![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to get_in_tkt.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / krb|
Return to get_in_tkt.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / krb |
1.1 root 1: /*
2: *
3: * $Source: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v $
4: * $Author: kfall $
5: *
6: * Copyright 1987, 1988 by the Massachusetts Institute of Technology.
7: *
8: * For copying and distribution information, please see the file
9: * <mit-copyright.h>.
10: */
11:
12: #ifndef lint
13: static char rcsid_get_in_tkt_c[] =
14: "$Header: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v 4.13 90/06/23 03:10:32 kfall Exp $";
15: #endif /* lint */
16:
17: #include <mit-copyright.h>
18: #include <des.h>
19: #include <krb.h>
20: #include <prot.h>
21:
22: #ifndef NULL
23: #define NULL 0
24: #endif
25:
26: /*
27: * This file contains two routines: passwd_to_key() converts
28: * a password into a DES key (prompting for the password if
29: * not supplied), and krb_get_pw_in_tkt() gets an initial ticket for
30: * a user.
31: */
32:
33: /*
34: * passwd_to_key(): given a password, return a DES key.
35: * There are extra arguments here which (used to be?)
36: * used by srvtab_to_key().
37: *
38: * If the "passwd" argument is not null, generate a DES
39: * key from it, using string_to_key().
40: *
41: * If the "passwd" argument is null, call des_read_password()
42: * to prompt for a password and then convert it into a DES key.
43: *
44: * In either case, the resulting key is put in the "key" argument,
45: * and 0 is returned.
46: */
47:
48: /*ARGSUSED */
49: static int passwd_to_key(user,instance,realm,passwd,key)
50: char *user, *instance, *realm, *passwd;
51: C_Block key;
52: {
53: #ifdef NOENCRYPTION
54: if (!passwd)
55: placebo_read_password(key, "Password: ", 0);
56: #else /* Do encyryption */
57: if (passwd)
58: string_to_key(passwd, key);
59: else {
60: des_read_password(key, "Kerberos Password: ", 0);
61: }
62: #endif /* NOENCRYPTION */
63: return (0);
64: }
65:
66: /*
67: * krb_get_pw_in_tkt() takes the name of the server for which the initial
68: * ticket is to be obtained, the name of the principal the ticket is
69: * for, the desired lifetime of the ticket, and the user's password.
70: * It passes its arguments on to krb_get_in_tkt(), which contacts
71: * Kerberos to get the ticket, decrypts it using the password provided,
72: * and stores it away for future use.
73: *
74: * krb_get_pw_in_tkt() passes two additional arguments to krb_get_in_tkt():
75: * the name of a routine (passwd_to_key()) to be used to get the
76: * password in case the "password" argument is null and NULL for the
77: * decryption procedure indicating that krb_get_in_tkt should use the
78: * default method of decrypting the response from the KDC.
79: *
80: * The result of the call to krb_get_in_tkt() is returned.
81: */
82:
83: krb_get_pw_in_tkt(user,instance,realm,service,sinstance,life,password)
84: char *user, *instance, *realm, *service, *sinstance;
85: int life;
86: char *password;
87: {
88: return(krb_get_in_tkt(user,instance,realm,service,sinstance,life,
89: passwd_to_key, NULL, password));
90: }
91:
92: #ifdef NOENCRYPTION
93: /*
94: * $Source: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v $
95: * $Author: kfall $
96: *
97: * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
98: * of Technology.
99: *
100: * For copying and distribution information, please see the file
101: * <mit-copyright.h>.
102: *
103: * This routine prints the supplied string to standard
104: * output as a prompt, and reads a password string without
105: * echoing.
106: */
107:
108: #ifndef lint
109: static char rcsid_read_password_c[] =
110: "$Header: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v 4.13 90/06/23 03:10:32 kfall Exp $";
111: #endif lint
112:
113: #include <des.h>
114: #include "conf.h"
115:
116: #include <stdio.h>
117: #ifdef BSDUNIX
118: #include <strings.h>
119: #include <sys/ioctl.h>
120: #include <signal.h>
121: #include <setjmp.h>
122: #else
123: char *strcpy();
124: int strcmp();
125: #endif
126:
127: #ifdef BSDUNIX
128: static jmp_buf env;
129: #endif
130:
131: #ifdef BSDUNIX
132: static void sig_restore();
133: static push_signals(), pop_signals();
134: int placebo_read_pw_string();
135: #endif
136:
137: /*** Routines ****************************************************** */
138: int
139: placebo_read_password(k,prompt,verify)
140: des_cblock *k;
141: char *prompt;
142: int verify;
143: {
144: int ok;
145: char key_string[BUFSIZ];
146:
147: #ifdef BSDUNIX
148: if (setjmp(env)) {
149: ok = -1;
150: goto lose;
151: }
152: #endif
153:
154: ok = placebo_read_pw_string(key_string, BUFSIZ, prompt, verify);
155: if (ok == 0)
156: bzero(k, sizeof(C_Block));
157:
158: lose:
159: bzero(key_string, sizeof (key_string));
160: return ok;
161: }
162:
163: /*
164: * This version just returns the string, doesn't map to key.
165: *
166: * Returns 0 on success, non-zero on failure.
167: */
168:
169: int
170: placebo_read_pw_string(s,max,prompt,verify)
171: char *s;
172: int max;
173: char *prompt;
174: int verify;
175: {
176: int ok = 0;
177: char *ptr;
178:
179: #ifdef BSDUNIX
180: jmp_buf old_env;
181: struct sgttyb tty_state;
182: #endif
183: char key_string[BUFSIZ];
184:
185: if (max > BUFSIZ) {
186: return -1;
187: }
188:
189: #ifdef BSDUNIX
190: bcopy(old_env, env, sizeof(env));
191: if (setjmp(env))
192: goto lose;
193:
194: /* save terminal state*/
195: if (ioctl(0,TIOCGETP,&tty_state) == -1)
196: return -1;
197:
198: push_signals();
199: /* Turn off echo */
200: tty_state.sg_flags &= ~ECHO;
201: if (ioctl(0,TIOCSETP,&tty_state) == -1)
202: return -1;
203: #endif
204: while (!ok) {
205: printf(prompt);
206: fflush(stdout);
207: #ifdef CROSSMSDOS
208: h19line(s,sizeof(s),0);
209: if (!strlen(s))
210: continue;
211: #else
212: if (!fgets(s, max, stdin)) {
213: clearerr(stdin);
214: continue;
215: }
216: if ((ptr = index(s, '\n')))
217: *ptr = '\0';
218: #endif
219: if (verify) {
220: printf("\nVerifying, please re-enter %s",prompt);
221: fflush(stdout);
222: #ifdef CROSSMSDOS
223: h19line(key_string,sizeof(key_string),0);
224: if (!strlen(key_string))
225: continue;
226: #else
227: if (!fgets(key_string, sizeof(key_string), stdin)) {
228: clearerr(stdin);
229: continue;
230: }
231: if ((ptr = index(key_string, '\n')))
232: *ptr = '\0';
233: #endif
234: if (strcmp(s,key_string)) {
235: printf("\n\07\07Mismatch - try again\n");
236: fflush(stdout);
237: continue;
238: }
239: }
240: ok = 1;
241: }
242:
243: #ifdef BSDUNIX
244: lose:
245: if (!ok)
246: bzero(s, max);
247: printf("\n");
248: /* turn echo back on */
249: tty_state.sg_flags |= ECHO;
250: if (ioctl(0,TIOCSETP,&tty_state))
251: ok = 0;
252: pop_signals();
253: bcopy(env, old_env, sizeof(env));
254: #endif
255: if (verify)
256: bzero(key_string, sizeof (key_string));
257: s[max-1] = 0; /* force termination */
258: return !ok; /* return nonzero if not okay */
259: }
260:
261: #ifdef BSDUNIX
262: /*
263: * this can be static since we should never have more than
264: * one set saved....
265: */
266: #ifdef POSIX
267: static void (*old_sigfunc[NSIG])();
268: #else
269: static int (*old_sigfunc[NSIG])();
270: #endif POSIX
271:
272: static push_signals()
273: {
274: register i;
275: for (i = 0; i < NSIG; i++)
276: old_sigfunc[i] = signal(i,sig_restore);
277: }
278:
279: static pop_signals()
280: {
281: register i;
282: for (i = 0; i < NSIG; i++)
283: signal(i,old_sigfunc[i]);
284: }
285:
286: static void sig_restore(sig,code,scp)
287: int sig,code;
288: struct sigcontext *scp;
289: {
290: longjmp(env,1);
291: }
292: #endif
293: #endif /* NOENCRYPTION */
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.