static const char *key_cpw_uniqerr_fmt = "%s: database entry for %s is not unique.\n";
static const char *key_cpw_parserr_fmt = "%s: cannot parse %s.\n";
static const char *key_keytab_fmt = "%s: cannot resolve keytab %s (%s).\n";
-static const char *key_bad_etype_fmt = "%s: bad etype %d (%s).\n";
static const char *key_def_realm_fmt = "%s: cannot find default realm (%s).\n";
static const char *key_setup_mkey_fmt = "%s: cannot setup master key name (%s).\n";
static const char *key_get_mkey_fmt = "%s: cannot retrieve master key (%s).\n";
static krb5_key_salt_tuple *key_ktents = (krb5_key_salt_tuple *) NULL;
static int key_ktents_inited = 0;
static krb5_key_salt_tuple default_ktent = {
- KEYTYPE_DES, KRB5_KDB_SALTTYPE_NORMAL
+ KEYTYPE_DES_CBC_MD5, KRB5_KDB_SALTTYPE_NORMAL
};
static char *key_db_name = (char *) NULL;
xxx.key_data = madmin_keys;
if (krb5_dbe_find_keytype(kcontext,
&xxx,
- KEYTYPE_DES,
+ KEYTYPE_DES_CBC_MD5,
-1,
-1,
&kdata))
kdata = &madmin_keys[0];
memset(&madmin_key, 0, sizeof(krb5_keyblock));
- madmin_key.keytype = KEYTYPE_DES;
- madmin_key.etype = ETYPE_UNKNOWN;
+ madmin_key.keytype = KEYTYPE_DES_CBC_MD5;
madmin_key.length = kdata->key_data_length[0];
madmin_key.contents = kdata->key_data_contents[0];
}
* key_init() - Initialize key context.
*/
krb5_error_code
-key_init(kcontext, debug_level, enc_type, key_type, master_key_name, manual,
+key_init(kcontext, debug_level, key_type, master_key_name, manual,
db_file, db_realm, kt_name, sf_name, nktent, ktents)
krb5_context kcontext;
int debug_level;
- int enc_type;
int key_type;
char *master_key_name;
int manual;
krb5_int32 nktent;
krb5_key_salt_tuple *ktents;
{
- krb5_enctype kdc_etype;
char *mkey_name;
krb5_error_code kret;
- krb5_enctype etype;
int one_success;
int number_of_entries;
krb5_boolean more_entries;
key_debug_level = debug_level;
DPRINT(DEBUG_CALLS, key_debug_level,
- ("* key_init(enc-type=%d, key-type=%d,\n\tmkeyname=%s, manual=%d,\n\tdb=%s,\n\trealm=%s,\n\tktab=%s)\n",
- enc_type, key_type,
+ ("* key_init(key-type=%d,\n\tmkeyname=%s, manual=%d,\n\tdb=%s,\n\trealm=%s,\n\tktab=%s)\n",
+ key_type,
((master_key_name) ? master_key_name : "(null)"),
manual,
((db_file) ? db_file : "(default)"),
/*
* Figure out arguments.
*/
- master_keyblock.keytype = ((key_type == -1) ? KEYTYPE_DES : key_type);
+ master_keyblock.keytype=((key_type == -1) ? KEYTYPE_DES_CBC_MD5 : key_type);
mkey_name = ((!master_key_name) ? KRB5_KDB_M_NAME : master_key_name);
- kdc_etype = ((enc_type == -1) ? DEFAULT_KDC_ETYPE : enc_type);
/*
* First, try to set up our keytab if supplied.
}
mkeytab_init = 1;
- if (!valid_etype(kdc_etype)) {
- kret = KRB5_PROG_ETYPE_NOSUPP;
- fprintf(stderr, key_bad_etype_fmt, programname, kdc_etype,
- error_message(kret));
- goto leave;
- }
if (!db_realm) {
kret = krb5_get_default_realm(kcontext, &master_realm);
if (kret) {
error_message(kret));
goto leave;
}
- }
- else {
+ } else {
if (kret = krb5_set_default_realm(kcontext, db_realm))
goto leave;
master_realm = (char *) malloc(strlen(db_realm)+1);
}
ment_init = 1;
- krb5_use_cstype(kcontext, &master_encblock, kdc_etype);
+ krb5_use_keytype(kcontext, &master_encblock, master_keyblock.keytype);
/* Go get the master key */
kret = krb5_db_fetch_mkey(kcontext,
&key_list);
if (!kret) {
for (i=0; i<num_keys; i++) {
- if ((key_list[i].key_data_type[0] == KEYTYPE_DES) &&
+ if ((key_list[i].key_data_type[0] == KEYTYPE_DES_CBC_MD5) &&
(key_list[i].key_data_length[0] == KRB5_MIT_DES_KEYSIZE) &&
mit_des_is_weak_key(key_list[i].key_data_contents[0])) {
weakness = 1;
#include "kadm5_defs.h"
#ifdef LANGUAGES_SUPPORTED
-static const char *usage_format = "%s: usage is %s [-a aclfile] [-d database] [-e enctype] [-m]\n\t[-k mkeytype] [-l langlist] [-p portnum] [-r realm] [-s stash] [-t timeout] [-n]\n\t[-D dbg] [-M mkeyname] [-T ktabname].\n";
+static const char *usage_format = "%s: usage is %s [-a aclfile] [-d database] [-m]\n\t[-k mkeytype] [-l langlist] [-p portnum] [-r realm] [-s stash] [-t timeout] [-n]\n\t[-D dbg] [-M mkeyname] [-T ktabname].\n";
static const char *getopt_string = "a:d:e:k:l:mnp:r:t:D:M:T:";
#else /* LANGUAGES_SUPPORTED */
-static const char *usage_format = "%s: usage is %s [-a aclfile] [-d database] [-e enctype] [-m]\n\t[-k mkeytype] [-p portnum] [-r realm] [-s stash] [-t timeout] [-n]\n\t[-D dbg] [-M mkeyname] [-T ktabname].\n";
+static const char *usage_format = "%s: usage is %s [-a aclfile] [-d database] [-m]\n\t[-k mkeytype] [-p portnum] [-r realm] [-s stash] [-t timeout] [-n]\n\t[-D dbg] [-M mkeyname] [-T ktabname].\n";
static const char *getopt_string = "a:d:e:k:mnp:r:t:D:M:T:";
#endif /* LANGUAGES_SUPPORTED */
static const char *fval_not_number = "%s: value (%s) specified for -%c is not numeric.\n";
int option;
krb5_error_code error;
- int enc_type = -1;
int key_type = -1;
int manual_entry = 0;
krb5_boolean mime_enabled = 0;
case 'd':
db_file = optarg;
break;
- case 'e':
- if (sscanf(optarg, "%d", &enc_type) != 1) {
- fprintf(stderr, fval_not_number, argv[0], optarg, 'e');
- error++;
- }
- break;
case 'm':
manual_entry++;
break;
if (rparams->realm_kadmind_port_valid)
service_port = rparams->realm_kadmind_port;
- /* Get the value for the encryption type */
- if (rparams->realm_enctype_valid)
- enc_type = rparams->realm_enctype;
-
/* Get the value for the stashfile */
if (rparams->realm_stash_file)
stash_name = strdup(rparams->realm_stash_file);
*/
error = key_init(kcontext,
debug_level,
- enc_type,
key_type,
master_key_name,
manual_entry,
projects / krb5.git / commitdiff