Add KDC profile and stash file support

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6304 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 65 insertions, 3 deletions

diff --git a/src/admin/create/ChangeLog b/src/admin/create/ChangeLog
index 0ccc3886b..79a305406 100644
--- a/src/admin/create/ChangeLog
+++ b/src/admin/create/ChangeLog
@@ -1,4 +1,11 @@
 
+Mon Jul 17 14:58:00 EDT 1995	Paul Park	(pjpark@mit.edu)
+	* configure.in - Add KADM library.
+	* kdb5_create.c - Add KDC profile reading/handling as a supplement to
+		command line supplied arguments.  Change calling sequence to
+		krb5_db_fetch_mkey().
+
+
 Fri Jul 7 15:36:00 EDT 1995	Paul Park	(pjpark@mit.edu)
 	* Makefile.in - Remove all explicit library handling and LDFLAGS.
 	* configure.in - Add USE_KDB5_LIBRARY and KRB5_LIBRARIES.
diff --git a/src/admin/create/configure.in b/src/admin/create/configure.in
index 7defabde6..09e936347 100644
--- a/src/admin/create/configure.in
+++ b/src/admin/create/configure.in
@@ -15,6 +15,7 @@ else
 fi
 AC_SUBST(DBFLAGS)dnl
 dnl
+USE_KADM_LIBRARY
 USE_KDB5_LIBRARY
 KRB5_LIBRARIES
 V5_USE_SHARED_LIB
diff --git a/src/admin/create/kdb5_create.c b/src/admin/create/kdb5_create.c
index eaaf248a9..07d724130 100644
--- a/src/admin/create/kdb5_create.c
+++ b/src/admin/create/kdb5_create.c
@@ -26,6 +26,8 @@
 
 #include "k5-int.h"
 #include "com_err.h"
+#include "adm.h"
+#include "adm_proto.h"
 #include <stdio.h>
 
 enum ap_op {
@@ -118,7 +120,7 @@ char *argv[];
     int optchar;
 
     krb5_error_code retval;
-    char *dbname = DEFAULT_KDB_FILE;
+    char *dbname = (char *) NULL;
     char *realm = 0;
     char *mkey_name = 0;
     char *mkey_fullname;
@@ -128,6 +130,7 @@ char *argv[];
     krb5_enctype etype = 0xffff;
     krb5_data scratch, pwd;
     krb5_context context;
+    krb5_realm_params *rparams;
 
     krb5_init_context(&context);
     krb5_init_ets(context);
@@ -163,6 +166,55 @@ char *argv[];
 	}
     }
 
+    /*
+     * Attempt to read the KDC profile.  If we do, then read appropriate values
+     * from it and augment values supplied on the command line.
+     */
+    if (!(retval = krb5_read_realm_params(context,
+					  realm,
+					  (char *) NULL,
+					  (char *) NULL,
+					  &rparams))) {
+	/* Get the value for the database */
+	if (rparams->realm_dbname && !dbname)
+	    dbname = strdup(rparams->realm_dbname);
+
+	/* Get the value for the master key name */
+	if (rparams->realm_mkey_name && !mkey_name)
+	    mkey_name = strdup(rparams->realm_mkey_name);
+
+	/* Get the value for the master key type */
+	if (rparams->realm_keytype_valid && !keytypedone) {
+	    master_keyblock.keytype = rparams->realm_keytype;
+	    keytypedone++;
+	}
+
+	/* Get the value for the encryption type */
+	if (rparams->realm_enctype_valid && (etype == 0xffff))
+	    etype = rparams->realm_enctype;
+
+	/* Get the value for maximum ticket lifetime. */
+	if (rparams->realm_max_life_valid)
+	    rblock.max_life = rparams->realm_max_life;
+
+	/* Get the value for maximum renewable ticket lifetime. */
+	if (rparams->realm_max_rlife_valid)
+	    rblock.max_rlife = rparams->realm_max_rlife;
+
+	/* Get the value for the default principal expiration */
+	if (rparams->realm_expiration_valid)
+	    rblock.expiration = rparams->realm_expiration;
+
+	/* Get the value for the default principal flags */
+	if (rparams->realm_flags_valid)
+	    rblock.flags = rparams->realm_flags;
+
+	krb5_free_realm_params(context, rparams);
+    }
+
+    if (!dbname)
+	dbname = DEFAULT_KDB_FILE;
+
     if (!keytypedone)
 	master_keyblock.keytype = DEFAULT_KDC_KEYTYPE;
 
@@ -241,8 +293,10 @@ master key name '%s'\n",
 	fflush(stdout);
 
 	/* TRUE here means read the keyboard, and do it twice */
-	if (retval = krb5_db_fetch_mkey(context, master_princ, &master_encblock,
-					TRUE, TRUE, 0, &master_keyblock)) {
+	if (retval = krb5_db_fetch_mkey(context, master_princ,
+					&master_encblock,
+					TRUE, TRUE, (char *) NULL,
+					0, &master_keyblock)) {
 	    com_err(argv[0], retval, "while reading master key");
 	    exit(1);
 	}