summaryrefslogtreecommitdiffstats
path: root/src/kadmin/dbutil/ChangeLog
blob: 7d110fb7db5ae480c713ffc866c35cc1578e00a4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
2005-06-20  Ken Raeburn  <raeburn@mit.edu>

	* Makefile.in (KDB_DEP_LIB): Use DL_LIB and THREAD_LINKOPTS
	instead of explicitly using -ldl and -lpthread.

	Novell merge.
	* Makefile.in:
	* dump.c:
	* kadm5_create.c:
	* kdb5_create.c:
	* kdb5_destroy.c:
	* kdb5_stash.c:
	* kdb5_util.c:
	* kdb5_util.h:
	* ovload.c:

2004-08-27  Ken Raeburn  <raeburn@mit.edu>

	* loadv4.c (enter_in_v5_db): Terminate argument list of
	krb5_build_principal with NULL, not 0.  Patch from Nalin
	Dahyabhai.

2004-06-15  Tom Yu  <tlyu@mit.edu>

	* kadm5_create.c (add_admin_princs): Create kadmin/fqdn
	principal.

2003-04-23  Ken Raeburn  <raeburn@mit.edu>

	* kdb5_destroy.c, kdb5_stash.c: Don't declare errno.

2003-01-07  Ken Raeburn  <raeburn@mit.edu>

	* Makefile.ov: Deleted.

2002-11-05  Tom Yu  <tlyu@mit.edu>

	* dumpv4.c (v4init):
	* loadv4.c (dumpfile;): Remove trailing colon, as new implementation
	of des_read_password() appends it.

2002-08-29  Ken Raeburn  <raeburn@mit.edu>

	* Makefile.in: Revert $(S)=>/ change, for Windows support.

2002-08-23  Ken Raeburn  <raeburn@mit.edu>

	* Makefile.in: Change $(S)=>/ and $(U)=>.. globally.

2002-08-23  Tom Yu  <tlyu@mit.edu>

	* dump.c (dump_db): Update usage comment.  Add "-rev" and
	"-recurse" flags to permit reverse and recursive dumping of the
	database, respectively.  Check for dump filename beginning with
	"-" to avoid accidental dumps to such filenames.

	* kdb5_util.c (usage): Update to match reality, primarily by
	updating the "dump" usage, but also showing global options before
	the command, which is how they were being interpreted anyway.

	* kdb5_util.M: Update to match reality.  Document "-mkey_convert",
	"-new_mkey_file", "-rev", and "-recurse" options to "dump".
	Document "dump to stdout" behavior.  Show global options before
	the command.  Make some formatting fixes.  s/binary tree/btree/
	since the btree back end is actually an n-ary tree.

2002-08-14  Jen Selby <jenselby@mit.edu>

	* dump.c: added -mkey_convert and -new_mkey_file to the usage
	comment

2002-07-31  Tom Yu  <tlyu@mit.edu>

	* dump.c (master_key_convert): Iterate over freeing
	key_data->key_data_contents[j] rather than attempting to free
	key_data->key_data_contents.

2002-07-29  Jen Selby  <jenselby@mit.edu>

	* kdb5_util.M: added documentation for some options.

2002-07-15  Ezra Peisach  <epeisach@bu.edu>

	* dump.c (dump_ov_princ): Remove variable set but unused.

2002-04-05  Ken Raeburn  <raeburn@mit.edu>

	* kdb5_stash.c (kdb5_stash): Call krb5_c_valid_enctype instead of
	valid_enctype.
	* kdb5_util.c (main, open_db_and_mkey): Likewise.
	* loadv4.c (load_v4db): Likewise.

2002-01-08  Sam Hartman  <hartmans@mit.edu>

	* kdb5_create.c (kdb5_create): Load strong random data

2001-10-26  Ezra Peisach  <epeisach@mit.edu>

	* dump.c (dump_db): Pass krb5_boolean instead of char * as
	argument to kb5_db_fetch_mkey().

2001-10-23  Tom Yu  <tlyu@mit.edu>

	* loadv4.c (fixup_database): Don't set SUPPORT_DESMD5 anymore.

2001-10-09  Ken Raeburn  <raeburn@mit.edu>

	* dump.c, kdb5_create.c, kdb5_util.h, loadv4.c, tcl_wrapper.c:
	Make prototypes unconditional.

2001-07-16  Ken Raeburn  <raeburn@mit.edu>

	* string_table.c (str_INITING_KCONTEXT): Variable deleted.
	* string_table.h (str_INITING_KCONTEXT): Declaration deleted.
	* kadm5_create.c (kadm5_create, kadm5_create_magic_princs): Don't
	use str_INITING_KCONTEXT, instead provide (different!) messages
	more appropriate to the actual code.

2001-06-29  Ezra Peisach  <epeisach@mit.edu>

	* nstrtok.h: New file with prototype for nstrtok.

	* ovload.c: Include nstrtok.h

	* strtok.c: Include nstrtok.h for prototype. Declare delim as
	const char * argument. Delete rcsid. 

	* string_table.c: Delete rcsid.

	* kadm5_create.c (build_name_with_realm): Declare static.

2001-06-21  Ezra Peisach  <epeisach@mit.edu>

	* kdb5_util.c (main): Change optarg to koptarg to prevent
	shadowing of getopt function.

2001-06-20  Ezra Peisach  <epeisach@mit.edu>

	* kdb5_create.c: Include <krb5/adm_proto.h> for
	krb5_keysalt_iterate() prototype.

2001-06-20  Mitchell Berger  <mitchb@mit.edu>

	* kdb5_create.c (kdb5_create): Fixed typo in com_err message.

2001-06-18  Ezra Peisach  <epeisach@mit.edu>

	* dump.c (name_matches): Cleanup warning of assignments in
	conditionals.

2001-06-18  Ezra Peisach  <epeisach@mit.edu>

	* dump.c: Include regex.h if exists and if HAVE_REGCOMP
	defined. Preior to this, regex.h was never included.

2001-06-08  Ezra Peisach  <epeisach@mit.edu>

	* dumpv4.c: Pass C_Block * to des_read_password() as per prototype.

	* loadv4.c: Include k5-int.h before des.h for des_read_password
	prototype. Pass C_Block * to des_read_password() as per prototype.

	* kdb5_util.h: Add prototype for usage.

	* kdb5_create.c, kdb5_destroy.c, kdb5_stash.c: Include kdb5_util.h
	for usage() prototype.

2001-06-04  Ezra Peisach  <epeisach@mit.edu>

	* kadm5_create.c: Add prototype for static
	add_admin_princs(). Cleanup calling of add_admin_princs() to be
	consistant with prototype.

	* kdb5_create.c, kdb5_stash.c, kdb5_destroy.c: Cleanup assignments
	in conditionals.

Mon Feb 26 15:01:27 2001  Ezra Peisach  <epeisach@mit.edu>

	* loadv4.c, ovload.c, kdb5_util.h, kdb5_util.c, kadm5_create.c,
 	dumpv4.c, dump.c: Compiler warning cleanup including prototypes,
 	assignments in conditionals, unused variables, varaibles shadowing
 	one-another.

2001-02-08  Tom Yu  <tlyu@mit.edu>

	* loadv4.c: Remove references to KRB_NEVERDATE.

2001-02-05  Tom Yu  <tlyu@mit.edu>

	* kdb5_util.M: Fix some formatting nits and document new flags
	controlling dump formats.

2000-10-17  Ezra Peisach  <epeisach@mit.edu>

	* kdb5_create.c (kdb5_create): Argument to krb5_read_password
	changed to unsigned int.

2000-10-16  Tom Yu  <tlyu@mit.edu>

	* kdb5_util.M: Update manpage.

	* kdb5_util.c (usage): Update usage message.

	* dumpv4.c (dump_v4_iterator): Add logic to deal with long
	lifetimes, as well as optionally using short lifetimes.

	* loadv4.c (load_v4db): Add logic to deal with long lifetimes, as
	well as optionally using short lifetimes.

	* kadm5_create.c (kadm5_create_magic_princs): Add calls to
	krb5_klog_init() and krb5_klog_close() to avoid coredumping if
	kadm5_init() calls krb5_klog_syslog().

2000-07-05  Ken Raeburn  <raeburn@mit.edu>

	* dump.c: Various message char arrays turned into macros, to
	permit gcc to verify format strings and arguments match.  
	(k5beta6_dump_header, k5beta7_dump_header): Deleted.
	(dump_ov_princ): Use %lx for aux_attributes.

2000-06-30  Tom Yu  <tlyu@mit.edu>

	* dump.c: Add a new dump version, r1_3_version, and make it the
	default; it will be used in krb5-1.3 and will permit a principal's
	kadm5 data to be dumped.  This is an interim measure until we
	redesign the dump format somewhat.

2000-05-31  Wilfredo Sanchez  <tritan@mit.edu>

	* ovload.c: Check for existance of <memory.h>.
	[from Nathan Neulinger <nneul@umr.edu>]

1999-10-26  Wilfredo Sanchez  <tritan@mit.edu>

	* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
	LOCAL_INCLUDES such that one can override CFLAGS from the command
	line without losing CPP search patchs and defines. Some associated
	Makefile cleanup.

1999-07-06  Ken Raeburn  <raeburn@mit.edu>

	* kdb5_util.c (main): Do try using com_err in the case that
	krb5_init_context fails, instead of fprintf of the error number.

1998-11-13  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* Makefile.in: Set the myfulldir and mydir variables (which are
		relative to buildtop and thisconfigdir, respectively.)

Tue Nov  3 16:28:23 1998  Tom Yu  <tlyu@mit.edu>

	* dump.c: Fix up to work with new crypto API.

1998-10-27  Marc Horowitz  <marc@mit.edu>

	* dumpv4, loadv4.c, kdb5_create.c, kdb5_stash.c, kdb5_util.c,
	kadm5_create.c: convert to new crypto api

Wed Sep 30 00:02:01 1998  Theodore Y. Ts'o  <tytso@mit.edu>

	* dump.c: Add support for changing the master key for a database
		as part of creating a dump of the database.

Thu Aug 20 16:50:00 1998  Tom Yu  <tlyu@mit.edu>

	* kdb5_util.c (add_random_key): Fixes to deal with absence of "-e"
	flag.

Wed Aug 19 14:52:40 1998  Tom Yu  <tlyu@mit.edu>

	* kdb5_util.c (add_random_key): New function to create a new
 	random key for a principal while retaining the previous kvno's
 	keys.  This is only temporary until a reasonable kadm5 interface
	is made.

1998-05-06  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* kdb5_stash.c (argv): 
	* kdb5_destroy.c (kdb5_destroy): 
	* kdb5_create.c (kdb5_create): POSIX states that getopt returns -1
		when it is done parsing options, not EOF.

Fri Feb 27 23:32:38 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* Makefile.in: Changed thisconfigdir to point at the kadmin
 		directory, since we've moved all of the configure.in
		tests to the toplevel kadmin configure.in

Wed Feb 18 15:55:06 1998  Tom Yu  <tlyu@mit.edu>

	* Makefile.in: Remove trailing slash from thisconfigdir.  Fix up
 	BUILDTOP for new conventions.

Mon Feb  2 17:02:29 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile

Sun Nov  2 19:09:17 1997  Ezra Peisach  <epeisach@mit.edu>

	* kdb5_util.c: Add flag indicating that policy db is to be closed.
  		Change '-f" option to "-sf" to indicate stash file on
 		command line.

	* kdb5_stash.c (kdb5_stash): Indicate that policy db should be
	 	closed, free context when done.
	
	* kadm5_create.c (kadm5_create): Fix up memory leaks.

Wed Oct 22 15:39:38 1997  Ezra Peisach  <epeisach@mit.edu>

	* tcl_wrapper.c: Include either tcl.h or tcl/tcl.h

Fri Jul 25 15:46:24 1997  Tom Yu  <tlyu@mit.edu>

	* loadv4.c:
	* kdb5_create.c:
	* kdb5_destroy.c:
	* dump.c: Update to new kdb API.

Thu Jul 17 12:25:41 1997  Ezra Peisach  <epeisach@mit.edu>

	* dump.c (process_k5beta_record): Change variables from char to
		krb5_octet to match types in krb5_key_data.

	* ovload.c (process_ov_principal): Change "more" variable to
		krb5_boolean as argument to krb5_db_get_principal. 

Wed Mar 12 01:19:51 1997  Theodore Y. Ts'o  <tytso@mit.edu>

	* loadv4.c (argv): Check to see if the global_param's stash file
		is non-NULL before trying to strdup() it.  [PR#341, PR#394]

Tue Feb  4 21:17:09 1997  Tom Yu  <tlyu@mit.edu>

	* Makefile.in:
	* configure.in: Update to new program build procedure.

Tue Dec  3 16:04:24 1996  Barry Jaspan  <bjaspan@mit.edu>

	* kdb5_util.c: fix multiply defined globals [krb5-admin/260]

Wed Nov 13 00:06:40 1996  Mark Eichin  <eichin@cygnus.com>

	* dump.c (load_db): lock the database directly (having fixed the
	lock/unlock code) to avoid reopening on every record.

Mon Nov 11 16:50:25 1996  Mark Eichin  <eichin@cygnus.com>

	* kadmin/dbutil dumpv4 expiration ("never") fixes
	* kadmin/dbutil loadv4 stashfile, default fixes

	Fri Sep 27 18:45:43 1996  Mark Eichin  <eichin@cygnus.com>

	* dump.c (read_string): fgetc doesn't return char.
	
	Wed Sep 11 23:45:11 1996  Mark Eichin  <eichin@cygnus.com>

	* loadv4.c (enter_in_v5_db): set last_pwd_change from the
	mod_time, not only the mod_princ_data.
	
	Wed Sep 11 00:02:33 1996  Mark Eichin  <eichin@cygnus.com>

	* dumpv4.c (dump_v4_iterator): detect expiration time of "never"
	and fill in a reasonable default (namely, the Cygnus 96q1 default
	of 12/31/2009.)

	* loadv4.c (v4_dump_find_default): New function. Scans a dumpfile
 	for a "default" entry, which was probably created at kdb_init time
 	and probably hasn't changed from either the MIT default of
 	12/31/1999 or the Cygnus 96q1 default of 12/31/2009.  Check for
 	either value, and replace it with 0, which is understood as
 	"never" in V5.  If verbose is set (-v flag), log either the match
	or the non-matching value.
	(process_v4_dump): new argument default_exp_time, the value found
 	by v4_dump_find_default, actually performs the replacement of
	matching entries.
	(load_v4db): call v4_dump_find_default to get the default
	expiration time.
	* kdb5_util.M: document the above changes.

	Sun Sep  8 01:02:47 1996  Mark W. Eichin  <eichin@kitten.gen.ma.us>

	* kdb5_util.c (usage): document load_v4 -s stashfile.
	(main): fix typo in usage message.
	* kdb5_util.M: document load_v4, including new options, removing
	previously eliminated -f option.
	* loadv4.c (load_v4db): support -s stashfile option.

Thu Nov  7 20:53:17 1996  Tom Yu  <tlyu@mit.edu>

	* configure.in: Remove spurious WITH_KRB4.

Tue Nov  5 16:16:53 1996  Barry Jaspan  <bjaspan@mit.edu>

	* dump.c (load_db): minor fix to code that verifies the specified
 	load version matches the file (autodetect worked anyway)

Fri Oct 18 14:23:41 1996  Barry Jaspan  <bjaspan@mit.edu>

	* dump.c (load_db): osa_adb_rename_policy_db will create the db,
 	so this function doesn't have to [krb5-admin/58]

	* dump.c (dump_k5beta6_iterator): don't dump tl types that are
 	special to us and the previous version did not understand
 	[krb5-admin/89]

Tue Oct  8 13:35:56 1996  Barry Jaspan  <bjaspan@mit.edu>

	* dump.c (load_db): rework the way policy database naming and
 	renaming is handled; the code no longer depends on being able to
 	specify admin_dbname specifically (which is no longer supported by
 	the libraries), uses osa_adb_rename_policy instead of doing it
 	directly, and will create a policy db if one does not already
 	exist.  Automated testing is needed. [krb5-admin/62]

	* dump.c (load_db): rename osa_adb_rename_policy to *_db

Thu Oct  3 18:17:36 1996  Barry Jaspan  <bjaspan@mit.edu>

	* kdb5_util.c (ARG_VAL): case second half of ?: operator to char *
 	to fix problem on AIX; this should have worked anyway because of
 	the , operator but it is easy enough to force the solution, too.
	[krb5-admin/41]

Tue Sep 10 14:16:40 1996  Tom Yu  <tlyu@mit.edu>

	* kdb5_edit.M: remove extra args from .TH

	* kdb5_util.M: remove ".so man1/header.doc"

Mon Sep  9 11:06:29 1996  Theodore Y. Ts'o  <tytso@mit.edu>

	* loadv4.c: Don't call get_config_params again, since it's not
 		necessary, and breaks the policy database name if it is
 		manually set.

Wed Sep  4 17:34:58 1996  Theodore Y. Ts'o  <tytso@mit.edu>

	* loadv4.c (load_v4db): Fix argument parsing so that it actually works!
		Eliminated the -f option, as it is superfluous.  Don't
		create the policy database if using the -t option, since
		it'll already exist.

	* kdb5_util.c (usage): Fix usage message so that it's correct for
	 	load_v4.

Tue Sep  3 22:12:54 1996  Theodore Y. Ts'o  <tytso@mit.edu>

	* Makefile.in (install): Fixed typo: ($PROG) -> $(PROG)

Thu Aug 29 11:57:09 1996  Barry Jaspan  <bjaspan@mit.edu>

	* dump.c (dump_db): don't compare apples and iguanas

Sat Aug 24 21:14:45 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* loadv4.c, kdb5_stash.c: Removed unused variable rparams.

Fri Aug 16 12:00:56 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* configure.in: Link with the GSSAPI library, since it's needed
		for shared libraries.

Mon Aug 12 11:41:57 1996  Barry Jaspan  <bjaspan@mit.edu>

	* kdb5_util.c: make mkey_password non-static

	* kdb5_create.c: use global mkey_password

Mon Aug  5 21:24:47 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* kdb5_stash.c (kdb5_stash): Ignore (expected) failure in stashing
		key when key not already present in returning exit status.

Mon Aug  5 14:36:47 1996  Barry Jaspan  <bjaspan@DUN-DUN-NOODLES>

	* all files: reworked for non-ss usage; kdb5_util_ct.ct and
        ss_wrapper.c are now obsolete

Thu Aug  1 14:34:51 1996  Barry Jaspan  <bjaspan@DUN-DUN-NOODLES>

	* dump.c, kadm5_create.c, kdb5_create.c: create policy database
        and kadm5 principals when loading a databas

	* loadv4.c: create empty policy database after loading V4 dump file

	* dumpv4.c (dump_v4db): use global_params.stash_file

	* Makefile.in, Makefile.ov, configure.in, dump.c: add support for
        dump/load of OV*Secure-compatible format.

Wed Jul 31 14:55:38 1996  Tom Yu  <tlyu@mit.edu>

	* kdb5_stash.c (kdb5_stash): Declare optind.

Tue Jul 30 17:51:24 1996  Samuel D Hartman  (hartmans@vorlon)

	* configure.in: Use gssapi library.

Sat Jul 27 02:16:01 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>
	* kdb5_create.c (kdb5_create): Ignore (expected) failure in
		open_db_and_mkey when creating database in returning exit
		status.

Wed Jul 24 02:57:16 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* loadv4.cdumpv4.c : Fixes for Athena Kerberos

Wed Jul 24 02:47:07 1996  Sam Hartman  <hartmans@mit.edu>

	* configure.in: Check for kdc.h and krb_db.h for Athena Kerberos.

Tue Jul 23 17:03:42 1996  Tom Yu  <tlyu@voltage-multiplier.mit.edu>

	* Makefile.in: add dependency for kdb5_util_ct.o

Thu Jul 18 19:22:04 1996  Marc Horowitz  <marc@mit.edu>

	* configure.in: removed SS_RULES

Wed Jul 10 19:43:22 1996  Marc Horowitz  <marc@mit.edu>

	* dumpv4.c (configure.in, Makefile.in): make autoconf work after
 	barry's carnage

Sun May 12 00:27:44 1996  Marc Horowitz  <marc@mit.edu>

	* loadv4.c (enter_in_v5_db, add_principal), kdb5_edit.c
 	(create_db_entry, modent), dumpv4.c (dump_v4_iterator), dump.c
 	(dump_k5beta_iterator, process_k5beta_record): convert to use new
 	krb5_dbe_* tl_data functions.

	* cpw.c (enter_pwd_key): krb5_dbe_cpw() takes a kvno now.

Tue May  7 23:16:57 1996  Marc Horowitz  <marc@mit.edu>

	* configure.in: USE_KADM_LIBRARY replaced by USE_KADMSRV_LIBRARY

Thu Apr 11 19:32:36 1996  Richard Basch  <basch@lehman.com>

	* kdb5_edit.c (extract_v4_srvtab): Use the matching key_data's kvno;
	don't assume that key_data[0]'s kvno is necessarily the matching
	key_data's kvno.

Wed Apr 10 19:17:58 1996  Richard Basch  <basch@lehman.com>

	* kdb5_edit.c (extract_v4_srvtab): Translate the principal name to
	the common V4 name.

Tue Mar 19 18:00:58 1996  Richard Basch  <basch@lehman.com>

	* kdb5_edit.c (extract_v4_srvtab): do not test to make sure we
	fetched a key of enctype 1 (des-cbc-crc), since we may have gotten
	another des key from the database, which is just as useful in a
	v4 srvtab

	* dumpv4.c (dump_v4_iterator): use krb5_524_conv_principal to do the
	v5 to v4 principal translation, instead of having yet another
	hard-coded table.

Wed Mar  6 16:17:20 1996  Richard Basch  <basch@lehman.com>

	* dumpv4.c: The V4 master key & schedule was never initialized,
	so the dump created by dump_v4db was garbage.	Read the V4
	master key from /.k or prompt for the V4 master key password.
	  If there is no V4-salt key in the database, but there is a DES
	key, include it in the V4 dump, in case it is merely a random 
	service key for which there is no associated password.
	  Skip over K/M in the V5 database (use the entered V4 master key).
	  Both krbtgt and afs keys often have domain-qualifed instances.

Tue Mar  5 12:18:22 1996  Richard Basch  <basch@lehman.com>

	* dump.c: POSIX locking requires that the file be opened read-write.

Mon Feb 26 22:42:09 1996  Mark Eichin  <eichin@cygnus.com>

	* kdb5_edit.c: new command line option -f stashfile.
	* kdb5_edit.M: document stashfile option.

Mon Feb 26 22:13:45 1996  Mark Eichin  <eichin@cygnus.com>

	* dump.c (process_k5beta_record): since V4 salt type has no data
 	either, only set key_data_ver to 1 for data_type 0 with 0-length
 	salt. Also, don't include alternate key if akey has all-zero type
	and length in both fields.

Sat Feb 24 04:02:18 1996  Mark W. Eichin  <eichin@cygnus.com>

	* dump.c (process_k5beta_record): encrypted keys used to have 4
	byte lengths in MSB order, need to convert to 2 byte LSB order
	lengths before storing. Handle primary key and alternate key.

Fri Feb 23 18:44:10 1996  Mark Eichin  <eichin@cygnus.com>

	* kdb5_edit.c (kdb5_edit_Init): set manual_mkey for testing with -P

Wed Feb 14 09:52:18 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* kdb5_edit.c (enter_master_key, set_dbname_help): If master key
		enctype is unknown, set to DEFAULT_KDC_ENCTYPE.

Tue Feb 13 16:08:07 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* kdb5_edit.c (extract_v4_srvtab): krb5_dbekd_decrypt_key_data
		takes krb5_key_data *, not **.

Tue Jan 30 18:28:57 1996  Mark Eichin  <eichin@cygnus.com>

	* dump.c (load_db): dbrenerr_fmt prints "from" first, so pass it
	to fprintf correctly.

Sun Jan 28 14:31:47 1996  Mark Eichin  <eichin@cygnus.com>

	* dump.c (process_k5_record): t2..t9 is only 8 vars, not 9.

Thu Jan 25 16:07:42 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* kdb5_edit.c (extract_srvtab): Extract *all* the keys in a
        dbentry, not the first one.
	(extract_v4_srvtab): Attempt to find the right v4 keys.

Wed Jan 24 18:48:38 1996  Tom Yu  <tlyu@dragons-lair.MIT.EDU>

	* Makefile.in: Remove spurious @DEFS@


Wed Dec 13 03:44:58 1995  Chris Provenzano (proven@mit.edu)

        * dump.c, dumpv4.c, kdb5_edit.c, loadv4.c : 
		Remove mkvno from krb5_db_entry.

Sun Dec 10 11:07:51 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* kdb5_edit.M: Document that modent exists

	* kdb5_edit.c (modent): Add usage as suggested by jhawk@mit.edu.

Thu Nov 09 17:05:57 1995  Chris Provenzano (proven@mit.edu)

        * kdb5_edit.c : Remove krb5_enctype from krb5_string_to_key() args.

Fri Oct 27 13:37:04 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* dump.c (process_k5_record): Fix off by one in malloc.

Mon Oct  9 16:35:19 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* kdb5_edit.c (extract_v4_srvtab): Extract a one byte version
		number for v4 srvtabs (from warlord).

Thu Oct  5 10:35:35 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* cpw.c: Declare std_ks_tuple as extern.
	* kdb5_edit.h: Remove std_ks_tuple declaration as not all sources
		include adm.h for structures

Tue Oct  3 23:10:57 1995  Theodore Y. Ts'o  <tytso@dcl>

	* cpw.c (enter_rnd_key, enter_pwd_key):
	* kdb5_edit.c (kdb5_edit_Init): Use the kdc.conf file to determine
		the default list of keysalt tuples to be used.  This is
		stored in std_ks_tuple, and is used by cpw.c for random
		keys and when a list of keysalts is not specified.

Mon Sep 18 03:59:47 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* kdb5_edit.c (show_principal): Show key version and last password
		change. 

	* cpw.c: Fix typo in below change in which list was terminated
		after third entry. (extra } removed)

Fri Sep 15 14:21:25 1995  Theodore Y. Ts'o  <tytso@dcl>

	* cpw.c: Add DES_CBC_MD5 and DES_CBC_CRC with the V4 salt as
		default key/salt tuples to be added.  (Once proven's DES_*
		folding code is implemented, we can shorten this list.)
		Eventually, this list should be read in from kdc.conf.

Thu Sep  7 20:41:24 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* loadv4.c (load_v4db): Provide a dummy routine if krb4
		compatibility is not compiled in. 

Wed Sep 06 14:20:57 1995   Chris Provenzano (proven@mit.edu)

        * cpw.c, dump.c, dumpv4.c, kdb5_edit.c, loadv4.c : 
		s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g

Tue Sep 05 22:10:34 1995   Chris Provenzano (proven@mit.edu)

        * cpw.c, dump.c, dumpv4.c, kdb5_edit.c, loadv4.c : Remove krb5_enctype 
		references, and replace with krb5_keytype where appropriate.

Fri Aug 25 17:37:33 EDT 1995	Paul Park	(pjpark@mit.edu)
	* dumpv4.c - Fix handle_keys().  It was trying to recreate work that
		has already been done.
	* Makefile.in, .Sanitize, loadv4.c, kdb5_ed_ct.ct - Add lddb4, the
		command to load a v4 dump file.  This is basically, kdb5_
		convert reconstituted to fit within the framework of kdb5_edit.

Thu Aug 24 19:28:39 1995  Theodore Y. Ts'o  <tytso@dcl>

	* .Sanitize: Update file list

Mon Aug 21 16:45:39 EDT 1995	Paul Park	(pjpark@mit.edu)
	* dump.c - Completely rework this logic to support old (e.g. Beta 5
		and previous) dump format and new dump format using the same
		commands.  This is differentiated by using the "-old" command
		qualifier.

	* kdb5_edit.M - Add description of -R and -s.  Remove "ascii represen-
		tation of a decimal number".  Remove "Bugs".

Fri Aug 18 17:06:06 EDT 1995	Paul Park	(pjpark@mit.edu)

	* ss_wrapper.c - Change sense of fgets() check so scripts work.


Tue Aug 15 14:22:50 EDT 1995	Paul Park	(pjpark@mit.edu)

	* kdb5_edit.c, ss_wrapper.c, cpw.c, kdb5_edit.h - Add support for
		-s scriptfile and fix up assorted gcc -Wall complaints.


Mon Aug 7 17:32:31 EDT 1995	Paul Park	(pjpark@mit.edu)
	* cpw.c - Use krb5_string_to_keysalts() to generate a list of unique
		key/salt pairs supplied in argv.


Mon Aug 07 11:16:03 1995  Chris Provenzano   (proven@mit.edu)

	* cpw.c : Uses new kdb change password routines for ank, ark, cpw,
		and crk. Also remove v4 variants of ank and cpw.
	* krb5_edit.c : Deleted old variants of rotuines now in cpw.c
	* kdb5_ed_ct.ct, kdb5_edit.M, tcl_wrapper.c: 
		Removed references to v4 variants of ank and cpw.
	* kdb5_edit.h (enter_pwd_key()) : Removed proto, it's nolonger 
		necessary as it's a static routine in cpw.c

Thu Aug 03 12:13:50 1995  Chris Provenzano   (proven@mit.edu)

	* cpw.c : New change password code for kdb5_edit.
	* dumpv4.c : Get it to compile with new kdb format.

Mon Jul 31 15:47:30 EDT 1995	Paul Park	(pjpark@mit.edu)
	* kdb5_edit.c - Use libkadm string conversion routines.  These are
		shared by all utilities.
	* Makefile.in - Remove getdate.y.
	* configure.in - Remove getdate.y dependency checks.
	* getdate.y - Sayonara.


Thu Jul 27 15:01:01 EDT 1995	Paul Park	(pjpark@mit.edu)
	* configure.in - Add --with-dbm and check for already checking for dbm.


Thu Jul 27 02:59:05 1995   Chris Provenzano (proven@mit.edu)

        * dump.c kdb5_edit.c kdb5_edit.h util.c : Use new kdb format.

Mon Jul 17 15:00:08 EDT 1995	Paul Park	(pjpark@mit.edu)
	* configure.in - Add KADM library.
	* dumpv4.c - Change calling sequence to krb5_db_fetch_mkey().
	* kdb5_edit.c - Change calling sequence to krb5_db_fetch_mkey() which
		uses the stash file.  Add KDC profile reading/handling as a
		supplement to command line supplied arguments.


Wed Jul 12 12:01:04 EDT 1995	Paul Park	(pjpark@mit.edu)
	* configure.in - Temporarily add --with-kdb4 option.  Default is without
		kdb4.  Without kdb4 enables a define.  With kdb4 uses -lkdb4 and
		-l[n]dbm libraries.
	* dumpv4.c -  Conditionalize references to kdb4 routines with
		KDB4_DISABLE.  Replace two required routines:
			kdb_encrypt_key -> pcbc_encrypt
			kdb_get_master_key -> des_read_password/printf/key_sched


Fri Jul 7 15:38:00 EDT 1995	Paul Park	(pjpark@mit.edu)
	* Makefile.in - Remove all explicit library handling and LDFLAGS.
	* configure.in - Add USE_<mumble> and KRB5_LIBRARIES.


Thu Jun 15 15:34:59 EDT 1995	Paul Park	(pjpark@mit.edu)
        * Makefile.in - Change explicit library names to -l<lib> form, and
                change target link line to use $(LD) and associated flags.
                Also, for K4, use KRB4_LIB and KRB4_CRYPTO_LIB, these wer
                split out.
        * configure.in - Add shared library usage check.

Fri Jun  9 18:14:43 1995    <tytso@rsx-11.mit.edu>

	* configure.in: Remove standardized set of autoconf macros, which
		are now handled by CONFIG_RULES.

	* dumpv4.c: Change name of controlling #ifdef to be
		KRB5_KRB4_COMPAT instead of KRB4.

Sun May 21 14:20:32 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* dumpv4.c: Include k5-int.h before krb.h so that PROTOTYPE is not
		redefined. 

Sun May  7 13:46:30 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* configure.in: Add AC_HEADER_STDC to define STDC_HEADERS for
		getdate.y. 

Mon May  1 13:36:41 1995  Theodore Y. Ts'o  (tytso@dcl)

	* kdb5_edit.c (kdb5_edit_Init): Check the return code from
		kdb5_init_context().

Fri Apr 28 18:04:26 1995  Mark Eichin  <eichin@cygnus.com>

	* Makefile.in (LOCAL_LIBRARIES): put KRB4_LIB inside KLIB, and put
	KDB4_LIB ahead of them both.

Thu Apr 27 13:47:23 1995  Mark Eichin  <eichin@cygnus.com>

	* Makefile.in (LOCAL_LIBRARIES): use KRB4_LIB and KDB4_LIB
	directly.
	* configure.in: just use WITH_KRB4.

Wed Apr 19 13:59:47 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* kdb5_edit.c (kdb5_edit_Init): If a default realm is specified
		(with -r), use krb5_set_default_realm so that created keys
		will have the correct realm.

Thu Mar 23 23:28:26 1995  Theodore Y. Ts'o  <tytso@dcl>

	* kdb5_edit.c (show_principal, parse_princ_args): Add
		"support_desmd5" flag.

Tue Mar 14 16:29:05 1995    <tytso@rsx-11.mit.edu>

	* ss_wrapper.c (main): Set the return code from ss_execute_line(),
		so that appropriate error checking is done.

Thu Mar  2 12:18:57 1995  Theodore Y. Ts'o  <tytso@dcl>

	* Makefile.in (ISODELIB): Remove reference to $(ISODELIB).

Wed Mar  1 11:53:02 1995  Theodore Y. Ts'o  <tytso@dcl>

	* configure.in: Remove ISODE_INCLUDE, replace check for -lsocket
		and -lnsl with WITH_NETLIB check.

Tue Feb 28 02:06:26 1995  John Gilmore  (gnu at toad.com)

	* dump.c, dumpv4.c, kdb5_edit.c, ss_wrapper.c, tcl_wrapper.c,
	util.c: Avoid <krb5/...> includes.

Thu Feb 23 19:52:35 1995  Mark Eichin  (eichin@cygnus.com)

	* kdb5_edit.c: add struct timeb and sys/timeb includes from
	getdate.y.
	(ftime): new function, in case we don't HAVE_FTIME.

Tue Feb 14 17:55:47 1995  Tom Yu  (tlyu@dragons-lair)

	* kdb5_edit.c: add modent
	* getdate.y: import get_date
	* kdbt_ed_ct.ct: add modent
	* configure.in:
	* Makefile.in: support for getdate.y

Wed Feb  8 20:08:36 1995  Tom Yu  (tlyu@dragons-lair)

	* kdb5_edit.c (show_principal): make sane and print all useful
	fields

Wed Jan 25 16:54:40 1995  Chris Provenzano (proven@mit.edu)

        * Removed all narrow types and references to wide.h and narrow.h

Fri Jan 13 15:23:47 1995  Chris Provenzano (proven@mit.edu)

    * Added krb5_context to all krb5_routines

Mon Dec 19 18:04:11 1994  Theodore Y. Ts'o  (tytso@dcl)

	* configure.in:
	* Makefile.in:
	* dumpv4.c (dump_v4db): Do the right thing if we are compiling
		without V4 support.  (The dump_v4db command is disabled.)

Wed Dec  7 00:07:46 1994    <tytso@rsx-11.mit.edu>

	* dumpv4.c (v4_print_time): gmtime expects a pointer to a time_t,
		not a long. On most systems these are the same, on
		others.... 

Wed Nov 16 01:03:42 1994  Mark Eichin  (eichin@cygnus.com)

	* dumpv4.c: new file. New command dump_v4db which creates a v4
	slave dump out of a v5 database, leaving out any keys which aren't
	using v4 salt, and any keys that aren't for the current
	realm. Reencrypts using v4 master key, synthesizes arbitrary
	master key version number.
	* configure.in: use WITH_KRB4 for dump support.
	* kdb5_ed_ct.ct: add new dump_v4 command.
	* Makefile.in: link in dumpv4.

Fri Oct 14 23:31:49 1994  Theodore Y. Ts'o  (tytso@dcl)

	* dump.c (load_db): When scanning a database entry, read
		fail_auth_count into a temporary integer variable, and
		then copy that into entry.fail_auth_count, which is a
		char.  

Fri Oct  7 00:01:40 1994  Theodore Y. Ts'o  (tytso@dcl)

	* kdb5_edit.c (kdb5_edit_Init): Don't let errors in
		set_dbname_help initially cause the exit status to be set.
		Commands like load_db don't need a valid database to be
		opened.

	* ss_wrapper.c (main): Clear code before ss_execute_line, since
		ss_execute_line doesn't set code to 0 if there are no
	problems. 

	* kdb5_edit.c (kdb5_edit_Init): Add a new option so that the
		master key password can be entered on the command line ---
		for testing only; not documented!!

Mon Oct  3 19:10:47 1994  Theodore Y. Ts'o  (tytso@dcl)

	* Makefile.in: Use $(srcdir) to find manual page for make install.

Thu Sep 29 15:52:22 1994  Theodore Y. Ts'o  (tytso@dcl)

	* dump.c (update_ok_file): Make sure mod time on the dump_ok file
		is updated.  (Some systems don't update the mod-time when
		a file is opened for writing.)

	* Makefile.in: Relink executable when libraries change.

	* kdb5_edit.c (show_principal): Pass variable with correct type to
		ctime().

	* tcl_wrapper.c (doquit):
	  ss_wrapper.c (main):
	  kdb5_edit.c:
	  dump.c: Exit with a non-zero exit status if there was an error
	  	  in a executed command.

Thu Sep 15 11:00:30 1994  Theodore Y. Ts'o  (tytso@dcl)

	* dump.c (load_db): Fix error string on failed fopen. ("for
		writing" -> "for reading")