1233294Sstas2008-04-23 Love H��rnquist ��strand <lha@it.su.se> 2127808Snectar 3233294Sstas * ipropd_master.c: Only log "sending AYT" once, pointed out by Dr 4233294Sstas A V Le Blanc. 5233294Sstas 6233294Sstas 7233294Sstas2008-01-21 Love H��rnquist ��strand <lha@it.su.se> 8233294Sstas 9178825Sdfr * default_keys.c: Use hdb_free_keys(). 10178825Sdfr 11233294Sstas2008-01-11 Love H��rnquist ��strand <lha@it.su.se> 12178825Sdfr 13178825Sdfr * Makefile.am: add check-cracklib.pl, flush.c, 14178825Sdfr sample_passwd_check.c 15178825Sdfr 16233294Sstas2007-12-07 Love H��rnquist ��strand <lha@it.su.se> 17178825Sdfr 18178825Sdfr * use hdb_db_dir() and hdb_default_db() 19178825Sdfr 20178825Sdfr2007-10-18 Love <lha@stacken.kth.se> 21178825Sdfr 22178825Sdfr * init_c.c: We are getting default_client, not client. this way 23178825Sdfr the user can override the result. 24127808Snectar 25233294Sstas2007-09-29 Love H��rnquist ��strand <lha@it.su.se> 26127808Snectar 27178825Sdfr * iprop.8: fix spelling, From Antoine Jacoutt. 28178825Sdfr 29233294Sstas2007-08-16 Love H��rnquist ��strand <lha@it.su.se> 30178825Sdfr 31178825Sdfr * version-script.map: export _kadm5_unmarshal_params, 32178825Sdfr _kadm5_acl_check_permission 33178825Sdfr 34178825Sdfr * version-script.map: export kadm5_log_ symbols. 35178825Sdfr 36178825Sdfr * log.c: Unexport the specific log replay operations. 37127808Snectar 38233294Sstas2007-08-10 Love H��rnquist ��strand <lha@it.su.se> 39127808Snectar 40178825Sdfr * Makefile.am: build sample_passwd_check.la as part of noinst. 41178825Sdfr 42178825Sdfr * sample_passwd_check.c: Add missing prototype for check_length(). 43178825Sdfr 44233294Sstas2007-08-07 Love H��rnquist ��strand <lha@it.su.se> 45178825Sdfr 46178825Sdfr * log.c: Sprinkle krb5_set_error_string(). 47178825Sdfr 48178825Sdfr * ipropd_slave.c: Provide better error why kadm5_log_replay 49178825Sdfr failed. 50178825Sdfr 51233294Sstas2007-08-06 Love H��rnquist ��strand <lha@it.su.se> 52178825Sdfr 53178825Sdfr * ipropd_master.c: - don't push whole database to the new client 54178825Sdfr every time. - make slaves get the whole new database if they have 55178825Sdfr a newer log the the master (and thus have them go back in time). 56178825Sdfr 57233294Sstas2007-08-03 Love H��rnquist ��strand <lha@it.su.se> 58178825Sdfr 59178825Sdfr * ipropd_slave.c: make more sane. 60178825Sdfr 61178825Sdfr * ipropd_slave.c: more paranoid check that the log entires are 62178825Sdfr self consistant 63178825Sdfr 64178825Sdfr * log.c (kadm5_log_foreach): check that the postamble contains the 65178825Sdfr right data. 66178825Sdfr 67178825Sdfr * ipropd_master.c: Sprinkle more info about what versions the 68178825Sdfr master thinks about the client versions. 69178825Sdfr 70178825Sdfr * ipropd_master.c: Start the server at the current version, not 0. 71178825Sdfr 72233294Sstas2007-08-02 Love H��rnquist ��strand <lha@it.su.se> 73178825Sdfr 74178825Sdfr * ipropd_master.c: Add more logging, to figure out what is 75178825Sdfr happening in the master. 76178825Sdfr 77233294Sstas2007-08-01 Love H��rnquist ��strand <lha@it.su.se> 78178825Sdfr 79178825Sdfr * Makefile.am: add version-script for libkadm5srv.la 80178825Sdfr 81178825Sdfr * version-script.map: version script fro kadm5 server libary. 82178825Sdfr 83178825Sdfr * log.c: only free the orignal entries extentions if there was 84178825Sdfr any. Bug reported by Peter Meinecke. 85178825Sdfr 86178825Sdfr * add configuration for signal file and acl file, let user select 87178825Sdfr hostname, catch signals and print why we are quiting, make nop 88178825Sdfr cause one new version, not two 89178825Sdfr 90233294Sstas2007-07-30 Love H��rnquist ��strand <lha@it.su.se> 91178825Sdfr 92178825Sdfr * ipropd_master.c (send_diffs): make current slave's version 93178825Sdfr uptodate when diff have been sent. 94127808Snectar 95233294Sstas2007-07-27 Love H��rnquist ��strand <lha@it.su.se> 96120945Snectar 97178825Sdfr * ipropd_slave.c: More comments and some more error checking. 98178825Sdfr 99233294Sstas2007-07-26 Love H��rnquist ��strand <lha@it.su.se> 100178825Sdfr 101178825Sdfr * init_c.c (get_cache_principal): make sure id is reset if we 102178825Sdfr fail. From Benjamin Bennet. 103178825Sdfr 104233294Sstas2007-07-10 Love H��rnquist ��strand <lha@it.su.se> 105178825Sdfr 106178825Sdfr * context_s.c (find_db_spec): match realm-less as the default 107178825Sdfr realm. 108178825Sdfr 109178825Sdfr * Makefile.am: New library version. 110178825Sdfr 111233294Sstas2007-07-05 Love H��rnquist ��strand <lha@it.su.se> 112178825Sdfr 113178825Sdfr * context_s.c: Use hdb_get_dbinfo to pick up configuration. 114178825Sdfr ctx->config.realm can be NULL, check for that, from Bjorn S. 115178825Sdfr 116233294Sstas2007-07-04 Love H��rnquist ��strand <lha@it.su.se> 117178825Sdfr 118178825Sdfr * init_c.c: Try harder to use the right principal. 119178825Sdfr 120233294Sstas2007-06-20 Love H��rnquist ��strand <lha@it.su.se> 121178825Sdfr 122178825Sdfr * ipropd_slave.c: Catch return value from krb5_program_setup. From 123178825Sdfr Steven Luo. 124178825Sdfr 125233294Sstas2007-05-08 Love H��rnquist ��strand <lha@it.su.se> 126178825Sdfr 127178825Sdfr * delete_s.c: Write log entry after store is successful, rename 128178825Sdfr out goto statments. 129178825Sdfr 130178825Sdfr * randkey_s.c: Write log entry after store is successful. 131178825Sdfr 132178825Sdfr * modify_s.c: Write log entry after store is successful. 133178825Sdfr 134178825Sdfr * rename_s.c: indent. 135178825Sdfr 136178825Sdfr * chpass_s.c: Write log entry after store is successful. 137178825Sdfr 138178825Sdfr * create_s.c: Write log entry after store is successful. 139178825Sdfr 140233294Sstas2007-05-07 Love H��rnquist ��strand <lha@it.su.se> 141178825Sdfr 142178825Sdfr * iprop-commands.in: Add default values to make this working 143178825Sdfr again. 144178825Sdfr 145178825Sdfr * iprop-log.c (iprop_replay): create the database with more 146178825Sdfr liberal mode. 147178825Sdfr 148178825Sdfr * log.c: make it slightly more working. 149178825Sdfr 150178825Sdfr * iprop-log.8: Document last-version. 151178825Sdfr 152178825Sdfr * iprop-log.c: (last_version): print last version of the log. 153178825Sdfr 154178825Sdfr * iprop-commands.in: new command last-version: print last version 155178825Sdfr of the log. 156178825Sdfr 157178825Sdfr * log.c (kadm5_log_previous): document assumptions and make less 158178825Sdfr broken. Bug report from Ronny Blomme. 159178825Sdfr 160233294Sstas2007-02-17 Love H��rnquist ��strand <lha@it.su.se> 161178825Sdfr 162178825Sdfr * admin.h: add support to get aliases 163178825Sdfr 164178825Sdfr * get_s.c: add support to get aliases 165178825Sdfr 166178825Sdfr2007-02-11 David Love <fx@gnu.org> 167178825Sdfr 168178825Sdfr * iprop-log.8: Small fixes, from David Love. 169178825Sdfr 170233294Sstas2006-12-15 Love H��rnquist ��strand <lha@it.su.se> 171178825Sdfr 172178825Sdfr * init_c.c: if the user have a kadmin/admin initial ticket, don't 173178825Sdfr ask for password, just use the credential instead. 174178825Sdfr 175233294Sstas2006-12-06 Love H��rnquist ��strand <lha@it.su.se> 176178825Sdfr 177178825Sdfr * ipropd_master.c: Use strcspn to remove \n from string returned 178233294Sstas by fgets. From Bj��rn Sandell 179178825Sdfr 180233294Sstas2006-11-30 Love H��rnquist ��strand <lha@it.su.se> 181178825Sdfr 182178825Sdfr * init_c.c (kadm_connect): clear error string before trying to 183178825Sdfr print a errno, this way we don't pick up a random failure code 184178825Sdfr 185233294Sstas2006-11-20 Love H��rnquist ��strand <lha@it.su.se> 186178825Sdfr 187178825Sdfr * ipropd_slave.c: Make krb5_get_init_creds_opt_free take a context 188178825Sdfr argument. 189178825Sdfr 190178825Sdfr * init_c.c: Make krb5_get_init_creds_opt_free take a context 191178825Sdfr argument. 192178825Sdfr 193233294Sstas2006-10-22 Love H��rnquist ��strand <lha@it.su.se> 194178825Sdfr 195178825Sdfr * ent_setup.c: Try to not leak memory. 196178825Sdfr 197233294Sstas2006-10-07 Love H��rnquist ��strand <lha@it.su.se> 198178825Sdfr 199178825Sdfr * Makefile.am: split build files into dist_ and noinst_ SOURCES 200178825Sdfr 201233294Sstas2006-08-24 Love H��rnquist ��strand <lha@it.su.se> 202178825Sdfr 203178825Sdfr * get_s.c: Add KRB5_KDB_ALLOW_DIGEST 204178825Sdfr 205178825Sdfr * ent_setup.c: Add KRB5_KDB_ALLOW_DIGEST 206178825Sdfr 207178825Sdfr * admin.h: Add KRB5_KDB_ALLOW_DIGEST 208178825Sdfr 209233294Sstas2006-06-16 Love H��rnquist ��strand <lha@it.su.se> 210178825Sdfr 211178825Sdfr * check-cracklib.pl: Add password reuse checking. From Harald 212178825Sdfr Barth. 213178825Sdfr 214233294Sstas2006-06-14 Love H��rnquist ��strand <lha@it.su.se> 215178825Sdfr 216178825Sdfr * ent_setup.c (attr_to_flags): Add KRB5_KDB_ALLOW_KERBEROS4 217178825Sdfr 218178825Sdfr * get_s.c (kadm5_s_get_principal): Add KRB5_KDB_ALLOW_KERBEROS4 219178825Sdfr 220178825Sdfr * admin.h: Add KRB5_KDB_ALLOW_KERBEROS4 221178825Sdfr 222233294Sstas2006-06-06 Love H��rnquist ��strand <lha@it.su.se> 223178825Sdfr 224178825Sdfr * ent_setup.c (attr_to_flags): Add KRB5_KDB_TRUSTED_FOR_DELEGATION 225178825Sdfr 226233294Sstas2006-05-30 Love H��rnquist ��strand <lha@it.su.se> 227178825Sdfr 228178825Sdfr * password_quality.c (kadm5_check_password_quality): set error 229178825Sdfr message in context. 230178825Sdfr 231233294Sstas2006-05-13 Love H��rnquist ��strand <lha@it.su.se> 232178825Sdfr 233178825Sdfr * iprop-log.c: Avoid shadowing. 234178825Sdfr 235178825Sdfr * rename_s.c: Avoid shadowing. 236178825Sdfr 237233294Sstas2006-05-08 Love H��rnquist ��strand <lha@it.su.se> 238178825Sdfr 239178825Sdfr * privs_c.c (kadm5_c_get_privs): privs is a uint32_t, let copy it 240178825Sdfr that way. 241178825Sdfr 242233294Sstas2006-05-05 Love H��rnquist ��strand <lha@it.su.se> 243178825Sdfr 244178825Sdfr * Rename u_intXX_t to uintXX_t 245178825Sdfr 246233294Sstas2006-04-27 Love H��rnquist ��strand <lha@it.su.se> 247178825Sdfr 248178825Sdfr * chpass_s.c,delete_s.c,get_s.c,log.c,modify_s.c,randkey_s.c,rename_s.c: 249178825Sdfr Pass in HDB_F_GET_ANY to all ->hdb fetch to hint what entries we are looking for 250178825Sdfr 251178825Sdfr * send_recv.c: set and clear error string 252178825Sdfr 253178825Sdfr * rename_s.c: Break out the that we request from principal from 254178825Sdfr the entry and pass it in as a separate argument. 255178825Sdfr 256178825Sdfr * randkey_s.c: Break out the that we request from principal from 257178825Sdfr the entry and pass it in as a separate argument. 258178825Sdfr 259178825Sdfr * modify_s.c: Break out the that we request from principal from 260178825Sdfr the entry and pass it in as a separate argument. 261178825Sdfr 262178825Sdfr * log.c: Break out the that we request from principal from the 263178825Sdfr entry and pass it in as a separate argument. 264178825Sdfr 265178825Sdfr * get_s.c: Break out the that we request from principal from the 266178825Sdfr entry and pass it in as a separate argument. 267178825Sdfr 268178825Sdfr * delete_s.c: Break out the that we request from principal from 269178825Sdfr the entry and pass it in as a separate argument. 270178825Sdfr 271178825Sdfr * chpass_s.c: Break out the that we request from principal from 272178825Sdfr the entry and pass it in as a separate argument. 273178825Sdfr 274233294Sstas2006-04-25 Love H��rnquist ��strand <lha@it.su.se> 275178825Sdfr 276178825Sdfr * create_s.c (create_principal*): If client doesn't send kvno, 277178825Sdfr make sure to set it to 1. 278178825Sdfr 279233294Sstas2006-04-10 Love H��rnquist ��strand <lha@it.su.se> 280178825Sdfr 281178825Sdfr * log.c: (kadm5_log_rename): handle errors better 282178825Sdfr Fixes Coverity, NetBSD CID#628 283178825Sdfr 284178825Sdfr * log.c (kadm5_log_delete): add error handling Coverity, NetBSD 285178825Sdfr CID#626 286178825Sdfr (kadm5_log_modify): add error handling Coverity, NetBSD CID#627 287178825Sdfr 288178825Sdfr * init_c.c (_kadm5_c_get_cred_cache): handle ccache case better in 289178825Sdfr case no client name was passed in. Coverity, NetBSD CID#919 290178825Sdfr 291178825Sdfr * init_c.c (_kadm5_c_get_cred_cache): Free client principal in 292178825Sdfr case of error. Coverity NetBSD CID#1908 293178825Sdfr 294233294Sstas2006-02-02 Love H��rnquist ��strand <lha@it.su.se> 295178825Sdfr 296178825Sdfr * kadm5_err.et: (PASS_REUSE): Spelling, 297233294Sstas from V��clav H?la <ax@natur.cuni.cz> 298178825Sdfr 299233294Sstas2006-01-25 Love H��rnquist ��strand <lha@it.su.se> 300178825Sdfr 301178825Sdfr * send_recv.c: Clear error-string when introducing new errors. 302178825Sdfr 303178825Sdfr * *_c.c: Clear error-string when introducing new errors. 304178825Sdfr 305233294Sstas2006-01-15 Love H��rnquist ��strand <lha@it.su.se> 306178825Sdfr 307178825Sdfr * Makefile.am (libkadm5clnt.la) doesn't depend on libhdb, remove 308178825Sdfr dependency 309178825Sdfr 310233294Sstas2005-12-13 Love H��rnquist ��strand <lha@it.su.se> 311178825Sdfr 312178825Sdfr * memset hdb_entry_ex before use 313178825Sdfr 314233294Sstas2005-12-12 Love H��rnquist ��strand <lha@it.su.se> 315178825Sdfr 316178825Sdfr * Wrap hdb_entry with hdb_entry_ex, patch originally 317178825Sdfr from Andrew Bartlet 318178825Sdfr 319233294Sstas2005-11-30 Love H��rnquist ��strand <lha@it.su.se> 320178825Sdfr 321178825Sdfr * context_s.c (set_field): try another way to calculate the path 322178825Sdfr to the database/logfile/signal-socket 323178825Sdfr 324178825Sdfr * log.c (kadm5_log_init): set error string on failures 325178825Sdfr 326233294Sstas2005-09-08 Love H��rnquist ��strand <lha@it.su.se> 327178825Sdfr 328178825Sdfr * Constify password. 329178825Sdfr 330178825Sdfr * admin.h: Add KRB5_TL_PKINIT_ACL. 331178825Sdfr 332178825Sdfr * marshall.c (_kadm5_unmarshal_params): avoid signed-ness warnings 333178825Sdfr 334178825Sdfr * get_s.c (kadm5_s_get_principal): clear error string 335178825Sdfr 336233294Sstas2005-08-25 Love H��rnquist ��strand <lha@it.su.se> 337178825Sdfr 338178825Sdfr * iprop-log.8: More text about iprop-log. 339178825Sdfr 340233294Sstas2005-08-24 Love H��rnquist ��strand <lha@it.su.se> 341178825Sdfr 342178825Sdfr * iprop.8: SEE ALSO iprop-log. 343178825Sdfr 344178825Sdfr * Makefile.am: man_MANS += iprop-log.8 345178825Sdfr 346178825Sdfr * iprop-log.8: Basic for documentation of iprop-log. 347178825Sdfr 348178825Sdfr * remove replay_log.c, dump_log.c, and truncate_log.c, folded into 349178825Sdfr iprop-log. 350178825Sdfr 351178825Sdfr * log.c (kadm5_log_foreach): add a context variable and pass it 352233294Sstas down to `func��. 353178825Sdfr 354178825Sdfr * iprop-commands.in: Move truncate_log and replay_log into 355178825Sdfr iprop-log. 356178825Sdfr 357178825Sdfr * iprop-log.c: Move truncate_log and replay_log into iprop-log. 358178825Sdfr 359178825Sdfr * Makefile.am: Move truncate_log and replay_log into iprop-log. 360178825Sdfr 361178825Sdfr * Makefile.am: Make this work with a clean directory. 362178825Sdfr 363178825Sdfr * ipropd_master.c: Make compile. 364178825Sdfr 365178825Sdfr * ipropd_master.c: Update to new signature of kadm5_log_previous. 366178825Sdfr 367178825Sdfr * log.c (kadm5_log_previous): catch errors instead of asserting 368178825Sdfr and set error string. 369178825Sdfr 370178825Sdfr * iprop-commands.in: New program iprop-log that incorperates 371178825Sdfr dump_log as a subcommand, truncate_log and replay_log soon to come 372178825Sdfr after. 373178825Sdfr 374178825Sdfr * iprop-log.c: New program iprop-log that incorperates dump_log as 375178825Sdfr a subcommand, truncate_log and replay_log soon to come after. 376178825Sdfr 377178825Sdfr * Makefile.am: New program iprop-log that incorperates dump_log as 378178825Sdfr a subcommand, truncate_log and replay_log soon to come after. 379178825Sdfr 380233294Sstas2005-08-11 Love H��rnquist ��strand <lha@it.su.se> 381178825Sdfr 382178825Sdfr * get_s.c: Implement KADM5_LAST_PWD_CHANGE. 383178825Sdfr 384178825Sdfr * set_keys.c: Set and clear password where appropriate. 385178825Sdfr 386178825Sdfr * randkey_s.c: Operation modifies tl_data. 387178825Sdfr 388178825Sdfr * log.c (kadm5_log_replay_modify): Check return values of 389178825Sdfr malloc(), replace all extensions. 390178825Sdfr 391178825Sdfr * kadm5_err.et: Make BAD_TL_TYPE error more helpful. 392178825Sdfr 393178825Sdfr * get_s.c: Expose KADM5_TL_DATA options to the client. 394178825Sdfr 395178825Sdfr * ent_setup.c: Merge in KADM5_TL_DATA in the database. 396178825Sdfr 397178825Sdfr * chpass_s.c: Operations modify extensions, mark that with 398178825Sdfr TL_DATA. 399178825Sdfr 400178825Sdfr * admin.h: Add more TL types (password and extension). 401178825Sdfr 402233294Sstas2005-06-17 Love H��rnquist ��strand <lha@it.su.se> 403178825Sdfr 404178825Sdfr * constify 405178825Sdfr 406178825Sdfr * ipropd_slave.c: avoid shadowing 407178825Sdfr 408178825Sdfr * ipropd_master.c: rename local variable slave to s, optind -> 409178825Sdfr optidx 410178825Sdfr 411178825Sdfr * get_princs_c.c: rename variable exp to expression 412178825Sdfr 413178825Sdfr * ad.c: rename variable exp to expression 414178825Sdfr 415178825Sdfr * log.c: rename shadowing len to num 416178825Sdfr 417178825Sdfr * get_princs_s.c: rename variable exp to expression 418178825Sdfr 419178825Sdfr * context_s.c: const poison 420178825Sdfr 421178825Sdfr * common_glue.c: rename variable exp to expression 422178825Sdfr 423233294Sstas2005-05-30 Love H��rnquist ��strand <lha@it.su.se> 424178825Sdfr 425178825Sdfr * ent_setup.c (attr_to_flags): check for KRB5_KDB_OK_AS_DELEGATE 426178825Sdfr 427178825Sdfr * get_s.c (kadm5_s_get_principal): set KRB5_KDB_OK_AS_DELEGATE 428178825Sdfr 429178825Sdfr * admin.h: add KRB5_KDB_OK_AS_DELEGATE, sync KRB5_TL_ flags 430178825Sdfr 431233294Sstas2005-05-25 Love H��rnquist ��strand <lha@it.su.se> 432178825Sdfr 433178825Sdfr * kadm5_pwcheck.3: please mdoclint 434178825Sdfr 435178825Sdfr2005-05-25 Dave Love <fx@gnu.org> 436178825Sdfr 437178825Sdfr * kadm5_pwcheck.3: document kadm5_add_passwd_quality_verifier, 438178825Sdfr improve text 439178825Sdfr 440178825Sdfr2005-05-24 Dave Love <fx@gnu.org> 441178825Sdfr 442178825Sdfr * iprop.8: Added some info about defaults, fixed some markup. 443178825Sdfr 444178825Sdfr2005-05-23 Dave Love <fx@gnu.org> 445178825Sdfr 446178825Sdfr * ipropd_slave.c: Don't test HAVE_DAEMON since roken supplies it. 447178825Sdfr 448178825Sdfr * ipropd_master.c: Don't test HAVE_DAEMON since roken supplies it. 449178825Sdfr 450233294Sstas2005-05-13 Love H��rnquist ��strand <lha@it.su.se> 451178825Sdfr 452178825Sdfr * init_c.c (_kadm5_c_init_context): fix memory leak in case of 453178825Sdfr failure 454178825Sdfr 455178825Sdfr2005-05-09 Dave Love <fx@gnu.org> 456178825Sdfr 457178825Sdfr * password_quality.c (find_func): Fix off-by-one and logic error. 458178825Sdfr (external_passwd_quality): Improve messages. 459178825Sdfr 460178825Sdfr * test_pw_quality.c (main): Call kadm5_setup_passwd_quality_check 461178825Sdfr and kadm5_add_passwd_quality_verifier. 462178825Sdfr 463233294Sstas2005-04-30 Love H��rnquist ��strand <lha@it.su.se> 464178825Sdfr 465178825Sdfr * default_keys.c: #include <err.h>, only print salt it its longer 466178825Sdfr then 0, use krb5_err instead of errx where appropriate 467178825Sdfr 468233294Sstas2005-04-25 Love H��rnquist ��strand <lha@it.su.se> 469178825Sdfr 470178825Sdfr * ipropd_slave.c: add the documented option --port 471178825Sdfr 472178825Sdfr * ipropd_master.c: add the documented option --port 473178825Sdfr 474178825Sdfr * dump_log.c: use the newly generated units function 475178825Sdfr 476233294Sstas2005-04-24 Love H��rnquist ��strand <lha@it.su.se> 477178825Sdfr 478178825Sdfr * dump_log.c: use strlcpy 479178825Sdfr 480178825Sdfr * password_quality.c: don't use sizeof(pointer) 481178825Sdfr 482233294Sstas2005-04-15 Love H��rnquist ��strand <lha@it.su.se> 483178825Sdfr 484178825Sdfr * check-cracklib.pl: external password verifier sample 485178825Sdfr 486178825Sdfr * password_quality.c (kadm5_add_passwd_quality_verifier): if NULL 487178825Sdfr is passed in, load defaults 488178825Sdfr 489233294Sstas2005-04-14 Love H��rnquist ��strand <lha@it.su.se> 490178825Sdfr 491178825Sdfr * password_quality.c: add an end tag to the external password 492178825Sdfr quality check protocol 493178825Sdfr 494233294Sstas2005-04-13 Love H��rnquist ��strand <lha@it.su.se> 495178825Sdfr 496178825Sdfr * password_quality.c: add external passsword quality check builtin 497178825Sdfr module 498178825Sdfr 499178825Sdfr [password_quality] 500178825Sdfr policies = external-check 501178825Sdfr external-program = /bin/false 502178825Sdfr 503178825Sdfr To approve password a, make the test program return APPROVED on 504178825Sdfr stderr and fail with exit code 0. 505178825Sdfr 506233294Sstas2004-10-12 Love H��rnquist ��strand <lha@it.su.se> 507178825Sdfr 508178825Sdfr * Makefile.am: bump version to 7:7:0 and 6:5:2 509178825Sdfr 510178825Sdfr * default_keys.c (parse_file): use hdb_generate_key_set 511178825Sdfr 512178825Sdfr * keys.c,set_keys.c: Move keyset parsing and password based keyset 513178825Sdfr generation into hdb. Requested by Andrew Bartlett <abartlet@samba.org> 514178825Sdfr for hdb-ldb backend. 515178825Sdfr 516178825Sdfr2004-09-23 Johan Danielsson <joda@pdc.kth.se> 517178825Sdfr 518178825Sdfr * ipropd_master.c: add help strings to some options 519178825Sdfr 520233294Sstas2004-09-12 Love H��rnquist ��strand <lha@it.su.se> 521178825Sdfr 522178825Sdfr * chpass_s.c: deal with changed prototype for _kadm5_free_keys 523178825Sdfr 524178825Sdfr * keys.c (_kadm5_free_keys): change prototype, make it use 525178825Sdfr krb5_context instead of a kadm5_server_context 526178825Sdfr 527178825Sdfr * set_keys.c (parse_key_set): do way with static returning 528178825Sdfr (function) static variable and returned allocated memory 529178825Sdfr (_kadm5_generate_key_set): free enctypes returned by parse_key_set 530178825Sdfr 531233294Sstas2004-09-06 Love H��rnquist ��strand <lha@it.su.se> 532178825Sdfr 533178825Sdfr * set_keys.c: Fix memory leak, don't return stack variables From 534178825Sdfr Andrew Bartlett 535178825Sdfr 536178825Sdfr * set_keys.c: make all_etypes const and move outside function to 537178825Sdfr avoid returning data on stack 538178825Sdfr 539233294Sstas2004-08-26 Love H��rnquist ��strand <lha@it.su.se> 540178825Sdfr 541178825Sdfr * acl.c (fetch_acl): use " \t\n" instead of just "\n" for the 542178825Sdfr delim of the third element, this is so we can match 543178825Sdfr "foo@REALM<SPC>all<SPC><SPC>*@REALM", before it just matched 544178825Sdfr "foo@REALM<SPC>all<SPC>*@REALM", but that is kind of lucky since 545178825Sdfr what really happen was that the last <SPC> was stamped out, and 546178825Sdfr the it never strtok_r never needed to parse over it. 547178825Sdfr 548233294Sstas2004-08-25 Love H��rnquist ��strand <lha@it.su.se> 549178825Sdfr 550178825Sdfr * set_keys.c (_kadm5_generate_key_set): since arcfour-hmac-md5 is 551178825Sdfr without salting, some people tries to add the string 552178825Sdfr "arcfour-hmac-md5" when they really should have used 553178825Sdfr "arcfour-hmac-md5:pw-salt", help them and add glue for that 554178825Sdfr 555178825Sdfr2004-08-18 Johan Danielsson <joda@pdc.kth.se> 556178825Sdfr 557178825Sdfr * ipropd_slave.c: add --detach 558178825Sdfr 559233294Sstas2004-07-06 Love H��rnquist ��strand <lha@it.su.se> 560178825Sdfr 561178825Sdfr * ad.c: use new tsasl interface remove debug printf add upn to 562178825Sdfr computer-accounts 563178825Sdfr 564233294Sstas2004-06-28 Love H��rnquist ��strand <lha@it.su.se> 565178825Sdfr 566178825Sdfr * ad.c: implement kadm5_ad_init_with_password_ctx set more error 567178825Sdfr strings 568178825Sdfr 569233294Sstas2004-06-21 Love H��rnquist ��strand <lha@it.su.se> 570178825Sdfr 571178825Sdfr * Makefile.am: man_MANS = kadm5_pwcheck.3 572178825Sdfr 573178825Sdfr * kadm5_pwcheck.3: document new password quality api 574178825Sdfr 575178825Sdfr * password_quality.c: new password check interface (old still 576178825Sdfr supported) 577178825Sdfr 578178825Sdfr * kadm5-pwcheck.h: new password check interface 579178825Sdfr 580233294Sstas2004-06-08 Love H��rnquist ��strand <lha@it.su.se> 581178825Sdfr 582178825Sdfr * ipropd_master.c (main): process all slaves, not just up to the 583178825Sdfr last slave sending data 584233294Sstas (bug report from Bj��rn Sandell <biorn@dce.chalmers.se>) 585178825Sdfr (*): only send one ARE_YOU_THERE 586178825Sdfr 587233294Sstas2004-06-02 Love H��rnquist ��strand <lha@it.su.se> 588178825Sdfr 589178825Sdfr * ad.c: use krb5_set_password_using_ccache 590178825Sdfr 591233294Sstas2004-06-01 Love H��rnquist ��strand <lha@it.su.se> 592178825Sdfr 593178825Sdfr * ad.c: try handle spn's better 594178825Sdfr 595233294Sstas2004-05-31 Love H��rnquist ��strand <lha@it.su.se> 596178825Sdfr 597178825Sdfr * ad.c: add expiration time 598178825Sdfr 599178825Sdfr * ad.c: add modify operations 600178825Sdfr 601178825Sdfr * ad.c: handle create and delete 602178825Sdfr 603233294Sstas2004-05-27 Love H��rnquist ��strand <lha@it.su.se> 604178825Sdfr 605178825Sdfr * ad.c: more code for get, handle attributes 606178825Sdfr 607178825Sdfr * ad.c: more code for get, handle time stamps and bad password 608178825Sdfr counter 609178825Sdfr 610178825Sdfr * ad.c: more code for get, only fetches kvno for now 611178825Sdfr 612233294Sstas2004-05-26 Love H��rnquist ��strand <lha@it.su.se> 613178825Sdfr 614178825Sdfr * ad.c: add support for tsasl 615178825Sdfr 616178825Sdfr * private.h: add kadm5_ad_context 617178825Sdfr 618178825Sdfr * ipropd_master.c (prop_one): store the opcode in the begining of 619178825Sdfr the blob, not the end 620178825Sdfr 621178825Sdfr * ad.c: try all ldap servers in dns, generate a random password, 622178825Sdfr base64(random_block(64)), XXX must make it support other then 623178825Sdfr ARCFOUR 624178825Sdfr 625178825Sdfr * ad.c: framework for windows AD backend 626178825Sdfr 627233294Sstas2004-03-07 Love H��rnquist ��strand <lha@it.su.se> 628178825Sdfr 629178825Sdfr * create_s.c (kadm5_s_create_principal): remove old XXX command 630178825Sdfr and related code, _kadm5_set_keys will do all this now 631178825Sdfr 632233294Sstas2004-02-29 Love H��rnquist ��strand <lha@it.su.se> 633178825Sdfr 634178825Sdfr * set_keys.c (_kadm5_set_keys_randomly): make sure enctype to copy 635178825Sdfr enctype for des keys From: Andrew Bartlett <abartlet@samba.org> 636178825Sdfr 637178825Sdfr * create_s.c (kadm5_s_create_principal_with_key): don't call 638178825Sdfr _kadm5_set_keys2, create_principal will do that for us. Set kvno 639178825Sdfr to 1. 640178825Sdfr 641178825Sdfr * chpass_s.c (change): bump kvno 642178825Sdfr (kadm5_s_chpass_principal_with_key): bump kvno 643178825Sdfr 644178825Sdfr * randkey_s.c (kadm5_s_randkey_principal): bump kvno 645178825Sdfr 646178825Sdfr * set_keys.c (_kadm5_set_*): don't change the kvno, let the callee 647178825Sdfr to that 648178825Sdfr 649233294Sstas2003-12-30 Love H��rnquist ��strand <lha@it.su.se> 650178825Sdfr 651178825Sdfr * chpass_s.c (change): fix same-password-again by decrypting keys 652178825Sdfr and setting an error code From: Buck Huppmann <buckh@pobox.com> 653178825Sdfr 654233294Sstas2003-12-21 Love H��rnquist ��strand <lha@it.su.se> 655178825Sdfr 656178825Sdfr * init_c.c (_kadm5_c_init_context): catch errors from strdup and 657178825Sdfr other krb5_ functions 658178825Sdfr 659233294Sstas2003-12-08 Love H��rnquist ��strand <lha@it.su.se> 660178825Sdfr 661178825Sdfr * rename_s.c (kadm5_s_rename_principal): allow principal to change 662178825Sdfr realm From Panasas Inc 663178825Sdfr 664233294Sstas2003-12-07 Love H��rnquist ��strand <lha@it.su.se> 665178825Sdfr 666178825Sdfr * destroy_c.c (kadm5_c_destroy): fix memory leaks, From Panasas, 667178825Sdfr Inc 668178825Sdfr 669233294Sstas2003-11-23 Love H��rnquist ��strand <lha@it.su.se> 670178825Sdfr 671178825Sdfr * iprop.h: don't include <krb5-private.h> 672178825Sdfr 673178825Sdfr * ipropd_slave.c: stop using krb5 lib private byte-frobbing 674178825Sdfr functions and replace them with with krb5_storage 675178825Sdfr 676178825Sdfr * ipropd_master.c: stop using krb5 lib private byte-frobbing 677178825Sdfr functions and replace them with with krb5_storage 678178825Sdfr 679233294Sstas2003-11-19 Love H��rnquist ��strand <lha@it.su.se> 680178825Sdfr 681178825Sdfr * ipropd_slave.c (receive_loop): when seeking over the entries we 682178825Sdfr already have, skip over the trailer. From: Jeffrey Hutzelman 683178825Sdfr <jhutz@cmu.edu> 684178825Sdfr 685178825Sdfr * dump_log.c,ipropd_master.c,ipropd_slave.c, 686178825Sdfr replay_log.c,truncate_log.c: parse kdc.conf 687178825Sdfr From: Jeffrey Hutzelman <jhutz@cmu.edu> 688178825Sdfr 689233294Sstas2003-10-10 Love H��rnquist ��strand <lha@it.su.se> 690178825Sdfr 691178825Sdfr * Makefile.am: += test_pw_quality 692178825Sdfr 693178825Sdfr * test_pw_quality.c: test program for verifying password quality 694178825Sdfr function 695178825Sdfr 696233294Sstas2003-09-03 Love H��rnquist ��strand <lha@it.su.se> 697178825Sdfr 698178825Sdfr * Makefile.am: add and enable check program default_keys 699178825Sdfr 700178825Sdfr * default_keys.c: test program for _kadm5_generate_key_set 701178825Sdfr 702178825Sdfr * init_c.c: use 703178825Sdfr krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free 704178825Sdfr 705233294Sstas2003-08-17 Love H��rnquist ��strand <lha@it.su.se> 706178825Sdfr 707178825Sdfr * set_keys.c (_kadm5_set_keys_randomly): remove dup return 708178825Sdfr 709178825Sdfr * ipropd_master.c (main): make sure current_version is initialized 710178825Sdfr 711233294Sstas2003-08-15 Love H��rnquist ��strand <lha@it.su.se> 712178825Sdfr 713178825Sdfr * set_keys.c: use default_keys for the both random keys and 714178825Sdfr password derived keys if its defined 715178825Sdfr 716233294Sstas2003-07-24 Love H��rnquist ��strand <lha@it.su.se> 717178825Sdfr 718178825Sdfr * ipropd_slave.c (receive_everything): switch close and rename 719178825Sdfr From: Alf Wachsmann <alfw@SLAC.Stanford.EDU> 720178825Sdfr 721233294Sstas2003-07-03 Love H��rnquist ��strand <lha@it.su.se> 722178825Sdfr 723178825Sdfr * iprop.h, ipropd_master.c, ipropd_slave.c: 724178825Sdfr Add probing from the server that the client is still there, also 725178825Sdfr make the client check that the server is probing. 726178825Sdfr 727233294Sstas2003-07-02 Love H��rnquist ��strand <lha@it.su.se> 728178825Sdfr 729178825Sdfr * truncate_log.c (main): add missing ``if (ret)'' 730178825Sdfr 731233294Sstas2003-06-26 Love H��rnquist ��strand <lha@it.su.se> 732178825Sdfr 733178825Sdfr * set_keys.c (make_keys): add AES support 734178825Sdfr 735178825Sdfr * set_keys.c: fix off by one in the aes case, pointed out by Ken 736178825Sdfr Raeburn 737178825Sdfr 738233294Sstas2003-04-30 Love H��rnquist ��strand <lha@it.su.se> 739178825Sdfr 740178825Sdfr * set_keys.c (_kadm5_set_keys_randomly): add 741178825Sdfr ETYPE_AES256_CTS_HMAC_SHA1_96 key when configuried with aes 742178825Sdfr support 743178825Sdfr 744233294Sstas2003-04-16 Love H��rnquist ��strand <lha@it.su.se> 745178825Sdfr 746120945Snectar * send_recv.c: check return values from krb5_data_alloc 747120945Snectar * log.c: check return values from krb5_data_alloc 748120945Snectar 749233294Sstas2003-04-16 Love H��rnquist ��strand <lha@it.su.se> 750120945Snectar 751120945Snectar * dump_log.c (print_entry): check return values from 752120945Snectar krb5_data_alloc 753120945Snectar 754233294Sstas2003-04-01 Love H��rnquist ��strand <lha@it.su.se> 755120945Snectar 756120945Snectar * init_c.c (kadm_connect): if a context realm was passed in, use 757120945Snectar that to form the kadmin/admin principal 758120945Snectar 759233294Sstas2003-03-19 Love H��rnquist ��strand <lha@it.su.se> 760120945Snectar 761120945Snectar * ipropd_master.c (main): make sure we don't consider dead slave 762120945Snectar for select processing 763120945Snectar (write_stats): use slave_stats_file variable, 764120945Snectar check return value of strftime 765120945Snectar (args): allow specifying slave stats file 766120945Snectar (slave_dead): close the fd when the slave dies 767120945Snectar 768107207Snectar2002-10-21 Johan Danielsson <joda@pdc.kth.se> 769107207Snectar 770120945Snectar * ipropd_slave.c (from Derrick Brashear): Propagating a large 771120945Snectar database without this means the slave kdcs can get erroneous 772120945Snectar HDB_NOENTRY and return the resulting errors. This creates a new db 773120945Snectar handle, populates it, and moves it into place. 774107207Snectar 775102644Snectar2002-08-26 Assar Westerlund <assar@kth.se> 776102644Snectar 777102644Snectar * ipropd_slave.c (receive_everything): type-correctness calling 778102644Snectar _krb5_get_int 779102644Snectar 780102644Snectar * context_s.c (find_db_spec): const-correctness in parameters to 781102644Snectar krb5_config_get_next 782102644Snectar 783102644Snectar2002-08-16 Johan Danielsson <joda@pdc.kth.se> 784102644Snectar 785102644Snectar * private.h: rename header file flag macro 786102644Snectar 787102644Snectar * Makefile.am: generate kadm5-{protos,private}.h 788102644Snectar 789102644Snectar2002-08-15 Johan Danielsson <joda@pdc.kth.se> 790102644Snectar 791102644Snectar * ipropd_master.c: check return value of krb5_sockaddr2address 792102644Snectar 793102644Snectar2002-07-04 Johan Danielsson <joda@pdc.kth.se> 794102644Snectar 795102644Snectar * ipropd_master.c: handle slaves that come and go; add status 796102644Snectar reporting (both from Love) 797102644Snectar 798102644Snectar * iprop.h: KADM5_SLAVE_STATS 799102644Snectar 800102644Snectar2002-03-25 Jacques Vidrine <n@nectar.com> 801102644Snectar 802102644Snectar * init_c.c (get_cred_cache): bug fix: the default credentials 803102644Snectar cache was not being used if a client name was specified. 804102644Snectar 805102644Snectar2002-03-25 Johan Danielsson <joda@pdc.kth.se> 806102644Snectar 807102644Snectar * init_c.c (get_cred_cache): when getting the default_client from 808102644Snectar the cred cache, make sure the instance part is "admin"; this 809102644Snectar should require fewer uses of -p 810102644Snectar 811102644Snectar2002-03-11 Assar Westerlund <assar@sics.se> 812102644Snectar 813102644Snectar * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:5:0 814102644Snectar (libkadm5clnt_la_LDFLAGS): set version to 6:3:2 815102644Snectar 81690926Snectar2002-02-08 Johan Danielsson <joda@pdc.kth.se> 81790926Snectar 81890926Snectar * init_c.c: we have to create our own param struct before 81990926Snectar marshaling 82090926Snectar 82190926Snectar2001-09-05 Johan Danielsson <joda@pdc.kth.se> 82290926Snectar 82390926Snectar * Makefile.am: link with LIB_pidfile 82490926Snectar 82590926Snectar * iprop.h: include util.h for pidfile 82690926Snectar 82790926Snectar2001-08-31 Assar Westerlund <assar@sics.se> 82890926Snectar 82990926Snectar * ipropd_slave.c (main): syslog with the correct name 83090926Snectar 83190926Snectar2001-08-30 Jacques Vidrine <n@nectar.com> 83290926Snectar 83390926Snectar * ipropd_slave.c, ipropd_master.c (main): call pidfile 83490926Snectar 83590926Snectar2001-08-28 Assar Westerlund <assar@sics.se> 83690926Snectar 83790926Snectar * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:4:0 83890926Snectar 83990926Snectar2001-08-24 Assar Westerlund <assar@sics.se> 84090926Snectar 84190926Snectar * acl.c (fetch_acl): do not return bogus flags and re-organize 84290926Snectar function 84390926Snectar 84490926Snectar * Makefile.am: rename variable name to avoid error from current 84590926Snectar automake 84690926Snectar 84790926Snectar2001-08-13 Johan Danielsson <joda@pdc.kth.se> 84890926Snectar 84990926Snectar * set_keys.c: add easier afs configuration, defaulting to the 85090926Snectar local realm in lower case; also try to remove duplicate salts 85190926Snectar 85290926Snectar2001-07-12 Assar Westerlund <assar@sics.se> 85390926Snectar 85490926Snectar * Makefile.am: add required library dependencies 85590926Snectar 85690926Snectar2001-07-03 Assar Westerlund <assar@sics.se> 85790926Snectar 85890926Snectar * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 6:2:2 85990926Snectar 86090926Snectar2001-06-29 Johan Danielsson <joda@pdc.kth.se> 86190926Snectar 86290926Snectar * init_c.c: call krb5_get_init_creds_opt_set_default_flags 86390926Snectar 86478527Sassar2001-02-19 Johan Danielsson <joda@pdc.kth.se> 86578527Sassar 86678527Sassar * replay_log.c: add --{start-end}-version flags to replay just 86778527Sassar part of the log 86878527Sassar 86978527Sassar2001-02-15 Assar Westerlund <assar@sics.se> 87078527Sassar 87178527Sassar * ipropd_master.c (main): fix select-loop to decrement ret 87278527Sassar correctly. from "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu> 87378527Sassar 87472445Sassar2001-01-30 Assar Westerlund <assar@sics.se> 87572445Sassar 87672445Sassar * Makefile.am: bump versions 87772445Sassar 87872445Sassar2000-12-31 Assar Westerlund <assar@sics.se> 87972445Sassar 88072445Sassar * init_s.c (*): handle krb5_init_context failure consistently 88172445Sassar * init_c.c (init_context): handle krb5_init_context failure 88272445Sassar consistently 88372445Sassar 88472445Sassar2000-12-11 Assar Westerlund <assar@sics.se> 88572445Sassar 88672445Sassar * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:2:0 88772445Sassar 88872445Sassar2000-11-16 Assar Westerlund <assar@sics.se> 88972445Sassar 89072445Sassar * set_keys.c (make_keys): clean-up salting loop and try not to 89172445Sassar leak memory 89272445Sassar 89372445Sassar * ipropd_master.c (main): check for fd's being too large to select 89472445Sassar on 89572445Sassar 89672445Sassar2000-08-16 Assar Westerlund <assar@sics.se> 89772445Sassar 89872445Sassar * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:1:0 89972445Sassar 90072445Sassar2000-08-10 Assar Westerlund <assar@sics.se> 90172445Sassar 90272445Sassar * acl.c (fetch_acl): fix wrong cases, use krb5_principal_match 90372445Sassar 90472445Sassar2000-08-07 Assar Westerlund <assar@sics.se> 90572445Sassar 90672445Sassar * ipropd_master.c (main): ignore SIGPIPE 90772445Sassar 90872445Sassar2000-08-06 Assar Westerlund <assar@sics.se> 90972445Sassar 91072445Sassar * ipropd_slave.c (receive_everything): make `fd' an int instead of 91172445Sassar a pointer. From Derrick J Brashear <shadow@dementia.org> 91272445Sassar 91372445Sassar2000-08-04 Johan Danielsson <joda@pdc.kth.se> 91472445Sassar 91572445Sassar * admin.h: change void** to void* 91672445Sassar 91772445Sassar2000-07-25 Johan Danielsson <joda@pdc.kth.se> 91872445Sassar 91972445Sassar * Makefile.am: bump versions to 7:0:0 and 6:0:2 92072445Sassar 92172445Sassar2000-07-24 Assar Westerlund <assar@sics.se> 92272445Sassar 92372445Sassar * log.c (kadm5_log_get_version): rename kadm5_log_get_version_fd 92472445Sassar and make a new that takes a context 92572445Sassar (kadm5_log_nop): add logging of missing lengths 92672445Sassar (kadm5_log_truncate): new function 92772445Sassar 92872445Sassar * dump_log.c (print_entry): update and correct 92972445Sassar * randkey_s.c: call _kadm5_bump_pw_expire 93072445Sassar * truncate_log.c: new program for truncating the log 93172445Sassar * Makefile.am (sbin_PROGRAMS): add truncate_log 93272445Sassar (C_SOURCES): add bump_pw_expire.c 93372445Sassar * bump_pw_expire.c: new function for extending password expiration 93472445Sassar 93572445Sassar2000-07-22 Assar Westerlund <assar@sics.se> 93672445Sassar 93772445Sassar * keys.c: new file with _kadm5_free_keys, _kadm5_init_keys 93872445Sassar 93972445Sassar * set_keys.c (free_keys, init_keys): elevate to internal kadm5 94072445Sassar functions 94172445Sassar 94272445Sassar * chpass_s.c (kadm5_s_chpass_principal_cond): new function 94372445Sassar * Makefile.am (C_SOURCES): add keys.c 94472445Sassar * init_c.c: remove unused variable and handle some parameters 94572445Sassar being NULL 94672445Sassar 94772445Sassar2000-07-22 Johan Danielsson <joda@pdc.kth.se> 94872445Sassar 94972445Sassar * ipropd_slave.c: use krb5_read_priv_message 95072445Sassar 95172445Sassar * ipropd_master.c: use krb5_{read,write}_priv_message 95272445Sassar 95372445Sassar * init_c.c: use krb5_write_priv_message 95472445Sassar 95572445Sassar2000-07-11 Johan Danielsson <joda@pdc.kth.se> 95672445Sassar 95772445Sassar * ipropd_slave.c: no need to call gethostname, since 95872445Sassar sname_to_principal will 95972445Sassar 96072445Sassar * send_recv.c: assert that we have a connected socket 96172445Sassar 96272445Sassar * get_princs_c.c: call _kadm5_connect 96372445Sassar 96472445Sassar * rename_c.c: call _kadm5_connect 96572445Sassar 96672445Sassar * randkey_c.c: call _kadm5_connect 96772445Sassar 96872445Sassar * privs_c.c: call _kadm5_connect 96972445Sassar 97072445Sassar * modify_c.c: call _kadm5_connect 97172445Sassar 97272445Sassar * get_c.c: call _kadm5_connect 97372445Sassar 97472445Sassar * delete_c.c: call _kadm5_connect 97572445Sassar 97672445Sassar * create_c.c: call _kadm5_connect 97772445Sassar 97872445Sassar * chpass_c.c: call _kadm5_connect 97972445Sassar 98072445Sassar * private.h: add more fields to client context; remove prototypes 98172445Sassar 98272445Sassar * admin.h: remove prototypes 98372445Sassar 98472445Sassar * kadm5-protos.h: move public prototypes here 98572445Sassar 98672445Sassar * kadm5-private.h: move private prototypes here 98772445Sassar 98872445Sassar * init_c.c: break out connection code to separate function, and 98972445Sassar defer calling it until we actually do something 99072445Sassar 99172445Sassar2000-07-07 Assar Westerlund <assar@sics.se> 99272445Sassar 99372445Sassar * set_keys.c (make_keys): also support `[kadmin]use_v4_salt' for 99472445Sassar backwards compatability 99572445Sassar 99672445Sassar2000-06-26 Johan Danielsson <joda@pdc.kth.se> 99772445Sassar 99872445Sassar * set_keys.c (_kadm5_set_keys): rewrite this to be more easily 99972445Sassar adaptable to different salts 100072445Sassar 100172445Sassar2000-06-19 Johan Danielsson <joda@pdc.kth.se> 100272445Sassar 100372445Sassar * get_s.c: pa_* -> KRB5_PADATA_* 100472445Sassar 100572445Sassar2000-06-16 Assar Westerlund <assar@sics.se> 100672445Sassar 100772445Sassar * ipropd_slave.c: change default keytab to default keytab (as in 100872445Sassar typically FILE:/etc/krb5.keytab) 100972445Sassar 101072445Sassar2000-06-08 Assar Westerlund <assar@sics.se> 101172445Sassar 101272445Sassar * ipropd_slave.c: bug fixes, for actually writing the full dump to 101372445Sassar the database. based on a patch from Love <lha@stacken.kth.se> 101472445Sassar 101572445Sassar2000-06-07 Assar Westerlund <assar@sics.se> 101672445Sassar 101772445Sassar * acl.c: add support for patterns of principals 101872445Sassar * log.c (kadm5_log_replay_create): handle more NULL pointers 101972445Sassar (should they really happen?) 102072445Sassar * log.c (kadm5_log_replay_modify): handle max_life == NULL and 102172445Sassar max_renew == NULL 102272445Sassar 102372445Sassar * ipropd_master.c: use syslog. be less verbose 102472445Sassar * ipropd_slave.c: use syslog 102572445Sassar 102672445Sassar2000-06-05 Assar Westerlund <assar@sics.se> 102772445Sassar 102872445Sassar * private.h (kadm_ops): add kadm_nop more prototypes 102972445Sassar * log.c (kadm5_log_set_version, kadm5_log_reinit, kadm5_log_nop, 103072445Sassar kadm5_log_replay_nop): add 103172445Sassar * ipropd_slave.c: and some more improvements 103272445Sassar * ipropd_master.c: lots of improvements 103372445Sassar * iprop.h (IPROP_PORT, IPROP_SERVICE): add 103472445Sassar (iprop_cmd): add new commands 103572445Sassar 103672445Sassar * dump_log.c: add nop 103772445Sassar 103872445Sassar2000-05-15 Assar Westerlund <assar@sics.se> 103972445Sassar 104072445Sassar * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 5:1:1 104172445Sassar 104272445Sassar2000-05-12 Assar Westerlund <assar@sics.se> 104372445Sassar 104472445Sassar * get_s.c (kadm5_s_get_principal): set life, rlife to INT_MAX as a 104572445Sassar fallback. handle not having any creator. 104672445Sassar * destroy_s.c (kadm5_s_destroy): free all allocated memory 104772445Sassar * context_s.c (set_field): free variable if it's already set 104872445Sassar (find_db_spec): malloc space for all strings 104972445Sassar 105072445Sassar2000-04-05 Assar Westerlund <assar@sics.se> 105172445Sassar 105272445Sassar * Makefile.am (LDADD): add LIB_openldap 105372445Sassar 105472445Sassar2000-04-03 Assar Westerlund <assar@sics.se> 105572445Sassar 105672445Sassar * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 6:0:1 105772445Sassar (libkadm5clnt_la_LDFLAGS): set version to 5:0:1 105872445Sassar 105972445Sassar2000-03-24 Assar Westerlund <assar@sics.se> 106072445Sassar 106172445Sassar * set_keys.c (_kadm5_set_keys2): rewrite 106272445Sassar (_kadm5_set_keys3): add 106372445Sassar 106472445Sassar * private.h (struct kadm_func): add chpass_principal_with_key 106572445Sassar * init_c.c (set_funcs): add chpass_principal_with_key 106672445Sassar 106772445Sassar2000-03-23 Assar Westerlund <assar@sics.se> 106872445Sassar 106972445Sassar * context_s.c (set_funcs): add chpass_principal_with_key 107072445Sassar * common_glue.c (kadm5_chpass_principal_with_key): add 107172445Sassar * chpass_s.c: comment-ize and change calling convention for 107272445Sassar _kadm5_set_keys* 107372445Sassar * chpass_c.c (kadm5_c_chpass_principal_with_key): add 107472445Sassar 107557416Smarkm2000-02-07 Assar Westerlund <assar@sics.se> 107657416Smarkm 107757416Smarkm * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0 107857416Smarkm 107957416Smarkm2000-01-28 Assar Westerlund <assar@sics.se> 108057416Smarkm 108157416Smarkm * init_c.c (get_new_cache): make sure to request non-forwardable, 108257416Smarkm non-proxiable 108357416Smarkm 108455682Smarkm2000-01-06 Assar Westerlund <assar@sics.se> 108555682Smarkm 108655682Smarkm * Makefile.am (libkadm5srv.la): bump version to 5:1:0 108755682Smarkm 108855682Smarkm * context_s.c (_kadm5_s_init_context): handle params == NULL 108955682Smarkm 109055682Smarkm1999-12-26 Assar Westerlund <assar@sics.se> 109155682Smarkm 109255682Smarkm * get_s.c (kadm5_s_get_principal): handle modified_by->principal 109355682Smarkm == NULL 109455682Smarkm 109555682Smarkm1999-12-20 Assar Westerlund <assar@sics.se> 109655682Smarkm 109755682Smarkm * Makefile.am (libkadm5clnt_la_LDFLAGS): bump version to 4:1:0 109855682Smarkm 109955682Smarkm * init_c.c (_kadm5_c_init_context): handle getting back port 110055682Smarkm number from admin host 110155682Smarkm (kadm5_c_init_with_context): remove `proto/' part before doing 110255682Smarkm getaddrinfo() 110355682Smarkm 110455682Smarkm1999-12-06 Assar Westerlund <assar@sics.se> 110555682Smarkm 110655682Smarkm * Makefile.am: bump version to 5:0:0 and 4:0:0 110755682Smarkm 110855682Smarkm * init_c.c (kadm5_c_init_with_context): don't use unitialized 110955682Smarkm stuff 111055682Smarkm 111155682Smarkm1999-12-04 Assar Westerlund <assar@sics.se> 111255682Smarkm 111355682Smarkm * replay_log.c: adapt to changed kadm5_log_foreach 111455682Smarkm 111555682Smarkm * log.c (kadm5_log_foreach): change to take a 111655682Smarkm `kadm5_server_context' 111755682Smarkm 111855682Smarkm * init_c.c: use krb5_warn{,x} 111955682Smarkm 112055682Smarkm * dump_log.c: adapt to changed kadm5_log_foreach 112155682Smarkm 112255682Smarkm * init_c.c: re-write to use getaddrinfo 112355682Smarkm * Makefile.am (install-build-headers): add dependency 112455682Smarkm 112555682Smarkm1999-12-03 Johan Danielsson <joda@pdc.kth.se> 112655682Smarkm 112755682Smarkm * log.c (kadm5_log_foreach): pass context 112855682Smarkm 112955682Smarkm * dump_log.c: print more interesting things 113055682Smarkm 113155682Smarkm1999-12-02 Johan Danielsson <joda@pdc.kth.se> 113255682Smarkm 113355682Smarkm * ipropd_master.c (process_msg): check for short reads 113455682Smarkm 113555682Smarkm1999-11-25 Assar Westerlund <assar@sics.se> 113655682Smarkm 113755682Smarkm * modify_s.c (kadm5_s_modify_principal): support key_data 113855682Smarkm (kadm5_s_modify_principal_with_key): remove 113955682Smarkm 114055682Smarkm * admin.h (kadm5_s_modify_principal_with_key): remove 114155682Smarkm 114255682Smarkm1999-11-20 Assar Westerlund <assar@sics.se> 114355682Smarkm 114455682Smarkm * context_s.c (find_db_spec): ugly cast work-around. 114555682Smarkm 114655682Smarkm1999-11-14 Assar Westerlund <assar@sics.se> 114755682Smarkm 114855682Smarkm * context_s.c (_kadm5_s_init_context): call krb5_add_et_list so 114955682Smarkm that we aren't dependent on the layout of krb5_context_data 115055682Smarkm * init_c.c (_kadm5_c_init_context): call krb5_add_et_list so that 115155682Smarkm we aren't dependent on the layout of krb5_context_data 115255682Smarkm 115355682Smarkm1999-11-13 Assar Westerlund <assar@sics.se> 115455682Smarkm 115555682Smarkm * password_quality.c (kadm5_setup_passwd_quality_check): use 115655682Smarkm correct types for function pointers 115755682Smarkm 115855682Smarkm1999-11-09 Johan Danielsson <joda@pdc.kth.se> 115955682Smarkm 116055682Smarkm * randkey_s.c: always bail out if the fetch fails 116155682Smarkm 116255682Smarkm * admin.h (kadm5_config_params): remove fields we're not using 116355682Smarkm 116455682Smarkm * ipropd_slave.c: allow passing a realm 116555682Smarkm 116655682Smarkm * ipropd_master.c: allow passing a realm 116755682Smarkm 116855682Smarkm * dump_log.c: allow passing a realm 116955682Smarkm 117055682Smarkm * acl.c: correctly get acl file 117155682Smarkm 117255682Smarkm * private.h (kadm5_server_context): add config_params struct and 117355682Smarkm remove acl_file; bump protocol version number 117455682Smarkm 117555682Smarkm * marshall.c: marshalling of config parameters 117655682Smarkm 117755682Smarkm * init_c.c (kadm5_c_init_with_context): try to cope with old 117855682Smarkm servers 117955682Smarkm 118055682Smarkm * init_s.c (kadm5_s_init_with_context): actually use some passed 118155682Smarkm values 118255682Smarkm 118355682Smarkm * context_s.c (_kadm5_s_init_context): get dbname, acl_file, and 118455682Smarkm stash_file from the config parameters, try to figure out these if 118555682Smarkm they're not provided 118655682Smarkm 118755682Smarkm1999-11-05 Assar Westerlund <assar@sics.se> 118855682Smarkm 118955682Smarkm * Makefile.am (install-build-headers): use `cp' instead of 119055682Smarkm INSTALL_DATA 119155682Smarkm 119255682Smarkm1999-11-04 Assar Westerlund <assar@sics.se> 119355682Smarkm 119455682Smarkm * Makefile.am: bump version to 4:0:0 and 3:0:0 (they access fields 119555682Smarkm directly in libkrb5's context - bad functions) 119655682Smarkm 119755682Smarkm * set_keys.c (_kadm5_set_keys_randomly): set enctypes correctly in 119855682Smarkm the copied keys 119955682Smarkm 120055682Smarkm1999-10-20 Assar Westerlund <assar@sics.se> 120155682Smarkm 120255682Smarkm * Makefile.am: set version of kadm5srv to 3:0:2 (new password 120355682Smarkm quality functions). 120455682Smarkm set version of kdam5clnt to 2:1:1 (no interface changes) 120555682Smarkm 120655682Smarkm * Makefile.am (LDADD): add $(LIB_dlopen) 120755682Smarkm 120855682Smarkm1999-10-17 Assar Westerlund <assar@sics.se> 120955682Smarkm 121055682Smarkm * randkey_s.c (kadm5_s_randkey_principal): use 121155682Smarkm _kadm5_set_keys_randomly 121255682Smarkm 121355682Smarkm * set_keys.c (free_keys): free more memory 121455682Smarkm (_kadm5_set_keys): a little bit more generic 121555682Smarkm (_kadm5_set_keys_randomly): new function for setting random keys. 121655682Smarkm 121755682Smarkm1999-10-14 Assar Westerlund <assar@sics.se> 121855682Smarkm 121955682Smarkm * set_keys.c (_kadm5_set_keys): ignore old keys when setting new 122055682Smarkm ones and always add 3 DES keys and one 3DES key 122155682Smarkm 122255682Smarkm1999-10-03 Assar Westerlund <assar@sics.se> 122355682Smarkm 122455682Smarkm * init_c.c (_kadm5_c_init_context): use `krb5_get_krb_admin_hst'. 122555682Smarkm check return value from strdup 122655682Smarkm 122755682Smarkm1999-09-26 Assar Westerlund <assar@sics.se> 122855682Smarkm 122955682Smarkm * acl.c (_kadm5_privs_to_string): forgot one strcpy_truncate -> 123055682Smarkm strlcpy 123155682Smarkm 123255682Smarkm1999-09-24 Johan Danielsson <joda@pdc.kth.se> 123355682Smarkm 123455682Smarkm * dump_log.c: remove unused `optind' 123555682Smarkm 123655682Smarkm * replay_log.c: remove unused `optind' 123755682Smarkm 123855682Smarkm1999-09-13 Assar Westerlund <assar@sics.se> 123955682Smarkm 124055682Smarkm * chpass_c.c (kadm5_c_chpass_principal): new _kadm5_client_recv 124155682Smarkm 124255682Smarkm * send_recv.c (_kadm5_client_recv): return result in a `krb5_data' 124355682Smarkm so that we avoid copying it and don't need to dimension in 124455682Smarkm advance. change all callers. 124555682Smarkm 124655682Smarkm1999-09-10 Assar Westerlund <assar@sics.se> 124755682Smarkm 124855682Smarkm * password_quality.c: new file 124955682Smarkm 125055682Smarkm * admin.h 125155682Smarkm (kadm5_setup_passwd_quality_check,kadm5_check_password_quality): 125255682Smarkm add prototypes 125355682Smarkm 125455682Smarkm * Makefile.am (S_SOURCES): add password_quality.c 125555682Smarkm 125655682Smarkm1999-07-26 Assar Westerlund <assar@sics.se> 125755682Smarkm 125855682Smarkm * Makefile.am: update versions to 2:0:1 125955682Smarkm 126055682Smarkm1999-07-24 Assar Westerlund <assar@sics.se> 126155682Smarkm 126255682Smarkm * ent_setup.c (_kadm5_setup_entry): make princ_expire_time == 0 126355682Smarkm and pw_expiration == 0 mean never 126455682Smarkm 126555682Smarkm1999-07-22 Assar Westerlund <assar@sics.se> 126655682Smarkm 126755682Smarkm * log.c (kadm5_log_flush): extra cast 126855682Smarkm 126955682Smarkm1999-07-07 Assar Westerlund <assar@sics.se> 127055682Smarkm 127155682Smarkm * marshall.c (store_principal_ent): encoding princ_expire_time and 127255682Smarkm pw_expiration in correct order 127355682Smarkm 127455682Smarkm1999-06-28 Assar Westerlund <assar@sics.se> 127555682Smarkm 127655682Smarkm * randkey_s.c (kadm5_s_randkey_principal): nuke old mkvno, 127755682Smarkm otherwise hdb will think that the new random keys are already 127855682Smarkm encrypted which will cause lots of confusion later. 127955682Smarkm 128055682Smarkm1999-06-23 Assar Westerlund <assar@sics.se> 128155682Smarkm 128255682Smarkm * ent_setup.c (_kadm5_setup_entry): handle 0 == unlimited 128355682Smarkm correctly. From Michal Vocu <michal@karlin.mff.cuni.cz> 128455682Smarkm 128555682Smarkm1999-06-15 Assar Westerlund <assar@sics.se> 128655682Smarkm 128755682Smarkm * init_c.c (get_cred_cache): use get_default_username 128855682Smarkm 128955682Smarkm1999-05-23 Assar Westerlund <assar@sics.se> 129055682Smarkm 129155682Smarkm * create_s.c (create_principal): if there's no default entry the 129255682Smarkm mask should be zero. 129355682Smarkm 129455682Smarkm1999-05-21 Assar Westerlund <assar@sics.se> 129555682Smarkm 129655682Smarkm * init_c.c (get_cred_cache): use $USERNAME 129755682Smarkm 129855682Smarkm1999-05-17 Johan Danielsson <joda@pdc.kth.se> 129955682Smarkm 130055682Smarkm * init_c.c (get_cred_cache): figure out principal 130155682Smarkm 130255682Smarkm1999-05-05 Johan Danielsson <joda@pdc.kth.se> 130355682Smarkm 130455682Smarkm * send_recv.c: cleanup _kadm5_client_{send,recv} 130555682Smarkm 130655682Smarkm1999-05-04 Assar Westerlund <assar@sics.se> 130755682Smarkm 130855682Smarkm * set_keys.c (_kadm5_set_keys2): don't check the recently created 130955682Smarkm memory for NULL pointers 131055682Smarkm 131155682Smarkm * private.h (_kadm5_setup_entry): change prototype 131255682Smarkm 131355682Smarkm * modify_s.c: call new _kadm5_setup_entry 131455682Smarkm 131555682Smarkm * ent_setup.c (_kadm5_setup_entry): change so that it takes three 131655682Smarkm masks, one for what bits to set and one for each of principal and 131755682Smarkm def containing the bits that are set there. 131855682Smarkm 131955682Smarkm * create_s.c: call new _kadm5_setup_entry 132055682Smarkm 132155682Smarkm * create_s.c (get_default): check return value 132255682Smarkm (create_principal): send wider mask to _kadm5_setup_entry 132355682Smarkm 132455682Smarkm1999-05-04 Johan Danielsson <joda@pdc.kth.se> 132555682Smarkm 132655682Smarkm * send_recv.c (_kadm5_client_recv): handle arbitrarily sized 132755682Smarkm packets, check for errors 132855682Smarkm 132955682Smarkm * get_c.c: check for failure from _kadm5_client_{send,recv} 133055682Smarkm 133155682Smarkm1999-05-04 Assar Westerlund <assar@sics.se> 133255682Smarkm 133355682Smarkm * init_c.c (get_new_cache): don't abort when interrupted from 133455682Smarkm password prompt 133555682Smarkm 133655682Smarkm * destroy_c.c (kadm5_c_destroy): check if we should destroy the 133755682Smarkm auth context 133855682Smarkm 133955682Smarkm1999-05-03 Johan Danielsson <joda@pdc.kth.se> 134055682Smarkm 134155682Smarkm * chpass_s.c: fix arguments to _kadm5_set_keys2 134255682Smarkm 134355682Smarkm * private.h: proto 134455682Smarkm 134555682Smarkm * set_keys.c: clear mkvno 134655682Smarkm 134755682Smarkm * rename_s.c: add flags to fetch and store; seal keys before 134855682Smarkm logging 134955682Smarkm 135055682Smarkm * randkey_s.c: add flags to fetch and store; seal keys before 135155682Smarkm logging 135255682Smarkm 135355682Smarkm * modify_s.c: add flags to fetch and store; seal keys before 135455682Smarkm logging 135555682Smarkm 135655682Smarkm * log.c: add flags to fetch and store; seal keys before logging 135755682Smarkm 135855682Smarkm * get_s.c: add flags to fetch and store; seal keys before logging 135955682Smarkm 136055682Smarkm * get_princs_s.c: add flags to fetch and store; seal keys before 136155682Smarkm logging 136255682Smarkm 136355682Smarkm * delete_s.c: add flags to fetch and store; seal keys before 136455682Smarkm logging 136555682Smarkm 136655682Smarkm * create_s.c: add flags to fetch and store; seal keys before 136755682Smarkm logging 136855682Smarkm 136955682Smarkm * chpass_s.c: add flags to fetch and store; seal keys before 137055682Smarkm logging 137155682Smarkm 137255682Smarkm * Makefile.am: remove server.c 137355682Smarkm 137455682Smarkm * admin.h: add prototypes 137555682Smarkm 137655682Smarkm * ent_setup.c (_kadm5_setup_entry): set key_data 137755682Smarkm 137855682Smarkm * set_keys.c: add _kadm5_set_keys2 to sey keys from key_data 137955682Smarkm 138055682Smarkm * modify_s.c: add kadm5_s_modify_principal_with_key 138155682Smarkm 138255682Smarkm * create_s.c: add kadm5_s_create_principal_with_key 138355682Smarkm 138455682Smarkm * chpass_s.c: add kadm5_s_chpass_principal_with_key 138555682Smarkm 138655682Smarkm * kadm5_locl.h: move stuff to private.h 138755682Smarkm 138855682Smarkm * private.h: move stuff from kadm5_locl.h 138990926Snectar 1390