![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to register.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / old / athena / register|
Return to register.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / old / athena / register |
1.1 root 1: /*
2: * Copyright (c) 1989 The Regents of the University of California.
3: * All rights reserved.
4: *
5: * Redistribution and use in source and binary forms are permitted
6: * provided that the above copyright notice and this paragraph are
7: * duplicated in all such forms and that any documentation,
8: * advertising materials, and other materials related to such
9: * distribution and use acknowledge that the software was developed
10: * by the University of California, Berkeley. The name of the
11: * University may not be used to endorse or promote products derived
12: * from this software without specific prior written permission.
13: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
14: * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
15: * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
16: */
17:
18: #ifndef lint
19: static char sccsid[] = "@(#)register.c 1.5 (Berkeley) 5/17/89";
20: #endif /* not lint */
21:
22: #include <sys/types.h>
23: #include <sys/time.h>
24: #include <sys/resource.h>
25: #include <sys/socket.h>
26: #include <stdio.h>
27: #include <netdb.h>
28: #include <netinet/in.h>
29: #include <kerberos/krb.h>
30: #include <sys/param.h>
31: #include <sys/file.h>
32: #include <sys/signal.h>
33: #include "register_proto.h"
34:
35: #define SERVICE "krbupdate"
36: #define PROTO "tcp"
37: #define KFILE "/.update.key%s"
38: #define KPASSWD "/usr/athena/kpasswd"
39:
40: char realm[REALM_SZ];
41: char krbhst[MAX_HSTNM];
42:
43: static char pname[ANAME_SZ];
44: static char iname[INST_SZ];
45: static char password[255];
46:
47: extern char *sys_errlist;
48: int die();
49:
50: main(argc, argv)
51: int argc;
52: char **argv;
53: {
54: struct servent *se;
55: struct hostent *host;
56: struct sockaddr_in sin, local;
57: int rval;
58: int sock, llen;
59: u_char code;
60: static struct rlimit rl = { 0, 0 };
61:
62: signal(SIGPIPE, die);
63:
64: if (setrlimit(RLIMIT_CORE, &rl) < 0) {
65: perror("rlimit");
66: exit(1);
67: }
68:
69: if ((se = getservbyname(SERVICE, PROTO)) == NULL) {
70: fprintf(stderr, "couldn't find entry for service %s\n",
71: SERVICE);
72: exit(1);
73: }
74: if ((rval = krb_get_lrealm(realm,1)) != KSUCCESS) {
75: fprintf(stderr, "couldn't get local Kerberos realm: %s\n",
76: krb_err_txt[rval]);
77: exit(1);
78: }
79:
80: if ((rval = krb_get_krbhst(krbhst, realm, 1)) != KSUCCESS) {
81: fprintf(stderr, "couldn't get Kerberos host: %s\n",
82: krb_err_txt[rval]);
83: exit(1);
84: }
85:
86: if ((host = gethostbyname(krbhst)) == NULL) {
87: fprintf(stderr, "couldn't get host entry for host %s\n",
88: krbhst);
89: exit(1);
90: }
91:
92: sin.sin_family = host->h_addrtype;
93: bcopy(host->h_addr, (char *) &sin.sin_addr, host->h_length);
94: sin.sin_port = se->s_port;
95:
96: if ((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {
97: perror("socket");
98: exit(1);
99: }
100:
101: if (connect(sock, (struct sockaddr *) &sin, sizeof(sin)) < 0) {
102: perror("connect");
103: close(sock);
104: exit(1);
105: }
106:
107: llen = sizeof(local);
108: if (getsockname(sock, (struct sockaddr *) &local, &llen) < 0) {
109: perror("getsockname");
110: close(sock);
111: exit(1);
112: }
113:
114: setup_key(local);
115:
116: type_info();
117:
118: if (!get_user_info()) {
119: code = ABORT;
120: (void)des_write(sock, &code, 1);
121: cleanup();
122: exit(1);
123: }
124:
125: code = APPEND_DB;
126: if(des_write(sock, &code, 1) != 1) {
127: perror("write 1");
128: cleanup();
129: exit(1);
130: }
131:
132: if(des_write(sock, pname, ANAME_SZ) != ANAME_SZ) {
133: perror("write principal name");
134: cleanup();
135: exit(1);
136: }
137:
138: if(des_write(sock, iname, INST_SZ) != INST_SZ) {
139: perror("write instance name");
140: cleanup();
141: exit(1);
142: }
143:
144: if(des_write(sock, password, 255) != 255) {
145: perror("write password");
146: cleanup();
147: exit(1);
148: }
149:
150: /* get return message */
151:
152: {
153: int cc;
154: char msgbuf[BUFSIZ];
155:
156: cc = read(sock, msgbuf, BUFSIZ);
157: if (cc <= 0) {
158: fprintf(stderr, "protocol error during key verification\n");
159: cleanup();
160: exit(1);
161: }
162: if (strncmp(msgbuf, GOTKEY_MSG, 6) != 0) {
163: fprintf(stderr, "%s: %s", krbhst, msgbuf);
164: cleanup();
165: exit(1);
166: }
167:
168: cc = des_read(sock, msgbuf, BUFSIZ);
169: if(cc <= 0) {
170: fprintf(stderr, "protocol error during read\n");
171: cleanup();
172: exit(1);
173: } else {
174: printf("%s: %s", krbhst, msgbuf);
175: }
176: }
177:
178: cleanup();
179: close(sock);
180: }
181:
182: cleanup()
183: {
184: bzero(password, 255);
185: }
186:
187: #include <pwd.h>
188:
189: extern char *crypt();
190: extern char *getpass();
191:
192: int
193: get_user_info()
194: {
195: int uid = getuid();
196: int valid = 0, i;
197: struct passwd *pw;
198: char *pas, *namep;
199:
200: if((pw = getpwuid(uid)) == NULL) {
201: fprintf(stderr, "Who are you?\n");
202: return(0);
203: }
204: seteuid(uid);
205: strcpy(pname, pw->pw_name); /* principal name */
206: for(i = 1; i < 3; i++) {
207: pas = getpass("login password:");
208: namep = crypt(pas, pw->pw_passwd);
209: if(strcmp(namep, pw->pw_passwd)) {
210: fprintf(stderr, "Password incorrect\n");
211: continue;
212: } else {
213: valid = 1;
214: break;
215: }
216: }
217: if(!valid)
218: return(0);
219: pas = getpass("Kerberos password (may be the same):");
220: while(*pas == NULL) {
221: printf("<NULL> password not allowed\n");
222: pas = getpass("Kerberos password (may be the same):");
223: }
224: strcpy(password, pas); /* password */
225: pas = getpass("Retype Kerberos password:");
226: if(strcmp(password, pas)) {
227: fprintf(stderr, "Password mismatch -- aborted\n");
228: return(0);
229: }
230:
231: iname[0] = NULL; /* null instance name */
232: return(1);
233: }
234:
235: setup_key(local)
236: struct sockaddr_in local;
237: {
238: static struct keyfile_data kdata;
239: static Key_schedule schedule;
240: int fd;
241: char namebuf[MAXPATHLEN];
242: extern int errno;
243:
244: sprintf(namebuf, KFILE, inet_ntoa(local.sin_addr));
245: fd = open(namebuf, O_RDONLY);
246: if(fd < 0) {
247: fprintf(stderr, "couldn't open key file for local host %s\n",
248: inet_ntoa(local.sin_addr));
249: perror("open");
250: exit(1);
251: }
252:
253: if(read(fd, (char *)&kdata, sizeof(kdata)) != sizeof(kdata)) {
254: fprintf(stderr,"size error reading key file for local host %s\n",
255: inet_ntoa(local.sin_addr));
256: exit(1);
257: }
258: key_sched(kdata.kf_key, schedule);
259: des_set_key(kdata.kf_key, schedule);
260: }
261:
262: type_info()
263: {
264: printf("Kerberos user registration (realm %s)\n\n", realm);
265: printf("Please enter your login password followed by your new Kerberos password.\n");
266: printf("The Kerberos password you enter now will be used in the future\n");
267: printf("as your Kerberos password for all machines in the %s realm.\n", realm);
268: printf("You will only be allowed to perform this operation once, although you may run\n");
269: printf("the %s program from now on to change your Kerberos password.\n\n", KPASSWD);
270: }
271:
272: die()
273: {
274: fprintf(stderr, "\nServer no longer listeninga\n");
275: fflush(stderr);
276: cleanup();
277: exit(1);
278: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.