[krbdev.mit.edu #7223] SVN Commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Mon Jul 30 19:11:48 EDT 2012
Policy extensions + new policy: allowed ks types
This simply adds KADM5_API_VERSION_4 and various fields to the
policy structures:
- attributes (policy-ish principal attributes)
- max_life (max ticket life)
- max_renewable_life (max ticket renewable life)
- allowed_keysalts (allowed key/salt types)
- TL data (future policy extensions)
Of these only allowed_keysalts is currently implemented.
Some refactoring of TL data handling is also done.
https://github.com/krb5/krb5/commit/5829ca2b348974e52a67b553afc7f7491007c33a
Author: Nicolas Williams <nico at cryptonector.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: 5829ca2b348974e52a67b553afc7f7491007c33a
Branch: master
.../krb_admins/admin_commands/kadmin_local.rst | 8 +
.../krb_admins/admin_commands/kdb5_util.rst | 15 +
src/clients/kinit/kinit_kdb.c | 2 +-
src/include/kdb.h | 15 +
src/kadmin/cli/kadmin.c | 73 +++--
src/kadmin/dbutil/dump.c | 316 ++++++++++++++++----
src/kadmin/dbutil/kadm5_create.c | 2 +-
src/kadmin/dbutil/kdb5_util.c | 4 +-
src/kadmin/server/ovsec_kadmd.c | 2 +-
src/kadmin/testing/util/tcl_kadm5.c | 2 +
src/lib/kadm5/admin.h | 32 ++-
src/lib/kadm5/admin_internal.h | 2 +-
src/lib/kadm5/clnt/client_init.c | 12 +-
src/lib/kadm5/clnt/clnt_policy.c | 2 +
src/lib/kadm5/kadm_err.et | 1 +
src/lib/kadm5/kadm_rpc_xdr.c | 40 ++-
src/lib/kadm5/misc_free.c | 15 +-
src/lib/kadm5/srv/server_init.c | 2 +-
src/lib/kadm5/srv/svr_policy.c | 190 +++++++++++-
src/lib/kadm5/srv/svr_principal.c | 258 ++++++++++++++---
src/lib/kadm5/unit-test/destroy-test.c | 2 +-
src/lib/kadm5/unit-test/handle-test.c | 2 +-
src/lib/kadm5/unit-test/init-test.c | 2 +-
src/lib/kadm5/unit-test/iter-test.c | 2 +-
src/lib/kadm5/unit-test/randkey-test.c | 2 +-
src/lib/kadm5/unit-test/setkey-test.c | 2 +-
src/lib/kdb/kdb5.c | 20 +-
src/lib/kdb/libkdb5.exports | 1 +
src/plugins/kdb/db2/pol_xdr.c | 75 ++---
src/plugins/kdb/db2/policy_db.h | 1 +
src/slave/kpropd.c | 2 +-
src/tests/Makefile.in | 1 +
src/tests/hist.c | 2 +-
src/tests/t_allowed_keysalts.py | 93 ++++++
src/tests/t_general.py | 16 +
35 files changed, 996 insertions(+), 220 deletions(-)
More information about the krb5-bugs
mailing list