[11396] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[krbdev.mit.edu #6660] SVN Commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Thu Feb 11 11:07:13 2010

Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Greg Hudson via RT" <rt-comment@krbdev.MIT.EDU>
In-Reply-To: <rt-6660@krbdev.mit.edu>
Message-ID: <rt-6660-32448.3.04952156340981@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #6660'":;"'AdminCc of krbdev.mit.edu Ticket #6660'":;@MIT.EDU
Date: Thu, 11 Feb 2010 11:07:09 -0500 (EST)
Reply-To: rt-comment@krbdev.MIT.EDU
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu

Add minimal support for re-randomizing the history key:

* cpw -randkey kadmin/history now works, but creates only one key.
* cpw -randkey -keepold kadmin/history still fails.
* libkadm5 no longer caches the history key.  Performance impact
  is minimal since password changes are not common.
* randkey no longer checks the newly randomized key against old keys,
  and the disabled code to do so in setkey/setv4key is gone, so now
  only kadm5_chpass_principal_3 accesses the password history.

http://src.mit.edu/fisheye/changelog/krb5/?cs=23716
Commit By: ghudson
Revision: 23716
Changed Files:
U   trunk/doc/admin.texinfo
U   trunk/src/lib/kadm5/server_internal.h
U   trunk/src/lib/kadm5/srv/libkadm5srv_mit.exports
U   trunk/src/lib/kadm5/srv/server_kdb.c
U   trunk/src/lib/kadm5/srv/svr_principal.c
U   trunk/src/lib/kadm5/unit-test/api.current/randkey-principal.exp

_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[11396] in Kerberos-V5-bugs

[krbdev.mit.edu #6660] SVN Commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)Thu Feb 11 11:07:13 2010

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Thu Feb 11 11:07:13 2010