ChangeLog revision 178825
1107207Snectar2007-12-09 Love H�rnquist �strand <lha@it.su.se> 2107207Snectar 3107207Snectar * kadmin.c: Use hdb_db_dir(). 4107207Snectar 5103423Snectar * kadmind.c: Use hdb_db_dir(). 6103423Snectar 7103423Snectar2007-07-26 Love H�rnquist �strand <lha@it.su.se> 8103423Snectar 9103423Snectar * util.c: Clear error string, just to be sure. 10103423Snectar 11103423Snectar2007-05-10 Love H�rnquist �strand <lha@it.su.se> 12103423Snectar 13103423Snectar * kadmin-commands.in: modify --pkinit-acl 14103423Snectar 15103423Snectar * mod.c: add pk-init command 16103423Snectar 17103423Snectar2007-02-22 Love H�rnquist �strand <lha@it.su.se> 18103423Snectar 19103423Snectar * kadmin.8: document kadmin add_enctype functionallity. 20103423Snectar 21103423Snectar * Makefile.am: Add new command, add_enctype. 22103423Snectar 23102644Snectar * kadmin-commands.in: Add new command, add_enctype. 24102644Snectar 25102644Snectar * add_enctype.c: Add support for adding a random key enctype to a 26102644Snectar principal. 27102644Snectar 28102644Snectar2007-02-17 Love H�rnquist �strand <lha@it.su.se> 29102644Snectar 30102644Snectar * mod.c: add setting and displaying aliases 31102644Snectar 32102644Snectar * get.c: add setting and displaying aliases 33102644Snectar 34102644Snectar * kadmin-commands.in: add setting and displaying aliases 35102644Snectar 3690926Snectar2006-12-22 Love H�rnquist �strand <lha@it.su.se> 3790926Snectar 3890926Snectar * util.c: Make str2time_t parser more robust. 3990926Snectar 4090926Snectar * Makefile.am: Add test_util test program. 4190926Snectar 4290926Snectar * test_util.c: Test str2time_t parser. 4390926Snectar 4490926Snectar2006-12-05 Love H�rnquist �strand <lha@it.su.se> 4590926Snectar 4690926Snectar * add-random-users.c: Use strcspn to remove \n from fgets 4790926Snectar result. Prompted by change by Ray Lai of OpenBSD via Bj�rn 4890926Snectar Sandell. 4990926Snectar 5090926Snectar2006-10-22 Love H�rnquist �strand <lha@it.su.se> 5190926Snectar 5290926Snectar * mod.c: Try to not leak memory. 5390926Snectar 5490926Snectar * check.c: Try to not leak memory. 5590926Snectar 5690926Snectar2006-10-07 Love H�rnquist �strand <lha@it.su.se> 5790926Snectar 5890926Snectar * Makefile.am: split build files into dist_ and noinst_ SOURCES 5990926Snectar 6090926Snectar2006-08-28 Love H�rnquist �strand <lha@it.su.se> 6190926Snectar 6290926Snectar * kadmin.c (help): use sl_slc_help(). 6390926Snectar 6490926Snectar2006-08-24 Love H�rnquist �strand <lha@it.su.se> 6590926Snectar 6690926Snectar * util.c: Add KRB5_KDB_ALLOW_DIGEST 6790926Snectar 6890926Snectar2006-07-14 Love H�rnquist �strand <lha@it.su.se> 6990926Snectar 7090926Snectar * get.c (format_field): optionally print issuer and anchor. 7190926Snectar 7290926Snectar2006-06-21 Love H�rnquist �strand <lha@it.su.se> 7390926Snectar 7490926Snectar * check.c: Check if afs@REALM and afs/cellname@REALM both exists. 7590926Snectar 7690926Snectar2006-06-14 Love H�rnquist �strand <lha@it.su.se> 7790926Snectar 7890926Snectar * util.c (kdb_attrs): Add KRB5_KDB_ALLOW_KERBEROS4 7990926Snectar 8090926Snectar2006-06-07 Love H�rnquist �strand <lha@it.su.se> 8190926Snectar 8290926Snectar * mod.c (do_mod_entry): Add setting 1 delegation entry 8390926Snectar 8490926Snectar2006-06-01 Love H�rnquist �strand <lha@it.su.se> 8590926Snectar 8690926Snectar * server.c: Less shadowing. 8790926Snectar 8890926Snectar2006-05-13 Love H�rnquist �strand <lha@it.su.se> 8990926Snectar 9090926Snectar * Makefile.am: kadmin_SOURCES += add check.c 9190926Snectar 9290926Snectar * kadmin_locl.h: Avoid shadowing. 9390926Snectar 9490926Snectar * kadmin.8: Document the new check command. 9578527Sassar 9678527Sassar * kadmin-commands.in: Add check command 9778527Sassar 9878527Sassar * check.c: Check database for strange configurations on default 9978527Sassar principals. 10078527Sassar 10178527Sassar2006-05-08 Love H�rnquist �strand <lha@it.su.se> 10278527Sassar 10378527Sassar * server.c (kadm_get_privs): one less "pointer targets in passing 10478527Sassar argument differ in signedness" warning. 10578527Sassar 10678527Sassar2006-05-05 Love H�rnquist �strand <lha@it.su.se> 10778527Sassar 10878527Sassar * dump-format.txt: Moved to info documentation. 10978527Sassar 11078527Sassar * Rename u_intXX_t to uintXX_t 11178527Sassar 11278527Sassar2006-05-01 Love H�rnquist �strand <lha@it.su.se> 11378527Sassar 11478527Sassar * kadmin.8: spelling, update .Dd 11578527Sassar 11678527Sassar2006-04-12 Love H�rnquist �strand <lha@it.su.se> 11778527Sassar 11878527Sassar * add-random-users.c: Catch empty file case. From Tobias 11978527Sassar Stoeckmann. 12078527Sassar 12178527Sassar2006-04-07 Love H�rnquist �strand <lha@it.su.se> 12278527Sassar 12378527Sassar * random_password.c (generate_password): memory leak in error 12478527Sassar condition case From Coverity NetBSD CID#1887 12578527Sassar 12678527Sassar2006-02-19 Love H�rnquist �strand <lha@it.su.se> 12778527Sassar 12878527Sassar * cpw.c (cpw_entry): make sure ret have a defined value 12978527Sassar 13078527Sassar * del.c (del_entry): make sure ret have a defined value 13178527Sassar 13278527Sassar * mod.c: Return error code so that toplevel function can catch 13378527Sassar them. 13478527Sassar 13578527Sassar2006-01-25 Love H�rnquist �strand <lha@it.su.se> 13678527Sassar 13778527Sassar * cpw.c (cpw_entry): return 1 on failure. 13872445Sassar 13972445Sassar * rename.c (rename_entry): return 1 on failure. 14072445Sassar 14172445Sassar * del.c (del_entry): return 1 on failure. 14272445Sassar 14372445Sassar * ank.c (add_new_key): return 1 on failure. 14472445Sassar 14572445Sassar * get.c: Add printing of pkinit-acls. Don't print password by 14672445Sassar default. Return 1 on failure processing any of the principals. 14772445Sassar 14872445Sassar * util.c (foreach_principal): If any of calls to `func' failes, 14972445Sassar the first error is returned when all principals are processed. 15072445Sassar 15172445Sassar2005-12-01 Love H�rnquist �strand <lha@it.su.se> 15272445Sassar 15372445Sassar * kadmin-commands.in: Add ank as an alias to add, it lost in 15472445Sassar transition to slc, from M�ns Nilsson. 15572445Sassar 15672445Sassar2005-09-14 Love H�rquist �strand <lha@it.su.se> 15772445Sassar 15872445Sassar * dump-format.txt: Add extensions, fill in missing fields. 15972445Sassar 16072445Sassar2005-09-08 Love H�rquist �strand <lha@it.su.se> 16172445Sassar 16272445Sassar * init.c (create_random_entry): create principal with random 16372445Sassar password even though its disabled. From Andrew Bartlet 16472445Sassar <abartlet@samba.org> 16572445Sassar 16672445Sassar2005-09-01 Love H�rquist �strand <lha@it.su.se> 16772445Sassar 16872445Sassar * kadm_conn.c: Use socket_set_reuseaddr and socket_set_ipv6only. 16972445Sassar 17072445Sassar2005-08-11 Love H�rquist �strand <lha@it.su.se> 17172445Sassar 17272445Sassar * get.c: Remove structure that is never used (sneaked in the large 17372445Sassar TL_DATA patch). 17472445Sassar 17572445Sassar * kadmin-commands.in: Rename password-quality to 17672445Sassar verify-password-quality. 17772445Sassar 17872445Sassar * get.c: Indent. 17972445Sassar 18072445Sassar * server.c: Avoid shadowing exp(). 18172445Sassar 18272445Sassar * load.c: Parse extensions. 18372445Sassar 18472445Sassar * kadmin_locl.h: Include <hex.h>. 18572445Sassar 18672445Sassar * get.c: Extend struct field_name to have a subvalue and a 18772445Sassar extra_mask. Use that to implement printing of KADM5_TL_DATA 18872445Sassar options and fix a dependency bug (keys needed principal to print 18972445Sassar the salting). 19072445Sassar 19172445Sassar2005-07-08 Love H�rquist �strand <lha@it.su.se> 19272445Sassar 19372445Sassar * lower amount of shadow and const warnings 19472445Sassar 19572445Sassar2005-06-07 David Love <fx@gnu.org> 19672445Sassar 19772445Sassar * dump-format.txt: Clarify, spelling and add examples. 19872445Sassar 19972445Sassar2005-05-30 Love H�rquist �strand <lha@it.su.se> 20072445Sassar 20172445Sassar * util.c (kdb_attrs): add ok-as-delegate 20272445Sassar 20372445Sassar * get.c (getit): init data.mask to 0. Problem found by Andrew 20472445Sassar Bartlett <abartlet@samba.org> 20572445Sassar 20672445Sassar2005-05-09 Love H�rquist �strand <lha@it.su.se> 20772445Sassar 20872445Sassar * kadmin.c (main): catch -2 as EOF 20972445Sassar 21072445Sassar2005-05-03 Dave Love <d.love@dl.ac.uk> 21172445Sassar 21272445Sassar * init.c (init): Don't disable forwardable for kadmin/changepw. 21372445Sassar 21472445Sassar2005-05-02 Dave Love <d.love@dl.ac.uk> 21572445Sassar 21672445Sassar * kadmin.c (help): Don't use non-constant initializer for `fake'. 21772445Sassar 21872445Sassar2005-04-20 Love H�rquist �strand <lha@it.su.se> 21972445Sassar 22072445Sassar * util.c (foreach_principal): initialize ret to make sure it have 22172445Sassar a value 22272445Sassar 22372445Sassar2005-04-04 Love H�rquist �strand <lha@it.su.se> 22472445Sassar 22572445Sassar * kadmind.c: add verifier libraries with 22672445Sassar kadm5_add_passwd_quality_verifier 22772445Sassar 22872445Sassar * kadmin.c: add verifier libraries with 22972445Sassar kadm5_add_passwd_quality_verifier 23072445Sassar 23172445Sassar * load.c: max-life and max-renew is of unsigned int in asn1 23272445Sassar compiler, use that for the parser too 23372445Sassar 23472445Sassar2005-03-26 Love H�rquist �strand <lha@it.su.se> 23572445Sassar 23672445Sassar * kadmin.8: List of attributes, from James F. Hranicky 23772445Sassar <jfh@cise.ufl.edu> 23872445Sassar 23972445Sassar2005-01-19 Love H�rquist �strand <lha@it.su.se> 24072445Sassar 24172445Sassar * dump.c (dump): handle errors 24272445Sassar 24372445Sassar2005-01-08 Love H�rquist �strand <lha@it.su.se> 24472445Sassar 24572445Sassar * dump-format.txt: text dump format 24672445Sassar 24772445Sassar2004-12-08 Love H�rquist �strand <lha@it.su.se> 24872445Sassar 24972445Sassar * kadmind.8: use keeps around options, from OpenBSD 25072445Sassar 25172445Sassar * kadmin.8: use keeps around options, "improve" spelling, from 25272445Sassar openbsd 25372445Sassar 25472445Sassar2004-11-01 Love H�rquist �strand <lha@it.su.se> 25572445Sassar 25672445Sassar * get.c (getit): always free columns 25772445Sassar 25872445Sassar * ank.c (add_one_principal): catch error from 25972445Sassar UI_UTIL_read_pw_string 26072445Sassar 26172445Sassar2004-10-31 Love H�rquist �strand <lha@it.su.se> 26272445Sassar 26372445Sassar * del_enctype.c (del_enctype): fix off-by-one error in del_enctype 26472445Sassar From: <ragge@ludd.luth.se> 26572445Sassar 26672445Sassar2004-08-13 Love H�rquist �strand <lha@it.su.se> 26772445Sassar 26872445Sassar * get.c: print keytypes on long format 26972445Sassar 27072445Sassar2004-07-06 Love H�rquist �strand <lha@it.su.se> 27172445Sassar 27272445Sassar * get.c (format_field): allow mod_name to be optional 27372445Sassar 27472445Sassar * ext.c (do_ext_keytab): if there isn't any keydata, try using 27572445Sassar kadm5_randkey_principal 27672445Sassar 27772445Sassar2004-07-02 Love H�rquist �strand <lha@it.su.se> 27872445Sassar 27972445Sassar * load.c: make merge/load work again 28072445Sassar 28172445Sassar * del.c: fix usage string 28272445Sassar 28372445Sassar * ank.c: fix slc lossage 28472445Sassar 28572445Sassar2004-06-28 Love H�rquist �strand <lha@it.su.se> 28672445Sassar 28772445Sassar * kadmin.c: use kadm5_ad_init_with_password_ctx 28872445Sassar 28972445Sassar2004-06-27 Johan Danielsson <joda@pdc.kth.se> 29072445Sassar 29172445Sassar * kadmin.8: document get -o and stash 29272445Sassar 29372445Sassar * get.c: implement output column selection, similar to ps -o 29472445Sassar 29572445Sassar * kadmin-commands.in: make get -l the default again, and add 29672445Sassar column selection flag; sync list with get 29772445Sassar 29872445Sassar2004-06-24 Johan Danielsson <joda@pdc.kth.se> 29972445Sassar 30072445Sassar * kadmin-commands.in: mod needs default kvno of -1 30172445Sassar 30272445Sassar2004-06-21 Johan Danielsson <joda@pdc.kth.se> 30372445Sassar 30472445Sassar * kadmin: convert to use slc; also add stash subcommand 30572445Sassar 30672445Sassar2004-06-15 Love H�rquist �strand <lha@it.su.se> 30772445Sassar 30872445Sassar * kadmin.c (main): keytab mode requires principal name 30972445Sassar 31072445Sassar2004-06-12 Love H�rquist �strand <lha@it.su.se> 31172445Sassar 31272445Sassar * kadmind.c: drop keyfile, not used, found by 31372445Sassar Elrond <elrond@samba-tng.org> 31472445Sassar 31572445Sassar * kadmin.c: if keyfile is set, pass in to libkadm5 bug pointed out 31672445Sassar by Elrond <elrond@samba-tng.org> 31772445Sassar 31872445Sassar2004-05-31 Love H�rquist �strand <lha@it.su.se> 31972445Sassar 32072445Sassar * kadmin.c: add --ad flag, XXX rewrite the init kadm5 interface 32172445Sassar 32272445Sassar2004-05-13 Johan Danielsson <joda@pdc.kth.se> 32372445Sassar 32472445Sassar * nuke kerberos 4 kadmin goo 32572445Sassar 32672445Sassar2004-05-07 Johan Danielsson <joda@pdc.kth.se> 32772445Sassar 32872445Sassar * util.c (str2time_t): fix end-of-day logic, from Duncan 32972445Sassar McEwan/Mark Davies. 33072445Sassar 33172445Sassar2004-04-29 Love H�rquist �strand <lha@it.su.se> 33272445Sassar 33372445Sassar * version4.c (handle_v4): make sure length is longer then 2, 33472445Sassar Pointed out by Evgeny Demidov <demidov@gleg.net> 33572445Sassar 33672445Sassar * kadmind.c: make kerberos4 support default turned off 33772445Sassar 33872445Sassar2004-03-24 Johan Danielsson <joda@pdc.kth.se> 33972445Sassar 34072445Sassar * kadmin.8: update manpage 34172445Sassar 34272445Sassar * mod.c: allow wildcarding principals, and make parameters a work 34372445Sassar same as if prompted 34472445Sassar 34572445Sassar2004-03-08 Love H�rquist �strand <lha@it.su.se> 34672445Sassar 34772445Sassar * kadmin.8: document password-quality 34872445Sassar 34972445Sassar * kadmin_locl.h: add prototype for password_quality 35072445Sassar 35172445Sassar * kadmin.c: add password-quality/pwq command 35272445Sassar 35372445Sassar * Makefile.am: kadmin_SOURCES += pw_quality.c 35472445Sassar 35572445Sassar * pw_quality.c: test run the password quality function 35672445Sassar 35772445Sassar2004-03-07 Love H�rquist �strand <lha@it.su.se> 35872445Sassar 35972445Sassar * ank.c (add_one_principal): even though the principal is disabled 36072445Sassar (creation of random key/keydata), create it with a random password 36172445Sassar 36272445Sassar2003-12-07 Love H�rquist �strand <lha@it.su.se> 36372445Sassar 36472445Sassar * init.c (create_random_entry): print error message on failure 36572445Sassar 36672445Sassar * ank.c (add_one_principal): pass right argument to 36772445Sassar kadm5_free_principal_ent From Panasas, Inc 36872445Sassar 36972445Sassar2003-11-18 Love H�rquist �strand <lha@it.su.se> 37072445Sassar 37157422Smarkm * kadmind.c (main): move opening the logfile to after reading 37257422Smarkm kdc.conf move the loading of hdb keytab ops closer to where its 37357422Smarkm used From: Jeffrey Hutzelman <jhutz@cmu.edu> 37457422Smarkm 37557422Smarkm2003-10-04 Love H�rquist �strand <lha@it.su.se> 37657416Smarkm 37757416Smarkm * util.c (str2time_t): allow whitespace between date and time 37857416Smarkm From: Bob Beck <beck@cvs.openbsd.org> and adharw@yahoo.com 37957416Smarkm 38057416Smarkm2003-09-03 Love H�rquist �strand <lha@it.su.se> 38155682Smarkm 38255682Smarkm * ank.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ 38355682Smarkm 38455682Smarkm * cpw.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ 38555682Smarkm 38655682Smarkm2003-08-21 Love H�rquist �strand <lha@it.su.se> 38755682Smarkm 38855682Smarkm * get.c (print_entry_terse): handle error when unparsing name 38955682Smarkm 39055682Smarkm2003-08-18 Love H�rquist �strand <lha@it.su.se> 39155682Smarkm 39255682Smarkm * kadmind.c (main): use krb5_prepend_config_files_default, now all 39355682Smarkm options in kdc.conf is parsed, not just [kdc]key-file= 39455682Smarkm 39555682Smarkm * kadmin.c (main): use krb5_prepend_config_files_default, now all 39655682Smarkm options in kdc.conf is parsed, not just [kdc]key-file= 39755682Smarkm 39855682Smarkm2003-04-14 Love H�rquist �strand <lha@it.su.se> 39955682Smarkm 40055682Smarkm * util.c: cast argument to tolower to unsigned char, from 40155682Smarkm Christian Biere <christianbiere@gmx.de> via NetBSD 40255682Smarkm 40355682Smarkm2003-04-06 Love H�rquist �strand <lha@it.su.se> 40455682Smarkm 40555682Smarkm * kadmind.8: s/kerberos/Kerberos/ 40655682Smarkm 40755682Smarkm2003-03-31 Love H�rquist �strand <lha@it.su.se> 40855682Smarkm 40955682Smarkm * kadmin.8: initialises -> initializes, from Perry E. Metzger" 41055682Smarkm <perry@piermont.com> 41155682Smarkm 41255682Smarkm * kadmin.c: principal, not pricipal. From Thomas Klausner 41355682Smarkm <wiz@netbsd.org> 41455682Smarkm 41555682Smarkm2003-02-04 Love H�rquist �strand <lha@it.su.se> 41655682Smarkm 41755682Smarkm * kadmind.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 41855682Smarkm 41955682Smarkm * kadmin.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 42055682Smarkm 42155682Smarkm2003-01-29 Love H�rquist �strand <lha@it.su.se> 42255682Smarkm 42355682Smarkm * server.c (kadmind_dispatch): kadm_chpass: require the password 42455682Smarkm to pass the password quality check in case the user changes the 42555682Smarkm user's own password kadm_chpass_with_key: disallow the user to 42655682Smarkm change it own password to a key, since that password might violate 42755682Smarkm the password quality check. 42855682Smarkm 42955682Smarkm2002-12-03 Johan Danielsson <joda@pdc.kth.se> 43055682Smarkm 43155682Smarkm * util.c (get_response): print a newline if interrupted 43255682Smarkm 43355682Smarkm * mod.c (mod_entry): check return value from edit_entry 43455682Smarkm 43555682Smarkm * ank.c (add_one_principal): check return value from edit_entry 43655682Smarkm 43755682Smarkm * ank.c (add_one_principal): don't continue if create_principal 43855682Smarkm fails 43955682Smarkm 44055682Smarkm * init.c: check return value from edit_deltat 44155682Smarkm 44255682Smarkm * init.c: add --help 44355682Smarkm 44455682Smarkm2002-10-29 Johan Danielsson <joda@pdc.kth.se> 44555682Smarkm 44655682Smarkm * version4.c: speling (from Tomas Olsson) 44755682Smarkm 44855682Smarkm2002-10-23 Assar Westerlund <assar@kth.se> 44955682Smarkm 45055682Smarkm * version4.c (decode_packet): check the length of the version 45155682Smarkm string and that rlen has a reasonable value 45255682Smarkm 45355682Smarkm2002-10-21 Johan Danielsson <joda@pdc.kth.se> 45455682Smarkm 45555682Smarkm * version4.c: check size of rlen 45655682Smarkm 45755682Smarkm2002-09-10 Johan Danielsson <joda@pdc.kth.se> 45855682Smarkm 45955682Smarkm * server.c: constify match_appl_version() 46055682Smarkm 46155682Smarkm * version4.c: change some lingering krb_err_base 46255682Smarkm 46355682Smarkm2002-09-09 Jacques Vidrine <nectar@kth.se> 46455682Smarkm 46555682Smarkm * server.c (kadmind_dispatch): while decoding arguments for 46655682Smarkm kadm_chpass_with_key, sanity check the number of keys given. 46755682Smarkm Potential problem pointed out by 46855682Smarkm Sebastian Krahmer <krahmer@suse.de>. 46955682Smarkm 47055682Smarkm2002-09-04 Johan Danielsson <joda@pdc.kth.se> 47155682Smarkm 47255682Smarkm * load.c (parse_generation): return if there is no generation 47355682Smarkm (spotted by Daniel Kouril) 47455682Smarkm 47555682Smarkm2002-06-07 Jacques Vidrine <n@nectar.com> 47655682Smarkm 47755682Smarkm * ank.c: do not attempt to free uninitialized pointer when 47855682Smarkm kadm5_randkey_principal fails. 47955682Smarkm 48055682Smarkm2002-06-07 Johan Danielsson <joda@pdc.kth.se> 48155682Smarkm 48255682Smarkm * util.c: remove unused variable; reported by Hans Insulander 48355682Smarkm 48455682Smarkm2002-03-05 Johan Danielsson <joda@pdc.kth.se> 48555682Smarkm 48655682Smarkm * kadmind.8: clarify some acl wording, and add an example file 48755682Smarkm 48855682Smarkm2002-02-11 Johan Danielsson <joda@pdc.kth.se> 48955682Smarkm 49055682Smarkm * ext.c: no need to use the "modify" keytab anymore 49155682Smarkm 49255682Smarkm2001-09-20 Assar Westerlund <assar@sics.se> 49355682Smarkm 49455682Smarkm * add-random-users.c: allocate several buffers for the list of 49555682Smarkm words, instead of one strdup per word (running under efence does 49655682Smarkm not work very well otherwise) 49755682Smarkm 49855682Smarkm2001-09-13 Assar Westerlund <assar@sics.se> 49955682Smarkm 50055682Smarkm * add-random-users.c: allow specifying the number of users to 50155682Smarkm create 50255682Smarkm 50355682Smarkm2001-08-24 Assar Westerlund <assar@sics.se> 50455682Smarkm 50555682Smarkm * Makefile.am: rename variable name to avoid error from current 50655682Smarkm automake 50755682Smarkm 50855682Smarkm2001-08-22 Assar Westerlund <assar@sics.se> 50955682Smarkm 51055682Smarkm * kadmin_locl.h: include libutil.h if it exists 51155682Smarkm 51255682Smarkm2001-08-10 Johan Danielsson <joda@pdc.kth.se> 51355682Smarkm 51455682Smarkm * util.c: do something to handle C-c in prompts 51555682Smarkm 51655682Smarkm * load.c: remove unused etypes code, and add parsing of the 51755682Smarkm generation field 51855682Smarkm 51955682Smarkm * ank.c: add a --use-defaults option to just use default values 52055682Smarkm without questions 52155682Smarkm 52255682Smarkm * kadmin.c: add "del" alias for delete 52355682Smarkm 52455682Smarkm * cpw.c: call this operation "passwd" in usage 52555682Smarkm 52655682Smarkm * kadmin_locl.h: prototype for set_defaults 52755682Smarkm 52855682Smarkm * util.c (edit_entry): move setting of default values to a 52955682Smarkm separate function, set_defaults 53055682Smarkm 53155682Smarkm2001-08-01 Johan Danielsson <joda@pdc.kth.se> 53255682Smarkm 53355682Smarkm * kadmin.c: print help message on bad options 53455682Smarkm 53555682Smarkm2001-07-31 Assar Westerlund <assar@sics.se> 53655682Smarkm 53755682Smarkm * add-random-users.c (main): handle --version 53855682Smarkm 53955682Smarkm2001-07-30 Johan Danielsson <joda@pdc.kth.se> 54055682Smarkm 54155682Smarkm * load.c: increase line buffer to 8k 54255682Smarkm 54355682Smarkm2001-06-12 Assar Westerlund <assar@sics.se> 54455682Smarkm 54555682Smarkm * ext.c (ext_keytab): use the default modify keytab per default 54655682Smarkm 54755682Smarkm2001-05-17 Assar Westerlund <assar@sics.se> 54855682Smarkm 54955682Smarkm * kadm_conn.c (start_server): fix krb5_eai_to_heim_errno call 55055682Smarkm 55155682Smarkm2001-05-15 Assar Westerlund <assar@sics.se> 55255682Smarkm 55355682Smarkm * kadmin.c (main): some error cleaning required 55455682Smarkm 55555682Smarkm2001-05-14 Assar Westerlund <assar@sics.se> 55655682Smarkm 55755682Smarkm * kadmind.c: new krb5_config_parse_file 55855682Smarkm * kadmin.c: new krb5_config_parse_file 55955682Smarkm * kadm_conn.c: update to new krb5_sockaddr2address 56055682Smarkm 56155682Smarkm2001-05-07 Assar Westerlund <assar@sics.se> 56255682Smarkm 56355682Smarkm * kadmin_locl.h (foreach_principal): update prototype 56455682Smarkm * get.c (getit): new foreach_principal 56555682Smarkm * ext.c (ext_keytab): new foreach_principal 56655682Smarkm * del.c (del_entry): new foreach_principal 56755682Smarkm * cpw.c (cpw_entry): new foreach_principal 56855682Smarkm * util.c (foreach_principal): add `funcname' and try printing the 56955682Smarkm error string 57055682Smarkm 57155682Smarkm2001-05-04 Johan Danielsson <joda@pdc.kth.se> 57255682Smarkm 57355682Smarkm * rename.c: fix argument number test 57455682Smarkm 57555682Smarkm2001-04-19 Johan Danielsson <joda@pdc.kth.se> 57655682Smarkm 57755682Smarkm * del_enctype.c: fix argument count check after getarg change; 57855682Smarkm spotted by mark@MCS.VUW.AC.NZ 57955682Smarkm 58055682Smarkm2001-02-15 Assar Westerlund <assar@sics.se> 58155682Smarkm 58255682Smarkm * kadmind.c (main): use a `struct sockaddr_storage' to be able to 58355682Smarkm store all types of addresses 58455682Smarkm 58555682Smarkm2001-02-07 Assar Westerlund <assar@sics.se> 58655682Smarkm 58755682Smarkm * kadmin.c: add --keytab / _K, from Leif Johansson 58855682Smarkm <leifj@it.su.se> 58955682Smarkm 59055682Smarkm2001-01-29 Assar Westerlund <assar@sics.se> 59155682Smarkm 59255682Smarkm * kadm_conn.c (spawn_child): close the newly created socket in the 593 packet, it's not used. from <shadow@dementia.org> 594 * version4.c (decode_packet): check success of 595 krb5_425_conv_principal. from <shadow@dementia.org> 596 5972001-01-12 Assar Westerlund <assar@sics.se> 598 599 * util.c (parse_attributes): make empty string mean no attributes, 600 specifying the empty string at the command line should give you no 601 attributes, but just pressing return at the prompt gives you 602 default attributes 603 (edit_entry): only pick up values from the default principal if they 604 aren't set in the principal being edited 605 6062001-01-04 Assar Westerlund <assar@sics.se> 607 608 * load.c (doit): print an error and bail out if storing an entry 609 in the database fails. The most likely reason for it failing is 610 out-of-space. 611 6122000-12-31 Assar Westerlund <assar@sics.se> 613 614 * kadmind.c (main): handle krb5_init_context failure consistently 615 * kadmin.c (main): handle krb5_init_context failure consistently 616 * add-random-users.c (add_user): handle krb5_init_context failure 617 consistently 618 619 * kadm_conn.c (spawn_child): use a struct sockaddr_storage 620 6212000-12-15 Johan Danielsson <joda@pdc.kth.se> 622 623 * get.c: avoid asprintf'ing NULL strings 624 6252000-12-14 Johan Danielsson <joda@pdc.kth.se> 626 627 * load.c: fix option parsing 628 6292000-11-16 Assar Westerlund <assar@sics.se> 630 631 * kadm_conn.c (wait_for_connection): check for fd's being too 632 large to select on 633 6342000-11-09 Johan Danielsson <joda@pdc.kth.se> 635 636 * get.c: don't try to print modifier name if it isn't set (from 637 Jacques A. Vidrine" <n@nectar.com>) 638 6392000-09-19 Assar Westerlund <assar@sics.se> 640 641 * server.c (kadmind_loop): send in keytab to v4 handling function 642 * version4.c: allow the specification of what keytab to use 643 644 * get.c (print_entry_long): actually print the actual saltvalue 645 used if it's not the default 646 6472000-09-10 Johan Danielsson <joda@pdc.kth.se> 648 649 * kadmin.c: add option parsing, and add `privs' as an alias for 650 `privileges' 651 652 * init.c: complain if there's no realm name specified 653 654 * rename.c: add option parsing 655 656 * load.c: add option parsing 657 658 * get.c: make `get' and `list' aliases to each other, but with 659 different defaults 660 661 * del_enctype.c: add option parsing 662 663 * del.c: add option parsing 664 665 * ank.c: calling the command `add' make more sense from an english 666 pov 667 668 * Makefile.am: add kadmin manpage 669 670 * kadmin.8: short manpage 671 672 * kadmin.c: `quit' should be a alias for `exit', not `help' 673 6742000-08-27 Assar Westerlund <assar@sics.se> 675 676 * server.c (handle_v5): do not try to perform stupid stunts when 677 printing errors 678 6792000-08-19 Assar Westerlund <assar@sics.se> 680 681 * util.c (str2time_t): add alias for `now'. 682 6832000-08-18 Assar Westerlund <assar@sics.se> 684 685 * server.c (handle_v5): accept any kadmin/admin@* principal as the 686 server 687 * kadmind.c: remove extra prototype of kadmind_loop 688 * kadmin_locl.h (kadmind_loop): add prototype 689 690 * init.c (usage): print init-usage and not add-dito 691 6922000-08-07 Johan Danielsson <joda@pdc.kth.se> 693 694 * kadmind.c: use roken_getsockname 695 6962000-08-07 Assar Westerlund <assar@sics.se> 697 698 * kadmind.c, kadm_conn.c: use socklen_t instead of int where 699 appropriate. From <thorpej@netbsd.org> 700 7012000-08-04 Johan Danielsson <joda@pdc.kth.se> 702 703 * Makefile.am: link with pidfile library 704 705 * kadmind.c: write a pid file, and setup password quality 706 functions 707 708 * kadmin_locl.h: util.h 709 7102000-07-27 Assar Westerlund <assar@sics.se> 711 712 * version4.c (decode_packet): be totally consistent with the 713 prototype of des_cbc_cksum 714 * kadmind.c: use sa_size instead of sa_len, some systems define 715 this to emulate anonymous unions 716 * kadm_conn.c: use sa_size instead of sa_len, some systems define 717 this to emulate anonymous unions 718 7192000-07-24 Assar Westerlund <assar@sics.se> 720 721 * kadmin.c (commands): add quit 722 * load.c (doit): truncate the log since there's no way of knowing 723 what changes are going to be added 724 7252000-07-23 Assar Westerlund <assar@sics.se> 726 727 * util.c (str2time_t): be more careful with strptime that might 728 zero out the `struct tm' 729 7302000-07-22 Johan Danielsson <joda@pdc.kth.se> 731 732 * kadm_conn.c: make the parent process wait for children and 733 terminate after receiving a signal, also terminate on SIGINT 734 7352000-07-22 Assar Westerlund <assar@sics.se> 736 737 * version4.c: map both princ_expire_time and pw_expiration to v4 738 principal expiration 739 7402000-07-22 Johan Danielsson <joda@pdc.kth.se> 741 742 * version4.c (handle_v4): check for termination 743 744 * server.c (v5_loop): check for termination 745 746 * kadm_conn.c (wait_term): if we're doing something, set just set 747 a flag otherwise exit rightaway 748 749 * server.c: use krb5_read_priv_message; (v5_loop): check for EOF 750 7512000-07-21 Assar Westerlund <assar@sics.se> 752 753 * kadm_conn.c: remove sys/select.h. make signal handlers 754 type-correct and static 755 756 * kadmin_locl.h: add limits.h and sys/select.h 757 7582000-07-20 Assar Westerlund <assar@sics.se> 759 760 * init.c (init): also create `kadmin/hprop' 761 * kadmind.c: ports is a string argument 762 * kadm_conn.c (start_server): fix printf format 763 764 * kadmin_locl.h: add <sys/select.h> 765 * kadm_conn.c: remove sys/select.h. make signal handlers 766 type-correct and static 767 768 * kadmin_locl.h: add limits.h and sys/select.h 769 7702000-07-17 Johan Danielsson <joda@pdc.kth.se> 771 772 * kadm_conn.c: put all processes in a new process group 773 774 * server.c (v5_loop): use krb5_{read,write}_priv_message 775 7762000-07-11 Johan Danielsson <joda@pdc.kth.se> 777 778 * version4.c: change log strings to match the v5 counterparts 779 780 * mod.c: allow setting kvno 781 782 * kadmind.c: if stdin is not a socket create and listen to sockets 783 784 * kadm_conn.c: socket creation functions 785 786 * util.c (deltat2str): treat 0 and INT_MAX as never 787 7882000-07-08 Assar Westerlund <assar@sics.se> 789 790 * Makefile.am (INCLUDES): add ../lib/krb5 791 * kadmin_locl.h: add krb5_locl.h (since we just use some stuff 792 from there) 793 7942000-06-07 Assar Westerlund <assar@sics.se> 795 796 * add-random-users.c: new testing program that adds a number of 797 randomly generated users 798 7992000-04-12 Assar Westerlund <assar@sics.se> 800 801 * cpw.c (do_cpw_entry): call set_password if no argument is given, 802 it will prompt for the password. 803 * kadmin.c: make help only print the commands that are actually 804 available. 805 8062000-04-03 Assar Westerlund <assar@sics.se> 807 808 * del_enctype.c (del_enctype): set ignore correctly 809 8102000-04-02 Assar Westerlund <assar@sics.se> 811 812 * kadmin.c (main): make parse errors a fatal error 813 * init.c (init): create changepw/kerberos with disallow-tgt and 814 pwchange attributes 815 8162000-03-23 Assar Westerlund <assar@sics.se> 817 818 * util.c (hex2n, parse_des_key): add 819 * server.c (kadmind_dispatch): add kadm_chpass_with_key 820 * cpw.c: add --key 821 * ank.c: add --key 822 8232000-02-16 Assar Westerlund <assar@sics.se> 824 825 * load.c (doit): check return value from parse_hdbflags2int 826 correctly 827 8282000-01-25 Assar Westerlund <assar@sics.se> 829 830 * load.c: checking all parsing for errors and all memory 831 allocations also 832 8332000-01-02 Assar Westerlund <assar@sics.se> 834 835 * server.c: check initial flag in ticket and allow users to change 836 their own password if it's set 837 * ext.c (do_ext_keytab): set timestamp 838 8391999-12-14 Assar Westerlund <assar@sics.se> 840 841 * del_enctype.c (usage): don't use arg_printusage 842 8431999-11-25 Assar Westerlund <assar@sics.se> 844 845 * del_enctype.c (del_enctype): try not to leak memory 846 847 * version4.c (kadm_ser_mod): use kadm5_s_modify_principal (no 848 _with_key) 849 850 * kadmin.c: add `del_enctype' 851 852 * del_enctype.c (del_enctype): new function for deleting enctypes 853 from a principal 854 855 * Makefile.am (kadmin_SOURCES): add del_enctype.c 856 8571999-11-09 Johan Danielsson <joda@pdc.kth.se> 858 859 * server.c: cope with old clients 860 861 * kadmin_locl.h: remove version string 862 8631999-10-17 Assar Westerlund <assar@sics.se> 864 865 * Makefile.am (kadmin_LDADD): add LIB_dlopen 866 8671999-10-01 Assar Westerlund <assar@sics.se> 868 869 * ank.c (add_one_principal): `password' can cactually be NULL in 870 the overwrite code, check for it. 871 8721999-09-20 Assar Westerlund <assar@sics.se> 873 874 * mod.c (mod_entry): print the correct principal name in error 875 messages. From Love <lha@e.kth.se> 876 8771999-09-10 Assar Westerlund <assar@sics.se> 878 879 * init.c (init): also create `changepw/kerberos' 880 881 * version4.c: only create you loose packets when we fail decoding 882 and not when an operation is not performed for some reason 883 (decode_packet): read the service key from the hdb 884 (dispatch, decode_packet): return proper error messages 885 886 * version4.c (kadm_ser_cpw): add password quality functions 887 8881999-08-27 Johan Danielsson <joda@pdc.kth.se> 889 890 * server.c (handle_v5): give more informative message if 891 KRB5_KT_NOTFOUND 892 8931999-08-26 Johan Danielsson <joda@pdc.kth.se> 894 895 * kadmind.c: use HDB keytabs 896 8971999-08-25 Assar Westerlund <assar@sics.se> 898 899 * cpw.c (set_password): use correct variable. From Love 900 <lha@e.kth.se> 901 902 * server.c (v5_loop): use correct error code 903 904 * ank.c (add_one_principal): initialize `default_ent' 905 9061999-08-21 Assar Westerlund <assar@sics.se> 907 908 * random_password.c: new file, stolen from krb4 909 910 * kadmin_locl.h: add prototype for random_password 911 912 * cpw.c: add support for --random-password 913 914 * ank.c: add support for --random-password 915 916 * Makefile.am (kadmin_SOURCES): add random_password.c 917 9181999-08-19 Assar Westerlund <assar@sics.se> 919 920 * util.c (edit_timet): break when we manage to parse the time not 921 the inverse. 922 923 * mod.c: add parsing of lots of options. From Love 924 <lha@stacken.kth.se> 925 926 * ank.c: add setting of expiration and password expiration 927 928 * kadmin_locl.h: update util.c prototypes 929 930 * util.c: move-around. clean-up, rename, make consistent (and 931 some other weird stuff). based on patches from Love 932 <lha@stacken.kth.se> 933 934 * version4.c (kadm_ser_cpw): initialize password 935 (handle_v4): remove unused variable `ret' 936 9371999-08-16 Assar Westerlund <assar@sics.se> 938 939 * version4.c (handle_v4): more error checking and more correct 940 error messages 941 942 * server.c (v5_loop, kadmind_loop): more error checking and more 943 correct error messages 944 9451999-07-24 Assar Westerlund <assar@sics.se> 946 947 * util.c (str2timeval, edit_time): functions for parsing and 948 editing times. Based on patches from Love <lha@stacken.kth.se>. 949 (edit_entry): call new functions 950 951 * mod.c (mod_entry): allow modifying expiration times 952 953 * kadmin_locl.h (str2timeval): add prototype 954 955 * ank.c (add_one_principal): allow setting expiration times 956 9571999-07-03 Assar Westerlund <assar@sics.se> 958 959 * server.c (v5_loop): handle data allocation with krb5_data_alloc 960 and check return value 961 9621999-06-23 Assar Westerlund <assar@sics.se> 963 964 * version4.c (kadm_ser_cpw): read the key in the strange order 965 it's sent 966 967 * util.c (edit_entry): look at default 968 (edit_time): always set mask even if value == 0 969 970 * kadmin_locl.h (edit_entry): update 971 972 * ank.c: make ank use the values of the default principal for 973 prompting 974 975 * version4.c (values_to_ent): convert key data correctly 976 9771999-05-23 Assar Westerlund <assar@sics.se> 978 979 * init.c (create_random_entry): more correct setting of mask 980 9811999-05-21 Assar Westerlund <assar@sics.se> 982 983 * server.c (handle_v5): read sendauth version correctly. 984 9851999-05-14 Assar Westerlund <assar@sics.se> 986 987 * version4.c (error_code): try to handle really old krb4 988 distributions 989 9901999-05-11 Assar Westerlund <assar@sics.se> 991 992 * init.c (init): initialize realm_max_life and realm_max_rlife 993 9941999-05-07 Assar Westerlund <assar@sics.se> 995 996 * ank.c (add_new_key): initialize more variables 997 9981999-05-04 Assar Westerlund <assar@sics.se> 999 1000 * version4.c (kadm_ser_cpw): always allow a user to change her 1001 password 1002 (kadm_ser_*): make logging work 1003 clean-up and restructure 1004 1005 * kadmin_locl.h (set_entry): add prototype 1006 1007 * kadmin.c (usage): update usage string 1008 1009 * init.c (init): new arguments realm-max-ticket-life and 1010 realm-max-renewable-life 1011 1012 * util.c (edit_time, edit_attributes): don't do anything if it's 1013 already set 1014 (set_entry): new function 1015 1016 * ank.c (add_new_key): new options for setting max-ticket-life, 1017 max-renewable-life, and attributes 1018 1019 * server.c (v5_loop): remove unused variable 1020 1021 * kadmin_locl.h: add prototypes 1022 1023 * version4.c: re-insert krb_err.h and other miss 1024 1025 * server.c (kadmind_loop): break-up and restructure 1026 1027 * version4.c: add ACL checks more error code checks restructure 1028 10291999-05-03 Johan Danielsson <joda@pdc.kth.se> 1030 1031 * load.c: check for (un-)encrypted keys 1032 1033 * dump.c: use hdb_print_entry 1034 1035 * version4.c: version 4 support 1036 1037 * Makefile.am: link with krb4 1038 1039 * kadmin_locl.h: include <sys/un.h> 1040 1041 * server.c: move from lib/kadm5, and add basic support for krb4 1042 kadmin protocol 1043 1044 * kadmind.c: move recvauth to kadmind_loop() 1045