Commit | Line | Data |
---|---|---|
3cf9afd3 C |
1 | /* |
2 | * $Source: /usr/src/kerberosIV/krb/RCS/get_pw_tkt.c,v $ | |
3 | * $Author: kfall $ | |
4 | * | |
5 | * Copyright 1986, 1987, 1988 by the Massachusetts Institute | |
6 | * of Technology. | |
7 | * | |
8 | * For copying and distribution information, please see the file | |
9 | * <mit-copyright.h>. | |
10 | */ | |
11 | ||
12 | #ifndef lint | |
13 | static char *rcsid_get_pw_tkt_c = | |
14 | "$Header: /usr/src/kerberosIV/krb/RCS/get_pw_tkt.c,v 4.7 90/06/25 20:56:02 kfall Exp $"; | |
15 | #endif /* lint */ | |
16 | ||
17 | ||
18 | #include <mit-copyright.h> | |
19 | #include <des.h> | |
20 | #include <krb.h> | |
21 | ||
22 | /* | |
23 | * Get a ticket for the password-changing server ("changepw.KRB_MASTER"). | |
24 | * | |
25 | * Given the name, instance, realm, and current password of the | |
26 | * principal for which the user wants a password-changing-ticket, | |
27 | * return either: | |
28 | * | |
29 | * GT_PW_BADPW if current password was wrong, | |
30 | * GT_PW_NULL if principal had a NULL password, | |
31 | * or the result of the krb_get_pw_in_tkt() call. | |
32 | * | |
33 | * First, try to get a ticket for "user.instance@realm" to use the | |
34 | * "changepw.KRB_MASTER" server (KRB_MASTER is defined in "krb.h"). | |
35 | * The requested lifetime for the ticket is "1", and the current | |
36 | * password is the "cpw" argument given. | |
37 | * | |
38 | * If the password was bad, give up. | |
39 | * | |
40 | * If the principal had a NULL password in the Kerberos database | |
41 | * (indicating that the principal is known to Kerberos, but hasn't | |
42 | * got a password yet), try instead to get a ticket for the principal | |
43 | * "default.changepw@realm" to use the "changepw.KRB_MASTER" server. | |
44 | * Use the password "changepwkrb" instead of "cpw". Return GT_PW_NULL | |
45 | * if all goes well, otherwise the error. | |
46 | * | |
47 | * If this routine succeeds, a ticket and session key for either the | |
48 | * principal "user.instance@realm" or "default.changepw@realm" to use | |
49 | * the password-changing server will be in the user's ticket file. | |
50 | */ | |
51 | ||
52 | get_pw_tkt(user,instance,realm,cpw) | |
53 | char *user; | |
54 | char *instance; | |
55 | char *realm; | |
56 | char *cpw; | |
57 | { | |
58 | int kerror; | |
59 | ||
60 | kerror = krb_get_pw_in_tkt(user, instance, realm, "changepw", | |
61 | KRB_MASTER, 1, cpw); | |
62 | ||
63 | if (kerror == INTK_BADPW) | |
64 | return(GT_PW_BADPW); | |
65 | ||
66 | if (kerror == KDC_NULL_KEY) { | |
67 | kerror = krb_get_pw_in_tkt("default","changepw",realm,"changepw", | |
68 | KRB_MASTER,1,"changepwkrb"); | |
69 | if (kerror) | |
70 | return(kerror); | |
71 | return(GT_PW_NULL); | |
72 | } | |
73 | ||
74 | return(kerror); | |
75 | } |