1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-21 11:13:30 +00:00
freebsd/crypto/kerberosIV/ChangeLog
Mark Murray 03656ac1b0 Initial import of KTH eBones. This has been cleaned up to only include
the "core" Kerberos functionality. The rest of the userland will get their
own changes later.
1997-09-04 06:04:33 +00:00

3762 lines
99 KiB
Plaintext
Raw Blame History

Tue Jun 3 1997
* Release 0.9.6
* appl/kx/rxtelnet.in, appl/kx/rxterm.in: new argument '-w
term_emulator' for specifiying which terminal emulator to use.
Based on a patch from <arve@nada.kth.se>.
Mon Jun 2 1997
* appl/xnlock/Makefile.in, appl/kx/Makefile.in,
lib/auth/Makefile.in: fix the Makefile to do the for loops the
automake way.
Sun Jun 1 1997
* appl/xnlock/Makefile.in, appl/kx/Makefile.in: do install
correctly even if there are no programs to install
* configure.in: Check for `h_nerr'.
* lib/auth/pam/pam.c: Include <security/pam_appl.h> to make it
compile on Solaris 2.6
lib/sl/sl.c, lib/krb/realm_parse.c, appl/ftp/ftpd/popen.c,
appl/ftp/ftpd/ftpd.c, appl/bsd/login_fbtab.c,
appl/bsd/login_access.c: Initialize the `lasts' to NULL before
calling strtok_r the first time. With our strtok_r it's not
necessary, but the man-page on SGIs says it should be done.
Fri May 30 1997
* lib/krb/mk_req.c (krb_mk_req, get_ad_tkt): Support for
multi-realm ticket files by using the best matching TGT to define
the realm of the ticket holder.
* appl/bsd/utmpx_login.c (utmpx_update): Set `ut_id' if we're
using utmpx
* appl/telnet/telnetd/sys_term.c (start_login): Set `ut_id' if
we're using utmpx
Wed May 28 1997
* lib/roken/daemon.c: New file.
* include/protos.H: <sys/types.h> needed on solaris 2.4
Mon May 26 1997
* appl/bsd/su.c (kerberos): If kerberos password is zero length
immediately try next scheme.
* lib/kafs/afskrb.c (k_afsklog_uid): Token lifetime should be even
if we don't know the proper ViceId.
* Release 0.9.5
* man/Makefile.in: Install preformatted manual pages with correct
suffix on *BSD.
Sun May 25 1997
* appl/kpopper/popper.h: Remove XTND, and XTND XMIT. Rename XTND
XOVER to XOVER.
* appl/telnet/telnetd/sys_term.c: Only include <utmp.h> and
<utmpx.h> once
* fix-export: Also create cat manpages.
* appl/ftp/ftpd/logwtmp.c: Check for `_PATH_WTMP'
* appl/telnet/telnetd/sys_term.c: Ditto.
Remove stupid macros.
* appl/ftp/ftp/cmds.c (setpeer): Check for `__unix'. This is
(apparently) a standard with many representations.
* appl/ftp/ftpd/ftpcmd.y (SYST): Ditto.
* appl/ftp/ftpd/ftpd.c (retrieve): file must exist to apply a
command to it.
* appl/ftp/ftpd/ftpd.c (retrieve): Generalise list of commands and
basename argument.
* appl/ftp/ftpd/popen.c (ftpd_popen): Try standard binary if the
one in ~ftp fails.
* appl/telnet/telnetd/sys_term.c: Use `_getpty' if there's one
* appl/bsd/forkpty.c: Use `_getpty' if there's one
* configure.in: check for `_getpty'
* acconfig.h: correct test for IRIX
* lib/roken/snprintf.c: code for checking the correct functioning
of *nprintf is now #ifdef PARANOIA
* appl/bsd/rlogind.c: fix logging in wtmp and parsing of winsize
* appl/bsd/rlogin.c: New option `-p'.
* lib/des/fcrypt.c: removed `inline' from `des_set_key'
Thu May 22 1997
* lib/des/md5.c (MD5Final): Made signature compliant with FreeBSD.
* lib/des/md5.h: Remove digest from MD5_CTX, it is now an argument
to MD5Final instead.
* lib/des/fcrypt.c: Also support MD5 style crypt(2).
Tue May 20 1997
* appl/telnet/telnetd/sys_term.c: utmp stuff now seems to be
compatible with login
* appl/ftp/ftpd/logwtmp.c: Add support for logging to wtmpx
* (*/)*/Makefile.in:s (install): Avoid redundant multiple
recursion in install targets.
* Made things compile with socks5-v1.0r1.
* appl/telnet/telnetd/sys_term.c: changed utmp-stuff not to use
ut_id at all
* appl/bsd/utmpx_login.c: handle case where there's no wtmpx (such
as HP-UX 10)
* appl/bsd/rlogind.c: Added support for utmpx
Sun May 18 1997
* lib/roken: removed herror, strchr, and strrchr
* lib/krb/dest_tkt.c(dest_tkt): Only use `lstat' iff HAVE_LSTAT
* lib/krb: snprintf, strdup, strtok_r, and strcasecmp always live
in lib/roken and get linked here when needed.
* lib/roken: removed strchr, strrchr.
* appl/telnet/telnet/telnet.c: Always use our own `setupterm' for
compatibility reasons.
* appl/telnet/telnetd/telnetd.c: Removed <curses.h> and <term.h>.
They doesn't seem to be used and breaks on fujitsu.
* appl/kx/kx.c: try to give a better error message (than a core
dump :-) when talking to an old kxd.
* appl/kx/kxd.c, appl/kip/kipd.c, appl/kauth/kauthd.c: corrected
fencepost error with KRB_SENDAUTH_VLEN.
* appl/ftp/common/buffer.c: new file.
* configure.in: cray hides their bitypes in <bind/bitypes.h>.
Also check for this file.
* appl/telnet/telnet/telnet_locl.h: moved termios.h before
curses.h. This was needed to compile on cray, but will probably
break on some other host.
Thu May 15 1997
* server/kerberos.c: Implement changes to the tcp protocol, while
being compatible with the old protocol.
* lib/krb/send_to_kdc.c: The old method to signal end of
transmission by closing the sending side of the socket does not
work well through some firewalls. This is now changed so that the
client instead sends the length of the request as a four byte
integer (in network byte order) before sending the data.
Wed May 14 1997
* appl/telnet/telnetd/sys_term.c: HAVE_UTMPX -> HAVE_UTMPX_H. Fix
for OSF1.
* appl/bsd/utmp_login.c: UTMPX_DOES_UTMP_LOGGING -> HAVE_UTMPX_H
* appl/bsd/sysv_environ.c: Use k_concat rather than snprintf.
Tue May 13 1997
* kuser/klist.c: updated usage string
* lib/otp/otp_print.c: make word table and reverse word table
constant
Sun May 11 1997
* */*: Added some __attribute__ ((format (printf))) and fixes
where needed.
* appl/ftp/common/sockbuf.c: start probing at 4Mb
* appl/ftp/ftpd/ftpd.c: use MAP_FAILED
* appl/ftp/ftp/ftp.c: Use MAP_FAILED.
(alloc_buffer): new function for allocating a buffer of size
max(BUFSIZ, st.st_blksize) (Based on a patch from
<haba@pdc.kth.se>)
* appl/ftpd/ftpdcmd.y: hack for reget.
* appl/kx/kxd.c: Give a error message to old-version kx.
* replaced vsprintf with vsnprintf.
* lib/roken/vsyslog.c: not used. removed.
* Changed <sys/bitypes.h> -> <ktypes.h>
* include/Makefile.in: Added ktypes.h
* include/sys/Makefile.in: removed bitypes.h
Wed May 7 1997
* appl/ftp/ftp/ftp.c: Open files in binary mode.
* appl/ftp/ftpd/ftpd.c (checkaccess): Changed to make absent file
mean `allow'. Added shell matching to names (if fnmatch is
available).
* appl/ftp/ftpd/kauth.c (kauth): Use `DEFAULT_TKT_LIFE'
* appl/ftp/ftpd/ftpcmd.y, appl/ftp/ftpd/ftpd.c: always cast to
(long) before printing out an `off_t'
* lib/kdb/print_princ.c (krb_print_principal),
lib/kdb/krb_lib.c (kerb_put_principal),
admin/kdb_edit.c (change_principal),
admin/kdb_util.c (print_time) : gmtime should never return
tm_year > 1900
* appl/ftp/ftpd/ftpcmd.y: Year 2000 fix
* appl/telnet/telnetd/telnetd.c: removed code that used `getent'
* lib/roken/getent.c: removed
Mon May 5 1997
* appl/ftp/ftpd/ftpd.c: fix for mmap and restart_point
* kadmin/ksrvutil_get.c (ksrvutil_get): get correct default realm
Sun May 4 1997
* configure.in (REAL_PICFLAGS): Use `-fPIC' instead of `-fpic',
otherwise it's not possible to make libotp on hpux.
* configure.in: try sending picflags even when linking a shared
library with $CC
* lib/roken/getent.c: remove getstr
* configure.in: removed unneeded REAL_-variables working shared
libraries on *bsd*
* appl/kip/kip.h: Added <net/if_var.h>
* */Makefile.in: Use @LDSHARED@
* configure.in: Fix shared libraries on HP/UX.
check for curses.h
check for `getstr' and `cgetstr' in curses
* appl/telnet/telnet: clean-up
* lib/kafs/afssys.c: ifdef-out the code that is not used to avoid
referencing `syscall' on AIX.
* lib/krb/et_list.c: s/WEAK_PRAGMA/PRAGMA_WEAK/
* aclocal.m4 (AC_HAVE_PRAGMA_WEAK): redirect output
* lib/roken/snprintf.c: fix for the case of max_sz == 0
* doc/kth-krb.texi: Add @dircategory and @direntry to enable
`install-info' to install this entry in `dir'.
* appl/telnet/telnetd/Makefile.in: Don't link with getstr
* lib/auth/sia/krb4_matrix.conf: Fix entries for ses_release and
chk_user.
Sat May 3 1997
* lib/auth/sia/sia.c: Some cleanup.
Fri May 2 1997
* configure.in: only link the programs that need it with the
db/dbm library
* lib/auth/sia/sia.c: Merge code for for normal and su
authentication.
* Replaced sprintf with snprintf and asprintf all over the place.
* lib/roken/snprintf.c: Added asnprintf and vasnprintf
* lib/roken/snprintf.c: implemented asprintf, vasprintf
* lib/roken/snprintf.c: new file
Thu May 1 1997
* lib/kafs/afskrb.c (k_afsklog_all_local_cells): Use `k_concat'
Wed Apr 30 1997
* lib/krb/{get_host,get_krbrlm,getrealm,realm_parse}.c: Fix some
potential buffer overruns.
* lib/krb/k_concat.c: Safely concatenate two strings.
Sat Apr 26 1997
* appl/telnet/libtelnet/kerberos.c: removed stupid #if 0
* appl/bsd/rlogind.c (send_oob): different default for `last_oob'
to avoid losing first OOB packet
Fri Apr 25 1997
* appl/voodoo/AuthOption.cpp: provoke the telnetd in turning on
encryption
Wed Apr 23 1997
* lib/kafs/afskrb.c (realm_of_cell): don't overflow buffer with
result from `gethostbyaddr'
* lib/krb/name2name.c (krb_name_to_name): new parameter
`phost_size' to disable buffer overflowing. Changed all callers.
* lib/krb/k_getsockinst.c: New parameter `inst_size' to disable
buffer overflowing. Changed all callers.
* appl/kpopper/Makefile.in: soriasis make stupidity
* appl/kx/Makefile.in: don't include encdata.c in SOURCES_COMMON,
otherwise DEC make gets upset.
Tue Apr 22 1997
* lib/krb/k_getsockinst.c: Use same name as in krb_get_phost.
* acconfig.h: hp-ux 10 also has `pututxline' that writes both to
utmp and utmpx.
Sun Apr 20 1997
* include/win32/config.h: adapted to win95/NT
* appl/voodoo: Merged in win32-telnet from <d93-jka@nada.kth.se>
* lib/krb/tkt_string.c: dummy `getuid' function.
* lib/krb/ticket_memory.c (tf_setup): implement
* lib/roken/roken.mak, roken.def: new files
* lib/des/des.def: Removed des_random_{seed,key}
* lib/krb/dllmain.c: Rewrote `msg'.
Better explanation when it fails to spawn `krbmanager'.
* lib/krb/tf_util.c: backwards `in_tkt' added.
* lib/krb/in_tkt.c: removed
* lib/kclient/KClient: Reformatted and fixed.
Sat Apr 19 1997
* appl/ftp/ftpd/ftpd.c: Incorporate /etc/ftpusers changes from
NetBSD.
* appl/ftp/ftpd/ftpd.c: Handle oob-stuff better.
Fri Apr 18 1997
* appl/kpopper/pop_{dropinfo,send,updt}.c: Fix 'From ' line
parsing bug.
* appl/kpopper/pop_dropinfo.c: Add support for xover.
* appl/kpopper/pop_xover.c: Add some kind of xover support.
* appl/kpopper/pop_debug.c: New tiny popper debugging program.
Tue Apr 15 1997
* lib/krb/kdc_reply.c (kdc_reply_cred): fix sanity checks.
* appl/bsd/rshd.c: k_afsklog so that remote command gets a token.
fix usage string.
Sat Apr 12 1997
* appl/bsd/rcp.c (main): Rcp implements encrypted file transfer
without using the kshell service.
* lib/krb/mk_safe.c: Emit new checksum.
* lib/krb/rd_safe.c: New code to handle both new and old
checksums.
* lib/des/qud_cksm.c: Fix compatibility with mit deslib.
Fri Apr 11 1997
* lib/sl/sl.c (sl_match): initialize `partial_cmd'
Sun Apr 6 1997
* lib/kafs/kafs.h: Ugly addition of `_P'
* lib/kafs/afssys.c: <sys/socket.h> contains the definition of
`_IOW' on cygwin32.
* appl/telnet/telnet/utilities.c: <sys/socket.h> needed by
cygwin32
* doc/Makefile.in: always run $(MAKEINFO).
* lib/otp/otp_md.c (sha_finito_little_endian): byte-swap
correctly.
* include/sys/bitypes.H: Added #ifndef for types
* configure.in: test for types
* aclocal.m4: Stolen AC_GROK_TYPES? from heimdal
* appl/ftp/ftp/ftp.c: Fix passive mode.
Sat Apr 5 1997
* appl/kauth/ksrvtgt.in: New ksrvtgt script.
Fri Apr 4 1997
* lib/krb/kdc_reply.c: Add some range checking.
* lib/otp/otptest.c: Updated tests from `draft-ietf-otp-01.txt'.
Passes verification examples from appendix C.
* admin/kdb_util.c: All usage strings are now consistent (and even
with the code)!
Thu Apr 3 1997
* lib/kafs/afssys.c (k_pioctl): Separate syscall functionality and
kerberos convenience routines into afssys.c and afskrb.c. This to
make it possible to use k_pioctl() without linking in all
libraries in the world.
Tue Apr 1 1997
* appl/telnet/telnet/commands.c: Rename suspend to telnetsuspend,
since Unicos has one of its own.
Sun Mar 30 1997
* appl/bsd/{rsh,rlogin}.c: Don't look at argv[0].
* man/tenletxr.1: new file
* appl/kx/rxtelnet.in, appl/kx/rxterm.in, appl/kx/tenletxr.in:
Support `-k'
* appl/kx/tenletxr.in: new script for running kx in backwards
mode.
* appl/kx: New version of protocol.
* appl/kauth: Use err & c:o
* appl/kauth/encdata.c (read_encrypted): Give better return code
for EOF
* appl/ftp/ftp/krb4.c: Use stdout rather than stderr. Add newlines
to many strings.
* kuser/kdestroy.c: Use set_progname, make -q equal to -f, remove
bell.
* lib/roken/warnerr.c: New function set_progname.
* aclocal.m4: Invert test of AC_NEED_DECLARATION and rename it to
AC_CHECK_DECLARATION. Add new function AC_CHECK_VAR, that looks
for a variable, including a declaration.
* lib/roken/roken.h: Add optional declaration for __progname.
* lib/roken/*{err,warn}.c: Restructure err and warn functions.
Sat Mar 29 1997
* appl/telnet/telnet/sys_bsd.c: Maybe-fix for HP-UX 10: Ifdef
SO_OOBINLINE, don't even select for exceptional conditions.
* lib/otp/otp_md.c: always downcase the seed.
byte-swap the SHA result.
Thu Mar 27 1997
* appl/otp/otp.c: removed bad free of global data
Sun Mar 23 1997
* configure.in: moved version.h and config.h to include
* acconfig.h: Fix utmp/utmpx stuff on OSF/1.
* appl/bsd/rlogind.c (control): Rewritten to handle the case of
there being no `ws_xpixel' and `ws_ypixel'
* appl/bsd/rlogin.c (sendwindow): Rewritten to handle the case of
there being no `ws_xpixel' and `ws_ypixel'
* aclocal.m4 (AC_KRB_STRUCT_WINSIZE): Also test for `ws_xpixel'
and `ws_ypixel'
* lib/otp/otp.h: Change default global timeout
* lib/krb/tf_util.c (tf_setup): Also take `pname' and `pinst'
* appl/telnet/telnetd/sys_term.c, appl/bsd/utmpx_login.c: Do
gettimeofday and then copy the data for the sake of those systems
like SGI that can have different timevals in file and memory.
* configure.in: Allow `--with-readline'
* lib/editline/edit_compat.c (readline): strdup data before
returning it.
* appl/telnet/telnetd/state.c: Change size of subbuffer to 2k.
Thu Mar 20 1997
* lib/krb/decomp_ticket.c: Add some range checking.
* appl/ftp/ftpd/krb4.c: Check return value from krb_net_write.
* appl/ftp/ftp/ftp.c: Fix hash mark printing.
Wed Mar 19 1997
* appl/kauth/kauthd.c: more logging
* man/kx.1, man/kxd.8: Updated.
* appl/kx/kx.c, kxd.c: Hacked so that all TCP-connections are kx
-> kxd
* lib/editline/edit_compat.c: BSD libedit comatibility.
Wed Mar 12 1997
* appl/ftp/ftpd/ftpd.c: Set `byte_count' even when using mmap.
Log foreign IP address together with hostname.
Mon Mar 10 1997
* server/kerberos.c: Fix log file muddle.
Sun Mar 9 1997
* appl/bsd/kcmd.c (kcmd): check malloc for failure.
Tue Feb 25 1997
* man/ftpd.8: Documented the `-g' option.
* appl/ftp/ftpd/ftpd.c: New option `-g umask' for specifying the
umask for anonymous users.
* appl/ftp/ftpd/ftpd.c: conditionalize SIGURG
* appl/otp/otp.c: More fixes from Fabien COELHO
<coelho@cri.ensmp.fr>. Check for current OTP before allowing the
update.
Wed Feb 19 1997
* appl/otp/otp.c: updated help string
* appl/bsd/Makefile.in: Fixed installation of suid programs.
* appl/telnet/libtelnet/kerberos.c: fix some stuff to get
forwarding code to compile
* lib/otp/otp_db.c: fix for signed char overflow.
* lib/krb/resolve.c: Patch from J<>rgen Wahlsten
<wahlsten@pathfinder.com>: Zero out resource record, and send
correct length to dn_expand.
Mon Feb 17 1997
* lib/roken/roken.h: Check for `_setsid'
* appl/ftp/ftp/ftp.c: s/__CYGWIN32__/HAVE_H_ERRNO/
* include/Makefile.in: Generete krb_err.h and kadm_err.h before
linking/copying them
* aclocal.m4: AC_FIND_FUNC: Add the library at the beginning of
the list.
* configure.in: Use AC_PROG_RANLIB
Always use EMXOMF under OS/2
Check for sys/termio.h and _setsid
* configure.in: A preliminary fix for editline.
* appl/telnet/libtelnet/kerberos.c: Include ticket forwarding
stuff.
* lib/krb/krb_get_in_tkt.c: Use tf_setup.
* lib/krb/krb_get_in_tkt.c: New function tf_setup.
Sat Feb 15 1997
* man/otp.1: updated
* appl/otp/otp.c: New options `-d' and `-r'. From Fabien COELHO
<coelho@cri.ensmp.fr>
* lib/otp/otp.h: Changed default from md4 to md5
* lib/otp/otp_db.c (otp_get, otp_simple_get): New functions.
Thu Feb 13 1997
* appl/kx/rxtelnet.in: allow specification of port number
* appl/otp/otp.c: Add `-u' option
Sun Feb 9 1997
* appl/ftp/common/glob.c: Rename FOO -> CHAR_FOO to avoid
collision with symbol in sys/ioctl.h
Fri Feb 7 1997
* man/kpropd.8: updated
* appl/bsd/rcmd_util.c: warning needs to know what program is
used.
* slave/kpropd.c: New explicit flag `-i' for interactive. Don't
use AI to figure out if we have been started by inetd or not.
Thu Feb 6 1997
* appl/kx/rxtelnet.in, appl/kx/rxterm.in: Patch for sending -l to
kx. From <map@stacken.kth.se>
* kuser/klist.c: corrected alignment of `expired'
* appl/telnet/telnet/commands.c: replaced lots of \n by \r\n
Mon Feb 3 1997
* configure.in (socket, gethostbyname, getsockopt, setsockopt):
Better tests.
(HAVE_H_ERRNO): New test
* lib/roken/herror.c (herror): Check HAVE_H_ERRNO
lots of other files as well.
Sat Feb 1 1997
* appl/bsd/rcp.c: Work around the non-working getpw* in cygwin32
* lib/krb/logging.c: Init function for `std_log<6F>
* appl/telnet/telnet/utilities.c: Remove `upcase<73>
Check HAVE_SETSOCKOPT
* appl/telnet/telnet/telnet.c: Use `strupr<70> instead of `upcase<73>
* appl/telnet/telnet/commands.c, appl/movemail/pop.c,
appl/kauth/rkinit.c, appl/ftp/ftp/ftp.c,
appl/sample/sample_client.c: Ifdef around for the non-existence of
`h_errno' in cygwin32.
* lib/des/read_pwd.c: work-around for cygwin32
* appl/telnet/telnet/sys_bsd.c: work-around for cygwin32
Fri Jan 31 1997
* lib/krb/tf_util.c: gnu-win32 needs to open files with O_BINARY.
Sun Jan 26 1997
* configure.in: removed duplicate of initgroups and lstat
Use AC_KRB_STRUCT_WINSIZE
* aclocal.m4 (AC_KRB_STRUCT_WINSIZE): New test
* lib/krb/getaddrs.c: Check for SIOCGIFFLAGS and SIOCGIFADDR
* appl/bsd/rlogin.c: conditional on SIGWINCH
* appl/bsd/rcmd_util.c et al: conditional getsockopt
* configure.in (cygwin32): New target
(getsockopt, getsockopt): Test for
(herror, hstrerror): Better tests
* aclocal.m4 (AC_FIND_IF_NOT_BROKEN): Pass arguments to
AC_FIND_FUNC
Thu Jan 23 1997
* configure.in: Add EXECSUFFIX
* appl/kx/rxterm.in: rsh -n
* lib/krb/unparse_name.c (krb_unparse_name_long_r): new function
* lib/auth/sia/sia.c: Fix a bug with ticket filename. Add afs
support.
* lib/krb/get_host.c: Use KRB_SERVICE.
Wed Jan 22 1997
* lib/auth/sia/Makefile.in: Add linker magic fix for broken,
conflicting kerberos code in xdm.
Tue Jan 21 1997
* appl/xnlock/xnlock.c (verify): Change the "LOGOUT" password to
be manageable as X-resource XNlock*logoutPasswd. The password is
stored in UNIX crypt format so that it can be stored in a global
resource file for sites that whish to keep it a secret.
* configure.in: Check for winsize in sys/ioctl.h also.
Sat Jan 18 1997
* lib/krb/get_default_principal.c: Use principal from
KRB4PRINCIPAL before using uid.
Wed Jan 15 1997
* appl/telnet/telnet/sys_bsd.c: Use `get_window_size'
* lib/roken/get_window_size.c: New file
* appl/bsd/rlogin.c: Use `get_window_size'
* appl/bsd/forkpty.c, appl/bsd/rlogind.c: conditionalize on
TIOCSWINSZ
* configure.in: Check for `_scrsize' and `struct winsize'
Tue Jan 14 1997
* Makefile.in (install-strip, travelkit-strip): New targets.
Thu Jan 9 1997
* */Makefile.in: Use @foo_prefix@ and @program_transform_name@
Add code to uninstall target
Thu Dec 19 1996
* configure.in: Set LIBPREFIX
* config.sub: Add os2 as a system
* config.guess: Try to recognize i386-pc-os2_emx
* configure.in: case for *-*-os2_emx
NEED_PROTO for `strtok_r'
* aclocal.m4: ranlib is apparently calld EMXOMF on OS/2
(AC_KRB_PROG_LN_S): New test that uses cp if ln fails
Wed Dec 18 1996
* appl/bsd/login.c (main): First try to verify password using
standard UNIX method and if it fails try kerberos authentication.
Sat Dec 14 1996
* appl/bsd/rcp.c: consider case of no fchmod
* appl/kpopper/pop_init.c: Use k_getsockinst.
* lib/roken/{strupr,strlwr,strchr,strrchr,lstat,initgroups,chown,
fchown,rcmd}.c: new files
* appl/kpopper/pop_lower.c: Removed.
* Makefile.in (travelkit): New target.
Tue Dec 10 1996
* lib/krb/parse_name.c (kname_parse): Only copy realm if it is
specified.
* lib/krb/get_host.c (krb_get_host): Treat no realm as local
realm.
Mon Dec 9 1996
* appl/ftp/ftpd/ftpd.c: Get afs-tokens when logging in with
password.
* slave/kprop.c: flock with K_LOCK_SH
Wed Dec 4 1996
* appl/telnet/telnet/commands.c: Also export XAUTHORITY
Sun Dec 1 1996
* kadmin/ksrvutil.c: If realm is not specified, use the local one.
Sat Nov 30 1996
* appl/kauth/kauthd.c: Use KAUTH_VERSION. Try to give correct
error messages back to kauth.
* config.sub, config.guess: Merged in changes from autoconf 2.12
* appl/bsd/rsh.c: quick hack to make `-n' to the right thing.
* kadmin/kadm_locl.h: Add prototype for FascistCheck.
Thu Nov 28 1996
* man/afslog.1: Documented `-createuser'
* appl/afsutil/aklog.c: removed `cell_of_file' Added option
`-createuser' to run pts to create a foreign principal.
Tue Nov 26 1996
* lib/otp/otp_challenge.c: Initialize error string and check for
NULL from strdup.
* lib/roken/mini_inetd.c: Initialize `sin_family'
* appl/kpopper/pop_init.c: Add `-p' option and make `-a'
auth-style
* appl/bsd/rshd.c: Add `-p' option.
* appl/bsd/rlogind.c: Handle `-p' correctly.
* appl/bsd/login.c: Removed confusing initialization of
`login_timeout'
* appl/kpopper/pop_dropinfo.c: Remove white-space at the beginning
of UIDL-string.
Sun Nov 24 1996
* Release 0.9.3
Sat Nov 23 1996
* kadmin/ksrvutil_get.c: Use `krb_unparse_name_long' Better
defaults.
* lib/krb/krb.h: Added *_to_key
* lib/krb/get_svc_in_tkt.c (srvtab_to_key): Make public
* kadmin/kadmin.c (do_init): `-p' is a synonym for `-u'
(do_init): more logical defaults
(help): removed old code
better error messages
* lib/krb/get_in_tkt.c (passwd_to_key, passwd_to_afskey): Export
and remove functionality for reading passwords.
* lib/sl/sl.c: Nicer help output.
* lib/otp/otp_challenge.c: Initialize `challengep'
* lib/krb/Makefile.in: Removed get_pw_tkt.c
Fri Nov 22 1996
* lib/auth/sia/sia.c: Now compiles under Digital UNIX 4.0.
Wed Nov 20 1996
* lib/auth/pam/pam.c: Chown ticketfile to correct GID.
Tue Nov 19 1996
* appl/kx/rxtelnet.in: Try to set the screen number as well.
* Be careful not to thrust `h_length' from gethostby{name,addr}
* appl/bsd/rcmd_util.c (ip_options_and_die): New function.
* configure.in: moved headers before functions.
call AC_PATH_XTRA_XTRA.
Add strchr, index, rindex, and strrchr to AC_CHECK_FUNCS.
remove strchr and strrchr, add strtok_r from/to AC_BROKEN.
* aclocal.m4 (AC_PATH_XTRA_XTRA): New macro.
* aclocal.m4 (AC_FIND_FUNC, AC_FIND_FUNC_NO_LIBS): Two new
arguments: includes and arguments)
* configure.in: Need to supply arguments and includes to test for
`res_search' and `dn_expand'
* lib/kafs/afssys.c (k_setpag): Handle AFS_SYSCALL3
* Use `k_getpw{nam,uid}' instead of getpw{nam,uid}.
* Replace lots of `strtok' with `strtok_r'.
* lib/sl/sl.c: Allow unlimited number of arguments. Use
`strtok_r' to divide up string into arguments.
* lib/roken/roken.h: Added `strtok_r'
* configure.in: Test for `strtok_r'
* include/Makefile.in: Don't build in ss
* Makefile.export: Fixed ChangeLog-generation
* lib/sl/sl.c: Let `readline' to the \n-removal. Handle empty
lines. Don't store empty lines in the history.
Mon Nov 18 1996
* lib/sl/sl.c: Use readline compatible i/o.
* lib/otp/otp_locl.h: Changed location of otp database to /etc
* appl/otp/Makefile.in: Install otp setuid root.
* util/Makefile.in: don't build SS
* lib/sl: New directory.
* kadmin/kadmin.c: Replaced SS by SL.
Sun Nov 17 1996
* kadmin/kadm_funcs.c: Improved log messages.
* Use KRB_TICKET_GRANTING_TICKET.
* server/kerberos.c: Don't do any special logging when running as
slave.
* Lots of files: remove unnecessary `(void)'
* Lots of files: remove unnecessary `register' declaration.
* lib/krb/get_host.c: Only keep list of hosts from requested
realm.
* man/otpprint.1, otp.1: New files.
* appl/otp/otp.c: `-s' is now default.
* appl/otp/otp.c: removed count
* lib/des/destest.c: more general quad_cksum test.
* lib/otp/otp_print.c (otp_print_stddict_extended,
otp_print_hex_extended): New functions.
* lib/otp/otptest.c: New file.
* appl/ftp/ftpd/ftpd.c: Change default auth level to what was
formerly known as `user'.
* appl/ftp/ftpd/ftpd.c: Orthogonalize arguments to -a
* appl/kip/kip.c: Try all addresses we get back from the name
server.
* kadmin/kpasswd.c: updated to new functions.
* lib/otp/otp_db.c (otp_db_open): Do a few retries. Unlock in
case this file cannot be opened.
* doc/kth-krb.texi: New chapter about OTPs.
* appl/otp/otpprint.c, appl/otp/otp.c: Use OTP_ALG_DEFAULT.
Consistent language Check return value from des_read_pw_string.
* lib/otp/otp.h: Add OTP_ALG_DEFAULT
* lib/krb/parse_name.c: New function krb_parse_name
Sat Nov 16 1996
* appl/bsd/login.c: removed S/Key.
Added OTP with option `-a otp'
Reorganized verification loop.
* appl/bsd/Makefile.in (login): Remove skey and add OTP
* configure.in: Test for `uid_t' and `off_t'
* appl/telnet/telnetd/telnetd.c: Removed `-s' for securID and
added `-a otp' for OTP.
* appl/kpopper: removed s/key and added OTP support. Updated
man-page.
* lib/otp/otp.h: more fields in the struct and a new function.
* appl/ftp/ftpd/ftpd.c: Full OTP support.
* appl/kx/rxterm.in: Add options: -l username, -r args_to_rsh, and
-x args_to_xterm
* appl/kx/rxtelnet.in: Add options: -l username, -t
args_to_telnet, and -x args_to_xterm
* man/kx.cat1: regenerated
* man/kx.1: Added `-l' option.
* appl/kx/kxd.c: Accept username from `kx'
* appl/kx/kx.c: Introduced option `-l user' to be able to login as
some other user.
Fri Nov 15 1996
* appl/kx/kx.c: Print out display and not display_nr
* lib/auth/Makefile.in: Fix the case with empty SUBDIRS.
* */Makefile.in: Use $(LN_S) instead of ln -s
* */Makefile.in: Add @SET_MAKE@
* doc/latin1.tex: New file.
* doc/kth-krb.texi: Use latin1.tex to be able to use one letter
that some bear seem to think is important.
* doc/kth-krb.texi: Added acknowledgements.
* lib/auth/Makefile.in: Only build relevant subdirectories.
* configure.in: Set @LIB_AUTH_SUBDIRS@ to the subdirectories of
lib/auth that should be built.
* lib/kafs/afssys.c: Only get tokens for each cell once.
Thu Nov 14 1996
* man: Added man pages for movemail(1) and kerberos(8).
* kadmin/kadmin_cmds.ct: Add `add' for add_new_key and `passwd'
for change_password.
* lib/krb/logging.c: Now actually compiles!
* config.{guess,sub}: Merge changes from Autoconf
* lib/krb/{recv,send}auth.c: Don't return errno if there is a
system error.
Wed Nov 13 1996
* util/ss/Makefile.in: Now even compiles with BSD make!
* appl/kx: Now send the complete display from `kxd' to `kx'. This
should enable it to work better with Xlibraries that don't support
unix sockets.
* kuser/klist.c: conditionally include <sys/ioctl.h> and
<sys/ioccom.h> before <kafs.h>
* lib/krb/resolve.h: Add fallback for `T_TXT'.
* appl/otp/otp.c: removed print-functionality.
* appl/otp/otpprint.c: New file.
* appl/otp/Makefile.in: New program `otpprint'
* lots of Makefile.in: Now should be possible to build with makes
that have broken VPATH-handling.
* configure.in: Always replace REAL_SHARED & c:o so that some
libraries may be built as shared.
Removed unused AC_SUBST.
Only build afskauthlib on irix.
* lib/auth/afskauthlib/Makefile.in, lib/auth/sia/Makefile.in,
lib/auth/pam/Makefile.in: Always build as a shared library.
* appl/kx/rxtelnet.in, appl/kx/rxterm.in: export PATH (from
<jas@pdc.kth.se>).
* lib/krb/{pkt_cipher,fgetst}.c: Removed
* lib/krb/name2name.c: Renamed k_name_to_name to krb_name_to_name
Mon Nov 11 1996
* appl/telnet/telnetd/sys_term.c: Really remove bad stuff from
environment.
Fri Nov 8 1996
* appl/bsd/rlogind.c (main): `portnum' should be int.
* appl/bsd/sysv_environ.c: Use _PATH_ETC_ENVIRONMENT
* appl/bsd/pathnames.h: _PATH_ETC_ENVIRONMENT: new
* lib/krb/get_host.c (srv_find_realm): New parameter `service'
* lib/krb/unparse_name.c: New function.
Tue Nov 5 1996
* lib/auth/pam/pam.c: Add PAM Kerberos module.
Mon Nov 4 1996
* configure.in: configure in lib/auth/afskauthlib
* lib/kafs/afssys.c: New function `k_afsklog_uid'.
* lib/auth/afskauthlib: New library that works like
`afskauthlib.so' from Transarc.
*lib/krb/get_host.c, lib/krb/getrealm.c, lib/kafs/afssys.c: Use
dns_lookup().
* lib/krb/resolve.c (dns_lookup): Replaced several different
resolver functions with one more generalized.
Sun Nov 3 1996
* Add check target in lib/krb.
* appl/bsd/login.c (main): Sleep 10 seconds before bailing out so
that there is a chance of reading the error message.
* appl/bsd/rsh.c (main): When invoked as rlogin equivalent change
to real uid before execing rlogin.
Sat Nov 2 1996
* appl/bsd/utmp_login.c: Do the right thing on systems where
UTMPX_DOES_UTMP_LOGGING is defined.
* lib/krb/krb.h: names for `krb_kuserok' prototype
* lib/krb/get_host.c: Add tcp/kerberos.REALM as well.
* appl/bsd/su.c: Replace call to `kuserok' by `krb_kuserok'.
* lib/otp/otp_parse.c: Add support for parsing extended responses
(draft-ietf-otp-ext-01).
* lib/otp/otp.h: Define OTP_HEXPREFIX and OTP_WORDPREFIX.
* appl/otp/otp.c: Add option `-e' for printing responses in
extended mode (according to draft-ietf-otp-ext-01.txt).
* lib/krb/kuserok.c: Function krb_kuserok now takes name,
instance, realm rather than an AUTH_DAT.
Fri Nov 1 1996
* lib/auth/sia: Add SIA Kerberos module.
* lib/roken/roken.h: Need to include signal.h prior to defining
SIG_ERR.
* appl/bsd/utmpx_login.c (utmpx_update): Minor restructuring for
simplified maintainability.
* appl/bsd/utmp_login.c (utmp_login): Even when there are utmpx
files on this system we should also log to the utmp files. If
there are no utmp files we of course don't have to log to them.
* Makefile.export: now generate PROBLEMS and COPYRIGHT as well.
* PROBLEMS, COPYRIGHT, doc/kth-krb.info: removed
* doc/kth-krb.texi: Put copyrights in marketing order.
* appl/kpopper/popper.h: client and ipaddr should be char [] so
that we can store the names there.
* appl/kpopper/pop_init.c: save copies of addresses that otherwise
get overwritten.
Mon Oct 28 1996
* lib/krb/send_to_kdc.c (send_recv_it): Use `recv' not `recvfrom'
to make winsock happy. Also don't care anymore about from which
address we got the answer since we do a `connect'.
* admin/adm_locl.h, lib/kdb/kdb_locl.h, kadmin/kadm_locl.h,
lib/krb/krb_locl.h, lib/roken/strftime.c, server/kerberos.c: Do
not use #if, use #ifdef.
* configure.in: Test for `rand' and `getuid'
* slave/kprop.c: Don't terminate on trivial errors in slaves-file.
Sun Oct 27 1996
* doc/Makefile.in: Install from source directory if necessary.
* lib/krb/kuserok.c: Do not use `k_getpwnam' in libkrb.
* configure.in: You can't even use `unset', Ultrix sh does not
have it.
* several files: Check status from des_read_pw_string.
* server/kerberos.c: Make sure all data is recieved on a tcp
socket before trying to reply.
* lib/krb/krb.h: Add <time.h> for `struct tm'
* appl/kx/Makefile.in: Both kx and kxd requires @XauWriteAuth@
* configure.in: Fix test for `XauReadAuth'
Fri Oct 25 1996
* lib/krb/get_host.c (init_hosts): Must ntohs(KRB_PORT) on
machines running backwards.
* More consistent use of CRLF in telnet and telnetd.
* Removed redundant -I$(srcsdir)/../../include from compiler args.
* appl/ftp/ftpd/ftpd.c: New option `-a otp' to allow OTPs but no
ordinary passwords in cleartext.
* appl/ftp/ftpd/Makefile.in: Link `ftpd' with -lotp
* lib/Makefile.in: Add otp
* include/Makefile.in: Add otp.h
* configure.in: Test for ndbm.h
Generate Makefiles in lib/otp and appl/otp
* appl/otp: New program to set up and generate OTPs.
* lib/otp: New library for one-time passwords (RFC1938).
* lib/krb/get_host.c (srv_find_realm): Added parameter `proto'
* lib/des/Makefile.in: Add md4 and sha. run `mdtest' from check.
* lib/des/md4.h, lib/des/md4.c, lib/des/sha.c, lib/des/sha.h,
lib/des/mdtest.c: New files.
* appl/kauth/Makefile.in: Make $(libexedir) as well.
Thu Oct 24 1996
* appl/bsd/rlogind.c (setup_term): Actually set the speed of the
terminal.
* appl/bsd/rlogin.c (main): Do a `speed_t2int' before putting the
speed in the TERM variable.
* appl/bsd/rcmd_util.c: New functions: `speed_t2int' and
`int2speed_t'.
* appl/bsd/bsd_locl.h: Added prototype of `speed_t2int' and
`int2speed_t'.
Sun Oct 20 1996
* appl/bsd/login.c: Do `getspnam' before change the UID. Also call
`endspent'
* appl/krbmanager: New program used on PCs by kclient.
* lib/kclient: New library.
* lib/des, lib/krb: Added some PC-specific files.
* doc/kth-krb.info: Regenerated.
* doc/Makefile.in (kth-krb.info): Some stupid makes don't
understand $<
(kth-krb.html): New rule.
* doc/kth-krb.texi (Compiling from source): Added some references
about Socks.
Sat Oct 19 1996
* doc/kth-krb.texi: Added text about ``--with-socks''.
* configure.in: Use `AC_TEST_PACKAGE' for skey and socks.
* aclocal.m4: Replaced `AC_TEST_SOCKS' and `AC_TEST_SKEY' with the
more general `AC_TEST_PACKAGE'.
Fri Oct 18 1996
* configure.in: call AC_TEST_SOCKS
* acconfig.h: SOCKS
* aclocal.m4: Added AC_TEST_SOCKS
* lib/krb/send_to_kdc.c (send_to_kdc): Removed unused `f' and
close.
Thu Oct 17 1996
* man/popper.8: Option `-i'
* appl/kpopper/pop_send.c: clean-up
* appl/kpopper/popper.h: Removed old garbage and added SKEY.
* appl/kpopper/pop_xmit.c: clean up
* appl/kpopper/pop_user.c: SKEY-support
* appl/kpopper/pop_pass.c: Added support for spaces in passwords
and S/Key.
* appl/kpopper/pop_init.c: Moved some variables into struct pop
(main): Added support for `-i'
* appl/kpopper/pop_get_command.c: New command "HELP".
* appl/kpopper/Makefile.in: Add SKEY-stuff.
* lib/krb/get_host.c: Use `k_getportbyname(KRB_SERVICE,...)' as a
default instead of KRB_PORT
* lib/krb/getaddrs.c (k_get_all_addrs): Add
gethostbyname(k_gethostname()) as a fallback.
* lib/krb/k_getport.c (k_getportbyname): proto can be NULL
* lib/krb/krb.h: Only include <sys/types.h> if HAVE_SYS_TYPES_H
* lib/krb/prot.h: KRB_SERVICE: Added
* server/kerberos.c: Replaced linked list with a vector.
Wed Oct 16 1996
* server/kerberos.c: Add support for TCP connections.
* lib/krb/send_to_kdc.c: On stream sockets, use krb_net_read
rather than recvfrom.
Mon Oct 14 1996
* doc/kth-krb.texi: Only use `kdb_edit' to add the initial
`nisse.admin'. Add all other users with `kadmin'.
* doc/kth-krb.info: new file.
* doc/kth-krb.texi: Added some text about kx and ftp.
* appl/ftp/ftpd/ftpcmd.y,
util/ss/ct.y,
util/et/error_table.y :
Added code for handling the case of using `bison' and having no
`alloca'. Alloca is usually never called anyway, so we just use
`malloc'.
* appl/kx/kxd.c: All static variables are now global and in
common.c.
(doit_conn, doit): Turn on TCP_NODELAY.
(create_and_write_cookie, suspicious_address): Moved to common.c
* appl/kx/kx.c (connect_host): Try all addresses of `host'. Turn
on TCP_NODELAY.
(doit): prepare for TCP-only hosts.
(usage,main): add `-t'
(main): Passive mode is possible again.
* appl/kx/kx.h: More #ifdefs for include files. Declarations for
global variables.
* appl/kx/common.c (get_xsockets): Try to chmod
dirname(`X_UNIX_PATH')
(get_xsockets): Turn on TCP_NODELAY on TCP connections.
* doc/Makefile.in: New file
* Makefile.in: Added `doc' to `SUBDIRS'
* configure.in: Generate `doc/Makefile'
Sun Oct 13 1996
* appl/bsd/rcp.c (main): Made rcp AFS aware.
* lib/krb/kuserok.c (kuserok): Act as if luser@LOCALREALM is
always an entry of .klogin.
Sat Oct 12 1996
* appl/kx/rxtelnet.in: Start the `xterm' process correctly.
* lib/des/rnd_keys.c (sumFile): consider the case that `res' is
not longword-aligned.
* lib/krb/get_host.c (parse_address): `getservbyname' should
really get proto = NULL
* lib/krb/send_to_kdc.c (krb_udp_port): removed
(send_to_kdc): removed `addrlist'
* lib/krb/send_to_kdc.c: Support not only UDP.
* lib/krb/get_host.c (krb_get_admhst): Really ask for a admin host
if that's what we want.
Thu Oct 10 1996
* lib/krb/get_host.c: Simplified some code. Added stub-support for
SRV-records.
Wed Oct 9 1996
* appl/kx/rxtelnet.in, appl/kx/rxterm.in: PDC are unable to give
correct instructions to their users and therefore we have to add
strange directories to the PATH.
* appl/kx/rxtelnet.in: Support sending arguments to telnet.
* appl/kx/rxterm.in: rsh can reside in path or %bindir% support
extra arguments to xterm (from <jas@pdc.kth.se>).
* appl/kx/rxtelnet.in: Try to find some kind of terminal emulator
for X.
* appl/kx/rxterm.in, appl/kx/rxtelnet.in: Look for kx in $PATH and
%bindir%.
* appl/kx/common.c (get_xsockets): `mkdir' the correct directory.
From <jas@pdc.kth.se>
* lib/krb/send_to_kdc.c: Changes to allow other than udp port 750
connections.
* lib/krb/get_host.c: rewrite of krb_get_{adm,krb}hst.
Sun Oct 6 1996
* appl/ftp/ftpd/ftpd.c (retrieve): Got rid of `sprintf'.
* configure.in: Fix order for x libs. From <jas@pdc.kth.se>.
Check for `fcntl', `alloca', `winsock.h', and `io.h'.
* lib/krb/krb_locl.h: Check for <io.h> and <winsock.h>
* lib/krb/krb.h: Check for winsock.h
* lib/krb/k_flock.c: Better test for `fcntl' with locking.
* lib/krb/et_list.c: Hopefully correct pragma this time. From
<jas@pdc.kth.se>
Thu Oct 3 1996
* lib/krb/klog.c (klog): Do not forget to print the text.
* lib/krb/log.c (krb_log): Print space after time in log.
Wed Oct 2 1996
* appl/kpopper/popper.h: Add field msg_id to hold Message-Id for
UIDL command.
* appl/kpopper/pop_dropinfo.c (pop_dropinfo): Support for UIDL
command. Saves Message-Id to be used as unique id. Everything is
#ifdef:ed UIDL.
* appl/kpopper/pop_get_command.c: Recognize UIDL command.
* appl/kpopper/pop_uidl.c (pop_uidl): POP3 UIDL command
implementation.
* appl/kpopper/Makefile.in: New file pop_uidl.c.
* configure.in: Made some of the tests into macros defined in
aclocal.m4
* appl/telnet/libtelnet/kerberos.c: Given better error message
when user is not authorized to login.
* lib/roken/k_getpwuid.c, lib/roken/k_getpwnam.c: Call `endpwent'.
If we are using a BSD-kind of system we should not leave the
shadow password database open.
* appl/xnlock/xnlock.c: Got rid of all `register' declarations.
* appl/kx/rxterm.in, appl/kx/rxtelnet.in: Use `set --'
Mon Sep 30 1996
* lib/roken/k_getpwnam.c, lib/roken_k_getpwuid.c: Call `endspent'
to try to close the shadow password file.
* appl/ftp/ftpd/ftpd.c (retrieve): Cut the argument to the command
and the first character of the extension.
* lib/krb/send_to_kdc.c: Sun doesn't have any strerror so we can't
use that here. We are only printing debug messages anyway, so
just print errno for now.
* appl/kx/rxtelnet.in: Now using SIGUSR2.
* appl/kx/kx.c: Now using SIGUSR1 to mean `exit when number of
children goes down to zero'. SIGUSR2 is `exit when number of
children is equal to zero'.
* appl/xnlock/xnlock.c: More fixup of old code.
* appl/ftp/ftpd/ftpd.c: Only call `filename_check' for guest
users.
* configure.in: Added tests for more header files. Also added
more ifdefs when actually including those files.
* appl/kx/Makefile.in: Do not build programs if we have no X11.
Sun Sep 29 1996
* appl/xnlock/xnlock.c (main): Support for shadow passwords.
* lib/roken/k_getpwuid.c: New file, better support for shadow
passwords.
* appl/telnet/Makefile.in: Use SET_MAKE
* appl/ftp/ftpd/ftpcmd.y: Remove access to several commands for
anonymous users.
* lib/krb/get_krbhst.c: Look for kerberos-#.realm.
* appl/ftp/ftpd/popen.c: Execute files from ~ftp if possible.
* appl/ftp/ftpd/ftpd.c: Add find site command.
* appl/ftp/ftpd/ftpd.c: Add special handling of nonexistant files
with extensions {,.tar}{,.gz,Z}.
Sat Sep 28 1996
* configure.in: Check for sys/times.h, sys/param.h, and
sys/timeb.h
* lib/des: autoconfed a little to make it compile.
* lib/roken/roken.h: Add `max', `min', and definitions for broken
syslogs.
* appl/bsd/bsd_locl.h: Removed SYSLOG-garbage and max.
* appl/kx/kx.h: Remove prototype of childhandler.
* appl/kx/common.c: Remove childhandler. Not common any more.
* appl/kx/rxterm.in: Send SIGUSR1 to kx before starting xterm.
* appl/kx/rxtelnet.in: Send USR1 to kx at appropriate moment.
* appl/kx/kx.c: Die after receiving SIGUSR1 and when number of
children goes to zero.
* lib/roken/roken.h: Add STDERR_FILENO
* lib/roken/mini_inetd.c (mini_inetd): Also dup onto stderr.
* lib/kafs/Makefile.in (afslib.so): Change argument so they work
with `ld' instead of `cc'
* appl/kx/kxd.c: writeauth.c as separate file.
* appl/kx/kx.c: `-d' option to disable forking.
* appl/kx/Makefile.in: Compile and link writeauth.c if necessary.
For some stupid reason $< does not work correctly in BSD make.
Use $(srcdir) instead.
* appl/ftp/ftp/ftp_locl.h: Only include <roken.h> once.
* configure.in: Use strange X flags when looking for XauReadAuth.
Add XauWriteAuth if we need to include it.
Fri Sep 27 1996
* appl/sample: Sample programs work again.
* appl/kx/kxd.c (main): use `mini_inetd'
* appl/kx/kx.c: Use KX_PORT
* appl/kx/kx.h: Remove SOMAXCONN and add KX_PORT
* appl/kauth/kauthd.c (main): use `mini_inetd'
* appl/ftp/ftpd/ftpd.c: Removed `conn_wait' and use `mini_inetd'
instead.
* appl/bsd/bsd_locl.h: Prototypes for `get_shell_port' and
`get_login_port'
* appl/bsd/rcmd_util.c: New file.
* appl/bsd/Makefile.in: Added rcmd_util.c
* appl/bsd/rcp.c: Moved `get_shell_port' to rcmd_util.c
* appl/bsd/rsh.c: Moved `get_shell_port' to rcmd_util.c
* appl/bsd/rlogind.c (main): Use `mini_inetd'
* appl/bsd/rshd.c (main): Add support for interactive mode with
`-i'.
* appl/telnet/telnetd/telnetd.c (main): use `mini_inetd'
* lib/roken/roken.h: Added prototype for `mini_inetd', and
fallback definitions for SOMAXCONN, STDIN_FILENO, and
STDOUT_FILENO.
* lib/roken/Makefile.in: Added mini_inetd.o
* lib/roken/mini_inetd.c: New file.
Thu Sep 26 1996
* appl/kx/kxd.c (doit): read port number in ascii.
* appl/kx/kx.c (doit): write port number in ascii.
* appl/kauth/rkinit.c (doit_host): Check return value from
`read_encrypted'.
* appl/kauth/kauthd.c (doit): Removed unnecessary sprintf's before
syslog.
* lib/krb/krb_get_in_tkt.c (krb_get_in_tkt): Return error code
from `tf_create' and not always INTK_ERR.
* lib/krb/tf_util.c (tf_create): Correct check for return value
from `open'.
* lib/des/rnd_keys.c (des_rand_data): Try /dev/urandom as well.
Wed Sep 25 1996
* appl/afsutil/pagsh.c (main): One-of error hopefully fixed this
time.
* configure.in: Add test for <sys/un.h>
* kadmin/Makefile.in: Add back $(CRACKLIB)
Mon Sep 16 1996
* appl/kx/Makefile.in: Create rxterm and rxtelnet at compile time.
* kstring2key moved to appl/afsutil.
Sun Sep 15 1996
* appl/kx/kx.c (main): For now always use passive mode. That's
the only thing that has been tested and not a lot of people are
going to use non-passive anyways.
* appl/kx/kx.c (connect_host): write display_number in ascii.
* appl/kx/kxd.c (doit): read display_number in ascii.
* appl/kx/common.c (get_local_xsocket): Generate the
/tmp/.X11-unix directory with the sticky bit set.
* configure.in: Generate appl/kx/rxterm and appl/kx/rxtelnet.
* appl/kx/Makefile.in: Install rxterm and rxtelnet.
* appl/kx/rxterm.in, appl/kx/rxtelnet.in: New files.
* appl/kx/common.c (get_local_xsocket): try to bind the socket
instead of checking for existence with lstat.
* appl/kx/kxd.c: Detect remote termination and cleanup on exit.
Sat Sep 14 1996
* lib/des/rnd_keys.c: Hack for systems that lack setitimer (like
crays).
* appl/kx/kxd.c (doit): Send over the display number and the
authority file actually used to kx.
(create_and_write_cookie): New function to generate and write into a
file a local cookie used between this pseudo-server and the
clients on this host.
(start_session): New function to check and remove the local cookie
before the data is sent over to `kx'.
* appl/kx/kx.c (display_num, xauthfile): New variables. Now `kx'
prints out the values of those two variables and then goes to the
background to enable some script to set these on the other host.
(start_session): New function that adds a local cookie before sending
the rest of the connection to the local X-server.
(main): Also recognize "unix" as a local DISPLAY.
* appl/kx/kx.h: <X11/Xauth.h> used.
(get_local_xsocket): Changed parameter.
* appl/kx/common.c (get_local_xsocket): Now try to allocate the
first free socket in /tmp/.X11-unix. Also `mkdir' this directory
first. Return the number of the display opened.
* appl/kx/Makefile.in: Added X libraries.
* lib/des/des.h: Added prototype for `des_rand_data'.
* lib/des/rnd_keys.c: Made `des_rand_data' non-static. This
function is useful and now even used.
Wed Sep 11 1996
* appl/bsd/login.c: Use k_afs_cell_of_file() to get tokens for the
cell of the home catalog rather than the local cell.
* lib/kafs/afssys.c: Add k_afs_cell_of_file.
Tue Sep 10 1996
* appl/telnet/telnetd/telnetd.c, appl/telnet/telnetd/sys_term.c:
Removed all convex code.
Mon Sep 9 1996
* appl/telnet/telnetd/termstat.c: UNICOS5: removed
* appl/telnet/telnetd/telnetd.c, appl/telnet/telnetd/sys_term.c:
NEWINIT, UNICOS7x, UNICOS5: removed
STREAMSPTY: added variable `really_stream' Now able to handle the
case where the OS supports stream ptys but we run out of them and
start using ordinary BSD ones.
* appl/telnet/telnetd/state.c: UNICOS5: removed
* appl/telnet/telnetd/pathnames.h: BFTPPATH: removed
* appl/telnet/telnetd/ext.h, appl/telnet/telnetd/global.c:
BFTPDAEMON: removed.
UNICOS5: removed.
* appl/telnet/telnetd/ext.h: STREAMSPTY: added variable
`really_stream'.
* lib/krb/stime.c (krb_stime): argument should be `time_t'.
lib/krb/krb_locl.h: changed prototype.
Sun Sep 8 1996
* configure.in: Also generate `appl/sample/Makefile'
* appl/Makefile.in: Use @SET_MAKE@.
Include sample
* lib/krb/Makefile.in: Add krb_stime, krb_mk_auth, and
krb_check_auth.
* util/et/compile_et.c (main): Include <foo.h> in foo.c
* slave/kprop.c: exit with return code == 1 to indicate failure.
* server/kerberos.c (usage): Fixed usage string.
* lib/krb/tkt_string.c (tkt_string): Removed bogus extern
declaration of `getuid'.
* lib/krb/tf_util.c (tf_save_cred): Removed bogus extern
declaration of `lseek'.
* lib/krb/stime.c (stime): Renamed to `krb_stime'
* lib/krb/sendauth.c (krb_sendauth): reimplemented using
`krb_mk_auth' and `krb_check_auth'.
* lib/krb/send_to_kdc.c (send_recv): Removed stupid cast.
* lib/krb/recvauth.c: Removed KRB_SENDAUTH_VERS
* lib/krb/prot.h: create_auth_reply: correct prototype.
krb_create_death_packet: ditto.
KRB_SENDAUTH_VERS: moved here from sendauth.c and recvauth.c
* lib/krb/month_sname.c: Made `month_sname' const.
* lib/krb/mk_req.c: Remove stupid `register'
* lib/krb/log.c (krb_log): Use `krb_stime'
* lib/krb/kuserok.c (kuserok): Nightmare Filesystem might return
ESTALE. Treat it the same way as ENOENT.
* lib/krb/krb_locl.h: Added prototype for `krb_stime'
* lib/krb/krb_check_auth.c: New file with `krb_check_auth',
implemented for compatibility with CNS.
lib/krb/krb_mk_auth.c: Ditto.
* lib/krb/krb.h: Removed duplicate declarations of `get_request'
and `krb_get_admhst'.
Added declarations for `krb_mk_auth' and `krb_check_auth'.
* lib/krb/kparse.h: removed prototype for `strsave'
* lib/krb/kparse.c (fGetParameterSet): Use `strdup' instead of
`strsave'.
(strsave): Removed.
* lib/krb/kname_parse.c: Removed stupid `register' declarations.
* lib/krb/klog.c (klog): Use `krb_stime'
* lib/krb/get_phost.c: Handle the case where the name has no dots
in it by just returning it as-is.
* lib/knet/Imakefile, lib/knet/getkdata.c, lib/knet/phost.c,
lib/knet/sendkdata.c: removed unused files.
* lib/kadm/kadm_cli_wrap.c (kadm_init_link): use `k_getportbyname'
* kadmin/ksrvutil_get.c (get_srvtab_ent): Erase the key if
something goes wrong. Include realm in the message when writing a
key.
(parseinput): New function that removes quotes and backslashes
from input.
(ksrvutil_get): Use `parseinput' to read input.
* kadmin/ksrvutil.c (safe_read_stdin): Correct use of printf.
Removed bogus casts and fflush of stdin.
(main): Use `return' instead of `exit'.
* kadmin/kpasswd.c (main): Use `return' instead of `exit'.
* kadmin/admin_server.c: exit with return code == 1 to indicate
failure.
* appl/sample/sample_server.c: Rewrote to use all new functions.
* appl/sample/sample_client.c: Rewrote to use all new functions.
* appl/sample/sample.h: new file.
* appl/sample/Makefile.in: new file.
* appl/movemail/pop.c (socket_connection): use `k_getportbyname'
* appl/kpopper/pop_init.c: exit with return code == 1 to indicate
failure.
* appl/kauth/kauth.c (doexec): new-style definition. ret should
be a `pid_t'.
(main): new-style definition. Use `prog' instead of `argv[0]'
* appl/ftp/ftp/extern.h: Removed unused `abortsend'
* appl/ftp/Makefile.in: Use @SET_MAKE@
* appl/bsd/rsh.c: get_shell_port: use `k_getportbyname'
* appl/bsd/rlogin.c: get_login_port: use `k_getportbyname'
* appl/bsd/kcmd.c: Removed bogus casts to `caddr_t'
* admin/kstash.c: Removed bogus flushing of stderr. Replaced lots
of `exit(-1)' by `return 1'
* admin/kdb_util.c: Removed unused variable `aprinc'.
Removed bogus flushing of stderr.
Replaced lots of `exit(-1)' by `return 1'.
* admin/kdb_edit.c, admin/kdb_init.c: use `return' instead of
calling `exit' and use 1, not -1, for failure.
* Makefile.in: Use @SET_MAKE@
* aclocal.m4: AC_NEED_PROTO: need macro to determine if we need to
define a prototype for a function.
* configure.in: Reordered. Removed unused stuff. Start using
AC_NEED_PROTO.
* config.guess: merged in FSF version from 960908.
Tue Sep 3 1996
* include/protos.H: Added optarg, opterr, optind, optopt and
(fclose under Sunos 4). Removed these declarations from lots of
other files.
* acconfig.h: Add undefs for h_errno, h_errlist, optarg, optind,
opterr, and optopt.
* configure.in: Use `AC_NEED_DECLARATION' for h_errno, h_errlist,
optarg, optind, opterr, and optopt.
* aclocal.m4: New macro `AC_NEED_DECLARATION' to figure out if we
need to have an external declaration of a variable.
Mon Sep 2 1996
* lib/krb/krb.h: Removed unused `req_act_vno' and `k_log'.
Changed all callers.
* lib/krb/krb.h: Removed definition of `MAX_HSTNM'.
* lib/krb/send_to_kdc.c: Removed use of `MAX_HSTNM'.
* appl/afsutil/pagsh.c: Some reformatting and fixed the off-by-one
args bug.
Sat Aug 31 1996
* lib/krb/{send_to_kdc.c, getrealm.c}, appl/xnlock/xnlock.c,
appl/kauthkauth.c, appl/bsd/{rshd.c,rlogind.c}: Removed '#if 0'-ed
code.
* lib/krb/get_in_tkt.c: Removed '#if 0'-ed code and now compiles
with NOENCRYPTION.
* kadmin/ksrvutil.c: Now compiles with NOENCRYPTION.
* appl/ftp/ftpd/ftpcmd.y: Throw away passwd after use.
* appl/ftp/ftpd/ftpd.c: Fixed old comment.
* slave/kpropd.c: s/sa_len/salen/ Irix has a #define for sa_len.
* lib/kdb/krb_dbm.c: If key->dptr is not a `char *' we have to
cast it before adding to it.
* configure.in: Old test for `sa_len' in `struct sockaddr' fails
on IRIX 6.2. Try to compile a program refering to that field
instead of grepping for it in <sys/socket.h>.
* appl/bsd/kcmd.c: Removed old and broken code.
* configure.in: Check for `gethostname', `uname', and
<sys/utsname.h>
* lib/krb/k_gethostname.c: Try to use `uname' if we have no
`gethostname'.
* appl/ftp/ftpd/klogin.c: Incorrect use of `gethostname' replaced
by correct use of `k_gethostname'.
* lib/roken/verify.c: Change name verify_unix_user ->
unix_verify_user in analogy with krb_verify_user.
Fri Aug 30 1996
* appl/xnlock/Makefile.in: Install man-page.
* configure.in, */Makefile.in: Replace `-shared' with some other
option when not using gcc.
* lib/kafs/afssys.c: Do not start by checking if we have AFS in
`k_afsklog'.
* appl/bsd/rlogin.c: More kludges to make it work with rlogin on
linux: Do not select for an exceptional condition on `rem' after
having received EINVAL.
Also rewrote ifndef NOENCRYPTION stuff.
* appl/bsd/rlogind.c: More kludges to make it work with rlogin on
linux: Only send oob data just after having sent normal data to
make sure we never send two consecutive bytes of oob data.
Also rewrote ifndef NOENCRYPTION stuff.
Thu Aug 29 1996
* lib/kafs/Makefile.in: Use `ld' instead of `cc' for linking
afslib.so. Not everybody has cc.
Wed Aug 28 1996
* Release 0.9.2a
Mon Aug 26 1996
* appl/bsd/login.c: Clean-up. Made static a lot of functions and
variables. Rewrote some function definitions to ANSI-style.
* appl/bsd/sysv_environ.c: KRB4_MAILDIR may and may not contain a
trailing slash. We need to be very careful to make sure the
contents of $MAIL does not contain two, because RMAIL in emacs
uses it and emacs is no friend with double slashing.
* lib/kafs/afssys.c (k_afsklog_all_local_cells): Now should return
correct value.
Sun Aug 25 1996
* Release 0.9.2.
Sat Aug 24 1996
* lib/roken/hstrerror.c: Check for h_errlist prototype.
Thu Aug 22 1996
* lib/krb/send_to_kdc.c, etc/services.append, server/kerberos.c:
Changed `kerberos' to `kerberos-iv' now that it has been
registered with IANA.
* man/rshd.8, man/rlogind.8: updated documentation of `-a'
* lib/roken/roken.h: Added declaration of `h_errno'
* kuser/Makefile.in: Link kdestroy with KRB_KAFS_LIB
* appl/kauth/kauth.h: Stupid declarations for syslog.
* appl/kauth/kauthd.c: syslog errors and success.
* include/protos.H: Removed `h_errno', now in roken.h Declare
`getusershell' under solaris.
* configure.in, acconfig.h: Figure out if we have to declare
`h_errno'.
* appl/ftp/ftp/kauth.c: Added support for afs_string_to_key.
Wed Aug 21 1996
* lib/kafs/afssys.c: Look for AFS database servers in dns also.
* lib/kafs/afssys.c: Add support for a ~/.TheseCells-file.
Sun Aug 18 1996
* appl/bsd/rlogind.c: Removed unused `check_all' variable. Use
`inaddr2str'.
* appl/bsd/rshd.c: Use `inaddr2str'.
* appl/bsd/iruserok.c: Removed potential buffer overrun after
`gethostbyaddr'.
* lib/roken/inet_aton.c: Some const-ness.
* lib/roken/Makefile.in: Add `inaddr2str.o'.
* appl/ftp/ftpd/ftpd.c: Use `inaddr2str'.
* lib/roken/inaddr2str.c, lib/roken/roken.h: New function
`inaddr2str' to convert an IP address into a verified hostname or
a string of the form x.y.z.a
* lib/krb/{krb_locl.h, krb.h, k_name_to_name.c, k_getsockinst.c,
getrealm.c}: Some const-ness.
* appl/bsd/bsd_locl.h: Removed another prototype for `crypt'.
* appl/kpopper/popper.h: Some const-ness to get rid of a warning.
* appl/bsd/rshd.c: Always check reverse mapping. Removed
`local_domain' and `top_domain'. Added some const-ness.
Sat Aug 17 1996
* include/Makefile.in: Removed VPATH. With it this makefile does
not work correctly.
* lib/krb/rw.c, lib/krb/krb_locl.h: Changed parameters to
`krb_{get,put}'-functions to void *.
* include/protos.H: Add `getusershell' in solaris.
* appl/kauth/kauthd.c, appl/bsd/{rlogin.c,rlogind.c}: Less
warnings because of arguments to `setsockopt'.
* lib/roken/roken.h: Fixed prototype of `inet_aton'
Wed Aug 14 1996
* lib/roken/verify.c: Use <crypt.h> if there is one.
* lib/kafs/Makefile.in: AFS_EXTRA_LIBS is always called
`afslib.so'. Otherwise some makes get upset when there is no such
library to be made.
* appl/telnet/telnetd/telnetd.h: <protos.h> are needed to get
prototype for `ptsname'.
* appl/bsd/rlogind.c, appl/kpopper/pop_dropinfo.c,
appl/telnet/libtelnet/{auth.h,enc_des.c,kerberos.c},
appl/telnet/telnet/utilities.c, appl/telnet/telnetd/{sys_term.c,
telnetd.h, kadmin/admin_server.c, kuser/klist.c,
lib/kdb/{krb_cache.c, krb_dbm.c}, lib/krb/{fgetst.c, getst.c,
log.c, tf_util.c}: Include type `int' on all definitions and
remove unnecessary `register'.
* appl/bsd/login_access.c: Fix parameter declaration to
`netgroup_match'.
* appl/bsd/forkpty.c, include/protos.h: s/__sgi__/__sgi//g
* admin/kdb_util.c: Use `errno' for error message instead of
uninitialized variable.
Tue Aug 13 1996
* appl/kauth/rkinit.c: Default port should be the same in kauth
and kauthd.
Sun Aug 11 1996
* configure.in: Added `AC_REVISION'
* slave/kpropd.c: Cleaned up structure. Now returns useful value.
* lib/roken/verify.c: Broken OSes need declartion of `crypt'.
* lib/roken/roken.h: Added prototype for `verify_unix_user'.
* lib/krb/lsb_addr_comp.h: Added prototype for `lsb_time'.
* lib/krb/{get_admhst.c, get_default_principal.c, get_krbhst.c,
get_krbrlm.c, getrealm.c, realm_parse.c} : Check for buffer
overwrite correctly.
* lib/krb/rw.c, lib/krb/krb_locl.h: Prepended `krb_' to `get_int',
`put_int', `get_address', `put_address', `put_string',
`get_string', `get_nir', and `put_nir'. Changed all callers.
* lib/kdb/krb_db.h: Added prototype for `kerb_delete_principal'
and `kerb_db_delete_principal'.
* lib/kadm/kadm_cli_wrap.c: Removed unused variable.
* appl/telnet/telnetd/telnetd.c: Changed bogus `strncpy' to
`strcpy'.
* appl/bsd/su.c: Fixed error messages from execv.
* appl/bsd/rlogin.c: Fixed potential buffer overrun when reading
"TERM".
Thu Aug 8 1996
* appl/telnet/telnet/commands.c, appl/kauth/rkinit.c: Replaced
`herror' by `hstrerror'.
* appl/bsd/login.c: chmod the tty so that it is writable for group
tty.
* configure.in: Use AC_FIND_IF_NOT_BROKEN for herror and
hstrerror.
* aclocal.m4: New macro `AC_FIND_IF_NOT_BROKEN'
* config.guess: Add 686
Tue Aug 6 1996
* lib/krb/getrealm.c: Fallback for `T_TXT'
* configure.in: Look for `res_search' and `dn_expand' in
libresolv.
Mon Aug 5 1996
* */Makefile.in: Add Id to those missing it.
* configure.in: Small fix in comment.
* Release 0.9.1.
* appl/ftp/ftpd/ftpcmd.y: s/timeout/ftpd_timeout/
* appl/kstring2key/kstring2key.c: `usage' changed to void.
* lib/krb/mk_req.c: `build_request' changed to void.
* appl/ftp/ftp/ftp_locl.h: Changed order of includes.
* appl/bsd/login.c, appl/ftp/ftpd/*: s/timeout/login_timeout/
* lib/kafs/afssysdefs.h: undef AFS_SYSCALL if we are defining it.
Sun Aug 4 1996
* lib/kafs/afssys.c: AIX systems will now correctly (I hope)
detect whether AFS is loaded or not. This is currently a bit
kludgy, and involves loading an external shared library,
afslib.so, which can be put in athena/lib or pointed to with
environment variable AFSLIBPATH. This is only tested on AIX 4
(due to lack of an AIX 3 system).
* lib/krb/getrealm.c: Range-check the result from the DNS.
* lib/krb/get_krbrlm.c: Try to use the DNS to find out which realm
this host belongs to.
* kadmin/ksrvutil_get.c: Fixed error message.
* lib/kafs/*: Fix aix/afs brokenness.
* lib/kadm/kadm_stream.c (stv_string): Range check.
Fri Jul 26 1996
* appl/ftp/common/{ftp,ruserpass}.c: Less bogus domain name
handling.
Mon Jul 22 1996
* lib/krb/mk_req.c: Use encrypt_ktext()
* configure.in, lib/kafs/afssys.c: Add option to exclude AFS
support (this is useful only on AIX systems that doesn't have
AFS).
* configure.in: Removed configuration from subdirectories.
Sat Jul 13 1996
* appl/ftp/ftp/extern.h, appl/ftp/ftp/ftp.c: Substitute `struct
fd_set' with `fd_set'.
Mon Jul 8 1996
* Makefile.in: install should depend on all.
Sun Jul 7 1996
* appl/bsd/su.c: Allow root to set the uid without entering a
password.
Fri Jul 5 1996
* lib/krb/getrealm.c: Add automatic dns realm search.
Thu Jul 4 1996
* lib/krb/log.c (krb_log): Renamed k_log(...) to krb_log(...) for
compatibility with CNS. There is still a #define k_log krb_log.
* util/et/et_list.c: Hack to resolve _et_list in shared libraries.
Fri Jun 28 1996
* appl/bsd/rlogin.c (reader): If after a select rlogin fails to
read expected OOB data try to read ordinary data before continuing.
* appl/bsd/rlogin.c (oob_real): SunOS5 tty race kludge.
* appl/bsd/rlogind.c: Cleanup oobdata stuff.
Thu Jun 27 1996
* appl/bsd/login.c (main): Also check for complete tty name with
`rootterm'.
* lib/krb/check_time.c: New function `krb_check_tm'.
* lib/roken/tm2time.c: New function `tm2time', mktime generalized
to local timezone and UTC.
* kadmin, admin: Use `tm2time' and `krb_check_time' instead of
`maketime'.
Tue Jun 25 1996
* lib/krb/mk_priv.c (krb_mk_priv): Send correct address.
* appl/kauth/kauthd.c: Set ticket file to some sane default, and
add -i debugging switch.
Mon Jun 24 1996
* appl/xnlock, appl/kauth, appl/telnet/telnetd: Use BINDIR and not
`/usr/athena/bin'.
Wed Jun 19 1996
* appl/bsd/rlogin.c: consistent usage of oob_real.
* appl/bsd/rlogind.c: Do not send oob garbage when running
solaris? Seems that linux is unable to handle the duplicate
urgent data that is the result.
* appl/bsd/rlogind.c: Fix usage.
* appl/bsd/kcmd.c: Don't F_SETOWN.
Mon Jun 17 1996
* lib/krb/rw.c: Add get_address() and put_address().
* appl/telnet/telnetd/telnetd.c: updated usage
* appl/bsd/su.c: Replaced getpass by des_read_pw_string
* appl/bsd/forkpty.c (ptym_open): Removed unused `ptr2'.
* appl/bsd/rlogind.c: Removed unused functions and made others
static.
Sun Jun 16 1996
* Release 0.9.
* appl/ftp/ftpd/ftpd.c: Don't just send data in plain when doing
NLST.
* configure.in: test for setresgid.
* kadmin/ksrvutil_get.c: Fixed byte manipulations of keys.
Sat Jun 15 1996
* lib/des/rnd_keys.c (des_rand_data): At least `srandom'.
* appl/ftp/ftp/cmds.c: Support longer passwords when retrying
login.
* kadmin/admin_server.c, man/kadmind.8, kth-krb.texi: Reading key
file from file is now the default. Use `-m' to enter it manually.
`-n' is currently a no-op.
* appl/ftp/ftpd/ftpd.c: Add S/Key support.
* appl/ftp/ftpd/Makefile.in: Link with S/Key.
* appl/ftp/configure.in: Test for S/key.
* configure.in, aclocal.m4: Moved skey test
to aclocal.m4.
* appl/bsd/login.c: Correct argument to `skeyaccess'.
Fri Jun 14 1996
* lib/krb/verify_user.c: New parameter to specify service key
instance, NULL means "rcmd".
* lots of files: All ticket filenames uses `TKT_ROOT'.
* appl/bsd/rlogind.c: Check for uid == 0 and user != "root".
Tue Jun 11 1996
* appl/kpopper/pop_init.c(pop_init): Got rid of some old ifdef'ed
code.
* lib/kdb/krb_dbm.c: Add macro for `dbm_delete' for the people
that are ndbm challenged.
Mon Jun 10 1996
* lib/krb/kname_parse.c: Got rid of duplicate defintions.
* appl/ftp/ftp/ruserpass.c: Get hostname even if user has no
'.netrc' file.
* lib/kadm, lib/kdb, kadmin: Add database delete operation.
* lib/krb/kname_parse.c: Allow dots in instances.
* appl/bsd/rlogind.c (logwtmp): Only define `logwtmp' if it does
not exist. Log more garbage.
Sun Jun 9 1996
* appl/telnet/configure.in: Check for `logwtmp'.
* appl/ftp/configure.in: Use `AC_FUNC_MMAP'
* appl/bsd/forkpty.c: Removed all ugly pty search stuff from
ptym_open().
* configure.in: Modified the creation of version.h, now actually
shows up with ident.It is now also slightly more keen on creating
a new version.h.
Sat Jun 8 1996
* lib/roken/verify.c: <stdio.h> for NULL.
* appl/xnlock/xnlock.c (leave): Call XCloseDisplay, otherwise
screen saver changes are not updated before closing the X
connection.
* appl/bsd/utmp_login.c: Remove tty-prefix from ut_id; this field
is usually very short.
Fri Jun 7 1996
* slave/kpropd.c: Add option -m to merge rather then load
database.
Thu Jun 6 1996
* admin/kdb_util.c: Add a merge operation. (One day it might be
used to propagate only patches to the database)
Wed Jun 5 1996
* appl/kpopper: Support both POP3 and KPOP3.
* appl/xnlock/xnlock.c: Use `verify_unix_user'
* lib/roken/verify.c: verify_unix_user: New function from xnlock
for checking passwd in `/etc/passwd'.
* appl/telnet/telnetd/sys_term.c: gettimeofday buglet
* slave/kpropd.c: Rewrite of kpropd.
* admin/kdb_util.c: Sanity check on input to load_db.
* slave/kpropd.c: Use default value for fname.
* slave/kprop.c: Use some sane default values for data_file and
slaves_file.
* admin/kdb_util.c: If there isn't any database when loading,
create an empty one.
Mon Jun 3 1996
* appl/telnet/telnetd/sys_term.c: Somewhat changed the way utmpx
entries are created. It should now work on both Solaris and IRIX,
without stale login information.
Sat Jun 1 1996
* lib/krb/k_gethostname.c (k_gethostname): Fallback.
* lib/krb/send_to_kdc.c (send_to_kdc),
kadmin/kadm_ser_wrap.c (kadm_ser_init),
slave/kprop.c (prop_to_slaves),
slave/kpropd.c (main): Use `k_getportbyname'.
Fri May 31 1996
* Lots of files: more #includes ifdefad and cleaned up.
Thu May 30 1996
* Lots of files: Replaced bcopy/bzero/bcmp with
memcpy/memset/memcmp.
* lib/krb/get_default_principal.c: Use getlogin() if it is the BSD
variant that actually gives some information.
* lib/krb/create_ticket.c: Write correct address byteorder.
* lib/kadm/kadm_stream.c,kadm_cli_wrap.c: Don't assume int32_t is
four bytes.
* kadmin/kpasswd.c: Allow principal without -n.
* kadmin/kadmin.c: Use krb_get_default_principal.
* appl/ftp/ftpd/ftpd.c: Fix bare newline bug.
* appl/bsd/rlogind.c: Add -i and -p options to start rlogind from
command line (for debugging).
* INSTALL: Rewritten.
Wed May 29 1996
* appl/ftp/ftp/krb4.c: Handle different sizes of returned
checksum.
* appl/bsd/Makefile.in: Don't install login setuid.
Fri May 24 1996
* appl/bsd/rsh.c: Don't run away yelling if someone calls you
`remsh'.
Sun May 19 1996
* lib/krb/kdc_reply.c: Remove unused function decrypt_tkt. Sanity
check on decrypted ticket.
Wed May 15 1996
* server/kerberos.c: Should work with the new libkrb
* appl/kip: Support more than one tunnel device.
* lib/krb/*.c: All functions that create or decode kerberos
packets have been rewritten. Hopefully, everything still
works. This is to eliminate problems with wierd systems, like
Crays, that doesn't have any two or four byte integers. Some of
these changes could be a lot more pretty, and *many* assumptions
that sizeof(int32) == 4 still exist in the rest of the code,
though.
As a side effect, all packets sent are now in network byte order.
Mon May 13 1996
* configure.in: Shared libraries for Irix
* Several fixes for UNICOS.
* appl/ftp/ftp/krb4.c: Allow default data protection level through
a "prot level" in .netrc. This really should be done in a more
useful manner.
Sun May 12 1996
* appl/xnlock/xnlock.c: Cleaned up user verification code. Now
uses new function krb_verify_user. Also fixed a few problems with
the password prompt box.
* lib/krb/verify_user.c: New function krb_verify_user to verify a
user with kerberos.
* appl/kip: New program for forwarding IP packets over kerberised
connections using tunnel devices.
* appl/kauth/kauth.c, kadmin/ksrvutil.c: Use
krb_get_default_principal
* appl/bsd/rlogind.c: Do not change portnumber to host order if
using kerberos. This will cause the magic
`reverse-time-if-port-is-less-than' to fail.
* lib/des/GNUmakefile: Removed file. This file causes problem
when building in the source directory and when using GNU make
which prefers this file to the generated Makefile.
* appl/bsd/login.c: More careful when handling returned value from
`getspnam'.
Sat May 11 1996
* lib/krb/realm_parse.c: New function to expand a non-complete
realm to its official name, e.g nada -> NADA.KTH.SE.
* lib/krb/get_default_principal.c: New function to guess the
default principal to use. Looks at any existing ticket file first,
then at uid/logname etc.
* kadmin/kadmin.c: Use kname_parse and allow different instances
and realms.
* lib/roken/k_getpwnam.c: New function k_getpwnam that should work
with and without shadow passwords.
* Lots of files: s/getpwnam/k_&/g.
Tue May 7 1996
* lib/des/des_locl.h: DES library updated to version 3.23,
des_locl.h now includes configure.h to get HAVE_TERMIOS etc.
* lib/des/des.h: On the alpha define DES_LONG to unsigned int.
* kuser/kinit.c: Handle passwords longer than 16 characters.
* appl/xnlock/xnlock.c (GetPasswd): Handle longer passwords than
16 characters.
Sun May 5 1996
* Release 0.8.
* appl/ftp/ftpd/kauth.c: Klist command.
* appl/ftp/ftpd: Removed `-g' from calls to ls.
* appl/ftp/ftp/cmds.c (setpeer): Fix so that opening a second
connection to a specified port works.
* appl/telnet/telnet: Default is binary.
* appl: Now build under Ultrix.
* appl/kx: Now even builds on AIX.
Sat May 4 1996
* lib/des: Now merged in libdes 3.21 on main branch.
* appl/ftp/ftpd/logwtmp.c: Slightly different functionality. Works
on systems that has more fields in struct utmp such as OSF/1.
Still some questions about Solaris.
* lib/krb/lsb_addr_comp.c: Now byteorder independent.
* appl/kx: Rewrote kx & kxd to share more code. They are also now
able to talk both ways.
* lib/kdb/krb_dbm.c (kerb_db_rename): Now works properly when
using berkeley DB.
Thu Apr 25 1996
* lib/krb/get_krbrlm.c (krb_get_default_realm): New function for
SunOS5 compat.
* When building shared libraries link libkrb with libdes to be
compatible with SunOS5.
* Move lib/krb/krb_err.et to lib/kadm since it is only used there,
no longer need to link libkrb against libcom_err.
Wed Apr 24 1996
* lib/krb/lsb_addr_comp.h: Renamed ugly lsb_addr_comp.
* Some porting to UNICOS.
Tue Apr 23 1996
* Moved some junk from appl/bsd to libroken.
* lib/roken/Makefile.in (LIBNAME): Added header file roken.h for
library libroken.a.
* Add kerberized ftp.
* Add libroken.
Mon Apr 22 1996
* appl/kauth/kauth.c: When commands are given to kauth, a new
ticket file is used.
Sat Apr 20 1996
* appl/xnlock/xnlock.c: Fixed a potential overwrite bug. Also
works with more than one screen, only fancy stuff on screen 0,
though.
Fri Apr 19 1996
* appl/bsd/login.c, su.c, rshd.c, rlogind.c: Syslog and abort when
getpwnam returns uid == 0 but user is not root. This is usually
the result of an attack on NIS (former YP).
Wed Apr 17 1996
* kadmin/ksrvutil.c (get_key_from_password): Support for
generating AFS keys. From <flag@it.kth.se>
Sun Apr 14 1996
* appl/kx: New program for forwarding a X connection.
Mon Apr 8 1996
* appl/bsd/rsh.c (get_shell_port): Default port number for ekshell
changed from 2106 to 545.
* appl/bsd/login.c (doremotelogin): Remove terminal speed from the
value of $TERM in the case of an ancient rlogind being used.
Thu Apr 4 1996
* lib/kafs/afssys.c (k_afsklog): Try to read from
/usr/vice/etc/TheseCells for list of cells we should try to obtain
tokens for.
* appl/kauth/kauth.c (renew): Use cell even when renewing.
* appl/kauth/kauth.c, appl/xnlock/xnlock.c: Always call k_afsklog
with realm == NULL.
* lib/kafs/afssys.c: More thorough guessing of what realm a cell
belongs to.
Wed Apr 3 1996
* appl/bsd/login.c: If setuid() failes and not logging in as root,
exit.
Tue Apr 2 1996
* server/kerberos.c: Set name, inst, and realm to NULL in
APPL_REQUEST, error replies tend to look a bit funny otherwise.
Thu Mar 28 1996
* appl/bsd/iruserok.c (iruserok): Imported iruserok() FreeBSD.
Tue Mar 26 1996
* lib/des/Makefile.in: Removed enc_read.c enc_writ.c.
* appl/bsd/Makefile.in: New file with the old functions from
libdes.
* appl/bsd/utmp_login.c: Fixed (hopefully) double utmp-entries in
Solaris. Only put entries in one of utmp/utmpx, since they both
get updated by putut*ent() anyway.
Mon Mar 25 1996
* kuser/klist.c (main): Use verbose option (-v) to list key
version numbers.
* Release 0.7.
Sun Mar 24 1996
* appl/bsd/rlogin.c (doit): Moved signal junk (as far as possible)
to doit().
* configure.in: Check for getmsg with AC_TRY_RUN instead.
Otherwise it fails under AIx 3.2. Now rlogind works on this
so-called OS. Also cache value of berkeley db check.
* lib/kdb/krb_kdb_utils.c: New experimental masterkey generation,
enabled with --enable-random-mkey. This makes kdb_init et al
generate random master keys, based on random input from the
user. This comes in a package with auto-kstash, and possibility to
enter lost master keys as base64.
Moved default master key file from /.k to
/var/kerberos/master-key, override with --with-mkey=file.
* kadmin/kadmin.c (do_init): Handle the `-t' option to kadmin,
meaning do not get a new ticket file. (From CNS).
Fri Mar 22 1996
* appl/xnlock/xnlock.c: Removed some dead code, and a few unused
header files.
* kadmin/pw_check.c (kadm_pw_check): If kadm_pw_check()
fails *pw_msg can't be 0! At the very least use the
empty string but a descriptive error-message is preferred.
* libtelnet: add nonbroken signal() function.
Wed Mar 20 1996
* appl/kpopper/pop_pass.c (pop_pass): Use kuserok to determine if
user is allowed to fetch mail.
* appl/kpopper/*. Got rid of some ugly codes and some warnings.
* appl/bsd/Makefile.in: signal.o was not included in OBJECTS,
which made strange makes not doing what they should.
* configure.in, appl/kpopper/popper.h, appl/bsd/pathnames.h: Now
should work on systems that do not have mail spool files in
/var/spool/mail. Looks for MAILDIR or _PATH_MAILDIR, usually from
<paths.h> or <maillock.h>. Defaults to /var/spool/mail.
Mon Mar 18 1996
* appl/bsd/bsd_locl.h: TIOCPKT for those systems missing it.
Fri Mar 15 1996
* lib/kafs/kafs.h: Use <sys/ioctl.h> instead of <sys/ioccom.h>
* appl/bsd/rshd.c (doit): Don't set environ, send it as an
argument to execle instead.
* lib/kafs/kafs.h: Find definition of _IOW.
* configure.in: Check for random.
* appl/bsd/bsd_locl.h: Including <crypt.h> gives too many conflicts.
* appl/afsutil/pagsh.c: Check for random.
Thu Mar 14 1996
* appl/bsd/bsd_locl.h, appl/telnet/telnetd/defs.h: Default values
of `TIOCPKT_FLUSHWRITE' & c:o.
* appl/telnet/telnet{,d}/Makefile.in (telnetd): Change order of
linking in libraries.
* configure.in: Check for interesting functions in libsocket and
libnsl and not strange soriasis inventions.
Wed Mar 13 1996
* appl/bsd/bsd_locl.h (fatal): Only use prototype or iruserok if
the function does not exist.
Mon Mar 11 1996
* lib/krb/krb_err_txt.c (krb_get_err_text): Changed name of
krb_err_msg to krb_get_err_text(int) to be compatible with the CNS
distribution. This function is used for instance by CVS-1.7.
Sun Mar 10 1996
* configure.in, appl/Makefile.in: removed rkinit
* etc/inetd.conf.changes, etc/services.append: Added kauth.
* appl/kauth: Integrated rkinit into kauth.
* appl/kauth/kauth.c (main): Only look for principal name if no -p
has been given.
* lots of files: prototypes and other small fixes.
* appl/bsd/sysv_shadow.h: spwd multiple defined.
* appl/bsd/bsd_locl.h: include <crypt.h>
* configure.in: Added afsutil and rkinit.
* */Makefile.in: Do cd $$i && $(MAKE). Otherwise, if cd fails you
end up with an infinite recursion.
* kuser/klist.c (display_tktfile): Another warning removed.
Tue Mar 5 1996
* appl/bsd/forkpty.c (forkpty): Kludge for Ultrix, rlogind now
works properly also under this system.
* appl/afsutil: New aklog and pagsh
* lib/krb/krb_equiv.c (krb_equiv): Fix bugs with '\\'.
* lib/des/rnd_keys.c: Include <sys/time.h>.
Mon Mar 4 1996
* appl/kauth/kauth.c (main): Handle name when given after options.
Sun Mar 3 1996
* appl/rkinit/rkinit.c (getalladdrs): Check for herror. Solaris
apparently does not have any.
(main): Use memset instead of bzero.
* appl/rkinit/rkinitd.c (decrypt_remote_tkt): bcopy -> memcpy.
* kuser/kinit.c (main): Corrected lifetime.
* lib/krb/krb_equiv.c (krb_equiv): Now handles longer lines,
continuation lines and addresses of the form 193.10.156.0/24.
* kuser/Makefile.in (kdestroy): Link kdestroy with libkafs.
Wed Feb 28 1996
* Replaced all occurencies of krb_err_txt[] with new function
krb_err_msg(), that does some sanity checks before indexing
krb_err_txt.
Mon Feb 26 1996
* appl/telnet/telnetd: Added flags -z to have telnetd log
unauthenticated logins, such as when using an old telnet
client. Unfortunately in most of these cases, the user name is not
known.
There should also be a way to tell the difference between bad
authentication (such as with expired tickets) and no attempt to
provide authentication (such as with an old client).
Sun Feb 25 1996
* kuser/kdestroy.c: Remove afs-tokens as well as tickets, -t flags
added to prevent this.
Thu Feb 22 1996
* appl/rkinit/rkinitd.c (doit): Use k_getsockinst to make it work
correctly for multi-homed hosts.
* appl/rkinit: New program with rkinit functionality.
* lib/krb/k_getport.c: Function for finding port in /etc/services
with fallback.
* lib/krb/netread.c,netwrite.c (krb_net_{read,write}): Now correct
prototype with void * and size_t.
Wed Feb 21 1996
* kadmin/new_pwd.c (get_pw_new_pwd): Moved get_pw_new_pwd to
seperate file. Now called both from kadmin and kpasswd.
* kadmin/pw_check.c (kadm_pw_check): Handle the case of no
password provided. This is really a policy decision. The server
should be able to say `use a client that sends the password'.
* appl/bsd/rlogind.c (local_domain): MAXHOSTNAMELEN -> MaxHostNameLen.
Sun Feb 18 1996
* appl/bsd/rcp.c (answer_auth): Made rcp multihome aware.
* appl/bsd/rlogind.c (do_krb_login): Made rlogind multihome aware.
* appl/bsd/rshd.c (doit): Made rshd multihome aware.
* lib/krb/k_getsockinst.c (k_getsockinst): New function to figure
out the instance name of interfaces on multihomed hosts. Use this
function when making daemons multihome aware.
* appl/telnet/libtelnet/kerberos.c (kerberos4_is): Made telnetd
multihome aware.
Mon Feb 12 1996
* Release 0.6.
Sun Feb 11 1996
* lots of files: hacks to make it all compile.
* configure.in, appl/telnet/configure.in: More broken AIX.
* appl/bsd/bsd_locl.h: Fix for old syslogs (as in Ultrix).
* appl/telnet/libtelnet/encrypt.c: encrypt_verbose by default.
* appl/telnet/libtelnet/kerberos.c: Show difference between
MUTUAL and ONE_WAY KERBEROS4.
* appl/telnet/libtelnet/encrypt.c:
Print message about not encrypting when receiving WONT or DONT encrypt.
* configure.in: Automatic check for HAVE_NEW_DB.
* lib/krb/getaddrs.c (k_get_all_addrs): Fixed for systems with
SOCKADDR_HAS_SA_LEN, aka 4.4BSD-based.
* appl/telnet/telnetd/global.c: Removed some multiple defined
variables.
* appl/bsd/rlogind.c (cleanup): ifndef HAVE_VHANGUP.
* appl/bsd/sysv_shadow.h: Add DAY and DAY_NOW ifndef.
* configure.in: Check if `struct sockaddr' has `sa_len'.
Sat Feb 10 1996
* appl/telnet/telnetd/telnetd.c (recv_ayt): pty -> ourpty.
* appl/bsd/bsd_locl.h: More include-files: <sys/uio.h> and <userpw.h>
* appl/kpopper/popper.c (catchSIGHUP): Got rid of some warnings.
* lib/krb/log.c (new_log): Yet another year 2000.
* appl/bsd/sysv_environ.c (read_etc_environment): Support setting
environment variables from /etc/environment.
* appl/bsd/bsd_locl.h: <usersec.h>
* configure.in: check for setpcred, libs.a and <usersec.h>.
* appl/bsd/login.c (main): setpcred is used on AIX.
* appl/bsd/rshd.c (doit): Added setpcred for AIX.
* lib/krb/getaddrs.c: <sys/sockio.h> is sometimes needed.
* admin/kdb_init.c (main): Now verifies master key.
* lib/kdb/krb_kdb_utils.c (kdb_get_master_key): Added possibility
of asking for verfication.
* appl/bsd/bsd_locl.h: Try to include <sys/stream.h>
* appl/telnet/telnetd/utility.c (printsub): Mismatch arguments.
* lib/krb/send_to_kdc.c (send_to_kdc): Send to all A records and
accept an answer from anything we have sent to.
* appl/kauth/kauth.c (renew): Use strange return types for strange
OSes.
(doexec): Remove tokens.
* server/kerberos.c (main): Uses k_get_all_addrs and binds to each
of these addresses.
* kadmin/ksrvutil_get.c (ksrvutil_get): Added support for
specifying key to create on command line to get.
Wed Feb 7 1996
* lib/krb/log.c (k_log): Now using YYYY for years.
* lib/krb/klog.c (klog): Preparing for the year 2000.
* kuser/kinit.c (main): Added option -p to get changepw-tickets.
* lib/krb/getaddrs.c: New file to get all the addresses of all the
interfaces on this machine.
Tue Feb 6 1996
* configure.in: Support for S/Key in login.c. Use --with-skeylib
switch to configure. The code assumes that the skeylib.a comes
from logdaemon.
* General support for shadow password files if there is an
shadow.h.
* appl/bsd/su.c: Arrange so that it supports shadow passords.
Sun Feb 4 1996
* appl/telnet/*: Hacks to make it work on strange OSes.
* appl/bsd/bsd_locl.h: Check for sys/ptyvar.h
* appl/telnet/configure.in (telnet_msg): sys/str_tty.h, sys/uio.h
* configure.in: test for crypt.h and sys/ptyvar.h
* appl/telnet/telnetd/*.c: pty -> ourpty.
* telnetd: Changes to make more systems work better, specifically
AIX 4. Hopefully this will work on both STREAM and BSD
systems. Not tested on some systems, like CRAY and Linux.
* util/ss/mk_cmds.c: Generating cleaner code.
* lib/krb/krb_err_txt.c (krb_err_txt): Clarification.
* kadmin/admin_server.c: Less varnings.
* appl/xnlock/xnlock.c: Changed some types and added some casts.
* appl/movemail/movemail.c: Not using syswait.h anymore.
* appl/xnlock/xnlock.c: God rid of some warnings.
* util/ss/*.[ch]: cleanup
* util/et/*.[ch]: cleanup
* appl/bsd/rcp.c: Less warnings.
* kadmin/admin_server.c (kadm_listen): Get rid of another warning.
* kadmin/pw_check.c (kadm_pw_check): Support for letting cracklib
check the quality of the password.
* kadmin/pw_check.h (kadm_pw_check): New argument to
kadm_pw_check: list of useful strings to check for.
* kadmin/kadm_server.c (kadm_ser_cpw): Send a few `useful' strings
to kadm_pw_check (name, instance, and realm).
* kadmin/Makefile.in (kadmind): Linking with -lcrack.
* configure.in: Support for --with-cracklib and --with-dictpath.
* kadmin/ksrvutil_get.c: Now seems to be working.
* kadmin/ksrvutil.h: Some new parameters.
* kadmin/ksrvutil.c: Some reorganisation and uses a working
ksrvutil_get.
* appl/movemail/movemail.c: Some more include-files.
* appl/bsd/rlogind.c: Testing for the existence of vhangup.
Wed Jan 31 1996
* configure.in: Massaged the configure files so that we can build
under NEXTSTEP 3.3. Some kludges to prevent cpp bugs and link
errors where also neccessary.
Tue Jan 30 1996
* appl/xnlock/xnlock.c (main): Improved user feedback on password
input.
* appl/xnlock/xnlock.c: Applied patch made by flag@it.kth.se that
enables C-u to erase the password field.
* lib/krb/lifetime.c: configure now creates a version string which
is referenced here. Use what and grep version to figure out where,
when and by whom binaries where created.
* appl/bsd/forkpty.c (ptys_open): Call revoke before pty slave is
opened. Add revoke using vhangup for those system lacking revoke.
Also call vhangup when rlogind exits.
Mon Jan 29 1996
* lib/krb/send_to_kdc.c (send_to_kdc): Removed kludge for SunOS
3.2 and Ultrix 2.2 that prevented multihomed kerberos servers to
operate correctly.
* kadmin/kadmin.c (change_key): Add new subcommand change_key so
that it is possible to enter keys in the DB on binary form. Most
usefull for sites running AFS.
Fri Jan 26 1996
* appl/bsd/su.c (koktologin): New option -i root-instance. If you
want a user.afs ticket in a root shell and user.afs is on root's
ACL then do a "su -i afs".
* Makefile.in: Rearrange the order of object files to make shared
libraries slightly more efficient.
* appl/kauth/kauth.c (main): Always up case realm. Better error
messages on failed exec.
Mon Jan 22 1996
* appl/bsd/rshd.c (main): New option -P to prevent rshd from using
a new PAG. Expert use only!
* appl/bsd/rlogind.c (doit): Avoid race when setting tty size.
* appl/bsd/rlogin.c (reader): Use select rather than horrible
signal hacks to handle OOB data.
* appl/bsd/login.c (main) sysv_environ.c (sysv_newenv): Login does
now honor the -p switch when invoked by root. This is used by
telnetd to export environment variables.
Fri Jan 5 1996
* appl/bsd/signal.c (signal): New BSD compatible signal
function. Most r* applications assume reliable signals.
* appl/bsd/login.c (main): Check HAVE_ULIMIT.
* appl/bsd/bsd_locl.h: Include sys/ioctl.h.
* configure.in: Check for ulimit.
* admin/kdb_edit.c: Flush stdout after printing prompts.
* appl/kpopper/pop_xmit.c: Remember to include config.h.
Tue Jan 2 1996
* appl/bsd/login.c (main): New function stty_default to setup
default tty settings.
Fri Dec 29 1995
* appl/kstring2key/kstring2key.c (main): New program that converts
passwords to DES keys, either using des_string_to_key or
afs_string_to_key.
* server/kerberos.c: Kerberos server now listen on 2 ports,
kerberos/udp and kerberos-sec/udp.
Wed Dec 27 1995
* appl/bsd/rcp.c (main): Integrated -x option to rcp. This
required some real horrible hacks in lib/des/enc_{read,write}.c
* acconfig.h: Enabled MULTIHOMED_KADMIN in acconfig.h.
* Add RCSID stuff to telnet files.
Fri Dec 22 1995
* appl/bsd/login.c (main): The login program does now by default
read /etc/default/login, even on non Psoriasis systems. Unifdef
SYSV4, this was essentially only for prompting.
Mon Dec 18 1995
* appl/kpopper/popper.c (main): Integrate default timeout of 120
seconds from Qualcomm popper. Timeout is also set able with -T
seconds.
* lib/kadm/kadm_cli_wrap.c (kadm_change_pw_plain): If there's no
password, don't even send the empty string.
Thu Dec 7 1995
* lots of files: all debug messages now printed to stderr (from
<lama@pdc.kth.se>)
* lib/krb/tf_util.c (tf_create): New method for creating a new
ticket file. Remove the old old and then open with O_CREAT and
O_EXCL.
* server/kerberos.c, slave/kpropd.c: Some casts to get rid of warnings.
* configure.in: Added checks for unistd.h, memmove and const.
* appl/telnet/telnet/commands.c: Changed types of functions to
confirm with struct Command.
* appl/telnet/configure.in: Check for setpgid.
* appl/bsd/rlogin.c: Get rid of another warning.
* appl/bsd/bsd_locl.h, appl/telnet/acconfig.h: New synonym for
solaris.
Wed Dec 6 1995
* (movemail): Now from emacs-19.30. If you have a newish emacs
there is no reason to use this movemail.
* (kadm): Added support for server side password checks. Hopefully
this is compatible with kerberos 4.10. Old kpasswd:s will give
funny error messages. For examples of checks, see
kadmin/pw_check.c. Since this is mostly political matters,
kadm_pw_check() should probably return KADM_SUCCESS by default.
Mon Nov 27 1995
* appl/telnet/telnetd/telnetd.c (main): Kludge to fix encryption
problem with Mac NCSA telnet 2.6.
* lib/krb/stime.c: Now using YYYY for years. (2000 is soon here).
* appl/bsd/rsh.c, rcp.c, rlogin.c: Fixed fallback for port number
(added missing ntohs).
Sun Nov 12 1995
* (many files): More ANSI/ISO 9899-1990 to the people!
Now actually builds (not including util) with DEC "cc -std1" and
Sun "acc -Xc". There are still major prototype conflicts, but
there isn't much to do about this.
Sat Oct 28 1995
* lib/kadm/kadm_cli_wrap.c: Fallback for kerberos and
kerberos_master services.
Fri Oct 27 1995
* Released version 0.5
* lib/des/read_pwd.c: Redifine TIOCGETP and TIOCSETP so that the
same code is used both for posix termios and others.
* rsh, rlogin: Add environment variable RSTAR_NO_WARN which when
set to "yes" make warnings about "rlogin: warning, using standard
rlogin: remote host doesn't support Kerberos." go away.
Tue Oct 24 1995
* admin/kdb_util.c (load_db) lib/kdb/krb_dbm.c (kerb_db_update):
Optimized so that it can handle large databases, previously a
10000 entry DB would take *many* minutes, this can now be done in
under a minute.
Sat Oct 21 1995
* Changes in server/kerberos.c, kadmin/*.c slave/*.c to support 64
bit machines. Source should now be free of 64 bit assumptions.
* admin/copykey.c (copy_from_key): New functions for copying to
and from keys. Neccessary to solve som problems with longs on 64
bit machines in kdb_init, kdb_edit, kdb_util and ext_srvtab.
* lib/kdb/krb_kdb_utils.c (kdb_verify_master_key): More problems
with longs on 64 bit machines.
Mon Oct 16 1995
* appl/bsd/login.c (main): Lots of stuff to support Psoriasis
login. Courtesy of gertz@lysator.liu.se.
* configure.in, all Makefile.in's: Support for Linux shared
libraries. Courtesy of svedja@lysator.liu.se.
* lib/krb/cr_err_reply.c server/kerberos.c: Moved int req_act_vno
= KRB_PROT_VERSION; from server kode to libkrb where it really
belongs.
* appl/bsd/forkpty.c (forkpty): New function that allocates master
and slave ptys in a portable way. Used by rlogind.
* appl/telnet/telnetd/sys_term.c (start_login): Under SunOS5 the
same utmpx slot got used by sevral sessions. Courtesy of
gertz@lysator.liu.se.
Wed Oct 4 1995
* util/{ss, et}/Makefile.in (LEX): Use flex or lex. Courtesy of
svedja@lysator.liu.se.
* Fix the above Makefiles to work around bugs in Solaris and OSF/1
make rules that was triggered by VPATH functionality in the yacc
and lex rules.
Mon Oct 2 1995
* appl/kpopper/pop_log.c (pop_log) appl/kpopper/pop_msg.c (pop_msg):
Use stdarg instead of varargs. The code is still broken though,
you'll realize that on a machine with 64 bit pointers and 32 bit
int:s and no vsprintf, let's hope there will be no such beasts ;-).
* appl/telnet/telnetd/sys_term.c (getptyslave): Not all systems
have (or need) modules ttcompat and pckt so don't flag it as a
fatal error if they don't exist.
Mon Sep 25 1995
* kadmin/admin_server.c (kadm_listen) kadmind/kadm_ser_wrap.c
(kadm_listen): Add kludge for kadmind running on a multihomed
server. #ifdef:ed under MULTIHOMED_KADMIN. Change in acconfig.h
if you need this feature.
* appl/Makefile.in (SUBDIRS): Add applications movemail kpopper
and xnlock.
Wed Sep 20 1995
* appl/bsd/rlogin.c (main): New rlogind.c, forkpty() is not
implemented yet though.
Wed Sep 13 1995
* appl/xnlock/Makefile.in: Some stubs for X11 programs in
configure.in as well as a kerberized version of xnlock.
* appl/bsd/{rlogin.c, rsh.c, rcp.c}: Add code to support fallback
port numbers if they can not be found using getservbyname.
Tue Sep 12 1995
* appl/bsd/klogin.c (klogin): Use differnet ticket files for each
login so that a malicous user won't be able to destroy our tickets
with a failed login attempt.
* lib/kafs/afssys.c (k_afsklog): First we try afs.cell@REALM, if
there is no such thing try afs@CELL instead. There is now two
arguments to k_afslog(char *cell, char *realm).
Mon Sep 11 1995
* kadmin/admin_server.c (kadm_listen): If we are multihomed we
need to figure out which local address that is used this time
since it is used in "direction" comparison.
Wed Sep 6 1995
* kadmin/kadm_ser_wrap.c (kadm_ser_init): Fallback to use default
port number.
* lib/krb/send_to_kdc.c (send_to_kdc): Default port number
(KRB_PORT) was not in network byte order.
Tue Sep 5 1995
* lib/krb/send_to_kdc.c (send_recv): Linux clears timeout struct
when selecting.
Mon Sep 4 1995
* appl/bsd/rcp.c, appl/bsd/rlogin.c, appl/bsd/rsh.c:
Now does fallback if there isn't any entries in /etc/services for
klogin/kshell. This also made the code a bit more pretty.
* appl/bsd/login.c: Added support for lots of more struct utmp fields.
If there is no ttyslot() use setutent and friends.
* appl/bsd/Makefile.in, appl/bsd/rlogind.c, appl/bsd/rshd.c:
Added extern iruserok().
* appl/bsd/iruserok.c: Initial revision
* appl/bsd/bsd_locl.h: Must include sys/filio.h on Psoriasis.
* appl/bsd/Makefile.in: New install
* appl/bsd/pathnames.h: Fix default path, rsh and rlogin.
* appl/bsd/rshd.c: Extend default PATH with bindir to find rcp.
* appl/bsd/login.c (login): If there is no ttyslot use setutent
and friends. Added support for lots of more struct utmp fields.
* server/kerberos.c (main) lib/kafs/afssys.c appl/bsd/bsd_locl.h:
Must include sys/filio.h on Psoriasis to find _IOW and FIO* macros.
* appl/bsd/rlogind.c (doit): Use _PATH_DEFPATH rather than
_PATH_DEF.
* appl/bsd/login.c, su.c (main): Use fallback to bourne shell if
running as root.
* appl/bsd/su.c (main): Update usage message to reflect that '-'
option must come after the ordinary options and before login-id.
Sat Sep 2 1995
* appl/telnet/telnetd/telnetd.c (doit): If remote host name is to
long to fit into utmp try to remove domain part if it does match
our local domain.
(main): Add new option -L /bin/login so that it is possible to
specify an alternate login program.
* appl/telnet/telnet/commands.c (env_init): When exporting
variable DISPLAY and if hostname is not the full name, try to get
the full name from DNS.
* appl/telnet/telnet/main.c (main): Option -k realm was broken due
to a bogous external declaration.
Fri Sep 1 1995
* kadmin/kadmin.c (add_new_key): Kadmin now properly sets
lifetime, expiration date and attributes in add_new_key command.
Wed Aug 30 1995
* appl/bsd/su.c (main): Don't handle '-' option with getopt.
* appl/telnet/telnet/externs.h: Removed protection for multiple
inclusions of termio(s).h since it broke definition of termio
macro on POSIX systems.
Tue Aug 29 1995
* lib/krb/lifetime.c (krb_life_to_time): If you want to disable
AFS compatible long lifetimes set krb_no_long_lifetimes = 1.
Please note that the long lifetimes are 100% compatible up to
10h so this should rarely be necessary.
* lib/krb/krb_equiv.c (krb_equiv): If you don't want to use
ipaddress protection of tickets set krb_ignore_ip_address. This
makes it possible for an intruder to steal a ticket and then use
it from som other machine anywhere on the net.
Mon Aug 28 1995
* kadmin/kadm_ser_wrap.c (kadm_ser_init): Don't bind to only one
local address. Accept request on all interfaces.
* admin/kdb_edit.c (change_principal): Don't accept illegal
dates. Courtesy of gertz@lysator.liu.se.
Sat Aug 26 1995
* configure.in: AIX specific libraries needed when using standard
libc routine getttyent, IBM should be ashamed!
* lib/krb/recvauth.c (krb_recvauth): Long that should be int32_t
problem.
* Added strdup for su and rlogin.
* Fix for old syslog macros in appl/bsd/bsd_locl.
Fri Aug 25 1995
* lib/kdb/krb_dbm.c (kerb_db_rename) admin/kdb_destroy.c: New
ifdef HAVE_NEW_DB for new databases residing in one file only.
* appl/bsd/rlogin.c (oob): Add workaround for Linux.
Mon Aug 21 1995
* appl/bsd/getpass.c: New routine that reads up to 127 char
passwords. Used in su.c and login.c.
Tue Aug 15 1995
* appl/telnet/telnetd/sys_term.c (login_tty): Ioctl TIOCSCTTY
should not be used on HP-UX.
Mon Aug 14 1995
* appl/bsd/rlogin.c (main): Added dummy rlogind that tells user to
rather use telnet.
Thu Aug 10 1995
* lib/krb/ krb.h, decomp_ticket.c, getrealm.c, get_krbhst.c,
get_krbrlm.c, get_admhst.c:
Use multiple configuration directories for krb.conf and
krb.realms, KRB_CONF and KRB_REALM_TRANS macros substituted with
KRB_CNF_FILES and KRB_RLM_FILES. Currently /etc and
/etc/kerberosIV are searched. Directory specified by envioronment
variable KRBCONFDIR is searched first if set. No hardcoded
realmname or kerberos server. Instead use domainname for deafult
realm and kerberos.domain as kerberos server if they are not
listed in krb.conf and/or krb.realms. In the normal case there
should be no need for configuration files if administrators add a
CNAME pointing to the kerberos server.
* appl/bsd/Makefile.in and friends: GNU make should no longer be
neccessary unless building with VPATH.
Wed Aug 9 1995
* appl/bsd/klogin.c (klogin): Old ticket file need to be removed
before we call krb_get_pw_in_tkt or we might get a Kerberos intkt
error because the wrong user owns the file.
Tue Aug 8 1995
* configure.in : Telnet.beta2 is now official and has been moved
to appl/telnet.
* appl/bsd/su.c (main): Reenable -K flag, won't work if not
PASSWD_FALLBACK is enabled. Cosmetics for Password prompt.
Fri Aug 4 1995
* appl/bsd/su.c (kerberos): Don't allow su from possibly bogous
kerberos server. Controlled by #ifdef KLOGIN_PARANOID.
* lib/kafs/afssys.c (SIGSYS_handler): Need to reinstall handler on
SYSV.
Mon Jul 24 1995
* lib/kafs/afssys.c (k_afsklog): Use default realm on null argument.
* appl/bsd/rlogin.c, login.c: New programs.
Fri Jul 21 1995
* appl/bsd/kcmd.c rsh.c rlogin.c: Use POSIX signals.
* appl/telnet.95.05.31.NE/telnetd/sys_term.c, telnetd.c: Port to
IRIX.
Tue Jul 11 1995
* admin/kdb_init.c (main): Use new random generator. Dito in
admin/kdb_edit.c. Use master key to initialize random sequence.
Mon Jul 10 1995
* kadmin/kadmin.c (get_password): Fix for random passwords.
Dito for admin/kdb_edit.c
* appl/kauth/kauth.c (main): Updated for krb distribution, now
uses new library libkafs.
* appl/telnet.beta/telnet/main.c (main): New telnet with
encryption hacks from ftp.funet.fi:/pub/unix/security/esrasrc-1.0.
Encryption does not currently work though.
Tue Jun 20 1995
* New library to support AFS. Routines:
int k_hasafs(void);
int k_afsklog(...);
int k_setpag(void);
int k_unlog(void);
int k_pioctl(char *, int, struct ViceIoctl *, int);
Modified it to support more than one single entry point AFS
syscalls (needed by HPUX and OSF/1 when running DFS). Don't rely
on transarc headers or library code.
This has not been tested and will most probably need some
serious violence to get working under AIX. (AIX has since been
fixed to. /bg)
Fri Jun 16 1995
* lib/krb/krb_equiv.c (krb_equiv): Compare IP adresses using
krb_equiv() to allow for hosts with more than one address in files
rd_priv.c rd_req.c and rd_safe.c.
* slave/kpropd.c (main): Fix uninitialized variables and rewind
file in kprop.c.
Thu Jun 15 1995
* appl/bsd/rcp.c (allocbuf): Fix various bugs.
* slave/kpropd.c (main): Responder uses
KPROP_SERVICE_NAME.`hostname' and requestor always uses
KPROP_SERVICE_NAME.KRB_MASTER, i.e rcmd.kerberos in kprop/kpropd
protocol.
Wed Jun 14 1995
* appl/bsd/rshd.c (doit): Encryption should now work both ways.
Tue Jun 13 1995
* appl/bsd/pathnames.h: Fixup paths.
* server/Makefile.in and friends (install): Install daemons in in
libexec and administrator programs in sbin.
* Makefile.in: Joda (d91-jda) added install target
Wed Jun 7 1995
* lib/krb/k_strerror.c: New function k_strerror() to use instead
of the non portable sys_errlist[].