* $Source: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v $
* Copyright 1987, 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
static char rcsid_get_in_tkt_c
[] =
"$Header: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v 4.13 90/06/23 03:10:32 kfall Exp $";
#include <mit-copyright.h>
* This file contains two routines: passwd_to_key() converts
* a password into a DES key (prompting for the password if
* not supplied), and krb_get_pw_in_tkt() gets an initial ticket for
* passwd_to_key(): given a password, return a DES key.
* There are extra arguments here which (used to be?)
* used by srvtab_to_key().
* If the "passwd" argument is not null, generate a DES
* key from it, using string_to_key().
* If the "passwd" argument is null, call des_read_password()
* to prompt for a password and then convert it into a DES key.
* In either case, the resulting key is put in the "key" argument,
static int passwd_to_key(user
,instance
,realm
,passwd
,key
)
char *user
, *instance
, *realm
, *passwd
;
placebo_read_password(key
, "Password: ", 0);
#else /* Do encyryption */
string_to_key(passwd
, key
);
des_read_password(key
, "Kerberos Password: ", 0);
#endif /* NOENCRYPTION */
* krb_get_pw_in_tkt() takes the name of the server for which the initial
* ticket is to be obtained, the name of the principal the ticket is
* for, the desired lifetime of the ticket, and the user's password.
* It passes its arguments on to krb_get_in_tkt(), which contacts
* Kerberos to get the ticket, decrypts it using the password provided,
* and stores it away for future use.
* krb_get_pw_in_tkt() passes two additional arguments to krb_get_in_tkt():
* the name of a routine (passwd_to_key()) to be used to get the
* password in case the "password" argument is null and NULL for the
* decryption procedure indicating that krb_get_in_tkt should use the
* default method of decrypting the response from the KDC.
* The result of the call to krb_get_in_tkt() is returned.
krb_get_pw_in_tkt(user
,instance
,realm
,service
,sinstance
,life
,password
)
char *user
, *instance
, *realm
, *service
, *sinstance
;
return(krb_get_in_tkt(user
,instance
,realm
,service
,sinstance
,life
,
passwd_to_key
, NULL
, password
));
* $Source: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v $
* Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
* For copying and distribution information, please see the file
* This routine prints the supplied string to standard
* output as a prompt, and reads a password string without
static char rcsid_read_password_c
[] =
"$Header: /usr/src/kerberosIV/krb/RCS/get_in_tkt.c,v 4.13 90/06/23 03:10:32 kfall Exp $";
static void sig_restore();
static push_signals(), pop_signals();
int placebo_read_pw_string();
/*** Routines ****************************************************** */
placebo_read_password(k
,prompt
,verify
)
ok
= placebo_read_pw_string(key_string
, BUFSIZ
, prompt
, verify
);
bzero(k
, sizeof(C_Block
));
bzero(key_string
, sizeof (key_string
));
* This version just returns the string, doesn't map to key.
* Returns 0 on success, non-zero on failure.
placebo_read_pw_string(s
,max
,prompt
,verify
)
bcopy(old_env
, env
, sizeof(env
));
if (ioctl(0,TIOCGETP
,&tty_state
) == -1)
tty_state
.sg_flags
&= ~ECHO
;
if (ioctl(0,TIOCSETP
,&tty_state
) == -1)
if (!fgets(s
, max
, stdin
)) {
if ((ptr
= index(s
, '\n')))
printf("\nVerifying, please re-enter %s",prompt
);
h19line(key_string
,sizeof(key_string
),0);
if (!fgets(key_string
, sizeof(key_string
), stdin
)) {
if ((ptr
= index(key_string
, '\n')))
if (strcmp(s
,key_string
)) {
printf("\n\07\07Mismatch - try again\n");
tty_state
.sg_flags
|= ECHO
;
if (ioctl(0,TIOCSETP
,&tty_state
))
bcopy(env
, old_env
, sizeof(env
));
bzero(key_string
, sizeof (key_string
));
s
[max
-1] = 0; /* force termination */
return !ok
; /* return nonzero if not okay */
* this can be static since we should never have more than
static void (*old_sigfunc
[NSIG
])();
static int (*old_sigfunc
[NSIG
])();
for (i
= 0; i
< NSIG
; i
++)
old_sigfunc
[i
] = signal(i
,sig_restore
);
for (i
= 0; i
< NSIG
; i
++)
signal(i
,old_sigfunc
[i
]);
static void sig_restore(sig
,code
,scp
)
#endif /* NOENCRYPTION */