diff options
Diffstat (limited to 'crypto/heimdal/admin/add.c')
-rw-r--r-- | crypto/heimdal/admin/add.c | 148 |
1 files changed, 75 insertions, 73 deletions
diff --git a/crypto/heimdal/admin/add.c b/crypto/heimdal/admin/add.c index a600380..1c20320 100644 --- a/crypto/heimdal/admin/add.c +++ b/crypto/heimdal/admin/add.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,117 +33,119 @@ #include "ktutil_locl.h" -RCSID("$Id: add.c,v 1.5 2002/09/10 19:26:52 joda Exp $"); +RCSID("$Id: add.c 14793 2005-04-14 16:45:14Z lha $"); + +static char * +readstring(const char *prompt, char *buf, size_t len) +{ + printf("%s", prompt); + if (fgets(buf, len, stdin) == NULL) + return NULL; + buf[strcspn(buf, "\r\n")] = '\0'; + return buf; +} int -kt_add(int argc, char **argv) +kt_add(struct add_options *opt, int argc, char **argv) { krb5_error_code ret; krb5_keytab keytab; krb5_keytab_entry entry; - char buf[128]; - char *principal_string = NULL; - int kvno = -1; - char *enctype_string = NULL; + char buf[1024]; krb5_enctype enctype; - char *password_string = NULL; - int salt_flag = 1; - int random_flag = 0; - int help_flag = 0; - struct getargs args[] = { - { "principal", 'p', arg_string, NULL, "principal of key", "principal"}, - { "kvno", 'V', arg_integer, NULL, "key version of key" }, - { "enctype", 'e', arg_string, NULL, "encryption type of key" }, - { "password", 'w', arg_string, NULL, "password for key"}, - { "salt", 's', arg_negative_flag, NULL, "no salt" }, - { "random", 'r', arg_flag, NULL, "generate random key" }, - { "help", 'h', arg_flag, NULL } - }; - int num_args = sizeof(args) / sizeof(args[0]); - int optind = 0; - int i = 0; - args[i++].value = &principal_string; - args[i++].value = &kvno; - args[i++].value = &enctype_string; - args[i++].value = &password_string; - args[i++].value = &salt_flag; - args[i++].value = &random_flag; - args[i++].value = &help_flag; - if(getarg(args, num_args, argc, argv, &optind)) { - arg_printusage(args, num_args, "ktutil add", ""); - return 1; - } - if(help_flag) { - arg_printusage(args, num_args, "ktutil add", ""); - return 1; - } if((keytab = ktutil_open_keytab()) == NULL) return 1; memset(&entry, 0, sizeof(entry)); - if(principal_string == NULL) { - printf("Principal: "); - if (fgets(buf, sizeof(buf), stdin) == NULL) + if(opt->principal_string == NULL) { + if(readstring("Principal: ", buf, sizeof(buf)) == NULL) return 1; - buf[strcspn(buf, "\r\n")] = '\0'; - principal_string = buf; + opt->principal_string = buf; } - ret = krb5_parse_name(context, principal_string, &entry.principal); + ret = krb5_parse_name(context, opt->principal_string, &entry.principal); if(ret) { - krb5_warn(context, ret, "%s", principal_string); + krb5_warn(context, ret, "%s", opt->principal_string); goto out; } - if(enctype_string == NULL) { - printf("Encryption type: "); - if (fgets(buf, sizeof(buf), stdin) == NULL) + if(opt->enctype_string == NULL) { + if(readstring("Encryption type: ", buf, sizeof(buf)) == NULL) { + ret = 1; goto out; - buf[strcspn(buf, "\r\n")] = '\0'; - enctype_string = buf; + } + opt->enctype_string = buf; } - ret = krb5_string_to_enctype(context, enctype_string, &enctype); + ret = krb5_string_to_enctype(context, opt->enctype_string, &enctype); if(ret) { int t; - if(sscanf(enctype_string, "%d", &t) == 1) + if(sscanf(opt->enctype_string, "%d", &t) == 1) enctype = t; else { - krb5_warn(context, ret, "%s", enctype_string); + krb5_warn(context, ret, "%s", opt->enctype_string); goto out; } } - if(kvno == -1) { - printf("Key version: "); - if (fgets(buf, sizeof(buf), stdin) == NULL) + if(opt->kvno_integer == -1) { + if(readstring("Key version: ", buf, sizeof(buf)) == NULL) { + ret = 1; + goto out; + } + if(sscanf(buf, "%u", &opt->kvno_integer) != 1) goto out; - buf[strcspn(buf, "\r\n")] = '\0'; - kvno = atoi(buf); } - if(password_string == NULL && random_flag == 0) { - if(des_read_pw_string(buf, sizeof(buf), "Password: ", 1)) + if(opt->password_string == NULL && opt->random_flag == 0) { + if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Password: ", 1)) { + ret = 1; goto out; - password_string = buf; + } + opt->password_string = buf; } - if(password_string) { - if (!salt_flag) { + if(opt->password_string) { + if (opt->hex_flag) { + size_t len; + void *data; + + len = (strlen(opt->password_string) + 1) / 2; + + data = malloc(len); + if (data == NULL) { + krb5_warn(context, ENOMEM, "malloc"); + goto out; + } + + if (hex_decode(opt->password_string, data, len) != len) { + free(data); + krb5_warn(context, ENOMEM, "hex decode failed"); + goto out; + } + + ret = krb5_keyblock_init(context, enctype, + data, len, &entry.keyblock); + free(data); + } else if (!opt->salt_flag) { krb5_salt salt; krb5_data pw; salt.salttype = KRB5_PW_SALT; salt.saltvalue.data = NULL; salt.saltvalue.length = 0; - pw.data = (void*)password_string; - pw.length = strlen(password_string); - krb5_string_to_key_data_salt(context, enctype, pw, salt, - &entry.keyblock); + pw.data = (void*)opt->password_string; + pw.length = strlen(opt->password_string); + ret = krb5_string_to_key_data_salt(context, enctype, pw, salt, + &entry.keyblock); } else { - krb5_string_to_key(context, enctype, password_string, - entry.principal, &entry.keyblock); + ret = krb5_string_to_key(context, enctype, opt->password_string, + entry.principal, &entry.keyblock); } - memset (password_string, 0, strlen(password_string)); + memset (opt->password_string, 0, strlen(opt->password_string)); } else { - krb5_generate_random_keyblock(context, enctype, &entry.keyblock); + ret = krb5_generate_random_keyblock(context, enctype, &entry.keyblock); + } + if(ret) { + krb5_warn(context, ret, "add"); + goto out; } - entry.vno = kvno; + entry.vno = opt->kvno_integer; entry.timestamp = time (NULL); ret = krb5_kt_add_entry(context, keytab, &entry); if(ret) @@ -151,5 +153,5 @@ kt_add(int argc, char **argv) out: krb5_kt_free_entry(context, &entry); krb5_kt_close(context, keytab); - return 0; + return ret != 0; } |