wallet 0.7 released

[Russ Allbery]

I'm pleased to announce release 0.7 of wallet.  This software is
beta-quality and should be treated with caution.  It is currently being
tested for production deployment at Stanford.

WARNING: The new client is not compatible with the old server, and the old
client will not be able to autocreate objects using the new server due to
a change in the client/server API.

The wallet is a system for managing secure data, authorization rules to
retrieve or change that data, and audit rules for documenting actions
taken on that data.  Objects of various types may be stored in the wallet
or generated on request and retrieved by authorized users.  The wallet
tracks ACLs, metadata, and trace information.  It is built on top of the
remctl protocol and uses Kerberos GSS-API authentication.  One of the
object types it supports is Kerberos keytabs, making it suitable as a
user-accessible front-end to Kerberos kadmind with richer ACL and metadata
operations.

Changes from previous release:

    Add new exists and autocreate wallet server interfaces.  The first
    states whether a given object exists and the second attempts to create
    the object using the default owner rules.  Remove default owner
    handling from the create interface, which is now for administrators
    only.  Remove server-side auto-creation of objects on get or store and
    instead have the client check for object existence and call autocreate
    if necessary.  This removes confusion between default ACLs and
    administrative object creation for users who are also on the ADMIN
    ACL.

    When creating a srvtab based on a just-downloaded keytab, extract the
    srvtab key before merging the keytab into an existing file.
    Otherwise, if the new keys had a lower kvno than the old keys
    (possible after deleting and recreating the object), the wrong key
    would be extracted for the srvtab.

    keytab-backend now passes kadmin.local ktadd its options in a specific
    order to satisfy the picky option parser.

    Check naming policy on wallet object creation before checking the
    default ACLs to avoid creating and stranding an ACL when the naming
    policy check fails.

    The current version of Net::Remctl can't handle explicit undef or the
    empty string as a principal argument.  Be careful not to provide a
    principal argument if no principal was set.  This workaround can be
    removed once we depend on a later version of Net::Remctl.

    Correctly enable syslog logging in wallet-backend.

    Fix the example remctl configuration for keytab-backend to use the
    correct script name.

You can download it from:

    <http://www.eyrie.org/~eagle/software/wallet/>

Please let me know of any problems or feature requests not already listed
in the TODO file.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>