diff options
| author | Russ Allbery <rra@stanford.edu> | 2010-02-21 17:45:55 -0800 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2010-02-21 17:45:55 -0800 |
| commit | 60210334fa3dbd5dd168199063c6ee850d750d0c (patch) | |
| tree | 31e832ba6788076075d38e20ffd27ebf09430407 /client/srvtab.c | |
| parent | e571a8eb96f42de5a114cf11ff1c3d63e5a8d301 (diff) | |
Imported Upstream version 0.10
Diffstat (limited to 'client/srvtab.c')
| -rw-r--r-- | client/srvtab.c | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/client/srvtab.c b/client/srvtab.c index 2e4ea2d..b26e6fc 100644 --- a/client/srvtab.c +++ b/client/srvtab.c @@ -1,20 +1,19 @@ -/* $Id$ - * +/* * Implementation of srvtab handling for the wallet client. * * Written by Russ Allbery <rra@stanford.edu> - * Copyright 2007, 2008 Board of Trustees, Leland Stanford Jr. University + * Copyright 2007, 2008, 2010 Board of Trustees, Leland Stanford Jr. University * * See LICENSE for licensing terms. */ #include <config.h> +#include <portable/krb5.h> #include <portable/system.h> -#include <krb5.h> - #include <client/internal.h> -#include <util/util.h> +#include <util/messages-krb5.h> +#include <util/messages.h> #ifndef KRB5_KRB4_COMPAT # define ANAME_SZ 40 @@ -29,10 +28,6 @@ * keytab and write it to the newly created srvtab file as a srvtab. Convert * the principal from Kerberos v5 form to Kerberos v4 form. * - * We always force the kvno to 0 for the srvtab. This works with how the - * wallet synchronizes keys with kasetkey, even though it's not particularly - * correct. - * * On any failure, print an error message to standard error and then exit. */ void @@ -59,8 +54,13 @@ write_srvtab(krb5_context ctx, const char *srvtab, const char *principal, ret = krb5_kt_get_entry(ctx, kt, princ, 0, ENCTYPE_DES_CBC_CRC, &entry); if (ret != 0) die_krb5(ctx, ret, "error reading DES key from keytab %s", keytab); +#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK + if (entry.keyblock.keyvalue.length != 8) + die("invalid DES key length in keytab"); +#else if (entry.key.length != 8) die("invalid DES key length in keytab"); +#endif krb5_kt_close(ctx, kt); /* Convert the principal to a Kerberos v4 principal. */ @@ -80,10 +80,14 @@ write_srvtab(krb5_context ctx, const char *srvtab, const char *principal, strcpy(data + length, realm); length += strlen(realm); data[length++] = '\0'; - data[length++] = '\0'; + data[length++] = (unsigned char) entry.vno; +#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK + memcpy(data + length, entry.keyblock.keyvalue.data, 8); +#else memcpy(data + length, entry.key.contents, 8); +#endif length += 8; - krb5_free_keytab_entry_contents(ctx, &entry); + krb5_kt_free_entry(ctx, &entry); /* Write out the srvtab file. */ write_file(srvtab, data, length); |