Age | Commit message (Collapse) | Author | Files | Lines |
|
Fixed a number of memleaks where the master key list was refetched.
Modified the initial actkvno TL entry to set the act_time to 0 in case
the kdc's clock is moved back after the initial entry is created. This
way the initial mkey will always be active.
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21836 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Duplicates glob-to-regexp code from libkadm5srv for now (noted in
comments in both places).
Updated kdb5_util.M for update_princ_encryption, and added
placeholders for add_mkey, use_mkey, and list_mkeys.
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21830 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Also tweaked the add_mkey code to call krb5_dbe_update_mkvno to update
the mkvno stored in the K/M princ so the kadmin getprinc will output the
right value.
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21824 dc483132-0cff-0310-8789-dd5450dbe970
|
|
If I use "kdb5_util dump -mkey_convert" after using the master key rollover
support, does something reasonably sane happen? E.g., process all the old
keys properly, leave just one new master key value in the output database,
reset the mkvno values attached to principals, etc.
Done. Note I may have to update the dump code to deal with the
various mkey input options which I'll do in a follow on commit.
Also note that I removed the locking around the krb5_db2_alloc and
free functions.
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21807 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Have both LDAP and DB2 back ends been tried with Will's new code? Looks
like some default routines like kdb_def_get_mkey_list won't do anything; is
that okay?
Done but not tested.
"XXX" comments in kdc/extern.h and elsewhere need to be looked into,
obviously.
Almost done (working on the mkey_convert issue).
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21806 dc483132-0cff-0310-8789-dd5450dbe970
|
|
(removed hard tabs), added logic to add default actkvno tl_data when
creating a new mkey princ.
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21739 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21722 dc483132-0cff-0310-8789-dd5450dbe970
|
|
purge_mkeys, sync_stash and update_princ_encryption still need to be
written) so the purpose of this commit is to allow early review of the
addition of support for > 1 master key and the "active" master keylist.
This commit does not include any changes required to sync this level of
the branch with the current level of the trunk. That will follow this
commit.
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21721 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20465 dc483132-0cff-0310-8789-dd5450dbe970
|
|
(main): Use it.
* kdb5_util.h (add_db_arg): Declare it.
* kdb5_create.c (kdb5_create): Use it.
* dump.c (load_db): Use it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18276 dc483132-0cff-0310-8789-dd5450dbe970
|
|
Will probably break things.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17258 dc483132-0cff-0310-8789-dd5450dbe970
|
|
don't worry about restoring them when importing new versions of code.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13792 dc483132-0cff-0310-8789-dd5450dbe970
|
|
* loadv4.c: Include k5-int.h before des.h for des_read_password
prototype. Pass C_Block * to des_read_password() as per prototype.
* kdb5_util.h: Add prototype for usage.
* kdb5_create.c, kdb5_destroy.c, kdb5_stash.c: Include kdb5_util.h
for usage() prototype.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13317 dc483132-0cff-0310-8789-dd5450dbe970
|
|
dumpv4.c, dump.c: Compiler warning cleanup including prototypes,
assignments in conditionals, unused variables, varaibles shadowing
one-another.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13028 dc483132-0cff-0310-8789-dd5450dbe970
|
|
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11853 dc483132-0cff-0310-8789-dd5450dbe970
|
|
OV_MERGE branches. This includes, but is not limited to, the new openvision
admin system, and major changes to gssapi to add functionality, and bring
the implementation in line with rfc1964. before committing, the
code was built and tested for netbsd and solaris.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8774 dc483132-0cff-0310-8789-dd5450dbe970
|