Add password charset, add checksum, allow quilt#77
Open
whm wants to merge 48 commits intorra:debian/masterfrom
Open
Add password charset, add checksum, allow quilt#77whm wants to merge 48 commits intorra:debian/masterfrom
whm wants to merge 48 commits intorra:debian/masterfrom
Conversation
added 30 commits
September 30, 2019 21:15
* Allow the specification of valid characters to be used when generating passwords. * Add the command checksum to return the checksum of file objects. * Patches to allow the use of quilt.
Patch to make errors invoking a class more descriptive. The errors only happen when there is a reference to a module that does not exist or has not been installed.
Make sure that an invalid url error generates output as well as stopping processing.
* Request the presence of the GSSAPI module is either LDAP ACL support or encrypted object support is enabled.
* Encypt the data before attempting any of the actual storage of file objects. * Die immediately on any errors retrieving the encryption secret. * Correct reference to LDAP_SECRET. * Correct arguments passed to _file_decrypt.
Wallet client man page * Add the checksum command * Add acl add examples
Add password generation options supporting generation of password using selected Crypt::HSXKPasswd presets or a custom routine.
Explicitly set PWD_TYPE in the configuation file to prevent "unassigned variable warnings".
Makes changes to allow encryption to overridden by sepcifying routines in the configuration file. Update Config.pm with a working example of an alternate configuration method.
* Rename the configuratiion variable LDAP_SECRET_PREFIX to ENCRYPTION_PREFIX. * Improve error messaging when attempting to retrieve the encryption secret from LDAP. * Trap the case when ENCRYPTION_PREFIX is specified and the required LDAP variables are not.
The checkfile command compares the checksum of a wallet object with the checksum of a file and if they differ a wallet get is performed.
- Add checkfile to internal.h - Update Makefile.am to include checkfile.c - Add libssl-dev to build-depends - Correct call to checkfile_read_file - Correct call to str2md5
- Add checkfile to internal.h - Update Makefile.am to include checkfile.c - Add libssl-dev to build-depends - Correct call to checkfile_read_file - Correct call to str2md5
* Update command line checking to allow checkfile to specify -f. * Fail if the checkfile command does not include -f.
* Correct code indent
* Correct condition code blocks. Add explicit blocks, i.e. {}.
* Restrict the checksum compare to the length of the checksum value.
This merges in the debugging that was performed in the ubuntu/master branch into the debian branch.
* The POD was updated with the original checkfile changes, but a new man page was not generated. This change updates the man page for the client. * When issuing a checkfile command against an password object that exists but has not been stored yet a warning message was being generated. This warning is confusing since the command succeeds since the password is generated and downloaded.
* The POD was updated with the original checkfile changes, but a new man page was not generated. This change updates the man page for the client. * When issuing a checkfile command against an password object that exists but has not been stored yet a warning message was being generated. This warning is confusing since the command succeeds since the password is generated and downloaded.
* Correct the default value used for the maximum of a "computer name" used when creating AD keytabs.
WebAuth is no longer supported by Debian.
It looks like the build process is creating a configure~ file which causes the license test to fail.
Correct double encryption problem when transitioning to encrypted password storage.
Expand the allow ldap-attr ACL specification to include a full ldap filter. At the same time remove the compare search and perform the access test in a single LDAP search.
This is an emergency patch to support the opensslv1 warning for the default encryption message. This warning is affecting production systems negatively. To resolve this problem a method will be implemented that allows the transition to any encryption method supported by Crypt::CBC.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I made most of my changes as patches to the debian/master branch rather than to master.