oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

add easier afs configuration, defaulting to the local realm in lower

Browse Source 
case; also try to remove duplicate salts


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10486 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2001-08-13 13:19:39 +00:00
parent 0b0ddfe3ba
commit 85c00b0cfa
1 changed files with 33 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
lib/kadm5/set_keys.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan * Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -72,10 +72,11 @@ make_keys(krb5_context context, krb5_principal principal, const char *password,
/* for each entry in `default_keys' try to parse it as a sequence /* for each entry in `default_keys' try to parse it as a sequence
of etype:salttype:salt, syntax of this if something like: of etype:salttype:salt, syntax of this if something like:
[(des|des3|etype):](pw|afs3)[:string], if etype is omitted it [(des|des3|etype):](pw|afs3)[:string], if etype is omitted it
means everything, and if string is omitted is means the default means all etypes, and if string is omitted is means the default
string (for that principal). Additional special values: string (for that principal). Additional special values:
v5 == pw-salt, and v5 == pw-salt, and
v4 == pw-salt: v4 == des:pw-salt:
afs or afs3 == des:afs3-salt
*/ */
if (ktypes == NULL if (ktypes == NULL
@@ -98,6 +99,8 @@ make_keys(krb5_context context, krb5_principal principal, const char *password,
p = "pw-salt"; p = "pw-salt";
else if(strcmp(p, "v4") == 0) else if(strcmp(p, "v4") == 0)
p = "des:pw-salt:"; p = "des:pw-salt:";
else if(strcmp(p, "afs") == 0 || strcmp(p, "afs3") == 0)
p = "des:afs3-salt";
/* split p in a list of :-separated strings */ /* split p in a list of :-separated strings */
for(num_buf = 0; num_buf < 3; num_buf++) for(num_buf = 0; num_buf < 3; num_buf++)
@@ -165,11 +168,35 @@ make_keys(krb5_context context, krb5_principal principal, const char *password,
continue; continue;
} }
if(!salt_set && salt.salttype == KRB5_PW_SALT) if(!salt_set) {
/* make up default salt */ /* make up default salt */
ret = krb5_get_pw_salt(context, principal, &salt); if(salt.salttype == KRB5_PW_SALT)
ret = krb5_get_pw_salt(context, principal, &salt);
else if(salt.salttype == KRB5_AFS3_SALT) {
krb5_realm *realm = krb5_princ_realm(context, principal);
salt.saltvalue.data = strdup(*realm);
if(salt.saltvalue.data == NULL) {
krb5_set_error_string(context, "out of memory while "
"parsinig salt specifiers");
ret = ENOMEM;
goto out;
}
strlwr(salt.saltvalue.data);
salt.saltvalue.length = strlen(*realm);
}
}
memset(&key, 0, sizeof(key)); memset(&key, 0, sizeof(key));
for(i = 0; i < num_etypes; i++) { for(i = 0; i < num_etypes; i++) {
Key *k;
for(k = keys; k < keys + num_keyts; k++) {
if(k->key.keytype == etypes[i] &&
k->salt.salttype == salt.salttype &&
k->salt.saltvalue.length == salt.saltvalue.length &&
memcmp(k->salt.saltvalue.data, salt.saltvalue.data,
salt.saltvalue.length) == 0)
goto next_etype;
}
ret = krb5_string_to_key_salt (context, ret = krb5_string_to_key_salt (context,
etypes[i], etypes[i],
password, password,
@@ -210,6 +237,7 @@ make_keys(krb5_context context, krb5_principal principal, const char *password,
} }
keys = tmp; keys = tmp;
keys[num_keys++] = key; keys[num_keys++] = key;
next_etype:;
} }
} }