| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
empty string as a principal argument. Be careful not to provide a
principal argument if no principal was set. This workaround can be
removed once we depend on a later version of Net::Remctl.
|
|
Wallet::ACL to take Wallet::Database objects instead of database
handles.
|
|
previously in Wallet::Server. Remove all the attribute setting on
database handles in the other classes since Wallet::Database handles that
initialization.
|
|
|
|
|
|
containing periods. Otherwise, it's hard to manage host keytabs. Add
a missing test suite for that method.
|
|
code audit by Simon Cozens. I didn't take all of his advise, and he
shouldn't be blamed for any remaining issues.
|
|
|
|
that we have some hope of getting error messages if it fails.
|
|
|
|
handle when calling kadmin so that we can do our database handle
mangling.
|
|
database connection on a failed fork.
|
|
|
|
seconds since epoch and returned the same way. Timestamps are now
stored in the database as correct date and time types rather than
seconds since epoch to work properly with MySQL.
|
|
Add a drop() method to Wallet::Schema to destroy the wallet database. Add
a test suite for it. Add a reinitialize() method to Wallet;:Server that
drops the database before creating it.
Modify the wallet object test cases to call reinitialize() to create the
initial database and drop() to clean up the database after the test is
complete.
Fix a bug preventing Wallet::Schema from being initialized multiple times.
We now stash the schema in a class static variable and reuse it for
subsequent initializations, since re-reading DATA doesn't work.
|
|
and can be tested.
|
|
take multiple values, so log them like flags. Hopefully this will
continue to work; if not, we'll have to revisit it later.
Improve logging for unsetting of attributes.
|
|
|
|
|
|
of the enctypes attribute when the unchanging flag is set.
|
|
that the enctype must be in the database in the keytab object API
documentation.
The README and NEWS files are now done.
|
|
enforce referential integrity.
|
|
Still needs a more comprehensive test suite.
Remove all attributes for a keytab object when it is destroyed so that
when the object is recreated, it doesn't inherit attributes from its
previous self. Add a test case for that for the sync attribute.
|
|
and license statements in all files. Make sure that some files that were
missing copyright information now have them. Reference LICENSE rather
than README in all notices.
|
|
|
|
new object method that subclasses can override to add attribute
information to show() and remove the documentation about overriding
show().
|
|
tests of the machinery around kaserver synchronization even if we don't
have a full configuration.
|
|
if synchronization is not set.
|
|
keytab object is destroyed.
|
|
object implementation, extracting the DES key with Authen::Krb5 (since
ktutil doesn't work).
Rename the KEYTAB_CACHE variable to KEYTAB_REMCTL_CACHE to match the
rest of the keytab retrieval configuration and reorganize the
Wallet::Config documentation to group related configuration options for
the keytab backend.
Fix a column name in the keytab_enctypes table to be more consistent
with the rest of the schema.
|
|
Change the documentation to tell the caller to call error() after an
empty return to see if an error occurred.
|
|
attr and instead tell the caller to call error() on an empty return
to see if there was a problem.
|
|
documentation to talk about overriding it. Update some other bits of
the API documentation to include more hints about how to handle
overridden methods.
|
|
keytabs via remctl from the KDC.
|
|
Catch more errors when checking the existence of a principal. Add a
test for creating a principal for which we don't have permissions.
|
|
that convention elsewhere.
|
|
|
|
|
|
attribute setting in objects inside eval to catch SQL errors and set the
object error accordingly rather than throwing an exception.
|
|
and append that information to the object description.
|
|
|
|
adjusts for trailing newlines and exception detritus, saving duplicate
code. Standardize the documentation of the error() method and document
using this in child classes of the generic ACL and Object classes.
Disable printing of errors during connect in Wallet::Server since we're
going to throw our own exception.
|
|
our configuration and die if it isn't correct. Catch all the exceptions
thrown by the _kadmin method and do something with them. Print a warning
and then rethrow the exception in the parent when running a non-existent
kadmin binary rather than throwing an exception in the child, which
doesn't close things down cleanly. Be robust against an undefined
KEYTAB_FLAGS setting. Ensure KEYTAB_TMP is set. Also some minor doc
improvements.
|
|
ALSO references.
|
|
|
|
principals in all the kadmin functions. Pass the realm to the kadmin
command. Parse ktadd errors properly. Call _kadmin_ktadd with the
correct arguments.
|
