1 Thu Nov 7 20:53:17 1996 Tom Yu <tlyu@mit.edu>
3 * configure.in: Remove spurious WITH_KRB4.
5 Tue Nov 5 16:16:53 1996 Barry Jaspan <bjaspan@mit.edu>
7 * dump.c (load_db): minor fix to code that verifies the specified
8 load version matches the file (autodetect worked anyway)
10 Fri Oct 18 14:23:41 1996 Barry Jaspan <bjaspan@mit.edu>
12 * dump.c (load_db): osa_adb_rename_policy_db will create the db,
13 so this function doesn't have to [krb5-admin/58]
15 * dump.c (dump_k5beta6_iterator): don't dump tl types that are
16 special to us and the previous version did not understand
19 Tue Oct 8 13:35:56 1996 Barry Jaspan <bjaspan@mit.edu>
21 * dump.c (load_db): rework the way policy database naming and
22 renaming is handled; the code no longer depends on being able to
23 specify admin_dbname specifically (which is no longer supported by
24 the libraries), uses osa_adb_rename_policy instead of doing it
25 directly, and will create a policy db if one does not already
26 exist. Automated testing is needed. [krb5-admin/62]
28 * dump.c (load_db): rename osa_adb_rename_policy to *_db
30 Thu Oct 3 18:17:36 1996 Barry Jaspan <bjaspan@mit.edu>
32 * kdb5_util.c (ARG_VAL): case second half of ?: operator to char *
33 to fix problem on AIX; this should have worked anyway because of
34 the , operator but it is easy enough to force the solution, too.
37 Tue Sep 10 14:16:40 1996 Tom Yu <tlyu@mit.edu>
39 * kdb5_edit.M: remove extra args from .TH
41 * kdb5_util.M: remove ".so man1/header.doc"
43 Mon Sep 9 11:06:29 1996 Theodore Y. Ts'o <tytso@mit.edu>
45 * loadv4.c: Don't call get_config_params again, since it's not
46 necessary, and breaks the policy database name if it is
49 Wed Sep 4 17:34:58 1996 Theodore Y. Ts'o <tytso@mit.edu>
51 * loadv4.c (load_v4db): Fix argument parsing so that it actually works!
52 Eliminated the -f option, as it is superfluous. Don't
53 create the policy database if using the -t option, since
56 * kdb5_util.c (usage): Fix usage message so that it's correct for
59 Tue Sep 3 22:12:54 1996 Theodore Y. Ts'o <tytso@mit.edu>
61 * Makefile.in (install): Fixed typo: ($PROG) -> $(PROG)
63 Thu Aug 29 11:57:09 1996 Barry Jaspan <bjaspan@mit.edu>
65 * dump.c (dump_db): don't compare apples and iguanas
67 Sat Aug 24 21:14:45 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
69 * loadv4.c, kdb5_stash.c: Removed unused variable rparams.
71 Fri Aug 16 12:00:56 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
73 * configure.in: Link with the GSSAPI library, since it's needed
76 Mon Aug 12 11:41:57 1996 Barry Jaspan <bjaspan@mit.edu>
78 * kdb5_util.c: make mkey_password non-static
80 * kdb5_create.c: use global mkey_password
82 Mon Aug 5 21:24:47 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
84 * kdb5_stash.c (kdb5_stash): Ignore (expected) failure in stashing
85 key when key not already present in returning exit status.
87 Mon Aug 5 14:36:47 1996 Barry Jaspan <bjaspan@DUN-DUN-NOODLES>
89 * all files: reworked for non-ss usage; kdb5_util_ct.ct and
90 ss_wrapper.c are now obsolete
92 Thu Aug 1 14:34:51 1996 Barry Jaspan <bjaspan@DUN-DUN-NOODLES>
94 * dump.c, kadm5_create.c, kdb5_create.c: create policy database
95 and kadm5 principals when loading a databas
97 * loadv4.c: create empty policy database after loading V4 dump file
99 * dumpv4.c (dump_v4db): use global_params.stash_file
101 * Makefile.in, Makefile.ov, configure.in, dump.c: add support for
102 dump/load of OV*Secure-compatible format.
104 Wed Jul 31 14:55:38 1996 Tom Yu <tlyu@mit.edu>
106 * kdb5_stash.c (kdb5_stash): Declare optind.
108 Tue Jul 30 17:51:24 1996 Samuel D Hartman (hartmans@vorlon)
110 * configure.in: Use gssapi library.
112 Sat Jul 27 02:16:01 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
113 * kdb5_create.c (kdb5_create): Ignore (expected) failure in
114 open_db_and_mkey when creating database in returning exit
117 Wed Jul 24 02:57:16 1996 Sam Hartman <hartmans@tertius.mit.edu>
119 * loadv4.cdumpv4.c : Fixes for Athena Kerberos
121 Wed Jul 24 02:47:07 1996 Sam Hartman <hartmans@mit.edu>
123 * configure.in: Check for kdc.h and krb_db.h for Athena Kerberos.
125 Tue Jul 23 17:03:42 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu>
127 * Makefile.in: add dependency for kdb5_util_ct.o
129 Thu Jul 18 19:22:04 1996 Marc Horowitz <marc@mit.edu>
131 * configure.in: removed SS_RULES
133 Wed Jul 10 19:43:22 1996 Marc Horowitz <marc@mit.edu>
135 * dumpv4.c (configure.in, Makefile.in): make autoconf work after
138 Sun May 12 00:27:44 1996 Marc Horowitz <marc@mit.edu>
140 * loadv4.c (enter_in_v5_db, add_principal), kdb5_edit.c
141 (create_db_entry, modent), dumpv4.c (dump_v4_iterator), dump.c
142 (dump_k5beta_iterator, process_k5beta_record): convert to use new
143 krb5_dbe_* tl_data functions.
145 * cpw.c (enter_pwd_key): krb5_dbe_cpw() takes a kvno now.
147 Tue May 7 23:16:57 1996 Marc Horowitz <marc@mit.edu>
149 * configure.in: USE_KADM_LIBRARY replaced by USE_KADMSRV_LIBRARY
151 Thu Apr 11 19:32:36 1996 Richard Basch <basch@lehman.com>
153 * kdb5_edit.c (extract_v4_srvtab): Use the matching key_data's kvno;
154 don't assume that key_data[0]'s kvno is necessarily the matching
157 Wed Apr 10 19:17:58 1996 Richard Basch <basch@lehman.com>
159 * kdb5_edit.c (extract_v4_srvtab): Translate the principal name to
162 Tue Mar 19 18:00:58 1996 Richard Basch <basch@lehman.com>
164 * kdb5_edit.c (extract_v4_srvtab): do not test to make sure we
165 fetched a key of enctype 1 (des-cbc-crc), since we may have gotten
166 another des key from the database, which is just as useful in a
169 * dumpv4.c (dump_v4_iterator): use krb5_524_conv_principal to do the
170 v5 to v4 principal translation, instead of having yet another
173 Wed Mar 6 16:17:20 1996 Richard Basch <basch@lehman.com>
175 * dumpv4.c: The V4 master key & schedule was never initialized,
176 so the dump created by dump_v4db was garbage. Read the V4
177 master key from /.k or prompt for the V4 master key password.
178 If there is no V4-salt key in the database, but there is a DES
179 key, include it in the V4 dump, in case it is merely a random
180 service key for which there is no associated password.
181 Skip over K/M in the V5 database (use the entered V4 master key).
182 Both krbtgt and afs keys often have domain-qualifed instances.
184 Tue Mar 5 12:18:22 1996 Richard Basch <basch@lehman.com>
186 * dump.c: POSIX locking requires that the file be opened read-write.
188 Mon Feb 26 22:42:09 1996 Mark Eichin <eichin@cygnus.com>
190 * kdb5_edit.c: new command line option -f stashfile.
191 * kdb5_edit.M: document stashfile option.
193 Mon Feb 26 22:13:45 1996 Mark Eichin <eichin@cygnus.com>
195 * dump.c (process_k5beta_record): since V4 salt type has no data
196 either, only set key_data_ver to 1 for data_type 0 with 0-length
197 salt. Also, don't include alternate key if akey has all-zero type
198 and length in both fields.
200 Sat Feb 24 04:02:18 1996 Mark W. Eichin <eichin@cygnus.com>
202 * dump.c (process_k5beta_record): encrypted keys used to have 4
203 byte lengths in MSB order, need to convert to 2 byte LSB order
204 lengths before storing. Handle primary key and alternate key.
206 Fri Feb 23 18:44:10 1996 Mark Eichin <eichin@cygnus.com>
208 * kdb5_edit.c (kdb5_edit_Init): set manual_mkey for testing with -P
210 Wed Feb 14 09:52:18 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
212 * kdb5_edit.c (enter_master_key, set_dbname_help): If master key
213 enctype is unknown, set to DEFAULT_KDC_ENCTYPE.
215 Tue Feb 13 16:08:07 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
217 * kdb5_edit.c (extract_v4_srvtab): krb5_dbekd_decrypt_key_data
218 takes krb5_key_data *, not **.
220 Tue Jan 30 18:28:57 1996 Mark Eichin <eichin@cygnus.com>
222 * dump.c (load_db): dbrenerr_fmt prints "from" first, so pass it
223 to fprintf correctly.
225 Sun Jan 28 14:31:47 1996 Mark Eichin <eichin@cygnus.com>
227 * dump.c (process_k5_record): t2..t9 is only 8 vars, not 9.
229 Thu Jan 25 16:07:42 1996 Sam Hartman <hartmans@tertius.mit.edu>
231 * kdb5_edit.c (extract_srvtab): Extract *all* the keys in a
232 dbentry, not the first one.
233 (extract_v4_srvtab): Attempt to find the right v4 keys.
235 Wed Jan 24 18:48:38 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU>
237 * Makefile.in: Remove spurious @DEFS@
240 Wed Dec 13 03:44:58 1995 Chris Provenzano (proven@mit.edu)
242 * dump.c, dumpv4.c, kdb5_edit.c, loadv4.c :
243 Remove mkvno from krb5_db_entry.
245 Sun Dec 10 11:07:51 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
247 * kdb5_edit.M: Document that modent exists
249 * kdb5_edit.c (modent): Add usage as suggested by jhawk@mit.edu.
251 Thu Nov 09 17:05:57 1995 Chris Provenzano (proven@mit.edu)
253 * kdb5_edit.c : Remove krb5_enctype from krb5_string_to_key() args.
255 Fri Oct 27 13:37:04 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
257 * dump.c (process_k5_record): Fix off by one in malloc.
259 Mon Oct 9 16:35:19 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
261 * kdb5_edit.c (extract_v4_srvtab): Extract a one byte version
262 number for v4 srvtabs (from warlord).
264 Thu Oct 5 10:35:35 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
266 * cpw.c: Declare std_ks_tuple as extern.
267 * kdb5_edit.h: Remove std_ks_tuple declaration as not all sources
268 include adm.h for structures
270 Tue Oct 3 23:10:57 1995 Theodore Y. Ts'o <tytso@dcl>
272 * cpw.c (enter_rnd_key, enter_pwd_key):
273 * kdb5_edit.c (kdb5_edit_Init): Use the kdc.conf file to determine
274 the default list of keysalt tuples to be used. This is
275 stored in std_ks_tuple, and is used by cpw.c for random
276 keys and when a list of keysalts is not specified.
278 Mon Sep 18 03:59:47 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
280 * kdb5_edit.c (show_principal): Show key version and last password
283 * cpw.c: Fix typo in below change in which list was terminated
284 after third entry. (extra } removed)
286 Fri Sep 15 14:21:25 1995 Theodore Y. Ts'o <tytso@dcl>
288 * cpw.c: Add DES_CBC_MD5 and DES_CBC_CRC with the V4 salt as
289 default key/salt tuples to be added. (Once proven's DES_*
290 folding code is implemented, we can shorten this list.)
291 Eventually, this list should be read in from kdc.conf.
293 Thu Sep 7 20:41:24 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
295 * loadv4.c (load_v4db): Provide a dummy routine if krb4
296 compatibility is not compiled in.
298 Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu)
300 * cpw.c, dump.c, dumpv4.c, kdb5_edit.c, loadv4.c :
301 s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g
303 Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu)
305 * cpw.c, dump.c, dumpv4.c, kdb5_edit.c, loadv4.c : Remove krb5_enctype
306 references, and replace with krb5_keytype where appropriate.
308 Fri Aug 25 17:37:33 EDT 1995 Paul Park (pjpark@mit.edu)
309 * dumpv4.c - Fix handle_keys(). It was trying to recreate work that
310 has already been done.
311 * Makefile.in, .Sanitize, loadv4.c, kdb5_ed_ct.ct - Add lddb4, the
312 command to load a v4 dump file. This is basically, kdb5_
313 convert reconstituted to fit within the framework of kdb5_edit.
315 Thu Aug 24 19:28:39 1995 Theodore Y. Ts'o <tytso@dcl>
317 * .Sanitize: Update file list
319 Mon Aug 21 16:45:39 EDT 1995 Paul Park (pjpark@mit.edu)
320 * dump.c - Completely rework this logic to support old (e.g. Beta 5
321 and previous) dump format and new dump format using the same
322 commands. This is differentiated by using the "-old" command
325 * kdb5_edit.M - Add description of -R and -s. Remove "ascii represen-
326 tation of a decimal number". Remove "Bugs".
328 Fri Aug 18 17:06:06 EDT 1995 Paul Park (pjpark@mit.edu)
330 * ss_wrapper.c - Change sense of fgets() check so scripts work.
333 Tue Aug 15 14:22:50 EDT 1995 Paul Park (pjpark@mit.edu)
335 * kdb5_edit.c, ss_wrapper.c, cpw.c, kdb5_edit.h - Add support for
336 -s scriptfile and fix up assorted gcc -Wall complaints.
339 Mon Aug 7 17:32:31 EDT 1995 Paul Park (pjpark@mit.edu)
340 * cpw.c - Use krb5_string_to_keysalts() to generate a list of unique
341 key/salt pairs supplied in argv.
344 Mon Aug 07 11:16:03 1995 Chris Provenzano (proven@mit.edu)
346 * cpw.c : Uses new kdb change password routines for ank, ark, cpw,
347 and crk. Also remove v4 variants of ank and cpw.
348 * krb5_edit.c : Deleted old variants of rotuines now in cpw.c
349 * kdb5_ed_ct.ct, kdb5_edit.M, tcl_wrapper.c:
350 Removed references to v4 variants of ank and cpw.
351 * kdb5_edit.h (enter_pwd_key()) : Removed proto, it's nolonger
352 necessary as it's a static routine in cpw.c
354 Thu Aug 03 12:13:50 1995 Chris Provenzano (proven@mit.edu)
356 * cpw.c : New change password code for kdb5_edit.
357 * dumpv4.c : Get it to compile with new kdb format.
359 Mon Jul 31 15:47:30 EDT 1995 Paul Park (pjpark@mit.edu)
360 * kdb5_edit.c - Use libkadm string conversion routines. These are
361 shared by all utilities.
362 * Makefile.in - Remove getdate.y.
363 * configure.in - Remove getdate.y dependency checks.
364 * getdate.y - Sayonara.
367 Thu Jul 27 15:01:01 EDT 1995 Paul Park (pjpark@mit.edu)
368 * configure.in - Add --with-dbm and check for already checking for dbm.
371 Thu Jul 27 02:59:05 1995 Chris Provenzano (proven@mit.edu)
373 * dump.c kdb5_edit.c kdb5_edit.h util.c : Use new kdb format.
375 Mon Jul 17 15:00:08 EDT 1995 Paul Park (pjpark@mit.edu)
376 * configure.in - Add KADM library.
377 * dumpv4.c - Change calling sequence to krb5_db_fetch_mkey().
378 * kdb5_edit.c - Change calling sequence to krb5_db_fetch_mkey() which
379 uses the stash file. Add KDC profile reading/handling as a
380 supplement to command line supplied arguments.
383 Wed Jul 12 12:01:04 EDT 1995 Paul Park (pjpark@mit.edu)
384 * configure.in - Temporarily add --with-kdb4 option. Default is without
385 kdb4. Without kdb4 enables a define. With kdb4 uses -lkdb4 and
387 * dumpv4.c - Conditionalize references to kdb4 routines with
388 KDB4_DISABLE. Replace two required routines:
389 kdb_encrypt_key -> pcbc_encrypt
390 kdb_get_master_key -> des_read_password/printf/key_sched
393 Fri Jul 7 15:38:00 EDT 1995 Paul Park (pjpark@mit.edu)
394 * Makefile.in - Remove all explicit library handling and LDFLAGS.
395 * configure.in - Add USE_<mumble> and KRB5_LIBRARIES.
398 Thu Jun 15 15:34:59 EDT 1995 Paul Park (pjpark@mit.edu)
399 * Makefile.in - Change explicit library names to -l<lib> form, and
400 change target link line to use $(LD) and associated flags.
401 Also, for K4, use KRB4_LIB and KRB4_CRYPTO_LIB, these wer
403 * configure.in - Add shared library usage check.
405 Fri Jun 9 18:14:43 1995 <tytso@rsx-11.mit.edu>
407 * configure.in: Remove standardized set of autoconf macros, which
408 are now handled by CONFIG_RULES.
410 * dumpv4.c: Change name of controlling #ifdef to be
411 KRB5_KRB4_COMPAT instead of KRB4.
413 Sun May 21 14:20:32 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
415 * dumpv4.c: Include k5-int.h before krb.h so that PROTOTYPE is not
418 Sun May 7 13:46:30 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
420 * configure.in: Add AC_HEADER_STDC to define STDC_HEADERS for
423 Mon May 1 13:36:41 1995 Theodore Y. Ts'o (tytso@dcl)
425 * kdb5_edit.c (kdb5_edit_Init): Check the return code from
428 Fri Apr 28 18:04:26 1995 Mark Eichin <eichin@cygnus.com>
430 * Makefile.in (LOCAL_LIBRARIES): put KRB4_LIB inside KLIB, and put
431 KDB4_LIB ahead of them both.
433 Thu Apr 27 13:47:23 1995 Mark Eichin <eichin@cygnus.com>
435 * Makefile.in (LOCAL_LIBRARIES): use KRB4_LIB and KDB4_LIB
437 * configure.in: just use WITH_KRB4.
439 Wed Apr 19 13:59:47 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
441 * kdb5_edit.c (kdb5_edit_Init): If a default realm is specified
442 (with -r), use krb5_set_default_realm so that created keys
443 will have the correct realm.
445 Thu Mar 23 23:28:26 1995 Theodore Y. Ts'o <tytso@dcl>
447 * kdb5_edit.c (show_principal, parse_princ_args): Add
448 "support_desmd5" flag.
450 Tue Mar 14 16:29:05 1995 <tytso@rsx-11.mit.edu>
452 * ss_wrapper.c (main): Set the return code from ss_execute_line(),
453 so that appropriate error checking is done.
455 Thu Mar 2 12:18:57 1995 Theodore Y. Ts'o <tytso@dcl>
457 * Makefile.in (ISODELIB): Remove reference to $(ISODELIB).
459 Wed Mar 1 11:53:02 1995 Theodore Y. Ts'o <tytso@dcl>
461 * configure.in: Remove ISODE_INCLUDE, replace check for -lsocket
462 and -lnsl with WITH_NETLIB check.
464 Tue Feb 28 02:06:26 1995 John Gilmore (gnu at toad.com)
466 * dump.c, dumpv4.c, kdb5_edit.c, ss_wrapper.c, tcl_wrapper.c,
467 util.c: Avoid <krb5/...> includes.
469 Thu Feb 23 19:52:35 1995 Mark Eichin (eichin@cygnus.com)
471 * kdb5_edit.c: add struct timeb and sys/timeb includes from
473 (ftime): new function, in case we don't HAVE_FTIME.
475 Tue Feb 14 17:55:47 1995 Tom Yu (tlyu@dragons-lair)
477 * kdb5_edit.c: add modent
478 * getdate.y: import get_date
479 * kdbt_ed_ct.ct: add modent
481 * Makefile.in: support for getdate.y
483 Wed Feb 8 20:08:36 1995 Tom Yu (tlyu@dragons-lair)
485 * kdb5_edit.c (show_principal): make sane and print all useful
488 Wed Jan 25 16:54:40 1995 Chris Provenzano (proven@mit.edu)
490 * Removed all narrow types and references to wide.h and narrow.h
492 Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
494 * Added krb5_context to all krb5_routines
496 Mon Dec 19 18:04:11 1994 Theodore Y. Ts'o (tytso@dcl)
500 * dumpv4.c (dump_v4db): Do the right thing if we are compiling
501 without V4 support. (The dump_v4db command is disabled.)
503 Wed Dec 7 00:07:46 1994 <tytso@rsx-11.mit.edu>
505 * dumpv4.c (v4_print_time): gmtime expects a pointer to a time_t,
506 not a long. On most systems these are the same, on
509 Wed Nov 16 01:03:42 1994 Mark Eichin (eichin@cygnus.com)
511 * dumpv4.c: new file. New command dump_v4db which creates a v4
512 slave dump out of a v5 database, leaving out any keys which aren't
513 using v4 salt, and any keys that aren't for the current
514 realm. Reencrypts using v4 master key, synthesizes arbitrary
515 master key version number.
516 * configure.in: use WITH_KRB4 for dump support.
517 * kdb5_ed_ct.ct: add new dump_v4 command.
518 * Makefile.in: link in dumpv4.
520 Fri Oct 14 23:31:49 1994 Theodore Y. Ts'o (tytso@dcl)
522 * dump.c (load_db): When scanning a database entry, read
523 fail_auth_count into a temporary integer variable, and
524 then copy that into entry.fail_auth_count, which is a
527 Fri Oct 7 00:01:40 1994 Theodore Y. Ts'o (tytso@dcl)
529 * kdb5_edit.c (kdb5_edit_Init): Don't let errors in
530 set_dbname_help initially cause the exit status to be set.
531 Commands like load_db don't need a valid database to be
534 * ss_wrapper.c (main): Clear code before ss_execute_line, since
535 ss_execute_line doesn't set code to 0 if there are no
538 * kdb5_edit.c (kdb5_edit_Init): Add a new option so that the
539 master key password can be entered on the command line ---
540 for testing only; not documented!!
542 Mon Oct 3 19:10:47 1994 Theodore Y. Ts'o (tytso@dcl)
544 * Makefile.in: Use $(srcdir) to find manual page for make install.
546 Thu Sep 29 15:52:22 1994 Theodore Y. Ts'o (tytso@dcl)
548 * dump.c (update_ok_file): Make sure mod time on the dump_ok file
549 is updated. (Some systems don't update the mod-time when
550 a file is opened for writing.)
552 * Makefile.in: Relink executable when libraries change.
554 * kdb5_edit.c (show_principal): Pass variable with correct type to
557 * tcl_wrapper.c (doquit):
560 dump.c: Exit with a non-zero exit status if there was an error
561 in a executed command.
563 Thu Sep 15 11:00:30 1994 Theodore Y. Ts'o (tytso@dcl)
565 * dump.c (load_db): Fix error string on failed fopen. ("for
566 writing" -> "for reading")