summaryrefslogtreecommitdiffstats
path: root/crypto/kerberosIV/kadmin
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/kerberosIV/kadmin')
-rw-r--r--crypto/kerberosIV/kadmin/kadmin.c4
-rw-r--r--crypto/kerberosIV/kadmin/ksrvutil.c14
-rw-r--r--crypto/kerberosIV/kadmin/ksrvutil_get.c12
-rw-r--r--crypto/kerberosIV/kadmin/random_password.c5
4 files changed, 10 insertions, 25 deletions
diff --git a/crypto/kerberosIV/kadmin/kadmin.c b/crypto/kerberosIV/kadmin/kadmin.c
index 76abda5..a0d5d83 100644
--- a/crypto/kerberosIV/kadmin/kadmin.c
+++ b/crypto/kerberosIV/kadmin/kadmin.c
@@ -18,6 +18,7 @@ this software for any purpose. It is provided "as is" without express
or implied warranty.
*/
+/* $FreeBSD$ */
/*
* Kerberos database administrator's tool.
@@ -212,7 +213,7 @@ passwd_to_lowhigh(u_int32_t *low, u_int32_t *high, char *password, int byteswap)
#ifdef NOENCRYPTION
memset(newkey, 0, sizeof(newkey));
#else
- des_new_random_key(&newkey);
+ des_random_key(newkey);
#endif
} else {
#ifdef NOENCRYPTION
@@ -288,7 +289,6 @@ get_admin_password(void)
/* Initialize non shared random sequence from session key. */
memset(&c, 0, sizeof(c));
krb_get_cred(PWSERV_NAME, KADM_SINST, krbrlm, &c);
- des_init_random_number_generator(&c.session);
}
else
status = KDC_PR_UNKNOWN;
diff --git a/crypto/kerberosIV/kadmin/ksrvutil.c b/crypto/kerberosIV/kadmin/ksrvutil.c
index 38722a0..0770a03 100644
--- a/crypto/kerberosIV/kadmin/ksrvutil.c
+++ b/crypto/kerberosIV/kadmin/ksrvutil.c
@@ -18,6 +18,7 @@ this software for any purpose. It is provided "as is" without express
or implied warranty.
*/
+/* $FreeBSD$ */
/*
* list and update contents of srvtab files
@@ -228,7 +229,7 @@ get_svc_new_key(des_cblock *new_key, char *sname, char *sinst,
memset(new_key, 0, sizeof(des_cblock));
(*new_key)[0] = (unsigned char) 1;
#else /* NOENCRYPTION */
- des_new_random_key(new_key);
+ des_random_key(*new_key);
#endif /* NOENCRYPTION */
return(KADM_SUCCESS);
}
@@ -494,17 +495,6 @@ main(int argc, char **argv)
printf("Not changing this key.\n");
if (change_this_key) {
- /*
- * This is not a good choice of seed when/if the
- * key has been compromised so we also use a
- * random sequence number!
- */
- des_init_random_number_generator(&old_key);
- {
- des_cblock seqnum;
- des_generate_random_block(&seqnum);
- des_set_sequence_number((unsigned char *)&seqnum);
- }
/*
* Pick a new key and determine whether or not
* it is safe to change
diff --git a/crypto/kerberosIV/kadmin/ksrvutil_get.c b/crypto/kerberosIV/kadmin/ksrvutil_get.c
index a08b10d..dc7b6c0 100644
--- a/crypto/kerberosIV/kadmin/ksrvutil_get.c
+++ b/crypto/kerberosIV/kadmin/ksrvutil_get.c
@@ -30,6 +30,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
+/* $FreeBSD$ */
#include "kadm_locl.h"
#include "ksrvutil.h"
@@ -82,11 +83,6 @@ get_admin_password(char *myname, char *myinst, char *myrealm)
status = krb_get_pw_in_tkt(myname, myinst, myrealm, PWSERV_NAME,
KADM_SINST, ticket_life, admin_passwd);
memset(admin_passwd, 0, sizeof(admin_passwd));
-
- /* Initialize non shared random sequence from session key. */
- memset(&c, 0, sizeof(c));
- krb_get_cred(PWSERV_NAME, KADM_SINST, myrealm, &c);
- des_init_random_number_generator(&c.session);
} else
status = KDC_PR_UNKNOWN;
@@ -190,7 +186,7 @@ get_srvtab_ent(int unique_filename, int fd, char *filename,
memset(&values, 0, sizeof(values));
strlcpy(values.name, name, sizeof(values.name));
strlcpy(values.instance, inst, sizeof(values.instance));
- des_new_random_key(&newkey);
+ des_random_key(newkey);
values.key_low = (newkey[0] << 24) | (newkey[1] << 16)
| (newkey[2] << 8) | (newkey[3] << 0);
values.key_high = (newkey[4] << 24) | (newkey[5] << 16)
@@ -295,9 +291,7 @@ ksrvutil_kadm(int unique_filename, int fd, char *filename, struct srv_ent *p)
}
ret = krb_get_cred (PWSERV_NAME, KADM_SINST, u_realm, &c);
- if (ret == KSUCCESS)
- des_init_random_number_generator (&c.session);
- else {
+ if (ret != KSUCCESS) {
umask(077);
/*
diff --git a/crypto/kerberosIV/kadmin/random_password.c b/crypto/kerberosIV/kadmin/random_password.c
index ec8309e..ca9855a 100644
--- a/crypto/kerberosIV/kadmin/random_password.c
+++ b/crypto/kerberosIV/kadmin/random_password.c
@@ -30,6 +30,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
+/* $FreeBSD$ */
#include "kadm_locl.h"
@@ -57,7 +58,7 @@ random_password(char *pw, size_t len, u_int32_t *low, u_int32_t *high)
{
des_cblock newkey;
#ifdef OTP_STYLE
- des_new_random_key(&newkey);
+ des_random_key(&newkey);
otp_print_stddict (newkey, pw, len);
strlwr(pw);
#else
@@ -87,7 +88,7 @@ static int
RND(des_cblock *key, int *left)
{
if(*left == 0){
- des_new_random_key(key);
+ des_random_key(*key);
*left = 8;
}
(*left)--;
OpenPOWER on IntegriCloud