8ee90eee7d
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19866 ec53bebd-3082-4978-b11e-865c3cabbd6b
194 lines
5.2 KiB
Plaintext
194 lines
5.2 KiB
Plaintext
2007-01-12 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* doc/hx509.texi: add Application requirements and write about
|
|
xmpp/jabber.
|
|
|
|
2007-01-11 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* doc/hx509.texi: More about issuing certificates.
|
|
|
|
* doc/hx509.texi: Start of a x.509 manual.
|
|
|
|
* include/Makefile.am: remove install headerfiles
|
|
|
|
* lib/krb5/test_pac.c: Use more interesting data to cause more
|
|
errors.
|
|
|
|
* include/Makefile.am: remove install headerfiles
|
|
|
|
* lib/krb5/mcache.c: MCC_CURSOR not used, remove.
|
|
|
|
* lib/krb5/crypto.c: macro kcrypto_oid_enc now longer used
|
|
|
|
* lib/krb5/rd_safe.c (krb5_rd_safe): set length before trying to
|
|
allocate data
|
|
|
|
2007-01-10 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* doc/setup.texi: Hint about hxtool validate.
|
|
|
|
* appl/test/uu_server.c: print both "server" and "client"
|
|
|
|
* kdc/krb5tgs.c: Rename keys to be more obvious what they do.
|
|
|
|
* kdc/kerberos5.c: Use other keys to sign PAC with. From Andrew
|
|
Bartlett
|
|
|
|
* kdc/windc.c: ident, spelling.
|
|
|
|
* kdc/windc_plugin.h: indent.
|
|
|
|
* kdc/krb5tgs.c: Pass down server entry to verify_pac function.
|
|
from Andrew Bartlett
|
|
|
|
* kdc/windc.c: pass down server entry to verify_pac function, from
|
|
Andrew Bartlett
|
|
|
|
* kdc/windc_plugin.h: pass down server entry to verify_pac
|
|
function, from Andrew Bartlett
|
|
|
|
* configure.in: Provide a automake symbol ENABLE_SHARED if shared
|
|
libraries are built.
|
|
|
|
* lib/krb5/rd_req.c (krb5_rd_req_ctx): Use the correct keyblock
|
|
when verifying the PAC. From Andrew Bartlett.
|
|
|
|
2007-01-09 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* lib/krb5/test_pac.c: move around to code test on real PAC.
|
|
|
|
* lib/krb5/pac.c: A tiny 2 char diffrence that make the code work
|
|
for real.
|
|
|
|
* lib/krb5/test_pac.c: Test more PAC (note that the values used in
|
|
this test is wrong, they have to be fixed when the pac code is
|
|
fixed).
|
|
|
|
* doc/setup.texi: Update to new hxtool issue-certificate usage
|
|
|
|
* lib/krb5/init_creds_pw.c: Make sure we don't sent both ENC-TS
|
|
and PK-INIT pa data, no need to expose our password protecting our
|
|
PKCS12 key.
|
|
|
|
* kuser/klist.c (print_cred_verbose): include ticket length in the
|
|
verbose output
|
|
|
|
2007-01-08 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* lib/krb5/acache.c (loadlib): pass RTLD_LAZY to dlopen, without
|
|
it linux is unhappy.
|
|
|
|
* lib/krb5/plugin.c (loadlib): pass RTLD_LAZY to dlopen, without
|
|
it linux is unhappy.
|
|
|
|
* lib/krb5/name-45-test.c: One of the hosts I sometimes uses is
|
|
named "bar.domain", this make one of the tests pass when it
|
|
shouldn't.
|
|
|
|
2007-01-05 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* doc/setup.texi: Change --key argument to --out-key.
|
|
|
|
* kuser/kimpersonate.1: mangle my name
|
|
|
|
2007-01-04 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* doc/setup.texi: describe how to use hx509 to create
|
|
certificates.
|
|
|
|
* tools/heimdal-build.sh: Add --distcheck.
|
|
|
|
* kdc/kerberos5.c: Check for KRB5_PADATA_PA_PAC_REQUEST to check
|
|
if we should include the PAC in the krbtgt.
|
|
|
|
* kdc/pkinit.c (_kdc_as_rep): check if
|
|
krb5_generate_random_keyblock failes.
|
|
|
|
* kdc/kerberos5.c (_kdc_as_rep): check if
|
|
krb5_generate_random_keyblock failes.
|
|
|
|
* kdc/krb5tgs.c (tgs_build_reply): check if
|
|
krb5_generate_random_keyblock failes.
|
|
|
|
* kdc/krb5tgs.c: Scope etype.
|
|
|
|
* lib/krb5/rd_req.c: Make it possible to turn off PAC check, its
|
|
default on.
|
|
|
|
* lib/krb5/rd_req.c (krb5_rd_req_ctx): If there is a PAC, verify
|
|
its server signature.
|
|
|
|
* kdc/kerberos5.c (_kdc_as_rep): call windc client access hook.
|
|
(_kdc_tkt_add_if_relevant_ad): constify in data argument.
|
|
|
|
* kdc/windc_plugin.h: More comments add a client_access hook.
|
|
|
|
* kdc/windc.c: Add _kdc_windc_client_access.
|
|
|
|
* kdc/krb5tgs.c: rename functions after export some more pac
|
|
functions.
|
|
|
|
* lib/krb5/test_pac.c: export some more pac functions.
|
|
|
|
* lib/krb5/pac.c: export some more pac functions.
|
|
|
|
* kdc/krb5tgs.c: Resign the PAC in tgsreq if we have a PAC.
|
|
|
|
* configure.in: add tests/plugin/Makefile
|
|
|
|
2007-01-03 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* kdc/krb5tgs.c: Get right key for PAC krbtgt verification.
|
|
|
|
* kdc/config.c: spelling
|
|
|
|
* lib/krb5/krb5.h: typedef for krb5_pac.
|
|
|
|
* kdc/headers.h: Include <windc_plugin.h>.
|
|
|
|
* kdc/Makefile.am: Include windc.c and use windc_plugin.h
|
|
|
|
* kdc/krb5tgs.c: Call callbacks for emulating a Windows Domain
|
|
Controller.
|
|
|
|
* kdc/kerberos5.c: Call callbacks for emulating a Windows Domain
|
|
Controller. Move the some of the log related stuff to its own
|
|
function.
|
|
|
|
* kdc/config.c: Init callbacks for emulating a Windows Domain
|
|
Controller.
|
|
|
|
* kdc/windc.c: Rename the init function to windc instead of pac.
|
|
|
|
* kdc/windc.c: Callbacks specific to emulating a Windows Domain
|
|
Controller.
|
|
|
|
* kdc/windc_plugin.h: Callbacks specific to emulating a Windows
|
|
Domain Controller.
|
|
|
|
* lib/krb5/Makefile.am: add krb5_HEADERS to build_HEADERZ
|
|
|
|
* lib/krb5/pac.c: Support all keyed checksum types.
|
|
|
|
2007-01-02 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* lib/krb5/pac.c (krb5_pac_get_types): Return list of types.
|
|
|
|
* lib/krb5/test_pac.c: test krb5_pac_get_types
|
|
|
|
* lib/krb5/krbhst.c: Add KRB5_KRBHST_KCA.
|
|
|
|
* lib/krb5/krbhst.c: Add KRB5_KRBHST_KCA.
|
|
|
|
* lib/krb5/krb5.h: Add KRB5_KRBHST_KCA.
|
|
|
|
* lib/krb5/test_pac.c: test Add/remove pac buffer functions.
|
|
|
|
* lib/krb5/pac.c: Add/remove pac buffer functions.
|
|
|
|
* lib/krb5/pac.c: sprinkle const
|
|
|
|
* lib/krb5/pac.c: rename DCHECK to CHECK
|
|
|
|
* Happy New Year.
|