6bc11e98ea
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14547 ec53bebd-3082-4978-b11e-865c3cabbd6b
162 lines
4.7 KiB
Plaintext
162 lines
4.7 KiB
Plaintext
2005-02-02 Luke Howard <lukeh@padl.com>
|
|
|
|
* configure.in: generate kcm/Makefile
|
|
|
|
* Makefile.am: recurse into kcm/ if KCM defined
|
|
|
|
* kcm: add KCM daemon
|
|
|
|
2005-02-02 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* lib/krb5/send_to_kdc.c (send_and_recv_udp): make private again
|
|
|
|
* lib/krb5/kcm.c: use AF_UNIX like the rest of the codebase, add
|
|
some more error strings
|
|
|
|
2005-02-02 Luke Howard <lukeh@padl.com>
|
|
|
|
* configure.in: add --enable-kcm option for Kerberos
|
|
Credentials Manager (KCM)
|
|
|
|
* lib/krb5/Makefile.am: add kcm.c
|
|
|
|
* lib/krb5/cache.c: use cc_retrieve_cred if present rather
|
|
than enumerating ccache
|
|
|
|
* lib/krb5/context.c: register KCM cc_ops
|
|
|
|
* lib/krb5/get_cred.c: pass all options to cc_retrieve_cred
|
|
|
|
* lib/krb5/init_creds_pw.c: add krb5_get_init_creds_keyblock
|
|
|
|
* lib/krb5/kcm.[ch]: add initial implementation of KCM
|
|
client library
|
|
|
|
* lib/krb5/krb5.h: fix cc_retrieve prototype, add KCM cc_ops
|
|
|
|
* lib/krb5/send_to_kdc.c: add _krb5_send_and_recv_tcp
|
|
|
|
* lib/krb5/store.c: add krb5_store_creds_tag, krb5_ret_creds_tag
|
|
|
|
2005-01-24 Luke Howard <lukeh@padl.com>
|
|
|
|
* lib/krb5/init_creds_pw.c: allow NULL in_options to be passed
|
|
krb5_get_init_creds_password()
|
|
|
|
* kdc/kerberos5.c: don't crash when logging no server etype
|
|
support if client == NULL
|
|
|
|
2005-01-17 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* kdc/kstash.c: s/random_key/random_key_flag/, From Dave Love
|
|
<d.love@dl.ac.uk>
|
|
|
|
2005-01-12 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* doc/apps.texi: Texinfo fixes. Text about irix 6.5 using
|
|
PAM. From: Dave Love <d.love@dl.ac.uk>
|
|
|
|
2005-01-08 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* lib/krb5/verify_krb5_conf.c: cast argument to isdigit to
|
|
unsigned char
|
|
|
|
* lib/krb5/keytab_keyfile.c: cast argument to toupper to unsigned
|
|
char
|
|
|
|
* lib/asn1/hash.c (hashcaseadd): cast argument to toupper to
|
|
unsigned char
|
|
|
|
* appl/kf/kfd.c (kfd_match_version): cast argument to islower to
|
|
unsigned char
|
|
|
|
* lib/krb5/krb5.3: drop krb5_{checksum,enctype}_is_disabled
|
|
|
|
* lib/krb5/krb5_encrypt.3: drop krb5_enctype_is_disabled, more
|
|
text about krb5_enctype_valid
|
|
|
|
* lib/krb5/krb5_create_checksum.3: drop
|
|
krb5_checksum_is_disabled
|
|
|
|
* lib/krb5/crypto.c: drop krb5_{checksum,enctype}_isdisabled
|
|
|
|
* lib/krb5/context.c: krb5_enctype_is_disabled is the same thing
|
|
as krb5_enctype_valid, so use the later since its older and the
|
|
api doesn't really need another entry point
|
|
|
|
* lib/krb5/rd_req.c: krb5_enctype_is_disabled is the same thing as
|
|
krb5_enctype_valid, so use the later since its older and the api
|
|
doesn't really need another entry point
|
|
|
|
* kdc/kerberos5.c: krb5_enctype_is_disabled is the same thing as
|
|
krb5_enctype_valid, so use the later since its older and the api
|
|
doesn't really need another entry point
|
|
|
|
2005-01-05 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* kpasswd/kpasswdd.8: document --addresses, controls what
|
|
addresses kpasswd should listen too
|
|
|
|
* kpasswd/kpasswdd.c: add --addresses, controls what addresses
|
|
kpasswd should listen too
|
|
|
|
* lib/krb5/addr_families.c (krb5_parse_address): filter out dup
|
|
addresses from getaddrinfo
|
|
|
|
* kpasswd/kpasswd.1: document -c
|
|
|
|
* kpasswd/kpasswd.c: allow specifying a credential cache to use
|
|
for the admin principal
|
|
|
|
* include/bits.c: constify to avoid warning with -Wwrite-string
|
|
|
|
* NEWS: add 0.6.2 and 0.6.3 items
|
|
|
|
* lib/krb5/krb5_keyblock.3: document krb5_generate_subkey_extended
|
|
|
|
* lib/krb5/krb5_is_thread_safe.3: document function
|
|
|
|
* lib/krb5/Makefile.am (man_MANS) += krb5_is_thread_safe.3
|
|
|
|
* lib/krb5/context.c (krb5_is_thread_safe): return TRUE is the
|
|
library was compiled with multithreading support. If not,
|
|
application must global lock the library, it it uses threads that
|
|
call kerberos functions at the same time.
|
|
|
|
2005-01-05 Luke Howard <lukeh@padl.com>
|
|
|
|
* lib/krb5/auth_context.c: use krb5_generate_subkey_extended()
|
|
|
|
* lib/krb5/appdefault.c: remove redundant KRB5_LIB_FUNCTION
|
|
|
|
* lib/krb5/build_auth.c: support for enctype negotiation
|
|
(client sends EtypeList in Authenticator authz data)
|
|
|
|
* lib/krb5/context.c: mutex should be destroyed last in
|
|
krb5_free_context()
|
|
|
|
* lib/krb5/generate_subkey.c: add krb5_generate_subkey_extended(),
|
|
set *subkey to NULL if key geneartion fails
|
|
|
|
* lib/krb5/krb5.h: add KRB5_KU_PA_SERVER_REFERRAL_DATA
|
|
|
|
* lib/krb5/mk_req_ext.c: support ETYPE_ARCFOUR_HMAC_MD5_56
|
|
|
|
* lib/krb5/rd_req.c: support for enctype negotiation
|
|
(client sends EtypeList in Authenticator authz data)
|
|
|
|
2005-01-04 Luke Howard <lukeh@padl.com>
|
|
|
|
* lib/asn1/k5.asn1: add authorization data types for enctype
|
|
negotiation implementation
|
|
|
|
2005-01-04 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* lib/krb5/changepw.c (change_password_loop): on failing to find a
|
|
kdc, set result_code to KRB5_KPASSWD_HARDERROR
|
|
|
|
2005-01-01 Love Hörnquist Åstrand <lha@it.su.se>
|
|
|
|
* doc/heimdal.texi: Happy New Year
|
|
|