diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2018-04-03 19:36:00 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2018-04-03 19:36:00 +0000 |
| commit | b0e4d68d5124581ae353493d69bea352de4cff8a (patch) | |
| tree | 43300ec43e83eccd367fd76fdfdefba2dcd7d8f4 /src/kadmin/ktutil | |
| parent | 33a9b234e7087f573ef08cd7318c6497ba08b439 (diff) | |
Notes
Diffstat (limited to 'src/kadmin/ktutil')
| -rw-r--r-- | src/kadmin/ktutil/ktutil.c | 17 | ||||
| -rw-r--r-- | src/kadmin/ktutil/ktutil.h | 3 | ||||
| -rw-r--r-- | src/kadmin/ktutil/ktutil_funcs.c | 17 |
3 files changed, 27 insertions, 10 deletions
diff --git a/src/kadmin/ktutil/ktutil.c b/src/kadmin/ktutil/ktutil.c index ef16d37a5693..6a8586da8207 100644 --- a/src/kadmin/ktutil/ktutil.c +++ b/src/kadmin/ktutil/ktutil.c @@ -140,7 +140,8 @@ void ktutil_add_entry(argc, argv) char *princ = NULL; char *enctype = NULL; krb5_kvno kvno = 0; - int use_pass = 0, use_key = 0, i; + int use_pass = 0, use_key = 0, use_kvno = 0, i; + char *salt = NULL; for (i = 1; i < argc; i++) { if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-p", 2)) { @@ -149,6 +150,7 @@ void ktutil_add_entry(argc, argv) } if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-k", 2)) { kvno = (krb5_kvno) atoi(argv[++i]); + use_kvno++; continue; } if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-e", 2)) { @@ -163,15 +165,22 @@ void ktutil_add_entry(argc, argv) use_key++; continue; } + if ((strlen(argv[i]) == 2) && !strncmp(argv[i], "-s", 2)) { + salt = argv[++i]; + continue; + } } - if (argc != 8 || !(princ && kvno && enctype) || (use_pass+use_key != 1)) { + if (!((argc == 8 && princ && use_kvno && enctype) || + (argc == 10 && princ && use_kvno && enctype && salt)) || + use_pass + use_key != 1) { fprintf(stderr, _("usage: %s (-key | -password) -p principal " - "-k kvno -e enctype\n"), argv[0]); + "-k kvno -e enctype [-s salt]\n"), argv[0]); return; } - retval = ktutil_add(kcontext, &ktlist, princ, kvno, enctype, use_pass); + retval = ktutil_add(kcontext, &ktlist, princ, kvno, enctype, use_pass, + salt); if (retval) com_err(argv[0], retval, _("while adding new entry")); } diff --git a/src/kadmin/ktutil/ktutil.h b/src/kadmin/ktutil/ktutil.h index c4839ff12aa8..8bf491525095 100644 --- a/src/kadmin/ktutil/ktutil.h +++ b/src/kadmin/ktutil/ktutil.h @@ -38,7 +38,8 @@ krb5_error_code ktutil_add (krb5_context, char *, krb5_kvno, char *, - int); + int, + char *); krb5_error_code ktutil_read_keytab (krb5_context, char *, diff --git a/src/kadmin/ktutil/ktutil_funcs.c b/src/kadmin/ktutil/ktutil_funcs.c index 20a348c80582..7a3aa0dcad59 100644 --- a/src/kadmin/ktutil/ktutil_funcs.c +++ b/src/kadmin/ktutil/ktutil_funcs.c @@ -87,13 +87,14 @@ krb5_error_code ktutil_delete(context, list, idx) * one first. */ krb5_error_code ktutil_add(context, list, princ_str, kvno, - enctype_str, use_pass) + enctype_str, use_pass, salt_str) krb5_context context; krb5_kt_list *list; char *princ_str; krb5_kvno kvno; char *enctype_str; int use_pass; + char *salt_str; { krb5_keytab_entry *entry; krb5_kt_list lp = NULL, prev = NULL; @@ -101,7 +102,7 @@ krb5_error_code ktutil_add(context, list, princ_str, kvno, krb5_enctype enctype; krb5_timestamp now; krb5_error_code retval; - krb5_data password, salt; + krb5_data password, salt, defsalt = empty_data(); krb5_keyblock key; char buf[BUFSIZ]; char promptstr[1024]; @@ -165,9 +166,14 @@ krb5_error_code ktutil_add(context, list, princ_str, kvno, &password.length); if (retval) goto cleanup; - retval = krb5_principal2salt(context, princ, &salt); - if (retval) - goto cleanup; + if (salt_str != NULL) { + salt = string2data(salt_str); + } else { + retval = krb5_principal2salt(context, princ, &defsalt); + if (retval) + goto cleanup; + salt = defsalt; + } retval = krb5_c_string_to_key(context, enctype, &password, &salt, &key); if (retval) @@ -225,6 +231,7 @@ cleanup: if (prev) prev->next = NULL; ktutil_free_kt_list(context, lp); + krb5_free_data_contents(context, &defsalt); return retval; } |