1384 lines
39 KiB
Plaintext
1384 lines
39 KiB
Plaintext
2008-01-21 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* default_keys.c: Use hdb_free_keys().
|
||
|
||
2008-01-11 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Makefile.am: add check-cracklib.pl, flush.c,
|
||
sample_passwd_check.c
|
||
|
||
2007-12-07 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* use hdb_db_dir() and hdb_default_db()
|
||
|
||
2007-10-18 Love <lha@stacken.kth.se>
|
||
|
||
* init_c.c: We are getting default_client, not client. this way
|
||
the user can override the result.
|
||
|
||
2007-09-29 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* iprop.8: fix spelling, From Antoine Jacoutt.
|
||
|
||
2007-08-16 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* version-script.map: export _kadm5_unmarshal_params,
|
||
_kadm5_acl_check_permission
|
||
|
||
* version-script.map: export kadm5_log_ symbols.
|
||
|
||
* log.c: Unexport the specific log replay operations.
|
||
|
||
2007-08-10 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Makefile.am: build sample_passwd_check.la as part of noinst.
|
||
|
||
* sample_passwd_check.c: Add missing prototype for check_length().
|
||
|
||
2007-08-07 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* log.c: Sprinkle krb5_set_error_string().
|
||
|
||
* ipropd_slave.c: Provide better error why kadm5_log_replay
|
||
failed.
|
||
|
||
2007-08-06 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_master.c: - don't push whole database to the new client
|
||
every time. - make slaves get the whole new database if they have
|
||
a newer log the the master (and thus have them go back in time).
|
||
|
||
2007-08-03 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_slave.c: make more sane.
|
||
|
||
* ipropd_slave.c: more paranoid check that the log entires are
|
||
self consistant
|
||
|
||
* log.c (kadm5_log_foreach): check that the postamble contains the
|
||
right data.
|
||
|
||
* ipropd_master.c: Sprinkle more info about what versions the
|
||
master thinks about the client versions.
|
||
|
||
* ipropd_master.c: Start the server at the current version, not 0.
|
||
|
||
2007-08-02 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_master.c: Add more logging, to figure out what is
|
||
happening in the master.
|
||
|
||
2007-08-01 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Makefile.am: add version-script for libkadm5srv.la
|
||
|
||
* version-script.map: version script fro kadm5 server libary.
|
||
|
||
* log.c: only free the orignal entries extentions if there was
|
||
any. Bug reported by Peter Meinecke.
|
||
|
||
* add configuration for signal file and acl file, let user select
|
||
hostname, catch signals and print why we are quiting, make nop
|
||
cause one new version, not two
|
||
|
||
2007-07-30 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_master.c (send_diffs): make current slave's version
|
||
uptodate when diff have been sent.
|
||
|
||
2007-07-27 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_slave.c: More comments and some more error checking.
|
||
|
||
2007-07-26 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* init_c.c (get_cache_principal): make sure id is reset if we
|
||
fail. From Benjamin Bennet.
|
||
|
||
2007-07-10 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* context_s.c (find_db_spec): match realm-less as the default
|
||
realm.
|
||
|
||
* Makefile.am: New library version.
|
||
|
||
2007-07-05 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* context_s.c: Use hdb_get_dbinfo to pick up configuration.
|
||
ctx->config.realm can be NULL, check for that, from Bjorn S.
|
||
|
||
2007-07-04 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* init_c.c: Try harder to use the right principal.
|
||
|
||
2007-06-20 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_slave.c: Catch return value from krb5_program_setup. From
|
||
Steven Luo.
|
||
|
||
2007-05-08 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* delete_s.c: Write log entry after store is successful, rename
|
||
out goto statments.
|
||
|
||
* randkey_s.c: Write log entry after store is successful.
|
||
|
||
* modify_s.c: Write log entry after store is successful.
|
||
|
||
* rename_s.c: indent.
|
||
|
||
* chpass_s.c: Write log entry after store is successful.
|
||
|
||
* create_s.c: Write log entry after store is successful.
|
||
|
||
2007-05-07 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* iprop-commands.in: Add default values to make this working
|
||
again.
|
||
|
||
* iprop-log.c (iprop_replay): create the database with more
|
||
liberal mode.
|
||
|
||
* log.c: make it slightly more working.
|
||
|
||
* iprop-log.8: Document last-version.
|
||
|
||
* iprop-log.c: (last_version): print last version of the log.
|
||
|
||
* iprop-commands.in: new command last-version: print last version
|
||
of the log.
|
||
|
||
* log.c (kadm5_log_previous): document assumptions and make less
|
||
broken. Bug report from Ronny Blomme.
|
||
|
||
2007-02-17 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* admin.h: add support to get aliases
|
||
|
||
* get_s.c: add support to get aliases
|
||
|
||
2007-02-11 David Love <fx@gnu.org>
|
||
|
||
* iprop-log.8: Small fixes, from David Love.
|
||
|
||
2006-12-15 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* init_c.c: if the user have a kadmin/admin initial ticket, don't
|
||
ask for password, just use the credential instead.
|
||
|
||
2006-12-06 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_master.c: Use strcspn to remove \n from string returned
|
||
by fgets. From Björn Sandell
|
||
|
||
2006-11-30 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* init_c.c (kadm_connect): clear error string before trying to
|
||
print a errno, this way we don't pick up a random failure code
|
||
|
||
2006-11-20 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_slave.c: Make krb5_get_init_creds_opt_free take a context
|
||
argument.
|
||
|
||
* init_c.c: Make krb5_get_init_creds_opt_free take a context
|
||
argument.
|
||
|
||
2006-10-22 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ent_setup.c: Try to not leak memory.
|
||
|
||
2006-10-07 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Makefile.am: split build files into dist_ and noinst_ SOURCES
|
||
|
||
2006-08-24 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* get_s.c: Add KRB5_KDB_ALLOW_DIGEST
|
||
|
||
* ent_setup.c: Add KRB5_KDB_ALLOW_DIGEST
|
||
|
||
* admin.h: Add KRB5_KDB_ALLOW_DIGEST
|
||
|
||
2006-06-16 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* check-cracklib.pl: Add password reuse checking. From Harald
|
||
Barth.
|
||
|
||
2006-06-14 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ent_setup.c (attr_to_flags): Add KRB5_KDB_ALLOW_KERBEROS4
|
||
|
||
* get_s.c (kadm5_s_get_principal): Add KRB5_KDB_ALLOW_KERBEROS4
|
||
|
||
* admin.h: Add KRB5_KDB_ALLOW_KERBEROS4
|
||
|
||
2006-06-06 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ent_setup.c (attr_to_flags): Add KRB5_KDB_TRUSTED_FOR_DELEGATION
|
||
|
||
2006-05-30 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* password_quality.c (kadm5_check_password_quality): set error
|
||
message in context.
|
||
|
||
2006-05-13 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* iprop-log.c: Avoid shadowing.
|
||
|
||
* rename_s.c: Avoid shadowing.
|
||
|
||
2006-05-08 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* privs_c.c (kadm5_c_get_privs): privs is a uint32_t, let copy it
|
||
that way.
|
||
|
||
2006-05-05 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Rename u_intXX_t to uintXX_t
|
||
|
||
2006-04-27 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* chpass_s.c,delete_s.c,get_s.c,log.c,modify_s.c,randkey_s.c,rename_s.c:
|
||
Pass in HDB_F_GET_ANY to all ->hdb fetch to hint what entries we are looking for
|
||
|
||
* send_recv.c: set and clear error string
|
||
|
||
* rename_s.c: Break out the that we request from principal from
|
||
the entry and pass it in as a separate argument.
|
||
|
||
* randkey_s.c: Break out the that we request from principal from
|
||
the entry and pass it in as a separate argument.
|
||
|
||
* modify_s.c: Break out the that we request from principal from
|
||
the entry and pass it in as a separate argument.
|
||
|
||
* log.c: Break out the that we request from principal from the
|
||
entry and pass it in as a separate argument.
|
||
|
||
* get_s.c: Break out the that we request from principal from the
|
||
entry and pass it in as a separate argument.
|
||
|
||
* delete_s.c: Break out the that we request from principal from
|
||
the entry and pass it in as a separate argument.
|
||
|
||
* chpass_s.c: Break out the that we request from principal from
|
||
the entry and pass it in as a separate argument.
|
||
|
||
2006-04-25 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* create_s.c (create_principal*): If client doesn't send kvno,
|
||
make sure to set it to 1.
|
||
|
||
2006-04-10 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* log.c: (kadm5_log_rename): handle errors better
|
||
Fixes Coverity, NetBSD CID#628
|
||
|
||
* log.c (kadm5_log_delete): add error handling Coverity, NetBSD
|
||
CID#626
|
||
(kadm5_log_modify): add error handling Coverity, NetBSD CID#627
|
||
|
||
* init_c.c (_kadm5_c_get_cred_cache): handle ccache case better in
|
||
case no client name was passed in. Coverity, NetBSD CID#919
|
||
|
||
* init_c.c (_kadm5_c_get_cred_cache): Free client principal in
|
||
case of error. Coverity NetBSD CID#1908
|
||
|
||
2006-02-02 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* kadm5_err.et: (PASS_REUSE): Spelling,
|
||
from Václav H?la <ax@natur.cuni.cz>
|
||
|
||
2006-01-25 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* send_recv.c: Clear error-string when introducing new errors.
|
||
|
||
* *_c.c: Clear error-string when introducing new errors.
|
||
|
||
2006-01-15 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Makefile.am (libkadm5clnt.la) doesn't depend on libhdb, remove
|
||
dependency
|
||
|
||
2005-12-13 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* memset hdb_entry_ex before use
|
||
|
||
2005-12-12 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Wrap hdb_entry with hdb_entry_ex, patch originally
|
||
from Andrew Bartlet
|
||
|
||
2005-11-30 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* context_s.c (set_field): try another way to calculate the path
|
||
to the database/logfile/signal-socket
|
||
|
||
* log.c (kadm5_log_init): set error string on failures
|
||
|
||
2005-09-08 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Constify password.
|
||
|
||
* admin.h: Add KRB5_TL_PKINIT_ACL.
|
||
|
||
* marshall.c (_kadm5_unmarshal_params): avoid signed-ness warnings
|
||
|
||
* get_s.c (kadm5_s_get_principal): clear error string
|
||
|
||
2005-08-25 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* iprop-log.8: More text about iprop-log.
|
||
|
||
2005-08-24 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* iprop.8: SEE ALSO iprop-log.
|
||
|
||
* Makefile.am: man_MANS += iprop-log.8
|
||
|
||
* iprop-log.8: Basic for documentation of iprop-log.
|
||
|
||
* remove replay_log.c, dump_log.c, and truncate_log.c, folded into
|
||
iprop-log.
|
||
|
||
* log.c (kadm5_log_foreach): add a context variable and pass it
|
||
down to `func´.
|
||
|
||
* iprop-commands.in: Move truncate_log and replay_log into
|
||
iprop-log.
|
||
|
||
* iprop-log.c: Move truncate_log and replay_log into iprop-log.
|
||
|
||
* Makefile.am: Move truncate_log and replay_log into iprop-log.
|
||
|
||
* Makefile.am: Make this work with a clean directory.
|
||
|
||
* ipropd_master.c: Make compile.
|
||
|
||
* ipropd_master.c: Update to new signature of kadm5_log_previous.
|
||
|
||
* log.c (kadm5_log_previous): catch errors instead of asserting
|
||
and set error string.
|
||
|
||
* iprop-commands.in: New program iprop-log that incorperates
|
||
dump_log as a subcommand, truncate_log and replay_log soon to come
|
||
after.
|
||
|
||
* iprop-log.c: New program iprop-log that incorperates dump_log as
|
||
a subcommand, truncate_log and replay_log soon to come after.
|
||
|
||
* Makefile.am: New program iprop-log that incorperates dump_log as
|
||
a subcommand, truncate_log and replay_log soon to come after.
|
||
|
||
2005-08-11 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* get_s.c: Implement KADM5_LAST_PWD_CHANGE.
|
||
|
||
* set_keys.c: Set and clear password where appropriate.
|
||
|
||
* randkey_s.c: Operation modifies tl_data.
|
||
|
||
* log.c (kadm5_log_replay_modify): Check return values of
|
||
malloc(), replace all extensions.
|
||
|
||
* kadm5_err.et: Make BAD_TL_TYPE error more helpful.
|
||
|
||
* get_s.c: Expose KADM5_TL_DATA options to the client.
|
||
|
||
* ent_setup.c: Merge in KADM5_TL_DATA in the database.
|
||
|
||
* chpass_s.c: Operations modify extensions, mark that with
|
||
TL_DATA.
|
||
|
||
* admin.h: Add more TL types (password and extension).
|
||
|
||
2005-06-17 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* constify
|
||
|
||
* ipropd_slave.c: avoid shadowing
|
||
|
||
* ipropd_master.c: rename local variable slave to s, optind ->
|
||
optidx
|
||
|
||
* get_princs_c.c: rename variable exp to expression
|
||
|
||
* ad.c: rename variable exp to expression
|
||
|
||
* log.c: rename shadowing len to num
|
||
|
||
* get_princs_s.c: rename variable exp to expression
|
||
|
||
* context_s.c: const poison
|
||
|
||
* common_glue.c: rename variable exp to expression
|
||
|
||
2005-05-30 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ent_setup.c (attr_to_flags): check for KRB5_KDB_OK_AS_DELEGATE
|
||
|
||
* get_s.c (kadm5_s_get_principal): set KRB5_KDB_OK_AS_DELEGATE
|
||
|
||
* admin.h: add KRB5_KDB_OK_AS_DELEGATE, sync KRB5_TL_ flags
|
||
|
||
2005-05-25 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* kadm5_pwcheck.3: please mdoclint
|
||
|
||
2005-05-25 Dave Love <fx@gnu.org>
|
||
|
||
* kadm5_pwcheck.3: document kadm5_add_passwd_quality_verifier,
|
||
improve text
|
||
|
||
2005-05-24 Dave Love <fx@gnu.org>
|
||
|
||
* iprop.8: Added some info about defaults, fixed some markup.
|
||
|
||
2005-05-23 Dave Love <fx@gnu.org>
|
||
|
||
* ipropd_slave.c: Don't test HAVE_DAEMON since roken supplies it.
|
||
|
||
* ipropd_master.c: Don't test HAVE_DAEMON since roken supplies it.
|
||
|
||
2005-05-13 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* init_c.c (_kadm5_c_init_context): fix memory leak in case of
|
||
failure
|
||
|
||
2005-05-09 Dave Love <fx@gnu.org>
|
||
|
||
* password_quality.c (find_func): Fix off-by-one and logic error.
|
||
(external_passwd_quality): Improve messages.
|
||
|
||
* test_pw_quality.c (main): Call kadm5_setup_passwd_quality_check
|
||
and kadm5_add_passwd_quality_verifier.
|
||
|
||
2005-04-30 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* default_keys.c: #include <err.h>, only print salt it its longer
|
||
then 0, use krb5_err instead of errx where appropriate
|
||
|
||
2005-04-25 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_slave.c: add the documented option --port
|
||
|
||
* ipropd_master.c: add the documented option --port
|
||
|
||
* dump_log.c: use the newly generated units function
|
||
|
||
2005-04-24 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* dump_log.c: use strlcpy
|
||
|
||
* password_quality.c: don't use sizeof(pointer)
|
||
|
||
2005-04-15 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* check-cracklib.pl: external password verifier sample
|
||
|
||
* password_quality.c (kadm5_add_passwd_quality_verifier): if NULL
|
||
is passed in, load defaults
|
||
|
||
2005-04-14 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* password_quality.c: add an end tag to the external password
|
||
quality check protocol
|
||
|
||
2005-04-13 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* password_quality.c: add external passsword quality check builtin
|
||
module
|
||
|
||
[password_quality]
|
||
policies = external-check
|
||
external-program = /bin/false
|
||
|
||
To approve password a, make the test program return APPROVED on
|
||
stderr and fail with exit code 0.
|
||
|
||
2004-10-12 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Makefile.am: bump version to 7:7:0 and 6:5:2
|
||
|
||
* default_keys.c (parse_file): use hdb_generate_key_set
|
||
|
||
* keys.c,set_keys.c: Move keyset parsing and password based keyset
|
||
generation into hdb. Requested by Andrew Bartlett <abartlet@samba.org>
|
||
for hdb-ldb backend.
|
||
|
||
2004-09-23 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* ipropd_master.c: add help strings to some options
|
||
|
||
2004-09-12 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* chpass_s.c: deal with changed prototype for _kadm5_free_keys
|
||
|
||
* keys.c (_kadm5_free_keys): change prototype, make it use
|
||
krb5_context instead of a kadm5_server_context
|
||
|
||
* set_keys.c (parse_key_set): do way with static returning
|
||
(function) static variable and returned allocated memory
|
||
(_kadm5_generate_key_set): free enctypes returned by parse_key_set
|
||
|
||
2004-09-06 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* set_keys.c: Fix memory leak, don't return stack variables From
|
||
Andrew Bartlett
|
||
|
||
* set_keys.c: make all_etypes const and move outside function to
|
||
avoid returning data on stack
|
||
|
||
2004-08-26 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* acl.c (fetch_acl): use " \t\n" instead of just "\n" for the
|
||
delim of the third element, this is so we can match
|
||
"foo@REALM<SPC>all<SPC><SPC>*@REALM", before it just matched
|
||
"foo@REALM<SPC>all<SPC>*@REALM", but that is kind of lucky since
|
||
what really happen was that the last <SPC> was stamped out, and
|
||
the it never strtok_r never needed to parse over it.
|
||
|
||
2004-08-25 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* set_keys.c (_kadm5_generate_key_set): since arcfour-hmac-md5 is
|
||
without salting, some people tries to add the string
|
||
"arcfour-hmac-md5" when they really should have used
|
||
"arcfour-hmac-md5:pw-salt", help them and add glue for that
|
||
|
||
2004-08-18 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* ipropd_slave.c: add --detach
|
||
|
||
2004-07-06 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ad.c: use new tsasl interface remove debug printf add upn to
|
||
computer-accounts
|
||
|
||
2004-06-28 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ad.c: implement kadm5_ad_init_with_password_ctx set more error
|
||
strings
|
||
|
||
2004-06-21 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Makefile.am: man_MANS = kadm5_pwcheck.3
|
||
|
||
* kadm5_pwcheck.3: document new password quality api
|
||
|
||
* password_quality.c: new password check interface (old still
|
||
supported)
|
||
|
||
* kadm5-pwcheck.h: new password check interface
|
||
|
||
2004-06-08 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_master.c (main): process all slaves, not just up to the
|
||
last slave sending data
|
||
(bug report from Björn Sandell <biorn@dce.chalmers.se>)
|
||
(*): only send one ARE_YOU_THERE
|
||
|
||
2004-06-02 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ad.c: use krb5_set_password_using_ccache
|
||
|
||
2004-06-01 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ad.c: try handle spn's better
|
||
|
||
2004-05-31 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ad.c: add expiration time
|
||
|
||
* ad.c: add modify operations
|
||
|
||
* ad.c: handle create and delete
|
||
|
||
2004-05-27 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ad.c: more code for get, handle attributes
|
||
|
||
* ad.c: more code for get, handle time stamps and bad password
|
||
counter
|
||
|
||
* ad.c: more code for get, only fetches kvno for now
|
||
|
||
2004-05-26 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ad.c: add support for tsasl
|
||
|
||
* private.h: add kadm5_ad_context
|
||
|
||
* ipropd_master.c (prop_one): store the opcode in the begining of
|
||
the blob, not the end
|
||
|
||
* ad.c: try all ldap servers in dns, generate a random password,
|
||
base64(random_block(64)), XXX must make it support other then
|
||
ARCFOUR
|
||
|
||
* ad.c: framework for windows AD backend
|
||
|
||
2004-03-07 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* create_s.c (kadm5_s_create_principal): remove old XXX command
|
||
and related code, _kadm5_set_keys will do all this now
|
||
|
||
2004-02-29 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* set_keys.c (_kadm5_set_keys_randomly): make sure enctype to copy
|
||
enctype for des keys From: Andrew Bartlett <abartlet@samba.org>
|
||
|
||
* create_s.c (kadm5_s_create_principal_with_key): don't call
|
||
_kadm5_set_keys2, create_principal will do that for us. Set kvno
|
||
to 1.
|
||
|
||
* chpass_s.c (change): bump kvno
|
||
(kadm5_s_chpass_principal_with_key): bump kvno
|
||
|
||
* randkey_s.c (kadm5_s_randkey_principal): bump kvno
|
||
|
||
* set_keys.c (_kadm5_set_*): don't change the kvno, let the callee
|
||
to that
|
||
|
||
2003-12-30 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* chpass_s.c (change): fix same-password-again by decrypting keys
|
||
and setting an error code From: Buck Huppmann <buckh@pobox.com>
|
||
|
||
2003-12-21 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* init_c.c (_kadm5_c_init_context): catch errors from strdup and
|
||
other krb5_ functions
|
||
|
||
2003-12-08 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* rename_s.c (kadm5_s_rename_principal): allow principal to change
|
||
realm From Panasas Inc
|
||
|
||
2003-12-07 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* destroy_c.c (kadm5_c_destroy): fix memory leaks, From Panasas,
|
||
Inc
|
||
|
||
2003-11-23 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* iprop.h: don't include <krb5-private.h>
|
||
|
||
* ipropd_slave.c: stop using krb5 lib private byte-frobbing
|
||
functions and replace them with with krb5_storage
|
||
|
||
* ipropd_master.c: stop using krb5 lib private byte-frobbing
|
||
functions and replace them with with krb5_storage
|
||
|
||
2003-11-19 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_slave.c (receive_loop): when seeking over the entries we
|
||
already have, skip over the trailer. From: Jeffrey Hutzelman
|
||
<jhutz@cmu.edu>
|
||
|
||
* dump_log.c,ipropd_master.c,ipropd_slave.c,
|
||
replay_log.c,truncate_log.c: parse kdc.conf
|
||
From: Jeffrey Hutzelman <jhutz@cmu.edu>
|
||
|
||
2003-10-10 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Makefile.am: += test_pw_quality
|
||
|
||
* test_pw_quality.c: test program for verifying password quality
|
||
function
|
||
|
||
2003-09-03 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* Makefile.am: add and enable check program default_keys
|
||
|
||
* default_keys.c: test program for _kadm5_generate_key_set
|
||
|
||
* init_c.c: use
|
||
krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free
|
||
|
||
2003-08-17 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* set_keys.c (_kadm5_set_keys_randomly): remove dup return
|
||
|
||
* ipropd_master.c (main): make sure current_version is initialized
|
||
|
||
2003-08-15 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* set_keys.c: use default_keys for the both random keys and
|
||
password derived keys if its defined
|
||
|
||
2003-07-24 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_slave.c (receive_everything): switch close and rename
|
||
From: Alf Wachsmann <alfw@SLAC.Stanford.EDU>
|
||
|
||
2003-07-03 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* iprop.h, ipropd_master.c, ipropd_slave.c:
|
||
Add probing from the server that the client is still there, also
|
||
make the client check that the server is probing.
|
||
|
||
2003-07-02 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* truncate_log.c (main): add missing ``if (ret)''
|
||
|
||
2003-06-26 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* set_keys.c (make_keys): add AES support
|
||
|
||
* set_keys.c: fix off by one in the aes case, pointed out by Ken
|
||
Raeburn
|
||
|
||
2003-04-30 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* set_keys.c (_kadm5_set_keys_randomly): add
|
||
ETYPE_AES256_CTS_HMAC_SHA1_96 key when configuried with aes
|
||
support
|
||
|
||
2003-04-16 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* send_recv.c: check return values from krb5_data_alloc
|
||
* log.c: check return values from krb5_data_alloc
|
||
|
||
2003-04-16 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* dump_log.c (print_entry): check return values from
|
||
krb5_data_alloc
|
||
|
||
2003-04-01 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* init_c.c (kadm_connect): if a context realm was passed in, use
|
||
that to form the kadmin/admin principal
|
||
|
||
2003-03-19 Love Hörnquist Åstrand <lha@it.su.se>
|
||
|
||
* ipropd_master.c (main): make sure we don't consider dead slave
|
||
for select processing
|
||
(write_stats): use slave_stats_file variable,
|
||
check return value of strftime
|
||
(args): allow specifying slave stats file
|
||
(slave_dead): close the fd when the slave dies
|
||
|
||
2002-10-21 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* ipropd_slave.c (from Derrick Brashear): Propagating a large
|
||
database without this means the slave kdcs can get erroneous
|
||
HDB_NOENTRY and return the resulting errors. This creates a new db
|
||
handle, populates it, and moves it into place.
|
||
|
||
2002-08-26 Assar Westerlund <assar@kth.se>
|
||
|
||
* ipropd_slave.c (receive_everything): type-correctness calling
|
||
_krb5_get_int
|
||
|
||
* context_s.c (find_db_spec): const-correctness in parameters to
|
||
krb5_config_get_next
|
||
|
||
2002-08-16 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* private.h: rename header file flag macro
|
||
|
||
* Makefile.am: generate kadm5-{protos,private}.h
|
||
|
||
2002-08-15 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* ipropd_master.c: check return value of krb5_sockaddr2address
|
||
|
||
2002-07-04 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* ipropd_master.c: handle slaves that come and go; add status
|
||
reporting (both from Love)
|
||
|
||
* iprop.h: KADM5_SLAVE_STATS
|
||
|
||
2002-03-25 Jacques Vidrine <n@nectar.com>
|
||
|
||
* init_c.c (get_cred_cache): bug fix: the default credentials
|
||
cache was not being used if a client name was specified.
|
||
|
||
2002-03-25 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* init_c.c (get_cred_cache): when getting the default_client from
|
||
the cred cache, make sure the instance part is "admin"; this
|
||
should require fewer uses of -p
|
||
|
||
2002-03-11 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:5:0
|
||
(libkadm5clnt_la_LDFLAGS): set version to 6:3:2
|
||
|
||
2002-02-08 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* init_c.c: we have to create our own param struct before
|
||
marshaling
|
||
|
||
2001-09-05 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* Makefile.am: link with LIB_pidfile
|
||
|
||
* iprop.h: include util.h for pidfile
|
||
|
||
2001-08-31 Assar Westerlund <assar@sics.se>
|
||
|
||
* ipropd_slave.c (main): syslog with the correct name
|
||
|
||
2001-08-30 Jacques Vidrine <n@nectar.com>
|
||
|
||
* ipropd_slave.c, ipropd_master.c (main): call pidfile
|
||
|
||
2001-08-28 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:4:0
|
||
|
||
2001-08-24 Assar Westerlund <assar@sics.se>
|
||
|
||
* acl.c (fetch_acl): do not return bogus flags and re-organize
|
||
function
|
||
|
||
* Makefile.am: rename variable name to avoid error from current
|
||
automake
|
||
|
||
2001-08-13 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* set_keys.c: add easier afs configuration, defaulting to the
|
||
local realm in lower case; also try to remove duplicate salts
|
||
|
||
2001-07-12 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am: add required library dependencies
|
||
|
||
2001-07-03 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 6:2:2
|
||
|
||
2001-06-29 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* init_c.c: call krb5_get_init_creds_opt_set_default_flags
|
||
|
||
2001-02-19 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* replay_log.c: add --{start-end}-version flags to replay just
|
||
part of the log
|
||
|
||
2001-02-15 Assar Westerlund <assar@sics.se>
|
||
|
||
* ipropd_master.c (main): fix select-loop to decrement ret
|
||
correctly. from "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
|
||
|
||
2001-01-30 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am: bump versions
|
||
|
||
2000-12-31 Assar Westerlund <assar@sics.se>
|
||
|
||
* init_s.c (*): handle krb5_init_context failure consistently
|
||
* init_c.c (init_context): handle krb5_init_context failure
|
||
consistently
|
||
|
||
2000-12-11 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:2:0
|
||
|
||
2000-11-16 Assar Westerlund <assar@sics.se>
|
||
|
||
* set_keys.c (make_keys): clean-up salting loop and try not to
|
||
leak memory
|
||
|
||
* ipropd_master.c (main): check for fd's being too large to select
|
||
on
|
||
|
||
2000-08-16 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:1:0
|
||
|
||
2000-08-10 Assar Westerlund <assar@sics.se>
|
||
|
||
* acl.c (fetch_acl): fix wrong cases, use krb5_principal_match
|
||
|
||
2000-08-07 Assar Westerlund <assar@sics.se>
|
||
|
||
* ipropd_master.c (main): ignore SIGPIPE
|
||
|
||
2000-08-06 Assar Westerlund <assar@sics.se>
|
||
|
||
* ipropd_slave.c (receive_everything): make `fd' an int instead of
|
||
a pointer. From Derrick J Brashear <shadow@dementia.org>
|
||
|
||
2000-08-04 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* admin.h: change void** to void*
|
||
|
||
2000-07-25 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* Makefile.am: bump versions to 7:0:0 and 6:0:2
|
||
|
||
2000-07-24 Assar Westerlund <assar@sics.se>
|
||
|
||
* log.c (kadm5_log_get_version): rename kadm5_log_get_version_fd
|
||
and make a new that takes a context
|
||
(kadm5_log_nop): add logging of missing lengths
|
||
(kadm5_log_truncate): new function
|
||
|
||
* dump_log.c (print_entry): update and correct
|
||
* randkey_s.c: call _kadm5_bump_pw_expire
|
||
* truncate_log.c: new program for truncating the log
|
||
* Makefile.am (sbin_PROGRAMS): add truncate_log
|
||
(C_SOURCES): add bump_pw_expire.c
|
||
* bump_pw_expire.c: new function for extending password expiration
|
||
|
||
2000-07-22 Assar Westerlund <assar@sics.se>
|
||
|
||
* keys.c: new file with _kadm5_free_keys, _kadm5_init_keys
|
||
|
||
* set_keys.c (free_keys, init_keys): elevate to internal kadm5
|
||
functions
|
||
|
||
* chpass_s.c (kadm5_s_chpass_principal_cond): new function
|
||
* Makefile.am (C_SOURCES): add keys.c
|
||
* init_c.c: remove unused variable and handle some parameters
|
||
being NULL
|
||
|
||
2000-07-22 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* ipropd_slave.c: use krb5_read_priv_message
|
||
|
||
* ipropd_master.c: use krb5_{read,write}_priv_message
|
||
|
||
* init_c.c: use krb5_write_priv_message
|
||
|
||
2000-07-11 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* ipropd_slave.c: no need to call gethostname, since
|
||
sname_to_principal will
|
||
|
||
* send_recv.c: assert that we have a connected socket
|
||
|
||
* get_princs_c.c: call _kadm5_connect
|
||
|
||
* rename_c.c: call _kadm5_connect
|
||
|
||
* randkey_c.c: call _kadm5_connect
|
||
|
||
* privs_c.c: call _kadm5_connect
|
||
|
||
* modify_c.c: call _kadm5_connect
|
||
|
||
* get_c.c: call _kadm5_connect
|
||
|
||
* delete_c.c: call _kadm5_connect
|
||
|
||
* create_c.c: call _kadm5_connect
|
||
|
||
* chpass_c.c: call _kadm5_connect
|
||
|
||
* private.h: add more fields to client context; remove prototypes
|
||
|
||
* admin.h: remove prototypes
|
||
|
||
* kadm5-protos.h: move public prototypes here
|
||
|
||
* kadm5-private.h: move private prototypes here
|
||
|
||
* init_c.c: break out connection code to separate function, and
|
||
defer calling it until we actually do something
|
||
|
||
2000-07-07 Assar Westerlund <assar@sics.se>
|
||
|
||
* set_keys.c (make_keys): also support `[kadmin]use_v4_salt' for
|
||
backwards compatability
|
||
|
||
2000-06-26 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* set_keys.c (_kadm5_set_keys): rewrite this to be more easily
|
||
adaptable to different salts
|
||
|
||
2000-06-19 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* get_s.c: pa_* -> KRB5_PADATA_*
|
||
|
||
2000-06-16 Assar Westerlund <assar@sics.se>
|
||
|
||
* ipropd_slave.c: change default keytab to default keytab (as in
|
||
typically FILE:/etc/krb5.keytab)
|
||
|
||
2000-06-08 Assar Westerlund <assar@sics.se>
|
||
|
||
* ipropd_slave.c: bug fixes, for actually writing the full dump to
|
||
the database. based on a patch from Love <lha@stacken.kth.se>
|
||
|
||
2000-06-07 Assar Westerlund <assar@sics.se>
|
||
|
||
* acl.c: add support for patterns of principals
|
||
* log.c (kadm5_log_replay_create): handle more NULL pointers
|
||
(should they really happen?)
|
||
* log.c (kadm5_log_replay_modify): handle max_life == NULL and
|
||
max_renew == NULL
|
||
|
||
* ipropd_master.c: use syslog. be less verbose
|
||
* ipropd_slave.c: use syslog
|
||
|
||
2000-06-05 Assar Westerlund <assar@sics.se>
|
||
|
||
* private.h (kadm_ops): add kadm_nop more prototypes
|
||
* log.c (kadm5_log_set_version, kadm5_log_reinit, kadm5_log_nop,
|
||
kadm5_log_replay_nop): add
|
||
* ipropd_slave.c: and some more improvements
|
||
* ipropd_master.c: lots of improvements
|
||
* iprop.h (IPROP_PORT, IPROP_SERVICE): add
|
||
(iprop_cmd): add new commands
|
||
|
||
* dump_log.c: add nop
|
||
|
||
2000-05-15 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 5:1:1
|
||
|
||
2000-05-12 Assar Westerlund <assar@sics.se>
|
||
|
||
* get_s.c (kadm5_s_get_principal): set life, rlife to INT_MAX as a
|
||
fallback. handle not having any creator.
|
||
* destroy_s.c (kadm5_s_destroy): free all allocated memory
|
||
* context_s.c (set_field): free variable if it's already set
|
||
(find_db_spec): malloc space for all strings
|
||
|
||
2000-04-05 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (LDADD): add LIB_openldap
|
||
|
||
2000-04-03 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 6:0:1
|
||
(libkadm5clnt_la_LDFLAGS): set version to 5:0:1
|
||
|
||
2000-03-24 Assar Westerlund <assar@sics.se>
|
||
|
||
* set_keys.c (_kadm5_set_keys2): rewrite
|
||
(_kadm5_set_keys3): add
|
||
|
||
* private.h (struct kadm_func): add chpass_principal_with_key
|
||
* init_c.c (set_funcs): add chpass_principal_with_key
|
||
|
||
2000-03-23 Assar Westerlund <assar@sics.se>
|
||
|
||
* context_s.c (set_funcs): add chpass_principal_with_key
|
||
* common_glue.c (kadm5_chpass_principal_with_key): add
|
||
* chpass_s.c: comment-ize and change calling convention for
|
||
_kadm5_set_keys*
|
||
* chpass_c.c (kadm5_c_chpass_principal_with_key): add
|
||
|
||
2000-02-07 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0
|
||
|
||
2000-01-28 Assar Westerlund <assar@sics.se>
|
||
|
||
* init_c.c (get_new_cache): make sure to request non-forwardable,
|
||
non-proxiable
|
||
|
||
2000-01-06 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (libkadm5srv.la): bump version to 5:1:0
|
||
|
||
* context_s.c (_kadm5_s_init_context): handle params == NULL
|
||
|
||
1999-12-26 Assar Westerlund <assar@sics.se>
|
||
|
||
* get_s.c (kadm5_s_get_principal): handle modified_by->principal
|
||
== NULL
|
||
|
||
1999-12-20 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (libkadm5clnt_la_LDFLAGS): bump version to 4:1:0
|
||
|
||
* init_c.c (_kadm5_c_init_context): handle getting back port
|
||
number from admin host
|
||
(kadm5_c_init_with_context): remove `proto/' part before doing
|
||
getaddrinfo()
|
||
|
||
1999-12-06 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am: bump version to 5:0:0 and 4:0:0
|
||
|
||
* init_c.c (kadm5_c_init_with_context): don't use unitialized
|
||
stuff
|
||
|
||
1999-12-04 Assar Westerlund <assar@sics.se>
|
||
|
||
* replay_log.c: adapt to changed kadm5_log_foreach
|
||
|
||
* log.c (kadm5_log_foreach): change to take a
|
||
`kadm5_server_context'
|
||
|
||
* init_c.c: use krb5_warn{,x}
|
||
|
||
* dump_log.c: adapt to changed kadm5_log_foreach
|
||
|
||
* init_c.c: re-write to use getaddrinfo
|
||
* Makefile.am (install-build-headers): add dependency
|
||
|
||
1999-12-03 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* log.c (kadm5_log_foreach): pass context
|
||
|
||
* dump_log.c: print more interesting things
|
||
|
||
1999-12-02 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* ipropd_master.c (process_msg): check for short reads
|
||
|
||
1999-11-25 Assar Westerlund <assar@sics.se>
|
||
|
||
* modify_s.c (kadm5_s_modify_principal): support key_data
|
||
(kadm5_s_modify_principal_with_key): remove
|
||
|
||
* admin.h (kadm5_s_modify_principal_with_key): remove
|
||
|
||
1999-11-20 Assar Westerlund <assar@sics.se>
|
||
|
||
* context_s.c (find_db_spec): ugly cast work-around.
|
||
|
||
1999-11-14 Assar Westerlund <assar@sics.se>
|
||
|
||
* context_s.c (_kadm5_s_init_context): call krb5_add_et_list so
|
||
that we aren't dependent on the layout of krb5_context_data
|
||
* init_c.c (_kadm5_c_init_context): call krb5_add_et_list so that
|
||
we aren't dependent on the layout of krb5_context_data
|
||
|
||
1999-11-13 Assar Westerlund <assar@sics.se>
|
||
|
||
* password_quality.c (kadm5_setup_passwd_quality_check): use
|
||
correct types for function pointers
|
||
|
||
1999-11-09 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* randkey_s.c: always bail out if the fetch fails
|
||
|
||
* admin.h (kadm5_config_params): remove fields we're not using
|
||
|
||
* ipropd_slave.c: allow passing a realm
|
||
|
||
* ipropd_master.c: allow passing a realm
|
||
|
||
* dump_log.c: allow passing a realm
|
||
|
||
* acl.c: correctly get acl file
|
||
|
||
* private.h (kadm5_server_context): add config_params struct and
|
||
remove acl_file; bump protocol version number
|
||
|
||
* marshall.c: marshalling of config parameters
|
||
|
||
* init_c.c (kadm5_c_init_with_context): try to cope with old
|
||
servers
|
||
|
||
* init_s.c (kadm5_s_init_with_context): actually use some passed
|
||
values
|
||
|
||
* context_s.c (_kadm5_s_init_context): get dbname, acl_file, and
|
||
stash_file from the config parameters, try to figure out these if
|
||
they're not provided
|
||
|
||
1999-11-05 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am (install-build-headers): use `cp' instead of
|
||
INSTALL_DATA
|
||
|
||
1999-11-04 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am: bump version to 4:0:0 and 3:0:0 (they access fields
|
||
directly in libkrb5's context - bad functions)
|
||
|
||
* set_keys.c (_kadm5_set_keys_randomly): set enctypes correctly in
|
||
the copied keys
|
||
|
||
1999-10-20 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am: set version of kadm5srv to 3:0:2 (new password
|
||
quality functions).
|
||
set version of kdam5clnt to 2:1:1 (no interface changes)
|
||
|
||
* Makefile.am (LDADD): add $(LIB_dlopen)
|
||
|
||
1999-10-17 Assar Westerlund <assar@sics.se>
|
||
|
||
* randkey_s.c (kadm5_s_randkey_principal): use
|
||
_kadm5_set_keys_randomly
|
||
|
||
* set_keys.c (free_keys): free more memory
|
||
(_kadm5_set_keys): a little bit more generic
|
||
(_kadm5_set_keys_randomly): new function for setting random keys.
|
||
|
||
1999-10-14 Assar Westerlund <assar@sics.se>
|
||
|
||
* set_keys.c (_kadm5_set_keys): ignore old keys when setting new
|
||
ones and always add 3 DES keys and one 3DES key
|
||
|
||
1999-10-03 Assar Westerlund <assar@sics.se>
|
||
|
||
* init_c.c (_kadm5_c_init_context): use `krb5_get_krb_admin_hst'.
|
||
check return value from strdup
|
||
|
||
1999-09-26 Assar Westerlund <assar@sics.se>
|
||
|
||
* acl.c (_kadm5_privs_to_string): forgot one strcpy_truncate ->
|
||
strlcpy
|
||
|
||
1999-09-24 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* dump_log.c: remove unused `optind'
|
||
|
||
* replay_log.c: remove unused `optind'
|
||
|
||
1999-09-13 Assar Westerlund <assar@sics.se>
|
||
|
||
* chpass_c.c (kadm5_c_chpass_principal): new _kadm5_client_recv
|
||
|
||
* send_recv.c (_kadm5_client_recv): return result in a `krb5_data'
|
||
so that we avoid copying it and don't need to dimension in
|
||
advance. change all callers.
|
||
|
||
1999-09-10 Assar Westerlund <assar@sics.se>
|
||
|
||
* password_quality.c: new file
|
||
|
||
* admin.h
|
||
(kadm5_setup_passwd_quality_check,kadm5_check_password_quality):
|
||
add prototypes
|
||
|
||
* Makefile.am (S_SOURCES): add password_quality.c
|
||
|
||
1999-07-26 Assar Westerlund <assar@sics.se>
|
||
|
||
* Makefile.am: update versions to 2:0:1
|
||
|
||
1999-07-24 Assar Westerlund <assar@sics.se>
|
||
|
||
* ent_setup.c (_kadm5_setup_entry): make princ_expire_time == 0
|
||
and pw_expiration == 0 mean never
|
||
|
||
1999-07-22 Assar Westerlund <assar@sics.se>
|
||
|
||
* log.c (kadm5_log_flush): extra cast
|
||
|
||
1999-07-07 Assar Westerlund <assar@sics.se>
|
||
|
||
* marshall.c (store_principal_ent): encoding princ_expire_time and
|
||
pw_expiration in correct order
|
||
|
||
1999-06-28 Assar Westerlund <assar@sics.se>
|
||
|
||
* randkey_s.c (kadm5_s_randkey_principal): nuke old mkvno,
|
||
otherwise hdb will think that the new random keys are already
|
||
encrypted which will cause lots of confusion later.
|
||
|
||
1999-06-23 Assar Westerlund <assar@sics.se>
|
||
|
||
* ent_setup.c (_kadm5_setup_entry): handle 0 == unlimited
|
||
correctly. From Michal Vocu <michal@karlin.mff.cuni.cz>
|
||
|
||
1999-06-15 Assar Westerlund <assar@sics.se>
|
||
|
||
* init_c.c (get_cred_cache): use get_default_username
|
||
|
||
1999-05-23 Assar Westerlund <assar@sics.se>
|
||
|
||
* create_s.c (create_principal): if there's no default entry the
|
||
mask should be zero.
|
||
|
||
1999-05-21 Assar Westerlund <assar@sics.se>
|
||
|
||
* init_c.c (get_cred_cache): use $USERNAME
|
||
|
||
1999-05-17 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* init_c.c (get_cred_cache): figure out principal
|
||
|
||
1999-05-05 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* send_recv.c: cleanup _kadm5_client_{send,recv}
|
||
|
||
1999-05-04 Assar Westerlund <assar@sics.se>
|
||
|
||
* set_keys.c (_kadm5_set_keys2): don't check the recently created
|
||
memory for NULL pointers
|
||
|
||
* private.h (_kadm5_setup_entry): change prototype
|
||
|
||
* modify_s.c: call new _kadm5_setup_entry
|
||
|
||
* ent_setup.c (_kadm5_setup_entry): change so that it takes three
|
||
masks, one for what bits to set and one for each of principal and
|
||
def containing the bits that are set there.
|
||
|
||
* create_s.c: call new _kadm5_setup_entry
|
||
|
||
* create_s.c (get_default): check return value
|
||
(create_principal): send wider mask to _kadm5_setup_entry
|
||
|
||
1999-05-04 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* send_recv.c (_kadm5_client_recv): handle arbitrarily sized
|
||
packets, check for errors
|
||
|
||
* get_c.c: check for failure from _kadm5_client_{send,recv}
|
||
|
||
1999-05-04 Assar Westerlund <assar@sics.se>
|
||
|
||
* init_c.c (get_new_cache): don't abort when interrupted from
|
||
password prompt
|
||
|
||
* destroy_c.c (kadm5_c_destroy): check if we should destroy the
|
||
auth context
|
||
|
||
1999-05-03 Johan Danielsson <joda@pdc.kth.se>
|
||
|
||
* chpass_s.c: fix arguments to _kadm5_set_keys2
|
||
|
||
* private.h: proto
|
||
|
||
* set_keys.c: clear mkvno
|
||
|
||
* rename_s.c: add flags to fetch and store; seal keys before
|
||
logging
|
||
|
||
* randkey_s.c: add flags to fetch and store; seal keys before
|
||
logging
|
||
|
||
* modify_s.c: add flags to fetch and store; seal keys before
|
||
logging
|
||
|
||
* log.c: add flags to fetch and store; seal keys before logging
|
||
|
||
* get_s.c: add flags to fetch and store; seal keys before logging
|
||
|
||
* get_princs_s.c: add flags to fetch and store; seal keys before
|
||
logging
|
||
|
||
* delete_s.c: add flags to fetch and store; seal keys before
|
||
logging
|
||
|
||
* create_s.c: add flags to fetch and store; seal keys before
|
||
logging
|
||
|
||
* chpass_s.c: add flags to fetch and store; seal keys before
|
||
logging
|
||
|
||
* Makefile.am: remove server.c
|
||
|
||
* admin.h: add prototypes
|
||
|
||
* ent_setup.c (_kadm5_setup_entry): set key_data
|
||
|
||
* set_keys.c: add _kadm5_set_keys2 to sey keys from key_data
|
||
|
||
* modify_s.c: add kadm5_s_modify_principal_with_key
|
||
|
||
* create_s.c: add kadm5_s_create_principal_with_key
|
||
|
||
* chpass_s.c: add kadm5_s_chpass_principal_with_key
|
||
|
||
* kadm5_locl.h: move stuff to private.h
|
||
|
||
* private.h: move stuff from kadm5_locl.h
|
||
|