(kt_get): allow specification of encryption types

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9818 ec53bebd-3082-4978-b11e-865c3cabbd6b

diff --git a/admin/get.c b/admin/get.c
index d1e0ee82d1976b103c9bb5fe048dcb46faed869a..0e66c686063df7b3444d35667a3df8e9b42cc40b 100644 (file)
--- a/admin/get.c
+++ b/admin/get.c
@@ -48,11 +48,16 @@ kt_get(int argc, char **argv)
     int help_flag = 0;
     int optind = 0;
     int i, j;
+    struct getarg_strings etype_strs = {0, NULL};
+    krb5_enctype *etypes = NULL;
+    size_t netypes = 0;
     
     struct getargs args[] = {
        { "principal",  'p',    arg_string,   NULL, 
          "admin principal", "principal" 
        },
+       { "enctypes",   'e',    arg_strings,    NULL,
+         "encryption types to use", "enctypes" },
        { "realm",      'r',    arg_string,   NULL, 
          "realm to use", "realm" 
        },
@@ -66,10 +71,11 @@ kt_get(int argc, char **argv)
     };
 
     args[0].value = &principal;
-    args[1].value = &realm;
-    args[2].value = &admin_server;
-    args[3].value = &server_port;
-    args[4].value = &help_flag;
+    args[1].value = &etype_strs;
+    args[2].value = &realm;
+    args[3].value = &admin_server;
+    args[4].value = &server_port;
+    args[5].value = &help_flag;
 
     memset(&conf, 0, sizeof(conf));
 
@@ -80,6 +86,27 @@ kt_get(int argc, char **argv)
        return 0;
     }
     
+    if (etype_strs.num_strings) {
+       int i;
+
+       etypes = malloc (etype_strs.num_strings * sizeof(*etypes));
+       if (etypes == NULL) {
+           krb5_warnx(context, "malloc failed");
+           goto out;
+       }
+       netypes = etype_strs.num_strings;
+       for(i = 0; i < netypes; i++) {
+           ret = krb5_string_to_enctype(context, 
+                                        etype_strs.strings[i], 
+                                        &etypes[i]);
+           if(ret) {
+               krb5_warnx(context, "unrecognized enctype: %s",
+                          etype_strs.strings[i]);
+               goto out;
+           }
+       }
+    }
+
     if(realm) {
        krb5_set_default_realm(context, realm); /* XXX should be fixed
                                                   some other way */
@@ -166,17 +193,36 @@ kt_get(int argc, char **argv)
            continue;
        }
        for(j = 0; j < n_keys; j++) {
-           entry.principal = princ_ent;
-           entry.vno = princ.kvno;
-           entry.keyblock = keys[j];
-           entry.timestamp = time (NULL);
-           ret = krb5_kt_add_entry(context, keytab, &entry);
+           int do_add = TRUE;
+
+           if (netypes) {
+               int i;
+
+               do_add = FALSE;
+               for (i = 0; i < netypes; ++i)
+                   if (keys[j].keytype == etypes[i]) {
+                       do_add = TRUE;
+                       break;
+                   }
+           }
+           if (do_add) {
+               entry.principal = princ_ent;
+               entry.vno = princ.kvno;
+               entry.keyblock = keys[j];
+               entry.timestamp = time (NULL);
+               ret = krb5_kt_add_entry(context, keytab, &entry);
+               if (ret)
+                   krb5_warn(context, ret, "krb5_kt_add_entry");
+           }
            krb5_free_keyblock_contents(context, &keys[j]);
        }
        
        kadm5_free_principal_ent(kadm_handle, &princ);
        krb5_free_principal(context, princ_ent);
     }
+ out:
+    free_getarg_strings(&etype_strs);
+    free(etypes);
     kadm5_destroy(kadm_handle);
     return 0;
 }