From cb6d3750ac70c7217335d3f8b04910f4b09ef5d1 Mon Sep 17 00:00:00 2001
From: Russ Allbery <eagle@eyrie.org>
Date: Wed, 8 Jan 2014 18:16:21 -0800
Subject: Randomize the password on Heimdal principal creation

When creating new principals in a Heimdal KDC, generate a long, random
password as the temporary password of the disabled principal before
randomizing keys.  This is necessary if password quality is being
enforced on create calls.  Since the principal is always inactive
until the keys have been randomized, the password should not need to
be secure (and indeed is not cryptographically random).

Change-Id: If519a82475bb0d387a19d16ef1e024b0da64779a
Reviewed-on: https://gerrit.stanford.edu/1374
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>

Conflicts:
	NEWS
---
 NEWS | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index a9305d7..50caa05 100644
--- a/NEWS
+++ b/NEWS
@@ -13,6 +13,13 @@ wallet 1.1 (unreleased)
     Fix the code to set enctype restrictions for keytab objects in the
     wallet server.
 
+    When creating new principals in a Heimdal KDC, generate a long, random
+    password as the temporary password of the disabled principal before
+    randomizing keys.  This is necessary if password quality is being
+    enforced on create calls.  Since the principal is always inactive
+    until the keys have been randomized, the password should not need to
+    be secure (and indeed is not cryptographically random).
+
 wallet 1.0 (2013-03-27)
 
     Owners of wallet objects are now allowed to destroy them.  In previous
-- 
cgit v1.2.3