Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.427 (Entity 5.427) From: ghudson@mit.edu Subject: git commit RT-Send-CC: X-RT-Original-Encoding: iso-8859-1 Content-Length: 1486 Add new DAL function for renaming principals Previously libkadm5srv renamed principals by getting the principal entry, renaming the entry, putting it in the DB, then deleting the old one. This does not work in certain KDB modules such as LDAP. A new DAL function is necessary to support all KDB modules. Add a new DAL function to support custom renames in all KDB modules, with a default implementation that performs the previous functionality of adding and deleting the principal entry. NOTE: if the default rename function isn't used and iprop logging is enabled, iprop would fail since it doesn't formally support renaming. In that case, the call to krb5_db_rename_principal() will fail with the code KRB5_PLUGIN_OP_NOTSUPP. https://github.com/krb5/krb5/commit/c38838be956ce72fcd7142f14bc374dc13dd8bb2 Author: Sarah Day Committer: Greg Hudson Commit: c38838be956ce72fcd7142f14bc374dc13dd8bb2 Branch: master src/include/kdb.h | 23 +++++++++- src/lib/kadm5/srv/svr_principal.c | 86 ++++++------------------------------ src/lib/kdb/kdb5.c | 33 ++++++++++++++ src/lib/kdb/kdb_default.c | 39 +++++++++++++++++ src/lib/kdb/libkdb5.exports | 1 + src/plugins/kdb/db2/db2_exp.c | 1 + src/plugins/kdb/ldap/ldap_exp.c | 1 + src/plugins/kdb/test/kdb_test.c | 1 + src/tests/t_iprop.py | 25 ++++++++++- 9 files changed, 136 insertions(+), 74 deletions(-)