Nicolas Williams 
							
						 
					 
					
						
						
							
						
						0c893d3980 
					 
					
						
						
							
							Fixed booboos from kadm5 key history patch set  
						
						... 
						
						
						
						Also: add support for ignoring null enctype / zero-length keys,
    which *can* be found in MIT DB entries created in pre-historic
    times.
    Also: make the mitdb HDB backend more elegant (e.g., use the ASN.1
    compiler's generated sequence/array utility functions.
    Also: add a utility function needed for kadm5 kvno change
    improvements and make kadmin's mod --kvno work correctly and
    naturally.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2011-09-22 15:13:13 +02:00 
						 
				 
			
				
					
						
							
							
								Luke Howard 
							
						 
					 
					
						
						
							
						
						775a452313 
					 
					
						
						
							
							some Windows build fixes  
						
						
						
						
					 
					
						2011-09-12 20:11:36 +10:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						c9e37efbe1 
					 
					
						
						
							
							try get spelling right  
						
						
						
						
					 
					
						2011-07-30 14:27:32 -07:00 
						 
				 
			
				
					
						
							
							
								Stefan Metzmacher 
							
						 
					 
					
						
						
							
						
						272d7511ca 
					 
					
						
						
							
							lib/hdb: add HDB_F_FOR_AS_REQ and HDB_F_FOR_TGS_REQ flags  
						
						... 
						
						
						
						This will be used to indicate to the backend if a fetch is for
an AS REQ or TGS REQ. Samba needs to take some action in the
HDB_F_FOR_TGS_REQ case and always canonicalize the principal
names, even without HDB_F_CANON.
metze
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org > 
						
						
					 
					
						2011-07-30 11:56:46 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						5fc3d6fffa 
					 
					
						
						
							
							spelling  
						
						
						
						
					 
					
						2011-07-27 08:28:44 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						5732d85e29 
					 
					
						
						
							
							generate sequence for HDB-Ext-KeySet and Keys  
						
						
						
						
					 
					
						2011-07-26 20:18:57 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						8b7e31c301 
					 
					
						
						
							
							plug memory leak  
						
						
						
						
					 
					
						2011-07-26 20:15:33 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						74ec640500 
					 
					
						
						
							
							Only free ext on replace  
						
						
						
						
					 
					
						2011-07-24 20:23:30 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						2ae9bbb915 
					 
					
						
						
							
							update (c)  
						
						
						
						
					 
					
						2011-07-24 20:04:02 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						1a6195153f 
					 
					
						
						
							
							start to use KRB5_ENCTYPE_  
						
						
						
						
					 
					
						2011-07-24 20:02:10 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						f9afd37eed 
					 
					
						
						
							
							use add_HDB_Ext_KeySet and plug memory leak  
						
						
						
						
					 
					
						2011-07-24 18:14:25 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						e32186d9de 
					 
					
						
						
							
							expore more  
						
						
						
						
					 
					
						2011-07-24 16:15:06 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						8fccb51d49 
					 
					
						
						
							
							Merge pull request  #12  from nicowilliams/krb5_admin_patches_2nd  
						
						... 
						
						
						
						Krb5 admin patches 2nd
This has all the patches needed for krb5_admind to build and pass most tests, that includes:
- more kadm5 API compatibility (including very basic profile functionality)
- multi-kvno support (useful for key rollovers) (a test for this is included in tests/db/check-kdc)
Unfinished:
- password history (currently uses key history, needs to be separated and use digests)
- policies (only default policy allowed)
- mit kdb changes not tested yet
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org > 
						
						
					 
					
						2011-07-24 15:41:36 -07:00 
						 
				 
			
				
					
						
							
							
								Linus Nordberg 
							
						 
					 
					
						
						
							
						
						2e35198908 
					 
					
						
						
							
							Add version-script.map to _DEPENDENCIES.  
						
						... 
						
						
						
						Added to 11 out of 14 directories with map files.  Not lib/ntlm,
lib/hcrypto and kdc which have the map file as an explicit dependency
to _OBBJECTS.
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org > 
						
						
					 
					
						2011-07-24 14:07:59 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						f60ec15834 
					 
					
						
						
							
							partly unify enctype/keytype since there is only enctypes  
						
						
						
						
					 
					
						2011-07-24 14:03:08 -07:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						95262936c7 
					 
					
						
						
							
							s/assert/heim_assert/ and remove dead code  
						
						
						
						
					 
					
						2011-07-24 11:07:27 -05:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						12403a31ce 
					 
					
						
						
							
							sprinkle more windows files  
						
						
						
						
					 
					
						2011-07-23 11:18:21 -07:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						1eb56edd86 
					 
					
						
						
							
							Introduce Keys ::= SEQUENCE OF Key in hdb.asn1 so we can get convenience utils.  
						
						
						
						
					 
					
						2011-07-22 16:07:08 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						689d4f4dd9 
					 
					
						
						
							
							Another HDB_F_DECRYPT-isn't-critical fix.  
						
						
						
						
					 
					
						2011-07-22 16:07:08 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						5335559845 
					 
					
						
						
							
							Oops, HDB_F_DECRYPT isn't critical; making it so breaks tests.  
						
						
						
						
					 
					
						2011-07-22 16:07:08 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a246c394d2 
					 
					
						
						
							
							Fix warnings.  
						
						
						
						
					 
					
						2011-07-22 16:07:08 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						f2897efd09 
					 
					
						
						
							
							Make the KDC path work.  
						
						
						
						
					 
					
						2011-07-22 16:07:08 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						31974aa24c 
					 
					
						
						
							
							More s/int/size_t/ for iterators.  Also fixed a stupid bug.  
						
						
						
						
					 
					
						2011-07-22 16:07:06 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						cf1c898e95 
					 
					
						
						
							
							Undo a s/size_t/int/.  Iterators must be unsigned.  
						
						
						
						
					 
					
						2011-07-22 16:07:05 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						0674e4b13a 
					 
					
						
						
							
							Ooops!  Mind those tags when re-ordering ASN.1 SEQUENCEs! (hdb_keyset)  
						
						
						
						
					 
					
						2011-07-22 16:07:05 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						53ea8ac59b 
					 
					
						
						
							
							Make changes to hdb_keyset type be backward-compatible.  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a280ed4d4c 
					 
					
						
						
							
							Forgot a file for the hdb_keyset backwards-compat extention.  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						3794d8b37b 
					 
					
						
						
							
							Changed lib/hdb/Makefile.am to use --sequence=HDB-Ext-KeySet  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						355ae357eb 
					 
					
						
						
							
							Moved set_time field of hdb_keyset to end and add extensibility marker.  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						c2ec368c36 
					 
					
						
						
							
							Add HDB extension for storing policy regarding what historic keys may be used for  
						
						
						
						
					 
					
						2011-07-22 16:06:00 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						308e53a4a8 
					 
					
						
						
							
							Initial support for filtering out "dead" historical keys.  
						
						
						
						
					 
					
						2011-07-22 16:05:21 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						7e0a801e28 
					 
					
						
						
							
							Changed decrypt key history logic and added HDB_F_ALL_KVNOS.  
						
						
						
						
					 
					
						2011-07-22 16:05:21 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a04721b737 
					 
					
						
						
							
							Added basic policy support, w/ policy names listed in krb5.conf  
						
						
						
						
					 
					
						2011-07-22 16:05:21 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						abd94953e2 
					 
					
						
						
							
							Fixes to lock nesting code.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						58d72035f1 
					 
					
						
						
							
							Added kadm5_lock() and unlock.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						109607a355 
					 
					
						
						
							
							Fix uninitialized variable.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						6e04b05e9d 
					 
					
						
						
							
							Initial support for kadm5_randkey_principal_3(), needed by krb5_admin.  
						
						... 
						
						
						
						NOT TESTED YET. 
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						51e9da4a66 
					 
					
						
						
							
							Fixed (preemptively) a double free and added password history based on key history.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						34189a23fe 
					 
					
						
						
							
							Added a flag to ensure that we don't mod/store hdb entries fetched with specified kvno.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						e7f385ad0d 
					 
					
						
						
							
							Initial patch to make the MIT KDB backend for HDB handle multiple kvnos.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						34bb7ae363 
					 
					
						
						
							
							Fix double free.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a095933ee0 
					 
					
						
						
							
							We want the time that a keyset was set, not the time it was replaced.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						08650b573b 
					 
					
						
						
							
							Also encrypt the history when storing the entry.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						fca53990e4 
					 
					
						
						
							
							Initial commit for second approach for multiple kvno.  NOT TESTED!  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						7aaba443bc 
					 
					
						
						
							
							add NTMakefile and windows directories  
						
						
						
						
					 
					
						2011-07-17 12:16:59 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						0879b9831a 
					 
					
						
						
							
							remove trailing whitespace  
						
						
						
						
					 
					
						2011-05-21 11:57:31 -07:00 
						 
				 
			
				
					
						
							
							
								Jeffrey Altman 
							
						 
					 
					
						
						
							
						
						6850d6a65f 
					 
					
						
						
							
							avoid uninit variable and unreachable code warnings  
						
						... 
						
						
						
						most of these warnings are not problems because of ample
use of abort() calls.  However, the large number of warnings
makes it difficult to identify real problems.  Initialize
the variables to shut up the compilers.
Change-Id: I8477c11b17c7b6a7d9074c721fdd2d7303b186a8 
						
						
					 
					
						2011-05-17 12:02:16 -04:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						f5f9014c90 
					 
					
						
						
							
							Warning fixes from Christos Zoulas  
						
						... 
						
						
						
						- shadowed variables
- signed/unsigned confusion
- const lossage
- incomplete structure initializations
- unused code 
						
						
					 
					
						2011-04-29 20:25:05 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						7a4d4c5f4e 
					 
					
						
						
							
							Add HAVE_SQLITE3 that allows control if you want sqlite or not  
						
						
						
						
					 
					
						2011-04-16 10:26:43 -07:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						4244f13866 
					 
					
						
						
							
							This makes hdb-sqlite work: moving the unseal of keys past the value2entry decoding.  
						
						... 
						
						
						
						Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2011-04-16 10:19:40 -07:00