![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to get_in_tkt.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / krb|
Return to get_in_tkt.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / krb |
1.1 ! root 1: /* ! 2: * ! 3: * $Source: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v $ ! 4: * $Author: kfall $ ! 5: * ! 6: * Copyright 1987, 1988 by the Massachusetts Institute of Technology. ! 7: * ! 8: * For copying and distribution information, please see the file ! 9: * <mit-copyright.h>. ! 10: */ ! 11: ! 12: #ifndef lint ! 13: static char rcsid_get_in_tkt_c[] = ! 14: "$Header: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v 4.13 90/06/23 03:10:32 kfall Exp $"; ! 15: #endif /* lint */ ! 16: ! 17: #include <mit-copyright.h> ! 18: #include <des.h> ! 19: #include <krb.h> ! 20: #include <prot.h> ! 21: ! 22: #ifndef NULL ! 23: #define NULL 0 ! 24: #endif ! 25: ! 26: /* ! 27: * This file contains two routines: passwd_to_key() converts ! 28: * a password into a DES key (prompting for the password if ! 29: * not supplied), and krb_get_pw_in_tkt() gets an initial ticket for ! 30: * a user. ! 31: */ ! 32: ! 33: /* ! 34: * passwd_to_key(): given a password, return a DES key. ! 35: * There are extra arguments here which (used to be?) ! 36: * used by srvtab_to_key(). ! 37: * ! 38: * If the "passwd" argument is not null, generate a DES ! 39: * key from it, using string_to_key(). ! 40: * ! 41: * If the "passwd" argument is null, call des_read_password() ! 42: * to prompt for a password and then convert it into a DES key. ! 43: * ! 44: * In either case, the resulting key is put in the "key" argument, ! 45: * and 0 is returned. ! 46: */ ! 47: ! 48: /*ARGSUSED */ ! 49: static int passwd_to_key(user,instance,realm,passwd,key) ! 50: char *user, *instance, *realm, *passwd; ! 51: C_Block key; ! 52: { ! 53: #ifdef NOENCRYPTION ! 54: if (!passwd) ! 55: placebo_read_password(key, "Password: ", 0); ! 56: #else /* Do encyryption */ ! 57: if (passwd) ! 58: string_to_key(passwd, key); ! 59: else { ! 60: des_read_password(key, "Kerberos Password: ", 0); ! 61: } ! 62: #endif /* NOENCRYPTION */ ! 63: return (0); ! 64: } ! 65: ! 66: /* ! 67: * krb_get_pw_in_tkt() takes the name of the server for which the initial ! 68: * ticket is to be obtained, the name of the principal the ticket is ! 69: * for, the desired lifetime of the ticket, and the user's password. ! 70: * It passes its arguments on to krb_get_in_tkt(), which contacts ! 71: * Kerberos to get the ticket, decrypts it using the password provided, ! 72: * and stores it away for future use. ! 73: * ! 74: * krb_get_pw_in_tkt() passes two additional arguments to krb_get_in_tkt(): ! 75: * the name of a routine (passwd_to_key()) to be used to get the ! 76: * password in case the "password" argument is null and NULL for the ! 77: * decryption procedure indicating that krb_get_in_tkt should use the ! 78: * default method of decrypting the response from the KDC. ! 79: * ! 80: * The result of the call to krb_get_in_tkt() is returned. ! 81: */ ! 82: ! 83: krb_get_pw_in_tkt(user,instance,realm,service,sinstance,life,password) ! 84: char *user, *instance, *realm, *service, *sinstance; ! 85: int life; ! 86: char *password; ! 87: { ! 88: return(krb_get_in_tkt(user,instance,realm,service,sinstance,life, ! 89: passwd_to_key, NULL, password)); ! 90: } ! 91: ! 92: #ifdef NOENCRYPTION ! 93: /* ! 94: * $Source: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v $ ! 95: * $Author: kfall $ ! 96: * ! 97: * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute ! 98: * of Technology. ! 99: * ! 100: * For copying and distribution information, please see the file ! 101: * <mit-copyright.h>. ! 102: * ! 103: * This routine prints the supplied string to standard ! 104: * output as a prompt, and reads a password string without ! 105: * echoing. ! 106: */ ! 107: ! 108: #ifndef lint ! 109: static char rcsid_read_password_c[] = ! 110: "$Header: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v 4.13 90/06/23 03:10:32 kfall Exp $"; ! 111: #endif lint ! 112: ! 113: #include <des.h> ! 114: #include "conf.h" ! 115: ! 116: #include <stdio.h> ! 117: #ifdef BSDUNIX ! 118: #include <strings.h> ! 119: #include <sys/ioctl.h> ! 120: #include <signal.h> ! 121: #include <setjmp.h> ! 122: #else ! 123: char *strcpy(); ! 124: int strcmp(); ! 125: #endif ! 126: ! 127: #ifdef BSDUNIX ! 128: static jmp_buf env; ! 129: #endif ! 130: ! 131: #ifdef BSDUNIX ! 132: static void sig_restore(); ! 133: static push_signals(), pop_signals(); ! 134: int placebo_read_pw_string(); ! 135: #endif ! 136: ! 137: /*** Routines ****************************************************** */ ! 138: int ! 139: placebo_read_password(k,prompt,verify) ! 140: des_cblock *k; ! 141: char *prompt; ! 142: int verify; ! 143: { ! 144: int ok; ! 145: char key_string[BUFSIZ]; ! 146: ! 147: #ifdef BSDUNIX ! 148: if (setjmp(env)) { ! 149: ok = -1; ! 150: goto lose; ! 151: } ! 152: #endif ! 153: ! 154: ok = placebo_read_pw_string(key_string, BUFSIZ, prompt, verify); ! 155: if (ok == 0) ! 156: bzero(k, sizeof(C_Block)); ! 157: ! 158: lose: ! 159: bzero(key_string, sizeof (key_string)); ! 160: return ok; ! 161: } ! 162: ! 163: /* ! 164: * This version just returns the string, doesn't map to key. ! 165: * ! 166: * Returns 0 on success, non-zero on failure. ! 167: */ ! 168: ! 169: int ! 170: placebo_read_pw_string(s,max,prompt,verify) ! 171: char *s; ! 172: int max; ! 173: char *prompt; ! 174: int verify; ! 175: { ! 176: int ok = 0; ! 177: char *ptr; ! 178: ! 179: #ifdef BSDUNIX ! 180: jmp_buf old_env; ! 181: struct sgttyb tty_state; ! 182: #endif ! 183: char key_string[BUFSIZ]; ! 184: ! 185: if (max > BUFSIZ) { ! 186: return -1; ! 187: } ! 188: ! 189: #ifdef BSDUNIX ! 190: bcopy(old_env, env, sizeof(env)); ! 191: if (setjmp(env)) ! 192: goto lose; ! 193: ! 194: /* save terminal state*/ ! 195: if (ioctl(0,TIOCGETP,&tty_state) == -1) ! 196: return -1; ! 197: ! 198: push_signals(); ! 199: /* Turn off echo */ ! 200: tty_state.sg_flags &= ~ECHO; ! 201: if (ioctl(0,TIOCSETP,&tty_state) == -1) ! 202: return -1; ! 203: #endif ! 204: while (!ok) { ! 205: printf(prompt); ! 206: fflush(stdout); ! 207: #ifdef CROSSMSDOS ! 208: h19line(s,sizeof(s),0); ! 209: if (!strlen(s)) ! 210: continue; ! 211: #else ! 212: if (!fgets(s, max, stdin)) { ! 213: clearerr(stdin); ! 214: continue; ! 215: } ! 216: if ((ptr = index(s, '\n'))) ! 217: *ptr = '\0'; ! 218: #endif ! 219: if (verify) { ! 220: printf("\nVerifying, please re-enter %s",prompt); ! 221: fflush(stdout); ! 222: #ifdef CROSSMSDOS ! 223: h19line(key_string,sizeof(key_string),0); ! 224: if (!strlen(key_string)) ! 225: continue; ! 226: #else ! 227: if (!fgets(key_string, sizeof(key_string), stdin)) { ! 228: clearerr(stdin); ! 229: continue; ! 230: } ! 231: if ((ptr = index(key_string, '\n'))) ! 232: *ptr = '\0'; ! 233: #endif ! 234: if (strcmp(s,key_string)) { ! 235: printf("\n\07\07Mismatch - try again\n"); ! 236: fflush(stdout); ! 237: continue; ! 238: } ! 239: } ! 240: ok = 1; ! 241: } ! 242: ! 243: #ifdef BSDUNIX ! 244: lose: ! 245: if (!ok) ! 246: bzero(s, max); ! 247: printf("\n"); ! 248: /* turn echo back on */ ! 249: tty_state.sg_flags |= ECHO; ! 250: if (ioctl(0,TIOCSETP,&tty_state)) ! 251: ok = 0; ! 252: pop_signals(); ! 253: bcopy(env, old_env, sizeof(env)); ! 254: #endif ! 255: if (verify) ! 256: bzero(key_string, sizeof (key_string)); ! 257: s[max-1] = 0; /* force termination */ ! 258: return !ok; /* return nonzero if not okay */ ! 259: } ! 260: ! 261: #ifdef BSDUNIX ! 262: /* ! 263: * this can be static since we should never have more than ! 264: * one set saved.... ! 265: */ ! 266: #ifdef POSIX ! 267: static void (*old_sigfunc[NSIG])(); ! 268: #else ! 269: static int (*old_sigfunc[NSIG])(); ! 270: #endif POSIX ! 271: ! 272: static push_signals() ! 273: { ! 274: register i; ! 275: for (i = 0; i < NSIG; i++) ! 276: old_sigfunc[i] = signal(i,sig_restore); ! 277: } ! 278: ! 279: static pop_signals() ! 280: { ! 281: register i; ! 282: for (i = 0; i < NSIG; i++) ! 283: signal(i,old_sigfunc[i]); ! 284: } ! 285: ! 286: static void sig_restore(sig,code,scp) ! 287: int sig,code; ! 288: struct sigcontext *scp; ! 289: { ! 290: longjmp(env,1); ! 291: } ! 292: #endif ! 293: #endif /* NOENCRYPTION */
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.