Imported Upstream version 1.3

4b3f858e · Russ Allbery · 7856dc7c · 76f93739 · 4b3f858e · 4b3f858e
Commit 4b3f858e authored Jan 17, 2016 by Russ Allbery
--- a/.gitignore
+++ b/.gitignore
 /Makefile.in
 /aclocal.m4
+/autom4te.cache/
 /build-aux/
 /client/wallet
 /client/wallet-rekey

--- a/.travis.yml
+++ b/.travis.yml
+sudo: required
+dist: trusty
+
+language: c
+compiler:
+  - gcc
+
+before_install:
+  - sudo apt-get update -qq
+  - sudo apt-get install -y libauthen-sasl-perl libcrypt-generatepassword-perl libdatetime-perl libdatetime-format-sqlite-perl libdbd-sqlite3-perl libdbi-perl libdbix-class-perl libheimdal-kadm5-perl libjson-perl libkrb5-dev libnet-dns-perl libnet-ldap-perl libnet-remctl-perl libperl6-slurp-perl libremctl-dev libsql-translator-perl libtest-minimumversion-perl libtest-pod-perl libtest-strict-perl libtimedate-perl libwebauth-perl perl sqlite3
+env: AUTHOR_TESTING=1
+script: ./autogen && ./configure && make warnings && make check
+
+branches:
+  only:
+    - master
--- a/LICENSE
+++ b/LICENSE
@@ -10,23 +10,25 @@ Copyright: 2006-2010, 2012-2013
 License: Expat

 Files: *
-Copyright: 2000-2002, 2004-2014 Russ Allbery <eagle@eyrie.org>
-  2001-2014 The Board of Trustees of the Leland Stanford Junior University
+Copyright: 2000-2002, 2004-2016 Russ Allbery <eagle@eyrie.org>
+  2001-2015 The Board of Trustees of the Leland Stanford Junior University
+  2015 Dropbox, Inc.
 License: Expat

 Files: Makefile.in
-Copyright: 1994-2013 Free Software Foundation, Inc.
+Copyright: 1994-2014 Free Software Foundation, Inc.
  2006-2008, 2010, 2013-2014
    The Board of Trustees of the Leland Stanford Junior University
+  2016 Russ Allbery <eagle@eyrie.org>
 License: FSF-unlimited and Expat

 Files: aclocal.m4
-Copyright: 1996-2013 Free Software Foundation, Inc.
+Copyright: 1996-2015 Free Software Foundation, Inc.
 License: FSF-unlimited

 Files: build-aux/ar-lib build-aux/compile build-aux/depcomp
 build-aux/missing
-Copyright: 1996-2013 Free Software Foundation, Inc.
+Copyright: 1996-2014 Free Software Foundation, Inc.
 License: GPL-2+ with Autoconf exception or Expat

 Files: build-aux/install-sh
@@ -62,7 +64,7 @@ Files: client/wallet-rekey.1 client/wallet-rekey.pod client/wallet.1
 docs/stanford-naming perl/t/data/README tests/HOWTO tests/config/README
 Copyright: 2006-2014
    The Board of Trustees of the Leland Stanford Junior University
-  2010 Russ Allbery <eagle@eyrie.org>
+  2010, 2016 Russ Allbery <eagle@eyrie.org>
 License: all-permissive
 Copying and distribution of this file, with or without modification, are
 permitted in any medium without royalty provided the copyright notice and
@@ -75,10 +77,12 @@ License: FSF-configure
 This script is free software; the Free Software Foundation gives unlimited
 permission to copy, distribute and modify it.

-Files: m4/gssapi.m4 m4/krb5-config.m4 m4/krb5.m4 m4/lib-depends.m4
- m4/lib-pathname.m4 m4/remctl.m4 m4/snprintf.m4 m4/vamacros.m4
+Files: m4/clang.m4 m4/gssapi.m4 m4/krb5-config.m4 m4/krb5.m4
+ m4/lib-depends.m4 m4/lib-pathname.m4 m4/remctl.m4 m4/snprintf.m4
+ m4/vamacros.m4
 Copyright: 2005-2014
    The Board of Trustees of the Leland Stanford Junior University
+  2015 Russ Allbery <eagle@eyrie.org>
 License: unlimited
 This file is free software; the authors give unlimited permission to copy
 and/or distribute it, with or without modifications, as long as this
@@ -87,10 +91,8 @@ License: unlimited
 Files: portable/asprintf.c portable/dummy.c portable/krb5-extra.c
 portable/krb5.h portable/macros.h portable/mkstemp.c
 portable/reallocarray.c portable/setenv.c portable/stdbool.h
- portable/strlcat.c portable/strlcpy.c portable/system.h portable/uio.h
- tests/portable/asprintf-t.c tests/portable/mkstemp-t.c
- tests/portable/setenv-t.c tests/portable/strlcat-t.c
- tests/portable/strlcpy-t.c util/macros.h
+ portable/system.h portable/uio.h tests/portable/asprintf-t.c
+ tests/portable/mkstemp-t.c tests/portable/setenv-t.c util/macros.h
 Copyright: no copyright notice, see License
 License: rra-public-domain
 The authors hereby relinquish any claim to any copyright that they may
@@ -116,6 +118,7 @@ Copyright: 1991, 1994-2003 The Internet Software Consortium and Rich Salz
  2004-2006 Internet Systems Consortium, Inc.
  2008-2010, 2012-2014
    The Board of Trustees of the Leland Stanford Junior University
+  2015 Russ Allbery <eagle@eyrie.org>
 License: ISC
 Permission to use, copy, modify, and distribute this software for any
 purpose with or without fee is hereby granted, provided that the above

--- a/Makefile.am
+++ b/Makefile.am
 # Automake makefile for wallet.
 #
 # Written by Russ Allbery <eagle@eyrie.org>
+# Copyright 2016 Russ Allbery <eagle@eyrie.org>
 # Copyright 2006, 2007, 2008, 2010, 2013, 2014
 #     The Board of Trustees of the Leland Stanford Junior University
 #
@@ -20,17 +21,18 @@ WALLET_PERL_FLAGS ?=
 # builddir != srcdir builds.
 PERL_FILES = perl/Build.PL perl/MANIFEST perl/MANIFEST.SKIP perl/create-ddl \
 	perl/lib/Wallet/ACL.pm perl/lib/Wallet/ACL/Base.pm		    \
-	perl/lib/Wallet/ACL/Krb5.pm perl/lib/Wallet/ACL/Krb5/Regex.pm	    \
-	perl/lib/Wallet/ACL/LDAP/Attribute.pm perl/lib/Wallet/ACL/NetDB.pm  \
+	perl/lib/Wallet/ACL/External.pm perl/lib/Wallet/ACL/Krb5.pm	    \
+	perl/lib/Wallet/ACL/Krb5/Regex.pm				    \
+	perl/lib/Wallet/ACL/LDAP/Attribute.pm				    \
+	perl/lib/Wallet/ACL/LDAP/Attribute/Root.pm			    \
+	perl/lib/Wallet/ACL/NetDB.pm perl/lib/Wallet/ACL/Nested.pm	    \
 	perl/lib/Wallet/ACL/NetDB/Root.pm perl/lib/Wallet/Admin.pm	    \
 	perl/lib/Wallet/Config.pm perl/lib/Wallet/Database.pm		    \
-	perl/lib/Wallet/Kadmin.pm perl/lib/Wallet/Kadmin/Heimdal.pm	    \
-	perl/lib/Wallet/Kadmin/MIT.pm perl/lib/Wallet/Object/Base.pm	    \
-	perl/lib/Wallet/Object/Duo.pm					    \
-	perl/lib/Wallet/Object/Duo/LDAPProxy.pm				    \
-	perl/lib/Wallet/Object/Duo/PAM.pm perl/lib/Wallet/Object/Duo/RDP.pm \
-	perl/lib/Wallet/Object/Duo/RadiusProxy.pm			    \
+	perl/lib/Wallet/Kadmin.pm perl/lib/Wallet/Kadmin/AD.pm		    \
+	perl/lib/Wallet/Kadmin/Heimdal.pm perl/lib/Wallet/Kadmin/MIT.pm	    \
+	perl/lib/Wallet/Object/Base.pm perl/lib/Wallet/Object/Duo.pm	    \
 	perl/lib/Wallet/Object/File.pm perl/lib/Wallet/Object/Keytab.pm	    \
+	perl/lib/Wallet/Object/Password.pm				    \
 	perl/lib/Wallet/Object/WAKeyring.pm				    \
 	perl/lib/Wallet/Policy/Stanford.pm perl/lib/Wallet/Report.pm	    \
 	perl/lib/Wallet/Schema.pm perl/lib/Wallet/Server.pm		    \
@@ -65,8 +67,9 @@ PERL_FILES = perl/Build.PL perl/MANIFEST perl/MANIFEST.SKIP perl/create-ddl \
 	perl/sql/Wallet-Schema-0.09-0.10-SQLite.sql			    \
 	perl/sql/Wallet-Schema-0.10-MySQL.sql				    \
 	perl/sql/Wallet-Schema-0.10-PostgreSQL.sql			    \
-	perl/sql/Wallet-Schema-0.10-SQLite.sql perl/t/data/README	    \
-	perl/t/data/duo/integration.json				    \
+	perl/sql/Wallet-Schema-0.10-SQLite.sql				    \
+	perl/sql/wallet-1.3-update-duo.sql perl/t/data/README		    \
+	perl/t/data/acl-command perl/t/data/duo/integration.json	    \
 	perl/t/data/duo/integration-ldap.json				    \
 	perl/t/data/duo/integration-radius.json				    \
 	perl/t/data/duo/integration-rdp.json perl/t/data/duo/keys.json	    \
@@ -79,48 +82,52 @@ PERL_FILES = perl/Build.PL perl/MANIFEST perl/MANIFEST.SKIP perl/create-ddl \
 	perl/t/object/duo.t perl/t/object/duo-ldap.t			    \
 	perl/t/object/duo-pam.t perl/t/object/duo-radius.t		    \
 	perl/t/object/duo-rdp.t perl/t/object/file.t perl/t/object/keytab.t \
-	perl/t/object/wa-keyring.t perl/t/policy/stanford.t		    \
-	perl/t/style/minimum-version.t perl/t/style/strict.t		    \
-	perl/t/util/kadmin.t perl/t/verifier/basic.t			    \
-	perl/t/verifier/ldap-attr.t perl/t/verifier/netdb.t
+	perl/t/object/password.t perl/t/object/wa-keyring.t		    \
+	perl/t/policy/stanford.t perl/t/style/minimum-version.t		    \
+	perl/t/style/strict.t perl/t/util/kadmin.t perl/t/verifier/basic.t  \
+	perl/t/verifier/external.t perl/t/verifier/ldap-attr.t		    \
+	perl/t/verifier/nested.t perl/t/verifier/netdb.t

 # Directories that have to be created in builddir != srcdir builds before
 # copying PERL_FILES over.
 PERL_DIRECTORIES = perl perl/lib perl/lib/Wallet perl/lib/Wallet/ACL	    \
 	perl/lib/Wallet/ACL/Krb5 perl/lib/Wallet/ACL/LDAP		    \
-	perl/lib/Wallet/ACL/NetDB perl/lib/Wallet/Kadmin		    \
-	perl/lib/Wallet/Object perl/lib/Wallet/Object/Duo		    \
+	perl/lib/Wallet/ACL/LDAP/Attribute perl/lib/Wallet/ACL/NetDB	    \
+	perl/lib/Wallet/Kadmin perl/lib/Wallet/Object			    \
 	perl/lib/Wallet/Policy perl/lib/Wallet/Schema			    \
 	perl/lib/Wallet/Schema/Result perl/sql perl/t perl/t/data	    \
 	perl/t/data/duo perl/t/docs perl/t/general perl/t/lib perl/t/object \
 	perl/t/policy perl/t/style perl/t/util perl/t/verifier

 ACLOCAL_AMFLAGS = -I m4
-EXTRA_DIST = .gitignore LICENSE autogen client/wallet.pod		   \
-	client/wallet-rekey.pod config/allow-extract config/keytab	   \
-	config/keytab.acl config/wallet config/wallet-report.acl	   \
-	docs/design contrib/README contrib/convert-srvtab-db		   \
-	contrib/used-principals contrib/wallet-contacts			   \
-	contrib/wallet-rekey-periodic contrib/wallet-rekey-periodic.8	   \
-	contrib/wallet-summary contrib/wallet-summary.8			   \
-	contrib/wallet-unknown-hosts contrib/wallet-unknown-hosts.8	   \
-	docs/design-acl docs/design-api docs/netdb-role-api docs/notes	   \
-	docs/objects-and-schemes docs/setup docs/stanford-naming	   \
-	examples/stanford.conf tests/HOWTO tests/TESTS tests/config/README \
-	tests/data/allow-extract tests/data/basic.conf tests/data/cmd-fake \
-	tests/data/cmd-wrapper tests/data/fake-data tests/data/fake-kadmin \
-	tests/data/fake-keytab tests/data/fake-keytab-2			   \
-	tests/data/fake-keytab-foreign tests/data/fake-keytab-merge	   \
-	tests/data/fake-keytab-old tests/data/fake-keytab-partial	   \
-	tests/data/fake-keytab-partial-result tests/data/fake-keytab-rekey \
-	tests/data/fake-keytab-unknown tests/data/fake-srvtab		   \
-	tests/data/full.conf tests/data/perl.conf tests/data/wallet.conf   \
-	tests/docs/pod-spelling-t tests/docs/pod-t			   \
-	tests/perl/minimum-version-t tests/perl/strict-t		   \
-	tests/server/admin-t tests/server/backend-t tests/server/keytab-t  \
-	tests/server/report-t tests/tap/kerberos.sh tests/tap/libtap.sh	   \
-	tests/tap/perl/Test/RRA.pm tests/tap/perl/Test/RRA/Automake.pm	   \
-	tests/tap/perl/Test/RRA/Config.pm tests/tap/remctl.sh		   \
+EXTRA_DIST = .gitignore .travis.yml LICENSE autogen client/wallet.pod	    \
+	client/wallet-rekey.pod config/allow-extract config/keytab	    \
+	config/keytab.acl config/wallet config/wallet-report.acl	    \
+	docs/design contrib/README contrib/commerzbank/wallet-history	    \
+	contrib/convert-srvtab-db contrib/used-principals		    \
+	contrib/wallet-contacts contrib/wallet-rekey-periodic		    \
+	contrib/wallet-rekey-periodic.8 contrib/wallet-summary		    \
+	contrib/wallet-summary.8 contrib/wallet-unknown-hosts		    \
+	contrib/wallet-unknown-hosts.8 docs/design-acl docs/design-api	    \
+	docs/netdb-role-api docs/notes docs/objects-and-schemes docs/setup  \
+	docs/stanford-naming examples/stanford.conf tests/HOWTO tests/TESTS \
+	tests/config/README tests/data/allow-extract tests/data/basic.conf  \
+	tests/data/cmd-fake tests/data/cmd-wrapper tests/data/fake-data	    \
+	tests/data/fake-kadmin tests/data/fake-keytab			    \
+	tests/data/fake-keytab-2 tests/data/fake-keytab-foreign		    \
+	tests/data/fake-keytab-merge tests/data/fake-keytab-old		    \
+	tests/data/fake-keytab-partial					    \
+	tests/data/fake-keytab-partial-result tests/data/fake-keytab-rekey  \
+	tests/data/fake-keytab-unknown tests/data/fake-srvtab		    \
+	tests/data/full.conf tests/data/perl.conf tests/data/wallet.conf    \
+	tests/docs/pod-spelling-t tests/docs/pod-t			    \
+	tests/perl/minimum-version-t tests/perl/module-version-t	    \
+	tests/perl/strict-t tests/server/admin-t tests/server/backend-t	    \
+	tests/server/keytab-t tests/server/report-t tests/tap/kerberos.sh   \
+	tests/tap/libtap.sh tests/tap/perl/Test/RRA.pm			    \
+	tests/tap/perl/Test/RRA/Automake.pm				    \
+	tests/tap/perl/Test/RRA/Config.pm				    \
+	tests/tap/perl/Test/RRA/ModuleVersion.pm tests/tap/remctl.sh	    \
 	tests/util/xmalloc-t $(PERL_FILES)

 # Supporting convenience libraries used by other targets.
@@ -173,22 +180,28 @@ dist_pkgdata_DATA = perl/sql/Wallet-Schema-0.07-0.08-MySQL.sql	\
 	perl/sql/Wallet-Schema-0.09-PostgreSQL.sql		\
 	perl/sql/Wallet-Schema-0.09-SQLite.sql

-# A set of flags for warnings.	Add -O because gcc won't find some warnings
+# A set of flags for warnings.  Add -O because gcc won't find some warnings
 # without optimization turned on.  Desirable warnings that can't be turned
 # on due to other problems:
 #
-#     -Wconversion	http://bugs.debian.org/488884 (htons warnings)
+#     -Wconversion      http://bugs.debian.org/488884 (htons warnings)
 #
-# Last checked against gcc 4.8.2 (2014-04-12).	-D_FORTIFY_SOURCE=2 enables
+# Last checked against gcc 4.8.2 (2014-04-12).  -D_FORTIFY_SOURCE=2 enables
 # warn_unused_result attribute markings on glibc functions on Linux, which
 # catches a few more issues.
-WARNINGS = -g -O -fstrict-overflow -fstrict-aliasing -D_FORTIFY_SOURCE=2    \
-	-Wall -Wextra -Wendif-labels -Wformat=2 -Winit-self -Wswitch-enum   \
-	-Wstrict-overflow=5 -Wfloat-equal -Wdeclaration-after-statement	    \
-	-Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align	    \
-	-Wwrite-strings -Wjump-misses-init -Wlogical-op -Wstrict-prototypes \
-	-Wold-style-definition -Wmissing-prototypes -Wnormalized=nfc	    \
-	-Wpacked -Wredundant-decls -Wnested-externs -Winline -Wvla -Werror
+if WARNINGS_GCC
+    WARNINGS = -g -O -fstrict-overflow -fstrict-aliasing -D_FORTIFY_SOURCE=2 \
+        -Wall -Wextra -Wendif-labels -Wformat=2 -Winit-self -Wswitch-enum    \
+        -Wstrict-overflow=5 -Wmissing-format-attribute -Wfloat-equal         \
+        -Wdeclaration-after-statement -Wshadow -Wpointer-arith               \
+        -Wbad-function-cast -Wcast-align -Wwrite-strings -Wjump-misses-init  \
+        -Wlogical-op -Wstrict-prototypes -Wold-style-definition              \
+        -Wmissing-prototypes -Wnormalized=nfc -Wpacked -Wredundant-decls     \
+        -Wnested-externs -Winline -Wvla -Werror
+endif
+if WARNINGS_CLANG
+    WARNINGS = -Weverything -Wno-padded
+endif

 warnings:
 	$(MAKE) V=0 CFLAGS='$(WARNINGS)' KRB5_CPPFLAGS='$(KRB5_CPPFLAGS_GCC)'
@@ -247,8 +260,10 @@ clean-local:
 	    cd perl && ./Build realclean ;		\
 	fi

-# Remove the files that we copy over if and only if builddir != srcdir.
+# Remove the Autoconf cache.  Remove the files that we copy over if and only
+# if builddir != srcdir.
 distclean-local:
+	rm -rf autom4te.cache
 	set -e; if [ x"$(builddir)" != x"$(srcdir)" ] ; then	\
 	    for f in $(PERL_FILES) ; do				\
 		rm -f "$(builddir)/$$f" ;			\
@@ -258,8 +273,7 @@ distclean-local:
 # The bits below are for the test suite, not for the main package.
 check_PROGRAMS = tests/runtests tests/portable/asprintf-t	\
 	tests/portable/mkstemp-t tests/portable/setenv-t	\
-	tests/portable/snprintf-t tests/portable/strlcat-t	\
-	tests/portable/strlcpy-t tests/util/messages-krb5-t	\
+	tests/portable/snprintf-t tests/util/messages-krb5-t	\
 	tests/util/messages-t tests/util/xmalloc
 tests_runtests_CPPFLAGS = -DSOURCE='"$(abs_top_srcdir)/tests"' \
 	-DBUILD='"$(abs_top_builddir)/tests"'
@@ -283,12 +297,6 @@ tests_portable_setenv_t_LDADD = tests/tap/libtap.a portable/libportable.a
 tests_portable_snprintf_t_SOURCES = tests/portable/snprintf-t.c \
 	tests/portable/snprintf.c
 tests_portable_snprintf_t_LDADD = tests/tap/libtap.a portable/libportable.a
-tests_portable_strlcat_t_SOURCES = tests/portable/strlcat-t.c \
-	tests/portable/strlcat.c
-tests_portable_strlcat_t_LDADD = tests/tap/libtap.a portable/libportable.a
-tests_portable_strlcpy_t_SOURCES = tests/portable/strlcpy-t.c \
-	tests/portable/strlcpy.c
-tests_portable_strlcpy_t_LDADD = tests/tap/libtap.a portable/libportable.a
 tests_util_messages_krb5_t_CPPFLAGS = $(KRB5_CPPFLAGS)
 tests_util_messages_krb5_t_LDFLAGS = $(KRB5_LDFLAGS)
 tests_util_messages_krb5_t_LDADD = tests/tap/libtap.a util/libutil.a \

--- a/Makefile.in
+++ b/Makefile.in
--- a/NEWS
+++ b/NEWS
                       User-Visible wallet Changes

+wallet 1.3 (2016-01-17)
+
+    This release adds initial, experimental support for using Active
+    Directory as the KDC for keytab creation.  The interface to Active
+    Directory uses a combination of direct LDAP queries and the msktutil
+    utility.  This version does not support the wallet unchanging flag.
+    Unchanging requires that a keytab be retrieved without changing the
+    password/kvno which is not supported by msktutil.  Active Directory
+    can be selected by setting KEYTAB_KRBTYPE to AD in the wallet
+    configuration.  Multiple other configuration options must also be set;
+    see Wallet::Config for more information and README for the additional
+    Perl modules required.  Thanks to Bill MacAllister for the
+    implementation.
+
+    A new ACL type, nested (Wallet::ACL::Nested), is now supported.  The
+    identifier of this ACL names another ACL, and access is granted if
+    that ACL would grant access.  This lets one combine multiple other
+    ACLs and apply the union to an object.  To enable this ACL type for an
+    existing wallet database, use wallet-admin to register the new
+    verifier.
+
+    A new ACL type, external (Wallet::ACL::External), is now supported.
+    This ACL runs an external command to check if access is allowed, and
+    passes the principal, type and name of the object, and the ACL
+    identifier to that command.  To enable this ACL type for an existing
+    wallet database, use wallet-admin to register the new verifier.
+
+    A new variation on the ldap-attr ACL type, ldap-attr-root
+    (Wallet::ACL::LDAP::Attribute::Root), is now supported.  This is
+    similar to netdb-root (compared to netdb): the authenticated principal
+    must end in /root, and the LDAP entry checked will be for the same
+    principal without the /root component.  This is useful for limiting
+    access to certain privileged objects to Kerberos root instances.  To
+    enable this ACL type for an existing wallet database, use wallet-admin
+    to register the new verifier.
+
+    A new object type, password (Wallet::Object::Password), is now
+    supported.  This is a subclass of the file object that will randomly
+    generate content for the object if you do a get before storing any
+    content inside it.  To enable this object type for an existing
+    database, use wallet-admin to register the new object.
+
+    Add a new command to wallet-backend, update.  This will update the
+    contents of an object before running a get on it, and is only valid
+    for objects that can automatically get new content, such as keytab and
+    password objects.  A keytab will get a new kvno regardless of the
+    unchanging flag if called with update.  In a future release get will
+    be changed to never update a keytab, and the unchanging flag will be
+    ignored.  Please start moving to use get or update as the situation
+    warrants.
+
+    Add an acl replace command, to change all objects owned by one ACL to
+    be owned by another.  This currently only handles owner, not any of
+    the more specific ACLs.
+
+    All ACL operations now refer to the ACL by name rather than ID.
+
+    Add a report for unstored objects to wallet-report, and cleaned up the
+    help for the existing unused report that implied it showed unstored as
+    well as unused.
+
+    Add reports that list all object types (types) and all ACL schemes
+    (schemes) currently registered in the wallet database.
+
+    Add a report of all ACLs that nest a given ACL.  This requires some
+    additional local configuration (and probably some code).  See
+    Wallet::Config for more information.
+
+    Took contributions from Commerzbank AG to improve wallet history.  Add
+    a command to dump all object history for searching on to
+    wallet-report, and add a new script for more detailed object history
+    operations to the contrib directory.
+
+    Displays of ACLs and ACL entries are now sorted correctly.
+
+    The versions of all of the wallet Perl modules now match the overall
+    package version except for Wallet::Schema, which is used to version
+    the database schema.
+
+    Update to rra-c-util 5.10:
+
+    * Add missing va_end to xasprintf implementation.
+    * Fix Perl test suite framework for new Automake relative paths.
+    * Improve portability to Kerberos included in Solaris 10.
+    * Use appropriate warning flags with Clang (currently not warning clean).
+
+    Update to C TAP Harness 3.4:
+
+    * Fix segfault in runtests with an empty test list.
+    * Display verbose test results with -v or C_TAP_VERBOSE.
+    * Test infrastructure builds cleanly with Clang warnings.
+    * Support comments and blank lines in test lists.
+
 wallet 1.2 (2014-12-08)

    The duo object type has been split into several sub-types, each for a

--- a/README
+++ b/README
-                            wallet release 1.2
+                            wallet release 1.3
                     (secure data management system)

                Written by Russ Allbery <eagle@eyrie.org>

-  Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013, 2014 The Board of
-  Trustees of the Leland Stanford Junior University.  This software is
-  distributed under a BSD-style license.  Please see the section LICENSE
-  below for more information.
+  Copyright 2014, 2016 Russ Allbery <eagle@eyrie.org>.  Copyright 2006,
+  2007, 2008, 2009, 2010, 2012, 2013, 2014 The Board of Trustees of the
+  Leland Stanford Junior University.  This software is distributed under a
+  BSD-style license.  Please see the section LICENSE below for more
+  information.

 BLURB

@@ -91,12 +92,15 @@ REQUIREMENTS
  on CPAN for older versions.

  The keytab support in the wallet server supports either Heimdal or MIT
-  Kerberos KDCs.  The Heimdal support requires the Heimdal::Kadm5 Perl
-  module.  The MIT Kerberos support requires the MIT Kerberos kadmin
-  client program be installed.  In either case, wallet also requires that
-  the wallet server have a keytab for a principal with appropriate access
-  to create, modify, and delete principals from the KDC (as configured in
-  kadm5.acl on an MIT Kerberos KDC).
+  Kerberos KDCs and has exeprimental support for Active Directory.  The
+  Heimdal support requires the Heimdal::Kadm5 Perl module.  The MIT
+  Kerberos support requires the MIT Kerberos kadmin client program be
+  installed.  The Active Directory support requires the Net::LDAP,
+  Authen::SASL, and IPC::Run Perl modules and the msktutil client program.
+  In all cases, wallet also requires that the wallet server have a keytab
+  for a principal with appropriate access to create, modify, and delete
+  principals from the KDC (as configured in kadm5.acl on an MIT Kerberos
+  KDC).

  To support the unchanging flag on keytab objects with an MIT Kerberos
  KDC, the Net::Remctl Perl module (shipped with remctl) must be installed
@@ -109,7 +113,10 @@ REQUIREMENTS
  WebAuth Perl module from WebAuth 4.4.0 or later.

  The Duo integration object support in the wallet server requires the
-  Net::Duo Perl module.
+  Net::Duo, JSON, and Perl6::Slurp Perl modules.
+
+  The password object support in the wallet server requires the
+  Crypt::GeneratePassword Perl module.

  To support the LDAP attribute ACL verifier, the Authen::SASL and
  Net::LDAP Perl modules must be installed on the server.  This verifier
@@ -336,14 +343,19 @@ THANKS
  security models.

  To Jon Robertson for the refactoring of Wallet::Kadmin, Heimdal support,
-  many of the wallet server-side reports, and the initial wallet-rekey
-  implementation.
+  many of the wallet server-side reports, the initial wallet-rekey
+  implementation, and lots of work on object and ACL types including
+  nested ACLs.
+
+  To Bill MacAllister for Wallet::Kadmin::AD and the implementation of
+  keytab object types backed by Active Directory.

 LICENSE

  The wallet distribution as a whole is covered by the following copyright
  statement and license:

+    Copyright 2014, 2016 Russ Allbery <eagle@eyrie.org>
    Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013, 2014
        The Board of Trustees of the Leland Stanford Junior University


--- a/TODO
+++ b/TODO
--- a/aclocal.m4
+++ b/aclocal.m4
-# generated automatically by aclocal 1.14.1 -*- Autoconf -*-
+# generated automatically by aclocal 1.15 -*- Autoconf -*-

-# Copyright (C) 1996-2013 Free Software Foundation, Inc.
+# Copyright (C) 1996-2014 Free Software Foundation, Inc.

 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -21,7 +21,7 @@ If you have problems, you may need to regenerate the build system entirely.
 To do so, use the procedure documented by the package, typically 'autoreconf'.])])

 # longlong.m4 serial 17
-dnl Copyright (C) 1999-2007, 2009-2014 Free Software Foundation, Inc.
+dnl Copyright (C) 1999-2007, 2009-2015 Free Software Foundation, Inc.
 dnl This file is free software; the Free Software Foundation
 dnl gives unlimited permission to copy and/or distribute it,
 dnl with or without modifications, as long as this notice is preserved.
@@ -134,7 +134,7 @@ AC_DEFUN([_AC_TYPE_LONG_LONG_SNIPPET],
              | (ullmax / ull) | (ullmax % ull));]])
 ])

-# Copyright (C) 2002-2013 Free Software Foundation, Inc.
+# Copyright (C) 2002-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -146,10 +146,10 @@ AC_DEFUN([_AC_TYPE_LONG_LONG_SNIPPET],
 # generated from the m4 files accompanying Automake X.Y.
 # (This private macro should not be called outside this file.)
 AC_DEFUN([AM_AUTOMAKE_VERSION],
-[am__api_version='1.14'
+[am__api_version='1.15'
 dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
 dnl require some minimum version.  Point them to the right macro.
-m4_if([$1], [1.14.1], [],
+m4_if([$1], [1.15], [],
      [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
 ])

@@ -165,12 +165,12 @@ m4_define([_AM_AUTOCONF_VERSION], [])
 # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
 # This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
 AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
-[AM_AUTOMAKE_VERSION([1.14.1])dnl
+[AM_AUTOMAKE_VERSION([1.15])dnl
 m4_ifndef([AC_AUTOCONF_VERSION],
  [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
 _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])

-# Copyright (C) 2011-2013 Free Software Foundation, Inc.
+# Copyright (C) 2011-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -232,7 +232,7 @@ AC_SUBST([AR])dnl

 # AM_AUX_DIR_EXPAND                                         -*- Autoconf -*-

-# Copyright (C) 2001-2013 Free Software Foundation, Inc.
+# Copyright (C) 2001-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -284,7 +284,7 @@ am_aux_dir=`cd "$ac_aux_dir" && pwd`

 # AM_CONDITIONAL                                            -*- Autoconf -*-

-# Copyright (C) 1997-2013 Free Software Foundation, Inc.
+# Copyright (C) 1997-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -315,7 +315,7 @@ AC_CONFIG_COMMANDS_PRE(
 Usually this means the macro was only invoked conditionally.]])
 fi])])

-# Copyright (C) 1999-2013 Free Software Foundation, Inc.
+# Copyright (C) 1999-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -506,7 +506,7 @@ _AM_SUBST_NOTMAKE([am__nodep])dnl

 # Generate code to set up dependency tracking.              -*- Autoconf -*-

-# Copyright (C) 1999-2013 Free Software Foundation, Inc.
+# Copyright (C) 1999-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -582,7 +582,7 @@ AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],

 # Do all the work for Automake.                             -*- Autoconf -*-

-# Copyright (C) 1996-2013 Free Software Foundation, Inc.
+# Copyright (C) 1996-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -672,8 +672,8 @@ AC_REQUIRE([AC_PROG_MKDIR_P])dnl
 # <http://lists.gnu.org/archive/html/automake/2012-07/msg00001.html>
 # <http://lists.gnu.org/archive/html/automake/2012-07/msg00014.html>
 AC_SUBST([mkdir_p], ['$(MKDIR_P)'])
-# We need awk for the "check" target.  The system "awk" is bad on
-# some platforms.
+# We need awk for the "check" target (and possibly the TAP driver).  The
+# system "awk" is bad on some platforms.
 AC_REQUIRE([AC_PROG_AWK])dnl
 AC_REQUIRE([AC_PROG_MAKE_SET])dnl
 AC_REQUIRE([AM_SET_LEADING_DOT])dnl
@@ -747,6 +747,9 @@ END
    AC_MSG_ERROR([Your 'rm' program is bad, sorry.])
  fi
 fi
+dnl The trailing newline in this macro's definition is deliberate, for
+dnl backward compatibility and to allow trailing 'dnl'-style comments
+dnl after the AM_INIT_AUTOMAKE invocation. See automake bug#16841.
 ])

 dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion.  Do not
@@ -776,7 +779,7 @@ for _am_header in $config_headers :; do
 done
 echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])

-# Copyright (C) 2001-2013 Free Software Foundation, Inc.
+# Copyright (C) 2001-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -787,7 +790,7 @@ echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_co
 # Define $install_sh.
 AC_DEFUN([AM_PROG_INSTALL_SH],
 [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
-if test x"${install_sh}" != xset; then
+if test x"${install_sh+set}" != xset; then
  case $am_aux_dir in
  *\ * | *\	*)
    install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;;
@@ -797,7 +800,7 @@ if test x"${install_sh}" != xset; then
 fi
 AC_SUBST([install_sh])])

-# Copyright (C) 2003-2013 Free Software Foundation, Inc.
+# Copyright (C) 2003-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -819,7 +822,7 @@ AC_SUBST([am__leading_dot])])
 # Add --enable-maintainer-mode option to configure.         -*- Autoconf -*-
 # From Jim Meyering

-# Copyright (C) 1996-2013 Free Software Foundation, Inc.
+# Copyright (C) 1996-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -854,7 +857,7 @@ AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles])

 # Check to see how 'make' treats includes.	            -*- Autoconf -*-

-# Copyright (C) 2001-2013 Free Software Foundation, Inc.
+# Copyright (C) 2001-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -904,7 +907,7 @@ rm -f confinc confmf

 # Fake the existence of programs that GNU maintainers use.  -*- Autoconf -*-

-# Copyright (C) 1997-2013 Free Software Foundation, Inc.
+# Copyright (C) 1997-2014 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -943,7 +946,7 @@ fi

 # Helper functions for option handling.                     -*- Autoconf -*-