From 819d3ee297c3b4b67d0445844f7cad5400db852c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Thu, 8 Sep 2005 11:06:09 +0000
Subject: [PATCH] (create_random_entry): create principal with random password
 even though its disabled. From Andrew Bartlet <abartlet@samba.org>

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16040 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 kadmin/init.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/kadmin/init.c b/kadmin/init.c
index 1ea4b931a..bff986f2d 100644
--- a/kadmin/init.c
+++ b/kadmin/init.c
@@ -49,6 +49,11 @@ create_random_entry(krb5_principal princ,
     krb5_keyblock *keys;
     int n_keys, i;
     char *name;
+    const char *password;
+    char pwbuf[512];
+
+    random_password(pwbuf, sizeof(pwbuf));
+    password = pwbuf;
 
     ret = krb5_unparse_name(context, princ, &name);
     if (ret) {
@@ -70,12 +75,15 @@ create_random_entry(krb5_principal princ,
     ent.attributes |= attributes | KRB5_KDB_DISALLOW_ALL_TIX;
     mask |= KADM5_ATTRIBUTES;
 
-    ret = kadm5_create_principal(kadm_handle, &ent, mask, "hemlig");
+    /* Create the entry with a random password */
+    ret = kadm5_create_principal(kadm_handle, &ent, mask, password);
     if(ret) {
 	krb5_warn(context, ret, "create_random_entry(%s): randkey failed", 
 		  name);
 	goto out;
     }
+    
+    /* Replace the string2key based keys with real random bytes */
     ret = kadm5_randkey_principal(kadm_handle, princ, &keys, &n_keys);
     if(ret) {
 	krb5_warn(context, ret, "create_random_entry*%s): randkey failed",