debian/0000755000000000000000000000000012275460274007177 5ustar debian/watch0000644000000000000000000000020012207757251010217 0ustar version=3 https://metacpan.org/release/Authen-Krb5-Admin/ .*/Authen-Krb5-Admin-v?(\d[\d.-]+)\.(?:tar(?:\.gz|\.bz2)?|tgz|zip)$ debian/rules0000755000000000000000000000032712207757251010260 0ustar #!/usr/bin/make -f export PERL_KADM5_PRINCIPAL=none export PERL_KADM5_TEST_NAME=none export PERL_KADM5_TEST_NAME_2=none %: dh $@ override_dh_auto_test: # Skip tests: they require administrative access to a KDC debian/copyright0000644000000000000000000000677712207757251011152 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: Authen-Krb5-Admin Upstream-Contact: Stephen Quinney Source: https://metacpan.org/release/Authen-Krb5-Admin/ Files: * Copyright: © 2002, Andrew J. Korty License: BSD-2-clause Files: admin.h Copyright: © 2001, Massachusetts Institute of Technology License: MIT-Kerberos Export of this software from the United States of America may require a specific license from the United States Government. It is the responsibility of any person or organization contemplating export to obtain such a license before exporting. . WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. Furthermore if you modify this software you must label your software as modified software and not distribute it in such a fashion that it might be confused with the original M.I.T. software. M.I.T. makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. Files: ppport.h Copyright: 2004-2009, Marcus Holland-Moritz 2001, Paul Marquess (Version 2.x) 1999, Kenneth Albanowski (Version 1.x) License: Artistic or GPL-1+ This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. . Perl is distributed under your choice of the GNU General Public License version 1 or later, or the Artistic License. On Debian GNU/Linux systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL-1' and the Artistic Licence in `/usr/share/common-licenses/Artistic'. Files: debian/* Copyright: © 2008, 2010, Ansgar Burchardt © 2009-2013, gregor herrmann © 2011, Russ Allbery License: BSD-2-clause License: BSD-2-clause Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. . THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. debian/source/0000755000000000000000000000000012207757251010476 5ustar debian/source/format0000644000000000000000000000001412207757251011704 0ustar 3.0 (quilt) debian/patches/0000755000000000000000000000000012207757251010625 5ustar debian/patches/pod.patch0000644000000000000000000002730012207757251012432 0ustar Description: bullet after =item is not allowed anymore Origin: vendor Bug: https://rt.cpan.org/Ticket/Display.html?id=88281 Forwarded: https://rt.cpan.org/Ticket/Display.html?id=88281 Author: gregor herrmann Last-Update: 2013-08-30 --- a/Admin.pm +++ b/Admin.pm @@ -313,27 +313,27 @@ The only methods in this class are the constructor (I, described above) and the following accessor methods. -=item * admin_server {KADM5_CONFIG_ADMIN_SERVER} +=item admin_server {KADM5_CONFIG_ADMIN_SERVER} Admin server hostname -=item * kadmind_port {KADM5_CONFIG_KADMIND_PORT} +=item kadmind_port {KADM5_CONFIG_KADMIND_PORT} Admin server port number -=item * kpasswd_port {KADM5_CONFIG_KPASSWD_PORT} +=item kpasswd_port {KADM5_CONFIG_KPASSWD_PORT} Kpasswd server port number -=item * mask +=item mask Mask (described above) -=item * profile {KADM5_CONFIG_PROFILE} +=item profile {KADM5_CONFIG_PROFILE} Kerberos 5 configuration profile -=item * realm {KADM5_CONFIG_REALM} +=item realm {KADM5_CONFIG_REALM} Kerberos 5 realm name @@ -343,32 +343,32 @@ The only methods in this class are the constructor (I, described above) and the following accessor methods. -=item * key_contents +=item key_contents Key contents, encrypted with the KDC master key. This data may not be available remotely. -=item * enc_type +=item enc_type Kerberos 5 enctype of the key -=item * key_type +=item key_type Alias for I -=item * kvno +=item kvno Key version number -=item * salt_contents +=item salt_contents Salt contents, if any (I > 1) -=item * salt_type +=item salt_type Salt type, if any (I > 1) -=item * ver +=item ver Version number of the underlying I structure @@ -378,53 +378,53 @@ are the constructor (I, described above) and the following accessor methods. -=item * mask +=item mask Mask (described above) -=item * name {KADM5_POLICY} +=item name {KADM5_POLICY} Policy name -=item * pw_history_num {KADM5_PW_HISTORY_NUM} +=item pw_history_num {KADM5_PW_HISTORY_NUM} Number (between 1 and 10, inclusive) of past passwords to be stored for the principal. A principal may not set its password to any of its previous I passwords. -=item * pw_max_life {KADM5_PW_MAX_LIFE} +=item pw_max_life {KADM5_PW_MAX_LIFE} Default number of seconds a password lasts before the principal is required to change it -=item * pw_max_fail {KADM5_PW_MAX_FAILURE} +=item pw_max_fail {KADM5_PW_MAX_FAILURE} The maximum allowed number of attempts before a lockout. -=item * pw_failcnt_interval {KADM5_PW_FAILURE_COUNT_INTERVAL} +=item pw_failcnt_interval {KADM5_PW_FAILURE_COUNT_INTERVAL} The period after which the bad preauthentication count will be reset. -=item * pw_lockout_duration {KADM5_PW_LOCKOUT_DURATION} +=item pw_lockout_duration {KADM5_PW_LOCKOUT_DURATION} The period in which lockout is enforced; a duration of zero means that the principal must be manually unlocked. -=item * pw_min_classes {KADM5_PW_MIN_CLASSES} +=item pw_min_classes {KADM5_PW_MIN_CLASSES} Number (between 1 and 5, inclusive) of required character classes represented in a password -=item * pw_min_length {KADM5_PW_MIN_LENGTH} +=item pw_min_length {KADM5_PW_MIN_LENGTH} Minimum number of characters in a password -=item * pw_min_life {KADM5_PW_MIN_LIFE} +=item pw_min_life {KADM5_PW_MIN_LIFE} Number of seconds a password must age before the principal may change it -=item * policy_refcnt {KADM5_REF_COUNT} +=item policy_refcnt {KADM5_REF_COUNT} Number of principals referring to this policy (read-only, does not set KADM5_REF_COUNT automatically) @@ -439,95 +439,95 @@ above), the following accessor methods, and I, which is used to clear the policy attribute. -=item * attributes {KADM5_ATTRIBUTES} +=item attributes {KADM5_ATTRIBUTES} Bitfield representing principal attributes (see L) -=item * aux_attributes {KADM5_AUX_ATTRIBUTES} +=item aux_attributes {KADM5_AUX_ATTRIBUTES} Bitfield used by kadmin. Currently only recognizes the KADM5_POLICY, which indicates that a policy is in effect for this principal. This attribute is read-only, so KADM5_AUX_ATTRIBUTES is not set automatically. -=item * fail_auth_count {KADM5_FAIL_AUTH_COUNT} +=item fail_auth_count {KADM5_FAIL_AUTH_COUNT} Number of consecutive failed AS_REQs for this principal. This attribute is read-only, so KADM5_FAIL_AUTH_COUNT is not set automatically. -=item * kvno {KADM5_KVNO} +=item kvno {KADM5_KVNO} Key version number -=item * last_failed {KADM5_LAST_FAILED} +=item last_failed {KADM5_LAST_FAILED} Time (in seconds since the Epoch) of the last failed AS_REQ for this principal. This attribute is read-only, so KADM5_LAST_FAILED is not set automatically. -=item * last_pwd_change {KADM5_LAST_PWD_CHANGE} +=item last_pwd_change {KADM5_LAST_PWD_CHANGE} Time (in seconds since the Epoch) of the last password change for this principal. This attribute is read-only, so KADM5_LAST_PWD_CHANGE is not set automatically. -=item * last_success {KADM5_LAST_SUCCESS} +=item last_success {KADM5_LAST_SUCCESS} Time (in seconds since the Epoch) of the last successful AS_REQ for this principal. This attribute is read-only, so KADM5_LAST_SUCCESS is not set automatically. -=item * mask +=item mask Mask (see above) -=item * max_life {KADM5_MAX_LIFE} +=item max_life {KADM5_MAX_LIFE} maximum lifetime in seconds of any Kerberos ticket issued to this principal -=item * max_renewable_life {KADM5_MAX_RLIFE} +=item max_renewable_life {KADM5_MAX_RLIFE} maximum renewable lifetime in seconds of any Kerberos ticket issued to this principal -=item * mod_date {KADM5_MOD_TIME} +=item mod_date {KADM5_MOD_TIME} Time (in seconds since the Epoch) this principal was last modified. This attribute is read-only, so KADM5_MOD_TIME is not set automatically. -=item * mod_name {KADM5_MOD_NAME} +=item mod_name {KADM5_MOD_NAME} Kerberos principal (B, see L) that last modified this principal. This attribute is read-only, so KADM5_MOD_NAME is not set automatically. -=item * policy {KADM5_POLICY} +=item policy {KADM5_POLICY} Name of policy that affects this principal if KADM5_POLICY is set in I -=item * policy_clear {KADM5_POLICY_CLR} +=item policy_clear {KADM5_POLICY_CLR} Not really an attribute--disables the current policy for this principal. This method doesn't return anything. -=item * princ_expire_time {KADM5_PRINC_EXPIRE_TIME} +=item princ_expire_time {KADM5_PRINC_EXPIRE_TIME} Expire time (in seconds since the Epoch) of the principal -=item * principal {KADM5_PRINCIPAL} +=item principal {KADM5_PRINCIPAL} Kerberos principal itself (B, see L) -=item * pw_expiration {KADM5_PW_EXPIRATION} +=item pw_expiration {KADM5_PW_EXPIRATION} Expire time (in seconds since the Epoch) of the principal's password -=item * db_args [@ARGS] +=item db_args [@ARGS] When called without any C<@ARGS>, returns the list of arguments that will be passed into the underlying database, as with C in @@ -578,82 +578,82 @@ the configuration from the Kerberos 5 profile (F by default). -=item * $kadm5 = Authen::Krb5::Admin->init_with_creds($client, $krb5_ccache[, $service, $kadm5_config]) +=item $kadm5 = Authen::Krb5::Admin->init_with_creds($client, $krb5_ccache[, $service, $kadm5_config]) Authenticate using the credentials cached in $krb5_ccache. -=item * $kadm5 = Authen::Krb5::Admin->init_with_password($client[, $password, $service, $kadm5_config]) +=item $kadm5 = Authen::Krb5::Admin->init_with_password($client[, $password, $service, $kadm5_config]) Authenticate with $password. -=item * $kadm5 = Authen::Krb5::Admin->init_with_skey($client[, $keytab_file, $service, $kadm5_config]) +=item $kadm5 = Authen::Krb5::Admin->init_with_skey($client[, $keytab_file, $service, $kadm5_config]) Authenticate using the keytab stored in $keytab_file. If $keytab_file is undef, the default keytab is used. =item Principal Operations -=item * $success = $kadm5->chpass_principal($krb5_princ, $password) +=item $success = $kadm5->chpass_principal($krb5_princ, $password) Change the password of $krb5_princ to $password. -=item * $success = $kadm5->create_principal($kadm5_princ[, $password]) +=item $success = $kadm5->create_principal($kadm5_princ[, $password]) Insert $kadm5_princ into the database, optionally setting its password to the string in $password. Clears KADM5_POLICY_CLR and KADM5_FAIL_AUTH_COUNT. -=item * $success = $kadm5->delete_principal($krb5_princ) +=item $success = $kadm5->delete_principal($krb5_princ) Delete the principal represented by $krb5_princ from the database. -=item * $kadm5_princ = $kadm5->get_principal($krb5_princ[, $mask]) +=item $kadm5_princ = $kadm5->get_principal($krb5_princ[, $mask]) Retrieve the Authen::Krb5::Admin::Principal object for the principal $krb5_princ from the database. Use KADM5_PRINCIPAL_NORMAL_MASK to retrieve all of the useful attributes. -=item * @names = $kadm5->get_principals([$expr]) +=item @names = $kadm5->get_principals([$expr]) Retrieve a list of principal names matching the glob pattern $expr. In the absence of $expr, retrieve the list of all principal names. -=item * $success = $kadm5->modify_principal($kadm5_princ) +=item $success = $kadm5->modify_principal($kadm5_princ) Modify $kadm5_princ in the database. The principal to modify is determined by C<$kadm5_princ-Eprincipal>, and the rest of the writable parameters will be modified accordingly. Clears KADM5_PRINCIPAL. -=item * @keys = $kadm5->randkey_principal($krb5_princ) +=item @keys = $kadm5->randkey_principal($krb5_princ) Randomize the principal in the database represented by $krb5_princ and return B objects. -=item * $success = $kadm5->rename_principal($krb5_princ_from, $krb5_princ_to) +=item $success = $kadm5->rename_principal($krb5_princ_from, $krb5_princ_to) Change the name of the principal from $krb5_princ_from to $krb5_princ_to. =item Policy Operations -=item * $success = $kadm5->create_policy($kadm5_pol) +=item $success = $kadm5->create_policy($kadm5_pol) Insert $kadm5_pol into the database. -=item * $success = $kadm5->delete_policy($name) +=item $success = $kadm5->delete_policy($name) Delete the policy named $name from the database. -=item * $kadm5_pol = $kadm5->get_policy([$name]) +=item $kadm5_pol = $kadm5->get_policy([$name]) Retrieve the B object for the policy named $name from the database. -=item * @names = $kadm5->get_policies([$expr]) +=item @names = $kadm5->get_policies([$expr]) Retrieve a list of policy names matching the glob pattern $expr. In the absence of $expr, retrieve the list of all policy names. -=item * $success = $kadm5->modify_policy($kadm5_pol) +=item $success = $kadm5->modify_policy($kadm5_pol) Modify $kadm5_pol in the database. The policy to modify is determined by C<$kadm5_pol->name>,(and the rest of the writable) @@ -661,18 +661,18 @@ =item Other Methods -=item * $magic_value = Authen::Krb5::Admin::error [$error] +=item $magic_value = Authen::Krb5::Admin::error [$error] Return value that acts like $! (see L) for the most recent Authen::Krb5::Admin call. With error code $error, return the error message corresponding to that error code. -=item * $error_code = Authen::Krb5::Admin::error_code +=item $error_code = Authen::Krb5::Admin::error_code Returns the value of the error code for the most recent Authen::Krb5::Admin call as a simple integer. -=item * $privs = $kadm5->get_privs +=item $privs = $kadm5->get_privs Return a bitfield representing the kadmin privileges a principal has, as follows: debian/patches/series0000644000000000000000000000001212207757251012033 0ustar pod.patch debian/compat0000644000000000000000000000000212207757251010374 0ustar 9 debian/control0000644000000000000000000000232712207757251010605 0ustar Source: libauthen-krb5-admin-perl Maintainer: Debian Perl Group Uploaders: Ansgar Burchardt , gregor herrmann , Russ Allbery Section: perl Priority: optional Build-Depends: debhelper (>= 9.20120312), perl, libkrb5-dev Standards-Version: 3.9.4 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-perl/packages/libauthen-krb5-admin-perl.git Vcs-Git: git://anonscm.debian.org/pkg-perl/packages/libauthen-krb5-admin-perl.git Homepage: https://metacpan.org/release/Authen-Krb5-Admin/ Package: libauthen-krb5-admin-perl Architecture: any Depends: ${perl:Depends}, ${shlibs:Depends}, ${misc:Depends}, libauthen-krb5-perl Description: Perl extension for MIT Kerberos 5 admin interface The Authen::Krb5::Admin Perl module is an object-oriented interface to the MIT Kerberos 5 admin server. This allows creation, deletion, renaming, and examination of Kerberos principals, changing passwords or keys, and changing policy settings in the KDC. . This module only supports the MIT Kerberos admin protocol. For Heimdal KDCs, see libheimdal-kadm5-perl instead. debian/changelog0000644000000000000000000000724512275460274011061 0ustar libauthen-krb5-admin-perl (0.17-1build1) trusty; urgency=medium * Rebuild against libkadm5clnt-mit9. -- Colin Watson Sat, 08 Feb 2014 16:52:11 +0000 libauthen-krb5-admin-perl (0.17-1) unstable; urgency=low [ gregor herrmann ] * debian/control: update {versioned,alternative} (build) dependencies. [ Salvatore Bonaccorso ] * Imported Upstream version 0.15, 0.16 and 0.17 Closes: #721288 * Bump Standards-Version to 3.9.4 * Change Vcs-Git to canonical URI (git://anonscm.debian.org) * Change search.cpan.org based URIs to metacpan.org based URIs [ gregor herrmann ] * Use debhelper 9.20120312 to get all hardening flags. * Add patch to fix POD warnings with perl 5.18. * Update years of packaging copyright. -- gregor herrmann Fri, 30 Aug 2013 01:50:36 +0200 libauthen-krb5-admin-perl (0.13-1) unstable; urgency=low * Team upload. [ Ansgar Burchardt ] * debian/control: Convert Vcs-* fields to Git. [ Salvatore Bonaccorso ] * Imported Upstream version 0.13 * Drop link_less_libraries.diff patch. Patch was applied upstream. * Drop use_1_7_admin_interface.patch patch. Upstream now uses the Kerberos admin.h rather than a local copy. * Update debian/copyright information. Update format to copyright-format 1.0 as released together with Debian policy 3.9.3. Update Upstream-Contact to refer to the new author of Authen-Krb5-Admin. Update copyright years for included ppport.h. * Bump Standards-Version to 3.9.3 * Bump Debhelper compat level to 9. Adjust versioned Build-Depends on debhelper to (>= 9). -- Salvatore Bonaccorso Thu, 17 May 2012 08:13:35 +0200 libauthen-krb5-admin-perl (0.11-4) unstable; urgency=medium [ Ansgar Burchardt ] * Update my email address. [ Russ Allbery ] * Urgency medium to allow the krb5 package to migrate faster. * Expand the long description to say what types of Kerberos operations this module allows. Add a pointer to libheimdal-kadm5-perl for Heimdal KDCs. Remove the note that the author envisions support for other KDC implementations; it's been nine years and this hasn't happened, so it's probably not imminent. * Update debian/copyright to the current draft DEP-5 format and add some additional copyright statements. Change the GPL pointer to the GPL v1 text now that it's in common-licenses. * Add myself to Uploaders. * Update debhelper compatibility level to V8. * Update standards version to 3.9.1 (no changes required). -- Russ Allbery Thu, 31 Mar 2011 11:38:42 -0700 libauthen-krb5-admin-perl (0.11-3) unstable; urgency=low [ Nathan Handler ] * debian/watch: Update to ignore development releases. [ Ansgar Burchardt ] * Update patch use_1_7_admin_interface.patch for MIT Kerberos 1.8. (Closes: #566368) + This requires libauthen-krb5-perl (>= 1.9-2). * debian/control: Make build-dep on perl unversioned. * Use source format 3.0 (quilt). * Simplify debian/rules. * Bump Standards-Version to 3.8.3. -- Ansgar Burchardt Sun, 24 Jan 2010 18:58:48 +0900 libauthen-krb5-admin-perl (0.11-2) unstable; urgency=low * Add patch use_1_7_admin_interface.patch from Sam Hartman to use the new public admin.h interface of Kerberos 1.7. Bump build dependency on libkrb5-dev to (>= 1.7dfsg~beta1). (Closes: #527260) * Set Standards-Version to 3.8.1 (no changes). * Add /me to Uploaders. -- gregor herrmann Thu, 07 May 2009 21:54:48 +0200 libauthen-krb5-admin-perl (0.11-1) unstable; urgency=low * Initial Release (Closes: #502986) -- Ansgar Burchardt Wed, 05 Nov 2008 20:48:35 +0100