summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal/kadmin/init.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/heimdal/kadmin/init.c')
-rw-r--r--crypto/heimdal/kadmin/init.c27
1 files changed, 22 insertions, 5 deletions
diff --git a/crypto/heimdal/kadmin/init.c b/crypto/heimdal/kadmin/init.c
index b889131..2391a08 100644
--- a/crypto/heimdal/kadmin/init.c
+++ b/crypto/heimdal/kadmin/init.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -34,7 +34,7 @@
#include "kadmin_locl.h"
#include <kadm5/private.h>
-RCSID("$Id: init.c,v 1.23 1999/12/02 17:04:58 joda Exp $");
+RCSID("$Id: init.c,v 1.27 2000/09/10 19:20:16 joda Exp $");
static kadm5_ret_t
create_random_entry(krb5_principal princ,
@@ -97,7 +97,7 @@ static int num_args = sizeof(args) / sizeof(args[0]);
static void
usage(void)
{
- arg_printusage (args, num_args, "ank", "principal");
+ arg_printusage (args, num_args, "init", "realm...");
}
int
@@ -119,6 +119,11 @@ init(int argc, char **argv)
return 0;
}
+ if(argc - optind < 1) {
+ usage();
+ return 0;
+ }
+
if (realm_max_life) {
if (str2deltat (realm_max_life, &max_life) != 0) {
krb5_warnx (context, "unable to parse `%s'", realm_max_life);
@@ -145,7 +150,8 @@ init(int argc, char **argv)
const char *realm = argv[i];
/* Create `krbtgt/REALM' */
- krb5_make_principal(context, &princ, realm, "krbtgt", realm, NULL);
+ krb5_make_principal(context, &princ, realm,
+ KRB5_TGS_NAME, realm, NULL);
if (realm_max_life == NULL) {
max_life = 0;
edit_deltat ("Realm max ticket life", &max_life, NULL, 0);
@@ -180,7 +186,18 @@ init(int argc, char **argv)
/* Create `changepw/kerberos' (for v4 compat) */
krb5_make_principal(context, &princ, realm,
"changepw", "kerberos", NULL);
- create_random_entry(princ, 60*60, 60*60, 0);
+ create_random_entry(princ, 60*60, 60*60,
+ KRB5_KDB_DISALLOW_TGT_BASED|
+ KRB5_KDB_PWCHANGE_SERVICE);
+
+ krb5_free_principal(context, princ);
+
+ /* Create `kadmin/hprop' for database propagation */
+ krb5_make_principal(context, &princ, realm,
+ "kadmin", "hprop", NULL);
+ create_random_entry(princ, 60*60, 60*60,
+ KRB5_KDB_REQUIRES_PRE_AUTH|
+ KRB5_KDB_DISALLOW_TGT_BASED);
krb5_free_principal(context, princ);
/* Create `default' */
OpenPOWER on IntegriCloud