+Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu)
+
+ * do_as_req.c, do_tgs_req.c, kdc_util.c, kerberos_v4.c, main.c :
+ s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g
Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu)
const char *status;
krb5_encrypt_block eblock;
krb5_key_data *server_key, *client_key;
- krb5_keytype usekeytype;
+ krb5_enctype useenctype;
#ifdef KRBCONF_KDC_MODIFIES_KDB
krb5_boolean update_client = 0;
#endif /* KRBCONF_KDC_MODIFIES_KDB */
}
for (i = 0; i < request->nktypes; i++) {
- if (!valid_keytype(request->ktype[i]))
+ if (!valid_enctype(request->ktype[i]))
continue;
- if (request->ktype[i] == KEYTYPE_DES_CBC_MD5 &&
+ if (request->ktype[i] == ENCTYPE_DES_CBC_MD5 &&
!isflagset(server.attributes, KRB5_KDB_SUPPORT_DESMD5))
continue;
* Find the server key of the appropriate type. If we could specify
* a kvno, it would be supplied here.
*/
- if (!krb5_dbe_find_keytype(kdc_context, &server, request->ktype[i],
+ if (!krb5_dbe_find_enctype(kdc_context, &server, request->ktype[i],
-1, /* Ignore salttype */
-1, /* Get highest kvno */
&server_key))
/* unsupported ktype */
krb5_klog_syslog(LOG_INFO,"AS_REQ: BAD ENCRYPTION TYPE: host %s, %s for %s",
fromstring, cname, sname);
- retval = prepare_error_as(request, KDC_ERR_KEYTYPE_NOSUPP, 0, response);
+ retval = prepare_error_as(request, KDC_ERR_ENCTYPE_NOSUPP, 0, response);
goto errout;
got_a_key:;
- usekeytype = request->ktype[i];
- krb5_use_keytype(kdc_context, &eblock, request->ktype[i]);
+ useenctype = request->ktype[i];
+ krb5_use_enctype(kdc_context, &eblock, request->ktype[i]);
if ((retval = krb5_random_key(kdc_context, &eblock,
- krb5_keytype_array[usekeytype]->random_sequence,
+ krb5_enctype_array[useenctype]->random_sequence,
&session_key))) {
/* random key failed */
krb5_klog_syslog(LOG_INFO,"AS_REQ: RANDOM KEY FAILED: host %s, %s for %s",
krb5_key_salt_tuple *kslist;
kslist = (krb5_key_salt_tuple *) kdc_active_realm->realm_kstypes;
- if (!krb5_dbe_find_keytype(kdc_context,
+ if (!krb5_dbe_find_enctype(kdc_context,
&client,
- kslist[i].ks_keytype,
+ kslist[i].ks_enctype,
kslist[i].ks_salttype,
-1,
&client_key))
krb5_klog_syslog(LOG_INFO,
"AS_REQ: CANNOT FIND CLIENT KEY: host %s, %s for %s",
fromstring, cname, sname);
- retval = prepare_error_as(request, KDC_ERR_KEYTYPE_NOSUPP, 0, response);
+ retval = prepare_error_as(request, KDC_ERR_ENCTYPE_NOSUPP, 0, response);
goto errout;
}
/* now encode/encrypt the response */
- reply.enc_part.keytype = usekeytype;
+ reply.enc_part.enctype = useenctype;
reply.enc_part.kvno = client_key->key_data_kvno;
/* convert client.key_data into a real key */
{
krb5_keyblock * subkey;
krb5_encrypt_block eblock;
- krb5_keytype second_ticket_ktype = KEYTYPE_UNKNOWN;
+ krb5_enctype second_ticket_ktype = ENCTYPE_UNKNOWN;
krb5_kdc_req *request = 0;
krb5_db_entry server;
krb5_kdc_rep reply;
char *cname = 0, *sname = 0, *tmp = 0, *fromstring = 0;
krb5_last_req_entry *nolrarray[2], nolrentry;
/* krb5_address *noaddrarray[1]; */
- krb5_keytype usekeytype;
+ krb5_enctype useenctype;
int errcode, errcode2;
register int i;
int firstpass = 1;
* use to encrypt the ticket!
*/
if (isflagset(request->kdc_options, KDC_OPT_ENC_TKT_IN_SKEY))
- second_ticket_ktype = request->second_ticket[st_idx]->enc_part.keytype;
+ second_ticket_ktype = request->second_ticket[st_idx]->enc_part.enctype;
for (i = 0; i < request->nktypes; i++) {
- krb5_keytype ok_keytype;
+ krb5_enctype ok_enctype;
- if (!valid_keytype(request->ktype[i]))
+ if (!valid_enctype(request->ktype[i]))
continue;
- if (second_ticket_ktype != KEYTYPE_UNKNOWN &&
+ if (second_ticket_ktype != ENCTYPE_UNKNOWN &&
second_ticket_ktype != request->ktype[i])
continue;
- if (request->ktype[i] == KEYTYPE_DES_CBC_MD5 &&
+ if (request->ktype[i] == ENCTYPE_DES_CBC_MD5 &&
!isflagset(server.attributes, KRB5_KDB_SUPPORT_DESMD5))
continue;
- ok_keytype = request->ktype[i];
+ ok_enctype = request->ktype[i];
for (ok_key_data = 0; ok_key_data < server.n_key_data; ok_key_data++)
- if (server.key_data[ok_key_data].key_data_type[0] == ok_keytype)
+ if (server.key_data[ok_key_data].key_data_type[0] == ok_enctype)
goto got_a_key;
}
goto cleanup;
got_a_key:;
- usekeytype = request->ktype[i];
- krb5_use_keytype(kdc_context, &eblock, usekeytype);
+ useenctype = request->ktype[i];
+ krb5_use_enctype(kdc_context, &eblock, useenctype);
retval = krb5_random_key(kdc_context, &eblock,
- krb5_keytype_array[usekeytype]->random_sequence,
+ krb5_enctype_array[useenctype]->random_sequence,
&session_key);
if (retval) {
/* random key failed */
krb5_data scratch;
/* decrypt the authdata in the request */
- if (!valid_keytype(request->authorization_data.keytype)) {
+ if (!valid_enctype(request->authorization_data.enctype)) {
status = "BAD_AUTH_ETYPE";
errcode = KRB5KDC_ERR_ETYPE_NOSUPP;
goto cleanup;
}
/* put together an eblock for this encryption */
- krb5_use_keytype(kdc_context, &eblock,
- request->authorization_data.keytype);
+ krb5_use_enctype(kdc_context, &eblock,
+ request->authorization_data.enctype);
scratch.length = request->authorization_data.ciphertext.length;
if (!(scratch.data =
}
ticket_reply.enc_part.kvno = 0;
- ticket_reply.enc_part.keytype =
- request->second_ticket[st_idx]->enc_part2->session->keytype;
- krb5_use_keytype(kdc_context, &eblock, ticket_reply.enc_part.keytype);
+ ticket_reply.enc_part.enctype =
+ request->second_ticket[st_idx]->enc_part2->session->enctype;
+ krb5_use_enctype(kdc_context, &eblock, ticket_reply.enc_part.enctype);
if ((retval = krb5_encrypt_tkt_part(kdc_context, &eblock,
request->second_ticket[st_idx]->enc_part2->session,
&ticket_reply))) {
}
ticket_reply.enc_part.kvno = server.key_data[ok_key_data].key_data_kvno;
- ticket_reply.enc_part.keytype = usekeytype;
- krb5_use_keytype(kdc_context, &eblock, ticket_reply.enc_part.keytype);
+ ticket_reply.enc_part.enctype = useenctype;
+ krb5_use_enctype(kdc_context, &eblock, ticket_reply.enc_part.enctype);
retval = krb5_encrypt_tkt_part(kdc_context, &eblock, &encrypting_key,
&ticket_reply);
/* use the session key in the ticket, unless there's a subsession key
in the AP_REQ */
- reply.enc_part.keytype = subkey ? subkey->keytype :
- header_ticket->enc_part2->session->keytype;
- krb5_use_keytype(kdc_context, &eblock, reply.enc_part.keytype);
+ reply.enc_part.enctype = subkey ? subkey->enctype :
+ header_ticket->enc_part2->session->enctype;
+ krb5_use_enctype(kdc_context, &eblock, reply.enc_part.enctype);
retval = krb5_encode_kdc_rep(kdc_context, KRB5_TGS_REP, &reply_encpart,
&eblock, subkey ? subkey :
krb5_key_salt_tuple *kslist;
kslist = (krb5_key_salt_tuple *) kdc_active_realm->realm_kstypes;
- if (!krb5_dbe_find_keytype(kdc_context,
+ if (!krb5_dbe_find_enctype(kdc_context,
&server,
- kslist[i].ks_keytype,
+ kslist[i].ks_enctype,
-1,
-1,
&server_key))
return(nprinc);
}
- if (krb5_dbe_find_keytype(kdc_context,
+ if (krb5_dbe_find_enctype(kdc_context,
&entries,
- KEYTYPE_DES_CBC_CRC,
+ ENCTYPE_DES_CBC_CRC,
KRB5_KDB_SALTTYPE_V4,
-1,
&pkey)) {
*/
static krb5_error_code
init_realm(progname, rdp, realm, def_dbname, def_mpname,
- def_keytype, def_port, def_sport, def_manual)
+ def_enctype, def_port, def_sport, def_manual)
char *progname;
kdc_realm_t *rdp;
char *realm;
char *def_dbname;
char *def_mpname;
- krb5_keytype def_keytype;
+ krb5_enctype def_enctype;
krb5_int32 def_port;
krb5_int32 def_sport;
krb5_boolean def_manual;
KRB5_KDB_M_NAME;
/* Handle master key type */
- if (rparams && rparams->realm_keytype_valid)
- rdp->realm_mkey.keytype =
- (krb5_keytype) rparams->realm_keytype;
+ if (rparams && rparams->realm_enctype_valid)
+ rdp->realm_mkey.enctype =
+ (krb5_enctype) rparams->realm_enctype;
else
- rdp->realm_mkey.keytype = (def_keytype) ? def_keytype :
- KEYTYPE_DES_CBC_CRC;
+ rdp->realm_mkey.enctype = (def_enctype) ? def_enctype :
+ ENCTYPE_DES_CBC_CRC;
/* Handle KDC port */
if (rparams && rparams->realm_kdc_pport_valid)
*/
if ((kslist = (krb5_key_salt_tuple *)
malloc(sizeof(krb5_key_salt_tuple)))) {
- kslist->ks_keytype = KEYTYPE_DES_CBC_CRC;
+ kslist->ks_enctype = ENCTYPE_DES_CBC_CRC;
kslist->ks_salttype = KRB5_KDB_SALTTYPE_NORMAL;
rdp->realm_kstypes = kslist;
rdp->realm_nkstypes = 1;
}
/* Select the specified encryption type */
- krb5_use_keytype(rdp->realm_context, &rdp->realm_encblock,
- rdp->realm_mkey.keytype);
+ krb5_use_enctype(rdp->realm_context, &rdp->realm_encblock,
+ rdp->realm_mkey.enctype);
/*
* Get the master key.
*/
kdata = (krb5_key_data *) NULL;
for (i=0; i<nkslist; i++) {
- if ((kret = krb5_dbe_find_keytype(rdp->realm_context,
+ if ((kret = krb5_dbe_find_enctype(rdp->realm_context,
&db_entry,
- kslist[i].ks_keytype,
+ kslist[i].ks_enctype,
-1,
-1,
&kdata)))
*/
kdata = (krb5_key_data *) NULL;
for (i=0; i<nkslist; i++) {
- if ((kret = krb5_dbe_find_keytype(rdp->realm_context,
+ if ((kret = krb5_dbe_find_enctype(rdp->realm_context,
&db_entry,
- kslist[i].ks_keytype,
+ kslist[i].ks_enctype,
-1,
-1,
&kdata)))
}
}
if (!rkey_init_done) {
- krb5_keytype keytype;
+ krb5_enctype enctype;
/*
* If all that worked, then initialize the random key
* generators.
*/
- for (keytype = 0; keytype <= krb5_max_keytype; keytype++) {
- if (krb5_keytype_array[keytype]) {
- if ((kret = (*krb5_keytype_array[keytype]->system->
+ for (enctype = 0; enctype <= krb5_max_enctype; enctype++) {
+ if (krb5_enctype_array[enctype]) {
+ if ((kret = (*krb5_enctype_array[enctype]->system->
init_random_key)
(&rdp->realm_mkey,
- &krb5_keytype_array[keytype]->random_sequence))) {
+ &krb5_enctype_array[enctype]->random_sequence))) {
com_err(progname, kret,
- "while setting up random key generator for keytype %d--keytype disabled",
- keytype);
- krb5_keytype_array[keytype] = 0;
+ "while setting up random key generator for enctype %d--enctype disabled",
+ enctype);
+ krb5_enctype_array[enctype] = 0;
}
}
}
usage(name)
char *name;
{
- fprintf(stderr, "usage: %s [-d dbpathname] [-r dbrealmname] [-R replaycachename ]\n\t[-m] [-k masterkeytype] [-M masterkeyname] [-p port] [-n]\n", name);
+ fprintf(stderr, "usage: %s [-d dbpathname] [-r dbrealmname] [-R replaycachename ]\n\t[-m] [-k masterenctype] [-M masterkeyname] [-p port] [-n]\n", name);
return;
}
char *rcname = KDCRCACHE;
char *lrealm;
krb5_error_code retval;
- krb5_keytype mkeytype = KEYTYPE_DES_CBC_CRC;
+ krb5_enctype menctype = ENCTYPE_DES_CBC_CRC;
kdc_realm_t *rdatap;
krb5_boolean manual = FALSE;
krb5_int32 pport, sport;
if (!find_realm_data(optarg, (krb5_ui_4) strlen(optarg))) {
if ((rdatap = (kdc_realm_t *) malloc(sizeof(kdc_realm_t)))) {
if ((retval = init_realm(argv[0], rdatap, optarg, db_name,
- mkey_name, mkeytype, pport, sport,
+ mkey_name, menctype, pport, sport,
manual))) {
fprintf(stderr,"%s: cannot initialize realm %s\n",
argv[0], optarg);
case 'n':
nofork++; /* don't detach from terminal */
break;
- case 'k': /* keytype for master key */
- if (krb5_string_to_keytype(optarg, &mkeytype))
- com_err(argv[0], 0, "invalid keytype %s", optarg);
+ case 'k': /* enctype for master key */
+ if (krb5_string_to_enctype(optarg, &menctype))
+ com_err(argv[0], 0, "invalid enctype %s", optarg);
break;
case 'R':
rcname = optarg;
}
if ((rdatap = (kdc_realm_t *) malloc(sizeof(kdc_realm_t)))) {
if ((retval = init_realm(argv[0], rdatap, lrealm, db_name,
- mkey_name, mkeytype, pport, sport,
+ mkey_name, menctype, pport, sport,
manual))) {
fprintf(stderr,"%s: cannot initialize realm %s\n",
argv[0], lrealm);
projects / krb5.git / commitdiff