From: Will Fiveash Date: Wed, 21 Jan 2009 22:30:56 +0000 (+0000) Subject: Modified krb5_db_fetch_mkey() to use the enctype in the stash file. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7efb5cb4e2e2f5efdaf84d5ba06b41fc8f9f9646;p=thirdparty%2Fkrb5.git Modified krb5_db_fetch_mkey() to use the enctype in the stash file. After making this modification 917 dejagnu tests pass (did not see any failures on my Solaris test system). git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21771 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/kadmin/dbutil/kdb5_mkey.c b/src/kadmin/dbutil/kdb5_mkey.c index 48582d7247..ed92c51083 100644 --- a/src/kadmin/dbutil/kdb5_mkey.c +++ b/src/kadmin/dbutil/kdb5_mkey.c @@ -49,7 +49,7 @@ kdb5_add_mkey(int argc, char *argv[]) krb5_kvno old_kvno, new_mkey_kvno; krb5_keyblock new_master_keyblock; krb5_key_data tmp_key_data, *old_key_data; - krb5_enctype new_master_enctype; + krb5_enctype new_master_enctype = ENCTYPE_UNKNOWN; char *new_mkey_password; krb5_db_entry master_entry; krb5_timestamp now; @@ -65,7 +65,7 @@ kdb5_add_mkey(int argc, char *argv[]) while ((optchar = getopt(argc, argv, "e:s")) != -1) { switch(optchar) { case 'e': - if (krb5_string_to_enctype(optarg, &global_params.enctype)) { + if (krb5_string_to_enctype(optarg, &new_master_enctype)) { com_err(progname, EINVAL, ": %s is an invalid enctype", optarg); exit_status++; return; @@ -81,7 +81,8 @@ kdb5_add_mkey(int argc, char *argv[]) } } - new_master_enctype = global_params.enctype; + if (new_master_enctype == ENCTYPE_UNKNOWN) + new_master_enctype = global_params.enctype; /* assemble & parse the master key name */ if ((retval = krb5_db_setup_mkey_name(util_context, @@ -331,7 +332,8 @@ kdb5_add_mkey(int argc, char *argv[]) } } - printf("i = %d old_key_data_count = %d\n", i, old_key_data_count); + /* XXX WAF: debug printf, remove before final commit */ + /* printf("i = %d old_key_data_count = %d\n", i, old_key_data_count); */ assert(i == old_key_data_count + 1); if ((retval = krb5_dbe_update_mkey_aux(util_context, &master_entry, @@ -662,7 +664,7 @@ kdb5_list_mkeys(int argc, char *argv[]) asprintf(&output_str, "KNVO: %d, Enctype: %s, Active on: %s\n", cur_kb_node->kvno, enctype, strdate(act_time)); } else { - asprintf(&output_str, "KNVO: %d, Enctype: %s, Not activated\n", + asprintf(&output_str, "KNVO: %d, Enctype: %s, No activate time set\n", cur_kb_node->kvno, enctype); } } diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c index ad04894a9e..74353b0ab1 100644 --- a/src/kadmin/dbutil/kdb5_util.c +++ b/src/kadmin/dbutil/kdb5_util.c @@ -474,8 +474,6 @@ static int open_db_and_mkey() mkey_password = 0; } else { - /* let the stash decide the enctype */ - master_keyblock.enctype = ENCTYPE_UNKNOWN; if ((retval = krb5_db_fetch_mkey(util_context, master_princ, master_keyblock.enctype, manual_mkey, FALSE, @@ -508,7 +506,7 @@ static int open_db_and_mkey() } seed.length = master_keyblock.length; - seed.data = master_keyblock.contents; + seed.data = (char *) master_keyblock.contents; if ((retval = krb5_c_random_seed(util_context, &seed))) { com_err(progname, retval, "while seeding random number generator"); diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c index 07c76abb32..fdc9784060 100644 --- a/src/lib/kdb/kdb5.c +++ b/src/lib/kdb/kdb5.c @@ -1702,7 +1702,9 @@ krb5_db_fetch_mkey(krb5_context context, goto clean_n_exit; } - tmp_key.enctype = key->enctype; + /* get the enctype from the stash */ + tmp_key.enctype = ENCTYPE_UNKNOWN; + retval = dal_handle->lib_handle->vftabl.fetch_master_key(context, mname, &tmp_key,