| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
Clarify the krb5.conf settings default_tkt_enctypes and
default_tgs_enctypes in krb5_conf.rst.
ticket: 7513 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
In resources.rst, add links to the MIT Kerberos software and MIT
Kerberos Consortium web pages.
ticket: 7512 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
We took notes when upgrading the ZONE.MIT.EDU realm to reduce
its usage of single-DES. Use these to give examples for the upgrade
procedure, and flesh out some parts of it that were missing or
under-specified.
ticket: 7501 (new)
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
| |
Add enctypes.rst to document Kerberos enctypes, including some
considerations about configuring and choosing enctypes.
[kaduk@mit.edu: normalize formatting and describe reply keys a bit more.]
ticket: 7507 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The technique we use for inserting the feedback link in the footer
overrides the Sphinx basic/layout.html and agogo/layout.html footers
in a way that prevents us from getting the copyright link footer.
Copy the relevant part of the Sphinx basic/layout.html for now.
Add a copyright.rst that links to mitK5license.rst.
ticket: 7510 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Conditionally include the MITKC logo in the HTML output from Sphinx if
the environment variable HTML_LOGO is set. During official builds for
the web site, that environment variable will point to an appropriately
scaled copy of the MITKC logo.
Adjust HTML document colors to match logo.
ticket: 7504 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Remove hardcoded dimensions from a few CSS parameters to prevent
layout problems when readers resize their browsers to have a narrower
window.
Set a max-width: 60em on the main content so that text remains
readable on wide browser windows.
ticket: 7503 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
It is confusing when the codepath for the production doc build
involves calling functions with names like "test". Rename things
which are in active use so that routines which are actually only
used for testing are more discernable as such.
ticket: 7505 (new)
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't print out every node processed (or not processed) in the
doxygen-Sphinx bridge, nor print out a summary of how many types
or functions were processed.
While here, tell doxygen to be quiet in its output as well, and
not print out each file that is generated. It still outputs
warnings, though.
ticket: 7495 (new)
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
| |
ticket: 7500 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Add princ_dns.rst to document the interactions of host-based Keberos
service principal names and DNS.
ticket: 7498 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
In init_creds.rst, document how to get anonymous credentials from an
application.
ticket: 7496 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We currently do not have any warnings. Let us keep it that way by
making warnings fatal in maintainer-mode (and configurable on the
buildslaves). Using sphinx-build -W also causes errors to be reported
in the exit status and picked up by make, which is quite useful.
In order to allow the build bot to use -W but end-users to not use it,
SPHINX_ARGS must be passed on the command line; it cannot be set by
the convenience target 'htmlsrc'. Document this.
ticket: 7468 (new)
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of requiring the user to specify srcdir, top_srcdir, PYTHON,
and possibly more in the future, make an 'htmlsrc' target that does so
for them.
This also lets us do the clean in the same step, so that only one
command is required of the user.
ticket: 7491 (new)
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The macro KRB5_KEYUSAGE_PA_REFERRAL was defined in an early revision
of draft-ietf-krb-wg-kerberos-referrals but did not make it into
RFC 6806. We retain the definition so as to not break code implementing
the early draft, but need not document it.
Likewise, the krb5_octet_data structure and krb5_free_octet_data routine
are marked as having been originally introduced for PKINIT and "Do not
use this." They are in fact unused, and should not be documented, but
the actual definitions must remain for compatibility.
ticket: 7489 (new)
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
| |
We do not have any files with extension "rxt".
ticket: 7471 (new)
title: typo in exclude_patterns for notice build
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
| |
We play games with hidden toctrees in the RST source to avoid
Sphinx warnings; make sure that they do not affect the rendered
output.
ticket: 7467 (new)
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Our css only displays up to depth 3 of the toctree, partially
because the API reference content explodes at depth 4 and that would
not be pretty to see in the sidebar. However, we would previously
always generate HTML for the full toctree and hide parts with CSS.
For the apiref, this proved to be about 65k per html file, and we
have one html file per function/type/macro.
Limit the depth of the toctree that gets generated to save on space
in the release tarball.
Unfortunately, there seems to be a Sphinx bug wherein the toctree
will only be generated to depth 1 for a document at a depth greater
than the maxdepth of the toctree, so the sidebar table of contents
on individual apiref pages will just be the toplevel toctree.
This issue is being tracked at
https://bitbucket.org/birkenfeld/sphinx/issue/1046/
ticket: 7466 (new)
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Old versions of docutils will see inline markup (e.g., :ref:`foo`)
at the beginning of a line in the content of a directive block
and attempt to interpret that markup as options or arguments
to the directive. RST intended as inline markup (as opposed to
modifying the behavior of the directive) will not be interpretable
in this context, and causes Sphinx to emit a warning.
Work around this behavior by always leaving a blank line before
the content of a directive block, forcing it to be interpreted
as content and not options or arguments.
The buggy behavior was only encountered in note environments, but
for consistency of style, also reformat warning and error blocks.
Note the new style constraint in doc/README.
ticket: 7469 (new)
title: doc buildslave generates sphinx warnings
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reorder the IRC channel listing so #kerberos is first. (Developers
form a smaller part of our audience for this documentation set.)
Remove some details that are available on the wiki and not of interest
to non-developers.
Add a pointer to the wiki.
Fix minor grammar errors in Archives.
ticket: 7482 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Link to the database.rst description of policy objects when talking
about them. Briefly mention the "default" policy. Link to the
kadmin_local.rst description of policy fields when referencing them.
Describe policy fields more briefly, and expand the kadmin_local.rst
descriptions where appropriate.
ticket: 7480 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
| |
ticket: 7477 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
| |
The DEFCCNAME, DEFCKTNAME and DEFKTNAME configuration options are
subjects to parameter expansion. Also note that this feature
was first introduced in release 1.11.
ticket: 7472
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
| |
Also, change the reference for Camellia enc type to rfc6803 and
do minor table re-formatting.
ticket: 7456
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were two of them, for notice.rst and mitK5license.rst.
The former is included in the latter, which is linked to from
the mitK5features document but not listed in a table of contents
otherwise. Includes are processed unconditionally, so we can
add notice.rst to the exclude_patterns array (formerly unused_docs)
and its content will still be included.
If we attempt to do the same for mitK5license.rst, it is not processed
at all, and the attempt to link to it will fail. Instead, put a dummy
table of contents in the mitK5features document (which links to the
license document), with the "hidden" attribute. This satisfies the
Sphinx need to know where all the input documents are without changing
the displayed table of contents.
ticket: 7447
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some convenience macros are referring to and dereferencing pointers,
and Sphinx will get a bit confused trying to interpret this as markup.
There should never be any markup intended to be interpreted in the
value of a macro definition, so we can silence this class of
warnings by treating them as literals. (In some sense, they actually
are literals, too.)
This will cause a warning for macros that only cause a
symbol to be defined, that is, a literal "#define MACRO" with no
initializer, due to the lack of body in the inline-literal markup.
Such macros should probably be added to the exclude list for conversion
to reStructuredText in the Doxygen-Sphinx bridge, as was already
done for KRB5_OLD_CRYPTO. Support code to programmatically omit
macros of this sort is deliberately *not* included, so that explicit
action must be taken when a new macro is to be undocumented.
Also, strip leading and trailing whitespace from the macro name,
since this causes problems with the markup.
ticket: 7447
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
| |
Compress them onto one line for printing in the generated table.
ticket: 7447
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Doxygen will pick up every function, macro, and typedef defined
in krb5.h; some of these may not actually be part of the public
API for one reason or another. Provide hardcoded exclude lists
for macro/function/type names for which we do not want to emit
reStructuredText documentation, and check these lists when processing
the Doxygen XML output.
Seed these lists with the macros TRUE, FALSE, KRB5_OLD_CRYPTO,
KRB5_GENERAL__, KRB5_CALLCONV, KRB5_CALLCONV_C, KRB5_CALLCONV_WRONG,
KRB5INT_BEGIN_DECLS, KRB5INT_END_DECLS, and KRB5_ATTR_DEPRECATED,
and typedefs krb5_cc_ops and krb5_responder_context. The booleans
are compatibility cruft that we do not want to advertise, and the other
macros are for internal use for signalling and platform compatibility.
The typedefs are functioning just as forward declarations.
For consistency, remove KRB5_OLD_CRYPTO.rst from the macros index; it
had no content even when we did generate it.
ticket: 7447
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Doxygen documentation seems to claim that adjacent @note entries
will be collapsed into a single "note" element, as separate paragraphs.
This seems to be reflected in the XML output: multiple <para> entries
in a single <simplesec kind="note"> with a <simplesecsep/> element
between them.
Our XML-to-RST converter gets the entire contents of the simplesec
element, parsed into a unicode string with a single newline between
paragraphs. Paragraphs seem to always start with two spaces, though
I have not tracked down the origin of this behavior. Prior to this
commit, we would just output this entire unicode string directly.
Since our template puts a tab character before the note string, this
means that the first paragraph is indented by a tab and two spaces,
and the second paragraph by just two spaces. Sphinx warns about this,
as "block did not end with blank line; unexpected whitespace", and
the paragraphs are indented differently within the note.
Fix the warning by checking for newlines in the interior of the
parsed unicode string, and introducing the appropriate whitespace
for the Sphinx parser.
ticket: 7447
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sphinx-build defaults to the 'tabulary' environment for tables,
but uses regular 'tabular' for those involving literal blocks,
since tabulary does not handle them properly. It seems that this
deficiency of tabulary also applies to inline literals, which
are rendered as \code{} sections by the latex builder.
Fortunately, sphinx provides a workaround to force a particular
column specification for the table.
The requirement for a table:: statement after the tabularcolumns::
statement is very poorly documented.
ticket: 7447
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
| |
It should not be bracketed in whitespace.
ticket: 7447
tags: pullup
target_version: 1.11
|
| |
|
|
| |
ticket: 7464
|
| |
|
|
|
|
|
|
| |
The current position of the Release tag is in the body of the main page
of the Sphinx html. Move it to the footer. This way the release number
can be viewed from every page.
ticket: 7462
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Quick facts section:
- restructure the Supported platforms section;
- do not tie KfW to 1.11 release;
- move references to GSS-API extensions to Feature list table.
In Feature list section:
- reformat the table;
- move PRNG and Pre-auth mechanisms into their own tables;
- clarify GS2 feature description;
- reference rfc6680 for GSS-API naming extensions.
Lowercase the words in the title of the document.
ticket: 7455
|
| |
|
|
|
|
| |
ticket: 7451 (new)
tags: pullup
target_version: 1.11
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add camellia256-cts-cmas and camellia128-cts-cmac to the default
permitted_enctypes, default_tkt_enctypes, and default_tgs_enctypes
lists, to simplify deployment of Camellia. The new enctypes still
aren't on supported_enctypes, so won't be in the set of long-term keys
for principals without administrator intervention.
ticket: 7446 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
We try to restrict non-ASCII to names.
Python does not accept U+2013 EN DASH as indicating a command-line
argument; U+2D HYPHEN-MINUS is required.
Replace U+201C LEFT DOUBLE QUOTATION MARK and U+201D RIGHT
DOUBLE QUOTATION MARK with ordinary ASCII quotes.
ticket: 7433
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We like these names better, and they match the PDF document filenames.
admins -> admin
appldev -> appdev
users -> user
and catch up where the names are used elsewhere.
The relay/ directory has been removed, with its contents moved to the
top level in build_this.rst and a new about.rst.
The section headers for kadmind, krb5kdc, sserver, kpasswd, kswitch,
and sclient are misdetected as conflict markers.
bigredbutton: whitespace
ticket: 7433
tags: pullup
|
| |
|
|
|
| |
ticket: 7433
tags: pullup
|
| |
|
|
|
|
|
|
| |
The full release string includes RELTAIL from patchlevel.h; it
is useful to know whether we are on a pre- or post-release branch.
ticket: 7433
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
We do not want one giant PDF document; we want separate PDFs for
our various components.
The features document cannot be included in the list because the
generated LaTeX for tables with empty cells does not compile.
ticket: 7433
tags: pullup
|
| |
|
|
|
|
|
|
|
|
| |
Generate the NOTICE file using the main conf.py, by using a special
tag when invoking sphinx-build.
While here, add notice.txt to the list of files removed by make clean.
ticket: 7433
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Sphinx's idea of the version number appears in the man pages and
compiled PDF documents, and shows up as metadata in the generated
HTML sources.
Extract the version information from the master source (patchlevel.h)
into a form usable by Sphinx.
ticket: 7433
tags: pullup
|
| |
|
|
|
|
| |
ticket: 7439 (new)
target_version: 1.11
tags: pullup
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Remove the potentially misleading "experimental" annotation on the
description of the Camellia encryption feature. Also update the I-D
version to match the IESG-approved version.
ticket: 7437 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
| |
ticket: 7436 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
| |
ticket: 7429 (new)
target_version: 1.11
tags: pullup
|
| |
|
|
|
|
| |
ticket: 7424 (new)
target_version: 1.11
tags: pullup
|
| | |
|
