[krbdev.mit.edu #7385] SVN Commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Wed Jan 9 15:41:48 EST 2013
Allow principals to refer to nonexistent policies
Stop using and maintaining the policy_refcnt field, and do not try to
prevent deletion of a policy which is still referenced by principals.
Instead, allow principals to refer to policy names which do not exist
as policy objects; treat those principals as having no associated
policy.
In the kadmin client, warn if addprinc or modprinc tries to reference
a policy which doesn't exist, since the server will no longer error
out in this case.
https://github.com/krb5/krb5/commit/0780e46fc13dbafa177525164997cd204cc50b51
Author: Greg Hudson <ghudson at mit.edu>
Commit: 0780e46fc13dbafa177525164997cd204cc50b51
Branch: master
src/include/kdb.h | 2 +-
src/kadmin/cli/kadmin.c | 49 ++-
src/kadmin/dbutil/dump.c | 29 +-
src/lib/kadm5/admin.h | 2 +-
src/lib/kadm5/srv/svr_policy.c | 11 -
src/lib/kadm5/srv/svr_principal.c | 229 ++++---------
.../kadm5/unit-test/api.current/crte-principal.exp | 4 +-
.../kadm5/unit-test/api.current/dlte-policy.exp | 5 +-
.../kadm5/unit-test/api.current/dlte-principal.exp | 76 ----
.../kadm5/unit-test/api.current/mod-principal.exp | 369 +-------------------
src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c | 7 -
src/tests/dejagnu/krb-standalone/kadmin.exp | 3 +-
src/tests/kdbtest.c | 3 +-
13 files changed, 125 insertions(+), 664 deletions(-)
More information about the krb5-bugs
mailing list