xref: /freebsd/crypto/heimdal/lib/kadm5/ChangeLog (revision 2e3507c25e42292b45a5482e116d278f5515d04d)
12008-04-23  Love Hörnquist Åstrand  <lha@it.su.se>
2
3	* ipropd_master.c: Only log "sending AYT" once, pointed out by Dr
4	A V Le Blanc.
5
6
72008-01-21  Love Hörnquist Åstrand  <lha@it.su.se>
8
9	* default_keys.c: Use hdb_free_keys().
10
112008-01-11  Love Hörnquist Åstrand  <lha@it.su.se>
12
13	* Makefile.am: add check-cracklib.pl, flush.c,
14	sample_passwd_check.c
15
162007-12-07  Love Hörnquist Åstrand  <lha@it.su.se>
17
18	* use hdb_db_dir() and hdb_default_db()
19
202007-10-18  Love  <lha@stacken.kth.se>
21
22	* init_c.c: We are getting default_client, not client. this way
23	the user can override the result.
24
252007-09-29  Love Hörnquist Åstrand  <lha@it.su.se>
26
27	* iprop.8: fix spelling, From Antoine Jacoutt.
28
292007-08-16  Love Hörnquist Åstrand  <lha@it.su.se>
30
31	* version-script.map: export _kadm5_unmarshal_params,
32	_kadm5_acl_check_permission
33
34	* version-script.map: export kadm5_log_ symbols.
35
36	* log.c: Unexport the specific log replay operations.
37
382007-08-10  Love Hörnquist Åstrand  <lha@it.su.se>
39
40	* Makefile.am: build sample_passwd_check.la as part of noinst.
41
42	* sample_passwd_check.c: Add missing prototype for check_length().
43
442007-08-07  Love Hörnquist Åstrand  <lha@it.su.se>
45
46	* log.c: Sprinkle krb5_set_error_string().
47
48	* ipropd_slave.c: Provide better error why kadm5_log_replay
49	failed.
50
512007-08-06  Love Hörnquist Åstrand  <lha@it.su.se>
52
53	* ipropd_master.c: - don't push whole database to the new client
54	every time.  - make slaves get the whole new database if they have
55	a newer log the the master (and thus have them go back in time).
56
572007-08-03  Love Hörnquist Åstrand  <lha@it.su.se>
58
59	* ipropd_slave.c: make more sane.
60
61	* ipropd_slave.c: more paranoid check that the log entires are
62	self consistant
63
64	* log.c (kadm5_log_foreach): check that the postamble contains the
65	right data.
66
67	* ipropd_master.c: Sprinkle more info about what versions the
68	master thinks about the client versions.
69
70	* ipropd_master.c: Start the server at the current version, not 0.
71
722007-08-02  Love Hörnquist Åstrand  <lha@it.su.se>
73
74	* ipropd_master.c: Add more logging, to figure out what is
75	happening in the master.
76
772007-08-01  Love Hörnquist Åstrand  <lha@it.su.se>
78
79	* Makefile.am: add version-script for libkadm5srv.la
80
81	* version-script.map: version script fro kadm5 server libary.
82
83	* log.c: only free the orignal entries extentions if there was
84	any.  Bug reported by Peter Meinecke.
85
86	* add configuration for signal file and acl file, let user select
87	hostname, catch signals and print why we are quiting, make nop
88	cause one new version, not two
89
902007-07-30  Love Hörnquist Åstrand  <lha@it.su.se>
91
92	* ipropd_master.c (send_diffs): make current slave's version
93	uptodate when diff have been sent.
94
952007-07-27  Love Hörnquist Åstrand  <lha@it.su.se>
96
97	* ipropd_slave.c: More comments and some more error checking.
98
992007-07-26  Love Hörnquist Åstrand  <lha@it.su.se>
100
101	* init_c.c (get_cache_principal): make sure id is reset if we
102	fail. From Benjamin Bennet.
103
1042007-07-10  Love Hörnquist Åstrand  <lha@it.su.se>
105
106	* context_s.c (find_db_spec): match realm-less as the default
107	realm.
108
109	* Makefile.am: New library version.
110
1112007-07-05  Love Hörnquist Åstrand  <lha@it.su.se>
112
113	* context_s.c: Use hdb_get_dbinfo to pick up configuration.
114	ctx->config.realm can be NULL, check for that, from Bjorn S.
115
1162007-07-04  Love Hörnquist Åstrand  <lha@it.su.se>
117
118	* init_c.c: Try harder to use the right principal.
119
1202007-06-20  Love Hörnquist Åstrand  <lha@it.su.se>
121
122	* ipropd_slave.c: Catch return value from krb5_program_setup. From
123	Steven Luo.
124
1252007-05-08  Love Hörnquist Åstrand  <lha@it.su.se>
126
127	* delete_s.c: Write log entry after store is successful, rename
128	out goto statments.
129
130	* randkey_s.c: Write log entry after store is successful.
131
132	* modify_s.c: Write log entry after store is successful.
133
134	* rename_s.c: indent.
135
136	* chpass_s.c: Write log entry after store is successful.
137
138	* create_s.c: Write log entry after store is successful.
139
1402007-05-07  Love Hörnquist Åstrand  <lha@it.su.se>
141
142	* iprop-commands.in: Add default values to make this working
143	again.
144
145	* iprop-log.c (iprop_replay): create the database with more
146	liberal mode.
147
148	* log.c: make it slightly more working.
149
150	* iprop-log.8: Document last-version.
151
152	* iprop-log.c: (last_version): print last version of the log.
153
154	* iprop-commands.in: new command last-version: print last version
155	of the log.
156
157	* log.c (kadm5_log_previous): document assumptions and make less
158	broken.  Bug report from Ronny Blomme.
159
1602007-02-17  Love Hörnquist Åstrand  <lha@it.su.se>
161
162	* admin.h: add support to get aliases
163
164	* get_s.c: add support to get aliases
165
1662007-02-11  David Love  <fx@gnu.org>
167
168	* iprop-log.8: Small fixes, from David Love.
169
1702006-12-15  Love Hörnquist Åstrand  <lha@it.su.se>
171
172	* init_c.c: if the user have a kadmin/admin initial ticket, don't
173	ask for password, just use the credential instead.
174
1752006-12-06  Love Hörnquist Åstrand  <lha@it.su.se>
176
177	* ipropd_master.c: Use strcspn to remove \n from string returned
178	by fgets.  From Björn Sandell
179
1802006-11-30  Love Hörnquist Åstrand  <lha@it.su.se>
181
182	* init_c.c (kadm_connect): clear error string before trying to
183	print a errno, this way we don't pick up a random failure code
184
1852006-11-20  Love Hörnquist Åstrand  <lha@it.su.se>
186
187	* ipropd_slave.c: Make krb5_get_init_creds_opt_free take a context
188	argument.
189
190	* init_c.c: Make krb5_get_init_creds_opt_free take a context
191	argument.
192
1932006-10-22  Love Hörnquist Åstrand  <lha@it.su.se>
194
195	* ent_setup.c: Try to not leak memory.
196
1972006-10-07  Love Hörnquist Åstrand  <lha@it.su.se>
198
199	* Makefile.am: split build files into dist_ and noinst_ SOURCES
200
2012006-08-24  Love Hörnquist Åstrand  <lha@it.su.se>
202
203	* get_s.c: Add KRB5_KDB_ALLOW_DIGEST
204
205	* ent_setup.c: Add KRB5_KDB_ALLOW_DIGEST
206
207	* admin.h: Add KRB5_KDB_ALLOW_DIGEST
208
2092006-06-16  Love Hörnquist Åstrand  <lha@it.su.se>
210
211	* check-cracklib.pl: Add password reuse checking. From Harald
212	Barth.
213
2142006-06-14  Love Hörnquist Åstrand  <lha@it.su.se>
215
216	* ent_setup.c (attr_to_flags): Add KRB5_KDB_ALLOW_KERBEROS4
217
218	* get_s.c (kadm5_s_get_principal): Add KRB5_KDB_ALLOW_KERBEROS4
219
220	* admin.h: Add KRB5_KDB_ALLOW_KERBEROS4
221
2222006-06-06  Love Hörnquist Åstrand  <lha@it.su.se>
223
224	* ent_setup.c (attr_to_flags): Add KRB5_KDB_TRUSTED_FOR_DELEGATION
225
2262006-05-30  Love Hörnquist Åstrand  <lha@it.su.se>
227
228	* password_quality.c (kadm5_check_password_quality): set error
229	message in context.
230
2312006-05-13  Love Hörnquist Åstrand  <lha@it.su.se>
232
233	* iprop-log.c: Avoid shadowing.
234
235	* rename_s.c: Avoid shadowing.
236
2372006-05-08  Love Hörnquist Åstrand  <lha@it.su.se>
238
239	* privs_c.c (kadm5_c_get_privs): privs is a uint32_t, let copy it
240	that way.
241
2422006-05-05  Love Hörnquist Åstrand  <lha@it.su.se>
243
244	* Rename u_intXX_t to uintXX_t
245
2462006-04-27  Love Hörnquist Åstrand  <lha@it.su.se>
247
248	* chpass_s.c,delete_s.c,get_s.c,log.c,modify_s.c,randkey_s.c,rename_s.c:
249	Pass in HDB_F_GET_ANY to all ->hdb fetch to hint what entries we are looking for
250
251	* send_recv.c: set and clear error string
252
253	* rename_s.c: Break out the that we request from principal from
254	the entry and pass it in as a separate argument.
255
256	* randkey_s.c: Break out the that we request from principal from
257	the entry and pass it in as a separate argument.
258
259	* modify_s.c: Break out the that we request from principal from
260	the entry and pass it in as a separate argument.
261
262	* log.c: Break out the that we request from principal from the
263	entry and pass it in as a separate argument.
264
265	* get_s.c: Break out the that we request from principal from the
266	entry and pass it in as a separate argument.
267
268	* delete_s.c: Break out the that we request from principal from
269	the entry and pass it in as a separate argument.
270
271	* chpass_s.c: Break out the that we request from principal from
272	the entry and pass it in as a separate argument.
273
2742006-04-25  Love Hörnquist Åstrand  <lha@it.su.se>
275
276	* create_s.c (create_principal*): If client doesn't send kvno,
277	make sure to set it to 1.
278
2792006-04-10  Love Hörnquist Åstrand  <lha@it.su.se>
280
281	* log.c: (kadm5_log_rename): handle errors better
282	Fixes Coverity, NetBSD CID#628
283
284	* log.c (kadm5_log_delete): add error handling Coverity, NetBSD
285	CID#626
286	(kadm5_log_modify): add error handling Coverity, NetBSD CID#627
287
288	* init_c.c (_kadm5_c_get_cred_cache): handle ccache case better in
289	case no client name was passed in. Coverity, NetBSD CID#919
290
291	* init_c.c (_kadm5_c_get_cred_cache): Free client principal in
292	case of error. Coverity NetBSD CID#1908
293
2942006-02-02  Love Hörnquist Åstrand  <lha@it.su.se>
295
296	* kadm5_err.et: (PASS_REUSE): Spelling,
297	from Václav H?la <ax@natur.cuni.cz>
298
2992006-01-25  Love Hörnquist Åstrand  <lha@it.su.se>
300
301	* send_recv.c: Clear error-string when introducing new errors.
302
303	* *_c.c: Clear error-string when introducing new errors.
304
3052006-01-15  Love Hörnquist Åstrand  <lha@it.su.se>
306
307	* Makefile.am (libkadm5clnt.la) doesn't depend on libhdb, remove
308	dependency
309
3102005-12-13  Love Hörnquist Åstrand  <lha@it.su.se>
311
312	* memset hdb_entry_ex before use
313
3142005-12-12  Love Hörnquist Åstrand  <lha@it.su.se>
315
316	* Wrap hdb_entry with hdb_entry_ex, patch originally
317	from Andrew Bartlet
318
3192005-11-30  Love Hörnquist Åstrand  <lha@it.su.se>
320
321	* context_s.c (set_field): try another way to calculate the path
322	to the database/logfile/signal-socket
323
324	* log.c (kadm5_log_init): set error string on failures
325
3262005-09-08  Love Hörnquist Åstrand  <lha@it.su.se>
327
328	* Constify password.
329
330	* admin.h: Add KRB5_TL_PKINIT_ACL.
331
332	* marshall.c (_kadm5_unmarshal_params): avoid signed-ness warnings
333
334	* get_s.c (kadm5_s_get_principal): clear error string
335
3362005-08-25  Love Hörnquist Åstrand  <lha@it.su.se>
337
338	* iprop-log.8: More text about iprop-log.
339
3402005-08-24  Love Hörnquist Åstrand  <lha@it.su.se>
341
342	* iprop.8: SEE ALSO iprop-log.
343
344	* Makefile.am: man_MANS += iprop-log.8
345
346	* iprop-log.8: Basic for documentation of iprop-log.
347
348	* remove replay_log.c, dump_log.c, and truncate_log.c, folded into
349	iprop-log.
350
351	* log.c (kadm5_log_foreach): add a context variable and pass it
352	down to `func´.
353
354	* iprop-commands.in: Move truncate_log and replay_log into
355	iprop-log.
356
357	* iprop-log.c: Move truncate_log and replay_log into iprop-log.
358
359	* Makefile.am: Move truncate_log and replay_log into iprop-log.
360
361	* Makefile.am: Make this work with a clean directory.
362
363	* ipropd_master.c: Make compile.
364
365	* ipropd_master.c: Update to new signature of kadm5_log_previous.
366
367	* log.c (kadm5_log_previous): catch errors instead of asserting
368	and set error string.
369
370	* iprop-commands.in: New program iprop-log that incorperates
371	dump_log as a subcommand, truncate_log and replay_log soon to come
372	after.
373
374	* iprop-log.c: New program iprop-log that incorperates dump_log as
375	a subcommand, truncate_log and replay_log soon to come after.
376
377	* Makefile.am: New program iprop-log that incorperates dump_log as
378	a subcommand, truncate_log and replay_log soon to come after.
379
3802005-08-11 Love Hörnquist Åstrand  <lha@it.su.se>
381
382	* get_s.c: Implement KADM5_LAST_PWD_CHANGE.
383
384	* set_keys.c: Set and clear password where appropriate.
385
386	* randkey_s.c: Operation modifies tl_data.
387
388	* log.c (kadm5_log_replay_modify): Check return values of
389	malloc(), replace all extensions.
390
391	* kadm5_err.et: Make BAD_TL_TYPE error more helpful.
392
393	* get_s.c: Expose KADM5_TL_DATA options to the client.
394
395	* ent_setup.c: Merge in KADM5_TL_DATA in the database.
396
397	* chpass_s.c: Operations modify extensions, mark that with
398	TL_DATA.
399
400	* admin.h: Add more TL types (password and extension).
401
4022005-06-17  Love Hörnquist Åstrand  <lha@it.su.se>
403
404	* constify
405
406	* ipropd_slave.c: avoid shadowing
407
408	* ipropd_master.c: rename local variable slave to s, optind ->
409	optidx
410
411	* get_princs_c.c: rename variable exp to expression
412
413	* ad.c: rename variable exp to expression
414
415	* log.c: rename shadowing len to num
416
417	* get_princs_s.c: rename variable exp to expression
418
419	* context_s.c: const poison
420
421	* common_glue.c: rename variable exp to expression
422
4232005-05-30  Love Hörnquist Åstrand  <lha@it.su.se>
424
425	* ent_setup.c (attr_to_flags): check for KRB5_KDB_OK_AS_DELEGATE
426
427	* get_s.c (kadm5_s_get_principal): set KRB5_KDB_OK_AS_DELEGATE
428
429	* admin.h: add KRB5_KDB_OK_AS_DELEGATE, sync KRB5_TL_ flags
430
4312005-05-25  Love Hörnquist Åstrand  <lha@it.su.se>
432
433	* kadm5_pwcheck.3: please mdoclint
434
4352005-05-25  Dave Love  <fx@gnu.org>
436
437	* kadm5_pwcheck.3: document kadm5_add_passwd_quality_verifier,
438	improve text
439
4402005-05-24  Dave Love  <fx@gnu.org>
441
442	* iprop.8: Added some info about defaults, fixed some markup.
443
4442005-05-23  Dave Love  <fx@gnu.org>
445
446	* ipropd_slave.c: Don't test HAVE_DAEMON since roken supplies it.
447
448	* ipropd_master.c: Don't test HAVE_DAEMON since roken supplies it.
449
4502005-05-13  Love Hörnquist Åstrand  <lha@it.su.se>
451
452	* init_c.c (_kadm5_c_init_context): fix memory leak in case of
453	failure
454
4552005-05-09  Dave Love  <fx@gnu.org>
456
457	* password_quality.c (find_func): Fix off-by-one and logic error.
458	(external_passwd_quality): Improve messages.
459
460	* test_pw_quality.c (main): Call kadm5_setup_passwd_quality_check
461	and kadm5_add_passwd_quality_verifier.
462
4632005-04-30  Love Hörnquist Åstrand  <lha@it.su.se>
464
465	* default_keys.c: #include <err.h>, only print salt it its longer
466	then 0, use krb5_err instead of errx where appropriate
467
4682005-04-25  Love Hörnquist Åstrand  <lha@it.su.se>
469
470	* ipropd_slave.c: add the documented option --port
471
472	* ipropd_master.c: add the documented option --port
473
474	* dump_log.c: use the newly generated units function
475
4762005-04-24  Love Hörnquist Åstrand  <lha@it.su.se>
477
478	* dump_log.c: use strlcpy
479
480	* password_quality.c: don't use sizeof(pointer)
481
4822005-04-15  Love Hörnquist Åstrand  <lha@it.su.se>
483
484	* check-cracklib.pl: external password verifier sample
485
486	* password_quality.c (kadm5_add_passwd_quality_verifier): if NULL
487	is passed in, load defaults
488
4892005-04-14  Love Hörnquist Åstrand  <lha@it.su.se>
490
491	* password_quality.c: add an end tag to the external password
492	quality check protocol
493
4942005-04-13  Love Hörnquist Åstrand  <lha@it.su.se>
495
496	* password_quality.c: add external passsword quality check builtin
497	module
498
499	[password_quality]
500		policies = external-check
501		external-program = /bin/false
502
503	To approve password a, make the test program return APPROVED on
504	stderr and fail with exit code 0.
505
5062004-10-12  Love Hörnquist Åstrand  <lha@it.su.se>
507
508	* Makefile.am: bump version to 7:7:0 and 6:5:2
509
510	* default_keys.c (parse_file): use hdb_generate_key_set
511
512	* keys.c,set_keys.c: Move keyset parsing and password based keyset
513	generation into hdb.  Requested by Andrew Bartlett <abartlet@samba.org>
514	for hdb-ldb backend.
515
5162004-09-23  Johan Danielsson  <joda@pdc.kth.se>
517
518	* ipropd_master.c: add help strings to some options
519
5202004-09-12  Love Hörnquist Åstrand  <lha@it.su.se>
521
522	* chpass_s.c: deal with changed prototype for _kadm5_free_keys
523
524	* keys.c (_kadm5_free_keys): change prototype, make it use
525	krb5_context instead of a kadm5_server_context
526
527	* set_keys.c (parse_key_set): do way with static returning
528	(function) static variable and returned allocated memory
529	(_kadm5_generate_key_set): free enctypes returned by parse_key_set
530
5312004-09-06  Love Hörnquist Åstrand  <lha@it.su.se>
532
533	* set_keys.c: Fix memory leak, don't return stack variables From
534	Andrew Bartlett
535
536	* set_keys.c: make all_etypes const and move outside function to
537	avoid returning data on stack
538
5392004-08-26  Love Hörnquist Åstrand  <lha@it.su.se>
540
541	* acl.c (fetch_acl): use " \t\n" instead of just "\n" for the
542	delim of the third element, this is so we can match
543	"foo@REALM<SPC>all<SPC><SPC>*@REALM", before it just matched
544	"foo@REALM<SPC>all<SPC>*@REALM", but that is kind of lucky since
545	what really happen was that the last <SPC> was stamped out, and
546	the it never strtok_r never needed to parse over it.
547
5482004-08-25  Love Hörnquist Åstrand  <lha@it.su.se>
549
550	* set_keys.c (_kadm5_generate_key_set): since arcfour-hmac-md5 is
551	without salting, some people tries to add the string
552	"arcfour-hmac-md5" when they really should have used
553	"arcfour-hmac-md5:pw-salt", help them and add glue for that
554
5552004-08-18  Johan Danielsson  <joda@pdc.kth.se>
556
557	* ipropd_slave.c: add --detach
558
5592004-07-06  Love Hörnquist Åstrand  <lha@it.su.se>
560
561	* ad.c: use new tsasl interface remove debug printf add upn to
562	computer-accounts
563
5642004-06-28  Love Hörnquist Åstrand  <lha@it.su.se>
565
566	* ad.c: implement kadm5_ad_init_with_password_ctx set more error
567	strings
568
5692004-06-21  Love Hörnquist Åstrand  <lha@it.su.se>
570
571	* Makefile.am: man_MANS = kadm5_pwcheck.3
572
573	* kadm5_pwcheck.3: document new password quality api
574
575	* password_quality.c: new password check interface (old still
576	supported)
577
578	* kadm5-pwcheck.h: new password check interface
579
5802004-06-08  Love Hörnquist Åstrand  <lha@it.su.se>
581
582	* ipropd_master.c (main): process all slaves, not just up to the
583	last slave sending data
584	(bug report from Björn Sandell <biorn@dce.chalmers.se>)
585	(*): only send one ARE_YOU_THERE
586
5872004-06-02  Love Hörnquist Åstrand  <lha@it.su.se>
588
589	* ad.c: use krb5_set_password_using_ccache
590
5912004-06-01  Love Hörnquist Åstrand  <lha@it.su.se>
592
593	* ad.c: try handle spn's better
594
5952004-05-31  Love Hörnquist Åstrand  <lha@it.su.se>
596
597	* ad.c: add expiration time
598
599	* ad.c: add modify operations
600
601	* ad.c: handle create and delete
602
6032004-05-27  Love Hörnquist Åstrand  <lha@it.su.se>
604
605	* ad.c: more code for get, handle attributes
606
607	* ad.c: more code for get, handle time stamps and bad password
608	counter
609
610	* ad.c: more code for get, only fetches kvno for now
611
6122004-05-26  Love Hörnquist Åstrand  <lha@it.su.se>
613
614	* ad.c: add support for tsasl
615
616	* private.h: add kadm5_ad_context
617
618	* ipropd_master.c (prop_one): store the opcode in the begining of
619	the blob, not the end
620
621	* ad.c: try all ldap servers in dns, generate a random password,
622	base64(random_block(64)), XXX must make it support other then
623	ARCFOUR
624
625	* ad.c: framework for windows AD backend
626
6272004-03-07  Love Hörnquist Åstrand  <lha@it.su.se>
628
629	* create_s.c (kadm5_s_create_principal): remove old XXX command
630	and related code, _kadm5_set_keys will do all this now
631
6322004-02-29  Love Hörnquist Åstrand  <lha@it.su.se>
633
634	* set_keys.c (_kadm5_set_keys_randomly): make sure enctype to copy
635	enctype for des keys From: Andrew Bartlett <abartlet@samba.org>
636
637	* create_s.c (kadm5_s_create_principal_with_key): don't call
638	_kadm5_set_keys2, create_principal will do that for us. Set kvno
639	to 1.
640
641	* chpass_s.c (change): bump kvno
642	(kadm5_s_chpass_principal_with_key): bump kvno
643
644	* randkey_s.c (kadm5_s_randkey_principal): bump kvno
645
646	* set_keys.c (_kadm5_set_*): don't change the kvno, let the callee
647	to that
648
6492003-12-30  Love Hörnquist Åstrand  <lha@it.su.se>
650
651	* chpass_s.c (change): fix same-password-again by decrypting keys
652	and setting an error code From: Buck Huppmann <buckh@pobox.com>
653
6542003-12-21  Love Hörnquist Åstrand  <lha@it.su.se>
655
656	* init_c.c (_kadm5_c_init_context): catch errors from strdup and
657	other krb5_ functions
658
6592003-12-08  Love Hörnquist Åstrand  <lha@it.su.se>
660
661	* rename_s.c (kadm5_s_rename_principal): allow principal to change
662	realm From Panasas Inc
663
6642003-12-07  Love Hörnquist Åstrand  <lha@it.su.se>
665
666	* destroy_c.c (kadm5_c_destroy): fix memory leaks, From Panasas,
667	Inc
668
6692003-11-23  Love Hörnquist Åstrand  <lha@it.su.se>
670
671	* iprop.h: don't include <krb5-private.h>
672
673	* ipropd_slave.c: stop using krb5 lib private byte-frobbing
674	functions and replace them with with krb5_storage
675
676	* ipropd_master.c: stop using krb5 lib private byte-frobbing
677	functions and replace them with with krb5_storage
678
6792003-11-19  Love Hörnquist Åstrand  <lha@it.su.se>
680
681	* ipropd_slave.c (receive_loop): when seeking over the entries we
682	already have, skip over the trailer.  From: Jeffrey Hutzelman
683	<jhutz@cmu.edu>
684
685	* dump_log.c,ipropd_master.c,ipropd_slave.c,
686	replay_log.c,truncate_log.c: parse kdc.conf
687	From: Jeffrey Hutzelman <jhutz@cmu.edu>
688
6892003-10-10  Love Hörnquist Åstrand  <lha@it.su.se>
690
691	* Makefile.am: += test_pw_quality
692
693	* test_pw_quality.c: test program for verifying password quality
694	function
695
6962003-09-03  Love Hörnquist Åstrand  <lha@it.su.se>
697
698	* Makefile.am: add and enable check program default_keys
699
700	* default_keys.c: test program for _kadm5_generate_key_set
701
702	* init_c.c: use
703	krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free
704
7052003-08-17  Love Hörnquist Åstrand  <lha@it.su.se>
706
707	* set_keys.c (_kadm5_set_keys_randomly): remove dup return
708
709	* ipropd_master.c (main): make sure current_version is initialized
710
7112003-08-15  Love Hörnquist Åstrand  <lha@it.su.se>
712
713	* set_keys.c: use default_keys for the both random keys and
714	password derived keys if its defined
715
7162003-07-24  Love Hörnquist Åstrand  <lha@it.su.se>
717
718	* ipropd_slave.c (receive_everything): switch close and rename
719	From: Alf Wachsmann <alfw@SLAC.Stanford.EDU>
720
7212003-07-03  Love Hörnquist Åstrand  <lha@it.su.se>
722
723	* iprop.h, ipropd_master.c, ipropd_slave.c:
724	Add probing from the server that the client is still there, also
725	make the client check that the server is probing.
726
7272003-07-02  Love Hörnquist Åstrand  <lha@it.su.se>
728
729	* truncate_log.c (main): add missing ``if (ret)''
730
7312003-06-26  Love Hörnquist Åstrand  <lha@it.su.se>
732
733	* set_keys.c (make_keys): add AES support
734
735	* set_keys.c: fix off by one in the aes case, pointed out by Ken
736	Raeburn
737
7382003-04-30  Love Hörnquist Åstrand  <lha@it.su.se>
739
740	* set_keys.c (_kadm5_set_keys_randomly): add
741	ETYPE_AES256_CTS_HMAC_SHA1_96 key when configuried with aes
742	support
743
7442003-04-16  Love Hörnquist Åstrand  <lha@it.su.se>
745
746	* send_recv.c: check return values from krb5_data_alloc
747	* log.c: check return values from krb5_data_alloc
748
7492003-04-16  Love Hörnquist Åstrand  <lha@it.su.se>
750
751	* dump_log.c (print_entry): check return values from
752	krb5_data_alloc
753
7542003-04-01  Love Hörnquist Åstrand  <lha@it.su.se>
755
756	* init_c.c (kadm_connect): if a context realm was passed in, use
757	that to form the kadmin/admin principal
758
7592003-03-19  Love Hörnquist Åstrand  <lha@it.su.se>
760
761	* ipropd_master.c (main): make sure we don't consider dead slave
762	for select processing
763	(write_stats): use slave_stats_file variable,
764	check return value of strftime
765	(args): allow specifying slave stats file
766	(slave_dead): close the fd when the slave dies
767
7682002-10-21  Johan Danielsson  <joda@pdc.kth.se>
769
770	* ipropd_slave.c (from Derrick Brashear): Propagating a large
771	database without this means the slave kdcs can get erroneous
772	HDB_NOENTRY and return the resulting errors. This creates a new db
773	handle, populates it, and moves it into place.
774
7752002-08-26  Assar Westerlund  <assar@kth.se>
776
777	* ipropd_slave.c (receive_everything): type-correctness calling
778	_krb5_get_int
779
780	* context_s.c (find_db_spec): const-correctness in parameters to
781	krb5_config_get_next
782
7832002-08-16  Johan Danielsson  <joda@pdc.kth.se>
784
785	* private.h: rename header file flag macro
786
787	* Makefile.am: generate kadm5-{protos,private}.h
788
7892002-08-15  Johan Danielsson  <joda@pdc.kth.se>
790
791	* ipropd_master.c: check return value of krb5_sockaddr2address
792
7932002-07-04  Johan Danielsson  <joda@pdc.kth.se>
794
795	* ipropd_master.c: handle slaves that come and go; add status
796	reporting (both from Love)
797
798	* iprop.h: KADM5_SLAVE_STATS
799
8002002-03-25  Jacques Vidrine  <n@nectar.com>
801
802	* init_c.c (get_cred_cache): bug fix: the default credentials
803	cache was not being used if a client name was specified.
804
8052002-03-25  Johan Danielsson  <joda@pdc.kth.se>
806
807	* init_c.c (get_cred_cache): when getting the default_client from
808	the cred cache, make sure the instance part is "admin"; this
809	should require fewer uses of -p
810
8112002-03-11  Assar Westerlund  <assar@sics.se>
812
813	* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:5:0
814	(libkadm5clnt_la_LDFLAGS): set version to 6:3:2
815
8162002-02-08  Johan Danielsson  <joda@pdc.kth.se>
817
818	* init_c.c: we have to create our own param struct before
819	marshaling
820
8212001-09-05  Johan Danielsson  <joda@pdc.kth.se>
822
823	* Makefile.am: link with LIB_pidfile
824
825	* iprop.h: include util.h for pidfile
826
8272001-08-31  Assar Westerlund  <assar@sics.se>
828
829	* ipropd_slave.c (main): syslog with the correct name
830
8312001-08-30  Jacques Vidrine <n@nectar.com>
832
833	* ipropd_slave.c, ipropd_master.c (main): call pidfile
834
8352001-08-28  Assar Westerlund  <assar@sics.se>
836
837	* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:4:0
838
8392001-08-24  Assar Westerlund  <assar@sics.se>
840
841	* acl.c (fetch_acl): do not return bogus flags and re-organize
842	function
843
844	* Makefile.am: rename variable name to avoid error from current
845	automake
846
8472001-08-13  Johan Danielsson  <joda@pdc.kth.se>
848
849	* set_keys.c: add easier afs configuration, defaulting to the
850	local realm in lower case; also try to remove duplicate salts
851
8522001-07-12  Assar Westerlund  <assar@sics.se>
853
854	* Makefile.am: add required library dependencies
855
8562001-07-03  Assar Westerlund  <assar@sics.se>
857
858	* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 6:2:2
859
8602001-06-29  Johan Danielsson  <joda@pdc.kth.se>
861
862	* init_c.c: call krb5_get_init_creds_opt_set_default_flags
863
8642001-02-19  Johan Danielsson  <joda@pdc.kth.se>
865
866	* replay_log.c: add --{start-end}-version flags to replay just
867	part of the log
868
8692001-02-15  Assar Westerlund  <assar@sics.se>
870
871	* ipropd_master.c (main): fix select-loop to decrement ret
872	correctly.  from "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
873
8742001-01-30  Assar Westerlund  <assar@sics.se>
875
876	* Makefile.am: bump versions
877
8782000-12-31  Assar Westerlund  <assar@sics.se>
879
880	* init_s.c (*): handle krb5_init_context failure consistently
881	* init_c.c (init_context): handle krb5_init_context failure
882	consistently
883
8842000-12-11  Assar Westerlund  <assar@sics.se>
885
886	* Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:2:0
887
8882000-11-16  Assar Westerlund  <assar@sics.se>
889
890	* set_keys.c (make_keys): clean-up salting loop and try not to
891	leak memory
892
893	* ipropd_master.c (main): check for fd's being too large to select
894	on
895
8962000-08-16  Assar Westerlund  <assar@sics.se>
897
898	* Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:1:0
899
9002000-08-10  Assar Westerlund  <assar@sics.se>
901
902	* acl.c (fetch_acl): fix wrong cases, use krb5_principal_match
903
9042000-08-07  Assar Westerlund  <assar@sics.se>
905
906	* ipropd_master.c (main): ignore SIGPIPE
907
9082000-08-06  Assar Westerlund  <assar@sics.se>
909
910	* ipropd_slave.c (receive_everything): make `fd' an int instead of
911	a pointer.  From Derrick J Brashear <shadow@dementia.org>
912
9132000-08-04  Johan Danielsson  <joda@pdc.kth.se>
914
915	* admin.h: change void** to void*
916
9172000-07-25  Johan Danielsson  <joda@pdc.kth.se>
918
919	* Makefile.am: bump versions to 7:0:0 and 6:0:2
920
9212000-07-24  Assar Westerlund  <assar@sics.se>
922
923	* log.c (kadm5_log_get_version): rename kadm5_log_get_version_fd
924	and make a new that takes a context
925	(kadm5_log_nop): add logging of missing lengths
926	(kadm5_log_truncate): new function
927
928	* dump_log.c (print_entry): update and correct
929	* randkey_s.c: call _kadm5_bump_pw_expire
930	* truncate_log.c: new program for truncating the log
931	* Makefile.am (sbin_PROGRAMS): add truncate_log
932	(C_SOURCES): add bump_pw_expire.c
933	* bump_pw_expire.c: new function for extending password expiration
934
9352000-07-22  Assar Westerlund  <assar@sics.se>
936
937	* keys.c: new file with _kadm5_free_keys, _kadm5_init_keys
938
939	* set_keys.c (free_keys, init_keys): elevate to internal kadm5
940	functions
941
942	* chpass_s.c (kadm5_s_chpass_principal_cond): new function
943	* Makefile.am (C_SOURCES): add keys.c
944	* init_c.c: remove unused variable and handle some parameters
945	being NULL
946
9472000-07-22  Johan Danielsson  <joda@pdc.kth.se>
948
949	* ipropd_slave.c: use krb5_read_priv_message
950
951	* ipropd_master.c: use krb5_{read,write}_priv_message
952
953	* init_c.c: use krb5_write_priv_message
954
9552000-07-11  Johan Danielsson  <joda@pdc.kth.se>
956
957	* ipropd_slave.c: no need to call gethostname, since
958	sname_to_principal will
959
960	* send_recv.c: assert that we have a connected socket
961
962	* get_princs_c.c: call _kadm5_connect
963
964	* rename_c.c: call _kadm5_connect
965
966	* randkey_c.c: call _kadm5_connect
967
968	* privs_c.c: call _kadm5_connect
969
970	* modify_c.c: call _kadm5_connect
971
972	* get_c.c: call _kadm5_connect
973
974	* delete_c.c: call _kadm5_connect
975
976	* create_c.c: call _kadm5_connect
977
978	* chpass_c.c: call _kadm5_connect
979
980	* private.h: add more fields to client context; remove prototypes
981
982	* admin.h: remove prototypes
983
984	* kadm5-protos.h: move public prototypes here
985
986	* kadm5-private.h: move private prototypes here
987
988	* init_c.c: break out connection code to separate function, and
989	defer calling it until we actually do something
990
9912000-07-07  Assar Westerlund  <assar@sics.se>
992
993	* set_keys.c (make_keys): also support `[kadmin]use_v4_salt' for
994	backwards compatability
995
9962000-06-26  Johan Danielsson  <joda@pdc.kth.se>
997
998	* set_keys.c (_kadm5_set_keys): rewrite this to be more easily
999	adaptable to different salts
1000
10012000-06-19  Johan Danielsson  <joda@pdc.kth.se>
1002
1003	* get_s.c: pa_* -> KRB5_PADATA_*
1004
10052000-06-16  Assar Westerlund  <assar@sics.se>
1006
1007	* ipropd_slave.c: change default keytab to default keytab (as in
1008	typically FILE:/etc/krb5.keytab)
1009
10102000-06-08  Assar Westerlund  <assar@sics.se>
1011
1012	* ipropd_slave.c: bug fixes, for actually writing the full dump to
1013	the database.  based on a patch from Love <lha@stacken.kth.se>
1014
10152000-06-07  Assar Westerlund  <assar@sics.se>
1016
1017	* acl.c: add support for patterns of principals
1018	* log.c (kadm5_log_replay_create): handle more NULL pointers
1019	(should they really happen?)
1020	* log.c (kadm5_log_replay_modify): handle max_life == NULL and
1021	max_renew == NULL
1022
1023	* ipropd_master.c: use syslog.  be less verbose
1024	* ipropd_slave.c: use syslog
1025
10262000-06-05  Assar Westerlund  <assar@sics.se>
1027
1028	* private.h (kadm_ops): add kadm_nop more prototypes
1029	* log.c (kadm5_log_set_version, kadm5_log_reinit, kadm5_log_nop,
1030	kadm5_log_replay_nop): add
1031	* ipropd_slave.c: and some more improvements
1032	* ipropd_master.c: lots of improvements
1033	* iprop.h (IPROP_PORT, IPROP_SERVICE): add
1034	(iprop_cmd): add new commands
1035
1036	* dump_log.c: add nop
1037
10382000-05-15  Assar Westerlund  <assar@sics.se>
1039
1040	* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 5:1:1
1041
10422000-05-12  Assar Westerlund  <assar@sics.se>
1043
1044	* get_s.c (kadm5_s_get_principal): set life, rlife to INT_MAX as a
1045	fallback.  handle not having any creator.
1046	* destroy_s.c (kadm5_s_destroy): free all allocated memory
1047	* context_s.c (set_field): free variable if it's already set
1048	(find_db_spec): malloc space for all strings
1049
10502000-04-05  Assar Westerlund  <assar@sics.se>
1051
1052	* Makefile.am (LDADD): add LIB_openldap
1053
10542000-04-03  Assar Westerlund  <assar@sics.se>
1055
1056	* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 6:0:1
1057	(libkadm5clnt_la_LDFLAGS): set version to 5:0:1
1058
10592000-03-24  Assar Westerlund  <assar@sics.se>
1060
1061	* set_keys.c (_kadm5_set_keys2): rewrite
1062	(_kadm5_set_keys3): add
1063
1064	* private.h (struct kadm_func): add chpass_principal_with_key
1065	* init_c.c (set_funcs): add chpass_principal_with_key
1066
10672000-03-23  Assar Westerlund  <assar@sics.se>
1068
1069	* context_s.c (set_funcs): add chpass_principal_with_key
1070	* common_glue.c (kadm5_chpass_principal_with_key): add
1071	* chpass_s.c: comment-ize and change calling convention for
1072	_kadm5_set_keys*
1073	* chpass_c.c (kadm5_c_chpass_principal_with_key): add
1074
10752000-02-07  Assar Westerlund  <assar@sics.se>
1076
1077	* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0
1078
10792000-01-28  Assar Westerlund  <assar@sics.se>
1080
1081	* init_c.c (get_new_cache): make sure to request non-forwardable,
1082	non-proxiable
1083
10842000-01-06  Assar Westerlund  <assar@sics.se>
1085
1086	* Makefile.am (libkadm5srv.la): bump version to 5:1:0
1087
1088	* context_s.c (_kadm5_s_init_context): handle params == NULL
1089
10901999-12-26  Assar Westerlund  <assar@sics.se>
1091
1092	* get_s.c (kadm5_s_get_principal): handle modified_by->principal
1093 	== NULL
1094
10951999-12-20  Assar Westerlund  <assar@sics.se>
1096
1097	* Makefile.am (libkadm5clnt_la_LDFLAGS): bump version to 4:1:0
1098
1099	* init_c.c (_kadm5_c_init_context): handle getting back port
1100 	number from admin host
1101	(kadm5_c_init_with_context): remove `proto/' part before doing
1102	getaddrinfo()
1103
11041999-12-06  Assar Westerlund  <assar@sics.se>
1105
1106	* Makefile.am: bump version to 5:0:0 and 4:0:0
1107
1108	* init_c.c (kadm5_c_init_with_context): don't use unitialized
1109 	stuff
1110
11111999-12-04  Assar Westerlund  <assar@sics.se>
1112
1113	* replay_log.c: adapt to changed kadm5_log_foreach
1114
1115	* log.c (kadm5_log_foreach): change to take a
1116 	`kadm5_server_context'
1117
1118	* init_c.c: use krb5_warn{,x}
1119
1120	* dump_log.c: adapt to changed kadm5_log_foreach
1121
1122	* init_c.c: re-write to use getaddrinfo
1123	* Makefile.am (install-build-headers): add dependency
1124
11251999-12-03  Johan Danielsson  <joda@pdc.kth.se>
1126
1127	* log.c (kadm5_log_foreach): pass context
1128
1129	* dump_log.c: print more interesting things
1130
11311999-12-02  Johan Danielsson  <joda@pdc.kth.se>
1132
1133	* ipropd_master.c (process_msg): check for short reads
1134
11351999-11-25  Assar Westerlund  <assar@sics.se>
1136
1137	* modify_s.c (kadm5_s_modify_principal): support key_data
1138	(kadm5_s_modify_principal_with_key): remove
1139
1140	* admin.h (kadm5_s_modify_principal_with_key): remove
1141
11421999-11-20  Assar Westerlund  <assar@sics.se>
1143
1144	* context_s.c (find_db_spec): ugly cast work-around.
1145
11461999-11-14  Assar Westerlund  <assar@sics.se>
1147
1148	* context_s.c (_kadm5_s_init_context): call krb5_add_et_list so
1149 	that we aren't dependent on the layout of krb5_context_data
1150	* init_c.c (_kadm5_c_init_context): call krb5_add_et_list so that
1151 	we aren't dependent on the layout of krb5_context_data
1152
11531999-11-13  Assar Westerlund  <assar@sics.se>
1154
1155	* password_quality.c (kadm5_setup_passwd_quality_check): use
1156	correct types for function pointers
1157
11581999-11-09  Johan Danielsson  <joda@pdc.kth.se>
1159
1160	* randkey_s.c: always bail out if the fetch fails
1161
1162	* admin.h (kadm5_config_params): remove fields we're not using
1163
1164	* ipropd_slave.c: allow passing a realm
1165
1166	* ipropd_master.c: allow passing a realm
1167
1168	* dump_log.c: allow passing a realm
1169
1170	* acl.c: correctly get acl file
1171
1172	* private.h (kadm5_server_context): add config_params struct and
1173	remove acl_file; bump protocol version number
1174
1175	* marshall.c: marshalling of config parameters
1176
1177	* init_c.c (kadm5_c_init_with_context): try to cope with old
1178	servers
1179
1180	* init_s.c (kadm5_s_init_with_context): actually use some passed
1181	values
1182
1183	* context_s.c (_kadm5_s_init_context): get dbname, acl_file, and
1184	stash_file from the config parameters, try to figure out these if
1185	they're not provided
1186
11871999-11-05  Assar Westerlund  <assar@sics.se>
1188
1189	* Makefile.am (install-build-headers): use `cp' instead of
1190 	INSTALL_DATA
1191
11921999-11-04  Assar Westerlund  <assar@sics.se>
1193
1194	* Makefile.am: bump version to 4:0:0 and 3:0:0 (they access fields
1195 	directly in libkrb5's context - bad functions)
1196
1197	* set_keys.c (_kadm5_set_keys_randomly): set enctypes correctly in
1198 	the copied keys
1199
12001999-10-20  Assar Westerlund  <assar@sics.se>
1201
1202	* Makefile.am: set version of kadm5srv to 3:0:2 (new password
1203 	quality functions).
1204 	set version of kdam5clnt to 2:1:1 (no interface changes)
1205
1206	* Makefile.am (LDADD): add $(LIB_dlopen)
1207
12081999-10-17  Assar Westerlund  <assar@sics.se>
1209
1210	* randkey_s.c (kadm5_s_randkey_principal): use
1211 	_kadm5_set_keys_randomly
1212
1213	* set_keys.c (free_keys): free more memory
1214	(_kadm5_set_keys): a little bit more generic
1215	(_kadm5_set_keys_randomly): new function for setting random keys.
1216
12171999-10-14  Assar Westerlund  <assar@sics.se>
1218
1219	* set_keys.c (_kadm5_set_keys): ignore old keys when setting new
1220 	ones and always add 3 DES keys and one 3DES key
1221
12221999-10-03  Assar Westerlund  <assar@sics.se>
1223
1224	* init_c.c (_kadm5_c_init_context): use `krb5_get_krb_admin_hst'.
1225  	check return value from strdup
1226
12271999-09-26  Assar Westerlund  <assar@sics.se>
1228
1229	* acl.c (_kadm5_privs_to_string): forgot one strcpy_truncate ->
1230 	strlcpy
1231
12321999-09-24  Johan Danielsson  <joda@pdc.kth.se>
1233
1234	* dump_log.c: remove unused `optind'
1235
1236	* replay_log.c: remove unused `optind'
1237
12381999-09-13  Assar Westerlund  <assar@sics.se>
1239
1240	* chpass_c.c (kadm5_c_chpass_principal): new _kadm5_client_recv
1241
1242	* send_recv.c (_kadm5_client_recv): return result in a `krb5_data'
1243 	so that we avoid copying it and don't need to dimension in
1244 	advance.  change all callers.
1245
12461999-09-10  Assar Westerlund  <assar@sics.se>
1247
1248	* password_quality.c: new file
1249
1250	* admin.h
1251 	(kadm5_setup_passwd_quality_check,kadm5_check_password_quality):
1252 	add prototypes
1253
1254	* Makefile.am (S_SOURCES): add password_quality.c
1255
12561999-07-26  Assar Westerlund  <assar@sics.se>
1257
1258	* Makefile.am: update versions to 2:0:1
1259
12601999-07-24  Assar Westerlund  <assar@sics.se>
1261
1262	* ent_setup.c (_kadm5_setup_entry): make princ_expire_time == 0
1263 	and pw_expiration == 0 mean never
1264
12651999-07-22  Assar Westerlund  <assar@sics.se>
1266
1267	* log.c (kadm5_log_flush): extra cast
1268
12691999-07-07  Assar Westerlund  <assar@sics.se>
1270
1271	* marshall.c (store_principal_ent): encoding princ_expire_time and
1272 	pw_expiration in correct order
1273
12741999-06-28  Assar Westerlund  <assar@sics.se>
1275
1276	* randkey_s.c (kadm5_s_randkey_principal): nuke old mkvno,
1277 	otherwise hdb will think that the new random keys are already
1278 	encrypted which will cause lots of confusion later.
1279
12801999-06-23  Assar Westerlund  <assar@sics.se>
1281
1282	* ent_setup.c (_kadm5_setup_entry): handle 0 == unlimited
1283 	correctly.  From Michal Vocu <michal@karlin.mff.cuni.cz>
1284
12851999-06-15  Assar Westerlund  <assar@sics.se>
1286
1287	* init_c.c (get_cred_cache): use get_default_username
1288
12891999-05-23  Assar Westerlund  <assar@sics.se>
1290
1291	* create_s.c (create_principal): if there's no default entry the
1292	mask should be zero.
1293
12941999-05-21  Assar Westerlund  <assar@sics.se>
1295
1296	* init_c.c (get_cred_cache): use $USERNAME
1297
12981999-05-17  Johan Danielsson  <joda@pdc.kth.se>
1299
1300	* init_c.c (get_cred_cache): figure out principal
1301
13021999-05-05  Johan Danielsson  <joda@pdc.kth.se>
1303
1304	* send_recv.c: cleanup _kadm5_client_{send,recv}
1305
13061999-05-04  Assar Westerlund  <assar@sics.se>
1307
1308	* set_keys.c (_kadm5_set_keys2): don't check the recently created
1309 	memory for NULL pointers
1310
1311	* private.h (_kadm5_setup_entry): change prototype
1312
1313	* modify_s.c: call new _kadm5_setup_entry
1314
1315	* ent_setup.c (_kadm5_setup_entry): change so that it takes three
1316 	masks, one for what bits to set and one for each of principal and
1317 	def containing the bits that are set there.
1318
1319	* create_s.c: call new _kadm5_setup_entry
1320
1321	* create_s.c (get_default): check return value
1322	(create_principal): send wider mask to _kadm5_setup_entry
1323
13241999-05-04  Johan Danielsson  <joda@pdc.kth.se>
1325
1326	* send_recv.c (_kadm5_client_recv): handle arbitrarily sized
1327	packets, check for errors
1328
1329	* get_c.c: check for failure from _kadm5_client_{send,recv}
1330
13311999-05-04  Assar Westerlund  <assar@sics.se>
1332
1333	* init_c.c (get_new_cache): don't abort when interrupted from
1334 	password prompt
1335
1336	* destroy_c.c (kadm5_c_destroy): check if we should destroy the
1337 	auth context
1338
13391999-05-03  Johan Danielsson  <joda@pdc.kth.se>
1340
1341	* chpass_s.c: fix arguments to _kadm5_set_keys2
1342
1343	* private.h: proto
1344
1345	* set_keys.c: clear mkvno
1346
1347	* rename_s.c: add flags to fetch and store; seal keys before
1348	logging
1349
1350	* randkey_s.c: add flags to fetch and store; seal keys before
1351	logging
1352
1353	* modify_s.c: add flags to fetch and store; seal keys before
1354	logging
1355
1356	* log.c: add flags to fetch and store; seal keys before logging
1357
1358	* get_s.c: add flags to fetch and store; seal keys before logging
1359
1360	* get_princs_s.c: add flags to fetch and store; seal keys before
1361	logging
1362
1363	* delete_s.c: add flags to fetch and store; seal keys before
1364	logging
1365
1366	* create_s.c: add flags to fetch and store; seal keys before
1367	logging
1368
1369	* chpass_s.c: add flags to fetch and store; seal keys before
1370	logging
1371
1372	* Makefile.am: remove server.c
1373
1374	* admin.h: add prototypes
1375
1376	* ent_setup.c (_kadm5_setup_entry): set key_data
1377
1378	* set_keys.c: add _kadm5_set_keys2 to sey keys from key_data
1379
1380	* modify_s.c: add kadm5_s_modify_principal_with_key
1381
1382	* create_s.c: add kadm5_s_create_principal_with_key
1383
1384	* chpass_s.c: add kadm5_s_chpass_principal_with_key
1385
1386	* kadm5_locl.h: move stuff to private.h
1387
1388	* private.h: move stuff from kadm5_locl.h
1389
1390