From djm@web.us.uu.net Tue Jan 9 18:02:57 2001
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.72.0.53])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id SAA18528
for <bugs@RT-11.MIT.EDU>; Tue, 9 Jan 2001 18:02:56 -0500 (EST)
Received: from jenkins.web.us.uu.net (jenkins.web.us.uu.net [208.240.88.32])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id SAA02426
for <krb5-bugs@mit.edu>; Tue, 9 Jan 2001 18:02:56 -0500 (EST)
Received: from dagger.web.us.uu.net (dagger.web.us.uu.net [208.211.134.28])
by jenkins.web.us.uu.net (Postfix) with ESMTP id 8ACB612685
for <krb5-bugs@mit.edu>; Tue, 9 Jan 2001 18:02:55 -0500 (EST)
Received: by dagger.web.us.uu.net (Postfix, from userid 515)
id C5DF046C3; Tue, 9 Jan 2001 18:02:54 -0500 (EST)
Message-Id: <20010109230254.C5DF046C3@dagger.web.us.uu.net>
Date: Tue, 9 Jan 2001 18:02:54 -0500 (EST)
From: djm@web.us.uu.net
Reply-To: djm@web.us.uu.net
To: krb5-bugs@mit.edu
Subject: keytab add without randomizing key
X-Send-Pr-Version: 3.99
System: Linux dagger.web.us.uu.net 2.2.14-15mdk #2 Sat Mar 11 19:32:26 EST 2000 i686 unknown
Architecture: i686
a cron job. Under krb4, this was possible because ext_srvtab doesn't change
the keys, but the krb5 kadmin ktadd command randomizes the keys.
The rationale given in the Kerberos FAQ for not having this ability is
that a compromised admin account could read out all of the keys in the KDC.
But if you restrict this function to kadmin.local, you have to be root on
the KDC anyway to use it, so there's no significant added risk.
to login interactively with kinit or login.
Here is a patch for 1.2.1 that adds the missing capability securely:
Index: src/kadmin/cli/Makefile.in
===================================================================
RCS file: /export/src/CVS/usr.local/krb5-1.2/src/kadmin/cli/Makefile.in,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 Makefile.in
--- src/kadmin/cli/Makefile.in 2000/06/30 21:57:16 1.1.1.1
+++ src/kadmin/cli/Makefile.in 2000/12/22 18:04:08
@@ -6,18 +6,23 @@
PROG_RPATH=$(KRB5_LIBDIR)
PROG = kadmin
-OBJS = kadmin.o kadmin_ct.o ss_wrapper.o getdate.o keytab.o
+COMMON_OBJS = kadmin.o kadmin_ct.o ss_wrapper.o getdate.o
+KADMIN_OBJS = ${COMMON_OBJS} keytab.o
+KADMIN_LOCAL_OBJS = ${COMMON_OBJS} keytab_local.o
all:: $(PROG).local $(PROG)
-$(PROG).local: $(OBJS) $(SS_DEPLIB) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o $(PROG).local $(OBJS) $(SS_LIB) $(KADMSRV_LIBS) $(KRB5_BASE_LIBS)
+$(PROG).local: $(KADMIN_LOCAL_OBJS) $(SS_DEPLIB) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
+ $(CC_LINK) -o $(PROG).local $(KADMIN_LOCAL_OBJS) $(SS_LIB) $(KADMSRV_LIBS) $(KRB5_BASE_LIBS)
-$(PROG): $(OBJS) $(SS_DEPLIB) $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o $(PROG) $(OBJS) $(SS_LIB) $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS)
+$(PROG): $(KADMIN_OBJS) $(SS_DEPLIB) $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS)
+ $(CC_LINK) -o $(PROG) $(KADMIN_OBJS) $(SS_LIB) $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS)
kadmin_ct.o: kadmin_ct.c
+keytab_local.o: keytab.c
+ $(CC) -c -o keytab_local.o $(ALL_CFLAGS) -DKADMIN_LOCAL ${srcdir}/keytab.c
+
install::
$(INSTALL_PROGRAM) $(PROG).local ${DESTDIR}$(ADMIN_BINDIR)/$(PROG).local
$(INSTALL_PROGRAM) $(PROG) ${DESTDIR}$(ADMIN_BINDIR)/$(PROG)
@@ -25,7 +30,7 @@
$(INSTALL_DATA) $(srcdir)/$(PROG).local.M ${DESTDIR}$(ADMIN_MANDIR)/$(PROG).local.8
clean::
- $(RM) $(PROG).local $(PROG) $(OBJS)
+ $(RM) $(PROG).local $(PROG) $(KADMIN_OBJS) $(KADMIN_LOCAL_OBJS)
clean-unix::
$(RM) getdate.c kadmin_ct.c
Index: src/kadmin/cli/kadmin.M
===================================================================
RCS file: /export/src/CVS/usr.local/krb5-1.2/src/kadmin/cli/kadmin.M,v
retrieving revision 1.2
diff -u -r1.2 kadmin.M
--- src/kadmin/cli/kadmin.M 2000/07/31 14:11:17 1.2
+++ src/kadmin/cli/kadmin.M 2000/12/22 18:04:08
@@ -684,11 +684,29 @@
.TP
\fBktadd\fP [\fB\-k\fP \fIkeytab\fP] [\fB\-q\fP] [\fB\-e\fP \fIkeysaltlist\fP]
.br
-[\fIprincipal\fP | \fB\-glob\fP \fIprinc-exp\fP] [\fI...\fP]
+[\fB\-norandkey\fP] [[\fIprincipal\fP | \fB\-glob\fP \fIprinc-exp\fP] [\fI...\fP]
.br
Adds a principal or all principals matching
.I princ-exp
-to a keytab, randomizing each principal's key in the process. Requires the
+to a keytab.
+It randomizes each principal's key in the process, to prevent a
+compromised admin account from reading out all of the keys from the
+database. However,
+.B kadmin.local
+has the
+.B \-norandkey
+option, which leaves the keys and their version numbers unchanged,
+similar to the Kerberos V4
+.B ext_srvtab
+command.
+That allows users to continue to use the passwords they know
+to login normally, while simultaneously allowing scripts
+to login to the same account using a keytab.
+There is no significant security risk added since
+.B kadmin.local
+must be run by root on the KDC anyway.
+.sp
+Requires the
.I inquire
and
.I changepw
Index: src/kadmin/cli/keytab.c
===================================================================
RCS file: /export/src/CVS/usr.local/krb5-1.2/src/kadmin/cli/keytab.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 keytab.c
--- src/kadmin/cli/keytab.c 2000/06/30 21:57:17 1.1.1.1
+++ src/kadmin/cli/keytab.c 2000/12/22 18:04:09
@@ -56,10 +56,17 @@
extern krb5_context context;
extern void *handle;
static int quiet;
+#ifdef KADMIN_LOCAL
+static int norandkey;
+#endif
void add_usage()
{
+#ifdef KADMIN_LOCAL
+ fprintf(stderr, "Usage: ktadd [-k[eytab] keytab] [-q] [-e keysaltlist] [-norandkey] [principal | -glob princ-exp] [...]\n");
+#else
fprintf(stderr, "Usage: ktadd [-k[eytab] keytab] [-q] [-e keysaltlist] [principal | -glob princ-exp] [...]\n");
+#endif
}
void rem_usage()
@@ -127,6 +134,9 @@
argc--; argv++;
quiet = 0;
+#ifdef KADMIN_LOCAL
+ norandkey = 0;
+#endif
while (argc) {
if (strncmp(*argv, "-k", 2) == 0) {
argc--; argv++;
@@ -137,6 +147,10 @@
keytab_str = *argv;
} else if (strcmp(*argv, "-q") == 0) {
quiet++;
+#ifdef KADMIN_LOCAL
+ } else if (strcmp(*argv, "-norandkey") == 0) {
+ norandkey++;
+#endif
} else if (strcmp(*argv, "-e") == 0) {
argc--;
if (argc < 1) {
@@ -160,6 +174,12 @@
add_usage();
return;
}
+#ifdef KADMIN_LOCAL
+ if (norandkey && ks_tuple) {
+ fprintf(stderr, "cannot specify keysaltlist when not changing key\n");
+ return;
+ }
+#endif
if (process_keytab(context, &keytab_str, &keytab))
return;
@@ -245,7 +265,7 @@
krb5_principal princ;
krb5_keytab_entry new_entry;
krb5_keyblock *keys;
- int code, code2, mask, nkeys, i;
+ int code, nkeys, i;
(void) memset((char *)&princ_rec, 0, sizeof(princ_rec));
@@ -260,6 +280,11 @@
goto cleanup;
}
+#ifdef KADMIN_LOCAL
+ if (norandkey)
+ code = kadm5_get_principal_keys(handle, princ, &keys, &nkeys);
+ else
+#endif
if (keepold || ks_tuple != NULL) {
code = kadm5_randkey_principal_3(handle, princ,
keepold, n_ks_tuple, ks_tuple,
Index: src/lib/kadm5/admin.h
===================================================================
RCS file: /export/src/CVS/usr.local/krb5-1.2/src/lib/kadm5/admin.h,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 admin.h
--- src/lib/kadm5/admin.h 2000/06/30 21:57:19 1.1.1.1
+++ src/lib/kadm5/admin.h 2000/12/22 18:04:10
@@ -381,6 +381,13 @@
kadm5_ret_t kadm5_create_policy_internal(void *server_handle,
kadm5_policy_ent_t
entry, long mask);
+/*
+ * Similar for kadm5_get_principal_keys.
+ */
+kadm5_ret_t kadm5_get_principal_keys(void *server_handle,
+ krb5_principal principal,
+ krb5_keyblock **keyblocks,
+ int *n_keys);
kadm5_ret_t kadm5_delete_policy(void *server_handle,
kadm5_policy_t policy);
kadm5_ret_t kadm5_modify_policy(void *server_handle,
Index: src/lib/kadm5/srv/svr_principal.c
===================================================================
RCS file: /export/src/CVS/usr.local/krb5-1.2/src/lib/kadm5/srv/svr_principal.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 svr_principal.c
--- src/lib/kadm5/srv/svr_principal.c 2000/06/30 21:57:20 1.1.1.1
+++ src/lib/kadm5/srv/svr_principal.c 2000/12/22 18:04:10
@@ -1609,6 +1609,60 @@
}
/*
+ * Return the list of keys like kadm5_randkey_principal,
+ * but don't modify the principal.
+ */
+kadm5_ret_t
+kadm5_get_principal_keys(void *server_handle /* IN */,
+ krb5_principal principal /* IN */,
+ krb5_keyblock **keyblocks /* OUT */,
+ int *n_keys /* OUT */)
+{
+ krb5_db_entry kdb;
+ osa_princ_ent_rec adb;
+ krb5_key_data *key_data;
+ kadm5_ret_t ret;
+ kadm5_server_handle_t handle = server_handle;
+
+ if (keyblocks)
+ *keyblocks = NULL;
+
+ CHECK_HANDLE(server_handle);
+
+ if (principal == NULL)
+ return EINVAL;
+
+ if ((ret = kdb_get_entry(handle, principal, &kdb, &adb)))
+ return(ret);
+
+ if (keyblocks) {
+ if (handle->api_version == KADM5_API_VERSION_1) {
+ /* Version 1 clients will expect to see a DES_CRC enctype. */
+ if ((ret = krb5_dbe_find_enctype(handle->context, &kdb,
+ ENCTYPE_DES_CBC_CRC,
+ -1, -1, &key_data)))
+ goto done;
+
+ if ((ret = decrypt_key_data(handle->context, 1, key_data,
+ keyblocks, NULL)))
+ goto done;
+ } else {
+ ret = decrypt_key_data(handle->context,
+ kdb.n_key_data, kdb.key_data,
+ keyblocks, n_keys);
+ if (ret)
+ goto done;
+ }
+ }
+
+ ret = KADM5_OK;
+done:
+ kdb_free_entry(handle, &kdb, &adb);
+
+ return ret;
+}
+
+/*
* Allocate an array of n_key_data krb5_keyblocks, fill in each
* element with the results of decrypting the nth key in key_data with
* master_keyblock, and if n_keys is not NULL fill it in with the
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.72.0.53])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id SAA18528
for <bugs@RT-11.MIT.EDU>; Tue, 9 Jan 2001 18:02:56 -0500 (EST)
Received: from jenkins.web.us.uu.net (jenkins.web.us.uu.net [208.240.88.32])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id SAA02426
for <krb5-bugs@mit.edu>; Tue, 9 Jan 2001 18:02:56 -0500 (EST)
Received: from dagger.web.us.uu.net (dagger.web.us.uu.net [208.211.134.28])
by jenkins.web.us.uu.net (Postfix) with ESMTP id 8ACB612685
for <krb5-bugs@mit.edu>; Tue, 9 Jan 2001 18:02:55 -0500 (EST)
Received: by dagger.web.us.uu.net (Postfix, from userid 515)
id C5DF046C3; Tue, 9 Jan 2001 18:02:54 -0500 (EST)
Message-Id: <20010109230254.C5DF046C3@dagger.web.us.uu.net>
Date: Tue, 9 Jan 2001 18:02:54 -0500 (EST)
From: djm@web.us.uu.net
Reply-To: djm@web.us.uu.net
To: krb5-bugs@mit.edu
Subject: keytab add without randomizing key
X-Send-Pr-Version: 3.99
Show quoted text
>Number: 914
>Category: krb5-admin
>Synopsis: keytab add without randomizing key
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Tue Jan 9 18:03:00 EST 2001
>Last-Modified:
>Originator: David MacKenzie
>Organization:
UUNET Technologies>Category: krb5-admin
>Synopsis: keytab add without randomizing key
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Tue Jan 9 18:03:00 EST 2001
>Last-Modified:
>Originator: David MacKenzie
>Organization:
Show quoted text
>Release: krb5-1.2.1
>Environment:
>Environment:
System: Linux dagger.web.us.uu.net 2.2.14-15mdk #2 Sat Mar 11 19:32:26 EST 2000 i686 unknown
Architecture: i686
Show quoted text
>Description:
We have a user who needs to both login normally and rcp data with a keytab froma cron job. Under krb4, this was possible because ext_srvtab doesn't change
the keys, but the krb5 kadmin ktadd command randomizes the keys.
The rationale given in the Kerberos FAQ for not having this ability is
that a compromised admin account could read out all of the keys in the KDC.
But if you restrict this function to kadmin.local, you have to be root on
the KDC anyway to use it, so there's no significant added risk.
Show quoted text
>How-To-Repeat:
Use kadmin ktadd to create a keytab. That principal can no longer be usedto login interactively with kinit or login.
Show quoted text
>Fix:
Here is a patch for 1.2.1 that adds the missing capability securely:
Index: src/kadmin/cli/Makefile.in
===================================================================
RCS file: /export/src/CVS/usr.local/krb5-1.2/src/kadmin/cli/Makefile.in,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 Makefile.in
--- src/kadmin/cli/Makefile.in 2000/06/30 21:57:16 1.1.1.1
+++ src/kadmin/cli/Makefile.in 2000/12/22 18:04:08
@@ -6,18 +6,23 @@
PROG_RPATH=$(KRB5_LIBDIR)
PROG = kadmin
-OBJS = kadmin.o kadmin_ct.o ss_wrapper.o getdate.o keytab.o
+COMMON_OBJS = kadmin.o kadmin_ct.o ss_wrapper.o getdate.o
+KADMIN_OBJS = ${COMMON_OBJS} keytab.o
+KADMIN_LOCAL_OBJS = ${COMMON_OBJS} keytab_local.o
all:: $(PROG).local $(PROG)
-$(PROG).local: $(OBJS) $(SS_DEPLIB) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o $(PROG).local $(OBJS) $(SS_LIB) $(KADMSRV_LIBS) $(KRB5_BASE_LIBS)
+$(PROG).local: $(KADMIN_LOCAL_OBJS) $(SS_DEPLIB) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS)
+ $(CC_LINK) -o $(PROG).local $(KADMIN_LOCAL_OBJS) $(SS_LIB) $(KADMSRV_LIBS) $(KRB5_BASE_LIBS)
-$(PROG): $(OBJS) $(SS_DEPLIB) $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o $(PROG) $(OBJS) $(SS_LIB) $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS)
+$(PROG): $(KADMIN_OBJS) $(SS_DEPLIB) $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS)
+ $(CC_LINK) -o $(PROG) $(KADMIN_OBJS) $(SS_LIB) $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS)
kadmin_ct.o: kadmin_ct.c
+keytab_local.o: keytab.c
+ $(CC) -c -o keytab_local.o $(ALL_CFLAGS) -DKADMIN_LOCAL ${srcdir}/keytab.c
+
install::
$(INSTALL_PROGRAM) $(PROG).local ${DESTDIR}$(ADMIN_BINDIR)/$(PROG).local
$(INSTALL_PROGRAM) $(PROG) ${DESTDIR}$(ADMIN_BINDIR)/$(PROG)
@@ -25,7 +30,7 @@
$(INSTALL_DATA) $(srcdir)/$(PROG).local.M ${DESTDIR}$(ADMIN_MANDIR)/$(PROG).local.8
clean::
- $(RM) $(PROG).local $(PROG) $(OBJS)
+ $(RM) $(PROG).local $(PROG) $(KADMIN_OBJS) $(KADMIN_LOCAL_OBJS)
clean-unix::
$(RM) getdate.c kadmin_ct.c
Index: src/kadmin/cli/kadmin.M
===================================================================
RCS file: /export/src/CVS/usr.local/krb5-1.2/src/kadmin/cli/kadmin.M,v
retrieving revision 1.2
diff -u -r1.2 kadmin.M
--- src/kadmin/cli/kadmin.M 2000/07/31 14:11:17 1.2
+++ src/kadmin/cli/kadmin.M 2000/12/22 18:04:08
@@ -684,11 +684,29 @@
.TP
\fBktadd\fP [\fB\-k\fP \fIkeytab\fP] [\fB\-q\fP] [\fB\-e\fP \fIkeysaltlist\fP]
.br
-[\fIprincipal\fP | \fB\-glob\fP \fIprinc-exp\fP] [\fI...\fP]
+[\fB\-norandkey\fP] [[\fIprincipal\fP | \fB\-glob\fP \fIprinc-exp\fP] [\fI...\fP]
.br
Adds a principal or all principals matching
.I princ-exp
-to a keytab, randomizing each principal's key in the process. Requires the
+to a keytab.
+It randomizes each principal's key in the process, to prevent a
+compromised admin account from reading out all of the keys from the
+database. However,
+.B kadmin.local
+has the
+.B \-norandkey
+option, which leaves the keys and their version numbers unchanged,
+similar to the Kerberos V4
+.B ext_srvtab
+command.
+That allows users to continue to use the passwords they know
+to login normally, while simultaneously allowing scripts
+to login to the same account using a keytab.
+There is no significant security risk added since
+.B kadmin.local
+must be run by root on the KDC anyway.
+.sp
+Requires the
.I inquire
and
.I changepw
Index: src/kadmin/cli/keytab.c
===================================================================
RCS file: /export/src/CVS/usr.local/krb5-1.2/src/kadmin/cli/keytab.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 keytab.c
--- src/kadmin/cli/keytab.c 2000/06/30 21:57:17 1.1.1.1
+++ src/kadmin/cli/keytab.c 2000/12/22 18:04:09
@@ -56,10 +56,17 @@
extern krb5_context context;
extern void *handle;
static int quiet;
+#ifdef KADMIN_LOCAL
+static int norandkey;
+#endif
void add_usage()
{
+#ifdef KADMIN_LOCAL
+ fprintf(stderr, "Usage: ktadd [-k[eytab] keytab] [-q] [-e keysaltlist] [-norandkey] [principal | -glob princ-exp] [...]\n");
+#else
fprintf(stderr, "Usage: ktadd [-k[eytab] keytab] [-q] [-e keysaltlist] [principal | -glob princ-exp] [...]\n");
+#endif
}
void rem_usage()
@@ -127,6 +134,9 @@
argc--; argv++;
quiet = 0;
+#ifdef KADMIN_LOCAL
+ norandkey = 0;
+#endif
while (argc) {
if (strncmp(*argv, "-k", 2) == 0) {
argc--; argv++;
@@ -137,6 +147,10 @@
keytab_str = *argv;
} else if (strcmp(*argv, "-q") == 0) {
quiet++;
+#ifdef KADMIN_LOCAL
+ } else if (strcmp(*argv, "-norandkey") == 0) {
+ norandkey++;
+#endif
} else if (strcmp(*argv, "-e") == 0) {
argc--;
if (argc < 1) {
@@ -160,6 +174,12 @@
add_usage();
return;
}
+#ifdef KADMIN_LOCAL
+ if (norandkey && ks_tuple) {
+ fprintf(stderr, "cannot specify keysaltlist when not changing key\n");
+ return;
+ }
+#endif
if (process_keytab(context, &keytab_str, &keytab))
return;
@@ -245,7 +265,7 @@
krb5_principal princ;
krb5_keytab_entry new_entry;
krb5_keyblock *keys;
- int code, code2, mask, nkeys, i;
+ int code, nkeys, i;
(void) memset((char *)&princ_rec, 0, sizeof(princ_rec));
@@ -260,6 +280,11 @@
goto cleanup;
}
+#ifdef KADMIN_LOCAL
+ if (norandkey)
+ code = kadm5_get_principal_keys(handle, princ, &keys, &nkeys);
+ else
+#endif
if (keepold || ks_tuple != NULL) {
code = kadm5_randkey_principal_3(handle, princ,
keepold, n_ks_tuple, ks_tuple,
Index: src/lib/kadm5/admin.h
===================================================================
RCS file: /export/src/CVS/usr.local/krb5-1.2/src/lib/kadm5/admin.h,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 admin.h
--- src/lib/kadm5/admin.h 2000/06/30 21:57:19 1.1.1.1
+++ src/lib/kadm5/admin.h 2000/12/22 18:04:10
@@ -381,6 +381,13 @@
kadm5_ret_t kadm5_create_policy_internal(void *server_handle,
kadm5_policy_ent_t
entry, long mask);
+/*
+ * Similar for kadm5_get_principal_keys.
+ */
+kadm5_ret_t kadm5_get_principal_keys(void *server_handle,
+ krb5_principal principal,
+ krb5_keyblock **keyblocks,
+ int *n_keys);
kadm5_ret_t kadm5_delete_policy(void *server_handle,
kadm5_policy_t policy);
kadm5_ret_t kadm5_modify_policy(void *server_handle,
Index: src/lib/kadm5/srv/svr_principal.c
===================================================================
RCS file: /export/src/CVS/usr.local/krb5-1.2/src/lib/kadm5/srv/svr_principal.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 svr_principal.c
--- src/lib/kadm5/srv/svr_principal.c 2000/06/30 21:57:20 1.1.1.1
+++ src/lib/kadm5/srv/svr_principal.c 2000/12/22 18:04:10
@@ -1609,6 +1609,60 @@
}
/*
+ * Return the list of keys like kadm5_randkey_principal,
+ * but don't modify the principal.
+ */
+kadm5_ret_t
+kadm5_get_principal_keys(void *server_handle /* IN */,
+ krb5_principal principal /* IN */,
+ krb5_keyblock **keyblocks /* OUT */,
+ int *n_keys /* OUT */)
+{
+ krb5_db_entry kdb;
+ osa_princ_ent_rec adb;
+ krb5_key_data *key_data;
+ kadm5_ret_t ret;
+ kadm5_server_handle_t handle = server_handle;
+
+ if (keyblocks)
+ *keyblocks = NULL;
+
+ CHECK_HANDLE(server_handle);
+
+ if (principal == NULL)
+ return EINVAL;
+
+ if ((ret = kdb_get_entry(handle, principal, &kdb, &adb)))
+ return(ret);
+
+ if (keyblocks) {
+ if (handle->api_version == KADM5_API_VERSION_1) {
+ /* Version 1 clients will expect to see a DES_CRC enctype. */
+ if ((ret = krb5_dbe_find_enctype(handle->context, &kdb,
+ ENCTYPE_DES_CBC_CRC,
+ -1, -1, &key_data)))
+ goto done;
+
+ if ((ret = decrypt_key_data(handle->context, 1, key_data,
+ keyblocks, NULL)))
+ goto done;
+ } else {
+ ret = decrypt_key_data(handle->context,
+ kdb.n_key_data, kdb.key_data,
+ keyblocks, n_keys);
+ if (ret)
+ goto done;
+ }
+ }
+
+ ret = KADM5_OK;
+done:
+ kdb_free_entry(handle, &kdb, &adb);
+
+ return ret;
+}
+
+/*
* Allocate an array of n_key_data krb5_keyblocks, fill in each
* element with the results of decrypting the nth key in key_data with
* master_keyblock, and if n_keys is not NULL fill it in with the
Show quoted text
>Audit-Trail:
>Unformatted:
>Unformatted: