merge new-crypto branch

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5332 ec53bebd-3082-4978-b11e-865c3cabbd6b
1999-02-11 21:03:59 +00:00
parent 0a6c3f7fde
commit aaae186ab9
83 changed files with 4175 additions and 1509 deletions
--- a/kuser/Makefile.am
+++ b/kuser/Makefile.am
@@ -15,7 +15,7 @@ kauth_SOURCES = kinit.c kauth_options.c
 noinst_PROGRAMS = kfoo kverify

 if KRB4
-AFSLIB=$(top_builddir)/lib/kafs/libkafs.a 
+AFSLIB=$(top_builddir)/lib/kafs/libkafs.a $(AIX_EXTRA_KAFS)
 else
 AFSLIB=
 endif
--- a/kuser/kinit.c
+++ b/kuser/kinit.c
@@ -55,6 +55,7 @@ char *renew_life	= NULL;
 char *server		= NULL;
 char *cred_cache	= NULL;
 char *start_str		= NULL;
+struct getarg_strings etype_str;
 int use_keytab		= 0;
 char *keytab_str	= NULL;
 #ifdef KRB4
@@ -73,9 +74,6 @@ struct getargs args[] = {
    { "cache", 		'c', arg_string, &cred_cache,
      "credentials cache", "cachename" },

-    { "cache", 		'c', arg_string, &cred_cache,
-      "credentials cache", "cachename" },
-
    { "forwardable",	'f', arg_flag, &forwardable,
      "get forwardable tickets"},

@@ -109,6 +107,9 @@ struct getargs args[] = {
    { "validate",	'v', arg_flag, &validate_flag,
      "validate TGT" },

+    { "enctypes",	'e', arg_strings, &etype_str,
+      "encryption type to use", "enctype" },
+
    { "version", 	0,   arg_flag, &version_flag },
    { "help",		0,   arg_flag, &help_flag }
 };
@@ -272,6 +273,23 @@ main (int argc, char **argv)
 	start_time = tmp;
    }

+    if(etype_str.num_strings) {
+	krb5_enctype *enctype = NULL;
+	int i;
+	enctype = malloc(etype_str.num_strings * sizeof(*enctype));
+	if(enctype == NULL)
+	    errx(1, "out of memory");
+	for(i = 0; i < etype_str.num_strings; i++) {
+	    ret = krb5_string_to_enctype(context, 
+					 etype_str.strings[i], 
+					 &enctype[i]);
+	    if(ret)
+		errx(1, "unrecognized enctype: %s", etype_str.strings[i]);
+	}
+	krb5_get_init_creds_opt_set_etype_list(&opt, enctype, 
+					       etype_str.num_strings);
+    }
+
    argc -= optind;
    argv += optind;

--- a/kuser/klist.c
+++ b/kuser/klist.c
@@ -104,17 +104,26 @@ print_cred_verbose(krb5_context context, krb5_creds *cred)
 	size_t len;
 	char *s;
 	decode_Ticket(cred->ticket.data, cred->ticket.length, &t, &len);
-	krb5_etype_to_string(context, t.enc_part.etype, &s);
+	krb5_enctype_to_string(context, t.enc_part.etype, &s);
 	printf("Ticket etype: %s", s);
 	free(s);
 	if(t.enc_part.kvno)
 	    printf(", kvno %d", *t.enc_part.kvno);
 	printf("\n");
+	if(cred->session.keytype != t.enc_part.etype) {
+	    ret = krb5_keytype_to_string(context, cred->session.keytype, &str);
+	    if(ret == KRB5_PROG_KEYTYPE_NOSUPP)
+		ret = krb5_enctype_to_string(context, cred->session.keytype, 
+					     &str);
+	    if(ret)
+		krb5_warn(context, ret, "session keytype");
+	    else {
+		printf("Session key: %s\n", str);
+		free(str);
+	    }
+	}
 	free_Ticket(&t);
    }
-    krb5_keytype_to_string(context, cred->session.keytype, &str);
-    printf("Session key: %s\n", str);
-    free(str);
    printf("Auth time:  %s\n", printable_time_long(cred->times.authtime));
    if(cred->times.authtime != cred->times.starttime)
 	printf("Start time: %s\n", printable_time_long(cred->times.starttime));