1 Mon Aug 12 11:41:57 1996 Barry Jaspan <bjaspan@mit.edu>
3 * kdb5_util.c: make mkey_password non-static
5 * kdb5_create.c: use global mkey_password
7 Mon Aug 5 21:24:47 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
9 * kdb5_stash.c (kdb5_stash): Ignore (expected) failure in stashing
10 key when key not already present in returning exit status.
12 Mon Aug 5 14:36:47 1996 Barry Jaspan <bjaspan@DUN-DUN-NOODLES>
14 * all files: reworked for non-ss usage; kdb5_util_ct.ct and
15 ss_wrapper.c are now obsolete
17 Thu Aug 1 14:34:51 1996 Barry Jaspan <bjaspan@DUN-DUN-NOODLES>
19 * dump.c, kadm5_create.c, kdb5_create.c: create policy database
20 and kadm5 principals when loading a databas
22 * loadv4.c: create empty policy database after loading V4 dump file
24 * dumpv4.c (dump_v4db): use global_params.stash_file
26 * Makefile.in, Makefile.ov, configure.in, dump.c: add support for
27 dump/load of OV*Secure-compatible format.
29 Wed Jul 31 14:55:38 1996 Tom Yu <tlyu@mit.edu>
31 * kdb5_stash.c (kdb5_stash): Declare optind.
33 Tue Jul 30 17:51:24 1996 Samuel D Hartman (hartmans@vorlon)
35 * configure.in: Use gssapi library.
37 Sat Jul 27 02:16:01 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
38 * kdb5_create.c (kdb5_create): Ignore (expected) failure in
39 open_db_and_mkey when creating database in returning exit
42 Wed Jul 24 02:57:16 1996 Sam Hartman <hartmans@tertius.mit.edu>
44 * loadv4.cdumpv4.c : Fixes for Athena Kerberos
46 Wed Jul 24 02:47:07 1996 Sam Hartman <hartmans@mit.edu>
48 * configure.in: Check for kdc.h and krb_db.h for Athena Kerberos.
50 Tue Jul 23 17:03:42 1996 Tom Yu <tlyu@voltage-multiplier.mit.edu>
52 * Makefile.in: add dependency for kdb5_util_ct.o
54 Thu Jul 18 19:22:04 1996 Marc Horowitz <marc@mit.edu>
56 * configure.in: removed SS_RULES
58 Wed Jul 10 19:43:22 1996 Marc Horowitz <marc@mit.edu>
60 * dumpv4.c (configure.in, Makefile.in): make autoconf work after
63 Sun May 12 00:27:44 1996 Marc Horowitz <marc@mit.edu>
65 * loadv4.c (enter_in_v5_db, add_principal), kdb5_edit.c
66 (create_db_entry, modent), dumpv4.c (dump_v4_iterator), dump.c
67 (dump_k5beta_iterator, process_k5beta_record): convert to use new
68 krb5_dbe_* tl_data functions.
70 * cpw.c (enter_pwd_key): krb5_dbe_cpw() takes a kvno now.
72 Tue May 7 23:16:57 1996 Marc Horowitz <marc@mit.edu>
74 * configure.in: USE_KADM_LIBRARY replaced by USE_KADMSRV_LIBRARY
76 Thu Apr 11 19:32:36 1996 Richard Basch <basch@lehman.com>
78 * kdb5_edit.c (extract_v4_srvtab): Use the matching key_data's kvno;
79 don't assume that key_data[0]'s kvno is necessarily the matching
82 Wed Apr 10 19:17:58 1996 Richard Basch <basch@lehman.com>
84 * kdb5_edit.c (extract_v4_srvtab): Translate the principal name to
87 Tue Mar 19 18:00:58 1996 Richard Basch <basch@lehman.com>
89 * kdb5_edit.c (extract_v4_srvtab): do not test to make sure we
90 fetched a key of enctype 1 (des-cbc-crc), since we may have gotten
91 another des key from the database, which is just as useful in a
94 * dumpv4.c (dump_v4_iterator): use krb5_524_conv_principal to do the
95 v5 to v4 principal translation, instead of having yet another
98 Wed Mar 6 16:17:20 1996 Richard Basch <basch@lehman.com>
100 * dumpv4.c: The V4 master key & schedule was never initialized,
101 so the dump created by dump_v4db was garbage. Read the V4
102 master key from /.k or prompt for the V4 master key password.
103 If there is no V4-salt key in the database, but there is a DES
104 key, include it in the V4 dump, in case it is merely a random
105 service key for which there is no associated password.
106 Skip over K/M in the V5 database (use the entered V4 master key).
107 Both krbtgt and afs keys often have domain-qualifed instances.
109 Tue Mar 5 12:18:22 1996 Richard Basch <basch@lehman.com>
111 * dump.c: POSIX locking requires that the file be opened read-write.
113 Mon Feb 26 22:42:09 1996 Mark Eichin <eichin@cygnus.com>
115 * kdb5_edit.c: new command line option -f stashfile.
116 * kdb5_edit.M: document stashfile option.
118 Mon Feb 26 22:13:45 1996 Mark Eichin <eichin@cygnus.com>
120 * dump.c (process_k5beta_record): since V4 salt type has no data
121 either, only set key_data_ver to 1 for data_type 0 with 0-length
122 salt. Also, don't include alternate key if akey has all-zero type
123 and length in both fields.
125 Sat Feb 24 04:02:18 1996 Mark W. Eichin <eichin@cygnus.com>
127 * dump.c (process_k5beta_record): encrypted keys used to have 4
128 byte lengths in MSB order, need to convert to 2 byte LSB order
129 lengths before storing. Handle primary key and alternate key.
131 Fri Feb 23 18:44:10 1996 Mark Eichin <eichin@cygnus.com>
133 * kdb5_edit.c (kdb5_edit_Init): set manual_mkey for testing with -P
135 Wed Feb 14 09:52:18 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
137 * kdb5_edit.c (enter_master_key, set_dbname_help): If master key
138 enctype is unknown, set to DEFAULT_KDC_ENCTYPE.
140 Tue Feb 13 16:08:07 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
142 * kdb5_edit.c (extract_v4_srvtab): krb5_dbekd_decrypt_key_data
143 takes krb5_key_data *, not **.
145 Tue Jan 30 18:28:57 1996 Mark Eichin <eichin@cygnus.com>
147 * dump.c (load_db): dbrenerr_fmt prints "from" first, so pass it
148 to fprintf correctly.
150 Sun Jan 28 14:31:47 1996 Mark Eichin <eichin@cygnus.com>
152 * dump.c (process_k5_record): t2..t9 is only 8 vars, not 9.
154 Thu Jan 25 16:07:42 1996 Sam Hartman <hartmans@tertius.mit.edu>
156 * kdb5_edit.c (extract_srvtab): Extract *all* the keys in a
157 dbentry, not the first one.
158 (extract_v4_srvtab): Attempt to find the right v4 keys.
160 Wed Jan 24 18:48:38 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU>
162 * Makefile.in: Remove spurious @DEFS@
165 Wed Dec 13 03:44:58 1995 Chris Provenzano (proven@mit.edu)
167 * dump.c, dumpv4.c, kdb5_edit.c, loadv4.c :
168 Remove mkvno from krb5_db_entry.
170 Sun Dec 10 11:07:51 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
172 * kdb5_edit.M: Document that modent exists
174 * kdb5_edit.c (modent): Add usage as suggested by jhawk@mit.edu.
176 Thu Nov 09 17:05:57 1995 Chris Provenzano (proven@mit.edu)
178 * kdb5_edit.c : Remove krb5_enctype from krb5_string_to_key() args.
180 Fri Oct 27 13:37:04 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
182 * dump.c (process_k5_record): Fix off by one in malloc.
184 Mon Oct 9 16:35:19 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
186 * kdb5_edit.c (extract_v4_srvtab): Extract a one byte version
187 number for v4 srvtabs (from warlord).
189 Thu Oct 5 10:35:35 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
191 * cpw.c: Declare std_ks_tuple as extern.
192 * kdb5_edit.h: Remove std_ks_tuple declaration as not all sources
193 include adm.h for structures
195 Tue Oct 3 23:10:57 1995 Theodore Y. Ts'o <tytso@dcl>
197 * cpw.c (enter_rnd_key, enter_pwd_key):
198 * kdb5_edit.c (kdb5_edit_Init): Use the kdc.conf file to determine
199 the default list of keysalt tuples to be used. This is
200 stored in std_ks_tuple, and is used by cpw.c for random
201 keys and when a list of keysalts is not specified.
203 Mon Sep 18 03:59:47 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
205 * kdb5_edit.c (show_principal): Show key version and last password
208 * cpw.c: Fix typo in below change in which list was terminated
209 after third entry. (extra } removed)
211 Fri Sep 15 14:21:25 1995 Theodore Y. Ts'o <tytso@dcl>
213 * cpw.c: Add DES_CBC_MD5 and DES_CBC_CRC with the V4 salt as
214 default key/salt tuples to be added. (Once proven's DES_*
215 folding code is implemented, we can shorten this list.)
216 Eventually, this list should be read in from kdc.conf.
218 Thu Sep 7 20:41:24 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
220 * loadv4.c (load_v4db): Provide a dummy routine if krb4
221 compatibility is not compiled in.
223 Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu)
225 * cpw.c, dump.c, dumpv4.c, kdb5_edit.c, loadv4.c :
226 s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g
228 Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu)
230 * cpw.c, dump.c, dumpv4.c, kdb5_edit.c, loadv4.c : Remove krb5_enctype
231 references, and replace with krb5_keytype where appropriate.
233 Fri Aug 25 17:37:33 EDT 1995 Paul Park (pjpark@mit.edu)
234 * dumpv4.c - Fix handle_keys(). It was trying to recreate work that
235 has already been done.
236 * Makefile.in, .Sanitize, loadv4.c, kdb5_ed_ct.ct - Add lddb4, the
237 command to load a v4 dump file. This is basically, kdb5_
238 convert reconstituted to fit within the framework of kdb5_edit.
240 Thu Aug 24 19:28:39 1995 Theodore Y. Ts'o <tytso@dcl>
242 * .Sanitize: Update file list
244 Mon Aug 21 16:45:39 EDT 1995 Paul Park (pjpark@mit.edu)
245 * dump.c - Completely rework this logic to support old (e.g. Beta 5
246 and previous) dump format and new dump format using the same
247 commands. This is differentiated by using the "-old" command
250 * kdb5_edit.M - Add description of -R and -s. Remove "ascii represen-
251 tation of a decimal number". Remove "Bugs".
253 Fri Aug 18 17:06:06 EDT 1995 Paul Park (pjpark@mit.edu)
255 * ss_wrapper.c - Change sense of fgets() check so scripts work.
258 Tue Aug 15 14:22:50 EDT 1995 Paul Park (pjpark@mit.edu)
260 * kdb5_edit.c, ss_wrapper.c, cpw.c, kdb5_edit.h - Add support for
261 -s scriptfile and fix up assorted gcc -Wall complaints.
264 Mon Aug 7 17:32:31 EDT 1995 Paul Park (pjpark@mit.edu)
265 * cpw.c - Use krb5_string_to_keysalts() to generate a list of unique
266 key/salt pairs supplied in argv.
269 Mon Aug 07 11:16:03 1995 Chris Provenzano (proven@mit.edu)
271 * cpw.c : Uses new kdb change password routines for ank, ark, cpw,
272 and crk. Also remove v4 variants of ank and cpw.
273 * krb5_edit.c : Deleted old variants of rotuines now in cpw.c
274 * kdb5_ed_ct.ct, kdb5_edit.M, tcl_wrapper.c:
275 Removed references to v4 variants of ank and cpw.
276 * kdb5_edit.h (enter_pwd_key()) : Removed proto, it's nolonger
277 necessary as it's a static routine in cpw.c
279 Thu Aug 03 12:13:50 1995 Chris Provenzano (proven@mit.edu)
281 * cpw.c : New change password code for kdb5_edit.
282 * dumpv4.c : Get it to compile with new kdb format.
284 Mon Jul 31 15:47:30 EDT 1995 Paul Park (pjpark@mit.edu)
285 * kdb5_edit.c - Use libkadm string conversion routines. These are
286 shared by all utilities.
287 * Makefile.in - Remove getdate.y.
288 * configure.in - Remove getdate.y dependency checks.
289 * getdate.y - Sayonara.
292 Thu Jul 27 15:01:01 EDT 1995 Paul Park (pjpark@mit.edu)
293 * configure.in - Add --with-dbm and check for already checking for dbm.
296 Thu Jul 27 02:59:05 1995 Chris Provenzano (proven@mit.edu)
298 * dump.c kdb5_edit.c kdb5_edit.h util.c : Use new kdb format.
300 Mon Jul 17 15:00:08 EDT 1995 Paul Park (pjpark@mit.edu)
301 * configure.in - Add KADM library.
302 * dumpv4.c - Change calling sequence to krb5_db_fetch_mkey().
303 * kdb5_edit.c - Change calling sequence to krb5_db_fetch_mkey() which
304 uses the stash file. Add KDC profile reading/handling as a
305 supplement to command line supplied arguments.
308 Wed Jul 12 12:01:04 EDT 1995 Paul Park (pjpark@mit.edu)
309 * configure.in - Temporarily add --with-kdb4 option. Default is without
310 kdb4. Without kdb4 enables a define. With kdb4 uses -lkdb4 and
312 * dumpv4.c - Conditionalize references to kdb4 routines with
313 KDB4_DISABLE. Replace two required routines:
314 kdb_encrypt_key -> pcbc_encrypt
315 kdb_get_master_key -> des_read_password/printf/key_sched
318 Fri Jul 7 15:38:00 EDT 1995 Paul Park (pjpark@mit.edu)
319 * Makefile.in - Remove all explicit library handling and LDFLAGS.
320 * configure.in - Add USE_<mumble> and KRB5_LIBRARIES.
323 Thu Jun 15 15:34:59 EDT 1995 Paul Park (pjpark@mit.edu)
324 * Makefile.in - Change explicit library names to -l<lib> form, and
325 change target link line to use $(LD) and associated flags.
326 Also, for K4, use KRB4_LIB and KRB4_CRYPTO_LIB, these wer
328 * configure.in - Add shared library usage check.
330 Fri Jun 9 18:14:43 1995 <tytso@rsx-11.mit.edu>
332 * configure.in: Remove standardized set of autoconf macros, which
333 are now handled by CONFIG_RULES.
335 * dumpv4.c: Change name of controlling #ifdef to be
336 KRB5_KRB4_COMPAT instead of KRB4.
338 Sun May 21 14:20:32 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
340 * dumpv4.c: Include k5-int.h before krb.h so that PROTOTYPE is not
343 Sun May 7 13:46:30 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
345 * configure.in: Add AC_HEADER_STDC to define STDC_HEADERS for
348 Mon May 1 13:36:41 1995 Theodore Y. Ts'o (tytso@dcl)
350 * kdb5_edit.c (kdb5_edit_Init): Check the return code from
353 Fri Apr 28 18:04:26 1995 Mark Eichin <eichin@cygnus.com>
355 * Makefile.in (LOCAL_LIBRARIES): put KRB4_LIB inside KLIB, and put
356 KDB4_LIB ahead of them both.
358 Thu Apr 27 13:47:23 1995 Mark Eichin <eichin@cygnus.com>
360 * Makefile.in (LOCAL_LIBRARIES): use KRB4_LIB and KDB4_LIB
362 * configure.in: just use WITH_KRB4.
364 Wed Apr 19 13:59:47 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
366 * kdb5_edit.c (kdb5_edit_Init): If a default realm is specified
367 (with -r), use krb5_set_default_realm so that created keys
368 will have the correct realm.
370 Thu Mar 23 23:28:26 1995 Theodore Y. Ts'o <tytso@dcl>
372 * kdb5_edit.c (show_principal, parse_princ_args): Add
373 "support_desmd5" flag.
375 Tue Mar 14 16:29:05 1995 <tytso@rsx-11.mit.edu>
377 * ss_wrapper.c (main): Set the return code from ss_execute_line(),
378 so that appropriate error checking is done.
380 Thu Mar 2 12:18:57 1995 Theodore Y. Ts'o <tytso@dcl>
382 * Makefile.in (ISODELIB): Remove reference to $(ISODELIB).
384 Wed Mar 1 11:53:02 1995 Theodore Y. Ts'o <tytso@dcl>
386 * configure.in: Remove ISODE_INCLUDE, replace check for -lsocket
387 and -lnsl with WITH_NETLIB check.
389 Tue Feb 28 02:06:26 1995 John Gilmore (gnu at toad.com)
391 * dump.c, dumpv4.c, kdb5_edit.c, ss_wrapper.c, tcl_wrapper.c,
392 util.c: Avoid <krb5/...> includes.
394 Thu Feb 23 19:52:35 1995 Mark Eichin (eichin@cygnus.com)
396 * kdb5_edit.c: add struct timeb and sys/timeb includes from
398 (ftime): new function, in case we don't HAVE_FTIME.
400 Tue Feb 14 17:55:47 1995 Tom Yu (tlyu@dragons-lair)
402 * kdb5_edit.c: add modent
403 * getdate.y: import get_date
404 * kdbt_ed_ct.ct: add modent
406 * Makefile.in: support for getdate.y
408 Wed Feb 8 20:08:36 1995 Tom Yu (tlyu@dragons-lair)
410 * kdb5_edit.c (show_principal): make sane and print all useful
413 Wed Jan 25 16:54:40 1995 Chris Provenzano (proven@mit.edu)
415 * Removed all narrow types and references to wide.h and narrow.h
417 Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
419 * Added krb5_context to all krb5_routines
421 Mon Dec 19 18:04:11 1994 Theodore Y. Ts'o (tytso@dcl)
425 * dumpv4.c (dump_v4db): Do the right thing if we are compiling
426 without V4 support. (The dump_v4db command is disabled.)
428 Wed Dec 7 00:07:46 1994 <tytso@rsx-11.mit.edu>
430 * dumpv4.c (v4_print_time): gmtime expects a pointer to a time_t,
431 not a long. On most systems these are the same, on
434 Wed Nov 16 01:03:42 1994 Mark Eichin (eichin@cygnus.com)
436 * dumpv4.c: new file. New command dump_v4db which creates a v4
437 slave dump out of a v5 database, leaving out any keys which aren't
438 using v4 salt, and any keys that aren't for the current
439 realm. Reencrypts using v4 master key, synthesizes arbitrary
440 master key version number.
441 * configure.in: use WITH_KRB4 for dump support.
442 * kdb5_ed_ct.ct: add new dump_v4 command.
443 * Makefile.in: link in dumpv4.
445 Fri Oct 14 23:31:49 1994 Theodore Y. Ts'o (tytso@dcl)
447 * dump.c (load_db): When scanning a database entry, read
448 fail_auth_count into a temporary integer variable, and
449 then copy that into entry.fail_auth_count, which is a
452 Fri Oct 7 00:01:40 1994 Theodore Y. Ts'o (tytso@dcl)
454 * kdb5_edit.c (kdb5_edit_Init): Don't let errors in
455 set_dbname_help initially cause the exit status to be set.
456 Commands like load_db don't need a valid database to be
459 * ss_wrapper.c (main): Clear code before ss_execute_line, since
460 ss_execute_line doesn't set code to 0 if there are no
463 * kdb5_edit.c (kdb5_edit_Init): Add a new option so that the
464 master key password can be entered on the command line ---
465 for testing only; not documented!!
467 Mon Oct 3 19:10:47 1994 Theodore Y. Ts'o (tytso@dcl)
469 * Makefile.in: Use $(srcdir) to find manual page for make install.
471 Thu Sep 29 15:52:22 1994 Theodore Y. Ts'o (tytso@dcl)
473 * dump.c (update_ok_file): Make sure mod time on the dump_ok file
474 is updated. (Some systems don't update the mod-time when
475 a file is opened for writing.)
477 * Makefile.in: Relink executable when libraries change.
479 * kdb5_edit.c (show_principal): Pass variable with correct type to
482 * tcl_wrapper.c (doquit):
485 dump.c: Exit with a non-zero exit status if there was an error
486 in a executed command.
488 Thu Sep 15 11:00:30 1994 Theodore Y. Ts'o (tytso@dcl)
490 * dump.c (load_db): Fix error string on failed fopen. ("for
491 writing" -> "for reading")