ChangeLog revision 178825
12008-01-21 Love H�rnquist �strand <lha@it.su.se> 2 3 * default_keys.c: Use hdb_free_keys(). 4 52008-01-11 Love H�rnquist �strand <lha@it.su.se> 6 7 * Makefile.am: add check-cracklib.pl, flush.c, 8 sample_passwd_check.c 9 102007-12-07 Love H�rnquist �strand <lha@it.su.se> 11 12 * use hdb_db_dir() and hdb_default_db() 13 142007-10-18 Love <lha@stacken.kth.se> 15 16 * init_c.c: We are getting default_client, not client. this way 17 the user can override the result. 18 192007-09-29 Love H�rnquist �strand <lha@it.su.se> 20 21 * iprop.8: fix spelling, From Antoine Jacoutt. 22 232007-08-16 Love H�rnquist �strand <lha@it.su.se> 24 25 * version-script.map: export _kadm5_unmarshal_params, 26 _kadm5_acl_check_permission 27 28 * version-script.map: export kadm5_log_ symbols. 29 30 * log.c: Unexport the specific log replay operations. 31 322007-08-10 Love H�rnquist �strand <lha@it.su.se> 33 34 * Makefile.am: build sample_passwd_check.la as part of noinst. 35 36 * sample_passwd_check.c: Add missing prototype for check_length(). 37 382007-08-07 Love H�rnquist �strand <lha@it.su.se> 39 40 * log.c: Sprinkle krb5_set_error_string(). 41 42 * ipropd_slave.c: Provide better error why kadm5_log_replay 43 failed. 44 452007-08-06 Love H�rnquist �strand <lha@it.su.se> 46 47 * ipropd_master.c: - don't push whole database to the new client 48 every time. - make slaves get the whole new database if they have 49 a newer log the the master (and thus have them go back in time). 50 512007-08-03 Love H�rnquist �strand <lha@it.su.se> 52 53 * ipropd_slave.c: make more sane. 54 55 * ipropd_slave.c: more paranoid check that the log entires are 56 self consistant 57 58 * log.c (kadm5_log_foreach): check that the postamble contains the 59 right data. 60 61 * ipropd_master.c: Sprinkle more info about what versions the 62 master thinks about the client versions. 63 64 * ipropd_master.c: Start the server at the current version, not 0. 65 662007-08-02 Love H�rnquist �strand <lha@it.su.se> 67 68 * ipropd_master.c: Add more logging, to figure out what is 69 happening in the master. 70 712007-08-01 Love H�rnquist �strand <lha@it.su.se> 72 73 * Makefile.am: add version-script for libkadm5srv.la 74 75 * version-script.map: version script fro kadm5 server libary. 76 77 * log.c: only free the orignal entries extentions if there was 78 any. Bug reported by Peter Meinecke. 79 80 * add configuration for signal file and acl file, let user select 81 hostname, catch signals and print why we are quiting, make nop 82 cause one new version, not two 83 842007-07-30 Love H�rnquist �strand <lha@it.su.se> 85 86 * ipropd_master.c (send_diffs): make current slave's version 87 uptodate when diff have been sent. 88 892007-07-27 Love H�rnquist �strand <lha@it.su.se> 90 91 * ipropd_slave.c: More comments and some more error checking. 92 932007-07-26 Love H�rnquist �strand <lha@it.su.se> 94 95 * init_c.c (get_cache_principal): make sure id is reset if we 96 fail. From Benjamin Bennet. 97 982007-07-10 Love H�rnquist �strand <lha@it.su.se> 99 100 * context_s.c (find_db_spec): match realm-less as the default 101 realm. 102 103 * Makefile.am: New library version. 104 1052007-07-05 Love H�rnquist �strand <lha@it.su.se> 106 107 * context_s.c: Use hdb_get_dbinfo to pick up configuration. 108 ctx->config.realm can be NULL, check for that, from Bjorn S. 109 1102007-07-04 Love H�rnquist �strand <lha@it.su.se> 111 112 * init_c.c: Try harder to use the right principal. 113 1142007-06-20 Love H�rnquist �strand <lha@it.su.se> 115 116 * ipropd_slave.c: Catch return value from krb5_program_setup. From 117 Steven Luo. 118 1192007-05-08 Love H�rnquist �strand <lha@it.su.se> 120 121 * delete_s.c: Write log entry after store is successful, rename 122 out goto statments. 123 124 * randkey_s.c: Write log entry after store is successful. 125 126 * modify_s.c: Write log entry after store is successful. 127 128 * rename_s.c: indent. 129 130 * chpass_s.c: Write log entry after store is successful. 131 132 * create_s.c: Write log entry after store is successful. 133 1342007-05-07 Love H�rnquist �strand <lha@it.su.se> 135 136 * iprop-commands.in: Add default values to make this working 137 again. 138 139 * iprop-log.c (iprop_replay): create the database with more 140 liberal mode. 141 142 * log.c: make it slightly more working. 143 144 * iprop-log.8: Document last-version. 145 146 * iprop-log.c: (last_version): print last version of the log. 147 148 * iprop-commands.in: new command last-version: print last version 149 of the log. 150 151 * log.c (kadm5_log_previous): document assumptions and make less 152 broken. Bug report from Ronny Blomme. 153 1542007-02-17 Love H�rnquist �strand <lha@it.su.se> 155 156 * admin.h: add support to get aliases 157 158 * get_s.c: add support to get aliases 159 1602007-02-11 David Love <fx@gnu.org> 161 162 * iprop-log.8: Small fixes, from David Love. 163 1642006-12-15 Love H�rnquist �strand <lha@it.su.se> 165 166 * init_c.c: if the user have a kadmin/admin initial ticket, don't 167 ask for password, just use the credential instead. 168 1692006-12-06 Love H�rnquist �strand <lha@it.su.se> 170 171 * ipropd_master.c: Use strcspn to remove \n from string returned 172 by fgets. From Bj�rn Sandell 173 1742006-11-30 Love H�rnquist �strand <lha@it.su.se> 175 176 * init_c.c (kadm_connect): clear error string before trying to 177 print a errno, this way we don't pick up a random failure code 178 1792006-11-20 Love H�rnquist �strand <lha@it.su.se> 180 181 * ipropd_slave.c: Make krb5_get_init_creds_opt_free take a context 182 argument. 183 184 * init_c.c: Make krb5_get_init_creds_opt_free take a context 185 argument. 186 1872006-10-22 Love H�rnquist �strand <lha@it.su.se> 188 189 * ent_setup.c: Try to not leak memory. 190 1912006-10-07 Love H�rnquist �strand <lha@it.su.se> 192 193 * Makefile.am: split build files into dist_ and noinst_ SOURCES 194 1952006-08-24 Love H�rnquist �strand <lha@it.su.se> 196 197 * get_s.c: Add KRB5_KDB_ALLOW_DIGEST 198 199 * ent_setup.c: Add KRB5_KDB_ALLOW_DIGEST 200 201 * admin.h: Add KRB5_KDB_ALLOW_DIGEST 202 2032006-06-16 Love H�rnquist �strand <lha@it.su.se> 204 205 * check-cracklib.pl: Add password reuse checking. From Harald 206 Barth. 207 2082006-06-14 Love H�rnquist �strand <lha@it.su.se> 209 210 * ent_setup.c (attr_to_flags): Add KRB5_KDB_ALLOW_KERBEROS4 211 212 * get_s.c (kadm5_s_get_principal): Add KRB5_KDB_ALLOW_KERBEROS4 213 214 * admin.h: Add KRB5_KDB_ALLOW_KERBEROS4 215 2162006-06-06 Love H�rnquist �strand <lha@it.su.se> 217 218 * ent_setup.c (attr_to_flags): Add KRB5_KDB_TRUSTED_FOR_DELEGATION 219 2202006-05-30 Love H�rnquist �strand <lha@it.su.se> 221 222 * password_quality.c (kadm5_check_password_quality): set error 223 message in context. 224 2252006-05-13 Love H�rnquist �strand <lha@it.su.se> 226 227 * iprop-log.c: Avoid shadowing. 228 229 * rename_s.c: Avoid shadowing. 230 2312006-05-08 Love H�rnquist �strand <lha@it.su.se> 232 233 * privs_c.c (kadm5_c_get_privs): privs is a uint32_t, let copy it 234 that way. 235 2362006-05-05 Love H�rnquist �strand <lha@it.su.se> 237 238 * Rename u_intXX_t to uintXX_t 239 2402006-04-27 Love H�rnquist �strand <lha@it.su.se> 241 242 * chpass_s.c,delete_s.c,get_s.c,log.c,modify_s.c,randkey_s.c,rename_s.c: 243 Pass in HDB_F_GET_ANY to all ->hdb fetch to hint what entries we are looking for 244 245 * send_recv.c: set and clear error string 246 247 * rename_s.c: Break out the that we request from principal from 248 the entry and pass it in as a separate argument. 249 250 * randkey_s.c: Break out the that we request from principal from 251 the entry and pass it in as a separate argument. 252 253 * modify_s.c: Break out the that we request from principal from 254 the entry and pass it in as a separate argument. 255 256 * log.c: Break out the that we request from principal from the 257 entry and pass it in as a separate argument. 258 259 * get_s.c: Break out the that we request from principal from the 260 entry and pass it in as a separate argument. 261 262 * delete_s.c: Break out the that we request from principal from 263 the entry and pass it in as a separate argument. 264 265 * chpass_s.c: Break out the that we request from principal from 266 the entry and pass it in as a separate argument. 267 2682006-04-25 Love H�rnquist �strand <lha@it.su.se> 269 270 * create_s.c (create_principal*): If client doesn't send kvno, 271 make sure to set it to 1. 272 2732006-04-10 Love H�rnquist �strand <lha@it.su.se> 274 275 * log.c: (kadm5_log_rename): handle errors better 276 Fixes Coverity, NetBSD CID#628 277 278 * log.c (kadm5_log_delete): add error handling Coverity, NetBSD 279 CID#626 280 (kadm5_log_modify): add error handling Coverity, NetBSD CID#627 281 282 * init_c.c (_kadm5_c_get_cred_cache): handle ccache case better in 283 case no client name was passed in. Coverity, NetBSD CID#919 284 285 * init_c.c (_kadm5_c_get_cred_cache): Free client principal in 286 case of error. Coverity NetBSD CID#1908 287 2882006-02-02 Love H�rnquist �strand <lha@it.su.se> 289 290 * kadm5_err.et: (PASS_REUSE): Spelling, 291 from V�clav H?la <ax@natur.cuni.cz> 292 2932006-01-25 Love H�rnquist �strand <lha@it.su.se> 294 295 * send_recv.c: Clear error-string when introducing new errors. 296 297 * *_c.c: Clear error-string when introducing new errors. 298 2992006-01-15 Love H�rnquist �strand <lha@it.su.se> 300 301 * Makefile.am (libkadm5clnt.la) doesn't depend on libhdb, remove 302 dependency 303 3042005-12-13 Love H�rnquist �strand <lha@it.su.se> 305 306 * memset hdb_entry_ex before use 307 3082005-12-12 Love H�rnquist �strand <lha@it.su.se> 309 310 * Wrap hdb_entry with hdb_entry_ex, patch originally 311 from Andrew Bartlet 312 3132005-11-30 Love H�rnquist �strand <lha@it.su.se> 314 315 * context_s.c (set_field): try another way to calculate the path 316 to the database/logfile/signal-socket 317 318 * log.c (kadm5_log_init): set error string on failures 319 3202005-09-08 Love H�rnquist �strand <lha@it.su.se> 321 322 * Constify password. 323 324 * admin.h: Add KRB5_TL_PKINIT_ACL. 325 326 * marshall.c (_kadm5_unmarshal_params): avoid signed-ness warnings 327 328 * get_s.c (kadm5_s_get_principal): clear error string 329 3302005-08-25 Love H�rnquist �strand <lha@it.su.se> 331 332 * iprop-log.8: More text about iprop-log. 333 3342005-08-24 Love H�rnquist �strand <lha@it.su.se> 335 336 * iprop.8: SEE ALSO iprop-log. 337 338 * Makefile.am: man_MANS += iprop-log.8 339 340 * iprop-log.8: Basic for documentation of iprop-log. 341 342 * remove replay_log.c, dump_log.c, and truncate_log.c, folded into 343 iprop-log. 344 345 * log.c (kadm5_log_foreach): add a context variable and pass it 346 down to `func�. 347 348 * iprop-commands.in: Move truncate_log and replay_log into 349 iprop-log. 350 351 * iprop-log.c: Move truncate_log and replay_log into iprop-log. 352 353 * Makefile.am: Move truncate_log and replay_log into iprop-log. 354 355 * Makefile.am: Make this work with a clean directory. 356 357 * ipropd_master.c: Make compile. 358 359 * ipropd_master.c: Update to new signature of kadm5_log_previous. 360 361 * log.c (kadm5_log_previous): catch errors instead of asserting 362 and set error string. 363 364 * iprop-commands.in: New program iprop-log that incorperates 365 dump_log as a subcommand, truncate_log and replay_log soon to come 366 after. 367 368 * iprop-log.c: New program iprop-log that incorperates dump_log as 369 a subcommand, truncate_log and replay_log soon to come after. 370 371 * Makefile.am: New program iprop-log that incorperates dump_log as 372 a subcommand, truncate_log and replay_log soon to come after. 373 3742005-08-11 Love H�rnquist �strand <lha@it.su.se> 375 376 * get_s.c: Implement KADM5_LAST_PWD_CHANGE. 377 378 * set_keys.c: Set and clear password where appropriate. 379 380 * randkey_s.c: Operation modifies tl_data. 381 382 * log.c (kadm5_log_replay_modify): Check return values of 383 malloc(), replace all extensions. 384 385 * kadm5_err.et: Make BAD_TL_TYPE error more helpful. 386 387 * get_s.c: Expose KADM5_TL_DATA options to the client. 388 389 * ent_setup.c: Merge in KADM5_TL_DATA in the database. 390 391 * chpass_s.c: Operations modify extensions, mark that with 392 TL_DATA. 393 394 * admin.h: Add more TL types (password and extension). 395 3962005-06-17 Love H�rnquist �strand <lha@it.su.se> 397 398 * constify 399 400 * ipropd_slave.c: avoid shadowing 401 402 * ipropd_master.c: rename local variable slave to s, optind -> 403 optidx 404 405 * get_princs_c.c: rename variable exp to expression 406 407 * ad.c: rename variable exp to expression 408 409 * log.c: rename shadowing len to num 410 411 * get_princs_s.c: rename variable exp to expression 412 413 * context_s.c: const poison 414 415 * common_glue.c: rename variable exp to expression 416 4172005-05-30 Love H�rnquist �strand <lha@it.su.se> 418 419 * ent_setup.c (attr_to_flags): check for KRB5_KDB_OK_AS_DELEGATE 420 421 * get_s.c (kadm5_s_get_principal): set KRB5_KDB_OK_AS_DELEGATE 422 423 * admin.h: add KRB5_KDB_OK_AS_DELEGATE, sync KRB5_TL_ flags 424 4252005-05-25 Love H�rnquist �strand <lha@it.su.se> 426 427 * kadm5_pwcheck.3: please mdoclint 428 4292005-05-25 Dave Love <fx@gnu.org> 430 431 * kadm5_pwcheck.3: document kadm5_add_passwd_quality_verifier, 432 improve text 433 4342005-05-24 Dave Love <fx@gnu.org> 435 436 * iprop.8: Added some info about defaults, fixed some markup. 437 4382005-05-23 Dave Love <fx@gnu.org> 439 440 * ipropd_slave.c: Don't test HAVE_DAEMON since roken supplies it. 441 442 * ipropd_master.c: Don't test HAVE_DAEMON since roken supplies it. 443 4442005-05-13 Love H�rnquist �strand <lha@it.su.se> 445 446 * init_c.c (_kadm5_c_init_context): fix memory leak in case of 447 failure 448 4492005-05-09 Dave Love <fx@gnu.org> 450 451 * password_quality.c (find_func): Fix off-by-one and logic error. 452 (external_passwd_quality): Improve messages. 453 454 * test_pw_quality.c (main): Call kadm5_setup_passwd_quality_check 455 and kadm5_add_passwd_quality_verifier. 456 4572005-04-30 Love H�rnquist �strand <lha@it.su.se> 458 459 * default_keys.c: #include <err.h>, only print salt it its longer 460 then 0, use krb5_err instead of errx where appropriate 461 4622005-04-25 Love H�rnquist �strand <lha@it.su.se> 463 464 * ipropd_slave.c: add the documented option --port 465 466 * ipropd_master.c: add the documented option --port 467 468 * dump_log.c: use the newly generated units function 469 4702005-04-24 Love H�rnquist �strand <lha@it.su.se> 471 472 * dump_log.c: use strlcpy 473 474 * password_quality.c: don't use sizeof(pointer) 475 4762005-04-15 Love H�rnquist �strand <lha@it.su.se> 477 478 * check-cracklib.pl: external password verifier sample 479 480 * password_quality.c (kadm5_add_passwd_quality_verifier): if NULL 481 is passed in, load defaults 482 4832005-04-14 Love H�rnquist �strand <lha@it.su.se> 484 485 * password_quality.c: add an end tag to the external password 486 quality check protocol 487 4882005-04-13 Love H�rnquist �strand <lha@it.su.se> 489 490 * password_quality.c: add external passsword quality check builtin 491 module 492 493 [password_quality] 494 policies = external-check 495 external-program = /bin/false 496 497 To approve password a, make the test program return APPROVED on 498 stderr and fail with exit code 0. 499 5002004-10-12 Love H�rnquist �strand <lha@it.su.se> 501 502 * Makefile.am: bump version to 7:7:0 and 6:5:2 503 504 * default_keys.c (parse_file): use hdb_generate_key_set 505 506 * keys.c,set_keys.c: Move keyset parsing and password based keyset 507 generation into hdb. Requested by Andrew Bartlett <abartlet@samba.org> 508 for hdb-ldb backend. 509 5102004-09-23 Johan Danielsson <joda@pdc.kth.se> 511 512 * ipropd_master.c: add help strings to some options 513 5142004-09-12 Love H�rnquist �strand <lha@it.su.se> 515 516 * chpass_s.c: deal with changed prototype for _kadm5_free_keys 517 518 * keys.c (_kadm5_free_keys): change prototype, make it use 519 krb5_context instead of a kadm5_server_context 520 521 * set_keys.c (parse_key_set): do way with static returning 522 (function) static variable and returned allocated memory 523 (_kadm5_generate_key_set): free enctypes returned by parse_key_set 524 5252004-09-06 Love H�rnquist �strand <lha@it.su.se> 526 527 * set_keys.c: Fix memory leak, don't return stack variables From 528 Andrew Bartlett 529 530 * set_keys.c: make all_etypes const and move outside function to 531 avoid returning data on stack 532 5332004-08-26 Love H�rnquist �strand <lha@it.su.se> 534 535 * acl.c (fetch_acl): use " \t\n" instead of just "\n" for the 536 delim of the third element, this is so we can match 537 "foo@REALM<SPC>all<SPC><SPC>*@REALM", before it just matched 538 "foo@REALM<SPC>all<SPC>*@REALM", but that is kind of lucky since 539 what really happen was that the last <SPC> was stamped out, and 540 the it never strtok_r never needed to parse over it. 541 5422004-08-25 Love H�rnquist �strand <lha@it.su.se> 543 544 * set_keys.c (_kadm5_generate_key_set): since arcfour-hmac-md5 is 545 without salting, some people tries to add the string 546 "arcfour-hmac-md5" when they really should have used 547 "arcfour-hmac-md5:pw-salt", help them and add glue for that 548 5492004-08-18 Johan Danielsson <joda@pdc.kth.se> 550 551 * ipropd_slave.c: add --detach 552 5532004-07-06 Love H�rnquist �strand <lha@it.su.se> 554 555 * ad.c: use new tsasl interface remove debug printf add upn to 556 computer-accounts 557 5582004-06-28 Love H�rnquist �strand <lha@it.su.se> 559 560 * ad.c: implement kadm5_ad_init_with_password_ctx set more error 561 strings 562 5632004-06-21 Love H�rnquist �strand <lha@it.su.se> 564 565 * Makefile.am: man_MANS = kadm5_pwcheck.3 566 567 * kadm5_pwcheck.3: document new password quality api 568 569 * password_quality.c: new password check interface (old still 570 supported) 571 572 * kadm5-pwcheck.h: new password check interface 573 5742004-06-08 Love H�rnquist �strand <lha@it.su.se> 575 576 * ipropd_master.c (main): process all slaves, not just up to the 577 last slave sending data 578 (bug report from Bj�rn Sandell <biorn@dce.chalmers.se>) 579 (*): only send one ARE_YOU_THERE 580 5812004-06-02 Love H�rnquist �strand <lha@it.su.se> 582 583 * ad.c: use krb5_set_password_using_ccache 584 5852004-06-01 Love H�rnquist �strand <lha@it.su.se> 586 587 * ad.c: try handle spn's better 588 5892004-05-31 Love H�rnquist �strand <lha@it.su.se> 590 591 * ad.c: add expiration time 592 593 * ad.c: add modify operations 594 595 * ad.c: handle create and delete 596 5972004-05-27 Love H�rnquist �strand <lha@it.su.se> 598 599 * ad.c: more code for get, handle attributes 600 601 * ad.c: more code for get, handle time stamps and bad password 602 counter 603 604 * ad.c: more code for get, only fetches kvno for now 605 6062004-05-26 Love H�rnquist �strand <lha@it.su.se> 607 608 * ad.c: add support for tsasl 609 610 * private.h: add kadm5_ad_context 611 612 * ipropd_master.c (prop_one): store the opcode in the begining of 613 the blob, not the end 614 615 * ad.c: try all ldap servers in dns, generate a random password, 616 base64(random_block(64)), XXX must make it support other then 617 ARCFOUR 618 619 * ad.c: framework for windows AD backend 620 6212004-03-07 Love H�rnquist �strand <lha@it.su.se> 622 623 * create_s.c (kadm5_s_create_principal): remove old XXX command 624 and related code, _kadm5_set_keys will do all this now 625 6262004-02-29 Love H�rnquist �strand <lha@it.su.se> 627 628 * set_keys.c (_kadm5_set_keys_randomly): make sure enctype to copy 629 enctype for des keys From: Andrew Bartlett <abartlet@samba.org> 630 631 * create_s.c (kadm5_s_create_principal_with_key): don't call 632 _kadm5_set_keys2, create_principal will do that for us. Set kvno 633 to 1. 634 635 * chpass_s.c (change): bump kvno 636 (kadm5_s_chpass_principal_with_key): bump kvno 637 638 * randkey_s.c (kadm5_s_randkey_principal): bump kvno 639 640 * set_keys.c (_kadm5_set_*): don't change the kvno, let the callee 641 to that 642 6432003-12-30 Love H�rnquist �strand <lha@it.su.se> 644 645 * chpass_s.c (change): fix same-password-again by decrypting keys 646 and setting an error code From: Buck Huppmann <buckh@pobox.com> 647 6482003-12-21 Love H�rnquist �strand <lha@it.su.se> 649 650 * init_c.c (_kadm5_c_init_context): catch errors from strdup and 651 other krb5_ functions 652 6532003-12-08 Love H�rnquist �strand <lha@it.su.se> 654 655 * rename_s.c (kadm5_s_rename_principal): allow principal to change 656 realm From Panasas Inc 657 6582003-12-07 Love H�rnquist �strand <lha@it.su.se> 659 660 * destroy_c.c (kadm5_c_destroy): fix memory leaks, From Panasas, 661 Inc 662 6632003-11-23 Love H�rnquist �strand <lha@it.su.se> 664 665 * iprop.h: don't include <krb5-private.h> 666 667 * ipropd_slave.c: stop using krb5 lib private byte-frobbing 668 functions and replace them with with krb5_storage 669 670 * ipropd_master.c: stop using krb5 lib private byte-frobbing 671 functions and replace them with with krb5_storage 672 6732003-11-19 Love H�rnquist �strand <lha@it.su.se> 674 675 * ipropd_slave.c (receive_loop): when seeking over the entries we 676 already have, skip over the trailer. From: Jeffrey Hutzelman 677 <jhutz@cmu.edu> 678 679 * dump_log.c,ipropd_master.c,ipropd_slave.c, 680 replay_log.c,truncate_log.c: parse kdc.conf 681 From: Jeffrey Hutzelman <jhutz@cmu.edu> 682 6832003-10-10 Love H�rnquist �strand <lha@it.su.se> 684 685 * Makefile.am: += test_pw_quality 686 687 * test_pw_quality.c: test program for verifying password quality 688 function 689 6902003-09-03 Love H�rnquist �strand <lha@it.su.se> 691 692 * Makefile.am: add and enable check program default_keys 693 694 * default_keys.c: test program for _kadm5_generate_key_set 695 696 * init_c.c: use 697 krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free 698 6992003-08-17 Love H�rnquist �strand <lha@it.su.se> 700 701 * set_keys.c (_kadm5_set_keys_randomly): remove dup return 702 703 * ipropd_master.c (main): make sure current_version is initialized 704 7052003-08-15 Love H�rnquist �strand <lha@it.su.se> 706 707 * set_keys.c: use default_keys for the both random keys and 708 password derived keys if its defined 709 7102003-07-24 Love H�rnquist �strand <lha@it.su.se> 711 712 * ipropd_slave.c (receive_everything): switch close and rename 713 From: Alf Wachsmann <alfw@SLAC.Stanford.EDU> 714 7152003-07-03 Love H�rnquist �strand <lha@it.su.se> 716 717 * iprop.h, ipropd_master.c, ipropd_slave.c: 718 Add probing from the server that the client is still there, also 719 make the client check that the server is probing. 720 7212003-07-02 Love H�rnquist �strand <lha@it.su.se> 722 723 * truncate_log.c (main): add missing ``if (ret)'' 724 7252003-06-26 Love H�rnquist �strand <lha@it.su.se> 726 727 * set_keys.c (make_keys): add AES support 728 729 * set_keys.c: fix off by one in the aes case, pointed out by Ken 730 Raeburn 731 7322003-04-30 Love H�rnquist �strand <lha@it.su.se> 733 734 * set_keys.c (_kadm5_set_keys_randomly): add 735 ETYPE_AES256_CTS_HMAC_SHA1_96 key when configuried with aes 736 support 737 7382003-04-16 Love H�rnquist �strand <lha@it.su.se> 739 740 * send_recv.c: check return values from krb5_data_alloc 741 * log.c: check return values from krb5_data_alloc 742 7432003-04-16 Love H�rnquist �strand <lha@it.su.se> 744 745 * dump_log.c (print_entry): check return values from 746 krb5_data_alloc 747 7482003-04-01 Love H�rnquist �strand <lha@it.su.se> 749 750 * init_c.c (kadm_connect): if a context realm was passed in, use 751 that to form the kadmin/admin principal 752 7532003-03-19 Love H�rnquist �strand <lha@it.su.se> 754 755 * ipropd_master.c (main): make sure we don't consider dead slave 756 for select processing 757 (write_stats): use slave_stats_file variable, 758 check return value of strftime 759 (args): allow specifying slave stats file 760 (slave_dead): close the fd when the slave dies 761 7622002-10-21 Johan Danielsson <joda@pdc.kth.se> 763 764 * ipropd_slave.c (from Derrick Brashear): Propagating a large 765 database without this means the slave kdcs can get erroneous 766 HDB_NOENTRY and return the resulting errors. This creates a new db 767 handle, populates it, and moves it into place. 768 7692002-08-26 Assar Westerlund <assar@kth.se> 770 771 * ipropd_slave.c (receive_everything): type-correctness calling 772 _krb5_get_int 773 774 * context_s.c (find_db_spec): const-correctness in parameters to 775 krb5_config_get_next 776 7772002-08-16 Johan Danielsson <joda@pdc.kth.se> 778 779 * private.h: rename header file flag macro 780 781 * Makefile.am: generate kadm5-{protos,private}.h 782 7832002-08-15 Johan Danielsson <joda@pdc.kth.se> 784 785 * ipropd_master.c: check return value of krb5_sockaddr2address 786 7872002-07-04 Johan Danielsson <joda@pdc.kth.se> 788 789 * ipropd_master.c: handle slaves that come and go; add status 790 reporting (both from Love) 791 792 * iprop.h: KADM5_SLAVE_STATS 793 7942002-03-25 Jacques Vidrine <n@nectar.com> 795 796 * init_c.c (get_cred_cache): bug fix: the default credentials 797 cache was not being used if a client name was specified. 798 7992002-03-25 Johan Danielsson <joda@pdc.kth.se> 800 801 * init_c.c (get_cred_cache): when getting the default_client from 802 the cred cache, make sure the instance part is "admin"; this 803 should require fewer uses of -p 804 8052002-03-11 Assar Westerlund <assar@sics.se> 806 807 * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:5:0 808 (libkadm5clnt_la_LDFLAGS): set version to 6:3:2 809 8102002-02-08 Johan Danielsson <joda@pdc.kth.se> 811 812 * init_c.c: we have to create our own param struct before 813 marshaling 814 8152001-09-05 Johan Danielsson <joda@pdc.kth.se> 816 817 * Makefile.am: link with LIB_pidfile 818 819 * iprop.h: include util.h for pidfile 820 8212001-08-31 Assar Westerlund <assar@sics.se> 822 823 * ipropd_slave.c (main): syslog with the correct name 824 8252001-08-30 Jacques Vidrine <n@nectar.com> 826 827 * ipropd_slave.c, ipropd_master.c (main): call pidfile 828 8292001-08-28 Assar Westerlund <assar@sics.se> 830 831 * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:4:0 832 8332001-08-24 Assar Westerlund <assar@sics.se> 834 835 * acl.c (fetch_acl): do not return bogus flags and re-organize 836 function 837 838 * Makefile.am: rename variable name to avoid error from current 839 automake 840 8412001-08-13 Johan Danielsson <joda@pdc.kth.se> 842 843 * set_keys.c: add easier afs configuration, defaulting to the 844 local realm in lower case; also try to remove duplicate salts 845 8462001-07-12 Assar Westerlund <assar@sics.se> 847 848 * Makefile.am: add required library dependencies 849 8502001-07-03 Assar Westerlund <assar@sics.se> 851 852 * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 6:2:2 853 8542001-06-29 Johan Danielsson <joda@pdc.kth.se> 855 856 * init_c.c: call krb5_get_init_creds_opt_set_default_flags 857 8582001-02-19 Johan Danielsson <joda@pdc.kth.se> 859 860 * replay_log.c: add --{start-end}-version flags to replay just 861 part of the log 862 8632001-02-15 Assar Westerlund <assar@sics.se> 864 865 * ipropd_master.c (main): fix select-loop to decrement ret 866 correctly. from "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu> 867 8682001-01-30 Assar Westerlund <assar@sics.se> 869 870 * Makefile.am: bump versions 871 8722000-12-31 Assar Westerlund <assar@sics.se> 873 874 * init_s.c (*): handle krb5_init_context failure consistently 875 * init_c.c (init_context): handle krb5_init_context failure 876 consistently 877 8782000-12-11 Assar Westerlund <assar@sics.se> 879 880 * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:2:0 881 8822000-11-16 Assar Westerlund <assar@sics.se> 883 884 * set_keys.c (make_keys): clean-up salting loop and try not to 885 leak memory 886 887 * ipropd_master.c (main): check for fd's being too large to select 888 on 889 8902000-08-16 Assar Westerlund <assar@sics.se> 891 892 * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:1:0 893 8942000-08-10 Assar Westerlund <assar@sics.se> 895 896 * acl.c (fetch_acl): fix wrong cases, use krb5_principal_match 897 8982000-08-07 Assar Westerlund <assar@sics.se> 899 900 * ipropd_master.c (main): ignore SIGPIPE 901 9022000-08-06 Assar Westerlund <assar@sics.se> 903 904 * ipropd_slave.c (receive_everything): make `fd' an int instead of 905 a pointer. From Derrick J Brashear <shadow@dementia.org> 906 9072000-08-04 Johan Danielsson <joda@pdc.kth.se> 908 909 * admin.h: change void** to void* 910 9112000-07-25 Johan Danielsson <joda@pdc.kth.se> 912 913 * Makefile.am: bump versions to 7:0:0 and 6:0:2 914 9152000-07-24 Assar Westerlund <assar@sics.se> 916 917 * log.c (kadm5_log_get_version): rename kadm5_log_get_version_fd 918 and make a new that takes a context 919 (kadm5_log_nop): add logging of missing lengths 920 (kadm5_log_truncate): new function 921 922 * dump_log.c (print_entry): update and correct 923 * randkey_s.c: call _kadm5_bump_pw_expire 924 * truncate_log.c: new program for truncating the log 925 * Makefile.am (sbin_PROGRAMS): add truncate_log 926 (C_SOURCES): add bump_pw_expire.c 927 * bump_pw_expire.c: new function for extending password expiration 928 9292000-07-22 Assar Westerlund <assar@sics.se> 930 931 * keys.c: new file with _kadm5_free_keys, _kadm5_init_keys 932 933 * set_keys.c (free_keys, init_keys): elevate to internal kadm5 934 functions 935 936 * chpass_s.c (kadm5_s_chpass_principal_cond): new function 937 * Makefile.am (C_SOURCES): add keys.c 938 * init_c.c: remove unused variable and handle some parameters 939 being NULL 940 9412000-07-22 Johan Danielsson <joda@pdc.kth.se> 942 943 * ipropd_slave.c: use krb5_read_priv_message 944 945 * ipropd_master.c: use krb5_{read,write}_priv_message 946 947 * init_c.c: use krb5_write_priv_message 948 9492000-07-11 Johan Danielsson <joda@pdc.kth.se> 950 951 * ipropd_slave.c: no need to call gethostname, since 952 sname_to_principal will 953 954 * send_recv.c: assert that we have a connected socket 955 956 * get_princs_c.c: call _kadm5_connect 957 958 * rename_c.c: call _kadm5_connect 959 960 * randkey_c.c: call _kadm5_connect 961 962 * privs_c.c: call _kadm5_connect 963 964 * modify_c.c: call _kadm5_connect 965 966 * get_c.c: call _kadm5_connect 967 968 * delete_c.c: call _kadm5_connect 969 970 * create_c.c: call _kadm5_connect 971 972 * chpass_c.c: call _kadm5_connect 973 974 * private.h: add more fields to client context; remove prototypes 975 976 * admin.h: remove prototypes 977 978 * kadm5-protos.h: move public prototypes here 979 980 * kadm5-private.h: move private prototypes here 981 982 * init_c.c: break out connection code to separate function, and 983 defer calling it until we actually do something 984 9852000-07-07 Assar Westerlund <assar@sics.se> 986 987 * set_keys.c (make_keys): also support `[kadmin]use_v4_salt' for 988 backwards compatability 989 9902000-06-26 Johan Danielsson <joda@pdc.kth.se> 991 992 * set_keys.c (_kadm5_set_keys): rewrite this to be more easily 993 adaptable to different salts 994 9952000-06-19 Johan Danielsson <joda@pdc.kth.se> 996 997 * get_s.c: pa_* -> KRB5_PADATA_* 998 9992000-06-16 Assar Westerlund <assar@sics.se> 1000 1001 * ipropd_slave.c: change default keytab to default keytab (as in 1002 typically FILE:/etc/krb5.keytab) 1003 10042000-06-08 Assar Westerlund <assar@sics.se> 1005 1006 * ipropd_slave.c: bug fixes, for actually writing the full dump to 1007 the database. based on a patch from Love <lha@stacken.kth.se> 1008 10092000-06-07 Assar Westerlund <assar@sics.se> 1010 1011 * acl.c: add support for patterns of principals 1012 * log.c (kadm5_log_replay_create): handle more NULL pointers 1013 (should they really happen?) 1014 * log.c (kadm5_log_replay_modify): handle max_life == NULL and 1015 max_renew == NULL 1016 1017 * ipropd_master.c: use syslog. be less verbose 1018 * ipropd_slave.c: use syslog 1019 10202000-06-05 Assar Westerlund <assar@sics.se> 1021 1022 * private.h (kadm_ops): add kadm_nop more prototypes 1023 * log.c (kadm5_log_set_version, kadm5_log_reinit, kadm5_log_nop, 1024 kadm5_log_replay_nop): add 1025 * ipropd_slave.c: and some more improvements 1026 * ipropd_master.c: lots of improvements 1027 * iprop.h (IPROP_PORT, IPROP_SERVICE): add 1028 (iprop_cmd): add new commands 1029 1030 * dump_log.c: add nop 1031 10322000-05-15 Assar Westerlund <assar@sics.se> 1033 1034 * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 5:1:1 1035 10362000-05-12 Assar Westerlund <assar@sics.se> 1037 1038 * get_s.c (kadm5_s_get_principal): set life, rlife to INT_MAX as a 1039 fallback. handle not having any creator. 1040 * destroy_s.c (kadm5_s_destroy): free all allocated memory 1041 * context_s.c (set_field): free variable if it's already set 1042 (find_db_spec): malloc space for all strings 1043 10442000-04-05 Assar Westerlund <assar@sics.se> 1045 1046 * Makefile.am (LDADD): add LIB_openldap 1047 10482000-04-03 Assar Westerlund <assar@sics.se> 1049 1050 * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 6:0:1 1051 (libkadm5clnt_la_LDFLAGS): set version to 5:0:1 1052 10532000-03-24 Assar Westerlund <assar@sics.se> 1054 1055 * set_keys.c (_kadm5_set_keys2): rewrite 1056 (_kadm5_set_keys3): add 1057 1058 * private.h (struct kadm_func): add chpass_principal_with_key 1059 * init_c.c (set_funcs): add chpass_principal_with_key 1060 10612000-03-23 Assar Westerlund <assar@sics.se> 1062 1063 * context_s.c (set_funcs): add chpass_principal_with_key 1064 * common_glue.c (kadm5_chpass_principal_with_key): add 1065 * chpass_s.c: comment-ize and change calling convention for 1066 _kadm5_set_keys* 1067 * chpass_c.c (kadm5_c_chpass_principal_with_key): add 1068 10692000-02-07 Assar Westerlund <assar@sics.se> 1070 1071 * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0 1072 10732000-01-28 Assar Westerlund <assar@sics.se> 1074 1075 * init_c.c (get_new_cache): make sure to request non-forwardable, 1076 non-proxiable 1077 10782000-01-06 Assar Westerlund <assar@sics.se> 1079 1080 * Makefile.am (libkadm5srv.la): bump version to 5:1:0 1081 1082 * context_s.c (_kadm5_s_init_context): handle params == NULL 1083 10841999-12-26 Assar Westerlund <assar@sics.se> 1085 1086 * get_s.c (kadm5_s_get_principal): handle modified_by->principal 1087 == NULL 1088 10891999-12-20 Assar Westerlund <assar@sics.se> 1090 1091 * Makefile.am (libkadm5clnt_la_LDFLAGS): bump version to 4:1:0 1092 1093 * init_c.c (_kadm5_c_init_context): handle getting back port 1094 number from admin host 1095 (kadm5_c_init_with_context): remove `proto/' part before doing 1096 getaddrinfo() 1097 10981999-12-06 Assar Westerlund <assar@sics.se> 1099 1100 * Makefile.am: bump version to 5:0:0 and 4:0:0 1101 1102 * init_c.c (kadm5_c_init_with_context): don't use unitialized 1103 stuff 1104 11051999-12-04 Assar Westerlund <assar@sics.se> 1106 1107 * replay_log.c: adapt to changed kadm5_log_foreach 1108 1109 * log.c (kadm5_log_foreach): change to take a 1110 `kadm5_server_context' 1111 1112 * init_c.c: use krb5_warn{,x} 1113 1114 * dump_log.c: adapt to changed kadm5_log_foreach 1115 1116 * init_c.c: re-write to use getaddrinfo 1117 * Makefile.am (install-build-headers): add dependency 1118 11191999-12-03 Johan Danielsson <joda@pdc.kth.se> 1120 1121 * log.c (kadm5_log_foreach): pass context 1122 1123 * dump_log.c: print more interesting things 1124 11251999-12-02 Johan Danielsson <joda@pdc.kth.se> 1126 1127 * ipropd_master.c (process_msg): check for short reads 1128 11291999-11-25 Assar Westerlund <assar@sics.se> 1130 1131 * modify_s.c (kadm5_s_modify_principal): support key_data 1132 (kadm5_s_modify_principal_with_key): remove 1133 1134 * admin.h (kadm5_s_modify_principal_with_key): remove 1135 11361999-11-20 Assar Westerlund <assar@sics.se> 1137 1138 * context_s.c (find_db_spec): ugly cast work-around. 1139 11401999-11-14 Assar Westerlund <assar@sics.se> 1141 1142 * context_s.c (_kadm5_s_init_context): call krb5_add_et_list so 1143 that we aren't dependent on the layout of krb5_context_data 1144 * init_c.c (_kadm5_c_init_context): call krb5_add_et_list so that 1145 we aren't dependent on the layout of krb5_context_data 1146 11471999-11-13 Assar Westerlund <assar@sics.se> 1148 1149 * password_quality.c (kadm5_setup_passwd_quality_check): use 1150 correct types for function pointers 1151 11521999-11-09 Johan Danielsson <joda@pdc.kth.se> 1153 1154 * randkey_s.c: always bail out if the fetch fails 1155 1156 * admin.h (kadm5_config_params): remove fields we're not using 1157 1158 * ipropd_slave.c: allow passing a realm 1159 1160 * ipropd_master.c: allow passing a realm 1161 1162 * dump_log.c: allow passing a realm 1163 1164 * acl.c: correctly get acl file 1165 1166 * private.h (kadm5_server_context): add config_params struct and 1167 remove acl_file; bump protocol version number 1168 1169 * marshall.c: marshalling of config parameters 1170 1171 * init_c.c (kadm5_c_init_with_context): try to cope with old 1172 servers 1173 1174 * init_s.c (kadm5_s_init_with_context): actually use some passed 1175 values 1176 1177 * context_s.c (_kadm5_s_init_context): get dbname, acl_file, and 1178 stash_file from the config parameters, try to figure out these if 1179 they're not provided 1180 11811999-11-05 Assar Westerlund <assar@sics.se> 1182 1183 * Makefile.am (install-build-headers): use `cp' instead of 1184 INSTALL_DATA 1185 11861999-11-04 Assar Westerlund <assar@sics.se> 1187 1188 * Makefile.am: bump version to 4:0:0 and 3:0:0 (they access fields 1189 directly in libkrb5's context - bad functions) 1190 1191 * set_keys.c (_kadm5_set_keys_randomly): set enctypes correctly in 1192 the copied keys 1193 11941999-10-20 Assar Westerlund <assar@sics.se> 1195 1196 * Makefile.am: set version of kadm5srv to 3:0:2 (new password 1197 quality functions). 1198 set version of kdam5clnt to 2:1:1 (no interface changes) 1199 1200 * Makefile.am (LDADD): add $(LIB_dlopen) 1201 12021999-10-17 Assar Westerlund <assar@sics.se> 1203 1204 * randkey_s.c (kadm5_s_randkey_principal): use 1205 _kadm5_set_keys_randomly 1206 1207 * set_keys.c (free_keys): free more memory 1208 (_kadm5_set_keys): a little bit more generic 1209 (_kadm5_set_keys_randomly): new function for setting random keys. 1210 12111999-10-14 Assar Westerlund <assar@sics.se> 1212 1213 * set_keys.c (_kadm5_set_keys): ignore old keys when setting new 1214 ones and always add 3 DES keys and one 3DES key 1215 12161999-10-03 Assar Westerlund <assar@sics.se> 1217 1218 * init_c.c (_kadm5_c_init_context): use `krb5_get_krb_admin_hst'. 1219 check return value from strdup 1220 12211999-09-26 Assar Westerlund <assar@sics.se> 1222 1223 * acl.c (_kadm5_privs_to_string): forgot one strcpy_truncate -> 1224 strlcpy 1225 12261999-09-24 Johan Danielsson <joda@pdc.kth.se> 1227 1228 * dump_log.c: remove unused `optind' 1229 1230 * replay_log.c: remove unused `optind' 1231 12321999-09-13 Assar Westerlund <assar@sics.se> 1233 1234 * chpass_c.c (kadm5_c_chpass_principal): new _kadm5_client_recv 1235 1236 * send_recv.c (_kadm5_client_recv): return result in a `krb5_data' 1237 so that we avoid copying it and don't need to dimension in 1238 advance. change all callers. 1239 12401999-09-10 Assar Westerlund <assar@sics.se> 1241 1242 * password_quality.c: new file 1243 1244 * admin.h 1245 (kadm5_setup_passwd_quality_check,kadm5_check_password_quality): 1246 add prototypes 1247 1248 * Makefile.am (S_SOURCES): add password_quality.c 1249 12501999-07-26 Assar Westerlund <assar@sics.se> 1251 1252 * Makefile.am: update versions to 2:0:1 1253 12541999-07-24 Assar Westerlund <assar@sics.se> 1255 1256 * ent_setup.c (_kadm5_setup_entry): make princ_expire_time == 0 1257 and pw_expiration == 0 mean never 1258 12591999-07-22 Assar Westerlund <assar@sics.se> 1260 1261 * log.c (kadm5_log_flush): extra cast 1262 12631999-07-07 Assar Westerlund <assar@sics.se> 1264 1265 * marshall.c (store_principal_ent): encoding princ_expire_time and 1266 pw_expiration in correct order 1267 12681999-06-28 Assar Westerlund <assar@sics.se> 1269 1270 * randkey_s.c (kadm5_s_randkey_principal): nuke old mkvno, 1271 otherwise hdb will think that the new random keys are already 1272 encrypted which will cause lots of confusion later. 1273 12741999-06-23 Assar Westerlund <assar@sics.se> 1275 1276 * ent_setup.c (_kadm5_setup_entry): handle 0 == unlimited 1277 correctly. From Michal Vocu <michal@karlin.mff.cuni.cz> 1278 12791999-06-15 Assar Westerlund <assar@sics.se> 1280 1281 * init_c.c (get_cred_cache): use get_default_username 1282 12831999-05-23 Assar Westerlund <assar@sics.se> 1284 1285 * create_s.c (create_principal): if there's no default entry the 1286 mask should be zero. 1287 12881999-05-21 Assar Westerlund <assar@sics.se> 1289 1290 * init_c.c (get_cred_cache): use $USERNAME 1291 12921999-05-17 Johan Danielsson <joda@pdc.kth.se> 1293 1294 * init_c.c (get_cred_cache): figure out principal 1295 12961999-05-05 Johan Danielsson <joda@pdc.kth.se> 1297 1298 * send_recv.c: cleanup _kadm5_client_{send,recv} 1299 13001999-05-04 Assar Westerlund <assar@sics.se> 1301 1302 * set_keys.c (_kadm5_set_keys2): don't check the recently created 1303 memory for NULL pointers 1304 1305 * private.h (_kadm5_setup_entry): change prototype 1306 1307 * modify_s.c: call new _kadm5_setup_entry 1308 1309 * ent_setup.c (_kadm5_setup_entry): change so that it takes three 1310 masks, one for what bits to set and one for each of principal and 1311 def containing the bits that are set there. 1312 1313 * create_s.c: call new _kadm5_setup_entry 1314 1315 * create_s.c (get_default): check return value 1316 (create_principal): send wider mask to _kadm5_setup_entry 1317 13181999-05-04 Johan Danielsson <joda@pdc.kth.se> 1319 1320 * send_recv.c (_kadm5_client_recv): handle arbitrarily sized 1321 packets, check for errors 1322 1323 * get_c.c: check for failure from _kadm5_client_{send,recv} 1324 13251999-05-04 Assar Westerlund <assar@sics.se> 1326 1327 * init_c.c (get_new_cache): don't abort when interrupted from 1328 password prompt 1329 1330 * destroy_c.c (kadm5_c_destroy): check if we should destroy the 1331 auth context 1332 13331999-05-03 Johan Danielsson <joda@pdc.kth.se> 1334 1335 * chpass_s.c: fix arguments to _kadm5_set_keys2 1336 1337 * private.h: proto 1338 1339 * set_keys.c: clear mkvno 1340 1341 * rename_s.c: add flags to fetch and store; seal keys before 1342 logging 1343 1344 * randkey_s.c: add flags to fetch and store; seal keys before 1345 logging 1346 1347 * modify_s.c: add flags to fetch and store; seal keys before 1348 logging 1349 1350 * log.c: add flags to fetch and store; seal keys before logging 1351 1352 * get_s.c: add flags to fetch and store; seal keys before logging 1353 1354 * get_princs_s.c: add flags to fetch and store; seal keys before 1355 logging 1356 1357 * delete_s.c: add flags to fetch and store; seal keys before 1358 logging 1359 1360 * create_s.c: add flags to fetch and store; seal keys before 1361 logging 1362 1363 * chpass_s.c: add flags to fetch and store; seal keys before 1364 logging 1365 1366 * Makefile.am: remove server.c 1367 1368 * admin.h: add prototypes 1369 1370 * ent_setup.c (_kadm5_setup_entry): set key_data 1371 1372 * set_keys.c: add _kadm5_set_keys2 to sey keys from key_data 1373 1374 * modify_s.c: add kadm5_s_modify_principal_with_key 1375 1376 * create_s.c: add kadm5_s_create_principal_with_key 1377 1378 * chpass_s.c: add kadm5_s_chpass_principal_with_key 1379 1380 * kadm5_locl.h: move stuff to private.h 1381 1382 * private.h: move stuff from kadm5_locl.h 1383 1384