4 * asetkey - Manipulates an AFS KeyFile
6 * Updated for Kerberos 5
11 #include <sys/types.h>
12 #include <netinet/in.h>
22 #endif /* HAVE_MEMORY_H */
25 #else /* HAVE_STRING_H */
28 #endif /* HAVE_STRINGS_H */
29 #endif /* HAVE_STRING_H */
34 #include <afs/com_err.h>
35 #include <afs/cellconfig.h>
37 #include <afs/dirpath.h>
39 #ifdef HAVE_KRB5_CREDS_KEYBLOCK
42 #ifdef HAVE_KRB5_CREDS_SESSION
43 #define USING_HEIMDAL 1
47 main(int argc, char *argv[])
49 struct afsconf_dir *tdir;
54 fprintf(stderr, "%s: usage is '%s <opcode> options, e.g.\n",
56 fprintf(stderr, "\t%s add <kvno> <keyfile> <princ>\n", argv[0]);
57 fprintf(stderr, "\t%s delete <kvno>\n", argv[0]);
58 fprintf(stderr, "\t%s list\n", argv[0]);
62 confdir = AFSDIR_SERVER_ETC_DIRPATH;
64 tdir = afsconf_Open(confdir);
66 fprintf(stderr, "%s: can't initialize conf dir '%s'\n", argv[0],
70 if (strcmp(argv[1], "add")==0) {
72 krb5_principal principal;
74 krb5_error_code retval;
78 fprintf(stderr, "%s add: usage is '%s add <kvno> <keyfile> "
79 "<princ>\n", argv[0], argv[0]);
83 krb5_init_context(&context);
86 retval = krb5_parse_name(context, argv[4], &principal);
88 afs_com_err(argv[0], retval, "while parsing AFS principal");
91 retval = krb5_kt_read_service_key(context, argv[3], principal, kvno,
92 ENCTYPE_DES_CBC_CRC, &key);
94 afs_com_err(argv[0], retval, "while extracting AFS service key");
99 #define deref_key_length(key) \
102 #define deref_key_contents(key) \
105 #define deref_key_length(key) \
108 #define deref_key_contents(key) \
111 if (deref_key_length(key) != 8) {
112 fprintf(stderr, "Key length should be 8, but is really %d!\n",
113 deref_key_length(key));
117 code = afsconf_AddKey(tdir, kvno, (char *) deref_key_contents(key), 1);
119 fprintf(stderr, "%s: failed to set key, code %d.\n", argv[0], code);
122 krb5_free_principal(context, principal);
123 krb5_free_keyblock(context, key);
125 else if (strcmp(argv[1], "delete")==0) {
128 fprintf(stderr, "%s delete: usage is '%s delete <kvno>\n",
132 kvno = atoi(argv[2]);
133 code = afsconf_DeleteKey(tdir, kvno);
135 fprintf(stderr, "%s: failed to delete key %d, (code %d)\n",
136 argv[0], kvno, code);
140 else if (strcmp(argv[1], "list") == 0) {
141 struct afsconf_keys tkeys;
144 code = afsconf_GetKeys(tdir, &tkeys);
146 fprintf(stderr, "%s: failed to get keys, code %d\n", argv[0], code);
149 for(i=0;i<tkeys.nkeys;i++) {
150 if (tkeys.key[i].kvno != -1) {
151 printf("kvno %4d: key is: ", tkeys.key[i].kvno);
152 for (j = 0; j < 8; j++)
153 printf("%02x", (unsigned char) tkeys.key[i].key[j]);
157 printf("All done.\n");
160 fprintf(stderr, "%s: unknown operation '%s', type '%s' for "
161 "assistance\n", argv[0], argv[1], argv[0]);