diff options
| author | Theodore Tso <tytso@mit.edu> | 1995-10-23 20:41:16 +0000 |
|---|---|---|
| committer | Theodore Tso <tytso@mit.edu> | 1995-10-23 20:41:16 +0000 |
| commit | eaffa98d229422f5f7389ebe959b724d0a5b796b (patch) | |
| tree | 5fb2bdc54ee0a2bea9fa84d457a201e18403b5d8 /src/admin/create | |
| parent | f5fafb318f0e5fc526288d5761c9e21ac9630782 (diff) | |
| download | krb5-eaffa98d229422f5f7389ebe959b724d0a5b796b.tar.gz krb5-eaffa98d229422f5f7389ebe959b724d0a5b796b.tar.xz krb5-eaffa98d229422f5f7389ebe959b724d0a5b796b.zip | |
Add new option 's' which automatically stashes the master key in the
key stash file. This eliminates the need for the admin to type
kdb5_stash right after kdb5_create.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6983 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/admin/create')
| -rw-r--r-- | src/admin/create/ChangeLog | 7 | ||||
| -rw-r--r-- | src/admin/create/kdb5_create.c | 20 |
2 files changed, 26 insertions, 1 deletions
diff --git a/src/admin/create/ChangeLog b/src/admin/create/ChangeLog index 4da417fa0..1045e9f98 100644 --- a/src/admin/create/ChangeLog +++ b/src/admin/create/ChangeLog @@ -1,3 +1,10 @@ +Wed Oct 18 14:25:29 1995 <tytso@rsts-11.mit.edu> + + * kdb5_create.c (main): Add new option 's' which automatically + stashes the master key in the key stash file. This + eliminates the need for the admin to type kdb5_stash right + after kdb5_create. + Wed Sep 13 19:02:50 1995 Theodore Y. Ts'o <tytso@dcl> * kdb5_create.c (tgt_keysalt_iterate): Don't bash the master key diff --git a/src/admin/create/kdb5_create.c b/src/admin/create/kdb5_create.c index a78059feb..f1733baf1 100644 --- a/src/admin/create/kdb5_create.c +++ b/src/admin/create/kdb5_create.c @@ -142,8 +142,10 @@ char *argv[]; char *mkey_fullname; char *defrealm; char *pw_str = 0; + char *keyfile = 0; int pw_size = 0; int enctypedone = 0; + int do_stash = 0; krb5_data pwd; krb5_context context; krb5_realm_params *rparams; @@ -154,7 +156,7 @@ char *argv[]; if (strrchr(argv[0], '/')) argv[0] = strrchr(argv[0], '/')+1; - while ((optchar = getopt(argc, argv, "d:r:k:M:e:P:")) != EOF) { + while ((optchar = getopt(argc, argv, "d:r:k:M:e:P:sf:")) != EOF) { switch(optchar) { case 'd': /* set db name */ dbname = optarg; @@ -168,6 +170,12 @@ char *argv[]; else com_err(argv[0], 0, "%s is an invalid enctype", optarg); break; + case 's': + do_stash++; + break; + case 'f': + keyfile = optarg; + break; case 'M': /* master key name in DB */ mkey_name = optarg; break; @@ -228,6 +236,10 @@ char *argv[]; rparams->realm_keysalts = (krb5_key_salt_tuple *) NULL; } + /* Get the value for the stash file */ + if (rparams->realm_stash_file && !keyfile) + keyfile = strdup(rparams->realm_stash_file); + krb5_free_realm_params(context, rparams); } @@ -361,6 +373,12 @@ master key name '%s'\n", com_err(argv[0], retval, "while adding entries to the database"); exit(1); } + if (do_stash && + ((retval = krb5_db_store_mkey(context, keyfile, master_princ, + &master_keyblock)))) { + com_err(argv[0], errno, "while storing key"); + printf("Warning: couldn't stash master key.\n"); + } /* clean up */ (void) krb5_db_fini(context); (void) krb5_finish_key(context, &master_encblock); |