| Age | Commit message (Collapse) | Author |
|---|
|
Mostly changing http eyrie.org URLs to https, but also remove my
old email address in one place and switch some tests away from my
old RRA_MAINTAINER_TESTS environment variable to use the Lancaster
Consensus variables properly. This uncovered a bug in skipping one
test unless Stanford Kerberos credentials existed.
|
|
|
|
The versions of all of the wallet Perl modules now match the overall
package version except for Wallet::Schema, which is used to version
the database schema.
Import the test from rra-c-util 5.10 and exclude Wallet::Schema from
the tests.
Go through all Perl modules and standardize the syntax for setting the
version and indicating the required version of Perl. Fix a few other
syntax issues while I'm in there.
|
|
This requires changing the ACL verifier plumbing to pass object
type and name all the way through when verifying ACLs. Hopefully
I caught everything.
|
|
Failed kadmin commands were deleting the wallet database in the
test suite due to an END block in the test programs. Use _exit
to avoid this.
|
|
Change-Id: I3a8b13a8b255522cff92910f8d99ec94dc020e6f
|
|
A new ACL type, external (Wallet::ACL::External), is now supported.
This ACL runs an external command to check if access is allowed, and
passes the principal and the ACL identifier to that command. To
enable this ACL type for an existing wallet database, use wallet-admin
to register the new verifier.
Change-Id: I21b72b4373eefc92985aca1505e2d1a1ec699602
|
|
|
|
Added a version of the LDAP attribute ACL. Like the root version for
NetDB, this requires that the principal end in /root, and then strips
off /root before doing matching against the given LDAP attribute.
Change-Id: I23119ef9c9ce3e0556f5d71a509815f2efc1bbe6
|
|
Removed some default text and explained why we grab the database handle
for future use.
Change-Id: I50b3ae06c1761453de3140d501830c245d550c04
|
|
This verifier will allow embedding one ACL in another for more flexible
ACL handling. As part of thise we've also added the ability for each
verifier to do a syntax check to see if a given name is valid for that
verifier. For the moment this returns true for everything but Nested.
Nested will check to make sure the given name is an existing group.
Change-Id: Iacdf146d46ed882d57b7534058d34db6e6ec1de4
|
|
Fix strictness issues across the whole code base, and ensure that
all Perl scripts enable warnings. (Hopefully enabling warnings
won't cause problems for the server.)
Change-Id: I4dee49f7a6bcbeeee21d74bf61a1fd26514f832c
Reviewed-on: https://gerrit.stanford.edu/1532
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
|
The wallet server now requires Perl 5.8 or later (instead of 5.006 in
previous versions) and is now built with Module::Build instead of
ExtUtils::MakeMaker. This should be transparent to anyone not working
with the source code, since Perl 5.8 was released in 2002, but
Module::Build is now required to build the wallet server. It is
included in some versions of Perl, or can be installed separately from
CPAN, distribution packages, or other sources.
Also reorganize the test suite to use subdirectories.
Change-Id: Id06120ba2bad1ebbfee3d8a48ca2f25869463165
Reviewed-on: https://gerrit.stanford.edu/1530
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
|
