[krbdev.mit.edu #8364] git commit

[Greg Hudson via RT]

Add get_principal_keys RPC to kadmin

Change the prototype of kadm5_get_principal_keys() to report kvno and
salt information along with each key.  Add an RPC for extracting keys,
requiring a new permission bit (which is not implied by 'x' or '*' in
kadm5.acl).  Add kadm5_free_kadm5_key_data().

In kadmin, deconditionalize "kadmin ktadd -norandkey".  Use the new
information from kadm5_get_principal_keys() to correctly set the kvno
for each key when existing keys are extracted, fixing issue #7852.

Add tests to t_keytab.py for the #7852 fix.  Add tests to
lib/kadm5/unit-test for the get_principal_keys RPC.

[ghudson at mit.edu: factor out fetch_new_keys() from add_principal();
rewrite commit message to describe new RPC; add #7852 test cases;
squash with lib/kadm5/unit-test commit]

https://github.com/krb5/krb5/commit/8a64a49c3c836a2f4f03a0cbbdb89cfde9b29d1d
Author: Simo Sorce <simo at redhat.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: 8a64a49c3c836a2f4f03a0cbbdb89cfde9b29d1d
Branch: master
 doc/admin/conf_files/kadm5_acl.rst          |    3 +-
 src/kadmin/cli/keytab.c                     |  111 ++++++++++++++++-----------
 src/kadmin/server/kadm_rpc_svc.c            |    7 ++
 src/kadmin/server/server_stubs.c            |   61 +++++++++++++++
 src/kadmin/testing/scripts/init_db          |    2 +-
 src/lib/kadm5/admin.h                       |   14 ++--
 src/lib/kadm5/admin_xdr.h                   |    2 +
 src/lib/kadm5/clnt/Makefile.in              |    2 +-
 src/lib/kadm5/clnt/client_principal.c       |   27 +++++++
 src/lib/kadm5/clnt/client_rpc.c             |   15 ++++
 src/lib/kadm5/clnt/libkadm5clnt_mit.exports |    4 +
 src/lib/kadm5/kadm_err.et                   |    1 +
 src/lib/kadm5/kadm_rpc.h                    |   21 +++++-
 src/lib/kadm5/kadm_rpc_xdr.c                |   34 ++++++++
 src/lib/kadm5/misc_free.c                   |   18 +++++
 src/lib/kadm5/srv/Makefile.in               |    2 +-
 src/lib/kadm5/srv/libkadm5srv_mit.exports   |    3 +
 src/lib/kadm5/srv/server_acl.c              |    1 +
 src/lib/kadm5/srv/server_acl.h              |    2 +-
 src/lib/kadm5/srv/svr_principal.c           |   40 +++++++---
 src/lib/kadm5/unit-test/setkey-test.c       |   26 ++++++
 src/tests/t_keytab.py                       |   21 +++++-
 src/util/k5test.py                          |    2 +-
 23 files changed, 348 insertions(+), 71 deletions(-)