diff options
Diffstat (limited to 'crypto/kerberosIV/kadmin')
-rw-r--r-- | crypto/kerberosIV/kadmin/kadmin.c | 4 | ||||
-rw-r--r-- | crypto/kerberosIV/kadmin/ksrvutil.c | 14 | ||||
-rw-r--r-- | crypto/kerberosIV/kadmin/ksrvutil_get.c | 12 | ||||
-rw-r--r-- | crypto/kerberosIV/kadmin/random_password.c | 5 |
4 files changed, 10 insertions, 25 deletions
diff --git a/crypto/kerberosIV/kadmin/kadmin.c b/crypto/kerberosIV/kadmin/kadmin.c index 76abda5..a0d5d83 100644 --- a/crypto/kerberosIV/kadmin/kadmin.c +++ b/crypto/kerberosIV/kadmin/kadmin.c @@ -18,6 +18,7 @@ this software for any purpose. It is provided "as is" without express or implied warranty. */ +/* $FreeBSD$ */ /* * Kerberos database administrator's tool. @@ -212,7 +213,7 @@ passwd_to_lowhigh(u_int32_t *low, u_int32_t *high, char *password, int byteswap) #ifdef NOENCRYPTION memset(newkey, 0, sizeof(newkey)); #else - des_new_random_key(&newkey); + des_random_key(newkey); #endif } else { #ifdef NOENCRYPTION @@ -288,7 +289,6 @@ get_admin_password(void) /* Initialize non shared random sequence from session key. */ memset(&c, 0, sizeof(c)); krb_get_cred(PWSERV_NAME, KADM_SINST, krbrlm, &c); - des_init_random_number_generator(&c.session); } else status = KDC_PR_UNKNOWN; diff --git a/crypto/kerberosIV/kadmin/ksrvutil.c b/crypto/kerberosIV/kadmin/ksrvutil.c index 38722a0..0770a03 100644 --- a/crypto/kerberosIV/kadmin/ksrvutil.c +++ b/crypto/kerberosIV/kadmin/ksrvutil.c @@ -18,6 +18,7 @@ this software for any purpose. It is provided "as is" without express or implied warranty. */ +/* $FreeBSD$ */ /* * list and update contents of srvtab files @@ -228,7 +229,7 @@ get_svc_new_key(des_cblock *new_key, char *sname, char *sinst, memset(new_key, 0, sizeof(des_cblock)); (*new_key)[0] = (unsigned char) 1; #else /* NOENCRYPTION */ - des_new_random_key(new_key); + des_random_key(*new_key); #endif /* NOENCRYPTION */ return(KADM_SUCCESS); } @@ -494,17 +495,6 @@ main(int argc, char **argv) printf("Not changing this key.\n"); if (change_this_key) { - /* - * This is not a good choice of seed when/if the - * key has been compromised so we also use a - * random sequence number! - */ - des_init_random_number_generator(&old_key); - { - des_cblock seqnum; - des_generate_random_block(&seqnum); - des_set_sequence_number((unsigned char *)&seqnum); - } /* * Pick a new key and determine whether or not * it is safe to change diff --git a/crypto/kerberosIV/kadmin/ksrvutil_get.c b/crypto/kerberosIV/kadmin/ksrvutil_get.c index a08b10d..dc7b6c0 100644 --- a/crypto/kerberosIV/kadmin/ksrvutil_get.c +++ b/crypto/kerberosIV/kadmin/ksrvutil_get.c @@ -30,6 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ +/* $FreeBSD$ */ #include "kadm_locl.h" #include "ksrvutil.h" @@ -82,11 +83,6 @@ get_admin_password(char *myname, char *myinst, char *myrealm) status = krb_get_pw_in_tkt(myname, myinst, myrealm, PWSERV_NAME, KADM_SINST, ticket_life, admin_passwd); memset(admin_passwd, 0, sizeof(admin_passwd)); - - /* Initialize non shared random sequence from session key. */ - memset(&c, 0, sizeof(c)); - krb_get_cred(PWSERV_NAME, KADM_SINST, myrealm, &c); - des_init_random_number_generator(&c.session); } else status = KDC_PR_UNKNOWN; @@ -190,7 +186,7 @@ get_srvtab_ent(int unique_filename, int fd, char *filename, memset(&values, 0, sizeof(values)); strlcpy(values.name, name, sizeof(values.name)); strlcpy(values.instance, inst, sizeof(values.instance)); - des_new_random_key(&newkey); + des_random_key(newkey); values.key_low = (newkey[0] << 24) | (newkey[1] << 16) | (newkey[2] << 8) | (newkey[3] << 0); values.key_high = (newkey[4] << 24) | (newkey[5] << 16) @@ -295,9 +291,7 @@ ksrvutil_kadm(int unique_filename, int fd, char *filename, struct srv_ent *p) } ret = krb_get_cred (PWSERV_NAME, KADM_SINST, u_realm, &c); - if (ret == KSUCCESS) - des_init_random_number_generator (&c.session); - else { + if (ret != KSUCCESS) { umask(077); /* diff --git a/crypto/kerberosIV/kadmin/random_password.c b/crypto/kerberosIV/kadmin/random_password.c index ec8309e..ca9855a 100644 --- a/crypto/kerberosIV/kadmin/random_password.c +++ b/crypto/kerberosIV/kadmin/random_password.c @@ -30,6 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ +/* $FreeBSD$ */ #include "kadm_locl.h" @@ -57,7 +58,7 @@ random_password(char *pw, size_t len, u_int32_t *low, u_int32_t *high) { des_cblock newkey; #ifdef OTP_STYLE - des_new_random_key(&newkey); + des_random_key(&newkey); otp_print_stddict (newkey, pw, len); strlwr(pw); #else @@ -87,7 +88,7 @@ static int RND(des_cblock *key, int *left) { if(*left == 0){ - des_new_random_key(key); + des_random_key(*key); *left = 8; } (*left)--; |