diff options
| author | Mark Eichin <eichin@mit.edu> | 1996-02-25 01:35:18 +0000 |
|---|---|---|
| committer | Mark Eichin <eichin@mit.edu> | 1996-02-25 01:35:18 +0000 |
| commit | 0a262255285725757e32208f5b3d4b3fe5b8e84f (patch) | |
| tree | cfb1c9810b3658d115ec63ae2bd85342ffb5910b | |
| parent | 802b0de1893835e5980e3ae3cd7c4922b2ebc175 (diff) | |
| download | krb5-0a262255285725757e32208f5b3d4b3fe5b8e84f.tar.gz krb5-0a262255285725757e32208f5b3d4b3fe5b8e84f.tar.xz krb5-0a262255285725757e32208f5b3d4b3fe5b8e84f.zip | |
With this change, lddb -old actually *works* on old dumps..
* dump.c (process_k5beta_record): encrypted keys used to have 4
byte lengths in MSB order, need to convert to 2 byte LSB order
lengths before storing. Handle primary key and alternate key.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7534 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/admin/edit/ChangeLog | 6 | ||||
| -rw-r--r-- | src/admin/edit/dump.c | 41 |
2 files changed, 46 insertions, 1 deletions
diff --git a/src/admin/edit/ChangeLog b/src/admin/edit/ChangeLog index db8424b59..24fba1771 100644 --- a/src/admin/edit/ChangeLog +++ b/src/admin/edit/ChangeLog @@ -1,3 +1,9 @@ +Sat Feb 24 04:02:18 1996 Mark W. Eichin <eichin@cygnus.com> + + * dump.c (process_k5beta_record): encrypted keys used to have 4 + byte lengths in MSB order, need to convert to 2 byte LSB order + lengths before storing. Handle primary key and alternate key. + Fri Feb 23 18:44:10 1996 Mark Eichin <eichin@cygnus.com> * kdb5_edit.c (kdb5_edit_Init): set manual_mkey for testing with -P diff --git a/src/admin/edit/dump.c b/src/admin/edit/dump.c index c96c50af4..2dd3aec0b 100644 --- a/src/admin/edit/dump.c +++ b/src/admin/edit/dump.c @@ -996,13 +996,32 @@ process_k5beta_record(fname, kcontext, filep, verbose, linenop) error++; } pkey->key_data_type[0] = tmpint1; - /* Read the key */ + /* Read the old format key */ if (!error && read_octet_string(filep, pkey->key_data_contents[0], pkey->key_data_length[0])) { try2read = read_key_data; error++; } + /* convert to a new format key */ + /* the encrypted version is stored as the unencrypted key length + (4 bytes, MSB first) followed by the encrypted key. */ + if ((pkey->key_data_length[0] > 4) + && (pkey->key_data_contents[0][0] == 0) + && (pkey->key_data_contents[0][1] == 0)) { + /* this really does look like an old key, so drop and swap */ + /* the *new* length is 2 bytes, LSB first, sigh. */ + size_t shortlen = pkey->key_data_length[0]-4+2; + char *shortcopy = (krb5_octet *) malloc(shortlen); + char *origdata = pkey->key_data_contents[0]; + shortcopy[0] = origdata[3]; + shortcopy[1] = origdata[2]; + memcpy(shortcopy+2,origdata+4,shortlen-2); + free(origdata); + pkey->key_data_length[0] = shortlen; + pkey->key_data_contents[0] = shortcopy; + } + /* Read principal attributes */ if (!error && (fscanf(filep, "\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t", @@ -1053,6 +1072,26 @@ process_k5beta_record(fname, kcontext, filep, verbose, linenop) try2read = read_akey_data; error++; } + + /* convert to a new format key */ + /* the encrypted version is stored as the unencrypted key length + (4 bytes, MSB first) followed by the encrypted key. */ + if ((akey->key_data_length[0] > 4) + && (akey->key_data_contents[0][0] == 0) + && (akey->key_data_contents[0][1] == 0)) { + /* this really does look like an old key, so drop and swap */ + /* the *new* length is 2 bytes, LSB first, sigh. */ + size_t shortlen = akey->key_data_length[0]-4+2; + char *shortcopy = (krb5_octet *) malloc(shortlen); + char *origdata = akey->key_data_contents[0]; + shortcopy[0] = origdata[3]; + shortcopy[1] = origdata[2]; + memcpy(shortcopy+2,origdata+4,shortlen-2); + free(origdata); + akey->key_data_length[0] = shortlen; + akey->key_data_contents[0] = shortcopy; + } + /* Read alternate salt type */ if (!error && (fscanf(filep, "\t%u\t", &tmpint1) != 1)) { try2read = read_asalt_type; |