1 /* 2 * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include "kpasswd_locl.h" 35 36 RCSID("$Id$"); 37 38 static unsigned 39 read_words (const char *filename, char ***ret_w) 40 { 41 unsigned n, alloc; 42 FILE *f; 43 char buf[256]; 44 char **w = NULL; 45 46 f = fopen (filename, "r"); 47 if (f == NULL) 48 err (1, "cannot open %s", filename); 49 alloc = n = 0; 50 while (fgets (buf, sizeof(buf), f) != NULL) { 51 buf[strcspn(buf, "\r\n")] = '\0'; 52 if (n >= alloc) { 53 alloc += 16; 54 w = erealloc (w, alloc * sizeof(char **)); 55 } 56 w[n++] = estrdup (buf); 57 } 58 *ret_w = w; 59 if (n == 0) 60 errx(1, "%s is an empty file, no words to try", filename); 61 fclose(f); 62 return n; 63 } 64 65 static int 66 nop_prompter (krb5_context context, 67 void *data, 68 const char *name, 69 const char *banner, 70 int num_prompts, 71 krb5_prompt prompts[]) 72 { 73 return 0; 74 } 75 76 static void 77 generate_requests (const char *filename, unsigned nreq) 78 { 79 krb5_context context; 80 krb5_error_code ret; 81 int i; 82 char **words; 83 unsigned nwords; 84 85 ret = krb5_init_context (&context); 86 if (ret) 87 errx (1, "krb5_init_context failed: %d", ret); 88 89 nwords = read_words (filename, &words); 90 91 for (i = 0; i < nreq; ++i) { 92 char *name = words[rand() % nwords]; 93 krb5_get_init_creds_opt *opt; 94 krb5_creds cred; 95 krb5_principal principal; 96 int result_code; 97 krb5_data result_code_string, result_string; 98 char *old_pwd, *new_pwd; 99 100 krb5_get_init_creds_opt_alloc (context, &opt); 101 krb5_get_init_creds_opt_set_tkt_life (opt, 300); 102 krb5_get_init_creds_opt_set_forwardable (opt, FALSE); 103 krb5_get_init_creds_opt_set_proxiable (opt, FALSE); 104 105 ret = krb5_parse_name (context, name, &principal); 106 if (ret) 107 krb5_err (context, 1, ret, "krb5_parse_name %s", name); 108 109 asprintf (&old_pwd, "%s", name); 110 asprintf (&new_pwd, "%s2", name); 111 112 ret = krb5_get_init_creds_password (context, 113 &cred, 114 principal, 115 old_pwd, 116 nop_prompter, 117 NULL, 118 0, 119 "kadmin/changepw", 120 opt); 121 if( ret == KRB5KRB_AP_ERR_BAD_INTEGRITY 122 || ret == KRB5KRB_AP_ERR_MODIFIED) { 123 char *tmp; 124 125 tmp = new_pwd; 126 new_pwd = old_pwd; 127 old_pwd = tmp; 128 129 ret = krb5_get_init_creds_password (context, 130 &cred, 131 principal, 132 old_pwd, 133 nop_prompter, 134 NULL, 135 0, 136 "kadmin/changepw", 137 opt); 138 } 139 if (ret) 140 krb5_err (context, 1, ret, "krb5_get_init_creds_password"); 141 142 krb5_free_principal (context, principal); 143 144 145 ret = krb5_set_password (context, 146 &cred, 147 new_pwd, 148 NULL, 149 &result_code, 150 &result_code_string, 151 &result_string); 152 if (ret) 153 krb5_err (context, 1, ret, "krb5_change_password"); 154 155 free (old_pwd); 156 free (new_pwd); 157 krb5_free_cred_contents (context, &cred); 158 krb5_get_init_creds_opt_free(context, opt); 159 } 160 } 161 162 static int version_flag = 0; 163 static int help_flag = 0; 164 165 static struct getargs args[] = { 166 { "version", 0, arg_flag, &version_flag }, 167 { "help", 0, arg_flag, &help_flag } 168 }; 169 170 static void 171 usage (int ret) 172 { 173 arg_printusage (args, 174 sizeof(args)/sizeof(*args), 175 NULL, 176 "file [number]"); 177 exit (ret); 178 } 179 180 int 181 main(int argc, char **argv) 182 { 183 int optind = 0; 184 int nreq; 185 char *end; 186 187 setprogname(argv[0]); 188 if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) 189 usage(1); 190 if (help_flag) 191 usage (0); 192 if (version_flag) { 193 print_version(NULL); 194 return 0; 195 } 196 argc -= optind; 197 argv += optind; 198 199 if (argc != 2) 200 usage (1); 201 srand (0); 202 nreq = strtol (argv[1], &end, 0); 203 if (argv[1] == end || *end != '\0') 204 usage (1); 205 generate_requests (argv[0], nreq); 206 return 0; 207 } 208