diff options
author | Mubashir Kazia <mkazia@gmail.com> | 2017-06-11 13:30:34 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2017-06-13 19:13:59 -0400 |
commit | 1a3f7ce0708a0695fd93c2445cf1fd0401ce00d4 (patch) | |
tree | e48e75abb0d3643088091b0aad7d91b0e30a1a18 | |
parent | 91afad7fc60fe6ce86f8d4a8ef4ce53c7cada31a (diff) | |
download | krb5-1a3f7ce0708a0695fd93c2445cf1fd0401ce00d4.zip krb5-1a3f7ce0708a0695fd93c2445cf1fd0401ce00d4.tar.gz krb5-1a3f7ce0708a0695fd93c2445cf1fd0401ce00d4.tar.bz2 |
Add ktutil add_entry option to specify salt
[ghudson@mit.edu: also fix minor leak in ktutil_add()]
ticket: 7647
-rw-r--r-- | doc/admin/admin_commands/ktutil.rst | 2 | ||||
-rw-r--r-- | src/kadmin/ktutil/ktutil.c | 13 | ||||
-rw-r--r-- | src/kadmin/ktutil/ktutil.h | 3 | ||||
-rw-r--r-- | src/kadmin/ktutil/ktutil_funcs.c | 17 | ||||
-rw-r--r-- | src/man/ktutil.man | 2 |
5 files changed, 26 insertions, 11 deletions
diff --git a/doc/admin/admin_commands/ktutil.rst b/doc/admin/admin_commands/ktutil.rst index d55ddc8..2eb19de 100644 --- a/doc/admin/admin_commands/ktutil.rst +++ b/doc/admin/admin_commands/ktutil.rst @@ -87,7 +87,7 @@ add_entry ~~~~~~~~~ **add_entry** {**-key**\|\ **-password**} **-p** *principal* - **-k** *kvno* **-e** *enctype* + **-k** *kvno* **-e** *enctype* [**-s** *salt*] Add *principal* to keylist using key or password. diff --git a/src/kadmin/ktutil/ktutil.c b/src/kadmin/ktutil/ktutil.c index 86e3d9b..6a8586d 100644 --- a/src/kadmin/ktutil/ktutil.c +++ b/src/kadmin/ktutil/ktutil.c @@ -141,6 +141,7 @@ void ktutil_add_entry(argc, argv) char *enctype = NULL; krb5_kvno kvno = 0; int use_pass = 0, use_key = 0, use_kvno = 0, i; + char *salt = NULL; for (i = 1; i < argc; i++) { if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-p", 2)) { @@ -164,16 +165,22 @@ void ktutil_add_entry(argc, argv) use_key++; continue; } + if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-s", 2)) { + salt = argv[++i]; + continue; + } } - if (argc != 8 || !(princ && use_kvno && enctype) || + if (!((argc == 8 && princ && use_kvno && enctype) || + (argc == 10 && princ && use_kvno && enctype && salt)) || use_pass + use_key != 1) { fprintf(stderr, _("usage: %s (-key | -password) -p principal " - "-k kvno -e enctype\n"), argv[0]); + "-k kvno -e enctype [-s salt]\n"), argv[0]); return; } - retval = ktutil_add(kcontext, &ktlist, princ, kvno, enctype, use_pass); + retval = ktutil_add(kcontext, &ktlist, princ, kvno, enctype, use_pass, + salt); if (retval) com_err(argv[0], retval, _("while adding new entry")); } diff --git a/src/kadmin/ktutil/ktutil.h b/src/kadmin/ktutil/ktutil.h index c4839ff..8bf4915 100644 --- a/src/kadmin/ktutil/ktutil.h +++ b/src/kadmin/ktutil/ktutil.h @@ -38,7 +38,8 @@ krb5_error_code ktutil_add (krb5_context, char *, krb5_kvno, char *, - int); + int, + char *); krb5_error_code ktutil_read_keytab (krb5_context, char *, diff --git a/src/kadmin/ktutil/ktutil_funcs.c b/src/kadmin/ktutil/ktutil_funcs.c index 20a348c..7a3aa0d 100644 --- a/src/kadmin/ktutil/ktutil_funcs.c +++ b/src/kadmin/ktutil/ktutil_funcs.c @@ -87,13 +87,14 @@ krb5_error_code ktutil_delete(context, list, idx) * one first. */ krb5_error_code ktutil_add(context, list, princ_str, kvno, - enctype_str, use_pass) + enctype_str, use_pass, salt_str) krb5_context context; krb5_kt_list *list; char *princ_str; krb5_kvno kvno; char *enctype_str; int use_pass; + char *salt_str; { krb5_keytab_entry *entry; krb5_kt_list lp = NULL, prev = NULL; @@ -101,7 +102,7 @@ krb5_error_code ktutil_add(context, list, princ_str, kvno, krb5_enctype enctype; krb5_timestamp now; krb5_error_code retval; - krb5_data password, salt; + krb5_data password, salt, defsalt = empty_data(); krb5_keyblock key; char buf[BUFSIZ]; char promptstr[1024]; @@ -165,9 +166,14 @@ krb5_error_code ktutil_add(context, list, princ_str, kvno, &password.length); if (retval) goto cleanup; - retval = krb5_principal2salt(context, princ, &salt); - if (retval) - goto cleanup; + if (salt_str != NULL) { + salt = string2data(salt_str); + } else { + retval = krb5_principal2salt(context, princ, &defsalt); + if (retval) + goto cleanup; + salt = defsalt; + } retval = krb5_c_string_to_key(context, enctype, &password, &salt, &key); if (retval) @@ -225,6 +231,7 @@ cleanup: if (prev) prev->next = NULL; ktutil_free_kt_list(context, lp); + krb5_free_data_contents(context, &defsalt); return retval; } diff --git a/src/man/ktutil.man b/src/man/ktutil.man index f0bf88f..3498b65 100644 --- a/src/man/ktutil.man +++ b/src/man/ktutil.man @@ -113,7 +113,7 @@ Alias: \fBdelent\fP .INDENT 0.0 .INDENT 3.5 \fBadd_entry\fP {\fB\-key\fP|\fB\-password\fP} \fB\-p\fP \fIprincipal\fP -\fB\-k\fP \fIkvno\fP \fB\-e\fP \fIenctype\fP +\fB\-k\fP \fIkvno\fP \fB\-e\fP \fIenctype\fP [\fB\-s\fP \fIsalt\fP] .UNINDENT .UNINDENT .sp |