ChangeLog revision 120945
12003-04-14 Love H�rquist �strand <lha@it.su.se> 2 3 * util.c: cast argument to tolower to unsigned char, from 4 Christian Biere <christianbiere@gmx.de> via NetBSD 5 62003-04-06 Love H�rquist �strand <lha@it.su.se> 7 8 * kadmind.8: s/kerberos/Kerberos/ 9 102003-03-31 Love H�rquist �strand <lha@it.su.se> 11 12 * kadmin.8: initialises -> initializes, from Perry E. Metzger" 13 <perry@piermont.com> 14 15 * kadmin.c: principal, not pricipal. From Thomas Klausner 16 <wiz@netbsd.org> 17 182003-02-04 Love H�rquist �strand <lha@it.su.se> 19 20 * kadmind.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 21 22 * kadmin.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 23 242003-01-29 Love H�rquist �strand <lha@it.su.se> 25 26 * server.c (kadmind_dispatch): kadm_chpass: require the password 27 to pass the password quality check in case the user changes the 28 user's own password kadm_chpass_with_key: disallow the user to 29 change it own password to a key, since that password might violate 30 the password quality check. 31 322002-10-23 Assar Westerlund <assar@kth.se> 33 34 * version4.c (decode_packet): check the length of the version 35 string and that rlen has a reasonable value 36 372002-10-21 Johan Danielsson <joda@pdc.kth.se> 38 39 * version4.c: check size of rlen 40 412002-09-10 Johan Danielsson <joda@pdc.kth.se> 42 43 * server.c: constify match_appl_version() 44 45 * version4.c: change some lingering krb_err_base 46 472002-09-09 Jacques Vidrine <nectar@kth.se> 48 49 * server.c (kadmind_dispatch): while decoding arguments for 50 kadm_chpass_with_key, sanity check the number of keys given. 51 Potential problem pointed out by 52 Sebastian Krahmer <krahmer@suse.de>. 53 542002-09-04 Johan Danielsson <joda@pdc.kth.se> 55 56 * load.c (parse_generation): return if there is no generation 57 (spotted by Daniel Kouril) 58 592002-06-07 Jacques Vidrine <n@nectar.com> 60 61 * ank.c: do not attempt to free uninitialized pointer when 62 kadm5_randkey_principal fails. 63 642002-06-07 Johan Danielsson <joda@pdc.kth.se> 65 66 * util.c: remove unused variable; reported by Hans Insulander 67 682002-03-05 Johan Danielsson <joda@pdc.kth.se> 69 70 * kadmind.8: clarify some acl wording, and add an example file 71 722002-02-11 Johan Danielsson <joda@pdc.kth.se> 73 74 * ext.c: no need to use the "modify" keytab anymore 75 762001-09-20 Assar Westerlund <assar@sics.se> 77 78 * add-random-users.c: allocate several buffers for the list of 79 words, instead of one strdup per word (running under efence does 80 not work very well otherwise) 81 822001-09-13 Assar Westerlund <assar@sics.se> 83 84 * add-random-users.c: allow specifying the number of users to 85 create 86 872001-08-24 Assar Westerlund <assar@sics.se> 88 89 * Makefile.am: rename variable name to avoid error from current 90 automake 91 922001-08-22 Assar Westerlund <assar@sics.se> 93 94 * kadmin_locl.h: include libutil.h if it exists 95 962001-08-10 Johan Danielsson <joda@pdc.kth.se> 97 98 * util.c: do something to handle C-c in prompts 99 100 * load.c: remove unused etypes code, and add parsing of the 101 generation field 102 103 * ank.c: add a --use-defaults option to just use default values 104 without questions 105 106 * kadmin.c: add "del" alias for delete 107 108 * cpw.c: call this operation "passwd" in usage 109 110 * kadmin_locl.h: prototype for set_defaults 111 112 * util.c (edit_entry): move setting of default values to a 113 separate function, set_defaults 114 1152001-08-01 Johan Danielsson <joda@pdc.kth.se> 116 117 * kadmin.c: print help message on bad options 118 1192001-07-31 Assar Westerlund <assar@sics.se> 120 121 * add-random-users.c (main): handle --version 122 1232001-07-30 Johan Danielsson <joda@pdc.kth.se> 124 125 * load.c: increase line buffer to 8k 126 1272001-06-12 Assar Westerlund <assar@sics.se> 128 129 * ext.c (ext_keytab): use the default modify keytab per default 130 1312001-05-17 Assar Westerlund <assar@sics.se> 132 133 * kadm_conn.c (start_server): fix krb5_eai_to_heim_errno call 134 1352001-05-15 Assar Westerlund <assar@sics.se> 136 137 * kadmin.c (main): some error cleaning required 138 1392001-05-14 Assar Westerlund <assar@sics.se> 140 141 * kadmind.c: new krb5_config_parse_file 142 * kadmin.c: new krb5_config_parse_file 143 * kadm_conn.c: update to new krb5_sockaddr2address 144 1452001-05-07 Assar Westerlund <assar@sics.se> 146 147 * kadmin_locl.h (foreach_principal): update prototype 148 * get.c (getit): new foreach_principal 149 * ext.c (ext_keytab): new foreach_principal 150 * del.c (del_entry): new foreach_principal 151 * cpw.c (cpw_entry): new foreach_principal 152 * util.c (foreach_principal): add `funcname' and try printing the 153 error string 154 1552001-05-04 Johan Danielsson <joda@pdc.kth.se> 156 157 * rename.c: fix argument number test 158 1592001-04-19 Johan Danielsson <joda@pdc.kth.se> 160 161 * del_enctype.c: fix argument count check after getarg change; 162 spotted by mark@MCS.VUW.AC.NZ 163 1642001-02-15 Assar Westerlund <assar@sics.se> 165 166 * kadmind.c (main): use a `struct sockaddr_storage' to be able to 167 store all types of addresses 168 1692001-02-07 Assar Westerlund <assar@sics.se> 170 171 * kadmin.c: add --keytab / _K, from Leif Johansson 172 <leifj@it.su.se> 173 1742001-01-29 Assar Westerlund <assar@sics.se> 175 176 * kadm_conn.c (spawn_child): close the newly created socket in the 177 packet, it's not used. from <shadow@dementia.org> 178 * version4.c (decode_packet): check success of 179 krb5_425_conv_principal. from <shadow@dementia.org> 180 1812001-01-12 Assar Westerlund <assar@sics.se> 182 183 * util.c (parse_attributes): make empty string mean no attributes, 184 specifying the empty string at the command line should give you no 185 attributes, but just pressing return at the prompt gives you 186 default attributes 187 (edit_entry): only pick up values from the default principal if they 188 aren't set in the principal being edited 189 1902001-01-04 Assar Westerlund <assar@sics.se> 191 192 * load.c (doit): print an error and bail out if storing an entry 193 in the database fails. The most likely reason for it failing is 194 out-of-space. 195 1962000-12-31 Assar Westerlund <assar@sics.se> 197 198 * kadmind.c (main): handle krb5_init_context failure consistently 199 * kadmin.c (main): handle krb5_init_context failure consistently 200 * add-random-users.c (add_user): handle krb5_init_context failure 201 consistently 202 203 * kadm_conn.c (spawn_child): use a struct sockaddr_storage 204 2052000-12-15 Johan Danielsson <joda@pdc.kth.se> 206 207 * get.c: avoid asprintf'ing NULL strings 208 2092000-12-14 Johan Danielsson <joda@pdc.kth.se> 210 211 * load.c: fix option parsing 212 2132000-11-16 Assar Westerlund <assar@sics.se> 214 215 * kadm_conn.c (wait_for_connection): check for fd's being too 216 large to select on 217 2182000-11-09 Johan Danielsson <joda@pdc.kth.se> 219 220 * get.c: don't try to print modifier name if it isn't set (from 221 Jacques A. Vidrine" <n@nectar.com>) 222 2232000-09-19 Assar Westerlund <assar@sics.se> 224 225 * server.c (kadmind_loop): send in keytab to v4 handling function 226 * version4.c: allow the specification of what keytab to use 227 228 * get.c (print_entry_long): actually print the actual saltvalue 229 used if it's not the default 230 2312000-09-10 Johan Danielsson <joda@pdc.kth.se> 232 233 * kadmin.c: add option parsing, and add `privs' as an alias for 234 `privileges' 235 236 * init.c: complain if there's no realm name specified 237 238 * rename.c: add option parsing 239 240 * load.c: add option parsing 241 242 * get.c: make `get' and `list' aliases to each other, but with 243 different defaults 244 245 * del_enctype.c: add option parsing 246 247 * del.c: add option parsing 248 249 * ank.c: calling the command `add' make more sense from an english 250 pov 251 252 * Makefile.am: add kadmin manpage 253 254 * kadmin.8: short manpage 255 256 * kadmin.c: `quit' should be a alias for `exit', not `help' 257 2582000-08-27 Assar Westerlund <assar@sics.se> 259 260 * server.c (handle_v5): do not try to perform stupid stunts when 261 printing errors 262 2632000-08-19 Assar Westerlund <assar@sics.se> 264 265 * util.c (str2time_t): add alias for `now'. 266 2672000-08-18 Assar Westerlund <assar@sics.se> 268 269 * server.c (handle_v5): accept any kadmin/admin@* principal as the 270 server 271 * kadmind.c: remove extra prototype of kadmind_loop 272 * kadmin_locl.h (kadmind_loop): add prototype 273 274 * init.c (usage): print init-usage and not add-dito 275 2762000-08-07 Johan Danielsson <joda@pdc.kth.se> 277 278 * kadmind.c: use roken_getsockname 279 2802000-08-07 Assar Westerlund <assar@sics.se> 281 282 * kadmind.c, kadm_conn.c: use socklen_t instead of int where 283 appropriate. From <thorpej@netbsd.org> 284 2852000-08-04 Johan Danielsson <joda@pdc.kth.se> 286 287 * Makefile.am: link with pidfile library 288 289 * kadmind.c: write a pid file, and setup password quality 290 functions 291 292 * kadmin_locl.h: util.h 293 2942000-07-27 Assar Westerlund <assar@sics.se> 295 296 * version4.c (decode_packet): be totally consistent with the 297 prototype of des_cbc_cksum 298 * kadmind.c: use sa_size instead of sa_len, some systems define 299 this to emulate anonymous unions 300 * kadm_conn.c: use sa_size instead of sa_len, some systems define 301 this to emulate anonymous unions 302 3032000-07-24 Assar Westerlund <assar@sics.se> 304 305 * kadmin.c (commands): add quit 306 * load.c (doit): truncate the log since there's no way of knowing 307 what changes are going to be added 308 3092000-07-23 Assar Westerlund <assar@sics.se> 310 311 * util.c (str2time_t): be more careful with strptime that might 312 zero out the `struct tm' 313 3142000-07-22 Johan Danielsson <joda@pdc.kth.se> 315 316 * kadm_conn.c: make the parent process wait for children and 317 terminate after receiving a signal, also terminate on SIGINT 318 3192000-07-22 Assar Westerlund <assar@sics.se> 320 321 * version4.c: map both princ_expire_time and pw_expiration to v4 322 principal expiration 323 3242000-07-22 Johan Danielsson <joda@pdc.kth.se> 325 326 * version4.c (handle_v4): check for termination 327 328 * server.c (v5_loop): check for termination 329 330 * kadm_conn.c (wait_term): if we're doing something, set just set 331 a flag otherwise exit rightaway 332 333 * server.c: use krb5_read_priv_message; (v5_loop): check for EOF 334 3352000-07-21 Assar Westerlund <assar@sics.se> 336 337 * kadm_conn.c: remove sys/select.h. make signal handlers 338 type-correct and static 339 340 * kadmin_locl.h: add limits.h and sys/select.h 341 3422000-07-20 Assar Westerlund <assar@sics.se> 343 344 * init.c (init): also create `kadmin/hprop' 345 * kadmind.c: ports is a string argument 346 * kadm_conn.c (start_server): fix printf format 347 348 * kadmin_locl.h: add <sys/select.h> 349 * kadm_conn.c: remove sys/select.h. make signal handlers 350 type-correct and static 351 352 * kadmin_locl.h: add limits.h and sys/select.h 353 3542000-07-17 Johan Danielsson <joda@pdc.kth.se> 355 356 * kadm_conn.c: put all processes in a new process group 357 358 * server.c (v5_loop): use krb5_{read,write}_priv_message 359 3602000-07-11 Johan Danielsson <joda@pdc.kth.se> 361 362 * version4.c: change log strings to match the v5 counterparts 363 364 * mod.c: allow setting kvno 365 366 * kadmind.c: if stdin is not a socket create and listen to sockets 367 368 * kadm_conn.c: socket creation functions 369 370 * util.c (deltat2str): treat 0 and INT_MAX as never 371 3722000-07-08 Assar Westerlund <assar@sics.se> 373 374 * Makefile.am (INCLUDES): add ../lib/krb5 375 * kadmin_locl.h: add krb5_locl.h (since we just use some stuff 376 from there) 377 3782000-06-07 Assar Westerlund <assar@sics.se> 379 380 * add-random-users.c: new testing program that adds a number of 381 randomly generated users 382 3832000-04-12 Assar Westerlund <assar@sics.se> 384 385 * cpw.c (do_cpw_entry): call set_password if no argument is given, 386 it will prompt for the password. 387 * kadmin.c: make help only print the commands that are actually 388 available. 389 3902000-04-03 Assar Westerlund <assar@sics.se> 391 392 * del_enctype.c (del_enctype): set ignore correctly 393 3942000-04-02 Assar Westerlund <assar@sics.se> 395 396 * kadmin.c (main): make parse errors a fatal error 397 * init.c (init): create changepw/kerberos with disallow-tgt and 398 pwchange attributes 399 4002000-03-23 Assar Westerlund <assar@sics.se> 401 402 * util.c (hex2n, parse_des_key): add 403 * server.c (kadmind_dispatch): add kadm_chpass_with_key 404 * cpw.c: add --key 405 * ank.c: add --key 406 4072000-02-16 Assar Westerlund <assar@sics.se> 408 409 * load.c (doit): check return value from parse_hdbflags2int 410 correctly 411 4122000-01-25 Assar Westerlund <assar@sics.se> 413 414 * load.c: checking all parsing for errors and all memory 415 allocations also 416 4172000-01-02 Assar Westerlund <assar@sics.se> 418 419 * server.c: check initial flag in ticket and allow users to change 420 their own password if it's set 421 * ext.c (do_ext_keytab): set timestamp 422 4231999-12-14 Assar Westerlund <assar@sics.se> 424 425 * del_enctype.c (usage): don't use arg_printusage 426 4271999-11-25 Assar Westerlund <assar@sics.se> 428 429 * del_enctype.c (del_enctype): try not to leak memory 430 431 * version4.c (kadm_ser_mod): use kadm5_s_modify_principal (no 432 _with_key) 433 434 * kadmin.c: add `del_enctype' 435 436 * del_enctype.c (del_enctype): new function for deleting enctypes 437 from a principal 438 439 * Makefile.am (kadmin_SOURCES): add del_enctype.c 440 4411999-11-09 Johan Danielsson <joda@pdc.kth.se> 442 443 * server.c: cope with old clients 444 445 * kadmin_locl.h: remove version string 446 4471999-10-17 Assar Westerlund <assar@sics.se> 448 449 * Makefile.am (kadmin_LDADD): add LIB_dlopen 450 4511999-10-01 Assar Westerlund <assar@sics.se> 452 453 * ank.c (add_one_principal): `password' can cactually be NULL in 454 the overwrite code, check for it. 455 4561999-09-20 Assar Westerlund <assar@sics.se> 457 458 * mod.c (mod_entry): print the correct principal name in error 459 messages. From Love <lha@e.kth.se> 460 4611999-09-10 Assar Westerlund <assar@sics.se> 462 463 * init.c (init): also create `changepw/kerberos' 464 465 * version4.c: only create you loose packets when we fail decoding 466 and not when an operation is not performed for some reason 467 (decode_packet): read the service key from the hdb 468 (dispatch, decode_packet): return proper error messages 469 470 * version4.c (kadm_ser_cpw): add password quality functions 471 4721999-08-27 Johan Danielsson <joda@pdc.kth.se> 473 474 * server.c (handle_v5): give more informative message if 475 KRB5_KT_NOTFOUND 476 4771999-08-26 Johan Danielsson <joda@pdc.kth.se> 478 479 * kadmind.c: use HDB keytabs 480 4811999-08-25 Assar Westerlund <assar@sics.se> 482 483 * cpw.c (set_password): use correct variable. From Love 484 <lha@e.kth.se> 485 486 * server.c (v5_loop): use correct error code 487 488 * ank.c (add_one_principal): initialize `default_ent' 489 4901999-08-21 Assar Westerlund <assar@sics.se> 491 492 * random_password.c: new file, stolen from krb4 493 494 * kadmin_locl.h: add prototype for random_password 495 496 * cpw.c: add support for --random-password 497 498 * ank.c: add support for --random-password 499 500 * Makefile.am (kadmin_SOURCES): add random_password.c 501 5021999-08-19 Assar Westerlund <assar@sics.se> 503 504 * util.c (edit_timet): break when we manage to parse the time not 505 the inverse. 506 507 * mod.c: add parsing of lots of options. From Love 508 <lha@stacken.kth.se> 509 510 * ank.c: add setting of expiration and password expiration 511 512 * kadmin_locl.h: update util.c prototypes 513 514 * util.c: move-around. clean-up, rename, make consistent (and 515 some other weird stuff). based on patches from Love 516 <lha@stacken.kth.se> 517 518 * version4.c (kadm_ser_cpw): initialize password 519 (handle_v4): remove unused variable `ret' 520 5211999-08-16 Assar Westerlund <assar@sics.se> 522 523 * version4.c (handle_v4): more error checking and more correct 524 error messages 525 526 * server.c (v5_loop, kadmind_loop): more error checking and more 527 correct error messages 528 5291999-07-24 Assar Westerlund <assar@sics.se> 530 531 * util.c (str2timeval, edit_time): functions for parsing and 532 editing times. Based on patches from Love <lha@stacken.kth.se>. 533 (edit_entry): call new functions 534 535 * mod.c (mod_entry): allow modifying expiration times 536 537 * kadmin_locl.h (str2timeval): add prototype 538 539 * ank.c (add_one_principal): allow setting expiration times 540 5411999-07-03 Assar Westerlund <assar@sics.se> 542 543 * server.c (v5_loop): handle data allocation with krb5_data_alloc 544 and check return value 545 5461999-06-23 Assar Westerlund <assar@sics.se> 547 548 * version4.c (kadm_ser_cpw): read the key in the strange order 549 it's sent 550 551 * util.c (edit_entry): look at default 552 (edit_time): always set mask even if value == 0 553 554 * kadmin_locl.h (edit_entry): update 555 556 * ank.c: make ank use the values of the default principal for 557 prompting 558 559 * version4.c (values_to_ent): convert key data correctly 560 5611999-05-23 Assar Westerlund <assar@sics.se> 562 563 * init.c (create_random_entry): more correct setting of mask 564 5651999-05-21 Assar Westerlund <assar@sics.se> 566 567 * server.c (handle_v5): read sendauth version correctly. 568 5691999-05-14 Assar Westerlund <assar@sics.se> 570 571 * version4.c (error_code): try to handle really old krb4 572 distributions 573 5741999-05-11 Assar Westerlund <assar@sics.se> 575 576 * init.c (init): initialize realm_max_life and realm_max_rlife 577 5781999-05-07 Assar Westerlund <assar@sics.se> 579 580 * ank.c (add_new_key): initialize more variables 581 5821999-05-04 Assar Westerlund <assar@sics.se> 583 584 * version4.c (kadm_ser_cpw): always allow a user to change her 585 password 586 (kadm_ser_*): make logging work 587 clean-up and restructure 588 589 * kadmin_locl.h (set_entry): add prototype 590 591 * kadmin.c (usage): update usage string 592 593 * init.c (init): new arguments realm-max-ticket-life and 594 realm-max-renewable-life 595 596 * util.c (edit_time, edit_attributes): don't do anything if it's 597 already set 598 (set_entry): new function 599 600 * ank.c (add_new_key): new options for setting max-ticket-life, 601 max-renewable-life, and attributes 602 603 * server.c (v5_loop): remove unused variable 604 605 * kadmin_locl.h: add prototypes 606 607 * version4.c: re-insert krb_err.h and other miss 608 609 * server.c (kadmind_loop): break-up and restructure 610 611 * version4.c: add ACL checks more error code checks restructure 612 6131999-05-03 Johan Danielsson <joda@pdc.kth.se> 614 615 * load.c: check for (un-)encrypted keys 616 617 * dump.c: use hdb_print_entry 618 619 * version4.c: version 4 support 620 621 * Makefile.am: link with krb4 622 623 * kadmin_locl.h: include <sys/un.h> 624 625 * server.c: move from lib/kadm5, and add basic support for krb4 626 kadmin protocol 627 628 * kadmind.c: move recvauth to kadmind_loop() 629