xref: /freebsd/crypto/heimdal/lib/kadm5/ChangeLog (revision 1b6c76a2fe091c74f08427e6c870851025a9cf67) 
12001-02-19  Johan Danielsson  <joda@pdc.kth.se>
2
3	* replay_log.c: add --{start-end}-version flags to replay just
4	part of the log
5
62001-02-15  Assar Westerlund  <assar@sics.se>
7
8	* ipropd_master.c (main): fix select-loop to decrement ret
9	correctly.  from "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
10
112001-01-30  Assar Westerlund  <assar@sics.se>
12
13	* Makefile.am: bump versions
14
152000-12-31  Assar Westerlund  <assar@sics.se>
16
17	* init_s.c (*): handle krb5_init_context failure consistently
18	* init_c.c (init_context): handle krb5_init_context failure
19	consistently
20
212000-12-11  Assar Westerlund  <assar@sics.se>
22
23	* Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:2:0
24
252000-11-16  Assar Westerlund  <assar@sics.se>
26
27	* set_keys.c (make_keys): clean-up salting loop and try not to
28	leak memory
29
30	* ipropd_master.c (main): check for fd's being too large to select
31	on
32
332000-08-16  Assar Westerlund  <assar@sics.se>
34
35	* Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:1:0
36
372000-08-10  Assar Westerlund  <assar@sics.se>
38
39	* acl.c (fetch_acl): fix wrong cases, use krb5_principal_match
40
412000-08-07  Assar Westerlund  <assar@sics.se>
42
43	* ipropd_master.c (main): ignore SIGPIPE
44
452000-08-06  Assar Westerlund  <assar@sics.se>
46
47	* ipropd_slave.c (receive_everything): make `fd' an int instead of
48	a pointer.  From Derrick J Brashear <shadow@dementia.org>
49
502000-08-04  Johan Danielsson  <joda@pdc.kth.se>
51
52	* admin.h: change void** to void*
53
542000-07-25  Johan Danielsson  <joda@pdc.kth.se>
55
56	* Makefile.am: bump versions to 7:0:0 and 6:0:2
57
582000-07-24  Assar Westerlund  <assar@sics.se>
59
60	* log.c (kadm5_log_get_version): rename kadm5_log_get_version_fd
61	and make a new that takes a context
62	(kadm5_log_nop): add logging of missing lengths
63	(kadm5_log_truncate): new function
64
65	* dump_log.c (print_entry): update and correct
66	* randkey_s.c: call _kadm5_bump_pw_expire
67	* truncate_log.c: new program for truncating the log
68	* Makefile.am (sbin_PROGRAMS): add truncate_log
69	(C_SOURCES): add bump_pw_expire.c
70	* bump_pw_expire.c: new function for extending password expiration
71
722000-07-22  Assar Westerlund  <assar@sics.se>
73
74	* keys.c: new file with _kadm5_free_keys, _kadm5_init_keys
75
76	* set_keys.c (free_keys, init_keys): elevate to internal kadm5
77	functions
78
79	* chpass_s.c (kadm5_s_chpass_principal_cond): new function
80	* Makefile.am (C_SOURCES): add keys.c
81	* init_c.c: remove unused variable and handle some parameters
82	being NULL
83
842000-07-22  Johan Danielsson  <joda@pdc.kth.se>
85
86	* ipropd_slave.c: use krb5_read_priv_message
87
88	* ipropd_master.c: use krb5_{read,write}_priv_message
89
90	* init_c.c: use krb5_write_priv_message
91
922000-07-11  Johan Danielsson  <joda@pdc.kth.se>
93
94	* ipropd_slave.c: no need to call gethostname, since
95	sname_to_principal will
96
97	* send_recv.c: assert that we have a connected socket
98
99	* get_princs_c.c: call _kadm5_connect
100
101	* rename_c.c: call _kadm5_connect
102
103	* randkey_c.c: call _kadm5_connect
104
105	* privs_c.c: call _kadm5_connect
106
107	* modify_c.c: call _kadm5_connect
108
109	* get_c.c: call _kadm5_connect
110
111	* delete_c.c: call _kadm5_connect
112
113	* create_c.c: call _kadm5_connect
114
115	* chpass_c.c: call _kadm5_connect
116
117	* private.h: add more fields to client context; remove prototypes
118
119	* admin.h: remove prototypes
120
121	* kadm5-protos.h: move public prototypes here
122
123	* kadm5-private.h: move private prototypes here
124
125	* init_c.c: break out connection code to separate function, and
126	defer calling it until we actually do something
127
1282000-07-07  Assar Westerlund  <assar@sics.se>
129
130	* set_keys.c (make_keys): also support `[kadmin]use_v4_salt' for
131	backwards compatability
132
1332000-06-26  Johan Danielsson  <joda@pdc.kth.se>
134
135	* set_keys.c (_kadm5_set_keys): rewrite this to be more easily
136	adaptable to different salts
137
1382000-06-19  Johan Danielsson  <joda@pdc.kth.se>
139
140	* get_s.c: pa_* -> KRB5_PADATA_*
141
1422000-06-16  Assar Westerlund  <assar@sics.se>
143
144	* ipropd_slave.c: change default keytab to default keytab (as in
145	typically FILE:/etc/krb5.keytab)
146
1472000-06-08  Assar Westerlund  <assar@sics.se>
148
149	* ipropd_slave.c: bug fixes, for actually writing the full dump to
150	the database.  based on a patch from Love <lha@stacken.kth.se>
151
1522000-06-07  Assar Westerlund  <assar@sics.se>
153
154	* acl.c: add support for patterns of principals
155	* log.c (kadm5_log_replay_create): handle more NULL pointers
156	(should they really happen?)
157	* log.c (kadm5_log_replay_modify): handle max_life == NULL and
158	max_renew == NULL
159
160	* ipropd_master.c: use syslog.  be less verbose
161	* ipropd_slave.c: use syslog
162
1632000-06-05  Assar Westerlund  <assar@sics.se>
164
165	* private.h (kadm_ops): add kadm_nop more prototypes
166	* log.c (kadm5_log_set_version, kadm5_log_reinit, kadm5_log_nop,
167	kadm5_log_replay_nop): add
168	* ipropd_slave.c: and some more improvements
169	* ipropd_master.c: lots of improvements
170	* iprop.h (IPROP_PORT, IPROP_SERVICE): add
171	(iprop_cmd): add new commands
172
173	* dump_log.c: add nop
174
1752000-05-15  Assar Westerlund  <assar@sics.se>
176
177	* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 5:1:1
178
1792000-05-12  Assar Westerlund  <assar@sics.se>
180
181	* get_s.c (kadm5_s_get_principal): set life, rlife to INT_MAX as a
182	fallback.  handle not having any creator.
183	* destroy_s.c (kadm5_s_destroy): free all allocated memory
184	* context_s.c (set_field): free variable if it's already set
185	(find_db_spec): malloc space for all strings
186
1872000-04-05  Assar Westerlund  <assar@sics.se>
188
189	* Makefile.am (LDADD): add LIB_openldap
190
1912000-04-03  Assar Westerlund  <assar@sics.se>
192
193	* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 6:0:1
194	(libkadm5clnt_la_LDFLAGS): set version to 5:0:1
195
1962000-03-24  Assar Westerlund  <assar@sics.se>
197
198	* set_keys.c (_kadm5_set_keys2): rewrite
199	(_kadm5_set_keys3): add
200
201	* private.h (struct kadm_func): add chpass_principal_with_key
202	* init_c.c (set_funcs): add chpass_principal_with_key
203
2042000-03-23  Assar Westerlund  <assar@sics.se>
205
206	* context_s.c (set_funcs): add chpass_principal_with_key
207	* common_glue.c (kadm5_chpass_principal_with_key): add
208	* chpass_s.c: comment-ize and change calling convention for
209	_kadm5_set_keys*
210	* chpass_c.c (kadm5_c_chpass_principal_with_key): add
211
2122000-02-07  Assar Westerlund  <assar@sics.se>
213
214	* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0
215
2162000-01-28  Assar Westerlund  <assar@sics.se>
217
218	* init_c.c (get_new_cache): make sure to request non-forwardable,
219	non-proxiable
220
2212000-01-06  Assar Westerlund  <assar@sics.se>
222
223	* Makefile.am (libkadm5srv.la): bump version to 5:1:0
224
225	* context_s.c (_kadm5_s_init_context): handle params == NULL
226
2271999-12-26  Assar Westerlund  <assar@sics.se>
228
229	* get_s.c (kadm5_s_get_principal): handle modified_by->principal
230 	== NULL
231
2321999-12-20  Assar Westerlund  <assar@sics.se>
233
234	* Makefile.am (libkadm5clnt_la_LDFLAGS): bump version to 4:1:0
235
236	* init_c.c (_kadm5_c_init_context): handle getting back port
237 	number from admin host
238	(kadm5_c_init_with_context): remove `proto/' part before doing
239	getaddrinfo()
240
2411999-12-06  Assar Westerlund  <assar@sics.se>
242
243	* Makefile.am: bump version to 5:0:0 and 4:0:0
244
245	* init_c.c (kadm5_c_init_with_context): don't use unitialized
246 	stuff
247
2481999-12-04  Assar Westerlund  <assar@sics.se>
249
250	* replay_log.c: adapt to changed kadm5_log_foreach
251
252	* log.c (kadm5_log_foreach): change to take a
253 	`kadm5_server_context'
254
255	* init_c.c: use krb5_warn{,x}
256
257	* dump_log.c: adapt to changed kadm5_log_foreach
258
259	* init_c.c: re-write to use getaddrinfo
260	* Makefile.am (install-build-headers): add dependency
261
2621999-12-03  Johan Danielsson  <joda@pdc.kth.se>
263
264	* log.c (kadm5_log_foreach): pass context
265
266	* dump_log.c: print more interesting things
267
2681999-12-02  Johan Danielsson  <joda@pdc.kth.se>
269
270	* ipropd_master.c (process_msg): check for short reads
271
2721999-11-25  Assar Westerlund  <assar@sics.se>
273
274	* modify_s.c (kadm5_s_modify_principal): support key_data
275	(kadm5_s_modify_principal_with_key): remove
276
277	* admin.h (kadm5_s_modify_principal_with_key): remove
278
2791999-11-20  Assar Westerlund  <assar@sics.se>
280
281	* context_s.c (find_db_spec): ugly cast work-around.
282
2831999-11-14  Assar Westerlund  <assar@sics.se>
284
285	* context_s.c (_kadm5_s_init_context): call krb5_add_et_list so
286 	that we aren't dependent on the layout of krb5_context_data
287	* init_c.c (_kadm5_c_init_context): call krb5_add_et_list so that
288 	we aren't dependent on the layout of krb5_context_data
289
2901999-11-13  Assar Westerlund  <assar@sics.se>
291
292	* password_quality.c (kadm5_setup_passwd_quality_check): use
293	correct types for function pointers
294
2951999-11-09  Johan Danielsson  <joda@pdc.kth.se>
296
297	* randkey_s.c: always bail out if the fetch fails
298
299	* admin.h (kadm5_config_params): remove fields we're not using
300
301	* ipropd_slave.c: allow passing a realm
302
303	* ipropd_master.c: allow passing a realm
304
305	* dump_log.c: allow passing a realm
306
307	* acl.c: correctly get acl file
308
309	* private.h (kadm5_server_context): add config_params struct and
310	remove acl_file; bump protocol version number
311
312	* marshall.c: marshalling of config parameters
313
314	* init_c.c (kadm5_c_init_with_context): try to cope with old
315	servers
316
317	* init_s.c (kadm5_s_init_with_context): actually use some passed
318	values
319
320	* context_s.c (_kadm5_s_init_context): get dbname, acl_file, and
321	stash_file from the config parameters, try to figure out these if
322	they're not provided
323
3241999-11-05  Assar Westerlund  <assar@sics.se>
325
326	* Makefile.am (install-build-headers): use `cp' instead of
327 	INSTALL_DATA
328
3291999-11-04  Assar Westerlund  <assar@sics.se>
330
331	* Makefile.am: bump version to 4:0:0 and 3:0:0 (they access fields
332 	directly in libkrb5's context - bad functions)
333
334	* set_keys.c (_kadm5_set_keys_randomly): set enctypes correctly in
335 	the copied keys
336
3371999-10-20  Assar Westerlund  <assar@sics.se>
338
339	* Makefile.am: set version of kadm5srv to 3:0:2 (new password
340 	quality functions).
341 	set version of kdam5clnt to 2:1:1 (no interface changes)
342
343	* Makefile.am (LDADD): add $(LIB_dlopen)
344
3451999-10-17  Assar Westerlund  <assar@sics.se>
346
347	* randkey_s.c (kadm5_s_randkey_principal): use
348 	_kadm5_set_keys_randomly
349
350	* set_keys.c (free_keys): free more memory
351	(_kadm5_set_keys): a little bit more generic
352	(_kadm5_set_keys_randomly): new function for setting random keys.
353
3541999-10-14  Assar Westerlund  <assar@sics.se>
355
356	* set_keys.c (_kadm5_set_keys): ignore old keys when setting new
357 	ones and always add 3 DES keys and one 3DES key
358
3591999-10-03  Assar Westerlund  <assar@sics.se>
360
361	* init_c.c (_kadm5_c_init_context): use `krb5_get_krb_admin_hst'.
362  	check return value from strdup
363
3641999-09-26  Assar Westerlund  <assar@sics.se>
365
366	* acl.c (_kadm5_privs_to_string): forgot one strcpy_truncate ->
367 	strlcpy
368
3691999-09-24  Johan Danielsson  <joda@pdc.kth.se>
370
371	* dump_log.c: remove unused `optind'
372
373	* replay_log.c: remove unused `optind'
374
3751999-09-13  Assar Westerlund  <assar@sics.se>
376
377	* chpass_c.c (kadm5_c_chpass_principal): new _kadm5_client_recv
378
379	* send_recv.c (_kadm5_client_recv): return result in a `krb5_data'
380 	so that we avoid copying it and don't need to dimension in
381 	advance.  change all callers.
382
3831999-09-10  Assar Westerlund  <assar@sics.se>
384
385	* password_quality.c: new file
386
387	* admin.h
388 	(kadm5_setup_passwd_quality_check,kadm5_check_password_quality):
389 	add prototypes
390
391	* Makefile.am (S_SOURCES): add password_quality.c
392
3931999-07-26  Assar Westerlund  <assar@sics.se>
394
395	* Makefile.am: update versions to 2:0:1
396
3971999-07-24  Assar Westerlund  <assar@sics.se>
398
399	* ent_setup.c (_kadm5_setup_entry): make princ_expire_time == 0
400 	and pw_expiration == 0 mean never
401
4021999-07-22  Assar Westerlund  <assar@sics.se>
403
404	* log.c (kadm5_log_flush): extra cast
405
4061999-07-07  Assar Westerlund  <assar@sics.se>
407
408	* marshall.c (store_principal_ent): encoding princ_expire_time and
409 	pw_expiration in correct order
410
4111999-06-28  Assar Westerlund  <assar@sics.se>
412
413	* randkey_s.c (kadm5_s_randkey_principal): nuke old mkvno,
414 	otherwise hdb will think that the new random keys are already
415 	encrypted which will cause lots of confusion later.
416
4171999-06-23  Assar Westerlund  <assar@sics.se>
418
419	* ent_setup.c (_kadm5_setup_entry): handle 0 == unlimited
420 	correctly.  From Michal Vocu <michal@karlin.mff.cuni.cz>
421
4221999-06-15  Assar Westerlund  <assar@sics.se>
423
424	* init_c.c (get_cred_cache): use get_default_username
425
4261999-05-23  Assar Westerlund  <assar@sics.se>
427
428	* create_s.c (create_principal): if there's no default entry the
429	mask should be zero.
430
4311999-05-21  Assar Westerlund  <assar@sics.se>
432
433	* init_c.c (get_cred_cache): use $USERNAME
434
4351999-05-17  Johan Danielsson  <joda@pdc.kth.se>
436
437	* init_c.c (get_cred_cache): figure out principal
438
4391999-05-05  Johan Danielsson  <joda@pdc.kth.se>
440
441	* send_recv.c: cleanup _kadm5_client_{send,recv}
442
4431999-05-04  Assar Westerlund  <assar@sics.se>
444
445	* set_keys.c (_kadm5_set_keys2): don't check the recently created
446 	memory for NULL pointers
447
448	* private.h (_kadm5_setup_entry): change prototype
449
450	* modify_s.c: call new _kadm5_setup_entry
451
452	* ent_setup.c (_kadm5_setup_entry): change so that it takes three
453 	masks, one for what bits to set and one for each of principal and
454 	def containing the bits that are set there.
455
456	* create_s.c: call new _kadm5_setup_entry
457
458	* create_s.c (get_default): check return value
459	(create_principal): send wider mask to _kadm5_setup_entry
460
4611999-05-04  Johan Danielsson  <joda@pdc.kth.se>
462
463	* send_recv.c (_kadm5_client_recv): handle arbitrarily sized
464	packets, check for errors
465
466	* get_c.c: check for failure from _kadm5_client_{send,recv}
467
4681999-05-04  Assar Westerlund  <assar@sics.se>
469
470	* init_c.c (get_new_cache): don't abort when interrupted from
471 	password prompt
472
473	* destroy_c.c (kadm5_c_destroy): check if we should destroy the
474 	auth context
475
4761999-05-03  Johan Danielsson  <joda@pdc.kth.se>
477
478	* chpass_s.c: fix arguments to _kadm5_set_keys2
479
480	* private.h: proto
481
482	* set_keys.c: clear mkvno
483
484	* rename_s.c: add flags to fetch and store; seal keys before
485	logging
486
487	* randkey_s.c: add flags to fetch and store; seal keys before
488	logging
489
490	* modify_s.c: add flags to fetch and store; seal keys before
491	logging
492
493	* log.c: add flags to fetch and store; seal keys before logging
494
495	* get_s.c: add flags to fetch and store; seal keys before logging
496
497	* get_princs_s.c: add flags to fetch and store; seal keys before
498	logging
499
500	* delete_s.c: add flags to fetch and store; seal keys before
501	logging
502
503	* create_s.c: add flags to fetch and store; seal keys before
504	logging
505
506	* chpass_s.c: add flags to fetch and store; seal keys before
507	logging
508
509	* Makefile.am: remove server.c
510
511	* admin.h: add prototypes
512
513	* ent_setup.c (_kadm5_setup_entry): set key_data
514
515	* set_keys.c: add _kadm5_set_keys2 to sey keys from key_data
516
517	* modify_s.c: add kadm5_s_modify_principal_with_key
518
519	* create_s.c: add kadm5_s_create_principal_with_key
520
521	* chpass_s.c: add kadm5_s_chpass_principal_with_key
522
523	* kadm5_locl.h: move stuff to private.h
524
525	* private.h: move stuff from kadm5_locl.h
526