| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Add SPDX-License-Identifier headers to all substantial source files.
Collapse copyright years. Add some Emacs configuration for files
where the copyright notice is at the end. Add a test that every
file has SPDX-License-Identifier.
|
|
Update to rra-c-util 7.2:
* Improve configure output for krb5-config testing.
* Define UINT32_MAX for systems that don't have it.
* Add SPDX-License-Identifier headers to all substantial source files.
* Fix new warnings from GCC 7 and Clang warnings.
* Require Test::Strict 0.25 or later to run those tests.
* Fix off-by-one error in return-value checks for snprintf.
* Use Autoconf to probe for supported warning flags.
* Fix running module-version-t -u with current versions of Perl.
* Use C_TAP_SOURCE and C_TAP_BUILD instead of SOURCE and BUILD.
Update to C TAP Harness 4.3:
* Add support for valgrind and libtool in test lists.
* Report test failures as left and right, not wanted and expected.
* Fix string comparisons with NULL pointers and the string "(null)".
* Add SPDX-License-Identifier headers to all substantial source files.
* Avoid zero-length realloc allocations in breallocarray.
* Fix new warnings from GCC 7 and Clang warnings.
* Use C_TAP_SOURCE and C_TAP_BUILD instead of SOURCE and BUILD.
|
|
Change-Id: I4c2b5d7c807d6c27dd18a3b92eef66d21287d21e
Reviewed-on: https://gerrit.stanford.edu/1481
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Change-Id: I06dd9ecca19315179bdd34d4b301548fe7604331
Reviewed-on: https://gerrit.stanford.edu/842
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Build a separate wallet-rekey client that rekeys every keytab given
on the command-line. Fix some coding style issues and add internal
prototypes. Build the shared source for both clients into an
uninstalled library to save compilation time.
|
|
Refactor the wallet client code to use remctl_commandv and send stores
with data containing nul.
|
|
Use the Kerberos portability layer from rra-c-util 3.0 and avoid
Kerberos API calls deprecated on Heimdal. Break util/util.h into
separate header files and update all source files accordingly.
The test suite is not yet updated. That will come in subsequent
commits.
|
|
The wallet client now uses a temporary disk ticket cache when
obtaining tickets with the -u option rather than an in-memory cache,
allowing for a libremctl built against a different Kerberos
implementation than the wallet client. This primarily helps with
testing.
|
|
|
|
file (using -f) or from standard input (if -f wasn't given) when the
data isn't specified on the command line. The data still must not
contain nul characters.
|
|
projects.
The configure option requesting AFS kaserver support (and thus
building kasetkey) is now --with-kaserver instead of --with-afs.
If KRB5_CONFIG was explicitly set in the environment, don't use a
different krb5-config based on --with-krb4 or --with-krb5. If
krb5-config isn't executable, don't use it. This allows one to
force library probing by setting KRB5_CONFIG to point to a
nonexistent file.
Sanity-check the results of krb5-config before proceeding and error
out in configure if they don't work.
Stop setting Stanford-specific compile-time defaults for the wallet
server and port.
|
|
library and start the transition of coding style.
|
|
states whether a given object exists and the second attempts to create
the object using the default owner rules. Remove default owner
handling from the create interface, which is now for administrators
only. Remove server-side auto-creation of objects on get or store and
instead have the client check for object existence and call autocreate
if necessary. This removes confusion between default ACLs and
administrative object creation for users who are also on the ADMIN
ACL.
|
|
credentials for the given user and use those for authentication rather
than using an existing ticket cache.
|
|
keytab keys into that file rather than moving aside the old keytab and
creating a new keytab with only the new keys.
Also fix get handling in the client for all types other than keytabs.
This isn't visible yet since the server doesn't yet support other types
of objects.
|
|
type from krb5.conf as well as from compile-time defaults and
command-line options.
|
|
|
|
|
|
and license statements in all files. Make sure that some files that were
missing copyright information now have them. Reference LICENSE rather
than README in all notices.
|
|
object when get is called with the -S flag.
|
|
|
|
expansion. Use the fine-grained remctl API instead of the simple one
since in some cases we'll be running multiple commands.
|
|
so that the srvtab and keytab management can share it. Write atomically
to a new file and then link and rename to do an atomic update. Leave a
backup copy of any file that's replaced.
|
|
additional work and cleanup, particularly support for the sync attribute.
|
