| From: | ghudson@mit.edu |
| Subject: | git commit |
Add the ability to lock down principal keys
A new attribute named KRB5_KDC_LOCKDOWN_KEYS can be set on principals.
This flag prevents keys for the principal from being extracted or set
to a known value by the kadmin protocol. Principals with this flag
cannot be deleted or renamed, and cannot have keys set by setkey or
chpass. chrand operations are allowed, but keys are not returned.
This attribute can be set via the modify operation but cannot be
reset; an authorization error is resturned if an attempt to reset it
is performed.
When creating a KDB, set the lockdown flag on the krbtgt and kadmin
principals.
[ghudson@mit.edu: squash with t_kadmin_acl.py commit; condense commit
message]
https://github.com/krb5/krb5/commit/534db9834d6a77dc5e948e12844e72ba4e971e8c
Author: Simo Sorce <simo@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 534db9834d6a77dc5e948e12844e72ba4e971e8c
Branch: master
src/include/kdb.h | 1 +
src/kadmin/cli/kadmin.c | 2 +
src/kadmin/dbutil/kadm5_create.c | 9 +-
src/kadmin/dbutil/kdb5_create.c | 1 +
src/kadmin/server/server_stubs.c | 137 +++++++++++++++++++++++++--
src/lib/kadm5/kadm_err.et | 1 +
src/lib/kadm5/str_conv.c | 2 +
src/tests/dejagnu/krb-standalone/kadmin.exp | 96 ++++++++++++++++++-
src/tests/t_kadmin_acl.py | 40 ++++++++
src/util/princflags.py | 3 +
10 files changed, 281 insertions(+), 11 deletions(-)