krb5_passwd.c revision 1.8.2.3
1 1.8.2.3 he /* $NetBSD: krb5_passwd.c,v 1.8.2.3 2002/02/26 22:09:23 he Exp $ */ 2 1.8.2.2 he 3 1.8.2.2 he /* 4 1.8.2.2 he * Copyright (c) 2000 The NetBSD Foundation, Inc. 5 1.8.2.2 he * All rights reserved. 6 1.8.2.2 he * 7 1.8.2.2 he * This code is derived from software contributed to 8 1.8.2.2 he * The NetBSD Foundation by Johan Danielsson. 9 1.8.2.2 he * 10 1.8.2.2 he * Redistribution and use in source and binary forms, with or without 11 1.8.2.2 he * modification, are permitted provided that the following conditions 12 1.8.2.2 he * are met: 13 1.8.2.2 he * 14 1.8.2.2 he * 1. Redistributions of source code must retain the above copyright 15 1.8.2.2 he * notice, this list of conditions and the following disclaimer. 16 1.8.2.2 he * 17 1.8.2.2 he * 2. Redistributions in binary form must reproduce the above copyright 18 1.8.2.2 he * notice, this list of conditions and the following disclaimer in the 19 1.8.2.2 he * documentation and/or other materials provided with the distribution. 20 1.8.2.2 he * 21 1.8.2.2 he * 3. Neither the name of The NetBSD Foundation nor the names of its 22 1.8.2.2 he * contributors may be used to endorse or promote products derived 23 1.8.2.2 he * from this software without specific prior written permission. 24 1.8.2.2 he * 25 1.8.2.2 he * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 26 1.8.2.2 he * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 27 1.8.2.2 he * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 28 1.8.2.2 he * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 29 1.8.2.2 he * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 30 1.8.2.2 he * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 31 1.8.2.2 he * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 32 1.8.2.2 he * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 33 1.8.2.2 he * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 34 1.8.2.2 he * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 35 1.8.2.2 he * POSSIBILITY OF SUCH DAMAGE. 36 1.8.2.2 he */ 37 1.8.2.2 he 38 1.8.2.2 he /* uses the `Kerberos Change Password Protocol' */ 39 1.8.2.2 he 40 1.8.2.2 he #include <stdio.h> 41 1.8.2.2 he #include <stdlib.h> 42 1.8.2.2 he #include <string.h> 43 1.8.2.2 he #include <err.h> 44 1.8.2.3 he #include <pwd.h> 45 1.8.2.2 he 46 1.8.2.2 he #include <openssl/des.h> 47 1.8.2.2 he #include <krb5.h> 48 1.8.2.2 he 49 1.8.2.2 he #include "extern.h" 50 1.8.2.2 he 51 1.8.2.2 he static krb5_context context; 52 1.8.2.2 he static krb5_principal defprinc; 53 1.8.2.2 he static int usage = PW_USE; 54 1.8.2.2 he 55 1.8.2.2 he int 56 1.8.2.2 he krb5_init(const char *progname) 57 1.8.2.2 he { 58 1.8.2.2 he return krb5_init_context(&context); 59 1.8.2.2 he } 60 1.8.2.2 he 61 1.8.2.2 he int 62 1.8.2.2 he krb5_arg (char ch, const char *optarg) 63 1.8.2.2 he { 64 1.8.2.2 he krb5_error_code ret; 65 1.8.2.2 he switch(ch) { 66 1.8.2.2 he case '5': 67 1.8.2.2 he case 'k': 68 1.8.2.2 he usage = PW_USE_FORCE; 69 1.8.2.2 he return 1; 70 1.8.2.2 he case 'u': 71 1.8.2.2 he ret = krb5_parse_name(context, optarg, &defprinc); 72 1.8.2.2 he if(ret) { 73 1.8.2.2 he krb5_warn(context, ret, "%s", optarg); 74 1.8.2.2 he return 0; 75 1.8.2.2 he } 76 1.8.2.2 he return 1; 77 1.8.2.2 he } 78 1.8.2.2 he return 0; 79 1.8.2.2 he } 80 1.8.2.2 he 81 1.8.2.2 he int 82 1.8.2.2 he krb5_arg_end(void) 83 1.8.2.2 he { 84 1.8.2.2 he return usage; 85 1.8.2.2 he } 86 1.8.2.2 he 87 1.8.2.2 he void 88 1.8.2.2 he krb5_end(void) 89 1.8.2.2 he { 90 1.8.2.2 he if (context == NULL) 91 1.8.2.2 he return; 92 1.8.2.2 he if(defprinc) 93 1.8.2.2 he krb5_free_principal(context, defprinc); 94 1.8.2.2 he krb5_free_context(context); 95 1.8.2.2 he } 96 1.8.2.2 he 97 1.8.2.2 he 98 1.8.2.2 he int 99 1.8.2.2 he krb5_chpw(const char *username) 100 1.8.2.2 he { 101 1.8.2.2 he krb5_error_code ret; 102 1.8.2.2 he krb5_context context; 103 1.8.2.2 he krb5_principal principal; 104 1.8.2.2 he krb5_get_init_creds_opt opt; 105 1.8.2.2 he krb5_creds cred; 106 1.8.2.2 he int result_code; 107 1.8.2.2 he krb5_data result_code_string, result_string; 108 1.8.2.2 he char pwbuf[BUFSIZ]; 109 1.8.2.2 he 110 1.8.2.2 he ret = krb5_init_context (&context); 111 1.8.2.2 he if (ret) { 112 1.8.2.2 he warnx("failed kerberos initialisation: %s", 113 1.8.2.2 he krb5_get_err_text(context, ret)); 114 1.8.2.2 he return 1; 115 1.8.2.2 he } 116 1.8.2.2 he 117 1.8.2.2 he krb5_get_init_creds_opt_init (&opt); 118 1.8.2.2 he 119 1.8.2.2 he krb5_get_init_creds_opt_set_tkt_life (&opt, 300); 120 1.8.2.2 he krb5_get_init_creds_opt_set_forwardable (&opt, FALSE); 121 1.8.2.2 he krb5_get_init_creds_opt_set_proxiable (&opt, FALSE); 122 1.8.2.2 he 123 1.8.2.2 he if(username != NULL) { 124 1.8.2.2 he ret = krb5_parse_name (context, username, &principal); 125 1.8.2.2 he if (ret) { 126 1.8.2.2 he warnx("failed to parse principal: %s", 127 1.8.2.2 he krb5_get_err_text(context, ret)); 128 1.8.2.2 he return 1; 129 1.8.2.2 he } 130 1.8.2.2 he } else 131 1.8.2.2 he principal = defprinc; 132 1.8.2.2 he 133 1.8.2.2 he ret = krb5_get_init_creds_password (context, 134 1.8.2.2 he &cred, 135 1.8.2.2 he principal, 136 1.8.2.2 he NULL, 137 1.8.2.2 he krb5_prompter_posix, 138 1.8.2.2 he NULL, 139 1.8.2.2 he 0, 140 1.8.2.2 he "kadmin/changepw", 141 1.8.2.2 he &opt); 142 1.8.2.2 he 143 1.8.2.2 he switch (ret) { 144 1.8.2.2 he case 0: 145 1.8.2.2 he break; 146 1.8.2.2 he case KRB5_LIBOS_PWDINTR : 147 1.8.2.2 he /* XXX */ 148 1.8.2.2 he return 1; 149 1.8.2.2 he case KRB5KRB_AP_ERR_BAD_INTEGRITY : 150 1.8.2.2 he case KRB5KRB_AP_ERR_MODIFIED : 151 1.8.2.2 he fprintf(stderr, "Password incorrect\n"); 152 1.8.2.2 he return 1; 153 1.8.2.2 he break; 154 1.8.2.2 he default: 155 1.8.2.2 he warnx("failed to get credentials: %s", 156 1.8.2.2 he krb5_get_err_text(context, ret)); 157 1.8.2.2 he return 1; 158 1.8.2.2 he } 159 1.8.2.2 he krb5_data_zero (&result_code_string); 160 1.8.2.2 he krb5_data_zero (&result_string); 161 1.8.2.2 he 162 1.8.2.2 he /* XXX use getpass? It has a broken interface. */ 163 1.8.2.2 he if(des_read_pw_string (pwbuf, sizeof(pwbuf), "New password: ", 1) != 0) 164 1.8.2.2 he return 1; 165 1.8.2.2 he 166 1.8.2.2 he ret = krb5_change_password (context, &cred, pwbuf, 167 1.8.2.2 he &result_code, 168 1.8.2.2 he &result_code_string, 169 1.8.2.2 he &result_string); 170 1.8.2.2 he if (ret) 171 1.8.2.2 he krb5_err (context, 1, ret, "krb5_change_password"); 172 1.8.2.2 he 173 1.8.2.2 he printf ("%.*s\n", (int)result_string.length, (char *)result_string.data); 174 1.8.2.2 he 175 1.8.2.2 he krb5_data_free (&result_code_string); 176 1.8.2.2 he krb5_data_free (&result_string); 177 1.8.2.2 he 178 1.8.2.2 he krb5_free_creds_contents (context, &cred); 179 1.8.2.2 he krb5_free_context (context); 180 1.8.2.2 he return result_code; 181 1.8.2.2 he } 182
Indexes created Mon Oct 20 05:10:11 GMT 2025