diff options
Diffstat (limited to 'crypto/kerberosIV/admin')
| -rw-r--r-- | crypto/kerberosIV/admin/Makefile.in | 104 | ||||
| -rw-r--r-- | crypto/kerberosIV/admin/adm_locl.h | 91 | ||||
| -rw-r--r-- | crypto/kerberosIV/admin/ext_srvtab.c | 143 | ||||
| -rw-r--r-- | crypto/kerberosIV/admin/kdb_destroy.c | 57 | ||||
| -rw-r--r-- | crypto/kerberosIV/admin/kdb_edit.c | 404 | ||||
| -rw-r--r-- | crypto/kerberosIV/admin/kdb_init.c | 174 | ||||
| -rw-r--r-- | crypto/kerberosIV/admin/kdb_util.c | 496 | ||||
| -rw-r--r-- | crypto/kerberosIV/admin/kstash.c | 56 |
8 files changed, 1525 insertions, 0 deletions
diff --git a/crypto/kerberosIV/admin/Makefile.in b/crypto/kerberosIV/admin/Makefile.in new file mode 100644 index 0000000..d0b68b1 --- /dev/null +++ b/crypto/kerberosIV/admin/Makefile.in @@ -0,0 +1,104 @@ +# $Id: Makefile.in,v 1.26 1997/05/04 08:33:50 assar Exp $ + +SHELL = /bin/sh + +srcdir = @srcdir@ +VPATH = @srcdir@ + +CC = @CC@ +AR = ar +RANLIB = @RANLIB@ +DEFS = @DEFS@ +CFLAGS = @CFLAGS@ +LD_FLAGS = @LD_FLAGS@ +LIBS = @LIBS@ +LIB_DBM = @LIB_DBM@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ + +MKINSTALLDIRS = @top_srcdir@/mkinstalldirs + +prefix = @prefix@ +exec_prefix = @exec_prefix@ +libdir = @libdir@ +sbindir = @sbindir@ +transform=@program_transform_name@ +EXECSUFFIX=@EXECSUFFIX@ + +PROGS = ext_srvtab$(EXECSUFFIX) \ + kdb_destroy$(EXECSUFFIX) \ + kdb_edit$(EXECSUFFIX) \ + kdb_init$(EXECSUFFIX) \ + kdb_util$(EXECSUFFIX) \ + kstash$(EXECSUFFIX) + +SOURCES = ext_srvtab.c kdb_destroy.c kdb_edit.c \ + kdb_init.c kdb_util.c kstash.c + +OBJECTS = ext_srvtab.o kdb_destroy.o kdb_edit.o \ + kdb_init.o kdb_util.o kstash.o + +all: $(PROGS) + +Wall: + make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" + +.c.o: + $(CC) -c $(CPPFLAGS) $(DEFS) -I../include -I$(srcdir) $(CFLAGS) $< + +install: all + $(MKINSTALLDIRS) $(sbindir) + for x in $(PROGS); do \ + $(INSTALL_PROGRAM) $$x $(sbindir)/`echo $$x|sed '$(transform)'`; \ + done + +uninstall: + for x in $(PROGS); do \ + rm -f $(sbindir)/`echo $$x|sed '$(transform)'`; \ + done + +TAGS: $(SOURCES) + etags $(SOURCES) + +check: + +clean: + rm -f *.a *.o $(PROGS) + +mostlyclean: clean + +distclean: clean + rm -f Makefile *.tab.c *~ + +realclean: distclean + rm -f TAGS + +dist: $(DISTFILES) + for file in $(DISTFILES); do \ + ln $$file ../`cat ../.fname`/lib \ + || cp -p $$file ../`cat ../.fname`/lib; \ + done + +KLIB=-L../lib/kdb -lkdb -L../lib/krb -lkrb -L../lib/des -ldes +LIBROKEN= -L../lib/roken -lroken + +ext_srvtab$(EXECSUFFIX): ext_srvtab.o + $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ ext_srvtab.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) + +kdb_destroy$(EXECSUFFIX): kdb_destroy.o + $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_destroy.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) + +kdb_edit$(EXECSUFFIX): kdb_edit.o + $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_edit.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) + +kdb_init$(EXECSUFFIX): kdb_init.o + $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_init.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) + +kdb_util$(EXECSUFFIX): kdb_util.o + $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_util.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) + +kstash$(EXECSUFFIX): kstash.o + $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kstash.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) + +$(OBJECTS): ../include/config.h diff --git a/crypto/kerberosIV/admin/adm_locl.h b/crypto/kerberosIV/admin/adm_locl.h new file mode 100644 index 0000000..6cbd20d --- /dev/null +++ b/crypto/kerberosIV/admin/adm_locl.h @@ -0,0 +1,91 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: adm_locl.h,v 1.16 1997/04/20 05:46:14 assar Exp $ */ + +#ifndef __adm_locl_h +#define __adm_locl_h + +#include "config.h" +#include "protos.h" + +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <assert.h> + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#ifdef TIME_WITH_SYS_TIME +#include <sys/time.h> +#include <time.h> +#elif defined(HAVE_SYS_TIME_H) +#include <sys/time.h> +#else +#include <time.h> +#endif /* !TIME_WITH_SYS_TIME */ + +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_SYS_STAT_H +#include <sys/stat.h> +#endif +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#include <signal.h> +#include <errno.h> + +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif + +#include <err.h> + +#include <roken.h> + +#include <des.h> +#include <krb.h> +#include <krb_db.h> +#include <kdc.h> +#include <kadm.h> + +#endif /* __adm_locl_h */ diff --git a/crypto/kerberosIV/admin/ext_srvtab.c b/crypto/kerberosIV/admin/ext_srvtab.c new file mode 100644 index 0000000..9c02921 --- /dev/null +++ b/crypto/kerberosIV/admin/ext_srvtab.c @@ -0,0 +1,143 @@ +/* + * Copyright 1987, 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * Description + */ + +#include "adm_locl.h" + +RCSID("$Id: ext_srvtab.c,v 1.13 1997/05/02 14:27:33 assar Exp $"); + +static des_cblock master_key; +static des_cblock session_key; +static des_key_schedule master_key_schedule; +static char realm[REALM_SZ]; + +static void +usage(void) +{ + fprintf(stderr, + "Usage: %s [-n] [-r realm] instance [instance ...]\n", + __progname); + exit(1); +} + +static void +StampOutSecrets(void) +{ + memset(master_key, 0, sizeof master_key); + memset(session_key, 0, sizeof session_key); + memset(master_key_schedule, 0, sizeof master_key_schedule); +} + +static void +Die(void) +{ + StampOutSecrets(); + exit(1); +} + +static void +FWrite(void *p, int size, int n, FILE *f) +{ + if (fwrite(p, size, n, f) != n) { + printf("Error writing output file. Terminating.\n"); + Die(); + } +} + +int +main(int argc, char **argv) +{ + FILE *fout; + char fname[1024]; + int fopen_errs = 0; + int arg; + Principal princs[40]; + int more; + int prompt = KDB_GET_PROMPT; + int n, i; + + set_progname (argv[0]); + memset(realm, 0, sizeof(realm)); + + /* Parse commandline arguments */ + if (argc < 2) + usage(); + else { + for (i = 1; i < argc; i++) { + if (strcmp(argv[i], "-n") == 0) + prompt = FALSE; + else if (strcmp(argv[i], "-r") == 0) { + if (++i >= argc) + usage(); + else { + strcpy(realm, argv[i]); + /* + * This is to humor the broken way commandline + * argument parsing is done. Later, this + * program ignores everything that starts with -. + */ + argv[i][0] = '-'; + } + } + else if (argv[i][0] == '-') + usage(); + else + if (!k_isinst(argv[i])) { + warnx("bad instance name: %s", argv[i]); + usage(); + } + } + } + + if (kdb_get_master_key (prompt, &master_key, master_key_schedule) != 0) + errx (1, "Couldn't read master key."); + + if (kdb_verify_master_key (&master_key, master_key_schedule, stderr) < 0) { + exit(1); + } + + /* For each arg, search for instances of arg, and produce */ + /* srvtab file */ + if (!realm[0]) + if (krb_get_lrealm(realm, 1) != KSUCCESS) + errx (1, "couldn't get local realm"); + umask(077); + + for (arg = 1; arg < argc; arg++) { + if (argv[arg][0] == '-') + continue; + snprintf(fname, sizeof(fname), "%s-new-srvtab", argv[arg]); + if ((fout = fopen(fname, "w")) == NULL) { + warn("Couldn't create file '%s'.", fname); + fopen_errs++; + continue; + } + printf("Generating '%s'....\n", fname); + n = kerb_get_principal("*", argv[arg], &princs[0], 40, &more); + if (more) + fprintf(stderr, "More than 40 found...\n"); + for (i = 0; i < n; i++) { + FWrite(princs[i].name, strlen(princs[i].name) + 1, 1, fout); + FWrite(princs[i].instance, strlen(princs[i].instance) + 1, + 1, fout); + FWrite(realm, strlen(realm) + 1, 1, fout); + FWrite(&princs[i].key_version, + sizeof(princs[i].key_version), 1, fout); + copy_to_key(&princs[i].key_low, &princs[i].key_high, session_key); + kdb_encrypt_key (&session_key, &session_key, + &master_key, master_key_schedule, DES_DECRYPT); + FWrite(session_key, sizeof session_key, 1, fout); + } + fclose(fout); + } + + StampOutSecrets(); + + return fopen_errs; /* 0 errors if successful */ + +} diff --git a/crypto/kerberosIV/admin/kdb_destroy.c b/crypto/kerberosIV/admin/kdb_destroy.c new file mode 100644 index 0000000..fca339f --- /dev/null +++ b/crypto/kerberosIV/admin/kdb_destroy.c @@ -0,0 +1,57 @@ +/* + * Copyright 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * Description. + */ + +#include "adm_locl.h" + +RCSID("$Id: kdb_destroy.c,v 1.7 1997/03/31 02:25:21 assar Exp $"); + +int +main(int argc, char **argv) +{ + char answer[10]; /* user input */ + char dbm[256]; /* database path and name */ + char dbm1[256]; /* database path and name */ +#ifdef HAVE_NEW_DB + char *file; /* database file names */ +#else + char *file1, *file2; /* database file names */ +#endif + + set_progname (argv[0]); + + strcpy(dbm, DBM_FILE); +#ifdef HAVE_NEW_DB + file = strcat(dbm, ".db"); +#else + strcpy(dbm1, DBM_FILE); + file1 = strcat(dbm, ".dir"); + file2 = strcat(dbm1, ".pag"); +#endif + + printf("You are about to destroy the Kerberos database "); + printf("on this machine.\n"); + printf("Are you sure you want to do this (y/n)? "); + fgets(answer, sizeof(answer), stdin); + + if (answer[0] == 'y' || answer[0] == 'Y') { +#ifdef HAVE_NEW_DB + if (unlink(file) == 0) +#else + if (unlink(file1) == 0 && unlink(file2) == 0) +#endif + { + warnx ("Database deleted at %s", DBM_FILE); + return 0; + } + else + warn ("Database cannot be deleted at %s", DBM_FILE); + } else + warnx ("Database not deleted at %s", DBM_FILE); + return 1; +} diff --git a/crypto/kerberosIV/admin/kdb_edit.c b/crypto/kerberosIV/admin/kdb_edit.c new file mode 100644 index 0000000..5d07135 --- /dev/null +++ b/crypto/kerberosIV/admin/kdb_edit.c @@ -0,0 +1,404 @@ +/* + * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute + * of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * This routine changes the Kerberos encryption keys for principals, + * i.e., users or services. + */ + +/* + * exit returns 0 ==> success -1 ==> error + */ + +#include "adm_locl.h" + +RCSID("$Id: kdb_edit.c,v 1.25 1997/05/07 01:34:05 assar Exp $"); + +#ifdef DEBUG +extern kerb_debug; +#endif + +#define zaptime(foo) memset((foo), 0, sizeof(*(foo))) + +static int nflag = 0; +static int debug; + +static des_cblock new_key; + +static int i, j; +static int more; + +static char input_name[ANAME_SZ]; +static char input_instance[INST_SZ]; + +#define MAX_PRINCIPAL 10 +static Principal principal_data[MAX_PRINCIPAL]; + +static Principal old_principal; +static Principal default_princ; + +static des_cblock master_key; +static des_cblock session_key; +static des_key_schedule master_key_schedule; +static char pw_str[255]; +static long master_key_version; + +static void +Usage(void) +{ + fprintf(stderr, "Usage: %s [-n]\n", __progname); + exit(1); +} + +static char * +n_gets(char *buf, int size) +{ + char *p; + char *ret; + ret = fgets(buf, size, stdin); + + if (ret && (p = strchr(buf, '\n'))) + *p = 0; + return ret; +} + + +static int +change_principal(void) +{ + static char temp[255]; + int creating = 0; + int editpw = 0; + int changed = 0; + long temp_long; /* Don't change to int32_t, used by scanf */ + int n; + struct tm *tp, edate; + + fprintf(stdout, "\nPrincipal name: "); + fflush(stdout); + if (!n_gets(input_name, sizeof(input_name)) || *input_name == '\0') + return 0; + fprintf(stdout, "Instance: "); + fflush(stdout); + /* instance can be null */ + n_gets(input_instance, sizeof(input_instance)); + j = kerb_get_principal(input_name, input_instance, principal_data, + MAX_PRINCIPAL, &more); + if (!j) { + fprintf(stdout, "\n\07\07<Not found>, Create [y] ? "); + fflush(stdout); + n_gets(temp, sizeof(temp)); /* Default case should work, it didn't */ + if (temp[0] != 'y' && temp[0] != 'Y' && temp[0] != '\0') + return -1; + /* make a new principal, fill in defaults */ + j = 1; + creating = 1; + strcpy(principal_data[0].name, input_name); + strcpy(principal_data[0].instance, input_instance); + principal_data[0].old = NULL; + principal_data[0].exp_date = default_princ.exp_date; + if (strcmp(input_instance, "admin") == 0) + principal_data[0].max_life = 1 + (CLOCK_SKEW/(5*60)); /*5+5 minutes*/ + else if (strcmp(input_instance, "root") == 0) + principal_data[0].max_life = 96; /* 8 hours */ + else + principal_data[0].max_life = default_princ.max_life; + principal_data[0].attributes = default_princ.attributes; + principal_data[0].kdc_key_ver = (unsigned char) master_key_version; + principal_data[0].key_version = 0; /* bumped up later */ + } + tp = k_localtime(&principal_data[0].exp_date); + snprintf(principal_data[0].exp_date_txt, + sizeof(principal_data[0].exp_date_txt), + "%4d-%02d-%02d", + tp->tm_year + 1900, + tp->tm_mon + 1, tp->tm_mday); /* January is 0, not 1 */ + for (i = 0; i < j; i++) { + for (;;) { + fprintf(stdout, + "\nPrincipal: %s, Instance: %s, kdc_key_ver: %d", + principal_data[i].name, principal_data[i].instance, + principal_data[i].kdc_key_ver); + fflush(stdout); + editpw = 1; + changed = 0; + if (!creating) { + /* + * copy the existing data so we can use the old values + * for the qualifier clause of the replace + */ + principal_data[i].old = (char *) &old_principal; + memcpy(&old_principal, &principal_data[i], + sizeof(old_principal)); + printf("\nChange password [n] ? "); + n_gets(temp, sizeof(temp)); + if (strcmp("y", temp) && strcmp("Y", temp)) + editpw = 0; + } + /* password */ + if (editpw) { +#ifdef NOENCRYPTION + placebo_read_pw_string(pw_str, sizeof pw_str, + "\nNew Password: ", TRUE); +#else + if(des_read_pw_string(pw_str, sizeof pw_str, + "\nNew Password: ", TRUE)) + continue; +#endif + if ( strcmp(pw_str, "RANDOM") == 0 + || strcmp(pw_str, "") == 0) { + printf("\nRandom password [y] ? "); + n_gets(temp, sizeof(temp)); + if (!strcmp("n", temp) || !strcmp("N", temp)) { + /* no, use literal */ +#ifdef NOENCRYPTION + memset(new_key, 0, sizeof(des_cblock)); + new_key[0] = 127; +#else + des_string_to_key(pw_str, &new_key); +#endif + memset(pw_str, 0, sizeof pw_str); /* "RANDOM" */ + } else { +#ifdef NOENCRYPTION + memset(new_key, 0, sizeof(des_cblock)); + new_key[0] = 127; +#else + des_new_random_key(&new_key); +#endif + memset(pw_str, 0, sizeof pw_str); + } + } else if (!strcmp(pw_str, "NULL")) { + printf("\nNull Key [y] ? "); + n_gets(temp, sizeof(temp)); + if (!strcmp("n", temp) || !strcmp("N", temp)) { + /* no, use literal */ +#ifdef NOENCRYPTION + memset(new_key, 0, sizeof(des_cblock)); + new_key[0] = 127; +#else + des_string_to_key(pw_str, &new_key); +#endif + memset(pw_str, 0, sizeof pw_str); /* "NULL" */ + } else { + + principal_data[i].key_low = 0; + principal_data[i].key_high = 0; + goto null_key; + } + } else { +#ifdef NOENCRYPTION + memset(new_key, 0, sizeof(des_cblock)); + new_key[0] = 127; +#else + des_string_to_key(pw_str, &new_key); +#endif + memset(pw_str, 0, sizeof pw_str); + } + + /* seal it under the kerberos master key */ + kdb_encrypt_key (&new_key, &new_key, + &master_key, master_key_schedule, + DES_ENCRYPT); + copy_from_key(new_key, + &principal_data[i].key_low, + &principal_data[i].key_high); + memset(new_key, 0, sizeof(new_key)); + null_key: + /* set master key version */ + principal_data[i].kdc_key_ver = + (unsigned char) master_key_version; + /* bump key version # */ + principal_data[i].key_version++; + fprintf(stdout, + "\nPrincipal's new key version = %d\n", + principal_data[i].key_version); + fflush(stdout); + changed = 1; + } + /* expiration date */ + fprintf(stdout, "Expiration date (enter yyyy-mm-dd) [ %s ] ? ", + principal_data[i].exp_date_txt); + fflush(stdout); + zaptime(&edate); + while (n_gets(temp, sizeof(temp)) && ((n = strlen(temp)) > + sizeof(principal_data[0].exp_date_txt))) { + bad_date: + fprintf(stdout, "\07\07Date Invalid\n"); + fprintf(stdout, + "Expiration date (enter yyyy-mm-dd) [ %s ] ? ", + principal_data[i].exp_date_txt); + fflush(stdout); + zaptime(&edate); + } + + if (*temp) { + if (sscanf(temp, "%d-%d-%d", &edate.tm_year, + &edate.tm_mon, &edate.tm_mday) != 3) + goto bad_date; + edate.tm_mon--; /* January is 0, not 1 */ + edate.tm_hour = 23; /* nearly midnight at the end of the */ + edate.tm_min = 59; /* specified day */ + if (krb_check_tm (edate)) + goto bad_date; + edate.tm_year -= 1900; + temp_long = tm2time (edate, 1); + strcpy(principal_data[i].exp_date_txt, temp); + principal_data[i].exp_date = temp_long; + changed = 1; + } + + /* maximum lifetime */ + fprintf(stdout, "Max ticket lifetime (*5 minutes) [ %d ] ? ", + principal_data[i].max_life); + fflush(stdout); + while (n_gets(temp, sizeof(temp)) && *temp) { + if (sscanf(temp, "%ld", &temp_long) != 1) + goto bad_life; + if (temp_long > 255 || (temp_long < 0)) { + bad_life: + fprintf(stdout, "\07\07Invalid, choose 0-255\n"); + fprintf(stdout, + "Max ticket lifetime (*5 minutes) [ %d ] ? ", + principal_data[i].max_life); + fflush(stdout); + continue; + } + changed = 1; + /* dont clobber */ + principal_data[i].max_life = (unsigned short) temp_long; + break; + } + + /* attributes */ + fprintf(stdout, "Attributes [ %d ] ? ", + principal_data[i].attributes); + fflush(stdout); + while (n_gets(temp, sizeof(temp)) && *temp) { + if (sscanf(temp, "%ld", &temp_long) != 1) + goto bad_att; + if (temp_long > 65535 || (temp_long < 0)) { + bad_att: + fprintf(stdout, "\07\07Invalid, choose 0-65535\n"); + fprintf(stdout, "Attributes [ %d ] ? ", + principal_data[i].attributes); + fflush(stdout); + continue; + } + changed = 1; + /* dont clobber */ + principal_data[i].attributes = + (unsigned short) temp_long; + break; + } + + /* + * remaining fields -- key versions and mod info, should + * not be directly manipulated + */ + if (changed) { + if (kerb_put_principal(&principal_data[i], 1)) { + fprintf(stdout, + "\nError updating Kerberos database"); + } else { + fprintf(stdout, "Edit O.K."); + } + } else { + fprintf(stdout, "Unchanged"); + } + + + memset(&principal_data[i].key_low, 0, 4); + memset(&principal_data[i].key_high, 0, 4); + fflush(stdout); + break; + } + } + if (more) { + fprintf(stdout, "\nThere were more tuples found "); + fprintf(stdout, "than there were space for"); + } + return 1; +} + +static void +cleanup(void) +{ + + memset(master_key, 0, sizeof(master_key)); + memset(session_key, 0, sizeof(session_key)); + memset(master_key_schedule, 0, sizeof(master_key_schedule)); + memset(principal_data, 0, sizeof(principal_data)); + memset(new_key, 0, sizeof(new_key)); + memset(pw_str, 0, sizeof(pw_str)); +} + +int +main(int argc, char **argv) +{ + /* Local Declarations */ + + long n; + + set_progname (argv[0]); + + while (--argc > 0 && (*++argv)[0] == '-') + for (i = 1; argv[0][i] != '\0'; i++) { + switch (argv[0][i]) { + + /* debug flag */ + case 'd': + debug = 1; + continue; + + /* debug flag */ +#ifdef DEBUG + case 'l': + kerb_debug |= 1; + continue; +#endif + case 'n': /* read MKEYFILE for master key */ + nflag = 1; + continue; + + default: + warnx ("illegal flag \"%c\"", argv[0][i]); + Usage(); /* Give message and die */ + } + } + + fprintf(stdout, "Opening database...\n"); + fflush(stdout); + kerb_init(); + if (argc > 0) + if (kerb_db_set_name(*argv) != 0) + errx (1, "Could not open altername database name"); + + if (kdb_get_master_key ((nflag == 0) ? KDB_GET_PROMPT : 0, + &master_key, master_key_schedule) != 0) + errx (1, "Couldn't read master key."); + + if ((master_key_version = kdb_verify_master_key(&master_key, + master_key_schedule, + stdout)) < 0) + return 1; + + /* Initialize non shared random sequence */ + des_init_random_number_generator(&master_key); + + /* lookup the default values */ + n = kerb_get_principal(KERB_DEFAULT_NAME, KERB_DEFAULT_INST, + &default_princ, 1, &more); + if (n != 1) + errx (1, "Kerberos error on default value lookup, %ld found.", n); + fprintf(stdout, "Previous or default values are in [brackets] ,\n"); + fprintf(stdout, "enter return to leave the same, or new value.\n"); + + while (change_principal()) { + } + + cleanup(); + return 0; +} diff --git a/crypto/kerberosIV/admin/kdb_init.c b/crypto/kerberosIV/admin/kdb_init.c new file mode 100644 index 0000000..b9ea009 --- /dev/null +++ b/crypto/kerberosIV/admin/kdb_init.c @@ -0,0 +1,174 @@ +/* + * Copyright 1987, 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * program to initialize the database, reports error if database file + * already exists. + */ + +#include "adm_locl.h" + +RCSID("$Id: kdb_init.c,v 1.23 1997/03/30 17:45:05 assar Exp $"); + +enum ap_op { + NULL_KEY, /* setup null keys */ + MASTER_KEY, /* use master key as new key */ + RANDOM_KEY /* choose a random key */ +}; + +static des_cblock master_key; +static des_key_schedule master_key_schedule; + +/* use a return code to indicate success or failure. check the return */ +/* values of the routines called by this routine. */ + +static int +add_principal(char *name, char *instance, enum ap_op aap_op, int maxlife) +{ + Principal principal; + struct tm *tm; + des_cblock new_key; + + memset(&principal, 0, sizeof(principal)); + strncpy(principal.name, name, ANAME_SZ); + strncpy(principal.instance, instance, INST_SZ); + switch (aap_op) { + case NULL_KEY: + principal.key_low = 0; + principal.key_high = 0; + break; + case RANDOM_KEY: +#ifdef NOENCRYPTION + memset(new_key, 0, sizeof(des_cblock)); + new_key[0] = 127; +#else + des_new_random_key(&new_key); +#endif + kdb_encrypt_key (&new_key, &new_key, &master_key, master_key_schedule, + DES_ENCRYPT); + copy_from_key(new_key, &principal.key_low, &principal.key_high); + memset(new_key, 0, sizeof(new_key)); + break; + case MASTER_KEY: + memcpy(new_key, master_key, sizeof (des_cblock)); + kdb_encrypt_key (&new_key, &new_key, &master_key, master_key_schedule, + DES_ENCRYPT); + copy_from_key(new_key, &principal.key_low, &principal.key_high); + break; + } + principal.exp_date = 946702799; /* Happy new century */ + strncpy(principal.exp_date_txt, "12/31/99", DATE_SZ); + principal.mod_date = time(0); + + tm = k_localtime(&principal.mod_date); + principal.attributes = 0; + principal.max_life = maxlife; + + principal.kdc_key_ver = 1; + principal.key_version = 1; + + strncpy(principal.mod_name, "db_creation", ANAME_SZ); + strncpy(principal.mod_instance, "", INST_SZ); + principal.old = 0; + + if (kerb_db_put_principal(&principal, 1) != 1) + return -1; /* FAIL */ + + /* let's play it safe */ + memset(new_key, 0, sizeof (des_cblock)); + memset(&principal.key_low, 0, 4); + memset(&principal.key_high, 0, 4); + return 0; +} + +int +main(int argc, char **argv) +{ + char realm[REALM_SZ]; + char *cp; + int code; + char *database; + + set_progname (argv[0]); + + if (argc > 3) { + fprintf(stderr, "Usage: %s [realm-name] [database-name]\n", argv[0]); + return 1; + } + if (argc == 3) { + database = argv[2]; + --argc; + } else + database = DBM_FILE; + + /* Do this first, it'll fail if the database exists */ + if ((code = kerb_db_create(database)) != 0) + err (1, "Couldn't create database %s", database); + kerb_db_set_name(database); + + if (argc == 2) + strncpy(realm, argv[1], REALM_SZ); + else { + if (krb_get_lrealm(realm, 1) != KSUCCESS) + strcpy(realm, KRB_REALM); + fprintf(stderr, "Realm name [default %s ]: ", realm); + if (fgets(realm, sizeof(realm), stdin) == NULL) + errx (1, "\nEOF reading realm"); + if ((cp = strchr(realm, '\n'))) + *cp = '\0'; + if (!*realm) /* no realm given */ + if (krb_get_lrealm(realm, 1) != KSUCCESS) + strcpy(realm, KRB_REALM); + } + if (!k_isrealm(realm)) + errx (1, "Bad kerberos realm name \"%s\"", realm); +#ifndef RANDOM_MKEY + printf("You will be prompted for the database Master Password.\n"); + printf("It is important that you NOT FORGET this password.\n"); +#else + printf("To generate a master key, please enter some random data.\n"); + printf("You do not have to remember this.\n"); +#endif + fflush(stdout); + + if (kdb_get_master_key (KDB_GET_TWICE, &master_key, + master_key_schedule) != 0) + errx (1, "Couldn't read master key."); + +#ifdef RANDOM_MKEY + if(kdb_kstash(&master_key, MKEYFILE) < 0) + err (1, "Error writing master key"); + fprintf(stderr, "Wrote master key to %s\n", MKEYFILE); +#endif + + /* Initialize non shared random sequence */ + des_init_random_number_generator(&master_key); + + /* Maximum lifetime for changepw.kerberos (kadmin) tickets, 10 minutes */ +#define ADMLIFE (1 + (CLOCK_SKEW/(5*60))) + + /* Maximum lifetime for ticket granting tickets, 4 days or 21.25h */ +#define TGTLIFE ((krb_life_to_time(0, 162) >= 24*60*60) ? 161 : 255) + + /* This means that default lifetimes have not been initialized */ +#define DEFLIFE 255 + +#define NOLIFE 0 + + if ( + add_principal(KERB_M_NAME, KERB_M_INST, MASTER_KEY, NOLIFE) || + add_principal(KERB_DEFAULT_NAME, KERB_DEFAULT_INST, NULL_KEY,DEFLIFE)|| + add_principal(KRB_TICKET_GRANTING_TICKET, realm, RANDOM_KEY, TGTLIFE)|| + add_principal(PWSERV_NAME, KRB_MASTER, RANDOM_KEY, ADMLIFE) + ) { + putc ('\n', stderr); + errx (1, "couldn't initialize database."); + } + + /* play it safe */ + memset(master_key, 0, sizeof (des_cblock)); + memset(master_key_schedule, 0, sizeof (des_key_schedule)); + return 0; +} diff --git a/crypto/kerberosIV/admin/kdb_util.c b/crypto/kerberosIV/admin/kdb_util.c new file mode 100644 index 0000000..b221fdd --- /dev/null +++ b/crypto/kerberosIV/admin/kdb_util.c @@ -0,0 +1,496 @@ +/* + * Copyright 1987, 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * Kerberos database manipulation utility. This program allows you to + * dump a kerberos database to an ascii readable file and load this + * file into the database. Read locking of the database is done during a + * dump operation. NO LOCKING is done during a load operation. Loads + * should happen with other processes shutdown. + * + * Written July 9, 1987 by Jeffrey I. Schiller + */ + +#include "adm_locl.h" + +RCSID("$Id: kdb_util.c,v 1.35 1997/05/07 00:57:45 assar Exp $"); + +static des_cblock master_key, new_master_key; +static des_key_schedule master_key_schedule, new_master_key_schedule; + +#define zaptime(foo) memset((foo), 0, sizeof(*(foo))) + +/* cv_key is a procedure which takes a principle and changes its key, + either for a new method of encrypting the keys, or a new master key. + if cv_key is null no transformation of key is done (other than net byte + order). */ + +struct callback_args { + void (*cv_key)(Principal *); + FILE *output_file; +}; + +static void +print_time(FILE *file, time_t timeval) +{ + struct tm *tm; + tm = gmtime(&timeval); + fprintf(file, " %04d%02d%02d%02d%02d", + tm->tm_year + 1900, + tm->tm_mon + 1, + tm->tm_mday, + tm->tm_hour, + tm->tm_min); +} + +static long +time_explode(char *cp) +{ + char wbuf[5]; + struct tm tp; + int local; + + zaptime(&tp); /* clear out the struct */ + + if (strlen(cp) > 10) { /* new format */ + strncpy(wbuf, cp, 4); + wbuf[4] = 0; + tp.tm_year = atoi(wbuf) - 1900; + cp += 4; /* step over the year */ + local = 0; /* GMT */ + } else { /* old format: local time, + year is 2 digits, assuming 19xx */ + wbuf[0] = *cp++; + wbuf[1] = *cp++; + wbuf[2] = 0; + tp.tm_year = atoi(wbuf); + local = 1; /* local */ + } + + wbuf[0] = *cp++; + wbuf[1] = *cp++; + wbuf[2] = 0; + tp.tm_mon = atoi(wbuf)-1; + + wbuf[0] = *cp++; + wbuf[1] = *cp++; + tp.tm_mday = atoi(wbuf); + + wbuf[0] = *cp++; + wbuf[1] = *cp++; + tp.tm_hour = atoi(wbuf); + + wbuf[0] = *cp++; + wbuf[1] = *cp++; + tp.tm_min = atoi(wbuf); + + + return(tm2time(tp, local)); +} + +static int +dump_db_1(void *arg, Principal *principal) +{ /* replace null strings with "*" */ + struct callback_args *a = (struct callback_args *)arg; + + if (principal->instance[0] == '\0') { + principal->instance[0] = '*'; + principal->instance[1] = '\0'; + } + if (principal->mod_name[0] == '\0') { + principal->mod_name[0] = '*'; + principal->mod_name[1] = '\0'; + } + if (principal->mod_instance[0] == '\0') { + principal->mod_instance[0] = '*'; + principal->mod_instance[1] = '\0'; + } + if (a->cv_key != NULL) { + (*a->cv_key) (principal); + } + fprintf(a->output_file, "%s %s %d %d %d %d %x %x", + principal->name, + principal->instance, + principal->max_life, + principal->kdc_key_ver, + principal->key_version, + principal->attributes, + (int)htonl (principal->key_low), + (int)htonl (principal->key_high)); + print_time(a->output_file, principal->exp_date); + print_time(a->output_file, principal->mod_date); + fprintf(a->output_file, " %s %s\n", + principal->mod_name, + principal->mod_instance); + return 0; +} + +static int +dump_db (char *db_file, FILE *output_file, void (*cv_key) (Principal *)) +{ + struct callback_args a; + + a.cv_key = cv_key; + a.output_file = output_file; + + kerb_db_iterate ((k_iter_proc_t)dump_db_1, &a); + return fflush(output_file); +} + +static int +add_file(void *db, FILE *file) +{ + int ret; + int lineno = 0; + char line[1024]; + unsigned long key[2]; /* yes, long */ + Principal pr; + + char exp_date[64], mod_date[64]; + + int life, kkvno, kvno; + + while(1){ + memset(&pr, 0, sizeof(pr)); + errno = 0; + if(fgets(line, sizeof(line), file) == NULL){ + if(errno != 0) + err (1, "fgets"); + break; + } + lineno++; + ret = sscanf(line, "%s %s %d %d %d %hd %lx %lx %s %s %s %s", + pr.name, pr.instance, + &life, &kkvno, &kvno, + &pr.attributes, + &key[0], &key[1], + exp_date, mod_date, + pr.mod_name, pr.mod_instance); + if(ret != 12){ + warnx("Line %d malformed (ignored)", lineno); + continue; + } + pr.key_low = ntohl (key[0]); + pr.key_high = ntohl (key[1]); + pr.max_life = life; + pr.kdc_key_ver = kkvno; + pr.key_version = kvno; + pr.exp_date = time_explode(exp_date); + pr.mod_date = time_explode(mod_date); + if (pr.instance[0] == '*') + pr.instance[0] = 0; + if (pr.mod_name[0] == '*') + pr.mod_name[0] = 0; + if (pr.mod_instance[0] == '*') + pr.mod_instance[0] = 0; + if (kerb_db_update(db, &pr, 1) != 1) { + warn ("store %s.%s aborted", + pr.name, pr.instance); + return 1; + } + } + return 0; +} + +static void +load_db (char *db_file, FILE *input_file) +{ + long *db; + int temp1; + int code; + char *temp_db_file; + + temp1 = strlen(db_file)+2; + temp_db_file = malloc (temp1); + strcpy(temp_db_file, db_file); + strcat(temp_db_file, "~"); + + /* Create the database */ + if ((code = kerb_db_create(temp_db_file)) != 0) + err (1, "creating temp database %s", temp_db_file); + kerb_db_set_name(temp_db_file); + db = kerb_db_begin_update(); + if (db == NULL) + err (1, "opening temp database %s", temp_db_file); + + if(add_file(db, input_file)) + errx (1, "Load aborted"); + + kerb_db_end_update(db); + if ((code = kerb_db_rename(temp_db_file, db_file)) != 0) + warn("database rename failed"); + fclose(input_file); + free(temp_db_file); +} + +static void +merge_db(char *db_file, FILE *input_file) +{ + void *db; + + db = kerb_db_begin_update(); + if(db == NULL) + err (1, "Couldn't open database"); + if(add_file(db, input_file)) + errx (1, "Merge aborted"); + kerb_db_end_update(db); +} + +static void +update_ok_file (char *file_name) +{ + /* handle slave locking/failure stuff */ + char *file_ok; + int fd; + static char ok[]=".dump_ok"; + + asprintf (&file_ok, "%s%s", file_name, ok); + if (file_ok == NULL) + errx (1, "out of memory"); + if ((fd = open(file_ok, O_WRONLY|O_CREAT|O_TRUNC, 0400)) < 0) + err (1, "Error creating %s", file_ok); + free(file_ok); + close(fd); +} + +static void +convert_key_new_master (Principal *p) +{ + des_cblock key; + + /* leave null keys alone */ + if ((p->key_low == 0) && (p->key_high == 0)) return; + + /* move current key to des_cblock for encryption, special case master key + since that's changing */ + if ((strncmp (p->name, KERB_M_NAME, ANAME_SZ) == 0) && + (strncmp (p->instance, KERB_M_INST, INST_SZ) == 0)) { + memcpy (key, new_master_key, sizeof(des_cblock)); + (p->key_version)++; + } else { + copy_to_key(&p->key_low, &p->key_high, key); + kdb_encrypt_key (&key, &key, &master_key, master_key_schedule, DES_DECRYPT); + } + + kdb_encrypt_key (&key, &key, &new_master_key, new_master_key_schedule, DES_ENCRYPT); + + copy_from_key(key, &(p->key_low), &(p->key_high)); + memset(key, 0, sizeof (key)); /* a little paranoia ... */ + + (p->kdc_key_ver)++; +} + +static void +clear_secrets (void) +{ + memset(master_key, 0, sizeof (des_cblock)); + memset(master_key_schedule, 0, sizeof (des_key_schedule)); + memset(new_master_key, 0, sizeof (des_cblock)); + memset(new_master_key_schedule, 0, sizeof (des_key_schedule)); +} + +static void +convert_new_master_key (char *db_file, FILE *out) +{ +#ifdef RANDOM_MKEY + errx (1, "Sorry, this function is not available with " + "the new master key scheme."); +#else + printf ("\n\nEnter the CURRENT master key."); + if (kdb_get_master_key (KDB_GET_PROMPT, &master_key, + master_key_schedule) != 0) { + clear_secrets (); + errx (1, "Couldn't get master key."); + } + + if (kdb_verify_master_key (&master_key, master_key_schedule, stderr) < 0) { + clear_secrets (); + exit (1); + } + + printf ("\n\nNow enter the NEW master key. Do not forget it!!"); + if (kdb_get_master_key (KDB_GET_TWICE, &new_master_key, + new_master_key_schedule) != 0) { + clear_secrets (); + errx (1, "Couldn't get new master key."); + } + + dump_db (db_file, out, convert_key_new_master); + { + char fname[128]; + snprintf(fname, sizeof(fname), "%s.new", MKEYFILE); + kdb_kstash(&new_master_key, fname); + } +#endif /* RANDOM_MKEY */ +} + +static void +convert_key_old_db (Principal *p) +{ + des_cblock key; + + /* leave null keys alone */ + if ((p->key_low == 0) && (p->key_high == 0)) return; + + copy_to_key(&p->key_low, &p->key_high, key); + +#ifndef NOENCRYPTION + des_pcbc_encrypt((des_cblock *)key,(des_cblock *)key, + (long)sizeof(des_cblock),master_key_schedule, + (des_cblock *)master_key_schedule, DES_DECRYPT); +#endif + + /* make new key, new style */ + kdb_encrypt_key (&key, &key, &master_key, master_key_schedule, DES_ENCRYPT); + + copy_from_key(key, &(p->key_low), &(p->key_high)); + memset(key, 0, sizeof (key)); /* a little paranoia ... */ +} + +static void +convert_old_format_db (char *db_file, FILE *out) +{ + des_cblock key_from_db; + Principal principal_data[1]; + int n, more; + + if (kdb_get_master_key (KDB_GET_PROMPT, &master_key, + master_key_schedule) != 0L) { + clear_secrets(); + errx (1, "Couldn't get master key."); + } + + /* can't call kdb_verify_master_key because this is an old style db */ + /* lookup the master key version */ + n = kerb_get_principal(KERB_M_NAME, KERB_M_INST, principal_data, + 1 /* only one please */, &more); + if ((n != 1) || more) + errx (1, "verify_master_key: Kerberos error on master key lookup, %d found.\n", n); + + /* set up the master key */ + fprintf(stderr, "Current Kerberos master key version is %d.\n", + principal_data[0].kdc_key_ver); + + /* + * now use the master key to decrypt (old style) the key in the db, had better + * be the same! + */ + copy_to_key(&principal_data[0].key_low, + &principal_data[0].key_high, + key_from_db); +#ifndef NOENCRYPTION + des_pcbc_encrypt(&key_from_db,&key_from_db,(long)sizeof(key_from_db), + master_key_schedule,(des_cblock *)master_key_schedule, DES_DECRYPT); +#endif + /* the decrypted database key had better equal the master key */ + + n = memcmp(master_key, key_from_db, sizeof(master_key)); + memset(key_from_db, 0, sizeof(key_from_db)); + + if (n) { + fprintf(stderr, "\n\07\07verify_master_key: Invalid master key, "); + fprintf(stderr, "does not match database.\n"); + exit (1); + } + + fprintf(stderr, "Master key verified.\n"); + + dump_db (db_file, out, convert_key_old_db); +} + +int +main(int argc, char **argv) +{ + int ret; + FILE *file; + enum { + OP_LOAD, + OP_MERGE, + OP_DUMP, + OP_SLAVE_DUMP, + OP_NEW_MASTER, + OP_CONVERT_OLD_DB + } op; + char *file_name; + char *db_name; + + set_progname (argv[0]); + + if (argc != 3 && argc != 4) { + fprintf(stderr, "Usage: %s operation file [database name].\n", + argv[0]); + fprintf(stderr, "Operation is one of: " + "load, merge, dump, slave_dump, new_master_key, " + "convert_old_db\n"); + exit(1); + } + if (argc == 3) + db_name = DBM_FILE; + else + db_name = argv[3]; + + ret = kerb_db_set_name (db_name); + + /* this makes starting slave servers ~14.3 times easier */ + if(ret && strcmp(argv[1], "load") == 0) + ret = kerb_db_create (db_name); + + if(ret) + err (1, "Can't open database"); + + if (!strcmp(argv[1], "load")) + op = OP_LOAD; + else if (!strcmp(argv[1], "merge")) + op = OP_MERGE; + else if (!strcmp(argv[1], "dump")) + op = OP_DUMP; + else if (!strcmp(argv[1], "slave_dump")) + op = OP_SLAVE_DUMP; + else if (!strcmp(argv[1], "new_master_key")) + op = OP_NEW_MASTER; + else if (!strcmp(argv[1], "convert_old_db")) + op = OP_CONVERT_OLD_DB; + else { + warnx ("%s is an invalid operation.", argv[1]); + warnx ("Valid operations are \"load\", \"merge\", " + "\"dump\", \"slave_dump\", \"new_master_key\", " + "and \"convert_old_db\""); + return 1; + } + + file_name = argv[2]; + file = fopen(file_name, (op == OP_LOAD || op == OP_MERGE) ? "r" : "w"); + if (file == NULL) + err (1, "open %s", argv[2]); + + switch (op) { + case OP_DUMP: + if ((dump_db (db_name, file, (void (*)(Principal *)) 0) == EOF) || + (fclose(file) == EOF)) + err (1, "%s", file_name); + break; + case OP_SLAVE_DUMP: + if ((dump_db (db_name, file, (void (*)(Principal *)) 0) == EOF) || + (fclose(file) == EOF)) + err (1, "%s", file_name); + update_ok_file (file_name); + break; + case OP_LOAD: + load_db (db_name, file); + break; + case OP_MERGE: + merge_db (db_name, file); + break; + case OP_NEW_MASTER: + convert_new_master_key (db_name, file); + printf("Don't forget to do a `kdb_util load %s' to reload the database!\n", file_name); + break; + case OP_CONVERT_OLD_DB: + convert_old_format_db (db_name, file); + printf("Don't forget to do a `kdb_util load %s' to reload the database!\n", file_name); + break; + } + return 0; +} diff --git a/crypto/kerberosIV/admin/kstash.c b/crypto/kerberosIV/admin/kstash.c new file mode 100644 index 0000000..4595de5 --- /dev/null +++ b/crypto/kerberosIV/admin/kstash.c @@ -0,0 +1,56 @@ +/* + * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute + * of Technology + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * Description. + */ + +#include "adm_locl.h" + +RCSID("$Id: kstash.c,v 1.10 1997/03/30 17:35:37 assar Exp $"); + +/* change this later, but krblib_dbm needs it for now */ + +static des_cblock master_key; +static des_key_schedule master_key_schedule; + +static void +clear_secrets(void) +{ + memset(master_key_schedule, 0, sizeof(master_key_schedule)); + memset(master_key, 0, sizeof(master_key)); +} + +int +main(int argc, char **argv) +{ + long n; + int ret = 0; + set_progname (argv[0]); + + if ((n = kerb_init())) + errx(1, "Kerberos db and cache init failed = %ld\n", n); + + if (kdb_get_master_key (KDB_GET_PROMPT, &master_key, + master_key_schedule) != 0) { + clear_secrets(); + errx(1, "Couldn't read master key."); + } + + if (kdb_verify_master_key (&master_key, master_key_schedule, stderr) < 0) { + clear_secrets(); + return 1; + } + + ret = kdb_kstash(&master_key, MKEYFILE); + if(ret < 0) + warn("writing master key"); + else + fprintf(stderr, "Wrote master key to %s\n", MKEYFILE); + + clear_secrets(); + return ret; +} |
