svn rev #24164: trunk/src/ include/ kadmin/dbutil/ kdc/ lib/kadm5/srv/ lib/kdb/ ...
ghudson@MIT.EDU
ghudson at MIT.EDU
Fri Jul 2 13:33:44 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24164
Commit By: ghudson
Log Message:
ticket: 6749
status: open
Rename krb5_dbekd_encrypt_key_data and krb5_dbekd_decrypt_key_data to
just use the krb5_dbe prefix.
Changed Files:
U trunk/src/include/kdb.h
U trunk/src/kadmin/dbutil/dump.c
U trunk/src/kadmin/dbutil/kdb5_create.c
U trunk/src/kadmin/dbutil/kdb5_mkey.c
U trunk/src/kdc/do_as_req.c
U trunk/src/kdc/do_tgs_req.c
U trunk/src/kdc/kdc_preauth.c
U trunk/src/kdc/kdc_util.c
U trunk/src/lib/kadm5/srv/server_kdb.c
U trunk/src/lib/kadm5/srv/svr_principal.c
U trunk/src/lib/kdb/decrypt_key.c
U trunk/src/lib/kdb/encrypt_key.c
U trunk/src/lib/kdb/kdb5.c
U trunk/src/lib/kdb/kdb_cpw.c
U trunk/src/lib/kdb/kdb_default.c
U trunk/src/lib/kdb/keytab.c
U trunk/src/lib/kdb/libkdb5.exports
U trunk/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_realm.c
U trunk/src/tests/create/kdb5_mkdums.c
U trunk/src/tests/verify/kdb5_verify.c
Modified: trunk/src/include/kdb.h
===================================================================
--- trunk/src/include/kdb.h 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/include/kdb.h 2010-07-02 17:33:44 UTC (rev 24164)
@@ -516,19 +516,19 @@
krb5_principal *principal);
krb5_error_code
-krb5_dbekd_decrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_key_data * key_data,
- krb5_keyblock * dbkey,
- krb5_keysalt * keysalt);
+krb5_dbe_decrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_key_data * key_data,
+ krb5_keyblock * dbkey,
+ krb5_keysalt * keysalt);
krb5_error_code
-krb5_dbekd_encrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_keyblock * dbkey,
- const krb5_keysalt * keysalt,
- int keyver,
- krb5_key_data * key_data);
+krb5_dbe_encrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_keyblock * dbkey,
+ const krb5_keysalt * keysalt,
+ int keyver,
+ krb5_key_data * key_data);
krb5_error_code
krb5_dbe_fetch_act_key_list(krb5_context context,
@@ -749,36 +749,21 @@
krb5_def_promote_db(krb5_context, char *, char **);
krb5_error_code
-krb5_dbekd_def_decrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_key_data * key_data,
- krb5_keyblock * dbkey,
- krb5_keysalt * keysalt);
+krb5_dbe_def_decrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_key_data * key_data,
+ krb5_keyblock * dbkey,
+ krb5_keysalt * keysalt);
krb5_error_code
-krb5_dbekd_def_encrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_keyblock * dbkey,
- const krb5_keysalt * keysalt,
- int keyver,
- krb5_key_data * key_data);
+krb5_dbe_def_encrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_keyblock * dbkey,
+ const krb5_keysalt * keysalt,
+ int keyver,
+ krb5_key_data * key_data);
krb5_error_code
-krb5_dbekd_def_decrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_key_data * key_data,
- krb5_keyblock * dbkey,
- krb5_keysalt * keysalt);
-
-krb5_error_code
-krb5_dbekd_def_encrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_keyblock * dbkey,
- const krb5_keysalt * keysalt,
- int keyver,
- krb5_key_data * key_data);
-
-krb5_error_code
krb5_db_create_policy( krb5_context kcontext,
osa_policy_ent_t policy);
Modified: trunk/src/kadmin/dbutil/dump.c
===================================================================
--- trunk/src/kadmin/dbutil/dump.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/kadmin/dbutil/dump.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -302,9 +302,8 @@
retval = krb5_dbe_find_mkey(context, master_keylist, db_entry, &tmp_mkey);
if (retval)
return retval;
- retval = krb5_dbekd_decrypt_key_data(context, tmp_mkey,
- key_data, &v5plainkey,
- &keysalt);
+ retval = krb5_dbe_decrypt_key_data(context, tmp_mkey, key_data,
+ &v5plainkey, &keysalt);
if (retval)
return retval;
@@ -313,10 +312,9 @@
key_ptr = &v5plainkey;
kvno = (krb5_kvno) key_data->key_data_kvno;
- retval = krb5_dbekd_encrypt_key_data(context, &new_master_keyblock,
- key_ptr, &keysalt,
- (int) kvno,
- &new_key_data);
+ retval = krb5_dbe_encrypt_key_data(context, &new_master_keyblock,
+ key_ptr, &keysalt, (int) kvno,
+ &new_key_data);
if (retval)
return retval;
krb5_free_keyblock_contents(context, &v5plainkey);
Modified: trunk/src/kadmin/dbutil/kdb5_create.c
===================================================================
--- trunk/src/kadmin/dbutil/kdb5_create.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/kadmin/dbutil/kdb5_create.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -403,12 +403,9 @@
ind = iargs->dbentp->n_key_data-1;
if (!(kret = krb5_c_make_random_key(context, ksent->ks_enctype,
&key))) {
- kret = krb5_dbekd_encrypt_key_data(context,
- iargs->rblock->key,
- &key,
- NULL,
- 1,
- &iargs->dbentp->key_data[ind]);
+ kret = krb5_dbe_encrypt_key_data(context, iargs->rblock->key,
+ &key, NULL, 1,
+ &iargs->dbentp->key_data[ind]);
krb5_free_keyblock_contents(context, &key);
}
}
@@ -462,9 +459,9 @@
else
mkey_kvno = 1; /* Default */
entry.attributes |= KRB5_KDB_DISALLOW_ALL_TIX;
- if ((retval = krb5_dbekd_encrypt_key_data(context, pblock->key,
- &master_keyblock, NULL,
- mkey_kvno, entry.key_data)))
+ if ((retval = krb5_dbe_encrypt_key_data(context, pblock->key,
+ &master_keyblock, NULL,
+ mkey_kvno, entry.key_data)))
return retval;
/*
* There should always be at least one "active" mkey so creating the
Modified: trunk/src/kadmin/dbutil/kdb5_mkey.c
===================================================================
--- trunk/src/kadmin/dbutil/kdb5_mkey.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/kadmin/dbutil/kdb5_mkey.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -90,7 +90,7 @@
/* alloc enough space to hold new and existing key_data */
/*
- * The encrypted key is malloc'ed by krb5_dbekd_encrypt_key_data and
+ * The encrypted key is malloc'ed by krb5_dbe_encrypt_key_data and
* krb5_key_data key_data_contents is a pointer to this key. Using some
* logic from master_key_convert().
*/
@@ -105,10 +105,9 @@
/* Note, mkey does not have salt */
/* add new mkey encrypted with itself to mkey princ entry */
- if ((retval = krb5_dbekd_encrypt_key_data(context, new_mkey,
- new_mkey, NULL,
- (int) new_mkey_kvno,
- &master_entry->key_data[0]))) {
+ if ((retval = krb5_dbe_encrypt_key_data(context, new_mkey, new_mkey, NULL,
+ (int) new_mkey_kvno,
+ &master_entry->key_data[0]))) {
return (retval);
}
/* the mvkno should be that of the newest mkey */
@@ -156,11 +155,9 @@
memset(&tmp_key_data, 0, sizeof(tmp_key_data));
/* encrypt the new mkey with the older mkey */
- retval = krb5_dbekd_encrypt_key_data(context, &keylist_node->keyblock,
- new_mkey,
- NULL, /* no keysalt */
- (int) new_mkey_kvno,
- &tmp_key_data);
+ retval = krb5_dbe_encrypt_key_data(context, &keylist_node->keyblock,
+ new_mkey, NULL, (int) new_mkey_kvno,
+ &tmp_key_data);
if (retval)
goto clean_n_exit;
@@ -171,11 +168,10 @@
/*
* Store old key in master_entry keydata past the new mkey
*/
- retval = krb5_dbekd_encrypt_key_data(context, new_mkey,
- &keylist_node->keyblock,
- NULL, /* no keysalt */
- (int) keylist_node->kvno,
- &master_entry->key_data[i]);
+ retval = krb5_dbe_encrypt_key_data(context, new_mkey,
+ &keylist_node->keyblock,
+ NULL, (int) keylist_node->kvno,
+ &master_entry->key_data[i]);
if (retval)
goto clean_n_exit;
}
Modified: trunk/src/kdc/do_as_req.c
===================================================================
--- trunk/src/kdc/do_as_req.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/kdc/do_as_req.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -489,9 +489,9 @@
*
* server_keyblock is later used to generate auth data signatures
*/
- if ((errcode = krb5_dbekd_decrypt_key_data(kdc_context, mkey_ptr,
- server_key, &server_keyblock,
- NULL))) {
+ if ((errcode = krb5_dbe_decrypt_key_data(kdc_context, mkey_ptr,
+ server_key, &server_keyblock,
+ NULL))) {
status = "DECRYPT_SERVER_KEY";
goto errout;
}
@@ -537,9 +537,9 @@
}
/* convert client.key_data into a real key */
- if ((errcode = krb5_dbekd_decrypt_key_data(kdc_context, mkey_ptr,
- client_key, &client_keyblock,
- NULL))) {
+ if ((errcode = krb5_dbe_decrypt_key_data(kdc_context, mkey_ptr,
+ client_key, &client_keyblock,
+ NULL))) {
status = "DECRYPT_CLIENT_KEY";
goto errout;
}
Modified: trunk/src/kdc/do_tgs_req.c
===================================================================
--- trunk/src/kdc/do_tgs_req.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/kdc/do_tgs_req.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -675,10 +675,9 @@
* Convert server.key into a real key
* (it may be encrypted in the database)
*/
- if ((errcode = krb5_dbekd_decrypt_key_data(kdc_context,
- mkey_ptr,
- server_key, &encrypting_key,
- NULL))) {
+ if ((errcode = krb5_dbe_decrypt_key_data(kdc_context, mkey_ptr,
+ server_key, &encrypting_key,
+ NULL))) {
status = "DECRYPT_SERVER_KEY";
goto cleanup;
}
Modified: trunk/src/kdc/kdc_preauth.c
===================================================================
--- trunk/src/kdc/kdc_preauth.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/kdc/kdc_preauth.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -773,8 +773,8 @@
if (krb5_dbe_find_enctype(context, entry, request->ktype[i],
-1, 0, &entry_key) != 0)
continue;
- if (krb5_dbekd_decrypt_key_data(context, mkey_ptr,
- entry_key, &keys[k], NULL) != 0) {
+ if (krb5_dbe_decrypt_key_data(context, mkey_ptr, entry_key,
+ &keys[k], NULL) != 0) {
if (keys[k].contents != NULL)
krb5_free_keyblock_contents(context, &keys[k]);
memset(&keys[k], 0, sizeof(keys[k]));
@@ -1474,8 +1474,8 @@
-1, 0, &client_key)))
goto cleanup;
- if ((retval = krb5_dbekd_decrypt_key_data(context, mkey_ptr,
- client_key, &key, NULL)))
+ if ((retval = krb5_dbe_decrypt_key_data(context, mkey_ptr, client_key,
+ &key, NULL)))
goto cleanup;
key.enctype = enc_data->enctype;
@@ -2156,10 +2156,9 @@
return retval;
}
/* convert server.key into a real key */
- retval = krb5_dbekd_decrypt_key_data(kdc_context,
- mkey_ptr,
- assoc_key, &encrypting_key,
- NULL);
+ retval = krb5_dbe_decrypt_key_data(kdc_context, mkey_ptr,
+ assoc_key, &encrypting_key,
+ NULL);
if (retval) {
kdc_err(kdc_context, retval,
"snk4 pulling out key entry");
@@ -2819,8 +2818,8 @@
* Unfortunately this key is stored encrypted even though it's
* not sensitive...
*/
- krtn = krb5_dbekd_decrypt_key_data(context, mkey_ptr,
- key_data, &decrypted_key, NULL);
+ krtn = krb5_dbe_decrypt_key_data(context, mkey_ptr, key_data,
+ &decrypted_key, NULL);
if(krtn) {
kdcPkinitDebug("verify_pkinit_request: error decrypting cert hash block\n");
break;
Modified: trunk/src/kdc/kdc_util.c
===================================================================
--- trunk/src/kdc/kdc_util.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/kdc/kdc_util.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -512,9 +512,8 @@
goto errout;
}
if ((*key = (krb5_keyblock *)malloc(sizeof **key))) {
- retval = krb5_dbekd_decrypt_key_data(kdc_context, mkey_ptr,
- server_key,
- *key, NULL);
+ retval = krb5_dbe_decrypt_key_data(kdc_context, mkey_ptr, server_key,
+ *key, NULL);
} else
retval = ENOMEM;
retval = krb5_c_enctype_compare(kdc_context, ticket->enc_part.enctype,
Modified: trunk/src/lib/kadm5/srv/server_kdb.c
===================================================================
--- trunk/src/lib/kadm5/srv/server_kdb.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/lib/kadm5/srv/server_kdb.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -213,8 +213,8 @@
if (ret)
goto done;
- ret = krb5_dbekd_decrypt_key_data(handle->context, mkey,
- &kdb.key_data[0], hist_keyblock, NULL);
+ ret = krb5_dbe_decrypt_key_data(handle->context, mkey, &kdb.key_data[0],
+ hist_keyblock, NULL);
if (ret)
goto done;
Modified: trunk/src/lib/kadm5/srv/svr_principal.c
===================================================================
--- trunk/src/lib/kadm5/srv/svr_principal.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/lib/kadm5/srv/svr_principal.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -977,18 +977,15 @@
krb5_error_code ret;
for (x = 0; x < n_new_key_data; x++) {
- ret = krb5_dbekd_decrypt_key_data(context,
- mkey,
- &(new_key_data[x]),
- &newkey, NULL);
+ ret = krb5_dbe_decrypt_key_data(context, mkey, &(new_key_data[x]),
+ &newkey, NULL);
if (ret)
return(ret);
for (y = 0; y < n_pw_hist_data; y++) {
for (z = 0; z < pw_hist_data[y].n_key_data; z++) {
- ret = krb5_dbekd_decrypt_key_data(context,
- hist_keyblock,
- &pw_hist_data[y].key_data[z],
- &histkey, NULL);
+ ret = krb5_dbe_decrypt_key_data(context, hist_keyblock,
+ &pw_hist_data[y].key_data[z],
+ &histkey, NULL);
if (ret)
return(ret);
@@ -1047,17 +1044,14 @@
memset(hist->key_data, 0, n_key_data*sizeof(krb5_key_data));
for (i = 0; i < n_key_data; i++) {
- ret = krb5_dbekd_decrypt_key_data(context,
- mkey,
- &key_data[i],
- &key, &salt);
+ ret = krb5_dbe_decrypt_key_data(context, mkey, &key_data[i], &key,
+ &salt);
if (ret)
return ret;
- ret = krb5_dbekd_encrypt_key_data(context, hist_key,
- &key, &salt,
- key_data[i].key_data_kvno,
- &hist->key_data[i]);
+ ret = krb5_dbe_encrypt_key_data(context, hist_key, &key, &salt,
+ key_data[i].key_data_kvno,
+ &hist->key_data[i]);
if (ret)
return ret;
@@ -1731,9 +1725,8 @@
goto done;
/* use tmp_key_data as temporary location and reallocate later */
- ret = krb5_dbekd_encrypt_key_data(handle->context, act_mkey,
- keyblock, &keysalt, kvno + 1,
- &tmp_key_data);
+ ret = krb5_dbe_encrypt_key_data(handle->context, act_mkey, keyblock,
+ &keysalt, kvno + 1, &tmp_key_data);
if (ret) {
goto done;
}
@@ -1935,12 +1928,10 @@
if (ret)
goto done;
- ret = krb5_dbekd_encrypt_key_data(handle->context,
- act_mkey,
- &keyblocks[i],
- n_ks_tuple ? &keysalt : NULL,
- kvno + 1,
- &tmp_key_data);
+ ret = krb5_dbe_encrypt_key_data(handle->context, act_mkey,
+ &keyblocks[i],
+ n_ks_tuple ? &keysalt : NULL, kvno + 1,
+ &tmp_key_data);
if (ret)
goto done;
@@ -2120,9 +2111,8 @@
memset(keys, 0, n_key_data*sizeof(krb5_keyblock));
for (i = 0; i < n_key_data; i++) {
- ret = krb5_dbekd_decrypt_key_data(context, mkey,
- &key_data[i],
- &keys[i], NULL);
+ ret = krb5_dbe_decrypt_key_data(context, mkey, &key_data[i], &keys[i],
+ NULL);
if (ret) {
for (; i >= 0; i--) {
if (keys[i].contents) {
@@ -2218,9 +2208,8 @@
}
}
- if ((ret = krb5_dbekd_decrypt_key_data(handle->context,
- mkey_ptr, key_data,
- keyblock, keysalt)))
+ if ((ret = krb5_dbe_decrypt_key_data(handle->context, mkey_ptr, key_data,
+ keyblock, keysalt)))
return ret;
/*
Modified: trunk/src/lib/kdb/decrypt_key.c
===================================================================
--- trunk/src/lib/kdb/decrypt_key.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/lib/kdb/decrypt_key.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -64,11 +64,11 @@
*/
krb5_error_code
-krb5_dbekd_def_decrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_key_data * key_data,
- krb5_keyblock * dbkey,
- krb5_keysalt * keysalt)
+krb5_dbe_def_decrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_key_data * key_data,
+ krb5_keyblock * dbkey,
+ krb5_keysalt * keysalt)
{
krb5_error_code retval = 0;
krb5_int16 tmplen;
Modified: trunk/src/lib/kdb/encrypt_key.c
===================================================================
--- trunk/src/lib/kdb/encrypt_key.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/lib/kdb/encrypt_key.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -64,12 +64,12 @@
*/
krb5_error_code
-krb5_dbekd_def_encrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_keyblock * dbkey,
- const krb5_keysalt * keysalt,
- int keyver,
- krb5_key_data * key_data)
+krb5_dbe_def_encrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_keyblock * dbkey,
+ const krb5_keysalt * keysalt,
+ int keyver,
+ krb5_key_data * key_data)
{
krb5_error_code retval;
krb5_octet * ptr;
Modified: trunk/src/lib/kdb/kdb5.c
===================================================================
--- trunk/src/lib/kdb/kdb5.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/lib/kdb/kdb5.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -267,9 +267,9 @@
if (lib->vftabl.promote_db == NULL)
lib->vftabl.promote_db = krb5_def_promote_db;
if (lib->vftabl.dbekd_decrypt_key_data == NULL)
- lib->vftabl.dbekd_decrypt_key_data = krb5_dbekd_def_decrypt_key_data;
+ lib->vftabl.dbekd_decrypt_key_data = krb5_dbe_def_decrypt_key_data;
if (lib->vftabl.dbekd_encrypt_key_data == NULL)
- lib->vftabl.dbekd_encrypt_key_data = krb5_dbekd_def_encrypt_key_data;
+ lib->vftabl.dbekd_encrypt_key_data = krb5_dbe_def_encrypt_key_data;
}
#ifdef STATIC_PLUGINS
@@ -2308,11 +2308,11 @@
}
krb5_error_code
-krb5_dbekd_decrypt_key_data( krb5_context kcontext,
- const krb5_keyblock * mkey,
- const krb5_key_data * key_data,
- krb5_keyblock * dbkey,
- krb5_keysalt * keysalt)
+krb5_dbe_decrypt_key_data( krb5_context kcontext,
+ const krb5_keyblock * mkey,
+ const krb5_key_data * key_data,
+ krb5_keyblock * dbkey,
+ krb5_keysalt * keysalt)
{
krb5_error_code status = 0;
kdb_vftabl *v;
@@ -2324,12 +2324,12 @@
}
krb5_error_code
-krb5_dbekd_encrypt_key_data( krb5_context kcontext,
- const krb5_keyblock * mkey,
- const krb5_keyblock * dbkey,
- const krb5_keysalt * keysalt,
- int keyver,
- krb5_key_data * key_data)
+krb5_dbe_encrypt_key_data( krb5_context kcontext,
+ const krb5_keyblock * mkey,
+ const krb5_keyblock * dbkey,
+ const krb5_keysalt * keysalt,
+ int keyver,
+ krb5_key_data * key_data)
{
krb5_error_code status = 0;
kdb_vftabl *v;
Modified: trunk/src/lib/kdb/kdb_cpw.c
===================================================================
--- trunk/src/lib/kdb/kdb_cpw.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/lib/kdb/kdb_cpw.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -186,9 +186,8 @@
/* db library will free this. Since, its a so, it could actually be using different memory management
function. So, its better if the memory is allocated by the db's malloc. So, a temporary memory is used
here which will later be copied to the db_entry */
- retval = krb5_dbekd_encrypt_key_data(context, master_key,
- &key, NULL, kvno,
- &tmp_key_data);
+ retval = krb5_dbe_encrypt_key_data(context, master_key, &key, NULL,
+ kvno, &tmp_key_data);
krb5_free_keyblock_contents(context, &key);
if( retval )
@@ -464,9 +463,9 @@
/* memory allocation to be done by db. So, use temporary block and later copy
it to the memory allocated by db */
- retval = krb5_dbekd_encrypt_key_data(context, master_key, &key,
- (const krb5_keysalt *)&key_salt,
- kvno, &tmp_key_data);
+ retval = krb5_dbe_encrypt_key_data(context, master_key, &key,
+ (const krb5_keysalt *)&key_salt,
+ kvno, &tmp_key_data);
if (key_salt.data.data)
free(key_salt.data.data);
free(key.contents);
Modified: trunk/src/lib/kdb/kdb_default.c
===================================================================
--- trunk/src/lib/kdb/kdb_default.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/lib/kdb/kdb_default.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -463,9 +463,9 @@
return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE);
}
- if ((retval = krb5_dbekd_decrypt_key_data(context, mkey,
- &master_entry.key_data[0],
- &tempkey, NULL))) {
+ if ((retval = krb5_dbe_decrypt_key_data(context, mkey,
+ &master_entry.key_data[0],
+ &tempkey, NULL))) {
krb5_db_free_principal(context, &master_entry, nprinc);
return retval;
}
@@ -534,9 +534,8 @@
*/
if (mkey->enctype == master_entry.key_data[0].key_data_type[0]) {
- if (krb5_dbekd_decrypt_key_data(context, mkey,
- &master_entry.key_data[0],
- &cur_mkey, NULL) == 0) {
+ if (krb5_dbe_decrypt_key_data(context, mkey, &master_entry.key_data[0],
+ &cur_mkey, NULL) == 0) {
found_key = TRUE;
}
}
@@ -549,9 +548,9 @@
for (aux_data_entry = mkey_aux_data_list; aux_data_entry != NULL;
aux_data_entry = aux_data_entry->next) {
- if (krb5_dbekd_decrypt_key_data(context, mkey,
- &aux_data_entry->latest_mkey,
- &cur_mkey, NULL) == 0) {
+ if (krb5_dbe_decrypt_key_data(context, mkey,
+ &aux_data_entry->latest_mkey,
+ &cur_mkey, NULL) == 0) {
found_key = TRUE;
break;
}
@@ -596,10 +595,9 @@
memset(*mkey_list_node, 0, sizeof(krb5_keylist_node));
}
key_data = &master_entry.key_data[i];
- retval = krb5_dbekd_decrypt_key_data(context, &cur_mkey,
- key_data,
- &((*mkey_list_node)->keyblock),
- NULL);
+ retval = krb5_dbe_decrypt_key_data(context, &cur_mkey, key_data,
+ &((*mkey_list_node)->keyblock),
+ NULL);
if (retval)
goto clean_n_exit;
Modified: trunk/src/lib/kdb/keytab.c
===================================================================
--- trunk/src/lib/kdb/keytab.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/lib/kdb/keytab.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -185,8 +185,8 @@
goto error;
- kerror = krb5_dbekd_decrypt_key_data(context, master_key,
- key_data, &entry->key, NULL);
+ kerror = krb5_dbe_decrypt_key_data(context, master_key, key_data,
+ &entry->key, NULL);
if (kerror)
goto error;
Modified: trunk/src/lib/kdb/libkdb5.exports
===================================================================
--- trunk/src/lib/kdb/libkdb5.exports 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/lib/kdb/libkdb5.exports 2010-07-02 17:33:44 UTC (rev 24164)
@@ -55,10 +55,10 @@
krb5_dbe_update_mkvno
krb5_dbe_update_mod_princ_data
krb5_dbe_update_tl_data
-krb5_dbekd_def_encrypt_key_data
-krb5_dbekd_def_decrypt_key_data
-krb5_dbekd_decrypt_key_data
-krb5_dbekd_encrypt_key_data
+krb5_dbe_def_encrypt_key_data
+krb5_dbe_def_decrypt_key_data
+krb5_dbe_decrypt_key_data
+krb5_dbe_encrypt_key_data
krb5_kt_kdb_ops
krb5_ktkdb_close
krb5_ktkdb_get_entry
Modified: trunk/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_realm.c
===================================================================
--- trunk/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_realm.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_realm.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -2322,12 +2322,8 @@
if (!(kret = krb5_c_make_random_key(context, ksent->ks_enctype,
&key))) {
- kret = krb5_dbekd_encrypt_key_data(context,
- iargs->rblock->key,
- &key,
- NULL,
- 1,
- &entry->key_data[ind]);
+ kret = krb5_dbe_encrypt_key_data(context, iargs->rblock->key, &key,
+ NULL, 1, &entry->key_data[ind]);
krb5_free_keyblock_contents(context, &key);
}
/*}*/
@@ -2441,9 +2437,9 @@
goto cleanup;
}
kvno = 1; /* New key is getting set */
- retval = krb5_dbekd_encrypt_key_data(context, master_keyblock,
- &key, NULL, kvno,
- &entry.key_data[entry.n_key_data - 1]);
+ retval = krb5_dbe_encrypt_key_data(context, master_keyblock,
+ &key, NULL, kvno,
+ &entry.key_data[entry.n_key_data - 1]);
krb5_free_keyblock_contents(context, &key);
if (retval) {
goto cleanup;
@@ -2477,9 +2473,9 @@
memset(entry.key_data, 0, sizeof(krb5_key_data));
entry.n_key_data++;
kvno = 1; /* New key is getting set */
- retval = krb5_dbekd_encrypt_key_data(context, pblock->key,
- master_keyblock, NULL, kvno,
- &entry.key_data[entry.n_key_data - 1]);
+ retval = krb5_dbe_encrypt_key_data(context, pblock->key,
+ master_keyblock, NULL, kvno,
+ &entry.key_data[entry.n_key_data - 1]);
if (retval) {
goto cleanup;
}
Modified: trunk/src/tests/create/kdb5_mkdums.c
===================================================================
--- trunk/src/tests/create/kdb5_mkdums.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/tests/create/kdb5_mkdums.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -292,9 +292,9 @@
goto error;
}
- if ((retval = krb5_dbekd_encrypt_key_data(context,&master_keyblock,
- &key, NULL, 1,
- newentry.key_data))) {
+ if ((retval = krb5_dbe_encrypt_key_data(context, &master_keyblock,
+ &key, NULL, 1,
+ newentry.key_data))) {
com_err(progname, retval, "while encrypting key for '%s'",
princ_name);
free(key.contents);
Modified: trunk/src/tests/verify/kdb5_verify.c
===================================================================
--- trunk/src/tests/verify/kdb5_verify.c 2010-07-02 17:18:46 UTC (rev 24163)
+++ trunk/src/tests/verify/kdb5_verify.c 2010-07-02 17:33:44 UTC (rev 24164)
@@ -281,8 +281,8 @@
goto errout;
}
- if ((retval = krb5_dbekd_decrypt_key_data(context, &master_keyblock,
- kdbe.key_data, &db_key, NULL))) {
+ if ((retval = krb5_dbe_decrypt_key_data(context, &master_keyblock,
+ kdbe.key_data, &db_key, NULL))) {
com_err(progname, retval, "while decrypting key for '%s'", princ_name);
goto errout;
}
More information about the cvs-krb5
mailing list