krb5-wallet.git - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2009-12-16	Provided path to call valid_principal directly	Jon Robertson
	valid_principal used to reside in Wallet::Object::Keytab, but was moved to the individual Wallet::Kadmin::* modules. This isn't necessary currently and may not ever be, but it's there just in case we do ever need to differentiate. To simplify testing, a way to still call it directly from Wallet::Object::Keytab has been added.
2009-12-16	Improvements for keytab existance checks and keytab creation	Jon Robertson
	* Fixed keytab existence check to avoid failures when called by a principal with permissions only on specific principals. * Better error cases for non-existant keytabs in several places. * Skipped limiting keytabs to certain enctypes when no enctypes are given.
2009-12-10	Added support for Heimdal KDC	Jon Robertson
	Added support for Heimdal as an alternative to MIT Kerberos. This involved separating out the kadmin-specific code into its own set of modules, and changing the existing Wallet::Object::Keytab code to branch based on which module is loaded.
2009-12-03	Improved wallet-admin list command with searches	Jon Robertson
	wallet-admin's list command now has additional searches added for objects and acls that match certain specifiers. For objects these include searching for objects owned by a specific ACL, objects owned by no one, objects of a specific type, objects with a specific flag, and objects for which a specific ACL has any privileges at all. For acls, this includes the ability to search for any ACL with an entry with given type and identifier.
2009-06-09	Add owners report	Russ Allbery
	Add a new report owners command to wallet-admin and corresponding report_owners() method to Wallet::Admin, which returns all ACL lines on owner ACLs for matching objects.
2009-06-09	Remove Subversion Id strings	Russ Allbery

2008-02-20	Report the correct error message when addprinc fails while creating a	Russ Allbery
	keytab object.
2008-02-13	Remove the restriction that all object implementations must have class	Russ Allbery
	names of Wallet::Object::* and all ACL verifier implementations must have class names of Wallet::ACL::*.
2008-02-13	Fix the signature of register_verifier in the documentation.	Russ Allbery

2008-02-13	Move register_object and register_verifier into Wallet::Admin.	Russ Allbery

2008-02-09	Actually implement FILE_MAX_SIZE.	Russ Allbery

2008-02-09	Add file object support to the wallet server.	Russ Allbery

2008-02-09	Minor documentation fixes.	Russ Allbery

2008-02-08	No unnecessary ; after __END__.	Russ Allbery

2008-02-08	Wallet::Config and hence the wallet server now checks for the	Russ Allbery
	environment variable WALLET_CONFIG and loads configuration from the file specified there instead of /etc/wallet/wallet.conf if it is set.
2008-02-07	The current version of Net::Remctl can't handle explicit undef or the	Russ Allbery
	empty string as a principal argument. Be careful not to provide a principal argument if no principal was set. This workaround can be removed once we depend on a later version of Net::Remctl.
2008-02-07	Add a new autocreate API call that tries to create an object using the	Russ Allbery
	default ACLs. Remove autocreation support from create, which now requires that one be on the ADMIN ACL, and from get and store. The wallet client will soon know how to do the right thing.
2008-02-07	Add a check command to the wallet server to determine whether an object	Russ Allbery
	already exists.
2008-02-06	Check naming policy on wallet object creation before checking the	Russ Allbery
	default ACLs to avoid creating and stranding an ACL when the naming policy check fails.
2008-01-23	Return IDs and names from list_acls.	Russ Allbery

2008-01-23	Add Wallet::Admin interfaces to list all objects and all ACLs in the	Russ Allbery
	database.
2008-01-23	Only disconnect the database handle during Wallet::Server object	Russ Allbery
	destruction if the database handle hasn't already been destroyed.
2008-01-23	Add a destroy() method to the Wallet::Admin object and use that instead	Russ Allbery
	of Wallet::Schema::drop in the test suite.
2008-01-23	Refactor database initialization into a new Wallet::Admin module.	Russ Allbery

2008-01-23	Add a pointer to the wallet URL in the documentation.	Russ Allbery

2008-01-22	Update documentation for the API to Wallet::Object::Base and	Russ Allbery
	Wallet::ACL to take Wallet::Database objects instead of database handles.
2008-01-22	Add a Wallet::Database class that now holds the database connection code	Russ Allbery
	previously in Wallet::Server. Remove all the attribute setting on database handles in the other classes since Wallet::Database handles that initialization.
2008-01-17	Support enforcing a naming policy for wallet objects via a Perl	Russ Allbery
	function in the wallet server configuration file.
2007-12-07	Fix the module name in the SYNOPSIS example.release/0.5 debian/0.5-1	Russ Allbery

2007-12-07	Check a default creation ACL first before the ADMIN ACL when deciding	Russ Allbery
	whether we can auto-create a non-existent ACL, since creating one with the ADMIN ACL doesn't create a useful object. Allow @ in wallet-backend arguments so that principal names can be passed in.
2007-12-07	Correctly implement the documented intention that setting an attribute	Russ Allbery
	to the empty string clears the attribute values.
2007-12-07	Get rid of more return undefs.	Russ Allbery

2007-12-07	Get rid of a bunch more return undefs.	Russ Allbery

2007-12-07	Bump version numbers appropriately.	Russ Allbery

2007-12-07	Load the Perl modules for ACL verifiers and object types dynamically	Russ Allbery
	now that we're reading the class from the database.
2007-12-06	Be a bit more careful and conservative when stripping realms off.	Russ Allbery

2007-12-06	Fix the keytab principal validation regex to allow instances	Russ Allbery
	containing periods. Otherwise, it's hard to manage host keytabs. Add a missing test suite for that method.
2007-12-05	Various coding style fixes and cleanup based on a much-appreciated	Russ Allbery
	code audit by Simon Cozens. I didn't take all of his advise, and he shouldn't be blamed for any remaining issues.
2007-12-05	Coding style improvements.	Russ Allbery

2007-12-05	Bump version number for previous changes.	Russ Allbery

2007-12-05	Maintain a global cache of ACL verifiers in Wallet::ACL and reuse them	Russ Allbery
	over the life of the process if we see another ACL line from the same scheme, rather than only reusing ACL verifiers within a single ACL.
2007-12-05	Determine the class for object and ACL schema implementations from the	Russ Allbery
	database rather than a hard-coded list and provide Wallet::Schema methods for adding new class mappings. Add a missing class mapping for the netdb ACL schema verifier.
2007-12-04	Add a subclass of the NetDB ACL verifier that requires the principal	Russ Allbery
	have an instance of "root" and strips that instance before checking NetDB roles.
2007-12-01	Following the DBI documentation, turn on AutoCommit after RaiseError so	Russ Allbery
	that we have some hope of getting error messages if it fails.
2007-12-01	If we're using MySQL, force all the tables to InnoDB so that we get	Russ Allbery
	transactions.
2007-12-01	Don't disconnect on destruction of the server object if the handle is	Russ Allbery
	marked with InactiveDestroy.
2007-12-01	Set InactiveDestroy to the right thing. Doh.	Russ Allbery

2007-12-01	Make sure we always have a valid object and access to our database	Russ Allbery
	handle when calling kadmin so that we can do our database handle mangling.
2007-12-01	Don't use die when forking kasetkey fails and similarly don't close the	Russ Allbery
	database connection on a failed fork.
2007-12-01	Don't close our open database handles after a failed fork.	Russ Allbery