Add auditing for names that violate the naming policy

Add an audit command to wallet-report and one audit: objects name, which returns all objects that do not pass the local naming policy. The corresponding Wallet::Report method is audit(). Wallet::Config::verify_name may now be called with an undefined third argument (normally the user attempting to create an object). This calling convention is used when auditing, and the local policy function should select the correct policy to apply for useful audit results.
author: Russ Allbery <rra@stanford.edu> 2010-03-03 22:37:18 -0800
committer: Russ Allbery <rra@stanford.edu> 2010-03-03 22:37:18 -0800
commit: a131c767d1eee7b98170962f7f9d4063be69e576 (patch)
tree: a1c5a182764adc50faca2f804387c081ef22ee27 /NEWS
parent: 6c1f7d325239f305b9bf6a4503165cefae1ee3d8 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index e66d1b3..03fe99b 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,16 @@ wallet 0.11 (unreleased)
     integrity.  This also allows us to return a better error message
     naming an object that's still using that ACL.
 
+    Add an audit command to wallet-report and one audit: objects name,
+    which returns all objects that do not pass the local naming policy.
+    The corresponding Wallet::Report method is audit().
+
+    Wallet::Config::verify_name may now be called with an undefined third
+    argument (normally the user attempting to create an object).  This
+    calling convention is used when auditing, and the local policy
+    function should select the correct policy to apply for useful audit
+    results.
+
     Fix portability to older Kerberos libraries without
     krb5_free_error_message.
author	Russ Allbery <rra@stanford.edu>	2010-03-03 22:37:18 -0800
committer	Russ Allbery <rra@stanford.edu>	2010-03-03 22:37:18 -0800
commit	a131c767d1eee7b98170962f7f9d4063be69e576 (patch)
tree	a1c5a182764adc50faca2f804387c081ef22ee27 /NEWS
parent	6c1f7d325239f305b9bf6a4503165cefae1ee3d8 (diff)