* Copyright (c) 1989 The Regents of the University of California.
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
"@(#) Copyright (c) 1989 The Regents of the University of California.\n\
static char sccsid
[] = "@(#)register.c 5.1 (Berkeley) 2/25/91";
#include <sys/resource.h>
#include <kerberosIV/des.h>
#include <kerberosIV/krb.h>
#include "register_proto.h"
#define SERVICE "krbupdate" /* service to add to KDC's database */
static char pname
[ANAME_SZ
];
static char iname
[INST_SZ
];
static char password
[_PASSWORD_LEN
];
/* extern char *sys_errlist; */
void setup_key(), type_info(), cleanup();
struct sockaddr_in sin
, local
;
static struct rlimit rl
= { 0, 0 };
if (setrlimit(RLIMIT_CORE
, &rl
) < 0) {
if ((se
= getservbyname(SERVICE
, PROTO
)) == NULL
) {
fprintf(stderr
, "couldn't find entry for service %s\n",
if ((rval
= krb_get_lrealm(realm
,0)) != KSUCCESS
) {
fprintf(stderr
, "couldn't get local Kerberos realm: %s\n",
if ((rval
= krb_get_krbhst(krbhst
, realm
, 1)) != KSUCCESS
) {
fprintf(stderr
, "couldn't get Kerberos host: %s\n",
if ((host
= gethostbyname(krbhst
)) == NULL
) {
fprintf(stderr
, "couldn't get host entry for host %s\n",
sin
.sin_family
= host
->h_addrtype
;
(void)bcopy(host
->h_addr
, (char *) &sin
.sin_addr
, host
->h_length
);
sin
.sin_port
= se
->s_port
;
if ((sock
= socket(AF_INET
, SOCK_STREAM
, IPPROTO_TCP
)) < 0) {
if (connect(sock
, (struct sockaddr
*) &sin
, sizeof(sin
)) < 0) {
if (getsockname(sock
, (struct sockaddr
*) &local
, &llen
) < 0) {
(void)des_write(sock
, &code
, 1);
if (des_write(sock
, &code
, 1) != 1) {
if (des_write(sock
, pname
, ANAME_SZ
) != ANAME_SZ
) {
perror("write principal name");
if (des_write(sock
, iname
, INST_SZ
) != INST_SZ
) {
perror("write instance name");
if (des_write(sock
, password
, 255) != 255) {
perror("write password");
cc
= read(sock
, msgbuf
, BUFSIZ
);
fprintf(stderr
, "protocol error during key verification\n");
if (strncmp(msgbuf
, GOTKEY_MSG
, 6) != 0) {
fprintf(stderr
, "%s: %s", krbhst
, msgbuf
);
cc
= des_read(sock
, msgbuf
, BUFSIZ
);
fprintf(stderr
, "protocol error during read\n");
printf("%s: %s", krbhst
, msgbuf
);
/* NB: we must run setuid-root to get at the real pw file */
if ((pw
= getpwuid(uid
)) == NULL
) {
fprintf(stderr
, "Who are you?\n");
(void)strcpy(pname
, pw
->pw_name
); /* principal name */
for (i
= 1; i
< 3; i
++) {
pas
= getpass("login password:");
namep
= crypt(pas
, pw
->pw_passwd
);
if (strcmp(namep
, pw
->pw_passwd
)) {
fprintf(stderr
, "Password incorrect\n");
pas
= getpass("Kerberos password (may be the same):");
printf("<NULL> password not allowed\n");
pas
= getpass("Kerberos password (may be the same):");
(void)strcpy(password
, pas
); /* password */
pas
= getpass("Retype Kerberos password:");
if (strcmp(password
, pas
)) {
fprintf(stderr
, "Password mismatch -- aborted\n");
iname
[0] = NULL
; /* null instance name */
struct sockaddr_in local
;
static struct keyfile_data kdata
;
static Key_schedule schedule
;
char namebuf
[MAXPATHLEN
];
(void) sprintf(namebuf
, "%s%s",
inet_ntoa(local
.sin_addr
));
fd
= open(namebuf
, O_RDONLY
);
fprintf(stderr
, "couldn't open key file %s for local host: ",
if (read(fd
, (char *)&kdata
, sizeof(kdata
)) != sizeof(kdata
)) {
fprintf(stderr
,"size error reading key file for local host %s\n",
inet_ntoa(local
.sin_addr
));
key_sched(kdata
.kf_key
, schedule
);
des_set_key(kdata
.kf_key
, schedule
);
printf("Kerberos user registration (realm %s)\n\n", realm
);
printf("Please enter your login password followed by your new Kerberos password.\n");
printf("The Kerberos password you enter now will be used in the future\n");
printf("as your Kerberos password for all machines in the %s realm.\n", realm
);
printf("You will only be allowed to perform this operation once, although you may run\n");
printf("the %s program from now on to change your Kerberos password.\n\n", _PATH_KPASSWD
);
fprintf(stderr
, "\nServer no longer listening\n");