Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
From: ghudson@mit.edu
Subject: SVN Commit
X-RT-Original-Encoding: iso-8859-1
Content-Length: 899


Add minimal support for re-randomizing the history key:

* cpw -randkey kadmin/history now works, but creates only one key.
* cpw -randkey -keepold kadmin/history still fails.
* libkadm5 no longer caches the history key.  Performance impact
  is minimal since password changes are not common.
* randkey no longer checks the newly randomized key against old keys,
  and the disabled code to do so in setkey/setv4key is gone, so now
  only kadm5_chpass_principal_3 accesses the password history.


https://github.com/krb5/krb5/commit/fe68c6595b7f90ec6891b4dbb0b227ee859090e5
Commit By: ghudson
Revision: 23716
Changed Files:
U   trunk/doc/admin.texinfo
U   trunk/src/lib/kadm5/server_internal.h
U   trunk/src/lib/kadm5/srv/libkadm5srv_mit.exports
U   trunk/src/lib/kadm5/srv/server_kdb.c
U   trunk/src/lib/kadm5/srv/svr_principal.c
U   trunk/src/lib/kadm5/unit-test/api.current/randkey-principal.exp