summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal/ChangeLog
blob: 4773b9893d69a98ed20660a5af70deb9b0463aa2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
2002-10-21  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/store_emem.c: pull up 1.13; limit how much we allocate

	* lib/krb5/principal.c: pull up 1.82; don't allow trailing
	backslashes in components

	* lib/krb5/keytab_keyfile.c: pull up 1.15; more strcspn

	* lib/krb5/keytab_any.c: pull up 1.7; properly close the open
	keytabs

	* kdc/connect.c: pull up 1.87; check that %-quotes are followed by
	two hex digits

	* lib/krb5/prompter_posix.c: pull up 1.7; use strcspn to convert
	the newline to NUL in fgets results.

	* lib/krb5/kuserok.c: pull up 1.6; use strcspn to convert the
	newline to NUL in fgets results.

	* lib/krb5/keytab_file.c: pull up 1.12; check return value from
	start_seq_get

	* lib/krb5/context.c: pull up 1.82; return ENXIO instead of ENOENT
	when "unconfigured"

	* lib/krb5/changepw.c: pull up 1.38; fix reply length check
	calculation

	* kuser/klist.c: pull up 1.68; allow tokens up to size of buffer

	* kdc/kaserver.c: pull up 1.21; make sure life is positive

	* fix-export: pull up 1.28; remove autom4ate.cache

2002-09-10  Johan Danielsson  <joda@pdc.kth.se>

	* Release 0.5

	* include/make_crypto.c: don't use function macros if possible

	* lib/krb5/krb5_locl.h: get limits.h for UINT_MAX

	* include/Makefile.am: use make_crypto to create crypto-headers.h

	* include/make_crypto.c: crypto header generation tool

	* configure.in: move crypto test to just after testing for krb4,
	and move roken tests to after both, this speeds up various failure
	cases with krb4

	* lib/krb5/config_file.c: don't use NULL when we mean 0

	* configure.in: we don't set package_libdir anymore, so no point
	in testing for it

	* tools/Makefile.am: subst INCLUDE_des

	* tools/krb5-config.in: add INCLUDE_des to cflags

	* configure.in: use AC_CONFIG_SRCDIR

	* fix-export: remove some unneeded stuff

	* kuser/kinit.c (do_524init): free principals

2002-09-09  Jacques Vidrine  <nectar@kth.se>

	* kdc/kerberos5.c (get_pa_etype_info, fix_transited_encoding),
	kdc/kaserver.c (krb5_ret_xdr_data),
	lib/krb5/transited.c (krb5_domain_x500_decode): Validate some
	counts: Check that they are non-negative, and that they are small
	enough to avoid integer overflow when used in memory allocation
	calculations.  Potential problem areas pointed out by 
	Sebastian Krahmer <krahmer@suse.de>.

	* lib/krb5/keytab_keyfile.c (akf_add_entry): Use O_EXCL when
	creating a new keyfile.

2002-09-09  Johan Danielsson  <joda@pdc.kth.se>

	* configure.in: don't try to build pam module

2002-09-05  Johan Danielsson  <joda@pdc.kth.se>

	* appl/kf/kf.c: fix warning string

	* lib/krb5/log.c (krb5_vlog_msg): delay message formating till we
	know we need it

2002-09-04  Assar Westerlund  <assar@kth.se>

	* kdc/kerberos5.c (encode_reply): correct error logging

2002-09-04  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/sendauth.c: close ccache if we opened it

	* appl/kf/kf.c: handle new protocol

	* appl/kf/kfd.c: use krb5_err instead of sysloging directly,
	handle the new protocol, and bail out if an old client tries to
	connect

	* appl/kf/kf_locl.h: we need a protocol version string

	* lib/hdb/hdb-ldap.c: use ASN1_MALLOC_ENCODE

	* kdc/kerberos5.c: use ASN1_MALLOC_ENCODE

	* kdc/hprop.c: set AP_OPTS_USE_SUBKEY

	* lib/hdb/common.c: use ASN1_MALLOC_ENCODE

	* lib/asn1/gen.c: add convenience macro that allocates a buffer
	and encoded into that

	* lib/krb5/get_cred.c (init_tgs_req): use
	in_creds->session.keytype literally instead of trying to convert
	to a list of enctypes (it should already be an enctype)
	
	* lib/krb5/get_cred.c (init_tgs_req): init ret

2002-09-03  Johan Danielsson  <joda@pdc.kth.se>

	* lib/asn1/k5.asn1: remove ETYPE_DES3_CBC_NONE_IVEC

	* lib/krb5/krb5.h: remove ENCTYPE_DES3_CBC_NONE_IVEC

	* lib/krb5/crypto.c: get rid of DES3_CBC_encrypt_ivec, just use
	zero ivec in DES3_CBC_encrypt if passed ivec is NULL

	* lib/krb5/Makefile.am: back out 1.144, since it will re-create
	krb5-protos.h at build-time, which requires perl, which is bad

	* lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): don't
	blindly use the local subkey

	* lib/krb5/crypto.c: add function krb5_crypto_getblocksize that
	extracts the required blocksize from a crypto context

	* lib/krb5/build_auth.c: just get the length of the encoded
	authenticator instead of trying to grow a buffer

2002-09-03  Assar Westerlund  <assar@kth.se>

	* configure.in: add --disable-mmap option, and tests for
	sys/mman.h and mmap

2002-09-03  Jacques Vidrine  <nectar@kth.se>

	* lib/krb5/changepw.c: verify lengths in response

	* lib/asn1/der_get.c (decode_integer, decode_unsigned): check for
	truncated integers

2002-09-02  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/mk_req_ext.c: generate a local subkey if
	AP_OPTS_USE_SUBKEY is set

	* lib/krb5/build_auth.c: we don't have enough information about
	whether to generate a local subkey here, so don't try to

	* lib/krb5/auth_context.c: new function
	krb5_auth_con_generatelocalsubkey

	* lib/krb5/get_in_tkt.c: only set kdc_sec_offset if looking at an
	initial ticket

	* lib/krb5/context.c (init_context_from_config_file): simplify
	initialisation of srv_lookup

	* lib/krb5/changepw.c (send_request): set AP_OPTS_USE_SUBKEY

	* lib/krb5/krb5.h: add AP_OPTS_USE_SUBKEY

2002-08-30  Assar Westerlund  <assar@kth.se>

	* lib/krb5/name-45-test.c: also test krb5_524_conv_principal
	* lib/krb5/Makefile.am (TESTS): add name-45-test
	* lib/krb5/name-45-test.c: add testcases for
	krb5_425_conv_principal

2002-08-29  Assar Westerlund  <assar@kth.se>

	* lib/krb5/parse-name-test.c: also test unparse_short functions
	* lib/asn1/asn1_print.c: use com_err/error_message API
	* lib/krb5/Makefile.am: add parse-name-test
	* lib/krb5/parse-name-test.c: add a program for testing parsing
	and unparsing principal names

2002-08-28  Assar Westerlund  <assar@kth.se>

	* kdc/config.c: add missing ifdef DAEMON

2002-08-28  Johan Danielsson  <joda@pdc.kth.se>

	* configure.in: use rk_SUNOS

	* kdc/config.c: add detach options

	* kdc/main.c: maybe detach from console?

	* kdc/kdc.8: markup changes

	* configure.in: AC_TEST_PACKAGE_NEW -> rk_TEST_PACKAGE

	* configure.in: use rk_TELNET, rename some other macros, and don't
	add -ldes to krb4 link command

	* kuser/kinit.1: whitespace fix (from NetBSD)

	* include/bits.c: we may need unistd.h for ssize_t

2002-08-26  Assar Westerlund  <assar@kth.se>

	* lib/krb5/principal.c (krb5_425_conv_principal_ext): lookup AAAA
	rrs before A ones when using the resolver to verify a mapping,
	also use getaddrinfo when resolver is not available

	* lib/hdb/keytab.c (find_db): const-correctness in parameters to
	krb5_config_get_next

	* lib/asn1/gen.c: include <string.h> in the generated files (for
	memset)

2002-08-22  Assar Westerlund  <assar@kth.se>

	* lib/krb5/test_get_addrs.c, lib/krb5/krbhst-test.c: make it use
	getarg so that it can handle --help and --version (and thus make
	check can pass)

	* lib/asn1/check-der.c: make this build again

2002-08-22  Assar Westerlund <assar@kth.se>

	* lib/asn1/der_get.c (der_get_int): handle len == 0.  based on a
	patch from Love <lha@stacken.kth.se>

2002-08-22  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/krb5.h: we seem to call KRB5KDC_ERR_KEY_EXP
	KRB5KDC_ERR_KEY_EXPIRED, so define the former to the latter
	
	* kdc/kdc.8: add blurb about adding and removing addresses; update
	kdc.conf section to match reality

	* configure.in: KRB_SENDAUTH_VLEN seems to always have existed, so
	don't define it
	
2002-08-21  Assar Westerlund  <assar@kth.se>
	
	* lib/asn1/asn1_print.c: print OIDs too, based on a patch from
	Love <lha@stacken.kth.se>

2002-08-21  Johan Danielsson  <joda@pdc.kth.se>

	* kuser/kinit.c (do_v4_fallback): don't use krb_get_pw_in_tkt2
	since it might not exist, and we don't actually care about the key
	
2002-08-20  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/krb5.conf.5: correct documentation for
	verify_ap_req_nofail

	* lib/krb5/log.c: rename syslog_data to avoid name conflicts (from
	Mattias Amnefelt)

	* kuser/klist.c (display_tokens): increase token buffer size, and
	add more checks of the kernel data (from Love)

2002-08-19  Johan Danielsson  <joda@pdc.kth.se>

	* fix-export: use make to parse Makefile.am instead of perl

	* configure.in: use argument-less AM_INIT_AUTOMAKE, now that it
	groks AC_INIT with package name etc.

	* kpasswd/kpasswdd.c: include <kadm5/private.h>

	* lib/asn1/asn1_print.c: include com_right.h

	* lib/krb5/addr_families.c: socklen_t -> krb5_socklen_t

	* include/bits.c: define krb5_socklen_t type; this should really
	go someplace else, but this was easy

	* lib/krb5/verify_krb5_conf.c: don't bail out if parsing of a file
	fails, just warn about it

	* kdc/log.c (kdc_openlog): no need for a config_file parameter

	* kdc/config.c: just treat kdc.conf like any other config file

	* lib/krb5/context.c (krb5_get_default_config_files): ignore
	duplicate files

2002-08-16  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/krb5.h: turn strings into pointers, so we can assign to
	them

	* lib/krb5/constants.c: turn strings into pointers, so we can
	assign to them

	* lib/krb5/get_addrs.c (get_addrs_int): initialise res if
	SCAN_INTERFACES is not set

	* lib/krb5/context.c: fix various borked stuff in previous commits

2002-08-16  Jacques Vidrine <n@nectar.com>

	* lib/krb5/krbhst.c (kpasswd_get_next): if we fall back to using
	the `admin_server' entry for kpasswd, override the `proto' result
	to be UDP.

2002-08-15  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/auth_context.c: check return value of
	krb5_sockaddr2address

	* lib/krb5/addr_families.c: check return value of
	krb5_sockaddr2address

	* lib/krb5/context.c: get the default keytab from KRB5_KTNAME

2002-08-14  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/verify_krb5_conf.c: allow parsing of more than one file

	* lib/krb5/context.c: allow changing config files with the
	function krb5_set_config_files, there are also related functions
	krb5_get_default_config_files and krb5_free_config_files; these
	should work similar to their MIT counterparts

	* lib/krb5/config_file.c: allow the use of more than one config
	file by using the new function krb5_config_parse_file_multi

2002-08-12  Johan Danielsson  <joda@pdc.kth.se>

	* use sysconfdir instead of /etc

	* configure.in: require autoconf 2.53; rename dpagaix_LDFLAGS etc
	to appease automake; force sysconfdir and localstatedir to /etc
	and /var/heimdal for now

	* kdc/connect.c (addr_to_string): check return value of
	sockaddr2address

2002-08-09  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/rd_cred.c: if the remote address isn't an addrport,
	don't try comparing to one; this should make old clients work with
	new servers

	* lib/asn1/gen_decode.c: remove unused variable

2002-07-31  Johan Danielsson  <joda@pdc.kth.se>

	* kdc/{kerberos5,524}.c: ENOENT -> HDB_ERR_NOENTRY (from Derrick
	Brashear)

	* lib/krb5/principal.c: actually lower case the lower case
	instance name (spotted by Derrick Brashear)

2002-07-24  Johan Danielsson  <joda@pdc.kth.se>

	* fix-export: if DATEDVERSION is set, change the version to
	current date

	* configure.in: don't use AC_PROG_RANLIB, and use magic foo to set
	LTLIBOBJS

2002-07-04  Johan Danielsson  <joda@pdc.kth.se>

	* kdc/connect.c: add some cache-control-foo to the http responses
	(from Gombas Gabor)

	* lib/krb5/addr_families.c (krb5_print_address): don't copy size
	if ret_len == NULL

2002-06-28  Johan Danielsson  <joda@pdc.kth.se>

	* kuser/klist.c (display_tokens): don't bail out before we get
	EDOM (signaling the end of the tokens), the kernel can also return
	ENOTCONN, meaning that the index does not exist anymore (for
	example if the token has expired)

2002-06-06  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/changepw.c: make sure we return an error if there are
	no changepw hosts found; from Wynn Wilkes

2002-05-29  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/cache.c (krb5_cc_register): break out of loop when the
	same type is found; spotted by Wynn Wilkes

2002-05-15  Johan Danielsson  <joda@pdc.kth.se>

	* kdc/kerberos5.c: don't free encrypted padata until we're really
	done with it

2002-05-07  Johan Danielsson  <joda@pdc.kth.se>

	* kdc/kerberos5.c: when decrypting pa-data, try all keys matching
	enctype

	* kuser/kinit.1: document -a

	* kuser/kinit.c: add command line switch for extra addresses

2002-04-30  Johan Danielsson  <joda@blubb.pdc.kth.se>

	* configure.in: remove some duplicate tests

	* configure.in: use AC_HELP_STRING

2002-04-29  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/crypto.c (usage2arcfour): don't abort if the usage is
	unknown

2002-04-25  Johan Danielsson  <joda@pdc.kth.se>

	* configure.in: use rk_DESTDIRS

2002-04-22  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/krb5_verify_user.3: make it clear that _lrealm modifies
	the principal

2002-04-19  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/verify_init.c: fix typo in error string

2002-04-18  Johan Danielsson  <joda@pdc.kth.se>

	* acconfig.h: remove some stuff that is defined elsewhere

	* lib/krb5/krb5_locl.h: include <sys/file.h>

	* lib/krb5/acl.c: rename acl_string parameter

	* lib/krb5/Makefile.am: remove __P from protos, and put parameter
	names in comments

	* kuser/klist.c: better align some headers

	* kdc/kerberos4.c: storage tweaks

	* kdc/kaserver.c: storage tweaks

	* kdc/524.c: storage tweaks

	* lib/krb5/keytab_krb4.c: storage tweaks

	* lib/krb5/keytab_keyfile.c: storage tweaks

	* lib/krb5/keytab_file.c: storage tweaks; also try to handle zero
	sized keytab files

	* lib/krb5/keytab_any.c: use KRB5_KT_END instead of KRB5_CC_END

	* lib/krb5/fcache.c: storage tweaks

	* lib/krb5/store_mem.c: make the krb5_storage opaque, and add
	function wrappers for store/fetch/seek, and also make the eof-code
	configurable

	* lib/krb5/store_fd.c: make the krb5_storage opaque, and add
	function wrappers for store/fetch/seek, and also make the eof-code
	configurable

	* lib/krb5/store_emem.c: make the krb5_storage opaque, and add
	function wrappers for store/fetch/seek, and also make the eof-code
	configurable

	* lib/krb5/store.c: make the krb5_storage opaque, and add function
	wrappers for store/fetch/seek, and also make the eof-code
	configurable

	* lib/krb5/store-int.h: make the krb5_storage opaque, and add
	function wrappers for store/fetch/seek, and also make the eof-code
	configurable

	* lib/krb5/krb5.h: make the krb5_storage opaque, and add function
	wrappers for store/fetch/seek, and also make the eof-code
	configurable

	* include/bits.c: include <sys/socket.h> to get socklen_t

	* kdc/kerberos5.c (get_pa_etype_info): sort ETYPE-INFOs by
	requested KDC-REQ etypes

	* kdc/hpropd.c: constify

	* kdc/hprop.c: constify

	* kdc/string2key.c: constify

	* kdc/kdc_locl.h: make port_str const

	* kdc/config.c: constify

	* lib/krb5/config_file.c: constify

	* kdc/kstash.c: constify

	* lib/krb5/verify_user.c: remove unnecessary cast

	* lib/krb5/recvauth.c: constify

	* lib/krb5/principal.c (krb5_parse_name): const qualify

	* lib/krb5/mcache.c (mcc_get_name): constify return type

	* lib/krb5/context.c (krb5_free_context): don't try to free the
	ccache prefix

	* lib/krb5/cache.c (krb5_cc_register): don't make a copy of the
	prefix

	* lib/krb5/krb5.h: constify some struct members

	* lib/krb5/log.c: constify

	* lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): const
	qualify

	* lib/krb5/get_in_tkt.c (krb5_init_etype): constify

	* lib/krb5/crypto.c: constify some

	* lib/krb5/config_file.c: constify

	* lib/krb5/aname_to_localname.c (krb5_aname_to_localname):
	constify local variable

	* lib/krb5/addr_families.c (ipv4_sockaddr2port): constify

2002-04-17  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/verify_krb5_conf.c: add some log checking
	
	* lib/krb5/log.c (krb5_addlog_dest): reorganise syslog parsing

2002-04-16  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/crypto.c (krb5_crypto_init): check that the key size
	matches the expected length

2002-03-27  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/send_to_kdc.c: rename send parameter to send_data

	* lib/krb5/mk_error.c: rename ctime parameter to client_time

2002-03-22  Johan Danielsson  <joda@pdc.kth.se>

	* kdc/kerberos5.c (find_etype): unsigned -> krb5_enctype (from
	Reinoud Zandijk)

2002-03-18  Johan Danielsson  <joda@pdc.kth.se>

	* lib/asn1/k5.asn1: add the GSS-API checksum type here

2002-03-11  Assar Westerlund  <assar@sics.se>

	* lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to
	18:3:1
	* lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 7:5:0
	* lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump version to 6:0:0
	
2002-03-10  Assar Westerlund  <assar@sics.se>

	* lib/krb5/rd_cred.c: handle addresses with port numbers

	* lib/krb5/keytab_file.c, lib/krb5/keytab.c:
	store the kvno % 256 as the byte and the complete 32 bit kvno after
	the end of the current keytab entry

	* lib/krb5/init_creds_pw.c:
	handle LR_PW_EXPTIME and LR_ACCT_EXPTIME in the same way

	* lib/krb5/get_for_creds.c (krb5_get_forwarded_creds):
	handle ports giving for the remote address

	* lib/krb5/get_cred.c:
	get a ticket with no addresses if no-addresses is set

	* lib/krb5/crypto.c:
	rename functions DES_* to krb5_* to avoid colliding with modern
	openssl

	* lib/krb5/addr_families.c:
	make all functions taking 'struct sockaddr' actually take a socklen_t
	instead of int and that acts as an in-out parameter (indicating the
	maximum length of the sockaddr to be written)

	* kdc/kerberos4.c:
	make the kvno's in the krb4 universe by the real one % 256, since they
	cannot only be 8 bit, and the v5 ones are actually 32 bits

2002-02-15  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/keytab_keyfile.c (akf_add_entry): don't create the file
	before we need to write to it
	(from Åke Sandgren)

2002-02-14  Johan Danielsson  <joda@pdc.kth.se>

	* configure.in: rk_RETSIGTYPE and rk_BROKEN_REALLOC are called via
	rk_ROKEN (from Gombas Gabor); find inttypes by CHECK_TYPES
	directly

	* lib/krb5/rd_safe.c: actually use the correct key (from Daniel
	Kouril)

2002-02-12  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/context.c (krb5_get_err_text): protect against NULL
	context

2002-02-11  Johan Danielsson  <joda@pdc.kth.se>

	* admin/ktutil.c: no need to use the "modify" keytab anymore

	* lib/krb5/keytab_any.c: implement add and remove

	* lib/krb5/keytab_krb4.c: implement add and remove

	* lib/krb5/store_emem.c (emem_free): clear memory before freeing
	(this should perhaps be selectable with a flag)

2002-02-04  Johan Danielsson  <joda@pdc.kth.se>

	* kdc/config.c (get_dbinfo): if there are database specifications
	in the config file, don't automatically try to use the default
	values (from Gombas Gabor)

	* lib/krb5/log.c (krb5_closelog): don't pass pointer to pointer
	(from Gombas Gabor)

2002-01-30  Johan Danielsson  <joda@pdc.kth.se>

	* admin/list.c: get the default keytab from krb5.conf, and list
	all parts of an ANY type keytab

	* lib/krb5/context.c: default default_keytab_modify to NULL

	* lib/krb5/keytab.c (krb5_kt_default_modify_name): if no modify
	name is specified take it from the first component of the default
	keytab name

2002-01-29  Johan Danielsson  <joda@pdc.kth.se>

	* lib/krb5/keytab.c: compare keytab types case insensitively

2002-01-07  Assar Westerlund  <assar@sics.se>

	* lib/krb5/crypto.c (create_checksum): make usage `unsigned' (it's
	not really a krb5_key_usage).  From Ben Harris <bjh21@netbsd.org>
	* lib/krb5/get_in_tkt.c: use krb5_enctype consistently.  From Ben
	Harris <bjh21@netbsd.org>
	* lib/krb5/crypto.c: use krb5_enctype consistently.  From Ben
	Harris <bjh21@netbsd.org>
	* kdc/kerberos5.c: use krb5_enctype consistently.  From Ben Harris
	<bjh21@netbsd.org>
OpenPOWER on IntegriCloud