Changes by ticket ID
--------------------
+194 a stash file is not a keytab
+914 keytab add without randomizing key
+1201 replay cache can produce false positive indications
+2836 feature request: compile/link time warnings for deprecated
+ functions
+2939 unified CCAPI implementation
+3496 krb524d should log success as well as failure
+3497 problems with corrupt (truncated) ccaches
+3499 race in replay cache file ownership
+3737 plugins support requires a Windows equivalent to opendir and
+ friends
+3929 support lazy launching of ccapi server
+3930 CCAPI server must be able to distinguish context handles from
+ other server instances
+3931 CCAPI context and ccache change times must be stored by the client
+3932 CCAPI should use a cc_handle not implemented as a pointer
+3933 CCAPI client library reconnection support
+3934 Implement CCAPI blocking calls
+3935 CCAPI implement locking
+3936 krb5_ccache functions should use the ccapi version 3 interface
+5411 MEMORY keytab
+5425 nonce needs to be random
+5427 buffer overflow in krb5_kt_get_name
+5428 MEMORY keytab leaks
+5429 MEMORY keytab should use krb5_copy_keyblock
+5430 MEMORY keytab's get_entry should set enctypes and kvnos
+5431 krb5_kt_get_type should return const char *.
+5432 krb5_kt_default_name should take an unsized length
+5440 sendto_kdc() not signal safe, doesn't respond well to
+ staggered TCP responses.
+5481 manual test of commit handler
+5517 use IP(V6)_PKTINFO in KDC for UDP sockets
+5545 uninitialized salt length when reading some keys
+5560 threads on Solaris 10
+5561 close-on-exec flags
+5565 krb5kdc.M is confused about keytype
+5567 don't check for readability resolving SRVTAB: keytab
+5568 Move CCAPI sources to krb5 repository
+5569 Fixed bugs introduced while moving to krb5 repository
+5570 Only use __attribute__ on GNUC compilers
+5574 Add advisory locking to CCAPI
+5575 don't include time.h in CredentialsCache.h if it's not needed
+5578 test commit handler
+5580 provide asprintf functionality for internal use
+5589 krb5 trunk no longer builds on Windows - vsnprintf
+ implementation required
+5590 gss krb5 mech enhanced error messages
+5593 kadmind crash on Debian AMD64
+5594 Work on compiling CCAPI test suite on Windows
+5595 Problems with kpasswd and an IPv6 enviroment
+5598 ccs_pipe_t needs copy and release functions
+5599 Added new autogenerated file to generate-files-mac target
+5600 provide more useful error message when running kpropd on
+ command line
+5635 need more dylib_file specs for darwin
+5641 kadm5_setkey_principal_3 fix
+5642 Remove unused, unlocalizable error strings
+5643 Alignment fix
+5649 t_ser should no longer use kdb libraries
+5654 remap mechanism-specific status codes in mechglue/spnego
+5655 authorization-data plugin support in KDC
+5657 (Mac-specific) PROG_LIBPATH build fix
+5667 listprincs *z is broken
+5670 Add documentation for CCAPI
+5671 cleanup src/lib/gssapi/krb5/error_map.h on Windows
+5672 no unistd.h on Windows
+5699 test program build problem
+5754 cci_array_move should work when the source and dest positions are equal
+5760 stdint.h should only be accessed if HAVE_STDINT_H defined
+5771 cc_ccache_set_principal always returns error 227
+5776 profile library memory leaks introduced when malloc returns 0
+5786 Update Release Documentation for KFW 3.2.2
+5804 cc_initalize(ccapi_version_2) should return CC_BAD_API_VERSION
+ not CC_NOT_SUPP
+5805 Add documentation for error codes used for flow control.
+5806 Removed NOP line of code from krb5_fcc_next_cred()
+5807 can't store delegated krb5 creds when using spnego
+5813 cc_ccache_store_credentials should return ccErrBadCredentialsVersion
+5814 cci_array_move not returning correct new position
+5815 ccs_lock_status_grant_lock granting wrong lock
+5822 fixed mispelling in kadmin error message
+5828 Include time.h for time()
+5835 Kerberos with apple leopard
+5863 [no subject]
+5864 improve debugging of ticket verification in ksu
+5867 krb-priv sequence numbers don't match up in retransmitted requests
+5872 Add ccs_pipe_compare
+5884 Need CCAPI v2 support for Windows
+5885 Remove AppleConnect workaround
+5894 krb5int_arcfour_string_to_key does not support utf-8 strings
+5899 Compiling krb5-1.6.3 on FreeBSD 7.0-RELEASE
+5900 ccs_ccache_reset should check all arguments for NULL
+5901 CCAPI v2 support crash when client or server strings are NULL
+5902 cci_cred_union_compare_to_credentials_union doesn't work for v5 creds
+5903 Fix pointer cast in cc_seq_fetch_NCs_end
+5904 cc_set_principal should return error on bad cred version
+5905 cc_remove_cred should only remove one cred
+5906 Fixed error code remapping
+5907 Removed tests for check_cc_context_get_version
+5908 Remove C warnings from CCAPI tests
+5909 Add CCAPI v2 tests
+5911 removed unused header file inclusion CoreFoundation.h
+5912 Invalid assignment while trying to set input to NULL
+5915 cc_ccache_iterator_release, cc_credentials_iterator_release
+ leak server memory
+5920 CCacheServer should track client iterators
+5923 Protect CFBundle calls with mutexes
+5925 Windows socket(...) returns SOCKET, not file handle
+5926 Added prototype to test function to remove warning.
+5943 db creation creates a kadmin/hostname princ but doesn't fix case
+5947 krb5_walk_realm_tree broken substring logic
+5948 error in filebase+suffix list generation in plugin code
+5949 Don't leak memory when multiple arguments are NULL
+5954 ksu fails without domain_realm mapping for local host
+5960 Move KIM implementation to the krb5 repository
+5962 unchecked calls to k5_mutex_lock() interact poorly with finalizers
+5963 Profile library should not call rw_access earlier than needed
+5964 Re: Fwd: [modauthkerb] [SOLVED] 'Request is a replay' + Basic auth
+5966 signed vs unsigned char * warnings in kdb_xdr.c
+5967 No prototype when building kdb5_util without krb4 support
+5969 Add header for kill() in USE_PASSWORD_SERVER case
+5982 cci_credentials_iterator_release using wrong message ID
+5989 Add new launchd flags to CCacheServer plist file
+5990 kadm5_setkey_principal_3 not copying key_data_ver and key_data_kvno
+5993 Masterkey Keytab Stash
+5999 fix ktutil listing with timestamp
+6000 misc uninitialized-storage accesses
+6001 Big endian stash file support
+6002 krb5_rc_io_creat should use mkstemp
+6005 krb5_get_error_message returns const char *
+6009 kdc does not compile with glibc 2.8
+6010 krb5int_gic_opte_copy should copy elements individually
+6011 Add EnableTransactions launchd option to CCacheServer
+6012 Add EnableTransactions launchd option to KerberosAgent
+6013 Stop building Kerberos.app as part of KfM.
+6015 gss_export_lucid_sec_context support for SPNEGO
+6016 SPNEGO workaround for SAMBA mech OID quirks
+6017 KDC virtual address support
+6019 Add signal to force KDC to check for changed interfaces
+6024 Don't use "ccache" in error string printed to user
+6025 Add macro so we don't print deprecated warnings while building KfM
+6026 CCacheServer crashes iterating over creds which have been destroyed
+6029 kadmind leaks error strings on failures
+6031 krb needs better realm lookup logic
+6032 test commit handler change
+6044 Add Apple Inc. to copyright lists.
+6052 Return extended krb5 error strings
+6055 KIM API
+6066 turn off thread-support debugging code
+6070 update DES code copyright notices
+6074 Use a valid UTF8 password for randkey password
+6075 Open log file for appending only, not also reading
+6076 Don't build PKINIT ASN.1 support code if not building PKINIT plugin
+6077 krb5_fcc_resolve file locking error on malloc failuer
+6080 mac port of kim should not depend on kipc
+6081 Conditionalize building of CCAPI ccache type on USE_CCAPI
+6083 profile write code should only quote empty strings
+6087 Notify clients on ccache deletion
+6088 Add support to send CFNotifications on ccache and cache
+ collection changes
+6090 k5_mutex_destroy calls pthread_mutex_destroy with mutex locked
+6091 lean client changes
+6093 KIM should not provide keytab functions when building lite framework
+6094 CCAPI is leaking mach ports
+6101 compile-time flag to disable iprop
+6103 fix resource leak in USE_PASSWORD_SERVER code
+6111 CCAPI should only use one pthread key
+6120 increase rpc timeout
+6121 dead code in lib/rpc/clnt_udp.c
+6131 Removed argument from kipc_client_lookup_server
+6133 C90 compliance
+6138 Switch KfM back to error tables
+6140 CCAPI should use common ipc and stream code
+6142 KerberosAgent dialogs jump around the screen
+6143 KerberosAgent: Enter Identity text field shouldn't be clear
+ automatically
+6144 KerberosAgent: ignore user interaction while busy
+6145 KerberosAgent attach associated dialogs to Select Identity dialog
+6146 Client name passed by KIM is incorrect
+6147 KerberosAgent Use Defaults button doesn't work
+6151 Don't touch keychain if home directory access is disabled
+6153 Add KLL error table
+6154 Hinge building KLL shim off KIM_TO_KLL_SHIM, not LEAN_CLIENT
+6155 KLLastChangedTime should return current time, not 0
+6156 KLL shim layer does not correctly handle options
+6157 KIM should remember options and identity if prefs indicate
+6158 KerberosAgent should handle multiple clients simultaneously
+6159 KerberosAgent should handle zoom button better
+6160 KLL should use __attribute ((deprecated))
+6162 kim_options_copy should allow in_options to be KIM_OPTIONS_DEFAULT
+6163 Crash in kim_credential_create_from_keytab
+6164 KL APIs which take a NULL principal return klParameterErr
+6165 kim_options_create sometimes returns KIM_OPTIONS_DEFAULT
+6166 preferences should handle KIM_OPTIONS_DEFAULT
+6168 prefs should not create empty dictionary for KIM_OPTIONS_DEFAULT
+6169 Missing keys in KerberosAgent Info.plist
+6170 change password should always reprompt on error
+6171 allow kim ui plugins to have any name
+6172 kim_ui_plugin_fini sends pointer to context instead of context.
+6175 always zero out authentication strings
+6176 Test KIM plugin
+6179 kim_os_string_create_localized leaks CFStringRef
+6181 Free error message returned by krb5_get_error_message
+6182 kim test suite reports error messages incorrectly
+6183 KerberosAgent enter identity dialog should use default
+6184 handle stash file names with missing keytab type spec and colon in path
+6185 Merge KerberosIPC into k5_mig support
+6186 Move GUI/CLI detection from KerberosIPC into KIM
+6187 use KIM_BUILTIN_UI instead of LEAN_CLIENT for builtin UI
+6189 remove unused variable in kim_ui_cli_ask_change_password
+6190 Use a context to store error table info
+6192 Treat unreadable terminal as user cancelled so regression tests work
+6193 Remap some of the more confusing krb5 errors
+6194 Double free and leak in kim_os_library_get_application_path
+6195 Added back KLL test programs
+6197 KLCreatePrincipalFromTriplet should work with empty instance
+6198 KerberosAgent continues to ignore mouse events after error
+6199 don't include "WRFILE:" in call to mktemp
+6201 small leak in KDC authdata plugins
+6202 kadmind leaks extended error strings
+6211 pam_sam leaking outer krb5_data created by encode_krb5_sam_response
+6214 krb5_change_set_password not freeing chpw_rep contents
+6216 Free data in tests so leaks checking is easier
+6217 kim_preferences should free old identity before overwriting
+6218 kim_ccache_iterator_next leaks principal
+6219 kim_os_library_get_caller_name leaks file path
+6220 kim_identity_change_password_with_credential leaks krb5_creds
+6221 KerberosAgent should clear generic auth prompt
+6222 KerberosAgent enter dialog should add entered identities to favorites
+6224 KerberosAgent 'no selection' placeholder in ticket options
+6225 Remove ipc message sent on cc_context_release
+6226 KIM should only display error dialogs if it has displayed UI already
+6227 Apple LW_net_trans.patch make KDC rescan network after 30 seconds
+6231 Apple split build support
+6247 Apple patch: null out pointer in string_to_key after free
+6248 Apple patch: destroy Mach ports on unload
+6250 Use CFStringGetCStringPtr when possible
+6251 Add test for kim_identity_create_from_components
+6252 krb5_build_principal_va does not allocate krb5_principal
+6254 krb5_build_principal_ext walks off beginning of array
+6255 partial rewrite of the ASN.1 encoders
+6256 localize format strings, not final error string
+6260 KerberosAgent hangs changing pw for passwordless identities
+6261 Remove saved password if it fails to get tickets
+6262 Only prompt automatically from GUI apps
+6264 Avoid duplicate identical dialogs in KIM
+6265 KerberosAgent bindings causing crashes
+6266 BIND_8_COMPAT no longer needed in Leopard
+6267 Add _with_password credential acquisition functions to KIM API
+6274 Crypto IOV API per Projects/AEAD encryption API
+6282 krb5kdc deref uninit memory on the stack on unknown principal (pk-init)
+6285 Provide SPI to switch the mach port lookup for kipc
+6286 Allow kerberos configuration files fail with EPERM
+6289 replay cache is insecurely handled
+6290 KIM: Pushing authentication login window do application
+6291 Using referrals fills the the credentials cache more entries
+ of the same name
+6294 lib/gssapi/krb5/init_sec_context.c: don't leak on mutex_lock failure
+6295 Memory leak in KIM identity object
+6297 "make check" fails due to krb5_cc_new_unique() on 64-bit
+ Solaris SPARC under Sun Studio
+6302 kadmind mem leaks [rdar 6358917]
+6303 Remove krb4 support
+6308 Alignment problem in resolver test
+6309 update ldap plugin Makefile for krb4 removal
+6315 move generated dependencies out of Makefile.in
+6316 KIM GC problem on 64-bit
+6335 test failures in password changing
+6336 enctype negotiation - etype list
+6337 kadmin should force non-forwardable tickets
+6339 Fwd: krb5_sendauth vs NAGLE vs DelayedAck
+6342 hash db2 code breaks if st_blksize > 64k
+6351 gss_header|trailerlen should be unsigned int
+6352 return correct kvno in TGS case
+6354 Master Key Migration Project
+
Copyright and Other Legal Notices
---------------------------------
projects / krb5.git / commitdiff