ChangeLog revision 142403 
12004-04-29  Love H�rquist �strand  <lha@it.su.se>
2
3	* version4.c: 1.30: (handle_v4): make sure length is longer then
4	2, Pointed out by Evgeny Demidov <demidov@gleg.net>
5	
6	* kadmind.c: 1.31: make kerberos4 support default turned off
7	
82003-04-14  Love H�rquist �strand  <lha@it.su.se>
9
10	* util.c: cast argument to tolower to unsigned char, from
11	Christian Biere <christianbiere@gmx.de> via NetBSD
12	
132003-04-06  Love H�rquist �strand <lha@it.su.se>
14
15	* kadmind.8: s/kerberos/Kerberos/
16	
172003-03-31  Love H�rquist �strand  <lha@it.su.se>
18
19	* kadmin.8: initialises -> initializes, from Perry E. Metzger"
20	<perry@piermont.com>
21
22	* kadmin.c: principal, not pricipal. From Thomas Klausner
23	<wiz@netbsd.org>
24
252003-02-04  Love H�rquist �strand  <lha@it.su.se>
26
27	* kadmind.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl>
28	
29	* kadmin.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl>
30	
312003-01-29  Love H�rquist �strand  <lha@it.su.se>
32
33	* server.c (kadmind_dispatch): kadm_chpass: require the password
34	to pass the password quality check in case the user changes the
35	user's own password kadm_chpass_with_key: disallow the user to
36	change it own password to a key, since that password might violate
37	the password quality check.
38
392002-10-23  Assar Westerlund  <assar@kth.se>
40
41	* version4.c (decode_packet): check the length of the version
42	string and that rlen has a reasonable value
43
442002-10-21  Johan Danielsson  <joda@pdc.kth.se>
45
46	* version4.c: check size of rlen
47
482002-09-10  Johan Danielsson  <joda@pdc.kth.se>
49
50	* server.c: constify match_appl_version()
51
52	* version4.c: change some lingering krb_err_base
53
542002-09-09  Jacques Vidrine  <nectar@kth.se>
55
56	* server.c (kadmind_dispatch): while decoding arguments for
57	kadm_chpass_with_key, sanity check the number of keys given.
58	Potential problem pointed out by
59	Sebastian Krahmer <krahmer@suse.de>.
60
612002-09-04  Johan Danielsson  <joda@pdc.kth.se>
62
63	* load.c (parse_generation): return if there is no generation
64	(spotted by Daniel Kouril)
65
662002-06-07  Jacques Vidrine <n@nectar.com>
67
68	* ank.c: do not attempt to free uninitialized pointer when
69	kadm5_randkey_principal fails.
70
712002-06-07  Johan Danielsson  <joda@pdc.kth.se>
72
73	* util.c: remove unused variable; reported by Hans Insulander
74
752002-03-05  Johan Danielsson  <joda@pdc.kth.se>
76
77	* kadmind.8: clarify some acl wording, and add an example file
78
792002-02-11  Johan Danielsson  <joda@pdc.kth.se>
80
81	* ext.c: no need to use the "modify" keytab anymore
82
832001-09-20  Assar Westerlund  <assar@sics.se>
84
85	* add-random-users.c: allocate several buffers for the list of
86	words, instead of one strdup per word (running under efence does
87	not work very well otherwise)
88
892001-09-13  Assar Westerlund  <assar@sics.se>
90
91	* add-random-users.c: allow specifying the number of users to
92	create
93
942001-08-24  Assar Westerlund  <assar@sics.se>
95
96	* Makefile.am: rename variable name to avoid error from current
97	automake
98
992001-08-22  Assar Westerlund  <assar@sics.se>
100
101	* kadmin_locl.h: include libutil.h if it exists
102
1032001-08-10  Johan Danielsson  <joda@pdc.kth.se>
104
105	* util.c: do something to handle C-c in prompts
106
107	* load.c: remove unused etypes code, and add parsing of the
108	generation field
109
110	* ank.c: add a --use-defaults option to just use default values
111	without questions
112
113	* kadmin.c: add "del" alias for delete
114
115	* cpw.c: call this operation "passwd" in usage
116
117	* kadmin_locl.h: prototype for set_defaults
118
119	* util.c (edit_entry): move setting of default values to a
120	separate function, set_defaults
121
1222001-08-01  Johan Danielsson  <joda@pdc.kth.se>
123
124	* kadmin.c: print help message on bad options
125
1262001-07-31  Assar Westerlund  <assar@sics.se>
127
128	* add-random-users.c (main): handle --version
129
1302001-07-30  Johan Danielsson  <joda@pdc.kth.se>
131
132	* load.c: increase line buffer to 8k
133
1342001-06-12  Assar Westerlund  <assar@sics.se>
135
136	* ext.c (ext_keytab): use the default modify keytab per default
137
1382001-05-17  Assar Westerlund  <assar@sics.se>
139
140	* kadm_conn.c (start_server): fix krb5_eai_to_heim_errno call
141
1422001-05-15  Assar Westerlund  <assar@sics.se>
143
144	* kadmin.c (main): some error cleaning required
145
1462001-05-14  Assar Westerlund  <assar@sics.se>
147
148	* kadmind.c: new krb5_config_parse_file
149	* kadmin.c: new krb5_config_parse_file
150	* kadm_conn.c: update to new krb5_sockaddr2address
151
1522001-05-07  Assar Westerlund  <assar@sics.se>
153
154	* kadmin_locl.h (foreach_principal): update prototype
155	* get.c (getit): new foreach_principal
156	* ext.c (ext_keytab): new foreach_principal
157	* del.c (del_entry): new foreach_principal
158	* cpw.c (cpw_entry): new foreach_principal
159	* util.c (foreach_principal): add `funcname' and try printing the
160	error string
161
1622001-05-04  Johan Danielsson  <joda@pdc.kth.se>
163
164	* rename.c: fix argument number test
165	
1662001-04-19  Johan Danielsson  <joda@pdc.kth.se>
167
168	* del_enctype.c: fix argument count check after getarg change;
169	spotted by mark@MCS.VUW.AC.NZ
170
1712001-02-15  Assar Westerlund  <assar@sics.se>
172
173	* kadmind.c (main): use a `struct sockaddr_storage' to be able to
174	store all types of addresses
175
1762001-02-07  Assar Westerlund  <assar@sics.se>
177
178	* kadmin.c: add --keytab / _K, from Leif Johansson
179	<leifj@it.su.se>
180
1812001-01-29  Assar Westerlund  <assar@sics.se>
182
183	* kadm_conn.c (spawn_child): close the newly created socket in the
184	packet, it's not used.  from <shadow@dementia.org>
185	* version4.c (decode_packet): check success of
186	krb5_425_conv_principal.  from <shadow@dementia.org>
187
1882001-01-12  Assar Westerlund  <assar@sics.se>
189
190	* util.c (parse_attributes): make empty string mean no attributes,
191	specifying the empty string at the command line should give you no
192	attributes, but just pressing return at the prompt gives you
193	default attributes
194	(edit_entry): only pick up values from the default principal if they
195	aren't set in the principal being edited
196
1972001-01-04  Assar Westerlund  <assar@sics.se>
198
199	* load.c (doit): print an error and bail out if storing an entry
200	in the database fails.  The most likely reason for it failing is
201	out-of-space.
202
2032000-12-31  Assar Westerlund  <assar@sics.se>
204
205	* kadmind.c (main): handle krb5_init_context failure consistently
206	* kadmin.c (main): handle krb5_init_context failure consistently
207	* add-random-users.c (add_user): handle krb5_init_context failure
208	consistently
209
210	* kadm_conn.c (spawn_child): use a struct sockaddr_storage
211
2122000-12-15  Johan Danielsson  <joda@pdc.kth.se>
213
214	* get.c: avoid asprintf'ing NULL strings
215
2162000-12-14  Johan Danielsson  <joda@pdc.kth.se>
217
218	* load.c: fix option parsing
219
2202000-11-16  Assar Westerlund  <assar@sics.se>
221
222	* kadm_conn.c (wait_for_connection): check for fd's being too
223	large to select on
224
2252000-11-09  Johan Danielsson  <joda@pdc.kth.se>
226
227	* get.c: don't try to print modifier name if it isn't set (from
228	Jacques A. Vidrine" <n@nectar.com>)
229
2302000-09-19  Assar Westerlund  <assar@sics.se>
231
232	* server.c (kadmind_loop): send in keytab to v4 handling function
233	* version4.c: allow the specification of what keytab to use
234
235	* get.c (print_entry_long): actually print the actual saltvalue
236	used if it's not the default
237
2382000-09-10  Johan Danielsson  <joda@pdc.kth.se>
239
240	* kadmin.c: add option parsing, and add `privs' as an alias for
241	`privileges'
242
243	* init.c: complain if there's no realm name specified
244
245	* rename.c: add option parsing
246
247	* load.c: add option parsing
248
249	* get.c: make `get' and `list' aliases to each other, but with
250	different defaults
251
252	* del_enctype.c: add option parsing
253
254	* del.c: add option parsing
255
256	* ank.c: calling the command `add' make more sense from an english
257	pov
258
259	* Makefile.am: add kadmin manpage
260
261	* kadmin.8: short manpage
262
263	* kadmin.c: `quit' should be a alias for `exit', not `help'
264
2652000-08-27  Assar Westerlund  <assar@sics.se>
266
267	* server.c (handle_v5): do not try to perform stupid stunts when
268	printing errors
269
2702000-08-19  Assar Westerlund  <assar@sics.se>
271
272	* util.c (str2time_t): add alias for `now'.
273
2742000-08-18  Assar Westerlund  <assar@sics.se>
275
276	* server.c (handle_v5): accept any kadmin/admin@* principal as the
277	server
278	* kadmind.c: remove extra prototype of kadmind_loop
279	* kadmin_locl.h (kadmind_loop): add prototype
280	
281	* init.c (usage): print init-usage and not add-dito
282	
2832000-08-07  Johan Danielsson  <joda@pdc.kth.se>
284
285	* kadmind.c: use roken_getsockname
286
2872000-08-07  Assar Westerlund  <assar@sics.se>
288
289	* kadmind.c, kadm_conn.c: use socklen_t instead of int where
290	appropriate.  From <thorpej@netbsd.org>
291
2922000-08-04  Johan Danielsson  <joda@pdc.kth.se>
293
294	* Makefile.am: link with pidfile library
295
296	* kadmind.c: write a pid file, and setup password quality
297	functions
298
299	* kadmin_locl.h: util.h
300
3012000-07-27  Assar Westerlund  <assar@sics.se>
302
303	* version4.c (decode_packet): be totally consistent with the
304	prototype of des_cbc_cksum
305	* kadmind.c: use sa_size instead of sa_len, some systems define
306	this to emulate anonymous unions
307	* kadm_conn.c: use sa_size instead of sa_len, some systems define
308	this to emulate anonymous unions
309
3102000-07-24  Assar Westerlund  <assar@sics.se>
311
312	* kadmin.c (commands): add quit
313	* load.c (doit): truncate the log since there's no way of knowing
314	what changes are going to be added
315
3162000-07-23  Assar Westerlund  <assar@sics.se>
317
318	* util.c (str2time_t): be more careful with strptime that might
319	zero out the `struct tm'
320
3212000-07-22  Johan Danielsson  <joda@pdc.kth.se>
322
323	* kadm_conn.c: make the parent process wait for children and
324	terminate after receiving a signal, also terminate on SIGINT
325
3262000-07-22  Assar Westerlund  <assar@sics.se>
327
328	* version4.c: map both princ_expire_time and pw_expiration to v4
329	principal expiration
330
3312000-07-22  Johan Danielsson  <joda@pdc.kth.se>
332
333	* version4.c (handle_v4): check for termination
334
335	* server.c (v5_loop): check for termination
336
337	* kadm_conn.c (wait_term): if we're doing something, set just set
338	a flag otherwise exit rightaway
339
340	* server.c: use krb5_read_priv_message; (v5_loop): check for EOF
341
3422000-07-21  Assar Westerlund  <assar@sics.se>
343
344	* kadm_conn.c: remove sys/select.h.  make signal handlers
345	type-correct and static
346
347	* kadmin_locl.h: add limits.h and sys/select.h
348
3492000-07-20  Assar Westerlund  <assar@sics.se>
350
351	* init.c (init): also create `kadmin/hprop'
352	* kadmind.c: ports is a string argument
353	* kadm_conn.c (start_server): fix printf format
354
355	* kadmin_locl.h: add <sys/select.h>
356	* kadm_conn.c: remove sys/select.h.  make signal handlers
357	type-correct and static
358
359	* kadmin_locl.h: add limits.h and sys/select.h
360
3612000-07-17  Johan Danielsson  <joda@pdc.kth.se>
362
363	* kadm_conn.c: put all processes in a new process group
364
365	* server.c (v5_loop): use krb5_{read,write}_priv_message
366
3672000-07-11  Johan Danielsson  <joda@pdc.kth.se>
368
369	* version4.c: change log strings to match the v5 counterparts
370
371	* mod.c: allow setting kvno
372
373	* kadmind.c: if stdin is not a socket create and listen to sockets
374
375	* kadm_conn.c: socket creation functions
376
377	* util.c (deltat2str): treat 0 and INT_MAX as never
378
3792000-07-08  Assar Westerlund  <assar@sics.se>
380
381	* Makefile.am (INCLUDES): add ../lib/krb5
382	* kadmin_locl.h: add krb5_locl.h (since we just use some stuff
383	from there)
384
3852000-06-07  Assar Westerlund  <assar@sics.se>
386
387	* add-random-users.c: new testing program that adds a number of
388	randomly generated users
389
3902000-04-12  Assar Westerlund  <assar@sics.se>
391
392	* cpw.c (do_cpw_entry): call set_password if no argument is given,
393	it will prompt for the password.
394	* kadmin.c: make help only print the commands that are actually
395	available.
396
3972000-04-03  Assar Westerlund  <assar@sics.se>
398
399	* del_enctype.c (del_enctype): set ignore correctly
400
4012000-04-02  Assar Westerlund  <assar@sics.se>
402
403	* kadmin.c (main): make parse errors a fatal error
404	* init.c (init): create changepw/kerberos with disallow-tgt and
405	pwchange attributes
406
4072000-03-23  Assar Westerlund  <assar@sics.se>
408
409	* util.c (hex2n, parse_des_key): add
410	* server.c (kadmind_dispatch): add kadm_chpass_with_key
411	* cpw.c: add --key
412	* ank.c: add --key
413
4142000-02-16  Assar Westerlund  <assar@sics.se>
415
416	* load.c (doit): check return value from parse_hdbflags2int
417	correctly
418
4192000-01-25  Assar Westerlund  <assar@sics.se>
420
421	* load.c: checking all parsing for errors and all memory
422	allocations also
423
4242000-01-02  Assar Westerlund  <assar@sics.se>
425
426	* server.c: check initial flag in ticket and allow users to change
427	their own password if it's set
428	* ext.c (do_ext_keytab): set timestamp
429
4301999-12-14  Assar Westerlund  <assar@sics.se>
431
432	* del_enctype.c (usage): don't use arg_printusage
433
4341999-11-25  Assar Westerlund  <assar@sics.se>
435
436	* del_enctype.c (del_enctype): try not to leak memory
437
438	* version4.c (kadm_ser_mod): use kadm5_s_modify_principal (no
439 	_with_key)
440
441	* kadmin.c: add `del_enctype'
442
443	* del_enctype.c (del_enctype): new function for deleting enctypes
444	from a principal
445
446	* Makefile.am (kadmin_SOURCES): add del_enctype.c
447
4481999-11-09  Johan Danielsson  <joda@pdc.kth.se>
449
450	* server.c: cope with old clients
451
452	* kadmin_locl.h: remove version string
453
4541999-10-17  Assar Westerlund  <assar@sics.se>
455
456	* Makefile.am (kadmin_LDADD): add LIB_dlopen
457
4581999-10-01  Assar Westerlund  <assar@sics.se>
459
460	* ank.c (add_one_principal): `password' can cactually be NULL in
461 	the overwrite code, check for it.
462
4631999-09-20  Assar Westerlund  <assar@sics.se>
464
465	* mod.c (mod_entry): print the correct principal name in error
466 	messages.  From Love <lha@e.kth.se>
467
4681999-09-10  Assar Westerlund  <assar@sics.se>
469
470	* init.c (init): also create `changepw/kerberos'
471
472	* version4.c: only create you loose packets when we fail decoding
473 	and not when an operation is not performed for some reason
474	(decode_packet): read the service key from the hdb
475	(dispatch, decode_packet): return proper error messages
476
477	* version4.c (kadm_ser_cpw): add password quality functions
478
4791999-08-27  Johan Danielsson  <joda@pdc.kth.se>
480
481	* server.c (handle_v5): give more informative message if
482	KRB5_KT_NOTFOUND
483
4841999-08-26  Johan Danielsson  <joda@pdc.kth.se>
485
486	* kadmind.c: use HDB keytabs
487
4881999-08-25  Assar Westerlund  <assar@sics.se>
489
490	* cpw.c (set_password): use correct variable.  From Love
491 	<lha@e.kth.se>
492
493	* server.c (v5_loop): use correct error code
494
495	* ank.c (add_one_principal): initialize `default_ent'
496
4971999-08-21  Assar Westerlund  <assar@sics.se>
498
499	* random_password.c: new file, stolen from krb4
500
501	* kadmin_locl.h: add prototype for random_password
502
503	* cpw.c: add support for --random-password
504
505	* ank.c: add support for --random-password
506
507	* Makefile.am (kadmin_SOURCES): add random_password.c
508
5091999-08-19  Assar Westerlund  <assar@sics.se>
510
511	* util.c (edit_timet): break when we manage to parse the time not
512 	the inverse.
513
514	* mod.c: add parsing of lots of options.  From Love
515 	<lha@stacken.kth.se>
516
517	* ank.c: add setting of expiration and password expiration
518
519	* kadmin_locl.h: update util.c prototypes
520
521	* util.c: move-around.  clean-up, rename, make consistent (and
522 	some other weird stuff).  based on patches from Love
523 	<lha@stacken.kth.se>
524
525	* version4.c (kadm_ser_cpw): initialize password
526	(handle_v4): remove unused variable `ret'
527
5281999-08-16  Assar Westerlund  <assar@sics.se>
529
530	* version4.c (handle_v4): more error checking and more correct
531 	error messages
532
533	* server.c (v5_loop, kadmind_loop): more error checking and more
534 	correct error messages
535
5361999-07-24  Assar Westerlund  <assar@sics.se>
537
538	* util.c (str2timeval, edit_time): functions for parsing and
539 	editing times.  Based on patches from Love <lha@stacken.kth.se>.
540	(edit_entry): call new functions
541
542	* mod.c (mod_entry): allow modifying expiration times
543
544	* kadmin_locl.h (str2timeval): add prototype
545
546	* ank.c (add_one_principal): allow setting expiration times
547
5481999-07-03  Assar Westerlund  <assar@sics.se>
549
550	* server.c (v5_loop): handle data allocation with krb5_data_alloc
551 	and check return value
552
5531999-06-23  Assar Westerlund  <assar@sics.se>
554
555	* version4.c (kadm_ser_cpw): read the key in the strange order
556 	it's sent
557
558	* util.c (edit_entry): look at default
559	(edit_time): always set mask even if value == 0
560
561	* kadmin_locl.h (edit_entry): update
562
563	* ank.c: make ank use the values of the default principal for
564 	prompting
565
566	* version4.c (values_to_ent): convert key data correctly
567
5681999-05-23  Assar Westerlund  <assar@sics.se>
569
570	* init.c (create_random_entry): more correct setting of mask
571
5721999-05-21  Assar Westerlund  <assar@sics.se>
573
574	* server.c (handle_v5): read sendauth version correctly.
575
5761999-05-14  Assar Westerlund  <assar@sics.se>
577
578	* version4.c (error_code): try to handle really old krb4
579 	distributions
580
5811999-05-11  Assar Westerlund  <assar@sics.se>
582
583	* init.c (init): initialize realm_max_life and realm_max_rlife
584
5851999-05-07  Assar Westerlund  <assar@sics.se>
586
587	* ank.c (add_new_key): initialize more variables
588
5891999-05-04  Assar Westerlund  <assar@sics.se>
590
591	* version4.c (kadm_ser_cpw): always allow a user to change her
592 	password
593	(kadm_ser_*): make logging work
594	clean-up and restructure
595	
596	* kadmin_locl.h (set_entry): add prototype
597
598	* kadmin.c (usage): update usage string
599
600	* init.c (init): new arguments realm-max-ticket-life and
601 	realm-max-renewable-life
602
603	* util.c (edit_time, edit_attributes): don't do anything if it's
604 	already set
605	(set_entry): new function
606
607	* ank.c (add_new_key): new options for setting max-ticket-life,
608 	max-renewable-life, and attributes
609
610	* server.c (v5_loop): remove unused variable
611
612	* kadmin_locl.h: add prototypes
613
614	* version4.c: re-insert krb_err.h and other miss
615
616	* server.c (kadmind_loop): break-up and restructure
617
618	* version4.c: add ACL checks more error code checks restructure
619	
6201999-05-03  Johan Danielsson  <joda@pdc.kth.se>
621
622	* load.c: check for (un-)encrypted keys
623
624	* dump.c: use hdb_print_entry
625	
626	* version4.c: version 4 support
627
628	* Makefile.am: link with krb4
629
630	* kadmin_locl.h: include <sys/un.h>
631
632	* server.c: move from lib/kadm5, and add basic support for krb4
633	kadmin protocol
634
635	* kadmind.c: move recvauth to kadmind_loop()
636