summaryrefslogtreecommitdiffstats
path: root/src/kadmin/dbutil/kdb5_mkey.c
Commit message (Collapse)AuthorAgeFilesLines
* Include autoconf.h before system headersGreg Hudson2014-07-081-2/+1
| | | | | | | | | Include autoconf.h (either directly or via proxy) before system headers, so that feature test macros defined there can affect the system namespace. Where include order was changed, eliminate some redundant or unnecessary includes. ticket: 7961
* Use retval, not errno, when stashing master keysBen Kaduk2013-11-041-1/+1
| | | | | | The krb5_db_store_master_key{,_list} functions return a krb5_error_code, and do not necessarily set errno on failure. Use the correct variable while reporting errors with com_err().
* Simplify kdb5_list_mkeys actkvno list retrievalGreg Hudson2013-10-251-34/+12
| | | | | After recent changes, krb5_dbe_lookup_actkvno cannot yield an empty list and cannot return KRB5_KDB_NOACTMASTERKEY.
* Use active master key in update_princ_encryptionGreg Hudson2013-10-251-10/+5
| | | | | | | | | kdb5_util update_princ_encryption should update to the active master key version, not the most recent. ticket: 6507 target_version: 1.12 tags: pullup
* Fix typos in kdb5_util master key command outputsGreg Hudson2013-10-251-5/+5
| | | | | | | | | | kdb5_util list_mkeys was beginning lines with "KNVO" instead of "KVNO". kdb5_util purge_mkeys was displaying "follwing" instead of "following" for both dry-run and normal cases. ticket: 7730 (new) target_version: 1.12 tags: pullup
* Don't reopen the KDB in update_princ_encryptionGreg Hudson2013-07-311-0/+12
| | | | | | | | | | kdb5_util update_princ_encryption iterates over the KDB and writes modified entries. With the DB2 back end, the first write operation has to upgrade the lock and reopen the DB, which resets the cursor state. Take out an explicit write lock before iterating to avoid this step. ticket: 7684 (new)
* Fix various warningsGreg Hudson2013-06-071-3/+1
|
* Only store master mey list in DAL handleGreg Hudson2012-03-211-14/+20
| | | | | | | | | | | | | | r24314 (#6778) created a hybrid owernship model for the master key list, with one virtual copy stored in the DAL handle and one provided to the caller of krb5_db_fetch_mkey_list. Replace this with a model where only the DAL handle owns the list, and a caller can get access to an alias pointer with a new function krb5_db_mkey_list_alias(). Functions which previously accepted the master key list as an input parameter now expect to find it in the DAL handle. Patch by Will Fiveash <will.fiveash@oracle.com>. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25781 dc483132-0cff-0310-8789-dd5450dbe970
* Instead of passing a 0 to add_new_mkey for kvno and leavingKen Raeburn2011-09-051-1/+3
| | | | | | | | | | new_mkey_kvno (used when stashing) uninitialized, use get_next_kvno to set the latter to the only non-zero value that add_new_mkey will accept. ticket: 6617 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25148 dc483132-0cff-0310-8789-dd5450dbe970
* Mark up strings for translationGreg Hudson2011-06-101-106/+126
| | | | | | ticket: 6918 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24961 dc483132-0cff-0310-8789-dd5450dbe970
* Remove count parameters from get_principal, put_principal,Greg Hudson2010-07-061-110/+45
| | | | | | | | | | | free_principal, delete_principal, and get_policy. Make get_principal allocate the DB entry container. Fold krb5_db_get_principal_ext into krb5_db_get_principal. ticket: 6749 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24175 dc483132-0cff-0310-8789-dd5450dbe970
* Rename krb5_dbekd_encrypt_key_data and krb5_dbekd_decrypt_key_data toGreg Hudson2010-07-021-15/+11
| | | | | | | | | just use the krb5_dbe prefix. ticket: 6749 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24164 dc483132-0cff-0310-8789-dd5450dbe970
* When we display enctypes, display the input name rather than theGreg Hudson2010-06-081-2/+2
| | | | | | | | | description. Affects klist -e, kdb5_util list_mkeys, kdb5_util stash (error message), kadmin getprinc, kadmin ktadd, and ktutil list -e. ticket: 5014 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24122 dc483132-0cff-0310-8789-dd5450dbe970
* Fix minor error-handling bug in r23676Greg Hudson2010-01-311-1/+1
| | | | | | ticket: 6650 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23679 dc483132-0cff-0310-8789-dd5450dbe970
* Handle migration from pre-1.7 databases with master key kvno != 1Greg Hudson2010-01-281-2/+8
| | | | | | | | | | | | | | | | | | | | krb5_dbe_lookup_mkvno assumes an mkvno of 1 for entries with no explicit tl_data. We've seen at least one pre-1.7 KDB with a master kvno of 0, violating this assumption. Fix this as follows: * krb5_dbe_lookup_mkvno outputs 0 instead of 1 if no tl_data exists. * A new function krb5_dbe_get_mkvno translates this 0 value to the minimum version number in the mkey_list. (krb5_dbe_lookup_mkvno cannot do this as it doesn't take the mkey_list as a parameter.) * Call sites to krb5_dbe_lookup_mkvno are converted to krb5_dbe_get_mkvno, except for an LDAP case where it is acceptable to store 0 if the mkvno is unknown. ticket: 6650 target_version: 1.7.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23676 dc483132-0cff-0310-8789-dd5450dbe970
* Reindent after making fixes for emacs-23Tom Yu2009-11-031-4/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23123 dc483132-0cff-0310-8789-dd5450dbe970
* make mark-cstyleTom Yu2009-10-311-77/+77
| | | | | | make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
* Several small fixes to enable the migrate mkey commands to work properly ↵Will Fiveash2009-03-101-0/+5
| | | | | | | | | with a LDAP KDB. See the ticket for more details ticket: 6405 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22073 dc483132-0cff-0310-8789-dd5450dbe970
* deal with memleaks in migrate mkey projectWill Fiveash2009-02-051-96/+107
| | | | | | | | | | | | | Ken R. told me that Coverity found several potential memleaks introduced by the mkey migration project. This addresses those leaks and tweaks the code formatting in a few places. ticket: 6371 Version_Reported: 1.7 Target_Version: 1.7 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21900 dc483132-0cff-0310-8789-dd5450dbe970
* new multi-masterkey support doesn't work well when system clock is setWill Fiveash2009-02-041-53/+65
| | | | | | | | | | back The ticket contains the details. ticket: 6361 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21884 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unnecessary pointer casts in args to free,memcpy,memset,memchr except ↵Ken Raeburn2009-02-021-2/+2
| | | | | | unicode, windows code git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21875 dc483132-0cff-0310-8789-dd5450dbe970
* fix resource leakKen Raeburn2009-01-311-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21849 dc483132-0cff-0310-8789-dd5450dbe970
* don't use uninitialized variableKen Raeburn2009-01-311-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21847 dc483132-0cff-0310-8789-dd5450dbe970
* don't double-freeKen Raeburn2009-01-311-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21845 dc483132-0cff-0310-8789-dd5450dbe970
* Master Key Migration ProjectWill Fiveash2009-01-301-0/+1419
Commit for the Master Key Migration Project. http://k5wiki.kerberos.org/wiki/Projects/Master_Key_Migration This commit provides the ability to add a new master key (with an enctype differing from the current master key) to the master key principal and stash file and then migrate the encryption of existing principals long term keys to use the new master key. In addition deletion of master keys is provided. ticket: 6354 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21844 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-27 11:31:53 +0000