xref: /freebsd/crypto/heimdal/kpasswd/kpasswd-generator.c (revision 1e413cf93298b5b97441a21d9a50fdcd0ee9945e)
1 /*
2  * Copyright (c) 2000 - 2001 Kungliga Tekniska H�gskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "kpasswd_locl.h"
35 
36 RCSID("$Id: kpasswd-generator.c,v 1.5 2001/07/31 02:44:42 assar Exp $");
37 
38 static unsigned
39 read_words (const char *filename, char ***ret_w)
40 {
41     unsigned n, alloc;
42     FILE *f;
43     char buf[256];
44     char **w = NULL;
45 
46     f = fopen (filename, "r");
47     if (f == NULL)
48 	err (1, "cannot open %s", filename);
49     alloc = n = 0;
50     while (fgets (buf, sizeof(buf), f) != NULL) {
51 	if (buf[strlen (buf) - 1] == '\n')
52 	    buf[strlen (buf) - 1] = '\0';
53 	if (n >= alloc) {
54 	    alloc += 16;
55 	    w = erealloc (w, alloc * sizeof(char **));
56 	}
57 	w[n++] = estrdup (buf);
58     }
59     *ret_w = w;
60     return n;
61 }
62 
63 static int
64 nop_prompter (krb5_context context,
65 	      void *data,
66 	      const char *name,
67 	      const char *banner,
68 	      int num_prompts,
69 	      krb5_prompt prompts[])
70 {
71     return 0;
72 }
73 
74 static void
75 generate_requests (const char *filename, unsigned nreq)
76 {
77     krb5_context context;
78     krb5_error_code ret;
79     int i;
80     char **words;
81     unsigned nwords;
82 
83     ret = krb5_init_context (&context);
84     if (ret)
85 	errx (1, "krb5_init_context failed: %d", ret);
86 
87     nwords = read_words (filename, &words);
88 
89     for (i = 0; i < nreq; ++i) {
90 	char *name = words[rand() % nwords];
91 	krb5_get_init_creds_opt opt;
92 	krb5_creds cred;
93 	krb5_principal principal;
94 	int result_code;
95 	krb5_data result_code_string, result_string;
96 	char *old_pwd, *new_pwd;
97 
98 	krb5_get_init_creds_opt_init (&opt);
99 	krb5_get_init_creds_opt_set_tkt_life (&opt, 300);
100 	krb5_get_init_creds_opt_set_forwardable (&opt, FALSE);
101 	krb5_get_init_creds_opt_set_proxiable (&opt, FALSE);
102 
103 	ret = krb5_parse_name (context, name, &principal);
104 	if (ret)
105 	    krb5_err (context, 1, ret, "krb5_parse_name %s", name);
106 
107 	asprintf (&old_pwd, "%s", name);
108 	asprintf (&new_pwd, "%s2", name);
109 
110 	ret = krb5_get_init_creds_password (context,
111 					    &cred,
112 					    principal,
113 					    old_pwd,
114 					    nop_prompter,
115 					    NULL,
116 					    0,
117 					    "kadmin/changepw",
118 					    &opt);
119 	if( ret == KRB5KRB_AP_ERR_BAD_INTEGRITY
120 	    || ret == KRB5KRB_AP_ERR_MODIFIED) {
121 	    char *tmp;
122 
123 	    tmp = new_pwd;
124 	    new_pwd = old_pwd;
125 	    old_pwd = tmp;
126 
127 	    ret = krb5_get_init_creds_password (context,
128 						&cred,
129 						principal,
130 						old_pwd,
131 						nop_prompter,
132 						NULL,
133 						0,
134 						"kadmin/changepw",
135 						&opt);
136 	}
137 	if (ret)
138 	    krb5_err (context, 1, ret, "krb5_get_init_creds_password");
139 
140 	krb5_free_principal (context, principal);
141 
142 	ret = krb5_change_password (context, &cred, new_pwd,
143 				    &result_code,
144 				    &result_code_string,
145 				    &result_string);
146 	if (ret)
147 	    krb5_err (context, 1, ret, "krb5_change_password");
148 
149 	free (old_pwd);
150 	free (new_pwd);
151 	krb5_free_creds_contents (context, &cred);
152     }
153 }
154 
155 static int version_flag	= 0;
156 static int help_flag	= 0;
157 
158 static struct getargs args[] = {
159     { "version", 	0,   arg_flag, &version_flag },
160     { "help",		0,   arg_flag, &help_flag }
161 };
162 
163 static void
164 usage (int ret)
165 {
166     arg_printusage (args,
167 		    sizeof(args)/sizeof(*args),
168 		    NULL,
169 		    "file [number]");
170     exit (ret);
171 }
172 
173 int
174 main(int argc, char **argv)
175 {
176     int optind = 0;
177     int nreq;
178     char *end;
179 
180     setprogname(argv[0]);
181     if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind))
182 	usage(1);
183     if (help_flag)
184 	usage (0);
185     if (version_flag) {
186 	print_version(NULL);
187 	return 0;
188     }
189     argc -= optind;
190     argv += optind;
191 
192     if (argc != 2)
193 	usage (1);
194     srand (0);
195     nreq = strtol (argv[1], &end, 0);
196     if (argv[1] == end || *end != '\0')
197 	usage (1);
198     generate_requests (argv[0], nreq);
199     return 0;
200 }
201