[293] in Kerberos-V5-bugs
admin-changes.patch
daemon@ATHENA.MIT.EDU (Marc Horowitz)
Fri Feb 26 17:54:43 1993
To: krb5-bugs@MIT.EDU
Date: Fri, 26 Feb 1993 17:51:16 -0500
From: Marc Horowitz <marc@Aktis.COM>
** admin program fixes and additions
./admin/edit/kdb5_ed_ct.ct
./admin/edit/kdb5_edit.c
./admin/edit/kdb5_edit.h
moved definition of struct saltblock into header file since
add_key() depends on it.
Add new_extract_srvtab command
*** ./admin/edit/kdb5_edit.h.old 1992/11/16 16:24:51
--- ./admin/edit/kdb5_edit.h 1992/12/07 15:12:28
***************
*** 37,42 ****
--- 37,47 ----
krb5_kvno mkvno;
};
+ struct saltblock {
+ int salttype;
+ krb5_data saltdata;
+ };
+
/* krb5_kvno may be narrow */
#include <krb5/widen.h>
void add_key PROTOTYPE((char const *, char const *, krb5_const_principal,
*** ./admin/edit/kdb5_ed_ct.ct.old 1991/06/06 09:25:28
--- ./admin/edit/kdb5_ed_ct.ct 1992/12/07 20:50:34
***************
*** 51,56 ****
--- 51,59 ----
request extract_srvtab, "Extract service key table",
extract_srvtab, xst, ex_st;
+ request new_extract_srvtab, "Extract service key table",
+ new_extract_srvtab, nxst, n_ex_st;
+
request extract_v4_srvtab, "Extract service key table",
extract_v4_srvtab, xst4;
*** ./admin/edit/kdb5_edit.c.old 1992/11/16 16:24:38
--- ./admin/edit/kdb5_edit.c 1992/12/07 20:50:34
***************
*** 45,55 ****
#include "./kdb5_edit.h"
- struct saltblock {
- int salttype;
- krb5_data saltdata;
- };
-
#define norealm_salt(princ, retdata) krb5_principal2salt(&(princ)[1], retdata)
struct mblock mblock = { /* XXX */
--- 45,50 ----
***************
*** 741,746 ****
--- 736,878 ----
}
if (retval = krb5_kt_close(ktid))
com_err(argv[0], retval, "while closing keytab");
+ return;
+ }
+
+ void
+ new_extract_srvtab(argc, argv)
+ int argc;
+ char *argv[];
+ {
+ char ktname[MAXPATHLEN+sizeof("WRFILE:")+1], *ktnameptr = 0;
+ krb5_keytab ktid;
+ krb5_error_code retval;
+ krb5_principal princ;
+ krb5_db_entry dbentry;
+ char *pname;
+ register int i;
+ int nentries;
+ krb5_boolean more;
+ krb5_keytab_entry newentry;
+ char *subsysname = argv[0];
+ static int srvtab_number = 0;
+
+ argv++, argc--;
+
+ while (argc && **argv == '-') {
+ if (! strcmp(&argv[0][1], "file")) {
+ argv++, argc--;
+ if (! argc) {
+ com_err(subsysname, 0, "Missing argument after '-file'");
+ goto usage;
+ }
+ ktnameptr = argv[0];
+ argv++, argc--;
+ }
+ else {
+ goto usage;
+ }
+ }
+
+ if (! argc) {
+ goto usage;
+ }
+
+ if (!dbactive) {
+ com_err(subsysname, 0, Err_no_database);
+ return;
+ }
+ if (!valid_master_key) {
+ com_err(subsysname, 0, Err_no_master_msg);
+ return;
+ }
+
+ memset(ktname, 0, sizeof(ktname));
+ strcpy(ktname, "WRFILE:");
+ if (ktnameptr) {
+ if (strlen(ktnameptr) + strlen(ktname) + 1 > sizeof(ktname)) {
+ com_err(subsysname, 0, "File name '%s' is too long",
+ ktnameptr);
+ return;
+ }
+ strcat(ktname, ktnameptr);
+ }
+ else {
+ (void) sprintf(&ktname[strlen(ktname)], "new-srvtab-%d",
+ srvtab_number++);
+ }
+
+ if (retval = krb5_kt_resolve(ktname, &ktid)) {
+ com_err(subsysname, retval, "while resolving keytab name '%s'",
+ ktname);
+ return;
+ }
+
+ for (; argc; argc--, argv++) {
+ /* iterate over the names */
+ pname = malloc(strlen(*argv) + strlen(cur_realm)+2);
+ if (!pname) {
+ com_err(subsysname, ENOMEM,
+ "while preparing to extract key for %s", *argv);
+ continue;
+ }
+ strcpy(pname, *argv);
+ if (!strchr(*argv, REALM_SEP)) {
+ strcat(pname, REALM_SEP_STR);
+ strcat(pname, cur_realm);
+ }
+
+ if (retval = krb5_parse_name(pname, &princ)) {
+ com_err(subsysname, retval, "while parsing '%s'", pname);
+ free(pname);
+ continue;
+ }
+ nentries = 1;
+ if (retval = krb5_db_get_principal(princ, &dbentry, &nentries,
+ &more)) {
+ com_err(subsysname, retval, "while retrieving '%s'", pname);
+ goto cleanmost;
+ } else if (more) {
+ com_err(subsysname, KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE,
+ "while retrieving '%s'", pname);
+ if (nentries)
+ krb5_db_free_principal(&dbentry, nentries);
+ goto cleanmost;
+ } else if (!nentries) {
+ com_err(subsysname, KRB5_KDB_NOENTRY, "while retrieving '%s'",
+ pname);
+ goto cleanmost;
+ }
+ if (retval = krb5_kdb_decrypt_key(&master_encblock,
+ &dbentry.key,
+ &newentry.key)) {
+ com_err(subsysname, retval, "while decrypting key for '%s'",
+ pname);
+ goto cleanall;
+ }
+ newentry.principal = princ;
+ newentry.vno = dbentry.kvno;
+ if (retval = krb5_kt_add_entry(ktid, &newentry)) {
+ com_err(subsysname, retval, "while adding key to keytab '%s'",
+ ktname);
+ } else
+ printf("'%s' added to keytab '%s'\n",
+ pname, ktname);
+ memset((char *)newentry.key.contents, 0, newentry.key.length);
+ xfree(newentry.key.contents);
+ cleanall:
+ krb5_db_free_principal(&dbentry, nentries);
+ cleanmost:
+ free(pname);
+ krb5_free_principal(princ);
+ }
+ if (retval = krb5_kt_close(ktid))
+ com_err(subsysname, retval, "while closing keytab");
+ return;
+
+ usage:
+ com_err(subsysname, 0, "Usage: %s [ -file srvtab-file ] principal ...",
+ subsysname);
return;
}
