projects / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 079eed2) | patch
Minimal support for updating history key
authorGreg Hudson <ghudson@mit.edu>
Thu, 11 Feb 2010 16:07:08 +0000 (16:07 +0000)
committerGreg Hudson <ghudson@mit.edu>
Thu, 11 Feb 2010 16:07:08 +0000 (16:07 +0000)
commitfe68c6595b7f90ec6891b4dbb0b227ee859090e5
tree4f895b242e5493408169ba48e897cc1c2859a380tree | snapshot
parent079eed2cf749702f75ddc385cf943fbab931f9d8commit | diff
Minimal support for updating history key

Add minimal support for re-randomizing the history key:

* cpw -randkey kadmin/history now works, but creates only one key.
* cpw -randkey -keepold kadmin/history still fails.
* libkadm5 no longer caches the history key.  Performance impact
  is minimal since password changes are not common.
* randkey no longer checks the newly randomized key against old keys,
  and the disabled code to do so in setkey/setv4key is gone, so now
  only kadm5_chpass_principal_3 accesses the password history.

ticket: 6660
target_version: 1.8
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23716 dc483132-0cff-0310-8789-dd5450dbe970
doc/admin.texinfo diff | blob | history
src/lib/kadm5/server_internal.h diff | blob | history
src/lib/kadm5/srv/libkadm5srv_mit.exports diff | blob | history
src/lib/kadm5/srv/server_kdb.c diff | blob | history
src/lib/kadm5/srv/svr_principal.c diff | blob | history
src/lib/kadm5/unit-test/api.current/randkey-principal.exp diff | blob | history
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.