krb5-wallet.git/client, branch upstream/1.2

Imported Upstream version 1.2

2014-12-09T04:57:57+00:00

Imported Upstream version 1.1

2014-07-16T20:43:17+00:00

Use xcalloc instead of xmalloc with calculated sizes

2014-07-16T06:15:34+00:00

Ensure we don't have integer overflow when allocating the array of struct iovec for store commands. Change-Id: I0777ca8ef050b9773dba0c03b5e8533d3b2d5486 Reviewed-on: https://gerrit.stanford.edu/1560 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Fix wallet-backend parsing of expires

2014-07-16T04:11:07+00:00

Fix wallet-backend parsing of the expires command to expect only one argument as the expiration. This was correctly documented in the wallet client man page, but not in wallet-backend, and it accepted two arguments (a date and time). However, Wallet::Server did not and would just ignore the time. Now wallet-backend correctly requires the date and time be passed as a single argument. Change-Id: I8e51a576ea8781502f4eb983462ceca867b002be Reviewed-on: https://gerrit.stanford.edu/1556 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Change my email address to eagle@eyrie.org

2014-04-13T23:37:25+00:00

Change-Id: I4c2b5d7c807d6c27dd18a3b92eef66d21287d21e Reviewed-on: https://gerrit.stanford.edu/1481 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Fix wallet-rekey on keytabs containing multiple principals

2014-01-07T05:13:33+00:00

Fix wallet-rekey on keytabs containing multiple principals. Previous versions assumed one could concatenate keytab files together to make a valid keytab file, which doesn't work with some Kerberos libraries. This caused new keys downloaded for principals after the first to be discarded. As a side effect of this fix, wallet-rekey always appends new keys directly to the existing keytab file, and never creates a backup copy of that file. Change-Id: I5f863239ce4ebba66b35ff09454f2897367bd359 Reviewed-on: https://gerrit.stanford.edu/1369 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Imported Upstream version 1.0

2013-03-27T22:19:46+00:00

Allow owners of objects to destroy them by default

2013-03-27T19:52:58+00:00

Owners of wallet objects are now allowed to destroy them. In previous versions, a special destroy ACL had to be set and the owner ACL wasn't used for destroy actions, but operational experience at Stanford has shown that letting owners destroy their own objects is a better model. Change-Id: I0e97d7a000e62cf5321add7b44140db6edc6769f Reviewed-on: https://gerrit.stanford.edu/973 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Add missing license statement to client/krb5.c

2013-02-28T00:54:18+00:00

Change-Id: I6c055a010c52b5c666db203a8c990c531cd1dfe4 Reviewed-on: https://gerrit.stanford.edu/851 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Add explicit license statements to all POD documentation

2013-02-28T00:54:08+00:00

For scripts, do this by moving the copyright and license statement from the top of the script into the POD documentation. Also try to uniformly put the SEE ALSO section last. Change-Id: Id31a5c0d5e6f6831a689deec41a13d35bb40465a Reviewed-on: https://gerrit.stanford.edu/850 Reviewed-by: Russ Allbery Tested-by: Russ Allbery