1 2008-03-22 Love Hörnquist Åstrand <lha@it.su.se>
3 * lib/krb5/get_in_tkt.c: check no server referral, don't use
4 stringent length tests since encryption layer does padding for
7 * kdc/kerberos5.c: Match name in ClientCanonicalizedNames with -10
9 * lib/krb5/principal.c (_krb5_principal_compare_PrincipalName):
10 new function to compare a principal to a PrincipalName.
12 * lib/krb5/init_creds_pw.c: Move client referral checking to
13 _krb5_extract_ticket().
15 * lib/krb5/get_in_tkt.c: More bits for server referral.
17 * lib/krb5/get_in_tkt.c: Make working with client referrals.
19 * lib/krb5/get_cred.c: Try moving referrals checking into
20 _krb5_extract_ticket().
22 * lib/krb5/get_in_tkt.c: Try moving referrals checking into
23 _krb5_extract_ticket().
25 2008-03-21 Love Hörnquist Åstrand <lha@it.su.se>
27 * kdc/krb5tgs.c: Send SERVER-REFERRAL data in rep.padata instead
28 of auth_data in ticket.
30 2008-03-20 Love Hörnquist Åstrand <lha@it.su.se>
32 * lib/krb5/init_creds_pw.c: remove lost bits from using
33 krb5_principal_set_realm
35 * kdc/krb5tgs.c: Better referrals support, use canonicalize flag.
37 * kdc/hprop.c: use krb5_principal_set_realm
39 * lib/krb5/init_creds_pw.c: use krb5_principal_set_realm
41 * lib/krb5/verify_user.c: use krb5_principal_set_realm
43 * lib/krb5/version-script.map: add krb5_principal_set_realm
45 * lib/krb5/principal.c: add krb5_principal_set_realm
47 * lib/krb5/get_cred.c: Insecure tgs referrals.
49 * lib/krb5/get_cred.c: Dont try key usage KRB5_KU_AP_REQ_AUTH for
50 TGS-REQ. This drop compatibility with pre 0.3d KDCs.
52 * lib/krb5/get_cred.c: catch KRB5_GC_CANONICALIZE.
54 * lib/krb5/krb5.h: set KRB5_GC_CANONICALIZE.
56 * kuser/kgetcred.c: set KRB5_GC_CANONICALIZE.
58 * kuser/kgetcred.c: Add stub --canonicalize implementation.
60 2008-03-19 Love Hörnquist Åstrand <lha@it.su.se>
62 * doc/setup.texi: Fix sasl-regexp, from Howard Chu.
64 2008-03-14 Love Hörnquist Åstrand <lha@it.su.se>
66 * kdc/kx509.c: Adapt to hx509_env changes.
68 2008-03-10 Love Hörnquist Åstrand <lha@it.su.se>
70 * lib/krb5/pkinit.c: Try searchin the key by to use by first
71 looking for for PK-INIT EKU, then the Microsoft smart card EKU and
72 last, no special EKU at all.
74 2008-03-09 Love Hörnquist Åstrand <lha@it.su.se>
76 * lib/krb5/acache.c: Create a new credential cache is ->get_name
77 is called, make acc_initialize() reset the existing credential
80 * lib/krb5/acache.c (acc_get_name): just return the cache_name
81 directly instead of trying to resolve it.
83 2008-02-23 Love Hörnquist Åstrand <lha@it.su.se>
85 * include/Makefile.am (CLEANFILES): add wind.h and wind_err.h and
88 2008-02-11 Love Hörnquist Åstrand <lha@it.su.se>
90 * lib/hdb/hdb-ldap.c: Use malloc() instead of static buffer.
92 * lib/hdb/hdb-ldap.c: Use ldap_get_values_len, from LaMont Jones
93 via Brian May and Debian.
95 * doc/Makefile.am: add libwind
97 2008-02-05 Love Hörnquist Åstrand <lha@it.su.se>
99 * lib/krb5/test_renew.c: Remove extra ;, From Dennis Davis.
101 * lib/krb5/store_emem.c: Make compile on-pre c99 compilers. From
104 2008-02-03 Love Hörnquist Åstrand <lha@it.su.se>
106 * tools/heimdal-gssapi.pc.in: Add wind.
108 * tools/krb5-config.in: Add wind.
110 * lib/krb5/pac.c: Use libwind.
112 2008-02-01 Love Hörnquist Åstrand <lha@it.su.se>
114 * lib/Makefile.am: SUBDIRS: add wind
116 2008-01-29 Love Hörnquist Åstrand <lha@it.su.se>
118 * doc/programming.texi: See the Kerberos 5 API introduction and
119 documentation on the Heimdal webpage.
121 2008-01-27 Love Hörnquist Åstrand <lha@it.su.se>
123 * lib/krb5: better error strings for the keytab fetching functions
125 * lib/krb5/verify_krb5_conf.c: Catch deprecated entries.
127 * lib/krb5/get_cred.c: Remove support
128 for [libdefaults]capath (not [libdefaults] capaths though).
130 2008-01-25 Love Hörnquist Åstrand <lha@it.su.se>
132 * tools/heimdal-gssapi.pc.in: Fix caps of prefix, from Joakim
135 2008-01-24 Love Hörnquist Åstrand <lha@it.su.se>
137 * lib/krb5/fcache.c (fcc_move): more explict why the fcc_move
138 failes, handle cross device moves.
140 2008-01-21 Love Hörnquist Åstrand <lha@it.su.se>
142 * lib/krb5/get_for_creds.c: Use on variable less.
144 * lib/krb5/get_for_creds.c: Try to handle ticket full and
145 ticketless tickets better. Add doxygen comments while here.
147 * lib/krb5/test_forward.c: Used for testing
148 krb5_get_forwarded_creds().
150 * lib/krb5/Makefile.am: noinst_PROGRAMS += test_forward
152 * lib/krb5/Makefile.am: drop CHECK_SYMBOLS
154 * lib/hdb/Makefile.am: drop CHECK_SYMBOLS
156 * kdc/Makefile.am: drop CHECK_SYMBOLS
158 2008-01-18 Love Hörnquist Åstrand <lha@it.su.se>
160 * lib/krb5/version-script.map: Add krb5_digest_probe.
162 2008-01-13 Love Hörnquist Åstrand <lha@it.su.se>
164 * lib/krb5/pkinit.c: Replace hx509_name_to_der_name with
167 2008-01-12 Love Hörnquist Åstrand <lha@it.su.se>
169 * lib/krb5/Makefile.am: add missing files