credential forwarding during GSSAPI authentication unless the KDC
sets the ok-as-delegate bit in the service ticket.
+* Use the permitted_enctypes krb5.conf setting as the default value
+ for default_tkt_enctypes and default_tgs_enctypes.
+
Developer experience:
* Implement krb5_cc_remove_cred() for all credential cache types.
* Add support for Microsoft NegoEx. (Requires one or more third-party
GSS modules implementing NegoEx mechanisms.)
+* Honor the transited-policy-checked ticket flag on application
+ servers, eliminating the requirement to configure capaths on
+ servers in some scenarios.
+
User experience:
* Add support for "dns_canonicalize_hostname=fallback""`, causing
8859 Remove KRB5_KDB_FLAG_ALIAS_OK
8860 Allow kprop over NATs
8861 Fix LDAP policy enforcement of pw_expiration
+8864 Fix error handling in gssint_mechglue_init()
+8865 Check cross-realm TGT name for RBCD requests
+8866 Fix S4U client authdata handling
+8867 Fix KDC crash in handle_signticket
+8868 Allow cross-realm RBCD with PAC and other authdata
+8869 Apply permitted_enctypes to KDC request enctypes
+8870 Honor transited-policy-checked flag in servers
Acknowledgements
----------------
#define KRB5_MAJOR_RELEASE 1
#define KRB5_MINOR_RELEASE 18
#define KRB5_PATCHLEVEL 0
-#define KRB5_RELTAIL "beta1-postrelease"
+#define KRB5_RELTAIL "beta2"
/* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "krb5-1.18"
+#define KRB5_RELTAG "krb5-1.18-beta2"
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: mit-krb5 1.18-beta1-postrelease\n"
+"Project-Id-Version: mit-krb5 1.18-beta2\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-01-27 11:38-0500\n"
+"POT-Creation-Date: 2020-01-27 13:36-0500\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
projects / thirdparty / krb5.git / commitdiff
