krb5-wallet.git/client, branch debian/0.7-1Unnamed repository; edit this file 'description' to name the repository.
https://git.gnuabordo.com.br/krb5-wallet.git/atom?h=debian%2F0.7-12008-02-07T23:33:23+00:00Add new exists and autocreate wallet server interfaces. The first2008-02-07T23:33:23+00:00Russ Allberyrra@stanford.edu2008-02-07T23:33:23+00:00urn:sha1:f0bde61f5ecfc6a58a2c0ec0ccadbdd1332b64f8
states whether a given object exists and the second attempts to create
the object using the default owner rules. Remove default owner
handling from the create interface, which is now for administrators
only. Remove server-side auto-creation of objects on get or store and
instead have the client check for object existence and call autocreate
if necessary. This removes confusion between default ACLs and
administrative object creation for users who are also on the ADMIN
ACL.
Add a new autocreate API call that tries to create an object using the2008-02-07T06:37:11+00:00Russ Allberyrra@stanford.edu2008-02-07T06:37:11+00:00urn:sha1:45823559a1e64d6c8151a984fcd9c79bbdb57171
default ACLs. Remove autocreation support from create, which now
requires that one be on the ADMIN ACL, and from get and store. The
wallet client will soon know how to do the right thing.
Add a check command to the wallet server to determine whether an object2008-02-07T01:44:28+00:00Russ Allberyrra@stanford.edu2008-02-07T01:44:28+00:00urn:sha1:428c88bb0a08ba2eb06c7f5181f7cbee2f7ee398
already exists.
When creating a srvtab based on a just-downloaded keytab, extract the2008-02-07T00:46:54+00:00Russ Allberyrra@stanford.edu2008-02-07T00:46:54+00:00urn:sha1:e733132938bc4fc74584b9a7c0f5441eb640e617
srvtab key before merging the keytab into an existing file.
Otherwise, if the new keys had a lower kvno than the old keys
(possible after deleting and recreating the object), the wrong key
would be extracted for the srvtab.
Add UNUSED markers for older versions of Kerberos.2008-02-07T00:09:11+00:00Russ Allberyrra@stanford.edu2008-02-07T00:09:11+00:00urn:sha1:f9e41d036aebc03adc2a03a956f219fc827e2cddThe wallet client now supports a -u option, saying to obtain Kerberos2008-01-19T01:20:38+00:00Russ Allberyrra@stanford.edu2008-01-19T01:20:38+00:00urn:sha1:cf71c7dac06561b14c8be3383fdb2ca4f3a318d9
credentials for the given user and use those for authentication rather
than using an existing ticket cache.
If -f is used and the output file name with ".new" appended already2008-01-19T01:14:16+00:00Russ Allberyrra@stanford.edu2008-01-19T01:14:16+00:00urn:sha1:1658725f8812ed0bafffd71a1b566706e91c5e85
exists, unlink it first and then create it safely rather than
truncating it. This is much safer when creating files in a
world-writable directory.
Also add documentation for keytab merging.
When downloading a keytab to a file that already exists, merge the new2008-01-19T00:37:31+00:00Russ Allberyrra@stanford.edu2008-01-19T00:37:31+00:00urn:sha1:aa57ab48cc9df24ab756b5651959b36a2d81cad3
keytab keys into that file rather than moving aside the old keytab and
creating a new keytab with only the new keys.
Also fix get handling in the client for all types other than keytabs.
This isn't visible yet since the server doesn't yet support other types
of objects.
When getting a keytab with the client with no -f option, correctly2008-01-17T00:21:00+00:00Russ Allberyrra@stanford.edu2008-01-17T00:21:00+00:00urn:sha1:8dd5883b8497e4dcc7cf4f0577e45040c5f43430
write the keytab to standard output rather than dying with a cryptic
error.
Initialize the temporary variable when getting numbers from appdefaults.2008-01-17T00:00:00+00:00Russ Allberyrra@stanford.edu2008-01-17T00:00:00+00:00urn:sha1:2bc1f6cb234cc88f4f5ca82ed46ff06eb49bfa19