ChangeLog revision 120945 
12003-04-16  Love H�rnquist �strand <lha@it.su.se>
2
3	* send_recv.c: check return values from krb5_data_alloc
4	* log.c: check return values from krb5_data_alloc
5	
62003-04-16  Love H�rnquist �strand <lha@it.su.se>
7
8	* dump_log.c (print_entry): check return values from
9	krb5_data_alloc
10
112003-04-01  Love H�rnquist �strand <lha@it.su.se>
12
13	* init_c.c (kadm_connect): if a context realm was passed in, use
14	that to form the kadmin/admin principal
15	
162003-03-19  Love H�rnquist �strand <lha@it.su.se>
17
18	* ipropd_master.c (main): make sure we don't consider dead slave
19	for select processing
20	(write_stats): use slave_stats_file variable, 
21	check return value of strftime
22	(args): allow specifying slave stats file
23	(slave_dead): close the fd when the slave dies
24
252002-10-21  Johan Danielsson  <joda@pdc.kth.se>
26
27	* ipropd_slave.c (from Derrick Brashear): Propagating a large
28	database without this means the slave kdcs can get erroneous
29	HDB_NOENTRY and return the resulting errors. This creates a new db
30	handle, populates it, and moves it into place.
31
322002-08-26  Assar Westerlund  <assar@kth.se>
33
34	* ipropd_slave.c (receive_everything): type-correctness calling
35	_krb5_get_int
36
37	* context_s.c (find_db_spec): const-correctness in parameters to
38	krb5_config_get_next
39
402002-08-16  Johan Danielsson  <joda@pdc.kth.se>
41
42	* private.h: rename header file flag macro
43
44	* Makefile.am: generate kadm5-{protos,private}.h
45
462002-08-15  Johan Danielsson  <joda@pdc.kth.se>
47
48	* ipropd_master.c: check return value of krb5_sockaddr2address
49
502002-07-04  Johan Danielsson  <joda@pdc.kth.se>
51
52	* ipropd_master.c: handle slaves that come and go; add status
53	reporting (both from Love)
54
55	* iprop.h: KADM5_SLAVE_STATS
56
572002-03-25  Jacques Vidrine  <n@nectar.com>
58
59	* init_c.c (get_cred_cache): bug fix: the default credentials
60	cache was not being used if a client name was specified.
61
622002-03-25  Johan Danielsson  <joda@pdc.kth.se>
63
64	* init_c.c (get_cred_cache): when getting the default_client from
65	the cred cache, make sure the instance part is "admin"; this
66	should require fewer uses of -p
67
682002-03-11  Assar Westerlund  <assar@sics.se>
69
70	* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:5:0
71	(libkadm5clnt_la_LDFLAGS): set version to 6:3:2
72
732002-02-08  Johan Danielsson  <joda@pdc.kth.se>
74
75	* init_c.c: we have to create our own param struct before
76	marshaling
77
782001-09-05  Johan Danielsson  <joda@pdc.kth.se>
79
80	* Makefile.am: link with LIB_pidfile
81
82	* iprop.h: include util.h for pidfile
83
842001-08-31  Assar Westerlund  <assar@sics.se>
85
86	* ipropd_slave.c (main): syslog with the correct name
87
882001-08-30  Jacques Vidrine <n@nectar.com>
89
90	* ipropd_slave.c, ipropd_master.c (main): call pidfile
91
922001-08-28  Assar Westerlund  <assar@sics.se>
93
94	* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:4:0
95
962001-08-24  Assar Westerlund  <assar@sics.se>
97
98	* acl.c (fetch_acl): do not return bogus flags and re-organize
99	function
100
101	* Makefile.am: rename variable name to avoid error from current
102	automake
103
1042001-08-13  Johan Danielsson  <joda@pdc.kth.se>
105
106	* set_keys.c: add easier afs configuration, defaulting to the
107	local realm in lower case; also try to remove duplicate salts
108
1092001-07-12  Assar Westerlund  <assar@sics.se>
110
111	* Makefile.am: add required library dependencies
112
1132001-07-03  Assar Westerlund  <assar@sics.se>
114
115	* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 6:2:2
116
1172001-06-29  Johan Danielsson  <joda@pdc.kth.se>
118
119	* init_c.c: call krb5_get_init_creds_opt_set_default_flags
120
1212001-02-19  Johan Danielsson  <joda@pdc.kth.se>
122
123	* replay_log.c: add --{start-end}-version flags to replay just
124	part of the log
125
1262001-02-15  Assar Westerlund  <assar@sics.se>
127
128	* ipropd_master.c (main): fix select-loop to decrement ret
129	correctly.  from "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
130
1312001-01-30  Assar Westerlund  <assar@sics.se>
132
133	* Makefile.am: bump versions
134
1352000-12-31  Assar Westerlund  <assar@sics.se>
136
137	* init_s.c (*): handle krb5_init_context failure consistently
138	* init_c.c (init_context): handle krb5_init_context failure
139	consistently
140
1412000-12-11  Assar Westerlund  <assar@sics.se>
142
143	* Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:2:0
144
1452000-11-16  Assar Westerlund  <assar@sics.se>
146
147	* set_keys.c (make_keys): clean-up salting loop and try not to
148	leak memory
149
150	* ipropd_master.c (main): check for fd's being too large to select
151	on
152
1532000-08-16  Assar Westerlund  <assar@sics.se>
154
155	* Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:1:0
156
1572000-08-10  Assar Westerlund  <assar@sics.se>
158
159	* acl.c (fetch_acl): fix wrong cases, use krb5_principal_match
160
1612000-08-07  Assar Westerlund  <assar@sics.se>
162
163	* ipropd_master.c (main): ignore SIGPIPE
164
1652000-08-06  Assar Westerlund  <assar@sics.se>
166
167	* ipropd_slave.c (receive_everything): make `fd' an int instead of
168	a pointer.  From Derrick J Brashear <shadow@dementia.org>
169
1702000-08-04  Johan Danielsson  <joda@pdc.kth.se>
171
172	* admin.h: change void** to void*
173
1742000-07-25  Johan Danielsson  <joda@pdc.kth.se>
175
176	* Makefile.am: bump versions to 7:0:0 and 6:0:2
177
1782000-07-24  Assar Westerlund  <assar@sics.se>
179
180	* log.c (kadm5_log_get_version): rename kadm5_log_get_version_fd
181	and make a new that takes a context
182	(kadm5_log_nop): add logging of missing lengths
183	(kadm5_log_truncate): new function
184
185	* dump_log.c (print_entry): update and correct
186	* randkey_s.c: call _kadm5_bump_pw_expire
187	* truncate_log.c: new program for truncating the log
188	* Makefile.am (sbin_PROGRAMS): add truncate_log
189	(C_SOURCES): add bump_pw_expire.c
190	* bump_pw_expire.c: new function for extending password expiration
191
1922000-07-22  Assar Westerlund  <assar@sics.se>
193
194	* keys.c: new file with _kadm5_free_keys, _kadm5_init_keys
195
196	* set_keys.c (free_keys, init_keys): elevate to internal kadm5
197	functions
198
199	* chpass_s.c (kadm5_s_chpass_principal_cond): new function
200	* Makefile.am (C_SOURCES): add keys.c
201	* init_c.c: remove unused variable and handle some parameters
202	being NULL
203
2042000-07-22  Johan Danielsson  <joda@pdc.kth.se>
205
206	* ipropd_slave.c: use krb5_read_priv_message
207
208	* ipropd_master.c: use krb5_{read,write}_priv_message
209
210	* init_c.c: use krb5_write_priv_message
211
2122000-07-11  Johan Danielsson  <joda@pdc.kth.se>
213
214	* ipropd_slave.c: no need to call gethostname, since
215	sname_to_principal will
216
217	* send_recv.c: assert that we have a connected socket
218
219	* get_princs_c.c: call _kadm5_connect
220
221	* rename_c.c: call _kadm5_connect
222
223	* randkey_c.c: call _kadm5_connect
224
225	* privs_c.c: call _kadm5_connect
226
227	* modify_c.c: call _kadm5_connect
228
229	* get_c.c: call _kadm5_connect
230
231	* delete_c.c: call _kadm5_connect
232
233	* create_c.c: call _kadm5_connect
234
235	* chpass_c.c: call _kadm5_connect
236
237	* private.h: add more fields to client context; remove prototypes
238
239	* admin.h: remove prototypes
240
241	* kadm5-protos.h: move public prototypes here
242
243	* kadm5-private.h: move private prototypes here
244
245	* init_c.c: break out connection code to separate function, and
246	defer calling it until we actually do something
247
2482000-07-07  Assar Westerlund  <assar@sics.se>
249
250	* set_keys.c (make_keys): also support `[kadmin]use_v4_salt' for
251	backwards compatability
252
2532000-06-26  Johan Danielsson  <joda@pdc.kth.se>
254
255	* set_keys.c (_kadm5_set_keys): rewrite this to be more easily
256	adaptable to different salts
257	
2582000-06-19  Johan Danielsson  <joda@pdc.kth.se>
259
260	* get_s.c: pa_* -> KRB5_PADATA_*
261
2622000-06-16  Assar Westerlund  <assar@sics.se>
263
264	* ipropd_slave.c: change default keytab to default keytab (as in
265	typically FILE:/etc/krb5.keytab)
266
2672000-06-08  Assar Westerlund  <assar@sics.se>
268
269	* ipropd_slave.c: bug fixes, for actually writing the full dump to
270	the database.  based on a patch from Love <lha@stacken.kth.se>
271
2722000-06-07  Assar Westerlund  <assar@sics.se>
273
274	* acl.c: add support for patterns of principals
275	* log.c (kadm5_log_replay_create): handle more NULL pointers
276	(should they really happen?)
277	* log.c (kadm5_log_replay_modify): handle max_life == NULL and
278	max_renew == NULL
279
280	* ipropd_master.c: use syslog.  be less verbose
281	* ipropd_slave.c: use syslog
282
2832000-06-05  Assar Westerlund  <assar@sics.se>
284
285	* private.h (kadm_ops): add kadm_nop more prototypes
286	* log.c (kadm5_log_set_version, kadm5_log_reinit, kadm5_log_nop,
287	kadm5_log_replay_nop): add
288	* ipropd_slave.c: and some more improvements
289	* ipropd_master.c: lots of improvements
290	* iprop.h (IPROP_PORT, IPROP_SERVICE): add
291	(iprop_cmd): add new commands
292
293	* dump_log.c: add nop
294
2952000-05-15  Assar Westerlund  <assar@sics.se>
296
297	* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 5:1:1
298
2992000-05-12  Assar Westerlund  <assar@sics.se>
300
301	* get_s.c (kadm5_s_get_principal): set life, rlife to INT_MAX as a
302	fallback.  handle not having any creator.
303	* destroy_s.c (kadm5_s_destroy): free all allocated memory
304	* context_s.c (set_field): free variable if it's already set
305	(find_db_spec): malloc space for all strings
306
3072000-04-05  Assar Westerlund  <assar@sics.se>
308
309	* Makefile.am (LDADD): add LIB_openldap
310
3112000-04-03  Assar Westerlund  <assar@sics.se>
312
313	* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 6:0:1
314	(libkadm5clnt_la_LDFLAGS): set version to 5:0:1
315
3162000-03-24  Assar Westerlund  <assar@sics.se>
317
318	* set_keys.c (_kadm5_set_keys2): rewrite
319	(_kadm5_set_keys3): add
320
321	* private.h (struct kadm_func): add chpass_principal_with_key
322	* init_c.c (set_funcs): add chpass_principal_with_key
323
3242000-03-23  Assar Westerlund  <assar@sics.se>
325
326	* context_s.c (set_funcs): add chpass_principal_with_key
327	* common_glue.c (kadm5_chpass_principal_with_key): add
328	* chpass_s.c: comment-ize and change calling convention for
329	_kadm5_set_keys*
330	* chpass_c.c (kadm5_c_chpass_principal_with_key): add
331
3322000-02-07  Assar Westerlund  <assar@sics.se>
333
334	* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0
335
3362000-01-28  Assar Westerlund  <assar@sics.se>
337
338	* init_c.c (get_new_cache): make sure to request non-forwardable,
339	non-proxiable
340
3412000-01-06  Assar Westerlund  <assar@sics.se>
342
343	* Makefile.am (libkadm5srv.la): bump version to 5:1:0
344
345	* context_s.c (_kadm5_s_init_context): handle params == NULL
346
3471999-12-26  Assar Westerlund  <assar@sics.se>
348
349	* get_s.c (kadm5_s_get_principal): handle modified_by->principal
350 	== NULL
351
3521999-12-20  Assar Westerlund  <assar@sics.se>
353
354	* Makefile.am (libkadm5clnt_la_LDFLAGS): bump version to 4:1:0
355
356	* init_c.c (_kadm5_c_init_context): handle getting back port
357 	number from admin host
358	(kadm5_c_init_with_context): remove `proto/' part before doing
359	getaddrinfo()
360
3611999-12-06  Assar Westerlund  <assar@sics.se>
362
363	* Makefile.am: bump version to 5:0:0 and 4:0:0
364
365	* init_c.c (kadm5_c_init_with_context): don't use unitialized
366 	stuff
367
3681999-12-04  Assar Westerlund  <assar@sics.se>
369
370	* replay_log.c: adapt to changed kadm5_log_foreach
371
372	* log.c (kadm5_log_foreach): change to take a
373 	`kadm5_server_context'
374
375	* init_c.c: use krb5_warn{,x}
376
377	* dump_log.c: adapt to changed kadm5_log_foreach
378
379	* init_c.c: re-write to use getaddrinfo
380	* Makefile.am (install-build-headers): add dependency
381	
3821999-12-03  Johan Danielsson  <joda@pdc.kth.se>
383
384	* log.c (kadm5_log_foreach): pass context
385
386	* dump_log.c: print more interesting things
387
3881999-12-02  Johan Danielsson  <joda@pdc.kth.se>
389
390	* ipropd_master.c (process_msg): check for short reads
391
3921999-11-25  Assar Westerlund  <assar@sics.se>
393
394	* modify_s.c (kadm5_s_modify_principal): support key_data
395	(kadm5_s_modify_principal_with_key): remove
396
397	* admin.h (kadm5_s_modify_principal_with_key): remove
398
3991999-11-20  Assar Westerlund  <assar@sics.se>
400
401	* context_s.c (find_db_spec): ugly cast work-around.
402
4031999-11-14  Assar Westerlund  <assar@sics.se>
404
405	* context_s.c (_kadm5_s_init_context): call krb5_add_et_list so
406 	that we aren't dependent on the layout of krb5_context_data
407	* init_c.c (_kadm5_c_init_context): call krb5_add_et_list so that
408 	we aren't dependent on the layout of krb5_context_data
409
4101999-11-13  Assar Westerlund  <assar@sics.se>
411
412	* password_quality.c (kadm5_setup_passwd_quality_check): use
413	correct types for function pointers
414	
4151999-11-09  Johan Danielsson  <joda@pdc.kth.se>
416
417	* randkey_s.c: always bail out if the fetch fails
418
419	* admin.h (kadm5_config_params): remove fields we're not using
420
421	* ipropd_slave.c: allow passing a realm
422
423	* ipropd_master.c: allow passing a realm
424
425	* dump_log.c: allow passing a realm
426
427	* acl.c: correctly get acl file
428
429	* private.h (kadm5_server_context): add config_params struct and
430	remove acl_file; bump protocol version number
431
432	* marshall.c: marshalling of config parameters
433
434	* init_c.c (kadm5_c_init_with_context): try to cope with old
435	servers
436
437	* init_s.c (kadm5_s_init_with_context): actually use some passed
438	values
439
440	* context_s.c (_kadm5_s_init_context): get dbname, acl_file, and
441	stash_file from the config parameters, try to figure out these if
442	they're not provided
443
4441999-11-05  Assar Westerlund  <assar@sics.se>
445
446	* Makefile.am (install-build-headers): use `cp' instead of
447 	INSTALL_DATA
448
4491999-11-04  Assar Westerlund  <assar@sics.se>
450
451	* Makefile.am: bump version to 4:0:0 and 3:0:0 (they access fields
452 	directly in libkrb5's context - bad functions)
453
454	* set_keys.c (_kadm5_set_keys_randomly): set enctypes correctly in
455 	the copied keys
456
4571999-10-20  Assar Westerlund  <assar@sics.se>
458
459	* Makefile.am: set version of kadm5srv to 3:0:2 (new password
460 	quality functions).
461 	set version of kdam5clnt to 2:1:1 (no interface changes)
462
463	* Makefile.am (LDADD): add $(LIB_dlopen)
464
4651999-10-17  Assar Westerlund  <assar@sics.se>
466
467	* randkey_s.c (kadm5_s_randkey_principal): use
468 	_kadm5_set_keys_randomly
469
470	* set_keys.c (free_keys): free more memory
471	(_kadm5_set_keys): a little bit more generic
472	(_kadm5_set_keys_randomly): new function for setting random keys.
473
4741999-10-14  Assar Westerlund  <assar@sics.se>
475
476	* set_keys.c (_kadm5_set_keys): ignore old keys when setting new
477 	ones and always add 3 DES keys and one 3DES key
478
4791999-10-03  Assar Westerlund  <assar@sics.se>
480
481	* init_c.c (_kadm5_c_init_context): use `krb5_get_krb_admin_hst'.
482  	check return value from strdup
483
4841999-09-26  Assar Westerlund  <assar@sics.se>
485
486	* acl.c (_kadm5_privs_to_string): forgot one strcpy_truncate ->
487 	strlcpy
488
4891999-09-24  Johan Danielsson  <joda@pdc.kth.se>
490
491	* dump_log.c: remove unused `optind'
492
493	* replay_log.c: remove unused `optind'
494
4951999-09-13  Assar Westerlund  <assar@sics.se>
496
497	* chpass_c.c (kadm5_c_chpass_principal): new _kadm5_client_recv
498
499	* send_recv.c (_kadm5_client_recv): return result in a `krb5_data'
500 	so that we avoid copying it and don't need to dimension in
501 	advance.  change all callers.
502
5031999-09-10  Assar Westerlund  <assar@sics.se>
504
505	* password_quality.c: new file
506
507	* admin.h
508 	(kadm5_setup_passwd_quality_check,kadm5_check_password_quality):
509 	add prototypes
510
511	* Makefile.am (S_SOURCES): add password_quality.c
512
5131999-07-26  Assar Westerlund  <assar@sics.se>
514
515	* Makefile.am: update versions to 2:0:1
516
5171999-07-24  Assar Westerlund  <assar@sics.se>
518
519	* ent_setup.c (_kadm5_setup_entry): make princ_expire_time == 0
520 	and pw_expiration == 0 mean never
521
5221999-07-22  Assar Westerlund  <assar@sics.se>
523
524	* log.c (kadm5_log_flush): extra cast
525
5261999-07-07  Assar Westerlund  <assar@sics.se>
527
528	* marshall.c (store_principal_ent): encoding princ_expire_time and
529 	pw_expiration in correct order
530
5311999-06-28  Assar Westerlund  <assar@sics.se>
532
533	* randkey_s.c (kadm5_s_randkey_principal): nuke old mkvno,
534 	otherwise hdb will think that the new random keys are already
535 	encrypted which will cause lots of confusion later.
536
5371999-06-23  Assar Westerlund  <assar@sics.se>
538
539	* ent_setup.c (_kadm5_setup_entry): handle 0 == unlimited
540 	correctly.  From Michal Vocu <michal@karlin.mff.cuni.cz>
541
5421999-06-15  Assar Westerlund  <assar@sics.se>
543
544	* init_c.c (get_cred_cache): use get_default_username
545
5461999-05-23  Assar Westerlund  <assar@sics.se>
547
548	* create_s.c (create_principal): if there's no default entry the
549	mask should be zero.
550
5511999-05-21  Assar Westerlund  <assar@sics.se>
552
553	* init_c.c (get_cred_cache): use $USERNAME
554
5551999-05-17  Johan Danielsson  <joda@pdc.kth.se>
556
557	* init_c.c (get_cred_cache): figure out principal
558
5591999-05-05  Johan Danielsson  <joda@pdc.kth.se>
560
561	* send_recv.c: cleanup _kadm5_client_{send,recv}
562
5631999-05-04  Assar Westerlund  <assar@sics.se>
564
565	* set_keys.c (_kadm5_set_keys2): don't check the recently created
566 	memory for NULL pointers
567
568	* private.h (_kadm5_setup_entry): change prototype
569
570	* modify_s.c: call new _kadm5_setup_entry
571
572	* ent_setup.c (_kadm5_setup_entry): change so that it takes three
573 	masks, one for what bits to set and one for each of principal and
574 	def containing the bits that are set there.
575
576	* create_s.c: call new _kadm5_setup_entry
577
578	* create_s.c (get_default): check return value
579	(create_principal): send wider mask to _kadm5_setup_entry
580
5811999-05-04  Johan Danielsson  <joda@pdc.kth.se>
582
583	* send_recv.c (_kadm5_client_recv): handle arbitrarily sized
584	packets, check for errors
585
586	* get_c.c: check for failure from _kadm5_client_{send,recv}
587
5881999-05-04  Assar Westerlund  <assar@sics.se>
589
590	* init_c.c (get_new_cache): don't abort when interrupted from
591 	password prompt
592	
593	* destroy_c.c (kadm5_c_destroy): check if we should destroy the
594 	auth context
595
5961999-05-03  Johan Danielsson  <joda@pdc.kth.se>
597
598	* chpass_s.c: fix arguments to _kadm5_set_keys2
599
600	* private.h: proto
601
602	* set_keys.c: clear mkvno
603
604	* rename_s.c: add flags to fetch and store; seal keys before
605	logging
606
607	* randkey_s.c: add flags to fetch and store; seal keys before
608	logging
609
610	* modify_s.c: add flags to fetch and store; seal keys before
611	logging
612
613	* log.c: add flags to fetch and store; seal keys before logging
614
615	* get_s.c: add flags to fetch and store; seal keys before logging
616
617	* get_princs_s.c: add flags to fetch and store; seal keys before
618	logging
619
620	* delete_s.c: add flags to fetch and store; seal keys before
621	logging
622
623	* create_s.c: add flags to fetch and store; seal keys before
624	logging
625
626	* chpass_s.c: add flags to fetch and store; seal keys before
627	logging
628
629	* Makefile.am: remove server.c
630
631	* admin.h: add prototypes
632
633	* ent_setup.c (_kadm5_setup_entry): set key_data
634
635	* set_keys.c: add _kadm5_set_keys2 to sey keys from key_data
636
637	* modify_s.c: add kadm5_s_modify_principal_with_key
638
639	* create_s.c: add kadm5_s_create_principal_with_key
640
641	* chpass_s.c: add kadm5_s_chpass_principal_with_key
642
643	* kadm5_locl.h: move stuff to private.h
644
645	* private.h: move stuff from kadm5_locl.h
646	
647