Thu Oct 6 12:41:28 1994 Theodore Y. Ts'o (tytso@dcl)
+ * kdb5_mkdums.c (main, set_dbname_help): Allow master key password
+ to be passed in on the command line; to make testing
+ scripts simpler.
+
* kdb5_mkdums.c (add_princ): Initialize all the fields of the
principal.
static char *progname;
static char *cur_realm = 0;
static char *mkey_name = 0;
+static char *mkey_password = 0;
static krb5_boolean manual_mkey = FALSE;
static krb5_boolean dbactive = FALSE;
num_to_create = 0;
depth = 1;
- while ((optchar = getopt(argc, argv, "D:p:n:d:r:k:M:e:m")) != EOF) {
+ while ((optchar = getopt(argc, argv, "D:P:p:n:d:r:k:M:e:m")) != EOF) {
switch(optchar) {
case 'D':
depth = atoi(optarg); /* how deep to go */
break;
+ case 'P': /* Only used for testing!!! */
+ mkey_password = optarg;
+ break;
case 'p': /* prefix name to create */
strcpy(principal_string, optarg);
suffix = principal_string + strlen(principal_string);
break;
- case 'n': /* how many to create */
+ case 'n': /* how many to create */
num_to_create = atoi(optarg);
break;
case 'd': /* set db name */
int nentries;
krb5_boolean more;
register krb5_cryptosystem_entry *csentry;
+ krb5_data pwd, scratch;
csentry = master_encblock.crypto_entry;
com_err(pname, retval, "while setting up master key name");
return(1);
}
- if (retval = krb5_db_fetch_mkey(master_princ, &master_encblock,
- manual_mkey, FALSE, 0, &master_keyblock)) {
- com_err(pname, retval, "while reading master key");
- return(1);
+ if (mkey_password) {
+ pwd.data = mkey_password;
+ pwd.length = strlen(mkey_password);
+ retval = krb5_principal2salt(master_princ, &scratch);
+ if (retval) {
+ com_err(pname, retval, "while calculated master key salt");
+ return(1);
+ }
+ retval = krb5_string_to_key(&master_encblock, master_keyblock.keytype,
+ &master_keyblock, &pwd, &scratch);
+ if (retval) {
+ com_err(pname, retval,
+ "while transforming master key from password");
+ return(1);
+ }
+ free(scratch.data);
+ } else {
+ if (retval = krb5_db_fetch_mkey(master_princ, &master_encblock,
+ manual_mkey, FALSE, 0,
+ &master_keyblock)) {
+ com_err(pname, retval, "while reading master key");
+ return(1);
+ }
}
if (retval = krb5_db_init()) {
com_err(pname, retval, "while initializing database");
Thu Oct 6 12:42:47 1994 Theodore Y. Ts'o (tytso@dcl)
+ * kdb5_verify.c (main, set_dbname_help): Allow master key password
+ to be passed in on the command line; to make testing
+ scripts simpler.
+
* kdb5_verify.c (check_princ): Check to make sure key version
number is 1, not 0.
static char *progname;
static char *cur_realm = 0;
static char *mkey_name = 0;
+static char *mkey_password = 0;
static krb5_boolean manual_mkey = FALSE;
static krb5_boolean dbactive = FALSE;
num_to_check = 0;
depth = 1;
- while ((optchar = getopt(argc, argv, "D:p:n:d:r:R:k:M:e:m")) != EOF) {
+ while ((optchar = getopt(argc, argv, "D:P:p:n:d:r:R:k:M:e:m")) != EOF) {
switch(optchar) {
case 'D':
depth = atoi(optarg); /* how deep to go */
break;
+ case 'P': /* Only used for testing!!! */
+ mkey_password = optarg;
+ break;
case 'p': /* prefix name to check */
strcpy(principal_string, optarg);
suffix = principal_string + strlen(principal_string);
int nentries;
krb5_boolean more;
register krb5_cryptosystem_entry *csentry;
+ krb5_data pwd, scratch;
csentry = master_encblock.crypto_entry;
com_err(pname, retval, "while setting up master key name");
return(1);
}
- if (retval = krb5_db_fetch_mkey(master_princ, &master_encblock,
- manual_mkey, FALSE, 0, &master_keyblock)) {
- com_err(pname, retval, "while reading master key");
- return(1);
+ if (mkey_password) {
+ pwd.data = mkey_password;
+ pwd.length = strlen(mkey_password);
+ retval = krb5_principal2salt(master_princ, &scratch);
+ if (retval) {
+ com_err(pname, retval, "while calculated master key salt");
+ return(1);
+ }
+ retval = krb5_string_to_key(&master_encblock, master_keyblock.keytype,
+ &master_keyblock, &pwd, &scratch);
+ if (retval) {
+ com_err(pname, retval,
+ "while transforming master key from password");
+ return(1);
+ }
+ free(scratch.data);
+ } else {
+ if (retval = krb5_db_fetch_mkey(master_princ, &master_encblock,
+ manual_mkey, FALSE, 0,
+ &master_keyblock)) {
+ com_err(pname, retval, "while reading master key");
+ return(1);
+ }
}
if (retval = krb5_db_init()) {
com_err(pname, retval, "while initializing database");
projects / krb5.git / commitdiff