| Age | Commit message (Collapse) | Author |
|---|
|
Change the API for keytab_rekey to match keytab, returning the keytab
as data instead of writing it to a file. This simplifies the wallet
object implementation and moves the logic for reading the temporary
file into Wallet::Kadmin and its child classes. (Eventually, there may
be a kadmin backend that doesn't require using a temporary file.)
Setting KEYTAB_TMP is now required to instantiate either the ::MIT or
::Heimdal Wallet::Kadmin classes.
|
|
Heimdal supports retrieving a keytab containing the existing keys over
the kadmin protocol. Move the support for using remctl to retrieve an
existing keytab into Wallet::Kadmin::MIT and provide two separate
methods in the Wallet::Kadmin interface: one which rekeys and one which
doesn't. Implement the non-rekeying interface for Heimdal. Expand the
test suite for the unchanging keytabs to include tests for the Heimdal
method.
|
|
|
|
Now that we support multiple versions of Kerberos, use generic names
for the functions in the Wallet::Kadmin interface rather than the
commands from the MIT kadmin interface.
|
|
Rather than duplicating the API documentation in both ::Heimdal and
::MIT, move it into Wallet::Kadmin and just reference that from the
subclasses. Add documentation for exists(), since that's part of the
public API. Move a few methods around and fix a few other minor
documentation differences.
|
|
Take advantage of inheritance by providing the error method in
Wallet::Kadmin rather than separately in both the subclasses.
|
|
Move the stub fork_callback method into Wallet::Kadmin and make both
Wallet::Kadmin::Heimdal and Wallet::Kadmin::MIT inherit from
Wallet::Kadmin. Add POD documentation for fork_callback.
|
|
Also update the POD syntax check to the current version of that check
I use elsewhere. Since I'm touching all the POD anyway, also rewrap
all of the POD to 74 columns. Fix some references to MIT in the
Wallet::Kadmin::Heimdal module documentation.
|
|
Heimdal requires the full name and doesn't support the short name that
MIT has as an alias. Change the documentation to use the long name
uniformly.
|
|
KEYTAB_KRBTYPE wasn't documented in Wallet::Config. Add it and the
variable declaration. Also document the new mandatory setting in
NEWS and add the Heimdal::Kadm5 requirement to README. Remove some
of the language in README that implies that only MIT Kerberos is
supported.
Make the setting case-insensitive and improve the error message from
Wallet::Kadmin if it isn't set.
|
|
Combine a long series of eval blocks into a single block and a single
error check. Remove trailing whitespace, and in some cases remove
trailing () on method calls where the parens aren't useful.
|
|
Added a fix to the Pod tests to change the order of the arguments in a
skip statement to the correct order. Also added tests for the
KEYTAB_KRBTYPE value in the keytab tests, and changed the Wallet::Kadmin
module to standardize the errors returned with no keytab set and add new
error for keytab set but not a valid value.
|
|
valid_principal has been removed from Wallet::Kadmin and
Wallet::Kadmin::Heimdal. An accessor for it in Wallet::Object::Keytab
has also been removed, as have the tests in perl/t/keytab.t for the
function. It still remains within Wallet::Kadmin::MIT and is used there,
but only as a private method for flagging what the kadmin command-line
interface cannot handle.
|
|
Added documentation for the new object and acl list searches to
perl/Wallet/Admin.pm and server/wallet-admin. Also fixed a POD error
in perl/Wallet/Kadmin.pm's docs.
|
|
Strip trailing whitespace, convert tabs to spaces, add newlines to
exceptions, and remove a few stray blank lines and a few other minor
coding style oddities. Make the SQL style consistent.
|
|
valid_principal used to reside in Wallet::Object::Keytab, but was moved to
the individual Wallet::Kadmin::* modules. This isn't necessary currently
and may not ever be, but it's there just in case we do ever need to
differentiate. To simplify testing, a way to still call it directly from
Wallet::Object::Keytab has been added.
|
|
Added support for Heimdal as an alternative to MIT Kerberos. This involved
separating out the kadmin-specific code into its own set of modules, and
changing the existing Wallet::Object::Keytab code to branch based on
which module is loaded.
|
