1 2002-09-03 Johan Danielsson <joda@pdc.kth.se>
3 * wrap.c (wrap_des3): use ETYPE_DES3_CBC_NONE
5 * unwrap.c (unwrap_des3): use ETYPE_DES3_CBC_NONE
7 2002-09-02 Johan Danielsson <joda@pdc.kth.se>
9 * init_sec_context.c: we need to generate a local subkey here
11 2002-08-20 Jacques Vidrine <n@nectar.com>
13 * acquire_cred.c, inquire_cred.c, release_cred.c: Use default
14 credential resolution if gss_acquire_cred is called with
17 2002-06-20 Jacques Vidrine <n@nectar.com>
19 * import_name.c: Compare name types by value if pointers do
20 not match. Reported by: "Douglas E. Engert" <deengert@anl.gov>
22 2002-05-20 Jacques Vidrine <n@nectar.com>
24 * verify_mic.c (gss_verify_mic), unwrap.c (gss_unwrap): initialize
25 the qop_state parameter. from Doug Rabson <dfr@nlsystems.com>
27 2002-05-09 Jacques Vidrine <n@nectar.com>
29 * acquire_cred.c: handle GSS_C_INITIATE/GSS_C_ACCEPT/GSS_C_BOTH
31 2002-05-08 Jacques Vidrine <n@nectar.com>
33 * acquire_cred.c: initialize gssapi; handle null desired_name
35 2002-03-22 Johan Danielsson <joda@pdc.kth.se>
37 * Makefile.am: remove non-functional stuff accidentally committed
39 2002-03-11 Assar Westerlund <assar@sics.se>
41 * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:5:2
42 * 8003.c (gssapi_krb5_verify_8003_checksum): handle zero channel
45 2001-10-31 Jacques Vidrine <n@nectar.com>
47 * get_mic.c (mic_des3): MIC computation using DES3/SHA1
48 was bogusly appending the message buffer to the result,
49 overwriting a heap buffer in the process.
51 2001-08-29 Assar Westerlund <assar@sics.se>
53 * 8003.c (gssapi_krb5_verify_8003_checksum,
54 gssapi_krb5_create_8003_checksum): make more consistent by always
55 returning an gssapi error and setting minor status. update
58 2001-08-28 Jacques Vidrine <n@nectar.com>
60 * accept_sec_context.c: Create a cache for delegated credentials
63 2001-08-28 Assar Westerlund <assar@sics.se>
65 * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:4:2
67 2001-08-23 Assar Westerlund <assar@sics.se>
69 * *.c: handle minor_status more consistently
71 * display_status.c (gss_display_status): handle krb5_get_err_text
74 2001-08-15 Johan Danielsson <joda@pdc.kth.se>
76 * gssapi_locl.h: fix prototype for gssapi_krb5_init
78 2001-08-13 Johan Danielsson <joda@pdc.kth.se>
80 * accept_sec_context.c (gsskrb5_register_acceptor_identity): init
81 context and check return value from kt_resolve
83 * init.c: return error code
85 2001-07-19 Assar Westerlund <assar@sics.se>
87 * Makefile.am (libgssapi_la_LDFLAGS): update to 3:3:2
89 2001-07-12 Assar Westerlund <assar@sics.se>
91 * Makefile.am (libgssapi_la_LIBADD): add required library
94 2001-07-06 Assar Westerlund <assar@sics.se>
96 * accept_sec_context.c (gsskrb5_register_acceptor_identity): set
97 the keytab to be used for gss_acquire_cred too'
99 2001-07-03 Assar Westerlund <assar@sics.se>
101 * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:2:2
103 2001-06-18 Assar Westerlund <assar@sics.se>
105 * wrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey
106 and gss_krb5_get_remotekey
107 * verify_mic.c: update krb5_auth_con function names use
108 gss_krb5_get_remotekey
109 * unwrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey
110 and gss_krb5_get_remotekey
111 * gssapi_locl.h (gss_krb5_get_remotekey, gss_krb5_get_localkey):
113 * get_mic.c: update krb5_auth_con function names. use
114 gss_krb5_get_localkey
115 * accept_sec_context.c: update krb5_auth_con function names
117 2001-05-17 Assar Westerlund <assar@sics.se>
119 * Makefile.am: bump version to 3:1:2
121 2001-05-14 Assar Westerlund <assar@sics.se>
123 * address_to_krb5addr.c: adapt to new address functions
125 2001-05-11 Assar Westerlund <assar@sics.se>
127 * try to return the error string from libkrb5 where applicable
129 2001-05-08 Assar Westerlund <assar@sics.se>
131 * delete_sec_context.c (gss_delete_sec_context): remember to free
132 the memory used by the ticket itself. from <tmartin@mirapoint.com>
134 2001-05-04 Assar Westerlund <assar@sics.se>
136 * gssapi_locl.h: add config.h for completeness
137 * gssapi.h: remove config.h, this is an installed header file
138 sys/types.h is not needed either
140 2001-03-12 Assar Westerlund <assar@sics.se>
142 * acquire_cred.c (gss_acquire_cred): remove memory leaks. from
143 Jason R Thorpe <thorpej@zembu.com>
145 2001-02-18 Assar Westerlund <assar@sics.se>
147 * accept_sec_context.c (gss_accept_sec_context): either return
148 gss_name NULL-ed or set
150 * import_name.c: set minor_status in some cases where it was not
153 2001-02-15 Assar Westerlund <assar@sics.se>
155 * wrap.c: use krb5_generate_random_block for the confounders
157 2001-01-30 Assar Westerlund <assar@sics.se>
159 * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:0:2
160 * acquire_cred.c, init_sec_context.c, release_cred.c: add support
161 for getting creds from a keytab, from fvdl@netbsd.org
163 * copy_ccache.c: add gss_krb5_copy_ccache
165 2001-01-27 Assar Westerlund <assar@sics.se>
167 * get_mic.c: cast parameters to des function to non-const pointers
168 to handle the case where these functions actually take non-const
171 2001-01-09 Assar Westerlund <assar@sics.se>
173 * accept_sec_context.c (gss_accept_sec_context): use krb5_rd_cred2
174 instead of krb5_rd_cred
176 2000-12-11 Assar Westerlund <assar@sics.se>
178 * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:3:1
180 2000-12-08 Assar Westerlund <assar@sics.se>
182 * wrap.c (wrap_des3): use the checksum as ivec when encrypting the
184 * unwrap.c (unwrap_des3): use the checksum as ivec when encrypting
186 * init_sec_context.c (init_auth): always zero fwd_data
188 2000-12-06 Johan Danielsson <joda@pdc.kth.se>
190 * accept_sec_context.c: de-pointerise auth_context parameter to
193 2000-11-15 Assar Westerlund <assar@sics.se>
195 * init_sec_context.c (init_auth): update to new
196 krb5_build_authenticator
198 2000-09-19 Assar Westerlund <assar@sics.se>
200 * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:2:1
202 2000-08-27 Assar Westerlund <assar@sics.se>
204 * init_sec_context.c: actually pay attention to `time_req'
205 * init_sec_context.c: re-organize. leak less memory.
206 * gssapi_locl.h (gssapi_krb5_encapsulate, gss_krb5_getsomekey):
207 update prototypes add assert.h
208 * gssapi.h (GSS_KRB5_CONF_C_QOP_DES, GSS_KRB5_CONF_C_QOP_DES3_KD):
210 * verify_mic.c: re-organize and add 3DES code
211 * wrap.c: re-organize and add 3DES code
212 * unwrap.c: re-organize and add 3DES code
213 * get_mic.c: re-organize and add 3DES code
214 * encapsulate.c (gssapi_krb5_encapsulate): do not free `in_data',
215 let the caller do that. fix the callers.
217 2000-08-16 Assar Westerlund <assar@sics.se>
219 * Makefile.am: bump version to 2:1:1
221 2000-07-29 Assar Westerlund <assar@sics.se>
223 * decapsulate.c (gssapi_krb5_verify_header): sanity-check length
225 2000-07-25 Johan Danielsson <joda@pdc.kth.se>
227 * Makefile.am: bump version to 2:0:1
229 2000-07-22 Assar Westerlund <assar@sics.se>
231 * gssapi.h: update OID for GSS_C_NT_HOSTBASED_SERVICE and other
234 2000-06-29 Assar Westerlund <assar@sics.se>
236 * address_to_krb5addr.c (gss_address_to_krb5addr): actually use
237 `int' instead of `sa_family_t' for the address family.
239 2000-06-21 Assar Westerlund <assar@sics.se>
241 * add support for token delegation. From Daniel Kouril
242 <kouril@ics.muni.cz> and Miroslav Ruda <ruda@ics.muni.cz>
244 2000-05-15 Assar Westerlund <assar@sics.se>
246 * Makefile.am (libgssapi_la_LDFLAGS): set version to 1:1:1
248 2000-04-12 Assar Westerlund <assar@sics.se>
250 * release_oid_set.c (gss_release_oid_set): clear set for
251 robustness. From GOMBAS Gabor <gombasg@inf.elte.hu>
252 * release_name.c (gss_release_name): reset input_name for
253 robustness. From GOMBAS Gabor <gombasg@inf.elte.hu>
254 * release_buffer.c (gss_release_buffer): set value to NULL to be
255 more robust. From GOMBAS Gabor <gombasg@inf.elte.hu>
256 * add_oid_set_member.c (gss_add_oid_set_member): actually check if
257 the oid is a member first. leave the oid_set unchanged if realloc
260 2000-02-13 Assar Westerlund <assar@sics.se>
262 * Makefile.am: set version to 1:0:1
264 2000-02-12 Assar Westerlund <assar@sics.se>
266 * gssapi_locl.h: add flags for import/export
267 * import_sec_context.c (import_sec_context: add flags for what
268 fields are included. do not include the authenticator for now.
269 * export_sec_context.c (export_sec_context: add flags for what
270 fields are included. do not include the authenticator for now.
271 * accept_sec_context.c (gss_accept_sec_context): set target in
274 2000-02-11 Assar Westerlund <assar@sics.se>
276 * delete_sec_context.c (gss_delete_sec_context): set context to
279 * Makefile.am: add {export,import}_sec_context.c
280 * export_sec_context.c: new file
281 * import_sec_context.c: new file
282 * accept_sec_context.c (gss_accept_sec_context): set trans flag
284 2000-02-07 Assar Westerlund <assar@sics.se>
286 * Makefile.am: set version to 0:5:0
288 2000-01-26 Assar Westerlund <assar@sics.se>
290 * delete_sec_context.c (gss_delete_sec_context): handle a NULL
293 * wrap.c: update to pseudo-standard APIs for md4,md5,sha. some
294 changes to libdes calls to make them more portable.
295 * verify_mic.c: update to pseudo-standard APIs for md4,md5,sha.
296 some changes to libdes calls to make them more portable.
297 * unwrap.c: update to pseudo-standard APIs for md4,md5,sha. some
298 changes to libdes calls to make them more portable.
299 * get_mic.c: update to pseudo-standard APIs for md4,md5,sha. some
300 changes to libdes calls to make them more portable.
301 * 8003.c: update to pseudo-standard APIs for md4,md5,sha.
303 2000-01-06 Assar Westerlund <assar@sics.se>
305 * Makefile.am: set version to 0:4:0
307 1999-12-26 Assar Westerlund <assar@sics.se>
309 * accept_sec_context.c (gss_accept_sec_context): always set
311 * init_sec_context.c (init_auth): always initialize `output_token'
312 * delete_sec_context.c (gss_delete_sec_context): always set
315 1999-12-06 Assar Westerlund <assar@sics.se>
317 * Makefile.am: bump version to 0:3:0
319 1999-10-20 Assar Westerlund <assar@sics.se>
321 * Makefile.am: set version to 0:2:0
323 1999-09-21 Assar Westerlund <assar@sics.se>
325 * init_sec_context.c (gss_init_sec_context): initialize `ticket'
327 * gssapi.h (gss_ctx_id_t_desc): add ticket in here. ick.
329 * delete_sec_context.c (gss_delete_sec_context): free ticket
331 * accept_sec_context.c (gss_accept_sec_context): stove away
332 `krb5_ticket' in context so that ugly programs such as
333 gss_nt_server can get at it. uck.
335 1999-09-20 Johan Danielsson <joda@pdc.kth.se>
337 * accept_sec_context.c: set minor_status
339 1999-08-04 Assar Westerlund <assar@sics.se>
341 * display_status.c (calling_error, routine_error): right shift the
342 code to make it possible to index into the arrays
344 1999-07-28 Assar Westerlund <assar@sics.se>
346 * gssapi.h (GSS_C_AF_INET6): add
348 * import_name.c (import_hostbased_name): set minor_status
350 1999-07-26 Assar Westerlund <assar@sics.se>
352 * Makefile.am: set version to 0:1:0
354 Wed Apr 7 14:05:15 1999 Johan Danielsson <joda@hella.pdc.kth.se>
356 * display_status.c: set minor_status
358 * init_sec_context.c: set minor_status
360 * lib/gssapi/init.c: remove donep (check gssapi_krb5_context