From: Theodore Tso <tytso@mit.edu>
Date: Mon, 23 Oct 1995 20:41:16 +0000 (+0000)
Subject: Add new option 's' which automatically stashes the master key in the
X-Git-Tag: krb5-1.0-beta6~886
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=eaffa98d229422f5f7389ebe959b724d0a5b796b;p=krb5.git

Add new option 's' which automatically stashes the master key in the
key stash file.  This eliminates the need for the admin to type
kdb5_stash right after kdb5_create.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6983 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/admin/create/ChangeLog b/src/admin/create/ChangeLog
index 4da417fa0..1045e9f98 100644
--- a/src/admin/create/ChangeLog
+++ b/src/admin/create/ChangeLog
@@ -1,3 +1,10 @@
+Wed Oct 18 14:25:29 1995    <tytso@rsts-11.mit.edu>
+
+	* kdb5_create.c (main): Add new option 's' which automatically
+	        stashes the master key in the key stash file.  This
+	        eliminates the need for the admin to type kdb5_stash right
+	        after kdb5_create.
+
 Wed Sep 13 19:02:50 1995  Theodore Y. Ts'o  <tytso@dcl>
 
 	* kdb5_create.c (tgt_keysalt_iterate): Don't bash the master key
diff --git a/src/admin/create/kdb5_create.c b/src/admin/create/kdb5_create.c
index a78059feb..f1733baf1 100644
--- a/src/admin/create/kdb5_create.c
+++ b/src/admin/create/kdb5_create.c
@@ -142,8 +142,10 @@ char *argv[];
     char *mkey_fullname;
     char *defrealm;
     char *pw_str = 0;
+    char *keyfile = 0;
     int pw_size = 0;
     int enctypedone = 0;
+    int do_stash = 0;
     krb5_data pwd;
     krb5_context context;
     krb5_realm_params *rparams;
@@ -154,7 +156,7 @@ char *argv[];
     if (strrchr(argv[0], '/'))
 	argv[0] = strrchr(argv[0], '/')+1;
 
-    while ((optchar = getopt(argc, argv, "d:r:k:M:e:P:")) != EOF) {
+    while ((optchar = getopt(argc, argv, "d:r:k:M:e:P:sf:")) != EOF) {
 	switch(optchar) {
 	case 'd':			/* set db name */
 	    dbname = optarg;
@@ -168,6 +170,12 @@ char *argv[];
 	    else
 		com_err(argv[0], 0, "%s is an invalid enctype", optarg);
 	    break;
+	case 's':
+	    do_stash++;
+	    break;
+	case 'f':
+	    keyfile = optarg;
+	    break;
 	case 'M':			/* master key name in DB */
 	    mkey_name = optarg;
 	    break;
@@ -228,6 +236,10 @@ char *argv[];
 	    rparams->realm_keysalts = (krb5_key_salt_tuple *) NULL;
 	}
 
+	/* Get the value for the stash file */
+	if (rparams->realm_stash_file && !keyfile)
+	    keyfile = strdup(rparams->realm_stash_file);
+
 	krb5_free_realm_params(context, rparams);
     }
 
@@ -361,6 +373,12 @@ master key name '%s'\n",
 	com_err(argv[0], retval, "while adding entries to the database");
 	exit(1);
     }
+    if (do_stash &&
+	((retval = krb5_db_store_mkey(context, keyfile, master_princ, 
+				    &master_keyblock)))) {
+	com_err(argv[0], errno, "while storing key");
+	printf("Warning: couldn't stash master key.\n");
+    }
     /* clean up */
     (void) krb5_db_fini(context);
     (void) krb5_finish_key(context, &master_encblock);