[OpenAFS-devel] fakeka, alternate master key enc

[Miles Davis]

On Wed, Sep 29, 2004 at 01:03:33PM -0700, Miles Davis wrote:
> 
> Did anybody ever come up with a patch for fakeka to support master keys 
> other than DES-CBC-CRC? I seem to remember somebody (Ken?) describing what 
> needed to be done about a year ago, but I haven't seen anybody actually do 
> it yet. If nobody has, maybe I'll try to fix it...
> 


I hate to reply to myself, but that was easier that I thought (which 
probably means I'm missing something). The change on line 730 seems to 
make sense to me -- it should be getting krbtgt.<realm>, not <cell>, 
right?


--- fakeka.orig	2004-09-29 13:08:32.000000000 -0700
+++ fakeka.c	2004-09-29 15:09:37.000000000 -0700
@@ -730,7 +730,7 @@
      */
 
     rv =  make_reply_packet(context, handle, reply, challenge + 1, start_time,
-   			    end_time, name, inst, "krbtgt", localcell,
+   			    end_time, name, inst, "krbtgt", localrealm,
 			    ckey, csched, "tgsT");
   error:
     memset(ckey, 0, sizeof(ckey));
@@ -1289,7 +1289,7 @@
     }
 
     if ((code = kadm5_decrypt_key(handle, &master_princ_rec,
-				  ENCTYPE_DES_CBC_CRC, -1, 0, &mkey, NULL,
+				  -1, -1, 0, &mkey, NULL,
 				  NULL))) {
 	com_err(argv[0], code, "while decrypting the master key");
 	exit(1);