krb5-wallet.git/docs, branch upstream/latest

Add SPDX-License-Identifier headers

2018-06-03T22:36:42+00:00

Add SPDX-License-Identifier headers to all substantial source files. Collapse copyright years. Add some Emacs configuration for files where the copyright notice is at the end. Add a test that every file has SPDX-License-Identifier.

Adjust wording for the kerberos mailing list

2018-06-03T20:48:20+00:00

May as well not publicize the full email address for spammers to scrape.

Rewrite documentation using DocKnot

2018-06-03T20:43:24+00:00

Numerous fixes to the README file by converging on standard templates. Add a README.md for GitHub. Break thanks out into a separate THANKS file following the convention used by remctl.

Add obsolete-strings test and fix problems it finds

2018-05-28T05:05:31+00:00

Mostly changing http eyrie.org URLs to https, but also remove my old email address in one place and switch some tests away from my old RRA_MAINTAINER_TESTS environment variable to use the Lancaster Consensus variables properly. This uncovered a bug in skipping one test unless Stanford Kerberos credentials existed.

Pass object type and name to external ACL verifiers

2016-01-16T23:35:49+00:00

This requires changing the ACL verifier plumbing to pass object type and name all the way through when verifying ACLs. Hopefully I caught everything.

Add Wallet::ACL::External ACL type

2016-01-04T03:29:20+00:00

A new ACL type, external (Wallet::ACL::External), is now supported. This ACL runs an external command to check if access is allowed, and passes the principal and the ACL identifier to that command. To enable this ACL type for an existing wallet database, use wallet-admin to register the new verifier. Change-Id: I21b72b4373eefc92985aca1505e2d1a1ec699602

Document the new ACL schemes in docs/design-acl

2016-01-03T22:58:20+00:00

Change-Id: Idd2e1038fc02dd51aab9a9ffdd5b3400db2b106f

Updated documentation for duo and password objects

2015-06-08T22:24:34+00:00

The documentation now includes information about the Duo file types, and the new password types. This is both the general information, and the Stanford-specific naming docs. Change-Id: Iae256224a063ce42f22cd933ef7bb3ab402e0e2d

Add new object type for Duo integrations

2014-07-12T02:02:12+00:00

A new object type, duo (Wallet::Object::Duo), is now supported. This creates an integration with the Duo Security cloud multifactor authentication service and allows retrieval of the integration key, secret key, and admin hostname. Currently, only UNIX integration types are supported. The Net::Duo Perl module is required to use this object type. New configuration settings are required as well; see Wallet::Config for more information. To enable this object type for an existing wallet database, use wallet-admin to register the new object. Change-Id: I2c0dac75e81f526b34d6b509c4bdaecb43dd4a9d Reviewed-on: https://gerrit.stanford.edu/1516 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Clarify use of the tivoli-key file type in Stanford policy

2013-09-15T01:45:37+00:00

tivoli-key used to always contain the entirety of the TSM.PWD file, but it's more useful to store only the encryption key in password form. Change-Id: Id770691fb756b7675ec0fe2eee1308a8974c9c3f Reviewed-on: https://gerrit.stanford.edu/1309 Reviewed-by: Russ Allbery Tested-by: Russ Allbery