aboutsummaryrefslogtreecommitdiff
path: root/src/kadmin/dbutil/loadv4.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/kadmin/dbutil/loadv4.c')
-rw-r--r--src/kadmin/dbutil/loadv4.c82
1 files changed, 44 insertions, 38 deletions
diff --git a/src/kadmin/dbutil/loadv4.c b/src/kadmin/dbutil/loadv4.c
index 01a4bf2..b7df142 100644
--- a/src/kadmin/dbutil/loadv4.c
+++ b/src/kadmin/dbutil/loadv4.c
@@ -25,6 +25,32 @@
* entries from a V4 database.
*/
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government. It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. FundsXpress makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
#ifdef KRB5_KRB4_COMPAT
#include <des.h>
@@ -59,8 +85,7 @@ struct realm_info {
krb5_deltat max_rlife;
krb5_timestamp expiration;
krb5_flags flags;
- krb5_encrypt_block *eblock;
- krb5_pointer rseed;
+ krb5_keyblock *key;
};
static struct realm_info rblock = { /* XXX */
@@ -92,7 +117,6 @@ static int create_local_tgt = 0;
static krb5_keyblock master_keyblock;
static krb5_principal master_princ;
-static krb5_encrypt_block master_encblock;
static krb5_data tgt_princ_entries[] = {
{0, KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME},
@@ -146,6 +170,7 @@ char *argv[];
extern kadm5_config_params global_params;
long exp_time = 0;
krb5_int32 crflags = KRB5_KDB_CREATE_BTREE;
+ krb5_data seed;
retval = krb5_init_context(&context);
if (retval) {
@@ -218,8 +243,6 @@ char *argv[];
return;
}
- krb5_use_enctype(context, &master_encblock, master_keyblock.enctype);
-
/* If the user has not requested locking, don't modify an existing database. */
if (! tempdb) {
retval = krb5_db_set_name(context, dbname);
@@ -281,39 +304,32 @@ master key name '%s'\n",
fflush(stdout);
}
- if (retval = krb5_db_fetch_mkey(context, master_princ, &master_encblock,
+ if (retval = krb5_db_fetch_mkey(context, master_princ,
+ master_keyblock.enctype,
read_mkey, read_mkey, stash_file, 0,
&master_keyblock)) {
com_err(PROGNAME, retval, "while reading master key");
krb5_free_context(context);
return;
}
- if (retval = krb5_process_key(context, &master_encblock, &master_keyblock)) {
- com_err(PROGNAME, retval, "while processing master key");
- krb5_free_context(context);
- return;
- }
- rblock.eblock = &master_encblock;
- if (retval = krb5_init_random_key(context, &master_encblock,
- &master_keyblock, &rblock.rseed)) {
+ rblock.key = &master_keyblock;
+
+ seed.length = master_keyblock.length;
+ seed.data = master_keyblock.contents;
+
+ if (retval = krb5_c_random_seed(context, &seed)) {
com_err(PROGNAME, retval, "while initializing random key generator");
- (void) krb5_finish_key(context, &master_encblock);
krb5_free_context(context);
return;
}
if (retval = krb5_db_create(context, tempdbname, crflags)) {
- (void) krb5_finish_key(context, &master_encblock);
- (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
- (void) krb5_db_destroy(context, tempdbname);
com_err(PROGNAME, retval, "while creating %sdatabase '%s'",
tempdb ? "temporary " : "", tempdbname);
krb5_free_context(context);
return;
}
if (retval = krb5_db_set_name(context, tempdbname)) {
- (void) krb5_finish_key(context, &master_encblock);
- (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
(void) krb5_db_destroy(context, tempdbname);
com_err(PROGNAME, retval, "while setting active database to '%s'",
tempdbname);
@@ -321,16 +337,12 @@ master key name '%s'\n",
return;
}
if (v4init(PROGNAME, v4manual, v4dumpfile)) {
- (void) krb5_finish_key(context, &master_encblock);
- (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
(void) krb5_db_destroy(context, tempdbname);
krb5_free_context(context);
return;
}
if ((retval = krb5_db_init(context)) ||
(retval = krb5_db_open_database(context))) {
- (void) krb5_finish_key(context, &master_encblock);
- (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
(void) krb5_db_destroy(context, tempdbname);
com_err(PROGNAME, retval, "while initializing the database '%s'",
tempdbname);
@@ -340,8 +352,6 @@ master key name '%s'\n",
if (retval = add_principal(context, master_princ, MASTER_KEY, &rblock)) {
(void) krb5_db_fini(context);
- (void) krb5_finish_key(context, &master_encblock);
- (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
(void) krb5_db_destroy(context, tempdbname);
com_err(PROGNAME, retval, "while adding K/M to the database");
krb5_free_context(context);
@@ -351,8 +361,6 @@ master key name '%s'\n",
if (create_local_tgt &&
(retval = add_principal(context, &tgt_princ, RANDOM_KEY, &rblock))) {
(void) krb5_db_fini(context);
- (void) krb5_finish_key(context, &master_encblock);
- (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
(void) krb5_db_destroy(context, tempdbname);
com_err(PROGNAME, retval, "while adding TGT service to the database");
krb5_free_context(context);
@@ -384,8 +392,6 @@ master key name '%s'\n",
if (tempdb)
(void) krb5_db_destroy (context, tempdbname);
}
- (void) krb5_finish_key(context, &master_encblock);
- (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
memset((char *)master_keyblock.contents, 0, master_keyblock.length);
/*
@@ -547,7 +553,7 @@ Principal *princ;
keysalt.type = KRB5_KDB_SALTTYPE_V4;
keysalt.data.length = 0;
keysalt.data.data = (char *) NULL;
- retval = krb5_dbekd_encrypt_key_data(context, rblock.eblock,
+ retval = krb5_dbekd_encrypt_key_data(context, rblock.key,
&v4v5key, &keysalt,
princ->key_version,
&entry.key_data[0]);
@@ -592,7 +598,7 @@ struct realm_info *pblock;
{
krb5_db_entry entry;
krb5_error_code retval;
- krb5_keyblock *rkey;
+ krb5_keyblock rkey;
int nentries = 1;
krb5_timestamp mod_time;
krb5_principal mod_princ;
@@ -619,7 +625,7 @@ struct realm_info *pblock;
switch (op) {
case MASTER_KEY:
entry.attributes |= KRB5_KDB_DISALLOW_ALL_TIX;
- if (retval = krb5_dbekd_encrypt_key_data(context, pblock->eblock,
+ if (retval = krb5_dbekd_encrypt_key_data(context, pblock->key,
&master_keyblock,
(krb5_keysalt *) NULL, 1,
&entry.key_data[0])) {
@@ -628,19 +634,19 @@ struct realm_info *pblock;
}
break;
case RANDOM_KEY:
- if (retval = krb5_random_key(context, pblock->eblock, pblock->rseed,
- &rkey)) {
+ if (retval = krb5_c_make_random_key(context, pblock->key->enctype,
+ &rkey)) {
krb5_db_free_principal(context, &entry, 1);
return retval;
}
- if (retval = krb5_dbekd_encrypt_key_data(context, pblock->eblock,
- rkey,
+ if (retval = krb5_dbekd_encrypt_key_data(context, pblock->key,
+ &rkey,
(krb5_keysalt *) NULL, 1,
&entry.key_data[0])) {
krb5_db_free_principal(context, &entry, 1);
return(retval);
}
- krb5_free_keyblock(context, rkey);
+ krb5_free_keyblock_contents(context, &rkey);
break;
case NULL_KEY:
return EOPNOTSUPP;
generated by cgit v1.1 at 2024-09-10 06:56:22 +0000