2004-12-20 Tom Yu <tlyu@mit.edu> * kerberos.c (kerberos4_status): Null-terminate the correct string. Reported by Marcin Garski. 2004-11-15 Tom Yu <tlyu@mit.edu> * auth-proto.h, auth.c: Merge Athena changes for requiring encrypted connections. 2004-06-04 Ken Raeburn <raeburn@mit.edu> * Makefile.in (LIBBASE): Renamed from LIB. 2004-03-04 Ken Raeburn <raeburn@mit.edu> * configure.in: Deleted; configure this dir from parent now. * Makefile.in (thisconfigdir, mydir): Updated. 2003-05-09 Tom Yu <tlyu@mit.edu> * kerberos5.c (kerberos5_send): Rename getlocalsubkey -> getsendsubkey. (kerberos5_is): Rename getremotesubkey -> getrecvsubkey. 2003-04-10 Tom Yu <tlyu@mit.edu> * Makefile.in: Use library build framework. * configure.in: Add support for library build framework. Remove old explicit checks for ranlib, etc. 2003-04-09 Tom Yu <tlyu@mit.edu> * kerberos.c (kerberos4_status): Always copy in username if present. Patch from Nathan Neulinger to make "-a user" work. * kerberos5.c (kerberos5_status): Always copy in username if present. Patch from Nathan Neulinger to make "-a user" work. 2003-04-01 Nalin Dahyabhai <nalin@redhat.com> * kerberos5.c (kerberos5_is): Check principal name length before examining components. 2003-01-07 Ken Raeburn <raeburn@mit.edu> * Makefile.orig: Deleted. 2002-12-12 Tom Yu <tlyu@mit.edu> * kerberos.c (kerberos4_send, kerberos4_is): Use krb_get_err_text() instead of krb_err_txt array. * strcasecmp.c: Include sys/types.h rather than sys/cdefs.h. 2002-11-15 Ezra Peisach <epeisach@bu.edu> * enc-proto.h, enc_des.c, encrypt.c: Unsigned/signed cleanups. * forward.c: Include unistd.h if present on machine. * misc-proto.h misc.c (auth_encrypt_user): Declare argument as const. * auth.c: Cast argument auth_encrypt_user. auth_gen_printsub() and auth_printsub() take unsigned int as buffer length. * auth.h, auth-proto.h, kerberos.c, kerberos5.c, spx.c: auth_gen_printsub(), auth_printsub(), kerberos4_printsub(), kerberos5_printsub(), spx_printsub() take unsigned int as length argument. * configure.in: Check for unistd.h 2002-08-29 Ken Raeburn <raeburn@mit.edu> * Makefile.in: Revert $(S)=>/ change, for Windows support. 2002-08-23 Ken Raeburn <raeburn@mit.edu> * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. 2002-04-12 Sam Hartman <hartmans@mit.edu> * kerberos5.c forward.c: Build without k5-int.h 2002-03-29 Tom Yu <tlyu@mit.edu> * kerberos.c, kerberos5.c (Data): Reindent to 8 columns. (yes, this is original BSD style) 2002-03-28 Ken Raeburn <raeburn@mit.edu> * kerberos.c: Include errno.h. 2002-03-26 Sam Hartman <hartmans@mit.edu> * kerberos.c kerberos5.c (Data): Fix indentation; fix termination condition 2002-03-14 Sam Hartman <hartmans@mit.edu> * kerberos5.c kerberos.c (Data): Don't overflow buffer. [telnet/1073] 2002-03-13 Ezra Peisach <epeisach@mit.edu> * configure.in: Do not explicitly add getent.o and setenv.o to LIBOBJS. Autoconf 2.53 labels this as an error. Move to Makefile.in. * Makefile.in (OBJS): Add getent.o and setenv.o explicity. 2001-10-09 Ken Raeburn <raeburn@mit.edu> * auth-proto.h, auth.h, enc-proto.h, enc_des.c, encrypt.c, encrypt.h, kerberos.c, key-proto.h, misc-proto.h, misc.h, setenv.c: Make prototypes unconditional. Don't define P(). 2001-07-23 Ezra Peisach <epeisach@mit.edu> * enc_des.c (fb64_start): Remove variable set but never used. 2001-07-08 Ezra Peisach <epeisach@mit.edu> * kerberos.c (Data): Third argument now const. * misc.c (printd): First argument now const. * misc-proto.h: Modify printd prototype to take const first argument. * auth.c: Cast argument to memcpy to unsigned. 2001-07-06 Ezra Peisach <epeisach@mit.edu> * configure.in: Check for need to provide setenv prototype if setenv is in the C library. * forward.c: Provide setenv prototype if needed. * auth.c (auth_name): Cast result of sizeof() to int to match printf format specification. 2001-07-05 Ezra Peisach <epeisach@mit.edu> * encrypt.c (encrypt_reply): Cast arguments to printf to match format in debugging statments. 2001-07-02 Ezra Peisach <epeisach@mit.edu> * krb5forw.h: File with prototype for rd_and_store_for_creds(). * kerberos5.c: Include krb5forw.h for rd_and_store_for_creds() prototype which is removed from this file. * forward.c: Include krb5forw.h for prototype. * setenv.c: Include misc-proto.h for setenv/unsetenv prototypes. * parsetos.c: Include misc-proto.h for parsetos prototype. * misc-proto.h: Add prototype for parsetos(), setenv(), unsetenv() as needed. * kerberos5.c: Declare kerberos5_forward() static and flush out prototype. * gettytab.h: Flush out prototypes for getent() and getstr(). * getent.c: Include gettytab.h for prototypes. * genget.c: Include misc.h for prototypes. * enc_des.c: Add prototype for fb64_printsub. * enc-proto.h: Add prototypes for encrypt_debug(), finddecryption(), EncryptAuthEnc(), EncryptAutoDec(), EncryptDebug(), EncryptVerbose(). * encrypt.c: Declare encrypt_list_types() and encrypt_keyid() static. 2001-06-22 Ezra Peisach <epeisach@mit.edu> * enc_des.c: Change local variable index to idx to not shadown global function. * kerberos5.c (kerberos5_is): Change errbuf to kerrbuf to not shadow previous local. * kerberos.c (kerberos4_send): Change random_key to rand_key to prevent redefine by des.h. Change auth to kauth to not shadow global. (kerberos4_status): Change name to kname for same reason. 2001-06-21 Ezra Peisach <epeisach@mit.edu> * forward.c: If NEED_SETENV defined, provide prototype for setenv. * configure.in: If compiling setenv.c, define NEED_SETENV. 2001-06-20 Ezra Peisach <epeisach@mit.edu> * kerberos5.c: Add prototype for rd_and_store_for_creds(). 2001-06-18 Ezra Peisach <epeisach@mit.edu> * encrypt.c (encrypt_is): Cast arguments to printf to match format. 2001-06-18 Ezra Peisach <epeisach@mit.edu> * genget.c (LOWER): Cast argument to isupper()/tolower() to int. 2001-06-07 Ezra Peisach <epeisach@mit.edu> * auth-proto.h: Add prototype for kerberos5_cleanup(). * enc-proto.h: Add prototypes for encrypt_printsub(), encrypt_request_sart(), encrypt_request_end(), encrypt_enc_keyid()m encrypt_dec_keyid(), encrypt_support(), encrypt_start(), encrypt_end(). 2001-06-06 Ezra Peisach <epeisach@mit.edu> * auth-proto.h: Add prototypes for getauthmask(), auth_enable, auth_disable(), auth_onoff(), auth_togdebug(), auth_status(), auth_name(), auth_sendname(), auth_debug(), and auth_printsub(). * auth.c: Include unistd.h and cleanup some assignments in conditionals. * auth.h: Explicitly declare auth_debug mode as an int. * enc-proto.h: Add prototypes for EncryptDisable(), EncryptType(), EncryptStart(), EncryptStartInput(), EncryptStartOutput(), EncryptStop(), EncryptStopInput(), EncryptStopOutput(), EncryptStatus(), encrypt_gen_printsub(), printsub(). * enc_des.c: Declare encrypt_debug_mode as int. Cleanup unused variables and assignments in conditionals. * encrypt.c: Include stdio.h for sprintf prototype. Cleanup assignments in conditionals. * getent.c: Conditionalize definition of some variables. * kerberos5.c: Explicitly declare auth_debug_mode an int. * misc-proto.h: Add prototype for auth_encrypt_user(). * misc.c: Include auth.h and encrypt.h for prototypes. * misc.h: Add prototypes for isprfix(), genget(), Ambiguous(). * parsetos.c: Include stdlib.h for strtol() prototype. * forward.c, kerberos.c, setenv.c: Assignment in conditional cleanup. 2001-04-03 Tom Yu <tlyu@mit.edu> * configure.in: Check for setenv, unsetenv, and getenv. Compile setenv.c if at least of these is undefined. [pullup from krb5-1-2-2-branch] * setenv.c: Add conditionals for compilation of setenv, unsetenv, and getenv such that they only get compiled if they don't already exist. [pullup from krb5-1-2-2-branch] 2000-11-01 Ezra Peisach <epeisach@mit.edu> * configure.in: Use AC_C_CONST instead of AC_CONST. 2000-05-11 Nalin Dahyabhai <nalin@redhat.com> * gettytab.c (nchktc): Don't overflow tcname if tty type name is too long * kerberos.c (kerberos4_status): Make sure "UserNameRequested" is always properly terminated. * kerberos5.c (kerberos5_is): If bad principal name is too long to fit in "errbuf", don't print it. (kerberos5_status): Make sure "UserNameRequested" is always properly terminated. * spx.c (spx_status): Ditto. 2000-04-28 Nalin Dahyabhai <nalin@redhat.com> * kerberos5.c (kerberos5_is): Don't overflow buffer "errbuf". * spx.c (spx_init, spx_send, spx_is): Don't overflow buffer "targ_printable". (spx_status): Don't overflow buffer "acl_file". 1999-10-26 Wilfredo Sanchez <tritan@mit.edu> * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, LOCAL_INCLUDES such that one can override CFLAGS from the command line without losing CPP search patchs and defines. Some associated Makefile cleanup. 1999-08-31 17:28 Jeffrey Altman <jaltman@columbia.edu> * kerberos5.c: Ensure that only "host" service tickets are accepted. Wed Feb 3 22:59:27 1999 Theodore Y. Ts'o <tytso@mit.edu> * kerberos5.c: Increase size of str_data so that we can accept mongo-gram tickets from Microsoft. [telnet/686] 1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> * Makefile.in: Set the myfulldir and mydir variables (which are relative to buildtop and thisconfigdir, respectively.) 1998-10-26 Marc Horowitz <marc@mit.edu> * enc_des.c, kerberos.c: the ECB des functions don't exist anymore, but telnet always encrypted/decrypted one block. Convert to calls to the new crypto api, with des-cbc-raw, using a single block. Tue Mar 3 14:43:30 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> * configure.in: Change test for cgetent to use HAVE_ instead of HAS_, and add a test for gettosbyname(). * getent.c: Use HAVE_CGETENT instead of HAS_CGETENT * parsetos.c: Use HAVE_GETTOSBYNAME instead of HAS_GETTOS 1998-05-06 Theodore Ts'o <tytso@rsts-11.mit.edu> * getopt.c (getopt): POSIX states that getopt returns -1 when it is done parsing options, not EOF. Wed Feb 18 15:37:20 1998 Tom Yu <tlyu@mit.edu> * Makefile.in: Remove trailing slash from thisconfigdir. Fix up BUILDTOP for new conventions. Thu Feb 12 10:23:28 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> * configure.in: Remove obsolete USE_KRB4_LIBRARY macro Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile Thu Nov 20 17:13:42 1997 Tom Yu <tlyu@mit.edu> * forward.c (rd_and_store_for_creds): Fix up to no longer do the chown [krb5-appl/502] * kerberos5.c (kerberos5_is): Fix up call to rd_and_store_for_creds. [krb5-appl/502] Tue Oct 21 10:54:22 1997 Ezra Peisach <epeisach@mit.edu> * enc_des.c: Include string.h/strings.h for memcpy prototype Thu Jul 31 14:57:05 1997 Ezra Peisach <epeisach@mit.edu> * Makefile.in (SRCS): Fix typo s/scrdir/srcdir/ Thu Feb 6 00:14:50 1997 Richard Basch <basch@lehman.com> * kerberos5.c (kerberos5_is): First argument to krb5_verify_checksum is a krb5_context!!! Thu Nov 7 15:29:09 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> * kerberos5.c (kerberos5_init): Check the error return from krb5_init_context(), and print an error message if necessary. Fri Nov 1 20:32:12 1996 Sam Hartman <hartmans@mit.edu> * parsetos.c (proto;): Add parsetos support on all platforms which support TOS[57] Thu Oct 31 18:29:08 1996 Sam Hartman <hartmans@mit.edu> * auth.h: Move constants for ticket forwarding here. * kerberos5.c : Clarify what errors come from what programs (telnetd|telnet); patch by John Hawkinson <jhawk@bbnplanet.com> [77] Mon Oct 14 00:21:08 1996 Sam Hartman <hartmans@mit.edu> * Makefile.in (OBJS): Remove rsaencpwd aned krb4encpwd stuff as well as associated read_password [50] * auth.c krb4encpwd.c Makefile.in: Remove krb4encpwd [50] While we're at it, remove rsaencpwd as well. Tue Jul 9 14:59:19 1996 Marc Horowitz <marc@mit.edu> * Makefile.in (LOCALINCLUDES): use @KRB4_INCLUDES@ instead of an explicit path to the in-tree krb4 headers Mon Jul 8 01:33:30 1996 Marc Horowitz <marc@mit.edu> * enc-proto.h (des_new_random_key, des_set_random_generator_seed, des_key_sched, des_ecb_encrypt, des_string_to_key): removed these declarations. these are kerberos/des symbols, and should not be declared here. Two of these symbols (des_key_sched and des_ecb_encrypt) conflict with CNS. Fri Jun 14 19:09:48 1996 Sam Hartman <hartmans@mit.edu> * configure.in * Makefile.in (LOCALINCLUDES): Don't include KerberosIV; use whatever is appropriate for the withval Thu May 9 00:06:41 1996 Richard Basch <basch@lehman.com> * kerberos5.c: use the default server principal name to generate the rcache filename Sat Apr 27 16:09:54 1996 Richard Basch <basch@lehman.com> * kerberos5.c: a host may have multiple names and multiple keys, so do not try to resolve the "server" principal before the rd_req Fri Apr 12 23:36:01 1996 Richard Basch <basch@lehman.com> * forward.c (rd_and_store_for_creds): Consistency with the krlogind forwarded credentials cache naming scheme - krb5cc_p<pid> Thu Apr 11 21:45:21 1996 Richard Basch <basch@lehman.com> * forward.c (rd_and_store_for_creds): If we are going to use a ttyname based credentials file, at least compute it in a saner fashion (strip the /dev/ and translate remaining /'s into _, so the cache name looks like krb5cc_pts_4 instead of krb5cc_4). * kerberos5.c (kerberos5_cleanup): Cleanup the credentials cache that we may have created and destroy the context. Mon Mar 18 20:56:37 1996 Theodore Y. Ts'o <tytso@dcl> * kerberos5.c (kerberos5_send): Send in as input the authentication type pair (ap->type, ap->way) to be checksumed in the authenticator. (kerberos5_is): If the checksum is present in the authenticator, then validate the authentication type pair against the checksum. (kerberos5_reply): If we didn't do mutual authentication, and we receive a KRB_ACCEPT, then stash away the session key anyway. This way we have a chance of doing encryption even if mutual authentication wasn't done. * encrypt.c (EncryptStartInput, EncryptStartOutput): Added conditional around printf so that these two functions can be called by the server. (encrypt_is_encrypting): New function which returns true only if both sides of the telnet stream is encrypted. Fri Mar 15 18:19:44 1996 Theodore Y. Ts'o <tytso@dcl> * auth.c: Added new authentication scheme for Krb5 mutual authentication with mandatory encryption. (auth_send, auth_send_retry): Split auth_send() so that the functionality done by auth_send_retry() is separate. This avoids a really dodgy pointer comparison which was caused by auth_send() being used for two purposes. If the client has not requested encryption, then don't use the authentication systems which require encryption. (auth_must_encrypt): New function which returns whether or not encryption must be negotiated. * auth-proto.h: Added prototype for new option auth_must_encrypt(). * Makefile.in (ENCRYPTION, DES_ENCRYPTION): Added defines to turn on encryption and des encryption. Fri Jan 26 01:05:46 1996 Sam Hartman <hartmans@tertius.mit.edu> * kerberos5.c (kerberos5_send): Get DES_CBC-CRC credentials. Tue Jan 9 22:53:58 1996 Theodore Y. Ts'o <tytso@dcl> * forward.c (get_for_creds): Removed no longer used function. * kerberos5.c (kerberos5_forward): Convert from using get_for_creds() from forward.c to using the official library routine, krb5_fwd_tgt_creds(). Misc. lint cleanups. Sun Nov 12 04:48:41 1995 Mark W. Eichin <eichin@cygnus.com> * forward.c: set KRB5_DEFAULT_LIFE to 10 hours, not 8. * forward.c (rd_and_store_for_creds): construct correct cache name for forwarded tickets (based on tty name if available) and drop it into the environment so login notices it. Mon Oct 9 23:03:48 1995 Sam Hartman <hartmans@tertius.mit.edu> * kerberos5.c: make session_key a pointer, and use krb5_copy_keyblock not krb5_copy_keyblock_contents; there was no reason to violate this abstraction. Sun Sep 24 12:33:03 1995 Sam Hartman <hartmans@tertius.mit.edu> * kerberos5.c: Initialize session key from the subsession key we get from krb5_mk_req_extended, using ticket key as a fallback. (kerberos5_send): Use appropriate enctypes when encryption defined. Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) * encrypt.h, kerberos5.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) * kerberos5.c : Remove krb5_enctype references, and replace with krb5_keytype where appropriate. Thu Aug 3 11:36:15 EDT 1995 Paul Park (pjpark@mit.edu) * kerberos.c - Give the compiler something to compile when K4 disabled. Tue Jun 27 16:16:18 EDT 1995 Paul Park (pjpark@mit.edu) * enc_des.c, encrypt.c, krb4encpwd.c, read_password.c, rsaencpwd.c, spx.c - Give the compiler something to compile when these modules are essentially disabled. Some compilers choke when there's nothing to compile. * setenv.c - Change prototype for __findenv to be static since it's really static. Tue Jun 20 13:59:43 1995 Tom Yu (tlyu@dragons-lair) * configure.in: fix typo * strrchr.c: NO_STRING_H -> HAVE_STRING_H * strftime.c: NO_STRING_H -> HAVE_STRING_H * strerror.c: NO_STRING_H -> HAVE_STRING_H * strdup.c: NO_STRING_H -> HAVE_STRING_H * strchr.c: NO_STRING_H -> HAVE_STRING_H * strcasecmp.c: NO_STRING_H -> HAVE_STRING_H * spx.c: NO_STRING_H -> HAVE_STRING_H * rsaencpwd: NO_STRING_H -> HAVE_STRING_H * read_password.c: NO_STRING_H -> HAVE_STRING_H * mem.c: NO_STRING_H -> HAVE_STRING_H * krb4encpwd.c: NO_STRING_H -> HAVE_STRING_H * kerberos5.c: NO_STRING_H -> HAVE_STRING_H * kerberos.c: NO_STRING_H -> HAVE_STRING_H * encrypt.c: NO_STRING_H -> HAVE_STRING_H * auth.c: NO_STRING_H -> HAVE_STRING_H for consistency * configure.in: added missing tests for string.h, stdlib.h Sat Jun 10 22:59:42 1995 Tom Yu (tlyu@dragons-lair) * forward.c, kerberos5.c: krb5_auth_context redefinitions Fri Jun 9 18:30:02 1995 <tytso@rsx-11.mit.edu> * configure.in: Remove standardized set of autoconf macros, which are now handled by CONFIG_RULES. Wed May 24 10:29:54 1995 Ezra Peisach <epeisach@mit.edu> * kerberos5.c: Include string.h/strings.h. Include stdlib.h or declare malloc. Sun May 7 18:45:09 1995 Ezra Peisach <epeisach@mit.edu> * kerberos5.c (kerberos5_send): Fix improperly closed comment krb5_get_credentials second argument is not kdc_options.... * configure.in (LIBOBJS): Removed duplicate WITH_KRB4 Fri Apr 28 11:17:16 1995 Mark Eichin <eichin@cygnus.com> * configure.in: switch to WITH_KRB4 since it suffices in this case. Thu Apr 27 17:08:16 1995 Mark Eichin <eichin@cygnus.com> * configure.in: use AC_CONST since we need it for v4. Thu Apr 27 15:52:19 1995 Chris Provenzano (proven@mit.edu) * kerberos5.c (kerberos_is()) : Initialize keytabid to NULL. Thu Apr 27 14:48:38 1995 Mark Eichin <eichin@cygnus.com> * Makefile.in (LOCALINCLUDES): find kerberosIV headers. Wed Apr 26 19:52:52 1995 Mark Eichin <eichin@cygnus.com> * kerberos5.c (kerberos5_is): use kt_resolve to get keytab, to correspond to current interface to rd_req. Tue Apr 25 21:23:28 1995 Chris Provenzano (proven@mit.edu) * forward.c (rd_and_store_for_creds()) : Rewritten to use auth_context and the new krb5_rd_creds(). * forward.c (get_for_creds()) : New function replacing krb5_get_for_creds() and uses auth_context and new krb5_mk_creds() routine. * kerberos5.c (kerberos5_send()): Set initial flags on auth_context to KRB5_AUTH_CONTEXT_RET_TIME, and use new rd_and_store_for_creds() routine. * kerberos5.c (kerberos5_forward()): Use the new get_for_creds(). Sat Apr 22 00:50:14 1995 Theodore Y. Ts'o (tytso@dcl) * kerberos5.c (kerberos5_init): Only call krb5_init_context if the telnet context hasn't been initialized yet. Thu Apr 20 20:12:32 1995 Mark Eichin <eichin@cygnus.com> Changes for testsuite from Ian Taylor <ian@cygnus.com> * kerberos5.c (telnet_srvtab): New global variable. (telnet_krb5_realm): New global variable. (kerberos5_send): If telnet_krb5_realm is set, copy it into creds.server. Pass new_creds to krb5_mk_req_extended, not &creds. Pass &new_creds->keyblock to krb5_copy_keyblock_contents, not new_creds. (kerberos5_is): pass telnet_srvtab in to krb_rd_req. (kerberos5_forward): If telnet_krb5_realm is set, copy it into local_creds->server. Wed Mar 29 15:08:43 1995 Theodore Y. Ts'o (tytso@dcl) * kerberos5.c: No need to have the session_key established for mutual authentication to work. (That's only done if ENCRYPTION is defined.) * auth.c (authenticators): Allow mutual authentication even if the ENCRYPTION option is not turned on. Mon Mar 27 07:56:26 1995 Chris Provenzano (proven@mit.edu) * kerberos5.c (kerberos5_is()): Use new calling convention for krb5_rd_req(), and krb5_mk_rep(). Fri Mar 24 23:51:18 1995 Theodore Y. Ts'o <tytso@dcl> * kerberos5.c (kerberos5_send): Initialize auth_context to zero before calling mk_req. Fri Mar 10 11:09:34 1995 Chris Provenzano (proven@mit.edu) * kerberos5.c: Use new calling convention for krb5_mk_req_extended(). Tue Mar 7 19:52:00 1995 Mark Eichin <eichin@cygnus.com> * configure.in: take out ISODE_DEFS, ISODE_INCLUDE. Tue Feb 28 01:48:32 1995 John Gilmore (gnu at toad.com) * forward.c, kerberos5.c: Avoid <krb5/...> includes. Tue Feb 14 15:30:55 1995 Chris Provenzano (proven@mit.edu) * kerberos5.c (kerberos5_send(), kerberos5_forward()) Call krb5_get_credentials() and krb5_mk_req_extended() with new calling convention. Thu Feb 2 02:56:50 1995 John Gilmore <gnu@cygnus.com> * forward.c: Remove unused #include <krb5/crc-32.h>. * kerberos5.c (kerberos5_send): Remove code for sending a checksum of a zero-byte string; we can just send no checksum at all. This eliminates dependency on <krb5/crc-32.h>. (kerberos5_forward): Remove extra parameter to krb5_get_for_creds, probably accidentally inserted during context changes -- which don't seem to be here in the ChangeLog. * kerberos.c: Remove prototypes for krb4 functions, since some of them are wrong with CNS (u_long vs. KRB_INT32 conflicts). Fri Nov 18 15:19:26 1994 Theodore Y. Ts'o (tytso@dcl) * kerberos5.c (kerberos5_init): Initialize magic variable and encryption type. Fri Nov 18 00:37:13 1994 Mark Eichin <eichin@cygnus.com> * configure.in: use WITH_KRB4. (from epeisach) Mon Nov 14 16:27:29 1994 Theodore Y. Ts'o (tytso@dcl) * kerberos.c (kerberos4_is): Initialize random number generator on the server side so that the encryption routines later on can use it. * kerberos.c (kerberos4_send): Fix bug in how we pick the challenge for the challenge/response mutual authentication. Fri Nov 11 00:55:36 1994 Theodore Y. Ts'o (tytso@dcl) * forward.c (mk_cred, rd_cred): Move these routines to libkrb.a. Tue Nov 8 01:39:50 1994 Theodore Y. Ts'o (tytso@dcl) * kerberos.c (kerberos4_is): Fix bug in logic of incrementing the received challenge. A ++/-- mixup means there's a 1 in 256 chance the server will get it wrong. * kerberos.c: Use des_init_random_number_genator(), since that will result in different subsession keys on successive runs of telnet. Mon Nov 7 22:36:20 1994 Theodore Y. Ts'o (tytso@dcl) * auth.c (auth_status): Only print each possible authentication type once in the status report. * auth.c (auth_onoff): Remove excess call to getauthmask() which stomped the mask field. Only print each possible authentication type once in the help message. * auth.c (getauthmask): Fix reversed sense of strcasecmp comparison. * auth.c (auth_enable, auth_disable): Change the input type to be a char *, which is what auth_onoff wants anyway. Mon Aug 8 22:16:54 1994 Theodore Y. Ts'o (tytso at tsx-11) * kerberos5.c (kerberos5_send): Whoops, mispelled krb5_copy_keyblock_contents(). (It was inside #ifdef ENCRYPTION) Thu Aug 4 03:36:29 1994 Tom Yu (tlyu@dragons-lair) * Makefile.in: add blank target for install Tue Jul 26 18:21:29 1994 Tom Yu (tlyu@dragons-lair) * Makefile.in: whoops left out some $(srcdir) stuff Mon Jul 25 01:05:31 1994 Tom Yu (tlyu@dragons-lair) * Makefile.in: remove reference to lorder (linux doesn't have lorder, it seems) Fri Jul 15 23:36:50 1994 Theodore Y. Ts'o (tytso at tsx-11) * kerberos5.c (kerberos5_is): Avoid coredump caused by freeing of an unitialized variable. Also make sure we don't try to free name if it is NULL.