diff options
| author | Simo Sorce <simo@redhat.com> | 2013-09-17 00:28:32 -0400 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2014-06-26 10:30:53 +0200 |
| commit | 88bcf5899c3bd12b05d017436df0fc1374c954a5 (patch) | |
| tree | 192389aaffbfd7359dd6020016ab9edc08260de5 /util | |
| parent | d04746cdea312eb630e6466162c322593187ab8b (diff) | |
| download | freeipa-88bcf5899c3bd12b05d017436df0fc1374c954a5.tar.gz freeipa-88bcf5899c3bd12b05d017436df0fc1374c954a5.tar.xz freeipa-88bcf5899c3bd12b05d017436df0fc1374c954a5.zip | |
keytabs: Expose and modify key encoding function
Make it available outside of the encoding.c file for use in a follow-up
patch. Add option to not pass a password and generate a random key
instead.
Related:
https://fedorahosted.org/freeipa/ticket/3859
Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
Diffstat (limited to 'util')
| -rw-r--r-- | util/ipa_krb5.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/util/ipa_krb5.c b/util/ipa_krb5.c index cc84f9920..2a94b1944 100644 --- a/util/ipa_krb5.c +++ b/util/ipa_krb5.c @@ -212,9 +212,15 @@ krb5_error_code ipa_krb5_generate_key_data(krb5_context krbctx, /* need to build the key now to manage the AFS salt.length * special case */ - kerr = krb5_c_string_to_key(krbctx, - encsalts[i].ks_enctype, - &pwd, &salt, &key); + if (pwd.data == NULL) { + kerr = krb5_c_make_random_key(krbctx, + encsalts[i].ks_enctype, + &key); + } else { + kerr = krb5_c_string_to_key(krbctx, + encsalts[i].ks_enctype, + &pwd, &salt, &key); + } if (kerr) { krb5_free_data_contents(krbctx, &salt); goto done; |