From: Theodore Tso Date: Wed, 4 Oct 1995 03:12:32 +0000 (+0000) Subject: Use the kdc.conf file to determine the default list of keysalt tuples X-Git-Tag: krb5-1.0-beta6~943 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=c295ac7d7ddada9653e503432f63d51164a62601;p=krb5.git Use the kdc.conf file to determine the default list of keysalt tuples to be used. This is stored in std_ks_tuple, and is used by cpw.c for random keys and when a list of keysalts is not specified. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6925 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/admin/edit/ChangeLog b/src/admin/edit/ChangeLog index e368ad904..4409397cd 100644 --- a/src/admin/edit/ChangeLog +++ b/src/admin/edit/ChangeLog @@ -1,3 +1,11 @@ +Tue Oct 3 23:10:57 1995 Theodore Y. Ts'o + + * cpw.c (enter_rnd_key, enter_pwd_key): + * kdb5_edit.c (kdb5_edit_Init): Use the kdc.conf file to determine + the default list of keysalt tuples to be used. This is + stored in std_ks_tuple, and is used by cpw.c for random + keys and when a list of keysalts is not specified. + Mon Sep 18 03:59:47 1995 Ezra Peisach * kdb5_edit.c (show_principal): Show key version and last password diff --git a/src/admin/edit/cpw.c b/src/admin/edit/cpw.c index 9a362e6ec..adb8e9c6b 100644 --- a/src/admin/edit/cpw.c +++ b/src/admin/edit/cpw.c @@ -51,16 +51,6 @@ extern char *krb5_default_pwd_prompt1, *krb5_default_pwd_prompt2; extern krb5_boolean dbactive; extern FILE *scriptfile; -/* - * XXX This realy should be configured from kdc.conf - */ -static krb5_key_salt_tuple ks_tuple_rnd_def[] = - {{ ENCTYPE_DES_CBC_CRC, 0 }, - { ENCTYPE_DES_CBC_MD5, 0 }, - { ENCTYPE_DES_CBC_CRC, KRB5_KDB_SALTTYPE_V4}, - { ENCTYPE_DES_CBC_MD5, KRB5_KDB_SALTTYPE_V4}}; -static int ks_tuple_rnd_def_count = 4; - static void enter_rnd_key(argc, argv, entry) int argc; @@ -71,8 +61,8 @@ enter_rnd_key(argc, argv, entry) int nprincs = 1; if ((retval = krb5_dbe_crk(edit_context, &master_encblock, - ks_tuple_rnd_def, - ks_tuple_rnd_def_count, entry))) { + std_ks_tuple, + std_ks_tuple_count, entry))) { com_err(argv[0], retval, "while generating random key"); krb5_db_free_principal(edit_context, entry, nprincs); exit_status++; @@ -187,9 +177,6 @@ void change_rnd_key(argc, argv) } } -static krb5_key_salt_tuple ks_tuple_default[] = {{ ENCTYPE_DES_CBC_CRC, 0 }}; -static int ks_tuple_count_default = 1; - void enter_pwd_key(cmdname, princ, ks_tuple, ks_tuple_count, entry) char * cmdname; @@ -229,8 +216,8 @@ enter_pwd_key(cmdname, princ, ks_tuple, ks_tuple_count, entry) } if (ks_tuple_count == 0) { - ks_tuple_count = ks_tuple_count_default; - ks_tuple = ks_tuple_default; + ks_tuple_count = std_ks_tuple_count; + ks_tuple = std_ks_tuple; } if ((retval = krb5_dbe_cpw(edit_context, &master_encblock, ks_tuple, ks_tuple_count, password, entry))) { diff --git a/src/admin/edit/kdb5_edit.c b/src/admin/edit/kdb5_edit.c index c56015beb..d531ba235 100644 --- a/src/admin/edit/kdb5_edit.c +++ b/src/admin/edit/kdb5_edit.c @@ -40,11 +40,15 @@ struct mblock mblock = { /* XXX */ 0 }; +krb5_key_salt_tuple ks_tuple_default[] = {{ ENCTYPE_DES_CBC_CRC, 0 }}; + +krb5_key_salt_tuple *std_ks_tuple = ks_tuple_default; +int std_ks_tuple_count = 1; + char *Err_no_master_msg = "Master key not entered!\n"; char *Err_no_database = "Database not currently opened!\n"; char *current_dbname = NULL; - /* * XXX Ick, ick, ick. These global variables shouldn't be global.... */ @@ -216,6 +220,15 @@ char *kdb5_edit_Init(argc, argv) if (rparams->realm_flags_valid) mblock.flags = rparams->realm_flags; + /* Get the value of the supported key/salt pairs */ + if (rparams->realm_num_keysalts) { + std_ks_tuple_count = rparams->realm_num_keysalts; + std_ks_tuple = rparams->realm_keysalts; + rparams->realm_num_keysalts = 0; + rparams->realm_keysalts = (krb5_key_salt_tuple *) NULL; + } + + krb5_free_realm_params(edit_context, rparams); } diff --git a/src/admin/edit/kdb5_edit.h b/src/admin/edit/kdb5_edit.h index cc988011d..c04f2ed96 100644 --- a/src/admin/edit/kdb5_edit.h +++ b/src/admin/edit/kdb5_edit.h @@ -36,6 +36,9 @@ struct mblock { krb5_kvno mkvno; }; +extern krb5_key_salt_tuple *std_ks_tuple; +extern int std_ks_tuple_count; + void add_key PROTOTYPE((char const *, char const *, krb5_const_principal, const krb5_keyblock *,