From fd8f09601a5c9d586aece399b1e90cd81883ccee Mon Sep 17 00:00:00 2001 From: Chris Provenzano Date: Wed, 6 Sep 1995 03:20:07 +0000 Subject: [PATCH] * cpw.c, dump.c, dumpv4.c, kdb5_edit.c, loadv4.c : Remove krb5_enctype references, and replace with krb5_keytype where appropriate. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6662 dc483132-0cff-0310-8789-dd5450dbe970 --- src/admin/edit/ChangeLog | 5 +++++ src/admin/edit/cpw.c | 4 ++-- src/admin/edit/dump.c | 4 ++-- src/admin/edit/dumpv4.c | 34 +++++++++++++++++++++++++++++++++- src/admin/edit/kdb5_edit.c | 26 ++------------------------ src/admin/edit/loadv4.c | 27 +++------------------------ 6 files changed, 47 insertions(+), 53 deletions(-) diff --git a/src/admin/edit/ChangeLog b/src/admin/edit/ChangeLog index 80c858739..ecd3eed00 100644 --- a/src/admin/edit/ChangeLog +++ b/src/admin/edit/ChangeLog @@ -1,4 +1,9 @@ +Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) + + * cpw.c, dump.c, dumpv4.c, kdb5_edit.c, loadv4.c : Remove krb5_enctype + references, and replace with krb5_keytype where appropriate. + Fri Aug 25 17:37:33 EDT 1995 Paul Park (pjpark@mit.edu) * dumpv4.c - Fix handle_keys(). It was trying to recreate work that has already been done. diff --git a/src/admin/edit/cpw.c b/src/admin/edit/cpw.c index f706b89c1..efd023c92 100644 --- a/src/admin/edit/cpw.c +++ b/src/admin/edit/cpw.c @@ -51,7 +51,7 @@ extern char *krb5_default_pwd_prompt1, *krb5_default_pwd_prompt2; extern krb5_boolean dbactive; extern FILE *scriptfile; -static krb5_key_salt_tuple ks_tuple_rnd_def[] = {{ KEYTYPE_DES, 0 }}; +static krb5_key_salt_tuple ks_tuple_rnd_def[] = {{ KEYTYPE_DES_CBC_CRC, 0 }}; static int ks_tuple_rnd_def_count = 1; static void @@ -180,7 +180,7 @@ void change_rnd_key(argc, argv) } } -static krb5_key_salt_tuple ks_tuple_default[] = {{ KEYTYPE_DES, 0 }}; +static krb5_key_salt_tuple ks_tuple_default[] = {{ KEYTYPE_DES_CBC_CRC, 0 }}; static int ks_tuple_count_default = 1; void diff --git a/src/admin/edit/dump.c b/src/admin/edit/dump.c index 53f2606d9..bbf2d09d0 100644 --- a/src/admin/edit/dump.c +++ b/src/admin/edit/dump.c @@ -398,11 +398,11 @@ dump_k5beta_iterator(ptr, entry) * Find the 'primary' key and the 'alternate' key. */ if ((retval = find_keytype(entry, - KEYTYPE_DES, + KEYTYPE_DES_CBC_CRC, KRB5_KDB_SALTTYPE_NORMAL, &pkey)) && (retval = find_keytype(entry, - KEYTYPE_DES, + KEYTYPE_DES_CBC_CRC, KRB5_KDB_SALTTYPE_V4, &akey))) { fprintf(stderr, nokeys_err, arg->programname, name); diff --git a/src/admin/edit/dumpv4.c b/src/admin/edit/dumpv4.c index 7875d1d2b..286e5180e 100644 --- a/src/admin/edit/dumpv4.c +++ b/src/admin/edit/dumpv4.c @@ -313,7 +313,39 @@ void dump_v4db(argc, argv) int handle_keys(arg) struct dump_record *arg; { - arg->realm = cur_realm; + krb5_error_code retval; + char *defrealm; + char *mkey_name = 0; + char *mkey_fullname; + krb5_principal master_princ; + + if (retval = krb5_get_default_realm(edit_context, &defrealm)) { + com_err(arg->comerr_name, retval, + "while retrieving default realm name"); + exit(1); + } + arg->realm = defrealm; + + /* assemble & parse the master key name */ + + if (retval = krb5_db_setup_mkey_name(edit_context, mkey_name, arg->realm, + &mkey_fullname, &master_princ)) { + com_err(arg->comerr_name, retval, "while setting up master key name"); + exit(1); + } + + krb5_use_keytype(edit_context, &master_encblock, DEFAULT_KDC_KEYTYPE); + if (retval = krb5_db_fetch_mkey(edit_context, master_princ, + &master_encblock, 0, + 0, (char *) NULL, 0, &master_keyblock)) { + com_err(arg->comerr_name, retval, "while reading master key"); + exit(1); + } + if (retval = krb5_process_key(edit_context, &master_encblock, + &master_keyblock)) { + com_err(arg->comerr_name, retval, "while processing master key"); + exit(1); + } arg->v5master = &master_encblock; return(0); } diff --git a/src/admin/edit/kdb5_edit.c b/src/admin/edit/kdb5_edit.c index 129c0d366..90a6b2bea 100644 --- a/src/admin/edit/kdb5_edit.c +++ b/src/admin/edit/kdb5_edit.c @@ -78,7 +78,7 @@ usage(who, status) fprintf(stderr, "usage: %s [-d dbpathname] [-r realmname] [-R request ]\n", who); - fprintf(stderr, "\t [-k keytype] [-e etype] [-M mkeyname]\n"); + fprintf(stderr, "\t [-k keytype] [-M mkeyname]\n"); exit(status); } @@ -108,8 +108,6 @@ char *kdb5_edit_Init(argc, argv) char *dbname = (char *) NULL; char *defrealm; int keytypedone = 0; - int etypedone = 0; - krb5_enctype etype = DEFAULT_KDC_ETYPE; extern krb5_kt_ops krb5_ktf_writable_ops; char *request = NULL; krb5_realm_params *rparams; @@ -157,13 +155,6 @@ char *kdb5_edit_Init(argc, argv) case 'M': /* master key name in DB */ mkey_name = optarg; break; - case 'e': - if (krb5_string_to_enctype(optarg, &etype)) - com_err(argv[0], 0, "%s is an invalid encryption type", - optarg); - else - etypedone++; - break; case 'm': manual_mkey = TRUE; break; @@ -205,10 +196,6 @@ char *kdb5_edit_Init(argc, argv) keytypedone++; } - /* Get the value for the encryption type */ - if (rparams->realm_enctype_valid && !etypedone) - etype = rparams->realm_enctype; - /* Get the value for the stashfile */ if (rparams->realm_stash_file) stash_file = strdup(rparams->realm_stash_file); @@ -260,16 +247,7 @@ char *kdb5_edit_Init(argc, argv) exit(1); } - if (!valid_etype(etype)) { - char tmp[32]; - if (krb5_enctype_to_string(etype, tmp, sizeof(tmp))) - com_err(argv[0], KRB5_PROG_ETYPE_NOSUPP, - "while setting up etype %d", etype); - else - com_err(argv[0], KRB5_PROG_ETYPE_NOSUPP, tmp); - exit(1); - } - krb5_use_cstype(edit_context, &master_encblock, etype); + krb5_use_keytype(edit_context, &master_encblock, master_keyblock.keytype); if (cur_realm) { if ((retval = krb5_set_default_realm(edit_context, cur_realm))) { diff --git a/src/admin/edit/loadv4.c b/src/admin/edit/loadv4.c index 6374ea5a2..5ae9400b8 100644 --- a/src/admin/edit/loadv4.c +++ b/src/admin/edit/loadv4.c @@ -91,7 +91,7 @@ char *who; int status; { fprintf(stderr, "usage: %s [-d v5dbpathname] [-t] [-n] [-r realmname] [-K] [-k keytype]\n\ -\t[-e etype] [-M mkeyname] -f inputfile\n", +\t[-M mkeyname] -f inputfile\n", who); return; } @@ -152,8 +152,6 @@ char *argv[]; krb5_realm_params *rparams; int persist, op_ind; - krb5_enctype etype = 0xffff; - krb5_init_context(&context); krb5_init_ets(context); @@ -197,12 +195,6 @@ char *argv[]; mkey_name = argv[op_ind+1]; op_ind++; } - else if (!strcmp(argv[op_ind], "-e") && ((argc - op_ind) >= 2)) { - if (krb5_string_to_enctype(argv[op_ind+1], &etype)) - com_err(argv[0], 0, "%s is an invalid encryption type", - argv[op_ind+1]); - op_ind++; - } else if (!strcmp(argv[op_ind], "-n")) { v4manual++; } @@ -242,10 +234,6 @@ char *argv[]; keytypedone++; } - /* Get the value for the encryption type */ - if (rparams->realm_enctype_valid && (etype == 0xffff)) - etype = rparams->realm_enctype; - /* Get the value for the stashfile */ if (rparams->realm_stash_file) stash_file = strdup(rparams->realm_stash_file); @@ -283,15 +271,7 @@ char *argv[]; return; } - if (etype == 0xffff) - etype = DEFAULT_KDC_ETYPE; - - if (!valid_etype(etype)) { - com_err(PROGNAME, KRB5_PROG_ETYPE_NOSUPP, - "while setting up etype %d", etype); - return; - } - krb5_use_cstype(context, &master_encblock, etype); + krb5_use_keytype(context, &master_encblock, master_keyblock.keytype); /* If the user has not requested locking, don't modify an existing database. */ if (! tempdb) { @@ -549,9 +529,8 @@ Principal *princ; DECRYPT); v4v5key.magic = KV5M_KEYBLOCK; - v4v5key.etype = master_keyblock.etype; v4v5key.contents = (krb5_octet *)v4key; - v4v5key.keytype = KEYTYPE_DES; + v4v5key.keytype = KEYTYPE_DES_CBC_CRC; v4v5key.length = sizeof(v4key); retval = krb5_dbe_create_key_data(context, &entry); -- 2.26.2