From 7608ae2dba727550a44acce1c306046d67a048de Mon Sep 17 00:00:00 2001
From: Tom Yu <tlyu@mit.edu>
Date: Sat, 5 Dec 1998 04:12:35 +0000
Subject: [PATCH] 	* svr_principal.c (kadm5_create_principal): Modify to
 call 	create_principal_3. 	(kadm5_create_principal_3): New function
 including flag to keep 	old keys and optional explicit keysalt_tuples.
 	(kadm5_chpass_principal): Modify to call chpass_principal_3. 
 (kadm5_chpass_principal_3): New function including flag to keep 	old
 keys and optional explicit keysalt_tuples. 	(kadm5_randkey_principal):
 Modify to call randkey_principal_3. 	(kadm5_randkey_principal_3): New
 function including flag to keep 	old keys and optional explicit
 keysalt_tuples.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11063 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/kadm5/srv/ChangeLog       | 13 ++++++++
 src/lib/kadm5/srv/svr_principal.c | 52 ++++++++++++++++++++++++++-----
 2 files changed, 57 insertions(+), 8 deletions(-)

diff --git a/src/lib/kadm5/srv/ChangeLog b/src/lib/kadm5/srv/ChangeLog
index 8dff61102..54894eccc 100644
--- a/src/lib/kadm5/srv/ChangeLog
+++ b/src/lib/kadm5/srv/ChangeLog
@@ -1,3 +1,16 @@
+Fri Dec  4 23:10:32 1998  Tom Yu  <tlyu@mit.edu>
+
+	* svr_principal.c (kadm5_create_principal): Modify to call
+	create_principal_3.
+	(kadm5_create_principal_3): New function including flag to keep
+	old keys and optional explicit keysalt_tuples.
+	(kadm5_chpass_principal): Modify to call chpass_principal_3.
+	(kadm5_chpass_principal_3): New function including flag to keep
+	old keys and optional explicit keysalt_tuples.
+	(kadm5_randkey_principal): Modify to call randkey_principal_3.
+	(kadm5_randkey_principal_3): New function including flag to keep
+	old keys and optional explicit keysalt_tuples.
+
 Tue Nov 17 18:20:48 1998  Tom Yu  <tlyu@mit.edu>
 
 	* svr_principal.c (kadm5_create_principal): 
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index 315d74613..5e15bb8f2 100644
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -103,6 +103,17 @@ kadm5_ret_t
 kadm5_create_principal(void *server_handle,
 			    kadm5_principal_ent_t entry, long mask,
 			    char *password)
+{
+    return
+	kadm5_create_principal_3(server_handle, entry, mask,
+				 FALSE, 0, NULL, password);
+}
+kadm5_ret_t
+kadm5_create_principal_3(void *server_handle,
+			 kadm5_principal_ent_t entry, long mask,
+			 krb5_boolean keepold,
+			 int n_ks_tuple, krb5_key_salt_tuple *ks_tuple,
+			 char *password)
 {
     krb5_db_entry		kdb;
     osa_princ_ent_rec		adb;
@@ -235,11 +246,11 @@ kadm5_create_principal(void *server_handle,
     /* initialize the keys */
 
     if (ret = krb5_dbe_cpw(handle->context, &master_keyblock,
-			   handle->params.keysalts,
-			   handle->params.num_keysalts,
+			   n_ks_tuple?ks_tuple:handle->params.keysalts,
+			   n_ks_tuple?n_ks_tuple:handle->params.num_keysalts,
 			   password,
 			   (mask & KADM5_KVNO)?entry->kvno:1,
-			   FALSE, &kdb)) {
+			   keepold, &kdb)) {
 	krb5_dbe_free_contents(handle->context, &kdb);
 	if (mask & KADM5_POLICY)
 	     (void) kadm5_free_policy_ent(handle->lhandle, &polent);
@@ -1011,6 +1022,17 @@ static kadm5_ret_t add_to_history(krb5_context context,
 kadm5_ret_t
 kadm5_chpass_principal(void *server_handle,
 			    krb5_principal principal, char *password)
+{
+    return
+	kadm5_chpass_principal_3(server_handle, principal, FALSE,
+				 0, NULL, password);
+}
+
+kadm5_ret_t
+kadm5_chpass_principal_3(void *server_handle,
+			 krb5_principal principal, krb5_boolean keepold,
+			 int n_ks_tuple, krb5_key_salt_tuple *ks_tuple,
+			 char *password)
 {
     krb5_int32			now;
     kadm5_policy_ent_rec	pol;
@@ -1052,10 +1074,10 @@ kadm5_chpass_principal(void *server_handle,
 	 goto done;
 
     if (ret = krb5_dbe_cpw(handle->context, &master_keyblock,
-			   handle->params.keysalts,
-			   handle->params.num_keysalts,
+			   n_ks_tuple?ks_tuple:handle->params.keysalts,
+			   n_ks_tuple?n_ks_tuple:handle->params.num_keysalts,
 			   password, 0 /* increment kvno */,
-			   FALSE, &kdb))
+			   keepold, &kdb))
 	goto done;
 
     kdb.attributes &= ~KRB5_KDB_REQUIRES_PWCHANGE;
@@ -1146,6 +1168,19 @@ kadm5_randkey_principal(void *server_handle,
 			krb5_principal principal,
 			krb5_keyblock **keyblocks,
 			int *n_keys)
+{
+    return
+	kadm5_randkey_principal_3(server_handle, principal,
+				  FALSE, 0, NULL,
+				  keyblocks, n_keys);
+}
+kadm5_ret_t
+kadm5_randkey_principal_3(void *server_handle,
+			krb5_principal principal,
+			krb5_boolean keepold,
+			int n_ks_tuple, krb5_key_salt_tuple *ks_tuple,
+			krb5_keyblock **keyblocks,
+			int *n_keys)
 {
     krb5_db_entry		kdb;
     osa_princ_ent_rec		adb;
@@ -1172,8 +1207,9 @@ kadm5_randkey_principal(void *server_handle,
        return(ret);
 
     if (ret = krb5_dbe_crk(handle->context, &master_keyblock,
-			   handle->params.keysalts,
-			   handle->params.num_keysalts, FALSE,
+			   n_ks_tuple?n_ks_tuple:handle->params.keysalts,
+			   n_ks_tuple?ks_tuple:handle->params.num_keysalts,
+			   keepold,
 			   &kdb))
        goto done;
 
-- 
2.26.2