From a131c767d1eee7b98170962f7f9d4063be69e576 Mon Sep 17 00:00:00 2001
From: Russ Allbery <rra@stanford.edu>
Date: Wed, 3 Mar 2010 22:37:18 -0800
Subject: Add auditing for names that violate the naming policy

Add an audit command to wallet-report and one audit: objects name,
which returns all objects that do not pass the local naming policy.
The corresponding Wallet::Report method is audit().

Wallet::Config::verify_name may now be called with an undefined third
argument (normally the user attempting to create an object).  This
calling convention is used when auditing, and the local policy
function should select the correct policy to apply for useful audit
results.
---
 NEWS | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index e66d1b3..03fe99b 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,16 @@ wallet 0.11 (unreleased)
     integrity.  This also allows us to return a better error message
     naming an object that's still using that ACL.
 
+    Add an audit command to wallet-report and one audit: objects name,
+    which returns all objects that do not pass the local naming policy.
+    The corresponding Wallet::Report method is audit().
+
+    Wallet::Config::verify_name may now be called with an undefined third
+    argument (normally the user attempting to create an object).  This
+    calling convention is used when auditing, and the local policy
+    function should select the correct policy to apply for useful audit
+    results.
+
     Fix portability to older Kerberos libraries without
     krb5_free_error_message.
 
-- 
cgit v1.2.3