path: root/src/lib/kdb/ChangeLog

2000-05-11  Nalin Dahyabhai  <nalin@redhat.com>

	* t_kdb.c (gen_principal): Don't overflow "pnamebuf" if bad data was
	passed in.

2000-05-03  Nalin Dahyabhai  <nalin@redhat.com>

	* setup_mkey.c (krb5_db_setup_mkey_name): Use REALM_SEP_STRING
	when computing size of buffer that is to include it.

	* fetch_mkey.c (krb5_db_fetch_mkey): Make sure "defkeyfile" is
	null terminated after construction.
	* store_mkey.c (krb5_db_store_mkey): Likewise.

2000-04-27  Ken Raeburn  <raeburn@mit.edu>
	    Ezra Peisach  <epeisach@mit.edu>

	* t_kdb.c (gen_principal): Force argument to isalnum to be in
	range 0..255.
	(do_testing): Cast pid_t to long before passing to fprintf, and
	use %ld format.  Fix argument lists to find_principal and
	delete_principal.

2000-03-16  Ezra Peisach  <epeisach@mit.edu>

	* kdb_xdr.c (krb5_dbe_lookup_mod_princ_data): Get rid of
	unused variable.

2000-03-12  Ezra Peisach  <epeisach@mit.edu>

	* kdb_xdr.c (krb5_dbe_lookup_mod_princ_data): In casting argument
	to krb5_parse_name, use krb5_const not const.

2000-02-21  Bear Giles  <bgiles@coyotesong.com>

	* fetch_mkey.c (krb5_db_fetch_mkey): Don't attempt to override
	type of key read from stash file.

2000-02-18  Tom Yu  <tlyu@mit.edu>

	* kdb_cpw.c (krb5_dbe_crk): 
	(krb5_dbe_cpw): Fix to actually save old keys.

1999-10-26  Wilfredo Sanchez  <tritan@mit.edu>

	* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
	LOCAL_INCLUDES such that one can override CFLAGS from the command
	line without losing CPP search patchs and defines. Some associated
	Makefile cleanup.

1999-08-30  Ken Raeburn  <raeburn@mit.edu>

	* t_kdb.c (add_principal): Free only contents of a generated key,
	since the keyblock structure itself is on the stack.

1999-08-17  Ken Raeburn  <raeburn@mit.edu>

	* t_kdb.c (add_principal): Update for new calling sequence to
	krb5_dbekd_encrypt_key_data.
	(do_testing): Update calls.

1998-11-13  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* Makefile.in: Set the myfulldir and mydir variables (which are
		relative to buildtop and thisconfigdir, respectively.)

Tue Nov 17 18:19:41 1998  Tom Yu  <tlyu@mit.edu>

	* kdb_cpw.c (krb5_dbe_crk): 
	(krb5_dbe_cpw): Add "keepold" boolean argument to indicate whether
	to retain old keys.

1998-10-27  Marc Horowitz  <marc@mit.edu>

	* kdb_xdr.c, kdb_cpw.c: remove the special knowledge of ENCTYPE
	string-to-key equivalances.  the crypto api has a function for
	this now.

	* decrypt_key.c, encrypt_key.c, fetch_mkey.c, kdb_cpw.c,
	kdb_db2.c, kdb_db2.h, kdb_dbm.c, keytab.c, verify_mky.c: change or
	remove all the places krb5_encrypt_block was used
	(this is mostly relevant to kdb manipulations).  It was usually
	used to specify an enctype (which is now implied by the keyblock),
	or to store or pass in a processed key (now the api just takes a
	key directly, so these structures and functions do, too).  The kdb
	key manuipulation functions also need to be made to use the new
	api.

Fri Sep 25 19:42:10 1998  Tom Yu  <tlyu@mit.edu>

	* kdb_xdr.c (krb5_dbe_search_enctype): Re-order booleans so that
	similar doesn't get checked unless (ktype >= 0) to avoid it being
	stack garbage.

Sun Aug 16 16:52:10 1998  Sam Hartman  <hartmans@utwig.mesas.com>

	* Makefile.in (SHLIB_EXPLIBS): Include $(LIBS) so building on AIX works

Sun Jul 26 18:12:22 1998  Sam Hartman  <hartmans@utwig.mesas.com>

	* Makefile.in (LIBMAJOR): bump libmajor

1998-05-06  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* t_kdb.c (main): POSIX states that getopt returns -1
		when it is done parsing options, not EOF.

Wed Apr 15 18:06:34 1998  Tom Yu  <tlyu@mit.edu>

	* Makefile.in (SHLIB_EXPDEPS): 
	(SHLIB_EXPLIBS): Rename libcrypto -> libk5crypto.

Fri Feb 27 21:21:03 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* configure.in: Remove check for the regular expression functions,
		since they aren't used in lib/kdb.

Wed Feb 18 16:16:35 1998  Tom Yu  <tlyu@mit.edu>

	* Makefile.in: Remove trailing slash from thisconfigdir.  Fix up
 	BUILDTOP for new conventions.

Mon Feb  2 17:02:29 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile

Tue Oct 28 10:18:10 1997  Ezra Peisach  <epeisach@mit.edu>

	* kdb_cpw.c (add_key_pwd): For KRB5_KDB_SALTTYPE_AFS3, the salt
	 	key for afs_mit_string_to_key mut be null terminated. 

Mon Oct 13 10:18:19 1997  Ezra Peisach  <epeisach@mit.edu>

	* t_kdb.c (do_testing): Add krb5_free_context.

Mon Sep 15 15:05:30 1997  Ezra Peisach  <epeisach@mit.edu>

	* keytab.c: (krb5_ktkdb_get_entry): Incoming principal is const.

	* kdb_dbm.c (krb5_dbm_db_get_principal, krb5_dbm_db_delete_principal):
	        Incoming principal is const.

	* kdb_xdr.c (krb5_dbe_update_mod_princ_data, krb5_encode_princ_dbkey): 
	        Incoming principal is const.

	* kdb_db2.h (krb5_db2_db_get_principal): Change prototype to const
                principal.

	* kdb_db2.c (krb5_db2_db_get_principal, krb5_db2_db_delete_principal):
	        The search for principal is const.

Thu Jul 31 14:54:10 1997  Ezra Peisach  <epeisach@mit.edu>

	* kdb_db2.c (krb5_db2_db_delete_principal): Fix switch statement
	        so that all cases have one statement.

Tue Jul 29 02:35:09 1997  Tom Yu  <tlyu@mit.edu>

	* kdb_db2.c (krb5_db2_db_set_hashfirst): Don't cast a
	krb5_context * to a krb5_db2_context *.

Fri Jul 25 15:29:03 1997  Tom Yu  <tlyu@mit.edu>

	* kdb_db2.c: Fix typo; also, tweak page size in attempt to speed
	things up.

	* kdb_db2.h: Fix typo.

	* t_kdb.c: Reflect changes in the API, mostly db_create.

	* Makefile.in: Bump version due to major reworking.

	* kdb_db2.h:
	* kdb_db2.c: Add Berkely DB backend.

	* keytab.c: Add support for new kdb API; delete dead arguments.

	* kdb_xdr.c: Remove dependencies on dbm; encode things to
	krb5_datas rather than datums.

Mon Mar 24 12:19:03 1997  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* t_kdb.c (do_testing): Clean up error handling for krb5_init_context.

	* Makefile.in (check): Define and use KRB5_CONFIG_SETUP which sets
 		up the environment variables appropriately.

Sun Mar 16 21:20:00 1997  Tom Yu  <tlyu@mit.edu>

	* keytab.c: Don't assume dbm_db_get_mkey() and dbe_find_enctype
	won't error out.  Also, some gcc -Wall warning
	cleanups. [krb5-kdc/361]

Sat Feb 22 01:15:30 1997  Sam Hartman  <hartmans@tertius.mit.edu>

	* Makefile.in (SHLIB_EXPLIBS): depend on -lcrypto

Thu Feb  6 15:33:34 1997  Tom Yu  <tlyu@mit.edu>

	* Makefile.in:
	* configure.in: Update to new program build procedure.

Wed Jan  8 01:59:15 1997  Ezra Peisach  <epeisach@mit.edu>

	* Makefile.in, configure.in: Convert to new build procedure for libs.

Mon Nov 18 20:40:12 1996  Ezra Peisach  <epeisach@mit.edu>

	* configure.in: Set shared library version to 1.0. [krb5-libs/201]

Tue Nov 12 23:41:55 1996  Mark Eichin <eichin@cygnus.com>

	* kdb_dbm.c: Ditch DB_OPENCLOSE conditionals, and fix the real
 	problem.  Like the policy db, the main db is now opened on first
 	lock and closed on last unlock.  
	Set db_dbm_ctx to NULL after closing it, to help detect dangling
	references.
	(krb5_dbm_db_put_principal, krb5_dbm_db_delete_principal):
 	KDBM_STORE can fail (in case of database corruption, for example)
 	*without* causing errno to be set.  If errno is zero, use
 	KRB5_KDB_DB_CORRUPT instead. (If it is non-zero, it may still be
 	wrong, but at least something gets reported. This will be properly
	fixed by ditching KDBM_* altogether, and using the non-lossy db
	interfaces, so it's a good enough fix for now.)
	(krb5_dbm_db_rename): grab errno from rename *before*
 	calling krb5_dbm_db_end_update, to avoid "not a typewriter"
 	syndrome.
 	(krb5_dbm_db_unlock): only close on zero refcount.

Mon Nov 11 20:21:02 1996  Mark Eichin  <eichin@cygnus.com>

	* kdb_cpw.c (add_key_pwd): set length to -1 so krb5_string_to_key
	handles the AFS3 salttype, but then replace it with the actual
	length for later processing.

Mon Nov 11 17:03:16 1996  Barry Jaspan  <bjaspan@mit.edu>

	* kdb_cpw.c (cleanup_key_data): fix memory leak [krb5-kdc/163]
	(add_key_pwd): fix memory leak [krb5-kdc/164]

Sat Nov  9 15:57:50 1996  Ezra Peisach  <epeisach@mit.edu>

	* t_krb5.conf: Dummy krb5.conf file from the krb5 library. 

	* Makefile.in (check): Set KRB5_CONFIG to a valid krb5.conf file.

	* t_kdb.c (do_testing): Check return value from krb5_init_context.

Thu Oct 31 11:10:56 1996  Ezra Peisach  <epeisach@trane.rose.brandeis.edu>

	* Makefile.in (t_kdb): Link with $(TOPLIBD)/libdb.a

Wed Sep  4 19:29:57 1996  Tom Yu  <tlyu@mit.edu>

	* Makefile.in (t_kdb): Fix up dependencies of t_kdb so it will
		build on non-shared architectures; also ensure that libs
		get linked after the objects.

Fri Aug 23 16:34:45 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* Makefile.in (t_kdb): Fix Makefile so that t_kdb is linked
	 	correctly with the appropriate libraries.

Thu Aug 22 16:22:01 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* kdb_dbm.c: Remove vestigal code which was using BERK_DB_DBM
		define.  Still need to remove kludgey database "switch"
		code and recode to use the db interface.

	* t_kdb.c: Update t_kdb to use the new libkdb interface.

Mon Aug 12 14:11:29 1996  Barry Jaspan  <bjaspan@mit.edu>

	* kdb_dbm.c (krb5_dbm_db_rename): rename should not insist that
 	the target database not already exist

Fri Aug  9 15:21:34 1996  Ezra Peisach  <epeisach@dumpster.rose.brandeis.edu>

	* Makefile.in (shared): Convert shared:: to shared: so will not
		always be called upon. 

Thu Aug  8 20:26:47 1996  Tom Yu  <tlyu@mit.edu>

	* Makefile.in (shared): Always mkdir shared; test -d shared ||
		mkdir shared breaks under Ultrix sh (grrr...).

Thu Aug  8 18:29:15 1996  Sam Hartman  <hartmans@mit.edu>

	* keytab.c (krb5_ktkdb_get_entry): Return KRB5_KT_NOTFOUND if the
 	principal doesn't exist instead of dereferencing a null pointer.

Fri Aug  2 14:08:03 1996  Sam Hartman  <hartmans@mit.edu>

	* configure.in(LIBS): AIX wants to link against -ldb when building
 	the shared lib.

Mon Jul 29 23:07:14 1996  Samuel D Hartman  (hartmans@vorlon)

	* kdb_dbm.c: Don't bother referencing dbm_pagfno, because we don't
        actually use it; same for dbm_dirfno.

Tue Jul 23 11:09:08 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* Makefile.in: libkdb5.so needs to be built with
		libcrypto and libkrb5.

	* configure.in: Pass version numbers of teh crypto and krb5 shared
		libraries. 

Fri Jul 12 15:32:26 1996  Marc Horowitz  <marc@mit.edu>

	* kdb_cpw.c (add_key_pwd): initialize retval = 0, in case the
 	function is called with ks_tuple_count == 0.

Wed Jul 10 16:22:14 1996  Marc Horowitz  <marc@mit.edu>

	* configure.in (USE_KDB5_LIBRARY): removed.  the library does not
 	need itself to build, and in fact fails to do so if I try.
	* Makefile.in (clean-unix): remove the shared/ subdir

Tue Jul  9 17:55:30 1996  Marc Horowitz  <marc@mit.edu>

	* configure.in, Makefile.in: added rules and macros to do shared
 	library creation

Mon Jul  8 17:06:00 1996  Barry Jaspan  <bjaspan@mit.edu>

	* kdb_dbm.c: Create DB_OPENCLOSE, which opens and closes the
 	databases for each lock.  This is slower than the previous method,
 	but unlike the previous method it works.

Tue Jun 11 19:27:22 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* keytab.c (krb5_ktkdb_close): Free memory allocated by
		krb5_ktkdb_resolve. 

Mon May 20 18:02:07 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* kdb_dbm.c (krb5_dbm_db_create): Remove vestigal ODBM support.

Sat May 18 15:07:09 1996  Ezra Peisach  (epeisach@paris)

	* kdb_dbm.c: Do not provide prototypes for dbm_error or
		dbm_clearerr if they are really macros.

Sun May 12 01:03:07 1996  Marc Horowitz  <marc@mit.edu>

	* kdb_xdr.c: reworked all of the krb5_dbe_* tl_data functions.
  	This was necessary so that the admin system could store it's own
 	tl_data, without needing code here.  This has the side-effect of
 	eliminating some structures which added no value, therefore
 	changing about a half-dozen files elsewhere in the tree.

	* kdb_cpw.c (add_key_rnd): handle kvno incrementing in the caller,
 	not here.
	(krb5_dbe_crk): increment the kvno here, not in add_key_rnd
	(krb5_dbe_ark): increment the kvno here, not in add_key_rnd
	(add_key_pwd): handle kvno incrementing in the caller, not here.
	(krb5_dbe_cpw): take an arg to specify the new kvno.  if it's
	<= the old kvno, just increment.  Otherwise, pass it to add_key_pwd.
	This is why all the code in this revision was changed.
	(krb5_dbe_apw): increment the kvno here, not in add_key_pwd

Tue May  7 19:48:57 1996  Ezra Peisach  <epeisach@dumpster.rose.brandeis.edu>

	* t_kdb.c (do_testing): Compile if using BERK_DB and dbm is not
        available on system.

Thu Mar 21 20:38:38 1996  Richard Basch  <basch@lehman.com>

	* decrypt_key.c (krb5_dbekd_decrypt_key_data): bullet-proofing the
	code -- if the data contents are NULL, do not coredump.

Mon Mar 18 21:46:39 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* configure.in: Add KRB5_RUN_FLAGS

	* Makefile.in: Use the run flags.

Sun Mar 17 20:55:41 1996  Ezra Peisach  <epeisach@dumpster.rose.brandeis.edu>

 	* configure.in: Change WITH_KDB_DB to USE_KDB5_LIBRARIES and add
		KRB5_LIBRARIES.

	* Makefile.in: Use libraries as specified by configure. Set
		LD_LIBRARY_PATH for tests.

Sun Mar  3 10:41:04 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* configure.in: Change WITH_DB to WITH_KDB_DB

Fri Feb 23 19:39:52 1996  Mark Eichin  <eichin@cygnus.com>

	* keytab.c (krb5_ktkdb_close): new function, non-optional.
	(krb5_kt_kdb_ops): include _close method, comment what the other
	slots are.

Tue Feb 13 21:33:03 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* kdb_dbm.c (krb5_dbm_db_rename): Initialize pointer before use
		for case where new db does not exist.

Tue Jan 30 18:26:38 1996  Mark Eichin  <eichin@cygnus.com>

	* kdb_dbm.c (krb5_dbm_db_rename): O_EXCL is meaningless without
	O_CREAT.

Sat Jan 27 01:01:17 1996  Mark Eichin  <eichin@cygnus.com>

	* t_kdb.c: wrap db_dbm decls and berkely_dispatch in ifdefs
	BERK_DB_DBM.
	(do_testing): wrap references as well.

	* keytab.c (krb5_ktkdb_get_entry): use KRB5_PROTOTYPE.

Wed Dec 13 09:28:33 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* keytab.c (krb5_ktkdb_resolve): Fix casting

	* t_kdb.c (add_principal): Remove mkvno

Wed Dec 13 07:09:30 1995  Chris Provenzano (proven@mit.edu)

	* Makefile.in, keytab.c : Move db keytab routines here.

Wed Dec 13 03:51:53 1995  Chris Provenzano (proven@mit.edu)

        * kdb_xdr.c : Remove mkvno for krb5_db_entry

Tue Dec 12 01:20:02 1995  Chris Provenzano (proven@mit.edu)

	* kdb_dbm.c : Move the krb5_db_context to include/krb5/kdb_dbc.h.
	* kdb_dbm.c krb5_dbm_db_set_mkey(), krb5_dbm_db_get_mkey():
		Functions for associating a master key (krb5_encrypt_block *)
		to a krb5_db_context. Currently it associates it to the
		krb5_context and will be fixed once the krb5_db_context
		is better defined (Post 1.0).

Thu Nov 09 17:05:57 1995  Chris Provenzano (proven@mit.edu)

        * fetch_mkey.c, kdb_cpw.c, t_kdb.c : 
		Remove krb5_enctype from krb5_string_to_key() args.

Tue Nov  7 16:35:03 1995  Theodore Y. Ts'o  <tytso@dcl>

	* kdb_xdr.c (krb5_dbe_search_enctype): Make a more general version
		of kdb5_dbe_find_enctype() which allows you to search the
		keylist looking for multiple keys that fit your criteria.
		Eventually we should convert all programs to use
		kdb5_dbe_search_enctype() instead of kdb5_dbe_find_enctype().

Fri Nov 03 04:49:58 1995  Chris Provenzano (proven@mit.edu)

	* decrypt_key.c (krb5_dbekd_decrypt_key_data()) : If key salt length
		is 0 then set keysalt->data.data to NULL.
	* kdb_cpw.c (add_key_rnd(), add_key_pwd()) : When creating new keys 
		for a new kvno and there are multiple enctypes that use a 
		common keytype, then set the enctype in the key to the first
		specified enctype and skip all other enctypes that use 
		the same keytype. (This assumes the salt type is the same too.)
		This way when the kdc needs to get the server key it doesn't
		need to gues what enctypes the server supports.
	* kdb_xdr.c (krb5_dbe_find_enctype()): Match keys that use common
		keytypes but different enctypes. Eg. ENCTYPE_DES_CBC_MD5
		matches ENCTYPE_DES_CBC_CRC and vice versa.
	* kdb_xdr.c krb5_dbe_find_enctype()): If kvno = 0 then determine
		maxkvno for all the keys and then search keys for a key that 
		matches enctype salttype and has kvno == maxkvno. This
		is different than when kvno = -1 which searches the keys
		for THE key with the greatest kvno which also matches enctype
		and salttype.
	* kdb_kdr.c (krb5_dbe_find_enctype()): If kvno = ktype = stype = -1
		then set kvno = 0. The first doesn't make a lot of sense.
	* kdb_xdr.c (krb5_dbe_encode_last_pwd_change(), 
		krb5_dbe_decode_last_pwd_change()) : Added.
	* kdb_xdr.c (krb5_decode_princ_contents()) : Don't try to allocate 
		space for keys if n_key_data = 0. 

Mon Sep 25 17:31:02 1995  Theodore Y. Ts'o  <tytso@dcl>

	* Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the
	        Makefile.

Wed Sep 13 15:19:17 1995  Theodore Y. Ts'o  <tytso@dcl>

	* kdb_xdr.c (krb5_dbe_encode_mod_princ_data): Fix memory leaks.
		Fix lint flames.

	* fetch_mkey.c (krb5_db_fetch_mkey): This routine now sets the
		master encblock's crypto system using krb5_use_enctype()
		from the stored keytype of the master key.

	* decrypt_key.c (krb5_dbekd_decrypt_key_data): Remove the
		encryption type; the master_encblock should always be set
		correctly.

Sat Sep  9 14:53:39 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* decrypt_key.c (krb5_dbekd_decrypt_key_data): Set the encryption
		type before decrypting.

Fri Sep  8 19:52:34 1995  Ezra Peisach  (epeisach@dcl)

	* decrypt_key.c: Upon error, after freeing contents field, set to
		null to indicate to upper levels that it is really empty.

Wed Sep 06 14:20:57 1995   Chris Provenzano (proven@mit.edu)

        * decrypt_key.c, encrypt_key.c, fetch_mkey.c, kdb_compat.c,
	* kdb_cpw.c, kdb_xdr.c, store_mkey.c, t_kdb.c : 
		s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g

Tue Sep 05 22:10:34 1995   Chris Provenzano (proven@mit.edu)

        * decrypt_key.c, fetch_mkey.c, t_kdb.c : Remove krb5_enctype 
		references, and replace with krb5_keytype where appropriate

Tue Aug 29 13:34:23 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_dbm.c - Add routines to support serialization of the database
		context.  Clean up gcc -Wall complaints.

Thu Aug 24 18:54:51 1995  Theodore Y. Ts'o  <tytso@dcl>

	* .Sanitize: Update file list

Fri Aug 18 17:27:20 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_dbm.c - Bump timestamp to the future if we can't discriminate
		between updates within a second.  Fix database rename.  Reopen
		database after put or delete.
	* t_kdb.c - Add test code to fork off a few processes to beat on the
		database.


Thu Aug 17 13:46:29 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_dbm.c - Remove argument from dbm_db_end_update().  It was never
		used.  Remove gen_dbsuffix() logic from dbm_db_end_update() and
		dbm_db_get_age().  This logic was incorrect (end_update) or
		unused (get_age).  Reorg db_init() to reflect change in
		dbm_db_get_age().


Wed Aug 16 03:10:57 1995  Chris Provenzano  <proven@mit.edu>

	* decrypt_key.c, encrypt_key.c
		Only save the salt data if salt type != 0.
	* kdb_dbm.c :
		Rewritten to NOT open/close the db for every transaction.

Tue Aug 15 14:25:42 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_xdr.c - Add krb5_dbe_find_keytype() and clean up gcc -Wall
		complaints.


Wed Aug 9 17:17:36 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_cpw.c - Add check for uniqueness of key or key/salt combo.  Don't
		generate a new key_data entry if one already exists.  Also,
		fill in the key_data list at the end so as not to overwrite
		already present data.
		- Free krbtgt_keyblock contents in add_key_rnd().
		- Put a "break" at the end of the KRB5_KDB_SALTTYPE_ONLYREALM
		  in add_key_pwd().  Also pass in key_salt to encrypt_key_data
		  always.
	* kdb_xdr.c - initialize retval to 0 in decode_mod_princ data.  This is
		questionable whether we should return an error if there's no
		mod_princ data.  Also, free the allocated mod_princ only if
		we allocated it and there's a failure.


Wed Aug 9 09:47:08 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_cpw.c(add_key_rnd) - Terminate the variable length argument list
		to krb5_build_principal_ext() with a zero.

Tue Aug  8 21:32:30 1995  Tom Yu  <tlyu@dragons-lair.MIT.EDU>

	* kdb_cpw.c (add_key_rnd): remove bletcherous aggregate
		initializer stuff and use build_principal_ext like we
		should have in the first place to build the tgt principal.

Tue Aug 8 17:35:58 EDT 1995	Paul Park	(pjpark@mit.edu)
	* encrypt_key.c - When allocating the actual key_data_contents use the
		correct length (e.g. containing the two length bytes).
	* kdb_xdr.c - Clean the each key_data structure so that unfilled
		data becomes zero.


Mon Aug 7 17:40:10 EDT 1995	Paul Park	(pjpark@mit.edu)
	* encrypt_key.c - Handle keysalt specification with null data length.
	* decrypt_key.c - Handle salttypes with zero salt length.  Also, copy
		out stored salt.


Mon Aug 7 14:15:59 EDT 1995	Paul Park	(pjpark@mit.edu)
	* decrypt_key.c - Deserialize key length into a 16 bit integer, then
		jam it into the keyblock.


Mon Aug 7 13:05:53 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_cpw.c(add_key_rnd) - Manually initialize krbtgt_princ.data to
		point to krbtgt_princ_entries since some compilers do not
		support dynamic initializers.


Mon Aug 07 11:27:37 1995  Chris Provenzano (proven@mit.edu)

	* kdb_cpw.c: New routines for changing passwords of db_entried.

Fri Aug  4 23:26:22 1995  Tom Yu  <tlyu@dragons-lair.MIT.EDU>

	* setup_mkey.c (krb5_db_setup_mkey_name), 
	* fetch_mkey.c (krb5_db_fetch_mkey), 
	* verify_mky.c (krb5_db_verify_master_key),
	* decrypt_key.c (krb5_dbekd_decrypt_key_data),
	* encrypt_key.c (krb5_dbekd_encrypt_key_data),
	* kdb_xdr.c, kdb_dbm.c,
		Add parens to shut up gcc -Wall

Fri Aug 4 16:22:46 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_xdr,{de,en}crypt_key.c - Use encode/decode macros to [de]serialize
		data going in and out of the database.


Thu Aug 3 11:52:40 EDT 1995	Paul Park	(pjpark@mit.edu)
	* encrypt_key.c - Actually copy in the salt data which we allocated
		space for in krb5_dbekd_encrypt_key_data().
	* kdb_xdr.c - Correctly generate the tl_data list in krb5_decode_princ_
		contents().  Also allow for key_data_ver to be KRB5_KDB_V1_DATA_
		ARRAY.


Mon Jul 31 15:55:46 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_xdr.c - Correctly parenthesize realloc() expression in create_key
		_data().


Thu Jul 27 15:28:41 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdbint.h - Obsolete.

Thu Jul 27 02:59:05 1995  Chris Provenzano (proven@mit.edu)
        * decrypt_key.c, encrypt_key.c, kdb_dbm.c, kdb_xdr.c:
		Rewritten for new kdb format.
	* kdb_cpw.c : New password changing routines for new kdb format.
	* verify_mky.c, t_kdb.c : Use new kdb format.

Tue Jul 25 14:06:50 1995  Tom Yu  <tlyu@lothlorien.MIT.EDU>

	* kdb_dbm.c, t_kdb.c: Add prototype for dbm_error and dbm_clearerr
		in case they're not prototyped in the header files.

	* configure.in: Add test for missing prototypes for dbm_error and
		dbm_clearerr.

Thu Jul 20 23:59:18 1995  Mark Eichin  <eichin@cygnus.com>

	* kdb_dbm.c (krb5_dbm_db_create): move dirname, pagname
	declarations to the top of function, so it compiles...

Mon Jul 17 15:17:53 EDT 1995	Paul Park	(pjpark@mit.edu)
	* fetch_mkey.c - Remove inclusion of kdbint.h and add handling of
		stash file argument.
	* store_mkey.c - Remove inclusion of kdbint.h.  The default name of
		the stash file is in osconf.h now.

Sat Jul  8 22:37:14 1995  Theodore Y. Ts'o  (tytso@dcl)

	* kdb_dbm.c (kdb5_kdbm_db_create): Make sure the dbm context is
		initialized before we start.

Fri Jul 7 16:29:22 EDT 1995	Paul Park	(pjpark@mit.edu)
	* Makefile.in - Remove LDFLAGS, find com_err in TOPLIBD.


Fri Jun 30 14:39:45 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_dbm.c - Add function dispatch table to context and use it to
		perform database accesses.  Add kdb5_db_set_dbops() to set
		a context's function dispatch table.
	* Makefile.in - Remove Berkeley database object modules from this
		library.  They're now in libkrb5 since we use them in
		other places.
	* t_kdb.c - Add ability to test both DBM and Berkeley database
		format.

Thu Jun 29 06:54:00 1995  Mark Eichin  <eichin@cygnus.com>

	* configure.in (--with-dbm): new option, allows easy building of
	normal dbm support for compatibility.
	* Makefile.in (DBFLAGS): variable to hold substitution of flags to
	enable Berkeley db support.

Thu Jun 22 11:59:28 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_dbm.c - Replace static kdb context with context which is attached
		to krb5 context.  This allows for multiple open databases
		within the same process.


Thu Jun 15 18:04:58 EDT 1995	Paul Park	(pjpark@mit.edu)
	* Makefile.in - Remove explicit copying of archive library to library
		directory.  Add dependency on all-$(WHAT)
	* configure.in - Create symlink for archive when we build it.

Wed Jun 14 12:37:51 1995  Sam Hartman  <hartmans@tardis.MIT.EDU>

	* configure.in: Check for umask being defined.

	* store_mkey.c (krb5_db_store_mkey): Use HAVE_UMASK instead of
	unix as a preprocessor define for setting the umask.  AIX doesn't
	define unix.

	* t_kdb.c (main): Declare option as int, not char.  When char is
	unsigned, the comparison to EOF fails and it loops forever.


Sun Jun 11 09:26:48 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* Makefile.in (clean): Remove t_kdb and t_kdb.o

Fri Jun  9 19:26:49 1995    <tytso@rsx-11.mit.edu>

	* configure.in: Remove standardized set of autoconf macros, which
		are now handled by CONFIG_RULES.

Tue May 30 12:31:26 EDT 1995	Paul Park	(pjpark@mit.edu)
	* Makefile.in: ranlib the library again after doing $(LIBUPDATE).
		Some archivers don't do this.

Fri May 26 17:52:03 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb_dbm.c - Change usage of dbm package or Berkeley db package
		based on setting of BERK_DB_DBM.  Also, conditionalize
		implicit knowledge of dbm/Berkeley db filename extensions.
	* Makefile.in - Set BERK_DB_DBM when compiling.  Update from Berkeley
		db build directory.
	* configure.in - Check for random number generators.
	* t_kdb.c - New tester for kdb code.

Fri Mar 24 21:59:34 1995  Theodore Y. Ts'o  <tytso@dcl>

	* store_mkey.c (krb5_db_store_mkey): 
	* fetch_mkey.c (krb5_db_fetch_mkey): Hardcode the size of the
		keytype field in the file format, to be compatible with
		what was used in the Beta 4 release (before we changed the
		size of a krb5_keytype type).

Fri Mar 24 15:13:53 1995    <tytso@rsx-11.mit.edu>

	* kdb_dbm.c: Don't cast dbm_close() to void, because dbm_close is
		already void.

Tue Feb 28 00:30:10 1995  John Gilmore  (gnu at toad.com)

	* decrypt_key.c, encrypt_key.c, fetch_mkey.c, kdb_dbm.c,
	setup_mkey.c, store-mkey.c, verify_mky.c:  Avoid <krb5/...> includes.

Fri Jan 13 15:23:47 1995  Chris Provenzano (proven@mit.edu)

    * Added krb5_context to all krb5_routines

Thu Nov 17 19:22:16 1994  Mark Eichin  (eichin@cygnus.com)

	* kdb_dbm.c (krb5_dbm_db_unlock): Use krb5_lock_file.
	(krb5_dbm_db_lock): Same. (Changes from jtkohl@mit.edu.)

Thu Nov 10 17:20:42 1994  Theodore Y. Ts'o  (tytso@dcl)

	* decrypt_key.c (krb5_kdb_decrypt_key): Set the keyblock's magic
		number and ecryption type information appropriately.

Tue Nov  8 18:03:23 1994  Theodore Y. Ts'o  (tytso@dcl)

	* fetch_mkey.c (krb5_db_fetch_mkey): Set the keyblock's magic
		number and encryption type information appropriately.

Sat Oct 22 10:13:25 1994    (tytso@rsx-11)

	* kdb_dbm.c: Don't need to define POSIX_FILE_LOCKS; just include
		config.h instead.

Wed Oct 19 12:15:36 1994  Theodore Y. Ts'o  (tytso@dcl)

	* Makefile.in: make install obey $(DESTDIR) completely

Fri Oct 14 00:57:33 1994  Theodore Y. Ts'o  (tytso@dcl)

	* configure.in: Add test for unistd.h

	* lock_file.c: Use POSIX_FILE_LOCKS if _POSIX_VERSION is defined
		in unistd.h

Tue Oct  4 15:08:03 1994  Theodore Y. Ts'o  (tytso@dcl)

	* kdb_dbm.c (decode_princ_contents): Add backwards compatibility
		for version numbers 1.0 and 2.0.  

Mon Oct  3 22:47:49 1994  Theodore Y. Ts'o  (tytso@dcl)

	* kdb_dbm.c (decode_princ_contents): Force an incompatible version
		number change to the database --- we are now at database
		entry version 2.0.  Unfortunately, the way we encode the
		database is completely broken, and any structure changes
		change the encoding format.  We will need to redo this
		completely at some point, so we don't have to make people
		go through this again.

	* Makefile.in: make install obey $(DESTDIR)

Thu Aug  4 03:41:44 1994  Tom Yu  (tlyu@dragons-lair)

	* configure.in: look for install program

	* Makefile.in: make install fixes

Fri Jul 15 14:54:10 1994  Theodore Y. Ts'o  (tytso at tsx-11)

	* kdb_dbm.c (krb5_dbm_db_end_update): Change use of utimes() to
	the POSIX utime() function.