[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: empty salt in MIT dump file

To: Aidan Cully <aidan@kublai.com>
Subject: Re: empty salt in MIT dump file
From: joda@pdc.kth.se (Johan Danielsson)
Date: 09 Aug 2000 12:09:25 +0200
Cc: heimdal-discuss@sics.se
In-Reply-To: Aidan Cully's message of "Tue, 8 Aug 2000 23:59:27 -0400"
References: <20000808235927.A17880@ozymandias.kublai.com>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.0803 (Gnus v5.8.3) Emacs/20.5

Aidan Cully <aidan@kublai.com> writes:

> I'm not sure how to encode 'empty salt' into the Heimdal DB, so what I
> did was:

This looks ok, but we also need to convert the multitude of salttypes
present in the MIT code. Try this patch.

/Johan

--- mit_dump.c	2000/07/05 19:44:34	1.2
+++ mit_dump.c	2000/08/09 09:57:37	1.3
@@ -33,7 +33,7 @@
 
 #include "hprop.h"
 
-RCSID("$Id: mit_dump.c,v 1.2 2000/07/05 19:44:34 joda Exp $");
+RCSID("$Id: mit_dump.c,v 1.3 2000/08/09 09:57:37 joda Exp $");
 
 /*
 can have any number of princ stanzas.
@@ -143,6 +143,78 @@
     flags->client =	        1; /* XXX */
 }
 
+#define KRB5_KDB_SALTTYPE_NORMAL	0
+#define KRB5_KDB_SALTTYPE_V4		1
+#define KRB5_KDB_SALTTYPE_NOREALM	2
+#define KRB5_KDB_SALTTYPE_ONLYREALM	3
+#define KRB5_KDB_SALTTYPE_SPECIAL	4
+#define KRB5_KDB_SALTTYPE_AFS3		5
+
+static krb5_error_code
+fix_salt(krb5_context context, hdb_entry *ent, int key_num)
+{
+    krb5_error_code ret;
+    Salt *salt = ent->keys.val[key_num].salt;
+    /* fix salt type */
+    switch((int)salt->type) {
+    case KRB5_KDB_SALTTYPE_NORMAL:
+	salt->type = KRB5_PADATA_PW_SALT;
+	break;
+    case KRB5_KDB_SALTTYPE_V4:
+	krb5_data_free(&salt->salt);
+	salt->type = KRB5_PADATA_PW_SALT;
+	break;
+    case KRB5_KDB_SALTTYPE_NOREALM:
+    {
+	size_t len;
+	int i;
+	krb5_error_code ret;
+	char *p;
+	    
+	len = 0;
+	for (i = 0; i < ent->principal->name.name_string.len; ++i)
+	    len += strlen(ent->principal->name.name_string.val[i]);
+	ret = krb5_data_alloc (&salt->salt, len);
+	if (ret)
+	    return ret;
+	p = salt->salt.data;
+	for (i = 0; i < ent->principal->name.name_string.len; ++i) {
+	    memcpy (p,
+		    ent->principal->name.name_string.val[i],
+		    strlen(ent->principal->name.name_string.val[i]));
+	    p += strlen(ent->principal->name.name_string.val[i]);
+	}
+
+	salt->type = KRB5_PADATA_PW_SALT;
+	break;
+    }
+    case KRB5_KDB_SALTTYPE_ONLYREALM:
+	krb5_data_free(&salt->salt);
+	ret = krb5_data_copy(&salt->salt, 
+			     ent->principal->realm, 
+			     strlen(ent->principal->realm));
+	if(ret)
+	    return ret;
+	salt->type = KRB5_PADATA_PW_SALT;
+	break;
+    case KRB5_KDB_SALTTYPE_SPECIAL:
+	salt->type = KRB5_PADATA_PW_SALT;
+	break;
+    case KRB5_KDB_SALTTYPE_AFS3:
+	krb5_data_free(&salt->salt);
+	ret = krb5_data_copy(&salt->salt, 
+		       ent->principal->realm, 
+		       strlen(ent->principal->realm));
+	if(ret)
+	    return ret;
+	salt->type = KRB5_PADATA_AFS3_SALT;
+	break;
+    default:
+	abort();
+    }
+    return 0;
+}
+
 int
 mit_prop_dump(void *arg, const char *file)
 {
@@ -279,9 +351,16 @@
 		ALLOC(ent.keys.val[i].salt);
 		ent.keys.val[i].salt->type = getint(&p); /* salt type */
 		tmp = getint(&p); /* salt length */
+		if(tmp > 0) {
 		krb5_data_alloc(&ent.keys.val[i].salt->salt, tmp - 2);
 		q = nexttoken(&p); /* salt itself */
 		hex_to_octet_string(q + 4, &ent.keys.val[i].salt->salt);
+		} else {
+		    ent.keys.val[i].salt->salt.length = 0;
+		    ent.keys.val[i].salt->salt.data = NULL;
+		    tmp = getint(&p);	/* -1, if no data. */
+		}
+		fix_salt(pd->context, &ent, i);
 	    }
 	}
 	q = nexttoken(&p); /* extra data */

References:
- empty salt in MIT dump file
  - From: Aidan Cully <aidan@kublai.com>

Prev by Date: empty salt in MIT dump file
Next by Date: Re: more issues
Prev by thread: empty salt in MIT dump file
Next by thread: Heimdal + AFS + Win2k
Index(es):
- Date
- Thread