Increment the current API version number, document the new behavior of

randkey_principal in API version 2 (return the new kvno as well as the
keyblock).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4220 dc483132-0cff-0310-8789-dd5450dbe970

1 files changed, 7 insertions, 2 deletions

diff --git a/doc/kadm5/api-funcspec.tex b/doc/kadm5/api-funcspec.tex
index 3e2407538..eeeffc280 100644
--- a/doc/kadm5/api-funcspec.tex
+++ b/doc/kadm5/api-funcspec.tex
@@ -676,7 +676,9 @@ for this connection, to be used in all subsequent API calls.
 
 The caller should always specify OVSEC_KADM_STRUCT_VERSION for the
 struct_version argument, a valid and supported API version constant
-for the api_version argument (currently, theonly valid API version
+for the api_version argument (the version of the API specified in this
+document is OVSEC_KADM_API_VERSION_2; currently, the only other valid
+API version
 constant is OVSEC_KADM_API_VERSION_1), and a valid pointer in which
 the server handle will be stored.
 
@@ -1112,7 +1114,7 @@ life.
 \begin{verbatim}
 ovsec_kadm_ret_t
 ovsec_kadm_randkey_principal(void *server_handle, krb5_principal princ,
-                             krb5_keyblock **new_key)
+                             krb5_keyblock **new_key, krb5_kvno *new_kvno)
 \end{verbatim}
 
 AUTHORIZATION REQUIRED: modify, or the calling principal being the
@@ -1123,6 +1125,9 @@ Generate and assign a new random key to the named principal, and
 return the generated key in allocated storage.  The caller must free
 the returned krb5_keyblock * with krb5_free_keyblock.
 
+if new_kvno is non-null, the key version number of the new key is
+returned in it.
+
 If the principal's POLICY bit is set in aux_attributes and the caller does
 not have modify privilege , compliance with the password minimum life
 specified by the policy is verified and an appropriate error code is returned