xref: /freebsd/crypto/heimdal/kadmin/cpw.c (revision 77a0943ded95b9e6438f7db70c4a28e4d93946d4) 
1 /*
2  * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska H�gskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "kadmin_locl.h"
35 
36 RCSID("$Id: cpw.c,v 1.9 1999/12/02 17:04:57 joda Exp $");
37 
38 struct cpw_entry_data {
39     int random_key;
40     int random_password;
41     char *password;
42 };
43 
44 static struct getargs args[] = {
45     { "random-key",	'r',	arg_flag,	NULL, "set random key" },
46     { "random-password", 0,	arg_flag,	NULL, "set random password" },
47     { "password",	'p',	arg_string,	NULL, "princial's password" },
48 };
49 
50 static int num_args = sizeof(args) / sizeof(args[0]);
51 
52 static void
53 usage(void)
54 {
55     arg_printusage(args, num_args, "cpw", "principal...");
56 }
57 
58 static int
59 set_random_key (krb5_principal principal)
60 {
61     krb5_error_code ret;
62     int i;
63     krb5_keyblock *keys;
64     int num_keys;
65 
66     ret = kadm5_randkey_principal(kadm_handle, principal, &keys, &num_keys);
67     if(ret)
68 	return ret;
69     for(i = 0; i < num_keys; i++)
70 	krb5_free_keyblock_contents(context, &keys[i]);
71     free(keys);
72     return 0;
73 }
74 
75 static int
76 set_random_password (krb5_principal principal)
77 {
78     krb5_error_code ret;
79     char pw[128];
80 
81     random_password (pw, sizeof(pw));
82     ret = kadm5_chpass_principal(kadm_handle, principal, pw);
83     if (ret == 0) {
84 	char *princ_name;
85 
86 	krb5_unparse_name(context, principal, &princ_name);
87 
88 	printf ("%s's password set to `%s'\n", princ_name, pw);
89 	free (princ_name);
90     }
91     memset (pw, 0, sizeof(pw));
92     return ret;
93 }
94 
95 static int
96 set_password (krb5_principal principal, char *password)
97 {
98     krb5_error_code ret = 0;
99     char pwbuf[128];
100 
101     if(password == NULL) {
102 	char *princ_name;
103 	char *prompt;
104 
105 	krb5_unparse_name(context, principal, &princ_name);
106 	asprintf(&prompt, "%s's Password: ", princ_name);
107 	free (princ_name);
108 	ret = des_read_pw_string(pwbuf, sizeof(pwbuf), prompt, 1);
109 	free (prompt);
110 	if(ret){
111 	    return 0; /* XXX error code? */
112 	}
113 	password = pwbuf;
114     }
115     if(ret == 0)
116 	ret = kadm5_chpass_principal(kadm_handle, principal, password);
117     memset(pwbuf, 0, sizeof(pwbuf));
118     return ret;
119 }
120 
121 static int
122 do_cpw_entry(krb5_principal principal, void *data)
123 {
124     struct cpw_entry_data *e = data;
125 
126     if (e->random_key)
127 	return set_random_key (principal);
128     else if (e->random_password)
129 	return set_random_password (principal);
130     else
131 	return set_password (principal, e->password);
132 }
133 
134 int
135 cpw_entry(int argc, char **argv)
136 {
137     krb5_error_code ret;
138     int i;
139     int optind = 0;
140     struct cpw_entry_data data;
141     int num;
142 
143     data.random_key      = 0;
144     data.random_password = 0;
145     data.password        = NULL;
146 
147     args[0].value = &data.random_key;
148     args[1].value = &data.random_password;
149     args[2].value = &data.password;
150     if(getarg(args, num_args, argc, argv, &optind)){
151 	usage();
152 	return 0;
153     }
154 
155     num = 0;
156     if (data.random_key)
157 	++num;
158     if (data.random_password)
159 	++num;
160     if (data.password)
161 	++num;
162 
163     if (num > 1) {
164 	printf ("give only one of "
165 		"--random-key, --random-password, --password\n");
166 	return 0;
167     }
168 
169     argc -= optind;
170     argv += optind;
171 
172     for(i = 0; i < argc; i++)
173 	ret = foreach_principal(argv[i], do_cpw_entry, &data);
174 
175     return 0;
176 }
177 
178