Nicolas Williams 
							
						 
					 
					
						
						
							
						
						909653e50f 
					 
					
						
						
							
							Add comment and assert about key history to kadm5_log_replay_modify()  
						
						
						
						
					 
					
						2011-07-22 16:07:07 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						b16ca34642 
					 
					
						
						
							
							Fix incorrect key history check optimization. (NOT TESTED)  
						
						
						
						
					 
					
						2011-07-22 16:07:07 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						784e6a69df 
					 
					
						
						
							
							Avoid useless work related to keepold.  
						
						
						
						
					 
					
						2011-07-22 16:07:07 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						9adb40a06e 
					 
					
						
						
							
							Forgot to export the kadm5 policy functions.  
						
						
						
						
					 
					
						2011-07-22 16:07:06 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						31974aa24c 
					 
					
						
						
							
							More s/int/size_t/ for iterators.  Also fixed a stupid bug.  
						
						
						
						
					 
					
						2011-07-22 16:07:06 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						0d90e0c4d0 
					 
					
						
						
							
							Complete --keepold support and fix crasher in kadmin cpw -r --keepold.  
						
						
						
						
					 
					
						2011-07-22 16:07:06 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						558a8d05a6 
					 
					
						
						
							
							Forgot to export kadm5_store_principal_ent_nokeys().  
						
						
						
						
					 
					
						2011-07-22 16:07:06 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a35ea4955a 
					 
					
						
						
							
							create_principal() must memset(ent, 0, ...) before ever returning (fixes core dump)  
						
						
						
						
					 
					
						2011-07-22 16:07:06 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						cf1c898e95 
					 
					
						
						
							
							Undo a s/size_t/int/.  Iterators must be unsigned.  
						
						
						
						
					 
					
						2011-07-22 16:07:05 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						0674e4b13a 
					 
					
						
						
							
							Ooops!  Mind those tags when re-ordering ASN.1 SEQUENCEs! (hdb_keyset)  
						
						
						
						
					 
					
						2011-07-22 16:07:05 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						4b0245d096 
					 
					
						
						
							
							Export the new kadm5 functions.  
						
						
						
						
					 
					
						2011-07-22 16:07:05 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						e16360e2db 
					 
					
						
						
							
							Add --keepold option to cpw.  
						
						
						
						
					 
					
						2011-07-22 16:07:05 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						acc8cd4b22 
					 
					
						
						
							
							Duh, act on keepold in randkey!  
						
						
						
						
					 
					
						2011-07-22 16:06:25 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						e7ea698366 
					 
					
						
						
							
							Fixed dumb bug that caused keys to not accumulate in history.  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						53ea8ac59b 
					 
					
						
						
							
							Make changes to hdb_keyset type be backward-compatible.  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a280ed4d4c 
					 
					
						
						
							
							Forgot a file for the hdb_keyset backwards-compat extention.  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						3794d8b37b 
					 
					
						
						
							
							Changed lib/hdb/Makefile.am to use --sequence=HDB-Ext-KeySet  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						355ae357eb 
					 
					
						
						
							
							Moved set_time field of hdb_keyset to end and add extensibility marker.  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						c2ec368c36 
					 
					
						
						
							
							Add HDB extension for storing policy regarding what historic keys may be used for  
						
						
						
						
					 
					
						2011-07-22 16:06:00 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						308e53a4a8 
					 
					
						
						
							
							Initial support for filtering out "dead" historical keys.  
						
						
						
						
					 
					
						2011-07-22 16:05:21 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						7e0a801e28 
					 
					
						
						
							
							Changed decrypt key history logic and added HDB_F_ALL_KVNOS.  
						
						
						
						
					 
					
						2011-07-22 16:05:21 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a04721b737 
					 
					
						
						
							
							Added basic policy support, w/ policy names listed in krb5.conf  
						
						
						
						
					 
					
						2011-07-22 16:05:21 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						c338446ede 
					 
					
						
						
							
							More kadm5 policy stub stuff.  
						
						
						
						
					 
					
						2011-07-22 16:04:53 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						26f9924bb3 
					 
					
						
						
							
							Added stubs for the kadm5 policy functions.  
						
						
						
						
					 
					
						2011-07-22 16:04:53 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						56259efbac 
					 
					
						
						
							
							Added dummy kadm5_get_policies()  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						abd94953e2 
					 
					
						
						
							
							Fixes to lock nesting code.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						58d72035f1 
					 
					
						
						
							
							Added kadm5_lock() and unlock.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						109607a355 
					 
					
						
						
							
							Fix uninitialized variable.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						45294a93a7 
					 
					
						
						
							
							Added a disting get-keys authorization for kadmind.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						3d0019d3ce 
					 
					
						
						
							
							Added kadm5_setkey_principal*() and kadm5_decrypt_key().  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						e8e314bbb1 
					 
					
						
						
							
							Beginning of another new kadm5 function.  Need to switch branches for a bit.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						6e04b05e9d 
					 
					
						
						
							
							Initial support for kadm5_randkey_principal_3(), needed by krb5_admin.  
						
						... 
						
						
						
						NOT TESTED YET. 
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						51e9da4a66 
					 
					
						
						
							
							Fixed (preemptively) a double free and added password history based on key history.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						34189a23fe 
					 
					
						
						
							
							Added a flag to ensure that we don't mod/store hdb entries fetched with specified kvno.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						e7f385ad0d 
					 
					
						
						
							
							Initial patch to make the MIT KDB backend for HDB handle multiple kvnos.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						34bb7ae363 
					 
					
						
						
							
							Fix double free.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a095933ee0 
					 
					
						
						
							
							We want the time that a keyset was set, not the time it was replaced.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						b45ac85b65 
					 
					
						
						
							
							Add support for fetching old keys via kadm5 API.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						08650b573b 
					 
					
						
						
							
							Also encrypt the history when storing the entry.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						fca53990e4 
					 
					
						
						
							
							Initial commit for second approach for multiple kvno.  NOT TESTED!  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						ed91d4c9e3 
					 
					
						
						
							
							Mac compat  
						
						
						
						
					 
					
						2011-07-22 11:50:30 -07:00 
						 
				 
			
				
					
						
							
							
								Jeffrey Altman 
							
						 
					 
					
						
						
							
						
						c13deafcce 
					 
					
						
						
							
							Synchronize Windows export list with Unix  
						
						... 
						
						
						
						Change-Id: Ic0ee3d1f4b49761fbd2676f4f9562f1bf906e382 
						
						
					 
					
						2011-07-21 11:50:45 -04:00 
						 
				 
			
				
					
						
							
							
								Jeffrey Altman 
							
						 
					 
					
						
						
							
						
						27cc30d38e 
					 
					
						
						
							
							GSS_C_ATTR_LOCAL_LOGIN_USER  
						
						... 
						
						
						
						Be consistent with other GSSAPI global variables.  GSS_C_ATTR_LOCAL_LOGIN_USER
becomes a macro in gssapi.h that refers to an exported variable
__gss_c_attr_local_login_user
Change-Id: I2661d74cd0f760780f75b35f92d6b4f9112080dc 
						
						
					 
					
						2011-07-21 11:46:15 -04:00 
						 
				 
			
				
					
						
							
							
								Jeffrey Altman 
							
						 
					 
					
						
						
							
						
						b7df4f8bb3 
					 
					
						
						
							
							dirent: fix filespec_from_dir_path  
						
						... 
						
						
						
						If the path does not begin with a separator, do not advance
skip the first character in the component referred to by 'comp'.
Change-Id: Ide184ba2065bd8b2075be27b8e1f4cae11026fdd 
						
						
					 
					
						2011-07-21 11:40:04 -04:00 
						 
				 
			
				
					
						
							
							
								Jeffrey Altman 
							
						 
					 
					
						
						
							
						
						b8ce309acb 
					 
					
						
						
							
							Permit TESTMechType array to initialize on Windows (C89)  
						
						... 
						
						
						
						Change-Id: I3c006b9c45f29b129ad6f5102792c1e912bd9c8e 
						
						
					 
					
						2011-07-21 11:36:31 -04:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						f79183821f 
					 
					
						
						
							
							sprinkle doxygen and kode more like the rest of the code base  
						
						
						
						
					 
					
						2011-07-19 21:29:19 -07:00 
						 
				 
			
				
					
						
							
							
								Roland C. Dowdeswell 
							
						 
					 
					
						
						
							
						
						77c8ef2c06 
					 
					
						
						
							
							krb5_free_default_realm() from mit_glue.c needs to be exported to be useful.  
						
						... 
						
						
						
						Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org > 
						
						
					 
					
						2011-07-19 21:25:47 -07:00 
						 
				 
			
				
					
						
							
							
								Roland C. Dowdeswell 
							
						 
					 
					
						
						
							
						
						3ef06de67b 
					 
					
						
						
							
							Fix a couple of bugs in krb5_c_valid_enctype():  
						
						... 
						
						
						
						1.  on errors, it appears to core dump, and
      2.  the sense of the return code is inverted from the
          MIT implementation.
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org > 
						
						
					 
					
						2011-07-19 21:25:15 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						7aaba443bc 
					 
					
						
						
							
							add NTMakefile and windows directories  
						
						
						
						
					 
					
						2011-07-17 12:16:59 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						9bff431435 
					 
					
						
						
							
							sizeof is used incorrectly in DES3_random_to_key()  
						
						... 
						
						
						
						from OpenBSD via Jonathan Gray <jsg@goblin.cx > 
						
						
					 
					
						2011-07-13 23:16:06 -07:00