From 6afd6c728c7ec18793a4a6f9be4e3032c0c3c797 Mon Sep 17 00:00:00 2001 From: Sam Hartman Date: Fri, 26 Jan 1996 05:19:21 +0000 Subject: [PATCH] Fixed extraction of keytabs to extract all keys not just the first one. Fixed v4 extraction to find the v4 key. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7387 dc483132-0cff-0310-8789-dd5450dbe970 --- src/admin/edit/ChangeLog | 7 +++++++ src/admin/edit/kdb5_edit.c | 37 +++++++++++++++++++++++++++++++------ 2 files changed, 38 insertions(+), 6 deletions(-) diff --git a/src/admin/edit/ChangeLog b/src/admin/edit/ChangeLog index cce52d1e8..b3b9ea131 100644 --- a/src/admin/edit/ChangeLog +++ b/src/admin/edit/ChangeLog @@ -1,7 +1,14 @@ +Thu Jan 25 16:07:42 1996 Sam Hartman + + * kdb5_edit.c (extract_srvtab): Extract *all* the keys in a + dbentry, not the first one. + (extract_v4_srvtab): Attempt to find the right v4 keys. + Wed Jan 24 18:48:38 1996 Tom Yu * Makefile.in: Remove spurious @DEFS@ + Wed Dec 13 03:44:58 1995 Chris Provenzano (proven@mit.edu) * dump.c, dumpv4.c, kdb5_edit.c, loadv4.c : diff --git a/src/admin/edit/kdb5_edit.c b/src/admin/edit/kdb5_edit.c index b6e92d7a5..bfb9dc784 100644 --- a/src/admin/edit/kdb5_edit.c +++ b/src/admin/edit/kdb5_edit.c @@ -1,7 +1,7 @@ /* * admin/edit/kdb5_edit.c * - * Copyright 1990,1991 by the Massachusetts Institute of Technology. + * (C) Copyright 1990,1991, 1996 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -292,6 +292,7 @@ char *kdb5_edit_Init(argc, argv) return request; } + #define NO_PRINC ((krb5_kvno)-1) krb5_kvno @@ -652,6 +653,7 @@ void extract_srvtab(argc, argv) for (i = 2; i < argc; i++) { /* iterate over the names */ +int keynum; pname = malloc(strlen(argv[1])+strlen(argv[i])+strlen(cur_realm)+3); if (!pname) { com_err(argv[0], ENOMEM, @@ -692,16 +694,18 @@ void extract_srvtab(argc, argv) exit_status++; goto cleanmost; } +for (keynum = 0; keynum < dbentry.n_key_data; keynum++) { + if ((retval = krb5_dbekd_decrypt_key_data(edit_context, &master_encblock, - &dbentry.key_data[0], + &dbentry.key_data[keynum], &newentry.key, NULL))) { com_err(argv[0], retval, "while decrypting key for '%s'", pname); exit_status++; goto cleanall; } newentry.principal = princ; - newentry.vno = dbentry.key_data[0].key_data_kvno; + newentry.vno = dbentry.key_data[keynum].key_data_kvno; if ((retval = krb5_kt_add_entry(edit_context, ktid, &newentry))) { com_err(argv[0], retval, "while adding key to keytab '%s'", ktname); @@ -711,7 +715,8 @@ void extract_srvtab(argc, argv) pname, ktname); memset((char *)newentry.key.contents, 0, newentry.key.length); krb5_xfree(newentry.key.contents); - cleanall: + } + cleanall: krb5_db_free_principal(edit_context, &dbentry, nentries); cleanmost: free(pname); @@ -773,6 +778,7 @@ void extract_v4_srvtab(argc, argv) } for (i = 2; i < argc; i++) { unsigned char kvno; + krb5_key_data *pkey; /* iterate over the names */ pname = malloc(strlen(argv[1])+strlen(argv[i])+strlen(cur_realm)+3); @@ -815,9 +821,27 @@ void extract_v4_srvtab(argc, argv) exit_status++; goto cleanmost; } - if ((retval = krb5_dbekd_decrypt_key_data(edit_context, + if (krb5_dbe_find_enctype(edit_context, + &dbentry, + ENCTYPE_DES_CBC_CRC, + KRB5_KDB_SALTTYPE_V4, + -1, + &pkey) && + (retval = krb5_dbe_find_enctype(edit_context, + &dbentry, + ENCTYPE_DES_CBC_CRC, + -1, + -1, + &pkey))) { + com_err(argv[0], retval, "while retrieving %s", pname); + exit_status++; + goto cleanmost; + } + + +if ((retval = krb5_dbekd_decrypt_key_data(edit_context, &master_encblock, - &dbentry.key_data[0], + &pkey, &key, NULL))) { com_err(argv[0], retval, "while decrypting key for '%s'", pname); exit_status++; @@ -830,6 +854,7 @@ void extract_v4_srvtab(argc, argv) krb5_xfree(key.contents); continue; } +/*XXX handle host*/ fwrite(argv[i], strlen(argv[i]) + 1, 1, fout); /* p.name */ fwrite(argv[1], strlen(argv[1]) + 1, 1, fout); /* p.instance */ fwrite(cur_realm, strlen(cur_realm) + 1, 1, fout); /* p.realm */ -- 2.26.2