1 Tue Dec 23 01:56:45 1997 Assar Westerlund <assar@sics.se>
5 * lib/kadm5/ent_setup.c (attr_to_flags): try to set `client'
7 * kadmin/util.c (edit_time): only set mask if != 0
8 (edit_attributes): only set mask if != 0
10 * kadmin/init.c (init): create `default'
12 Sun Dec 21 09:44:05 1997 Assar Westerlund <assar@sics.se>
14 * kadmin/util.c (str2deltat, str2attr, get_deltat): return value
15 as pointer and have return value indicate success.
17 (get_response): check NULL from fgets
19 (edit_time, edit_attributes): new functions for reading values and
20 offering list of answers on '?'
22 (edit_entry): use edit_time and edit_attributes
24 * kadmin/ank.c (add_new_key): test the return value of
27 * kdc/kerberos5.c (tgs_check_authenticator): RFC1510 doesn't say
28 that the checksum has to be keyed, even though later drafts do.
29 Accept unkeyed checksums to be compatible with MIT.
31 * appl/rsh/rshd.c (recv_krb5_auth): swap the order of the
32 `local_user' and the `remote_user'
34 * appl/rsh/rsh.c (send_krb5_auth): swap the order of the
35 `local_user' and the `remote_user'
37 * kadmin/kadmin_locl.h: add some prototypes.
39 * kadmin/util.c (edit_entry): return a value
41 * appl/afsutil/afslog.c (main): return a exit code.
43 * lib/krb5/get_cred.c (init_tgs_req): use krb5_keytype_to_enctypes
45 * lib/krb5/encrypt.c (krb5_keytype_to_enctypes): new function.
47 * lib/krb5/build_auth.c (krb5_build_authenticator): use
48 krb5_{free,copy}_keyblock instead of the _contents versions
50 Sat Dec 6 10:09:40 1997 Johan Danielsson <joda@emma.pdc.kth.se>
52 * lib/krb5/keyblock.c (krb5_free_keyblock): check for NULL
55 Sat Dec 6 08:26:10 1997 Assar Westerlund <assar@sics.se>
59 Thu Dec 4 03:38:12 1997 Johan Danielsson <joda@emma.pdc.kth.se>
61 * lib/krb5/send_to_kdc.c: Add TCP client support.
63 * lib/krb5/store.c: Add k_{put,get}_int.
65 * kadmin/ank.c: Set initial kvno to 1.
67 * kdc/connect.c: Send version 5 TCP-reply as length+data.
69 Sat Nov 29 07:10:11 1997 Assar Westerlund <assar@sics.se>
71 * appl/rsh/rshd.c: updated to use getarg.
72 changed `struct fd_set' to `fd_set'.
73 implemented broken/BSD authentication (requires iruserok)
75 * lib/krb5/rd_req.c (krb5_rd_req): fixed obvious bug
77 * kdc/kaserver.c (create_reply_ticket): use a random nonce in the
80 * kdc/connect.c (init_sockets): less reallocing.
82 * **/*.c: changed `struct fd_set' to `fd_set'
84 Sat Nov 29 05:12:01 1997 Johan Danielsson <joda@emma.pdc.kth.se>
86 * lib/krb5/get_default_principal.c: More guessing.
88 Thu Nov 20 02:55:09 1997 Johan Danielsson <joda@emma.pdc.kth.se>
90 * lib/krb5/rd_req.c: Use principal from ticket if no server is
93 Tue Nov 18 02:58:02 1997 Johan Danielsson <joda@emma.pdc.kth.se>
95 * kuser/klist.c: Use krb5_err*().
97 Sun Nov 16 11:57:43 1997 Johan Danielsson <joda@emma.pdc.kth.se>
99 * kadmin/kadmin.c: Add local `init', `load', `dump', and `merge'
102 Sun Nov 16 02:52:20 1997 Assar Westerlund <assar@sics.se>
104 * lib/krb5/mk_req_ext.c (krb5_mk_req_ext): figure out the correct
107 * lib/krb5/mk_req.c (krb5_mk_req): use `(*auth_context)->enctype'
110 * lib/krb5/get_cred.c: handle the case of a specific keytype
112 * lib/krb5/build_auth.c (krb5_build_authenticator): enctype as a
113 parameter instead of guessing it.
115 * lib/krb5/build_ap_req.c (krb5_build_ap_req): new parameter
118 * appl/test/common.c (common_setup): don't use `optarg'
120 * lib/krb5/keytab.c (krb5_kt_copy_entry_contents): new function
121 (krb5_kt_get_entry): retrieve the latest version if kvno == 0
123 * lib/krb5/krb5.h: define KRB5_TC_MATCH_KEYTYPE
125 * lib/krb5/creds.c (krb5_compare_creds): check for
126 KRB5_TC_MATCH_KEYTYPE
128 * lib/gssapi/8003.c (gssapi_krb5_create_8003_checksum): remove
131 * lib/krb5/creds.c (krb5_copy_creds_contents): only free the
134 Sun Nov 16 00:32:48 1997 Johan Danielsson <joda@emma.pdc.kth.se>
136 * kpasswd/kpasswdd.c: Get password expiration time from config
139 * lib/asn1/{der_get,gen_decode}.c: Allow passing NULL size.
141 Wed Nov 12 02:35:57 1997 Assar Westerlund <assar@sics.se>
143 * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds):
144 restructured and fixed.
146 * lib/krb5/addr_families.c (krb5_h_addr2addr): new function.
148 * appl/rsh/rsh_locl.h: add AUTH_BROKEN and PATH_RSH
150 * appl/rsh/Makefile.am: set BINDIR
152 * appl/rsh/rsh.c: implemented BSD-style reserved port
155 Wed Nov 12 01:36:01 1997 Johan Danielsson <joda@emma.pdc.kth.se>
157 * lib/krb5/get_addrs.c: Fall back to hostname's addresses if other
160 Tue Nov 11 22:22:12 1997 Johan Danielsson <joda@emma.pdc.kth.se>
162 * kadmin/kadmin.c: Add `-l' flag to use local database.
164 * lib/kadm5/acl.c: Use KADM5_PRIV_ALL.
166 * lib/kadm5: Use function pointer trampoline for easier dual use
167 (without radiation-hardening capability).
169 Tue Nov 11 05:15:22 1997 Assar Westerlund <assar@sics.se>
171 * lib/krb5/encrypt.c (krb5_etype_valid): new function
173 * lib/krb5/creds.c (krb5_copy_creds_contents): zero target
175 * lib/krb5/context.c (valid_etype): remove
177 * lib/krb5/checksum.c: remove dead code
179 * lib/krb5/changepw.c (send_request): free memory on error.
181 * lib/krb5/build_ap_req.c (krb5_build_ap_req): check return value
184 * lib/krb5/auth_context.c (krb5_auth_con_init): free memory on
186 (krb5_auth_con_setaddrs_from_fd): return error correctly.
188 * lib/krb5/get_in_tkt_with_{keytab,skey}.c: new files
190 Tue Nov 11 02:53:19 1997 Johan Danielsson <joda@emma.pdc.kth.se>
192 * lib/krb5/auth_context.c: Implement auth_con_setuserkey.
194 * lib/gssapi/init_sec_context.c: Use krb5_auth_con_getkey.
196 * lib/krb5/keyblock.c: Rename krb5_free_keyblock to
197 krb5_free_keyblock_contents, and reimplement krb5_free_keyblock.
199 * lib/krb5/rd_req.c: Use auth_context->keyblock if
200 ap_options.use_session_key.
202 Tue Nov 11 02:35:17 1997 Assar Westerlund <assar@sics.se>
204 * lib/krb5/net_{read,write}.c: change `int fd' to `void *p_fd'.
207 * lib/krb5/krb5_locl.h: include <asn1.h> and <der.h>
209 * include/Makefile.am: add xdbm.h
211 Tue Nov 11 01:58:22 1997 Johan Danielsson <joda@emma.pdc.kth.se>
213 * lib/krb5/get_cred.c: Implement krb5_get_cred_from_kdc.
215 Mon Nov 10 22:41:53 1997 Johan Danielsson <joda@emma.pdc.kth.se>
217 * lib/krb5/ticket.c: Implement copy_ticket.
219 * lib/krb5/get_in_tkt.c: Make `options' parameter MIT-compatible.
221 * lib/krb5/data.c: Implement free_data and copy_data.
223 Sun Nov 9 02:17:27 1997 Johan Danielsson <joda@emma.pdc.kth.se>
225 * lib/kadm5: Implement kadm5_get_privs, and kadm5_get_principals.
227 * kadmin/kadmin.c: Add get_privileges function.
229 * lib/kadm5: Rename KADM5_ACL_* -> KADM5_PRIV_* to conform with
232 * kdc/connect.c: Exit if no sockets could be bound.
234 * kadmin/kadmind.c: Check return value from krb5_net_read().
236 * lib/kadm5,kadmin: Fix memory leaks.
238 Fri Nov 7 02:45:26 1997 Johan Danielsson <joda@emma.pdc.kth.se>
240 * lib/kadm5/create_s.c: Get some default values from `default'
243 * lib/kadm5/ent_setup.c: Add optional default entry to get some
246 Thu Nov 6 00:20:41 1997 Johan Danielsson <joda@emma.pdc.kth.se>
248 * lib/error/compile_et.awk: Remove generated destroy_*_error_table
251 * kadmin/kadmind.c: Crude admin server.
253 * kadmin/kadmin.c: Update to use remote protocol.
255 * kadmin/get.c: Fix principal formatting.
257 * lib/kadm5: Add client support.
259 * lib/kadm5/error.c: Error code mapping.
261 * lib/kadm5/server.c: Kadmind support function.
263 * lib/kadm5/marshall.c: Kadm5 marshalling.
265 * lib/kadm5/acl.c: Simple acl system.
267 * lib/kadm5/kadm5_locl.h: Add client stuff.
269 * lib/kadm5/init_s.c: Initialize acl.
271 * lib/kadm5/*: Return values.
273 * lib/kadm5/create_s.c: Correct kvno.
275 Wed Nov 5 22:06:50 1997 Johan Danielsson <joda@emma.pdc.kth.se>
277 * lib/krb5/log.c: Fix parsing of log destinations.
279 Mon Nov 3 20:33:55 1997 Johan Danielsson <joda@emma.pdc.kth.se>
281 * lib/krb5/principal.c: Reduce number of reallocs in unparse_name.
283 Sat Nov 1 01:40:53 1997 Johan Danielsson <joda@emma.pdc.kth.se>
285 * kadmin: Simple kadmin utility.
287 * admin/ktutil.c: Print keytype.
289 * lib/kadm5/get_s.c: Set correct n_key_data.
291 * lib/kadm5/init_s.c: Add kadm5_s_init_with_password_ctx. Use
294 * lib/kadm5/destroy_s.c: Check for allocated context.
296 * lib/kadm5/{create,chpass}_s.c: Use _kadm5_set_keys().
298 Sat Nov 1 00:21:00 1997 Assar Westerlund <assar@sics.se>
300 * configure.in: test for readv, writev
302 Wed Oct 29 23:41:26 1997 Assar Westerlund <assar@sics.se>
304 * lib/krb5/warn.c (_warnerr): handle the case of an illegal error
307 * kdc/kerberos5.c (encode_reply): return success
309 Wed Oct 29 18:01:59 1997 Johan Danielsson <joda@emma.pdc.kth.se>
311 * kdc/kerberos5.c (find_etype) Return correct index of selected
314 Wed Oct 29 04:07:06 1997 Assar Westerlund <assar@sics.se>
318 * lib/krb5/context.c (krb5_init_context): support `KRB5_CONFIG'
321 * *: use the roken_get*-macros from roken.h for the benefit of
324 * configure.in: add --{enable,disable}-otp. check for compatible
325 prototypes for gethostbyname, gethostbyaddr, getservbyname, and
326 openlog (they have strange prototypes on Crays)
328 * acinclude.m4: new macro `AC_PROTO_COMPAT'
330 Tue Oct 28 00:11:22 1997 Johan Danielsson <joda@emma.pdc.kth.se>
332 * kdc/connect.c: Log bad requests.
334 * kdc/kerberos5.c: Move stuff that's in common between as_rep and
335 tgs_rep to separate functions.
337 * kdc/kerberos5.c: Fix user-to-user authentication.
339 * lib/krb5/get_cred.c: Some restructuring of krb5_get_credentials:
340 - add a kdc-options argument to krb5_get_credentials, and rename
341 it to krb5_get_credentials_with_flags
342 - honour the KRB5_GC_CACHED, and KRB5_GC_USER_USER options
343 - add some more user-to-user glue
345 * lib/krb5/rd_req.c: Move parts of krb5_verify_ap_req into a new
346 function, krb5_decrypt_ticket, so it is easier to decrypt and
347 check a ticket without having an ap-req.
349 * lib/krb5/krb5.h: Add KRB5_GC_CACHED, and KRB5_GC_USER_USER
352 * lib/krb5/crc.c (crc_init_table): Check if table is already
355 Sun Oct 26 04:51:02 1997 Johan Danielsson <joda@emma.pdc.kth.se>
357 * lib/asn1/der_get.c (der_get_length, fix_dce): Special-case
360 * lib/asn1/gen_glue.c (generate_units): Check for empty
363 Sat Oct 25 07:24:57 1997 Johan Danielsson <joda@emma.pdc.kth.se>
365 * lib/error/compile_et.awk: Allow specifying table-base.
367 Tue Oct 21 20:21:40 1997 Johan Danielsson <joda@emma.pdc.kth.se>
369 * kdc/kerberos5.c: Check version number of krbtgt.
371 Mon Oct 20 01:14:53 1997 Assar Westerlund <assar@sics.se>
373 * lib/krb5/prompter_posix.c (krb5_prompter_posix): implement the
374 case of unhidden prompts.
376 * lib/krb5/str2key.c (string_to_key_internal): return error
377 instead of aborting. always free memory
379 * admin/ktutil.c: add `help' command
381 * admin/kdb_edit.c: implement new commands: add_random_key(ark),
382 change_password(cpw), change_random_key(crk)
384 Thu Oct 16 05:16:36 1997 Assar Westerlund <assar@sics.se>
386 * kpasswd/kpasswdd.c: change all the keys in the database
388 * kdc: removed all unsealing, now done by the hdb layer
390 * lib/hdb/hdb.c: new functions `hdb_create', `hdb_set_master_key'
391 and `hdb_clear_master_key'
393 * admin/misc.c: removed
395 Wed Oct 15 22:47:31 1997 Assar Westerlund <assar@sics.se>
397 * kuser/klist.c: print year as YYYY iff verbose
399 Wed Oct 15 20:02:13 1997 Johan Danielsson <joda@emma.pdc.kth.se>
401 * kuser/klist.c: print etype from ticket
403 Mon Oct 13 17:18:57 1997 Johan Danielsson <joda@emma.pdc.kth.se>
407 * lib/krb5/get_cred.c: Get the subkey from mk_req so it can be
408 used to decrypt the reply from DCE secds.
410 * lib/krb5/auth_context.c: Add {get,set}enctype.
412 * lib/krb5/get_cred.c: Fix for DCE secd.
414 * lib/krb5/store.c: Store keytype twice, as MIT does.
416 * lib/krb5/get_in_tkt.c: Use etype from reply.
418 Fri Oct 10 00:39:48 1997 Johan Danielsson <joda@emma.pdc.kth.se>
420 * kdc/connect.c: check for leading '/' in http request
422 Tue Sep 30 21:50:18 1997 Assar Westerlund <assar@assaris.pdc.kth.se>
426 Mon Sep 29 15:58:43 1997 Assar Westerlund <assar@sics.se>
428 * lib/krb5/rd_req.c (krb5_rd_req): redone because we don't know
429 the kvno or keytype before receiving the AP-REQ
431 * lib/krb5/mk_safe.c (krb5_mk_safe): figure out what cksumtype to
432 use from the keytype.
434 * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): figure out what
435 cksumtype to use from the keytype.
437 * lib/krb5/mk_priv.c (krb5_mk_priv): figure out what etype to use
440 * lib/krb5/keytab.c (krb5_kt_get_entry): check the keytype
442 * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): figure out
443 what etype to use from the keytype.
445 * lib/krb5/generate_seq_number.c (krb5_generate_seq_number):
446 handle other key types than DES
448 * lib/krb5/encrypt.c (key_type): add `best_cksumtype'
449 (krb5_keytype_to_cksumtype): new function
451 * lib/krb5/build_auth.c (krb5_build_authenticator): figure out
452 what etype to use from the keytype.
454 * lib/krb5/auth_context.c (krb5_auth_con_init): set `cksumtype'
457 * admin/extkeytab.c (ext_keytab): extract all keys
459 * appl/telnet/telnet/commands.c: INET6_ADDRSTRLEN kludge
461 * configure.in: check for <netinet6/in6.h>. check for -linet6
463 Tue Sep 23 03:00:53 1997 Assar Westerlund <assar@sics.se>
465 * lib/krb5/encrypt.c: fix checksumtype for des3-cbc-sha1
467 * lib/krb5/rd_safe.c: fix check for keyed and collision-proof
470 * lib/krb5/context.c (valid_etype): remove hard-coded constants
471 (default_etypes): include DES3
473 * kdc/kerberos5.c: fix check for keyed and collision-proof
476 * admin/util.c (init_des_key, set_password): DES3 keys also
478 * lib/krb/send_to_kdc.c (krb5_sendto_kdc): no data returned means
481 * lib/krb5/addr_families.c: fix typo in `ipv6_anyaddr'
483 Mon Sep 22 11:44:27 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
485 * kdc/kerberos5.c: Somewhat fix the etype usage. The list sent by
486 the client is used to select wich key to encrypt the kdc rep with
487 (in case of as-req), and with the server info to select the
488 session key type. The server key the ticket is encrypted is based
489 purely on the keys in the database.
491 * kdc/string2key.c: Add keytype support. Default to version 5
494 * lib/krb5/get_in_tkt.c: Fix a lot of etype/keytype misuse.
496 * lib/krb5/encrypt.c: Add des3-cbc-md5, and des3-cbc-sha1. Add
497 many *_to_* functions.
499 * lib/krb5/str2key.c: Add des3 string-to-key. Add ktype argument
500 to krb5_string_to_key().
502 * lib/krb5/checksum.c: Some cleanup, and added:
505 - keyed and collision proof flags to each checksum method
506 - checksum<->string functions.
508 * lib/krb5/generate_subkey.c: Use krb5_generate_random_keyblock.
510 Sun Sep 21 15:19:23 1997 Assar Westerlund <assar@sics.se>
512 * kdc/connect.c: use new addr_families functions
514 * kpasswd/kpasswdd.c: use new addr_families functions. Now works
517 * kuser/klist.c: use correct symbols for address families
519 * lib/krb5/sock_principal.c: use new addr_families functions
521 * lib/krb5/send_to_kdc.c: use new addr_families functions
523 * lib/krb5/krb5.h: add KRB5_ADDRESS_INET6
525 * lib/krb5/get_addrs.c: use new addr_families functions
527 * lib/krb5/changepw.c: use new addr_families functions. Now works
530 * lib/krb5/auth_context.c: use new addr_families functions
532 * lib/krb5/addr_families.c: new file
534 * acconfig.h: AC_SOCKADDR_IN6 -> AC_STRUCT_SOCKADDR_IN6. Updated
537 * acinclude.m4: new macro `AC_KRB_IPV6'. Use it.
539 Sat Sep 13 23:04:23 1997 Johan Danielsson <joda@emma.pdc.kth.se>
541 * kdc/hprop.c: Don't encrypt twice. Complain on non-convertable
544 Sat Sep 13 00:59:36 1997 Assar Westerlund <assar@sics.se>
548 * appl/telnet/telnet/commands.c: AF_INET6 support
550 * admin/misc.c: new file
552 * lib/krb5/context.c: new configuration variable `max_retries'
554 * lib/krb5/get_addrs.c: fixes and better #ifdef's
556 * lib/krb5/config_file.c: implement krb5_config_get_int
558 * lib/krb5/auth_context.c, send_to_kdc.c, sock_principal.c:
561 * kuser/klist.c: support for printing IPv6-addresses
563 * kdc/connect.c: support AF_INET6
565 * configure.in: test for gethostbyname2 and struct sockaddr_in6
567 Thu Sep 11 07:25:28 1997 Assar Westerlund <assar@sics.se>
569 * lib/asn1/k5.asn1: Use `METHOD-DATA' instead of `SEQUENCE OF
572 Wed Sep 10 21:20:17 1997 Johan Danielsson <joda@emma.pdc.kth.se>
574 * kdc/kerberos5.c: Fixes for cross-realm, including (but not
576 - allow client to be non-existant (should probably check for
578 - if server isn't found and it is a request for a krbtgt, try to
579 find a realm on the way to the requested realm
580 - update the transited encoding iff
581 client-realm != server-realm != tgt-realm
583 * lib/krb5/get_cred.c: Several fixes for cross-realm.
585 Tue Sep 9 15:59:20 1997 Johan Danielsson <joda@emma.pdc.kth.se>
587 * kdc/string2key.c: Fix password handling.
589 * lib/krb5/encrypt.c: krb5_key_to_string
591 Tue Sep 9 07:46:05 1997 Assar Westerlund <assar@sics.se>
593 * lib/krb5/get_addrs.c: rewrote. Now should be able to handle
594 aliases and IPv6 addresses
596 * kuser/klist.c: try printing IPv6 addresses
598 * kdc/kerberos5.c: increase the arbitrary limit from 1024 to 8192
600 * configure.in: check for <netinet/in6_var.h>
602 Mon Sep 8 02:57:14 1997 Assar Westerlund <assar@sics.se>
606 * admin/util.c (init_des_key): increase kvno
607 (set_password): return -1 if `des_read_pw_string' failed
609 * admin/mod.c (doit2): check the return value from `set_password'
611 * admin/ank.c (doit): don't add a new entry if `set_password'
614 Mon Sep 8 02:20:16 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
616 * lib/krb5/verify_init.c: fix ap_req_nofail semantics
618 * lib/krb5/transited.c: something that might resemble
621 Mon Sep 8 01:24:42 1997 Assar Westerlund <assar@sics.se>
623 * kdc/hpropd.c (main): check number of arguments
625 * appl/popper/pop_init.c (pop_init): check number of arguments
627 * kpasswd/kpasswd.c (main): check number of arguments
629 * kdc/string2key.c (main): check number of arguments
631 * kuser/kdestroy.c (main): check number of arguments
633 * kuser/kinit.c (main): check number of arguments
635 * kpasswd/kpasswdd.c (main): use sigaction without SA_RESTART to
636 break out of select when a signal arrives
638 * kdc/main.c (main): use sigaction without SA_RESTART to break out
639 of select when a signal arrives
641 * kdc/kstash.c: default to HDB_DB_DIR "/m-key"
643 * kdc/config.c (configure): add `--version'. Check the number of
644 arguments. Handle the case of there being no specification of port
647 * admin/util.c: seal and unseal key at appropriate places
649 * admin/kdb_edit.c (main): parse arguments, config file and read
650 master key iff there's one.
652 * admin/extkeytab.c (ext_keytab): unseal key while extracting
654 Sun Sep 7 20:41:01 1997 Assar Westerlund <assar@sics.se>
656 * lib/roken/roken.h: include <fcntl.h>
658 * kdc/kerberos5.c (set_salt_padata): new function
660 * appl/telnet/telnetd/telnetd.c: Rename some variables that
661 conflict with cpp symbols on HP-UX 10.20
663 * change all calls of `gethostbyaddr' to cast argument 1 to `const
666 * acconfig.h: only use SGTTY on nextstep
668 Sun Sep 7 14:33:50 1997 Johan Danielsson <joda@emma.pdc.kth.se>
670 * kdc/kerberos5.c: Check invalid flag.
672 Fri Sep 5 14:19:38 1997 Johan Danielsson <joda@emma.pdc.kth.se>
674 * lib/krb5/verify_user.c: Use get_init_creds/verify_init_creds.
676 * lib/kafs: Move functions common to krb/krb5 modules to new file,
677 and make things more modular.
679 * lib/krb5/krb5.h: rename STRING -> krb5_config_string, and LIST
682 Thu Sep 4 23:39:43 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
684 * lib/krb5/get_addrs.c: Fix loopback test.
686 Thu Sep 4 04:45:49 1997 Assar Westerlund <assar@sics.se>
688 * lib/roken/roken.h: fallback definition of `O_ACCMODE'
690 * lib/krb5/get_in_tkt.c (krb5_get_in_cred): be more careful when
691 checking for a v4 reply
693 Wed Sep 3 18:20:14 1997 Johan Danielsson <joda@emma.pdc.kth.se>
695 * kdc/hprop.c: Add `--decrypt' and `--encrypt' flags.
697 * lib/hdb/hdb.c: new {seal,unseal}_keys functions
699 * kdc/{hprop,hpropd}.c: Add support to dump database to stdout.
701 * kdc/hprop.c: Don't use same master key as version 4.
703 * admin/util.c: Don't dump core if no `default' is found.
705 Wed Sep 3 16:01:07 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
707 * kdc/connect.c: Allow run time port specification.
709 * kdc/config.c: Add flags for http support, and port
712 Tue Sep 2 02:00:03 1997 Assar Westerlund <assar@sics.se>
714 * include/bits.c: Don't generate ifndef's in bits.h. Instead, use
715 them when building the program. This makes it possible to include
716 bits.h without having defined all HAVE_INT17_T symbols.
718 * configure.in: test for sigaction
720 * doc: updated documentation.
722 Tue Sep 2 00:20:31 1997 Johan Danielsson <joda@emma.pdc.kth.se>
726 Mon Sep 1 17:42:14 1997 Johan Danielsson <joda@emma.pdc.kth.se>
728 * lib/krb5/data.c: don't return ENOMEM if len == 0
730 Sun Aug 31 17:15:49 1997 Johan Danielsson <joda@emma.pdc.kth.se>
732 * lib/hdb/hdb.asn1: Include salt type in salt.
734 * kdc/hprop.h: Change port to 754.
736 * kdc/hpropd.c: Verify who tries to transmit a database.
738 * appl/popper: Use getarg and krb5_log.
740 * lib/krb5/get_port.c: Add context parameter. Now takes port in
743 Sat Aug 30 18:48:19 1997 Johan Danielsson <joda@emma.pdc.kth.se>
745 * kdc/connect.c: Add timeout to select, and log about expired tcp
748 * kdc/config.c: Add `database' option.
750 * kdc/hpropd.c: Log about duplicate entries.
752 * lib/hdb/{db,ndbm}.c: Use common routines.
754 * lib/hdb/common.c: Implement more generic fetch/store/delete
757 * lib/hdb/hdb.h: Add `replace' parameter to store.
759 * kdc/connect.c: Set filedecriptor to -1 on allocated decriptor
762 Fri Aug 29 03:13:23 1997 Assar Westerlund <assar@sics.se>
764 * lib/krb5/get_in_tkt.c: extract_ticket -> _krb5_extract_ticket
766 * aux/make-proto.pl: fix __P for stone age mode
768 Fri Aug 29 02:45:46 1997 Johan Danielsson <joda@emma.pdc.kth.se>
770 * lib/45/mk_req.c: implementation of krb_mk_req that uses 524
773 * lib/krb5/init_creds_pw.c: make change_password and
774 get_init_creds_common static
776 * lib/krb5/krb5.h: Merge stuff from removed headerfiles.
778 * lib/krb5/fcache.c: fcc_ops -> krb5_fcc_ops
780 * lib/krb5/mcache.c: mcc_ops -> krb5_mcc_ops
782 Fri Aug 29 01:45:25 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
784 * lib/krb5/krb5.h: Remove all prototypes.
786 * lib/krb5/convert_creds.c: Use `struct credentials' instead of
789 Fri Aug 29 00:08:18 1997 Assar Westerlund <assar@sics.se>
791 * lib/asn1/gen_glue.c: new file. generates 2int and int2 functions
792 and units for bit strings.
794 * admin/util.c: flags2int, int2flags, and flag_units are now
795 generated by asn1_compile
797 * lib/roken/parse_units.c: generalised `parse_units' and
798 `unparse_units' and added new functions `parse_flags' and
799 `unparse_flags' that use these
801 * lib/krb5/krb5_locl.h: moved krb5_data* functions to krb5.h
803 * admin/util.c: Use {un,}parse_flags for printing and parsing
806 Thu Aug 28 03:26:12 1997 Assar Westerlund <assar@sics.se>
808 * lib/krb5/get_addrs.c: restructured
810 * lib/krb5/warn.c (_warnerr): leak less memory
812 * lib/hdb/hdb.c (hdb_free_entry): zero keys
813 (hdb_check_db_format): leak less memory
815 * lib/hdb/ndbm.c (NDBM_seq): check for valid hdb_entries implement
818 * lib/hdb/db.c (DB_seq): check for valid hdb_entries
820 Thu Aug 28 02:06:58 1997 Johan Danielsson <joda@emma.pdc.kth.se>
822 * lib/krb5/send_to_kdc.c: Don't use sendto on connected sockets.
824 Thu Aug 28 01:13:17 1997 Assar Westerlund <assar@sics.se>
826 * kuser/kinit.1, klist.1, kdestroy.1: new man pages
828 * kpasswd/kpasswd.1, kpasswdd.8: new man pages
830 * kdc/kstash.8, hprop.8, hpropd.8: new man pages
832 * admin/ktutil.8, admin/kdb_edit.8: new man pages
834 * admin/mod.c: new file
836 * admin/life.c: renamed gettime and puttime to getlife and putlife
837 and moved them to life.c
839 * admin/util.c: add print_flags, parse_flags, init_entry,
840 set_created_by, set_modified_by, edit_entry, set_password. Use
843 * admin/get.c: use print_flags
845 * admin: removed unused stuff. use krb5_{warn,err}*
847 * admin/ank.c: re-organized and abstracted.
849 * admin/gettime.c: removed
851 Thu Aug 28 00:37:39 1997 Johan Danielsson <joda@emma.pdc.kth.se>
853 * lib/krb5/{get_cred,get_in_tkt}.c: Check for v4 reply.
855 * lib/roken/base64.c: Add base64 functions.
857 * kdc/connect.c lib/krb5/send_to_kdc.c: Add http support.
859 Wed Aug 27 00:29:20 1997 Johan Danielsson <joda@emma.pdc.kth.se>
861 * include/Makefile.am: Don't make links to built files.
863 * admin/kdb_edit.c: Add command to set the database path.
865 * lib/hdb: Include version number in database.
867 Tue Aug 26 20:14:54 1997 Johan Danielsson <joda@emma.pdc.kth.se>
869 * admin/ktutil: Merged v4 srvtab conversion.
871 Mon Aug 25 23:02:18 1997 Assar Westerlund <assar@sics.se>
873 * lib/roken/roken.h: add F_OK
875 * lib/gssapi/acquire_creds.c: fix typo
877 * configure.in: call AC_TYPE_MODE_T
879 * acinclude.m4: Add AC_TYPE_MODE_T
881 Sun Aug 24 16:46:53 1997 Assar Westerlund <assar@sics.se>
885 Sun Aug 24 08:06:54 1997 Assar Westerlund <assar@sics.se>
887 * appl/rsh/rshd.c: syslog remote shells
889 * appl/popper/pop_pass.c: log poppers
891 * kdc/kaserver.c: some more checks
893 * kpasswd/kpasswd.c: removed `-p'
895 * kuser/kinit.c: removed `-p'
897 * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): If
898 KDC_ERR_PREUATH_REQUIRED, add preauthentication and try again.
900 * lib/krb5/get_in_tkt.c (krb5_get_in_cred): don't print out
903 * lib/gssapi/import_name.c (input_name): more names types.
905 * admin/load.c (parse_keys): handle the case of an empty salt
907 * kdc/kaserver.c: fix up memory deallocation
909 * kdc/kaserver.c: quick hack at talking kaserver protocol
911 * kdc/kerberos4.c: Make `db-fetch4' global
913 * configure.in: add --enable-kaserver
915 * kdc/rx.h, kdc/kerberos4.h: new header files
917 * lib/krb5/principal.c: fix krb5_build_principal_ext & c:o
919 Sun Aug 24 03:52:44 1997 Johan Danielsson <joda@emma.pdc.kth.se>
921 * lib/krb5/{get_in_tkt,mk_safe,mk_priv}.c: Fix some Cray specific
924 * lib/krb5/{get_cred,get_in_tkt}.c: Mask nonce to 32 bits.
926 * lib/des/{md4,md5,sha}.c: Now works on Crays.
928 Sat Aug 23 18:15:01 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
930 * appl/afsutil/afslog.c: If no cells or files specified, get
931 tokens for all local cells. Better test for files.
933 Thu Aug 21 23:33:38 1997 Assar Westerlund <assar@sics.se>
935 * lib/gssapi/v1.c: new file with v1 compatibility functions.
937 Thu Aug 21 20:36:13 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
939 * lib/kafs/afskrb5.c: Don't check ticket file for afs ticket.
941 * kdc/kerberos4.c: Check database when converting v4 principals.
943 * kdc/kerberos5.c: Include kvno in Ticket.
945 * lib/krb5/encrypt.c: Add kvno parameter to encrypt_EncryptedData.
947 * kuser/klist.c: Print version number of ticket, include more
950 Wed Aug 20 21:26:58 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
952 * lib/kafs/afskrb5.c (get_cred): Check cached afs tickets for
955 Wed Aug 20 17:40:31 1997 Assar Westerlund <assar@sics.se>
957 * lib/krb5/recvauth.c (krb5_recvauth): Send a KRB-ERROR iff
960 * lib/krb5/sendauth.c (krb5_sendauth): correct the protocol
961 documentation and process KRB-ERROR's
963 Tue Aug 19 20:41:30 1997 Johan Danielsson <joda@emma.pdc.kth.se>
965 * kdc/kerberos4.c: Fix memory leak in v4 protocol handler.
967 Mon Aug 18 05:15:09 1997 Assar Westerlund <assar@sics.se>
969 * lib/gssapi/accept_sec_context.c: Added
970 `gsskrb5_register_acceptor_identity'
972 Sun Aug 17 01:40:20 1997 Assar Westerlund <assar@sics.se>
974 * lib/gssapi/accept_sec_context.c (gss_accept_sec_context): don't
975 always pass server == NULL to krb5_rd_req.
977 * lib/gssapi: new files: canonicalize_name.c export_name.c
978 context_time.c compare_name.c release_cred.c acquire_cred.c
979 inquire_cred.c, from Luke Howard <lukeh@xedoc.com.au>
981 * lib/krb5/config_file.c: Add netinfo support from Luke Howard
984 * lib/editline/sysunix.c: sgtty-support from Luke Howard
987 * lib/krb5/principal.c: krb5_sname_to_principal fix from Luke
988 Howard <lukeh@xedoc.com.au>
990 Sat Aug 16 00:44:47 1997 Assar Westerlund <assar@koi.pdc.kth.se>
994 Sat Aug 16 00:23:46 1997 Johan Danielsson <joda@emma.pdc.kth.se>
996 * appl/afsutil/afslog.c: Use new libkafs.
998 * lib/kafs/afskrb5.c: Get AFS tokens via 524 protocol.
1000 * lib/krb5/warn.c: Fix format string for *x type.
1002 Fri Aug 15 22:15:01 1997 Assar Westerlund <assar@sics.se>
1004 * admin/get.c (get_entry): print more information about the entry
1006 * lib/des/Makefile.am: build destest, mdtest, des, rpw, speed
1008 * lib/krb5/config_file.c: new functions `krb5_config_get_time' and
1009 `krb5_config_vget_time'. Use them.
1011 Fri Aug 15 00:09:37 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1013 * admin/ktutil.c: Keytab manipulation program.
1015 * lib/krb5/keytab.c: Return sane values from resolve and
1018 * kdc/kerberos5.c: Fix for old clients passing 0 for `no endtime'.
1020 * lib/45/get_ad_tkt.c: Kerberos 4 get_ad_tkt using
1021 krb524_convert_creds_kdc.
1023 * lib/krb5/convert_creds.c: Implementation of
1024 krb524_convert_creds_kdc.
1026 * lib/asn1/k5.asn1: Make kdc-req-body.till OPTIONAL
1028 * kdc/524.c: A somewhat working 524-protocol module.
1030 * kdc/kerberos4.c: Add version 4 ticket encoding and encryption
1033 * lib/krb5/context.c: Fix kdc_timeout.
1035 * lib/hdb/{ndbm,db}.c: Free name in close.
1037 * kdc/kerberos5.c (tgs_check_autenticator): Return error code
1039 Thu Aug 14 21:29:03 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1041 * kdc/kerberos5.c (tgs_make_reply): Fix endtime in reply.
1043 * lib/krb5/store_emem.c: Fix reallocation bug.
1045 Tue Aug 12 01:29:46 1997 Assar Westerlund <assar@sics.se>
1047 * appl/telnet/libtelnet/kerberos5.c, appl/popper/pop_init.c,
1048 appl/rshd/rshd.c: Use `krb5_sock_to_principal'. Send server
1049 parameter to krb5_rd_req/krb5_recvauth. Set addresses in
1052 * lib/krb5/recvauth.c: Set addresses in auth_context if there
1055 * lib/krb5/auth_context.c: New function
1056 `krb5_auth_con_setaddrs_from_fd'
1058 * lib/krb5/sock_principal.c: new function
1059 `krb5_sock_to_principal'
1061 * lib/krb5/time.c: new file with `krb5_timeofday' and
1062 `krb5_us_timeofday'. Use these functions.
1064 * kuser/klist.c: print KDC offset iff verbose
1066 * lib/krb5/get_in_tkt.c: implement KDC time offset and use it if
1067 [libdefaults]kdc_timesync is set.
1069 * lib/krb5/fcache.c: Implement version 4 of the ccache format.
1071 Mon Aug 11 05:34:43 1997 Assar Westerlund <assar@sics.se>
1073 * lib/krb5/rd_rep.c (krb5_free_ap_rep_enc_part): free all memory
1075 * lib/krb5/principal.c (krb5_unparse_name): allocate memory
1078 * kpasswd/kpasswd.c: Use `krb5_change_password'
1080 * lib/krb5/init_creds_pw.c (init_cred): set realm of server
1083 * lib/krb5/init_creds_pw.c: support changing of password when it
1086 * lib/krb5/changepw.c: new file
1088 * kuser/klist.c: use getarg
1090 * admin/init.c (init): add `kadmin/changepw'
1092 Mon Aug 11 04:30:47 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1094 * lib/krb5/get_cred.c: Make get_credentials handle cross-realm.
1096 Mon Aug 11 00:03:24 1997 Assar Westerlund <assar@sics.se>
1098 * lib/krb5/config_file.c: implement support for #-comments
1100 Sat Aug 9 02:21:46 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1102 * kdc/hprop*.c: Add database propagation programs.
1104 * kdc/connect.c: Max request size.
1106 Sat Aug 9 00:47:28 1997 Assar Westerlund <assar@sics.se>
1108 * lib/otp: resurrected from krb4
1110 * appl/push: new program for fetching mail with POP.
1112 * appl/popper/popper.h: new include files. new fields in `POP'
1114 * appl/popper/pop_pass.c: Implement both v4 and v5.
1116 * appl/popper/pop_init.c: Implement both v4 and v5.
1118 * appl/popper/pop_debug.c: use getarg. Talk both v4 and v5
1120 * appl/popper: Popper from krb4.
1122 * configure.in: check for inline and <netinet/tcp.h> generate
1123 files in appl/popper, appl/push, and lib/otp
1125 Fri Aug 8 05:51:02 1997 Assar Westerlund <assar@sics.se>
1127 * lib/krb5/get_cred.c: clean-up and try to free memory even when
1130 * lib/krb5/get_cred.c: adapt to new `extract_ticket'
1132 * lib/krb5/get_in_tkt.c: reorganize. check everything and try to
1133 return memory even if there are errors.
1135 * kuser/kverify.c: new file
1137 * lib/krb5/free_host_realm.c: new file
1139 * lib/krb5/principal.c (krb5_sname_to_principal): implement
1140 different nametypes. Also free memory.
1142 * lib/krb5/verify_init.c: more functionality
1144 * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): free the checksum
1146 * lib/krb5/get_in_tkt.c (extract_ticket): don't copy over the
1147 principals in creds. Should also compare them with that received
1150 * lib/krb5/cache.c (krb5_cc_gen_new): copy the newly allocated
1152 (krb5_cc_destroy): call krb5_cc_close
1153 (krb5_cc_retrieve_cred): delete the unused creds
1155 Fri Aug 8 02:30:40 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1157 * lib/krb5/log.c: Allow better control of destinations of logging
1158 (like passing explicit destinations, and log-functions).
1160 Fri Aug 8 01:20:39 1997 Assar Westerlund <assar@sics.se>
1162 * lib/krb5/get_default_principal.c: new file
1164 * kpasswd/kpasswdd.c: use krb5_log*
1166 Fri Aug 8 00:37:47 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1168 * lib/krb5/init_creds_pw.c: Implement krb5_get_init_creds_keytab.
1170 Fri Aug 8 00:37:17 1997 Assar Westerlund <assar@sics.se>
1172 * lib/krb5/init_creds_pw.c: Use `krb5_get_default_principal'.
1173 Print password expire information.
1175 * kdc/config.c: new variable `kdc_warn_pwexpire'
1177 * kpasswd/kpasswd.c: converted to getarg and get_init_creds
1179 Thu Aug 7 22:17:09 1997 Assar Westerlund <assar@sics.se>
1181 * lib/krb5/mcache.c: new file
1183 * admin/gettime.c: new function puttime. Use it.
1185 * lib/krb5/keyblock.c: Added krb5_free_keyblock and
1188 * lib/krb5/init_creds_pw.c: more functionality
1190 * lib/krb5/creds.c: Added krb5_free_creds_contents and
1191 krb5_copy_creds. Changed callers.
1193 * lib/krb5/config_file.c: new functions krb5_config_get and
1196 * lib/krb5/cache.c: cleanup added mcache
1198 * kdc/kerberos5.c: include last-req's of type 6 and 7, if
1201 Wed Aug 6 20:38:23 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1203 * lib/krb5/log.c: New parameter `log-level'. Default to `SYSLOG'.
1205 Tue Aug 5 22:53:54 1997 Assar Westerlund <assar@sics.se>
1207 * lib/krb5/verify_init.c, init_creds_pw.c, init_creds.c,
1208 prompter_posix.c: the beginning of an implementation of the cygnus
1211 * lib/krb5/get_in_tkt_pw.c: make `krb5_password_key_proc' global
1213 * lib/krb5/get_in_tkt.c (krb5_get_in_cred): new function that is
1214 almost krb5_get_in_tkt but doesn't write the creds to the ccache.
1215 Small fixes in krb5_get_in_tkt
1217 * lib/krb5/get_addrs.c (krb5_get_all_client_addrs): don't include
1220 Mon Aug 4 20:20:48 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1222 * kdc: Make context global.
1224 Fri Aug 1 17:23:56 1997 Assar Westerlund <assar@sics.se>
1228 * lib/roken/flock.c: new file
1230 * kuser/kinit.c: check for and print expiry information in the
1233 * lib/krb5/get_in_tkt.c: Set `ret_as_reply' if != NULL
1235 * kdc/kerberos5.c: Check the valid times on client and server.
1236 Check the password expiration.
1237 Check the require_preauth flag.
1238 Send an lr_type == 6 with pw_end.
1239 Set key.expiration to min(valid_end, pw_end)
1241 * lib/hdb/hdb.asn1: new flags `require_preauth' and `change_pw'
1243 * admin/util.c, admin/load.c: handle the new flags.
1245 Fri Aug 1 16:56:12 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1247 * lib/hdb: Add some simple locking.
1249 Sun Jul 27 04:44:31 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1251 * lib/krb5/log.c: Add some general logging functions.
1253 * kdc/kerberos4.c: Add version 4 protocol handler. The requrement
1254 for this to work is that all involved principals has a des key in
1255 the database, and that the client has a version 4 (un-)salted
1256 key. Furthermore krb5_425_conv_principal has to do it's job, as
1257 present it's not very clever.
1259 * lib/krb5/principal.c: Quick patch to make 425_conv work
1262 * lib/hdb/hdb.c: Add keytype->key and next key functions.
1264 Fri Jul 25 17:32:12 1997 Assar Westerlund <assar@sics.se>
1266 * lib/krb5/build_auth.c (krb5_build_authenticator): don't free
1267 `cksum'. It's allocated and freed by the caller
1269 * lib/krb5/get_cred.c (krb5_get_kdc_cred): Don't free `addresses'.
1271 * kdc/kerberos5.c (tgs_rep2): make sure we also have an defined
1272 `client' to return as part of the KRB-ERROR
1274 * appl/rsh/rshd.c: implement forwarding
1276 * appl/rsh/rsh.c: Use getarg. Implement forwarding.
1278 Thu Jul 24 08:13:59 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1280 * kdc/kerberos5.c: Unseal keys from database before use.
1282 * kdc/misc.c: New functions set_master_key, unseal_key and
1285 * lib/roken/getarg.c: Handle `-f arg' correctly.
1287 Thu Jul 24 01:54:43 1997 Assar Westerlund <assar@sics.se>
1289 * kuser/kinit.c: implement `-l' aka `--lifetime'
1291 * lib/roken/parse_units.c, parse_time.c: new files
1293 * admin/gettime.c (gettime): use `parse_time'
1295 * kdc/kerberos5.c (as_rep): Use `METHOD-DATA' when sending
1296 KRB5KDC_ERR_PREAUTH_REQUIRED, not PA-DATA.
1298 * kpasswd/kpasswdd.c: fix freeing bug use sequence numbers set
1299 addresses in auth_context bind one socket per interface.
1301 * kpasswd/kpasswd.c: use sequence numbers
1303 * lib/krb5/rd_req.c (krb5_verify_ap_req): do abs when verifying
1306 * lib/krb5/rd_priv.c (krb5_rd_priv): Fetch the correct session key
1309 * lib/krb5/mk_priv.c (krb5_mk_priv): Fetch the correct session key
1312 * lib/krb5/mk_error.c (krb5_mk_error): return an error number and
1313 not a comerr'd number.
1315 * lib/krb5/get_in_tkt.c (krb5_get_in_tkt): interpret the error
1316 number in KRB-ERROR correctly.
1318 * lib/krb5/get_cred.c (krb5_get_kdc_cred): interpret the error
1319 number in KRB-ERROR correctly.
1321 * lib/asn1/k5.asn1: Add `METHOD-DATA'
1323 * removed some memory leaks.
1325 Wed Jul 23 07:53:18 1997 Assar Westerlund <assar@sics.se>
1329 * lib/krb5/rd_cred.c, get_for_creds.c: new files
1331 * lib/krb5/get_host_realm.c: try default realm as last chance
1333 * kpasswd/kpasswdd.c: updated to hdb changes
1335 * appl/telnet/libtelnet/kerberos5.c: Implement forwarding
1337 * appl/telnet/libtelnet: removed totally unused files
1339 * admin/ank.c: fix prompts and generation of random keys
1341 Wed Jul 23 04:02:32 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1343 * admin/dump.c: Include salt in dump.
1345 * admin: Mostly updated for new db-format.
1347 * kdc/kerberos5.c: Update to use new db format. Better checking of
1348 flags and such. More logging.
1350 * lib/hdb/hdb.c: Use generated encode and decode functions.
1352 * lib/hdb/hdb.h: Get hdb_entry from ASN.1 generated code.
1354 * lib/krb5/get_cred.c: Get addresses from krbtgt if there are none
1357 Sun Jul 20 16:22:30 1997 Assar Westerlund <assar@sics.se>
1359 * kuser/kinit.c: break if des_read_pw_string() != 0
1361 * kpasswd/kpasswdd.c: send a reply
1363 * kpasswd/kpasswd.c: restructured code. better report on
1364 krb-error break if des_read_pw_string() != 0
1366 * kdc/kerberos5.c: Check `require_enc_timestamp' malloc space for
1367 starttime and renew_till
1369 * appl/telnet/libtelnet/kerberos5.c (kerberos5_is): Send a
1370 keyblock to krb5_verify_chekcsum
1372 Sun Jul 20 06:35:46 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1376 * kpasswd/kpasswd.c: Avoid using non-standard struct names.
1378 Sat Jul 19 19:26:23 1997 Assar Westerlund <assar@sics.se>
1380 * lib/krb5/keytab.c (krb5_kt_get_entry): check return from
1381 `krb5_kt_start_seq_get'. From <map@stacken.kth.se>
1383 Sat Jul 19 04:07:39 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1385 * lib/asn1/k5.asn1: Update with more pa-data types from
1386 draft-ietf-cat-kerberos-revisions-00.txt
1388 * admin/load.c: Update to match current db-format.
1390 * kdc/kerberos5.c (as_rep): Try all valid pa-datas before giving
1391 up. Send back an empty pa-data if the client has the v4 flag set.
1393 * lib/krb5/get_in_tkt.c: Pass both version5 and version4 salted
1394 pa-data. DTRT if there is any pa-data in the reply.
1396 * lib/krb5/str2key.c: XOR with some sane value.
1398 * lib/hdb/hdb.h: Add `version 4 salted key' flag.
1400 * kuser/kinit.c: Ask for password before calling get_in_tkt. This
1401 makes it possible to call key_proc more than once.
1403 * kdc/string2key.c: Add flags to output version 5 (DES only),
1404 version 4, and AFS string-to-key of a password.
1406 * lib/asn1/gen_copy.c: copy_* functions now returns an int (0 or
1409 Fri Jul 18 02:54:58 1997 Assar Westerlund <assar@sics.se>
1411 * lib/krb5/get_host_realm.c (krb5_get_host_realm): do the
1414 * kdc/misc.c: check result of hdb_open
1416 * admin/kdb_edit: updated to new sl
1418 * lib/sl: sl_func now returns an int. != 0 means to exit.
1420 * kpasswd/kpasswdd: A crude (but somewhat working) implementation
1421 of `draft-ietf-cat-kerb-chg-password-00.txt'
1423 Fri Jul 18 00:55:39 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1425 * kuser/krenew.c: Crude ticket renewing program.
1427 * kdc/kerberos5.c: Rewritten flags parsing, it now might work to
1428 get forwarded and renewed tickets.
1430 * kuser/kinit.c: Add `-r' flag.
1432 * lib/krb5/get_cred.c: Move most of contents of get_creds to new
1433 function get_kdc_cred, that always contacts the kdc and doesn't
1434 save in the cache. This is a hack.
1436 * lib/krb5/get_in_tkt.c: Pass starttime and renew_till in request
1439 * lib/krb5/mk_req_ext.c: Make an auth_context if none passed in.
1441 * lib/krb5/send_to_kdc.c: Get timeout from context.
1443 * lib/krb5/context.c: Add kdc_timeout to context struct.
1445 Thu Jul 17 20:35:45 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1447 * kuser/klist.c: Print start time of ticket if available.
1449 * lib/krb5/get_host_realm.c: Return error if no realm was found.
1451 Thu Jul 17 20:28:21 1997 Assar Westerlund <assar@sics.se>
1453 * kpasswd: non-working kpasswd added
1455 Thu Jul 17 00:21:22 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1459 * kdc/main.c: Add -p flag to disable pa-enc-timestamp requirement.
1461 Wed Jul 16 03:37:41 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1463 * kdc/kerberos5.c (tgs_rep2): Free ticket and ap_req.
1465 * lib/krb5/auth_context.c (krb5_auth_con_free): Free remote
1468 * lib/krb5/principal.c (krb5_free_principal): Check for NULL.
1470 * lib/krb5/send_to_kdc.c: Check for NULL return from
1473 * lib/krb5/set_default_realm.c: Try to get realm of local host if
1474 no default realm is available.
1476 * Remove non ASN.1 principal code.
1478 Wed Jul 16 03:17:30 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1480 * kdc/kerberos5.c: Split tgs_rep in smaller functions. Add better
1481 error handing. Do some logging.
1483 * kdc/log.c: Some simple logging facilities.
1485 * kdc/misc.c (db_fetch): Take a krb5_principal.
1487 * kdc/connect.c: Pass address of request to as_rep and
1488 tgs_rep. Send KRB-ERROR.
1490 * lib/krb5/mk_error.c: Add more fields.
1492 * lib/krb5/get_cred.c: Print normal error code if no e_text is
1495 Wed Jul 16 03:07:50 1997 Assar Westerlund <assar@sics.se>
1497 * lib/krb5/get_in_tkt.c: implement `krb5_init_etype'.
1498 Change encryption type of pa_enc_timestamp to DES-CBC-MD5
1500 * lib/krb5/context.c: recognize all encryption types actually
1503 * lib/krb5/auth_context.c (krb5_auth_con_init): Change default
1504 encryption type to `DES_CBC_MD5'
1506 * lib/krb5/read_message.c, write_message.c: new files
1508 Tue Jul 15 17:14:21 1997 Assar Westerlund <assar@sics.se>
1510 * lib/asn1: replaced asn1_locl.h by `der_locl.h' and `gen_locl.h'.
1512 * lib/error/compile_et.awk: generate a prototype for the
1513 `destroy_foo_error_table' function.
1515 Mon Jul 14 12:24:40 1997 Assar Westerlund <assar@sics.se>
1517 * lib/krb5/krbhst.c (krb5_get_krbhst): Get all kdc's and try also
1518 with `kerberos.REALM'
1520 * kdc/kerberos5.c, lib/krb5/rd_priv.c, lib/krb5/rd_safe.c: use
1523 * lib/krb5/rd_req.c (krb5_verify_ap_req): record authenticator
1526 * lib/krb5/build_auth.c (krb5_build_authenticator): always
1529 * lib/krb5/address.c: implement `krb5_address_order'
1531 * lib/gssapi/import_name.c: Implement `gss_import_name'
1533 * lib/gssapi/external.c: Use new OID
1535 * lib/gssapi/encapsulate.c: New functions
1536 `gssapi_krb5_encap_length' and `gssapi_krb5_make_header'. Changed
1539 * lib/gssapi/decapsulate.c: New function
1540 `gssaspi_krb5_verify_header'. Changed callers.
1542 * lib/asn1/gen*.c: Give tags to generated structs.
1543 Use `err' and `asprintf'
1545 * appl/test/gss_common.c: new file
1547 * appl/test/gssapi_server.c: removed all krb5 calls
1549 * appl/telnet/libtelnet/kerberos5.c: Add support for genering and
1550 verifying checksums. Also start using session subkeys.
1552 Mon Jul 14 12:08:25 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1554 * lib/krb5/rd_req.c (krb5_rd_req_with_keyblock): Split up.
1556 Sun Jul 13 03:07:44 1997 Assar Westerlund <assar@sics.se>
1558 * lib/krb5/rd_safe.c, mk_safe.c: made bug-compatible with MIT
1560 * lib/krb5/encrypt.c: new functions `DES_encrypt_null_ivec' and
1561 `DES_encrypt_key_ivec'
1563 * lib/krb5/checksum.c: implement rsa-md4-des and rsa-md5-des
1565 * kdc/kerberos5.c (tgs_rep): support keyed checksums
1567 * lib/krb5/creds.c: new file
1569 * lib/krb5/get_in_tkt.c: better freeing
1571 * lib/krb5/context.c (krb5_free_context): more freeing
1573 * lib/krb5/config_file.c: New function `krb5_config_file_free'
1575 * lib/error/compile_et.awk: Generate a `destroy_' function.
1577 * kuser/kinit.c, klist.c: Don't leak memory.
1579 Sun Jul 13 02:46:27 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1581 * kdc/connect.c: Check filedescriptor in select.
1583 * kdc/kerberos5.c: Remove most of the most common memory leaks.
1585 * lib/krb5/rd_req.c: Free allocated data.
1587 * lib/krb5/auth_context.c (krb5_auth_con_free): Free a lot of
1590 Sun Jul 13 00:32:16 1997 Assar Westerlund <assar@sics.se>
1592 * appl/telnet, appl/rsh: Conditionalize the krb4-support.
1594 * configure.in: Test for krb4
1596 Sat Jul 12 17:14:12 1997 Assar Westerlund <assar@sics.se>
1598 * kdc/kerberos5.c: check if the pre-auth was decrypted properly.
1599 set the `pre_authent' flag
1601 * lib/krb5/get_cred.c, lib/krb5/get_in_tkt.c: generate a random nonce.
1603 * lib/krb5/encrypt.c: Made `generate_random_block' global.
1605 * appl/test: Added gssapi_client and gssapi_server.
1607 * lib/krb5/data.c: Add `krb5_data_zero'
1609 * appl/test/tcp_client.c: try `mk_safe' and `mk_priv'
1611 * appl/test/tcp_server.c: try `rd_safe' and `rd_priv'
1613 Sat Jul 12 16:45:58 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1615 * lib/krb5/get_addrs.c: Fix for systems that has sa_len, but
1616 returns zero length from SIOCGIFCONF.
1618 Sat Jul 12 16:38:34 1997 Assar Westerlund <assar@sics.se>
1620 * appl/test: new programs
1622 * lib/krb5/rd_req.c: add address compare
1624 * lib/krb5/mk_req_ext.c: allow no checksum
1626 * lib/krb5/keytab.c (krb5_kt_ret_string): 0-terminate string
1628 * lib/krb5/address.c: fix `krb5_address_compare'
1630 Sat Jul 12 15:03:16 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1632 * lib/krb5/get_addrs.c: Fix ip4 address extraction.
1634 * kuser/klist.c: Add verbose flag, and split main into smaller
1637 * lib/krb5/fcache.c: Save ticket flags.
1639 * lib/krb5/get_in_tkt.c (extract_ticket): Extract addresses and
1642 * lib/krb5/krb5.h: Add ticket_flags to krb5_creds.
1644 Sat Jul 12 13:12:48 1997 Assar Westerlund <assar@sics.se>
1646 * configure.in: Call `AC_KRB_PROG_LN_S'
1648 * acinclude.m4: Add `AC_KRB_PROG_LN_S' from krb4
1650 Sat Jul 12 00:57:01 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1652 * lib/krb5/get_in_tkt.c: Use union of krb5_flags and KDCOptions to
1655 Fri Jul 11 15:04:22 1997 Assar Westerlund <assar@sics.se>
1657 * appl/telnet: telnet & telnetd seems to be working.
1659 * lib/krb5/config_file.c: Added krb5_config_v?get_list Fixed
1660 krb5_config_vget_next
1662 * appl/telnet/libtelnet/kerberos5.c: update to current API
1664 Thu Jul 10 14:54:39 1997 Assar Westerlund <assar@sics.se>
1666 * appl/telnet/libtelnet/kerberos5.c (kerberos5_status): call
1669 * appl/telnet: Added.
1671 Thu Jul 10 05:09:25 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1673 * lib/error/compile_et.awk: Remove usage of sub, gsub, and
1674 functions for compatibility with awk.
1676 * include/bits.c: Must use signed char.
1678 * lib/krb5/context.c: Move krb5_get_err_text, and krb5_init_ets
1681 * lib/error/error.c: Replace krb5_get_err_text with new function
1684 * lib/error/compile_et.awk: Avoid using static variables.
1686 * lib/error/error.c: Don't use krb5_locl.h
1688 * lib/error/error.h: Move definitions of error_table and
1689 error_list from krb5.h.
1691 * lib/error: Moved from lib/krb5.
1693 Wed Jul 9 07:42:04 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1695 * lib/krb5/encrypt.c: Temporary hack to avoid des_rand_data.
1697 Wed Jul 9 06:58:00 1997 Assar Westerlund <assar@sics.se>
1699 * appl/rsh/rsh.c: use the correct user for the checksum
1701 * lib/krb5/{rd,mk}_{*}.c: more checking for addresses and stuff
1702 according to pseudocode from 1510
1704 Wed Jul 9 06:06:06 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1706 * lib/hdb/hdb.c: Add hdb_etype2key.
1708 * kdc/kerberos5.c: Check authenticator. Use more general etype
1711 Wed Jul 9 03:51:12 1997 Assar Westerlund <assar@sics.se>
1713 * lib/asn1/k5.asn1: Made all `s_address' OPTIONAL according to
1714 draft-ietf-cat-kerberos-r-00.txt
1716 * lib/krb5/principal.c (krb5_parse_name): default to local realm
1719 * kuser/kinit.c: New option `-p' and prompt
1721 Wed Jul 9 02:30:06 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1723 * lib/krb5/keyblock.c: Keyblock generation functions.
1725 * lib/krb5/encrypt.c: Use functions from checksum.c.
1727 * lib/krb5/checksum.c: Move checksum functions here. Add
1728 krb5_cksumsize function.
1730 Wed Jul 9 01:15:38 1997 Assar Westerlund <assar@sics.se>
1732 * lib/krb5/get_host_realm.c: implemented
1734 * lib/krb5/config_file.c: Redid part. New functions:
1735 krb5_config_v?get_next
1737 * kuser/kdestroy.c: new program
1739 * kuser/kinit.c: new flag `-f'
1741 * lib/asn1/k5.asn1: Made HostAddresses = SEQUENCE OF HostAddress
1743 * acinclude.m4: Added AC_KRB_STRUCT_SOCKADDR_SA_LEN
1745 * lib/krb5/krb5.h: krb5_addresses == HostAddresses. Changed all
1748 * lib/krb5/get_addrs.c: figure out all local addresses, possibly
1751 * lib/krb5/checksum.c: table-driven checksum
1753 Mon Jul 7 21:13:28 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1755 * lib/krb5/encrypt.c: Make krb5_decrypt use the same struct as
1758 Mon Jul 7 11:15:51 1997 Assar Westerlund <assar@sics.se>
1760 * lib/roken/vsyslog.c: new file
1762 * lib/krb5/encrypt.c: add des-cbc-md4.
1763 adjust krb5_encrypt and krb5_decrypt to reality
1765 * appl/rsh/rshd.c: Now works. Also implementd encryption and
1768 * appl/rsh/common.c: new file
1770 Mon Jul 7 02:46:31 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1772 * lib/krb5/encrypt.c: Implement as a vector of function pointers.
1774 * lib/krb5/{decrypt,encrypt}.c: Implement des-cbc-crc, and
1775 des-cbc-md5 in separate functions.
1777 * lib/krb5/krb5.h: Add more checksum and encryption types.
1779 * lib/krb5/krb5_locl.h: Add etype to krb5_decrypt.
1781 Sun Jul 6 23:02:59 1997 Assar Westerlund <assar@sics.se>
1783 * lib/krb5/[gs]et_default_realm.c, kuserok.c: new files
1785 * lib/krb5/config_file.[ch]: new c-based configuration reading
1788 Wed Jul 2 23:12:56 1997 Assar Westerlund <assar@sics.se>
1790 * configure.in: Set WFLAGS if using gcc
1792 Wed Jul 2 17:47:03 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1794 * lib/asn1/der_put.c (der_put_int): Return size correctly.
1796 * admin/ank.c: Be compatible with the asn1 principal format.
1798 Wed Jul 1 23:52:20 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1800 * lib/asn1: Now all decode_* and encode_* functions now take a
1801 final size_t* argument, that they return the size in. Return
1802 values are zero for success, and anything else (such as some
1803 ASN1_* constant) for error.
1805 Mon Jun 30 06:08:14 1997 Assar Westerlund <assar@sics.se>
1807 * appl/rsh: New program.
1809 * lib/krb5/keytab.c (krb5_kt_add_entry): change open mode to
1812 * lib/krb5/get_cred.c: removed stale prototype for
1813 `extract_ticket' and corrected call.
1815 * lib/asn1/gen_length.c (length_type): Make the length functions
1816 for SequenceOf non-destructive
1818 * admin/ank.c (doit): Fix reading of `y/n'.
1820 Mon Jun 16 05:41:43 1997 Assar Westerlund <assar@sics.se>
1822 * lib/gssapi/wrap.c, unwrap.c: do encrypt and add sequence number
1824 * lib/gssapi/get_mic.c, verify_mic.c: Add sequence number.
1826 * lib/gssapi/accept_sec_context.c (gss_accept_sec_context): Set
1827 KRB5_AUTH_CONTEXT_DO_SEQUENCE. Verify 8003 checksum.
1829 * lib/gssapi/8003.c: New file.
1831 * lib/krb/krb5.h: Define a `krb_authenticator' as an ASN.1
1834 * lib/krb5/auth_context.c: New functions
1835 `krb5_auth_setlocalseqnumber' and `krb5_auth_setremoteseqnumber'
1837 Tue Jun 10 00:35:54 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1839 * lib/krb5: Preapre for use of some asn1-types.
1841 * lib/asn1/*.c (copy_*): Constness.
1843 * lib/krb5/krb5.h: Include asn1.h; krb5_data is now an
1846 * lib/asn1/der*,gen.c: krb5_data -> octet_string, char * ->
1849 * lib/asn1/libasn1.h: Moved stuff from asn1_locl.h that doesn't
1850 have anything to do with asn1_compile.
1852 * lib/asn1/asn1_locl.h: Remove der.h. Add some prototypes.
1854 Sun Jun 8 03:51:55 1997 Assar Westerlund <assar@sics.se>
1856 * kdc/kerberos5.c: Fix PA-ENC-TS-ENC
1858 * kdc/connect.c(process_request): Set `new'
1860 * lib/krb5/get_in_tkt.c: Do PA-ENC-TS-ENC the correct way.
1862 * lib: Added editline,sl,roken.
1864 Mon Jun 2 00:37:48 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1866 * lib/krb5/fcache.c: Move file cache from cache.c.
1868 * lib/krb5/cache.c: Allow more than one cache type.
1870 Sun Jun 1 23:45:33 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1872 * admin/extkeytab.c: Merged with kdb_edit.
1874 Sun Jun 1 23:23:08 1997 Assar Westerlund <assar@sics.se>
1876 * kdc/kdc.c: more support for ENC-TS-ENC
1878 * lib/krb5/get_in_tkt.c: redone to enable pre-authentication
1880 Sun Jun 1 22:45:11 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1882 * lib/hdb/db.c: Merge fetch and store.
1884 * admin: Merge to one program.
1886 * lib/krb5/str2key.c: Fill in keytype and length.
1888 Sun Jun 1 16:31:23 1997 Assar Westerlund <assar@sics.se>
1890 * lib/krb5/rd_safe.c, lib/krb5/rd_priv.c, lib/krb5/mk_rep.c,
1891 lib/krb5/mk_priv.c, lib/krb5/build_auth.c: Some support for
1892 KRB5_AUTH_CONTEXT_DO_SEQUENCE
1894 * lib/krb5/get_in_tkt.c (get_in_tkt): be prepared to parse an
1895 KRB_ERROR. Some support for PA_ENC_TS_ENC.
1897 * lib/krb5/auth_context.c: implemented seq_number functions
1899 * lib/krb5/generate_subkey.c, generate_seq_number.c: new files
1901 * lib/gssapi/gssapi.h: avoid including <krb5.h>
1903 * lib/asn1/Makefile.am: SUFFIXES as a variable to make automake
1906 * kdc/kdc.c: preliminary PREAUTH_ENC_TIMESTAMP
1908 * configure.in: adapted to automake 1.1p
1910 Mon May 26 22:26:21 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1912 * lib/krb5/principal.c: Add contexts to many functions.
1914 Thu May 15 20:25:37 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1916 * lib/krb5/verify_user.c: First stab at a verify user.
1918 * lib/auth/sia/sia5.c: SIA module for Kerberos 5.
1920 Mon Apr 14 00:09:03 1997 Assar Westerlund <assar@sics.se>
1922 * lib/gssapi: Enough of a gssapi-over-krb5 implementation to be
1923 able to (mostly) run gss-client and gss-server.
1925 * lib/krb5/keytab.c: implemented krb5_kt_add_entry,
1926 krb5_kt_store_principal, krb5_kt_store_keyblock
1928 * lib/des/md5.[ch], sha.[ch]: new files
1930 * lib/asn1/der_get.c (generalizedtime2time): use `timegm'
1932 * lib/asn1/timegm.c: new file
1934 * admin/extkeytab.c: new program
1936 * admin/admin_locl.h: new file
1938 * admin/Makefile.am: Added extkeytab
1940 * configure.in: moved config to include
1941 removed timezone garbage
1942 added lib/gssapi and admin
1944 * Makefile.am: Added admin
1946 Mon Mar 17 11:34:05 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1948 * kdc/kdc.c: Use new copying functions, and free some data.
1950 * lib/asn1/Makefile.am: Try to not always rebuild generated files.
1952 * lib/asn1/der_put.c: Add fix_dce().
1954 * lib/asn1/der_{get,length,put}.c: Fix include files.
1956 * lib/asn1/der_free.c: Remove unused functions.
1958 * lib/asn1/gen.c: Split into gen_encode, gen_decode, gen_free,
1959 gen_length, and gen_copy.
1961 Sun Mar 16 18:13:52 1997 Assar Westerlund <assar@sics.se>
1963 * lib/krb5/sendauth.c: implemented functionality
1965 * lib/krb5/rd_rep.c: Use `krb5_decrypt'
1967 * lib/krb5/cache.c (krb5_cc_get_name): return default if `id' ==
1970 * lib/krb5/principal.c (krb5_free_principal): added `context'
1971 argument. Changed all callers.
1973 (krb5_sname_to_principal): new function
1975 * lib/krb5/auth_context.c (krb5_free_authenticator): add `context'
1976 argument. Changed all callers
1978 * lib/krb5/{net_write.c,net_read.c,recvauth.c}: new files
1980 * lib/asn1/gen.c: Fix encoding and decoding of BitStrings
1982 Fri Mar 14 11:29:00 1997 Assar Westerlund <assar@sics.se>
1984 * configure.in: look for *dbm?
1986 * lib/asn1/gen.c: Fix filename in generated files. Check fopens.
1987 Put trailing newline in asn1_files.
1989 Fri Mar 14 05:06:44 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1991 * lib/krb5/get_in_tkt.c: Fix some memory leaks.
1993 * lib/krb5/krbhst.c: Properly free hostlist.
1995 * lib/krb5/decrypt.c: CRCs are 32 bits.
1997 Fri Mar 14 04:39:15 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1999 * lib/asn1/gen.c: Generate one file for each type.
2001 Fri Mar 14 04:13:47 1997 Assar Westerlund <assar@sics.se>
2003 * lib/asn1/gen.c: Generate `length_FOO' functions
2005 * lib/asn1/der_length.c: new file
2007 * kuser/klist.c: renamed stime -> printable_time to avoid conflict
2010 Fri Mar 14 03:37:23 1997 Johan Danielsson <joda@emma.pdc.kth.se>
2012 * lib/hdb/ndbm.c: Return NOENTRY if fetch fails. Don't free
2013 datums. Don't add .db to filename.
2015 Fri Mar 14 02:49:51 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
2017 * kdc/dump.c: Database dump program.
2019 * kdc/ank.c: Trivial database editing program.
2021 * kdc/{kdc.c, load.c}: Use libhdb.
2023 * lib/hdb: New database routine library.
2025 * lib/krb5/error/Makefile.am: Add hdb_err.
2027 Wed Mar 12 17:41:14 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
2029 * kdc/kdc.c: Rewritten AS, and somewhat more working TGS support.
2031 * lib/asn1/gen.c: Generate free functions.
2033 * Some specific free functions.
2035 Wed Mar 12 12:30:13 1997 Assar Westerlund <assar@sics.se>
2037 * lib/krb5/krb5_mk_req_ext.c: new file
2039 * lib/asn1/gen.c: optimize the case with a simple type
2041 * lib/krb5/get_cred.c (krb5_get_credentials): Use
2042 `mk_req_extended' and remove old code.
2044 * lib/krb5/get_in_tkt.c (decrypt_tkt): First try with an
2045 EncASRepPart, then with an EncTGSRepPart.
2047 Wed Mar 12 08:26:04 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
2049 * lib/krb5/store_emem.c: New resizable memory storage.
2051 * lib/krb5/{store.c, store_fd.c, store_mem.c}: Split of store.c
2053 * lib/krb5/krb5.h: Add free entry to krb5_storage.
2055 * lib/krb5/decrypt.c: Make keyblock const.
2057 Tue Mar 11 20:22:17 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
2059 * lib/krb5/krb5.h: Add EncTicketPart to krb5_ticket.
2061 * lib/krb5/rd_req.c: Return whole asn.1 ticket in
2064 * lib/krb5/get_in_tkt.c: TGS -> AS
2066 * kuser/kfoo.c: Print error string rather than number.
2068 * kdc/kdc.c: Some kind of non-working TGS support.
2070 Mon Mar 10 01:43:22 1997 Assar Westerlund <assar@sics.se>
2072 * lib/asn1/gen.c: reduced generated code by 1/5
2074 * lib/asn1/der_put.c: (der_put_length_and_tag): new function
2076 * lib/asn1/der_get.c (der_match_tag_and_length): new function
2078 * lib/asn1/der.h: added prototypes
2080 Mon Mar 10 01:15:43 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
2082 * lib/krb5/krb5.h: Include <asn1_err.h>. Add prototype for
2083 krb5_rd_req_with_keyblock.
2085 * lib/krb5/rd_req.c: Add function krb5_rd_req_with_keyblock that
2086 takes a precomputed keyblock.
2088 * lib/krb5/get_cred.c: Use krb5_mk_req rather than inlined code.
2090 * lib/krb5/mk_req.c: Calculate checksum of in_data.
2092 Sun Mar 9 21:17:58 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
2094 * lib/krb5/error/compile_et.awk: Add a declaration of struct
2095 error_list, and multiple inclusion block to header files.
2097 Sun Mar 9 21:01:12 1997 Assar Westerlund <assar@sics.se>
2099 * lib/krb5/rd_req.c: do some checks on times
2101 * lib/krb/{mk_priv.c, rd_priv.c, sendauth.c, decrypt.c,
2102 address.c}: new files
2104 * lib/krb5/auth_context.c: more code
2106 * configure.in: try to figure out timezone
2108 Sat Mar 8 11:41:07 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
2110 * lib/krb5/error/error.c: Try strerror if error code wasn't found.
2112 * lib/krb5/get_in_tkt.c: Remove realm parameter from
2115 * lib/krb5/context.c: Initialize error table.
2117 * kdc: The beginnings of a kdc.
2119 Sat Mar 8 08:16:28 1997 Assar Westerlund <assar@sics.se>
2121 * lib/krb5/rd_safe.c: new file
2123 * lib/krb5/checksum.c (krb5_verify_checksum): New function
2125 * lib/krb5/get_cred.c: use krb5_create_checksum
2127 * lib/krb5/checksum.c: new file
2129 * lib/krb5/store.c: no more arithmetic with void*
2131 * lib/krb5/cache.c: now seems to work again
2133 Sat Mar 8 06:58:09 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
2135 * lib/krb5/Makefile.am: Add asn1_glue.c and error/*.c to libkrb5.
2137 * lib/krb5/get_in_tkt.c: Moved some functions to asn1_glue.c.
2139 * lib/krb5/asn1_glue.c: Moved some asn1-stuff here.
2141 * lib/krb5/{cache,keytab}.c: Use new storage functions.
2143 * lib/krb5/krb5.h: Protypes for new storage functions.
2145 * lib/krb5/krb5.h: Make krb5_{ret,store}_* functions able to write
2146 data to more than file descriptors.
2148 Sat Mar 8 01:01:17 1997 Assar Westerlund <assar@sics.se>
2150 * lib/krb5/encrypt.c: New file.
2152 * lib/krb5/Makefile.am: More -I
2154 * configure.in: Test for big endian, random, rand, setitimer
2156 * lib/asn1/gen.c: perhaps even decodes bitstrings
2158 Thu Mar 6 19:05:29 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
2160 * lib/krb5/config_file.y: Better return values on error.
2162 Sat Feb 8 15:59:56 1997 Assar Westerlund <assar@pdc.kth.se>
2164 * lib/asn1/parse.y: ifdef HAVE_STRDUP
2166 * lib/asn1/lex.l: ifdef strdup
2167 brange-dead version of list of special characters to make stupid
2170 * lib/asn1/gen.c: A DER integer should really be a `unsigned'
2172 * lib/asn1/der_put.c: A DER integer should really be a `unsigned'
2174 * lib/asn1/der_get.c: A DER integer should really be a `unsigned'
2176 * lib/krb5/error/Makefile.am: It seems "$(SHELL) ./compile_et" is
2179 * lib/krb/mk_rep.c, lib/krb/rd_req.c, lib/krb/store.c,
2180 lib/krb/store.h: new files.
2182 * lib/krb5/keytab.c: now even with some functionality.
2184 * lib/asn1/gen.c: changed paramater from void * to Foo *
2186 * lib/asn1/der_get.c (der_get_octet_string): Fixed bug with empty
2189 Sun Jan 19 06:17:39 1997 Assar Westerlund <assar@pdc.kth.se>
2191 * lib/krb5/get_cred.c (krb5_get_credentials): Check for creds in
2192 cc before getting new ones.
2194 * lib/krb5/krb5.h (krb5_free_keyblock): Fix prototype.
2196 * lib/krb5/build_auth.c (krb5_build_authenticator): It seems the
2197 CRC should be stored LSW first. (?)
2199 * lib/krb5/auth_context.c: Implement `krb5_auth_con_getkey' and
2200 `krb5_free_keyblock'
2202 * lib/**/Makefile.am: Rename foo libfoo.a
2204 * include/Makefile.in: Use test instead of [
2205 -e does not work with /bin/sh on psoriasis
2207 * configure.in: Search for awk
2208 create lib/krb/error/compile_et
2210 Tue Jan 14 03:46:26 1997 Assar Westerlund <assar@pdc.kth.se>
2212 * lib/krb5/Makefile.am: replaced mit-crc.c by crc.c
2214 Wed Dec 18 00:53:55 1996 Johan Danielsson <joda@emma.pdc.kth.se>
2216 * kuser/kinit.c: Guess principal.
2218 * lib/krb5/error/compile_et.awk: Don't include krb5.h. Fix some
2221 * lib/krb5/error/asn1_err.et: Add ASN.1 error messages.
2223 * lib/krb5/mk_req.c: Get client from cache.
2225 * lib/krb5/cache.c: Add better error checking some useful return
2228 * lib/krb5/krb5.h: Fix krb5_auth_context.
2230 * lib/asn1/der.h: Make krb5_data compatible with krb5.h
2232 Tue Dec 17 01:32:36 1996 Johan Danielsson <joda@emma.pdc.kth.se>
2234 * lib/krb5/error: Add primitive error library.
2236 Mon Dec 16 16:30:20 1996 Johan Danielsson <joda@emma.pdc.kth.se>
2238 * lib/krb5/cache.c: Get correct address type from cache.
2240 * lib/krb5/krb5.h: Change int16 to int to be compatible with asn1.