![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to register.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / register|
Return to register.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / register |
1.1 root 1: /*
2: * Copyright (c) 1989 The Regents of the University of California.
3: * All rights reserved.
4: *
5: * Redistribution and use in source and binary forms are permitted
6: * provided that the above copyright notice and this paragraph are
7: * duplicated in all such forms and that any documentation,
8: * advertising materials, and other materials related to such
9: * distribution and use acknowledge that the software was developed
10: * by the University of California, Berkeley. The name of the
11: * University may not be used to endorse or promote products derived
12: * from this software without specific prior written permission.
13: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
14: * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
15: * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
16: */
17:
18: #ifndef lint
19: static char sccsid[] = "@(#)register.c 1.11 (Berkeley) 6/22/90";
20: #endif /* not lint */
21:
22: #include <sys/types.h>
23: #include <sys/param.h>
24: #include <sys/time.h>
25: #include <sys/resource.h>
26: #include <sys/socket.h>
27: #include <sys/file.h>
28: #include <sys/signal.h>
29: #include <netinet/in.h>
30: #include <pwd.h>
31: #include <stdio.h>
32: #include <netdb.h>
33: #include <kerberosIV/des.h>
34: #include <kerberosIV/krb.h>
35: #include "pathnames.h"
36: #include "register_proto.h"
37:
38: #define SERVICE "krbupdate" /* service to add to KDC's database */
39: #define PROTO "tcp"
40:
41: char realm[REALM_SZ];
42: char krbhst[MAX_HSTNM];
43:
44: static char pname[ANAME_SZ];
45: static char iname[INST_SZ];
46: static char password[_PASSWORD_LEN];
47:
48: /* extern char *sys_errlist; */
49: int die();
50: void setup_key(), type_info(), cleanup();
51:
52: main(argc, argv)
53: int argc;
54: char **argv;
55: {
56: struct servent *se;
57: struct hostent *host;
58: struct sockaddr_in sin, local;
59: int rval;
60: int sock, llen;
61: u_char code;
62: static struct rlimit rl = { 0, 0 };
63:
64: signal(SIGPIPE, die);
65:
66: if (setrlimit(RLIMIT_CORE, &rl) < 0) {
67: perror("rlimit");
68: exit(1);
69: }
70:
71: if ((se = getservbyname(SERVICE, PROTO)) == NULL) {
72: fprintf(stderr, "couldn't find entry for service %s\n",
73: SERVICE);
74: exit(1);
75: }
76: if ((rval = krb_get_lrealm(realm,1)) != KSUCCESS) {
77: fprintf(stderr, "couldn't get local Kerberos realm: %s\n",
78: krb_err_txt[rval]);
79: exit(1);
80: }
81:
82: if ((rval = krb_get_krbhst(krbhst, realm, 1)) != KSUCCESS) {
83: fprintf(stderr, "couldn't get Kerberos host: %s\n",
84: krb_err_txt[rval]);
85: exit(1);
86: }
87:
88: if ((host = gethostbyname(krbhst)) == NULL) {
89: fprintf(stderr, "couldn't get host entry for host %s\n",
90: krbhst);
91: exit(1);
92: }
93:
94: sin.sin_family = host->h_addrtype;
95: (void)bcopy(host->h_addr, (char *) &sin.sin_addr, host->h_length);
96: sin.sin_port = se->s_port;
97:
98: if ((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {
99: perror("socket");
100: exit(1);
101: }
102:
103: if (connect(sock, (struct sockaddr *) &sin, sizeof(sin)) < 0) {
104: perror("connect");
105: (void)close(sock);
106: exit(1);
107: }
108:
109: llen = sizeof(local);
110: if (getsockname(sock, (struct sockaddr *) &local, &llen) < 0) {
111: perror("getsockname");
112: (void)close(sock);
113: exit(1);
114: }
115:
116: setup_key(local);
117:
118: type_info();
119:
120: if (!get_user_info()) {
121: code = ABORT;
122: (void)des_write(sock, &code, 1);
123: cleanup();
124: exit(1);
125: }
126:
127: code = APPEND_DB;
128: if (des_write(sock, &code, 1) != 1) {
129: perror("write 1");
130: cleanup();
131: exit(1);
132: }
133:
134: if (des_write(sock, pname, ANAME_SZ) != ANAME_SZ) {
135: perror("write principal name");
136: cleanup();
137: exit(1);
138: }
139:
140: if (des_write(sock, iname, INST_SZ) != INST_SZ) {
141: perror("write instance name");
142: cleanup();
143: exit(1);
144: }
145:
146: if (des_write(sock, password, 255) != 255) {
147: perror("write password");
148: cleanup();
149: exit(1);
150: }
151:
152: /* get return message */
153:
154: {
155: int cc;
156: char msgbuf[BUFSIZ];
157:
158: cc = read(sock, msgbuf, BUFSIZ);
159: if (cc <= 0) {
160: fprintf(stderr, "protocol error during key verification\n");
161: cleanup();
162: exit(1);
163: }
164: if (strncmp(msgbuf, GOTKEY_MSG, 6) != 0) {
165: fprintf(stderr, "%s: %s", krbhst, msgbuf);
166: cleanup();
167: exit(1);
168: }
169:
170: cc = des_read(sock, msgbuf, BUFSIZ);
171: if (cc <= 0) {
172: fprintf(stderr, "protocol error during read\n");
173: cleanup();
174: exit(1);
175: } else {
176: printf("%s: %s", krbhst, msgbuf);
177: }
178: }
179:
180: cleanup();
181: (void)close(sock);
182: }
183:
184: void
185: cleanup()
186: {
187: bzero(password, 255);
188: }
189:
190: extern char *crypt();
191: extern char *getpass();
192:
193: int
194: get_user_info()
195: {
196: int uid = getuid();
197: int valid = 0, i;
198: struct passwd *pw;
199: char *pas, *namep;
200:
201: /* NB: we must run setuid-root to get at the real pw file */
202:
203: if ((pw = getpwuid(uid)) == NULL) {
204: fprintf(stderr, "Who are you?\n");
205: return(0);
206: }
207: (void)seteuid(uid);
208: (void)strcpy(pname, pw->pw_name); /* principal name */
209:
210: for (i = 1; i < 3; i++) {
211: pas = getpass("login password:");
212: namep = crypt(pas, pw->pw_passwd);
213: if (strcmp(namep, pw->pw_passwd)) {
214: fprintf(stderr, "Password incorrect\n");
215: continue;
216: } else {
217: valid = 1;
218: break;
219: }
220: }
221: if (!valid)
222: return(0);
223: pas = getpass("Kerberos password (may be the same):");
224: while (*pas == NULL) {
225: printf("<NULL> password not allowed\n");
226: pas = getpass("Kerberos password (may be the same):");
227: }
228: (void)strcpy(password, pas); /* password */
229: pas = getpass("Retype Kerberos password:");
230: if (strcmp(password, pas)) {
231: fprintf(stderr, "Password mismatch -- aborted\n");
232: return(0);
233: }
234:
235: iname[0] = NULL; /* null instance name */
236: return(1);
237: }
238:
239: void
240: setup_key(local)
241: struct sockaddr_in local;
242: {
243: static struct keyfile_data kdata;
244: static Key_schedule schedule;
245: int fd;
246: char namebuf[MAXPATHLEN];
247: extern int errno;
248:
249: (void) sprintf(namebuf, "%s%s",
250: CLIENT_KEYFILE,
251: inet_ntoa(local.sin_addr));
252:
253: fd = open(namebuf, O_RDONLY);
254: if (fd < 0) {
255: fprintf(stderr, "couldn't open key file %s for local host: ",
256: namebuf);
257: perror("");
258: exit(1);
259: }
260:
261: if (read(fd, (char *)&kdata, sizeof(kdata)) != sizeof(kdata)) {
262: fprintf(stderr,"size error reading key file for local host %s\n",
263: inet_ntoa(local.sin_addr));
264: exit(1);
265: }
266: key_sched(kdata.kf_key, schedule);
267: des_set_key(kdata.kf_key, schedule);
268: return;
269: }
270:
271: void
272: type_info()
273: {
274: printf("Kerberos user registration (realm %s)\n\n", realm);
275: printf("Please enter your login password followed by your new Kerberos password.\n");
276: printf("The Kerberos password you enter now will be used in the future\n");
277: printf("as your Kerberos password for all machines in the %s realm.\n", realm);
278: printf("You will only be allowed to perform this operation once, although you may run\n");
279: printf("the %s program from now on to change your Kerberos password.\n\n", _PATH_KPASSWD);
280: }
281:
282: int
283: die()
284: {
285: fprintf(stderr, "\nServer no longer listening\n");
286: fflush(stderr);
287: cleanup();
288: exit(1);
289: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.