diff options
author | Benjamin Kaduk <bjk@FreeBSD.org> | 2013-12-15 19:18:18 +0000 |
---|---|---|
committer | Benjamin Kaduk <bjk@FreeBSD.org> | 2013-12-15 19:18:18 +0000 |
commit | 2773bfa99a0f4abd8403871e689a7612aabea9de (patch) | |
tree | 98fdb3915fbf93f614924a1b096b5dd0ca1ddeed /UPDATING | |
parent | dcd1a208e54ad73562c6b0ccf0cf4ef7d3b61bc2 (diff) | |
download | src-test-2773bfa99a0f4abd8403871e689a7612aabea9de.tar.gz src-test-2773bfa99a0f4abd8403871e689a7612aabea9de.zip |
Add an UPDATING entry for the gss_pseudo_random behavior change
Approved by: hrs (mentor, src committer)
Notes
Notes:
svn path=/head/; revision=259425
Diffstat (limited to 'UPDATING')
-rw-r--r-- | UPDATING | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/UPDATING b/UPDATING index c734d065636a1..040492d64d5bb 100644 --- a/UPDATING +++ b/UPDATING @@ -31,6 +31,17 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11.x IS SLOW: disable the most expensive debugging functionality run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) +20131213: + The behavior of gss_pseudo_random() for the krb5 mechanism + has changed, for applications requesting a longer random string + than produced by the underlying enctype's pseudo-random() function. + In particular, the random string produced from a session key of + enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will + be different at the 17th octet and later, after this change. + The counter used in the PRF+ construction is now encoded as a + big-endian integer in accordance with RFC 4402. + __FreeBSD_version is bumped to 1100004. + 20131108: The WITHOUT_ATF build knob has been removed and its functionality has been subsumed into the more generic WITHOUT_TESTS. If you were |