1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
27 /* All Rights Reserved */
28
29 /*
30 * University Copyright- Copyright (c) 1982, 1986, 1988
31 * The Regents of the University of California
32 * All Rights Reserved
33 *
34 * University Acknowledgment- Portions of this document are derived from
35 * software developed by the University of California, Berkeley, and its
36 * contributors.
37 */
38
39 /*
40 * Set secret key on local machine
41 */
42 #include <stdio.h>
43 #include <rpc/rpc.h>
44 #include <rpc/key_prot.h>
45 #include <nfs/nfs.h> /* to revoke existing creds */
46 #include <nfs/nfssys.h>
47 #include <string.h>
48 #include <rpcsvc/nis_dhext.h>
49
50 #define ROOTKEY_FILE "/etc/.rootkey"
51 #define ROOTKEY_FILE_BACKUP "/etc/.rootkey.bak"
52 /* Should last until 16384-bit DH keys */
53 #define MAXROOTKEY_LINE_LEN 4224
54 #define MAXROOTKEY_LEN 4096
55
56 extern int key_setnet_g();
57
58 static void logout_curr_key();
59 static int mkrootkey;
60
61 static char *sec_domain = NULL;
62 static char local_domain[MAXNETNAMELEN + 1];
63
64 /*
65 * fgets is broken in that if it reads a NUL character it will always return
66 * EOF. This replacement can deal with NULs
67 */
68 static char *
fgets_ignorenul(char * s,int n,FILE * stream)69 fgets_ignorenul(char *s, int n, FILE *stream)
70 {
71 int fildes = fileno(stream);
72 int i = 0;
73 int rs = 0;
74 char c;
75
76 if (fildes < 0)
77 return (NULL);
78
79 while (i < n - 1) {
80 rs = read(fildes, &c, 1);
81 switch (rs) {
82 case 1:
83 break;
84 case 0:
85 /* EOF */
86 if (i > 0)
87 s[i] = '\0';
88 return (NULL);
89 break;
90 default:
91 return (NULL);
92 }
93 switch (c) {
94 case '\0':
95 break;
96 case '\n':
97 s[i] = c;
98 s[++i] = '\0';
99 return (s);
100 default:
101 if (c != '\0')
102 s[i++] = c;
103 }
104 }
105 s[i] = '\0';
106 return (s);
107 }
108
109
110 /* write unencrypted secret key into root key file */
111 static void
write_rootkey(char * secret,char * flavor,keylen_t keylen,algtype_t algtype)112 write_rootkey(char *secret, char *flavor, keylen_t keylen, algtype_t algtype)
113 {
114 char line[MAXROOTKEY_LINE_LEN];
115 char keyent[MAXROOTKEY_LEN];
116 algtype_t atent;
117 int rootfd, bakfd, hexkeybytes;
118 bool_t lineone = TRUE;
119 bool_t gotit = FALSE;
120 FILE *rootfile, *bakfile;
121
122 unlink(ROOTKEY_FILE_BACKUP);
123 if ((rename(ROOTKEY_FILE, ROOTKEY_FILE_BACKUP)) < 0) {
124 if ((bakfd = creat(ROOTKEY_FILE_BACKUP, 0600)) < 0) {
125 perror("Could not create /etc/.rootkey.bak");
126 goto rootkey_err;
127 }
128 close(bakfd);
129 }
130
131 if ((rootfd = open(ROOTKEY_FILE, O_WRONLY+O_CREAT, 0600)) < 0) {
132 perror("Could not open /etc/.rootkey for writing");
133 fprintf(stderr,
134 "Attempting to restore original /etc/.rootkey\n");
135 (void) rename(ROOTKEY_FILE_BACKUP, ROOTKEY_FILE);
136 goto rootkey_err;
137 }
138 if (!(rootfile = fdopen(rootfd, "w"))) {
139 perror("Could not open /etc/.rootkey for writing");
140 fprintf(stderr,
141 "Attempting to restore original /etc/.rootkey\n");
142 close(rootfd);
143 unlink(ROOTKEY_FILE);
144 rename(ROOTKEY_FILE_BACKUP, ROOTKEY_FILE);
145 goto rootkey_err;
146 }
147 if (!(bakfile = fopen(ROOTKEY_FILE_BACKUP, "r"))) {
148 perror("Could not open /etc/.rootkey.bak for reading");
149 fprintf(stderr,
150 "Attempting to restore original /etc/.rootkey\n");
151 (void) fclose(rootfile);
152 unlink(ROOTKEY_FILE);
153 rename(ROOTKEY_FILE_BACKUP, ROOTKEY_FILE);
154 goto rootkey_err;
155 }
156
157 hexkeybytes = ((keylen + 7) / 8) * 2;
158
159 while (fgets_ignorenul(line, MAXROOTKEY_LINE_LEN, bakfile)) {
160 if (sscanf(line, "%s %d", keyent, &atent) < 2) {
161 /*
162 * No encryption algorithm found in the file
163 * (atent) so default to DES.
164 */
165 atent = AUTH_DES_ALGTYPE;
166 }
167 /*
168 * 192-bit keys always go on the first line
169 */
170 if (lineone) {
171 lineone = FALSE;
172 if (keylen == 192) {
173 gotit = TRUE;
174 fprintf(rootfile, "%s\n", secret);
175 } else
176 fprintf(rootfile, "%s", line);
177 (void) fflush(rootfile);
178 } else {
179 if ((strlen(keyent) == hexkeybytes) &&
180 (atent == algtype)) {
181 /*
182 * Silently remove lines with the same
183 * keylen/algtype
184 */
185 if (gotit)
186 continue;
187 else
188 gotit = TRUE;
189
190 fprintf(rootfile, "%s %d\n", secret, algtype);
191 } else
192 fprintf(rootfile, "%s", line);
193 (void) fflush(rootfile);
194 }
195 }
196
197 /* Append key to rootkey file */
198 if (!gotit) {
199 if (keylen == 192)
200 fprintf(rootfile, "%s\n", secret);
201 else {
202 if (lineone)
203 fprintf(rootfile, "\n");
204 fprintf(rootfile, "%s %d\n", secret, algtype);
205 }
206 }
207 (void) fflush(rootfile);
208 fclose(rootfile);
209 fclose(bakfile);
210 unlink(ROOTKEY_FILE_BACKUP);
211 if (keylen == 192)
212 fprintf(stderr, "Wrote secret key into %s\n", ROOTKEY_FILE);
213 else
214 fprintf(stderr, "Wrote %s key into %s\n", flavor,
215 ROOTKEY_FILE);
216 return;
217
218 rootkey_err:
219 fprintf(stderr, "WARNING: Could not write %s key to /etc/.rootkey\n",
220 flavor);
221 }
222
223 /* Perform AUTH_DES keylogin */
224 static int
oldkeylogin(char * fullname,char * pass)225 oldkeylogin(char *fullname, char *pass)
226 {
227 char secret[HEXKEYBYTES+1];
228 struct key_netstarg netst;
229
230 if (getsecretkey(fullname, secret, pass) == 0) {
231 fprintf(stderr, "Could not find %s's secret key\n",
232 fullname);
233 if (sec_domain && *sec_domain &&
234 strcasecmp(sec_domain, local_domain)) {
235 fprintf(stderr,
236 "The system default domain '%s' is different from the Secure RPC\n\
237 domain %s where the key is stored. The Secure RPC domainname is\n\
238 defined by the directory object stored in the /var/nis/NIS_COLD_START file.\n\
239 If you need to change this Secure RPC domainname, please use the nisinit(8)\n\
240 command with the `-k` option.\n", local_domain, sec_domain);
241 } else {
242 fprintf(stderr,
243 "Make sure the secret key is stored in domain %s\n",
244 local_domain);
245 }
246 return (1);
247 }
248
249 if (secret[0] == 0) {
250 fprintf(stderr, "Password incorrect for %s\n",
251 fullname);
252 return (1);
253 }
254 /* revoke any existing (lingering) credentials... */
255 logout_curr_key();
256
257 memcpy(netst.st_priv_key, secret, HEXKEYBYTES);
258 memset(secret, 0, HEXKEYBYTES);
259
260 netst.st_pub_key[0] = 0;
261 netst.st_netname = strdup(fullname);
262
263 /* do actual key login */
264 if (key_setnet(&netst) < 0) {
265 fprintf(stderr, "Could not set %s's secret key\n",
266 fullname);
267 fprintf(stderr, "May be the keyserv is down?\n");
268 if (mkrootkey == 0) /* nothing else to do */
269 return (1);
270 }
271
272 /* write unencrypted secret key into root key file */
273 if (mkrootkey)
274 write_rootkey(netst.st_priv_key, "des", 192, 0);
275
276 return (0);
277 }
278
279 /*
280 * Revokes the existing credentials for Secure-RPC and Secure-NFS.
281 * This should only be called if the user entered the correct password;
282 * sorta like the way "su" doesn't force a login if you enter the wrong
283 * password.
284 */
285
286 static void
logout_curr_key()287 logout_curr_key()
288 {
289 static char secret[HEXKEYBYTES + 1];
290 struct nfs_revauth_args nra;
291
292 /*
293 * try to revoke the existing key/credentials, assuming
294 * one exists. this will effectively mark "stale" any
295 * cached credientials...
296 */
297 if (key_setsecret(secret) < 0) {
298 return;
299 }
300
301 /*
302 * it looks like a credential already existed, so try and
303 * revoke any lingering Secure-NFS privledges.
304 */
305
306 nra.authtype = AUTH_DES;
307 nra.uid = getuid();
308
309 (void) _nfssys(NFS_REVAUTH, &nra);
310 }
311
312 void
usage(cmd)313 usage(cmd)
314 char *cmd;
315 {
316 fprintf(stderr, "usage: %s [-r]\n", cmd);
317 exit(1);
318 }
319
320
321 int
main(int argc,char * argv[])322 main(int argc, char *argv[])
323 {
324 char secret[4096];
325 char fullname[MAXNETNAMELEN + 1];
326 char *getpass();
327 char *pass;
328 int i = 0;
329 mechanism_t **mechlist;
330
331 if (argc == 1)
332 mkrootkey = 0;
333 else if (argc == 2 && (strcmp(argv[1], "-r") == 0)) {
334 if (geteuid() != 0) {
335 fprintf(stderr, "Must be root to use -r option.\n");
336 exit(1);
337 }
338 mkrootkey = 1;
339 } else
340 usage(argv[0]);
341
342 if (getnetname(fullname) == 0) {
343 fprintf(stderr, "Could not generate netname\n");
344 exit(1);
345 }
346 sec_domain = strdup(strchr(fullname, '@') + 1);
347 getdomainname(local_domain, MAXNETNAMELEN);
348
349 if (!(pass = getpass("Password:")))
350 exit(1);
351
352 if (mechlist = __nis_get_mechanisms(FALSE)) {
353 while (mechlist[i]) {
354 char *alias;
355
356 if (AUTH_DES_COMPAT_CHK(mechlist[i])) {
357 (void) oldkeylogin(fullname, pass);
358 i++;
359 continue;
360 }
361
362 if (VALID_ALIAS(mechlist[i]->alias))
363 alias = mechlist[i]->alias;
364 else
365 alias = "";
366
367 if (getsecretkey_g(fullname, mechlist[i]->keylen,
368 mechlist[i]->algtype, secret,
369 (((mechlist[i]->keylen / 7) +
370 8) * 2) + 1, pass) == 0) {
371 fprintf(stderr,
372 "WARNING: Could not find %s's %s secret key\n",
373 fullname, alias);
374 i++;
375 continue;
376 }
377
378 if (secret[0] == 0) {
379 fprintf(stderr,
380 "Password incorrect for %s's %s key.\n",
381 fullname, alias);
382 i++;
383 continue;
384 }
385
386 if (key_setnet_g(fullname, secret,
387 mechlist[i]->keylen, NULL, 0,
388 mechlist[i]->algtype) < 0) {
389 fprintf(stderr,
390 "Could not set %s's %s secret key\n",
391 fullname, alias);
392 fprintf(stderr,
393 "May be the keyserv is down?\n");
394 exit(1);
395 }
396
397 if (mkrootkey)
398 write_rootkey(secret, mechlist[i]->alias,
399 mechlist[i]->keylen,
400 mechlist[i]->algtype);
401 i++;
402 }
403 } else
404 exit(oldkeylogin(fullname, pass));
405
406 return (0);
407 }
408