1999-03-30  Rob Earhart  <rob+@andrew.cmu.edu>

	* Version 1.4.1 released

	* configure.in: added digest des check, rc4 check

	* plugins/digestmd5.c: diked out rc4 code

	* configure.in: turned off use of nana by default

	* plugins/cram.c: fixed endian bug

1999-03-29  Rob Earhart  <rob+@andrew.cmu.edu>

	* config/{libtool things}: updated to libtool-1.2f

	* plugins/digestmd5.c: removed tmp ptrs; des routines are
	returning voids

	* README: updated

	* plugins/cram.c (setpass): aligned buffer

	* plugins/digestmd5.c: no longer requiring errstr to be passed in
	cleaned up memory leaks in setpass
	aligned buf in setpass

	* plugins/plain.c: cleaned up some code

	* lib/common.c (_sasl_getcallback): no longer returns SASL_INTERACT 
	when it can't find a callback; uses SASL_OK instead.

	* plugins/kerberos4.c (client_continue_step): diked out all the
	authid code.  Why was this in Kerberos, anyway?  Also added
	required prompts for kerberos (i.e. none, instead of the default
	SASL_CB_AUTHNAME and SASL_CB_PASS).
	
	* lib/common.c (_sasl_getcallback): eliminated builtin SASL_CB_USER

	* plugins/cram.c (c_continue_step): don't send a zero-length
	initial response...

	* sample/sample-client.c (main): free data properly when
	initial response is possible

	* plugins/cram.c: set client-side user+authid oparams, tweaked a
 	couple allocation constants to make purify happy.  CRAM-MD5 now
 	passes purify, both client and server, success and fail cases,
 	returning all data correctly to both sides.

	* sample/sample-client.c (main): added property retrieval tests to 
	sample-client.c (so the client can discover whom it has
	authenticated as).

	* lib/md5.c (hmac_md5_import): fixed count update bug

1999-03-28  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/saslutil.c (sasl_mkchal): always generate positive nonces

	* plugins/cram.c (server_continue_step): lots of little changes;
	no longer tickles purify
	(c_continue_step): some more little changes

	* config/sasl.spec: Added the extra RFCs

	* doc/Makefile.am (EXTRA_DIST): Added a few more RFCs

1999-03-26  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/cram.c (find_prompt): Fixed
	(c_continue_step): Fixed call to free_prompts

	* lib/server.c (sasl_server_step): removed strange setprop

	* lib/common.c: Setting security flags
	(sasl_errstring): changed badparam message to something a little
	less confusing

	* config/{config.guess,config.sub,ltconfig,ltmain.sh}: reverted to 
	old hacked versions

	* SMakefile: removed libtoolize

	* plugins/digestmd5.c: changed various instances of user_domain to 
	local_domain

	* lib/server.c (_sasl_transition): changed to call setpass directly
	(sasl_setpass): added logging

	* sample/sample-server.c (main): cleaned up data handling, base64
	generation

	* lib/server.c (sasl_listmech): better final len calculation

1999-03-25  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/digestmd5.c: made a lot of things const; this makes the
	code happier.

	* plugins/cram.c (c_start): fixed text init bug

	* lib/server.c (sasl_server_new): moved local_domain code to common,
	removed local_domain from sasl_server_conn, no longer disposing
	local_domain in server on cleanup

	* lib/common.c: (_sasl_conn_init): took local_domain code from server
	(_sasl_conn_dispose) added code to free local_domain

	* lib/saslint.h: added local_domain to sasl_conn_t and _sasl_conn_init

	* lib/client.c (sasl_client_new): calling _sasl_conn_init with
 	NULL local domain

	* lib/saslutil.c: wrote sasl_mkchal

	* plugins/cram.c (server_continue_step): Fixed nonce generation

	* lib/common.c (_sasl_alloc_utils): added hmac routines, mutex
	routines, rand stuff...

	* lib/md5.c: Wrote hmac routines

	* plugins/cram.c (setpass): Massive surgery to clean this up
	removed required prompts -- they're the default prompts

	* testing.txt: updated testing documentation

	* plugins/plain.c (verify_password): added shadow password file support
	(server_continue_step): fixed mech_ssf and authorization buglet
	(server_continue_step): setting realm to local domain name
	(sasl_client_plug_init): tweaked logging

1999-03-25  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* lib/server.c (setpass): sends sparams correctly now

1999-03-24  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/digestmd5.c (setpass): merged in rob's changes
	fixed realm mistake
	merged in alexey's changes for 8859 etc

1999-03-24  Rob Earhart  <rob+@andrew.cmu.edu>

	* configure.in: added checks for crypt.h, shadow.h, getspnam.

	* plugins/plain.c (server_continue_step): replaced weird error
	codes with actual symbolic constants

	* lib/server.c (sasl_server_start): check error code from
	mech_new, eliminated antiquated call to sasl_setprop().

	* sample/sample-server.c (main): made mandatory mech check
 	case-insensitive

	* lib/common.c (_sasl_getsimple): don't require len param

	* lib/client.c (have_prompts): made this static

	* sample/sample-client.c (main): dynamic callback list generation, 
	eliminated most globals

	* plugins/plain.c (get_authid): dup authid
	(get_userid): dup userid

	* sample/sample-client.c (getsecret): fixed broken password
 	reading code

	* lib/server.c: added credential callback pointers to EXTERNAL

	* plugins/plain.c (client_continue_step): fixed

	* lib/server.c (server_dispose): braces to make the compiler happy

	* include/Makefile.am: removed winconfig.h dependancy

1999-03-23  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/plain.c (client_plugins): deleted required prompts;
	plain only *needs* the default (SASL_CB_AUTHNAME and SASL_CB_PASS).

	* configure.in: switched java to default to no

	* utils/saslpasswd.c (main): documented flags
	(main): added user realm

	* plugins/digestmd5.c (get_realm): flipped this to user_domain
	(setpass): massive surgery to make this sort of work
	fixed free_prompts call

	* plugins/plain.c (find_prompt): minor surgery to make this work
	fixed free_prompts call

	* config/sasl.spec: massive update to build normal lib,
	development package, and packages for each plugin

	* doc/Makefile.am (EXTRA_DIST): updated digest-sasl doc

1999-03-22  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/kerberos4.c (server_continue_step): fixed security layer 
	negotiation code, used symbolic constants, eliminated context ssf

1999-03-19  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/cram.c: Doesn't store passwords in /etc/sasldb in clear. tested
	
1999-03-18  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/server.c (server_dispose): fixed up credential disposal

	* Moved winconfig.h to win32/include/config.h to remove a bunch of
 	ifdefs; windows project header paths will need to be adjusted.

	* man/Makefile.am: created
	
1999-03-15  Rob Earhart  <rob+@andrew.cmu.edu>

	* sample/sample-server.c: seperated saslfail/sasldebug, made
	failure to obtain info at the end not cause fail

	* testing.txt: rewrote

	* config/cyrus-sasl.spec: Added sample code to docs

	* configure.in: added optional compilation for sample code

	* Makefile.am: split sample out to make it optionally compile

1999-03-14  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/plain.c (free_string): removed warning, simplified
	(client_continue_step): Fixed some printfs

	* sasl/Makefile.am (javasasl_JAVA): Added new java classes

	* plugins/cram.c (setpass): return something on function exit
	(free_string): simplified, removing compiler warning

	* plugins/Makefile.am: Updated plugin versions

	* lib/Makefile.am (sasl_version): Updated revision

1999-03-11  Rob Earhart  <rob+@andrew.cmu.edu>

	* configure.in: Added kaffeh support

>>>>>>> 1.38
1999-03-08  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/plain.c: No sensetive information leaked

	* plugins/cram.c: No sensetive information leaked

1999-03-07  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/digestmd5.c: client and server can't send challenges >2048 bytes now

1999-03-05  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/plain.c: uses callbacks and interactions now (tested)

	* plugins/cram.c: uses callbacks and interactions now (tested)

	* plugins/anonymous.c (c_continue_step): fencepost error corrected

1999-03-04  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/kerberos4.c (client_continue_step): changed ssf
	printf()s to unsigned

	* sample/sample-client.c (main): fixed max ssf

	* sample/sample-server.c (main): fixed max ssf

	* plugins/kerberos4.c (client_continue_step): fixed to deal nicely 
	with NULL userid and authid

1999-03-01  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/kerberos4.c: interaction and callback fixes.  This'll
	probably break stuff -- but only stuff that shouldn't have been
	written in the first place...

	* lib/common.c: axed the user/realm stuff from sasl_conn_t,
	rewrote common to use copies from oparams

1999-02-25  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/anonymous.c (c_continue_step): added case for NULL user
	(c_continue_step): fixed anon id creation

	* lib/client.c: fixed various prompt_need assumptions

	* lib/server.c (sasl_listmech): gracefully deal with NULL prefix,
	sep, and suffix

	* lib/client.c (sasl_client_new): SASL_FAIL => SASL_BADPARAM for
	bad parameters

	* lib/dlopen.c (_sasl_get_mech_list): added path defaulting

1999-02-22  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/anonymous.c (continue_step): changes %*s to %s (len
	doesn't work in log function), and NULL-terminated the client's
	str.

	* lib/common.c (add_string): cleaned up a bit

	* doc: wrote Makefile.am, added relevant drafts and RFCs

	* Makefile.am: added doc dir

	* plugins/digestmd5.c: cleaned up some warnings

	* plugins/kerberos4.c: cleaned up some warnings

	* configure.in: removed -pedantic -ansi -fbuiltin; glibc-2.1 is
 	just too broken for this to work without lots of useless whining

1999-02-21  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* all: eliminated some warnings

	* plugins/digestmd5: added integrity protection

	* plugins/digestmd5: replaced all DEBUG prints with VL's

1999-02-17  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/all: added VL's for error conditions

	* all: eliminated some warnings

	* plugins/kerberos4.c: went back to an old version. works
 	now. Please test when you make changes in the future
	
	* plugins/kerberos4.c: doesn't work now. no clue why

	* lib/saslutil.c: fixed some stuff. added comments

	* plugings/cram.c: fixed various things. works now. please don't
 	touch Rob

	* lib/common.c: fixed username error
	
1999-02-12  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/client.c (sasl_client_start): added credentials consideration

	* lib/saslint.h: moved oparams into sasl_conn_t (instead of
	keeping a pointer to them); adjusted other code to match

	* include/sasl.h: added credentials interface.  This may change at 
	some point; it's nice and simple, but doesn't seperate the
	credentials from the sasl_conn_t...

	* include/saslplug.h: added credential calls for server plugins,
	incremented plugin version

	* plugins/scram.c (sasl_server_plug_init): added credential ptrs, 
	fixed version check, incremented version
	(sasl_client_plug_init): fixed version check

	* plugins/plain.c (sasl_server_plug_init): added credential ptrs, 
	fixed version check, incremented version
	(sasl_client_plug_init): fixed version check

	* plugins/gssapi.c (sasl_server_plug_init): added credential ptrs, 
	fixed version check, incremented version
	(sasl_client_plug_init): fixed version check

	* plugins/digestmd5.c (sasl_server_plug_init): added credential
	ptrs, fixed version check, incremented version
	(sasl_client_plug_init): fixed version check

	* plugins/anonymous.c (sasl_server_plug_init): added credential
	ptrs, fixed version check, incremented version
	(sasl_client_plug_init): checked version check

	* plugins/kerberos4.c (sasl_server_plug_init): added credential
	ptrs, incremented version
	(sasl_client_plug_init): checked version check

	* lib/server.c (mech_permitted): fixed reversed ssf test

	* plugins/cram.c (sasl_server_plug_init): added credential ptrs,
	fixed version check, incremented version.
	(sasl_client_plug_init): fixed version check

1999-02-11  Rob Earhart  <rob+@andrew.cmu.edu>

	* include/sasl.h (SASL_SEC_MAXIMUM): changed definition of
	SASL_SEC_MEXIMUM (I never did like the way it was defined before), 
	and added SASL_SEC_MAX_DEFINED, which the library will need in
	order to properly process SASL_SEC_MAXIMUM.
	(SASL_SEC_PASS_CREDENTIALS): added this, as well as
	sasl_credentials_t, used by plugins which accept forwarded
	credentials to hand them to servers.

	* plugins/anonymous.c (client_plugins): added required prompts
 	(SASL_CB_USER), commented a little.
	(c_continue_step): changed from getprop for username to callback

	* include/saslplug.h: made required_prompts a const long ptr

	* lib/common.c (_sasl_getcallback): added SASL_CB_LIST_END check

	* lib/saslint.h (_sasl_getcallback): added prototype

	* lib/common.c (_sasl_getcallback): made non-static

	* lib/client.c (have_prompts): implemented; checks whether or not
	the app provides the prompts necessary for a given mechanism.

1999-02-10  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/common.c (_sasl_getcallback): returns SASL_INTERACT if
	callback exists but proc is NULL (as per spec).

	* acconfig.h: moved string&dir&mem stuff here & winconfig.h; wiped
	nasty magic from most src

1999-02-09  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/server.c (external_server_init): added, implemented, linked in

	* lib/client.c (external_client_init): added, implemented, linked in

	* include/saslplug.h: changed const char *s in oparams to char *s

	* lib/test-client.c: fixed some little nits
	(main): added Extern auth flag

	* lib/saslutil.c (sasl_encode64): added outmax and outlen handling
 	(parityof): diked out

	* include/sasl.h: made sasl_secret_t.data signed

	* lib/test-server.c: fixed some little nits
	(main): added Extern auth flag
	
	* lib/test-common.c: fixed some little nits

	* testing.txt: fixed test program names

1999-02-08  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/saslint.h: ssf => sasl_external_properties_t

	* lib/common.c (sasl_setprop): serious cleanup

	* lib/server.c (mech_permitted): implemented
	(sasl_server_start): added mech_permitted() check
	(sasl_listmech): added mech_permitted() check

	* include/sasl.h: Added sasl_external_properties_t, moved
	sasl_security_properties_t from saslplug.h, fixed some
	documentation

1999-02-07  Ryan Troll <ryan+@andrew.cmu.edu>

	* configure.in: Added reminder about version number in
	winconfig.h

	* include/sasl.h: Fixed WIN32 declarations

	* include/winconfig.h: Added new defines, for compilation under
	windows

	* lib/test-client.c: fixed loop, so it will work with anonymous
	mechanism

	* Added saslDIGESTMD5 project to main workspace

1999-02-05  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/windlopen.c (_sasl_get_mech_list): added getpath_cb

	* lib/saslint.h: _sasl_get_mech_list *takes* getpath callback
	               added _sasl_find_getpath_callback prototype

	* lib/dlopen.c (_sasl_get_mech_list): checking args, using getpath
	callback to find the path

	* lib/client.c (sasl_client_init): passing getpath callback to
	_sasl_get_mech_list, using _sasl_find_getpath_callback

	* lib/server.c (sasl_server_init): passing getpath callback to
 	_sasl_get_mech_list, using _sasl_find_getpath_callback

	* lib/common.c (_sasl_getcallback): changed sasl_syslog to
	_sasl_syslog
	(_sasl_getcallback): added ref to _sasl_getpath
	(_sasl_getpath): wrote
	(_sasl_find_getpath_callback): wrote

	* include/sasl.h: added sasl_getpath_t decl

1999-01-26  Rob Earhart  <rob+@andrew.cmu.edu>

	* configure.in: Added digest-md5 configuration

	* plugins/Makefile.am: Added digestmd5 stuff

	* Removed Id tags from all files
	
	* plugins/digestmd5.c: Added plugin from Alexey

1999-01-25  Rob Earhart  <rob+@andrew.cmu.edu>

	* include/winconfig.h: Bumped version to 1.4b1
	(strncasecmp): Added strncasecmp => strnicmp translation

	* configure.in: Bumped version to 1.4b1

	* Makefile.am (dist-hook): Added cmulocal to dist

1999-01-19  Rob Earhart  <rob+@andrew.cmu.edu>

	* Version 1.3b2 released

	* configure.in: Updated to v1.3b2

	* include/sasl.h: Wrapped the error codes in parens, for sanity

1999-01-15  Rob Earhart  <rob+@andrew.cmu.edu>

	* Version 1.3b1 released

1999-01-12  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/server.c (sasl_setpass): pass flags & errstr

	* configure.in: uses CMU_SOCKETS, for sanity; sets SASL_UTIL_LIBS; 
	writes utils/Makefile; updated version to 1.3b1

	* Makefile.am: added utils

	* utils/Makefile.am: wrote

	* utils/saslpasswd.8: wrote

	* utils/saslpasswd.c: upgraded

1998-12-14  Timothy L Martin  <tmartin+@andrew.cmu.edu>

        * lib/common.c: added logging capability

	* sasl.h, saslplug.h: changed logging functions

1998-12-09  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* utils/*: created utils directory with saslpasswd, imtest, and smtptest

	* server.c: implemented sasl_setpass (adding passwords only)

	* plugins/cram.c: stores password in clear. Made cram work correctly

1998-12-01  Rob Earhart  <rob+@andrew.cmu.edu>

	* TODO: added setpass stuff

1998-11-30  Rob Earhart  <rob+@andrew.cmu.edu>

	* Version 1.2b3 released

	* SMakefile: switched order of automake and autoconf

	* plugins/Makefile.am: added PLAIN_LIBS to libplain_la_LIBADD

	* configure.in: check for libcrypt for plain

1998-11-30  Ryan Troll <ryan@andrew.cmu.edu>

        * win32/libsasl workspace: Updated to handle new server db
 	mechanism.  Now just uses 'db_none'.

1998-11-30  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/*.c: made plugin structs static
	
	* lib/Makefile.am: added windlopen.c

	* plugins/plain.c: passing a len return to getsimple callbacks

	* Makefile.am: added note about SASL_PATH

	* INSTALL: added note about SASL_PATH

	* include/winconfig.h: added copyright, updated version

	* include/Makefile.am: added winconfig.h to distribution

	* sasl/Makefile.am: removed saslMechList.java

1998-11-30  Rob Earhart  <rob@ANDREW.CMU.EDU>

	* configure.in: bumped up version to 1.2b3

	* lib/common.c: added default user/authname callbacks

	* Makefile.am: added plugin path warning

1998-11-29  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/plain.c: now attempts to look up userid and authid as
 	well as password via callbacks, and sets callback ids
 	appropriately for SASL_INTERACT.  Uses authorization callback.
  	Revamped parser to not copy data onto stack and to use
 	arbitrary-length data.

	* lib/server.c: removed gdbm/ndbm code and the whole SASL_DB_TYPE
 	nonsense; replaced with linkage against _sasl_db_getsecret and
 	_sasl_db_putsecret

	* lib/db_ndbm.c: created; moved ndbm code from server.c to here

	* lib/db_gdbm: created; moved gdbm code from server.c to here

	* lib/db_none: created; filled in hook symbols

	* lib/saslint.h: added _sasl_db_getsecret and _sasl_db_putsecret
 	symbol definitions

	* lib/Makefile.am: added SASL_DB_BACKEND and db backend sources,
 	incremented library version number

	* acconfig.h: removed SASL_DB_TYPE; it's superfluous now

	* configure.in: now subst's SASL_DB_BACKEND appropriately, and is
 	more careful about pulling in libs after checking for them

1998-11-25  Rob Earhart  <rob+@andrew.cmu.edu>

	* Version 1.2b2 released

