| Age | Commit message (Collapse) | Author |
|---|
|
The wallet server now requires Perl 5.8 or later (instead of 5.006 in
previous versions) and is now built with Module::Build instead of
ExtUtils::MakeMaker. This should be transparent to anyone not working
with the source code, since Perl 5.8 was released in 2002, but
Module::Build is now required to build the wallet server. It is
included in some versions of Perl, or can be installed separately from
CPAN, distribution packages, or other sources.
Also reorganize the test suite to use subdirectories.
Change-Id: Id06120ba2bad1ebbfee3d8a48ca2f25869463165
Reviewed-on: https://gerrit.stanford.edu/1530
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Previous versions had erroneous foreign key constraints between the
object history table and the objects table. Remove those constraints,
and an incorrect linkage in the schema for the ACL history, and add
indices for the object type, name, and ACL instead.
Change-Id: Ie0ff2448caa82c7a533a1b9ff5c13029bb6ae4ef
Reviewed-on: https://gerrit.stanford.edu/1526
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Change-Id: Ieb29af8a3bcf61cdebb1d8b7b2a5b8868a3586dc
Reviewed-on: https://gerrit.stanford.edu/1524
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
A new object type, duo (Wallet::Object::Duo), is now supported. This
creates an integration with the Duo Security cloud multifactor
authentication service and allows retrieval of the integration key,
secret key, and admin hostname. Currently, only UNIX integration
types are supported. The Net::Duo Perl module is required to use this
object type. New configuration settings are required as well; see
Wallet::Config for more information. To enable this object type for
an existing wallet database, use wallet-admin to register the new
object.
Change-Id: I2c0dac75e81f526b34d6b509c4bdaecb43dd4a9d
Reviewed-on: https://gerrit.stanford.edu/1516
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
cron principals were being rejected due to not being a part of the
Stanford Policy module.
Change-Id: Ic67a8e2bce8474431163b74d97c2bf1fb184a4b7
Reviewed-on: https://gerrit.stanford.edu/1488
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Change-Id: I4c2b5d7c807d6c27dd18a3b92eef66d21287d21e
Reviewed-on: https://gerrit.stanford.edu/1481
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
When creating new principals in a Heimdal KDC, generate a long, random
password as the temporary password of the disabled principal before
randomizing keys. This is necessary if password quality is being
enforced on create calls. Since the principal is always inactive
until the keys have been randomized, the password should not need to
be secure (and indeed is not cryptographically random).
Change-Id: If519a82475bb0d387a19d16ef1e024b0da64779a
Reviewed-on: https://gerrit.stanford.edu/1374
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
The acl_history table needed to get the DateTime object rather than the
raw epoch timestamp in one place. This was causing errors adding new
lines to the history.
Change-Id: I9c971819484cd0b26cb2561549246c284afc55a1
Reviewed-on: https://gerrit.stanford.edu/1325
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Normally this will already be loaded, but since we use it directly,
make sure it is loaded.
Change-Id: Ibc4ca874b659f316268957cbf77ead9d49bc3ca0
Reviewed-on: https://gerrit.stanford.edu/1205
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Fix the Wallet::Config documentation for the ldap-attr verifier to
reference an ldap_map_principal hook, not ldap_map_attribute, matching
the implementation.
Change-Id: I258edcf69d4dcb3d2ec8dc66db4b768d91645fc4
Reviewed-on: https://gerrit.stanford.edu/1204
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
There was a missing resultset() call in one place and the wrong
resultset used in a different place, causing the enctype management
code to not work.
Change-Id: I796169c5968ec164f90f3cd75541dd346dd50fdf
Reviewed-on: https://gerrit.stanford.edu/1070
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
We actually know the enctypes that are in most common use, so rather
than making the user poke them into the database manually, save them
a step and put them in. We still need some mechanism to remove the
DES enctype and add new ones, though.
Change-Id: I2eda7e29897ec16a04a10f0c7289878c853b7531
Reviewed-on: https://gerrit.stanford.edu/1068
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Change-Id: I59db1e8638a602d9c118ac01da17280c9ed7d005
Reviewed-on: https://gerrit.stanford.edu/1067
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Change-Id: Ie4c0af7b218fcd00fc6f39514967c9e38e12b1be
Reviewed-on: https://gerrit.stanford.edu/1023
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
The module wasn't always returning a true value when loaded.
Change-Id: I998ab25509cb9079034cae6aca467024ec6b4949
Reviewed-on: https://gerrit.stanford.edu/990
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
In Wallet::Admin, add the wa-keyring object handler to the list
of initializations when creating a new database.
Change-Id: I804b47ae712ce3d96c57699fb2ba05c45f687881
Reviewed-on: https://gerrit.stanford.edu/986
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Owners of wallet objects are now allowed to destroy them. In previous
versions, a special destroy ACL had to be set and the owner ACL wasn't
used for destroy actions, but operational experience at Stanford has
shown that letting owners destroy their own objects is a better model.
Change-Id: I0e97d7a000e62cf5321add7b44140db6edc6769f
Reviewed-on: https://gerrit.stanford.edu/973
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Change-Id: Iee8d55f6c86563fad71d770398e3221f7efb4b2e
Reviewed-on: https://gerrit.stanford.edu/852
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Change-Id: I06dd9ecca19315179bdd34d4b301548fe7604331
Reviewed-on: https://gerrit.stanford.edu/842
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Change-Id: I48984226f67ded5539f6bc8c8cd88cfa770be775
Reviewed-on: https://gerrit.stanford.edu/839
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Change-Id: I8aa2d9232a3f15d424eafbda69b6e065824e62b8
|
|
The wallet-admin wrapper script will already pass any errors to
die, so don't separately warn.
Change-Id: Id5b27c5f9eaba8cf2d45ef058aaaa93e50f9cab5
Reviewed-on: https://gerrit.stanford.edu/795
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Install the wallet schema files generated by DBIx::Class for the
various supported database engines into /usr/local/share/wallet
(by default, using pkgdatadir) on make install. Set the default
$DB_DDL_DIRECTORY value in Wallet::Config accordingly.
Change-Id: I7ec52b171bc6aca2c3e1040c037e7cf24553231f
Reviewed-on: https://gerrit.stanford.edu/794
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
In the upgrade() wrapper in Wallet::Admin, set the DDL directory
in the schema before attempting an upgrade.
Change-Id: I691184fc4cf416e68f300bc78f7caffc41bf94b8
Reviewed-on: https://gerrit.stanford.edu/793
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Change-Id: Id8810ff6deb991b70c2fd4587019aa245d247419
Reviewed-on: https://gerrit.stanford.edu/785
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Used currently by MDM to store both the certificate and the key in
the same file for convenience.
Change-Id: I38901ac93fe3022c2e00f735a0f995500841d709
Reviewed-on: https://gerrit.stanford.edu/784
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
In Wallet::Policy::Stanford, add support for setting a default owner
of file objects whose names are based on a group that has an ACL
mapping.
Change-Id: I4f63815621d81e26ba4779d10f249cb31eef2b5e
Reviewed-on: https://gerrit.stanford.edu/759
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Add all the new group names for the Stanford naming policy and
associate them with default ACLs (not yet used). Distinguish
them from the legacy group names, and use the appropriate ones
for naming policy enforcement.
Change-Id: I4b87ff48d34d82195245798f41afefff26efa95d
Reviewed-on: https://gerrit.stanford.edu/758
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Add support for a default owner for host-based file objects to
Wallet::Policy::Stanford.
Change-Id: I1a9bf07def1356788fbd0acf9910a2e86c9e8f08
Reviewed-on: https://gerrit.stanford.edu/757
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Refactor the Wallet::Policy::Stanford module to pull some of the
constants out, and then add data and support in the naming policy
for the new file object naming scheme.
Change-Id: Iba0c24c119ce529a1d3fd8cd3332335c4433df09
Reviewed-on: https://gerrit.stanford.edu/756
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
To make it easier to revise and test revisions to the Stanford
wallet naming policy, convert the code to a module and include it
in the distribution. Add a test suite for the current policy.
Change-Id: I73b888fa8d18401a239144c2e9f810ad4692c44b
Reviewed-on: https://gerrit.stanford.edu/755
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
In moving from DBI to DBIx::Class, we at first left the various
variables the same. This goes through to update them for the proper
names.
* Wallet::Admin::schema was created to return the schema object (and
similarly for Wallet::Server and Wallet::Report).
* Wallet::Admin::dbh was modified to return the actual DBI handle again
(and similarly for Wallet::Server and Wallet::Report).
* Various places that used $admin->{dbh} were moved to $admin->{schema}.
* Various places using $dbh for the schema object were changed to
$schema.
Change-Id: I00914866e9a8250855a7828474aa9ce0f37b914f
Reviewed-on: https://gerrit.stanford.edu/733
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
perl/Wallet/Object/Keytab.pm was using the wrong value for the database
handle in some places (trying to load as a subroutine rather than part
of the object). Also, the keytab.t tests were attempting to run against
the DBIx::Class object rather than a direct dbh handle that they
expected.
Change-Id: Ifbb8b110d559f3ba867fc5b0dc3933fd2d4fd484
Reviewed-on: https://gerrit.stanford.edu/731
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
DBIx::Class::Schema::Versioned uses carp to send a few warnings that are
more just informational messages. Use a local warning handler to skip
the warnings we'll always get for normal upgrades.
Change-Id: I4f987b290ec17b95d737150dd106e7bb0f62a264
Reviewed-on: https://gerrit.stanford.edu/730
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
wallet-admin is solely a thin wrapper around Wallet::Admin, but it
gained specific code for initialize and update, which caused the
server/admin test to fail.
Move the update code to set a default version into into Wallet::Admin
instead. The initialize code appears to be unnecessary; it was
setting a default for a parameter that was already handled by
Wallet::Config.
Change-Id: I1a7e5dbbfd005e4f60e89e50a91019295e44df99
Reviewed-on: https://gerrit.stanford.edu/729
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Moved all the Perl code to use DBIx::Class for the database interface.
This includes updating all database calls, how the schema is generated
and maintained, and the tests in places where some output has changed.
We also remove the schema.t test, as the tests for it are more covered
in the admin.t tests now.
Change-Id: Ie5083432d09a0d9fe364a61c31378b77aa7b3cb7
Reviewed-on: https://gerrit.stanford.edu/598
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Be sure that we don't purge keys if that would leave us with fewer
than three keys. Fix a few other error reporting issues and one
syntax error in a WebAuth call.
Change-Id: I9bb75de56da3542f8c26ca8eab0814afea06c16a
Reviewed-on: https://gerrit.stanford.edu/714
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
We need at least version 3.06 to have the encode and decode
WebAuth::Keyring functions.
Change-Id: Ia4e3ed74cc038c06e3ba6ab13b37ea3cdb06c032
Reviewed-on: https://gerrit.stanford.edu/713
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
A copy/paste error from the file object configuration.
Change-Id: Ie3ee48ed7adcf3fa50a510f085e664c5b0c91300
Reviewed-on: https://gerrit.stanford.edu/712
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Change-Id: I12e430acd089de5ac50f62ebbdeb869be31eeeec
Reviewed-on: https://gerrit.stanford.edu/711
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
Add a new acl check command which, given an ACL ID, prints yes if that
ACL already exists and no otherwise. This is parallel to the check
command for objects.
Also fix some documentation errors in the wallet client documentation,
saying that the check command doesn't require any ACL and fixing one
place where "show" was used instead of "store".
|
|
|
|
Fix a formatting error in Wallet::ACL::LDAP::Attribute and add new
stopwords required by the latest aspell.
|
|
Some database drivers, such as current SQLite, will return undef
for a data column that is set to NULL instead of the empty string.
Skip past those data columns without attempting to examine the
length of the resulting data.
|
|
This is very preliminary. There is no test suite yet, no
documentation, and the test suite currently doesn't pass for other
reasons.
|
|
A new ACL type, ldap-attr (Wallet::ACL::LDAP::Attribute), is now
supported. This ACL type grants access if the LDAP entry
corresponding to the principal contains the attribute name and value
specified in the ACL. The Net::LDAP and Authen::SASL Perl modules are
required to use this ACL type. New configuration settings are
required as well; see Wallet::Config for more information. To enable
this ACL type for an existing wallet database, use wallet-admin to
register the new verifier.
|
|
Add a comment field to objects and corresponding commands to
wallet-backend and wallet to set and retrieve it. The comment field
can only be set by the owner or wallet administrators but can be seen
by anyone on the show ACL.
|
|
Hook the new upgrade method of Wallet::Schema into Wallet::Admin
and the wallet-admin wrapper script.
|
|
Version 0 is the version without the metadata table. Add a new
upgrade method to Wallet::Schema and support upgrading the database
to version 1. (Version 1 is not yet finalized.)
|
|
Add a metadata table whose only column, currently, is a version number.
We will store the version of the schema in this table and use that to
know what to do during upgrades.
|
