[Heimdal-source-changes] [heimdal/heimdal] f84b67: In all_etypes prefer des3-cbc-sha1 over arcfour-hm...
GitHub
noreply at github.com
Tis Dec 2 00:42:52 CET 2014
Branch: refs/heads/heimdal-1-6-branch
Home: https://github.com/heimdal/heimdal
Commit: f84b6770d4197e31df3e03f47a6fa095c1ea61b4
https://github.com/heimdal/heimdal/commit/f84b6770d4197e31df3e03f47a6fa095c1ea61b4
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M lib/hdb/keys.c
Log Message:
-----------
In all_etypes prefer des3-cbc-sha1 over arcfour-hmac-md5
Commit: 6e9ce81e9d57bfdac21a4e97237f1658488d83ea
https://github.com/heimdal/heimdal/commit/6e9ce81e9d57bfdac21a4e97237f1658488d83ea
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M LICENSE
Log Message:
-----------
update (c)
Commit: 887812b4efbd80effd9023d00934f611ca752074
https://github.com/heimdal/heimdal/commit/887812b4efbd80effd9023d00934f611ca752074
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M kdc/process.c
Log Message:
-----------
release pool when done
Commit: db9212e26adef573bbb3c05fbd212bf47db8bf11
https://github.com/heimdal/heimdal/commit/db9212e26adef573bbb3c05fbd212bf47db8bf11
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M lib/krb5/fcache.c
M lib/krb5/store.c
Log Message:
-----------
now that use used up more then 16 flags and we have been using the right bit order for many years, lets stop dealing with broken bit fields from ticket flags
Commit: 53fb715f6f2814c10748001afd8fa16224d3a0bd
https://github.com/heimdal/heimdal/commit/53fb715f6f2814c10748001afd8fa16224d3a0bd
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M cf/roken-frag.m4
M configure.ac
Log Message:
-----------
use LT_INIT only, fixes #95
Commit: d0b5f64f71e375c6761196cd807edf2f1232dfb9
https://github.com/heimdal/heimdal/commit/d0b5f64f71e375c6761196cd807edf2f1232dfb9
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M cf/check-compile-et.m4
M cf/check-x.m4
Log Message:
-----------
hush autoconf
Commit: f1266d25156135a22b5c33727f9a630c1460d0a7
https://github.com/heimdal/heimdal/commit/f1266d25156135a22b5c33727f9a630c1460d0a7
Author: Chaskiel Grundman <cg2v at andrew.cmu.edu>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M lib/kadm5/Makefile.am
Log Message:
-----------
version-script-client.map needs to be in dist
version-script-client.map needs to be in lib/kadm5's EXTRA_DIST,
otherwise make distcheck fails
Commit: 6817409a765181360065af994fafaa2911730704
https://github.com/heimdal/heimdal/commit/6817409a765181360065af994fafaa2911730704
Author: Chaskiel Grundman <cg2v at andrew.cmu.edu>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M lib/asn1/krb5.asn1
Log Message:
-----------
Use correct value for anonymous flags
The KDC Option and Ticket Flag for the anonymous extension were changed
from 14 to 16 due to a conflict with S4U2Proxy in version 11 of the anonymous
draft (now RFC6112). Fix the definitions
Commit: b9ccbf1cea0e49f6f6238bef16581ffcd5b756df
https://github.com/heimdal/heimdal/commit/b9ccbf1cea0e49f6f6238bef16581ffcd5b756df
Author: Chaskiel Grundman <cg2v at andrew.cmu.edu>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M kdc/kerberos5.c
M kdc/pkinit.c
Log Message:
-----------
Recognize anonymous AS requests using bit 14
Check KDC Option bit 14 in addition to 16 when identifying anonymous
AS-REQs. This provides compatibility with older heimdal releases.
Commit: 78b09283142276761e847729fd2c0f7de69293d4
https://github.com/heimdal/heimdal/commit/78b09283142276761e847729fd2c0f7de69293d4
Author: Chaskiel Grundman <cg2v at andrew.cmu.edu>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M kdc/kerberos5.c
Log Message:
-----------
Include empty PKINIT-KX padata
rfc6112 requires kdcs implementing anonymous PKINIT to include an
empty PKINIT-KX padata in PREAUTH_REQUIRED messages.
Including this improves compatibility with MIT kerberos.
Commit: 0e6e757c3f925eaeec61d5750042d3fe8b437348
https://github.com/heimdal/heimdal/commit/0e6e757c3f925eaeec61d5750042d3fe8b437348
Author: Chaskiel Grundman <cg2v at andrew.cmu.edu>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M kdc/pkinit.c
Log Message:
-----------
When using PKINIT with DH, compute session key
RFC6112 provides a method of computing a session key when the PKINIT DH
is used, and mandates it for anonymous pkinit. The session key is computed
using KRB-FX-CF2 from the reply key and a random key chosen by the kdc.
The random key is provided to the client, which is supposed to verify
that the session key was computed this way.
Commit: a2ccf8b32e40e2c81691d0f9b68601bf057bf6aa
https://github.com/heimdal/heimdal/commit/a2ccf8b32e40e2c81691d0f9b68601bf057bf6aa
Author: Chaskiel Grundman <cg2v at andrew.cmu.edu>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M kdc/kerberos5.c
Log Message:
-----------
Document logic in _krb5_is_anon_request
describe why we look at the different bits and fields
Commit: 8bd13509e8d2790d19b6c8db6340216bbe6ae05d
https://github.com/heimdal/heimdal/commit/8bd13509e8d2790d19b6c8db6340216bbe6ae05d
Author: Chaskiel Grundman <cg2v at andrew.cmu.edu>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M kdc/kerberos5.c
Log Message:
-----------
Use anon realm for anonymous PKINIT
When an AS request names the anonymous principal, use the anonymous
realm in the response and ticket.
Commit: 89e25dce2ed7c3de0d7247169bd74fb3e317b47a
https://github.com/heimdal/heimdal/commit/89e25dce2ed7c3de0d7247169bd74fb3e317b47a
Author: Jelmer Vernooij <jelmer at samba.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M admin/Makefile.am
M kadmin/Makefile.am
Log Message:
-----------
Install compatibility symlinks for kadmin and ktutil.
Commit: 00783df00fe79cb154529c7860b89e48fd29bea8
https://github.com/heimdal/heimdal/commit/00783df00fe79cb154529c7860b89e48fd29bea8
Author: Jelmer Vernooij <jelmer at samba.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M appl/login/login.1
M kuser/kinit.1
Log Message:
-----------
Remove references to KRBTKFILE from login.1 and kinit.1.
Commit: cc7169340dd141e7b0cd32c727e6ccdc95a49f48
https://github.com/heimdal/heimdal/commit/cc7169340dd141e7b0cd32c727e6ccdc95a49f48
Author: Jelmer Vernooij <jelmer at samba.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M appl/afsutil/afslog.1
Log Message:
-----------
afslog.1: Remove documentation for removed no-v4 argument.
Commit: f4e2183eaa92771bc68c76c32949fc25e67d9412
https://github.com/heimdal/heimdal/commit/f4e2183eaa92771bc68c76c32949fc25e67d9412
Author: Jelmer Vernooij <jelmer at samba.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M kuser/kimpersonate.8
Log Message:
-----------
Remove kerberos 4 references from kimpersonate.8.
Commit: 5bc40d1bc01795cdf704a52bedef0db35e5fd836
https://github.com/heimdal/heimdal/commit/5bc40d1bc01795cdf704a52bedef0db35e5fd836
Author: Ken Dreyer <ktdreyer at ktdreyer.com>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M kadmin/kadm_conn.c
Log Message:
-----------
kadmin: handle systemd setpgid failure
When running as a service under systemd, kadmin cannot successfully use
setpgid(). The call fails with EPERM. Do not treat this as a fatal
error; instead, allow kadmind to continue starting up.
Commit: 1429251dc46f869781df2d1f62cb7b2e73a661d0
https://github.com/heimdal/heimdal/commit/1429251dc46f869781df2d1f62cb7b2e73a661d0
Author: Ken Dreyer <ktdreyer at ktdreyer.com>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M kuser/klist.c
Log Message:
-----------
klist: fix spelling in comments
Commit: bb8b66cd8c39f078108d6bb4cc59f487d49b198c
https://github.com/heimdal/heimdal/commit/bb8b66cd8c39f078108d6bb4cc59f487d49b198c
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M cf/roken-frag.m4
M lib/roken/roken.h.in
Log Message:
-----------
check for sys/errno.h
Commit: c08574ae649a775808a8357f5294e3e61cedf388
https://github.com/heimdal/heimdal/commit/c08574ae649a775808a8357f5294e3e61cedf388
Author: Jeffrey Hutzelman <jhutz at cmu.edu>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M lib/kafs/Makefile.am
M lib/kafs/afskrb5.c
M lib/kafs/kafs_locl.h
A lib/kafs/rxkad_kdf.c
Log Message:
-----------
libkafs: derivation from non-DES key (rxkad-kdf)
Add support for the "rxkad-kdf" protocol for deriving rxkad session keys
from non-DES Kerberos session keys. This allows rxkad to be used in
realms where the KDC is unwilling or unable to issue tickets with
single-DES session keys.
Commit: 18669dfaeaab4952fc763559aa1e16b1a7bc5ad0
https://github.com/heimdal/heimdal/commit/18669dfaeaab4952fc763559aa1e16b1a7bc5ad0
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M kuser/kinit.c
M lib/krb5/init_creds_pw.c
M tests/kdc/check-kdc.in
Log Message:
-----------
resurrect password change support again
Commit: 22dd132cdbd71ccfcf53e2765cb4bfdfd8b426fd
https://github.com/heimdal/heimdal/commit/22dd132cdbd71ccfcf53e2765cb4bfdfd8b426fd
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M appl/ftp/ftp/gssapi.c
M appl/ftp/ftp/security.c
M appl/test/http_client.c
M kdc/connect.c
M kuser/kdigest.c
M lib/base/db.c
M lib/base/json.c
M lib/hdb/test_hdbkeys.c
M lib/hx509/file.c
M lib/ipc/server.c
M lib/kadm5/ad.c
M lib/krb5/send_to_kdc.c
M lib/roken/base64-test.c
M lib/roken/base64.c
M lib/roken/base64.h
M lib/roken/version-script.map
Log Message:
-----------
rename roken base64, fixes #107
Commit: cfa39a313ee625c5063cb835c74010250907f98b
https://github.com/heimdal/heimdal/commit/cfa39a313ee625c5063cb835c74010250907f98b
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M autogen.sh
Log Message:
-----------
check for JSON perl module and if not found ask developer to install it
partial fix for #74
Commit: a54f8d4f231ab888fb29776f4470ff70dbf6e247
https://github.com/heimdal/heimdal/commit/a54f8d4f231ab888fb29776f4470ff70dbf6e247
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M lib/roken/base64-test.c
Log Message:
-----------
remove stray a
Commit: 2fe00bc4680bf460d98f32ee3a5ba493ec1f5fec
https://github.com/heimdal/heimdal/commit/2fe00bc4680bf460d98f32ee3a5ba493ec1f5fec
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M lib/hx509/Makefile.am
Log Message:
-----------
make quiet
Commit: 5269f7163b3ca92ab69e10de6934028f4a297080
https://github.com/heimdal/heimdal/commit/5269f7163b3ca92ab69e10de6934028f4a297080
Author: Love Hörnquist Åstrand <lha at h5l.org>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M admin/Makefile.am
M kadmin/Makefile.am
Log Message:
-----------
revert 31be932fe83d74ffe1c353e035c981dd91756728
Commit: 18a152429ecdef3c9054a5effd26f7d692a62539
https://github.com/heimdal/heimdal/commit/18a152429ecdef3c9054a5effd26f7d692a62539
Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
Date: 2014-12-01 (Mon, 01 Dec 2014)
Changed paths:
M kuser/kinit.1
Log Message:
-----------
Fix kinit.1's synopsis w.r.t. -f and -F.
Compare: https://github.com/heimdal/heimdal/compare/8bf9c05ff05b...18a152429ecd
More information about the Heimdal-source-changes
mailing list