Fri Aug 20 00:57:45 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* Version 1.5.5 released

	* include/makemd5.c: added; creates the md5global.h at compile
	time to autodetech what size numbers we have

	* lib/common.c (_sasl_log): fixed an ival/cval problem

	* plugins/kerberos4.c: more work on 64-bit friendliness

	* plugins/cram.c: work on 64-bit friendliness

Thu Aug 19 16:15:49 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* lib/dlopen.c (_sasl_get_mech_list): conditionalized the use of
	RTLD_NOW for dlopen

	* plugins/kerberos4.c: when we need a 32 bit number, let's use an
	int

1999-08-19  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/cram.c (c_continue_step): set oparams->user to correct
	thing. not anonymous

	* plugins/digestmd5.c: leaks much less memory.

1999-08-19  Gregory M. Diskin  <diskin+@andrew.cmu.edu>

	* lib/db_testw32.c: wrote this to store and retrieve mech-specific
	secrets for one user, to test mechs on win32 using sample-server
	and sample-client.

	* plugins/gssapi.c:  Fix include statements for Win32

	* sample/sample-server.c (main): ifdef out a free statement which
	causes win32 to crash.

	* utils/saslpasswd.c (main) (read_password): rebuild for Win32

	* win32/include/config.h (VL):  enabled for debug printing

	* win32/libsasl/libsasl.dsp:  Add db_testw32.c to build

	* win32/libsasl/libsasl.dsw:  Add gssapi plugin and utility
	saslpwd to project

	* win32/sample_client/sample_client.dsp: Remove pre-compiled header
	option

	* win32/saslDIGESTMD5/saslDIGESTMD5.h:  Enable inclusion of this
	header file on win32

1999-08-19  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* sample/sample-server.c (samp_recv): give better error
	messages. less obfuscated code

	* plugins/digestmd5.c: only free in once

	* sample/sample-client.c (main): supports realm callback

	* plugins/cram.c (server_continue_step): end saved msgid with a
 	null
	(start): start authid and password as null so the server doesn't
 	try to free them in dispose()
	(server_continue_step): free userid
	(server_continue_step): put tmphmac on the stack not heap
	(server_continue_step): free the secret in more cases
	(server_continue_step): oparams->authid gets an allocated string
 	so one mem ptr isn't free'd 2x

1999-08-18  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* TODO: snipped some stuff

	* plugins/digestmd5.c (make_prompts): Put the challenge part of
 	the interaction in the computer readable form containing the list
 	of possible realms

	* plugins/kerberos4.c: should require CB_USER not CB_AUTHNAME
	the authname is in the ticket

	* sample/sample-client.c (main): should always interact.

1999-08-17  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/kerberos4.c (integrity_decode): checks timestamps
	(privacy_decode): checks timestamps

Tue Aug 17 02:35:17 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* utils/dbconverter.c (dbm_convert): some minor cleanups for sun cc

Mon Aug 16 14:52:27 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* lib/db_ndbm.c (getsecret): fixed a free'd memory read (closed
	the database too early)

	* plugins/anonymous.c (server_continue_step): make sure that a
	string is null terminated

1999-08-17  Timothy L Martin  <tmartin@andrew.cmu.edu>

	* utils/dbconverter.c: wrote this. converts sasl 1.5.3 secret db's
	to 1.5.5

1999-08-16  Timothy L Martin  <tmartin@andrew.cmu.edu>

	* plugins/cram.c (setpass): stores hash of password
	* plugins/cram.c (server_step): uses the hash instead of plaintext
	to authenticate

Mon Aug 16 14:52:27 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* plugins/plain.c (server_continue_step): fixed a bug with
	null-terminating the password

	* lib/common.c (_sasl_getcallback): if it can't find a callback,
	it returns SASL_FAIL, not SASL_OK.  is there any reason for it to
	return SASL_OK?

	* plugins/digestmd5.c (c_continue_step): we can get multiple
	realms in the challenge; added use of realm callback

Sat Aug 14 19:13:19 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* plugins/digestmd5.c: updated to alexey's latest version
	support for DIGEST_DRAFT_2 dropped

Fri Aug 13 00:54:29 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* doc/sysadmin.html: updated to reflect sasldb pwcheck_method

Thu Aug 12 23:56:50 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* lib/checkpw.c (_sasl_make_plain_secret): created; makes a hash
	of the password for later plaintext checking

	* lib/server.c (sasl_setpass): made it set the plaintext secret if
	pwcheck_method is "sasldb"

Mon Aug  9 19:17:30 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* plugins/kerberos4.c (server_continue_step): made kerberos append
	the "@realm" when cross-realm authenticating

1999-08-08  Larry Greenfield  <leg+@andrew.cmu.edu>

	* doc/sysadmin.html: added to doc directory

	* lib/saslint.h (_sasl_sasldb_verify_password): added prototype

	* lib/server.c (_sasl_checkpass): added sasldb option; inserted
	else's

	* lib/checkpw.c (_sasl_kerberos_verify_password): added
	userid/password NULL checks & set reply to NULL
	(_sasl_shadow_verify_password): ditto
	(_sasl_passwd_verify_password): ditto
	(_sasl_PAM_verify_password): set reply to NULL
	(_sasl_sasldb_verify_password): created; checks the sasl database
	with "PLAIN"

Mon Aug  2 20:57:42 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* lib/server.c (sasl_listmech): fixed bug---would print out
	seperator to begin even if the mechanisms didn't pass mech_permitted

Sat Jul 31 13:12:51 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* utils/Makefile.am (EXTRA_DIST): EXTRA_DIST should include sfsasl.h

Fri Jul 30 20:04:39 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* lib/db_ndbm.c (_sasl_server_check_db): added test for DBM_SUFFIX
	and fixed some really stupid typos

Wed Jul 21 23:35:15 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* lib/server.c (load_config): small fixes (cosmetic & free'ing
	path_to_config)

Fri Jul 30 13:33:05 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

        * Version 1.5.3 released

	* plugins/gssapi.c (sasl_gss_free_context_contents): free the
	context buffer

	* include/sasl.h: added SASL_CB_GETREALM callback

Thu Jul 29 14:50:19 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* plugins/digestmd5.c (DigestCalcSecret): removed a superfluous
	call to MD5_UTF8_8859_1.

	* lib/db_none.c (_sasl_server_check_db): made _sasl_server_check_db

	* lib/db_ndbm.c (_sasl_server_check_db): made _sasl_server_check_db

	* lib/db_gdbm.c (_sasl_server_check_db): made _sasl_server_check_db

	* lib/server.c (sasl_server_init): made it call the verify db func

	* plugins/gssapi.c (sasl_gss_decode): now conforms to SASL
	convention of sending packet size
	(sasl_gss_encode): ditto

Mon Jul 26 00:16:40 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* plugins/gssapi.c (sasl_gss_server_step): made it look only at
	clientinlen and not clientin when determining if we just received
	an empty data exchange

Fri Jul 23 14:47:33 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* sample/sample-client.c (sasl_my_log): ditto, changed to avoid
	"log" conflict

	* sample/sample-server.c (sasl_my_log): changed "log" to
	sasl_my_log to avoid name conflict with math library.

	* plugins/gssapi.c: updated to bugfixes by Sam Hartman
	<hartmans@fundsxpress.com> and then by Leif Johansson
	<leifj@matematik.su.se>.

1999-07-20  Larry Greenfield  <leg+@andrew.cmu.edu>

	* plugins/anonymous.c (server_start): removed the need for
	anonymous to get a non-NULL errstr
	(server_continue_step): and again with the errstr

Thu Jul 15 14:29:35 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* lib/common.c (_sasl_getcallback): oops, forgot a return
	statement.  Thanks Claus!

Sat Jul 10 19:58:50 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* lib/server.c (_sasl_transition): now looks at the connection
	getopt callback

	* lib/checkpw.c (_sasl_kerberos_verify_password): now gets the
	srvtab option

	* lib/server.c (_sasl_checkpass): modified to pass along the conn
	parameter

	* include/saslplug.h: added a conn parameter to checkpass so that
	we can use the configuration stuff

Thu Jul  1 13:42:14 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* include/sasl.h: gethostname() not gethostbyname() (comment)

Tue Jun 29 00:35:08 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* configure.in (SASL_DB_LIB): fixed config problem with
	autodetecting gdbm brought up by ryan troll

	* plugins/plain.c (client_continue_step): fixing auth/user problem

Mon Jun 28 00:50:02 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* plugins/plain.c (server_continue_step): proxy callback is done
	in server.c; removed here

	* lib/common.c (_sasl_getcallback): added default proxy policy
	callback
	(_sasl_proxy_policy): default proxy policy callback (auth_identity
	must equal requested_user)

	* include/saslplug.h: added a md5global test, just in case

Sun Jun 27 18:39:37 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* lib/server.c (sasl_server_step): added check for
	SASL_CB_PROXY_POLICY so plugins don't have to do it

Mon Jun 21 22:39:17 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* plugins/kerberos4.c: efficiency improvements (not so many
	mallocs/frees)

Fri Jun 18 00:05:56 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* plugins/kerberos4.c (sasl_server_plug_init): made srvtab file
	configurable (srvtab)

	* plugins/digestmd5.c (get_pair): doesn't check that there
	actually is a '=' in *name.  does this code check for errors?

Thu Jun 17 00:46:03 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* plugins/digestmd5.c (init_rc4): the generation of
	incoming/outgoing keys was seriously flawed and didn't conform to
	the draft.

	* plugins/digestmd5.c: it's broken.  both integrity and
	encryption.  disabled in this version.  authentication SHOULD
	still work.

	* plugins/cram.c (get_authid): added a NULL check (causing test
	client to crash!)

Thu Jun 17 00:40:07 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* lib/client.c (sasl_client_start): rewrote the evil if statement
	from hell, and added security properties check

	* lib/server.c (mech_permitted): added security properties check

	* plugins/plain.c (server_continue_step): if null first step, just
	return SASL_CONTINUE so it might work with IMAP!

Wed Jun 16 23:19:00 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* lib/server.c (sasl_checkpass): pwcheck_method added

	* plugins/plain.c (verify_password): added PAM support
	pwcheck_method added

Tue Jun 15 15:21:05 1999  Lawrence Greenfield  <leg+@andrew.cmu.edu>

	* plugins/digestmd5.c (init_rc4): changed type so it comforms to
	cipher_init_t

	* lib/checkpw.c (_sasl_kerberos_verify_password): return
	SASL_FAIL

	* configure.in (LIB_PAM): added check for PAM

	* lib/checkpw.c (_sasl_PAM_verify_password): added a PAM mechanism
	for verifying passwords

	* lib/server.c (sasl_checkpass): added PAM support

	* lib/common.c (sasl_getprop): changed so it correctly does the
	indirection (void ** != int *). added comment.
	SASL_GETOPTCTX still not implemented---currently returns SASL_FAIL.
	(sasl_setprop): bug in SASL_SSF_EXTERNAL fixed.

1999-06-10  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* lib/server.c (_sasl_transition): checks config now
	(sasl_checkpass): transitions

1999-06-09  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* lib/common.c: doesn't do getdomain name anymore b/c it's usually broken

	* lib/common.c (_sasl_log): fixed casting problem. doesn't support as many types anymore	

1999-06-08  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* lib/server.c (sasl_server_init): verify config file ok

	* lib/dlopen.c (_sasl_get_mech_list): callback to verify files ok

	* lib/client.c,server.c: check parameters before passing to mechanism

1999-06-07  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/digestmd5.c (get_realm): tries user_realm then serverFQDN

	* lib/common.c: local_domain -> serverFQDN
	* lib/saslutil.c: local_domain -> serverFQDN

	* lib/server.c: user_domain -> user_realm
	* lib/server.c: local_domain -> serverFQDN

1999-06-02  Timothy L Martin  <tmartin@andrew.cmu.edu>

	* lib/saslutil.c (sasl_rand): made random seeding lazy

1999-05-12  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* lib/server.c (sasl_listmech): fixed extra seperator bug

1999-03-31  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/digestmd5.c: why was this using // for comments in C code?
	well, it doesn't now.

	* lib/dlopen.c (_sasl_get_mech_list): Changed dynamic loading to
 	bind symbols immediately (this is preferable to dumping core when
 	symbols bound lazily fail to actually bind when needed), and to
 	keep them private (reducing the chances for plugins to collide).

	XXX Rob is there any way to get this to compile on Linux???
	

	* sample/sample-server.c (main): Fixed forced-mechanism code

	* AUTHORS: added ref to Alexey Melnikov

1999-03-30  Rob Earhart  <rob+@andrew.cmu.edu>

	* Version 1.4.1 released

	* configure.in: added digest des check, rc4 check

	* plugins/digestmd5.c: diked out rc4 code

	* configure.in: turned off use of nana by default

	* plugins/cram.c: fixed endian bug

1999-03-29  Rob Earhart  <rob+@andrew.cmu.edu>

	* config/{libtool things}: updated to libtool-1.2f

	* plugins/digestmd5.c: removed tmp ptrs; des routines are
	returning voids

	* README: updated

	* plugins/cram.c (setpass): aligned buffer

	* plugins/digestmd5.c: no longer requiring errstr to be passed in
	cleaned up memory leaks in setpass
	aligned buf in setpass

	* plugins/plain.c: cleaned up some code

	* lib/common.c (_sasl_getcallback): no longer returns SASL_INTERACT 
	when it can't find a callback; uses SASL_OK instead.

	* plugins/kerberos4.c (client_continue_step): diked out all the
	authid code.  Why was this in Kerberos, anyway?  Also added
	required prompts for kerberos (i.e. none, instead of the default
	SASL_CB_AUTHNAME and SASL_CB_PASS).
	
	* lib/common.c (_sasl_getcallback): eliminated builtin SASL_CB_USER

	* plugins/cram.c (c_continue_step): don't send a zero-length
	initial response...

	* sample/sample-client.c (main): free data properly when
	initial response is possible

	* plugins/cram.c: set client-side user+authid oparams, tweaked a
 	couple allocation constants to make purify happy.  CRAM-MD5 now
 	passes purify, both client and server, success and fail cases,
 	returning all data correctly to both sides.

	* sample/sample-client.c (main): added property retrieval tests to 
	sample-client.c (so the client can discover whom it has
	authenticated as).

	* lib/md5.c (hmac_md5_import): fixed count update bug

1999-03-28  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/saslutil.c (sasl_mkchal): always generate positive nonces

	* plugins/cram.c (server_continue_step): lots of little changes;
	no longer tickles purify
	(c_continue_step): some more little changes

	* config/sasl.spec: Added the extra RFCs

	* doc/Makefile.am (EXTRA_DIST): Added a few more RFCs

1999-03-26  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/cram.c (find_prompt): Fixed
	(c_continue_step): Fixed call to free_prompts

	* lib/server.c (sasl_server_step): removed strange setprop

	* lib/common.c: Setting security flags
	(sasl_errstring): changed badparam message to something a little
	less confusing

	* config/{config.guess,config.sub,ltconfig,ltmain.sh}: reverted to 
	old hacked versions

	* SMakefile: removed libtoolize

	* plugins/digestmd5.c: changed various instances of user_domain to 
	local_domain

	* lib/server.c (_sasl_transition): changed to call setpass directly
	(sasl_setpass): added logging

	* sample/sample-server.c (main): cleaned up data handling, base64
	generation

	* lib/server.c (sasl_listmech): better final len calculation

1999-03-25  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/digestmd5.c: made a lot of things const; this makes the
	code happier.

	* plugins/cram.c (c_start): fixed text init bug

	* lib/server.c (sasl_server_new): moved local_domain code to common,
	removed local_domain from sasl_server_conn, no longer disposing
	local_domain in server on cleanup

	* lib/common.c: (_sasl_conn_init): took local_domain code from server
	(_sasl_conn_dispose) added code to free local_domain

	* lib/saslint.h: added local_domain to sasl_conn_t and _sasl_conn_init

	* lib/client.c (sasl_client_new): calling _sasl_conn_init with
 	NULL local domain

	* lib/saslutil.c: wrote sasl_mkchal

	* plugins/cram.c (server_continue_step): Fixed nonce generation

	* lib/common.c (_sasl_alloc_utils): added hmac routines, mutex
	routines, rand stuff...

	* lib/md5.c: Wrote hmac routines

	* plugins/cram.c (setpass): Massive surgery to clean this up
	removed required prompts -- they're the default prompts

	* testing.txt: updated testing documentation

	* plugins/plain.c (verify_password): added shadow password file support
	(server_continue_step): fixed mech_ssf and authorization buglet
	(server_continue_step): setting realm to local domain name
	(sasl_client_plug_init): tweaked logging

1999-03-25  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* lib/server.c (setpass): sends sparams correctly now

1999-03-24  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/digestmd5.c (setpass): merged in rob's changes
	fixed realm mistake
	merged in alexey's changes for 8859 etc

1999-03-24  Rob Earhart  <rob+@andrew.cmu.edu>

	* configure.in: added checks for crypt.h, shadow.h, getspnam.

	* plugins/plain.c (server_continue_step): replaced weird error
	codes with actual symbolic constants

	* lib/server.c (sasl_server_start): check error code from
	mech_new, eliminated antiquated call to sasl_setprop().

	* sample/sample-server.c (main): made mandatory mech check
 	case-insensitive

	* lib/common.c (_sasl_getsimple): don't require len param

	* lib/client.c (have_prompts): made this static

	* sample/sample-client.c (main): dynamic callback list generation, 
	eliminated most globals

	* plugins/plain.c (get_authid): dup authid
	(get_userid): dup userid

	* sample/sample-client.c (getsecret): fixed broken password
 	reading code

	* lib/server.c: added credential callback pointers to EXTERNAL

	* plugins/plain.c (client_continue_step): fixed

	* lib/server.c (server_dispose): braces to make the compiler happy

	* include/Makefile.am: removed winconfig.h dependancy

1999-03-23  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/plain.c (client_plugins): deleted required prompts;
	plain only *needs* the default (SASL_CB_AUTHNAME and SASL_CB_PASS).

	* configure.in: switched java to default to no

	* utils/saslpasswd.c (main): documented flags
	(main): added user realm

	* plugins/digestmd5.c (get_realm): flipped this to user_domain
	(setpass): massive surgery to make this sort of work
	fixed free_prompts call

	* plugins/plain.c (find_prompt): minor surgery to make this work
	fixed free_prompts call

	* config/sasl.spec: massive update to build normal lib,
	development package, and packages for each plugin

	* doc/Makefile.am (EXTRA_DIST): updated digest-sasl doc

1999-03-22  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/kerberos4.c (server_continue_step): fixed security layer 
	negotiation code, used symbolic constants, eliminated context ssf

1999-03-19  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/cram.c: Doesn't store passwords in /etc/sasldb in
	clear. tested
	
1999-03-18  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/server.c (server_dispose): fixed up credential disposal

	* Moved winconfig.h to win32/include/config.h to remove a bunch of
 	ifdefs; windows project header paths will need to be adjusted.

	* man/Makefile.am: created
	
1999-03-15  Rob Earhart  <rob+@andrew.cmu.edu>

	* sample/sample-server.c: seperated saslfail/sasldebug, made
	failure to obtain info at the end not cause fail

	* testing.txt: rewrote

	* config/cyrus-sasl.spec: Added sample code to docs

	* configure.in: added optional compilation for sample code

	* Makefile.am: split sample out to make it optionally compile

1999-03-14  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/plain.c (free_string): removed warning, simplified
	(client_continue_step): Fixed some printfs

	* sasl/Makefile.am (javasasl_JAVA): Added new java classes

	* plugins/cram.c (setpass): return something on function exit
	(free_string): simplified, removing compiler warning

	* plugins/Makefile.am: Updated plugin versions

	* lib/Makefile.am (sasl_version): Updated revision

1999-03-11  Rob Earhart  <rob+@andrew.cmu.edu>

	* configure.in: Added kaffeh support

1999-03-08  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/plain.c: No sensetive information leaked

	* plugins/cram.c: No sensetive information leaked

1999-03-07  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/digestmd5.c: client and server can't send challenges >2048 bytes now

1999-03-05  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/plain.c: uses callbacks and interactions now (tested)

	* plugins/cram.c: uses callbacks and interactions now (tested)

	* plugins/anonymous.c (c_continue_step): fencepost error corrected

1999-03-04  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/kerberos4.c (client_continue_step): changed ssf
	printf()s to unsigned

	* sample/sample-client.c (main): fixed max ssf

	* sample/sample-server.c (main): fixed max ssf

	* plugins/kerberos4.c (client_continue_step): fixed to deal nicely 
	with NULL userid and authid

1999-03-01  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/kerberos4.c: interaction and callback fixes.  This'll
	probably break stuff -- but only stuff that shouldn't have been
	written in the first place...

	* lib/common.c: axed the user/realm stuff from sasl_conn_t,
	rewrote common to use copies from oparams

1999-02-25  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/anonymous.c (c_continue_step): added case for NULL user
	(c_continue_step): fixed anon id creation

	* lib/client.c: fixed various prompt_need assumptions

	* lib/server.c (sasl_listmech): gracefully deal with NULL prefix,
	sep, and suffix

	* lib/client.c (sasl_client_new): SASL_FAIL => SASL_BADPARAM for
	bad parameters

	* lib/dlopen.c (_sasl_get_mech_list): added path defaulting

1999-02-22  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/anonymous.c (continue_step): changes %*s to %s (len
	doesn't work in log function), and NULL-terminated the client's
	str.

	* lib/common.c (add_string): cleaned up a bit

	* doc: wrote Makefile.am, added relevant drafts and RFCs

	* Makefile.am: added doc dir

	* plugins/digestmd5.c: cleaned up some warnings

	* plugins/kerberos4.c: cleaned up some warnings

	* configure.in: removed -pedantic -ansi -fbuiltin; glibc-2.1 is
 	just too broken for this to work without lots of useless whining

1999-02-21  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* all: eliminated some warnings

	* plugins/digestmd5: added integrity protection

	* plugins/digestmd5: replaced all DEBUG prints with VL's

1999-02-17  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* plugins/all: added VL's for error conditions

	* all: eliminated some warnings

	* plugins/kerberos4.c: went back to an old version. works
 	now. Please test when you make changes in the future
	
	* plugins/kerberos4.c: doesn't work now. no clue why

	* lib/saslutil.c: fixed some stuff. added comments

	* plugings/cram.c: fixed various things. works now. please don't
 	touch Rob

	* lib/common.c: fixed username error
	
1999-02-12  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/client.c (sasl_client_start): added credentials consideration

	* lib/saslint.h: moved oparams into sasl_conn_t (instead of
	keeping a pointer to them); adjusted other code to match

	* include/sasl.h: added credentials interface.  This may change at 
	some point; it's nice and simple, but doesn't seperate the
	credentials from the sasl_conn_t...

	* include/saslplug.h: added credential calls for server plugins,
	incremented plugin version

	* plugins/scram.c (sasl_server_plug_init): added credential ptrs, 
	fixed version check, incremented version
	(sasl_client_plug_init): fixed version check

	* plugins/plain.c (sasl_server_plug_init): added credential ptrs, 
	fixed version check, incremented version
	(sasl_client_plug_init): fixed version check

	* plugins/gssapi.c (sasl_server_plug_init): added credential ptrs, 
	fixed version check, incremented version
	(sasl_client_plug_init): fixed version check

	* plugins/digestmd5.c (sasl_server_plug_init): added credential
	ptrs, fixed version check, incremented version
	(sasl_client_plug_init): fixed version check

	* plugins/anonymous.c (sasl_server_plug_init): added credential
	ptrs, fixed version check, incremented version
	(sasl_client_plug_init): checked version check

	* plugins/kerberos4.c (sasl_server_plug_init): added credential
	ptrs, incremented version
	(sasl_client_plug_init): checked version check

	* lib/server.c (mech_permitted): fixed reversed ssf test

	* plugins/cram.c (sasl_server_plug_init): added credential ptrs,
	fixed version check, incremented version.
	(sasl_client_plug_init): fixed version check

1999-02-11  Rob Earhart  <rob+@andrew.cmu.edu>

	* include/sasl.h (SASL_SEC_MAXIMUM): changed definition of
	SASL_SEC_MEXIMUM (I never did like the way it was defined before), 
	and added SASL_SEC_MAX_DEFINED, which the library will need in
	order to properly process SASL_SEC_MAXIMUM.
	(SASL_SEC_PASS_CREDENTIALS): added this, as well as
	sasl_credentials_t, used by plugins which accept forwarded
	credentials to hand them to servers.

	* plugins/anonymous.c (client_plugins): added required prompts
 	(SASL_CB_USER), commented a little.
	(c_continue_step): changed from getprop for username to callback

	* include/saslplug.h: made required_prompts a const long ptr

	* lib/common.c (_sasl_getcallback): added SASL_CB_LIST_END check

	* lib/saslint.h (_sasl_getcallback): added prototype

	* lib/common.c (_sasl_getcallback): made non-static

	* lib/client.c (have_prompts): implemented; checks whether or not
	the app provides the prompts necessary for a given mechanism.

1999-02-10  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/common.c (_sasl_getcallback): returns SASL_INTERACT if
	callback exists but proc is NULL (as per spec).

	* acconfig.h: moved string&dir&mem stuff here & winconfig.h; wiped
	nasty magic from most src

1999-02-09  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/server.c (external_server_init): added, implemented, linked in

	* lib/client.c (external_client_init): added, implemented, linked in

	* include/saslplug.h: changed const char *s in oparams to char *s

	* lib/test-client.c: fixed some little nits
	(main): added Extern auth flag

	* lib/saslutil.c (sasl_encode64): added outmax and outlen handling
 	(parityof): diked out

	* include/sasl.h: made sasl_secret_t.data signed

	* lib/test-server.c: fixed some little nits
	(main): added Extern auth flag
	
	* lib/test-common.c: fixed some little nits

	* testing.txt: fixed test program names

1999-02-08  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/saslint.h: ssf => sasl_external_properties_t

	* lib/common.c (sasl_setprop): serious cleanup

	* lib/server.c (mech_permitted): implemented
	(sasl_server_start): added mech_permitted() check
	(sasl_listmech): added mech_permitted() check

	* include/sasl.h: Added sasl_external_properties_t, moved
	sasl_security_properties_t from saslplug.h, fixed some
	documentation

1999-02-07  Ryan Troll <ryan+@andrew.cmu.edu>

	* configure.in: Added reminder about version number in
	winconfig.h

	* include/sasl.h: Fixed WIN32 declarations

	* include/winconfig.h: Added new defines, for compilation under
	windows

	* lib/test-client.c: fixed loop, so it will work with anonymous
	mechanism

	* Added saslDIGESTMD5 project to main workspace

1999-02-05  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/windlopen.c (_sasl_get_mech_list): added getpath_cb

	* lib/saslint.h: _sasl_get_mech_list *takes* getpath callback
	               added _sasl_find_getpath_callback prototype

	* lib/dlopen.c (_sasl_get_mech_list): checking args, using getpath
	callback to find the path

	* lib/client.c (sasl_client_init): passing getpath callback to
	_sasl_get_mech_list, using _sasl_find_getpath_callback

	* lib/server.c (sasl_server_init): passing getpath callback to
 	_sasl_get_mech_list, using _sasl_find_getpath_callback

	* lib/common.c (_sasl_getcallback): changed sasl_syslog to
	_sasl_syslog
	(_sasl_getcallback): added ref to _sasl_getpath
	(_sasl_getpath): wrote
	(_sasl_find_getpath_callback): wrote

	* include/sasl.h: added sasl_getpath_t decl

1999-01-26  Rob Earhart  <rob+@andrew.cmu.edu>

	* configure.in: Added digest-md5 configuration

	* plugins/Makefile.am: Added digestmd5 stuff

	* Removed Id tags from all files
	
	* plugins/digestmd5.c: Added plugin from Alexey

1999-01-25  Rob Earhart  <rob+@andrew.cmu.edu>

	* include/winconfig.h: Bumped version to 1.4b1
	(strncasecmp): Added strncasecmp => strnicmp translation

	* configure.in: Bumped version to 1.4b1

	* Makefile.am (dist-hook): Added cmulocal to dist

1999-01-19  Rob Earhart  <rob+@andrew.cmu.edu>

	* Version 1.3b2 released

	* configure.in: Updated to v1.3b2

	* include/sasl.h: Wrapped the error codes in parens, for sanity

1999-01-15  Rob Earhart  <rob+@andrew.cmu.edu>

	* Version 1.3b1 released

1999-01-12  Rob Earhart  <rob+@andrew.cmu.edu>

	* lib/server.c (sasl_setpass): pass flags & errstr

	* configure.in: uses CMU_SOCKETS, for sanity; sets SASL_UTIL_LIBS; 
	writes utils/Makefile; updated version to 1.3b1

	* Makefile.am: added utils

	* utils/Makefile.am: wrote

	* utils/saslpasswd.8: wrote

	* utils/saslpasswd.c: upgraded

1998-12-14  Timothy L Martin  <tmartin+@andrew.cmu.edu>

        * lib/common.c: added logging capability

	* sasl.h, saslplug.h: changed logging functions

1998-12-09  Timothy L Martin  <tmartin+@andrew.cmu.edu>

	* utils/*: created utils directory with saslpasswd, imtest, and smtptest

	* server.c: implemented sasl_setpass (adding passwords only)

	* plugins/cram.c: stores password in clear. Made cram work correctly

1998-12-01  Rob Earhart  <rob+@andrew.cmu.edu>

	* TODO: added setpass stuff

1998-11-30  Rob Earhart  <rob+@andrew.cmu.edu>

	* Version 1.2b3 released

	* SMakefile: switched order of automake and autoconf

	* plugins/Makefile.am: added PLAIN_LIBS to libplain_la_LIBADD

	* configure.in: check for libcrypt for plain

1998-11-30  Ryan Troll <ryan@andrew.cmu.edu>

        * win32/libsasl workspace: Updated to handle new server db
 	mechanism.  Now just uses 'db_none'.

1998-11-30  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/*.c: made plugin structs static
	
	* lib/Makefile.am: added windlopen.c

	* plugins/plain.c: passing a len return to getsimple callbacks

	* Makefile.am: added note about SASL_PATH

	* INSTALL: added note about SASL_PATH

	* include/winconfig.h: added copyright, updated version

	* include/Makefile.am: added winconfig.h to distribution

	* sasl/Makefile.am: removed saslMechList.java

1998-11-30  Rob Earhart  <rob@ANDREW.CMU.EDU>

	* configure.in: bumped up version to 1.2b3

	* lib/common.c: added default user/authname callbacks

	* Makefile.am: added plugin path warning

1998-11-29  Rob Earhart  <rob+@andrew.cmu.edu>

	* plugins/plain.c: now attempts to look up userid and authid as
 	well as password via callbacks, and sets callback ids
 	appropriately for SASL_INTERACT.  Uses authorization callback.
  	Revamped parser to not copy data onto stack and to use
 	arbitrary-length data.

	* lib/server.c: removed gdbm/ndbm code and the whole SASL_DB_TYPE
 	nonsense; replaced with linkage against _sasl_db_getsecret and
 	_sasl_db_putsecret

	* lib/db_ndbm.c: created; moved ndbm code from server.c to here

	* lib/db_gdbm: created; moved gdbm code from server.c to here

	* lib/db_none: created; filled in hook symbols

	* lib/saslint.h: added _sasl_db_getsecret and _sasl_db_putsecret
 	symbol definitions

	* lib/Makefile.am: added SASL_DB_BACKEND and db backend sources,
 	incremented library version number

	* acconfig.h: removed SASL_DB_TYPE; it's superfluous now

	* configure.in: now subst's SASL_DB_BACKEND appropriately, and is
 	more careful about pulling in libs after checking for them

1998-11-25  Rob Earhart  <rob+@andrew.cmu.edu>

	* Version 1.2b2 released

