From 8e59e9c2dcd88205190060b21003d07cb05ed90e Mon Sep 17 00:00:00 2001 From: Theodore Tso Date: Thu, 29 Nov 1990 21:49:15 +0000 Subject: [PATCH] Added extract version 4 srvtab function git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1519 dc483132-0cff-0310-8789-dd5450dbe970 --- src/admin/edit/kdb5_ed_ct.ct | 3 + src/admin/edit/kdb5_edit.c | 104 +++++++++++++++++++++++++++++++++++ 2 files changed, 107 insertions(+) diff --git a/src/admin/edit/kdb5_ed_ct.ct b/src/admin/edit/kdb5_ed_ct.ct index c23b5b962..88c93831b 100644 --- a/src/admin/edit/kdb5_ed_ct.ct +++ b/src/admin/edit/kdb5_ed_ct.ct @@ -36,6 +36,9 @@ request delete_entry, "Delete an entry from the database", request extract_srvtab, "Extract service key table", extract_srvtab, xst, ex_st; +request extract_v4_srvtab, "Extract service key table", + extract_v4_srvtab, xst4; + request list_db, "List database entries", list_db, ldb; diff --git a/src/admin/edit/kdb5_edit.c b/src/admin/edit/kdb5_edit.c index 0477c2cd8..06d01379b 100644 --- a/src/admin/edit/kdb5_edit.c +++ b/src/admin/edit/kdb5_edit.c @@ -596,6 +596,110 @@ char *argv[]; return; } +void +extract_v4_srvtab(argc, argv) +int argc; +char *argv[]; +{ + char ktname[MAXPATHLEN+1]; + FILE *fout; + krb5_keytab ktid; + krb5_error_code retval; + krb5_principal princ; + krb5_db_entry dbentry; + char *pname; + register int i; + int nentries; + krb5_boolean more; + krb5_keyblock key; + + if (argc < 3) { + com_err(argv[0], 0, "Too few arguments"); + com_err(argv[0], 0, "Usage: %s instance name [name ...]", argv[0]); + return; + } + + memset(ktname, 0, sizeof(ktname)); + if (strlen(argv[1])+sizeof("-new-v4-srvtab") >= sizeof(ktname)) { + com_err(argv[0], 0, + "Instance name '%s' is too long to form a filename", argv[1]); + com_err(argv[0], 0, "using 'foobar' instead."); + strcat(ktname, "foobar"); + } else + strcat(ktname, argv[1]); + + strcat(ktname, "-new-v4-srvtab"); + if ((fout = fopen(ktname, "w")) == NULL) { + com_err(argv[0], 0, "Couldn't create file '%s'.\n", ktname); + return; + } + for (i = 2; i < argc; i++) { + /* iterate over the names */ + pname = malloc(strlen(argv[1])+strlen(argv[i])+strlen(cur_realm)+3); + if (!pname) { + com_err(argv[0], ENOMEM, + "while preparing to extract key for %s/%s", + argv[i], argv[1]); + continue; + } + strcpy(pname, argv[i]); + strcat(pname, "/"); + strcat(pname, argv[1]); + if (!strchr(argv[1], REALM_SEP)) { + strcat(pname, REALM_SEP_STR); + strcat(pname, cur_realm); + } + + if (retval = krb5_parse_name(pname, &princ)) { + com_err(argv[0], retval, "while parsing %s", pname); + free(pname); + continue; + } + nentries = 1; + if (retval = krb5_db_get_principal(princ, &dbentry, &nentries, + &more)) { + com_err(argv[0], retval, "while retrieving %s", pname); + goto cleanmost; + } else if (more) { + com_err(argv[0], KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE, + "while retrieving %s", pname); + if (nentries) + krb5_db_free_principal(&dbentry, nentries); + goto cleanmost; + } else if (!nentries) { + com_err(argv[0], KRB5_KDB_NOENTRY, "while retrieving %s", pname); + goto cleanmost; + } + if (retval = krb5_kdb_decrypt_key(&master_encblock, + &dbentry.key, + &key)) { + com_err(argv[0], retval, "while decrypting key for '%s'", pname); + goto cleanall; + } + if (key.keytype != 1) { + com_err(argv[0], 0, "%s does not have a DES key!", pname); + memset((char *)key.contents, 0, key.length); + free((char *)key.contents); + continue; + } + fwrite(argv[1], strlen(argv[1]) + 1, 1, fout); /* p.name */ + fwrite(argv[i], strlen(argv[i]) + 1, 1, fout); /* p.instance */ + fwrite(cur_realm, strlen(cur_realm) + 1, 1, fout); /* p.realm */ + fwrite(&dbentry.kvno, sizeof(dbentry.kvno), 1, fout); + fwrite(key.contents, 8, 1, fout); + printf("'%s' added to V4 srvtab '%s'\n", pname, ktname); + memset((char *)key.contents, 0, key.length); + free((char *)key.contents); + cleanall: + krb5_db_free_principal(&dbentry, nentries); + cleanmost: + free(pname); + krb5_free_principal(princ); + } + fclose(fout); + return; +} + krb5_error_code list_iterator(ptr, entry) krb5_pointer ptr; -- 2.26.2