oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
Files
a615263222b3cba41a6545eb0237ba593d7d1aec
heimdal/ChangeLog
Love Hörnquist Åstrand a615263222 x 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16831 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-03-27 12:51:09 +00:00

180 lines
5.5 KiB
Plaintext
Raw Blame History

2006-03-27 Love Hörnquist Åstrand <lha@it.su.se>
* tools/krb5-config.in: Add hx509 when using PK-INIT.
* tools/Makefile.am: Add hx509 when using PK-INIT.
2006-03-26 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/acache.c: Use ticket flags definition, might fix Mac OS
X Kerberos.app problems.
* lib/krb5/krb5_ccapi.h: Add ticket flags definitions
* lib/krb5/pkinit.c: Use less openssl, spell chelling.
* kdc/pkinit.c (pk_mk_pa_reply_dh): encode the DH public key with
asn1 wrapping
* configure.in (AC_CONFIG_FILES): add lib/hx509/Makefile
* lib/Makefile.am: Add hx509.
* lib/krb5/Makefile.am: Add libhx509.la when PKINIT is used.
* configure.in: define automake PKINIT variable
* kdc/pkinit.c: Switch to hx509.
* lib/krb5/pkinit.c: Switch to hx509.
2006-03-24 Love Hörnquist Åstrand <lha@it.su.se>
* kdc/kerberos5.c (log_patypes): log the patypes requested by the
client
2006-03-23 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/pkinit.c (_krb5_pk_rd_pa_reply): pass down the
req_buffer in the w2k case too. From Douglas E. Engert.
2006-03-19 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/mk_req_ext.c (_krb5_mk_req_internal): on failure, goto
error handling. Fixes Coverity NetBSD CID 2591 by catching a
failing krb5_copy_keyblock()
2006-03-17 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/addr_families.c (krb5_free_addresses): reset val,len in
address when free-ing. Fixes Coverity NetBSD bug #2605
(krb5_parse_address): reset val,len before possibly return errors
Fixes Coverity NetBSD bug #2605
2006-03-07 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/send_to_kdc.c (recv_loop): it should never happen, but
make sure nbytes > 0
* lib/krb5/get_for_creds.c (add_addrs): handle the case where
addr->len == 0 and n == 0, then realloc might return NULL.
* lib/krb5/crypto.c (decrypt_*): handle the case where the
plaintext is 0 bytes long, realloc might then return NULL.
2006-02-28 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/krb5_string_to_key.3: Drop krb5_string_to_key_derived.
* lib/krb5/krb5.3: Remove krb5_string_to_key_derived.
* lib/krb5/crypto.c (AES_string_to_key): drop _krb5_PKCS5_PBKDF2
and use PKCS5_PBKDF2_HMAC_SHA1 instead.
* lib/krb5/aes-test.c: reformat, avoid free-ing un-init'd memory
* lib/krb5/aes-test.c: Only use PKCS5_PBKDF2_HMAC_SHA1.
2006-02-27 Johan Danielsson <joda@pdc.kth.se>
* doc/setup.texi: remove cartouches - we don't use them anywhere
else, they should be around the example, not inside it, and
probably shouldn't be used in html at all
2006-02-18 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/krb5_warn.3: Document that applications want to use
krb5_get_error_message, add example.
2006-02-16 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/crypto.c (krb5_generate_random_block): check return
value from RAND_bytes
* lib/krb5/error_string.c: Change indentation, update (c)
2006-02-14 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/pkinit.c: Make struct krb5_dh_moduli available when
compiling w/o pkinit.
2006-02-13 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/pkinit.c: update to new paChecksum definition, update
the dhgroup handling
* kdc/pkinit.c: update to new paChecksum definition, use
hdb_entry_ex
2006-02-09 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/krb5_locl.h: Move Configurable options to last in the
file.
* lib/krb5/krb5_locl.h: Wrap KRB5_ADDRESSLESS_DEFAULT with #ifndef
2006-02-03 Love Hörnquist Åstrand <lha@it.su.se>
* kpasswd/kpasswdd.c: Send back a better error-message to the
client in case the password change was rejected.
* lib/krb5/krb5_warn.3: Document krb5_get_error_message.
* lib/krb5/error_string.c (krb5_get_error_message): new function,
and combination of krb5_get_error_string and krb5_get_err_text
* lib/krb5/krb5.3: sort, and krb5_get_error_message
* lib/hdb/hdb-ldap.c: Log the filter string to the error message
when doing searches.
* lib/krb5/init_creds.c (krb5_get_init_creds_opt_set_default_flags):
Use KRB5_ADDRESSLESS_DEFAULT when
checking [appdefault]no-addresses.
* lib/krb5/get_cred.c (get_cred_from_kdc_flags): Use
KRB5_ADDRESSLESS_DEFAULT when checking
[appdefault]no-addresses.
* lib/krb5/get_for_creds.c (krb5_get_forwarded_creds):
Use [appdefault]no-addresses before checking if the krbtgt is
address-less, use KRB5_ADDRESSLESS_DEFAULT.
* lib/krb5/krb5_locl.h: Introduce KRB5_ADDRESSLESS_DEFAULT that
controlls all address-less behavior. Defaults to false.
2006-02-01 Love Hörnquist Åstrand <lha@it.su.se>
* lib/krb5/n-fold-test.c: main is not a KRB5_LIB_FUNCTION
* lib/krb5/mk_priv.c (krb5_mk_priv): abort if ASN1_MALLOC_ENCODE
failes to produce the matching lenghts.
2006-01-27 Love Hörnquist Åstrand <lha@it.su.se>
* kcm/protocol.c (kcm_op_retrieve): remove unused variable
2006-01-15 Love Hörnquist Åstrand <lha@it.su.se>
* tools/krb5-config.in: Move depenency on @LIB_dbopen@ to
kadm-server, kerberos library doesn't depend on db-library.
2006-01-13 Love Hörnquist Åstrand <lha@it.su.se>
* include/Makefile.am: Don't clean crypto headers, they now live
in hcrypto/. Add hcrypto to SUBDIRS.
* include/hcrypto/Makefile.am: clean installed headers
* include/make_crypto.c: include crypto headers from hcrypto/
* include/make_crypto.c: Include more crypto headerfiles. Remove
support for old hash names.
2006-01-02 Love Hörnquist Åstrand <lha@it.su.se>
* kdc/misc.c (_kdc_db_fetch): use calloc to allocate the entry,
from Andrew Bartlet.
* Happy New Year.
Reference in New Issue View Git Blame Copy Permalink