and use of service tickets for user principals is quite obscure and
rare in Kerberos, this seems like a better default.
+ Change the default allowed principal regex to allow two-character user
+ principals. This is just a default and can be overridden by setting
+ the allowed key in the configuration.
+
kadmin-remctl 3.3 (2013-03-25)
In the Heimdal version of kadmin-backend, retry the kadmin connection
sub check_principal {
my ($principal, $instance) = @_;
check_instance ($instance);
- my $regex = $CONFIG{$instance}{allowed} || '^[a-z][0-9a-z]{2,7}\z';
+ my $regex = $CONFIG{$instance}{allowed} || '^[a-z][0-9a-z]{1,7}\z';
if ($principal !~ /$regex/ || $RESERVED{$principal}) {
die "error: invalid principal: $principal\n";
}
All of these functions except for C<examine> and the C<instance> functions
by default only accept principals with no instances or realms, and that
-consist of three to eight characters starting with a lowercase letter and
+consist of two to eight characters starting with a lowercase letter and
containing only digits and lowercase letters. This can be overridden in
the configuration. C<instance> functions require a principal that fits
the same requirements and an instance that starts with a letter and
sub check_principal {
my ($principal, $instance) = @_;
check_instance ($instance);
- my $regex = $CONFIG{$instance}{allowed} || '^[a-z][0-9a-z]{2,7}\z';
+ my $regex = $CONFIG{$instance}{allowed} || '^[a-z][0-9a-z]{1,7}\z';
if ($principal !~ /$regex/ || $RESERVED{$principal}) {
die "error: invalid principal: $principal\n";
}
All of these functions except for C<examine> and the C<instance> functions
by default only accept principals with no instances or realms, and that
-consist of three to eight characters starting with a lowercase letter and
+consist of two to eight characters starting with a lowercase letter and
containing only digits and lowercase letters. This can be overridden in
the configuration. C<instance> functions require a principal that fits
the same requirements and an instance that starts with a letter and