From ec13d7d7530d1229a83204293f28684b7d2eac7b Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Thu, 29 Jul 2010 17:39:50 -0700 Subject: Add NEWS and remove TODO for wallet-rekey --- NEWS | 6 ++++++ README | 3 ++- TODO | 5 ----- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/NEWS b/NEWS index cd1d633..6202878 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,12 @@ wallet 0.12 (unreleased) + New client program wallet-rekey that, given a list of keytabs on the + command line, requests new keytab objects for each principal in the + local realm and then merges the new objects into that keytab. The + current implementation only acquires new keys and doesn't purge any + old keys. + A new ACL type, krb5-regex, is now supported. This ACL type is the same as krb5 except that the identifier is interpreted as a Perl regular expression and matched against the authenticated identity diff --git a/README b/README index ee073f1..03dbc2c 100644 --- a/README +++ b/README @@ -272,4 +272,5 @@ THANKS security models. To Jon Robertson for the refactoring of Wallet::Kadmin, Heimdal support, - and many of the wallet server-side reports. + many of the wallet server-side reports, and the initial wallet-rekey + implementation. diff --git a/TODO b/TODO index 06521cd..20b75fd 100644 --- a/TODO +++ b/TODO @@ -18,11 +18,6 @@ Client: * Add readline support to the wallet client to make it easier to issue multiple commands. - * Add support for rekeying in the wallet client. Need to resolve how to - get a list of principals to rekey and which keytabs to work on. This - possibly should be a separate binary from the regular wallet client - binary. - * Support authenticating with a keytab. * Allow store data to contain nuls. Requires rewriting the command -- cgit v1.2.3