| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25363 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19972 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NetIDMgr 1.2.0.2
================
nidmgr32.dll
- When the root credential set is touched, trigger an identity
refresh. This is necessary to ensure that the identity list
has a complete state of the world when the identity provider
attempts to initialize an initial default identity when none
previously existed. (see krb5cred.dll section)
- Don't set the enabled state for KHUI_ACTION_DESTROY_CRED and
KHUI_ACTION_RENEW_CRED actions. They are set elsewhere.
krb5common.obj
- Initialize variables to prevent uninitialized use.
krb4cred.dll
- Re-order controls and use CheckRadioButton() for manipulating the
radio buttons which select the ticket acquisition method.
- Use symbolic constants instead of numbers.
- If Kerberos 4 is enabled for a specific identity, then that setting
takes precedence over the global setting. The global setting is
merely a default if a per-identity setting is not specified.
However, a per-identity setting is only read for the default
identity.
- If the validity of an identity is not known, assume that it is still
being checked and don't display any credential text.
- When handling WM_COMMAND messages for the new credentials panel,
only update the data when a BN_CLICKED message is received and only
update the display if the IDC_NCK4_OBTAIN checkbox is toggled.
- Remove unused symbols from langres.h
krb5cred.dll
- When renewing an identity which was imported, first try to import it
again. If that fails to obtain newer tickets, then try initializing
the MSLSA cache and then importing again.
- Correct spelling: k5_ident_valiate_name() ->
k5_ident_validate_name().
- Refactor the code for setting an identity as the default so we can
call it internally.
- When setting the initial default identity, if there is no current
default ccache and no known last default identity, then look through
the list of ccaches with credentials and pick one with valid
tickets. If all else fails, then pick any of the ccaches.
netidmgr.exe
- Credentials Window
- Consistently use KHUI_CW_O_RELIDENT as a necessary and sufficient
indicator that the identity needs to be released when freeing an
outline node.
- Properly initialize an outline node.
- Don't group similar credentials if we aren't sorting/grouping by
any specific column.
- Use the KHUI_CW_O_EMPTY flag to indicate that an outline node
contains no children.
- Handle the case where we aren't sorting/grouping by any column.
- Make sure outline nodes have valid idx_start and idx_end values.
- Use consistent logic when painting and handling mouse hotspots.
- Don't use WS_EX_TRANSPARENT when creating the notification window.
- Use a fixed height for the notification window.
- Update the outline when the default identity changes.
- Hypertext Window
- Correctly handle the "center" attribute in the "p" element.
- Use a system brush for painting the background instead of creating
one of our own.
- Correct the handling of scroll_left and scroll_top when
calculating the coordinates for text.
- Don't check if the rectangle for the text is inside the visible
area of the window before drawing.
- Handle WM_ERASEBKGND and use a system color brush to erase the
background.
- When the size changes, force the extents to be recomputed. This
will also update the scroll bars.
- Use the proper return value after handling WM_PAINT.
- The scrollbar messages send the operation code in the low word of
wParam, not the high word.
- Use GetScrollInfo() with SIF_POS when the operation is
SB_ENDSCROLL or SB_THUMBPOSITION.
- When the hottracked link changes for a transparent window, don't
invalidate the entire parent window. Instead use
MapWindowPoints() to calculate the affected rectangle and
invalidate that.
- Misc
- Change the text of the IDS_NO_CREDS message so that it renders
better on a small window.
- Initialize COM when starting the GUI.
- When showing and hiding the main window and the new credentials
window, add a button to the task bar. This allows the user to
switch focus to the window if it's obstructed.
- Remove unused symbols from resource.h
- New Credentials Window
- Ignore the validity state of the identity when showing a password
change dialog. We don't expect the identity provider to validate
the identity when changing the password.
ticket: new
component: windows
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19426 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
================================
KfW 3.1 Alpha (NetIDMgr 1.1.11.0)
-- nidmgr32.dll
- Only one action in a menu is allowed to have KHUI_ACTIONREF_DEFAULT
flag set. This marks the action as being the default action for the
menu and will be rendered as such.
- Newly created identities start off with the KCDB_IDENT_FLAG_EMPTY
flag set. Once credentials are associated with the identity and the
identity is refreshed, the flag will be cleared.
- When creating actions, enforce the name length.
- khm_value_exists() now handles shadowed configuration spaces.
- Add new action KHUI_ACTION_LAYOUT_MINI which toggles between
'Advanced' and 'Basic' views.
- Add support for F11 and F12 keys in khui_get_cmd_accel_string().
- New option for alerts to indicate that instead of just setting the
response field in the alert, the UI should dispatch the command
that the user has selected.
-- krb5common.obj
- khm_krb5_initialize() can return a handle to a krb5_ccache that has
already been closed. Now it doesn't.
- Also import 'krb5_string_to_deltat()'.
- Work around conditioned symbol definitions in ntsecapi.h in the
Vista Platform SDK that affect Win 2000.
-- krb5cred.dll
- Don't clear the prompts when the options for an identity changes.
The prompter code relies on the prompts being around so that the
values that the user has entered can be retained if the new set of
prompts is the same as the old one.
- Use the same code in the new credentials acquisition and the
identity configuration code to obtain krb5 parameters for an
identity.
- Reset the 'IMPORTED' flag when we get new credentials using a
password.
- If the validity of a principal is not known, then we restrict the
options that can be specified when calling
krb5_get_init_creds_password() so that we can reliably determine if
the principal is valid. If we need to get new credentials for the
principal, we need to make another call using the correct options.
- The return codes from the prompter need to indicate that the
password read operation was cancelled instead of arbiraty non-zero
values.
- When reading identity settings, if a particular setting is not
defined in the registry, then default to reading the settings out of
krb5.ini.
- Refer to credentials as 'credentials' or 'tickets' instead of
'creds'.
- If an identity has imported credentials, don't import for the same
identity again.
- When importing an identity, create the identity configuration in the
registry if we don't already have any settings there.
- Work around conditioned symbol definitions in ntsecapi.h in the
Vista Platform SDK that affect Win 2000.
- Rearrange declarations for clarity.
- Use the correct APIs to parse configuration values from krb5.ini.
-- krb4cred.dll
- The dialog layout was updated to accomodate a localized string that
no longer fit in its control.
- Remove a spurious inclusion of ntsecapi.h and work around
conditioned symbol definition in the Vista Platform SDK.
-- netidmgr.exe
- Fix the menu creation code to correctly tag the default action so
that it will be rendered properly.
- Update the menu enumeration code to use documented functions instead
of accessing acton lists directly.
- Pool of per-identity actions now include a set of actions for
obtaining credentials for specific identities.
- The default action performed when the notification icon is clicked
is now configurable. When displaying the context menu in the
notification area, the default action is highlighted.
- Remove unnecessary handlers from the notifcation event handler.
- Only handle NIN_SELECT instead of both NIN_SELECT and WM_LBUTTONUP
in the notification event handler. When the user clicks the
notication icon, both events are generated. NIN_SELECT is canonical.
- When the handling NIN_BALLOONUSERCLICK in the notification event
handler, reset balloon_alert before displaying any new alerts so
that we won't overwrite it later.
- Reset the notification alert icon after displaying an alert.
- If a renewal fails, the displayed alert contains a button that the
user can click to initiate the process of acquiring new credentials
for the identity.
- Alerts can optionally dispatch the commands that were added to it
using the KHUI_ALERT_FLAG_DISPATCH_CMD flag.
- Increase the size of the About dialog.
- Correct the action text for the IDS_ACTION_OPEN_APP and
IDS_ACTION_CLOSE_APP to say 'Show' and 'Hide' instead of 'Open' and
'Close'. These actions only control the visible state of the NIM
window.
- Add additional notification which signals that the commandline has
finished processing.
- Add an 'acquire' action to the per-identity actions.
- The per identity actions (renew, destroy, acquire) now have useful
captions, names and tooltips.
- Use WM_NEXTDLGCTL message when changing the focus of dialog
controls. SetFocus() is insufficient.
- If we get a request to show a new credential acquisition dialog and
we are already showing one, bring that one to the foreground instead
of trying to display a new one or waiting quietly.
- New configuration schema for the UI that include definitions for the
new default view.
- The alerter window can now show more than one alert at once.
- If we are about to show queued alerts, then check if the alerts that
are waiting are related and if they can be grouped together. If so,
show them in a single alert window instead of multiple ones.
- If new alerts are issued while a set of alerts are being displayed
and if the new alert is related to the alerts that are being
displayed, then add the new alert to the list being displayed.
- Make sure we have a lock on the alert when we are manipulating or
accessing it.
- Set the focus to the correct control when displaying an alert.
- When adding alerts from the alert queue, make sure we iterate
through the queue properly.
- Allow keyboard navigation inside the alert window and support scroll
bars.
- Check if we have a valid code pointer before invoking a UI callback.
- Make sure the main window is in the normal configuration before
switching to a layout that rquires it.
- When moving the main window around, if it comes close to an edge of
the working area of the display, snap to it.
- Maintain two sets of settings for the main window placement. One
for the mini mode and one for the normal mode.
- When processing saved window placement information from the
configuration, handle docking hints which note which edges of the
screen the main window should be adjacent to, if any.
- Switching to the 'Basic' view disables the layout and column
selection menus.
- Position the new credentials dialog above the main window if the
main window is visible.
- The alert that is displayed to indicate that an identity has
expired, now contains a command button that can be used to invoke
the new credentials dialog for that identity.
-- source
- Update the documentation to reflect the change in behavior regarding
KHUI_ACTIONREF_DEFAULT in khui_menu_insert_action() and
khui_menu_insert_paction().
- Remove notes about menu access functions being not thread safe.
This is no longer true.
- Update the documentation for khui_alert_show() to document new
behavior regarding KHUI_ALERT_FLAG_DISPATCH_CMD.
- Update documentation to indicate which KHUI_ALERT_FLAG_* flags are
internal and document the new KHUI_ALERT_FLAG_DISPATCH_CMD flag.
- Augment the queue handling macros to support additional operations.
Also add new tree data structure with an ordered list of children.
- Code reorganization to reuse code for obtaining the caption and
tooltip for a system defined action in netidmgr.exe.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19238 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch implements the new Alert Management functionality.
Many improvements to avoid race conditions and improve resource
tracking.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19189 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update the string tables for NIM so that they are consistent.
Always use "Kerberos v5" or "Kerberos v4". Refer to credentials
instead of tickets. Do not abbreviate "Network Identity Manager".
Etc.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19066 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
KfW 3.1 final (NetIDMgr 1.1.8.0)
nidmgr32.dll (1.1.8.0)
- When detecting IP address changes, wait for things to settle down
before setting of the IP address change notification.
krb5cred.dll (1.1.8.0)
- Fixed the Kerberos 5 configuration dialog which didn't handle
setting the default realm properly. Setting the default realm now
sets the correct string in krb5.ini.
- Changing the default realm now marks the relevant configuration node
as dirty, and enabled the 'Apply' button.
- Changing the 'renewable', 'forwardable' and 'addressless' checkboxes
in the identity configuration panels now mark the relevant
configuration nodes as dirty, and enables the 'Apply' button.
- The location of the Kerberos 5 configuration file is now read-only
in the Kerberos 5 configuration dialog.
- Set the maximum number of characters for the edit controls in the
configuration dialog.
krb4cred.dll (1.1.8.0)
- The location of the Kerberos 4 configuration files are now read-only
in the Kerberos 4 configuration dialog.
- Handles setting the ticket string.
- Changing the ticket string now marks the relevant configuration node
as dirty, and enables the 'Apply' button.
- Fixed the plug-in initialization code to perform the initial ticket
listing at the end of the initializaton process.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18863 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nidmgr32.dll (1.0.2.1)
- Attempting to obtain new credentials for a principal name that
contains numbers may result in a 'Identity not specified'
error. Fixed.
- If an invalid identity name was specified, an 'Identity not
specified' error is reported without specifying that the cause was
an invalid name. Fixed: reports proper error.
- Identity names were being validated at the application layer before
being sent to the identity provider. This may cause valid names to
be marked as invalid if the identity provider and the application
disagree on what a valid name is. Fixed: identity name validation
is solely a function of the identity provider.
- Canonicalizing an identity name that contained certain characters
failed due to a validation error. Fixed.
- Possible deadlock in the new credentials dialog. (If one plugin
tries to synchronize custom prompter values from the plugin thread,
while the UI thread tries to obtain a lock on the new credentials
data, a deadlock occurs.) Fixed.
- State information for configuration panels may persist between two
invocations of the configuration window. Fixed to clean up state
information properly.
- The UI library now has full support for custom actions and custom
menus.
- When there are queued alerts and a normal alert is shown, a 'next
alert...' button appears in the alert which lets the user view the
next queued alert. However, if the alert which is displayed
requires the user to select a command button, selecting the 'next'
button would be the equivalent of cancelling out of the alert and
viewing the next one. The library was updated to not show the
'next' button if the alert requires user interaction.
- Credential renewal on half-lifes is now supported as a configurable
option.
- Destroying all credentials on exiting netidmgr is a configurable
option.
- Debug logging to a file has been added
netidmgr.exe (1.0.2.1)
- Selecting 'Ok' in the configuration window didn't notify all the
configuration panels to apply the changes. Fixed.
- PgUp / PgDn / Shift+PgUp / Shift+PgDn keys now work as expected.
- Root level configuration nodes in the Options dialog now also appear
on the Options menu. Configuration nodes that are registered at the
root level are automatically added to the menu.
- The UI now has full support for custom actions and custom menus.
- The UI does not automatically add submenus for actions which are
associated with menus unless the declaration specifies that it
should be rendered as a submenu.
- When displaying alerts, the first button of the alert is always made
the default.
- 'Change summary' button in the configuration dialog was removed,
since it was unused and unnecessary.
- Ticket icons are displayed in the status column for all credentials.
Clicking an icon opens the properties dialog for that credential.
- The UI now has View by Type functionality
- The UI now has Column selection and reorganization. The choice
of columns and their order are preserved between restarts.
- Handle multiple copies of NetIDMgr.exe being started with different
version numbers. Higher version number wins.
krb4cred.dll (1.0.2.1)
- During new credentials acquisition, under some circumstances, the
Kerberos 4 plugin would not notify NetIDMgr about the state of the
Kerberos 4 ticket acquisition. This results in other plugins (such
as AFS) which are depending on the feedback to fail. Fixed.
krb5cred.dll (1.0.2.1)
- If no password is entered while obtaining new credentials, a new TGT
will not be obtained, but the new credentials operation will not
fail if there already is a TGT. Added check to see if the TGT is
expired and fail the operation if no valid TGT is found.
- The identity provider can set the Krb5 CCName property for an
identity incorrectly if there is more than one credential cache
containing tickets for the same principal. Fixed.
- When enumerating ccaches, krb5_cc_resolve was being called with the
name of the ccache without a type prefix. Fixed.
- Tracker control usability issues due to loss of focus. Fixed.
- Realm Editor added.
- Addressed tickets can be requested as in Leash
All modules:
- removed grayed out UI components that are not being backed
by current functionality.
- new icons
- support for 64-bit Windows builds under Visual Studio 8
- proper versioning for language resources
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17712 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add new documentation files
Add new icons
Add "set default" functionality to the New Credentials dialog
Remove inconsistencies in the Options configuration dialog
Replace the menu bar so that it responds to Alt- and keyboard
shortcuts
Fix an --autoinit race condition
many more things....
ticket: new
target_version: 1.4.4
status: resolved
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17546 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All features completed except for:
* Debug Window
* KRB5.INI (aka Realm) Editor
* Column Selection
* Graphics are incomplete
* Documentation is incomplete
ticket: new
status: resolved
component: windows
target_version: 1.4.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17516 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
Initial commit of Network Identity Manager for KFW 3.0 Beta 1
ticket: new
tags: pullup
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17476 dc483132-0cff-0310-8789-dd5450dbe970
|
