ChangeLog
1 2008-04-07 Love Hörnquist Åstrand <lha@it.su.se> 2 3 * kadm_conn.c: Use unsigned where appropriate. 4 5 2007-12-09 Love Hörnquist Åstrand <lha@it.su.se> 6 7 * kadmin.c: Use hdb_db_dir(). 8 9 * kadmind.c: Use hdb_db_dir(). 10 11 2007-07-26 Love Hörnquist Åstrand <lha@it.su.se> 12 13 * util.c: Clear error string, just to be sure. 14 15 2007-05-10 Love Hörnquist Åstrand <lha@it.su.se> 16 17 * kadmin-commands.in: modify --pkinit-acl 18 19 * mod.c: add pk-init command 20 21 2007-02-22 Love Hörnquist Åstrand <lha@it.su.se> 22 23 * kadmin.8: document kadmin add_enctype functionallity. 24 25 * Makefile.am: Add new command, add_enctype. 26 27 * kadmin-commands.in: Add new command, add_enctype. 28 29 * add_enctype.c: Add support for adding a random key enctype to a 30 principal. 31 32 2007-02-17 Love Hörnquist Åstrand <lha@it.su.se> 33 34 * mod.c: add setting and displaying aliases 35 36 * get.c: add setting and displaying aliases 37 38 * kadmin-commands.in: add setting and displaying aliases 39 40 2006-12-22 Love Hörnquist Åstrand <lha@it.su.se> 41 42 * util.c: Make str2time_t parser more robust. 43 44 * Makefile.am: Add test_util test program. 45 46 * test_util.c: Test str2time_t parser. 47 48 2006-12-05 Love Hörnquist Åstrand <lha@it.su.se> 49 50 * add-random-users.c: Use strcspn to remove \n from fgets 51 result. Prompted by change by Ray Lai of OpenBSD via Björn 52 Sandell. 53 54 2006-10-22 Love Hörnquist Åstrand <lha@it.su.se> 55 56 * mod.c: Try to not leak memory. 57 58 * check.c: Try to not leak memory. 59 60 2006-10-07 Love Hörnquist Åstrand <lha@it.su.se> 61 62 * Makefile.am: split build files into dist_ and noinst_ SOURCES 63 64 2006-08-28 Love Hörnquist Åstrand <lha@it.su.se> 65 66 * kadmin.c (help): use sl_slc_help(). 67 68 2006-08-24 Love Hörnquist Åstrand <lha@it.su.se> 69 70 * util.c: Add KRB5_KDB_ALLOW_DIGEST 71 72 2006-07-14 Love Hörnquist Åstrand <lha@it.su.se> 73 74 * get.c (format_field): optionally print issuer and anchor. 75 76 2006-06-21 Love Hörnquist Åstrand <lha@it.su.se> 77 78 * check.c: Check if afs@REALM and afs/cellname@REALM both exists. 79 80 2006-06-14 Love Hörnquist Åstrand <lha@it.su.se> 81 82 * util.c (kdb_attrs): Add KRB5_KDB_ALLOW_KERBEROS4 83 84 2006-06-07 Love Hörnquist Åstrand <lha@it.su.se> 85 86 * mod.c (do_mod_entry): Add setting 1 delegation entry 87 88 2006-06-01 Love Hörnquist Åstrand <lha@it.su.se> 89 90 * server.c: Less shadowing. 91 92 2006-05-13 Love Hörnquist Åstrand <lha@it.su.se> 93 94 * Makefile.am: kadmin_SOURCES += add check.c 95 96 * kadmin_locl.h: Avoid shadowing. 97 98 * kadmin.8: Document the new check command. 99 100 * kadmin-commands.in: Add check command 101 102 * check.c: Check database for strange configurations on default 103 principals. 104 105 2006-05-08 Love Hörnquist Åstrand <lha@it.su.se> 106 107 * server.c (kadm_get_privs): one less "pointer targets in passing 108 argument differ in signedness" warning. 109 110 2006-05-05 Love Hörnquist Åstrand <lha@it.su.se> 111 112 * dump-format.txt: Moved to info documentation. 113 114 * Rename u_intXX_t to uintXX_t 115 116 2006-05-01 Love Hörnquist Åstrand <lha@it.su.se> 117 118 * kadmin.8: spelling, update .Dd 119 120 2006-04-12 Love Hörnquist Åstrand <lha@it.su.se> 121 122 * add-random-users.c: Catch empty file case. From Tobias 123 Stoeckmann. 124 125 2006-04-07 Love Hörnquist Åstrand <lha@it.su.se> 126 127 * random_password.c (generate_password): memory leak in error 128 condition case From Coverity NetBSD CID#1887 129 130 2006-02-19 Love Hörnquist Åstrand <lha@it.su.se> 131 132 * cpw.c (cpw_entry): make sure ret have a defined value 133 134 * del.c (del_entry): make sure ret have a defined value 135 136 * mod.c: Return error code so that toplevel function can catch 137 them. 138 139 2006-01-25 Love Hörnquist Åstrand <lha@it.su.se> 140 141 * cpw.c (cpw_entry): return 1 on failure. 142 143 * rename.c (rename_entry): return 1 on failure. 144 145 * del.c (del_entry): return 1 on failure. 146 147 * ank.c (add_new_key): return 1 on failure. 148 149 * get.c: Add printing of pkinit-acls. Don't print password by 150 default. Return 1 on failure processing any of the principals. 151 152 * util.c (foreach_principal): If any of calls to `func' failes, 153 the first error is returned when all principals are processed. 154 155 2005-12-01 Love Hörnquist Åstrand <lha@it.su.se> 156 157 * kadmin-commands.in: Add ank as an alias to add, it lost in 158 transition to slc, from Måns Nilsson. 159 160 2005-09-14 Love Hörquist Åstrand <lha@it.su.se> 161 162 * dump-format.txt: Add extensions, fill in missing fields. 163 164 2005-09-08 Love Hörquist Åstrand <lha@it.su.se> 165 166 * init.c (create_random_entry): create principal with random 167 password even though its disabled. From Andrew Bartlet 168 <abartlet@samba.org> 169 170 2005-09-01 Love Hörquist Åstrand <lha@it.su.se> 171 172 * kadm_conn.c: Use socket_set_reuseaddr and socket_set_ipv6only. 173 174 2005-08-11 Love Hörquist Åstrand <lha@it.su.se> 175 176 * get.c: Remove structure that is never used (sneaked in the large 177 TL_DATA patch). 178 179 * kadmin-commands.in: Rename password-quality to 180 verify-password-quality. 181 182 * get.c: Indent. 183 184 * server.c: Avoid shadowing exp(). 185 186 * load.c: Parse extensions. 187 188 * kadmin_locl.h: Include <hex.h>. 189 190 * get.c: Extend struct field_name to have a subvalue and a 191 extra_mask. Use that to implement printing of KADM5_TL_DATA 192 options and fix a dependency bug (keys needed principal to print 193 the salting). 194 195 2005-07-08 Love Hörquist Åstrand <lha@it.su.se> 196 197 * lower amount of shadow and const warnings 198 199 2005-06-07 David Love <fx@gnu.org> 200 201 * dump-format.txt: Clarify, spelling and add examples. 202 203 2005-05-30 Love Hörquist Åstrand <lha@it.su.se> 204 205 * util.c (kdb_attrs): add ok-as-delegate 206 207 * get.c (getit): init data.mask to 0. Problem found by Andrew 208 Bartlett <abartlet@samba.org> 209 210 2005-05-09 Love Hörquist Åstrand <lha@it.su.se> 211 212 * kadmin.c (main): catch -2 as EOF 213 214 2005-05-03 Dave Love <d.love@dl.ac.uk> 215 216 * init.c (init): Don't disable forwardable for kadmin/changepw. 217 218 2005-05-02 Dave Love <d.love@dl.ac.uk> 219 220 * kadmin.c (help): Don't use non-constant initializer for `fake'. 221 222 2005-04-20 Love Hörquist Åstrand <lha@it.su.se> 223 224 * util.c (foreach_principal): initialize ret to make sure it have 225 a value 226 227 2005-04-04 Love Hörquist Åstrand <lha@it.su.se> 228 229 * kadmind.c: add verifier libraries with 230 kadm5_add_passwd_quality_verifier 231 232 * kadmin.c: add verifier libraries with 233 kadm5_add_passwd_quality_verifier 234 235 * load.c: max-life and max-renew is of unsigned int in asn1 236 compiler, use that for the parser too 237 238 2005-03-26 Love Hörquist Åstrand <lha@it.su.se> 239 240 * kadmin.8: List of attributes, from James F. Hranicky 241 <jfh@cise.ufl.edu> 242 243 2005-01-19 Love Hörquist Åstrand <lha@it.su.se> 244 245 * dump.c (dump): handle errors 246 247 2005-01-08 Love Hörquist Åstrand <lha@it.su.se> 248 249 * dump-format.txt: text dump format 250 251 2004-12-08 Love Hörquist Åstrand <lha@it.su.se> 252 253 * kadmind.8: use keeps around options, from OpenBSD 254 255 * kadmin.8: use keeps around options, "improve" spelling, from 256 openbsd 257 258 2004-11-01 Love Hörquist Åstrand <lha@it.su.se> 259 260 * get.c (getit): always free columns 261 262 * ank.c (add_one_principal): catch error from 263 UI_UTIL_read_pw_string 264 265 2004-10-31 Love Hörquist Åstrand <lha@it.su.se> 266 267 * del_enctype.c (del_enctype): fix off-by-one error in del_enctype 268 From: <ragge@ludd.luth.se> 269 270 2004-08-13 Love Hörquist Åstrand <lha@it.su.se> 271 272 * get.c: print keytypes on long format 273 274 2004-07-06 Love Hörquist Åstrand <lha@it.su.se> 275 276 * get.c (format_field): allow mod_name to be optional 277 278 * ext.c (do_ext_keytab): if there isn't any keydata, try using 279 kadm5_randkey_principal 280 281 2004-07-02 Love Hörquist Åstrand <lha@it.su.se> 282 283 * load.c: make merge/load work again 284 285 * del.c: fix usage string 286 287 * ank.c: fix slc lossage 288 289 2004-06-28 Love Hörquist Åstrand <lha@it.su.se> 290 291 * kadmin.c: use kadm5_ad_init_with_password_ctx 292 293 2004-06-27 Johan Danielsson <joda@pdc.kth.se> 294 295 * kadmin.8: document get -o and stash 296 297 * get.c: implement output column selection, similar to ps -o 298 299 * kadmin-commands.in: make get -l the default again, and add 300 column selection flag; sync list with get 301 302 2004-06-24 Johan Danielsson <joda@pdc.kth.se> 303 304 * kadmin-commands.in: mod needs default kvno of -1 305 306 2004-06-21 Johan Danielsson <joda@pdc.kth.se> 307 308 * kadmin: convert to use slc; also add stash subcommand 309 310 2004-06-15 Love Hörquist Åstrand <lha@it.su.se> 311 312 * kadmin.c (main): keytab mode requires principal name 313 314 2004-06-12 Love Hörquist Åstrand <lha@it.su.se> 315 316 * kadmind.c: drop keyfile, not used, found by 317 Elrond <elrond@samba-tng.org> 318 319 * kadmin.c: if keyfile is set, pass in to libkadm5 bug pointed out 320 by Elrond <elrond@samba-tng.org> 321 322 2004-05-31 Love Hörquist Åstrand <lha@it.su.se> 323 324 * kadmin.c: add --ad flag, XXX rewrite the init kadm5 interface 325 326 2004-05-13 Johan Danielsson <joda@pdc.kth.se> 327 328 * nuke kerberos 4 kadmin goo 329 330 2004-05-07 Johan Danielsson <joda@pdc.kth.se> 331 332 * util.c (str2time_t): fix end-of-day logic, from Duncan 333 McEwan/Mark Davies. 334 335 2004-04-29 Love Hörquist Åstrand <lha@it.su.se> 336 337 * version4.c (handle_v4): make sure length is longer then 2, 338 Pointed out by Evgeny Demidov <demidov@gleg.net> 339 340 * kadmind.c: make kerberos4 support default turned off 341 342 2004-03-24 Johan Danielsson <joda@pdc.kth.se> 343 344 * kadmin.8: update manpage 345 346 * mod.c: allow wildcarding principals, and make parameters a work 347 same as if prompted 348 349 2004-03-08 Love Hörquist Åstrand <lha@it.su.se> 350 351 * kadmin.8: document password-quality 352 353 * kadmin_locl.h: add prototype for password_quality 354 355 * kadmin.c: add password-quality/pwq command 356 357 * Makefile.am: kadmin_SOURCES += pw_quality.c 358 359 * pw_quality.c: test run the password quality function 360 361 2004-03-07 Love Hörquist Åstrand <lha@it.su.se> 362 363 * ank.c (add_one_principal): even though the principal is disabled 364 (creation of random key/keydata), create it with a random password 365 366 2003-12-07 Love Hörquist Åstrand <lha@it.su.se> 367 368 * init.c (create_random_entry): print error message on failure 369 370 * ank.c (add_one_principal): pass right argument to 371 kadm5_free_principal_ent From Panasas, Inc 372 373 2003-11-18 Love Hörquist Åstrand <lha@it.su.se> 374 375 * kadmind.c (main): move opening the logfile to after reading 376 kdc.conf move the loading of hdb keytab ops closer to where its 377 used From: Jeffrey Hutzelman <jhutz@cmu.edu> 378 379 2003-10-04 Love Hörquist Åstrand <lha@it.su.se> 380 381 * util.c (str2time_t): allow whitespace between date and time 382 From: Bob Beck <beck@cvs.openbsd.org> and adharw@yahoo.com 383 384 2003-09-03 Love Hörquist Åstrand <lha@it.su.se> 385 386 * ank.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ 387 388 * cpw.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ 389 390 2003-08-21 Love Hörquist Åstrand <lha@it.su.se> 391 392 * get.c (print_entry_terse): handle error when unparsing name 393 394 2003-08-18 Love Hörquist Åstrand <lha@it.su.se> 395 396 * kadmind.c (main): use krb5_prepend_config_files_default, now all 397 options in kdc.conf is parsed, not just [kdc]key-file= 398 399 * kadmin.c (main): use krb5_prepend_config_files_default, now all 400 options in kdc.conf is parsed, not just [kdc]key-file= 401 402 2003-04-14 Love Hörquist Åstrand <lha@it.su.se> 403 404 * util.c: cast argument to tolower to unsigned char, from 405 Christian Biere <christianbiere@gmx.de> via NetBSD 406 407 2003-04-06 Love Hörquist Åstrand <lha@it.su.se> 408 409 * kadmind.8: s/kerberos/Kerberos/ 410 411 2003-03-31 Love Hörquist Åstrand <lha@it.su.se> 412 413 * kadmin.8: initialises -> initializes, from Perry E. Metzger" 414 <perry@piermont.com> 415 416 * kadmin.c: principal, not pricipal. From Thomas Klausner 417 <wiz@netbsd.org> 418 419 2003-02-04 Love Hörquist Åstrand <lha@it.su.se> 420 421 * kadmind.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 422 423 * kadmin.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl> 424 425 2003-01-29 Love Hörquist Åstrand <lha@it.su.se> 426 427 * server.c (kadmind_dispatch): kadm_chpass: require the password 428 to pass the password quality check in case the user changes the 429 user's own password kadm_chpass_with_key: disallow the user to 430 change it own password to a key, since that password might violate 431 the password quality check. 432 433 2002-12-03 Johan Danielsson <joda@pdc.kth.se> 434 435 * util.c (get_response): print a newline if interrupted 436 437 * mod.c (mod_entry): check return value from edit_entry 438 439 * ank.c (add_one_principal): check return value from edit_entry 440 441 * ank.c (add_one_principal): don't continue if create_principal 442 fails 443 444 * init.c: check return value from edit_deltat 445 446 * init.c: add --help 447 448 2002-10-29 Johan Danielsson <joda@pdc.kth.se> 449 450 * version4.c: speling (from Tomas Olsson) 451 452 2002-10-23 Assar Westerlund <assar@kth.se> 453 454 * version4.c (decode_packet): check the length of the version 455 string and that rlen has a reasonable value 456 457 2002-10-21 Johan Danielsson <joda@pdc.kth.se> 458 459 * version4.c: check size of rlen 460 461 2002-09-10 Johan Danielsson <joda@pdc.kth.se> 462 463 * server.c: constify match_appl_version() 464 465 * version4.c: change some lingering krb_err_base 466 467 2002-09-09 Jacques Vidrine <nectar@kth.se> 468 469 * server.c (kadmind_dispatch): while decoding arguments for 470 kadm_chpass_with_key, sanity check the number of keys given. 471 Potential problem pointed out by 472 Sebastian Krahmer <krahmer@suse.de>. 473 474 2002-09-04 Johan Danielsson <joda@pdc.kth.se> 475 476 * load.c (parse_generation): return if there is no generation 477 (spotted by Daniel Kouril) 478 479 2002-06-07 Jacques Vidrine <n@nectar.com> 480 481 * ank.c: do not attempt to free uninitialized pointer when 482 kadm5_randkey_principal fails. 483 484 2002-06-07 Johan Danielsson <joda@pdc.kth.se> 485 486 * util.c: remove unused variable; reported by Hans Insulander 487 488 2002-03-05 Johan Danielsson <joda@pdc.kth.se> 489 490 * kadmind.8: clarify some acl wording, and add an example file 491 492 2002-02-11 Johan Danielsson <joda@pdc.kth.se> 493 494 * ext.c: no need to use the "modify" keytab anymore 495 496 2001-09-20 Assar Westerlund <assar@sics.se> 497 498 * add-random-users.c: allocate several buffers for the list of 499 words, instead of one strdup per word (running under efence does 500 not work very well otherwise) 501 502 2001-09-13 Assar Westerlund <assar@sics.se> 503 504 * add-random-users.c: allow specifying the number of users to 505 create 506 507 2001-08-24 Assar Westerlund <assar@sics.se> 508 509 * Makefile.am: rename variable name to avoid error from current 510 automake 511 512 2001-08-22 Assar Westerlund <assar@sics.se> 513 514 * kadmin_locl.h: include libutil.h if it exists 515 516 2001-08-10 Johan Danielsson <joda@pdc.kth.se> 517 518 * util.c: do something to handle C-c in prompts 519 520 * load.c: remove unused etypes code, and add parsing of the 521 generation field 522 523 * ank.c: add a --use-defaults option to just use default values 524 without questions 525 526 * kadmin.c: add "del" alias for delete 527 528 * cpw.c: call this operation "passwd" in usage 529 530 * kadmin_locl.h: prototype for set_defaults 531 532 * util.c (edit_entry): move setting of default values to a 533 separate function, set_defaults 534 535 2001-08-01 Johan Danielsson <joda@pdc.kth.se> 536 537 * kadmin.c: print help message on bad options 538 539 2001-07-31 Assar Westerlund <assar@sics.se> 540 541 * add-random-users.c (main): handle --version 542 543 2001-07-30 Johan Danielsson <joda@pdc.kth.se> 544 545 * load.c: increase line buffer to 8k 546 547 2001-06-12 Assar Westerlund <assar@sics.se> 548 549 * ext.c (ext_keytab): use the default modify keytab per default 550 551 2001-05-17 Assar Westerlund <assar@sics.se> 552 553 * kadm_conn.c (start_server): fix krb5_eai_to_heim_errno call 554 555 2001-05-15 Assar Westerlund <assar@sics.se> 556 557 * kadmin.c (main): some error cleaning required 558 559 2001-05-14 Assar Westerlund <assar@sics.se> 560 561 * kadmind.c: new krb5_config_parse_file 562 * kadmin.c: new krb5_config_parse_file 563 * kadm_conn.c: update to new krb5_sockaddr2address 564 565 2001-05-07 Assar Westerlund <assar@sics.se> 566 567 * kadmin_locl.h (foreach_principal): update prototype 568 * get.c (getit): new foreach_principal 569 * ext.c (ext_keytab): new foreach_principal 570 * del.c (del_entry): new foreach_principal 571 * cpw.c (cpw_entry): new foreach_principal 572 * util.c (foreach_principal): add `funcname' and try printing the 573 error string 574 575 2001-05-04 Johan Danielsson <joda@pdc.kth.se> 576 577 * rename.c: fix argument number test 578 579 2001-04-19 Johan Danielsson <joda@pdc.kth.se> 580 581 * del_enctype.c: fix argument count check after getarg change; 582 spotted by mark@MCS.VUW.AC.NZ 583 584 2001-02-15 Assar Westerlund <assar@sics.se> 585 586 * kadmind.c (main): use a `struct sockaddr_storage' to be able to 587 store all types of addresses 588 589 2001-02-07 Assar Westerlund <assar@sics.se> 590 591 * kadmin.c: add --keytab / _K, from Leif Johansson 592 <leifj@it.su.se> 593 594 2001-01-29 Assar Westerlund <assar@sics.se> 595 596 * kadm_conn.c (spawn_child): close the newly created socket in the 597 packet, it's not used. from <shadow@dementia.org> 598 * version4.c (decode_packet): check success of 599 krb5_425_conv_principal. from <shadow@dementia.org> 600 601 2001-01-12 Assar Westerlund <assar@sics.se> 602 603 * util.c (parse_attributes): make empty string mean no attributes, 604 specifying the empty string at the command line should give you no 605 attributes, but just pressing return at the prompt gives you 606 default attributes 607 (edit_entry): only pick up values from the default principal if they 608 aren't set in the principal being edited 609 610 2001-01-04 Assar Westerlund <assar@sics.se> 611 612 * load.c (doit): print an error and bail out if storing an entry 613 in the database fails. The most likely reason for it failing is 614 out-of-space. 615 616 2000-12-31 Assar Westerlund <assar@sics.se> 617 618 * kadmind.c (main): handle krb5_init_context failure consistently 619 * kadmin.c (main): handle krb5_init_context failure consistently 620 * add-random-users.c (add_user): handle krb5_init_context failure 621 consistently 622 623 * kadm_conn.c (spawn_child): use a struct sockaddr_storage 624 625 2000-12-15 Johan Danielsson <joda@pdc.kth.se> 626 627 * get.c: avoid asprintf'ing NULL strings 628 629 2000-12-14 Johan Danielsson <joda@pdc.kth.se> 630 631 * load.c: fix option parsing 632 633 2000-11-16 Assar Westerlund <assar@sics.se> 634 635 * kadm_conn.c (wait_for_connection): check for fd's being too 636 large to select on 637 638 2000-11-09 Johan Danielsson <joda@pdc.kth.se> 639 640 * get.c: don't try to print modifier name if it isn't set (from 641 Jacques A. Vidrine" <n@nectar.com>) 642 643 2000-09-19 Assar Westerlund <assar@sics.se> 644 645 * server.c (kadmind_loop): send in keytab to v4 handling function 646 * version4.c: allow the specification of what keytab to use 647 648 * get.c (print_entry_long): actually print the actual saltvalue 649 used if it's not the default 650 651 2000-09-10 Johan Danielsson <joda@pdc.kth.se> 652 653 * kadmin.c: add option parsing, and add `privs' as an alias for 654 `privileges' 655 656 * init.c: complain if there's no realm name specified 657 658 * rename.c: add option parsing 659 660 * load.c: add option parsing 661 662 * get.c: make `get' and `list' aliases to each other, but with 663 different defaults 664 665 * del_enctype.c: add option parsing 666 667 * del.c: add option parsing 668 669 * ank.c: calling the command `add' make more sense from an english 670 pov 671 672 * Makefile.am: add kadmin manpage 673 674 * kadmin.8: short manpage 675 676 * kadmin.c: `quit' should be a alias for `exit', not `help' 677 678 2000-08-27 Assar Westerlund <assar@sics.se> 679 680 * server.c (handle_v5): do not try to perform stupid stunts when 681 printing errors 682 683 2000-08-19 Assar Westerlund <assar@sics.se> 684 685 * util.c (str2time_t): add alias for `now'. 686 687 2000-08-18 Assar Westerlund <assar@sics.se> 688 689 * server.c (handle_v5): accept any kadmin/admin@* principal as the 690 server 691 * kadmind.c: remove extra prototype of kadmind_loop 692 * kadmin_locl.h (kadmind_loop): add prototype 693 694 * init.c (usage): print init-usage and not add-dito 695 696 2000-08-07 Johan Danielsson <joda@pdc.kth.se> 697 698 * kadmind.c: use roken_getsockname 699 700 2000-08-07 Assar Westerlund <assar@sics.se> 701 702 * kadmind.c, kadm_conn.c: use socklen_t instead of int where 703 appropriate. From <thorpej@netbsd.org> 704 705 2000-08-04 Johan Danielsson <joda@pdc.kth.se> 706 707 * Makefile.am: link with pidfile library 708 709 * kadmind.c: write a pid file, and setup password quality 710 functions 711 712 * kadmin_locl.h: util.h 713 714 2000-07-27 Assar Westerlund <assar@sics.se> 715 716 * version4.c (decode_packet): be totally consistent with the 717 prototype of des_cbc_cksum 718 * kadmind.c: use sa_size instead of sa_len, some systems define 719 this to emulate anonymous unions 720 * kadm_conn.c: use sa_size instead of sa_len, some systems define 721 this to emulate anonymous unions 722 723 2000-07-24 Assar Westerlund <assar@sics.se> 724 725 * kadmin.c (commands): add quit 726 * load.c (doit): truncate the log since there's no way of knowing 727 what changes are going to be added 728 729 2000-07-23 Assar Westerlund <assar@sics.se> 730 731 * util.c (str2time_t): be more careful with strptime that might 732 zero out the `struct tm' 733 734 2000-07-22 Johan Danielsson <joda@pdc.kth.se> 735 736 * kadm_conn.c: make the parent process wait for children and 737 terminate after receiving a signal, also terminate on SIGINT 738 739 2000-07-22 Assar Westerlund <assar@sics.se> 740 741 * version4.c: map both princ_expire_time and pw_expiration to v4 742 principal expiration 743 744 2000-07-22 Johan Danielsson <joda@pdc.kth.se> 745 746 * version4.c (handle_v4): check for termination 747 748 * server.c (v5_loop): check for termination 749 750 * kadm_conn.c (wait_term): if we're doing something, set just set 751 a flag otherwise exit rightaway 752 753 * server.c: use krb5_read_priv_message; (v5_loop): check for EOF 754 755 2000-07-21 Assar Westerlund <assar@sics.se> 756 757 * kadm_conn.c: remove sys/select.h. make signal handlers 758 type-correct and static 759 760 * kadmin_locl.h: add limits.h and sys/select.h 761 762 2000-07-20 Assar Westerlund <assar@sics.se> 763 764 * init.c (init): also create `kadmin/hprop' 765 * kadmind.c: ports is a string argument 766 * kadm_conn.c (start_server): fix printf format 767 768 * kadmin_locl.h: add <sys/select.h> 769 * kadm_conn.c: remove sys/select.h. make signal handlers 770 type-correct and static 771 772 * kadmin_locl.h: add limits.h and sys/select.h 773 774 2000-07-17 Johan Danielsson <joda@pdc.kth.se> 775 776 * kadm_conn.c: put all processes in a new process group 777 778 * server.c (v5_loop): use krb5_{read,write}_priv_message 779 780 2000-07-11 Johan Danielsson <joda@pdc.kth.se> 781 782 * version4.c: change log strings to match the v5 counterparts 783 784 * mod.c: allow setting kvno 785 786 * kadmind.c: if stdin is not a socket create and listen to sockets 787 788 * kadm_conn.c: socket creation functions 789 790 * util.c (deltat2str): treat 0 and INT_MAX as never 791 792 2000-07-08 Assar Westerlund <assar@sics.se> 793 794 * Makefile.am (INCLUDES): add ../lib/krb5 795 * kadmin_locl.h: add krb5_locl.h (since we just use some stuff 796 from there) 797 798 2000-06-07 Assar Westerlund <assar@sics.se> 799 800 * add-random-users.c: new testing program that adds a number of 801 randomly generated users 802 803 2000-04-12 Assar Westerlund <assar@sics.se> 804 805 * cpw.c (do_cpw_entry): call set_password if no argument is given, 806 it will prompt for the password. 807 * kadmin.c: make help only print the commands that are actually 808 available. 809 810 2000-04-03 Assar Westerlund <assar@sics.se> 811 812 * del_enctype.c (del_enctype): set ignore correctly 813 814 2000-04-02 Assar Westerlund <assar@sics.se> 815 816 * kadmin.c (main): make parse errors a fatal error 817 * init.c (init): create changepw/kerberos with disallow-tgt and 818 pwchange attributes 819 820 2000-03-23 Assar Westerlund <assar@sics.se> 821 822 * util.c (hex2n, parse_des_key): add 823 * server.c (kadmind_dispatch): add kadm_chpass_with_key 824 * cpw.c: add --key 825 * ank.c: add --key 826 827 2000-02-16 Assar Westerlund <assar@sics.se> 828 829 * load.c (doit): check return value from parse_hdbflags2int 830 correctly 831 832 2000-01-25 Assar Westerlund <assar@sics.se> 833 834 * load.c: checking all parsing for errors and all memory 835 allocations also 836 837 2000-01-02 Assar Westerlund <assar@sics.se> 838 839 * server.c: check initial flag in ticket and allow users to change 840 their own password if it's set 841 * ext.c (do_ext_keytab): set timestamp 842 843 1999-12-14 Assar Westerlund <assar@sics.se> 844 845 * del_enctype.c (usage): don't use arg_printusage 846 847 1999-11-25 Assar Westerlund <assar@sics.se> 848 849 * del_enctype.c (del_enctype): try not to leak memory 850 851 * version4.c (kadm_ser_mod): use kadm5_s_modify_principal (no 852 _with_key) 853 854 * kadmin.c: add `del_enctype' 855 856 * del_enctype.c (del_enctype): new function for deleting enctypes 857 from a principal 858 859 * Makefile.am (kadmin_SOURCES): add del_enctype.c 860 861 1999-11-09 Johan Danielsson <joda@pdc.kth.se> 862 863 * server.c: cope with old clients 864 865 * kadmin_locl.h: remove version string 866 867 1999-10-17 Assar Westerlund <assar@sics.se> 868 869 * Makefile.am (kadmin_LDADD): add LIB_dlopen 870 871 1999-10-01 Assar Westerlund <assar@sics.se> 872 873 * ank.c (add_one_principal): `password' can cactually be NULL in 874 the overwrite code, check for it. 875 876 1999-09-20 Assar Westerlund <assar@sics.se> 877 878 * mod.c (mod_entry): print the correct principal name in error 879 messages. From Love <lha@e.kth.se> 880 881 1999-09-10 Assar Westerlund <assar@sics.se> 882 883 * init.c (init): also create `changepw/kerberos' 884 885 * version4.c: only create you loose packets when we fail decoding 886 and not when an operation is not performed for some reason 887 (decode_packet): read the service key from the hdb 888 (dispatch, decode_packet): return proper error messages 889 890 * version4.c (kadm_ser_cpw): add password quality functions 891 892 1999-08-27 Johan Danielsson <joda@pdc.kth.se> 893 894 * server.c (handle_v5): give more informative message if 895 KRB5_KT_NOTFOUND 896 897 1999-08-26 Johan Danielsson <joda@pdc.kth.se> 898 899 * kadmind.c: use HDB keytabs 900 901 1999-08-25 Assar Westerlund <assar@sics.se> 902 903 * cpw.c (set_password): use correct variable. From Love 904 <lha@e.kth.se> 905 906 * server.c (v5_loop): use correct error code 907 908 * ank.c (add_one_principal): initialize `default_ent' 909 910 1999-08-21 Assar Westerlund <assar@sics.se> 911 912 * random_password.c: new file, stolen from krb4 913 914 * kadmin_locl.h: add prototype for random_password 915 916 * cpw.c: add support for --random-password 917 918 * ank.c: add support for --random-password 919 920 * Makefile.am (kadmin_SOURCES): add random_password.c 921 922 1999-08-19 Assar Westerlund <assar@sics.se> 923 924 * util.c (edit_timet): break when we manage to parse the time not 925 the inverse. 926 927 * mod.c: add parsing of lots of options. From Love 928 <lha@stacken.kth.se> 929 930 * ank.c: add setting of expiration and password expiration 931 932 * kadmin_locl.h: update util.c prototypes 933 934 * util.c: move-around. clean-up, rename, make consistent (and 935 some other weird stuff). based on patches from Love 936 <lha@stacken.kth.se> 937 938 * version4.c (kadm_ser_cpw): initialize password 939 (handle_v4): remove unused variable `ret' 940 941 1999-08-16 Assar Westerlund <assar@sics.se> 942 943 * version4.c (handle_v4): more error checking and more correct 944 error messages 945 946 * server.c (v5_loop, kadmind_loop): more error checking and more 947 correct error messages 948 949 1999-07-24 Assar Westerlund <assar@sics.se> 950 951 * util.c (str2timeval, edit_time): functions for parsing and 952 editing times. Based on patches from Love <lha@stacken.kth.se>. 953 (edit_entry): call new functions 954 955 * mod.c (mod_entry): allow modifying expiration times 956 957 * kadmin_locl.h (str2timeval): add prototype 958 959 * ank.c (add_one_principal): allow setting expiration times 960 961 1999-07-03 Assar Westerlund <assar@sics.se> 962 963 * server.c (v5_loop): handle data allocation with krb5_data_alloc 964 and check return value 965 966 1999-06-23 Assar Westerlund <assar@sics.se> 967 968 * version4.c (kadm_ser_cpw): read the key in the strange order 969 it's sent 970 971 * util.c (edit_entry): look at default 972 (edit_time): always set mask even if value == 0 973 974 * kadmin_locl.h (edit_entry): update 975 976 * ank.c: make ank use the values of the default principal for 977 prompting 978 979 * version4.c (values_to_ent): convert key data correctly 980 981 1999-05-23 Assar Westerlund <assar@sics.se> 982 983 * init.c (create_random_entry): more correct setting of mask 984 985 1999-05-21 Assar Westerlund <assar@sics.se> 986 987 * server.c (handle_v5): read sendauth version correctly. 988 989 1999-05-14 Assar Westerlund <assar@sics.se> 990 991 * version4.c (error_code): try to handle really old krb4 992 distributions 993 994 1999-05-11 Assar Westerlund <assar@sics.se> 995 996 * init.c (init): initialize realm_max_life and realm_max_rlife 997 998 1999-05-07 Assar Westerlund <assar@sics.se> 999 1000 * ank.c (add_new_key): initialize more variables 1001 1002 1999-05-04 Assar Westerlund <assar@sics.se> 1003 1004 * version4.c (kadm_ser_cpw): always allow a user to change her 1005 password 1006 (kadm_ser_*): make logging work 1007 clean-up and restructure 1008 1009 * kadmin_locl.h (set_entry): add prototype 1010 1011 * kadmin.c (usage): update usage string 1012 1013 * init.c (init): new arguments realm-max-ticket-life and 1014 realm-max-renewable-life 1015 1016 * util.c (edit_time, edit_attributes): don't do anything if it's 1017 already set 1018 (set_entry): new function 1019 1020 * ank.c (add_new_key): new options for setting max-ticket-life, 1021 max-renewable-life, and attributes 1022 1023 * server.c (v5_loop): remove unused variable 1024 1025 * kadmin_locl.h: add prototypes 1026 1027 * version4.c: re-insert krb_err.h and other miss 1028 1029 * server.c (kadmind_loop): break-up and restructure 1030 1031 * version4.c: add ACL checks more error code checks restructure 1032 1033 1999-05-03 Johan Danielsson <joda@pdc.kth.se> 1034 1035 * load.c: check for (un-)encrypted keys 1036 1037 * dump.c: use hdb_print_entry 1038 1039 * version4.c: version 4 support 1040 1041 * Makefile.am: link with krb4 1042 1043 * kadmin_locl.h: include <sys/un.h> 1044 1045 * server.c: move from lib/kadm5, and add basic support for krb4 1046 kadmin protocol 1047 1048 * kadmind.c: move recvauth to kadmind_loop()