ChangeLog revision 78527
178527Sassar2001-05-17 Assar Westerlund <assar@sics.se> 278527Sassar 378527Sassar * kadm_conn.c (start_server): fix krb5_eai_to_heim_errno call 478527Sassar 578527Sassar2001-05-15 Assar Westerlund <assar@sics.se> 678527Sassar 778527Sassar * kadmin.c (main): some error cleaning required 878527Sassar 978527Sassar2001-05-14 Assar Westerlund <assar@sics.se> 1078527Sassar 1178527Sassar * kadmind.c: new krb5_config_parse_file 1278527Sassar * kadmin.c: new krb5_config_parse_file 1378527Sassar * kadm_conn.c: update to new krb5_sockaddr2address 1478527Sassar 1578527Sassar2001-05-07 Assar Westerlund <assar@sics.se> 1678527Sassar 1778527Sassar * kadmin_locl.h (foreach_principal): update prototype 1878527Sassar * get.c (getit): new foreach_principal 1978527Sassar * ext.c (ext_keytab): new foreach_principal 2078527Sassar * del.c (del_entry): new foreach_principal 2178527Sassar * cpw.c (cpw_entry): new foreach_principal 2278527Sassar * util.c (foreach_principal): add `funcname' and try printing the 2378527Sassar error string 2478527Sassar 2578527Sassar2001-05-04 Johan Danielsson <joda@pdc.kth.se> 2678527Sassar 2778527Sassar * rename.c: fix argument number test 2878527Sassar 2978527Sassar2001-04-19 Johan Danielsson <joda@pdc.kth.se> 3078527Sassar 3178527Sassar * del_enctype.c: fix argument count check after getarg change; 3278527Sassar spotted by mark@MCS.VUW.AC.NZ 3378527Sassar 3478527Sassar2001-02-15 Assar Westerlund <assar@sics.se> 3578527Sassar 3678527Sassar * kadmind.c (main): use a `struct sockaddr_storage' to be able to 3778527Sassar store all types of addresses 3878527Sassar 3978527Sassar2001-02-07 Assar Westerlund <assar@sics.se> 4078527Sassar 4178527Sassar * kadmin.c: add --keytab / _K, from Leif Johansson 4278527Sassar <leifj@it.su.se> 4378527Sassar 4472445Sassar2001-01-29 Assar Westerlund <assar@sics.se> 4572445Sassar 4672445Sassar * kadm_conn.c (spawn_child): close the newly created socket in the 4772445Sassar packet, it's not used. from <shadow@dementia.org> 4872445Sassar * version4.c (decode_packet): check success of 4972445Sassar krb5_425_conv_principal. from <shadow@dementia.org> 5072445Sassar 5172445Sassar2001-01-12 Assar Westerlund <assar@sics.se> 5272445Sassar 5372445Sassar * util.c (parse_attributes): make empty string mean no attributes, 5472445Sassar specifying the empty string at the command line should give you no 5572445Sassar attributes, but just pressing return at the prompt gives you 5672445Sassar default attributes 5772445Sassar (edit_entry): only pick up values from the default principal if they 5872445Sassar aren't set in the principal being edited 5972445Sassar 6072445Sassar2001-01-04 Assar Westerlund <assar@sics.se> 6172445Sassar 6272445Sassar * load.c (doit): print an error and bail out if storing an entry 6372445Sassar in the database fails. The most likely reason for it failing is 6472445Sassar out-of-space. 6572445Sassar 6672445Sassar2000-12-31 Assar Westerlund <assar@sics.se> 6772445Sassar 6872445Sassar * kadmind.c (main): handle krb5_init_context failure consistently 6972445Sassar * kadmin.c (main): handle krb5_init_context failure consistently 7072445Sassar * add-random-users.c (add_user): handle krb5_init_context failure 7172445Sassar consistently 7272445Sassar 7372445Sassar * kadm_conn.c (spawn_child): use a struct sockaddr_storage 7472445Sassar 7572445Sassar2000-12-15 Johan Danielsson <joda@pdc.kth.se> 7672445Sassar 7772445Sassar * get.c: avoid asprintf'ing NULL strings 7872445Sassar 7972445Sassar2000-12-14 Johan Danielsson <joda@pdc.kth.se> 8072445Sassar 8172445Sassar * load.c: fix option parsing 8272445Sassar 8372445Sassar2000-11-16 Assar Westerlund <assar@sics.se> 8472445Sassar 8572445Sassar * kadm_conn.c (wait_for_connection): check for fd's being too 8672445Sassar large to select on 8772445Sassar 8872445Sassar2000-11-09 Johan Danielsson <joda@pdc.kth.se> 8972445Sassar 9072445Sassar * get.c: don't try to print modifier name if it isn't set (from 9172445Sassar Jacques A. Vidrine" <n@nectar.com>) 9272445Sassar 9372445Sassar2000-09-19 Assar Westerlund <assar@sics.se> 9472445Sassar 9572445Sassar * server.c (kadmind_loop): send in keytab to v4 handling function 9672445Sassar * version4.c: allow the specification of what keytab to use 9772445Sassar 9872445Sassar * get.c (print_entry_long): actually print the actual saltvalue 9972445Sassar used if it's not the default 10072445Sassar 10172445Sassar2000-09-10 Johan Danielsson <joda@pdc.kth.se> 10272445Sassar 10372445Sassar * kadmin.c: add option parsing, and add `privs' as an alias for 10472445Sassar `privileges' 10572445Sassar 10672445Sassar * init.c: complain if there's no realm name specified 10772445Sassar 10872445Sassar * rename.c: add option parsing 10972445Sassar 11072445Sassar * load.c: add option parsing 11172445Sassar 11272445Sassar * get.c: make `get' and `list' aliases to each other, but with 11372445Sassar different defaults 11472445Sassar 11572445Sassar * del_enctype.c: add option parsing 11672445Sassar 11772445Sassar * del.c: add option parsing 11872445Sassar 11972445Sassar * ank.c: calling the command `add' make more sense from an english 12072445Sassar pov 12172445Sassar 12272445Sassar * Makefile.am: add kadmin manpage 12372445Sassar 12472445Sassar * kadmin.8: short manpage 12572445Sassar 12672445Sassar * kadmin.c: `quit' should be a alias for `exit', not `help' 12772445Sassar 12872445Sassar2000-08-27 Assar Westerlund <assar@sics.se> 12972445Sassar 13072445Sassar * server.c (handle_v5): do not try to perform stupid stunts when 13172445Sassar printing errors 13272445Sassar 13372445Sassar2000-08-19 Assar Westerlund <assar@sics.se> 13472445Sassar 13572445Sassar * util.c (str2time_t): add alias for `now'. 13672445Sassar 13772445Sassar2000-08-18 Assar Westerlund <assar@sics.se> 13872445Sassar 13972445Sassar * server.c (handle_v5): accept any kadmin/admin@* principal as the 14072445Sassar server 14172445Sassar * kadmind.c: remove extra prototype of kadmind_loop 14272445Sassar * kadmin_locl.h (kadmind_loop): add prototype 14372445Sassar 14472445Sassar * init.c (usage): print init-usage and not add-dito 14572445Sassar 14672445Sassar2000-08-07 Johan Danielsson <joda@pdc.kth.se> 14772445Sassar 14872445Sassar * kadmind.c: use roken_getsockname 14972445Sassar 15072445Sassar2000-08-07 Assar Westerlund <assar@sics.se> 15172445Sassar 15272445Sassar * kadmind.c, kadm_conn.c: use socklen_t instead of int where 15372445Sassar appropriate. From <thorpej@netbsd.org> 15472445Sassar 15572445Sassar2000-08-04 Johan Danielsson <joda@pdc.kth.se> 15672445Sassar 15772445Sassar * Makefile.am: link with pidfile library 15872445Sassar 15972445Sassar * kadmind.c: write a pid file, and setup password quality 16072445Sassar functions 16172445Sassar 16272445Sassar * kadmin_locl.h: util.h 16372445Sassar 16472445Sassar2000-07-27 Assar Westerlund <assar@sics.se> 16572445Sassar 16672445Sassar * version4.c (decode_packet): be totally consistent with the 16772445Sassar prototype of des_cbc_cksum 16872445Sassar * kadmind.c: use sa_size instead of sa_len, some systems define 16972445Sassar this to emulate anonymous unions 17072445Sassar * kadm_conn.c: use sa_size instead of sa_len, some systems define 17172445Sassar this to emulate anonymous unions 17272445Sassar 17372445Sassar2000-07-24 Assar Westerlund <assar@sics.se> 17472445Sassar 17572445Sassar * kadmin.c (commands): add quit 17672445Sassar * load.c (doit): truncate the log since there's no way of knowing 17772445Sassar what changes are going to be added 17872445Sassar 17972445Sassar2000-07-23 Assar Westerlund <assar@sics.se> 18072445Sassar 18172445Sassar * util.c (str2time_t): be more careful with strptime that might 18272445Sassar zero out the `struct tm' 18372445Sassar 18472445Sassar2000-07-22 Johan Danielsson <joda@pdc.kth.se> 18572445Sassar 18672445Sassar * kadm_conn.c: make the parent process wait for children and 18772445Sassar terminate after receiving a signal, also terminate on SIGINT 18872445Sassar 18972445Sassar2000-07-22 Assar Westerlund <assar@sics.se> 19072445Sassar 19172445Sassar * version4.c: map both princ_expire_time and pw_expiration to v4 19272445Sassar principal expiration 19372445Sassar 19472445Sassar2000-07-22 Johan Danielsson <joda@pdc.kth.se> 19572445Sassar 19672445Sassar * version4.c (handle_v4): check for termination 19772445Sassar 19872445Sassar * server.c (v5_loop): check for termination 19972445Sassar 20072445Sassar * kadm_conn.c (wait_term): if we're doing something, set just set 20172445Sassar a flag otherwise exit rightaway 20272445Sassar 20372445Sassar * server.c: use krb5_read_priv_message; (v5_loop): check for EOF 20472445Sassar 20572445Sassar2000-07-21 Assar Westerlund <assar@sics.se> 20672445Sassar 20772445Sassar * kadm_conn.c: remove sys/select.h. make signal handlers 20872445Sassar type-correct and static 20972445Sassar 21072445Sassar * kadmin_locl.h: add limits.h and sys/select.h 21172445Sassar 21272445Sassar2000-07-20 Assar Westerlund <assar@sics.se> 21372445Sassar 21472445Sassar * init.c (init): also create `kadmin/hprop' 21572445Sassar * kadmind.c: ports is a string argument 21672445Sassar * kadm_conn.c (start_server): fix printf format 21772445Sassar 21872445Sassar * kadmin_locl.h: add <sys/select.h> 21972445Sassar * kadm_conn.c: remove sys/select.h. make signal handlers 22072445Sassar type-correct and static 22172445Sassar 22272445Sassar * kadmin_locl.h: add limits.h and sys/select.h 22372445Sassar 22472445Sassar2000-07-17 Johan Danielsson <joda@pdc.kth.se> 22572445Sassar 22672445Sassar * kadm_conn.c: put all processes in a new process group 22772445Sassar 22872445Sassar * server.c (v5_loop): use krb5_{read,write}_priv_message 22972445Sassar 23072445Sassar2000-07-11 Johan Danielsson <joda@pdc.kth.se> 23172445Sassar 23272445Sassar * version4.c: change log strings to match the v5 counterparts 23372445Sassar 23472445Sassar * mod.c: allow setting kvno 23572445Sassar 23672445Sassar * kadmind.c: if stdin is not a socket create and listen to sockets 23772445Sassar 23872445Sassar * kadm_conn.c: socket creation functions 23972445Sassar 24072445Sassar * util.c (deltat2str): treat 0 and INT_MAX as never 24172445Sassar 24272445Sassar2000-07-08 Assar Westerlund <assar@sics.se> 24372445Sassar 24472445Sassar * Makefile.am (INCLUDES): add ../lib/krb5 24572445Sassar * kadmin_locl.h: add krb5_locl.h (since we just use some stuff 24672445Sassar from there) 24772445Sassar 24872445Sassar2000-06-07 Assar Westerlund <assar@sics.se> 24972445Sassar 25072445Sassar * add-random-users.c: new testing program that adds a number of 25172445Sassar randomly generated users 25272445Sassar 25372445Sassar2000-04-12 Assar Westerlund <assar@sics.se> 25472445Sassar 25572445Sassar * cpw.c (do_cpw_entry): call set_password if no argument is given, 25672445Sassar it will prompt for the password. 25772445Sassar * kadmin.c: make help only print the commands that are actually 25872445Sassar available. 25972445Sassar 26072445Sassar2000-04-03 Assar Westerlund <assar@sics.se> 26172445Sassar 26272445Sassar * del_enctype.c (del_enctype): set ignore correctly 26372445Sassar 26472445Sassar2000-04-02 Assar Westerlund <assar@sics.se> 26572445Sassar 26672445Sassar * kadmin.c (main): make parse errors a fatal error 26772445Sassar * init.c (init): create changepw/kerberos with disallow-tgt and 26872445Sassar pwchange attributes 26972445Sassar 27072445Sassar2000-03-23 Assar Westerlund <assar@sics.se> 27172445Sassar 27272445Sassar * util.c (hex2n, parse_des_key): add 27372445Sassar * server.c (kadmind_dispatch): add kadm_chpass_with_key 27472445Sassar * cpw.c: add --key 27572445Sassar * ank.c: add --key 27672445Sassar 27757422Smarkm2000-02-16 Assar Westerlund <assar@sics.se> 27857422Smarkm 27957422Smarkm * load.c (doit): check return value from parse_hdbflags2int 28057422Smarkm correctly 28157422Smarkm 28257416Smarkm2000-01-25 Assar Westerlund <assar@sics.se> 28357416Smarkm 28457416Smarkm * load.c: checking all parsing for errors and all memory 28557416Smarkm allocations also 28657416Smarkm 28755682Smarkm2000-01-02 Assar Westerlund <assar@sics.se> 28855682Smarkm 28955682Smarkm * server.c: check initial flag in ticket and allow users to change 29055682Smarkm their own password if it's set 29155682Smarkm * ext.c (do_ext_keytab): set timestamp 29255682Smarkm 29355682Smarkm1999-12-14 Assar Westerlund <assar@sics.se> 29455682Smarkm 29555682Smarkm * del_enctype.c (usage): don't use arg_printusage 29655682Smarkm 29755682Smarkm1999-11-25 Assar Westerlund <assar@sics.se> 29855682Smarkm 29955682Smarkm * del_enctype.c (del_enctype): try not to leak memory 30055682Smarkm 30155682Smarkm * version4.c (kadm_ser_mod): use kadm5_s_modify_principal (no 30255682Smarkm _with_key) 30355682Smarkm 30455682Smarkm * kadmin.c: add `del_enctype' 30555682Smarkm 30655682Smarkm * del_enctype.c (del_enctype): new function for deleting enctypes 30755682Smarkm from a principal 30855682Smarkm 30955682Smarkm * Makefile.am (kadmin_SOURCES): add del_enctype.c 31055682Smarkm 31155682Smarkm1999-11-09 Johan Danielsson <joda@pdc.kth.se> 31255682Smarkm 31355682Smarkm * server.c: cope with old clients 31455682Smarkm 31555682Smarkm * kadmin_locl.h: remove version string 31655682Smarkm 31755682Smarkm1999-10-17 Assar Westerlund <assar@sics.se> 31855682Smarkm 31955682Smarkm * Makefile.am (kadmin_LDADD): add LIB_dlopen 32055682Smarkm 32155682Smarkm1999-10-01 Assar Westerlund <assar@sics.se> 32255682Smarkm 32355682Smarkm * ank.c (add_one_principal): `password' can cactually be NULL in 32455682Smarkm the overwrite code, check for it. 32555682Smarkm 32655682Smarkm1999-09-20 Assar Westerlund <assar@sics.se> 32755682Smarkm 32855682Smarkm * mod.c (mod_entry): print the correct principal name in error 32955682Smarkm messages. From Love <lha@e.kth.se> 33055682Smarkm 33155682Smarkm1999-09-10 Assar Westerlund <assar@sics.se> 33255682Smarkm 33355682Smarkm * init.c (init): also create `changepw/kerberos' 33455682Smarkm 33555682Smarkm * version4.c: only create you loose packets when we fail decoding 33655682Smarkm and not when an operation is not performed for some reason 33755682Smarkm (decode_packet): read the service key from the hdb 33855682Smarkm (dispatch, decode_packet): return proper error messages 33955682Smarkm 34055682Smarkm * version4.c (kadm_ser_cpw): add password quality functions 34155682Smarkm 34255682Smarkm1999-08-27 Johan Danielsson <joda@pdc.kth.se> 34355682Smarkm 34455682Smarkm * server.c (handle_v5): give more informative message if 34555682Smarkm KRB5_KT_NOTFOUND 34655682Smarkm 34755682Smarkm1999-08-26 Johan Danielsson <joda@pdc.kth.se> 34855682Smarkm 34955682Smarkm * kadmind.c: use HDB keytabs 35055682Smarkm 35155682Smarkm1999-08-25 Assar Westerlund <assar@sics.se> 35255682Smarkm 35355682Smarkm * cpw.c (set_password): use correct variable. From Love 35455682Smarkm <lha@e.kth.se> 35555682Smarkm 35655682Smarkm * server.c (v5_loop): use correct error code 35755682Smarkm 35855682Smarkm * ank.c (add_one_principal): initialize `default_ent' 35955682Smarkm 36055682Smarkm1999-08-21 Assar Westerlund <assar@sics.se> 36155682Smarkm 36255682Smarkm * random_password.c: new file, stolen from krb4 36355682Smarkm 36455682Smarkm * kadmin_locl.h: add prototype for random_password 36555682Smarkm 36655682Smarkm * cpw.c: add support for --random-password 36755682Smarkm 36855682Smarkm * ank.c: add support for --random-password 36955682Smarkm 37055682Smarkm * Makefile.am (kadmin_SOURCES): add random_password.c 37155682Smarkm 37255682Smarkm1999-08-19 Assar Westerlund <assar@sics.se> 37355682Smarkm 37455682Smarkm * util.c (edit_timet): break when we manage to parse the time not 37555682Smarkm the inverse. 37655682Smarkm 37755682Smarkm * mod.c: add parsing of lots of options. From Love 37855682Smarkm <lha@stacken.kth.se> 37955682Smarkm 38055682Smarkm * ank.c: add setting of expiration and password expiration 38155682Smarkm 38255682Smarkm * kadmin_locl.h: update util.c prototypes 38355682Smarkm 38455682Smarkm * util.c: move-around. clean-up, rename, make consistent (and 38555682Smarkm some other weird stuff). based on patches from Love 38655682Smarkm <lha@stacken.kth.se> 38755682Smarkm 38855682Smarkm * version4.c (kadm_ser_cpw): initialize password 38955682Smarkm (handle_v4): remove unused variable `ret' 39055682Smarkm 39155682Smarkm1999-08-16 Assar Westerlund <assar@sics.se> 39255682Smarkm 39355682Smarkm * version4.c (handle_v4): more error checking and more correct 39455682Smarkm error messages 39555682Smarkm 39655682Smarkm * server.c (v5_loop, kadmind_loop): more error checking and more 39755682Smarkm correct error messages 39855682Smarkm 39955682Smarkm1999-07-24 Assar Westerlund <assar@sics.se> 40055682Smarkm 40155682Smarkm * util.c (str2timeval, edit_time): functions for parsing and 40255682Smarkm editing times. Based on patches from Love <lha@stacken.kth.se>. 40355682Smarkm (edit_entry): call new functions 40455682Smarkm 40555682Smarkm * mod.c (mod_entry): allow modifying expiration times 40655682Smarkm 40755682Smarkm * kadmin_locl.h (str2timeval): add prototype 40855682Smarkm 40955682Smarkm * ank.c (add_one_principal): allow setting expiration times 41055682Smarkm 41155682Smarkm1999-07-03 Assar Westerlund <assar@sics.se> 41255682Smarkm 41355682Smarkm * server.c (v5_loop): handle data allocation with krb5_data_alloc 41455682Smarkm and check return value 41555682Smarkm 41655682Smarkm1999-06-23 Assar Westerlund <assar@sics.se> 41755682Smarkm 41855682Smarkm * version4.c (kadm_ser_cpw): read the key in the strange order 41955682Smarkm it's sent 42055682Smarkm 42155682Smarkm * util.c (edit_entry): look at default 42255682Smarkm (edit_time): always set mask even if value == 0 42355682Smarkm 42455682Smarkm * kadmin_locl.h (edit_entry): update 42555682Smarkm 42655682Smarkm * ank.c: make ank use the values of the default principal for 42755682Smarkm prompting 42855682Smarkm 42955682Smarkm * version4.c (values_to_ent): convert key data correctly 43055682Smarkm 43155682Smarkm1999-05-23 Assar Westerlund <assar@sics.se> 43255682Smarkm 43355682Smarkm * init.c (create_random_entry): more correct setting of mask 43455682Smarkm 43555682Smarkm1999-05-21 Assar Westerlund <assar@sics.se> 43655682Smarkm 43755682Smarkm * server.c (handle_v5): read sendauth version correctly. 43855682Smarkm 43955682Smarkm1999-05-14 Assar Westerlund <assar@sics.se> 44055682Smarkm 44155682Smarkm * version4.c (error_code): try to handle really old krb4 44255682Smarkm distributions 44355682Smarkm 44455682Smarkm1999-05-11 Assar Westerlund <assar@sics.se> 44555682Smarkm 44655682Smarkm * init.c (init): initialize realm_max_life and realm_max_rlife 44755682Smarkm 44855682Smarkm1999-05-07 Assar Westerlund <assar@sics.se> 44955682Smarkm 45055682Smarkm * ank.c (add_new_key): initialize more variables 45155682Smarkm 45255682Smarkm1999-05-04 Assar Westerlund <assar@sics.se> 45355682Smarkm 45455682Smarkm * version4.c (kadm_ser_cpw): always allow a user to change her 45555682Smarkm password 45655682Smarkm (kadm_ser_*): make logging work 45755682Smarkm clean-up and restructure 45855682Smarkm 45955682Smarkm * kadmin_locl.h (set_entry): add prototype 46055682Smarkm 46155682Smarkm * kadmin.c (usage): update usage string 46255682Smarkm 46355682Smarkm * init.c (init): new arguments realm-max-ticket-life and 46455682Smarkm realm-max-renewable-life 46555682Smarkm 46655682Smarkm * util.c (edit_time, edit_attributes): don't do anything if it's 46755682Smarkm already set 46855682Smarkm (set_entry): new function 46955682Smarkm 47055682Smarkm * ank.c (add_new_key): new options for setting max-ticket-life, 47155682Smarkm max-renewable-life, and attributes 47255682Smarkm 47355682Smarkm * server.c (v5_loop): remove unused variable 47455682Smarkm 47555682Smarkm * kadmin_locl.h: add prototypes 47655682Smarkm 47755682Smarkm * version4.c: re-insert krb_err.h and other miss 47855682Smarkm 47955682Smarkm * server.c (kadmind_loop): break-up and restructure 48055682Smarkm 48155682Smarkm * version4.c: add ACL checks more error code checks restructure 48255682Smarkm 48355682Smarkm1999-05-03 Johan Danielsson <joda@pdc.kth.se> 48455682Smarkm 48555682Smarkm * load.c: check for (un-)encrypted keys 48655682Smarkm 48755682Smarkm * dump.c: use hdb_print_entry 48855682Smarkm 48955682Smarkm * version4.c: version 4 support 49055682Smarkm 49155682Smarkm * Makefile.am: link with krb4 49255682Smarkm 49355682Smarkm * kadmin_locl.h: include <sys/un.h> 49455682Smarkm 49555682Smarkm * server.c: move from lib/kadm5, and add basic support for krb4 49655682Smarkm kadmin protocol 49755682Smarkm 49855682Smarkm * kadmind.c: move recvauth to kadmind_loop() 499