2005-04-13 Ken Raeburn * schpw.c (NEED_SOCKETS): Don't define. 2004-10-28 Tom Yu * misc.c (check_min_life): Actually return a value on success. 2004-10-27 Tom Yu * misc.c, misc.h: New function check_min_life(), containing common code from wrapper functions. New function chpass_util_wrapper(), which does min_life checking prior to calling kadm5_chpass_principal_util(). * schpw.c (process_chpw_request): Call chpass_util_wrapper(). 2004-09-21 Tom Yu * ovsec_kadmd.c (kadm_svc_run): Don't use rpc_dtablesize(). 2004-08-20 Alexandra Ellwood * ovsec_kadmd.c (main), server_stubs.c (*): renamed acl_* functions to kadm5int_acl_* 2004-06-26 Tom Yu * ovsec_kadmd.c (log_badverf): Fix a missed rpc_u_int32. 2004-06-25 Tom Yu * ovsec_kadmd.c (log_badverf): Use rpcproc_t instead of rpc_u_int32 in procnames. 2004-06-15 Tom Yu * kadm_rpc_svc.c (check_rpcsec_auth, gss_to_krb5_name): New functions to check service name for RPCSEC_GSS. (kadm_1): Add service name check for RPCSEC_GSS. * ovsec_kadmd.c (main): Setup logging calllbacks for RPCSEC_GSS. Use GSS_C_N_NAME for acceptor name for RPCSEC_GSS. (log_badverf): Handle null client and server names. * server_stubs.c (rqst2name): New function to return appropriate gss_name_t for a given auth flavor (RPCSEC_GSS and AUTH_GSSAPI use different field names). 2004-05-27 Tom Yu * kadm_rpc_svc.c (kadm_1): Allow RPCSEC_GSS; remove AUTH_GSSAPI_COMPAT. * misc.h (kadm_1): Conditionalize prototype on SVC_GETARGS rather than on an inclusion-protection macro. * ovsec_kadmd.c (main): Add preliminary support for RPCSEC_GSS. (do_schpw, kadm_svc_run): Update some names. 2004-03-20 Ken Raeburn * ovsec_kadmd.c (main): Use any handy krb5 context to register the KDB keytab type, we don't need to pluck it out of the GSSAPI krb5 mechanism. (gctx): Variable deleted. 2004-02-24 Ken Raeburn * Makefile.in (OBJS, $(PROG)): Link against apputils lib instead of using LIBOBJS. 2003-09-02 Alexandra Ellwood * ovsec_kadmd.c: Added Apple password server support. 2003-08-29 Ken Raeburn * Makefile.in (OBJS): Use @LIBOBJS@. 2003-05-27 Tom Yu * schpw.c (process_chpw_request): Log chpw requests. 2003-05-16 Ken Raeburn * schpw.c (process_chpw_request): Return KRB5_KPASSWD_BAD_VERSION if the version number isn't 1. 2003-03-07 Tom Yu * ovsec_kadmd.c (REQUIRED_PARAMS): Remove KADM5_CONFIG_ADMIN_KEYTAB. (do_schpw): Use kdb keytab. 2003-03-05 Tom Yu * Makefile.in (LOCALINCLUDES): Add gssapi directories in order to get internal includes. * ovsec_kadmd.c (main): Go through contortions to set up a kdb keytab for gssapi, so we can avoid needing a file-based keytab. 2003-01-09 Ken Raeburn * ovsec_kadmd.c (do_schpw): Use socklen_t when passing address to socket functions. 2003-01-07 Ken Raeburn * Makefile.ov: Deleted. 2002-12-09 Sam Hartman * misc.h: Fix prototypes for *_wrapper_3 to be consistent with sources. 2002-12-09 Ezra Peisach * misc.h: Rename prototypes from chpass_principal_wrapper and randkey_principal_wrapper to chpass_principal_wrapper_3 and randkey_principal_wrapper_3 2002-10-08 Tom Yu * misc.c (chpass_principal_wrapper_3): Renamed from chpass_principal_wrapper; calls chpass_principal_3 now. (randkey_principal_wrapper_3): Renamed from randkey_principal_wrapper; calls randkey_principal_3 now. Patch from Ben Cox. * server_stubs.c (chpass_principal_1_svc) (chpass_principal3_1_svc): Call chpass_principal_wrapper_3. (chrand_principal_1_svc, chrand_principal3_1_svc): Call randkey_principal_wrapper_3. Patch from Ben Cox. 2002-08-29 Ken Raeburn * Makefile.in: Revert $(S)=>/ change, for Windows support. 2002-08-23 Ken Raeburn * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. 2002-08-01 Tom Yu * server_stubs.c: Check return value from unparse_name() in lots of places. Patch from Mark Levinson; fixes [krb5-admin/1140]. 2002-01-08 Sam Hartman * ovsec_kadmd.c (main): Get random data from /dev/random (main): If we can't set gssapi names, hint that the keytab might be at fault 2001-10-26 Ezra Peisach * schpw.c (process_chpw_request): Use GETSOCKNAME_ARG3_TYPE instead of int as argument to getsockname(). 2001-06-29 Ezra Peisach * misc.c, server_stubs.c: Nuke rcsid. * misc.h: Add prototypes for kadm_1 and process_chpw_request. * ovsec_kadmd.c: Include misc.h and remove prototype for process_chpw_request and kadm_1. * kadm_rpc_svc.c, schpw.c: Include misc.h for prototypes. 2001-06-26 Ezra Peisach * server_glue_v1.c: Include misc.h for prototypes. * ovsec_kadmd.c: Declare usage() and display_status() static. Flush out static prototype for display_status_1(). 2001-06-21 Ezra Peisach * ovsec_kadmd.c: Change prototype for process_chpw_request prototype argument from sin to sockin. Get rid of global params variable. * schpw.c: Change function declaration as well. 2001-06-21 Ezra Peisach * ovsec_kadmd.c: Add prototype for daemon if needed. 2001-06-08 Ezra Peisach * ovsec_kadmd.c (main): Make format string to sprintf specify that long arguments are present. * kadm_rpc_svc.c: Include arpa/inet.h (if present) for inet_ntoa prototype. Include adm_proto.h for krb5_klog_syslog() prototype. 2001-06-04 Ezra Peisach * misc.c, schpw.c: Cleanup assignments in conditionals. 2001-02-18 Ezra Peisach * kadm_rpc_svc.c, server_stubs.c: Rename all server side dispatch routines to end in _svc so as to not conflict with prototypes of client side handlers. 2000-10-17 Ezra Peisach * ovsec_kadmd.c (do_schpw): Cast arguments to sendto() which take int. 2000-06-30 Tom Yu * server_stubs.c: Kludge to rename xdr_free() properly. 2000-06-29 Tom Yu * schpw.c (process_chpw_request): Add new argument to call to chpass_principal_util() 2000-05-31 Wilfredo Sanchez * kadm_rpc_svc.c: Check for existance of . [from Nathan Neulinger ] 2000-03-16 Ken Raeburn Matt Crawford * server_stubs.c: All callers of acl_check updated to add new restriction argument. Impose any provided restrictions on add- or modify-principal operations; pass NULL pointer for all other operations including rename-principal. 2000-02-27 Tom Yu * server_stubs.c (create_principal3_1): Remove keepold argument. 2000-02-18 Tom Yu * kadm_rpc_svc.c (kadm_1): Update to include new api functions. * ovsec_kadmd.c (log_badverf): Update proc_names. 2000-02-17 Tom Yu * server_stubs.c: Add create_principal3_1, chpass_principal3_1, setkey_principal3_1, and chrand_principal3_1 to do the obvious things. 1999-10-26 Wilfredo Sanchez * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, LOCAL_INCLUDES such that one can override CFLAGS from the command line without losing CPP search patchs and defines. Some associated Makefile cleanup. Tue May 11 23:59:55 1999 Theodore Y. Ts'o * ovsec_kadmd.c (main): Fix how we specify the OID. Fri May 7 17:15:17 1999 Theodore Y. Ts'o * ovsec_kadmd.c: Remove dependency on gssapi_krb5.h by using gss_str_to_oid() to get the necessary oid for the krb5_name name type. Also added #include files to get prototypes and fixed some gcc -Wall nits. Fixed calls to krb5_klog_close() to pass the krb5_context as an argument. Mon Mar 1 21:24:49 1999 Tom Yu * ovsec_kadmd.c (log_badverf): Actually make a real lookup table for procedure numbers. Also, if we don't find the procedure number, just log the number rather than falling off the end of an array. 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are relative to buildtop and thisconfigdir, respectively.) 1998-10-27 Marc Horowitz * ovsec_kadmd.c: add calls to a new function _svcauth_gssapi_unset_names() to clean up memory when shutting down. Use krb5_overridekeyname instead of krb5_defkeyname, so the command line takes precedence over the environment. Wed Jul 22 00:28:57 1998 Geoffrey King * ovsec_kadmd.c (main): Cast gss_nt_krb5_name to gss_OID to avoid compiler warnings. Tue Jul 21 16:36:51 1998 Geoffrey King * ovsec_kadmd.c: Call krb5_klog_reopen in kadm_svc_run upon receiving a SIGHUP. Use sigaction instead of signal if POSIX_SIGNALS is defined. All of the calls to signal and sigaction are now in a separate function setup_signal_handlers, as the kdc code does. Also, since reset_db no longer does anything, change the name of signal_request_reset to the more descriptive signal_request_hup, and request_reset_db to request_hup (paralleling the nomenclature in the kdc code). Mon Jul 20 11:28:39 1998 Ezra Peisach * schpw.c (process_chpw_request): Cast to krb5_octet * instead of char * for krb5_address.contents type. Fri Feb 27 23:32:38 1998 Theodore Ts'o * Makefile.in: Changed thisconfigdir to point at the kadmin directory, since we've moved all of the configure.in tests to the toplevel kadmin configure.in Wed Feb 25 14:00:32 1998 Ezra Peisach * schpw.c (process_chpw_request): Free memory of allocated for local address. * ovsec_kadmd.c (do_schpw): Call krb5_kt_close to free memory allocated. Wed Feb 18 15:58:30 1998 Tom Yu * Makefile.in: Remove trailing slash from thisconfigdir. Fix up BUILDTOP for new conventions. Sat Feb 14 22:01:30 1998 Tom Yu * ovsec_kadmd.c (kadm_svc_run): Fix naming of _rpc_dtablesize() that was missed earlier. Fri Feb 13 21:37:28 1998 Tom Yu * kadm_rpc_svc.c: Punt naughty RCS keywords. Update header locations. * ovsec_kadmd.c: Update header locations. Punt naughty RCS keywords. Mon Feb 2 17:02:29 1998 Theodore Ts'o * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile Wed Jan 21 00:00:34 1998 Tom Yu * schpw.c: New file. Support for Cygnus chpw. * ovsec_kadmd.c: Add support for Cygnus chpw. * Makefile.in (OBJS): Add schpw.o. Tue Oct 14 21:06:16 1997 Ezra Peisach * server_stubs.c (CHANGEPW_SERVICE): Modify to free allocated memory in request. (setup_gss_names): Free memory in case of failure. (chrand_principal_1): Call free_server_handle for failure cleanup. * ovsec_kadmd.c (main): Cleanup memory by calling acl_finish, gss_release_name, and krb5_free_context Tue Jul 1 02:36:55 1997 Tom Yu * kadm_rpc_svc.c, server_stubs.c: Add support for setv4key. Mon Mar 31 17:42:03 1997 Barry Jaspan * kadm_rpc_svc.c, server_stubs.c: add support for setkey_principal Tue Feb 4 20:59:31 1997 Tom Yu * Makefile.in: * configure.in: Update to new program build procedure. Wed Dec 4 15:29:30 1996 Barry Jaspan * ovsec_kadmd.c (main): fix duplicated error strings [krb5-admin/234] Tue Nov 19 16:48:50 1996 Barry Jaspan * ovsec_kadmd.c: don't syslog \n's Wed Nov 13 14:29:34 1996 Tom Yu * ovsec_kadmd.c (main): Note that krb5_defkeyname is an internal interface. * ovsec_kadmd.c (main): Revert kt_default_name changes. Tue Nov 12 22:07:05 1996 Tom Yu * ovsec_kadmd.c (main): Use krb5_kt_set_default_name() rather than mucking about with global variables. Fri Sep 27 16:37:47 1996 Barry Jaspan * ovsec_kadmd.c (main): krb5_klog_syslog doesn't understand %m Tue Sep 10 14:18:12 1996 Tom Yu * kadmind.M: remove ".so man1/header.doc", fix up .TH call Tue Sep 3 22:11:25 1996 Theodore Y. Ts'o * Makefile.in (install): Fix typo: ($PROG) -> $(PROG) Thu Aug 29 16:11:01 1996 Jeff Bigler * Makefile.in (install): added kadmind man page Mon Aug 12 11:48:19 1996 Barry Jaspan * ovsec_kadmd.c (main): strip path components of whoami Thu Aug 1 15:57:08 1996 Barry Jaspan * ovsec_kadmd.c (main): remove useless hex value from error message Wed Jul 31 15:22:10 1996 Tom Yu * ovsec_kadmd.c: Revert prior change due to netdb.h shuffle * ovsec_kadmd.c: remove #include (already gotten by kadm5/kadm_rpc.h) Wed Jul 24 18:34:33 1996 Tom Yu * ovsec_kadmd.c (main): Put the #ifdef SO_REUSEADDR at the beginning of the line to avoid cpp breakage. Wed Jul 24 14:28:04 1996 Ezra Peisach * Makefile.in (CFLAGS): Use $(LD) instead of $(CC) for linking. Mon Jul 22 04:16:15 1996 Marc Horowitz * ovsec_kadmd.c (main): open the socket with SO_REUSEADDR. The old server did this, and the tests require it on some platforms. Tue Jul 9 16:04:53 1996 Marc Horowitz * kadm_rpc_svc.c: renamed to * configure.in: cosmetic changes. * Makefile.in: complete rewrite.