| Age | Commit message (Collapse) | Author | 
|---|
|  | Combine a long series of eval blocks into a single block and a single
error check.  Remove trailing whitespace, and in some cases remove
trailing () on method calls where the parens aren't useful. | 
|  | Added a fix to the Pod tests to change the order of the arguments in a
skip statement to the correct order.  Also added tests for the
KEYTAB_KRBTYPE value in the keytab tests, and changed the Wallet::Kadmin
module to standardize the errors returned with no keytab set and add new
error for keytab set but not a valid value. | 
|  | Made kadmin.t skip loading the Wallet::Kadmin::Heimdal module if its
requirement, Heimdal::Kadm5, is not installed on the system. | 
|  | The MIT kadmin module currently directly runs the MIT kadmin program.  Some
data needs to be cleaned during the forks for this.  This provides a
callback that can be registered and is called during the fork process,
currently just to mark database handles inactive.  It was added to both the
MIT and Heimdal modules, though it's only a stub in the Heimdal module.
Heimdal is not forking kadmin, but the stub is there in order to allow the
caller to not care which module is being used and just always register the
callbacks. | 
|  | Created perl/t/kadmin.t, which performs tests against the Wallet::Kadmin
basic API.  We only test that Wallet::Kadmin->new () works for both MIT
and Heimdal (though doesn't make a connection), and the MIT
valid_principal private method. | 
|  | valid_principal has been removed from Wallet::Kadmin and
Wallet::Kadmin::Heimdal.  An accessor for it in Wallet::Object::Keytab
has also been removed, as have the tests in perl/t/keytab.t for the
function.  It still remains within Wallet::Kadmin::MIT and is used there,
but only as a private method for flagging what the kadmin command-line
interface cannot handle. | 
|  | Added the new ACL format to perl/t/object.t's idea of what an object's
history was meant to be.  This involved switching from acl id to acl
name plus id -- ie: '1' to 'ADMIN (1)'. | 
|  | Several tests were removed in an earlier edit that should not have been.
As far as I can tell, they were removed completely by accident.  These
missing tests were causing the test suite to fail. | 
|  | Strip trailing whitespace, convert tabs to spaces, add newlines to
exceptions, and remove a few stray blank lines and a few other minor
coding style oddities.  Make the SQL style consistent. | 
|  | When listing an object history, ACLs were only shown as the ACL id.  This
changes that behavior to show the ACL name as well as ID.  Where before
it might say "set owner to 1", now it would say "set owner to ADMIN (1)". | 
|  | Added cases to handle the Wallet::Object::Keytab module using a Heimdal
KDC as well as an MIT KDC.  In most cases this is transparent, but some
tests are skipped for Heimdal, and the commands run to test that the
created principals and keytabs are correct are different for Heimdal.
The code now branches based on the value of
$Wallet::Config::KEYTAB_KRBTYPE. | 
|  | Added cases to handle the Wallet::Object::Keytab module using a Heimdal
KDC as well as an MIT KDC.  In most cases this is transparent, but some
tests are skipped for Heimdal, and the commands run to test that the
created principals and keytabs are correct are different for Heimdal.
The code now branches based on the value of
$Wallet::Config::KEYTAB_KRBTYPE. | 
|  | wallet-admin's list command now has additional searches added for objects
and acls that match certain specifiers.  For objects these include
searching for objects owned by a specific ACL, objects owned by no one,
objects of a specific type, objects with a specific flag, and objects for
which a specific ACL has any privileges at all.  For acls, this includes
the ability to search for any ACL with an entry with given type and
identifier. | 
|  | Add a new report owners command to wallet-admin and corresponding
report_owners() method to Wallet::Admin, which returns all ACL lines
on owner ACLs for matching objects. | 
|  |  | 
|  | can run in AFS. | 
|  |  | 
|  | empty string is valid object content.
Add a full end-to-end test suite to catch protocol mismatches between
the client and server, such as the one fixed in this release. | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  | environment variable WALLET_CONFIG and loads configuration from the
file specified there instead of /etc/wallet/wallet.conf if it is set. | 
|  |  | 
|  |  | 
|  | empty string as a principal argument.  Be careful not to provide a
principal argument if no principal was set.  This workaround can be
removed once we depend on a later version of Net::Remctl. | 
|  | default ACLs.  Remove autocreation support from create, which now
requires that one be on the ADMIN ACL, and from get and store.  The
wallet client will soon know how to do the right thing. | 
|  | already exists. | 
|  | default ACLs to avoid creating and stranding an ACL when the naming
policy check fails. | 
|  |  | 
|  | database. | 
|  |  | 
|  |  | 
|  | of Wallet::Schema::drop in the test suite. | 
|  |  | 
|  | function in the wallet server configuration file. | 
|  | libraries as necessary rather than hard-coding libraries.  Building
on systems without strong shared library dependencies and building
against static libraries should now work.
Building kasetkey (for AFS kaserver synchronization) is now optional
and not enabled by default.  Pass --with-afs to enable it.  This
allows wallet to be easily built in an environment without AFS. | 
|  |  | 
|  | containing periods.  Otherwise, it's hard to manage host keytabs.  Add
a missing test suite for that method. | 
|  | database rather than a hard-coded list and provide Wallet::Schema
methods for adding new class mappings.
Add a missing class mapping for the netdb ACL schema verifier. | 
|  | have an instance of "root" and strips that instance before checking
NetDB roles. | 
|  |  | 
|  |  | 
|  | configuration is present. | 
|  | fine with MySQL. | 
|  |  | 
|  |  | 
|  | seconds since epoch and returned the same way.  Timestamps are now
stored in the database as correct date and time types rather than
seconds since epoch to work properly with MySQL. | 
|  |  | 
|  |  |