4 * asetkey - Manipulates an AFS KeyFile
6 * Updated for Kerberos 5
11 #include <sys/types.h>
15 #include <afs/cellconfig.h>
18 #include <afs/dirpath.h>
19 #endif /* !PRE_AFS35 */
22 main(int argc, char **argv)
24 struct afsconf_dir *tdir;
29 printf("asetkey: usage is 'setkey <opcode> options, e.g.\n");
30 printf(" asetkey add <kvno> <keyfile> <princ>\n");
31 printf(" asetkey delete <kvno>\n");
32 printf(" asetkey list\n");
37 confdir = AFSCONF_SERVERNAME;
39 confdir = AFSDIR_SERVER_ETC_DIRPATH;
40 #endif /* PRE_AFS35 */
42 tdir = afsconf_Open(confdir);
44 printf("asetkey: can't initialize conf dir '%s'\n", confdir);
47 if (strcmp(argv[1], "add")==0) {
49 krb5_principal principal;
51 krb5_error_code retval;
55 printf("asetkey add: usage is 'asetkey add <kvno> <keyfile> <princ>\n");
59 krb5_init_context(&context);
62 retval = krb5_parse_name(context, argv[4], &principal);
64 com_err(argv[0], retval, "while parsing AFS principal");
67 retval = krb5_kt_read_service_key(context, argv[3], principal, kvno,
68 ENCTYPE_DES_CBC_CRC, &key);
70 com_err(argv[0], retval, "while extracting AFS service key");
74 if (key->length != 8) {
75 printf("Key length should be 8, but is really %d!\n",
80 code = afsconf_AddKey(tdir, kvno, key->contents, 1);
82 printf("asetkey: failed to set key, code %d.\n", code);
85 krb5_free_principal(context, principal);
86 krb5_free_keyblock(context, key);
88 else if (strcmp(argv[1], "delete")==0) {
91 printf("asetkey delete: usage is 'asetkey delete <kvno>\n");
95 code = afsconf_DeleteKey(tdir, kvno);
97 printf("asetkey: failed to delete key %d, (code %d)\n", kvno, code);
101 else if (strcmp(argv[1], "list") == 0) {
102 struct afsconf_keys tkeys;
105 code = afsconf_GetKeys(tdir, &tkeys);
107 printf("asetkey: failed to get keys, code %d\n", code);
110 for(i=0;i<tkeys.nkeys;i++) {
111 if (tkeys.key[i].kvno != -1) {
112 printf("kvno %4d: key is: ", tkeys.key[i].kvno);
113 for (j = 0; j < 8; j++)
114 printf("%02x", (unsigned char) tkeys.key[i].key[j]);
118 printf("All done.\n");
121 printf("asetkey: unknown operation '%s', type 'asetkey' for assistance\n", argv[1]);