krb5.git/src/kadmin, branch master-mechdconf Unnamed repository; edit this file 'description' to name the repository. Improve salt type display in kadmin getprinc 2014-03-26T22:12:31+00:00 Greg Hudson ghudson@mit.edu 2014-03-21T22:07:41+00:00 54c97cd0c435f78880d80541a20cf7f08928705d In krb5_salttype_to_string, output the salt type name we would recognize as input. In the output of getprinc, display the enctype and salt type in a form we would accept--either enctype:salttype if the salt type is not the default, or just the enctype if it is. Update t_mkey.py and t_salt.py to expect the new output format. Update documentation examples to show the new format. ticket: 5958 
In krb5_salttype_to_string, output the salt type name we would
recognize as input.

In the output of getprinc, display the enctype and salt type in a form
we would accept--either enctype:salttype if the salt type is not the
default, or just the enctype if it is.

Update t_mkey.py and t_salt.py to expect the new output format.
Update documentation examples to show the new format.

ticket: 5958
Check for malloc failure in process_chpw_request 2014-03-03T16:52:40+00:00 Greg Hudson ghudson@mit.edu 2014-03-02T23:12:54+00:00 4356deefa2d2fe0bc7b52f3b62a387c7ec1eb369 ticket: 7866 target_version: 1.12.2 tags: pullup 
ticket: 7866
target_version: 1.12.2
tags: pullup
In kdb5_util dump, only lock DB for iprop dumps 2014-02-26T21:33:32+00:00 Greg Hudson ghudson@mit.edu 2014-02-23T16:28:44+00:00 a2ac57b0ec230efed06fabc2d55db1fcbc6f7ea3 Revert #7384, as there are no longer policy refcounts. For iprop dumps we want to make sure that the reported serial number matches the DB state (although we could perhaps relax that requirement with enough analysis), but for non-iprop dumps we don't need any transactional guarantees. Also use the correct constant name for the locking mode (the numeric value is the same, fortunately), and only unlock the database if we successfully locked it. ticket: 7869 (new) 
Revert #7384, as there are no longer policy refcounts.  For iprop
dumps we want to make sure that the reported serial number matches the
DB state (although we could perhaps relax that requirement with enough
analysis), but for non-iprop dumps we don't need any transactional
guarantees.

Also use the correct constant name for the locking mode (the numeric
value is the same, fortunately), and only unlock the database if we
successfully locked it.

ticket: 7869 (new)
Stop generating gssapi_krb5.h 2014-02-26T21:15:20+00:00 Greg Hudson ghudson@mit.edu 2014-02-01T20:59:21+00:00 a7a2c02b618aea40ebd4f597ec956eaf0fe210f5 We started generating gssapi_krb5.h from gssapi_krb5.hin when we needed to use a 64-bit type for lucid contexts. Since we can now assume a standard name for 64-bit types, we can stop generating the header. 
We started generating gssapi_krb5.h from gssapi_krb5.hin when we
needed to use a 64-bit type for lucid contexts.  Since we can now
assume a standard name for 64-bit types, we can stop generating the
header.
Implement kadmind -proponly 2014-02-21T01:45:55+00:00 Greg Hudson ghudson@mit.edu 2014-01-26T23:11:56+00:00 2ed8ebf18809af66aeaa2af6984754bdbefff500 The -proponly option causes kadmind to only service the iprop service, not the kpasswd or kadmin services. An intermediate slave in a hierarchical iprop setup runs kadmind -proponly in order to provide incremental updates to downstream slaves. Based on code submitted by Richard Basch. ticket: 7855 
The -proponly option causes kadmind to only service the iprop service,
not the kpasswd or kadmin services.  An intermediate slave in a
hierarchical iprop setup runs kadmind -proponly in order to provide
incremental updates to downstream slaves.

Based on code submitted by Richard Basch.

ticket: 7855
Simplify ulog_map 2014-02-21T01:42:47+00:00 Greg Hudson ghudson@mit.edu 2014-01-24T21:52:47+00:00 6a4a4b7b5e3265e4a811a9fd72c2534e6c5f5fd4 Get rid of the caller parameter. The kproplog semantics (without -R) for mapping the ulog are simple and almost completely different from other users of the ulog, so implement them as a static helper in kproplog. With hierarchical iprop, kpropd will need the same semantics as FKCOMMAND and FKADMIND, which were already identical. Get rid of the db_args parameter, since ulog_map no longer opens the database after #7552. Remove an inoperative lseek() call when creating a new ulog file. Rename ulog_filesize to filesize and compute it from scratch each time we use it, for easier analysis. If kdb_hmagic is zero, init the ulog header but don't skip the rest of the function; it's possible that we need to expand the ulog file. Remove an unneeded conditional before calling extend_file_to for an existing ulog. ticket: 7855 
Get rid of the caller parameter.  The kproplog semantics (without -R)
for mapping the ulog are simple and almost completely different from
other users of the ulog, so implement them as a static helper in
kproplog.  With hierarchical iprop, kpropd will need the same
semantics as FKCOMMAND and FKADMIND, which were already identical.

Get rid of the db_args parameter, since ulog_map no longer opens the
database after #7552.

Remove an inoperative lseek() call when creating a new ulog file.
Rename ulog_filesize to filesize and compute it from scratch each time
we use it, for easier analysis.  If kdb_hmagic is zero, init the ulog
header but don't skip the rest of the function; it's possible that we
need to expand the ulog file.  Remove an unneeded conditional before
calling extend_file_to for an existing ulog.

ticket: 7855
Lock around more ulog operations 2014-02-20T20:55:49+00:00 Greg Hudson ghudson@mit.edu 2014-01-23T16:34:52+00:00 71d028f1054deb186807e7c8048218b82b478422 Always lock the ulog when accessing it. We can currently get away with some laxness on iprop slaves because they are mostly synchronous, but hierarchical iprop will allow master and slave operations to take place concurrently, requiring more strict locking. Add new functions ulog_get_last and ulog_set_last, which access the ulog header with locking, and use them in kdb5_util and kpropd. Add locking to ulog_replay and ulog_init_header. ulog_lock and ulog_sync_header are no longer used outside of kdb_log.c after these changes, so make them static functions and remove the ulog_ prefix. Add an unlock_ulog function for clarity. 
Always lock the ulog when accessing it.  We can currently get away
with some laxness on iprop slaves because they are mostly synchronous,
but hierarchical iprop will allow master and slave operations to take
place concurrently, requiring more strict locking.

Add new functions ulog_get_last and ulog_set_last, which access the
ulog header with locking, and use them in kdb5_util and kpropd.  Add
locking to ulog_replay and ulog_init_header.

ulog_lock and ulog_sync_header are no longer used outside of kdb_log.c
after these changes, so make them static functions and remove the
ulog_ prefix.  Add an unlock_ulog function for clarity.
Factor out ulog serial number status check 2014-02-20T20:55:48+00:00 Greg Hudson ghudson@mit.edu 2014-01-20T23:46:52+00:00 d1f9aa3737b2b3e62b5c5ed488d6112b7ce8a5ad Add a new function ulog_get_sno_status, which checks a serial number and timestamp against the ulog for currency. Use it in kdb5_util dump and in ulog_get_entries. Adjust parse_iprop_header's contract in dump.c to better match the ulog_get_sno_status contract. This change causes some minor behavior differences. kadmind will check for an empty ulog unless the last serial number matches exactly, and will never set lastentry when returning UPDATE_FULL_RESYNC_NEEDED (which was pointless). kdb5_util dump will recognize a dump file as current if it exactly matches the last serial number, even if the ulog is empty; it will be more robust in the presence of non-monotonic clocks; and it will properly lock around the ulog access. 
Add a new function ulog_get_sno_status, which checks a serial number
and timestamp against the ulog for currency.  Use it in kdb5_util dump
and in ulog_get_entries.  Adjust parse_iprop_header's contract in
dump.c to better match the ulog_get_sno_status contract.

This change causes some minor behavior differences.  kadmind will
check for an empty ulog unless the last serial number matches exactly,
and will never set lastentry when returning UPDATE_FULL_RESYNC_NEEDED
(which was pointless).  kdb5_util dump will recognize a dump file as
current if it exactly matches the last serial number, even if the ulog
is empty; it will be more robust in the presence of non-monotonic
clocks; and it will properly lock around the ulog access.
In kdb5_util load, init ulog closer to promote 2014-02-05T05:21:30+00:00 Greg Hudson ghudson@mit.edu 2014-01-23T15:51:21+00:00 1c0507df449ded505f54383387032db2723bd871 Always map the ulog with FKCOMMAND, not FKLOAD which reinitializes the ulog. Don't reinitialize the ulog until just before calling krb5_db_promote(). Get rid of FKLOAD since it isn't needed any more; we can just call ulog_init_header() manually. 
Always map the ulog with FKCOMMAND, not FKLOAD which reinitializes the
ulog.  Don't reinitialize the ulog until just before calling
krb5_db_promote().  Get rid of FKLOAD since it isn't needed any more;
we can just call ulog_init_header() manually.
Clean up ovsec_kadmd.c 2014-02-05T05:21:30+00:00 Greg Hudson ghudson@mit.edu 2014-01-26T21:42:50+00:00 779a335f4e2deb2d76caf7d0dd3de847a040c050 Fix code formatting issues. Use static scope when possible, and put all helper functions before main so that forward declarations aren't needed. Use GSS_KRB5_NT_PRINCIPAL_NAME instead of constructing it with gss_str_to_oid, and get rid of display_status as that was the only use. Replace large verbose function comments with concise ones. Factor out main loop setup and KDB keytab setup into helper functions. Create a helper function fail_to_start for logging and exiting on initialization failures, and use it instead of the large cleanup blocks in main. Some initialization error messages have changed; no other functional changes. 
Fix code formatting issues.  Use static scope when possible, and put
all helper functions before main so that forward declarations aren't
needed.  Use GSS_KRB5_NT_PRINCIPAL_NAME instead of constructing it
with gss_str_to_oid, and get rid of display_status as that was the
only use.  Replace large verbose function comments with concise ones.
Factor out main loop setup and KDB keytab setup into helper functions.
Create a helper function fail_to_start for logging and exiting on
initialization failures, and use it instead of the large cleanup
blocks in main.

Some initialization error messages have changed; no other functional
changes.