xref: /freebsd/crypto/heimdal/kadmin/cpw.c (revision 1e413cf93298b5b97441a21d9a50fdcd0ee9945e)
1 /*
2  * Copyright (c) 1997 - 2001 Kungliga Tekniska H�gskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "kadmin_locl.h"
35 
36 RCSID("$Id: cpw.c,v 1.13 2001/08/10 08:05:35 joda Exp $");
37 
38 struct cpw_entry_data {
39     int random_key;
40     int random_password;
41     char *password;
42     krb5_key_data *key_data;
43 };
44 
45 static struct getargs args[] = {
46     { "random-key",	'r',	arg_flag,	NULL, "set random key" },
47     { "random-password", 0,	arg_flag,	NULL, "set random password" },
48     { "password",	'p',	arg_string,	NULL, "princial's password" },
49     { "key",		 0,	arg_string,	NULL, "DES key in hex" }
50 };
51 
52 static int num_args = sizeof(args) / sizeof(args[0]);
53 
54 static void
55 usage(void)
56 {
57     arg_printusage(args, num_args, "passwd", "principal...");
58 }
59 
60 static int
61 set_random_key (krb5_principal principal)
62 {
63     krb5_error_code ret;
64     int i;
65     krb5_keyblock *keys;
66     int num_keys;
67 
68     ret = kadm5_randkey_principal(kadm_handle, principal, &keys, &num_keys);
69     if(ret)
70 	return ret;
71     for(i = 0; i < num_keys; i++)
72 	krb5_free_keyblock_contents(context, &keys[i]);
73     free(keys);
74     return 0;
75 }
76 
77 static int
78 set_random_password (krb5_principal principal)
79 {
80     krb5_error_code ret;
81     char pw[128];
82 
83     random_password (pw, sizeof(pw));
84     ret = kadm5_chpass_principal(kadm_handle, principal, pw);
85     if (ret == 0) {
86 	char *princ_name;
87 
88 	krb5_unparse_name(context, principal, &princ_name);
89 
90 	printf ("%s's password set to `%s'\n", princ_name, pw);
91 	free (princ_name);
92     }
93     memset (pw, 0, sizeof(pw));
94     return ret;
95 }
96 
97 static int
98 set_password (krb5_principal principal, char *password)
99 {
100     krb5_error_code ret = 0;
101     char pwbuf[128];
102 
103     if(password == NULL) {
104 	char *princ_name;
105 	char *prompt;
106 
107 	krb5_unparse_name(context, principal, &princ_name);
108 	asprintf(&prompt, "%s's Password: ", princ_name);
109 	free (princ_name);
110 	ret = des_read_pw_string(pwbuf, sizeof(pwbuf), prompt, 1);
111 	free (prompt);
112 	if(ret){
113 	    return 0; /* XXX error code? */
114 	}
115 	password = pwbuf;
116     }
117     if(ret == 0)
118 	ret = kadm5_chpass_principal(kadm_handle, principal, password);
119     memset(pwbuf, 0, sizeof(pwbuf));
120     return ret;
121 }
122 
123 static int
124 set_key_data (krb5_principal principal, krb5_key_data *key_data)
125 {
126     krb5_error_code ret;
127 
128     ret = kadm5_chpass_principal_with_key (kadm_handle, principal,
129 					   3, key_data);
130     return ret;
131 }
132 
133 static int
134 do_cpw_entry(krb5_principal principal, void *data)
135 {
136     struct cpw_entry_data *e = data;
137 
138     if (e->random_key)
139 	return set_random_key (principal);
140     else if (e->random_password)
141 	return set_random_password (principal);
142     else if (e->key_data)
143 	return set_key_data (principal, e->key_data);
144     else
145 	return set_password (principal, e->password);
146 }
147 
148 int
149 cpw_entry(int argc, char **argv)
150 {
151     krb5_error_code ret;
152     int i;
153     int optind = 0;
154     struct cpw_entry_data data;
155     int num;
156     char *key_string;
157     krb5_key_data key_data[3];
158 
159     data.random_key      = 0;
160     data.random_password = 0;
161     data.password        = NULL;
162     data.key_data	 = NULL;
163 
164     key_string = NULL;
165 
166     args[0].value = &data.random_key;
167     args[1].value = &data.random_password;
168     args[2].value = &data.password;
169     args[3].value = &key_string;
170     if(getarg(args, num_args, argc, argv, &optind)){
171 	usage();
172 	return 0;
173     }
174 
175     num = 0;
176     if (data.random_key)
177 	++num;
178     if (data.random_password)
179 	++num;
180     if (data.password)
181 	++num;
182     if (key_string)
183 	++num;
184 
185     if (num > 1) {
186 	printf ("give only one of "
187 		"--random-key, --random-password, --password, --key\n");
188 	return 0;
189     }
190 
191     if (key_string) {
192 	const char *error;
193 
194 	if (parse_des_key (key_string, key_data, &error)) {
195 	    printf ("failed parsing key `%s': %s\n", key_string, error);
196 	    return 0;
197 	}
198 	data.key_data = key_data;
199     }
200 
201     argc -= optind;
202     argv += optind;
203 
204     for(i = 0; i < argc; i++)
205 	ret = foreach_principal(argv[i], do_cpw_entry, "cpw", &data);
206 
207     if (data.key_data) {
208 	int16_t dummy;
209 	kadm5_free_key_data (kadm_handle, &dummy, key_data);
210     }
211 
212     return 0;
213 }
214