Date: Sun, 15 Dec 2013 19:18:19 +0000 (UTC) From: Benjamin Kaduk <bjk@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r259425 - head Message-ID: <201312151918.rBFJIJFk047068@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bjk (doc committer) Date: Sun Dec 15 19:18:18 2013 New Revision: 259425 URL: http://svnweb.freebsd.org/changeset/base/259425 Log: Add an UPDATING entry for the gss_pseudo_random behavior change Approved by: hrs (mentor, src committer) Modified: head/UPDATING Modified: head/UPDATING ============================================================================== --- head/UPDATING Sun Dec 15 18:26:31 2013 (r259424) +++ head/UPDATING Sun Dec 15 19:18:18 2013 (r259425) @@ -31,6 +31,17 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11 disable the most expensive debugging functionality run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) +20131213: + The behavior of gss_pseudo_random() for the krb5 mechanism + has changed, for applications requesting a longer random string + than produced by the underlying enctype's pseudo-random() function. + In particular, the random string produced from a session key of + enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will + be different at the 17th octet and later, after this change. + The counter used in the PRF+ construction is now encoded as a + big-endian integer in accordance with RFC 4402. + __FreeBSD_version is bumped to 1100004. + 20131108: The WITHOUT_ATF build knob has been removed and its functionality has been subsumed into the more generic WITHOUT_TESTS. If you were
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201312151918.rBFJIJFk047068>