skeyinit.c revision 1.2
1 /* S/KEY v1.1b (skeyinit.c) 2 * 3 * Authors: 4 * Neil M. Haller <nmh (at) thumper.bellcore.com> 5 * Philip R. Karn <karn (at) chicago.qualcomm.com> 6 * John S. Walden <jsw (at) thumper.bellcore.com> 7 * Scott Chasin <chasin (at) crimelab.com> 8 * 9 * S/KEY initialization and seed update 10 * 11 * $Id: skeyinit.c,v 1.2 1994/05/29 22:38:39 deraadt Exp $ 12 */ 13 14 #include <stdio.h> 15 #include <string.h> 16 #include <pwd.h> 17 #include <unistd.h> 18 #include <time.h> 19 #include <sys/time.h> 20 #include <sys/resource.h> 21 #include "skey.h" 22 23 #define NAMELEN 2 24 25 int skeylookup __ARGS((struct skey * mp, char *name)); 26 27 main(argc, argv) 28 int argc; 29 char *argv[]; 30 { 31 int rval, n, nn, i, defaultsetup, l; 32 time_t now; 33 char hostname[MAXHOSTNAMELEN]; 34 char seed[18], tmp[80], key[8], defaultseed[17]; 35 char passwd[256], passwd2[256], tbuf[27], buf[60]; 36 char lastc, me[80], user[8], *salt, *p, *pw; 37 struct skey skey; 38 struct passwd *pp; 39 struct tm *tm; 40 extern int optind; 41 extern char *optarg; 42 43 time(&now); 44 tm = localtime(&now); 45 strftime(tbuf, sizeof(tbuf), "%M%j", tm); 46 47 if (gethostname(hostname, sizeof(hostname)) < 0) 48 err(1, "gethostname"); 49 for (i = 0; i < sizeof(defaultseed); i++) 50 defaultseed[i] = tbuf[i] ^ hostname[i]; 51 52 if ((pp = getpwuid(getuid())) == NULL) 53 err(1, "no user with uid %d", getuid()); 54 strcpy(me, pp->pw_name); 55 56 if ((pp = getpwnam(me)) == NULL) 57 err(1, "Who are you?"); 58 59 defaultsetup = 1; 60 if (argc > 1) { 61 if (strcmp("-s", argv[1]) == 0) 62 defaultsetup = 0; 63 else 64 pp = getpwnam(argv[1]); 65 66 if (argc > 2) 67 pp = getpwnam(argv[2]); 68 } 69 if (pp == NULL) { 70 err(1, "User unknown"); 71 } 72 if (strcmp(pp->pw_name, me) != 0) { 73 if (getuid() != 0) { 74 /* Only root can change other's passwds */ 75 printf("Permission denied.\n"); 76 exit(1); 77 } 78 } 79 salt = pp->pw_passwd; 80 81 setpriority(PRIO_PROCESS, 0, -4); 82 83 if (getuid() != 0) { 84 setpriority(PRIO_PROCESS, 0, -4); 85 86 pw = getpass("Password:"); 87 p = crypt(pw, salt); 88 89 setpriority(PRIO_PROCESS, 0, 0); 90 91 if (pp && strcmp(p, pp->pw_passwd)) { 92 printf("Password incorrect.\n"); 93 exit(1); 94 } 95 } 96 rval = skeylookup(&skey, pp->pw_name); 97 switch (rval) { 98 case -1: 99 err(1, "cannot open database"); 100 case 0: 101 printf("[Updating %s]\n", pp->pw_name); 102 printf("Old key: %s\n", skey.seed); 103 104 /* 105 * lets be nice if they have a skey.seed that 106 * ends in 0-8 just add one 107 */ 108 l = strlen(skey.seed); 109 if (l > 0) { 110 lastc = skey.seed[l - 1]; 111 if (isdigit(lastc) && lastc != '9') { 112 strcpy(defaultseed, skey.seed); 113 defaultseed[l - 1] = lastc + 1; 114 } 115 if (isdigit(lastc) && lastc == '9' && l < 16) { 116 strcpy(defaultseed, skey.seed); 117 defaultseed[l - 1] = '0'; 118 defaultseed[l] = '0'; 119 defaultseed[l + 1] = '\0'; 120 } 121 } 122 break; 123 case 1: 124 printf("[Adding %s]\n", pp->pw_name); 125 break; 126 } 127 n = 99; 128 129 if (!defaultsetup) { 130 printf("You need the 6 english words generated from the \"key\" command.\n"); 131 for (i = 0;; i++) { 132 if (i >= 2) 133 exit(1); 134 printf("Enter sequence count from 1 to 10000: "); 135 fgets(tmp, sizeof(tmp), stdin); 136 n = atoi(tmp); 137 if (n > 0 && n < 10000) 138 break; /* Valid range */ 139 printf("\n Error: Count must be > 0 and < 10000\n"); 140 } 141 } 142 if (!defaultsetup) { 143 printf("Enter new key [default %s]: ", defaultseed); 144 fflush(stdout); 145 fgets(seed, sizeof(seed), stdin); 146 rip(seed); 147 if (strlen(seed) > 16) { 148 printf("Notice: Seed truncated to 16 characters.\n"); 149 seed[16] = '\0'; 150 } 151 if (seed[0] == '\0') 152 strcpy(seed, defaultseed); 153 154 for (i = 0;; i++) { 155 if (i >= 2) 156 exit(1); 157 158 printf("s/key %d %s\ns/key access password: ", n, seed); 159 fgets(tmp, sizeof(tmp), stdin); 160 rip(tmp); 161 backspace(tmp); 162 163 if (tmp[0] == '?') { 164 printf("Enter 6 English words from secure S/Key calculation.\n"); 165 continue; 166 } 167 if (tmp[0] == '\0') { 168 exit(1); 169 } 170 if (etob(key, tmp) == 1 || atob8(key, tmp) == 0) 171 break; /* Valid format */ 172 printf("Invalid format - try again with 6 English words.\n"); 173 } 174 } else { 175 /* Get user's secret password */ 176 for (i = 0;; i++) { 177 if (i >= 2) 178 exit(1); 179 180 printf("Enter secret password: "); 181 readpass(passwd, sizeof(passwd)); 182 if (passwd[0] == '\0') 183 exit(1); 184 185 printf("Again secret password: "); 186 readpass(passwd2, sizeof(passwd)); 187 if (passwd2[0] == '\0') 188 exit(1); 189 190 if (strlen(passwd) < 4 && strlen(passwd2) < 4) 191 err(1, "Your password must be longer"); 192 if (strcmp(passwd, passwd2) == 0) 193 break; 194 195 printf("Passwords do not match.\n"); 196 } 197 strcpy(seed, defaultseed); 198 199 /* Crunch seed and password into starting key */ 200 if (keycrunch(key, seed, passwd) != 0) 201 err(2, "key crunch failed"); 202 nn = n; 203 while (nn-- != 0) 204 f(key); 205 } 206 time(&now); 207 tm = localtime(&now); 208 strftime(tbuf, sizeof(tbuf), " %b %d,%Y %T", tm); 209 210 skey.val = (char *)malloc(16 + 1); 211 212 btoa8(skey.val, key); 213 214 fprintf(skey.keyfile, "%s %04d %-16s %s %-21s\n", pp->pw_name, n, 215 seed, skey.val, tbuf); 216 fclose(skey.keyfile); 217 printf("ID %s s/key is %d %s\n", pp->pw_name, n, seed); 218 printf("Next login password: %s\n", btoe(buf, key)); 219 #ifdef HEXIN 220 printf("%s\n", put8(buf, key)); 221 #endif 222 223 exit(1); 224 } 225
Indexes created Wed Sep 24 05:09:52 GMT 2025