xref: /freebsd/crypto/heimdal/kadmin/ChangeLog (revision 1c05a6ea6b849ff95e539c31adea887c644a6a01)
12008-04-07  Love Hörnquist Åstrand  <lha@it.su.se>
2
3	* kadm_conn.c: Use unsigned where appropriate.
4
52007-12-09  Love Hörnquist Åstrand  <lha@it.su.se>
6
7	* kadmin.c: Use hdb_db_dir().
8
9	* kadmind.c: Use hdb_db_dir().
10
112007-07-26  Love Hörnquist Åstrand  <lha@it.su.se>
12
13	* util.c: Clear error string, just to be sure.
14
152007-05-10  Love Hörnquist Åstrand  <lha@it.su.se>
16
17	* kadmin-commands.in: modify --pkinit-acl
18
19	* mod.c: add pk-init command
20
212007-02-22  Love Hörnquist Åstrand  <lha@it.su.se>
22
23	* kadmin.8: document kadmin add_enctype functionallity.
24
25	* Makefile.am: Add new command, add_enctype.
26
27	* kadmin-commands.in: Add new command, add_enctype.
28
29	* add_enctype.c: Add support for adding a random key enctype to a
30	principal.
31
322007-02-17  Love Hörnquist Åstrand  <lha@it.su.se>
33
34	* mod.c: add setting and displaying aliases
35
36	* get.c: add setting and displaying aliases
37
38	* kadmin-commands.in: add setting and displaying aliases
39
402006-12-22  Love Hörnquist Åstrand  <lha@it.su.se>
41
42	* util.c: Make str2time_t parser more robust.
43
44	* Makefile.am: Add test_util test program.
45
46	* test_util.c: Test str2time_t parser.
47
482006-12-05  Love Hörnquist Åstrand  <lha@it.su.se>
49
50	* add-random-users.c: Use strcspn to remove \n from fgets
51	result. Prompted by change by Ray Lai of OpenBSD via Björn
52	Sandell.
53
542006-10-22  Love Hörnquist Åstrand  <lha@it.su.se>
55
56	* mod.c: Try to not leak memory.
57
58	* check.c: Try to not leak memory.
59
602006-10-07  Love Hörnquist Åstrand  <lha@it.su.se>
61
62	* Makefile.am: split build files into dist_ and noinst_ SOURCES
63
642006-08-28  Love Hörnquist Åstrand <lha@it.su.se>
65
66	* kadmin.c (help): use sl_slc_help().
67
682006-08-24  Love Hörnquist Åstrand  <lha@it.su.se>
69
70	* util.c: Add KRB5_KDB_ALLOW_DIGEST
71
722006-07-14  Love Hörnquist Åstrand  <lha@it.su.se>
73
74	* get.c (format_field): optionally print issuer and anchor.
75
762006-06-21  Love Hörnquist Åstrand  <lha@it.su.se>
77
78	* check.c: Check if afs@REALM and afs/cellname@REALM both exists.
79
802006-06-14  Love Hörnquist Åstrand  <lha@it.su.se>
81
82	* util.c (kdb_attrs): Add KRB5_KDB_ALLOW_KERBEROS4
83
842006-06-07  Love Hörnquist Åstrand  <lha@it.su.se>
85
86	* mod.c (do_mod_entry): Add setting 1 delegation entry
87
882006-06-01  Love Hörnquist Åstrand  <lha@it.su.se>
89
90	* server.c: Less shadowing.
91
922006-05-13  Love Hörnquist Åstrand  <lha@it.su.se>
93
94	* Makefile.am: kadmin_SOURCES += add check.c
95
96	* kadmin_locl.h: Avoid shadowing.
97
98	* kadmin.8: Document the new check command.
99
100	* kadmin-commands.in: Add check command
101
102	* check.c: Check database for strange configurations on default
103	principals.
104
1052006-05-08  Love Hörnquist Åstrand  <lha@it.su.se>
106
107	* server.c (kadm_get_privs): one less "pointer targets in passing
108	argument differ in signedness" warning.
109
1102006-05-05  Love Hörnquist Åstrand  <lha@it.su.se>
111
112	* dump-format.txt: Moved to info documentation.
113
114	* Rename u_intXX_t to uintXX_t
115
1162006-05-01  Love Hörnquist Åstrand  <lha@it.su.se>
117
118	* kadmin.8: spelling, update .Dd
119
1202006-04-12  Love Hörnquist Åstrand  <lha@it.su.se>
121
122	* add-random-users.c: Catch empty file case. From Tobias
123	Stoeckmann.
124
1252006-04-07  Love Hörnquist Åstrand  <lha@it.su.se>
126
127	* random_password.c (generate_password): memory leak in error
128	condition case From Coverity NetBSD CID#1887
129
1302006-02-19  Love Hörnquist Åstrand  <lha@it.su.se>
131
132	* cpw.c (cpw_entry): make sure ret have a defined value
133
134	* del.c (del_entry): make sure ret have a defined value
135
136	* mod.c: Return error code so that toplevel function can catch
137	them.
138
1392006-01-25  Love Hörnquist Åstrand <lha@it.su.se>
140
141	* cpw.c (cpw_entry): return 1 on failure.
142
143	* rename.c (rename_entry): return 1 on failure.
144
145	* del.c (del_entry): return 1 on failure.
146
147	* ank.c (add_new_key): return 1 on failure.
148
149	* get.c: Add printing of pkinit-acls. Don't print password by
150	default. Return 1 on failure processing any of the principals.
151
152	* util.c (foreach_principal): If any of calls to `func' failes,
153	the first error is returned when all principals are processed.
154
1552005-12-01  Love Hörnquist Åstrand <lha@it.su.se>
156
157	* kadmin-commands.in: Add ank as an alias to add, it lost in
158	transition to slc, from Måns Nilsson.
159
1602005-09-14  Love Hörquist Åstrand  <lha@it.su.se>
161
162	* dump-format.txt: Add extensions, fill in missing fields.
163
1642005-09-08  Love Hörquist Åstrand  <lha@it.su.se>
165
166	* init.c (create_random_entry): create principal with random
167	password even though its disabled. From Andrew Bartlet
168	<abartlet@samba.org>
169
1702005-09-01  Love Hörquist Åstrand  <lha@it.su.se>
171
172	* kadm_conn.c: Use socket_set_reuseaddr and socket_set_ipv6only.
173
1742005-08-11  Love Hörquist Åstrand  <lha@it.su.se>
175
176	* get.c: Remove structure that is never used (sneaked in the large
177	TL_DATA patch).
178
179	* kadmin-commands.in: Rename password-quality to
180	verify-password-quality.
181
182	* get.c: Indent.
183
184	* server.c: Avoid shadowing exp().
185
186	* load.c: Parse extensions.
187
188	* kadmin_locl.h: Include <hex.h>.
189
190	* get.c: Extend struct field_name to have a subvalue and a
191	extra_mask.  Use that to implement printing of KADM5_TL_DATA
192	options and fix a dependency bug (keys needed principal to print
193	the salting).
194
1952005-07-08  Love Hörquist Åstrand  <lha@it.su.se>
196
197	* lower amount of shadow and const warnings
198
1992005-06-07  David Love  <fx@gnu.org>
200
201	* dump-format.txt: Clarify, spelling and add examples.
202
2032005-05-30  Love Hörquist Åstrand  <lha@it.su.se>
204
205	* util.c (kdb_attrs): add ok-as-delegate
206
207	* get.c (getit): init data.mask to 0.  Problem found by Andrew
208	Bartlett <abartlet@samba.org>
209
2102005-05-09  Love Hörquist Åstrand  <lha@it.su.se>
211
212	* kadmin.c (main): catch -2 as EOF
213
2142005-05-03  Dave Love  <d.love@dl.ac.uk>
215
216	* init.c (init): Don't disable forwardable for kadmin/changepw.
217
2182005-05-02  Dave Love  <d.love@dl.ac.uk>
219
220	* kadmin.c (help): Don't use non-constant initializer for `fake'.
221
2222005-04-20  Love Hörquist Åstrand  <lha@it.su.se>
223
224	* util.c (foreach_principal): initialize ret to make sure it have
225	a value
226
2272005-04-04  Love Hörquist Åstrand  <lha@it.su.se>
228
229	* kadmind.c: add verifier libraries with
230	kadm5_add_passwd_quality_verifier
231
232	* kadmin.c: add verifier libraries with
233	kadm5_add_passwd_quality_verifier
234
235	* load.c: max-life and max-renew is of unsigned int in asn1
236	compiler, use that for the parser too
237
2382005-03-26  Love Hörquist Åstrand  <lha@it.su.se>
239
240	* kadmin.8: List of attributes, from James F.  Hranicky
241	<jfh@cise.ufl.edu>
242
2432005-01-19  Love Hörquist Åstrand  <lha@it.su.se>
244
245	* dump.c (dump): handle errors
246
2472005-01-08 Love Hörquist Åstrand <lha@it.su.se>
248
249	* dump-format.txt: text dump format
250
2512004-12-08  Love Hörquist Åstrand  <lha@it.su.se>
252
253	* kadmind.8: use keeps around options, from OpenBSD
254
255	* kadmin.8: use keeps around options, "improve" spelling, from
256	openbsd
257
2582004-11-01  Love Hörquist Åstrand  <lha@it.su.se>
259
260	* get.c (getit): always free columns
261
262	* ank.c (add_one_principal): catch error from
263	UI_UTIL_read_pw_string
264
2652004-10-31  Love Hörquist Åstrand  <lha@it.su.se>
266
267	* del_enctype.c (del_enctype): fix off-by-one error in del_enctype
268	From: <ragge@ludd.luth.se>
269
2702004-08-13  Love Hörquist Åstrand  <lha@it.su.se>
271
272	* get.c: print keytypes on long format
273
2742004-07-06  Love Hörquist Åstrand  <lha@it.su.se>
275
276	* get.c (format_field): allow mod_name to be optional
277
278	* ext.c (do_ext_keytab): if there isn't any keydata, try using
279	kadm5_randkey_principal
280
2812004-07-02  Love Hörquist Åstrand  <lha@it.su.se>
282
283	* load.c: make merge/load work again
284
285	* del.c: fix usage string
286
287	* ank.c: fix slc lossage
288
2892004-06-28  Love Hörquist Åstrand  <lha@it.su.se>
290
291	* kadmin.c: use kadm5_ad_init_with_password_ctx
292
2932004-06-27  Johan Danielsson  <joda@pdc.kth.se>
294
295	* kadmin.8: document get -o and stash
296
297	* get.c: implement output column selection, similar to ps -o
298
299	* kadmin-commands.in: make get -l the default again, and add
300	column selection flag; sync list with get
301
3022004-06-24  Johan Danielsson  <joda@pdc.kth.se>
303
304	* kadmin-commands.in: mod needs default kvno of -1
305
3062004-06-21  Johan Danielsson  <joda@pdc.kth.se>
307
308	* kadmin: convert to use slc; also add stash subcommand
309
3102004-06-15  Love Hörquist Åstrand  <lha@it.su.se>
311
312	* kadmin.c (main): keytab mode requires principal name
313
3142004-06-12  Love Hörquist Åstrand  <lha@it.su.se>
315
316	* kadmind.c: drop keyfile, not used, found by
317	Elrond <elrond@samba-tng.org>
318
319	* kadmin.c: if keyfile is set, pass in to libkadm5 bug pointed out
320	by Elrond <elrond@samba-tng.org>
321
3222004-05-31  Love Hörquist Åstrand  <lha@it.su.se>
323
324	* kadmin.c: add --ad flag, XXX rewrite the init kadm5 interface
325
3262004-05-13  Johan Danielsson  <joda@pdc.kth.se>
327
328	* nuke kerberos 4 kadmin goo
329
3302004-05-07  Johan Danielsson  <joda@pdc.kth.se>
331
332	* util.c (str2time_t): fix end-of-day logic, from Duncan
333	McEwan/Mark Davies.
334
3352004-04-29  Love Hörquist Åstrand  <lha@it.su.se>
336
337	* version4.c (handle_v4): make sure length is longer then 2,
338	Pointed out by Evgeny Demidov <demidov@gleg.net>
339
340	* kadmind.c: make kerberos4 support default turned off
341
3422004-03-24  Johan Danielsson  <joda@pdc.kth.se>
343
344	* kadmin.8: update manpage
345
346	* mod.c: allow wildcarding principals, and make parameters a work
347	same as if prompted
348
3492004-03-08  Love Hörquist Åstrand  <lha@it.su.se>
350
351	* kadmin.8: document password-quality
352
353	* kadmin_locl.h: add prototype for password_quality
354
355	* kadmin.c: add password-quality/pwq command
356
357	* Makefile.am: kadmin_SOURCES += pw_quality.c
358
359	* pw_quality.c: test run the password quality function
360
3612004-03-07  Love Hörquist Åstrand  <lha@it.su.se>
362
363	* ank.c (add_one_principal): even though the principal is disabled
364	(creation of random key/keydata), create it with a random password
365
3662003-12-07  Love Hörquist Åstrand  <lha@it.su.se>
367
368	* init.c (create_random_entry): print error message on failure
369
370	* ank.c (add_one_principal): pass right argument to
371	kadm5_free_principal_ent From Panasas, Inc
372
3732003-11-18  Love Hörquist Åstrand  <lha@it.su.se>
374
375	* kadmind.c (main): move opening the logfile to after reading
376	kdc.conf move the loading of hdb keytab ops closer to where its
377	used From: Jeffrey Hutzelman <jhutz@cmu.edu>
378
3792003-10-04  Love Hörquist Åstrand  <lha@it.su.se>
380
381	* util.c (str2time_t): allow whitespace between date and time
382	From: Bob Beck <beck@cvs.openbsd.org> and adharw@yahoo.com
383
3842003-09-03  Love Hörquist Åstrand  <lha@it.su.se>
385
386	* ank.c: s/des_read_pw_string/UI_UTIL_read_pw_string/
387
388	* cpw.c: s/des_read_pw_string/UI_UTIL_read_pw_string/
389
3902003-08-21  Love Hörquist Åstrand  <lha@it.su.se>
391
392	* get.c (print_entry_terse): handle error when unparsing name
393
3942003-08-18  Love Hörquist Åstrand  <lha@it.su.se>
395
396	* kadmind.c (main): use krb5_prepend_config_files_default, now all
397	options in kdc.conf is parsed, not just [kdc]key-file=
398
399	* kadmin.c (main): use krb5_prepend_config_files_default, now all
400	options in kdc.conf is parsed, not just [kdc]key-file=
401
4022003-04-14  Love Hörquist Åstrand  <lha@it.su.se>
403
404	* util.c: cast argument to tolower to unsigned char, from
405	Christian Biere <christianbiere@gmx.de> via NetBSD
406
4072003-04-06  Love Hörquist Åstrand <lha@it.su.se>
408
409	* kadmind.8: s/kerberos/Kerberos/
410
4112003-03-31  Love Hörquist Åstrand  <lha@it.su.se>
412
413	* kadmin.8: initialises -> initializes, from Perry E. Metzger"
414	<perry@piermont.com>
415
416	* kadmin.c: principal, not pricipal. From Thomas Klausner
417	<wiz@netbsd.org>
418
4192003-02-04  Love Hörquist Åstrand  <lha@it.su.se>
420
421	* kadmind.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl>
422
423	* kadmin.8: spelling, from jmc <jmc@prioris.mini.pw.edu.pl>
424
4252003-01-29  Love Hörquist Åstrand  <lha@it.su.se>
426
427	* server.c (kadmind_dispatch): kadm_chpass: require the password
428	to pass the password quality check in case the user changes the
429	user's own password kadm_chpass_with_key: disallow the user to
430	change it own password to a key, since that password might violate
431	the password quality check.
432
4332002-12-03  Johan Danielsson  <joda@pdc.kth.se>
434
435	* util.c (get_response): print a newline if interrupted
436
437	* mod.c (mod_entry): check return value from edit_entry
438
439	* ank.c (add_one_principal): check return value from edit_entry
440
441	* ank.c (add_one_principal): don't continue if create_principal
442	fails
443
444	* init.c: check return value from edit_deltat
445
446	* init.c: add --help
447
4482002-10-29  Johan Danielsson  <joda@pdc.kth.se>
449
450	* version4.c: speling (from Tomas Olsson)
451
4522002-10-23  Assar Westerlund  <assar@kth.se>
453
454	* version4.c (decode_packet): check the length of the version
455	string and that rlen has a reasonable value
456
4572002-10-21  Johan Danielsson  <joda@pdc.kth.se>
458
459	* version4.c: check size of rlen
460
4612002-09-10  Johan Danielsson  <joda@pdc.kth.se>
462
463	* server.c: constify match_appl_version()
464
465	* version4.c: change some lingering krb_err_base
466
4672002-09-09  Jacques Vidrine  <nectar@kth.se>
468
469	* server.c (kadmind_dispatch): while decoding arguments for
470	kadm_chpass_with_key, sanity check the number of keys given.
471	Potential problem pointed out by
472	Sebastian Krahmer <krahmer@suse.de>.
473
4742002-09-04  Johan Danielsson  <joda@pdc.kth.se>
475
476	* load.c (parse_generation): return if there is no generation
477	(spotted by Daniel Kouril)
478
4792002-06-07  Jacques Vidrine <n@nectar.com>
480
481	* ank.c: do not attempt to free uninitialized pointer when
482	kadm5_randkey_principal fails.
483
4842002-06-07  Johan Danielsson  <joda@pdc.kth.se>
485
486	* util.c: remove unused variable; reported by Hans Insulander
487
4882002-03-05  Johan Danielsson  <joda@pdc.kth.se>
489
490	* kadmind.8: clarify some acl wording, and add an example file
491
4922002-02-11  Johan Danielsson  <joda@pdc.kth.se>
493
494	* ext.c: no need to use the "modify" keytab anymore
495
4962001-09-20  Assar Westerlund  <assar@sics.se>
497
498	* add-random-users.c: allocate several buffers for the list of
499	words, instead of one strdup per word (running under efence does
500	not work very well otherwise)
501
5022001-09-13  Assar Westerlund  <assar@sics.se>
503
504	* add-random-users.c: allow specifying the number of users to
505	create
506
5072001-08-24  Assar Westerlund  <assar@sics.se>
508
509	* Makefile.am: rename variable name to avoid error from current
510	automake
511
5122001-08-22  Assar Westerlund  <assar@sics.se>
513
514	* kadmin_locl.h: include libutil.h if it exists
515
5162001-08-10  Johan Danielsson  <joda@pdc.kth.se>
517
518	* util.c: do something to handle C-c in prompts
519
520	* load.c: remove unused etypes code, and add parsing of the
521	generation field
522
523	* ank.c: add a --use-defaults option to just use default values
524	without questions
525
526	* kadmin.c: add "del" alias for delete
527
528	* cpw.c: call this operation "passwd" in usage
529
530	* kadmin_locl.h: prototype for set_defaults
531
532	* util.c (edit_entry): move setting of default values to a
533	separate function, set_defaults
534
5352001-08-01  Johan Danielsson  <joda@pdc.kth.se>
536
537	* kadmin.c: print help message on bad options
538
5392001-07-31  Assar Westerlund  <assar@sics.se>
540
541	* add-random-users.c (main): handle --version
542
5432001-07-30  Johan Danielsson  <joda@pdc.kth.se>
544
545	* load.c: increase line buffer to 8k
546
5472001-06-12  Assar Westerlund  <assar@sics.se>
548
549	* ext.c (ext_keytab): use the default modify keytab per default
550
5512001-05-17  Assar Westerlund  <assar@sics.se>
552
553	* kadm_conn.c (start_server): fix krb5_eai_to_heim_errno call
554
5552001-05-15  Assar Westerlund  <assar@sics.se>
556
557	* kadmin.c (main): some error cleaning required
558
5592001-05-14  Assar Westerlund  <assar@sics.se>
560
561	* kadmind.c: new krb5_config_parse_file
562	* kadmin.c: new krb5_config_parse_file
563	* kadm_conn.c: update to new krb5_sockaddr2address
564
5652001-05-07  Assar Westerlund  <assar@sics.se>
566
567	* kadmin_locl.h (foreach_principal): update prototype
568	* get.c (getit): new foreach_principal
569	* ext.c (ext_keytab): new foreach_principal
570	* del.c (del_entry): new foreach_principal
571	* cpw.c (cpw_entry): new foreach_principal
572	* util.c (foreach_principal): add `funcname' and try printing the
573	error string
574
5752001-05-04  Johan Danielsson  <joda@pdc.kth.se>
576
577	* rename.c: fix argument number test
578
5792001-04-19  Johan Danielsson  <joda@pdc.kth.se>
580
581	* del_enctype.c: fix argument count check after getarg change;
582	spotted by mark@MCS.VUW.AC.NZ
583
5842001-02-15  Assar Westerlund  <assar@sics.se>
585
586	* kadmind.c (main): use a `struct sockaddr_storage' to be able to
587	store all types of addresses
588
5892001-02-07  Assar Westerlund  <assar@sics.se>
590
591	* kadmin.c: add --keytab / _K, from Leif Johansson
592	<leifj@it.su.se>
593
5942001-01-29  Assar Westerlund  <assar@sics.se>
595
596	* kadm_conn.c (spawn_child): close the newly created socket in the
597	packet, it's not used.  from <shadow@dementia.org>
598	* version4.c (decode_packet): check success of
599	krb5_425_conv_principal.  from <shadow@dementia.org>
600
6012001-01-12  Assar Westerlund  <assar@sics.se>
602
603	* util.c (parse_attributes): make empty string mean no attributes,
604	specifying the empty string at the command line should give you no
605	attributes, but just pressing return at the prompt gives you
606	default attributes
607	(edit_entry): only pick up values from the default principal if they
608	aren't set in the principal being edited
609
6102001-01-04  Assar Westerlund  <assar@sics.se>
611
612	* load.c (doit): print an error and bail out if storing an entry
613	in the database fails.  The most likely reason for it failing is
614	out-of-space.
615
6162000-12-31  Assar Westerlund  <assar@sics.se>
617
618	* kadmind.c (main): handle krb5_init_context failure consistently
619	* kadmin.c (main): handle krb5_init_context failure consistently
620	* add-random-users.c (add_user): handle krb5_init_context failure
621	consistently
622
623	* kadm_conn.c (spawn_child): use a struct sockaddr_storage
624
6252000-12-15  Johan Danielsson  <joda@pdc.kth.se>
626
627	* get.c: avoid asprintf'ing NULL strings
628
6292000-12-14  Johan Danielsson  <joda@pdc.kth.se>
630
631	* load.c: fix option parsing
632
6332000-11-16  Assar Westerlund  <assar@sics.se>
634
635	* kadm_conn.c (wait_for_connection): check for fd's being too
636	large to select on
637
6382000-11-09  Johan Danielsson  <joda@pdc.kth.se>
639
640	* get.c: don't try to print modifier name if it isn't set (from
641	Jacques A. Vidrine" <n@nectar.com>)
642
6432000-09-19  Assar Westerlund  <assar@sics.se>
644
645	* server.c (kadmind_loop): send in keytab to v4 handling function
646	* version4.c: allow the specification of what keytab to use
647
648	* get.c (print_entry_long): actually print the actual saltvalue
649	used if it's not the default
650
6512000-09-10  Johan Danielsson  <joda@pdc.kth.se>
652
653	* kadmin.c: add option parsing, and add `privs' as an alias for
654	`privileges'
655
656	* init.c: complain if there's no realm name specified
657
658	* rename.c: add option parsing
659
660	* load.c: add option parsing
661
662	* get.c: make `get' and `list' aliases to each other, but with
663	different defaults
664
665	* del_enctype.c: add option parsing
666
667	* del.c: add option parsing
668
669	* ank.c: calling the command `add' make more sense from an english
670	pov
671
672	* Makefile.am: add kadmin manpage
673
674	* kadmin.8: short manpage
675
676	* kadmin.c: `quit' should be a alias for `exit', not `help'
677
6782000-08-27  Assar Westerlund  <assar@sics.se>
679
680	* server.c (handle_v5): do not try to perform stupid stunts when
681	printing errors
682
6832000-08-19  Assar Westerlund  <assar@sics.se>
684
685	* util.c (str2time_t): add alias for `now'.
686
6872000-08-18  Assar Westerlund  <assar@sics.se>
688
689	* server.c (handle_v5): accept any kadmin/admin@* principal as the
690	server
691	* kadmind.c: remove extra prototype of kadmind_loop
692	* kadmin_locl.h (kadmind_loop): add prototype
693
694	* init.c (usage): print init-usage and not add-dito
695
6962000-08-07  Johan Danielsson  <joda@pdc.kth.se>
697
698	* kadmind.c: use roken_getsockname
699
7002000-08-07  Assar Westerlund  <assar@sics.se>
701
702	* kadmind.c, kadm_conn.c: use socklen_t instead of int where
703	appropriate.  From <thorpej@netbsd.org>
704
7052000-08-04  Johan Danielsson  <joda@pdc.kth.se>
706
707	* Makefile.am: link with pidfile library
708
709	* kadmind.c: write a pid file, and setup password quality
710	functions
711
712	* kadmin_locl.h: util.h
713
7142000-07-27  Assar Westerlund  <assar@sics.se>
715
716	* version4.c (decode_packet): be totally consistent with the
717	prototype of des_cbc_cksum
718	* kadmind.c: use sa_size instead of sa_len, some systems define
719	this to emulate anonymous unions
720	* kadm_conn.c: use sa_size instead of sa_len, some systems define
721	this to emulate anonymous unions
722
7232000-07-24  Assar Westerlund  <assar@sics.se>
724
725	* kadmin.c (commands): add quit
726	* load.c (doit): truncate the log since there's no way of knowing
727	what changes are going to be added
728
7292000-07-23  Assar Westerlund  <assar@sics.se>
730
731	* util.c (str2time_t): be more careful with strptime that might
732	zero out the `struct tm'
733
7342000-07-22  Johan Danielsson  <joda@pdc.kth.se>
735
736	* kadm_conn.c: make the parent process wait for children and
737	terminate after receiving a signal, also terminate on SIGINT
738
7392000-07-22  Assar Westerlund  <assar@sics.se>
740
741	* version4.c: map both princ_expire_time and pw_expiration to v4
742	principal expiration
743
7442000-07-22  Johan Danielsson  <joda@pdc.kth.se>
745
746	* version4.c (handle_v4): check for termination
747
748	* server.c (v5_loop): check for termination
749
750	* kadm_conn.c (wait_term): if we're doing something, set just set
751	a flag otherwise exit rightaway
752
753	* server.c: use krb5_read_priv_message; (v5_loop): check for EOF
754
7552000-07-21  Assar Westerlund  <assar@sics.se>
756
757	* kadm_conn.c: remove sys/select.h.  make signal handlers
758	type-correct and static
759
760	* kadmin_locl.h: add limits.h and sys/select.h
761
7622000-07-20  Assar Westerlund  <assar@sics.se>
763
764	* init.c (init): also create `kadmin/hprop'
765	* kadmind.c: ports is a string argument
766	* kadm_conn.c (start_server): fix printf format
767
768	* kadmin_locl.h: add <sys/select.h>
769	* kadm_conn.c: remove sys/select.h.  make signal handlers
770	type-correct and static
771
772	* kadmin_locl.h: add limits.h and sys/select.h
773
7742000-07-17  Johan Danielsson  <joda@pdc.kth.se>
775
776	* kadm_conn.c: put all processes in a new process group
777
778	* server.c (v5_loop): use krb5_{read,write}_priv_message
779
7802000-07-11  Johan Danielsson  <joda@pdc.kth.se>
781
782	* version4.c: change log strings to match the v5 counterparts
783
784	* mod.c: allow setting kvno
785
786	* kadmind.c: if stdin is not a socket create and listen to sockets
787
788	* kadm_conn.c: socket creation functions
789
790	* util.c (deltat2str): treat 0 and INT_MAX as never
791
7922000-07-08  Assar Westerlund  <assar@sics.se>
793
794	* Makefile.am (INCLUDES): add ../lib/krb5
795	* kadmin_locl.h: add krb5_locl.h (since we just use some stuff
796	from there)
797
7982000-06-07  Assar Westerlund  <assar@sics.se>
799
800	* add-random-users.c: new testing program that adds a number of
801	randomly generated users
802
8032000-04-12  Assar Westerlund  <assar@sics.se>
804
805	* cpw.c (do_cpw_entry): call set_password if no argument is given,
806	it will prompt for the password.
807	* kadmin.c: make help only print the commands that are actually
808	available.
809
8102000-04-03  Assar Westerlund  <assar@sics.se>
811
812	* del_enctype.c (del_enctype): set ignore correctly
813
8142000-04-02  Assar Westerlund  <assar@sics.se>
815
816	* kadmin.c (main): make parse errors a fatal error
817	* init.c (init): create changepw/kerberos with disallow-tgt and
818	pwchange attributes
819
8202000-03-23  Assar Westerlund  <assar@sics.se>
821
822	* util.c (hex2n, parse_des_key): add
823	* server.c (kadmind_dispatch): add kadm_chpass_with_key
824	* cpw.c: add --key
825	* ank.c: add --key
826
8272000-02-16  Assar Westerlund  <assar@sics.se>
828
829	* load.c (doit): check return value from parse_hdbflags2int
830	correctly
831
8322000-01-25  Assar Westerlund  <assar@sics.se>
833
834	* load.c: checking all parsing for errors and all memory
835	allocations also
836
8372000-01-02  Assar Westerlund  <assar@sics.se>
838
839	* server.c: check initial flag in ticket and allow users to change
840	their own password if it's set
841	* ext.c (do_ext_keytab): set timestamp
842
8431999-12-14  Assar Westerlund  <assar@sics.se>
844
845	* del_enctype.c (usage): don't use arg_printusage
846
8471999-11-25  Assar Westerlund  <assar@sics.se>
848
849	* del_enctype.c (del_enctype): try not to leak memory
850
851	* version4.c (kadm_ser_mod): use kadm5_s_modify_principal (no
852 	_with_key)
853
854	* kadmin.c: add `del_enctype'
855
856	* del_enctype.c (del_enctype): new function for deleting enctypes
857	from a principal
858
859	* Makefile.am (kadmin_SOURCES): add del_enctype.c
860
8611999-11-09  Johan Danielsson  <joda@pdc.kth.se>
862
863	* server.c: cope with old clients
864
865	* kadmin_locl.h: remove version string
866
8671999-10-17  Assar Westerlund  <assar@sics.se>
868
869	* Makefile.am (kadmin_LDADD): add LIB_dlopen
870
8711999-10-01  Assar Westerlund  <assar@sics.se>
872
873	* ank.c (add_one_principal): `password' can cactually be NULL in
874 	the overwrite code, check for it.
875
8761999-09-20  Assar Westerlund  <assar@sics.se>
877
878	* mod.c (mod_entry): print the correct principal name in error
879 	messages.  From Love <lha@e.kth.se>
880
8811999-09-10  Assar Westerlund  <assar@sics.se>
882
883	* init.c (init): also create `changepw/kerberos'
884
885	* version4.c: only create you loose packets when we fail decoding
886 	and not when an operation is not performed for some reason
887	(decode_packet): read the service key from the hdb
888	(dispatch, decode_packet): return proper error messages
889
890	* version4.c (kadm_ser_cpw): add password quality functions
891
8921999-08-27  Johan Danielsson  <joda@pdc.kth.se>
893
894	* server.c (handle_v5): give more informative message if
895	KRB5_KT_NOTFOUND
896
8971999-08-26  Johan Danielsson  <joda@pdc.kth.se>
898
899	* kadmind.c: use HDB keytabs
900
9011999-08-25  Assar Westerlund  <assar@sics.se>
902
903	* cpw.c (set_password): use correct variable.  From Love
904 	<lha@e.kth.se>
905
906	* server.c (v5_loop): use correct error code
907
908	* ank.c (add_one_principal): initialize `default_ent'
909
9101999-08-21  Assar Westerlund  <assar@sics.se>
911
912	* random_password.c: new file, stolen from krb4
913
914	* kadmin_locl.h: add prototype for random_password
915
916	* cpw.c: add support for --random-password
917
918	* ank.c: add support for --random-password
919
920	* Makefile.am (kadmin_SOURCES): add random_password.c
921
9221999-08-19  Assar Westerlund  <assar@sics.se>
923
924	* util.c (edit_timet): break when we manage to parse the time not
925 	the inverse.
926
927	* mod.c: add parsing of lots of options.  From Love
928 	<lha@stacken.kth.se>
929
930	* ank.c: add setting of expiration and password expiration
931
932	* kadmin_locl.h: update util.c prototypes
933
934	* util.c: move-around.  clean-up, rename, make consistent (and
935 	some other weird stuff).  based on patches from Love
936 	<lha@stacken.kth.se>
937
938	* version4.c (kadm_ser_cpw): initialize password
939	(handle_v4): remove unused variable `ret'
940
9411999-08-16  Assar Westerlund  <assar@sics.se>
942
943	* version4.c (handle_v4): more error checking and more correct
944 	error messages
945
946	* server.c (v5_loop, kadmind_loop): more error checking and more
947 	correct error messages
948
9491999-07-24  Assar Westerlund  <assar@sics.se>
950
951	* util.c (str2timeval, edit_time): functions for parsing and
952 	editing times.  Based on patches from Love <lha@stacken.kth.se>.
953	(edit_entry): call new functions
954
955	* mod.c (mod_entry): allow modifying expiration times
956
957	* kadmin_locl.h (str2timeval): add prototype
958
959	* ank.c (add_one_principal): allow setting expiration times
960
9611999-07-03  Assar Westerlund  <assar@sics.se>
962
963	* server.c (v5_loop): handle data allocation with krb5_data_alloc
964 	and check return value
965
9661999-06-23  Assar Westerlund  <assar@sics.se>
967
968	* version4.c (kadm_ser_cpw): read the key in the strange order
969 	it's sent
970
971	* util.c (edit_entry): look at default
972	(edit_time): always set mask even if value == 0
973
974	* kadmin_locl.h (edit_entry): update
975
976	* ank.c: make ank use the values of the default principal for
977 	prompting
978
979	* version4.c (values_to_ent): convert key data correctly
980
9811999-05-23  Assar Westerlund  <assar@sics.se>
982
983	* init.c (create_random_entry): more correct setting of mask
984
9851999-05-21  Assar Westerlund  <assar@sics.se>
986
987	* server.c (handle_v5): read sendauth version correctly.
988
9891999-05-14  Assar Westerlund  <assar@sics.se>
990
991	* version4.c (error_code): try to handle really old krb4
992 	distributions
993
9941999-05-11  Assar Westerlund  <assar@sics.se>
995
996	* init.c (init): initialize realm_max_life and realm_max_rlife
997
9981999-05-07  Assar Westerlund  <assar@sics.se>
999
1000	* ank.c (add_new_key): initialize more variables
1001
10021999-05-04  Assar Westerlund  <assar@sics.se>
1003
1004	* version4.c (kadm_ser_cpw): always allow a user to change her
1005 	password
1006	(kadm_ser_*): make logging work
1007	clean-up and restructure
1008
1009	* kadmin_locl.h (set_entry): add prototype
1010
1011	* kadmin.c (usage): update usage string
1012
1013	* init.c (init): new arguments realm-max-ticket-life and
1014 	realm-max-renewable-life
1015
1016	* util.c (edit_time, edit_attributes): don't do anything if it's
1017 	already set
1018	(set_entry): new function
1019
1020	* ank.c (add_new_key): new options for setting max-ticket-life,
1021 	max-renewable-life, and attributes
1022
1023	* server.c (v5_loop): remove unused variable
1024
1025	* kadmin_locl.h: add prototypes
1026
1027	* version4.c: re-insert krb_err.h and other miss
1028
1029	* server.c (kadmind_loop): break-up and restructure
1030
1031	* version4.c: add ACL checks more error code checks restructure
1032
10331999-05-03  Johan Danielsson  <joda@pdc.kth.se>
1034
1035	* load.c: check for (un-)encrypted keys
1036
1037	* dump.c: use hdb_print_entry
1038
1039	* version4.c: version 4 support
1040
1041	* Makefile.am: link with krb4
1042
1043	* kadmin_locl.h: include <sys/un.h>
1044
1045	* server.c: move from lib/kadm5, and add basic support for krb4
1046	kadmin protocol
1047
1048	* kadmind.c: move recvauth to kadmind_loop()
1049