newkey.c (7d1e83948cb684521e72cab96020be241508f449) | newkey.c (36e852a172cba914383d7341c988128b2c667fbd) |
---|---|
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE --- 39 unchanged lines hidden (view full) --- 48#include <netdb.h> 49#include <pwd.h> 50#include <shadow.h> 51#include <crypt.h> 52#include <string.h> 53#include <sys/resource.h> 54#include <netdir.h> 55#include <rpcsvc/nis.h> | 1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE --- 39 unchanged lines hidden (view full) --- 48#include <netdb.h> 49#include <pwd.h> 50#include <shadow.h> 51#include <crypt.h> 52#include <string.h> 53#include <sys/resource.h> 54#include <netdir.h> 55#include <rpcsvc/nis.h> |
56#include <rpcsvc/nispasswd.h> | |
57 58#define MAXMAPNAMELEN 256 59#define MAXPASSWD 256 /* max significant characters in password */ 60 61#define PK_FILES 1 62#define PK_YP 2 | 56 57#define MAXMAPNAMELEN 256 58#define MAXPASSWD 256 /* max significant characters in password */ 59 60#define PK_FILES 1 61#define PK_YP 2 |
63#define PK_NISPLUS 3 | |
64#define PK_LDAP 4 | 62#define PK_LDAP 4 |
63#define DESCREDPASSLEN sizeof (des_block) |
|
65 66extern int optind; 67extern char *optarg; | 64 65extern int optind; 66extern char *optarg; |
68extern char *get_nisplus_principal(); | |
69extern int __getnetnamebyuid(); 70extern int self_check(char *name); 71 72#define local_host(host_name) self_check(host_name) 73 74char *program_name; 75int pk_database; 76static char *get_password(); --- 19 unchanged lines hidden (view full) --- 96 struct passwd *pw; 97 NCONF_HANDLE *nc_handle; 98 struct netconfig *nconf; 99 struct nd_hostserv service; 100 struct nd_addrlist *addrs; 101 bool_t validhost; 102 uid_t uid; 103 int c; | 67extern int __getnetnamebyuid(); 68extern int self_check(char *name); 69 70#define local_host(host_name) self_check(host_name) 71 72char *program_name; 73int pk_database; 74static char *get_password(); --- 19 unchanged lines hidden (view full) --- 94 struct passwd *pw; 95 NCONF_HANDLE *nc_handle; 96 struct netconfig *nconf; 97 struct nd_hostserv service; 98 struct nd_addrlist *addrs; 99 bool_t validhost; 100 uid_t uid; 101 int c; |
104 char *nprinc = NULL; /* nisplus principal name */ | |
105 char host_pname[NIS_MAXNAMELEN]; 106 107 program_name = argv[0]; 108 while ((c = getopt(argc, argv, "s:u:h:")) != -1) { 109 switch (c) { 110 case 's': 111 if (pk_service == NULL) 112 pk_service = optarg; --- 38 unchanged lines hidden (view full) --- 151 uid = pw->pw_uid; 152 if (uid == 0) { 153 if (! getnetname(name)) { 154 (void) fprintf(stderr, 155 "%s: could not get the equivalent netname for %s\n", 156 program_name, username); 157 usage(); 158 } | 102 char host_pname[NIS_MAXNAMELEN]; 103 104 program_name = argv[0]; 105 while ((c = getopt(argc, argv, "s:u:h:")) != -1) { 106 switch (c) { 107 case 's': 108 if (pk_service == NULL) 109 pk_service = optarg; --- 38 unchanged lines hidden (view full) --- 148 uid = pw->pw_uid; 149 if (uid == 0) { 150 if (! getnetname(name)) { 151 (void) fprintf(stderr, 152 "%s: could not get the equivalent netname for %s\n", 153 program_name, username); 154 usage(); 155 } |
159 if (pk_database == PK_NISPLUS) 160 target_host = nis_local_host(); 161 else { 162 if (gethostname(host_pname, NIS_MAXNAMELEN) 163 < 0) { 164 (void) fprintf(stderr, 165 "%s: could not get the hostname for %s\n", 166 program_name, username); 167 usage(); 168 } 169 target_host = host_pname; | 156 if (gethostname(host_pname, NIS_MAXNAMELEN) 157 < 0) { 158 (void) fprintf(stderr, 159 "%s: could not get the hostname for %s\n", 160 program_name, username); 161 usage(); |
170 } | 162 } |
163 target_host = host_pname; |
|
171 } 172 if (__getnetnamebyuid(name, uid) == 0) { 173 (void) fprintf(stderr, 174 "%s: could not get the equivalent netname for %s\n", 175 program_name, username); 176 usage(); 177 } | 164 } 165 if (__getnetnamebyuid(name, uid) == 0) { 166 (void) fprintf(stderr, 167 "%s: could not get the equivalent netname for %s\n", 168 program_name, username); 169 usage(); 170 } |
178 if (pk_database == PK_NISPLUS) 179 nprinc = get_nisplus_principal(nis_local_directory(), 180 uid); | |
181 } else { 182 /* -h hostname option */ 183 service.h_host = target_host; 184 service.h_serv = NULL; 185 validhost = FALSE; 186 /* verify if this is a valid hostname */ 187 nc_handle = setnetconfig(); 188 if (nc_handle == NULL) { --- 14 unchanged lines hidden (view full) --- 203 } 204 endnetconfig(nc_handle); 205 if (!validhost) { 206 (void) fprintf(stderr, "%s: unknown host: %s\n", 207 program_name, target_host); 208 exit(1); 209 } 210 (void) host2netname(name, target_host, (char *)NULL); | 171 } else { 172 /* -h hostname option */ 173 service.h_host = target_host; 174 service.h_serv = NULL; 175 validhost = FALSE; 176 /* verify if this is a valid hostname */ 177 nc_handle = setnetconfig(); 178 if (nc_handle == NULL) { --- 14 unchanged lines hidden (view full) --- 193 } 194 endnetconfig(nc_handle); 195 if (!validhost) { 196 (void) fprintf(stderr, "%s: unknown host: %s\n", 197 program_name, target_host); 198 exit(1); 199 } 200 (void) host2netname(name, target_host, (char *)NULL); |
211 if (pk_database == PK_NISPLUS) { 212 if (target_host[strlen(target_host) - 1] != '.') { 213 sprintf(host_pname, "%s.%s", 214 target_host, nis_local_directory()); 215 nprinc = host_pname; 216 } else 217 nprinc = target_host; 218 } | |
219 uid = 0; 220 } 221 222 (void) fprintf(stdout, "Adding new key for %s.\n", name); 223 pass = get_password(uid, target_host, username); 224 225 if (pass == NULL) 226 exit(1); 227 228 (void) strlcpy(short_pass, pass, sizeof (short_pass)); 229 (void) __gen_dhkeys(public, secret, short_pass); 230 231 (void) memcpy(crypt1, secret, HEXKEYBYTES); 232 (void) memcpy(crypt1 + HEXKEYBYTES, secret, KEYCHECKSUMSIZE); 233 crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE] = 0; 234 xencrypt(crypt1, short_pass); 235 236 if (status = setpublicmap(name, public, crypt1, pk_database, | 201 uid = 0; 202 } 203 204 (void) fprintf(stdout, "Adding new key for %s.\n", name); 205 pass = get_password(uid, target_host, username); 206 207 if (pass == NULL) 208 exit(1); 209 210 (void) strlcpy(short_pass, pass, sizeof (short_pass)); 211 (void) __gen_dhkeys(public, secret, short_pass); 212 213 (void) memcpy(crypt1, secret, HEXKEYBYTES); 214 (void) memcpy(crypt1 + HEXKEYBYTES, secret, KEYCHECKSUMSIZE); 215 crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE] = 0; 216 xencrypt(crypt1, short_pass); 217 218 if (status = setpublicmap(name, public, crypt1, pk_database, |
237 nprinc, short_pass)) { | 219 short_pass)) { |
238 switch (pk_database) { 239 case PK_YP: 240 (void) fprintf(stderr, 241 "%s: unable to update NIS database (%u): %s\n", 242 program_name, status, 243 yperr_string(status)); 244 break; 245 case PK_FILES: 246 (void) fprintf(stderr, 247 "%s: hence, unable to update publickey database\n", 248 program_name); 249 break; | 220 switch (pk_database) { 221 case PK_YP: 222 (void) fprintf(stderr, 223 "%s: unable to update NIS database (%u): %s\n", 224 program_name, status, 225 yperr_string(status)); 226 break; 227 case PK_FILES: 228 (void) fprintf(stderr, 229 "%s: hence, unable to update publickey database\n", 230 program_name); 231 break; |
250 case PK_NISPLUS: 251 (void) fprintf(stderr, 252 "%s: unable to update nisplus database\n", 253 program_name); 254 break; | |
255 default: 256 (void) fprintf(stderr, 257 "%s: could not update unknown database: %d\n", 258 program_name, pk_database); 259 } 260 exit(1); 261 } 262 return (0); 263} 264 265/* 266 * Set the entry in the public key file 267 */ 268int | 232 default: 233 (void) fprintf(stderr, 234 "%s: could not update unknown database: %d\n", 235 program_name, pk_database); 236 } 237 exit(1); 238 } 239 return (0); 240} 241 242/* 243 * Set the entry in the public key file 244 */ 245int |
269setpublicmap(name, public, secret, database, nis_princ, pw) | 246setpublicmap(name, public, secret, database, pw) |
270 int database; 271 char *name; 272 char *public; 273 char *secret; | 247 int database; 248 char *name; 249 char *public; 250 char *secret; |
274 nis_name nis_princ; | |
275 char *pw; 276{ 277 char pkent[HEXKEYBYTES + HEXKEYBYTES + KEYCHECKSUMSIZE + 2]; 278 char *domain = NULL; 279 char *master = NULL; 280 char hostname[MAXHOSTNAMELEN+1]; 281 282 (void) sprintf(pkent, "%s:%s", public, secret); --- 24 unchanged lines hidden (view full) --- 307 (void) fprintf(stderr, "%s: cannot chdir to %s", 308 program_name, YPDBPATH); 309 } 310 (void) fprintf(stdout, 311 "Please wait for the database to get updated ...\n"); 312 return (mapupdate(name, PKMAP, YPOP_STORE, pkent)); 313 case PK_FILES: 314 return (localupdate(name, PKFILE, YPOP_STORE, pkent)); | 251 char *pw; 252{ 253 char pkent[HEXKEYBYTES + HEXKEYBYTES + KEYCHECKSUMSIZE + 2]; 254 char *domain = NULL; 255 char *master = NULL; 256 char hostname[MAXHOSTNAMELEN+1]; 257 258 (void) sprintf(pkent, "%s:%s", public, secret); --- 24 unchanged lines hidden (view full) --- 283 (void) fprintf(stderr, "%s: cannot chdir to %s", 284 program_name, YPDBPATH); 285 } 286 (void) fprintf(stdout, 287 "Please wait for the database to get updated ...\n"); 288 return (mapupdate(name, PKMAP, YPOP_STORE, pkent)); 289 case PK_FILES: 290 return (localupdate(name, PKFILE, YPOP_STORE, pkent)); |
315 case PK_NISPLUS: 316 return (nisplus_update(name, public, secret, nis_princ)); | |
317 case PK_LDAP: 318 return (ldap_update("dh192-0", name, public, secret, pw)); 319 default: 320 break; 321 } 322 return (1); 323} 324 325void 326usage(void) 327{ 328 (void) fprintf(stderr, | 291 case PK_LDAP: 292 return (ldap_update("dh192-0", name, public, secret, pw)); 293 default: 294 break; 295 } 296 return (1); 297} 298 299void 300usage(void) 301{ 302 (void) fprintf(stderr, |
329 "usage:\t%s -u username [-s ldap | nisplus | nis | files]\n", | 303 "usage:\t%s -u username [-s ldap | nis | files]\n", |
330 program_name); 331 (void) fprintf(stderr, | 304 program_name); 305 (void) fprintf(stderr, |
332 "\t%s -h hostname [-s ldap | nisplus | nis | files]\n", | 306 "\t%s -h hostname [-s ldap | nis | files]\n", |
333 program_name); 334 exit(1); 335} 336 337/* 338 * The parameters passed into the routine get_password and the 339 * return values are as follows: 340 * If the -h flag was specified on the command line: --- 154 unchanged lines hidden --- | 307 program_name); 308 exit(1); 309} 310 311/* 312 * The parameters passed into the routine get_password and the 313 * return values are as follows: 314 * If the -h flag was specified on the command line: --- 154 unchanged lines hidden --- |