git.tremily.us Git - krb5.git/commit

author	Tom Yu <tlyu@mit.edu>
	Fri, 12 Feb 2010 20:28:51 +0000 (20:28 +0000)
committer	Tom Yu <tlyu@mit.edu>
	Fri, 12 Feb 2010 20:28:51 +0000 (20:28 +0000)
commit	11199521554dc4a0d75a36d001900cbeb78652cf
tree	ff3da5025f0e7929b1d9fd2c2ee7a49f6c2c36d1	tree \| snapshot
parent	ae151a01c07e223353e5686503aef89fd6c5511a	commit \| diff

pull up r23716 from trunk

------------------------------------------------------------------------
r23716 | ghudson | 2010-02-11 11:07:08 -0500 (Thu, 11 Feb 2010) | 15 lines

ticket: 6660
subject: Minimal support for updating history key
target_version: 1.8
tags: pullup

Add minimal support for re-randomizing the history key:

* cpw -randkey kadmin/history now works, but creates only one key.
* cpw -randkey -keepold kadmin/history still fails.
* libkadm5 no longer caches the history key.  Performance impact
   is minimal since password changes are not common.
* randkey no longer checks the newly randomized key against old keys,
   and the disabled code to do so in setkey/setv4key is gone, so now
   only kadm5_chpass_principal_3 accesses the password history.

------------------------------------------------------------------------

ticket: 6660
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23721 dc483132-0cff-0310-8789-dd5450dbe970

doc/admin.texinfo		diff \| blob \| history
src/lib/kadm5/server_internal.h		diff \| blob \| history
src/lib/kadm5/srv/libkadm5srv_mit.exports		diff \| blob \| history
src/lib/kadm5/srv/server_kdb.c		diff \| blob \| history
src/lib/kadm5/srv/svr_principal.c		diff \| blob \| history
src/lib/kadm5/unit-test/api.current/randkey-principal.exp		diff \| blob \| history