181cb6ddcSMark Murray /*-
281cb6ddcSMark Murray * Copyright (c) 1992, 1993
381cb6ddcSMark Murray * The Regents of the University of California. All rights reserved.
481cb6ddcSMark Murray *
581cb6ddcSMark Murray * Redistribution and use in source and binary forms, with or without
681cb6ddcSMark Murray * modification, are permitted provided that the following conditions
781cb6ddcSMark Murray * are met:
881cb6ddcSMark Murray * 1. Redistributions of source code must retain the above copyright
981cb6ddcSMark Murray * notice, this list of conditions and the following disclaimer.
1081cb6ddcSMark Murray * 2. Redistributions in binary form must reproduce the above copyright
1181cb6ddcSMark Murray * notice, this list of conditions and the following disclaimer in the
1281cb6ddcSMark Murray * documentation and/or other materials provided with the distribution.
13*83129c0bSEd Maste * 3. Neither the name of the University nor the names of its contributors
1481cb6ddcSMark Murray * may be used to endorse or promote products derived from this software
1581cb6ddcSMark Murray * without specific prior written permission.
1681cb6ddcSMark Murray *
1781cb6ddcSMark Murray * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
1881cb6ddcSMark Murray * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1981cb6ddcSMark Murray * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
2081cb6ddcSMark Murray * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
2181cb6ddcSMark Murray * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
2281cb6ddcSMark Murray * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2381cb6ddcSMark Murray * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2481cb6ddcSMark Murray * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
2581cb6ddcSMark Murray * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
2681cb6ddcSMark Murray * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2781cb6ddcSMark Murray * SUCH DAMAGE.
2881cb6ddcSMark Murray */
2981cb6ddcSMark Murray
3081cb6ddcSMark Murray #ifndef lint
3181cb6ddcSMark Murray static char sccsid[] = "@(#)krb4encpwd.c 8.3 (Berkeley) 5/30/95";
3281cb6ddcSMark Murray #endif /* not lint */
3381cb6ddcSMark Murray
3481cb6ddcSMark Murray
3581cb6ddcSMark Murray #ifdef KRB4_ENCPWD
3681cb6ddcSMark Murray /*
3781cb6ddcSMark Murray * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION
3881cb6ddcSMark Murray * ALL RIGHTS RESERVED
3981cb6ddcSMark Murray *
4081cb6ddcSMark Murray * "Digital Equipment Corporation authorizes the reproduction,
4181cb6ddcSMark Murray * distribution and modification of this software subject to the following
4281cb6ddcSMark Murray * restrictions:
4381cb6ddcSMark Murray *
4481cb6ddcSMark Murray * 1. Any partial or whole copy of this software, or any modification
4581cb6ddcSMark Murray * thereof, must include this copyright notice in its entirety.
4681cb6ddcSMark Murray *
4781cb6ddcSMark Murray * 2. This software is supplied "as is" with no warranty of any kind,
4881cb6ddcSMark Murray * expressed or implied, for any purpose, including any warranty of fitness
4981cb6ddcSMark Murray * or merchantibility. DIGITAL assumes no responsibility for the use or
5081cb6ddcSMark Murray * reliability of this software, nor promises to provide any form of
5181cb6ddcSMark Murray * support for it on any basis.
5281cb6ddcSMark Murray *
5381cb6ddcSMark Murray * 3. Distribution of this software is authorized only if no profit or
5481cb6ddcSMark Murray * remuneration of any kind is received in exchange for such distribution.
5581cb6ddcSMark Murray *
5681cb6ddcSMark Murray * 4. This software produces public key authentication certificates
5781cb6ddcSMark Murray * bearing an expiration date established by DIGITAL and RSA Data
5881cb6ddcSMark Murray * Security, Inc. It may cease to generate certificates after the expiration
5981cb6ddcSMark Murray * date. Any modification of this software that changes or defeats
6081cb6ddcSMark Murray * the expiration date or its effect is unauthorized.
6181cb6ddcSMark Murray *
6281cb6ddcSMark Murray * 5. Software that will renew or extend the expiration date of
6381cb6ddcSMark Murray * authentication certificates produced by this software may be obtained
6481cb6ddcSMark Murray * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA
6581cb6ddcSMark Murray * 94065, (415)595-8782, or from DIGITAL"
6681cb6ddcSMark Murray *
6781cb6ddcSMark Murray */
6881cb6ddcSMark Murray
6981cb6ddcSMark Murray #include <sys/types.h>
708fa113e5SMark Murray #include <openssl/des.h>
7181cb6ddcSMark Murray #include <arpa/telnet.h>
728fa113e5SMark Murray #include <krb.h>
7381cb6ddcSMark Murray #include <pwd.h>
7481cb6ddcSMark Murray #include <stdio.h>
7581cb6ddcSMark Murray #include <stdlib.h>
7681cb6ddcSMark Murray #include <string.h>
7781cb6ddcSMark Murray
7881cb6ddcSMark Murray #include "encrypt.h"
7981cb6ddcSMark Murray #include "auth.h"
8081cb6ddcSMark Murray #include "misc.h"
8181cb6ddcSMark Murray
823138440aSMark Murray int krb_mk_encpwd_req(KTEXT, char *, char *, char *, char *, char *, char *);
833138440aSMark Murray int krb_rd_encpwd_req(KTEXT, char *, char *, u_long, AUTH_DAT *, char *, char *, char *, char *);
8481cb6ddcSMark Murray
8581cb6ddcSMark Murray extern auth_debug_mode;
8681cb6ddcSMark Murray
8781cb6ddcSMark Murray static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
8881cb6ddcSMark Murray AUTHTYPE_KRB4_ENCPWD, };
8981cb6ddcSMark Murray static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION,
9081cb6ddcSMark Murray TELQUAL_NAME, };
9181cb6ddcSMark Murray
9281cb6ddcSMark Murray #define KRB4_ENCPWD_AUTH 0 /* Authentication data follows */
9381cb6ddcSMark Murray #define KRB4_ENCPWD_REJECT 1 /* Rejected (reason might follow) */
9481cb6ddcSMark Murray #define KRB4_ENCPWD_ACCEPT 2 /* Accepted */
9581cb6ddcSMark Murray #define KRB4_ENCPWD_CHALLENGE 3 /* Challenge for mutual auth. */
9681cb6ddcSMark Murray #define KRB4_ENCPWD_ACK 4 /* Acknowledge */
9781cb6ddcSMark Murray
9881cb6ddcSMark Murray #define KRB_SERVICE_NAME "rcmd"
9981cb6ddcSMark Murray
10081cb6ddcSMark Murray static KTEXT_ST auth;
10181cb6ddcSMark Murray static char name[ANAME_SZ];
10281cb6ddcSMark Murray static char user_passwd[ANAME_SZ];
10381cb6ddcSMark Murray static AUTH_DAT adat = { 0 };
10481cb6ddcSMark Murray #ifdef ENCRYPTION
10581cb6ddcSMark Murray static Block session_key = { 0 };
10681cb6ddcSMark Murray #endif /* ENCRYPTION */
10781cb6ddcSMark Murray static char challenge[REALM_SZ];
10881cb6ddcSMark Murray
10981cb6ddcSMark Murray static int
Data(ap,type,d,c)11081cb6ddcSMark Murray Data(ap, type, d, c)
11181cb6ddcSMark Murray Authenticator *ap;
11281cb6ddcSMark Murray int type;
11381cb6ddcSMark Murray void *d;
11481cb6ddcSMark Murray int c;
11581cb6ddcSMark Murray {
11681cb6ddcSMark Murray unsigned char *p = str_data + 4;
11781cb6ddcSMark Murray unsigned char *cd = (unsigned char *)d;
11881cb6ddcSMark Murray
11981cb6ddcSMark Murray if (c == -1)
12081cb6ddcSMark Murray c = strlen((char *)cd);
12181cb6ddcSMark Murray
12281cb6ddcSMark Murray if (0) {
12381cb6ddcSMark Murray printf("%s:%d: [%d] (%d)",
12481cb6ddcSMark Murray str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
12581cb6ddcSMark Murray str_data[3],
12681cb6ddcSMark Murray type, c);
12781cb6ddcSMark Murray printd(d, c);
12881cb6ddcSMark Murray printf("\r\n");
12981cb6ddcSMark Murray }
13081cb6ddcSMark Murray *p++ = ap->type;
13181cb6ddcSMark Murray *p++ = ap->way;
13281cb6ddcSMark Murray *p++ = type;
13381cb6ddcSMark Murray while (c-- > 0) {
13481cb6ddcSMark Murray if ((*p++ = *cd++) == IAC)
13581cb6ddcSMark Murray *p++ = IAC;
13681cb6ddcSMark Murray }
13781cb6ddcSMark Murray *p++ = IAC;
13881cb6ddcSMark Murray *p++ = SE;
13981cb6ddcSMark Murray if (str_data[3] == TELQUAL_IS)
14081cb6ddcSMark Murray printsub('>', &str_data[2], p - (&str_data[2]));
14181cb6ddcSMark Murray return(net_write(str_data, p - str_data));
14281cb6ddcSMark Murray }
14381cb6ddcSMark Murray
14481cb6ddcSMark Murray int
krb4encpwd_init(ap,server)14581cb6ddcSMark Murray krb4encpwd_init(ap, server)
14681cb6ddcSMark Murray Authenticator *ap;
14781cb6ddcSMark Murray int server;
14881cb6ddcSMark Murray {
14981cb6ddcSMark Murray char hostname[80], *cp, *realm;
15081cb6ddcSMark Murray C_Block skey;
15181cb6ddcSMark Murray
15281cb6ddcSMark Murray if (server) {
15381cb6ddcSMark Murray str_data[3] = TELQUAL_REPLY;
15481cb6ddcSMark Murray } else {
15581cb6ddcSMark Murray str_data[3] = TELQUAL_IS;
15681cb6ddcSMark Murray gethostname(hostname, sizeof(hostname));
15781cb6ddcSMark Murray realm = krb_realmofhost(hostname);
15881cb6ddcSMark Murray cp = strchr(hostname, '.');
15981cb6ddcSMark Murray if (*cp != NULL) *cp = NULL;
16081cb6ddcSMark Murray if (read_service_key(KRB_SERVICE_NAME, hostname, realm, 0,
16181cb6ddcSMark Murray KEYFILE, (char *)skey)) {
16281cb6ddcSMark Murray return(0);
16381cb6ddcSMark Murray }
16481cb6ddcSMark Murray }
16581cb6ddcSMark Murray return(1);
16681cb6ddcSMark Murray }
16781cb6ddcSMark Murray
16881cb6ddcSMark Murray int
krb4encpwd_send(ap)16981cb6ddcSMark Murray krb4encpwd_send(ap)
17081cb6ddcSMark Murray Authenticator *ap;
17181cb6ddcSMark Murray {
17281cb6ddcSMark Murray
17381cb6ddcSMark Murray printf("[ Trying KRB4ENCPWD ... ]\n");
17481cb6ddcSMark Murray if (!UserNameRequested) {
17581cb6ddcSMark Murray return(0);
17681cb6ddcSMark Murray }
17781cb6ddcSMark Murray if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
17881cb6ddcSMark Murray return(0);
17981cb6ddcSMark Murray }
18081cb6ddcSMark Murray
18181cb6ddcSMark Murray if (!Data(ap, KRB4_ENCPWD_ACK, (void *)NULL, 0)) {
18281cb6ddcSMark Murray return(0);
18381cb6ddcSMark Murray }
18481cb6ddcSMark Murray
18581cb6ddcSMark Murray return(1);
18681cb6ddcSMark Murray }
18781cb6ddcSMark Murray
18881cb6ddcSMark Murray void
krb4encpwd_is(ap,data,cnt)18981cb6ddcSMark Murray krb4encpwd_is(ap, data, cnt)
19081cb6ddcSMark Murray Authenticator *ap;
19181cb6ddcSMark Murray unsigned char *data;
19281cb6ddcSMark Murray int cnt;
19381cb6ddcSMark Murray {
19481cb6ddcSMark Murray Session_Key skey;
19581cb6ddcSMark Murray Block datablock;
19681cb6ddcSMark Murray char r_passwd[ANAME_SZ], r_user[ANAME_SZ];
19781cb6ddcSMark Murray char lhostname[ANAME_SZ], *cp;
19881cb6ddcSMark Murray int r;
19981cb6ddcSMark Murray time_t now;
20081cb6ddcSMark Murray
20181cb6ddcSMark Murray if (cnt-- < 1)
20281cb6ddcSMark Murray return;
20381cb6ddcSMark Murray switch (*data++) {
20481cb6ddcSMark Murray case KRB4_ENCPWD_AUTH:
20581cb6ddcSMark Murray memmove((void *)auth.dat, (void *)data, auth.length = cnt);
20681cb6ddcSMark Murray
20781cb6ddcSMark Murray gethostname(lhostname, sizeof(lhostname));
20881cb6ddcSMark Murray if ((cp = strchr(lhostname, '.')) != 0) *cp = '\0';
20981cb6ddcSMark Murray
21081cb6ddcSMark Murray if (r = krb_rd_encpwd_req(&auth, KRB_SERVICE_NAME, lhostname, 0, &adat, NULL, challenge, r_user, r_passwd)) {
21181cb6ddcSMark Murray Data(ap, KRB4_ENCPWD_REJECT, (void *)"Auth failed", -1);
21281cb6ddcSMark Murray auth_finished(ap, AUTH_REJECT);
21381cb6ddcSMark Murray return;
21481cb6ddcSMark Murray }
21581cb6ddcSMark Murray auth_encrypt_userpwd(r_passwd);
21681cb6ddcSMark Murray if (passwdok(UserNameRequested, UserPassword) == 0) {
21781cb6ddcSMark Murray /*
21881cb6ddcSMark Murray * illegal username and password
21981cb6ddcSMark Murray */
22081cb6ddcSMark Murray Data(ap, KRB4_ENCPWD_REJECT, (void *)"Illegal password", -1);
22181cb6ddcSMark Murray auth_finished(ap, AUTH_REJECT);
22281cb6ddcSMark Murray return;
22381cb6ddcSMark Murray }
22481cb6ddcSMark Murray
22581cb6ddcSMark Murray memmove((void *)session_key, (void *)adat.session, sizeof(Block));
22681cb6ddcSMark Murray Data(ap, KRB4_ENCPWD_ACCEPT, (void *)0, 0);
22781cb6ddcSMark Murray auth_finished(ap, AUTH_USER);
22881cb6ddcSMark Murray break;
22981cb6ddcSMark Murray
23081cb6ddcSMark Murray case KRB4_ENCPWD_CHALLENGE:
23181cb6ddcSMark Murray /*
23281cb6ddcSMark Murray * Take the received random challenge text and save
23381cb6ddcSMark Murray * for future authentication.
23481cb6ddcSMark Murray */
23581cb6ddcSMark Murray memmove((void *)challenge, (void *)data, sizeof(Block));
23681cb6ddcSMark Murray break;
23781cb6ddcSMark Murray
23881cb6ddcSMark Murray
23981cb6ddcSMark Murray case KRB4_ENCPWD_ACK:
24081cb6ddcSMark Murray /*
24181cb6ddcSMark Murray * Receive ack, if mutual then send random challenge
24281cb6ddcSMark Murray */
24381cb6ddcSMark Murray
24481cb6ddcSMark Murray /*
24581cb6ddcSMark Murray * If we are doing mutual authentication, get set up to send
24681cb6ddcSMark Murray * the challenge, and verify it when the response comes back.
24781cb6ddcSMark Murray */
24881cb6ddcSMark Murray
24981cb6ddcSMark Murray if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
25081cb6ddcSMark Murray register int i;
25181cb6ddcSMark Murray
25281cb6ddcSMark Murray time(&now);
25381cb6ddcSMark Murray sprintf(challenge, "%x", now);
25481cb6ddcSMark Murray Data(ap, KRB4_ENCPWD_CHALLENGE, (void *)challenge, strlen(challenge));
25581cb6ddcSMark Murray }
25681cb6ddcSMark Murray break;
25781cb6ddcSMark Murray
25881cb6ddcSMark Murray default:
25981cb6ddcSMark Murray Data(ap, KRB4_ENCPWD_REJECT, 0, 0);
26081cb6ddcSMark Murray break;
26181cb6ddcSMark Murray }
26281cb6ddcSMark Murray }
26381cb6ddcSMark Murray
26481cb6ddcSMark Murray
26581cb6ddcSMark Murray void
krb4encpwd_reply(ap,data,cnt)26681cb6ddcSMark Murray krb4encpwd_reply(ap, data, cnt)
26781cb6ddcSMark Murray Authenticator *ap;
26881cb6ddcSMark Murray unsigned char *data;
26981cb6ddcSMark Murray int cnt;
27081cb6ddcSMark Murray {
27181cb6ddcSMark Murray Session_Key skey;
27281cb6ddcSMark Murray KTEXT_ST krb_token;
27381cb6ddcSMark Murray Block enckey;
27481cb6ddcSMark Murray CREDENTIALS cred;
27581cb6ddcSMark Murray int r;
27681cb6ddcSMark Murray char randchal[REALM_SZ], instance[ANAME_SZ], *cp;
27781cb6ddcSMark Murray char hostname[80], *realm;
27881cb6ddcSMark Murray
27981cb6ddcSMark Murray if (cnt-- < 1)
28081cb6ddcSMark Murray return;
28181cb6ddcSMark Murray switch (*data++) {
28281cb6ddcSMark Murray case KRB4_ENCPWD_REJECT:
28381cb6ddcSMark Murray if (cnt > 0) {
28481cb6ddcSMark Murray printf("[ KRB4_ENCPWD refuses authentication because %.*s ]\r\n",
28581cb6ddcSMark Murray cnt, data);
28681cb6ddcSMark Murray } else
28781cb6ddcSMark Murray printf("[ KRB4_ENCPWD refuses authentication ]\r\n");
28881cb6ddcSMark Murray auth_send_retry();
28981cb6ddcSMark Murray return;
29081cb6ddcSMark Murray case KRB4_ENCPWD_ACCEPT:
29181cb6ddcSMark Murray printf("[ KRB4_ENCPWD accepts you ]\n");
29281cb6ddcSMark Murray auth_finished(ap, AUTH_USER);
29381cb6ddcSMark Murray return;
29481cb6ddcSMark Murray case KRB4_ENCPWD_CHALLENGE:
29581cb6ddcSMark Murray /*
29681cb6ddcSMark Murray * Verify that the response to the challenge is correct.
29781cb6ddcSMark Murray */
29881cb6ddcSMark Murray
29981cb6ddcSMark Murray gethostname(hostname, sizeof(hostname));
30081cb6ddcSMark Murray realm = krb_realmofhost(hostname);
30181cb6ddcSMark Murray memmove((void *)challenge, (void *)data, cnt);
30281cb6ddcSMark Murray memset(user_passwd, 0, sizeof(user_passwd));
30381cb6ddcSMark Murray local_des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0);
30481cb6ddcSMark Murray UserPassword = user_passwd;
30581cb6ddcSMark Murray Challenge = challenge;
30681cb6ddcSMark Murray strcpy(instance, RemoteHostName);
30781cb6ddcSMark Murray if ((cp = strchr(instance, '.')) != 0) *cp = '\0';
30881cb6ddcSMark Murray
30981cb6ddcSMark Murray if (r = krb_mk_encpwd_req(&krb_token, KRB_SERVICE_NAME, instance, realm, Challenge, UserNameRequested, user_passwd)) {
31081cb6ddcSMark Murray krb_token.length = 0;
31181cb6ddcSMark Murray }
31281cb6ddcSMark Murray
31381cb6ddcSMark Murray if (!Data(ap, KRB4_ENCPWD_AUTH, (void *)krb_token.dat, krb_token.length)) {
31481cb6ddcSMark Murray return;
31581cb6ddcSMark Murray }
31681cb6ddcSMark Murray
31781cb6ddcSMark Murray break;
31881cb6ddcSMark Murray
31981cb6ddcSMark Murray default:
32081cb6ddcSMark Murray return;
32181cb6ddcSMark Murray }
32281cb6ddcSMark Murray }
32381cb6ddcSMark Murray
32481cb6ddcSMark Murray int
krb4encpwd_status(ap,name,level)32581cb6ddcSMark Murray krb4encpwd_status(ap, name, level)
32681cb6ddcSMark Murray Authenticator *ap;
32781cb6ddcSMark Murray char *name;
32881cb6ddcSMark Murray int level;
32981cb6ddcSMark Murray {
33081cb6ddcSMark Murray
33181cb6ddcSMark Murray if (level < AUTH_USER)
33281cb6ddcSMark Murray return(level);
33381cb6ddcSMark Murray
33481cb6ddcSMark Murray if (UserNameRequested && passwdok(UserNameRequested, UserPassword)) {
33581cb6ddcSMark Murray strcpy(name, UserNameRequested);
33681cb6ddcSMark Murray return(AUTH_VALID);
33781cb6ddcSMark Murray } else {
33881cb6ddcSMark Murray return(AUTH_USER);
33981cb6ddcSMark Murray }
34081cb6ddcSMark Murray }
34181cb6ddcSMark Murray
34281cb6ddcSMark Murray #define BUMP(buf, len) while (*(buf)) {++(buf), --(len);}
34381cb6ddcSMark Murray #define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);}
34481cb6ddcSMark Murray
34581cb6ddcSMark Murray void
krb4encpwd_printsub(data,cnt,buf,buflen)34681cb6ddcSMark Murray krb4encpwd_printsub(data, cnt, buf, buflen)
34781cb6ddcSMark Murray unsigned char *data, *buf;
34881cb6ddcSMark Murray int cnt, buflen;
34981cb6ddcSMark Murray {
35081cb6ddcSMark Murray char lbuf[32];
35181cb6ddcSMark Murray register int i;
35281cb6ddcSMark Murray
35381cb6ddcSMark Murray buf[buflen-1] = '\0'; /* make sure its NULL terminated */
35481cb6ddcSMark Murray buflen -= 1;
35581cb6ddcSMark Murray
35681cb6ddcSMark Murray switch(data[3]) {
35781cb6ddcSMark Murray case KRB4_ENCPWD_REJECT: /* Rejected (reason might follow) */
35881cb6ddcSMark Murray strncpy((char *)buf, " REJECT ", buflen);
35981cb6ddcSMark Murray goto common;
36081cb6ddcSMark Murray
36181cb6ddcSMark Murray case KRB4_ENCPWD_ACCEPT: /* Accepted (name might follow) */
36281cb6ddcSMark Murray strncpy((char *)buf, " ACCEPT ", buflen);
36381cb6ddcSMark Murray common:
36481cb6ddcSMark Murray BUMP(buf, buflen);
36581cb6ddcSMark Murray if (cnt <= 4)
36681cb6ddcSMark Murray break;
36781cb6ddcSMark Murray ADDC(buf, buflen, '"');
36881cb6ddcSMark Murray for (i = 4; i < cnt; i++)
36981cb6ddcSMark Murray ADDC(buf, buflen, data[i]);
37081cb6ddcSMark Murray ADDC(buf, buflen, '"');
37181cb6ddcSMark Murray ADDC(buf, buflen, '\0');
37281cb6ddcSMark Murray break;
37381cb6ddcSMark Murray
37481cb6ddcSMark Murray case KRB4_ENCPWD_AUTH: /* Authentication data follows */
37581cb6ddcSMark Murray strncpy((char *)buf, " AUTH", buflen);
37681cb6ddcSMark Murray goto common2;
37781cb6ddcSMark Murray
37881cb6ddcSMark Murray case KRB4_ENCPWD_CHALLENGE:
37981cb6ddcSMark Murray strncpy((char *)buf, " CHALLENGE", buflen);
38081cb6ddcSMark Murray goto common2;
38181cb6ddcSMark Murray
38281cb6ddcSMark Murray case KRB4_ENCPWD_ACK:
38381cb6ddcSMark Murray strncpy((char *)buf, " ACK", buflen);
38481cb6ddcSMark Murray goto common2;
38581cb6ddcSMark Murray
38681cb6ddcSMark Murray default:
38781cb6ddcSMark Murray sprintf(lbuf, " %d (unknown)", data[3]);
38881cb6ddcSMark Murray strncpy((char *)buf, lbuf, buflen);
38981cb6ddcSMark Murray common2:
39081cb6ddcSMark Murray BUMP(buf, buflen);
39181cb6ddcSMark Murray for (i = 4; i < cnt; i++) {
39281cb6ddcSMark Murray sprintf(lbuf, " %d", data[i]);
39381cb6ddcSMark Murray strncpy((char *)buf, lbuf, buflen);
39481cb6ddcSMark Murray BUMP(buf, buflen);
39581cb6ddcSMark Murray }
39681cb6ddcSMark Murray break;
39781cb6ddcSMark Murray }
39881cb6ddcSMark Murray }
39981cb6ddcSMark Murray
passwdok(name,passwd)40081cb6ddcSMark Murray int passwdok(name, passwd)
40181cb6ddcSMark Murray char *name, *passwd;
40281cb6ddcSMark Murray {
40381cb6ddcSMark Murray char *crypt();
40481cb6ddcSMark Murray char *salt, *p;
40581cb6ddcSMark Murray struct passwd *pwd;
40681cb6ddcSMark Murray int passwdok_status = 0;
40781cb6ddcSMark Murray
40881cb6ddcSMark Murray if (pwd = getpwnam(name))
40981cb6ddcSMark Murray salt = pwd->pw_passwd;
41081cb6ddcSMark Murray else salt = "xx";
41181cb6ddcSMark Murray
41281cb6ddcSMark Murray p = crypt(passwd, salt);
41381cb6ddcSMark Murray
41481cb6ddcSMark Murray if (pwd && !strcmp(p, pwd->pw_passwd)) {
41581cb6ddcSMark Murray passwdok_status = 1;
41681cb6ddcSMark Murray } else passwdok_status = 0;
41781cb6ddcSMark Murray return(passwdok_status);
41881cb6ddcSMark Murray }
41981cb6ddcSMark Murray
42081cb6ddcSMark Murray #endif
421