* Copyright (c) 1989 The Regents of the University of California.
* Redistribution and use in source and binary forms are permitted
* provided that the above copyright notice and this paragraph are
* duplicated in all such forms and that any documentation,
* advertising materials, and other materials related to such
* distribution and use acknowledge that the software was developed
* by the University of California, Berkeley. The name of the
* University may not be used to endorse or promote products derived
* from this software without specific prior written permission.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
static char sccsid
[] = "@(#)register.c 1.6 (Berkeley) %G%";
#include <sys/resource.h>
#include "register_proto.h"
#define SERVICE "krbupdate"
static char pname
[ANAME_SZ
];
static char iname
[INST_SZ
];
static char password
[255];
extern char *sys_errlist
;
struct sockaddr_in sin
, local
;
static struct rlimit rl
= { 0, 0 };
if (setrlimit(RLIMIT_CORE
, &rl
) < 0) {
if ((se
= getservbyname(SERVICE
, PROTO
)) == NULL
) {
fprintf(stderr
, "couldn't find entry for service %s\n",
if ((rval
= krb_get_lrealm(realm
,1)) != KSUCCESS
) {
fprintf(stderr
, "couldn't get local Kerberos realm: %s\n",
if ((rval
= krb_get_krbhst(krbhst
, realm
, 1)) != KSUCCESS
) {
fprintf(stderr
, "couldn't get Kerberos host: %s\n",
if ((host
= gethostbyname(krbhst
)) == NULL
) {
fprintf(stderr
, "couldn't get host entry for host %s\n",
sin
.sin_family
= host
->h_addrtype
;
bcopy(host
->h_addr
, (char *) &sin
.sin_addr
, host
->h_length
);
sin
.sin_port
= se
->s_port
;
if ((sock
= socket(AF_INET
, SOCK_STREAM
, IPPROTO_TCP
)) < 0) {
if (connect(sock
, (struct sockaddr
*) &sin
, sizeof(sin
)) < 0) {
if (getsockname(sock
, (struct sockaddr
*) &local
, &llen
) < 0) {
(void)des_write(sock
, &code
, 1);
if (des_write(sock
, &code
, 1) != 1) {
if (des_write(sock
, pname
, ANAME_SZ
) != ANAME_SZ
) {
perror("write principal name");
if (des_write(sock
, iname
, INST_SZ
) != INST_SZ
) {
perror("write instance name");
if (des_write(sock
, password
, 255) != 255) {
perror("write password");
cc
= read(sock
, msgbuf
, BUFSIZ
);
fprintf(stderr
, "protocol error during key verification\n");
if (strncmp(msgbuf
, GOTKEY_MSG
, 6) != 0) {
fprintf(stderr
, "%s: %s", krbhst
, msgbuf
);
cc
= des_read(sock
, msgbuf
, BUFSIZ
);
fprintf(stderr
, "protocol error during read\n");
printf("%s: %s", krbhst
, msgbuf
);
if ((pw
= getpwuid(uid
)) == NULL
) {
fprintf(stderr
, "Who are you?\n");
strcpy(pname
, pw
->pw_name
); /* principal name */
pas
= getpass("login password:");
namep
= crypt(pas
, pw
->pw_passwd
);
if (strcmp(namep
, pw
->pw_passwd
)) {
fprintf(stderr
, "Password incorrect\n");
pas
= getpass("Kerberos password (may be the same):");
printf("<NULL> password not allowed\n");
pas
= getpass("Kerberos password (may be the same):");
strcpy(password
, pas
); /* password */
pas
= getpass("Retype Kerberos password:");
if (strcmp(password
, pas
)) {
fprintf(stderr
, "Password mismatch -- aborted\n");
iname
[0] = NULL
; /* null instance name */
struct sockaddr_in local
;
static struct keyfile_data kdata
;
static Key_schedule schedule
;
char namebuf
[MAXPATHLEN
];
(void) sprintf(namebuf
, "%s%s"
inet_ntoa(local
.sin_addr
));
fd
= open(namebuf
, O_RDONLY
);
fprintf(stderr
, "couldn't open key file for local host %s\n",
inet_ntoa(local
.sin_addr
));
if (read(fd
, (char *)&kdata
, sizeof(kdata
)) != sizeof(kdata
)) {
fprintf(stderr
,"size error reading key file for local host %s\n",
inet_ntoa(local
.sin_addr
));
key_sched(kdata
.kf_key
, schedule
);
des_set_key(kdata
.kf_key
, schedule
);
printf("Kerberos user registration (realm %s)\n\n", realm
);
printf("Please enter your login password followed by your new Kerberos password.\n");
printf("The Kerberos password you enter now will be used in the future\n");
printf("as your Kerberos password for all machines in the %s realm.\n", realm
);
printf("You will only be allowed to perform this operation once, although you may run\n");
printf("the %s program from now on to change your Kerberos password.\n\n", _PATH_KPASSWD
);
fprintf(stderr
, "\nServer no longer listening\n");