From 401bfdd941e55651f38f46b76b297968691fcaf3 Mon Sep 17 00:00:00 2001
From: Russ Allbery <eagle@eyrie.org>
Date: Wed, 8 Jan 2014 18:16:21 -0800
Subject: Randomize the password on Heimdal principal creation

When creating new principals in a Heimdal KDC, generate a long, random
password as the temporary password of the disabled principal before
randomizing keys.  This is necessary if password quality is being
enforced on create calls.  Since the principal is always inactive
until the keys have been randomized, the password should not need to
be secure (and indeed is not cryptographically random).

Change-Id: If519a82475bb0d387a19d16ef1e024b0da64779a
Reviewed-on: https://gerrit.stanford.edu/1374
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
---
 NEWS | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 165622a..c79b999 100644
--- a/NEWS
+++ b/NEWS
@@ -17,6 +17,13 @@ wallet 1.1 (unreleased)
     reference an ldap_map_principal hook, not ldap_map_attribute, matching
     the implementation.
 
+    When creating new principals in a Heimdal KDC, generate a long, random
+    password as the temporary password of the disabled principal before
+    randomizing keys.  This is necessary if password quality is being
+    enforced on create calls.  Since the principal is always inactive
+    until the keys have been randomized, the password should not need to
+    be secure (and indeed is not cryptographically random).
+
 wallet 1.0 (2013-03-27)
 
     Owners of wallet objects are now allowed to destroy them.  In previous
-- 
cgit v1.2.3