krb5-wallet.git - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2008-02-12	Correctly handle get of an empty object in the wallet client. The	Russ Allbery
	empty string is valid object content. Add a full end-to-end test suite to catch protocol mismatches between the client and server, such as the one fixed in this release.
2008-02-09	Add file object support to the wallet server.	Russ Allbery

2008-02-08	Wallet::Config and hence the wallet server now checks for the	Russ Allbery
	environment variable WALLET_CONFIG and loads configuration from the file specified there instead of /etc/wallet/wallet.conf if it is set.
2008-02-08	Fix the wallet client to use check instead of exists.	Russ Allbery

2008-02-08	Release 0.7.	Russ Allbery

2008-02-07	Include news message for previous commit.	Russ Allbery

2008-02-07	Correctly enable syslog logging in wallet-backend.	Russ Allbery

2008-02-07	The current version of Net::Remctl can't handle explicit undef or the	Russ Allbery
	empty string as a principal argument. Be careful not to provide a principal argument if no principal was set. This workaround can be removed once we depend on a later version of Net::Remctl.
2008-02-07	When creating a srvtab based on a just-downloaded keytab, extract the	Russ Allbery
	srvtab key before merging the keytab into an existing file. Otherwise, if the new keys had a lower kvno than the old keys (possible after deleting and recreating the object), the wrong key would be extracted for the srvtab.
2008-02-06	Check naming policy on wallet object creation before checking the	Russ Allbery
	default ACLs to avoid creating and stranding an ACL when the naming policy check fails.
2008-02-05	Fix the example remctl configuration for keytab-backend to use the	Russ Allbery
	correct script name.
2008-02-01	keytab-backend now passes kadmin.local ktadd its options in a specific	Russ Allbery
	order to satisfy the picky option parser.
2008-01-28	Release 0.6.release/0.6	Russ Allbery

2008-01-28	Minor NEWS updates for wallet-report and the new configure option.	Russ Allbery

2008-01-24	Add a wallet-admin program which can initialize and destroy the	Russ Allbery
	database and list all objects and ACLs in the database.
2008-01-19	The wallet client now supports a -u option, saying to obtain Kerberos	Russ Allbery
	credentials for the given user and use those for authentication rather than using an existing ticket cache.
2008-01-19	Note that the file writing change is a security issue.	Russ Allbery

2008-01-19	If -f is used and the output file name with ".new" appended already	Russ Allbery
	exists, unlink it first and then create it safely rather than truncating it. This is much safer when creating files in a world-writable directory. Also add documentation for keytab merging.
2008-01-19	When downloading a keytab to a file that already exists, merge the new	Russ Allbery
	keytab keys into that file rather than moving aside the old keytab and creating a new keytab with only the new keys. Also fix get handling in the client for all types other than keytabs. This isn't visible yet since the server doesn't yet support other types of objects.
2008-01-17	Support enforcing a naming policy for wallet objects via a Perl	Russ Allbery
	function in the wallet server configuration file.
2008-01-17	When getting a keytab with the client with no -f option, correctly	Russ Allbery
	write the keytab to standard output rather than dying with a cryptic error.
2008-01-05	The wallet client can now get the server, port, principal, and remctl	Russ Allbery
	type from krb5.conf as well as from compile-time defaults and command-line options.
2008-01-04	The build system now probes for GSS-API, Kerberos v5 and v4, and AFS	Russ Allbery
	libraries as necessary rather than hard-coding libraries. Building on systems without strong shared library dependencies and building against static libraries should now work. Building kasetkey (for AFS kaserver synchronization) is now optional and not enabled by default. Pass --with-afs to enable it. This allows wallet to be easily built in an environment without AFS.
2007-12-07	Release 0.5.	Russ Allbery

2007-12-07	Check a default creation ACL first before the ADMIN ACL when deciding	Russ Allbery
	whether we can auto-create a non-existent ACL, since creating one with the ADMIN ACL doesn't create a useful object. Allow @ in wallet-backend arguments so that principal names can be passed in.
2007-12-07	Correctly implement the documented intention that setting an attribute	Russ Allbery
	to the empty string clears the attribute values.
2007-12-07	Allow the empty string in wallet-backend arguments.	Russ Allbery
	When writing to a file in the wallet client program, remove an old backup file before creating a new backup and don't fail if the backup already exists.
2007-12-07	Load the Perl modules for ACL verifiers and object types dynamically	Russ Allbery
	now that we're reading the class from the database.
2007-12-06	Fix the keytab principal validation regex to allow instances	Russ Allbery
	containing periods. Otherwise, it's hard to manage host keytabs. Add a missing test suite for that method.
2007-12-06	Release 0.4.	Russ Allbery

2007-12-05	Various coding style fixes and cleanup based on a much-appreciated	Russ Allbery
	code audit by Simon Cozens. I didn't take all of his advise, and he shouldn't be blamed for any remaining issues.
2007-12-05	Maintain a global cache of ACL verifiers in Wallet::ACL and reuse them	Russ Allbery
	over the life of the process if we see another ACL line from the same scheme, rather than only reusing ACL verifiers within a single ACL.
2007-12-05	Determine the class for object and ACL schema implementations from the	Russ Allbery
	database rather than a hard-coded list and provide Wallet::Schema methods for adding new class mappings. Add a missing class mapping for the netdb ACL schema verifier.
2007-12-04	Add a subclass of the NetDB ACL verifier that requires the principal	Russ Allbery
	have an instance of "root" and strips that instance before checking NetDB roles.
2007-12-04	Update the release date for 0.3.	Russ Allbery

2007-12-01	Release 0.3.	Russ Allbery

2007-12-01	Add news entry for MySQL support.	Russ Allbery

2007-12-01	Expiration dates are now expressed in YYYY-MM-DD HH:MM:SS instead of	Russ Allbery
	seconds since epoch and returned the same way. Timestamps are now stored in the database as correct date and time types rather than seconds since epoch to work properly with MySQL.
2007-12-01	The wallet backend test suite now supports using a database other than	Russ Allbery
	SQLite for testing. Also start a new Util.pm module for the test suite and move the contents sub into that module. More to follow.
2007-11-20	Attempt to create the object with a default owner on get and store	Russ Allbery
	when the object doesn't exist.
2007-11-20	Add support for running a user-defined function whenever an object is	Russ Allbery
	created by a non-ADMIN user and using the default owner ACL returned by that function provided that the calling user is authorized by that ACL. This permits dynamic creation of new objects based on a default owner ACL programmatically determined from the name of the object.
2007-11-15	Add an ACL verifier that checks access against NetDB roles using the	Russ Allbery
	NetDB remctl interface.
2007-11-14	The wallet backend script now logs all commands and errors to syslog.	Russ Allbery

2007-10-11	Add an acl history function to the server backend and the client	Russ Allbery
	documentation and test it. Update NEWS and TODO for the completion of the history code.
2007-10-09	Add NEWS entry for enctypes. Clarify in the documentation the behavior	Russ Allbery
	of the enctypes attribute when the unchanging flag is set.
2007-10-08	Release 0.2.	Russ Allbery

2007-10-06	Add standard README and NEWS files and organize TODO a bit more by	Russ Allbery
	release targets.