| Id | Subject
|
| 90 |
default_principal_flags: how to use - Krb5 beta6
|
| 175 |
docs refer to inappropriate domains and IPs for examples
|
| 299 |
kadmin complains about kdc.conf error when really krb5.conf |
| 318 |
run-time load path not defined for libtcl7.5.so |
| 443 |
--includedir listed in --help output but ignored |
| 479 |
unused argument in try_krb4()
|
| 492 |
The DES library still makes a 32-bit integer assumption |
| 523 |
NT 5.0 compat wrt. enctypes?
|
| 590 |
des_read_pw_string() is not backward-compatible |
| 608 |
login parent process should ignore SIGHUP
|
| 620 |
rcp outgoing encryted krb4 data is broken |
| 647 |
libtelnet/kerberos5.c uses internal includes |
| 673 |
kadmin shows password when it shouldn't |
| 677 |
Build system problems |
| 680 |
krb5_prompter_posix does not restore terms setting on interrupt
|
| 697 |
login.krb5 willfully eits tty window size
|
| 709 |
krb4 lifetime |
| 710 |
Multi-realm bug in lib/krb4/decomp_tkt.c
|
| 771 |
krb5 ships with .rconf files.
|
| 772 |
LOG_AUTHPRIV should be supported |
| 844 |
incorrect syslog facility in krshd
|
| 850 |
Berkeley DB integration problems |
| 854 |
profile_init() fails on EPERM[sic] |
| 866 |
kdc/network.c not up to date with lib/krb5/os/localaddr.c |
| 880 |
gsskrb5_register_acceptor_identity
|
| 881 |
gss-client on 1.1 doesn't talk to gss-server on 1.2.1 |
| 882 |
gss-client sloppy re ctx cleanup? |
| 919 |
KDC fails to initialize
|
| 922 |
Overflow in time conversion routines |
| 933 |
krb524 only handles des-cbc-crc tickets |
| 935 |
libkrb5 does not support des-cbc-md4 per default |
| 939 |
better grammar in telnet error message |
| 953 |
triple-DES problem on Windows
|
| 964 |
kdb_init_hist() fails if master_key_enctype is not in supported_enctypes |
| 970 |
PATCH doc/api/ccache.tex
|
| 971 |
src/lib/gssapi/krb5/util_ctxsetup.c |
| 973 |
libgssapi_krb5 defines unused g_strdup, conflicts with |
| 976 |
documentation doesn't actually mention "make install" |
| 986 |
config script references LDFLAGS before init? |
| 992 |
processing of --with-cc defaults to cc not gcc first |
| 999 |
default value thrown away in init_ctx |
| 1006 |
MIT krb5 clients (all versions) don't check ALL ETYPE-INFO entries, only the first one
|
| 1054 |
GSSAPI should encrypt krb_cred for rc4 |
| 1055 |
bad null string handling in gic_pwd and other places -> segfaults |
| 1063 |
invalid argument while getting initial credentials
|
| 1064 |
incorrect option processing in kg2_parse_token |
| 1065 |
gic_pwd does not warn about password expiration
|
| 1066 |
printf argument mismatches in rpc unit tests
|
| 1085 |
krb5.conf man page does not document 'noaddresses' |
| 1087 |
ftp clients can't connect to ftpd over a NAT
|
| 1102 |
gssapi_generic.h does not contain extern "C" ...
|
| 1108 |
Undefined symbol kdb2_dbopen |
| 1135 |
kdc acl documentation sucks
|
| 1136 |
no shared key documentation |
| 1156 |
krb5 should be able to use a separate com_err |
| 1164 |
bogus return value from krb5_auth_con_genaddrs() |
| 1173 |
patch: Don't include addresses in forwarded addressless tickets |
| 1174 |
TCP support needed in client library |
| 1175 |
TCP support needed in the KDC |
| 1176 |
upgrade to autoconf 2.53 |
| 1177 |
Need to synchronize trunk with 1.2.2 branch |
| 1178 |
Test suite needs to be stabilzied for 1.3 |
| 1184 |
allow use of system db library |
| 1188 |
aclocal.m4 should use AC_CONFIG_FILES |
| 1189 |
merge KfM v4 |
| 1190 |
Sane defaults for configuration files |
| 1191 |
Add k5srvutil |
| 1192 |
Document krb524d afs_krb5 |
| 1193 |
Implement new key storage architecture |
| 1194 |
configure fails (autoconf 2.52) if aclocal.m4 located in directory above source tree |
| 1195 |
Update enctypes in krb5.conf |
| 1202 |
KDC rejects unknown flags |
| 1203 |
gic_keytab double frees |
| 1208 |
Provide install-headers target |
| 1209 |
include/KerberosIV/Makefile.in calls awk for com_err generation |
| 1211 |
ASN.1 code passes uninitialized values around |
| 1212 |
libkadm5 should allow persistent locks |
| 1217 |
implement krb5_read_password, des_read_password via krb5_prompter_posix |
| 1223 |
request asn1_decode_oid and asn1_encode_oid |
| 1224 |
asn1_k_encode.c: add_optstring always adds |
| 1225 |
No support for negative password expiration last-req hint |
| 1226 |
Client code lacks support for draft-ietf-krb-wg-kerberos-sam-01.txt |
| 1228 |
two bugs in tcl-based tests |
| 1229 |
[Wyllys Ingersoll <wyllys.ingersoll@sun.com>] keytab file entry comparison problem |
| 1232 |
gic_keytab.c |
| 1234 |
Wrong ASN.1 definition and padata type for new hardware preauth |
| 1237 |
Merge the profile library with meeroh optimizations |
| 1240 |
Calling convention for krb5int_c_combine_keys does not match prototype |
| 1242 |
mainline util/reconf does not work on debian |
| 1244 |
new nightly test failure: Linux: rpc |
| 1248 |
SAM uses RC4 insecurely |
| 1251 |
krb_save_credentials incorrectly stores interealm tix w/CCAPI |
| 1256 |
Wrong size for memset()s in combine_keys(). |
| 1260 |
Re: Ticket lifetimes > 10 hrs? |
| 1262 |
asn1 decoding of unsigned integers will eventually cause interoperability problems |
| 1263 |
Interoperability compatibility between Heimdal and MIT krb5 |
| 1276 |
Compiling --without-krb4 fails due to dependencies in Makefile.in |
| 1281 |
fakeka needs to be integrated into the distribution tree. |
| 1284 |
rcp tests and ipv6 |
| 1292 |
kvno man page error
|
| 1293 |
Only system headers should declare errno |
| 1304 |
kadmind4
|
| 1305 |
Expired tickets don't pop dialog with Mac Eudora GSS |
| 1309 |
Memory leak in krb5_send_tgs() |
| 1310 |
kadm5_get_either leaks memory |
| 1311 |
$(PURE) in krb5-config output |
| 1324 |
kdc logs bogus error for enc timestamp wrong passwd |
| 1334 |
Timestamp preauth should return clock skew errors |
| 1339 |
krb4 library breaks old krb_get_admhst API |
| 1342 |
fix for requiring gawk |
| 1343 |
disable krb4 by default |
| 1344 |
Get addressless tickets by default |
| 1346 |
Bug in gss_krb5_ccache_name |
| 1351 |
ftp mget vulnerability |
| 1352 |
Do not claim GSS_C_PROT_READY_FLAG since we don't support it |
| 1356 |
Bug in accept_sec_context.c ? |
| 1357 |
krb__get_srvtab_name leaks memory |
| 1362 |
-a user flag still doesn't work on telnetd
|
| 1363 |
ksu logs to stderr on Red Hat Linux |
| 1370 |
GSS_C_NO_CREDENTIAL should accept any principal |
| 1372 |
use kdb keytab for kadmind |
| 1373 |
pointer target incompatibility with krb5_c_encrypt_length |
| 1377 |
We should integrate set change password changes |
| 1384 |
case with no branches breaks configure scripts
|
| 1385 |
VU#623217 VU#442569: krb4 insecure |
| 1387 |
need support for bind versions > 8 (BIND_8_COMPAT) |
| 1388 |
DNS support is off in KfM |
| 1391 |
fix kadmind startup failure with krb4 vuln patch |
| 1392 |
getaddrinfo wrapper not good enough on AIX |
| 1393 |
MITKRB5-SA-2003-003: xdrmem int overflows |
| 1395 |
fix test suite to reflect loss of des3-krb4 |
| 1397 |
MITKRB5-SA-2003-005: buffer bounds problems |
| 1400 |
Disabling replay cache for krb5_rd_req |
| 1406 |
don't install in-tree libdb |
| 1409 |
get_ad_tkt doesn't prompt when built with USE_LOGIN_LIBRARY |
| 1410 |
document krb4 cross-realm patch |
| 1412 |
etype info handling infinite loop |
| 1413 |
back out requirement of autoconf-2.53 |
| 1414 |
build libtelnet with library build framework |
| 1415 |
subkeys fubar |
| 1417 |
memory leak in krb5_read_password |
| 1418 |
finish AES implementation for 1.3 |
| 1419 |
Obscure memory leak in asn1_decode_kdc_req_body |
| 1429 |
AES/GSS combination broken |
| 1435 |
cygwin does not have inet_ntop when compiling kdc
|
| 1439 |
krb5_free_pwd_sequences only frees first element |
| 1440 |
errno should never be explicitly declared |
| 1441 |
kadmind fails to return wrong version errors for change password |
| 1442 |
krb5_setpw_result_string should be internal |
| 1443 |
set-change password breaks kpasswd |
| 1446 |
AES code shouldn't define uint32_t etc if the system provides them |
| 1447 |
krb4's vts_long() and vts_short() corrupt memory |
| 1454 |
Need support for etype_info2 |
| 1459 |
Need support for blocking profile homedir access for KLL on OS X |
| 1462 |
KfM should export krb5_set_password* |
| 1463 |
Reorganize kdc_preauth enctype handling |
| 1470 |
preauth2.c leaks memory, double frees memory and uses freed data |
| 1473 |
ticket forwarding broken when TGS and app service have different enctypes |
| 1474 |
Cleanup memory in asn.1 testsuite to allow for leak checking |
| 1476 |
Docs should reflect default krb4 mode |
| 1477 |
Don't #include compile_et .c files |
| 1480 |
Support enctype_info2 for krb5_get_in_tkt |
| 1482 |
gssapi_krb5.h should define the RFC 1964 OIDs |
| 1483 |
KRB5_DEPRECATED should be undef by default for 1.3 |
| 1484 |
reduce AES string-to-key iteration count to 4096 |
| 1486 |
AES shouldn't be in KDC default enctype list |
| 1487 |
provide shorthand aliases for AES enctypes |
| 1488 |
Incorrect password error for principal with preauth is confusing |
| 1491 |
We do not provide krb524 interface |
| 1492 |
Release tar file includes autom4te.cache directories |
| 1495 |
KfM should export krb5_c_string_to_key_with_params |
| 1501 |
Register writable keytabs by default |
| 1512 |
afs_string_to_key fails to work with etype_info2 |
| 1514 |
krb5int_populate_gic_opt should return void |
| 1515 |
Cross realm checks can check beyond end of buffer |
| 1517 |
Memory leak in kdc etype_info2 preauth |
| 1518 |
use kdc_default_options |
| 1519 |
kadmind chpw should log |
| 1520 |
update descriptions of OS-specific configure options |
| 1521 |
afs3 salt on aes enctypes causes segfault |
| 1522 |
Populate etype_info_entry.s2kparams.data |
| 1525 |
API (inadvertant?) change in krb5_get_in_tkt_with_password leads to memory leaks |
| 1528 |
-DKRB5_DEPRECATE=1 must be added to src\config\win-pre.in |
| 1533 |
krb524d.h contains invalid Mac pragmas |
| 1535 |
Document AES interop issues |
| 1536 |
[epeisach@MIT.EDU] Missing prototype for krb5_db_iterate_ext |
| 1537 |
update path for kdc.conf in man page |
| 1540 |
verify_as_reply on client incorrectly checks KDC_OPT_RENEWABLE_OK |
| 1546 |
krb_mk_req_creds probably ought not to zero the session key |
| 1547 |
krb5 1.3beta testsuite failure in gssftp under redhat 9.... |
| 1549 |
negative SRV records |
| 1550 |
add kerberos-iv SRV support |
| 1551 |
drop kerberos.realmname default |
| 1553 |
drop kdc_supported_enctypes |
| 1554 |
krb4 string-to-key steps on itself |
| 1557 |
Need prototype for __KLAllowHomeDirectoryAccess |
| 1558 |
KfM does not export new krb524 interface |
| 1560 |
Yet more double colon password prompts |
| 1563 |
tests fail on alpha/tru64 |
| 1568 |
new krb524.dll stub library for Windows |
| 1569 |
remove debugging printf accidentally left in krb524init |
| 1571 |
be more flexible in handling failures getting root access in test suite |
| 1572 |
Static function krb5_generate_authenticator should take unsigned sequence number argument |
| 1573 |
--localstatedir=/var/db for KfM builds |
| 1576 |
Renewable liftetimes wrong on tickets requesting lifetime greater than KDC max |
| 1587 |
On Solaris 8 configure script can't find gcc |
| 1592 |
Document possible file rename lossage when building against system db |
| 1593 |
Don't escape rcache filename characters with backslash |
| 1594 |
Darwin libkrb4/err_txt.o needs dependency on krb_err.c |
| 1596 |
Corrections to krb524 support |
| 1598 |
Remove Mac OS 9 support from com_err |
| 1600 |
Comments on README |
| 1602 |
make_ap_req_v1 leaks memory |
| 1604 |
libgss leaks, UMRs |
| 1605 |
krb5_rd_rep leaks subkeys |
| 1607 |
1.3 docs need to talk about kerberos-iv srv records |
| 1610 |
krb5_fwd_tgt_creds uses application supplied ktypes list |
| 1618 |
src/windows/ms2mit inserts local addresses into MS Tickets during conversion |
| 1619 |
Must ignore trailing fields in etype_info |
| 1621 |
aes mandatory cksumtype not implemented |
| 1630 |
get_in_tkt_with_keytab passes wrong pointer to get_init_creds |
| 1642 |
KfM should pass CFLAGS and LDFLAGS to krb5 build from PB |
| 1643 |
kdc.conf.M still has some @LOCALSTATEDIR stuff |
| 1648 |
Remove leading spaces in #define and #include in public headers |
