use new master key functions
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3369 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
36
kdc/main.c
36
kdc/main.c
@@ -52,39 +52,25 @@ sigterm(int sig)
|
|||||||
int
|
int
|
||||||
main(int argc, char **argv)
|
main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
int c;
|
krb5_error_code ret;
|
||||||
|
EncryptionKey key;
|
||||||
set_progname(argv[0]);
|
set_progname(argv[0]);
|
||||||
|
|
||||||
krb5_init_context(&context);
|
krb5_init_context(&context);
|
||||||
|
|
||||||
configure(argc, argv);
|
configure(argc, argv);
|
||||||
|
|
||||||
if(keyfile){
|
ret = hdb_read_master_key(context, keyfile, &key);
|
||||||
FILE *f;
|
if(ret && ret != ENOENT)
|
||||||
size_t len;
|
krb5_err(context, 1, ret, "Failed to open master key file");
|
||||||
unsigned char buf[1024];
|
if(ret == 0){
|
||||||
EncryptionKey key;
|
set_master_key(key);
|
||||||
f = fopen(keyfile, "r");
|
|
||||||
if(f == NULL){
|
|
||||||
kdc_log(0, "Failed to open master key file %s", keyfile);
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
len = fread(buf, 1, sizeof(buf), f);
|
|
||||||
fclose(f);
|
|
||||||
if(decode_EncryptionKey(buf, len, &key, &len)){
|
|
||||||
kdc_log(0, "Failed to parse contents of master key file %s", keyfile);
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
set_master_key(&key);
|
|
||||||
memset(key.keyvalue.data, 0, key.keyvalue.length);
|
memset(key.keyvalue.data, 0, key.keyvalue.length);
|
||||||
free_EncryptionKey(&key);
|
free_EncryptionKey(&key);
|
||||||
}else{
|
kdc_log(5, "Database is encrypted");
|
||||||
des_cblock key;
|
}else
|
||||||
des_new_random_key(&key);
|
kdc_log(5, "Database is not encrypted");
|
||||||
memset(&key, 0, sizeof(key));
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
signal(SIGINT, sigterm);
|
signal(SIGINT, sigterm);
|
||||||
loop();
|
loop();
|
||||||
krb5_free_context(context);
|
krb5_free_context(context);
|
||||||
|
|||||||
13
kdc/misc.c
13
kdc/misc.c
@@ -66,16 +66,17 @@ db_fetch(krb5_principal principal)
|
|||||||
return ent;
|
return ent;
|
||||||
}
|
}
|
||||||
|
|
||||||
static des_key_schedule master_key;
|
static krb5_data master_key;
|
||||||
static int master_key_set;
|
static int master_key_set;
|
||||||
|
|
||||||
void
|
void
|
||||||
set_master_key(EncryptionKey *key)
|
set_master_key(EncryptionKey key)
|
||||||
{
|
{
|
||||||
if(key->keytype != KEYTYPE_DES || key->keyvalue.length != 8)
|
krb5_error_code ret;
|
||||||
abort();
|
ret = hdb_process_master_key(context, key, &master_key);
|
||||||
des_set_random_generator_seed(key->keyvalue.data);
|
if(ret)
|
||||||
des_set_key(key->keyvalue.data, master_key);
|
krb5_err(context, 1, ret, "Error processing master key file");
|
||||||
|
des_set_random_generator_seed(key.keyvalue.data);
|
||||||
master_key_set = 1;
|
master_key_set = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user