aboutsummaryrefslogtreecommitdiff
path: root/src/kdc/ChangeLog
diff options
context:
space:
mode:
Diffstat (limited to 'src/kdc/ChangeLog')
-rw-r--r--src/kdc/ChangeLog138
1 files changed, 138 insertions, 0 deletions
diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog
index d0bbda2..537c94a 100644
--- a/src/kdc/ChangeLog
+++ b/src/kdc/ChangeLog
@@ -1,3 +1,141 @@
+2002-11-03 Tom Yu <tlyu@mit.edu>
+
+ * do_as_req.c (process_as_req): Fix previous patch; it caused an
+ uninitialized pointer to be dereferenced under certain error
+ conditions.
+ [pullup from trunk]
+
+2002-10-30 Sam Hartman <hartmans@mit.edu>
+
+ * kdc_util.c (add_to_transited): Don't include trailing null in
+ transited encoding length; doing so breaks using codee
+ [pullup from trunk]
+
+2002-10-30 Tom Yu <tlyu@mit.edu>
+
+ * do_as_req.c (process_as_req): Apply fix from Kevin Coffman to
+ avoid leaking padata.
+ [pullup from trunk]
+
+2002-08-15 Tom Yu <tlyu@mit.edu>
+
+ * kerberos_v4.c: For consistency, check for both DISALLOW_ALL_TIX
+ and DISALLOW_SVR when looking up services.
+ [pullup from trunk]
+
+2002-08-12 Sam Hartman <hartmans@mit.edu>
+
+ * kdc_preauth.c (get_etype_info): We get KRB5_KDB_NO_MATCHING_KEY
+ not ENOENT; per 5.27 of kdb_xdr.c.
+ [pullup from trunk]
+
+2001-10-29 Ken Raeburn <raeburn@mit.edu>
+
+ * network.c: Don't cause net/if.h to be included multiple times.
+
+2001-10-25 Tom Yu <tlyu@mit.edu>
+
+ * do_as_req.c (process_as_req: Treat SUPPORT_DESMD5 as if it were
+ always cleared.
+
+ * do_tgs_req.c (process_tgs_req): Treat SUPPORT_DESMD5 as if it
+ were always cleared.
+
+2001-10-24 Tom Yu <tlyu@mit.edu>
+
+ * kdc_util.c (select_session_keytype): Don't issue session key
+ enctype that is not in permitted_enctypes.
+ (dbentry_supports_enctype): For now, always treat SUPPORT_DESMD5
+ as if it were cleared.
+
+2001-10-12 Tom Yu <tlyu@mit.edu>
+
+ * kdc_util.c (ktypes2str): New function; construct a string
+ containing a list of enctypes, given a number and list of
+ enctypes.
+ (rep_etypes2str): New function; construct a string indicating all
+ three enctypes associated with a KDC reply.
+ [pullup 5.99->5.101 from trunk]
+
+ * kdc_util.h: Add prototypes for ktypes2str() and
+ rep_etypes2str().
+ [pullup 5.46->5.47 from trunk]
+
+ * do_as_req.c (process_as_req): Call ktypes2str() and
+ rep_etypes2str() as appropriate.
+ [pullup 5.80->5.81 from trunk]
+
+ * do_tgs_req.c (process_tgs_req): Call ktypes2str() and
+ rep_etypes2str() as appropriate.
+ [pullup 5.77->5.78 from trunk]
+
+2001-10-11 Ezra Peisach <epeisach@kangaroo.mit.edu>
+
+ * do_as_req.c: If KRBCONF_KDC_MODIFIES_KDB defined, produce code
+ that compiles and works.
+ [pullup 5.78->5.79 from trunk]
+
+2001-10-05 Ken Raeburn <raeburn@mit.edu>
+
+ * do_tgs_req.c (process_tgs_req): Fix logging of bad transit path
+ info.
+
+2001-09-25 Ken Raeburn <raeburn@mit.edu>
+
+ * do_tgs_req.c (process_tgs_req): If disable-transited-check
+ option isn't set, try to verify transit path. If
+ reject_bad_transit flag is set and transit path isn't verified,
+ reject the request. Use a temporary variable to simplify
+ references to the second ticket.
+ * extern.h (struct __kdc_realm_data): Add new field
+ realm_reject_bad_transit.
+ (find_realm_data): Declare.
+ (reject_bad_transit): New macro.
+ * main.c (find_realm_data): Delete declaration.
+ (init_realm): Copy reject-bad-transit value or use default.
+ * rtest.c (find_realm_data): Define dummy version.
+
+2001-02-02 Ken Raeburn <raeburn@mit.edu>
+
+ * network.c (foreach_localaddr): Sync with lib/krb5/os/localaddr.c
+ version.
+
+2000-05-17 Tom Yu <tlyu@mit.edu>
+
+ * kerberos_v4.c (process_v4): Zero out v4_pkt.mbz.
+ (kerberos_v4): Fix handling of APPL_REQUEST messages to deal with
+ ridiculously long realms, etc. Fix up some calls to
+ kerb_err_reply() to be more useful. Set req_*_ptr before any
+ possible calls to kerb_err_reply().
+
+2000-05-11 Nalin Dahyabhai <nalin@redhat.com>
+
+ * kdc_util.c (add_to_transited): Use strncpy/strncat when building
+ data in buffers so as not to overrun "prev", "current", and "exp".
+ * kerberos_v4.c (process_v4): Don't assume that the realm is null-
+ terminated.
+ (set_tgtkey): Truncate realm name if it's too long.
+
+2000-04-28 Ken Raeburn <raeburn@mit.edu>
+ Nalin Dahyabhai <nalin@redhat.com>
+
+ * kdc_util.c (add_to_transited): Use strncpy/strncat when building
+ data in buffers. Fix some limit checks.
+ * kerberos_v4.c (kerb_err_reply): Use strncat so as not to overrun
+ error buffer.
+
+2000-04-22 Ken Raeburn <raeburn@mit.edu>
+
+ * network.c: Include stddef.h.
+ (foreach_localaddr): Check each address against previously used
+ addresses, and skip duplicates, in case multiple interfaces have
+ the same address.
+
+2000-04-21 Ken Raeburn <raeburn@mit.edu>
+
+ * network.c (foreach_localaddr): If called functions fail, drop
+ out of loop and return nonzero.
+
2000-03-14 Ken Raeburn <raeburn@mit.edu>
* sock2p.c: New file.
generated by cgit v1.1 at 2024-08-15 06:05:10 +0000