1 Mon Sep 8 01:24:42 1997 Assar Westerlund <assar@sics.se>
3 * kdc/hpropd.c (main): check number of arguments
5 * appl/popper/pop_init.c (pop_init): check number of arguments
7 * kpasswd/kpasswd.c (main): check number of arguments
9 * kdc/string2key.c (main): check number of arguments
11 * kuser/kdestroy.c (main): check number of arguments
13 * kuser/kinit.c (main): check number of arguments
15 * kpasswd/kpasswdd.c (main): use sigaction without SA_RESTART to
16 break out of select when a signal arrives
18 * kdc/main.c (main): use sigaction without SA_RESTART to break out
19 of select when a signal arrives
21 * kdc/kstash.c: default to HDB_DB_DIR "/m-key"
23 * kdc/config.c (configure): add `--help'. check the number of
24 arguments. handle the case of there being to speicification of
27 * admin/util.c: seal and unseal key at appropriate places
29 * admin/kdb_edit.c (main): parse arguments, config file and read
30 master key iff there's one.
32 * admin/extkeytab.c (ext_keytab): unseal key while extracting
34 Sun Sep 7 20:41:01 1997 Assar Westerlund <assar@sics.se>
36 * lib/roken/roken.h: include <fcntl.h>
38 * kdc/kerberos5.c (set_salt_padata): new function
40 * appl/telnet/telnetd/telnetd.c: Rename some variables that
41 conflict with cpp symbols on HP-UX 10.20
43 * change all calls of `gethostbyaddr' to cast argument 1 to `const
46 * acconfig.h: only use SGTTY on nextstep
48 Sun Sep 7 14:33:50 1997 Johan Danielsson <joda@emma.pdc.kth.se>
50 * kdc/kerberos5.c: Check invalid flag.
52 Fri Sep 5 14:19:38 1997 Johan Danielsson <joda@emma.pdc.kth.se>
54 * lib/krb5/verify_user.c: Use get_init_creds/verify_init_creds.
56 * lib/kafs: Move functions common to krb/krb5 modules to new file,
57 and make things more modular.
59 * lib/krb5/krb5.h: rename STRING -> krb5_config_string, and LIST
62 Thu Sep 4 23:39:43 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
64 * lib/krb5/get_addrs.c: Fix loopback test.
66 Thu Sep 4 04:45:49 1997 Assar Westerlund <assar@sics.se>
68 * lib/roken/roken.h: fallback definition of `O_ACCMODE'
70 * lib/krb5/get_in_tkt.c (krb5_get_in_cred): be more careful when
71 checking for a v4 reply
73 Wed Sep 3 18:20:14 1997 Johan Danielsson <joda@emma.pdc.kth.se>
75 * kdc/hprop.c: Add `--decrypt' and `--encrypt' flags.
77 * lib/hdb/hdb.c: new {seal,unseal}_keys functions
79 * kdc/{hprop,hpropd}.c: Add support to dump database to stdout.
81 * kdc/hprop.c: Don't use same master key as version 4.
83 * admin/util.c: Don't dump core if no `default' is found.
85 Wed Sep 3 16:01:07 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
87 * kdc/connect.c: Allow run time port specification.
89 * kdc/config.c: Add flags for http support, and port
92 Tue Sep 2 02:00:03 1997 Assar Westerlund <assar@sics.se>
94 * include/bits.c: Don't generate ifndef's in bits.h. Instead, use
95 them when building the program. This makes it possible to include
96 bits.h without having defined all HAVE_INT17_T symbols.
98 * configure.in: test for sigaction
100 * doc: updated documentation.
102 Tue Sep 2 00:20:31 1997 Johan Danielsson <joda@emma.pdc.kth.se>
106 Mon Sep 1 17:42:14 1997 Johan Danielsson <joda@emma.pdc.kth.se>
108 * lib/krb5/data.c: don't return ENOMEM if len == 0
110 Sun Aug 31 17:15:49 1997 Johan Danielsson <joda@emma.pdc.kth.se>
112 * lib/hdb/hdb.asn1: Include salt type in salt.
114 * kdc/hprop.h: Change port to 754.
116 * kdc/hpropd.c: Verify who tries to transmit a database.
118 * appl/popper: Use getarg and krb5_log.
120 * lib/krb5/get_port.c: Add context parameter. Now takes port in
123 Sat Aug 30 18:48:19 1997 Johan Danielsson <joda@emma.pdc.kth.se>
125 * kdc/connect.c: Add timeout to select, and log about expired tcp
128 * kdc/config.c: Add `database' option.
130 * kdc/hpropd.c: Log about duplicate entries.
132 * lib/hdb/{db,ndbm}.c: Use common routines.
134 * lib/hdb/common.c: Implement more generic fetch/store/delete
137 * lib/hdb/hdb.h: Add `replace' parameter to store.
139 * kdc/connect.c: Set filedecriptor to -1 on allocated decriptor
142 Fri Aug 29 03:13:23 1997 Assar Westerlund <assar@sics.se>
144 * lib/krb5/get_in_tkt.c: extract_ticket -> _krb5_extract_ticket
146 * aux/make-proto.pl: fix __P for stone age mode
148 Fri Aug 29 02:45:46 1997 Johan Danielsson <joda@emma.pdc.kth.se>
150 * lib/45/mk_req.c: implementation of krb_mk_req that uses 524
153 * lib/krb5/init_creds_pw.c: make change_password and
154 get_init_creds_common static
156 * lib/krb5/krb5.h: Merge stuff from removed headerfiles.
158 * lib/krb5/fcache.c: fcc_ops -> krb5_fcc_ops
160 * lib/krb5/mcache.c: mcc_ops -> krb5_mcc_ops
162 Fri Aug 29 01:45:25 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
164 * lib/krb5/krb5.h: Remove all prototypes.
166 * lib/krb5/convert_creds.c: Use `struct credentials' instead of
169 Fri Aug 29 00:08:18 1997 Assar Westerlund <assar@sics.se>
171 * lib/asn1/gen_glue.c: new file. generates 2int and int2 functions
172 and units for bit strings.
174 * admin/util.c: flags2int, int2flags, and flag_units are now
175 generated by asn1_compile
177 * lib/roken/parse_units.c: generalised `parse_units' and
178 `unparse_units' and added new functions `parse_flags' and
179 `unparse_flags' that use these
181 * lib/krb5/krb5_locl.h: moved krb5_data* functions to krb5.h
183 * admin/util.c: Use {un,}parse_flags for printing and parsing
186 Thu Aug 28 03:26:12 1997 Assar Westerlund <assar@sics.se>
188 * lib/krb5/get_addrs.c: restructured
190 * lib/krb5/warn.c (_warnerr): leak less memory
192 * lib/hdb/hdb.c (hdb_free_entry): zero keys
193 (hdb_check_db_format): leak less memory
195 * lib/hdb/ndbm.c (NDBM_seq): check for valid hdb_entries implement
198 * lib/hdb/db.c (DB_seq): check for valid hdb_entries
200 Thu Aug 28 02:06:58 1997 Johan Danielsson <joda@emma.pdc.kth.se>
202 * lib/krb5/send_to_kdc.c: Don't use sendto on connected sockets.
204 Thu Aug 28 01:13:17 1997 Assar Westerlund <assar@sics.se>
206 * kuser/kinit.1, klist.1, kdestroy.1: new man pages
208 * kpasswd/kpasswd.1, kpasswdd.8: new man pages
210 * kdc/kstash.8, hprop.8, hpropd.8: new man pages
212 * admin/ktutil.8, admin/kdb_edit.8: new man pages
214 * admin/mod.c: new file
216 * admin/life.c: renamed gettime and puttime to getlife and putlife
217 and moved them to life.c
219 * admin/util.c: add print_flags, parse_flags, init_entry,
220 set_created_by, set_modified_by, edit_entry, set_password. Use
223 * admin/get.c: use print_flags
225 * admin: removed unused stuff. use krb5_{warn,err}*
227 * admin/ank.c: re-organized and abstracted.
229 * admin/gettime.c: removed
231 Thu Aug 28 00:37:39 1997 Johan Danielsson <joda@emma.pdc.kth.se>
233 * lib/krb5/{get_cred,get_in_tkt}.c: Check for v4 reply.
235 * lib/roken/base64.c: Add base64 functions.
237 * kdc/connect.c lib/krb5/send_to_kdc.c: Add http support.
239 Wed Aug 27 00:29:20 1997 Johan Danielsson <joda@emma.pdc.kth.se>
241 * include/Makefile.am: Don't make links to built files.
243 * admin/kdb_edit.c: Add command to set the database path.
245 * lib/hdb: Include version number in database.
247 Tue Aug 26 20:14:54 1997 Johan Danielsson <joda@emma.pdc.kth.se>
249 * admin/ktutil: Merged v4 srvtab conversion.
251 Mon Aug 25 23:02:18 1997 Assar Westerlund <assar@sics.se>
253 * lib/roken/roken.h: add F_OK
255 * lib/gssapi/acquire_creds.c: fix typo
257 * configure.in: call AC_TYPE_MODE_T
259 * acinclude.m4: Add AC_TYPE_MODE_T
261 Sun Aug 24 16:46:53 1997 Assar Westerlund <assar@sics.se>
265 Sun Aug 24 08:06:54 1997 Assar Westerlund <assar@sics.se>
267 * appl/rsh/rshd.c: syslog remote shells
269 * appl/popper/pop_pass.c: log poppers
271 * kdc/kaserver.c: some more checks
273 * kpasswd/kpasswd.c: removed `-p'
275 * kuser/kinit.c: removed `-p'
277 * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): If
278 KDC_ERR_PREUATH_REQUIRED, add preauthentication and try again.
280 * lib/krb5/get_in_tkt.c (krb5_get_in_cred): don't print out
283 * lib/gssapi/import_name.c (input_name): more names types.
285 * admin/load.c (parse_keys): handle the case of an empty salt
287 * kdc/kaserver.c: fix up memory deallocation
289 * kdc/kaserver.c: quick hack at talking kaserver protocol
291 * kdc/kerberos4.c: Make `db-fetch4' global
293 * configure.in: add --enable-kaserver
295 * kdc/rx.h, kdc/kerberos4.h: new header files
297 * lib/krb5/principal.c: fix krb5_build_principal_ext & c:o
299 Sun Aug 24 03:52:44 1997 Johan Danielsson <joda@emma.pdc.kth.se>
301 * lib/krb5/{get_in_tkt,mk_safe,mk_priv}.c: Fix some Cray specific
304 * lib/krb5/{get_cred,get_in_tkt}.c: Mask nonce to 32 bits.
306 * lib/des/{md4,md5,sha}.c: Now works on Crays.
308 Sat Aug 23 18:15:01 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
310 * appl/afsutil/afslog.c: If no cells or files specified, get
311 tokens for all local cells. Better test for files.
313 Thu Aug 21 23:33:38 1997 Assar Westerlund <assar@sics.se>
315 * lib/gssapi/v1.c: new file with v1 compatibility functions.
317 Thu Aug 21 20:36:13 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
319 * lib/kafs/afskrb5.c: Don't check ticket file for afs ticket.
321 * kdc/kerberos4.c: Check database when converting v4 principals.
323 * kdc/kerberos5.c: Include kvno in Ticket.
325 * lib/krb5/encrypt.c: Add kvno parameter to encrypt_EncryptedData.
327 * kuser/klist.c: Print version number of ticket, include more
330 Wed Aug 20 21:26:58 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
332 * lib/kafs/afskrb5.c (get_cred): Check cached afs tickets for
335 Wed Aug 20 17:40:31 1997 Assar Westerlund <assar@sics.se>
337 * lib/krb5/recvauth.c (krb5_recvauth): Send a KRB-ERROR iff
340 * lib/krb5/sendauth.c (krb5_sendauth): correct the protocol
341 documentation and process KRB-ERROR's
343 Tue Aug 19 20:41:30 1997 Johan Danielsson <joda@emma.pdc.kth.se>
345 * kdc/kerberos4.c: Fix memory leak in v4 protocol handler.
347 Mon Aug 18 05:15:09 1997 Assar Westerlund <assar@sics.se>
349 * lib/gssapi/accept_sec_context.c: Added
350 `gsskrb5_register_acceptor_identity'
352 Sun Aug 17 01:40:20 1997 Assar Westerlund <assar@sics.se>
354 * lib/gssapi/accept_sec_context.c (gss_accept_sec_context): don't
355 always pass server == NULL to krb5_rd_req.
357 * lib/gssapi: new files: canonicalize_name.c export_name.c
358 context_time.c compare_name.c release_cred.c acquire_cred.c
359 inquire_cred.c, from Luke Howard <lukeh@xedoc.com.au>
361 * lib/krb5/config_file.c: Add netinfo support from Luke Howard
364 * lib/editline/sysunix.c: sgtty-support from Luke Howard
367 * lib/krb5/principal.c: krb5_sname_to_principal fix from Luke
368 Howard <lukeh@xedoc.com.au>
370 Sat Aug 16 00:44:47 1997 Assar Westerlund <assar@koi.pdc.kth.se>
374 Sat Aug 16 00:23:46 1997 Johan Danielsson <joda@emma.pdc.kth.se>
376 * appl/afsutil/afslog.c: Use new libkafs.
378 * lib/kafs/afskrb5.c: Get AFS tokens via 524 protocol.
380 * lib/krb5/warn.c: Fix format string for *x type.
382 Fri Aug 15 22:15:01 1997 Assar Westerlund <assar@sics.se>
384 * admin/get.c (get_entry): print more information about the entry
386 * lib/des/Makefile.am: build destest, mdtest, des, rpw, speed
388 * lib/krb5/config_file.c: new functions `krb5_config_get_time' and
389 `krb5_config_vget_time'. Use them.
391 Fri Aug 15 00:09:37 1997 Johan Danielsson <joda@emma.pdc.kth.se>
393 * admin/ktutil.c: Keytab manipulation program.
395 * lib/krb5/keytab.c: Return sane values from resolve and
398 * kdc/kerberos5.c: Fix for old clients passing 0 for `no endtime'.
400 * lib/45/get_ad_tkt.c: Kerberos 4 get_ad_tkt using
401 krb524_convert_creds_kdc.
403 * lib/krb5/convert_creds.c: Implementation of
404 krb524_convert_creds_kdc.
406 * lib/asn1/k5.asn1: Make kdc-req-body.till OPTIONAL
408 * kdc/524.c: A somewhat working 524-protocol module.
410 * kdc/kerberos4.c: Add version 4 ticket encoding and encryption
413 * lib/krb5/context.c: Fix kdc_timeout.
415 * lib/hdb/{ndbm,db}.c: Free name in close.
417 * kdc/kerberos5.c (tgs_check_autenticator): Return error code
419 Thu Aug 14 21:29:03 1997 Johan Danielsson <joda@emma.pdc.kth.se>
421 * kdc/kerberos5.c (tgs_make_reply): Fix endtime in reply.
423 * lib/krb5/store_emem.c: Fix reallocation bug.
425 Tue Aug 12 01:29:46 1997 Assar Westerlund <assar@sics.se>
427 * appl/telnet/libtelnet/kerberos5.c, appl/popper/pop_init.c,
428 appl/rshd/rshd.c: Use `krb5_sock_to_principal'. Send server
429 parameter to krb5_rd_req/krb5_recvauth. Set addresses in
432 * lib/krb5/recvauth.c: Set addresses in auth_context if there
435 * lib/krb5/auth_context.c: New function
436 `krb5_auth_con_setaddrs_from_fd'
438 * lib/krb5/sock_principal.c: new function
439 `krb5_sock_to_principal'
441 * lib/krb5/time.c: new file with `krb5_timeofday' and
442 `krb5_us_timeofday'. Use these functions.
444 * kuser/klist.c: print KDC offset iff verbose
446 * lib/krb5/get_in_tkt.c: implement KDC time offset and use it if
447 [libdefaults]kdc_timesync is set.
449 * lib/krb5/fcache.c: Implement version 4 of the ccache format.
451 Mon Aug 11 05:34:43 1997 Assar Westerlund <assar@sics.se>
453 * lib/krb5/rd_rep.c (krb5_free_ap_rep_enc_part): free all memory
455 * lib/krb5/principal.c (krb5_unparse_name): allocate memory
458 * kpasswd/kpasswd.c: Use `krb5_change_password'
460 * lib/krb5/init_creds_pw.c (init_cred): set realm of server
463 * lib/krb5/init_creds_pw.c: support changing of password when it
466 * lib/krb5/changepw.c: new file
468 * kuser/klist.c: use getarg
470 * admin/init.c (init): add `kadmin/changepw'
472 Mon Aug 11 04:30:47 1997 Johan Danielsson <joda@emma.pdc.kth.se>
474 * lib/krb5/get_cred.c: Make get_credentials handle cross-realm.
476 Mon Aug 11 00:03:24 1997 Assar Westerlund <assar@sics.se>
478 * lib/krb5/config_file.c: implement support for #-comments
480 Sat Aug 9 02:21:46 1997 Johan Danielsson <joda@emma.pdc.kth.se>
482 * kdc/hprop*.c: Add database propagation programs.
484 * kdc/connect.c: Max request size.
486 Sat Aug 9 00:47:28 1997 Assar Westerlund <assar@sics.se>
488 * lib/otp: resurrected from krb4
490 * appl/push: new program for fetching mail with POP.
492 * appl/popper/popper.h: new include files. new fields in `POP'
494 * appl/popper/pop_pass.c: Implement both v4 and v5.
496 * appl/popper/pop_init.c: Implement both v4 and v5.
498 * appl/popper/pop_debug.c: use getarg. Talk both v4 and v5
500 * appl/popper: Popper from krb4.
502 * configure.in: check for inline and <netinet/tcp.h> generate
503 files in appl/popper, appl/push, and lib/otp
505 Fri Aug 8 05:51:02 1997 Assar Westerlund <assar@sics.se>
507 * lib/krb5/get_cred.c: clean-up and try to free memory even when
510 * lib/krb5/get_cred.c: adapt to new `extract_ticket'
512 * lib/krb5/get_in_tkt.c: reorganize. check everything and try to
513 return memory even if there are errors.
515 * kuser/kverify.c: new file
517 * lib/krb5/free_host_realm.c: new file
519 * lib/krb5/principal.c (krb5_sname_to_principal): implement
520 different nametypes. Also free memory.
522 * lib/krb5/verify_init.c: more functionality
524 * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): free the checksum
526 * lib/krb5/get_in_tkt.c (extract_ticket): don't copy over the
527 principals in creds. Should also compare them with that received
530 * lib/krb5/cache.c (krb5_cc_gen_new): copy the newly allocated
532 (krb5_cc_destroy): call krb5_cc_close
533 (krb5_cc_retrieve_cred): delete the unused creds
535 Fri Aug 8 02:30:40 1997 Johan Danielsson <joda@emma.pdc.kth.se>
537 * lib/krb5/log.c: Allow better control of destinations of logging
538 (like passing explicit destinations, and log-functions).
540 Fri Aug 8 01:20:39 1997 Assar Westerlund <assar@sics.se>
542 * lib/krb5/get_default_principal.c: new file
544 * kpasswd/kpasswdd.c: use krb5_log*
546 Fri Aug 8 00:37:47 1997 Johan Danielsson <joda@emma.pdc.kth.se>
548 * lib/krb5/init_creds_pw.c: Implement krb5_get_init_creds_keytab.
550 Fri Aug 8 00:37:17 1997 Assar Westerlund <assar@sics.se>
552 * lib/krb5/init_creds_pw.c: Use `krb5_get_default_principal'.
553 Print password expire information.
555 * kdc/config.c: new variable `kdc_warn_pwexpire'
557 * kpasswd/kpasswd.c: converted to getarg and get_init_creds
559 Thu Aug 7 22:17:09 1997 Assar Westerlund <assar@sics.se>
561 * lib/krb5/mcache.c: new file
563 * admin/gettime.c: new function puttime. Use it.
565 * lib/krb5/keyblock.c: Added krb5_free_keyblock and
568 * lib/krb5/init_creds_pw.c: more functionality
570 * lib/krb5/creds.c: Added krb5_free_creds_contents and
571 krb5_copy_creds. Changed callers.
573 * lib/krb5/config_file.c: new functions krb5_config_get and
576 * lib/krb5/cache.c: cleanup added mcache
578 * kdc/kerberos5.c: include last-req's of type 6 and 7, if
581 Wed Aug 6 20:38:23 1997 Johan Danielsson <joda@emma.pdc.kth.se>
583 * lib/krb5/log.c: New parameter `log-level'. Default to `SYSLOG'.
585 Tue Aug 5 22:53:54 1997 Assar Westerlund <assar@sics.se>
587 * lib/krb5/verify_init.c, init_creds_pw.c, init_creds.c,
588 prompter_posix.c: the beginning of an implementation of the cygnus
591 * lib/krb5/get_in_tkt_pw.c: make `krb5_password_key_proc' global
593 * lib/krb5/get_in_tkt.c (krb5_get_in_cred): new function that is
594 almost krb5_get_in_tkt but doesn't write the creds to the ccache.
595 Small fixes in krb5_get_in_tkt
597 * lib/krb5/get_addrs.c (krb5_get_all_client_addrs): don't include
600 Mon Aug 4 20:20:48 1997 Johan Danielsson <joda@emma.pdc.kth.se>
602 * kdc: Make context global.
604 Fri Aug 1 17:23:56 1997 Assar Westerlund <assar@sics.se>
608 * lib/roken/flock.c: new file
610 * kuser/kinit.c: check for and print expiry information in the
613 * lib/krb5/get_in_tkt.c: Set `ret_as_reply' if != NULL
615 * kdc/kerberos5.c: Check the valid times on client and server.
616 Check the password expiration.
617 Check the require_preauth flag.
618 Send an lr_type == 6 with pw_end.
619 Set key.expiration to min(valid_end, pw_end)
621 * lib/hdb/hdb.asn1: new flags `require_preauth' and `change_pw'
623 * admin/util.c, admin/load.c: handle the new flags.
625 Fri Aug 1 16:56:12 1997 Johan Danielsson <joda@emma.pdc.kth.se>
627 * lib/hdb: Add some simple locking.
629 Sun Jul 27 04:44:31 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
631 * lib/krb5/log.c: Add some general logging functions.
633 * kdc/kerberos4.c: Add version 4 protocol handler. The requrement
634 for this to work is that all involved principals has a des key in
635 the database, and that the client has a version 4 (un-)salted
636 key. Furthermore krb5_425_conv_principal has to do it's job, as
637 present it's not very clever.
639 * lib/krb5/principal.c: Quick patch to make 425_conv work
642 * lib/hdb/hdb.c: Add keytype->key and next key functions.
644 Fri Jul 25 17:32:12 1997 Assar Westerlund <assar@sics.se>
646 * lib/krb5/build_auth.c (krb5_build_authenticator): don't free
647 `cksum'. It's allocated and freed by the caller
649 * lib/krb5/get_cred.c (krb5_get_kdc_cred): Don't free `addresses'.
651 * kdc/kerberos5.c (tgs_rep2): make sure we also have an defined
652 `client' to return as part of the KRB-ERROR
654 * appl/rsh/rshd.c: implement forwarding
656 * appl/rsh/rsh.c: Use getarg. Implement forwarding.
658 Thu Jul 24 08:13:59 1997 Johan Danielsson <joda@emma.pdc.kth.se>
660 * kdc/kerberos5.c: Unseal keys from database before use.
662 * kdc/misc.c: New functions set_master_key, unseal_key and
665 * lib/roken/getarg.c: Handle `-f arg' correctly.
667 Thu Jul 24 01:54:43 1997 Assar Westerlund <assar@sics.se>
669 * kuser/kinit.c: implement `-l' aka `--lifetime'
671 * lib/roken/parse_units.c, parse_time.c: new files
673 * admin/gettime.c (gettime): use `parse_time'
675 * kdc/kerberos5.c (as_rep): Use `METHOD-DATA' when sending
676 KRB5KDC_ERR_PREAUTH_REQUIRED, not PA-DATA.
678 * kpasswd/kpasswdd.c: fix freeing bug use sequence numbers set
679 addresses in auth_context bind one socket per interface.
681 * kpasswd/kpasswd.c: use sequence numbers
683 * lib/krb5/rd_req.c (krb5_verify_ap_req): do abs when verifying
686 * lib/krb5/rd_priv.c (krb5_rd_priv): Fetch the correct session key
689 * lib/krb5/mk_priv.c (krb5_mk_priv): Fetch the correct session key
692 * lib/krb5/mk_error.c (krb5_mk_error): return an error number and
693 not a comerr'd number.
695 * lib/krb5/get_in_tkt.c (krb5_get_in_tkt): interpret the error
696 number in KRB-ERROR correctly.
698 * lib/krb5/get_cred.c (krb5_get_kdc_cred): interpret the error
699 number in KRB-ERROR correctly.
701 * lib/asn1/k5.asn1: Add `METHOD-DATA'
703 * removed some memory leaks.
705 Wed Jul 23 07:53:18 1997 Assar Westerlund <assar@sics.se>
709 * lib/krb5/rd_cred.c, get_for_creds.c: new files
711 * lib/krb5/get_host_realm.c: try default realm as last chance
713 * kpasswd/kpasswdd.c: updated to hdb changes
715 * appl/telnet/libtelnet/kerberos5.c: Implement forwarding
717 * appl/telnet/libtelnet: removed totally unused files
719 * admin/ank.c: fix prompts and generation of random keys
721 Wed Jul 23 04:02:32 1997 Johan Danielsson <joda@emma.pdc.kth.se>
723 * admin/dump.c: Include salt in dump.
725 * admin: Mostly updated for new db-format.
727 * kdc/kerberos5.c: Update to use new db format. Better checking of
728 flags and such. More logging.
730 * lib/hdb/hdb.c: Use generated encode and decode functions.
732 * lib/hdb/hdb.h: Get hdb_entry from ASN.1 generated code.
734 * lib/krb5/get_cred.c: Get addresses from krbtgt if there are none
737 Sun Jul 20 16:22:30 1997 Assar Westerlund <assar@sics.se>
739 * kuser/kinit.c: break if des_read_pw_string() != 0
741 * kpasswd/kpasswdd.c: send a reply
743 * kpasswd/kpasswd.c: restructured code. better report on
744 krb-error break if des_read_pw_string() != 0
746 * kdc/kerberos5.c: Check `require_enc_timestamp' malloc space for
747 starttime and renew_till
749 * appl/telnet/libtelnet/kerberos5.c (kerberos5_is): Send a
750 keyblock to krb5_verify_chekcsum
752 Sun Jul 20 06:35:46 1997 Johan Danielsson <joda@emma.pdc.kth.se>
756 * kpasswd/kpasswd.c: Avoid using non-standard struct names.
758 Sat Jul 19 19:26:23 1997 Assar Westerlund <assar@sics.se>
760 * lib/krb5/keytab.c (krb5_kt_get_entry): check return from
761 `krb5_kt_start_seq_get'. From <map@stacken.kth.se>
763 Sat Jul 19 04:07:39 1997 Johan Danielsson <joda@emma.pdc.kth.se>
765 * lib/asn1/k5.asn1: Update with more pa-data types from
766 draft-ietf-cat-kerberos-revisions-00.txt
768 * admin/load.c: Update to match current db-format.
770 * kdc/kerberos5.c (as_rep): Try all valid pa-datas before giving
771 up. Send back an empty pa-data if the client has the v4 flag set.
773 * lib/krb5/get_in_tkt.c: Pass both version5 and version4 salted
774 pa-data. DTRT if there is any pa-data in the reply.
776 * lib/krb5/str2key.c: XOR with some sane value.
778 * lib/hdb/hdb.h: Add `version 4 salted key' flag.
780 * kuser/kinit.c: Ask for password before calling get_in_tkt. This
781 makes it possible to call key_proc more than once.
783 * kdc/string2key.c: Add flags to output version 5 (DES only),
784 version 4, and AFS string-to-key of a password.
786 * lib/asn1/gen_copy.c: copy_* functions now returns an int (0 or
789 Fri Jul 18 02:54:58 1997 Assar Westerlund <assar@sics.se>
791 * lib/krb5/get_host_realm.c (krb5_get_host_realm): do the
794 * kdc/misc.c: check result of hdb_open
796 * admin/kdb_edit: updated to new sl
798 * lib/sl: sl_func now returns an int. != 0 means to exit.
800 * kpasswd/kpasswdd: A crude (but somewhat working) implementation
801 of `draft-ietf-cat-kerb-chg-password-00.txt'
803 Fri Jul 18 00:55:39 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
805 * kuser/krenew.c: Crude ticket renewing program.
807 * kdc/kerberos5.c: Rewritten flags parsing, it now might work to
808 get forwarded and renewed tickets.
810 * kuser/kinit.c: Add `-r' flag.
812 * lib/krb5/get_cred.c: Move most of contents of get_creds to new
813 function get_kdc_cred, that always contacts the kdc and doesn't
814 save in the cache. This is a hack.
816 * lib/krb5/get_in_tkt.c: Pass starttime and renew_till in request
819 * lib/krb5/mk_req_ext.c: Make an auth_context if none passed in.
821 * lib/krb5/send_to_kdc.c: Get timeout from context.
823 * lib/krb5/context.c: Add kdc_timeout to context struct.
825 Thu Jul 17 20:35:45 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
827 * kuser/klist.c: Print start time of ticket if available.
829 * lib/krb5/get_host_realm.c: Return error if no realm was found.
831 Thu Jul 17 20:28:21 1997 Assar Westerlund <assar@sics.se>
833 * kpasswd: non-working kpasswd added
835 Thu Jul 17 00:21:22 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
839 * kdc/main.c: Add -p flag to disable pa-enc-timestamp requirement.
841 Wed Jul 16 03:37:41 1997 Johan Danielsson <joda@emma.pdc.kth.se>
843 * kdc/kerberos5.c (tgs_rep2): Free ticket and ap_req.
845 * lib/krb5/auth_context.c (krb5_auth_con_free): Free remote
848 * lib/krb5/principal.c (krb5_free_principal): Check for NULL.
850 * lib/krb5/send_to_kdc.c: Check for NULL return from
853 * lib/krb5/set_default_realm.c: Try to get realm of local host if
854 no default realm is available.
856 * Remove non ASN.1 principal code.
858 Wed Jul 16 03:17:30 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
860 * kdc/kerberos5.c: Split tgs_rep in smaller functions. Add better
861 error handing. Do some logging.
863 * kdc/log.c: Some simple logging facilities.
865 * kdc/misc.c (db_fetch): Take a krb5_principal.
867 * kdc/connect.c: Pass address of request to as_rep and
868 tgs_rep. Send KRB-ERROR.
870 * lib/krb5/mk_error.c: Add more fields.
872 * lib/krb5/get_cred.c: Print normal error code if no e_text is
875 Wed Jul 16 03:07:50 1997 Assar Westerlund <assar@sics.se>
877 * lib/krb5/get_in_tkt.c: implement `krb5_init_etype'.
878 Change encryption type of pa_enc_timestamp to DES-CBC-MD5
880 * lib/krb5/context.c: recognize all encryption types actually
883 * lib/krb5/auth_context.c (krb5_auth_con_init): Change default
884 encryption type to `DES_CBC_MD5'
886 * lib/krb5/read_message.c, write_message.c: new files
888 Tue Jul 15 17:14:21 1997 Assar Westerlund <assar@sics.se>
890 * lib/asn1: replaced asn1_locl.h by `der_locl.h' and `gen_locl.h'.
892 * lib/error/compile_et.awk: generate a prototype for the
893 `destroy_foo_error_table' function.
895 Mon Jul 14 12:24:40 1997 Assar Westerlund <assar@sics.se>
897 * lib/krb5/krbhst.c (krb5_get_krbhst): Get all kdc's and try also
898 with `kerberos.REALM'
900 * kdc/kerberos5.c, lib/krb5/rd_priv.c, lib/krb5/rd_safe.c: use
903 * lib/krb5/rd_req.c (krb5_verify_ap_req): record authenticator
906 * lib/krb5/build_auth.c (krb5_build_authenticator): always
909 * lib/krb5/address.c: implement `krb5_address_order'
911 * lib/gssapi/import_name.c: Implement `gss_import_name'
913 * lib/gssapi/external.c: Use new OID
915 * lib/gssapi/encapsulate.c: New functions
916 `gssapi_krb5_encap_length' and `gssapi_krb5_make_header'. Changed
919 * lib/gssapi/decapsulate.c: New function
920 `gssaspi_krb5_verify_header'. Changed callers.
922 * lib/asn1/gen*.c: Give tags to generated structs.
923 Use `err' and `asprintf'
925 * appl/test/gss_common.c: new file
927 * appl/test/gssapi_server.c: removed all krb5 calls
929 * appl/telnet/libtelnet/kerberos5.c: Add support for genering and
930 verifying checksums. Also start using session subkeys.
932 Mon Jul 14 12:08:25 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
934 * lib/krb5/rd_req.c (krb5_rd_req_with_keyblock): Split up.
936 Sun Jul 13 03:07:44 1997 Assar Westerlund <assar@sics.se>
938 * lib/krb5/rd_safe.c, mk_safe.c: made bug-compatible with MIT
940 * lib/krb5/encrypt.c: new functions `DES_encrypt_null_ivec' and
941 `DES_encrypt_key_ivec'
943 * lib/krb5/checksum.c: implement rsa-md4-des and rsa-md5-des
945 * kdc/kerberos5.c (tgs_rep): support keyed checksums
947 * lib/krb5/creds.c: new file
949 * lib/krb5/get_in_tkt.c: better freeing
951 * lib/krb5/context.c (krb5_free_context): more freeing
953 * lib/krb5/config_file.c: New function `krb5_config_file_free'
955 * lib/error/compile_et.awk: Generate a `destroy_' function.
957 * kuser/kinit.c, klist.c: Don't leak memory.
959 Sun Jul 13 02:46:27 1997 Johan Danielsson <joda@emma.pdc.kth.se>
961 * kdc/connect.c: Check filedescriptor in select.
963 * kdc/kerberos5.c: Remove most of the most common memory leaks.
965 * lib/krb5/rd_req.c: Free allocated data.
967 * lib/krb5/auth_context.c (krb5_auth_con_free): Free a lot of
970 Sun Jul 13 00:32:16 1997 Assar Westerlund <assar@sics.se>
972 * appl/telnet, appl/rsh: Conditionalize the krb4-support.
974 * configure.in: Test for krb4
976 Sat Jul 12 17:14:12 1997 Assar Westerlund <assar@sics.se>
978 * kdc/kerberos5.c: check if the pre-auth was decrypted properly.
979 set the `pre_authent' flag
981 * lib/krb5/get_cred.c, lib/krb5/get_in_tkt.c: generate a random nonce.
983 * lib/krb5/encrypt.c: Made `generate_random_block' global.
985 * appl/test: Added gssapi_client and gssapi_server.
987 * lib/krb5/data.c: Add `krb5_data_zero'
989 * appl/test/tcp_client.c: try `mk_safe' and `mk_priv'
991 * appl/test/tcp_server.c: try `rd_safe' and `rd_priv'
993 Sat Jul 12 16:45:58 1997 Johan Danielsson <joda@emma.pdc.kth.se>
995 * lib/krb5/get_addrs.c: Fix for systems that has sa_len, but
996 returns zero length from SIOCGIFCONF.
998 Sat Jul 12 16:38:34 1997 Assar Westerlund <assar@sics.se>
1000 * appl/test: new programs
1002 * lib/krb5/rd_req.c: add address compare
1004 * lib/krb5/mk_req_ext.c: allow no checksum
1006 * lib/krb5/keytab.c (krb5_kt_ret_string): 0-terminate string
1008 * lib/krb5/address.c: fix `krb5_address_compare'
1010 Sat Jul 12 15:03:16 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1012 * lib/krb5/get_addrs.c: Fix ip4 address extraction.
1014 * kuser/klist.c: Add verbose flag, and split main into smaller
1017 * lib/krb5/fcache.c: Save ticket flags.
1019 * lib/krb5/get_in_tkt.c (extract_ticket): Extract addresses and
1022 * lib/krb5/krb5.h: Add ticket_flags to krb5_creds.
1024 Sat Jul 12 13:12:48 1997 Assar Westerlund <assar@sics.se>
1026 * configure.in: Call `AC_KRB_PROG_LN_S'
1028 * acinclude.m4: Add `AC_KRB_PROG_LN_S' from krb4
1030 Sat Jul 12 00:57:01 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1032 * lib/krb5/get_in_tkt.c: Use union of krb5_flags and KDCOptions to
1035 Fri Jul 11 15:04:22 1997 Assar Westerlund <assar@sics.se>
1037 * appl/telnet: telnet & telnetd seems to be working.
1039 * lib/krb5/config_file.c: Added krb5_config_v?get_list Fixed
1040 krb5_config_vget_next
1042 * appl/telnet/libtelnet/kerberos5.c: update to current API
1044 Thu Jul 10 14:54:39 1997 Assar Westerlund <assar@sics.se>
1046 * appl/telnet/libtelnet/kerberos5.c (kerberos5_status): call
1049 * appl/telnet: Added.
1051 Thu Jul 10 05:09:25 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1053 * lib/error/compile_et.awk: Remove usage of sub, gsub, and
1054 functions for compatibility with awk.
1056 * include/bits.c: Must use signed char.
1058 * lib/krb5/context.c: Move krb5_get_err_text, and krb5_init_ets
1061 * lib/error/error.c: Replace krb5_get_err_text with new function
1064 * lib/error/compile_et.awk: Avoid using static variables.
1066 * lib/error/error.c: Don't use krb5_locl.h
1068 * lib/error/error.h: Move definitions of error_table and
1069 error_list from krb5.h.
1071 * lib/error: Moved from lib/krb5.
1073 Wed Jul 9 07:42:04 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1075 * lib/krb5/encrypt.c: Temporary hack to avoid des_rand_data.
1077 Wed Jul 9 06:58:00 1997 Assar Westerlund <assar@sics.se>
1079 * appl/rsh/rsh.c: use the correct user for the checksum
1081 * lib/krb5/{rd,mk}_{*}.c: more checking for addresses and stuff
1082 according to pseudocode from 1510
1084 Wed Jul 9 06:06:06 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1086 * lib/hdb/hdb.c: Add hdb_etype2key.
1088 * kdc/kerberos5.c: Check authenticator. Use more general etype
1091 Wed Jul 9 03:51:12 1997 Assar Westerlund <assar@sics.se>
1093 * lib/asn1/k5.asn1: Made all `s_address' OPTIONAL according to
1094 draft-ietf-cat-kerberos-r-00.txt
1096 * lib/krb5/principal.c (krb5_parse_name): default to local realm
1099 * kuser/kinit.c: New option `-p' and prompt
1101 Wed Jul 9 02:30:06 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1103 * lib/krb5/keyblock.c: Keyblock generation functions.
1105 * lib/krb5/encrypt.c: Use functions from checksum.c.
1107 * lib/krb5/checksum.c: Move checksum functions here. Add
1108 krb5_cksumsize function.
1110 Wed Jul 9 01:15:38 1997 Assar Westerlund <assar@sics.se>
1112 * lib/krb5/get_host_realm.c: implemented
1114 * lib/krb5/config_file.c: Redid part. New functions:
1115 krb5_config_v?get_next
1117 * kuser/kdestroy.c: new program
1119 * kuser/kinit.c: new flag `-f'
1121 * lib/asn1/k5.asn1: Made HostAddresses = SEQUENCE OF HostAddress
1123 * acinclude.m4: Added AC_KRB_STRUCT_SOCKADDR_SA_LEN
1125 * lib/krb5/krb5.h: krb5_addresses == HostAddresses. Changed all
1128 * lib/krb5/get_addrs.c: figure out all local addresses, possibly
1131 * lib/krb5/checksum.c: table-driven checksum
1133 Mon Jul 7 21:13:28 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1135 * lib/krb5/encrypt.c: Make krb5_decrypt use the same struct as
1138 Mon Jul 7 11:15:51 1997 Assar Westerlund <assar@sics.se>
1140 * lib/roken/vsyslog.c: new file
1142 * lib/krb5/encrypt.c: add des-cbc-md4.
1143 adjust krb5_encrypt and krb5_decrypt to reality
1145 * appl/rsh/rshd.c: Now works. Also implementd encryption and
1148 * appl/rsh/common.c: new file
1150 Mon Jul 7 02:46:31 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1152 * lib/krb5/encrypt.c: Implement as a vector of function pointers.
1154 * lib/krb5/{decrypt,encrypt}.c: Implement des-cbc-crc, and
1155 des-cbc-md5 in separate functions.
1157 * lib/krb5/krb5.h: Add more checksum and encryption types.
1159 * lib/krb5/krb5_locl.h: Add etype to krb5_decrypt.
1161 Sun Jul 6 23:02:59 1997 Assar Westerlund <assar@sics.se>
1163 * lib/krb5/[gs]et_default_realm.c, kuserok.c: new files
1165 * lib/krb5/config_file.[ch]: new c-based configuration reading
1168 Wed Jul 2 23:12:56 1997 Assar Westerlund <assar@sics.se>
1170 * configure.in: Set WFLAGS if using gcc
1172 Wed Jul 2 17:47:03 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1174 * lib/asn1/der_put.c (der_put_int): Return size correctly.
1176 * admin/ank.c: Be compatible with the asn1 principal format.
1178 Wed Jul 1 23:52:20 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1180 * lib/asn1: Now all decode_* and encode_* functions now take a
1181 final size_t* argument, that they return the size in. Return
1182 values are zero for success, and anything else (such as some
1183 ASN1_* constant) for error.
1185 Mon Jun 30 06:08:14 1997 Assar Westerlund <assar@sics.se>
1187 * appl/rsh: New program.
1189 * lib/krb5/keytab.c (krb5_kt_add_entry): change open mode to
1192 * lib/krb5/get_cred.c: removed stale prototype for
1193 `extract_ticket' and corrected call.
1195 * lib/asn1/gen_length.c (length_type): Make the length functions
1196 for SequenceOf non-destructive
1198 * admin/ank.c (doit): Fix reading of `y/n'.
1200 Mon Jun 16 05:41:43 1997 Assar Westerlund <assar@sics.se>
1202 * lib/gssapi/wrap.c, unwrap.c: do encrypt and add sequence number
1204 * lib/gssapi/get_mic.c, verify_mic.c: Add sequence number.
1206 * lib/gssapi/accept_sec_context.c (gss_accept_sec_context): Set
1207 KRB5_AUTH_CONTEXT_DO_SEQUENCE. Verify 8003 checksum.
1209 * lib/gssapi/8003.c: New file.
1211 * lib/krb/krb5.h: Define a `krb_authenticator' as an ASN.1
1214 * lib/krb5/auth_context.c: New functions
1215 `krb5_auth_setlocalseqnumber' and `krb5_auth_setremoteseqnumber'
1217 Tue Jun 10 00:35:54 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1219 * lib/krb5: Preapre for use of some asn1-types.
1221 * lib/asn1/*.c (copy_*): Constness.
1223 * lib/krb5/krb5.h: Include asn1.h; krb5_data is now an
1226 * lib/asn1/der*,gen.c: krb5_data -> octet_string, char * ->
1229 * lib/asn1/libasn1.h: Moved stuff from asn1_locl.h that doesn't
1230 have anything to do with asn1_compile.
1232 * lib/asn1/asn1_locl.h: Remove der.h. Add some prototypes.
1234 Sun Jun 8 03:51:55 1997 Assar Westerlund <assar@sics.se>
1236 * kdc/kerberos5.c: Fix PA-ENC-TS-ENC
1238 * kdc/connect.c(process_request): Set `new'
1240 * lib/krb5/get_in_tkt.c: Do PA-ENC-TS-ENC the correct way.
1242 * lib: Added editline,sl,roken.
1244 Mon Jun 2 00:37:48 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1246 * lib/krb5/fcache.c: Move file cache from cache.c.
1248 * lib/krb5/cache.c: Allow more than one cache type.
1250 Sun Jun 1 23:45:33 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1252 * admin/extkeytab.c: Merged with kdb_edit.
1254 Sun Jun 1 23:23:08 1997 Assar Westerlund <assar@sics.se>
1256 * kdc/kdc.c: more support for ENC-TS-ENC
1258 * lib/krb5/get_in_tkt.c: redone to enable pre-authentication
1260 Sun Jun 1 22:45:11 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1262 * lib/hdb/db.c: Merge fetch and store.
1264 * admin: Merge to one program.
1266 * lib/krb5/str2key.c: Fill in keytype and length.
1268 Sun Jun 1 16:31:23 1997 Assar Westerlund <assar@sics.se>
1270 * lib/krb5/rd_safe.c, lib/krb5/rd_priv.c, lib/krb5/mk_rep.c,
1271 lib/krb5/mk_priv.c, lib/krb5/build_auth.c: Some support for
1272 KRB5_AUTH_CONTEXT_DO_SEQUENCE
1274 * lib/krb5/get_in_tkt.c (get_in_tkt): be prepared to parse an
1275 KRB_ERROR. Some support for PA_ENC_TS_ENC.
1277 * lib/krb5/auth_context.c: implemented seq_number functions
1279 * lib/krb5/generate_subkey.c, generate_seq_number.c: new files
1281 * lib/gssapi/gssapi.h: avoid including <krb5.h>
1283 * lib/asn1/Makefile.am: SUFFIXES as a variable to make automake
1286 * kdc/kdc.c: preliminary PREAUTH_ENC_TIMESTAMP
1288 * configure.in: adapted to automake 1.1p
1290 Mon May 26 22:26:21 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1292 * lib/krb5/principal.c: Add contexts to many functions.
1294 Thu May 15 20:25:37 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1296 * lib/krb5/verify_user.c: First stab at a verify user.
1298 * lib/auth/sia/sia5.c: SIA module for Kerberos 5.
1300 Mon Apr 14 00:09:03 1997 Assar Westerlund <assar@sics.se>
1302 * lib/gssapi: Enough of a gssapi-over-krb5 implementation to be
1303 able to (mostly) run gss-client and gss-server.
1305 * lib/krb5/keytab.c: implemented krb5_kt_add_entry,
1306 krb5_kt_store_principal, krb5_kt_store_keyblock
1308 * lib/des/md5.[ch], sha.[ch]: new files
1310 * lib/asn1/der_get.c (generalizedtime2time): use `timegm'
1312 * lib/asn1/timegm.c: new file
1314 * admin/extkeytab.c: new program
1316 * admin/admin_locl.h: new file
1318 * admin/Makefile.am: Added extkeytab
1320 * configure.in: moved config to include
1321 removed timezone garbage
1322 added lib/gssapi and admin
1324 * Makefile.am: Added admin
1326 Mon Mar 17 11:34:05 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1328 * kdc/kdc.c: Use new copying functions, and free some data.
1330 * lib/asn1/Makefile.am: Try to not always rebuild generated files.
1332 * lib/asn1/der_put.c: Add fix_dce().
1334 * lib/asn1/der_{get,length,put}.c: Fix include files.
1336 * lib/asn1/der_free.c: Remove unused functions.
1338 * lib/asn1/gen.c: Split into gen_encode, gen_decode, gen_free,
1339 gen_length, and gen_copy.
1341 Sun Mar 16 18:13:52 1997 Assar Westerlund <assar@sics.se>
1343 * lib/krb5/sendauth.c: implemented functionality
1345 * lib/krb5/rd_rep.c: Use `krb5_decrypt'
1347 * lib/krb5/cache.c (krb5_cc_get_name): return default if `id' ==
1350 * lib/krb5/principal.c (krb5_free_principal): added `context'
1351 argument. Changed all callers.
1353 (krb5_sname_to_principal): new function
1355 * lib/krb5/auth_context.c (krb5_free_authenticator): add `context'
1356 argument. Changed all callers
1358 * lib/krb5/{net_write.c,net_read.c,recvauth.c}: new files
1360 * lib/asn1/gen.c: Fix encoding and decoding of BitStrings
1362 Fri Mar 14 11:29:00 1997 Assar Westerlund <assar@sics.se>
1364 * configure.in: look for *dbm?
1366 * lib/asn1/gen.c: Fix filename in generated files. Check fopens.
1367 Put trailing newline in asn1_files.
1369 Fri Mar 14 05:06:44 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1371 * lib/krb5/get_in_tkt.c: Fix some memory leaks.
1373 * lib/krb5/krbhst.c: Properly free hostlist.
1375 * lib/krb5/decrypt.c: CRCs are 32 bits.
1377 Fri Mar 14 04:39:15 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1379 * lib/asn1/gen.c: Generate one file for each type.
1381 Fri Mar 14 04:13:47 1997 Assar Westerlund <assar@sics.se>
1383 * lib/asn1/gen.c: Generate `length_FOO' functions
1385 * lib/asn1/der_length.c: new file
1387 * kuser/klist.c: renamed stime -> printable_time to avoid conflict
1390 Fri Mar 14 03:37:23 1997 Johan Danielsson <joda@emma.pdc.kth.se>
1392 * lib/hdb/ndbm.c: Return NOENTRY if fetch fails. Don't free
1393 datums. Don't add .db to filename.
1395 Fri Mar 14 02:49:51 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1397 * kdc/dump.c: Database dump program.
1399 * kdc/ank.c: Trivial database editing program.
1401 * kdc/{kdc.c, load.c}: Use libhdb.
1403 * lib/hdb: New database routine library.
1405 * lib/krb5/error/Makefile.am: Add hdb_err.
1407 Wed Mar 12 17:41:14 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1409 * kdc/kdc.c: Rewritten AS, and somewhat more working TGS support.
1411 * lib/asn1/gen.c: Generate free functions.
1413 * Some specific free functions.
1415 Wed Mar 12 12:30:13 1997 Assar Westerlund <assar@sics.se>
1417 * lib/krb5/krb5_mk_req_ext.c: new file
1419 * lib/asn1/gen.c: optimize the case with a simple type
1421 * lib/krb5/get_cred.c (krb5_get_credentials): Use
1422 `mk_req_extended' and remove old code.
1424 * lib/krb5/get_in_tkt.c (decrypt_tkt): First try with an
1425 EncASRepPart, then with an EncTGSRepPart.
1427 Wed Mar 12 08:26:04 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1429 * lib/krb5/store_emem.c: New resizable memory storage.
1431 * lib/krb5/{store.c, store_fd.c, store_mem.c}: Split of store.c
1433 * lib/krb5/krb5.h: Add free entry to krb5_storage.
1435 * lib/krb5/decrypt.c: Make keyblock const.
1437 Tue Mar 11 20:22:17 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1439 * lib/krb5/krb5.h: Add EncTicketPart to krb5_ticket.
1441 * lib/krb5/rd_req.c: Return whole asn.1 ticket in
1444 * lib/krb5/get_in_tkt.c: TGS -> AS
1446 * kuser/kfoo.c: Print error string rather than number.
1448 * kdc/kdc.c: Some kind of non-working TGS support.
1450 Mon Mar 10 01:43:22 1997 Assar Westerlund <assar@sics.se>
1452 * lib/asn1/gen.c: reduced generated code by 1/5
1454 * lib/asn1/der_put.c: (der_put_length_and_tag): new function
1456 * lib/asn1/der_get.c (der_match_tag_and_length): new function
1458 * lib/asn1/der.h: added prototypes
1460 Mon Mar 10 01:15:43 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1462 * lib/krb5/krb5.h: Include <asn1_err.h>. Add prototype for
1463 krb5_rd_req_with_keyblock.
1465 * lib/krb5/rd_req.c: Add function krb5_rd_req_with_keyblock that
1466 takes a precomputed keyblock.
1468 * lib/krb5/get_cred.c: Use krb5_mk_req rather than inlined code.
1470 * lib/krb5/mk_req.c: Calculate checksum of in_data.
1472 Sun Mar 9 21:17:58 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1474 * lib/krb5/error/compile_et.awk: Add a declaration of struct
1475 error_list, and multiple inclusion block to header files.
1477 Sun Mar 9 21:01:12 1997 Assar Westerlund <assar@sics.se>
1479 * lib/krb5/rd_req.c: do some checks on times
1481 * lib/krb/{mk_priv.c, rd_priv.c, sendauth.c, decrypt.c,
1482 address.c}: new files
1484 * lib/krb5/auth_context.c: more code
1486 * configure.in: try to figure out timezone
1488 Sat Mar 8 11:41:07 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1490 * lib/krb5/error/error.c: Try strerror if error code wasn't found.
1492 * lib/krb5/get_in_tkt.c: Remove realm parameter from
1495 * lib/krb5/context.c: Initialize error table.
1497 * kdc: The beginnings of a kdc.
1499 Sat Mar 8 08:16:28 1997 Assar Westerlund <assar@sics.se>
1501 * lib/krb5/rd_safe.c: new file
1503 * lib/krb5/checksum.c (krb5_verify_checksum): New function
1505 * lib/krb5/get_cred.c: use krb5_create_checksum
1507 * lib/krb5/checksum.c: new file
1509 * lib/krb5/store.c: no more arithmetic with void*
1511 * lib/krb5/cache.c: now seems to work again
1513 Sat Mar 8 06:58:09 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1515 * lib/krb5/Makefile.am: Add asn1_glue.c and error/*.c to libkrb5.
1517 * lib/krb5/get_in_tkt.c: Moved some functions to asn1_glue.c.
1519 * lib/krb5/asn1_glue.c: Moved some asn1-stuff here.
1521 * lib/krb5/{cache,keytab}.c: Use new storage functions.
1523 * lib/krb5/krb5.h: Protypes for new storage functions.
1525 * lib/krb5/krb5.h: Make krb5_{ret,store}_* functions able to write
1526 data to more than file descriptors.
1528 Sat Mar 8 01:01:17 1997 Assar Westerlund <assar@sics.se>
1530 * lib/krb5/encrypt.c: New file.
1532 * lib/krb5/Makefile.am: More -I
1534 * configure.in: Test for big endian, random, rand, setitimer
1536 * lib/asn1/gen.c: perhaps even decodes bitstrings
1538 Thu Mar 6 19:05:29 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
1540 * lib/krb5/config_file.y: Better return values on error.
1542 Sat Feb 8 15:59:56 1997 Assar Westerlund <assar@pdc.kth.se>
1544 * lib/asn1/parse.y: ifdef HAVE_STRDUP
1546 * lib/asn1/lex.l: ifdef strdup
1547 brange-dead version of list of special characters to make stupid
1550 * lib/asn1/gen.c: A DER integer should really be a `unsigned'
1552 * lib/asn1/der_put.c: A DER integer should really be a `unsigned'
1554 * lib/asn1/der_get.c: A DER integer should really be a `unsigned'
1556 * lib/krb5/error/Makefile.am: It seems "$(SHELL) ./compile_et" is
1559 * lib/krb/mk_rep.c, lib/krb/rd_req.c, lib/krb/store.c,
1560 lib/krb/store.h: new files.
1562 * lib/krb5/keytab.c: now even with some functionality.
1564 * lib/asn1/gen.c: changed paramater from void * to Foo *
1566 * lib/asn1/der_get.c (der_get_octet_string): Fixed bug with empty
1569 Sun Jan 19 06:17:39 1997 Assar Westerlund <assar@pdc.kth.se>
1571 * lib/krb5/get_cred.c (krb5_get_credentials): Check for creds in
1572 cc before getting new ones.
1574 * lib/krb5/krb5.h (krb5_free_keyblock): Fix prototype.
1576 * lib/krb5/build_auth.c (krb5_build_authenticator): It seems the
1577 CRC should be stored LSW first. (?)
1579 * lib/krb5/auth_context.c: Implement `krb5_auth_con_getkey' and
1580 `krb5_free_keyblock'
1582 * lib/**/Makefile.am: Rename foo libfoo.a
1584 * include/Makefile.in: Use test instead of [
1585 -e does not work with /bin/sh on psoriasis
1587 * configure.in: Search for awk
1588 create lib/krb/error/compile_et
1590 Tue Jan 14 03:46:26 1997 Assar Westerlund <assar@pdc.kth.se>
1592 * lib/krb5/Makefile.am: replaced mit-crc.c by crc.c
1594 Wed Dec 18 00:53:55 1996 Johan Danielsson <joda@emma.pdc.kth.se>
1596 * kuser/kinit.c: Guess principal.
1598 * lib/krb5/error/compile_et.awk: Don't include krb5.h. Fix some
1601 * lib/krb5/error/asn1_err.et: Add ASN.1 error messages.
1603 * lib/krb5/mk_req.c: Get client from cache.
1605 * lib/krb5/cache.c: Add better error checking some useful return
1608 * lib/krb5/krb5.h: Fix krb5_auth_context.
1610 * lib/asn1/der.h: Make krb5_data compatible with krb5.h
1612 Tue Dec 17 01:32:36 1996 Johan Danielsson <joda@emma.pdc.kth.se>
1614 * lib/krb5/error: Add primitive error library.
1616 Mon Dec 16 16:30:20 1996 Johan Danielsson <joda@emma.pdc.kth.se>
1618 * lib/krb5/cache.c: Get correct address type from cache.
1620 * lib/krb5/krb5.h: Change int16 to int to be compatible with asn1.