* kdb5_edit.c (extract_v4_srvtab): do not test to make sure we

fetched a key of enctype 1 (des-cbc-crc), since we may have gotten
another des key from the database, which is just as useful in a
v4 srvtab

* dumpv4.c (dump_v4_iterator): use krb5_524_conv_principal to do the
v5 to v4 principal translation, instead of having yet another
hard-coded table.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7668 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/admin/edit/ChangeLog b/src/admin/edit/ChangeLog
index 7cf8b1c725ddc197058db081d5dfdece0cc718a7..584601cf16c58dd4b3db276f17edf521992f1d27 100644 (file)
--- a/src/admin/edit/ChangeLog
+++ b/src/admin/edit/ChangeLog
@@ -1,3 +1,14 @@
+Tue Mar 19 18:00:58 1996  Richard Basch  <basch@lehman.com>
+
+       * kdb5_edit.c (extract_v4_srvtab): do not test to make sure we
+       fetched a key of enctype 1 (des-cbc-crc), since we may have gotten
+       another des key from the database, which is just as useful in a
+       v4 srvtab
+
+       * dumpv4.c (dump_v4_iterator): use krb5_524_conv_principal to do the
+       v5 to v4 principal translation, instead of having yet another
+       hard-coded table.
+
 Wed Mar  6 16:17:20 1996  Richard Basch  <basch@lehman.com>
 
        * dumpv4.c: The V4 master key & schedule was never initialized,

diff --git a/src/admin/edit/dumpv4.c b/src/admin/edit/dumpv4.c
index 0c4cacbaefe4cc9b74f47c8b05162e3936a3caaf..83b87b3f037ce3a8ee2d40eb3eabb29e4c31c3f8 100644 (file)
--- a/src/admin/edit/dumpv4.c
+++ b/src/admin/edit/dumpv4.c
@@ -114,77 +114,42 @@ dump_v4_iterator(ptr, entry)
     struct dump_record *arg = (struct dump_record *) ptr;
     krb5_tl_mod_princ *mod_princ = NULL;
     krb5_error_code retval;
-    char *mod_name=NULL;
-    char *name=NULL;
     int        i, max_kvno, ok_key;
 
     struct v4princ {
-      char name[ANAME_SZ+1];
-      char instance[INST_SZ+1];
-      int max_life;
-      int kdc_key_ver, key_version, attributes;
-      char mod_name[ANAME_SZ+1];
-      char mod_instance[INST_SZ+1];
+       char name[ANAME_SZ+1];
+       char instance[INST_SZ+1];
+       char realm[REALM_SZ+1];
+       int max_life;
+       int kdc_key_ver, key_version, attributes;
+       char mod_name[ANAME_SZ+1];
+       char mod_instance[INST_SZ+1];
+       char mod_realm[REALM_SZ+1];
     } v4princ, *principal;
     des_cblock v4key;
-
-    v4princ.name[ANAME_SZ] = 0;
-    v4princ.mod_name[ANAME_SZ] = 0;
-    v4princ.instance[INST_SZ] = 0;
-    v4princ.mod_instance[INST_SZ] = 0;
-
+    
     principal = &v4princ;
 
-    if (retval = krb5_unparse_name(edit_context, entry->princ, &name)) {
-       com_err(arg->comerr_name, retval, "while unparsing principal");
-       exit_status++;
-       return retval;
-    }
+    if (strcmp(krb5_princ_realm(edit_context, entry->princ)->data, arg->realm))
+       /* skip this because it's a key for a different realm, probably
+        * a paired krbtgt key */
+       return 0;
 
-    if (strcmp(krb5_princ_realm(edit_context, entry->princ)->data, arg->realm)){
-       /* 
-        * skip this because it's a key for a different realm, probably
-        * a paired krbtgt key 
-        */
-        free(name);
+    retval = krb5_524_conv_principal(edit_context, entry->princ,
+                                    principal->name, principal->instance,
+                                    principal->realm);
+    if (retval)
+       /* Skip invalid V4 principals */
        return 0;
-    }
 
-    strncpy(principal->name,
-           krb5_princ_component(edit_context, entry->princ, 0)->data,ANAME_SZ);
-    if (!strcmp(principal->name, "host")) {
-        strcpy(principal->name, "rcmd");
-    }
-    if (!principal->name[0]) {
-        strcpy(principal->name, "*");
-    }
+    if (!strcmp(principal->name, "K") && !strcmp(principal->instance, "M"))
+       /* The V4 master key is handled specially */
+       return 0;
 
-    if (entry->princ->length > 2) {
-       free(name);
+    if (! principal->name[0])
        return 0;
-    } else if (entry->princ->length > 1) {
-        char *inst;
-        strncpy(principal->instance,
-               krb5_princ_component(edit_context, entry->princ, 1)->data, 
-               INST_SZ);
-        if ((inst = strchr(principal->instance, '.')) &&
-           strcmp(principal->name, "krbtgt") &&
-           strcmp(principal->name, "afs"))
-       {
-           /* nuke domain off the end of anything that isn't a tgt */
-           *inst = '\0';
-        }
-       if (!strcmp(principal->name, "K") && !strcmp(principal->instance, "M"))
-       {
-           /* The V4 master key is handled specially */
-           free(name);
-           return 0;
-       }
-    } else {
-        principal->instance[0] = '*';
-        principal->instance[1] = '\0';
-    }
-    free(name);
+    if (! principal->instance[0])
+       strcpy(principal->instance, "*");
 
     /* Now move to mod princ */
     if (retval = krb5_dbe_decode_mod_princ_data(edit_context,entry,&mod_princ)){
@@ -192,28 +157,20 @@ dump_v4_iterator(ptr, entry)
        exit_status++;
        return retval;
     }
-    if (retval=krb5_unparse_name(edit_context,mod_princ->mod_princ,&mod_name)) {
-       com_err(arg->comerr_name, retval, "while unparsing principal");
-       exit_status++;
-       return retval;
-    }
-    strncpy(principal->mod_name,
-           krb5_princ_component(edit_context, mod_princ->mod_princ, 0)->data, 
-           ANAME_SZ);
-    if (!principal->mod_name[0]) {
-      strcpy(principal->mod_name, "*");
-    }
-
-    if (mod_princ->mod_princ->length > 1) {
-        strncpy(principal->mod_instance, 
-               krb5_princ_component(edit_context,mod_princ->mod_princ,1)->data,
-               INST_SZ);
-    } else {
-        principal->mod_instance[0] = '*';
-        principal->mod_instance[1] = '\0';
+    retval = krb5_524_conv_principal(edit_context, mod_princ->mod_princ,
+                                    principal->mod_name, principal->mod_instance,
+                                    principal->mod_realm);
+    if (retval) {
+       /* Invalid V4 mod principal */
+       principal->mod_name[0] = '\0';
+       principal->mod_instance[0] = '\0';
     }
-    free(mod_name);
 
+    if (! principal->mod_name[0])
+       strcpy(principal->mod_name, "*");
+    if (! principal->mod_instance[0])
+       strcpy(principal->mod_instance, "*");
+    
     /* OK deal with the key now. */
     for (max_kvno = i = 0; i < entry->n_key_data; i++) {
        if (max_kvno < entry->key_data[i].key_data_kvno) {

diff --git a/src/admin/edit/kdb5_edit.c b/src/admin/edit/kdb5_edit.c
index 50bf99d48d44a4b7824c6cbec17037ce24055c11..4c0a380b65629b08c81a0fa636cd0a5f6187ffb4 100644 (file)
--- a/src/admin/edit/kdb5_edit.c
+++ b/src/admin/edit/kdb5_edit.c
@@ -887,13 +887,6 @@ void extract_v4_srvtab(argc, argv)
            exit_status++;
            goto cleanall;
        }
-       if (key.enctype != 1) {
-               com_err(argv[0], 0, "%s does not have a DES key!", pname);
-               exit_status++;
-               memset((char *)key.contents, 0, key.length);
-               krb5_xfree(key.contents);
-               continue;
-       }
        fwrite(argv[i], strlen(argv[i]) + 1, 1, fout); /* p.name */
        fwrite(argv[1], strlen(argv[1]) + 1, 1, fout); /* p.instance */
        fwrite(cur_realm, strlen(cur_realm) + 1, 1, fout); /* p.realm */