source: trunk/third/cyrus-sasl/ChangeLog @ 18842

Revision 18842, 58.6 KB checked in by ghudson, 22 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r18841, which included commits to RCS files with non-trunk default branches.
Line 
12003-02-03  Rob Siemborski <rjs3@andrew.cmu.edu>
2        * cmulocal/sasl2.m4: Don't use -ldes to check for Heimdal
3        * saslauthd/auth_krb4.c, saslauthd/auth_shadow.c,
4          saslauthd/auth_getpwent.c, lib/kerberos4.c:
5          Smarter checking of #includs for des.h
6          (Mark Keasling <mark@air.co.jp>)
7        * saslauthd/testsaslauthd.c, saslauthd/saslauthd-doors.c:
8          retry_read() should use a char * buffer not a void *
9          buffer (Mark Keasling <mark@air.co.jp>)       
10        * cmulocal/berkdb.m4: Set CPPFLAGS around tests
11          (based on patch from Leena Heino <Leena.Heino@uta.fi>)
12        * config/sasldb.m4: Actually use results of Berkeley DB tests
13          (Leena Heino <Leena.Heino@uta.fi>)
14        * Ready for 2.1.12
15
162003-01-31  Rob Siemborski <rjs3@andrew.cmu.edu>
17        * Ready for 2.1.11
18        * utils/Makefile.am: Ensure that dbconverter-2 can see the sasldb
19          include directory.
20
212003-01-29  Rob Siemborski <rjs3@andrew.cmu.edu>
22        * plugins/digestmd5.c: Fix a situation where the realm wasn't
23          being set for the client context, causing a segfault
24        * config/kerberos_v4.m4: first check des_* then check DES_*
25          during OpenSSL tests (based on ideas from
26          Leena Heino <Leena.Heino@uta.fi>)
27
282003-01-28  Rob Siemborski <rjs3@andrew.cmu.edu>
29        * config/sasldb.m4: Don't build sasldb plugin if compiling
30          --with-dblib=none, since it will only fail to load anyway.
31
322003-01-27  Rob Siemborski <rjs3@andrew.cmu.edu>
33        * saslauthd/configure.in: use CMU_ADD_LIBPATH for LDAP support
34          (Simon Brady <simon.brady@otago.ac.nz>)
35
362003-01-23  Rob Siemborski <rjs3@andrew.cmu.edu>
37        * saslauthd/acconfig.h: protect file from being included more than
38          once (reported by Jeremy Rumpf <jrumpf@heavyload.net>)
39        * saslauthd/configure.in, configure.in: Move OpenSSL detection into
40          cmulocal, detect openssl for use with lak.c
41
422003-01-21  Ken Murchison <ken@oceana.com>
43        * plugins/ntlm.c: only _require_ one response (LM and/or NT), not both
44
452003-01-09  Rob Siemborski <rjs3@andrew.cmu.edu>
46        * saslauthd/lak.c, saslauthd/lak.h: Add the fastbind auth method
47          (Simon Brady <simon.brady@otago.ac.nz>)
48
492003-01-01  Ken Murchison <ken@oceana.com>
50        * saslauthd/configure.in, saslauthd/Makefile.am: don't make
51          -lcrypt dependent upon --enable-plain
52
532002-12-11  Ken Murchison <ken@oceana.com>
54        * plugins/otp.c: set SASL_FEAT_ALLOWS_PROXY on client side
55
562002-12-10  Ken Murchison <ken@oceana.com>
57        * plugins/otp.c: explicitly #include <openssl/md5.h> to resolve
58          OpenBSD/OpenSSL cruftiness
59
602002-12-10  Rob Siemborksi <rjs3@andrew.cmu.edu>
61        * saslauthd/saslauthd-doors.c: Fix a potential memory leak when
62          we call door_return()
63
642002-12-09  Rob Siemborski <rjs3@andrew.cmu.edu>
65        * lib/auxprop.c: Correct leak in prop_clear, also update list_end
66          in prop_request.
67        * doc/options.html: Update use of saslauthd_path to be correct
68
692002-12-06  Rob Siemborski <rjs3@andrew.cmu.edu>
70        * Ready for 2.1.10
71
722002-12-05  Larry Greenfield <leg@andrew.cmu.edu>
73        * plugins/digestmd5.c: DES key fixes. stupid DES libraries want
74          the key in the stupid DES parity format.
75        * plugins/digestmd5.c:  refactored some of the cipher code so that
76          there isn't RC4 state around when we're using DES and vice versa
77
782002-12-05  Rob Siemborski <rjs3@andrew.cmu.edu>
79        * saslauthd/lak.c: Allocate a large enough buffer to account for
80          a completely escaped username. (lak_escape and lak_filter)
81        * lib/common.c: Ensure there is enough space for the trailing \0
82          in _sasl_log
83
842002-12-04  Rob Siemborski <rjs3@andrew.cmu.edu>
85        * lib/canonusr.c: Check for potential buffer overflow
86
872002-12-03  Ken Murchison <ken@oceana.com>
88        * plugins/digestmd5.c: major fast reauth rewrite, mech_step cleanup
89        * doc/options.html: server-side reauth is disabled by default
90
912002-11-24  Ken Murchison <ken@oceana.com>
92        * plugins/login.c: allow authid to be passed in initial response
93        * doc/draft-sasl-login.txt, doc/mechanisms.html:
94          documentation updates re: initial response
95
962002-11-07  Ken Murchison <ken@oceana.com>
97        * doc/draft-nerenberg-sasl-crammd5-03.txt: added
98        * doc/draft-nerenberg-sasl-crammd5-02.txt: deleted
99        * doc/draft-zeilenga-sasl-anon-01.txt: added
100        * doc/draft-zeilenga-sasl-anon-00.txt: deleted
101        * doc/draft-zeilenga-sasl-plain-01.txt: added
102        * doc/draft-zeilenga-sasl-plain-00.txt: deleted
103        * doc/index.html: updated to latest CRAM-MD5, ANONYMOUS, PLAIN drafts
104
1052002-11-01  Rob Siemborski <rjs3@andrew.cmu.edu>
106        * plugins/kerberos4.c: Make at most 1 canon_user call, not two.
107          (Howard Chu <hyc@highlandsun.com>)
108
1092002-10-25  Rob Siemborski <rjs3@andrew.cmu.edu>
110        * saslauthd/lak.c: minor cleanups
111
1122002-10-24  Rob Siemborski <rjs3@andrew.cmu.edu>
113        * saslauthd/lak.c: fix problem where saslauthd stops LDAP
114          authentications when ldap_auth_method is bind.
115          (Igor Brezac <igor@ypass.net>)
116        * doc/sysadmin.html, doc/options.html, saslauthd/saslauthd.mdoc:
117          documentation updates re: saslauthd mux path
118
1192002-10-23  Ken Murchison <ken@oceana.com>
120        * lib/external.c: added SASL_SEC_NOANONYMOUS to client side
121          (Howard Chu, <hyc@highlandsun.com>)
122
1232002-10-21  Ken Murchison <ken@oceana.com>
124        * plugins/ntlm.c: NTLM probably doesn't offer perfect forward secrecy
125        * doc/mechanisms: added table of properties/features
126
1272002-10-20  Ken Murchison <ken@oceana.com>
128        * saslauthd/lak.ch: consolidated hashed password checking code
129
1302002-10-18  Rob Siemborski <rjs3@andrew.cmu.edu>
131        * saslauthd/lak.[ch], saslauthd/auth_ldap.c:
132          Code cleanup, now support {SHA}, {SSHA}, {MD5}, and {SMD5} hashes,
133          misc other cleanup. (Igor Brezac <igor@ypass.net> and
134          Thomas Lussnig <thomas.lussnig@bewegungsmelder.de>)
135
1362002-10-17  Ken Murchison <ken@oceana.com>
137        * doc/draft-melnikov-rfc2831bis-02.txt: added
138        * doc/draft-melnikov-rfc2831bis-01.txt: deleted
139        * doc/index.html: updated to latest RFC 2831bis draft
140
1412002-10-11  Rob Siemborski <rjs3@andrew.cmu.edu>
142        * lib/Makefile.am: add missing staticopen.h to EXTRA_DIST,
143          fix some dependencies
144        * Ready for 2.1.9
145
1462002-10-10  Rob Siemborski <rjs3@andrew.cmu.edu>
147        * Ready for 2.1.8
148
1492002-10-09  Rob Siemborski <rjs3@andrew.cmu.edu>
150        * lib/client.c: Allow plaintext mechanisms under an external security
151          layer.
152
1532002-10-07  Rob Siemborski <rjs3@andrew.cmu.edu>
154        * sample/server.c: Fix some IPV6 defines
155          (Marshall Rose <mrose@dbc.mtview.ca.us>)
156
1572002-10-02  Ken Murchison <ken@oceana.com>
158        * lib/checkpw.c: return SASL_NOUSER when we can't find APOP secret
159        * lib/server.c: plug APOP memory leak and consolidate canonification
160        * configure.in: force the use of a cache file
161          (Carlos Velasco <carlosev@newipnet.com>)
162
1632002-10-02  Rob Siemborski <rjs3@andrew.cmu.edu>
164        * lib/checkpw.c: Fix some misuses of sasl_seterror
165          (Martin Exler <m.exler@gmx.at>)
166
1672002-09-24  Rob Siemborski <rjs3@andrew.cmu.edu>
168        * config/sasl2.m4, saslauthd/Makefile.am: GSSAPI doesn't need
169          to link ndbm.  Also cleanup some sasldb linking in saslauthd.
170
1712002-09-23  Rob Siemborski <rjs3@andrew.cmu.edu>
172        * config/kerberos_v4.m4: Don't compile with kerberos unless we
173          have both the libs and the headers (Carlos Velasco
174          <carlosv@newipnet.com>)
175
1762002-09-19  Rob Siemborski <rjs3@andrew.cmu.edu>
177        * plugins/gssapi.c: endinaness corrections
178        * sasldb/db_berkeley.c, utils/dbconverter-2.c: Berkley DB 4.1
179          support (Mika Iisakkila <mika.iisakkila@pingrid.fi>)
180
1812002-09-19  Ken Murchison <ken@oceana.com>
182        * plugins/plugin_common.[ch]: make SASL_CB_USER and result optional
183        * plugins/anonymous.c: use SASL_CB_USER for fetching trace info,
184          don't require SASL_CB_AUTHNAME
185        * plugins/gssapi.c, plugins/kerberos.c: don't require SASL_CB_USER
186        * lib/external.c: define SASL_FEAT_ALLOWS_PROXY for this mechanism,
187          don't require SASL_CB_USER
188
1892002-09-18  Rob Siemborski <rjs3@andrew.cmu.edu>
190        * plugins/srp.c, plugins/kerberos4.c: correct maxoutbuf handling
191        * plugins/digestmd5.c: correct maxoutbuf handling, actually
192          send maxbuf to the remote.
193        * lib/common.c: sanity check security properties
194       
1952002-09-17  Ken Murchison <ken@oceana.com>
196        * plugins/ntlm.c: home-grown client/server NTLM implementation
197        * configure.in: NTLM depends on OpenSSL libcrypto
198        * doc/sysadmin.html: added NTLM blurb
199
2002002-09-16  Rob Siemborski <rjs3@andrew.cmu.edu>
201        * lib/canonusr.c: don't index begin_u with -1
202          (Randy Kunkee <randy@randallkunkee.com>)
203        * doc/sysadmin.html: cleanup
204        * utils/saslpasswd.c: don't exit with -SASL_FAIL
205        * saslauthd/saslauthd-unix.c: use a char* instead of a void* in
206          retry_read
207
2082002-09-12  Ken Murchison <ken@oceana.com>
209        * lib/common.c: NULL outbuf if we get no output from sasl_decode()
210
2112002-09-11  Rob Siemborski <rjs3@andrew.cmu.edu>
212        * plugins/mysql.c: Actually loop through the potential servers
213          properly (Seow Kok Heng <kokheng@jhs.com.sg>)
214        * acinclude.m4: Added copy of the correct libtool macros as
215          acinclude.m4
216        * configure.in: fix for gcc 3.x
217          (Carlos Velasco <carlosev@newipnet.com>)
218
2192002-09-10  Rob Siemborski <rjs3@andrew.cmu.edu>
220        * lib/server.c: Better handling of add_plugin failures
221
2222002-09-10  Ken Murchison <ken@oceana.com>
223        * acconfig.h, configure.in: enable/disable NTLM
224        * lib/staticopen.h, plugins/Makefile.am, makeinit.sh, ntlm.c:
225          added NTLM support (client-side only)
226
2272002-09-07  Rob Siemborski <rjs3@andrew.cmu.edu>
228        * saslauthd/configure.in, saslauthd/Makefile.am: don't
229          do configure substitutions for the saslauthd_SOURCES variable
230          (Carlos Velasco <carlosev@newipnet.com>)
231
2322002-09-05  Rob Siemborski <rjs3@andrew.cmu.edu>
233        * doc/os390.html: added
234        * doc/index.html: referenced os390.html and macosx.html
235        * lib/Makefile.am: better handling of plugin_common
236
2372002-09-04  Rob Siemborski <rjs3@andrew.cmu.edu>
238        * (throughout) Extensive cleanup of how we build static and
239          shared versions of libsasl.  Also some more portability
240          fixes (Howard Chu <hyc@highlandsun.com>)
241
2422002-09-04  Rob Siemborski <rjs3@andrew.cmu.edu>
243        * acconfig.h, configure.in: Actually check for sysexits.h,
244          varargs.h, and stdarg.h
245        * lib/checkpw.c: compatibility patch for retry_read
246          (Howard Chu <hyc@highlandsun.com>)
247
2482002-09-03  Rob Siemborski <rjs3@andrew.cmu.edu>
249        * (throughout) fix handling of sys/param.h
250        * (throughout) fix handling of time.h and sys/time.h
251        * include/exits.h: include a replacement for sysexits.h
252        * acconfig.h: define MAXHOSTNAMELEN if it isn't
253        * lib/getaddrinfo.c, config/ipv6.m4: minor fixes for partial
254          getaddrinfo/getnameinfo implementations
255        * (Above changes are all from or based on ideas from
256           Howard Chu <hyc@highlandsun.com>)
257
2582002-08-28  Rob Siemborski <rjs3@andrew.cmu.edu>
259        * lib/client.c, lib/saslint.h: Properly handle client-side
260          serverFQDN and clientFQDN
261
2622002-08-19  Rob Siemborski <rjs3@andrew.cmu.edu>
263        * lib/dlopen.c: use correct paths when a .la file is not present
264          (Justin Gibbs <gibbs@scsiguy.com>)
265
2662002-08-13  Rob Siemborski <rjs3@andrew.cmu.edu>
267        * doc/sysadmin.html: fix some /usr/lib/sasl references to
268          /usr/lib/sasl2 (Andrew Jones <arjones@simultan.dyndns.org>)
269
2702002-08-09  Rob Siemborski <rjs3@andrew.cmu.edu>
271        * saslauthd/Makefile.am: fix small parts of the saslauthd.8 build
272          process.
273        * Ready for 2.1.7
274
2752002-08-06  Ken Murchison <ken@oceana.com>
276        * plugins/digestmd5.c: disable/remove server-side fast reauth
277
2782002-08-02  Rob Siemborski <rjs3@andrew.cmu.edu>
279        * include/sasl.h, lib/common.c: Add SASL_AUTHUSER as a parameter
280          to sasl_getprop
281
2822002-08-01  Rob Siemborski <rjs3@andrew.cmu.edu>
283        * saslauthd/lak.c: allow use of more than one %u or %r in the filter
284          (Laurent Larquère <llarquere@aacom.fr>)
285
2862002-07-30  Rob Siemborski <rjs3@andrew.cmu.edu>
287        * lib/client.c, lib/server.c: Add checks for SASL_NEED_PROXY and
288          SASL_FEAT_ALLOWS_PROXY
289        * include/sasl.h, include/saslplug.h: Add SASL_NEED_PROXY and
290          SASL_FEAT_ALLOWS_PROXY
291        * plugins/digestmd5.c, plugins/gssapi.c, plugins/kerberos4.c,
292          plugins/otp.c, plugins/plain.c, plugins/srp.c: define
293          SASL_FEAT_ALLOWS_PROXY for these mechanisms
294
2952002-07-27  Rob Siemborski <rjs3@andrew.cmu.edu>
296        * saslauthd/auth_sasldb.c: Include mechanisms.h in a reasonable place.
297
2982002-07-24  Rob Siemborski <rjs3@andrew.cmu.edu>
299        * saslauthd/Makefile.am: Fix DEFS to still supply -I. and -I..
300        * configure.in: Make --with-ldap show up in top level configure script,
301          make saslauthd compile by default
302        * lib/saslutil.c: use read() and not fread() on /dev/random to preserve
303          entropy
304        * doc/sysadmin.html: Add note about using /dev/urandom
305
3062002-07-19  Rob Siemborski <rjs3@andrew.cmu.edu>
307        * doc/sysadmin.html, doc/readme.html, doc/upgrading.html:
308          Misc. documentation cleanup (Joe Rhett <jrhett@isite.net>)
309
3102002-07-17  Ken Murchison <ken@oceana.com>
311        * lib/canonusr.c: update length of user string to length of output
312          from callback
313
3142002-07-16  Rob Siemborski <rjs3+@andrew.cmu.edu>
315        * plugins/cram.c: Fix a security problem in the verification of
316          the digest string. (Andrew Jones <arjones@simultan.dyndns.org>)
317        * Ready for 2.1.6
318
3192002-07-06  Rob Siemborski <rjs3@andrew.cmu.edu>
320        * plugins/mysql.c: Further memory management cleanup. (never
321          strdup the options, and therefore don't free staticly allocated
322          strings)
323        * man/sasl_getopt_t.3: Clarify semantics of memory management
324
3252002-07-05  Rob Siemborski <rjs3@andrew.cmu.edu>
326        * saslauthd/lak.c: Better handling of downed ldap servers
327          (Igor Brezac <igor@ipass.net>)
328        * sasldb/db_berkeley.c, utils/dbconverter-2.c: Use db_strerror()
329          rather than strerror() for Berkeley DB error values.
330          (J.H.M. Dassen (Ray) <jdassen@debian.org>)
331        * saslauthd/Makefile.am, saslauthd/auth_ldap.c: don't
332          hardwire the saslauthd conf file
333          (J.H.M. Dassen (Ray) <jdassen@debian.org>)
334
3352002-07-03  Rob Siemborski <rjs3@andrew.cmu.edu>
336        * man/sasl_user_exists.3: fix sasl_idle reference
337
3382002-07-02  Rob Siemborski <rjs3@andrew.cmu.edu>
339        * lib/auxprop.c: Can now select multiple auxprop plugins
340        * doc/options.html: updated for above
341        * lib/client.c: improve mechanism selection to include
342          number of security flags
343
3442002-06-27  Ken Murchison <ken@oceana.com>
345        * doc/draft-zeilenga-sasl-plain-00.txt: added
346        * doc/index.html: added PLAIN draft
347
3482002-06-26  Ken Murchison <ken@oceana.com>
349        * doc/draft-zeilenga-sasl-anon-00.txt: added
350        * doc/index.html: added ANONYMOUS draft
351
3522002-06-20  Rob Siemborski <rjs3@andrew.cmu.edu>
353        * lib/auxprop.c: Make "cound not find auxprop plugin" warning
354          log at LOG_DEBUG
355
3562002-06-19  Rob Siemborski <rjs3@andrew.cmu.edu>
357        * plugins/digestmd5.c: create layer keys for integrity as
358          well as privacy
359        * saslauthd/auth_ldap.[ch], saslauthd/lak.[ch]:
360          Large rewrite (Igor Brezac <igor@ipass.net>)
361        * lib/client.c, lib/server.c, lib/common.c:
362          Actually set most of the sparams and cparams structures
363
3642002-06-19  Ken Murchison <ken@oceana.com>
365        * doc/draft-melnikov-rfc2831bis-01.txt: added
366        * doc/draft-melnikov-rfc2831bis-00.txt: deleted
367        * doc/index.html: updated to latest RFC 2831bis draft
368
3692002-06-18  Ken Murchison <ken@oceana.com>
370        * doc/draft-nerenberg-sasl-crammd5-02.txt: added
371        * doc/draft-nerenberg-sasl-crammd5-01.txt: deleted
372        * doc/index.html: updated to latest CRAM-MD5 draft
373
3742002-06-17  Rob Siemborski <rjs3@andrew.cmu.edu>
375        * plugins/login.c, plugins/plain.c: Canonicalize username before
376          doing checkpass
377
3782002-06-14  Rob Siemborski <rjs3@andrew.cmu.edu>
379        * lib/client.c, lib/server.c, lib/saslint.h, lib/common.c.
380          lib/seterror.c: continued size_t vs unsigned cleanups
381
3822002-06-13  Rob Siemborski <rjs3@andrew.cmu.edu>
383        * saslauthd/ : remove LDAP support
384        * Ready for 2.1.5
385
3862002-06-12  Rob Siemborski <rjs3@andrew.cmu.edu>
387        * plugins/digestmd5.c: rename get_realm to get_server_realm, and
388          pay attention to its return value
389        * lib/external.c, lib/seterror.c: cleanup size_t/unsigned confusion
390
3912002-06-10  Rob Siemborski <rjs3@andrew.cmu.edu>
392        * sasldb/Makefile.am: fix handling of allockey (only include it once)
393        * plugins/kerberos4.c: fix a reference count leak
394        * Ready for 2.1.4
395
3962002-05-28  Rob Siemborski <rjs3@andrew.cmu.edu>
397        * saslauthd/LDAP_SASLAUTHD, saslauthd/saslauthd.mdoc:
398          Update documentation for LDAP and Saslauthd as per
399          Igor Brezac <igor@ipass.net>
400
4012002-05-22  Lawrence Greenfield  <leg+@andrew.cmu.edu>
402        * lib/checkpw.c: close door file descriptor in
403          saslauthd_verify_password
404
4052002-05-21  Rob Siemborski <rjs3@andrew.cmu.edu>
406        * saslauthd/auth_krb5.c: fix a leak due to not
407          calling krb5_cc_destroy on failure
408
4092002-05-17  Rob Siemborski <rjs3@andrew.cmu.edu>
410        * saslauthd/saslauthd-*.c: support a generic mechanism option -O
411          instead of -H
412        * saslauthd/auth_ldap.c, lak.c, et. al: auth_ldap overhaul
413          (Igor Brezac <igor@ipass.net>)
414        * lib/common.c, include/sasl.h: add sasl_version
415
4162002-05-13  Rob Siemborski <rjs3@andrew.cmu.edu>
417        * lib/checkpw.c: use "*cmusaslsecretPLAIN" in auxprop_verify_password
418          (Howard Chu, <hyc@highlandsun.com>), also only make a single
419          canon_user call.
420
4212002-05-13  Ken Murchison <ken@oceana.com>
422        * plugins/plugin_common.c: set the return code to SASL_FAIL, and
423          NULL the results of the _plug_get_*() functions before we get
424          started
425        * plugins/digestmd5.c, otp.c, plain.c, srp.c: check for NULL or
426          empty authzid from callback
427
4282002-05-09  Rob Siemborski <rjs3@andrew.cmu.edu>
429        * saslauthd/configure.in: --with-ldap now takes a path
430
4312002-05-08  Rob Siemborski <rjs3@andrew.cmu.edu>
432        * saslauthd/acconfig.h, auth_ldap.c, configure.in, lak.c, lak.h:
433          Misc compile/portability fixes (mostly header-related)
434        * utils/testsuite.c: minor getopt() parameter fix
435          (Claus Assmann <ca+sasl@sendmail.org>)
436        * lib/checkpw.c: fix some warnings
437
4382002-05-07  Rob Siemborski <rjs3@andrew.cmu.edu>
439        * Ready for 2.1.3-BETA
440
4412002-05-06  Rob Siemborski <rjs3@andrew.cmu.edu>
442        * include/saslplug.h: add name member for canon_user plugins
443        * lib/canonusr.c: use name member
444
4452002-05-06  Ken Murchison <ken@oceana.com>
446        * plugins/digestmd5.c: added client-side reauth
447
4482002-05-05  Ken Murchison <ken@oceana.com>
449        * lib/client.c: pass global_context to mech_new()
450        * lib/server.c: don't free global_context (the plugin should free it)
451        * utils/testsuite: swapped serverlast tests so that the
452          descriptions are correct
453
4542002-05-03  Ken Murchison <ken@oceana.com>
455        * plugins/digestmd5.c: added server-side reauth
456        * doc/index.html: added Marshall Rose's SASL papers
457        * doc/options.html: added 'reauth_timeout'
458
4592002-05-03  Rob Siemborski <rjs3@andrew.cmu.edu>
460        * plugins/kerberos4.c: fix compile errors
461        * config/kerberos_v4.m4, plugins/digestmd5.c: fix des_cbc_encrypt
462          interoperability problem (OpenSSL)
463        * saslauthd/Makefile.am, acconfig.h, auth_ldap.c, auth_ldap.h,
464          configure.in, lak.c, lak.h, mechanisms.c, mechanisms.h,
465          saslauthd.conf: added experimental LDAP saslauthd module
466          (by Igor Brezac <igor@ipass.net>)
467        * include/saslplug.h: give auxprop plugins a name
468        * plugins/sasldb.c: give sasldb plugin a name
469        * lib/auxprop.c: allow auxprop selection
470        * doc/options.html: document auxprop_plugin option
471
4722002-05-01  Ken Murchison <ken@oceana.com>
473        * plugins/digestmd5.c, gssapi.c, kerberos4.c, srp.c:
474          general plugin cleanup - standardizing structure
475
4762002-04-30  Rob Siemborski <rjs3@andrew.cmu.edu>
477        * plugins/gssapi.c: Minor cleanup of struct hack in context structure
478
4792002-04-30  Ken Murchison <ken@oceana.com>
480        * plugins/plugin_common.[ch], anonymous.c, cram.c, login.c, otp.c,
481          plain.c, sasldb.c, srp.c,
482          lib/client.c, external.c, saslint.h, server.c: general plugin
483          cleanup - reusing more common code, standardizing structure
484
4852002-04-28  Ken Murchison <ken@oceana.com>
486        * plugins/plugin_common.[ch], anonymous.c, cram.c, digestmd5.c,
487          gssapi.c, kerberosv4.c, login.c, otp.c, plain.c, srp.c,
488          lib/external.c:finalize movement of callback/interaction stuff
489          into plugin_common
490
4912002-04-27  Ken Murchison <ken@oceana.com>
492        * plugins/plugin_common.[ch], anonymous.c, cram.c, digestmd5.c,
493          gssapi.c, kerberosv4.c, login.c, otp.c, plain.c, srp.c,
494          lib/external.c: move make_prompts stuff into plugin_common
495        * utils/testsuite.c: allow for testing of EXTERNAL
496
4972002-04-26  Rob Siemborski <rjs3@andrew.cmu.edu>
498        * sasldb/allockey.c: be sure to set userPassword and not *userPassword
499
5002002-04-26  Ken Murchison <ken@oceana.com>
501        * lib/client.c, server.c: check 'doneflag' just before mech_step()
502        * plugins/plugin_common.[ch], anonymous.c, cram.c, digestmd5.c,
503          gssapi.c, kerberosv4.c, login.c, otp.c, plain.c, srp.c,
504          lib/external.c, Makefile.am: move callback/interaction stuff
505          into plugin_common
506        * plugins/plugin_common.[ch], digestmd5.c, gssapi.c,
507          kerberosv4.c, srp.c: move decode/concatenation of multiple
508          packets into plugin_common
509        * utils/testsuite.c: set SASL_AUTH_EXTERNAL so we can test EXTERNAL
510
5112002-04-25  Ken Murchison <ken@oceana.com>
512        * plugins/otp.c: don't free the secret when we get data from a
513          callback (and don't copy it)
514        * plugins/gssapi.c, plain.c: make sure to set 'doneflag' when done
515        * lib/client.c, server.c: don't call mech_step() if 'doneflag' is set
516
5172002-04-24  Rob Siemborski <rjs3@andrew.cmu.edu>
518        * plugins/cram.c, digestmd5.c, login.c, plain.c, srp.c: don't
519          free the secret when we get data from a callback (and don't copy it)
520       
5212002-04-22  Rob Siemborski <rjs3@andrew.cmu.edu>
522        * include/gai.h: Fix for compatibility with older glibc versions
523          (Howard Chu, <hyc@highlandsun.com>)
524        * plugins/gssapi.c: Don't always send authzid on client side
525          (Howard Chu, <hyc@highlandsun.com>)
526
5272002-04-18  Rob Siemborski <rjs3@andrew.cmu.edu>
528        * saslauthd/auth_sasldb.c: Use "use_realm" instead of "realm"
529          for lookup of secret. (Jonas Oberg <jonas@gnu.org>)
530        * plugins/gssapi.c: Correct handling of client-side authid and
531          authzid (Howard Chu, <hyc@highlandsun.com>)
532        * lib/external.c: Better handling of user canonicalization
533          (Howard Chu, <hyc@highlandsun.com>)
534        * plugins/cram.c, digestmd5.c, gssapi.c, kerberos4.c,
535          login.c, otp.c, plain.c, srp.c:  zero out prompt_need structures
536          before use
537
5382002-04-17  Rob Siemborski <rjs3@andrew.cmu.edu>
539        * plugins/cram.c, digestmd5.c, srp.c: Adjust cmusaslsecretFOO to
540          *cmusaslsecretFOO
541        * plugins/sasldb.c: correctly handle *(property)
542        * lib/canonusr.c, server.c: Lookup authzid and authid auxprops
543          correctly (and in the same place).
544        * include/sasl.h, saslplug.h: Fix auxprop lookups
545          (e.g. SASL_AUXPROP_AUTHZID)
546
5472002-04-15  Rob Siemborski <rjs3@andrew.cmu.edu>
548        * plugins/gssapi.c: Handle null authzid's correctly
549        * lib/server.c: fix a strcmp() that should be a memcmp()
550
5512002-04-15  Rob Siemborski <rjs3@andrew.cmu.edu>
552        * plugins/gssapi.c: fix how name_token and name_without_realm are
553          freed.
554
5552002-04-12  Ken Murchison <ken@oceana.com>
556        * doc/draft-melnikov-rfc2831bis-00.txt: added
557        * doc/draft-myers-saslrev-02.txt: moved TOC
558        * doc/draft-myers-saslrev-02.txt: added
559        * doc/draft-myers-saslrev-01.txt: deleted
560        * doc/index.html: changed link to updated saslrev draft,
561          added KERBEROS_V4 notation,
562          added link to rfc2831bis draft
563
5642002-04-08  Ken Murchison <ken@oceana.com>
565        * lib/server.c, doc/options.html: allow multiple pwcheck_methods
566
5672002-04-03  Rob Siemborski <rjs3+@andrew.cmu.edu>
568        * saslauthd/configure.in: properly define AUTH_KRB5
569        * saslauthd/auth_krb5.c: changes for MIT KRB5
570
5712002-03-27  Rob Siemborski <rjs3+@andrew.cmu.edu>
572        * Removed check for db3/db.h (people can just use --with-bdb-incdir)
573
5742002-03-26  Rob Siemborski <rjs3+@andrew.cmu.edu>
575        * Ready for 2.1.2
576
5772002-03-11  Rob Siemborski <rjs3+@andrew.cmu.edu>
578        * plugins/kerberos4.c: Fix a race condition during mutex allocation
579
5802002-03-04  Rob Siemborski <rjs3+@andrew.cmu.edu>
581        * lib/checkpw.c: Stop logging "authentication failed" message
582        * plugins/gssapi.c: Reduce log level of "gss_accept_context" message
583
5842002-02-27  Rob Siemborski <rjs3+@andrew.cmu.edu>
585        * saslauthd/saslauthd.mdoc: Clarify that sasldb with saslauthd
586          is not what you want to be doing.
587        * doc/sysadmin.html: Update "sasldb" verifier to "auxprop"
588
5892002-02-22  Rob Siemborski <rjs3+@andrew.cmu.edu>
590        * lib/checkpw.c: made retry_read static
591
5922002-02-21  Rob Siemborski <rjs3+@andrew.cmu.edu>
593        * lib/checkpw.c (auxprop_verify_password) report SASL_NOUSER instead
594          of SASL_FAIL.
595        * lib/client.c, lib/server.c: More Complete returning of SASL_NOTINIT
596        * utils/testsuite.c: Better checking for SASL_NOTINIT
597
5982002-02-11  Ken Murchison <ken@oceana.com>
599        * plugins/srp.c: removed OpenSSL 0.9.6 dependencies, small bugfix
600        * configure.in: cleaned up OpenSSL (libcrypto) check
601
6022002-02-05  Rob Siemborski <rjs3+@andrew.cmu.edu>
603        * contrib/tclsasl: Add Marshall Rose's <mrose@dbc.mtview.ca.us>
604          tclsasl patch.
605        * plugins/anonymous.c: No longer append extra NUL to client response
606
6072002-02-04  Rob Siemborski <rjs3+@andrew.cmu.edu>
608        * utils/saslpasswd.c: Added -n option (Ken Murchison)
609        * lib/dlopen.c: Removed confusing entry point message.
610        * Ready for 2.1.1
611
6122002-02-01  Ken Murchison <ken@oceana.com>
613        * plugins/srp.c: fixed srp_setpass()
614
6152002-01-31  Ken Murchison <ken@oceana.com>
616        * include/sasl.h, lib/server.c,
617          plugins/digestmd5.c, gssapi.c, kerberos4.c, srp.c:
618          added SASL_SEC_MUTUAL_AUTH
619        * plugins/srp.c: cleanup error messages and return codes
620       
6212002-01-30  Ken Murchison <ken@oceana.com>
622        * plugins/otp.c, plugins/otp.h: added non-OPIE client/server
623          implementation (requires OpenSSL)
624        * configure.in: OTP now requires OpenSSL, OPIE is optional
625        * doc/options.html, doc/readme.html, doc/sysadmin.html, doc/TODO:
626          updated for new OTP implementation
627
6282002-01-25  Rob Siemborski <rjs3+@andrew.cmu.edu>
629        * saslauthd/Makefile.am: Correct multiple EXTRA_DIST bug
630        * saslauthd/Makefile.am: small typo fixed (Leena Heino <liinu@uta.fi>)
631
6322002-01-23  Rob Siemborski <rjs3+@andrew.cmu.edu>
633        * utils/dbconverter-2.c (main): More intelligent default paths
634        * acconfig.h: #ifndef's for _GNU_SOURCE (Assar <assar@permabit.com>)
635
6362002-01-22  Rob Siemborski <rjs3+@andrew.cmu.edu>
637        * lib/common.c: Complete definition of sasl_global_listmech
638          (from Love <lha@stacken.kth.se>)
639        * lib/client.c: added checks for _sasl_client_active to
640          sasl_client_new and sasl_client_start
641
6422002-01-21  Ken Murchison <ken@oceana.com>
643        * doc/draft-myers-saslrev-01.txt: moved TOC
644        * doc/draft-ietf-cat-sasl-gssapi-05.txt: moved TOC
645        * doc/draft-nerenberg-sasl-crammd5-01.txt: added
646        * doc/draft-nerenberg-sasl-crammd5-00.txt: deleted
647        * doc/index.html: changed link to updated draft
648        * plugins/login.c (login_client_mech_step): fix client-first
649          handling
650
6512002-01-21  Rob Siemborski <rjs3+@andrew.cmu.edu>
652        * lib/server.c (sasl_server_start): null out *serverout and
653          *serveroutlen, just in case.
654        * lib/external.c: Added correct required_prompts
655        * saslauthd/testsaslauthd.c: Added simple saslauthd client
656        * saslauthd/Makefile.am: rules for testsaslauthd
657        * doc/sysadmin.html: updated to reference testsaslauthd
658        * saslauthd/saslauthd.c: allow -n 0 (for fork-per-connection)
659        * saslauthd/saslauthd.mdoc: documentation of -n 0
660        * plugins/cram.c (crammd5_client_mech_step): fix client-first
661          handling
662        * sasldb/db_gdbm.c: improved error reporting
663          (Courtesy Marshall T. Rose <mrose@dbc.mtview.ca.us>
664        * config/sasldb.m4: improved gdbm configure handling
665          (Courtesy Marshall T. Rose <mrose@dbc.mtview.ca.us>
666        * config/kerberos_v4.m4: Detect OpenSSL libdes first.
667          (Courtesy Marshall T. Rose <mrose@dbc.mtview.ca.us>
668        * plugins/cram.c, digestmd5.c, kervberos4.c, login.c,
669          lib/client.c, server.c, include/saslplug.h:
670          Cleaner client-first ABI.
671
6722002-01-19  Ken Murchison <ken@oceana.com>
673        * plugins/otp.c: set serverout to NULL where we have nothing to
674          send instead of the empty string
675        * plugins/srp.c: let glue code handle client-last/server-last
676          situation by setting serverout appropriately
677
6782002-01-19  Rob Siemborski <rjs3+@andrew.cmu.edu>
679        * plugins/plain.c, plugins/login.c, plugins/digestmd5.c:
680          set serverout to NULL where we have nothing to send instead of
681          the empty string
682        * include/saslplug.h, lib/client.c, lib/server.c: eliminated
683          SASL_FEAT_WANT_SERVER_LAST in favor of clever setting of serverout
684        * plugins/digestmd5.c: removed SASL_FEAT_WANT_SERVER_LAST
685
6862002-01-18  Ken Murchison <ken@oceana.com>
687        * plugins/srp.c: updated to draft-burdis-cat-srp-sasl-06
688        * plugins/srp.c: server uses external SSF
689        * plugins/srp.c: server sends mandatory options based on min SSF
690        * doc/draft-burdis-cat-srp-sasl-06.txt: added
691        * doc/draft-burdis-cat-srp-sasl-05.txt: deleted
692        * doc/index.html: changed link to updated draft
693
6942002-01-17  Rob Siemborski <rjs3+@andrew.cmu.edu>
695        * plugins/kerberos4.c: Actually allocate a mutex on the client side
696
6972002-01-16  Rob Siemborski <rjs3+@andrew.cmu.edu>
698        * lib/server.c (mech_permitted): fixed incorrect return value of
699          SASL_NOMECH that should have been 0.
700        * lib/common.c (sasl_errdetail): fixed core if passed in conn is NULL
701        * plugins/digestmd5.c (encode_tmp_buf): removed unneeded buffer
702
7032002-01-16  Ken Murchison <ken@oceana.com>
704        * plugins/srp.c: fixed layer decoding to handle multiple packets
705        * plugins/srp.c: plugged memory leaks (now passes testsuite)
706        * plugins/srp.c: more logging
707        * plugins/srp.c: lots of other nits, bug fixes
708        * utils/testsuite.c: added SSF=0/56 test
709
7102002-01-14  Rob Siemborski <rjs3+@andrew.cmu.edu>
711        * saslauthd/auth_krb4.c (auth_krb4): fix tf_name memory leak,
712          and other efficency fixes
713
7142002-01-11  Rob Siemborski <rjs3+@andrew.cmu.edu>
715        * include/saslplug.h: Add flags member to params structures
716        * lib/client.c, lib/server.c: flags parameter to sasl_*_new
717          now gets to the plugins
718
7192002-01-10  Rob Siemborski <rjs3+@andrew.cmu.edu>
720        * include/sasl.h: Update for sasl_global_listmech API
721        * lib/common.c, lib/client.c, lib/server.c: sasl_global_listmech()
722        * lib/dlopen.c (_parse_la): fix parseing of dlname= line
723        * Ready for 2.1.0
724
7252002-01-09  Ken Murchison <ken@oceana.com>
726        * plugins/otp.c: fixed security_flags
727        * plugins/srp.c: corrected integrity layer encoding
728        * plugins/srp.c: finished maxbuffersize handling
729        * plugins/srp.c: fixed security_flags
730        * doc/index.html: added reference to SRP paper
731
7322002-01-09  Rob Siemborski <rjs3+@andrew.cmu.edu>
733        * lib/common.c (sasl_decode): Removed maxoutbuf check
734        * man/sasl_setprop.3: Minor clarifications
735        * plugins/digestmd5.c, plugins/gssapi.c, plugins/kerberos4.c:
736          Assorted security layer fixes (maxoutbuf setting, mech_ssf setting)
737        * lib/common.c, lib/client.c, lib/server.c, lib/saslint.h:
738          Allowed client-side sasl_listmech calls.
739        * include/sasl.h: Minor cosmetic fix to comments
740        * doc/programming.html: Interaction memory management clarifications
741        * lib/common.c: Fix several crash problems in getprop
742          (Courtesy Marshall T. Rose <mrose@dbc.mtview.ca.us>)
743
7442002-01-05  Lawrence Greenfield  <leg+@andrew.cmu.edu>
745        * saslauthd/saslauthd.c: F_SETLK doesn't block; F_SETLKW does
746        * saslauthd/saslauthd.c: detect errors somewhat better
747
7482002-01-04  Rob Siemborski <rjs3+@andrew.cmu.edu>
749        * lib/common.c: Allow sasl_setprop for SASL_DEFUSERREALM
750
7512002-01-04  Ken Murchison <ken@oceana.com>
752        * plugins/srp.c: don't send M2 if using a confidentiality layer
753        * plugins/srp.c: more constraint checks
754        * plugins/otp.c: improve standard hex/word response detection
755        * doc/install.html, doc/sysadmin.html, contrib/opie-2.4-fixes:
756          add patch for OPIE 2.4 to enable extended responses
757
7582002-01-03  Ken Murchison <ken@oceana.com>
759        * configure.in: removed check fpr gmp
760        * plugins/srp.c: migrated to OpenSSL's BN (removed GNU MP dependency)
761
7622001-12-20  Rob Siemborski <rjs3+@andrew.cmu.edu>
763        * sasldb/db_ndbm.c: Fixed small memory leak
764          (Courtesy  Howard Chu <hyc@highlandsun.com>)
765
7662001-12-18  Ken Murchison <ken@oceana.com>
767        * plugins/srp.c: more constraint checks
768
7692001-12-17  Rob Siemborski <rjs3+@andrew.cmu.edu>
770        * saslauthd/saslauthd.c: Prefork a number of processes to handle
771          connections.
772        * saslauthd/auth_krb4.c: Handle concurrent accesses better.
773
7742001-12-15  Ken Murchison <ken@oceana.com>
775        * plugins/srp.c: added confidentiality layers
776
7772001-12-14  Ken Murchison <ken@oceana.com>
778        * plugins/srp.c: improved client/server layer option handling
779        * plugins/srp.c: added client-side support for mandatory options
780        * plugins/srp.c: added framework for confidentiality layers
781        * plugins/srp.c: added some data sanity checking (thanks to
782          Tom Holroyd <tomh@po.crl.go.jp> for feedback)
783
7842001-12-13  Rob Siemborski <rjs3+@andrew.cmu.edu>
785        * lib/server.c, lib/common.c: Fix handling of
786          global callbacks so that plugin_list works again
787
7882001-12-12  Rob Siemborski <rjs3+@andrew.cmu.edu>
789        * pwcheck/Makefile.am: Added include of ../lib
790          (from Hajimu UMEMOTO <ume@mahoroba.org>)
791
7922001-12-11  Rob Siemborski <rjs3+@andrew.cmu.edu>
793        * sasldb/db_ndbm.c: fix call to dbm_nextkey, from
794          Scot W. Hetzel <scot@genroco.com>
795
7962001-12-10  Rob Siemborski <rjs3+@andrew.cmu.edu>
797        * doc/plugprog.html: Update for new user canonicalization usage.
798        * man/sasl_canon_user.3: Update for new user canonicalization usage.
799        * configure.in: Actually set STATIC_GSSAPIV2 when necessary
800
8012001-12-08  Ken Murchison <ken@oceana.com>
802        * plugins/srp.c: make sure we have the HMAC before trying to use it
803        * plugins/srp.c: don't advertise server integrity w/o HMAC-SHA-1
804        * plugins/srp.c: move EVP_cleanup() to mech_free so mech can be reused
805
8062001-12-07  Ken Murchison <ken@oceana.com>
807        * configure.in: SRP now requires OpenSSL
808        * plugins/srp.c: migrated to OpenSSL's MDA/cipher abstraction API
809        * plugins/srp.c: added RIPEMD-160 support
810        * plugins/srp.c: using "standard ACSII names" for MDA-names as
811          documented by [SCAN] (until determined otherwise)
812        * plugins/srp.c: using updated canon_user API to allow separate
813          canonicalization of authid and authzid.
814
8152001-12-06  Rob Siemborski <rjs3+@andrew.cmu.edu>
816        * lib/canonusr.c: Better logging when desired plugin is not found.
817        * lib/checkpw.c: spelling error fixed.
818        * lib/canonusr.c, lib/checkpw.c, lib/client.c, lib/external.c,
819          lib/saslint.h, lib/server.c, include/sasl.h, include/saslplug.h,
820          plugins/*.c: Updated canon_user API to allow separate
821          canonicalization of authid and authzid.
822
8232001-12-05  Rob Siemborski <rjs3+@andrew.cmu.edu>
824        * saslauthd/Makefile.am, saslauthd/acconfig.h, saslauthd/configure.in:
825          Solaris 7 and FreeBSD (FreeBSD is courtesy of Claus Assmann
826          <ca+sasl@sendmail.org>)
827        * sasldb/Makefile.am: link order fix (Courtesy Claus Assmann
828          <ca+sasl@sendmail.org>)
829
8302001-12-05  Ken Murchison <ken@oceana.com>
831        * configure.in:
832        * plugins/Makefile.am: only build SRP with sasldb libs when
833          srp_setpass() is enabled
834        * plugins/srp.c: added HMAC-SHA-160 integrity layer
835        * plugins/srp.c: don't offer integrity layers unless HMAC-SHA-160
836          is available (mandatory)
837        * plugins/srp.c: fixed multiple integrity/confidentiality layer
838          client-side bug
839        * plugins/srp.c: fixed delete SRP secret bug
840        * plugins/srp.c: removed VL() stuff
841
8422001-12-04  Rob Siemborski <rjs3+@andrew.cmu.edu>
843        * utils/Makefile.am, config/sasldb.m4: Build sasldblistusers2
844          and saslpasswd2.  Default database now /etc/sasldb2
845        * INSTALL, README, doc/index.html, doc/upgrading.html: Update
846          with upgrading instructions in preparation for release.
847        * doc/, /: Documentation reorganization, convert README and INSTALL to
848          HTML format.
849        * Bumped appropriate version numbers, Ready for 2.0.5-BETA
850
8512001-12-04  Ken Murchison <ken@oceana.com>
852        * acconfig.h, configure.in: dependency checking for SRP
853        * acconfig.h, configure.in:
854        * plugins/srp.c: made srp_setpass() a compile-time option (default=off)
855        * plugins/srp.c: use auxprop to fetch cmusaslsecretSRP/userPassword
856        * plugins/srp.c: code cleanup
857        * acconfig.h, configure.in:
858        * doc/sysadmin.html:
859        * plugins/otp.c: made otp_setpass() a compile-time option (default=off)
860
8612001-12-02  Ken Murchison <ken@oceana.com>
862        * plugins/srp.c: fixed SHA1 support
863        * plugins/srp.c: changed calculation of 'x' to coincide with draft -05
864        * plugins/srp.c: code cleanup
865
8662001-12-01  Ken Murchison <ken@oceana.com>
867        * plugins/srp.c: abstracted MDA interface
868        * plugins/srp.c: added SHA1 support (not working)
869
8702001-11-30  Ken Murchison <ken@oceana.com>
871        * plugins/srp.c: renumbered steps to start at 1
872        * plugins/srp.c: check plugin API version instead of SRP_VERSION
873        * plugins/srp.c: changed data exchanges to conform to draft -05
874
8752001-11-29  Ken Murchison <ken@oceana.com>
876        * plugins/srp.c: code now compiles and runs
877        * plugins/Makefile.am: added sasldb libs to SRP build
878
8792001-11-24  Ken Murchison <ken@oceana.com>
880        * lib/external.c: made EXTERNAL a client-send-first mechanism
881        * doc/index.html: added CRAM-MD5 draft
882
8832001-11-22  Ken Murchison <ken@oceana.com>
884        * plugins/otp.c: fixed otp_setpass() bug
885        * doc/sysadmin.html: OTP additions/changes
886
8872001-11-19  Rob Siemborski <rjs3+@andrew.cmu.edu>
888        * utils/saslpasswd.c: Corrected disable handling
889
8902001-11-17  Ken Murchison <ken@oceana.com>
891        * doc/index.html, rfc2945.txt, rfc3174.txt: specification additions
892        * doc/Makefile.am: Updated included RFCs and IDs
893       
8942001-11-14  Ken Murchison <ken@oceana.com>
895        * lib/server.c, doc/options.html: added 'mech_list' option
896
8972001-11-14  Rob Siemborski <rjs3+@andrew.cmu.edu>
898        * sasldb/allockey.c: removed an assert() call
899        * sasldb/db_ndmb.c, sasldb/db_gdbm.c: Fixed cntxt's to be conn's
900
9012001-11-13  Ken Murchison <ken@oceana.com>
902        * acconfig.h, configure.in:
903        * plugins/otp.c: support client-side OTP without OPIE
904
9052001-11-08  Ken Murchison <ken@oceana.com>
906        * plugins/otp.c: allow entry of one-time password via
907          SASL_CB_ECHOPROMPT callback
908        * plugins/otp.c: code cleanup
909        * doc/index.html, draft*.txt: specification updates/additions
910
9112001-11-08  Rob Siemborski <rjs3+@andrew.cmu.edu>
912        * plugins/cram.c, digestmd5.c, sasldb.c: Removed all assert()
913          calls from supported plugins.
914
9152001-11-07  Rob Siemborski <rjs3+@andrew.cmu.edu>
916        * utils/testsuite.c: added proxy policy checks
917        * lib/checkpw.c (_sasl_auxprop_verify_apop): correct handling
918          of seterror calls
919
9202001-11-06  Rob Siemborski <rjs3+@andrew.cmu.edu>
921        * lib/canonusr.c (_canonuser_internal): added necessary seterror calls
922        * doc/Makefile.am: Updated included RFCs and IDs
923        * lib/canonusr.c, lib/server.c: Corrected authzid/authid handling
924        * plugins/digestmd5.c: Unconfused authzid/authid in server call to
925          canon_user
926
9272001-11-01  Rob Siemborski <rjs3+@andrew.cmu.edu>
928        * plugins/gssapi.c, plugins/kerberos4.c: Get rid of unnecessary
929          buffer copy in security layer encodes.
930
9312001-10-24  Ken Murchison <ken@oceana.com>
932        * plugins/otp.c: added otp_setpass() so that saslpasswd can
933          be used instead of opiepasswd on closed systems
934        * doc/sysadmin.html: OTP additions/changes
935
9362001-10-22  Ken Murchison <ken@oceana.com>
937        * acconfig.h, configure.in: detect OPIE, enable/disable OTP
938        * plugins/Makefile.am, makeinit.sh, otp.c: added OTP support
939          (still need work on RFC2444 compliance - depends on OPIE changes)
940        * doc/index.html, options.html, sysadmin.html, rfc*.txt:
941          OTP additions/changes
942
9432001-10-18  Rob Siemborski <rjs3+@andrew.cmu.edu>
944        * utils/testsuite.c: Test DES harder for DIGEST-MD5
945        * plugins/digestmd5.c (enc_des): Get rid of one buffer copy.
946        * plugins/digestmd5.c (dec_des, dec_3des): correct handling of
947          padding length check.
948
9492001-10-17  Rob Siemborski <rjs3+@andrew.cmu.edu>
950        * config/sasldb.m4: detect berkeley db 4
951        * plugins/gssapi.c, cram.c, kerberos4.c, digestmd5.c: have dispose
952          calls deal with the possibility of a null context
953
9542001-10-16  Rob Siemborski <rjs3+@andrew.cmu.edu>
955        * saslauthd/Makefile.am: Link LIB_PAM  as well, if needed
956        * plugins/digestmd5.c: Don't send a trailing nul on challenge and
957          responses.
958        * lib/server.c (sasl_server_start, sasl_server_step): Deal with
959          authentication failures better. (Reported by Larry Rosenbaum
960          <lmr@ornl.gov>)
961
9622001-10-02  Rob Siemborski <rjs3+@andrew.cmu.edu>
963        * saslauthd/Makefile.am, saslauthd/auth_sasldb.c,
964          saslauthd/configure.in: Changes to allow extraction of saslauthd
965          as needed.
966
9672001-09-19  Rob Siemborski <rjs3+@andrew.cmu.edu>
968        * lib/getaddrinfo.c (getaddrinfo): Correct fix for
969          AI_PASSIVE bug from Hajimu UMEMOTO <ume@mahoroba.org>
970        * plugins/plugin_common.c, lib/common.c (_*_ipfromstring):
971          revert to previous versions.
972
973        * plugins/Makefile.am: Include necessry compatibility objects
974          as needed.
975        * lib/Makefile.am: compatibility code for static libsasl
976        * configure.in: small changes to make compatibility objects easy
977          to use.
978
9792001-09-18  Rob Siemborski <rjs3+@andrew.cmu.edu>
980        * plugins/plugin_common.c, lib/common.c (_*_ipfromstring):
981          no longer use AI_PASSIVE hint for getaddrinfo
982
9832001-09-13  Rob Siemborski <rjs3+@andrew.cmu.edu>
984        * saslauthd/auth_sasldb.c, saslauthd/auth_sasldb.h:
985          Added experimental sasldb saslauthd module
986        * saslauthd/configure.in: sasldb related config changes,
987          do not config if disabled
988
9892001-09-12  Rob Siemborski <rjs3+@andrew.cmu.edu>
990        * saslauthd/*, lib/checkpw.c (saslauthd_verify_password):
991          merged new saslauthd protocol from Ken Murchison <ken@oceana.com>
992
9932001-08-30  Rob Siemborski <rjs3+@andrew.cmu.edu>
994
995        * configure.in, saslauthd/configure.in: check for inet_aton
996          in libresolv.so, so as to link it if necessary
997
998        * config/sasldb.m4 (BERKELEY_DB_CHK_LIB): set runpath of library
999          if necessary
1000
10012001-08-29  Rob Siemborski <rjs3+@andrew.cmu.edu>
1002
1003        * utils/testsuite.c: Minor testsuite fix (include paths)
1004
1005        * Ready for 2.0.4-BETA
1006
10072001-08-24  Rolf Braun <rbraun+@andrew.cmu.edu>
1008
1009        * Mac OS 9 and X support, including Carbon
1010          Mac OS 9 Classic support based on the SASL v1 code
1011          by Aaron Wohl <n3liw+@andrew.cmu.edu>
1012
1013        * updated ltconfig and ltmain.sh
1014        * acconfig.h:
1015        * configure.in:
1016        * lib/saslutil.c: use random() when jrand48() isn't available
1017
1018        * dlcompat-20010505:
1019          dlcompat included for OS X support, compiles separately
1020        * lib/dlopen.c: prefix symbols with underscore on OS X, as on OpenBSD
1021          note that this is also detected automatically by configure,
1022          this only helps when cross-compiling (for OS X?)
1023
1024        * acconfig.h:
1025        * configure.in:
1026        * config/kerberos_v4.m4
1027          look for libdes524 when libdes doesn't exist.
1028          look for libkrb4 when libkrb doesn't exist.
1029
1030        * lib/saslint.h:
1031        * lib/common.c:
1032        * lib/seterror.c:
1033        * lib/Makefile.am:
1034          split sasl_seterror() into a new file.
1035          add_string -> _sasl_add_string and made this non-static
1036          so seterror can use it.
1037          added _sasl_get_errorbuf to go into the conn_t struct
1038          so we don't have to know the format of that struct when
1039          seterror.c is linked from glue code (i.e., the Mac OS X CFM glue)
1040
1041        * acconfig.h:
1042          fix the order of the fake iovec struct for systems that
1043          don't have it (like Mac OS 9) so it's the same order as
1044          most Unixes that do (like Mac OS X) -- the CFM glue needs this
1045
1046        * acconfig.h:
1047          include <sys/types.h> before we include <sys/uio.h>
1048
1049        * plugins/kerberos4.c:
1050        * lib/checkpw.c:
1051        * acconfig.h:
1052        * configure.in:
1053          check for krb_get_err_txt in the kerberos 4 library,
1054          and use it instead of the krb_err_txt[] array if available
1055
1056        * plugins/kerberos4.c:
1057          define KEYFILE to "/etc/srvtab" if not already defined
1058          by the kerberos 4 headers (needed for MIT KfM 4.0)
1059
1060        * doc/macosx.html: added this
1061        * README: point Mac OS X users to doc/macosx.html
1062        * doc/Makefile.am: add doc/macosx.html to distfiles
1063
1064        * Makefile.am:
1065        * lib/Makefile.am:
1066        * include/Makefile.am:
1067        * config/Info.plist:
1068        * configure.in:
1069          when building on Mac OS X, install a framework
1070          in /Library/Frameworks
1071
1072        * mac/*:
1073          projects and support files for Mac OS 9, classic and Carbon
1074        * mac/osx_cfm_glue:
1075          the glue to allow CFM Carbon applications under Mac OS X
1076          call the Unix-layer SASL library
1077
1078        * lib/common.c:
1079        * lib/canonusr.c:
1080          don't do the auxprop stuff on Mac OS 9
1081
1082        * lib/getaddrinfo.c:
1083          don't look up hostnames on Mac OS 9 (we only officially
1084          support passing IP address strings anyway)
1085
1086        * lib/getaddrinfo.c:
1087        * plugins/plugin_common.c:
1088        * plugins/plugin_common.h:
1089          don't include headers on Mac OS 9 that we don't have.
1090
1091        * sample/sample-client.c:
1092          add a cast for Mac OS 9 (different type handling of char)
1093
1094        * plugins/makeinit.sh:
1095          include the stub header to export the right symbols on Mac OS 9
1096
10972001-08-20  Rob Siemborski <rjs3+@andrew.cmu.edu>
1098        * plugins/gssapi.c (gssapi_server_mech_step): fixed accidental
1099          back link into glue code
1100
1101        * config/kerberos4.m4: Actually link in -lkrb
1102
11032001-08-15  Rob Siemborski <rjs3+@andrew.cmu.edu>
1104        * lib/common.c (_sasl_iptostring): #if 0'd out.
1105
1106        * lib/server.c (sasl_user_exists): only check the verifier we
1107          are using
1108
1109        * config/kerberos_v4.m4 (SASL_DES_CHK): added
1110        * config/kerberos_v4.m4 (SASL_KERBEROS_V4_CHK): included
1111          entire check from configure.in
1112        * configure.in: moved kerberos 4 code completely out.
1113        * saslauthd/acconfig.h (WITH_DES, WITH_SSL_DES): Added
1114          DES-related symbols   
1115
11162001-08-14  Rob Siemborski <rjs3+@andrew.cmu.edu>
1117        * configure.in: Check for sys/uio.h
1118        * saslauthd/configure.in: Check for sys/uio.h
1119        * config.h: Do the Right Thing for struct iovec (and
1120          no longer include sys/uio.h elsewhere)
1121        * saslauthd/config.h: Do the Right Thing for struct iovec (and
1122          no longer include sys/uio.h elsewhere)
1123
11242001-08-13  Rob Siemborski <rjs3+@andrew.cmu.edu>
1125        * plugins/digestmd5.c (init_des, init_3des, enc_des, dec_des,
1126          enc_3des, dec_3des): fixed interoperability problems,
1127          3des was not decrypting with correct key and des was not
1128          setting up the initial vector.
1129
1130        * lib/checkpw.c (always_true): log users who log in via this verifier
1131
11322001-08-13  Rob Siemborski <rjs3+@andrew.cmu.edu>
1133        * utils/testsuite.c (giveokpath): fix memory leak
1134
1135        * lib/common.c (sasl_ipfromstring): add call to freeaddrinfo()
1136        * plugins/plugin_common.c (_plug_ipfromstring): add call to
1137          freeaddrinfo()
1138
1139        * lib/saslutil.c (sasl_randseed): actually initilize the randpool
1140
1141        * saslauthd/auth_getpwent.c (auth_getpwent): clear a warning
1142        * saslauthd/auth_shadow.c (auth_shadow): clear a similar warning
1143
1144        * utils/Makefile.am (EXTRA_DIST): Actually include the needed files
1145
1146        * saslauthd/configure.in: Handle shadow passwords correctly
1147        * saslauthd/acconfig.h: Handle shadow passwords correctly
1148
1149        * lib/checkpw.c (always_true): added
1150        * configure.in: added check for alwaystrue verifier
1151        * acconfig.h: added HAVE_ALWAYSTRUE
1152        * doc/options.html: alwaystrue verifier documented
1153
11542001-08-11  Rob Siemborski <rjs3+@andrew.cmu.edu>
1155        * saslauthd/: Now configures separately from SASL, so as
1156          to localize tests for that package within that package
1157
1158        * utils/dbconverter-2.c (listusers_cb): fix handling of APOP
1159
11602001-08-10  Rob Siemborski <rjs3+@andrew.cmu.edu>
1161        * saslauthd/Makefile.am (install-data-local):
1162          correct handling of $(DESTDIR) (and create the directory if it
1163          isn't there) [Amos Gouaux <amos@utdallas.edu>]
1164
1165        * lib/server.c (sasl_server_init): Added plugname to add_plugin
1166          call for EXTERNAL
1167
1168        * doc/index.html: updated
1169        * doc/appconvert.html: cleaned up
1170
11712001-08-09  Rob Siemborski <rjs3+@andrew.cmu.edu>
1172        * plugins/digestmd5.c (digestmd5_client_mech_step): handle
1173          missing authorization name
1174        * plugins/plain.c (plain_client_mech_step): handle
1175          missing authorization name
1176
1177        * include/sasl.h: better documentation of SASL_CB_CANON_USER
1178
11792001-08-08  Rob Siemborski <rjs3+@andrew.cmu.edu>
1180        * saslauthd/saslauthd.mdoc: updated re: pam
1181        * saslauthd/saslauthd.8: regenerated
1182        * saslauthd/Makefile.am: Link against PLAIN_LIBS also
1183          (from Ken Murchison <ken@oceana.com>)
1184
11852001-08-07  Rob Siemborski <rjs3+@andrew.cmu.edu>
1186        * lib/client.c (sasl_server_step): corrected maxoutbuf handleing
1187        * lib/server.c (sasl_server_step): corrected maxoutbuf handleing
1188        * lib/saslint.h (DEFAULT_MAXOUTBUF): removed
1189
1190        * lib/common.c (sasl_encodev, sasl_decode): maxbufsize checking
1191
1192        * utils/testsuite.c (testseclayer,doauth): more security layer
1193          checking.  Added parameter to doauth to disable fatal() calls,
1194          updated all callers.
1195
1196        * utils/smtptest.c (main): added ability to support LMTP
1197
1198        * plugins/gssapi.c: conform with draft-ietf-cat-sasl-gssapi-05.txt
1199
1200        * doc/draft-ietf-cat-sasl-gssapi-05.txt: added
1201        * doc/Makefile.am (EXTRA_DIST): added above to EXTRA_DIST
1202
12032001-08-06  Rob Siemborski <rjs3+@andrew.cmu.edu>
1204        * utils/dbconverter-2.c (listusers_cb): handle PLAIN-APOP
1205
1206        * lib/client.c (sasl_client_add_plugin, client_done):
1207          save plugin name
1208        * lib/server.c (sasl_server_add_plugin, server_done):
1209          save plugin name
1210        * lib/dlopen.c (_sasl_plugin_load): correctly pass pluginname
1211        * lib/common.c (sasl_getprop): implement SASL_AUTHSOURCE properly
1212        * lib/saslint.h (cmechanism_t, mechanism_t): added plugname field
1213        * lib/canonusr.c (internal_canonuser_init): no longer limit
1214          based on plugname
1215        * plugins/sasldb.c (sasldb_auxprop_plug_init): no longer limit
1216          based on plugname
1217
12182001-08-01  Rob Siemborski <rjs3+@andrew.cmu.edu>
1219        * utils/smtptest.c (iptostring): better behaved w.r.t endianness
1220
1221        * plugins/cram.c (crammd5_server_mech_step): support for old-style
1222          secrets
1223        * plugins/digestmd5.c (digestmd5_server_mech_step): support for
1224          old-style secrets
1225        * lib/checkpw.c (auxprop_verify_password,_sasl_make_plain_secret):
1226          support for old-style secrets
1227        * utils/dbconverter-2.c: added
1228        * utils/sasldblistusers.c (listusers): Print out property names
1229          as well as username@realm format.
1230        * utils/saslpasswd.c (_sasl_sasldb_set_pass): Correctly handle updates
1231          that concern old-style secrets
1232
1233        * sasldb/allockey.c: Added a missing null to propName in key parser
1234       
12352001-07-31  Rob Siemborski <rjs3+@andrew.cmu.edu>
1236        * plugins/kerberos4.c (mech_avail): made static
1237
1238        * plugins/kerberos4.c (mech_avail): fixed ipv4 check
1239          (patch from Hajimu UMEMOTO <ume@mahoroba.org>)
1240
1241        * doc/appconvert.html: vague guide documenting our experience
1242          porting Cyrus IMAPd to use SASLv2
1243        * doc/Makefile.am: added appconvert.html
1244
1245        * lib/client.c (sasl_client_new): fixed ip address setting to hit
1246                relevant params structures as well
1247        * lib/server.c (sasl_server_new): fixed ip address setting to hit
1248                relevant params structures as well
1249        * lib/common.c (sasl_setprop): fixed ip address setting to hit
1250                relevant params structures as well
1251
1252        * lib/common.c (sasl_seterror): fixed spelling error
1253
12542001-07-30  Rob Siemborski <rjs3+@andrew.cmu.edu>
1255        * sasldb/db_berkeley.c: utils->seterror() calls
1256        * sasldb/db_gdbm.c: utils->seterror() calls
1257        * sasldb/db_ndbm.c: utils->seterror() calls
1258        * sasldb/allockey.c: utils->seterror() calls
1259
1260        * lib/common.c (sasl_seterror): still call logging callback with a
1261          null sasl_conn_t
1262
1263        * plugins/sasldb.c (sasldb_auxprop_lookup): support for multiple
1264          properties
1265
1266        * plugins/Makefile.am: added -module to LDFLAGS
1267
1268        * config/sasldb.m4: Allow specification of exact berkeley db
1269          lib and include paths
1270        * sasldb/Makefile.am: Add proper include directory
1271
1272        * sasldb/sasldb.m4 (SASL_DB_BACKEND_STATIC): include allockey.o
1273       
1274        * Ready for 2.0.3-BETA 
1275
1276        * plugins/kerberos4.c (kerberos4_server_plug_init): reset
1277          srvtab when we do not load correctly.
1278
1279        * lib/staticopen.c (_sasl_load_plugins): do not fail
1280          if a single plugin load fails
1281
1282        * include/sasl.h (SASL_CLIENT_FALLBACK): removed
1283
12842001-07-27  Rob Siemborski <rjs3+@andrew.cmu.edu>
1285        * configure.in: extracted SASLDB-related checking
1286        * config/sasldb.m4: added
1287
1288        * configure.in: now cache the JNI include directory path
1289
1290        * utils/testsuite.c: switch some sasl_errstrings to sasl_errdetail
1291        * plugins/gssapi.c: Fix error reporting
1292
1293        * plugins/gssapi.c: Required SASL_CB_USER instead of SASL_CB_AUTHNAME
1294
1295        * plugins/anonymous.c: Function name standardization
1296        * plugins/cram.c: Function name standardization
1297        * plugins/digestmd5.c: Function name standardization
1298        * plugins/gssapi.c: Function name standardization
1299        * plugins/kerberos.c: Function name standardization
1300        * plugins/login.c: Function name standardization
1301        * plugins/plain.c: Function name standardization       
1302
1303        * sasldb/allockey.c: Generalized SASLdb API
1304        * sasldb/db_berkeley.c: Generalized SASLdb API
1305        * sasldb/db_gdbm.c: Generalized SASLdb API
1306        * sasldb/db_ndbm.c: Generalized SASLdb API
1307        * sasldb/db_none.c: Generalized SASLdb API
1308        * sasldb/db_testw32.c: Added #error to block compile so the API will
1309                be fixed when we do the Win 32 port
1310        * plugins/sasldb.c: Use new SASLdb API
1311        * utils/saslpasswd.c: Use new SASLdb API
1312       
13132001-07-26  Rob Siemborski <rjs3+@andrew.cmu.edu>
1314        * lib/common.c (_sasl_getcallback): fixed reference to
1315                possibly NULL conn
1316
1317        * configure.in: only build saslpasswd and sasldblistusers
1318                if we have a meaningfull libsasldb (e.g. not db_none),
1319        * utils/Makefile.am: only build saslpasswd and sasldblistusers
1320                if we have a meaningfull libsasldb (e.g. not db_none),
1321
1322        * configure.in: conditionally build smtptest
1323        * utils/Makefile.am: conditionally build smtptest
1324       
1325        * sasldb/allockey.c (_sasldb_parse_key): added
1326
1327        * sasldb/sasldb.h: New key list access API, added  parameter to
1328                sasl_check_db (all callers updated, all callees updated)
1329        * sasldb/db_berkeley.c: Implement key list access API
1330        * sasldb/db_gdbm.c: Implement key list access API
1331        * sasldb/db_ndbm.c: Implement key list access API
1332        * sasldb/db_none.c: Implement key list access API
1333
1334        * utils/sasldblistuser.c: Use libsasldb instead of internal
1335                functions.
1336       
1337        * utils/saslpasswd.c: No longer have separate global_utils,
1338                call sasl_dispose and sasl_done
1339
1340        * acconfig.h: check for inttypes.h
1341        * configure.in: check for inttypes.h
1342        * plugins/plugin_common.c: include, if necessary, inttypes.h,
1343                reference uint32_t instead of u_int32_t
1344
13452001-07-25  Rob Siemborski <rjs3+@andrew.cmu.edu>
1346        * lib/saslint.h: changed "sasldb" verifier to "auxprop"
1347        * lib/server.c: changed "sasldb" verifier to "auxprop"
1348        * lib/checkpw.c: changed "sasldb" verifier to "auxprop"
1349        * utils/testsuite.c: changed "sasldb" verifier to "auxprop"
1350        * doc/options.html: changed "sasldb" verifier to "auxprop"
1351
1352        * README: updated upgrade information
1353
1354        * utils/Makefile.am (CLEANFILES): added
1355
1356        * sasldb/allockey.c (alloc_key): single place for alloc_key()
1357          Removed alloc_key from other source files.
1358        * sasldb/sasldb.h: added declaration of alloc_key()     
1359
1360        * configure.in: added checks for db-3.3 and db3.3
1361
1362        * plugins/digestmd5.c (get_realm): now error on empty user_realm
1363
1364        * plugins/cram.c (client_required_prompts): removed redundant
1365          required_prompts
1366
1367        * plugins/plain.c (client_continue_step): server-send-last error
1368
1369        * utils/testsuite.c (main): detailed client-send-first,
1370                server-send-last checking
1371       
13722001-07-24  Rob Siemborski <rjs3+@andrew.cmu.edu>
1373        * plugins/sasldb.c: Cleaned up calls into the glue code
1374
1375        * java/Test/*: Cleaned up java test utilities
1376       
1377        * configure.in: Minor GSSAPI configure changes
1378
1379        * utils/saslpasswd.c: Clarfied -d option for saslpasswd
1380        * utils/saslpasswd.8: Clarfied -d option for saslpasswd
1381       
1382        * doc/plugprog.html: Added plugin programmer's guide
1383        * doc/index.html: linked to plugin programmer's guide
1384       
1385        * configure.in: corrected configure checking of Berkeley DB
1386          (from Scot W. Hetzel <scot@genroco.com>)
1387
1388        * configure.in: corrected checking for libcom_err
1389          (from Scot W. Hetzel <scot@genroco.com>)
1390
13912001-07-23  Rob Siemborski <rjs3+@andrew.cmu.edu>
1392        * configure.in: Added check for db3/db.h
1393
1394        * plugins/kerberos4.c Added mech_avail (checks for IP info)
1395       
1396        * lib/common.c: Fixed setting of serverFQDN in _sasl_conn_init
1397       
1398        * lib/server.c: Fully Implemented mech_avail calls in glue code
1399       
1400        * lib/server.c: Fixed allocation/destruction of sasl_conn_t's
1401        * lib/client.c: Fixed allocation/destruction of sasl_conn_t's
1402        * lib/common.c: Rely on earlier initialization in server.c and client.c
1403
1404        * doc/options.html: added
1405
1406        * ChangeLog: back to standard format
1407       
14082001-07-20  Rob Siemborski <rjs3+@andrew.cmu.edu>
1409        * Can now deal with variable client-first mechs such as
1410          DIGEST-MD5, though this interface is subject to change
1411        * Modified parseuser to deal better with default realms
1412        * Simplified realm handling in DIGEST-MD5 (getrealm callback
1413          is no longer required).
1414        * Cleaned up some memory management issues in DIGEST-MD5
1415
14162001-07-19  Rob Siemborski <rjs3+@andrew.cmu.edu>
1417        * Fixed prototype of sasl_getpath_t to be in conformance with
1418          memory allocation rules
1419        * Fixed up samples directory
1420        * Try to dlopen using information in .la file if available
1421          (based on patch from
1422           Stoned Elipot <Stoned.Elipot@script.jussieu.fr>)
1423        * Resolution of most of the server-send-first and client-send-last
1424          issues (using mechanism feature flags)
1425
14262001-07-18  Rob Siemborski <rjs3+@andrew.cmu.edu>
1427        * Updated config.guess and config.sub
1428        * Better underscore checking for dlsym
1429        * Resolved possible global_utils namespace collision
1430        * Updated sasldb library to be expandable to multiple properties
1431          if the need arises in the future.
1432        * IPv6 support from Hajimu UMEMOTO <ume@mahoroba.org>
1433
14342001-07-17  Rob Siemborski <rjs3+@andrew.cmu.edu>
1435        * Extricated sasldb support to an auxprop plugin only.
1436          sasldb modifications can now only be done through the saslpasswd
1437          interface.
1438
14392001-07-13  Rob Siemborski <rjs3+@andrew.cmu.edu>
1440        * Fixed buffer overrun problem in sasldb auxprop plugin
1441        * Removed severe memory leak from testsuite
1442        * Version 2.0.2-ALPHA Released
1443
14442001-07-11  Rob Siemborski <rjs3+@andrew.cmu.edu>
1445        * error reporting in KERBEROS_V4 plugin
1446        * vague handling of SASL_AUTHSOURCE for getprop
1447        * random misc error reporting bugs
1448        * basic error messages for GSSAPI plugin
1449
14502001-07-10  Rob Siemborski <rjs3+@andrew.cmu.edu>
1451        * added client-send-first logic in glue code
1452        * removed some client-send-first logic in mechanisms
1453        * removed IPv4 specifics from sasl_conn_t
1454        * Much gluecode error revamping (store the error code
1455          in sasl_conn_t)
1456
14572001-07-09  Rob Siemborski <rjs3+@andrew.cmu.edu>
1458        * Removed dependency on "name" in canonuser plugin structure
1459        * Update configure.in from a new configure.scan
1460        * Update copyright info in man pages, finished all API man pages
1461        * Added auxprop tests to testsuite
1462        * Added userdb callback support
1463
14642001-07-09  Rob Siemborski <rjs3+@andrew.cmu.edu>
1465        * First attempt at making the java code work again
1466        * Minor memory and byte order bugfixes
1467        * Added testing support for dmalloc (--with-dmalloc)
1468
14692001-07-06  Rob Siemborski <rjs3+@andrew.cmu.edu>
1470        * Loading of auxprop and canonuser plugins from DSOs
1471          (This still sucks performance wise, and will be fixed soon)
1472        * Fixed some lack of indirection in the plugins
1473        * Reverted to the v1 entry points for the plugins
1474        * Cleaned up a good deal of the library loading code so it
1475          now only gets called from the sasl_*_init functions, and
1476          all the cleanup happens in the common sasl_done function
1477        * Added SASL_IPREMOTEPORT and SASL_IPLOCALPORT to setprop,
1478          and now _sasl_conn_init calls it to do the same work.
1479
14802001-07-05  Rob Siemborski <rjs3+@andrew.cmu.edu>
1481        * Working libsfsasl and smtptest program (--with-sfio)
1482        * Fixed sasldblistusers (atleast for Berkeley DB)
1483        * seterror() calls in ANONYMOUS, CRAM, PLAIN and LOGIN
1484        * Some new manpages
1485
14862001-07-03  Rob Siemborski <rjs3+@andrew.cmu.edu>
1487        * Static library compilation now optional (--with-staticsasl)
1488          Note that this is different from --enable-static, which causes
1489          libtool to build static versions of everything is is almost
1490          certainly NOT what you want.
1491        * Removed all references to the ancient NANA code.
1492        * Updated some documentation.
1493
14942001-07-02  Rob Siemborski <rjs3+@andrew.cmu.edu>
1495        * Improved allocation efficiency of KERBEROS_V4, DIGEST-MD5,
1496          and GSSAPI security layers.
1497        * Fixed a decode bug in DIGEST-MD5 (and testsuite improvements to
1498          help find similar ones)
1499        * Fixed a number of solaris compiler warnings
1500        * Static Library Build Support
1501
15022001-06-30  Rob Siemborski <rjs3+@andrew.cmu.edu>
1503        * Cleanup of some man pages (added sasl_errors.3)
1504
15052001-06-29  Rob Siemborski <rjs3+@andrew.cmu.edu>
1506        * Cleanup of APOP Code + new man page (Ken Murchison <ken@oceana.com>)
1507        * Cleanup of comments in some files (Ken Murchison <ken@oceana.com>)
1508        * Fixed some compiler errors on Solaris using /opt/SUNWspro/bin/cc
1509          (Reported by Mei-Hui Su <mei@ISI.EDU>
1510
15112001-06-28  Rob Siemborski <rjs3+@andrew.cmu.edu>
1512        * Improved memory allocation in default sasl_decode handler
1513        * Added ability to disable sasl_checkapop (--disable-checkapop)
1514        * Re-initialized kerberos mutex to NULL after it was freed
1515
15162001-06-28  Rob Siemborski <rjs3+@andrew.cmu.edu>
1517        * Fixed a severe bug in DIGEST-MD5 Plugin
1518        * KERBEROS_V4 plugin now thread safe
1519        * Version 2.0.1-ALPHA Released (due to DIGEST-MD5 problem)
1520
15212001-06-27  Rob Siemborski <rjs3+@andrew.cmu.edu>
1522        * Version 2.0.0-ALPHA Released
Note: See TracBrowser for help on using the repository browser.