c, crctest.c: added cast on the assignment of bits of - a long into characters. - -Mon Feb 20 15:37:10 1995 Keith Vetter (keithv@fusion.com) - - * crc.c: changed API to INTERFACE - -Fri Feb 20 11:08:00 1995 Keith Vetter (keithv@fusion.com) - - * crc.c: added function prototype and removed a function - pointer cast. - -Mon Feb 6 19:24:13 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work under Windows - - added windows only make preamble - - moved the all target after the objects it depends on - - used $(OBJEXT) and $(EXEEXT) where needed - - split crctest into unix rules and windows rules - - changed file separatars into macros where needed - * crctest.c: changed int to long to work on 16 bit machines - * crc.c: added Windows calling convention to the function - and casted the assignment of the function. - - -Wed Jan 25 20:01:33 1995 John Gilmore (gnu at toad.com) - - * crc-32.h: New file, moved from include/krb5/crc-32.h. - * crc.c, crctest.c: Replace <.../...> includes with "..."s. - -Wed Oct 19 12:27:16 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: Don't use LDFLAGS, but CCFLAGS since CCFLAGS is - configurable. - -Wed Oct 12 02:24:04 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: Run crctest on a "make check". Clean up the - crctest program on a "make clean". - -Tue Oct 4 14:53:54 1994 Theodore Y. Ts'o (tytso@dcl) - - * crc.c: Added placeholder for magic number - diff --git a/src/lib/crypto/des/ChangeLog b/src/lib/crypto/des/ChangeLog deleted file mode 100644 index 12505a2ae..000000000 --- a/src/lib/crypto/des/ChangeLog +++ /dev/null @@ -1,769 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-01-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (destest$(EXEEXT)): Include support library. - -2005-06-10 Ken Raeburn <raeburn@mit.edu> - - * destest.c (main): Force testing of unaligned access to input, - output, and key blocks. - -2005-06-09 Ken Raeburn <raeburn@mit.edu> - - * f_tables.h: Include k5-platform.h. - (GET_HALF_BLOCK): Use load_32_be. - (PUT_HALF_BLOCK): Use store_32_be. - -2005-04-13 Ken Raeburn <raeburn@mit.edu> - - * d3_cbc.c (krb5int_des3_cbc_encrypt, krb5int_des3_cbc_decrypt): - Don't declare left and right variables as registers. - * f_cksum.c (mit_des_cbc_cksum): Likewise. - * f_cbc.c (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt): - Likewise. - (krb5int_des_cbc_encrypt): For full blocks, use GET_HALF_BLOCK to - read and then xor, instead of processing each byte individually. - (krb5int_des_do_encrypt_2, krb5int_des_do_decrypt_2) - [CONFIG_SMALL]: New functions, wrapping large macros with the DES - inner loops. - * f_tables.h (DES_DO_ENCRYPT_1, DES_DO_DECRYPT_1): Renamed from - non-_1 names. - (krb5int_des_do_encrypt_2, krb5int_des_do_decrypt_2): Declare if - CONFIG_SMALL is defined. - (DES_DO_ENCRYPT, DES_DO_DECRYPT): Expand to _1 macros or _2 - function calls depending on whether CONFIG_SMALL is defined. - -2004-05-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (verify, t_afss2k): Link test programs against - thread support library. - -2004-04-02 Ken Raeburn <raeburn@mit.edu> - - * string2key.c: Replaced with a new implementation. - -2004-02-18 Ken Raeburn <raeburn@mit.edu> - - * afsstring2key.c, d3_cbc.c, d3_kysched.c, f_cbc.c, f_cksum.c, - f_parity.c, f_sched.c, key_sched.c, string2key.c, weak_key.c: Use - ANSI C style function definitions. - -2004-02-17 Ken Raeburn <raeburn@mit.edu> - - * f_tables.h (DES_DO_ENCRYPT, DES_DO_DECRYPT): Allocate temporary - variable locally instead of taking the extra argument. - * d3_cbc.c (krb5int_des3_cbc_encrypt): Don't pass the extra - argument, and delete the automatic variable. - (krb5int_des3_cbc_decrypt): Likewise. - * f_cbc.c (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt): - Likewise. - * f_cksum.c (mit_des_cbc_cksum): Likewise. - - * afsstring2key.c (krb5_afs_encrypt): Drop EDFLAG as an argument, - make it local instead, since we always pass 0. - (afs_crypt): Call changed. - (krb5_afs_crypt_setkey, krb5_afs_encrypt): Use memcpy. - -2003-12-19 Ken Raeburn <raeburn@mit.edu> - - * f_cbc.c (mit_des_zeroblock): Define, as a single cblock, not the - array of 8 that was used elsewhere. - * des_int.h (mit_des_zeroblock): Declare, and use a macro to stick - a krb5int prefix on it. - -2003-07-22 Ken Raeburn <raeburn@mit.edu> - - * f_cbc.c (krb5int_des_cbc_decrypt): Move declarations that were - after statements after flattening blocks is previous change. - * d3_cbc.c (krb5int_des3_cbc_decrypt): Likewise. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * f_cbc.c (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt): New - functions broken out from mit_des_cbc_encrypt. - (mit_des_cbc_encrypt): Call them. - * d3_cbc.c (krb5int_des3_cbc_encrypt, krb5int_des3_cbc_decrypt): - New functions broken out from mit_des3_cbc_encrypt. - (mit_des3_cbc_encrypt): Call them. - * des_int.h (krb5int_des_cbc_encrypt, krb5int_des_cbc_decrypt, - krb5int_des3_cbc_encrypt, krb5int_des3_cbc_decrypt): Declare. - (mit_des_cbc_encrypt, mit_des3_cbc_encrypt): New macros. - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * des_int.h: Added prototype for mit_afs_crypt which is used by - the deprecated KfM des_crypt function. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * des_int.h (krb5_raw_des_cst_entry, krb5_des_crc_cst_entry, - krb5_des_md5_cst_entry, krb5_des3_sha_cst_entry, - krb5_des3_raw_cst_entry, krb5_des_cbc_cksumtable_entry): Delete - unused declarations. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-12-23 Ezra Peisach <epeisach@bu.edu> - - * t_verify.c: Signed vs. unsigned cleanups. Remove unsused variables. - -2002-10-09 Ken Raeburn <raeburn@mit.edu> - - * string2key.c (mit_des_string_to_key_int): If PRINT_TEST_VECTORS - is defined, print some of the intermediate results. - -2002-09-26 Tom Yu <tlyu@mit.edu> - - * afsstring2key.c (krb5_afs_crypt): Leak this function out as as - mit_afs_crypt to allow for des_crypt and des_fcrypt - implementations for the KfM merge. - - * des_int.h: Change DES_INT32 strategy to include kerberosIV/des.h - with a magic macro defined for skipping krb4-specific stuff. Make - renaming of make_key_sched explicit, to avoid conflict with - kerberosIV/des.h. - - * f_sched.c, key_sched.c, d3_kysched.c: Make renaming of - make_key_sched explicit. - - * f_cksum.c (mit_des_cbc_cksum): Return only the rightmost 32 - bits; this should optimize out on any platform where longs are - exactly 32 bits wide. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-16 Tom Yu <tlyu@mit.edu> - - * string2key.c: Work around possible bug with AFS salts; - [krb5-clients/1146] from <Wolfgang.Friebel@cern.ch>. - -2002-06-07 Miro Jurisic <meeroh@mit.edu> - - * des_int.h: use "" includes for k5-int.h - [pullup from 1-2-2-branch] - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * afsstring2key.c, d3_cbc.c, des_int.h, f_cbc.c, f_cksum.c, - string2key.c: Don't explicitly declare pointers FAR any more. - -2001-06-22 Ken Raeburn <raeburn@mit.edu> - - * string2key.c (mit_des_string_to_key_int): Undo last change. - -2001-06-21 Ken Raeburn <raeburn@mit.edu> - - * destest.c (value): Now signed int, since some entries are - negative. - (convert): Do bounds checking on character values used as indices - into value array. - - * string2key.c (mit_des_string_to_key_int): Now static. - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * t_verify.c: Get rid of global variables i,j. - -2001-06-20 Ken Raeburn <raeburn@mit.edu> - - * string2key.c (mit_des_string_to_key_int): Construct a krb5_data - object with proper length for the AFS case (indicated by a -1 salt - length on input). - -2001-06-12 Ezra Peisach <epeisach@mit.edu> - - * destest.c: main returns int instead of void. Add "const" to - casts in calls to mit_des_cbc_encrypt(). - - * t_verify.c (main): Add parenthesis aroud assignment in conditional. - -2001-05-31 Ezra Peisach <epeisach@mit.edu> - - * f_cbc.c (mit_des_cbc_encrypt): Do not use a variable named "encrypt". - * d3_cbc.c (mit_des3_cbc_encrypt): Likewise. - - * des_int.h (mit_des_cbc_encrypt, mit_des3_ecb_encrypt, - mit_des3_cbc_encrypt): Don't use "encrypt" as argument name. - -2001-04-12 Ezra Peisach <epeisach@mit.edu> - - * f_tables.h: Do not define const to nothing on platforms that - fail to define __STDC__ - let autoconf do this if necessary. - -2001-04-10 Ken Raeburn <raeburn@mit.edu> - - * t_afss2k.c (do_it): Add cast to keep compiler quiet. - - * f_cksum.c (mit_des_cbc_cksum): Use const for input, key - schedule, and initial vector. Get rid of casts when possible. - * f_cbc.c (mit_des_cbc_encrypt): Likewise. - * f_sched.c (make_key_sched): Likewise. - * d3_cbc.c (mit_des3_cbc_encrypt): Likewise. - * d3_kysched.c (mit_des3_key_sched): Don't create new variables to - point to components of key and schedule, just index into the - argument variables. - * des_int.h (mit_des_cbc_cksum, mit_des_cbc_encrypt, - mit_des3_cbc_encrypt): Update decls. - (mit_des_string_to_key_int): New decl. - - * weak_key.c (mit_des_is_weak_key): Get rid of some unneeded - casts. - - * des_int.h (make_key_sched): Define a macro to rename with - mit_des_ prefix. - - * des_int.h (des_cblock, des_key_schedule): Duplicate definitions - here and in kerberosIV/des.h, using macro - KRB5INT_DES_TYPES_DEFINED to avoid duplication. - (mit_des_cblock, mit_des_key_schedule): Define in terms of the - other types for now. - (PROTOTYPE): Don't define. - - * afsstring2key.c, des_int.h, destest.c: Don't use PROTOTYPE macro. - -2001-01-25 Ken Raeburn <raeburn@mit.edu> - - * t_afss2k.c: Extend test cases to cover situation where krb5_data - refers to strings that are not nul-terminated. Reorder functions - to avoid inlining, to keep debugging easier. - * afsstring2key.c (mit_afs_string_to_key): Don't depend on - nul-termination of input strings. - -2001-01-20 Ken Raeburn <raeburn@mit.edu> - - * afsstring2key.c (mit_afs_string_to_key): Allocate and pass - buffer for afs_crypt. Don't use static storage for key schedule. - (IP, FP, PC1_C, PC1_D, shifts, PC2_C, PC2_D, E, e, P, S): Now - const. - (C, D, KS, L, R, tempL, f, preS): Static variables deleted. - (afs_crypt): Allocate them here, and pass pointers to other - routines. - (krb5_afs_crypt_setkey, krb5_afs_encrypt): Add extra arguments or - local variables for additional state, instead of static - variables. - - * t_afss2k.c: New file. - * Makefile.in (t_afss2k): New target. - (TAFSS2KOBJS): New variable. - (check-unix): Run t_afss2k. - (clean): Get rid of t_afss2k binaries. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * des_int.h: Change prototypes for mit_des_cbc_encrypt(), - mit_des_cbc_cksum(), and mit_des3_cbc_encrypt() to take unsigned - long lengths. - - * d3_cbc.c (mit_des3_cbc_encrypt): Length argument now takes an - unsigned long. - - * f_cbc.c (mit_des_cbc_encrypt): Length argument now takes an - unsigned long. - - * f_cksum.c (mit_des_cbc_cksum): Length argument now takes an - unsigned long. - - * string2key.c: Unsigned/signed int cleanup. Test for a - salt-length of SALT_TYPE_AFS_LENGTH or -1 (for backwards - compatibilty) for use of mit_afs_string_to_key(). - -2000-06-30 Ezra Peisach <epeisach@mit.edu> - - * afsstring2key.c: Initialization of S[8][64] - each 64 elements - enclosed in brackets. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * afsstring2key.c: "register x" -> "register int x". - -2000-02-25 Ezra Peisach <epeisach@mit.edu> - - * t_verify.c: Add "const" to casts in calls to mit_des_cbc_encrypt(). - - * destest.c: Declare zeroblock as krb5_octet * instead of char * as - argument to mit_des_cbc_encrypt. - -2000-01-21 Ken Raeburn <raeburn@mit.edu> - - * f_sched.c (PC2_C, PC2_D): Put braces around sub-arrays. - * f_tables.c (des_SP_table): Ditto. - - * weak_key.c (weak): Now const. - (mit_des_is_weak_key): Adjust pointer type accordingly. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:16:18 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Sun Jul 19 12:00:00 1998 Marc Horowitz <marc@mit.edu> - - * *.c: replace the crypto layer. - -Wed Feb 18 16:06:23 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 15:20:54 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in (thisconfigdir), configure.in: Point the - configuration directory at our parent, and remove our - local configure.in - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Thu Dec 25 20:57:53 1997 Tom Yu <chaoself@mit.edu> - - * init_rkey.c (mit_des_init_random_key): Punt the struct; use - explicit variables instead because we're no longer doing a - memcpy. In addition, fill p_state->sequence.data a byte at a - time. [krb5-libs/492] - -Mon Oct 27 01:06:34 1997 Tom Yu <tlyu@mit.edu> - - * d3_cbc.c, des.h, des_int.h, f_cbc.c, f_cksum.c, f_ecb.c, - f_pcbc.c, f_sched.c, f_tables.c, f_tables.h: Change KRB_INT32 to - DES_INT32 to avoid temptation to misuse. - - * d3_cbc.c, d3_ecb.c, f_cbc.c, f_cksum.c, f_ecb.c, f_parity.c, - f_pcbc.c, f_sched.c, f_tables.c: Don't include des.h; it's broken - in ways. Use only des_int.h instead. - -Tue Oct 21 13:22:23 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (RUN_SETUP): Set KRB5_CONFIG. - -Tue Oct 14 15:35:53 1997 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * des_int.h: Use better logic to find an appropriate type for - KRB_INT32; also don't assume that a key schedule element is - exactly 64 bits wide... use instead 2 * KRB_INT32, since that is - what the code uses internally. - - * des.h: Use better logic to find an appropriate type for - KRB_INT32. - -Mon Oct 6 11:32:51 1997 Ezra Peisach <epeisach@mit.edu> - - * destest.c (main): Initialize context to 0 so it will not be - treated as unset by purify. - - * t_verify.c (main): Use krb5_free_context to release memory in use. - - -Sat Feb 22 18:50:35 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Fri Feb 7 07:12:52 1997 Richard Basch <basch@lehman.com> - - * Makefile.in (all-unix, all-mac): Create shared directory - before trying to build the object files - -Thu Jan 30 21:43:19 1997 Richard Basch <basch@lehman.com> - - * cbc_cksum.c - Change functions to take const args where possible - -Thu Nov 21 00:58:04 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: Win32 build - -Sat Feb 8 18:49:39 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new program build procedure. - -Sun Dec 29 21:53:49 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to use new library building procedure. - -Sat Jun 15 03:51:19 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (clean): Add space before \ - -Wed Jun 12 00:08:31 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * des_int.h: Add missing prototypes; needed to make Win-32 - compiler happy. - - * f_tables.h: Add #ifdef _WIN32 in places where we had #ifdef _MSDOS - -Tue May 21 19:30:10 1996 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (check-unix): In building destest and verify, make - sure we include enough object modules to deal with systems that do - early binding in shared libs, so we porperly overide - mit_des_is_weak_key - - * Makefile.in (check-unix): Use $(RUN_SETUP) so shared lib paths - are happy. - -Sat May 18 02:02:59 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * u_nfold.c (mit_des_n_fold): Fix memory leak. Free tempbuf - before returning. - -Tue May 14 18:59:38 1996 Richard Basch <basch@lehman.com> - - * des_int.h: the cs_entry routines in cbc_cksum.c are now static. - - * Makefile.in: removed cs_entry.c - - * cbc_cksum.c: - caller is responsible for allocating cksum->contents - and indicate the allocated amount in cksum->length. - the cs_entry routines are now static and the cs_entry - structure is now in this file to enforce proper use. - -Fri May 10 01:46:25 1996 Richard Basch <basch@lehman.com> - - * d3_str2ky.c d3_procky.c des_int.h init_rkey.c: - Replace des3-md5 with des3-sha - -Thu May 2 18:29:01 1996 Richard Basch <basch@lehman.com> - - * d3_rndky.c new_rn_key.c: Removed (obsolete). - - * u_rn_key.c: New file - Support routines to set the seed/sequence number of the - random stream. - - * Makefile.in: new/removed file changes - - * des_int.h: Changed prototypes for all the random routines. - - * fin_rndkey.c: rewrote mit_des_finish_random_key to use the new - random state structure and to accept an eblock as arg 1. - - * init_rkey.c: rewritten to be a common DES, 3-DES random stream - initialization routine. it uses the eblock to determine - the random key type to generate. - - * random_key.c: rewritten to be a common DES, 3-DES random stream - generator, using the former DES algorithm (encrypting an - incrementing sequence number with a unique key schedule) - [3-DES uses DES3-CBC-CRC to increment a 192 bit sequence - number, instead of being only as secure as DES.] - -Wed Apr 17 19:25:01 1996 Marc Horowitz <marc@mit.edu> - - * cbc_cksum.c (mit_des_cbc_checksum): don't allocate the checksum - contents. The caller is supposed to do this. - -Wed Apr 10 17:46:40 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (SRCS,OBJS): Added afsstring2key.c to the list of - files to be compiled. - -Sat Mar 30 22:56:48 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (SRCS): Took the list of sources and object files in - FSRCS, FOBJS, D3OBJS, and D3SRCS, and inlined them into - the OBJS and SRCS list. This is necessary so that the - files are correctly picked up for the Macintosh build. - -Thu Mar 28 10:49:31 1996 Richard Basch <basch@lehman.com> - - * init_rkey.c, d3_str2ky.c, d3_procky.c: Support ENCTYPE_DES3_CBC_RAW - - * des_int.h: Support CKSUMTYPE_DES3_CBC_MD5 - -Wed Mar 20 22:33:40 1996 Theodore Y. Ts'o <tytso@dcl> - - * u_nfold.c (mit_des_n_fold): - * d3_str2ky.c (mit_des3_string_to_key): Fix Windows lint flames. - -Mon Mar 11 11:03:23 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * new_rn_key.c (mit_des_generate_random_block): Add const keywrod - to cast for suncc warning. - -Thu Feb 22 20:32:08 1996 Theodore Y. Ts'o <tytso@dcl> - - * t_random.c: New file which just tests the random number generator. - - * new_rn_key.c (mit_des_set_random_generator_seed): Add fix so - that we do something even if the input key is not a valid - DES key. - -Wed Jan 10 22:28:23 1996 Theodore Y. Ts'o <tytso@dcl> - - * des_int.h: Fix return type for mit_des3_string_to_key(). - -Tue Nov 28 11:24:26 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * f_ecb.c, des_int.h (mit_des_ecb_encrypt): Add const declaration - to input cblock. - -Thu Nov 09 17:05:57 1995 Chris Provenzano (proven@mit.edu) - - * string2key.c : Remove krb5_enctype from krb5_string_to_key() args. - * string2key.c, des_int.h : Remove krb5_enctype from - mit_des_string_to_key() args. - -Tue Oct 31 22:06:52 1995 Theodore Y. Ts'o <tytso@dcl> - - * finish_key.c (mit_des_finish_key): Make mit_des_finish_key() - safe to call even if there is no key that needs to be - freed. - -Fri Oct 6 21:59:55 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Thu Sep 28 16:00:00 1995 John Rivlin <jrivlin@fusion.com> - - * Makefile.in: Renamed verify.c to t_verify.c to avoid conflict with - lib/gssapi/krb5/verify.c on the Mac. - -Mon Sep 25 16:48:36 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Fri Sep 22 23:32:58 1995 Theodore Y. Ts'o <tytso@dcl> - - * des_int.h: Define PROTOTYPE if it is not defined elsewhere. - -Tue Sep 12 18:50:50 1995 John Rivlin (jrivlin@fusion.com) - - * f_pcbc.c: Added include of des_int.h which seemed to - get lost so that mit_des_xxx get defined. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * des_int.h, destest.c, init_rkey.c, random_key.c, string2key.c - * verify.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * destest.c, random_key.c, string2key.c, verify.c : Remove krb5_enctype - references, and replace with krb5_keytype where appropriate. - * init_rkey.c (mit_des_init_random_key()), - * string2key.c (mit_des_string_to_key()) : Allow for any DES keytype. - - -Tue Aug 29 13:29:19 EDT 1995 Paul Park (pjpark@mit.edu) - * process_key.c, finish_key.c - Set and use priv_size in the krb5_ - encrypt_block. - -Thu Aug 24 18:08:42 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * f_cksum.c: Change code to match prototypes. - - * f_cbc.c, f_ecb, f_parity, f_pcbc: Change des_cblock to - mit_des_cblock and des_key_schedule to - mit_des_key_schedule. Also include des_int.h. - - * destest.c: Change des_cblock to mit_des_cblock and add local - prototypes. - - * cs_entry.c: Remove prototypes for mit_des_cbc_cksum and - mit_des_cbc_cksum. Now in des_int.h. - - * cbc_cksum.c, string2key.c: Remove casts in call to - mit_des_cbc_cksum - - * des_int.h: Add prototype for mit_des_cbc_verf_cksum. Change - return code for mit_des_cbc_cksum to match source. - - * des.h: Remove unused structures and defines. - -Thu Jul 27 15:18:37 EDT 1995 Paul Park (pjpark@mit.edu) - * des_int.h - Inline the old contents of include/krb5/mit-des.h. This - is now the only place that it's needed. Also update the - prototype for mit_des_ecb_encrypt. - * destest.c, f_sched.c, fin_rndkey.c, finish_key.c - Include des_int.h - * destest.c, new_rn_key.c, verify.c - Cast to the correct type for - mit_des_ecb_encrypt. - - -Fri Jul 7 16:12:29 EDT 1995 Paul Park (pjpark@mit.edu) - * cbc_cksum.c - Add checksum verifier procedure. - * cs_entry.c - Add entry for checksum verifier. - -Thu Jul 6 17:16:17 1995 Tom Yu <tlyu@lothlorien.MIT.EDU> - - * new_rn_key.c (mit_des_init_random_number_generator): don't call - us_timeofday with context arg; also update for new - function names (krb5_crypto_*). - -Fri Jun 9 19:18:29 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Thu May 25 22:16:02 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for shared libraries. - -Fri May 12 02:46:13 1995 Mark Eichin <eichin@cygnus.com> - - * key_sched.c (mit_des_key_sched): *always* fill in the schedule, - regardless of the key failing other tests, as a defense against - telnet-style bugs. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - * *.h added FAR to pointers visible at to the world. - * f_tables.h: __STDC__ condition also checks _WINDOWS - -Tue Mar 28 15:09:43 1995 John Gilmore (gnu at toad.com) - - Bring in portability fixes from Cygnus K4 release. - - * f_cbc.c, f_cksum.c, f_pcbc.c: Replace individual casts with - simpler solution. - * f_tables.h: Insert debugging code, and circumvention for MPW - compiler bug. - * key_sched.c: Remove ancient (microvax??!) comments, and dup - prototype. - * verify.c: Small hack for MS-Windows scrolling. Fix spelling. - "register x" -> "register int x". - -Thu Mar 16 21:16:24 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (LDFLAGS): Remove, conflicts with pre.in. - (clean): Insert FIXME. - (verify$(EXEEXT), destest$(EXEEXT)): Make them work on Mac. - (check-mac): Add, identical to Unix. - (clean): Use $(EXEEXT). - * des_int.h (mit_des_cbc_cksum): Fix prototype from void to long, - to match the actual function. - -Tue Mar 14 17:28:35 1995 Keith Vetter (keithv@fusion.com) - - * f_cbc.c, f_cksum.c, f_pcbc.c: added casts so that chars get promoted - to longs instead of ints when doing 32 bit bit manipulations. - -Thu Mar 2 17:50:39 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed LIBNAME for the PC. - * f_tables.h. f_cbc.c: added cast on the assignment of bits of - a long into characters. - * string2k.c: promoted an int into a long. - -Thu Mar 2 18:09:28 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (ISODELIB): Remove reference to $(ISODELIB). - -Wed Mar 1 16:30:50 1995 Theodore Y. Ts'o <tytso@dcl> - - * configure.in: Remove ISODE_INCLUDE, replace check for -lsocket - and -lnsl with WITH_NETLIB check. - -Tue Feb 28 00:18:38 1995 John Gilmore (gnu at toad.com) - - * des_int.h: Avoid <krb5/...> includes. - -Mon Feb 20 16:10:29 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work under windows PC - * cbc_cksu.c cs_entry.c finish_k.c fin_rndk.c f_cbc.c f_cksum.c - f_ecb.c f_parity.c f_pcbc.c f_sched.c init_rke.c key_sche.c - new_rn_k.c process_.c random_k.c string2k.c weak_key.c: added - windows INTERFACE keyword. - * string2key.c: needed long -> int casts for memset and malloc - -Wed Feb 8 13:59:05 1995 Theodore Y. Ts'o (tytso@dcl) - - * des.h: Add KRB5_INT32 definitions for non-32 int platforms. - -Fri Feb 3 06:33:22 1995 Theodore Y. Ts'o (tytso@dcl) - - * des_int.h: Remove unused cruft from the file. - - * verify.c: Fix typo; "%02 X" --> "%02X" - -Wed Jan 25 20:04:39 1995 John Gilmore (gnu at toad.com) - - * cbc_cksum.c, cs_entry.c, des.h, destest.c, f_sched.c, - fin_rndkey.c, finish_key.c, init_rkey.c, key_sched.c, - new_rn_key.c, process_ky.c, random_key.c, string2key.c, verify.c, - weak_key.c: Replace <.../...> includes with "..."s. - -Wed Jan 25 16:54:40 1995 Chris Provenzano (proven@mit.edu) - - * Removed all narrow types and references to wide.h and narrow.h - -Fri Nov 18 16:20:10 1994 Theodore Y. Ts'o (tytso@dcl) - - * destest.c (main): Add magic numbers to keyblock structure. - -Tue Nov 8 17:57:47 1994 Theodore Y. Ts'o (tytso@dcl) - - * des_int.h: - random_key.c (mit_des_random_key): - string2key.c (mit_des_string_to_key): Change - internal calling signature to pass in the encryption - block, so that the encryption type in the keyblock - structure can be properly initialized. - -Thu Nov 3 18:31:55 1994 Mark Eichin (eichin@cygnus.com) - - * Makefile.in: stop building f_pcbc.c, since it belongs in - libdes425, but leave it here for reference. - -Fri Oct 14 00:33:17 1994 Theodore Y. Ts'o (tytso@dcl) - - * des_int.h, f_cbc.c, verify.c: Fix function declarations to - (slightly) better match the conventions used by the krb5 - source tree. - - * cs_entry.c: Remove declarations of the cryptosystem specific - structures to raw-des.c and des-crc.c in the parent - directory. They're strictly speaking not DES specific. - - * Makefile.in: Remove file krb_glue.c; we don't use it any more. - -Thu Oct 6 12:49:29 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: Make sure the "make check" programs get cleaned up - on a "make clean". - - * verify.c (main): Take out check that assures that long is 4 - bytes. The DES implementation shouldn't be depending on - this, and if it is, then that's what the verify program - should be discovering, yes? - -Thu Jun 23 01:09:33 1994 Tom Yu (tlyu at dragons-lair) - - * cs_entry.c: oops typo in that last one - - * grrr.... ETYPE_DES_CBC_CRC really should be ETYPE_RAW_DES_CBC, - although something like ETYPE_DES_CBC_RAW or ETYPE_DES_CBC_NONE - would probably work better (following the convention - ETYPE_{system}_{mode}_{integrity}) - diff --git a/src/lib/crypto/dk/ChangeLog b/src/lib/crypto/dk/ChangeLog deleted file mode 100644 index 570658035..000000000 --- a/src/lib/crypto/dk/ChangeLog +++ /dev/null @@ -1,185 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2005-05-19 Sam Hartman <hartmans@mit.edu> - - * dk_prf.c (krb5int_dk_prf): Use k5crypto versions of keyblock memory management - -2004-12-09 Sam Hartman <hartmans@mit.edu> - - * dk.h: Add krb5_dk_prf - - * Makefile.in (SRCS): Add dk_prf.c - - * dk_prf.c (krb5int_dk_prf): New function - -2004-03-17 Ken Raeburn <raeburn@mit.edu> - - * derive.c (krb5_random2key): Don't compile. - - * dk.h (krb5_derive_random): Declare. - -2004-02-24 Sam Hartman <hartmans@avalanche-breakdown.mit.edu> - - * dk.h: As below. - - * checksum.c dk_decrypt.c dk_encrypt.c: Remove ENCTYPE_LOCAL_DES3_HMAC_SHA1 - -2004-02-18 Ken Raeburn <raeburn@mit.edu> - - * checksum.c, derive.c, dk_decrypt.c, dk_encrypt.c: Use ANSI C - style function definitions. - -2004-02-13 Ken Raeburn <raeburn@mit.edu> - - * dk_decrypt.c (krb5_dk_decrypt_maybe_trunc_hmac): New argument - IVEC_MODE. If clear, same old behavior. If set, copy out next - to last block for CTS. - (krb5_dk_decrypt, krb5int_aes_dk_decrypt): Pass extra argument. - * dk_encrypt.c (krb5int_aes_dk_encrypt): For IV, copy out next to - last block for CTS. - -2003-07-22 Ken Raeburn <raeburn@mit.edu> - - * checksum.c (krb5_dk_make_checksum, krb5_marc_dk_make_checksum): - Use new numeric fields for key/bolck sizes instead of calling - functions. - * derive.c (krb5_derive_key, krb5_derive_random): Likewise. - * dk_decrypt.c (krb5_dk_decrypt_maybe_trunc_hmac, - krb5_marc_dk_decrypt): Likewise. - * dk_encrypt.c (krb5_dk_encrypt_length, krb5_dk_encrypt, - krb5int_aes_encrypt_length, trunc_hmac, krb5int_aes_dk_encrypt, - krb5_marc_dk_encrypt_length, krb5_mark_dk_encrypt): Likewise. - * stringtokey.c (krb5int_dk_string_to_key): Likewise. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-04-17 Ken Raeburn <raeburn@mit.edu> - - * dk_encrypt.c (krb5int_aes_dk_encrypt): Set output length - properly. - -2003-04-13 Ken Raeburn <raeburn@mit.edu> - - * dk_decrypt.c (krb5_dk_decrypt_maybe_trunc_hmac): Renamed from - krb5_dk_decrypt, made static, added extra HMACSIZE argument to - indicate size of HMAC. Cast byte values to char to silence - compiler warning. - (krb5_dk_decrypt): Call it. - (krb5int_aes_dk_decrypt): New function. - * dk_encrypt.c (krb5_dk_encrypt): Cast byte values to char to - silence compiler warning. - (krb5int_aes_encrypt_length, trunc_hmac, krb5int_aes_dk_encrypt): - New functions. - * dk.h (krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, - krb5int_aes_dk_decrypt): Declare. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * stringtokey.c (krb5int_dk_string_to_key): Renamed from - krb5_... and added s2k-params argument. - * dk.h: Updated. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * dk.h: Make prototypes unconditional. - -2001-06-21 Ken Raeburn <raeburn@mit.edu> - - * derive.c: Include etypes.h. - (krb5_derive_random, krb5_random2key): New functions. - - * checksum.c (krb5_dk_make_checksum): Cast 0x99 to char explicitly - to silence warnings. - -2001-04-10 Ken Raeburn <raeburn@mit.edu> - - * checksum.c (krb5_dk_make_checksum): Add casts when mixing - pointers with different target signedness. - * dk_decrypt.c (krb5_dk_decrypt): Likewise. - * stringtokey.c (krb5_dk_string_to_key): Likewise. - -2001-03-05 Ken Raeburn <raeburn@mit.edu> - - * checksum.c, derive.c, dk.h, dk_decrypt.c, dk_encrypt.c, - stringtokey.c: Use const instead of krb5_const. - -2001-01-23 Ken Raeburn <raeburn@mit.edu> - - * stringtokey.c (kerberos): Now const. - (krb5_dk_string_to_key): Cast it to non-const. - -2000-06-03 Tom Yu <tlyu@mit.edu> - - * dk_encrypt.c (krb5_dk_encrypt, krb5_marc_dk_encrypt): Chain - ivecs. - - * dk_decrypt.c (krb5_dk_decrypt, krb5_marc_dk_decrypt): Chain - ivecs. - -2000-04-28 Ken Raeburn <raeburn@mit.edu> - - * derive.c (krb5_derive_key): If memory allocation fails, release - other allocated blocks before returning, instead of trying to - release them after returning. - -2000-01-21 Ken Raeburn <raeburn@mit.edu> - - * checksum.c (krb5_dk_make_checksum): enc_providers are now - const. Modify if(a=b) assignment/test constructs to silence gcc - warnings. - * dk_decrypt.c (krb5_dk_decrypt, krb5_marc_dk_decrypt): Ditto. - * dk_encrypt.c (krb5_dk_encrypt, krb5_marc_dk_encrypt): Ditto. - * stringtokey.c (krb5_dk_string_to_key): Ditto. Include dk.h. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-06-28 Tom Yu <tlyu@mit.edu> - - * dk_encrypt.c (krb5_marc_dk_encrypt): Call - krb5_marc_dk_encrypt_length() instead of krb5_dk_encrypt_length() - to prevent blocksize errors. - -Mon May 10 15:16:34 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -Tue Jan 5 00:09:13 1999 Tom Yu <tlyu@mit.edu> - - * dk.h: Add prototypes for krb5_marc_dk_*. - - * dk_encrypt.c (krb5_marc_dk_encrypt): Add compat for 32-bit - length coded ciphertext. - - * dk_decrypt.c (krb5_marc_dk_decrypt): Add compat for 32-bit - length coded ciphertext. - - * checksum.c: Add compat for 32-bit length included checksum. - Note that nothing uses this at the moment, and probably - shouldn't. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - diff --git a/src/lib/crypto/enc_provider/ChangeLog b/src/lib/crypto/enc_provider/ChangeLog deleted file mode 100644 index b79611f43..000000000 --- a/src/lib/crypto/enc_provider/ChangeLog +++ /dev/null @@ -1,153 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2005-07-02 Ken Raeburn <raeburn@mit.edu> - - * rc4.c: Renamed from arcfour.c. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Updated accordingly. - -2004-05-25 Ezra Peisach <epeisach@mit.edu> - - * aes.c (krb5int_aes_encrypt): Signed/unsigned warning fix. - -2004-02-09 Ken Raeburn <raeburn@mit.edu> - - * aes.c (krb5int_aes_encrypt, krb5int_aes_decrypt): Copy out value - for new IV. - -2003-12-19 Ken Raeburn <raeburn@mit.edu> - - * arcfour.c (arcfour_weakkey1, arcfour_weakkey2, - arcfour_weakkeys): Now const. - - * des.c (mit_des_zeroblock): Don't define here. - * des3.c (mit_des_zeroblock): Don't define here. - -2003-07-22 Ken Raeburn <raeburn@mit.edu> - - * aes.c (aes_block_size, aes128_keysize, aes256_keysize): - Deleted. - (krb5int_enc_aes128, krb5int_enc_aes256): Updated. - * arcfour.c (k5_arcfour_blocksize, k5_arcfour_keysize): Deleted. - (krb5int_enc_arcfour): Updated. - * des.c (k5_des_block_size, k5_des_keysize): Deleted. - (krb5int_enc_des): Updated. - * des3.c (k5_des3_block_size, k5_des3_keysize): Deleted. - (krb5int_enc_des3): Updated. - - * des3.c (validate_and_schedule): Split out from old - k5_des3_docrypt. - (k5_des3_encrypt, k5_des3_decrypt): Call it, and - krb5int_des3_cbc_encrypt or _decrypt, instead of - k5_des3_docrypt. Zap key schedules before returning. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-04-13 Ken Raeburn <raeburn@mit.edu> - - * aes.c (enc): Replaced function with a macro. - (dec): New macro. - (krb5int_aes_encrypt): Use enc and dec. Delete unused variable - OFFSET. - (krb5int_aes_decrypt): Renamed from k5_aes_dencrypt, implemented - decryption, made non-static. - (krb5int_enc_aes128, krb5int_enc_aes256): Use new name for - krb5int_aes_decrypt. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * aes.c (krb5int_aes_init_state): Implement. - * enc_provider.h (krb5int_enc_aes128, krb5int_enc_aes256): - Declare. - -2003-02-03 Ken Raeburn <raeburn@mit.edu> - - * aes.c: New file. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Include it. - (LOCALINCLUDE): Add aes source dir. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-02-22 Ken Raeburn <raeburn@mit.edu> - - * arcfour.c: Use const instead of krb5_const. - -2001-11-06 Sam Hartman <hartmans@mit.edu> - - * arcfour.c (k5_arcfour_docrypt): Treat state as an - ArcFourCipherState structure; manipulate and initialize as appropriate. - (k5_arcfour_init_state): new function - - * arcfour.c des.c des3.c: Add state functions - -2001-10-23 Sam Hartman <hartmans@mit.edu> - - * arcfour.c (endif /* gcc inlines*/): handle inlines in an ansi-compatible manner - - * enc_provider.h: New encryption provider: rc4 - -2001-10-19 Sam Hartman <hartmans@mit.edu> - - * arcfour.c: Move prototype for static functions here rather than in a header file. - -2001-05-31 Ezra Peisach <epeisach@mit.edu> - - * des.c (k5_des_docrypt): Do not use a variable named "encrypt" - * des3.c (k5_des3_docrypt): Likewise. - -2001-04-10 Ken Raeburn <raeburn@mit.edu> - - * des.c (k5_des_docrypt): Add casts when mixing pointer types with - different target signedness. - * des3.c (k5_des3_docrypt): Likewise. - -2001-03-09 Ken Raeburn <raeburn@mit.edu> - - * des.c, des3.c, enc_provider.h: Use krb5int_ prefix for internal - "provider" structures. - -2001-03-05 Ken Raeburn <raeburn@mit.edu> - - * des.c, des3.c: Use const instead of krb5_const. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * des.c, des3.c: Remove unused variables. - -2000-01-21 Ken Raeburn <raeburn@mit.edu> - - * des.c (mit_des_zeroblock): Now const, and using C default - initialization. - (krb5_enc_des): Now const. - * des3.c (mit_des_zeroblock, krb5_enc_des3): Similar. - * enc_provider.h (krb5_enc_des, krb5_enc_des3): Update decls. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:16:54 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - diff --git a/src/lib/crypto/hash_provider/ChangeLog b/src/lib/crypto/hash_provider/ChangeLog deleted file mode 100644 index f09c84ceb..000000000 --- a/src/lib/crypto/hash_provider/ChangeLog +++ /dev/null @@ -1,77 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2003-07-22 Ken Raeburn <raeburn@mit.edu> - - * hash_crc32.c (k5_crc32_hash_size, k5_crc32_block_size): - Deleted. - (krb5int_hash_crc32): Updated. - * hash_md4.c (k5_md4_hash_size, k5_md4_block_size): Deleted. - (krb5int_hash_md4): Updated. - * hash_md5.c (k5_md5_hash_size, k5_md5_block_size): Deleted. - (krb5int_hash_md5): Updated. - * hash_sha1.c (k5_sha1_hash_size, k5_sha1_block_size): Deleted. - (krb5int_hash_sha1): Updated. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2001-04-10 Ken Raeburn <raeburn@mit.edu> - - * hash_md4.c (k5_md4_hash): Cast argument to krb5_MD4Update. - * hash_md5.c (k5_md5_hash): Cast argument to krb5_MD5Update. - -2001-03-09 Ken Raeburn <raeburn@mit.edu> - - * hash_crc32.c, hash_md4.c, hash_md5.c, hash_provider.h, - hash_sha1.c: Use krb5int_ prefix for internal "provider" - structures. - -2001-03-05 Ken Raeburn <raeburn@mit.edu> - - * hash_crc32.c, hash_md4.c, hash_md5.c, hash_sha1.c: Use const - instead of krb5_const. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * hash_sha1.c (k5_sha1_hash): Cast length field in shsUpdate call - to int. - -2000-01-21 Ken Raeburn <raeburn@mit.edu> - - * hash_crc32.c (krb5_hash_crc32): Now const. - * hash_md4.c (krb5_hash_md4): Now const. - * hash_md5.c (krb5_hash_md5): Now const. - * hash_sha1.c (krb5_hash_sha1): Now const. - * hash_provider.h: Updated decls. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:19:03 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - diff --git a/src/lib/crypto/keyhash_provider/ChangeLog b/src/lib/crypto/keyhash_provider/ChangeLog deleted file mode 100644 index e5d74330e..000000000 --- a/src/lib/crypto/keyhash_provider/ChangeLog +++ /dev/null @@ -1,152 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2004-05-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_cksum4, t_cksum5): Link test programs against - thread support library. - -2003-12-19 Ken Raeburn <raeburn@mit.edu> - - * descbc.c (mit_des_zeroblock): Don't define here. - * k5_md4des.c (mit_des_zeroblock): Don't define here. - * k5_md5des.c (mit_des_zeroblock): Don't define here. - -2003-07-22 Ken Raeburn <raeburn@mit.edu> - - * descbc.c (k5_descbc_hash_size): Deleted. - (krb5int_keyhash_descbc): Updated. - * hmac_md5.c (k5_hmac_md5_hash_size): Deleted. - (krb5int_keyhash_hmac_md5): Updated. - * k5_md4des.c (k5_md4des_hash_size): Deleted. - (krb5int_keyhash_md4des): Updated. - * k5_md5des.c (k5_md5des_hash_size): Deleted. - (krb5int_keyhash_md5des): Updated. - * t_cksum.c (main): Use the hashsize field instead of calling a - function. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-12-23 Ezra Peisach <epeisach@bu.edu> - - * t_cksum.c: Cleanup (potential) variable used before set warning. - -2002-10-09 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_cksum4, t_cksum5): Include com_err library when - linking. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2001-12-14 Ezra Peisach <epeisach@mit.edu> - - * hmac_md5.c (k5_hmac_md5_hash): Test if malloc returns NULL and - not the argument to malloc. - -2001-12-05 Ezra Peisach <epeisach@mit.edu> - - * t_cksum.c (main): Free memory leak in tests. - -2001-10-28 Jeff Altman <jaltman@columbia.edu> - - * Makefile.in - added dependency info for hmac_md5.c - Fixed typo $(OUTP)hmac_md5.c -> $(OUTPRE)hmac_md5.c which prevented - builds on Windows. - -2001-10-23 Sam Hartman <hartmans@mit.edu> - - * t_cksum.c (main): Include usage argument to verify - - * k5_md5des.c (k5_md5des_verify): Add usage - - * k5_md4des.c (k5_md4des_verify): Add usage - -2001-10-22 Sam Hartman <hartmans@mit.edu> - - * keyhash_provider.h hmac_md5.c: Implement Microsoft hmac-md5 keyhash provider - - * t_cksum.c (main): Include key usage in hash call. - - * k5_md5des.c (k5_md5des_hash): add usage - - * k5_md4des.c (k5_md4des_hash): add key usage - - * descbc.c (k5_descbc_hash): Add key usage - -2001-05-31 Ezra Peisach <epeisach@mit.edu> - - * k5_md4des.c (k5_md4des_verify): Get rid of local variable that - is assigned to, without side effects, but never used. - * k5_md5des.c (k5_md5des_verify): Likewise. - -2001-03-09 Ken Raeburn <raeburn@mit.edu> - - * descbc.c, k5_md4des.c, k5_md5des.c, keyhash_provider.h, - t_cksum.c: Use krb5int_ prefix for internal "provider" - structures. - -2001-03-05 Ken Raeburn <raeburn@mit.edu> - - * descbc.c, k5_md4des.c, k5_md5des.c: Use const instead of - krb5_const. - -2000-09-25 Ezra Peisach <epeisach@mit.edu> - - * descbc.c, k5_md4des.c, k5_md5des.c, t_cksum.c: Cleanup unsigned - vs. signed warnings. - - * Makefile.in (t_cksum5, t_cksum4): Executables do not need to - link with the krb5 library. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * descbc.c (k5_descbc_hash): Get rid of unused variable. - -2000-01-21 Ken Raeburn <raeburn@mit.edu> - - * descbc.c (mit_des_zeroblock): Now const, and using C default - initializer. - (krb5_keyhash_descbc): Now const. - * k5_md4des.c (mit_des_zeroblock): Now const, and using C default - initializer. - (k5_md4des_hash): Change if(a=b) constructs to silence gcc - warnings. - (k5_md4des_verify): Delete unused variable. - (krb5_keyhash_md4des): Now const. - * k5_md5des.c (mit_des_zeroblock): Now const, and using C default - initializer. - (k5_md5des_hash): Change if(a=b) constructs to silence gcc - warnings. - (k5_md5des_verify): Delete unused variable. - (krb5_keyhash_md5des): Now const. - * keyhash_provider.h: Updated krb5_keyhash_* decls. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:19:24 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - diff --git a/src/lib/crypto/md4/ChangeLog b/src/lib/crypto/md4/ChangeLog deleted file mode 100644 index 7fc3b00de..000000000 --- a/src/lib/crypto/md4/ChangeLog +++ /dev/null @@ -1,315 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-01-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_mddriver): Include support library. Use - CC_LINK. - -2005-05-01 Ken Raeburn <raeburn@mit.edu> - - * md4.c (Transform) [CONFIG_SMALL]: Roll loops for each round. - -2004-02-18 Ken Raeburn <raeburn@mit.edu> - - * md4.c: Use ANSI C style function definitions. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * rsa-md4.h (rsa_md4_cksumtable_entry, - rsa_md4_des_cksumtable_entry): Delete unused declarations. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * md4.c, rsa-md4.h: Don't explicitly declare pointers FAR any - more. - -2001-03-14 Ken Raeburn <raeburn@mit.edu> - - * md4.c (GG, HH, krb5_MD4Init): Use UL suffix on numbers, don't - bother with UL macro. - (UL): Macro deleted. - (Transform): Always declare with prototype. - - * rsa-md4.h: Always use prototypes. - -2000-01-21 Ken Raeburn <raeburn@mit.edu> - - * md4.c (PADDING): Now const. - (krb5_MD4Update): Argument inBuf now points to const. - (ROTATE_LEFT): Change (a&b|c) construct to silence gcc warning. - * rsa-md4.h (krb5_MD4Update): Update decl. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:19:48 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Fri Nov 6 10:29:34 1998 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in: Fix for make check to work out of source tree. - -Sun Jul 19 12:00:00 1998 Marc Horowitz <marc@mit.edu> - - * *.c: replace the crypto layer. - -Tue Mar 3 08:39:47 1998 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (t_cksum): Do not depend on libkrb5.a, use - KRB5_BASE_DEPLIBS. - -Wed Feb 18 16:06:57 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 15:20:54 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in (thisconfigdir), configure.in: Point the - configuration directory at our parent, and remove our - local configure.in - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Tue Oct 28 16:36:15 1997 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * md4.c: Fix to deal with types longer than 32 bits. - -Sat Feb 22 18:53:00 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Thu Feb 6 12:46:49 1997 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (t_cksum): Link with libkrb5.a. - -Thu Jan 30 21:42:03 1997 Richard Basch <basch@lehman.com> - - * md4crypto.c md4glue.c: - Change functions to take const args where possible - -Thu Nov 21 00:58:04 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: Win32 build - -Sun Dec 29 21:54:09 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to use new library building procedure. - -Wed Jun 12 00:10:42 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * md4.c - * rsa-md4.h: Add #ifdef _WIN32 in places where we had #ifdef _MSDOS - - -Thu May 23 19:24:33 1996 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (RUN_SETUP): use KRB5_RUN_FLAGS - -Tue May 21 22:33:12 1996 Richard Basch <basch@lehman.com> - - * md4crypto.c: Incorrrect size arguments were being passed causing - decrypt integrity failures with the "fixed" md4 algorithm. The old - path was also fixed to better reflect the appropriate size variables - even though the two in use were identical (if someone copied the - code to make a new crypto system, they may spend a long time - debugging because of the misuse of variables). - [Tracked down by epeisach; audited by basch.] - -Mon May 20 17:16:47 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * md4crypto.c, md4crypto.h: Change use of RSA_MD4_DES_CKSUM_LENGTH - to use OLD_RSA_MD4_DES_CKSUM_LENGTH and - NEW_RSA_MD4_DES_CKSUM_LENGTH, as appropriate. - -Sat May 18 01:49:33 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * md4crypto.c: Define MD4_K5BETA_COMPAT and MD4_K5BETA_COMP_DEF so - that we continue doing things the wrong (broken) way. All - hail backwards compatibility.... The code now generates - the old checksum, but it will verify both the old and the - correct checksum formats. - - Also fixed two bugs in the "correct" MD4_CRYPTO - implementation; use a zero initialization vector, and - calculate the confounder at the beginning of the message, - not at the end. - -Tue May 14 19:31:58 1996 Richard Basch <basch@lehman.com> - - * md4crypto.c md4glue.c: - ensure the cksum content length is sufficient - -Fri Apr 12 21:38:33 1996 Richard Basch <basch@lehman.com> - - * md4driver.c md4glue.c md4.c rsa-md4.h md4crypto.c: - Renamed the functions to be preceded with krb5_ - -Fri Oct 6 22:00:15 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Sep 25 16:48:57 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 13 10:30:58 1995 Keith Vetter (keithv@fusion.com) - - * md4crypt.c: put function prototype back in, fixed signed/unsigned - mismatch and removed unused variables. - * md4glue.c: put function prototypes back in. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * md4crypto.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * md4crypto.c : Replace KEYTYPE_DES_CBC_MD4 for KEYTYPE_DES. - -Thu Jul 27 15:22:17 EDT 1995 Paul Park (pjpark@mit.edu) - * rsa-md4.h - Don't include k5-config.h. No longer present or needed. - - -Fri Jul 7 16:13:28 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Add t_cksum under unix only. - * configure.in - Define MD4_K5BETA_COMPAT to select compatability for - md4crypto.c. - * md4crypto.c - Correct implementation of RSA-MD4-DES checksums. Add - ability to understand previous implementation and ability to - generate these checksums when forced to. - - Also add verification procedure for these checksums. - * md4glue.c - Add verifier procedure. - * rsa-md4.h - Add RSA_MD4_DES_CONFOUND_LENGTH, the length of the - RSA-MD4-DES confounder per RFC1510. - - -Tue Jun 27 15:53:02 EDT 1995 Paul Park (pjpark@mit.edu) - * md4.c(Transform) - Add 'register' to scratch variable names. Helps - out compiler so that DEC native compilers can now optimize - this module within our lifetimes. - -Thu Jun 22 16:13:29 1995 Tom Yu (tlyu@dragons-lair) - - * md4.c: reverse sense of KRB5_PROVIDE_PROTOTYPES - -Wed Jun 21 10:52:07 1995 <tytso@rsx-11.mit.edu> - - * md4crypto.c, md4glue.c: Change PROTOTYPE -> KRB5_PROTOTYPE - -Fri Jun 9 19:18:17 1995 <tytso@rsx-11.mit.edu> - - * md4crypto.c: Fix -Wall nits - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Thu May 25 22:16:14 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for shared libraries. - -Thu Apr 20 11:39:15 1995 <tytso@rsx-11.mit.edu> - - * rsa-md4.h: removed unneeded #include of wordsize.h - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - * *.h added FAR to pointers visible at to the world. - * rsa-md4.h: __STDC__ condition also checks _WINDOWS - -Thu Mar 16 21:19:55 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (CFLAGS): Tweak for Unix->MPW converter. - (LDFLAGS): Remove, conflicts with pre.in. - (all): Remove all-$(WHAT) stuff, generalize for all platforms. - (t_mddriver): Remove t_mddriver-$(WHAT) stuff, ditto. - (check): Use $(EXEEXT). - -Tue Mar 14 17:24:57 1995 Keith Vetter (keithv@fusion.com) - - * md4crypto.c: removed method for DLL data since everything's - going into one DLL. - -Fri Mar 3 19:01:59 1995 Keith Vetter (keithv@fusion.com) - - * md4crypto.c: added a method to pull in a data structure - from outside a dll. - -Thu Mar 2 17:53:35 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed LIBNAME for the PC - -Tue Feb 28 00:19:06 1995 John Gilmore (gnu at toad.com) - - * rsa-md4.h: Avoid <krb5/...> includes. - -Mon Feb 20 15:54:1 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work for the PC - * md4.c, md4crypt.c md4glue.c: added windows INTERFACE keyword - * rsa-md4.h: added windows INTERFACE to prototypes - -Thu Feb 2 03:00:41 1995 John Gilmore <gnu@cygnus.com> - - * Makefile.in (CFLAGS): Handle $(srcdir) properly in -I options. - -Wed Jan 25 20:08:47 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (CFLAGS): Add -I../des to pull in DES header file. - * -rsa-md4.h: New include file, moved from include/krb5, since - it's only used locally. - * md4.c, md4crypto.c, md4driver.c, md4glue.c: Replace <.../...> - includes with "..."s. - -Thu Oct 13 17:48:21 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: Add support for the MDx test driver t_mddriver. - Run t_mddriver on a "make check", to make sure we have a - valid MD4 implementation. - - * md4.c (UL): Add the UL macro to control how unsigned long - constants are compiled. If we have an ANSI C environment, - use the UL suffix to keep the compiler from warning about - numbers that would overflow a signed long. - -Tue Oct 4 14:54:19 1994 Theodore Y. Ts'o (tytso@dcl) - - * md4crypto.c: - * md4glue.c: Added placeholder for magic number. - diff --git a/src/lib/crypto/md5/ChangeLog b/src/lib/crypto/md5/ChangeLog deleted file mode 100644 index e807323db..000000000 --- a/src/lib/crypto/md5/ChangeLog +++ /dev/null @@ -1,323 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-01-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_mddriver): Include support library. Use - CC_LINK. - -2005-05-01 Ken Raeburn <raeburn@mit.edu> - - * md5.c (Transform) [CONFIG_SMALL]: Roll loops for each round. - -2004-02-18 Ken Raeburn <raeburn@mit.edu> - - * md5.c: Use ANSI C style function definitions. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * rsa-md5.h (rsa_md5_cksumtable_entry, - rsa_md5_des_cksumtable_entry): Delete unused declarations. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * t_mddriver.c: Make prototypes unconditional. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * md5.c, rsa-md5.h: Don't explicitly declare pointers FAR any - more. - -2001-06-12 Ezra Peisach <epeisach@mit.edu> - - * t_mddriver.c: Cleanup assignments in conditionals w/o parentheses. - Add parenthesis abount structure initializers. - -2001-03-14 Ken Raeburn <raeburn@mit.edu> - - * rsa-md5.h: Always use prototypes. - - * md5.c: Use UL suffix instead of UL macro. - (UL): Macro deleted. - -2000-01-21 Ken Raeburn <raeburn@mit.edu> - - * md5.c (PADDING): Now const. - (krb5_MD5Update): Argument inBuf now points to const. - (ROTATE_LEFT): Change (a&b|c) construct to silence gcc warning. - * rsa-md5.h (krb5_MD5Update): Update decl. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:20:16 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Sun Jul 19 12:00:00 1998 Marc Horowitz <marc@mit.edu> - - * *.c: replace the crypto layer. - -Tue Mar 3 08:42:10 1998 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (t_cksum): Do not depend on libkrb5.a, use - KRB5_BASE_DEPLIBS. - -Wed Feb 18 16:07:46 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 15:20:54 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in (thisconfigdir), configure.in: Point the - configuration directory at our parent, and remove our - local configure.in - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Tue Oct 28 16:36:30 1997 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * md5.c: Fix to deal with types longer than 32 bits. - -Sat Feb 22 18:54:09 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Thu Feb 6 12:48:41 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (t_cksum): Link with libkrb5.a as well. - -Thu Jan 30 21:42:50 1997 Richard Basch <basch@lehman.com> - - * md5crypto.c md5glue.c: - Change functions to take const args where possible - -Thu Nov 21 00:58:04 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: Win32 build - -Sun Dec 29 21:54:24 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to use new library building procedure. - -Wed Jun 12 00:11:34 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * rsa-md5.h: - * md5.c: Add #ifdef _WIN32 in places where we had #ifdef _MSDOS - -Tue May 21 20:29:03 1996 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (check-unix): Use KRB5_RUN_FLAGS - -Mon May 20 17:19:00 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * md5crypto.c, md5crypto.h: Change use of RSA_MD5_DES_CKSUM_LENGTH - to use OLD_RSA_MD5_DES_CKSUM_LENGTH and - NEW_RSA_MD5_DES_CKSUM_LENGTH, as appropriate. - - * t_cksum.c (main): Use proper header file constants to get the - correct checksum length for the MD4 and MD5 old-style and - new-style checksum functions. - -Sat May 18 01:49:33 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * md5crypto.c: Define MD5_K5BETA_COMPAT and MD5_K5BETA_COMP_DEF so - that we continue doing things the wrong (broken) way. All - hail backwards compatibility.... The code now generates - the old checksum, but it will verify both the old and the - correct checksum formats. - - Also fixed two bugs in the "correct" MD5_CRYPTO - implementation; use a zero initialization vector, and - calculate the confounder at the beginning of the message, - not at the end. - -Tue May 14 19:32:51 1996 Richard Basch <basch@lehman.com> - - * md5crypto.c md5glue.c: - ensure the cksum content length is sufficient. - - * t_cksum.c: initialize cksum.length - -Fri May 10 01:19:18 1996 Richard Basch <basch@lehman.com> - - * md5crypto.c: des3-md5 is being replaced with des3-sha - -Fri Apr 12 21:27:35 1996 Richard Basch <basch@lehman.com> - - * rsa-md5.h md5crypto.c md5glue.c md5.c t_cksum.c t_mddriver.c: - Renamed the global functions to be krb5_<name> - -Thu Mar 28 09:50:58 1996 Richard Basch <basch@lehman.com> - - * md5crypto.c: Added support for CKSUMTYPE_RSA_MD5_DES3 - -Sat Jan 27 00:56:38 1996 Mark Eichin <eichin@cygnus.com> - - * t_cksum.c (main): use proper old-style definition. - -Thu Nov 09 17:05:57 1995 Chris Provenzano (proven@mit.edu) - - * t_cksum.c : Remove krb5_enctype from krb5_string_to_key() args. - -Fri Oct 6 22:00:32 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Sep 25 16:49:06 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 13 10:30:58 1995 Keith Vetter (keithv@fusion.com) - - * md5crypt.c: put function prototype back in, fixed signed/unsigned - mismatch and removed unused variables. - * md5glue.c: put function prototypes back in. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * md5crypto.c, t_cksum.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * md5crypto.c : Replace KEYTYPE_DES_CBC_MD5 for KEYTYPE_DES. - - * t_cksum.c : Remove krb5_enctype references, and replace with - krb5_keytype where appropriate. - -Thu Aug 24 18:40:48 1995 Theodore Y. Ts'o <tytso@dcl> - - * .Sanitize: Update file list - -Thu Jul 27 15:22:42 EDT 1995 Paul Park (pjpark@mit.edu) - * rsa-md5.h - Add this file, relocated from include/krb5. - - -Fri Jul 7 16:20:07 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Add t_cksum under unix only. - * configure.in - Define MD5_K5BETA_COMPAT to select compatability for - md5crypto.c. - * md5crypto.c - Correct implementation of RSA-MD5-DES checksums. Add - ability to understand previous implementation and ability to - generate these checksums when forced to. - - Also add verification procedure for these checksums. - * md5glue.c - Add verifier procedure. - * t_cksum.c - New checksum verifier test. - -Wed Jun 21 10:52:20 1995 <tytso@rsx-11.mit.edu> - - * md5crypto.c, md5glue.c: Change PROTOTYPE -> KRB5_PROTOTYPE - -Fri Jun 9 19:18:24 1995 <tytso@rsx-11.mit.edu> - - * md5crypto.c: Fix -Wall nits - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Thu May 25 22:16:26 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for shared libraries. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - * *.h added FAR to pointers visible at to the world. - -Thu Mar 16 21:23:03 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (LDFLAGS): Remove, conflicts with pre.in. - (all): Remove all-$(WHAT) stuff. - (t_mddriver): Make it build on Mac. - (check): Use $(EXEEXT). - -Tue Mar 14 17:24:57 1995 Keith Vetter (keithv@fusion.com) - - * md5crypto.c: removed method for DLL data since everything's - going into one DLL. - -Fri Mar 3 19:01:59 1995 Keith Vetter (keithv@fusion.com) - - * md5crypto.c: added a method to pull in a data structure - from outside a dll. - -Thu Mar 2 17:54:26 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed LIBNAME for the PC - -Tue Feb 28 00:20:15 1995 John Gilmore (gnu at toad.com) - - * md5.c, md5crypto.c, md5glue.c, t_mddriver.c: Avoid <krb5/...> - includes. - -Mon Feb 20 15:54:1 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work for the PC - * md5.c, md5crypt.c md5glue.c: added windows INTERFACE keyword - -Thu Feb 2 03:01:28 1995 John Gilmore <gnu@cygnus.com> - - * Makefile.in (CFLAGS): Handle $(srcdir) properly in -I options. - -Wed Jan 25 20:11:30 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (CFLAGS): Use -I../des to pull in include file. - * md5.c, md5crypto.c, md5glue.c, t_mddriver.c: Replace <.../...> - includes with "..."s. - -Fri Oct 14 00:22:19 1994 Theodore Y. Ts'o (tytso@dcl) - - * t_mddriver.c (MDString, MDTestSuite): Cast char pointer to the - expected unsigned char pointer, since that's what MDUpdate - requires. - -Thu Oct 13 17:50:19 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: Add support for the MDx test driver t_mddriver. - Run t_mddriver on a "make check", to make sure we have a - valid MD5 implementation. - - * md5.c (UL): Add the UL macro to control how unsigned long - constants are compiled. If we have an ANSI C environment, - use the UL suffix to keep the compiler from warning about - numbers that would overflow a signed long. - -Tue Oct 4 14:55:10 1994 Theodore Y. Ts'o (tytso@dcl) - - * md5crypto.c: - * md5glue.c: Added placeholder for magic number. - - diff --git a/src/lib/crypto/old/ChangeLog b/src/lib/crypto/old/ChangeLog deleted file mode 100644 index af8d94374..000000000 --- a/src/lib/crypto/old/ChangeLog +++ /dev/null @@ -1,126 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2004-02-18 Ken Raeburn <raeburn@mit.edu> - - * des_stringtokey.c: Use ANSI C style function definitions. - -2003-07-22 Ken Raeburn <raeburn@mit.edu> - - * old_decrypt.c (krb5_old_decrypt): Use block_size and hashsize - fields instead of calling functions. - * old_encrypt.c (krb5_old_encrypt_length, krb5_old_encrypt): - Likewise. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-05-23 Sam Hartman <hartmans@mit.edu> - - * des_stringtokey.c (krb5int_des_string_to_key): If param has one - byte, treat it as a type. Type 0 is normal, type 1 is AFS - string2key. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * des_stringtokey.c (krb5int_des_string_to_key): Renamed from - krb5_... and added s2k-params argument which must be null. - * old.h: Updated. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * des_stringtokey.c, old.h: Make prototypes unconditional. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * des_stringtokey.c: Don't explicitly declare pointers FAR any - more. - -2001-04-10 Ken Raeburn <raeburn@mit.edu> - - * old_decrypt.c (krb5_old_decrypt): Fix casts. - * old_encrypt.c (krb5_old_encrypt): Likewise. - -2001-03-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (STLIBOBJS): Undo last change. - -2001-03-09 Ken Raeburn <raeburn@mit.edu> - - * old_decrypt.c (memmove): Delete macro definition. - (krb5_old_decrypt): Define with prototype form. - * old_encrypt.c (krb5_old_encrypt_length, krb5_old_encrypt): - Define with prototype form. - - * Makefile.in (STLIBOBJS): Nothing uses des_stringtokey.o, drop - it. - -2001-03-05 Ken Raeburn <raeburn@mit.edu> - - * des_stringtokey.c, old.h, old_decrypt.c, old_encrypt.c: Use - const instead of krb5_const. - -2000-06-03 Tom Yu <tlyu@mit.edu> - - * old_encrypt.c (krb5_old_encrypt): Chain ivecs. - - * old_decrypt.c (krb5_old_decrypt): Chain ivecs. - -2000-01-21 Ken Raeburn <raeburn@mit.edu> - - * des_stringtokey.c (mit_des_string_to_key_int): Declare. - * old_decrypt.c (krb5_old_decrypt): Delete unused variable. - Change if(a=b) constructs to silence gcc warning. - * old_encrypt.c (krb5_old_encrypt): Change if(a=b) constructs to - silence gcc warning. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-08-25 Ken Raeburn <raeburn@mit.edu> - - * old_decrypt.c (memmove) [HAVE_BCOPY && !HAVE_MEMMOVE]: Define to - use bcopy. Should work unless any system has no memmove *and* - bcopy isn't safe with overlaps. - -Mon May 10 15:20:32 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -Wed Dec 16 16:14:02 1998 Tom Yu <tlyu@mit.edu> - - * old_decrypt.c (krb5_old_decrypt): Initialize the ivec to the key - if we're using DES_CBC_CRC, for backwards compatibility. We - weren't noticing this before because it only trashes the first - block, which is the confounder, which we weren't actually - verifying because checksum was unconditionally succeeding prior to - the other patch. - -Thu Dec 10 22:16:14 1998 Tom Yu <tlyu@mit.edu> - - * old_decrypt.c (krb5_old_decrypt): Actually compare the - calculated checksum against the provided checksum. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - diff --git a/src/lib/crypto/raw/ChangeLog b/src/lib/crypto/raw/ChangeLog deleted file mode 100644 index 311cade1c..000000000 --- a/src/lib/crypto/raw/ChangeLog +++ /dev/null @@ -1,55 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2004-02-18 Ken Raeburn <raeburn@mit.edu> - - * raw_decrypt.c, raw_encrypt.c: Use ANSI C style function - definitions. - -2003-07-22 Ken Raeburn <raeburn@mit.edu> - - * raw_encrypt.c (krb5_raw_encrypt_length): Use block_size field - instead of calling a function. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * raw.h: Make prototypes unconditional. - -2001-03-05 Ken Raeburn <raeburn@mit.edu> - - * raw.h, raw_decrypt.c, raw_encrypt.c: Use const instead of - krb5_const. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:20:51 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - diff --git a/src/lib/crypto/sha1/ChangeLog b/src/lib/crypto/sha1/ChangeLog deleted file mode 100644 index 8c473b5e6..000000000 --- a/src/lib/crypto/sha1/ChangeLog +++ /dev/null @@ -1,110 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-30 Ken Raeburn <raeburn@mit.edu> - - * shs.c: Include shs.h first. - -2006-03-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (check-unix): Use RUN_SETUP. - -2006-01-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_shs, t_shs3): Include support library. Use - CC_LINK. - -2005-05-01 Ken Raeburn <raeburn@mit.edu> - - * shs.c (SHSTransform) [CONFIG_SMALL]: Roll loops for each round. - -2004-02-18 Ken Raeburn <raeburn@mit.edu> - - * shs.c: Use ANSI C style function definitions. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * shs.h (nist_sha_cksumtable_entry, hmac_sha_cksumtable_entry): - Delete unused declarations. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-12-23 Ezra Peisach <epeisach@bu.edu> - - * t_shs3.c: Signed/unsigned cleanup. Provide function prototypes. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-06-07 Miro Jurisic <meeroh@mit.edu> - - * shs.h: use "" include for k5-int.h - [pullup from 1-2-2-branch] - -2001-12-05 Ezra Peisach <epeisach@mit.edu> - - * shs.c, shs.h (shsUpdate): Declare second argument as const. - -2001-07-16 Ken Raeburn <raeburn@mit.edu> - - * t_shs3.c: New test file from Marcus Watts. - (longReverse): Resurrected function long since deleted from - shs.c. - * Makefile.in (check-unix, check-windows): Use t_shs3 test. - (clean): Delete it. - - * shs.c (SHSTransform): Make input data pointer point to const. - (SHSUpdate): Bugfixes suggested by Marcus Watts, to fix buffer - overruns, bugs with small or odd block sizes. - -2001-07-05 Danilo Almeida <dalmeida@mit.edu> - - * shs.h, shs.c, t_shs.c: Fix sha1 on Windows by renaming LONG to - SHS_LONG to avoid problem with LONG being signed on Windows. - Rename BYTE to SHS_BYTE to avoid any name colisions with Windows - (where BYTE and LONG are types defined in the Platform SDK). - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * t_shs.c: Cast arguments to match printf format. Declare main as - returning int. Comment out unused variables. - -2001-03-14 Ken Raeburn <raeburn@mit.edu> - - * shs.h: Stop using KRB5_PROTOTYPE. - -2000-01-21 Ken Raeburn <raeburn@mit.edu> - - * shs.c (ROTL): Change (a&b|c) construct to make meaning clear, - and silence gcc warning. - (longReverse): Delete unused function. - (shsFinal): Delete unused variable. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:21:10 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - diff --git a/src/lib/crypto/yarrow/ChangeLog b/src/lib/crypto/yarrow/ChangeLog deleted file mode 100644 index b38b00946..000000000 --- a/src/lib/crypto/yarrow/ChangeLog +++ /dev/null @@ -1,158 +0,0 @@ -2006-04-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-11 Ken Raeburn <raeburn@mit.edu> - - * ytypes.h: Don't look for autoconf.h in krb5/. - -2005-05-01 Ken Raeburn <raeburn@mit.edu> - - * ytypes.h: Include autoconf.h. Include sys/types.h only if it - exists. - -2005-04-28 Ken Raeburn <raeburn@mit.edu> - - * yarrow.c: Delete old macintosh support. - (yarrow_input_maybe_locking): Do the optional locking, and verify - that the mutex is locked, before doing anything else. - (yarrow_reseed_locked): Verify that the global mutex is locked - before doing anything else. - -2005-01-13 Ken Raeburn <raeburn@mit.edu> - - * yarrow.c (yarrow_reseed_locked): Renamed from - krb5int_yarrow_reseed and made static. - (Yarrow_detect_fork, yarrow_input_maybe_locking, - krb5int_yarrow_output_Block): Call it. - (krb5int_yarrow_reseed): New function, grabs lock and calls the - old version. - (krb5int_yarrow_final): Hold the lock until after clearing the - Yarrow context data. - -2005-01-13 Ezra Peisach <epeisach@mit.edu> - - * yarrow.c: Declare yarrow_gate_locked static before first use. - -2004-11-22 Ken Raeburn <raeburn@mit.edu> - - * yarrow.c (yarrow_input_maybe_locking): Renamed from - yarrow_input_maybe_locking, made static. New argument indicates - whether or not to do locking. - (krb5int_yarrow_input): New wrapper function. - (yarrow_input_locked): New wrapper function. - (Yarrow_detect_fork): Call yarrow_input_locked. - -2004-11-15 Sam Hartman <hartmans@mit.edu> - - * ycipher.h: Use AES256 not 3des - -2004-11-01 Ken Raeburn <raeburn@mit.edu> - - * yarrow.c (krb5int_yarrow_input, krb5int_yarrow_final): Don't - check for forking here. - (yarrow_output_locked): Split out from krb5int_yarrow_output, - without locking. - (krb5int_yarrow_output): Do locking and call yarrow_output_locked. - (yarrow_gate_locked): New function; uses yarrow_output_locked. - (krb5int_yarrow_output_Block): Use yarrow_gate_locked. - -2004-10-29 Ken Raeburn <raeburn@mit.edu> - - * ylock.h: Include k5-thread.h. - (krb5int_yarrow_lock): Declare. - (LOCK, UNLOCK): Define as macros using the k5_mutex_ macros. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * yarrow.c (yarrow_str_error): Now const. - -2004-05-26 Ezra Peisach <epeisach@mit.edu> - - * yarrow.c (krb5int_yarrow_final): Call - krb5int_yarrow_cipher_final before zeroing out reference to - memory. - - * ycipher.[ch] (krb5int_yarrow_cipher_final): Free CIPHER_CTX memory - allocated by krb5int_yarrpw_cipher_init(). - -2003-07-22 Ken Raeburn <raeburn@mit.edu> - - * ycipher.c (krb5int_yarrow_cipher_init): Use keybytes and - keylength fields instead of calling a function. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-04-10 Danilo Almeida <dalmeida@mit.edu> - - * yarrow.c: Use the canonical _WIN32 instead of WIN32 to test for - Win32. Include port-sockets.h on Win32 (now that using - WIN32_LEAN_AND_MEAN). - -2002-01-14 Sam Hartman <hartmans@mit.edu> - - * yarrow.c (krb5int_yarrow_reseed): The MS word of the integer - counter going into v_i will always be zero; don't try - right-shifting by 32. - -2001-12-05 Ezra Peisach <epeisach@mit.edu> - - * yarrow.c (krb5int_yarrow_stretch): Delare local variable unsigned. - (krb5int_yarrow_init): Zero cipher context on init. - - * yhash.h (HASH_Final): Use a variable other than out (shadow in - yarrow.c) - -2001-11-21 Sam Hartman <hartmans@mit.edu> - - * yarrow.c (Yarrow_detect_fork): Reseed the number generator including the fork rather than throwing away state. - -2001-11-19 Sam Hartman <hartmans@mit.edu> - - * yhash.h: Work around sha1 implementation using host byte order - -2001-11-19 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Fix typo OUTP -> OUTPRE. - -2001-11-14 Sam Hartman <hartmans@mit.edu> - - * ycipher.c (krb5int_yarrow_cipher_init): Use free not free_keyblock_contents - -2001-11-09 Sam Hartman <hartmans@mit.edu> - - * Makefile.in: New file - - * yhash.h : Use krb5 shaa1 - - * yarrow.c (Yarrow_Reseed): For all calls to cipher_init, use TRY - block and use function rather than macros - (Yarrow_Reseed): call encrypt block function not macro - - * ycipher.h: Make the the interface use functions not macros; convert for krb5 ciphers - -2001-11-08 Sam Hartman <hartmans@mit.edu> - - * ylock.h (lock UNLOCK): Turn into no-ops - - * yarrow.h: Don't use #error - (YARROW_DLL): Don't actually ever export or import from win32 dlls as Yarrow is not a public part of krb5 API - (yarrow_poll): Drop from the API - Remove MAc-specific memset and memcpy - - * ytypes.h yarrow.c: Align with krb5 int types - diff --git a/src/lib/des425/ChangeLog b/src/lib/des425/ChangeLog deleted file mode 100644 index cd66b1a6a..000000000 --- a/src/lib/des425/ChangeLog +++ /dev/null @@ -1,591 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-30 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't test sizes of natural types. - -2006-01-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_quad): Include support library. - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use K5_AC_INIT instead of AC_INIT. - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (all-mac): Target deleted. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBBASE): Renamed from LIB. - -2004-04-22 Ken Raeburn <raeburn@mit.edu> - - * libdes425.exports: New file. - -2004-02-18 Ken Raeburn <raeburn@mit.edu> - - * pcbc_encrypt.c (des_pcbc_encrypt): Don't pass a temporary - variable to DES_DO_ENCRYPT and _DECRYPT. Drop the temporary - variable. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * des.c (mit_des_cbc_encrypt): Undef before use. - * enc_dec.c (mit_des_cbc_encrypt): Likewise. - * mac_des_glue.c (mit_des3_cbc_encrypt): Likewise. - -2003-04-23 Ken Raeburn <raeburn@mit.edu> - - * quad_cksum.c, t_pcbc.c, t_quad.c, verify.c: Don't declare errno - or errmsg. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * mac_des_glue.c, des.c, enc_dec.c, key_sched.c, str_to_key.c: - Move KfM des functions into their own file. They are all - deprecated on KfM and shouldn't even get built on stock krb5 builds. - - * read_passwd.c: Added warning comment that des_read_pw_string - is an exported function on KfM, so we should not change its ABI. - -2003-02-10 Tom Yu <tlyu@mit.edu> - - * str_to_key.c (afs_string_to_key): Move out from under - TARGET_OS_MAC conditional. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't explicitly invoke AC_PROG_INSTALL, or check - for #pragma weak. - - * Makefile.in: Add AC_SUBST_FILE marker for lib_frag and libobj_frag. - -2002-10-10 Sam Hartman <hartmans@mit.edu> - - * read_passwd.c : Implement in terms of krb5_prompter_posix - -2002-09-26 Tom Yu <tlyu@mit.edu> - - * cksum.c (des_cbc_cksum): Update API for KfM merge. - - * des.c (des_ecb_encrypt): Update API for KfM merge. - (des_3ecb_encrypt): New (emulated) function from KfM. - - * enc_dec.c (des_cbc_encrypt): Update API for KfM merge. - (des_3cbc_encrypt): New (emulated) function from KfM. - - * key_sched.c (make_key_sched): New (emulated) function for KfM. - - * new_rnd_key.c (des_generate_random_block) - (des_set_random_generator_seed, des_set_sequence_number): - New (emulated) functions from KfM. - - * read_passwd.c (des_rd_pwstr_2prompt): Renamed from - des_read_pw_string; also now only returns -1, errno, or 0. - (des_read_pw_string): New (emulated) function from KfM. - (des_read_password): Update API for KfM merge. - - * str_to_key.c (des_string_to_key): Update call to des_cbc_cksum. - (afs_string_to_key): New (emulated) function from KfM. - (des_crypt, des_fcrypt, des_set_key): New (emulated) functions - from KfM, presumed to be internal but exported by KfM anyway. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * read_passwd.c, unix_time.c: Drop _MSDOS support. - - * quad_cksum.c: Don't explicitly declare pointers FAR any more. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * des.c, key_sched.c, new_rnd_key.c, des_pcbc_encrypt.c, - quad_cksum.c, str_to_key.c: Don't use KRB5_DLLIMP. - -2001-07-31 Ezra Peisach <epeisach@mit.edu> - - * read_passwd.c: Create local variable that takes the "int" - bufsize and makes it unsigned for use in malloc, strcmp, etc. - -2001-07-19 Ken Raeburn <raeburn@mit.edu> - - * des.c (des_ecb_encrypt): Put "static" before "const" for local - variable "iv". - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * verify.c (do_decrypt, do_encrypt): Cast argument to - des_ecb_encrypt to unsigned long *. - -2001-05-31 Ezra Peisach <epeisach@mit.edu> - - * des.c (des_ecb_encrypt): Do not use a variable named "encrypt". - * enc_dec.c (des_cbc_encrypt): Likewise. - * pcbc_encrypt.c (des_pcbc_encrypt): Likewise. - -2001-04-26 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't use HAS_ANSI_VOLATILE. - -2001-04-12 Danilo Almeida <dalmeida@mit.edu> - - * cksum.c (des_cbc_cksum): Gee, a consistent calling convntion. - What a concept! - -2001-04-10 Ken Raeburn <raeburn@mit.edu> - - * cksum.c (des_cbc_cksum): Arguments IN, KEY, and IV now const. - * des.c (des_ecb_encrypt): Change type of arg "schedule" to - const des_key_schedule and drop register decl. Make local - variable "iv" const. - * enc_dec.c (des_cbc_encrypt): Arguments KEY and IV now const. - * pcbc_encrypt.c (des_pcbc_encrypt): Argument SCHEDULE now const. - Drop some unnecessary casts. - * quad_cksum.c (vaxtohl, vaxtohs): Cast to pointer to const. - (des_quad_cksum): Argument IN now points to const. - * str_to_key.c (des_string_to_key): String argument now const. - Delete local declaration of des_cbc_cksum. Delete or fix some - casts. - * t_pcbc.c (main): Pass address of ivec to des_pcbc_encrypt. - * util.c (des_cblock_print_file): Delete unnecessary cast. - - * Makefile.in (STLIBOBJS, OBJS, SRCS): Delete references to - k4_glue.c etc. - (clean): Remove t_quad and t_pcbc object files and test programs. - * k4_glue.c: Deleted. - -2001-04-09 Ken Raeburn <raeburn@mit.edu> - - * t_pcbc.c: New file. - * Makefile.in (t_pcbc): New target. - (check-unix): Depend on and run t_pcbc. - - * pcbc_encrypt.c (des_pcbc_encrypt): Initialize plainl and plainr - to keep compiler happy. - - * des.h: Deleted to avoid confusion with the other des.h in the - tree. All files changed to include des_int.h and - (the other) des.h instead. - * new_rnd_key.c (des_init_random_number_generator): Cast seed data - pointer to keep compiler happy. - * read_passwd.c (intr_routine, des_read_pw_string): Add - prototypes. - (des_read_password): Fix call sequence for des_string_to_key. - * str_to_key.c (des_string_to_key): Remove static storage in favor - of automatic storage. Fix call sequence to des_key_sched. Delete - no-op while loop. - * t_quad.c (main): Fix call sequence for des_quad_cksum. - * verify.c (des_string_to_key, des_key_sched, des_ecb_encrypt, - des_cbc_encrypt): Removed declarations. - (do_encrypt, do_decrypt): Prototype. Make args point to unsigned - char, and return types void. - (main): Declare return type. Make automatic var in_length be - unsigned long; discard some casts, but cast it when passing to - memcmp. Remove extra arg passed to des_cbc_cksum. - (flip): Delete unused function. - - * quad_cksum.c (des_quad_cksum): Add comments. Force 32-bit - arithmetic just to be careful. - -2001-04-07 Ken Raeburn <raeburn@mit.edu> - - * t_quad.c: New file. - * Makefile.in (t_quad): New target. - (check-unix): Depend on and run t_quad. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * cksum.c (des_cbc_cksum): Length is unsigned long. - - * enc_dec.c (des_cbc_encrypt): Length is unsigned long. - -Thu Jun 29 17:11:17 2000 Ezra Peisach <epeisach@mit.edu> - - * random_key.c (des_random_key): Add parentheses around assignment - used as truth value. - -2000-03-14 Ken Raeburn <raeburn@mit.edu> - - * read_passwd.c (des_read_pw_string): Make ointrfunc volatile. - Fix volatile decl for readin_string. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:21:30 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Thu Nov 12 17:20:25 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (STLIBOBJS, OBJS, SRCS): Restore des.c - - * des.c: Restore des_ecb_encrypt and make it use the cbc - interface. - -1998-10-27 Marc Horowitz <marc@mit.edu> - - * random_key.c, new_rnd_key.c: make the v4 compat random key code - use the krb5 crypto interface, instead of the des implementation - internals. - -Wed Apr 15 18:03:43 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): - (SHLIB_EXPLIBS): Rename libcrypto -> libk5crypto. - -Tue Mar 3 08:59:03 1998 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Add KRB5_BUILD_PROGRAM - - * Makefile.in (verify): Use CC_LINK and proper Makefile variables - for library dependencies. - -Wed Feb 18 16:10:05 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trialing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Fri Jan 23 22:19:39 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in: Add AC_PROG_INSTALL since it's need by the install - rules. - -Tue Nov 18 18:57:07 1997 Tom Yu <tlyu@mit.edu> - - * quad_cksum.c (des_quad_cksum): Reorder parameters to match the - prototype in include/kerberosIV/des.h. - - * pcbc_encrypt.c: Fix up parameters to use a des_cblock* as the - ivec to match the prototype in include/kerberosIV/des.h. - - * Makefile.in: Garbage collect some old library build system - stuff. - -Mon Oct 27 01:14:16 1997 Tom Yu <tlyu@mit.edu> - - * pcbc_encrypt.c, quad_cksum.c: Punt duplicates of definitions; - use local des.h only, as that appears to be safe. Also, replace - uses of KRB_INT32 with DES_INT32 to remove temptation to misuse. - - * des.h: Don't include k5-int.h any longer, as des_int.h already - gets it. - -Tue Oct 14 15:40:46 1997 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * Makefile.in (LIBMAJOR): Bump major version due to possible - change in type sizes. - -Sat Feb 22 18:55:52 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Sat Feb 22 01:07:34 1997 Sam Hartman <hartmans@tertius.mit.edu> - - * read_passwd.c: Don't base definitions on unix being defined. - - -Fri Feb 21 19:11:33 1997 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (SHLIB_EXPLIBS): Depend on -lcrypto - -Sun Feb 16 23:29:09 1997 Richard Basch <basch@lehman.com> - - * pcbc_encrypt.c: Export des_pcbc_encrypt (win16/win32) - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - - * des.c, des.h, key_sched.c, new_rnd_key.c, pcbc_encrypt.c, - read_passwd.c, unix_time.c: - DLL export various functions (mostly for wintel) - -Wed Jan 8 01:31:22 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (clean-unix, install-unix): Properly install and clean. - -Mon Jan 6 07:47:56 1997 Ezra Peisach <epeisach@mit.edu> - - * configure.in, Makefile.in: Update to new library building procedure. - -Mon Nov 18 20:39:02 1996 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Set shared library version to 1.0. [krb5-libs/201] - -Wed Aug 7 12:50:36 1996 Ezra Peisach <epeisach@mit.edu> - - * new_rnd_key.c (des_set_sequence_number): Change cast to - krb5_octet to char *. - - * des.c (des_ecb_encrypt): Add const keyword in cast to make - suncc happy. - -Tue May 21 20:42:16 1996 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (check-unix): Use KRB5_RUN_FLAGS - -Mon May 13 15:24:18 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (SHLIB_LIBS): For shared library, add dependency on - libkrb5.so - - * configure.in (CRYPTO_SH_VERS): Pass krb5 shared library version - to Makefile. - -Sat May 11 17:36:26 EDT 1996 Richard Basch <basch@lehman.com> - - * new_rnd_key.c: Use sizeof(mit_des_cblock) instead of sizeof(key) - so that we copy the full DES key instead of only 4 bytes. - -Thu May 2 18:44:02 1996 Richard Basch <basch@lehman.com> - - * random_key.c new_rnd_key.c: - Use the rewritten random number routines of libcrypto - -Fri Oct 6 22:01:18 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Oct 2 11:07:24 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in (V5_MAKE_SHARED_LIB): Change rule to install - version 0.1 of the library. Pass the libcrypto version - number to Makefile - - * Makefile.in (CRYPTO_VER): Get the proper libcrypto version number - -Fri Sep 29 01:28:11 1995 Theodore Y. Ts'o <tytso@dcl> - - * pcbc_encrypt.c: #include autoconf.h instead of osconf.h, because - that's the file we really care about. - -Mon Sep 25 16:51:10 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * string2key.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Thu Aug 24 18:51:53 1995 Theodore Y. Ts'o <tytso@dcl> - - * .Sanitize: Update file list - -Thu Jul 27 15:23:26 EDT 1995 Paul Park (pjpark@mit.edu) - * configure.in - Check for the sizes of short, int and long. - * des.c - Cast mit_des_ecb_encrypt arguments correctly. - * pcbc_encrypt.c - Remove inclusion of k5-config.h. - * verify.c - Fix compiler grumbles. - - -Fri Jul 7 16:22:13 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Remove LDFLAGS, it's set by configure. - -Wed Jun 28 17:09:34 1995 Mark Eichin <eichin@cygnus.com> - - * read_passwd.c, configure.in: use HAS_ANSI_VOLATILE instead. - -Tue Jun 27 23:17:11 1995 Mark Eichin <eichin@cygnus.com> - - * read_passwd.c: only use volatile if __STDC__ is 1. - -Tue Jun 27 15:51:10 EDT 1995 Paul Park (pjpark@mit.edu) - * util.c - Make #endif ansi-compliant. - * read_passwd.c - Add signal name parameter to signal handler to - conform to prototype. - -Mon Jun 26 14:39:18 1995 Sam Hartman <hartmans@tardis.MIT.EDU> - - * Makefile.in (LDFLAGS): Removed bogus -g. It breaks on shared - links when you're actually calling ld not cc. - -Fri Jun 23 18:16:09 1995 Tom Yu (tlyu@dragons-lair) - - * configure.in: fix Sam's typo so libdes425.a gets symlinked - properly. - -Fri Jun 23 12:45:43 1995 Sam Hartman <hartmans@tardis.MIT.EDU> - - * configure.in: New static library targets. - - * Makefile.in : Add new static library target handling. - -Fri Jun 16 17:00:04 EDT 1995 Paul Park (pjpark@mit.edu) - * k4_glue.c - Add this module with the "req_act_vno" symbol definition - so that we can use old versions of K4. - * configure.in - Check for #pragma weak. - * Makefile.in - Add k4_glue.c, Add K4 to include list. - -Fri Jun 16 11:15:11 EDT 1995 Paul Park (pjpark@mit.edu) - * configure.in - Add install target for shared library. - - -Thu Jun 15 18:00:45 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Change "./DONE" target to "DONE" since we have a rule - for how to build it. Also add definitions for shared library - building rules. - * configure.in - Create symlinks for archive and shared library when - we build them. - -Wed Jun 14 07:37:26 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (libdes425.a): Don't copy library up a level. Let - above Makefile symlink to it. - -Fri Jun 9 19:18:59 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Thu Jun 8 23:24:20 1995 <tytso@rsx-11.mit.edu> - - * read_passwd.c (des_read_pw_string): Don't depend on - krb5_read_password(); this created a circular dependency - in the libraries. This code is now duplicated in - des_read_pw_string. - - * util.c (des_cblock_print_file): Fix -Wall nit. - -Mon Jun 5 21:02:37 1995 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * quad_cksum: Convert longs to KRB_INT32 for 64 bit platforms. - -Fri May 26 21:43:52 1995 Theodore Y. Ts'o (tytso@dcl) - - * util.c: Added new function, des_cblock_print_file(), which is - referenced by libkrb4.a. (Even though it's never used, - some OS's demand that all of the references in a - shared library have to be resolved.) - -Mon May 1 11:29:37 1995 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * read_passwd.c: (des_read_pw_string): Call to krb5_read_password - wants a pointer to the length of the buffer. - -Fri Apr 28 13:35:25 1995 Theodore Y. Ts'o <tytso@dcl> - - * read_passwd.c (des_read_pw_string): Add des_read_pw_string, - since it's used by the V4 login.c code. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - -Wed Mar 22 11:21:38 1995 Keith Vetter (keithv@fusion.com) - - * read_passwd.c: changed return value to krb5_error_code - * des.h: same as above - * unix_time.c: didn't work on the PC. Copied PC time code from - krb5\os\ustime.c. - -Mon Mar 20 21:14:40 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in, unix_time.c(unix_time_gmt_unixsec): Added function - needed for des425 to work with the Cygnus krb.a. - -Wed Mar 15 13:44:23 1995 Keith Vetter (keithv@fusion.com) - - * des.h: now includes des_int.h for proper prototypes. - * enc_dec.c: cast the types of the input/output buffers in calling - the encrypt routine. - * key_sched.c: removed prototype of a non-existent routine. - * new_rnd_key.c: removed prototypes in the file and instead include - header file with the real prototypes. - * random_key.c: code, as it was, could never have worked. Adding - prototypes revealed that it was passing KEY with the wrong level - of indirection. - -Tue Mar 7 19:57:28 1995 Keith Vetter (keithv@fusion.com) - - * pcbc_enc.c: added casts on the long->char assignments. - * str_to_key.c: converted int->long to match types. - - -Wed Mar 8 17:13:44 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (clean): Dete verify.o on a "make clean". - -Wed Mar 1 17:57:44 1995 Theodore Y. Ts'o <tytso@dcl> - - * verify.c: Remove declaration of exit(). - -Tue Feb 28 01:30:11 1995 John Gilmore (gnu at toad.com) - - * cksum.c, des.c, des.h, enc_dec.c, pcbc_encrypt.c, quad_cksum.c, - read_passwd.c, string2key.c, weak_key.c: Avoid <krb5/...> includes. - -Tue Feb 21 17:42:44 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work on the PC - * *.c, des.h: added windows INTERFACE keyword - * read_passwd.c: renamed a static variable to avoid compiler error - * quad_cksum.c: errno extern declaration removed on the PC - -Fri Feb 3 17:23:45 1995 Theodore Y. Ts'o (tytso@dcl) - - * pcbc_encrypt.c: Add SIZEOF_FOO checks to properly define - KRB_INT32 - -Wed Jan 18 15:12:18 1995 Theodore Y. Ts'o (tytso@dcl) - - * read_passwd.c (des_read_password): Declare global_context and - initialize it if necessary. - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Added krb5_context to all krb5_routines - -Thu Nov 3 18:29:10 1994 Mark Eichin (eichin@cygnus.com) - - * pcbc_encrypt.c: moved from f_pcbc.c in lib/crypto/des, and - inlined proper des.h to avoid confusion in names. - * Makefile.in: add -I to CFLAGS to get f_tables.h from - lib/crypto/des as well. - -Wed Oct 26 14:23:36 1994 (tytso@rsx-11) - - * Makefile.in (check): - * verify.c (main): Add verification checks to the test suite. - -Wed Oct 19 12:16:13 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: make install obey $(DESTDIR) completely - -Mon Oct 3 22:48:14 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: make install obey $(DESTDIR) - -Thu Aug 4 03:40:55 1994 Tom Yu (tlyu@dragons-lair) - - * configure.in: oops look for install program - - * Makefile.in: make install fixes - diff --git a/src/lib/gssapi/ChangeLog b/src/lib/gssapi/ChangeLog deleted file mode 100644 index cca65a153..000000000 --- a/src/lib/gssapi/ChangeLog +++ /dev/null @@ -1,429 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-31 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Never define size_t. - -2006-03-30 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Check for inttypes.h and handle it like xom.h and - stdint.h. Don't check sizes of any types. - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use K5_AC_INIT instead of AC_INIT. - -2005-04-07 Tom Yu <tlyu@mit.edu> - - * configure.in: Use awk to work around Makefile quoting problems. - -2005-02-08 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBINITFUNC, LIBFINIFUNC): Define. - - * gss_libinit.c (gssint_lib_init, gssint_lib_fini) - [SHOW_INITFINI_FUNCS]: Print tracing messages. - -2005-02-02 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Check for xom.h. Set include_xom to a C include - directive or comment, and substitute it in the Makefiles. - -2005-01-17 Jeffrey Altman <jaltman@mit.edu> - - * gss_libinit.c: implement cleanup of mutexes, static vars, etc for Windows - -2004-07-29 Sam Hartman <hartmans@mit.edu> - - * libgssapi_krb5.exports: Add lucid context routines and gss_krb5_set_allowable_enctypes - -2004-07-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): Use _DEPLIB variables. - (SHLIB_EXPLIBS): Add $(SUPPORT_LIB). - - * gss_libinit.c (gssint_lib_init): Initialize new keytab-name - mutex, and register two new key values. - -2004-06-18 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (OBJFILELIST, OBJFILEDEP) [DOS]: Depend on locally - built objects too. - (OBJFILE, LIBOBJS) [DOS]: Define. - ($(BUILDTOP)/include/gssapi/gssapi.h generic/gssapi.h - krb5/gssapi_err_krb5.h generic/gssapi_err_generic.h - krb5/gssapi_krb5.h) [DOS]: Disable dependencies on Windows. - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (MAC_SUBDIRS): Don't set. - -2004-06-15 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SHLIB_EXPLIBS): Add $(LIBS). - -2004-06-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (krb5/gssapi_krb5.h): Depend on recursion rule. - -2004-06-08 Sam Hartman <hartmans@mit.edu> - - * configure.in: If stdint.h exists, include in gssapi_krb5.h - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBBASE): Renamed from LIB. - -2004-06-02 Ken Raeburn <raeburn@mit.edu> - - * gss_libinit.c (gssint_lib_init): Initialize error tables here. - (gssint_initialize_library): Don't do it directly here. Make sure - gssint_lib_init has been called, and return the status. - (gssint_lib_fini): Remove error tables here. - (gssint_cleanup_library): Function deleted. - (initialized): Variable deleted. - -2004-05-13 Ken Raeburn <raeburn@mit.edu> - - * libgssapi_krb5.exports: Remove et_*, generic_*, gssint_*, - initialize_*, kg_* symbols. - -2004-04-24 Ken Raeburn <raeburn@mit.edu> - - * gss_libinit.c: Include k5-platform.h. - (gssint_lib_init, gssint_lib_fini): New init/fini functions. - Create and clean up the mutex in kg_vdb. - (gssint_initialize_library): Verify the library initializer has - run successfully. - -2004-04-22 Ken Raeburn <raeburn@mit.edu> - - * libgssapi_krb5.exports: New file. - -2003-07-17 Tom Yu <tlyu@mit.edu> - - * gss_libinit.c (gssint_initialize_library): Don't call - kg_release_defcred(); it doesn't exist any more. - -2003-03-08 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in ($(BUILDTOP)/include/gssapi/gssapi.h, - generic/gssapi.h, generic/gssapi_err_generic.h, - krb5/gssapi_err_krb5.h): Comment out old rules and dependencies; - depend on all-recurse and supply a no-op rule. - -2003-03-07 Alexandra Ellwood <lxs@mit.edu> - - * gss_libinit.c: Changed USE_HARDCODED_FALLBACK_ERROR_TABLES macro - to !USE_BUNDLE_ERROR_STRINGS so Darwin based builds get com_err - style error tables. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * gss_libinit.c: Removed Mac header goober. - Fixed USE_HARDCODED_FALLBACK_ERROR_TABLES macro used by KfM. - - * gss_libinit.h: do not use the same multiple include - protection macro as krb5_libinit.h. Changed to GSSAPI_LIBINIT_H. - -2003-02-11 Tom Yu <tlyu@mit.edu> - - * Makefile.in ($(BUILDTOP)/include/gssapi/gssapi.h): Add - dependencies and cause to invoke a differently-named target in - subdirectory. - (generic/gssapi.h): Make separate rule. - (generic/gssapi_err_generic.h, krb5/gssapi_err_krb5.h): New rules - to generate these files in subdirectories as needed. - -2003-02-10 Tom Yu <tlyu@mit.edu> - - * Makefile.in ($(BUILDTOP)/include/gssapi/gssapi.h generic/gssapi.h): - Don't depend on all-recurse, as it causes spurious rebuilds of - these header files. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't explicitly invoke AC_PROG_ARCHIVE, - AC_PROG_ARCHIVE_ADD, AC_PROG_INSTALL, AC_PROG_RANLIB. - - * configure.in: Use V5_AC_OUTPUT_MAKEFILE instead of - K5_GEN_MAKEFILE and K5_AC_OUTPUT. - - * Makefile.in: Add AC_SUBST_FILE marker for lib_frag and libobj_frag. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * Makefile.original: Deleted. - -2002-09-24 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in ($(BUILDTOP)/include/gssapi/gssapi.h, - generic/gssapi.h): Depend on all-recurse. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-22 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SUBDIROBJLISTS): New variable. - -2002-07-15 Ezra Peisach <epeisach@bu.edu> - - * gss_libinit.c (gssint_cleanup_library): Remove variable set but - not used. - -2002-07-14 Alexandra Ellwood <lxs@mit.edu> - - * gss_libinit.c: Conditionalized error table loading for Mac OS X. - Error tables should always be loaded on other platforms. - - * gss_libinit.c: updated for Mac OS X header paths and added - include of gssapiP_krb5.h to get function prototypes. - - [pullups from 1-2-2-branch] - -2001-09-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SRCS): Use $(srcdir) not $(subdir). - -2001-06-04 Ezra Peisach <epeisach@mit.edu> - - * gss_libinit.c: Include gssapiP_krb5.h for kg_release_defcred() - prototype. - -2000-11-01 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Use AC_TYPE_SIZE_T instead of AC_SIZE_T. - -2000-06-03 Tom Yu <tlyu@mit.edu> - - * Makefile.in(LIBMINOR): Bump library version. - -2000-05-31 Wilfredo Sanchez <tritan@mit.edu> - - * configure.in: Check for existance of <memory.h>. - [from Nathan Neulinger <nneul@umr.edu>] - -Tue Feb 22 10:23:19 2000 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (clean-unix): Add clean-libobjs. - -2000-01-24 Tom Yu <tlyu@mit.edu> - - * Makefile.in (STLIBOBJS): Properly add gss_libinit.o to permit - compiling. - - * configure.in: Add libobj to Makefile frags. - - * gss_libinit.c: Add terminating newline. Use 0 and 1 instead of - false and true. - -Fri Jan 21 22:47:00 2000 Miro Jurisic <meeroh@mit.edu> - - * Makefile.in: added gss_libinit.[co] - * gss_libinit.[ch]: new files, contain library initialization - and cleanup code - -Tue May 18 19:52:56 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Remove - from recursive Win32 make invocation. - -Mon May 10 15:21:50 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1999-02-19 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in (DLL_FILE_DEF): Tell the Makefile template that we - are building object files for the GSSAPI DLL. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - - * configure.in: Use K5_AC_OUTPUT instead of K5_OUTPUT_FILES. - -Wed Apr 15 18:04:18 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): - (SHLIB_EXPLIBS): Rename libcrypto -> libk5crypto. - -Wed Feb 18 16:10:38 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Thu Feb 12 16:17:28 1998 Tom Yu <tlyu@mit.edu> - - * configure.in: Add commented out AC_OUTPUT to force autoreconf to - rebuild the configure script. - -Mon Feb 2 16:47:05 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - - * configure.in: Create the makefiles for all of the subdirectories - and move all of the configure.in tests from the - subdirectories into this configure.in. - -Wed Jan 21 19:12:42 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (LIBMINOR): Bump minor version due to internal - structure change. - -Sat Feb 22 01:21:06 1997 Sam Hartman <hartmans@tertius.mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): s/so/$(SHLIBEXT) - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - -Tue Jan 14 20:07:50 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Mon Nov 18 20:39:41 1996 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Set shared library version to 1.0. [krb5-libs/201] - -Tue Jul 23 22:50:22 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (MAC_SUBDIRS): Remove mechglue from the list of - Macintosh subdirectories. - -Thu Jun 6 00:04:38 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (all-windows): Don't pass $(LIBCMD) on the command - line. It's set in the windows.in prologue for all Makefiles anyway. - -Mon May 20 11:00:45 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * Makefile.in (libgssapi.$(STEXT)): deal with new improved - libupdate - -Mon May 6 21:33:25 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (clean-unix): Remove libgssapi_krb5.stamp. - -Wed Apr 17 21:48:15 1996 Marc Horowitz <marc@mit.edu> - - * Makefile.in, configure.in: Nothing in mechglue is used anymore, - for now. - -Tue Feb 27 22:10:48 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (all-windows, clean-windows): Add mechglue to the - list of directories which are recursively handled for - Windows. - -Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Folded in danw's changes to allow - building Makefiles for the Macintosh. We now can build - MPW makefiles which are interpreted by CodeWarrior. - -Fri Jan 26 01:55:14 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * configure.in: Fix path to library from lib - -Wed Jan 24 21:28:04 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * configure.in: Remove LinkFileDir line for libgssapi as the - shared lib stuff does that. - -Tue Jan 23 12:12:49 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (SHLIB_LIBS): Add lines for shared library building - depending on libkrb5, crypto, and com_err. - -Tue Jan 23 04:06:36 1996 <tytso@rsts-11.mit.edu> - - * Makefile.in: Add support for building the gssapi library as a - shared library. - -Tue Jan 23 03:32:25 1996 Theodore Y. Ts'o <tytso@dcl> - - * configure.in: Add the mechglue directory as a subdir - - * Makefile.in (libgssapi_krb5.a): Include the object files in the - mechglue directory as well. - -Fri Oct 6 22:02:48 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Sep 25 16:52:41 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 13 11:11:38 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: Put back in all:: all-$(WHAT) rule--PC needs it. - -Thu Jun 15 18:02:16 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Remove explicit "all" rule at head of file, it causes - platform specific target to get done first. - * configure.in - Create symlinks for archive and shared library when - we build them. Also, put explicit "all" rule at end of file - so that we do the subdirectory rules first. - -Fri Jun 9 18:55:01 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. Use DO_SUBDIRS to - recurse down subdirectories. - -Mon May 22 10:04:26 EDT 1995 Paul Park (pjpark@mit.edu) - * configure.in - Add SUBDIRS for install target. - -Tue May 2 21:42:32 1995 Tom Yu (tlyu@dragons-lair) - - * Makefile.in: nuke spurious whitespace in blank line - -Wed Apr 26 14:39:18 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: passed wrong macro on the recursive makes. - -Tue Mar 21 19:08:51 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed the name of the library the PC - builds, and added xxx-mac targets to mimic xxx-unix. - -Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: cleaned up for the PC - -Mon Feb 20 21:38:20 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work on the PC - -Fri Nov 18 00:17:29 1994 Mark Eichin <eichin@cygnus.com> - - * configure.in: move WITH_CCOPTS. - -Wed Oct 19 12:16:44 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: make install obey $(DESTDIR) completely - -Mon Oct 3 22:48:54 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: make install obey $(DESTDIR) - -Thu Aug 4 03:41:21 1994 Tom Yu (tlyu@dragons-lair) - - * configure.in: look for install program - - * Makefile.in: make install fixes - diff --git a/src/lib/gssapi/generic/ChangeLog b/src/lib/gssapi/generic/ChangeLog deleted file mode 100644 index 70e3f50d3..000000000 --- a/src/lib/gssapi/generic/ChangeLog +++ /dev/null @@ -1,941 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-30 Ken Raeburn <raeburn@mit.edu> - - * gssapiP_generic.h [!_WIN32]: Include autoconf.h. - - * Makefile.in (include_stdint, include_inttypes): New make - macros. - (gssapi.h): Use them. Don't pull SIZEOF_ macros from autoconf.h. - - * gssapi.hin (gss_uint32, gss_int32): Define as uint32_t and - int32_t, respectively. - - * util_token.c: Include limits.h. - (der_length_size, der_write_length): Test INT_MAX instead of - SIZEOF_INT. - (der_read_length): Test sizeof(int) instead of SIZEOF_INT. - -2006-03-27 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (include_xom): Define as "rem" instead of empty on - Windows. - -2006-03-11 Ken Raeburn <raeburn@mit.edu> - - * gssapi.h: Use autoconf.h from include rather than include/krb5. - If sed fails, error out. - -2006-03-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (generate-files-mac): Depend on gssapi.h. - -2005-09-22 Tom Yu <tlyu@mit.edu> - - * rel_buffer.c (generic_gss_release_buffer): Free buffer even if - length is zero. This avoids memory leaks in some cases. - -2005-04-07 Tom Yu <tlyu@mit.edu> - - * Makefile.in (gssapi.h): Use awk hack to work around quoting - problem. - -2005-02-02 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (gssapi.h): Change SIZEOF symbols to start with GSS_ - when extracting from autoconf.h. Don't look for HAVE_ or USE_ - symbols. Add ${include_xom} to the prologue. - (include_xom): New variable. - * gssapi.hin: Always include stddef.h unconditionally. Don't - conditionally include xom.h here. - (GSS_SIZEOF_INT, GSS_SIZEOF_LONG, GSS_SIZEOF_SHORT): Don't - define, except on Windows. - -2004-06-22 Ken Raeburn <raeburn@mit.edu> - - * gssapi.hin: Don't test macintosh or __MWERKS__. - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * util_validate.c (g_save): Call gssint_initialize_library. - -2004-06-08 Sam Hartman <hartmans@mit.edu> - - * util_validate.c utl_nohash_validate.c gssapiP_generic.h: - Support for lucid context validation - -2004-06-02 Ken Raeburn <raeburn@mit.edu> - - * disp_com_err_status.c (init_et): Variable deleted. - (g_display_com_err_status): Don't call initialize_ggss_error_table - conditionally; instead, always call gssint_initialize_library. - -2004-04-24 Ken Raeburn <raeburn@mit.edu> - - * gssapiP_generic.h (G_SET_INIT): Use the new mutex partial - initializer now. - -2004-03-14 Ken Raeburn <raeburn@mit.edu> - - * gssapiP_generic.h (struct _g_set_elt, g_set_elt): Renamed from - non-_elt versions. - * util_set.c, util_validate.c: Uses updated. - - * gssapiP_generic.h (g_set): New struct type. - (G_SET_INIT): New macro. - * util_validate.c (g_save, g_validate, g_delete): Change first - argument to take a g_set * rather than void **; use the address of - the void pointer from the structure. - (g_save_name, g_save_cred_id, g_save_ctx_id, g_validate_name, - g_validate_cred_id, g_validate_ctx_id, g_delete_name, - g_delete_cred_id, g_delete_ctx_id): Updated first argument type. - * gssapiP_generic.h: Declarations updated. - - * gssapiP_generic.h: Include k5-thread.h. - (g_set): Add a mutex. - (G_SET_INIT): Initialize it. - * util_validate.c (g_save, g_validate, g_delete): Lock the mutex - while working on the set. (BDB version untested.) - -2004-02-08 Ken Raeburn <raeburn@mit.edu> - - * util_ordering.c (g_queue_externalize, g_queue_internalize): - Check for sufficient buffer space. - -2003-12-19 Ken Raeburn <raeburn@mit.edu> - - * gssapi_generic.c (const_oids): Renamed from oids, and now const. - (oids): New macro, casts const_oids to non-const pointer for use - in initializers. - -2003-12-13 Ken Raeburn <raeburn@mit.edu> - - * gssapiP_generic.h: Include k5-platform.h. - (gssint_uint64): New typedef. - (g_order_init, g_order_check): Update decls. - * util_ordering.c (struct _queue): Change sequence number fields - to gssint_uint64. Add mask field. - (queue_insert): Change sequence number to gssint_uint64. - (g_order_init): Change sequence numbers to gssint_uint64. Add - "wide_nums" argument; initialize the queue mask field based on - it; all callers changed. Store a -1 as the first element. - (g_order_check): Store and check elements as offsets from - firstnum. Mask to 32 bits if desired. - * util_token.c (g_verify_token_header): Add new argument - indicating whether the pseudo-ASN.1 wrapper is required; all - callers changed. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-05-14 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in ($(EHDRDIR)$(S)timestamp): New target, used for - ensuring $(EHDRDIR) exists. - (clean-unix): Delete the dummy file. - ($(EHDRDIR)$(S)gssapi.h): Depend on it, instead of creating the - directory here. - ($(EHDRDIR)$(S)gssapi_generic.h): Likewise. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * disp_com_err_status.c, gssapi_generic.h: - Removed Mac header goober. - - * gssapiP_generic.h, gssapi.hin: Removed macintosh check because - we don't build on OS 9 anymore. - - * gssapi.hin: Removed enumsalwaysint because there are no typed - enums in this header. Removed duplicate CFM-68K magic. - -2003-02-12 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove stamp rules. Explicitly creates header - directory if needed. - (gssapi.h): Tweak to avoid race conditions. - -2003-02-11 Tom Yu <tlyu@mit.edu> - - * Makefile.in (gssapi-include): New rules to avoid coding - dependence on relative pathnames in parent Makefile.in. - -2003-02-11 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Another attempt... turns our that the "copy" - command on Windows preserves modtimes, so spurious rebuilds were - happening even with the stamp file, since the target in $(EHDRDIR) - is always out of date with respect to the stamp file. - -2003-02-10 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Fix $(EHDRDIR) creation to avoid spurious - rebuilds. - -2003-02-09 Ezra Peisach <epeisach@bu,edu> - - * gssapiP_generic.h, util_token.c (g_token_size): Return unsigned - int instead of int. - -2003-01-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in ($(EHDRDIR)$(S)gssapi.h): Depend on create-ehdrdir, - to make sure the directory is created before installation of the - file. - ($(EHDRDIR)$(S)gssapi_generic.h): Likewise. - (create-ehdrdir): New target on UNIX. Renamed from $(EHDRDIR) on - Windows and changed to check for an existing directory. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * Makefile.original: Deleted. - -2002-12-05 Sam Hartman <hartmans@mit.edu> - - * util_token.c (g_verify_token_header g_make_token_header): - Accept -1 to mean that no token type is expected; the token type - is purely an RFC 1964 artifact and is not used in other mechanisms - such as SPNEGO. - -2002-11-15 Ezra Peisach <epeisach@bu.edu> - - * gssapiP_generic.h, util_token.c: Change g_make_token_header and - g_verfy_token_header to take an unsigned length in. - -2002-10-07 Sam Hartman <hartmans@mit.edu> - - * Makefile.in : Add install-headers- support - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-27 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in ($(EHDRDIR)/gssapi.h, $(EHDRDIR)/gssapi_generic.h): - Quote target of copies. Reverted. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-07-15 Ezra Peisach <epeisach@bu.edu> - - * gssapiP_generic.h, util_token.c (g_verify_token_header): Make - length argument a pointer to an unsigned int. - -2002-07-12 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SRCS, OBJS, STLIBOBJS): Don't build util_dup.c. - * util_set.c (g_set_destroy): Don't compile this unused function. - -2002-07-12 Alexandra Ellwood <lxs@mit.edu> - - * gssapi_generic.h: allow inclusion by C++ - - * gssapi.hin: Conditionalized pragmas for Metrowerks - - * gssapi.hin: Added check for CFM compiles. Removed dependency on - PRAGMA_* macros. Moved check struct alignment check before struct - declarations. - - * disp_com_err_status.c, gssapi.hin, gssapi_generic.h: - Updated Mac OS X headers to new framework layout - - * gssapi_generic.h: Fixed check for Mac OS X includes. - - [pullups from 1-2-2-branch] - -2002-07-12 Miro Jurisic <meeroh@mit.edu> - - * gssapiP_generic.h: use "" include for krb5.h - [pullup from 1-2-2-branch] - -2001-10-20 Ken Raeburn <raeburn@mit.edu> - - * gssapiP_generic.h (g_*): For every g_ function declared here, - first define the name as a macro using a gssint_ prefix to avoid - conflicting with glib function names. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * gssapi.hin, gssapiP_generic.h: Make prototypes unconditional. - * gssapi.hin (PROTOTYPE): Don't define. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - Windows still requires DLL specs for variables. - * gssapi.hin (GSS_DLLIMP): Define, as before (from win-mac.h) for - Windows, empty otherwise. - (GSS_C_NT_USER_NAME, GSS_C_NT_MACHINE_UID_NAME, - GSS_C_NT_STRING_UID_NAME, GSS_C_NT_HOSTBASED_SERVICE_X, - GSS_C_NT_HOSTBASED_SERVICE, GSS_C_NT_ANONYMOUS, - GSS_C_NT_EXPORT_NAME): Use GSS_DLLIMP. - (KRB5_EXPORTVAR): Don't define. - - * gssapi_generic.h (gss_nt_user_name, gss_nt_machine_uid_name, - gss_nt_string_uid_name, gss_nt_service_name): Use GSS_DLLIMP. - * gssapi_generic.c (gss_nt_user_name, gss_nt_machine_uid_name, - gss_nt_string_uid_name, gss_nt_service_name, GSS_C_NT_USER_NAME, - GSS_C_NT_MACHINE_UID_NAME, GSS_C_NT_STRING_UID_NAME, - GSS_C_NT_HOSTBASED_SERVICE_X, GSS_C_NT_HOSTBASED_SERVICE, - GSS_C_NT_ANONYMOUS, GSS_C_NT_EXPORT_NAME): Use GSS_DLLIMP. - - * gssapi.hin: Drop FAR, NEAR, _MSDOS support. - * gssapiP_generic.h: Drop _MSDOS support. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * gssapi.hin, gssapi_generic.c, gssapi_generic.h: Don't use - GSS_DLLIMP. - -2001-06-25 Tom Yu <tlyu@mit.edu> - - * gssapi.hin, gssapi_generic.h, gssapi_generic.c: - added oids from rfc 2744. Kept old oids for compatibility. - [pullup of lxs's changes] - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * util_validate.c (g_save): Cleanup extraneous variable from last - change. - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * util_validate.c (g_validate, g_save, g_delete): If HAVE_BSD_TYPE - is not defined, declare static functions as taking a void *type for - passing to g_set_entry_add. - -2001-05-08 Ezra Peisach <epeisach@mit.edu> - - * disp_major_status.c (display_unknown): Remove unused variable. - - * util_token.c (g_make_token_header): Remove incorrect cast of - length argument to memcpy. - - * oid_ops.c (generic_gss_str_to_oid): Cast argument of isxxx() - functions to int - avoids gcc warning when these are implemented - as macros indexing an array. - -2001-05-04 Ezra Peisach <epeisach@mit.edu> - - * disp_major_status.c (display_unknown): Declare as static. Remove - non-useful code. - -2001-04-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (unixmac): Target deleted. - -2001-03-10 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * oid_ops.c: Avoid the use of a variable named index. - -2000-10-03 Ezra Peisach <epeisach@mit.edu> - - * gssapiP_generic.h (g_OID_equal): Instead of casting argument to - memcmp as int, cast to unsigned int to match prototype. - -2000-08-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SRCS, OBJS, STLIBOBJS): Remove util_canonhost. - * gssapiP_generic (g_canonicalize_host, g_local_host_name): Delete - declarations. - -2000-05-31 Wilfredo Sanchez <tritan@mit.edu> - - * util_token.c: Check for existance of <memory.h>. - [from Nathan Neulinger <nneul@umr.edu>] - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Wed May 19 13:23:16 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Improve rule to create gssapi include dir under - windows. - -Wed May 19 11:39:05 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Fix windows cleanup to ignore any errors while - removing gssapi include dir. - -Mon May 10 15:22:12 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -Thu Mar 25 22:41:30 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * disp_major_status.c (display_unknown): Fix the length of the - buffer to be the size of the returned string, instead of - something bigger than the returned string. - -1999-02-19 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in (DLL_FILE_DEF): Tell the Makefile template that we - are building object files for the GSSAPI DLL. - - * gssapi.hin, gssapi_generic.c: Change use of KRB5_DLLIMP to be - GSS_DLLIMP. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -1998-10-27 Marc Horowitz <marc@mit.edu> - - * gssapi.hin: define GSS_S_DUPLICATE_ELEMENT, GSS_S_NAME_NOT_MN, - and GSS_S_GAP_TOKEN as per gss v2 c bindings - -1998-06-08 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * oid_ops.c (generic_gss_release_oid): Recognize our own "self" - oids so that we don't free static oid's. (exported_name - and nt_service_name_v2). - -Sun May 24 22:01:29 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * util_buffer.c (g_make_string_buffer): Don't include the trailing - NULL of the string in the gss buffer's length. - -1998-05-18 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * util_ordering.c (g_order_free): - * rel_oid_set.c (generic_gss_release_oid_set): - * disp_major_status.c: General lint cleanup. - - * util_oid.c (g_copy_OID_set): Copy the OID set with entirely - dynamic memory (don't alias the contents of the OID set). - -Wed Apr 1 16:33:27 1998 Tom Yu <tlyu@mit.edu> - - * disp_major_status.c (g_display_major_status): Fix a typo in - previous. - -1998-03-31 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * disp_major_status.c (display_unknown): Change to not return - GSS_S_CONTINUE_NEEDED, per the standard C bindings - specification. - -Wed Feb 18 16:11:15 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Fri Jun 27 08:44:54 1997 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * gssapi.hin: Add definition of GSS_C_NO_NAME (per - draft-ietf-cbind-04.txt) - -Wed Nov 19 11:01:27 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (clean-unix): Remove EXPORTED_BUILT_HEADERS as well. - -Sun Aug 17 14:31:26 1997 Ezra Peisach <epeisach@mit.edu> - - * util_token.c (g_verify_token_header): Change local char * - variable to unsigned char * to match usage. - -Tue Jul 29 22:54:40 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * gssapi_generic.c: Add support for the new OID value for - host-based service name. - -Tue Jul 8 12:46:17 1997 Ezra Peisach <epeisach@mit.edu> - - * util_ordering.c: Include string.h for prototypes. - -Fri Mar 28 03:43:58 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * gssapi_generic.c, gssapi_generic.h: Added definition for the - generic gsspi OID type "gss_nt_exported_name". - -Thu Mar 27 15:36:32 1997 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * gssapi.hin: Add the GSS_C_PROT_READY_FLAG and GSS_C_TRANS_FLAG - Add prototypes for the V2 functions gss_export_name(), - gss_duplicate_name(), and gss_canonicalize_name(). - -Tue Mar 18 13:52:29 1997 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * gssapi.hin: Add 'extern "C"' for C++ compatibility; also check - for __cplusplus since some C++ compilers don't set - __STDC__ - -Mon Mar 17 14:42:33 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * gssapi.hin: Fix header file so that winmac.h is #included when - compiling on the Macintosh. - -Sat Feb 22 18:57:56 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Sun Feb 9 11:41:08 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Fix includes generation for unix after - libhack_branch merge. - -Thu Feb 6 11:11:17 1997 Ezra Peisach (epeisach@mit.edu) - - * configure.in: Remove the CopyHeader and CopySrcHeader rules as - they are handled in Makefile.in - - * Makefile.in: Create include/gssapi on unix. Make clean removes - built gssapi.h - -Wed Feb 5 23:28:47 1997 Richard Basch <basch@lehman.com> - - * gssapi.hin: Make sure KRB5_EXPORTVAR is defined. - -Tue Feb 4 15:55:11 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Only override the object build of the error table - under Unix - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - - * gssapi.hin, gssapi_generic.c, gssapi_generic.h: - DLL export all public gssapi functions; move windows/mac stuff to - win-mac.h - -Tue Jan 14 20:16:46 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Wed Nov 20 13:59:58 1996 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (install): Install gssapi.h from the build tree. - -Tue Nov 19 16:43:16 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in (gssapi.h): grep USE_.*_H out from autoconf.h as - well (some stuff was depending on USE_STRING_H). - -Mon Nov 18 12:38:34 1996 Tom Yu <tlyu@mit.edu> - - *gssapi.h: Renamed to gssapi.hin. - - * gssapi.hin: Remove #ifdef USE_AUTOCONF_H; we're grepping symbols - directly from autoconf.h now. - - * configure.in: Change CopySrcHeader to CopyHeader, as gssapi.h is - now generated in the build tree. - - * Makefile.in: Add rules to generate gssapi.h from gssapi.hin, - similar to how krb5.h is generated from krb5.hin. Remove - -DUSE_AUTOCONF_H from $(CFLAGS) - -Tue Nov 5 18:47:44 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in (HDRS): Changes so that $(OBJS) will not get - recompiled gratuitously if someone touches the include directory. - - * configure.in: Revert previous change re: CopySrcHeader. - -Tue Oct 29 10:20:58 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in: Use $(S) instead of / for productions which could - be used on both DOS and Unix systems. - -Mon Oct 21 16:16:26 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * util_ordering.c (g_queue_internalize, g_queue_externalize): - Fixed typo so that the remaining length field is set - correctly. - -Sat Oct 19 00:39:25 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * util_ordering.c (g_queue_externalize, g_queue_internalize, - g_queue_size): New routines which allow the serailizing - routines to access the seqstate structure. - -Thu Oct 10 15:03:38 1996 Tom Yu <tlyu@mit.edu> - - * configure.in: Remove calls to CopySrcHeader. - - * Makefile.in: More fixups; punt usage of CopySrcHeader and use - explicit dependencies instead, thus avoiding abuse of double-colon - rules. - -Wed Oct 9 14:12:27 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in (all-unix): Fix up last change; depending on a phony - target causes everything all of $(OBJS) to get remade always. - - * Makefile.in (all-unix): Fix up various rules that have - "includes" as dependencies in order to allow for makes that don't - do left-to-right ordering of dependencies. - -Wed Aug 28 17:44:06 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * utl_nohash_validate.c: - * util_canonhost.c: - * util_validate.c: Only include sys/types.h if present. - - * configure.in: Add check for limits.h and sys/types.h - -Fri Aug 2 13:37:10 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * gssapiP_generic.h: If not on a Mac or under Dos, and stdlib.h - exists, include it. - - * configure.in: Check for stdlib.h - -Thu Jul 25 00:03:01 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * util_ordering.c (g_order_check): - * util_ordering.c (g_order_init): Changed return code to be an int - 32, since we return a com_err error code. Change the type - of the sequence number to be an uint32. - - * gssapi.h: Define gss_int32 -- needed for error code returns. - - * Makefile.in (EHDRDIR): Use $(S) instead of /, so that EHDRDIR is - valid under windows. Fix how the header file is copied in - under Windows. - - * gssapiP_generic.h: Include gssapi_generic.h instead of gssapi.h, - so that we get the definitions of the nametype oids. - -Wed Jul 24 18:48:43 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * oid_ops.c (generic_gss_release_oid): Re-enable function. - - * util_token.c (g_verify_token_header): Changed return code to be - an int 32, since we return a com_err error code. - - * rel_buffer.c (generic_gss_release_buffer): - * rel_oid_set.c (generic_gss_release_oid_set): Remove INTERFACE - keyworded; not needed (and causes problems) since we're - not exporting this function to the DLL. - -Tue Jul 23 16:44:50 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * util_validate.c: Only include <sys/file.h> if building with BSD_DB. - - * gssapiP_generic.h: Must include k5-int.h on Windows and - Macintosh builds. - - * Makefile.in (SRCS): Renamed release_buffer.c to rel_buffer.c, - and release_oid_set.c to rel_oid_set.c. Marc broke the - DOS 8.3 renaming which Gilmore had done to conform with - DOS's filesystem constraints. - -Fri Jun 21 18:02:51 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * gssapi.h: Fix Win-16 build #defines for KRB5_CALLCONV and - KRB5_DLLIMP. - -Thu Jun 13 22:11:08 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * configure.in: remove ref to ET_RULES - -Wed Jun 12 00:48:32 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Update special rule for gssapi_err_generic.obj - so that it uses the right Win-32 library command. - -Wed Jun 12 00:46:41 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * gssapi.h: Change INTERFACE to be KRB5_CALLCONV, which is where - the calling convention is defined. Add KRB5_DLLIMP - which is where the DLL import/export should be put for - Win32. (Win16 is just different.) The correct way to - declare a function which will be used in a DLL is now: - KRB5_DLLIMP func_return_t KRB5_CALLCONV func(long) - - Change function delcarations to use the new - convention. Actually, it doesn't hurt to use the old - convention as long as func_return_t doesn't contain a - '*'. But in the long run we should be exterminating - all uses of INTERFACE in favor of KRB5_CALLCONV and - KRB5_DLLIMP. - -Sun Apr 21 03:07:02 1996 Marc Horowitz <marc@mit.edu> - - * gssapi_generic.c, release_buffer.c, release_oid_set.c: added - files which should have been added before, but either I or commit - was confused. - -Wed Apr 17 20:59:23 1996 Marc Horowitz <marc@mit.edu> - - * oid_ops.c: moved from mechglue - - * util_canonhost.c (g_canonicalize_host): cast the return value of - malloc() - - * gssapiP_generic.h: Added prototypes for oid_ops.c - - * gssapi.h: Make the types of OM_uint32 constants portable, - fix some minor compile-time nits - - * Makefile.in: change the list of files which need to be built - -Tue Apr 2 15:31:25 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (SRCS): Inlined list of source files for SRCS and - OBJS (for Macintosh build). - -Thu Feb 29 19:39:23 1996 Theodore Y. Ts'o <tytso@dcl> - - * util_token.c (der_length_size, der_write_size): Fix to work on - 16-bit platforms (we don't allow greater than 64k tokens - on these platforms). - -Tue Feb 27 17:49:54 1996 Theodore Y. Ts'o <tytso@dcl> - - * gssapi.h (size_t): Make sure size_t and uid_t are defined under - MS-DOS. - -Sat Feb 24 21:30:53 1996 Theodore Y. Ts'o <tytso@dcl> - - * gssapi.h (GSS_S_DUPLICATE_ELEMENT): New error code function. - XXX Need to square number assigment with official C-binds - draft once it is issued. - -Wed Jan 24 20:48:15 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * gssapi.h: Added definition of NPROTOTYPE to dtrt with Ultrix, - etc. Also added special case for Ultrix (limited - prototype support). - -Tue Jan 23 03:28:41 1996 Theodore Y. Ts'o <tytso@dcl> - - * gssapiP_generic.h: Removed prototypes of functions that have - been moved to the mechglue layer. - - * Makefile.in: Removed gssapi_generic.c, oid_ops.c, rel_buffer.c, - and rel_oid_set.c --- these functions are now done in the - mechglue layer. - -Wed Jan 10 21:31:42 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (gssapi_err_generic.$(OBJEXT)): Added ##DOS - statements after gssapi_err_generic.$(OBJECT) to get it - added to library on Windows. (Patch from Doug Engert). - - * gssapi.h: Remove #if statement that used sizeof(xxx), since that - won't work for most C compilers/C preprocessors! - -Thu Jan 4 21:33:38 1996 Theodore Y. Ts'o <tytso@dcl> - - * gssapiP_generic.h (TWRITE_INT16, TREAD_INT16): Added new macros - to read and write two byte integers from the wire. - - * gssapiP_generic.h: Don't include <sys/types.h> since it's - already included by gssapi.h. - - * gssapi.h: Add a #ifndef _MACINTOSH around include of <sys/types.h> - -Fri Nov 17 22:21:58 1995 <tytso@rsts-11.mit.edu> - - * Makefile.in, ChangeLog: Add support to compile shared libraries. - - * gssapi.h: Include sys/types.h, since that's where POSIX says - size_t is defined. - -Fri Oct 6 22:01:57 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Fri Sep 29 02:02:35 1995 Theodore Y. Ts'o <tytso@dcl> - - * gssapi.h: For MS-DOS, use the brute force method of defining the - size of variables; we should really get an autoconf file - for MS-DOS. - -Mon Sep 28 12:00:00 1995 John Rivlin <jrivlin@fusion.com> - - * gssapi_generic.h: Modified to use build in compiler symbols rather - than relying on _MACINTOSH so the projects can include the file - without using our headers. - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Mon Sep 25 16:53:00 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 13 10:36:32 1995 Keith Vetter (keithv@fusion.com) - - * oid_ops.c: signed/unsigned mismatch, removed unused variables. - * util_oid.c: changed int to a size_t. - -Wed Sep 6 12:00:00 1995 James Mattly <mattly@fusion.com> - * gssapiP_generic.h: changed a path bearing include for MACINTOSH - * gssapi_generic.h: changed a path bearing include for MACINTOSH - * util_cannonhost.h: changed a path bearing include for MACINTOSH - * utl_nohash_validate.h: changed a path bearing include for MACINTOSH, - also we don't have limits.h - - -Thu Aug 31 11:43:59 EDT 1995 Paul Park (pjpark@mit.edu) - * gssapi.h - Update to V2 API. Also use autoconf.h if USE_AUTOCONF_H - is defined, otherwise resort to brute force. Remove const_ - gss_OID, as it's not defined in the API. - * gssapiP_generic.h - Add new V2 dispatch prototypes. Update - arguments to be compatible with V2 API. - * disp_major_status.c - Describe new failure codes. Update argument. - * gssapi_generic.c - Replace const_gss_OID. - * rel_oid_set.c - Free individual OID data also. - * util_token.c - Replace const_gss_OID. - * oid_ops.c - New V2 OID set manipulation routines. - * Makefile.in, .Sanitize - Add oid_ops.c. - - -Tue Aug 29 13:30:29 EDT 1995 Paul Park (pjpark@mit.edu) - * gssapi.h - Add prototypes for gss_{im,ex}port_sec_context. - - -Thu Jul 27 15:25:08 EDT 1995 Paul Park (pjpark@mit.edu) - * gssapiP_generic.h - Include k5-int.h instead of k5-config.h and - conditionally k5-sockets.h. - - -Fri Jul 7 16:22:49 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Remove LDFLAGS, it's set by configure. - -Fri Jun 9 19:25:47 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Wed May 24 06:52:41 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * gssapiP_generic.h: Include k5-sockets.h now that k5-config.h - does not include netdb.h. - -Mon May 22 10:08:13 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Install EXPORTED_HEADERS in gssapi subdirectory of - KRB5_INCDIR. - * configure.in - Find KRB5ROOT and install program. - -Sat Apr 29 15:29:15 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * gssapi.h: Only define PROTOTYPE if it is not deined at all. - -Fri Apr 21 10:57:44 1995 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * gssapi.h: If !stdc and !windows, define PROTOTYPE properly. - -Thu Apr 20 14:23:14 1995 Keith Vetter (keithv@fusion.com) - - * gssapi.h: fixed up the "windows specific hackery". - -Thu Apr 20 11:41:04 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Add checking for SIZEOF_SHORT, SIZEOF_INT, and - SIZEOF_LONG, so we don't need to depend on getting this - information from include/krb5/autoconf.h - - * gssapi.h: Removed dependence on krb5 include files. - - * gssapiP_generic.h: We need to include k5-config in order to get - Windows specific hackery. Somewhat of a wart, but this is - a gssapi internal header file, so the rest of the world - doesn't have to see this. - - * util_token.c: Define VALID_INT, instead of relying on this being - defined by krb5.h. - -Thu Apr 13 16:27:56 1995 Keith Vetter (keithv@fusion.com) - - * gssapi_e.c: __STDC__ conditional also checks the _WINDOWS define. - * *.[ch]: removed unneeded INTERFACE from non-api functions. - * *.h added FAR to pointers visible at to the world. - -Tue Mar 28 18:28:03 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (unixmac): Add to build header files. - -Fri Mar 24 18:02:15 1995 Theodore Y. Ts'o (tytso@rt-11) - - * util_canonhost.c: Don't include sys/socket.h and netdb.h, since - they are included by k5-config.h - -Tue Mar 21 19:09:34 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed the name of the library the PC - builds, and added xxx-mac targets to mimic xxx-unix. - -Tue Mar 7 20:14:53 1995 Keith Vetter (keithv@fusion.com) - - * disp_maj.c: added casts on int->long assignments. - * util_can.c: made to work with PC winsockets. - * util_dup.c: added system include for prototype info. - * util_tok.c: int/long problems. - * gssapip_.h: added casts on int->char assignments. - -Tue Feb 28 00:25:58 1995 John Gilmore (gnu at toad.com) - - * gssapi.h: Avoid <krb5/...> includes. - * disp_com_err_status.c: Use "com_err.h" not <com_err.h>. - -Mon Feb 20 18:50:33 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work on the PC - * Added windows INTERFACE keyword - disp_com.c disp_maj.c rel_buff.c rel_oid_.c - util_buf.c util_can.c util_dup.c util_oid.c - util_tok.c util_val.c utl_noha.c - * gssapiP_generic.h: - added INTERFACE keyword - removed inclusion - * util_tok.c: had to coerce long to int on TWRITE_STR. - * gssapi.h: made typedef for OM_uint32 machine independent and - added INTERFACE to prototypes. - -Mon Feb 20 12:00:00 1994 Keith Vetter (keithv@fusion.com) - - More DOS 8.3 renames--for files created by make - * gssapi_generic_err.et => gssapi_err_generic.et - => gssapi_err_generic.h - => gssapi_err_generic.c - * gssapiP_generic.h was changed to match - * Makefile.in was changed to match - -Fri Feb 3 00:18:11 1995 John Gilmore <gnu@cygnus.com> - - Rename files for DOS 8.3 uniqueness: - * display_com_err_status.c => disp_com_err_status.c - * display_major_status.c => disp_major_status.c - * release_buffer.c => rel_buffer.c - * release_oid_set.c => rel_oid_set.c - * util_val_nohash.c => utl_nohash_validate.c - * Makefile.in was changed to match. - -Sat Aug 20 01:34:46 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * gss_generic.c (gss_OID_desc): Fix OID's! - -Thu Jul 14 03:29:25 1994 Tom Yu (tlyu at dragons-lair) - - * Makefile.in: remove spurious mkdir - -Tue Jun 21 01:17:35 1994 Mark W. Eichin (eichin at mit.edu) - - * configure.in: add AC_SIZE_T. - diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog deleted file mode 100644 index ea60edfe8..000000000 --- a/src/lib/gssapi/krb5/ChangeLog +++ /dev/null @@ -1,2299 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (generate-files-mac): Depend on gssapi_krb5.h. - -2006-03-07 Jeffrey Altman <jaltman@mit.edu> - - * acquire_cred.c: (acquire_init_cred) - If the leash32.dll is not available, fallback to opening the - default credential cache even when the desired_name is - provided. - -2005-11-14 Jeffrey Altman <jaltman@mit.edu> - - * gssapi_krb5.hin: include k5-int.h instead of krb5.h - -2005-10-20 Alexandra Ellwood <lxs@mit.edu>, Jeffrey Altman <jaltman@mit.edu> - - * acquire_cred.c (acquire_init_cred): - If a specific principal has been requested, attempt to acquire - tickets and set the ccache name in the context to the ccache - containing the tickets if obtained. (KFM/KFW) - -2005-10-20 Jeffrey Altman <jaltman@mit.edu> - - * gssapi_krb5.hin: add missing GSS_DLLIMP to exported symbols - -2005-09-21 Tom Yu <tlyu@mit.edu> - - * import_name.c (krb5_gss_import_name): Add missing free of tmp in - an error case to fix a memory leak. - - * inq_cred.c (krb5_gss_inquire_cred): Memory leak fixes: call - krb5_gss_release_cred() with address of cred, not cred; add - missing call to krb5_gss_release_cred() in an error case. - - * duplicate_name.c (krb5_gss_duplicate_name): - * export_name.c (krb5_gss_export_name): Fix gsstest nit by - clearing minor_status if no errors. - - * inq_cred.c (krb5_gss_inquire_cred): Initialize ret_name to - NULL. Only call kg_save_name() if ret_name is actually non-NULL. - Return GSS_C_NO_NAME for now if no principal name in the cred. - Reported by Christoph Weizen. - -2005-08-11 Tom Yu <tlyu@mit.edu> - - * import_name.c: Include stdio.h regardless of presence of - getpwuid_r(), to ensure definition of BUFSIZ. Reported by - Vladimir Terziev. - -2005-04-07 Tom Yu <tlyu@mit.edu> - - * Makefile.in (gssapi_krb5.h): Use awk hack to work around quoting - problem. - -2005-03-25 Ken Raeburn <raeburn@mit.edu> - - * import_name.c (krb5_gss_import_name): Use k5_getpwuid_r. - -2005-01-13 Jeffrey Altman <jaltman@mit.edu> - - * init_sec_context.c, acquire_cred.c: fix calls to - krb5_gss_release_cred() to pass in the correct type. - This fixes a mutex leak. - -2004-08-27 Tom Yu <tlyu@mit.edu> - - * init_sec_context.c (make_ap_req_v1): Free checksum data - allocated by make_gss_checksum() to avoid leak. - - * k5sealv3.c (gss_krb5int_unseal_token_v3): Free plain.data after - checksum is verified, to avoid leak. - -2004-08-26 Ken Raeburn <raeburn@mit.edu> - - * acquire_cred.c (krb5_gss_acquire_cred): Call - gssint_initialize_library. Return correct error code on mutex - initialization failure. - -2004-07-29 Ken Raeburn <raeburn@mit.edu> - - * gssapi_krb5.c (kg_ccache_name): Variable deleted. - (kg_sync_ccache_name, kg_get_ccache_name, kg_set_ccache_name): Get - and set thread-specific values instead. - -2004-07-28 Ken Raeburn <raeburn@mit.edu> - - * gssapiP_krb5.h (struct _krb5_gss_cred_id_rec): Add a mutex. - (krb5_gss_validate_cred_1): Declare. - * accept_sec_context.c (rd_and_store_for_creds): Initialize mutex. - * acquire_cred.c (krb5_gss_acquire_cred): Initialize mutex. - * add_cred.c (krb5_gss_add_cred): Create the krb5 context - earlier. Call krb5_gss_validate_cred_1. Make sure the mutex is - locked. - * copy_ccache.c (gss_krb5_copy_ccache): Lock the mutex in the - source credential. - * init_sec_context.c (get_credentials, new_connection): Check that - the mutex is locked. - (mutual_auth): Delete unused credential argument. - (krb5_gss_init_sec_context): Lock the mutex. - * inq_cred.c (krb5_gss_inquire_cred): Lock the mutex. - * rel_cred.c (krb5_gss_release_cred): Destroy the mutex. - * set_allowable_enctypes.c (gss_krb5_set_allowable_enctypes): Lock - the mutex. - * val_cred.c (krb5_gss_validate_cred_1): New function, most of old - krb5_gss_validate_cred but requires that the krb5 context be - supplied, and returns with the credential mutex still locked if - successful, so the caller needn't re-lock it. - (krb5_gss_validate_cred): Use it. - - * set_ccache.c (gss_krb5_ccache_name): Don't make a copy of the - string returned by kg_get_ccache_name. Simplify some calls using - a temporary error code variable. - - * gssapi_krb5.c (kg_get_ccache_name): Make a copy of the default - ccache name, because calling krb5_free_context will destroy it. - Make the copy always, not just in the local-context case. Check - for errors in making the copy. - -2004-07-14 Ken Raeburn <raeburn@mit.edu> - - * gssapi_krb5.c (kg_sync_ccache_name): Add context argument - instead of calling kg_get_context. - (kg_get_ccache_name): Use a locally created krb5 context instead - of calling kg_get_context. - (kg_get_context): Deleted. - * acquire_cred.c (acquire_init_cred): Pass current context. - (krb5_gss_acquire_cred): Use a locally created krb5 context - instead of calling kg_get_context. - * add_cred.c (krb5_gss_add_cred): Call kg_sync_ccache_name. - * init_sec_context.c (krb5_gss_init_sec_context): Likewise. - * gssapiP_krb5.h (kg_sync_ccache_name): Update prototype. - (kg_get_context): Delete declaration. - -2004-07-13 Ken Raeburn <raeburn@mit.edu> - - * acquire_cred.c: Include gss_libinit.h. - (gssint_krb5_keytab_lock): New mutex. - (krb5_gss_register_acceptor_identity, acquire_accept_cred): Lock - the mutex while manipulating krb5_gss_keytab. - * gssapiP_krb5.h (gssint_krb5_keytab_lock): Declare. - - * set_ccache.c (gss_krb5_ccache_name): Check thread-specific data - for the saved "old" name to free. Save the new old name in - thread-specific data. - -2004-07-08 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LOCALINCLUDES): Add $(srcdir)/.. to the list. - -2004-07-07 Ken Raeburn <raeburn@mit.edu> - - * disp_status.c: Include gss_libinit.h. - (init_et): Variable deleted. - (krb5_gss_display_status): Don't use init_et; instead, call - gssint_initialize_library. - -2004-07-06 Ken Raeburn <raeburn@mit.edu> - - * import_name.c [HAVE_GETPWUID_R]: Include stdio.h. - (krb5_gss_import_name) [HAVE_GETPWUID_R]: Use getpwuid_r instead - of getpwuid, for thread safety. - -2004-06-17 Tom Yu <tlyu@mit.edu> - - * ser_sctx.c (kg_ctx_size, kg_ctx_externalize): - (kg_ctx_internalize): Adjust for new field cred_rcache. - -2004-06-15 Tom Yu <tlyu@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Only null - out the auth_context's rcache if it was provided by acceptor - creds; this prevents a leak. - - * delete_sec_context.c (krb5_gss_delete_sec_context): Only null - out the auth_context's rcache if it was provided by acceptor - creds; this prevents a leak. - - * gssapiP_krb5.h (krb5_gss_ctx_id_rec): Add cred_rcache to track - whether acceptor creds provided an rcache. - -2004-06-14 Tom Yu <tlyu@mit.edu> - - * init_sec_context.c (krb5_gss_init_sec_context): Fix pointer - assignment when retrieving k5_context from existing - context_handle. - -2004-06-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (gssapi_krb5.h): Add Windows version of generation - rule. - -2004-06-09 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (install-headers-unix install): install - gssapi_krb5.h from build directory not source directory - - * accept_sec_context.c (krb5_gss_accept_sec_context): If the - server provides channel bindings, these channel bindings must be - matched. Thus clients can only provide null channel bindings if - the server provides no channel bindings. - -2004-06-08 Sam Hartman <hartmans@mit.edu> - - * set_allowable_enctypes.c lucid_context.c: new file - - * gssapi_krb5.hin: Made file autogenerated; support gss_uint64 type - - * Makefile.in (gssapi_krb5.h): Include code to pull in stdint.h if available. - - * gssapi_krb5.h: Add declarations for lucid_context support - -2004-04-24 Ken Raeburn <raeburn@mit.edu> - - * gssapi_krb5.c (kg_get_ccache_name): Don't test err while it's - still known to be 0. - (kg_set_ccache_name): Likewise. Return after an error rather - than continuing. - - * krb5_gss_glue.c (gss_import_name): Call - gssint_initialize_library and check the return status. - -2004-04-13 Jeffrey Altman <jaltman@mit.edu> - - * k5unseal.c: gss_krb5int_unseal_token_v3() takes a pointer to - krb5_context - * import_sec_context.c: krb5_gss_ser_init() contains a function - pointer table. this table must use pointers to functions of - type KRB5_CALLCONV. - -2004-03-20 Ken Raeburn <raeburn@mit.edu> - - * rel_cred.c (krb5_gss_release_cred): Create and destroy a local - krb5 context. - * rel_name.c (krb5_gss_release_name): Likewise. - * val_cred.c (krb5_gss_validate_cred): Likewise. - -2004-03-19 Ken Raeburn <raeburn@mit.edu> - - * add_cred.c (krb5_gss_add_cred): Create and destroy a local krb5 - context. - * compare_name.c (krb5_gss_compare_name): Likewise. - * copy_ccache.c (gss_krb5_copy_ccache): Likewise. - * disp_name.c (krb5_gss_display_name): Likewise. - * duplicate_name.c (krb5_gss_duplicate_name): Likewise. - * inq_cred.c (krb5_gss_inquire_cred): Likewise. - * export_name.c (krb5_gss_export_name): Likewise. - * import_name.c (krb5_gss_import_name): Likewise. - - * context_time.c (krb5_gss_context_time): Use the krb5 context in - the GSS security context. - -2004-03-15 Ken Raeburn <raeburn@mit.edu> - - * k5seal.c (kg_seal): Extract the krb5 context from the security - context instead of requiring it be passed in as an argument. - * k5unseal.c (kg_unseal): Likewise. - * gssapiP_krb5.h (kg_seal, kg_unseal): Declarations updated. - * delete_sec_context.c, process_context_token.c, seal.c, sign.c, - unseal.c, verify.c: Callers changed. - * inq_context.c (krb5_gss_inquire_context): Use krb5 context - contained in security context instead of calling kg_get_context. - * wrap_size_limit.c (krb5_gss_wrap_size_limit): Likewise. - - * import_sec_context.c (krb5_gss_ser_init): New function. - (krb5_gss_import_sec_context): Create a krb5 context locally to - use for the import. - * export_sec_context.c (krb5_gss_export_sec_context): Use the - krb5 context in the security context. - * gssapiP_krb5.h (krb5_gss_ser_init): Declare. - * gssapi_krb5.c (kg_get_context): Don't call krb5 serialization - initialization code here. - - * accept_sec_context.c (krb5_gss_accept_sec_context): Free the - new krb5 context in an error case not caught before. - -2004-03-14 Ken Raeburn <raeburn@mit.edu> - - * gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Add a krb5 - context object. - * init_sec_context.c (krb5_gss_init_sec_context): Create a new - krb5 context, and store it in the security context if - successful. If there's already a security context, use the krb5 - context in it. - * accept_sec_context.c (krb5_gss_accept_sec_context): Create a - new krb5 context, and store it in the security context if - successful. - * delete_sec_context.c (krb5_gss_delete_sec_context): If the - security context has a krb5 context, free it. - - * gssapi_krb5.c (kg_vdb): Change type to g_set and initialize. - * gssapiP_krb5.h (kg_vdb): Declaration updated. - - * gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Delete fields - init_token and testing_unknown_tokid. - * init_sec_context.c (new_connection): Drop support (already - inside "#if 0") for them. - (krb5_gss_init_sec_context): Drop support for - testing_unknown_tokid. - (mutual_auth): Don't let major_status be used uninitialized. - -2004-03-08 Ezra Peisach <epeisach@mit.edu> - - * gssapiP_krb5.h: Add prototype for gss_krb5int_unseal_token_v3. - -2004-03-03 Ken Raeburn <raeburn@mit.edu> - - * disp_status.c (krb5_gss_display_status): Don't call - kg_get_context; delete local krb5_context variable. - * inq_cred.c (krb5_gss_inquire_cred_by_mech): Likewise. - * inq_names.c (krb5_gss_inquire_names_for_mech): Likewise. - -2004-02-26 Sam Hartman <hartmans@avalanche-breakdown.mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Don't clear - the DO_TIME flag until after rd_req is called so a replay cache is - set up even in the no_credential case. - -2004-02-23 Ken Raeburn <raeburn@mit.edu> - - * wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix calculation - for confidential CFX tokens. - -2004-02-09 Ken Raeburn <raeburn@mit.edu> - - * ser_sctx.c (kg_oid_externalize): Check for errors. - (kg_oid_internalize): Check for errors. Free allocated storage on - error. - (kg_queue_externalize): Check for errors. - (kg_queue_internalize): Check for errors. Free allocated storage - on error. - (kg_ctx_size): Update for new context data. - (kg_ctx_externalize): Update for new context data. Check for - error storing trailer. - (kg_ctx_internalize): Update for new context data. Check for - errors in a few more cases. - -2004-02-05 Jeffrey Altman <jaltman@mit.edu> - - * gssapiP_krb5.h: remove KG_IMPLFLAGS macro - - * init_sec_context.c (init_sec_context): Expand KG_IMPLFLAGS - macro with previous macro definition - - * accept_sec_context.c (accept_sec_context): Replace KG_IMPLFLAGS - macro with new definition. As per 1964 the INTEG and CONF flags - are supposed to indicate the availability of the services in - the client. By applying the previous definition of KG_IMPLFLAGS - the INTEG and CONF flags are always on. This can be a problem - because some clients such as Microsoft's Kerberos SSPI allow - CONF and INTEG to be used independently. By forcing the flags - on, we would end up with inconsist state with the client. - -2004-01-27 Ken Raeburn <raeburn@mit.edu> - - * init_sec_context.c (make_gss_checksum) [CFX_EXERCISE]: Don't - crash on null pointer in debugging code. - (new_connection): Disable CFX_EXERCISE unknown-token-id case - detection. - - * accept_sec_context.c (krb5_gss_accept_sec_context) - [CFX_EXERCISE]: Log to /tmp/gsslog whether delegation or extra - option bytes were present. - -2004-01-05 Ken Raeburn <raeburn@mit.edu> - - * init_sec_context.c: Include auth_con.h if CFX_EXERCISE is - defined. - (make_gss_checksum) [CFX_EXERCISE]: If the key enctype is aes256, - insert some stuff after the delegation slot. - (new_connection) [CFX_EXERCISE]: Don't send messages with bogus - token ids. - - * accept_sec_context.c (krb5_gss_accept_sec_context): Don't - discard the delegation flag; only look for a delegation if the - flag is set, and only look for delegation, not other options. - Ignore any other data there. - -2003-12-19 Ken Raeburn <raeburn@mit.edu> - - * util_crypt.c (kg_encrypt, kg_decrypt): Input pointer now points - to const. - * gssapiP_krb5.h: Declarations updated. - * util_seed.c (zeros): Now const. - -2003-12-19 Tom Yu <tlyu@mit.edu> - - * init_sec_context.c: Include k5-int.h for accessor. - -2003-12-18 Jeffrey Altman <jaltman@mit.edu> - - * accept_sec_context.c, init_sec_context.c, ser_sctx.c: - Implement use of krb5int_accessor() for krb5int_c_mandatory_cksumtype, - krb5_ser_pack_int64, and krb5_ser_unpack_int64 - -2003-12-13 Ken Raeburn <raeburn@mit.edu> - Sam Hartman <hartmans@avalanche-breakdown.mit.edu> - - * k5sealv3.c: New file, implements Wrap and MIC tokens for CFX - extensions. - * gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Added acceptor - subkey, 64-bit sequence numbers, checksum type, and hooks for - sending a bogus initial token for CFX testing. Changed some flags - into bitfields. - (gss_krb5int_make_seal_token_v3): Declare. - * Makefile.in (SRCS, OBJS, STLIBOBJS): Build it. - * accept_sec_context.c (krb5_gss_accept_sec_context): Add CFX - support. For G_WRONG_TOKID, send back an error token with - AP_ERR_MSG_TYPE code and return a CONTINUE_NEEDED indication. - Initialize new fields in context. - * delete_sec_context.c (krb5_gss_delete_sec_context): Free - acceptor subkey field. - * init_sec_context.c (get_credentials): Drop enctypes argument; - callers changed. - (get_requested_enctypes): Deleted. - (setup_enc): Combine some common sections. Do CFX initialization - for newer enctypes. - (new_connection) [CFX_EXERCISE]: If doing CFX, send a bogus - token. Delete the enctype list manipulation. - (mutual_auth): If CFX, save acceptor's subkey. - * k5seal.c (make_seal_token_v1): Sequence number is now 64 bits. - (kg_seal): Call out to _v3 code for CFX. - * k5unseal.c (kg_unseal): For CFX, adjust token id numbers and - call out to _v3 code. - * wrap_size_limit.c (krb5_gss_wrap_size_limit): Implement CFX - support. - - * gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Deleted fields - ctypes and nctypes. - * delete_sec_context.c, init_sec_context.c, ser_sctx.c: Removed - references. - -2003-12-11 Alexandra Ellwood <lxs@mit.edu> - - * acquire_cred.c, gssapi_krb5.c, gssapiP_krb5.h, set_ccache.c: - Added kg_sync_ccache_name(), kg_get_ccache_name, and - kg_set_ccache_name() and rewrote gss_krb5_ccache_name() and - added a call to kg_sync_ccache_name() to acquire_init_cred() - to fix a bug where on systems with multiple ccaches that GSSAPI - gets stuck on the ccache that was default when it launched. - -2003-07-19 Ezra Peisach <epeisach@mit.edu> - - * acquire_cred.c (krb5_gss_register_acceptor_identity): Allocate - enough memory to include the null at the end of the keytab char *. - -2003-07-17 Tom Yu <tlyu@mit.edu> - - * gssapiP_krb5.h: Delete kg_release_defcred(); it's no longer - used. - - * gssapi_krb5.c: Delete defcred; it's no longer cached. - (kg_get_defcred): Don't cache. - (kg_release_defcred): Delete; it's no longer used. - - * init_sec_context.c (krb5_gss_init_sec_context): Break into more - manageable pieces. Clean up a few error condition memory leaks - previously obscured by the sheer size of this function. - (setup_enc): New function; used to be part of - krb5_gss_init_sec_context() responsible for setting up enctypes, - keyblocks, related nastiness. - (get_requested_enctypes): New function; used to be part of - krb5_gss_init_sec_context() responsible for pruning the krb5 - library's default enctype list to the limited set of enctypes - usable with GSSAPI. - (new_connection): New function; used to be part of - krb5_gss_init_sec_context() responsible for initial gss_ctx setup - and creating the AP-REQ. - (mutual_auth): New function; used to be part of - krb5_gss_init_sec_context() responsible for reading the AP-REP if - mutual auth was requested. - - * inq_cred.c (krb5_gss_inquire_cred): Rearrange due to removal of - kg_release_defcred(), particularly to explicitly release the - defcred once it's obtained. - - * rel_cred.c (krb5_gss_release_cred): Remove call to - kg_release_defcred(), and always succeed in releasing the null - credential. - - * set_ccache.c (gss_krb5_ccache_name): Remove call to - kg_release_defcred(). - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-07-14 Tom Yu <tlyu@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Call - TREAD_STR with correct arguments. Patch from Emily Ratliff. - -2003-07-10 Tom Yu <tlyu@mit.edu> - - * acquire_cred.c (acquire_init_cred): Close the ccache if - krb5_cc_set_flags() fails, as krb5int_cc_default succeeds even if - the file is not there, but krb5_cc_set_flags will fail in turning - off OPENCLOSE mode if the file can't be opened. Thanks to Kent Wu. - -2003-06-13 Tom Yu <tlyu@mit.edu> - - * init_sec_context.c (make_ap_req_v1): Free checksum_data if - needed, to avoid leaking memory. Found by Kent Wu. - (krb5_gss_init_sec_context): Free default_enctypes to avoid - leaking returned value from krb5_get_tgs_ktypes. - - * k5unseal.c (kg_unseal_v1): Explicitly set token.value to NULL if - token.length == 0, to avoid spurious uninitialized memory - references when calling memcpy() with a zero length. - -2003-05-13 Tom Yu <tlyu@mit.edu> - - * gssapi_krb5.h: Remove check for GSS_RFC_COMPLIANT_OIDS. - -2003-05-09 Tom Yu <tlyu@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Rename - remote_subkey -> recv_subkey. - - * init_sec_context.c (krb5_gss_init_sec_context): Rename - local_subkey -> send_subkey. - -2003-03-14 Sam Hartman <hartmans@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Set - prot_ready here - - * init_sec_context.c (krb5_gss_init_sec_context): Set prot_ready - after context established - - * gssapiP_krb5.h (KG_IMPLFLAGS): Don't claim prot_ready until the - context is established because we don't currently support it. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * disp_status.c, gssapi_krb5.h, gssapiP_krb5.h: - Removed Mac header goober. - -2003-03-05 Tom Yu <tlyu@mit.edu> - - * acquire_cred.c (krb5_gss_register_acceptor_identity): New - function. Allows global override of default keytab for - gss_acquire_cred() purposes. - (acquire_accept_cred): Implement override. - - * gssapi_krb5.h: Add krb5_gss_register_acceptor_identity. - -2003-03-04 Sam Hartman <hartmans@mit.edu> - - * accept_sec_context.c (rd_and_store_for_creds): Do not expect sequence number in incoming krb_cred message. - -2003-03-02 Sam Hartman <hartmans@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Deal with - creds without rcache available. They will be slower. - - * add_cred.c (krb5_gss_add_cred): Deal with princ being null - - * accept_sec_context.c (krb5_gss_accept_sec_context): Populate - ctx->here from ticket->server instead of cred->princ. If - cred->princ exists it will be the same, but the previous change - may make it null - - * inq_cred.c (krb5_gss_inquire_cred): Allow for null princ - component of credentials - - * acquire_cred.c: When acquiring acceptor credentials, allow - GSS_C_NO_NAME to mean that we accept any credential. In this case - we do not look to see if the principal is found in the keytab and - we leave princ null in the context. This means you get - GSS_C_NO_NAME out from inquire_cred. If cred->princ is null - don't set up a rcache - -2003-03-01 Tom Yu <tlyu@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Don't - validate verifier_cred_handle if GSS_C_NO_CREDENTIAL is passed in. - -2003-02-25 Tom Yu <tlyu@mit.edu> - - * set_ccache.c (gss_krb5_ccache_name): Don't return a pointer to - freed memory. - -2003-02-24 Tom Yu <tlyu@mit.edu> - - * gssapi_krb5.c (kg_get_defcred): Revert previous; it's probably - not appropriate for inquire_cred() to cause new credentials to be - fetched. - - * init_sec_context.c (krb5_gss_init_sec_context): Explicitly - release default cred in the NO_CREDENTIAL case, so it is always - refreshed. - -2003-02-21 Tom Yu <tlyu@mit.edu> - - * gssapi_krb5.c (kg_get_defcred): Check for invalid or expired - defcred if it exists, and call acquire_cred() again if necessary. - -2003-02-13 Tom Yu <tlyu@mit.edu> - - * Makefile.in ($(GSSAPI_KRB5_HDR)): Use $(S) to avoid problems on - windows. - -2003-02-12 Tom Yu <tlyu@mit.edu> - - * Makefile.in (includes): Delete gssapi_krb5.h rule. - ($(GSSAPI_KRB5_HDR)): Add command to create header directory if - needed. - (all-unix): Add $(GSSAPI_KRB_HDR). - -2003-02-09 Ezra Peisach <epeisach@bu.edu> - - * init_sec_context.c (make_ap_req_v1): Unsigned/signed cleanup. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2003-01-07 Sam Hartman <hartmans@mit.edu> - - * init_sec_context.c (make_gss_checksum): New function to - construct the checksum in the authenticator, used directly or - indirectly depending on whether krb5_cred is encrypted. - (make_ap_req_v1): use it - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * Makefile.original: Deleted. - -2002-11-15 Ezra Peisach <epeisach@bu.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Use unsigned - lengths for arguments to g_token_size and g_make_token_header. - - * export_name.c (krb5_gss_export_name): Change local length - variable to unsigned. - - * k5unseal.c (kg_unseal_v1): Seqnum variable changed from - krb5_int32 to krb5_ui_4. - - * k5seal.c (make_seal_token_v1): Change seqnum argument to - krb5_ui_4 from krb5_int32 to match krb5_gss_ctx_id_rec struct. - - * gssapiP_krb5.h, util_crypt.c, util_seqnum.c: kg_make_seq_num(), - kg_get_seq_num() changed to use krb5_ui_4 for sequence - numbers. kg_encrypt(), kg_decrypt() length argument now unsigned. - -2002-10-07 Sam Hartman <hartmans@mit.edu> - - * Makefile.in : Add install-headers support - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-27 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in ($(GSSAPI_KRB5_HDR)): Quote target of copy. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-07-15 Ezra Peisach <epeisach@bu.edu> - - * k5unseal.c (kg_unseal): Pass unsigned int * instead of int * - length return argument to g_verify_token_header. - - * accept_sec_context.c (krb5_gss_accept_sec_context): Pass - OM_uint32 * instead of krb5_error_code * to krb5_gss_release_cred. - -2002-07-14 Alexandra Ellwood <lxs@mit.edu> - - * gssapi_krb5.h: Added #include of gssapi.h and gssapi_generic.h - for the Mac because we can't assume people will include them and - get the OID macro and the old names on the Mac. - - * disp_status.c: Updated Mac OS X header paths. - - * gssapiP_krb5.h: Updated Mac OS X header paths and added - prototype on Mac. - - * gssapi_krb5.h: Updated Mac OS X headers to new framework layout - - [pullups from 1-2-2-branch] - -2002-07-14 Miro Jurisic <meeroh@mit.edu> - - * gssapi_krb5.h, gssapi_krb5.c: Added oids from rfc 1964 using the - suggested names. - [pullup from 1-2-2-branch] - -2002-07-12 Ken Raeburn <raeburn@mit.edu> - - * accept_sec_context.c (rd_and_store_for_creds): Remove - registration of memory ccache type. Don't declare krb5_mcc_ops. - - * init_sec_context.c (krb5_gss_init_sec_context): Instead of - asking for the enctypes supported by the GSS code, use that set as - a filter on the default enctypes and use the resulting list. - (make_ap_req_v2): Delete unused function. - - * k5mech.c, pname_to_uid.c, util_ctxsetup.c: Deleted. - * Makefile.in (SRCS, OBJS, STLIBOBJS): Don't compile - util_ctxsetup.c. - * rel_oid.c (krb5_gss_internal_release_oid): Now static. - * util_crypt.c (kg_encrypt_size): Function deleted. - * gssapiP_krb5.h (struct kg2_option, kg2_parse_token, - kg2_intersect_ctypes, krb5_gss_internal_release_oid, - kg_encrypt_size): Declarations deleted. - -2002-07-01 Ken Raeburn <raeburn@mit.edu> - - * gssapi_krb5.c (gss_mech_krb5_v2, gss_mech_set_krb5_v2, - gss_mech_set_krb5_v1v2): Delete variables. - * gssapi_krb5.h (gss_mech_krb5_v2, gss_mech_set_krb5_v2, - gss_mech_set_krb5_v1v2): Delete declarations. - * add_cred.c (krb5_gss_add_cred): Delete uses of them. - * canon_name.c (krb5_gss_canonicalize_name): Ditto. - * disp_status.c (krb5_gss_display_status): Ditto. - * indicate_mechs.c (krb5_gss_indicate_mechs): Ditto. - * inq_cred.c (krb5_gss_inquire_cred_by_mech): Ditto. - * inq_names.c (krb5_gss_inquire_names_for_mech): Ditto. - * rel_oid.c (krb5_gss_internal_release_oid): Ditto. - - * accept_sec_context.c (rd_and_store_for_creds): Extra parens - around assignments to quiet gcc. - (krb5_gss_accept_sec_context): Fix some type mismatches between - OM_uint32 and krb5_error_code. - * k5unseal.c (kg_unseal_v1): Move a variable declaration and - assignment to fix gcc "possibly uninitialized" warning. - * init_sec_context.c (get_credentials): Delete unused variable. - -2002-03-03 Sam Hartman <hartmans@mit.edu> - - * accept_sec_context.c (rd_and_store_for_creds): Patch from Steven - Michaud <smch@midway.uchicago.edu> to accept encrypted or - unencrypted credentials. This is important because Heimdal (and - sometimes Microsoft) send encrypted credentials. - -2001-11-18 Sam Hartman <hartmans@mit.edu> - - * init_sec_context.c (get_credentials): Override - default_tgs_enctypes rather than looping over credentials. Avoids - hits on the KDC. - -2001-10-30 Ezra Peisach <epeisach@mit.edu> - - * k5unseal.c: Fix whitespace in copyright message. - - * k5seal.c (make_seal_token_v1): Cleanup code for mic - tokens. Essentially revert code to Sam's 10/25 code, with one - correction - allocation of data_ptr - use msglen and not tmsglen. - Additionally, do not rely on malloc(0) being non-NULL. - -2001-10-27 Sam Hartman <hartmans@mit.edu> - - * k5seal.c (make_seal_token_v1): Use usage 15 only for mic tokens, - not for seal tokens without encryption - -2001-10-26 Ezra Peisach <epeisach@mit.edu> - - * k5seal.c (make_seal_token_v1): Correct errors in code pertaining - to case when signing message only. Fixes buffer overflows as found - by gssapi dejagnu testsuite. - -2001-10-25 Sam Hartman <hartmans@mit.edu> - - * k5unseal.c (kg_unseal_v1): same here. - - * k5seal.c (make_seal_token_v1): Factor out usage type we claim - for signatures so we can do something different for hmac-md5. - Microsoft uses a different usage number for mic tokens and wrap tokens. - - * k5unseal.c (kg_unseal_v1): Add arcfour checksum and decrypt support - - * util_seqnum.c (kg_get_seq_num): support arcfour_hmac - - * k5unseal.c (kg_unseal_v1): Get the sequence number before - decrypting the token so we can use it to decrypt arcfour - - * gssapiP_krb5.h util_crypt.c: New function kg_arcfour_docrypt - - * util_seqnum.c (kg_make_seq_num): Add rc4 support - - * k5seal.c (make_seal_token_v1): Simplify logic significantly. - Don't worry so much about only allocating memory we use; allocate - a full token all the time and only decide not to copy in data at - the last moment. This significantly simplifies the control flow, - giving better testing coverage and allowing better reasoning about - the code. Add arcfour-hmac support - - * util_crypt.c (kg_confounder_size): Special case arcfour to return 8 - -2001-10-24 Sam Hartman <hartmans@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Support rc4 enctype - - * init_sec_context.c (krb5_gss_init_sec_context): Support rc4 enctype - - * gssapiP_krb5.h: Remove claim we don't support Microsoft sign alg - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * gssapiP_krb5.h, gssapi_krb5.h, k5mech.c: Make prototypes - unconditional. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * accept_sec_context.c, gssapiP_krb5.h, import_sec_context.c, - krb5_gss_glue.c: Don't explicitly declare pointers FAR any more. - - * pname_to_uid.c: Drop _MSDOS support. - -2001-10-04 Tom Yu <tlyu@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Ignore - unrecognized options properly. [krb5-libs/738] - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * copy_ccache.c, get_tkt_flags.c, gssapi_krb5.h, krb5_gss_glue.c, - set_ccache.c: Don't use GSS_DLLIMP. - -2001-10-01 Tom Yu <tlyu@mit.edu> - - * accept_sec_context.c (rd_and_store_for_creds): Handle error - returns from krb5_rd_cred more sanely. - -2001-07-27 Danilo Almeida <dalmeida@mit.edu> - - * gssapi_krb5.h: Unmark gss_mech_krb5 variable as an import. - -2001-07-27 Danilo Almeida <dalmeida@mit.edu> - - * gssapi_krb5.h: Mark gss_mech_krb5 variable as an import. - -2001-07-25 Ezra Peisach <epeisach@mit.edu> - - * import_sec_context.c (krb5_gss_import_sec_context): Get rid of - variable set but never used. - * ser_sctx.c (kg_queue_internalize): Ditto - -2001-07-04 Ezra Peisach <epeisach@mit.edu> - - * ser_sctx.c: Declare kg_oid_size and kg_queue_size static. - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Do not - shadow local variable ptr. - -2001-06-22 Danilo Almeida <dalmeida@mit.edu> - - * util_crypt.c (kg_encrypt, kg_decrypt): Use free() instead of - krb5_free_data_contents(). - - * util_cksum.c (kg_checksum_channel_bindings): Make sure that - returned memory is allocated with xmalloc() so that caller can use - xfree() on it. - - * k5unseal.c (kg_unseal_v1): Use krb5_free_data_contents() - instead of xfree(). - - * k5seal.c (make_seal_token_v1): Use krb5_free_data_contents() - instead of xfree(). - - * init_sec_context.c (make_ap_req_v1): Use xfree() instead of - free() to be consistent with xmalloc() usage. Use - krb5_free_data_contents() instead of xfree(). - - * disp_name.c (krb5_gss_display_name): Use - krb5_free_unparsed_name() instead of xfree(). - - * add_cred.c (krb5_gss_add_cred): Use xfree() instead of free() to - be consistent with xmalloc() usage. - - * accept_sec_context.c (krb5_gss_accept_sec_context): Remove - variables that were effectively unused. Use - krb5_free_data_contents() instead of xfree() where appropriate. - -2001-06-20 Ezra Peisach <epeisach@mit.edu> - - * acquire_cred.c (acquire_init_cred): Include "k5-int.h" for - krb5int-cc_default() prototype. - -2001-06-18 Ezra Peisach <epeisach@mit.edu> - - * accept_sec_context.c acquire_cred.c import_sec_context.c - init_sec_context.c inq_cred.c: Cast const gss_OID to gss_OID for - gssapi functions which are not speced with const in the RFC. - -2001-06-07 Ezra Peisach <epeisach@mit.edu> - - * ser_sctx.c (kg_oid_internalize): Do away with local variable - that was set but never used. - -2001-06-04 Ezra Peisach <epeisach@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Cleanup - assignments in conditionals. - * k5seal.c (make_seal_token_v1): Likewise. - -2001-05-14 Ezra Peisach <epeisach@mit.edu> - - * wrap_size_limit.c (krb5_gss_wrap_size_limit): Get rid of unused - variable. - - * util_ctxsetup.c (kg2_parse_token): Fix erroneous assignment in - conditional. (code not used in current tree). - - * util_seed.c, util_seqnum.c, util_crypt.c, util_cksum.c: Cleanup - up assignments in conditionals. - - * ser_sctx.c (kg_queue_internalize): Get rid of unused variable. - - * gssapiP_krb5.h: Renable prototype for krb5_gss_release_oid() as - code is back (since 1996). - - * k5unseal.c (kg_unseal_v1): Declare internal function static. - - * init_sec_context.c (make_ap_req_v2): Comment out non-referenced - function. - - * gssapi_krb5.c: Include k5-int.h for krb5_ser_* prototypes. - -2001-04-24 Ezra Peisach <epeisach@mit.edu> - - * util_crypt.c (kg_make_confounder): Change variable random to - lrandom to prevent shadowing of global function. - -2000-12-07 Ken Raeburn <raeburn@mit.edu> - - * k5seal.c (make_seal_token_v1): Use ANSI-style definition, - instead of K&R plus prototype. Don't use too-big numbers even as - placeholders. - - * accept_sec_context.c (rd_and_store_for_creds): After creating an - auth context, set flags to require sequence numbers. - (krb5_gss_accept_sec_context): Likewise. - * init_sec_context.c (krb5_gss_init_sec_context): Likewise. - -2000-10-04 Ezra Peisach <epeisach@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): If an error - occurs after the auth_context is established, but before the - krb5_gss_ctx_id_rec is established, release our pointer to the - replay cache and invoke krb5_auth_con_free(). (krb5-libs/855) - -2000-10-03 Ezra Peisach <epeisach@mit.edu> - - * add_cred.c (krb5_gss_add_cred): krb5_cc_get_type() and - krb5_cc_get_name() return const char *. Cleanup assigments in - conditionals warnings. - -Fri Sep 22 12:05:31 2000 Ezra Peisach <epeisach@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): When - GCC_S_NO_CHANNEL_BINDINGS is set by the server, skip over the - bindings sent from the client. RFC-1964 indicates that the - client's channel bindings are always sent in checksum field and - need to be accounted for, evn if the server does not care. - -2000-09-01 Jeffrey Altman <jaltman@columbia.edu> - - * accept_sec_context.c: krb5_gss_accept_sec_context() - It has been determined by Martin Rex that Windows 2000 is incapable - of supporting channel bindings. This caused us to examine the - various RFCs affecting FTP GSSAPI to determine whether or not - channel bindings were a MUST for implementation of the FTP GSSAPI - protocol. It was determined that the channel binding facility as - described in RFC2743 is optional. Therefore, we cannot assume - that all clients or servers will support it. The code was updated - to allow GSS_C_NO_CHANNEL_BINDINGS when specified by either the - client or server to indicate that channel bindings will not be - used. - -2000-06-27 Tom Yu <tlyu@mit.edu> - - * init_sec_context.c (get_credentials): Add initial iteration of - krb5_get_credentials in order to differentiate between an actual - missing credential and merely a bad match based on enctype. This - was causing problems with kadmin. - -2000-06-09 Tom Yu <tlyu@mit.edu> - Ken Raeburn <raeburn@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Remove - explicit check of mech OID against credential. - - * util_crypt.c (kg_encrypt): Copy ivec, since c_encrypt() now - updates ivecs. - (kg_decrypt): Copy ivec, since c_decrypt() now updates ivecs. - - * init_sec_context.c (get_credentials): Don't check each enctype - against a list from the krb5 library; instead, just try to use it, - and go on to the next if the error code indicates we can't use it. - - * gssapiP_krb5.h (enum qop): New type, derived from spec but - currently not used. - * util_crypt.c (kg_encrypt, kg_decrypt): Added key derivation - usage value as an argument. Prototypes and callers updated; all - callers use KG_USAGE_SEAL, except KG_USAGE_SEQ when encrypting - sequence numbers. - * 3des.txt: New file. - - * gssapiP_krb5.h (struct _krb5_gss_ctx_id_rec): Delete field - gsskrb5_version. - (struct _krb5_gss_cred_id_rec): Delete field rfcv2_mech. - * accept_sec_context.c, acquire_cred.c, add_cred.c, inq_cred.c, - k5seal.c, k5unseal.c, ser_ctx.c: - Delete krb5-mech2 support. - - * init_sec_context.c (get_credentials): Enctype argument is now a - pointer to a list of enctypes. Explicitly try each in order until - success or an error other than cryptosystem not being supported. - (krb5_gss_init_sec_context): Pass list of cryptosystems, starting - with 3DES. - - * gssapiP_krb5.h (enum sgn_alg, enum seal_alg): New types, - giving symbolic names for values from RFC 1964, a Microsoft win2k - I-D, and our proposed 3des-sha1 values. - (KG_USAGE_SEAL, KG_USAGE_SIGN, KG_USAGE_SEQ): New macros. - - * accept_sec_context.c (rd_req_keyproc): Already-disabled routine - deleted. - (krb5_gss_accept_sec_context): Use sgn_alg and seal_alg symbolic - names. Add a case for des3-hmac-sha1. - * k5seal.c (make_seal_token_v1): Likewise. Do key derivation for - checksums. - * k5unseal.c (kg_unseal_v1): Likewise. - * util_crypt.c (kg_encrypt, kg_decrypt): Do key derivation for - encryption. - - * util_crypt.c (zeros): Unused variable deleted. - - * wrap_size_limit.c: Remove mech2 support. Add MIT copyright. - -2000-06-09 Nalin Dahyabhai <nalin@redhat.com> - - * add_cred.c (krb5_gss_add_cred): Don't overflow buffers "ktboth" - or "ccboth". - -2000-05-31 Wilfredo Sanchez <tritan@mit.edu> - - * accept_sec_context.c, gssapiP_krb5.h, init_sec_context.c, - k5unseal.c, util_cksum.c, util_crypt.c, util_seed.c: Check for - existance of <memory.h>. - [from Nathan Neulinger <nneul@umr.edu>] - -2000-5-19 Alexandra Ellwood <lxs@mit.edu> - - * acquire_cred.c: Changed to use krb5int_cc_default. This function - supports the Kerberos Login Library and pops up a dialog if the cache does - not contain valid tickets. This is used to automatically get a tgt before - obtaining service tickets. Note that this should be an internal function - because callers don't expect krb5_cc_default to pop up a dialog! - (We found this out the hard way :-) - -2000-04-08 Tom Yu <tlyu@mit.edu> - - * wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix up - wrap_size_limit() to deal with integrity wrap tokens properly. - The rfc1964 mech always pads and confounds regardless of whether - confidentiality is requested. - -2000-01-27 Ken Raeburn <raeburn@mit.edu> - - * init_sec_context.c (krb5_gss_init_sec_context): Default to - des-cbc-crc. - -1999-10-26 Ken Raeburn <raeburn@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Get rid of - unused variables 'err' and 'enctype'. - - * k5seal.c (make_integ_token_v2): Set 'code' when malloc fails. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Wed May 19 13:21:55 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Improve rule to create gssapi include dir under - windows. - -Wed May 19 11:40:52 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Add windows build rules for putting header files in - include dir. - -Mon May 10 15:22:27 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -Fri Apr 30 12:27:14 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * set_ccache.c (gss_krb5_ccache_name): Add call to free the - default credential changing the ccache name. - -Thu Apr 29 18:02:00 1999 Miro Jurisic <meeroh@mit.edu> - - * gssapi_krb5.h: Remove gssapi_generic.h includes because - this header file is public interface and gssapi_generic.h - isn't and shouldn't be included by clients. - -Fri Apr 23 00:31:17 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix wrap_size - limit so that it correctly calculates its results, and - underestimates the correct size instead of overestimating - it, and not returning zero all the time. (Which it used - to do after the March 25 fix.) - -Sat Apr 17 01:23:57 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * gssapi_krb5.h, copy_ccache.c, get_tkt_flags.c, set_ccache.c: - Make the krb5 extension functions exportable in a Windows - DLL. - -Fri Mar 26 22:17:20 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * acquire_cred.c (krb5_gss_acquire_cred): Don't use strcmp to - compare against principal components (they aren't null - terminated!) - -Thu Mar 25 22:43:54 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * gssapi_krb5.c: Rearrange OID's so that the V1V2 mechanism set - returns all three mechanism ID's recognized by this - implementation, with the RFC1964 OID first (and thus - preferred). - - * import_sec_context.c (krb5_gss_convert_static_mech_oid): Make - the old convert_static_oid() function globally accessible - with a namespace compliant name, since init_sec_context() - needs to be able to use this function. - - * indicate_mechs.c (krb5_gss_indicate_mechs): Return the v1v2 - mechanism set OID, since we should return all the - mechanisms that we support. - - * init_sec_context.c (krb5_gss_init_sec_context): Make - ctx->mech_used use a static OID, since it is returned by - gss_inquire_context which must return a static OID. - - * wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix bug where we - would overestimate the size of the allowable input message - by one byte, because we weren't passing the right estimate - of the wrapped data to g_token_size(). - -1999-03-14 Miro Jurisic <meeroh@mit.edu> - - * gssapi_krb5.h: added extern "C" for C++ friendliness - -1999-03-14 Miro Jurisic <meeroh@mit.edu> - - * set_ccache.c (gss_krb5_ccache_name): Now compiles - -1999-03-11 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * set_ccache.c (gss_krb5_ccache_name): Added new Krb5 specific - interface to set the default credentials cache name. - -1999-02-19 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in (DLL_FILE_DEF): Tell the Makefile template that we - are building object files for the GSSAPI DLL. - - * krb5_gss_glue.c: Change use of KRB5_DLLIMP to be GSS_DLLIMP. - -Mon Dec 21 19:50:04 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Eliminate - double free of ap_req.data, and initialize ctypes to be - NULL to avoid freeing a pointer to stack garbage when - doing a V1 mechanism accept_sec_contxt. - - * init_sec_context.c: Re-arrange program logic to simplify and - factor out code; fix gss_init_sec_context() so that if the - default OID is passed to the init_sec_context, it will use - the V1 mechanism if a single DES enctype is used. Error - handling was revamped to make it simpler and cleaner, and - to assure that we don't have memory leaks on error returns. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Fri Nov 6 09:19:23 1998 Ezra Peisach <epeisach@mit.edu> - - * k5unseal.c (kg2_unwrap_integ): Handle case of malloc(0) - returning NULL. - -1998-10-27 Marc Horowitz <marc@mit.edu> - - * Makefile.in, accept_sec_context.c, acquire_cred.c, canon_name.c, - delete_sec_context.c, disp_status.c, gssapiP_krb5.h, - gssapi_err_krb5.et, gssapi_krb5.c, gssapi_krb5.h, - init_sec_context.c, inq_cred.c, inq_names.c, k5seal.c, k5unseal.c, - rel_oid.c, ser_sctx.c, util_cksum.c, util_crypt.c, util_seed.c, - util_seqnum.c, wrap_size_limit.c: convert to new crypto api. - Implement new krb5 v2 gssapi mechanism. - - * add_cred.c, util_ctxsetup.c: New files needed to implement the - krb5 v2 mech. - -Mon Sep 21 00:32:28 1998 Tom Yu <tlyu@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Free authdat - even on success to avoid a memory leak. - - * util_cksum.c (kg_checksum_channel_bindings): Fix memory leak by - not allocating cksum->contents unless we have to return a - zero-filled one. - - * k5unseal.c (kg_unseal_v1): Fix memorly leak by not allocating - md5cksum.contents. - - * k5seal.c (make_seal_token_v1): Fix memory leak by not allocating - md5cksum.contents. - - * accept_sec_context.c (krb5_gss_accept_sec_context): Only free - ap_req.data if it was allocated by kg2_parse_token(), otherwise we - lose very badly trying to free the middle of a potentially - malloc()'ed block, possibly coredumping. - -Thu Sep 3 19:35:44 1998 Tom Yu <tlyu@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Fix typo; - bash the enctype in ctx->subkey->enctype rather than just - "enctype", which nothing checks. - -Fri Jul 24 21:13:53 1998 Tom Yu <tlyu@mit.edu> - - * wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix to round down - by 8 even if the req_output_size-ohlen is a multiple of 8, since - the wrap token is always padded regardless of whether it's a - mutiple of 8 bytes. - -1998-06-08 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * k5unseal.c (kg_unseal): Clean up lint warnings. - - * accept_sec_context.c (krb5_gss_accept_sec_context): Don't return - an error token if we can't provide the server name to the - KRB5 error structure (because cred isn't initialized). - - * gssapi_krb5.c, gssapi_krb5.h: Export the oid of static - arrays as krb5_gss_oid_array since it's needed by - gss_import_sec_context. - - * import_sec_context.c: Fix up the OID of the mechanism in the - imported security context so that we use the static - OID if at all possible. This is needed since - gss_inquire_context() must return a static OID. - -Sun May 24 21:57:03 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * import_name.c (krb5_gss_import_name): Fix typo which caused - import_name to incorrectly import names produced by - gss_export_name(). - -1998-05-24 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * copy_ccache.c (gss_krb5_copy_ccache): Fix bugs in copy_ccache.c, - which never compiled cleanly (since it wasn't added to the - Makefile correctly originally). - - * k5seal.c (make_seal_token): Clean up -Wall flames - -1998-05-18 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * inq_cred.c (krb5_gss_inquire_cred): - * inq_context.c (krb5_gss_inquire_context): - * import_name.c (krb5_gss_import_name): - * export_name.c (krb5_gss_export_name): - * disp_name.c (krb5_gss_display_name): - * context_time.c (krb5_gss_context_time): - * acquire_cred.c (krb5_gss_acquire_cred): Clean up -Wall flames. - - * indicate_mechs.c (krb5_gss_indicate_mechs): Return a dynamic OID - set. - -Fri Feb 27 18:41:08 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * export_name.c (krb5_gss_export_name): Fix bug in - gss_export_name. The 2nd length field in the ASN.1 was 2 - bytes bigger than it should have been. - -Wed Feb 18 16:12:14 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 13:23:18 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Don't - restrict mechanisms when accepting contexts. (Allow - either pre-RFC or RFC-based mechanisms) - -Thu Feb 12 16:38:14 1998 Tom Yu <tlyu@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Add lots of - explicit assignments to major_status to ensure that we actually - return an error when we mean to. This was previously preventing - gssrpc authentication with the old ovsec_kadm interface from - working because the gssrpc server side functions were failing to - loop over a set of supplied credentials. - - * init_sec_context.c: KLUDGE!! Add global variable - krb5_gss_dbg_client_expcreds to allow the client library to send - expired credentials for testing and debugging purposes. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Wed Jan 28 16:57:05 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in, Makefile.in: Remove use of CopySrcHeader from - configure.in and move functionality to Makefile.in - -Thu Feb 5 22:39:44 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix bug where if - the output header size is greater than the maximum - requested output size, return 0 rather than a very large - unsigned number. :-) - -Fri Jan 30 23:07:40 1998 Tom Yu <tlyu@mit.edu> - - * init_sec_context.c (krb5_gss_init_sec_context): Actually - initialize now before calling make_ap_req. - -Thu Jan 29 20:08:02 1998 Dan Winship <danw@mit.edu> - - * accept_sec_context.c (rd_and_store_for_creds): Don't mess with - krb5_cc_default--use a new mem-based ccache. - - * Makefile.in: - * gssapi_krb5.h: - * copy_ccache.c (gss_krb5_copy_ccache): Routine to copy a - gss_cred_id_t (such as a forwarded creds) into an existing - krb5_ccache. - -Fri Jun 27 08:37:11 1997 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Will now - obtain default credentials if no credentials are given. - -Wed Dec 3 02:16:18 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * init_sec_context.c (make_ap_req): Enforce a stricter requirement - on the ticket expiration time of the credentials, since - accept_sec_context doesn't use the timeskew fudge for - checking ticket expirations. - (krb5_gss_init_sec_context): Return GSS_S_NO_CRED when - appropriate. - -Wed Jan 21 19:14:09 1998 Tom Yu <tlyu@mit.edu> - - * gssapiP_krb5.h: Add rcache member to the creds - structure. [krb5-libs/370] - - * accept_sec_context.c (krb5_gss_accept_sec_context): Actually set - an rcache in auth context from the one saved in the creds - structure. [krb5-libs/370] - - * acquire_cred.c (acquire_accept_cred): Set up an rcache for use - later. [krb5-libs/370] - - * delete_sec_context.c (krb5_gss_delete_sec_context): Don't delete - the rcache when freeing the auth_context. [krb5-libs/370] - - * rel_cred.c (krb5_gss_release_cred): Properly close the - rcache. [krb5-libs/370] - -Mon Dec 29 10:30:43 1997 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (OBJS): Changed val_cred.$(OBJECT) to - val_cred.$(OBJEXT) for windows building. - -Sun Dec 7 10:42:32 1997 Ezra Peisach <epeisach@mit.edu> - - * val_cred.c (krb5_gss_validate_cred): Free principal extracted - from credential cache when finished. - -Sat Nov 15 20:14:05 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context), - init_sec_context.c (krb5_gss_init_sec_context), - inq_cred.c (krb5_gss_inquire_cred): Call krb5_gss_validate_cred - to make sure the credential handle is still valid. - - * val_cred.c (krb5_gss_validate_cred): New file which validates - the credential to make sure it is valid, including - checking to make sure the credentials cache still points - at the same krb5 principal as it did before. - - * accept_sec_context.c (krb5_gss_accept_sec_context): Return - GSS_S_FAILURE if a non-NULL context handle is passed to - it. - -Thu Sep 18 17:55:09 1997 Tom Yu <tlyu@mit.edu> - - * acquire_cred.c: Replace USE_STRING_H with something more sane. - - * import_name.c: Replace USE_STRING_H with something more sane. - -Tue Jul 29 22:56:04 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * inq_names.c (krb5_gss_inquire_names_for_mech): Add the - the new OID value for the host-based service name and - the exported name OID to the list of OID's supported by - this mechanism. - - * import_name.c (krb5_gss_import_name): Add support for the new - OID value for the host-based service name. - -Mon Jul 21 20:32:14 1997 Ezra Peisach <epeisach@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Initialize - ctx before referenced in failure cases. - -Tue Jul 15 22:05:21 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * init_sec_context.c (krb5_gss_init_sec_context): Always copy the - mechtype so that delete_sec_context() can safely release - the OID without smashing memory passed in by the application. - -Mon Jun 30 14:05:51 1997 Kevin L Mitchell <klmitch@mit.edu> - - * accept_sec_context.c: added code to return a valid delegated - credential handle if credentials were delegated. The - GSS_C_DELEG_FLAG from the client is ignored, and the - option is only set if the client actually delegated - credentials. - -Fri Jun 6 15:26:27 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Reorganized - error handling code to be more compact (and correct!). If - an error occurs while we are doing mutual authentication, - send an KRB_ERROR message back to the client, so that it - knows what is going on. (This is specified by RFC 1964; - we just weren't implementing this previously.) - - * delete_sec_context.c (krb5_gss_delete_sec_context): Check to - make sure pointers in the context are non-zero before - freeing them. - - * init_sec_context.c (krb5_gss_init_sec_context): If the server - sends a KRB_ERROR message, decode it and return an - appropriate minor status error code. - -Mon Mar 31 21:22:19 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * krb5_gss_glue.c: Add GSSAPI V2 calls to the glue layer. - -Fri Mar 28 03:52:14 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * import_name.c (krb5_gss_import_name): Add support for importing - the exported name call - - * export_name.c (krb5_gss_export_name): Fix export_name emit the token - exactly as specified by RFC 2078. - -Thu Mar 27 15:52:04 1997 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Add canon_name.c, duplicate_name.c, export_name.c - to the GSSAPI library. - - * canon_name.c (krb5_gss_canonicalize_name): New GSSAPI V2 function - - * duplicate_name.c (krb5_gss_duplicate_name): New GSSAPI V2 function - - * export_name.c (krb5_gss_export_name): New GSSAPI V2 function - - * gssapiP_krb5.h (KG_IMPLFLAGS): Add support for - GSS_C_PROT_STATE_READY and GSS_C_TRANS_FLAG - -Tue Mar 25 01:00:55 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * init_sec_context.c (krb5_gss_init_sec_context): A zero-length - token should be treated like a GSS_C_NO_BUFFER during the - initial context establishment. [krb5-libs/352] - -Sat Feb 22 18:59:42 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Wed Feb 5 20:27:50 1997 Richard Basch <basch@lehman.com> - - * util_crypt.c: Include k5-int.h as we need to dereference - the _cryptosystem_entry element of the krb5_encrypt_block. - - * acquire_cred.c (acquire_accept_cred): Removed unused local variable - -Tue Feb 4 15:56:01 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Only override the object build of the error table - under Unix - -Tue Jan 14 20:20:10 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Wed Dec 4 13:06:13 1996 Barry Jaspan <bjaspan@mit.edu> - - * acquire_cred.c (acquire_accept_cred): use krb5_kt_get_entry - instead of scanning through keytab to find matching principal - [krb5-libs/210] - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - - * gssapiP_krb5.h krb5_gss_glue.c: - DLL export all public GSSAPI interfaces; adjusted some other - declarations accordingly (KRB5_CALLCONV, FAR keywords added) - -Wed Nov 20 19:55:29 1996 Marc Horowitz <marc@cygnus.com> - - * init_sec_context.c (make_ap_rep, krb5_gss_init_sec_context), - accept_sec_context.c (krb5_gss_accept_sec_context): fix up use of - gss flags. under some circumstances, the context would not have - checked for replay or sequencing, even if those features were - requested. - - * init_sec_context.c (make_ap_req), (krb5_gss_init_sec_context): - If delegation is requested, but forwarding the credentials fails, - instead of aborting the context setup, just don't forward - credentials. - - * gssapiP_krb5.h (krb5_gss_ctx_id_t), ser_sctx.c - (kg_ctx_externalize, kg_ctx_internalize), init_sec_context.c - (krb5_gss_init_sec_context), get_tkt_flags.c - (gss_krb5_get_tkt_flags), accept_sec_context.c - (krb5_gss_accept_sec_context): rename ctx->flags to - ctx->krb_flags, to disambiguate it from ctx->gss_flags - - * accept_sec_context.c (krb5_gss_accept_sec_context): If the subkey - isn't present in the authenticator, then use the session key - instead. - -Sat Oct 19 00:38:22 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * ser_sctx.c (kg_oid_externalize, kg_oid_internalize, - kg_oid_size): Add a GSSAPI OID magic number to the - externalized OID, so that if the OID is skipped, (it is - optional), the serialization code can resyncronize if - necessary. - (kg_queue_internalize, kg_queue_externalize, - kg_queue_size): New functions to externalize the gssapi - queue. - (kg_ctx_size, kg_ctx_exteranlize, kg_ctx_import): Changed - to include the mech_used field and to include the auth - context. - - * gssapi_krb5.c (kg_get_context): Add calls to correctly - initialize the serializers needed by import and export sec - context. - - * delete_sec_context.c (krb5_gss_delete_sec_context): Remember to - release the mech_used OID if necessary! - -Wed Oct 16 17:53:17 1996 Marc Horowitz <marc@mit.edu> - - * accept_sec_context.c (krb5_gss_accept_sec_context): return an - error if the ticket endtime is in the past. also, cleaned up - some error cleanup code. - -Thu Oct 10 13:50:49 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * acquire_cred.c (krb5_gss_acquire_cred): Don't let the "timeleft" - returned by krb5_gss_acquire_cred be negative! - -Wed Oct 9 18:02:43 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * gssapi_krb5.c: Definition of gss_nt_krb5_name was incorrect; - someone was being a bonehead. - -Wed Aug 28 17:45:55 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * util_cksum.c (kg_checksum_channel_bindings): Fix stupid bug; - don't free buf before it's allocated! - -Thu Aug 15 20:52:37 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * init_sec_context.c (make_ap_req): Require des-cbc-crc for now; - DES3 support is broken. - -Fri Aug 2 13:40:16 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * acquire_cred.c (krb5_gss_acquire_cred): Add const to local - variable which is pointing to const data. - -Fri Jul 26 16:58:31 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * Makefile.in (OBJS): Remove trailing backslash on a comment; it - was keeping HDRS from getting set. - -Fri Jul 26 00:40:43 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * configure.in: Add AC_PROG_INSTALL, since it's needed for a "make - install" - -Thu Jul 25 20:21:33 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * Makefile.in: remove trailing backslash from comment under SRCS - because it was causing line that set OBJS variable to - become part of a comment - -Thu Jul 25 02:08:17 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * init_sec_context.c (krb5_gss_init_sec_context): Fixed error - checking so that if you pass a bad mechanism type, it - *will* get flagged as an error. - -Wed Jul 24 22:54:37 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * acquire_cred.c (krb5_gss_acquire_cred): Initialize variable - before use if GSS_C_NULL_OID_SET. - -Wed Jul 24 19:40:55 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * rel_oid.c (krb5_gss_release_oid): - * krb5_gss_glue.c(gss_release_oid): Re-enable function - - * ser_sctx.c (kg_oid_externalize): Add proper return code - - * accept_sec_context.c (krb5_gss_accept_sec_context): - * init_sec_context.c (krb5_gss_init_sec_context): Test (gss_flags & - XXXX) against 0 so that we pass a int value to - g_order_init. Needed since int is 16 bits for Win16 build. - -Tue Jul 23 22:35:53 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (all-windows): Fix broken Windows commands to copy - gssapi_krb5.h to include/gssapi. - - * gssapiP_krb5.h: Must include k5-int.h on Windows and Macintosh - builds. - -Thu Jul 18 19:48:48 1996 Marc Horowitz <marc@mit.edu> - - * init_sec_context.c (krb5_gss_init_sec_context), - accept_sec_context.c (krb5_gss_accept_sec_context): ifdef'd out - reference to 3des. - -Fri Jul 5 15:27:29 1996 Marc Horowitz <marc@mit.edu> - - * gssapi_krb5.h: Add declarations for _old mech set, and _both - mech set - -Thu Jun 20 23:15:57 1996 Marc Horowitz <marc@mit.edu> - - * ser_sctx.c (kg_oid_size, kg_ctx_size): pull the oid-related code - out of kg_ctx_size into kg_oid_size. - - * k5unseal.c (kg_unseal), k5seal.c (make_seal_token): == cannot be - used to compare oid's. The g_OID_equal macro must be used. - - * init_sec_context.c (make_ap_req, krb5_gss_init_sec_context): - - gss_init_sec_context should use the mech set in the credential. - If the default mech is requested, but the old mech oid was - explicitly passed to gss_acquire_cred, then the context should be - the old mech, otherwise, the new mech. If a mech was requested - explicitly, then the code should insure that the credential is - compatible. - - * acquire_cred.c (krb5_gss_acquire_cred), gssapiP_krb5.h (struct - _krb5_gss_cred_it_rec), gssapi_krb5.c (gss_mech_set_krb5*), - inq_cred.c (krb5_gss_inquire_cred): gss_acquire_cred needs to be - able to deal with both mech oid's. It should return in - actual_mechs the intersection of the set passed in and the - {old,new} mechs, or if the default was requested, it should return - both mech oid's. This state should be stored in the credential - handle, and regurgitated by gss_inquire_cred. - - * accept_sec_context.c (krb5_gss_accept_sec_context): make sure - that the oid in the token is compatible with the mechanisms - specified by the credential. - -Thu Jun 13 22:11:30 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * configure.in: remove ref to ET_RULES - -Wed Jun 12 00:48:32 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Update special rule for gssapi_err_krb5.obj so that - it uses the right Win-32 library command. - - * pname_to_uid.c: Add #ifdef _WIN32 in places where we had #ifdef - _MSDOS - -Fri Jun 7 14:52:56 1996 Kevin L Mitchell <klmitch@mit.edu> - - * accept_sec_context.c, init_sec_context.c, inq_context.c, - gssapiP_krb5.h: changed `mutual' element of struct - _krb5_gss_ctx_id_rec into more general `gss_flags' and - updated functions that process it - -Tue May 14 19:09:49 1996 Richard Basch <basch@lehman.com> - - * k5seal.c k5unseal.c util_cksum.c: - setup krb5_checksum "contents" and "length" field prior to - calling krb5_calculate_checksum(). - -Tue May 14 04:42:11 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * init_sec_context.c (make_ap_req): Change call to - krb5_auth_con_setcksumtype to use - krb5_auth_con_set_req_cksumtype by default instead. - -Sun May 12 00:54:35 1996 Marc Horowitz <marc@mit.edu> - - * util_crypt.c (kg_encrypt): It used to be that krb5_encrypt could - be used to encrypt in place. That's broken now. This would need - to be fixed in several places in the crypto layer, and it's not - clear what the right thing is, so it's worked around here in the - interests of portability and reliablility, at the expense of a - malloc/memcpy/free. - - * Makefile.in, configure.in: gssapi_krb5.h should be installed - inside the tree. This is really only half the work, as it should - be installed outside of the tree, too. - -Sat Apr 20 00:02:51 1996 Marc Horowitz <marc@mit.edu> - - * accept_sec_context.c, export_sec_context.c, gssapiP_krb5.h, - import_sec_context.c, init_sec_context.c, k5seal.c, k5unseal.c, - ser_sctx.c, wrap_size_limit.c: Implemented triple-des changes - based on Richard's patches. - -Wed Apr 17 21:08:59 1996 Marc Horowitz <marc@mit.edu> - - * accept_sec_context.c (krb5_gss_set_backward_mode): removed - - * krb5_gss_glue.c, wrap_size_limit.c: added - - * import_sec_context.c: intern the newly created context id so - that the validation functions will accept it. - - * Makefile.in (CFLAGS): Don't need md5 header files anymore. - (OBJS, SRCS): Change the list of files to build. - - * export_sec_context.c, import_sec_context.c, gssapiP_krb5.h, - ser_sctx.c: don't use the serialization abstraction, since it - doesn't add anything, and is internal to kerberos. Instead, make - the {de,}serialization functions internal gssapi functions, and - call those directly. - - * accept_sec_context.c, acquire_cred.c, context_time.c, - delete_sec_context.c, disp_name.c, disp_status.c, - export_sec_context.c, gssapi_krb5.c (kg_get_context), - import_name.c, import_sec_context.c, indicate_mechs.c, - init_sec_context.c, inq_context.c, inq_cred.c, inq_names.c, - process_context_token.c, rel_cred.c, rel_name.c, seal.c, sign.c, - unseal.c, verify.c: - Don't pass in the context from the caller. Instead, call - kg_get_context() to find out the kerberos library context. Also, - random minor compile-time fixes. - - * accept_sec_context.c, gssapi_krb5.c (kg_get_defcred), - gssapiP_krb5.h, init_sec_context.c, k5seal.c, k5unseal.c, - util_cksum.c (kg_checksum_channel_bindings), util_seqnum.c - (kg_make_seq_num, kg_get_seq_num), util_seed.c (kg_make_seed), - util_crypt.c (kg_encrypt, kg_decrypt): - pass the context to the kg_* functions which need it instead of - determining it directly. - -Fri Apr 12 21:47:46 1996 Richard Basch <basch@lehman.com> - - * k5seal.c k5unseal.c: - Renamed MD5 routines to be preceded with krb5_ - -Thu Apr 11 18:53:09 1996 Theodore Y. Ts'o <tytso@dcl> - - * acquire_cred.c (acquire_init_cred): Return GSS_S_CRED_UNAVAIL on - if krb5_cc_set_flags() returns an error, since that's the - call that will return an error if the credentials files - doesn't exist. - -Wed Apr 3 16:10:24 1996 Theodore Y. Ts'o <tytso@dcl> - - * init_sec_context.c (krb5_gss_init_sec_context): If make_ap_req() - returns KRB5APP_TKT_EXPIRED, then return - GSS_S_CREDENTIALS_EXPIRED as the major return code. - -Tue Apr 2 15:20:24 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (SRCS): Inlined list of source files for SRCS and - OBJS (for Macintosh build). - - * k5mech.c: Added Macintosh #ifdef so that the #include path is - right for the Macintosh. - -Wed Mar 20 20:25:53 1996 Theodore Y. Ts'o <tytso@dcl> - - * rel_oid.c (krb5_gss_release_oid): Don't compile this procedure, - since it's not used. The mechanism glue layer uses the - krb5_gss_internal_relase_oid() function. - - * pname_to_uid.c: Comment out #ident line. This causes the - Macintosh C compiler indigestion. Remove #include of - gssapi/gssapi.h, since that gets included by - gssapiP_generic.h. - -Fri Mar 8 21:36:29 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * util_cksum.c (kg_checksum_channel_bindings): Change sizeof(long) - to sizeof(krb5_int32). - -Sat Mar 2 02:22:30 1996 Theodore Y. Ts'o <tytso@dcl> - - * k5mech.c (krb5_gss_get_context): Initialize the serializers - here, instead of in export and import security context. - This will speed things up a little. - - * export_sec_context.c (krb5_gss_export_sec_context): - * import_sec_context.c (krb5_gss_import_sec_context): Don't create - a serialization context just for importing/exporting - credentials. Use the passed-in gssapi context. This - speeds things up significantly. Assume the serializers - are initialized in krb5_gss_get_context. - -Tue Feb 27 17:53:22 1996 Theodore Y. Ts'o <tytso@dcl> - - * accept_sec_context.c (krb5_gss_accept_sec_context): Remove dead - code which used geteuid(). - - * Makefile.in (gssapi_err_krb5.$(OBJEXT)): Add Windows production - to add file to library. - - * pname_to_uid.c: Don't try to compile pname_to_uid.c for MS-DOS - or Macintosh. - -Mon Feb 26 18:08:57 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * k5mech.c : do not declare kg_context static as it is declared in - another file, and declared extern in a header. - -Sat Feb 24 00:06:37 1996 Theodore Y. Ts'o <tytso@dcl> - - * k5mech.c (krb5_gss_initialize): No longer need to call - name-type/mechanism registration function. This is now - done for us by the generic intialization function. - Add support for new V2 call gss_wrap_size_limit. - -Sat Feb 24 11:45:05 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * import_sec_context.c (krb5_gss_import_sec_context): Do not - shadow parameter ctx. - - * inq_context.c (krb5_gss_inquire_context): Do not shadow - parameter ctx. - - * rel_oid.c (krb5_gss_internal_release_oid): Change to match prototype. - - * process_context_token.c (krb5_gss_process_context_token): Change - to match prototype. - -Sat Feb 24 00:06:37 1996 Theodore Y. Ts'o <tytso@dcl> - - * gssapiP_krb5.h: Changed most krb5 gssapi functions to take a - void * as their first argument, instead of a krb5_context. - Makes for a cleaner interface to the mechanism glue layer. - - * k5mech.c (krb5_gss_initialize): Call name-type/mechanism - registration function so that mechanism glue layer knows - whether or not a name needs to be lazy evaluated or not. - -Tue Feb 6 23:55:45 1996 Theodore Y. Ts'o <tytso@dcl> - - * pname_to_uid.c (krb5_pname_to_uid): Instead of using specialized - code to derive the username from a kerberos principal, use - krb5_aname_to_lname(). Added extra argument for the - context structure. - -Fri Jan 26 03:09:32 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * init_sec_context.c (make_ap_req): Make sure we get a DES session key. - -Wed Jan 24 20:46:37 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * pname_to_uid.c (krb5_pname_to_uid): Changed def'n of - krb5principalname to static so K&R compilers won't lose on - automatic aggregate initialization. - -Wed Jan 24 13:21:37 1996 Theodore Y. Ts'o <tytso@dcl> - - * import_name.c (krb5_gss_import_name): Don't assume that the - input_name_buffer is null terminated, when it contains a - string. Fix gcc warnings. - -Tue Jan 23 13:01:42 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Check for stdlib.h - - * pname_to_uid.c: Include string.h and stdlib.h. - - * init_sec_context.c (make_ap_req): Handle gcc warning. - -Tue Jan 23 04:05:23 1996 <tytso@rsts-11.mit.edu> - - * Makefile.in: Add support for building GSSAPI as a shared - library. - -Tue Jan 23 03:25:02 1996 Theodore Y. Ts'o <tytso@dcl> - - * rel_oid.c (krb5_gss_internal_release_oid): Add the new interface - for the mechglue layer. - - * inq_cred.c (krb5_gss_inquire_cred): Call gss_release_oid_set() - instead of generic_gss_release_oid_set(). - - * gssapiP_krb5.h: Added prototype for krb5_gss_internal_release_oid - - * Makefile.in (CCSRCS): Removed the file krb5_gss_glue.c and added - the file k5mech.c and pname_to_uid.c - -Tue Jan 9 22:11:25 1996 Theodore Y. Ts'o <tytso@dcl> - - * gssapiP_krb5.h (KRB5_GSS_FOR_CREDS_OPTION): New constant added - for delegation (forwarding) of credentials. - - * init_sec_context.c (make_ap_req): Add support for sending - delegated credentials. Misc lint cleanups. - - * accept_sec_context.c (krb5_gss_accept_sec_context): Add support - for accepting delegated credentials. Misc lint cleanups. - -Fri Dec 1 17:27:33 1995 <tytso@rsts-11.mit.edu> - - * configure.in: Add rule for building shared object files. - -Fri Dec 1 17:11:43 1995 Theodore Y. Ts'o <tytso@dcl> - - * gssapiP_krb5.h (KG_TOK_WRAP_MSG): Changed token ID for - KG_TOK_WRAP_MSG to match KG_TOK_SEAL_MSG both should be - 0x0201. - - * krb5_gss_glue.c (gss_inquire_names_for_mech): Added new context - argument to the call of krb5_gss_inquire_names_for_mech(). - - * inq_names.c (krb5_gss_inquire_names_for_mech): Added new context - argument to the arg list. - -Thu Nov 16 17:04:00 1995 <tytso@rsts-11.mit.edu> - - * gssapiP_krb5.h (KG_TOK_MIC_MSG, KG_TOK_WRAP_MSG, KG_DEL_CTX): - Fixed token type numbers so they conform with the protocol - spec. Paul Park didn't realize that he wasn't allowed to - change these willy-nilly... - -Wed Oct 25 15:38:00 1995 Theodore Y. Ts'o <tytso@dcl> - - * init_sec_context.c (make_ap_req): Change the input type of - do_mutual to be OM_int32 instead of an int, to prevent - lossage under windows, since the passed in type size is a - OM_int32. - -Fri Oct 6 22:02:24 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Sep 25 16:52:49 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Sun Sep 24 10:39:13 1995 John Rivlin (jrivlin@fusion.com) - * gssapiP_krb5.h: Fixed kb_seal_size prototype - -Wed Sep 13 10:39:13 1995 Keith Vetter (keithv@fusion.com) - - * acquire_.c: changed int to size_t. - * gssapip_.h: added prototype for kg_seal_size. - * k5seal.c: 16/32 bit mismatch and removed unused variables. - * seal.c: 16/32 bit mismatch. - * sign.c: 16/32 bit mismatch. - * ser_sctx.c: added prototypes for all functions since they get - assigned into a structure that has been prototyped. - -Sat Sep 16 03:18:02 1995 Theodore Y. Ts'o <tytso@dcl> - - * gssapiP_krb5.h: Remove context and cred from the gssapi security - context, as they aren't needed. kg_seal and kg_unseal now - take a krb5_context argument. - - * ser_sctx.c (kg_ctx_size, kg_ctx_externalize, - kg_ctx_internalize): No longer serialize the context and - cred fields of the gssapi security context. - - * krb5_gss_glue.c: Don't rely on the context field of the gssapi - security context. Use kg_context instead. - - * verify.c (krb5_gss_verify, krb5_gss_verify_mic): - * unseal.c (krb5_gss_unwrap, krb5_gss_unseal): - * sign.c (krb5_gss_sign, krb5_gss_get_mic): - * seal.c (krb5_gss_seal, krb5_gss_wrap): - * process_context_token.c (krb5_gss_process_context_token): - * k5unseal.c (kg_unseal): - * k5seal.c (kg_seal_size): Add a krb5_context argument to this - function, so we don't have to depend on the context field - in the gssapi security context. - - * init_sec_context.c (krb5_gss_init_sec_context): Don't initialize - the context and cred fields in the gssapi security - context. Copy ctx->subkey to ctx->seq.key, so they are - separately allocated. - - * gssapi_krb5.c (kg_get_context): When initialize kg_context, call - krb5_init_ets() so that the error tables are initialized. - - * export_sec_context.c (krb5_gss_export_sec_context): Don't depend - on the context field from the gssapi security context. - Free ctx->seq.key. - - * delete_sec_context.c (krb5_gss_delete_sec_context): kg_seal() - now takes a krb5_context argument. Free ctx->seq.key. - - * acquire_cred.c (krb5_gss_acquire_cred): Clear the gssapi - credential before setting it, to prevent purify from - complaining. - - * accept_sec_context.c (krb5_gss_accept_sec_context): Remove - context and cred from the gssapi security context. Make - sure the ticket is freed after we're done with it. - -Fri Sep 15 22:12:49 1995 Theodore Y. Ts'o <tytso@dcl> - - * import_sec_context.c (krb5_gss_import_sec_context): Don't bash - the input interprocess_token. Otherwise, it can't be - freed. Don't depend on the context field in the gss - security context. - -Tue Sep 12 19:07:52 1995 Theodore Y. Ts'o <tytso@dcl> - - * export_sec_context.c (krb5_gss_export_sec_context): Free the - auth context when freeing the GSSAPI context structure. - - * delete_sec_context.c (krb5_gss_delete_sec_context): Free the - auth context when freeing the GSSAPI context structure. - -Tue Sep 12 13:05:51 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * k5seal.c, k5unseal.c, accept_sec_context.c: Undo MACINTOSH - change for paths. The old ones were correct. - -Wed Sep 6 12:00:00 1995 James Mattly <mattly@fusion.com> - - * gssapi_krb5.h: changed a path bearing include for MACINTOSH - - * accept_sec_context.c: changed a path bearing include for MACINTOSH - - * k5seal.c: changed a path bearing include for MACINTOSH - - * k5unseal.c: changed a path bearing include for MACINTOSH - -Sat Sep 9 00:16:34 1995 Theodore Y. Ts'o <tytso@dcl> - - * krb5_gss_glue.c (gss_delete_sec_context): Add extra indirection - so that we actually fetch the context correctly. - (gss_accept_sec_context): Remove unused code. - -Wed Sep 6 16:12:28 1995 Theodore Y. Ts'o <tytso@dcl> - - * init_sec_context.c (make_ap_req): Initialize mk_req_flags to - zero so that when we OR in flags, the result is - well-defined. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * accept_sec_context.c, init_sec_context.c, util.c : - s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * accept_sec_context.c, init_sec_context.c, util_seed.c : - Remove krb5_enctype references, and replace with - krb5_keytype where appropriate. - -Thu Aug 31 11:50:34 EDT 1995 Paul Park (pjpark@mit.edu) - * gssapiP_krb5.h - Add new V2 dispatch prototypes. Update arguments - to be compatible with V2 API. Add tokens for V2 integrity - and confidentiality services. - * k5seal.c - Add support for V2 tokens and add kg_seal_size() to - support gss_wrap_size_limit(). - * k5unseal.c - Add support for V2 tokens. - * accept_sec_context,disp_status,gssapi_krb5,init_sec_context, - inq_context,rel_name.c - Update arguments to V2. - * acquire_cred,import_name,inq_cred,krb5_gss_glue,seal,sign,unseal, - verify.c - Update arguments to V2 and add new V2 functions. - * rel_oid.c, inq_names.c - New V2 modules. - * Makefile.in, .Sanitize - Add rel_oid.c and inq_names.c - -Tue Aug 29 22:38:54 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * init_sec_context.c (krb5_gss_init_sec_context): Remove - duplicated cleanup code. - -Tue Aug 29 17:48:40 EDT 1995 Paul Park (pjpark@mit.edu) - * {accept,init}_sec_context.c - Zero out the newly allocated context - because garbage in the uninitialized context messes up the - serializers. - - -Tue Aug 29 13:31:46 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in, .Sanitize, {im,ex}port_sec_context.c, ser_sctx.c - Add - new modules to support {im,ex}port of GSSAPI context. - * krb5_gss_glue.c - Add krb5_gss_{im,ex}port_sec_context() wrapper - routines. - * gssapiP_krb5.h - Add prototypes for krb5_gss_{im,ex}port_sec_context - and kg_ser_context_init. - * gssapi_err_krb5.et - Add magic numbers for GSSAPI data structures. - -Mon Aug 7 19:08:52 1995 Theodore Y. Ts'o <tytso@dcl> - - * inq_cred.c (krb5_gss_inquire_cred): Use - generic_gss_release_oid_set() instead of gss_release_oid_set() - so that the krb5-specific mechanism can be linked in - without pulling in krb5_gss_glue.c - -Thu Jul 27 15:26:27 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Add -I$(srcdir)/../../crypto/md5 to get rsa-md5.h. - * accept_sec_context.c - Include "rsa-md5.h" instead of <krb5/...>. - * gssapiP_krb5.h - Replace k5-specific includes with k5-int.h - * k5[un]seal.c - Include "rsa-md5.h" instead of <krb5/...>. - - -Fri Jul 7 16:23:17 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Remove LDFLAGS, it's set by configure. - -Sat Jun 10 23:04:52 1995 Tom Yu (tlyu@dragons-lair) - - * accept_sec_context.c, gssapiP_krb5.h, init_sec_context.c: - krb5_auth_context redefinitions - -Fri Jun 9 19:25:55 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Wed Jun 7 10:05:16 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * gssapiP_krb5.h: Include time.h (or sys/time.h) for struct tm - structure which is now in the los-proto.h file. - -Mon May 22 10:10:41 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Add null install target. - * inq_cred.c - Don't mark credentials as expired if the expiration - time is indefinite. - -Mon May 01 15:56:32 1995 Chris Provenzano (proven@mit.edu) - - * init_sec_context.c (krb5_gss_init_sec_context()) : - The krb5_mk_rep() routine must always encode the data in - the keyblock of the ticket, not the subkey. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - * *.h added FAR to pointers visible at to the world. - * gssapi_e.c: __STDC__ conditional also checks the _WINDOWS define. - -Thu Mar 30 16:00:30 1995 Keith Vetter (keithv@fusion.com) - - * accept_sec_context.c: fixed wrong level of indirection on a - parameter to getauthenticator. - -Mon Mar 27 07:56:26 1995 Chris Provenzano (proven@mit.edu) - - * accept_sec_context.c: Use new calling convention for krb5_rd_req() - and krb5_mk_rep(). - -Thu Mar 16 19:54:33 1995 Keith Vetter (keithv@fusion.com) - - * init_sec_context.c: fixed signed/unsigned mismatch and - added a prototype which will later be removed. - * import_name.c: fixed for the PC--made conditional the - code dependent upon passwords. - * Makefile.in: changed the name of the library the PC - builds, and added xxx-mac targets to mimic xxx-unix. - -Fri Mar 10 09:44:29 1995 Chris Provenzano (proven@mit.edu) - - * init_sec_context.c (krb5_gss_init_sec_context()) - Use new calling convention for krb5_mk_req_ext() and - krb5_rd_rep(). - - * gssapiP_krb5.h Added a krb5_auth_context pointer to the - krb5_gss_ctx_id_rec structure to store the auth_context - between multiple calls to krb5_gss_init_sec_context(). - -Tue Mar 7 20:48:03 1995 Keith Vetter (keithv@fusion.com) - - * accept_s.c, acqire_s.c, compare_.c, context_.c, delete_s.c, - disp_nam.c, disp_sta.c, get_tkt_.c, init_sec.c, inq_cont.c, - inq_cred.c, k5seal.c, k5unseal.c, process_.c, rel_cred.c, - rel_name.c, util_cks.c, util_cry.c: added casts on signed -> - unsigned assignments. - * util_seq.c: added casts on bit extraction code. - * gssapip_.h: pulls in los-proto.h for prototypes. - -Tue Feb 28 00:27:44 1995 John Gilmore (gnu at toad.com) - - * gssapi_krb5.h, gssapiP_krb5.h: Avoid <krb5/...> includes. - * disp_status.c: Avoid <com_err.h>, use "com_err.h". - -Mon Feb 20 19:53:9 1995 Keith Vetter (keithv@fusion.com) - - * accept_s.c: needed temp to avoid sign/unsigned mismatch on the PC. - * init_sec.c: needed temp to avoid sign/unsigned mismatch on the PC. - * gssapiP_krb5.h k5seal.c, k5unseal.c: removed netinet/in.h include. - * util_seq.c: changed int to 32bit int - * gssapiP_krb5.h, gssapi_krb5.h, *.c: added windows INTERFACE keyword - -Mon Feb 20 12:00:00 1995 keith Vetter (keithv@fusion.com) - - Rename files for DOS 8.3 uniqueness--files created by Make - * gssapi_krb5_err.et => gssapi_err_krb5.et - => gssapi_err_krb5.h - => gssapi_err_krb5.c - * gssapiP_krb5.h changed to match - * Makefile.in changed to match - -Tue Feb 14 15:01:36 1995 Chris Provenzano (proven@mit.edu) - - * init_sec_context.c (make_ap_req()) Use new API for - krb5_mk_req_extended() and cleanup internal processing. - -Fri Feb 3 00:34:55 1995 John Gilmore <gnu@cygnus.com> - - Rename files for DOS 8.3 uniqueness: - * display_name.c => disp_name.c - * display_status.c => disp_status.c - * inquire_context.c => inq_context.c - * inquire_cred.c => inq_cred.c - * release_cred.c => rel_cred.c - * release_name.c => rel_name.c - * Makefile.in changed to match. - -Fri Jan 27 14:41:12 1995 Chris Provenzano (proven@mit.edu) - - * accept_sec_context.c (rd_req_keyproc() added krb5_keytype arg. - -Wed Jan 25 16:54:40 1995 Chris Provenzano (proven@mit.edu) - - * Removed all narrow types and references to wide.h and narrow.h - -Sun Jan 22 18:26:32 1995 John Gilmore (gnu at toad.com) - - * acquire_cred.c (acquire_accept_cred): Add context arg when - calling krb5_sname_to_principal. - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Added krb5_context to all krb5_routines - -Mon Jan 9 19:27:55 1995 Theodore Y. Ts'o (tytso@dcl) - - * display_name.c (krb5_gss_display_name): gss_display_name() - should return a name type OID, not a mechanism OID. - -Tue Oct 4 16:40:45 1994 Theodore Y. Ts'o (tytso@dcl) - - * accept_security_context.c (rd_req_keyproc): Add widen.h and - narrow.h to widen argument types of keyproc. - -Tue Sep 27 23:30:14 1994 Theodore Y. Ts'o (tytso@dcl) - - * accept_security_context.c (krb5_gss_accept_sec_context): - krb5_rc_dfl_close now frees the rcache structure, so - this routine shouldn't. - -Wed Aug 17 15:47:26 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * gssapi_krb5.c: Fixed OID for the krb5 mechanism. (Transcription - error.) - - - - - diff --git a/src/lib/gssapi/mechglue/ChangeLog b/src/lib/gssapi/mechglue/ChangeLog deleted file mode 100644 index f24cdd551..000000000 --- a/src/lib/gssapi/mechglue/ChangeLog +++ /dev/null @@ -1,376 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2004-09-22 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Delete @SHARED_RULE@ line. - (thisconfigdir): Fix. - -2004-06-22 Ken Raeburn <raeburn@mit.edu> - - * g_initialize.c, oid_ops.c: Don't test macintosh. - * mechglue.h: Don't test __MWERKS__, applec, THINK_C. - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (all-mac, clean-mac): Targets deleted. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * mechglue.h: Make prototypes unconditional. - * mglueP.h: Make all prototypes unconditional. - (NPROTOTYPE): Macro deleted. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * g_initialize.c, mglueP.h: Drop _MSDOS support. - - * g_init_sec_context.c: Don't declare pointers FAR any more. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * g_acquire_cred.c, g_oid_ops.c: Don't use GSS_DLLIMP. - -2001-04-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (unixmac): Target deleted. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:22:42 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1999-02-19 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in (DLL_FILE_DEF): Tell the Makefile template that we - are building object files for the GSSAPI DLL. - - * g_acquire_cred.c, g_oid_ops.c: Change use of KRB5_DLLIMP to be - GSS_DLLIMP. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Wed Feb 18 16:12:43 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trialing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Wed Feb 5 10:37:00 1996 Richard Basch <basch@lehman.com> - - * g_accept_sec_context.c g_acquire_cred.c g_compare_name.c - g_context_time.c g_delete_sec_context.c g_dsp_name.c - g_dsp_status.c g_exp_sec_context.c g_imp_name.c - g_imp_sec_context.c g_indicate_mechs.c g_init_sec_context.c - g_inq_context.c g_inq_cred.c g_inq_names.c g_process_context.c - g_rel_buffer.c g_rel_cred.c g_rel_name.c g_rel_oid_set.c - g_seal.c g_sign.c g_unseal.c g_verify.c - Changed INTERFACE keyword to KRB5_CALLCONV - -Mon Nov 18 20:43:54 1996 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Shared library version number to 1.0. [krb5-libs/201] - -Wed Jun 12 00:50:32 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Remove include of config/windows.in; that's done - automatically by wconfig. - - * g_acquire_cred.c, g_oid_ops.c: Change to use new convention of - KRB5_CALLCONV and KRB5_DLLIMP instead of INTERFACE - -Wed May 22 07:48:21 1996 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (libgssapi.$(STEXT)): Remove unnecessary install rule for libgssapi.a. - -Mon May 20 23:56:46 1996 Sam Hartman <hartmans@mit.edu> - - * configure.in: Don't make libgssapi.a on AIX. It is handled incorrectly becaus all symbols are not resolved, and it isn't useful as a non-shared library. - - -Fri May 3 16:43:43 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * g_inq_cred.c (gss_inquire_cred): Add code to support appropriate - behavior when the input credentials is NULL (i.e., the - default credential). We use the default credential for - the "default mechanism", which is the first mechanism - registered with the library. - -Thu Apr 11 20:11:00 1996 Theodore Y. Ts'o <tytso@dcl> - - * g_acquire_cred.c (gss_add_cred): Fixed code to correctly handle - errors reported from the mechanism layer. - -Wed Mar 27 00:05:37 1996 Theodore Y. Ts'o <tytso@dcl> - - * mglueP.h: Don't include <sys/types.h> mechglue.h will take care - of this by including gssapi.h, which will include - sys/types.h if necessary. - -Thu Mar 21 00:12:07 1996 Theodore Y. Ts'o <tytso@dcl> - - * g_imp_sec_context.c (gss_import_sec_context): - * g_exp_sec_context.c (gss_export_sec_context): Fix 16bit vs 32bit - lint flame. - -Wed Mar 20 20:20:38 1996 Theodore Y. Ts'o <tytso@dcl> - - * g_glue.c: - * g_initialize.c: Add include of string.h, as it is needed. - - * g_acquire_cred.c: - * g_inq_cred.c: Add include of time.h - - * g_rel_oid_set.c (gss_release_oid_set): Removed unused variable. - - * mechglue.h: Don't include <sys/types.h>; it's included if - necessary in gssapi/gssapi.h. On a Macintosh, #include - gssapi.h instead of gssapi/gssapi.h. - - * g_accept_sec_context.c, g_acquire_cred.c, g_compare_name.c, - g_context_time.c, g_delete_sec_context.c, g_dsp_name.c, - g_dsp_status.c, g_exp_sec_context.c, g_glue.c, g_imp_name.c, - g_imp_sec_context.c, g_indicate_mechs.c, g_init_sec_context.c, - g_initialize.c, g_inq_context.c, g_inq_cred.c, g_inq_names.c, - g_process_context.c, g_rel_buffer.c, g_rel_cred.c, g_rel_name.c, - g_rel_oid_set.c, g_seal.c, g_sign.c, g_unseal.c, g_verify.c, - gssd_pname_to_uid.c, mechglue.h, mglueP.h: Comment out #ident - line. This causes the Macintosh C compiler indigestion. - -Tue Mar 12 23:28:57 1996 Ken Raeburn <raeburn@cygnus.com> - - * mechglue.h (gssd_pname_to_uid, gss_initialize): Use PROTOTYPE - macro in declarations. - -Sun Mar 3 12:49:25 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * g_imp_sec_context.c, g_exp_sec_context.c: Include string.h - -Thu Feb 29 11:32:16 1996 Theodore Y. Ts'o <tytso@dcl> - - * g_glue.c (__gss_get_mech_type): Fix code to properly parse token - headers. It was working only by serendipity.... - - * g_accept_sec_context.c (gss_accept_sec_context): Add error - checking and memory cleanup. Make gss_accept_sec_context - work for mechanisms that use multiple token roundtrips. - -Wed Feb 28 20:33:47 1996 Theodore Y. Ts'o <tytso@dcl> - - * mglueP.h: For MS-DOS, add #include of malloc.h - - * g_acquire_cred.c (gss_acquire_cred): Fix so that the call works - when desired_name is NULL (meaning use the default - credentials). - - * g_imp_sec_context.c (gss_import_sec_context): - * g_exp_sec_context.c (gss_export_sec_context): Fix to - import/export the framing security context (so that this - call actually works!). - -Tue Feb 27 18:44:51 1996 Theodore Y. Ts'o <tytso@dcl> - - * g_initialize.c (gss_initialize): Don't fprintf to stderr on - Macintoshes and Windows. - - * g_inq_context.c: Add INTERFACE keyword for Windows. - - * oid_ops.c: Protect include of unistd.h with HAVE_UNISTD_H - -Sun Feb 25 15:39:08 1996 Mark W. Eichin <eichin@cygnus.com> - - * g_acquire_cred.c, g_delete_sec_context.c, g_dsp_name.c, - g_dsp_status.c, g_exp_sec_context.c, g_glue.c, g_imp_name.c, - g_imp_sec_context.c, g_indicate_mechs.c, g_init_sec_context.c, - g_inq_cred.c, g_rel_buffer.c, g_rel_cred.c, g_rel_name.c, - g_rel_oid_set.c: include stdio.h to actually get NULL. - -Sat Feb 24 16:19:30 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in, g_inquire_cred.c, g_inquire_names.c, - g_inquire_context.c: Renamed files to g_inq_cred.c, - g_inq_names.c, and g_inq_context.c, respectively. - - * g_acquire_cred.c (gss_add_cred): New GSSAPI V2 function. - - * g_inquire_cred.c (gss_inquire_cred_by_mech): New GSSAPI V2 - function. - - * g_init_sec_context.c (gss_init_sec_context): Make sure we - convert the union credential into a mechanism specific - credential. - - * g_glue.c (__gss_get_mechanism_cred): New function for returning - the mechanism-specific credential from a union credential. - - * g_inquire_names.c (gss_inquire_names_for_mech): - * g_oid_ops.c (gss_str_to_oid, gss_oid_to_str, - gss_test_oid_set_member, gss_add_oid_set_member, - gss_create_empty_oid_set, gss_release_oid): - * g_imp_sec_context.c (gss_import_sec_context): - * g_exp_sec_context.c (gss_export_sec_context): - * g_inquire_cred.c (gss_inquire_cred): - * g_rel_oid_set.c (gss_release_oid_set): - * g_rel_buffer.c (gss_release_buffer): - * g_rel_name.c (gss_release_name): - * g_imp_name.c (gss_import_name): - * g_dsp_name.c (gss_display_name): - * g_compare_name.c (gss_compare_name): - * g_indicate_mechs.c (gss_indicate_mechs): - * g_dsp_status.c (gss_display_status): - * g_unseal.c (gss_unseal, gss_unwrap): - * g_seal.c (gss_seal, gss_wrap): - * g_verify.c (gss_verify, gss_verify_mic): - * g_sign.c (gss_sign, gss_get_mic): - * g_context_time.c (gss_context_time): - * g_delete_sec_context.c (gss_delete_sec_context): - * g_process_context.c (gss_process_context): - * g_accept_sec_context.c (gss_accept_sec_context): - * g_init_sec_context.c (gss_init_sec_context): - * g_rel_cred.c (gss_release_cred): - * g_acquire_cred.c (gss_acquire_cred): Added INTERFACE keyword for - Windows. - - * mglueP.h: - * g_seal.c: Add support for new V2 call gss_wrap_size_limit() - - * g_mechname.c (gss_add_mech_name_type): Only mark a name-type as - being non-mechanism-specific if the mechanism doesn't - match the type currently associated with the name-type. - - * g_init_sec_context.c (gss_init_security_context): If we are - using a mechanism-specific name, use the - mechanism-specific name directly, instead of calling - __gss_internal_import() on the external form of the name. - If the mechanism_type is unspecified, use the type of the - mechanism-specific name. If the mechanism_type is - specified, it must match the type of the supplied name. - - * g_acquire_cred.c (gss_acquire_cred): If we are acquiring - credentials for a mechanism-specific name, use the name - directly, instead of doing an __gss_internal_import() on - the name. Also, if the desired_mechanisms oid is NULL, - default to using the mechanism-type of the - mechanism-specific name. - - * g_compare_name.c (gss_compare_name): Add logic for comparing - mechanism-specific names. - - * g_accept_sec_context.c (gss_accept_sec_context): Use - __gss_convert_name_to_union_name() to take the gss_name_t - returned by the mechanism accept_sec_context(), and - convert it into a mechanism-specific union name. - - * g_inquire_context.c (gss_inquire_context): Removed local static - function convert_name_to_union_name(), and changed - references to it use the generalized - __gss_convert_name_to_union_name() call. - - * g_glue.c (__gss_convert_name_to_union_name): New function which - takes gss_name_t returned by a particular mechanism, and - converts it into a gss_union_name. - - * g_rel_oid_set.c (gss_release_oid_set): Manually free the oids in - an OID set, since the containing structure is allocated as - an array. - -Sat Feb 24 12:21:03 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * mglueP.h (gss_config): Change int fields to OM_uint32 to match - arguments to procedure calls in gss_init_sec_context, - gss_accept_sec_context, and gss_display_status. - -Sat Feb 24 00:00:27 1996 Theodore Y. Ts'o <tytso@dcl> - - * g_imp_name.c (gss_import_name): If the user passes in a - name-type which is mechanism specific, then import it - immediately; don't lazy evaluate it. - - * g_mechname.c (gss_add_mech_name_type): New file for maintaining - a registry of name-types which are mechanism specific. - - * g_dsp_name.c (gss_display_name): If there is a mechanism - specific name, use it when displaying the name. - - * oid_ops.c (generic_gss_copy_oid): New function used to copy an - OID object. - -Fri Feb 23 18:27:20 1996 Theodore Y. Ts'o <tytso@dcl> - - * g_rel_name.c (gss_release_name): Release the OID in the - mechanism name, as it is now allocated. Release the - mechanism-specific name if it is present. - - * g_imp_name.c (gss_import_name): Copy the input OID, so we don't - have to worry about memory allocation problems later. - Initialize mech_type and mech_name in the union name to be - zero. (for now) - - * oid_ops.c (generic_gss_copy_oid): Added new function to copy OIDs. - -Thu Feb 22 21:48:44 1996 Theodore Y. Ts'o <tytso@dcl> - - * mglueP.h: Add space for the mechanism name in gss_union_name. - -Sat Feb 10 18:38:43 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * g_glue.c: grab stdlib.h to get NULL - -Fri Feb 9 09:04:50 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * g_inquire_context.c: Include stdlib.h if present - -Wed Feb 7 14:16:01 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * g_initialize.c: Need to include stdio.h, errno.h all the time. - -Tue Feb 6 23:59:49 1996 Theodore Y. Ts'o <tytso@dcl> - - * g_initialize.c (gss_initialize): Added code to try to - dynamically read in the GSSAPI mechanim library using - dlopen(). - -Wed Jan 24 20:49:13 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * g_compare_name.c, g_delete_sec_context.c, g_dsp_status.c, - g_exp_sec_context.c, g_imp_sec_context.c, g_rel_buffer.c, - g_rel_cred.c, g_rel_name.c, g_rel_oid_set.c, get_mechanism.c, - get_mtype.c: Include stdlib.h and string.h as needed - - * mglueP.h: Add many invocations of NPROTOTYPE and PROTOTYPE to - prevent breakage. - -Tue Jan 23 11:52:24 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * add_mechanism.c, g_inquire_cred.c, g_imp_name.c, - g_dsp_name.c, g_indicate_mechs.c, g_accept_sec_context.c, - g_init_sec_context.c, g_acquire_cred.c: Include stdlib.h, string.h - - * configure.in: Check for stdlib.h - - * Makefile.in (SRCS): Remove extraneous line with only a tab. - (SHLIB_LDFLAGS): Declare that krb5_gss_initialize is to be - unresolved. - - diff --git a/src/lib/kadm5/ChangeLog b/src/lib/kadm5/ChangeLog deleted file mode 100644 index 045cf43be..000000000 --- a/src/lib/kadm5/ChangeLog +++ /dev/null @@ -1,746 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-31 Ken Raeburn <raeburn@mit.edu> - - * server_intertal.h, chpass_util.c: Include autoconf.h. - -2006-03-11 Ken Raeburn <raeburn@mit.edu> - - * server_internal.h, adb.h: Don't look for kdb.h in krb5/. - -2005-11-17 Ken Raeburn <raeburn@mit.edu> - - * admin.h: Include kdb.h instead of k5-int.h. - * kadm_rpc_xdr.c, server_internal.h: Include errno.h instead of - k5-int.h. - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use K5_AC_INIT instead of AC_INIT. - - * kadm_rpc.h: Remove krb5_ui_4 casts on RPC defined numbers. - Remove argument names from RPC proc declarations. Reorder - declarations, change whitespace. Renamed all RPC functions from - _1 to _2 to match current program version number. - -2005-06-20 Ken Raeburn <raeburn@mit.edu> - - Novell merge. - * Makefile.in (adb_err.*): Targets deleted. - (SRCS, OBJS, clean, STLIBOBJS, BUILD_HDRS): Delete references to - adb_err.*. - (HDRS, SRC_HDRS): Delete references to adb.h. - * adb_err.et: Moved to lib/kdb. - * admin.h: Don't include kadm5/adb_err.h. - (krb5_key_salt_tuple): Delete typedef and struct definition. - (kadm5_init, kadm5_init_with_password, kadm5_init_with_skey, - kadm5_init_with_creds, ovsec_kadm_init, - ovsec_kadm_init_with_password, ovsec_kadm_init_with_skey): Add new - char** argument for arbitrary db args. - * admin_xdr.h: Include server_internal.h. - (xdr_krb5_key_data, xdr_osa_pw_hist_ent): Declare. - * kadm_err.et (KADM5_XDR_FAILURE): New error code. - * kadm_rpc.h (struct generic_ret, struct gprincs_ret, struct - chrand_ret, struct gprinc_ret, struct gpol_ret, struct gpols_ret, - struct getprivs_ret): Add new field for error-string return. - * kadm_rpc_xdr.c (xdr_generic_ret, xdr_gprincs_ret, - xdr_chrand_ret, xdr_gprinc_ret, xdr_gpol_ret, xdr_gpols_ret, - xdr_getprivs_ret): Encode/decode new field. - * ovsec_glue.c (ovsec_kadm_init_with_password, - ovsec_kadm_init_with_skey, ovsec_kadm_init): Pass through new - argument to kadm5_init_* routines. - * server_internal.h: Don't include adb.h. - (kadm5_server_handle_rec): Delete policy_db field, add db_args - field. - (OSA_ADB_PRINC_VERSION_1, osa_pw_hist_ent, osa_pw_hist_t, - osa_princ_ent_rec, osa_princ_ent_t, xdr_osa_princ_ent_rec, - osa_free_princ_ent): Duplicate definitions and declarations from - adb.h. - (kdb_iter_entry): Add match_entry argument. - -2005-04-19 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't invoke AC_CANONICAL_HOST explicitly, - CONFIG_RULES already does it. - -2004-08-20 Tom Yu <tlyu@mit.edu> - - * admin.h (KADM5_CONFIG_NO_AUTH): New flag. - -2004-06-25 Tom Yu <tlyu@mit.edu> - - * adb.h: - * kadm_rpc_xdr.c: rpc_u_int32 -> uint32_t - -2004-06-24 Tom Yu <tlyu@mit.edu> - - * alt_prof.c (kadm5_get_admin_service_name): Fix call to - kadm5_get_config_params(). - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (clean-mac): Target deleted. - -2004-06-15 Tom Yu <tlyu@mit.edu> - - * admin.h (kadm5_get_admin_service_name): Prototype for new function. - (KADM5_CONFIG_OLD_AUTH_GSSAPI): New flag to force old AUTH_GSSAPI - flavor. - - * alt_prof.c (kadm5_get_admin_service_name): New function. - -2004-02-12 Tom Yu <tlyu@mit.edu> - - * configure.in: Invoke PRIOCNTL_HACK. - -2003-06-03 Tom Yu <tlyu@mit.edu> - - * alt_prof.c (krb5_read_realm_params): Don't bother reading in - realm_keysalts or realm_num_keysalts, as they're no longer used. - -2003-05-30 Ken Raeburn <raeburn@mit.edu> - - * alt_prof.c (kadm5_get_config_params): Change default max_life to - one day. - -2003-05-13 Ken Raeburn <raeburn@mit.edu> - - * alt_prof.c (kadm5_get_config_params): Remove aes256 from the - default supported enctypes list for now. - -2003-05-04 Sam Hartman <hartmans@mit.edu> - - * chpass_util_strings.et: Replace reference to ovpasswd with kpasswd - -2003-04-18 Ken Raeburn <raeburn@mit.edu> - - * alt_prof.c (kadm5_get_config_params): Add aes256 to the default - supported enctypes list. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't explicitly invoke AC_PROG_ARCHIVE, - AC_PROG_ARCHIVE_ADD, AC_PROG_RANLIB, AC_PROG_INSTALL. - - * configure.in: Use V5_AC_OUTPUT_MAKEFILE instead of - K5_GEN_MAKEFILE and K5_AC_OUTPUT. - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * Makefile.ov: Deleted. - -2002-12-12 Tom Yu <tlyu@mit.edu> - - * Makefile.in (all-prerecurse): Change double colons to single - colons. - -2002-11-05 Tom Yu <tlyu@mit.edu> - - * chpass_util_strings.et: Remove trailing colons, as new - implementation of krb5_read_password() appends it. - -2002-10-08 Tom Yu <tlyu@mit.edu> - - * adb.h (struct _osa_adb_db_ent_t): Add opencnt, which keeps track - of how many times an open was attempted on the adb. - - * admin.h: Add kadm5_lock and kadm5_unlock. - -2002-09-18 Ken Raeburn <raeburn@mit.edu> - - * admin.h (struct __krb5_realm_params): New field - realm_kdc_tcp_ports. - * alt_prof.c (krb5_read_realm_params): Fill it in by looking up - "kdc_tcp_ports" in the config file. - (krb5_free_realm_params): Free the storage. - - * logger.c (klog_com_err_proc, krb5_klog_init, krb5_klog_close, - severity2string, klog_vsyslog, krb5_klog_syslog, - krb5_klog_reopen): Always define functions in prototype style. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-22 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in ($(HDRS)): Depend on "includes". - -2002-07-31 Tom Yu <tlyu@mit.edu> - - * kadm_err.et: Add KADM5_MISSING_KRB5_CONF_PARAMS, indicating a - problem with krb5.conf. This prevents confusing users who look - for kdc.conf trouble rather than krb5.conf trouble, which is what - they should be looking at on a kadm5 client. - -2002-06-04 Ken Raeburn <raeburn@mit.edu> - - * get_admhst.c: Deleted. - -2001-11-05 Ezra Peisach <epeisach@mit.edu> - - * alt_prof.c (krb5_aprof_get_boolean): Return krb5_boolean * - instead of int *. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * logger.c (krb5_klog_init): Initialize savec to keep compiler - happy. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * logger.c: Drop _MSDOS support. - -2001-09-25 Ken Raeburn <raeburn@mit.edu> - - * admin.h (krb5_realm_params): Add fields realm_reject_bad_transit - and realm_reject_bad_transit_valid; delete field realm_filler. - * alt_prof.c (string_to_boolean, krb5_aprof_get_boolean): New - functions. - (krb5_read_realm_params): Parse "reject_bad_transit" value as - boolean and save it. - -2001-07-25 Ezra Peisach <epeisach@mit.edu> - - * kadm_rpc_xdr.c: Add xdr_krb5_ui_2. - (xdr_krb5_tl_data): Change local variable from int to unsigned int. - - * admin_xdr.h: Add prototype for xdr_krb5_ui_2. - -2001-07-08 Ezra Peisach <epeisach@mit.edu> - - * logger.c (severity2string): Declare as returning const char *. - (klog_com_err_proc): Do not discard const status of format string. - -2001-07-06 Ezra Peisach <epeisach@mit.edu> - - * server_internal.h: Add prototype for krb5_copy_key_data_contents. - -2001-06-26 Ezra Peisach <epeisach@mit.edu> - - * str_conv.c (krb5_string_to_keysalts): When parsing string, allow - for extra separator characters (like spaces) between keysalts. - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * admin_internal.h (_KADM5_CHECK_HANDLE): Change code to ecode in - blocked statement to prevent shadowing. - -2001-06-20 Ken Raeburn <raeburn@mit.edu> - - * logger.c (krb5_klog_init) [HAVE_SYSLOG]: Loop over an array of - syslog facility names rather than open-coding each check. Add - "authpriv" and "ftp" names. - -2001-06-20 Ezra Peisach <epeisach@mit.edu> - - * server_internal.h: Add prototype for kdb_iter_entry(). - -2001-06-18 Ezra Peisach <epeisach@mit.edu> - - * alt_prof.c (krb5_read_realm_params): Cast argument to isspace() - to int. - * logger.c (krb5_klog_init): Likewise. - -2001-06-17 Ezra Peisach <epeisach@mit.edu> - - * logger.c (klog_vsyslog): If krb5_klog_init() is not called, do - not pass a NULL pointer to vsprintf for a %s format. Also, if - syslog() exists on the system, fallback to using this so the - message is not dropped on the floor. - -2001-06-04 Ezra Peisach <epeisach@mit.edu> - - * logger.c (krb5_klog_init): Cleanup assignments in - conditionals. Ensure that if hostname is MAXHOSTNAMELEN, buffer is - \0 terminated. - - * str_conv.c (krb5_string_to_keysalts, krb5_keysalt_iterate): - Clean up assignments in conditionals. - - * admin.h: Move kadm5_free_name_list() to version 1 api as it is - present in the ovsec_glue layer. - -2001-03-10 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * str_conv.c: Include adm_proto.h for missing prototypes. - -Sun Feb 18 16:26:33 2001 Ezra Peisach <epeisach@mit.edu> - - * server_internal.h: Add prototype for - krb5_free_key_data_contents() which really should be in libkdb. - - * kadm_rpc_xdr.c: Include krb5/admin_xdr.h for prototypes. - - * kadm_rpc.h: Add prototypes for client and server stub - functions. Server functions renamed to have _svc appended. - - * alt_prof.c: Clean up warnings. Do not shadow index() with local - variable. - - * admin_xdr.h: Add prototypes for xdr_nulltype(), xdr_krb5_ui_4(), - xdr_krb5_int16(), xdr_krb5_key_data_nocontents(), - xdr_krb5_key_salt_tuple(), xdr_krb5_tl_data(), - xdr_kadm5_principal_ent_rec_v1(), xdr_cprinc3_arg(), - xdr_generic_ret(0, xdr_chpass3_arg(), xdr_setv4key_arg(), - xdr_setkey_arg(), xdr_setkey3_arg(), xdr_chrand3_arg(), - xdr_gprincs_arg(), xdr_grpincs_ret(), xdr_gpols_arg(), - xdr_gpols_ret(), xdr_getprivs_ret(), xdr_krb5_salttype(). - - * admin_internal.h: Add prototype for _kadm5_check_handle(). - - * admin.h: Add prototypes for kadm5_free_config_params(), - kadm5_decrypt_key(), ovsec_kadm_free_name_list(). - - * adb.h: Add prototypes for xdr_osa_pw_hist_ent(), - xdr_krb5_key_data(), osa_adb_rename_db(), - osa_adb_rename_policy_db(). - -2001-01-16 Ken Raeburn <raeburn@mit.edu> - - * str_conv.c (krb5_keysalt_iterate): Always use the prototype for - function-pointer argument ITERATOR. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * admin.h (KADM5_PW_FIRST_PROMPT): Get rid of casts from - error_message to char * - leave them as const char *. - (kadm5_chpass_principal_util): Argument msg_len is unsigned int. - - * admin_internal.h (_kadm5_chpass_principal_util): msg_len is - unsigned int. - - * chpass_util.c (_kadm5_chpass_principal_util): Change msg_len to - unsigned int. Arhument to krb5_read_password is unsigned int. - -2000-07-03 Ezra Peisach <epeisach@mit.edu> - - * admin.h: Add kadm5_free_name_list prototype. - -2000-06-30 Tom Yu <tlyu@mit.edu> - - * adb.h: Add btinfo. - - * configure.in: Remove AIX_DB_LIB kludge as we're now building - libdb reasonably. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * alt_prof.c (krb5_aprof_init): profile_init takes a - profile_filespec_t as argument instad of char **. - -2000-06-23 Ken Raeburn <raeburn@mit.edu> - - * alt_prof.c (kadm5_get_config_params): Include des3 in supported - enctypes by default. - - * ovsec_glue.c (ovsec_kadm_chpass_principal_util): Use 1024 for - hard-coded length, to match existing callers. - -2000-06-23 Nalin Dahyabhai <nalin@redhat.com> - - * admin.h: Add a length parameter to kadm5_chpass_principal_util(). - * admin_internal.h: Add a length parameter to - _kadm5_chpass_principal_util(). - * chpass_util.c (_kadm5_chpass_principal_util): Add a length parameter, - and use it to avoid overflowing "msg_ret". - * ovsec_glue.c (ovsec_kadm_chpass_principal_util): Adjust for new - parameter in kadm5_chpass_principal_util(). - - * logger.c (klog_com_err_proc): Don't overflow buffer "outbuf". - -2000-05-31 Wilfredo Sanchez <tritan@mit.edu> - - * configure.in, chpass_util.c, server_internal.h: Check for - existance of <memory.h>. - [from Nathan Neulinger <nneul@umr.edu>] - -2000-02-26 Tom Yu <tlyu@mit.edu> - - * kadm_rpc_xdr.c (xdr_cprinc3_arg): Don't XDR the nonexistent - keepold flag. - - * kadm_rpc.h: Remove keepold flag from cprinc3_arg. - - * admin.h: Remove keepold flag from create_principal_3, which was - kinda ridiculous. - -2000-02-22 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (includes): Extract basename of header file to be - installed, since Digital UNIX 4.0 native make substitutes the - VPATH-derived pathname here. - -2000-02-21 Bear Giles <bgiles@coyotesong.com> - - * alt_prof.c (krb5_read_realm_params): Permit realm supported - enctypes to be unspecified, letting the KDC produce defaults. - Don't look up enctypes at all if an error is to be returned. - -2000-02-18 Tom Yu <tlyu@mit.edu> - - * kadm_rpc_xdr.c (xdr_chpass3_arg): - (xdr_chrand3_arg): Fix up calls to xdr_array. - -2000-02-13 Tom Yu <tlyu@mit.edu> - - * kadm_rpc_xdr.c: Add xdr functions for new kadm rpc functions. - - * kadm_rpc.h: Add arg structs, prototypes, constants for new kadm - rpc functions. - - * kadm_err.et: Add error code KADM5_SETKEY3_ETYPE_MISMATCH. - - * admin.h: Add prototype for setkey_principal_3. - -1999-12-01 Ken Raeburn <raeburn@mit.edu> - - * logger.c (klog_vsyslog): Convert pid_t to long for printing. - -1999-11-30 Ken Raeburn <raeburn@mit.edu> - - * alt_prof.c (kadm5_get_config_params): Fix bug in direction of - test while walking through whitespace. Thanks to Matt Crawford. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-09-28 Ken Raeburn <raeburn@mit.edu> - - * logger.c (lspec_parse_err_1, lspec_parse_err_2, log_file_err, - log_device_err, log_ufo_string, log_emerg_string, - log_alert_string, log_crit_string, log_err_string, - log_warning_string, log_notice_string, log_info_string, - log_debug_string): Replace char arrays with macros. - (klog_com_err_proc, klog_vsyslog): When calling syslog, supply %s - format string. - -1999-09-23 Ken Raeburn <raeburn@mit.edu> - - * logger.c (DEVICE_PRINT, klog_com_err_proc, klog_vsyslog): Use - proper format strings to fprintf, instead of net-supplied data. - Fold in writes of following end-of-line sequences when - appropriate. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Fri Dec 4 23:12:43 1998 Tom Yu <tlyu@mit.edu> - - * admin.h: Add prototypes for create_principal_3, - chpass_principal_3, and randkey_principal_3. - -Thu Aug 13 17:21:06 1998 Tom Yu <tlyu@mit.edu> - - * alt_prof.c (krb5_read_realm_params): Fix to check - "supported_enctypes" if "kdc_supported_enctypes" isn't there. - -Wed Aug 12 20:19:08 1998 Tom Yu <tlyu@mit.edu> - - * alt_prof.c (krb5_read_realm_params): Use - "kdc_supported_enctypes" instead of "supported_enctypes" so that - the KDC and the kadmind will use different enctype lists. - -Wed Jul 8 04:48:50 1998 Geoffrey J. King <gjking@mit.edu> - - * logger.c: Add the function krb5_klog_reopen() which closes - and reopens the log files. - -Mon Apr 6 19:40:05 1998 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * Makefile.in (includes): Don't call mkdir unless the directory - exists. - -Fri Feb 27 22:30:41 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in: Move tests from all of kadm5's subdirectories into - this configure.in, and make it generate makefiles for all - of the subdirectories. - - * Makefile.in: Add a LOCAL_SUBDIRS macro for all subdirectories in - the kadm5 library. - -Wed Feb 25 15:00:10 1998 Ezra Peisach <epeisach@mit.edu> - - * alt_prof.c (krb5_free_realm_params): Free realm_acl_file portion - of structure. - -Wed Feb 18 16:13:56 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 21:33:27 1998 Tom Yu <tlyu@mit.edu> - - * admin.h: - * kadm_rpc.h: - * kadm_rpc_xdr.c: Update header locations. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Wed Jan 28 16:32:36 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in, Makefile.in: Remove the CopySrcHeader and - CopyHeader macros from configure.in and substitute - equivalent functionality in Makefile.in - -Tue Jan 20 23:06:36 1998 Tom Yu <tlyu@mit.edu> - - * alt_prof.c (kadm5_get_config_params): Add support for Cygnus chpw. - - * admin.h: Add support for Cygnus chpw. - -Mon Oct 13 10:48:24 1997 Ezra Peisach <epeisach@mit.edu> - - * alt_prof.c (kadm5_get_config_params): When KADM5_CONFIG_ENCTYPES - is set on the input parameters, allocate a new copy of the - key_salts for the output parameters. - (kadm5_free_config_params): Free the admin_server and admin_lockfile - names. - -Tue Oct 7 07:48:12 1997 Ezra Peisach <epeisach@mit.edu> - - * logger.c: Include ctype.h for isspace definition. - -Tue Jul 1 02:31:07 1997 Tom Yu <tlyu@mit.edu> - - * kadm_rpc.h, kadm_rpc_xdr.c: Add support for setv4key. - -Sun Jun 29 14:52:04 1997 Tom Yu <tlyu@mit.edu> - - * kadm_err.et: Add support for kadm5_setv4key_principal. - - * admin.h: Add prototype for kadm5_setv4key_principal. - -Wed May 28 13:34:17 1997 Barry Jaspan <bjaspan@mit.edu> - - * admin.h: add prototype for kadm5_setkey_principal - - * misc_free.c (kadm5_free_key_data): add kadm5_free_data - -Mon Mar 31 17:41:11 1997 Barry Jaspan <bjaspan@mit.edu> - - * kadm_err.et, kadm_rpc.h, kadm_rpc_xdr.c: add support for - setkey_principal - -Thu Jan 16 19:01:00 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in (all-prerecurse): Update to use double-colon rules. - -Wed Jan 15 20:43:01 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new libarary build procedure. - -Mon Nov 11 17:01:40 1996 Barry Jaspan <bjaspan@mit.edu> - - * kadm_rpc_xdr.c: fix memory leak handling key_data and tl_data - -Wed Nov 6 10:20:36 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * kadm_err.et: New error codes for KADM5_MISSING_CONF_PARAMS and - KADM5_BAD_SERVER_NAME. - -Mon Nov 4 21:16:01 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * alt_prof.c (krb5_aprof_init): If the user specifies the config - file using a configuration file, it must exist. - Otherwise, krb5_aprof_init will return an error. - (kadm5_get_config_params): If aprof_init returns an error, - it should return an error as well. - -Wed Nov 6 17:45:43 1996 Barry Jaspan <bjaspan@mit.edu> - - * kadm_rpc_xdr.c (xdr_krb5_principal): handle a NULL principal - pointer (this can happen when get_principal is passed a mask - without KADM5_PRINCIPAL in it, and will cause a beta 7 kadmind to - coredump) - -Fri Nov 1 13:16:16 1996 Barry Jaspan <bjaspan@mit.edu> - - * kadm_err.et: update for new tl_data semantics [krb5-admin/140] - -Fri Oct 25 23:47:26 1996 Tom Yu <tlyu@mit.edu> - - * configure.in, Makefile.in: Tweaks to prevent unecessary - rebuilding. - -Mon Oct 21 21:23:44 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Fixes for new directory recursion method; also - fixes for inclusion sequencing. - -Mon Oct 21 16:29:11 1996 Barry Jaspan <bjaspan@mit.edu> - - * server_internal.h (ALL_PRINC_MASK): add KADM5_TL_DATA and - KADM5_KEY_DATA to ALL_PRINC_MASK [krb5-admin/20] - -Fri Oct 18 15:44:14 1996 Barry Jaspan <bjaspan@mit.edu> - - * kadm_rpc_xdr.c, misc_free.c, server_internal.h: include stdlib.h - instead of malloc.h [krb5-admin/35] - -Tue Oct 15 18:01:51 1996 Barry Jaspan <bjaspan@mit.edu> - - * logger.c (krb5_klog_init): remember to call openlog() when - defaulting to syslog because nothing else was specified - (klog_vsyslog): enable VERBOSE_LOGS so we get the process name and - pid [krb5-kdc/63] - -Thu Sep 26 17:45:18 1996 Barry Jaspan <bjaspan@mit.edu> - - * alt_prof.c: don't allow admin_dbname or admin_lockfile to be - independetly configured - -Fri Sep 20 16:52:07 1996 Barry Jaspan <bjaspan@mit.edu> - - * configure.in: add unit-test directory - -Wed Sep 18 12:35:16 1996 Barry Jaspan <bjaspan@mit.edu> - - * alt_prof.c (kadm5_get_config_params): set max_life default to 10 - hours, instead of 0 - -Tue Sep 17 15:09:28 1996 Barry Jaspan <bjaspan@mit.edu> - - * server_internal.h (ALL_PRINC_MASK): Add MAX_RLIFE to - ALL_PRINC_MASK. - -Tue Sep 10 01:47:39 1996 Mark Eichin <eichin@cygnus.com> - - * alt_prof.c (krb5_aprof_init): use profile_init_path on fname, - not profile_init. - -Wed Aug 28 16:11:50 1996 Barry Jaspan <bjaspan@mit.edu> - - * alt_prof.c (kadm5_get_config_params): fix default semantics to - agree with api-funcspec.tex - -Mon Aug 26 17:02:55 1996 Barry Jaspan <bjaspan@mit.edu> - - * admin.h: KRB5_TL_KADM5_E_DATA moved to kdb.h - -Fri Aug 2 13:19:29 1996 Barry Jaspan <bjaspan@DUN-DUN-NOODLES> - - * alt_prof.c (kadm5_get_config_params): alloc enough bytes for - adbname - - * kadm_rpc_xdr.c (xdr_krb5_kvno): assign tmp before xdr'ing it to - avoid a spurious purify error - -Thu Jul 25 12:04:32 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * admin_internal.h (_KADM5_CHECK_HANDLE): Add parenthesis around - assignment used as truth value to reduce gcc -Wall flames. - - * misc_free.c (kadm5_free_name_list, krb5_free_key_data_contents: - Add KADM5_OK return value upon success. - - -Wed Jul 24 18:18:39 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * Makefile.in, configure.in: fix shared lib lossage by - rearrangement of subdirectories - -Tue Jul 23 16:49:56 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * Makefile.in: delete extraneous trailing backslash from GENSRCS - and GENOBJS - -Mon Jul 22 04:17:23 1996 Marc Horowitz <marc@mit.edu> - - * configure.in (LIBS): add -lgen to LIBS whenever compile is - found. Solaris requires it. - - * chpass_util.c (_kadm5_chpass_principal_util): the calls to - kadm5_free_{princicpal,policy}_ent used server_handle instead of - lhandle, which caused problems in the api versioning code. - -Thu Jul 18 19:50:39 1996 Marc Horowitz <marc@mit.edu> - - * configure.in: removed ET_RULES, replaced with AC_PROG_AWK - -Mon Jul 15 16:52:44 1996 Barry Jaspan <bjaspan@mit.edu> - - * client_init.c (_kadm5_init_any): use krb5_get_in_tkt_keytab - instead of changing krb5_defkeyname - -Mon Jul 15 16:36:02 1996 Marc Horowitz <marc@mit.edu> - - * Makefile.in (CLNTOBJS), AC_REPLACE_FUNCS: check for setenv, and - link against setenv.o if it's needed. - -Fri Jul 12 15:06:48 1996 Marc Horowitz <marc@mit.edu> - - * svr_iters.c (glob_to_regexp:append_realm): the semantics and - code were somewhat confused. they are now fixed. - - * logger.c (HAVE_*): turn all the "#if HAVE_*" into - "#ifdef HAVE_*" - - * configure.in (AC_CHECK_FUNCS): check for the functions which - logger.c checks for. - - * svr_principal.c (kadm5_get_principal): due to the the api - versioning, it is possible for this function to be called with a - three argument prototype. in this case, do not modify mask, - because this will clobber the stack on some platforms. - - * client_principal.c (kadm5_create_principal): be more careful - about what sorts of things are referenced, passed down, and passed - back if the caller is api v1. - -Wed Jul 10 01:29:34 1996 Marc Horowitz <marc@mit.edu> - - * configure.in: added autoconf support - -Tue Jul 9 17:38:43 1996 Marc Horowitz <marc@mit.edu> - - * svr_iters.c (*_REGEXPS): rework the conditionals to operate - as functions of function symbols tested by configure. - * client_init.c (setenv, unsetenv declarations): make them the - same as the stdlib declarations, if they're going to be here at - all. - * Makefile.in: reworked to support building both libraries. this - required a bunch of changes, including some coordinating ones in - aclocal.m4 - -Tue Jul 9 16:26:26 1996 Barry Jaspan <bjaspan@mit.edu> - - * svr_principal.c (kadm5_decrypt_key): add kadm5_decrypt_key - -Mon Jul 8 16:55:22 1996 Barry Jaspan <bjaspan@mit.edu> - - * svr_iters.c (kadm5_get_either): append local ream to globs with - no realm - - * alt_prof.c: fix dbname, admin_dbname, and admin_lockfile to - derive from each other as in spec - - * adb_policy.c: add create_db/destroy_db - - * adb_openclose.c: add create_db/destroy_db, fix handling of - permanent locks, handle multiple lock files via static linked list - - * adb.h: update create_db/destroy_db to make params instead of - explicit values - - * Makefile.ov (TOP): Use ../../kadmin, not kadmin.ov - - diff --git a/src/lib/kadm5/clnt/ChangeLog b/src/lib/kadm5/clnt/ChangeLog deleted file mode 100644 index 5ffae1f3b..000000000 --- a/src/lib/kadm5/clnt/ChangeLog +++ /dev/null @@ -1,368 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * err_handle.c: Include autoconf.h and string.h. - (HAVE_PTHREAD_H): Undefine. - - * Makefile.in (DEFS): Make empty. - -2006-03-31 Ken Raeburn <raeburn@mit.edu> - - * client_init.c: Include autoconf.h. - -2005-11-17 Ken Raeburn <raeburn@mit.edu> - - * client_principal.c, clnt_policy.c: Include errno.h. - * client_init.c: Include k5-int.h before krb5.h. - * err_handle.h: Include com_err.h and krb5.h instead of k5-int.h. - -2005-10-13 Ken Raeburn <raeburn@mit.edu> - - * libkadm5clnt.exports: Don't export internal error-table - symbols. - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * libkadm5clnt.exports: Delete RPC functions, and references to - adb error table. - * client_init.c, client_principal.c, client_rpc.c, clnt_policy.c, - clnt_privs.c: Renamed all RPC functions from _1 to _2 to match - current program version number. - -2005-07-01 Ken Raeburn <raeburn@mit.edu> - - * err_handle.c (krb5_err_key): Variable deleted. - (init_err_handling, krb5_set_err, krb5_get_err_string, - krb5_clr_error): Use k5_ macros for thread-specific data instead - of pthread versions. - -2005-06-20 Ken Raeburn <raeburn@mit.edu> - - Novell merge. - * err_handle.c: New file. - * err_handle.h: New file. - * Makefile.in (SRCS, OBJS, STLIBOBJS, err_handle.o): Build - err_handle.c. - * client_init.c (_kadm5_init_any): Accept new db_args argument, - but ignore it. Don't call initialize_adb_error_table. - (kadm5_init_with_creds, kadm5_init_with_password, kadm5_init, - kadm5_init_with_skey): Accept new db_args argument and pass it - through to _kadm5_init_any. - * client_principal.c: Include err_handle.h. - (kadm5_get_principal, kadm5_get_principals, - kadm5_randkey_principal_3, kadm5_randkey_principal): If an error - was returned from the server, pass it and the error string to - krb5_set_err. - * clnt_policy.c: Include err_handle.h. - (kadm5_create_policy, kadm5_delete_policy, kadm5_modify_policy, - kadm5_get_policy, kadm5_get_policies): If an error was returned - from the server, pass it and the error string to krb5_set_err. - * clnt_privs.c: Include err_handle.h. - (kadm5_get_privs): If an error was returned from the server, pass - it and the error string to krb5_set_err. - -2005-02-11 Tom Yu <tlyu@mit.edu> - - * client_init.c (kadm5_get_init_creds, kadm5_gic_iter) - (kadm5_setup_gss, kadm5_rpc_auth): New functions, containing parts - of _kadm5_init_any. - (_kadm5_init_any): Bits broken out into helper functions. - (kadm5_get_init_creds): Fall back from kadmin/fqdn to kadmin/admin - if NULL service name passed in. - (kadm5_rpc_auth): Fall back from RPCSEC_GSS to AUTH_GSSAPI. - -2004-10-25 Tom Yu <tlyu@mit.edu> - - * client_init.c (_kadm5_init_any): Pass req_flags and cred to - auth_gss_create(). - -2004-08-20 Tom Yu <tlyu@mit.edu> - - * client_init.c (_kadm5_init_any): Remove INIT_TEST ifdefs. Use - KADM5_CONFIG_NO_AUTH to request no auth (for testing). - -2004-06-30 Ken Raeburn <raeburn@mit.edu> - - * libkadm5clnt.exports: Export kadm5_get_admin_service_name. - -2004-06-24 Tom Yu <tlyu@mit.edu> - - * client_init.c (_kadm5_init_any)[DEBUG]: Print error from - clnttcp_create(). - (_kadm5_init_any): Use kadm5_get_admin_service_name() if null - pointer passed in for service_name. - -2004-06-15 Tom Yu <tlyu@mit.edu> - - * client_principal.c (eret): Add some debugging messages for some - RPC errors. - - * client_init.c (_kadm5_init_any): Add support for RPCSEC_GSS. - Default to using AUTH_GSSAPI for ovsec. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBBASE): Renamed from LIB. - -2004-04-22 Ken Raeburn <raeburn@mit.edu> - - * libkadm5clnt.exports: New file. - -2003-12-13 Ken Raeburn <raeburn@mit.edu> - - * client_init.c (enctypes): Variable deleted. - (_kadm5_init_any): Pass a null pointer instead of enctypes. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for lib_frag and libobj_frag. - -2002-10-08 Tom Yu <tlyu@mit.edu> - - * Makefile.in (LIBMINOR): Bump. - - * client_init.c (kadm5_lock, kadm5_unlock): Add stubs that error - out, since these are not supported on the client side. - -2002-09-18 Ken Raeburn <raeburn@mit.edu> - - * client_init.c (_kadm5_init_any): If creating a new ccache, put - it in memory instead of on disk. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-07-31 Tom Yu <tlyu@mit.edu> - - * client_init.c (_kadm5_init_any): Use - KADM5_MISSING_KRB5_CONF_PARAMS in order to be less confusing to - someone running kadmin rather than kadmin.local. - -2002-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS, SHLIB_EXPLIBS): Drop references to - libdyn. - -2002-03-06 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBMAJOR): Bump to avoid Heimdal conflict. - -2001-11-07 Sam Hartman <hartmans@mit.edu> - - * client_init.c: Allow arcfour-hmac-md5 to be used for kadmin - -2001-06-18 Ezra Peisach <epeisach@mit.edu> - - * client_init.c (_kadm5_init_any): Add casts to (gss_OID) in calls - to gss library. - -Sun Feb 18 17:32:53 2001 Ezra Peisach <epeisach@mit.edu> - - * client_rpc.c: Insure pointer argument type is same as passed - onto xdr functions. (arguments specified to *3_1 functions were - for the *_1 functions). - - * client_init.c, client_principal.c, clnt_policy.c: Cleanup unused - variables and assignments in conditionals. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * clnt_chpass_util.c (kadm5_chpass_principal_util): Change msg_len - to unsigned int. - -2000-07-03 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in: The client library does not depend on the database - library. Remove reference to it. - -2000-06-30 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): Add libdb. - (SHLIB_EXPLIBS): Add -ldb. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * client_init.c (_kadm5_init_any): gss_krb5_ccache_name returns - const char *, but the code was treating it as a char *. - -2000-06-23 Nalin Dahyabhai <nalin@redhat.com> - - * clnt_chpass_util.c (kadm5_chpass_principal_util): Adjust for new - length parameter in both kadm5_chpass_principal_util() and in - _kadm5_chpass_principal_util(). - - * client_init.c (_kadm5_init_any): Fix determination of client - name length for overflow checking. - -2000-06-23 Ken Raeburn <raeburn@mit.edu> - - * client_init.c (enctypes): Add des3 and des-md5 to the list of - permitted enctypes. - -2000-05-31 Wilfredo Sanchez <tritan@mit.edu> - - * client_init.c, client_principal.c, client_rpc.c: Check for - existance of <memory.h>. - [from Nathan Neulinger <nneul@umr.edu>] - -2000-02-26 Tom Yu <tlyu@mit.edu> - - * client_principal.c (kadm5_create_principal_3): Remove keepold - argument. - - * Makefile.in (LIBMAJOR): Bump major number due to call signature - changes. - -2000-02-13 Tom Yu <tlyu@mit.edu> - - * client_rpc.c: Add new client stubs. - - * client_principal.c: Add new functions for client-side kadm rpc - calls. - -2000-01-27 Ken Raeburn <raeburn@raeburn.org> - - * client_init.c (enctypes): New array, listing only - ENCTYPE_DES_CBC_CRC. - (_kadm5_init_any): Pass it in krb5_get_in_tkt_with_* calls for - now, while GSSAPI/krb5 can only handle DES. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-08-27 Tom Yu <tlyu@mit.edu> - - * client_init.c (_kadm5_init_any): Remove support for krb5-mech2 - for now. - -Thu May 13 17:24:44 1999 Tom Yu <tlyu@mit.edu> - - * client_init.c (_kadm5_init_any): Use gss_krb5_ccache_name() to - set the gssapi ccache name. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -1998-10-27 Marc Horowitz <marc@mit.edu> - - * client_init.c (_kadm5_init_any): try the krb5 v2 mechanism - first, and if that fails, try the krb5 v1 mech. - -Sun Jul 26 18:11:56 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * Makefile.in (LIBMAJOR): bump libmajor - -Wed Apr 15 18:05:57 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): - (SHLIB_EXPLIBS): Rename libcrypto -> libk5crypto. - -Fri Feb 27 22:32:16 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Changed thisconfigdir to point at the lib/kadm5 - directory, since we've moved all of the configure.in - tests to the toplevel lib/kadm5 configure.in - -Wed Feb 18 16:14:27 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 21:30:34 1998 Tom Yu <tlyu@mit.edu> - - * client_init.c: - * client_principal.c: - * client_rpc.c: - * clnt_policy.c: - * clnt_privs.c: Update header locations. - - * Makefile.in (LIBMAJOR): Bump major version to reflect change in - rpc library. - -Wed Jan 28 16:32:36 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in, Makefile.in: Remove the CopySrcHeader macro - from configure.in and substitute equivalent - functionality in Makefile.in - -Mon Oct 13 10:55:02 1997 Ezra Peisach <epeisach@mit.edu> - - * client_init.c (kadm5_destroy): Free handle->lhandle field, call - kadm5_free_config_params and krb5_free_context. - -Tue Jul 1 02:34:46 1997 Tom Yu <tlyu@mit.edu> - - * client_principal.c, client_rpc.c: Add support for setv4key. - -Mon Mar 31 17:40:48 1997 Barry Jaspan <bjaspan@mit.edu> - - * client_principal.c, client_rpc.c: add support for - setkey_principal - -Sat Feb 22 01:35:19 1997 Sam Hartman <hartmans@tertius.mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): s/.so/$(SHLIBEXT) - -Wed Jan 15 20:49:34 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Wed Nov 13 19:20:11 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in (clean-unix): Remove shared/*. - -Wed Nov 6 10:35:01 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * client_init.c (_kadm5_init_any): Use a more fined grained error - code, KADM5_MISSING_CONF_PARAMS instead of - KRB5_CONFIG_BADFORMAT - (_kadm5_init_any): Use a more fined grained error code, - KADM5_BAD_SERVER_NAME, instead of KRB5_CONFIG_BADFORMAT. - -Thu Nov 7 11:41:08 1996 Ezra Peisach <epeisach@mit.edu> - - * client_principal.c (kadm5_get_principal, - kadm5_modify_principal): For a V1 request, copy only the - memory that is allocated for the incomming principal. - -Fri Oct 4 08:38:16 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * client_principal.c (kadm5_randkey_principal): Do not assume that - malloc(0) returns non-NULL. [krb5-admin/29] - -Mon Aug 26 16:33:31 1996 Barry Jaspan <bjaspan@mit.edu> - - * client_init.c (_kadm5_init_any): use DEFAULT_PROFILE_PATH - instead of "/etc/krb5.conf" - -Wed Jul 31 17:01:38 1996 Tom Yu <tlyu@mit.edu> - - * client_init.c: Revert prior change due to netdb.h shuffling. - -Tue Jul 30 19:47:53 1996 Tom Yu <tlyu@mit.edu> - - * client_init.c: Remove #include <netdb.h> because rpc/types.h - (included from kadm5/admin.h) gets it. - -Wed Jul 24 20:59:35 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * configure.in: Don't replace setenv - - * client_init.c (_kadm5_init_any): Use krb5_setenv and krb5_unsetenv - -Wed Jul 24 18:20:47 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * Makefile.in, configure.in: break out client lib into a - subdirectory - diff --git a/src/lib/kadm5/srv/ChangeLog b/src/lib/kadm5/srv/ChangeLog deleted file mode 100644 index 70f06ee17..000000000 --- a/src/lib/kadm5/srv/ChangeLog +++ /dev/null @@ -1,593 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-31 Ken Raeburn <raeburn@mit.edu> - - * svr_iters.c: Include autoconf.h. - -2006-03-11 Ken Raeburn <raeburn@mit.edu> - - * svr_principal.c, server_misc.c: Don't look for kdb.h in krb5/. - -2005-11-17 Ken Raeburn <raeburn@mit.edu> - - * server_init.c, svr_policy.c: Include errno.h. - -2005-10-13 Ken Raeburn <raeburn@mit.edu> - - * libkadm5srv.exports: Don't export internal error-table symbols, - or osa* symbols that no longer exist in this library. - -2005-09-27 Tom Yu <tlyu@mit.edu> - - * svr_iters.c (glob_to_regexp): Increment pointer, not character, - when handling backslash quoting. Patch from K.G. Gokulavasan. - -2005-06-20 Ken Raeburn <raeburn@mit.edu> - - Novell merge. - * Makefile.in (SRCS, OBJS, STLIBOBJS): Remove adb_policy, - adb_free, and adb_openclose. - * adb_free.c: Deleted. - * adb_openclose.c, adb_policy.c: Moved to lib/kdb/kdb_db2. - * adb_xdr.c: Include server_internal.h; don't include adb.h. - (xdr_osa_policy_ent_rec): Function deleted. - (osa_free_princ_ent): Moved here from old adb_free.c. - * server_init.c (dup_db_args, free_db_args): New functions. - (kadm5_init_with_password, kadm5_init_with_creds, - kadm5_init_with_skey): Accept new db_args argument, and pass it to - kadm5_init. - (kadm5_init): Accept new db_args argument. Don't set the database - name; instead, set the default realm for the context. Call - krb5_db_open instead of krb5_db_init, requesting write access and - passing in the database arguments. Don't call adb_policy_init, - and don't set deleted field handle->lhandle->policy_db. - (kadm5_lock): Don't lock the policy database. Use - KRB5_DB_LOCKMODE_EXCLUSIVE flags instead of - KRB5_LOCKMODE_EXCLUSIVE. - (kadm5_unlock): Don't unlock the policy database. - (kadm5_flush): In the error case, use krb5_db_open instead of - krb5_db_set_name and krb5_db_init. - * server_kdb.c (kdb_init_master): Don't call krb5_db_init. Use - KADM5_XDR_FAILURE instead of OSA_ADB_XDR_FAILURE. - (kdb_iter_entry): Accept new string argument match_entry; pass it - to krb5_db_iterate. - * server_misc.c: Don't include adb.h. - (adb_policy_init): Don't call osa_adb_open_policy. If - krb5_db_inited is falso on the context, call krb5_db_open. - (adb_policy_close): Don't call osa_adb_close_policy; do nothing. - * svr_iters.c: Don't include adb.h. - (kadm5_get_either): Pass glob pattern ("*" if not specified) to - kdb_iter_entry. - * svr_policy.c: Don't include adb.h. - (kadm5_create_policy, kadm5_delete_policy, kadm5_modify_policy, - kadm5_get_policy): Call krb5_db_clr_error. Call - krb5_db_create_policy etc instead of osa_adb_* versions, passing - the krb5 context instead of the policy database handle. For - krb5_db_get_policy, treat a returned count of zero as a not-found - indication. - (kadm5_modify_policy_internal): Don't translate the returned error - code from krb5_db_put_policy. - * svr_principal.c: Don't include adb.h. - (kadm5_copy_principal, kadm5_free_principal): New functions, using - krb5_db_alloc and krb5_db_free for storage. - (cleanup_key_data): Use krb5_db_free. - (kadm5_create_principal_3, kadm5_delete_principal, - kadm5_modify_principal, kadm5_rename_principal, - kadm5_get_principal, kadm5_chpass_principal_3, - kadm5_randkey_principal_3, kadm5_setv4key_principal, - kadm5_setkey_principal_3, - - ): Call krb5_db_clr_error. - (kadm5_create_principal_3): Use kadm5_copy_principal instead of - krb5_copy_principal. If the KADM5_TL_DATA flag is set, call - krb5_dbe_update_tl_data on each element supplied, to augment - and/or replace the existing tl data with a copy of the supplied - data, instead of splicing the supplied list and the existing list - together. Use krb5_db_free_principal instead of - krb5_dbe_free_contents. - (kadm5_modify_principal): Use krb5_dbe_update_tl_data to merge tl - data records. - (kadm5_rename_principal): Use kadm5_{copy,free}_principal. - (kadm5_chpass_principal_3): Use krb5_db_free_principal instead of - krb5_dbe_free_contents. - (kadm5_setv4key_principal): Use krb5_db_alloc, not malloc, for key - data to be returned. Use an automatic variable for the key data, - before copying out to the object so allocated. - (kadm5_setkey_principal_3): Likewise. - (decrypt_key_data): On error, clear and free any key storage that - might've been returned from previous calls - krb5_dbekd_decrypt_key_data. - -2004-12-20 Tom Yu <tlyu@mit.edu> - - * svr_principal.c (add_to_history): Rewrite somewhat, using - temporary variables to make things somewhat more readable. Fix - buffer overflow case where the next pointer points into - unallocated space but resizing wasn't done, i.e., when someone - decreases the policy history count to the exact "right" number. - Fix some memory leaks. To avoid losing entries, shift some - entries forward after growing the array. - -2004-08-21 Tom Yu <tlyu@mit.edu> - - * libkadm5srv.exports: Update for previous renaming. - -2004-08-20 Alexandra Ellwood <lxs@mit.edu> - - * server_acl.[ch]: renamed acl_* functions to kadm5int_acl_* - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (clean-mac): Target deleted. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBBASE): Renamed from LIB. - -2004-04-22 Ken Raeburn <raeburn@mit.edu> - - * libkadm5srv.exports: New file. - -2003-09-02 Alexandra Ellwood <lxs@mit.edu> - - * svr_principal.c: Added Apple password server support. - -2003-06-13 Tom Yu <tlyu@mit.edu> - - * server_kdb.c (kdb_init_hist): Force history principal's key to - be of the same enctype as the master key, as searches for it later - on explicitly specify the enctype. - -2003-04-01 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove $(SHLIB_DBLIB_DEPS) and related variables. - (SHLIB_EXPDEPS): Remove $(SHLIB_DBLIB_DEPS). - (SHLIB_EXPLIBS): Change $(DB_LIB) to $(KDB5_DB_LIB). - -2003-01-12 Ezra Peisach <epeisach@bu.edu> - - * svr_iters.c (kadm5_get_either): For POSIX_REGEXPS - (i.e. regcomp), call regfree() to cleanup memory. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for lib_frag and libobj_frag. - -2003-01-05 Sam Hartman <hartmans@mit.edu> - - * server_dict.c: Remove declaration of errno - - * adb_policy.c: Remove declaration of errno - -2002-12-16 Ezra Peisach <epeisach@bu.edu> - - * Makefile.in: Change to allow compilation with-system-db and - shared libraries. - -2002-11-07 Tom Yu <tlyu@mit.edu> - - * svr_principal.c (kadm5_setkey_principal_3): Apply patch from - Emily Ratliff to allow n_ks_tuple to be zero, which is the case if - being called from kadmind answering a client's setkey_principal - request. - -2002-10-15 Ezra Peisach <epeisach@bu.edu> - - * server_init.c (kadm5_lock, kadm5_unlock): Return KADM5_OK - instead of falling off end of function. - -2002-10-08 Tom Yu <tlyu@mit.edu> - - * adb_openclose.c (osa_adb_init_db): Reset opencnt. - (osa_adb_open_and_lock): Don't open multiple times; merely - increment opencnt if already open. - (osa_adb_close_and_unlock): Decrement opencnt instead of - unconditionaly closing. - - * server_init.c (kadm5_lock, kadm5_unlock): New functions to - support persistent exclusive locks across multiple API calls. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-07-17 Ken Raeburn <raeburn@mit.edu> - - * svr_iters.c (struct iter_data): Replace DynObject "matches" with - pointer, allocation size, current count, and error flag. - (get_either_iter): Grow array if needed, noting failures. - (kadm5_get_either): Set up the array before calling the iterator - and use their values after. - * Makefile.in (SHLIB_EXPDEPS, SHLIB_EXPLIBS): Drop libdyn - references. - -2002-03-06 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBMAJOR): Bump to avoid Heimdal conflict. - -2002-03-02 Sam Hartman <hartmans@mit.edu> - - * server_acl.c (acl_find_entry): Patch from sxw@sxw.org.uk: - patch to correct handling of ACL targets. Previous patch from - Matt Crawford seems to only work for * targets where it ignores - the restrictions. This patch seems to work for all the semantics - described in MATt's original message, at least as far as I tested. - -2001-10-22 Tom Yu <tlyu@mit.edu> - - * svr_principal.c (kadm5_decrypt_key): For now, coerce enctype of - output keyblock in case we got a match on a similar enctype. - -2001-10-16 Mitchell Berger <mitchb@mit.edu> - Matt Crawford <crawdad@fnal.gov> - - * svr_principal.c (add_to_history): If the policy a principal uses has - been changed to hold a lesser number of history entries than it did - before, extract the correct number and value of old keys from the - history array into a newly allocated array of the proper size. Failing - to do this made kadmind vulnerable to a crash upon changing such a - principal's password. Original patch written by Matt Crawford, with - a few changes. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * server_acl.h: Make prototypes unconditional. - -2001-07-31 Ezra Peisach <epeisach@mit.edu> - - * svr_principal.c (check_pw_reuse): Change argument for - n_pw_hist_data to unsigned to be consistant with calling convention. - -2001-07-25 Ezra Peisach <epeisach@mit.edu> - - * adb_xdr.c (xdr_krb5_key_data): Use xdr_krb5_ui_2 instead of - xdr_krb5_int16 for key_data_length field. - -2001-07-06 Ezra Peisach <epeisach@mit.edu> - - * svr_iters.c: Declare kadm5_get_either static - -2001-06-20 Mitchell Berger <mitchb@mit.edu> - - * server_dict.c: Silly typo fixed. - -2001-06-18 Ezra Peisach <epeisach@mit.edu> - - * server_misc.c (passwd_check): cast argument to - islower()/isupper(), isdigit(), ispunct() to int. - - * server_acl.c (acl_parse_line): Cast argument to - isupper()/isspace() to int. - -2001-06-08 Ezra Peisach <epeisach@mit.edu> - - * svr_principal.c (check_pw_reuse): Cleanup assignment in conditional. - -2001-06-04 Ezra Peisach <epeisach@mit.edu> - - * svr_principal.c: Cleanup assignments in conditionals. - -Sun Feb 18 17:40:23 2001 Ezra Peisach <epeisach@mit.edu> - - * adb_openclose.c, adb_policy.c, server_acl.c, server_dict.c, - server_init.c, server_kdb.c, server_misc.c, svr_iters.c, - svr_principal.c: Cleanup assignments in conditionals, variables - sadowing one another, unused variables and declared some functions - as static. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * svr_chpass_util.c (kadm5_chpass_principal_util): Change msg_len - to unsigned int. - -Tue Oct 10 03:09:27 2000 Ezra Peisach <epeisach@mit.edu> - - * server_dict.c (init_dict): Change syslog() to krb5_klog_syslog() - so that errors go to the intended place as indicated by krb5.conf. - -2000-06-30 Tom Yu <tlyu@mit.edu> - - * adb_openclose.c (osa_adb_create_db): Default to btree. - (osa_adb_init_db): Set up btinfo as well. - (osa_adb_open_and_lock): Try btree, then hash. - - * Makefile.in (SHLIB_EXPDEPS): Add libdb. - (SHLIB_EXPLIBS): Add -ldb. - -2000-06-23 Nalin Dahyabhai <nalin@redhat.com> - - * adb_openclose.c (osa_adb_create_db): Open lock files using O_EXCL - and fdopen() the descriptor instead of using fopen(). - * svr_chpass_util.c (kadm5_chpass_principal_util): Adjust for new - length parameter in both kadm5_chpass_principal_util() and in - _kadm5_chpass_principal_util(). - -2000-05-31 Wilfredo Sanchez <tritan@mit.edu> - - * adb_free.c, adb_xdr.c, server_dict.c: Check for existance - of<memory.h>. - [from Nathan Neulinger <nneul@umr.edu>] - -2000-03-16 Ken Raeburn <raeburn@mit.edu> - Matt Crawford <crawdad@fnal.gov> - - * server_acl.c: Include kadm5/admin.h. - (struct _acl_entry): Add new fields for restrictions. - (struct _wildstate): New type. - (acl_parse_line): Input is const. Parse and save restrictions. - Allow backslash at end of line to indicate continuation. - (acl_parse_restrictions, acl_impose_restrictions): New functions. - (acl_free_entries): Free up restriction data if any. - (acl_load_acl_file): Don't use tmpbuf for catch-all entry. - (acl_match_data): Add new arguments for wildcard state. - (acl_find_entry): Support wildcard component matching. - Reorganized checks for bad ACL entries. - (acl_check): Add restrictions parameter. - * server_acl.h (struct _restriction): New type. - (acl_check): Update prototype. - (acl_impose_restrictions): Declare. - -2000-02-26 Tom Yu <tlyu@mit.edu> - - * svr_principal.c (kadm5_create_principal_3): Remove keepold - argument. - - * Makefile.in (LIBMAJOR): Bump major number due to call signature - changes. - -2000-02-25 Ken Raeburn <raeburn@mit.edu> - - * server_acl.c (acl_get_line): Patch from Matt Crawford to permit - line continuation by ending a line with a backslash. - -2000-02-13 Tom Yu <tlyu@mit.edu> - - * svr_principal.c (kadm5_setkey_principal_3): New function. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-09-08 Ken Raeburn <raeburn@mit.edu> - - * adb_openclose.c (osa_adb_fini_db): Don't fclose the lock file if - the lock is permanent, because it's already been done. - -Mon Dec 7 15:19:11 1998 Ezra Peisach <epeisach@mit.edu> - - * svr_principal.c (kadm5_randkey_principal_3): Fix typo in - arguments to krb5_dbe_crk(). - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Fri Dec 4 23:10:32 1998 Tom Yu <tlyu@mit.edu> - - * svr_principal.c (kadm5_create_principal): Modify to call - create_principal_3. - (kadm5_create_principal_3): New function including flag to keep - old keys and optional explicit keysalt_tuples. - (kadm5_chpass_principal): Modify to call chpass_principal_3. - (kadm5_chpass_principal_3): New function including flag to keep - old keys and optional explicit keysalt_tuples. - (kadm5_randkey_principal): Modify to call randkey_principal_3. - (kadm5_randkey_principal_3): New function including flag to keep - old keys and optional explicit keysalt_tuples. - -Tue Nov 17 18:20:48 1998 Tom Yu <tlyu@mit.edu> - - * svr_principal.c (kadm5_create_principal): - (kadm5_chpass_principal): - (kadm5_randkey_principal): Fix up for new calling conventions of - dbe_crk and dbe_cpw. - -1998-10-27 Marc Horowitz <marc@mit.edu> - - * server_kdb.c, svr_principal.c: convert to new crypto api - -Sun Jul 26 18:09:55 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * Makefile.in (LIBMAJOR): bump libmajor - -Wed Apr 15 18:06:14 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): - (SHLIB_EXPLIBS): Rename libcrypto -> libk5crypto. - -Fri Feb 27 22:33:05 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Changed thisconfigdir to point at the lib/kadm5 - directory, since we've moved all of the configure.in - tests to the toplevel lib/kadm5 configure.in. - Instead of adding @LIBS@ to the list of libraries which - should be linked as shared library dependencies, add - @GEN_LIB@ and @AIX_DB_LIB@ which will get expanded if - necessary. - -Wed Feb 18 16:15:22 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 21:30:58 1998 Tom Yu <tlyu@mit.edu> - - * adb_xdr.c: Update header locations. - - * Makefile.in (LIBMAJOR): Bump major version to reflect change in - rpc library. - -Wed Jan 28 16:32:36 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in, Makefile.in: Remove the CopySrcHeader macro - from configure.in and substitute equivalent - functionality in Makefile.in - -Mon Oct 13 10:59:22 1997 Ezra Peisach <epeisach@mit.edu> - - * server_init.c (kadm5_destroy): Call kadm5_free_config_params. - - * server_acl.c: Include <ctype.h> for tolower(). - (acl_load_acl_file): Close acl file, even when acl_catchall_entry is - not set. - -Wed Aug 6 20:22:23 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Add flags to conditionally compile with Hesiod. - - * server_misc.c: Add support for checking GECOS field of Hesiod - passwd entry. - -Fri Jul 25 15:37:08 1997 Tom Yu <tlyu@mit.edu> - - * server_init.c: Change a few calls to align with the new kdb - API. - - * Makefile.in: Bump version. - -Tue Jul 1 02:32:49 1997 Tom Yu <tlyu@mit.edu> - - * server_acl.h: Fix ACL_ALL_MASK to include ACL_SETKEY. - - * svr_principal.c: Fix setv4key_principal. - -Sun Jun 29 14:52:51 1997 Tom Yu <tlyu@mit.edu> - - * svr_principal.c: Add new function kadm5_setv4key_principal. - -Mon Mar 31 17:40:24 1997 Barry Jaspan <bjaspan@mit.edu> - - * server_acl.c, server_acl.h, svr_pricipal.c: add support for - setkey_principal - -Sun Mar 9 13:40:33 1997 Tom Yu <tlyu@mit.edu> - - * svr_principal.c (add_to_history): Don't call realloc() on a NULL - pointer, lest non-ANSI compliant systems like SunOS fail. - -Sat Feb 22 01:34:08 1997 Sam Hartman <hartmans@tertius.mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): s/.so/$(SHLIBEXT) - -Wed Jan 15 20:59:11 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Tue Dec 3 15:14:29 1996 Barry Jaspan <bjaspan@mit.edu> - - * server_acl.c (acl_load_acl_file): log errors via - krb5_klog_syslog, not fprintf and com_err [krb5-admin/238]; don't - coredump when an acl line is too long; handle catchall_entry == - NULL - -Fri Nov 22 11:11:34 1996 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (SHLIB_LIBS): Do not link shared against -ldb [224] - -Tue Nov 26 03:04:04 1996 Sam Hartman <hartmans@mit.edu> - - * server_acl.c (acl_load_acl_file): Fix coredump by allowing - catchall_entry to be null, but do not reference it if it is. - Thanks to marc. [242] - -Mon Nov 25 17:53:20 1996 Barry Jaspan <bjaspan@mit.edu> - - * server_acl.c: set acl_catchall_entry to "" instead of NULL, - since it is presumed to contain something, but we don't want any - default entry [krb5-admin/237] - -Wed Nov 13 19:20:36 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in (clean-unix): Remove shared/*. - -Mon Nov 11 17:01:00 1996 Barry Jaspan <bjaspan@mit.edu> - - * svr_principal.c (kadm5_modify_principal): fix memory leak - handling tl_data - -Thu Nov 7 16:42:38 1996 Barry Jaspan <bjaspan@mit.edu> - - * svr_iters.c (glob_to_regexp): a principal glob with no @ - defaults to @*, not @LOCAL.REAM [krb5-admin/161] - -Wed Nov 6 10:45:12 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * server_init.c (kadm5_init): Use a more fined grained error - code, KADM5_MISSING_CONF_PARAMS instead of - KRB5_CONFIG_BADFORMAT - -Wed Nov 6 16:22:05 1996 Barry Jaspan <bjaspan@mit.edu> - - * svr_principal.c (kadm5_modify_principal): don't free the - caller's tl_data (oops) - -Fri Nov 1 13:18:40 1996 Barry Jaspan <bjaspan@mit.edu> - - * svr_principal.c (kadm5_modify_principal): update for new tl_data - semantics [krb5-admin/140] - -Mon Oct 21 16:28:52 1996 Barry Jaspan <bjaspan@mit.edu> - - * svr_principal.c (kadm5_modify_principal): fix modify_principal's - handling of KADM5_TL_DATA [krb5-admin/20] - -Fri Oct 18 14:24:12 1996 Barry Jaspan <bjaspan@mit.edu> - - * svr_misc_free.c, server_dict.c, adb_policy.c, adb_free.c: - include stdlib.h instead of malloc.h [krb5-admin/35] - - * adb_openclose.c (osa_adb_rename_db): create the destination - database if necessary before renaming [krb5-admin/58] - -Thu Oct 17 16:22:07 1996 Barry Jaspan <bjaspan@mit.edu> - - * svr_principal.c: update for new pw_expiration semantics - [krb5-admin/87] - -Tue Oct 8 13:33:48 1996 Barry Jaspan <bjaspan@mit.edu> - - * adb_policy.c (osa_adb_rename_policy_db): rename - osa_adb_rename_policy to *_db - - * adb_openclose.c, adb_policy.c: implement database renaming; - also, only create a db lockfile after the database has been - successfully created [krb5-admin/62] - -Fri Oct 4 08:40:21 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * svr_principal.c (kadm5_get_principal): Do not assume malloc(0) - returns non-NULL. [krb5-admin/29] - -Fri Aug 2 14:07:31 1996 Barry Jaspan <bjaspan@DUN-DUN-NOODLES> - - * svr_principal.c: remove krb5_free_keyblock_contents (moved to - libkrb5.a) - -Fri Jul 26 17:48:14 1996 Sam Hartman <hartmans@mit.edu> - - * svr_principal.c (krb5_copy_key_data_contents): If - key_data_length[i] == 0, don't complain if malloc(0) returns 0; - this is allowed by ANSI. - -Thu Jul 25 18:42:47 1996 Sam Hartman <hartmans@mit.edu> - - * configure.in (LIBS): Link against -ldb under AIX for shared - library construction; we should eventually make libdb a shared - library. - -Wed Jul 24 18:21:28 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * Makefile.in, configure.in: break out server lib into a - subdirectory - diff --git a/src/lib/kadm5/unit-test/ChangeLog b/src/lib/kadm5/unit-test/ChangeLog deleted file mode 100644 index 3bd0482ee..000000000 --- a/src/lib/kadm5/unit-test/ChangeLog +++ /dev/null @@ -1,450 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-11 Ken Raeburn <raeburn@mit.edu> - - * lock-test.c: Don't look for kdb.h in krb5/. - -2005-11-17 Ken Raeburn <raeburn@mit.edu> - - * setkey-test.c: Include k5-int.h instead of krb5.h. - -2005-10-13 Ken Raeburn <raeburn@mit.edu> - - * lock-test.c (main): Don't call error table initialization - routines; kadm5_init* routines will do that. - -2005-10-04 Ken Raeburn <raeburn@mit.edu> - - * api.1/lock.exp: Temporarily disabled tests. See RT ticket - 3201. - - * api.2/init-v2.exp: Temporarily disabled test103. See RT ticket - 3202. - -2005-07-08 Ken Raeburn <raeburn@mit.edu> - - * api.1/lock.exp (lock_test_continue): After exiting the loop, - send the process a signal before waiting for it to die. - -2005-06-20 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (KDB_DEP_LIB): Use DL_LIB and THREAD_LINKOPTS - instead of explicitly using -ldl and -lpthread. - - Novell merge. - * Makefile.in (randkey-test, server-handle-test, lock-test, - server-iter-test, server-setkey-test): Link in pthread and dl - libraries. - * destroy-test.c (main): Pass NULL db_args argument to - ovsec_kadm_init. - * handle-test.c (main): Likewise. - * init-test.c (main): Likewise. - * iter-test.c (main): Likewise. - * randkey-test.c (main): Likewise. - * setkey-test.c (main): Likewise. - * lock-test.c: Include krb5/kdb.h, not kadm5/adb.h. - (main): Don't call initialize_adb_error_table. Call krb5_db_open, - not osa_adb_open_policy, krb5_db_ lock functions instead of - osa_adb_ ones, etc. - -2005-02-10 Tom Yu <tlyu@mit.edu> - - * api.2/init-v2.exp: Handle improved error codes from - client_init.c. - (test152): Expect KRB5_FCC_NOFILE. - (test153): Expect KRB5_CC_NOTFOUND. - -2004-08-20 Tom Yu <tlyu@mit.edu> - - * Makefile.in (init-test): Don't use local copy of client_init.o - - * init-test.c (main): Use kadm5_init() instead of - ovsec_kadm_init(). Make error messages a little more - informative. Use KADM5_CONFIG_NO_AUTH to test no-auth condition, - as the previous method was really gross. - -2004-02-13 Tom Yu <tlyu@mit.edu> - - * config/unix.exp (PRIOCNTL_HACK): Use "==" instead of "eq", which - is not present in tcl-8.3. - -2004-02-12 Tom Yu <tlyu@mit.edu> - - * config/unix.exp (PRIOCNTL_HACK): Wrap "spawn" to do priocntl - things to work around Solaris 9 pty-close bug. - - * Makefile.in (unit-test-client-body, unit-test-server-body): Add - PRIOCNTL_HACK. - -2003-10-16 Tom Yu <tlyu@mit.edu> - - * api.1/lock.exp: Work around a race condition in the Solaris 9 - pty implementation: output sent to a pty slave immediately before - last close/exit can get lost on the way to the master. This is - Sun bug #4927647. The workaround consists of changing the tests - to always make lock-test wait to read a character prior to - exiting, so any output prior to the "wait" directive will not get - lost. - -2003-06-02 Ken Raeburn <raeburn@mit.edu> - - * api.2/init-v2.exp (test117): Update lifetime expected for new - defaults. - -2003-05-21 Tom Yu <tlyu@mit.edu> - - * api.0/init.exp (test6, test7): Be slightly more lenient about - matching password prompt. - - * api.2/init.exp (test6, test7): Be slightly more lenient about - matching password prompt. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * Makefile.ov: Deleted. - -2002-12-18 Ken Raeburn <raeburn@mit.edu> - - * api.2/init-v2.exp (test150, test151, test153): Don't try to set - KRB5CCNAME; only the fact that it wasn't being done correctly - prevented it from causing test failures. - - * lib/lib.t (kinit): If kinit reports a problem initializing the - credentials cache, raise an error. - -2002-10-18 Tom Yu <tlyu@mit.edu> - - * api.2/init-v2.exp (test106): Make regexp more forgiving of - variant password prompts. - - * api.0/init.exp (test7, test22, test225): Make regexp more - forgiving of variant password prompts. - -2002-09-15 Tom Yu <tlyu@mit.edu> - - * api.0/chpass-principal.exp: - * api.0/crte-policy.exp: - * api.0/crte-principal.exp: - * api.0/destroy.exp: - * api.0/dlte-policy.exp: - * api.0/dlte-principal.exp: - * api.0/get-policy.exp: - * api.0/get-principal.exp: - * api.0/init.exp: - * api.0/mod-policy.exp: - * api.0/mod-principal.exp: - * api.0/randkey-principal.exp: - * api.0/rename-principal.exp: - * api.1/lock.exp: - * api.2/chpass-principal-v2.exp: - * api.2/chpass-principal.exp: - * api.2/crte-policy.exp: - * api.2/crte-principal.exp: - * api.2/destroy.exp: - * api.2/dlte-policy.exp: - * api.2/dlte-principal.exp: - * api.2/get-policy.exp: - * api.2/get-principal-v2.exp: - * api.2/get-principal.exp: - * api.2/init-v2.exp: - * api.2/init.exp: - * api.2/mod-policy.exp: - * api.2/mod-principal-v2.exp: - * api.2/mod-principal.exp: - * api.2/randkey-principal-v2.exp: - * api.2/randkey-principal.exp: - * lib/lib.t: s/error/perror. - - * config/unix.exp: Work around tcl 8.4's (incorrect?) output EOL - translation. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-08 Ken Raeburn <raeburn@mit.edu> - - * api.2/init-v2.exp (test100): Expect MISSING_KRB5_CONF_PARAMS - error now. - -2001-11-27 Ezra Peisach <epeisach@mit.edu> - - * api.2/init-v2.exp: For test 101 failure, change port number 1 - - which is used by tcpmux under Irix, to 4 - which is unassigned by - IANA. - -2001-06-20 Mitchell Berger <mitchb@mit.edu> - - * api.0/init.exp: Silly typo fixed. - - * api.2/init.exp: Same silly typo fixed. - -2000-10-12 Ezra Peisach <epeisach@mit.edu> - - * lock-test.c (main): Cleanup assignments in conditionals. If - USE_KADM5_API_VERSION is 1, set to 2. This program uses the V2 api - (kadm5_get_config_params). - - * setkey-test.c: Declare main() as int. Enclose initialization of - elements of arrays in '{', '}'. Use krb5_enctype type instead of - unsigned int. Break out assignments in conditionals. - - * destroy-test.c, handle-test.c, init-test.c, iter-test.c, - randkey-test.c: Declare main() as int. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * iter-test.c (main): Code was using ovsec_kadm_ret_t in place of - an int for referencing array. - -2000-05-09 Ken Raeburn <raeburn@mit.edu> - - * api.2/chpass-principal-v2.exp (test200): Expect an additional - key to be reported, since des3 has been added to the list. - * api.2/get-principal-v2.exp (test101_102): Likewise. - * api.2/randkey-principal-v2.exp (test100): Likewise. - -2000-02-08 Tom Yu <tlyu@mit.edu> - - * api.1/lock.exp: Since a "wait" directive to the command list of - the lock_test procedures does not wait for any synchronization, - change lock9 to acquire and release a lock before the "wait" - directive in order to avoid a race condition where lock9 spawns - the ./lock-test but the program has not opened the database prior - to lock9_1 acquiring a permanent lock. This was causing - difficult-to-reproduce failures. - -2000-02-07 Tom Yu <tlyu@mit.edu> - - * lib/lib.t: Call kinit and kdestroy with -5 flag to accomodate - new behavior. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-09-21 Ken Raeburn <raeburn@mit.edu> - - * api.2/init-v2.exp (test109): Wait for prompt between commands. - -1999-09-01 Ken Raeburn <raeburn@mit.edu> - - * api.2/init-v2.exp (RESOLVE): New variable. - (get_hostname): New proc, taken from tests/dejagnu. - (test101): Use get_hostname, set a variable in the target process - to hold the result, and use that variable in the other commands - passed, instead of "localhost". - - * Makefile.in (unit-test-client-body): Pass $(RUNTESTFLAGS) to - runtest, so the user can run subsets of the test suite. - (unit-test-server-body): Likewise. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Fri Feb 27 22:32:54 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Changed thisconfigdir to point at the lib/kadm5 - directory, since we've moved all of the configure.in - tests to the toplevel lib/kadm5 configure.in - -Wed Feb 18 16:15:53 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Wed Nov 19 10:55:20 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (clean): Remove server-setkey-test - client-setkey-test setkey-test.o - -Fri Jul 25 15:38:35 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove test-randkey since it was breaking the - server-side tests; api.2/getprinc-v2.exp wants *two* keys, while - randkey results in only one. - -Mon May 5 17:11:44 1997 Barry Jaspan <bjaspan@mit.edu> - - * setkey-test.c, configure.in: add rules to test for correct - random()-equivlant function - -Mon Mar 31 17:39:52 1997 Barry Jaspan <bjaspan@mit.edu> - - * Makefile.in, setkey-test.c: add support for setkey - -Wed Mar 12 15:49:46 1997 Barry Jaspan <bjaspan@mit.edu> - - * Makefile.in (unit-test-server-body): depend on test-randkey, not - randkey-test, so the test gets run - -Wed Feb 5 23:10:56 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new program build procedure. - -Mon Dec 9 15:57:55 1996 Barry Jaspan <bjaspan@mit.edu> - - * api.0/init.exp, api.2/init.exp: use spawn/expect instead of exec - so tests don't fail when kadmin.local produces output - -Wed Nov 20 15:59:34 1996 Barry Jaspan <bjaspan@mit.edu> - - * Makefile.in (check-): warn more loudly about unrun tests - -Mon Nov 11 20:51:27 1996 Tom Yu <tlyu@mit.edu> - - * configure.in: Add AC_CANONICAL_HOST to deal with new pre.in. - -Thu Nov 7 20:54:24 1996 Tom Yu <tlyu@mit.edu> - - * configure.in: Remove spurious WITH_CCOPTS and KRB_INCLUDE. - -Thu Nov 7 13:02:28 1996 Barry Jaspan <bjaspan@mit.edu> - - * api.2/init-v2.exp: update tests for new init error codes and - get_config_params behavior when KDC_PROFILE does not exist - - * api.2/mod-principal-v2.exp: provide finer-grained test numbers - in case of failure - -Wed Nov 6 17:48:49 1996 Barry Jaspan <bjaspan@mit.edu> - - * lib/lib.t: global $test everywhere it is used - - * api.2/mod-principal-v2.exp: init to kadmin/admin, not - kadmin/changepw; specify real principal, not null (obviously I - never ran these tests via the client library before) - -Fri Nov 1 13:15:37 1996 Barry Jaspan <bjaspan@mit.edu> - - * api.2/get-principal-v2.exp, api.2/mod-principal-v2.exp: update - for new tl_data semantics [krb5-admin/140] - -Thu Oct 31 08:42:18 1996 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (check): Only run tests is Perl, tcl, runtest. - - * configure.in: Check for Perl before running tests. - -Fri Oct 25 16:43:52 1996 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (init-test): Add -UUSE_KADM5_API_VERSION before the - -D of same. - -Wed Oct 23 13:32:40 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * api.2/get-principal-v2.exp: Fix for test 100 where {} is not - equivalent to "{}" for empty tl_data field. - -Mon Oct 21 16:27:28 1996 Barry Jaspan <bjaspan@mit.edu> - - * api.2/mod-principal-v2.exp: create this file, implement tests - 100-104 [krb5-admin/20] - -Fri Oct 18 13:21:08 1996 Barry Jaspan <bjaspan@mit.edu> - - * api.2/init-v2.exp: add test 117, for default max_life - [krb5-admin/18] - -Thu Oct 17 16:14:11 1996 Barry Jaspan <bjaspan@mit.edu> - - * config/unix.exp, lib/lib.t: begin in process of making these - unit tests less horribly inefficient - - * api.[02]/crte-principal.exp, api.[02].mod-principal: update unit - tests for new pw_expiration semantics [krb5-admin/87] - - * Makefile.in: ditch the capi and sapi hack, just the api for - everything, and rename the log files after the tests complete so - they are both kept around for viewing [krb5-admin/82] - -Mon Oct 14 07:04:27 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in: Only try to run tests if both runtest and the tcl - libraries present. - - * configure.in: Check for runtest and Tcl. - -Fri Oct 4 08:31:50 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * sizes-test.c: Removed program. - - * Makefile.in: Remove sizes-test. - -Tue Oct 1 14:45:37 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * api.2/init-v2.exp: Remove tests 104 & 105 as lockfile and - policy database names are hard wired. [krb5-admin/46] - -Thu Sep 26 17:44:10 1996 Barry Jaspan <bjaspan@mit.edu> - - * api.0/init.exp, api.1/lock.exp, api.2/init.exp: use $K5ROOT - instead of /krb5 - -Wed Sep 25 17:45:44 1996 Barry Jaspan <bjaspan@mit.edu> - - * api.1/lock.exp: lockfile is now kdb5.kadm5.lock - -Mon Sep 23 16:31:24 1996 Barry Jaspan <bjaspan@mit.edu> - - * changes to use runtest --srcdir: - - Makefile.in: rewrote [csapi].* links to work in srcdir (boo, - hiss) - - move lib.t to lib/lib.t - - api.*/*.exp: s/source lib.t/load_lib lib.t/ - -Fri Sep 20 16:51:26 1996 Barry Jaspan <bjaspan@mit.edu> - - * created Makefile.in and configure.in - -Wed Sep 11 17:03:22 1996 Barry Jaspan <bjaspan@mit.edu> - - * api.2/init-v2.exp: make test100 only run on client - -Tue Aug 20 13:46:54 1996 Barry Jaspan <bjaspan@mit.edu> - - * Makefile.ov (unit-test-server-body): remove kdb5_edit - - * api.0/init.exp, api.2/init.exp, config/unix.exp, Makefile.ov: - use kadmin.local instead of kdb5_edit - -Fri Aug 16 17:16:46 1996 Barry Jaspan <bjaspan@mit.edu> - - * Makefile.ov: update for new lib/kadm5 layout - - * api.1/lock.exp: jik's fix for lock test 13 - -Thu Jul 18 20:18:30 1996 Marc Horowitz <marc@mit.edu> - - * api.2/init-v2.exp (test150, test151): -s flag is now -S - -Mon Jul 8 17:00:26 1996 Barry Jaspan <bjaspan@mit.edu> - - * api.2/init-v2.exp: admin databases must now be created before - use (not created implicitly) - - * api.1/lock.exp: lock-test 13 should be a warning, not a failure. - - * api.0/rename-principal.exp: fix rename test to create principal - with correct salt first, and check explicitly for NO_RENAME_SALT - when appropriate - - * lib.t: add create_principal_with_keysalts - - diff --git a/src/lib/kdb/ChangeLog b/src/lib/kdb/ChangeLog deleted file mode 100644 index 0c94f2e2f..000000000 --- a/src/lib/kdb/ChangeLog +++ /dev/null @@ -1,1194 +0,0 @@ -2006-04-10 Ken Raeburn <raeburn@mit.edu> - - * kdb5.c (kdb_unlock_lib_lock, kdb_destroy_lib_lock): Cast 0 to - void to silence compiler warning. - -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-31 Ken Raeburn <raeburn@mit.edu> - - * err_handle.c: Include autoconf.h. - -2006-03-07 Ken Raeburn <raeburn@mit.edu> - - * kdb5.c: Don't include pthread.h. - -2006-01-27 Sam Hartman <hartmans@mit.edu> - - * kdb5.c (kdb_load_library): New error codes for library load errors - (kdb_get_conf_section): Note that caller must free result - -2006-01-25 Ken Raeburn <raeburn@mit.edu> - - * kdb5.h (struct _db_library): Delete all lock-related fields. - (struct _kdb_vftabl): Delete is_thread_safe field. - * kdb5.c (kdb_init_lib_lock, kdb_destroy_lib_lock, - kdb_lock_lib_lock, kdb_unlock_lib_lock): Make no-ops always. - - * kdb5.c (db_lock, kdb_lock_list, kdb_unlock_list): Use the - k5_mutex interfaces. - (kdb_init_lock_list, kdb_fini_lock_list): New functions; - initialize and destroy the mutex. Mark as init/fini functions. - * Makefile.in (LIBINITFUNC, LIBFINIFUNC): New variables. - -2005-12-02 Ken Raeburn <raeburn@mit.edu> - - * kdb5.c (kdb_load_library): Make dbpath_names static, to keep - Solaris native compiler happier. - -2005-10-11 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SHLIB_EXPLIBS): Include support library. Don't - include system db library (if in use). - - * libkdb5.exports: Delete __kdb2_*, kdb2_*, and a bunch of other - symbols that no longer exist in this library. - -2005-10-09 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't pull in libdb on AIX any more. - -2005-10-04 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DBDIR, DBOBJLISTS, DBOBJLISTS-sys, DBOBJLISTS-k5): - Variables deleted. - (STOBJLISTS): Don't include DBOBJLISTS. - - * kdb5.c (kdb_get_conf_section): If the default realm is null, - return null. - (krb5_db_open): Don't pass null pointer to sprintf if - default_realm is null. - -2005-09-22 Ken Raeburn <raeburn@mit.edu> - - * kdb_db2: Directory moved to modules/kdb/db2. - * configure.in: Don't configure it. - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use K5_AC_INIT instead of AC_INIT. - -2005-08-16 Ken Raeburn <raeburn@mit.edu> - - * kdb5.c (kdb_load_library): Look up db_modules>db_module_dir in - config file, and use any indicated directories before the - compiled-in directories. - -2005-07-06 Ken Raeburn <raeburn@mit.edu> - - * kdb5.c (kdb_get_library_name, kdb_load_library): Change default - name to "db2". - (kdb_get_library_name): On error reading from the config file, - don't just use the default. - (kdb_load_library): Don't add "lib" prefix on module name. - -2005-07-01 Ken Raeburn <raeburn@mit.edu> - - * err_handle.c (krb5_err_key): Variable deleted. - (init_err_handling, krb5_set_err, krb5_get_err_string, - krb5_clr_error): Use k5_ macros for thread-specific data instead - of pthread versions. - -2005-06-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_kdb, check, clean): Delete t_kdb references. - -2005-06-21 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SHLIB_EXPLIBS): Add $(DL_LIB). - - * err_handle.c, kdb5.c: Test ENABLE_THREADS, not just - HAVE_PTHREAD_H. - -2005-06-20 Ken Raeburn <raeburn@mit.edu> - - Novell merge. - * Makefile.in (CFLAGS): Define KDB5_USE_LIB_KDB_DB2. - (LOCALINCLUDES): Add local directory. - (adb_err.c, adb_err.h, adb_err.$(OBJEXT)): New targets. - (SRCS, STLIBOBJS): Add adb_err, err_handle, kdb_default, kdb5; - delete kdb_db2, kdb_xdr, verify_mky, fetch_mkey, setup_mkey, - store_mkey. - * adb_err.et: Moved here from lib/kadm5. - * configure.in: Check for pthread.h. Configure new kdb_db2 - subdirectory. - * decrypt_key.c (krb5_dbekd_decrypt_key_data): Change definition - to prototype-style. - * encrypt_key.c: Likewise. - * err_handle.c, err_handle.h: New file. - * kdb5.c, kdb5.h: New file. - * fetch_mkey.c, setup_mkey.c, store_mkey.c, verify_mky.c: - Deleted. - * kdb_compat.h: Moved to kdb_db2 subdirectory. - * kdb_cpw.c: Don't include krb5/adm.h. - (cleanup_key_data): Use krb5_db_free. - (add_key_rnd): Use krb5_db_alloc for key storage. - (krb5_dbe_crk): Use krb5_db_free for key storage. - (add_key_pwd): - * kdb_db2.c, kdb_db2.h: Moved to kdb_db2 subdirectory. - * kdb_default.c: - * kdb_xdr.c: - * keytab.c: - * libkrb5.exports: - * t_kdb.c: - * t_krb5.conf: - -2005-06-09 Ken Raeburn <raeburn@mit.edu> - - * kdb_dbm.c: Unused file deleted. - -2004-07-09 Ken Raeburn <raeburn@mit.edu> - - * kdb_db2.c (krb5_db2_db_get_principal): Rename local variable - "try" to "trynum" because some systems (*cough*Tru64*cough*) turn - on some exception handling support when thread support is - enabled. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBBASE): Renamed from LIB. - -2004-05-25 Ezra Peisach <epeisach@mit.edu> - - * keytab.c (krb5_ktkdb_get_entry): Change local variable rom int - to krb5_boolean to match prototype for as argument to - krb5_c_enctype_compare. - -2004-04-22 Ken Raeburn <raeburn@mit.edu> - - * libkdb5.exports: New file. - -2004-04-02 Ken Raeburn <raeburn@mit.edu> - - * t_kdb.c (add_principal): Delete unused argument 'rseed'. - (do_testing): Update callers. - - * keytab.c (krb5_ktkdb_get_entry): Don't use local variable - "context" until after it's been set. - -2003-12-13 Ken Raeburn <raeburn@mit.edu> - - * keytab.c (krb5_ktkdb_get_name): New function. - (krb5_kt_kdb_ops): Add pointer to it. - -2003-05-22 Ezra Peisach <epeisach@mit.edu> - - * keytab.c (is_xrealm_tgt): Use strncmp instead of strcmp - as - principal and realm name do not need to be null terminated. - -2003-04-01 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove $(SHLIB_DBLIB_DEPS) and related variables. - (SHLIB_EXPDEPS): Remove $(SHLIB_DBLIB_DEPS). - (SHLIB_EXPLIBS): Change $(DB_LIB) to $(KDB5_DB_LIB). - (DBOBJLISTS, STOBJLISTS): Pull in object lists of in-tree libdb so - we don't need to install libdb. Don't do this if building with - system libdb, though, since we need to explicitly link against the - system libdb in that case. - -2003-03-18 Tom Yu <tlyu@mit.edu> - - * keytab.c (krb5_ktkdb_get_entry): Do not perform the enctype - comparison if the requested enctype is a wildcard. - -2003-03-16 Sam Hartman <hartmans@mit.edu> - - * keytab.c (krb5_ktkdb_get_entry): Match only against the first - enctype for non-cross-realm tickets so we will only accept - tickets that the current configuration would have issued. For - cross-realm tickets be liberal and match against the specified - enctype. - -2003-03-05 Tom Yu <tlyu@mit.edu> - - * kdb_xdr.c (krb5_dbe_search_enctype): Check for ktype > 0 rather - than ktype >= 0; file keytab uses ktype 0 to indicate "first - match", as does acquire_cred. The kdc uses -1, though. - - * Makefile.in (LIBMAJOR): Bump major version due to change in - krb5_ktkdb_resolve's signature. - - * keytab.c (krb5_ktkdb_resolve): Add NAME parameter, which is - ignored, so that kdb keytab can be registered. - (krb5_ktkdb_set_context): New function; allows caller to set a - different context for use with ktkdb_get_entry(). This is - primarily useful for kadmind, where the gssapi library context, - which will be used for the keytab, will necessarily have a - different context than that used by the kadm5 library to access - the database for its own purposes. - -2003-02-08 Tom Yu <tlyu@mit.edu> - - * keytab.c (krb5_ktkdb_get_entry): Fix comment; not going to - redesign key storage architecture for 1.3. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't explicitly invoke AC_PROG_ARCHIVE, - AC_PROG_ARCHIVE_ADD, AC_PROG_RANLIB, AC_PROG_INSTALL. - - * Makefile.in: Add AC_SUBST_FILE marker for lib_frag and libobj_frag. - -2002-12-23 Ezra Peisach <epeisach@bu.edu> - - * setup_mkey.c (krb5_db_setup_mkey_name): Use size_t instead of - int for lengths. - -2002-12-18 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (check): Remove test_db before running tests. - -2002-12-16 Ezra Peisach <epeisach@bu.edu> - - * Makefile.in: Change to allow compilation with-system-db and - shared libraries. - -2002-09-13 Ken Raeburn <raeburn@mit.edu> - - * kdb_db2.c (krb5_db2_db_iterate_ext): Don't call bt_rseq if - HAVE_BT_RSEQ is undefined; instead, just return an error. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-23 Tom Yu <tlyu@mit.edu> - - * kdb_db2.h: Add prototype and rename for - krb5_db2_db_iterate_ext(). - - * kdb_db2.c (krb5_db2_db_iterate_ext): New function; allow - optional backwards or recursive (if btree) traversal of the - database. - - * Makefile.in (LIBMINOR): Bump due to addition of - krb5_db_iterate_ext(). - -2002-08-15 Tom Yu <tlyu@mit.edu> - - * keytab.c (krb5_ktkdb_get_entry): For consistency, check for - DISALLOW_ALL_TIX and DISALLOW_SVR when looking up keys. - -2002-08-09 Sam Hartman <hartmans@mit.edu> - - * kdb_xdr.c (krb5_dbe_search_enctype): Initialize ret to 0; thanks - to Lubos Kejzlar <kejzlar@civ.zcu.cz> - -2002-03-06 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBMINOR): Bump due to some behavior changes - regarding enctype similarity. (Importing Tom's change from 1.2.x - branch.) - -2002-02-22 Ken Raeburn <raeburn@mit.edu> - - * kdb_xdr.c (krb5_dbe_lookup_mod_princ_data): Use const instead of - krb5_const. - -2001-11-19 Ezra Peisach <epeisach@mit.edu> - - * t_kdb.c (do_testing): Invoke krb5_free_principal and - krb5_free_keyblock_contents on master key to prevent minor memory - leak. - -2001-10-30 Ezra Peisach <epeisach@mit.edu> - - * kdb_cpw.c (cleanup_key_data): Do not free NULL pointer. - -2001-10-26 Ezra Peisach <epeisach@mit.edu> - - * kdb_xdr.c (krb5_encode_princ_contents): Use krb5_ui_2 instead of - krb5_int16 for key_data_length. - -2001-10-22 Tom Yu <tlyu@mit.edu> - - * kdb_xdr.c (krb5_dbe_search_enctype): Filter out enctypes that - aren't in permitted_enctypes. This prevents the KDC from issuing - a ticket whose enctype that it won't accept. - -2001-10-20 Tom Yu <tlyu@mit.edu> - - * keytab.c (krb5_ktkdb_get_entry): For now, coerce enctype of - output keyblock in case we got a match on a similar enctype. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * kdb_db2.c, kdb_db2.h, kdb_dbm.c, keytab.c, t_kdb.c: Make - prototypes unconditional. - -2001-07-26 Ezra Peisach <epeisach@mit.edu> - - * kdb_xdr.c (krb5_dbe_update_mod_princ_data, - krb5_encode_princ_contents): Delcare local variable unsigned. - - * kdb_cpw.c (add_key_pwd): Declare local variable unsigned based - on use. - -2001-04-25 Ezra Peisach <epeisach@mit.edu> - - * kdb_dbm.c (destroy_file_suffix): Declare as static. - -2001-03-10 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * kdb_xdr.c: Change the variable index to idx to prevent function - name shadowing. - -2000-11-01 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Use AC_CHECK_HEADERS instead of AC_HAVE_HEADERS. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * fetch_mkey.c: Signed/unsigned int cleanup. - - * kdb_cpw.c (add_key_pwd): Change salt data length of -1 to - SALT_TYPE_AFS_LENGTH. - -2000-09-20 Ezra Peisach <epeisach@mit.edu> - - * kdb_xdr.c (krb5_dbe_free_contents): Clean up signedness warning. - - * fetch_mkey.c (krb5_db_fetch_mkey): Clean up signedness warnings. - - * kdb_db2.c (destroy_file_suffix): Declare function as - static. Rewrite code to use off_t and unsigned ints to handle gcc - warnings. (kdb5_context_internalize) Unmarshal boolean type properly. - - * store_mkey.c (krb5_db_store_mkey): Use mode_t instead of int in - call to umask. - - * configure.in: Add AC_TYPE_MODE_T and AC_TYPE_OFF_T for mode_t - and off_t declarations. - -2000-07-04 Ezra Peisach <epeisach@mit.edu> - - * encrypt_key.c, kdb_cpw.c, kdb_xdr.c: Add parenthesis about - assignment in conditional and remove unused variables. - -2000-06-30 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): Add libdb, since we can build this - shared now. - (SHLIB_EXPLIBS): Add -ldb. - -2000-05-11 Nalin Dahyabhai <nalin@redhat.com> - - * t_kdb.c (gen_principal): Don't overflow "pnamebuf" if bad data was - passed in. - -2000-05-03 Nalin Dahyabhai <nalin@redhat.com> - - * setup_mkey.c (krb5_db_setup_mkey_name): Use REALM_SEP_STRING - when computing size of buffer that is to include it. - - * fetch_mkey.c (krb5_db_fetch_mkey): Make sure "defkeyfile" is - null terminated after construction. - * store_mkey.c (krb5_db_store_mkey): Likewise. - -2000-04-27 Ken Raeburn <raeburn@mit.edu> - Ezra Peisach <epeisach@mit.edu> - - * t_kdb.c (gen_principal): Force argument to isalnum to be in - range 0..255. - (do_testing): Cast pid_t to long before passing to fprintf, and - use %ld format. Fix argument lists to find_principal and - delete_principal. - -2000-03-16 Ezra Peisach <epeisach@mit.edu> - - * kdb_xdr.c (krb5_dbe_lookup_mod_princ_data): Get rid of - unused variable. - -2000-03-12 Ezra Peisach <epeisach@mit.edu> - - * kdb_xdr.c (krb5_dbe_lookup_mod_princ_data): In casting argument - to krb5_parse_name, use krb5_const not const. - -2000-02-21 Bear Giles <bgiles@coyotesong.com> - - * fetch_mkey.c (krb5_db_fetch_mkey): Don't attempt to override - type of key read from stash file. - -2000-02-18 Tom Yu <tlyu@mit.edu> - - * kdb_cpw.c (krb5_dbe_crk): - (krb5_dbe_cpw): Fix to actually save old keys. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-08-30 Ken Raeburn <raeburn@mit.edu> - - * t_kdb.c (add_principal): Free only contents of a generated key, - since the keyblock structure itself is on the stack. - -1999-08-17 Ken Raeburn <raeburn@mit.edu> - - * t_kdb.c (add_principal): Update for new calling sequence to - krb5_dbekd_encrypt_key_data. - (do_testing): Update calls. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Tue Nov 17 18:19:41 1998 Tom Yu <tlyu@mit.edu> - - * kdb_cpw.c (krb5_dbe_crk): - (krb5_dbe_cpw): Add "keepold" boolean argument to indicate whether - to retain old keys. - -1998-10-27 Marc Horowitz <marc@mit.edu> - - * kdb_xdr.c, kdb_cpw.c: remove the special knowledge of ENCTYPE - string-to-key equivalances. the crypto api has a function for - this now. - - * decrypt_key.c, encrypt_key.c, fetch_mkey.c, kdb_cpw.c, - kdb_db2.c, kdb_db2.h, kdb_dbm.c, keytab.c, verify_mky.c: change or - remove all the places krb5_encrypt_block was used - (this is mostly relevant to kdb manipulations). It was usually - used to specify an enctype (which is now implied by the keyblock), - or to store or pass in a processed key (now the api just takes a - key directly, so these structures and functions do, too). The kdb - key manuipulation functions also need to be made to use the new - api. - -Fri Sep 25 19:42:10 1998 Tom Yu <tlyu@mit.edu> - - * kdb_xdr.c (krb5_dbe_search_enctype): Re-order booleans so that - similar doesn't get checked unless (ktype >= 0) to avoid it being - stack garbage. - -Sun Aug 16 16:52:10 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * Makefile.in (SHLIB_EXPLIBS): Include $(LIBS) so building on AIX works - -Sun Jul 26 18:12:22 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * Makefile.in (LIBMAJOR): bump libmajor - -1998-05-06 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * t_kdb.c (main): POSIX states that getopt returns -1 - when it is done parsing options, not EOF. - -Wed Apr 15 18:06:34 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): - (SHLIB_EXPLIBS): Rename libcrypto -> libk5crypto. - -Fri Feb 27 21:21:03 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in: Remove check for the regular expression functions, - since they aren't used in lib/kdb. - -Wed Feb 18 16:16:35 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Tue Oct 28 10:18:10 1997 Ezra Peisach <epeisach@mit.edu> - - * kdb_cpw.c (add_key_pwd): For KRB5_KDB_SALTTYPE_AFS3, the salt - key for afs_mit_string_to_key mut be null terminated. - -Mon Oct 13 10:18:19 1997 Ezra Peisach <epeisach@mit.edu> - - * t_kdb.c (do_testing): Add krb5_free_context. - -Mon Sep 15 15:05:30 1997 Ezra Peisach <epeisach@mit.edu> - - * keytab.c: (krb5_ktkdb_get_entry): Incoming principal is const. - - * kdb_dbm.c (krb5_dbm_db_get_principal, krb5_dbm_db_delete_principal): - Incoming principal is const. - - * kdb_xdr.c (krb5_dbe_update_mod_princ_data, krb5_encode_princ_dbkey): - Incoming principal is const. - - * kdb_db2.h (krb5_db2_db_get_principal): Change prototype to const - principal. - - * kdb_db2.c (krb5_db2_db_get_principal, krb5_db2_db_delete_principal): - The search for principal is const. - -Thu Jul 31 14:54:10 1997 Ezra Peisach <epeisach@mit.edu> - - * kdb_db2.c (krb5_db2_db_delete_principal): Fix switch statement - so that all cases have one statement. - -Tue Jul 29 02:35:09 1997 Tom Yu <tlyu@mit.edu> - - * kdb_db2.c (krb5_db2_db_set_hashfirst): Don't cast a - krb5_context * to a krb5_db2_context *. - -Fri Jul 25 15:29:03 1997 Tom Yu <tlyu@mit.edu> - - * kdb_db2.c: Fix typo; also, tweak page size in attempt to speed - things up. - - * kdb_db2.h: Fix typo. - - * t_kdb.c: Reflect changes in the API, mostly db_create. - - * Makefile.in: Bump version due to major reworking. - - * kdb_db2.h: - * kdb_db2.c: Add Berkely DB backend. - - * keytab.c: Add support for new kdb API; delete dead arguments. - - * kdb_xdr.c: Remove dependencies on dbm; encode things to - krb5_datas rather than datums. - -Mon Mar 24 12:19:03 1997 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * t_kdb.c (do_testing): Clean up error handling for krb5_init_context. - - * Makefile.in (check): Define and use KRB5_CONFIG_SETUP which sets - up the environment variables appropriately. - -Sun Mar 16 21:20:00 1997 Tom Yu <tlyu@mit.edu> - - * keytab.c: Don't assume dbm_db_get_mkey() and dbe_find_enctype - won't error out. Also, some gcc -Wall warning - cleanups. [krb5-kdc/361] - -Sat Feb 22 01:15:30 1997 Sam Hartman <hartmans@tertius.mit.edu> - - * Makefile.in (SHLIB_EXPLIBS): depend on -lcrypto - -Thu Feb 6 15:33:34 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new program build procedure. - -Wed Jan 8 01:59:15 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in, configure.in: Convert to new build procedure for libs. - -Mon Nov 18 20:40:12 1996 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Set shared library version to 1.0. [krb5-libs/201] - -Tue Nov 12 23:41:55 1996 Mark Eichin <eichin@cygnus.com> - - * kdb_dbm.c: Ditch DB_OPENCLOSE conditionals, and fix the real - problem. Like the policy db, the main db is now opened on first - lock and closed on last unlock. - Set db_dbm_ctx to NULL after closing it, to help detect dangling - references. - (krb5_dbm_db_put_principal, krb5_dbm_db_delete_principal): - KDBM_STORE can fail (in case of database corruption, for example) - *without* causing errno to be set. If errno is zero, use - KRB5_KDB_DB_CORRUPT instead. (If it is non-zero, it may still be - wrong, but at least something gets reported. This will be properly - fixed by ditching KDBM_* altogether, and using the non-lossy db - interfaces, so it's a good enough fix for now.) - (krb5_dbm_db_rename): grab errno from rename *before* - calling krb5_dbm_db_end_update, to avoid "not a typewriter" - syndrome. - (krb5_dbm_db_unlock): only close on zero refcount. - -Mon Nov 11 20:21:02 1996 Mark Eichin <eichin@cygnus.com> - - * kdb_cpw.c (add_key_pwd): set length to -1 so krb5_string_to_key - handles the AFS3 salttype, but then replace it with the actual - length for later processing. - -Mon Nov 11 17:03:16 1996 Barry Jaspan <bjaspan@mit.edu> - - * kdb_cpw.c (cleanup_key_data): fix memory leak [krb5-kdc/163] - (add_key_pwd): fix memory leak [krb5-kdc/164] - -Sat Nov 9 15:57:50 1996 Ezra Peisach <epeisach@mit.edu> - - * t_krb5.conf: Dummy krb5.conf file from the krb5 library. - - * Makefile.in (check): Set KRB5_CONFIG to a valid krb5.conf file. - - * t_kdb.c (do_testing): Check return value from krb5_init_context. - -Thu Oct 31 11:10:56 1996 Ezra Peisach <epeisach@trane.rose.brandeis.edu> - - * Makefile.in (t_kdb): Link with $(TOPLIBD)/libdb.a - -Wed Sep 4 19:29:57 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in (t_kdb): Fix up dependencies of t_kdb so it will - build on non-shared architectures; also ensure that libs - get linked after the objects. - -Fri Aug 23 16:34:45 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in (t_kdb): Fix Makefile so that t_kdb is linked - correctly with the appropriate libraries. - -Thu Aug 22 16:22:01 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * kdb_dbm.c: Remove vestigal code which was using BERK_DB_DBM - define. Still need to remove kludgey database "switch" - code and recode to use the db interface. - - * t_kdb.c: Update t_kdb to use the new libkdb interface. - -Mon Aug 12 14:11:29 1996 Barry Jaspan <bjaspan@mit.edu> - - * kdb_dbm.c (krb5_dbm_db_rename): rename should not insist that - the target database not already exist - -Fri Aug 9 15:21:34 1996 Ezra Peisach <epeisach@dumpster.rose.brandeis.edu> - - * Makefile.in (shared): Convert shared:: to shared: so will not - always be called upon. - -Thu Aug 8 20:26:47 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in (shared): Always mkdir shared; test -d shared || - mkdir shared breaks under Ultrix sh (grrr...). - -Thu Aug 8 18:29:15 1996 Sam Hartman <hartmans@mit.edu> - - * keytab.c (krb5_ktkdb_get_entry): Return KRB5_KT_NOTFOUND if the - principal doesn't exist instead of dereferencing a null pointer. - -Fri Aug 2 14:08:03 1996 Sam Hartman <hartmans@mit.edu> - - * configure.in(LIBS): AIX wants to link against -ldb when building - the shared lib. - -Mon Jul 29 23:07:14 1996 Samuel D Hartman (hartmans@vorlon) - - * kdb_dbm.c: Don't bother referencing dbm_pagfno, because we don't - actually use it; same for dbm_dirfno. - -Tue Jul 23 11:09:08 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in: libkdb5.so needs to be built with - libcrypto and libkrb5. - - * configure.in: Pass version numbers of teh crypto and krb5 shared - libraries. - -Fri Jul 12 15:32:26 1996 Marc Horowitz <marc@mit.edu> - - * kdb_cpw.c (add_key_pwd): initialize retval = 0, in case the - function is called with ks_tuple_count == 0. - -Wed Jul 10 16:22:14 1996 Marc Horowitz <marc@mit.edu> - - * configure.in (USE_KDB5_LIBRARY): removed. the library does not - need itself to build, and in fact fails to do so if I try. - * Makefile.in (clean-unix): remove the shared/ subdir - -Tue Jul 9 17:55:30 1996 Marc Horowitz <marc@mit.edu> - - * configure.in, Makefile.in: added rules and macros to do shared - library creation - -Mon Jul 8 17:06:00 1996 Barry Jaspan <bjaspan@mit.edu> - - * kdb_dbm.c: Create DB_OPENCLOSE, which opens and closes the - databases for each lock. This is slower than the previous method, - but unlike the previous method it works. - -Tue Jun 11 19:27:22 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * keytab.c (krb5_ktkdb_close): Free memory allocated by - krb5_ktkdb_resolve. - -Mon May 20 18:02:07 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * kdb_dbm.c (krb5_dbm_db_create): Remove vestigal ODBM support. - -Sat May 18 15:07:09 1996 Ezra Peisach (epeisach@paris) - - * kdb_dbm.c: Do not provide prototypes for dbm_error or - dbm_clearerr if they are really macros. - -Sun May 12 01:03:07 1996 Marc Horowitz <marc@mit.edu> - - * kdb_xdr.c: reworked all of the krb5_dbe_* tl_data functions. - This was necessary so that the admin system could store it's own - tl_data, without needing code here. This has the side-effect of - eliminating some structures which added no value, therefore - changing about a half-dozen files elsewhere in the tree. - - * kdb_cpw.c (add_key_rnd): handle kvno incrementing in the caller, - not here. - (krb5_dbe_crk): increment the kvno here, not in add_key_rnd - (krb5_dbe_ark): increment the kvno here, not in add_key_rnd - (add_key_pwd): handle kvno incrementing in the caller, not here. - (krb5_dbe_cpw): take an arg to specify the new kvno. if it's - <= the old kvno, just increment. Otherwise, pass it to add_key_pwd. - This is why all the code in this revision was changed. - (krb5_dbe_apw): increment the kvno here, not in add_key_pwd - -Tue May 7 19:48:57 1996 Ezra Peisach <epeisach@dumpster.rose.brandeis.edu> - - * t_kdb.c (do_testing): Compile if using BERK_DB and dbm is not - available on system. - -Thu Mar 21 20:38:38 1996 Richard Basch <basch@lehman.com> - - * decrypt_key.c (krb5_dbekd_decrypt_key_data): bullet-proofing the - code -- if the data contents are NULL, do not coredump. - -Mon Mar 18 21:46:39 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Add KRB5_RUN_FLAGS - - * Makefile.in: Use the run flags. - -Sun Mar 17 20:55:41 1996 Ezra Peisach <epeisach@dumpster.rose.brandeis.edu> - - * configure.in: Change WITH_KDB_DB to USE_KDB5_LIBRARIES and add - KRB5_LIBRARIES. - - * Makefile.in: Use libraries as specified by configure. Set - LD_LIBRARY_PATH for tests. - -Sun Mar 3 10:41:04 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Change WITH_DB to WITH_KDB_DB - -Fri Feb 23 19:39:52 1996 Mark Eichin <eichin@cygnus.com> - - * keytab.c (krb5_ktkdb_close): new function, non-optional. - (krb5_kt_kdb_ops): include _close method, comment what the other - slots are. - -Tue Feb 13 21:33:03 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * kdb_dbm.c (krb5_dbm_db_rename): Initialize pointer before use - for case where new db does not exist. - -Tue Jan 30 18:26:38 1996 Mark Eichin <eichin@cygnus.com> - - * kdb_dbm.c (krb5_dbm_db_rename): O_EXCL is meaningless without - O_CREAT. - -Sat Jan 27 01:01:17 1996 Mark Eichin <eichin@cygnus.com> - - * t_kdb.c: wrap db_dbm decls and berkely_dispatch in ifdefs - BERK_DB_DBM. - (do_testing): wrap references as well. - - * keytab.c (krb5_ktkdb_get_entry): use KRB5_PROTOTYPE. - -Wed Dec 13 09:28:33 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * keytab.c (krb5_ktkdb_resolve): Fix casting - - * t_kdb.c (add_principal): Remove mkvno - -Wed Dec 13 07:09:30 1995 Chris Provenzano (proven@mit.edu) - - * Makefile.in, keytab.c : Move db keytab routines here. - -Wed Dec 13 03:51:53 1995 Chris Provenzano (proven@mit.edu) - - * kdb_xdr.c : Remove mkvno for krb5_db_entry - -Tue Dec 12 01:20:02 1995 Chris Provenzano (proven@mit.edu) - - * kdb_dbm.c : Move the krb5_db_context to include/krb5/kdb_dbc.h. - * kdb_dbm.c krb5_dbm_db_set_mkey(), krb5_dbm_db_get_mkey(): - Functions for associating a master key (krb5_encrypt_block *) - to a krb5_db_context. Currently it associates it to the - krb5_context and will be fixed once the krb5_db_context - is better defined (Post 1.0). - -Thu Nov 09 17:05:57 1995 Chris Provenzano (proven@mit.edu) - - * fetch_mkey.c, kdb_cpw.c, t_kdb.c : - Remove krb5_enctype from krb5_string_to_key() args. - -Tue Nov 7 16:35:03 1995 Theodore Y. Ts'o <tytso@dcl> - - * kdb_xdr.c (krb5_dbe_search_enctype): Make a more general version - of kdb5_dbe_find_enctype() which allows you to search the - keylist looking for multiple keys that fit your criteria. - Eventually we should convert all programs to use - kdb5_dbe_search_enctype() instead of kdb5_dbe_find_enctype(). - -Fri Nov 03 04:49:58 1995 Chris Provenzano (proven@mit.edu) - - * decrypt_key.c (krb5_dbekd_decrypt_key_data()) : If key salt length - is 0 then set keysalt->data.data to NULL. - * kdb_cpw.c (add_key_rnd(), add_key_pwd()) : When creating new keys - for a new kvno and there are multiple enctypes that use a - common keytype, then set the enctype in the key to the first - specified enctype and skip all other enctypes that use - the same keytype. (This assumes the salt type is the same too.) - This way when the kdc needs to get the server key it doesn't - need to gues what enctypes the server supports. - * kdb_xdr.c (krb5_dbe_find_enctype()): Match keys that use common - keytypes but different enctypes. Eg. ENCTYPE_DES_CBC_MD5 - matches ENCTYPE_DES_CBC_CRC and vice versa. - * kdb_xdr.c krb5_dbe_find_enctype()): If kvno = 0 then determine - maxkvno for all the keys and then search keys for a key that - matches enctype salttype and has kvno == maxkvno. This - is different than when kvno = -1 which searches the keys - for THE key with the greatest kvno which also matches enctype - and salttype. - * kdb_kdr.c (krb5_dbe_find_enctype()): If kvno = ktype = stype = -1 - then set kvno = 0. The first doesn't make a lot of sense. - * kdb_xdr.c (krb5_dbe_encode_last_pwd_change(), - krb5_dbe_decode_last_pwd_change()) : Added. - * kdb_xdr.c (krb5_decode_princ_contents()) : Don't try to allocate - space for keys if n_key_data = 0. - -Mon Sep 25 17:31:02 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 13 15:19:17 1995 Theodore Y. Ts'o <tytso@dcl> - - * kdb_xdr.c (krb5_dbe_encode_mod_princ_data): Fix memory leaks. - Fix lint flames. - - * fetch_mkey.c (krb5_db_fetch_mkey): This routine now sets the - master encblock's crypto system using krb5_use_enctype() - from the stored keytype of the master key. - - * decrypt_key.c (krb5_dbekd_decrypt_key_data): Remove the - encryption type; the master_encblock should always be set - correctly. - -Sat Sep 9 14:53:39 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * decrypt_key.c (krb5_dbekd_decrypt_key_data): Set the encryption - type before decrypting. - -Fri Sep 8 19:52:34 1995 Ezra Peisach (epeisach@dcl) - - * decrypt_key.c: Upon error, after freeing contents field, set to - null to indicate to upper levels that it is really empty. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * decrypt_key.c, encrypt_key.c, fetch_mkey.c, kdb_compat.c, - * kdb_cpw.c, kdb_xdr.c, store_mkey.c, t_kdb.c : - s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * decrypt_key.c, fetch_mkey.c, t_kdb.c : Remove krb5_enctype - references, and replace with krb5_keytype where appropriate - -Tue Aug 29 13:34:23 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_dbm.c - Add routines to support serialization of the database - context. Clean up gcc -Wall complaints. - -Thu Aug 24 18:54:51 1995 Theodore Y. Ts'o <tytso@dcl> - - * .Sanitize: Update file list - -Fri Aug 18 17:27:20 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_dbm.c - Bump timestamp to the future if we can't discriminate - between updates within a second. Fix database rename. Reopen - database after put or delete. - * t_kdb.c - Add test code to fork off a few processes to beat on the - database. - - -Thu Aug 17 13:46:29 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_dbm.c - Remove argument from dbm_db_end_update(). It was never - used. Remove gen_dbsuffix() logic from dbm_db_end_update() and - dbm_db_get_age(). This logic was incorrect (end_update) or - unused (get_age). Reorg db_init() to reflect change in - dbm_db_get_age(). - - -Wed Aug 16 03:10:57 1995 Chris Provenzano <proven@mit.edu> - - * decrypt_key.c, encrypt_key.c - Only save the salt data if salt type != 0. - * kdb_dbm.c : - Rewritten to NOT open/close the db for every transaction. - -Tue Aug 15 14:25:42 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_xdr.c - Add krb5_dbe_find_keytype() and clean up gcc -Wall - complaints. - - -Wed Aug 9 17:17:36 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_cpw.c - Add check for uniqueness of key or key/salt combo. Don't - generate a new key_data entry if one already exists. Also, - fill in the key_data list at the end so as not to overwrite - already present data. - - Free krbtgt_keyblock contents in add_key_rnd(). - - Put a "break" at the end of the KRB5_KDB_SALTTYPE_ONLYREALM - in add_key_pwd(). Also pass in key_salt to encrypt_key_data - always. - * kdb_xdr.c - initialize retval to 0 in decode_mod_princ data. This is - questionable whether we should return an error if there's no - mod_princ data. Also, free the allocated mod_princ only if - we allocated it and there's a failure. - - -Wed Aug 9 09:47:08 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_cpw.c(add_key_rnd) - Terminate the variable length argument list - to krb5_build_principal_ext() with a zero. - -Tue Aug 8 21:32:30 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * kdb_cpw.c (add_key_rnd): remove bletcherous aggregate - initializer stuff and use build_principal_ext like we - should have in the first place to build the tgt principal. - -Tue Aug 8 17:35:58 EDT 1995 Paul Park (pjpark@mit.edu) - * encrypt_key.c - When allocating the actual key_data_contents use the - correct length (e.g. containing the two length bytes). - * kdb_xdr.c - Clean the each key_data structure so that unfilled - data becomes zero. - - -Mon Aug 7 17:40:10 EDT 1995 Paul Park (pjpark@mit.edu) - * encrypt_key.c - Handle keysalt specification with null data length. - * decrypt_key.c - Handle salttypes with zero salt length. Also, copy - out stored salt. - - -Mon Aug 7 14:15:59 EDT 1995 Paul Park (pjpark@mit.edu) - * decrypt_key.c - Deserialize key length into a 16 bit integer, then - jam it into the keyblock. - - -Mon Aug 7 13:05:53 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_cpw.c(add_key_rnd) - Manually initialize krbtgt_princ.data to - point to krbtgt_princ_entries since some compilers do not - support dynamic initializers. - - -Mon Aug 07 11:27:37 1995 Chris Provenzano (proven@mit.edu) - - * kdb_cpw.c: New routines for changing passwords of db_entried. - -Fri Aug 4 23:26:22 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * setup_mkey.c (krb5_db_setup_mkey_name), - * fetch_mkey.c (krb5_db_fetch_mkey), - * verify_mky.c (krb5_db_verify_master_key), - * decrypt_key.c (krb5_dbekd_decrypt_key_data), - * encrypt_key.c (krb5_dbekd_encrypt_key_data), - * kdb_xdr.c, kdb_dbm.c, - Add parens to shut up gcc -Wall - -Fri Aug 4 16:22:46 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_xdr,{de,en}crypt_key.c - Use encode/decode macros to [de]serialize - data going in and out of the database. - - -Thu Aug 3 11:52:40 EDT 1995 Paul Park (pjpark@mit.edu) - * encrypt_key.c - Actually copy in the salt data which we allocated - space for in krb5_dbekd_encrypt_key_data(). - * kdb_xdr.c - Correctly generate the tl_data list in krb5_decode_princ_ - contents(). Also allow for key_data_ver to be KRB5_KDB_V1_DATA_ - ARRAY. - - -Mon Jul 31 15:55:46 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_xdr.c - Correctly parenthesize realloc() expression in create_key - _data(). - - -Thu Jul 27 15:28:41 EDT 1995 Paul Park (pjpark@mit.edu) - * kdbint.h - Obsolete. - -Thu Jul 27 02:59:05 1995 Chris Provenzano (proven@mit.edu) - * decrypt_key.c, encrypt_key.c, kdb_dbm.c, kdb_xdr.c: - Rewritten for new kdb format. - * kdb_cpw.c : New password changing routines for new kdb format. - * verify_mky.c, t_kdb.c : Use new kdb format. - -Tue Jul 25 14:06:50 1995 Tom Yu <tlyu@lothlorien.MIT.EDU> - - * kdb_dbm.c, t_kdb.c: Add prototype for dbm_error and dbm_clearerr - in case they're not prototyped in the header files. - - * configure.in: Add test for missing prototypes for dbm_error and - dbm_clearerr. - -Thu Jul 20 23:59:18 1995 Mark Eichin <eichin@cygnus.com> - - * kdb_dbm.c (krb5_dbm_db_create): move dirname, pagname - declarations to the top of function, so it compiles... - -Mon Jul 17 15:17:53 EDT 1995 Paul Park (pjpark@mit.edu) - * fetch_mkey.c - Remove inclusion of kdbint.h and add handling of - stash file argument. - * store_mkey.c - Remove inclusion of kdbint.h. The default name of - the stash file is in osconf.h now. - -Sat Jul 8 22:37:14 1995 Theodore Y. Ts'o (tytso@dcl) - - * kdb_dbm.c (kdb5_kdbm_db_create): Make sure the dbm context is - initialized before we start. - -Fri Jul 7 16:29:22 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Remove LDFLAGS, find com_err in TOPLIBD. - - -Fri Jun 30 14:39:45 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_dbm.c - Add function dispatch table to context and use it to - perform database accesses. Add kdb5_db_set_dbops() to set - a context's function dispatch table. - * Makefile.in - Remove Berkeley database object modules from this - library. They're now in libkrb5 since we use them in - other places. - * t_kdb.c - Add ability to test both DBM and Berkeley database - format. - -Thu Jun 29 06:54:00 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in (--with-dbm): new option, allows easy building of - normal dbm support for compatibility. - * Makefile.in (DBFLAGS): variable to hold substitution of flags to - enable Berkeley db support. - -Thu Jun 22 11:59:28 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_dbm.c - Replace static kdb context with context which is attached - to krb5 context. This allows for multiple open databases - within the same process. - - -Thu Jun 15 18:04:58 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Remove explicit copying of archive library to library - directory. Add dependency on all-$(WHAT) - * configure.in - Create symlink for archive when we build it. - -Wed Jun 14 12:37:51 1995 Sam Hartman <hartmans@tardis.MIT.EDU> - - * configure.in: Check for umask being defined. - - * store_mkey.c (krb5_db_store_mkey): Use HAVE_UMASK instead of - unix as a preprocessor define for setting the umask. AIX doesn't - define unix. - - * t_kdb.c (main): Declare option as int, not char. When char is - unsigned, the comparison to EOF fails and it loops forever. - - -Sun Jun 11 09:26:48 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (clean): Remove t_kdb and t_kdb.o - -Fri Jun 9 19:26:49 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Tue May 30 12:31:26 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in: ranlib the library again after doing $(LIBUPDATE). - Some archivers don't do this. - -Fri May 26 17:52:03 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb_dbm.c - Change usage of dbm package or Berkeley db package - based on setting of BERK_DB_DBM. Also, conditionalize - implicit knowledge of dbm/Berkeley db filename extensions. - * Makefile.in - Set BERK_DB_DBM when compiling. Update from Berkeley - db build directory. - * configure.in - Check for random number generators. - * t_kdb.c - New tester for kdb code. - -Fri Mar 24 21:59:34 1995 Theodore Y. Ts'o <tytso@dcl> - - * store_mkey.c (krb5_db_store_mkey): - * fetch_mkey.c (krb5_db_fetch_mkey): Hardcode the size of the - keytype field in the file format, to be compatible with - what was used in the Beta 4 release (before we changed the - size of a krb5_keytype type). - -Fri Mar 24 15:13:53 1995 <tytso@rsx-11.mit.edu> - - * kdb_dbm.c: Don't cast dbm_close() to void, because dbm_close is - already void. - -Tue Feb 28 00:30:10 1995 John Gilmore (gnu at toad.com) - - * decrypt_key.c, encrypt_key.c, fetch_mkey.c, kdb_dbm.c, - setup_mkey.c, store-mkey.c, verify_mky.c: Avoid <krb5/...> includes. - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Added krb5_context to all krb5_routines - -Thu Nov 17 19:22:16 1994 Mark Eichin (eichin@cygnus.com) - - * kdb_dbm.c (krb5_dbm_db_unlock): Use krb5_lock_file. - (krb5_dbm_db_lock): Same. (Changes from jtkohl@mit.edu.) - -Thu Nov 10 17:20:42 1994 Theodore Y. Ts'o (tytso@dcl) - - * decrypt_key.c (krb5_kdb_decrypt_key): Set the keyblock's magic - number and ecryption type information appropriately. - -Tue Nov 8 18:03:23 1994 Theodore Y. Ts'o (tytso@dcl) - - * fetch_mkey.c (krb5_db_fetch_mkey): Set the keyblock's magic - number and encryption type information appropriately. - -Sat Oct 22 10:13:25 1994 (tytso@rsx-11) - - * kdb_dbm.c: Don't need to define POSIX_FILE_LOCKS; just include - config.h instead. - -Wed Oct 19 12:15:36 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: make install obey $(DESTDIR) completely - -Fri Oct 14 00:57:33 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Add test for unistd.h - - * lock_file.c: Use POSIX_FILE_LOCKS if _POSIX_VERSION is defined - in unistd.h - -Tue Oct 4 15:08:03 1994 Theodore Y. Ts'o (tytso@dcl) - - * kdb_dbm.c (decode_princ_contents): Add backwards compatibility - for version numbers 1.0 and 2.0. - -Mon Oct 3 22:47:49 1994 Theodore Y. Ts'o (tytso@dcl) - - * kdb_dbm.c (decode_princ_contents): Force an incompatible version - number change to the database --- we are now at database - entry version 2.0. Unfortunately, the way we encode the - database is completely broken, and any structure changes - change the encoding format. We will need to redo this - completely at some point, so we don't have to make people - go through this again. - - * Makefile.in: make install obey $(DESTDIR) - -Thu Aug 4 03:41:44 1994 Tom Yu (tlyu@dragons-lair) - - * configure.in: look for install program - - * Makefile.in: make install fixes - -Fri Jul 15 14:54:10 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * kdb_dbm.c (krb5_dbm_db_end_update): Change use of utimes() to - the POSIX utime() function. - - diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog deleted file mode 100644 index a4338f4bd..000000000 --- a/src/lib/krb4/ChangeLog +++ /dev/null @@ -1,2926 +0,0 @@ -2006-04-08 Ken Raeburn <raeburn@mit.edu> - - * kadm_net.c (kadm_cli_send): Use 0, not NULL, when checking - numeric error codes. - - * fakeenv.c: Unused file deleted. - -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-31 Ken Raeburn <raeburn@mit.edu> - - * in_tkt.c: Include autoconf.h. - -2006-03-11 Ken Raeburn <raeburn@mit.edu> - - * send_to_kdc.c, mk_preauth.c, memcache.c, recvauth.c, netread.c, - tkt_string.c, put_svc_key.c, klog.c, netwrite.c, gethostname.c, - log.c, kadm_net.c, kuserok.c, kparse.c, getst.c: Don't look for - autoconf.h in krb5/. - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use K5_AC_INIT instead of AC_INIT. - -2005-05-13 Ken Raeburn <raeburn@mit.edu> - - * err_txt.c: Don't include krb_err.c if DEPEND is defined. - -2004-12-08 Ken Raeburn <raeburn@mit.edu> - - * RealmsConfig-glue.c (krb_get_krbhst): Check if DNS should be - used for getting KDC names before actually using it. - -2004-07-16 Ken Raeburn <raeburn@mit.edu> - - * macsock.c: Deleted. - -2004-07-15 Alexandra Ellwood <lxs@mit.edu> - - * CCache-glue.c (krb_get_cred) - Removed default principal tracking. - -2004-07-14 Ken Raeburn <raeburn@mit.edu> - - * recvauth.c (krb_recvauth): Initialize cp and tmp_buf. Check - length of data read before evaluating the value. - -2004-06-22 Ken Raeburn <raeburn@mit.edu> - - * g_pw_in_tkt.c (passwd_to_key): Don't test macintosh. - * kadm_net.c (SIGNAL): Don't test macintosh. - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (check-mac): Target deleted. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBBASE): Renamed from LIB. - -2004-04-22 Ken Raeburn <raeburn@mit.edu> - - * libkrb4.exports: New file. - -2004-02-26 Jeffrey Altman <jaltman@mit.edu> - - * send_to_kdc.c: modify call to internals.sendto_udp to support - the new declaration which contains an additional output parameter - which will not be used. - -2004-02-24 Sam Hartman <hartmans@avalanche-breakdown.mit.edu> - - * rd_svc_key.c (krb54_get_service_keyblock): Remove ENCTYPE_LOCAL_DES3_HMAC_SHA1 - -2003-12-11 Sam Hartman <hartmans@mit.edu> - - * rd_req.c (krb_rd_req_with_key): Note that the expiration difference between krb5 and krb4 is important - -2003-08-15 Alexandra Ellwood <lxs@mit.edu> - - * mk_auth.c: krb_check_auth clears the return value for the - schedule parameter with a memset. This prevents callers - from using the key schedule, which breaks code. - -2003-08-06 Alexandra Ellwood <lxs@mit.edu> - - * configure.in: Don't assume all darwin boxes are powerpc. - (eg: OpenDarwin/x86). - -2003-07-11 Alexandra Ellwood <lxs@mit.edu> - - * RealmsConfig-glue.c: Check for NULL realm argument and n - not equal to 1. Fill in realm with an empty string on error - in case the caller doesn't check the return value. - -2003-07-11 Alexandra Ellwood <lxs@mit.edu> - - * RealmsConfig-glue.c: Don't fail when krb5.conf is valid - and krb.conf isn't. Also, don't assert v4 realm is in profile - unless that realm is a valid v4 realm. - -2003-07-10 Alexandra Ellwood <lxs@mit.edu> - - * RealmsConfig-glue.c: krb_get_lrealm fix so that if there is no - "v4_realm" tag, krb_get_lrealm doesn't just always return - ATHENA.MIT.EDU even though a different realm is specified in - krb5.conf and there is a [v4 realm] config - -2003-07-07 Alexandra Ellwood <lxs@mit.edu> - - * RealmsConfig-glue.c: krb_prof_get_nth() no longer assumes that - its retlen argument is correct (call strcpy instead of strncpy) - because this argument is a guess for some callers - (eg: krb_get_admhst()) - -2003-06-11 Tom Yu <tlyu@mit.edu> - - * Makefile.in (KRB_ERR_C): New variable; Darwin needs err_txt.o to - have a dependency on krb_err.c so that krb_err.c will be generated - first. - - * configure.in: Set KRB_ERR_C to krb_err.c on Darwin. - -2003-06-09 Ken Raeburn <raeburn@mit.edu> - - * RealmsConfig-glue.c (krb_get_krbhst): Don't fall back to DNS if - entries were found in krb.conf, and just not enough to fill the - request. - -2003-06-06 Ken Raeburn <raeburn@mit.edu> - - * RealmsConfig-glue.c: Include k5-int.h. - (dnscache): New variable. - (DNS_CACHE_TIMEOUT): New macro. - (krb_get_krbhst) [KRB5_DNS_LOOKUP]: If no krb.conf info is found, - try DNS SRV records for "kerberos-iv". Cache results in case - they're immediately requested again. - -2003-06-06 Tom Yu <tlyu@mit.edu> - - * g_cnffile.c (krb__get_srvtabname): Make retname be a static - array rather than a static pointer, to avoid callers' possible - retention of free()d pointers. Yes, this may cause difficulty - with making this function thread-safe. - -2003-06-04 Tom Yu <tlyu@mit.edu> - - * password_to_key.c (mit_passwd_to_key, afs_passwd_to_key): Delete - spurious space from prompt. - -2003-06-03 Ken Raeburn <raeburn@mit.edu> - - * RealmsConfig-glue.c (get_krbhst_default): Deleted. - (krb_get_krbhst): Don't call it. - -2003-06-03 Sam Hartman <hartmans@mit.edu> - - * g_pw_in_tkt.c (passwd_to_key): Fix password prompt - - * password_to_key.c (mit_passwd_to_key): Fix password prompt - (afs_passwd_to_key): Fix password prompt - - * g_in_tkt.c (krb_get_in_tkt_preauth_creds): Keep copy of - ciphertext while trying different keyprocs - -2003-06-02 Tom Yu <tlyu@mit.edu> - - * change_password.c (krb_change_password): Explicitly zero the - session key. Zero the key derived from the new password. - - * mk_req.c (krb_mk_req): Explicitly zero the session key. - (krb_mk_req_creds_prealm): Don't zero the session key, in case the - caller wants to make use of it. - -2003-05-24 Ken Raeburn <raeburn@mit.edu> - - * lifetime.c (krb_life_to_time, krb_time_to_life): Rewrite to use - support functions in the krb5 library via krb5int_accessor. Moved - old implementation into krb5 library. - -2003-05-12 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Add setting of KRB_ERR on Windows. - -2003-05-11 Sam Hartman <hartmans@mit.edu> - - * Makefile.in: Build krb_err.c when appropriate. - - * configure.in: Set KRB_ERR to be the object file generated by - krb_err.c on non-Darwin - - * err_txt.c : Don't include krb_err.c on non-Darwin UNIX. Doing - so may break with some compile_et implementations. Also not - included on Windows. - -2003-05-01 Alexandra Ellwood <lxs@mit.edu> - ÊÊ - * kadm_stream.c: Fixed vts_long() and vts_short() so they return a - pointer to the beginning of the memory they allocate and place - their data at the end of the buffer which was passed in. - -2003-04-14 Alexandra Ellwood <lxs@mit.edu> - - * g_ad_tkt.c: Added support for login library to get_ad_tkt. - Support is copied from Mac Kerberos4 library and conditionalized - for USE_LOGIN_LIBRARY to avoid changing get_ad_tkt's behavior for - non-Kerberos Login Library builds. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * CCache-glue.c: Added prototypes for deprecated functions. - Made internal functions static. Removed unused CoreServices - include. Changed TICKET_GRANTING_TICKET to new macro: - KRB_TICKET_GRANTING_TICKET. - - * change_password.c: Added check of inputs to krb_change_password - so we don't crash on bad inputs. Call des_string_to_key not - mit_password_to_key on all platforms because we don't want to - prompt for a password. - - * FSp-glue.c: Added prototypes for deprecated functions. Changed to - use KfM's FSSpecToPOSIXPath which correctly handles FSSpecs where - the file does not exist. - - * g_in_tkt.c: Added explanatory comments. Made TARGET_OS_MAC sections - a little smaller and easier to read. - - * g_pw_in_tkt.c: Only prompt when we are not using the login library. - This is so that Darwin builds do prompt but KfM builds don't. - - * g_svc_in_tkt.c, g_tkt_svc.c: Changed to use KRB_TICKET_GRANTING_TICKET. - - * kadm_net.c: Use autoconf variable krb5_sigtype instead of sigtype, - which doesn't seem to be defined on Mac OS X. - - * krb4int.h, RealmsConfig-glue.c: Removed krb_get_stk(). - - * rd_req.c: Added #ifdef KRB4_USE_KEYTAB to avoid unused variable warning - when KRB4_USE_KEYTAB is not defined. - - * sendauth.c: Fixed warnings with casts. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * password_to_key.c (mit_passwd_to_key, afs_passwd_to_key): - Comment out pragmas not recognized by gcc or cl. - - * gethostname.c, getst.c, kadm_net.c, klog.c, kparse.c: Include - krb5/autoconf.h. - * kuserok.c, log.c, memcache.c, mk_preauth.c, netread.c: Ditto. - * netwrite.c, put_svc_key.c, recvauth.c, send_to_kdc.c: Ditto. - * tkt_string.c: Ditto. - * Makefile.in: Update dependencies. - (DEFINES): Define KRB4_USE_KEYTAB. - * configure.in: Don't define KRB4_USE_KEYTAB. Don't check for any - headers or functions; include/configure.in already does it. Don't - invoke AC_C_CONST explicitly; CONFIG_RULES does that. - -2003-03-03 Tom Yu <tlyu@mit.edu> - - * g_cnffile.c (krb__get_srvtabname): Keep strdup()ed string in a - static variable and free it called again; this prevents a memory - leak. - -2003-02-28 Ezra Peisach <epeisach@bu.edu> - - * Makefile.in (clean-unix): Remove krb_err_txt.c on clean. Update - dependencies - - * g_pw_in_tkt.c: Include krb4int.h for krb_get_keyprocs() prototype. - -2003-02-25 Ken Raeburn <raeburn@mit.edu> - - * in_tkt.c: Include k5-util.h. - (do_seteuid): Define as krb5_seteuid instead of testing system - characteristics here. - * dest_tkt.c: Likewise. - - * change_password.c (krb_change_password): Use int, not KRB_INT32, - for krb4 error codes. Check for malloc failure allocating - sendStream. - -2003-02-12 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Update dependencies. - (KRB_ERR_TXT): Set by configure to be either empty - (on Darwin) or krb_err_txt.c (on other platforms). This avoids - building krb_err_txt.c on Darwin, as the type of krb_err_txt is a - pointer there, so we don't need another copy of the array. - (DEFINES): Remove. It wasn't doing anything useful and was - cluttering up the compile command line. - - * configure.in: On Darwin, don't use krb_err_txt.c. - - * err_txt.c: On Darwin, actually use the array generated by - compile_et, and assign it to krb_err_txt, which is a pointer, not - an array, on that platform. - -2003-02-11 Tom Yu <tlyu@mit.edu> - - * CCache-glue.c: Delete in_tkt(). - - * change_password.c: Fix incorrect filename in comment. - - * g_in_tkt.c (krb_get_in_tkt_preauth): Call krb_in_tkt() rather - than in_tkt(). - - * CCache-glue.c (krb_in_tkt): Rename from in_tkt(). - (in_tkt): Implement in terms of krb_in_tkt() to match existing - Unix and Windows API. This shouldn't be a problem because it - appears to be considered an internal API on Mac. - -2003-02-10 Tom Yu <tlyu@mit.edu> - - * password_to_key.c (krb5_passwd_to_key): Replace snprintf() call - with explicit length checking. - - * memcache.c (krb4int_save_credentials_addr): Renamed from - krb_save_credentials(). - (krb_save_credentials): Implement in terms of - krb4int_save_credentials_addr(). - - * password_to_key.c (mit_passwd_to_key, krb5_passwd_to_key) - (afs_passwd_to_key): Fix to have KRB5_CALLCONV. - - * krb4int.h (mit_passwd_to_key, krb5_passwd_to_key): - (afs_passwd_to_key): Fix prototypes to have KRB5_CALLCONV. - - * CCache-glue.c (krb4int_save_credentials_addr): Renamed from - krb_save_credentials(). - (krb_save_credentials): Implement in terms of - krb4int_save_credentials_addr(). - - * Makefile.in (SRCS, OBJS): Add password_to_key. - - * g_ad_tkt.c (get_ad_tkt): Call krb4int_send_to_kdc_addr() instead - of send_to_kdc(). Call krb4int_save_credentials_addr() instead of - krb_save_credentials(). These changes deal with Mac-specific - storage of the local address without introducing more - conditionally compiled code. - - * g_in_tkt.c: Fix to minimize Mac-specific code. Basically, pass - around local address in lots of places. There is still a - Mac-specific difference involving krb_get_in_tkt_creds(). - - * krb4int.h: Include port-sockets.h to get some socket stuff for - some prototypes. Update prototype for - krb_get_in_tkt_preauth_creds(). Add prototypes for - krb4int_save_credentials_addr() and krb4int_send_to_kdc_addr(). - - * password_to_key.c (krb_get_keyprocs): Fix typo. - (mit_passwd_to_key, krb5_passwd_to_key): mit_string_to_key -> - des_string_to_key. - - * save_creds.c (krb_save_credentials): Re-implement in terms of - krb4itn_save_credentials_addr(), which is what library internals - will call. - (krb4int_save_credentials_addr): Renamed from - krb_save_credentials. - - * tkt_string.c (krb_set_tkt_string): Fix to take const char *. - -2003-02-10 Alexandra Ellwood <lxs@mit.edu> - Note: these checkins are partial progress for Tom Yu. - They probably don't build; Tom is expecting that. - - * CCache-glue.c: Removed copying of the string_to_key type in - krb_save_credentials. Saving the string_to_key type is unnecessary - and was just for display purposes. Will be removed for KfM 5.0. - Updated to use KRB5_CALLCONV instead of INTERFACE and include the - krb5's krb4 headers instead of the KfM ones. - - * change-password.c: Removed include of CredentialsCache.h and - code that switches between string to key types. This doesn't make - sense for password changing because the krb4 protocol for password - changing implemented here only supports mit's string to key. Bug - was in KfM and got ported forward. Should the code call - mit_password_to_key for all platforms? - - * FSp-glue.c: Removed dependency on MoreFiles and replaced it with - code to use FSRefs now that we are Carbon-only. - - * g_in_tkt.c: Added loop which calls password to key functions - trying each one. This technique was imported from KTH-KRB into - KfM. This code still needs to have the TARGET_OS_MAC code made more - Unix friendly for Darwin builds. The behavior differences (store - the address or not) should be deferred until the very last moment to - avoid excessive #ifdefs. - - * g_pw_in_tkt.c: Added loop which calls password to key functions - trying each one. This technique was imported from KTH-KRB into KfM. - - * krb4int.h: Added password-to-key.c functions so they can be used by - g_in_tkt.c and g_pw_in_tkt.c. - - * password-to-key.c: Removed dependence on the CCAPI so this code can - be used on all platforms to implement looping over the password to - key functions. - - * RealmsConfig-glue.c: Changed to use #ifdef USE_CCAPI like is used - elsewhere in the krb5 sources. This is just for consistency in krb5. - -2003-02-07 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Add rules to generate krb_err_txt.c. - - * err_txt.c: Include two copies of the error table, one generated - by com_err, and one generated by a special-purpose awk script. - - * et_errtxt.awk: New file; used to generate krb_err_txt.c - -2003-02-04 Tom Yu <tlyu@mit.edu> - - * decomp_tkt.c (dcmp_tkt_int): Patch from Booker Bense to use - krb_get_lrealm() instead of copying KRB_REALM into prealm. - -2003-01-28 Ken Raeburn <raeburn@mit.edu> - - * RealmsConfig-glue.c (get_krbhst_default, krb_get_krbhst): - (krb_realmofhost): Use strcpy instead of strncpy. - -2003-01-27 Ken Raeburn <raeburn@mit.edu> - - * RealmsConfig-glue.c (krb_get_admhst): Use strcpy instead of - strncpy, and max length of MAX_HSTNM. - -2003-01-15 Ken Raeburn <raeburn@mit.edu> - - * sendauth.c (krb_net_rd_sendauth): Arg raw_len now points to - KRB4_32; don't cast it to pointer to unsigned long. Change ld.so - warning message check to be byte-order independent. - * krb4int.h (krb_net_rd_sendauth): Decl updated. - -2003-01-15 Tom Yu <tlyu@mit.edu> - - * CCache-glue.c: New file from KfM. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't explicitly invoke AC_PROG_ARCHIVE, - AC_PROG_ARCHIVE_ADD, AC_PROG_RANLIB, AC_PROG_INSTALL. - - * Makefile.in: Add AC_SUBST_FILE marker for lib_frag and libobj_frag. - -2003-01-05 Sam Hartman <hartmans@mit.edu> - - * tf_util.c: Remove declaration of errno - - * dest_tkt.c (dest_tkt): Remove declaration of errno - -2002-12-18 Tom Yu <tlyu@mit.edu> - - * RealmsConfig-glue.c: Fix up KRB5_CALLCONV. - - * win_store.c (krb__get_srvtabname): Add const to parameter. - -2002-12-16 Tom Yu <tlyu@mit.edu> - - * tkt_string.c (krb5_set_tkt_string): Add KRB5_CALLCONV. - - * win_glue.c (krb_set_tkt_string): Add KRB5_CALLCONV. - -2002-12-13 Tom Yu <tlyu@mit.edu> - - * ad_print.c, g_in_tkt.c, g_pw_in_tkt.c, kadm_net.c, klog.c: - * kuserok.c, log.c, memcache.c, netread.c, netwrite.c: - * password_to_key.c, recvauth.c, stime.c, tkt_string.c: - Change _WINDOWS to _WIN32 in many places. Update copyright - notices. Remove _WINDOWS handling completely in a few places - where it's not needed. - -2002-12-12 Tom Yu <tlyu@mit.edu> - - * FSp-glue.c: Extracted and ported from various files from KfM. - Not built on Unix. - - * Makefile.in: Removed srcdir references from various SRCS - variables. Stop building krb_err.o because of gross hack in - err_txt.c. Adjust some dependency generation things. - (REALMDBOBJS): Use RealmsConfig-glue instead of lots of other - files. - (LOCALINCLUDES): Use current directory, so we can pick up - krb_err.c as an include file. - - * RealmsConfig-glue.c: Ported from KfM and cleaned up. Old - REALMDBSRCS inlined here too. - - * g_admhst.c, g_in_tkt.c, g_krbhst.c, g_krbrlm.c, realmofhost.c: - Removed. Functionality is now in RealmsConfig-glue.c. - - * g_in_tkt.c (krb_get_in_tkt_creds): Add KRB5_CALLCONV. - - * dest_tkt.c (dest_tkt): TKT_FILE now assigned to a const char *, - due to change in tkt_string() return type. - - * err_txt.c: Much grossness. Suck in krb_err.c here, so we can - use the static array to initialize the krb_err_txt array. - - * g_in_tkt.c: Call krb4int_send_to_kdc_addr() on MacOS. - - * g_svc_in_tkt.c: Fix up copyright notice; punt gratuitous - definition of NULL. - - * g_tf_fname.c (krb_get_tf_fullname): Takes a const char * for - ticket file name now, due to change in tkt_string() return type. - - * g_tf_realm.c (krb_get_tf_realm): Takes a const char * for ticket - file name now, due to change in tkt_string() return type. - - * in_tkt.c: Include errno.h. - (in_tkt): TKT_FILE now assigned to a const char *, due to change - in tkt_string() return type. - - * krb4int.h: Add prototype for krb_get_in_tkt_preauth_creds(). - Fix _WINDOWS->_WIN32. - - * krb_err.et: Sync somewhat with old contents of err_txt.c. - - * tf_util.c (tf_init): Takes const char *tf_name now. - -2002-12-06 Tom Yu <tlyu@mit.edu> - - * g_ad_tkt.c (get_ad_tkt): Add KRB5_CALLCONV. - - * g_in_tkt.c (krb_get_in_tkt_preauth): Add KRB5_CALLCONV. - (krb_get_in_tkt): Add KRB5_CALLCONV. - - * send_to_kdc.c (krb4int_send_to_kdc_addr): New function; does - what send_to_kdc() used to do but can also return local address. - -2002-12-05 Tom Yu <tlyu@mit.edu> - - * kname_parse.c (kname_unparse): Add new function ported from - KfM, including support functions. - - * decomp_tkt.c (decomp_ticket): Add KRB5_CALLCONV. - -2002-12-04 Tom Yu <tlyu@mit.edu> - - * krb4int.h: Remove now conflicting prototype for - krb_set_lifetime(). - - * Makefile.in: Fix up includes handling somewhat. - -2002-12-02 Tom Yu <tlyu@mit.edu> - - * change_password.c: Remove netdb.h inclusion. - -2002-11-27 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SRCS): Add kadm_err.c. It was missing. - -2002-11-26 Tom Yu <tlyu@mit.edu> - - * Makefile.in (OBJS, SRCS): Add change_password.c, kadm_err.c, - kadm_net.c, kadm_stream.c. Remove one.c. - Also, add com_err support for kadm_err.et. Update dependencies. - - * change_password.c: New file. - - * configure.in: Remove checks for BITS16, BITS32, MSBFIRST, and - LSBFIRST. - - * g_in_tkt.c (krb_mk_in_tkt_preauth): Update to optionally return - local address -- not yet fully implemented. - (krb_parse_in_tkt_creds): Renamed from krb_parse_in_tkt(). Now - fills in a CREDENTIALS instead of storing into a ticket file. - (krb_get_in_tkt_preauth_creds): Renamed from - krb_get_in_tkt_preauth(). Now fills in a CREDENTIALS instead of - storing into a ticket file. - (krb_get_in_tkt_creds): Port from KfM. - (krb_get_in_tkt_preauth): Reimplement in terms of - krb_get_in_tkt_creds_preauth(). - - * g_pw_in_tkt.c (krb_get_pw_in_tkt_creds): Port from KfM. - - * kadm_err.et: - * kadm_net.c: - * kadm_stream.c: New files to implement password changing, ported - from KfM. - - * mk_req.c (krb_mk_req_creds_prealm): New internal function -- - similar to krb_mk_req_creds() but takes the client's realm, since - it's needed for forming a correct request but is not present in a - CREDENTIALS. - (krb_mk_req): Reimplement in terms of krb_mk_req_creds_prealm(). - Move the logic for acquiring credentials and determining client's - realm here. - (krb_mk_req_creds): Port from KfM. - (krb_set_lifetime): Make KRB5_CALLCONV now. - - * one.c: Remove. - - * password_to_key.c: New file, ported from KfM. Will eventually - implement some string-to-key stuff. - - * prot_client.c: Eliminate references to {LSB,MSB}_FIRST. - - * prot_kdc.c: Eliminate references to {LSB,MSB}_FIRST. - - * rd_req.c (krb_rd_req_with_key): New internal function -- can - take a key schedule or a krb5_keyblock and use one of those to - decrypt the ticket. - (krb_rd_req_int): Ported from KfM. Calls into - krb_rd_req_with_key(). - (krb_rd_req): Reimplement in terms of krb_rd_req_with_key(). Copy - some of the realm and kvno reading logic here. - - * tkt_string.c: Returns pointer to const now. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-07 Ken Raeburn <raeburn@mit.edu> - - * cr_tkt.c (krb_cr_tkt_int): Don't take key arguments any more. - (krb_create_ticket, krb_cr_tkt_krb5): Do the encryption here; drop - NOENCRYPTION test. - -2002-07-30 Ken Raeburn <raeburn@mit.edu> - - * log.c: Include stdarg.h. - (krb_log): Use va_ macros and vfprintf instead of a bunch of - pointer arguments. - * krb4int.h (krb_log): Declaration updated. - -2002-07-12 Ken Raeburn <raeburn@mit.edu> - - * ad_print.c, g_phost.c, g_tkt_svc.c, gethostname.c, mac_glue.c, - mac_stubs.c, mac_time.c, mk_auth.c, mk_priv.c, mk_req.c, - mk_safe.c, netread.c, netwrite.c, rd_priv.c, rd_safe.c, - realmofhost.c, recvauth.c, send_to_kdc.c, sendauth.c, stime.c, - win_glue.c: Don't define DEFINE_SOCKADDR. - - * mac_time.c, stime.c: Don't define NEED_TIME_H; instead, include - time.h and sys/time.h when _WINDOWS isn't defined, which is what - krb.h used to do for NEED_TIME_H. - - * ad_print.c, cr_tkt.c, decomp_tkt.c, g_krbhst.c, g_phost.c, - g_tkt_svc.c, mk_priv.c, mk_safe.c, netread.c, netwrite.c, - prot_kdc.c, rd_priv.c, rd_safe.c, realmofhost.c, recvauth.c, - send_to_kdc.c, sendauth.c, tkt_string.c: Include port-sockets.h. - -2002-06-21 Ken Raeburn <raeburn@mit.edu> - - * mk_priv.c (krb4int_address_less): Put braces around v4mapped - address processing to permit local variable declaration. Pass - correct value to IN6_IS_ADDR_V4MAPPED. - -2002-05-29 Ken Raeburn <raeburn@mit.edu> - - * DNR.c: Deleted. - -2002-03-11 Ken Raeburn <raeburn@mit.edu> - - Handle IPv6 sockets that are used to communicate over IPv4, and - permit use of non-IPv4 addresses if address checking is turned - off: - * mk_priv.c (krb4int_address_less): New function. Compares IPv4 - addresses for ordering, but also handles the IPv6 v4-mapped form. - (krb_mk_priv): Use krb4int_address_less. Handle sender/receiver - addresses that are IPv6 v4-mapped like IPv4 addresses, or store - zero for other addresses. - * mk_safe.c (krb_mk_safe): Use krb4int_address_less. Handle - sender/receiver addresses that are IPv6 v4-mapped like IPv4 - addresses, or store zero for other addresses. - * rd_priv.c (krb_rd_priv): Use krb4int_address_less. Deal with - socket addresses that are v4-mapped IPv6 addresses. - * rd_safe.c (krb_rd_safe): Use krb4int_address_less. Deal with - socket addresses that are v4-mapped IPv6 addresses. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * cr_tkt.c, decomp_tkt.c, g_in_tkt.c, tf_util.c: Make prototypes - unconditional. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * dest_tkt.c, err_txt.c, g_admhst.c, g_cred.c, g_krbhst.c, - g_krbrlm.c, g_phost.c, g_pw_in_tkt.c, g_pw_tkt.c, g_svc_in_tkt.c, - g_tf_fname.c, g_tf_realm.c, g_tkt_svc.c, in_tkt.c, kname_parse.c, - kuserok.c, lifetime.c, memcache.c, mk_auth.c, mk_err.c, mk_priv.c, - mk_req.c, mk_safe.c, put_svc_key.c, rd_err.c, rd_priv.c, rd_req.c, - rd_safe.c, rd_svc_key.c, realmofhost.c, recvauth.c, save_creds.c, - send_to_kdc.c, sendauth.c, tf_util.c, unix_time.c, win_glue.c, - win_store.c: Don't use KRB5_DLLIMP. Don't explicitly declare - pointers FAR any more. - -2001-09-28 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LOCALINCLUDES): Renamed from DEFINES. Add - build-tree version of kerberosIV include directory. - -2001-07-08 Ezra Peisach <epeisach@mit.edu> - - * fgetst.c: Include krb4int.h. - - * krb4int.h: Add fgetst prototype. - -2001-06-28 Ezra Peisach <epeisach@mit.edu> - - * krb4int.h: Provide prototype for krb_get_default_user and - krb_set_default_user if _WINDOWS is not defined. There is a - conditional prototype in krb.h for them. - -2001-06-27 Ezra Peisach <epeisach@mit.edu> - - * krb4int.h: Add prototypes for ad_print, krb_svc_init, - krb_svc_init_preauth, krb_get_svc_in_tkt_preauth, kset_logfile, - krb_log, krb_set_logfile, krb_set_lifetime, month_sname, - krb_rd_preauth, krb_net_rd_preauth, krb_net_rd_sendauth, - krb_stime, krb_start_session, krb_end_session, - krb_get_default_user, krb_set_default_user. - - * ad_print.c, g_svc_in_tkt.c, klog.c, log.c, mk_req.c, - month_sname.c, rd_preauth.c, sendauth.c, stime.c, unix_glue.c: - Include krb4int.h for prototypes. - - * decomp_tkt.c: Include krb54proto.h for decomp_tkt_krb5() prototype. - -2001-06-26 Ezra Peisach <epeisach@mit.edu> - - * krb4int.h: Add prototypes for krb__get_realmsfile(), - krb5 prototypes are declarted from krb.hkrb__get_cnffile() and - krb5 prototypes are declarted from krb.hk_gethostname(). - - * g_pw_in_tkt.c: Declare passwd_to_key() static. - - * cr_tkt.c: Move krb5.h inclusion before krb.h so that certain - krb5 prototypes are declarted from krb.h. - - * g_admhost.c, g_cnffile.c, g_krbhst.c, g_krbrlm.c, gethostname.c - krb5 prototypes are declarted from krb.hrealmofhost.c: - Include krb4int.h and remove prototypes included in there. - -2001-06-20 Ezra Peisach <epeisach@mit.edu> - - * kname_parse.c (k_isrealm, k_isname, k_isrealm): Add - KRB5_DLLIMP/KRB5_CALLCONV definitions for function with exported - prototype in krb.h. - - * g_cnffile.c (krb__get_srvtabname, krb__v5_get_file): Declare - argument as const. - - * g_svc_in_tkt.c, put_svc_key.c, rd_req.c, rd_svc_key.c: Get rid - of krb__get_srvtabname() prototype - in krb.h now. - - -2001-06-18 Ezra Peisach <epeisach@mit.edu> - - * kparse.c (strutol): Cast argument to isupper()/tolower() to int. - * realmofhost.c (krb_realmofhost): Likewise. - -2001-06-18 Ezra Peisach <epeisach@mit.edu> - - * g_pw_in_tkt.c: Include krb5.h so that des_read_password() - prototype is present in des.h. Cast argument to des_read_password. - - * getst.c, put_svc_key.c, rd_svc_key.c, save_creds.c, tf_util.c: - Include krb4int.h for prototypes. - - * krb4int.h: New file containing private prototypes for krb4 - functions not used outside the library. Contains getst() and - tf_save_cred(). - -2001-06-11 Ezra Peisach <epeisach@mit.edu> - - * sendauth.c (krb_sendauth): Add KRB5_DLLIMP/KRB5_CALLCONV definitions - for function with exported prototype in krb.h - -2001-06-08 Ezra Peisach <epeisach@mit.edu> - - * cr_tkt.c (krb_create_ticket): Get rid of last argument (k5key) - which was added erroneously and is not how code is used in tree. - -2001-06-08 Ezra Peisach <epeisach@mit.edu> - - * ad_print.c (ad_print): Cast arguments to printf() to longs to - match format string. - -2001-06-01 Ezra Peisach <epeisach@mit.edu> - - * g_krbrlm.c: Remove unused static variable krb_conf. - - * g_svc_in_tkt.c (krb_svc_init, krb_svc_init_preauth): Declare as - returning int. - - * gethostname.c: Include unistd.h for gethostname() prototype. - - * getst.c: Include unistd.h for read() prototype. - - * in_tkt.c (in_tkt): Cast arguments to debugging printf to int - from uid_t to match format statement. - - * kname_parse.c: Declare k_isname() and k_isinst() as returning - int. Cleanup assigments in conditionals. - - * kuserok.c (kuserok): Cleanup assignment in conditional. - - * log.c (krb_set_logfile): Declare function as void. - * klog.c (kset_logfile): Likewise. - - * pkt_clen.c (pkt_clen): Declare as returning int. - * kntoln.c (krb_kntoln): Likewise. - * fgetst.c (fgetst): Likewise. - - * rd_req.c: Declare local variable only if KRB_CRYPT_DEBUG defined. - - * recvauth.c: Include stdlib.h and unistd.h for read() and atoi() - prototypes. - - * send_to_kdc.c: Include unistd.h for close() prototype. - - * sendauth.c (krb_sendauth): Clean up assignment in conditional. - - * tkt_string.c (tkt_string): Likewise - -2001-04-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (EHDRDIR): Install into kerberosIV subdirectory. - - * ad_print.c (ad_print): Pass address of session key to - des_cblock_print_file, not the session key. - - * g_tkt_svc.c (CredIsExpired): Don't use a variable named "time". - -2001-04-13 Danilo Almeida <dalmeida@mit.edu> - - * memcache.h: Don't use macro PROTOTYPE. - -2001-04-10 Ken Raeburn <raeburn@mit.edu> - - * cr_err_repl.c (req_act_vno): Delete commented-out declaration. - - * kparse.c, send_to_kdc.c: Don't use macro PROTOTYPE. - -2001-01-29 Tom Yu <tlyu@mit.edu> - - * lifetime.c: Remove support for "magic" lifetime value of 255. - -2001-01-26 Tom Yu <tlyu@mit.edu> - - * dest_tkt.c: Clean up uid handling. Fix stat checks. - - * in_tkt.c: Clean up uid handling. Fix stat checks. - - * tf_util.c: Clean up uid handling. Fix stat checks. - -2001-01-25 Tom Yu <tlyu@mit.edu> - - * Makefile.in (OBJS, SRCS): Add prot_client.o, prot_client.c. - - * prot_client.c: New file; client-side protocol support. - - * prot_common.c (krb4prot_decode_header): Decode the first two - bytes of a krb4 packet. - -2001-01-24 Tom Yu <tlyu@mit.edu> - - * prot_common.c: Fix up some error returns. - - * prot_kdc.c: Fix up some error returns. Add - decode_kdc_request(). - -2001-01-23 Tom Yu <tlyu@mit.edu> - - * prot_common.c: New file; contains functions to encode/decode - string triples for principals. - - * prot_kdc.c: New file; contains encoders and decoders - (eventually) for the KDC's use. - - * Makefile.in (OBJS, SRCS): Add prot_common.o, prot_kdc.o. - - * cr_auth_repl.c: KRB4_PUT{16,32} -> KRB4_PUT{16,32}BE. - - * cr_ciph.c: Include prot.h. KRB4_PUT32 -> KRB4_PUT32BE. - - * cr_err_repl.c: KRB4_PUT32 -> KRB4_PUT32BE. - - * cr_tkt.c: KRB4_PUT32 -> KRB4_PUT32BE. - - * decomp_tkt.c: krb_strnlen -> krb4int_strnlen. - - * g_ad_tkt.c: krb_strnlen -> krb4int_strnlen. KRB4_PUT32 -> - KRB4_PUT32BE. Properly skip date while parsing error. - - * g_in_tkt.c: krb_strnlen -> krb4int_strnlen. KRB4_PUT32 -> - KRB4_PUT32BE. Properly skip date while parsing error. - - * g_phost.c: Changes from audit. Actually bail out instead of - failing silently if h->h_name is too long. - - * kname_parse.c: Changes from audit. Check overrun per character - processed. - - * mk_auth.c: krb_strnlen -> krb4int_strnlen. KRB4_PUT32 -> - KRB4_PUT32BE. Include prot.h. - - * mk_err.c: KRB4_PUT32 -> KRB4_PUT32BE. - - * mk_priv.c: KRB4_PUT32 -> KRB4_PUT32BE. - - * mk_req.c: KRB4_PUT32 -> KRB4_PUT32BE. - - * mk_safe.c: KRB4_PUT32 -> KRB4_PUT32BE. - - * rd_req.c: krb_strnlen -> krb4int_strnlen. - - * strnlen.c: Rename to krb4int_strnlen. Also include prot.h, - which is where strnlen is declared now. - -2001-01-18 Tom Yu <tlyu@mit.edu> - - * g_ad_tkt.c: Fix error packet parsing. - - * g_in_tkt.c: Fix error packet parsing. Also, declare some - internal functions as static and add prototypes. - -2000-11-09 Danilo Almeida <dalmeida@mit.edu> - - * strnlen.c (krb_strnlen): Put The return type before the calling - convention. - -2000-11-08 Tom Yu <tlyu@mit.edu> - - * Makefile.in (OBJS, SRCS): Add strnlen.o, strnlen.c. - - * cr_auth_repl.c: Audit. Fix up copyright. Use new KRB4_PUT* - macros for encoding so output is always big-endian. Precompute - string lengths for better length-checking. - - * cr_ciph.c: Audit. Fix up copyright. Use new KRB4_PUT* macros - for encoding so that output is always big-endian. Precompute - string lengths for better length-checking. Zero out the key - schedule after encrypting. - - * cr_death_pkt.c: Audit. Fix up copyright. Precompute string - lengths for better length-checking. - - * cr_err_repl.c: Audit. Fix up copyright. Use moving pointer to - do encoding. Precompute string lengths for better - length-checking. Use KRB4_PUT* macros so that output is always - big-endian. - - * cr_tkt.c: Audit. Fix up copyright. Use KRB4_PUT* macros for - encoding so that output is always big-endian. Zero out the key - schedule after encrypting. - - * decomp_tkt.c: Audit. Fix up copyright. Use krb_strnlen() for - actually detecting string length errors. Use a struct in_addr to - retrieve the IP address and assign it to paddress for return. Use - KRB4_GET* macros for decoding to avoid byteswapping problems. - Zero out session key and decrypted ticket on error. - - * g_ad_tkt.c: Audit. Fix up copyright. Break out parsing of - decrypted KDC reply packet into a separate function to simplify - error handling somewhat. Precompute string lengths for better - length-checking. Use KRB4_PUT* macros for encoding so that output - is always big-endian. Use KRB4_GET* macros for decoding to avoid - byteswapping problems. Stomp on session key on error conditions. - - * g_in_tkt.c: Audit. Fix up copyright. Precompute string lengths - for better length-checking. Use KRB4_PUT* macros for encoding so - output is always big-endian. Use KRB4_GET* macros for decoding to - avoid byteswapping problems. Use krb_strnlen() to actually detect - string length errors. Zero out session key and decrypted KDC - reply once they're no longer useful. - - * mk_auth.c: Audit. Fix up copyright. Use moving pointer for - encoding. Use KRB4_PUT* macros for encoding to avoid alignment - issues with using memcpy(). Use KRB4_GET* macros for decoding to - avoid alignment issues with using memcpy(). - - * mk_err.c: Audit. Fix up copyright. Precompute string length. - Use KRB4_PUT* macros to always encode as big-endian. - - * mk_preauth.c: Audit. Zero out key schedule after encryption. - - * mk_priv.c: Audit. Fix up copyright. Use KRB4_PUT* macros for - encoding so output is always big-endian. - - * mk_req.c: Audit. Fix up copyright. Use moving pointer for - encoding. Precompute string lengths for better length-checking. - Use KRB4_PUT* macros for encoding so output is always big-endian. - Zero out session key after encryption. - - * mk_safe.c: Audit. Fix up copyright. Use KRB4_PUT* macros for - encoding so output is always big-endian. - - * rd_err.c: Audit. Fix up copyright. Use KRB4_GET* macros to - avoid alignment issues. - - * rd_preauth.c: Audit. Zero key schedule after decrypting. - - * rd_priv.c: Audit. Fix up copyright. Use KRB4_GET* macros to - avoid alignment issues. - - * rd_req.c: Audit. Fix up copyright. - - * send_to_kdc.c (send_recv): Actually set rpkt->length, since some - callers actually use it now to do length-checking. - - * strnlen.c: New file; compute string length, bounded by a - maximum. If the maximum number of characters has been read - without encountering a NUL character, return -1. This makes - overflow checking of strings in buffers much easier. - -2000-11-01 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Use AC_C_CONST and AC_CHECK_FUNCS instead of - AC_CONST and AC_HAVE_FUNCS. - -2000-10-23 Tom Yu <tlyu@mit.edu> - - * mk_auth.c (krb_check_auth): Modify call to rd_priv() by kludging - a cast of session key to C_Block *, since CNS is inconsistent in - this area as well. - - * mk_priv.c (krb_mk_priv): Align with CNS by taking C_Block *. - - * mk_safe.c (krb_mk_safe): Align with CNS by taking C_Block *. - - * rd_priv.c (krb_rd_priv): Align with CNS by taking C_Block *. - - * rd_safe.c (krb_rd_safe): Align with CNS by taking C_Block *. - - * recvauth.c (krb_recvauth): Update call to mk_priv() to have the - correct type. - -Tue Oct 10 05:03:50 2000 Ezra Peisach <epeisach@mit.edu> - - * kparse.c: Provide prototype for static struol(). Do not define - void as int (autoconf can handle that). - -2000-10-07 Tom Yu <tlyu@mit.edu> - - * g_tkt_svc.c (CredIsExpired): Fix logic bug. - -2000-10-06 Tom Yu <tlyu@mit.edu> - - * rd_req.c (krb_rd_req): Call life_to_fime(). - - * g_tkt_svc.c (CredIsExpired): Call life_to_time(). - - * lifetime.c: Add comments for lifetimes[]. Add provisions for - compile-time switching of short lifetimes. Fix sign bug in - time_to_life(). - -2000-10-05 Ezra Peisach <epeisach@mit.edu> - - * netread.c, netwrite.c: Include unistd.h if present on machine - for read/write prototypes. - - * in_tkt.c: Argument to umask should be of type mode_t. - - * configure.in: Test for uid_t (AC_TYPE_UID_T) and mode_t - (AC_TYPE_MODE_T). - - -2000-08-31 Tom Yu <tlyu@mit.edu> - - * Makefile.in(OBJS, SRCS): Add lifetime.{o,c}. - - * lifetime.c: New file. For the purposes of CMU and AFS - compatibility, this implements the exponential krb4 ticket - lifetimes for lifetime values above 127, in the krb_life_to_time() - and krb_time_to_life() functions. Values 127 and below are still - treated normally. - -Tue Aug 22 09:56:14 2000 Ezra Peisach <epeisach@mit.edu> - - * rd_svc_key.c (krb54_get_service_keyblock): If the keytab - encryption type is a non-raw des3 key, bash its enctype. This - matches kdc/kerberos_v4.c. - -Mon Aug 14 12:13:20 2000 Ezra Peisach <epeisach@mit.edu> - - * cr_tkt.c (krb_cr_tkt_int): When prototypes were changed to not - include a narrow prototype, the flags were being sent OTW as four - bytes instead of one. - -2000-08-02 Ezra Peisach <epeisach@mit.edu> - - * tf_util.c (tf_init): Add KRB5_DLLIMP/KRB5_CALLCONV definitions - for functions exported prototypes in krb.h. - -2000-07-21 Ezra Peisach <epeisach@mit.edu> - - * g_pw_tkt.c, unix_time.c: Add KRB5_DLLIMP/KRB5_CALLCONV defintion. - -Thu Jun 29 17:13:53 2000 Ezra Peisach <epeisach@home> - - * getst.c: Include <unistd.h> for read() prototype. - - * gethostname.c: Include <unistd.h> (if present) for gethostname() - prototype. - - * g_pw_tkt.c (get_pw_tkt): Declare function returning as int. - - * g_ad_tkt.c, g_in_tkt.c, g_tkt_svc: Add parenthesis about - assignment used as truth value. - - * cr_ciph.c (create_ciph): Declare as returning int. - -2000-07-20 Danilo Almeida <dalmeida@mit.edu> - - * memcache.c: Add krb_in_tkt() function to initialize ticket for a - given principal. It is like in_tkt() but it is public and also - takes a realm for credentials caches that require a full - principal name (e.g., CCAPI). - -2000-07-19 Danilo Almeida <dalmeida@mit.edu> - - * in_tkt.c: Add krb_in_tkt() function to initialize ticket for a - given principal. It is like in_tkt() but it is public and also - takes a realm for credentials caches that require a full - principal name (e.g., CCAPI). - -2000-07-03 Tom Yu <tlyu@mit.edu> - - * cr_tkt.c: Frob prototypes so they don't involve narrow types. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * cr_tkt.c: Provide prototype for static krb_cr_tkt_int function - before being used. - - * getst.c: Remove unused variable. - -2000-06-09 Tom Yu <tlyu@mit.edu> - - * configure.in: Check for strdup(). - - * kparse.c: Remove strsave() and replace with an inlined static - version of strdup() if HAVE_STRDUP is not defined. - - * g_ad_tkt.c (get_ad_tkt): ptr may be signed; cast while - assigning to larger types. [from Charles Hannum by way of - ghudson] - -2000-05-23 Ken Raeburn <raeburn@mit.edu> - - * decomp_tkt.c (dcmp_tkt_int): Add a couple more length checks. - Reject names that are exactly ANAME_SZ (etc) bytes long without - the trailing nul, because krb.h says the *_SZ macros are "maximum - sizes ... +1". - * mk_auth.c (krb_mk_auth): Force nul termination of inst. - * sendauth.c (krb_sendauth): Force nul termination of srv_inst. - -2000-05-11 Nalin Dahyabhai <nalin@redhat.com> - - * Password.c (GetUserInfo): Truncate user name if it's too long - to fit. - * cr_auth_repl.c (cr_auth_reply): Bail if the reply packet won't - fit into its buffer. - * cr_ciph.c (create_ciph): Ditto. - * cr_death_pkt.c (krb_create_death_packet): Truncate "aname" to - make it fit into the packet's data buffer. - * cr_err_repl.c (cr_err_reply): Bail if the reply packet won't - fit into its buffer. - * cr_tkt.c (krb_create_ticket): Ditto. - * g_ad_tkt.c (get_ad_tkt): Stop if data being added to buffer - would overflow it. Add more sanity checks when decomposing the - credential received. - * g_in_tkt.c (krb_mk_in_tkt_preauth): Bail if the request packet - won't fit into its buffer. - * g_krbhst.c (get_krbhst_default): Truncate the guessed KDC's - hostname if it is too long. - * g_pw_in_tkt.c: Remove useless strcpy() prototype. - * kntoln.c (krb_kntoln): Don't overflow buffer "lname". - * mk_err.c (krb_mk_err): Return the needed buffer length if the - pointer passed in is NULL. - * mk_req.c (krb_mk_req): Bail if the reply packet won't - fit into its buffer. - * rd_req.c (krb_rd_req): Sanity check the realm name being read, - and truncate the service name, nstance, and realm from credential - read from keytab. - * realmofhost.c (krb_realmofhost): Truncate realm names read - from file if they are too long. - * send_to_kdc.c (send_to_kdc): Truncate passed-in realm name. - -2000-05-08 Ken Raeburn <raeburn@mit.edu> - - * rd_req.c (krb_rd_req): Mask length byte with 0xff in case the - length is over 127 and char is signed. - - * recvauth.c (krb_recvauth): If the number of bytes to be read - from the net is not positive, just return an error. - -2000-05-03 Tom Yu <tlyu@mit.edu> - - * cr_tkt.c: Delete prototype for krb_cr_tkt_int(), since the - definition is K&R style and contains narrow types. Thank you - HP/UX for having a compiler that actually makes this a fatal - error. - -2000-04-28 Ken Raeburn <raeburn@mit.edu> - Nalin Dahyabhai <nalin@redhat.com> - - * dest_tkt.c (dest_tkt): Don't overflow buffer "shmidname". - * in_tkt.c (in_tkt): Don't overflow buffer "shmidname". - * kuserok.c (kuserok): Don't overflow buffer "pbuf". - * tf_util.c (tf_init): Don't overflow buffer "shmidname". - * win_store.c (krb__get_cnffile): Don't overflow buffers "defname" - and "cnfname". - (krb__get_realmsfile): Don't overflow buffers "defname" and - "realmsname". - -2000-04-28 Tom Yu <tlyu@mit.edu> - - * rd_req.c (krb_rd_req): Fix some uses of strcpy(). - -2000-03-12 Ezra Peisach <epeisach@mit.edu> - - * cr_tkt.c (krb_cr_tkt_int): Add static prototype. - * decomp_tkt.c: (dcmp_tkt_int): Add static prototype - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-10-07 Ken Raeburn <raeburn@mit.edu> - - * rd_svc_key.c (krb54_get_service_keyblock): Close keytab before - returning in success case. Patch from Greg Hudson - <ghudson@mit.edu>. - -1999-08-26 Danilo Almeida <dalmeida@mit.edu> - - * memcache.c (change_cache): Use PostMessage instead of SendMessage - so we do not block. - -Fri Aug 13 23:23:00 1999 Brad Thompson <yak@mit.edu> - - * sendauth.c: Initialize __krb_sendauth_hidden_tkt_len so - it doesn't end up in the common block. - - * pkt_clen.c: Initialize swap_bytes so that it doesn't end - up in the common block. - -Mon May 10 15:23:15 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -Thu Apr 15 20:18:38 1999 Tom Yu <tlyu@mit.edu> - - * g_cnffile.c (krb__get_srvtabname): Fix to actually extract - krb5_srvtab value from profile, instead of always ignoring it. - -Mon Feb 8 21:56:45 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * rd_req.c (krb_rd_req): Add appropriate #ifdef so that this code - compiles cleanly when KRB4_USE_KEYTAB is not defined. - -1998-12-05 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * rd_svc_key.c (krb54_get_service_keyblock): New function which - searches the appropaite krb5 keytab file for the key to be - used by the krb4 library. - - * rd_req.c (krb_rd_req): If the appropriate key cannot be found in - the krb4 srvtab file, try calling krb54_get_service_keyblock. - - * decomp_tkt.c (dcmp_tkt_int): - * g_in_tkt.c (krb_mk_in_tkt_preauth): - * g_ad_tkt.c (get_ad_tkt): - * pkt_clen.c (pkt_clen): - * rd_err.c (krb_rd_err): - * rd_priv.c (krb_rd_priv): - * rd_req.c (krb_rd_req): - * rd_safe.c (krb_rd_safe): Use krb4_swab32 and krb4_swab16 instead - of swap_u_long and swap_u_short. The new byte swapping - routines are faster and cleaner. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - - * configure.in: Remove KRB5_POSIX_LOCKS test. - - * win_store.c (krb__get_srvtabname): - * g_cnffile.c: Use krb5__krb4_context instead of init'ing and - free'ing a krb5_context each time we need to read data - from the configuration file. We also define - krb5__krb4_context in g_cnnfile.c, since it's a likely - that any use of the krb4 library will pull in that file. - - * tf_util.c (tf_init): Use krb5_lock_file instead of trying to - roll our own flock emulation. - -Wed Aug 12 18:32:44 1998 Tom Yu <tlyu@mit.edu> - - * rd_req.c (krb_set_key): Nuke the krb5_keyblock if it's set. - (krb_set_key_krb5): New function to set a static krb5_keyblock for - decryption purposes. - (krb_clear_key_krb5): New function to clear the static - krb5_keyblock if it's set. - (krb_rd_req): Call decomp_ticket or decomp_tkt_krb5 as appropriate - to the key type. - - * decomp_tkt.c (decomp_tkt_krb5): New wrapper to call - dcmp_tkt_int. - (decomp_ticket): Transform into wrapper to call dcmp_tkt_int. - (dcmp_tkt_int): New internal function; use a krb5_keyblock to - decrypt the ticket if present; else just use plain old C_Block. - - * cr_tkt.c (krb_create_ticket): Transform into a wrapper that - calls krb_cr_tkt_int. - (krb_cr_tkt_krb5): New wrapper to call krb_cr_tkt_int. - (krb_cr_tkt_int): New internal function that potentially uses a - krb5_keyblock to encrypt the ticket, or just a C_Block if the - krb5_keyblock is not set. - -Mon Aug 10 17:51:59 1998 Matthew D Hancher <mdh@mit.edu> - - * rd_svc_key.c (read_service_key): Don't call krb5_kt_close() if - krb5_kt_resolve() fails, so we don't segfault if the keytab name - is invalid. - -Fri Aug 7 11:04:03 1998 Tom Yu <tlyu@mit.edu> - - * rd_safe.c (krb_rd_safe): Fix up call to quad_cksum(). - - * mk_safe.c (krb_mk_safe): Fix up call to quad_cksum(). - - * tf_util.c (tf_init): Add call to getuid() to initialize me. - -Thu Jul 30 13:13:30 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * tf_util.c (tf_init): s/,/= so getuid() actually gets called - -Sun Jul 26 17:51:24 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * Makefile.in (LIBMAJOR): Bump libmajor - -Thu Jul 9 19:35:01 1998 Matthew D Hancher <mdh@mit.edu> - - * tf_util.c (tf_init): Fixed a potential race condition in the opening - of v4 ticket files. tf_init() was calling lstat() followed by fopen(). - Now it calls fopen() and then calls lstat() and fstat() to check file - ownership and to check that it opened the file it thought it did. I - patched the shared memory code similarly, but since nothing uses it I - don't have a good way to test it properly. - -Wed Jun 24 03:09:28 1998 Tom Yu <tlyu@mit.edu> - - * mk_priv.c (krb_mk_priv): Fix up call to pcbc_encrypt(). By - taking the address of key, the 5th arg to pcbc_encrypt() was - actually a (char **) cast to a (C_Block *). The reason for this - is that a C_Block (actually a des_cblock) is typedef'ed from a - char[8], which by being in the parameters of the definition of - krb_mk_priv() becomes of type (char *). This means that using the - address operator on key resulted in a pointer to a pointer to a - char rather than a pointer to a des_cblock, which would have been - innocuous in this case because pcbc_encrypt() actually takes a - (des_cblock *) as the 5th (ivec) argument. The moral is to never - pass around naked arrays as function arguments; instead, pass - around pointers to arrays to avoid spontaneous conversions to - pointers sneaking up. Note that CNS actually uses a (C_Block *) - everywhere, and maybe we should as well. *whew* - -1998-05-08 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * stime.c (krb_stime): - * log.c (krb_new_log, krb_log): - * klog.c (klog): Print the year using 4 digits to avoid Y2K issues. - -Wed Apr 15 18:07:00 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): - (SHLIB_EXPLIBS): Rename libcrypto -> libk5crypto. - -Thu Apr 9 18:44:16 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (includes): The header is krb_err.h, not - /krb_err.h. - -Sun Apr 5 19:51:21 1998 Tom Yu <tlyu@mit.edu> - - * g_cnffile.c (krb__get_srvtabname): Fix up to not free context - unless it is valid. - -Wed Feb 18 16:17:49 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - - * configure.in, Makefile.in: Remove use of CopyHeader from - configure.in and move functionality to Makefile.in - -Tue Jan 6 17:11:28 1998 Tom Yu <tlyu@mit.edu> - - * in_tkt.c: Conditionalize use of macro do_seteuid, rather than - redefining setreuid. [krb5-libs/521] - -Sat Dec 6 22:17:28 1997 Ezra Peisach <epeisach@mit.edu> - - * dest_tkt.c: Add <string.h> for memset prototype. - -Wed Nov 19 11:04:27 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (clean-unix): krb_err.h resides in the kerberosIV - subdir for make clean. - -Wed Nov 19 00:01:07 1997 Tom Yu <tlyu@mit.edu> - - * rd_safe.c (krb_rd_safe): Fix up call to quad_cksum. - - * mk_priv.c (krb_mk_priv): Fix up call to pcbc_encrypt. - - * mk_safe.c (krb_mk_safe): Fix up call to quad_cksum. - -Tue Nov 18 23:49:01 1997 Tom Yu <tlyu@mit.edu> - - * mk_req.c (krb_mk_req): Fix up call to pcbc_encrypt. - - * rd_req.c (krb_rd_req): Fix up call to pcbc_encrypt. - -Tue Oct 21 09:02:51 1997 Ezra Peisach <epeisach@mit.edu> - - * kparse.c: Include stdlib.h if present (for malloc prototyp) - -Fri Oct 17 20:33:17 1997 Tom Yu <tlyu@mit.edu> - - * mac_time.c: Don't use the type KRB_INT32; it was leaked from - des.h and was just the wrong answer. Use long instead. While - we're at it, declare gettimeofdaynet_no_offset() as static because - we have no real need to export it. - -Tue Sep 30 19:00:33 1997 Tom Yu <tlyu@mit.edu> - - * tkt_string.c: Replace HAS_STDLIB_H with something more sane. - - * send_to_kdc.c: Replace HAS_STDLIB_H with something more sane. - - * realmofhost.c: Replace HAS_STDLIB_H with something more sane. - - * mk_preauth.c: Repalce HAS_STDLIB_H with something more sane. - - * memcache.c: Replace HAS_STDLIB_H with something more sane. - - * kparse.c: Replace HAS_STDLIB_H with something more sane. - - * configure.in: Replace HAS_STDLIB_H with something more sane. - -Thu Sep 25 21:11:16 1997 Tom Yu <tlyu@mit.edu> - - * put_svc_key.c: Replace HAS_UNISTD_H with something more sane. - - * kuserok.c: Replace HAS_UNISTD_H with something more sane. - - * configure.in: Replace HAS_UNISTD_H with something more sane. - -Mon Sep 1 21:37:36 1997 Tom Yu <tlyu@mit.edu> - - * decomp_tkt.c (decomp_ticket): Fix swapped args to memset. - -Tue Aug 12 09:10:41 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (OSSRCS): Add $(srcdir)/ to source location. - -Thu Aug 7 15:53:13 1997 Tom Yu <tlyu@mit.edu> - - * g_cnffile.c: Check to see if context is NULL prior to calling - profile_get_values. Fixes krb5-libs/317. - -Wed Apr 9 23:15:39 1997 Tom Yu <tlyu@mit.edu> - - * realmofhost.c (krb_realmofhost): Add bounds checking to various - things. - - * g_krbhst.c (krb_get_krbhst): Fix to bound fscanf and sscanf. - - * g_krbrlm.c (krb_get_lrealm): Fix to bound fscanf. - -Sat Feb 22 19:02:08 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Sat Feb 22 01:16:01 1997 Sam Hartman <hartmans@tertius.mit.edu> - - * Makefile.in (SHLIB_DIRS): Remove extra shlib_explibs - -Sat Feb 22 00:55:42 1997 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (SHLIB_EXPLIBS): Depend on -lcrypto -ldes425 - -Thu Feb 20 23:27:39 1997 Richard Basch <basch@lehman.com> - - * memcache.c: Just use malloc/free, since _nmalloc isn't on - all versions of Windows. - -Sun Feb 16 21:11:51 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Win16/Win32 cleanup - - * err_txt.c g_admhst.c g_cred.c g_krbhst.c g_krbrlm.c g_phost.c - g_pw_in_tkt.c g_svc_in_tkt.c g_tkt_svc.c kname_parse.c mk_auth.c - mk_err.c mk_preauth.c mk_priv.c mk_req.c mk_safe.c rd_err.c - rd_priv.c rd_req.c rd_safe.c rd_svc_key.c realmofhost.c - recvauth.c save_creds.c unix_glue.c - Changed declaration of functions to use - KRB5_DLLIMP/KRB5_CALLCONV instead of INTERFACE. - -Sat Feb 1 08:44:00 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (STOBJLISTS): Fix up des425 reference. - -Wed Jan 8 01:34:30 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in, configure.in: Convert to new build procedure. - -Mon Nov 18 20:40:39 1996 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Set shared library version to 1.0. [krb5-libs/201] - -Thu Nov 7 12:33:06 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * g_in_tkt.c: - * sendauth.c: Fixed mangled copyright notice - -Thu Jun 13 22:12:57 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * configure.in: remove ref to ET_RULES - -Wed Jun 12 01:02:45 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Remove unnecessary include config/windows.in. - wconfig takes care of this automatically. - -Wed May 22 07:41:15 1996 Sam Hartman <hartmans@mit.edu> - - * Makefile.in (install-unix): Don't include an install rule, as it - is generated by aclocal.m4 for shared libs. - -Tue Apr 30 19:26:11 1996 Ken Raeburn <raeburn@cygnus.com> - - * configure.in: Evaluate AC_C_CROSS before AC_TRY_RUN, to clean up - the output style. - -Sun Apr 14 04:16:50 1996 Sam Hartman <hartmans@mit.edu> - - * rd_svc_key.c (get_service_key): Don't declare open(). - -Wed Apr 10 19:18:57 1996 Richard Basch <basch@lehman.com> - - * rd_svc_key.c (read_service_key): First try to read the V4 - service key from the V4 srvtab, and if it fails, try the keytab. - A * instance will be translated into the default instance component - (usually the FQDN of the local hostname). - -Fri Mar 29 16:45:00 1996 Richard Basch <basch@lehman.com> - - * rd_svc_key.c, configure.in: Try to read the V4 service key from a - V5 keytab. - -Tue Mar 19 11:23:13 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * tf_util.c (tf_get_cred): Issue date is written out as a long, - read back in as same. - -Sat Feb 24 09:27:08 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * g_svc_in_tkt.c, put_svc_key.c, rd_req.c, rd_svc_key.c: Declare - krb__get_srvtabname(). - -Sat Jan 27 01:05:12 1996 Mark Eichin <eichin@cygnus.com> - - * kuserok.c: use HAVE_SETEUID and HAVE_SETRESUID to figure out how - to emulate seteuid instead of assuming hpux. - * configure.in: test for seteuid as well; fold some tests into a - single AC_HAVE_FUNCS. - -Tue Dec 5 20:53:40 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in: Shared library depends on krb5 library now. - - * configure.in: Pass krb5 library version number to Makefile. - -Wed Nov 15 20:38:38 1995 Mark Eichin <eichin@cygnus.com> - - * tf_util.c (emul_flock): initialize f to a copy of a static - (thus zero) struct flock, to avoid panic'ing sunos 4.1.4. - -Sun Nov 12 05:26:08 1995 Mark W. Eichin <eichin@cygnus.com> - - * g_cnffile.c (krb__get_srvtabname): new function, looks up - [libdefaults]krb4_srvtab for use where KEYFILE used to be. - * g_cnffile.c (krb__v5_get_file): new function, looks up argument - in [libdefaults] and tries to open it as a filename. Returns - filehandle (or NULL, if fopen failed.) - (krb__get_cnffile, krb__get_realmsfile): use krb__v5_get_file to - look up "krb4_config" or "krb4_realms" respectively. Also add - $KRB_REALMS override for realms file. - -Mon Oct 2 11:12:05 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in (V5_MAKE_SHARED_LIB): Change rule to install - version 0.1 of the library. Pass the libcrypto version - number to Makefile - - * Makefile.in (CRYPTO_VER): Get the proper libcrypto version number - -Mon Sep 25 16:54:34 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * DNR.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Mon Aug 7 18:40:34 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (SRCS): Include $(NETIO_SRCS) in the list of source - files, instead of $(NETIO_OBJS) - - * tf_util.c (utimes): If __SVR4 is defined, #include <utime.h>, - just as we do if __svr4__ is defined. - - * g_pw_in_tkt.c: If __SVR4 is defined, #include <sgtty.h>, just as - we do if __svr4__ is defined. (WARNING: This code still - assumes that the BSD ioctl's are being supported, at least - in compatibility mode. We should really upgrade this code - to use POSIX termios calls.) - -Tue Jun 27 23:59:28 1995 Mark Eichin <eichin@cygnus.com> - - * rd_req.c (krb_rd_req): from_addr is an address, so use unsigned - KRB4_32 instead of long. - -Tue Jun 27 23:50:08 1995 Mark Eichin <eichin@cygnus.com> - - * rd_safe.c (krb_rd_safe): use KRB4_32 for address comparison - and checksum swapping. - -Tue Jun 27 15:49:35 EDT 1995 Paul Park (pjpark@mit.edu) - * kparse.c - Change LineNbr to sLineNbr to avoid conflict with kparse.h - -Mon Jun 26 14:58:02 1995 Sam Hartman <hartmans@tardis.MIT.EDU> - - * log.c: Use HAVE_TIME_H not NEED_TIME_H - - * klog.c: Change NEED_TIME_H to HAVE_TIME_H - - * configure.in: Check for sys/select.h. Also check for time.h. - - * send_to_kdc.c: If sys/select.h exists, include it. - -Fri Jun 23 18:15:07 1995 Tom Yu (tlyu@dragons-lair) - - * configure.in: fix Sam's typo so libkrb4.a gets symlinked - properly - -Fri Jun 23 12:29:39 1995 Sam Hartman <hartmans@tardis.MIT.EDU> - - * configure.in: Handle generation of rules to make static libs. - - * Makefile.in (LIBNAME): Changed to support new handling of static - libraries - - -Fri Jun 16 11:15:45 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Change "./DONE" to "DONE" since we know how to make - "DONE", hence a clean make won't get confused any more. - * configure.in - Add shared library install target. - - -Thu Jun 15 18:07:24 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Add definitions for shared library build rules. - * configure.in - Create symlinks for archive and shared library - when we build them. - -Fri Jun 9 19:28:22 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Fri Jun 9 00:01:35 1995 Tom Yu (tlyu@dragons-lair) - - * Makefile.in, configure.in: use CopyHeader rather than hand-coded - header install rule. - -Fri May 26 21:11:38 1995 Theodore Y. Ts'o (tytso@dcl) - - * cr_err_repl.c (cr_err_reply): Remove backward compatibility code - for Kerberos V3 (!) which was causing problems for shared - libraries. Library code shouldn't try to reference global - variables defined by the calling application! - -Sun May 21 16:06:20 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * dest_tkt.c: If O_SYNC is not defined, define as 0. - - * in_tkt.c: If O_SYNC is not defined, define as 0. - -Thu May 18 14:43:51 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * in_tkt.c: Use HAVE_SETREUID and HAVE_SETRESUID to define - setreuid properly. - - * configure.in: Check for setreuid and setresuid - -Sun May 7 08:05:56 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * mk_preauth.c: Add <string.h> and either <stdlib.h> or provide - prototypes for malloc. - - * g_svc_in_tkt.c: Add <string.h> - - - * rd_preauth.c: Add <string.h> - - * mk_auth.c: Include "krb4-proto.h" for get_phost definition. - - * g_pw_in_tkt.c (stub_key): Add <string.h> - - * send_to_kdc.c: Ifdef on HAS_STDLIB_H not POSIX - - * realmofhost.c: Ifdef on HAS_STDLIB_H not POSIX - - * memcache.c: Ifdef on HAS_STDLIB_H not POSIX - - * configure.in: Check for stdlib.h - -Thu May 4 10:03:22 1995 Tom Yu (tlyu@dragons-lair) - - * put_svc_key.c (put_svc_key): remove spurious & in front of fkey - (it's a char[] and takint address of it is redundant) - - * recvauth.c (krb_recvauth): remove spurious & in front of - reference to kdata->session - - * rd_req.c (krb_rd_req): remove spurious & in front of reference - to ad->session - - * g_in_tkt.c(decrypt_tkt): remove spurious & in front of reference - to key (it is a C_Block and taking address of it is - redundant) - - * Makefile.in: new includes target to install krb_err.h in - $(BUILDTOP)/include; includes depends on krb_err.h. - Previously, it was attempting to install a header that had - not yet been generated! - -Tue May 2 09:30:50 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (clean-unix): Remove krb_err.h from the include - directory. - -Sat Apr 29 00:33:47 1995 Tom Yu (tlyu@dragons-lair) - - * g_phost.c: removed references to sys/param.h and netdb.h - * realmofhost.c: ditto - -Fri Apr 28 13:03:23 1995 Theodore Y. Ts'o <tytso@dcl> - - * tf_util.c, configure.in: Added check for POSIX_FILE_LOCK to - enable POSIX file locking. - - * tf_util.c: Add #include of fcntl.h - - * month_sname.c, one.c: Remove unnecessary include of conf.h - -Fri Apr 28 01:55:18 1995 Mark W. Eichin <eichin@cygnus.com> - - * kuserok.c: HAS_UNISTD_H instead of USE_. - * configure.in: test for HAVE_STRSAVE (for kparse.c). - -Fri Apr 28 01:38:42 1995 Mark W. Eichin <eichin@cygnus.com> - - * configure.in: use AC_CHECK_SIZEOF(int) to set BITS16/BITS32. - Use AC_TRY_RUN test to set MSBFIRST or LSBFIRST. - -Tue Mar 28 09:19:23 1995 Mark Eichin <eichin@cygnus.com> - - * send_to_kdc.c (send_to_kdc): only use secondary port if entry - for primary doesn't have an explicit port number. Secondary port - is still guessed to be 750. Also *don't* switch to the secondary - port in general, since we might be using multiple realms. - -Tue Feb 14 23:24:50 1995 John Gilmore <gnu@cygnus.com> - - * sendauth.c (krb_net_rd_sendauth): Result is a Kerberos error - code, not an errno. - -Mon Feb 6 16:11:52 1995 John Gilmore (gnu at toad.com) - - * mac_store.c (DeleteServerMap): When skipping a realm map, skip - also the admin-flag byte; else walking the list of strings gets - very confused. - - * mac_stubs.c (kdriver): Rename static variable to mac_stubs_kdriver, - and export it to callers. - (krb_get_ticket_for_service): Circumvent MPW compiler bug that - doesn't like array->memb inside a sizeof. array[0].memb works. - -Wed Feb 1 12:00:00 1995 John Rivlin <jrivlin@cygnus.com> - - * Makefile.in: Modify install-windows and clean-windows - targets to install libraries into src/windows directory. - -Tue Jan 24 10:35:31 1995 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * g_pw_in_tkt.c (krb_get_pw_in_tkt_preauth): Check for a NULL - password if _WINDOWS or macintosh. - -Mon Jan 23 17:06:10 1995 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * g_pw_in_tkt.c (passwd_to_key): When not _WINDOWS or macintosh, - restore code to call des_read_password if passwd is NULL. - (krb_get_pw_in_tkt): Only error out if password is NULL if - _WINDOWS or macintosh. - - * g_krbhst.c (get_krbhst_default): New static function. - (krb_get_krbhst): Use get_krbhst_default. - -Fri Jan 20 12:00:00 1995 John Rivlin (jrivlin@fusion.com) - - * Makefile.in: Changed libentry to debug in link command as - libentry is no longer provided in the Visual C++ environment. - Libentry is part of the library in Visual C++. Debug is used - purely to satisfy the syntax requirements of the link command. - -Thu Jan 19 14:18:10 1995 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * sendauth.c (krb_net_rd_sendauth): If the raw ticket length looks - like the start of a warning from SunOS4 ld.so, just ignore the - warning message, and look for the ticket after it. - -Mon Jan 16 16:11:21 1995 John Gilmore <gnu@cygnus.com> - - * kuserok.c (kuserok): Allow realm to be defaulted in the - ~/.klogin file; this simplfies DejaGnu testing of Kerberos. - Fix bug that left kname_parse arguments uninitialized. - -Mon Jan 16 11:54:01 1995 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * krb_err.et: Change KRBET_RD_APTIME message from ``delta_t too - big'' to ``time is out of bounds.'' - - * send_to_kdc.c: If POSIX, include <stdlib.h> instead of declaring - malloc, calloc, and realloc. - (cached_krb_udp_port): Make static. - (send_to_kdc): If send_recv fails, and the kerberos port number - used is from getservbyname, and is not 750, then try sending to - port 750. - - * realmofhost.c (krb_realmofhost): If DO_REVERSE_RESOLVE is - defined, canonicalize using gethostbyaddr. - -Thu Jan 12 17:40:26 1995 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * in_tkt.c (in_tkt): Set umask to 077 around creation of ticket - file to ensure that it is created with write access, even if the - user has a screwy umask value. - -Thu Dec 29 23:59:49 1994 Mark Eichin <eichin@cygnus.com> - - * g_in_tkt.c (krb_get_in_tkt_preauth): factored out into - krb_mk_in_tkt_preauth and krb_parse_in_tkt. This simplifies the - SNK4 support on platforms that can't do callbacks from (shared) - libraries. - -Tue Dec 27 11:12:54 1994 Ian Lance Taylor <ian@cygnus.com> - - * g_in_tkt.c (krb_get_in_tkt_preauth): Rewrite switch statement to - work when compiled by SCO 3.2v4 native C compiler. - * g_ad_tkt.c (get_ad_tkt): Likewise. - -Fri Dec 23 15:47:20 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * memcache.c (unix): Define if _AIX is defined (AIX compiler does - not predefine unix). - -Fri Dec 16 18:57:40 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * memcache.h: Use PROTOTYPE in declarations. - * memcache.c: Rewrite function definitions to use Classic C - parameter repetition rather than prototypes. - -Thu Dec 15 18:23:37 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * memcache.c: Add typedefs and macro definitions to make this file - compile on Unix as well as on Windows and the Mac. - -Wed Dec 14 19:31:24 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * g_in_tkt.c (krb_get_in_tkt_preauth): Comment out assignment to - exp_date, since it is not used. - -Wed Nov 23 12:30:49 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * fakeenv.c (_findenv, unsetenv): New functions, copied in from - setenv.c. The telnet server uses unsetenv. - -Wed Nov 23 00:53:10 1994 John Gilmore (gnu@cygnus.com) - - * realmofhost.c (krb_realmofhost): Allow arbitrary host - names here, as in krb_get_phost, by canonicalizing the name - into a fully qualified name using gethostbyname(). This - has the effect of letting users not set the "local realm" - config knob in more cases, since a name without a dot will - be canonicalized and searched-for in the domain-to-realm - database, rather than being assumed to be in the local realm. - This problem was found by using unqualified hostnames in Wintel. - -Wed Nov 23 00:26:17 1994 John Gilmore (gnu@cygnus.com) - - Clean up a few misleading error messages. - - * memcache.c (krb_get_tf_fullname): Return NO_TKT_FIL if - there are no tickets cached, just like from tf_util.c. - * g_ad_tkt.c (get_ad_ticket): If we try cross-realm - authentication, and it fails for lack of a key in the - kerberos database, return AD_NOTGT ("No ticket- - granting ticket") rather than KDC_PR_UNKNOWN ("Principal unknown"). - * krb_err.et, err_txt.c: Update NO_TKT_FIL error message from - "No ticket file (tf_util)" to "You have no tickets cached". - -Thu Nov 17 12:31:27 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * mk_preauth.c (krb_mk_preauth): des_key_sched takes a des_cblock - argument, not des_cblock *, so remove the cast. - * rd_preauth.c (krb_rd_preauth): Likewise. - -Wed Nov 16 22:13:28 1994 Mark Eichin (eichin@cygnus.com) - - * mk_preauth.c (krb_mk_preauth): use des_key_sched instead; check - its return value and fail if it fails. - * rd_preauth.c (krb_rd_preauth): ditto. - -Wed Nov 16 17:35:07 1994 Mark Eichin (eichin@cygnus.com) - - * mk_preauth.c (krb_mk_preauth): add R3 implementation (and - NOENCRYPTION version) which passes encrypted aname. - (krb_free_preauth): free storage from both implementations. - * rd_preauth.c (krb_rd_preauth): add R3 implementation. - -Wed Nov 16 17:28:14 1994 Mark Eichin (eichin@cygnus.com) - - * g_pw_in_tkt.c (stub_key): use memcpy, in case the C_Block is an - array and not a struct. - -Wed Nov 9 12:45:02 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * in_tkt.c: Fix thinko in last change. - -Fri Nov 4 12:05:57 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * in_tkt.c: Don't redefine setreuid if both hpux and __svr4__. - -Fri Nov 4 02:10:58 1994 John Gilmore (gnu@cygnus.com) - - Make it build on MS-Windows again. - - * Makefile.in (NETIO_SRCS, NETIO_OBJS): Break out, since these - are required on MS-Windows and prohibited on Mac. - (kerberos.dll): Avoid line-length problems by copying - libraries from other directories and using very short names. - -Tue Nov 1 15:47:44 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * dest_tkt.c: Include "krb.h" before <stdio.h>. - -Mon Oct 31 19:41:14 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * Makefile.in (CODE): Use Makefile.in instead of Imakefile. - -Fri Oct 28 15:21:56 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * month_sname.c: Include conf.h. - * one.c: Likewise. - - * rd_req.c (krb_rd_req): Pass address of the array ad->session, to - match function definition. - -Wed Oct 12 00:37:46 1994 Julia Menapace (jcm at toad.com) - - * Password.c: Include kerberos.h not Krb.h. Define KRB_DEFS to - avoid multiple symbol definitions from krb_driver.h. Needs further - cleanup but not just before release. - -Mon Oct 10 20:07:56 1994 Julia Menapace (jcm at toad.com) - - * g_tkt_svc.c: (cacheInitialTicket) moved to new file Password.c - - * mac_glue.c: Remove superfluous comment. - - * mac_stubs.c: Add code translating unix function call to mac - driver control call for krb_get_tf_fullname - - * macsock.c: Remove superflous comment. - - * memcache.c: Remove unused #includes - (krb_get_tf_realm) pass tktfile instead of blank to - krb_get_tf_fullname. - - (get_tf_fullname): Because the symantics of GetNthCredentials - (called by this routine) were changed to disable multiple named - caches (for UNIX compatability) we have to replace the user name - and instance it returns with the actual name and instance of the - current cache, set by in_tkt and stored in file static global - variables. - -Mon Oct 10 13:37:34 1994 Julia Menapace (jcm at toad.com) - - * mk_auth.c: New file, created from sendauth.c. Contains just - the portable parts of sendauth.c (krb_mk_auth and krb_check_auth). - * sendauth.c (krb_mk_auth, mrb_check_auth): Move these functions - to mk_auth.c. - * Makefile.in (SRCS, OBJS, SERVER_KRB_SRCS, SERVER_KRB_OBJS): - Add mk_auth.c to SRCS/OBJS; remove sendauth.c, netread.c, and - netwrite.c from SRCS/OBJS to SERVER_KRB_SRCS/OBJS. - -Thu Sep 29 15:31:24 1994 John Gilmore (gnu@cygnus.com) - - * realmofhost.c (krb_realmofhost): Correct off-by-one error in - default handling of top and second-level domains. - -Fri Sep 23 12:00:00 1994 John Rivlin (jrivlin@fusion.com) - - * Makefile.in: Added kstream library to kerberos.dll - - * kerberos.def: Added kstream library to kerberos.dll - -Fri Aug 19 12:00:00 1994 John Rivlin (jrivlin@fusion.com) - - * g_pw_in_.c: Added (key_proc_type) cast for stub_key to remove - warnings with prototypes active. - - * kerberos.def: Added des_ecb_encrypt to externals for telnet. - -Wed Sep 14 12:58:05 1994 Julia Menapace (jcm@cygnus.com) - - * mac_stubs.c (krb_get_err_text): make return type const. - (GetNthRealmMap): add routine to stubs library to generate a - driver call returning the Nth Realm mapping. - (GetNthServerMap): add routine to stubs library to generate a - driver call returning the Nth server mapping. - * g_tkt_svc.c (CacheInitialTicket): If user name has changed save - it. - * memcache.c (krb_save_credentials): Fill in credential with - currently authorized user name and instance expected by kerberos, - (passed to and stored by in_tkt) instead of FIXED user name and - instance used to select credentials cache (is same for all cases to - disable multi named caches, using/reusing single named cache for - all cases). - -Tue Sep 13 16:45:01 1994 Julia Menapace (jcm@cygnus.com) - - * err_txt.c (MULTIDIMENSIONAL_ERR_TXT): Rename from - UNIDIMENSIONAL_ARRAYS to reflect what's actually going on. - -Thu Aug 18 20:26:16 1994 Mark Eichin (eichin@cygnus.com) - - * g_tkt_svc.c (CredIsExpired): use proper style of declaration so - that it works with k&r compilers. - -Wed Aug 10 13:47:55 1994 Mark Eichin (eichin@cygnus.com) - - * err_txt.c (krb_err_txt): Export it again, to avoid gratuitous - incompatibility. Programs that can't deal with the use of the - array don't have to use it. - -Fri Aug 5 15:55:02 1994 Mark Eichin (eichin@cygnus.com) - - * tf_util.c (tf_save_cred): cast 0 to (off_t), don't assume 0L - will work (it doesn't in netbsd.) - -Mon Aug 6 12:00:00 1994 John Rivlin (jrivlin@fusion.com) - - * g_cnffile.c: Added definition for getenv. - - * Makefile.in: Added KADM_LIB_FOR_DLL library in kerberos.dll - Updated clean target to avoid deleteion of krb_err.h under - Windows. - - * kerberos.def: Added inteface for KRB_GET_NOTIFICATION_MESSAGE, - KADM_INIT_LINK, KADM_CHANGE_PW, KADM_CHANGE_PW and KADM_GET_ERR_TEXT - and renumbered entrypoints for consistency. - - * memcache.c (change_session_count, change_cache): Changed - change_session_count to change_cache. This - routine now maintains the lock on the library as well as sending - ot broadcast messages to all to level windows when the cache - changes. Also changed all calls to above routine throughout - memcache.c. - - * netwrite.c: use newly added SOCKET_READ and SOCKET_EINTR values - to avoid use of read on Windows. VMS dependencies moved to c-vms.h - for uniformity with other platforms. - - * netread.c: use newly added SOCKET_READ and SOCKET_EINTR values - to avoid use of read on Windows. VMS dependencies moved to c-vms.h - for uniformity with other platforms. - - * memcache.c: sname, sinst, srealm not stored if null pointers - passed in. This avoids problems found porting kpasssd. - -Mon Aug 1 12:00:00 1994 John Rivlin (jrivlin@fusion.com) - - * kerberos.def: Changed heapsize to 8192 to avoid LocalAlloc - failure messages on startup. Added kadm_change_pw2 to external - interface. - - * win_glue.c (krb_get_default_user, krb_set_default_user): Have - been moved to win_store.c. - - * win_store.c: Use KERBEROS_INI and INI_xxx values in c-windows.h - rather than hard coded strings. - - * win_store.c (krb_get_default_user, krb_set_default_user): Added - to save and retieve value of "[DEFAULTS] user =" in kerberos.ini - file. - - * realmofhost.c (krb_realmofhost): Now calls krb__get_relmsfile - rather than opening up the krb.realms file directly so that - Windows version can override the location of the file. - - * win_stor.c: Stores the - -Wed Jul 27 12:00:00 1994 John Rivlin (jrivlin@fusion.com) - - * g_cnffil.c (krb__get_realmsfile): Added a routine to open - the krb.realms file so that the routine can be overridden - in Windows implementation with a routine which looks up - the name of the realms file in the kerberos.ini file. - - * win_store.c: Created to parallel the Mac implementation. - Routines in this file will provide access to the krb.conf, - krb.realms files and other configuration information. - - * ren.msg: Created entry for win_store. - - * Makefile.in: Move g_cnffile.c to REALMDBSRCS to allow - Windows to override this functionality with a routine in - win_store.c routine. - -Tue Jul 26 12:00:00 1994 John Rivlin (jrivlin@fusion.com) - - * netread.c: errno redefinition under Windows ifdefed out. - * netwrite.c: errno redefinition under Windows ifdefed out. - -Fri Jul 22 23:07:21 1994 Mark Eichin (eichin@cygnus.com) - - * rd_preauth.c (krb_rd_preauth): change interface to include the - decrypted key (since the server has already looked it up.) - -Thu Jul 21 17:24:13 1994 Mark Eichin (eichin@cygnus.com) - - * g_krbrlm.c (krb_get_lrealm): use krb__get_cnffile, don't - (mis)declare fopen. - * g_krbhst.c (krb_get_krbhst): ditto. - * g_admhst.c (krb_get_admhst): ditto. - * Makefile.in (OBJS, SRCS): build get_cnffile.c. - -Thu Jul 21 17:10:35 1994 Mark Eichin (eichin@cygnus.com) - - * g_pw_in_tkt.c (krb_get_pw_in_tkt_preauth): *MUST* continue to - allow the password not to be passed in, since there is code that - does interesting things in the passwd_to_key routine. - - * g_svc_in_tkt.c (stub_key): don't assume C_Block is a struct; use - memcpy instead of *. - - * log.c (krb_log): use char* instead of int for default args. - Don't declare fopen explicitly, let stdio.h do it. - Don't include sys/time.h under VMS. - * klog.c (klog): ditto. - -Wed Jul 20 22:34:11 1994 Mark Eichin (eichin@tweedledumber.cygnus.com) - - * rd_safe.c (krb_rd_safe): handle direction bit correctly when - krb_ignore_ip_address is set. - - * rd_priv.c (krb_rd_priv): same. - - * send_to_kdc.c: support arbitrary KDC port number in krb.conf file. - - * g_cnffile.c: new file. common interface to krb.conf. - vmslink.com: new file. linker script to build libkrb.olb under - VMS; run as @vmslink. - vmsswab.c: vms runtime doesn't have swab. - -Wed Jul 20 20:38:19 1994 Mark Eichin (eichin@cygnus.com) - - * kparse.c (strsave): only define locally if HAVE_STRSAVE isn't set. - -Tue Jul 19 12:00:00 1994 John Rivlin (jrivlin@fusion.com) - - * memcache.c (NewHandle, SetHandleSize, MemError): Updated to return - valid Mac compatable error codes. Got rid of warning messages for - pointer mismatches. - - * memcache.c (change_session_count): added routine and calls to it - to facilitate cross session ticket cacheing under Windows. - Moved fNumSessions definition up so that Windows code can get to it. - - * win_glue.c (LibMain, get_lib_instance): added to return HINSTANCE - of library which is now saved in LibMain. - -Tue Jul 19 16:08:49 1994 Ken Raeburn (raeburn@cujo.cygnus.com) - - * klog.c (klog): Leave local static array logtype_array - uninitialized, to put it in bss. - - * g_ad_tkt.c (rep_err_code): Variable deleted. - (get_ad_tkt): Make it automatic here. Local variables pkt_st, - rpkt_st, cip_st, tkt_st no longer static. - * kname_parse.c (kname_parse): Local variable buf no longer - static. - * rd_req.c (krb_rd_req): Local variables ticket, tkt, req_id_st, - seskey_sched, swap_bytes, mutual, s_kvno no longer static. - * rd_safe.c (calc_cksum, big_cksum, swap_bytes): Variables - deleted. - (krb_rd_safe): Make them automatic variables here. Local variable - src_addr no longer static. - * rd_priv.c (c_length, swap_bytes, t_local, delta_t): Variables - deleted. - (krb_rd_priv): Make them automatic variables here. Local variable - src_addr no longer static. - * mk_safe.c (cksum, big_cksum, msg_secs, msg_usecs, msg_time_5ms, - msg_time_seg): Variables deleted. - (krb_mk_safe): Make them automatic variables here. - * mk_priv.c (c_length, msg_time_5ms, msg_time_sec, msg_time_usec): - Variables deleted. - (krb_mk_priv): Make them automatic variables here. Local variable - c_length_ptr also no longer static. - - * pkt_clen.c (swap_bytes): No longer explicitly extern. - * g_ad_tkt.c (swap_bytes): Make it extern here. - - * kparse.c (LineNbr, ErrorMsg): Now static. - - * err_txt.c (krb_err_txt): Don't export this name. Make it const - again. - - * netread.c: Include errno.h. - (errno): Declare. - (krb_net_read): On EINTR, retry read. - * netwrite.c: Include errno.h. - (errno): Declare. - (krb_net_write): On EINTR, retry write. - -Mon Jul 18 19:04:03 1994 Julia Menapace (jcm@cygnus.com) - - * err_txt.c (krb_err_txt): if the C compiler can't initialize - multidimentional arrays, declare it differently (controlled by - UNIDIMENSIONAL_ARRAYS). - - * mac_stubs.c (krb_get_cred, krb_save_credentials, - krb_delete_cred, krb_get_nth_cred, krb_get_num_cred): new - functions to implement credentials caching. - - * memcache.c (krb_get_cred, krb_save_credentials, - krb_delete_cred, krb_get_nth_cred, krb_get_num_cred): actual - implementation of this functionality. - -Fri Jul 15 17:35:30 1994 John Rivlin (jrivlin@fusion.com) - - * ren.msg: updated to handle all files (changelogs, makefiles etc) - - * Makefile.in: added "-" on clean: to avoid stupid messages - - * g_pw_in_tkt.c (get_pw_in_tkt_preauth): added INTERFACE - for kinit. - - * kerberos.def: clean up, removed unused function references - - * win_glue.c (krb_start_session): fixed syntax error - - * win_glue.c (krb_end_session): fixed syntax error - -Tue Jul 12 17:35:30 1994 D. V. Henkel-Wallace (gumby@rtl.cygnus.com) - - * ren.msg: add record for g_tkt_svc.c - -Fri June 8 02:40:54 1994 John Rivlin (jrivlin@fusion.com) - - * makefile.in: Updated file with portable directory syntax for PC. - Changed .o and .a references to portable syntax - Removed all response files which needed to be generated under unix - to simplify configure process so that it may be run on the PC. - Placed objects in .lib file so that DLL construction can take place - without a response file. This solves a problem with running out of - memory on the PC during builds. - Updated clean: target to place rm commands on seperate lines for - compatibility with PC DEL command. - - * win_glue (krb_start_session): Added a dummy parameter to match - prototype. - - * win_glue (krb_end_session): Added a dummy parameter to match - prototype. - -Tue Jul 5 11:25:31 1994 Ken Raeburn (raeburn@cujo.cygnus.com) - - * err_txt.c (krb_err_txt): Now const. - (krb_get_err_text): Returns pointer to const. - * month_sname.c (month_sname): Month name array and return type - now both const. - * one.c (krbONE): Now const. - - * g_tkt_svc.c: Include string.h. - - * kntoln.c (krb_kntoln): Static variable lrealm is no longer - explicitly initialized; now in bss. - * tf_util.c (krb_shm_addr, tmp_shm_addr, krb_dummy_skey): Ditto. - * tkt_string.c (krb_ticket_string): Ditto. - - * mk_req.c (krb_mk_req): Removed "static" from many function - variables. - - * tkt_string.c (krb_set_tkt_string): Deleted extra whitespace, - unnecessary "return" statement. - -Fri Jul 1 04:50:06 1994 John Gilmore (gnu@cygnus.com) - - * macsock.c: Eliminate "TCPTB.h". - * mac_stubs.c (isname, isinst, isrealm): Remove, useless. - (krb_get_pw_in_tkt_preauth): Stub out to be the same as - krb_get_pw_in_tkt, for kinit's sake. - - * mac_stubs.c (hicall): Fix error handling somewhat. - - * Makefile.in (SRCS, OBJS): Add g_tkt_svc.c, .o. - - * kname_parse.c, rd_priv.c, rd_safe.c, unix_glue.c: Typos. - -Fri Jul 1 03:55:29 1994 John Gilmore (gnu@cygnus.com) - - Make Kerberos work in a Macintosh driver using Think C. - - * %KrbLib-project: Think C "project file" (sort of - makefile and object files rolled into one -- all binary) - for the Kerberos library built for linking into applications - (for debugging). - * %KrbLib-project-A4: Ditto, for linking into device drivers. - - * mac_stubs.c: New file, implements the function-call - interface of "kerberos.h" by making calls to a device-driver - using the hairy Mac interface of "krb_driver.h". If you - link with this, your Mac program can use a portable, clean - interface to Kerberos. - - * g_tkt_svc.c: New file, krb_get_ticket_for_service, - an "easy application kerberizer", derived from kclient. - - * err_txt.c (krb_err_txt): Avoid pointers to string initializers, - since Think C can't cope with this in device drivers. - (krb_get_err_table): Remove interface, unused. - - * month_sname.c: Avoid pointers to string initializers. - * kname_parse.c: Add FIXME comment about args. - * mac_glue.c (read, write krb_ignore_ip_address): Stub out. - * macsock.c, memcache.c, sendauth.c: Lint. Think includes. - - * mac_store.h: Eliminate static and obsolete stuff. - * mac_store.c: Update includes for Think. - (gUserName): Make static. - (krb_get_default_user, krb_set_default_user): Add. - * unix_glue.c, win_glue.c (krb_set_default_user): Add stub. - - * g_ad_tkt.c, kname_parse.c, memcache.c, mk_priv.c, mk_req.c, - mk_safe.c, pkt_clen.c, rd_priv.c, rd_safe.c: Remove uses of - printf, by using DEB macro. - - * send_to_kdc.c: Change to "krbports.h". - (DEB): Remove definition in favor of krb.h. - (all calls to DEB): Avoid passing stdout or stderr. - -Thu Jun 30 22:58:59 1994 John Gilmore (gnu@tweedledumb.cygnus.com) - - * *.c: Remove remaining RCS ID strings. Strings used as `char *' - initializers upset Think C when building device drivers, since it - doesn't have a good way to relocate the pointers when the driver - is loaded. - - * *.c: Use #include "..." rather than #include <...> for - our own local include files, because Think C can't find them - when enclosed in <...>. - -Thu Jun 30 17:48:26 1994 Ken Raeburn (raeburn@cujo.cygnus.com) - - * send_to_kdc.c (prog): Now const pointer to const. - (timeout): Static var deleted. - (send_recv): Use a local timeout structure instead, reinitialized - before each use, in case select modifies its value. - -Wed Jun 22 19:42:50 1994 Mark Eichin (eichin@cygnus.com) - - * mk_preauth.c (krb_free_preauth): New function to free up storage - allocated by krb_mk_preauth (if any.) - - * g_pw_in_tkt.c (krb_get_pw_in_tkt_preauth): use krb_free_preauth - to possibly release storage used by krb_mk_preauth. - - * g_svc_in_tkt.c (krb_get_svc_in_tkt_preauth): use - krb_free_preauth to possibly release storage used by krb_mk_preauth. - -Wed Jun 22 19:33:21 1994 Mark Eichin (eichin@cygnus.com) - - * put_svc_key.c: USE_UNISTD_H to get SEEK_CUR if neccessary. - -Wed Jun 22 18:11:49 1994 Ken Raeburn (raeburn@cujo.cygnus.com) - - * sendauth.c (krb_mk_auth): Don't call memset with BUFSIZ, since - the field in question is only MAX_KTXT_LEN bytes long. - - * in_tkt.c, mk_priv.c, mk_safe.c, pkt_cipher.c, pkt_clen.c, - rd_err.c, rd_priv.c, rd_safe.c, tf_util.c: Include string.h. - -Wed Jun 22 15:11:35 1994 John Gilmore (gnu@cygnus.com) - - * ren.msg: Add put_svc_key.c. - -Wed Jun 22 15:03:53 1994 Mark Eichin (eichin at tweedledumber.cygnus.com) - - * put_svc_key.c (put_svc_key): new file, new function. - * Makefile.in: add put_svc_key to SERVER_KRB_*. - -Tue Jun 21 01:20:44 1994 John Gilmore (gnu@cygnus.com) - - * kname_parse.c (kname_parse, isinst): Allow periods in instance - names. Pull RCS crud. - -Tue Jun 21 00:20:20 1994 John Gilmore (gnu@cygnus.com) - - * Makefile.in (all): First rule in file just calls all-really. - (all-really): Call $(ALL_WHAT) after it's been set. - * memcache.c: Remove typedef kludges to - ../../include/mt-windows.h. Add Size. WINDOWS -> _WINDOWS. - -Sat Jun 18 09:11:49 1994 John Gilmore (gnu@cygnus.com) - - Make DES library independent of krb library. - - * unix_glue.c, mac_glue.c, win_glue.c: Remove time-handling - code to ../../lib/des/*_time.c. - -Sat Jun 18 07:46:32 1994 John Gilmore (gnu@cygnus.com) - - * send_to_kdc.c (send_recv): Use SOCKET_NFDS as first arg to - select(). - * macsock.c (gethostname): Add incomplete stab at gethostname(), - under #if 0. - * cr_ciph.c, cr_tkt.c, decomp_tkt.c, g_ad_tkt.c, mac_store.c, - mk_req.c, mk_safe.c: Lint. - -Fri Jun 17 02:02:00 1994 John Gilmore (gnu@cygnus.com) - - * DNR.c: New file of MacTCP interface code. - * macsock.c: To avoid using StreamPtr in <macsock.h>, declare - fStream as unsigned long. Cast it whenever we need it. This - removes the need to include MacTCP header files in <macsock.h>. - * macsock.c, mac_glue.c: Eliminate inclusion of "mac_glue.h". - * mac_glue.h: Remove. - -Thu Jun 16 17:30:04 1994 John Gilmore (gnu@cygnus.com) - - * Makefile.in (unixmac): New target. - * g_in_tkt.c: MPW complains about types without a cast. - * mac_glue.c: Pull networking code out into macsock.c. - (krb_get_phost): Pull this; use ordinary common version. - (krb_start_session, krb_end_session): Add. - * mac_store.c (gUserName): Add definition. - Move static declarations above where they're needed. - (krb_realmofhost): Return null pointer, not KFAILURE. - * macsock.c: New file, implements socket abstraction for UDP. - * memcache.c: Update header file handling. FIXME, works on Mac, - not on Windows too. - * send_to_kdc.c (send_to_kdc): Clean up error handling. - Improve comments. Add prototype for static function. - * stime.c: #define NEED_TIME_H. Use proper type for time_t. - -Wed Jun 15 16:35:52 1994 John Gilmore (gnu@cygnus.com) - - * unix_glue.c (krb_start_session, krb_end_session): Take - args and ignore them, to match the prototypes. - -Fri Jun 10 22:52:14 1994 John Gilmore (gnu@cygnus.com) - - * g_in_tkt.c (swap_bytes): Declare extern, not common. - * mac_glue.h: New (was called MacMachineDependencies.h in - an earlier incarnation). - * mac_glue.c: Add code for time zone and Domain Name - Service resolution. - * mac_store.c: Eliminate credential storage, leaving just - configuration storage. Initialize the store whenever a - high-level routine is called and we haven't initialized. - Return result from init_store, so callers can return - KFAILURE if we can't read the config data. - * mac_store.h: Pull credential storage (now in memcache.h). - * unix_glue.c (krb_start_session, krb_end_session, - krb_get_default_user): Provide dummy ones on Unix. - -Thu Jun 9 00:47:59 1994 John Gilmore (gnu@cygnus.com) - - * Makefile.in (SRCS, OBJS): Move cr_death_pkt.c and kparse.c - to SERVER_SRCS and SERVER_OBJS. - (DELIVERABLES, INSTALL_DELIVERABLES): Replace with ALL_WHAT - and INSTALL_WHAT, which actually work. - (all-unix): Main rule for building on Unix now. - (clean): Consolidate `make clean' entries so it actually works. - -Wed Jun 8 23:47:30 1994 John Gilmore (gnu@cygnus.com) - - Further DLL support for Windows, plus, make previous - changes work on Unix again. - - * memcache.c: New file implements ticket cacheing in RAM. - * memcache.h: Interface for memcache.c. - - * win_glue.c: Remove stub interfaces for in_tkt, save_credentials, - krb_save_credentials, krb_get_cred, dest_tkt, krb_get_tf_realm. - - * g_ad_tkt.c, g_in_tkt.c: Rename save_credentials to - krb_save_credentials. - * save_creds.c (save_credentials): Remove. - * g_in_tkt.c (decrypt_tkt, krb_get_in_tkt_preauth): - Declare and use new key_proc_type and decrypt_tkt_type - typedefs for pointers to function prototypes. - (krb_get_in_tkt): Move after krb_get_in_tkt_preauth. - * mk_preauth.c (krb_mk_preauth): Declare and use key_proc_type. - - * dest_tkt.c (dest_tkt), in_tkt.c (in_tkt), g_tf_fname.c - (krb_get_tf_fullname): If ticket cache selector is null, use - default cache. (Cache selector used to be the result of - tkt_string; now tkt_string is called when it is null.) - - * send_to_kdc.c: Replace all debug printf's with calls to - the DEB macro, which is a no-op unless #define DEBUG. - Insert #ifdef DEBUG where that is inconvenient. (DLL libc - doesn't seem to have printf.) Lint. - - * g_krbrlm.c (krb_get_lrealm): Declare as INTERFACE. - Break out KRB_CONF into a static variable so we can debug it - easier. - - * g_pw_in_tkt.c (krb_get_pw_in_tkt): Declare as INTERFACE. - Give an explicit error if the supplied password is null; - this forces the caller to supply us one, rather than relying - on a Kerberos library routine to interact with the user. Lint. - (passwd_to_key): Make extern. Don't call *_read_password. - (krb_get_pw_in_tkt_preauth): Give error for null password. - (placebo_read_password): Add FIXME comment. - - * kerberos.def: Use PASCAL calling sequence (uppercase names, - no leading underlines) for interface functions. - - * in_tkt.c, g_pw_in_tkt.c, kparse.c: Remove RCS crud. - -Fri May 27 09:25:14 1994 John Gilmore (gnu@cygnus.com) - - Initial Dynamic Link Library support for MS-Windows. - - * Makefile.in: Move more files to only build on SERVER machines. - (kerberos.dll, c-krbdll.rsp): Build dynamic link library for - MS-Windows. - (kerberos.lib): Build import library for MS-Windows. - (all-windows, install-windows): New targets for MS-Windows. - - * kerberos.def: New file defines the Kerberos DLL interface. - - * winsock.def: New file defines the WinSock DLL interface that - we rely upon. This file is from FTP: - //sunsite.unc.edu/pub/micro/pc-stuff/ms-windows/winsock/winsock-1.1 - except that we made all the routine names uppercase, to match what - MicroSoft C does when you declare an interface routine PASCAL - (like all these routines). - - * err_txt.c (krb_get_err_table, krb_get_err_text): New - functions for DLL access to the error table. - - * g_admhst.c, g_cred.c, g_krbhst.c, g_phost.c, g_svc_in_tkt.c, - kname_parse.c, mk_err.c, mk_priv.c, mk_req.c, mk_safe.c, rd_err.c, - rd_priv.c, rd_req.c, rd_safe.c, realmofhost.c, recvauth.c, - sendauth.c: Add INTERFACE declaration to definitions of functions - that are exported via the DLL interface. - - * win_glue.c (win_time_gmt_unixsec): Use static storage for - _ftime() arg, since it takes a near pointer and can't point to - stack storage when SS!=DS. - (in_tkt, save_credentials, krb_save_credentials, krb_get_cred, - dest_tkt, krb_get_tf_realm, krb_set_tkt_string, - krb_ignore_ip_address): Dummy routines for now. - (LibMain, WEP): No-op routines required for DLL initialization. - (krb_start_session, krb_end_session): No-op routines required for - Kerberos Mac interface compatability. - - * save_creds.c (krb_save_credentials): Add new interface function - to replace save_credentials, which isn't well enough named to - export as part of the Kerberos interface. - - * kname_parse.c, kparse.c, rd_safe.c, send_to_kdc.c: Move - printf's under #ifdef DEBUG since printf is not usually available - in MS-Windows. Change exit()'s under "can't happen" conditions to - return statements. - - * g_krbhst.c: Clean up #ifdef'd braces so they match up. - * sendauth.c: Remove unused "extern int errno;". - * kname_parse.c: Remove unused extern of krb_err_txt. - * mk_err.c, save_creds.c: Remove RCS crud. - * ren.msg: Add rd_preauth.c and mk_preauth.c to DOS rename table. - -Wed May 25 09:17:06 1994 D V Henkel-Wallace (gumby@tweedledumb.cygnus.com) - - * g_pw_in_tkt.c: when read_password.c was inserted whole into this - file, des.h and conf.h were #include'ed, which causes circularity - problems. #include's removed; they weren't needed anyway. - -Tue May 24 00:55:30 1994 John Gilmore (gnu@cygnus.com) - - * sendauth.c: Break up into separately callable functions to - avoid pushing binary data down a socket supposedly controlled - by the kerberos library's caller. - (krb_mk_auth): New; builds a packet and returns it to you. - (krb_net_rd_sendauth): Reads a packet from the net. - (krb_check_auth): Checks an incoming response for validity. - FIXME: ATHENA_COMPAT code in here is now broken. Remove it? - FIXME: Break up into separate files so that the non file - descriptor part can be included on Mac. - - * g_admhst.c, mk_req.c: Pull RCS crud. - - * mk_req.c: Allow the realm argument to be defaulted with a null - pointer. This makes it suitable for building krb_sendauth - messages directly. - - * tf_util.c (tf_init): If argument is null, call tkt_string to - select a ticket cache. See also ../../include/krb-sed.h, where - the default argument was changed to be null. - - * send_to_kdc.c (MAX_HSTNM): Eliminate only use of this obsolete - define; use MAXHOSTNAMELEN which is set properly in each system. - - * fakeenv.c: Update copyright notice (it's now public domain, - freed by Cygnus Support, for whom the work was done for hire). - -Mon May 23 00:19:46 1994 Mark Eichin (eichin at tweedledumb.cygnus.com) - - * rd_svc_key.c (get_service_key): new function. Same as original - read_service_key except that it takes argument kvno by reference, - so the caller can figure out what key actually matched. Also - defaults to KEYFILE if file argument is NULL (instead of just - calling open with that value.) Also defaults to current realm if - realm argument not passed in. - (read_service_key): now calls get_service_key. - - * rd_safe.c (krb_rd_safe): check krb_ignore_ip_address before - deciding to fail on an IP address check. - (krb_rd_safe): remove "direction checking" code which doesn't - actually help, and can interfere if IP addresses are optional. - - * rd_req.c (krb_rd_req): check krb_ignore_ip_address before - deciding to fail on an IP address check; move test to end of - function as well (to provide more information value in the - RD_AP_BADD error return.) - - * rd_req.c: define (allocate) krb_ignore_ip_address. - - * rd_priv.c (krb_rd_priv): check global variable - krb_ignore_ip_address before deciding to fail on an IP address - check. - (krb_rd_priv): remove "direction checking" code which doesn't - actually help, and can interfere if IP addresses are optional. - - * netread.c (krb_net_read): use socket_read under VMS, assuming - MultiNet. - - * netwrite.c (krb_net_write): use socket_write under VMS, assuming - MultiNet. - - * mk_priv.c (krb_mk_priv): If private_msg_ver isn't set yet, use - the expected version (KRB_PROT_VERSION) instead. - - * Makefile.in (SRCS, OBJS): added mk_preauth, rd_preauth. - - * g_in_tkt.c (krb_get_in_tkt_preauth): New function. Supports - simple preauthentication by appending data to the initial packet. - Demonstration hooks only. - - * g_svc_in_tkt.c (krb_get_svc_in_tkt_preauth): New function. - Preauthentication support for initial tickets for servers. - (krb_svc_init): New function. An interface to krb_get_svc_in_tkt - that is provided by DEC's dss-kerberos, added here for - compatibility. - (krb_svc_init_preauth): preauthentication version of krb_svc_init. - - * g_pw_in_tkt.c (krb_get_pw_in_tkt_preauth): New function. - Higher level interface to g_in_tkt for users. - - * g_pw_in_tkt.c: in NOENCRYPTION section, pull in <sgtty.h> - under __svr4__ so the ioctls work under Solaris. - -Sat May 21 04:02:59 1994 John Gilmore (gnu@cygnus.com) - - * Makefile.in (c-libkrb.${LIBEXT}): Typos, do .o->.obj. - * gethostname.c: Simplify to call GETHOSTNAME macro. - * stime.c: Arg is *time, not time. Oops. Also simplify. - * win_glue.c: Support CONVERT_TIME_EPOCH and make it work - for the odd epoch on MSC 7.0. - (win_socket_initialize): New routine implements SOCKET_INITIALIZE. - (in_tkt, save_credentials, dest_tkt): Stubs to link kinit with. - - First FAR crap in our clean sources (sigh). - - * win_glue.c (far_fputs): Print a far string returned by WinSock. - * ad_print.c: Handle FAR pointer from inet_ntoa. - * g_phost.c: Handle FAR pointer returned by gethostby*. - - * send_to_kdc.c: Convert to WinSock plus local macros that make - compatability easier. Initialize and terminate WinSock access - each time we are called. Handle FAR pointer from get*by* and - inet_ntoa. Bind the datagram socket before using it, to get - beyond a bug in FTP Software's WinSock libraries. Improve debug - messages. - -Thu May 19 22:57:13 1994 John Gilmore (gnu@cygnus.com) - - More Windows support. - - * Makefile.in (LIBEXT): Use everywhere. - (SERVER_KRB_{SRCS,OBJS}): Rename from SERVERSIDE*. - (ARCHIVEARGS): Implement MSC LIB support. - (####): Move insertion point of host-configuration fragments - down so they can override the various Makefile macros. - (libkrb.$(LIBEXT)): Avoid keeping a .bak file. Use ARCHIVEARGS. - (unixdos): New target for things that have to run on Unix - after configuring for DOS. (FIXME, make these work on DOS.) - (c-libkrb.$(LIBEXT)): Build control file for MSC. This - currently must run on Unix (FIXME). - - * stime.c: Use CONVERT_TIME_EPOCH. - -Sat May 14 00:49:11 1994 John Gilmore (gnu@cygnus.com) - - More Macintosh merging. - - * Makefile.in (CACHESRCS, CACHEOBJS, REALMDBSRCS, REALMDBOBJS, - SERVERSIDESRCS, SERVERSIDEOBJS): Update the lists of files that - belong to each category. - * unix-glue.c, mac-glue.c, win-glue.c: Rename to unix_glue.c, - mac_glue.c, win_glue.c. - * g_ad_tkt.c: Improve comments on cross-realm support. - * g_phost.c: Remove RCS crud. - * store.c, store.h: Rename to mac_store.c, mac_store.h. Insert - all the Kerberos glue routines needed to talk to the Cygnus code. - -Fri May 13 17:40:02 1994 John Gilmore (gnu@cygnus.com) - - * Makefile.in (SERVERSIDESRCS, SERVERSIDEOBJS): Create - as lists of lib/krb files only used on servers, so they can - be avoided when on client-only machines. - (CACHESRCS, CACHEOBJS): Put all the rightful files in there. - * realmofhost.c: Pull <sys/param.h> and default MAXHOSTNAMELEN. - * dest_tkt.c, realmofhost.c, tf_shm.c: Remove RCS crud. - * rd_safe.c, tf_shm.c: Remove errno declaration, <errno.h>, etc. - * mk_priv.c: Comment changes. - * g_ad_tkt.c: Remove obsolete defn of <sys/time.h>. - -Fri May 13 12:17:32 1994 John Gilmore (gnu@cygnus.com) - - Macintosh changes. - - * store.h, store.c: Ticket storage in memory on the Mac. - * mac-glue.c: New file, deals with OS and time interface. - * Makefile.in: Pull tf_util.[co] out into CACHESRCS and - CACHEOBJS, so it can be excluded on Mac and Windows. - * g_in_tkt.c: Don't declare signed difference t_diff as unsigned! - * g_ad_tkt.c, rd_safe.c, rd_req.c, rd_priv.c, mk_safe.c, mk_req.c: - Remove <sys/time.h>. Use TIME_GMT_UNIXSEC and clean up datatype - issues around clock-skew/ticket-replay checking. Remove __i960__ - conditionals, which should be handled by changing CLOCK_SKEW in - 960-specific config files. - * mk_priv.c: Rename TIME_GMT_UNIXSEC_MS to TIME_GMT_UNIXSEC_US. - * setenv.c: Remove <sys/types.h>. - * rd_priv.c, mk_safe.c: Remove <errno.h>, and decls of errno and - errmsg. - * rd_req.c, stime.c, mk_safe.c: Remove RCS crud. - -Fri May 13 02:02:56 1994 John Gilmore (gnu@cygnus.com) - - * Makefile.in: Support glue files for each major architecture - (Unix, mac, windows). Replace {} with () for DOS NMAKE. - Build krb_err.h without `make depend'. Remove -DBSD42 since it - is no longer used. - * unix-glue.c: New file, interfaces to Unix gettimeofday. - * win-glue.c: New file, interfaces to Windows _ftime. - * g_in_tkt.c, mk_priv.c: Pull <sys/time.h>, use new macro interface - TIME_GMT_UNIXSEC to get the time. - * gethostname.c: Pull BSD42. Insert FIXME comments about the - poor DOS support. - * mk_priv.c: Pull <errno.h>, errno, and errmsg as unused. - - * ad_print.c: Pull <arpa/inet.h>, which is now in <krb.h>. - * decomp_tkt.c: Add file name to title comments. - * fakeenv.c: Pull <sys/types.h> and <stdio.h>. - * g_phost.c: Replace <netdb.h> and <osconf.h> with <krb.h>. - * ren.msg: Remove get_request.c (g_request.c), now gone. - * send_to_kdc.c: Pull <netdb.h>. - * setenv.c: Add "conf.h" for non-cmd-line configuration. - -Sun May 8 23:34:16 1994 John Gilmore (gnu@cygnus.com) - - Include-file straightening: Remove Unix include - files from as many routines as possible -- particularly - <sys/types.h> and network include files. - - * ad_print.c: Use DEFINE_SOCKADDR to get struct sockaddr_in. - Lint. Pull RCS crud. - * cr_err_repl.c, tf_shm.c, tf_util.c, tkt_string.c: Pull - <sys/types.h>. - * cr_tkt.c, decomp_tkt.c: Pull <stdio.h>. - * dest_tkt.c, in_tkt.c, mk_err.c: Pull <sys/types.h> - * g_ad_tkt.c: Pull <sys/types.h>, <errno.h>, RCS crud. - * g_cred.c: Pull RCS crud, add <string.h>. - * g_in_tkt.c: Pull <sys/types.h>, <errno.h>, <stdio.h>, RCS crud. - * g_tf_fname.c: Lint, pull RCS crud. - * kuserok.c: <pull <sys/types.h> and <sys/socket.h>. - * rd_err.c: Pull <stdio.h>, <errno.h>, <sys/types.h>, <sys/times.h>. - * mk_priv.c, mk_safe.c, rd_err.c, rd_priv.c, rd_safe.c, - recvauth.c, send_to_kdc.c, sendauth.c: Use DEFINE_SOCKADDR to get - struct sockaddr_in. - * cr_tkt.c, debug.c, mk_safe.c, rd_err.c, rd_safe.c, recvauth.c, - sendauth.c: Pull RCS crud. - * rd_safe.c, sendauth.c: Lint. - * strcasecmp.c: Remove <sys/types.h> and change the few - occurrances of u_foo types to `unsigned foo'. Pull SCCS crud(!). - -Sun May 8 19:24:08 1994 John Gilmore (gnu@cygnus.com) - - * add_tkt.c, ext_tkt.c: Remove, unused. As its comments say: - This routine is now obsolete. It used to be possible to request - more than one ticket at a time from the authentication server, and - it looks like this routine was used by the server to package the - tickets to be returned to the client. - - * g_request.c: Remove, unused. Its comments: - This procedure is obsolete. It is used in the kerberos_slave - code for Version 3 tickets. - - * getopt.c: Remove, unused. - * Makefile.in: Remove unused files. - -Sat May 7 13:44:20 1994 John Gilmore (gnu@cygnus.com) - - * krbglue.c: Remove, unused. Mark Eichin says: - krbglue, if I recall correctly, was backwards compatibility code so - that programs that were written with V3 could be relinked with V4 - without recompiling. The Zephyr code used it at one point, though I - doubt it does anymore. It's probably sufficient to note that in the - cvs log when you delete it. - - * krbglue.c, recvauth.c, sendauth.c: Lint. - -Fri May 6 21:11:10 1994 John Gilmore (gnu@cygnus.com) - - * ren-cyg.sh, ren-pc.sh, ren-pl10.sh, ren.msg.sh, ren2dos, - ren2long.sh sed-cyg.sh, ren-pc.bat, sed-pc.sh: Update for final - DOS renaming. - -Fri May 6 18:32:11 1994 John Gilmore (gnu@cygnus.com) - - * rd_priv.c, mk_priv.c, rd_safe.c, mk_safe.c: Rename include - file "lsb_addr_comp.h" to "lsb_addr_cmp.h" for DOS/SYSV. - -Fri May 6 02:10:50 1994 John Gilmore (gnu@cygnus.com) - - * krbglue.c: Move Kerberos function prototypes to ../include/krb.h. - Yank RCS. Lint. - * mk_priv.c (krb_mk_priv), rd_priv.c (krb_rd_priv): Lint. Yank RCS. - -Thu May 5 12:49:34 1994 John Gilmore (gnu@cygnus.com) - - * decomp_tkt.c: Remove need for <sys/file.h> under KRB_CRYPT_DEBUG - by using stdio. Call krb_log, not log. Lint. Remove RCS ID's. - - * g_tf_realm.c: Lint. - -Tue Apr 26 20:54:29 1994 John Gilmore (gnu@tweedledumb.cygnus.com) - - Massive file renaming for DOS compatability. - - * ren.msg, ren-cyg.sh, sed-cyg.sh: New files. - - * Imakefile, Makefile.in: File names edited throughout. - - * add_ticket.c, cr_auth_reply.c, cr_err_reply.c, create_ciph.c, - create_ticket.c, debug_decl.c, decomp_ticket.c, extract_tkt.c, - get_ad_tkt.c, get_admhst.c, get_cred.c, get_in_tkt.c, get_krbhst.c, - get_krbrlm.c, get_phost.c, get_pw_tkt.c, get_request.c, get_svc_in.c, - get_tf_fname.c, get_tf_realm.c, getrealm.c, k_gethostname.c, - krb_err_txt.c, krb_get_in.c, read_svc_key.c, util.c: Renamed. - - * ad_print.c, add_tkt.c, cr_auth_repl.c, cr_ciph.c, cr_err_repl.c, - cr_tkt.c, debug.c, decomp_tkt.c, err_txt.c, ext_tkt.c, g_ad_tkt.c, - g_admhst.c, g_cred.c, g_in_tkt.c, g_krbhst.c, g_krbrlm.c, - g_phost.c, g_pw_in_tkt.c, g_pw_tkt.c, g_request.c, g_svc_in_tkt.c, - g_tf_fname.c, g_tf_realm.c, gethostname.c, rd_svc_key.c, - realmofhost.c: Same files, renamed. - -Sun Jan 30 17:28:57 1994 Ken Raeburn (raeburn@cujo.cygnus.com) - - * getrealm.c (krb_realmofhost): Rearrange loop so that strcasecmp - is called only once for domains listed in krb.conf, and exiting - function is cleaner. - diff --git a/src/lib/krb5/ChangeLog b/src/lib/krb5/ChangeLog deleted file mode 100644 index 3f84fd3b8..000000000 --- a/src/lib/krb5/ChangeLog +++ /dev/null @@ -1,608 +0,0 @@ -2006-04-02 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-26 Ken Raeburn <raeburn@mit.edu> - - * krb5_libinit.c (krb5int_lib_init): Register callback function - for lower-level error-info support routines. - (krb5int_lib_fini): Clear the callback function. - * libkrb5.exports: Export new error-message functions. - -2005-11-14 Jeffrey Altman <jaltman@mit.edu> - - * krb5_libinit.c: include k5-int.h instead of krb5.h - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use K5_AC_INIT instead of AC_INIT. - -2005-02-17 Ken Raeburn <raeburn@mit.edu> - - * krb5_libinit.c (krb5int_lib_fini): Only show "skipping" message - if SHOW_INITFINI_FUNCS is defined. - -2005-02-08 Ken Raeburn <raeburn@mit.edu> - - * krb5_libinit.c (krb5int_lib_init, krb5int_lib_fini): If - SHOW_INITFINI_FUNCS is defined, print tracing messages. - - * Makefile.in (LIBINITFUNC, LIBFINIFUNC): Define. - -2005-01-17 Jeffrey Altman <jaltman@mit.edu> - - * krb5_libinit.c: implement library cleanup of mutexes, static vars, etc - -2005-01-04 Jeffrey Altman <jaltman@mit.edu> - - * libkrb5.exports: add krb5_is_thread_safe - -2004-11-18 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SHLIB_EXPLIBS): Remove -ldl accidentally added in - last change. - -2004-11-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS, SHLIB_EXPLIBS): Add support - library. - -2004-08-08 Ken Raeburn <raeburn@mit.edu> - - * libkrb5.exports: Remove memory ccache symbols except ops table. - -2004-06-18 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (OBJFILEDEP, OBJFILELIST) [DOS]: Include locally - built object files. - (OBJFILE, LIBOBJS, LOCALINCLUDES) [DOS]: Define. - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (MAC_SUBDIRS): Don't set. - -2004-06-15 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LOCALINCLUDES): Add $srcdir/os. - - * krb5_libinit.c: Include os-proto.h. - (krb5int_lib_init): Initialize krb5int_us_time_mutex. - - * libkrb5.exports: Drop krb5_init_ets, krb5_free_ets, - krb5_kt_default_vno, and krb5int_profile_shared_data. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBBASE): Renamed from LIB. - -2004-06-02 Ken Raeburn <raeburn@mit.edu> - - * krb5_libinit.c (initialized): Variable deleted, all references - removed. - (krb5int_lib_init): Initialize error tables here, including k524. - (krb5int_initialize_library): Don't do it here. - (krb5int_lib_fini): Remove k524 error table too. - -2004-05-27 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (LOCALINCLUDES): Include ccache, keytab and rcache - directories. - - * krb5_libinit.c: Include cc-int.h, kt-int.h, rc-int.h for - init/fini prototypes. - -2004-05-05 Ken Raeburn <raeburn@mit.edu> - - * libkrb5.exports: Export krb5int_foreach_localaddr for now. - -2004-04-24 Ken Raeburn <raeburn@mit.edu> - - * krb5_libinit.c: Include k5-platform.h. - (krb5int_lib_init, krb5int_lib_fini): New init/fini functions. - Call the corresponding functions for the ccache, keytab, and - rcache code. Incorporate the finalization code from - krb5int_cleanup_library. - (krb5int_initialize_library): Make sure the init function runs - successfully. - (krb5int_cleanup_library): Now empty. - -2004-04-22 Ken Raeburn <raeburn@mit.edu> - - * libkrb5.exports: New file. - -2003-12-23 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Remove basic checks for header files and - functions, now moved into include/configure.in. - -2003-08-21 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't substitute LIBOBJS, newer autoconfs don't - like it. - -2003-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't replace any missing system functions. Just - set LIBOBJS empty for now and substitute it. - -2003-08-13 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't check for or replace vfprintf, vsprintf, - strerror, memmove, or sscanf, all part of C 89. - -2003-07-15 Ken Raeburn <raeburn@mit.edu> - - * krb5_libinit.c: Include autoconf.h. - -2003-03-07 Alexandra Ellwood <lxs@mit.edu> - - * krb5_libinit.c: Changed USE_HARDCODED_FALLBACK_ERROR_TABLES macro - to !USE_BUNDLE_ERROR_STRINGS so Darwin based builds get com_err - style error tables. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * krb5_libinit.c: Removed Mac OS X header goober. Conditionalize - CCAPI calls on USE_CCAPI so Darwin builds work. - -2003-02-04 Tom Yu <tlyu@mit.edu> - - * configure.in: Add KRB5_SIGTYPE and CHECK_SIGNALS for - os/prompter.c. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't explicitly invoke AC_PROG_INSTALL. - - * configure.in: Use V5_AC_OUTPUT_MAKEFILE instead of - K5_GEN_MAKEFILE and K5_AC_OUTPUT. - - * Makefile.in: Add AC_SUBST_FILE marker for lib_frag and libobj_frag. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-22 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SUBDIROBJLISTS): New variable. - -2002-07-09 Ken Raeburn <raeburn@mit.edu> - - * krb5_libinit.c: Put # for cpp directives in first column. - -2002-07-03 Alexandra Ellwood <lxs@mit.edu> - - * krb5_libinit.c: Conditionalized error table loading for - Mac OS X. Error tables should always be loaded on other - platforms. - - * krb5_libinit.c: Added an include for com_err.h since - it is not included by error table headers on Mac OS X. Also - fixed busted check for Mac OS - - [pullups form 1-2-2-branch] - -2002-06-25 Alexandra Ellwood <lxs@mit.edu> - - * krb5_libinit.c: Added an include for com_err.h since - it is not included by error table headers on Mac OS X. Also - fixed busted check for Mac OS - - * krb5_libinit.c: added #define for Mac OS X so - that krb5int_cleanup_library calls krb5_stdcc_shutdown. - - [pullups from 1-2-2-branch] - -2002-06-09 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't set up keytab/file or keytab/srvtab - subdirectories. - * Makefile.in (STOBJLISTS): Delete keytab/file/OBJS.ST and - keytab/srvtab/OBJS.ST. - -2002-03-06 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBMINOR): Bump due to changes in error tables. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * krb5_libinit.c: Drop _MSDOS support. - -2001-09-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SRCS): Use $(srcdir) not $(subdir). - -2001-07-30 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Add KRB5_GETSOCKNAME_ARGS and KRB5_GETPEERNAME_ARGS. - -2001-06-11 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Test for strptime() prototype. Debian linux has - strptime in the C library but does not provide a prototype. - -2001-04-26 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't use HAS_ANSI_VOLATILE. - -2001-04-25 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Moved test for socklen_t to include directory. - -2001-03-05 Tom Yu <tlyu@mit.edu> - - * configure.in: Check for sys/filio.h for FIONBIO. - -2000-12-18 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Look for socklen_t, define HAVE_SOCKLEN_T if - found. - -2000-11-01 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Use AC_C_CONST instead of AC_CONST. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * krb5_libinit.c: Include krb5_libinit.h for prototypes. - -2000-10-10 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Check for getifaddrs and ifaddrs.h. - -2000-09-21 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Add AC_TYPE_OFF_T for off_t declaraion. - -2000-08-29 Tom Yu <tlyu@mit.edu> - - * configure.in: Don't generate keytab/db/Makefile, since it isn't - used. - - * Makefile.in: Garbage collect a little. Don't include keytab/* - directories directly on $(LOCAL_SUBDIRS), as keytab/Makefile.in - lists them itself. - -2000-07-14 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't generate Makefile in ccache/file, - ccache/stdio, ccache/memory. - * Makefile.in (LOCAL_SUBDIRS, LIB_SUBDIRS, LIBDONE, STOBJLISTS): - Delete references to those directories. - -2000-07-01 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPLIBS): Use $(LIBS) not @RESOLV_LIB@ in - order to get -lnsl, -lsocket, etc. if necessary. - -2000-06-23 Tom Yu <tlyu@mit.edu> - - * Makefile.in (LIBMAJOR, LIBMINOR): Bump version. - -2000-06-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SHLIB_EXPLIBS): Add @RESOLV_LIB@. - -2000-05-31 Wilfredo Sanchez <tritan@mit.edu> - - * configure.in: Check for existance of <memory.h>. - [from Nathan Neulinger <nneul@umr.edu>] - -2000-03-14 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Check for gethostbyname2. - -Tue Feb 22 10:20:57 2000 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (clean-unix): Add clean-libobjs. - -2000-01-24 Tom Yu <tlyu@mit.edu> - - * krb5_libinit.c: Conditionalize call to stdcc_shutdown(). - - * configure.in: Fix to build library objects in this directory. - - * Makefile.in (STOBJLISTS): Fix to actually build krb5_libinit.o. - - * krb5_libinit.c: Fix to use 0 and 1 instead of false and true. - -Fri Jan 21 22:47:00 2000 Miro Jurisic <meeroh@mit.edu> - - * Makefile.in: added krb5_libinit.[co] - * krb5_libinit.[ch]: new files, contain library initialization - and cleanup code - -1999-12-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBMINOR): Update to 2. - -1999-06-13 Geoffrey King <gjking@mit.edu> - - * Makefile.in: - * configure.in: Add new subdirectory keytab/srvtab. - -Tue May 18 19:52:56 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Remove - from recursive Win32 make invocation. - -Mon May 17 14:09:28 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Make directories for clean-windows target lowercase - like everywhere else. - -Mon May 10 15:23:34 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - - * configure.in: Add test for the fcntl.h header file. - -Thu Jul 30 13:12:57 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * configure.in: Test for sa_len so localaddr works on NetBSD. - -Sun Jul 26 17:46:47 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * Makefile.in (LIBMAJOR): bump to 2 - -Wed Apr 15 18:07:20 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): - (SHLIB_EXPLIBS): Rename libcrypto -> libk5crypto. - -Fri Feb 27 23:15:28 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPLIBS): Replace @SHLIB_GEN@ with @GEN_LIB@ - -Fri Feb 27 18:00:15 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in: Move the regular expression function tests into - aclocal.m4, since they also need to be shared by - lib/kadm5's configure script. - - * configure.in: Move tests from all of krb5's subdirectories into - this configure.in, and make it generate makefiles for all - of the subdirectories. - - * Makefile.in: Add a LOCAL_SUBDIRS macro for all subdirectories in - the krb5 library. - -Wed Feb 18 16:18:18 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Sat Feb 14 10:37:26 1998 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Remove USE_ANAME, and the defines for ANAME_DBDEP and - ANAME_DBLIB as they are no longer used. - - * Makefile.in: Remove unused ANAME_DBDEP and ANAME_DBLIB definitions. - -Fri Feb 13 15:26:42 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in, configure.in: Remove the free directory from the - list of subdirectories to be built. (All functions moved - into lib/krb5/free/kfree.c) - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in: Use AC_CONFIG_DIRS instead of CONFIG_DIRS, and - remove use of DO_SUBDIRS. - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Fri Jul 25 15:24:41 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Bump version due to et changes. - -Sat Feb 22 01:37:03 1997 Sam Hartman <hartmans@luminous.MIT.EDU> - - * Makefile.in (LIBMINOR): Bump minor version - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - -Fri Feb 7 21:48:10 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Add rule to install libraries. - -Fri Jan 3 16:47:59 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to use new KRB5_BUILD_LIBRARY_WITH_DEPS - macro. - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Mon Nov 18 20:42:39 1996 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Set shared library version to 1.0. [krb5-libs/201] - -Wed Oct 23 01:15:40 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * configure.in, Makefile.in: Check to see if the -lgen library - exists; if so, add it to the SHLIB_LIBS line, since it - will be needed by an_to_ln.c, in all probability. - -Fri Jun 7 17:38:09 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (all-windows, clean-windows): Use full directory - name "error_tables" when building under Windows so that - the build will work correctly under VFAT and NTFS filesystems. - -Thu Jun 6 00:04:38 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (all-windows): Don't pass $(LIBCMD) on the command - line. It's set in the windows.in prologue for all Makefiles anyway. - -Mon May 20 10:56:51 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * Makefile.in (libkrb5.$(STEXT)): fix sense of test; also deal - with new improved libupdate - -Tue Apr 30 16:31:50 1996 Ken Raeburn <raeburn@cygnus.com> - - * Makefile.in (libkrb5.$(STEXT)): Set a variable with or without - "--force" and use it, instead of duplicating the rest of the - code. Use LIBDONE as list to process, so berk_db will be skipped - when not in use. Check exit status of LIBUPDATE invocation. - Remove library before creating as workaround for libupdate bug. - -Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Folded in danw's changes to allow - building Makefiles for the Macintosh. We now can build - MPW makefiles which are interpreted by CodeWarrior. - -Sat Jan 27 18:25:42 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * configure.in (hashloc): Fix quoting so it makes it into the Makefile. - -Mon Jan 22 15:23:05 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Merge in berk_db library if needed. - - * Makefile.in (LIB_SUBDIRS): Get location of berk_db from - configure if needed. - -Wed Dec 13 07:09:30 1995 Chris Provenzano (proven@mit.edu) - - * Makefile.in : Move db keytab routines to lib/kdb. - -Tue Dec 5 20:57:06 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in: Removed dependency on krb4 library in building - shared library. - -Fri Nov 3 21:31:44 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Added the ccache/memory subdirectory. - -Fri Oct 6 22:05:44 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Oct 2 11:12:24 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in (V5_MAKE_SHARED_LIB): Change rule to install - version 0.1 of the library. Pass the libcrypto and - libcom_err version number to Makefile - - * Makefile.in (CRYPTO_VER): Get the proper libcrypto version number - -Mon Sep 25 17:01:48 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 13 11:11:38 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: Put back in all:: all-$(WHAT) rule--PC needs it. - -Fri Jun 30 14:43:38 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Add Berkeley database code here. Remove typo in - libupdate section. - -Wed Jun 28 21:25:29 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: with static libs, we need install-unix, not install. - -Mon Jun 26 17:36:53 1995 Sam Hartman <hartmans@tardis.MIT.EDU> - - * Makefile.in (install-unix): This should be generated by configure.in, not Makefile.in. My typo was there, not here. - -Sun Jun 25 08:24:46 1995 Tom Yu (tlyu@dragons-lair) - - * Makefile.in: Typo: install-mac was really supposed to be - install-unix - -Fri Jun 23 12:15:02 1995 Sam Hartman <hartmans@tardis.MIT.EDU> - - * configure.in: Typo: krb5_cv_staticlibs_enabled, not - krb5_cv_enable_staticlibs - -Thu Jun 22 18:03:35 1995 Sam Hartman (hartmans@tardis) - - * Makefile.in: Treat libcom_err.a as shared, use new conventions - regarding static version. - - -Fri Jun 16 11:16:44 EDT 1995 Paul Park (pjpark@mit.edu) - * configure.in - Add shared library install target. - - -Thu Jun 15 18:08:12 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Add definitions for shared library build rules. Also, - remove explicit "all" target at front so we do subdirectories - first. - * configure.in - Create symlinks for archive and shared library when - we build them. - -Fri Jun 9 18:51:24 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. Use DO_SUBDIRS to - recurse down subdirectories. - -Fri May 26 20:12:37 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for building shared libraries. - -Sat Apr 22 10:58:49 1995 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * configure.in: Add rule for make check to descend to subdirs - -Fri Apr 21 20:47:35 1995 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: Added the profile directory for the profile routines. - -Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: cleaned up for the PC - -Wed Mar 15 12:26:21 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made so it recurses into the subdirs for the PC. - -Fri Nov 18 00:17:47 1994 Mark Eichin <eichin@cygnus.com> - - * configure.in: move WITH_CCOPTS, WITH_KRB5ROOT. - -Wed Nov 2 02:35:44 1994 Mark W. Eichin (eichin@paycheck.cygnus.com) - - * Makefile.in (libkrb5.a): done needs a trailing semicolon if it - isn't followed by a newline, as does fi, with certain shells. - -Tue Nov 1 14:56:47 1994 (tytso@rsx-11) - - * Makefile.in: Change the way libupdate works so that we use - libkrb5.stamp to determine whether or not $arcmd needs to - be rerun. - - * Makefile.in: - * configure.in: Change the way the library is built to use the - libupdate script. - -Mon Oct 3 21:11:19 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: make install obey $(DESTDIR) - -Thu Aug 4 03:42:31 1994 Tom Yu (tlyu@dragons-lair) - - * configure.in: oops look for install program - - * Makefile.in: make install fixes - diff --git a/src/lib/krb5/asn.1/ChangeLog b/src/lib/krb5/asn.1/ChangeLog deleted file mode 100644 index cb01f9e4d..000000000 --- a/src/lib/krb5/asn.1/ChangeLog +++ /dev/null @@ -1,1297 +0,0 @@ -2006-04-02 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2005-11-14 Jeffrey Altman <jaltman@mit.edu> - - * krb5_decode.c, krb5_encode.c: include k5-int.h instead of krb5.h - -2005-10-03 Tom Yu <tlyu@mit.edu> - - * asn1_get.c (asn1_get_tag_2): Patch from Zhihong Zhang to properly - handle tag numbers >= 30. - -2005-03-04 Ken Raeburn <raeburn@mit.edu> - - * asn1_encode.c (asn1_encode_generaltime): If gmtime_r returns int - instead of pointer, do the appropriate error checking. - -2004-12-28 Ezra Peisach <epeisach@mit.edu> - - * asn1_decode.c (asn1_decode_generaltime): Fix memory leak when - time sent is "19700101000000Z". - -2004-08-31 Tom Yu <tlyu@mit.edu> - - * asn1buf.c: Fix denial-of-service bug. - - * asn1buf.c: - * krb5_decode.c: Fix double-free vulnerabilities. - -2004-06-10 Ken Raeburn <raeburn@mit.edu> - - * asn1_encode.c (asn1_encode_generaltime): Fix memcpy argument to - actually be a pointer. - (asn1_encode_enumerated): Drop "const" from scalar argument type. - * asn1_encode.h (asn1_encode_integer, asn1_encode_enumerated, - asn1_encode_unsigned_integer, asn1_encode_octetstring, - asn1_encode_charstring, asn1_encode_printablestring, - asn1_encode_ia5string, asn1_encode_generaltime, - asn1_encode_generalstring): Drop "const" from scalar argument - types. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * asn1_encode.c (asn1_encode_generaltime): Use gmtime_r if - available. - -2004-04-24 Ken Raeburn <raeburn@mit.edu> - - * asn1_decode.c (asn1_decode_generaltime): If the input string is - the magic UNIX time zero, bypass all the arithmetic and return 0. - * asn1_encode.c (asn1_encode_generaltime): If the input time - value is the UNIX epoch, use a hardcoded string instead of doing - the math. - -2003-10-08 Tom Yu <tlyu@mit.edu> - - * asn1_k_encode.c (asn1_encode_krb_saved_safe_body): New function; - kludge to insert a raw pre-encoded KRB-SAFE-BODY. - - * asn1_k_encode.h (asn1_encode_krb_saved_safe_body): Add - prototype. - - * krb5_decode.c (decode_krb5_safe_with_body): New function; saves - a copy of the encoding of the KRB-SAFE-BODY to avoid problems - caused by re-encoding it during verification. - - * krb5_encode.c (encode_krb5_safe_with_body): New function; - re-encode a KRB-SAFE using a saved KRB-SAFE-BODY encoding, to - avoid trouble with re-encoding a KRB-SAFE-BODY. - -2003-07-22 Sam Hartman <hartmans@avalanche-breakdown.mit.edu> - - * asn1_k_decode.c (asn1_decode_etype_info2_entry_1_3): Decoder for - the broken 1.3 ASN.1 behavior for etype_info2; see bug 1681. - - * asn1_k_decode.h (asn1_decode_etype_info2): Add v1_3_behavior - flag for parsing the broken 1.3 behavior of using an octetString - instead of generalString - - * asn1_k_decode.c (asn1_decode_etype_info2_entry): Expect etype_info2 as generalstring not octetstring - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-06-20 Sam Hartman <hartmans@mit.edu> - - * asn1_k_decode.h (asn1_decode_etype_info2): Prototype. Also - deleted prototype for asn1_decode_etype_info_entry as that is not - used outside asn1_k_decode.c - - * krb5_decode.c (decode_krb5_etype_info2): Call etype_info2 decoder - - * asn1_k_decode.c (asn1_decode_etype_info_entry): Split out - etype_info2 and etype_info decoder so we ignore tag 2 in the - heimdal encoder - (asn1_decode_etype_info2): new function - -2003-05-23 Sam Hartman <hartmans@mit.edu> - - * asn1_k_decode.c (asn1_decode_etype_info_entry): Fix logic error - that incorrectly set up s2kparams.data - -2003-05-20 Ezra Peisach <epeisach@bu.edu> - - * asn1_k_encode.c (asn1_encode_krb_safe_body): Use - asn1_encode_unsigned_integer for sequence number. - - * asn1_k_decode.c (asn1_decode_krb_safe_body): Use - asn1_decode_seqnum to decode sequence number. - - -2003-05-18 Tom Yu <tlyu@mit.edu> - - * asn1_decode.c (asn1_decode_maybe_unsigned): New function; decode - negative 32-bit numbers into positive unsigned numbers for the - sake of backwards compatibility with old code. - - * asn1_decode.h: Add prototype for asn1_decode_maybe_unsigned. - - * asn1_k_decode.c (asn1_decode_seqnum): New function; wrapper - around asn1_decode_maybe_unsigned. - - * asn1_k_decode.h: Add prototype for asn1_decode_seqnum. - - * krb5_decode.c (decode_krb5_authenticator) - (decode_krb5_ap_rep_enc_part, decode_krb5_enc_priv_part): Sequence - numbers are now unsigned. Use asn1_decode_seqnum to handle - backwards compat with negative sequence numbers. - - * krb5_encode.c (encode_krb5_authenticator) - (encode_krb5_ap_rep_enc_part, encode_krb5_enc_priv_part): Sequence - numbers are now unsigned. - -2003-05-06 Sam Hartman <hartmans@mit.edu> - - * krb5_decode.c (decode_krb5_etype_info2): New function; currently - the same code as decode_krb5_etype_info. This means that we can - manage to accept s2kparams in etype_info which is wrong but - probably harmless. - - * asn1_k_decode.c (asn1_decode_etype_info_entry): Add etype_info2 - support - - * asn1_k_encode.c (asn1_encode_etype_info_entry): Add support for - etype-info2 - - * krb5_encode.c (encode_krb5_etype_info2): New function - -2003-04-15 Sam Hartman <hartmans@mit.edu> - - * krb5_encode.c (encode_krb5_setpw_req): new function - -2003-04-13 Ezra Peisach <epeisach@mit.edu> - - * asn1_k_decode.c (asn1_decode_kdc_req_body): Fix memory leak if - optional server field is lacking, - -2003-03-11 Ken Raeburn <raeburn@mit.edu> - - * asn1_get.c (asn1_get_tag): Deleted. - (asn1_get_tag_2): Renamed from asn1_get_tag_indef, now uses a - pointer to taginfo rather than a bunch of pointer args. - (asn1_get_id, asn1_get_length): Folded into asn1_get_tag_2. - (asn1_get_sequence): Call asn1_get_tag_2. - * asn1_get.h (taginfo): New structure. - (asn1_get_tag_indef, asn1_get_tag, asn1_get_id, asn1_get_length): - Declarations deleted. - (asn1_get_tag_2): Declare. - * asn1_decode.c (setup): Declare only a taginfo variable. - (asn1class, construction, tagnum, length): New macros. - (tag): Call asn1_get_tag_2. - * asn1_k_decode.c (next_tag, get_eoc, apptag, end_sequence_of, - end_sequence_of_no_tagvars, asn1_decode_krb5_flags): Call - asn1_get_tag_2; if no error, copy out values into scalar - variables. - (asn1_decode_ticket): Call asn1_get_tag_2. - * asn1buf.c (asn1buf_skiptail): Call asn1_get_tag_2. - * krb5_decode.c (check_apptag, next_tag, get_eoc): Call - asn1_get_tag_2; if no error, copy out values into scalar - variables. - (decode_krb5_enc_kdc_rep_part): Call asn1_get_tag_2. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-12-23 Ezra Peisach <epeisach@bu.edu> - - * asn1_k_decode.c (asn1_decode_sam_challenge_2_body): Add - unused_var declaration to cleanup warnings. Signed/unsigned fix as - well. - -2002-11-07 Ezra Peisach <epeisach@bu.edu> - - * asn1_k_encode.c (asn1_encode_sam_challenge_2): Test for error - returned from asn1buf_insert_oxtetstring and cleanup strctures - properly. - - * asn1_k_decode.c (asn1_decode_sam_challenge_2_body): Change - sequence_of/end_sequence_of to use - sequence_of_no_tagvars/end_sequence_of_no_tagravs to avoid - shadowing variables. - -2002-11-07 Ezra Peisach <epeisach@bu.edu> - - * asn1_k_encode.c (add_optstring): Add optional string only if - length > 0. - -2002-11-05 Tom Yu <tlyu@mit.edu> - - * asn1_encode.h (asn1_encode_oid): - * asn1_encode.c (asn1_encode_oid): New function. - - * asn1_decode.h (asn1_decode_oid): - * asn1_decode.c (asn1_decode_oid): New function. - -2002-10-30 Ken Hornstein <kenh@cmf.nrl.navy.mil> - - * KRB5-asn.py: Fix definition for sam-pk-for-sad element. - -2002-10-24 Ken Hornstein <kenh@cmf.nrl.navy.mil> - - * KRB5-asn.py, asn1_k_decode.c, asn1_k_decode.h, asn1_k_encode.c, - asn1_k_encode.h, krb5_decode.c, krb5_encode.c: New functions, - prototypes, and ASN.1 definitions for the new hardware - preauthentication protocol. - -2002-07-02 Sam Hartman <hartmans@mit.edu> - - * asn1_encode.h: Document asn1_encode_enumerated - - * asn1_encode.c (asn1_encode_enumerated): New function; split out - asn1_encode_integer's guts into asn1_encode_integer_interal and - add this function to add different universal tag for enumerated - - * krbasn1.h (ASN1_ENUMERATED): enumerated is universal 10 - -2002-10-07 Tom Yu <tlyu@mit.edu> - - * asn1_get.c (asn1_get_tag_indef): Stomp on asn1class, - construction, retlen, and indef, even if we've hit the end of the - buffer, to avoid passing uninitialized values around. - - * asn1_k_decode.c: Reformat somewhat and add comments to demystify - things a little. - (opt_field): Fix to explicitly check for end of subbuf before - verifying the pre-fetched tag, which may have been stomped on by - asn1_get_tag_indef() encountering end-of-buffer. - - * krb5_decode.c (opt_field, opt_lenfield): Fix to explicitly check - for end of subbuf before verifying the pre-fetched tag, which may - have been stomped on by asn1_get_tag_indef() encountering - end-of-buffer. - -2002-09-02 Ken Raeburn <raeburn@mit.edu> - - * asn1_decode.c, asn1_encode.c, asn1_get.c, asn1_get.h, - asn1_k_decode.c, asn1_k_encode.c, asn1_make.c, asn1_make.h, - asn1buf,c. asn1buf.h, krb5_decode.c, krb5_encode.c: Use prototype - style definitions for functions. Avoid variable name "class". - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-06-24 Tom Yu <tlyu@mit.edu> - - * asn1_encode.c (asn1_encode_generaltime): Remove call to - unix_time_to_msl_time(), as it's Mac OS 9 specific and was missed - in the previous change. - -2002-06-24 Alexandra Ellwood <lxs@mit.edu> - - * asn1_encode.c: Removed unused Mac OS 9 code - [pullup from 1-2-2-branch] - -2000-06-24 Miro Jurisic <meeroh@mit.edu> - - * asn1_encode.c (asn1_encode_generaltime): Fixed the Mac code to - use the correct epoch. - - * asn1_encode.c: Updated Utilities.h #include - - [pullups from 1-2-2-branch] - -2002-06-24 Tom Yu <tlyu@mit.edu> - - * asn1_get.c (asn1_get_length): Check for negative length. - [pullup from 1-2-2-branch] - -2002-04-09 Ken Raeburn <raeburn@mit.edu> - - * asn1buf.c (asn1buf_remove_octetstring, - asn1buf_remove_charstring): Fix bounds test for correctness in - overflow cases. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * asn1_decode.c, asn1_decode.h, asn1_encode.h, asn1_get.h, - asn1_k_decode.h, asn1_k_encode.h, asn1_make.h, asn1_misc.h, - asn1buf.h: Make prototypes unconditional. - -2001-07-24 Ezra Peisach <epeisach@mit.edu> - - * asn1_k_encode.c: (asn1_encode_predicted_sam_response): Use - asn1_encode_charstring() instead of asn1_decode_octetstring() for - krb5_data. (signed vs. unsigned) - -2001-06-12 Ezra Peisach <epeisach@mit.edu> - - * asn1_k_decode.c (asn1_decode_predicted_sam_response): Use - asn1_decode_charstring() instead of asn1_decode_octetstring() to - decode krb5_data. - -2000-10-26 Tom Yu <tlyu@mit.edu> - - * asn1buf.c (asn1buf_sync): Add new arguments to include the full - complement of data about a prefetched tag, as well as to indicate - whether the prefetched tag or the surrounding sequence is of an - indefinite length. - (asn1buf_skiptail): Add new arguments to indicate whether the - prefetched tag is indefinite, as well as its length. This - facilitates proper skipping of trailing garbage. - (asn1buf_remains): Add new argument to indicate whether the - surrounding encoding is indefinite. Don't advance buf->next if an - EOC encoding is detected; the caller will do that. - - * asn1buf.h: Update prototypes. - - * asn1_get.c (asn1_get_tag_indef): Don't treat EOC encoding as - special anymore, since previous behavior was overloading the - tag number in a bad way. Also, report a MISMATCH_INDEF error if - the tag encoding is for the forbidden primitive constructed - encoding. - - * asn1_k_decode.c (next_tag): Call get_tag_indef() in order to get - information about whether the length is indefinite. Don't check - the tag class and construction explicitly. - (get_eoc): New macro to get a tag and check if it is an EOC - encoding. - (get_field, opt_field): Move the check for the tag class and - construction to here. - (get_field_body, get_lenfield_body): Call get_eoc() instead of - next_tag() if we are decoding a constructed indefinite encoding. - (begin_structure): Use a different variable to indicate whether - the sequence is indefinite as opposed to whether an individual - field is indefinite. - (end_structure): Update to new calling convention of - asn1buf_sync(). - (sequence_of): Rewrite significantly. - (sequence_of_common): Move the bulk of previous sequence_of() - macro to here. Does not declare some variables that sequence_of() - declares. - (sequence_of_no_tagvars): Similar to sequence_of() macro but - declares different variables for the purpose of prefetching the - final tag. - (end_sequence_of_no_tagvars): Similar to end_sequence_of() macro - but uses variables declared by the sequence_of_no_tagvars() macro - to prefetch the final tag. - (asn1_decode_principal_name): Update for new asn1buf_remains() - calling convention. Call sequence_of_no_tagvars(), etc. instead - of sequence_of(), etc. in order to not declare shadowing - block-local variables. - (decode_array_body): Update for new asn1buf_remains() calling - convention. - (asn1_decode_sequence_of_enctype): Update for new - asn1buf_remains() calling convention. - - * krb5_decode.c (next_tag): Call get_tag_indef() in order to get - information about whether the length is indefinite. Don't check - the tag class and construction explicitly. - (get_eoc): New macro to get a tag and check if it is an EOC - encoding. - (get_field, opt_field): Move the check for the tag class and - construction to here. - (get_field_body, get_lenfield_body): Call get_eoc() instead of - next_tag() if we are decoding a constructed indefinite encoding. - (begin_structure): Use a different variable to indicate whether - the sequence is indefinite as opposed to whether an individual - field is indefinite. - (end_structure): Update to new calling convention of - asn1buf_sync(). - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * asn1buf.h: Lengths are now unsigned int for - asn1buf_ensure_space(), asn1buf_expand(), asn1buf_imbed(), - asn1buf_sync(), asn1buf_insert_octetstring(), - asn1buf_insert_charstring(), asn1_remove_octetstring(), - asn1buf_remove_charstring(), - - * krb5_decode.c, krb5_encode.c: Length fields are unsigned ints. - - * asn1_make.c, asn1_make.h: Prototypes changed to use an unsigned - int * in_len and retlen for: asn1_make_etag(), asn1_make_tag(), - asn1_make_sequence(), asn1_make_set(), asn1_make_string(), - asn1_make_length(), asn1_make_id(). - - * asn1_k_encode.h, asn1_k_encode.c: Change length fields to - unsigned ints for all functions. - (asn1_encode_etype_info_entry): Test for KRB5_ETYPE_NO_SALT - instead of -1. - - * asn1_k_decode.c (asn1_decode_etype_info_entry): Use a length of - KRB5_ETYPE_NO_SALT to indicate the optional salt not being - present. (instead of -1). - (setup): Length is now unsigned int. - - * asn1_get.c, asn1_get.h: Change retlent to unsigned int * for - asn1_get_tag(), asn1_get_tag_indef(), asn1_get_sequence, - asn1_get_length(). - - * asn1_encode.c, asn1_encode.h: Change retlen to unsigned int * - for asn1_encode_integer(), asn1_encode_unsigned_integer(), - asn1_encode_octetstring(), asn1_encode_charstring(), - asn1_encode_printable_string(), asn1_encode_ia5string(), - asn1_encode_generaltime(), asn1_encode_generalstring() - - * asn1_decode.c, asn1_decode.h: Change retlen to unsigned int * - for asn1_decode_octetstring(), asn1_decode_generalstring(), - asn1_decode_charstring(), - -2000-09-26 Tom Yu <tlyu@mit.edu> - - * asn1_get.c (asn1_get_tag_indef): Fix to not deref random garbage - while checking for EOC encoding. At least the indefinite decoding - breaks consistently now. - -2000-08-07 Ezra Peisach <epeisach@mit.edu> - - * asn1_k_decode.c (asn1_decode_last_req_entry): Decode the lr_type - as an int32. Handle backwards compatibility if KRB5_GENEROUS_LR_TYPE - is defined. - - * krbasn1.h: Define KRB5_GENEROUS_LR_TYPE for compatibility with - one byte negative lr_types which are sent as a positive integer. - -2000-06-29 Tom Yu <tlyu@mit.edu> - - * asn1buf.h (asn1buf_insert_octet): Define using __inline__ rather - than inline in order to shut up gcc -pedantic. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * asn1_get.c (asn1_get_tag): Remove unused variable. - -2000-02-06 Ken Raeburn <raeburn@mit.edu> - - Patches from Frank Cusack for helping in preauth replay - detection and spec (passwd-04 draft) compliance. - * asn1_k_decode.c (asn1_decode_enc_sam_response_enc): Update for - field name change. - (asn1_decode_predicted_sam_response): Handle new fields. - * asn1_k_encode.c (asn1_encode_enc_sam_response_enc): Update for - field name change. - (asn1_encode_predicted_sam_response): Handle new fields. - -2000-02-01 Danilo Almeida <dalmeida@mit.edu> - - * krb5_decode.c (krb5_decode_ticket): Add function to provide - decode_krb5_ticket functionality as part of krb5 API. - -1999-11-01 Tom Yu <tlyu@mit.edu> - - * krb5_decode.c (begin_structure): Update to deal with indefinite - encodings better; also call asn1_get_sequence(). - - * asn1_k_decode.c (sequence_of): Update to deal with indefinite - encodings better. - (begin_structure): Update to deal with indefinite encodings - better; also call asn1_get_sequence(). - - * asn1_get.h: Update prototypes for asn1_get_tag_indef(), - asn1_get_tag(), asn1_get_sequence(), asn1_get_length(). - - * asn1_get.c (asn1_get_tag_indef): New function; get tag info, - lengths, etc. as well as flag indicating whether the length is - indefinite. - (asn1_get_tag): Modify to just call asn1_get_tag_indef(). - (asn1_get_sequence): Call asn1_get_tag_indef() in order to - determine whether encoding is indefinite length. - (asn1_get_length): Add "indef" arg to indicate whether an encoding - has an indefinite length. - - * asn1buf.h: Update asn1buf_imbed() prototype. - - * asn1buf.c (asn1buf_imbed): Add "indef" arg so that we don't - treat a definite zero-length encoding as an indefinite encoding. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-10-06 Ken Raeburn <raeburn@mit.edu> - - * asn1_decode.c (asn1_decode_integer): Initialize "n", to keep gcc - happy. - -Sat Jul 10 10:21:40 1999 Tom Yu <chaoself@mit.edu> - - * asn1_decode.c (asn1_decode_integer): Fix to deal with overflows - and negative integers. - (asn1_decode_unsigned_integer): Fix to deal with overflows and to - return errors on encountering negative integers. - -1999-07-06 Ken Raeburn <raeburn@mit.edu> - - * KRB5-asn.py (PA-SAM-RESPONSE): Fix syntax error -- comma - separating sequence components doesn't belong buried in a - comment. - -1999-07-03 Tom Yu <tlyu@mit.edu> - - * asn1buf.c (asn1buf_sync): Add length parameter to disambiguate - constructed-indefinite encoding from constructed-definite encoding - which happens to end at the same place as the enclosing buf. - - * asn1buf.h: Update to match definition. - - * krb5_decode.c (end_structure): Update to deal with additional - length parameter to asn1buf_sync(). - - * asn1_k_decode.c (end_sequence_of, end_structure): Update to deal - with additional length parameter to asn1buf_sync(). - - * asn1buf.h: New prototpyes for asn1buf_sync() and - asn1buf_skiptail(). - - * asn1buf.c (asn1buf_sync): Fix to deal with - constructed-indefinite encodings with trailing fields. As a - result, this requires that the most recently read tag number be - passed in. - (asn1buf_skiptail): New helper function to skip trailing fields in - a constructed-indefinite encoding. - - * krb5_decode.c (end_structure): Hack to deal with changed - asn1buf_sync(). - - * asn1_k_decode.c (end_structure, end_sequence_of): Hack to deal - with changed asn1buf_sync(). - -1999-06-30 Tom Yu <tlyu@mit.edu> - - * asn1buf.c (asn1buf_sync): Interim fix for DCE compat problem - with indefinite length encodings. - -1999-06-15 Tom Yu <tlyu@mit.edu> - - * asn1_encode.c (asn1_encode_generaltime): Fix minor bug in - bounds-checking for tm_year: 1900 + 8099 = 9999. - -Mon May 10 15:23:51 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Thu Dec 3 19:41:06 1998 Tom Yu <tlyu@mit.edu> - - - * asn1_k_decode.c (asn1_decode_krb5_flags): Fix previous to - properly left-justify bit strings less than 32 bits. - - * asn1_k_decode.c (asn1_decode_krb5_flags): Modify to deal with - BIT STRING values that are not exactly 32 bits. Throw away bits - beyond number 31 in a bit string for now. Deal with masking out - unused bits. - -1998-10-27 Marc Horowitz <marc@mit.edu> - - * asn1buf.c (asn1buf_sync): interoperation testing against heimdal - revealed a bug. if extra fields are present in a SEQUENCE, they - are not ignored and skipped. This caused the decoder to get out - of sync. - -Thu Jul 2 15:30:25 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * asn1_encode.c: Make the magic Macintosh EPOCH offset be 70 years - instead of 66 years, since CodeWarrior Pro 2 now bases - everything off of 1900. - -Thu Apr 16 17:01:27 1998 Tom Yu <tlyu@mit.edu> - - * asn1_encode.c (asn1_encode_generaltime): Sanity check the return - from gmtime() to avoid overruns. - -Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Changed thisconfigdir to point at the lib/krb5 - directory, since we've moved the configure.in tests in - this directory to the toplevel lib/krb5 configure.in - -Wed Feb 18 16:18:46 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 22:32:06 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * asn1buf.h (asn1buf_insert_octet): Use static inline function to - define asn1_insert_octet, since the GCC specific hack - we're using doesn't work on GCC compilers that also have - Objective C enabled. - - * asn1buf.c: define ASN1BUF_OMIT_INLINE_FUNCS before including - asn1buf.h, since we don't want inline functions declared - when we're defining the linkable version of the functions. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Fri Jan 2 21:18:30 1998 Tom Yu <tlyu@mit.edu> - - * asn1buf.c (asn12krb5_buf): Check return value of - malloc. [krb5-libs/518] - -Tue Sep 30 19:03:34 1997 Tom Yu <tlyu@mit.edu> - - * krbasn1.h: Replace HAS_STDLIB_H with something more sane. - -Thu Jul 31 15:38:10 1997 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * asn1buf.h (asn1buf_remove_octet, asn1buf_size, asn1buf_free, - asn1buf_ensure_space, asn1buf_len): Add macro versions. - (asn1buf_insert_octet) [__GNUC__ >= 2]: Ditto, using a GNU C - extension. - * asn1buf.c (asn1buf_remove_octet, asn1buf_size, asn1buf_free, - asn1buf_ensure_space, asn1buf_len, asn1buf_insert_octet): Undef - macros before defining as functions. - [Kerbnet changes made by raeburn@cygnus.com] - -Thu Jul 31 12:34:43 1997 Ezra Peisach <epeisach@mit.edu> - - * asn1buf.h (asn1buf_expand): Remove "const" from int arg in - prototype. - - * asn1buf.c (asn1buf_remove_charstring, asn1buf_create, - asn1buf_remove_octetstring, asn12krb5_buf): Call malloc instead of - calloc. - (asn1buf_unparse, asn1buf_hex_unparse): Ditto. Also don't - allocate extra byte, since sizeof(STRING) does count the trailing - null. - (asn1buf_expand): Adjust bound based on increment - value used, not value specified by caller. - - [Kerbnet changes made by raeburn@cygnus.com] - -Thu Jul 31 11:17:06 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (SRCS): Add / after $(srcdir) in SRCS line. - -Sat Feb 22 22:13:35 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - -Thu Jan 2 16:56:10 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Thu Nov 14 20:57:55 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * asn1_k_encode.c (asn1_encode_principal_name): Be liberal about - accepting a principal with a zero-length component where - the data pointer is NULL. After all, - asn1_decode_principal_name generates them that way! [PR#188] - (asn1_encode_encrypted_data): - (asn1_encode_krb5_authdata_elt): - (asn1_encode_encryption_key): - (asn1_encode_checksum): - (asn1_encode_realm): If the length is zero, allow the data - field to be NULL. - -Thu Jun 27 10:31:34 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * asn1buf.c (asn12krb5_buf): Initialize magic fields of structure. - (asn1buf_expand): If pre-allocating memory for future use, store - proper end of buffer. - -Wed Jun 12 14:25:11 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * asn1_k_encode.h, asn1_k_decode.h: Add prototypes for the SAM - encoding and decoding functions, which are necessary for - the Win32 port (and a good idea in general). - -Wed Jun 5 15:37:50 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * asn1_k_decode.c (asn1_decode_enc_kdc_rep_part): If starttime is - not sent over the wire, set equal to authtime. - -Thu May 2 21:59:23 1996 Mark Eichin <eichin@cygnus.com> - - * krb5_decode.c (decode_krb5_enc_tkt_part): use tagnum correctly - to handle optional starttime (previous code *always* replaced - starttime with authtime.) - -Tue Apr 9 22:51:36 1996 Mark Eichin <eichin@cygnus.com> - - * krb5_decode.c (decode_krb5_sam_challenge, - decode_krb5_enc_sam_key, decode_krb5_enc_sam_response_enc, - decode_krb5_sam_response, decode_krb5_predicted_sam_response): - Change to new indirect interface. - - * asn1_k_decode.c (opt_encfield): macro for handling optional - encrypted_data fields (see asn1_decode_kdc_req_body for original - version.) - (asn1_decode_sam_response): use opt_encfield, since we're making - sam_enc_key optional (as it is reserved for future use.) - * asn1_k_encode.c (asn1_encode_sam_response): check sam_enc_key - for content before adding it. - * KRB5-asn.py: note sam-enc-key as OPTIONAL regardless of future - plans. - -Wed Mar 20 22:43:17 1996 Theodore Y. Ts'o <tytso@dcl> - - * asn1_k_decode.c: Decode pa_type in the krb5_pa_data structure as - a krb5_int32, since it is now type krb5_preauthtype. - (asn1_decode_etype_info_entry): Decode etype in the - krb5_etype_info_entry as krb5_enctype. - - * krb5_decode.c (decode_krb5_pa_enc_ts): Fix 16 bit vs. 32bit - error in the encoded timestamp structure. - -Wed Mar 13 12:52:32 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * krb5_decode.c (decode_krb5_ticket, decode_krb5_enc_tkt_part, - decode_krb5_authenticator, decode_krb5_error, - decode_krb5_ap_req, decode_krb5_ap_rep, - decode_krb5_ap_rep_enc_part, decode_krb5_safe, - decode_krb5_priv, decode_krb5_enc_priv_part, - decode_krb5_cred, decode_krb5_enc_part): Add magic values. - - * asn1_k_decode.c (asn1_decode_passwdsequence): Set magic values - in structures. - (asn1_decode_kdc_req_body): Set magic in - authorization_data if not sent OTW. - -Tue Feb 27 19:23:55 1996 Theodore Y. Ts'o <tytso@dcl> - - * krb5_decode.c (decode_krb5_enc_tkt_part): If starttime is not - set, then use authtime as a default. (This fixes the bug - where if you try to immediately use a TGT to get a ticket, - you get a time skew error.) - -Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Folded in danw's changes to allow - building Makefiles for the Macintosh. We now can build - MPW makefiles which are interpreted by CodeWarrior. - -Wed Nov 8 20:00:13 1995 Theodore Y. Ts'o <tytso@dcl> - - * asn1_k_decode.c (asn1_decode_etype_info_entry): If the optional - salt element is not present, set etype.length to -1. - - * asn1_k_encode.c (asn1_encode_etype_info_entry): When encoding - the etype_info_entry structure, use length == -1 to mean - that the optional salt structure should not be sent. (It - used to be if length == -1.) - -Tue Oct 31 20:06:49 1995 Theodore Y. Ts'o <tytso@dcl> - - * krb5_decode.c (decode_krb5_pa_enc_ts, decode_krb5_enc_data): - Added new functions. - - * krb5_encode.c (encode_krb5_pa_enc_ts, encode_krb5_enc_data): - Added new functions. - - * KRB5-asn.py (PA-ENC-TS-ENC): Added new definition for the - krb5_pa_enc_ts structure. - -Fri Oct 6 22:03:01 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Thu Sep 28 23:35:06 1995 Mark W. Eichin <eichin@cygnus.com> - - * krb5_encode.c (krb5_cleanup): If asn1buf_destroy fails, don't - call it again. (Not that it can ever fail anyhow.) - -Tue Sep 26 19:59:56 1995 <tytso@rsts-11.mit.edu> - - * krb5_decode.c: Systematic rework of all the cleanup code to make - the generated object file subtatially (40% on the i386 - platform) smaller. The cleanup is now handled with a - "goto error_out" statement, which prevents the cleanup - statements from being replicated many, many, many times - throughout the entire file. - -Mon Sep 25 16:56:13 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Fri Sep 22 22:27:33 1995 Theodore Y. Ts'o <tytso@dcl> - - * asn1_k_decode.c (asn1_decode_etype_info_entry): - * krb5_decode.c (decode_krb5_alt_method): Remove the (int) cast, - since you can't take address of a value which has been - casted. Instead we change the underlying type in the - structure to be an int. - -Wed Sep 13 10:51:31 1995 Keith Vetter (keithv@fusion.com) - - * asn1_k_decode.c, asn1_k_encode.c, krb5_dec.c, krb5_enc.c: 32 - bit word being passed as an int. - -Wed Sep 20 11:50:35 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * krb5_decode.c (setup_buf_only): Declare cleanup routine as - void and propogate through file. - -Mon Sep 18 14:17:15 1995 Theodore Y. Ts'o <tytso@dcl> - - * asn1_encode.c (asn1_encode_generaltime): Don't modify a const - input variable val; copy it to a scratch variable and - modify that. - -Wed Sep 13 19:53:30 1995 Mark Eichin <eichin@cygnus.com> - - * krb5_decode.c (clean_krb5_authenticator, clean_krb5_ticket, - clean_krb5_enc_tkt_part,clean_krb5_ap_req, - clean_krb5_ap_rep_enc_part, clean_krb5_safe, - clean_krb5_priv_enc_part, clean_krb5_cred_enc_part, - clean_krb5_error): new static functions to free objects that may - be partially constructed. - (setup_buf_only, setup_no_tagnum, setup_no_length, setup): define - in terms of each other to remove duplication, then add local - variable error_cleanup to common declarations. - (clean_return): new macro, uses error_cleanup on rep if possible - and the allows the argument to be returned. - (alloc_field, check_apptag, next_tag, begin_structure, - get_field_body, get_field, get_lenfield_body, get_lenfield): use - clean_return. - (free_field): new macro to simplify the writing of clean_*. - (clear_field): macro to clean up preparation of fields for later - use by clean_* functions. - (decode_krb5_authenticator, decode_krb5_ticket, - decode_krb5_encryption_key, decode_krb5_enc_tkt_part, - decode_krb5_enc_kdc_rep_part, decode_krb5_as_rep, - decode_krb5_tgs_rep, decode_krb5_ap_req, decode_krb5_ap_rep, - decode_krb5_ap_rep_enc_part, decode_krb5_as_req, - decode_krb5_tgs_req, decode_krb5_kdc_req_body, decode_krb5_safe, - decode_krb5_priv, decode_krb5_enc_priv_part, decode_krb5_cred, - decode_krb5_enc_cred_part, decode_krb5_error, - decode_krb5_authdata, decode_krb5_pwd_sequence, - decode_krb5_pwd_data, decode_krb5_padata_sequence, - decode_krb5_alt_method, decode_krb5_etype_info): change setup - macro to pass a cleanup method (or just free if there were no - partial allocations, or 0 for the two cases with no allocation at - all.) Also explicitly zero pointer subfields, since calloc is not - a safe way to assure that. Generally, provide for automatic - deallocation of storage on error. - -Sun Sep 10 12:00:00 1995 <mattly@fusion.com> - - * asn1_encode.c: Removed use of localtime for encoding of generaltime. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * asn1_k_decode.c, asn1_k_decode.h, asn1_k_encode.c, asn1_k_encode.h, - * krb5_decode.c, krb5_encode.c: s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Wed Sept 6 12:00:00 1995 <mattly@fusion.com> - - * asn1_encode.c: added EPOCH to account for macintosh time keeping - differences in asn1_encode_generaltime. - - * asn1buf.c: removed some debugging cruft. - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * asn1_k_decode.c, asn1_k_decode.h, asn1_k_encode.c, asn1_k_encode.h - * krb5_decode.c : Remove krb5_enctype references, and replace with - krb5_keytype where appropriate - -Mon Aug 28 12:54:05 1995 <tytso@rsts-11.mit.edu> - - * krb5_decode.c (decode_krb5_alt_method, - decode_krb5_etype_info): New functions for - decoding some new data structures. - - * krb5_encode.c (encode_krb5_alt_method, encode_krb5_etype_info): - New functions for encoding some new data structures. - - * asn1_k_decode.c (asn1_decode_etype_info_entry, - asn1_decode_etype_info): Added new functions to decode - some new data structures. - - * asn1_k_encode.c (asn1_encode_etype_info_entry, - asn1_encode_etype_info): Added new functions to encode - some new data structures. - -Fri Aug 25 21:43:42 1995 Theodore Y. Ts'o <tytso@dcl> - - * krb5_encode.c (encode_krb5_padata_sequence): New function which - encodes a sequence of pa_data elements - - * krb5_decode.c (decode_krb5_padata_sequence): New function which - decodes a sequence of pa_data elements. - - * asn1_k_encode.c (asn1_encode_sequence_of_pa_data): Make it - possible to encode sequence of zero pa_data elements. - - * asn1_k_decode.c (decode_array_body): Make it possible to decode - SEQUENCE OF encodinges of zero items (which is legal - according to ASN.1) - -Sat Jun 17 00:00:33 1995 Theodore Y. Ts'o (tytso@dcl) - - * asn1_get.c (asn1_get_tag): Added change to allow for - ASN.1 indefinite encoding; needed for DCE compatibility. - -Fri Jun 9 19:34:05 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Fri May 26 20:19:15 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for building shared libraries. - -Tue May 23 16:22:57 1995 Theodore Y. Ts'o (tytso@dcl) - - * asn1_decode.c: Rearrange #include files so that krb5.h gets - included first, so that the debugging information can be - more efficiently collapsed since the type numbers will be - the same. - - * asn1_encode.h: Rearrange the #include files so that the type - numbers are the same. - -Thu Apr 13 20:13:38 1995 Keith Vetter (keithv@fusion.com) - - * asn1_k_decode.c: fixed up 'unreferenced local variable' problems. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - -Wed Mar 22 09:39:55 1995 <tytso@rsx-11.mit.edu> - - * asn1_k_decode.c (setup, next_tag, apptag, get_field_body, - get_lenfield_body, asn1_decode_ticket): Use the - taglength to determine whether or not the indefinite - encoding was used, and if so skip over the termination - flag bytes in the ASN.1 stream. - - * asn1buf.c (asn1buf_imbed, asn1buf_remains): Make changes to - allow for indefinite encodings. asn1buf_remains() is now - only used for decoding structures and arrays (i.e., asn.1 - constructs which terminate indefinite encodings with two - zero octets. - - [ Note these fixes to support indefinite encoding - aren't terribly clean; some invalid encodings may - be accepted when they should not be. This should be - looked at in more detail later.] - - * asn1_get.c (asn1_get_tag): Inline original asn1buf_remains() - code, since asn1_get_tag doesn't use asn1buf_remains in - the context of a structure or an array. - -Sat Mar 25 14:12:31 1995 Tom Yu (tlyu@dragons-lair) - - * asn1_decode.c: move declaration of gmt_mktime() outside of - asn1_decode_generaltime() so that compilers like Ultrix cc that - don't support prototypes within function bodies don't break - -Fri Mar 17 19:05:22 1995 John Gilmore (gnu at toad.com) - - * Makefile.in: Remove redundant definitions from config/pre.in - (clean-mac): Add. - * asn1_misc.c: Avoid <malloc.h> and <memory.h> includes, for Mac. - (asn1_krb5_realm_copy): Use malloc, not calloc, since we're - about to clobber the storage anyway. - * configure.in (WITH_KRB5ROOT): Remove, not needed. - * krbasn1.h: Document that <limits.h> is needed for INT_MAX. - -Fri Mar 10 15:39:24 1995 Theodore Y. Ts'o (tytso@kenmore) - - * asn1buf.c. asn1buf.h (asn1buf_insert_octet): Make the second - argument of asn1buf_insert_octet be an int, instead of - asn1_octet. ANSI C narrow types screws us again.... - -Tue Mar 7 21:40:18 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed library name for the PC. - -Wed Mar 1 18:00:00 1995 Keith Vetter (keithv@fusion.com) - - * asn1_decode.c, asn1_encode.c, ans1_k_encode.c, asn1_misc.c: 16 vs - 32 bit casts. - * asn1_k_encode.h: added missing INTERFACE to a prototype - -Tue Feb 28 00:32:48 1995 John Gilmore (gnu at toad.com) - - * asn1_decode.h, asn1_encode.h, asn1_get.h, asn1_k_decode.h, - asn1_k_encode.h, asn1_make.h asn1_misc.h, asn1_buf.h, glue2.c, - krb5_decode.c, krb5_encode.c, krbasn1.h: Avoid <krb5/...> includes. - -Tue Feb 21 12:00:00 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work for the PC - * *.c, *.h: added windows INTERFACE keyword to all functions - -Tue Feb 21 20:11:30 1995 Theodore Y. Ts'o (tytso@dcl) - - * asn1_k_decode.h(asn1_decode_kvno, asn1_decode_krb_safe_body): - Removed duplicate declarations. - - * asn1_k_decode.h(asn1_decode_passwdsequence, - asn1_decode_sequence_of_passwdsequence): Added missing - declarations. - -Thu Feb 16 19:29:59 1995 Theodore Y. Ts'o (tytso@dcl) - - * asn1_k_encode.h(asn1_encode_enc_kdc_rep_part): Remove duplicate - declaration of asn1_encode_enc_kdc_rep_part. - -Fri Feb 10 15:30:45 1995 Theodore Y. Ts'o <tytso@dcl> - - * asn1_k_encode.c: Remove #include of krb5_encode.h (it's not - needed). - - * krb5_encode.h: - * krb5_decode.h: These files removed; their contents have been - poured into include/krb5/asn1.h. - - * Makefile.isode.in: Removed. - - * process.perl: Removed (isode cruft). - - * Makefile.sane.in: Removed; contents moved to Makefile.in - - * configure.in: - * Makefile.in: Removed isode croft. (Makefile.in was - Makefile.sane.in) - -Fri Feb 3 01:02:43 1995 John Gilmore <gnu@cygnus.com> - - * asn1_decode_k.c => asn1_k_decode.c - * asn1_decode_k.h => asn1_k_decode.h - * asn1_encode_k.c => asn1_k_encode.c - * asn1_encode_k.h => asn1_k_encode.h - * Makefile.sane.in, krb5_decode.c, krb5_encode.c, - asn1_k_encode.c, asn1_k_decode.c: updated to match. - -Fri Nov 18 16:24:35 1994 Theodore Y. Ts'o (tytso@dcl) - - * krb5_decode.c (decode_krb5_encryption_key): Add magic number to - keyblock structure. - -Thu Nov 10 21:51:55 1994 Theodore Y. Ts'o (tytso@dcl) - - * asn1_decode_k.c (asn1_decode_principal_name, - asn1_decode_checksum, asn1_decode_encrypted_data, - asn1_decode_transited_encoding, - asn1_decode_enc_kdc_rep_part, asn1_decode_ticket, - asn1_decode_kdc_req, asn1_decode_kdc_req_body, - asn1_decode_safe_body, asn1_decode_host_address, - asn1_decode_kdc_rep, asn1_decode_authdata_elt, - asn1_decode_krb_cred_info, asn1_decode_pa_data, - asn1_decode_last_req_entry): Initialize magic number field - in the relevant structures. - - * asn1_decode_k.c (asn1_decode_encryption_key): Add appropriate - magic number and encryption type. - -Wed Nov 2 23:10:36 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Add WITH_CPPOPTS since we're not using - CONFIG_RULES (yet). - -Thu Oct 27 22:32:13 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.sane.in: Remove duplicate definitions for DEFS, CC, - CCOPTS, and LIBS. (now defined in config/pre.in). - -Wed Oct 19 10:51:16 1994 Theodore Y. Ts'o (tytso@maytag) - - * err2kerr.c (KRB5_KRB__ERROR2krb5_error): The e_data field - wasn't being decoded when it should have been. - - * qbuf2data.c (qbuf2krb5_data): Set magic number field to zero. - - * asn1_decode_k.c (asn1_decode_kdc_req_body): If the authorization - field is not present, fill in the authorization data - fields with all zeros. Don't set kvno (that's *key* - version number, not *Kerberos* version number) to 5. - -Tue Oct 18 23:07:20 1994 Theodore Y. Ts'o (tytso@maytag) - - * tgrq2ktgrq.c (KRB5_KDC__REQ__BODY2krb5_kdc_req): Allow the - service principal to be optional. - - * ktgrq2tgrq.c (krb5_kdc_req2KRB5_KDC__REQ__BODY): Allow the - server principal to be optional. - -Fri Oct 7 15:05:35 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.isode.in: Add -DKRB5_USE_ISODE so that include files - are right. - -Tue Oct 4 16:13:45 1994 Theodore Y. Ts'o (tytso@dcl) - - * asn1_decode_k.c (asn1_decode_kerberos_time): Don't assume that - krb5_timestamp and time_t are the same. - -Thu Sep 29 14:26:34 1994 Theodore Y. Ts'o (tytso@dcl) - - * asn1buf.c (asn1buf_remove_octetstring, asn1buf_remove_charstring): - If the length is zero, don't call calloc(0,1); instead - return a NULL pointer. This way, we get consistent - behavior even on systems where malloc(0) returns a - non-null pointer. - -Tue Sep 27 23:31:50 1994 Theodore Y. Ts'o (tytso@dcl) - - * krb5_encode.c (encode_krb5_enc_kdc_rep_part): = should have been - == in commented-out code. Get it right for the future... - -Wed Sep 21 00:18:12 1994 Theodore Y. Ts'o (tytso@dcl) - - * krb5_decode.c (decode_krb5_authdata): Initialize variable where - the authdata is returned to NULL first. (Caller shouldn't - have to do this.) - - * asn1_decode.c (asn1_decode_generaltime): Plug memory leak caused - by not freeing temporary string. - -Wed Aug 17 16:07:06 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * krb5_encode.c (encode_krb5_enc_kdc_rep_part): Older versions of - the Kerberos are always sending the enc_kdc_rep_part structure - with an application tag of #26, instead of using the application - tag of #25 (AS REP) or #26 (AS REP) as necessary. Worse yet, they - will only accept a tag of #26, so we need to follow this for - backwards compatibility. #defining KRB5_ENCKRB5KDCREPPART_COMPAT - will preserve this wrong (but compatible) behavior. - - * krb5_decode.c (decode_krb5_enc_kdc_rep_part): Record the tag - value of the ASN.1 sequence in the rkb5_enc_kdc_rep structure. - Allow both tag #25 and #26 (although old software was always - sending tag #26). - - * krb5_decode.c (decode_krb5_as_rep, decode_krb5_tgs_rep, - decode_krb5_ap_req, decode_krb5_ap_rep, decode_krb5_as_req, - decode_krb5_tgs_req, decode_krb5_safe, decode_krb5_priv, - decode_krb5_cred, decode_krb5_error): Only check the ASN.1 message - type if KRB5_MSGTYPE_STRICT is defined. "Be strict in what you - send out, liberal in what you receive..." - - * asn1_decode_k.c (asn1_decode_msgtype): Stop checking the - validity of the message type here. Each routine that calls - asn1_decode_msgtype is checking the message type anyway, so it's - just duplicated effort. - -Sat Aug 13 03:40:16 1994 Mark Eichin (eichin@perdiem) - - * krbasn1.h: include stdlib.h for calloc declaration (if we can) - -Thu Aug 11 00:38:10 1994 Theodore Y. Ts'o (tytso@dcl) - - * asn1_encode_k.c (asn1_encode_kdc_req): Add extra argument which - specifies the msg_type of the encoding; don't use req->msg_type - which is generally not set right. (That output is only as a place - to stash the msg_type from decode). All callers updated. - - * asn1_encode_k.c (asn1_encode_kdc_rep): Add extra argument which - specifies the msg_type of the encoding; don't use rep->msg_type - which is generally not set right. (That output is only as a place - to stash the msg_type from decode). All callers updated. - - * asn1_encode_k.c (asn1_encode_msgtype): Routine removed. Not - really necessary, since a msg_type is really just an integer. - - -Thu Aug 4 13:19:14 1994 Tom Yu (tlyu@dragons-lair) - - * asn1_decode_k.c (asn1_decode_sequence_of_enctype): fix typo - -Tue Aug 2 07:22:57 1994 Tom Yu (tlyu@dragons-lair) - - * asn1_decode_k.c (asn1_decode_sequence_of_enctype): more fixing - of realloc(NULL) returning NULL - -Sat Jul 23 08:48:18 1994 Tom Yu (tlyu@dragons-lair) - - * asn1buf.h: include ext-proto.h now to avoid type warnings - -Sat Jul 16 00:19:18 1994 Tom Yu (tlyu at dragons-lair) - - * asn1_encode_k.c (asn1_encode_transited_encoding): whoops don't - bomb if val->tr_contents.dlength == 0 - - * asn1_decode_k.c (asn1_decode_encrypted_data): oops looks like - Harry made a brain fart here.... default value for kvno was 5, not - 0. - -Thu Jul 14 11:37:59 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * asn1_*.[ch]: - * krb5_*.[ch]: Add MIT Copyright notices. - -Thu Jul 14 01:26:22 1994 Tom Yu (tlyu at dragons-lair) - - * asn1_encode_k.c (asn1_encode_pa_data): oops still check NULL if - length != 0 - -Sat Jul 9 00:26:48 1994 Tom Yu (tlyu at dragons-lair) - - * asn1_encode_k.c (asn1_encode_pa_data): the contents field of a - krb5_pa_data structure can be NULL (e.g. - salt_type==KRB5_KDB_SALTTYPE_V4), and the encoder was treating - this as a missing required field - -Fri Jul 8 17:32:29 1994 Tom Yu (tlyu at dragons-lair) - - * asn1_decode_k.c: yet another instance of the SunOS realloc bug - - * asn1buf.c: whee SunOS realloc of a NULL pointer returns NULL. - sigh. - -Wed Jul 6 13:21:35 1994 Mark Eichin (eichin@cygnus.com) - - * an1buf.c: Harry saves vs. Unix again. Making sure that anything - that can call calloc with a zero argument won't return ENOMEM if - calloc retuns NULL in this case. This was prompted by breakage - under linux. - - * asn1_encode.c (asn1_encode_generaltime): don't use strftime on - the output of gmtime -- under Solaris, it mutates it! (seems to be - doing a timezone offset.) Besides, sprintf is quite sufficient. - Also rename local variable time to gtime to avoid name collision. - (asn1_decode_generaltime): the fixed-point method below doesn't - actually work because it doesn't handle the current timezone - offset. Simpler, and more general -- always call gmt_mktime, which - is now provided in lib/krb5/os/gmt_mktime.c. - -Sun Jul 3 04:43:42 1994 Tom Yu (tlyu at dragons-lair) - - * asn1_encode_k.h: - * asn1buf.c: - * krbasn1.h: punt stdlib.h in favor of stdio.h. It looks like - Harry was assuming that NULL gets defined in stdlib instead of - stdio - -Fri Jul 1 13:03:39 1994 Mark Eichin (eichin@cygnus.com) - - * asn1_encode_k.c (asn1_encode_msgtype): comment out krb5_msgtype - decl of val arg, use int (to match prototype in header.) Throw out - OLDDECLARG, DECLARG, and use old-style definition to match style - of the rest of the code. - (asn1_encode_ui_4): comment out krb5_ui_4 decl of val arg, use int - (to match prototype in header.) Also rewrote definition header. - - * asn1_decode.c (asn1_decode_generaltime): tm_gmtoff is *not* in - System V either. The only portable way to find the delta is to - subtract gmtime from localtime at a fixed point (epoch+24hours is - an easy way to simplify the arithmetic.) - HAVE_GMTOFF: might someday be defined, but for now merely labels - what the code original did/was intended to do. - - * configure.in: redo "autoconf frobbage" since the old way didn't - work with srcdir. Now, AC_OUTPUT generates all three Makefiles, - and ISODEMAKEFILE is subst'ed in to be either Makefile.isode or - Makefile.sane. EXTRA_RULES_IN is used to append the extra stuff to - the end of the "real" one of the two. - * configure.in: krb5_encode.h and krb5_encode.h are source, not - generated, so use CopySrcHeader instead. - - -Tue Jun 28 19:57:28 1994 Tom Yu (tlyu at dragons-lair) - - * configure.in: - * Makefile.in: autoconf frobbage - diff --git a/src/lib/krb5/ccache/ChangeLog b/src/lib/krb5/ccache/ChangeLog deleted file mode 100644 index 0c3c48aeb..000000000 --- a/src/lib/krb5/ccache/ChangeLog +++ /dev/null @@ -1,1075 +0,0 @@ -2006-04-02 Ken Raeburn <raeburn@mit.edu> - - * t_cc.c: Include autoconf.h. - - * Makefile.in (DEFS): Make empty. - -2005-12-02 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: increase the size of the PurgeRequest - -2005-10-27 Jeffrey Altman <jaltman@mit.edu> - * ccdefault.c: - (krb5int_cc_default) - add KFW support for multiple ccaches - -2005-10-20 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - - provide defaults for client and server names in purge - ticket routines - - properly size the buffers used to store the names. - -2005-06-15 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (dereference): Fix test is list-walking loop. - -2005-04-13 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define. - -2005-01-13 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (struct _krb5_fcc_data): Fields disk_file_lock, - file_is_locked deleted. - (krb5_fcc_open_file, krb5_fcc_close_file, dereference, - krb5_fcc_resolve, krb5_fcc_generate_new, krb5_fcc_set_flags): - Don't set or check them. - -2005-01-11 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - - do not free krb5_creds if krb5_copy_creds fails - - cause MSTicketToMITTicket to return failure if - krb5_copy_data fails - -2004-12-25 Ezra Peisach <epeisach@mit.edu> - - * cc_file.c (krb5_fcc_close): Free the cache id. - (dereference): When removing fcc_set entry from list, free the - pointer as well. - -2004-12-16 Jeffrey Altman <jaltman@mit.edu> - * cc_mslsa.c: - Temporarily deactivate support for KerbSubmitTicketMessage - and KerbQueryTicketCacheEx2Message until the new Platform SDK - becomes publicly available. - -2004-12-15 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - - Activate support for KerbSubmitTicketMessage - - Activate support for KerbQueryTicketCacheEx2Message - - Add locale support for regions which use MultiByte characters - -2004-11-19 Ken Raeburn <raeburn@mit.edu> - - * cc_mslsa.c (MSCredToMITCred): Don't create an empty array for - addresses, just use a null pointer now. - -2004-11-16 Ken Raeburn <raeburn@mit.edu> - - * cc_retr.c (krb5_cc_retrieve_cred_seq): Temporarily clear the - KRB5_TC_OPENCLOSE flag on the credentials cache while reading - multiple entries from it. - -2004-11-15 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_fcc_get_flags): New function. - (krb5_fcc_ops, krb5_cc_file_ops): Add it. - * cc_memory.c (krb5_mcc_get_flags): New function. - (krb5_mcc_ops): Add it. - * cc_mslsa.c (krb5_lcc_get_flags): New function. - (krb5_lcc_ops): Add it. - * ccfns.c (krb5_cc_get_flags): New function. - -2004-10-07 Jeffrey Altman <jaltman@mit.edu> - * cc_mslsa.c: Fix the forced setting of the Initial Ticket Flag - on Win2000 and add it to XP and 2003 SP1 - -2004-09-17 Jeffrey Altman <jaltman@mit.edu> - * cc_mslsa.c: Fix the error returned when krb5_lcc_start_seq_get() - discovers the cache is empty. Check for the new error in - krb5_lcc_initialize() - -2004-09-10 Jeffrey Altman <jaltman@mit.edu> - * cc_mslsa.c: Implement krb5_lcc_initialize() - Remove all tickets from the cache which have a client - principal that matches the input principal. - -2004-09-10 Jeffrey Altman <jaltman@mit.edu> - * cc_mslsa.c: Correct test for KerbQueryTicketCacheExMessage - -2004-09-09 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: The following functionality is being committed - but commented out because it is not presently - available in public Microsoft SDKs - - support for KerbSubmitTicket which allows a KERB_CRED - message to be forwarded to the LSA. (KERB_SUBMIT_TICKET) - - support for the KerbQueryTicketCacheEx2Message which - adds the Session Key Enctype to the contents of the - response from KerbQueryTicketCacheExMessage. - (HAVE_CACHE_INFO_EX2) - -2004-09-01 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - - Fix MITPrincToMSPrinc to prevent writing to the output - buffer if the input won't fit. - - Add internal UnicodeStringToMITPrinc function - - Rename internal MSPrincToMITPrinc to ExternalNameToMITPrinc - - Rename internal PurgeMSTGT to PurgeAllTickets - - Add internal PurgeTicket2000 - - Add internal PurgeTicketXP - - Since tickets can only be requested via KDC Opt Flags it is - not possible to specifically request the Initial ticket. If - more than one ticket exists which matching service names, - enctypes, and ticket flags the initial ticket flag may not be - set. If the caller requested the initial ticket, set the flag - manually. - - Add preliminary support for krb5_lcc_set_flags - - Modify krb5_lcc_initialize to return success - - Modify krb5_lcc_get_principal to support an LSA cache - which does not contain a TGT when krb5_lcc_resolve is - called. - - Implement krb5_lcc_remove_cred - - -2004-08-27 Ken Raeburn <raeburn@mit.edu> - - * t_cc.c (init_test_cred): Terminate argument list to - krb5_build_principal with NULL, not 0. Patch from Nalin - Dahyabhai. - -2004-08-15 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (struct _krb5_fcc_data): Add new mutex - disk_file_lock and flag file_is_locked. - (krb5_fcc_close_file): Unlock the mutex and clear the flag. - (krb5_fcc_open_file): Acquire the mutex before locking the file, - and set the flag after. - (krb5_fcc_resolve): Initialize the new mutex and flag. - (krb5_fcc_generate_new): Initialize both mutexes and the flag. - (dereference): Destroy the new mutex. - - * cc_file.c: Add buffering on reading. - (FCC_BUFSIZ): New macro. - (struct _krb5_fcc_data): Add new fields buf, valid_bytes, - cur_offset. - (krb5_fcc_resolve, krb5_fcc_generate_new): Initialize - valid_bytes. - (invalidate_cache): New function. - (krb5_fcc_write, krb5_fcc_open_file, krb5_fcc_destroy): Call - invalidate_cache. - (fcc_lseek): New function. - (krb5_fcc_skip_header, krb5_fcc_destroy, krb5_fcc_start_seq_get, - krb5_fcc_next_cred, krb5_fcc_store): Use fcc_lseek instead of - lseek. - (fcc_read): Use and maybe refill the buffer. - (dereference): Zap the contents of the buffer before freeing it. - - * cc_file.c (dereference): Lock mutex around call to - krb5_fcc_close_file. - -2004-08-12 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_fcc_close_file): Change first argument to be an - fcc-data pointer, not a krb5_ccache. All calls changed. - (struct fcc_set): Add a refcount member. (Definition - accidentally introduced without comment in an earlier patch.) - (krb5int_cc_file_mutex, fccs): New variables, for managing a - global list of open credential cache files. - (dereference): New function, with most of old close/destroy - operations. Decrements reference count and only frees the object - and removes it from the global list if the refcount hits zero. - (krb5_fcc_close, krb5_fcc_destroy): Call dereference. - (krb5_fcc_resolve): If a file cache is already open with the same - file name, increment its reference count and don't create a new - one. When a new one is created, add it to the global list. - * cc-int.h (krb5int_cc_file_mutex): Declare. - * ccbase.c (krb5int_cc_initialize): Initialize it. - (krb5int_cc_finalize): Destroy it, and krb5int_mcc_mutex. - -2004-08-05 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c: Remove USE_STDIO support. - -2004-07-25 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: is_windows_xp() should test for major version - > 5 not >= 5. - -2004-07-18 Ezra Peisach <epeisach@mit.edu> - - * cc_memory.c (krb5_mcc_store): When allocating krb5_mcc_link - memory - allocate sizeof() - not sizeof(sizeof()). - -2004-07-16 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c: Don't check for macsock.h. - -2004-07-15 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c (krb5_cc_default, krb5int_cc_default) - Removed default_ccprincipal field from krb5_context - -2004-07-14 Ken Raeburn <raeburn@mit.edu> - - * t_cc.c (cc_test): Rename one of the "resolve" cases so the - messages can be distinguished. - -2004-07-07 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Fix thread safety - -2004-07-07 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: When obtaining a TGT from MSLSA, do not ignore - the cache if the requested enctype is the NULL enctype. - -2004-06-30 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_fcc_data): Added a mutex. - (krb5_fcc_read*, krb5_fcc_write, krb5_fcc_store_*, - krb5_fcc_open_file, krb5_fcc_skip_header, - krb5_fcc_skip_principal): Verify that the mutex is locked. - (MAYBE_OPEN): Verify that the mutex is locked; unlock it if - returning an error. - (krb5_fcc_initialize, krb5_fcc_start_seq_get, - krb5_fcc_get_principal, krb5_fcc_store, krb5_fcc_set_flags): Lock - and unlock the mutex. - (krb5_fcc_close): Likewise. Destroy the mutex when done. - (krb5_fcc_destroy): Merge stdio and non-stdio versions a little - more. Destroy the mutex when done. - (krb5_fcc_resolve): Initialize and lock the mutex. - (krb5_fcc_next_cred): Lock and unlock the mutex. Merge the stdio - and non-stdio branches a little more. - -2004-06-29 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - - is_windows_2000() indicates the OS is Windows 2000 or higher - - is_windows_xp() indicates the OS is Windows XP or higher which - indicates that PKERB_QUERY_TKT_CACHE_EX_RESPONSE and - PKERB_TICKET_CACHE_INFO_EX are available. - - does_retrieve_ticket_cache_ticket() checks to see if a Microsoft - private fix is available which adds a new Cache Flag, - KERB_RETRIEVE_TICKET_CACHE_TICKET, which when set causes the - requested ticket to be stored in the LSA cache even when the - TicketFlags and EncType are not set to 0. - - KerbExternalTicketMatch() is a test to determine if two - Microsoft External Tickets are identical - + use the KerbQueryTicketCacheExMessage LSA call on XP or higher - + specify the KERB_RETRIEVE_TICKET_CACHE_TICKET flag when it is - available - = The combination of both + items will cause the ClientRealm - to be displayed properly for all cross realm tickets obtained - via the MSLSA - - -2004-06-29 Ken Raeburn <raeburn@mit.edu> - - * cc_memory.c (krb5_mcc_free): Don't destroy the mutex here. - -2004-06-28 Ken Raeburn <raeburn@mit.edu> - - * cc_memory.c: Include k5-thread.h. - (krb5int_mcc_mutex): New lock. - (krb5_mcc_store): Rewrite. - (NEED_WINDOWS): Don't define. - (krb5_mcc_*): All functions now static. - (struct _krb5_mcc_data): Delete 'next' pointer. Add a mutex. - (krb5_mcc_*): Lock and unlock the mutex as appropriate. - (struct krb5_mcc_list_node): New type, separates the linked-list - container from the data for individual nodes. - (mcc_head): Now points to krb5_mcc_list_node. - * cc-int.h (krb5int_mcc_mutex): Declare. - * ccbase.c (krb5int_cc_initialize): Initialize it. - -2004-06-24 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_fcc_read_data): Combine stdio and posix versions - of code with gratuitous minor differences. - (krb5_fcc_read_int32, krb5_fcc_next_cred): Likewise. - (krb5_fcc_read_addr): Likewise. Check that filled-in length field - matches the value we tried to store (i.e., that type conversion - didn't throw away information). - (krb5_fcc_read_authdatum): Likewise. - -2004-06-22 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (my_fopen): Function deleted. - (krb5_fcc_open_file): Use fopen, not my_fopen. - -2004-06-21 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Comment out call to FormatMessage() which fails - horribly on non-English systems. We do not need the output - or printf statements as part of a library. Therefore, we - will ignore this for the time being. When we decide we - want to log event to the Event Log then we can properly - implement this function. - -2004-06-18 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Enforce acceptable enctypes by checking against - the default_tgs_enctypes list instead of the permitted_enctypes - list; only enforce the desired enctype when retrieving tickets - to deliver to an application. do not enforce when attempting - to determine the current principal name. this is important - because specifying an enctype results in a TGS_REQ being sent - to the KDC; close memory leak of krb5_cred objects in - krb5_lcc_retrieve(). - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (MAC_SUBDIRS): Don't set. - -2004-05-27 Ezra Peisach <epeisach@mit.edu> - - * ccbase.c: Include cc-int.h. - - * cc-int.h (krb5int_cc_finalize): Add prototypes for - krb5int_cc_{finalize,initialize}. - -2004-05-25 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: GetMSTGT(). Initialize pTicketRequest to NULL - to prevent it being freed prior to allocation. Add krb5_context - parameter to allow krb5_get_permitted_enctype() to be called - instead of using a hardcoded list of enctypes which may change - in the future. - krb5_lcc_get_name(): fix return value if Kerberos is not supported. - - -2004-05-24 Ezra Peisach <epeisach@mit.edu> - - * t_cc.c (cc_test): Clean up memory leaks in tests. - -2004-05-15 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: The FAILED() macro only considered an error - to be a failure if the value is negative. ConstructTicketRequest() - returns positive errors. Do not use FAILED() to test the result. - Fix a potential leak of LSA allocated memory. Fix a leak of - LocalAlloc memory. - -2004-04-24 Ken Raeburn <raeburn@mit.edu> - - * ccbase.c: Include ctype.h. - (cc_typelist_lock): Use the new partial initializer. - (krb5int_cc_initialize): New function; finish the initialization. - (krb5int_cc_finalize): New function; destroy the mutex and free - any storage for registered types. - -2004-04-13 Jeffrey Altman <jaltman@mit.edu> - - * ccbase.c: - Since we have to reserve all the single letter - prefixes make them apply to all platforms - -2004-04-13 Jeffrey Altman <jaltman@mit.edu> - - * ccbase.c: - On Windows, if there is a ccache name provided without - a prefix but which appears to start with a drive letter, - treat it as a FILE: ccache instead of failing with a - ccache type unknown error. - -2004-04-13 Jeffrey Altman <jaltman@mit.edu> - - * ccbase.c: - krb5_cc_resolve() defines a function pointer ccresolver - which must be of type KRB5_CALLCONV - - -2004-04-06 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - In at least one case on Win2003 it appears that it is possible - for the logon session to be authenticated via NTLM and yet for - there to be Kerberos credentials obtained by the LSA on behalf - of the logged in user. Therefore, we are removing the test - for IsKerberosLogon() within krb5_lcc_resolve() - which was meant to avoid the need to perform GetMSTGT() when - there was no possibility of credentials being found. - -2004-03-31 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Add IsWindows2000() function and use it to return - errors whenever the MSLSA: ccache type is used on platforms - older than Windows 2000. This is needed to prevent calls to - the functions loaded from ADVAPI32.DLL and SECUR32.DLL which - do not exist on the Windows 9x platforms. - -2004-03-26 Sam Hartman <hartmans@mit.edu> - - * fcc.h: Remove all but the definition of krb5_cc_file_ops because - the rest is static in cc_file.c - - * Makefile.in (T_file): Remove (no longer builds, no longer used) - -2004-03-25 Sam Hartman <hartmans@mit.edu> - - * cc_file.c (krb5_fcc_generate_new): Use mkstemp not mktemp when possible - -2004-03-18 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - Add missing return statements in krb5_lcc_start_seq_get() - - Return error if principal name cannot be determined during - krb5_lcc_resolve() - - * cc-int.h: - New file - Add prototypes for cc internal functions - - * cc_retr.c - include cc-int.h - -2004-03-05 Ken Raeburn <raeburn@mit.edu> - - * ccbase.c: Include k5-thread.h. - (struct krb5_cc_typelist): Ops pointer now points to const. - (cc_typelist_lock): New mutex var. - (krb5_cc_register, krb5_cc_resolve): Lock it while working with - the type list. - -2004-02-04 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: - Remove reference to <ntstatus.h> as it is not present in the August 2001 - Platform SDK used by Pismere. Instead copy the error value. - -2004-02-02 Jeffrey Altman <jaltman@mit.edu> - - * cc_msla.c: - GetMSCacheTicketFromCacheInfo() uses the tktinfo->TicketFlags as the - value to assign to TicketRequest->TicketFlags. This field is blindly - inserted into the kdc-options[0] field of the TGS_REQ. If there are - bits such as TRANSIT_POLICY_CHECKED in the TicketFlags, this will result - in an unknown TGS_OPTION being processed by the KDC. - - This has been fixed by mapping the Ticket Flags to KDC options. - We only map Forwardable, Forwarded, Proxiable, and Renewable. The others - should not be used. - -2004-02-02 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: the MSLSA code was crashing on Pismere machines when - logging on with cross realm credentials. On these machines there are - 8 tickets within the LSA cache from two different realms. One of the - krbtgt/CLIENT-REALM@CLIENT-REALM tickets (not the Initial ticket but - a Forwarded ticket) is inaccessible to the ms2mit.exe and leash32.exe - processes. The attempt to access the ticket returns a SubStatus code - of STATUS_LOGON_FAILURE (0xC000006DL) which is supposed to mean that - the logon attempt was invalid due to bad authentication information. - kerbtray has no problem listing this ticket. The other seven tickets - in the cache including the Initial Ticket are accessible. Modified - krb5_lcc_next_cred() to skip to the next ticket if an attempt to read - a single ticket fails. - -2004-01-31 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Optimize the get next logic by storing a handle to - the MS TGT in the lcc_cursor data structure - -2004-01-31 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Do not return tickets to the caller if they contain - NULL session keys. This is to prevent useless TGTs from being - placed into the MIT credential cache. - -2004-01-30 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: As per extensive conversations with Doug Engert we have - concluded that MS is not specifying a complete set of domain information - when it comes to service tickets other than the initial TGT. What happens - is the client principal domain cannot be derived from the fields they - export. Code has now been added to obtain the domain from the initial - TGT and use that when constructing the client principals for all tickets. - - This behavior can be turned off by setting a registry either on a per-user - or a system-wide basis: - - {HKCU,HKLM}\Software\MIT\Kerberos5 - PreserveInitialTicketIdentity = 0x0 (DWORD) - - -2004-01-06 Jeffrey Altman <jaltman@mit.edu> - - * cc_file.c, cc_memory.c: - Add stub implementations for unimplemented krb5_cc_remove_cred() - Returns KRB5_CC_NOSUPP - - * cc_mslsa.c: - Add implementation for krb5_cc_remove_cred(). Returns KRB5_CC_READONLY. - -2003-12-19 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: fix indirection of a krb5_creds structure which - is passed into MSCredToMITCred(). - -2003-12-18 Jeffrey Altman <jaltman@mit.edu> - - * cc_retr.c: Extract the test to determine if a credential matches - a requested credential according to the specified fields into - a private function: krb5int_cc_creds_match_request() - - * cc_mslsa.c: Extend the functionality of krb5_lcc_retrieve() to - perform a MS Kerberos LSA ticket request if there is no matching - credential in the cache. The MS Kerberos LSA places the following - restriction on what tickets it will place into the LSA cache: - tickets obtained by an application request for a specific - set of kerberos flags or enctype will not be cached. - Therefore, we first make a request with no flags or enctype in - the hope that we will be lucky and get the right ones anyway. - If not, we make the application's request and return that ticket - if it matches the other criteria. - - Implemented a similar technique for krb5_lcc_store(). Since we - can not write to the cache, when a store request is made we - instead perform a ticket request through the lsa for a matching - credential. If we receive one, we return success. Otherwise, - we return the KRB5_CC_READONLY error. - - With these changes I am now able to operate entirely with the MSLSA - ccache as the default cache provided the MS LSA credentials are - for the principal I wish to use. Obviously, one cannot change - principals while the MSLSA ccache is the default. - -2003-12-15 Jeffrey Altman <jaltman@mit.edu> - - * cc_msla.c: Enable purging of the MS Kerberos LSA cache when the TGT - has expired. This will force the LSA to get a new TGT instead of - returning the expired version. - -2003-12-15 Jeffrey Altman <jaltman@mit.edu> - - * cc_mslsa.c: Perform a GetMSTGT() call as part of krb5_lcc_start_seq_get - to ensure that the tgt is refreshed - -2003-12-13 Jeffrey Altman <jaltman@mit.edu> - - * Makefile.in: Remove extranenous spaces in ##WIN32## constructs - defining MSLSA_SRC MSLSA_OBJ - -2003-12-12 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Move ##WIN32## constructs from inside - backslash-continued lists, as it was breaking them. Move explicit - dependency information from under automatic dependencies. - -2003-12-11 Jeffrey Altman <jaltman@mit.edu> - - * Makefile.in, ccbase.c, cc_mslsa.c (new) - - Remove all of the code which was duplicated between ms2mit.c - and the KfW Leash libraries (and who knows how many applications - shipped by third parties) and use it as the basis for a new - krb5_ccache type, "MSLSA:". The "MSLSA:" ccache type is a - read-only ccache which can be used either as a monitor of the - contents of the Microsoft LSA cache or as a source for copying - the contents to another ccache type. The purpose of migrating - this code to the krb5_32.dll is to avoid the need for applications - to be consistently updated each time Microsoft makes a change - to the behavior of the LSA cache. Changes have occurred with - the release of 2000, XP, and 2003 so far. Also, the code for - working with the MS LSA cache is not well documented and many - mistakes were made in the original versions of the ms2mit.c - code base. Unfortunately, the ms2mit.c code has been copied - into many other applications. - - With access to this new ccache type, the ms2mit.c source file - is reduced from 890 lines to 80 lines including the copyright - banner. - -2003-11-26 Jeffrey Altman <jaltman@mit.edu> - - * cc_default.c: Add support for Leash Kinit Dialog on Windows to - krb5int_c_default() - -2003-08-26 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_fcc_store_int32, krb5_fcc_store_ui_4) - (krb5_fcc_store_ui_2, krb5_fcc_store_octet): Remove gratuitous - conditionalizing of casts on USE_STDIO, left over from merge. - -2003-07-22 Sam Hartman <hartmans@mit.edu> - - * ccbase.c: Always register the file credentials cache type. If - we do not, then when USE_CCAPI is defined, it will not be - available. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - ($(OBJFILE)) [##WIN16##]: Omit CP action. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c: Remove Mac header goober and include - k5-int.h after KerberosLoginPrivate.h. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (krb5_cc_file_ops, krb5_fcc_ops): Now const. - * fcc.h (krb5_cc_file_ops): Update decl. - * cc_memory.c (krb5_mcc_ops): Now const. - * ccbase.c (krb5_mcc_ops): Update decl. - * ccdefops.c (krb5_cc_dfl_ops): Now points to const. - * t_cc.c (krb5_fcc_ops, krb5_mcc_ops): Update decls. - -2002-09-03 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c, cc_memory.c, cc_retr.c, ccbase.c, cccopy.c, - ccdefault.c, ser_cc.c, t_cc.c: Use prototype style function - definitions. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-15 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c (ALLOC): Use calloc, not malloc. - (krb5_fcc_read_principal): Check bounds on number of components - before calling ALLOC. - -2002-08-15 Tom Yu <tlyu@mit.edu> - - * t_cc.c: Remove references to STDIO ccache. - -2002-08-14 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c: Merge in cc_stdio.c, under preprocessor test for - USE_STDIO. - (USE_STDIO): Define it if HAVE_SYS_TYPES_H. - (krb5_change_cache, krb5_get_notification_message): Always - define. - (ALLOC): New macro, with overflow checking. - (krb5_fcc_read_principal, krb5_fcc_read_addrs, - krb5_fcc_read_authdata): Use it, and fix other overflow checks. - (my_fopen): Support non-Mac environments. - (krb5_fcc_open_file) [USE_STDIO]: Always use my_fopen. - (NO_FILE): New macro. All functions changed to test or assign it - rather than -1 or (FILE*)NULL. - (krb5_fcc_read_keyblock, krb5_fcc_read_data): Rewrite bounds - check. - (BINARY_MODE): Always define. - (setvbuf) [!HAVE_SETVBUF]: Define as macro using setbuf. - (krb5_fcc_open_file): Change file descriptor variable to "f" and - combine newly matching stdio and file sections. Use setvbuf - instead of checking whether to use setbuf. - - * cc_stdio.c: Deleted. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Updated. - * ccdefops.c (krb5_cc_dfl_ops) [!USE_CCAPI]: Always use - krb5_fcc_ops. - -2002-08-09 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c: All functions except krb5_change_cache and - krb5_get_notification_message now static. Minor other shuffling - to become more similar to cc_stdio.c. - (krb5_fcc_data): Rename "fd" to "file"; change all uses. - * cc_stdio.c: All functions now static. Rename all krb5_scc_ - functions, data types and macros to use krb5_fcc_ prefix instead. - Minor other shuffling to become more similar to cc_file.c. - (krb5_fcc_data): Rename from krb5_scc_data; reorder some fields. - (krb5_fcc_close_file): Never call fflush on a read-only file. - (BINARY_MODE): New macro. - (krb5_fcc_open_file): Combine ANSI_STDIO and non-ANSI cases - statements by using BINARY_MODE and compile-time string - concatenation. Choose lock flag value separately from call to - krb5_lock_file. - (krb5_fcc_generate_new): Use BINARY_MODE. - -2002-07-09 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c: Put # for cpp directives in first column. - -2002-60-20 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Build cc accessor functions on Windows. - [pullup from 1-2-2-branch] - -2002-06-20 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c: updated to new KLL function name - - * ccdefault.c: swapped include of KerberosLoginPrivate with - k5-int.h to avoid problems with including CoreServices.h after - profile.h and krb.h - - * ccdefault.c: Updated Mac OS X headers to new framework layout - - * ccdefops.c: created #define for USE_CCAPI now that both Mac OS 9 - and Mac OS 10 use ccapi. - - [pullups from 1-2-2-branch] - -2002-04-10 Danilo Almeida <dalmeida@mit.edu> - - * cc_file.c: Use _WIN32 instead of _WINSOCKAPI_ because - _WINSOCKAPI_ depends on the Winsock header used (i.e., Winsock 2 - does not define this). What we are really trying to check for is - Win32. Include port-sockets.h for Win32. (NOTE: Why is - NEED_SOCKETS being defined after the inclusion of k5-int.h? That - is pretty useless... What we probably should do is more - consitently used NEED_SOCKETS instead of manually putting in - network code. However, some people would probably have issues - with the build being slower...) - -2001-10-10 Ezra Peisach <epeisach@mit.edu> - - * cc_file.c (krb5_fcc_read): Remove const from fourth argument to - function to match prototype earlier in file. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c, cc_memory.c, cc_stdio.c, ser_cc.c: Make prototypes - unconditional. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c, cc_stdio.c: Delete _MSDOS (win16) support. - - * cc_memory.c, ccbase.c, ccdefault.c, ccfns.c: Don't explicitly - declare pointers FAR any more. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * cc_file.c, ccbase.c, cccopy.c, ccdefault.c, fcc.h, ser_cc.c: - Don't use KRB5_DLLIMP. - -2000-10-30 Tom Yu <tlyu@mit.edu> - - * cc_stdio.c: Add a "mode" field to krb5_scc_data to keep track of - what mode the file was opened in. - (krb5_scc_close_file): Ignore EBADF from fflush() if the file was - opened for readonly access. For some reason NetBSD's fflush() - exhibits this behavior. - (krb5_scc_open_file): Save the mode with which the file was opened - in data->mode. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * cc_stdio.c, cc_file.c: Unsigned/signed int cleanup. - -2000-10-03 Ezra Peisach <epeisach@mit.edu> - - * ser_cc.c (krb5_ccache_externalize): Use krb5_cc_get_name instead - of krb5_rc_get_name on credential cache. - - * cc_file.c (krb5_fcc_get_name): - * cc_stdio.c (krb5_scc_get_name): - * cc_memory.c (krb5_mcc_get_name): - * ccfns.c (krb5_cc_get_name): Declare as returning const char *. - -2000-09-25 Ezra Peisach <epeisach@mit.edu> - - * cc_file.c ccbase.c, cc_stdio.c, cc_retr.c, cc_memory.c: More - signed/unsigned fixes. - -Sat Sep 23 23:42:32 2000 Ezra Peisach <epeisach@mit.edu> - - * t_cc.c: Code cleanup. Test more failure modes of the cache library. - - * cccopy.c (krb5_cc_copy_creds): Memory leak. Call krb5_cc_end_seq_get. - - * cc_file.c (krb5_fcc_generate_new): Set flags to - KRB5_TC_OPENCLOSE, otherwise parts of the library assumes that the - file is open, when it is not. - - * cc_stdio.c (krb5_scc_generate_new): Same as cc_file.c change. - - -2000-09-22 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (check-unix): Build and exectute t_cc. - - * t_cc.c: Test harness for memory, stdio and file caches. - -2000-07-20 Danilo Almeida <dalmeida@mit.edu> - - * cc_file.c, cc_stdio.c: Remove unused krb5_[fs]cc_default_name() - prototype. - - * cc_stdio.c: Fix calling convention for op functions. - - * ccfns.c (krb5_cc_get_type): Fix calling convention. - - * Makefile.in: Change ${CC} and ${OBJS} to $(CC) and $(OBJS) so - nmake does not freak out. - -2000-07-19 Ken Raeburn <raeburn@mit.edu> - - * cc_memory.c (mcc_head): Combine static declaration and - initialization. - -2000-07-14 Ken Raeburn <raeburn@mit.edu> - - * t_stdio.c, t_file.c, t_memory.c: Test cases copied from old - subdirectories. Currently unused. - * Makefile.in (t_stdio): New target, basically same as 'test' in - old stdio/Makefile.in. - * file, memory, stdio: Subdirectories deleted. - - * cc_file.c, cc_stdio.c, cc_memory.c: New files, built from source - files of appropriate subdirectories. - * fcc.h, scc.h: New files, copied from subdirectories; temporary. - * ccfns.c: New file, implementing what used to be krb5_cc_* macros - in krb5.h. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Updated. - (LOCAL_SUBDIRS): Now empty. - (LOCALINCLUDES): Remove file and stdio subdirs. - (MAC_SUBDIRS): Remove file, stdio, memory. - (##DOS## stuff, clean-windows): Delete file and memory parts. - - * cc_memory.c (mcc_head): Now static. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * ccdefault.c: Add newline at end of file (compiler warning) - -2000-5-31 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c: Changed kerberosPrincipal_V5 to kerberosVersion_V5 - to reflect the new constant name. - -2000-4-26 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c: Added version number to internal Kerberos Login - Library routine. - -2000-4-13 Alexandra Ellwood <lxs@mit.edu> - - * ccdefault.c: Added Kerberos Login library support (with ifdefs - to control whether or not it is on. Also added support to store a - krb5_principal in the os_context along with the default ccache - name (if known, this principal is the same as the last time we - looked at the ccache. * ccdefname.c: Added support to store a - krb5_principal in the os_context along with the default ccache - name (if known, this principal is the same as the last time we - looked at the ccache. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-08-23 Ken Raeburn <raeburn@mit.edu> - - * cc_retr.c: New file. - (krb5_cc_retrieve_cred_seq): New function, derived from - fcc_retrieve but takes an optional list of enctypes to look for in - priority order. - (krb5_cc_retrieve_cred_default): New function. Same signature as - original fcc_retrieve but if new flag KRB5_TC_SUPPORTED_KTYPES is - set, calls krb5_get_tgs_ktypes to get a list of enctypes to look - for. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Add it. - -Tue May 18 19:52:56 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Remove - from recursive Win32 make invocation. - -Mon May 17 14:11:45 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Clean ccapi subdirectory in clean-windows target. - -Mon May 10 15:24:08 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1999-03-31 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * ccdefops.c: Change the default ccache type under windows to be - original FILE ccache type; this will get set to ccapi if - the krbcc32.dll can be found. - -Mon Feb 8 21:53:37 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in: Enable the ccapi directory for windows builds. - - * ccdefops.c: Make the ccapi the default ccache type for Windows - machines. - -1999-01-26 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Add ccapi to the include path so we can find stdcc.h - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Sat Dec 5 01:20:31 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in, ccdefops.c: Temporarily back out the ccapi ccache - under Windows so we can make sure the rest of the krb5 - tree builds correctly under Windows. (Note: I didn't - revert lib/krb5/os/ccdefname.c, so setting KRB5_CC_NAME to - FILE:C:\tmp\tkt is required to make things work.) - -1998-08-24 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Add windows build instructions to build CCache API - Cache implementation. - -Fri Aug 20 18:30:00 1998 Miro Jurisic <meeroh@mit.edu> - * Added Frank's CCache API cache implementation and made - it default on the Mac - -Thu Jul 30 13:12:30 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * ccbase.c: Enable memory ccache (merge adapted from Kerbnet) - -1998-05-27 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Add ccache/memory as a directory to be recursively - built by this makefile under Windows. - -Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Changed thisconfigdir to point at the lib/krb5 - directory, since we've moved the configure.in tests in - this directory to the toplevel lib/krb5 configure.in - -Wed Feb 18 16:19:12 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Thu Feb 12 16:17:46 1998 Tom Yu <tlyu@mit.edu> - - * configure.in: Add commented out AC_OUTPUT to force autoreconf to - rebuild the configure script. - -Wed Feb 11 22:56:49 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - - * configure.in: Create the makefiles for all of the subdirectories - and move all of the configure.in tests from the - subdirectories into this configure.in. - -Sat Dec 6 02:26:16 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Add cccopy.c. - - * cccopy.c: New file; krb5_cc_copy_creds from Cygnus. - -Mon Sep 15 15:14:16 1997 Ezra Peisach <epeisach@mit.edu> - - * ccbase.c (krb5_cc_resolve): Incoming cache name is const. - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - - * ccbase.c, ccdefault.c: - DLL export basic ccache functions - -Thu Jan 2 16:57:35 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new lib build procedure. - -Thu Jun 6 00:04:38 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (all-windows): Don't pass $(LIBCMD) on the command - line. It's set in the windows.in prologue for all - Makefiles anyway. - -Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Folded in danw's changes to allow - building Makefiles for the Macintosh. We now can build - MPW makefiles which are interpreted by CodeWarrior. - -Fri Nov 3 21:12:31 1995 Theodore Y. Ts'o <tytso@dcl> - - * configure.in: Added memory subdirectory - -Fri Oct 6 22:03:30 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Sep 25 16:56:30 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Tue Aug 29 13:35:23 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in, .Sanitize, ser_cc.c - Add new ccache handle serialization - routines. - -Fri Jun 9 19:31:13 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. Use DO_SUBDIRS to - recurse down subdirectories. - -Fri May 26 20:19:26 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for building shared libraries. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * ccbase.c: removed unneeded INTERFACE from non-api functions. - -Wed Mar 22 11:47:49 1995 <tytso@rsx-11.mit.edu> - - * Makefile.in (CFLAGS): Make -I options work when the build and - source tree are different. - -Fri Mar 17 19:19:07 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (LDFLAGS): Remove, duplicates config/pre.in. - (CFLAGS): Add -I options for file and stdio, to avoid paths in - #include statements. - (all-mac, clean-mac): Add. - * ccdefops.c: Avoid includes with pathnames, since they don't work - on the Mac. Configure the default cache based on whether the - system has <sys/types.h> (which defines types for low-level file - operations, among other things). - * configure.in (CONFIG_DIRS): Build stdio before file, for Mac - convenience (where file doesn't build). - -Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: cleaned up for the PC - -Tue Mar 7 19:53:05 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: take out ISODE_DEFS. - -Tue Mar 7 15:55:12 1995 Keith Vetter (keithv@fusion.com) - - * ccbase.c, ccdefault.c: added window INTERFACE keyword. - * Makefile.in: made to work on the PC. - -Tue Feb 28 00:35:33 1995 John Gilmore (gnu at toad.com) - - * ccbase.c, ccdefault.c: Avoid <krb5/...> includes. - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Added krb5_context to all krb5_routines - -Thu Oct 13 17:23:08 1994 Theodore Y. Ts'o (tytso@maytag) - - * configure.in: Add ISODE_DEFS - diff --git a/src/lib/krb5/ccache/ccapi/ChangeLog b/src/lib/krb5/ccache/ccapi/ChangeLog deleted file mode 100644 index e35231ad4..000000000 --- a/src/lib/krb5/ccache/ccapi/ChangeLog +++ /dev/null @@ -1,237 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - * stdcc_util.h: Include autoconf.h. - -2005-11-14 Jeffrey Altman <jaltman@mit.edu> - - * winccld.c, stdcc.c: include k5-int.h before stdcc.h - -2004-11-15 Ken Raeburn <raeburn@mit.edu> - - * stdcc.c (krb5_stdcc_get_flags): New function. - (krb5_cc_stdcc_ops): Add it. - * stdcc.h (krb5_stdcc_get_flags): Declare. - -2004-06-22 Ken Raeburn <raeburn@mit.edu> - - * stdcc_util.c (dupK5toCC): Don't test macintosh. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * stdcc.h, stdcc_util.h: Removed Mac header goober. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * winccld.c (krb5_fcc_ops): Updated decl. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-06-20 Danilo Almeida <dalmeida@mit.edu> - - * winccld.c: Include k5-int.h to get hidden ops struct. - [pullup from 1-2-2-branch] - -2002-06-20 Alexandra Ellwood <lxs@mit.edu> - - * stdcc.h: Added prototype for krb5_stdcc_shutdown. - - * stdcc.h, stdcc_util.h, stdcc_util.c: Updated Mac OS X headers to new - framework layout - - * stdcc.c: Removed unused variables and fixed macros to reduce warnings - - [pullups from 1-2-2-branch] - -2002-06-20 Miro Jurisic <meeroh@mit.edu> - - * stdcc.c: Replaced cc_* macros with functions - * stdcc.h, stdcc_util.h: Updated Mac OS #defines and #includes for new - header layout and Mac OS X frameworks - [pullup from 1-2-2-branch] - -2002-04-01 Danilo Almeida <dalmeida@mit.edu> - - * stdcc_util.c: Include errno.h. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * stdcc.h: Make prototypes unconditional. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * stdcc.c, stdcc.h, stdcc_util.c, stdcc_util.h, winccld.c: Delete - _MSDOS support. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * stdcc.h, winccld.c: Don't use KRB5_DLLIMP. - -2000-10-03 Ezra Peisach <epeisach@mit.edu> - - * stdcc.c, stdcc.h (krb5_stdcc_get_name): Declare as returning - const char *. - -2000-07-20 Danilo Almeida <dalmeida@mit.edu> - - * stdcc.h: Include k5-int.h to get krb5_ccache definition. - -2000-06-08 Alexandra Ellwood <lxs@mit.edu> - - * stdcc_util.c (dupCCtoK5, dupK5toCC): - Fixed code that stores times in localtime, not in kdc time. - -2000-05-18 Danilo Almeida <dalmeida@mit.edu> - - * stdcc_util.c (dupK5toCC): Remove unused variables. - - * stdcc_util.c: Reindent to krb5 coding style. Remove whitespace - at end of lines. Replace C++ comments with C comments. - - * stdcc_util.h: Replace C++ comments with C comments. - - * winccld.h: Do not define or try to load cc_lock_request, which is - not actually used anywhere in the code. - -2000-05-04 Miro Jurisic <meeroh@mit.edu> - - * stdcc_util.c (dupCCtoK5, dupK5toCC): - Conditionalized local/KDC time conversions for Mac-only - until we figure out what to do about that - -2000-04-18 Danilo Almeida <dalmeida@mit.edu> - - * winccld.h: Define CC_API_VER2 for all Windows code using ccapi. - Update dynamic loading declarations to use CC_API_VER2. - - * stdcc.c: Define CC_API_VER2 if not defined rather than just if - not Windows. - - * winccld.c (LoadFuncs): Get error on DLL load failure even though - we do not use it in case we are doing source-level debugging. - -2000-04-07 Jeffrey Altman <jaltman@columbia.edu> - - * stdcc_util.c (copyCCDataArrayToK5, copyCCDataArrayToK5): - * stdcc_util.c (dupCCtoK5, dupK5toCC): - - memory was being allocated as (sizeof(foo) * count + 1) - instead of (sizeof(foo) * (count + 1)) - -2000-04-03 Jeffrey Altman <jaltman@columbia.edu> - - * stdcc_util.c (copyCCDataArrayToK5, copyCCDataArrayToK5): - * stdcc_util.c (dupCCtoK5, dupK5toCC): - - Changed all references to the type UInt32 to unsigned int - since UInt32 is not a standard type on Unix or Win32 - -2000-03-24 Alexandra Ellwood <lxs@mit.edu> - - * stdcc_util.c (copyCCDataArrayToK5, copyCCDataArrayToK5): - Modified to copy authdata as well... this code may have - bugs since I couldn't get a good case where authdata != NULL - - * stdcc_util.c (dupCCtoK5, dupK5toCC): - Added code to store times in localtime, not in kdc time. - -2000-03-15 Danilo Almeida <dalmeida@mit.edu> - - * stdcc.c (krb5_stdcc_destroy): Do not mask KRB5_FCC_NOFILE error - on destroy. - -2000-02-10 Miro Jurisic <meeroh@mit.edu> - - * stdcc_util.c: Fixed lxs' fix - -2000-02-10 Alexandra Ellwood <lxs@mit.edu> - - * stdcc_util.c: Added +1 to strlen()'s so that the null terminator - will fit in the buffer. - -2000-02-04 Scott McGuire <smcguire@mit.edu> - - * stdcc.c (krb5_stdcc_initialize): Removed calls that destroyed - and recreated ccapi_data->NamedCache; instead close - and call create on it again. (This makes sure the data stays - in the same cache the whole time so external pointers don't - get confused.) - -1999-11-22 Miro Jurisic <meeroh@mit.edu> - - * stdcc.h, stdcc_util.h: use CCache2.h under MacOS for CCAPI v2 - compatibility - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-08-23 Ken Raeburn <raeburn@mit.edu> - - * stdcc.c (krb5_stdcc_retrieve): Replace with a version that calls - krb5_cc_retrieve_cred_default. - -1999-08-05 Alexandra Ellwood <lxs@mit.edu> - - * stdcc_util.c (deep_free_cc_v5_creds): - Added free(creds) so that the cc_creds gets freed when a - cred_union gets freed. Before it was leaking memory. - - I searched the k5 sources for folks calling deep_free_cc_v5_creds - and my change seems to not break anyone else. - -1999-08-03 Alexandra Ellwood <lxs@mit.edu> - - * stdcc.c (krb5_stdcc_destroy): - Added code to free the krb5_ccache like krb5_stdcc_close does - so we don't leak memory. - -1999-06-10 Danilo Almeida <dalmeida@mit.edu> - - * stdcc.c (cache_changed): Use PostMessage instead of SendMessage - so that we don't block. - -1999-06-08 Danilo Almeida <dalmeida@mit.edu> - - * winccld.h: Remove references to cc_*_instance functions. - -Thu May 13 18:01:58 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * winccld.c (krb5_win_ccdll_load): Register the FILE ccache type - if we are using ccapi, so that we make sure the FILE - ccache type will work if the user specifies it in an - environment variable. - -Mon May 10 15:24:36 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -Thu Apr 8 16:09:08 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * winccld.c: Only compile this file on Windows (to avoid screwing - up the Macintosh build). - -1999-03-31 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * winccld.c, winccld.h, stdcc.c: Add files to dynamically load - krbcc32.dll, so that we can fall back and use the built-in - file ccache type if krbcc32.dll doesn't exist. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - diff --git a/src/lib/krb5/error_tables/ChangeLog b/src/lib/krb5/error_tables/ChangeLog deleted file mode 100644 index 18efb6fd3..000000000 --- a/src/lib/krb5/error_tables/ChangeLog +++ /dev/null @@ -1,484 +0,0 @@ -2006-04-02 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-11 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (EHDRDIR): Don't use krb5 subdirectory. - -2006-03-06 Ken Raeburn <raeburn@mit.edu> - - * krb5_err.et (KRB5_PLUGIN_NO_HANDLE): New error code. - -2006-01-27 Sam Hartman <hartmans@mit.edu> - - * kdb5_err.et: New error codes for plugin errors - -2004-10-13 Alexandra Ellwood <lxs@mit.edu> - - * krb5_err.et: added KRB5_DELTAT_BADFORMAT for - krb5_string_to_deltat. - -2004-06-02 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (STLIBOBJS, OBJS, SRCS): Drop init_ets code. - -2004-01-06 Jeffrey Altman <jaltman@mit.edu> - - * krb5_err.et (KRB5_CC_NOSUPP) new ccache error code - -2003-12-12 Jeffrey Altman <jaltman@mit.edu> - - * krb5_err.et (KRB5_CC_READONLY) new ccache error code - -2003-07-19 Ezra Peisach <epeisach@mit.edu> - - * init_ets.c (krb5_init_ets): Only initialize error tables once - - so that init_conext/free_context loops do not result in memory - leaks. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-06-03 Ken Raeburn <raeburn@mit.edu> - - * krb5_err.et (KRB5_ERR_NO_SERVICE): New error code. - -2003-05-24 Ken Raeburn <raeburn@mit.edu> - - * krb524_err.et: New file, moved from ../../../krb524. Add new - error code KRB524_KRB4_DISABLED. - * Makefile.in (STLIBOBJS, HDRS, OBJS, ETSRCS, SRCS, awk-windows): - Add it. - ($(OUTPRE)krb524_err.$(OBJEXT)): List dependence on .c file. - * init_ets.c (krb5_init_ets): Call initialize_k524_error_table. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * krb5_err.et (KRB5_ERR_BAD_S2K_PARAMS): New error code. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-11-14 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove references to adm_err.et. It's not used, - and conflicts with the krb4 kadm error table. - -2002-10-24 Ken Hornstein <kenh@cmf.nrl.navy.mil - - * kv5m_err.et: Add magic numbers for new hardware preauth structures. - - * krb5_err.et (KRB5_SAM_INVALID_ETYPE, KRB5_SAM_NO_CHECKSUM, - KRB5_SAM_BAD_CHECKSUM): New error codes for the new hardware - preauthentication code. - -2002-09-02 Ken Raeburn <raeburn@mit.edu> - - * init_ets.c (krb5_init_ets, krb5_free_ets): Use prototype style - function definitions. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-27 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (awk-windows): Put quotes around $(EHDRDIR) since it - contains forward slashes now. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-07-09 Ken Raeburn <raeburn@mit.edu> - - * krb5_err.et (KRB5_ERR_NUMERIC_REALM): New error code. - -2002-06-09 Ken Raeburn <raeburn@mit.edu> - - * krb5_err.et (KRB5KRB_AP_PATH_NOT_ACCEPTED, - KRB5KRB_ERR_RESPONSE_TOO_BIG): New error codes. - -2002-03-06 Ken Raeburn <raeburn@mit.edu> - - * krb5_err.et: Change several "credentials cache file" messages to - just say "credentials cache", so as to be applicable in the ccapi - case too. (Miro's change from 1.2.x branch.) - -2002-01-08 Ken Raeburn <raeburn@mit.edu> - - * krb5_err.et (KRB5_EAI_FAIL, KRB5_EAI_NODATA, KRB5_EAI_NONAME, - KRB5_EAI_SERVICE): New error codes for getaddrinfo failures. - -2001-10-24 Tom Yu <tlyu@mit.edu> - - * kdb5_err.et: Add KRB5_KDB_NO_PERMITTED_KEY, - KRB5_KDB_NO_MATCHING_KEY for libkdb so we can return something - other than ENOENT (which was Just Wrong). - -2001-04-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (includes): New target. Copy headers into proper - include directory. - (unixmac): Target deleted. - (THDRDIR): New variable. - -2000-10-26 Tom Yu <tlyu@mit.edu> - - * asn1_err.et: Add error codes MISMATCH_INDEF and MISSING_EOC. - -2000-06-30 Ezra Peisach <epeisach@mit.edu> - - * init_ets.c: Remove unused variable. - -1999-12-01 Ken Raeburn <raeburn@mit.edu> - - * krb5_err.et (KRB5_OBSOLETE_FN): New error code. - -1999-11-02 Ken Raeburn <raeburn@mit.edu> - - * krb5_err.et (KRB5_CONFIG_ETYPE_NOSUPP): New error code. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-08-23 Ken Raeburn <raeburn@mit.edu> - - * krb5_err.et (KRB5_CC_NOT_KTYPE): New error code. - -1999-07-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Delete dependency info for isode error table that - was removed in early 1995. - -Mon May 10 15:25:19 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Mon May 18 17:09:22 1998 Tom Yu <tlyu@mit.edu> - - * krb5_err.et: Clarify error for REALM_CANT_RESOLVE. - -Thu Apr 16 20:51:40 1998 Tom Yu <tlyu@mit.edu> - - * asn1_err.et (ASN1_BAD_GMTIME): Add code for case where bad - values are returned from gmtime(). - -Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Changed thisconfigdir to point at the lib/krb5 - directory, since we've moved the configure.in tests in - this directory to the toplevel lib/krb5 configure.in - -Wed Feb 18 16:21:57 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Thu Feb 5 22:58:09 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * krb5_err.et: Add a comment about the low 128 error codes being - defined by the Krb5 protocol spec. - -Sat Dec 6 02:27:37 1997 Tom Yu <tlyu@mit.edu> - - * krb5_err.et: Add codes for Cygnus chpw. - -Fri Jul 25 15:25:02 1997 Tom Yu <tlyu@mit.edu> - - * kdb5_err.et: Add error code for bad creation flags. - -Sat Feb 22 22:26:16 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Sat Feb 15 15:41:58 1997 Richard Basch <basch@lehman.com> - - * init_ets.c (krb5_finish_ets): - New routine to cleanup krb5 error tables - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - - * init_ets.c: dll export krb5_init_ets() - -Thu Jan 2 17:07:07 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Fri Dec 13 14:55:43 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * krb5_err.et: Added the error codes KRB5_APPL_EXPIRED and - KRB5_LIB_EXPIRED. - -Tue Nov 19 17:06:26 1996 Barry Jaspan <bjaspan@mit.edu> - - * krb5_err.et: add KRB5_KT_KVNONOTFOUND [krb5-libs/198] - -Wed Nov 6 11:15:32 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * krb5_err.et: Make the KRB5_CONFIG_CANTOPEN and - KRB5_CONFIG_BADFORMAT error messages more clear that the - problem is with the _Kerberos_ configuration file. - -Fri Oct 18 17:49:51 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * kv5m_err.et: Add magic code for GSSAPI OID and GSSAPI QUEUE, - which are needed for the serialization routines. - -Wed Jul 24 16:03:52 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * krb5_err.et: Added new error code KRB5_KT_NAME_TOOLONG - -Thu Jun 13 21:43:23 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * configure.in: remove ref to SS_RULES, ET_RULES - -Sat Mar 30 22:55:26 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (SRCS): Inlined the list of et-build source files in - SRCS, so that they are correctly included in the Mac - build. - -Wed Mar 13 13:05:46 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * kv5m_err.et: Add KV5M_PASSWD_PHRASE_ELEMENT - -Fri Feb 16 12:04:06 1996 Theodore Y. Ts'o <tytso@pao.MIT.EDU> - - * krb5_err.et: Added new error table code KRB5_CONFIG_NODEFREALM. - -Fri Jan 5 12:23:44 1996 Theodore Y. Ts'o <tytso@dcl> - - * krb5_err.et: Added error table code KRB5_FWD_BAD_PRINCIPAL. - -Thu Dec 21 18:46:45 1995 Theodore Y. Ts'o <tytso@dcl> - - * krb5_err.et: Changed KRB5_SENDAUTH_MUTUAL_FAILED to - KRB5_MUTUAL_FAILED (since the error code is no longer used - in sendauth). Added KRB5_CC_FORMAT for indicating a - problem in the credentials cache format. - -Wed Nov 8 02:45:56 1995 Theodore Y. Ts'o <tytso@dcl> - - * kv5m_err.et: Added magic number for krb5_preauth_ops. - -Mon Oct 23 21:24:12 1995 Theodore Y. Ts'o <tytso@dcl> - - * krb5_err.et: Added new error code KRB5_GET_IN_TKT_LOOP. - -Fri Oct 6 22:03:44 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Sep 25 16:57:06 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * kdb5_err.et : Change KRB5_KDB_BAD_KEYTYPE to KRB5_KDB_BAD_ENCTYPE - * krb5_err.et : Change KRB5_BAD_KEYTYPE to KRB5_BAD_ENCTYPE - -Tue Aug 29 13:37:14 EDT 1995 Paul Park (pjpark@mit.edu) - * kv5m_err.et - Add magic numbers for DB_CONTEXT, AUTH_CONTEXT, KEYTAB - RCACHE and CCACHE. - -Mon Aug 28 12:53:01 1995 <tytso@rsts-11.mit.edu> - - * kv5m_err.et: Added new error codes KV5M_ALT_METHOD and - KV5M_ETYPE_INFO_ENTRY. - -Mon Aug 07 11:29:49 1995 Chris Provenzano (proven@mit.edu) - - * krb5_err.et: Add new error KRB5_KDB_BAD_KEYTYPE. - -Thu Aug 03 12:35:47 1995 Chris Provenzano (proven@mit.edu) - - * krb5_err.et: Add new error KRB5_KDB_BAD_SALTTYPE. - -Fri Jun 9 19:34:12 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Thu Jun 8 23:46:29 1995 Tom Yu (tlyu@dragons-lair) - - * Makefile.in: don't install et-generated headers in the build tree - -Fri May 26 20:19:59 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for building shared libraries. - -Tue May 23 16:46:30 1995 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: Don't install the error table header files; they - shouldn't be needed by an end-programmer. - -Tue Apr 25 21:58:23 1995 Chris Provenzano (proven@mit.edu) - - * krb5_err.et: Add new error KRB5_TKT_NOT_FORWARDABLE. - -Thu Apr 13 16:36:10 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: clean target was cleaning too much for the PC. - -Wed Apr 5 16:29:25 1995 Keith Vetter (keithv@fusion.com) - - * krb5_err.et: added KRB5_REALM_CANT_RESOLVE for more precise - handling of not finding KDC. - -Fri Mar 31 16:06:21 1995 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in (BUILDTOP2, etc): Back out previous change so that - it doesn't break people who are using VPATH to have - separate build directories. (See comments in the Makefile.) - -Tue Mar 28 18:29:44 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (BUILDTOP2, etc): Make it possible - to build the error tables on Unix before a Mac build. - (all-mac): Don't build $(HDRS) on Mac. - (unixmac): Build `includes'. - (clean-mac): Add. - (includes, clean, .SUFFIXES, .et.h, .et.c): Add, to make it - possible to run `make -f Makefile.in unixmac' successfully. - * configure.in (ASN1_{HDRS,OBJS,SRCS, BOGUS): Remove, unused. - (CopyHeader rules): Remove, they're now in Makefile.in. - -Fri Mar 24 14:25:15 1995 <tytso@rsx-11.mit.edu> - - * Makefile.in (install): Add install rule for the error table - headers. - -Tue Mar 21 21:06:06 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (all-unix): The "includes" target is *not* obsolete; - it's necessary to copy the header files to the build tree. - -Fri Mar 17 19:42:45 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (LDFLAGS): Eliminate, duplicate. - (SRCS): Eliminate $(srcdir) which causes mac problems. - (all-unix): Eliminate obsolete "includes". - (all-mac): Add. - (unixmac): Add $(SRCS) so that the .c source files will be created - here in the original "configure tree on Unix" stage of the build. - -Wed Mar 15 12:24:25 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: disabled the awk part of the makefile. - -Tue Mar 7 21:40:18 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed library name for the PC. - -Thu Mar 2 23:33:21 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (unixmac): New target, runs on Unix to build include - files for Mac build. - -Tue Feb 28 00:37:58 1995 John Gilmore (gnu at toad.com) - - * init_ets.c: Avoid <krb5/...> includes. - -Tue Feb 21 18:25:51 1995 Mark Eichin (eichin@tweedledumber.cygnus.com) - - * init_ets.c (krb5_init_ets): use old-style definition. - -Tue Feb 21 0:57:40 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work for PC - * init_ets.c: - added INTERFACE for windows - removed PROTOTYPE macro from the function - -Fri Feb 10 14:56:57 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile: - * configure.in: - * init_ets.c (krb5_init_ets): Remove isode cruft. - -Thu Feb 2 20:49:10 1995 Mark Eichin (eichin@cygnus.com) - - * krb5_err.et (KRB5KRB_AP_ERR_V4_REPLY): new error code for V4 - reply to a V5 request. - -Mon Dec 19 17:10:13 1994 Theodore Y. Ts'o (tytso@dcl) - - * krb5_err.et (KV5M_CONTEXT, KV5M_OS_CONTEXT): Add new error codes. - -Fri Nov 18 15:29:55 1994 Theodore Y. Ts'o (tytso@dcl) - - * krb5_err.et (KV5M_KEYTAB_ENTRY): Add new error code - -Fri Nov 18 00:23:51 1994 Mark Eichin <eichin@cygnus.com> - - * Makefile.in (clean): remove $(BOGUS) - (HDRS): use ASN1_HDRS, not ASN1_SRCS. (from epeisach) - -Thu Nov 17 00:41:39 1994 Theodore Y. Ts'o (tytso@dcl) - - * krb5_err.et (KRB5_CC_WRITE_ERR): Add new error code. - -Fri Nov 11 07:10:25 1994 Tom Yu (tlyu@dragons-lair) - - * Makefile.in: fix some typos for kv5m_err.et - -Thu Nov 10 22:12:43 1994 Theodore Y. Ts'o (tytso@dcl) - - * kv5m_err.et: Add support for krb5_address table; rename - KV5M_AUTH_DATA to follow the convention properly. - -Thu Nov 3 16:39:49 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: - * Makefile.in: - * kv5m_err.et: Add the kv5m error table. - -Fri Oct 14 23:07:48 1994 Theodore Y. Ts'o (tytso@dcl) - - * init_ets.c (krb5_init_ets): Fix typo in spelling of KRB5_USE_ISODE. - -Thu Sep 29 15:09:03 1994 Theodore Y. Ts'o (tytso@dcl) - - * krb5_err.et (KRB5_KDCREP_SKEW, KRB5_IN_TKT_REALM_MISMATCH, - KRB5_SERVICE_UNKNOWN): - Added two new error codes. - -Wed Sep 21 18:00:25 1994 Theodore Y. Ts'o (tytso@dcl) - - * krb5_err.et (KRB5KRB_AP_ERR_ILL_CR_TKT): Added new error code. - -Sat Jul 16 05:59:53 1994 Tom Yu (tlyu at dragons-lair) - - * krb5_err.et: missing space between comma and doublequote - -Tue Jun 28 19:11:43 1994 Tom Yu (tlyu at dragons-lair) - - * Makefile.in: doing the right thing with new error tables - - * configure.in: adding ISODE_DEFS - * init_ets.c: folding in Harry's changes - diff --git a/src/lib/krb5/keytab/ChangeLog b/src/lib/krb5/keytab/ChangeLog deleted file mode 100644 index cbfff99b8..000000000 --- a/src/lib/krb5/keytab/ChangeLog +++ /dev/null @@ -1,686 +0,0 @@ -2006-04-02 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-31 Ken Raeburn <raeburn@mit.edu> - - * kt_file.c (krb5_ktf_keytab_externalize, - krb5_ktf_keytab_internalize): Read and write file position as 64 - bits rather than trying to figure out size of long. - -2005-04-13 Ken Raeburn <raeburn@mit.edu> - - * kt_file.c (NEED_SOCKETS): Don't define. - * kt_srvtab.c (NEED_SOCKETS): Don't define. - -2004-11-26 Ken Raeburn <raeburn@mit.edu> - - * kt_file.c (krb5_ktfile_wresolve): Initialize mutex here too. - -2004-11-23 Ken Raeburn <raeburn@mit.edu> - - * kt_file.c (struct _krb5_ktfile_data): Add mutex and buffer. - (KTFILEBUFP, KTLOCK, KTUNLOCK, KTCHECKLOCK): New macros. - (krb5_ktfile_resolve): Initialize mutex. - (krb5_ktfile_close): Zap data buffer before freeing. - (krb5_ktfile_get_entry, krb5_ktfile_start_seq_get, - krb5_ktfile_get_next, krb5_ktfile_end_get, krb5_ktfile_add, - krb5_ktfile_remove): Lock and unlock the mutex. - (krb5_ktfileint_open): Check that the mutex is locked. Set the - stdio buffer to the new buffer in the ktfile data. - (krb5_ktfileint_write_entry, krb5_ktfileint_find_slot): Check that - the mutex is locked. Don't call setbuf. Flush the stdio buffer - after writing. - -2004-11-23 Tom Yu <tlyu@mit.edu> - - * kt_file.c (krb5_ktfileint_open): Update previous change by - explicitly setting errno=0 prior to calling fopen(). Also, return - EMFILE, not ENFILE, for compatibility with Solaris 8, which does - set errno when out of file descriptors. - -2004-11-19 Tom Yu <tlyu@mit.edu> - - * kt_file.c (krb5_ktfileint_open): Patch from Roland Dowdeswell to - return ENFILE when fopen() returns NULL but doesn't set errno. - -2004-06-22 Ken Raeburn <raeburn@mit.edu> - - * kt_file.c (krb5_ktf_keytab_externalize, - krb5_ktf_keytab_internalize): Don't test macintosh. - -2004-06-15 Ken Raeburn <raeburn@mit.edu> - - * kt_file.c (krb5_kt_default_vno): Replaced variable with macro. - -2004-05-27 Ezra Peisach <epeisach@mit.edu> - - * ktbase.c: Include kt-int.h - - * kt-int.h: Create file with prototypes for krb5int_kt_initialize and - krb5int_kt_finalize(void); - - -2004-04-24 Ken Raeburn <raeburn@mit.edu> - - * ktbase.c: Include ctype.h. - (k5_typehead_lock): Use new partial initializer. - (krb5int_kt_initialize): New function; finish mutex - initialization. - (krb5int_kt_finalize): New function; destroy the mutex and free - storage associated with registered types. - -2004-04-13 Jeffrey Altman <jaltman@mit.edu> - - * ktbase.c: - Since we have to reserve all the single letter - prefixes make them apply to all platforms - -2004-04-13 Jeffrey Altman <jaltman@mit.edu> - - * ktbase.c: On Windows, improve the treat drive letter - prefix string as a FILE: keytab change to work if the - default keytab type was changed to not be of type FILE: - -2004-04-08 Jeffrey Altman <jaltman@mit.edu> - - * ktbase.c: Restore the thread safety fixes - -2004-04-08 Jeffrey Altman <jaltman@mit.edu> - - * ktbase.c: On Windows, if we see a colon do not assume it means - we found a prefix string unless the length of the prefix is - not equal to one. If it is one, it means we found a drive letter - and not a prefix. - -2004-03-05 Ken Raeburn <raeburn@mit.edu> - - * ktbase.c: Include k5-thread.h. - (k5_typehead_lock): New mutex variable. - (krb5_kt_register, krb5_kt_resolve): Lock it while accessing the - type list. - (krb5_kt_register): Ops table is now const. - (struct krb5_kt_typelist): "next" pointer now points to const. - (krb5_kt_typelist_wrfile, krb5_kt_typelist_file, - krb5_kt_typelist_srvtab): Now const. - (kt_typehead): Now points to const. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-05-22 Tom Yu <tlyu@mit.edu> - - * kt_file.c (krb5_ktfile_get_entry): Check principal name prior to - checking enctype. Suggested by Wyllys Ingersoll. - -2003-05-19 Sam Hartman <hartmans@mit.edu> - - * ktbase.c: Register writable keytab by default - -2003-04-01 Nalin Dahyabhai <nalin@redhat.com> - - * kt_file.c (krb5_ktfileint_internal_read_entry): Use - krb5_princ_size instead of direct field access. - (krb5_ktfileint_write_entry, krb5_ktfileint_size_entry): - Likewise. - -2003-02-08 Tom Yu <tlyu@mit.edu> - - * kt_file.c (krb5_ktfile_get_entry): Fix comment; not going to - redesign key storage architecture for 1.3. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2002-10-31 Ken Raeburn <raeburn@mit.edu> - - * kt_file.c (krb5_ktf_ops, krb5_ktf_writable_ops): Now const. - Drop cast of serializer entry initializer. - (fopen_mode_rbplus, fopen_mode_rb): Now const. - * kt_srvtab.c (krb5_kts_ops): Now const. - * ktbase.c (krb5_ktf_ops, krb5_kts_ops): Update declarations. - (struct krb5_kt_typelist): Field ops now points to const. - -2002-09-03 Ken Raeburn <raeburn@mit.edu> - - * kt_file.c, kt_srvtab.c, ktadd.c, ktbase.c, ktdefault.c, - ktfr_entry.c, ktremove.c, read_servi.c: Use prototype style - function definitions. - - * kt_file.c (errno), kt_srvtab.c (errno): Don't declare. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-06-18 Danilo Almeida <dalmeida@mit.edu> - - * ktfr_entry.c: Rename krb5_kt_free_entry_contents as - krb5_free_keytab_entry_contents to make it consistent with rest of - API. - [pullup from 1-2-2-branch] - -2002-06-18 Ken Raeburn <raeburn@mit.edu> - - * ktfr_entry.c (krb5_kt_free_entry_contents): Rename from - krb5_kt_free_entry, keep old name as wrapper. - [pullup from 1-2-2-branch] - -2002-06-11 Ken Raeburn <raeburn@mit.edu> - - * kt_file.c: Undo non-logged part of last change that added - inclusion of netinet/in.h; k5-int.h should pull it in with - NEED_SOCKETS defined. - -2002-06-09 Ken Raeburn <raeburn@mit.edu> - - * kt_srvtab.c: New file, combines all srvtab functions. All - functions now static, only the ops table is exported. - * srvtab/*: All files deleted. - * kt_file.c: New file, combines all file/wrfile functions. - * file/*: All files deleted. - * Makefile.in (LOCAL_SUBDIRS, MAC_SUBDIRS): Deleted. - (STLIBOBJS, OBJS, SRCS): Added new files. - (all-windows): Skip subdirs target. - (subdirs, file\$(OUTPRE)file.lst, srvtab\$(OUTPRE)file.lst)[DOS]: - Deleted targets. - ($(OBJFILE))[DOS]: Skip subdir stuff. - (clean-windows): Don't go into subdirs. - -2002-03-06 Ken Raeburn <raeburn@mit.edu> - - * srvtab/kts_g_ent.c (krb5_ktsrvtab_get_entry): If a specific DES - enctype was requested, set the key's enctype to it, instead of - always returning des-cbc-crc. - - * file/ktf_g_ent.c (krb5_ktfile_get_entry): For non-zero kvno, - match only low 8 bits. For zero kvno, if any kvno in the keytab - is over 240, assume we're dealing with numbers 128 - through (127+256) instead. This allows for wrapping at 256 while - retaining a small set of consecutively numbered prior keys in the - keytab. - -2002-02-22 Ken Raeburn <raeburn@mit.edu> - - * ktbase.c (krb5_kt_resolve): Use const instead of krb5_const. - -2001-11-19 Tom Yu <tlyu@mit.edu> - - * file/ktf_g_ent.c (krb5_ktfile_get_entry): Coerce enctype for now - to restore 1.0.x enctype similarity behavior. - -2001-10-15 Danilo Almeida <dalmeida@mit.edu> - - * ktfns.c (krb5_kt_get_type): KRB5_CALLCONV. - -2001-10-12 Ken Raeburn <raeburn@mit.edu> - - * ktfns.c: New file. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Build it. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * ktbase.c: Make prototypes unconditional. - * srvtab/ktsrvtab.h: Make prototypes unconditional. - * file/ktfile.h, file/ser_ktf.c: Make prototypes unconditional. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * file/ser_ktf.c: Drop _MSDOS support. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * ktadd.c, ktbase.c, ktdefault.c, ktfr_entry.c, ktremove.c, - read_servi.c: Don't use KRB5_DLLIMP. Don't explicitly declare - pointers FAR any more. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * ktbase.c (krb5_kt_resolve): Signed/unsigned int - cleanups. Maintain const char * attribute of incomming name. - - * srvtab/kts_g_name.c, srvtab/ktsrvtab.h (krb5_ktsrvtab_get_name): - Uses unsigned int length now. - - * file/ktf_util.c: Unsigned/signed int cleanups. - - * file/ktf_g_name.c, file/ktfile.h (krb5_ktfile_get_name): Length - field now unsigned int. - -2000-09-25 Ezra Peisach <epeisach@mit.edu> - - * file/ser_ktf.c (krb5_ktf_keytab_externalize): Do not violate - const char * declaration of ktfile_def_name. - - * file/ktf_util.c (xfwrite): Cast length field to fwrite/fread as - unsigned. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * srvtab/kts_util.c (read_field): Cleanup unused variable. - -2000-03-12 Ezra Peisach <epeisach@mit.edu> - - * ktbase.c (krb5_kt_resolve): Change prototype from const to - krb5_const to match krb5.hin - -Fri Jan 28 19:53:44 2000 Ezra Peisach <epeisach@mit.edu> - - * srvtab/kts_g_ent.c, srvtab/ktsrvtab.h (krb5_ktsrvtab_get_entry): - Change the third argument to krb5_const_principal (from - krb5_principal) to agree with krb5_kts_ops entries. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in, file/Makefile.in, srvtab/Makefile.in: Clean up - usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, LOCAL_INCLUDES such that - one can override CFLAGS from the command line without losing CPP - search patchs and defines. Some associated Makefile cleanup. - -1999-06-15 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Fix windows build. - - * srvtab/Makefile.in: Fix windows build. - - * srvtab/ktsrvtab.h, srvtab/kts_resolv.c (krb5_ktsrvtab_resolve), - srvtab/kts_g_name.c (krb5_ktsrvtab_get_name), - srvtab/kts_close.c (krb5_ktsrvtab_close), - srvtab/kts_g_ent.c (krb5_ktsrvtab_get_entry), - srvtab/kts_ssget.c (krb5_ktsrvtab_start_seq_get), - srvtab/kts_next.c (krb5_ktsrvtab_get_next), - srvtab/kts_endget.c (krb5_ktsrvtab_end_get): Fix calling - convention. - -1999-06-13 Geoffrey King <gjking@mit.edu> - - * Makefile.in: Add new subdirectory srvtab. - - * srvtab: Initial checkin of ghudson's code to implement the - SRVTAB keytab type, which can read a krb4 srvtab. - - * ktbase.c: Support FILE and SRVTAB types by default. Use - krb5_ktf_ops instead of krb5_dfl_ops. - -Tue May 18 19:52:56 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Remove - from recursive Win32 make invocation. - -Mon May 10 15:25:32 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in, file/Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in, file/Makefile.in: Set the myfulldir and mydir - variables (which are relative to buildtop and thisconfigdir, - respectively.) - -1998-10-27 Marc Horowitz <marc@mit.edu> - - * file/ktf_g_ent.c (krb5_ktfile_get_entry): restructure the code - to use the compare_enctypes function and not leak memory - -Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in, file/Makefile.in: Changed thisconfigdir to point at - the lib/krb5 directory, since we've moved the configure.in tests - in this directory to the toplevel lib/krb5 configure.in - -Wed Feb 18 16:22:33 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in, file/Makefile.in: Remove trailing slash from - thisconfigdir. Fix up BUILDTOP for new conventions. - -Thu Feb 12 16:18:05 1998 Tom Yu <tlyu@mit.edu> - - * configure.in: Add commented out AC_OUTPUT to force autoreconf to - rebuild the configure script. - -Mon Feb 2 16:47:05 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in, file/Makefile.in: Define BUILDTOP and thisconfigdir - in the Makefile - - * configure.in: Create the makefiles for the file subdirectory - and move all of the configure.in tests from in the - subdirectory into this configure.in. - -Tue Oct 28 10:53:10 1997 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * ktf_wreslv.c, ktf_resolv.c:Initialize version element of - krb5_ktfile_data structure. - -Mon Sep 15 15:15:33 1997 Ezra Peisach <epeisach@mit.edu> - - * ktfile.h, ktf_g_ent.c (krb5_ktfile_get_entry): Incoming principal - is krb5_const_principal. - -Sat Feb 22 22:27:53 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - - * ktadd.c,ktbase.c,ktdefault.c,ktfr_entry.c,ktremove.c,read_servi.c: - DLL export the keytab dispatch functions - - * file/Makefile.in: win32 build - - * file/ktf_add.c, file/ktf_close.c, file/ktf_g_ent.c, - file/ktf_g_name.c, file/ktf_next.c, file/ktf_remove.c, - file/ktf_resolv.c, file/ktf_ssget.c, file/ktf_wreslv.c, - file/ktfile.h: Change the functions declarations to include FAR - pointers and KRB5_CALLCONV so that they can be utilized by a DLL. - -Thu Jan 2 17:11:59 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in, configure.in, file/Makefile.in, file/configure.in: - Update to new library build procedure. - -Tue Nov 19 17:06:59 1996 Barry Jaspan <bjaspan@mit.edu> - - * file/ktf_g_ent.c (krb5_ktfile_get_entry): return - KRB5_KT_KVNONOTFOUND when appropriate [krb5-libs/198] - -Wed Jul 24 17:10:11 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * file/ktf_g_name.c (krb5_ktfile_get_name): Use the error code - KRB5_KT_NAME_TOOLONG instead of ENAMETOOLONG, which isn't - portable. - -Fri Jul 12 21:16:50 1996 Marc Horowitz <marc@mit.edu> - - * file/ktf_g_name.c (krb5_ktfile_get_name): include the prefix in - the returned name. - -Wed Jun 12 01:09:01 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * file/ser_ktf.c: Add #ifdef _WIN32 in places where we had #ifdef - _MSDOS - -Thu Jun 6 00:04:38 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (all-windows): Don't pass $(LIBCMD) on the command - line. It's set in the windows.in prologue for all Makefiles anyway. - -Thu May 9 03:05:51 1996 Richard Basch <basch@lehman.com> - - * file/ktf_g_ent.c (krb5_ktfile_get_entry): don't skip over keytab - entries with kvno=0. - -Tue Mar 19 22:28:43 1996 Richard Basch <basch@lehman.com> - - * file/ktf_g_ent.c (krb5_ktfile_get_entry): all des enctypes are - equivalent - -Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Folded in danw's changes to allow - building Makefiles for the Macintosh. We now can build - MPW makefiles which are interpreted by CodeWarrior. - -Thu Jan 25 15:52:34 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * file/ktf_g_ent.c (krb5_ktfile_get_entry): Match against enctype. - -Fri Jan 5 04:50:41 1996 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * file/ser_ktf.c (krb5_ktf_keytab_internalize): Take care of gcc - warning under OSF/1. - -Wed Dec 13 07:09:30 1995 Chris Provenzano (proven@mit.edu) - - * configure.in : Remove subdirectory db. - -Tue Dec 12 01:26:30 1995 Chris Provenzano (proven@mit.edu) - - * configure.in : Added subdirectory db. - -Fri Oct 6 22:04:28 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in, file/Makefile.in: Remove ##DOS!include of - config/windows.in. config/windows.in is now included by - wconfig. - -Mon Sep 25 16:57:28 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in, file/Makefile.in: Removed "foo:: foo-$(WHAT)" lines - from the Makefile. - -Wed Sep 13 10:57:08 1995 Keith Vetter (keithv@fusion.com) - - * file/ser_ktf.c: Added MSDOS to wherever MACINTOSH was used. - -Mon Sep 11 21:22:44 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * file/ser_ktf.c (krb5_ktf_keytab_externalize): On Macintosh, - keytab file is not left open - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * read_servi.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - - * file/ktf_g_ent.c, file/ktf_remove.c, file/ktf_util.c, - file/ktfile.h : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * file/ktf_util.c : Remove krb5_enctype references, and replace with - krb5_keytype where appropriate - -Tue Aug 29 13:37:56 EDT 1995 Paul Park (pjpark@mit.edu) - - * ktbase.c - Add routines to deal with externalizing krb5_keytab. These - search the registered keytab types for a match and dispatch - via the serializer handle. - * file/Makefile.in, file/.Sanitize, file/ser_ktf.c - Add new module to support - serialization of [WR]FILE keytabs. - * file/ktf_{defops,ops,wops}.c - Add serializer entry. - * file/ktf_{resolv,wreslv}.c - Set magic number in successfully resolved - keytab. - -Wed Aug 16 02:45:19 1995 Chris Provenzano <proven@mit.edu> - - * file/ktf_util.c: Pass fds to krb5_lock_file() and krb5_unlock_file() - -Tue Aug 15 01:34:57 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * file/ktf_util.c: return KRB5_KEYTAB_BADVNO instead of -1 - -Fri Aug 4 21:48:41 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * read_servi.c (krb5_kt_read_service_key): add more parens to shut - up gcc -Wall - - * ktdefault.c (krb5_kt_default): add more parens to shut up gcc - -Wall - - * file/ktf_util.c: shut up gcc -Wall - - * file/ktf_remove.c: more stuff to shut up gcc -Wall - - * file/ktf_next.c: Add more parens to shut up gcc -Wall - - * file/ktf_g_ent.c (krb5_ktfile_get_entry): Add more parens to shut up - gcc -Wall - - * file/ktf_add.c (krb5_ktfile_add): Add parens to shut up gcc -Wall - -Wed Jun 28 12:05:34 1995 <tytso@rsx-11.mit.edu> - - * file/ktf_g_ent.c (krb5_ktfile_get_entry): If the key version number - is specified, check to make sure that the entry has the - correct key version number. - -Fri Jun 9 19:33:33 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. Use DO_SUBDIRS to - recurse down subdirectories. - - * file/configure.in: Remove standardized set of autoconf macros, - which are now handled by CONFIG_RULES. - -Fri May 26 20:20:18 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in, file/configure.in, file/Makefile.in: - Add support for building shared libraries. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.c, file/*.[ch]: removed unneeded INTERFACE from non-api - functions. - -Fri Mar 17 19:46:07 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (LDFLAGS): Zap duplicate defn. - (all-mac, clean-mac): Add. - * file/Makefile.in (LDFLAGS): Zap duplicate. - -Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: cleaned up for the PC - -Tue Mar 7 21:40:18 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in, file/Makefile.in: changed library name for the PC. - -Tue Mar 7 19:53:56 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in, file/configure.in: take out ISODE_DEFS. - -Wed Mar 3 16:30:00 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed LIB to LIBCMD for the PC - -Thu Mar 2 11:50:00 1995 Keith Vetter (keithv@fusion.com) - - * file/ktf_util.c: Changed NEED_WINSOCK_H to NEED_SOCKETS - -Wed Mar 1 16:30:00 1995 Keith Vetter (keithv@fusion.com) - - * file/ktf_util.c: fixed up some 16 vs 32 bit conversions. - -Tue Feb 28 00:59:22 1995 John Gilmore (gnu at toad.com) - - * *.c, file/*.c: Avoid <krb5/...> includes. - -Wed Feb 22 01:38:54 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work on the PC - * *.c: added windows INTERFACE keyword - - * file/Makefile.in: made to work on the PC - * file/*.c, file/ktfile.h: added windows INTERFACE keyword - * file/ktf_util.c: removed include of <netinet/in.h> - cast some 32bit ints to size_t ints - -Fri Feb 3 01:53:44 1995 John Gilmore <gnu@cygnus.com> - - Rename files for DOS 8.3 uniqueness: - * file/ktf_get_en.c => ktf_g_ent.c - * file/ktf_get_na.c => ktf_g_name.c - * file/Makefile.in: changed to match. - -Fri Jan 27 12:54:54 1995 Chris Provenzano (proven@mit.edu) - - * file/ktf_get_en.c, file/ktfile.h (krb5_ktfile_get_entry()) - Added krb5_keytype arg. - -Wed Jan 25 16:54:40 1995 Chris Provenzano (proven@mit.edu) - - * Removed all narrow types and references to wide.h and narrow.h - * file/ktf_util.c : Use a constant size for file data not subfield - size from krb5_keytab_entry - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * read_servi.c (krb5_kt_read_service_key) Add krb5_keytype arg. - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Added krb5_context to all krb5_routines - -Fri Nov 18 15:34:35 1994 Theodore Y. Ts'o (tytso@dcl) - - * file/ktf_util.c (krb5_ktfileint_internal_read_entry): Add magic - numbers for keytab, principal, and keyblock. - -Wed Oct 26 14:41:31 1994 (tytso@rsx-11) - - * file/ktf_get_en.c (krb5_ktfile_get_entry): If the requested kvno - is IGNORE_KVNO, fix the error return so that 0 (no error) - is returned instead of KTF_NOT_FOUND. - -Fri Oct 14 23:09:02 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Add ISODE_DEFS rule. - -Thu Oct 13 17:26:12 1994 Theodore Y. Ts'o (tytso@maytag) - - * file/configure.in: Add ISODE_DEFS - -Tue Oct 4 22:06:15 1994 Theodore Y. Ts'o (tytso@dcl) - - * ktfr_entry.c (krb5_kt_free_entry): Only try to free - entry->key.contents if it is non-NULL. If entry is NULL, - return. - - * file/ktf_get_en.c (krb5_ktfile_get_entry): Fix to compare using - new_entry instead of cur_entry. (Bug made in modification - on Sep 28th). Don't free cur_entry twice on errors. - - * file/ktfile.h - * file/ktf_wreslv.c (krb5_ktfile_wresolve): - * file/ktf_resolv.c (krb5_ktf_resolv): Resolv's first argument is now a - const char *. - -Fri Sep 30 21:56:02 1994 Theodore Y. Ts'o (tytso@dcl) - - * file/ktf_ops.c (krb5_ktf_ops): - file/ktf_wops.c (krb5_ktf_writable_ops): - file/ktf_defops.c (krb5_kt_dfl_ops): Add placeholder for magic number. - -Thu Sep 29 23:19:06 1994 Theodore Y. Ts'o (tytso@dcl) - - * ktbase.c (krb5_kt_resolve_name): If the prefix "FILE:" is not - given, assume the default operations list (whcih is - krb5_kt_dfl_ops). - -Wed Sep 28 21:14:49 1994 Theodore Y. Ts'o (tytso@dcl) - - * file/ktf_get_en.c (krb5_ktfile_get_entry): Modified to return the - most recent key (with the greatest kvno), instead of the - first. - -Thu Sep 22 21:51:53 1994 Theodore Y. Ts'o (tytso@dcl) - - * file/ktf_get_en.c (krb5_ktfile_get_entry): - * file/ktf_next.c (krb5_ktfile_get_next): - * file/ktf_remove.c (krb5_ktfile_remove): - * file/ktf_util.c (krb5_ktfileint_read_entry, - krb5_ktfileint_internal_read_entry): - * file/ktfile.h: Change the interface of krb5_ktfile_read_entry and - krb5_ktfile_internal_read_entry so that they don't - allocate memory for the top-level structure. All of their - callers didn't need it and were freeing it anyway. - - * file/ktf_remove.c (krb5_ktfile_remove): Fix memory leak caused by not - freeing the top-level structure. - -Wed Sep 14 21:56:15 1994 Theodore Y. Ts'o (tytso@dcl) - - * file/ktf_util.c (krb5_ktfileint_delete_entry): Fixed bug reported by - Bill Sommerfeld where a missing byte-swap on a - little-endian machine causes the delete operation fail. - diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog deleted file mode 100644 index f0794dbf5..000000000 --- a/src/lib/krb5/krb/ChangeLog +++ /dev/null @@ -1,3633 +0,0 @@ -2006-04-02 Ken Raeburn <raeburn@mit.edu> - - * t_kerb.c: Include autoconf.h. - - * Makefile.in (DEFS): Make empty. - -2006-03-26 Ken Raeburn <raeburn@mit.edu> - - * kerrs.c: New file. - * Makefile.in (SRCS, OBJS, STLIBOBJS): Add it. - - * gc_via_tkt.c (krb5_get_cred_via_tkt): If the KDC returns - KRB_ERR_GENERIC, store the e-text field as the error message. - -2006-03-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (check-unix): Use RUN_SETUP for t_deltat. - -2006-01-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_deltat): Include support library. - -2005-12-30 Tom Yu <tlyu@mit.edu> - - * gc_frm_kdc.c: Rewrite to modularize significantly. (~400-line - functions do not deserve to live.) The outer loop no longer - explicitly attempts the direct path to the target; that attempt - has been folded into the inner loop. Remove some redundant - credential lookups present in the old code. Treat unexpected - realm referrals as soft errors, in case some intermediate KDC - disagrees with client regarding a transit path. - -2005-12-28 Tom Yu <tlyu@mit.edu> - - * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Cause free_tgt and - free_otgt to track the states of tgt and otgt correctly, to avoid - a double-free condition which previously happened when this - function returned to krb5_get_credentials(), which proceeded to - free a previously freed TGT in the returned TGT list. - -2005-10-19 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_ser): Add dl library and thread link options, - since kdb5 library is linked in and needs them. - -2005-09-22 Tom Yu <tlyu@mit.edu> - - * mk_req_ext.c (krb5int_generate_and_save_subkey): Check for and - free pre-existing subkeys before clobbering the pointers. This - fixes some memory leaks. - -2005-08-23 Ezra Peisach <epeisach@mit.edu> - - * t_ser.c (ser_kcontext_test): Remove statement declaring an - unused variable using a non-portable gcc extension. - -2005-08-15 Tom Yu <tlyu@mit.edu> - - * get_in_tkt.c (krb5_get_init_creds): Free tempstr on non-error - returns from krb5_string_to_deltat() to avoid memory leak. - -2005-07-12 Tom Yu <tlyu@mit.edu> - - * recvauth.c (recvauth_common): Avoid double-free on invalid - version string. Thanks to Magnus Hagander. Fix for - MITKRB5-SA-2005-003 [CAN-2005-1689, VU#623332]. - - * unparse.c (krb5_unparse_name_ext): Account for zero-component - principal, to avoid single-byte overflow. Thanks to Daniel - Wachdorf. Part of fix for MITKRB5-SA-2005-002 [CAN-2005-1175, - VU#885830]. - -2005-06-29 Ken Raeburn <raeburn@mit.edu> - - * t_ser.c (ser_data): Don't initialize db serialization code that - doesn't exist any more. - (ser_kcontext_test): Don't create and destroy databases. - -2005-05-19 Sam Hartman <hartmans@mit.edu> - - * kfree.c (krb5_free_keyblock_contents krb5_free_keyblock): Make - stubs into libk5crypto so that libk5crypto can call these. - * init_keyblock.c (krb5_init_keyblock): As above. - -2005-04024 Jeffrey Altman <jaltman@mit.edu> - - * get_creds.c: - the purpose of the krb5_get_credentials call is to - obtain a set of credentials for the caller. the - krb5_cc_store_cred() call is to optimize performance - for future calls. Ignore any errors, since the credentials - are still valid even if we fail to store them in the cache. - - -2005-04-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (BISONFLAGS): Drop -v. - ($(srcdir)/deltat.c): Change to source directory before - rebuilding, so path to source tree doesn't get inserted. - - * fwd_tgt.c (NEED_SOCKETS): Don't define. - * recvauth.c (NEED_SOCKETS): Don't define. - * sendauth.c (NEED_SOCKETS): Don't define. - -2005-03-22 Tom Yu <tlyu@mit.edu> - - * x-deltat.y (wsnum): Add missing semicolon following YYERROR, - which was preventing bison-1.75 from producing compilable C - output. - - * gic_keytab.c (krb5_get_init_creds_keytab): When calling - krb5_get_init_creds() for the second time (with use_master=1), - also accept KRB5_REALM_UNKNOWN as a soft error, and use the result - from the first call to krb5_get_init_creds(). This can happen - when no master KDC is configured. - -2005-03-14 Jeffrey Altman <jaltman@mit.edu> - - * Makefile.in: fix maintainer mode since it is not supported on - Windows. - -2005-03-03 Ken Raeburn <raeburn@mit.edu> - - * x-deltat.y (tok_WS): Renamed terminal from "WS", which conflicts - with HP-UX 10 header files. Updated all productions. - (mylex): Updated. - * Makefile.in ($(srcdir)/deltat.c): Enable dependencies in - maintainer mode. - * deltat.c: Updated. - -2005-02-16 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (init_common): Delete redundant library - initialization call that was run only on UNIX. Test assertion - that krb5_ui_8 really did get a proper 64-bit type. - -2005-02-09 Tom Yu <tlyu@mit.edu> - - * gic_pwd.c (krb5_get_init_creds_password): Fix so empty password - string causes prompting and doesn't cause truncation of password - to zero characters. - -2005-01-28 Ezra Peisach <epeisach@mit.edu> - - * t_walk_rtree.c (main): Free context at end to allow searching - for memory leaks. - -2005-01-17 Jeffrey Altman <jaltman@mit.edu> - * unparse.c: krb5_unparse_name, krb5_unparse_name_ext() - prevent null pointer dereferencing if either 'name' or 'size' - are NULL. - -2005-01-17 Ezra Peisach <epeisach@mit.edu> - - * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): More memory leaks - fixed as introduced in ticket #2541. Do not rely on knowledge that - upon failure from krb5_cc_retrieve_cred, returned credential data - is untouched. - -2005-01-17 Ezra Peisach <epeisach@mit.edu> - - * preauth2.c (krb5_do_preauth): Upon error in decoding - krb5_type_info{,2}, on failure, do not call krb5_free_type_info - with a null pointer. - -2005-01-15 Jeffrey Altman <jaltman@mit.edu> - - * cp_key_cnt.c, copy_princ.c: - prevent krb5_copy_principal() and krb5_copy_keyblock() from - calling malloc(0). On platforms in which malloc(0) returns - NULL, these functions will return an ENOMEM error the way - they were written. - -2005-01-11 Ken Raeburn <raeburn@mit.edu> - - * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Free credentials - retrieved from ccache before returning. Based on patch from - fumihiko kakuma <kakuma@valinux.co.jp>. - -2005-01-03 Ken Raeburn <raeburn@mit.edu> - - * parse.c (krb5_parse_name): Don't cache the default realm name. - -2004-10-26 Tom Yu <tlyu@mit.edu> - - * mk_req_ext.c (krb5_mk_req_extended): Free keyblock before - copying new one in. - -2004-10-14 Tom Yu <tlyu@mit.edu> - - * t_deltat.c (main): Unadorned integer no longer fails now that we - default to seconds. - -2004-10-13 Alexandra Ellwood <lxs@mit.edu> - - * deltat.c, x-deltat.y: Default to seconds if no unit is provided. - -2004-09-24 Tom Yu <tlyu@mit.edu> - - * Makefile.in (LOCALINCLUDES): Include SRCTOP to get patchlevel.h. - - * brand.c: Use patchlevel.h as master version stamp file. - -2004-09-21 Tom Yu <tlyu@mit.edu> - - * rd_cred.c (decrypt_credencdata): Clear and free ppart to avoid - leak, reported by Derrick Schommer. - -2004-08-31 Tom Yu <tlyu@mit.edu> - - * rd_rep.c: - * send_tgs.c: Fix double-free vulnerabilities. - -2004-08-27 Ken Raeburn <raeburn@mit.edu> - - * conv_princ.c (krb5_425_conv_principal): Terminate argument list - to krb5_build_principal with NULL, not 0. Patch from Nalin - Dahyabhai. - -2004-08-12 Alexandra Ellwood <lxs@mit.edu> - - * get_in_tkt.c (get_init_creds): - Support ticket_lifetime libdefault. - Made aware of 32 bit min and max for times. - Allow renew_until time < expiration time. - -2004-08-03 Ken Raeburn <raeburn@mit.edu> - - * srv_rcache.c (krb5_get_server_rcache): Call - krb5_rc_recover_or_initialize. - -2004-06-22 Ken Raeburn <raeburn@mit.edu> - - * parse.c (krb5_parse_name): Don't test macintosh. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * str_conv.c (krb5_string_to_timestamp): Use localtime_r if - available. - (krb5_timestamp_to_string, krb5_timestamp_to_sfstring): Likewise. - - * parse.c (krb5_parse_name): Use assert and abort, not exit. - - * srv_rcache.c (krb5_get_server_rcache): Don't forget to actually - include the cache type in the cache name, after looking it up. - -2004-06-02 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (init_common): Don't call krb5_init_ets. - (krb5_free_context): Don't call krb5_free_ets. - - * srv_rcache.c (krb5_get_server_rcache): Use krb5_rc_resolve_full - instead of constructing an rcache object locally. - -2004-05-25 Ezra Peisach <epeisach@mit.edu> - - * conv_creds.c (krb5int_encode_v4tkt): Unsigned vs signed warning fix. - -2004-05-24 Ezra Peisach <epeisach@mit.edu> - - * t_ser.c (ser_keytab_test): Cleanup memory leak of forgetting to - close keytab. - - * chpw.c: Add parenthesis around assignments in conditionals. - -2004-05-12 Jeffrey Altman <jaltman@mit.edu> - - * send_tgs.c: krb5_send_tgs() was broken in the case of a KRB_ERROR - message. The krb5_response message_type field was never set - resulting in stack garbage being used instead. This would - break code which used transitive cross-realm to obtain service - tickets. - -2004-04-24 Ken Raeburn <raeburn@mit.edu> - - * conv_creds.c (krb524_init_ets, krb524_convert_creds_kdc): Add - forward declarations to silence gcc warnings. - - * init_ctx.c (init_common): In UNIX case, check the return value - from krb5int_initialize_library. - -2004-04-16 Sam Hartman <hartmans@mit.edu> - - * gic_pwd.c (krb5int_populate_gic_opt): Take credentials and - populate lifetime options based on them. - - * gic_keytab.c gic_pwd.c : update callers - -2004-04-15 Sam Hartman <hartmans@mit.edu> - - * gic_pwd.c (krb5_get_init_creds_password): Free the as reply in - the !use_master case (Thanks to Lijian Liu) - -2004-03-09 Ken Hornstein <kenh@cmf.nrl.navy.mil> - - * gic_keytab.c (krb5_get_in_tkt_with_keytab): Fix a case I missed - originally. - -2004-02-27 Ken Raeburn <raeburn@mit.edu> - - * gic_pwd.c (krb5_get_in_tkt_with_password): Fix a case Jeff - missed. - -2004-02-26 Jeffrey Altman <jaltman@mit.edu> - - * get_in_tkt.c, gic_keytab.c, gic_pwd.c, send_tgs.c: - Implement changes to support the use of - krb5_get_init_creds_password's use_master as an in/out - parameter. This allows us to prevent a duplicate request - being sent to the KDC in the situation that the password - used is incorrect. This behavior results a negative user - experience and had to be corrected. - -2004-02-13 Ken Raeburn <raeburn@mit.edu> - - * sendauth.c: Don't specify defaults for - GET{PEER,SOCK}NAME_ARG{2,3}_TYPE macros. - -2004-02-06 Sam Hartman <hartmans@avalanche-breakdown.mit.edu> - - * init_ctx.c (DEFAULT_ETYPE_LIST): Include aes128-cts - -2003-12-19 Ken Raeburn <raeburn@mit.edu> - - * get_in_tkt.c (get_in_tkt_enctypes): Now const. - -2003-12-16 Ken Raeburn <raeburn@mit.edu> - - * conv_creds.c (krb5int_encode_v4tkt): Zero out unused parts of - ticket. Use a temorary in case krb5_int32 isn't "int". - (decode_v4tkt): Use a temorary in case krb5_int32 isn't "int". - -2003-12-13 Ken Raeburn <raeburn@mit.edu> - - * mk_req_ext.c (krb5int_generate_and_save_subkey): New function, - split out from krb5_mk_req_extended. - (krb5_mk_req_extended): Call it. - * mk_rep.c (krb5_mk_rep): If KRB5_AUTH_CONTEXT_USE_SUBKEY flag is - set, call krb5int_generate_and_save_subkey to set up a new subkey - to send to the client. - - * serialize.c (krb5_ser_pack_int64, krb5_ser_unpack_int64): New - functions. - -2003-10-30 Tom Yu <tlyu@mit.edu> - - * gen_seqnum.c (krb5_generate_seq_number): Fix mask; was short by - 4 bits. - -2003-10-08 Tom Yu <tlyu@mit.edu> - - * rd_safe.c (krb5_rd_safe_basic): Save the encoded KRB-SAFE-BODY - to avoid trouble caused by re-encoding. Also, handle correctly - implemented RFC 1510 KRB-SAFE, i.e., checksummed over - KRB-SAFE-BODY only. - -2003-09-02 Tom Yu <tlyu@mit.edu> - - * conv_creds.c (krb524_convert_creds_plain): Apply patch from - Cesar Garcia to fix lifetime computation. - -2003-08-19 SamHartman <hartmans@avalanche-breakdown.mit.edu> - - * rd_cred.c (decrypt_credencdata): Don't double free credentials. - -2003-08-08 Tom Yu <tlyu@mit.edu> - - * gic_pwd.c (krb5_get_init_creds_password): If DNS SRV support is - turned off, the second call to get_init_creds() will fail with - KRB5_REALM_UNKNOWN under certain circumstances. If that happens, - return the error from the first call to get_init_creds(), which - will be more useful to the user. - -2003-07-22 Sam Hartman <hartmans@avalanche-breakdown.mit.edu> - - * preauth2.c (krb5_do_preauth): Use the etype_info2 decoder for decoding etype_info2 - (krb5_do_preauth): If an invalid encoding of etype_info or - etype_info2 is received, ignore it rather than failing the request - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-07-15 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (STLIBOBJS, OBJS, T_SER_OBJS): Drop ser_eblk.o. - -2003-06-03 Alexandra Ellwood <lxs@mit.edu> - - * init_ctx.c: Export krb5_get_permitted_enctypes for Samba. - -2003-06-27 Tom Yu <tlyu@mit.edu> - - * gic_keytab.c (krb5_get_in_tkt_with_keytab): Pass (void*)keytab, - not &keytab, to get_init_creds. Thanks to Herb Lewis. - -2003-06-16 Sam Hartman <hartmans@mit.edu> - - * fwd_tgt.c (krb5_fwd_tgt_creds): Set use_conf_ktypes to true while getting the TGT key - -2003-06-13 Tom Yu <tlyu@mit.edu> - - * rd_rep.c (krb5_rd_rep): Free subkeys before replacing them, if - needed. This avoids a memory leak. - -2003-06-11 Tom Yu <tlyu@mit.edu> - - * srv_rcache.c (krb5_get_server_rcache): Octal escapes begin with - hyphen now, since backslash is a pathname separator on DOS. - -2003-06-06 Sam Hartman <hartmans@mit.edu> - - * get_in_tkt.c (krb5_get_init_creds): Mask out renewable_ok if the - request is for a renewable ticket with rtime greater than till - -2003-06-06 Ezra Peisach <epeisach@mit.edu> - - * mk_req_ext.c (krb5_generate_authenticator): Sequence numbers are - unsigned now. - -2003-05-30 Ken Raeburn <raeburn@mit.edu> - - * get_in_tkt.c (krb5_get_init_creds): Change hardcoded default - ticket lifetime from 10 hours to 24 hours. - - * init_ctx.c (DEFAULT_KDC_TIMESYNC): Define as 1 always. - (DEFAULT_CCACHE_TYPE): Define as 4 always. - -2003-05-30 Alexandra Ellwood <lxs@mit.edu> - - * get_in_tkt.c: (verify_as_reply) Only check the renewable lifetime - of tickets whose request options included KDC_OPT_RENEWABLE_OK - if those options did not also include KDC_OPT_RENEWABLE. Otherwise - verify_as_reply() will fail for all renewable tickets. - -2003-05-27 Ken Raeburn <raeburn@mit.edu> - - * conv_creds.c: Enable support on Windows always. - (krb5_524_convert_creds): Renamed from krb524_convert_creds_kdc. - (krb524_convert_creds_kdc, krb524_init_ets) [!_WIN32]: Backwards - compatibility functions. - -2003-05-27 Sam Hartman <hartmans@mit.edu> - - * gic_keytab.c (krb5_get_in_tkt_with_keytab): as below - - * gic_pwd.c (krb5_get_in_tkt_with_password): Store client and - server principals to avoid memory leak - -2003-05-24 Ken Raeburn <raeburn@mit.edu> - - * conv_creds.c: New file, moved from krb524/conv_creds.c and - krb524/encode.c. Rename exported encode routine, make other - encode and decode routines static. If KRB5_KRB4_COMPAT is not - defined, return an error. - * v4lifetime.c: New file, moved from lib/krb4/lifetime.c. Renamed - functions, changed interface to use krb5 types. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Add them. - -2003-05-23 Sam Hartman <hartmans@mit.edu> - - * get_in_tkt.c (krb5_get_init_creds): Initialize options based on - context.kdc_default_options -2003-05-22 Tom Yu <tlyu@mit.edu> - - * gen_seqnum.c (krb5_generate_seq_number): Fix think-o on sequence - number mask. - - * auth_con.c (krb5int_auth_con_chkseqnum): New function; implement - heuristic for broken Heimdal sequence number encoding. - (chk_heimdal_seqnum): Auxiliary function for above. - - * auth_con.h: Add flags for sequence number heuristic. - - * rd_priv.c: Use krb5int_auth_con_chkseqnum. - - * rd_safe.c: Use krb5int_auth_con_chkseqnum. - -2003-05-22 Sam Hartman <hartmans@mit.edu> - - * gic_pwd.c (krb5int_populate_gic_opt): returns void - -2003-05-21 Tom Yu <tlyu@mit.edu> - - * gic_pwd.c (krb5_get_in_tkt_with_password): Set pw0.length - correctly if a password is passed in. - -2003-05-20 Sam Hartman <hartmans@mit.edu> - - * get_in_tkt.c: get_in_tkt only supports old (non-etype-info2) - enctypes. - - * Makefile.in (SRCS): Remove in_ktb.c - - * gic_keytab.c (krb5_get_in_tkt_with_keytab): Move from - in_tkt_keytab.c and rewrite to use krb5_get_init_creds - - * gic_pwd.c (krb5_get_in_tkt_with_password): Moved here from - in_tkt_pwd.c so it can share code with - krb5_get_init_creds_password. Rewritten to call - krb5_get_in_tkt_password - - * Makefile.in (SRCS): Delete in_tkt_pwd.c - -2003-05-18 Tom Yu <tlyu@mit.edu> - - * auth_con.h: Sequence numbers are now unsigned. - - * gen_seqnum.c (krb5_generate_seq_number): Constrain initial - sequence number space to facilitate backwards compatibility. - -2003-05-16 Ken Raeburn <raeburn@mit.edu> - - * ser_ctx.c (krb5_context_internalize): Copy read-in OS context - data into krb5_context and free up the newly allocated OS - context. - - * chpw.c (krb5int_rd_chpw_rep): Allow new kpasswd error codes up - through _INITIAL_FLAG_NEEDED. - -2003-05-13 Sam Hartman <hartmans@mit.edu> - - * fwd_tgt.c (krb5_fwd_tgt_creds): Try with no specified enctype if - forwarding a specific enctype fails. l - - * get_in_tkt.c (krb5_get_init_creds): Free s2kparams - - * preauth2.c (krb5_do_preauth): Fix memory management - (pa_salt): Use copy_data_contents - - * copy_data.c (krb5int_copy_data_contents): New function - -2003-05-09 Sam Hartman <hartmans@mit.edu> - - * preauth2.c: Patch from Sun to reorganize code for handling - etype_info requests. More efficient and easier to implement etype_info2 - (krb5_do_preauth): Support enctype_info2 - -2003-05-08 Sam Hartman <hartmans@mit.edu> - - * preauth2.c: Add s2kparams to the declaration of a preauth - function, to every instance of a preauth function and to every - call to gak_fct - - * get_in_tkt.c (krb5_get_init_creds): Add s2kparams support - - * gic_keytab.c (krb5_get_as_key_keytab): Add s2kparams - - * gic_pwd.c (krb5_get_as_key_password): Add s2kparams support - -2003-05-09 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (init_common): Copy tgs_ktypes array to - conf_tgs_ktypes. Clear use_conf_ktypes. - (krb5_free_context): Free conf_tgs_ktypes. - (krb5_get_tgs_ktypes): Use use_conf_ktypes to choose between - tgs_ktypes and conf_tgs_ktypes. - - * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Set use_conf_ktypes - in context to 1 for all operations except the acquisition of the - desired service ticket. - -2003-05-09 Tom Yu <tlyu@mit.edu> - - * auth_con.c (krb5_auth_con_setsendsubkey) - (krb5_auth_con_setrecvsubkey, krb5_auth_con_getsendsubkey) - (krb5_auth_con_getrecvsubkey): New functions. Set or retrieve - subkeys from an auth_context. - (krb5_auth_con_getlocalsubkey, krb5_auth_con_getremotesubkey): - Reimplement in terms of the above. - - * auth_con.h, ser_actx.c: Rename {local,remote}_subkey -> - {send,recv}_subkey. - - * chpw.c (krb5int_rd_chpw_rep): Save send_subkey prior to rd_rep; - use saved send_subkey to smash recv_subkey obtained from rd_rep. - - * mk_req_ext.c (krb5_mk_req_extended): Rename - {local,remote}_subkey -> {send,recv}_subkey. Set both subkeys if - subkey generation is requested. - - * mk_cred.c, mk_priv.c, mk_safe.c: Rename {local,remote}_subkey -> - {send,recv}_subkey. Use either send_subkey or keyblock, in that - order. - - * rd_cred.c, rd_priv.c, rd_safe.c: Rename {local,remote}_subkey -> - {send,recv}_subkey. Use either recv_subkey or keyblock, in that - order. - - * rd_rep.c (krb5_rd_rep): Rename {local,remote}_subkey -> - {send,recv}_subkey. Set both subkeys if a subkey is present in - the AP-REP message. - - * rd_req_dec.c (krb5_rd_req_decoded_opt): Rename - {local,remote}_subkey -> {send,recv}_subkey. Set both subkeys if - a subkey is present in the AP-REQ message. - -2003-05-06 Sam Hartman <hartmans@mit.edu> - - * kfree.c (krb5_free_etype_info): Free s2kparams - -2003-04-27 Sam Hartman <hartmans@mit.edu> - - * chpw.c (krb5int_setpw_result_code_string): Make internal - -2003-04-25 Sam Hartman <hartmans@mit.edu> - - * chpw.c (krb5int_rd_setpw_rep): Fix error handling; allow - krberrors to be read correctly; fix memory alloctaion so that - allocated structures are freed. - -2003-04-16 Sam Hartman <hartmans@mit.edu> - - * chpw.c (krb5int_mk_setpw_req): Use encode_krb5_setpw_req. Fix - memory handling to free data that is allocated - -2003-04-15 Sam Hartman <hartmans@mit.edu> - - * chpw.c (krb5int_mk_setpw_req krb5int_rd_setpw_rep): New function - -2003-04-24 Ezra Peisach <epeisach@mit.edu> - - * kfree.c (krb5_free_pwd_sequences): Correction to previous - fix. Free contents of krb5_data - not just the pointer. - -2003-04-23 Ezra Peisach <epeisach@mit.edu> - - * kfree.c (krb5_free_pwd_sequences): Actually free the entire - sequence of passwd_phase_elements and not just the first one. - -2003-04-13 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (DEFAULT_ETYPE_LIST): Add AES with 256 bits at the - front of the list. No 128-bit support by default. - -2003-04-01 Nalin Dahyabhai <nalin@redhat.com> - - * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Check principal name - length before examining components. - - * parse.c (krb5_parse_name): Double-check principal name length - before filling in components. - - * srv_rcache.c (krb5_get_server_rcache): Check for null pointer - supplied in place of name. - - * unparse.c (krb5_unparse_name_ext): Don't move buffer pointer - backwards if nothing has been put into the buffer yet. - -2003-04-01 Sam Hartman <hartmans@mit.edu> - - * rd_req.c (krb5_rd_req): If AUTH_CONTEXT_DO_TIME is cleared, - don't set up a replay cache. - -2003-03-08 Ezra Peisach <epeisach@mit.edu> - - * t_kerb.c: Only include krb.h if krb4 support compiled in, - otherwise define ANAME_SZ, INST_SZ and REALM_SZ. - -2003-03-06 Tom Yu <tlyu@mit.edu> - - * preauth2.c (pa_sam_2): Add intermediate size_t variable to hold - output of krb5_c_encrypt_length(). - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * appdefault.c: Fix constness to avoid warning. - - * init_ctx.c: Do the same stuff on the Mac as on Unix. - - * preauth2.c: Added cast to fix warning. - -2003-03-04 Tom Yu <tlyu@mit.edu> - - * srv_rcache.c (krb5_get_server_rcache): Fix missed - isinvalidrcname -> isvalidrcname. - -2003-03-02 Sam Hartman <hartmans@mit.edu> - - * srv_rcache.c (krb5_get_server_rcache): If punctuation or graphic characters in replay ccache name then use escaping - - * rd_req.c (krb5_rd_req): Allow initializing the replay cache from the ticket - -2003-02-25 Tom Yu <tlyu@mit.edu> - - * gic_pwd.c (krb5_get_init_creds_password): Don't pass a NULL - pointer to sprintf(). - -2003-02-14 Sam Hartman <hartmans@mit.edu> - - * preauth2.c (krb5_do_preauth): Sort incoming etype info based on - preference order in request - -2003-02-13 Sam Hartman <hartmans@mit.edu> - - * gic_keytab.c (krb5_get_as_key_keytab): Nathan Neulinger points - out that the AS key is double freed; fix. - -2003-02-11 Sam Hartman <hartmans@mit.edu> - - * rd_cred.c (krb5_rd_cred): Free creds using krb5_free_tgt_creds - and make sure they are set to null in case of error. - -2003-02-07 Sam Hartman <hartmans@mit.edu> - - * rd_cred.c (krb5_rd_cred): Allow the tickets to be encrypted the - session key as well as the subsession key; for GSSAPI this tends - to be what happens. - -2003-02-04 Sam Hartman <hartmans@mit.edu> - - * get_in_tkt.c (krb5_get_init_creds): Default to addressless tickets - -2003-01-12 Ezra Peisach <epeisach@bu.edu> - - * send_tgs.c (krb5_send_tgs): Free memory leak of TGS_REQ. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2003-01-09 Sam Hartman <hartmans@mit.edu> - - * get_creds.c (krb5_get_credentials_core): Patch from Ben Cox - <cox-work@djehuti.com> to not use expired service credentials if - the endtime is null but instead to search for unexpired - credentials. If none are found, get new credentials. - - -2003-01-08 Sam Hartman <hartmans@mit.edu> - - * fwd_tgt.c (krb5_fwd_tgt_creds): Don't require hostname to be supplied unless you are using addresses in the ticket. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * appdefault.c (conf_yes, conf_no): Now const. - -2003-01-07 Sam Hartman <hartmans@mit.edu> - - * mk_req_ext.c (krb5_mk_req_extended): Fix logic error in checksum function handling - (krb5_mk_req_extended): For consistency with Microsoft, never use a subkey before calling the checksum callback - -2003-01-06 Sam Hartman <hartmans@mit.edu> - - * mk_req_ext.c (krb5_mk_req_extended): Inf no in_data is provided - but krb5_auth_con_set_checksum_func has been called, then use that - callback to generate the in_data. - - * auth_con.c (krb5_auth_con_init): Initialize checksum_func fields - (krb5_auth_con_set_checksum_func): new function-- set the mk_req - checksum function - (krb5_auth_con_get_checksum_func): return the same - - * auth_con.h: Add checksum_func and checksum_func_data - -2002-12-23 Ezra Peisach <epeisach@bu.edu> - - * t_kerb.c: Include string.h for strcmp prototype. - -2002-12-19 Ken Raeburn <raeburn@mit.edu> - - * conv_princ.c (krb5_524_conv_principal): Clean up use of "const" - in API. - -2002-11-14 Ezra Peisach <epeisach@bu.edu> - - * get_in_tkt.c (krb5_get_in_tkt): Do not pass NULL when an - integer 0 is intended to send_as_request(). - -2002-11-07 Ezra Peisach <epeisach@bu.edu> - - * conv_princ.c (strnchr): Make length argument unsigned int. - - * preauth2.c: Add parentheses around assignment used as truth - value. Cleanup unused variable. - - -2002-10-30 Tom Yu <tlyu@mit.edu> - - * chk_trans.c (krb5_check_transited_list): Style nit: check - character against '\0' not NULL. - -2002-10-30 Sam Hartman <hartmans@mit.edu> - - * chk_trans.c: Ignore trailing null in transited encoding; older - versions of MIT code included this. - -2002-10-28 Ken Raeburn <raeburn@mit.edu> - - * get_in_tkt.c (conf_yes, conf_no): Now const. References - updated. - * preauth.c (preauth_systems): Now const. References updated. - * preauth2.c (pa_types): Now const. - (krb5_do_preauth): Local array paorder now const. - -2002-10-28 Sam Hartman <hartmans@mit.edu> - - * gic_keytab.c (krb5_get_init_creds_keytab): Don't allow failure - to resolve master KDC to mask error from a slave we did talk to. - -2002-10-24 Ken Hornstein <kenh@cmf.nrl.navy.mil> - - * gic_pwd.c (krb5_get_init_creds_password): Exit out of the loop - when preauth fails. - - * kfree.c: Add various free functions for new preauth - data structures. - - * preauth2.c (pa_sam): Fix up support for "old" hardware preauth. - Also implement new hardware preauth in pa_sam2(). - -2002-10-23 Ken Hornstein <kenh@cmf.nrl.navy.mil> - - * gic_pwd.c (krb5_get_init_creds_password): Fix bug in previous - password expiration warning; also, check for password expiration - warnings via LRQ type from krb-clarifications. - -2002-09-11 Sam Hartman <hartmans@mit.edu> - - * fwd_tgt.c (krb5_fwd_tgt_creds): If our initial tickets don't - have addresses, neither should forwarded tickets. Also, noticed - that cc was being used before initialized in some cases; fixed. - -2002-09-02 Ken Raeburn <raeburn@mit.edu> - - * addr_comp.c, addr_order.c, addr_srch.c, appdefault.c, - auth_con.c, bld_princ.c, chpw.c, cleanup.h, conv_princ.c, - copy_addrs.c, copy_athctr.c, copy_auth.c, copy_cksum.c, - copy_creds.c, copy_data.c, copy_key.c, copy_princ.c, copy_tick.c, - cp_key_cnt.c, decode_kdc.c, decrypt_tk.c, enc_helper.c, - encode_kdc.c, encrypt_tk.c, free_rtree.c, fwd_tgt.c, gc_frm_kdc.c, - gc_via_tkt.c, gen_seqnum.c, gen_subkey.c, get_creds.c, - get_in_tkt.c, gic_keytab.c, gic_opt.c, gic_pwd.c, in_tkt_ktb.c, - in_tkt_pwd.c, in_tkt_sky.c, init_ctx.c, kdc_rep_dc.c, kfree.c, - mk_cred.c, mk_error.c, mk_priv.c, mk_rep.c, mk_req.c, - mk_req_ext.c, mk_safe.c, parse.c, pr_to_salt.c, preauth.c, - preauth2.c, princ_comp.c, rd_cred.c, rd_error.c, rd_priv.c, - rd_rep.c, rd_req.c, rd_req_dec.c, rd_safe.c, recvauth.c, - send_tgs.c, sendauth.c, ser_actx.c, ser_adata.c, ser_addr.c, - ser_auth.c, ser_cksum.c, ser_ctx.c, ser_key.c, ser_princ.c, - serialize.c, set_realm.c, srv_rcache.c, str_conv.c, t_deltat.c, - t_kerb.c, t_ser.c, t_walk_rtree.c, tgtname.c, unparse.c, - valid_times.c, vfy_increds.c, vic_opt.c, walk_rtree.c, - x-deltat.y: Use prototype style function definitions. - * deltat.c: Regenerated. - * bld_princ.c: Include stdarg.h before k5-int.h. - * cleanup.h (struct cleanup): Include prototype for function - pointer field 'func'. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-22 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (init_common): Initialize udp_pref_limit field. - -2002-08-15 Tom Yu <tlyu@mit.edu> - - * t_ser.c (ser_ccache_test): Remove references to STDIO ccaches. - -2002-08-01 Tom Yu <tlyu@mit.edu> - - * unparse.c (krb5_unparse_name_ext): Error out if passed a NULL - pointer. Patch from Mark Levinson; fixes [krb5-admin/1140]. - -2002-06-26 Ezra Peisach <epeisach@bu.edu> - - * appdefault.c (conf_boolean): Change variable from char ** to - const char ** to prevent warning of const to non-const. - - * get_in_tkt.c (_krb5_conf_boolean): Same - -2002-06-25 Alexandra Ellwood <lxs@mit.edu> - - * appdefault.c, get_in_tkt.c: made conf_yes and conf_no const to - improve load time on Mach-O - - * init_ctx: fixed Mac OS macros - - [pullups from 1-2-2-branch] - -2001-06-25 Miro Jurisic <meeroh@mit.edu> - - * rd_safe.c, rd_priv.c, rd_cred.c, preauth.c, mk_safe.c, - mk_cred.c, appdefault.c: use "" includes for krb5.h, k5-int.h and - syslog.h - [pullup from 1-2-2-branch] - -2002-06-18 Ken Raeburn <raeburn@mit.edu> - - * sendauth.c (ECONNABORTED): Don't define here now that it's - defined in port-sockets.h. - -2002-06-18 Danilo Almeida <dalmeida@mit.edu> - - * princ_comp.c (krb5_realm_compare), auth_con.c - (krb5_auth_con_setports, krb5_auth_con_getaddrs, - krb5_auth_con_initivector), addr_order.c (krb5_address_order), - addr_comp.c (krb5_address_compare): Make KRB5_CALLCONV. - [pullup from 1-2-2-branch] - -2002-06-18 Danilo Almeida <dalmeida@mit.edu> - - * bld_princ.c (krb5_build_principal_va): Make - krb5_build_principal_va() KRB5_CALLCONV. - [pullup from 1-2-2-branch] - -2002-06-12 Ken Raeburn <raeburn@mit.edu> - - * preauth.c: Don't include syslog.h. - -2002-06-10 Ken Raeburn <raeburn@mit.edu> - - * get_in_tkt.c (send_as_request): Update arg list for - sendto_kdc. If a RESPONSE_TOO_BIG error is returned from the KDC, - use a TCP connection. - * send_tgs.c (krb5_send_tgs): Update arg list for sendto_kdc. If - a RESPONSE_TOO_BIG error is returned from the KDC, use a TCP - connection. - -2002-04-12 Ezra Peisach <epeisach@bu.edu> - - * Makefile.in (clean): Remove t_expand and t_expand.o - -2002-04-12 Ken Raeburn <raeburn@mit.edu> - - * conv_princ.c (struct krb_convert): Add new field 'len'. - (RC, R, NR): New macros. - (sconv_list): Use them. - (krb5_524_conv_principal): Compare lengths and then use memcmp. - - * recvauth.c (sendauth_version): Now a const array. - * sendauth.c (sendauth_version): Now a const array. - (krb5_sendauth): Cast address when assigning to outbuf data - field. - -2002-04-05 Ken Raeburn <raeburn@mit.edu> - - * decrypt_tk.c (krb5_decrypt_tkt_part): Call krb5_c_valid_enctype - instead of valid_enctype. - * encode_kdc.c (krb5_encode_kdc_rep): Likewise. - * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Likewise. - * gic_keytab.c (krb5_get_as_key_keytab): Likewise. - * in_tkt_ktb.c (keytab_keyproc): Likewise. - * in_tkt_sky.c (skey_keyproc): Likewise. - * init_ctx.c (krb5_set_default_in_tkt_ktypes, - krb5_set_default_tgs_enctypes): Likewise. - * send_tgs.c (krb5_send_tgs): Likewise. - - * mk_safe.c (krb5_mk_safe_basic): Call krb5_c_valid_cksumtype, - krb5_c_is_coll_proof_cksum, krb5_c_is_keyed_cksum instead of - non-prefixed forms. - * rd_safe.c (krb5_rd_safe_basic): Likewise. - -2002-03-28 Sam Hartman <hartmans@mit.edu> - - * Makefile.in : New file init_keyblock.c - - * init_keyblock.c (krb5_init_keyblock): New function - -2002-03-16 Sam Hartman <hartmans@mit.edu> - - * fwd_tgt.c (krb5_fwd_tgt_creds): Fix merge of patch from 1.2.2 - back to mainline. - -2002-03-14 Sam Hartman <hartmans@mit.edu> - - * walk_rtree.c (krb5_walk_realm_tree): Fix handling of null client or server realm - -2002-03-06 Ken Raeburn <raeburn@mit.edu> - - * ser_actx.c (krb5_auth_context_externalize): Do bounds checking - on converted size value. - - * fwd_tgt.c (krb5_fwd_tgt_creds): If no session key has been set, - try getting credentials and use the session key type as a hint - for the enctype to use for the forwarded credentials. - -2002-02-27 Sam Hartman <hartmans@mit.edu> - - * rd_cred.c (krb5_rd_cred_basic): Don't check IP addresses; if - someone knows the key and wants to give us credentials, that's OK. - No reflection attack is possible in most protocols since krb_cred - is almost always client->server. Address checking created - significant problems for NATs. We also ran into problems - getting our code to work with Heimdal and removing checking was - easier than a staged upgrade to fix the problems. - (krb5_rd_cred): Don't pass in addresses - -2002-02-22 Ken Raeburn <raeburn@mit.edu> - - * addr_comp.c, addr_order.c, addr_srch.c, bld_pr_ext.c, - bld_princ.c, enc_helper.c, encrypt_tk.c, gen_seqnum.c, - gen_subkey.c, preauth.c: Use const instead of krb5_const. - * bld_pr_ext.c, bld_princ.c: Always use stdarg macros and not - varargs. - -2002-01-08 Sam Hartman <hartmans@mit.edu> - - * gen_subkey.c (krb5_generate_subkey): Label entropy sources - - * init_ctx.c (init_common): Use /dev/urandom if present for random data - -2001-12-05 Ezra Peisach <epeisach@mit.edu> - - * t_ser.c (main): Free context on failure exit route. - - 2001-11-24 Sam Hartman <hartmans@mit.edu> - - * fwd_tgt.c (krb5_fwd_tgt_creds): Get a session key for the - forwarded tgt that is the same as the session key for the - auth_context. This is an enctype we know the remote side - supports. - -2001-11-26 Sam Hartman <hartmans@mit.edu> - - * gen_seqnum.c (krb5_generate_seq_number): add entropy source id - - * sendauth.c (krb5_sendauth): Add entropy source ID - - * mk_req_ext.c (krb5_mk_req_extended): Add entropy source ID to random seed call - - * init_ctx.c (init_common): Specify entropy source for random seed - -2001-11-16 Sam Hartman <hartmans@mit.edu> - - * init_ctx.c (krb5_set_default_tgs_enctypes): rename from - set_default_ktypes; old function provided as APIA - -2001-11-16 Ezra Peisach <epeisach@mit.edu> - - * init_ctx.c (DEFAULT_ETYPE_LIST): Ensure space present after - arcfour-hmac-md5 entry for when ANSI strings concatenated the - des-cbc-crc entry was dropped. - -2001-11-07 Sam Hartman <hartmans@mit.edu> - - * init_ctx.c (DEFAULT_ETYPE_LIST): Add arcfour-hmac-md5; it really - is probably at least as good as DES - -2001-10-10 Danilo Almeida <dalmeida@mit.edu> - - * gic_pwd.c (krb5_get_as_key_password), - gic_keytab.c (krb5_get_as_key_keytab): Use ANSI-style - declaration in definition. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (init_common): After fetching kdc_default_options - value from krb5.conf, actually use that value. Pointed out by - Emily Ratliff, <ratliff@austin.ibm.com>. - - * get_in_tkt.c, in_tkt_ktb.c, in_tkt_pwd.c, in_tkt_sky.c, - int-proto.h, mk_req_ext.c, pr_to_salt.c, rd_req_dec.c, ser_actx.c, - ser_adata.c, ser_addr.c, ser_auth.c, ser_cksum.c, ser_ctx.c, - ser_eblk.c, ser_key.c, ser_princ.c, t_kerb.c: Make prototypes - unconditional. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c, preauth.c: Drop _MSDOS support. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * appdefault.c, auth_con.c, bld_pr_ext.c, bld_princ.c, chpw.c, - conv_princ.c, copy_addrs.c, copy_athctr.c, copy_auth.c, - copy_cksum.c, copy_creds.c, copy_data.c, copy_key.c, copy_princ.c, - copy_tick.c, cp_key_cnt.c, decrypt_tk.c, fwd_tgt.c, get_creds.c, - get_in_tkt.c, gic_keytab.c, gic_opt.c, gic_pwd.c, in_tkt_ktb.c, - in_tkt_pwd.c, in_tkt_sky.c, init_ctx.c, kfree.c, mk_cred.c, - mk_error.c, mk_priv.c, mk_rep.c, mk_req.c, mk_req_ext.c, - mk_safe.c, parse.c, princ_comp.c, rd_cred.c, rd_error.c, - rd_priv.c, rd_rep.c, rd_req.c, rd_safe.c, recvauth.c, sendauth.c, - ser_actx.c, ser_ctx.c, serialize.c, set_realm.c, srv_rcache.c, - str_conv.c, unparse.c, vfy_increds.c, vic_opt.c, x-deltat.y: Don't - use KRB5_DLLIMP. Don't explicitly declare pointers FAR any more. - -2001-09-07 Ken Raeburn <raeburn@mit.edu> - - * t_expand.c: New file. - * Makefile.in (SRCS): Add test-case source files; rebuilt - dependencies. - (t_expand.o): Build from t_expand.c now, no special build rule. - -2001-09-07 Ken Raeburn <raeburn@mit.edu> - - * rd_req_dec.c (krb5_rd_req_decoded_opt): Pass server realm to - transited-list check, not local realm, in case they're different. - -2001-08-21 Ken Raeburn <raeburn@mit.edu> - - * walk_rtree.c (krb5_walk_realm_tree): Initialize slen to silence - compiler warning. - -2001-08-08 <epeisach@mit.edu> - - * walk_rtree.c (krb5_walk_realm_tree): Do not try to free const char *. - - * mk_safe.c (krb5_mk_safe_basic): Do not declare local_addr and - remote_addr const and then cast the attribute away. - - * mk_req_ext.c (krb5_generate_authenticator): Static function - - remove const attribute from cksum pointer. - - * gc_via_tkt.c (krb5_get_cred_via_tkt): Cast unsigned integer - krb5_error error_value to signed before adding - ERROR_TABLE_BASE_krb5. - -2001-07-31 Ken Raeburn <raeburn@mit.edu> - - * chk_trans.c (krb5_check_transited_list): Pointer args now point - to const. - -2001-07-31 Ezra Peisach <epeisach@mit.edu> - - * get_in_tkt.c: Cast to unsigned krb5_error error value to - krb5_error_code before trying to add to ERROR_TABLE_BASE_krb5. - -2001-07-30 Ezra Peisach <epeisach@mit.edu> - - * sendauth.c (krb5_sendauth): Instead of casting second argument - to getpeername() and getsockname() to "struct sockaddr *", cast to - system specific type as determined by autoconf. - -2001-07-24 Ezra Peisach <epeisach@mit.edu> - - * in_tkt_sky.c (krb5_get_in_tkt_with_skey): Change cast from - krb5_pointer to krb5_const_pointer to ensure const integrity of - parameter. - - * in_tkt_ktb.c (keytab_keyproc): Add const argument to cast of - keyseed to struct keytab_keyproc_arg to maintain const status. - - * conv_princ.c (krb5_524_conv_principal): Cast argument to memcpy - to size_t. - -2001-07-06 Ezra Peisach <epeisach@mit.edu> - - * conv_princ.c (krb5_425_conv_principal): Cast argument to tolower - to int. - - * get_in_tkt.c: Include os-proto.h for _krb5_conf_boolean prototype. - - * Makefile.in (LOCALINCLUDES): Add -I$(srcdir)/../os so os-proto.h - can be included. - -2001-06-29 Tom Yu <tlyu@mit.edu> - - * init_ctx.c (get_profile_etype_list): Fix etype-counting loop so - that trailing separator characters (as in the DEFAULT_ETYPE_LIST) - don't cause another iteration, which was causing the following - loop to fall off the end of the string due to count being one too - great. - -2001-06-28 Ezra Peisach <epeisach@mit.edu> - - * chk_trans.c (foreach_realm): Cleanup loal variable set but never - used. - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * chk_trans.c: Cast length arguments of %.*s in formats to int. - -2001-06-20 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (check-unix): Add $(RUN_SETUP) before invocation of - transit-tests for shared library environment variables. - -2001-06-19 Ken Raeburn <raeburn@mit.edu> - - * chk_trans.c: Reimplemented from scratch. - * transit-tests: New file. - * Makefile.in (t_expand, t_expand.o): New targets. Build test - program from chk_trans.c. - (T_EXPAND_OBJS): New variable. - (TEST_PROGS): Add t_expand. - (check-unix): Run transit-tests. - * t_krb5.conf: Added capaths section. - -2001-06-16 Ken Raeburn <raeburn@mit.edu> - - * fwd_tgt.c (krb5_fwd_tgt_creds): Copy enctype for new creds from - tgt. - -2001-06-12 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (t_walk_rtree, t_kerb): Do not link against kdb libraries - for these test executables. - - * srv_rcache.c (krb5_get_server_rcache): Cast argument to - isgraph() to int. - - * init_ctx.c: Cast arguments to isspace() to int. If unix is defined, - include ../krb5_libinit.h. There has to be a better was for windows. - - * conv_princ.c (krb5_425_conv_principal): Cast argument to isupper(). - to int. - -2001-06-11 Ezra Peisach <epeisach@mit.edu> - - * str_conv.c: If strptime() is present on system without a - prototype, provide one. - -2001-06-07 Ezra Peisach <epeisach@mit.edu> - - * vfy_increds.c (krb5_verify_init_creds): Get rid of a variable - that was set in a conditional and never used afterwards. - -2001-06-01 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (get_profile_etype_list): Zero out multiple separator - characters between tokens, so the second can be recognized - properly. - -2001-04-04 Tom Yu <tlyu@mit.edu> - - * mk_safe.c (krb5_mk_safe): Only use safe_cksumtype from the - auth_context (derived from the config file or hardcoded default) - if it's suitable for the enctype of the key we're going to - use. [pullup from krb5-1-2-2-branch] - -2001-03-28 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (DEFAULT_ETYPE_LIST): New macro. Old etype list, - plus des-md4, with des-crc before des-mdX for now. - (get_profile_etype_list): Use DEFAULT_ETYPE_LIST. - -2001-03-10 Ezra Peisach <epeisach@mit.edu> - - * init_ctx.c: Provide a full prototype for init_common(). - - * recvauth.c (recvauth_common): Declare recvauth_common as static. - - * parse.c, sendauth.c: Changes to prevent shadowing of local - variables. - - * get_in_tkt.c, tgtname.c: Include int-proto.h for prototypes. - -2001-03-03 Ken Raeburn <raeburn@mit.edu> - - * preauth2.c (pa_sam): Return an error if no prompter was - provided. - -2001-02-15 Ezra Peisach <epeisach@mit.edu> - - * t_deltat.c (main): Test of overflow and underflow of krb5_int32. - - * x-deltat.y: Test for over/underflow of krb5_int32 for a - krb5_deltat. Return EINVAL. [krb5-libs/922] - - * deltat.c: Regenerated from x-deltat.y - - * str_conv.c (krb5_string_to_timestamp): Do not accept a time - format that only partially matches the input string. [krb5-lib/922] - -2001-01-30 Tom Yu <tlyu@mit.edu> - - * preauth.c (krb5_obtain_padata): Don't dereference a NULL pointer - if we receive an empty ETYPE_INFO preauth. [krb5-libs/903 from - craziboy77@hotmail.com] - - * preauth2.c (krb5_do_preauth): Don't dereference a NULL pointer - if we receive an empty ETYPE_INFO preauth. [krb5-libs/903 from - craziboy77@hotmail.com] - -2001-01-30 Ezra Peisach <epeisach@mit.edu> - - * rd_req_dec.c (krb5_rd_req_decrypt_tkt_part): Free - krb5_keytab_entry if call to krb5_decrypt_tkt_part() - fails. [krb5-libs/855 reported by guy@packeteer.com] - -2001-01-19 Ken Raeburn <raeburn@mit.edu> - - * preauth.c: Don't use PROTOTYPE macro, just always use the - prototypes. - -2001-01-19 Tom Yu <tlyu@mit.edu> - - * preauth.c: Remove uses of KRB5_NPROTOTYPE() macro. - -2000-10-26 Ezra Peisach <epeisach@mit.edu> - - * t_ser.c: Cast getpid() calls to int as arguments to sprintf. - - * ser_actx.c: Move prototypes (listed below) to int-proto.h - - * int-proto.h: Add prototypes for krb5_ser_authdata_init, - krb5_ser_address_init, krb5_ser_authenticator_init, - krb5_ser_checksum_init, krb5_ser_keyblock_init, - krb5_ser_principal_init. - - * ser_adata.c, ser_addr.c, ser_auth.c, ser_cksum.c, ser_key.c, - ser_princ.c: Include int-proto.h for prototypes. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * bld_pr_ext.c, bld_princ.c (krb5_build_principal_ext, - krb5_build_principal_va, krb5_build_principal): Take an unsigned - int realm length. - - * get_in_tkt.c (krb5_get_init_creds): Use SALT_TYPE_AFS_LENGTH - instead of -1. - - * gic_pwd.c (krb5_get_as_key_password): Use SALT_TYPE_AFS_LENGTH - instead of -1. - - * in_tkt_pwd.c (pwd_keyproc): Argument to krb5_read_password is - unsigned int. - - * pr_to_salt.c (krb5_principal2salt_internal): Declare as - static. Unsigned int fix. - - * preauth.c (krb5_obtain_padata): Use SALT_TYPE_AFS_LENGTH instead - of -1. - - * preauth2.c (pa_salt): Use SALT_TYPE_AFS_LENGTH instead of -1. - - * conv_princ.c, copy_auth.c, copy_princ.c, gc_frm_kdc.c, parse.c, - send_tgs.c, srv_rcache.c: Unsigned/signed int cleanup. - - * unparse.c (krb5_unparse_name_ext): size parameter changed to - unsigned int *. - -2000-10-04 Ezra Peisach <epeisach@mit.edu> - - * rd_req_dec.c (krb5_rd_req_decrypt_tkt_part): Fix memory leak if - krb5_decrypt_tkt_part() fails. [krb5-libs/855] - -2000-10-03 Ezra Peisach <epeisach@mit.edu> - - * srv_rcache.c (krb5_get_server_rcache): Signed vs unsigned int - warning fix. - - * pr_to_salt.c (krb5_principal2salt_internal): Add prototype for - internal function, and declare static. - - * copy_addrs.c (krb5_copy_addresses): Cleanup unsigned vs signed - warnings as arguments to malloc(). - -Tue Sep 26 13:00:54 2000 Ezra Peisach <epeisach@mit.edu> - - * conv_princ.c (krb5_425_conv_principal): Call profile_free_list - on v4realms during the iteration loop. Do not call - profile_release_string with a NULL pointer. - -2000-09-25 Ezra Peisach <epeisach@mit.edu> - - * t_kerb.c: Add prototypes for test functions. - -2000-08-29 Ken Raeburn <raeburn@mit.edu> - - * get_creds.c (krb5_get_credentials_core): If the supplied enctype - is not supported, return an error; can't satisfy both - TC_SUPPORTED_KTYPES and TC_MATCH_KTYPE that way. Delete unused - arguments CCACHE and OUT_CREDS; fix callers. - -2000-07-18 Ezra Peisach <epeisach@mit.edu> - - * vfy_increds.c: include int-proto.h for krb5_libdefault_boolean - prototype. - - * t_ser.c (ser_eblock_test): ifdef out old eblock serialization - test which is no longer called. (see 1999-09-01 ChangeLog) - - * t_kerb.c: Cast argument to fprintf to long to agree with format - string. - - * t_deltat.c: If MIN is defined, undef before redefined as 60. - - * str_conv.c: Provide strptime prototype if the system header - files fail to provide a prototype. - - * int-proto.h: Add prototype for krb5_libdefault_boolean() - -2000-06-30 Tom Yu <tlyu@mit.edu> - - * conv_princ.c (krb5_425_conv_principal): NULL, not nil. - -2000-06-30 Miro Jurisic <meeroh@mit.edu> - - * conv_princ.c (krb5_425_conv_principal): Fixed a memory leak - -2000-06-29 Ezra Peisach <epeisach@engrailed.mit.edu> - - * t_walk_rtree.c (main): Declare as returning int. - - * get_in_tkt.c (_krb5_conf_boolean): Declare as taking a const char * - - * str_conv.c (krb5_timestamp_to_string): Work around gcc's warning - that %c format in strftime might return only two digits for the - year. - - * mk_safe.c, rd_rep.c, send_tgs.c: Remove unused goto label. - - * kdc_rep_dc.c (krb5_kdc_rep_decrypt_proc): Remove code with no - effect. - - * init_ctx.c: Make krb5_brand[] look used. - - * chpw.c, decode_kdc.c, decrypt_tk.c, enc_helper.c, get_creds.c, - get_in_tkt.c, gic_keytab.c, gic_pwd.c, preauth2.c, vfy_increds.c: - Add parentheses around assignment used as truth value - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * conv_princ.c, get_creds.c, get_in_tkt.c, mk_rep.c, parse.c, - send_tgs.c: Remove unused variable. - -2000-06-23 Miro Jurisic <meeroh@mit.edu> - - * conv_princ.c (krb5_425_conv_principal): Fixed v4->v5 realm - name conversion - - * conv_princ.c (krb5_425_conv_principal): Honor v4/v5 realm name - differences when convertion from v4 principals to v5. - -2000-06-23 Tom Yu <tlyu@mit.edu> - - * get_creds.c (krb5_get_credentials): Translate KRB5_CC_NOTFOUND - returned from krb5_get_cred_from_kdc() if a prior call to - krb5_cc_retrieve_cred() returned KRB5_CC_NOT_KTYPE. - - * rd_priv.c (krb5_rd_priv_basic): Delete code that was incorrectly - doing explicit ivec chaining; c_decrypt() does it now. - - * mk_priv.c (krb5_mk_priv_basic): Delete code that was incorrectly - doing explicit ivec chaining; c_encrypt() does it now. - - * conv_princ.c (krb5_524_conv_principal): Make a copy of the krb5 - realm that is nul-terminated to avoid falling off the end of the - krb5 realm, which is not necessarily nul-terminated. - -2000-06-23 Danilo Almeida <dalmeida@mit.edu> - - * init_ctx.c (krb5_get_tgs_ktypes, krb5_free_ktypes): Fix linkage to - be KRB5_CALLCONV. - -2000-06-23 Ken Raeburn <raeburn@mit.edu> - - * get_in_tkt.c (krb5_get_in_tkt): If enctypes are specified, send - the server the intersection of that list and the supported types, - in the order requested. - - * recvauth.c (krb5_recvauth_version): New routine, takes a - krb5_data in which to store the client's application version - string. - (recvauth_common): Renamed from krb5_recvauth, added above - functionality depending on extra argument values. - (krb5_recvauth): New stub, calls above routine with extra dummy - values. - - * kfree.c: Remove unneeded "return" statements at the end of many - functions. - (krb5_free_*_content, krb5_free_*_contents, - krb5_free_cred_enc_part, krb5_free_pwd_sequences): Set freed - pointer members to null when containing structure isn't being - freed. - - * t_kerb.c (test_524_conv_principal): New test code, to exercise - bbense's code addition. - (main, usage): Updated. - * t_krb5.conf: Added stanford.edu->IR.STANFORD.EDU mapping, and a - test case for improperly long v4 realm names. - * Makefile.in (check-unix): Run 524 conversion test for some test - Athena and Stanford names. - * t_ref_kerb.out: Updated. - - * init_ctx.c (init_common): Feed current-microsecond time and - process-id into PRNG, instead of just current-second time. - * mk_req_ext.c (krb5_mk_req_extended): Feed current time into - PRNG if a subkey will be generated. - * sendauth.c (krb5_sendauth): Feed local and remote addresses of - socket, if they can be determined, into the PRNG if a subkey will - be used. - - * init_ctx.c (krb5_free_ktypes): New routine, to free values - returned by krb5_get_tgs_ktypes, krb5_get_permitted_enctypes, and - krb5_get_default_in_tkt_ktypes. - (krb5_set_default_tgs_ktypes, krb5_is_permitted_enctype): Use it. - (get_profile_etype_list): Use passed-in enctype list if the - passed-in count is non-zero, instead of checking the - in_tkt_ktype_count value in the context. - -2000-06-23 Ken Raeburn <raeburn@mit.edu> - Nalin Dahyabhai <nalin@redhat.com> - - * conv_princ.c (krb5_524_conv_principal): Return an error if name - is too long. Use memcpy for character data since we already know - the length. - -2000-06-23 Nalin Dahyabhai <nalin@redhat.com> - - * kfree.c (krb5_free_keyblock_contents): Set contents pointer to - null after freeing. - - * chk_trans.c (krb5_check_transited_list): Don't overflow buffers - "prev" and "next". - * conv_princ.c (krb5_425_conv_principal): Don't overflow buffer - "buf". - -2000-06-23 Ken Raeburn <raeburn@mit.edu> - Booker C. Bense <bbense@networking.stanford.edu> - - * conv_princ.c (krb5_524_conv_principal): Look up v4_realm in - config file, in case site's krb4 realm name isn't the same as the - krb5 realm name. - -2000-05-31 Wilfredo Sanchez <tritan@mit.edu> - - * fwd_tgt.c: Check for existance of <memory.h>. - [from Nathan Neulinger <nneul@umr.edu>] - -2000-5-19 Alexandra Ellwood <lxs@mit.edu> - - * sendauth.c, fwd_tgt.c: Changed to use krb5int_cc_default. This function - supports the Kerberos Login Library and pops up a dialog if the cache does - not contain valid tickets. This is used to automatically get a tgt before - obtaining service tickets. Note that this should be an internal function - because callers don't expect krb5_cc_default to pop up a dialog! - (We found this out the hard way :-) - -2000-05-15 Jeffrey Altman <jaltman@columbia.edu> - - * Added new source file appdefault.c - Implements new public functions - - krb5_appdefault_string - krb5_appdefault_boolean - -2000-04-28 Alexandra Ellwood <lxs@mit.edu> - - * gic_pwd.c (krb5_init_creds_password) added code to return to - login library if the password is expired (login library handles - this error appropriately). - -2000-04-08 Tom Yu <tlyu@mit.edu> - - * vfy_increds.c (krb5_verify_init_creds): appdefault_boolean -> - libdefault_boolean; it somehow got missed earlier. - -2000-04-07 Jeffrey Altman <jaltman@columbia.edu> - - * gic_pwd.c (krb5_get_init_creds_keytab), gic_pwd.c - (krb5_get_init_creds_password) when determining whether or not to - retry with a "master kdc" do not retry if the return value from - the first attempt was KRB5_REALM_CANT_RESOLV. Also, do not - overwrite the return code if the return value from the access to - the "master kdc" was KRB5_REALM_CANT_RESOLV. - -2000-03-15 Danilo Almeida <dalmeida@mit.edu> - - * init_ctx.c (init_common), gic_pwd.c (krb5_get_as_key_password, - krb5_get_init_creds_password), preauth2.c (pa_sam): Add support - for krb5_get_prompt_types(). - -2000-03-13 Ken Raeburn <raeburn@mit.edu> - - * preauth2.c (pa_function): Called function now takes new - krb5_enctype pointer argument. - (pa_salt, pa_sam): Accept new arg, ignore it. - (pa_enc_timestamp): Accept new arg. If value pointed to is - nonzero, pass it to get-AS-key fn instead of first requested - enctype. Added some debugging fprintf calls, conditionally - compiled. - (krb5_do_preauth): Accept new arg, and pass it through to the - specific preauth functions. Added some debugging fprintf calls, - conditionally compiled. - - * get_in_tkt.c (krb5_get_init_creds): Pass etype pointer to - krb5_do_preauth. - -2000-03-12 Ezra Peisach <epeisach@mit.edu> - - * addr_comp.c, addr_order.c, addr_srch.c, bld_pr_ext.c, - bld_princ.c, encrypt_tk.c, gen_seqnum.c, gen_subkey.c: Change - prototypes to use krb5_const instead of const to match the entries - in krb5.hin - -2000-03-10 Miro Jurisic <meeroh@mit.edu> - - * get_in_tkt.c (krb5_get_init_creds): Always initialize local_as_reply - to avoid returning garbage on error returns. - -2000-02-25 Ken Raeburn <raeburn@mit.edu> - - * preauth2.c (krb5_do_preauth): Check paorder[h] not h for - PA_REAL. Fix from Matt Crawford. - -2000-02-16 Ken Raeburn <raeburn@mit.edu> - - * preauth2.c (pa_sam): In send-encrypted-sad mode, check for magic - salt length and generate a salt from the principal name if found; - use the password and salt to generate a key. Provide timestamp if - nonce is zero, regardless of preauth mode. (Patch from Chas - Williams.) - -2000-02-07 Ken Raeburn <raeburn@mit.edu> - - * gic_pwd.c (krb5_get_as_key_password): If the as_key enctype is - already set to the correct type, do continue and ask for the - password anyways. (Patch from Chas Williams, PR krb5-libs/730.) - - * preauth2.c (pa_sam): If no sam_flags were set, return - KRB5_PREAUTH_BAD_TYPE, because we don't currently handle that - case. - -2000-02-06 Ken Raeburn <raeburn@mit.edu> - - * preauth2.c (pa_sam): Remove unused variable use_sam_key. - (SAMDATA): Cast first result to int, which is what sprintf needs. - (pa_salt): Delete unused variable ret. - - Patches from Frank Cusack: - * kfree.c (krb5_free_predicted_sam_response_contents): Fix typo. - Free new data fields if needed. - (krb5_free_enc_sam_response_enc_contents): Update for field name - change. - * preauth.c (obtain_sam_padata): Update for field name change. - * preauth2.c (pa_sam): Likewise. - -2000-01-27 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (get_profile_etype_list): Discard DESONLY changes - from 1999-09-01, and revert call sites. - -1999-12-02 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (get_profile_etype_list): Report an error if no - recognized enctypes are found in the config file. - -1999-11-23 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (init_common): Renamed from krb5_init_context, now - static. New argument SECURE provides initialization of - profile_secure field. - (krb5_init_context): Call it. - (krb5_init_secure_context): New function. - - * in_tkt_ktb.c (keytab_keyproc): Now static. - * in_tkt_pwd.c (pwd_keyproc): Now static. - * in_tkt_sky.c (skey_keyproc): Now static. - - * preauth2.c (krb5_do_preauth): Fix syntax in switch statement. - Cast padata contents pointer to avoid warning. - (pa_types): Now static. - - * str_conv.c (krb5_deltat_to_string): Always write to a local - temporary buffer that's guaranteed to be large enough, then see if - the supplied output buffer is big enough. - (krb5_string_to_deltat): Deleted. - * x-deltat.y, deltat.c: New files. - * Makefile.in (deltat.c): Add rule for building from x-deltat.y, - but comment out dependencies for easier maintenance. - (BISON, BISONFLAGS): New variables. - - * str_conv.c: Removed most static char arrays, substituting the - values in place. - (krb5_string_to_timestamp): Move atime_format_table inside here. - (krb5_timestamp_to_sfstring): Move sftime_format_table inside - here. - - * str_conv.c: If strftime or strptime are not available, include - the renamed NetBSD versions, and define the function names as - macros to map them to the replacement names. - (__P, _CurrentTimeLocale, dummy_locale_info, TM_YEAR_BASE, - DAYSPERLYEAR, DAYSPERNYEAR, DAYSPERWEEK, isleap, tzname, tzset): - Define some dummies for strftime/strptime to use. - (strptime): Deleted old stub version. - (krb5_timestamp_to_string, krb5_timestamp_to_sfstring): Always - assume strftime is available. - (krb5_string_to_timestamp): Assume strptime is always available. - * strftime.c, strptime.c: New files, based on NetBSD versions. - Modified to rename the functions and not export any symbols. - - * Makefile.in (T_DELTAT_OBJS): New variable. - (TEST_PROGS): Add t_deltat. - (t_deltat): Add rule. - (clean): Added t_deltat stuff. Run rm only once. - * t_deltat.c: New file. - -1999-11-02 Ken Raeburn <raeburn@mit.edu> - - * t_ref_kerb.out: Fix expected zephyr/zephyr output. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-10-12 Ken Raeburn <raeburn@mit.edu> - - * conv_princ.c (sconv_list): Don't do conversion for "zephyr" - principal. (Noticed by Derrick Brashear.) Delete about a dozen - duplicate entries. - -1999-09-01 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (get_profile_etype_list): Update name of the des3 - entry in the default etype list. - - * init_ctx.c (get_profile_etype_list): New argument DESONLY; if - set, ignore any ktype values other than NULL, DES_CBC_CRC, and - DES_CBC_MD5. - (krb5_get_default_in_tkt_ktypes, krb5_get_tgs_ktypes): Set it. - (krb5_get_permitted_enctypes): Don't set it. - - * fwd_tgt.c (krb5_fwd_tgt_creds): Use KRB5_TC_SUPPORTED_KTYPES - when calling krb5_cc_retrieve_cred. - * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Ditto. - * get_creds.c (krb5_get_credentials_core): Set that flag. - (krb5_get_credentials): Check for KRB5_CC_NOT_KTYPE error return. - - * t_ser.c (main): Disable eblock serialization test, since the - code it tests was disabled nearly a year ago. - - * str_conv.c (krb5_timestamp_to_sfstring): Don't pass extra - argument to sprintf. - -1999-08-10 Alexandra Ellwood <lxs@mit.edu> - - * chpw.c (krb5_mk_chpw_req): - Added call to free cipherpw.data. cipherpw.data is allocated - by krb5_mk_priv and passed back. Since cipherpw is never - passed back, krb5_mk_chpw_req should free it. - -1999-08-05 Danilo Almeida <dalmeida@mit.edu> - - * init_ctx.c (krb5_init_context): Document why krb5_win_ccdll_load - is called way early in code. (It is because we need to have the - ccapi stuff loaded before trying to get the OS-specific context - initialization where we figure out default cache names and such.) - -1999-08-05 Danilo Almeida <dalmeida@mit.edu> - - * init_ctx.c (get_profile_etype_list): Use profile_release_string - to free string allocated by profile_get_string. - (krb5_init_context): Use a real context for krb5_win_ccdll_load. - - * get_in_tkt.c (krb5_appdefault_string): - * conv_princ.c (krb5_425_conv_principal): Use profile_free_list - to free values allocated by profile_get_values. - -1999-08-04 Danilo Almeida <dalmeida@mit.edu> - - * get_in_tkt.c (_krb5_conf_boolean, krb5_appdefault_boolean): - Rename krb5_conf_boolean to _krb5_conf_boolean to denote that - it is not public so that folks outside the libraries won't - be tempted to use it. - -1999-08-03 Danilo Almeida <dalmeida@mit.edu> - - * get_creds.c (krb5_validate_or_renew_creds): Intialize out_creds - pointer to 0 and then check whether it is 0 before trying to - dereference it, in case lower-level routine failed to assign - a value to it. - -1999-07-22 Jeffrey Altman <jaltman@columbia.edu> - - get_in_tkt.c: rename conf_boolean to krb5_conf_boolean so that - it may be used in additional modules. - -1999-06-28 Tom Yu <tlyu@mit.edu> - - * enc_helper.c (krb5_encrypt_helper): NULL out the pointer to the - ciphertext if there is an error; this prevents stuff farther up - from freeing freed memory. - -1999-06-18 Ken Raeburn <raeburn@mit.edu> - - * init_ctx.c (krb5_free_context): Set field pointers to NULL after - freeing targets, in case higher-level code retains pointers into - the context structure. (From Jeffrey Altman.) - -Thu May 13 17:31:34 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * init_ctx.c (krb5_init_context): Pass the context to - kkrb5_win_ccdll_load so that it can register the FILE - ccache type if using ccapi (so that the FILE ccache type - will always work). - -Mon May 10 15:26:00 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1999-04-09 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * kfree.c (krb5_free_sam_challenge, krb5_free_sam_challenge_contents, - krb5_free_sam_response, krb5_free_sam_response_contents, - krb5_free_predicted_sam_response, - krb5_free_predicted_sam_response_contents, - krb5_free_enc_sam_response_enc, - krb5_free_enc_sam_response_enc_contents, - krb5_free_pa_enc_ts): Added new functions. Part of - patches from [krb5-kdc/662] - - * gic_pwd.c (krb5_get_init_creds_password): Add new argument to - calls to the prompter function. Part of patches from - [krb5-kdc/662]. - - * preauth2.c (pa_enc_timestamp, pa_sam): Update calls to new - prompter function. [krb5-kdc/662]. - -1999-03-31 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * init_ctx.c (krb5_init_context): Call krb5_win_ccdll_load() to - load the krbcc32.dll under windows. - -Mon Mar 8 22:39:01 1999 Tom Yu <tlyu@mit.edu> - - * sendauth.c (krb5_sendauth): Set credspout to NULL if it's - destined to be returned to avoid freeing it. Also, - unconditionally free credspout if it's non-NULL so that if someone - doesn't pass in a ticket and doesn't give us a non-NULL out_creds, - we don't leak it. [krb5-libs/699] - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Mon Nov 2 19:00:23 1998 Tom Yu <tlyu@mit.edu> - - * str_conv.c: Remove krb5_cksumtype_to_string after merge. - -1998-10-27 Marc Horowitz <marc@mit.edu> - - * vfy_increds.c: rearrange the code a bit to make it more clear - that the logic is correct. - - * str_conv.c: remove enctype and cksumtype string converstions. - They're in the crypto library now, since the information drops - right into the enctype table. - - * ser_eblk.c: ifdef the whole file out, since it's not used - anywhere. it should probably be deleted, but I'm not sure about - backward-compatibility issues yet. - - * rd_req_dec.c: check the auth_context permit-all flag and - permitted_enctypes list, and reject the request if the policy - check fails. - - * init_ctx.c: add code to initialize the prng. It's not great, - but can be improved, and the prng is reseeded when new keys are - processed. Read permitted_enctypes from the krb5.conf file, and - provide accessor functions for it. Make the various etype list - parsers share code as a side effect. - - * get_creds.c: add krb5_get_{validat,renew}ed_creds functions, - which are part of the new init_creds api. The prototypes were - already in, krb5.hin but there was no implementing code. - - * auth_con.c, auth_con.h: add a list of permitted enctypes to the - auth_context for rd_req to check, and create accessor functions - for this list. - - * Makefile.in, enc_helper.c: add enc_helper.c. This provides a - wrapper around the conventional way the library encrypts and wraps - encoded asn.1 structures, so the code isn't repeated in a dozen - places. - -Wed Aug 19 17:27:51 1998 Tom Yu <tlyu@mit.edu> - - * conv_princ.c: Add some additional entries to sconv_list that - were forgotten. - -Wed Jul 15 11:46:05 1998 Ezra Peisach <epeisach@mit.edu> - - * gic_pwd.c (krb5_get_init_creds_password): Remove unused argument - to sprintf(). - - * t_ref_kerb.out: Fix test case for zephyr principal to reflect - addition to conv_princ.c - -Tue Jul 7 17:06:13 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * conv_princ.c: Add additional commonly seen Kerberos V4 services - to the hard-coded list. - -Tue Jul 7 16:59:03 1998 Tom Yu <tlyu@mit.edu> - - * chk_trans.c: Fix up previous fix; short-circuit out when - trans->length == 0. - -Wed Jul 1 17:59:26 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * chk_trans.c (krb5_check_transited_list): Fix use of an - uninitialized variable; apparently the code was depending - on the stack garbage being non-zero(!) - -1998-05-26 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * srv_rcache.c (krb5_get_server_rcache): - * auth_con.c (krb5_auth_con_setrcache): Export this function in - Windows DLL. - -1998-05-12 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * str_conv.c (krb5_timestamp_to_sfstring): Make sure the date - string printed uses 4 digit years. - -1998-05-08 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * str_conv.c (krb5_string_to_timestamp, strptime): Fix routines to - be able to properly parse Y2K dates. - - * t_kerb.c: Add ability to test krb5_string_to_timestamp - -1998-05-06 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * t_ser.c (main): POSIX states that getopt returns -1 - when it is done parsing options, not EOF. - -1998-05-05 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * get_in_tkt.c (krb5_get_init_creds): If - libdefaults/{REALM}/noaddresses is true, then don't put - any addresses in the ticket request. - -Mon May 4 15:54:07 1998 Tom Yu <tlyu@mit.edu> - - * get_in_tkt.c: Add prototype for make_preauth_list. - -Sat May 2 21:46:02 1998 Tom Yu <tlyu@mit.edu> - - * get_in_tkt.c (krb5_get_in_tkt): Add missing argument to call to - make_preauth_list to avoid stack smashing. Pointed out by lxs. - -Mon Mar 16 19:50:55 1998 Tom Yu <tlyu@mit.edu> - - * chk_trans.c (krb5_check_transited_list): Check lengths when - appending to next and prev. - -Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Changed thisconfigdir to point at the lib/krb5 - directory, since we've moved the configure.in tests in - this directory to the toplevel lib/krb5 configure.in - -Thu Feb 19 19:03:20 1998 Tom Yu <tlyu@mit.edu> - - * recvauth.c (krb5_recvauth): Add some bookkeeping flags so we - know how much stuff to free upon cleanup. Fix the up cleanup - code. - -Wed Feb 18 16:24:02 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 15:27:35 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Added new file kfree.c, which contained all of the - functions previously in the lib/krb5/free directory. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Thu Feb 5 23:48:34 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * rd_cred.c (krb5_rd_cred): - * rd_safe.c (krb5_rd_safe): - * rd_priv.c (krb5_rd_priv): Use the remote_subkey first, since the - mk_* routines try to use their local_subkey first. - Otherwise, the wrong keys will get used if subkeys are - used in both directions. - -Fri Jan 2 21:21:29 1998 Tom Yu <tlyu@mit.edu> - - * preauth.c (handle_sam_labels): - (obtain_sam_padata): Check return of malloc. [krb5-libs/518] - - * chpw.c (krb5_mk_chpw_req): Check return of malloc. - (krb5_rd_chpw_rep): Check return of malloc. [krb5-libs/518] - -Tue Dec 16 00:08:33 1997 Tom Yu <tlyu@mit.edu> - - * mk_req_ext.c (krb5_mk_req_extended): Check enctype of session - key, not that of the ticket, which we really shouldn't care about. - -Sun Dec 7 07:24:23 1997 Ezra Peisach <epeisach@dumpster.rose.brandeis.edu> - - * gic_pwd.c (krb5_get_init_creds_password): Change fourth argument - in call to prompter (which is an int) from NULL to 0. - -Sat Dec 6 02:28:17 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Add files chpw.c, gic_*, preauth2.c, vfy_increds.c, - vic_opt.c. - - * chpw.c: New file; implement Cygnus chpw. - - * get_in_tkt.c: Implement support for Cygnus initial credentials - API. - - * gic_keytab.c: New file; Cygnus initial creds. - - * gic_opt.c: New file; Cygnus initial creds. - - * gic_pwd.c: New file; Cygnus initial creds. - - * preauth.c: Add more SAM support (from Cygnus). - - * preauth2.c: New file; additional SAM support from Cygnus. - - * send_tgs.c: Account for additional parameter to sendto_kdc. - - * vfy_increds.c: New file; Cygnus initial creds. - - * vic_opt.c: New file; Cygnus initial creds. - -Wed Oct 22 00:29:33 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * send_tgs.c (krb5_send_tgs): Don't send a zero endtime; if the - requested endtime is zero, set it equal to the TGT endtime. - -Mon Oct 6 12:07:19 1997 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * set_realm.c (krb5_set_principal_realm): Allocate extra byte for - \0 after realm. - -Mon Sep 1 21:38:16 1997 Tom Yu <tlyu@mit.edu> - - * rd_cred.c (krb5_rd_cred_basic): Fix swapped args to memset. - -Fri Aug 29 16:41:25 1997 Tom Yu <tlyu@mit.edu> - - * get_in_tkt.c (krb5_get_in_tkt): Move nulling out of - request.padata before the os_localaddr call in order to avoid - freeing a null pointer in the cleanup code. - -Tue Aug 12 09:13:22 1997 Ezra Peisach <epeisach@mit.edu> - - * init_ctx.c (krb5_init_context): Initialize local variable ctx - before calling krb5_init_ets. - -Fri Aug 8 17:04:54 1997 Tom Yu <tlyu@mit.edu> - - * rd_cred.c (krb5_rd_cred_basic): Check remote_addr and - encpart.s_address before calling krb5_address_compare. Fixes - krb5-libs/456. - -Fri Jul 25 15:25:32 1997 Tom Yu <tlyu@mit.edu> - - * t_ser.c: Add support for changed kdb API. - -Tue Jul 15 22:15:09 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * serialize.c (krb5_register_serializer): Only copy over the old - table when there's an old table to copy over. Otherwise, - BoundsChecker complains about memcpy(foo, NULL, 0). - -Tue Mar 25 00:32:55 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * preauth.c (obtain_sam_padata): Fix handling of the sam-timestamp - and sam-usec fields, which should always be set if the - nonce is not available, not just SAM_USE_SAD_AS_KEY is - being used. [krb5-libs/325] - -Mon Mar 24 12:21:38 1997 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * t_ser.c: Clean up error reporting for krb5_init_context(). Also - report errors for each subtest, so we know which subtest - failed. - -Sat Feb 22 22:39:49 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Fri Feb 21 18:38:06 1997 Sam Hartman <hartmans@tertius.mit.edu> - - * crypto_glue.c: Move into libcrypto as krb5_glue.c; I need to - avoid libcrypto depending on libkrb5 - -Wed Feb 19 14:21:12 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * t_kerb.c (test_set_realm): New function used to test - krb5_set_principal_realm(). Called by using the new "set_realm" - command to t_kerb. - - * set_realm.c (krb5_set_principal_realm): New function which sets - the realm of a principal. - -Thu Feb 13 14:17:00 1997 Richard Basch <basch@lehman.com> - - * get_in_tkt.c (krb5_get_in_tkt): Initialize as_reply; if - krb5_os_localaddr() returns an error, the cleanup - routine may try to free a garbage pointer (as_reply). - -Wed Feb 12 20:47:30 1997 Tom Yu <tlyu@mit.edu> - - * fwd_tgt.c (krb5_fwd_tgt_creds): Use the client's realm rather - than the server's realm for constructing the tgs principal. - Remove TC_MATCH_SRV_NAMEONLY from call to retrieve_cred() - because we want to get an exact match. - -Mon Feb 10 10:41:36 1997 Ezra Peisach <epeisach@mit.edu> - - * crypto_glue.c (krb5_calculate_checksum): Add krb5_const to - krb5_pointer of in data to match prototype. - -Sat Feb 8 15:02:39 1997 Richard Basch <basch@lehman.com> - - * get_creds.c: - Export krb5_get_credentials_{renew,validate} (win32) - Removed unused variable. - -Fri Feb 7 09:41:33 1997 Richard Basch <basch@lehman.com> - - * mk_cred.c (krb5_mk_ncred): Declare ncred as krb5_int32 so that - the right value is pushed onto the stack when calling - krb5_mk_ncred_basic() - - * copy_addrs.c fwd_tgt.c mk_cred.c: - Use FAR keyword in pointer declarations. - - * sendauth.c (krb5_sendauth): Do not free the credentials if they - are being returned to the caller [krb5-libs/357] - -Sun Feb 2 20:57:15 1997 Richard Basch <basch@lehman.com> - - * serialize.c: Added FAR declarations to pointer arguments for - all functions declared as KRB5_DLLIMP. - -Thu Jan 30 21:44:37 1997 Richard Basch <basch@lehman.com> - - * crypto_glue.c: - Export more crypto-layer functions: - krb5_encrypt, krb5_decrypt, krb5_eblock_enctype, - krb5_process_key, krb5_finish_key, krb5_string_to_key, - krb5_init_random_key, krb5_finish_random_key, krb5_random_key - -Sat Feb 8 18:41:42 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new program build procedure. - -Thu Jan 2 17:16:18 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Mon Dec 23 17:20:03 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * Makefile.in (SRCS): Add brand.c to the SRCS line so that the - kerbsrc.mac.tar includes brand.c - -Sat Dec 21 01:26:11 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * brand.c: New file, which allows a release engineer to "brand" - the krb5 library or a binary application program - statically linked against the krb5 library. This file is - statically included by init_ctx.c, to force it be in a - binary library or application program. - - * init_ctx.c (krb5_init_context): Use new call krb5_vercheck() for - Windows timebomb checking; this call returns an error - code, which is returned to the user if the timebomb should - be activated. - -Thu Nov 21 14:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - - * auth_con.c bld_pr_ext.c conv_princ.c copy_addrs.c copy_athctr.c - copy_auth.c copy_cksum.c copy_creds.c copy_data.c copy_key.c - copy_princ.c copy_tick.c cp_key_cnt.c decrypt_tk.c fwd_tgt.c - gc_via_tkt.c get_creds.c get_in_tkt.c in_tkt_ktb.c in_tkt_pwd.c - in_tkt_sky.c init_ctx.c mk_cred.c mk_error.c mk_priv.c mk_rep.c - mk_req.c mk_req_ext.c mk_safe.c parse.c princ_comp.c rd_cred.c - rd_error.c rd_priv.c rd_rep.c rd_req.c rd_safe.c recvauth.c - sendauth.c str_conv.c unparse.c valid_times.c - DLL export various functions (see lib/krb5.def for full list) - -Thu Nov 21 13:54:01 1996 Ezra Peisach <epeisach@mit.edu> - - * recvauth.c (krb5_recvauth): If there is an error, and the server - argument to krb5_recvauth is NULL, create a dummy server - entry for the krb5_error structure so that krb5_mk_error - will not die with missing required fields. [krb5-libs/209] - -Wed Nov 13 14:30:47 1996 Tom Yu <tlyu@mit.edu> - - * init_ctx.c: Revert previous kt_default_name changes. - -Tue Nov 12 22:07:33 1996 Tom Yu <tlyu@mit.edu> - - * init_ctx.c (krb5_init_context): Oops. Initialize kt_default_name - to NULL. - - * init_ctx.c (krb5_free_context): Free kt_default_name if it's - non-NULL. - -Sat Nov 9 14:19:28 1996 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (check-unix): Invoking t_ser requires that - KRB5_CONFIG points to a valid krb5.conf - - * t_ser.c (main): If verbose flag is set and there is an error, - display error message. - -Wed Nov 6 14:02:21 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * init_ctx.c (krb5_init_context): Initialize the error tables, so - applications don't need to call krb5_init_ets(). - -Tue Nov 5 08:09:23 1996 Ezra Peisach <epeisach@mit.edu> - - * serialize.c (krb5_register_serializer): Do not free a NULL pointer. - -Thu Oct 31 13:48:14 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * init_ctx.c (krb5_init_context): Make it more obvious that - default ticket lifetimes is not yet supported. - -Tue Sep 24 20:59:14 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * get_in_tkt.c (make_preauth_list): Correctly null-terminate the - preauth list generated by make_preauth_list. - -Thu Sep 19 12:29:59 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * unparse.c (krb5_unparse_name_ext): Make unparse correctly handle - a all cases where a principal contains a nulls, backspace, - newlines, or tabs. - - * t_kerb.c (test_parse_principal): Add test for checking - krb5_parse_principal() - - * parse.c (krb5_parse_name): Set all of the magic field values. - -Wed Jul 24 17:09:39 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * preauth.c (find_pa_system): Change type of first argument to be - krb5_preauthtype, to eliminate compiler warnings under - Windows. - -Wed Jul 10 20:22:41 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * init_ctx.c (krb5_init_context): Add a call to krb5_win_do_init() - on Win16 and Win32 machines. This is where we do timebomb - and version server checking. - -Sun Jul 7 15:14:43 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * get_creds.c: (krb5_get_credentials_val_renew_core) Combine - common internals needed from krb5_get_credentials_validate() - and used by new function krb5_get_credentials_renew() - - * gc_frm_kdc.c (krb5_get_cred_from_kdc_renew): A wrapper that - passes KDC_OPT_RENEW to the static - krb5_get_cred_from_kdc_opt so that kinit can use it. - - -Mon Jun 24 09:45:04 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * bld_princ.c (krb5_build_principal_va): Change const to - krb5_const, so that it works on compilers that don't - support const. - -Mon Jun 17 20:23:48 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * str_conv.c (krb5_string_to_timestamp): Ensure that all fields of - the timestamp are filled in if strptime does not fill in - unspecified fields. - -Wed Jun 12 01:10:09 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * sendauth.c (krb5_sendauth): If ECCONABORTED is not defined, try - using the Winsock equivalent (WSAECONNABORTED). - -Mon Jun 10 21:47:21 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * parse.c (krb5_parse_name): Change use of _WINDOWS to _MSDOS, and - add check for _WIN32. - -Thu Jun 6 00:06:18 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * get_creds.c (krb5_get_credentials_core): A static function must - not use the INTERFACE keyword. - -Tue May 14 18:39:22 1996 Richard Basch <basch@lehman.com> - - * mk_req_ext.c mk_safe.c send_tgs.c: - set the length field of the krb5_checksum structure before - calling krb5_calculate_checksum. - - * str_conv.c: replaced sha-des3 cksum with hmac-sha. - -Tue May 14 02:53:42 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * ser_ctx.c (krb5_context_size, krb5_context_externalize, - krb5_context_internalize): Add missing fields from the - serialized context: clockskew, default_kdc_req_sumtype, - default_ap_req_sumtype, default_safe_sumtype, - kdc_default_options, library_options, profile_secure, - fcc_default_format, scc_default_format. - - * ser_actx.c (krb5_auth_context_size, krb5_auth_context_externalize, - krb5_auth_context_internalize): Serialize the two fields - req_cksumtype and safe_cksumtype, instead of the one - cksumtype field. - - * mk_safe.c (krb_mk_safe): Use safe_cksumtype instead of cksumtype - in the auth context. - - * mk_req_ext.c (krb5_mk_req_extended): Use req_cksumtype instead - of cksumtype in the auth context. - - * init_ctx.c (krb5_init_context): Add support for new profile - relations libdefaults/tkt_lifetime, - libdefaults/kdc_req_checksum_type, - libdefaults/ap_req_cksumtype, - libdefaults/safe_checksumtype, and - libdefaults/kdc_default_options. - - * auth_con.h: Remove old cksumtype element, and replace it with - req_cksumtype and safe_cksumtype. - - * auth_con.c (krb5_auth_con_init): Initialize the req_cksumtype - and safe_cksumtype from the context's default - req_cksumtype and safe_cksumtype. - (krb5_auth_con_set_req_cksumtype, - krb5_auth_con_set_safe_cksumtype): New functions, to - replace old krb5_auth_con_setcksumtype - -Fri May 10 18:48:38 EDT 1996 Richard Basch <basch@lehman.com> - - * init_ctx.c: Removed des3-cbc-md5 default support - -Fri May 10 02:51:17 1996 Richard Basch <basch@lehman.com> - - * str_conv.c: changes des3-md5 to des3-sha & added sha cksum types - -Sun May 5 09:46:18 1996 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * preauth.c: Add casts and const keywords as needed. - -Fri May 3 00:15:18 1996 Mark Eichin <eichin@cygnus.com> - - * get_creds.c (krb5_get_credentials_core): new function. Common - part of krb5_get_credentials and krb5_get_credentials_validate. - Some formerly local variables are now arguments. - (krb5_get_credentials): same as before, but calls _core to do some - of the work. - (krb5_get_credentials_validate): uses - krb5_get_cred_from_kdc_validate and only stores the returned - credential in the cache, instead of storing all of them. - -Thu May 2 22:48:56 1996 Mark Eichin <eichin@cygnus.com> - - * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): new function. Same - body as krb5_get_cred_from_kdc, but takes one new argument, - kdcopts, and combines it with the other kdc options when calling - krb5_get_cred_via_tkt. This is static and only called by - (krb5_get_cred_from_kdc): a wrapper that provides the same - function it did before, and - (krb5_get_cred_from_kdc_validate): a wrapper that passes - KDC_OPT_VALIDATE, so that kinit can use it. - We'll probably need another one for renewing tickets as well. - - * rd_req_dec.c (krb5_rd_req_decoded_opt): new function. Same body - as krb5_rd_req_decoded, but takes one new argument, - check_valid_flag, to determine whether or not to check if the - "invalid flag" is set in the ticket. Also made static, so that it - is only called via: - (krb5_rd_req_decoded): wrapper for krb5_rd_req_decoded_opt that - specifies the "invalid flag" gets checked, and - (krb5_rd_req_decoded_anyflag): wrapper for krb5_rd_req_decoded_opt - that specifies that the "invalid flag" doesn't get checked. (This - version is only called from kdc_util.c:kdc_process_tgs_req.) - -Wed May 1 14:30:29 1996 Richard Basch <basch@lehman.com> - - * srv_rcache.c (krb5_get_server_rcache): include the uid in the - default server replay cachename, for systems with geteuid. - - * configure.in: test if the system has geteuid() - -Wed May 1 02:26:53 1996 Mark Eichin <eichin@cygnus.com> - - * str_conv.c (krb5_string_to_timestamp): double check that - strptime at least parsed *some* of the string, avoid degenerate - cases from GNU libc strptime. - -Tue Apr 30 18:19:01 1996 Ken Raeburn <raeburn@cygnus.com> - - * t_ser.c (stuff): New variable. - (ser_acontext_test, ser_eblock_test, ser_cksum_test): Use it, - instead of assuming it's valid to treat &FUNCTION as a data - pointer. - - * conv_princ.c (sconv_list): Now const. - (krb5_*_conv_principal): Use pointer to const for it. - - Tue Apr 23 19:39:59 1996 Mark Eichin <eichin@cygnus.com> - - * get_creds.c (krb5_get_credentials): this isn't the kernel, so - don't return negative errno values. - -Sat Apr 27 19:14:21 1996 Richard Basch <basch@lehman.com> - - * fwd_tgt.c (krb5_fwd_tgt_creds): fixed a possible null dereference. - -Wed Apr 17 14:22:10 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * conv_princ.c: Added ftp and ecat to the list of services which - should be converted. This really ought to be something - that's configurable in the profile... - -Thu Apr 11 21:30:23 1996 Theodore Y. Ts'o <tytso@dcl> - - * init_ctx.c (krb5_init_context): On a Macintosh, turn on - kdc_timesync and use the v4 credentials cache by default. - - * get_in_tkt.c (stash_as_reply, verify_as_reply): Move time offset - code from stash_as_reply to verify_as_reply, and fix it so - that it actually works. - -Wed Apr 3 16:04:36 1996 Theodore Y. Ts'o <tytso@dcl> - - * rd_req_dec.c (krb5_rd_req_decoded): Move code which - validated the ticket times to krb5_validate_times. - - * valid_times.c (krb5_validate_times): New function which - determines whether or not the ticket times are valid. - - * mk_req_ext.c (krb5_mk_req_extended): Call krb5_validate_time() - to determine whether or not the ticket in passed-in - credentials is valid. If it isn't, return an error right - away. - -Wed Mar 27 17:05:47 1996 Richard Basch <basch@lehman.com> - - * in_tkt_ktb.c (keytab_keyproc): Do not check to see that the - enctype of the key is identical; there are several equivalent - DES enctypes. - - * in_tkt_ktb.c (krb5_get_in_tkt_with_keytab): Removed the fancy - logic to only request the keytypes that correspond to those in - the keytab. There were too many fencepost conditions that could - get you into trouble. Either it should be there and *fully* - functional, or not in there at all. Besides, there are too many - other components in Kerberos that expect the end-service to know - all its keys that this sanity check is overkill. - -Tue Mar 26 14:45:03 1996 Richard Basch <basch@lehman.com> - - * conv_princ.c: added "imap" service to the conversion list as - requiring domain conversion for the instance. (imap/<host> is used - by some of the new imap mail implementations) - -Sun Mar 24 01:34:14 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * send_tgs.c (krb5_send_tgs_basic): You want to setup the eblock - used for the authenticator using the in_cred->keyblock, *not* - request.ticket.enc_part.enctype. Under a multi-enctype system, - the session key may be different from the ticket key. - -Wed Mar 20 23:00:59 1996 Theodore Y. Ts'o <tytso@dcl> - - * walk_rtree.c (krb5_walk_realm_tree): Fix 16bit vs. 32bit error. - (cap_code should been a krb5_error_code, not an int!) - - * mk_cred.c (krb5_mk_ncred_basic): Fix windows lint flame. - - * get_in_tkt.c (krb5_get_in_tkt): Fix 16bit vs. 32bit error. - (do_more should not have been an int!) - -Tue Mar 19 13:03:26 1996 Richard Basch <basch@lehman.com> - - * in_tkt_ktb.c (krb5_get_in_tkt_with_keytab): - Only request keytypes that correspond to those in the keytab. - -Mon Mar 18 21:49:39 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Add KRB5_RUN_FLAGS - - * Makefile.in: Use runtime flags. - -Sun Mar 17 20:32:08 1996 Ezra Peisach <epeisach@dumpster.rose.brandeis.edu> - - * configure.in: Add USE_ANAME, USE_KRB5_LIBRARY, KRB5_LIBRARIES so - that Makefile does not have to know build tree layout. - - * Makefile.in: Rework to be consistant with configure defines so - that configure can specify other needed libraries. - -Sun Mar 17 02:10:19 1996 Mark W. Eichin <eichin@cygnus.com> - - * copy_addrs.c (krb5_copy_addr): make non-static so we can use it - in mk_cred. - * mk_cred.c (krb5_mk_ncred_basic): copy local_addr and remote_addr - instead of just aliasing them, so we can safely free them ourselves. - -Fri Mar 15 14:29:00 1996 Richard Basch <basch@lehman.com> - - * in_tkt_ktb.c: Close the keytab if we opened it, not if the - caller opened it. - -Wed Mar 13 17:31:30 1996 Ken Raeburn <raeburn@cygnus.com> - - * configure.in: Use AC_HEADER_STDARG. - -Mon Mar 11 11:15:26 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * str_conv.c (krb5_timestamp_to_string): Handle statement not - reached warning. - - * ser_addr.c (krb5_address_internalize): Add magic numbers - -Thu Feb 29 11:49:38 1996 Theodore Y. Ts'o <tytso@dcl> - - * fwd_tgt.c (NEED_SOCKETS): Use NEED_SOCKETS instead of #including - <netdb.h> - -Sat Feb 24 16:27:54 1996 Theodore Y. Ts'o <tytso@dcl> - - * gc_via_tkt.c (krb5_get_cred_via_tkt): Fix memory leak; free - enctypes after use. - -Thu Jan 25 01:35:52 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * rd_req_dec.c (krb5_rd_req_decrypt_tkt_part): Remove outdated - comment about mapping etype to ktype. - - * gc_via_tkt.c (krb5_get_cred_via_tkt): If the keyblock.enctype is - non-null in in_cred, then request that particular key. - -Wed Jan 24 21:48:53 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * get_creds.c (krb5_get_credentials): Only match against enctype - if it is non-null in increds. - -Sun Jan 21 23:32:53 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * gc_via_tkt.c (krb5_kdcrep2creds): Set is_skey so get_creds won't - break trying to match is_skey in the ccache. This way we - won't end up with many copies of user-to-user tickets. - -Fri Jan 19 23:16:17 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * mk_req.c (krb5_mk_req): krb5_get_credentials does not take - default_kdc_options. - - * sendauth.c (krb5_sendauth): krb5_get_credentials does not take - default_kdc_options. - -Wed Jan 10 21:01:36 1996 Theodore Y. Ts'o <tytso@dcl> - - * init_ctx.c (krb5_init_context): Added checking of profile for - DCE compatability options (ccache type, and checksum type). - - * fwd_tgt.c (krb5_fwd_tgt_creds): Initialize addrs to 0 so that we - don't try to free stack garbage on an error. - - * krbconfig.c, Makefile.in: Removed krbconfig.c; it contained - global variables which are no longer used. - - * recvauth.c: Removed the global extern of - krb5_kdc_default_options, which wasn't being used anyway. - - * mk_req.c (krb5_mk_req): Replace use of krb5_kdc_default_options - with context->kdc_default_options. - - * gc_frm_kdc.c: Remove the global extern of krb5_kdc_req_sumtype, - which wasn't being used anymore anyway. - - * send_tgs.c (krb5_send_tgs_basic): Remove use of the global - variable krb5_kdc_req_sumtype, and use the kdc_req_sumtype - in the context structure instead. - - * walk_rtree.c (krb5_walk_realm_tree): Applied patch submitted by - Doug Engbert, so that the configurable authentication - patch takes into account the null entry at the end of the - list. - -Tue Jan 9 22:04:09 1996 Theodore Y. Ts'o <tytso@dcl> - - * fwd_tgt.c (krb5_fwd_tgt_creds): New function which handles all - of the dirty work of forwarding TGT's. - - * rd_cred.c (krb5_rd_cred_basic): Clean up memory allocation - discpline to remove memory leaks. - - * mk_cred.c (krb5_mk_ncred_basic, krb5_mk_ncred, krb5_mk_1cred): - Clean up memory allocation discpline to remove memory - leaks. - - * init_ctx.c (krb5_get_tgs_ktypes): Clean up parsing of the etype - list. Don't overrun the string containing the etype list. - -Wed Jan 3 21:32:59 1996 Theodore Y. Ts'o <tytso@dcl> - - * rd_cred.c (krb5_rd_cred_basic): When the keyblock is NULL, - assume we're being called from the gssapi code, which - doesn't have access to the sender or receive address - information, don't check the sender address, since it - won't be available. - - * rd_cred.c (decrypt_credencdata): When calling krb5_rd_credd(), - if the keyblock is null, just copy the encoded structure - from the "ciphertext" part of the structure and decode it. - - * mk_cred.c (encrypt_credencpart): When calling krb5_mk_cred(), if - the keyblock is NULL, don't encrypt it; just encode it and - leave it in the ciphertext area of the structure. - -Thu Dec 21 18:47:54 1995 Theodore Y. Ts'o <tytso@dcl> - - * rd_rep.c (krb5_rd_rep): Change use of - KRB5_SENDAUTH_MUTUAL_FAILED to KRB5_MUTUAL_FAILED. - -Tue Dec 19 17:15:40 1995 Theodore Y. Ts'o <tytso@dcl> - - * rd_cred.c (krb5_rd_cred_basic): Missing parenthesis meant that - wrong number of bytes was being allocated. - -Sun Dec 3 11:49:09 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (SRCS/OBJS): Move compat_recv.c to krb5util library. - -Fri Dec 1 17:04:43 1995 Theodore Y. Ts'o <tytso@dcl> - - * recvauth.c (krb5_recvauth): Initialize rcache to zero, so that - on cleanup we don't try to free stack garbage. - -Sun Nov 26 19:31:18 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * preauth.c: Ultrix is broken. Prototype obtain_enc_ts_padata() - and process_pw_salt() explicitly rather than using the - typedef in k5-int.h becaus that typedef is to a function - pointer now. - -Fri Nov 17 22:35:52 1995 Theodore Y. Ts'o <tytso@dcl> - - * get_in_tkt.c (decrypt_as_reply): - * preauth.c (process_pw_salt): When fetching the key to decrypting - the encrypted kdc reply, use the etype associated with the - etype reply, not the etype associated with the included - ticket. - - * encode_kdc.c: Remove eblock argument from krb5_encode_kdc_rep; - set the eblock type from the client_key's enctype. - -Thu Nov 16 20:29:17 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * srv_rcache.c (krb5_get_server_rcache): Use krb5_rc_default_type - instead of assuming default rcache type is "dfl". - -Mon Nov 13 14:40:05 1995 <tytso@rsts-11.mit.edu> - - * walk_rtree.c (krb5_walk_realm_tree): Added ANL changes to - support configuration authentication paths. - -Mon Nov 13 12:57:12 1995 Theodore Y. Ts'o <tytso@dcl> - - * preauth.c (krb5_process_padata): Added generalized processing - for preauth information which is returned by the KDC. - This should be general enough to support the AFS3_SALT - preauth type, the SNK4 preauth type, and the public-key - mods to Kerberos. - (process_pw_salt): New function for processing the KRB5_PW_SALT - preauthentication type. - - * get_in_tkt.c (decrypt_as_reply): Removed temporary kludge for - processing the PW_SALT preauth type; that's now done in - preauth.c - (krb5_get_in_tkt): Call krb5_process_padata with new arguments so - that the preauth code can set the decryption_key if - necessary. - -Thu Nov 09 17:05:57 1995 Chris Provenzano (proven@mit.edu) - - * in_tkt_pwd.c : Remove krb5_enctype from krb5_string_to_key() args. - -Thu Nov 9 00:02:43 1995 Theodore Y. Ts'o <tytso@dcl> - - * get_in_tkt.c (krb5_get_in_tkt): Remove the etype_info argument - from the call to krb5_obtain_padata. - - * preauth.c (krb5_obtain_padata): Use the PADATA_ETYPE_INFO - preauth, if it exists, to determine which salt type to use - when encrypting the preauthentication data. Remove the - etype_info argument. - -Wed Nov 8 02:50:59 1995 Theodore Y. Ts'o <tytso@dcl> - - * krbconfig.c: Removed the krb5_clockskew variable. - - * srv_rcache.c (krb5_get_server_rcache): - * rd_safe.c (krb5_rd_safe): - * rd_req_dec.c (krb5_rd_req_decoded): - * rd_priv.c (krb5_rd_priv): - * rd_cred.c (krb5_rd_cred): - * gc_via_tkt.c (krb5_get_cred_via_tkt): - * get_in_tkt.c (verify_as_reply): Replace use of krb5_clockskew - with context->clockskew. - - * encrypt_tk.c (cleanup_scratch): Changed interface to no longer - require an eblock; we can use our own and figure out the - enctype from the passed-in key. - - * get_in_tkt.c (krb5_get_in_tkt): Added calls to - krb5_obtain_padata(). - - * preauth.c: Completely restructured file to support - preauthentication. - - -Fri Oct 27 22:15:33 1995 Theodore Y. Ts'o <tytso@dcl> - - * get_in_tkt.c (krb5_get_in_tkt): Extensive reworking of the - structure of this file to make it possible to support - preauthentication. - -Mon Oct 23 17:08:59 1995 Theodore Y. Ts'o <tytso@dcl> - - * in_tkt_pwd.c (krb5_get_in_tkt_with_password): Fix to properly - malloc password buffer. - -Mon Oct 23 11:09:56 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * rd_req_dec.c (krb5_rd_req_decoded): For heirarchal cross-realm, - set the length after initializing string. - - * rd_req.c (krb5_rd_req): If a new auth_context is created - and then there is an error, make sure return pointer is not - looking at freed memory. - -Fri Oct 6 22:04:42 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Fri Sep 29 00:08:53 1995 Theodore Y. Ts'o <tytso@dcl> - - * gc_via_tkt.c (krb5_get_cred_via_tkt): Only check the returned - starttime to make sure it matches the requested starttime - if we requested a postdated ticket. - -Thu Sep 28 22:58:53 1995 Theodore Y. Ts'o <tytso@dcl> - - * conv_princ.c (krb5_425_conv_principal): Only convert instances - which don't have a '.' in them. If they have a '.', - assume that they are fully qualified already. - -Thu Sep 28 12:00:00 1995 John Rivlin <jrivlin@fusion.com) - - * gc_via_tkt.c: Cleaned up corrupt ticket error testing to - make it more debugable and I think work around a compiler - bug. - -Mon Sep 25 16:57:59 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 13 10:58:20 1995 Keith Vetter (keithv@fusion.com) - - * get_in_t.c: removed unused variable. - * rd_cred.c: removed INTERFACE keyword. - * ser_auth.c: passing int32 where a size_t is wanted. - * ser_ctx.c: 16/32 bit int size mismatch. - -Sun Sep 17 23:41:19 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * rd_safe.c: Fix typo error. - -Sat Sep 16 01:23:14 1995 Theodore Y. Ts'o <tytso@dcl> - - * sendauth.c (krb5_sendauth): Make sure the scratch credentials - structure may have possible been used be freed.. - - * rd_safe.c (krb5_rd_safe_basic): Fall through to the cleanup code - at the end, to make sure the decoded message in message is - freed. - - * rd_req_dec.c (krb5_rd_req_decoded): Use krb5_copy_keyblock to - copy authent->subkey to auth_context->remote_subkey. - Keeping them separate avoids aliasing problems. - - * mk_req_ext.c (krb5_generate_authenticator): Fix memory leak. - Don't bash authent->subkey with key after carefully - copying it using krb5_copy_keyblock! - - * recvauth.c (krb5_recvauth): krb5_get_server_rcache() already - opens the rcache; doing it again merely causes a memory leak. - -Fri Sep 15 17:20:08 1995 Theodore Y. Ts'o <tytso@dcl> - - * gen_subkey.c (krb5_generate_subkey): Eliminate memory leak. - krb5_init_random_key() does its own allocation of the - keyblock. - - * gc_via_tkt.c (krb5_kdcrep2creds): Fix memory leak. - - * srv_rcache.c (krb5_get_server_rcache): Fix memory leak. - - * rd_safe.c (krb5_rd_safe_basic): Fix memory leak. - -Tue Sep 12 12:40:30 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * t_ser.c (ser_cksum_test): Work around an optimizer bug unser - OSF/1 and gcc. - -Sun Sep 10 12:00:00 1995 James Mattly (mattly@fusion.com) - - * gen_seqnum.c: change usage of krb5_crypto_us_timeofday to krb5_timeofday - * get_in_tkt.c: change usage of krb5_crypto_us_timeofday to krb5_timeofday - * mk_priv.c: change usage of krb5_crypto_us_timeofday to krb5_timeofday - * mk_req_ext.c: change usage of krb5_crypto_us_timeofday to krb5_timeofday - * send_tgs.c: change usage of krb5_timeofday over to krb5_crypto_us_timeofday - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * auth_con.c, decrypt_tk.c, encode_kdc.c, encrypt_tk.c, - * gc_frm_kdc.c, gen_seqnum.c, get_creds.c, get_in_tkt.c, - * in_tkt_ktb.c, in_tkt_pwd.c, in_tkt_sky.c, init_ctx.c, - * kdc_rep_dc.c, mk_cred.c, mk_priv.c, mk_rep.c, mk_req._ext.c, - * preauth.c, rd_cred.c, rd_priv.c, rd_rep.c, rd_req_dec.c, - * send_tgs.c, sendauth.c, ser_actx.c, ser_ctx.c, ser_eblk.c, - * ser_key.c, t_ser.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Wed Sept 6 12:00:00 EDT 1995 James Mattly (mattly@fusion.com) - - * get_in_tkt.c: change usage of krb5_timeofday to krb5_crypto_us_timeofday - * mk_req_ext.c: change usage of timeofday - * parse.c: disabled a usage of exit for macintosh - * send_tgs.c: change usage of krb5_timeofday over to - krb5_crypto_us_timeofday - * unparse.c: include <stdio.h> - - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * decode_kdc.c, decrypt_tk.c, encode_kdc.c, encrypt_tk.c, gc_frm_kdc.c - * gc_via_tkt.c, get_in_tkt.c, in_tkt_ktb.c, in_tkt_pwd.c, in_tkt_sky.c - * init_ctx.c, kdc_rep_dc.c, mk_cred.c, mk_priv.c, mk_rep.c - * mk_req_ext.c, rd_cred.c, rd_priv.c, rd_rep.c, rd_req_dec.c, - * send_tgs.c, ser_ctx.c, ser_eblk.c, ser_key.c, t_ser.c: - Remove krb5_enctype references, and replace with - krb5_keytype where appropriate - -Fri Sep 1 20:03:41 1995 Theodore Y. Ts'o <tytso@dcl> - - * get_in_tkt.c (krb5_get_in_tkt): If kdc_settime is enabled, then - set the time_offset fields from the returned ticket's - authtime value. - - * init_ctx.c (krb5_init_context): Initialize new fields in - krb5_context (clockskew, kdc_req_sumtype, and - kdc_default_options). - - * gc_via_tkt.c (krb5_get_cred_via_tkt): Perform the necessary - sanity checking on the KDC response to make sure we detect - tampering. - - * send_tgs.c (krb5_send_tgs): Set the expected nonce in the - response structure. - - * krbconfig.c: Set the default checksum to use MD5 - -Fri Sep 1 11:16:43 EDT 1995 Paul Park (pjpark@mit.edu) - * ser_ctx.c - Add handling of new time offset fields in the os_context. - - -Tue Aug 29 14:14:26 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in, .Sanitize, ser_{actx,adata,addr,auth,cksum,ctx,eblk,key, - princ}.c, serialize.c, t_ser.c - Add serialization operations - for data structures required to serialize krb5_context, krb5_ - auth_context, krb5_encrypt_block and krb5_principal. - * auth_con.h - Add magic number. - * auth_con.c - Add static routine to copy an address and use this - instead of the other code. Set the magic number when initing - an auth_context. Use krb5_free_address to release an address. - * init_ctx.c - Free the allocated serializers when releasing context. - * rd_rep.c - Copy the keyblock from the message instead of setting - a pointer into it. - -Thu Aug 24 18:55:50 1995 Theodore Y. Ts'o <tytso@dcl> - - * .Sanitize: Update file list. - -Mon Aug 7 18:54:35 1995 Theodore Y. Ts'o <tytso@dcl> - - * in_tkt_ktb.c (keytab_keyproc): If there is an error looking up - the key, make sure the keytab is closed as part of the - cleanup. - -Fri Aug 4 22:04:08 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * conv_princ.c: Add braces to initializer to shut up gcc -Wall - -Fri Jul 7 16:31:06 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Find com_err in TOPLIBD. - * rd_safe.c - Use checksum verifier instead of doing it manually. - -Thu Jul 6 17:31:40 1995 Tom Yu <tlyu@lothlorien.MIT.EDU> - - * rd_safe.c (krb5_rd_safe_basic): Pass context to os_localaddr. - - * rd_priv.c (krb5_rd_priv_basic): Pass context to os_localaddr. - - * rd_cred.c (krb5_rd_cred_basic): Pass context to os_localaddr. - - * get_in_tkt.c (krb5_get_in_tkt): Pass context to os_localaddr. - -Wed July 5 15:52:31 1995 James Mattly <mattly@fusion.com> - * added condition for _MACINTOSH - -Sun Jul 2 18:59:53 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * recvauth.c (krb5_recvauth): recvauth should send an error reply - if problem is not zero. Removed if that caused it to only send a - reply on success. - -Fri Jun 16 22:11:21 1995 Theodore Y. Ts'o (tytso@dcl) - - * get_in_tkt.c (krb5_get_in_tkt): Allow the credentials cache - argument to be optional; allow it to be NULL, meaning that - the credentials shouldn't be stored in a credentials cache. - -Mon Jun 12 16:49:42 1995 Chris Provenzano (proven@mit.edu) - - A couple bug reports/patches from Ed Phillips (flaregun@udel.edu) - * in_tkt_ktb.c (keytab_keyproc()): Fix memory leak. - * recvauth.c (krb5_recvauth()): Don't open a new rcache if - the auth_context already has one. - * auth_con.c (krb5_auth_con_free()): Close rcache is the - auth_context has one set. - * auth_con.c (krb5_auth_con_getrcache()): Return pointer - to the rcache set in the auth_context. - -Sun Jun 11 12:31:39 1995 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * auth_con.c (krb5_auth_con_init): Zero newly allocated - krb5_auth_context. (Fixed error in redefinitions). - -Sat Jun 10 23:05:51 1995 Tom Yu (tlyu@dragons-lair) - - * auth_con.c, compat_recv.c, mk_cred.c, mk_priv.c, mk_rep.c, - mk_req.c, mk_req_ext.c, mk_safe.c, rd_cred.c, rd_priv.c, - rd_rep.c, rd_req.c rd_req_dec.c, rd_safe.c, recvauth.c, - sendauth.c: krb5_auth_context redefinitions - -Fri Jun 9 18:48:43 1995 <tytso@rsx-11.mit.edu> - - * rd_req_dec.c (krb5_rd_req_decoded): Fix -Wall nits - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - - * Makefile.in, faddr_ordr.c: Remove faddr_ordr.c; its function, - krb5_fulladdr_order, isn't used anywhere. - -Fri Jun 9 02:42:54 1995 Tom Yu (tlyu@dragons-lair) - - * rd_cred.c (krb5_rd_cred_basic): fix typo (extra "context" - argument passed to krb5_xfree) - -Thu Jun 8 22:48:27 1995 Theodore Y. Ts'o <tytso@dcl> - - * rd_cred.c (krb5_rd_cred_basic): Fix problem where the ticket - field was assigned with a krb5_data, which was then - immediately freed. - -Thu Jun 8 16:06:44 1995 <tytso@rsx-11.mit.edu> - - * compat_recv.c, auth_con.c, chk_trans.c, encrypt_tk.c, - gc_frm_kdc.c, gc_via_tkt.c, gen_seqnum.c, gen_subkey.c, - get_creds.c, get_in_tkt.c, in_tkt_ktb.c, in_tkt_pwd.c, - in_tkt_skey.c, init_ctx.c, kdc_rep_dc.c, mk_cred.c, - mk_error.c, mk_priv.c, mk_rep.c, mk_req.c, mk_req_ext.c, - mk_cred.c, mk_safe.c, parse.c, preauth.c, rd_cred.c, - rd_rep.c, rd_req.c, rd_req_dec.c, rd_safe.c, recvauth.c, - sendauth.c, send_tgs.c, srv_rcache.c, walk_rtree.c: Clean - up GCC -Wall flames. - -Wed Jun 7 15:23:21 1995 <tytso@rsx-11.mit.edu> - - * conv_princ.c (krb5_425_conv_principal): Remove old CONFIG_FILES - code. - -Fri May 26 10:18:28 1995 Keith Vetter (keithv@fusion.com) - - * makefile.in: removed for the PC creating shared directory. - (still bug with the '@SHARED_RULE@' line but I'm waiting - on tytso for that since I don't want to break Unix). - -Thu May 25 09:58:42 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * gc_via_tkt.c (krb5_kdcrep2creds): Fix syntax error in the - freeing of the keyblock. - -Wed May 24 18:19:17 1995 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in, configure.in: Add rules for building shared library. - - * gc_via_tkt.c (krb5_kdcrep2creds): On an error, free the keyblock. - -Tue May 23 16:28:42 1995 Theodore Y. Ts'o (tytso@dcl) - - * gc_frm_kdc.c, preauth.c, t_kerb.c, t_walk_rtree.c, unparse.c: - Rearrange #include files so that krb5.h gets included - first, so that the debugging information can be more - efficiently collapsed since the type numbers will be the - same. - -Sat May 20 14:01:16 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * rd_safe.c (krb5_rd_safe): Increment remote_seq_number if - KRB5_AUTH_CONTEXT_DO_SEQUENCE is set. - -Thu May 11 22:42:30 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * rd_cred.c (krb5_rd_cred_basic): If address don't match, return - KRB5KRB_AP_ERR_BADADDR (add missing retval). - -Thu May 11 18:30:21 1995 Chris Provenzano (proven@mit.edu) - - * mk_cred.c (krb5_mk_cred()), mk_priv.c (krb5_mk_priv()), - * mk_safe.c (krb5_mk_safe()), rd_cred.c (krb5_rd_cred()), - * rd_priv.c (krb5_rd_prev()), rd_safe.c (krb5_rd_safe()): - Pass the contents pointer returned from krb5_make_fulladdr() - to free() not the address of the pointer. - -Tue May 9 08:34:21 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (clean): Remove t_kerb and t_kerb.o - -Fri May 5 00:06:24 1995 Theodore Y. Ts'o (tytso@dcl) - - * conv_princ.c (krb5_425_conv_principal): Use new calling - convention of krb5_get_realm_domain, which is that it - returns the realm *without* the leading dot. - - Also use the profile code to look up individual instance - conversions using [realms]/<realm>/v4_instance_convert/<inst> - This allows special case handling of mit.edu and - lithium.lcs.mit.edu. - - * t_kerb.c: New file for testing krb library functions. Currently - only tests krb5_425_conv_principal. - -Wed May 03 03:30:51 1995 Chris Provenzano (proven@mit.edu) - - * recvauth.c, compat_recv.c (krb5_recvauth()): - * compat_recv.c (krb5_compat_recvauth()): - No longer needs the rc_type arg. - -Tue May 02 19:29:18 1995 Chris Provenzano (proven@mit.edu) - - * mk_cred.c (mk_cred()), mk_priv.c (mk_priv()), mk_safe.c (mk_safe()), - * rd_cred.c (rd_cred()), rd_priv.c (rd_priv()), rd_safe.c (rd_safe()): - Don't call krb5_make_fulladdrs() if a port isn't specified. - -Mon May 01 15:56:32 1995 Chris Provenzano (proven@mit.edu) - - * auth_con.c (krb5_auth_con_free()) : - Free all the data associated with the auth_context. - - * auth_con.c (krb5_auth_con_setkey()) : Removed. - * mk_rep.c (mk_rep()), - The krb5_mk_rep() routine must always encode the data in - the keyblock of the ticket, not the subkey. - - * cleanup.h, auth_con.c (krb5_auth_con_setports()) : Added. - * auth_con.h, mk_cred.c (mk_cred()), mk_priv.c (mk_priv()), - * mk_safe.c (mk_safe()), rd_cred.c (rd_cred()), - * rd_priv.c (rd_priv()), rd_safe.c (rd_safe()) : - Changes to auth_context to better support full addresses. - -Sat Apr 29 00:09:40 1995 Theodore Y. Ts'o <tytso@dcl> - - * srv_rcache.c (krb5_get_server_rcache): Fix fencepost error which - caused an access beyond the allocated memory of piece->data. - - * rd_priv.c (krb5_rd_priv_basic): Call krb5_free_priv_enc_part to free - the entire privenc_msg structure. - -Fri Apr 28 09:54:51 EDT 1995 Paul Park (pjpark@mit.edu) - - Move adm_rw.c from libkrb5 to libkadm. - -Fri Apr 28 08:36:03 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu> - - * init_ctx.c (krb5_free_context): Extra semicolon meant the etypes - field in the context was never being freed. - -Fri Apr 28 01:44:51 1995 Chris Provenzano (proven@mit.edu) - - * send_tgs.c (krb5_send_tgs()), gc_via_tkt.c (krb5_get_cred_via_tkt()): - Removed krb5_cksumtype argument. - -Thu Apr 27 21:36:01 1995 Chris Provenzano (proven@mit.edu) - - * auth_con.c (krb5_auth_con_getaddrs() and krb5_auth_con_getflags()): - Added for completeness. - * mk_req_ext.c (krb5_mk_req_extended()) : Don't send the - AP_OPTS_USE_SUBKEY option over the wire. - -Thu Apr 27 17:40:20 1995 Keith Vetter (keithv@fusion.com) - - * adm_rw.c, mk_cred.c, rd_cred.c: - malloc on the PC must be size SIZE_T not int32. - * adm_rw.c: krb5_free_adm_data second argument now a krb5_int32. - -Thu Apr 27 16:33:17 EDT 1995 Paul Park (pjpark@mit.edu) - - * mk_priv.c - Back out previous change which always put in - timestamp, regardless of DO_TIME setting and - instead, clear out the replaydata before calling - mk_priv_basic from mk_priv. - * mk_safe.c - Same replaydata fix. - -Thu Apr 26 15:59:51 EDT 1995 Paul Park (pjpark@mit.edu) - - * Add adm_rw.c - routines to read and write commands from/to the - administrative (kpasswd/kadmin) server. - -Wed Apr 27 11:30:00 1995 Keith Vetter (keithv@fusion.com) - - * init_ctx.c: krb5_init_context wasn't checking return values. - * mk_req.c: deleted unused local variable. - -Wed Apr 26 22:49:18 1995 Chris Provenzano (proven@mit.edu) - - * gc_via_tgt.c, and gc_2tgt.c : Removed. - * Makefile.in, gc_via_tkt.c, gc_frm_kdc.c, and, int-proto.h : - Replaced get_cred_via_tgt() and get_cred_via_2tgt() - with more general function get_cred_via_tkt(). - -Tue Apr 25 21:58:23 1995 Chris Provenzano (proven@mit.edu) - - * Makefile.in : Added gc_via_tkt.c and removed get_fcreds.c - * auth_con.c (krb5_auth_con_setaddrs()) : Fixed so it allocates - space and copies addresses, not just pointer. - * mk_cred.c: Completely rewritten from sources donated by asriniva. - * rd_cred.c: Completely rewritten from sources donated by asriniva. - * mk_priv.c (krb5_mk_priv()), mk_safe.c (krb5_mk_safe()), - rd_priv.c (krb5_rd_priv()), and rd_safe (krb5_rd_safe()) : - Try using a subkey before using the session key for encryption. - * recvauth.c (krb5_recvauth()): Don't close the rcache on success. - -Mon Apr 24 23:12:21 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in, configure.in (t_walk_rtree): Add WITH_NETLIBS and - $(LIBS), so that t_walk_rtree can compile under solaris. - -Mon Apr 24 17:09:36 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * parse.c (krb5_parse_name): Add magic number to new structure - - * get_creds.c: Fix comments describing operation - - * gc_frm_kdc.c: Fix comments describing operation - - * copy_cksum.c (krb5_copy_checksum): Fix comment in file - - * copy_addrs.c (krb5_append_addresses): ifdef out unused - krb5_append_addresses function. (no API or prototype - existed). - - * copy_data.c (krb5_copy_data): Initialize magic number - - * init_ctx.c (krb5_init_context): If an error is returned from - krb5_set_default_in_tkt_etypes or krb5_os_init_context, - pass to caller instead of stack garbage. - -Sat Apr 22 11:06:45 1995 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * Makefile.in: t_walk_rtree needs libcrypto - - * t_walk_rtree.c: error in checking for argument count - -Thu Apr 20 16:23:23 1995 Theodore Y. Ts'o (tytso@dcl) - - * copy_addrs.c, copy_athctr.c, copy_auth.c, copy_cksum.c, - copy_creds.c, copy_key.c, copy_princ.c, copy_tick.c, - gc_2tgt.c, gc_frm_kdc.c, gc_via_tgt.c, get_creds.c, - mk_req_ext.c: Unless HAVE_C_STRUCTURE_ASSIGNMENT is defined, use - memcpy to copy structures around, instead of using - structure assignments. (Which aren't guaranteed to work - on some broken compilers.) - - * mk_req.c (krb5_mk_req): Use krb5_sname_to_principal() in order - to create the service principal from the service and - hostname pair. This allows for the host cannoncialization - to work correctly. - - * mk_req_ext.c (krb5_mk_req_extended): Revamp checksum handling - code so that no checksum is performed in in_data is NULL, - and the special case handing of cksumtype == 0x8003 for - the GSSAPI library is handled correctly. - -Wed Apr 19 13:39:34 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * init_ctx.c: (krb5_init_context) initialize context default - realm. (krb5_free_context) free default realm. - -Fri Apr 14 15:05:51 1995 <tytso@rsx-11.mit.edu> - - * sendauth.c (krb5_sendauth): initialize error return parameter - - * copy_princ.c (krb5_copy_principal): Fix bug where - krb5_copy_principal can fail if it is asked to copy a - principal with a zero-length component on a system where - malloc(0) returns null. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - -Fri Mar 31 16:45:47 1995 Keith Vetter (keithv@fusion.com) - - * krb5_get_in_tkt: changed error return value for when clocks - are out of skew to be KRB5_KDCREP_SKEW. - -Fri Mar 31 00:44:26 1995 Theodore Y. Ts'o (tytso@dcl) - - * rd_req.c (krb5_rd_req): Fix typo which caused new_keytab to not - get freed, causing a memory leak. - -Thu Mar 30 15:49:27 1995 Keith Vetter (keithv@fusion.com) - - * rd_req.c: removed unused local variable. - -Tue Mar 28 18:34:20 1995 John Gilmore (gnu at toad.com) - - * rd_req_sim.c: Really remove the file. - -Mon Mar 27 08:34:49 1995 Chris Provenzano (proven@mit.edu) - - * Makefile.in: Removed rd_req_sim.c - - * auth_con.c: Default cksumtype is now CKSUMTYPE_RSA_MD4_DES. - - * auth_con.c: Added krb5_auth_con_setuseruserkey(), - krb5_auth_con_getkey(), - krb5_auth_con_getremotesubkey(), - krb5_auth_con_getauthenticator(), - krb5_auth_con_getremoteseqnumber(), - krb5_auth_con_initivector(). - - * auth_con.c: Fixed krb5_auth_con_getlocalsubkey() to check for - a valid local_subkey before calling krb5_copy_keyblock(). - - * auth_con.h: Fixed some comments. - - * mk_req_ext.c (krb5_mk_req_extended()): Always pass in a seed - (the keyblock contents) to krb5_calculate_checksum() - - * rd_rep.c (krb5_rd_rep()): Use appropriate key to decode reply. - - * rd_safe.c (krb5_rd_safe()): Don't pass checksum to - krb5_rd_safe_basic(), it's unnecessary. - - * compat_recv.c (krb5_compat_recvauth()): - * mk_rep.c (krb5_mk_rep()): - * rd_req.c (krb5_rd_req()): - * rd_req_dec.c (krb5_rd_req_decode()): - * recvauth.c (krb5_recvauth()): - Added a krb5_auth_context argument and eliminated many of - the other arguments because they are included in the - krb5_auth_context structure. - - -Tue Mar 21 19:22:51 1995 Keith Vetter (keithv@fusion.com) - - * mk_safe.c: fixed signed/unsigned mismatch. - * rd_safe.c: removed unused local variable currentime. - * mk_req_e.c: fixed signed/unsigned mismatch. - -Sat Mar 18 18:58:02 1995 John Gilmore (gnu at toad.com) - - * bld_pr_ext.c, bld_princ.c: Replace STDARG_PROTOTYPES with - HAVE_STDARG_H for consistency. - -Fri Mar 17 19:48:07 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (check-mac): Add. - * compat_recv.c, get_fcreds.c, recvauth.c: Eliminate Unix socket - #includes, which are now handled by k5-int.h (via k5-config.h). - * conv_princ.c: Rename variable "comp" to another name; "comp" - apparently bothers the MPW compiler... - * rd_cred.c: Avoid (void) casts of void functions, for MPW. - * t_walk_rtree.c: Put com_err.h after k5_int for <sys/types> stuff. - (main): Declare and initialize the krb5_context that's being - passed to everything. - -Fri Mar 10 10:58:59 1995 Chris Provenzano (proven@mit.edu) - - * auth_con.h auth_con.c Added for krb5_auth_con definition and - support routines. - - * mk_req.c (krb5_mk_req()) - * mk_req_ext.c (krb5_mk_req_extended()) - * rd_rep.c (krb5_rd_rep()) - * sendauth.c (krb5_sendauth()) - * mk_priv.c (krb5_mk_priv()) - * mk_safe.c (krb5_mk_safe()) - * rd_priv.c (krb5_rd_priv()) - * rd_safe.c (krb5_rd_safe()) - Added a krb5_auth_context argument and eliminated many of - the other arguments because they are included in the - krb5_auth_context structure. - - * send_tgs.c (krb5_send_tgs()) Eliminate call to krb5_mk_req_extended(), - which does far more than krb5_send_tgs() needs. - -Tue Mar 7 19:57:34 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: take out ISODE_INCLUDE. - -Tue Mar 7 13:20:06 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed library name on the pc. - * parse.c: disabled for the PC error messages to stderr. - * chk_trans.c: fixed signed/unsigned assignment. - -Thu Mar 2 11:45:00 1995 Keith Vetter (keithv@fusion.com) - - * compat_recv.c, get_fcre.c, recvauth.c, sendauth.c: changed - NEED_WINSOCK_H to NEED_SOCKETS. - -Wed Mar 1 20:15:00 1995 Keith Vetter (keithv@fusion.com) - - * compat_r.c, copy_pri.c, get_fcre.c, get_in_t.c, init_ctx.c, in_tkt_p.c - in_tkt_s.c, preauth.c, princ_co.c, pr_to_sa.c, rd_req_d.c, recvauth.c - sendauth.c, send_tgs.c, unparse.c: 16 vs 32 bit casts, removed some - unused local variables, and pulled in winsock.h for network byte - ordering. - -Tue Feb 28 01:14:57 1995 John Gilmore (gnu at toad.com) - - * *.c: Avoid <krb5/...> includes. - * parse.c: Exdent #ifndef to left margin for old compilers. - -Wed Feb 22 17:14:31 1995 Keith Vetter (keithv@fusion.com) - - * walk_rtr.c (krb5_walk_realm_tree): formal parameter wasn't declared. - * send_tgs.c: const in wrong place in the prototype. - * get_in_tkt.c, preauth.c, rd_cred.c, rd_priv.c, rd_req_dec.c, - rd_safe.c: needed a 32 bit abs() function. - * parse.c: removed call to fprintf on error the windows version - * send_auth.c: defined for windows the ECONNABORTED errno (will - be removed when the socket layer is fully implemented). - -Tue Feb 21 23:38:34 1995 Theodore Y. Ts'o (tytso@dcl) - - * mk_cred.c (krb5_mk_cred): Fix argument type to - krb5_free_cred_enc_part(). - -Mon Feb 13 20:25:20 1995 Theodore Y. Ts'o (tytso@dcl) - - * get_in_tkt.c (krb5_get_in_tkt): Fix memory leak --- the default - encryption types was not being freed. - -Fri Feb 10 15:45:59 1995 Theodore Y. Ts'o <tytso@dcl> - - * rd_req.c (krb5_rd_req): Remove ISODE cruft. - -Thu Feb 9 17:43:04 1995 Theodore Y. Ts'o <tytso@dcl> - - * gc_via_tgt.c (krb5_get_cred_via_tgt): Set up the keyblock's - etype field correctly (after copying the keyblock, so it - doesn't get overwritten!) - -Mon Feb 06 17:19:04 1995 Chris Provenzano (proven@mit.edu) - - * get_in_tkt.c (krb5_get_in_tkt()) - * in_tkt_sky.c (krb5_get_in_tkt_with_skey()) - * in_tkt_pwd.c (krb5_get_in_tkt_with_password()) - Removed krb5_keytype, changed krb5_enctype to krb5_enctype *, - changed krb5_preauthtype to krb5_preauthtype *. - - Changed the args to the key_proc arg of krb5_get_in_tkt() - to be the following (krb5_context, const krb5_keytype, - krb5_data *, krb5_const_pointer, krb5_keyblock **) - - * in_tkt_ktb.c (krb5_get_in_tkt_with_keytab()) Added this routine - to replace krb5_get_in_tkt_with_skey() in kinit. - - * Makefile.in Added new source file in_tkt_ktb.c. - -Fri Feb 3 16:41:19 1995 Mark Eichin (eichin@cygnus.com) - - * get_in_tkt.c (krb5_get_in_tkt): also check for the version - number of the reply being whatever we had in the first byte of the - request. - -Fri Feb 3 08:07:55 1995 Theodore Y. Ts'o (tytso@dcl) - - * compat_recv.c (krb_v4_recvauth): Use explicit 32 bit types so - this will work on an Alpha. - -Fri Feb 3 00:43:48 1995 Tom Yu (tlyu@dragons-lair) - - * get_in_tkt.c (krb5_get_in_tkt): fix typo - -Thu Feb 2 20:51:55 1995 Mark Eichin (eichin@cygnus.com) - - * get_in_tkt.c (krb5_get_in_tkt): if krb5_is_as_rep fails, check - if the packet might be a V4 error packet. Use modified V4 check so - that it compiles under SCO. - -Mon Jan 30 15:46:14 1995 Chris Provenzano (proven@mit.edu) - - * int-proto.h Update prototypes for krb5_get_cred_via_tgt(), and - krb5_get_cred_via_2tgt(). - - * get_fcreds.c (krb5_get_for_creds()) - * gc_via_tgt.c (krb5_get_cred_via_tgt()) - * gc_2tgt.c (krb5_get_cred_via_2tgt()) - Removed krb5_enctype argument. Pass NULL list of encryption - types to krb5_send_tgs to get default encryption types. - - * gc_frm_kdc.c Removed krb5_enctype argument passed to - krb5_get_cred_via_tgt() - - * send_tgs.c (krb5_send_tgs()) Changed krb5_enctype arg to - krb5_enctype *, a NULL terminated array of encryption - types. If argument is NULL then krb5_send_tgs() will - use defaul list of encryption types. - - * send_tgs.c (krb5_send_tgs()) To encrypt request ticket use - usecred->keyblock.etype instead of (and now defunct) - krb5_enctype arg. - - * init_ctx.c Added krb5_set_default_in_tkt_etypes() and - krb5_get_default_in_tkt_etypes(). - - * rd_req.c, rd_req_decode.c Removed typedef for rdreq_key_proc - and use krb5_rd_req_decoded in its place. - -Mon Jan 30 11:26:05 1995 Chris Provenzano (proven@mit.edu) - - * get_fcreds.c Really needs #include<krb5/asn1.h> for definition - of krb5_is_krb_error() - -Sat Jan 28 14:45:55 1995 Chris Provenzano (proven@mit.edu) - - * in_tkt_sky.c (skey_keyproc()), rd_req_dec.c (krb5_rd_req_decoded()) - use new API for krb5_kt_get_entry. - -Fri Jan 27 15:45:45 1995 Chris Provenzano (proven@mit.edu) - - * get_fcreds.c Removed #include<krb5/crc-32.h> and #include<krb5/asn1.h> - -Wed Jan 25 16:54:40 1995 Chris Provenzano (proven@mit.edu) - - * Removed all narrow types and references to wide.h and narrow.h - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Added krb5_context to all krb5_routines - -Mon Dec 19 21:55:44 1994 Theodore Y. Ts'o (tytso@dcl) - - * init_ctx.c: New file. Initializes and frees the krb5_context - structure. - -Wed Dec 7 17:52:08 1994 <tytso@localhost> - - * rd_req_dec.c (decrypt_authenticator): If the subkey doesn't - exist, don't try to set the subkey's etype. - -Wed Nov 30 17:10:39 1994 Theodore Y. Ts'o (tytso@dcl) - - * bld_princ.c (krb5_build_principal_va): Set the principal's type - and magic number. - - * Makefile.in: Build new test driver (t_walk_rtree) for - krb5_walk_realm_tree. - - * walk_realm_tree.c (krb5_walk_realm_tree): Fix bug which occured - when the client or the server is a subdomain of the other; - walk_realm_tree would return the wrong answer, and suffer - from memory access errors. - - * unparse.c (krb5_unparse_name_ext): Quote the '/' and '@' - characters properly. - - * configure.in: Add appropriate help text for the --with-krb4 - option. Remove ISODE_DEFS call, since ISODE_INCLUDES now - defines ISODE automatically. - -Mon Nov 21 15:30:07 1994 Theodore Y. Ts'o (tytso@dcl) - - * mk_req_ext.c (krb5_mk_req_extended): Sanitize how memory is - freed in both error and normal cases, to remove memory - leaks. - - * mk_req_ext.c (krb5_mk_req_extended): Use the encryption type - specified by the ticket to generate the authenticator. - - * encode_kdc.c (krb5_encode_kdc_rep): Now requires that the - caller pass in the encryption block to be used for - encrpyting the ticket. That way, this routine doesn't - need to create its own encryption block. - - * encrypt_tk.c (krb5_encrypt_tkt_part): Now requires that the - caller pass in the encryption block to be used for - encrpyting the ticket. That way, this routine doesn't - need to create its own encryption block. - -Fri Nov 18 17:30:44 1994 Theodore Y. Ts'o (tytso@dcl) - - * mk_req_ext.c (krb5_mk_req_extended): Encrypt the authenticator - using the same encryption system used to encrypt the ticket. - -Thu Nov 17 01:56:05 1994 Theodore Y. Ts'o (tytso@dcl) - - * gc_via_tgt.c (krb5_get_cred_via_tgt): - * gc_2tgt.c (krb5_get_cred_via_2tgt): Set the encryption type of - the session keyblock to be the type used to encrypt the - ticket. - -Fri Nov 11 01:20:22 1994 Theodore Y. Ts'o (tytso@dcl) - - * get_in_tkt.c (krb5_get_in_tkt): Set the encryption type of the - session keyblock to be the type used to encrypt the - ticket. - -Thu Nov 10 23:56:43 1994 Theodore Y. Ts'o (tytso@dcl) - - * rd_rep.c (krb5_rd_rep): Set the encryption type in - the subkey keyblock to be the encryption type used to - encrypt the rd_rep message. - - * decrypt_tk.c (krb5_decrypt_tkt_part): Set the encryption type in - the session keyblock to be the encryption type used to - encrypt the ticket. - - * rd_req_dec.c (decrypt_authenticator): Set the encryption type in - the subkey keyblock to be the encryption type used to - encrypt the authenticator. - -Tue Nov 8 17:09:48 1994 Theodore Y. Ts'o (tytso@dcl) - - * in_tkt_pwd.c (pwd_keyproc): Use the documented interface for - calling krb5_string_to_key(). - -Tue Oct 25 23:34:57 1994 Theodore Y. Ts'o (tytso@dcl) - - * srv_rcache.c (krb5_get_server_rcache): Added missing continue so - that we don't copy both the unprintable character as well - as the quoted version of it. - -Mon Oct 24 15:50:19 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: If KRB4 is defined, define KRB5_KRB4_COMPAT for - compat_recv.c. - -Thu Oct 13 17:26:28 1994 Theodore Y. Ts'o (tytso@maytag) - - * configure.in: Add ISODE_DEFS - -Tue Oct 4 16:29:19 1994 Theodore Y. Ts'o (tytso@dcl) - - * in_tkt_sky.c (skey_keyproc): - * in_tkt_pwd.c (pwd_keyproc): Add widen.h and narrow.h includes - around pwd_keyproc, so that the keyproc input arguments - are appropriately widened. - -Fri Sep 30 21:58:15 1994 Theodore Y. Ts'o (tytso@dcl) - - * preauth.c (preauth_systems): Add placeholder for magic number - -Thu Sep 29 15:31:10 1994 Theodore Y. Ts'o (tytso@dcl) - - * srv_rcache.c (krb5_get_server_rcache): cachename was not being - properly null-terminated. - - * get_in_tkt.c (krb5_get_in_tkt): Return KRB5_IN_TKT_REALM_MISATCH - if the client and server realms don't match. Return - KRB5_KDCREP_SKEW if the KDC reply has an unacceptible - clock skew (instead of KDCREP_MODIFIED.) - - * gc_via_tgt.c (krb5_get_cred_via_tgt): Use a distinct error code - for KDC skew separate from the standard KDCREP_MODIFIED - - * princ_comp.c (krb5_realm_compare): Added new function from - OpenVision. - -Wed Sep 21 17:57:35 1994 Theodore Y. Ts'o (tytso@dcl) - - * rd_req_dec.c (krb5_rd_req_decoded): Added Changes from Cybersafe - to do transited realm path checking. - - * chk_trans.c: Added donated module from CyberSafe. It checks to - see if a transited path is a legal one between two realms. - -Thu Sep 15 11:08:39 1994 Theodore Y. Ts'o (tytso@dcl) - - * rd_req_sim.c (krb5_rd_req_simple): Use krb5_rd_req instead of - krb5_rd_req_decoded, to eliminate some code duplication. - -Sat Aug 20 01:43:43 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * mk_req_ext.c (krb5_generate_authenticator): Fix pointer aliasing - problem between newkey and authent->subkey. - -Wed Aug 17 17:58:22 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * encode_kdc.c (krb5_encode_kdc_rep): Pass in to - encode_krb5_enc_kdc_rep_part the msg_type which should be used. - Old versions of Kerberos always assume TGS_REP; this merely allows - the right msg_type to be passed down to the encoding routines. - For now, the encoding routines will ignore this value and do - things the old way, for compatibility's sake. - -Mon Aug 8 22:38:16 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * preauth.c: Renamed preauthentication mechanism names to match - what bcn and I agreed upon. - -Tue Jun 28 19:35:07 1994 Tom Yu (tlyu at dragons-lair) - - * decode_kdc.c: folding in Harry's changes - * rd_req.c: ditto - * rd_req_sim.c: ditto - * configure.in: adding ISODE_DEFS - diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog deleted file mode 100644 index e3dea8f34..000000000 --- a/src/lib/krb5/os/ChangeLog +++ /dev/null @@ -1,3093 +0,0 @@ -2006-04-02 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-31 Ken Raeburn <raeburn@mit.edu> - - * dnsglue.c, dnsglue.h, dnssrv.c: Include autoconf.h. - -2006-03-08 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (module_locate_server): Don't set cbdata.lp at - initialization time. - -2006-03-07 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c: Include k5-locate.h instead of k5-plugin.h. - -2006-03-06 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFINES): New variable. - (t_locate_kdc.o): Depend on dnssrv.c and dnsglue.c too. - - * init_os_ctx.c (krb5_os_init_context): Initialize new fields. - (krb5_os_free_context): Close opened plugin files. - - * locate_kdc.c: Include k5-plugin.h. - (get_port): Deleted. - (grow_addrlist): Update for new fields in structure. - (krb5int_free_addrlist): Call the free function in the structure, - if the function pointer is non-null. - (add_addrinfo_to_list): Update for new fields. Shorten up debug - output. - (call_freeaddrinfo): New function. - (krb5int_add_host_to_list): Update for new fields. - (prof_locate_server, dns_locate_server): New functions, broken out - from krb5int_locate_server; use the new enum type for service - choice. - (objdir): New variable. - (struct module_callback_data): New struct. - (module_callback, module_locate_server): New functions. - (krb5int_locate_server): Use the above method-specific locator - functions. Change argument list to take enum and not multiple - strings and numbers. - (krb5_locate_kdc): Updated for new interface. - - * send524.c (krb5int_524_sendto_kdc): Update for new locate_server - interface. - * changepw.c (krb5_locate_kpasswd): Likewise. - (krb5_change_set_password): Update for new fields. - - * accessor.c (krb5int_accessor): Don't fill in locate_server - field. - - * t_locate_kdc.c: Include dnsglue.c and dnssrv.c. - (print_addrs): Update for new fields. - * t_std_conf.c (test_locate_kdc): Update for new fields. - - * sendto_kdc.c (krb5int_debug_fprint): No longer static. Print - more info. - (krb5int_print_addrlist): New function. - (merge_addrlists): Update for new fields. - (in_addrlist): New function. - (krb5_sendto_kdc): Use it. Update for new fields. - (krb5int_sendto): Update for new fields. Print more info when - debugging. - -2006-02-24 Jeffrey Altman <jaltman@mit.edu> - - * gmt_mktime.c, read_pwd.c: changes to support 64-bit builds - on Windows - -2005-11-14 Jeffrey Altman <jaltman@mit.edu> - - * toffset.c: (krb5_set_real_time, krb5_set_debugging_time, - krb5_get_time_offsets, krb5_set_time_offsets) - * timeofday.c:(krb5_timeofday) - * ustime.c: (krb5_us_timeofday) - - Change type of "seconds" parameter from krb5_int32 to krb5_timestamp - This does not alter the ABI on existing platforms but will provide - consistency when we need to consider changing krb5_timestamp to a - 64-bit value. - -2005-09-16 Tom Yu <tlyu@mit.edu> - - * dnsglue.c (USE_RES_NINIT): Fix braino: define to 1, not empty - string. - -2005-09-08 Tom Yu <tlyu@mit.edu> - - * dnsglue.c: Implement better logic for choosing whether to use - res_ninit(). If res_ndestroy() doesn't exist, assume that - res_ninit() is broken and use res_init(), res_search(), - etc. instead, on the theory that the OS vendor has made the older - interfaces thread-safe. - -2005-06-09 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (service_fds): Don't create a select_state on the - stack; take an additional argument pointing to it. - (krb5int_sendto): Don't create a select_state on the stack; - instead, allocate two on the heap, passing the second as the new - argument to service_fds. - -2005-04-22 Jeffrey Altman <jaltman@mit.edu> - - * init_os_ctx.c: use krb5_init_ctx and krb5_free_ctx - to initialize and cleanup the winsock stack. WSAStartup/ - WSACleanup are only supposed to increment/decrement a - reference counter if they have been previously called - within the application. - -2005-04-13 Ken Raeburn <raeburn@mit.edu> - - * accessor.c (NEED_SOCKETS): Don't define. - * c_ustime.c (NEED_SOCKETS): Don't define. - * changepw.c (NEED_SOCKETS): Don't define. - * dnsglue.h (NEED_SOCKETS): Don't define. - * full_ipadr.c (NEED_SOCKETS): Don't define. - * gen_rname.c (NEED_SOCKETS): Don't define. - * genaddrs.c (NEED_SOCKETS): Don't define. - * hostaddr.c (NEED_SOCKETS): Don't define. - * hst_realm.c (NEED_SOCKETS): Don't define. - * krbfileio.c (NEED_LOWLEVEL_IO): Don't define. - * localaddr.c (NEED_SOCKETS): Don't define. - * locate_kdc.c (NEED_SOCKETS): Don't define. - * mk_faddr.c (NEED_SOCKETS): Don't define. - * net_read.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define. - * net_write.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define. - * port2ip.c (NEED_SOCKETS): Don't define. - * read_msg.c (NEED_SOCKETS): Don't define. - * send524.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define. - * sendto_kdc.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define. - * sn2princ.c (NEED_SOCKETS): Don't define. - * write_msg.c (NEED_SOCKETS): Don't define. - -2005-03-25 Ken Raeburn <raeburn@mit.edu> - - * kuserok.c (krb5_kuserok): Use k5_getpwnam_r. - -2005-03-22 Tom Yu <tlyu@mit.edu> - - * dnsglue.h: Define ns_rr_class to ns_rr_cl if ns_rr_class doesn't - exist. - -2005-03-05 Jeffrey Altman <jaltman@mit.edu> - - * sn2princ.c (krb5_sname_to_principal): - conditionalize the use of reverse dns lookups. The default - is to use the existing behavior. rdns can be disabled by - specifying [libdefaults] rdns=false - -2005-01-12 Tom Yu <tlyu@mit.edu> - - * dnsglue.c (krb5int_dns_fini): Reorder to make more correct. - (krb5int_dns_init): Rework error handling. Call res_ndestroy() or - res_nclose() as appropriate to avoid leaking resources allocated - by res_ninit(). - -2005-01-03 Jeffrey Altman <jaltman@mit.edu> - - * thread_safe.c: (new file) krb5_is_thread_safe() - -2004-12-08 Ken Raeburn <raeburn@mit.edu> - - * accessor.c (krb5int_accessor): Set new field use_dns_kdc. - -2004-12-06 Tom Yu <tlyu@mit.edu> - - * locate_kdc.c (krb5_locate_srv_dns_1): Don't compile if - KRB5_DNS_LOOKUP is not defined. - -2004-11-19 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (krb5int_add_host_to_list): If debugging, log the - requested family and socket type. If AI_NUMERICSERV is defined, - set it in ai_flags. If getaddrinfo returns an error with - debugging enabled, log the error. - (krb5_locate_srv_conf_1): When logging an error from - add_host_to_list, include the corresponding error string. - - * t_locate_kdc.c: Include port-sockets.h, instead of sys/socket.h, - netdb.h, netinet/in.h, and arpa/inet.h. - * Makefile.in ($(OUTPRE)t_locate_kdc.exe): New target. - -2004-10-20 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c: Include stdarg.h. - (Tprintf): New function, prints to stderr or not depending on TEST - macro. - (add_addrinfo_to_list, krb5int_add_host_to_list, - krb5_locate_srv_conf_1, krb5_locate_srv_dns_1, - krb5int_locate_server): Call it instead of conditionally calling - fprintf. - -2004-10-19 Ken Raeburn <raeburn@mit.edu> - - * dnssrv.c (krb5int_make_srv_query_realm): Append a dot to the - hostname, if there's room in the buffer, to avoid domain search - paths. - -2004-10-19 Tom Yu <tlyu@mit.edu> - - * dnsglue.c (initparse): Skip query type and class when we lack - ns_initparse(). - (krb5int_dns_nextans) [!HAVE_NS_INITPARSE]: Pass correct pointer - to dn_skipname(). Actually skip the RR name. - -2004-10-18 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (TEST_PROGS): Add t_locate_kdc. - (check-unix): Run t_locate_kdc to test fetching DNS SRV records. - (EXTRADEPSRCS): Define. - -2004-10-06 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (foreach_localaddr): Be more careful not to walk - past the end of the ifreq array. - (get_ifreq_array): Return 0 in success case, not errno. - (print_addr): If getnameinfo returns EAI_SYSTEM, report what the - system error is. - - * localaddr.c (get_ifreq_array): Split out from foreach_localaddr - general version. - (foreach_localaddr): Call it. - -2004-10-05 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (foreach_localaddr) [HAVE_STRUCT_IF_LADDRCONF && 0]: - Fix if_laddrreq.iflr_name field name not properly adjusted. The - iflr_addr field is an HP-UX specific sockaddr_ext with sa_ field - name prefixes. - -2004-10-01 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (get_if_laddrconf, foreach_localaddr): New - implementation for HP-UX 11, based on Solaris support and - information from Doug Engert. Disabled for now, until it can be - tested. - -2004-09-30 Jeffrey Altman <jaltman@mit.edu> - - * hst_realm.c: provide definition for MAXDNAME if - KRB5_DNS_LOOKUP is not defined. - -2004-09-22 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (T_STD_CONF_OBJS): Include dnsglue.o. - -2004-09-21 Tom Yu <tlyu@mit.edu> - - * dnsglue.c: Conditionalize some stuff on ns_initparse() instead - of assuming that the presence of res_nsearch() means - ns_initparse() is available. - -2004-09-20 Tom Yu <tlyu@mit.edu> - - * Makefile.in (STLIBOBJS, OBJS, SRCS): Add dnsglue.c. - - * dnsglue.c: New file. Implement resolver glue layer to abstract - away the details of calling res_search or res_nsearch, and of - parsing the reply packet. - - * dnsglue.h: New file. - - * dnssrv.c (krb5int_make_srv_query_realm): Use dnsglue. Use - MAXDNAME from dnsglue.h or resolv.h instead of MAX_DNS_NAMELEN. - - * hst_realm.c (krb5_try_realm_txt_rr): Use dnsglue. Use MAXDNAME - from dnsglue.h or resolv.h instead of MAX_DNS_NAMELEN. - -2004-09-13 Tom Yu <tlyu@mit.edu> - - * dnssrv.c: - * hst_realm.c: - * locate_kdc.c: Include netinet/in.h as a prerequisite for - resolv.h. - -2004-08-27 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (start_connection) [DEBUG]: Log the local socket - address. - -2004-08-12 Alexandra Ellwood <lxs@mit.edu> - - * ccdefname.c (krb5_cc_set_default_name, krb5_cc_default_name): - Look up the default ccache name in krb5_cc_default_name, not - krb5_cc_set_default_name so that krb5_init_context doesn't - have to do work it might never use. - -2004-07-22 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (get_lifconf): Define only if "struct lifconf" is - available. - (foreach_localaddr): Use get_lifconf only if "struct lifconf" is - available. - -2004-07-16 Ken Raeburn <raeburn@mit.edu> - - * genaddrs.c, localaddr.c, lock_file.c, mk_faddr.c: Don't check - for macsock.h. - -2004-07-15 Alexandra Ellwood <lxs@mit.edu> - - * init_os_ctx.c (krb5_os_init_context, krb5_os_free_context) - ccdefname.c (krb5_cc_set_default_name): - Removed default_ccprincipal field from krb5_context - -2004-07-04 Ken Raeburn <raeburn@mit.edu> - - * dnssrv.c (krb5int_make_srv_query_realm) [HAVE_RES_NSEARCH]: Use - res_nsearch instead of res_search. - * hst_realm.c (krb5_try_realm_txt_rr) [HAVE_RES_NSEARCH]: - Likewise. - -2004-07-02 Ken Raeburn <raeburn@mit.edu> - - * an_to_ln.c: Include string.h. - -2004-06-22 Ken Raeburn <raeburn@mit.edu> - - * an_to_ln.c (db_an_to_ln): Don't test macintosh. - * krbfileio.c (krb5_sync_disk_file): Likewise. - * kuserok.c: Likewise. - * prompter.c: Likewise. - * promptusr.c: Likewise. - * read_pwd.c: Likewise. - -2004-06-15 Ken Raeburn <raeburn@mit.edu> - - * c_ustime.c: Include k5-thread.h. - (get_time_now): New function, holds system-dependent code. - (krb5int_us_time_mutex): New mutex. - (struct time_now): New type. - (last_time): New variable, replaces old last_tv, last_sec, - last_usec. - (krb5_crypto_us_timeofday): Rewrite. Do locking around access to - previously returned value, and ensure that we don't return - duplicate values. - * os-proto.h: Include k5-thread.h. - (krb5int_us_time_mutex): Declare. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * kuserok.c (krb5_kuserok): Handle draft POSIX versions of - getpwnam_r. - -2004-06-02 Tom Yu <tlyu@mit.edu> - - * an_to_ln.c (do_replacement): Patch from Bill Dodd to fix missing - braces in previous security patch. - -2004-06-01 Sam Hartman <hartmans@mit.edu> - - * an_to_ln.c (rule_an_to_ln): Fix buffer overflow when parsing - principal names into components. - (do_replacement): likewise - (aname_replacer): Support error return from do_replacement - -2004-05-07 Sam Hartman <hartmans@mit.edu> - - * an_to_ln.c: Patch from Matt Crawford to allow matching on - realms of cross-realm principals. - -2004-05-05 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c: Incorporate foreach_localaddr implementation. - Export it as krb5int_foreach_localaddr. Include foreachaddr.h, - not foreachaddr.c. - -2004-03-22 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (krb5int_sendto): Initialize select_state.end_time. - (get_so_error): New function. - (service_tcp_fd): Call it for write fds as well as exception fds. - -2004-03-18 Ezra Peisach <epeisach@mit.edu> - - * sendto_kdc.c (krb5_sendto_kdc): Change passing pointer to value of - use_master parameter to krb5_locate_kdc. - -2004-03-05 Ken Raeburn <raeburn@mit.edu> - - * lock_file.c (krb5_lock_file): Initialize flock data on entry, - but don't bother with a static version to copy from. - -2004-02-26 Jeffrey Altman <jaltman@mit.edu> - - * sendto_kdc.c, send524.c: - The use_master parameter of sendto_kdc is now an in/out - parameter used to report to the caller whether or not - the responding KDC was in fact the master. This is - necessary to allow callers to prevent making an unnecessary - additional call to query the master if the original - query did not explicitly state that the master should be - queried. - -2004-02-25 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (start_connection): Close socket if connect() call - fails for an unexpected reason. - -2004-02-13 Ken Raeburn <raeburn@mit.edu> - - * genaddrs.c: Don't specify defaults for - GET{PEER,SOCK}NAME_ARG{2,3}_TYPE macros. - -2004-02-09 Sam Hartman <hartmans@mit.edu> - - * changepw.c (krb5_locate_kpasswd): Run htons on the default port - -2003-12-22 Jeffrey Altman <jaltman@mit.edu> - - * dnssrv.c: wrap within #ifdef KRB5_DNS_LOOKUP to prevent references - to resolver functions when DNS support is not being compiled - -2003-12-19 Ken Raeburn <raeburn@mit.edu> - - * realm_iter.c (krb5_realm_iterator_create): Array NAMES is now - const. - - * prompter.c (catch_signals, restore_signals): Take pointer to old - signal handler info as new argument. - (osiginfo): New typedef. - (setup_tty, restore_tty): Take pointer to old signal handler info - and old termios settings as new arguments. - (krb5_prompter_posix): Pass the extra arguments, addresses of new - automatic variables. - (osigint, saveparm): Variables deleted. - - * Makefile.in (STLIBOBJS, OBJS, SRCS): Don't build promptusr.c. - - * sendto_kdc.c (default_debug_handler, put, putstr): Define only - if DEBUG is defined. - (DEBUG): Don't define. - (krb5int_sendtokdc_debug_handler): Initialize to null if DEBUG is - not defined. - -2003-12-18 Jeffrey Altman <jaltman@mit.edu> - - * accessor.c: Add new functions for use by gssapi - -2003-12-12 Tom Yu <tlyu@mit.edu> - - * an_to_ln.c (krb5_aname_to_localname): Don't write one byte past - the end of a string. Found by Christopher Nebergall. - -2003-10-27 Jeffrey Altman <jaltman@mit.edu> - - * sendto_kdc.c: sockets must be closed with closesocket() and - and not close() in order to ensure portability among different - operating systems. - -2003-08-21 Ken Raeburn <raeburn@mit.edu> - - * dnssrv.c: New file; split out DNS SRV RR query support... - * locate_kdc.c: ...from here. Always compile in the calls. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Add it. - -2003-07-25 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (krb5_locate_kdc): Always pass 0 to locate_server - as the get_masters argument. Instead, if get_masters is set, - look up "master_kdc" in the config file instead of "kdc". - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-07-09 Alexandra Ellwood <lxs@mit.edu> - - * toffset.c: Export krb5_set_real_time for Samba. - -2003-06-06 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (struct srv_dns_entry): Moved to k5-int.h. - (krb5int_make_srv_query_realm): Renamed from make_srv_query_realm. - (krb5int_free_srv_dns_data): New function. - (krb5_locate_srv_dns_1): Use it. - - * accessor.c (krb5int_accessor): Fill in make_srv_query_realm and - free_srv_dns_data fields. - -2003-06-05 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (make_srv_query_realm): Punt if strdup fails. - Always return what data we can, even if memory allocation or other - problems prevent us from returning more. - (krb5_locate_srv_dns_1): Always return what data we can. Fix - memory leak. Free up temporary storage as quickly as possible, - while building up address list to return. - -2003-06-03 Ken Raeburn <raeburn@mit.edu> - - * accessor.c (krb5int_accessor): Initialize restored locate_server - field. - - * locate_kdc.c (struct srv_dns_entry): Move to top level. - (make_srv_query_realm): Separate from krb5_locate_srv_dns_1; just - do query and return results. - (krb5_locate_srv_dns_1): Call it, and build addlist entries. - Check for one RR with a target of ".", and return an error. - (krb5_locate_srv_dns): Deleted. - - * t_locate_kdc.c (main): Call krb5_locate_srv_dns_1. - - * changepw.c (krb5_locate_kpasswd): Check specifically for certain - errors before using fallback heuristics. - -2003-06-03 Alexandra Ellwood <lxs@mit.edu> - - * init_os_ctx.c: Included header to get __KLAllowHomeDirectoryAccess(). - -2003-05-27 Ken Raeburn <raeburn@mit.edu> - - * send524.c (krb5int_524_sendto_kdc): Enable support on Windows - always. - -2003-05-24 Ken Raeburn <raeburn@mit.edu> - - * send524.c: New file, moved from krb524/sendmsg.c. Rename - function to have krb5int_ prefix. If KRB5_KRB4_COMPAT not - defined, return an error. - * accessor.c (krb5int_accessor): Update for deleted and added - fields. If KRB5_KRB4_COMPAT is not defined, just use null - pointers for the new fields. - -2003-05-06 Alexandra Ellwood <lxs@mit.edu> - - * init_os_ctx.c: Added support for KLL's __KLAllowHomeDirectoryAccess() - function so that krb4, krb5 and gssapi will not access the user's homedir - if the application forbids it. - -2003-04-28 Sam Hartman <hartmans@mit.edu> - - * changepw.c (krb5_change_set_password): Locate server in realm of - creds.server, not in realm of target principal because target - principal is null in the changepw case. - -2003-04-28 Ken Raeburn <raeburn@mit.edu> - - * init_os_ctx.c (krb5_os_init_context, krb5_os_free_context): - Don't allocate or free the os_context, since it's now a direct - member of the krb5_context, not separately allocated storage. - -2003-04-27 Sam Hartman <hartmans@mit.edu> - - * changepw.c (krb5_change_set_password): Call - krb5_setpw_result_code_string not krb5_setpw_result_code_string - -2003-04-24 Sam Hartman <hartmans@mit.edu> - - * changepw.c (krb5_change_set_password): return error from - auth_con_setaddrs not last socket errno if auth_con_setaddrs fails - -2003-04-15 Sam Hartman <hartmans@mit.edu> - - * changepw.c (krb5_change_set_password): Patches from Paul Nelson - to implement Microsoft set password protocol - (krb5_set_password_using_ccache): Use kadmin/changepw in target realm, not local realm and use a two-component principal - (krb5_change_set_password): Find the kpasswd server for the realm - of the target principal not the client - -2003-04-13 Ken Raeburn <raeburn@mit.edu> - - * read_pwd.c (krb5_read_password): Always free temporary storage - used for verification version of password. - -2003-03-06 Alexandra Ellwood <lxs@mit.edu> - - * c_ustime.c: Removed Mac OS 9 code. - - * ccdefname.c: Conditionalize on USE_CCAPI and not TARGET_OS_MAC - so Darwin builds work. - - * init_os_ctx.c: Modified to use DEFAULT_SECURE_PROFILE_PATH and - DEFAULT_PROFILE_PATH for KfM homedir-relative config files. - - * read_pwd.c: Cast to remove const warnings. - - * timeofday.c: Do the same thing on the Mac as on Unix. - -2003-03-04 Sam Hartman <hartmans@mit.edu> - - * sendto_kdc.c (service_tcp_fd): Don't call shutdown on end of write because some implementations cannot deal with half-closed TCP sockets. - -2003-02-08 Tom Yu <tlyu@mit.edu> - - * prompter.c (krb5_prompter_posix): Kill echo before printing - prompt to avoid possible race conditions in test suite. - -2003-02-06 Tom Yu <tlyu@mit.edu> - - * prompter.c (krb5_prompter_posix, setup_tty, restore_tty): Fix to - use the actual file descriptor we dup()'ed to in case tcsetattr() - doesn't actually change the underlying device modes and instead - only affects the specific file descriptor. - -2003-02-06 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (translate_ai_error): Handle EAI_ADDRFAMILY like - EAI_NONAME. - (krb5int_add_host_to_list): Translate errors returned from the - second getaddrinfo call. - -2003-02-04 Tom Yu <tlyu@mit.edu> - - * prompter.c (krb5_prompter_posix): Rewrite to no longer use - longjmp(), as well as to get a non-buffered stdio stream on stdin - to avoid passwords staying around in stdio buffers. This does - have the side effect of possibly losing pre-buffered input from an - application that reads from stdin using stdio functions prior to - calling the prompter, but hopefully those are rare. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (state_strings): Now const. - -2002-12-06 Tom Yu <tlyu@mit.edu> - - * accessor.c (krb5int_accessor): Add add_host_to_list. - - * changepw.c (krb5_locate_kpasswd): Update calls to - krb5_locate_kdc(). - - * locate_kdc.c (add_host_to_list): Renamed to - krb5int_add_host_to_list(), with macro to deal with existing - callers in this file. Now takes an argument to indicate protocol - family. Callers updated accordingly to also take protocol family - arguments. - - * os-proto.h: Update prototype of krb5_locate_kdc(). - - * sendto_kdc.c (krb5_sendto_kdc): Update calls to - krb5_locate_kdc(). - (krb5int_sendto): UDP reply length is in.pos-in.buf, not - in.bufsize. - - * t_locate_kdc.c (main): Update call to krb5_locate_kdc(). - - * t_std_conf.c (test_locate_kdc): Update call to krb5_locate_kdc(). - -2002-11-14 Tom Yu <tlyu@mit.edu> - - * changepw.c: Remove reference to adm_err.h. - -2002-11-12 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (t_locate_kdc): Use normal CC_LINK rule for linking - test program. - -2002-10-28 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (print_addr) [TEST]: Don't mix size_t and socklen_t, - just assume socklen macro will return a socklen_t value. Cast - buffer size to socklen_t in getnameinfo call. - -2002-10-22 Ezra Peisach <epeisach@bu.edu> - - * sendto_kdc.c (service_tcp_fd): If DEBUG defined, ensure that - initialization of variable not bypassed by goto. - -2002-10-15 Tom Yu <tlyu@mit.edu> - - * hst_realm.c (krb5_try_realm_txt_rr): Apply patch from Nalin - Dahyabhai to bounds-check return value from res_search(). - - * locate_kdc.c (krb5_locate_srv_dns_1): Apply patch from Nalin - Dahyabhai to bounds-check return value from res_search(). - -2002-10-11 Tom Yu <tlyu@mit.edu> - - * read_pwd.c (krb5_read_password): Restore name of size_return. - Set *size_return after successful call to krb5_prompter_posix, - since some callers were actually checking, e.g. kadm5. - -2002-10-10 Sam Hartman <hartmans@mit.edu> - - * read_pwd.c (krb5_read_password): Reimplement in terms of krb5_prompter_posix for unix - - -2002-09-26 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (krb5int_cm_call_select): Fix last change. - - -2002-09-19 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (krb5int_cm_call_select): If timeout value has - tv_sec==0, treat it as meaning "no timeout". - (krb5int_debug_fprint): Handle null timeval pointer. - -2002-09-18 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c: Include cm.h. - (struct select_state, SSF_READ, SSF_WRITE, SSF_EXCEPTION): Moved - to cm.h. - (DEBUG): Define. - (krb5int_debug_sendto_kdc): Initialize to zero. - (default_debug_handler, put, putstr): New functions. - (krb5int_sendtokdc_debug_handler): New variable. - (krb5int_debug_fprint): Don't write to stderr; instead, pass - strings to the debug output handlers above. - (struct incoming_krb5_message): Broken out from struct - conn_state. - (krb5int_cm_call_select): Renamed from call_select; callers - updated. Now extern. Display max fd number in debugging call, - not nfds. - -2002-09-17 Sam Hartman <hartmans@mit.edu> - - * genaddrs.c (krb5_auth_con_genaddrs): Return errno if getpeername fails - -2002-09-14 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (service_fds): Fix bug in last change. - (krb5int_debug_fprint): Use 'out' consistently, minimize explicit - references to stderr. Flush output before returning. - (dperror) [_WIN32]: Shorten message. - (start_connection, service_tcp_fd, service_fds, krb5int_sendto): - Use dprint instead of dfprintf. - -2002-09-13 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (struct conn_state): Add new function pointer field - 'service' for the fd service routine. - (setup_connection): Initialize it. - (service_fd): Deleted. - (service_fds): Incorporate debug output from service_fd. Call - service routine indicated in connection info. Decrement select fd - count for each flag set for a file descriptor. Ensure that the - index into the conns array doesn't run off the end. - (krb5int_debug_fprint): Fetch correct type for %E. - -2002-09-11 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (get_port): Skip service name lookup, just use the - supplied numbers. - (add_host_to_list): If a second port number is supplied, look up - AF_INET addresses only, and only for SOCK_DGRAM type entries. - Ignore errors in the second address lookup. - (krb5_locate_srv_conf_1) [TEST]: More debugging code. - - * t_locate_kdc.c (main): Add new argument -m for looking up master - KDC addresses. - - -2002-09-03 Ken Raeburn <raeburn@mit.edu> - - * accessor.c, an_to_ln.c, c_ustime.c, ccdefname.c, changepw.c, - def_realm.c, free_hstrl.c, free_krbhs.c, full_ipadr.c, gen_port.c, - gen_rname.c, genaddrs.c, get_krbhst.c, gmt_mktime.c, hostaddr.c, - hst_realm.c, init_os_ctx.c, krbfileio.c, ktdefname.c, kuserok.c, - localaddr.c, locate_kdc.c, lock_file.c, mk_faddr.c, net_read.c, - net_write.c, port2ip.c, prompter.c, promptusr.c, read_msg.c, - read_pwd.c, realm_dom.c, realm_iter.c, sendto_kdc.c, sn2princ.c, - t_an_to_ln.c, t_gifconf.c, t_locate_kdc.c, t_realm_iter.c, - t_std_conf.c, timeofday.c, toffset.c, unlck_file.c, ustime.c, - write_msg.c: Use prototype-style function definitions. - - * c_ustime.c, timeofday.c: Don't declare errno. - * hst_realm.c (krb5_try_realm_txt_rr), locate_kdc.c - (krb5_locate_srv_dns_1): Avoid variable name "class". - * sendto_kdc.c (enum conn_states): Define separately from - conn_state 'state' field declaration. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (merge_addrlists): Truncate source address list - after copying its data into the destination list. - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-22 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (krb5int_grow_addrlist): Renamed from grow_list, - now external. - (grow_list): New macro. - (krb5_locate_kdc): Don't look up kerberos-sec for TCP service. - - * sendto_kdc.c (MAX_PASS, dprint): New macros. - (krb5int_debug_fprint, merge_addrlists): New function. - (krb5int_debug_sendto_kdc): New variable. - (krb5_sendto_kdc): Use dprint. Call krb5int_locate_kdc in two - places, with socket type selection done separately. - (debug_log_connect): Function deleted; use dprint instead. - (dperror): Use dprint. - (print_fdsets): Function deleted; use dprint instead. - (struct conn_state): Use struct instead of union so incoming and - outgoing buffer pointers can co-exist. Add INITIALIZING state. - (state_strings): Add INITIALIZING. - (krb5int_sendto_udp, krb5int_sendto_tcp): Functions integrated - into krb5int_sendto. - (call_select): Use dprint. - (setup_connection): New function, handles data structure - initialization. - (start_connection): Renamed from start_tcp_connection. Don't do - data structure initialization, just start connection, and transmit - UDP datagrams. Use dprint. - (maybe_send): Create socket for "INITIALIZING" connections; - transmit datagrams. - (kill_conn): New function split out from service_tcp_fd. - (SSF_READ, SSF_WRITE, SSF_EXCEPTION): New macros. - (service_tcp_fd): Accept a flag word rather than separate int - arguments for read, write, exception. Use dprint. - (service_udp_fd): New function. - (service_fd): New function, calls one of the above two. - (service_fds): Call it. Use a flag word instead of separate r/w/x - values. - * accessor.c (krb5int_accessor): Use krb5int_sendto instead of - krb5int_sendto_udp. - -2002-08-15 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (DEFAULT_UDP_PREF_LIMIT, HARD_UDP_LIMIT): New - macros. - (debug_log_connect): Look up "udp_preference_limit" in libdefaults - part of profile; try TCP before UDP if the packet size is larger - than specified. Don't try UDP at all if the packet is over about - 32K. - -2002-07-23 Ezra Peisach <epeisach@bu.edu> - - * localaddr.c (get_localaddrs): Add prototype before being used - for static function. - -2002-07-09 Ken Raeburn <raeburn@mit.edu> - - * sn2princ.c: Include fake-addrinfo.h. - (krb5_sname_to_principal): Use getaddrinfo and getnameinfo instead - of gethostbyname and gethostbyaddr. - - * hst_realm.c (krb5_get_host_realm): Return KRB5_ERR_NUMERIC_REALM - if the hostname is a numeric-address form. - -2002-07-08 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (get_localaddrs): Split out main body of - krb5_os_localaddr, add an argument to indicate whether addresses - listed in the profile should be included. - (krb5_os_localaddr): Call it. - (krb5int_local_addresses): Call get_localaddrs but skip - profile-listed addresses. - - * sendto_kdc.c (krb5int_sendto_udp): Accept new args for optional - location to store local address used to contact server. - (krb5_sendto_kdc): Update call to pass 0. - -2002-07-05 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c (service_tcp_fd): sockerrlen should have type - socklen_t. - -2002-07-03 Alexandra Ellwood <lxs@mit.edu> - - * init_os_ctx.c: krb4 needs to get the os config files so it can use - the profile too. Define these functions on Mac OS X now. - - * init_os_ctx.c: Removed use of FSSpecs because these cause serious - performance problems on Mac OS X. We now search paths the same way - the rest of the Unix platforms do. - - [pullups from 1-2-2-branch] - -2002-06-22 Tom Yu <tlyu@mit.edu> - - * c_ustime.c: Remove various things missed in 1-2-2-branch MacOS - microseconds timer removal. - -2001-06-22 Miro Jurisic <meeroh@mit.edu> - - * c_ustime.c: punted the accurate microseconds timing code because it - wasn't so accurate after all. - [pullup from 1-2-2-branch] - -2002-06-22 Alexandra Ellwood <lxs@mit.edu> - - * init_os_ctx.c: Add CoreServices.h before k5-int.h so we don't get - multiple definitions for FSSpec. Also removed an unused variable in - Mac OS X code and added casts for Mac OS X code so FSSpecs are cast - to profile file types (code deals properly on the other side) - - * timeofday.c: Added casts to remove warnings - - * ccdefname.c, init_os_ctx.c, timeofday.c: Updated Mac OS X - headers to new framework layout and updated Mac OS macros - - * read_pwd.c: Removed #defines for Mac OS X (__MACH__) because we - now export krb5_read_password on Mac OS X - - [pullups from 1-2-2-branch] - -2002-06-19 Ken Raeburn <raeburn@mit.edu> - - * init_os_ctx.c: Don't include sys/ioctl.h or sys/filio.h. - (krb5_os_init_context): Drop /dev/[u]random support, the Yarrow - code will deal with that now. - -2002-06-18 Danilo Almeida <dalmeida@mit.edu> - - * toffset.c (krb5_get_time_offsets), an_to_ln.c - (krb5_aname_to_localname): Make KRB5_CALLCONV. - [pullup from 1-2-2-branch] - -2002-06-18 Ken Raeburn <raeburn@mit.edu> - - * changepw.c (ECONNABORTED, ECONNREFUSED, EHOSTUNREACH, - ETIMEDOUT): Don't define here now that they're defined in - port-sockets.h. - * read_msg.c (ECONNABORTED): Ditto. - - * sendto_kdc.c: Include sys/timeb.h on Windows. - (ENABLE_TCP): Macro deleted, always enable code. - (krb5_sendto_kdc): Don't try UDP if outgoing message is 1500 - bytes or larger. Print info on arguments if DEBUG defined. - (bogus_strerror) [_WIN32 && DEBUG]: New function. - (dperror, dfprintf): New macros. - (krb5int_sendto_udp): Use SOCKET_ERRNO where appropriate. Log - more info if DEBUG defined; use dperror and dfprintf. - (struct conn_state): Use new scatter-gather definitions from - port-sockets.h. Don't try to reuse data structures for both - input and output. - (struct select_state): Add exception fd set. - (print_fdsets) [DEBUG]: Print exception fd set; callers changed. - (getcurtime): New function. - (call_select): Call it. Pass exception fd set to select. - (make_nonblocking, iov_advance): Deleted. - (start_tcp_connection): Expand non-blocking setting inline; set - linger period to zero. Use new scatter-gather framework. Log - more info if DEBUG defined. - (service_tcp_fd): New argument indicates exception; handle - exception fd set. Print more info if DEBUG. Use SOCKET_* - macros, scatter-gather support, SHUTDOWN_* macros. Adjust for - new conn_state definitions. - (krb5int_sendto_tcp): Set up exception fd set. Adjust for new - conn_state definitions. Use new scatter-gather support. - -2002-06-11 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c: Include sys/ioctl.h and sys/filio.h only if - ENABLE_TCP is set and _WIN32 is not defined. - -2002-06-10 Ken Raeburn <raeburn@mit.edu> - - * sendto_kdc.c: Include sys/ioctl.h and sys/filio.h if - available. Define ENABLE_TCP as 0 on Windows, 1 otherwise. - (debug_log_connect): New function. - (dperror, dfprintf): New macros. - (krb5int_sendto_udp): Use dperror, dfprintf, and - debug_log_connect. - (state_strings): New variable. - (struct conn_state, struct select_state): New types. - (print_fdsets, call_select, make_nonblocking, - start_tcp_connection, iov_advance, service_tcp_fd, service_fds, - krb5int_sendto_tcp): New functions. - (krb5_sendto_kdc): New argument TCP_ONLY. Try UDP first unless - told otherwise, then try TCP. - - * t_std_conf.c: Include fake-addrinfo.h. - (test_locate_kdc): Update arg list to locate_kdc. Print IPv6 as - well as IPv4 addresses. - - * t_locate_kdc.c (main): Free storage allocated by library before - exiting. - -2002-06-04 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (krb5_locate_srv_conf_1): New argument socktype - indicates what type of addrinfo entries to add. - (krb5int_locate_server): Change argument is_stream to socktype. - Pass the value to krb5_locate_srv_conf_1. - (krb5_locate_kdc): New argument socktype. - * sendto_kdc.c (krb5int_sendto_udp): New function, containing most - of the network code from krb5_sendto_kdc. - (krb5_sendto_kdc): Call it. - * accessor.c (krb5int_accessor): Set new sendto_udp field. - * os-proto.h (krb5_locate_kdc): Update prototype. Add forward - declaration for struct addrlist. - * t_locate_kdc.c (main): Update call to krb5_locate_kdc. - - * locate_kdc.c: Include fake-addrinfo.h before k5-int.h. - (grow_list, krb5int_free_addrlist) - (add_addrinfo_to_list): Incorporate list-updating code from - add_sockaddr_to_list. Store an addrinfo pointer, and set the - ai_next field to null. - (add_host_to_list): New arg SOCKTYPE. Write port numbers into - buffers and let getaddrinfo fill in the sin*_port fields. Call - getaddrinfo twice, and use two loops to add entries to the - addrlist structure. - (add_sockaddr_to_list, set_port_num): Deleted. - (krb5_locate_srv_conf_1, krb5_locate_srv_dns_1): Pass extra arg - to add_host_to_list. - (krb5int_locate_server): New value 2 for is_stream arg means - accept both UDP and TCP. - * changepw.c: Include fake-addrinfo.h. - (krb5_locate_passwd, krb5_change_password): Update for addrlist - changes. - * sendto_kdc.c: Include fake-addrinfo.h. - (krb5_sendto_kdc): Update for addrlist changes. Skip any - addresses that are not SOCK_DGRAM. - * t_locate_kdc.c (stypename): New function. - (print_addrs): Update for addrlist changes. Print socket type - with address and port. - -2002-04-12 Ken Raeburn <raeburn@mit.edu> - - * lock_file.c (krb5_lock_file) [POSIX_FILE_LOCKS]: Make static - "zero" variable const. - - * prompter.c (krb5_prompter_posix): Initialize 'i' and make it - volatile. - - * locate_kdc.c (add_addrinfo_to_list) [TEST]: Print out socket - type before returning. - (add_host_to_list): Don't need to initialize err. Supply - getaddrinfo hint to select datagram addresses only. Delete AIX - bug workaround code. - -2002-04-10 Danilo Almeida <dalmeida@mit.edu> - - * locate_kdc.c (translate_ai_error), hst_realm.c - (krb5int_translate_gai_error): Test some EAI_ error definitions - so that we will also build correctly on Win32 (Winsock 2). - -2002-03-26 Ken Raeburn <raeburn@mit.edu> - - * hostaddr.c (FAI_PREFIX): Delete. - * hst_realm.c (FAI_PREFIX): Delete. - * localaddr.c [TEST || DEBUG]: Include fake-addrinfo.h, not - fake-addrinfo.c. - (FAI_PREFIX) [TEST || DEBUG]: Delete. - * locate_kdc.c: Include fake-addrinfo.h, not fake-addrinfo.c. - (FAI_PREFIX): Delete. - -2002-02-20 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c: Include foreachaddr.c. - (printaddr, printifaddr, addr_eq, grow_or_free, get_ifconf, - get_lifconf, get_linux_ipv6_addrs, foreach_localaddr): Deleted. - * Makefile.in (localaddr.o): Update dependencies. - -2002-02-10 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (LINUX_IPV6_HACK) [__linux__&& KRB5_USE_INET6]: - Define macro. - (get_linux_ipv6_addrs) [LINUX_IPV6_HACK]: New function, reads - addresses from /proc/net/if_inet6. - (foreach_localaddr) [!HAVE_IFADDRS_H && !SIOCGLIFNUM && - LINUX_IPV6_HACK]: Include ipv6 addresses. - -2002-01-09 Ken Raeburn <raeburn@mit.edu> - - * hst_realm.c (EAFNOSUPPORT): On Windows, translate to - WSAEAFNOSUPPORT. - -2002-01-08 Ken Raeburn <raeburn@mit.edu> - - * hst_realm.c (krb5int_get_fq_hostname): New function. Use - getaddrinfo instead of gethostbyname. - (krb5int_get_fq_local_hostname): New function. - (krb5_get_host_realm): Call it. - * def_realm.c (krb5_get_default_realm): Call it. - - * Makefile.in (t_localaddr): Link against $(LIBS). - -2001-12-05 Ezra Peisach <epeisach@mit.edu> - - * sendto_kdc.c (krb5_sendto_kdc): Get rid of unecessary casts. - -2001-10-24 Sam Hartman <hartmans@mit.edu> - - * accessor.c (krb5int_accessor): Add fields for struct version 4 - -2001-10-17 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (add_host_to_list): If sa_len field exists and is - zero, try to fill it in. Another AIX 4.3.3 bug workaround. - - * sendto_kdc.c (krb5_sendto_kdc) [DEBUG]: More fprintf calls for - tracing through. - -2001-10-10 Ezra Peisach <epeisach@mit.edu> - - * localaddr.c (krb5_os_localaddr_profile): Cast argument to - isspace() to int. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * os-proto.h: Make prototypes unconditional. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * an_to_ln.c, c_ustime.c, ccdefname.c, init_os_ctx.c, ktdefname.c, - kuserok.c, localaddr.c, lock_file.c, prompter.c, promptusr.c, - read_pwd.c: Drop _MSDOS support. - - * ccdefname.c, def_realm.c, free_hstrl.c, hst_realm.c, - ktdefname.c, localaddr.c, mk_faddr.c, read_pwd.c, sn2princ.c, - timeofday.c, ustime.c: Don't explicitly declare pointers FAR any - more. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * accessor.c, ccdefname.c, changepw.c, def_realm.c, free_hstrl.c, - genaddrs.c, hst_realm.c, init_os_ctx.c, ktdefname.c, localaddr.c, - prompter.c, realm_dom.c, realm_iter.c, sn2princ.c, timeofday.c, - ustime.c: Don't use KRB5_DLLIMP. - -2001-09-29 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (add_host_to_list): If address family in sockaddr - structure is zero, copy it in from the addrinfo structure. Bug - workaround for AIX 4.3.3. - -2001-09-28 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c: Retrieve IPv6 addresses on Solaris 8. - (get_lifconf) [SIOCGLIFCONF]: New function. - (foreach_localaddr) [SIOCFLIGNUM]: New section, using new lifconf - and lifreq structures and related ioctls. - (Tprintf, Tperror): New macros. Print stuff if TEST is defined, - otherwise be silent but cause same evaluations to happen. - - * localaddr.c (TEST || DEBUG): Include fake-addrinfo.c, not - fake-addrinfo.h. - -2001-08-31 Ken Raeburn <raeburn@mit.edu> - - * hostaddr.c (krb5_os_hostaddr): Don't use AI_DEFAULT. - - * genaddrs.c (struct addrpair): New type. - (cvtaddr): New function. Fills in krb5_address structures - referencing port and address parts of a sockaddr. Converts - IPv4-mapped IPv6 addresses to plain IPv4 addresses. - (krb5_auth_con_genaddrs): Use sockaddr_storage for addresses. Use - addrpairs to pass to cvtaddr, then set up pointers to the elements - as needed. - -2001-08-30 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c: Include fake-addrinfo.c instead of - fake-addrinfo.h. - (FAI_IMPLEMENTATION): Deleted. - -2001-08-01 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c: Include ctype.h. - [TEST || DEBUG]: Defined FAI_PREFIX and include fake-addrinfo.h. - (foreach_localaddr) [TEST]: Change whitespace in some debug - messages. - (print_addr) [TEST]: Delete non-getnameinfo version of code. - Change some messages. - (struct localaddr_data): New field CUR_SIZE. - (allocate): Grow existing storage, if already allocated. - (krb5_os_localaddr_profile): New function. Looks up - "extra_addresses" in "libdefaults" section, separates on - whitespace, looks up addresses, adds them to the list. - (krb5_os_localaddr): Call krb5_os_localaddr_profile first; ignore - any errors it reports. - (krb5_os_localaddr) [DEBUG]: More debugging code. - - * hostaddr.c (krb5_os_hostaddr): Only retry non-numeric lookup - after numeric lookup if AI_NUMERICHOST is nonzero. - -2001-07-31 Ezra Peisach <epeisach@mit.edu> - - * genaddrs.c: Use GETPEERNAME_ARG2_TYPE, GETPEERNAME_ARG3_TYPE - instead of assuming types. - - * changepw.c: Use GETSOCKNAME_ARG3_TYPE instead of int in casts. - -2001-07-26 Ezra Peisach <epeisach@mit.edu> - - * gen_port.c (krb5_gen_portaddr): Add const to cast of - krb5_const_pointer to maintain const status. - -2001-07-24 Ezra Peisach <epeisach@mit.edu> - - * sn2princ.c: Do not cast away const char * in call to strdup. - -2001-07-24 Jeffrey Altman <jaltman@columbia.edu> - - * def_realm.c: - krb5_get_default_realm() required a profile file - even when KRB5_DNS_LOOKUP was defined. - -2001-07-19 Ken Raeburn <raeburn@mit.edu> - - * hostaddr.c: Include fake-addrinfo.h. - (FAI_PREFIX): Define macro. - (krb5_os_hostaddr): Use getaddrinfo, to get ipv6 support and - thread safety. Support numeric addresses as well. - - * t_locate_kdc.c: New file. - * Makefile.in (t_locate_kdc.o, t_locate_kdc): New targets. - - * locate_kdc.c: Include fake-addrinfo.h. - (FAI_PREFIX, FAI_IMPLEMENTATION): Define macros. - (get_port, add_sockaddr_to_list, add_host_to_list): Drop - gethostbyname/getservbyname support, always use getnameinfo, which - should be thread-safe. - (translate_ai_error, set_port_num): Now always defined. - (set_port_num): Only check for AF_INET6 if KRB5_USE_INET6. - -2001-07-06 Ezra Peisach <epeisach@mit.edu> - - * sn2princ.c (krb5_sname_to_principal): Cast tolower argument to int. - - * hst_realm.c (krb5_get_host_realm): Cast argument to toupper and - tolower to int. - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * t_std_conf.c (test_locate_kdc): Get rid of unused variable. - -2001-06-20 Ezra Peisach <epeisach@mit.edu> - - * t_std_conf.c (test_locate_kdc): Update to new krb5_locate_kdc - interface. - -2001-06-19 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (struct addrlist, ADDRLIST_INIT): Moved to - k5-int.h. - (krb5int_free_addrlist): Renamed from free_list; no longer - static. - (krb5_locate_srv_conf, krb5_locate_srv_dns, krb5int_locate_server, - krb5_locate_kdc): Use addrlist in interface. - - * sendto_kdc.c (krb5_sendto_kdc): Use new struct addrlist - interface. - - * changepw.c (krb5_locate_kpasswd): Use addrlist structure in - interface and implementation. - (krb5_change_password): Likewise. - - * accessor.c (krb5int_accessor): Fill in free_addrlist function - pointer field. - - * os-proto.h (krb5_locate_kdc): Update prototype. - -2001-06-12 Ezra Peisach <epeisach@mit.edu> - - * sn2princ.c, hst_realm.c, an_to_ln.c: Cast argument to - isupper()/isspace()/islower() to int. - - * t_std_conf.c (test_locate_kdc): krb5_locate_kdc expects a struct - sockaddr *** as a third argument instead of sockaddr **. - -2001-06-07 Ezra Peisach <epeisach@mit.edu> - - * ktdefname.c (krb5_kt_default_name): Get rid of a variable that - was set in a conditional but never used. - -2001-05-08 Danilo Almeida <dalmeida@mit.edu> - - * locate_kdc.c (add_host_to_list): Initialize stack variable err - which would otherwise get returned without being set in certain - circumstances. - -2001-05-07 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (add_sockaddr_to_list) [TEST]: If getnameinfo is - available, use it instead of inet_ntoa to get the printable - address. - (add_host_to_list): Share declaration sections as much as - possible. Propagate errors back correctly from gethostbyname - path. - -2001-04-26 Ken Raeburn <raeburn@mit.edu> - - * hst_realm.c (T_TXT): Define if not defined by header files. - - * locate_kdc.c (krb5int_locate_server): New function, replaces - functionality of krb5_locate_srv_conf and _dns, including checking - whether DNS lookup is desired. - (krb5_locate_srv_conf, krb5_locate_srv_dns): Define only if macro - TEST is defined. Added another level of indirection in the - address pointer argument. - (krb5_locate_srv_dns_1, krb5_locate_srv_conf_1, - translate_ai_error, get_port, struct addrlist, ADDRLIST_INIT, - grow_list, free_list, add_sockaddr_to_list, add_addrinfo_to_list, - set_port_num, add_host_to_list): New helper functions. - (krb5_locate_kdc): Added another level of indirection in the - address pointer argument. Call krb5int_locate_server. - (KPASSWD_PORTNAME): Deleted. - - * os-proto.h (krb5_locate_kdc): Updated prototype. - - * sendto_kdc.c (krb5_sendto_kdc): Updates for change in - krb5_locate_kdc interface. - - * changepw.c (krb5_locate_kpasswd): Call krb5int_locate_server. - Add another level of indirection in address pointer. Now gives - preference to _kpasswd info from DNS over admin_server info in - config file, if kpasswd_server is not set. - (krb5_change_password): Use struct sockaddr_storage for all - automatic address variables. Ignore any non-IPv4 addresses - returned from krb5_locate_kpasswd; return an error if all - addresses are non-IPv4. Update for new krb5_locate_kpasswd - interface. - - * accessor.c (krb5int_accessor): Set krb5_locate_server field. - -2001-04-25 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (socklen_t, socklen): Deleted; definitions now in - k5-int.h instead. - (foreach_localaddr): Use SIOCGIFNUM if it's available and - SIOCGSIZIFCONF is not (e.g., Solaris 7 and 8). - (print_addr) [!HAVE_GETNAMEINFO]: Only declare variable buf if - AF_INET6 is defined. - -2001-03-31 Ken Raeburn <raeburn@mit.edu> - - * t_gifconf.c: New file. - -2001-03-10 Ezra Peisach <epeisach@mit.edu> - - * def_realm.c: Move prototype for krb5_try_realm_txt_rr() to - os-proto.h. - - * init_os_ctx.c: Include os-proto.h - - * changepw.c, locate_kdc.c: Do not shadow sin() with local - variable name. - - * os-proto.h: Add prototypes for krb5_try_realm_txt_rr() and the - obsolete krb5_secure_config_files(). - -2001-03-05 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (krb5_os_localaddr): Don't look for -1 return value - from foreach_localaddr. - (print_addr): Only process AF_INET6 addresses if AF_INET6 is - defined. - - * gmt_mktime.c (gmt_mktime): Handle years earlier than 1970. - (main) [TEST_LEAP]: New routine, driver for testing. - * Makefile.in (t_mktime): New target. - -2001-03-05 Sam Hartman <hartmans@mit.edu> - - * kuserok.c: Set max_username to 65 not 10. 65 should be enough - for a null terminated string from most current Unixes usernames. - The previous limit of 10 was too low. I don't know how the - previous limit was chosen nor why this is not a dynamic buffer. - -2001-03-05 Tom Yu <tlyu@mit.edu> - - * init_os_ctx.c: Get sys/ioctl.h for Solaris to get FIONBIO. - -2001-03-03 Ken Raeburn <raeburn@mit.edu> - - * init_os_ctx.c: If not Mac or Windows, define USE_RANDOM_DEVICE - and include sys/ioctl.h. - (krb5_os_init_context) [USE_RANDOM_DEVICE]: Read some bytes from - /dev/urandom or /dev/random and use them to re-seed the PRNG. - -2001-02-05 Tom Yu <tlyu@mit.edu> - - * prompter.c (krb5_prompter_posix): Fix up terminal modes if we're - interrupted. [reported by Booker Bense] - -2000-12-18 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LCLINT, LCLINTOPTS): New variables. - (lclint-localaddr): New target. - - * localaddr.c (grow_or_free, get_ifconf, make_addr): Split out - from foreach_localaddr and friends for simpler lclint analysis. - (socklen): New function. - (print_addr): Use getnameinfo if available. - (struct localaddr_data, count_addrs, allocate, add_addr, - make_addr): Define only if not testing. - (foreach_addr): Call new functions. Annotate for lclint. - -2000-10-17 Ezra Peisach <epeisach@mit.edu> - - * changepw.c: Cast length argument to recvfrom/sendto to int. - - * os-proto.h: Moved extern definition of krb5_max_dgram_size, - krb5_max_skdc_timeout, krb5_skdc_timeout_shift, - krb5_skdc_timeout_1 here. - - * accessor.c: Definition for krb5_max_dgram_size, - krb5_max_skdc_timeout, krb5_skdc_timeout_shift, - krb5_skdc_timeout_1 moved to os-proto.h - - * osconfig.c: Changed definition for krb5_max_dgram_size, - krb5_max_skdc_timeout, krb5_skdc_timeout_shift, - krb5_skdc_timeout_1 to unsigned int. - - * get_krbhst.c, init_os_context.c, locate_kdc.c, prompter.c: - Unsigned/signed int cleanup. - - * read_pwd.c (krb5_read_password): Change size_return to unsigned - int *. - - * sendto_kdc.c: Remove definition for krb5_max_dgram_size, - krb5_max_skdc_timeout, krb5_skdc_timeout_shift, - krb5_skdc_timeout_1. (moved to os-proto.h). Cast arguments to int - for send() and recv(). - -2000-10-09 Ken Raeburn <raeburn@mit.edu> - - Support for getifaddrs() interface added in BSD. - * localaddr.c (printaddr, printifaddr) [HAVE_IFADDRS_H && DEBUG]: - New functions for debugging new ifaddrs code. - (addr_eq) [HAVE_IFADDRS_H]: New function, for comparing addresses - found with getifaddrs. - (foreach_localaddr) [HAVE_IFADDRS_H]: New implementation, relies - on C library function to retrieve data. - (foreach_localaddr) [!HAVE_IFADDRS_H && TEST]: Print info about - each address and why it might not be used. - (print_addr, main) [TEST]: Print out the local addresses. - * Makefile.in (t_localaddr): New target. - -2000-09-26 Ezra Peisach <epeisach@mit.edu> - - * an_to_ln.c: Unsigned vs signed int fixes. - - * t_std_conf.c: Declare local functions static, do not shadow - sin() with local variable. - -2000-08-31 Jeffrey Altman <jaltman@columbia.edu> - - * locate_kdc.c: krb5_locate_srv_dns() - Ensure that res_search() is called with a query string - that is terminated by a '.' in order to disable the - expansion of dns-search lists. - -2000-07-22 Tom Yu <tlyu@mit.edu> - - * accessor.c: Add NEED_SOCKETS in order to get prototype for - krb5_locate_kdc(). - -2000-07-19 Danilo Almeida <dalmeida@mit.edu> - - * accessor.c (krb5int_accessor): Add krb5int_accessor() to access - internal krb5 functions from outside the library (so that we don't - have to export them for the krb525 and gssapi libraries). The - goal is to make this function eventually do nothing. - - * Makefile.in: Compile accessor.c. - -2000-07-18 Ezra Peisach <epeisach@mit.edu> - - * locate_kdc.c, hst_realm.c, def_realm.c, changepw.c: Include - os-proto.h for internal prototypes. - - * os-proto.h: Prototypes for _krb5_use_dns_realm(), - _krb5_use_dns_kdc(), _krb5_conf_boolean(). - - * t_std_conf.c: Include k5-int.h for internal function prototypes. - -2000-06-30 Ezra Peisach <epeisach@mit.edu> - - * t_an_to_ln.c: Include <stdio.h> for prototypes. - - * locate_kdc.c (krb5_locate_srv_dns): Remove unused variable. - - * changepw.c, sendto_kdc.c, sn2princ.c: Add parentheses around - assignment used as truth value. - - * ccdefname.c (get_from_os): Cast return from getuid() to long and - indicate use of format in sprintf. - -2000-06-28 Ezra Peisach <epeisach@mit.edu> - - * def_realm.c: Add newline at end of file. - - * gmt_mktime.c: Define days_in_month as type int. - - * locate_kdc.c (krb5_locate_srv_dns): Cleanup unused variables. - -2000-06-23 Miro Jurisic <meeroh@mit.edu> - - * init_os_ctx.c (os_get_default_config_files): Return ENOENT when - file is not found on MacOS (not ENFILE). Use Kerberos Preferences - library to locate the config files on Mac OS. Eliminated some - dead code. - -2000-06-23 Nalin Dahyabhai <nalin@redhat.com> - - * an_to_ln.c (do_replacement): Don't overflow buffers "in" or "out". - * hst_realm.c (krb5_try_realm_txt_rr): Don't overfill "host" when - malformed DNS responses are received. - - * ccdefname.c (get_from_os): Don't overflow buffer "name_buf". - * kuserok.c (krb5_kuserok): Don't overflow buffer "pbuf". - -2000-06-23 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c: Include stddef.h. - (foreach_localaddr): Check each address against previously used - addresses, and skip duplicates, in case multiple interfaces have - the same address. If called functions fail, drop out of loop and - return nonzero. Use SIOCGSIZIFCONF ioctl if available to get the - buffer size needed for SIOCGIFCONF, and skip the silly heuristics - if it returns a reasonable value. - (krb5_os_localaddr): Increment count of addresses to include null - pointer terminator. Delete check for zero count. - - * locate_kdc.c (maybe_use_dns): Renamed from _krb5_use_dns. Now - takes an arg to indicate a key to look up in krb5.conf, falling - back to "dns_fallback", and an arg indicating the default value if - no config file entries match. - (_krb5_use_dns_realm): New routine; use "dns_lookup_realm" and - KRB5_DNS_LOOKUP_REALM setting. - (_krb5_use_dns_kdc): New routine; use "dns_lookup_kdc" and - KRB5_DNS_LOOKUP_KDC. - (krb5_locate_kdc): Call _krb5_use_dns_kdc. - * changepw.c (krb5_locate_kpasswd): Call _krb5_use_dns_kdc. - * def_realm.c (krb5_get_default_realm): Call _krb5_use_dns_realm. - * hst_realm.c (krb5_get_host_realm): Call _krb5_use_dns_realm. - -2000-06-23 Alexandra Ellwood <lxs@mit.edu> - - * ccdefname.c: Added support to store a krb5_principal in the os_context - along with the default ccache name (if known, this principal is the same - as the last time we looked at the ccache. - -2000-05-09 Alexandra Ellwood <lxs@mit.edu> - - *localaddr.c: Fixed the local_addr_fallback_kludge so that it actually does something. - Before that the error code it was handling was blowing it away in cleanup. - -2000-04-29 Jeffrey Altman <jaltman@columbia.edu> - - * hst_realm.c (krb5_get_host_realm) - remove the searchlist and defaultrealm _kerberos queries - -2000-04-18 Danilo Almeida <dalmeida@mit.edu> - - * prompter.c (krb5int_set_prompt_types): Set to actual value - intead of 0. - -2000-4-13 Alexandra Ellwood <lxs@mit.edu> - - * init_os_ctx.c: Added support to store a krb5_principal in the os_context - along with the default ccache name (if known, this principal is the same - as the last time we looked at the ccache. - -2000-03-20 Miro Jurisic <meeroh@mit.edu> - - * def_realm.c (krb5_free_default_realm): Added, use to free - result of krb5_get_default_realm - -2000-03-15 Danilo Almeida <dalmeida@mit.edu> - - * prompter.c: Add krb5int_set_prompt_types() and - krb5_get_prompt_types(). - -2000-03-14 Ken Raeburn <raeburn@mit.edu> - - * init_os_ctx.c (os_get_default_config_files): Remove unused - variable. - - * def_realm.c: Include netinet/in.h if available. - -2000-02-25 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (foreach_localaddr): Broken out from old - krb5_os_localaddr. Iterates over all active interface addresses, - invoking callback functions; knows nothing about Kerberos. - (count_addrs, allocate, add_addr): New callback functions. - (krb5_os_localaddr): Use the above. - (allocate): Make room for NULL value at the end. - -2000-02-16 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (krb5_os_localaddr): Dynamically grow buffer used - for SIOCGIFCONF until it appears to have been big enough. - Dynamically grow internal address pointer array as needed. - -2000-02-11 Marshall Vale <mjv@mit.edu> - - * init_os_ctx.c (os_get_default_config_files.c): Added new - file name "Kerberos Preferences" to the of valid configuration - file names on Mac OS. The others will be removed at a later - date. - -2000-02-08 Marshall Vale <mjv@mit.edu> - - * init_os_ctx.c (os_get_default_config_files.c): Added - Application Support folder to list of locations to look - for krb5 configuration file. Only looks at top level which - needs to be improved. - (GetMacProfileFileSpec): Added a parameter to declare which - folder constants to use for file spec creation. Previously it - had assumed just the Preferences folder. - -2000-02-07 Scott McGuire <smcguire@mit.edu> - - * changepw.c (krb5_locate_kpasswd): fixed memory trashing - caused by incorrect pointer arithmetic when assigning - DEFAULT_KPASSWD_PORT in DNS code also. - -2000-02-04 Scott McGuire <smcguire@mit.edu> - - * changepw.c (krb5_locate_kpasswd): fixed memory trashing - caused by incorrect pointer arithmetic when assigning - DEFAULT_KPASSWD_PORT in non-DNS code. - -1999-12-03 Danilo Almeida <dalmeida@mit.edu> - - * changepw.c: Define ETIMEDOUT for Windows. - -1999-12-01 Ken Raeburn <raeburn@mit.edu> - - * init_os_ctx.c (krb5_secure_config_files): Do define; always - return an error, but perform old functionality in case the error - is ignored. Delete when we can make a major version number - change. - -1999-11-23 Ken Raeburn <raeburn@mit.edu> - - * an_to_ln.c (default_an_to_ln): Avoid stomping byte after - supplied buffer. Thanks to Matt Crawford. - - * init_os_ctx.c (os_init_paths): Delete SECURE argument; read the - value from the profile structure instead. - (krb5_os_init_context, krb5_get_profile): Don't pass SECURE - argument. - (os_init_paths, krb5_get_profile): Cast first arg to - profile_init. - (krb5_secure_config_files): Don't define. - -1999-11-22 Miro Jurisic <meeroh@mit.edu> - - * ccdefname.c (get_from_os): Replaced Kerberos5GlobalsLib calls - with CCAPI v3 calls - -1999-11-02 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (krb5_os_localaddr): Conditionalize INET6 support on - new KRB5_USE_INET6 macro. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-10-22 Ken Raeburn <raeburn@mit.edu> - - * prompter.c (krb5_prompter_posix): Make ointrfunc, fd, and - errcode volatile. - * promptusr.c (krb5_os_get_tty_uio): Make ointrfunc and retval - volatile. - * read_pwd.c (krb5_read_password): Make ointrfunc volatile. Fix - volatile decl for readin_string (pointer is volatile, doesn't - point to volatile). - - * changepw.c (krb5_change_password): Wait only two minutes, not - indefinitely, for a response from the kpasswd server. - -1999-10-18 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (krb5_os_localaddr): Don't bother trying to create - inet6 socket; any socket type will do. - -1999-10-17 Ken Raeburn <raeburn@mit.edu> - - * localaddr.c (krb5_os_localaddr): Raise buffer size to 10K. - Handle INET6 addresses. If INET6 support is built in but the - socket creation fails, fall back to INET. - -1999-09-28 Ken Raeburn <raeburn@mit.edu> - - * changepw.c (krb5_locate_kpasswd): Declare local variable i even - when DNS code is not in use. - (krb5_locate_srv_conf, krb5_locate_srv_dns): Delete declarations. - -1999-09-21 Ken Raeburn <raeburn@mit.edu> - - Changes from Jeffrey Altman to look up kpasswd server using DNS. - * changepw.c: (krb5_locate_kpasswd): New function, split out from - krb5_change_password. Calls krb5_locate_srv_dns if use of DNS is - desired, and krb5_locate_srv_conf to check config file. - (krb5_change_password): Call it to find the server. - * locate_kdc.c (krb5_locate_srv_conf): No longer static. Choose - default port numbers based on service name rather than a single - hard-coded value. - (krb5_locate_srv_dns): No longer static. - -1999-09-17 Tom Yu <tlyu@mit.edu> - - * def_realm.c: Patch from jaltman@columbia.edu to allow compiling - under non-Windows platforms with DNS lookup enabled. - -1999-09-01 Danilo Almeida <dalmeida@mit.edu> - - * kuserok.c (krb5_kuserok): Fix improper negation in - non-Unix localname check. Also fix calling convention - before this function is exported by the Windows DLL. - - * localaddr.c (krb5_os_localaddr): Fix memset to clear - right address list. (Thanks to jaltman@columbia.edu). - -1999-09-01 Ken Raeburn <raeburn@mit.edu> - - * get_krbhst.c (krb5_get_krbhst): Fix double-indirection - confusion. Do actually copy string contents to newly allocated - storage. - -1999-08-21 Danilo Almeida <dalmeida@mit.edu> - - * localaddr.c (krb5_os_localaddr): Use multiple addresses, if - present, on Mac and Windows. - -1999-08-10 Alexandra Ellwood <lxs@mit.edu> - - * changepw.c (krb5_change_password): - Reorganized code so that krb5_change_password actually frees - everything it allocated on error. Also fixed some memory - leaks which happened even without an error occurring. - -1999-08-09 Danilo Almeida <dalmeida@mit.edu> - - * prompter.c (krb5_prompter_posix): Provide Win32 implementation - so that kinit and such work under Win32. - -1999-08-06 Danilo Almeida <dalmeida@mit.edu> - - * def_realm.c (krb5_get_default_realm): - * hst_realm.c (krb5_get_host_realm): Make sure we have FQDN - in the case where we use gethostname. - - * def_realm.c (krb5_get_default_realm): Check that we have - a realm before trying to copy it (since profile_get_string - may return no error but not get anything). - - * init_os_ctx.c (krb5_get_profile): Fix calling convention. - -1999-08-05 Danilo Almeida <dalmeida@mit.edu> - - * t_std_conf.c (test_get_krbhst): Use krb5_free_krbhst to - free buffers allocated by krb5_get_krbhst. - - * locate_kdc.c (_krb5_use_dns): Add _krb_use_dns to abstract - away looking up of whether we use DNS or not in the profile. - - * ktdefname.c (krb5_kt_default_name): Use profile_release_string - instead of free to free string allocated by profile_get_string. - - * get_krbhst.c (krb5_get_krbhst): Copy results from profile_get_values - into malloc'ed buffers so we can safely free them later. Also call - profile_free_list on the original values. - - * locate_kdc.c (krb5_locate_kdc): - * hst_realm.c (krb5_get_host_realm): - * def_realm.c (krb5_get_default_realm): Use _krb5_use_dns to figure - out whether to use DNS or not instead of directly reading the - profile in this routine. - - * realm_dom.c (krb5_get_realm_domain): - * hst_realm.c (krb5_get_host_realm): - * def_realm.c (krb5_get_default_realm): Copy results of - profile_get_string into malloc'ed buffer so it can safely be free'd - later. - - * locate_kdc.c (krb5_locate_srv_conf): - * def_realm.c (krb5_get_default_realm): - * changepw.c (krb5_change_password): - * an_to_ln.c (krb5_aname_to_localname): Use profile_free_list - to free values allocated by profile_get_values. - -1999-08-04 Danilo Almeida <dalmeida@mit.edu> - - * init_os_ctx.c (os_init_paths): Wrap use of ctx->profile_in_memory - with KRB5_DNS_LOOKUP. Use pointer value to determine whether to free - files by checking the files value rather than depending on the - return value. - -1999-07-27 Miro Jurisic <meeroh@mit.edu> - - * init_os_ctx.c (GetMacProfileFileSpec): removed bogus string conversion - -1999-07-26 Miro Jurisic <meeroh@mit.edu> - - * c_ustime.c (krb5_crypto_us_timeofday): Merged in changes from the - Mac_V2_0_derivatives branch -- microseconds support and guaranteed - monotonically increasing microseconds on MacOS - - * init_os_ctx.c (os_get_default_config_files): Merged in changes from the - Mac_V2_0_derivatives branch -- NRL config file name - - * init_os_ctx.c (krb5_get_profile): added krb5_get_profile - -1999-07-22 Jeffrey Altman <jaltman@columbia.edu> - - * init_os_ctx.c (os_init_paths) - If profile_init() is unable to open a profile and returns ENOENT, - remember in the context that the profile_in_memory and then - call profile_init() with a NULL filespec. - - * def_realm.c (krb5_get_default_realm) - * hst_realm.c (krb5_get_host_realm) - * locate_kdc.c (krb5_locate_kdc) - Use the profile entry [libdefaults] dns_fallback to determine - if DNS SRV and TXT records should be used to find realms and - servers if they are not found in the profile. - - -1999-07-21 Ken Raeburn <raeburn@mit.edu> - - * init_os_ctx.c (os_get_default_config_files): Fix some typos and - missed name changes in the patch Miro just checked in but forgot - to mention here, in which Mac filespecs are used instead of - filenames. - (krb5_free_config_files): Ditto. - -1999-06-30 Ken Raeburn <raeburn@mit.edu> - - * locate_kdc.c (krb5_locate_kdc): Kerberos admin service name is - "kerberos-adm", not "kadmin", so look up "_kerberos-adm._tcp" in - DNS. - -1999-06-21 Ken Raeburn <raeburn@mit.edu> - and Jeffrey Altman and Ken Hornstein - - * def_realm.c (MAXHOSTNAMELEN) [KRB5_DNS_LOOKUP]: Define if not - already defined. - (MAX_DNS_NAMELEN) [KRB5_DNS_LOOKUP]: New macro. - (krb5_get_default_realm): Return an error if an empty realm name - is found. - (krb5_get_default_realm) [KRB5_DNS_LOOKUP]: Use - krb5_try_realm_txt_rr to determine the realm of the local host or - domain. - - * hst_realm.c [KRB5_DNS_LOOKUP]: Pull in some extra header files - for resolver functionality. - (MAX_DNS_NAMELEN): New macro. - (krb5_try_realm_txt_rr) [KRB5_DNS_LOOKUP]: New function; looks up - a TXT record. - (krb5_get_host_realm): Use MAX_DNS_NAMELEN for buffer size. - (krb5_get_host_realm) [KRB5_DNS_LOOKUP]: Use DNS lookup if config - file doesn't contain a match. - - * locate_kdc.c [KRB5_DNS_LOOKUP]: Pull in some extra header files - for resolver functionality. - (MAXHOSTNAMELEN) [KRB5_DNS_LOOKUP]: Define if not already - defined. - (MAX_DNS_NAMELEN) [KRB5_DNS_LOOKUP]: New macro. - (krb5_locate_srv_conf): Renamed from krb5_locate_kdc; now static; - extra char* argument replaces fixed "kdc" in array of names to - look up in profile. - (krb5_locate_srv_dns) [KRB5_DNS_LOOKUP]: New function; looks up - SRV records, and returns addresses sorted by priority. - (krb5_locate_kdc): New function, calls above routines. - -1999-06-16 Danilo Almeida <dalmeida@mit.edu> - - * ccdefname.c (get_from_registry_indirect, try_dir, get_from_os): - Extra robustness to win32 code. - - * init_os_ctx.c (krb5_get_config_files, krb5_free_config_files): - Add function to get config files being used for current - context with corresponding free function. - -1999-06-16 Danilo Almeida <dalmeida@mit.edu> - - * init_os_ctx.c (os_init_paths): Enhance win32 heuristics to use - environment variable (like Unix) and to use the registry - too. Will try executable's dir before windows dir if - not secure. - - * ccdefname.c (get_from_os): Enhance win32 heuristics to use - registry properly, default to API: properly, - and to use temp dirs before the windows dir. - -1999-06-11 Miro Jurisic <meeroh@mit.edu> - - * init_os_ctx.c (os_init_paths): added NRL config file name correctly - (thanks dalmeida) - -1999-06-09 Miro Jurisic <meeroh@mit.edu> - - * c_ustime.c (krb5_crypto_us_timeofday): fixed Mac PPC #ifdef - -1999-06-09 Miro Jurisic <meeroh@mit.edu> - - * c_ustime.c (krb5_crypto_us_timeofday): #ifdefed microseconds on Mac to be - PPC-only - -1999-06-09 Miro Jurisic <meeroh@mit.edu> - - * c_ustime.c (AbsoluteToSecsNanosecs): Fixed the UInt64 division - * c_ustime.c (krb5_crypto_us_timeofday): now returning the correct value - -1999-06-09 Miro Jurisic <meeroh@mit.edu> - - * c_ustime.c (AbsoluteToSecsNanosecs): Fixed the UInt64 comparison - -1999-06-09 Miro Jurisic <meeroh@mit.edu> - - * net_read.c, net_write.c: now setting errno on Mac too - -1999-06-09 Miro Jurisic <meeroh@mit.edu> - - * c_ustime.c (krb5_crypto_us_timeofday, HaveAccurateTime, - AbsoluteToSecsNanosecs): Added support for microseconds or - better timers on the Mac when available - - * c_ustime.c (krb5_crypto_us_timeofday): fixed usecs counting bug - (From Chas Williams) - - * init_os_ctx.c (GetMacProfilePathname): removed hardcoded config file name - (From Chas Williams) - - * init_os_ctx.c (os_init_paths): added NRL config file name - (From Chas Williams) - -Tue Jun 8 15:26:21 1999 Alexandra Ellwood <lxs@mit.edu> - - * changepw.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO - after socket operations to work with new Mac OT SocketsLib. - - * hst_realm.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO - after socket operations to work with new Mac OT SocketsLib. - - * localaddr.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO - after socket operations to work with new Mac OT SocketsLib. - - * net_read.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO - after socket operations to work with new Mac OT SocketsLib. - - * net_write.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO - after socket operations to work with new Mac OT SocketsLib. - - * sn2princ.c: Changed errno to SOCKET_ERRNO/SOCKET_SET_ERRNO - after socket operations to work with new Mac OT SocketsLib. - -Mon May 10 15:26:20 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -Fri May 7 18:04:48 1999 Danilo D Almeida <dalmeida@mit.edu> - - * locate_kdc.c (krb5_locate_kdc): Fixed typo. - -Fri May 7 14:39:08 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * locate_kdc.c (krb5_locate_kdc): Return KRB5_REALM_UNKNOWN if - profile_get_values returns PROF_NO_RELATION or - PROF_NO_SECTION. - -1999-04-01 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * prompter.c (krb5_prompter_posix): Update to use new prompter - prototype which takes an extra argument for the window - titlebar name. (From Frank Cusack) [krb5-kdc/662] - -Thu Mar 25 18:45:48 1999 Tom Yu <tlyu@mit.edu> - - * promptusr.c (krb5_os_get_tty_uio): getchar() returns int, not - char. - -1999-03-12 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * init_os_ctx.c (krb5_os_init_context, krb5_os_free_context): - Sample the ccdefault name at the time when we create the - context. Free the ccdefault name when we free the os - context. - - * ccdefname.c (krb5_cc_default_name, krb5_cc_set_default_name): - Check to make sure the context is valid and return an - error if it isn't. - -1999-03-11 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * ccdefname.c (get_from_os): Add missing call to get_from_registry - under windows. - -Fri Feb 19 20:49:18 1999 Tom Yu <tlyu@mit.edu> - - * ccdefname.c (get_from_os): Add missing close-paren; also replace - #elif just in case. - -Fri Feb 5 01:05:43 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * ccdefname.c (get_from_os): On the Windows platform, - automatically generate the correct default cache name - based on what krb5_cc_dfl_ops is set to. - - * realm_dom.c (krb5_get_realm_domain): Add modifiers so that this - function can get exported in a Windows DLL. - -Tue Feb 2 16:01:58 1999 Tom Yu <tlyu@mit.edu> - - * read_pwd.c: Remove reference to CPP symbol "unix". - -1999-01-29 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * ccdefname.c: Add a new function krb5_cc_set_default_name(), - which is used set the default ccname stored in the - krb5_context. All of the OS-specific functions to - determine the default ccname is moved to this function. - The krb5_cc_default_name() function now just reads the - default ccname from the os_context, and will call - krb5_cc_set_default_name() to set the default ccname if - necessary. - - * t_std_conf: Added functions to test krb5_cc_default_name and - krb5_cc_set_default_name(). Fixed the call to - krb5_locate_kdc to support the new variables added by - the Cygnus initial ticket API merge. - -1999-01-27 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * localaddr.c: On the macintosh, check to see if getmyipaddr - returns NULL, and return an error in that case. - -Tue Jan 5 00:11:49 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * sn2princ.c (krb5_sname_to_principal): Windows NT5's broken - resolver gratuitously tacks on a trailing period to the - hostname (at least it does in Beta2). Deal with this - brain-damage. - -Tue Dec 22 01:22:24 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * changepw.c: Add a test for _WIN16 as well as _WIN32 for sockets - workaround (in case we do want to build the 16 bit library - again someday) - -Sat Dec 5 01:12:25 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * localaddr.c: Added missing KRB5_DLLIMP and KRB5_CALLCONF macros - from the function definition. - -1998-12-04 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * realm_iter.c: New function which iterators over the realms in - the krb5.conf file. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - - * lock_file.c (krb5_lock_file): Fix bug where if the fcntl-style - lock succeeded, we should return immediately instead of - trying to do flock-style locking. Also check for - HAVE_FCNTL_H and defined(F_SETLKW) and - defined(F_RDLCK) instead of POSIX_FILE_LOCKS (so we - can get rid of a non-standard autoconf symbol.) - -1998-10-31 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * lock_file.c (krb5_lock_file): Move the flock() fallback code - from fcc_maybe.c into krb5_lock_file(). This works around - the bug that certain lossy operating systems (mainly from - our good friends at SunSoft) do not support - POSIX_FILE_LOCKS on all filesystems (namely tmpfs) but do - support flock on those filesystems. - -1998-10-27 Marc Horowitz <marc@mit.edu> - - * c_ustime.c, localaddr.c: moved here from lib/crypto - - * ktdefname.c (krb5_kt_default_name): there is code in the tree - (notably, the admin server code) which uses globals to set the - keytab which will be used by gssapi. this is gross, and we need a - better answer. However, even that didn't work if there was an env - var or krb5.conf variable, since those override krb5_defkeyname. - Add a new global, krb5_overridekeyname, which really does override - all the other keytab locators. While I'm at it, make the buffer - overflow checks sane. - -Fri Sep 25 22:32:16 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * ccdefname.c: We shouldn't try to use the CCache API on Unix - systems. (The maze of #ifdef's was confusing.) - -Tue Sep 1 15:44:11 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * ccdefname.c (krb5_cc_default_name): Changed the PC version to - use the CCache API by default. Removed the old Macintosh - code that had been commented out. (If we need to - ressurect it, we'll get it from CVS.) - -Fri Aug 21 17:37:00 1998 Miro Jurisic <meeroh@mit.edu> - - * ccdefname.c.c (krb5_cc_default_name): Changed the Mac - version to use CCache API by default. - -Thu Jul 16 09:59:34 1998 Ezra Peisach <epeisach@mit.edu> - - * changepw.c (krb5_change_password): Changes casts from char * to - krb5_octet * to match krb5_address structure elements. - -Wed Jul 1 17:54:56 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * macsock.c(inet_ntoa): Fix obvious bug where we were returning a - pointer to an automatic variable which should have been a - static. Fortunately nothing in the Mac tree was using - inet_ntoa().... - -1998-05-06 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * t_std_conf.c (main): POSIX states that getopt returns -1 - when it is done parsing options, not EOF. - -Wed Sep 24 12:10:29 1997 Marshall Vale <mjv@mit.edu> (Checked in 1/13/98) - - * init_os_ctx.c: Changed all PBGetCatInfo to PBGetCatInfoSync for new - Universal Headers. - - * ccdefname.c: Changed all PBGetCatInfo to PBGetCatInfoSync for new - Universal Headers. - -Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Changed thisconfigdir to point at the lib/krb5 - directory, since we've moved the configure.in tests in - this directory to the toplevel lib/krb5 configure.in - -Wed Feb 18 16:24:39 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:02:19 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Fri Jan 30 15:56:15 1998 Tom Yu <tlyu@mit.edu> - - * changepw.c (krb5_change_password): KRB5_USE_INET -> - HAVE_NETINET_IN_H. - -Fri Jan 2 21:28:56 1998 Tom Yu <tlyu@mit.edu> - - * locate_kdc.c (krb5_locate_kdc): Check return of - malloc. [krb5-libs/518] - - * changepw.c (krb5_change_password): Check return of - malloc. [krb5-libs/518] - -Tue Dec 16 11:00:18 1997 Ezra Peisach <epeisach@mit.edu> - - * locate_kdc.c (krb5_locate_kdc): Free hostlist array elements - when finished with them. - -Sat Dec 6 23:12:23 1997 Ezra Peisach <epeisach@mit.edu> - - * locate_kdc.c (krb5_locate_kdc): Get rid of extra krb5_xfree - which caused freeing of memory twice. - -Sat Dec 6 02:34:50 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Add changepw.c, prompter.c. - - * changepw.c: New file; Cygnus password changing protocol. - - * locate_kdc.c: Add parameter to indicate master KDC. - - * os-proto.h: Reflect changes to locate_kdc. - - * prompter.c: New file; Cygnus initial creds. - - * sendto_kdc.c: Add parameter to indicate master KDC. - -Mon Oct 6 11:40:11 1997 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * t_std_conf.c (main): Call krb5_free_context when done. - -Wed Oct 1 04:58:34 1997 Tom Yu <tlyu@mit.edu> - - * configure.in: Punt some things that are otherwise gotten from - include/krb5/configure.in. - - * gmt_mktime.c: Get k5-int.h to get some autoconf symbols. - -Tue Sep 30 19:57:27 1997 Tom Yu <tlyu@mit.edu> - - * timeofday.c: Replaace erroneously named POSIX_TYPES and timetype - with plain old time_t, since we're using AC_CHECK_TYPE now to - handle it. - -Thu Sep 25 21:24:54 1997 Tom Yu <tlyu@mit.edu> - - * mk_faddr.c: Replace KRB5_USE_INET with something more sane. - - * port2ip.c: Replace KRB5_USE_INET with something more sane. - - * os-proto.h: Replace KRB5_USE_INET with something more sane. - - * locate_kdc.c: Replace KRB5_USE_INET with something more sane. - - * genaddrs.c (krb5_auth_con_genaddrs): Replace KRB5_USE_INET with - something more sane. - - * gen_port.c (krb5_gen_portaddr): Replace KRB5_USE_INET with - something more sane. - - * full_ipadr.c: Replace KRB5_USE_INET with something more sane. - -Thu Sep 18 17:56:00 1997 Tom Yu <tlyu@mit.edu> - - * hst_realm.c: Replace USE_STRING_H with something more sane. - -Mon Sep 15 15:21:12 1997 Ezra Peisach <epeisach@mit.edu> - - * ccdefname.c (krb5_cc_default_name): Returns a const char *. - -Sat Aug 16 10:11:20 1997 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * gmt_mktime.c (days_in_month): Now const. - Originally by raeburn@cygnus.com from the Kerbnet release - -Tue Feb 25 00:29:33 1997 Richard Basch <basch@lehman.com> - - * read_pwd.c: Define Windows interface for krb5_read_password - * win-pwd.rc: Resource file for Windows password dialog box - * win-pwd.h: Support definitions for Windows krb5_read_password - -Sat Feb 22 22:41:02 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Fri Feb 21 20:06:55 1997 Ezra Peisach <epeisach@mit.edu> - - * def_realm.c: Remove extern declaration of un-used krb5_config_file. - -Fri Feb 7 11:11:18 1997 Richard Basch <basch@lehman.com> - - * mk_faddr.c (krb5_make_fulladdr): Add FAR declarations (win16) - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - - * ccdefname.c, def_realm.c, free_hstrl.c, genaddrs.c, hst_realm.c, - init_os_ctx.c, ktdefname.c, localaddr.c, sn2princ.c, timeofday.c, - ustime.c - DLL export several more common functions (see lib/krb5.def - for the full list of functions exported) - -Thu Feb 6 15:46:24 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new program build procedure. - -Thu Jan 2 17:19:11 1997 Tom Yu <tlyu@mit.edu> - - * configure.in: Update to new library build procedure. - -Wed Nov 13 02:53:31 1996 Tom Yu <tlyu@mit.edu> - - * osconfig.c: Add warning re: global variables. - - * ktdefname.c, osconfig.c: Revert previous kt_default_name - changes. - - * ktdefname.c (krb5_kt_default_name): Fix a few memory-leak type - problems in previous changes. - -Tue Nov 12 22:07:55 1996 Tom Yu <tlyu@mit.edu> - - * osconfig.c: Remove krb5_defkeyname to catch other things that - may break. - - * ktdefname.c (krb5_kt_default_name): Change logic to no longer - use a global variable; also add krb5_kt_set_default_name() to - allow for the changing of the default keytab name in the context. - -Wed Nov 6 16:24:56 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * init_os_ctx.c (os_init_paths): Don't ignore errors found from - parsing the config file. Currently, we return an error if - the profile isn't found. In the future we can maybe do - something better with intelligent defaulting if krb5.conf - doesn't exist, but we don't have this today. - -Thu Aug 22 15:19:47 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * an_to_ln.c (db_an_to_ln): Remove references to dead BERK_DB_DBM - code. - -Tue Jul 30 19:15:55 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * Makefile.in (check-unix): Comment out an_2_ln tests that use - database. - - * an_to_ln.c (krb5_aname_to_localname): Make the db lookup verison - of aname_2_localname optional. - -Sun Jul 28 22:39:12 1996 Tom Yu <tlyu@mit.edu> - - * an_to_ln.c (aname_do_match): #elif HAVE_REGEXP_H should have - been HAVE_REGEXPR_H - -Fri Jul 26 15:58:32 1996 Marc Horowitz <marc@mit.edu> - - * configure.in, an_to_ln.c (do_replacement, aname_do_match): use - the compile() function in -lgen on solaris. Check for the - relevant stuff at configure-time - -Fri Jul 12 21:38:15 1996 Marc Horowitz <marc@mit.edu> - - * ktdefname.c (krb5_kt_default_name): allow the default keytab name - to be specified in the config file. - -Wed Jun 12 01:12:32 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * net_read.c (krb5_net_read): - * net_write.c (krb5_net_write): In case of an error, on Windows - machines, set errno from SOCKET_ERRNO, since the interface - assumes the error is passed back the errno global - varaible. This really needs to be fixed sometime... - - * read_msg.c: If ECONNABORTED is not defined, try using the - Winsock version of the error code (WSAECONNABORTED). - -Mon Jun 10 21:48:45 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * read_pwd.c: - * promptusr.c: - * lock_file.c: - * kuserok.c: - * ktdefname.c (krb5_kt_default_name): - * init_os_ctx.c (os_init_paths): - * ccdefname.c: - * an_to_ln.c (db_an_to_ln): Change _WINDOWS to _MSDOS, and add - check for _WIN32. - -Thu Apr 18 16:24:44 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * macsock.c (getsockname, getpeername): Correctly implement - getsockname(), so it does getsockname(), not - getpeername(), and add the function getpeername(). - -Sat May 11 10:08:15 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Need to include sys/types.h before regexp.h in - test to see if regcomp works. - Add V5_USE_SHARED_LIB for the tests that are built. - -Tue Apr 30 17:51:47 1996 Ken Raeburn <raeburn@cygnus.com> - - * configure.in: Test that regcomp actually works. - - * Makefile.in (check-unix): Use $(RM). - - * t_an_to_ln.c (main): Print principal name when an error is - detected. - -Thu Apr 11 22:15:44 1996 Theodore Y. Ts'o <tytso@dcl> - - * ustime.c (krb5_us_timeofday): When doing the time offset - adjustments, make sure the microseconds field doesn't go - negative. - -Thu Mar 28 17:20:12 1996 Theodore Y. Ts'o <tytso@dcl> - - * DNR.c: Replace eight-year-old version of this file with the - latest version from the Code Warrior MacTCP files. - - * macsock.c: Use new MacTCP header files. - -Wed Mar 27 18:31:44 1996 Theodore Y. Ts'o <tytso@dcl> - - * macsock.c (gethostbyname, gethostbyaddr): Use universal - procedure pointers (UPP), which are required on the Mac - Power PC. - -Mon Mar 18 21:49:39 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Add KRB5_RUN_FLAGS - - * Makefile.in: Use runtime flags. - -Mon Mar 18 17:30:54 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * sn2princ.c (krb5_sname_to_principal): Add casting to avoid warnings. - -Mon Mar 18 14:18:58 EST 1996 Richard Basch <basch@lehman.com> - - * sn2princ.c: Do not try to re-assign const variables. - -Sun Mar 17 20:42:17 1996 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Add USE_ANAME, KRB5_LIBRARIES - - * Makefile.in: Properly use libraries as specified by configure - -Wed Mar 13 13:11:49 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * t_std_conf.c: Include string.h - -Thu Feb 29 16:14:46 1996 Theodore Y. Ts'o <tytso@dcl> - - * sendto_kdc.c (krb5_sendto_kdc): Take out calls to - SOCKET_INITIALIZE and SOCKET_CLEANUP. This gets done in - win_glue.c, and we only need to do this once. (XXX What - about Macintosh?) - -Tue Feb 27 18:48:03 1996 Theodore Y. Ts'o <tytso@dcl> - - * hostaddr.c (krb5_os_hostaddr): Use #define NEED_SOCKETS instead - of #including <netdb.h> (this breaks under windows). - -Mon Feb 26 17:04:26 1996 Theodore Y. Ts'o <tytso@dcl> - - * promptusr.c: Don't compile promptusr for Windows or Macintosh. - -Sat Feb 24 18:57:56 1996 Theodore Y. Ts'o <tytso@dcl> - - * ktdefname.c (krb5_kt_default_name): Under Windows, assume that - the keytab file is located in the Windows directory. - -Thu Feb 22 13:16:16 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (check-unix): Set LD_LIBRARY_PATH for kdb5_anadd. - - * hostaddr.c (krb5_os_hostaddr): Set magic number in structure. - - * full_ipadr.c (krb5_make_full_ipaddr): Set magic number in structure. - -Sat Feb 17 00:05:38 1996 Theodore Y. Ts'o <tytso@pao.MIT.EDU> - - * def_realm.c (krb5_get_default_realm): If the configuration file - does not exist (context->profile == NULL) return - KRB5_CONFIG_CANTOPEN; if the default realm is not defined - in the configuration file, return an error message saying - so. These changes just make the diagnostic error - messages more clear. - -Thu Jan 11 18:32:54 1996 Ezra Peisach (epeisach@paris) - - * Makefile.in (check-unix): Ultrix test does not support -x. - -Fri Jan 5 09:00:47 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * locate_kdc.c (krb5_locate_kdc): Add parrentheses for assignment - in conditional. (gcc -Wall) - - * init_os_ctx.c (krb5_os_init_context): Remove unused variables - - * an_to_ln.c (aname_do_match): Initialize local variable before - referenced. - -Thu Jan 4 22:23:04 1996 Theodore Y. Ts'o <tytso@dcl> - - * hostaddr.c (krb5_os_hostaddr): New function which takes a - hostname and returns a list of krb5 addresses. (This is - basically a glue routine that converts the result of - gethostbyname() to krb5 addresses.) - -Thu Dec 21 17:51:58 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (t_an_to_ln): Use $(LD) instead of $(CC) to link - final executables, so that we can more easily use purify. - - * hst_realm.c (krb5_get_host_realm): Eliminate memory leak; realm - was already being allocated by the profile library; no - reason to reallocate it again. - -Wed Nov 15 10:53:16 1995 <tytso@rsts-11.mit.edu> - - * promptusr.c: New function for doing generic tty input and output. - Eventually read_password should use this function. - -Wed Nov 15 20:40:03 1995 Mark Eichin <eichin@cygnus.com> - - * lock_file.c (krb5_lock_file): initialize lock_arg to a copy of a - static (thus zero) struct flock, to avoid panic'ing sunos 4.1.4. - -Sun Nov 12 05:31:21 1995 Mark W. Eichin <eichin@cygnus.com> - - * def_realm.c (krb5_get_default_realm): check for PROF_NO_PROFILE - and return KRB5_CONFIG_CANTOPEN instead of BADFORMAT so that the - user in the end knows what is going on. - -Mon Oct 9 19:05:24 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * ktdefname.c (krb5_kt_default_name): If profile_secure flag is - set in the context then do not allow changing the location - of the default keytab with an environment variable. - -Fri Oct 6 22:04:57 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Thu Oct 5 07:49:26 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * init_os_ctx.c (krb5_secure_config_files): New function that - will set flag and path to prevent user from overriding - configuration files with environment variables. - -Mon Oct 2 17:36:38 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * init_os_ctx.c (krb5_os_init_context): Put back in the - KRB5_CONFIG environment before setting to default. - -Tue Sep 26 22:46:01 1995 Mark Eichin <eichin@cygnus.com> - - * init_os_ctx.c (krb5_os_init_context): use profile_init_path for - unix, and DEFAULT_PROFILE_PATH. - -Fri Sep 29 16:31:47 1995 Theodore Y. Ts'o <tytso@dcl> - - * osconfig.c: Remove krb5_lname_file; it's not used any more. - -Mon Sep 25 16:58:17 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Fri Sep 22 15:57:33 1995 Mark Eichin <eichin@cygnus.com> - - * write_msg.c (krb5_write_message): check the real length - variable, not the net version. - -Wed Sep 20 12:00:00 1995 James Mattly <mattly@fusion.com> - - * macsock.c: Added TCP streams to the emulation package. gethostname - now no longer returns true cannonical hostnames. - -Wed Sep 13 11:01:18 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: had to define away DBFLAGS for the PC. - -Mon Sep 11 17:46:18 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * genaddrs.c (krb5_auth_con_genaddrs): Replace function - declaration back to int instead of SOCKET due to prototype - mismatching. - -Sun Sep 10 12:00:00 1995 James Mattly <mattly@fusion.com> - - * ustime.c: use the version of getTimeZoneOffset in :os:crypto: for - _MACINTOSH. - -Wed Sep 6 12:00:00 1995 James Mattly <mattly@fusion.com> - - * localaddr.c changed name to oslocaladdr.c for metrowerks project - file management. - - * ustime.c: changed mac version of krb5_crypto_us_timeofday to compile - with contemporary header files for metrowerks - - * macsock.c: added tcp stream support to suppliment the udp. Added - getsockname. Fixed gethostname to stop appending '.' to the - end of a connonical hostname. - - * net_write.c: need to cast file descriptors to SOCKETs - - * net_read.c: need to cast file descriptors to SOCKETs - - * krbfileio.c: mac doesn't support fsync, define the usage out - - * init_os_cxt.c: move the default location of the krb conf file to - the preferences folder. Added some routines to take a - mac FSSpec and turn it into a mac pathname string. - - * hst_realm.c: assign a NULL to retrealms to clean up a warning. - - * genaddrs.c: support getsockname from macsock - - * ccdefname.c: move the cred cache to the preferneces folder for mac - - * an_to_ln.c: turn functions off because I don't have a dbm library - - * timeofday.c: make krb5_timeofday use krb5_crypto_us_timeofday to - incorperate the epoch difference between mac and unix. - -Fri Sep 1 00:47:27 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (check-unix): Add a test case to make sure - krb5_get_host_realm does something sane when passed in a - hostname which doesn't have a default domain. - - * hst_realm.c (krb5_get_host_realm): If an hostname does not have - a domain, don't try to get a domain default (which - results in a strange error being returned). - - * toffset.c: Added new file which implements the abstract - interfaces for manipulating the time offset fields in the - os context. - - * ustime.c (krb5_us_timeofday): Add support for using the time - offset fields in the os context. - - * timeofday.c (krb5_timeofday): Add support for using the time - offset fields in the os context. - - * init_os_ctx.c (krb5_os_init_context): Initialize the time offset - and flags fields in the os context. - -Thu Aug 31 17:24:48 EDT 1995 Paul Park (pjpark@mit.edu) - - * t_an_to_ln.c - Translate until error and return status. - * Makefile.in - Test aname_to_lname under check-unix. - -Thu Aug 24 18:56:35 1995 Theodore Y. Ts'o <tytso@dcl> - - * .Sanitize: Update file list. - -Wed Aug 16 02:45:19 1995 Chris Provenzano <proven@mit.edu> - - * lock_file.c (krb5_lock_file()), unlck_file.c (krb5_unlock_file()): - Pass the fd in instead of converting it from FILE *. - -Fri Aug 4 22:51:15 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * kuserok.c (krb5_kuserok): Add parens to shut up gcc -Wall - - * genaddrs.c (krb5_auth_con_genaddrs): Add parens to shut up gcc - -Wall - - * an_to_ln.c: Include ctype.h to get some prototypes; also add - parens to shut up gcc -Wall - -Fri Jul 28 23:28:11 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * sn2princ.c (krb5_sname_to_principal): GDon't use default realm - just because we are on local machine. Instead, go through normal - translations. - -Fri Jul 7 16:32:41 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Find com_err in TOPLIBD. - -Thu Jul 6 17:26:03 1995 Tom Yu <tlyu@lothlorien.MIT.EDU> - - * localaddr.c: moved to lib/crypto/os; just a stub here. - - * ustime.c: moved to lib/crypto/os; just a stub here. - -Thu Jul 6 09:56:56 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (clean): Remove t_an_to_ln.o - -Wed July 5 15:52:31 1995 James Mattly <mattly@fusion.com> - * an_to_ln.c added _MACINTOSH conditions - * genaddrs.c added HAS_MACSOCK_H conditions - * krbfileio.c added THREEPARAMOPEN - * kuserok.c added THREEPARAMOPEN - * macsock.c added stub for gethostnameA - * mk_faddr.c added HAS_MACSOCK_H conditions - * read_pwd.c added _MACINTOSH condition - * sys_log.c added _MACINTOSH condition - -Fri Jun 30 14:44:17 EDT 1995 Paul Park (pjpark@mit.edu) - * an_to_ln.c - Add profile logic to aname_to_lname. We can now - specify databases, rules and explicit mappings to convert - between auth name and local name. - * t_an_to_ln.c - Rudimentary test procedure. Needs work to be automatic - * configure.in - Add --with-aname-dbm to select between Berkeley and - DBM aname database format. - * Makefile.in - Add definitions to select aname rules. - -Tue Jun 27 15:48:41 EDT 1995 Paul Park (pjpark@mit.edu) - * read_pwd.c(intr_routine) - Add signal name argument to signal handler - to conform to prototype. - -Sat Jun 10 23:07:27 1995 Tom Yu (tlyu@dragons-lair) - - * genaddrs.c: krb5_auth_context redefinitions - -Fri Jun 9 22:08:33 1995 Theodore Y. Ts'o <tytso@dcl> - - * gmt_mktime.c (gmt_mktime): Change assertion to check to make - sure that the day of the month is >= 1, not 0. - -Fri Jun 9 19:34:29 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Wed Jun 7 14:43:56 1995 <tytso@rsx-11.mit.edu> - - * def_realm.c (krb5_get_default_realm), get_krbhst.c - (krb5_get_krbhst), hst_realm.c (krb5_get_host_realm), - init_os_ctx.c (krb5_os_init_context), osconfig.c, - realm_dom.c (krb5_get_realm_domain): Remove old ifdef'ed - code which read in krb.conf and krb.realms. - - * read_pwd.c (krb5_read_password): Remove old #ifdef notdef code. - Significantly simplified and cleaned up function. - Removed BSD 4.3 compatibility code. (If we ever need - to make this work on a non-POSIX system, we'll supply - POSIX termios emulation functions in src/lib/krb5/posix.) - -Fri Jun 2 17:54:12 1995 Keith Vetter (keithv@fusion.com) - - * net_read.c, net_write.c: made to work with sockets. - -Fri May 26 20:20:58 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for building shared libraries. - -Thu May 25 15:33:45 1995 Keith Vetter (keithv@fusion.com) - - * os-proto.h: moved prototype for krb5_make_fulladdr to - los-proto.h since it's needed by the krb directory. - * ktdefnam.c: fixed signed/unsigned mismatch. - * read_pwd.c: pc stub didn't track changes to the real routines - parameter list (const was added). - -Tue May 23 16:29:24 1995 Theodore Y. Ts'o (tytso@dcl) - - * t_std_conf.c, timeofday.c, unlck_file.c: Rearrange #include - files so that krb5.h gets included first, so that the - debugging information can be more efficiently collapsed - since the type numbers will be the same. - -Tue May 16 10:33:03 EDT 1995 Paul Park (pjpark@mit.edu) - * gmt_mktime.c - Use the actual year instead of the number of years - since 1900 when determining if a year has a leapday. - Makes dates after February in the year 2000 correct. - -Mon May 15 05:08:05 1995 <tytso@rsx-11.mit.edu> - - * ktdefname.c (krb5_kt_default_name): Use the KRB5_KTNAME - environment variable to override the default location of - the keytab. - -Mon May 8 22:19:23 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * read_pwd.c (krb5_read_password): use volatile on all - systems. Let configure define volatile to nothing on - systems without. - - * configure.in: Add HAS_ANSI_VOLATILE - - * mk_faddr.c (krb5_make_fulladdr): Allocate enough memory for - raddr contents. - - * read_pwd.c (krb5_read_password): Make arguments prompt and - prompt2 const char * for convenience to callers. - -Mon May 1 17:05:21 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * init_os_ctx.c (krb5_set_config_files): Added required const to - function declaration to be compatbile with call to - profile_init. - -Mon May 01 15:56:32 1995 Chris Provenzano (proven@mit.edu) - - * genaddrs.c (krb5_auth_con_genaddrs()), - * mk_faddr.c (krb5_make_fulladdr()), os-proto.h : - Changes to auth_context to better support full addresses. - -Sun Apr 30 16:03:59 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * osconfig.c: Global variables krb5_config_file and - krb5_trans_file conditionalized on OLD_CONFIG_FILES. - -Sat Apr 29 07:07:22 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu> - - * init_os_ctx.c (krb5_set_config_files): New function. Provides a - way to set a new set of config files for a particular OS - context. - - * init_os_ctx.c (krb5_os_init_context): Don't return an error if - profile_init() returns an error. - -Fri Apr 28 09:58:31 EDT 1995 Paul Park (pjpark@mit.edu) - - Move adm_conn.c from libkrb5 to libkadm. - -Thu Apr 27 17:50:14 1995 Keith Vetter (keithv@fusion.com) - - * adm_conn.c: added constant to pull in needed PC code, and - removed two unused variables. - * genaddrs.c: needed casts on getsockname and getpeername calls. - * mk_faddr.c: the int->byte code needed explicit casts. - * os-proto.h: added missing prototype for krb5_make_fulladdr. - -Wed Apr 26 16:00:52 EDT 1995 Paul Park (pjpark@mit.edu) - - * Add adm_conn.c - module to provide a connection to an administrative - (kpasswd/kadmin) server. - -Wed Apr 27 11:30:00 1995 Keith Vetter (keithv@fusion.com) - - * osconfig.c: krb5_find_config_files only used for OLD_CONFIG_FILES. - * init_os_.c: Get config file location via windows ini files. - -Thu Apr 27 13:04:54 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (clean): Remove t_std_conf.o - -Tue Apr 25 21:58:23 1995 Chris Procenzano (proven@mit.edu) - - * Makefile.in : Added source files mk_faddr.c and genaddrs.c. - * mk_faddr.c (krb5_mk_fulladdr()): Makes a full address from - a struct sockaddr_in. - * genaddrs.c (krb5_auth_con_genaddrs()) : Generate a full address - from the active file descriptor and place it in the - auth_context for the calls mk_safe(), mk_priv(), mk_safe(), - rd_cred(), rd_priv(), and rd_safe(). - * gen_rname.c (krb5_gen_replay_name()) : Fixed to take any type of - krb5_address and generate a rcache name. - * os-proto.h (krb5_make_full_ipaddr()) : Removed prototype. - -Tue Apr 25 14:09:26 1995 Theodore Y. Ts'o <tytso@dcl> - - * t_std_conf.c (main): Add declaration of optarg. - -Tue Apr 25 04:50:13 1995 Chris Procenzano (proven@mit.edu) - - * locate_kdc.c (krb5_locate_kdc()): Pass a NUL terminated realm - to profile_get_values(). - -Mon Apr 24 17:20:14 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * locate_kdc.c (krb5_locate_kdc): Don't deref NULL pointer - returned from profile_get_values if profile is not set. - -Sat Apr 22 00:11:12 1995 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in, configure.in, t_std_conf.c: Add test program to - test the standard configuration krb5 routines. - - * osconfig.c: Don't define krb5_kdc_udp_portname and - krb5_kdc_sec_portname any more. There's no real point... - - * hst_realm.c (krb5_get_krbhst): Strip off the trailing dot from - the hostname if present. - - * locate_kdc.c (krb5_locate_kdc): Use the profile code to get the - list of Kerberos servers (plus port numbers) for a - particular realm from [realms]/<realm>/kdc - -Fri Apr 21 11:38:45 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu> - - * def_realm.c (krb5_get_default_realm): Use the profile code to - get the default realm from [libdefaults]/default_realm. - - * get_krbhst.c (krb5_get_krbhst): Use the profile code to get the - list of Kerberos servers for a particular realm from - [realms]/<realm>/kdc - - * realm_dom.c (krb5_get_realm_domain): Use the profile code to - get the default domain postfix for a realm (used only to - convert V4 -> V5 principals) from - [realms]/<realm>/default_domain - - * hst_realm.c (krb5_get_host_realm): Use the profile code to get - the default realm given a particular host from - [domain_realm]/<host|domain> - - * init_os_ctx.c (krb5_os_init_context): When the OS context is - initialized, also initialize the profile file. This loads - in the /etc/krb5.conf file. - -Wed Apr 19 13:50:19 1995 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * def_realm.c: (krb5_get_default_realm) - remove global default realm. - Moved into the context. (krb5_set_default_realm) added. - -Fri Apr 14 22:15:00 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu> - - * an_to_ln.c (dbm_an_to_ln): Don't compile dbm_an_to_ln() if - USE_DBM_LNAME isn't defined. - -Fri Apr 14 15:15:48 1995 <tytso@rsx-11.mit.edu> - - * hst_realm.c (krb5_get_host_realm): Eliminate memory leak in the - unlikely case that gethostname fails. - - If the krb.realms file isn't available, use the default - realm of the host. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - * read_pwd.c: __STDC__ conditional also checks the _WINDOWS define. - -Fri Apr 7 15:32:04 1995 Keith Vetter (keithv@fusion.com) - - * ccdefname.c: - changed windows stored filename syntax--dropped the 'FILE:' part. - changed buffer from malloc to static since we don't want it - ever to fail, and nobody checks it for errors. - -Wed Apr 5 16:32:07 1995 Keith Vetter (keithv@fusion.com) - - * get_krbh.c: better error handling--old return values were - being overwritten. - * locate_kdc.c: added new error code KRB5_REALM_CANT_RESOLVE for - when we have realm names but can't find their addresses. - Also, fixed up indenting of an if clause. - * sendto_kdc.c: added winsock init/destroy calls because some - PC tcp/ip stacks seem to need it. - -Fri Mar 31 16:30:03 1995 Theodore Y. Ts'o (tytso@dcl) - - * realm_dom.c (krb5_get_realm_domain): Don't indent #ifdef's! - - * hst_realm.c (krb5_get_host_realm): Don't indent #ifdef's! - -Thu Mar 30 15:54:54 1995 Keith Vetter (keithv@fusion.com) - - * localaddr.c: in Windows/Mac code, fixed bug due to wrong level - of indirection on memcpy call. - -Tue Mar 28 19:22:28 1995 Keith Vetter (keithv@fusion.com) - - For Windows, added calls to get the default config, realms and - ccache files out of a windows ini file. - * ccdefname.c: does this for the credential cache. - * osconfig.c: does this for the config and realms files. - * get_krbh.c, realm_do.c, hst_real.c, def_real.c: added calls to - set the default values. - -Tue Mar 28 18:35:20 1995 John Gilmore (gnu at toad.com) - - * DNR.c: Add Apple MacTCP source file for domain name resolution. - * macsock.c: Add fake socket support routines for MacTCP. - * Makefile.in (OBJS, SRCS): Add DNR and macsock. - * ccdefname.c: On Mac, default cred cache is "STDIO:krb5cc" for now. - FIXME, this needs to find the Preferences folder and use that. - FIXME, shouldn't be conditioned on HAVE_MACSOCK_H. - * gmt_mktime.c: Use HAVE_SYS_TYPES_H. - * krbfileio.c: Remove <sys/types.h>. - * localaddr.c, sendto_kdc.c: Convert to more generic socket - support. Use closesocket instead of close, SOCKET_ERRNO rather - than errno, SOCKET rather than int, etc. - * localaddr.c: Use getmyipaddr() from macsock.c, if on Mac. - Add FIXME for multiple local addresses. - * lock_file.c: Provide a dummy version for MacOS. - * read_pwd.c (ECHO_PASSWORD): Add #ifdef's to avoid all the ioctls - and other stuff that turn off echoing. This is useful for debugging - on MacOS. FIXME: ECHO_PASSWORD needs to be added to configure.in. - * ustime.c: Bring in Mac-specific time-and-timezone code. It - probably isn't hooked up correctly, yet. - -Mon Mar 27 14:16:39 1995 John Gilmore (gnu at toad.com) - - * full_ipadr.c, gen_rname.c, port2ip.c, read_msg.c, write_msg.c: - Remove explicit includes of socket files. - * locate_kdc.c: Remove <sys/types.h> and "os-proto.h". - - * macsock.c (connect, send, recv): Add for K5 compatability. - (getmyipaddr): Add for use in K5. - - * macsock.c: Add Mac socket support file, verbatim from K4 release. - -Fri Mar 24 17:58:15 1995 Theodore Y. Ts'o (tytso@rt-11) - - * locate_kdc.c: Don't include sys/socket.h, netdb.h, netinet/in.h, - since these files are already included by k5-config.h - - * sendto_kdc.c: Don't include sys/socket.h, since it is already - included by k5-config.h - - * sn2princ.c: Don't include netdb.h, since it is already included - by k5-config.h - -Thu Mar 23 23:11:36 1995 Theodore Y. Ts'o <tytso@dcl> - - * realm_dom.c (krb5_get_realm_domain): Don't indent preprocessor - directives. (Not portable). - - * hst_realm.c (krb5_get_host_realm): Don't indent preprocessor - directives. Removed excess close paren introduced by - Keith. - -Wed Mar 22 18:59:47 1995 Keith Vetter (keithv@fusion.com) - - * hst_realm.c, realm_dom.c: windows DLL can't use fscanf so had - to write a couple of routines to read what we need from the file. - -Wed Mar 22 13:30:35 1995 Keith Vetter (keithv@fusion.com) - - * an_to_ln.c, kuserok.c: last two os routines ported to the PC. - -Fri Mar 17 19:56:39 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (LDFLAGS): Eliminate, duplicates config/pre.in. - * localaddr.c: Remove socket include files now handled in k5-int.h. - -Wed Mar 15 12:19:47 1995 Keith Vetter (keithv@fusion.com) - - * sendto_kdc.c: made to work on the PC. - -Tue Mar 7 22:15:00 1995 Keith Vetter <keithv@fusion.com> - - * sendto_kdc.c: stubbed on the PC for now. - -Tue Mar 7 19:54:17 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: take out ISODE_DEFS, ISODE_INCLUDE. - -Tue Mar 7 13:35:21 1995 Keith Vetter (keithv@fusion.com) - - * *.c: ported all the c files except an_to_ln, kuserok, and - sendto_kdc which have windows stubs. - * Makefile.in: reflects above changes. - -Wed Mar 1 17:30:00 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work on the PC - * ustime.c: added section for time on the PC - * localaddr.c: added section for the PC--returns local IP address - N.B. not sure how we're going to handle different machine dependent - code changes. For now it's just added to the end of the file. Later, - we have to decide on a solution for all. - -Tue Feb 28 01:07:37 1995 John Gilmore (gnu at toad.com) - - * *.c: Avoid <krb5/...> includes. - -Fri Feb 3 08:24:18 1995 Theodore Y. Ts'o (tytso@dcl) - - * gmt_mktime.c (gmt_mktime): Don't double count the leap day in a - leap year. - -Sun Jan 22 18:23:37 1995 John Gilmore (gnu@cygnus.com) - - * get_krbhst.c (krb5_get_krbhst): Declare realm argument const, - to match prototype. - -Wed Jan 18 11:08:59 1995 <tytso@rsx-11.mit.edu> - - * sendto_kdc.c (krb5_sendto_kdc): Fix use of connected sockets; - previously krb5_sendto_kdc only used one socket per - address family. This doesn't work; it now uses one - socket per address. (krb5-bugs #938) - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Actually move the file init_ctx.c to init_os_ctx.c in the CVS - repository and also rename the routine krb5_free_os_context() - to krb5_os_free_context(). - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Added krb5_context to all krb5_routines - - * Moved init_ctx.c to init_os_ctx.c because a library cannot - have more than on file with the same name. See krb/init_ctx.c - -Mon Dec 19 15:20:35 1994 Theodore Y. Ts'o (tytso@dcl) - - * init_ctx.c: New file. Initializes and frees the krb5_os_context - structure. - - * realm_dom.c (krb5_get_realm_domain): Fixed minor bug where the - length of the returned domain was calculated incorrectly. - -Mon Oct 31 17:04:08 1994 Theodore Y. Ts'o (tytso@dcl) - - * lock_file.c: Back out POSIX_FILE_LOCKS change. (Should be - depending on autoconf.h to supply this #define if - necessary.) - -Thu Oct 13 17:24:31 1994 Theodore Y. Ts'o (tytso@maytag) - - * configure.in: Add ISODE_DEFS - -Fri Oct 7 13:23:18 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Add test for unistd.h - - * lock_file.c: Use POSIX_FILE_LOCKS if _POSIX_VERSION is defined - in unistd.h - -Thu Sep 22 20:46:08 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Put in correct dependency order of configure.in - lines. - -Wed Jul 6 13:26:59 1994 Mark Eichin (eichin@cygnus.com) - - * gmt_mktime.c (gmt_mktime): New file, new function. Similar to - POSIX mktime, but always works in GMT. - configure.in, Makefile.in: build gmt_mktime. - -Wed Jun 22 15:49:30 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * locate_kdc.c (krb5_locate_kdc): Fixed default port numbers so - they are loaded in network byte order instead of host byte order. - - diff --git a/src/lib/krb5/posix/ChangeLog b/src/lib/krb5/posix/ChangeLog deleted file mode 100644 index a1186cc6a..000000000 --- a/src/lib/krb5/posix/ChangeLog +++ /dev/null @@ -1,268 +0,0 @@ -2006-04-02 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2004-06-22 Ken Raeburn <raeburn@mit.edu> - - * getuid.c: Don't test __MWERKS__. - * syslog.c: Don't test macintosh. - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (MACSRCS): Don't set. - -2004-02-24 Ken Raeburn <raeburn@mit.edu> - - * daemon.c: Moved to util/apputils. - -2003-08-21 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (STLIBOBJS, OBJS): Empty. - -2003-08-13 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (OBJS, STLIBOBJS): Drop setenv.o. - * setenv.c: Deleted. - * pos-obsolete.h: Deleted. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME, LIBOJS) [##WIN16##]: Don't define. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2003-01-05 Sam Hartman <hartmans@mit.edu> - - * syslog.c (vsyslog): Remove declaration of errno - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-06-12 Ken Raeburn <raeburn@mit.edu> - - * syslog.c: Include syslog.h instead of sys/syslog.h. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * syslog.c: Drop _MSDOS support. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * sscanf.c: Don't use KRB5_DLLIMP. - -2001-07-08 Ezra Peisach <epeisach@mit.edu> - - * setenv.c: Include pos-obsolete.h - - * pos-obsolete.h: Add for obsolete functions until they can be - removed from the library. Contains setenv functions. - -2000-06-30 Ezra Peisach <epeisach@mit.edu> - - * setenv.c: Do not provide prototype for static function unless - defined. - -2000-04-28 Ken Raeburn <raeburn@mit.edu> - Nalin Dahyabhai <nalin@redhat.com> - - * syslog.c (vsyslog): Use strncpy and strncat instead of strcpy - and strcat when adding to buffer "tbuf". If calling vsprintf, - abort if it appears to have overrun the buffer. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:26:38 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Changed thisconfigdir to point at the lib/krb5 - directory, since we've moved the configure.in tests in - this directory to the toplevel lib/krb5 configure.in - -Fri Feb 27 11:55:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * daemon.c: Change use of HAS_PATHS_H to be HAVE_PATHS_H. - Change use of HAS_SETSID to be HAVE_SETSID. - -Wed Feb 18 16:25:07 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:02:00 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Thu Sep 18 17:56:29 1997 Tom Yu <tlyu@mit.edu> - - * strcasecmp.c: Replace USE_STRING_H with something more sane. - - * memmove.c: Replace USE_STRING_H with something more sane. - -Sat Feb 22 22:42:10 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Tue Feb 4 15:54:11 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Only build sscanf for Win16 - * sscanf.c: Export sscanf in Windows DLL - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - -Thu Jan 2 17:20:30 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Mon Jun 10 21:51:35 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * syslog.c: Change _WINDOWS to _MSDOS, and add check for _WIN32. - -Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Folded in danw's changes to allow - building Makefiles for the Macintosh. We now can build - MPW makefiles which are interpreted by CodeWarrior. - -Wed Jan 3 22:25:52 1996 Theodore Y. Ts'o <tytso@dcl> - - * configure.in: Check for presense of setenv(), unsetenv(), and - getenv() from the C library. - - * Makefile.in: New file: setenv.c --- provides routines for - setting the environment. - -Tue Dec 19 17:29:21 1995 Theodore Y. Ts'o <tytso@dcl> - - * configure.in: Don't drag in syslog.c if vsyslog() is not - defined. Only drag it in if syslog() isn't available. - -Fri Oct 6 22:05:16 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Sep 25 16:58:28 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 13 11:02:21 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: PC needs sscanf.c. - * sscanf.c: cleanup to compile cleanly on the PC, mostly fixing - signed/unsigned mismatches. - -Mon Sep 11 20:20:39 1995 Theodore Y. Ts'o <tytso@dcl> - - * sscanf.c (sscanf): Initial version of a sscanf() replacement, - for those platforms (like Macroloss) that don't have - sscanf(). - -Wed Sep 6 12:00:00 1995 James Mattly <mattly@fusion.com> - - * getuid.c: turn off getuid for metrowerks which has one (which - is also a farce), but leave it on for MPW. - -Wed July 5 15:52:31 1995 James Mattly <mattly@fusion.com> - * vfprintf.c included <stdio.h> - -Fri Jun 9 19:34:34 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Fri May 26 20:21:09 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for building shared libraries. - -Tue May 23 16:30:03 1995 Theodore Y. Ts'o (tytso@dcl) - - * daemon.c: Rearrange #include files so that krb5.h gets included - first, so that the debugging information can be more - efficiently collapsed since the type numbers will be the - same. - -Fri Apr 28 08:37:58 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu> - - * daemon.c (daemon): Lint cleanup; explicitly declare that - daemon() returns an int. - -Thu Apr 13 16:44:55 1995 Keith Vetter (keithv@fusion.com) - - * syslog.c: __STDC__ conditional also checks the _WINDOWS define. - -Tue Mar 28 18:46:55 1995 John Gilmore (gnu at toad.com) - - * configure.in (AC_REPLACE_FUNCS): Add getuid to the list. - * getuid.c: Simple getuid() to fake out single-user systems. - * strcasecmp.c: Remove duplicated <sys/types.h> and u_char. - -Fri Mar 17 20:24:51 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (LDFLAGS): Zap duplicate. - (all-mac): Add. - -Tue Mar 7 19:57:50 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: take out ISODE_INCLUDE. - -Tue Mar 7 12:30:45 1995 Keith Vetter (keithv@fusion.com) - - * syslog.c: a disabled stub provided for satisfying the linker - on the pc. - * Makefile.in: made to work on the pc but only for syslog.c - -Tue Feb 28 01:05:42 1995 John Gilmore (gnu at toad.com) - - * daemon.c, memmove.c, strcasecmp.c, strdup.c: Avoid <krb5/...> - includes. - * memmove.c: Use HAS_SYS_TYPES_H. - -Thu Dec 22 16:33:02 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: - * strcasecmp.c: Add strcasecmp replacement if necessary. - - * daemon.c: - * memmove.c: Add #include for <sys/types.h> - -Wed Dec 7 00:01:59 1994 <tytso@rsx-11.mit.edu> - - * configure.in: Add check for HAS_SETSID test for daemon.c - -Sat Jul 16 01:24:01 1994 Tom Yu (tlyu at dragons-lair) - - * daemon.c: <fcntl.h>, not <sys/fcntl.h> - -Tue Jun 21 00:52:24 1994 Mark W. Eichin (eichin at mit.edu) - - * configure.in: add AC_CONST for v*printf. - -Mon Jun 20 19:37:38 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * memmove.c: #include <krb5/config.h> so that build works using imake. - diff --git a/src/lib/krb5/rcache/ChangeLog b/src/lib/krb5/rcache/ChangeLog deleted file mode 100644 index 455884cf0..000000000 --- a/src/lib/krb5/rcache/ChangeLog +++ /dev/null @@ -1,509 +0,0 @@ -2006-04-02 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2005-11-14 Jeffrey Altman <jaltman@mit.edu> - - * rc_io.c: include k5-int.h instead of krb5.h - -2005-04-13 Ken Raeburn <raeburn@mit.edu> - - * rc_io.c (NEED_SOCKETS, NEED_LOWLEVEL_IO): Don't define. - -2005-01-15 Jeffrey Altman <jaltman@mit.edu> - - * rc_dfl.c: Move the extraction of the struct dfl_data - from the krb5_rcache after obtaining the lock, not before. - -2004-08-03 Ken Raeburn <raeburn@mit.edu> - - * rc-int.h (struct _krb5_rc_ops): Add new member, - recover_or_init. - * rc_dfl.c (krb5_rc_dfl_init_locked): New function, with most of - the content of old krb5_rc_dfl_init. - (krb5_rc_dfl_init): Call it. - (krb5_rc_dfl_recover_or_init): New function. - * rc_dfl.h (krb5_rc_dfl_recover_or_init): Declare. - * rcdef.c (krb5_rc_dfl_ops): Initialize new field. - * rc_none.c (krb5_rc_none_recover_or_init): New macro. - (krb5_rc_none_ops): Initialize new field. - * rcfns.c (krb5_rc_recover_or_initialize): New function. - -2004-07-30 Ken Raeburn <raeburn@mit.edu> - - * rc_none.c: New file. - * Makefile.in (SRCS, STLIBOBJS, OBJS): Build it. - * rc-int.h (krb5_rc_none_ops): Declare. - * rc_base.c (none): New variable. - (krb5_rc_typelist_dfl): Add it into the linked list. - -2004-07-16 Ken Raeburn <raeburn@mit.edu> - - * rc_io.c: Don't check for macsock.h. - -2004-06-22 Ken Raeburn <raeburn@mit.edu> - - * rc_io.c (krb5_rc_io_move, krb5_rc_io_sync): Don't test - macintosh. - -2004-06-15 Ken Raeburn <raeburn@mit.edu> - - * rc_io.c (dir, dirlen): Top-level variables deleted. - (getdir): Now returns the pointer, doesn't set top-level - variables. - (GETDIR): Set local variables dir and dirlen using the function's - return value. - (krb5_rc_io_creat, krb5_rc_io_open_internal): Add the new local - variables. - -2004-06-02 Ken Raeburn <raeburn@mit.edu> - - * rc-int.h (struct krb5_rc_st, struct _krb5_rc_ops, krb5_rc_ops): - Move type definitions here from k5-int.h. - (krb5_rc_register_type, krb5_rc_dfl_ops): Move declarations here - from k5-int.h. - * rc_dfl.c, rcdef.c, rcfns.c: Include rc-int.h. - -2004-05-27 Ezra Peisach <epeisach@mit.edu> - - * rc_base.c: Include rc-int.h - - * rc-int.h: Create file with prototypes for krb5int_rc_finish_init and - krb5int_rc_terminate. - -2004-05-24 Ezra Peisach <epeisach@mit.edu> - - * rc_io.c (krb5_rc_io_open_internal): If file could not be open, - do not invoke close negative argument. - -2004-05-03 Kenneth Raeburn <raeburn@mit.edu> - - * rc_dfl.c (krb5_rc_dfl_expunge_locked): Declare before use. - -2004-04-30 Ken Raeburn <raeburn@mit.edu> - - * rc_base.c (krb5_rc_resolve_type): Initialize the mutex in the - replay cache structure. - (krb5_rc_default, krb5_rc_resolve_full): Destroy it if creation of - the replay cache fails. - * rc_dfl.c (krb5_rc_dfl_get_span, krb5_rc_dfl_init): Lock the - mutex while operating on the replay cache object. - (krb5_rc_dfl_expunge_locked): Renamed from krb5_rc_dfl_expunge and - made static. Call krb5_rc_dfl_recover_locked. - (krb5_rc_dfl_expunge): New wrapper function, locks the mutex. - (krb5_rc_dfl_recover_locked): Renamed from krb5_rc_dfl_recover and - made static. Call krb5_rc_dfl_expunge_locked. - (krb5_rc_dfl_recover): New wrapper function, locks the mutex. - (krb5_rc_dfl_store): Lock the mutex. Call _expunge_locked. - -2004-04-24 Ken Raeburn <raeburn@mit.edu> - - * rc_base.c (rc_typelist_lock): Use new partial initializer. - (krb5int_rc_finish_init): New function, finish the mutex - initialization. - (krb5int_rc_terminate): New function, destroy the mutex and free - storage associated with registered types. - -2004-03-05 Ken Raeburn <raeburn@mit.edu> - - * rc_base.c: Include k5-thread.h. - (rc_typelist_lock): New mutex var. - (krb5_rc_register_type, krb5_rc_resolve_type): Lock it while - working with the type list. - -2004-03-03 Ken Raeburn <raeburn@mit.edu> - - * rc_base.c: Delete unused and untested semaphore support. - -2003-08-26 Ken Raeburn <raeburn@mit.edu> - - * rc_dfl.c (alive): Take a timestamp argument instead of the - context, and don't check the current time here. All callers - changed to pass in the current time. - (rc_store): Take a timestamp argument. All callers changed to - pass in the current time. - -2003-07-17 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBNAME) [##WIN16##]: Don't define. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Add AC_SUBST_FILE marker for libobj_frag. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * rc_base.c (struct krb5_rc_typelist): Field "ops" now points to - const. - (krb5_rc_register_type): Likewise for "ops" argument. - * rcdef.c (krb5_rc_dfl_ops): Now const. - * rc_dfl.h (krb5_rc_dfl_ops): Declaration deleted. - -2002-09-05 Ken Raeburn <raeburn@mit.edu> - - * rc_io.c (krb5_rc_io_move): Missed a variable name change. - -2002-09-03 Ken Raeburn <raeburn@mit.edu> - - * rc_base.c, rc_conv.c, rc_io.c, ser_rc.c: Use prototype style - function definitions. - - * rc_io.c (errno): Don't declare. - (krb5_rc_io_move): Avoid variable name "new". - * rc_dfl.c (cmp, alive): Avoid variable name "new". - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-06-14 Miro Jurisic <meeroh@mit.edu> - - * rc_io.c, rc_dfl.c: use "" includes for krb5.h and k5-int.h - [pullup from 1-2-2-branch] - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * rc_dfl.h, rc_io.h, ser_rc.c: Make prototypes unconditional. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * rc_io.c: Drop _MSDOS support. - - * rcfns.c: Don't explicitly declare pointers FAR any more. - -2001-10-03 Ken Raeburn <raeburn@mit.edu> - - * ser_rc.c: Don't use KRB5_DLLIMP. - -2001-07-24 Ezra Peisach <epeisach@mit.edu> - - * rc_dfl.c (krb5_rc_io_fetch): Once length element read from - cache, and verified to be positive, put into unsigned int variable - for passing to other functions that expect such. - -2001-07-04 Ezra Peisach <epeisach@mit.edu> - - * rc_io.c: Declare krb5_rc_io_open_internal static. - -2001-06-21 Danilo Almeida <dalmeida@mit.edu> - - * rc_io.c (krb5_rc_io_creat): Make cleanup code easier to read. - (krb5_rc_io_open_internal): Include code previously in - krb5_rc_open(). Add a new full pathname parameter so that a file - can be opened by its full pathname. Make cleanup code easier to - read. - (krb5_rc_io_open): Call krb5_rc_io_open_internal(). - (krb5_rc_io_move): Fix Windows implementation so that it works - where it is used (only called by krb5_rc_dfl_expunge()). - (krb5_rc_io_sync): Fix function header to comply with coding - standard. Add implementation for Windows. - (krb5_rc_io_close): Close file descriptor only if it is not -1. - Set file descriptor to -1 if it is successfully closed. - - * rc_dfl.c (krb5_rc_dfl_close_no_free): Leave file descriptor - check for krb5_rc_io_close(). - (krb5_rc_dfl_expunge): Do better resource cleanup on error. - -2001-06-20 Danilo Almeida <dalmeida@mit.edu> - - * rc_dfl.c, rc_io.c: More compliance with coding standards: use - ANSI function declarations, use curly braces to fix up #ifdef - reindenting under Emacs, reindent code, strip trailing whitespace, - wrap lines, fix commans. Not finished: fix indenting of curly - braces in control structures. - -2001-01-23 Tom Yu <tlyu@mit.edu> - - * rc_io.c (getdir): Subtract one from dirlen, since sizeof - includes the terminating NUL character. Avoid redundant path - separators. - (krb5_rc_io_move): When renaming OLD to NEW, don't copy the - filename. This was causing temporary files to get leaked. - (krb5_rc_io_close): Don't FREE if d->fn is NULL. - -2001-01-16 Ken Raeburn <raeburn@mit.edu> - - * rcfns.c: New file, with function versions of former dispatch - macros from krb5.h. - * Makefile.in (STLIBOBJS, OBJS, SRCS): Add it. - -2000-09-21 Ezra Peisach <epeisach@mit.edu> - - * rc_io.h (struct krb5_rc_iostuff): Internal structure - change - position in file from long to off_t (as argument for lseek). - - * rc_io.c (krb5_rc_io_read, krb5_rc_io_write): Unsigned vs signed - warnings cleanup. - - * rc_dfl.c (alive): Do not shadow time() with variable named for same. - - * rc_base.c (krb5_rc_resolve_full): Cleanup unsigned vs. signed - warnings. - - -2000-06-29 Ezra Peisach <epeisach@engrailed.mit.edu> - - * rc_io.c (krb5_rc_io_creat): Cast getpid() to int. - (Use of a long might overflow buffer if pid_t is 64 bits */ - -2000-04-28 Nalin Dahyabhai <nalin@redhat.com> - - * rc_io.c (getdir): Don't check dirlen again, the call sites - always do. Fix dirlen calculation. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-09-21 Ken Raeburn <raeburn@mit.edu> - - * rc_dfl.c (krb5_rc_io_fetch): Set client and server fields to - NULL after freeing them in the error case. - -Mon May 10 15:26:53 1999 Danilo Almeida <dalmeida@mit.edu> - - * Makefile.in: Do win32 build in subdir. - -Tue Apr 6 16:10:44 1999 Theodore Y. Ts'o <tytso@mit.edu> - - * rc_io.c (krb5_rc_io_move): Workaround the fact that Windows has - really poor emulation of POSIX functions such as rename. - (In fact, it has completely different semantics for this - call!) Fix supplied by Tom Sanfilippo (txn# 2184 in krb5dev) - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Fri Feb 27 18:03:33 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Changed thisconfigdir to point at the lib/krb5 - directory, since we've moved the configure.in tests in - this directory to the toplevel lib/krb5 configure.in - -Wed Feb 18 16:25:34 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:01:50 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Thu Sep 25 21:28:41 1997 Tom Yu <tlyu@mit.edu> - - * rc_io.c: Replace KRB5_USE_INET with something more sane. - -Tue Mar 25 01:15:39 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * rc_io.c (krb5_rc_io_open): rcache owner should be checked against - the effective uid, not the real uid. [krb5-libs/366] - -Sat Feb 22 22:44:15 1997 Richard Basch <basch@lehman.com> - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Thu Nov 21 11:55:16 EST 1996 Richard Basch <basch@lehman.com> - - * Makefile.in: win32 build - - * rc_dfl.c, rc_dfl.h: Win32/DLL calling conventions for rcache - functions. (Most rcache routines are still not exported - pending an API review). - -Thu Jan 2 17:21:44 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Mon Nov 18 15:25:51 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * rc_dfl.c: Apply jik's fix to allow the expunging of the replay - cache to happen correctly. [174,132] - -Mon Jun 10 21:52:38 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * rc_io.c: Change _WINDOWS to _MSDOS, and add check for _WIN32. - -Sat Feb 24 18:53:33 1996 Theodore Y. Ts'o <tytso@dcl> - - * rc_io.c (krb5_rc_io_creat, krb5_rc_io_open): Use Windows path - separator, if appropriate. Under Windows also use the - environment variables TEMP and TMP for the replay cache. - -Fri Dec 1 17:07:24 1995 Theodore Y. Ts'o <tytso@dcl> - - * rc_io.c (krb5_rc_io_creat): In case of permission problems, - don't unlink the old replay cache; make it a hard - (repeatable) error. This also reduces the chance we - accidentally delete valuable data. - -Mon Nov 27 14:52:23 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * rc_dfl.c (krb5_rc_dfl_init): default lifespan to - context->clockskew in case some app can't get at the - internals of the context struct. - -Fri Oct 6 22:05:31 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Sep 25 16:58:40 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 6 12:00:00 1995 James Mattly <mattly@fusion.com> - * rc_io.c: turn off a call to fsync which MACINTOSH doesn't support - - -Thu Aug 31 14:13:21 EDT 1995 Paul Park (pjpark@mit.edu) - * rc_base.c - Set magic number in rcache structure after successfully - resolving the replay cache. - - -Tue Aug 29 14:19:54 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in, .Sanitize, ser_rc.c - Add routines to serialize rcache. - -Fri Aug 4 22:07:46 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * rc_conv.c (krb5_auth_to_rep): Add parens to shut up gcc -Wall - - * rc_io.c: Add parens to shut up gcc -Wall - - * rc_dfl.c: Add parens to shut up gcc -Wall - - * rc_base.c: Add parens to shut up gcc -Wall - -Thu Jul 20 22:34:47 1995 Mark Eichin <eichin@cygnus.com> - - * rc_dfl.c (rc_store): rename from store() to avoid conflict with - dbm function of same name (and different prototype.) - -Wed July 5 15:52:31 1995 James Mattly <mattly@fusion.com> - * rc_io.c added HAVE_MACSOCK_H, change open to THREEPARAMOPEN - -Fri Jun 9 19:34:38 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Fri May 26 20:21:19 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for building shared libraries. - -Tue May 23 16:30:29 1995 Theodore Y. Ts'o (tytso@dcl) - - * rc_io.c: Rearrange #include files so that krb5.h gets included - first, so that the debugging information can be more - efficiently collapsed since the type numbers will be the - same. - -Mon May 1 23:10:26 1995 Theodore Y. Ts'o (tytso@dcl) - - * rc_dfl.c (krb5_rc_dfl_recover): Fix memory leaks in this - function. The krb5_donot_replay structure was not being - freed properly. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - -Fri Mar 31 16:44:34 1995 Theodore Y. Ts'o (tytso@dcl) - - * rc_dfl.c (krb5_rc_dfl_expunage): Close the old, temporary reply - cache after we're done expunging it. - - * rc_io.c (krb5_rc_io_move): Make duplicate copies of the filename - and the file descriptor (via malloc/strcpy and dup), so - that the old rc_io object can be cleanly closed without - affecting the new rc_io object. - -Fri Mar 17 20:27:41 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (LDFLAGS): Eliminate duplicate of config/pre.in. - -Tue Mar 7 21:40:18 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed library name for the PC. - -Tue Mar 7 19:54:32 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: take out ISODE_DEFS, ISODE_INCLUDE. - -Tue Mar 7 12:33:29 1995 Keith Vetter (keithv@fusion.com) - - * rc_io.c: moved the enabling defines for low-level io, e.g. read, - write, lseek, etc., out of here and into k5-config.h. - -Thu Mar 2 11:55:00 1995 Keith Vetter (keithv@fusion.com) - - * rc_io.c: changed NEED_WINSOCK_H to NEED_SOCKETS - -Wed Mar 1 12:03:30 1995 Keith Vetter (keithv@fusion.com) - - * *.c, *.h Added windows INTERFACE keyword - * Makefile.in: made to work on the PC. - * rc_dfl.c: Some int/long changes for the PC - * rc_io.c: hack to get Microsoft C in std-c mode to allow - low-level i/o routines. Probably not a permanent solution - but keep until we decide on a better method. - * rc_io.h: added 2 missing prototypes - * rc_dfl.h: added 2 missing prototypes - -Tue Feb 28 01:03:34 1995 John Gilmore (gnu at toad.com) - - * *.c: Avoid <krb5/...> includes. - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Added krb5_context to all krb5_routines - -Thu Dec 22 15:44:50 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Add test for uid_t. - -Fri Oct 14 23:12:00 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Add ISODE_DEFS rule. - -Mon Oct 3 19:32:59 1994 Theodore Y. Ts'o (tytso@dcl) - - * rc_def.c (krb5_rc_dfl_recover): krb5_rc_io_size was being called - (still) with the wrong type argument. Should have been &t->d. - -Fri Sep 30 21:59:08 1994 Theodore Y. Ts'o (tytso@dcl) - - * rc_def.c (krb5_rc_dfl_ops): Add placeholder for magic number - -Thu Sep 29 22:11:20 1994 Theodore Y. Ts'o (tytso@dcl) - - * rc_dfl.c (krb5_rc_dfl_recover): krb5_rc_io_size was being called - with the wrong type argument. I have no idea how it was - - -Thu Sep 8 23:34:53 1994 Theodore Y. Ts'o (tytso@pinata) - - * rc_io.c: The variables dirlen and dir were declared global, and - didn't need to be; changed to be static. - -Sat Aug 20 00:09:37 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * rc_dfl.c (krb5_rc_dfl_expunge): name (t->name) was getting freed - and we tried to use it. Clear t->name to stop it from being - freed, and then free it later. - -Mon Jun 20 19:37:13 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * rc_base.h: #include <krb5/osconf.h> so that build works using imake. - diff --git a/src/lib/rpc/ChangeLog b/src/lib/rpc/ChangeLog deleted file mode 100644 index a035ac825..000000000 --- a/src/lib/rpc/ChangeLog +++ /dev/null @@ -1,1363 +0,0 @@ -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-31 Ken Raeburn <raeburn@mit.edu> - - * clnt_perror.c, svc.c, svc_udp.c, clnt_simple.c, svc_tcp.c, - auth_unix.c, clnt_generic.c, getrpcport.c: Include autoconf.h. - - * auth_unix.c (GETGROUPS_T): Don't define. - -2006-03-30 Ken Raeburn <raeburn@mit.edu> - - * dyn.c (DynDelete, DynInsert, DynPut): Delete bcopy branches. - (HAVE_MEMMOVE): Don't define. - -2006-03-28 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Always supply three arguments to - AC_DEFINE_UNQUOTED. - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use K5_AC_INIT instead of AC_INIT. - -2005-07-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (check-unix): Don't run dyntest automatically. - -2005-01-14 Tom Yu <tlyu@mit.edu> - - * xdr.c (xdr_bytes): Revert previous; the problem was actually in - xdr_rpc_gss_buf. - - * authgss_prot.c (xdr_rpc_gss_wrap_data): Use xdr_alloc to avoid - size limit issues. Use (unsigned int)-1 instead of MAX_NETOBJ_SZ. - (xdr_rpc_gss_unwrap_data): Use (unsigned int)-1 instead of - MAX_NETOBJ_SZ. - (xdr_rpc_gss_buf): Set tmplen even if doing XDR_FREE. - - * xdr.c (xdr_bytes): Don't assign from *sizep if XDR_FREE, since - it'll be uninitialized then. Shuts up Purify. - -2004-11-18 Tom Yu <tlyu@mit.edu> - - * Makefile.in (install-unix): Install into KRB5_INCDIR/gssrpc, - rather than just KRB5_INCDIR. - -2004-10-25 Tom Yu <tlyu@mit.edu> - - * auth_gss.c (authgss_get_private_data): New function. - (authgss_refresh): Remove explicit OID checks. - (authgss_create): Copy initiator name. - (authgss_destroy): Release copied initiator name. - (print_rpc_gss_sec): Explicitly code OID stringification. - - * auth_gss.h: Add cred and req_flags to struct rpc_gss_sec. New - structure authgss_private_data so kernel implementations can - retrieve context state. - - * auth_gss.h, libgssrpc.exports, rename.h: Add - authgss_get_private_data. - -2004-10-18 Tom Yu <tlyu@mit.edu> - - * Makefile.in (install-unix): Install headers. - -2004-09-23 Ken Raeburn <raeburn@mit.edu> - - * xdr_rec.c (LAST_FRAG): Use 1L in case int is small. - -2004-09-22 Tom Yu <tlyu@mit.edu> - - * libgssrpc.exports: Export svc_maxfd. - -2004-09-21 Tom Yu <tlyu@mit.edu> - - * configure.in: Check for sockaddr_in.sin_len and - sockaddr.sa_len. Check for sys/param.h in case we need NBBY - somewhere. - - * auth.h, svc_auth.h: Namespace cleanup. - - * svc.h, rpc_commondata.c: New global svc_maxfd. - - * svc.c (svc_getreqset): Break inner part of loop out into - local function svc_do_xprt(). Don't use rpc_dtablesize(); - instead, use svc_maxfd. - - * svc_run.c: Don't use rpc_dtablesize(). - - * clnt_generic.c, clnt_simple.c, getrpcport.c: - * svc_tcp.c, svc_udp.c: Set sockaddr_in.sin_len when available. - -2004-09-17 Tom Yu <tlyu@mit.edu> - - * libgssrpc.exports: Don't export internals. - - * svc.c (svc_getreqset): - * svc_tcp.c (readtcp): Don't intersperse preprocessor - conditionals with braces. - - * auth_gssapi.c, auth_gssapi_misc.c, auth_none.c: - * auth_unix.c, authunix_prot.c, bindresvport.c: - * clnt_generic.c, clnt_perror.c, clnt_raw.c - * clnt_simple.c, clnt_tcp.c, clnt_udp.c, get_myaddress.c: - * getrpcent.c, getrpcport.c, pmap_clnt.c: - * pmap_getmaps.c, pmap_getport.c, pmap_prot.c, pmap_prot2.c: - * pmap_rmt.c, rpc_callmsg.c, rpc_prot.c: - * svc.c, svc_auth.c, svc_auth_gss.c: - * svc_auth_gssapi.c, svc_auth_unix.c, svc_raw.c: - * svc_run.c, svc_simple.c, svc_tcp.c: - * svc_udp.c, xdr.c, xdr_alloc.c, xdr_array.c: - * xdr_float.c, xdr_mem.c, xdr_rec.c, xdr_reference.c: - * xdr_stdio.c: Protoize, to avoid potential problems when - fixed-width types are not ints on some platforms. - -2004-08-26 Tom Yu <tlyu@mit.edu> - - * configure.in: Look for uint32_t, not int32_t, since some BSD-ish - sys/types.h headers have int32_t and u_int32_t, but only have - uint32_t in stdint.h. - - * types.hin: Change int32_t checks to uint32_t checks. - -2004-08-17 Tom Yu <tlyu@mit.edu> - - * svc.c (svc_getreqset): Allocate cred and verf memory to - temporary pointers, and free the temporary pointers on exit. - Freeing the actual cred and verf pointers can cause corruption - because auth mechanisms can reassign the pointers. - -2004-08-16 Tom Yu <tlyu@mit.edu> - - * svc_auth_gss.c (gssrpc__svcauth_gss): Add some debug messages. - - * svc.c (svc_getreqset): Don't allocate either raw or cooked - credentials on the stack using the cred_area char array; use - mem_alloc() instead. This avoids alignment problems. - -2004-06-28 Tom Yu <tlyu@mit.edu> - - * auth_gss.c (g_OID_equal): Fix signedness. - (rpc_gss_data): Fix width of WIN. - (authgss_validate): Fix width of NUM and QOP_STATE. - (authgss_refresh): Fix width of SEQ and QOP_STATE. - - * auth_gssapi.c (auth_gssapi_create): Save clnt->cl_auth early - enough to avoid unref use. - - * authgss_prot.c (xdr_rpc_gss_buf): Cast (void **) to (char **) - in call to xdr_bytes. - (xdr_rpc_gss_wrap_data): Fix signedness. - (xdr_rpc_gss_unwrap_data): Fix signedness. Fix width of SEQ_NUM. - - * clnt_udp.c (clntudp_bufcreate, clntudp_call, clntudp_call): - Fix up some argument casting for socket calls. - - * pmap_prot.c (xdr_pmap): Use appropriate xdr macros for the - typedefs instead of xdr_u_int32. - - * rpc_prot.c (xdr_accepted_reply, xdr_rejected_reply) - (xdr_callhdr): Use appropriate xdr macros for the typedefs instead - of xdr_u_int32. - - * svc_auth_unix.c (gssrpc__svcauth_unix): Fix signedness on call - to XDR_INLINE. - - * xdr.c (xdr_int, xdr_long, xdr_short): Improve value checks. - - * xdr.h: Make the IXDR macros more paranoid about signedness. Add - macros for xdr_rpcprog, xdr_rpcvers, xdr_rpcprot, xdr_rpcproc, - xdr_rpcport. - - * xdr_mem.c (xdrmem_getlong): Cast return value of ntohl to - int32_t prior to casting it to long. - - * xdr_rec.c (xdrrec_getlong): Cast return value of ntohl to - int32_t prior to casting it to long. - (xdrrec_putlong): Make arithmetic more paranoid. - (xdrrec_inline): Signedness fixes. Arithmetic paranoia. - (set_input_fragment): Don't cast return value of ntohl which is - being assigned to uint32_t. - -2004-06-25 Tom Yu <tlyu@mit.edu> - - * types.hin: Delete rpc_int32, rpc_u_int32 aliases. - -2004-06-24 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Fix typo in setting - krb5_cv_header_sys_param_h_maxhostnamelen. - -2004-06-18 Tom Yu <tlyu@mit.edu> - - * auth_gss.h: Add prototype for xdr_rpc_gss_buf. - - * authgss_prot.c (xdr_rpc_gss_buf): New function. - (xdr_rpc_gss_cred, xdr_rpc_gss_init_args, xdr_rpc_gss_init_res): - (xdr_rpc_gss_wrap_data, xdr_rpc_gss_unwrap_data): Use - xdr_rpc_gss_buf, to avoid passing a (size_t *) to a xdr_bytes(), - which expects (u_int *). - (xdr_rpc_gss_wrap_data): Use tmplen to avoid passing (size_t *) to - xdr_u_int. - - * libgssrpc.exports: - * rename.h: Add xdr_rpc_gss_buf. - - * xdr.c (xdr_enum): Fix (kind of) for 64-bit. Still inherently - bogus, due to casting of (enum foo *) to (enum_t *) by callers. - -2004-06-17 Tom Yu <tlyu@mit.edu> - - * libgssrpc.exports: Update. - -2004-06-16 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (clean-mac): Target deleted. - -2004-06-16 Tom Yu <tlyu@mit.edu> - - * auth_gss.h: Conditionalize log_debug, log_status, log_hexdump - prototypes on GSSRPC__IMPL. - - * rename.h: More namespace fixes. - -2004-06-15 Tom Yu <tlyu@mit.edu> - - * auth_gss.c (print_rpc_gss_sec): Use gss_oid_to_str(). - (rpc_gss_data): Add field "established" to indicate whether - context establishment is in progress; this prevents recursive - failures when auth_refresh() calls clnt_call(). If clnt_call() - called from auth_refresh() gets an error condition, the - clnt_call() logic will attempt a refresh, which can cause the - cl_auth to get destroyed multiple times, corrupting memory. - (authgss_validate, authgss_refresh): Use gd->established. - (authgss_refresh): Release gd->gc_wire_verf. - (authgss_destroy_context): Log clnt_call() failures. - - * auth_gssapi.h: Add prototypes for svcauth_gss_set_log_*_func. - - * authgss_prot.c (log_status): Correctly reset msg_ctx between - different types of calls to gss_display_status(). - - * svc.c: Don't reset xp_auth prior to authenticating message. - - * svc.h (svc_req): Remove rq_svcname; application can get it from - rq_svccred anyway. - - * svc_auth_gss.c: Include auth_gssapi.h to get typedefs for - logging callback functions. Enable logging callbacks. Replace - SVCAUTH_PRIVATE_LVALUE() kludge. Fix up namespace somewhat to not - use reserved names. - (svcauth_gss_accept_sec_context): Free rpc_gss_init_args to avoid - leak. Release gr->gr_token on error conditions. - (svcauth_gss_nextverf, svcauth_gss_accept_sec_context): - (gssrpc__svcauth_gss): Use gd->checksum. - (gssrpc__svcauth_gss): Use macro ret_freegc() to ensure freeing of - gc. On destroy, set *no_dispatch=TRUE and explicitly send reply - to avoid application sending a NULLPROC reply with an invalid - verifier. - - * svc_auth_gssapi.c (gssrpc__svcauth_gssapi): Set xp_auth to NULL - upon destroy. - (svc_auth_gssapi_destroy): New function so SVCAUTH_DESTROY() will - work. - - * svc_tcp.c (svctcp_create, makefd_xprt): Initialize xp_auth to - NULL. - (svctcp_destroy): Call SVCAUTH_DESTROY() if appropriate. - - * svc_udp.c (svcudp_bufcreate, svcudp_destroy): Initialize xp_auth - to NULL. - (svcudp_destroy): Only close xp_sock if it's not -1. Call - SVCAUTH_DESTROY() if appropriate. - - * xdr_rec.c (xdrrec_getpos): Add CITI's fix to return position for - non-flushed buffers. - -2004-06-04 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (LIBBASE): Renamed from LIB. - -2004-05-30 Ken Raeburn <raeburn@mit.edu> - - * clnt_tcp.c: Include string.h. - -2004-05-27 Tom Yu <tlyu@mit.edu> - - * auth_any.c, svc_auth_any.c: Removed. - - * auth_gss.h: New file, was CITI's auth_ssapi.h. - - * auth_gss.c, authgss_prot.c, svc_auth_gssapi.c, svc_auth_none.c: - New files. - - * rename.h: New file containing renaming macros for external - names. - - * Makefile.in (DEFINES): Add -DGSSRPC__IMPL for accessing - internals. - (LIBMAJOR): Bump due to ABI changes; this ABI is still subject to - change without future version bumps until released. - (SRCS, OBJS, STLIBOBJS, HDRS, SRC_HDRS): Adjust for new files - - * types.hin: Check for 8-bit bytes, two's-complement integers. - Use configure-determined inclusions of various headers instead of - depending on HAVE_*. Rearrange logic of sys/select.h, - netinet/in.h, etc. inclusions. Include rename.h. Add typedefs - for rpcprog_t, rpcvers_t, rpcprot_t, rpcproc_t, rpcport_t, - rpc_inline_t. - (GSSRPC__BEGIN_DECLS, GSSRPC__END_DECLS): New macros for C++ - compatibility. - [GSSRPC__FAKE_INT32]: Fake up a fixed-width 32-bit integer if the - system doesn't provide one in its headers. - [GSSRPC__BSD_TYPEALIASES]: Add typedefs for BSD-style type - aliases, e.g., u_char. Can be overridden at compile-time. - - * auth.h, auth_gssapi.h, auth_unix.h, clnt.h, pmax_clnt.h: - * pmap_prot.h, pmap_rmt.h, rpc.h, rpc_msg.h, svc.h, svc_auth.h: - * xdr.h: Fix inclusion protection. Use GSSRPC__{BEGIN,END}_DECLS - for declarations. "unsigned int" -> "u_int", etc. "rpc_int32" -> - "int32_t", etc. Move renaming to rename.h. Move some external - names out of implementation namespace. Make struct tags identical - to typedef names, mostly. Use rpcprog_t and friends as - appropriate. - - * auth.h: Add RPCSEC_GSS errors. Add RPCSEC_GSS flavor. Disable - AUTH_GSSAPI_COMPAT flavor. "AUTH_wrap" -> "auth_wrap", - "AUTH_unwrap" -> "auth_unwrap". - - * svc_auth.h: Hide individual flavors of authenticators under - GSSRPC__IMPL. Adjust for "svc_auth_any" -> "svc_auth_none". - (SVCAUTH_DESTROY): New macro. - - * rpc.h: Prototype gssrpc__rpc_dtablesize(). - - * svc.h (svc_req): Add rq_clntname, rq_svcname. - - * xdr.h (MAX_NETOBJ_SZ): Adjust to 2048. - - * auth_gssapi.c, auth_gssapi_misc.c, auth_none.c, auth_unix.c: - * bindresvport.c, clnt_generic.c, clnt_perror.c, clnt_raw.c: - * clnt_simple.c, clnt_tcp.c, clnt_udp.c, get_myaddress.c: - * getrpcent.c, getrpcport.c, pmax_clnt.c, pmap_getport.c: - * pmap_prot2.c, pmap_rmt.c, rpc_callmsg.c, rpc_commondata.c: - * rpc_dtablesize.c, rpc_port.c, svc.c, svc_auth.c: - * svc_auth_gssapi.c, svc_auth_unix.c, svc_run.c, svc_simple.c: - * svc_tcp.c, svc_udp.c, xdr.c, xdr_alloc.c, xdr_array.c: - * xdr_float.c, xdr_mem.c, xdr_rec.c, xdr_reference.c, xdr_stdio.c: - * xdr_stdio.c: Lots of type renaming, including BSD typealiases, - use of int32_t and uint32_t, rpc*_t for protocol constants. Fixed - namespace issues, moving renaming out of individual files. Moved - symbols out of implementation namespace. - - * xdr.c: Add checks on integer values, in order to return errors - when an attempt is made to encode an integer that won't fit in 4 - bytes, or to decode an integer that won't fit into its target - type. - - * auth_none.c: Use authnone_wrap instead of authany_wrap. - (authnone_wrap): New function. - - * auth_unix.c: Use authunix_wrap instead of authany_wrap. - (authunix_wrap): New function. - - * xdr_mem.c, xdr_rec.c: Fix some sizeof vs BYTES_PER_XDR_UNIT - issues. - -2004-04-22 Ken Raeburn <raeburn@mit.edu> - - * libgssrpc.exports: New file. - -2004-04-02 Ken Raeburn <raeburn@mit.edu> - - * svc_auth_gssapi.c (destroy_client): Don't call purify_watch_n - even if PURIFY is defined. - -2003-04-23 Ken Raeburn <raeburn@mit.edu> - - * bindresvport.c: Include errno.h. - (gssrpc_bindresvport): Don't declare errno. - * clnt_tcp.c: Don't declare errno. - * svc.c: Don't declare errno. Include errno.h. - -2003-03-24 Tom Yu <tlyu@mit.edu> - - * xdr_mem.c (xdrmem_create): Perform some additional size checks. - (xdrmem_getlong, xdrmem_putlong, xdrmem_getbytes): Check x_handy - prior to decrementing it. - -2003-01-12 Ezra Peisach <epeisach@bu.edu> - - * svc_auth_gssapi.c (_svcauth_gssapi_unset_names): If invoked more - than once, do not double free memory. - - * clnt_perror.c (clnt_sperror): Do not write past end of allocated - buffer. - -2003-01-10 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't explicitly invoke AC_PROG_ARCHIVE, - AC_PROG_ARCHIVE_ADD, AC_PROG_RANLIB, AC_PROG_INSTALL. - - * configure.in: Use V5_AC_OUTPUT_MAKEFILE instead of - K5_GEN_MAKEFILE and K5_AC_OUTPUT. - - * Makefile.in: Add AC_SUBST_FILE marker for lib_frag and libobj_frag. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * Makefile.ov: Deleted. - -2003-01-05 Sam Hartman <hartmans@mit.edu> - - * svc_run.c svc_udp.c : Remove declaration of errno - - * clnt_udp.c pmap_getmaps.c pmap_rmt.c svc_auth_gssapi.c: Remove - declaration of errno - -2002-12-18 Ken Raeburn <raeburn@mit.edu> - - * auth_gssapi_misc.c (xdr_gss_buf, auth_gssapi_wrap_data, - auth_gssapi_unwrap_data): Use temporary variables rather than - pointer casts when dealing with integral types of different - sizes. - -2002-12-12 Tom Yu <tlyu@mit.edu> - - * Makefile.in (all-prerecurse): Change double colons to single - colons. - -2002-11-11 Ken Raeburn <raeburn@mit.edu> - - * get_myaddress.c (get_myaddress): Local array buf size should be - counted in ifreq structs, not ifconf structs. - -2002-10-31 Ken Raeburn <raeburn@mit.edu> - - * xdr_alloc.c (xdralloc_putlong): Coerce value pointed to by - argument to 32 bits, rather than reading only 32 bits from the - supplied address. - -2002-09-24 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in ($(HDRS)): Depend on includes. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-12 Tom Yu <tlyu@mit.edu> - - * xdr.c (xdr_string): Fix off-by-one error; we're not vulnerable, - since we don't call it. - -2002-08-02 Tom Yu <tlyu@mit.edu> - - * xdr_array.c (xdr_array): Account for elsize when checking - encoded array count. - -2002-07-17 Ken Raeburn <raeburn@mit.edu> - - * dyn.c: New file, combining contents of old util/dyn library, - with unused functions omitted, and memmove assumed. - * dyn.h: Moved from util/dyn/dyn.h, symbol renaming macros added. - Changed element size to size_t. Include stdlib.h. - * dynP.h: Moved from util/dyn/dynP.h, symbol renaming macros - added. - * dyntest.c: Moved from util/dyn/test.c. - * Makefile.in (SHLIB_EXPDEPS, SHLIB_EXPLIBS): Omit libdyn - references. - (SRCS, OBJS, STLIBOBJS): Build dyn.c. - (dyntest, run-dyntest, clean-dyntest): New targets. - (check-unix): Depend on run-dyntest. - (clean-unix): Depend on clean-dyntest. - (LCLINT, LCLINTOPTS): Moved from util/dyn/Makefile.in. - (do-dyn-lclint): New target, untested. - * xdr_alloc.c: Include "dyn.h" instead of <dyn.h>. - -2001-12-14 Ezra Peisach <epeisach@mit.edu> - - * svc_auth_gssapi.c (_gssrpc_svcauth_gssapi): Local return - variable declared enum auth_stat instead of int. - -2001-12-07 Ezra Peisach <epeisach@mit.edu> - - * clnt_raw, clnt_tcp.c, clnt_udp.c: Use a union structure to - ensure argument alignment. - - * pmap_clnt.c, pmap_clnt.h (pmap_set): Change port argument to int - to avoid width warnings. - - * rpc_callmsg.c (xdr_callmsg): Cast argument to XDR_INLINE to - avoid signed vs. unsigned warning. - - * svc.c: Cast assignment to avoid signed warning. - - * xdr.c (xdr_u_short, xdr_u_long): cast pointers to long * in - invocation of XDR_PUTLONG. - - * xdr_alloc.c (xdralloc_putbytes): Cast argument to DynInsert to - avoid signed/unsigned warning. - - * auth_gssapi.c, svc_auth_gssapi, xdr_rec.c: Cast arguments to - avoid alignment warnings. - - * svc_tcp.c, xdr_stdio.c: Cast argument to fread/fwrite/read/write. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * auth_gssapi.h, auth_gssapi_misc.c, getrpcent.c, - svc_auth_gssapi.c, xdr.h: Make prototypes unconditional. Don't - define PROTOTYPE. - -2001-10-05 Ken Raeburn <raeburn@mit.edu> - - * auth_gssapi.h, getrpcent.c, xdr.h: Drop _MSDOS support. - -2001-08-10 <epeisach@mit.edu> - - * clnt_udp.c (clntudp_call): Do not assume that select will not - change the timeout struct timeval. Under Linux, this reflects the - time left available - which might result in 0 in the case of a - timeout. When attempting to resend a request, this may results in - a timeout of zero - flooding the server with replay requests. - - * clnt_tcp.c (readtcp): Same. - * pmap_rmt.c (clnt_broadcast): Same - * svc_tcp.c (readtcp): Same - -2001-07-26 Ezra Peisach <epeisach@home> - - * xdr_reference.c (xdr_reference): Remove cast in argument to memset. - - * svc_auth_gssapi.c: In call to gss_accept_sec_context, pass - OM_uint32 * instead of int *; - - * pmap_clnt.h, pmap_getport.c (pmap_getport): Prototype changed - for protocol from unsigned int to rpc_u_int32 to match struct - pmap. - - * getrpcport.c (gssrpc_getrpcport): Update to reflect proper - calling conventions. - - * rpc.h (callrpc): Change prototype from expecting ints for - prognum, versnum and procnum to rpc_u_int32 for consistancy. - (getrpcport): Update arguments in similar fashion. - - * clnt_simple.c (gssrpc_callrpc): Update to reflect prototype change. - - * auth_gssapi_misc.c (auth_gssapi_display_status_1): Local - variable msg_ctx should be OM_uint32 instead of int as argument to - gss_display_status. - -2001-07-25 Ezra Peisach <epeisach@mit.edu> - - * auth_gssapi.c (auth_gssapi_create): Change calling convention - from passing ints as arguments to OM_uint32 to match spec for - gss_init_sec_context. - - * auth_gssapi.h: Update prototype for auth_gssapi_create. - - * svc.h (struct svc_req): The rq_clntcred and rq_svccred elements - are now void *. - -2001-07-19 Ezra Peisach <epeisach@mit.edu> - - * xdr_mem.c: Do not assume that XDR x_private field is char *. - - * auth.h: AUTH ah_private structure element changed to void *. - - * clnt.h: CLIENT cl_private structure element changed to type void *. - - * svc.h: SVCXRPT elements xp_p1 and xp_p2 changed to void * from - caddr_t. - - * svc_udp.c: su_cache element of svcudp_data from caddr_t to void *. - - * clnt_tcp.c, svc_tcp.c (writetcp, readtcp): Cleanup alignment - warning in casts. - - * types.hin (mem_alloc): Do not cast type of malloc to char *. - - * xdr.h: Change type of x_private of XDR from caddr_t to void *. - -2001-07-09 Ezra Peisach <epeisach@mit.edu> - - * pmap_rmt.c, svc.c, svc_simple.c, svc_udp.c, svc_tcp.c, - xdr_array.c, xdr_reference.c : Include string.h for memset and - memcmp prototypes. - - * auth_gssapi.c, auth_gssapi_misc.c, svc_auth_gssapi.c: Cast - argment to PRINTF to match format. - -2001-07-08 Ezra Peisach <epeisach@mit.edu> - - * svc.c (xprt_register): If svc_fdset has not been initilized, - FD_ZERO it. - - * rpc_commondata.c: Do not assume what the structure of an fd_set - looks like. Add variable gssrpc_svc_fdset_init to determine if - initialized. - -2001-07-06 Ezra Peisach <epeisach@mit.edu> - - * auth_unix.c: In case GETGROUPS_T is not defined, default to int. - -2001-07-05 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Add AC_TYPE_GETGROUPS to determine argument to - getgroups. - - * auth_unix.c (authunix_create_default): Use GETGROUPS_T array in - call to getgroups. Copy into array of int for call to - authunix_create. Note: If auth_unix protection ever used with this - code, we will need to cleanup assumptions in int being 32 bits in - OTW transfer of gids. - - * clnt_tcp.c, svc_tcp.c: Change writetcp and readtcp to take char - as first argument to be compatible with xdrrec_create. - - * xdr.c (xdr_opaque): Cast argument in call to XDR_GETBYTES. - - * svc.h: Add prototype for gssrpc_svcudp_enablecache. - - * svc_auth_gssapi.c (_gssrpc_svcauth_gssapi): Change - _svcauth_gssapi to _gssrpc_svcauth_gssapi for consistancy. - - * svc_auth.c: Move prototypes for _gssrpc_svcauth_{unix, null, - short, gssapi} to: - * svc_auth.h: here. - - * svc_auth_unix.c: Update _gssrpc_svcauth_short and - _gssrpc_svcauth_unix to match prototype. - -2001-06-28 Ezra Peisach <epeisach@mit.edu> - - * auth.h: Provide full prototype for xdr_des_block. - - * auth_gssapi.h: Complete prototypes for - _svcauth_gssapi_unset_names(). - - * clnt.h: Prototype dispatch functions and all functions. - - * clnt_perror.c: Prototype static auth_errmsg(). - - * clnt_raw.h clnt_tcp.c, clnt_udp.c: Provide prototypes to static - functions and match dispatch table prototypes. control function - takes void * instead of caddr_t. - - * pmap_rmt.c: Move prototype for resultproc_t to pmap_clnt.h. - - * rpc.h: get_myaddress returns int. Add prototypes for callrpc and - getrpcport. - - * rpc_commondata.c (rpc_createerr): When initializing rpc_creaerr - use RPC_SUCCESS instead of 0. - - * get_myaddress.c, rpc_dtablesize.c: Include gssrpc/rpc.h for - prototype. - - * pmap_clnt.h, pmap_prot.h, pmap_rmt.h, rpc_msg.h: Full prototypes - for all functions. - - * svc.c: Provide full prototype for static function. - - * svc.h: Prototypes for dispatch functions added. Flushed out - prototypes for all functions missing prototypes. Added prototype - for svcfd_create. - - * svc_auth.c: Prototypes for all functions referenced. - - * svc_auth.h: Prototype dispatch functions to svc_auth_ops. - - * svc_auth_any.c: Replace use of authany_wrap() with a new local - function that matches svc_auth_ops dispatch table. - - * svc_simple.c: Provide prototype for static function - universal. Fill in missing types of parameters to - gssrpc_registerrpc. - - * svc_raw.c svc_tcp.c, svc_udp.c: Provide prototypes for static - functions and match prototypes in dispatch table. Change getargs - and freeargs argument to void * from caddr_t. - - * xdr.c (xdr_void): Function to match prototype of arguments given. - - * xdr.h: Provide full prototypes for xdr_ops dispatch table and - xdr_void(). - - * svc_auth_gssapi.c, xdr_alloc.c, xdr_mem.c, xdr_rec.c, - xdr_stdio.c: Provide protypes for static functions and match - dispatch tables. - -2001-06-27 Ezra Peisach <epeisach@mit.edu> - - * bindresvport.c: Include gssrpc/rpc.h for prototype. - - * auth_unix.h: Expand prototype for xdr_authunix_params to include - arguments. - - * auth_gssapi.h: Give full prototypes for xdr_gss_buf, - xdr_authgssapi_creds, xdr_authgssapi_init_arg and - xdr_authgssapi_init_res. - - * auth_gssapi.c, auth_none.c, auth_unix.c: For struct AUTH - disptach functions, provide full prototypes and ensure consistant - usage in functions - - * auth.h: Provide prototypes dispatch functions in struct - AUTH. Give a forward declaration of struct rpc_msg. Change - duplicate definitions of AUTH_WRAP and AUTH_UNWRAP into auth_wrap - and auth_unwrap. Give full prototype for authany_wrap. - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * svc_simple.c (universal): Change transp to s_transp to not - shadow filewide static definition of name. - Move file wide definition of "pl" into respective functions. - - * pmap_rmt.c: Change sin->sockin and socket->sock. - - * pmap_getmaps.c, pmap_getport.c: Change socket to sock to not - shadow network function. - - * bindresvport.c, clnt_generic.c: Change sin to sockin to not - shadow function declaration. - -2001-06-19 Ezra Peisach <epeisach@mit.edu> - - * pmap_prot2.c (xdr_pmaplist): Ensure variable set before use. - -2001-06-18 Ezra Peisach <epeisach@mit.edu> - - * auth_gssapi.c (auth_gssapi_create): Cast const gss_OID to - gss_OID for gssapi functions. - - * xdr.c (xdr_u_int, xdr_int32, xdr_u_int32): If enumerated - operation is not XDR_ENCODE, XDR_DECODE or XDR_FREE - return FALSE - instead falling off end of function. - -2001-06-08 Ezra Peisach <epeisach@mit.edu> - - * auth_gssapi.h: Rename prototypes from _svcauth_set_log_XXX_func to - _svcauth_gssapi_set_log_XXX_func to match code. - -2001-06-05 Ezra Peisach <epeisach@mit.edu> - - * clnt_perror.c (clnt_spcreateerror): Enumerate missing cases in - switch. - - * getrpcport.c: Include string.h for memmove() prototype and - pmap_clnt.h for pmap_getport() prototype. - - * rpc_dtablesize.c (_gssrpc_rpc_dtablesize): Declare as returning int. - * get_myaddress.c (gssrpc_get_myaddress): Likewise. - - * rpc_prot.c (gssrpc_xdr_accepted_reply, sunrpc_seterr_reply): - Enumerate missing cases for switch. - (rejected): Fix typo: RPC_VERMISMATCH -> RPC_MISMATCH for - enumerated switch. - - * svc_auth.c: Add braces to svcauthsw[] initialization. - - * svc_simple.c: Include pmap_clnt.h for pmap_unset prototype. - - * bindresvport.c, clnt_simple.c, clnt_tcp.c, clnt_udp.c, pmap_clnt.c, - pmap_getmaps.c, pmap_gtport.c, pmap_rmt.c, svc_tcp.c, svc_udp.c: - Include unistd.h for close() prototype. - - * xdr.c (xdr_opaque): Specify internal buffer as ints. - (xdr_u_int32): Declare as returning bool_t. - - * clnt_generic.c, rpc_callmsg.c, svc_auth_unix.c, xdr_mem.c: - Include string.h for memmove() prototype. - - * xdr_rec.c: Include string.h for memmove() prototype. Add dummy - XDR_FREE cases for switches. - - * xdr_reference.c (xdr_reference): Add XDR_ENCODE case. (gcc warning). - * xdr_array.c (xdr_array): Likewise. - - * auth.h: Include gssrpc/xdr.h and provide prototype for - gssrpc_xdr_opaque_auth(). - - * auth_gssapi.h: Add prototypes for auth_gssapi_seal_seq() and - auth_gssapi_unseal_seq(). - - * clnt.h: Add prototype for _gssrpc_rpc_dtablesize(). - - * rpc.h: Add prototypes for gssrpc_get_myaddress() and - gssrpc_bindresvport(). - -2001-03-07 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Check for strerror. - * clnt_perror.c (strerror) [!HAVE_STRERROR]: Define, with - out-of-range check using sys_nerr. - (sys_nerr) [!HAVE_STRERROR]: Declare at top level instead of in - clnt_spcreateerror. - (clnt_sperror, clnt_spcreateerror): Use strerror always. Skip - range check. - -Sun Feb 18 17:48:35 2001 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * xdr.h: Flush out prototypes for xdrmem_create(), - xdrstdio_create(), xdrrec_create(), xdralloc_create(), - xdralloc_release(), xdrrec_endofrecord(), xdrrec_skiprecord(), - xdrrec_eof(), xdralloc_getdata(). Add prototype for - gssrpc_xdr_fre(). - - * xdr.c: Argument to gssrpc_xdr_free(0 changed from char * to void - *. xdr_u_char() changed to take unsigned char * instead of char *. - - * auth_unix.c: Include unistd.h and string.h for - prototypes. Declare marshal_new_auth() as static void instead of - static bool_t based on usage. - - * auth.h, svc_auth.h: Provide full prototypes for a number of - functions. - -2000-06-21 Tom Yu <tlyu@mit.edu> - - * svc_auth_gssapi.c (_svcauth_gssapi): Missed a rename. From - Nathan Neulinger. - -2000-05-31 Ken Raeburn <raeburn@mit.edu> - - * pmap_rmt.c (GIFCONF_BUFSIZE): New macro. - (getbroadcastnets): Use it for buffer size. - (clnt_broadcast): Make buffer at least that big. - - * get_myaddress.c (get_myaddress): Increase buffer size. - -2000-05-18 Ken Raeburn <raeburn@mit.edu> - - * auth_gssapi_misc.c (auth_gssapi_display_status_1): Don't pass a - gss_buffer_desc to fprintf. - - * clnt_tcp.c (clnttcp_create): Initialize "ct". - * clnt_udp.c (clntudp_bufcreate): Initialize "cu". - - * svc_auth_gssapi.c (_svcauth_gssapi, create_client, - destroy_client, dump_db, clean_client): Use %p format for - displaying pointers. Remove unused variables. - -2000-05-17 Ken Raeburn <raeburn@mit.edu> - Nalin Dahyabhai <nalin@redhat.com> - - * clnt_perror.c (clnt_sperror): Don't overflow buffer "str" beyond - known allocation size. - * clnt_simple.c (gssrpc_callrpc): Don't overfill buffer "crp->oldhost". - -2000-05-03 Nalin Dahyabhai <nalin@redhat.com> - - * clnt_perror.c (_buf): Use bigger buffer. - (clnt_spcreateerror): Don't overflow buffer "buf" beyond known - allocation size. - -2000-02-22 Donn Cave <donn@u.washington.edu> - - * Makefile.in (includes): Extract basename of header file to be - installed, since Digital UNIX 4.0 native make substitutes the - VPATH-derived pathname here. - -2000-02-17 Tom Yu <tlyu@mit.edu> - - * svc_auth_gssapi.c (_svcauth_gssapi): Don't explicitly free - call_arg on error, since svc_getargs should do that now. - - * svc_udp.c (svcudp_getargs): Free args on xdr decode error to - avoid leaks. - - * svc_tcp.c (svctcp_getargs): Free args on xdr decode error to - avoid leaks. - - * svc_raw.c (svcraw_getargs): Free args on xdr decode error to - avoid leaks. - - * auth_gssapi.c (auth_gssapi_create): Don't explicitly free - call_res anymore, since clnt_call should deal now. - - * clnt_udp.c (clntudp_call): Free stuff on error from - xdr_replymsg() to prevent leaking. - - * clnt_tcp.c (clnttcp_call): Free stuff on error from - xdr_replymsg() to avoid leaking. - - * clnt_raw.c (clntraw_call): Free stuff on error from - xdr_replymsg() to avoid leaking. - -2000-02-16 Tom Yu <tlyu@mit.edu> - - * auth_gssapi.c (auth_gssapi_create): Free call_res because - xdr_authgssapi_init_res can potentially allocate memory. Perhaps - clnt_call should really deal with this, though. It is not at all - clear whether clnt_call or svc_getargs should actually end up - freeing allocated memory themselves. - -2000-02-15 Tom Yu <tlyu@mit.edu> - - * svc_auth_gssapi.c (_svcauth_gssapi): Call gssrpc_xdr_free() if - xdr_authgssapi_creds() or xdr_authgssapi_init_arg() fails. - - * auth_gssapi_misc.c (xdr_authgssapi_creds): - (xdr_authgssapi_init_arg): - (xdr_authgssapi_init_res): Revert prior change. The caller should - be the one dealing. Additionally, it was probably wrong to - unconditionally free the object regardless of whether the mode is - XDR_DECODE. - (auth_gssapi_unwrap_data): Use temp_xdrs rather than in_xdrs to - force XDR_FREE operation. - -2000-02-14 Tom Yu <tlyu@mit.edu> - - * svc.c (xprt_register): Zero out xports after allocating. - - * auth_gssapi_misc.c (xdr_authgssapi_creds): - (xdr_authgssapi_init_arg): - (xdr_authgssapi_init_res): - (auth_gssapi_unwrap_data): If xdr_gss_buf or xdr_bytes fails, call - again with XDR_FREE set so that allocated memory doesn't leak. - -2000-01-24 Tom Yu <tlyu@mit.edu> - - * get_myaddress.c (gssrpc_get_myaddress): Copy in from NetBSD; - use loopback address only. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Fri Apr 23 20:05:38 1999 Tom Yu <tlyu@mit.edu> - - * svc.c: Fix to reference the correct xprt because we're no longer - calling ffs(); also remove some unused variables. - -Wed Apr 21 16:22:32 1999 Tom Yu <tlyu@mit.edu> - - * svc.c (xprt_unregister): Fix typo. - -1999-04-14 <tytso@rsts-11.mit.edu> - - * svc.c (svc_getreq, svc_getreqset): Avoid using internal, private - fd_set structure elements (Needed for Linux/glibc 2.1) - -Thu Apr 1 19:11:50 1999 Tom Yu <tlyu@mit.edu> - - * rpc_commondata.c: Add initializers to prevent lossage on systems - that don't deal with common blocks in libraries. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -1998-10-27 Marc Horowitz <marc@mit.edu> - - * svc_auth_gssapi.c, auth_gssapi.h: fix the set_name prototype, - add a new unset_names function - -Sun Jul 26 18:13:39 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * Makefile.in (LIBMAJOR): bump libmajor - -Wed Apr 15 18:07:38 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): - (SHLIB_EXPLIBS): Rename libcrypto -> libk5crypto. - -Mon Apr 6 19:44:51 1998 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * Makefile.in (includes): Don't mkdir unless the directory doesn't - exist yet. - -Wed Feb 18 16:26:19 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 20:57:49 1998 Tom Yu <tlyu@mit.edu> - - * auth.h: Renames. - * auth_any.c: Update header locations. - * auth_gssapi.c: Punt naughty RCS keywords. Update header - locations. Remove explicit extern decl of rpc_createrr (clnt.h - gets it). Renames. - * auth_gssapi.h: Punt naughty RCS keywords. - * auth_gssapi_misc.c: Punt naught RCS keywords. Update header - locations. - * auth_none.c: Update header locations. Renames. - * auth_unix.c: Update header locations. Renames. - * auth_unix.h: Renames. - * authunix_prot.c: Update header locations. - * bindresvport.c: Renames. - * clnt.h: Renames. - * clnt_generic.c: Update header locations. - * clnt_perror.c: Update header locations. - * clnt_raw.c: Update header locations. Renames. - * clnt_simple.c: Update header locations. Renames. - * clnt_tcp.c: Update header locations. Renames. - * clnt_udp.c: Upate header loations. Renames. - * get_myaddress.c: Update header locations. Renames. - * getrpcent.c: Update header locations. - * getrpcport.c: Update header locations. Renames. - * netdb.h: Update header locations. - * pmap_clnt.c: Update header locations. Renames. - * pmap_clnt.h: Renames. - * pmap_getmaps.c: Update header locations. - * pmap_getport.c: Update header locations. - * pmap_prot.c: Update header locations. - * pmap_prot.h: Renames. - * pmap_prot2.c: Update header locations. - * pmap_rmt.c: Update header locations. Renames. - * pmap_rmt.h: Renames. - * rpc.h: Update header locations. No longer include rpc/netdb.h. - * rpc_callmsg.c: Update header locations. Renames. - * rpc_commondata.c: Update header locations. - * rpc_dtablesize.c: Renames. - * rpc_msg.h: Renames. - * rpc_prot.c: Update header locations. Renames. - * svc.c: Update header locations. Renames. - * svc.h: Renames. - * svc_auth.c: Update header locations. Renames. - * svc_auth.h: Renames. - * svc_auth_any.c: Update header locations. - * svc_auth_gssapi.c: Punt naughty RCS keywords. Update header - locations. Renames. - * svc_auth_unix.c: Renames. - * svc_raw.c: Update header locations. - * svc_run.c: Update header locations. Renames. - * svc_simple.c: Update header locations. Renames. Make pl - static. - * svc_tcp.c: Update header locations. Renames. - * svc_udp.c: Update header locations. Renames. - * xdr.c: Update header locations. Renames. - * xdr.h: Renames. - * xdr_alloc.c: Punt naughty RCS keywords. Update header - locations. - * xdr_array.c: Update header locations. - * xdr_float.c: Update header locations. - * xdr_mem.c: Update header locations. - * xdr_rec.c: Update header locations. - * xdr_reference.c: Update header locations. - * xdr_stdio.c: Update header locations. - - * Makefile.in: Bump major version due to changes. Don't build - getrpcent.o, since we don't use it, and dealing with the - rpc/netdb.h lossage was a major pain. Also, rename HDRDIR to - $(BUILDTOP)/gssrpc in order to avoid problems with system headers - including rpc/*.h. - -Thu Feb 12 16:18:22 1998 Tom Yu <tlyu@mit.edu> - - * configure.in: Add commented out AC_OUTPUT to force autoreconf to - rebuild the configure script. - -Mon Feb 2 17:00:16 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - - * configure.in, Makefile.in: Remove CopySrcHeader and CopyHeader - from configure.in and move equivalent functionality to - Makefile.in - -Wed Jan 21 15:06:00 1998 Ezra Peisach <epeisach@mit.edu> - - * bindresvport.c: Include string.h for memset prototype. - -Tue Dec 16 11:22:13 1997 Ezra Peisach <epeisach@mit.edu> - - * svc_auth_gssapi.c (_svcauth_gssapi): When looping over services, - free previous output_tokens. - -Fri Nov 21 00:37:14 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (types.h): Add rules to generate file by running - config.status. Remove on make clean. - -Tue Oct 21 14:31:33 1997 Ezra Peisach <epeisach@mit.edu> - - * svc_auth_gssapi.c (destroy_client): Fix to not lose entries in - the chain linked list. - -Mon Aug 18 09:48:06 1997 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * get_myaddress.c: Include string.h for memcpy prototype. - -Sat Feb 22 01:34:19 1997 Sam Hartman <hartmans@tertius.mit.edu> - - * Makefile.in (SHLIB_EXPDEPS): s/.so/$(SHLIBEXT) - -Mon Feb 10 11:10:02 1997 Ezra Peisach <epeisach@quest.rose.brandeis.edu> - - * configure.in: Check for sys/uio.h. - - * svc_udp.c: Include sys/uio.h is available for struct iovec. - -Mon Feb 10 00:04:36 1997 Tom Yu <tlyu@mit.edu> - - * svc_udp.c (svcudp_recv): Avoid coredumps under Solaris (and - possibly other systems) by passing in a non-NULL iovec to - recvmsg(). - -Thu Jan 16 19:02:22 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in (all-prerecurse): Update to use double-colon rules. - -Tue Jan 14 19:22:42 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Wed Dec 4 12:42:49 1996 Barry Jaspan <bjaspan@mit.edu> - - * Various changes to allow channel bindings to work with both UDP - and TCP cleanly [krb5-libs/180]: - - * auth_gssapi.c: remove the special-case exception to channel - bindings failure added in the previous revision, since we now - solve the problem by making channel bindings not fail - - * clnt_udp.c: use a connected socket so that the client can - determine its own source address with getsockname - - * svc.h: add xp_laddr and xp_laddrlen fields to SVCXPRT structure - - * svc_tcp.c: set xp_laddr and xp_laddrlen when a connection is - established - - * svc_udp.c (svcudp_recv): use recvmsg with MSG_PEEK followed by - recvfrom in order to determine both source and dest address on - unconnected UDP socket, set xp_laddr and xp_laddrlen - -Fri Nov 22 15:50:42 1996 unknown <bjaspan@mit.edu> - - * get_myaddress.c (get_myaddress): use krb5_os_localaddr instead - of ioctl() to get local IP addresses [krb5-libs/227] - - * clnt_generic.c, clnt_simple.c, getrpcport.c: use sizeof instead - of h_length to determine number of bytes of addr to copy from DNS - response [krb5-misc/211] - -Fri Nov 22 11:49:43 1996 Sam Hartman <hartmans@mit.edu> - - * types.hin: Include stdlib.h if found at config time [203] - - * configure.in: Substitute STDLIB_INCLUDE into types.h. [203] - -Tue Nov 12 16:27:27 1996 Barry Jaspan <bjaspan@mit.edu> - - * auth_gssapi.c (auth_gssapi_create): handle channel bindings - failure so UDP connections can work [krb5-libs/180] - -Tue Nov 5 18:43:46 1996 Tom Yu <tlyu@mit.edu> - - * configure.in: Revert removal of CopySrcHeader, etc., for now. - - * Makefile.in (OBJS): Remove dependency of $(OBJS) on shared, also - remove dependency of $(HDRS) on $(HDRDIR). Both of these to avoid - unecessary copying. - -Wed Oct 30 13:18:34 1996 Barry Jaspan <bjaspan@mit.edu> - - * xdr_stdio.c: Remove the #ifndef mc68000 cruft. I'm not sure - what it was supposed to accomplish, but in both places it appeared - it was unquestionably wrong. I suspect that the ifdef was put in - originally to optimize byte-alignment code that wasn't necessary - on the 68000. Who knows? Someone will complain if this isn't - right. [krb5-libs/47] - -Tue Oct 29 13:03:50 1996 Barry Jaspan <bjaspan@mit.edu> - - * auth_gssapi.c (auth_gssapi_create): #ifdef GSSAPI_KRB5, a null - mech_type implies gss_mech_krb5, so include that in the version 3 - fallback test. This change, along with the other changes for rpc - version 4, complete the fix for [krb5-libs/106]. - -Wed Oct 23 00:08:27 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * pmap_rmt.c: - * clnt_udp.c: Change #ifdef sparc to #ifdef sun for more portability. - [fixes PR#123] - -Mon Oct 21 21:22:42 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in, configure.in: Fixes to work with new directory - recursion method. - -Wed Oct 16 16:12:07 1996 Barry Jaspan <bjaspan@mit.edu> - - * svc_auth_gssapi.c (_svcauth_gssapi): accept add call_arg version - 4 - -Tue Oct 15 17:04:09 1996 Barry Jaspan <bjaspan@mit.edu> - - * Makefile.in (CFLAGS): compile with -DGSSAPI_KRB5 - - * svc_auth_gssapi.c: add #ifdef GSSAPI_KRB5 for krb5 specific code - - * auth_gssapi.c (auth_gssapi_create): add call_arg version 4, make - version 3 use using gss_mech_krb5_old (under #ifdef GSSAPI_KRB5) - - * configure.in: add DO_SUBDIRS so make will descend into unit-test - -Wed Oct 9 14:15:34 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in (all-unix): Force $(OBJS) to depend on includes, - fixing incompatibilty with makes that don't evaluate dependencies - l-r. - -Tue Sep 3 23:10:58 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * auth_gssapi.c: Remove $LOG$, including "unprofessional" comment - which OV requested that we lose.... - -Sat Aug 31 01:46:45 1996 Ken Raeburn <raeburn@cygnus.com> - - * pmap_rmt.c (getbroadcastnets): Tweak conditional layout to make - emacs indentation code happier. - - * netdb.h: Comment fix. - - Tue Aug 6 18:52:47 1996 Marc Horowitz <marc@mit.edu> - - * configure.in, getrpcent.c: Use configure to the return types of - setrpcent() and getrpcent(). Also, check for struct rpcent in the - system <netdb.h>, and only define the structure in rpc/netdb.h if - it's not in the system file. - -Tue Aug 13 15:18:16 1996 Tom Yu <tlyu@mit.edu> - - * getrpcent.c: Add PROTOTYPE and conditionalize function - prototypes. - - * xdr.h: Add PROTOTYPE and conditionalize function prototypes. - - * svc_auth_gssapi.c: Remove ANSI string concatenation, de-ANSI-fy - function definitions. - - * auth_gssapi_misc.c (auth_gssapi_display_status_1): Remove ANSI - string concatenation, de-ANSI-fy function definitions. - - * auth_gssapi.h: Add PROTOTYPE and conditionalize function - prototypes. - - * auth_gssapi.c (auth_gssapi_create): remove ANSI-ish string - concatenation, de-ANSI-fy function definitions. - -Thu Aug 8 15:30:01 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * configure.in, types.hin: Change search for struct rpcent yet - again, this time compile-checking both netdb.h and - rpc/netdb.h and taking action appropriately. See the - comments in configure.in for details. - -Mon Aug 5 16:46:48 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * Makefile.in (CFLAGS): Change DEBUG_GSSAPI to 0 to avoid printing - excess stuff to stderr. - -Wed Jul 31 20:36:34 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu> - - * getrpcent.c: Shuffle inclusion order somewhat. - - * configure.in: Fix test for STRUCT_RPCENT_ALREADY_PROVIDED if - there happens to be a /usr/include/rpc/netdb.h. This - causes /usr/include/netdb.h to include netdb.h from our - tree rather from /usr/include/rpc, which of course results - in massive damage. Basically, if /usr/include/netdb.h - contains rpcent declaration and /usr/include/rpc/netdb.h - exists, then assume that there is no struct rpcent in the - system include files. It's really unfortunate that we - need to do this at all, but it's all we can do short of - renaming a bunch of include files or directories. - - * Makefile.in: Punt -I$(srcdir)/..; it was gross and not needed - because headers get installed in build tree before - building the library anyway. - -Wed Jul 31 16:54:29 1996 Tom Yu <tlyu@mit.edu> - - * types.hin: Remove #include <netdb.h> because it appears the only - reason for doing so was to get struct rpcent, and we're - getting that via <rpc/netdb.h>. - - * clnt_generic.c, clnt_simple.c, clnt_tcp.c, clnt_udp.c, - getrpcent.c, getrpcport.c, pmap_getmaps.c, svc_simple.c: - Revert prior change due to netdb.h shuffling. - -Tue Jul 30 18:59:17 1996 Tom Yu <tlyu@mit.edu> - - * rpc.h: Don't include netdb.h (rpc/types.h already includes it) - - * svc_auth_gssapi.c: #include <rpc/rpc.h> before <sys/stat.h> (to - get sys/types.h. - - * clnt_generic.c, clnt_simple.c, clnt_tcp.c, clnt_udp.c, - getrpcent.c, getrpcport.c, pmap_getmaps.c, svc_simple.c: - Remove #include <netdb.h>; it's already included in - rpc/types.h. - -Mon Jul 29 22:02:47 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * configure.in: Determine whether netdb.h defines struct rpcent. - - * types.hin: Expand rpcent_define to be a null string or a #define - on Linux. - - * netdb.h: Include rpc/types.h and only define struct rpcent if - needed. - -Wed Jul 24 07:58:38 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * pmap_rmt.c (clnt_broadcast): Use memset insetad of bzero. - - * Makefile.in (DEPLIBS): Use correct version number for - gssapi_krb5 dependency. - -Tue Jul 23 23:49:47 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * clnt_perror.c: Don't declare strcpy. - -Tue Jul 23 11:24:32 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * xdr.c: Do not declare malloc(). - - * Makefile.in (SHLIB_LIBS): Link with gssapi_krb5 when creating - shared library. - - -Mon Jul 22 21:46:48 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * clnt_perror.c: Include errno.h. - -Fri Jul 12 15:33:50 1996 Marc Horowitz <marc@mit.edu> - - * rpc_dtablesize.c (_rpc_dtablesize): put in a few checks to make - sure that the return value is never larger than FD_SETSIZE, since - this function's purpose is to be used as the first arg to - select(). - -Tue Jul 9 17:56:54 1996 Marc Horowitz <marc@mit.edu> - - * rpc.h, netdb.h, getrpcent.c: Our build can (and will) require - that the rpc header files shipped with kerberos be used if the - library shipped with kerberos is used. Thus, some simplifying - assumptions can be made, mostly having to do with the declaration - of struct rpcent and the related functions. - * clnt_perror.c: made usage of sys_errlist conditional on - NEED_SYS_ERRLIST - * configure.in (DECLARE_SYS_ERRLIST): added - * Makefile.in (DONE): added a few rules and variable so shared - library creation would work - diff --git a/src/lib/rpc/unit-test/ChangeLog b/src/lib/rpc/unit-test/ChangeLog deleted file mode 100644 index c14530f8f..000000000 --- a/src/lib/rpc/unit-test/ChangeLog +++ /dev/null @@ -1,353 +0,0 @@ -2006-04-10 Ken Raeburn <raeburn@mit.edu> - - * client.c (usage): Mark as "noreturn" under gcc. - -2006-04-03 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFS): Make empty. - -2006-03-31 Ken Raeburn <raeburn@mit.edu> - - * client.c, server.c: Include autoconf.h. - -2006-03-11 Ken Raeburn <raeburn@mit.edu> - - * server.c (krb5_kt_default_name): Deleted unused function. - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use K5_AC_INIT instead of AC_INIT. - -2004-05-27 Tom Yu <tlyu@mit.edu> - - * client.c: rpcint_32 -> int32_t. - - * server.c: Update names of AUTH_GSSAPI functions. - -2004-04-02 Ken Raeburn <raeburn@mit.edu> - - * lib/helpers.exp (expect_kadm_ok): Check for "ERROR" messages and - report them. - -2004-02-27 Ken Raeburn <raeburn@mit.edu> - - * lib/helpers.exp (expect_kadm_ok): Check for eof and report a - specific error for that case. - -2004-02-13 Tom Yu <tlyu@mit.edu> - - * config/unix.exp (PRIOCNTL_HACK): Use "==" instead of "eq", which - is not present in tcl-8.3. - -2004-02-12 Tom Yu <tlyu@mit.edu> - - * configure.in: Invoke KRB5_AC_PRIOCNTL_HACK. - - * config/unix.exp (PRIOCNTL_HACK): Wrap "spawn" to do priocntl - things to work around Solaris 9 pty-close bug. - -2003-12-02 Ken Raeburn <raeburn@mit.edu> - - * lib/helpers.exp (expect_kadm_ok, eof_client): Accept and ignore - debugging messages starting "marshall_new_creds" or "gssapi_", and - blank lines. - -2003-01-07 Ken Raeburn <raeburn@mit.edu> - - * Makefile.ov: Deleted. - -2002-11-14 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (unit-test-ok): Depend only on unit-test-body. - (unit-test-body): Remove krb5cc_rpc_test_* on entry and on - successful exit. On error exit, let the trap handler do all the - cleanup. Incorporate old unit-test-setup commands. - (unit-test-setup, unit-test-cleanup): Targets deleted. - * lib/helpers.exp (start_client, wait_client): Set KRB5CCNAME to - something in the current directory. - -2002-11-11 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (unit-test-body): Set RPC_TEST_SRVTAB based on - process-id. Set trap handler to delete it before returning an - exit status. - (unit-test-cleanup): Don't delete files here. - -2002-11-07 Tom Yu <tlyu@mit.edu> - - * rpc_test.0/expire.exp (overlap): Add another call to - flush_server to make a race condition a little less likely. There - really should be better synchronization, as this test suite is - just full of race conditions waiting to happen. - -2002-09-15 Ken Raeburn <raeburn@mit.edu> - - * lib/helpers.exp (setup_database): Use "!=" instead of "ne" for - string comparisons. - -2002-09-15 Tom Yu <tlyu@mit.edu> - - * lib/helpers.exp (expect_tcl_prompt): Use the "-re" flag, and - match end of output. - (expect_kadm_ok): s/error/perror. - (setup_database): Work around tcl 8.4's (incorrect?) output EOL - translation. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-26 Ezra Peisach <epeisach@bu.edu> - - * configure.in: Use $krb5_cv_host instead of $host. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-06-09 Ken Raeburn <raeburn@mit.edu> - - * config/unix.exp (top level): Load helpers.exp here, to make - sure database setup happens properly. - -2002-01-08 Ken Raeburn <raeburn@mit.edu> - - * lib/helpers.exp (set_from_env, expect_tcl_prompt, - send_tcl_cmd_await_echo, expect_kadm_ok, setup_database): New - procs. - (top level): Do database setup here... - * Makefile.in (unit-test-setup): ...not here. - -2001-07-26 Ezra Peisach <epeisach@mit.edu> - - * client.c: Change local variable count from int to unsigned int. - - * server.c (log_badauth_display_status_1): Argument to - gss_display_status should be OM_uint32 * instead of int *. - -2001-07-09 Ezra Peisach <epeisach@mit.edu> - - * rpc_test_clnt.c, rpc_test_svc.c: Include string.h for memset - prototype. - -2001-07-02 Ezra Peisach <epeisach@mit.edu> - - * rpc_test_svc.c: Change rpc_test_prog_1 to - rpc_test_prog_1_svc. - - * rpc_test.h: Create prototypes for rpc_test_echo_1_svc and - rpc_test_prog_1_svc. - - * server.c: Declare usage and handlesig static. Change - rpc_test_echo_1 to rpc_test_echo_1_svc and rpc_test_prog_1 to - rpc_test_prog_1_svc. - -2001-06-08 Ezra Peisach <epeisach@mit.edu> - - * client.c: Include unistd.h for getopt() prototype. - - * configure.in: Check for unistd.h. - - * server.c: Include unistd.h for getopt() prototype. Fix - rpc_test_badauth() prototype to be consistant with error - handler. Declare main as returning int. If POSIX_SIGNALS is - defined, the handler expects an argument. - -2001-06-07 Ezra Peisach <epeisach@mit.edu> - - * server.c (log_badauth_display_status_1): Do not assume that - gss_buffer_desc strings are '\0' terminated. - -2001-06-05 Ezra Peisach <epeisach@mit.edu> - - * server.c (log_badauth_display_status_1): Need value element of - gss_buffer_desc for printf. - - * client.c (main): Missing arguments to printf fixed. - -2001-04-24 Ezra Peisach <epeisach@mit.edu> - - * client.c (main): Ensure that end of string is NULL terminated - instead of assuming buffer initialized to 0. Include <string.h> - for memset prototype. - -2000-07-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (unit-test-body): Combine -tcp and -udp versions, - setting PASS instead of PROT. - * configure.in: Set and substitute PASS instead of UDP_TEST. - * config/unix.exp: Don't invoke rpc_test_start. Set MULTIPASS, - including a setting for PROT and a dummy to trigger rpc_test_start - invocation. - (rpc_test_start): If a server has already been started, call - rpc_test_exit to verify that it's still running. - -2000-06-30 Tom Yu <tlyu@mit.edu> - - * server.c: Include gssrpc/pmap_clnt.h in order to get renaming of - pmap_unset(). From Nathan Neulinger. - -2000-06-30 Ken Raeburn <raeburn@mit.edu> - - * rpc_test_setup.sh: Error out if server_handle doesn't get set in - the Tcl script. - -2000-06-08 Tom Yu <tlyu@mit.edu> - - * lib/helpers.exp (kinit): Move "expect eof" into the commands - that send the prompt. Don't "expect eof" outside of the main - expect, as the main expect may have already read eof. - -2000-02-15 Tom Yu <tlyu@mit.edu> - - * server.c: Add code to set a signal handler for SIGHUP and a few - others so that purify will actually generate memory leak reports. - - * configure.in: Add CHECK_SIGNALS. - -2000-02-07 Tom Yu <tlyu@mit.edu> - - * config/unix.exp: Call send_error instead of fail to prevent - referencing variables not yet set up by the test framework. - - * lib/helpers.exp: Call kinit and kdestroy with the -5 flag to - deal with new program behavior. Also call perror rather than - error to avoid spewing a stack trace. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-09-21 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (unit-test-body-tcp, unit-test-body-udp): Pass - $(RUNTESTFLAGS) to runtest. - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - - * configure.in: Use K5_AC_OUTPUT instead of K5_OUTPUT_FILES. - -Fri Feb 13 21:28:18 1998 Tom Yu <tlyu@mit.edu> - - * client.c: Update header locations. Rename of xdr_free. - - * rpc_test.h: Update header locations. - - * server.c: Update header locations. - -Thu Feb 12 16:39:38 1998 Tom Yu <tlyu@mit.edu> - - * client.c (main): Tweak the kludge variable - krb5_gss_dbg_clietn_expcreds so we can send expired creds to the - server. - -Mon Feb 2 16:59:48 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Thu Oct 9 20:58:35 1997 Tom Yu <tlyu@mit.edu> - - * configure.in, Makefile.in: Add test to disable udp test under - Solaris 2.0 thru 2.5; a getsockname() bug prevents channel - bindings from working. - -Thu Feb 6 15:58:52 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new program build procedure. - -Wed Nov 20 16:00:21 1996 Barry Jaspan <bjaspan@mit.edu> - - * Makefile.in (unit-test-): warn more loudly about unrun tests - -Thu Nov 14 22:27:05 1996 Tom Yu <tlyu@mit.edu> - - * server.c (main): Add declaration of optind for systems that - don't have it in stdio.h or the like. - -Thu Nov 14 15:27:05 1996 Barry Jaspan <bjaspan@mit.edu> - - * rpc_test_setup.sh: VERBOSE is now inherited from env-setup.sh - -Wed Nov 13 10:00:05 1996 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (clean): Remove test programs and objects. - -Tue Nov 12 16:27:51 1996 Barry Jaspan <bjaspan@mit.edu> - - * lib/helpers.exp, client.c, server.c, config/unix.exp, - Makefile.in: test GSS-RPC with both TCP and UDP transport layers - [krb5-libs/180] - -Tue Nov 12 14:58:20 1996 Tom Yu <tlyu@mit.edu> - - * rpc_test_setup.sh: Fix test of $VERBOSE_TEST so that $VERBOSE - only gets set if $VERBOSE_TEST is not empty. - -Mon Nov 11 20:52:27 1996 Tom Yu <tlyu@mit.edu> - - * rpc_test_setup.sh: Use a temp file rather than a here document - feeding into eval because Ultrix sh doesn't deal. - - * configure.in: Add AC_CANONICAL_HOST to deal with new pre.in. - -Mon Nov 11 14:22:30 1996 Tom Yu <chaoself@avalanche-breakdown.mit.edu> - - * Makefile.in (client.o, server.o): client.o and server.o, not - client.c and server.c, depend on rpc_test.h. - -Thu Nov 7 16:16:38 1996 Tom Yu <tlyu@mit.edu> - - * configure.in: Remove spurious KRB_INCLUDE and WITH_CCOPTS. - - * Makefile.in (server.o): Fix typo in previous checkin. - -Wed Nov 6 16:12:26 1996 Tom Yu <tlyu@mit.edu> - * Makefile.in: Add dependencies on $(srcdir)/foo.c so that some - makes can deal with VPATH properly (e.g. NetBSD pmake) - -Mon Nov 4 23:12:06 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * server.c: We don't need the special case for linux anymore, - since we're including the output from rpcgen in the source - tree now. - -Thu Oct 31 13:14:45 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (client,server): Use $(LD) instead of $(CC) in link - stage. - -Thu Oct 31 08:47:47 1996 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in: Only run tests if required programs, libraries - available. - - * configure.in: Check for runtest, Perl, and tcl before making checks. - - -Thu Oct 24 17:20:11 1996 Barry Jaspan <bjaspan@mit.edu> - - * Makefile.in, rpc_test_clnt.c, rpc_test_svc.c, rpc_test.h: - distribute generated rpc_test_* files instead of running rpcgen on - rpc_text.x [krb5-admin/133] - -Wed Oct 16 16:13:13 1996 Barry Jaspan <bjaspan@mit.edu> - - * rpc_test.0/expire.exp: add test for expired credentials - [krb5-admin/17] - - * server.c (log_miscerr): add log_miscerr - - * Makefile.in: don't delete rpc_test.x, we might be in souce tree - -Tue Oct 15 16:12:04 1996 Barry Jaspan <bjaspan@mit.edu> - - * initial changes to make rpc unit tests work with new build/test - system - |