oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,861 Commits 2 Branches 2 Tags
1ffff7e4fff608c917a2b24f71e6ec6e0823d699
Commit Graph

28 Commits

Author SHA1 Message Date
Jeffrey Altman
1ffff7e4ff kadmin: ext.c -Wcalloc-transposed args 
warning: 'calloc' sizes specified with 'sizeof' in the earlier argument
and not in the later argument [-Wcalloc-transposed-args].

Swap the args.
 2024-06-04 06:22:37 -04:00
Nicolas Williams
6b64ae2cde kadmin: Fix leak of dup context 2022-03-23 23:39:34 -05:00
Nicolas Williams
621deed047 kadmin: Fix re-entrance in iterations 
Any callback of kadm5_iter_principals() that wants to call other kadm5
functions (such as kadm5_get_principal()) needs to do so on a different
kadm5 handle than the one used for kadm5_iter_principals().
 2022-03-23 18:03:38 -05:00
Nicolas Williams
b7bf5ca6e8 kadmin: Fix warnings 2022-01-14 14:59:02 -06:00
Nicolas Williams
c2b106def5 Fix wrong keepold default in kadmin and ktutil 2019-01-09 00:14:11 -06:00
Nicolas Williams
d8394c65b7 Add new kadmin/ktutil --keep* and --enctypes opts 
- Add --keepold/keepallold/pruneall options to various kadmin/ktutil
   commands.  Default behavior to "prune old keys".

 - When setting keys for a service, we need to specify enctypes for it:

    - Always use kadm5_randkey_principal_3() instead of the older
      kadm5_randkey_principal().

    - Add krb5_string_to_keysalts2(), like MIT's krb5_string_to_keysalts(),
      but with a context, and simpler.

    - Add --enctypes options to various kadmin/ktutil commands.

    - Add [libdefaults] supported_enctypes param with enctype[:salttype]
      list.

    - Add [realms] realm supported_enctypes param with enctype[:salttype]
      list.

      Default to aes128-cts-hmac-sha1-96:normal.
 2019-01-02 17:29:08 -06:00
Nicolas Williams
540c3273c4 kadmin: improve warnings in ext_keytab 2015-03-16 11:36:41 -05:00
Jeffrey Altman
15e69fbb58 kadmin: add ext_keytab --random-key switch 
Add a --random-key switch to kadmin's ext_keytab to force the generation
of a new keyset consisting of random keys and a new key version number.
 2015-03-16 11:36:41 -05:00
Nicolas Williams
dcbe8ae73b kadmin: do_ext_keytab add bogus key warnings 
If any of the keys returned by kadmin are the magic bogus key
generate a warning to the user that they are missing the git-keys
privilege.

Change-Id: I235b87eeb2f81e8fd8c8481154d613e92a7e11e2
 2015-03-14 16:08:42 -04:00
Jeffrey Altman
1bfb759a64 kadmin: refactor do_ext_keytab for common cleanup 
Refactor do_ext_keytab() so that all cleanup is performed by jumping
to the out label on error.

Change-Id: Ic0c0f57e8ebabf30b49519f14743370d1c1672d2
 2015-03-14 16:08:41 -04:00
Nicolas Williams
b80b21c8a8 Make kadmin ext work when lacking get-keys priv 
When we added the get-keys privilege we lost the ability to setup
keytabs with the kadmin ext command.  The fix is to note that we got
bogus key data and randkey (as we used to).
 2014-03-25 21:45:10 -05:00
Love Hornquist Astrand
433b1d5073 drop RCSID 2010-03-16 12:52:58 -07:00
Love Hörnquist Åstrand
1f77290fb2 switch to krb5_clear_error_message 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23917 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-10-14 02:56:48 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
091fba8a25 return 1 on failure, update (c) 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16658 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-25 12:29:46 +00:00
Love Hörnquist Åstrand
5654000990 lower amount of shadow and const warnings 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15587 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-07 22:06:50 +00:00
Love Hörnquist Åstrand
f8de12c234 (do_ext_keytab): if there isn't any keydata, try using kadm5_randkey_principal 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14029 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-07-06 04:21:26 +00:00
Johan Danielsson
9929f779ec move kadmin-commands.h from kadmin_locl.h so kadmind does not depend on it 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14000 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-06-27 15:04:07 +00:00
Johan Danielsson
d7f9fac88e convert to use slc; also add stash subcommand 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13970 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-06-21 19:19:45 +00:00
Johan Danielsson
6ccf1faefe no need to use the "modify" keytab anymore 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10829 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-02-11 14:29:52 +00:00
Assar Westerlund
b2d88bb90e (ext_keytab): use the default modify keytab per default 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10041 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-06-12 12:15:15 +00:00
Assar Westerlund
2325a19ad1 (ext_keytab): new foreach_principal 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9853 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-05-07 05:31:12 +00:00
Assar Westerlund
179a238e8c (do_ext_keytab): set timestamp 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7707 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-01-02 03:58:02 +00:00
Johan Danielsson
c5b916ca6f remove advertising clause 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7464 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-12-02 17:05:13 +00:00
Assar Westerlund
fc1956b05f new arg_printusage 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5130 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-08-18 21:17:01 +00:00
Johan Danielsson
bae1697bdb Use `foreach_principal'. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4499 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-03-01 04:04:07 +00:00
Johan Danielsson
a9f1581a4c Simple kadmin utility. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3738 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-11-01 02:53:06 +00:00