#include <sys/resource.h>
#include <kerberos/krb.h>
#include "register_proto.h"
#define SERVICE "krbupdate"
#define KFILE "/.update.key%s"
#define KPASSWD "/usr/local/kpasswd"
static char pname
[ANAME_SZ
];
static char iname
[INST_SZ
];
static char password
[255];
extern char *sys_errlist
;
struct sockaddr_in sin
, local
;
static struct rlimit rl
= { 0, 0 };
fprintf(stderr
, "must run set-uid root to access keyfile\n");
if(setrlimit(RLIMIT_CORE
, &rl
) < 0) {
if((se
= getservbyname(SERVICE
, PROTO
)) == NULL
) {
fprintf(stderr
, "couldn't find entry for service %s\n",
if((rval
= get_krbrlm(realm
,1)) != KSUCCESS
) {
fprintf(stderr
, "couldn't get local Kerberos realm: %s\n",
if((rval
= get_krbhst(krbhst
, realm
, 1)) != KSUCCESS
) {
fprintf(stderr
, "couldn't get Kerberos host: %s\n",
if((host
= gethostbyname(krbhst
)) == NULL
) {
fprintf(stderr
, "couldn't get host entry for host %s\n",
sin
.sin_family
= host
->h_addrtype
;
bcopy(host
->h_addr
, (char *) &sin
.sin_addr
, host
->h_length
);
sin
.sin_port
= se
->s_port
;
if((sock
= socket(AF_INET
, SOCK_STREAM
, IPPROTO_TCP
)) < 0) {
if(connect(sock
, (struct sockaddr
*) &sin
, sizeof(sin
)) < 0) {
if(getsockname(sock
, (struct sockaddr
*) &local
, &llen
) < 0) {
if(des_write(sock
, &code
, 1) != 1) {
if(des_write(sock
, pname
, ANAME_SZ
) != ANAME_SZ
) {
perror("write principal name");
if(des_write(sock
, iname
, INST_SZ
) != INST_SZ
) {
perror("write instance name");
if(des_write(sock
, password
, 255) != 255) {
perror("write password");
cc
= des_read(sock
, msgbuf
, BUFSIZ
);
fprintf(stderr
, "protocol error during read\n");
printf("%s: %s", krbhst
, msgbuf
);
if((pw
= getpwuid(uid
)) == NULL
) {
fprintf(stderr
, "Who are you?\n");
strcpy(pname
, pw
->pw_name
); /* principal name */
pas
= getpass("login password:");
namep
= crypt(pas
, pw
->pw_passwd
);
if(strcmp(namep
, pw
->pw_passwd
)) {
fprintf(stderr
, "Password incorrect\n");
pas
= getpass("Kerberos password (may be the same):");
strcpy(password
, pas
); /* password */
pas
= getpass("Retype Kerberos password:");
if(strcmp(password
, pas
)) {
fprintf(stderr
, "Password mismatch -- aborted\n");
iname
[0] = NULL
; /* null instance name */
struct sockaddr_in local
;
static struct keyfile_data kdata
;
static Key_schedule schedule
;
char namebuf
[MAXPATHLEN
];
sprintf(namebuf
, KFILE
, inet_ntoa(local
.sin_addr
));
fd
= open(namebuf
, O_RDONLY
);
fprintf(stderr
, "couldn't open key file for local host %s\n",
inet_ntoa(local
.sin_addr
));
if(read(fd
, (char *)&kdata
, sizeof(kdata
)) != sizeof(kdata
)) {
fprintf(stderr
,"size error reading key file for local host %s\n",
inet_ntoa(local
.sin_addr
));
key_sched(kdata
.kf_key
, schedule
);
des_set_key(kdata
.kf_key
, schedule
);
printf("Kerberos user registration (realm %s)\n\n", realm
);
printf("Please enter your login password followed by your new Kerberos password.\n");
printf("The Kerberos password you enter now will be used in the future\n");
printf("as your login password for all machines in the %s realm.\n", realm
);
printf("You will only be allowed to perform this operation once, although you may run\n");
printf("the %s program from now on to change your Kerberos password.\n\n", KPASSWD
);
fprintf(stderr
, "\nServer no longer listeninga\n");