+Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu)
+
+ * cpw.c, dump.c, dumpv4.c, kdb5_edit.c, loadv4.c : Remove krb5_enctype
+ references, and replace with krb5_keytype where appropriate.
+
Fri Aug 25 17:37:33 EDT 1995 Paul Park (pjpark@mit.edu)
* dumpv4.c - Fix handle_keys(). It was trying to recreate work that
has already been done.
extern krb5_boolean dbactive;
extern FILE *scriptfile;
-static krb5_key_salt_tuple ks_tuple_rnd_def[] = {{ KEYTYPE_DES, 0 }};
+static krb5_key_salt_tuple ks_tuple_rnd_def[] = {{ KEYTYPE_DES_CBC_CRC, 0 }};
static int ks_tuple_rnd_def_count = 1;
static void
}
}
-static krb5_key_salt_tuple ks_tuple_default[] = {{ KEYTYPE_DES, 0 }};
+static krb5_key_salt_tuple ks_tuple_default[] = {{ KEYTYPE_DES_CBC_CRC, 0 }};
static int ks_tuple_count_default = 1;
void
* Find the 'primary' key and the 'alternate' key.
*/
if ((retval = find_keytype(entry,
- KEYTYPE_DES,
+ KEYTYPE_DES_CBC_CRC,
KRB5_KDB_SALTTYPE_NORMAL,
&pkey)) &&
(retval = find_keytype(entry,
- KEYTYPE_DES,
+ KEYTYPE_DES_CBC_CRC,
KRB5_KDB_SALTTYPE_V4,
&akey))) {
fprintf(stderr, nokeys_err, arg->programname, name);
int handle_keys(arg)
struct dump_record *arg;
{
- arg->realm = cur_realm;
+ krb5_error_code retval;
+ char *defrealm;
+ char *mkey_name = 0;
+ char *mkey_fullname;
+ krb5_principal master_princ;
+
+ if (retval = krb5_get_default_realm(edit_context, &defrealm)) {
+ com_err(arg->comerr_name, retval,
+ "while retrieving default realm name");
+ exit(1);
+ }
+ arg->realm = defrealm;
+
+ /* assemble & parse the master key name */
+
+ if (retval = krb5_db_setup_mkey_name(edit_context, mkey_name, arg->realm,
+ &mkey_fullname, &master_princ)) {
+ com_err(arg->comerr_name, retval, "while setting up master key name");
+ exit(1);
+ }
+
+ krb5_use_keytype(edit_context, &master_encblock, DEFAULT_KDC_KEYTYPE);
+ if (retval = krb5_db_fetch_mkey(edit_context, master_princ,
+ &master_encblock, 0,
+ 0, (char *) NULL, 0, &master_keyblock)) {
+ com_err(arg->comerr_name, retval, "while reading master key");
+ exit(1);
+ }
+ if (retval = krb5_process_key(edit_context, &master_encblock,
+ &master_keyblock)) {
+ com_err(arg->comerr_name, retval, "while processing master key");
+ exit(1);
+ }
arg->v5master = &master_encblock;
return(0);
}
fprintf(stderr,
"usage: %s [-d dbpathname] [-r realmname] [-R request ]\n",
who);
- fprintf(stderr, "\t [-k keytype] [-e etype] [-M mkeyname]\n");
+ fprintf(stderr, "\t [-k keytype] [-M mkeyname]\n");
exit(status);
}
char *dbname = (char *) NULL;
char *defrealm;
int keytypedone = 0;
- int etypedone = 0;
- krb5_enctype etype = DEFAULT_KDC_ETYPE;
extern krb5_kt_ops krb5_ktf_writable_ops;
char *request = NULL;
krb5_realm_params *rparams;
case 'M': /* master key name in DB */
mkey_name = optarg;
break;
- case 'e':
- if (krb5_string_to_enctype(optarg, &etype))
- com_err(argv[0], 0, "%s is an invalid encryption type",
- optarg);
- else
- etypedone++;
- break;
case 'm':
manual_mkey = TRUE;
break;
keytypedone++;
}
- /* Get the value for the encryption type */
- if (rparams->realm_enctype_valid && !etypedone)
- etype = rparams->realm_enctype;
-
/* Get the value for the stashfile */
if (rparams->realm_stash_file)
stash_file = strdup(rparams->realm_stash_file);
exit(1);
}
- if (!valid_etype(etype)) {
- char tmp[32];
- if (krb5_enctype_to_string(etype, tmp, sizeof(tmp)))
- com_err(argv[0], KRB5_PROG_ETYPE_NOSUPP,
- "while setting up etype %d", etype);
- else
- com_err(argv[0], KRB5_PROG_ETYPE_NOSUPP, tmp);
- exit(1);
- }
- krb5_use_cstype(edit_context, &master_encblock, etype);
+ krb5_use_keytype(edit_context, &master_encblock, master_keyblock.keytype);
if (cur_realm) {
if ((retval = krb5_set_default_realm(edit_context, cur_realm))) {
int status;
{
fprintf(stderr, "usage: %s [-d v5dbpathname] [-t] [-n] [-r realmname] [-K] [-k keytype]\n\
-\t[-e etype] [-M mkeyname] -f inputfile\n",
+\t[-M mkeyname] -f inputfile\n",
who);
return;
}
krb5_realm_params *rparams;
int persist, op_ind;
- krb5_enctype etype = 0xffff;
-
krb5_init_context(&context);
krb5_init_ets(context);
mkey_name = argv[op_ind+1];
op_ind++;
}
- else if (!strcmp(argv[op_ind], "-e") && ((argc - op_ind) >= 2)) {
- if (krb5_string_to_enctype(argv[op_ind+1], &etype))
- com_err(argv[0], 0, "%s is an invalid encryption type",
- argv[op_ind+1]);
- op_ind++;
- }
else if (!strcmp(argv[op_ind], "-n")) {
v4manual++;
}
keytypedone++;
}
- /* Get the value for the encryption type */
- if (rparams->realm_enctype_valid && (etype == 0xffff))
- etype = rparams->realm_enctype;
-
/* Get the value for the stashfile */
if (rparams->realm_stash_file)
stash_file = strdup(rparams->realm_stash_file);
return;
}
- if (etype == 0xffff)
- etype = DEFAULT_KDC_ETYPE;
-
- if (!valid_etype(etype)) {
- com_err(PROGNAME, KRB5_PROG_ETYPE_NOSUPP,
- "while setting up etype %d", etype);
- return;
- }
- krb5_use_cstype(context, &master_encblock, etype);
+ krb5_use_keytype(context, &master_encblock, master_keyblock.keytype);
/* If the user has not requested locking, don't modify an existing database. */
if (! tempdb) {
DECRYPT);
v4v5key.magic = KV5M_KEYBLOCK;
- v4v5key.etype = master_keyblock.etype;
v4v5key.contents = (krb5_octet *)v4key;
- v4v5key.keytype = KEYTYPE_DES;
+ v4v5key.keytype = KEYTYPE_DES_CBC_CRC;
v4v5key.length = sizeof(v4key);
retval = krb5_dbe_create_key_data(context, &entry);
projects / krb5.git / commitdiff