From: Paul Park Date: Thu, 10 Aug 1995 18:57:55 +0000 (+0000) Subject: Use kadm_find_keytype() to find keys X-Git-Tag: krb5-1.0-beta6~1327 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=b44275ee8cd8fdca12db4af8748c26250d31000b;p=krb5.git Use kadm_find_keytype() to find keys git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6504 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/kadmin.v4/server/ChangeLog b/src/kadmin.v4/server/ChangeLog index 6d1aee18a..06d581542 100644 --- a/src/kadmin.v4/server/ChangeLog +++ b/src/kadmin.v4/server/ChangeLog @@ -1,4 +1,14 @@ +Thu Aug 10 14:48:26 EDT 1995 Paul Park (pjpark@mit.edu) + * kadm_funcs.c - Add kadm_find_keytype() to find a particular key/salt + pair. Use this to find keys instead of assuming that the + right one's in the first slot. + Fix transposed arguments to strncpy(). + Handle mod_princ_data stuff. + Supply saltblock to encrypt_key_data(). + * admin_server, kadm_ser_wrap.c - Use kadm_find_keytype() to find keys. + + Mon Aug 7 13:30:46 EDT 1995 Paul Park (pjpark@mit.edu) * admin_server,kadm_funcs,kadm_ser_wrap.c - Brute force substitutions to get this to compile. diff --git a/src/kadmin.v4/server/admin_server.c b/src/kadmin.v4/server/admin_server.c index 793a1f36c..c9bd3e1e8 100644 --- a/src/kadmin.v4/server/admin_server.c +++ b/src/kadmin.v4/server/admin_server.c @@ -336,6 +336,7 @@ struct sockaddr_in *who; krb5_db_entry sprinc_entries; krb5_boolean more; krb5_keyblock cpw_skey; + krb5_key_data *kdatap; int status; #ifndef NOENCRYPTION @@ -379,9 +380,15 @@ struct sockaddr_in *who; cleanexit(2); } + status = kadm_find_keytype(&sprinc_entries, KEYTYPE_DES, -1, &kdatap); + if (status) { + syslog(LOG_ERR, "find keytype failed: %s", error_message(status)); + cleanexit(1); + } + status = krb5_dbekd_decrypt_key_data(kadm_context, &server_parm.master_encblock, - &sprinc_entries.key_data[0], + kdatap, &cpw_skey, (krb5_keysalt *) NULL); if (status) { diff --git a/src/kadmin.v4/server/kadm_ser_wrap.c b/src/kadmin.v4/server/kadm_ser_wrap.c index da59032d1..c7e181322 100644 --- a/src/kadmin.v4/server/kadm_ser_wrap.c +++ b/src/kadmin.v4/server/kadm_ser_wrap.c @@ -49,6 +49,7 @@ kadm_ser_init(inter, realm) krb5_boolean more; krb5_db_entry master_entry; krb5_enctype kdc_etype = DEFAULT_KDC_ETYPE; + krb5_key_data *kdatap; if (gethostname(hostname, sizeof(hostname))) return KADM_NO_HOSTNAME; @@ -106,10 +107,17 @@ kadm_ser_init(inter, realm) &master_entry, &numfound, &more); if (retval || more || !numfound) return KADM_NO_VERI; + + retval = kadm_find_keytype(&master_entry, + KEYTYPE_DES, + -1, + &kdatap); + if (retval) + return KRB5_PROG_KEYTYPE_NOSUPP; server_parm.max_life = master_entry.max_life; server_parm.max_rlife = master_entry.max_renewable_life; server_parm.expiration = master_entry.expiration; - server_parm.mkvno = master_entry.key_data[0].key_data_kvno; + server_parm.mkvno = kdatap->key_data_kvno; /* don't set flags, as master has some extra restrictions (??? quoted from kdb_edit.c) */ krb5_db_free_principal(kadm_context, &master_entry, numfound);