From 534f2111ab41ed63024d811a3d8f5b81256d83a9 Mon Sep 17 00:00:00 2001
From: Jon Robertson <jonrober@stanford.edu>
Date: Tue, 27 Jul 2010 12:40:12 -0700
Subject: Adding wallet rekey capability -- work in progress, testing

First, testing version of wallet rekey code, committed in order to get
feedback from Russ.  This code will eventually take an existing keytab
file, and for every principal belonging to our default realm in it, get
new versions of that keytab and merge them into the file.  This allows
for quietly rekeying principals automatically.
---
 client/wallet.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'client/wallet.c')

diff --git a/client/wallet.c b/client/wallet.c
index e6d8eb9..9c1eb09 100644
--- a/client/wallet.c
+++ b/client/wallet.c
@@ -194,7 +194,7 @@ main(int argc, char *argv[])
     }
     argc -= optind;
     argv += optind;
-    if (argc < 3)
+    if (argc < 3 && strcmp(argv[0], "rekey") != 0)
         usage(1);
 
     /* -f is only supported for get and store and -S with get keytab. */
@@ -242,6 +242,10 @@ main(int argc, char *argv[])
         } else {
             status = get_file(r, options.type, argv[1], argv[2], file);
         }
+    } else if (strcmp(argv[0], "rekey") == 0) {
+        if (argc > 2)
+            die("too many arguments");
+        status = rekey_keytab(r, ctx, "keytab", argv[1]);
     } else {
         count = argc + 1;
         if (strcmp(argv[0], "store") == 0) {
-- 
cgit v1.2.3