xref: /freebsd/crypto/heimdal/lib/kadm5/ChangeLog (revision 4b2eaea43fec8e8792be611dea204071a10b655a) 
12002-10-21  Johan Danielsson  <joda@pdc.kth.se>
2
3	* ipropd_slave.c: pull up 1.27; use a temporary database
4
52002-08-26  Assar Westerlund  <assar@kth.se>
6
7	* ipropd_slave.c (receive_everything): type-correctness calling
8	_krb5_get_int
9
10	* context_s.c (find_db_spec): const-correctness in parameters to
11	krb5_config_get_next
12
132002-08-16  Johan Danielsson  <joda@pdc.kth.se>
14
15	* private.h: rename header file flag macro
16
17	* Makefile.am: generate kadm5-{protos,private}.h
18
192002-08-15  Johan Danielsson  <joda@pdc.kth.se>
20
21	* ipropd_master.c: check return value of krb5_sockaddr2address
22
232002-07-04  Johan Danielsson  <joda@pdc.kth.se>
24
25	* ipropd_master.c: handle slaves that come and go; add status
26	reporting (both from Love)
27
28	* iprop.h: KADM5_SLAVE_STATS
29
302002-03-25  Jacques Vidrine  <n@nectar.com>
31
32	* init_c.c (get_cred_cache): bug fix: the default credentials
33	cache was not being used if a client name was specified.
34
352002-03-25  Johan Danielsson  <joda@pdc.kth.se>
36
37	* init_c.c (get_cred_cache): when getting the default_client from
38	the cred cache, make sure the instance part is "admin"; this
39	should require fewer uses of -p
40
412002-03-11  Assar Westerlund  <assar@sics.se>
42
43	* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:5:0
44	(libkadm5clnt_la_LDFLAGS): set version to 6:3:2
45
462002-02-08  Johan Danielsson  <joda@pdc.kth.se>
47
48	* init_c.c: we have to create our own param struct before
49	marshaling
50
512001-09-05  Johan Danielsson  <joda@pdc.kth.se>
52
53	* Makefile.am: link with LIB_pidfile
54
55	* iprop.h: include util.h for pidfile
56
572001-08-31  Assar Westerlund  <assar@sics.se>
58
59	* ipropd_slave.c (main): syslog with the correct name
60
612001-08-30  Jacques Vidrine <n@nectar.com>
62
63	* ipropd_slave.c, ipropd_master.c (main): call pidfile
64
652001-08-28  Assar Westerlund  <assar@sics.se>
66
67	* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:4:0
68
692001-08-24  Assar Westerlund  <assar@sics.se>
70
71	* acl.c (fetch_acl): do not return bogus flags and re-organize
72	function
73
74	* Makefile.am: rename variable name to avoid error from current
75	automake
76
772001-08-13  Johan Danielsson  <joda@pdc.kth.se>
78
79	* set_keys.c: add easier afs configuration, defaulting to the
80	local realm in lower case; also try to remove duplicate salts
81
822001-07-12  Assar Westerlund  <assar@sics.se>
83
84	* Makefile.am: add required library dependencies
85
862001-07-03  Assar Westerlund  <assar@sics.se>
87
88	* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 6:2:2
89
902001-06-29  Johan Danielsson  <joda@pdc.kth.se>
91
92	* init_c.c: call krb5_get_init_creds_opt_set_default_flags
93
942001-02-19  Johan Danielsson  <joda@pdc.kth.se>
95
96	* replay_log.c: add --{start-end}-version flags to replay just
97	part of the log
98
992001-02-15  Assar Westerlund  <assar@sics.se>
100
101	* ipropd_master.c (main): fix select-loop to decrement ret
102	correctly.  from "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
103
1042001-01-30  Assar Westerlund  <assar@sics.se>
105
106	* Makefile.am: bump versions
107
1082000-12-31  Assar Westerlund  <assar@sics.se>
109
110	* init_s.c (*): handle krb5_init_context failure consistently
111	* init_c.c (init_context): handle krb5_init_context failure
112	consistently
113
1142000-12-11  Assar Westerlund  <assar@sics.se>
115
116	* Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:2:0
117
1182000-11-16  Assar Westerlund  <assar@sics.se>
119
120	* set_keys.c (make_keys): clean-up salting loop and try not to
121	leak memory
122
123	* ipropd_master.c (main): check for fd's being too large to select
124	on
125
1262000-08-16  Assar Westerlund  <assar@sics.se>
127
128	* Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:1:0
129
1302000-08-10  Assar Westerlund  <assar@sics.se>
131
132	* acl.c (fetch_acl): fix wrong cases, use krb5_principal_match
133
1342000-08-07  Assar Westerlund  <assar@sics.se>
135
136	* ipropd_master.c (main): ignore SIGPIPE
137
1382000-08-06  Assar Westerlund  <assar@sics.se>
139
140	* ipropd_slave.c (receive_everything): make `fd' an int instead of
141	a pointer.  From Derrick J Brashear <shadow@dementia.org>
142
1432000-08-04  Johan Danielsson  <joda@pdc.kth.se>
144
145	* admin.h: change void** to void*
146
1472000-07-25  Johan Danielsson  <joda@pdc.kth.se>
148
149	* Makefile.am: bump versions to 7:0:0 and 6:0:2
150
1512000-07-24  Assar Westerlund  <assar@sics.se>
152
153	* log.c (kadm5_log_get_version): rename kadm5_log_get_version_fd
154	and make a new that takes a context
155	(kadm5_log_nop): add logging of missing lengths
156	(kadm5_log_truncate): new function
157
158	* dump_log.c (print_entry): update and correct
159	* randkey_s.c: call _kadm5_bump_pw_expire
160	* truncate_log.c: new program for truncating the log
161	* Makefile.am (sbin_PROGRAMS): add truncate_log
162	(C_SOURCES): add bump_pw_expire.c
163	* bump_pw_expire.c: new function for extending password expiration
164
1652000-07-22  Assar Westerlund  <assar@sics.se>
166
167	* keys.c: new file with _kadm5_free_keys, _kadm5_init_keys
168
169	* set_keys.c (free_keys, init_keys): elevate to internal kadm5
170	functions
171
172	* chpass_s.c (kadm5_s_chpass_principal_cond): new function
173	* Makefile.am (C_SOURCES): add keys.c
174	* init_c.c: remove unused variable and handle some parameters
175	being NULL
176
1772000-07-22  Johan Danielsson  <joda@pdc.kth.se>
178
179	* ipropd_slave.c: use krb5_read_priv_message
180
181	* ipropd_master.c: use krb5_{read,write}_priv_message
182
183	* init_c.c: use krb5_write_priv_message
184
1852000-07-11  Johan Danielsson  <joda@pdc.kth.se>
186
187	* ipropd_slave.c: no need to call gethostname, since
188	sname_to_principal will
189
190	* send_recv.c: assert that we have a connected socket
191
192	* get_princs_c.c: call _kadm5_connect
193
194	* rename_c.c: call _kadm5_connect
195
196	* randkey_c.c: call _kadm5_connect
197
198	* privs_c.c: call _kadm5_connect
199
200	* modify_c.c: call _kadm5_connect
201
202	* get_c.c: call _kadm5_connect
203
204	* delete_c.c: call _kadm5_connect
205
206	* create_c.c: call _kadm5_connect
207
208	* chpass_c.c: call _kadm5_connect
209
210	* private.h: add more fields to client context; remove prototypes
211
212	* admin.h: remove prototypes
213
214	* kadm5-protos.h: move public prototypes here
215
216	* kadm5-private.h: move private prototypes here
217
218	* init_c.c: break out connection code to separate function, and
219	defer calling it until we actually do something
220
2212000-07-07  Assar Westerlund  <assar@sics.se>
222
223	* set_keys.c (make_keys): also support `[kadmin]use_v4_salt' for
224	backwards compatability
225
2262000-06-26  Johan Danielsson  <joda@pdc.kth.se>
227
228	* set_keys.c (_kadm5_set_keys): rewrite this to be more easily
229	adaptable to different salts
230
2312000-06-19  Johan Danielsson  <joda@pdc.kth.se>
232
233	* get_s.c: pa_* -> KRB5_PADATA_*
234
2352000-06-16  Assar Westerlund  <assar@sics.se>
236
237	* ipropd_slave.c: change default keytab to default keytab (as in
238	typically FILE:/etc/krb5.keytab)
239
2402000-06-08  Assar Westerlund  <assar@sics.se>
241
242	* ipropd_slave.c: bug fixes, for actually writing the full dump to
243	the database.  based on a patch from Love <lha@stacken.kth.se>
244
2452000-06-07  Assar Westerlund  <assar@sics.se>
246
247	* acl.c: add support for patterns of principals
248	* log.c (kadm5_log_replay_create): handle more NULL pointers
249	(should they really happen?)
250	* log.c (kadm5_log_replay_modify): handle max_life == NULL and
251	max_renew == NULL
252
253	* ipropd_master.c: use syslog.  be less verbose
254	* ipropd_slave.c: use syslog
255
2562000-06-05  Assar Westerlund  <assar@sics.se>
257
258	* private.h (kadm_ops): add kadm_nop more prototypes
259	* log.c (kadm5_log_set_version, kadm5_log_reinit, kadm5_log_nop,
260	kadm5_log_replay_nop): add
261	* ipropd_slave.c: and some more improvements
262	* ipropd_master.c: lots of improvements
263	* iprop.h (IPROP_PORT, IPROP_SERVICE): add
264	(iprop_cmd): add new commands
265
266	* dump_log.c: add nop
267
2682000-05-15  Assar Westerlund  <assar@sics.se>
269
270	* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 5:1:1
271
2722000-05-12  Assar Westerlund  <assar@sics.se>
273
274	* get_s.c (kadm5_s_get_principal): set life, rlife to INT_MAX as a
275	fallback.  handle not having any creator.
276	* destroy_s.c (kadm5_s_destroy): free all allocated memory
277	* context_s.c (set_field): free variable if it's already set
278	(find_db_spec): malloc space for all strings
279
2802000-04-05  Assar Westerlund  <assar@sics.se>
281
282	* Makefile.am (LDADD): add LIB_openldap
283
2842000-04-03  Assar Westerlund  <assar@sics.se>
285
286	* Makefile.am (libkadm5srv_la_LDFLAGS): set version to 6:0:1
287	(libkadm5clnt_la_LDFLAGS): set version to 5:0:1
288
2892000-03-24  Assar Westerlund  <assar@sics.se>
290
291	* set_keys.c (_kadm5_set_keys2): rewrite
292	(_kadm5_set_keys3): add
293
294	* private.h (struct kadm_func): add chpass_principal_with_key
295	* init_c.c (set_funcs): add chpass_principal_with_key
296
2972000-03-23  Assar Westerlund  <assar@sics.se>
298
299	* context_s.c (set_funcs): add chpass_principal_with_key
300	* common_glue.c (kadm5_chpass_principal_with_key): add
301	* chpass_s.c: comment-ize and change calling convention for
302	_kadm5_set_keys*
303	* chpass_c.c (kadm5_c_chpass_principal_with_key): add
304
3052000-02-07  Assar Westerlund  <assar@sics.se>
306
307	* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0
308
3092000-01-28  Assar Westerlund  <assar@sics.se>
310
311	* init_c.c (get_new_cache): make sure to request non-forwardable,
312	non-proxiable
313
3142000-01-06  Assar Westerlund  <assar@sics.se>
315
316	* Makefile.am (libkadm5srv.la): bump version to 5:1:0
317
318	* context_s.c (_kadm5_s_init_context): handle params == NULL
319
3201999-12-26  Assar Westerlund  <assar@sics.se>
321
322	* get_s.c (kadm5_s_get_principal): handle modified_by->principal
323 	== NULL
324
3251999-12-20  Assar Westerlund  <assar@sics.se>
326
327	* Makefile.am (libkadm5clnt_la_LDFLAGS): bump version to 4:1:0
328
329	* init_c.c (_kadm5_c_init_context): handle getting back port
330 	number from admin host
331	(kadm5_c_init_with_context): remove `proto/' part before doing
332	getaddrinfo()
333
3341999-12-06  Assar Westerlund  <assar@sics.se>
335
336	* Makefile.am: bump version to 5:0:0 and 4:0:0
337
338	* init_c.c (kadm5_c_init_with_context): don't use unitialized
339 	stuff
340
3411999-12-04  Assar Westerlund  <assar@sics.se>
342
343	* replay_log.c: adapt to changed kadm5_log_foreach
344
345	* log.c (kadm5_log_foreach): change to take a
346 	`kadm5_server_context'
347
348	* init_c.c: use krb5_warn{,x}
349
350	* dump_log.c: adapt to changed kadm5_log_foreach
351
352	* init_c.c: re-write to use getaddrinfo
353	* Makefile.am (install-build-headers): add dependency
354
3551999-12-03  Johan Danielsson  <joda@pdc.kth.se>
356
357	* log.c (kadm5_log_foreach): pass context
358
359	* dump_log.c: print more interesting things
360
3611999-12-02  Johan Danielsson  <joda@pdc.kth.se>
362
363	* ipropd_master.c (process_msg): check for short reads
364
3651999-11-25  Assar Westerlund  <assar@sics.se>
366
367	* modify_s.c (kadm5_s_modify_principal): support key_data
368	(kadm5_s_modify_principal_with_key): remove
369
370	* admin.h (kadm5_s_modify_principal_with_key): remove
371
3721999-11-20  Assar Westerlund  <assar@sics.se>
373
374	* context_s.c (find_db_spec): ugly cast work-around.
375
3761999-11-14  Assar Westerlund  <assar@sics.se>
377
378	* context_s.c (_kadm5_s_init_context): call krb5_add_et_list so
379 	that we aren't dependent on the layout of krb5_context_data
380	* init_c.c (_kadm5_c_init_context): call krb5_add_et_list so that
381 	we aren't dependent on the layout of krb5_context_data
382
3831999-11-13  Assar Westerlund  <assar@sics.se>
384
385	* password_quality.c (kadm5_setup_passwd_quality_check): use
386	correct types for function pointers
387
3881999-11-09  Johan Danielsson  <joda@pdc.kth.se>
389
390	* randkey_s.c: always bail out if the fetch fails
391
392	* admin.h (kadm5_config_params): remove fields we're not using
393
394	* ipropd_slave.c: allow passing a realm
395
396	* ipropd_master.c: allow passing a realm
397
398	* dump_log.c: allow passing a realm
399
400	* acl.c: correctly get acl file
401
402	* private.h (kadm5_server_context): add config_params struct and
403	remove acl_file; bump protocol version number
404
405	* marshall.c: marshalling of config parameters
406
407	* init_c.c (kadm5_c_init_with_context): try to cope with old
408	servers
409
410	* init_s.c (kadm5_s_init_with_context): actually use some passed
411	values
412
413	* context_s.c (_kadm5_s_init_context): get dbname, acl_file, and
414	stash_file from the config parameters, try to figure out these if
415	they're not provided
416
4171999-11-05  Assar Westerlund  <assar@sics.se>
418
419	* Makefile.am (install-build-headers): use `cp' instead of
420 	INSTALL_DATA
421
4221999-11-04  Assar Westerlund  <assar@sics.se>
423
424	* Makefile.am: bump version to 4:0:0 and 3:0:0 (they access fields
425 	directly in libkrb5's context - bad functions)
426
427	* set_keys.c (_kadm5_set_keys_randomly): set enctypes correctly in
428 	the copied keys
429
4301999-10-20  Assar Westerlund  <assar@sics.se>
431
432	* Makefile.am: set version of kadm5srv to 3:0:2 (new password
433 	quality functions).
434 	set version of kdam5clnt to 2:1:1 (no interface changes)
435
436	* Makefile.am (LDADD): add $(LIB_dlopen)
437
4381999-10-17  Assar Westerlund  <assar@sics.se>
439
440	* randkey_s.c (kadm5_s_randkey_principal): use
441 	_kadm5_set_keys_randomly
442
443	* set_keys.c (free_keys): free more memory
444	(_kadm5_set_keys): a little bit more generic
445	(_kadm5_set_keys_randomly): new function for setting random keys.
446
4471999-10-14  Assar Westerlund  <assar@sics.se>
448
449	* set_keys.c (_kadm5_set_keys): ignore old keys when setting new
450 	ones and always add 3 DES keys and one 3DES key
451
4521999-10-03  Assar Westerlund  <assar@sics.se>
453
454	* init_c.c (_kadm5_c_init_context): use `krb5_get_krb_admin_hst'.
455  	check return value from strdup
456
4571999-09-26  Assar Westerlund  <assar@sics.se>
458
459	* acl.c (_kadm5_privs_to_string): forgot one strcpy_truncate ->
460 	strlcpy
461
4621999-09-24  Johan Danielsson  <joda@pdc.kth.se>
463
464	* dump_log.c: remove unused `optind'
465
466	* replay_log.c: remove unused `optind'
467
4681999-09-13  Assar Westerlund  <assar@sics.se>
469
470	* chpass_c.c (kadm5_c_chpass_principal): new _kadm5_client_recv
471
472	* send_recv.c (_kadm5_client_recv): return result in a `krb5_data'
473 	so that we avoid copying it and don't need to dimension in
474 	advance.  change all callers.
475
4761999-09-10  Assar Westerlund  <assar@sics.se>
477
478	* password_quality.c: new file
479
480	* admin.h
481 	(kadm5_setup_passwd_quality_check,kadm5_check_password_quality):
482 	add prototypes
483
484	* Makefile.am (S_SOURCES): add password_quality.c
485
4861999-07-26  Assar Westerlund  <assar@sics.se>
487
488	* Makefile.am: update versions to 2:0:1
489
4901999-07-24  Assar Westerlund  <assar@sics.se>
491
492	* ent_setup.c (_kadm5_setup_entry): make princ_expire_time == 0
493 	and pw_expiration == 0 mean never
494
4951999-07-22  Assar Westerlund  <assar@sics.se>
496
497	* log.c (kadm5_log_flush): extra cast
498
4991999-07-07  Assar Westerlund  <assar@sics.se>
500
501	* marshall.c (store_principal_ent): encoding princ_expire_time and
502 	pw_expiration in correct order
503
5041999-06-28  Assar Westerlund  <assar@sics.se>
505
506	* randkey_s.c (kadm5_s_randkey_principal): nuke old mkvno,
507 	otherwise hdb will think that the new random keys are already
508 	encrypted which will cause lots of confusion later.
509
5101999-06-23  Assar Westerlund  <assar@sics.se>
511
512	* ent_setup.c (_kadm5_setup_entry): handle 0 == unlimited
513 	correctly.  From Michal Vocu <michal@karlin.mff.cuni.cz>
514
5151999-06-15  Assar Westerlund  <assar@sics.se>
516
517	* init_c.c (get_cred_cache): use get_default_username
518
5191999-05-23  Assar Westerlund  <assar@sics.se>
520
521	* create_s.c (create_principal): if there's no default entry the
522	mask should be zero.
523
5241999-05-21  Assar Westerlund  <assar@sics.se>
525
526	* init_c.c (get_cred_cache): use $USERNAME
527
5281999-05-17  Johan Danielsson  <joda@pdc.kth.se>
529
530	* init_c.c (get_cred_cache): figure out principal
531
5321999-05-05  Johan Danielsson  <joda@pdc.kth.se>
533
534	* send_recv.c: cleanup _kadm5_client_{send,recv}
535
5361999-05-04  Assar Westerlund  <assar@sics.se>
537
538	* set_keys.c (_kadm5_set_keys2): don't check the recently created
539 	memory for NULL pointers
540
541	* private.h (_kadm5_setup_entry): change prototype
542
543	* modify_s.c: call new _kadm5_setup_entry
544
545	* ent_setup.c (_kadm5_setup_entry): change so that it takes three
546 	masks, one for what bits to set and one for each of principal and
547 	def containing the bits that are set there.
548
549	* create_s.c: call new _kadm5_setup_entry
550
551	* create_s.c (get_default): check return value
552	(create_principal): send wider mask to _kadm5_setup_entry
553
5541999-05-04  Johan Danielsson  <joda@pdc.kth.se>
555
556	* send_recv.c (_kadm5_client_recv): handle arbitrarily sized
557	packets, check for errors
558
559	* get_c.c: check for failure from _kadm5_client_{send,recv}
560
5611999-05-04  Assar Westerlund  <assar@sics.se>
562
563	* init_c.c (get_new_cache): don't abort when interrupted from
564 	password prompt
565
566	* destroy_c.c (kadm5_c_destroy): check if we should destroy the
567 	auth context
568
5691999-05-03  Johan Danielsson  <joda@pdc.kth.se>
570
571	* chpass_s.c: fix arguments to _kadm5_set_keys2
572
573	* private.h: proto
574
575	* set_keys.c: clear mkvno
576
577	* rename_s.c: add flags to fetch and store; seal keys before
578	logging
579
580	* randkey_s.c: add flags to fetch and store; seal keys before
581	logging
582
583	* modify_s.c: add flags to fetch and store; seal keys before
584	logging
585
586	* log.c: add flags to fetch and store; seal keys before logging
587
588	* get_s.c: add flags to fetch and store; seal keys before logging
589
590	* get_princs_s.c: add flags to fetch and store; seal keys before
591	logging
592
593	* delete_s.c: add flags to fetch and store; seal keys before
594	logging
595
596	* create_s.c: add flags to fetch and store; seal keys before
597	logging
598
599	* chpass_s.c: add flags to fetch and store; seal keys before
600	logging
601
602	* Makefile.am: remove server.c
603
604	* admin.h: add prototypes
605
606	* ent_setup.c (_kadm5_setup_entry): set key_data
607
608	* set_keys.c: add _kadm5_set_keys2 to sey keys from key_data
609
610	* modify_s.c: add kadm5_s_modify_principal_with_key
611
612	* create_s.c: add kadm5_s_create_principal_with_key
613
614	* chpass_s.c: add kadm5_s_chpass_principal_with_key
615
616	* kadm5_locl.h: move stuff to private.h
617
618	* private.h: move stuff from kadm5_locl.h
619
620