-
Notifications
You must be signed in to change notification settings - Fork 0
/
RELEASE-1.0.0RC3
15 lines (15 loc) · 1.75 KB
/
RELEASE-1.0.0RC3
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
- [BUG] Fixed usage of kadm functions when bulding against officialy exported (post 1.7) MIT kadm libraries
- [BUG] Bug fixes by Marc Seecof
* Fixed a possible use-before-set problem in php_krb5_ticket_object_new()
* Fixed a potential memory leak in KRB5CCache::getEntries()
* Fixed a typo HAVE_KRB5_CC_NEW_UNQIUE for ...UNIQUE in config.m4
* Changed some malloc()/free() uses to emalloc()/efree()
* Corrected vim fold marker placement
- [FEATURE] Enhancements by Marc Seecof
* Methods which used to return void now return bool, with TRUE indicating success and FALSE failure.
* An options array given initKeytab() or initPassword() (named "flags" in the PDF doc) may now contain a key 'canonicalize' with bool value to set the corresponding flag, which is most useful with initPassword() (however, it only works if compiled with recent Kerberos libs). A key 'service_name' with a string value naming a service principal indicates that a ticket is wanted for that principal rather than the default "krbtgt/xxx". Last, a key 'verify_keytab' with a string value naming a keytab requests that the initial ticket obtained be verified by checking that it can be used to obtain a ticket for the keytab's principal.
* A new method KRB5CCache::getPrincipal() returns the name of the (client) principal associated with the cache.
* A new method KRB5CCache::getRealm() returns the name of the realm of the principal associated with the cache.
* The KRB5CCache::isValid() method now tests only the primary TGT in the cache.
* A new method KRB5CCache::getLifetime() returns an array containing values of 'endtime' and 'renew_until' for the primary TGT in the cache.
* A new method KRB5CCache::renew() renews the primary TGT in the cache (if possible), then discards all other cached tickets.