summaryrefslogtreecommitdiffstats
path: root/src/tests
diff options
context:
space:
mode:
Diffstat (limited to 'src/tests')
-rw-r--r--src/tests/create/ChangeLog4
-rw-r--r--src/tests/create/kdb5_mkdums.c36
-rw-r--r--src/tests/verify/ChangeLog4
-rw-r--r--src/tests/verify/kdb5_verify.c34
4 files changed, 67 insertions, 11 deletions
diff --git a/src/tests/create/ChangeLog b/src/tests/create/ChangeLog
index 2b44c7386d..bcc3ca1c5d 100644
--- a/src/tests/create/ChangeLog
+++ b/src/tests/create/ChangeLog
@@ -1,5 +1,9 @@
Thu Oct 6 12:41:28 1994 Theodore Y. Ts'o (tytso@dcl)
+ * kdb5_mkdums.c (main, set_dbname_help): Allow master key password
+ to be passed in on the command line; to make testing
+ scripts simpler.
+
* kdb5_mkdums.c (add_princ): Initialize all the fields of the
principal.
diff --git a/src/tests/create/kdb5_mkdums.c b/src/tests/create/kdb5_mkdums.c
index 45755de9d1..5edb4ffbce 100644
--- a/src/tests/create/kdb5_mkdums.c
+++ b/src/tests/create/kdb5_mkdums.c
@@ -80,6 +80,7 @@ krb5_pointer master_random;
static char *progname;
static char *cur_realm = 0;
static char *mkey_name = 0;
+static char *mkey_password = 0;
static krb5_boolean manual_mkey = FALSE;
static krb5_boolean dbactive = FALSE;
@@ -128,16 +129,19 @@ char *argv[];
num_to_create = 0;
depth = 1;
- while ((optchar = getopt(argc, argv, "D:p:n:d:r:k:M:e:m")) != EOF) {
+ while ((optchar = getopt(argc, argv, "D:P:p:n:d:r:k:M:e:m")) != EOF) {
switch(optchar) {
case 'D':
depth = atoi(optarg); /* how deep to go */
break;
+ case 'P': /* Only used for testing!!! */
+ mkey_password = optarg;
+ break;
case 'p': /* prefix name to create */
strcpy(principal_string, optarg);
suffix = principal_string + strlen(principal_string);
break;
- case 'n': /* how many to create */
+ case 'n': /* how many to create */
num_to_create = atoi(optarg);
break;
case 'd': /* set db name */
@@ -328,6 +332,7 @@ char *dbname;
int nentries;
krb5_boolean more;
register krb5_cryptosystem_entry *csentry;
+ krb5_data pwd, scratch;
csentry = master_encblock.crypto_entry;
@@ -343,10 +348,29 @@ char *dbname;
com_err(pname, retval, "while setting up master key name");
return(1);
}
- if (retval = krb5_db_fetch_mkey(master_princ, &master_encblock,
- manual_mkey, FALSE, 0, &master_keyblock)) {
- com_err(pname, retval, "while reading master key");
- return(1);
+ if (mkey_password) {
+ pwd.data = mkey_password;
+ pwd.length = strlen(mkey_password);
+ retval = krb5_principal2salt(master_princ, &scratch);
+ if (retval) {
+ com_err(pname, retval, "while calculated master key salt");
+ return(1);
+ }
+ retval = krb5_string_to_key(&master_encblock, master_keyblock.keytype,
+ &master_keyblock, &pwd, &scratch);
+ if (retval) {
+ com_err(pname, retval,
+ "while transforming master key from password");
+ return(1);
+ }
+ free(scratch.data);
+ } else {
+ if (retval = krb5_db_fetch_mkey(master_princ, &master_encblock,
+ manual_mkey, FALSE, 0,
+ &master_keyblock)) {
+ com_err(pname, retval, "while reading master key");
+ return(1);
+ }
}
if (retval = krb5_db_init()) {
com_err(pname, retval, "while initializing database");
diff --git a/src/tests/verify/ChangeLog b/src/tests/verify/ChangeLog
index 05c9aaa48a..7da8d06543 100644
--- a/src/tests/verify/ChangeLog
+++ b/src/tests/verify/ChangeLog
@@ -1,5 +1,9 @@
Thu Oct 6 12:42:47 1994 Theodore Y. Ts'o (tytso@dcl)
+ * kdb5_verify.c (main, set_dbname_help): Allow master key password
+ to be passed in on the command line; to make testing
+ scripts simpler.
+
* kdb5_verify.c (check_princ): Check to make sure key version
number is 1, not 0.
diff --git a/src/tests/verify/kdb5_verify.c b/src/tests/verify/kdb5_verify.c
index c2f0813265..d5671e0ba8 100644
--- a/src/tests/verify/kdb5_verify.c
+++ b/src/tests/verify/kdb5_verify.c
@@ -81,6 +81,7 @@ char *str_master_princ;
static char *progname;
static char *cur_realm = 0;
static char *mkey_name = 0;
+static char *mkey_password = 0;
static krb5_boolean manual_mkey = FALSE;
static krb5_boolean dbactive = FALSE;
@@ -128,11 +129,14 @@ char *argv[];
num_to_check = 0;
depth = 1;
- while ((optchar = getopt(argc, argv, "D:p:n:d:r:R:k:M:e:m")) != EOF) {
+ while ((optchar = getopt(argc, argv, "D:P:p:n:d:r:R:k:M:e:m")) != EOF) {
switch(optchar) {
case 'D':
depth = atoi(optarg); /* how deep to go */
break;
+ case 'P': /* Only used for testing!!! */
+ mkey_password = optarg;
+ break;
case 'p': /* prefix name to check */
strcpy(principal_string, optarg);
suffix = principal_string + strlen(principal_string);
@@ -376,6 +380,7 @@ char *dbname;
int nentries;
krb5_boolean more;
register krb5_cryptosystem_entry *csentry;
+ krb5_data pwd, scratch;
csentry = master_encblock.crypto_entry;
@@ -391,10 +396,29 @@ char *dbname;
com_err(pname, retval, "while setting up master key name");
return(1);
}
- if (retval = krb5_db_fetch_mkey(master_princ, &master_encblock,
- manual_mkey, FALSE, 0, &master_keyblock)) {
- com_err(pname, retval, "while reading master key");
- return(1);
+ if (mkey_password) {
+ pwd.data = mkey_password;
+ pwd.length = strlen(mkey_password);
+ retval = krb5_principal2salt(master_princ, &scratch);
+ if (retval) {
+ com_err(pname, retval, "while calculated master key salt");
+ return(1);
+ }
+ retval = krb5_string_to_key(&master_encblock, master_keyblock.keytype,
+ &master_keyblock, &pwd, &scratch);
+ if (retval) {
+ com_err(pname, retval,
+ "while transforming master key from password");
+ return(1);
+ }
+ free(scratch.data);
+ } else {
+ if (retval = krb5_db_fetch_mkey(master_princ, &master_encblock,
+ manual_mkey, FALSE, 0,
+ &master_keyblock)) {
+ com_err(pname, retval, "while reading master key");
+ return(1);
+ }
}
if (retval = krb5_db_init()) {
com_err(pname, retval, "while initializing database");