Skip Menu |
 

From: ghudson@mit.edu
Subject: SVN Commit

Add minimal support for re-randomizing the history key:

* cpw -randkey kadmin/history now works, but creates only one key.
* cpw -randkey -keepold kadmin/history still fails.
* libkadm5 no longer caches the history key. Performance impact
is minimal since password changes are not common.
* randkey no longer checks the newly randomized key against old keys,
and the disabled code to do so in setkey/setv4key is gone, so now
only kadm5_chpass_principal_3 accesses the password history.


https://github.com/krb5/krb5/commit/fe68c6595b7f90ec6891b4dbb0b227ee859090e5
Commit By: ghudson
Revision: 23716
Changed Files:
U trunk/doc/admin.texinfo
U trunk/src/lib/kadm5/server_internal.h
U trunk/src/lib/kadm5/srv/libkadm5srv_mit.exports
U trunk/src/lib/kadm5/srv/server_kdb.c
U trunk/src/lib/kadm5/srv/svr_principal.c
U trunk/src/lib/kadm5/unit-test/api.current/randkey-principal.exp
From: tlyu@mit.edu
Subject: SVN Commit
Download (untitled) / with headers
text/plain 1.2KiB

pull up r23716 from trunk

------------------------------------------------------------------------
r23716 | ghudson | 2010-02-11 11:07:08 -0500 (Thu, 11 Feb 2010) | 15 lines

ticket: 6660
subject: Minimal support for updating history key
target_version: 1.8
tags: pullup

Add minimal support for re-randomizing the history key:

* cpw -randkey kadmin/history now works, but creates only one key.
* cpw -randkey -keepold kadmin/history still fails.
* libkadm5 no longer caches the history key. Performance impact
is minimal since password changes are not common.
* randkey no longer checks the newly randomized key against old keys,
and the disabled code to do so in setkey/setv4key is gone, so now
only kadm5_chpass_principal_3 accesses the password history.

------------------------------------------------------------------------

https://github.com/krb5/krb5/commit/11199521554dc4a0d75a36d001900cbeb78652cf
Commit By: tlyu
Revision: 23721
Changed Files:
U branches/krb5-1-8/doc/admin.texinfo
U branches/krb5-1-8/src/lib/kadm5/server_internal.h
U branches/krb5-1-8/src/lib/kadm5/srv/libkadm5srv_mit.exports
U branches/krb5-1-8/src/lib/kadm5/srv/server_kdb.c
U branches/krb5-1-8/src/lib/kadm5/srv/svr_principal.c
U branches/krb5-1-8/src/lib/kadm5/unit-test/api.current/randkey-principal.exp