| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
Start with a capital letter and end with a full stop, making
the description a sentence (or at least close to one).
|
| |
|
|
|
|
| |
The target principal and restrictions arguments are not orthogonal;
a target principal argument must be given in order for a restriction
list to be supplied.
|
| |
|
|
|
|
|
|
|
| |
It is an eggregious security violation to give all admin principals
admin rights and then give all null instances permission to change
the password of the associated admin instance.
While here, don't assume that admin and root are the only non-null
instances, and correct the formatting of an entry with restrictions.
|
| |
|
|
| |
Make it a special note in the documentation to help it stand out.
|
| |
|
|
| |
Grammar fixup and avoid jargon.
|
| |
|
|
|
|
|
|
|
| |
Fix kpropd -S -t to actually exit after processing one connection (it
was breaking out of the switch statement, not the while loop). Use
the -t when invoking kpropd from the dejagnu test framework;
previously it was unnecessary because kpropd -S -d exited after one
connection. Clear up some confusion in the kprop.exp comments about
whether kpropd is expected to exit.
|
| |
|
|
|
| |
Tweak the wording a bit to be more clear and avoid using multiple
words deriving from the stem "use" in close succession.
|
| |
|
|
|
|
|
|
|
| |
Even though they are subject to vulnerabilities via DNS spoofing
and we accordingly don't recommend their use, we do have the code
to use them. Just as we document dns_lookup_realm in krb5.conf(5),
document them here.
ticket: 7407
|
| | |
|
| |
|
|
|
|
|
|
| |
Now that the install guide make rules are removed, nothing references
build.texinfo or install.texinfo any more (other than the tgz target,
which is updated accordingly).
ticket: 7408
|
| |
|
|
|
|
| |
Towards removing the texinfo docs entirely.
ticket: 7408
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Its content has been migrated to or superseded by the RST documentation,
split amongst krb_build and various sections of krb_admins.
A few portions of the texinfo document are simply no longer relevant
and do not need to be migrated. In particular:
It's 2012; we don't need to specify that we require a C89 compiler.
It's 2012; it will be easy to get enough disk to build krb5.
The KADM5 tests are part of 'make check' and don't need separate
documentation.
Shared library support is not limited to "a few operating systems".
We do not need to document incompatibilities with ancient/dead OSes.
kadmind4 and v5passwdd are no longer relevant.
ticket: 7408
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There are, unfortunately, still some single-DES deployments out
there. Try to help them along by documenting a procedure for
migrating to stronger crypto.
The texinfo install guide had a section on "upgrading", but it was
not really suitable for direct import into a RST document. For one,
it gave a high profile to the on-disk incompatibilities in upgrades
to 1.1 and 1.2. It also was driven at upgrading *to* triple-des (or RC4),
which are something of a dead-end. This new text attempts to be more
general and applicable to today's environment.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It's a slightly less-contrived use case of the utility than the
other example, which reads more like a usage statement.
Give a motivating sentence before each example, and note that this
new example is not needed in the general upgrade case.
The need to dump/load for upgrades prior to 1.2 was documented in
the texinfo install guide, but not in any RST sources until now.
ticket: 7407
|
| |
|
|
|
|
|
|
|
|
| |
The Camellia enctypes and cksumtypes have received IANA assignments.
Add #defines using those assignments to krb5.h, remove the CAMELLIA
conditional, and enable testing code as appropriate.
The Camellia draft has not received an RFC number yet, so there is no
Doxygen markup for the enctype and cksumtype #defines. That can be
added once the RFC number is known.
|
| |
|
|
|
|
|
|
|
| |
The Texinfo install guide had a separate subsection about the DejaGnu
tests which did not get converted to the RST source.
In the testing section, also link to the wiki page on manual testing.
ticket: 7407
|
| |
|
|
|
|
| |
It is unused; send-pr.texinfo supercedes it at the moment anyway.
ticket: 7408
|
| | |
|
| |
|
|
|
|
|
| |
Both the Python and dejagnu iprop tests are slow since they use sleeps
to give kpropd time to do its work (although we can fix this with some
work). Since the Python tests cover the same ground as the dejagnu
tests, we don't need both.
|
| |
|
|
| |
ticket: 7374
|
| |
|
|
|
|
|
| |
Add a start_kpropd() method to K5Realm and make start_kadmind() use the
kadmind -p, -K, and -F options.
ticket: 7378
|
| |
|
|
|
|
| |
Not really: only when the KDB backend lacks a delete method. Still.
ticket: 7403
|
| |
|
|
|
|
|
| |
We absolutely do not want a parking brake on the kprop protocol as
described in the comment being removed. Instead the kprop command
should be fixed so it doesn't die on error (assuming it even still does
or ever did, neither of which I've checked).
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a kdb5_util load gets killed between rename()ing the new KDB file
into place and resetting the iprop ulog then the ulog can reflect the
pre-load state, which will almost certainly be incorrect.
This matters because we want to impose a timeout on full resyncs in
kpropd when iprop dictates that a full resync is needed, and the
simplest timeout scheme involves signaling the kdb5_util load process.
But also, we want no such races in general.
The fix is simple: re-initialize the ulog before renaming the new KDB
file into place, then proceed as usual. If the ulog is not properly
updated at the end of the load it will at least always result in
subsequent iprop get updates operations always indicating that a full
resync is required.
ticket: 7399
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently kadmind allows slaves to poll for updates as often as they
like, but not within 10s of the last update. This means that iprop will
appear to fail to synchronize the KDC at any site whose master KDC
processes at least one write transaction every 10 seconds consistently.
The original intention must have been to throttle iprop clients (slave
KDCs) that poll too often. But UPDATE_BUSY as implemented is not that,
and implementing a throttle would be difficult (requires keeping state
in a table) and mostly useless (admins can manage their poll timers just
fine without a throttle in kadmind).
ticket: 7369
|
| |
|
|
|
|
|
|
|
|
|
| |
If a master KDC uses only a 64-bit libkadm5srv then there is no reason
to impose any limit on ulog size: the practical maximum will be given by
the filesystem and available storage space.
Even when using a 32-bit libkadm5srv the maximum practical ulog size
will be found easily enough when mmap() fails.
ticket: 7368
|
| |
|
|
| |
ticket: 7375
|
| |
|
|
| |
ticket: 7384
|
| |
|
|
| |
[ghudson@mit.edu: split out from previous commit]
|
| |
|
|
| |
ticket: 7370
|
| |
|
|
| |
ticket: 7376
|
| |
|
|
| |
ticket: 7379
|
| |
|
|
|
|
|
|
|
|
|
|
| |
New options:
-p path-to-kdb5_util
-K path-to-kprop
-F dump-file
These are needed for testing without first having to install.
ticket: 7372
|
| |
|
|
| |
Make DPRINT a varargs macro and add some new debug prints.
|
| |
|
|
| |
ticket: 7377
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use a global dump (the default dump file) for full syncs for iprop.
When a slave asks for a fullsync we kprop the existing global dump to it
if that is good enough, else we dump the DB and send the new global
dump.
Before this change kadmind would run kdb5_util dump -i... each time a
slave asked for a full dump. This was done in a sub-process,
thankfully, but it was still a waste of time and storage (e.g., if one
has a huge KDB).
Also, long dump times might cause a slave to give up (the timeout for
this is now configurable). But since iprop dumps bear a serial number
and timestamp and since slaves will resync from that point forward, it
doesn't matter if the dump we send a slave is fresh as long as it is
fresh enough (i.e., that its sno and timestamp are in the ulog).
Also:
- Rename dumps into place instead of unlink, create, write (but we
still keep the dump ok files as lock files and as a method of
signaling to kprop that the dump is complete).
ticket: 7371
|
| |
|
|
|
|
|
| |
Add additional debug output and syslogs. Remove "kpropd:" from
syslogs. Always call openlog(). Clean up C style of a few messages.
[ghudson@mit.edu: split and combine commits; commit message]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Make kpropd in iprop mode fork a child to listen for kprops from the
master. The child writes progress and outcome reports to the parent
for each kprop. This fixes a race between asking for a full resync
and setting up a listener socket for it.
- Add runonce (-t) for kpropd do_standalone() too.
- Add a new iprop parameter: iprop_resync_timeout. kpropd will keep
asking for incremental updates while waiting for a full resync to
finish, and will re-request a full resync if kadmind continues to
indicate that one is needed after this timeout passes since the
previous full resync was requested.
- Allow polling intervals less than 10 seconds.
[ghudson@mit.edu: split out debug output changes; note polling interval
change in commit message]
ticket: 7373
|
| |
|
|
|
|
|
|
|
|
|
| |
util/cstyle-file.py checks a file for C style issues and displays
line-by-line output. It is not terribly sophisticated, and can
probably be improved upon (e.g. by doing an emacs batch-reindent of
the file and checking for differences in indentation).
util/cstyle.py produces diffs using git, runs the file checker on each
modified C source file in each diff, and displays the output lines
attribute to the diff.
|
| |
|
|
|
|
|
|
|
|
|
| |
RFC 6680 requires that gss_export_name_composite begin the output
token with 04 02. So we must produce a composite token even if the
name has no authdata, and be able to consume a composite token with no
authdata attributes.
[ghudson@mit.edu: expanded commit message]
ticket: 7400 (new)
|
| |
|
|
|
|
|
|
|
|
| |
An interposer mech needs to be able to handle multiple mechanisms.
When importing a mech token for a name, cred, or context, the
interposer mech needs to know the mech type of the token being
imported. To make this work, add SPI calls which accept a mech type
argument.
[ghudson@mit.edu: Stylistic changes, commit squashing, commit message]
|
| |
|
|
|
|
|
|
|
|
| |
Wherever a GSSAPI mechglue function accepts a mech OID from the
caller, use gssint_select_mech_type() to choose the mechanism to use.
Wherever a mechglue function outputs a mech OID to the caller, use
gssint_get_public_oid() or gssint_make_public_oid_set() to expose the
public mech OID.
[ghudson@mit.edu: Stylistic changes, commit squashing, commit message]
|
| |
|
|
|
|
|
|
|
|
| |
Add gssint_select_mechanism() to determine what mechanism to use for a
caller-specified OID, gssint_get_public_oid() to determine what
mechanism to expose to the caller, and gssint_make_public_oid_set to
translate an array of mech OIDs into a set of public OIDs. In
gssint_get_mechanism(), match interposed OIDs as well as real ones.
[ghudson@mit.edu: Stylistic changes, commit squashing, commit message]
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Extend the syntax of the gss mech config file to allow a module type
delimited by triangle brackets. If the module type is "interposer",
flag the mechanism entry as being an interposer mechanism. A module
marked as an interposer is loaded immediately (so it can interpose a
built-in mechanism) and produces a list of OIDs to interpose.
Interposer mechanisms are not exposed to applications.
[ghudson@mit.edu: Stylistic changes, commit squashing, commit
message]
|
| |
|
|
|
|
|
|
|
|
| |
Changes in r25660 inadvertently failed to insert TGS-REPs into the
lookaside cache. Call finish_dispatch_cache() at the end of
dispatch() to handle this case.
ticket: 7388 (new)
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Executables and shared libraries should have a file version, so
that the upgrade process works as expected.
ticket: 7386 (new)
tags: pullup
target_version: 1.10.4
|
| |
|
|
|
|
|
|
|
|
| |
Actually expand the OUTPRE variable instead of just using a literal
string.
ticket: 7387 (new)
subject: Windows build leaves (OUTPRE)/krb5ccNN.res in ccapi/lib/win/srctmp
tags: pullup
target_version: 1.10.4
|
| |
|
|
|
| |
FILES is unused in util/{ss,et}/Makefile.in; some other unused
variables were nearby.
|
