BSD 4_3_Reno release

[unix-history] / usr / src / old / athena / register / register.c

diff --git a/usr/src/old/athena/register/register.c b/usr/src/old/athena/register/register.c
index f4ce1a4..cb7a059 100644 (file)
--- a/usr/src/old/athena/register/register.c
+++ b/usr/src/old/athena/register/register.c
@@ -1,3 +1,24 @@
+/*
+ * Copyright (c) 1989 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that the above copyright notice and this paragraph are
+ * duplicated in all such forms and that any documentation,
+ * advertising materials, and other materials related to such
+ * distribution and use acknowledge that the software was developed
+ * by the University of California, Berkeley.  The name of the
+ * University may not be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char sccsid[] = "@(#)register.c 1.5 (Berkeley) 5/17/89";
+#endif /* not lint */
+

 #include <sys/types.h>
 #include <sys/time.h>
 #include <sys/resource.h>
 #include <sys/types.h>
 #include <sys/time.h>
 #include <sys/resource.h>


@@ -8,12 +29,13 @@
 #include <kerberos/krb.h>
 #include <sys/param.h>
 #include <sys/file.h>
 #include <kerberos/krb.h>
 #include <sys/param.h>
 #include <sys/file.h>

+#include <sys/signal.h>

 #include "register_proto.h"
 
 #define        SERVICE "krbupdate"
 #define        PROTO   "tcp"
 #define        KFILE   "/.update.key%s"
 #include "register_proto.h"
 
 #define        SERVICE "krbupdate"
 #define        PROTO   "tcp"
 #define        KFILE   "/.update.key%s"

-#define        KPASSWD "/usr/local/kpasswd"
+#define        KPASSWD "/usr/athena/kpasswd"

 
 char   realm[REALM_SZ];
 char   krbhst[MAX_HSTNM];
 
 char   realm[REALM_SZ];
 char   krbhst[MAX_HSTNM];


@@ -37,36 +59,31 @@ char        **argv;
        u_char          code;
        static struct rlimit rl = { 0, 0 };
 
        u_char          code;
        static struct rlimit rl = { 0, 0 };
 

-       if(geteuid()) {
-               fprintf(stderr, "must run set-uid root to access keyfile\n");
-               exit(1);
-       }
-

        signal(SIGPIPE, die);
 
        signal(SIGPIPE, die);
 

-       if(setrlimit(RLIMIT_CORE, &rl) < 0) {
+       if (setrlimit(RLIMIT_CORE, &rl) < 0) {

                perror("rlimit");
                exit(1);
        }
 
                perror("rlimit");
                exit(1);
        }
 

-       if((se = getservbyname(SERVICE, PROTO)) == NULL) {
+       if ((se = getservbyname(SERVICE, PROTO)) == NULL) {

                fprintf(stderr, "couldn't find entry for service %s\n",
                        SERVICE);
                exit(1);
        }
                fprintf(stderr, "couldn't find entry for service %s\n",
                        SERVICE);
                exit(1);
        }

-       if((rval = get_krbrlm(realm,1)) != KSUCCESS) {
+       if ((rval = krb_get_lrealm(realm,1)) != KSUCCESS) {

                fprintf(stderr, "couldn't get local Kerberos realm: %s\n",
                        krb_err_txt[rval]);
                exit(1);
        }
 
                fprintf(stderr, "couldn't get local Kerberos realm: %s\n",
                        krb_err_txt[rval]);
                exit(1);
        }
 

-       if((rval = get_krbhst(krbhst, realm, 1)) != KSUCCESS) {
+       if ((rval = krb_get_krbhst(krbhst, realm, 1)) != KSUCCESS) {

                fprintf(stderr, "couldn't get Kerberos host: %s\n",
                        krb_err_txt[rval]);
                exit(1);
        }
 
                fprintf(stderr, "couldn't get Kerberos host: %s\n",
                        krb_err_txt[rval]);
                exit(1);
        }
 

-       if((host = gethostbyname(krbhst)) == NULL) {
+       if ((host = gethostbyname(krbhst)) == NULL) {

                fprintf(stderr, "couldn't get host entry for host %s\n",
                        krbhst);
                exit(1);
                fprintf(stderr, "couldn't get host entry for host %s\n",
                        krbhst);
                exit(1);


@@ -76,19 +93,19 @@ char        **argv;
        bcopy(host->h_addr, (char *) &sin.sin_addr, host->h_length);
        sin.sin_port = se->s_port;
 
        bcopy(host->h_addr, (char *) &sin.sin_addr, host->h_length);
        sin.sin_port = se->s_port;
 

-       if((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {
+       if ((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {

                perror("socket");
                exit(1);
        }
 
                perror("socket");
                exit(1);
        }
 

-       if(connect(sock, (struct sockaddr *) &sin, sizeof(sin)) < 0) {
+       if (connect(sock, (struct sockaddr *) &sin, sizeof(sin)) < 0) {

                perror("connect");
                close(sock);
                exit(1);
        }
 
        llen = sizeof(local);
                perror("connect");
                close(sock);
                exit(1);
        }
 
        llen = sizeof(local);

-       if(getsockname(sock, (struct sockaddr *) &local, &llen) < 0) {
+       if (getsockname(sock, (struct sockaddr *) &local, &llen) < 0) {

                perror("getsockname");
                close(sock);
                exit(1);
                perror("getsockname");
                close(sock);
                exit(1);


@@ -97,7 +114,13 @@ char        **argv;
        setup_key(local);
 
        type_info();
        setup_key(local);
 
        type_info();

-       get_user_info();
+
+       if (!get_user_info()) {
+               code = ABORT;
+               (void)des_write(sock, &code, 1);
+               cleanup();
+               exit(1);
+       }

 
        code = APPEND_DB;
        if(des_write(sock, &code, 1) != 1) {
 
        code = APPEND_DB;
        if(des_write(sock, &code, 1) != 1) {


@@ -130,6 +153,18 @@ char       **argv;
                int     cc;
                char    msgbuf[BUFSIZ];
 
                int     cc;
                char    msgbuf[BUFSIZ];
 

+               cc = read(sock, msgbuf, BUFSIZ);
+               if (cc <= 0) {
+                       fprintf(stderr, "protocol error during key verification\n");
+                       cleanup();
+                       exit(1);
+               }
+               if (strncmp(msgbuf, GOTKEY_MSG, 6) != 0) {
+                       fprintf(stderr, "%s: %s", krbhst, msgbuf);
+                       cleanup();
+                       exit(1);
+               }
+

                cc = des_read(sock, msgbuf, BUFSIZ);
                if(cc <= 0) {
                        fprintf(stderr, "protocol error during read\n");
                cc = des_read(sock, msgbuf, BUFSIZ);
                if(cc <= 0) {
                        fprintf(stderr, "protocol error during read\n");


@@ -153,6 +188,8 @@ cleanup()
 
 extern char    *crypt();
 extern char    *getpass();
 
 extern char    *crypt();
 extern char    *getpass();

+
+int

 get_user_info()
 {
        int     uid = getuid();
 get_user_info()
 {
        int     uid = getuid();


@@ -162,8 +199,9 @@ get_user_info()
 
        if((pw = getpwuid(uid)) == NULL) {
                fprintf(stderr, "Who are you?\n");
 
        if((pw = getpwuid(uid)) == NULL) {
                fprintf(stderr, "Who are you?\n");

-               exit(1);
+               return(0);

        }
        }

+       seteuid(uid);

        strcpy(pname, pw->pw_name);     /* principal name */
        for(i = 1; i < 3; i++) {
                pas = getpass("login password:");
        strcpy(pname, pw->pw_name);     /* principal name */
        for(i = 1; i < 3; i++) {
                pas = getpass("login password:");


@@ -177,17 +215,21 @@ get_user_info()
                }
        }
        if(!valid)
                }
        }
        if(!valid)

-               exit(1);
+               return(0);

        pas = getpass("Kerberos password (may be the same):");
        pas = getpass("Kerberos password (may be the same):");

+       while(*pas == NULL) {
+               printf("<NULL> password not allowed\n");
+               pas = getpass("Kerberos password (may be the same):");
+       }

        strcpy(password, pas);          /* password */
        pas = getpass("Retype Kerberos password:");
        if(strcmp(password, pas)) {
                fprintf(stderr, "Password mismatch -- aborted\n");
        strcpy(password, pas);          /* password */
        pas = getpass("Retype Kerberos password:");
        if(strcmp(password, pas)) {
                fprintf(stderr, "Password mismatch -- aborted\n");

-               cleanup();
-               exit(1);
+               return(0);

        }
 
        iname[0] = NULL;        /* null instance name */
        }
 
        iname[0] = NULL;        /* null instance name */

+       return(1);

 }
 
 setup_key(local)
 }
 
 setup_key(local)


@@ -222,7 +264,7 @@ type_info()
        printf("Kerberos user registration (realm %s)\n\n", realm);
        printf("Please enter your login password followed by your new Kerberos password.\n");
        printf("The Kerberos password you enter now will be used in the future\n");
        printf("Kerberos user registration (realm %s)\n\n", realm);
        printf("Please enter your login password followed by your new Kerberos password.\n");
        printf("The Kerberos password you enter now will be used in the future\n");

-       printf("as your login password for all machines in the %s realm.\n", realm);
+       printf("as your Kerberos password for all machines in the %s realm.\n", realm);

        printf("You will only be allowed to perform this operation once, although you may run\n");
        printf("the %s program from now on to change your Kerberos password.\n\n", KPASSWD);
 }
        printf("You will only be allowed to perform this operation once, although you may run\n");
        printf("the %s program from now on to change your Kerberos password.\n\n", KPASSWD);
 }