xref: /freebsd/crypto/heimdal/kadmin/ChangeLog (revision 5bda878e3e95c125f9bead8f22cee8cf2a298555) 
12002-10-21  Johan Danielsson  <joda@pdc.kth.se>
2
3	* version4.c: pull up 1.27; check size of rlen
4
52002-09-10  Johan Danielsson  <joda@pdc.kth.se>
6
7	* server.c: constify match_appl_version()
8
9	* version4.c: change some lingering krb_err_base
10
112002-09-09  Jacques Vidrine  <nectar@kth.se>
12
13	* server.c (kadmind_dispatch): while decoding arguments for
14	kadm_chpass_with_key, sanity check the number of keys given.
15	Potential problem pointed out by
16	Sebastian Krahmer <krahmer@suse.de>.
17
182002-09-04  Johan Danielsson  <joda@pdc.kth.se>
19
20	* load.c (parse_generation): return if there is no generation
21	(spotted by Daniel Kouril)
22
232002-06-07  Jacques Vidrine <n@nectar.com>
24
25	* ank.c: do not attempt to free uninitialized pointer when
26	kadm5_randkey_principal fails.
27
282002-06-07  Johan Danielsson  <joda@pdc.kth.se>
29
30	* util.c: remove unused variable; reported by Hans Insulander
31
322002-03-05  Johan Danielsson  <joda@pdc.kth.se>
33
34	* kadmind.8: clarify some acl wording, and add an example file
35
362002-02-11  Johan Danielsson  <joda@pdc.kth.se>
37
38	* ext.c: no need to use the "modify" keytab anymore
39
402001-09-20  Assar Westerlund  <assar@sics.se>
41
42	* add-random-users.c: allocate several buffers for the list of
43	words, instead of one strdup per word (running under efence does
44	not work very well otherwise)
45
462001-09-13  Assar Westerlund  <assar@sics.se>
47
48	* add-random-users.c: allow specifying the number of users to
49	create
50
512001-08-24  Assar Westerlund  <assar@sics.se>
52
53	* Makefile.am: rename variable name to avoid error from current
54	automake
55
562001-08-22  Assar Westerlund  <assar@sics.se>
57
58	* kadmin_locl.h: include libutil.h if it exists
59
602001-08-10  Johan Danielsson  <joda@pdc.kth.se>
61
62	* util.c: do something to handle C-c in prompts
63
64	* load.c: remove unused etypes code, and add parsing of the
65	generation field
66
67	* ank.c: add a --use-defaults option to just use default values
68	without questions
69
70	* kadmin.c: add "del" alias for delete
71
72	* cpw.c: call this operation "passwd" in usage
73
74	* kadmin_locl.h: prototype for set_defaults
75
76	* util.c (edit_entry): move setting of default values to a
77	separate function, set_defaults
78
792001-08-01  Johan Danielsson  <joda@pdc.kth.se>
80
81	* kadmin.c: print help message on bad options
82
832001-07-31  Assar Westerlund  <assar@sics.se>
84
85	* add-random-users.c (main): handle --version
86
872001-07-30  Johan Danielsson  <joda@pdc.kth.se>
88
89	* load.c: increase line buffer to 8k
90
912001-06-12  Assar Westerlund  <assar@sics.se>
92
93	* ext.c (ext_keytab): use the default modify keytab per default
94
952001-05-17  Assar Westerlund  <assar@sics.se>
96
97	* kadm_conn.c (start_server): fix krb5_eai_to_heim_errno call
98
992001-05-15  Assar Westerlund  <assar@sics.se>
100
101	* kadmin.c (main): some error cleaning required
102
1032001-05-14  Assar Westerlund  <assar@sics.se>
104
105	* kadmind.c: new krb5_config_parse_file
106	* kadmin.c: new krb5_config_parse_file
107	* kadm_conn.c: update to new krb5_sockaddr2address
108
1092001-05-07  Assar Westerlund  <assar@sics.se>
110
111	* kadmin_locl.h (foreach_principal): update prototype
112	* get.c (getit): new foreach_principal
113	* ext.c (ext_keytab): new foreach_principal
114	* del.c (del_entry): new foreach_principal
115	* cpw.c (cpw_entry): new foreach_principal
116	* util.c (foreach_principal): add `funcname' and try printing the
117	error string
118
1192001-05-04  Johan Danielsson  <joda@pdc.kth.se>
120
121	* rename.c: fix argument number test
122
1232001-04-19  Johan Danielsson  <joda@pdc.kth.se>
124
125	* del_enctype.c: fix argument count check after getarg change;
126	spotted by mark@MCS.VUW.AC.NZ
127
1282001-02-15  Assar Westerlund  <assar@sics.se>
129
130	* kadmind.c (main): use a `struct sockaddr_storage' to be able to
131	store all types of addresses
132
1332001-02-07  Assar Westerlund  <assar@sics.se>
134
135	* kadmin.c: add --keytab / _K, from Leif Johansson
136	<leifj@it.su.se>
137
1382001-01-29  Assar Westerlund  <assar@sics.se>
139
140	* kadm_conn.c (spawn_child): close the newly created socket in the
141	packet, it's not used.  from <shadow@dementia.org>
142	* version4.c (decode_packet): check success of
143	krb5_425_conv_principal.  from <shadow@dementia.org>
144
1452001-01-12  Assar Westerlund  <assar@sics.se>
146
147	* util.c (parse_attributes): make empty string mean no attributes,
148	specifying the empty string at the command line should give you no
149	attributes, but just pressing return at the prompt gives you
150	default attributes
151	(edit_entry): only pick up values from the default principal if they
152	aren't set in the principal being edited
153
1542001-01-04  Assar Westerlund  <assar@sics.se>
155
156	* load.c (doit): print an error and bail out if storing an entry
157	in the database fails.  The most likely reason for it failing is
158	out-of-space.
159
1602000-12-31  Assar Westerlund  <assar@sics.se>
161
162	* kadmind.c (main): handle krb5_init_context failure consistently
163	* kadmin.c (main): handle krb5_init_context failure consistently
164	* add-random-users.c (add_user): handle krb5_init_context failure
165	consistently
166
167	* kadm_conn.c (spawn_child): use a struct sockaddr_storage
168
1692000-12-15  Johan Danielsson  <joda@pdc.kth.se>
170
171	* get.c: avoid asprintf'ing NULL strings
172
1732000-12-14  Johan Danielsson  <joda@pdc.kth.se>
174
175	* load.c: fix option parsing
176
1772000-11-16  Assar Westerlund  <assar@sics.se>
178
179	* kadm_conn.c (wait_for_connection): check for fd's being too
180	large to select on
181
1822000-11-09  Johan Danielsson  <joda@pdc.kth.se>
183
184	* get.c: don't try to print modifier name if it isn't set (from
185	Jacques A. Vidrine" <n@nectar.com>)
186
1872000-09-19  Assar Westerlund  <assar@sics.se>
188
189	* server.c (kadmind_loop): send in keytab to v4 handling function
190	* version4.c: allow the specification of what keytab to use
191
192	* get.c (print_entry_long): actually print the actual saltvalue
193	used if it's not the default
194
1952000-09-10  Johan Danielsson  <joda@pdc.kth.se>
196
197	* kadmin.c: add option parsing, and add `privs' as an alias for
198	`privileges'
199
200	* init.c: complain if there's no realm name specified
201
202	* rename.c: add option parsing
203
204	* load.c: add option parsing
205
206	* get.c: make `get' and `list' aliases to each other, but with
207	different defaults
208
209	* del_enctype.c: add option parsing
210
211	* del.c: add option parsing
212
213	* ank.c: calling the command `add' make more sense from an english
214	pov
215
216	* Makefile.am: add kadmin manpage
217
218	* kadmin.8: short manpage
219
220	* kadmin.c: `quit' should be a alias for `exit', not `help'
221
2222000-08-27  Assar Westerlund  <assar@sics.se>
223
224	* server.c (handle_v5): do not try to perform stupid stunts when
225	printing errors
226
2272000-08-19  Assar Westerlund  <assar@sics.se>
228
229	* util.c (str2time_t): add alias for `now'.
230
2312000-08-18  Assar Westerlund  <assar@sics.se>
232
233	* server.c (handle_v5): accept any kadmin/admin@* principal as the
234	server
235	* kadmind.c: remove extra prototype of kadmind_loop
236	* kadmin_locl.h (kadmind_loop): add prototype
237
238	* init.c (usage): print init-usage and not add-dito
239
2402000-08-07  Johan Danielsson  <joda@pdc.kth.se>
241
242	* kadmind.c: use roken_getsockname
243
2442000-08-07  Assar Westerlund  <assar@sics.se>
245
246	* kadmind.c, kadm_conn.c: use socklen_t instead of int where
247	appropriate.  From <thorpej@netbsd.org>
248
2492000-08-04  Johan Danielsson  <joda@pdc.kth.se>
250
251	* Makefile.am: link with pidfile library
252
253	* kadmind.c: write a pid file, and setup password quality
254	functions
255
256	* kadmin_locl.h: util.h
257
2582000-07-27  Assar Westerlund  <assar@sics.se>
259
260	* version4.c (decode_packet): be totally consistent with the
261	prototype of des_cbc_cksum
262	* kadmind.c: use sa_size instead of sa_len, some systems define
263	this to emulate anonymous unions
264	* kadm_conn.c: use sa_size instead of sa_len, some systems define
265	this to emulate anonymous unions
266
2672000-07-24  Assar Westerlund  <assar@sics.se>
268
269	* kadmin.c (commands): add quit
270	* load.c (doit): truncate the log since there's no way of knowing
271	what changes are going to be added
272
2732000-07-23  Assar Westerlund  <assar@sics.se>
274
275	* util.c (str2time_t): be more careful with strptime that might
276	zero out the `struct tm'
277
2782000-07-22  Johan Danielsson  <joda@pdc.kth.se>
279
280	* kadm_conn.c: make the parent process wait for children and
281	terminate after receiving a signal, also terminate on SIGINT
282
2832000-07-22  Assar Westerlund  <assar@sics.se>
284
285	* version4.c: map both princ_expire_time and pw_expiration to v4
286	principal expiration
287
2882000-07-22  Johan Danielsson  <joda@pdc.kth.se>
289
290	* version4.c (handle_v4): check for termination
291
292	* server.c (v5_loop): check for termination
293
294	* kadm_conn.c (wait_term): if we're doing something, set just set
295	a flag otherwise exit rightaway
296
297	* server.c: use krb5_read_priv_message; (v5_loop): check for EOF
298
2992000-07-21  Assar Westerlund  <assar@sics.se>
300
301	* kadm_conn.c: remove sys/select.h.  make signal handlers
302	type-correct and static
303
304	* kadmin_locl.h: add limits.h and sys/select.h
305
3062000-07-20  Assar Westerlund  <assar@sics.se>
307
308	* init.c (init): also create `kadmin/hprop'
309	* kadmind.c: ports is a string argument
310	* kadm_conn.c (start_server): fix printf format
311
312	* kadmin_locl.h: add <sys/select.h>
313	* kadm_conn.c: remove sys/select.h.  make signal handlers
314	type-correct and static
315
316	* kadmin_locl.h: add limits.h and sys/select.h
317
3182000-07-17  Johan Danielsson  <joda@pdc.kth.se>
319
320	* kadm_conn.c: put all processes in a new process group
321
322	* server.c (v5_loop): use krb5_{read,write}_priv_message
323
3242000-07-11  Johan Danielsson  <joda@pdc.kth.se>
325
326	* version4.c: change log strings to match the v5 counterparts
327
328	* mod.c: allow setting kvno
329
330	* kadmind.c: if stdin is not a socket create and listen to sockets
331
332	* kadm_conn.c: socket creation functions
333
334	* util.c (deltat2str): treat 0 and INT_MAX as never
335
3362000-07-08  Assar Westerlund  <assar@sics.se>
337
338	* Makefile.am (INCLUDES): add ../lib/krb5
339	* kadmin_locl.h: add krb5_locl.h (since we just use some stuff
340	from there)
341
3422000-06-07  Assar Westerlund  <assar@sics.se>
343
344	* add-random-users.c: new testing program that adds a number of
345	randomly generated users
346
3472000-04-12  Assar Westerlund  <assar@sics.se>
348
349	* cpw.c (do_cpw_entry): call set_password if no argument is given,
350	it will prompt for the password.
351	* kadmin.c: make help only print the commands that are actually
352	available.
353
3542000-04-03  Assar Westerlund  <assar@sics.se>
355
356	* del_enctype.c (del_enctype): set ignore correctly
357
3582000-04-02  Assar Westerlund  <assar@sics.se>
359
360	* kadmin.c (main): make parse errors a fatal error
361	* init.c (init): create changepw/kerberos with disallow-tgt and
362	pwchange attributes
363
3642000-03-23  Assar Westerlund  <assar@sics.se>
365
366	* util.c (hex2n, parse_des_key): add
367	* server.c (kadmind_dispatch): add kadm_chpass_with_key
368	* cpw.c: add --key
369	* ank.c: add --key
370
3712000-02-16  Assar Westerlund  <assar@sics.se>
372
373	* load.c (doit): check return value from parse_hdbflags2int
374	correctly
375
3762000-01-25  Assar Westerlund  <assar@sics.se>
377
378	* load.c: checking all parsing for errors and all memory
379	allocations also
380
3812000-01-02  Assar Westerlund  <assar@sics.se>
382
383	* server.c: check initial flag in ticket and allow users to change
384	their own password if it's set
385	* ext.c (do_ext_keytab): set timestamp
386
3871999-12-14  Assar Westerlund  <assar@sics.se>
388
389	* del_enctype.c (usage): don't use arg_printusage
390
3911999-11-25  Assar Westerlund  <assar@sics.se>
392
393	* del_enctype.c (del_enctype): try not to leak memory
394
395	* version4.c (kadm_ser_mod): use kadm5_s_modify_principal (no
396 	_with_key)
397
398	* kadmin.c: add `del_enctype'
399
400	* del_enctype.c (del_enctype): new function for deleting enctypes
401	from a principal
402
403	* Makefile.am (kadmin_SOURCES): add del_enctype.c
404
4051999-11-09  Johan Danielsson  <joda@pdc.kth.se>
406
407	* server.c: cope with old clients
408
409	* kadmin_locl.h: remove version string
410
4111999-10-17  Assar Westerlund  <assar@sics.se>
412
413	* Makefile.am (kadmin_LDADD): add LIB_dlopen
414
4151999-10-01  Assar Westerlund  <assar@sics.se>
416
417	* ank.c (add_one_principal): `password' can cactually be NULL in
418 	the overwrite code, check for it.
419
4201999-09-20  Assar Westerlund  <assar@sics.se>
421
422	* mod.c (mod_entry): print the correct principal name in error
423 	messages.  From Love <lha@e.kth.se>
424
4251999-09-10  Assar Westerlund  <assar@sics.se>
426
427	* init.c (init): also create `changepw/kerberos'
428
429	* version4.c: only create you loose packets when we fail decoding
430 	and not when an operation is not performed for some reason
431	(decode_packet): read the service key from the hdb
432	(dispatch, decode_packet): return proper error messages
433
434	* version4.c (kadm_ser_cpw): add password quality functions
435
4361999-08-27  Johan Danielsson  <joda@pdc.kth.se>
437
438	* server.c (handle_v5): give more informative message if
439	KRB5_KT_NOTFOUND
440
4411999-08-26  Johan Danielsson  <joda@pdc.kth.se>
442
443	* kadmind.c: use HDB keytabs
444
4451999-08-25  Assar Westerlund  <assar@sics.se>
446
447	* cpw.c (set_password): use correct variable.  From Love
448 	<lha@e.kth.se>
449
450	* server.c (v5_loop): use correct error code
451
452	* ank.c (add_one_principal): initialize `default_ent'
453
4541999-08-21  Assar Westerlund  <assar@sics.se>
455
456	* random_password.c: new file, stolen from krb4
457
458	* kadmin_locl.h: add prototype for random_password
459
460	* cpw.c: add support for --random-password
461
462	* ank.c: add support for --random-password
463
464	* Makefile.am (kadmin_SOURCES): add random_password.c
465
4661999-08-19  Assar Westerlund  <assar@sics.se>
467
468	* util.c (edit_timet): break when we manage to parse the time not
469 	the inverse.
470
471	* mod.c: add parsing of lots of options.  From Love
472 	<lha@stacken.kth.se>
473
474	* ank.c: add setting of expiration and password expiration
475
476	* kadmin_locl.h: update util.c prototypes
477
478	* util.c: move-around.  clean-up, rename, make consistent (and
479 	some other weird stuff).  based on patches from Love
480 	<lha@stacken.kth.se>
481
482	* version4.c (kadm_ser_cpw): initialize password
483	(handle_v4): remove unused variable `ret'
484
4851999-08-16  Assar Westerlund  <assar@sics.se>
486
487	* version4.c (handle_v4): more error checking and more correct
488 	error messages
489
490	* server.c (v5_loop, kadmind_loop): more error checking and more
491 	correct error messages
492
4931999-07-24  Assar Westerlund  <assar@sics.se>
494
495	* util.c (str2timeval, edit_time): functions for parsing and
496 	editing times.  Based on patches from Love <lha@stacken.kth.se>.
497	(edit_entry): call new functions
498
499	* mod.c (mod_entry): allow modifying expiration times
500
501	* kadmin_locl.h (str2timeval): add prototype
502
503	* ank.c (add_one_principal): allow setting expiration times
504
5051999-07-03  Assar Westerlund  <assar@sics.se>
506
507	* server.c (v5_loop): handle data allocation with krb5_data_alloc
508 	and check return value
509
5101999-06-23  Assar Westerlund  <assar@sics.se>
511
512	* version4.c (kadm_ser_cpw): read the key in the strange order
513 	it's sent
514
515	* util.c (edit_entry): look at default
516	(edit_time): always set mask even if value == 0
517
518	* kadmin_locl.h (edit_entry): update
519
520	* ank.c: make ank use the values of the default principal for
521 	prompting
522
523	* version4.c (values_to_ent): convert key data correctly
524
5251999-05-23  Assar Westerlund  <assar@sics.se>
526
527	* init.c (create_random_entry): more correct setting of mask
528
5291999-05-21  Assar Westerlund  <assar@sics.se>
530
531	* server.c (handle_v5): read sendauth version correctly.
532
5331999-05-14  Assar Westerlund  <assar@sics.se>
534
535	* version4.c (error_code): try to handle really old krb4
536 	distributions
537
5381999-05-11  Assar Westerlund  <assar@sics.se>
539
540	* init.c (init): initialize realm_max_life and realm_max_rlife
541
5421999-05-07  Assar Westerlund  <assar@sics.se>
543
544	* ank.c (add_new_key): initialize more variables
545
5461999-05-04  Assar Westerlund  <assar@sics.se>
547
548	* version4.c (kadm_ser_cpw): always allow a user to change her
549 	password
550	(kadm_ser_*): make logging work
551	clean-up and restructure
552
553	* kadmin_locl.h (set_entry): add prototype
554
555	* kadmin.c (usage): update usage string
556
557	* init.c (init): new arguments realm-max-ticket-life and
558 	realm-max-renewable-life
559
560	* util.c (edit_time, edit_attributes): don't do anything if it's
561 	already set
562	(set_entry): new function
563
564	* ank.c (add_new_key): new options for setting max-ticket-life,
565 	max-renewable-life, and attributes
566
567	* server.c (v5_loop): remove unused variable
568
569	* kadmin_locl.h: add prototypes
570
571	* version4.c: re-insert krb_err.h and other miss
572
573	* server.c (kadmind_loop): break-up and restructure
574
575	* version4.c: add ACL checks more error code checks restructure
576
5771999-05-03  Johan Danielsson  <joda@pdc.kth.se>
578
579	* load.c: check for (un-)encrypted keys
580
581	* dump.c: use hdb_print_entry
582
583	* version4.c: version 4 support
584
585	* Makefile.am: link with krb4
586
587	* kadmin_locl.h: include <sys/un.h>
588
589	* server.c: move from lib/kadm5, and add basic support for krb4
590	kadmin protocol
591
592	* kadmind.c: move recvauth to kadmind_loop()
593