ChangeLog revision 178825
12007-12-09 Love H�rnquist �strand <lha@it.su.se> 2 3 * kadmin.c: Use hdb_db_dir(). 4 5 * kadmind.c: Use hdb_db_dir(). 6 72007-07-26 Love H�rnquist �strand <lha@it.su.se> 8 9 * util.c: Clear error string, just to be sure. 10 112007-05-10 Love H�rnquist �strand <lha@it.su.se> 12 13 * kadmin-commands.in: modify --pkinit-acl 14 15 * mod.c: add pk-init command 16 172007-02-22 Love H�rnquist �strand <lha@it.su.se> 18 19 * kadmin.8: document kadmin add_enctype functionallity. 20 21 * Makefile.am: Add new command, add_enctype. 22 23 * kadmin-commands.in: Add new command, add_enctype. 24 25 * add_enctype.c: Add support for adding a random key enctype to a 26 principal. 27 282007-02-17 Love H�rnquist �strand <lha@it.su.se> 29 30 * mod.c: add setting and displaying aliases 31 32 * get.c: add setting and displaying aliases 33 34 * kadmin-commands.in: add setting and displaying aliases 35 362006-12-22 Love H�rnquist �strand <lha@it.su.se> 37 38 * util.c: Make str2time_t parser more robust. 39 40 * Makefile.am: Add test_util test program. 41 42 * test_util.c: Test str2time_t parser. 43 442006-12-05 Love H�rnquist �strand <lha@it.su.se> 45 46 * add-random-users.c: Use strcspn to remove \n from fgets 47 result. Prompted by change by Ray Lai of OpenBSD via Bj�rn 48 Sandell. 49 502006-10-22 Love H�rnquist �strand <lha@it.su.se> 51 52 * mod.c: Try to not leak memory. 53 54 * check.c: Try to not leak memory. 55 562006-10-07 Love H�rnquist �strand <lha@it.su.se> 57 58 * Makefile.am: split build files into dist_ and noinst_ SOURCES 59 602006-08-28 Love H�rnquist �strand <lha@it.su.se> 61 62 * kadmin.c (help): use sl_slc_help(). 63 642006-08-24 Love H�rnquist �strand <lha@it.su.se> 65 66 * util.c: Add KRB5_KDB_ALLOW_DIGEST 67 682006-07-14 Love H�rnquist �strand <lha@it.su.se> 69 70 * get.c (format_field): optionally print issuer and anchor. 71 722006-06-21 Love H�rnquist �strand <lha@it.su.se> 73 74 * check.c: Check if afs@REALM and afs/cellname@REALM both exists. 75 762006-06-14 Love H�rnquist �strand <lha@it.su.se> 77 78 * util.c (kdb_attrs): Add KRB5_KDB_ALLOW_KERBEROS4 79 802006-06-07 Love H�rnquist �strand <lha@it.su.se> 81 82 * mod.c (do_mod_entry): Add setting 1 delegation entry 83 842006-06-01 Love H�rnquist �strand <lha@it.su.se> 85 86 * server.c: Less shadowing. 87 882006-05-13 Love H�rnquist �strand <lha@it.su.se> 89 90 * Makefile.am: kadmin_SOURCES += add check.c 91 92 * kadmin_locl.h: Avoid shadowing. 93 94 * kadmin.8: Document the new check command. 95 96 * kadmin-commands.in: Add check command 97 98 * check.c: Check database for strange configurations on default 99 principals. 100 1012006-05-08 Love H�rnquist �strand <lha@it.su.se> 102 103 * server.c (kadm_get_privs): one less "pointer targets in passing 104 argument differ in signedness" warning. 105 1062006-05-05 Love H�rnquist �strand <lha@it.su.se> 107 108 * dump-format.txt: Moved to info documentation. 109 110 * Rename u_intXX_t to uintXX_t 111 1122006-05-01 Love H�rnquist �strand <lha@it.su.se> 113 114 * kadmin.8: spelling, update .Dd 115 1162006-04-12 Love H�rnquist �strand <lha@it.su.se> 117 118 * add-random-users.c: Catch empty file case. From Tobias 119 Stoeckmann. 120 1212006-04-07 Love H�rnquist �strand <lha@it.su.se> 122 123 * random_password.c (generate_password): memory leak in error 124 condition case From Coverity NetBSD CID#1887 125 1262006-02-19 Love H�rnquist �strand <lha@it.su.se> 127 128 * cpw.c (cpw_entry): make sure ret have a defined value 129 130 * del.c (del_entry): make sure ret have a defined value 131 132 * mod.c: Return error code so that toplevel function can catch 133 them. 134 1352006-01-25 Love H�rnquist �strand <lha@it.su.se> 136 137 * cpw.c (cpw_entry): return 1 on failure. 138 139 * rename.c (rename_entry): return 1 on failure. 140 141 * del.c (del_entry): return 1 on failure. 142 143 * ank.c (add_new_key): return 1 on failure. 144 145 * get.c: Add printing of pkinit-acls. Don't print password by 146 default. Return 1 on failure processing any of the principals. 147 148 * util.c (foreach_principal): If any of calls to `func' failes, 149 the first error is returned when all principals are processed. 150 1512005-12-01 Love H�rnquist �strand <lha@it.su.se> 152 153 * kadmin-commands.in: Add ank as an alias to add, it lost in 154 transition to slc, from M�ns Nilsson. 155 1562005-09-14 Love H�rquist �strand <lha@it.su.se> 157 158 * dump-format.txt: Add extensions, fill in missing fields. 159 1602005-09-08 Love H�rquist �strand <lha@it.su.se> 161 162 * init.c (create_random_entry): create principal with random 163 password even though its disabled. From Andrew Bartlet 164 <abartlet@samba.org> 165 1662005-09-01 Love H�rquist �strand <lha@it.su.se> 167 168 * kadm_conn.c: Use socket_set_reuseaddr and socket_set_ipv6only. 169 1702005-08-11 Love H�rquist �strand <lha@it.su.se> 171 172 * get.c: Remove structure that is never used (sneaked in the large 173 TL_DATA patch). 174 175 * kadmin-commands.in: Rename password-quality to 176 verify-password-quality. 177 178 * get.c: Indent. 179 180 * server.c: Avoid shadowing exp(). 181 182 * load.c: Parse extensions. 183 184 * kadmin_locl.h: Include <hex.h>. 185 186 * get.c: Extend struct field_name to have a subvalue and a 187 extra_mask. Use that to implement printing of KADM5_TL_DATA 188 options and fix a dependency bug (keys needed principal to print 189 the salting). 190 1912005-07-08 Love H�rquist �strand <lha@it.su.se> 192 193 * lower amount of shadow and const warnings 194 1952005-06-07 David Love <fx@gnu.org> 196 197 * dump-format.txt: Clarify, spelling and add examples. 198 1992005-05-30 Love H�rquist �strand <lha@it.su.se> 200 201 * util.c (kdb_attrs): add ok-as-delegate 202 203 * get.c (getit): init data.mask to 0. Problem found by Andrew 204 Bartlett <abartlet@samba.org> 205 2062005-05-09 Love H�rquist �strand <lha@it.su.se> 207 208 * kadmin.c (main): catch -2 as EOF 209 2102005-05-03 Dave Love <d.love@dl.ac.uk> 211 212 * init.c (init): Don't disable forwardable for kadmin/changepw. 213 2142005-05-02 Dave Love <d.love@dl.ac.uk> 215 216 * kadmin.c (help): Don't use non-constant initializer for `fake'. 217 2182005-04-20 Love H�rquist �strand <lha@it.su.se> 219 220 * util.c (foreach_principal): initialize ret to make sure it have 221 a value 222 2232005-04-04 Love H�rquist �strand <lha@it.su.se> 224 225 * kadmind.c: add verifier libraries with 226 kadm5_add_passwd_quality_verifier 227 228 * kadmin.c: add verifier libraries with 229 kadm5_add_passwd_quality_verifier 230 231 * load.c: max-life and max-renew is of unsigned int in asn1 232 compiler, use that for the parser too 233 2342005-03-26 Love H�rquist �strand <lha@it.su.se> 235 236 * kadmin.8: List of attributes, from James F. Hranicky 237 <jfh@cise.ufl.edu> 238 2392005-01-19 Love H�rquist �strand <lha@it.su.se> 240 241 * dump.c (dump): handle errors 242 2432005-01-08 Love H�rquist �strand <lha@it.su.se> 244 245 * dump-format.txt: text dump format 246 2472004-12-08 Love H�rquist �strand <lha@it.su.se> 248 249 * kadmind.8: use keeps around options, from OpenBSD 250 251 * kadmin.8: use keeps around options, "improve" spelling, from 252 openbsd 253 2542004-11-01 Love H�rquist �strand <lha@it.su.se> 255 256 * get.c (getit): always free columns 257 258 * ank.c (add_one_principal): catch error from 259 UI_UTIL_read_pw_string 260 2612004-10-31 Love H�rquist �strand <lha@it.su.se> 262 263 * del_enctype.c (del_enctype): fix off-by-one error in del_enctype 264 From: <ragge@ludd.luth.se> 265 2662004-08-13 Love H�rquist �strand <lha@it.su.se> 267 268 * get.c: print keytypes on long format 269 2702004-07-06 Love H�rquist �strand <lha@it.su.se> 271 272 * get.c (format_field): allow mod_name to be optional 273 274 * ext.c (do_ext_keytab): if there isn't any keydata, try using 275 kadm5_randkey_principal 276 2772004-07-02 Love H�rquist �strand <lha@it.su.se> 278 279 * load.c: make merge/load work again 280 281 * del.c: fix usage string 282 283 * ank.c: fix slc lossage 284 2852004-06-28 Love H�rquist �strand <lha@it.su.se> 286 287 * kadmin.c: use kadm5_ad_init_with_password_ctx 288 2892004-06-27 Johan Danielsson <joda@pdc.kth.se> 290 291 * kadmin.8: document get -o and stash 292 293 * get.c: implement output column selection, similar to ps -o 294 295 * kadmin-commands.in: make get -l the default again, and add 296 column selection flag; sync list with get 297 2982004-06-24 Johan Danielsson <joda@pdc.kth.se> 299 300 * kadmin-commands.in: mod needs default kvno of -1 301 3022004-06-21 Johan Danielsson <joda@pdc.kth.se> 303 304 * kadmin: convert to use slc; also add stash subcommand 305 3062004-06-15 Love H�rquist �strand <lha@it.su.se> 307 308 * kadmin.c (main): keytab mode requires principal name 309 3102004-06-12 Love H�rquist �strand <lha@it.su.se> 311 312 * kadmind.c: drop keyfile, not used, found by 313 Elrond <elrond@samba-tng.org> 314 315 * kadmin.c: if keyfile is set, pass in to libkadm5 bug pointed out 316 by Elrond <elrond@samba-tng.org> 317 3182004-05-31 Love H�rquist �strand <lha@it.su.se> 319 320 * kadmin.c: add --ad flag, XXX rewrite the init kadm5 interface 321 3222004-05-13 Johan Danielsson <joda@pdc.kth.se> 323 324 * nuke kerberos 4 kadmin goo 325 3262004-05-07 Johan Danielsson <joda@pdc.kth.se> 327 328 * util.c (str2time_t): fix end-of-day logic, from Duncan 329 McEwan/Mark Davies. 330 3312004-04-29 Love H�rquist �strand <lha@it.su.se> 332 333 * version4.c (handle_v4): make sure length is longer then 2, 334 Pointed out by Evgeny Demidov <demidov@gleg.net> 335 336 * kadmind.c: make kerberos4 support default turned off 337 3382004-03-24 Johan Danielsson <joda@pdc.kth.se> 339 340 * kadmin.8: update manpage 341 342 * mod.c: allow wildcarding principals, and make parameters a work 343 same as if prompted 344 3452004-03-08 Love H�rquist �strand <lha@it.su.se> 346 347 * kadmin.8: document password-quality 348 349 * kadmin_locl.h: add prototype for password_quality 350 351 * kadmin.c: add password-quality/pwq command 352 353 * Makefile.am: kadmin_SOURCES += pw_quality.c 354 355 * pw_quality.c: test run the password quality function 356 3572004-03-07 Love H�rquist �strand <lha@it.su.se> 358 359 * ank.c (add_one_principal): even though the principal is disabled 360 (creation of random key/keydata), create it with a random password 361 3622003-12-07 Love H�rquist �strand <lha@it.su.se> 363 364 * init.c (create_random_entry): print error message on failure 365 366 * ank.c (add_one_principal): pass right argument to 367 kadm5_free_principal_ent From Panasas, Inc 368 3692003-11-18 Love H�rquist �strand <lha@it.su.se> 370 371 * kadmind.c (main): move opening the logfile to after reading 372 kdc.conf move the loading of hdb keytab ops closer to where its 373 used From: Jeffrey Hutzelman <jhutz@cmu.edu> 374 3752003-10-04 Love H�rquist �strand <lha@it.su.se> 376 377 * util.c (str2time_t): allow whitespace between date and time 378 From: Bob Beck <beck@cvs.openbsd.org> and adharw@yahoo.com 379 3802003-09-03 Love H�rquist �strand <lha@it.su.se> 381 382 * ank.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ 383 384 * cpw.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ 385 3862003-08-21 Love H�rquist �strand <lha@it.su.se> 387 388 * get.c (print_entry_terse): handle error when unparsing name 389 3902003-08-18 Love H�rquist �strand <lha@it.su.se> 391 392 * kadmind.c (main): use krb5_prepend_config_files_default, now all 393 options in kdc.conf is parsed, not just [kdc]key-file= 394 395 * kadmin.c (main): use krb5_prepend_config_files_default, now all 396 options in kdc.conf is parsed, not just [kdc]key-file= 397 3982003-04-14 Love H�rquist �strand <lha@it.su.se> 399 400 * util.c: cast argument to tolower to unsigned char, from 401 Christian Biere <christianbiere@gmx.de> via NetBSD 402 4032003-04-06 Love H�rquist �strand <lha@it.su.se> 404 405 * kadmind.8: s/kerberos/Kerberos/ 406 4072003-03-31 Love H�rquist �strand <lha@it.su.se> 408 409 * kadmin.8: initialises -> initializes, from Perry E. Metzger" 410 <perry@piermont.com> 411 412 * kadmin.c: principal, not pricipal. From Thomas Klausner 413 <wiz@netbsd.org> 414 4152003-02-04 Love H�rquist �strand <lha@it.su.se> 416 417 * kadmind.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 418 419 * kadmin.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 420 4212003-01-29 Love H�rquist �strand <lha@it.su.se> 422 423 * server.c (kadmind_dispatch): kadm_chpass: require the password 424 to pass the password quality check in case the user changes the 425 user's own password kadm_chpass_with_key: disallow the user to 426 change it own password to a key, since that password might violate 427 the password quality check. 428 4292002-12-03 Johan Danielsson <joda@pdc.kth.se> 430 431 * util.c (get_response): print a newline if interrupted 432 433 * mod.c (mod_entry): check return value from edit_entry 434 435 * ank.c (add_one_principal): check return value from edit_entry 436 437 * ank.c (add_one_principal): don't continue if create_principal 438 fails 439 440 * init.c: check return value from edit_deltat 441 442 * init.c: add --help 443 4442002-10-29 Johan Danielsson <joda@pdc.kth.se> 445 446 * version4.c: speling (from Tomas Olsson) 447 4482002-10-23 Assar Westerlund <assar@kth.se> 449 450 * version4.c (decode_packet): check the length of the version 451 string and that rlen has a reasonable value 452 4532002-10-21 Johan Danielsson <joda@pdc.kth.se> 454 455 * version4.c: check size of rlen 456 4572002-09-10 Johan Danielsson <joda@pdc.kth.se> 458 459 * server.c: constify match_appl_version() 460 461 * version4.c: change some lingering krb_err_base 462 4632002-09-09 Jacques Vidrine <nectar@kth.se> 464 465 * server.c (kadmind_dispatch): while decoding arguments for 466 kadm_chpass_with_key, sanity check the number of keys given. 467 Potential problem pointed out by 468 Sebastian Krahmer <krahmer@suse.de>. 469 4702002-09-04 Johan Danielsson <joda@pdc.kth.se> 471 472 * load.c (parse_generation): return if there is no generation 473 (spotted by Daniel Kouril) 474 4752002-06-07 Jacques Vidrine <n@nectar.com> 476 477 * ank.c: do not attempt to free uninitialized pointer when 478 kadm5_randkey_principal fails. 479 4802002-06-07 Johan Danielsson <joda@pdc.kth.se> 481 482 * util.c: remove unused variable; reported by Hans Insulander 483 4842002-03-05 Johan Danielsson <joda@pdc.kth.se> 485 486 * kadmind.8: clarify some acl wording, and add an example file 487 4882002-02-11 Johan Danielsson <joda@pdc.kth.se> 489 490 * ext.c: no need to use the "modify" keytab anymore 491 4922001-09-20 Assar Westerlund <assar@sics.se> 493 494 * add-random-users.c: allocate several buffers for the list of 495 words, instead of one strdup per word (running under efence does 496 not work very well otherwise) 497 4982001-09-13 Assar Westerlund <assar@sics.se> 499 500 * add-random-users.c: allow specifying the number of users to 501 create 502 5032001-08-24 Assar Westerlund <assar@sics.se> 504 505 * Makefile.am: rename variable name to avoid error from current 506 automake 507 5082001-08-22 Assar Westerlund <assar@sics.se> 509 510 * kadmin_locl.h: include libutil.h if it exists 511 5122001-08-10 Johan Danielsson <joda@pdc.kth.se> 513 514 * util.c: do something to handle C-c in prompts 515 516 * load.c: remove unused etypes code, and add parsing of the 517 generation field 518 519 * ank.c: add a --use-defaults option to just use default values 520 without questions 521 522 * kadmin.c: add "del" alias for delete 523 524 * cpw.c: call this operation "passwd" in usage 525 526 * kadmin_locl.h: prototype for set_defaults 527 528 * util.c (edit_entry): move setting of default values to a 529 separate function, set_defaults 530 5312001-08-01 Johan Danielsson <joda@pdc.kth.se> 532 533 * kadmin.c: print help message on bad options 534 5352001-07-31 Assar Westerlund <assar@sics.se> 536 537 * add-random-users.c (main): handle --version 538 5392001-07-30 Johan Danielsson <joda@pdc.kth.se> 540 541 * load.c: increase line buffer to 8k 542 5432001-06-12 Assar Westerlund <assar@sics.se> 544 545 * ext.c (ext_keytab): use the default modify keytab per default 546 5472001-05-17 Assar Westerlund <assar@sics.se> 548 549 * kadm_conn.c (start_server): fix krb5_eai_to_heim_errno call 550 5512001-05-15 Assar Westerlund <assar@sics.se> 552 553 * kadmin.c (main): some error cleaning required 554 5552001-05-14 Assar Westerlund <assar@sics.se> 556 557 * kadmind.c: new krb5_config_parse_file 558 * kadmin.c: new krb5_config_parse_file 559 * kadm_conn.c: update to new krb5_sockaddr2address 560 5612001-05-07 Assar Westerlund <assar@sics.se> 562 563 * kadmin_locl.h (foreach_principal): update prototype 564 * get.c (getit): new foreach_principal 565 * ext.c (ext_keytab): new foreach_principal 566 * del.c (del_entry): new foreach_principal 567 * cpw.c (cpw_entry): new foreach_principal 568 * util.c (foreach_principal): add `funcname' and try printing the 569 error string 570 5712001-05-04 Johan Danielsson <joda@pdc.kth.se> 572 573 * rename.c: fix argument number test 574 5752001-04-19 Johan Danielsson <joda@pdc.kth.se> 576 577 * del_enctype.c: fix argument count check after getarg change; 578 spotted by mark@MCS.VUW.AC.NZ 579 5802001-02-15 Assar Westerlund <assar@sics.se> 581 582 * kadmind.c (main): use a `struct sockaddr_storage' to be able to 583 store all types of addresses 584 5852001-02-07 Assar Westerlund <assar@sics.se> 586 587 * kadmin.c: add --keytab / _K, from Leif Johansson 588 <leifj@it.su.se> 589 5902001-01-29 Assar Westerlund <assar@sics.se> 591 592 * kadm_conn.c (spawn_child): close the newly created socket in the 593 packet, it's not used. from <shadow@dementia.org> 594 * version4.c (decode_packet): check success of 595 krb5_425_conv_principal. from <shadow@dementia.org> 596 5972001-01-12 Assar Westerlund <assar@sics.se> 598 599 * util.c (parse_attributes): make empty string mean no attributes, 600 specifying the empty string at the command line should give you no 601 attributes, but just pressing return at the prompt gives you 602 default attributes 603 (edit_entry): only pick up values from the default principal if they 604 aren't set in the principal being edited 605 6062001-01-04 Assar Westerlund <assar@sics.se> 607 608 * load.c (doit): print an error and bail out if storing an entry 609 in the database fails. The most likely reason for it failing is 610 out-of-space. 611 6122000-12-31 Assar Westerlund <assar@sics.se> 613 614 * kadmind.c (main): handle krb5_init_context failure consistently 615 * kadmin.c (main): handle krb5_init_context failure consistently 616 * add-random-users.c (add_user): handle krb5_init_context failure 617 consistently 618 619 * kadm_conn.c (spawn_child): use a struct sockaddr_storage 620 6212000-12-15 Johan Danielsson <joda@pdc.kth.se> 622 623 * get.c: avoid asprintf'ing NULL strings 624 6252000-12-14 Johan Danielsson <joda@pdc.kth.se> 626 627 * load.c: fix option parsing 628 6292000-11-16 Assar Westerlund <assar@sics.se> 630 631 * kadm_conn.c (wait_for_connection): check for fd's being too 632 large to select on 633 6342000-11-09 Johan Danielsson <joda@pdc.kth.se> 635 636 * get.c: don't try to print modifier name if it isn't set (from 637 Jacques A. Vidrine" <n@nectar.com>) 638 6392000-09-19 Assar Westerlund <assar@sics.se> 640 641 * server.c (kadmind_loop): send in keytab to v4 handling function 642 * version4.c: allow the specification of what keytab to use 643 644 * get.c (print_entry_long): actually print the actual saltvalue 645 used if it's not the default 646 6472000-09-10 Johan Danielsson <joda@pdc.kth.se> 648 649 * kadmin.c: add option parsing, and add `privs' as an alias for 650 `privileges' 651 652 * init.c: complain if there's no realm name specified 653 654 * rename.c: add option parsing 655 656 * load.c: add option parsing 657 658 * get.c: make `get' and `list' aliases to each other, but with 659 different defaults 660 661 * del_enctype.c: add option parsing 662 663 * del.c: add option parsing 664 665 * ank.c: calling the command `add' make more sense from an english 666 pov 667 668 * Makefile.am: add kadmin manpage 669 670 * kadmin.8: short manpage 671 672 * kadmin.c: `quit' should be a alias for `exit', not `help' 673 6742000-08-27 Assar Westerlund <assar@sics.se> 675 676 * server.c (handle_v5): do not try to perform stupid stunts when 677 printing errors 678 6792000-08-19 Assar Westerlund <assar@sics.se> 680 681 * util.c (str2time_t): add alias for `now'. 682 6832000-08-18 Assar Westerlund <assar@sics.se> 684 685 * server.c (handle_v5): accept any kadmin/admin@* principal as the 686 server 687 * kadmind.c: remove extra prototype of kadmind_loop 688 * kadmin_locl.h (kadmind_loop): add prototype 689 690 * init.c (usage): print init-usage and not add-dito 691 6922000-08-07 Johan Danielsson <joda@pdc.kth.se> 693 694 * kadmind.c: use roken_getsockname 695 6962000-08-07 Assar Westerlund <assar@sics.se> 697 698 * kadmind.c, kadm_conn.c: use socklen_t instead of int where 699 appropriate. From <thorpej@netbsd.org> 700 7012000-08-04 Johan Danielsson <joda@pdc.kth.se> 702 703 * Makefile.am: link with pidfile library 704 705 * kadmind.c: write a pid file, and setup password quality 706 functions 707 708 * kadmin_locl.h: util.h 709 7102000-07-27 Assar Westerlund <assar@sics.se> 711 712 * version4.c (decode_packet): be totally consistent with the 713 prototype of des_cbc_cksum 714 * kadmind.c: use sa_size instead of sa_len, some systems define 715 this to emulate anonymous unions 716 * kadm_conn.c: use sa_size instead of sa_len, some systems define 717 this to emulate anonymous unions 718 7192000-07-24 Assar Westerlund <assar@sics.se> 720 721 * kadmin.c (commands): add quit 722 * load.c (doit): truncate the log since there's no way of knowing 723 what changes are going to be added 724 7252000-07-23 Assar Westerlund <assar@sics.se> 726 727 * util.c (str2time_t): be more careful with strptime that might 728 zero out the `struct tm' 729 7302000-07-22 Johan Danielsson <joda@pdc.kth.se> 731 732 * kadm_conn.c: make the parent process wait for children and 733 terminate after receiving a signal, also terminate on SIGINT 734 7352000-07-22 Assar Westerlund <assar@sics.se> 736 737 * version4.c: map both princ_expire_time and pw_expiration to v4 738 principal expiration 739 7402000-07-22 Johan Danielsson <joda@pdc.kth.se> 741 742 * version4.c (handle_v4): check for termination 743 744 * server.c (v5_loop): check for termination 745 746 * kadm_conn.c (wait_term): if we're doing something, set just set 747 a flag otherwise exit rightaway 748 749 * server.c: use krb5_read_priv_message; (v5_loop): check for EOF 750 7512000-07-21 Assar Westerlund <assar@sics.se> 752 753 * kadm_conn.c: remove sys/select.h. make signal handlers 754 type-correct and static 755 756 * kadmin_locl.h: add limits.h and sys/select.h 757 7582000-07-20 Assar Westerlund <assar@sics.se> 759 760 * init.c (init): also create `kadmin/hprop' 761 * kadmind.c: ports is a string argument 762 * kadm_conn.c (start_server): fix printf format 763 764 * kadmin_locl.h: add <sys/select.h> 765 * kadm_conn.c: remove sys/select.h. make signal handlers 766 type-correct and static 767 768 * kadmin_locl.h: add limits.h and sys/select.h 769 7702000-07-17 Johan Danielsson <joda@pdc.kth.se> 771 772 * kadm_conn.c: put all processes in a new process group 773 774 * server.c (v5_loop): use krb5_{read,write}_priv_message 775 7762000-07-11 Johan Danielsson <joda@pdc.kth.se> 777 778 * version4.c: change log strings to match the v5 counterparts 779 780 * mod.c: allow setting kvno 781 782 * kadmind.c: if stdin is not a socket create and listen to sockets 783 784 * kadm_conn.c: socket creation functions 785 786 * util.c (deltat2str): treat 0 and INT_MAX as never 787 7882000-07-08 Assar Westerlund <assar@sics.se> 789 790 * Makefile.am (INCLUDES): add ../lib/krb5 791 * kadmin_locl.h: add krb5_locl.h (since we just use some stuff 792 from there) 793 7942000-06-07 Assar Westerlund <assar@sics.se> 795 796 * add-random-users.c: new testing program that adds a number of 797 randomly generated users 798 7992000-04-12 Assar Westerlund <assar@sics.se> 800 801 * cpw.c (do_cpw_entry): call set_password if no argument is given, 802 it will prompt for the password. 803 * kadmin.c: make help only print the commands that are actually 804 available. 805 8062000-04-03 Assar Westerlund <assar@sics.se> 807 808 * del_enctype.c (del_enctype): set ignore correctly 809 8102000-04-02 Assar Westerlund <assar@sics.se> 811 812 * kadmin.c (main): make parse errors a fatal error 813 * init.c (init): create changepw/kerberos with disallow-tgt and 814 pwchange attributes 815 8162000-03-23 Assar Westerlund <assar@sics.se> 817 818 * util.c (hex2n, parse_des_key): add 819 * server.c (kadmind_dispatch): add kadm_chpass_with_key 820 * cpw.c: add --key 821 * ank.c: add --key 822 8232000-02-16 Assar Westerlund <assar@sics.se> 824 825 * load.c (doit): check return value from parse_hdbflags2int 826 correctly 827 8282000-01-25 Assar Westerlund <assar@sics.se> 829 830 * load.c: checking all parsing for errors and all memory 831 allocations also 832 8332000-01-02 Assar Westerlund <assar@sics.se> 834 835 * server.c: check initial flag in ticket and allow users to change 836 their own password if it's set 837 * ext.c (do_ext_keytab): set timestamp 838 8391999-12-14 Assar Westerlund <assar@sics.se> 840 841 * del_enctype.c (usage): don't use arg_printusage 842 8431999-11-25 Assar Westerlund <assar@sics.se> 844 845 * del_enctype.c (del_enctype): try not to leak memory 846 847 * version4.c (kadm_ser_mod): use kadm5_s_modify_principal (no 848 _with_key) 849 850 * kadmin.c: add `del_enctype' 851 852 * del_enctype.c (del_enctype): new function for deleting enctypes 853 from a principal 854 855 * Makefile.am (kadmin_SOURCES): add del_enctype.c 856 8571999-11-09 Johan Danielsson <joda@pdc.kth.se> 858 859 * server.c: cope with old clients 860 861 * kadmin_locl.h: remove version string 862 8631999-10-17 Assar Westerlund <assar@sics.se> 864 865 * Makefile.am (kadmin_LDADD): add LIB_dlopen 866 8671999-10-01 Assar Westerlund <assar@sics.se> 868 869 * ank.c (add_one_principal): `password' can cactually be NULL in 870 the overwrite code, check for it. 871 8721999-09-20 Assar Westerlund <assar@sics.se> 873 874 * mod.c (mod_entry): print the correct principal name in error 875 messages. From Love <lha@e.kth.se> 876 8771999-09-10 Assar Westerlund <assar@sics.se> 878 879 * init.c (init): also create `changepw/kerberos' 880 881 * version4.c: only create you loose packets when we fail decoding 882 and not when an operation is not performed for some reason 883 (decode_packet): read the service key from the hdb 884 (dispatch, decode_packet): return proper error messages 885 886 * version4.c (kadm_ser_cpw): add password quality functions 887 8881999-08-27 Johan Danielsson <joda@pdc.kth.se> 889 890 * server.c (handle_v5): give more informative message if 891 KRB5_KT_NOTFOUND 892 8931999-08-26 Johan Danielsson <joda@pdc.kth.se> 894 895 * kadmind.c: use HDB keytabs 896 8971999-08-25 Assar Westerlund <assar@sics.se> 898 899 * cpw.c (set_password): use correct variable. From Love 900 <lha@e.kth.se> 901 902 * server.c (v5_loop): use correct error code 903 904 * ank.c (add_one_principal): initialize `default_ent' 905 9061999-08-21 Assar Westerlund <assar@sics.se> 907 908 * random_password.c: new file, stolen from krb4 909 910 * kadmin_locl.h: add prototype for random_password 911 912 * cpw.c: add support for --random-password 913 914 * ank.c: add support for --random-password 915 916 * Makefile.am (kadmin_SOURCES): add random_password.c 917 9181999-08-19 Assar Westerlund <assar@sics.se> 919 920 * util.c (edit_timet): break when we manage to parse the time not 921 the inverse. 922 923 * mod.c: add parsing of lots of options. From Love 924 <lha@stacken.kth.se> 925 926 * ank.c: add setting of expiration and password expiration 927 928 * kadmin_locl.h: update util.c prototypes 929 930 * util.c: move-around. clean-up, rename, make consistent (and 931 some other weird stuff). based on patches from Love 932 <lha@stacken.kth.se> 933 934 * version4.c (kadm_ser_cpw): initialize password 935 (handle_v4): remove unused variable `ret' 936 9371999-08-16 Assar Westerlund <assar@sics.se> 938 939 * version4.c (handle_v4): more error checking and more correct 940 error messages 941 942 * server.c (v5_loop, kadmind_loop): more error checking and more 943 correct error messages 944 9451999-07-24 Assar Westerlund <assar@sics.se> 946 947 * util.c (str2timeval, edit_time): functions for parsing and 948 editing times. Based on patches from Love <lha@stacken.kth.se>. 949 (edit_entry): call new functions 950 951 * mod.c (mod_entry): allow modifying expiration times 952 953 * kadmin_locl.h (str2timeval): add prototype 954 955 * ank.c (add_one_principal): allow setting expiration times 956 9571999-07-03 Assar Westerlund <assar@sics.se> 958 959 * server.c (v5_loop): handle data allocation with krb5_data_alloc 960 and check return value 961 9621999-06-23 Assar Westerlund <assar@sics.se> 963 964 * version4.c (kadm_ser_cpw): read the key in the strange order 965 it's sent 966 967 * util.c (edit_entry): look at default 968 (edit_time): always set mask even if value == 0 969 970 * kadmin_locl.h (edit_entry): update 971 972 * ank.c: make ank use the values of the default principal for 973 prompting 974 975 * version4.c (values_to_ent): convert key data correctly 976 9771999-05-23 Assar Westerlund <assar@sics.se> 978 979 * init.c (create_random_entry): more correct setting of mask 980 9811999-05-21 Assar Westerlund <assar@sics.se> 982 983 * server.c (handle_v5): read sendauth version correctly. 984 9851999-05-14 Assar Westerlund <assar@sics.se> 986 987 * version4.c (error_code): try to handle really old krb4 988 distributions 989 9901999-05-11 Assar Westerlund <assar@sics.se> 991 992 * init.c (init): initialize realm_max_life and realm_max_rlife 993 9941999-05-07 Assar Westerlund <assar@sics.se> 995 996 * ank.c (add_new_key): initialize more variables 997 9981999-05-04 Assar Westerlund <assar@sics.se> 999 1000 * version4.c (kadm_ser_cpw): always allow a user to change her 1001 password 1002 (kadm_ser_*): make logging work 1003 clean-up and restructure 1004 1005 * kadmin_locl.h (set_entry): add prototype 1006 1007 * kadmin.c (usage): update usage string 1008 1009 * init.c (init): new arguments realm-max-ticket-life and 1010 realm-max-renewable-life 1011 1012 * util.c (edit_time, edit_attributes): don't do anything if it's 1013 already set 1014 (set_entry): new function 1015 1016 * ank.c (add_new_key): new options for setting max-ticket-life, 1017 max-renewable-life, and attributes 1018 1019 * server.c (v5_loop): remove unused variable 1020 1021 * kadmin_locl.h: add prototypes 1022 1023 * version4.c: re-insert krb_err.h and other miss 1024 1025 * server.c (kadmind_loop): break-up and restructure 1026 1027 * version4.c: add ACL checks more error code checks restructure 1028 10291999-05-03 Johan Danielsson <joda@pdc.kth.se> 1030 1031 * load.c: check for (un-)encrypted keys 1032 1033 * dump.c: use hdb_print_entry 1034 1035 * version4.c: version 4 support 1036 1037 * Makefile.am: link with krb4 1038 1039 * kadmin_locl.h: include <sys/un.h> 1040 1041 * server.c: move from lib/kadm5, and add basic support for krb4 1042 kadmin protocol 1043 1044 * kadmind.c: move recvauth to kadmind_loop() 1045