* all files: reworked for non-ss usage; kdb5_util_ct.ct and

        ss_wrapper.c are now obsolete

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8907 dc483132-0cff-0310-8789-dd5450dbe970

13 files changed, 170 insertions, 403 deletions

diff --git a/src/kadmin/dbutil/ChangeLog b/src/kadmin/dbutil/ChangeLog
index d22b83a07..d463bea8c 100644
--- a/src/kadmin/dbutil/ChangeLog
+++ b/src/kadmin/dbutil/ChangeLog
@@ -1,3 +1,8 @@
+Mon Aug  5 14:36:47 1996  Barry Jaspan  <bjaspan@DUN-DUN-NOODLES>
+
+	* all files: reworked for non-ss usage; kdb5_util_ct.ct and
+        ss_wrapper.c are now obsolete
+
 Thu Aug  1 14:34:51 1996  Barry Jaspan  <bjaspan@DUN-DUN-NOODLES>
 
 	* dump.c, kadm5_create.c, kdb5_create.c: create policy database
diff --git a/src/kadmin/dbutil/Makefile.in b/src/kadmin/dbutil/Makefile.in
index c6325fd1e..28884a42f 100644
--- a/src/kadmin/dbutil/Makefile.in
+++ b/src/kadmin/dbutil/Makefile.in
@@ -1,7 +1,7 @@
 CFLAGS = $(CCOPTS) $(DEFS) -DKDB4_DISABLE -I. $(LOCALINCLUDE) @KRB4_INCLUDES@ 
 
 PROG = kdb5_util
-OBJS	= kdb5_util.o kdb5_util_ct.o dump.o dumpv4.o loadv4.o ss_wrapper.o \
+OBJS	= kdb5_util.o dump.o dumpv4.o loadv4.o \
 	kdb5_create.o kadm5_create.o string_table.o kdb5_stash.o \
 	kdb5_destroy.o ovload.o import_err.o strtok.o
 
@@ -10,8 +10,6 @@ all:: $(PROG)
 $(PROG): $(OBJS) $(DEPLIBS)
 	$(CC) $(LDFLAGS) $(LDARGS) -o $(PROG) $(OBJS) $(LIBS)
 
-kdb5_util_ct.o: kdb5_util_ct.c
-
 import_err.c import_err.h: $(srcdir)/import_err.et
 
 $(OBJS): import_err.h
diff --git a/src/kadmin/dbutil/configure.in b/src/kadmin/dbutil/configure.in
index 66edf685f..cc2b296e6 100644
--- a/src/kadmin/dbutil/configure.in
+++ b/src/kadmin/dbutil/configure.in
@@ -7,7 +7,6 @@ USE_KADMSRV_LIBRARY
 USE_GSSRPC_LIBRARY
 USE_KDB5_LIBRARY
 USE_DYN_LIBRARY
-USE_SS_LIBRARY
 USE_KRB4_LIBRARY
 KRB5_LIBRARIES
 V5_USE_SHARED_LIB
diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c
index d362bc121..13d753825 100644
--- a/src/kadmin/dbutil/dump.c
+++ b/src/kadmin/dbutil/dump.c
@@ -85,6 +85,7 @@ typedef struct _dump_version {
      char *name;
      char *header;
      int updateonly;
+     int create_kadm5_princs;
      dump_func dump_princ;
      osa_adb_iter_policy_func dump_policy;
      load_func load_record;
@@ -94,6 +95,7 @@ dump_version old_version = {
      "Kerberos version 5 old format",
      "kdb5_edit load_dump version 2.0\n",
      0,
+     1,
      dump_k5beta_iterator,
      NULL,
      process_k5beta_record,
@@ -102,6 +104,7 @@ dump_version beta6_version = {
      "Kerberos version 5 beta 6 format",
      "kdb5_edit load_dump version 3.0\n",
      0,
+     1,
      dump_k5beta6_iterator,
      NULL,
      process_k5beta6_record,
@@ -110,6 +113,7 @@ dump_version beta7_version = {
      "Kerberos version 5",
      "kdb5_util load_dump version 4\n",
      0,
+     0,
      dump_k5beta7_princ,
      dump_k5beta7_policy,
      process_k5beta7_record,
@@ -118,6 +122,7 @@ dump_version ov_version = {
      "OpenV*Secure V1.0",
      "OpenV*Secure V1.0\t",
      1,
+     1,
      dump_ov_princ,
      dump_k5beta7_policy,
      process_ov_record,
@@ -185,7 +190,6 @@ static const char read_ktypelen[] = "key data type and length";
 static const char read_econtents[] = "extra data contents";
 static const char k5beta_fmt_name[] = "Kerberos version 5 old format";
 static const char standard_fmt_name[] = "Kerberos version 5 format";
-static const char lusage_err_fmt[] = "%s: usage is %s [%s] [%s] [%s] filename dbname [admin_dbname]\n";
 static const char no_name_mem_fmt[] = "%s: cannot get memory for temporary name\n";
 static const char ctx_err_fmt[] = "%s: cannot initialize Kerberos context\n";
 static const char stdin_name[] = "standard input";
@@ -904,8 +908,8 @@ dump_db(argc, argv)
     }
 
     /*
-     * Attempt to open the database.  The policy database only has to
-     * be opened if we try a dump that uses it.
+     * Make sure the database is open.  The policy database only has
+     * to be opened if we try a dump that uses it.
      */
     if (!dbactive || (dump->dump_policy != NULL && policy_db == NULL)) {
 	com_err(argv[0], 0, Err_no_database);
@@ -966,7 +970,7 @@ dump_db(argc, argv)
 		     error_message(kret));
 	     exit_status++;
 	}
-	if (ofile && !exit_status) {
+	if (ofile && ofile != stdout && !exit_status) {
 	     fclose(f);
 	     update_ok_file(ofile);
 	}
@@ -1843,8 +1847,7 @@ restore_dump(programname, kcontext, dumpfile, f, verbose, dump, pol_db)
 }
 
 /*
- * Usage is
- * load_db [-old] [-verbose] [-update] filename dbname
+ * Usage: load_db [-old] [-ov] [-b6] [-verbose] [-update] filename
  */
 void
 load_db(argc, argv)
@@ -1874,7 +1877,8 @@ load_db(argc, argv)
     if (strrchr(programname, (int) '/'))
 	programname = strrchr(argv[0], (int) '/') + 1;
     dumpfile = (char *) NULL;
-    dbname = (char *) NULL;
+    dbname = global_params.dbname;
+    adbname = global_params.admin_dbname;
     load = NULL;
     update = 0;
     verbose = 0;
@@ -1886,6 +1890,8 @@ load_db(argc, argv)
 	     load = &old_version;
 	else if (!strcmp(argv[aindex], b6option))
 	     load = &beta6_version;
+	else if (!strcmp(argv[aindex], ovoption))
+	     load = &ov_version;
 	else if (!strcmp(argv[aindex], verboseoption))
 	    verbose = 1;
 	else if (!strcmp(argv[aindex], updateoption))
@@ -1893,16 +1899,12 @@ load_db(argc, argv)
 	else
 	    break;
     }
-    if ((argc - aindex) != 2 && (argc - aindex) != 3) {
-	fprintf(stderr, lusage_err_fmt, argv[0], argv[0],
-		oldoption, verboseoption, updateoption);
-	exit_status++;
+    if ((argc - aindex) != 1) {
+	usage();
 	return;
     }
-
     dumpfile = argv[aindex];
-    dbname = argv[aindex+1];
-    adbname = argv[aindex+2];
+
     if (!(dbname_tmp = (char *) malloc(strlen(dbname)+
 				       strlen(dump_tmptrail)+1))) {
 	fprintf(stderr, no_name_mem_fmt, argv[0]);
@@ -1976,13 +1978,6 @@ load_db(argc, argv)
 	      if (dumpfile) fclose(f);
 	      return;
 	 }
-
-	 if (load->dump_policy == NULL && adbname != NULL) {
-	      fprintf(stderr, lusage_err_fmt, argv[0], argv[0],
-		      oldoption, verboseoption, updateoption);
-	      exit_status++;
-	      return;
-	 }
     }
     if (load->updateonly && !update) {
 	 fprintf(stderr, "%s: dump version %s can only be loaded in "
@@ -1992,30 +1987,14 @@ load_db(argc, argv)
     }
 
     /*
-     * Cons up config params for new policy database.  Use adbname if
-     * specified, otherwise let the policy dbname key off the dbname.
-     * However, after the name is retrieved, if we are not in update
-     * mode change the actual file name to a temp name that we'll
+     * Cons up params for the new databases.  If we are not in update
+     * mode change the actual file name to temp names that we'll
      * rename later (but use the correct lock file).
      */
     newparams = global_params;
-    newparams.mask &= ~(KADM5_CONFIG_ADBNAME | KADM5_CONFIG_ADB_LOCKFILE);
-    newparams.dbname = dbname;
-    newparams.mask |= KADM5_CONFIG_DBNAME;
-    if (adbname) {
-	 newparams.admin_dbname = adbname;
-	 newparams.mask |= KADM5_CONFIG_ADBNAME;
-    }
-    if (kret = kadm5_get_config_params(kcontext, NULL, NULL, &newparams,
-				       &newparams)) {
-	 fprintf(stderr, "%s while retrieiving configuration "
-		 "parameters.\n", error_message(kret));
-	 if (dumpfile) fclose(f);
-	 exit_status++;
-	 return;
-    }
     adbname_real = newparams.admin_dbname;
     if (! update) {
+	 newparams.dbname = dbname_tmp;
 	 newparams.admin_dbname = (char *) malloc(strlen(adbname_real) +
 						  strlen(dump_tmptrail) + 1);
 	 strcpy(newparams.admin_dbname, adbname_real);
@@ -2031,7 +2010,7 @@ load_db(argc, argv)
      */
     if (!update && (kret = krb5_db_create(kcontext, dbname_tmp))) {
 	 fprintf(stderr, dbcreaterr_fmt,
-		 programname, dbname, error_message(kret));
+		 programname, dbname_tmp, error_message(kret));
 	 exit_status++;
 	 kadm5_free_config_params(kcontext, &newparams);
 	 if (dumpfile) fclose(f);
@@ -2045,16 +2024,7 @@ load_db(argc, argv)
 	 if (dumpfile) fclose(f);
 	 return;
     }
-    if (!update && (load != &beta7_version) &&
-	(kret = kadm5_create_magic_princs(&newparams, kcontext))) {
-	 fprintf(stderr, "%s: %s while creating KADM5 principals\n",
-		 programname, error_message(kret));
-	 exit_status++;
-	 kadm5_free_config_params(kcontext, &newparams);
-	 if (dumpfile) fclose(f);
-	 return;
-    }
-	 
+
     /*
      * Point ourselves at the new databases.
      */
@@ -2108,6 +2078,14 @@ load_db(argc, argv)
 	 exit_status++;
     }
 
+    if (!update && load->create_kadm5_princs &&
+	(kret = kadm5_create_magic_princs(&newparams, kcontext))) {
+	 /* error message printed by create_magic_princs */
+	 exit_status++;
+    }
+    
+    /* close policy db below */
+
 error:
     /*
      * If not an update: if there was an error, destroy the database,
@@ -2183,13 +2161,10 @@ error:
 	 fclose(f);
     }
 
-    if (adbname_real) {
-	 if (adbname_real != newparams.admin_dbname) {
-	      free(newparams.admin_dbname);
-	      newparams.admin_dbname = adbname_real;
-	 }
-	 kadm5_free_config_params(kcontext, &newparams);
+    if (adbname_real && adbname_real != newparams.admin_dbname) {
+	 free(newparams.admin_dbname);
     }
+
     if (dbname_tmp)
 	 free(dbname_tmp);
     krb5_free_context(kcontext);
diff --git a/src/kadmin/dbutil/kadm5_create.c b/src/kadmin/dbutil/kadm5_create.c
index 45eeef29b..e4341d1fd 100644
--- a/src/kadmin/dbutil/kadm5_create.c
+++ b/src/kadmin/dbutil/kadm5_create.c
@@ -213,19 +213,31 @@ int add_admin_princ(void *handle, krb5_context context,
 	  return(ERR);
      }
      ent.max_life = lifetime;
-     ent.attributes = attrs;
+     ent.attributes = attrs | KRB5_KDB_DISALLOW_ALL_TIX;
      
      if (ret = kadm5_create_principal(handle, &ent,
 					   (KADM5_PRINCIPAL |
 					    KADM5_MAX_LIFE |
 					    KADM5_ATTRIBUTES),
 					   "to-be-random")) {
-	  if (ret == KADM5_DUP)
-	       ret = kadm5_modify_principal(handle, &ent,
-						 (KADM5_PRINCIPAL |
-						  KADM5_MAX_LIFE |
-						  KADM5_ATTRIBUTES));
-
+	  if (ret != KADM5_DUP) {
+	       com_err(progname, ret, str_PUT_PRINC, fullname);
+	       krb5_free_principal(context, ent.principal);
+	       free(fullname);
+	       return ERR;
+	  }
+     } else {
+	  /* only randomize key if we created the principal */
+	  ret = kadm5_randkey_principal(handle, ent.principal, NULL, NULL);
+	  if (ret) {
+	       com_err(progname, ret, str_RANDOM_KEY, fullname);
+	       krb5_free_principal(context, ent.principal);
+	       free(fullname);
+	       return ERR;
+	  }
+	  
+	  ent.attributes = attrs;
+	  ret = kadm5_modify_principal(handle, &ent, KADM5_ATTRIBUTES);
 	  if (ret) {
 	       com_err(progname, ret, str_PUT_PRINC, fullname);
 	       krb5_free_principal(context, ent.principal);
@@ -233,16 +245,9 @@ int add_admin_princ(void *handle, krb5_context context,
 	       return ERR;
 	  }
      }
-
-     ret = kadm5_randkey_principal(handle, ent.principal, NULL, NULL);
-
+     
      krb5_free_principal(context, ent.principal);
      free(fullname);
 
-     if (ret) {
-	  com_err(progname, ret, str_RANDOM_KEY, fullname);
-	  return ERR;
-     }
-
      return OK;
 }
diff --git a/src/kadmin/dbutil/kdb5_create.c b/src/kadmin/dbutil/kdb5_create.c
index e05cc4ee0..73ca72a44 100644
--- a/src/kadmin/dbutil/kdb5_create.c
+++ b/src/kadmin/dbutil/kdb5_create.c
@@ -121,12 +121,6 @@ extern osa_adb_policy_t policy_db;
 extern kadm5_config_params global_params;
 extern krb5_context util_context;
 
-static void usage()
-{
-    fprintf(stderr, "usage: %s [-s]\n", progname);
-    exit_status++;
-}
-
 void kdb5_create(argc, argv)
    int argc;
    char *argv[];
@@ -313,14 +307,7 @@ master key name '%s'\n",
     }
     if (!do_stash) unlink(global_params.stash_file);
 
-    /* now open the database */
-    open_db_and_mkey();
-
-    exit_status = 0;	/* It's OK if we get errors in open_db_and_mkey */
-                        /* We do not have the key stashed in the database! */
-
     return;
-
 }
 
 static krb5_error_code
diff --git a/src/kadmin/dbutil/kdb5_destroy.c b/src/kadmin/dbutil/kdb5_destroy.c
index 7c6873df7..c2e9fc54b 100644
--- a/src/kadmin/dbutil/kdb5_destroy.c
+++ b/src/kadmin/dbutil/kdb5_destroy.c
@@ -40,14 +40,6 @@ extern kadm5_config_params global_params;
 char *yes = "yes\n";			/* \n to compare against result of
 					   fgets */
 
-static void
-usage(who, status)
-    char *who;
-    int status;
-{
-    fprintf(stderr, "usage: %s [-f]\n", who);
-}
-
 void
 kdb5_destroy(argc, argv)
     int argc;
@@ -79,7 +71,7 @@ kdb5_destroy(argc, argv)
 	    break;
 	case '?':
 	default:
-	    usage(argv[0], 1);
+	    usage();
 	    return;
 	    /*NOTREACHED*/
 	}
diff --git a/src/kadmin/dbutil/kdb5_stash.c b/src/kadmin/dbutil/kdb5_stash.c
index 56ca10cbd..62a52e371 100644
--- a/src/kadmin/dbutil/kdb5_stash.c
+++ b/src/kadmin/dbutil/kdb5_stash.c
@@ -38,16 +38,6 @@ extern kadm5_config_params global_params;
 
 extern int exit_status;
 
-static void
-usage(who, status)
-char *who;
-int status;
-{
-    fprintf(stderr, "usage: %s [-f keyfile]\n", who);
-    exit_status++; return; 
-}
-
-
 void
 kdb5_stash(argc, argv)
 int argc;
@@ -86,7 +76,7 @@ char *argv[];
 	    break;
 	case '?':
 	default:
-	    usage(argv[0], 1);
+	    usage();
 	    return;
 	}
     }
diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c
index 3f31fcb14..d15a2dc2f 100644
--- a/src/kadmin/dbutil/kdb5_util.c
+++ b/src/kadmin/dbutil/kdb5_util.c
@@ -49,21 +49,19 @@ krb5_context util_context;
 osa_adb_policy_t policy_db;
 kadm5_config_params global_params;
 
-/*
- * Script input, specified by -s.
- */
-FILE *scriptfile = (FILE *) NULL;
-
-static void
-usage(who, status)
-    char *who;
-    int status;
+usage()
 {
-    fprintf(stderr,
-	    "usage: %s [-d dbpathname ] [-r realmname] [-R request ]\n",
-	    who);
-    fprintf(stderr, "\t [-k enctype] [-M mkeyname] [-f stashfile]\n");
-    exit(status);
+     fprintf(stderr, "Usage: "
+	   "kdb5_util cmd [-r realm] [-d dbname] [-k mkeytype] [-M mkeyname]\n"
+	     "\t         [-m] [cmd options]\n"
+	     "\tcreate	[-s]\n"
+	     "\tdestroy	[-f]\n"
+	     "\tstash	[-f keyfile]\n"
+	     "\tdump	[-old] [-ov] [-b6] [-verbose] [filename	[princs...]]\n"
+	     "\tload	[-old] [-ov] [-b6] [-verbose] [-update] filename\n"
+	     "\tdump_v4	[filename]\n"
+	     "\tload_v4	[-t] [-n] [-K] [-f] inputfile\n");
+     exit(1);
 }
 
 krb5_keyblock master_keyblock;
@@ -77,14 +75,55 @@ char *progname;
 krb5_boolean manual_mkey = FALSE;
 krb5_boolean dbactive = FALSE;
 
-char *kdb5_util_Init(argc, argv)
+int kdb5_create(int, char **);
+int kdb5_destroy(int, char **);
+int kdb5_stash(int, char **);
+int dump_db(int, char **);
+int load_db(int, char **);
+int dump_v4db(int, char **);
+int load_v4db(int, char **);
+   
+typedef int (*cmd_func)(int, char **);
+
+struct _cmd_table {
+     char *name;
+     cmd_func func;
+     int opendb;
+} cmd_table[] = {
+     "create", kdb5_create, 0,
+     "destroy", kdb5_destroy, 1,
+     "stash", kdb5_stash, 1,
+     "dump", dump_db, 1,
+     "load", load_db, 0,
+     "dump_v4", dump_v4db, 1,
+     "load_v4", load_v4db, 0,
+     NULL, NULL, 0,
+};
+
+struct _cmd_table *cmd_lookup(name)
+   char *name;
+{
+     struct _cmd_table *cmd = cmd_table;
+     while (cmd->name) {
+	  if (strcmp(cmd->name, name) == 0)
+	       return cmd;
+	  else
+	       cmd++;
+     }
+     
+     return NULL;
+}
+
+#define ARG_VAL (--argc > 0 ? optarg = *(++argv) : (usage(), NULL))
+     
+int main(argc, argv)
     int argc;
     char *argv[];
 {
-    extern char *optarg;	
-    int optchar;
+    struct _cmd_table *cmd = NULL;
+    char *optarg, **cmd_argv;	
+    int cmd_argc;
     krb5_error_code retval;
-    char *request = NULL;
 
     retval = krb5_init_context(&util_context);
     if (retval) {
@@ -95,26 +134,25 @@ char *kdb5_util_Init(argc, argv)
     krb5_init_ets(util_context);
     initialize_adb_error_table();
 
-    if (strrchr(argv[0], '/'))
-	argv[0] = strrchr(argv[0], '/')+1;
-
-    progname = argv[0];
+    progname = (strrchr(argv[0], '/') ? strrchr(argv[0], '/')+1 : argv[0]);
 
-    while ((optchar = getopt(argc, argv, "P:d:a:r:R:k:M:e:ms:f:")) != EOF) {
-	switch(optchar) {
-        case 'P':		/* Only used for testing!!! */
+    cmd_argv = (char **) malloc(sizeof(char *)*argc);
+    if (cmd_argv == NULL) {
+	 com_err(progname, ENOMEM, "while creating sub-command arguments");
+	 exit(1);
+    }
+    memset(cmd_argv, 0, sizeof(char *)*argc);
+    cmd_argc = 1;
+	 
+    argv++; argc--;
+    while (*argv) {
+       if (strcmp(*argv, "-P") == 0 && ARG_VAL) {
 	    mkey_password = optarg;
 	    manual_mkey = TRUE;
-	    break;
-	case 'd':
+       } else if (strcmp(*argv, "-d") == 0 && ARG_VAL) {
 	    global_params.dbname = optarg;
 	    global_params.mask |= KADM5_CONFIG_DBNAME;
-	    break;
-       case 'a':
-	    global_params.admin_dbname = optarg;
-	    global_params.mask |= KADM5_CONFIG_ADBNAME;
-	    break;
-	case 'r':
+       } else if (strcmp(*argv, "-r") == 0 && ARG_VAL) {
 	    global_params.realm = optarg;
 	    global_params.mask |= KADM5_CONFIG_REALM;
 	    /* not sure this is really necessary */
@@ -123,43 +161,35 @@ char *kdb5_util_Init(argc, argv)
 		 com_err(progname, retval, "while setting default realm name");
 		 exit(1);
 	    }
-	    break;
-        case 'R':
-	    request = optarg;
-	    break;
-	case 'k':
+       } else if (strcmp(*argv, "-k") == 0 && ARG_VAL) {
 	    if (krb5_string_to_enctype(optarg, &global_params.enctype))
 		 com_err(argv[0], 0, "%s is an invalid enctype", optarg);
-	    global_params.mask |= KADM5_CONFIG_ENCTYPE;
-	    break;
-	case 'M':			/* master key name in DB */
+	    else
+		 global_params.mask |= KADM5_CONFIG_ENCTYPE;
+       } else if (strcmp(*argv, "-M") == 0 && ARG_VAL) {
 	    global_params.mkey_name = optarg;
 	    global_params.mask |= KADM5_CONFIG_MKEY_NAME;
-	    break;
-	case 'm':
+       } else if (strcmp(*argv, "-f") == 0 && ARG_VAL) {
+	    global_params.stash_file = optarg;
+	    global_params.mask |= KADM5_CONFIG_STASH_FILE;
+       } else if (strcmp(*argv, "-m") == 0) {
 	    manual_mkey = TRUE;
 	    global_params.mkey_from_kbd = 1;
 	    global_params.mask |= KADM5_CONFIG_MKEY_FROM_KBD;
-	    break;
-	case 's':
-	    /* Open the script file */
-	    if (!(scriptfile = fopen(optarg, "r"))) {
-		com_err(argv[0], errno, "while opening script file %s",
-			optarg);
-		exit(1);
-	    }
-	    break;
-	case 'f':
-	    global_params.stash_file = optarg;
-	    global_params.mask |= KADM5_CONFIG_STASH_FILE;
-	    break;
-	case '?':
-	default:
-	    usage(progname, 1);
-	    /*NOTREACHED*/
-	}
+       } else if (cmd_lookup(*argv) != NULL) {
+	    if (cmd_argv[0] == NULL)
+		 cmd_argv[0] = *argv;
+	    else
+		 usage();
+       } else {
+	    cmd_argv[cmd_argc++] = *argv;
+       }
+       argv++; argc--;
     }
 
+    if (cmd_argv[0] == NULL)
+	 usage();
+    
     if (retval = kadm5_get_config_params(util_context, NULL, NULL,
 					 &global_params, &global_params)) {
 	 com_err(argv[0], retval, "while retreiving configuration parameters");
@@ -168,9 +198,7 @@ char *kdb5_util_Init(argc, argv)
 
     /*
      * Dump creates files which should not be world-readable.  It is
-     * easiest to do a single umask call here; any shells run by the
-     * ss command interface will have umask = 77 but that is not a
-     * serious problem.
+     * easiest to do a single umask call here.
      */
     (void) umask(077);
 
@@ -190,11 +218,12 @@ char *kdb5_util_Init(argc, argv)
 			 master_keyblock.enctype);
     }
 
+    cmd = cmd_lookup(cmd_argv[0]);
+    if (cmd->opendb && open_db_and_mkey())
+	 return exit_status;
 
-    open_db_and_mkey();
-
-    exit_status = 0;	/* It's OK if we get errors in open_db_and_mkey */
-    return request;
+    (*cmd->func)(cmd_argc, cmd_argv);
+    return exit_status;
 }
 
 #if 0
diff --git a/src/kadmin/dbutil/kdb5_util_ct.ct b/src/kadmin/dbutil/kdb5_util_ct.ct
deleted file mode 100644
index bac1df125..000000000
--- a/src/kadmin/dbutil/kdb5_util_ct.ct
+++ /dev/null
@@ -1,56 +0,0 @@
-#	admin/edit/kdb5_ed_ct.ct
-#
-# Copyright 1990 by the Massachusetts Institute of Technology.
-# All Rights Reserved.
-# 
-# Export of this software from the United States of America may
-#   require a specific license from the United States Government.
-#   It is the responsibility of any person or organization contemplating
-#   export to obtain such a license before exporting.
-# 
-# WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-# distribute this software and its documentation for any purpose and
-# without fee is hereby granted, provided that the above copyright
-# notice appear in all copies and that both that copyright notice and
-# this permission notice appear in supporting documentation, and that
-# the name of M.I.T. not be used in advertising or publicity pertaining
-# to distribution of the software without specific, written prior
-# permission.  M.I.T. makes no representations about the suitability of
-# this software for any purpose.  It is provided "as is" without express
-# or implied warranty.
-# 
-# 
-# Command table for Kerberos administration edit
-#
-
-command_table kdb5_edit_cmds;
-
-request kdb5_create, "Create a new Kerberos database",
-	create_db, create;
-
-request kdb5_destroy, "Destroy a Kerberos database",
-	destroy_db, destroy;
-
-request kdb5_stash, "Stash the Kerberos master key",
-	stash_mkey, stash;
-
-request dump_db, "Dump database entries to a file",
-	dump_db, ddb;
-
-request dump_v4db, "Dump database entries to a V4 slave dump file",
-	dump_v4db, d4db;
-
-request load_db, "Load database entries from a file",
-	load_db, lddb;
-
-request load_v4db, "Load database entries from a V4 slave dump file",
-	load_v4db, lddb4;
-
-# list_requests is generic -- unrelated to Kerberos
-request	ss_list_requests, "List available requests.",
-	list_requests, lr, "?";
-
-request	ss_quit, "Exit program.",
-	quit, exit, q;
-
-end;
diff --git a/src/kadmin/dbutil/loadv4.c b/src/kadmin/dbutil/loadv4.c
index 7dfade9f5..368e3956d 100644
--- a/src/kadmin/dbutil/loadv4.c
+++ b/src/kadmin/dbutil/loadv4.c
@@ -88,17 +88,6 @@ static krb5_error_code fixup_database PROTOTYPE((krb5_context, char *));
 	
 static int create_local_tgt = 0;
 
-static void
-usage(who, status)
-char *who;
-int status;
-{
-    fprintf(stderr, "usage: %s [-d v5dbpathname] [-t] [-n] [-r realmname] [-K] [-k enctype]\n\
-\t[-M mkeyname] -f inputfile\n",
-	    who);
-    return;
-}
-
 static krb5_keyblock master_keyblock;
 static krb5_principal master_princ;
 static krb5_encrypt_block master_encblock;
@@ -145,7 +134,6 @@ char *argv[];
     char *mkey_name = 0;
     char *mkey_fullname;
     char *defrealm;
-    int enctypedone = 0;
     int v4manual = 0;
     int read_mkey = 0;
     int tempdb = 0;
@@ -167,45 +155,24 @@ char *argv[];
     persist = 1;
     op_ind = 1;
     while (persist && (op_ind < argc)) {
-	if (!strcmp(argv[op_ind], "-d") && ((argc - op_ind) >= 2)) {
-	    dbname = argv[op_ind+1];
-	    op_ind++;
-	}
-	else if (!strcmp(argv[op_ind], "-T")) {
+	if (!strcmp(argv[op_ind], "-T")) {
 	    create_local_tgt = 1;
 	}
 	else if (!strcmp(argv[op_ind], "-t")) {
 	    tempdb = 1;
 	}
-	else if (!strcmp(argv[op_ind], "-r") && ((argc - op_ind) >= 2)) {
-	    realm = argv[op_ind+1];
-	    op_ind++;
-	}
 	else if (!strcmp(argv[op_ind], "-K")) {
 	    read_mkey = 1;
 	}
 	else if (!strcmp(argv[op_ind], "-v")) {
 	    verbose = 1;
 	}
-	else if (!strcmp(argv[op_ind], "-k") && ((argc - op_ind) >= 2)) {
-	    if (!krb5_string_to_enctype(argv[op_ind+1],
-					&master_keyblock.enctype))
-		enctypedone++;
-	    else
-		com_err(argv[0], 0, "%s is an invalid enctype",
-			argv[op_ind+1]);
-	    op_ind++;
-	}
-	else if (!strcmp(argv[op_ind], "-M") && ((argc - op_ind) >= 2)) {
-	    mkey_name = argv[op_ind+1];
-	    op_ind++;
-	}
 	else if (!strcmp(argv[op_ind], "-n")) {
 	    v4manual++;
 	}
 	else if (!strcmp(argv[op_ind], "-f") && ((argc - op_ind) >= 2)) {
 	    if (v4dbname) {
-		usage(PROGNAME, 1);
+		usage();
 		return;
 	    }
 	    v4dumpfile = argv[op_ind+1];
@@ -216,60 +183,21 @@ char *argv[];
 	op_ind++;
     }
 
-    /*
-     * Attempt to read the KDC profile.  If we do, then read appropriate values
-     * from it and augment values supplied on the command line.
-     */
-    if (!(retval = krb5_read_realm_params(context,
-					  realm,
-					  (char *) NULL,
-					  (char *) NULL,
-					  &rparams))) {
-	/* Get the value for the database */
-	if (rparams->realm_dbname && !dbname)
-	    dbname = strdup(rparams->realm_dbname);
-
-	/* Get the value for the master key name */
-	if (rparams->realm_mkey_name && !mkey_name)
-	    mkey_name = strdup(rparams->realm_mkey_name);
-
-	/* Get the value for the master key type */
-	if (rparams->realm_enctype_valid && !enctypedone) {
-	    master_keyblock.enctype = rparams->realm_enctype;
-	    enctypedone++;
-	}
-
-	/* Get the value for the stashfile */
-	if (rparams->realm_stash_file)
-	    stash_file = strdup(rparams->realm_stash_file);
-
-	/* Get the value for maximum ticket lifetime. */
-	if (rparams->realm_max_life_valid)
-	    rblock.max_life = rparams->realm_max_life;
-
-	/* Get the value for maximum renewable ticket lifetime. */
-	if (rparams->realm_max_rlife_valid)
-	    rblock.max_rlife = rparams->realm_max_rlife;
-
-	/* Get the value for the default principal expiration */
-	if (rparams->realm_expiration_valid)
-	    rblock.expiration = rparams->realm_expiration;
-
-	/* Get the value for the default principal flags */
-	if (rparams->realm_flags_valid)
-	    rblock.flags = rparams->realm_flags;
-
-	krb5_free_realm_params(context, rparams);
-    }
+    realm = global_params.realm;
+    dbname = global_params.dbname;
+    mkey_name = global_params.mkey_name;
+    master_keyblock.enctype = global_params.enctype;
+    stash_file = strdup(global_params.stash_file);
+    rblock.max_life = global_params.max_life;
+    rblock.max_rlife = global_params.max_rlife;
+    rblock.expiration = global_params.expiration;
+    rblock.flags = global_params.flags;
 
     if (!v4dumpfile) {
-	usage(PROGNAME, 1);
+	usage();
 	return;
     }
 
-    if (!enctypedone)
-	master_keyblock.enctype = DEFAULT_KDC_ENCTYPE;
-
     if (!valid_enctype(master_keyblock.enctype)) {
 	com_err(PROGNAME, KRB5_PROG_KEYTYPE_NOSUPP,
 		"while setting up enctype %d", master_keyblock.enctype);
diff --git a/src/kadmin/dbutil/ss_wrapper.c b/src/kadmin/dbutil/ss_wrapper.c
deleted file mode 100644
index ada85efc9..000000000
--- a/src/kadmin/dbutil/ss_wrapper.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * admin/edit/ss_wrapper.c
- *
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- * 
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- * 
- *
- * ss wrapper for kdb5_edit
- */
-
-#include <k5-int.h>
-#include "kdb5_util.h"
-#include <ss/ss.h>
-#include <stdio.h>
-
-extern ss_request_table kdb5_edit_cmds;
-extern int exit_status;
-extern FILE *scriptfile;
-
-int main(argc, argv)
-    int argc;
-    char *argv[];
-{
-    char *request;
-    krb5_error_code retval;
-    int sci_idx, code = 0;
-
-    request = kdb5_util_Init(argc, argv);
-    sci_idx = ss_create_invocation("kdb5_util", "5.0", (char *) NULL,
-				   &kdb5_edit_cmds, &retval);
-    if (retval) {
-	ss_perror(sci_idx, retval, "creating invocation");
-	exit(1);
-    }
-
-    if (request) {
-	    code = ss_execute_line(sci_idx, request, &code);
-	    if (code != 0) {
-		    ss_perror(sci_idx, code, request);
-		    exit_status++;
-	    }
-    } else if (scriptfile) {
-	char *command;
-	int nread;
-
-	/* Get a buffer */
-	if ((command = (char *) malloc(BUFSIZ))) {
-	    /* Process commands from the script until end-of-file or error */
-	    while (!feof(scriptfile) &&
-		   (fgets(command, BUFSIZ, scriptfile))) {
-
-		/* Strip trailing newline */
-		if (command[strlen(command)-1] == '\n')
-		    command[strlen(command)-1] = '\0';
-
-		/* Execute the command */
-		code = ss_execute_line(sci_idx, command, &code);
-		if (code != 0) {
-		    ss_perror(sci_idx, code, command);
-		    exit_status++;
-		    break;
-		}
-	    }
-	    free(command);
-	}
-    } else
-	    ss_listen(sci_idx, &retval);
-    return quit() ? 1 : exit_status;
-}
diff --git a/src/kadmin/dbutil/string_table.c b/src/kadmin/dbutil/string_table.c
index b9f86a363..c5f09f83b 100644
--- a/src/kadmin/dbutil/string_table.c
+++ b/src/kadmin/dbutil/string_table.c
@@ -51,7 +51,7 @@ char *str_ENCRYPT_KEY =
 	"while calling encrypt key for %s."; /* principal name */
 
 char *str_PUT_PRINC =
-	"while calling storing %s in Kerberos database.";  /* principal name */
+	"while storing %s in Kerberos database.";  /* principal name */
 
 char *str_CREATING_POLICY_DB = "while creating/opening admin policy database.";