Initial import of eBones.

(Including all changes for FreeBSD - importing the original eBones distribution
would be too complex at this stage, since I don't have access to Piero's 
CVS.)
(If you want to include eBones in your system, don't forget to include
MAKE_EBONES in /etc/make.conf.)
(This stuff is now also suppable from braae.ru.ac.za.)

Bones originally from MIT SIPB.
Original port to FreeBSD 1.x  by Piero Serini.
Moved to FreeBSD 2.0 by Doug Rabson and Geoff Rehmet.
Nice bug fixes from Doug Rabson.

3 files changed, 237 insertions, 0 deletions

diff --git a/eBones/ext_srvtab/Makefile b/eBones/ext_srvtab/Makefile
new file mode 100644
index 0000000..f30bbbb
--- /dev/null
+++ b/eBones/ext_srvtab/Makefile
@@ -0,0 +1,10 @@
+#	From: @(#)Makefile	5.1 (Berkeley) 6/25/90
+#	$Id: Makefile,v 1.2 1994/07/19 19:22:34 g89r4222 Exp $
+
+PROG=	ext_srvtab
+CFLAGS+=-DKERBEROS -I${.CURDIR}/../include
+DPADD=	${LIBKDB} ${LIBKRB} ${LIBDES}
+LDADD+=	-L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb -L${DESOBJDIR} -ldes
+NOMAN=	noman
+
+.include <bsd.prog.mk>
diff --git a/eBones/ext_srvtab/ext_srvtab.8 b/eBones/ext_srvtab/ext_srvtab.8
new file mode 100644
index 0000000..af980a9
--- /dev/null
+++ b/eBones/ext_srvtab/ext_srvtab.8
@@ -0,0 +1,63 @@
+.\" from: ext_srvtab.8,v 4.2 89/07/18 16:53:18 jtkohl Exp $
+.\" $Id: ext_srvtab.8,v 1.2 1994/07/19 19:27:20 g89r4222 Exp $
+.\" Copyright 1989 by the Massachusetts Institute of Technology.
+.\"
+.\" For copying and distribution information,
+.\" please see the file <Copyright.MIT>.
+.\"
+.TH EXT_SRVTAB 8 "Kerberos Version 4.0" "MIT Project Athena"
+.SH NAME
+ext_srvtab \- extract service key files from Kerberos key distribution center database
+.SH SYNOPSIS
+ext_srvtab [
+.B \-n
+] [
+.B \-r realm
+] [
+.B hostname ...
+]
+.SH DESCRIPTION
+.I ext_srvtab
+extracts service key files from the Kerberos key distribution center
+(KDC) database.
+.PP
+Upon execution, it prompts the user to enter the master key string for
+the database.  If the
+.B \-n
+option is specified, the master key is instead fetched from the master
+key cache file.
+.PP
+For each
+.I hostname
+specified on the command line, 
+.I ext_srvtab
+creates the service key file
+.IR hostname -new-srvtab,
+containing all the entries in the database with an instance field of
+.I hostname.
+This new file contains all the keys registered for Kerberos-mediated
+service providing programs which use the 
+.IR krb_get_phost (3)
+principal and instance conventions to run on the host
+.IR hostname .
+If the
+.B \-r
+option is specified, the realm fields in the extracted file will
+match the given realm rather than the local realm.
+.SH DIAGNOSTICS
+.TP 20n
+"verify_master_key: Invalid master key, does not match database."
+The master key string entered was incorrect.
+.SH FILES
+.TP 20n
+.IR hostname -new-srvtab
+Service key file generated for
+.I hostname
+.TP
+/kerberos/principal.pag, /kerberos/principal.dir
+DBM files containing database
+.TP
+/.k
+Master key cache file.
+.SH SEE ALSO
+read_service_key(3), krb_get_phost(3)
diff --git a/eBones/ext_srvtab/ext_srvtab.c b/eBones/ext_srvtab/ext_srvtab.c
new file mode 100644
index 0000000..3a5dcec
--- /dev/null
+++ b/eBones/ext_srvtab/ext_srvtab.c
@@ -0,0 +1,164 @@
+/*
+ * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
+ *
+ *	from: ext_srvtab.c,v 4.1 89/07/18 16:49:30 jtkohl Exp $
+ *	$Id: ext_srvtab.c,v 1.2 1994/07/19 19:22:36 g89r4222 Exp $
+ */
+
+#ifndef	lint
+static char rcsid[] =
+"$Id: ext_srvtab.c,v 1.2 1994/07/19 19:22:36 g89r4222 Exp $";
+#endif	lint
+
+#include <stdio.h>
+#include <sys/file.h>
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+#include <signal.h>
+#include <des.h>
+#include <krb.h>
+#include <krb_db.h>
+
+#define TRUE 1
+#define FALSE 0
+
+static C_Block master_key;
+static C_Block session_key;
+static Key_schedule master_key_schedule;
+char progname[] = "ext_srvtab";
+char realm[REALM_SZ];
+
+main(argc, argv)
+  int argc;
+  char *argv[];
+{
+    FILE *fout;
+    char fname[1024];
+    int fopen_errs = 0;
+    int arg;
+    Principal princs[40];
+    int more; 
+    int prompt = TRUE;
+    register int n, i;
+    
+    bzero(realm, sizeof(realm));
+    
+    /* Parse commandline arguments */
+    if (argc < 2)
+	usage();
+    else {
+	for (i = 1; i < argc; i++) {
+	    if (strcmp(argv[i], "-n") == 0)
+		prompt = FALSE;
+	    else if (strcmp(argv[i], "-r") == 0) {
+		if (++i >= argc)
+		    usage();
+		else {
+		    strcpy(realm, argv[i]);
+		    /* 
+		     * This is to humor the broken way commandline
+		     * argument parsing is done.  Later, this
+		     * program ignores everything that starts with -.
+		     */
+		    argv[i][0] = '-';
+		}
+	    }
+	    else if (argv[i][0] == '-')
+		usage();
+	    else
+		if (!k_isinst(argv[i])) {
+		fprintf(stderr, "%s: bad instance name: %s\n",
+			progname, argv[i]);
+		usage();
+	    }
+	}
+    }
+
+    if (kdb_get_master_key (prompt, master_key, master_key_schedule) != 0) {
+      fprintf (stderr, "Couldn't read master key.\n");
+      fflush (stderr);
+      exit(1);
+    }
+
+    if (kdb_verify_master_key (master_key, master_key_schedule, stderr) < 0) {
+      exit(1);
+    }
+
+    /* For each arg, search for instances of arg, and produce */
+    /* srvtab file */
+    if (!realm[0])
+	if (krb_get_lrealm(realm, 1) != KSUCCESS) {
+	    fprintf(stderr, "%s: couldn't get local realm\n", progname);
+	    exit(1);
+	}
+    (void) umask(077);
+
+    for (arg = 1; arg < argc; arg++) {
+	if (argv[arg][0] == '-')
+	    continue;
+	sprintf(fname, "%s-new-srvtab", argv[arg]);
+	if ((fout = fopen(fname, "w")) == NULL) {
+	    fprintf(stderr, "Couldn't create file '%s'.\n", fname);
+	    fopen_errs++;
+	    continue;
+	}
+	printf("Generating '%s'....\n", fname);
+	n = kerb_get_principal("*", argv[arg], &princs[0], 40, &more);
+	if (more)
+	    fprintf(stderr, "More than 40 found...\n");
+	for (i = 0; i < n; i++) {
+	    FWrite(princs[i].name, strlen(princs[i].name) + 1, 1, fout);
+	    FWrite(princs[i].instance, strlen(princs[i].instance) + 1,
+		   1, fout);
+	    FWrite(realm, strlen(realm) + 1, 1, fout);
+	    FWrite(&princs[i].key_version,
+		sizeof(princs[i].key_version), 1, fout);
+	    bcopy(&princs[i].key_low, session_key, sizeof(long));
+	    bcopy(&princs[i].key_high, session_key + sizeof(long),
+		  sizeof(long));
+	    kdb_encrypt_key (session_key, session_key, 
+			     master_key, master_key_schedule, DES_DECRYPT);
+	    FWrite(session_key, sizeof session_key, 1, fout);
+	}
+	fclose(fout);
+    }
+
+    StampOutSecrets();
+
+    exit(fopen_errs);		/* 0 errors if successful */
+
+}
+
+Die()
+{
+    StampOutSecrets();
+    exit(1);
+}
+
+FWrite(p, size, n, f)
+  char   *p;
+  int     size;
+  int     n;
+  FILE   *f;
+{
+    if (fwrite(p, size, n, f) != n) {
+	printf("Error writing output file.  Terminating.\n");
+	Die();
+    }
+}
+
+StampOutSecrets()
+{
+    bzero(master_key, sizeof master_key);
+    bzero(session_key, sizeof session_key);
+    bzero(master_key_schedule, sizeof master_key_schedule);
+}
+
+usage()
+{
+    fprintf(stderr, 
+	    "Usage: %s [-n] [-r realm] instance [instance ...]\n", progname);
+    exit(1);
+}