* [1415] Subsession key negotiation has been fixed to allow for
server-selected subsession keys in the future.
-* [1418, 1429, 1446, 1484, 1486, 1487, 1535] The AES cryptosystem has
- been implemented. It is not usable for GSSAPI, though.
+* [1418, 1429, 1446, 1484, 1486, 1487, 1535, 1621] The AES
+ cryptosystem has been implemented. It is not usable for GSSAPI,
+ though.
* [1491] The client-side functionality of the krb524 library has been
moved into the krb5 library.
* [971] option parsing bugs rendered irrelevant by removal of unused
gss mechanism.
+* [976] make install mentioned in build documentation.
+
* [986] Related to [677], problems with the ordering of LDFLAGS
initialization rendered irrelevant by use of native autoconf
idioms.
* [1066] printf() argument mismatches in rpc unit tests fixed.
+* [1085] The krb5.conf manpage has been re-synchronized with other
+ documentation.
+
* [1102] gssapi_generic.h should now work with C++.
* [1136] Some documentation for the setup of cross-realm
* [1357] krb__get_srvtab_name() no longer leaks memory.
+* [1370] GSS_C_NO_CREDENTIAL now accepts any principal in the keytab.
+
* [1373] Handling of SAM preauth no longer attempts to stuff a size_t
into an unsigned int.
uninitialized memory reference in kg_unseal_v1(). Thanks to Kent
Wu.
+* [1607] kerberos-iv SRV records are now documented.
+
* [1610] Fixed AES credential delegation under GSSAPI.
+* [1618] ms2mit no longer inserts local addresses into tickets
+ converted from the MS ccache if they began as addressless tickets.
+
+* [1619] etype_info parser (once again) accepts extra field emitted by
+ Heimdal.
+
--[ DELETE BEFORE RELEASE ---changes to unreleased code, etc.--- ]--
* [1054] KRB-CRED messages for RC4 are encrypted now.
* [1569] A debug statement has been removed from krb524init.
+* [1592] Document possible file rename lossage when building against
+ system libdb.
+
* [1594] Darwin gets an explicit dependency of err_txt.o on
krb_err.c.
* [1596] Calling conventions, etc. tweaked for KfW build of
krb524.dll.
+* [1600] Minor tweaks to README to improve notes on IPv6, etc.
+
* [1605] Fixed a leak of subkeys in krb5_rd_rep().
+* [1630] krb5_get_in_tkt_with_keytab() works now; previously borken by
+ reimplementation in terms of krb5_get_init_creds().
+
Copyright Notice and Legal Administrivia
----------------------------------------