+Tue Aug 15 14:28:03 EDT 1995 Paul Park (pjpark@mit.edu)
+ * kadm5_defs.h, admin.c, passwd.c, srv_key.c - Replace key_name_to_data
+ with krb5_dbe_find_keytype().
+
+
Thu Aug 10 14:34:31 EDT 1995 Paul Park (pjpark@mit.edu)
* srv_key.c - Consolidate handling of tagged database attributes here
in key_update_tl_attrs(). Fix a bug which was never encountered
xxx2.n_key_data = nkeys2;
xxx2.key_data = in2;
for (i=0; i<nksents; i++) {
- if (key_name_to_data(&xxx1, &kslist[i], -1, &kp1))
- kp1 = (krb5_key_data *) NULL;
- if (key_name_to_data(&xxx2, &kslist[i], -1, &kp2))
- kp2 = (krb5_key_data *) NULL;
+ (void) krb5_dbe_find_keytype(kcontext,
+ &xxx1,
+ kslist[i].ks_keytype,
+ kslist[i].ks_salttype,
+ -1,
+ &kp1);
+ (void) krb5_dbe_find_keytype(kcontext,
+ &xxx2,
+ kslist[i].ks_keytype,
+ kslist[i].ks_salttype,
+ -1,
+ &kp2);
if (kp1 && kp2) {
if (kp2->key_data_kvno > kp1->key_data_kvno)
kp1 = kp2;
DPRINT(DEBUG_CALLS, debug_level, ("* admin_keysalt_verify()\n"));
for (i=0; i<nksents; i++) {
kdata = (krb5_key_data *) NULL;
- (void) key_name_to_data(dbentp, &kslist[i], kvnolist[i], &kdata);
+ (void) krb5_dbe_find_keytype(kcontext,
+ dbentp,
+ kslist[i].ks_keytype,
+ kslist[i].ks_salttype,
+ kvnolist[i],
+ &kdata);
if (should_be_there && !kdata) {
retval = KRB5_ADM_KEY_DOES_NOT_EXIST;
break;
if (keyectomy) {
count = dbentp->n_key_data;
for (i=0; i<nksents; i++) {
- if (!key_name_to_data(dbentp, &kslist[i], kvnolist[i], &kdata)) {
+ if (!krb5_dbe_find_keytype(kcontext,
+ dbentp,
+ kslist[i].ks_keytype,
+ kslist[i].ks_salttype,
+ kvnolist[i],
+ &kdata)) {
if (kdata->key_data_contents[0])
krb5_xfree(kdata->key_data_contents[0]);
if (kdata->key_data_contents[1])
krb5_encrypt_block *key_master_encblock();
void key_free_key_data KRB5_PROTOTYPE((krb5_key_data *,
krb5_int32));
-krb5_error_code key_name_to_data KRB5_PROTOTYPE((krb5_db_entry *,
- krb5_key_salt_tuple *,
- krb5_int32,
- krb5_key_data **));
krb5_error_code key_dbent_to_keysalts
KRB5_PROTOTYPE((krb5_db_entry *,
krb5_int32 *,
krb5_boolean pwret;
krb5_int32 num_keys, num_dkeys, tmpn;
krb5_key_data *key_list, *dkey_list, *kent, *tmp;
- krb5_key_salt_tuple keysalt;
krb5_error_code kret;
krb5_key_data *skey_list;
krb5_int16 nskeys;
dbentp->key_data = dkey_list;
dbentp->n_key_data = num_dkeys;
for (i=0; i<num_keys; i++) {
- keysalt.ks_keytype = (krb5_keytype) key_list[i].key_data_type[0];
- keysalt.ks_salttype = (krb5_int32) key_list[i].key_data_type[1];
- if (!key_name_to_data(dbentp, &keysalt, -1, &kent)) {
+ if (!krb5_dbe_find_keytype(kcontext,
+ dbentp,
+ (krb5_keytype) key_list[i].key_data_type[0],
+ (krb5_int32) key_list[i].key_data_type[1],
+ -1,
+ &kent)) {
if ((key_list[i].key_data_length[0] != kent->key_data_length[0]) ||
memcmp(key_list[i].key_data_contents[0],
kent->key_data_contents[0],
}
if (!kret && madmin_num_keys && madmin_keys) {
- krb5_key_salt_tuple kstmp;
krb5_key_data *kdata;
krb5_db_entry xxx;
*/
xxx.n_key_data = (krb5_int16) madmin_num_keys;
xxx.key_data = madmin_keys;
- kstmp.ks_keytype = KEYTYPE_DES; /* XXX - how to specify? */
- kstmp.ks_salttype = -1;
- if (key_name_to_data(&xxx, &kstmp, -1, &kdata))
+ if (krb5_dbe_find_keytype(kcontext,
+ &xxx,
+ KEYTYPE_DES,
+ -1,
+ -1,
+ &kdata))
kdata = &madmin_keys[0];
memset(&madmin_key, 0, sizeof(krb5_keyblock));
*/
salted = 0;
krb5_use_keytype(argp->context, &master_encblock, ksent->ks_keytype);
- if (!key_name_to_data(argp->dbentry, ksent, -1, &kdata)) {
+ if (!krb5_dbe_find_keytype(argp->context,
+ argp->dbentry,
+ ksent->ks_keytype,
+ ksent->ks_salttype,
+ -1,
+ &kdata)) {
if (kdata->key_data_length[1] && kdata->key_data_contents[1])
salted = 1;
}
kret = 0;
krb5_use_keytype(argp->context, &master_encblock, ksent->ks_keytype);
- if (key_name_to_data(argp->dbentry, ksent, -1, &kdata)) {
+ if (krb5_dbe_find_keytype(argp->context,
+ argp->dbentry,
+ ksent->ks_keytype,
+ ksent->ks_salttype,
+ -1,
+ &kdata)) {
/*
* Cannot find a name-to-data matching, so we must have to create a
* new key entry.
}
}
\f
-/*
- * key_name_to_data() - Find the appropriate krb5_key_data entry for a
- * given name.
- *
- * Name consists of key/salt tuple and a kvno. If the kvno is negative, then
- * this routine returns the key_data entry with the highest kvno. Otherwise,
- * it searches for an exact match.
- */
-krb5_error_code
-key_name_to_data(dbentp, ksent, kvno, kdatap)
- krb5_db_entry *dbentp;
- krb5_key_salt_tuple *ksent;
- krb5_int32 kvno;
- krb5_key_data **kdatap;
-{
- /*
- * XXX - this should probably be a dbe routine.
- */
- int i;
- int maxkvno;
- krb5_key_data *datap;
-
- maxkvno = -1;
- datap = (krb5_key_data *) NULL;
- for (i=0; i<dbentp->n_key_data; i++) {
- if ((dbentp->key_data[i].key_data_type[0] == ksent->ks_keytype) &&
- ((dbentp->key_data[i].key_data_type[1] == ksent->ks_salttype) ||
- (ksent->ks_salttype < 0))) {
- if (kvno >= 0) {
- if (kvno == dbentp->key_data[i].key_data_kvno) {
- maxkvno = kvno;
- datap = &dbentp->key_data[i];
- break;
- }
- }
- else {
- if (dbentp->key_data[i].key_data_kvno > maxkvno) {
- maxkvno = dbentp->key_data[i].key_data_kvno;
- datap = &dbentp->key_data[i];
- }
- }
- }
- }
- if (maxkvno >= 0) {
- *kdatap = datap;
- return(0);
- }
- return(ENOENT);
-}
-\f
/*
* key_dbent_to_keysalts() - Generate a list of key/salt pairs.
*/
projects / krb5.git / commitdiff