From 0a262255285725757e32208f5b3d4b3fe5b8e84f Mon Sep 17 00:00:00 2001
From: Mark Eichin <eichin@mit.edu>
Date: Sun, 25 Feb 1996 01:35:18 +0000
Subject: [PATCH] With this change, lddb -old actually *works* on old dumps..

	* dump.c (process_k5beta_record): encrypted keys used to have 4
	byte lengths in MSB order, need to convert to 2 byte LSB order
	lengths before storing. Handle primary key and alternate key.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7534 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/admin/edit/ChangeLog |  6 ++++++
 src/admin/edit/dump.c    | 41 +++++++++++++++++++++++++++++++++++++++-
 2 files changed, 46 insertions(+), 1 deletion(-)

diff --git a/src/admin/edit/ChangeLog b/src/admin/edit/ChangeLog
index db8424b59..24fba1771 100644
--- a/src/admin/edit/ChangeLog
+++ b/src/admin/edit/ChangeLog
@@ -1,3 +1,9 @@
+Sat Feb 24 04:02:18 1996  Mark W. Eichin  <eichin@cygnus.com>
+
+	* dump.c (process_k5beta_record): encrypted keys used to have 4
+	byte lengths in MSB order, need to convert to 2 byte LSB order
+	lengths before storing. Handle primary key and alternate key.
+
 Fri Feb 23 18:44:10 1996  Mark Eichin  <eichin@cygnus.com>
 
 	* kdb5_edit.c (kdb5_edit_Init): set manual_mkey for testing with -P
diff --git a/src/admin/edit/dump.c b/src/admin/edit/dump.c
index c96c50af4..2dd3aec0b 100644
--- a/src/admin/edit/dump.c
+++ b/src/admin/edit/dump.c
@@ -996,13 +996,32 @@ process_k5beta_record(fname, kcontext, filep, verbose, linenop)
 		error++;
 	    }
 	    pkey->key_data_type[0] = tmpint1;
-	    /* Read the key */
+	    /* Read the old format key */
 	    if (!error && read_octet_string(filep,
 					    pkey->key_data_contents[0],
 					    pkey->key_data_length[0])) {
 		try2read = read_key_data;
 		error++;
 	    }
+	    /* convert to a new format key */
+	    /* the encrypted version is stored as the unencrypted key length
+	       (4 bytes, MSB first) followed by the encrypted key. */
+	    if ((pkey->key_data_length[0] > 4)
+		&& (pkey->key_data_contents[0][0] == 0)
+		&& (pkey->key_data_contents[0][1] == 0)) {
+	      /* this really does look like an old key, so drop and swap */
+	      /* the *new* length is 2 bytes, LSB first, sigh. */
+	      size_t shortlen = pkey->key_data_length[0]-4+2;
+	      char *shortcopy = (krb5_octet *) malloc(shortlen);
+	      char *origdata = pkey->key_data_contents[0];
+	      shortcopy[0] = origdata[3];
+	      shortcopy[1] = origdata[2];
+	      memcpy(shortcopy+2,origdata+4,shortlen-2);
+	      free(origdata);
+	      pkey->key_data_length[0] = shortlen;
+	      pkey->key_data_contents[0] = shortcopy;
+	    }
+	      
 	    /* Read principal attributes */
 	    if (!error && (fscanf(filep,
 				  "\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t",
@@ -1053,6 +1072,26 @@ process_k5beta_record(fname, kcontext, filep, verbose, linenop)
 		try2read = read_akey_data;
 		error++;
 	    }
+
+	    /* convert to a new format key */
+	    /* the encrypted version is stored as the unencrypted key length
+	       (4 bytes, MSB first) followed by the encrypted key. */
+	    if ((akey->key_data_length[0] > 4)
+		&& (akey->key_data_contents[0][0] == 0)
+		&& (akey->key_data_contents[0][1] == 0)) {
+	      /* this really does look like an old key, so drop and swap */
+	      /* the *new* length is 2 bytes, LSB first, sigh. */
+	      size_t shortlen = akey->key_data_length[0]-4+2;
+	      char *shortcopy = (krb5_octet *) malloc(shortlen);
+	      char *origdata = akey->key_data_contents[0];
+	      shortcopy[0] = origdata[3];
+	      shortcopy[1] = origdata[2];
+	      memcpy(shortcopy+2,origdata+4,shortlen-2);
+	      free(origdata);
+	      akey->key_data_length[0] = shortlen;
+	      akey->key_data_contents[0] = shortcopy;
+	    }
+	      
 	    /* Read alternate salt type */
 	    if (!error && (fscanf(filep, "\t%u\t", &tmpint1) != 1)) {
 		try2read = read_asalt_type;
-- 
2.26.2