Author: bjk (doc committer)
Date: Sun Dec 15 19:18:18 2013
New Revision: 259425
URL: http://svnweb.freebsd.org/changeset/base/259425
Log:
Add an UPDATING entry for the gss_pseudo_random behavior change
Approved by: hrs (mentor, src committer)
Modified:
head/UPDATING
Modified: head/UPDATING
==============================================================================
--- head/UPDATING Sun Dec 15 18:26:31 2013 (r259424)
+++ head/UPDATING Sun Dec 15 19:18:18 2013 (r259425)
@@ -31,6 +31,17 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11
disable the most expensive debugging functionality run
"ln -s 'abort:false,junk:false' /etc/malloc.conf".)
+20131213:
+ The behavior of gss_pseudo_random() for the krb5 mechanism
+ has changed, for applications requesting a longer random string
+ than produced by the underlying enctype's pseudo-random() function.
+ In particular, the random string produced from a session key of
+ enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will
+ be different at the 17th octet and later, after this change.
+ The counter used in the PRF+ construction is now encoded as a
+ big-endian integer in accordance with RFC 4402.
+ __FreeBSD_version is bumped to 1100004.
+
20131108:
The WITHOUT_ATF build knob has been removed and its functionality
has been subsumed into the more generic WITHOUT_TESTS. If you were
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
