| Current Path : /usr/local/share/doc/cyrus-sasl/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
| Current File : //usr/local/share/doc/cyrus-sasl/ChangeLog |
2002-07-16 Rob Siemborski <rjs3+@andrew.cmu.edu>
* plugins/cram.c: Fix a security problem in the verification of
the digest string. (Andrew Jones <arjones@simultan.dyndns.org>)
* Ready for 1.5.28
2002-06-12 Rob Siemborski <rjs3+@andrew.cmu.edu>
* plugins/digestmd5.c: Add missing prompts++
(Howard Chu <hyc@highlandsun.com>)
2002-04-15 Rob Siemborski <rjs3+@andrew.cmu.edu>
* plugins/gssapi.c: Fix how name_token and name_without_realm
are freed
* plugins/gssapi.c: Better realm handling
(Howard Chu <hyc@highlandsun.com>)
2001-08-10 Rob Siemborski <rjs3+@andrew.cmu.edu>
* saslauthd/Makefile.am: mkinstalldirs correctly for saslauthd.8
(Amos Gouaux <amos@utdallas.edu>)
* lib/Makefile.am: supply empty install-exec-hook if not compiling
for Mac OS X
2001-08-08 Rob Siemborski <rjs3+@andrew.cmu.edu>
* saslauthd/Makefile.am: Also link PLAIN_LIBS
* saslauthd/saslauthd.mdoc: updated re: pam
* saslauthd/saslauthd.8: regenerated
(the above are from Ken Murchison <ken@oceana.com>)
* plugins/anonymous.c (client_continue_step): now we can actually
reach the last state
2001-08-03 Rob Siemborski <rjs3+@andrew.cmu.edu>
* utils/sasldblistusers.c: Corrected conditional compilation
* utils/saslpasswd.c (main, good_getopt): support for sasldb files
that aren't /etc/sasldb
2001-08-03 Rolf Braun <rbraun+@andrew.cmu.edu>
* Mac OS X support, and Carbon for Mac OS 9
* updated ltconfig and ltmain.sh
* lib/saslutil.c: use random() on OS X
* lib/md5.c:
* include/md5.h:
* lib/checkpw.c:
* lib/common.c:
MD5 symbols prefixed with _sasl_ on OS X, which avoids symbol
conflicts with libdes when using Apple's strict linker
(on other platforms, these #define to the usual MD5 symbols)
* dlcompat-20010505:
dlcompat included for OS X support, compiles separately
* lib/dlopen.c: prefix symbols with underscore on OS X, as on OpenBSD
* plugins/Makefile.am: need to supply -module to libtool for
some platforms (including Mac OS X)
* acconfig.h:
* configure.in:
look for libdes524 when libdes doesn't exist.
look for libkrb4 when libkrb doesn't exist,
and assume it's MIT Kerberos for Macintosh 4.0
* plugins/kerberos4.c:
* lib/checkpw.c:
* acconfig.h:
define new macro get_krb_err_txt(), and make it look
up from the array krb_err_txt[] in most situations.
when MIT Kerberos for Macintosh 4.0 is detected, make
it return a bogus generic error.
* plugins/kerberos4.c:
define KEYFILE to "/etc/srvtab" if not already defined
by the kerberos 4 headers (needed for MIT KfM 4.0)
* doc/macosx.html: added this
* README: point Mac OS X users to doc/macosx.html
* doc/Makefile.am: add doc/macosx.html to distfiles
* Makefile.am:
* lib/Makefile.am:
* include/Makefile.am:
* config/Info.plist:
* configure.in:
when building on Mac OS X, install a framework
in /Library/Frameworks
* mac_only_files.sit.hqx: included Carbon projects for
the existing Mac OS 9 stuff, and added the OS X CFM glue
to support the Carbon SASL api against the unix backend
also added this to distfiles
2001-07-27 Rob Siemborski <rjs3+@andrew.cmu.edu>
* include/sasl.h: updated comments of sasl_client_new
2001-07-24 Rob Siemborski <rjs3+@andrew.cmu.edu>
* backport of auth_krb5.c from SASLv2
* backport of improved gssapi configure.in checks
* corrected FreeBSD-related configure checking of Berkeley DB
as well as treatment of libcom_err
(from Scot W. Hetzel <scot@genroco.com>)
2001-07-23 Rob Siemborski <rjs3+@andrew.cmu.edu>
* check for db3/db.h as well as db.h for Berkeley DB
2001-07-18 Rob Siemborski <rjs3+@andrew.cmu.edu>
* Updated config.guess and config.sub
2001-06-19 Rob Siemborski <rjs3+@andrew.cmu.edu>
* Forced a truncation in the anonymous plugin (RFC 2245)
* Clean up some memory leaks in the non-standard LOGIN mechanism.
* Fixed a potential mis-cast in the CRAM-MD5 mechanism.
2001-06-06 Rob Siemborski <rjs3+@andrew.cmu.edu>
* Corrected a getopt call in server.c to have the correct parameters
passed to it. Also fixed unused variable warnings in sasl_setpass.
2001-06-04 Rob Siemborski <rjs3+@andrew.cmu.edu>
* Corrected small off-by-one error in client.c, as reported
by Meh-Hui Su
2001-05-30 Rob Siemborski <rjs3+@andrew.cmu.edu>
* removed unnecessary memory allocations in the security layer
calls of the KERBEROS_V4 plugin.
2001-05-17 Rob Siemborski <rjs3+@andrew.cmu.edu>
* cleaned up a number of manpages
2001-05-07 Lyndon Nerenberg <lyndon@MessagingDirect.COM>
* Include a pre-formatted saslauthd.8 manpage, for sites that
don't have the mdoc macros. Manpage source is included in
saslauthd.mdoc.
2001-03-23 Larry Greenfield <leg@yossarian.cc.cmu.edu>
* ready to 1.5.27
* saslauthd/Makefile.am (saslauthd_SOURCES): oops, header files
missing from saslauthd_SOURCES
2001-03-22 Larry Greenfield <leg@yossarian.cc.cmu.edu>
* plugins/digestmd5.c: disabled DES for now
2001-02-19 Lawrence Greenfield <leg+@andrew.cmu.edu>
* ready for 1.5.26
* plugins/digestmd5.c (c_continue_step):
* plugins/plain.c (client_continue_step):
* plugins/gssapi.c (sasl_gss_client_start):
* plugins/kerberos4.c (client_continue_step):
* plugins/anonymous.c (client_continue_step):
accept NULL as a valid clientin during sasl_client_start, to
indicate a protocol not capable of an initial client response
2001-02-12 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/digestmd5.c (init_3des): DES functions was using ECB
instead of CBC. fixed.
2001-01-04 Lawrence Greenfield <leg+@andrew.cmu.edu>
* Fabian Knittel contributed patches finishing off saslauthd
support and adding PAM to saslauthd.
2000-11-06 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/digestmd5.c: UTF8_In_8859_1() was returning the reverse,
which was creating an improper HMAC for layers.
2000-12-18 Larry Greenfield <leg@yossarian.cc.cmu.edu>
* configure.in: look for gsskrb5_register_acceptor_identity();
heimdal call for changing keytab location
* plugins/gssapi.c: use heimdal krb5 call for keytab location
* plugins/digestmd5.c: bug in calculating HMAC for auth-int,
auth-conf fixed. breaks backward compatibility. (HMAC was
reversed.)
bug in calculating response for auth-conf fixed.
(:00000000000000000000000000000000 wasn't being appended.)
2000-10-16 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/checkpw.c: patch to SIA authentication to handle locked
accounts. from Chris Adams <cmadams@hiwaay.net>
2000-10-13 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/digestmd5.c: patch from alexey to check for a
short-string condition
* plugins/digestmd5.c: switch to using an internal implementation
of rc4 to remove at least one dependency on openssl, just makes
things easier to compile/use
2000-08-23 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/kerberos4.c (sasl_server_plug_init): now uses utils->log
if we're going to fail due to srvtab being unreadable.
2000-08-13 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/saslint.h: _sasl_get_plugin() implemented.
* lib/dlopen.c: _sasl_get_plugin() implemented.
* lib/server.c: now supports mechlist file
* lib/config.c: added to comment
2000-07-21 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/cram.c: patch from Kurt/OpenLDAP. incorrectly prompting
for authorization name when we want the authentication name.
2000-07-20 Lawrence Greenfield <leg+@andrew.cmu.edu>
* version 1.5.24 ready for release
* plugins/gssapi.c: remove some dead code
* lib/checkpw.c: ensure that PAM only sees non-empty usernames and
passwords.
2000-07-17 Lawrence Greenfield <leg+@andrew.cmu.edu>
* pwcheck/pwcheck.c: include <config.h> first thing!
* version 1.5.23 ready for beta release
* plugins/digestmd5.c: get_authid() and get_userid() should copy
the result of the callbacks, not just use as is.
2000-07-13 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/common.c: _sasl_proxy_policy wasn't dealing with a NULL or
"" requested_user by defaulting it to the auth_identity.
* plugins/digestmd5.c: fix realm always being set to ""
2000-07-12 Lawrence Greenfield <leg+@andrew.cmu.edu>
* utils/sasldblistusers.c (listusers):
* include/makemd5.c (main): warning suppression, from Larry
M. Rosenbaum <lmr@ornl.gov>
2000-07-10 Lawrence Greenfield <leg+@andrew.cmu.edu>
* version 1.5.22 ready for beta release
* lib/server.c: serious bug fixed! do authorization if
sasl_server_start() returns SASL_OK.
pointed out by Jerzy Balamut <jurekb@dione.ids.pl>, vulnerabilty
obvious with EXTERNAL calls, PLAIN in a protocol with
client-sends-first.
2000-07-05 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/checkpw.c: added pwcheck method "sia" for the Digital Unix
"Security Integration Architecture". contributed by Chris Adams
<cmadams@hiwaay.net>.
2000-06-09 Timothy Martin <tmartin+@andrew.cmu.edu>
* plugins/digestmd5.c (server_continue_step): take out lowercasing
2000-06-07 Timothy Martin <tmartin+@andrew.cmu.edu>
* plugins/digestmd5.c (get_pair): handle nasty stuff
(digest_strdup_lower): lowercase 'qop' when put into
challenge. this is not speicified in draft but "will be"
(server_continue_step): allow empty realm
2000-05-10 Timothy Martin <tmartin+@andrew.cmu.edu>
* plugins/digestmd5.c (c_continue_step): added more errstr's on errors
2000-05-22 Lawrence Greenfield <leg+@andrew.cmu.edu>
* utils/saslpasswd.c: appname patch from Wolfgang Walter
<wolfgang.walter@stusta.mhn.de>
2000-05-08 Lawrence Greenfield <leg+@andrew.cmu.edu>
* version 1.5.21 ready for release
* lib/db_berkeley.c: enable applications to open the database
read-only
2000-05-03 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/common.c: vararg chars are always read as ints (Dowson Tong
<dtong@sendmail.com>)
2000-05-02 Lawrence Greenfield <leg+@andrew.cmu.edu>
* doc/gssapi.html: gssapi doc contributed by Ken Hornstein
<kenh@cmf.nrl.navy.mil> added.
2000-04-27 Larry Greenfield <leg+@andrew.cmu.edu>
* utils/sasldblistusers.c: patch from Leena Heino <liinu@uta.fi>
to support Berkeley DB 2.6.
* configure.in: des/rc4 were adding -I to the LDFLAGS line. now
they add -L.
2000-04-26 Larry Greenfield <leg+@andrew.cmu.edu>
* utils/sasldblistusers.c: look for 2 NULs, not 3. continue on
possible corruption, don't abort.
2000-04-26 Timothy Martin <tmartin+@andrew.cmu.edu>
* sasl: releasing 1.5.20
* plugins/login.c: patch from Rainer Schoepf
<schoepf@uni-mainz.de> for initial client send of data
2000-04-13 Timothy Martin <tmartin+@andrew.cmu.edu>
* sasl: releasing 1.5.19
* plugins/digestmd5.c (c_continue_step): free input string on
SASL_INTERACT
(c_continue_step): free nonce string on SASL_INTERACT
* plugins/gssapi.c (sasl_gss_server_step): fixed errors in
<gombasg@inf.elte.hu>'s patch
* plugins/digestmd5.c (c_continue_step): free memory on failure
(c_continue_step): free userid when setting to null
* lib/common.c (sasl_done): set mutex to null after disposing of it
* plugins/digestmd5.c (c_continue_step): free memory in error cases
* plugins/kerberos4.c (server_continue_step): deal with short input
* plugins/anonymous.c (server_continue_step): off by one error in
strncpy
2000-04-12 Timothy Martin <tmartin+@andrew.cmu.edu>
* plugins/gssapi.c: applied <gombasg@inf.elte.hu>'s gssapi patch
* plugins/digestmd5.c (c_continue_step): infinite loop fix
2000-03-22 Walter Wong (wcw+@cmu.edu)
* pwcheck/Makefile.am: add LIB_SOCKET
2000-04-06 Timothy Martin <tmartin+@andrew.cmu.edu>
* man/Makefile.am: moved all man pages to section 3
* man/sasl.3: wrote
2000-04-05 Timothy Martin <tmartin+@andrew.cmu.edu>
* doc/sysadmin.html (pwcheck_method): fix
* doc/programming.html: finished up (kinda)
2000-04-03 Timothy Martin <tmartin+@andrew.cmu.edu>
* plugins/srp.c: started writing.
* plugins/kerberos4.c (server_continue_step): additional cases
where errstr is filled in
2000-04-02 Timothy Martin <tmartin+@andrew.cmu.edu>
* Makefile.am: added testing.txt to distribution
* utils/sasllistdbusers.c: added Claus's sasldblistusers.c patch
2000-03-29 Timothy Martin <tmartin+@andrew.cmu.edu>
* utils/Makefile.am (EXTRA_DIST): add an 's' :)
* plugins/Makefile.am (libdigestmd5_la_LIBADD): -ldes -> $(LIB_DES)
2000-03-29 Larry Greenfield <leg+@andrew.cmu.edu>
* utils/sasldblistusers.c: added ability to list an arbitrary
database (Claus Assmann <ca+sasl@sendmail.org>)
2000-03-28 Larry Greenfield <leg+@andrew.cmu.edu>
* plugins/anonymous.c: shouldn't free static memory
* plugins/kerberos4.c (server_continue_step): delete unused variable
* utils/dbconverter-1.5.9.c: shut up a warning message by adding
<stdio.h>
* configure.in: java defaults to "no"
* lib/saslint.h: added _sasl_common_init() prototype
2000-03-28 Timothy Martin <tmartin+@andrew.cmu.edu>
* utils/Makefile.am (EXTRA_DIST): sasldblistusers.8 to dist line
* plugins/Makefile.am (login_version): releasing 1.5.18
* java/: wrote server side of javasasl
* lib/server.c/client.c: take out pointless mutexes some fool put in
2000-03-26 Timothy Martin <tmartin+@andrew.cmu.edu>
* man/: Man pages for all functions (i think) written
* man/Makefile.am: added new files
2000-03-21 Timothy Martin <tmartin+@andrew.cmu.edu>
* java/: Added with client side of javasasl
2000-03-14 Timothy Martin <tmartin+@andrew.cmu.edu>
* lib/client.c,server.c,common.c: thread safe; see README file
2000-03-13 Timothy Martin <tmartin+@andrew.cmu.edu>
* lib/client.c: MUTEX_DISPOSE instead of mem free of mutex
* utils/testsuite.c (my_mutex_unlock): routines to test mutexes
* lib/common.c (sasl_setprop): don't exit w/o unlocking the mutex
2000-03-11 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/cram.c: same username hack as for PLAIN (default to
serverFQDN)
* utils/sasldblistusers.c: eliminate malloc/free. mechnames are
always short.
* lib/checkpw.c (parseuser): default to serverFQDN if the user
didn't specify a realm
2000-03-11 Larry Greenfield <leg+@andrew.cmu.edu>
* plugins/cram.c (mechanism_db_filled): htonl/long again
* plugins/digestmd5.c (mechanism_db_filled): htonl takes a long
(mechanism_fill_db): "version" was referring to the global DIGEST
version, not a local database tmpversion.
2000-03-09 Timothy Martin <tmartin+@andrew.cmu.edu>
* sample/sample-client.c: add <unistd.h> for FreeBSD.
* utils/sasldblistusers.c (listusers): tested more with gdbm/ndbm.
* plugins/digestmd5.c (c_continue_step): extra step for end.
* utils/sasldblistusers.c (listusers): compatability with db2.x
cursor()
* version 1.5.17 BETA ready for release
2000-03-08 Timothy Martin <tmartin+@andrew.cmu.edu>
* plugins/plain.c: ditto
* plugins/kerberos4.c: strcpy,sprintf checked
* plugins/gssapi.c: strcpy,sprintf checked
* plugins/digestmd5.c: strcpy, sprintf checking
* plugins/cram.c (c_continue_step): ditto
(randomdigits): checks of strcpy, sprintf
* plugins/anonymous.c (client_continue_step): ditto but more
annoying. had to add a context, mech_dispose etc..
* plugins/plain.c (server_continue_step): ditto
* plugins/kerberos4.c (client_continue_step): client last step
verifier added
2000-03-08 Lawrence Greenfield <leg+@andrew.cmu.edu>
* configure.in: added paths.h to AC_CHECK_HEADERS
* pwcheck/pwcheck.c: #ifdef HAVE_PATHS_H added
2000-03-07 Timothy Martin <tmartin+@andrew.cmu.edu>
* utils/Makefile.am: added foo for sasldblistusers
* utils/sasldblistusers.8: wrote
* utils/sasldblistusers.c: wrote
* lib/checkpw.c (kerberos_verify_password): make sure trailing null
* <lots>: updated license
2000-03-06 Timothy Martin <tmartin+@andrew.cmu.edu>
* testing.txt: added section on testsuite
* lib/checkpw.c: claus patches for security slightly modified
* lib/server.c (sasl_server_init): moved around some stuff and
initialized some stuff to NULL to make it not leak
(load_config): don't leak memory on failures
* plugins/cram.c (server_continue_step): if given zero length deal
with it
(start): initialize msgid so server doesn't screw up trying to free it
(c_continue_step): NULL oparams by default
* plugins/plain.c (client_continue_step): ditto
* plugins/digestmd5.c (c_continue_step): ditto
* plugins/cram.c (server_continue_step): freeing memory when
wasn't supposed to
(c_continue_step): initialize clientout to null just to be careful
2000-03-05 Timothy Martin <tmartin+@andrew.cmu.edu>
* plugins/digestmd5.c (mechanism_fill_db): free secret
* plugins/gssapi.c (sasl_gss_server_step): fill in out params on
success step
2000-03-03 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/login.c: when creating context, set password to
NULL. (Claus Assmann <ca+sasl@sendmail.org>)
2000-03-01 Timothy Martin <tmartin+@andrew.cmu.edu>
* lib/server.c (sasl_setpass): can return SASL_NOUSER on PLAIN failure
2000-02-29 Timothy Martin <tmartin+@andrew.cmu.edu>
* plugins/cram.c (server_continue_step): be less leaky
* plugins/digestmd5.c (c_continue_step): changes to try and leak
less memory
* plugins/kerberos4.c (sasl_server_plug_init): free srvtab on failure
* plugins/cram.c (server_continue_step): rework to always free
memory (hopefully)
* lib/checkpw.c (sasldb_verify_password): free tmp values
2000-02-28 Timothy Martin <tmartin+@andrew.cmu.edu>
* plugins/gssapi.c (sasl_gss_server_step): don't free memory if
gss_unwrap did on failure
* plugins/cram.c (server_continue_step): BADPARAM negative length
inputs
* plugins/digestmd5.c (c_continue_step): make sure client gives us
a nonce
* plugins/cram.c (server_continue_step): alloc space for null byte
in nonce
* plugins/digestmd5.c (c_continue_step): memory leaks
(server_continue_step): fail on any input greater 2048 bytes
(client is not allowed to send that big)
* plugins/kerberos4.c (integrity_decode): fail on huge requests
* plugins/gssapi.c (sasl_gss_set_client_context): fail on huge requests
* plugins/digestmd5.c (privacy_decode): fail on huge requests
* utils/Makefile.am (testsuite_LDADD): needs socket libraries on
solaris
2000-02-27 Timothy Martin <tmartin+@andrew.cmu.edu>
* plugins/kerberos4.c (server_continue_step): step 2: deal with
large inputs
(server_continue_step): step 1: deal with large inputs
* utils/testsuite.c: added tests of sasl_checkpass
* lib/server.c (sasl_checkpass): check parameters
2000-02-27 Larry Greenfield <leg+@andrew.cmu.edu>
* plugins/plain.c: removed superfluous includes, brought in line
with new checkpass()
* plugins/login.c: removed superfluous includes, brought in line
with new checkpass()
* lib/server.c: changed _sasl_checkpass() to the new format for
checkpw.c; much cleaner code.
* lib/config.c: removed <syslog.h>; we weren't using it anyway
* lib/common.c: uses syslog(), so look for HAVE_SYSLOG. removed
some conditional compilation code.
* lib/checkpw.c: cleaned up the code to export a structure
containing all the plaintext verifiers instead of functions.
2000-02-24 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/digestmd5.c: changed protocol version from unsigned int
to unsigned short
* plugins/anonymous.c: added <stdio.h>
2000-02-23 Lawrence Greenfield <leg+@andrew.cmu.edu>
* version 1.5.16 BETA ready for release
* configure.in (LIB_DES): try using DES from OpenSSL.
2000-02-23 Timothy Martin <tmartin+@andrew.cmu.edu>
* utils/Makefile.am: added testsuite
* lib/db_ndbm.c (putsecret): return SASL_NOUSER on delete failures
* lib/db_gdbm.c (putsecret): return SASL_NOUSER on delete failures
* lib/db_berkeley.c (putsecret): return SASL_NOUSER if not found
in delete
* lib/server.c (sasl_setpass): propogate up the specific error code
* lib/saslutil.c (sasl_randseed): check params
(sasl_churn): check params
(sasl_churn): init pool if necessary
(sasl_encode64): check params
* plugins/digestmd5.c (c_continue_step): check params
* plugins/kerberos4.c (server_continue_step): checks everywhere if
errstr exists before setting to it
* plugins/kerberos4.c (server_continue_step): checks everywhere if
errstr exists before setting to it
* plugins/kerberos4.c (server_continue_step): only set errstr if
non-null
* plugins/digestmd5.c (c_continue_step): imid
2000-02-23 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/common.c, lib/db_berkeley.c, lib/db_ndbm.c, lib/db_gdbm.c,
* lib/dlopen.c, lib/server.c: verifyfile fixup
* include/sasl.h: verifyfile callback changed at the request of
sendmail.org
* acconfig.h: some random includes in here were removed and placed
closer to the code that needs them
* lib/saslutil.c (getranddata): cleaned up, dead code
eliminated. DEV_RANDOM moved to config.h, gettimeofday() is used
if available.
2000-02-22 Lawrence Greenfield <leg+@andrew.cmu.edu>
* win32/saslLOGIN: added; contributed by Geir Myrestrand
<geir@sendmail.com>
* plugins/cram.c:
* plugins/digestmd5.c: don't log version mismatched if fetching
the version results in a failure (probably no database). pointed
out by Claus Assmann <ca+sasl@sendmail.org>
* plugins/kerberos4.c: unused variable ignored
* lib/checkpw.c (_sasl_kerberos_verify_password): change the
location of the ticket cache while verifying password, then
restore the original ticket cache (inherently not thread safe)
2000-02-22 Timothy Martin <tmartin+@andrew.cmu.edu>
* plugins/digestmd5.c (c_continue_step): if bad client reauth then fail
* plugins/gssapi.c (sasl_gss_server_step): don't return the realm
for local (local kerberos realm) users
(sasl_gss_client_step): switched all DEBUG's to VL's
* lib/common.c (_sasl_proxy_policy): make sure errstr non-null
* plugins/cram.c (server_continue_step): don't allow any length
except zero first time
* plugins/anonymous.c (server_continue_step): don't allow negative
length
2000-01-24 Timothy L Martin <tmartin+@andrew.cmu.edu>
* lib/client.c (sasl_client_start): check params
2000-01-21 Timothy L Martin <tmartin+@andrew.cmu.edu>
* sample/sample-client.c (main): always send data from
client->server even if length zero
2000-01-13 Lawrence Greenfield <leg+@andrew.cmu.edu>
* version 1.5.15 released
2000-01-06 Lawrence Greenfield <leg+@andrew.cmu.edu>
* configure.in: now detects berkeley db 3.x
* utils/saslpasswd.c: removed _sasl_debug (wasn't serving any
purpose)
* lib/dlopen.c: efficiency improvement by Claus Assmann
<ca+sasl@sendmail.org>
* lib/common.c: fix so that we can get options even without a
connection structure
2000-01-01 Lawrence Greenfield <leg+@andrew.cmu.edu>
* version 1.5.14 released
* configure.in: added login foo, disabled by default
* plugins/Makefile.am: added login foo
* plugins/login.c: added, based on schoepf@uni-mainz.de.
untested; may be useful for SMTP servers wanting to support stupid
clients
1999-12-30 Lawrence Greenfield <leg+@andrew.cmu.edu>
* libtool: upgraded to libtool 1.3.4
* lib/dlopen.c (_sasl_get_mech_list): openbsd needs "_" appended
before symbol names
1999-12-29 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/server.c (mech_permitted): ditto. now considers external
encryption.
* lib/client.c (sasl_client_start): now considers external
encryption correctly when looking for mechanisms
* plugins/digestmd5.c (c_continue_step): cleaned up how it
selected a cipher to use for auth-conf qop. now much less #ifdefs
1999-12-28 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/gssapi.c: client-side wasn't dealing with not being
offered all the options
* plugins/gssapi.c: make sure we advertise and accept only the
right integrity/privacy/etc. layers
* plugins/digestmd5.c: also make sure that whatever the client
sends us meets our ssf restrictions. restructured the code a
little for clarity.
* plugins/digestmd5.c: fixes to the server-side ssf processing (we
were offering things we didn't want to support due to min/max ssf)
1999-12-21 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/server.c (init_mechlist): patch from Claus Assmann
<ca+sasl@sendmail.org>. stupid bug; pointer was being used before
it was checked for being NULL.
Sun Dec 12 17:32:02 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* configure.in: if we don't find DES, don't use Kerberos (Simon
Josefsson <jas@pdc.kth.se>)
Sat Dec 11 14:27:52 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/dlopen.c: applied patch from Claus Assmann
<ca+sasl@sendmail.org> to handle (some versions of) HP-UX.
Thu Dec 9 17:34:30 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/checkpw.c (sasl_pam_conv): if solaris PAM is buggy, don't
crash
Sun Dec 5 00:10:11 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* pwcheck/pwcheck.c (main): now records process ID in /var/run
* configure.in (rsaref): now checks for rsaref; possibly needed to
detect openssl
* pwcheck/Makefile.am: finally got the damn pwcheck makefile.am
file right. well, i think.
Thu Dec 2 14:11:33 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* version 1.5.13 released
* utils/saslpasswd.c (main): don't prompt for a password if
disabling an account
1999-12-01 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/kerberos4.c: enforces minumum ssf
* plugins/digestmd5.c: enforces minumum ssf
* lib/server.c (sasl_server_start): from alexey: set external_ssf
in sasl_server_start
* plugins/digestmd5.c: caches db has entries; checks db version
* plugins/cram.c: caches db has entries; checks db version
* lib/server.c (sasl_setpass): set secret exist condition to true
on successful mechanism setpass
Tue Nov 30 16:45:12 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* configure.in: added test for res_search; suggested by tjs
Fri Nov 19 13:05:47 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/server.c (sasl_server_start): make sure conn != NULL
1999-11-28 Larry Greenfield <leg+@andrew.cmu.edu>
* lib/db_berkeley.c (_sasl_server_check_db): sasldb_path note,
flaw in implementation---goes for all three dbs: if an application
specifies a different path given a connection than it does
otherwise, verifyfile isn't checked
* lib/db_ndbm.c (_sasl_server_check_db): sasldb_path added
* lib/db_gdbm.c (_sasl_server_check_db): now looks up "sasldb_path"
Fri Nov 19 13:05:47 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/db_berkeley.c: patch from Greg Shapiro
<gshapiro@sendmail.org> to support Berkeley DB 3.x
Thu Nov 18 17:53:03 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/db_berkeley.c (getsecret): applied a patch from Gregory
Shapio <gshapiro@sendmail.org> to make sure the database is closed
* pwcheck/Makefile.in: applied patch from Joe Hohertz
<jhohertz@golden.net>
Wed Nov 17 16:41:09 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/server.c (mechanism_permitted): cleaned up the plaintext
only under layer code
* lib/common.c (_sasl_syslog): was missing some breaks; also now
logs bad priorities at the LOG_DEBUG level
* lib/db_berkeley.c: wasn't calling _sasl_log with a logging level
* lib/checkpw.c (_sasl_sasldb_set_pass): *errstr was being set to
NULL even if errstr was NULL
1999-11-17 Timothy L Martin <tmartin@andrew.cmu.edu>
* plugins/digestmd5.c (sasl_server_plug_init): return SASL_NOUSER
if no users in secrets db
* lib/server.c: doesn't show mechanisms where there are no secrets
changed parameter to mechanism_permitted() to allow checking condition
Tue Nov 16 14:33:49 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* version 1.5.12 cut for testing
* plugins/digestmd5.c: can't have indented #'s!
* lib/db_berkeley.c (berkeleydb_open): now honors sasldb_path
option; also improved log messages
1999-11-15 Timothy L Martin <tmartin@andrew.cmu.edu>
* lib/server.c (mech_permitted): special case to allow PLAIN under
external layer
* plugins/gssapi.c (sasl_gss_client_step): changed "unsigned int
need" to int need so negative numbers wouldn't underflow
Mon Nov 15 00:43:10 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/gssapi.c (sasl_gss_client_step): deals with external
encryption correctly
(sasl_gss_client_step): don't pass a random pointer back
* configure.in: kerberos v4 check now looks for the include file,
too
1999-11-11 Larry Greenfield <leg+@andrew.cmu.edu>
* plugins/kerberos4.c (new_text): fixed the type to what is
actually used
Thu Nov 11 00:10:33 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/checkpw.c: patches from Ronald Guilmette <rfg@monkeys.com>
to minimize warnings in kerberos code
* plugins/kerberos4.c: ditto
1999-11-10 Timothy L Martin <tmartin@andrew.cmu.edu>
* lib/db_berkeley.c: Cleaned up
* plugins/digestmd5.c: Can use rc4 libraries from openSSL if they
exist
1999-11-10 Timothy L Martin <tmartin@andrew.cmu.edu>
* lib/checkpw.c (parseuser): Added patches from Claus Assmann
<ca+sasl@sendmail.org>; fixes segfault
1999-11-06 Timothy L Martin <tmartin@andrew.cmu.edu>
* configure.in (SASL_DB_LIB): added support for berkeley db.
* utils/saslpasswd.c (main): eliminated stupid printf's
* lib/checkpw.c (_sasl_sasldb_set_pass): fixed silly larry error
* lib/server.c (sasl_checkpass): failing if passed in null
* lib/checkpw.c (_sasl_sasldb_set_pass): if getting secret failed
was faulting
1999-11-02 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/digestmd5.c: bug fixes from chris. mostly minor silly stuff
Thu Oct 28 13:58:43 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* configure.in: applied patch from Joe Hohertz
<jhohertz@golden.net> to get pwcheck to compile.
Mon Oct 25 14:46:04 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/plain.c (client_continue_step): fix so that given an
empty server response, client resends (for IMAP).
Wed Oct 20 12:06:56 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/checkpw.c (_sasl_sasldb_setpass): rpool was being free'd
even when not created (Till Franke <franke@suse.de>)
Sat Oct 16 20:13:40 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* version 1.5.11 released
* plugins/digestmd5.c: fixed memory leak in previous fix
Sat Oct 11 22:14:00 1999 Timothy L Martin <tmartin+andrew.cmu.edu>
* plugins/digestmd5.c: fixed not copying realm result from
get_realm callback
Mon Oct 11 00:02:25 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* version 1.5.10 released
Sun Oct 10 13:37:08 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* acconfig.h: added SASL_GDBM/SASL_NDBM (for the conversion tool)
* plugins/digestmd5.c: cleaned up some warning messages
* lib/server.c (sasl_setpass): improved error messages
1999-10-09 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/digestmd5.c: Fixed layers and integrity up to the latest spec
Sat Oct 9 22:05:33 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/server.c (external_server_step): no longer allow anonymous
if SASL_SEC_NOANONYMOUS is set
* acconfig.h: added WITH_DES
* configure.in (WITH_DES): changed the DES test for DIGEST-MD5
Fri Oct 1 16:05:22 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* version 1.5.9 released
* lib/server.c (sasl_setpass): for user sanity, we now create the
PLAIN secrets regardless
1999-09-20 Gregory M. Diskin <diskin+@andrew.cmu.edu>
* win32/saslgssapi: Added control files for win32 gssapi plugin build
1999-09-20 Gregory M. Diskin <diskin+@andrew.cmu.edu>
* win32/utils/saslpwd: Added control files for win32 read-pw utility
1999-09-21 Larry Greenfield <leg+@andrew.cmu.edu>
* plugins/cram.c (server_continue_step): made some return code
more specific; added errstr returns as well
1999-09-20 Larry Greenfield <leg+@andrew.cmu.edu>
* lib/checkpw.c (_sasl_sasldb_verify_password): added realm
gotten from server connection passed in
(_sasl_sasldb_set_pass): also puts realm
* plugins/digestmd5.c (server_continue_step): now uses the realm
parameter instead of klunky userid
(setpass): ditto
* plugins/cram.c (server_continue_step): now has a rudimentary
concept of "realm"
* lib/db_ndbm.c (alloc_key): added realm parameter
* lib/db_gdbm.c (alloc_key): added realm parameter
* include/sasl.h: added realm parameter to sasl_server_getsecret_t
and sasl_server_putsecret_t
1999-09-15 Larry Greenfield <leg+@andrew.cmu.edu>
* plugins/digestmd5.c (server_start): set context to 0 before using
(c_start): ditto
(c_get_realm): copy result of getrealm_cb
* sample/sample-server.c (main): added verbose flag
* sample/sample-client.c (main): added verbose flag
1999-09-14 Larry Greenfield <leg+@andrew.cmu.edu>
* sample/sample-server.c (main): removed random "a" from end of
program
1999-09-13 Larry Greenfield <leg+@andrew.cmu.edu>
* plugins/cram.c (setpass): now correctly zeros out stuff
* plugins/digestmd5.c: now deletes secrets when asked
* lib/checkpw.c (_sasl_sasldb_set_pass): added; sets or deletes
the PLAIN password
* plugins/cram.c (setpass): now can delete secrets when asked
1999-09-20 Gregory M. Diskin <diskin+@andrew.cmu.edu>
* plugins/gssapi.c: include saslgssapi.h for win32
Thu Sep 9 13:30:48 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* doc/sysadmin.html: added some links
Wed Sep 8 14:21:23 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/client.c (sasl_client_start): added another cmu kludge for a
"preferred mechanism" (PREFER_MECH), settable at compile time
* lib/common.c (_sasl_getcallback): don't require a connection for
logging messages; this way we can log configuration errors
* lib/server.c (_sasl_checkpass): log a message when there's an
unknown plaintext verifier
* configure.in: added --enable-cmulocal
* plugins/kerberos4.c (server_continue_step): added a cmu kludge:
KRB4_IGNORE_IP_ADDRESS, for ignoring ip addresses when doing a
kerberos authentication
1999-09-08 Timothy L Martin <tmartin+@andrew.cmu.edu>
* lib/db_ndbm.c (getsecret): don't dbm_close() if opening the dbm
failed
1999-08-20 Timothy L Martin <tmartin+@andrew.cmu.edu> Sarah Robeson <robeson@andrew.cmu.edu>
* doc/programming.html: wrote more. not done yet
* doc/sysadmin.html: Fixed some of Larry's grammer.
Mon Sep 6 20:10:14 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* configure.in: when checking for PAM, don't use -ldl, use
SASL_DB_LIBS
Sat Sep 4 22:32:18 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/gssapi.c: now returns error messages via errstr for
server steps
(sasl_gss_server_step): fixed a buffer-off-by-one error
Thu Aug 26 12:23:26 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/server.c: now pwcheck_method is case & trailing whitespace
insensitive
* lib/server.c (_sasl_checkpass): pwcheck_method is no longer case
sensitive.
Tue Aug 24 18:30:57 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/checkpw.c (_sasl_pwcheck_verify_password): added
* lib/saslint.h: added pwcheck
Fri Aug 20 00:57:45 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* Version 1.5.5 released
* include/makemd5.c: added; creates the md5global.h at compile
time to autodetech what size numbers we have
* lib/common.c (_sasl_log): fixed an ival/cval problem
* plugins/kerberos4.c: more work on 64-bit friendliness
* plugins/cram.c: work on 64-bit friendliness
Thu Aug 19 16:15:49 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/dlopen.c (_sasl_get_mech_list): conditionalized the use of
RTLD_NOW for dlopen
* plugins/kerberos4.c: when we need a 32 bit number, let's use an
int
1999-08-19 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/cram.c (c_continue_step): set oparams->user to correct
thing. not anonymous
* plugins/digestmd5.c: leaks much less memory.
1999-08-19 Gregory M. Diskin <diskin+@andrew.cmu.edu>
* lib/db_testw32.c: wrote this to store and retrieve mech-specific
secrets for one user, to test mechs on win32 using sample-server
and sample-client.
* plugins/gssapi.c: Fix include statements for Win32
* sample/sample-server.c (main): ifdef out a free statement which
causes win32 to crash.
* utils/saslpasswd.c (main) (read_password): rebuild for Win32
* win32/include/config.h (VL): enabled for debug printing
* win32/libsasl/libsasl.dsp: Add db_testw32.c to build
* win32/libsasl/libsasl.dsw: Add gssapi plugin and utility
saslpwd to project
* win32/sample_client/sample_client.dsp: Remove pre-compiled header
option
* win32/saslDIGESTMD5/saslDIGESTMD5.h: Enable inclusion of this
header file on win32
1999-08-19 Timothy L Martin <tmartin+@andrew.cmu.edu>
* sample/sample-server.c (samp_recv): give better error
messages. less obfuscated code
* plugins/digestmd5.c: only free in once
* sample/sample-client.c (main): supports realm callback
* plugins/cram.c (server_continue_step): end saved msgid with a
null
(start): start authid and password as null so the server doesn't
try to free them in dispose()
(server_continue_step): free userid
(server_continue_step): put tmphmac on the stack not heap
(server_continue_step): free the secret in more cases
(server_continue_step): oparams->authid gets an allocated string
so one mem ptr isn't free'd 2x
1999-08-18 Timothy L Martin <tmartin+@andrew.cmu.edu>
* TODO: snipped some stuff
* plugins/digestmd5.c (make_prompts): Put the challenge part of
the interaction in the computer readable form containing the list
of possible realms
* plugins/kerberos4.c: should require CB_USER not CB_AUTHNAME
the authname is in the ticket
* sample/sample-client.c (main): should always interact.
1999-08-17 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/kerberos4.c (integrity_decode): checks timestamps
(privacy_decode): checks timestamps
Tue Aug 17 02:35:17 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* utils/dbconverter.c (dbm_convert): some minor cleanups for sun cc
Mon Aug 16 14:52:27 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/db_ndbm.c (getsecret): fixed a free'd memory read (closed
the database too early)
* plugins/anonymous.c (server_continue_step): make sure that a
string is null terminated
1999-08-17 Timothy L Martin <tmartin@andrew.cmu.edu>
* utils/dbconverter.c: wrote this. converts sasl 1.5.3 secret db's
to 1.5.5
1999-08-16 Timothy L Martin <tmartin@andrew.cmu.edu>
* plugins/cram.c (setpass): stores hash of password
* plugins/cram.c (server_step): uses the hash instead of plaintext
to authenticate
Mon Aug 16 14:52:27 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/plain.c (server_continue_step): fixed a bug with
null-terminating the password
* lib/common.c (_sasl_getcallback): if it can't find a callback,
it returns SASL_FAIL, not SASL_OK. is there any reason for it to
return SASL_OK?
* plugins/digestmd5.c (c_continue_step): we can get multiple
realms in the challenge; added use of realm callback
Sat Aug 14 19:13:19 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/digestmd5.c: updated to alexey's latest version
support for DIGEST_DRAFT_2 dropped
Fri Aug 13 00:54:29 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* doc/sysadmin.html: updated to reflect sasldb pwcheck_method
Thu Aug 12 23:56:50 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/checkpw.c (_sasl_make_plain_secret): created; makes a hash
of the password for later plaintext checking
* lib/server.c (sasl_setpass): made it set the plaintext secret if
pwcheck_method is "sasldb"
Mon Aug 9 19:17:30 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/kerberos4.c (server_continue_step): made kerberos append
the "@realm" when cross-realm authenticating
1999-08-08 Larry Greenfield <leg+@andrew.cmu.edu>
* doc/sysadmin.html: added to doc directory
* lib/saslint.h (_sasl_sasldb_verify_password): added prototype
* lib/server.c (_sasl_checkpass): added sasldb option; inserted
else's
* lib/checkpw.c (_sasl_kerberos_verify_password): added
userid/password NULL checks & set reply to NULL
(_sasl_shadow_verify_password): ditto
(_sasl_passwd_verify_password): ditto
(_sasl_PAM_verify_password): set reply to NULL
(_sasl_sasldb_verify_password): created; checks the sasl database
with "PLAIN"
Mon Aug 2 20:57:42 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/server.c (sasl_listmech): fixed bug---would print out
seperator to begin even if the mechanisms didn't pass mech_permitted
Sat Jul 31 13:12:51 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* utils/Makefile.am (EXTRA_DIST): EXTRA_DIST should include sfsasl.h
Fri Jul 30 20:04:39 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/db_ndbm.c (_sasl_server_check_db): added test for DBM_SUFFIX
and fixed some really stupid typos
Wed Jul 21 23:35:15 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/server.c (load_config): small fixes (cosmetic & free'ing
path_to_config)
Fri Jul 30 13:33:05 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* Version 1.5.3 released
* plugins/gssapi.c (sasl_gss_free_context_contents): free the
context buffer
* include/sasl.h: added SASL_CB_GETREALM callback
Thu Jul 29 14:50:19 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/digestmd5.c (DigestCalcSecret): removed a superfluous
call to MD5_UTF8_8859_1.
* lib/db_none.c (_sasl_server_check_db): made _sasl_server_check_db
* lib/db_ndbm.c (_sasl_server_check_db): made _sasl_server_check_db
* lib/db_gdbm.c (_sasl_server_check_db): made _sasl_server_check_db
* lib/server.c (sasl_server_init): made it call the verify db func
* plugins/gssapi.c (sasl_gss_decode): now conforms to SASL
convention of sending packet size
(sasl_gss_encode): ditto
Mon Jul 26 00:16:40 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/gssapi.c (sasl_gss_server_step): made it look only at
clientinlen and not clientin when determining if we just received
an empty data exchange
Fri Jul 23 14:47:33 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* sample/sample-client.c (sasl_my_log): ditto, changed to avoid
"log" conflict
* sample/sample-server.c (sasl_my_log): changed "log" to
sasl_my_log to avoid name conflict with math library.
* plugins/gssapi.c: updated to bugfixes by Sam Hartman
<hartmans@fundsxpress.com> and then by Leif Johansson
<leifj@matematik.su.se>.
1999-07-23 Gregory M. Diskin <diskin+@andrew.cmu.edu>
* include/saslplug.h: handle the fact that errno has been defined
as a function in a dll, not an extern int
* include/saslutil.h: prototypes for getopt and getpass
* lib/checkpw.c: tweaks for win32, mainly correct includes
* lib/common.c: win32 tweaks, mainly, using the GetUserName
standard call rather than getenv
* lib/config.c: win32 tweak
* lib/getsubopt.c: for win32, add getsubopt prototype
* lib/saslint.h: for win32, minor fixes
* lib/saslutil.c: add getpass, getopt functions for win32, plus
declarations for exported variables.
* lib/server.c: tweaks for win32
* lib/windlopen.c: add dlopen change to windlopen.c
* plugins/cram.c: fix includes for win32
* plugins/digestmd5.c: fix includes for win32
* plugins/kerberos4.c: fix includes for win32
* plugins/plain.c: just a warning note for win32
* plugins/scram.c: minor tweak for win32
* sample/sample-client.c: for win32, eliminate frees which
break on win32, add declarations for getopt foo, add cast for
arg to htons
* sample/sample-server.c: for win32, eliminate frees which
break on win32, add declarations for getopt foo, add cast for
arg to htons
1999-07-20 Larry Greenfield <leg+@andrew.cmu.edu>
* plugins/anonymous.c (server_start): removed the need for
anonymous to get a non-NULL errstr
(server_continue_step): and again with the errstr
Thu Jul 15 14:29:35 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/common.c (_sasl_getcallback): oops, forgot a return
statement. Thanks Claus!
Sat Jul 10 19:58:50 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/server.c (_sasl_transition): now looks at the connection
getopt callback
* lib/checkpw.c (_sasl_kerberos_verify_password): now gets the
srvtab option
* lib/server.c (_sasl_checkpass): modified to pass along the conn
parameter
* include/saslplug.h: added a conn parameter to checkpass so that
we can use the configuration stuff
Thu Jul 1 13:42:14 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* include/sasl.h: gethostname() not gethostbyname() (comment)
Tue Jun 29 00:35:08 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* configure.in (SASL_DB_LIB): fixed config problem with
autodetecting gdbm brought up by ryan troll
* plugins/plain.c (client_continue_step): fixing auth/user problem
Mon Jun 28 00:50:02 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/plain.c (server_continue_step): proxy callback is done
in server.c; removed here
* lib/common.c (_sasl_getcallback): added default proxy policy
callback
(_sasl_proxy_policy): default proxy policy callback (auth_identity
must equal requested_user)
* include/saslplug.h: added a md5global test, just in case
Sun Jun 27 18:39:37 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/server.c (sasl_server_step): added check for
SASL_CB_PROXY_POLICY so plugins don't have to do it
Mon Jun 21 22:39:17 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/kerberos4.c: efficiency improvements (not so many
mallocs/frees)
Fri Jun 18 00:05:56 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/kerberos4.c (sasl_server_plug_init): made srvtab file
configurable (srvtab)
* plugins/digestmd5.c (get_pair): doesn't check that there
actually is a '=' in *name. does this code check for errors?
Thu Jun 17 00:46:03 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/digestmd5.c (init_rc4): the generation of
incoming/outgoing keys was seriously flawed and didn't conform to
the draft.
* plugins/digestmd5.c: it's broken. both integrity and
encryption. disabled in this version. authentication SHOULD
still work.
* plugins/cram.c (get_authid): added a NULL check (causing test
client to crash!)
Thu Jun 17 00:40:07 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/client.c (sasl_client_start): rewrote the evil if statement
from hell, and added security properties check
* lib/server.c (mech_permitted): added security properties check
* plugins/plain.c (server_continue_step): if null first step, just
return SASL_CONTINUE so it might work with IMAP!
Wed Jun 16 23:19:00 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* lib/server.c (sasl_checkpass): pwcheck_method added
* plugins/plain.c (verify_password): added PAM support
pwcheck_method added
Tue Jun 15 15:21:05 1999 Lawrence Greenfield <leg+@andrew.cmu.edu>
* plugins/digestmd5.c (init_rc4): changed type so it comforms to
cipher_init_t
* lib/checkpw.c (_sasl_kerberos_verify_password): return
SASL_FAIL
* configure.in (LIB_PAM): added check for PAM
* lib/checkpw.c (_sasl_PAM_verify_password): added a PAM mechanism
for verifying passwords
* lib/server.c (sasl_checkpass): added PAM support
* lib/common.c (sasl_getprop): changed so it correctly does the
indirection (void ** != int *). added comment.
SASL_GETOPTCTX still not implemented---currently returns SASL_FAIL.
(sasl_setprop): bug in SASL_SSF_EXTERNAL fixed.
1999-06-10 Timothy L Martin <tmartin+@andrew.cmu.edu>
* lib/server.c (_sasl_transition): checks config now
(sasl_checkpass): transitions
1999-06-09 Timothy L Martin <tmartin+@andrew.cmu.edu>
* lib/common.c: doesn't do getdomain name anymore b/c it's usually
broken
* lib/common.c (_sasl_log): fixed casting problem. doesn't support
as many types anymore
1999-06-08 Timothy L Martin <tmartin+@andrew.cmu.edu>
* lib/server.c (sasl_server_init): verify config file ok
* lib/dlopen.c (_sasl_get_mech_list): callback to verify files ok
* lib/client.c,server.c: check parameters before passing to mechanism
1999-06-07 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/digestmd5.c (get_realm): tries user_realm then serverFQDN
* lib/common.c: local_domain -> serverFQDN
* lib/saslutil.c: local_domain -> serverFQDN
* lib/server.c: user_domain -> user_realm
* lib/server.c: local_domain -> serverFQDN
1999-06-02 Timothy L Martin <tmartin@andrew.cmu.edu>
* lib/saslutil.c (sasl_rand): made random seeding lazy
1999-05-12 Timothy L Martin <tmartin+@andrew.cmu.edu>
* lib/server.c (sasl_listmech): fixed extra seperator bug
1999-03-31 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/digestmd5.c: why was this using // for comments in C code?
well, it doesn't now.
* lib/dlopen.c (_sasl_get_mech_list): Changed dynamic loading to
bind symbols immediately (this is preferable to dumping core when
symbols bound lazily fail to actually bind when needed), and to
keep them private (reducing the chances for plugins to collide).
XXX Rob is there any way to get this to compile on Linux???
* sample/sample-server.c (main): Fixed forced-mechanism code
* AUTHORS: added ref to Alexey Melnikov
1999-03-30 Rob Earhart <rob+@andrew.cmu.edu>
* Version 1.4.1 released
* configure.in: added digest des check, rc4 check
* plugins/digestmd5.c: diked out rc4 code
* configure.in: turned off use of nana by default
* plugins/cram.c: fixed endian bug
1999-03-29 Rob Earhart <rob+@andrew.cmu.edu>
* config/{libtool things}: updated to libtool-1.2f
* plugins/digestmd5.c: removed tmp ptrs; des routines are
returning voids
* README: updated
* plugins/cram.c (setpass): aligned buffer
* plugins/digestmd5.c: no longer requiring errstr to be passed in
cleaned up memory leaks in setpass
aligned buf in setpass
* plugins/plain.c: cleaned up some code
* lib/common.c (_sasl_getcallback): no longer returns SASL_INTERACT
when it can't find a callback; uses SASL_OK instead.
* plugins/kerberos4.c (client_continue_step): diked out all the
authid code. Why was this in Kerberos, anyway? Also added
required prompts for kerberos (i.e. none, instead of the default
SASL_CB_AUTHNAME and SASL_CB_PASS).
* lib/common.c (_sasl_getcallback): eliminated builtin SASL_CB_USER
* plugins/cram.c (c_continue_step): don't send a zero-length
initial response...
* sample/sample-client.c (main): free data properly when
initial response is possible
* plugins/cram.c: set client-side user+authid oparams, tweaked a
couple allocation constants to make purify happy. CRAM-MD5 now
passes purify, both client and server, success and fail cases,
returning all data correctly to both sides.
* sample/sample-client.c (main): added property retrieval tests to
sample-client.c (so the client can discover whom it has
authenticated as).
* lib/md5.c (hmac_md5_import): fixed count update bug
1999-03-28 Rob Earhart <rob+@andrew.cmu.edu>
* lib/saslutil.c (sasl_mkchal): always generate positive nonces
* plugins/cram.c (server_continue_step): lots of little changes;
no longer tickles purify
(c_continue_step): some more little changes
* config/sasl.spec: Added the extra RFCs
* doc/Makefile.am (EXTRA_DIST): Added a few more RFCs
1999-03-26 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/cram.c (find_prompt): Fixed
(c_continue_step): Fixed call to free_prompts
* lib/server.c (sasl_server_step): removed strange setprop
* lib/common.c: Setting security flags
(sasl_errstring): changed badparam message to something a little
less confusing
* config/{config.guess,config.sub,ltconfig,ltmain.sh}: reverted to
old hacked versions
* SMakefile: removed libtoolize
* plugins/digestmd5.c: changed various instances of user_domain to
local_domain
* lib/server.c (_sasl_transition): changed to call setpass directly
(sasl_setpass): added logging
* sample/sample-server.c (main): cleaned up data handling, base64
generation
* lib/server.c (sasl_listmech): better final len calculation
1999-03-25 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/digestmd5.c: made a lot of things const; this makes the
code happier.
* plugins/cram.c (c_start): fixed text init bug
* lib/server.c (sasl_server_new): moved local_domain code to common,
removed local_domain from sasl_server_conn, no longer disposing
local_domain in server on cleanup
* lib/common.c: (_sasl_conn_init): took local_domain code from server
(_sasl_conn_dispose) added code to free local_domain
* lib/saslint.h: added local_domain to sasl_conn_t and _sasl_conn_init
* lib/client.c (sasl_client_new): calling _sasl_conn_init with
NULL local domain
* lib/saslutil.c: wrote sasl_mkchal
* plugins/cram.c (server_continue_step): Fixed nonce generation
* lib/common.c (_sasl_alloc_utils): added hmac routines, mutex
routines, rand stuff...
* lib/md5.c: Wrote hmac routines
* plugins/cram.c (setpass): Massive surgery to clean this up
removed required prompts -- they're the default prompts
* testing.txt: updated testing documentation
* plugins/plain.c (verify_password): added shadow password file support
(server_continue_step): fixed mech_ssf and authorization buglet
(server_continue_step): setting realm to local domain name
(sasl_client_plug_init): tweaked logging
1999-03-25 Timothy L Martin <tmartin+@andrew.cmu.edu>
* lib/server.c (setpass): sends sparams correctly now
1999-03-24 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/digestmd5.c (setpass): merged in rob's changes
fixed realm mistake
merged in alexey's changes for 8859 etc
1999-03-24 Rob Earhart <rob+@andrew.cmu.edu>
* configure.in: added checks for crypt.h, shadow.h, getspnam.
* plugins/plain.c (server_continue_step): replaced weird error
codes with actual symbolic constants
* lib/server.c (sasl_server_start): check error code from
mech_new, eliminated antiquated call to sasl_setprop().
* sample/sample-server.c (main): made mandatory mech check
case-insensitive
* lib/common.c (_sasl_getsimple): don't require len param
* lib/client.c (have_prompts): made this static
* sample/sample-client.c (main): dynamic callback list generation,
eliminated most globals
* plugins/plain.c (get_authid): dup authid
(get_userid): dup userid
* sample/sample-client.c (getsecret): fixed broken password
reading code
* lib/server.c: added credential callback pointers to EXTERNAL
* plugins/plain.c (client_continue_step): fixed
* lib/server.c (server_dispose): braces to make the compiler happy
* include/Makefile.am: removed winconfig.h dependancy
1999-03-23 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/plain.c (client_plugins): deleted required prompts;
plain only *needs* the default (SASL_CB_AUTHNAME and SASL_CB_PASS).
* configure.in: switched java to default to no
* utils/saslpasswd.c (main): documented flags
(main): added user realm
* plugins/digestmd5.c (get_realm): flipped this to user_domain
(setpass): massive surgery to make this sort of work
fixed free_prompts call
* plugins/plain.c (find_prompt): minor surgery to make this work
fixed free_prompts call
* config/sasl.spec: massive update to build normal lib,
development package, and packages for each plugin
* doc/Makefile.am (EXTRA_DIST): updated digest-sasl doc
1999-03-22 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/kerberos4.c (server_continue_step): fixed security layer
negotiation code, used symbolic constants, eliminated context ssf
1999-03-19 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/cram.c: Doesn't store passwords in /etc/sasldb in
clear. tested
1999-03-18 Rob Earhart <rob+@andrew.cmu.edu>
* lib/server.c (server_dispose): fixed up credential disposal
* Moved winconfig.h to win32/include/config.h to remove a bunch of
ifdefs; windows project header paths will need to be adjusted.
* man/Makefile.am: created
1999-03-15 Rob Earhart <rob+@andrew.cmu.edu>
* sample/sample-server.c: seperated saslfail/sasldebug, made
failure to obtain info at the end not cause fail
* testing.txt: rewrote
* config/cyrus-sasl.spec: Added sample code to docs
* configure.in: added optional compilation for sample code
* Makefile.am: split sample out to make it optionally compile
1999-03-14 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/plain.c (free_string): removed warning, simplified
(client_continue_step): Fixed some printfs
* sasl/Makefile.am (javasasl_JAVA): Added new java classes
* plugins/cram.c (setpass): return something on function exit
(free_string): simplified, removing compiler warning
* plugins/Makefile.am: Updated plugin versions
* lib/Makefile.am (sasl_version): Updated revision
1999-03-11 Rob Earhart <rob+@andrew.cmu.edu>
* configure.in: Added kaffeh support
1999-03-08 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/plain.c: No sensetive information leaked
* plugins/cram.c: No sensetive information leaked
1999-03-07 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/digestmd5.c: client and server can't send challenges
>2048 bytes now
1999-03-05 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/plain.c: uses callbacks and interactions now (tested)
* plugins/cram.c: uses callbacks and interactions now (tested)
* plugins/anonymous.c (c_continue_step): fencepost error corrected
1999-03-04 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/kerberos4.c (client_continue_step): changed ssf
printf()s to unsigned
* sample/sample-client.c (main): fixed max ssf
* sample/sample-server.c (main): fixed max ssf
* plugins/kerberos4.c (client_continue_step): fixed to deal nicely
with NULL userid and authid
1999-03-01 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/kerberos4.c: interaction and callback fixes. This'll
probably break stuff -- but only stuff that shouldn't have been
written in the first place...
* lib/common.c: axed the user/realm stuff from sasl_conn_t,
rewrote common to use copies from oparams
1999-02-25 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/anonymous.c (c_continue_step): added case for NULL user
(c_continue_step): fixed anon id creation
* lib/client.c: fixed various prompt_need assumptions
* lib/server.c (sasl_listmech): gracefully deal with NULL prefix,
sep, and suffix
* lib/client.c (sasl_client_new): SASL_FAIL => SASL_BADPARAM for
bad parameters
* lib/dlopen.c (_sasl_get_mech_list): added path defaulting
1999-02-22 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/anonymous.c (continue_step): changes %*s to %s (len
doesn't work in log function), and NULL-terminated the client's
str.
* lib/common.c (add_string): cleaned up a bit
* doc: wrote Makefile.am, added relevant drafts and RFCs
* Makefile.am: added doc dir
* plugins/digestmd5.c: cleaned up some warnings
* plugins/kerberos4.c: cleaned up some warnings
* configure.in: removed -pedantic -ansi -fbuiltin; glibc-2.1 is
just too broken for this to work without lots of useless whining
1999-02-21 Timothy L Martin <tmartin+@andrew.cmu.edu>
* all: eliminated some warnings
* plugins/digestmd5: added integrity protection
* plugins/digestmd5: replaced all DEBUG prints with VL's
1999-02-17 Timothy L Martin <tmartin+@andrew.cmu.edu>
* plugins/all: added VL's for error conditions
* all: eliminated some warnings
* plugins/kerberos4.c: went back to an old version. works
now. Please test when you make changes in the future
* plugins/kerberos4.c: doesn't work now. no clue why
* lib/saslutil.c: fixed some stuff. added comments
* plugings/cram.c: fixed various things. works now. please don't
touch Rob
* lib/common.c: fixed username error
1999-02-12 Rob Earhart <rob+@andrew.cmu.edu>
* lib/client.c (sasl_client_start): added credentials consideration
* lib/saslint.h: moved oparams into sasl_conn_t (instead of
keeping a pointer to them); adjusted other code to match
* include/sasl.h: added credentials interface. This may change at
some point; it's nice and simple, but doesn't seperate the
credentials from the sasl_conn_t...
* include/saslplug.h: added credential calls for server plugins,
incremented plugin version
* plugins/scram.c (sasl_server_plug_init): added credential ptrs,
fixed version check, incremented version
(sasl_client_plug_init): fixed version check
* plugins/plain.c (sasl_server_plug_init): added credential ptrs,
fixed version check, incremented version
(sasl_client_plug_init): fixed version check
* plugins/gssapi.c (sasl_server_plug_init): added credential ptrs,
fixed version check, incremented version
(sasl_client_plug_init): fixed version check
* plugins/digestmd5.c (sasl_server_plug_init): added credential
ptrs, fixed version check, incremented version
(sasl_client_plug_init): fixed version check
* plugins/anonymous.c (sasl_server_plug_init): added credential
ptrs, fixed version check, incremented version
(sasl_client_plug_init): checked version check
* plugins/kerberos4.c (sasl_server_plug_init): added credential
ptrs, incremented version
(sasl_client_plug_init): checked version check
* lib/server.c (mech_permitted): fixed reversed ssf test
* plugins/cram.c (sasl_server_plug_init): added credential ptrs,
fixed version check, incremented version.
(sasl_client_plug_init): fixed version check
1999-02-11 Rob Earhart <rob+@andrew.cmu.edu>
* include/sasl.h (SASL_SEC_MAXIMUM): changed definition of
SASL_SEC_MEXIMUM (I never did like the way it was defined before),
and added SASL_SEC_MAX_DEFINED, which the library will need in
order to properly process SASL_SEC_MAXIMUM.
(SASL_SEC_PASS_CREDENTIALS): added this, as well as
sasl_credentials_t, used by plugins which accept forwarded
credentials to hand them to servers.
* plugins/anonymous.c (client_plugins): added required prompts
(SASL_CB_USER), commented a little.
(c_continue_step): changed from getprop for username to callback
* include/saslplug.h: made required_prompts a const long ptr
* lib/common.c (_sasl_getcallback): added SASL_CB_LIST_END check
* lib/saslint.h (_sasl_getcallback): added prototype
* lib/common.c (_sasl_getcallback): made non-static
* lib/client.c (have_prompts): implemented; checks whether or not
the app provides the prompts necessary for a given mechanism.
1999-02-10 Rob Earhart <rob+@andrew.cmu.edu>
* lib/common.c (_sasl_getcallback): returns SASL_INTERACT if
callback exists but proc is NULL (as per spec).
* acconfig.h: moved string&dir&mem stuff here & winconfig.h; wiped
nasty magic from most src
1999-02-09 Rob Earhart <rob+@andrew.cmu.edu>
* lib/server.c (external_server_init): added, implemented, linked in
* lib/client.c (external_client_init): added, implemented, linked in
* include/saslplug.h: changed const char *s in oparams to char *s
* lib/test-client.c: fixed some little nits
(main): added Extern auth flag
* lib/saslutil.c (sasl_encode64): added outmax and outlen handling
(parityof): diked out
* include/sasl.h: made sasl_secret_t.data signed
* lib/test-server.c: fixed some little nits
(main): added Extern auth flag
* lib/test-common.c: fixed some little nits
* testing.txt: fixed test program names
1999-02-08 Rob Earhart <rob+@andrew.cmu.edu>
* lib/saslint.h: ssf => sasl_external_properties_t
* lib/common.c (sasl_setprop): serious cleanup
* lib/server.c (mech_permitted): implemented
(sasl_server_start): added mech_permitted() check
(sasl_listmech): added mech_permitted() check
* include/sasl.h: Added sasl_external_properties_t, moved
sasl_security_properties_t from saslplug.h, fixed some
documentation
1999-02-07 Ryan Troll <ryan+@andrew.cmu.edu>
* configure.in: Added reminder about version number in
winconfig.h
* include/sasl.h: Fixed WIN32 declarations
* include/winconfig.h: Added new defines, for compilation under
windows
* lib/test-client.c: fixed loop, so it will work with anonymous
mechanism
* Added saslDIGESTMD5 project to main workspace
1999-02-05 Rob Earhart <rob+@andrew.cmu.edu>
* lib/windlopen.c (_sasl_get_mech_list): added getpath_cb
* lib/saslint.h: _sasl_get_mech_list *takes* getpath callback
added _sasl_find_getpath_callback prototype
* lib/dlopen.c (_sasl_get_mech_list): checking args, using getpath
callback to find the path
* lib/client.c (sasl_client_init): passing getpath callback to
_sasl_get_mech_list, using _sasl_find_getpath_callback
* lib/server.c (sasl_server_init): passing getpath callback to
_sasl_get_mech_list, using _sasl_find_getpath_callback
* lib/common.c (_sasl_getcallback): changed sasl_syslog to
_sasl_syslog
(_sasl_getcallback): added ref to _sasl_getpath
(_sasl_getpath): wrote
(_sasl_find_getpath_callback): wrote
* include/sasl.h: added sasl_getpath_t decl
1999-01-26 Rob Earhart <rob+@andrew.cmu.edu>
* configure.in: Added digest-md5 configuration
* plugins/Makefile.am: Added digestmd5 stuff
* Removed Id tags from all files
* plugins/digestmd5.c: Added plugin from Alexey
1999-01-25 Rob Earhart <rob+@andrew.cmu.edu>
* include/winconfig.h: Bumped version to 1.4b1
(strncasecmp): Added strncasecmp => strnicmp translation
* configure.in: Bumped version to 1.4b1
* Makefile.am (dist-hook): Added cmulocal to dist
1999-01-19 Rob Earhart <rob+@andrew.cmu.edu>
* Version 1.3b2 released
* configure.in: Updated to v1.3b2
* include/sasl.h: Wrapped the error codes in parens, for sanity
1999-01-15 Rob Earhart <rob+@andrew.cmu.edu>
* Version 1.3b1 released
1999-01-12 Rob Earhart <rob+@andrew.cmu.edu>
* lib/server.c (sasl_setpass): pass flags & errstr
* configure.in: uses CMU_SOCKETS, for sanity; sets SASL_UTIL_LIBS;
writes utils/Makefile; updated version to 1.3b1
* Makefile.am: added utils
* utils/Makefile.am: wrote
* utils/saslpasswd.8: wrote
* utils/saslpasswd.c: upgraded
1998-12-14 Timothy L Martin <tmartin+@andrew.cmu.edu>
* lib/common.c: added logging capability
* sasl.h, saslplug.h: changed logging functions
1998-12-09 Timothy L Martin <tmartin+@andrew.cmu.edu>
* utils/*: created utils directory with saslpasswd, imtest, and
smtptest
* server.c: implemented sasl_setpass (adding passwords only)
* plugins/cram.c: stores password in clear. Made cram work correctly
1998-12-01 Rob Earhart <rob+@andrew.cmu.edu>
* TODO: added setpass stuff
1998-11-30 Rob Earhart <rob+@andrew.cmu.edu>
* Version 1.2b3 released
* SMakefile: switched order of automake and autoconf
* plugins/Makefile.am: added PLAIN_LIBS to libplain_la_LIBADD
* configure.in: check for libcrypt for plain
1998-11-30 Ryan Troll <ryan@andrew.cmu.edu>
* win32/libsasl workspace: Updated to handle new server db
mechanism. Now just uses 'db_none'.
1998-11-30 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/*.c: made plugin structs static
* lib/Makefile.am: added windlopen.c
* plugins/plain.c: passing a len return to getsimple callbacks
* Makefile.am: added note about SASL_PATH
* INSTALL: added note about SASL_PATH
* include/winconfig.h: added copyright, updated version
* include/Makefile.am: added winconfig.h to distribution
* sasl/Makefile.am: removed saslMechList.java
1998-11-30 Rob Earhart <rob@ANDREW.CMU.EDU>
* configure.in: bumped up version to 1.2b3
* lib/common.c: added default user/authname callbacks
* Makefile.am: added plugin path warning
1998-11-29 Rob Earhart <rob+@andrew.cmu.edu>
* plugins/plain.c: now attempts to look up userid and authid as
well as password via callbacks, and sets callback ids
appropriately for SASL_INTERACT. Uses authorization callback.
Revamped parser to not copy data onto stack and to use
arbitrary-length data.
* lib/server.c: removed gdbm/ndbm code and the whole SASL_DB_TYPE
nonsense; replaced with linkage against _sasl_db_getsecret and
_sasl_db_putsecret
* lib/db_ndbm.c: created; moved ndbm code from server.c to here
* lib/db_gdbm: created; moved gdbm code from server.c to here
* lib/db_none: created; filled in hook symbols
* lib/saslint.h: added _sasl_db_getsecret and _sasl_db_putsecret
symbol definitions
* lib/Makefile.am: added SASL_DB_BACKEND and db backend sources,
incremented library version number
* acconfig.h: removed SASL_DB_TYPE; it's superfluous now
* configure.in: now subst's SASL_DB_BACKEND appropriately, and is
more careful about pulling in libs after checking for them
1998-11-25 Rob Earhart <rob+@andrew.cmu.edu>
* Version 1.2b2 released