Unnamed repository; edit this file 'description' to name the repository. https://git.gnuabordo.com.br/krb5-wallet.git/atom?h=master 2020-05-18T05:21:59+00:00 2020-05-18T05:21:59+00:00 Russ Allbery eagle@eyrie.org 2020-05-18T05:21:25+00:00 urn:sha1:acaa1794f08b0b8a42e9247f5186e00a888bd437 Until I have a better way of handling the interleaving of output, send the output from remctld to /dev/null for the Perl tests. 2020-05-18T00:05:30+00:00 Russ Allbery eagle@eyrie.org 2020-05-18T00:05:30+00:00 urn:sha1:c138111a3c27863308b6552a5527a9e821a3dc11 Update to rra-c-util 8.2: * Implement explicit_bzero with memset if it is not available. * Reformat all C source using clang-format 10. * Work around Test::Strict not skipping .git directories. * Fix warnings with perltidy 20190601 and Perl::Critic 1.134. * Fix warnings with Clang 10, GCC 10, and the Clang static analyzer. Update to C TAP Harness 4.7: * Fix warnings with GCC 10. * Reformat all C source using clang-format 10. * Fixed malloc error checking in bstrndup. 2018-06-04T00:52:20+00:00 Russ Allbery eagle@eyrie.org 2018-06-04T00:52:20+00:00 urn:sha1:e37de01137270d9322405a3bf87035d032228fac If AUTHOR_TESTING wasn't set, the test would plan twice. Fix this by restructuring it to delay printing a plan and convert the Kerberos ticket test to a skip_all plan. 2018-06-03T22:36:42+00:00 Russ Allbery eagle@eyrie.org 2018-06-03T22:36:21+00:00 urn:sha1:4a0b9e747c8abfca24f30b7ce1e9a725ce11474a Add SPDX-License-Identifier headers to all substantial source files. Collapse copyright years. Add some Emacs configuration for files where the copyright notice is at the end. Add a test that every file has SPDX-License-Identifier. 2018-05-28T05:05:31+00:00 Russ Allbery eagle@eyrie.org 2018-05-28T05:05:31+00:00 urn:sha1:769217510b97e23101a01d228e2b8510fd43a725 Mostly changing http eyrie.org URLs to https, but also remove my old email address in one place and switch some tests away from my old RRA_MAINTAINER_TESTS environment variable to use the Lancaster Consensus variables properly. This uncovered a bug in skipping one test unless Stanford Kerberos credentials existed. 2016-01-16T23:35:49+00:00 Russ Allbery eagle@eyrie.org 2016-01-16T23:34:22+00:00 urn:sha1:d2fde5b8330cab6bd6210ef99a628b1897676897 This requires changing the ACL verifier plumbing to pass object type and name all the way through when verifying ACLs. Hopefully I caught everything. 2016-01-04T03:29:20+00:00 Russ Allbery eagle@eyrie.org 2016-01-04T03:29:20+00:00 urn:sha1:23a6b180f975c24c8ee4190467c74b78fde0d084 A new ACL type, external (Wallet::ACL::External), is now supported. This ACL runs an external command to check if access is allowed, and passes the principal and the ACL identifier to that command. To enable this ACL type for an existing wallet database, use wallet-admin to register the new verifier. Change-Id: I21b72b4373eefc92985aca1505e2d1a1ec699602 2015-11-19T07:48:07+00:00 Jon Robertson jonrober@stanford.edu 2015-08-27T17:34:22+00:00 urn:sha1:6b0cad572edef05d119abc8fc843c8c5d33665b8 Added a version of the LDAP attribute ACL. Like the root version for NetDB, this requires that the principal end in /root, and then strips off /root before doing matching against the given LDAP attribute. Change-Id: I23119ef9c9ce3e0556f5d71a509815f2efc1bbe6 2015-11-19T07:47:57+00:00 Jon Robertson jonrober@stanford.edu 2015-08-25T21:29:16+00:00 urn:sha1:e353e236cf6828647820b2d83529cc4a4f08cef2 Change-Id: I842a7335a4b50c9c20b921ae2efc63aab571635e 2015-06-08T22:24:34+00:00 Jon Robertson jonrober@stanford.edu 2015-06-08T18:15:37+00:00 urn:sha1:86533bf43d071048d654691dc18a3004b6142081 This verifier will allow embedding one ACL in another for more flexible ACL handling. As part of thise we've also added the ability for each verifier to do a syntax check to see if a given name is valid for that verifier. For the moment this returns true for everything but Nested. Nested will check to make sure the given name is an existing group. Change-Id: Iacdf146d46ed882d57b7534058d34db6e6ec1de4