| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-02-27 | Add license statements to all textual documentation in docs | Russ Allbery | |
| Change-Id: Id5af9714e3d4f516cf7391c869eff89521e145c5 Reviewed-on: https://gerrit.stanford.edu/849 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu> | |||
| 2013-02-13 | Add ssl-keypair to Stanford naming policy | Russ Allbery | |
| Used currently by MDM to store both the certificate and the key in the same file for convenience. Change-Id: I38901ac93fe3022c2e00f735a0f995500841d709 Reviewed-on: https://gerrit.stanford.edu/784 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu> | |||
| 2013-02-05 | Add another case to the Stanford ssl-key naming convention | Russ Allbery | |
| If there are multiple SSL private keys for the same host-based CN, an application name can be added as an additional component of the name. Change-Id: I06e25359b291a77a7dbca1a7f3db84afb2b16ddd Reviewed-on: https://gerrit.stanford.edu/754 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu> | |||
| 2013-01-18 | Further Stanford naming convention changes | Russ Allbery | |
| Remove the group for host-based file object names. Move the group to the second component for non-host-based names so that the first component is always the object type. Add some additional object types and clarify wording based on feedback from Adam. Change-Id: I5db7b23d2b004c69afb869df5624d455b751c0d5 Reviewed-on: https://gerrit.stanford.edu/724 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu> | |||
| 2013-01-17 | Significant revision of the Stanford naming scheme | Russ Allbery | |
| Recommend slash-separated names by default. Remove some obsolete bits and update a lot of the recommendations and wording. Change-Id: I44cbf8116e7529b00a61261248ff9daecacdb910 Reviewed-on: https://gerrit.stanford.edu/723 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu> | |||
| 2012-07-16 | Add objects-and-schemes to EXTRA_DIST, rename | Russ Allbery | |
| 2012-07-16 | Add documentation of existing wallet objects and ACL schemes | Russ Allbery | |
| 2012-03-29 | Fix incorrect wallet.conf path in the setup documentation | Russ Allbery | |
| 2011-03-23 | Add -ssl-keystore to the Stanford naming conventions | Russ Allbery | |
| 2010-04-14 | Update Stanford naming for Tivoli keys | Russ Allbery | |
| The previous wording implied that <group>-<server>-tivoli-key was only used for encryption keys. Allow for either passwords or encryption keys, and remove the note that it should be base64-encoded since wallet now supports binary files. | |||
| 2010-02-20 | wallet-backend gets the third store argument from stdin if missing | Russ Allbery | |
| If there is no third argument to store, read it from standard input instead. This is the preferred way of running wallet-backend, using stdin=last support from remctl 2.14 and later. Receiving the third argument as a regular argument continues to be supported for backward compatibility. | |||
| 2010-01-13 | Add Tivoli encryption keys to the Stanford naming guide | Russ Allbery | |
| 2009-08-15 | Add a naming convention for general config files | Russ Allbery | |
| We have some general configuration files that contain database passwords. Add a general naming convention to avoid creating new ones with each new type of config file. | |||
| 2009-08-07 | Update Stanford naming documentation for puppet.conf | Russ Allbery | |
| Add a naming convention for puppet.conf files containing secure data and reorganize the naming convention documentation to group all service objects together. | |||
| 2009-03-25 | Add the shibboleth.xml object naming convention. | Russ Allbery | |
| 2009-02-27 | Add htpasswd convention. | Russ Allbery | |
| 2008-12-15 | Add ssh key naming to the Stanford naming guide. | Russ Allbery | |
| 2008-10-06 | Add additional Stanford naming conventions. | Russ Allbery | |
| 2008-09-17 | Clarify database password object naming and add PAM configuration object | Russ Allbery | |
| naming. | |||
| 2008-07-07 | Initial Stanford naming conventions. | Russ Allbery | |
| 2008-02-13 | Update the design documentation to reflect the current protocol and | Russ Allbery | |
| implementation. | |||
| 2008-01-24 | Add a wallet-admin program which can initialize and destroy the | Russ Allbery | |
| database and list all objects and ACLs in the database. | |||
| 2007-12-01 | Move wallet.conf to /etc/wallet since we're going to want to put other | Russ Allbery | |
| things in that directory as well. | |||
| 2007-10-09 | Initial implementation of enctype restriction with a basic test suite. | Russ Allbery | |
| Still needs a more comprehensive test suite. Remove all attributes for a keytab object when it is destroyed so that when the object is recreated, it doesn't inherit attributes from its previous self. Add a test case for that for the sync attribute. | |||
| 2007-09-26 | Include the synchronization configuration in show() output. Provide a | Russ Allbery | |
| new object method that subclasses can override to add attribute information to show() and remove the documentation about overriding show(). | |||
| 2007-09-20 | Update the documentation to get rid of the stupid error return from | Russ Allbery | |
| attr and instead tell the caller to call error() on an empty return to see if there was a problem. | |||
| 2007-09-19 | Add generic attribute support to the object layer and update the API | Russ Allbery | |
| documentation to talk about overriding it. Update some other bits of the API documentation to include more hints about how to handle overridden methods. | |||
| 2007-09-18 | Document the locked flag in the server backend and client man pages. | Russ Allbery | |
| Document locked flag issues when implementing a new object type. | |||
| 2007-09-18 | Note cases where one might want to override flag_set() or flag_clear(). | Russ Allbery | |
| 2007-09-01 | Finish revising the design documentation to bring it up to date. | Russ Allbery | |
| 2007-09-01 | Note that you may need to change the path to wallet-backend. | Russ Allbery | |
| 2007-09-01 | Update and rewrite from the perspective of someone extending the wallet | Russ Allbery | |
| system, taking out all the documentation of the object API that's now covered in the Wallet::Object::Base documentation. | |||
| 2007-09-01 | Update for the current state of the world, remove some stuff that we | Russ Allbery | |
| aren't going to do, and flesh out some of the thoughts. | |||
| 2007-09-01 | Flesh out the setup instructions. | Russ Allbery | |
| 2007-08-31 | Remove the ACL API, which is now in the Wallet::ACL documentation, and | Russ Allbery | |
| rework the introduction a little. | |||
| 2007-08-29 | Convert the schema documentation into a Perl class that contains the same | Russ Allbery | |
| information but can also return the SQL commands or apply them to a database. | |||
| 2007-08-28 | Throw exceptions for failure of object new() and create() functions | Russ Allbery | |
| rather than returning undef so that we can save the error message. | |||
| 2007-08-28 | Use acl_entries, not acl_entry, for the ACL table to match the | Russ Allbery | |
| pluralization of other table names. Add indexes and uniqueness constraints and fix the object_history primary key. | |||
| 2007-08-28 | Standardize on terminology. Each component of an ACL is called an entry. | Russ Allbery | |
| 2007-08-28 | Remove the default ACL thing from the object API. That was a bad idea. | Russ Allbery | |
| I'll do something different with a policy framework. Added some more information about what this file documents. Added the ACL API, although that's shortly going to move out of this file into documentation. | |||
| 2007-08-28 | No need to pass a database handle into the ACL constructors any more. | Russ Allbery | |
| I was only going to use that for the krb5-group ACL, which I won't be implementing. | |||
| 2007-08-28 | Remove krb5-group, which I won't be implementing. Clarify the netdb ACL | Russ Allbery | |
| type since I found a good way of integrating it well with the rest of the ACL system. | |||
| 2007-08-28 | Update for the correct arguments, add trace arguments to more methods, | Russ Allbery | |
| and add the destroy method. | |||
| 2007-08-27 | Rename delete to destroy in the API and MySQL fields to avoid the Perl | Russ Allbery | |
| delete keyword. | |||
| 2007-08-27 | Add the history tables and remove the krb5-group ACL tables, since I won't | Russ Allbery | |
| be implementing that ACL type. Add names to the ACL table. Various other fixes from the design review. | |||
| 2007-08-27 | Initial brief notes on database setup. | Russ Allbery | |
| 2007-08-07 | Reword the first paragraph to be a bit clearer. | Russ Allbery | |
| 2007-07-19 | Initial general design document. | Russ Allbery | |
| 2007-05-02 | Improvements to default_check including the operation type, and pass | Russ Allbery | |
| the database handle to the ACL constructor. | |||
| 2007-05-02 | kasetkey is now included in wallet, so no need to mention that as a to-do | Russ Allbery | |
| item here. | |||
 |
index : krb5-wallet.git | |
| Unnamed repository; edit this file 'description' to name the repository. | www-data |
| summaryrefslogtreecommitdiff |