| blob | 46e4c17b33adbb9c709f374bdafa113d12b6a15f |
1 2008-03-25 Love Hörnquist Åstrand <lha@it.su.se>
3 * lib/krb5/fcache.c: Make erase_file() to locking too.
5 * kcm/protocol.c: Make work when moving to a non-existant
6 cred-cache.
8 * lib/krb5/test_cc.c: more verbose info.
10 * lib/krb5/test_cc.c: test krb5_cc_move().
12 2008-03-23 Love Hörnquist Åstrand <lha@it.su.se>
14 * lib/krb5/get_cred.c: Try both kdc server referral and the old
15 client chasing mode.
17 * lib/krb5/get_cred.c: Don't do canonicalize by default, make
18 add_cred() sane, make loop detection in credential fetching
19 better.
21 * lib/krb5/krb5_locl.h: Add flag EXTRACT_TICKET_AS_REQ.
23 * lib/krb5/init_creds_pw.c: Tell _krb5_extract_ticket that this is
24 an AS-REQ.
26 * lib/krb5/get_in_tkt.c: Make server referral work.
28 2008-03-22 Love Hörnquist Åstrand <lha@it.su.se>
30 * lib/krb5/get_in_tkt.c: check no server referral, don't use
31 stringent length tests since encryption layer does padding for
32 us...
34 * kdc/kerberos5.c: Match name in ClientCanonicalizedNames with -10
36 * lib/krb5/principal.c (_krb5_principal_compare_PrincipalName):
37 new function to compare a principal to a PrincipalName.
39 * lib/krb5/init_creds_pw.c: Move client referral checking to
40 _krb5_extract_ticket().
42 * lib/krb5/get_in_tkt.c: More bits for server referral.
44 * lib/krb5/get_in_tkt.c: Make working with client referrals.
46 * lib/krb5/get_cred.c: Try moving referrals checking into
47 _krb5_extract_ticket().
49 * lib/krb5/get_in_tkt.c: Try moving referrals checking into
50 _krb5_extract_ticket().
52 2008-03-21 Love Hörnquist Åstrand <lha@it.su.se>
54 * kdc/krb5tgs.c: Send SERVER-REFERRAL data in rep.padata instead
55 of auth_data in ticket.
57 2008-03-20 Love Hörnquist Åstrand <lha@it.su.se>
59 * lib/krb5/init_creds_pw.c: remove lost bits from using
60 krb5_principal_set_realm
62 * kdc/krb5tgs.c: Better referrals support, use canonicalize flag.
64 * kdc/hprop.c: use krb5_principal_set_realm
66 * lib/krb5/init_creds_pw.c: use krb5_principal_set_realm
68 * lib/krb5/verify_user.c: use krb5_principal_set_realm
70 * lib/krb5/version-script.map: add krb5_principal_set_realm
72 * lib/krb5/principal.c: add krb5_principal_set_realm
74 * lib/krb5/get_cred.c: Insecure tgs referrals.
76 * lib/krb5/get_cred.c: Dont try key usage KRB5_KU_AP_REQ_AUTH for
77 TGS-REQ. This drop compatibility with pre 0.3d KDCs.
79 * lib/krb5/get_cred.c: catch KRB5_GC_CANONICALIZE.
81 * lib/krb5/krb5.h: set KRB5_GC_CANONICALIZE.
83 * kuser/kgetcred.c: set KRB5_GC_CANONICALIZE.
85 * kuser/kgetcred.c: Add stub --canonicalize implementation.
87 2008-03-19 Love Hörnquist Åstrand <lha@it.su.se>
89 * doc/setup.texi: Fix sasl-regexp, from Howard Chu.
91 2008-03-14 Love Hörnquist Åstrand <lha@it.su.se>
93 * kdc/kx509.c: Adapt to hx509_env changes.
95 2008-03-10 Love Hörnquist Åstrand <lha@it.su.se>
97 * lib/krb5/pkinit.c: Try searchin the key by to use by first
98 looking for for PK-INIT EKU, then the Microsoft smart card EKU and
99 last, no special EKU at all.
101 2008-03-09 Love Hörnquist Åstrand <lha@it.su.se>
103 * lib/krb5/acache.c: Create a new credential cache is ->get_name
104 is called, make acc_initialize() reset the existing credential
105 cache if needed.
107 * lib/krb5/acache.c (acc_get_name): just return the cache_name
108 directly instead of trying to resolve it.
110 2008-02-23 Love Hörnquist Åstrand <lha@it.su.se>
112 * include/Makefile.am (CLEANFILES): add wind.h and wind_err.h and
113 sort.
115 2008-02-11 Love Hörnquist Åstrand <lha@it.su.se>
117 * lib/hdb/hdb-ldap.c: Use malloc() instead of static buffer.
119 * lib/hdb/hdb-ldap.c: Use ldap_get_values_len, from LaMont Jones
120 via Brian May and Debian.
122 * doc/Makefile.am: add libwind
124 2008-02-05 Love Hörnquist Åstrand <lha@it.su.se>
126 * lib/krb5/test_renew.c: Remove extra ;, From Dennis Davis.
128 * lib/krb5/store_emem.c: Make compile on-pre c99 compilers. From
129 Dennis Davis.
131 2008-02-03 Love Hörnquist Åstrand <lha@it.su.se>
133 * tools/heimdal-gssapi.pc.in: Add wind.
135 * tools/krb5-config.in: Add wind.
137 * lib/krb5/pac.c: Use libwind.
139 2008-02-01 Love Hörnquist Åstrand <lha@it.su.se>
141 * lib/Makefile.am: SUBDIRS: add wind
143 2008-01-29 Love Hörnquist Åstrand <lha@it.su.se>
145 * doc/programming.texi: See the Kerberos 5 API introduction and
146 documentation on the Heimdal webpage.
148 2008-01-27 Love Hörnquist Åstrand <lha@it.su.se>
150 * lib/krb5: better error strings for the keytab fetching functions
152 * lib/krb5/verify_krb5_conf.c: Catch deprecated entries.
154 * lib/krb5/get_cred.c: Remove support
155 for [libdefaults]capath (not [libdefaults] capaths though).
157 2008-01-25 Love Hörnquist Åstrand <lha@it.su.se>
159 * tools/heimdal-gssapi.pc.in: Fix caps of prefix, from Joakim
160 Fallsjo.
162 2008-01-24 Love Hörnquist Åstrand <lha@it.su.se>
164 * lib/krb5/fcache.c (fcc_move): more explict why the fcc_move
165 failes, handle cross device moves.
167 2008-01-21 Love Hörnquist Åstrand <lha@it.su.se>
169 * lib/krb5/get_for_creds.c: Use on variable less.
171 * lib/krb5/get_for_creds.c: Try to handle ticket full and
172 ticketless tickets better. Add doxygen comments while here.
174 * lib/krb5/test_forward.c: Used for testing
175 krb5_get_forwarded_creds().
177 * lib/krb5/Makefile.am: noinst_PROGRAMS += test_forward
179 * lib/krb5/Makefile.am: drop CHECK_SYMBOLS
181 * lib/hdb/Makefile.am: drop CHECK_SYMBOLS
183 * kdc/Makefile.am: drop CHECK_SYMBOLS
185 2008-01-18 Love Hörnquist Åstrand <lha@it.su.se>
187 * lib/krb5/version-script.map: Add krb5_digest_probe.
189 2008-01-13 Love Hörnquist Åstrand <lha@it.su.se>
191 * lib/krb5/pkinit.c: Replace hx509_name_to_der_name with
192 hx509_name_binary.
194 2008-01-12 Love Hörnquist Åstrand <lha@it.su.se>
196 * lib/krb5/Makefile.am: add missing files
198 * Happy new year.