[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: kadmin needs "auth from keytab"
On Thu, 7 Sep 2000, Derrick J Brashear wrote:
> basically, it would be nice if a switch could be added to offer a keytab
> to kadmin to authenticate from, and add a call to
> kadm5_c_init_with_skey_ctx
> in that case instead of kadm5_init_with_password_ctx in that case.
>
> a 30 second hack but the problem is the obvious option, -k, already
> designates a master key file to use for local mode.
won't apply cleanly because it's a diff from my otherwise-hacked source,
but can easily apply by hand. This is a really trivial patch anyhow.
*** kadmin.c.ORIG Fri Sep 8 02:00:41 2000
--- kadmin/kadmin.c Fri Sep 8 02:05:32 2000
***************
*** 38,43 ****
--- 38,44 ----
static char *config_file;
static char *keyfile;
+ static char *keytab_file;
static int local_flag;
static int help_flag;
static int version_flag;
***************
*** 69,74 ****
--- 70,79 ----
"server-port", 's', arg_integer, &server_port,
"port to use", "port number"
},
+ {
+ "keytab", 't', arg_string, &keytab_file,
+ "location of keytab file", "file"
+ },
{ "local", 'l', arg_flag, &local_flag, "local admin mode" },
{ "help", 'h', arg_flag, &help_flag },
{ "version", 'v', arg_flag, &version_flag }
***************
*** 261,272 ****
actual_cmds = commands;
_kadm5_afs_also = 0;
} else {
! ret = kadm5_c_init_with_password_ctx(context,
client_name,
! NULL,
KADM5_ADMIN_SERVICE,
&conf, 0, 0,
&kadm_handle);
actual_cmds = commands + 4; /* XXX */
}
--- 266,285 ----
actual_cmds = commands;
_kadm5_afs_also = 0;
} else {
! if (keytab_file != NULL)
! ret = kadm5_c_init_with_skey_ctx(context,
client_name,
! keytab_file,
KADM5_ADMIN_SERVICE,
&conf, 0, 0,
&kadm_handle);
+ else
+ ret = kadm5_c_init_with_password_ctx(context,
+ client_name,
+ NULL,
+ KADM5_ADMIN_SERVICE,
+ &conf, 0, 0,
+ &kadm_handle);
actual_cmds = commands + 4; /* XXX */
}