#!/bin/sh

. shell-error

[ -n "$(type -p kadmin.local)" ] || fatal "kadmin.local not found"

#---------------------------------------------------------------
getprinc()
{
    kadmin.local -q "getprinc $1"
}

hasprinc()
{
    getprinc $1 2>/dev/null |grep -q ^Principal
}

delprinc()
{
    kadmin.local -q "delprinc -force $1"
}

addprinc()
{
    kadmin.local -q "addprinc -randkey $1"
}

changepw()
{
    printf '%s\n%s' $2 $2 |kadmin.local -q "cpw $1"
}

ktadd()
{
    kadmin.local -q "ktadd -e des-cbc-crc:normal -k $1 $2"
}

genkey()
{
    local princ="$1"
    local keytab="$2"
    shift; shift
    
    if hasprinc $princ; then
	delprinc $princ
    fi
    addprinc $princ
    ktadd $keytab $princ
}

genkeytab()
{
    local keytab="$1"
    local hostname="$2"
    shift; shift

    case "$keytab" in
	*krb5.keytab)
	for p in nfs cifs host imap pop3 smtp; do
	    genkey $p/$hostname $keytab
	done
	;;
	*squid.keytab)
	for p in http HTTP; do
	    genkey $p/$hostname $keytab
	done
	;;
	*dovecot.keytab)
	for p in pop imap smtp; do
	    genkey $p/$hostname $keytab
	done
	;;
    esac
}
