Changelog for krb5 |
Release |
What has changed? |
1.2.2 |
- [FEATURE] Implement channel bindings support
- [API] Allow passing null channel binding in NegotiateAuth (1.2.1)
- [PACKAGING] Fix PECL packaging (missing channel.c) and raise minimum version (1.2.2) |
1.2.1 |
- [FEATURE] Implement channel bindings support
- [API] Allow passing null channel binding in NegotiateAuth |
1.2.0 |
- [FEATURE] Implement channel bindings support |
1.1.5 |
- [BUG] Fix reference handling of KRB5NegotiateAuth constructor spn parameter |
1.1.4 |
- [FEATURE] PHP 8 compatability (thanks to Remi Collet)
- [BUG] Properly install header files (thanks to Remi Collet)
- [BUG] Fix behavior when NegotiateAuth is passed null as SPN |
1.1.3 |
- [BUG] Keep proper minor status for error reporting in initSecContex
- [BUG] remove some overlooked debugging output
- [BUG] fix PECL package license metadata
- [FEATURE] Add API for password expiration information (MIT >=1.9 only)
- [FEATURE] Allow leaving the NegotiateAuth SPN unspecified (allow all from keytab)
- [FEATURE] Add support for gss_acquire_cred_from() instead of setting the per process keytab (in NegotiateAuth,
GSSAPI to follow).
- [FEATURE] Allow overriding SPN for NegotiateAuth. |
1.1.2 |
- [BUG] Add missing function entry termination for TLData
- [CLEANUP] Don't return garbage on hard class initialization errors, don't throw from create_object handlers |
1.1.1 |
- [FEATURE] Add KRB5CCache::changePassword kpasswd method
- [FEATURE] Add KADM5 API version 3 support (password failure policy)
- [BUG] properly mark shared globals external (fixes LLVM build)
- [BUG] Fix unterminated string copy memory corruption in negotiate_auth
- [BUG] properly free credentails in negotiate_auth (fixes rcache leaks)
- [BUG] fix _add_assoc_string string length (fixes extra null bytes in some arrays)
- [BUG] fix PHP7 crash due to wrong addrlist zval declaration |
1.1.0 |
- [FEATURE] PHP7 compatibility
- [FEATURE] Support getting/setting TL_DATA in KADM
- [BUG] Fix GSSAPI->acquireCredentials behaviour,
now defaults to GSS_C_INITIATE if only a ccache is available
eagerly initialize credentials when no principal is specified (use ccache default principal)
- [BUG] Fix a couple of memory leaks, add a few more sanity checks |
1.0.0 |
- [CLEANUP] Remove bundled kadmin headers, drop support for mit-krb5 <1.8
- [FEATURE] Support use of the krb5-config tool to determine library paths
- [CLEANUP] Remove KRB5CCache->setConfig method as this is no longer supported by libraries
- [BUG] Fix null-deref in isValid for uninitialized KRB5CCache |