Unnamed repository; edit this file 'description' to name the repository. https://git.gnuabordo.com.br/krb5-wallet.git/atom?h=release%2F1.4 2018-06-03T22:36:42+00:00 2018-06-03T22:36:42+00:00 Russ Allbery eagle@eyrie.org 2018-06-03T22:36:21+00:00 urn:sha1:4a0b9e747c8abfca24f30b7ce1e9a725ce11474a Add SPDX-License-Identifier headers to all substantial source files. Collapse copyright years. Add some Emacs configuration for files where the copyright notice is at the end. Add a test that every file has SPDX-License-Identifier. 2018-05-28T22:06:46+00:00 Russ Allbery eagle@eyrie.org 2018-05-28T22:06:46+00:00 urn:sha1:f3f09aab44117d8eb97811421b2685c295d3d585 When getting configuration values from krb5.conf, pass the default local realm into the Kerberos appdefault functions. This will produce more correct results with krb5.conf files that specify wallet configuration for multiple realms. 2018-05-28T05:05:31+00:00 Russ Allbery eagle@eyrie.org 2018-05-28T05:05:31+00:00 urn:sha1:769217510b97e23101a01d228e2b8510fd43a725 Mostly changing http eyrie.org URLs to https, but also remove my old email address in one place and switch some tests away from my old RRA_MAINTAINER_TESTS environment variable to use the Lancaster Consensus variables properly. This uncovered a bug in skipping one test unless Stanford Kerberos credentials existed. 2018-05-28T03:59:59+00:00 Russ Allbery eagle@eyrie.org 2018-05-28T03:59:59+00:00 urn:sha1:bdcb3741db27d6b773ce7cdf05aab063a70ea100 Update to rra-c-util 7.2: * Improve configure output for krb5-config testing. * Define UINT32_MAX for systems that don't have it. * Add SPDX-License-Identifier headers to all substantial source files. * Fix new warnings from GCC 7 and Clang warnings. * Require Test::Strict 0.25 or later to run those tests. * Fix off-by-one error in return-value checks for snprintf. * Use Autoconf to probe for supported warning flags. * Fix running module-version-t -u with current versions of Perl. * Use C_TAP_SOURCE and C_TAP_BUILD instead of SOURCE and BUILD. Update to C TAP Harness 4.3: * Add support for valgrind and libtool in test lists. * Report test failures as left and right, not wanted and expected. * Fix string comparisons with NULL pointers and the string "(null)". * Add SPDX-License-Identifier headers to all substantial source files. * Avoid zero-length realloc allocations in breallocarray. * Fix new warnings from GCC 7 and Clang warnings. * Use C_TAP_SOURCE and C_TAP_BUILD instead of SOURCE and BUILD. 2015-06-08T22:24:34+00:00 Jon Robertson jonrober@stanford.edu 2015-02-18T23:17:51+00:00 urn:sha1:000b338694fae87996220336678fe990a1c3e3e1 update will work generally like get, but only for objects that have a concept of updating content automatically, like keytabs and passwords. For these, the content will be updated before sending to the client. In a later release get for keytabs will be modified to never update the kvno before sending to the user, and so the unchanging flag will be phased out in lieu of explicitly using the method that does what you want. Change-Id: I96a84416c5e50278eb29fe07052dde6e063bc071 2015-06-08T22:24:34+00:00 Jon Robertson jonrober@stanford.edu 2015-02-07T07:43:50+00:00 urn:sha1:0e16def8a9e12f9b2232b29da79cdacb6710b086 New command for replacing the ownership of anything owned by a specific ACL with another ACL. This differs from acl rename in that it's to be used when the destination ACL already exists and potentially already owns some objects. Change-Id: I765bebf499fe0f861abc2ffe1873990590beed36 2014-07-16T06:15:34+00:00 Russ Allbery eagle@eyrie.org 2014-07-16T06:14:51+00:00 urn:sha1:89c22ebc4129f4abaf8dbb416b87ba423c1abe58 Ensure we don't have integer overflow when allocating the array of struct iovec for store commands. Change-Id: I0777ca8ef050b9773dba0c03b5e8533d3b2d5486 Reviewed-on: https://gerrit.stanford.edu/1560 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu> 2014-07-16T04:11:07+00:00 Russ Allbery eagle@eyrie.org 2014-07-16T03:48:35+00:00 urn:sha1:4ad7d55ed55b83d7b0df6a408e3c6931725c4a99 Fix wallet-backend parsing of the expires command to expect only one argument as the expiration. This was correctly documented in the wallet client man page, but not in wallet-backend, and it accepted two arguments (a date and time). However, Wallet::Server did not and would just ignore the time. Now wallet-backend correctly requires the date and time be passed as a single argument. Change-Id: I8e51a576ea8781502f4eb983462ceca867b002be Reviewed-on: https://gerrit.stanford.edu/1556 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu> 2014-04-13T23:37:25+00:00 Russ Allbery eagle@eyrie.org 2014-04-13T23:36:36+00:00 urn:sha1:76ccf098c6e9c8849c8ca459a54d7383baf39ddb Change-Id: I4c2b5d7c807d6c27dd18a3b92eef66d21287d21e Reviewed-on: https://gerrit.stanford.edu/1481 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu> 2014-01-07T05:13:33+00:00 Russ Allbery eagle@eyrie.org 2014-01-07T05:09:00+00:00 urn:sha1:782e71d568957e05233f63fa8dca7cc53ba1afa1 Fix wallet-rekey on keytabs containing multiple principals. Previous versions assumed one could concatenate keytab files together to make a valid keytab file, which doesn't work with some Kerberos libraries. This caused new keys downloaded for principals after the first to be discarded. As a side effect of this fix, wallet-rekey always appends new keys directly to the existing keytab file, and never creates a backup copy of that file. Change-Id: I5f863239ce4ebba66b35ff09454f2897367bd359 Reviewed-on: https://gerrit.stanford.edu/1369 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu>