BSD 4_4_Lite1 release

[unix-history] / usr / src / usr.bin / passwd / krb_passwd.c

diff --git a/usr/src/usr.bin/passwd/krb_passwd.c b/usr/src/usr.bin/passwd/krb_passwd.c
index 975bc9c..d4a0f15 100644 (file)
--- a/usr/src/usr.bin/passwd/krb_passwd.c
+++ b/usr/src/usr.bin/passwd/krb_passwd.c
@@ -1,12 +1,38 @@
 /*-
 /*-

- * Copyright (c) 1990 The Regents of the University of California.
- * All rights reserved.
+ * Copyright (c) 1990, 1993, 1994
+ *     The Regents of the University of California.  All rights reserved.

  *
  *

- * %sccs.include.redist.c%
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *     This product includes software developed by the University of
+ *     California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.

  */
 
 #ifndef lint
  */
 
 #ifndef lint

-static char sccsid[] = "@(#)krb_passwd.c       5.3 (Berkeley) %G%";
+static char sccsid[] = "@(#)krb_passwd.c       8.3 (Berkeley) 4/2/94";

 #endif /* not lint */
 
 #ifdef KERBEROS
 #endif /* not lint */
 
 #ifdef KERBEROS


@@ -18,27 +44,39 @@ static char sccsid[] = "@(#)krb_passwd.c    5.3 (Berkeley) %G%";
 #include <netinet/in.h>
 #include <kerberosIV/des.h>
 #include <kerberosIV/krb.h>
 #include <netinet/in.h>
 #include <kerberosIV/des.h>
 #include <kerberosIV/krb.h>

+
+#include <err.h>
+#include <errno.h>

 #include <netdb.h>
 #include <netdb.h>

-#include <signal.h>

 #include <pwd.h>
 #include <pwd.h>

-#include <errno.h>
+#include <signal.h>

 #include <stdio.h>
 #include <stdio.h>

-#include "kpasswd_proto.h"
-#include <string.h>

 #include <stdlib.h>
 #include <stdlib.h>

+#include <string.h>
+#include <unistd.h>
+
+#include "kpasswd_proto.h"
+
+#include "extern.h"

 
 #define        PROTO   "tcp"
 
 
 #define        PROTO   "tcp"
 

+static void    send_update __P((int, char *, char *));
+static void    recv_ack __P((int));
+static void    cleanup __P((void));
+static void    finish __P((void));
+

 static struct timeval timeout = { CLIENT_KRB_TIMEOUT, 0 };
 static struct kpasswd_data proto_data;
 static des_cblock okey;
 static Key_schedule osched;
 static struct timeval timeout = { CLIENT_KRB_TIMEOUT, 0 };
 static struct kpasswd_data proto_data;
 static des_cblock okey;
 static Key_schedule osched;

-KTEXT_ST ticket;
-Key_schedule random_schedule;
-long authopts;
-char realm[REALM_SZ], krbhst[MAX_HSTNM];
-int sock;
+static KTEXT_ST ticket;
+static Key_schedule random_schedule;
+static long authopts;
+static char realm[REALM_SZ], krbhst[MAX_HSTNM];
+static int sock;

 
 

+int

 krb_passwd()
 {
        struct servent *se;
 krb_passwd()
 {
        struct servent *se;


@@ -46,8 +84,9 @@ krb_passwd()
        struct sockaddr_in sin;
        CREDENTIALS cred;
        fd_set readfds;
        struct sockaddr_in sin;
        CREDENTIALS cred;
        fd_set readfds;

-       int rval, finish();
+       int rval;

        char pass[_PASSWORD_LEN], password[_PASSWORD_LEN];
        char pass[_PASSWORD_LEN], password[_PASSWORD_LEN];

+       static void finish();

 
        static struct rlimit rl = { 0, 0 };
 
 
        static struct rlimit rl = { 0, 0 };
 


@@ -56,52 +95,47 @@ krb_passwd()
        (void)signal(SIGTSTP, SIG_IGN);
 
        if (setrlimit(RLIMIT_CORE, &rl) < 0) {
        (void)signal(SIGTSTP, SIG_IGN);
 
        if (setrlimit(RLIMIT_CORE, &rl) < 0) {

-               (void)fprintf(stderr,
-                   "passwd: setrlimit: %s\n", strerror(errno));
-               return(1);
+               warn("setrlimit");
+               return (1);

        }
 
        if ((se = getservbyname(SERVICE, PROTO)) == NULL) {
        }
 
        if ((se = getservbyname(SERVICE, PROTO)) == NULL) {

-               (void)fprintf(stderr,
-                   "passwd: couldn't find entry for service %s/%s\n",
+               warnx("couldn't find entry for service %s/%s",

                    SERVICE, PROTO);
                    SERVICE, PROTO);

-               return(1);
+               return (1);

        }
 
        if ((rval = krb_get_lrealm(realm,1)) != KSUCCESS) {
        }
 
        if ((rval = krb_get_lrealm(realm,1)) != KSUCCESS) {

-               (void)fprintf(stderr,
-                   "passwd: couldn't get local Kerberos realm: %s\n",
+               warnx("couldn't get local Kerberos realm: %s",

                    krb_err_txt[rval]);
                    krb_err_txt[rval]);

-               return(1);
+               return (1);

        }
 
        if ((rval = krb_get_krbhst(krbhst, realm, 1)) != KSUCCESS) {
        }
 
        if ((rval = krb_get_krbhst(krbhst, realm, 1)) != KSUCCESS) {

-               (void)fprintf(stderr,
-                   "passwd: couldn't get Kerberos host: %s\n",
+               warnx("couldn't get Kerberos host: %s",

                    krb_err_txt[rval]);
                    krb_err_txt[rval]);

-               return(1);
+               return (1);

        }
 
        if ((host = gethostbyname(krbhst)) == NULL) {
        }
 
        if ((host = gethostbyname(krbhst)) == NULL) {

-               (void)fprintf(stderr,
-                   "passwd: couldn't get host entry for krb host %s\n",
+               warnx("couldn't get host entry for krb host %s",

                    krbhst);
                    krbhst);

-               return(1);
+               return (1);

        }
 
        sin.sin_family = host->h_addrtype;
        }
 
        sin.sin_family = host->h_addrtype;

-       bcopy(host->h_addr, (char *) &sin.sin_addr, host->h_length);
+       memmove((char *) &sin.sin_addr, host->h_addr, host->h_length);

        sin.sin_port = se->s_port;
 
        if ((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {
        sin.sin_port = se->s_port;
 
        if ((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {

-               (void)fprintf(stderr, "passwd: socket: %s\n", strerror(errno));
-               return(1);
+               warn("socket");
+               return (1);

        }
 
        if (connect(sock, (struct sockaddr *) &sin, sizeof(sin)) < 0) {
        }
 
        if (connect(sock, (struct sockaddr *) &sin, sizeof(sin)) < 0) {

-               (void)fprintf(stderr, "passwd: connect: %s\n", strerror(errno));
+               warn("connect");

                (void)close(sock);
                (void)close(sock);

-               return(1);
+               return (1);

        }
 
        rval = krb_sendauth(
        }
 
        rval = krb_sendauth(


@@ -121,9 +155,8 @@ krb_passwd()
        );
 
        if (rval != KSUCCESS) {
        );
 
        if (rval != KSUCCESS) {

-               (void)fprintf(stderr, "passwd: Kerberos sendauth error: %s\n",
-                   krb_err_txt[rval]);
-               return(1);
+               warnx("Kerberos sendauth error: %s", krb_err_txt[rval]);
+               return (1);

        }
 
        krb_get_cred("krbtgt", realm, realm, &cred);
        }
 
        krb_get_cred("krbtgt", realm, realm, &cred);


@@ -133,9 +166,8 @@ krb_passwd()
 
        if (des_read_pw_string(pass,
            sizeof(pass)-1, "Old Kerberos password:", 0)) {
 
        if (des_read_pw_string(pass,
            sizeof(pass)-1, "Old Kerberos password:", 0)) {

-               (void)fprintf(stderr,
-                   "passwd: error reading old Kerberos password\n");
-               return(1);
+               warnx("error reading old Kerberos password");
+               return (1);

        }
 
        (void)des_string_to_key(pass, okey);
        }
 
        (void)des_string_to_key(pass, okey);


@@ -152,23 +184,22 @@ krb_passwd()
 
        if ((rval < 1) || !FD_ISSET(sock, &readfds)) {
                if(rval == 0) {
 
        if ((rval < 1) || !FD_ISSET(sock, &readfds)) {
                if(rval == 0) {

-                       (void)fprintf(stderr, "passwd: timed out (aborted)\n");
+                       warnx("timed out (aborted)");

                        cleanup();
                        cleanup();

-                       return(1);
+                       return (1);

                }
                }

-               (void)fprintf(stderr, "passwd: select failed (aborted)\n");
+               warnx("select failed (aborted)");

                cleanup();
                cleanup();

-               return(1);
+               return (1);

        }
 
        /* read verification string */
 
        if (des_read(sock, &proto_data, sizeof(proto_data)) !=
            sizeof(proto_data)) {
        }
 
        /* read verification string */
 
        if (des_read(sock, &proto_data, sizeof(proto_data)) !=
            sizeof(proto_data)) {

-               (void)fprintf(stderr,
-                   "passwd: couldn't read verification string (aborted)\n");
+               warnx("couldn't read verification string (aborted)");

                cleanup();
                cleanup();

-               return(1);
+               return (1);

        }
 
        (void)signal(SIGHUP, finish);
        }
 
        (void)signal(SIGHUP, finish);


@@ -178,36 +209,33 @@ krb_passwd()
                cleanup();
                /* don't complain loud if user just hit return */
                if (pass == NULL || (!*pass))
                cleanup();
                /* don't complain loud if user just hit return */
                if (pass == NULL || (!*pass))

-                       return(0);
+                       return (0);

                (void)fprintf(stderr, "Sorry\n");
                (void)fprintf(stderr, "Sorry\n");

-               return(1);
+               return (1);

        }
 
        (void)des_key_sched(proto_data.random_key, random_schedule);
        (void)des_set_key(proto_data.random_key, random_schedule);
        }
 
        (void)des_key_sched(proto_data.random_key, random_schedule);
        (void)des_set_key(proto_data.random_key, random_schedule);

-       (void)bzero(pass, sizeof(pass));
+       (void)memset(pass, 0, sizeof(pass));

 
        if (des_read_pw_string(pass,
            sizeof(pass)-1, "New Kerberos password:", 0)) {
 
        if (des_read_pw_string(pass,
            sizeof(pass)-1, "New Kerberos password:", 0)) {

-               (void)fprintf(stderr,
-                   "passwd: error reading new Kerberos password (aborted)\n");
+               warnx("error reading new Kerberos password (aborted)");

                cleanup();
                cleanup();

-               return(1);
+               return (1);

        }
 
        if (des_read_pw_string(password,
            sizeof(password)-1, "Retype new Kerberos password:", 0)) {
        }
 
        if (des_read_pw_string(password,
            sizeof(password)-1, "Retype new Kerberos password:", 0)) {

-               (void)fprintf(stderr,
-                   "passwd: error reading new Kerberos password (aborted)\n");
+               warnx("error reading new Kerberos password (aborted)");

                cleanup();
                cleanup();

-               return(1);
+               return (1);

        }
 
        if (strcmp(password, pass) != 0) {
        }
 
        if (strcmp(password, pass) != 0) {

-               (void)fprintf(stderr,
-                   "passwd: password mismatch (aborted)\n");
+               warnx("password mismatch (aborted)");

                cleanup();
                cleanup();

-               return(1);
+               return (1);

        }
 
        if (strlen(pass) == 0)
        }
 
        if (strlen(pass) == 0)


@@ -224,20 +252,20 @@ krb_passwd()
            select(sock + 1, &readfds, (fd_set *) 0, (fd_set *) 0, &timeout);
        if ((rval < 1) || !FD_ISSET(sock, &readfds)) {
                if(rval == 0) {
            select(sock + 1, &readfds, (fd_set *) 0, (fd_set *) 0, &timeout);
        if ((rval < 1) || !FD_ISSET(sock, &readfds)) {
                if(rval == 0) {

-                       (void)fprintf(stderr,
-                           "passwd: timed out reading ACK (aborted)\n");
+                       warnx("timed out reading ACK (aborted)");

                        cleanup();
                        exit(1);
                }
                        cleanup();
                        exit(1);
                }

-               (void)fprintf(stderr, "passwd: select failed (aborted)\n");
+               warnx("select failed (aborted)");

                cleanup();
                exit(1);
        }
        recv_ack(sock);
        cleanup();
                cleanup();
                exit(1);
        }
        recv_ack(sock);
        cleanup();

-       exit(0);
+       return (0);

 }
 
 }
 

+static void

 send_update(dest, pwd, str)
        int dest;
        char *pwd, *str;
 send_update(dest, pwd, str)
        int dest;
        char *pwd, *str;


@@ -247,14 +275,14 @@ send_update(dest, pwd, str)
        (void)strncpy(ud.secure_msg, str, _PASSWORD_LEN);
        (void)strncpy(ud.pw, pwd, sizeof(ud.pw));
        if (des_write(dest, &ud, sizeof(ud)) != sizeof(ud)) {
        (void)strncpy(ud.secure_msg, str, _PASSWORD_LEN);
        (void)strncpy(ud.pw, pwd, sizeof(ud.pw));
        if (des_write(dest, &ud, sizeof(ud)) != sizeof(ud)) {

-               (void)fprintf(stderr,
-                   "passwd: couldn't write pw update (abort)\n");
-               bzero((char *)&ud, sizeof(ud));
+               warnx("couldn't write pw update (abort)");
+               memset((char *)&ud, 0, sizeof(ud));

                cleanup();
                exit(1);
        }
 }
 
                cleanup();
                exit(1);
        }
 }
 

+static void

 recv_ack(remote)
        int remote;
 {
 recv_ack(remote)
        int remote;
 {


@@ -263,24 +291,27 @@ recv_ack(remote)
 
        cc = des_read(remote, buf, sizeof(buf));
        if (cc <= 0) {
 
        cc = des_read(remote, buf, sizeof(buf));
        if (cc <= 0) {

-               (void)fprintf(stderr,
-                   "passwd: error reading acknowledgement (aborted)\n");
+               warnx("error reading acknowledgement (aborted)");

                cleanup();
                exit(1);
        }
        (void)printf("%s", buf);
 }
 
                cleanup();
                exit(1);
        }
        (void)printf("%s", buf);
 }
 

+static void

 cleanup()
 {
 cleanup()
 {

-       (void)bzero((char *)&proto_data, sizeof(proto_data));
-       (void)bzero((char *)okey, sizeof(okey));
-       (void)bzero((char *)osched, sizeof(osched));
-       (void)bzero((char *)random_schedule, sizeof(random_schedule));
+
+       (void)memset((char *)&proto_data, 0, sizeof(proto_data));
+       (void)memset((char *)okey, 0, sizeof(okey));
+       (void)memset((char *)osched, 0, sizeof(osched));
+       (void)memset((char *)random_schedule, 0, sizeof(random_schedule));

 }
 
 }
 

+static void

 finish()
 {
 finish()
 {

+

        (void)close(sock);
        exit(1);
 }
        (void)close(sock);
        exit(1);
 }