Randomize the password on Heimdal principal creation

When creating new principals in a Heimdal KDC, generate a long, random password as the temporary password of the disabled principal before randomizing keys. This is necessary if password quality is being enforced on create calls. Since the principal is always inactive until the keys have been randomized, the password should not need to be secure (and indeed is not cryptographically random). Change-Id: If519a82475bb0d387a19d16ef1e024b0da64779a Reviewed-on: https://gerrit.stanford.edu/1374 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu>
author: Russ Allbery <eagle@eyrie.org> 2014-01-08 18:16:21 -0800
committer: Russ Allbery <rra@stanford.edu> 2014-01-08 22:06:44 -0800
commit: 401bfdd941e55651f38f46b76b297968691fcaf3 (patch)
tree: 62290bd97e133a1143fa88d0680a875dabe39877 /NEWS
parent: 25be126faaf63c1a09a6f6ce7c3809866eb99aec (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 165622a..c79b999 100644
--- a/NEWS
+++ b/NEWS
@@ -17,6 +17,13 @@ wallet 1.1 (unreleased)
     reference an ldap_map_principal hook, not ldap_map_attribute, matching
     the implementation.
 
+    When creating new principals in a Heimdal KDC, generate a long, random
+    password as the temporary password of the disabled principal before
+    randomizing keys.  This is necessary if password quality is being
+    enforced on create calls.  Since the principal is always inactive
+    until the keys have been randomized, the password should not need to
+    be secure (and indeed is not cryptographically random).
+
 wallet 1.0 (2013-03-27)
 
     Owners of wallet objects are now allowed to destroy them.  In previous
author	Russ Allbery <eagle@eyrie.org>	2014-01-08 18:16:21 -0800
committer	Russ Allbery <rra@stanford.edu>	2014-01-08 22:06:44 -0800
commit	401bfdd941e55651f38f46b76b297968691fcaf3 (patch)
tree	62290bd97e133a1143fa88d0680a875dabe39877 /NEWS
parent	25be126faaf63c1a09a6f6ce7c3809866eb99aec (diff)