Unnamed repository; edit this file 'description' to name the repository. https://git.gnuabordo.com.br/krb5-wallet.git/atom?h=ubuntu 2016-01-17T20:25:15+00:00 2016-01-17T20:25:15+00:00 Russ Allbery eagle@eyrie.org 2016-01-17T20:25:15+00:00 urn:sha1:4feab8a987a345e38c44077d1042bf05ec03f0eb The versions of all of the wallet Perl modules now match the overall package version except for Wallet::Schema, which is used to version the database schema. Import the test from rra-c-util 5.10 and exclude Wallet::Schema from the tests. Go through all Perl modules and standardize the syntax for setting the version and indicating the required version of Perl. Fix a few other syntax issues while I'm in there. 2016-01-16T23:35:49+00:00 Russ Allbery eagle@eyrie.org 2016-01-16T23:34:22+00:00 urn:sha1:d2fde5b8330cab6bd6210ef99a628b1897676897 This requires changing the ACL verifier plumbing to pass object type and name all the way through when verifying ACLs. Hopefully I caught everything. 2016-01-04T05:26:28+00:00 Russ Allbery eagle@eyrie.org 2016-01-04T05:26:28+00:00 urn:sha1:61ef051f79682742a30d1501b81cd86ed172fa3c Failed kadmin commands were deleting the wallet database in the test suite due to an END block in the test programs. Use _exit to avoid this. 2016-01-04T03:56:48+00:00 Russ Allbery eagle@eyrie.org 2016-01-04T03:56:48+00:00 urn:sha1:3881994c18929f5377a15b5921bc33c86492f606 Change-Id: I3a8b13a8b255522cff92910f8d99ec94dc020e6f 2016-01-04T03:29:20+00:00 Russ Allbery eagle@eyrie.org 2016-01-04T03:29:20+00:00 urn:sha1:23a6b180f975c24c8ee4190467c74b78fde0d084 A new ACL type, external (Wallet::ACL::External), is now supported. This ACL runs an external command to check if access is allowed, and passes the principal and the ACL identifier to that command. To enable this ACL type for an existing wallet database, use wallet-admin to register the new verifier. Change-Id: I21b72b4373eefc92985aca1505e2d1a1ec699602 2015-12-15T06:39:43+00:00 Russ Allbery eagle@eyrie.org 2015-12-15T06:39:43+00:00 urn:sha1:4a777845b06b62a6deb1df5e69cc9b21226c3c2f 2015-11-19T07:48:07+00:00 Jon Robertson jonrober@stanford.edu 2015-08-27T17:34:22+00:00 urn:sha1:6b0cad572edef05d119abc8fc843c8c5d33665b8 Added a version of the LDAP attribute ACL. Like the root version for NetDB, this requires that the principal end in /root, and then strips off /root before doing matching against the given LDAP attribute. Change-Id: I23119ef9c9ce3e0556f5d71a509815f2efc1bbe6 2015-11-19T07:47:16+00:00 Jon Robertson jonrober@stanford.edu 2015-06-09T04:59:25+00:00 urn:sha1:0b4201c8a65102227685f5cbe4f81407dce7e0b5 Removed some default text and explained why we grab the database handle for future use. Change-Id: I50b3ae06c1761453de3140d501830c245d550c04 2015-06-08T22:24:34+00:00 Jon Robertson jonrober@stanford.edu 2015-06-08T18:15:37+00:00 urn:sha1:86533bf43d071048d654691dc18a3004b6142081 This verifier will allow embedding one ACL in another for more flexible ACL handling. As part of thise we've also added the ability for each verifier to do a syntax check to see if a given name is valid for that verifier. For the moment this returns true for everything but Nested. Nested will check to make sure the given name is an existing group. Change-Id: Iacdf146d46ed882d57b7534058d34db6e6ec1de4 2014-07-12T05:39:23+00:00 Russ Allbery eagle@eyrie.org 2014-07-12T05:36:11+00:00 urn:sha1:1329e6db944a6fce5578b249de08a8250a920877 Fix strictness issues across the whole code base, and ensure that all Perl scripts enable warnings. (Hopefully enabling warnings won't cause problems for the server.) Change-Id: I4dee49f7a6bcbeeee21d74bf61a1fd26514f832c Reviewed-on: https://gerrit.stanford.edu/1532 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu>