1 2005-02-02 Love Hörnquist Åstrand <lha@it.su.se>
3 * lib/krb5/send_to_kdc.c (send_and_recv_udp): make private again
5 * lib/krb5/kcm.c: use AF_UNIX like the rest of the codebase, add
6 some more error strings
8 2005-02-02 Luke Howard <lukeh@padl.com>
10 * configure.in: add --enable-kcm option for Kerberos
11 Credentials Manager (KCM)
13 * lib/krb5/Makefile.am: add kcm.c
15 * lib/krb5/cache.c: use cc_retrieve_cred if present rather
16 than enumerating ccache
18 * lib/krb5/context.c: register KCM cc_ops
20 * lib/krb5/get_cred.c: pass all options to cc_retrieve_cred
22 * lib/krb5/init_creds_pw.c: add krb5_get_init_creds_keyblock
24 * lib/krb5/kcm.[ch]: add initial implementation of KCM
27 * lib/krb5/krb5.h: fix cc_retrieve prototype, add KCM cc_ops
29 * lib/krb5/send_to_kdc.c: add _krb5_send_and_recv_tcp
31 * lib/krb5/store.c: add krb5_store_creds_tag, krb5_ret_creds_tag
33 2005-01-24 Luke Howard <lukeh@padl.com>
35 * lib/krb5/init_creds_pw.c: allow NULL in_options to be passed
36 krb5_get_init_creds_password()
38 * kdc/kerberos5.c: don't crash when logging no server etype
39 support if client == NULL
41 2005-01-17 Love Hörnquist Åstrand <lha@it.su.se>
43 * kdc/kstash.c: s/random_key/random_key_flag/, From Dave Love
46 2005-01-12 Love Hörnquist Åstrand <lha@it.su.se>
48 * doc/apps.texi: Texinfo fixes. Text about irix 6.5 using
49 PAM. From: Dave Love <d.love@dl.ac.uk>
51 2005-01-08 Love Hörnquist Åstrand <lha@it.su.se>
53 * lib/krb5/verify_krb5_conf.c: cast argument to isdigit to
56 * lib/krb5/keytab_keyfile.c: cast argument to toupper to unsigned
59 * lib/asn1/hash.c (hashcaseadd): cast argument to toupper to
62 * appl/kf/kfd.c (kfd_match_version): cast argument to islower to
65 * lib/krb5/krb5.3: drop krb5_{checksum,enctype}_is_disabled
67 * lib/krb5/krb5_encrypt.3: drop krb5_enctype_is_disabled, more
68 text about krb5_enctype_valid
70 * lib/krb5/krb5_create_checksum.3: drop
71 krb5_checksum_is_disabled
73 * lib/krb5/crypto.c: drop krb5_{checksum,enctype}_isdisabled
75 * lib/krb5/context.c: krb5_enctype_is_disabled is the same thing
76 as krb5_enctype_valid, so use the later since its older and the
77 api doesn't really need another entry point
79 * lib/krb5/rd_req.c: krb5_enctype_is_disabled is the same thing as
80 krb5_enctype_valid, so use the later since its older and the api
81 doesn't really need another entry point
83 * kdc/kerberos5.c: krb5_enctype_is_disabled is the same thing as
84 krb5_enctype_valid, so use the later since its older and the api
85 doesn't really need another entry point
87 2005-01-05 Love Hörnquist Åstrand <lha@it.su.se>
89 * kpasswd/kpasswdd.8: document --addresses, controls what
90 addresses kpasswd should listen too
92 * kpasswd/kpasswdd.c: add --addresses, controls what addresses
93 kpasswd should listen too
95 * lib/krb5/addr_families.c (krb5_parse_address): filter out dup
96 addresses from getaddrinfo
98 * kpasswd/kpasswd.1: document -c
100 * kpasswd/kpasswd.c: allow specifying a credential cache to use
101 for the admin principal
103 * include/bits.c: constify to avoid warning with -Wwrite-string
105 * NEWS: add 0.6.2 and 0.6.3 items
107 * lib/krb5/krb5_keyblock.3: document krb5_generate_subkey_extended
109 * lib/krb5/krb5_is_thread_safe.3: document function
111 * lib/krb5/Makefile.am (man_MANS) += krb5_is_thread_safe.3
113 * lib/krb5/context.c (krb5_is_thread_safe): return TRUE is the
114 library was compiled with multithreading support. If not,
115 application must global lock the library, it it uses threads that
116 call kerberos functions at the same time.
118 2005-01-05 Luke Howard <lukeh@padl.com>
120 * lib/krb5/auth_context.c: use krb5_generate_subkey_extended()
122 * lib/krb5/appdefault.c: remove redundant KRB5_LIB_FUNCTION
124 * lib/krb5/build_auth.c: support for enctype negotiation
125 (client sends EtypeList in Authenticator authz data)
127 * lib/krb5/context.c: mutex should be destroyed last in
130 * lib/krb5/generate_subkey.c: add krb5_generate_subkey_extended(),
131 set *subkey to NULL if key geneartion fails
133 * lib/krb5/krb5.h: add KRB5_KU_PA_SERVER_REFERRAL_DATA
135 * lib/krb5/mk_req_ext.c: support ETYPE_ARCFOUR_HMAC_MD5_56
137 * lib/krb5/rd_req.c: support for enctype negotiation
138 (client sends EtypeList in Authenticator authz data)
140 2005-01-04 Luke Howard <lukeh@padl.com>
142 * lib/asn1/k5.asn1: add authorization data types for enctype
143 negotiation implementation
145 2005-01-04 Love Hörnquist Åstrand <lha@it.su.se>
147 * lib/krb5/changepw.c (change_password_loop): on failing to find a
148 kdc, set result_code to KRB5_KPASSWD_HARDERROR
150 2005-01-01 Love Hörnquist Åstrand <lha@it.su.se>
152 * doc/heimdal.texi: Happy New Year