path: root/src/kadmin/server/ChangeLog

2005-04-13  Ken Raeburn  <raeburn@mit.edu>

	* schpw.c (NEED_SOCKETS): Don't define.

2004-10-28  Tom Yu  <tlyu@mit.edu>

	* misc.c (check_min_life): Actually return a value on success.

2004-10-27  Tom Yu  <tlyu@mit.edu>

	* misc.c, misc.h: New function check_min_life(), containing common
	code from wrapper functions.  New function chpass_util_wrapper(),
	which does min_life checking prior to calling
	kadm5_chpass_principal_util().

	* schpw.c (process_chpw_request): Call chpass_util_wrapper().

2004-09-21  Tom Yu  <tlyu@mit.edu>

	* ovsec_kadmd.c (kadm_svc_run): Don't use rpc_dtablesize().

2004-08-20  Alexandra Ellwood <lxs@mit.edu>

        * ovsec_kadmd.c (main), server_stubs.c (*): 
        renamed acl_* functions to kadm5int_acl_*

2004-06-26  Tom Yu  <tlyu@mit.edu>

	* ovsec_kadmd.c (log_badverf): Fix a missed rpc_u_int32.

2004-06-25  Tom Yu  <tlyu@mit.edu>

	* ovsec_kadmd.c (log_badverf): Use rpcproc_t instead of
	rpc_u_int32 in procnames.

2004-06-15  Tom Yu  <tlyu@mit.edu>

	* kadm_rpc_svc.c (check_rpcsec_auth, gss_to_krb5_name): New
	functions to check service name for RPCSEC_GSS.
	(kadm_1): Add service name check for RPCSEC_GSS.

	* ovsec_kadmd.c (main): Setup logging calllbacks for RPCSEC_GSS.
	Use GSS_C_N_NAME for acceptor name for RPCSEC_GSS.
	(log_badverf): Handle null client and server names.

	* server_stubs.c (rqst2name): New function to return appropriate
	gss_name_t for a given auth flavor (RPCSEC_GSS and AUTH_GSSAPI use
	different field names).

2004-05-27  Tom Yu  <tlyu@mit.edu>

	* kadm_rpc_svc.c (kadm_1): Allow RPCSEC_GSS; remove
	AUTH_GSSAPI_COMPAT.

	* misc.h (kadm_1): Conditionalize prototype on SVC_GETARGS rather
	than on an inclusion-protection macro.

	* ovsec_kadmd.c (main): Add preliminary support for RPCSEC_GSS.
	(do_schpw, kadm_svc_run): Update some names.

2004-03-20  Ken Raeburn  <raeburn@mit.edu>

	* ovsec_kadmd.c (main): Use any handy krb5 context to register
	the KDB keytab type, we don't need to pluck it out of the GSSAPI
	krb5 mechanism.
	(gctx): Variable deleted.

2004-02-24  Ken Raeburn  <raeburn@mit.edu>

	* Makefile.in (OBJS, $(PROG)): Link against apputils lib instead
	of using LIBOBJS.

2003-09-02  Alexandra Ellwood  <lxs@mit.edu>

	* ovsec_kadmd.c: Added Apple password server support.

2003-08-29  Ken Raeburn  <raeburn@mit.edu>

	* Makefile.in (OBJS): Use @LIBOBJS@.

2003-05-27  Tom Yu  <tlyu@mit.edu>

	* schpw.c (process_chpw_request): Log chpw requests.

2003-05-16  Ken Raeburn  <raeburn@mit.edu>

	* schpw.c (process_chpw_request): Return KRB5_KPASSWD_BAD_VERSION
	if the version number isn't 1.

2003-03-07  Tom Yu  <tlyu@mit.edu>

	* ovsec_kadmd.c (REQUIRED_PARAMS): Remove
	KADM5_CONFIG_ADMIN_KEYTAB.
	(do_schpw): Use kdb keytab.

2003-03-05  Tom Yu  <tlyu@mit.edu>

	* Makefile.in (LOCALINCLUDES): Add gssapi directories in order to
	get internal includes.

	* ovsec_kadmd.c (main): Go through contortions to set up a kdb
	keytab for gssapi, so we can avoid needing a file-based keytab.

2003-01-09  Ken Raeburn  <raeburn@mit.edu>

	* ovsec_kadmd.c (do_schpw): Use socklen_t when passing address to
	socket functions.

2003-01-07  Ken Raeburn  <raeburn@mit.edu>

	* Makefile.ov: Deleted.

2002-12-09  Sam Hartman  <hartmans@mit.edu>

	* misc.h: Fix prototypes for *_wrapper_3 to be consistent with
	sources. 

2002-12-09  Ezra Peisach  <epeisach@bu.edu>

	* misc.h: Rename prototypes from chpass_principal_wrapper and
	randkey_principal_wrapper to chpass_principal_wrapper_3 and
	randkey_principal_wrapper_3

2002-10-08  Tom Yu  <tlyu@mit.edu>

	* misc.c (chpass_principal_wrapper_3): Renamed from
	chpass_principal_wrapper; calls chpass_principal_3 now.
	(randkey_principal_wrapper_3): Renamed from
	randkey_principal_wrapper; calls randkey_principal_3 now.  Patch
	from Ben Cox.

	* server_stubs.c (chpass_principal_1_svc)
	(chpass_principal3_1_svc): Call chpass_principal_wrapper_3.
	(chrand_principal_1_svc, chrand_principal3_1_svc): Call
	randkey_principal_wrapper_3.  Patch from Ben Cox.

2002-08-29  Ken Raeburn  <raeburn@mit.edu>

	* Makefile.in: Revert $(S)=>/ change, for Windows support.

2002-08-23  Ken Raeburn  <raeburn@mit.edu>

	* Makefile.in: Change $(S)=>/ and $(U)=>.. globally.

2002-08-01  Tom Yu  <tlyu@mit.edu>

	* server_stubs.c: Check return value from unparse_name() in lots
	of places.  Patch from Mark Levinson; fixes [krb5-admin/1140].

2002-01-08  Sam Hartman  <hartmans@mit.edu>

	* ovsec_kadmd.c (main): Get random data from /dev/random
	(main): If we can't set gssapi names, hint that the keytab might be at fault

2001-10-26  Ezra Peisach  <epeisach@mit.edu>

	* schpw.c (process_chpw_request): Use GETSOCKNAME_ARG3_TYPE
	instead of int as argument to getsockname().

2001-06-29  Ezra Peisach  <epeisach@mit.edu>

	* misc.c, server_stubs.c: Nuke rcsid.

	* misc.h: Add prototypes for kadm_1 and process_chpw_request.

	* ovsec_kadmd.c: Include misc.h and remove prototype for
	process_chpw_request and kadm_1. 

	* kadm_rpc_svc.c, schpw.c: Include misc.h for prototypes.

2001-06-26  Ezra Peisach  <epeisach@mit.edu>

	* server_glue_v1.c: Include misc.h for prototypes.

	* ovsec_kadmd.c: Declare usage() and display_status() static.
	Flush out static prototype for display_status_1().

2001-06-21  Ezra Peisach  <epeisach@mit.edu>

	* ovsec_kadmd.c: Change prototype for process_chpw_request
 	prototype argument from sin to sockin. Get rid of global params
 	variable.

	* schpw.c: Change function declaration as well.
	
2001-06-21  Ezra Peisach  <epeisach@mit.edu>

	* ovsec_kadmd.c: Add prototype for daemon if needed.

2001-06-08  Ezra Peisach  <epeisach@mit.edu>

	* ovsec_kadmd.c (main): Make format string to sprintf specify that
	long arguments are present.

	* kadm_rpc_svc.c: Include arpa/inet.h (if present) for inet_ntoa
	prototype. Include adm_proto.h for krb5_klog_syslog() prototype.

2001-06-04  Ezra Peisach  <epeisach@mit.edu>

	* misc.c, schpw.c: Cleanup assignments in conditionals.

2001-02-18  Ezra Peisach  <epeisach@mit.edu>

	* kadm_rpc_svc.c, server_stubs.c: Rename all server side dispatch
        routines to end in _svc so as to not conflict with prototypes of
        client side handlers.

2000-10-17  Ezra Peisach  <epeisach@mit.edu>

	* ovsec_kadmd.c (do_schpw): Cast arguments to sendto() which take int.

2000-06-30  Tom Yu  <tlyu@mit.edu>

	* server_stubs.c: Kludge to rename xdr_free() properly.

2000-06-29  Tom Yu  <tlyu@mit.edu>

	* schpw.c (process_chpw_request): Add new argument to call to
	chpass_principal_util()

2000-05-31  Wilfredo Sanchez  <tritan@mit.edu>

	* kadm_rpc_svc.c: Check for existance of <memory.h>.
	[from Nathan Neulinger <nneul@umr.edu>]

2000-03-16  Ken Raeburn  <raeburn@mit.edu>
	    Matt Crawford  <crawdad@fnal.gov>

	* server_stubs.c: All callers of acl_check updated to add new
	restriction argument.  Impose any provided restrictions on add- or
	modify-principal operations; pass NULL pointer for all other
	operations including rename-principal.

2000-02-27  Tom Yu  <tlyu@mit.edu>

	* server_stubs.c (create_principal3_1): Remove keepold argument.

2000-02-18  Tom Yu  <tlyu@mit.edu>

	* kadm_rpc_svc.c (kadm_1): Update to include new api functions.

	* ovsec_kadmd.c (log_badverf): Update proc_names.

2000-02-17  Tom Yu  <tlyu@mit.edu>

	* server_stubs.c: Add create_principal3_1, chpass_principal3_1,
	setkey_principal3_1, and chrand_principal3_1 to do the obvious
	things.

1999-10-26  Wilfredo Sanchez  <tritan@mit.edu>

	* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
	LOCAL_INCLUDES such that one can override CFLAGS from the command
	line without losing CPP search patchs and defines. Some associated
	Makefile cleanup.

Tue May 11 23:59:55 1999  Theodore Y. Ts'o  <tytso@mit.edu>

	* ovsec_kadmd.c (main): Fix how we specify the OID.

Fri May  7 17:15:17 1999  Theodore Y. Ts'o  <tytso@mit.edu>

	* ovsec_kadmd.c: Remove dependency on gssapi_krb5.h by using
 		gss_str_to_oid() to get the necessary oid for the
 		krb5_name name type.  Also added #include files to get
 		prototypes and fixed some gcc -Wall nits.  Fixed calls to
 		krb5_klog_close() to pass the krb5_context as an argument.

Mon Mar  1 21:24:49 1999  Tom Yu  <tlyu@mit.edu>

	* ovsec_kadmd.c (log_badverf): Actually make a real lookup table
	for procedure numbers.  Also, if we don't find the procedure
	number, just log the number rather than falling off the end of an
	array.

1998-11-13  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* Makefile.in: Set the myfulldir and mydir variables (which are
		relative to buildtop and thisconfigdir, respectively.)

1998-10-27  Marc Horowitz  <marc@mit.edu>

	* ovsec_kadmd.c: add calls to a new function
	_svcauth_gssapi_unset_names() to clean up memory when shutting
	down.  Use krb5_overridekeyname instead of krb5_defkeyname, so the
	command line takes precedence over the environment.

Wed Jul 22 00:28:57 1998  Geoffrey King  <gjking@mit.edu>

	* ovsec_kadmd.c (main): Cast gss_nt_krb5_name to
	        gss_OID to avoid compiler warnings.

Tue Jul 21 16:36:51 1998  Geoffrey King  <gjking@mit.edu>

	* ovsec_kadmd.c: Call krb5_klog_reopen in kadm_svc_run
		upon receiving a SIGHUP.  Use sigaction instead of
		signal if POSIX_SIGNALS is defined.  All of the calls
		to signal and sigaction are now in a separate function
		setup_signal_handlers, as the kdc code does.  Also,
		since reset_db no longer does anything, change the name
		of signal_request_reset to the more descriptive
		signal_request_hup, and request_reset_db to 
		request_hup (paralleling the nomenclature in the kdc
		code).

Mon Jul 20 11:28:39 1998  Ezra Peisach  <epeisach@mit.edu>

	* schpw.c (process_chpw_request): Cast to krb5_octet * instead of
	 	char * for krb5_address.contents type.

Fri Feb 27 23:32:38 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* Makefile.in: Changed thisconfigdir to point at the kadmin
 		directory, since we've moved all of the configure.in
		tests to the toplevel kadmin configure.in

Wed Feb 25 14:00:32 1998  Ezra Peisach  <epeisach@mit.edu>

	* schpw.c (process_chpw_request): Free memory of allocated for
	        local address.

	* ovsec_kadmd.c (do_schpw): Call krb5_kt_close to free memory
	 	allocated.

Wed Feb 18 15:58:30 1998  Tom Yu  <tlyu@mit.edu>

	* Makefile.in: Remove trailing slash from thisconfigdir.  Fix up
	BUILDTOP for new conventions.

Sat Feb 14 22:01:30 1998  Tom Yu  <tlyu@mit.edu>

	* ovsec_kadmd.c (kadm_svc_run): Fix naming of _rpc_dtablesize()
	that was missed earlier.

Fri Feb 13 21:37:28 1998  Tom Yu  <tlyu@mit.edu>

	* kadm_rpc_svc.c: Punt naughty RCS keywords.  Update header
	locations.

	* ovsec_kadmd.c: Update header locations.  Punt naughty RCS
	keywords.

Mon Feb  2 17:02:29 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile

Wed Jan 21 00:00:34 1998  Tom Yu  <tlyu@mit.edu>

	* schpw.c: New file.  Support for Cygnus chpw.

	* ovsec_kadmd.c: Add support for Cygnus chpw.

	* Makefile.in (OBJS): Add schpw.o.

Tue Oct 14 21:06:16 1997  Ezra Peisach  <epeisach@mit.edu>

	* server_stubs.c (CHANGEPW_SERVICE): Modify to free allocated
 	        memory in request.
		(setup_gss_names): Free memory in case of failure.
		(chrand_principal_1): Call free_server_handle for failure
		   cleanup.
	
	* ovsec_kadmd.c (main): Cleanup memory by calling acl_finish,
	 	gss_release_name, and krb5_free_context

Tue Jul  1 02:36:55 1997  Tom Yu  <tlyu@mit.edu>

	* kadm_rpc_svc.c, server_stubs.c: Add support for setv4key.

Mon Mar 31 17:42:03 1997  Barry Jaspan  <bjaspan@mit.edu>

	* kadm_rpc_svc.c, server_stubs.c: add support for setkey_principal

Tue Feb  4 20:59:31 1997  Tom Yu  <tlyu@mit.edu>

	* Makefile.in:
	* configure.in: Update to new program build procedure.

Wed Dec  4 15:29:30 1996  Barry Jaspan  <bjaspan@mit.edu>

	* ovsec_kadmd.c (main): fix duplicated error strings
 	[krb5-admin/234]

Tue Nov 19 16:48:50 1996  Barry Jaspan  <bjaspan@mit.edu>

	* ovsec_kadmd.c: don't syslog \n's

Wed Nov 13 14:29:34 1996  Tom Yu  <tlyu@mit.edu>

	* ovsec_kadmd.c (main): Note that krb5_defkeyname is an internal
	interface.

	* ovsec_kadmd.c (main): Revert kt_default_name changes.

Tue Nov 12 22:07:05 1996  Tom Yu  <tlyu@mit.edu>

	* ovsec_kadmd.c (main): Use krb5_kt_set_default_name() rather than
	mucking about with global variables.

Fri Sep 27 16:37:47 1996  Barry Jaspan  <bjaspan@mit.edu>

	* ovsec_kadmd.c (main): krb5_klog_syslog doesn't understand %m

Tue Sep 10 14:18:12 1996  Tom Yu  <tlyu@mit.edu>

	* kadmind.M: remove ".so man1/header.doc", fix up .TH call

Tue Sep  3 22:11:25 1996  Theodore Y. Ts'o  <tytso@mit.edu>

	* Makefile.in (install): Fix typo: ($PROG) -> $(PROG)

Thu Aug 29 16:11:01 1996  Jeff Bigler  <jcb@viola.cygnus.com>

	* Makefile.in (install): added kadmind man page

Mon Aug 12 11:48:19 1996  Barry Jaspan  <bjaspan@mit.edu>

	* ovsec_kadmd.c (main): strip path components of whoami

Thu Aug  1 15:57:08 1996  Barry Jaspan  <bjaspan@DUN-DUN-NOODLES>

	* ovsec_kadmd.c (main): remove useless hex value from error message

Wed Jul 31 15:22:10 1996  Tom Yu  <tlyu@mit.edu>

	* ovsec_kadmd.c: Revert prior change due to netdb.h shuffle

	* ovsec_kadmd.c: remove #include <netdb.h> (already gotten by
		kadm5/kadm_rpc.h)

Wed Jul 24 18:34:33 1996  Tom Yu  <tlyu@voltage-multiplier.mit.edu>

	* ovsec_kadmd.c (main): Put the #ifdef SO_REUSEADDR at the
		beginning of the line to avoid cpp breakage.

Wed Jul 24 14:28:04 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* Makefile.in (CFLAGS): Use $(LD) instead of $(CC) for linking.

Mon Jul 22 04:16:15 1996  Marc Horowitz  <marc@mit.edu>

	* ovsec_kadmd.c (main): open the socket with SO_REUSEADDR.  The
 	old server did this, and the tests require it on some platforms.

Tue Jul  9 16:04:53 1996  Marc Horowitz  <marc@mit.edu>

	* kadm_rpc_svc.c: renamed <ovsec_admin/foo.h> to <kadm5/foo.h>
	* configure.in: cosmetic changes.
	* Makefile.in: complete rewrite.