ChangeLog revision 178825
1178825Sdfr2008-01-21 Love H�rnquist �strand <lha@it.su.se> 2127808Snectar 3178825Sdfr * default_keys.c: Use hdb_free_keys(). 4178825Sdfr 5178825Sdfr2008-01-11 Love H�rnquist �strand <lha@it.su.se> 6178825Sdfr 7178825Sdfr * Makefile.am: add check-cracklib.pl, flush.c, 8178825Sdfr sample_passwd_check.c 9178825Sdfr 10178825Sdfr2007-12-07 Love H�rnquist �strand <lha@it.su.se> 11178825Sdfr 12178825Sdfr * use hdb_db_dir() and hdb_default_db() 13178825Sdfr 14178825Sdfr2007-10-18 Love <lha@stacken.kth.se> 15178825Sdfr 16178825Sdfr * init_c.c: We are getting default_client, not client. this way 17178825Sdfr the user can override the result. 18127808Snectar 19178825Sdfr2007-09-29 Love H�rnquist �strand <lha@it.su.se> 20127808Snectar 21178825Sdfr * iprop.8: fix spelling, From Antoine Jacoutt. 22178825Sdfr 23178825Sdfr2007-08-16 Love H�rnquist �strand <lha@it.su.se> 24178825Sdfr 25178825Sdfr * version-script.map: export _kadm5_unmarshal_params, 26178825Sdfr _kadm5_acl_check_permission 27178825Sdfr 28178825Sdfr * version-script.map: export kadm5_log_ symbols. 29178825Sdfr 30178825Sdfr * log.c: Unexport the specific log replay operations. 31127808Snectar 32178825Sdfr2007-08-10 Love H�rnquist �strand <lha@it.su.se> 33127808Snectar 34178825Sdfr * Makefile.am: build sample_passwd_check.la as part of noinst. 35178825Sdfr 36178825Sdfr * sample_passwd_check.c: Add missing prototype for check_length(). 37178825Sdfr 38178825Sdfr2007-08-07 Love H�rnquist �strand <lha@it.su.se> 39178825Sdfr 40178825Sdfr * log.c: Sprinkle krb5_set_error_string(). 41178825Sdfr 42178825Sdfr * ipropd_slave.c: Provide better error why kadm5_log_replay 43178825Sdfr failed. 44178825Sdfr 45178825Sdfr2007-08-06 Love H�rnquist �strand <lha@it.su.se> 46178825Sdfr 47178825Sdfr * ipropd_master.c: - don't push whole database to the new client 48178825Sdfr every time. - make slaves get the whole new database if they have 49178825Sdfr a newer log the the master (and thus have them go back in time). 50178825Sdfr 51178825Sdfr2007-08-03 Love H�rnquist �strand <lha@it.su.se> 52178825Sdfr 53178825Sdfr * ipropd_slave.c: make more sane. 54178825Sdfr 55178825Sdfr * ipropd_slave.c: more paranoid check that the log entires are 56178825Sdfr self consistant 57178825Sdfr 58178825Sdfr * log.c (kadm5_log_foreach): check that the postamble contains the 59178825Sdfr right data. 60178825Sdfr 61178825Sdfr * ipropd_master.c: Sprinkle more info about what versions the 62178825Sdfr master thinks about the client versions. 63178825Sdfr 64178825Sdfr * ipropd_master.c: Start the server at the current version, not 0. 65178825Sdfr 66178825Sdfr2007-08-02 Love H�rnquist �strand <lha@it.su.se> 67178825Sdfr 68178825Sdfr * ipropd_master.c: Add more logging, to figure out what is 69178825Sdfr happening in the master. 70178825Sdfr 71178825Sdfr2007-08-01 Love H�rnquist �strand <lha@it.su.se> 72178825Sdfr 73178825Sdfr * Makefile.am: add version-script for libkadm5srv.la 74178825Sdfr 75178825Sdfr * version-script.map: version script fro kadm5 server libary. 76178825Sdfr 77178825Sdfr * log.c: only free the orignal entries extentions if there was 78178825Sdfr any. Bug reported by Peter Meinecke. 79178825Sdfr 80178825Sdfr * add configuration for signal file and acl file, let user select 81178825Sdfr hostname, catch signals and print why we are quiting, make nop 82178825Sdfr cause one new version, not two 83178825Sdfr 84178825Sdfr2007-07-30 Love H�rnquist �strand <lha@it.su.se> 85178825Sdfr 86178825Sdfr * ipropd_master.c (send_diffs): make current slave's version 87178825Sdfr uptodate when diff have been sent. 88127808Snectar 89178825Sdfr2007-07-27 Love H�rnquist �strand <lha@it.su.se> 90120945Snectar 91178825Sdfr * ipropd_slave.c: More comments and some more error checking. 92178825Sdfr 93178825Sdfr2007-07-26 Love H�rnquist �strand <lha@it.su.se> 94178825Sdfr 95178825Sdfr * init_c.c (get_cache_principal): make sure id is reset if we 96178825Sdfr fail. From Benjamin Bennet. 97178825Sdfr 98178825Sdfr2007-07-10 Love H�rnquist �strand <lha@it.su.se> 99178825Sdfr 100178825Sdfr * context_s.c (find_db_spec): match realm-less as the default 101178825Sdfr realm. 102178825Sdfr 103178825Sdfr * Makefile.am: New library version. 104178825Sdfr 105178825Sdfr2007-07-05 Love H�rnquist �strand <lha@it.su.se> 106178825Sdfr 107178825Sdfr * context_s.c: Use hdb_get_dbinfo to pick up configuration. 108178825Sdfr ctx->config.realm can be NULL, check for that, from Bjorn S. 109178825Sdfr 110178825Sdfr2007-07-04 Love H�rnquist �strand <lha@it.su.se> 111178825Sdfr 112178825Sdfr * init_c.c: Try harder to use the right principal. 113178825Sdfr 114178825Sdfr2007-06-20 Love H�rnquist �strand <lha@it.su.se> 115178825Sdfr 116178825Sdfr * ipropd_slave.c: Catch return value from krb5_program_setup. From 117178825Sdfr Steven Luo. 118178825Sdfr 119178825Sdfr2007-05-08 Love H�rnquist �strand <lha@it.su.se> 120178825Sdfr 121178825Sdfr * delete_s.c: Write log entry after store is successful, rename 122178825Sdfr out goto statments. 123178825Sdfr 124178825Sdfr * randkey_s.c: Write log entry after store is successful. 125178825Sdfr 126178825Sdfr * modify_s.c: Write log entry after store is successful. 127178825Sdfr 128178825Sdfr * rename_s.c: indent. 129178825Sdfr 130178825Sdfr * chpass_s.c: Write log entry after store is successful. 131178825Sdfr 132178825Sdfr * create_s.c: Write log entry after store is successful. 133178825Sdfr 134178825Sdfr2007-05-07 Love H�rnquist �strand <lha@it.su.se> 135178825Sdfr 136178825Sdfr * iprop-commands.in: Add default values to make this working 137178825Sdfr again. 138178825Sdfr 139178825Sdfr * iprop-log.c (iprop_replay): create the database with more 140178825Sdfr liberal mode. 141178825Sdfr 142178825Sdfr * log.c: make it slightly more working. 143178825Sdfr 144178825Sdfr * iprop-log.8: Document last-version. 145178825Sdfr 146178825Sdfr * iprop-log.c: (last_version): print last version of the log. 147178825Sdfr 148178825Sdfr * iprop-commands.in: new command last-version: print last version 149178825Sdfr of the log. 150178825Sdfr 151178825Sdfr * log.c (kadm5_log_previous): document assumptions and make less 152178825Sdfr broken. Bug report from Ronny Blomme. 153178825Sdfr 154178825Sdfr2007-02-17 Love H�rnquist �strand <lha@it.su.se> 155178825Sdfr 156178825Sdfr * admin.h: add support to get aliases 157178825Sdfr 158178825Sdfr * get_s.c: add support to get aliases 159178825Sdfr 160178825Sdfr2007-02-11 David Love <fx@gnu.org> 161178825Sdfr 162178825Sdfr * iprop-log.8: Small fixes, from David Love. 163178825Sdfr 164178825Sdfr2006-12-15 Love H�rnquist �strand <lha@it.su.se> 165178825Sdfr 166178825Sdfr * init_c.c: if the user have a kadmin/admin initial ticket, don't 167178825Sdfr ask for password, just use the credential instead. 168178825Sdfr 169178825Sdfr2006-12-06 Love H�rnquist �strand <lha@it.su.se> 170178825Sdfr 171178825Sdfr * ipropd_master.c: Use strcspn to remove \n from string returned 172178825Sdfr by fgets. From Bj�rn Sandell 173178825Sdfr 174178825Sdfr2006-11-30 Love H�rnquist �strand <lha@it.su.se> 175178825Sdfr 176178825Sdfr * init_c.c (kadm_connect): clear error string before trying to 177178825Sdfr print a errno, this way we don't pick up a random failure code 178178825Sdfr 179178825Sdfr2006-11-20 Love H�rnquist �strand <lha@it.su.se> 180178825Sdfr 181178825Sdfr * ipropd_slave.c: Make krb5_get_init_creds_opt_free take a context 182178825Sdfr argument. 183178825Sdfr 184178825Sdfr * init_c.c: Make krb5_get_init_creds_opt_free take a context 185178825Sdfr argument. 186178825Sdfr 187178825Sdfr2006-10-22 Love H�rnquist �strand <lha@it.su.se> 188178825Sdfr 189178825Sdfr * ent_setup.c: Try to not leak memory. 190178825Sdfr 191178825Sdfr2006-10-07 Love H�rnquist �strand <lha@it.su.se> 192178825Sdfr 193178825Sdfr * Makefile.am: split build files into dist_ and noinst_ SOURCES 194178825Sdfr 195178825Sdfr2006-08-24 Love H�rnquist �strand <lha@it.su.se> 196178825Sdfr 197178825Sdfr * get_s.c: Add KRB5_KDB_ALLOW_DIGEST 198178825Sdfr 199178825Sdfr * ent_setup.c: Add KRB5_KDB_ALLOW_DIGEST 200178825Sdfr 201178825Sdfr * admin.h: Add KRB5_KDB_ALLOW_DIGEST 202178825Sdfr 203178825Sdfr2006-06-16 Love H�rnquist �strand <lha@it.su.se> 204178825Sdfr 205178825Sdfr * check-cracklib.pl: Add password reuse checking. From Harald 206178825Sdfr Barth. 207178825Sdfr 208178825Sdfr2006-06-14 Love H�rnquist �strand <lha@it.su.se> 209178825Sdfr 210178825Sdfr * ent_setup.c (attr_to_flags): Add KRB5_KDB_ALLOW_KERBEROS4 211178825Sdfr 212178825Sdfr * get_s.c (kadm5_s_get_principal): Add KRB5_KDB_ALLOW_KERBEROS4 213178825Sdfr 214178825Sdfr * admin.h: Add KRB5_KDB_ALLOW_KERBEROS4 215178825Sdfr 216178825Sdfr2006-06-06 Love H�rnquist �strand <lha@it.su.se> 217178825Sdfr 218178825Sdfr * ent_setup.c (attr_to_flags): Add KRB5_KDB_TRUSTED_FOR_DELEGATION 219178825Sdfr 220178825Sdfr2006-05-30 Love H�rnquist �strand <lha@it.su.se> 221178825Sdfr 222178825Sdfr * password_quality.c (kadm5_check_password_quality): set error 223178825Sdfr message in context. 224178825Sdfr 225178825Sdfr2006-05-13 Love H�rnquist �strand <lha@it.su.se> 226178825Sdfr 227178825Sdfr * iprop-log.c: Avoid shadowing. 228178825Sdfr 229178825Sdfr * rename_s.c: Avoid shadowing. 230178825Sdfr 231178825Sdfr2006-05-08 Love H�rnquist �strand <lha@it.su.se> 232178825Sdfr 233178825Sdfr * privs_c.c (kadm5_c_get_privs): privs is a uint32_t, let copy it 234178825Sdfr that way. 235178825Sdfr 236178825Sdfr2006-05-05 Love H�rnquist �strand <lha@it.su.se> 237178825Sdfr 238178825Sdfr * Rename u_intXX_t to uintXX_t 239178825Sdfr 240178825Sdfr2006-04-27 Love H�rnquist �strand <lha@it.su.se> 241178825Sdfr 242178825Sdfr * chpass_s.c,delete_s.c,get_s.c,log.c,modify_s.c,randkey_s.c,rename_s.c: 243178825Sdfr Pass in HDB_F_GET_ANY to all ->hdb fetch to hint what entries we are looking for 244178825Sdfr 245178825Sdfr * send_recv.c: set and clear error string 246178825Sdfr 247178825Sdfr * rename_s.c: Break out the that we request from principal from 248178825Sdfr the entry and pass it in as a separate argument. 249178825Sdfr 250178825Sdfr * randkey_s.c: Break out the that we request from principal from 251178825Sdfr the entry and pass it in as a separate argument. 252178825Sdfr 253178825Sdfr * modify_s.c: Break out the that we request from principal from 254178825Sdfr the entry and pass it in as a separate argument. 255178825Sdfr 256178825Sdfr * log.c: Break out the that we request from principal from the 257178825Sdfr entry and pass it in as a separate argument. 258178825Sdfr 259178825Sdfr * get_s.c: Break out the that we request from principal from the 260178825Sdfr entry and pass it in as a separate argument. 261178825Sdfr 262178825Sdfr * delete_s.c: Break out the that we request from principal from 263178825Sdfr the entry and pass it in as a separate argument. 264178825Sdfr 265178825Sdfr * chpass_s.c: Break out the that we request from principal from 266178825Sdfr the entry and pass it in as a separate argument. 267178825Sdfr 268178825Sdfr2006-04-25 Love H�rnquist �strand <lha@it.su.se> 269178825Sdfr 270178825Sdfr * create_s.c (create_principal*): If client doesn't send kvno, 271178825Sdfr make sure to set it to 1. 272178825Sdfr 273178825Sdfr2006-04-10 Love H�rnquist �strand <lha@it.su.se> 274178825Sdfr 275178825Sdfr * log.c: (kadm5_log_rename): handle errors better 276178825Sdfr Fixes Coverity, NetBSD CID#628 277178825Sdfr 278178825Sdfr * log.c (kadm5_log_delete): add error handling Coverity, NetBSD 279178825Sdfr CID#626 280178825Sdfr (kadm5_log_modify): add error handling Coverity, NetBSD CID#627 281178825Sdfr 282178825Sdfr * init_c.c (_kadm5_c_get_cred_cache): handle ccache case better in 283178825Sdfr case no client name was passed in. Coverity, NetBSD CID#919 284178825Sdfr 285178825Sdfr * init_c.c (_kadm5_c_get_cred_cache): Free client principal in 286178825Sdfr case of error. Coverity NetBSD CID#1908 287178825Sdfr 288178825Sdfr2006-02-02 Love H�rnquist �strand <lha@it.su.se> 289178825Sdfr 290178825Sdfr * kadm5_err.et: (PASS_REUSE): Spelling, 291178825Sdfr from V�clav H?la <ax@natur.cuni.cz> 292178825Sdfr 293178825Sdfr2006-01-25 Love H�rnquist �strand <lha@it.su.se> 294178825Sdfr 295178825Sdfr * send_recv.c: Clear error-string when introducing new errors. 296178825Sdfr 297178825Sdfr * *_c.c: Clear error-string when introducing new errors. 298178825Sdfr 299178825Sdfr2006-01-15 Love H�rnquist �strand <lha@it.su.se> 300178825Sdfr 301178825Sdfr * Makefile.am (libkadm5clnt.la) doesn't depend on libhdb, remove 302178825Sdfr dependency 303178825Sdfr 304178825Sdfr2005-12-13 Love H�rnquist �strand <lha@it.su.se> 305178825Sdfr 306178825Sdfr * memset hdb_entry_ex before use 307178825Sdfr 308178825Sdfr2005-12-12 Love H�rnquist �strand <lha@it.su.se> 309178825Sdfr 310178825Sdfr * Wrap hdb_entry with hdb_entry_ex, patch originally 311178825Sdfr from Andrew Bartlet 312178825Sdfr 313178825Sdfr2005-11-30 Love H�rnquist �strand <lha@it.su.se> 314178825Sdfr 315178825Sdfr * context_s.c (set_field): try another way to calculate the path 316178825Sdfr to the database/logfile/signal-socket 317178825Sdfr 318178825Sdfr * log.c (kadm5_log_init): set error string on failures 319178825Sdfr 320178825Sdfr2005-09-08 Love H�rnquist �strand <lha@it.su.se> 321178825Sdfr 322178825Sdfr * Constify password. 323178825Sdfr 324178825Sdfr * admin.h: Add KRB5_TL_PKINIT_ACL. 325178825Sdfr 326178825Sdfr * marshall.c (_kadm5_unmarshal_params): avoid signed-ness warnings 327178825Sdfr 328178825Sdfr * get_s.c (kadm5_s_get_principal): clear error string 329178825Sdfr 330178825Sdfr2005-08-25 Love H�rnquist �strand <lha@it.su.se> 331178825Sdfr 332178825Sdfr * iprop-log.8: More text about iprop-log. 333178825Sdfr 334178825Sdfr2005-08-24 Love H�rnquist �strand <lha@it.su.se> 335178825Sdfr 336178825Sdfr * iprop.8: SEE ALSO iprop-log. 337178825Sdfr 338178825Sdfr * Makefile.am: man_MANS += iprop-log.8 339178825Sdfr 340178825Sdfr * iprop-log.8: Basic for documentation of iprop-log. 341178825Sdfr 342178825Sdfr * remove replay_log.c, dump_log.c, and truncate_log.c, folded into 343178825Sdfr iprop-log. 344178825Sdfr 345178825Sdfr * log.c (kadm5_log_foreach): add a context variable and pass it 346178825Sdfr down to `func�. 347178825Sdfr 348178825Sdfr * iprop-commands.in: Move truncate_log and replay_log into 349178825Sdfr iprop-log. 350178825Sdfr 351178825Sdfr * iprop-log.c: Move truncate_log and replay_log into iprop-log. 352178825Sdfr 353178825Sdfr * Makefile.am: Move truncate_log and replay_log into iprop-log. 354178825Sdfr 355178825Sdfr * Makefile.am: Make this work with a clean directory. 356178825Sdfr 357178825Sdfr * ipropd_master.c: Make compile. 358178825Sdfr 359178825Sdfr * ipropd_master.c: Update to new signature of kadm5_log_previous. 360178825Sdfr 361178825Sdfr * log.c (kadm5_log_previous): catch errors instead of asserting 362178825Sdfr and set error string. 363178825Sdfr 364178825Sdfr * iprop-commands.in: New program iprop-log that incorperates 365178825Sdfr dump_log as a subcommand, truncate_log and replay_log soon to come 366178825Sdfr after. 367178825Sdfr 368178825Sdfr * iprop-log.c: New program iprop-log that incorperates dump_log as 369178825Sdfr a subcommand, truncate_log and replay_log soon to come after. 370178825Sdfr 371178825Sdfr * Makefile.am: New program iprop-log that incorperates dump_log as 372178825Sdfr a subcommand, truncate_log and replay_log soon to come after. 373178825Sdfr 374178825Sdfr2005-08-11 Love H�rnquist �strand <lha@it.su.se> 375178825Sdfr 376178825Sdfr * get_s.c: Implement KADM5_LAST_PWD_CHANGE. 377178825Sdfr 378178825Sdfr * set_keys.c: Set and clear password where appropriate. 379178825Sdfr 380178825Sdfr * randkey_s.c: Operation modifies tl_data. 381178825Sdfr 382178825Sdfr * log.c (kadm5_log_replay_modify): Check return values of 383178825Sdfr malloc(), replace all extensions. 384178825Sdfr 385178825Sdfr * kadm5_err.et: Make BAD_TL_TYPE error more helpful. 386178825Sdfr 387178825Sdfr * get_s.c: Expose KADM5_TL_DATA options to the client. 388178825Sdfr 389178825Sdfr * ent_setup.c: Merge in KADM5_TL_DATA in the database. 390178825Sdfr 391178825Sdfr * chpass_s.c: Operations modify extensions, mark that with 392178825Sdfr TL_DATA. 393178825Sdfr 394178825Sdfr * admin.h: Add more TL types (password and extension). 395178825Sdfr 396178825Sdfr2005-06-17 Love H�rnquist �strand <lha@it.su.se> 397178825Sdfr 398178825Sdfr * constify 399178825Sdfr 400178825Sdfr * ipropd_slave.c: avoid shadowing 401178825Sdfr 402178825Sdfr * ipropd_master.c: rename local variable slave to s, optind -> 403178825Sdfr optidx 404178825Sdfr 405178825Sdfr * get_princs_c.c: rename variable exp to expression 406178825Sdfr 407178825Sdfr * ad.c: rename variable exp to expression 408178825Sdfr 409178825Sdfr * log.c: rename shadowing len to num 410178825Sdfr 411178825Sdfr * get_princs_s.c: rename variable exp to expression 412178825Sdfr 413178825Sdfr * context_s.c: const poison 414178825Sdfr 415178825Sdfr * common_glue.c: rename variable exp to expression 416178825Sdfr 417178825Sdfr2005-05-30 Love H�rnquist �strand <lha@it.su.se> 418178825Sdfr 419178825Sdfr * ent_setup.c (attr_to_flags): check for KRB5_KDB_OK_AS_DELEGATE 420178825Sdfr 421178825Sdfr * get_s.c (kadm5_s_get_principal): set KRB5_KDB_OK_AS_DELEGATE 422178825Sdfr 423178825Sdfr * admin.h: add KRB5_KDB_OK_AS_DELEGATE, sync KRB5_TL_ flags 424178825Sdfr 425178825Sdfr2005-05-25 Love H�rnquist �strand <lha@it.su.se> 426178825Sdfr 427178825Sdfr * kadm5_pwcheck.3: please mdoclint 428178825Sdfr 429178825Sdfr2005-05-25 Dave Love <fx@gnu.org> 430178825Sdfr 431178825Sdfr * kadm5_pwcheck.3: document kadm5_add_passwd_quality_verifier, 432178825Sdfr improve text 433178825Sdfr 434178825Sdfr2005-05-24 Dave Love <fx@gnu.org> 435178825Sdfr 436178825Sdfr * iprop.8: Added some info about defaults, fixed some markup. 437178825Sdfr 438178825Sdfr2005-05-23 Dave Love <fx@gnu.org> 439178825Sdfr 440178825Sdfr * ipropd_slave.c: Don't test HAVE_DAEMON since roken supplies it. 441178825Sdfr 442178825Sdfr * ipropd_master.c: Don't test HAVE_DAEMON since roken supplies it. 443178825Sdfr 444178825Sdfr2005-05-13 Love H�rnquist �strand <lha@it.su.se> 445178825Sdfr 446178825Sdfr * init_c.c (_kadm5_c_init_context): fix memory leak in case of 447178825Sdfr failure 448178825Sdfr 449178825Sdfr2005-05-09 Dave Love <fx@gnu.org> 450178825Sdfr 451178825Sdfr * password_quality.c (find_func): Fix off-by-one and logic error. 452178825Sdfr (external_passwd_quality): Improve messages. 453178825Sdfr 454178825Sdfr * test_pw_quality.c (main): Call kadm5_setup_passwd_quality_check 455178825Sdfr and kadm5_add_passwd_quality_verifier. 456178825Sdfr 457178825Sdfr2005-04-30 Love H�rnquist �strand <lha@it.su.se> 458178825Sdfr 459178825Sdfr * default_keys.c: #include <err.h>, only print salt it its longer 460178825Sdfr then 0, use krb5_err instead of errx where appropriate 461178825Sdfr 462178825Sdfr2005-04-25 Love H�rnquist �strand <lha@it.su.se> 463178825Sdfr 464178825Sdfr * ipropd_slave.c: add the documented option --port 465178825Sdfr 466178825Sdfr * ipropd_master.c: add the documented option --port 467178825Sdfr 468178825Sdfr * dump_log.c: use the newly generated units function 469178825Sdfr 470178825Sdfr2005-04-24 Love H�rnquist �strand <lha@it.su.se> 471178825Sdfr 472178825Sdfr * dump_log.c: use strlcpy 473178825Sdfr 474178825Sdfr * password_quality.c: don't use sizeof(pointer) 475178825Sdfr 476178825Sdfr2005-04-15 Love H�rnquist �strand <lha@it.su.se> 477178825Sdfr 478178825Sdfr * check-cracklib.pl: external password verifier sample 479178825Sdfr 480178825Sdfr * password_quality.c (kadm5_add_passwd_quality_verifier): if NULL 481178825Sdfr is passed in, load defaults 482178825Sdfr 483178825Sdfr2005-04-14 Love H�rnquist �strand <lha@it.su.se> 484178825Sdfr 485178825Sdfr * password_quality.c: add an end tag to the external password 486178825Sdfr quality check protocol 487178825Sdfr 488178825Sdfr2005-04-13 Love H�rnquist �strand <lha@it.su.se> 489178825Sdfr 490178825Sdfr * password_quality.c: add external passsword quality check builtin 491178825Sdfr module 492178825Sdfr 493178825Sdfr [password_quality] 494178825Sdfr policies = external-check 495178825Sdfr external-program = /bin/false 496178825Sdfr 497178825Sdfr To approve password a, make the test program return APPROVED on 498178825Sdfr stderr and fail with exit code 0. 499178825Sdfr 500178825Sdfr2004-10-12 Love H�rnquist �strand <lha@it.su.se> 501178825Sdfr 502178825Sdfr * Makefile.am: bump version to 7:7:0 and 6:5:2 503178825Sdfr 504178825Sdfr * default_keys.c (parse_file): use hdb_generate_key_set 505178825Sdfr 506178825Sdfr * keys.c,set_keys.c: Move keyset parsing and password based keyset 507178825Sdfr generation into hdb. Requested by Andrew Bartlett <abartlet@samba.org> 508178825Sdfr for hdb-ldb backend. 509178825Sdfr 510178825Sdfr2004-09-23 Johan Danielsson <joda@pdc.kth.se> 511178825Sdfr 512178825Sdfr * ipropd_master.c: add help strings to some options 513178825Sdfr 514178825Sdfr2004-09-12 Love H�rnquist �strand <lha@it.su.se> 515178825Sdfr 516178825Sdfr * chpass_s.c: deal with changed prototype for _kadm5_free_keys 517178825Sdfr 518178825Sdfr * keys.c (_kadm5_free_keys): change prototype, make it use 519178825Sdfr krb5_context instead of a kadm5_server_context 520178825Sdfr 521178825Sdfr * set_keys.c (parse_key_set): do way with static returning 522178825Sdfr (function) static variable and returned allocated memory 523178825Sdfr (_kadm5_generate_key_set): free enctypes returned by parse_key_set 524178825Sdfr 525178825Sdfr2004-09-06 Love H�rnquist �strand <lha@it.su.se> 526178825Sdfr 527178825Sdfr * set_keys.c: Fix memory leak, don't return stack variables From 528178825Sdfr Andrew Bartlett 529178825Sdfr 530178825Sdfr * set_keys.c: make all_etypes const and move outside function to 531178825Sdfr avoid returning data on stack 532178825Sdfr 533178825Sdfr2004-08-26 Love H�rnquist �strand <lha@it.su.se> 534178825Sdfr 535178825Sdfr * acl.c (fetch_acl): use " \t\n" instead of just "\n" for the 536178825Sdfr delim of the third element, this is so we can match 537178825Sdfr "foo@REALM<SPC>all<SPC><SPC>*@REALM", before it just matched 538178825Sdfr "foo@REALM<SPC>all<SPC>*@REALM", but that is kind of lucky since 539178825Sdfr what really happen was that the last <SPC> was stamped out, and 540178825Sdfr the it never strtok_r never needed to parse over it. 541178825Sdfr 542178825Sdfr2004-08-25 Love H�rnquist �strand <lha@it.su.se> 543178825Sdfr 544178825Sdfr * set_keys.c (_kadm5_generate_key_set): since arcfour-hmac-md5 is 545178825Sdfr without salting, some people tries to add the string 546178825Sdfr "arcfour-hmac-md5" when they really should have used 547178825Sdfr "arcfour-hmac-md5:pw-salt", help them and add glue for that 548178825Sdfr 549178825Sdfr2004-08-18 Johan Danielsson <joda@pdc.kth.se> 550178825Sdfr 551178825Sdfr * ipropd_slave.c: add --detach 552178825Sdfr 553178825Sdfr2004-07-06 Love H�rnquist �strand <lha@it.su.se> 554178825Sdfr 555178825Sdfr * ad.c: use new tsasl interface remove debug printf add upn to 556178825Sdfr computer-accounts 557178825Sdfr 558178825Sdfr2004-06-28 Love H�rnquist �strand <lha@it.su.se> 559178825Sdfr 560178825Sdfr * ad.c: implement kadm5_ad_init_with_password_ctx set more error 561178825Sdfr strings 562178825Sdfr 563178825Sdfr2004-06-21 Love H�rnquist �strand <lha@it.su.se> 564178825Sdfr 565178825Sdfr * Makefile.am: man_MANS = kadm5_pwcheck.3 566178825Sdfr 567178825Sdfr * kadm5_pwcheck.3: document new password quality api 568178825Sdfr 569178825Sdfr * password_quality.c: new password check interface (old still 570178825Sdfr supported) 571178825Sdfr 572178825Sdfr * kadm5-pwcheck.h: new password check interface 573178825Sdfr 574178825Sdfr2004-06-08 Love H�rnquist �strand <lha@it.su.se> 575178825Sdfr 576178825Sdfr * ipropd_master.c (main): process all slaves, not just up to the 577178825Sdfr last slave sending data 578178825Sdfr (bug report from Bj�rn Sandell <biorn@dce.chalmers.se>) 579178825Sdfr (*): only send one ARE_YOU_THERE 580178825Sdfr 581178825Sdfr2004-06-02 Love H�rnquist �strand <lha@it.su.se> 582178825Sdfr 583178825Sdfr * ad.c: use krb5_set_password_using_ccache 584178825Sdfr 585178825Sdfr2004-06-01 Love H�rnquist �strand <lha@it.su.se> 586178825Sdfr 587178825Sdfr * ad.c: try handle spn's better 588178825Sdfr 589178825Sdfr2004-05-31 Love H�rnquist �strand <lha@it.su.se> 590178825Sdfr 591178825Sdfr * ad.c: add expiration time 592178825Sdfr 593178825Sdfr * ad.c: add modify operations 594178825Sdfr 595178825Sdfr * ad.c: handle create and delete 596178825Sdfr 597178825Sdfr2004-05-27 Love H�rnquist �strand <lha@it.su.se> 598178825Sdfr 599178825Sdfr * ad.c: more code for get, handle attributes 600178825Sdfr 601178825Sdfr * ad.c: more code for get, handle time stamps and bad password 602178825Sdfr counter 603178825Sdfr 604178825Sdfr * ad.c: more code for get, only fetches kvno for now 605178825Sdfr 606178825Sdfr2004-05-26 Love H�rnquist �strand <lha@it.su.se> 607178825Sdfr 608178825Sdfr * ad.c: add support for tsasl 609178825Sdfr 610178825Sdfr * private.h: add kadm5_ad_context 611178825Sdfr 612178825Sdfr * ipropd_master.c (prop_one): store the opcode in the begining of 613178825Sdfr the blob, not the end 614178825Sdfr 615178825Sdfr * ad.c: try all ldap servers in dns, generate a random password, 616178825Sdfr base64(random_block(64)), XXX must make it support other then 617178825Sdfr ARCFOUR 618178825Sdfr 619178825Sdfr * ad.c: framework for windows AD backend 620178825Sdfr 621178825Sdfr2004-03-07 Love H�rnquist �strand <lha@it.su.se> 622178825Sdfr 623178825Sdfr * create_s.c (kadm5_s_create_principal): remove old XXX command 624178825Sdfr and related code, _kadm5_set_keys will do all this now 625178825Sdfr 626178825Sdfr2004-02-29 Love H�rnquist �strand <lha@it.su.se> 627178825Sdfr 628178825Sdfr * set_keys.c (_kadm5_set_keys_randomly): make sure enctype to copy 629178825Sdfr enctype for des keys From: Andrew Bartlett <abartlet@samba.org> 630178825Sdfr 631178825Sdfr * create_s.c (kadm5_s_create_principal_with_key): don't call 632178825Sdfr _kadm5_set_keys2, create_principal will do that for us. Set kvno 633178825Sdfr to 1. 634178825Sdfr 635178825Sdfr * chpass_s.c (change): bump kvno 636178825Sdfr (kadm5_s_chpass_principal_with_key): bump kvno 637178825Sdfr 638178825Sdfr * randkey_s.c (kadm5_s_randkey_principal): bump kvno 639178825Sdfr 640178825Sdfr * set_keys.c (_kadm5_set_*): don't change the kvno, let the callee 641178825Sdfr to that 642178825Sdfr 643178825Sdfr2003-12-30 Love H�rnquist �strand <lha@it.su.se> 644178825Sdfr 645178825Sdfr * chpass_s.c (change): fix same-password-again by decrypting keys 646178825Sdfr and setting an error code From: Buck Huppmann <buckh@pobox.com> 647178825Sdfr 648178825Sdfr2003-12-21 Love H�rnquist �strand <lha@it.su.se> 649178825Sdfr 650178825Sdfr * init_c.c (_kadm5_c_init_context): catch errors from strdup and 651178825Sdfr other krb5_ functions 652178825Sdfr 653178825Sdfr2003-12-08 Love H�rnquist �strand <lha@it.su.se> 654178825Sdfr 655178825Sdfr * rename_s.c (kadm5_s_rename_principal): allow principal to change 656178825Sdfr realm From Panasas Inc 657178825Sdfr 658178825Sdfr2003-12-07 Love H�rnquist �strand <lha@it.su.se> 659178825Sdfr 660178825Sdfr * destroy_c.c (kadm5_c_destroy): fix memory leaks, From Panasas, 661178825Sdfr Inc 662178825Sdfr 663178825Sdfr2003-11-23 Love H�rnquist �strand <lha@it.su.se> 664178825Sdfr 665178825Sdfr * iprop.h: don't include <krb5-private.h> 666178825Sdfr 667178825Sdfr * ipropd_slave.c: stop using krb5 lib private byte-frobbing 668178825Sdfr functions and replace them with with krb5_storage 669178825Sdfr 670178825Sdfr * ipropd_master.c: stop using krb5 lib private byte-frobbing 671178825Sdfr functions and replace them with with krb5_storage 672178825Sdfr 673178825Sdfr2003-11-19 Love H�rnquist �strand <lha@it.su.se> 674178825Sdfr 675178825Sdfr * ipropd_slave.c (receive_loop): when seeking over the entries we 676178825Sdfr already have, skip over the trailer. From: Jeffrey Hutzelman 677178825Sdfr <jhutz@cmu.edu> 678178825Sdfr 679178825Sdfr * dump_log.c,ipropd_master.c,ipropd_slave.c, 680178825Sdfr replay_log.c,truncate_log.c: parse kdc.conf 681178825Sdfr From: Jeffrey Hutzelman <jhutz@cmu.edu> 682178825Sdfr 683178825Sdfr2003-10-10 Love H�rnquist �strand <lha@it.su.se> 684178825Sdfr 685178825Sdfr * Makefile.am: += test_pw_quality 686178825Sdfr 687178825Sdfr * test_pw_quality.c: test program for verifying password quality 688178825Sdfr function 689178825Sdfr 690178825Sdfr2003-09-03 Love H�rnquist �strand <lha@it.su.se> 691178825Sdfr 692178825Sdfr * Makefile.am: add and enable check program default_keys 693178825Sdfr 694178825Sdfr * default_keys.c: test program for _kadm5_generate_key_set 695178825Sdfr 696178825Sdfr * init_c.c: use 697178825Sdfr krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free 698178825Sdfr 699178825Sdfr2003-08-17 Love H�rnquist �strand <lha@it.su.se> 700178825Sdfr 701178825Sdfr * set_keys.c (_kadm5_set_keys_randomly): remove dup return 702178825Sdfr 703178825Sdfr * ipropd_master.c (main): make sure current_version is initialized 704178825Sdfr 705178825Sdfr2003-08-15 Love H�rnquist �strand <lha@it.su.se> 706178825Sdfr 707178825Sdfr * set_keys.c: use default_keys for the both random keys and 708178825Sdfr password derived keys if its defined 709178825Sdfr 710178825Sdfr2003-07-24 Love H�rnquist �strand <lha@it.su.se> 711178825Sdfr 712178825Sdfr * ipropd_slave.c (receive_everything): switch close and rename 713178825Sdfr From: Alf Wachsmann <alfw@SLAC.Stanford.EDU> 714178825Sdfr 715178825Sdfr2003-07-03 Love H�rnquist �strand <lha@it.su.se> 716178825Sdfr 717178825Sdfr * iprop.h, ipropd_master.c, ipropd_slave.c: 718178825Sdfr Add probing from the server that the client is still there, also 719178825Sdfr make the client check that the server is probing. 720178825Sdfr 721178825Sdfr2003-07-02 Love H�rnquist �strand <lha@it.su.se> 722178825Sdfr 723178825Sdfr * truncate_log.c (main): add missing ``if (ret)'' 724178825Sdfr 725178825Sdfr2003-06-26 Love H�rnquist �strand <lha@it.su.se> 726178825Sdfr 727178825Sdfr * set_keys.c (make_keys): add AES support 728178825Sdfr 729178825Sdfr * set_keys.c: fix off by one in the aes case, pointed out by Ken 730178825Sdfr Raeburn 731178825Sdfr 732178825Sdfr2003-04-30 Love H�rnquist �strand <lha@it.su.se> 733178825Sdfr 734178825Sdfr * set_keys.c (_kadm5_set_keys_randomly): add 735178825Sdfr ETYPE_AES256_CTS_HMAC_SHA1_96 key when configuried with aes 736178825Sdfr support 737178825Sdfr 738178825Sdfr2003-04-16 Love H�rnquist �strand <lha@it.su.se> 739178825Sdfr 740120945Snectar * send_recv.c: check return values from krb5_data_alloc 741120945Snectar * log.c: check return values from krb5_data_alloc 742120945Snectar 743178825Sdfr2003-04-16 Love H�rnquist �strand <lha@it.su.se> 744120945Snectar 745120945Snectar * dump_log.c (print_entry): check return values from 746120945Snectar krb5_data_alloc 747120945Snectar 748178825Sdfr2003-04-01 Love H�rnquist �strand <lha@it.su.se> 749120945Snectar 750120945Snectar * init_c.c (kadm_connect): if a context realm was passed in, use 751120945Snectar that to form the kadmin/admin principal 752120945Snectar 753178825Sdfr2003-03-19 Love H�rnquist �strand <lha@it.su.se> 754120945Snectar 755120945Snectar * ipropd_master.c (main): make sure we don't consider dead slave 756120945Snectar for select processing 757120945Snectar (write_stats): use slave_stats_file variable, 758120945Snectar check return value of strftime 759120945Snectar (args): allow specifying slave stats file 760120945Snectar (slave_dead): close the fd when the slave dies 761120945Snectar 762107207Snectar2002-10-21 Johan Danielsson <joda@pdc.kth.se> 763107207Snectar 764120945Snectar * ipropd_slave.c (from Derrick Brashear): Propagating a large 765120945Snectar database without this means the slave kdcs can get erroneous 766120945Snectar HDB_NOENTRY and return the resulting errors. This creates a new db 767120945Snectar handle, populates it, and moves it into place. 768107207Snectar 769102644Snectar2002-08-26 Assar Westerlund <assar@kth.se> 770102644Snectar 771102644Snectar * ipropd_slave.c (receive_everything): type-correctness calling 772102644Snectar _krb5_get_int 773102644Snectar 774102644Snectar * context_s.c (find_db_spec): const-correctness in parameters to 775102644Snectar krb5_config_get_next 776102644Snectar 777102644Snectar2002-08-16 Johan Danielsson <joda@pdc.kth.se> 778102644Snectar 779102644Snectar * private.h: rename header file flag macro 780102644Snectar 781102644Snectar * Makefile.am: generate kadm5-{protos,private}.h 782102644Snectar 783102644Snectar2002-08-15 Johan Danielsson <joda@pdc.kth.se> 784102644Snectar 785102644Snectar * ipropd_master.c: check return value of krb5_sockaddr2address 786102644Snectar 787102644Snectar2002-07-04 Johan Danielsson <joda@pdc.kth.se> 788102644Snectar 789102644Snectar * ipropd_master.c: handle slaves that come and go; add status 790102644Snectar reporting (both from Love) 791102644Snectar 792102644Snectar * iprop.h: KADM5_SLAVE_STATS 793102644Snectar 794102644Snectar2002-03-25 Jacques Vidrine <n@nectar.com> 795102644Snectar 796102644Snectar * init_c.c (get_cred_cache): bug fix: the default credentials 797102644Snectar cache was not being used if a client name was specified. 798102644Snectar 799102644Snectar2002-03-25 Johan Danielsson <joda@pdc.kth.se> 800102644Snectar 801102644Snectar * init_c.c (get_cred_cache): when getting the default_client from 802102644Snectar the cred cache, make sure the instance part is "admin"; this 803102644Snectar should require fewer uses of -p 804102644Snectar 805102644Snectar2002-03-11 Assar Westerlund <assar@sics.se> 806102644Snectar 807102644Snectar * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:5:0 808102644Snectar (libkadm5clnt_la_LDFLAGS): set version to 6:3:2 809102644Snectar 81090926Snectar2002-02-08 Johan Danielsson <joda@pdc.kth.se> 81190926Snectar 81290926Snectar * init_c.c: we have to create our own param struct before 81390926Snectar marshaling 81490926Snectar 81590926Snectar2001-09-05 Johan Danielsson <joda@pdc.kth.se> 81690926Snectar 81790926Snectar * Makefile.am: link with LIB_pidfile 81890926Snectar 81990926Snectar * iprop.h: include util.h for pidfile 82090926Snectar 82190926Snectar2001-08-31 Assar Westerlund <assar@sics.se> 82290926Snectar 82390926Snectar * ipropd_slave.c (main): syslog with the correct name 82490926Snectar 82590926Snectar2001-08-30 Jacques Vidrine <n@nectar.com> 82690926Snectar 82790926Snectar * ipropd_slave.c, ipropd_master.c (main): call pidfile 82890926Snectar 82990926Snectar2001-08-28 Assar Westerlund <assar@sics.se> 83090926Snectar 83190926Snectar * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:4:0 83290926Snectar 83390926Snectar2001-08-24 Assar Westerlund <assar@sics.se> 83490926Snectar 83590926Snectar * acl.c (fetch_acl): do not return bogus flags and re-organize 83690926Snectar function 83790926Snectar 83890926Snectar * Makefile.am: rename variable name to avoid error from current 83990926Snectar automake 84090926Snectar 84190926Snectar2001-08-13 Johan Danielsson <joda@pdc.kth.se> 84290926Snectar 84390926Snectar * set_keys.c: add easier afs configuration, defaulting to the 84490926Snectar local realm in lower case; also try to remove duplicate salts 84590926Snectar 84690926Snectar2001-07-12 Assar Westerlund <assar@sics.se> 84790926Snectar 84890926Snectar * Makefile.am: add required library dependencies 84990926Snectar 85090926Snectar2001-07-03 Assar Westerlund <assar@sics.se> 85190926Snectar 85290926Snectar * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 6:2:2 85390926Snectar 85490926Snectar2001-06-29 Johan Danielsson <joda@pdc.kth.se> 85590926Snectar 85690926Snectar * init_c.c: call krb5_get_init_creds_opt_set_default_flags 85790926Snectar 85878527Sassar2001-02-19 Johan Danielsson <joda@pdc.kth.se> 85978527Sassar 86078527Sassar * replay_log.c: add --{start-end}-version flags to replay just 86178527Sassar part of the log 86278527Sassar 86378527Sassar2001-02-15 Assar Westerlund <assar@sics.se> 86478527Sassar 86578527Sassar * ipropd_master.c (main): fix select-loop to decrement ret 86678527Sassar correctly. from "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu> 86778527Sassar 86872445Sassar2001-01-30 Assar Westerlund <assar@sics.se> 86972445Sassar 87072445Sassar * Makefile.am: bump versions 87172445Sassar 87272445Sassar2000-12-31 Assar Westerlund <assar@sics.se> 87372445Sassar 87472445Sassar * init_s.c (*): handle krb5_init_context failure consistently 87572445Sassar * init_c.c (init_context): handle krb5_init_context failure 87672445Sassar consistently 87772445Sassar 87872445Sassar2000-12-11 Assar Westerlund <assar@sics.se> 87972445Sassar 88072445Sassar * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:2:0 88172445Sassar 88272445Sassar2000-11-16 Assar Westerlund <assar@sics.se> 88372445Sassar 88472445Sassar * set_keys.c (make_keys): clean-up salting loop and try not to 88572445Sassar leak memory 88672445Sassar 88772445Sassar * ipropd_master.c (main): check for fd's being too large to select 88872445Sassar on 88972445Sassar 89072445Sassar2000-08-16 Assar Westerlund <assar@sics.se> 89172445Sassar 89272445Sassar * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:1:0 89372445Sassar 89472445Sassar2000-08-10 Assar Westerlund <assar@sics.se> 89572445Sassar 89672445Sassar * acl.c (fetch_acl): fix wrong cases, use krb5_principal_match 89772445Sassar 89872445Sassar2000-08-07 Assar Westerlund <assar@sics.se> 89972445Sassar 90072445Sassar * ipropd_master.c (main): ignore SIGPIPE 90172445Sassar 90272445Sassar2000-08-06 Assar Westerlund <assar@sics.se> 90372445Sassar 90472445Sassar * ipropd_slave.c (receive_everything): make `fd' an int instead of 90572445Sassar a pointer. From Derrick J Brashear <shadow@dementia.org> 90672445Sassar 90772445Sassar2000-08-04 Johan Danielsson <joda@pdc.kth.se> 90872445Sassar 90972445Sassar * admin.h: change void** to void* 91072445Sassar 91172445Sassar2000-07-25 Johan Danielsson <joda@pdc.kth.se> 91272445Sassar 91372445Sassar * Makefile.am: bump versions to 7:0:0 and 6:0:2 91472445Sassar 91572445Sassar2000-07-24 Assar Westerlund <assar@sics.se> 91672445Sassar 91772445Sassar * log.c (kadm5_log_get_version): rename kadm5_log_get_version_fd 91872445Sassar and make a new that takes a context 91972445Sassar (kadm5_log_nop): add logging of missing lengths 92072445Sassar (kadm5_log_truncate): new function 92172445Sassar 92272445Sassar * dump_log.c (print_entry): update and correct 92372445Sassar * randkey_s.c: call _kadm5_bump_pw_expire 92472445Sassar * truncate_log.c: new program for truncating the log 92572445Sassar * Makefile.am (sbin_PROGRAMS): add truncate_log 92672445Sassar (C_SOURCES): add bump_pw_expire.c 92772445Sassar * bump_pw_expire.c: new function for extending password expiration 92872445Sassar 92972445Sassar2000-07-22 Assar Westerlund <assar@sics.se> 93072445Sassar 93172445Sassar * keys.c: new file with _kadm5_free_keys, _kadm5_init_keys 93272445Sassar 93372445Sassar * set_keys.c (free_keys, init_keys): elevate to internal kadm5 93472445Sassar functions 93572445Sassar 93672445Sassar * chpass_s.c (kadm5_s_chpass_principal_cond): new function 93772445Sassar * Makefile.am (C_SOURCES): add keys.c 93872445Sassar * init_c.c: remove unused variable and handle some parameters 93972445Sassar being NULL 94072445Sassar 94172445Sassar2000-07-22 Johan Danielsson <joda@pdc.kth.se> 94272445Sassar 94372445Sassar * ipropd_slave.c: use krb5_read_priv_message 94472445Sassar 94572445Sassar * ipropd_master.c: use krb5_{read,write}_priv_message 94672445Sassar 94772445Sassar * init_c.c: use krb5_write_priv_message 94872445Sassar 94972445Sassar2000-07-11 Johan Danielsson <joda@pdc.kth.se> 95072445Sassar 95172445Sassar * ipropd_slave.c: no need to call gethostname, since 95272445Sassar sname_to_principal will 95372445Sassar 95472445Sassar * send_recv.c: assert that we have a connected socket 95572445Sassar 95672445Sassar * get_princs_c.c: call _kadm5_connect 95772445Sassar 95872445Sassar * rename_c.c: call _kadm5_connect 95972445Sassar 96072445Sassar * randkey_c.c: call _kadm5_connect 96172445Sassar 96272445Sassar * privs_c.c: call _kadm5_connect 96372445Sassar 96472445Sassar * modify_c.c: call _kadm5_connect 96572445Sassar 96672445Sassar * get_c.c: call _kadm5_connect 96772445Sassar 96872445Sassar * delete_c.c: call _kadm5_connect 96972445Sassar 97072445Sassar * create_c.c: call _kadm5_connect 97172445Sassar 97272445Sassar * chpass_c.c: call _kadm5_connect 97372445Sassar 97472445Sassar * private.h: add more fields to client context; remove prototypes 97572445Sassar 97672445Sassar * admin.h: remove prototypes 97772445Sassar 97872445Sassar * kadm5-protos.h: move public prototypes here 97972445Sassar 98072445Sassar * kadm5-private.h: move private prototypes here 98172445Sassar 98272445Sassar * init_c.c: break out connection code to separate function, and 98372445Sassar defer calling it until we actually do something 98472445Sassar 98572445Sassar2000-07-07 Assar Westerlund <assar@sics.se> 98672445Sassar 98772445Sassar * set_keys.c (make_keys): also support `[kadmin]use_v4_salt' for 98872445Sassar backwards compatability 98972445Sassar 99072445Sassar2000-06-26 Johan Danielsson <joda@pdc.kth.se> 99172445Sassar 99272445Sassar * set_keys.c (_kadm5_set_keys): rewrite this to be more easily 99372445Sassar adaptable to different salts 99472445Sassar 99572445Sassar2000-06-19 Johan Danielsson <joda@pdc.kth.se> 99672445Sassar 99772445Sassar * get_s.c: pa_* -> KRB5_PADATA_* 99872445Sassar 99972445Sassar2000-06-16 Assar Westerlund <assar@sics.se> 100072445Sassar 100172445Sassar * ipropd_slave.c: change default keytab to default keytab (as in 100272445Sassar typically FILE:/etc/krb5.keytab) 100372445Sassar 100472445Sassar2000-06-08 Assar Westerlund <assar@sics.se> 100572445Sassar 100672445Sassar * ipropd_slave.c: bug fixes, for actually writing the full dump to 100772445Sassar the database. based on a patch from Love <lha@stacken.kth.se> 100872445Sassar 100972445Sassar2000-06-07 Assar Westerlund <assar@sics.se> 101072445Sassar 101172445Sassar * acl.c: add support for patterns of principals 101272445Sassar * log.c (kadm5_log_replay_create): handle more NULL pointers 101372445Sassar (should they really happen?) 101472445Sassar * log.c (kadm5_log_replay_modify): handle max_life == NULL and 101572445Sassar max_renew == NULL 101672445Sassar 101772445Sassar * ipropd_master.c: use syslog. be less verbose 101872445Sassar * ipropd_slave.c: use syslog 101972445Sassar 102072445Sassar2000-06-05 Assar Westerlund <assar@sics.se> 102172445Sassar 102272445Sassar * private.h (kadm_ops): add kadm_nop more prototypes 102372445Sassar * log.c (kadm5_log_set_version, kadm5_log_reinit, kadm5_log_nop, 102472445Sassar kadm5_log_replay_nop): add 102572445Sassar * ipropd_slave.c: and some more improvements 102672445Sassar * ipropd_master.c: lots of improvements 102772445Sassar * iprop.h (IPROP_PORT, IPROP_SERVICE): add 102872445Sassar (iprop_cmd): add new commands 102972445Sassar 103072445Sassar * dump_log.c: add nop 103172445Sassar 103272445Sassar2000-05-15 Assar Westerlund <assar@sics.se> 103372445Sassar 103472445Sassar * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 5:1:1 103572445Sassar 103672445Sassar2000-05-12 Assar Westerlund <assar@sics.se> 103772445Sassar 103872445Sassar * get_s.c (kadm5_s_get_principal): set life, rlife to INT_MAX as a 103972445Sassar fallback. handle not having any creator. 104072445Sassar * destroy_s.c (kadm5_s_destroy): free all allocated memory 104172445Sassar * context_s.c (set_field): free variable if it's already set 104272445Sassar (find_db_spec): malloc space for all strings 104372445Sassar 104472445Sassar2000-04-05 Assar Westerlund <assar@sics.se> 104572445Sassar 104672445Sassar * Makefile.am (LDADD): add LIB_openldap 104772445Sassar 104872445Sassar2000-04-03 Assar Westerlund <assar@sics.se> 104972445Sassar 105072445Sassar * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 6:0:1 105172445Sassar (libkadm5clnt_la_LDFLAGS): set version to 5:0:1 105272445Sassar 105372445Sassar2000-03-24 Assar Westerlund <assar@sics.se> 105472445Sassar 105572445Sassar * set_keys.c (_kadm5_set_keys2): rewrite 105672445Sassar (_kadm5_set_keys3): add 105772445Sassar 105872445Sassar * private.h (struct kadm_func): add chpass_principal_with_key 105972445Sassar * init_c.c (set_funcs): add chpass_principal_with_key 106072445Sassar 106172445Sassar2000-03-23 Assar Westerlund <assar@sics.se> 106272445Sassar 106372445Sassar * context_s.c (set_funcs): add chpass_principal_with_key 106472445Sassar * common_glue.c (kadm5_chpass_principal_with_key): add 106572445Sassar * chpass_s.c: comment-ize and change calling convention for 106672445Sassar _kadm5_set_keys* 106772445Sassar * chpass_c.c (kadm5_c_chpass_principal_with_key): add 106872445Sassar 106957416Smarkm2000-02-07 Assar Westerlund <assar@sics.se> 107057416Smarkm 107157416Smarkm * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0 107257416Smarkm 107357416Smarkm2000-01-28 Assar Westerlund <assar@sics.se> 107457416Smarkm 107557416Smarkm * init_c.c (get_new_cache): make sure to request non-forwardable, 107657416Smarkm non-proxiable 107757416Smarkm 107855682Smarkm2000-01-06 Assar Westerlund <assar@sics.se> 107955682Smarkm 108055682Smarkm * Makefile.am (libkadm5srv.la): bump version to 5:1:0 108155682Smarkm 108255682Smarkm * context_s.c (_kadm5_s_init_context): handle params == NULL 108355682Smarkm 108455682Smarkm1999-12-26 Assar Westerlund <assar@sics.se> 108555682Smarkm 108655682Smarkm * get_s.c (kadm5_s_get_principal): handle modified_by->principal 108755682Smarkm == NULL 108855682Smarkm 108955682Smarkm1999-12-20 Assar Westerlund <assar@sics.se> 109055682Smarkm 109155682Smarkm * Makefile.am (libkadm5clnt_la_LDFLAGS): bump version to 4:1:0 109255682Smarkm 109355682Smarkm * init_c.c (_kadm5_c_init_context): handle getting back port 109455682Smarkm number from admin host 109555682Smarkm (kadm5_c_init_with_context): remove `proto/' part before doing 109655682Smarkm getaddrinfo() 109755682Smarkm 109855682Smarkm1999-12-06 Assar Westerlund <assar@sics.se> 109955682Smarkm 110055682Smarkm * Makefile.am: bump version to 5:0:0 and 4:0:0 110155682Smarkm 110255682Smarkm * init_c.c (kadm5_c_init_with_context): don't use unitialized 110355682Smarkm stuff 110455682Smarkm 110555682Smarkm1999-12-04 Assar Westerlund <assar@sics.se> 110655682Smarkm 110755682Smarkm * replay_log.c: adapt to changed kadm5_log_foreach 110855682Smarkm 110955682Smarkm * log.c (kadm5_log_foreach): change to take a 111055682Smarkm `kadm5_server_context' 111155682Smarkm 111255682Smarkm * init_c.c: use krb5_warn{,x} 111355682Smarkm 111455682Smarkm * dump_log.c: adapt to changed kadm5_log_foreach 111555682Smarkm 111655682Smarkm * init_c.c: re-write to use getaddrinfo 111755682Smarkm * Makefile.am (install-build-headers): add dependency 111855682Smarkm 111955682Smarkm1999-12-03 Johan Danielsson <joda@pdc.kth.se> 112055682Smarkm 112155682Smarkm * log.c (kadm5_log_foreach): pass context 112255682Smarkm 112355682Smarkm * dump_log.c: print more interesting things 112455682Smarkm 112555682Smarkm1999-12-02 Johan Danielsson <joda@pdc.kth.se> 112655682Smarkm 112755682Smarkm * ipropd_master.c (process_msg): check for short reads 112855682Smarkm 112955682Smarkm1999-11-25 Assar Westerlund <assar@sics.se> 113055682Smarkm 113155682Smarkm * modify_s.c (kadm5_s_modify_principal): support key_data 113255682Smarkm (kadm5_s_modify_principal_with_key): remove 113355682Smarkm 113455682Smarkm * admin.h (kadm5_s_modify_principal_with_key): remove 113555682Smarkm 113655682Smarkm1999-11-20 Assar Westerlund <assar@sics.se> 113755682Smarkm 113855682Smarkm * context_s.c (find_db_spec): ugly cast work-around. 113955682Smarkm 114055682Smarkm1999-11-14 Assar Westerlund <assar@sics.se> 114155682Smarkm 114255682Smarkm * context_s.c (_kadm5_s_init_context): call krb5_add_et_list so 114355682Smarkm that we aren't dependent on the layout of krb5_context_data 114455682Smarkm * init_c.c (_kadm5_c_init_context): call krb5_add_et_list so that 114555682Smarkm we aren't dependent on the layout of krb5_context_data 114655682Smarkm 114755682Smarkm1999-11-13 Assar Westerlund <assar@sics.se> 114855682Smarkm 114955682Smarkm * password_quality.c (kadm5_setup_passwd_quality_check): use 115055682Smarkm correct types for function pointers 115155682Smarkm 115255682Smarkm1999-11-09 Johan Danielsson <joda@pdc.kth.se> 115355682Smarkm 115455682Smarkm * randkey_s.c: always bail out if the fetch fails 115555682Smarkm 115655682Smarkm * admin.h (kadm5_config_params): remove fields we're not using 115755682Smarkm 115855682Smarkm * ipropd_slave.c: allow passing a realm 115955682Smarkm 116055682Smarkm * ipropd_master.c: allow passing a realm 116155682Smarkm 116255682Smarkm * dump_log.c: allow passing a realm 116355682Smarkm 116455682Smarkm * acl.c: correctly get acl file 116555682Smarkm 116655682Smarkm * private.h (kadm5_server_context): add config_params struct and 116755682Smarkm remove acl_file; bump protocol version number 116855682Smarkm 116955682Smarkm * marshall.c: marshalling of config parameters 117055682Smarkm 117155682Smarkm * init_c.c (kadm5_c_init_with_context): try to cope with old 117255682Smarkm servers 117355682Smarkm 117455682Smarkm * init_s.c (kadm5_s_init_with_context): actually use some passed 117555682Smarkm values 117655682Smarkm 117755682Smarkm * context_s.c (_kadm5_s_init_context): get dbname, acl_file, and 117855682Smarkm stash_file from the config parameters, try to figure out these if 117955682Smarkm they're not provided 118055682Smarkm 118155682Smarkm1999-11-05 Assar Westerlund <assar@sics.se> 118255682Smarkm 118355682Smarkm * Makefile.am (install-build-headers): use `cp' instead of 118455682Smarkm INSTALL_DATA 118555682Smarkm 118655682Smarkm1999-11-04 Assar Westerlund <assar@sics.se> 118755682Smarkm 118855682Smarkm * Makefile.am: bump version to 4:0:0 and 3:0:0 (they access fields 118955682Smarkm directly in libkrb5's context - bad functions) 119055682Smarkm 119155682Smarkm * set_keys.c (_kadm5_set_keys_randomly): set enctypes correctly in 119255682Smarkm the copied keys 119355682Smarkm 119455682Smarkm1999-10-20 Assar Westerlund <assar@sics.se> 119555682Smarkm 119655682Smarkm * Makefile.am: set version of kadm5srv to 3:0:2 (new password 119755682Smarkm quality functions). 119855682Smarkm set version of kdam5clnt to 2:1:1 (no interface changes) 119955682Smarkm 120055682Smarkm * Makefile.am (LDADD): add $(LIB_dlopen) 120155682Smarkm 120255682Smarkm1999-10-17 Assar Westerlund <assar@sics.se> 120355682Smarkm 120455682Smarkm * randkey_s.c (kadm5_s_randkey_principal): use 120555682Smarkm _kadm5_set_keys_randomly 120655682Smarkm 120755682Smarkm * set_keys.c (free_keys): free more memory 120855682Smarkm (_kadm5_set_keys): a little bit more generic 120955682Smarkm (_kadm5_set_keys_randomly): new function for setting random keys. 121055682Smarkm 121155682Smarkm1999-10-14 Assar Westerlund <assar@sics.se> 121255682Smarkm 121355682Smarkm * set_keys.c (_kadm5_set_keys): ignore old keys when setting new 121455682Smarkm ones and always add 3 DES keys and one 3DES key 121555682Smarkm 121655682Smarkm1999-10-03 Assar Westerlund <assar@sics.se> 121755682Smarkm 121855682Smarkm * init_c.c (_kadm5_c_init_context): use `krb5_get_krb_admin_hst'. 121955682Smarkm check return value from strdup 122055682Smarkm 122155682Smarkm1999-09-26 Assar Westerlund <assar@sics.se> 122255682Smarkm 122355682Smarkm * acl.c (_kadm5_privs_to_string): forgot one strcpy_truncate -> 122455682Smarkm strlcpy 122555682Smarkm 122655682Smarkm1999-09-24 Johan Danielsson <joda@pdc.kth.se> 122755682Smarkm 122855682Smarkm * dump_log.c: remove unused `optind' 122955682Smarkm 123055682Smarkm * replay_log.c: remove unused `optind' 123155682Smarkm 123255682Smarkm1999-09-13 Assar Westerlund <assar@sics.se> 123355682Smarkm 123455682Smarkm * chpass_c.c (kadm5_c_chpass_principal): new _kadm5_client_recv 123555682Smarkm 123655682Smarkm * send_recv.c (_kadm5_client_recv): return result in a `krb5_data' 123755682Smarkm so that we avoid copying it and don't need to dimension in 123855682Smarkm advance. change all callers. 123955682Smarkm 124055682Smarkm1999-09-10 Assar Westerlund <assar@sics.se> 124155682Smarkm 124255682Smarkm * password_quality.c: new file 124355682Smarkm 124455682Smarkm * admin.h 124555682Smarkm (kadm5_setup_passwd_quality_check,kadm5_check_password_quality): 124655682Smarkm add prototypes 124755682Smarkm 124855682Smarkm * Makefile.am (S_SOURCES): add password_quality.c 124955682Smarkm 125055682Smarkm1999-07-26 Assar Westerlund <assar@sics.se> 125155682Smarkm 125255682Smarkm * Makefile.am: update versions to 2:0:1 125355682Smarkm 125455682Smarkm1999-07-24 Assar Westerlund <assar@sics.se> 125555682Smarkm 125655682Smarkm * ent_setup.c (_kadm5_setup_entry): make princ_expire_time == 0 125755682Smarkm and pw_expiration == 0 mean never 125855682Smarkm 125955682Smarkm1999-07-22 Assar Westerlund <assar@sics.se> 126055682Smarkm 126155682Smarkm * log.c (kadm5_log_flush): extra cast 126255682Smarkm 126355682Smarkm1999-07-07 Assar Westerlund <assar@sics.se> 126455682Smarkm 126555682Smarkm * marshall.c (store_principal_ent): encoding princ_expire_time and 126655682Smarkm pw_expiration in correct order 126755682Smarkm 126855682Smarkm1999-06-28 Assar Westerlund <assar@sics.se> 126955682Smarkm 127055682Smarkm * randkey_s.c (kadm5_s_randkey_principal): nuke old mkvno, 127155682Smarkm otherwise hdb will think that the new random keys are already 127255682Smarkm encrypted which will cause lots of confusion later. 127355682Smarkm 127455682Smarkm1999-06-23 Assar Westerlund <assar@sics.se> 127555682Smarkm 127655682Smarkm * ent_setup.c (_kadm5_setup_entry): handle 0 == unlimited 127755682Smarkm correctly. From Michal Vocu <michal@karlin.mff.cuni.cz> 127855682Smarkm 127955682Smarkm1999-06-15 Assar Westerlund <assar@sics.se> 128055682Smarkm 128155682Smarkm * init_c.c (get_cred_cache): use get_default_username 128255682Smarkm 128355682Smarkm1999-05-23 Assar Westerlund <assar@sics.se> 128455682Smarkm 128555682Smarkm * create_s.c (create_principal): if there's no default entry the 128655682Smarkm mask should be zero. 128755682Smarkm 128855682Smarkm1999-05-21 Assar Westerlund <assar@sics.se> 128955682Smarkm 129055682Smarkm * init_c.c (get_cred_cache): use $USERNAME 129155682Smarkm 129255682Smarkm1999-05-17 Johan Danielsson <joda@pdc.kth.se> 129355682Smarkm 129455682Smarkm * init_c.c (get_cred_cache): figure out principal 129555682Smarkm 129655682Smarkm1999-05-05 Johan Danielsson <joda@pdc.kth.se> 129755682Smarkm 129855682Smarkm * send_recv.c: cleanup _kadm5_client_{send,recv} 129955682Smarkm 130055682Smarkm1999-05-04 Assar Westerlund <assar@sics.se> 130155682Smarkm 130255682Smarkm * set_keys.c (_kadm5_set_keys2): don't check the recently created 130355682Smarkm memory for NULL pointers 130455682Smarkm 130555682Smarkm * private.h (_kadm5_setup_entry): change prototype 130655682Smarkm 130755682Smarkm * modify_s.c: call new _kadm5_setup_entry 130855682Smarkm 130955682Smarkm * ent_setup.c (_kadm5_setup_entry): change so that it takes three 131055682Smarkm masks, one for what bits to set and one for each of principal and 131155682Smarkm def containing the bits that are set there. 131255682Smarkm 131355682Smarkm * create_s.c: call new _kadm5_setup_entry 131455682Smarkm 131555682Smarkm * create_s.c (get_default): check return value 131655682Smarkm (create_principal): send wider mask to _kadm5_setup_entry 131755682Smarkm 131855682Smarkm1999-05-04 Johan Danielsson <joda@pdc.kth.se> 131955682Smarkm 132055682Smarkm * send_recv.c (_kadm5_client_recv): handle arbitrarily sized 132155682Smarkm packets, check for errors 132255682Smarkm 132355682Smarkm * get_c.c: check for failure from _kadm5_client_{send,recv} 132455682Smarkm 132555682Smarkm1999-05-04 Assar Westerlund <assar@sics.se> 132655682Smarkm 132755682Smarkm * init_c.c (get_new_cache): don't abort when interrupted from 132855682Smarkm password prompt 132955682Smarkm 133055682Smarkm * destroy_c.c (kadm5_c_destroy): check if we should destroy the 133155682Smarkm auth context 133255682Smarkm 133355682Smarkm1999-05-03 Johan Danielsson <joda@pdc.kth.se> 133455682Smarkm 133555682Smarkm * chpass_s.c: fix arguments to _kadm5_set_keys2 133655682Smarkm 133755682Smarkm * private.h: proto 133855682Smarkm 133955682Smarkm * set_keys.c: clear mkvno 134055682Smarkm 134155682Smarkm * rename_s.c: add flags to fetch and store; seal keys before 134255682Smarkm logging 134355682Smarkm 134455682Smarkm * randkey_s.c: add flags to fetch and store; seal keys before 134555682Smarkm logging 134655682Smarkm 134755682Smarkm * modify_s.c: add flags to fetch and store; seal keys before 134855682Smarkm logging 134955682Smarkm 135055682Smarkm * log.c: add flags to fetch and store; seal keys before logging 135155682Smarkm 135255682Smarkm * get_s.c: add flags to fetch and store; seal keys before logging 135355682Smarkm 135455682Smarkm * get_princs_s.c: add flags to fetch and store; seal keys before 135555682Smarkm logging 135655682Smarkm 135755682Smarkm * delete_s.c: add flags to fetch and store; seal keys before 135855682Smarkm logging 135955682Smarkm 136055682Smarkm * create_s.c: add flags to fetch and store; seal keys before 136155682Smarkm logging 136255682Smarkm 136355682Smarkm * chpass_s.c: add flags to fetch and store; seal keys before 136455682Smarkm logging 136555682Smarkm 136655682Smarkm * Makefile.am: remove server.c 136755682Smarkm 136855682Smarkm * admin.h: add prototypes 136955682Smarkm 137055682Smarkm * ent_setup.c (_kadm5_setup_entry): set key_data 137155682Smarkm 137255682Smarkm * set_keys.c: add _kadm5_set_keys2 to sey keys from key_data 137355682Smarkm 137455682Smarkm * modify_s.c: add kadm5_s_modify_principal_with_key 137555682Smarkm 137655682Smarkm * create_s.c: add kadm5_s_create_principal_with_key 137755682Smarkm 137855682Smarkm * chpass_s.c: add kadm5_s_chpass_principal_with_key 137955682Smarkm 138055682Smarkm * kadm5_locl.h: move stuff to private.h 138155682Smarkm 138255682Smarkm * private.h: move stuff from kadm5_locl.h 138390926Snectar 1384