2005-01-24 Luke Howard * lib/krb5/init_creds_pw.c: allow NULL in_options to be passed krb5_get_init_creds_password() * kdc/kerberos5.c: don't crash when logging no server etype support if client == NULL 2005-01-17 Love Hörnquist Åstrand * kdc/kstash.c: s/random_key/random_key_flag/, From Dave Love 2005-01-12 Love Hörnquist Åstrand * doc/apps.texi: Texinfo fixes. Text about irix 6.5 using PAM. From: Dave Love 2005-01-08 Love Hörnquist Åstrand * lib/krb5/verify_krb5_conf.c: cast argument to isdigit to unsigned char * lib/krb5/keytab_keyfile.c: cast argument to toupper to unsigned char * lib/asn1/hash.c (hashcaseadd): cast argument to toupper to unsigned char * appl/kf/kfd.c (kfd_match_version): cast argument to islower to unsigned char * lib/krb5/krb5.3: drop krb5_{checksum,enctype}_is_disabled * lib/krb5/krb5_encrypt.3: drop krb5_enctype_is_disabled, more text about krb5_enctype_valid * lib/krb5/krb5_create_checksum.3: drop krb5_checksum_is_disabled * lib/krb5/crypto.c: drop krb5_{checksum,enctype}_isdisabled * lib/krb5/context.c: krb5_enctype_is_disabled is the same thing as krb5_enctype_valid, so use the later since its older and the api doesn't really need another entry point * lib/krb5/rd_req.c: krb5_enctype_is_disabled is the same thing as krb5_enctype_valid, so use the later since its older and the api doesn't really need another entry point * kdc/kerberos5.c: krb5_enctype_is_disabled is the same thing as krb5_enctype_valid, so use the later since its older and the api doesn't really need another entry point 2005-01-05 Love Hörnquist Åstrand * kpasswd/kpasswdd.8: document --addresses, controls what addresses kpasswd should listen too * kpasswd/kpasswdd.c: add --addresses, controls what addresses kpasswd should listen too * lib/krb5/addr_families.c (krb5_parse_address): filter out dup addresses from getaddrinfo * kpasswd/kpasswd.1: document -c * kpasswd/kpasswd.c: allow specifying a credential cache to use for the admin principal * include/bits.c: constify to avoid warning with -Wwrite-string * NEWS: add 0.6.2 and 0.6.3 items * lib/krb5/krb5_keyblock.3: document krb5_generate_subkey_extended * lib/krb5/krb5_is_thread_safe.3: document function * lib/krb5/Makefile.am (man_MANS) += krb5_is_thread_safe.3 * lib/krb5/context.c (krb5_is_thread_safe): return TRUE is the library was compiled with multithreading support. If not, application must global lock the library, it it uses threads that call kerberos functions at the same time. 2005-01-05 Luke Howard * lib/krb5/auth_context.c: use krb5_generate_subkey_extended() * lib/krb5/appdefault.c: remove redundant KRB5_LIB_FUNCTION * lib/krb5/build_auth.c: support for enctype negotiation (client sends EtypeList in Authenticator authz data) * lib/krb5/context.c: mutex should be destroyed last in krb5_free_context() * lib/krb5/generate_subkey.c: add krb5_generate_subkey_extended(), set *subkey to NULL if key geneartion fails * lib/krb5/krb5.h: add KRB5_KU_PA_SERVER_REFERRAL_DATA * lib/krb5/mk_req_ext.c: support ETYPE_ARCFOUR_HMAC_MD5_56 * lib/krb5/rd_req.c: support for enctype negotiation (client sends EtypeList in Authenticator authz data) 2005-01-04 Luke Howard * lib/asn1/k5.asn1: add authorization data types for enctype negotiation implementation 2005-01-04 Love Hörnquist Åstrand * lib/krb5/changepw.c (change_password_loop): on failing to find a kdc, set result_code to KRB5_KPASSWD_HARDERROR 2005-01-01 Love Hörnquist Åstrand * doc/heimdal.texi: Happy New Year