diff options
| author | Theodore Tso <tytso@mit.edu> | 1996-04-12 00:34:53 +0000 |
|---|---|---|
| committer | Theodore Tso <tytso@mit.edu> | 1996-04-12 00:34:53 +0000 |
| commit | a2cba160938beca6083cca233ba2573ea8bd0d89 (patch) | |
| tree | e4af9bd6fa55faf149a530517b0841a6c022af9c /src/kadmin.old/client | |
| parent | 236b37bab8ecfdb74191aabd8b75e2dda2971749 (diff) | |
Remove the old Sandia kadmin code
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7795 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin.old/client')
| -rw-r--r-- | src/kadmin.old/client/.Sanitize | 47 | ||||
| -rw-r--r-- | src/kadmin.old/client/.cvsignore | 1 | ||||
| -rw-r--r-- | src/kadmin.old/client/ChangeLog | 75 | ||||
| -rw-r--r-- | src/kadmin.old/client/Makefile.in | 40 | ||||
| -rw-r--r-- | src/kadmin.old/client/configure.in | 9 | ||||
| -rw-r--r-- | src/kadmin.old/client/kadmin.M | 2 | ||||
| -rw-r--r-- | src/kadmin.old/client/kadmin.c | 739 | ||||
| -rw-r--r-- | src/kadmin.old/client/kadmin_add.c | 239 | ||||
| -rw-r--r-- | src/kadmin.old/client/kadmin_adr.c | 134 | ||||
| -rw-r--r-- | src/kadmin.old/client/kadmin_cpr.c | 137 | ||||
| -rw-r--r-- | src/kadmin.old/client/kadmin_cpw.c | 246 | ||||
| -rw-r--r-- | src/kadmin.old/client/kadmin_del.c | 130 | ||||
| -rw-r--r-- | src/kadmin.old/client/kadmin_done.c | 69 | ||||
| -rw-r--r-- | src/kadmin.old/client/kadmin_inq.c | 204 | ||||
| -rw-r--r-- | src/kadmin.old/client/kadmin_mod.c | 191 | ||||
| -rw-r--r-- | src/kadmin.old/client/kadmin_msnd.c | 279 |
16 files changed, 0 insertions, 2542 deletions
diff --git a/src/kadmin.old/client/.Sanitize b/src/kadmin.old/client/.Sanitize deleted file mode 100644 index 6aad222d52..0000000000 --- a/src/kadmin.old/client/.Sanitize +++ /dev/null @@ -1,47 +0,0 @@ -# Sanitize.in for Kerberos V5 - -# Each directory to survive it's way into a release will need a file -# like this one called "./.Sanitize". All keyword lines must exist, -# and must exist in the order specified by this file. Each directory -# in the tree will be processed, top down, in the following order. - -# Hash started lines like this one are comments and will be deleted -# before anything else is done. Blank lines will also be squashed -# out. - -# The lines between the "Do-first:" line and the "Things-to-keep:" -# line are executed as a /bin/sh shell script before anything else is -# done in this - -Do-first: - -# All files listed between the "Things-to-keep:" line and the -# "Files-to-sed:" line will be kept. All other files will be removed. -# Directories listed in this section will have their own Sanitize -# called. Directories not listed will be removed in their entirety -# with rm -rf. - -Things-to-keep: - -.cvsignore -ChangeLog -Makefile.in -configure -configure.in -kadmin.M -kadmin.c -kadmin_add.c -kadmin_adr.c -kadmin_cpr.c -kadmin_cpw.c -kadmin_del.c -kadmin_done.c -kadmin_inq.c -kadmin_mod.c -kadmin_msnd.c - -Things-to-lose: - -Do-last: - -# End of file. diff --git a/src/kadmin.old/client/.cvsignore b/src/kadmin.old/client/.cvsignore deleted file mode 100644 index e8c05a6b13..0000000000 --- a/src/kadmin.old/client/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -configure diff --git a/src/kadmin.old/client/ChangeLog b/src/kadmin.old/client/ChangeLog deleted file mode 100644 index 5a36b44b35..0000000000 --- a/src/kadmin.old/client/ChangeLog +++ /dev/null @@ -1,75 +0,0 @@ -Sat Oct 21 08:46:02 1995 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * Makefile.in (install): Install in ADMIN_BINDIR and not - CLIENT_BINDIR for consistency with other admin clients. - -Fri Jul 7 16:03:02 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Remove all explicit library handling and LDFLAGS. - * configure.in - Add USE_KDB5_LIBRARY and KRB5_LIBRARIES. - -Thu Jul 6 17:28:26 1995 Tom Yu <tlyu@lothlorien.MIT.EDU> - - * kadmin.c (get_first_ticket): Pass context to os_localaddr. - -Fri Jun 30 14:36:35 EDT 1995 Paul Park (pjpark@mit.edu) - * configure.in - Add --with-dbm to select between Berkeley and DBM - KDC database format. - -Wed Jun 21 10:49:32 1995 <tytso@rsx-11.mit.edu> - - * kadmin.c: Change PROTOTYPE -> KRB5_PROTOTYPE - -Tue Jun 20 19:00:32 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: switch obsolete AC_HAVE_HEADER to AC_CHECK_HEADERS. - -Tue Jun 20 12:48:06 1995 Tom Yu (tlyu@dragons-lair) - - * configure.in: add missing check for stdlib.h - -Thu Jun 15 17:49:31 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Change explicit library names to -l<lib> form, and - change target link line to use $(LD) and associated flags. - * configure.in - Add shared library usage check. - -Sat Jun 10 23:00:53 1995 Tom Yu (tlyu@dragons-lair) - - * kadmin.c, kadmin_add.c, kadmin_apr.c, kadmin_cpr.c, - kadmin_cpw.c, kadmin_del.c, kadmin_done.c, kadmin_inq.c, - kadmin_mod.c, kadmin_msnd.c: krb5_auth_context redefinitions - -Fri Jun 9 19:06:41 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Wed May 24 07:03:21 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * kadmin_del.c, kadmin_mod.c, kadmin_inq.c, kadmin_cpr.c, - kadmin_adr.c, kadmin_msnd.c, kadmin.c: Include stdlib.h or - declare malloc(), calloc() and realloc(). - -Mon May 22 09:55:54 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Install old kadmin as kadmin_old. Manpage too. - -Mon May 1 23:19:10 1995 Theodore Y. Ts'o (tytso@dcl) - - * kadmin.c (main): Fix really broken way client and client_name - were being handled. Memory was being leaked, and then - memory blocks which were allocated to small where then - overrun. - - * kadmin_add.c (kadm_add_user): Fix memory leak. - -Sat Apr 29 12:47:55 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * kadmin_done.c (kadm_done): Removed unused argument to match call - from main. - - * kadmin_cpr.c (kadm_cpw_user_rnd): Remove unsed argument to match - call from main. - - * kadmin_adr.c (kadm_add_user_rnd): Remove unused arguments to - match calling convention. - - diff --git a/src/kadmin.old/client/Makefile.in b/src/kadmin.old/client/Makefile.in deleted file mode 100644 index 7c61a7b7c4..0000000000 --- a/src/kadmin.old/client/Makefile.in +++ /dev/null @@ -1,40 +0,0 @@ -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) - -all:: - -SRCS = \ - $(srcdir)/kadmin.c \ - $(srcdir)/kadmin_add.c \ - $(srcdir)/kadmin_adr.c \ - $(srcdir)/kadmin_cpr.c \ - $(srcdir)/kadmin_inq.c \ - $(srcdir)/kadmin_msnd.c \ - $(srcdir)/kadmin_mod.c \ - $(srcdir)/kadmin_cpw.c \ - $(srcdir)/kadmin_del.c \ - $(srcdir)/kadmin_done.c - -OBJS = \ - kadmin.o \ - kadmin_add.o \ - kadmin_adr.o \ - kadmin_cpr.o \ - kadmin_inq.o \ - kadmin_msnd.o \ - kadmin_mod.o \ - kadmin_cpw.o \ - kadmin_del.o \ - kadmin_done.o - -all:: kadmin - -kadmin: $(OBJS) $(DEPLIBS) - $(LD) $(LDFLAGS) $(LDARGS) -o kadmin $(OBJS) $(LIBS) - -install:: - $(INSTALL_PROGRAM) $(C)kadmin ${DESTDIR}$(ADMIN_BINDIR)$(S)kadmin_old - $(INSTALL_DATA) $(srcdir)$(S)kadmin.M ${DESTDIR}$(ADMIN_MANDIR)$(S)kadmin_old.1 - -clean:: - $(RM) kadmin - diff --git a/src/kadmin.old/client/configure.in b/src/kadmin.old/client/configure.in deleted file mode 100644 index dd3f191927..0000000000 --- a/src/kadmin.old/client/configure.in +++ /dev/null @@ -1,9 +0,0 @@ -AC_INIT(kadmin.c) -CONFIG_RULES -AC_CHECK_HEADERS(stdlib.h) -AC_PROG_INSTALL -ET_RULES -USE_KDB5_LIBRARY -KRB5_LIBRARIES -V5_USE_SHARED_LIB -V5_AC_OUTPUT_MAKEFILE diff --git a/src/kadmin.old/client/kadmin.M b/src/kadmin.old/client/kadmin.M deleted file mode 100644 index 180a1a9589..0000000000 --- a/src/kadmin.old/client/kadmin.M +++ /dev/null @@ -1,2 +0,0 @@ -.\" this file was somehow lost -.\" but CVS deals badly with 0 length files. diff --git a/src/kadmin.old/client/kadmin.c b/src/kadmin.old/client/kadmin.c deleted file mode 100644 index 6534cc3040..0000000000 --- a/src/kadmin.old/client/kadmin.c +++ /dev/null @@ -1,739 +0,0 @@ -/* - * kadmin/client/kadmin.c - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - */ - -/* - * Sandia National Laboratories also makes no representations about the - * suitability of the modifications, or additions to this software for - * any purpose. It is provided "as is" without express or implied warranty. - */ - - -/* - * kadmin - * Perform Remote Kerberos Administrative Functions - */ - -#include <unistd.h> -#include <stdio.h> -#include <ctype.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include <signal.h> -#include <string.h> -#include <pwd.h> -#include "com_err.h" - -#ifndef MAXPATHLEN -#define MAXPATHLEN 1024 -#endif - -#include "krb5.h" -#include "adm_defs.h" - -#ifdef HAVE_STDLIB_H -#include <stdlib.h> -#else -extern char *malloc(), *calloc(), *realloc(); -#endif - -static krb5_error_code get_first_ticket - KRB5_PROTOTYPE((krb5_context, - krb5_ccache, - krb5_principal, - krb5_creds *)); - -struct sockaddr_in local_sin, remote_sin; - -char cache_name[255] = ""; - -static void get_def_princ - KRB5_PROTOTYPE((krb5_context, - krb5_principal * )); - -void decode_kadmind_reply(); -int print_status_message(); -extern char *optarg; -extern int optind; - - -void -main(argc,argv) - int argc; - char *argv[]; -{ - krb5_ccache cache = NULL; - - krb5_address local_addr, foreign_addr; - - krb5_principal client; - - char *client_name; /* Single string representation of client id */ - - krb5_data *requested_realm; - krb5_creds my_creds; - - krb5_error_code retval; /* return code */ - - int local_socket; - - krb5_error *err_ret; - krb5_ap_rep_enc_part *rep_ret; - - kadmin_requests rd_priv_resp; - - krb5_context context; - krb5_data msg_data, inbuf; - char buffer[255]; - char command_type[120]; - char princ_name[120]; - int i, valid; - int option; - int oper_type; - int nflag = 0; - int port = 0; - - krb5_auth_context new_auth_context; - krb5_replay_data replaydata; - - krb5_init_context(&context); - krb5_init_ets(context); - - while ((option = getopt(argc, argv, "c:np:")) != EOF) { - switch (option) { - case 'c': - strcpy (cache_name, optarg); - break; - case 'n': - nflag++; - break; - case 'p': - port = htons(atoi(optarg)); - break; - case '?': - default: - usage(); - break; - } - } - - if (optind < argc) { - /* Admin name specified on command line */ - client_name = (char *) malloc(755); - memset((char *) client_name, 0, sizeof(client_name)); - strcpy(client_name, argv[optind++]); - if (retval = krb5_parse_name(context, client_name, &client)) { - fprintf(stderr, "Error Parsing %s\n", client_name); - usage(); - } - } - else { - /* Admin name should be defaulted */ - get_def_princ(context, &client); - if (retval = krb5_unparse_name(context, client, &client_name)) { - fprintf(stderr, "Unable to unparse default administrator name!\n"); - usage(); - } - } - - /* At this point, both client and client_name are set up. */ - - if (!nflag) { - free(client_name); - client_name = (char *) malloc(755); - strcpy(client_name, client->data[0].data); - strncat(client_name, "/admin@", 7); - strncat(client_name, client->realm.data, client->realm.length); - krb5_free_principal(context, client); - if (retval = krb5_parse_name(context, client_name, &client)) { - fprintf(stderr, "Unable to Parse %s\n", client_name); - usage(); - } - } - - if (optind < argc) - usage(); - - /* Create credential cache for kadmin */ - if (!cache_name[0]) - (void) sprintf(cache_name, "FILE:/tmp/tkt_adm_%d", getpid()); - - if ((retval = krb5_cc_resolve(context, cache_name, &cache))) { - fprintf(stderr, "Unable to Resolve Cache: %s!\n", cache_name); - } - - if ((retval = krb5_cc_initialize(context, cache, client))) { - fprintf(stderr, "Error initializing cache: %s!\n", cache_name); - exit(1); - } - -/* - * Verify User by Obtaining Initial Credentials prior to Initial Link - */ - - if ((retval = get_first_ticket(context, cache, client, &my_creds))) { - (void) krb5_cc_destroy(context, cache); - exit(1); - } - /* my_creds has the necessary credentials for further processing: - Destroy credential cache for security reasons */ - (void) krb5_cc_destroy(context, cache); - - requested_realm = (krb5_data *) &client->realm; - - - /* Initiate Link to Server */ - if ((retval = adm5_init_link(context, requested_realm, port, - &local_socket))) { - exit(1); - } - -#ifdef unicos61 -#define SIZEOF_INADDR SIZEOF_in_addr -#else -#define SIZEOF_INADDR sizeof(struct in_addr) -#endif - -/* V4 kpasswd Protocol Hack - * Necessary for ALL kadmind clients - */ - { - int msg_length = 0; - - retval = krb5_net_write(context, local_socket, (char *) &msg_length + 2, 2); - if (retval < 0) { - fprintf(stderr, "krb5_net_write failure!\n"); - (void) krb5_cc_destroy(context, cache); - exit(1); - } - } - - local_addr.addrtype = ADDRTYPE_INET; - local_addr.length = SIZEOF_INADDR ; - local_addr.contents = (krb5_octet *) &local_sin.sin_addr; - - foreign_addr.addrtype = ADDRTYPE_INET; - foreign_addr.length = SIZEOF_INADDR ; - foreign_addr.contents = (krb5_octet *) &remote_sin.sin_addr; - - krb5_auth_con_init(context, &new_auth_context); - krb5_auth_con_setflags(context, new_auth_context, - KRB5_AUTH_CONTEXT_RET_SEQUENCE); - - krb5_auth_con_setaddrs(context, new_auth_context, - &local_addr, &foreign_addr); - - /* call Kerberos library routine to obtain an authenticator, - pass it over the socket to the server, and obtain mutual - authentication. */ - - inbuf.data = ADM5_ADM_VERSION; - inbuf.length = strlen(ADM5_ADM_VERSION); - - if ((retval = krb5_sendauth(context, &new_auth_context, - (krb5_pointer) &local_socket, - ADM_CPW_VERSION, - my_creds.client, - my_creds.server, - AP_OPTS_MUTUAL_REQUIRED, - &inbuf, - &my_creds, - 0, - &err_ret, - &rep_ret, - NULL))) { - fprintf(stderr, "Error while performing sendauth: %s!\n", - error_message(retval)); - exit(1); - } - - /* Read back what the server has to say ... */ - if (retval = krb5_read_message(context, &local_socket, &inbuf)){ - fprintf(stderr, " Read Message Error: %s!\n", - error_message(retval)); - exit(1); - } - - if ((inbuf.length != 2) || (inbuf.data[0] != KADMIND) || - (inbuf.data[1] != KADMSAG)){ - fprintf(stderr, " Invalid ack from admin server.!\n"); - exit(1); - } - free(inbuf.data); - - if ((inbuf.data = (char *) calloc(1, 2)) == (char *) 0) { - fprintf(stderr, "No memory for command!\n"); - exit(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = 0xff; - inbuf.length = 2; - - if ((retval = krb5_mk_priv(context, new_auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during First Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - exit(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, &local_socket, &msg_data)){ - fprintf(stderr, "Write Error During First Message Transmission!\n"); - exit(1); - } - free(msg_data.data); - - for ( ; ; ) { - /* Ok Now let's get the private message */ - if (retval = krb5_read_message(context, &local_socket, &inbuf)){ - fprintf(stderr, "Read Error During First Reply: %s!\n", - error_message(retval)); - exit(1); - } - - if ((retval = krb5_rd_priv(context, new_auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during First Read Decoding: %s!\n", - error_message(retval)); - exit(1); - } - free(inbuf.data); - free(msg_data.data); - - valid = 0; - princ_name[0] = '\0'; -repeat: - printf("\n\nCommand (add, cpw, del, inq, mod, addrnd, cpwrnd, addv4, cpwv4, q): "); - fgets(buffer, sizeof(buffer), stdin); - buffer[strlen(buffer) -1] = '\0'; - sscanf(buffer,"%s %s", command_type, princ_name); - for (i = 0; command_type[i] != '\0'; i++) - if (isupper(command_type[i])) - command_type[i] = tolower(command_type[i]); - - if (!strcmp(command_type, "add")) { - valid++; - oper_type = ADDOPER; - if (retval = kadm_add_user(context, new_auth_context, &my_creds, - &local_socket, oper_type, princ_name)) - break; - } - if (!strcmp(command_type, "cpw")) { - valid++; - oper_type = CHGOPER; - if (retval = kadm_cpw_user(context, new_auth_context, &my_creds, - &local_socket, oper_type, princ_name)) - break; - } - if (!strcmp(command_type, "addrnd")) { - valid++; - if (retval = kadm_add_user_rnd(context, new_auth_context, &my_creds, - &local_socket, princ_name)) - break; - } - if (!strcmp(command_type, "cpwrnd")) { - valid++; - if (retval = kadm_cpw_user_rnd(context, new_auth_context, &my_creds, - &local_socket, princ_name)) - break; - } - if (!strcmp(command_type, "del")) { - valid++; - if (retval = kadm_del_user(context, new_auth_context, &my_creds, - &local_socket, princ_name)) - break; - } - if (!strcmp(command_type, "inq")) { - valid++; - if (retval = kadm_inq_user(context, new_auth_context, &my_creds, - &local_socket, princ_name)) - break; - } - if (!strcmp(command_type, "mod")) { - valid++; - if (retval = kadm_mod_user(context, new_auth_context, &my_creds, - &local_socket, princ_name)) - break; - } - if (!strcmp(command_type, "addv4")) { - valid++; - oper_type = AD4OPER; - if (retval = kadm_add_user(context, new_auth_context, &my_creds, - &local_socket, oper_type, princ_name)) - break; - } - if (!strcmp(command_type, "cpwv4")) { - valid++; - oper_type = CH4OPER; - if (retval = kadm_cpw_user(context, new_auth_context, &my_creds, - &local_socket, oper_type, princ_name)) - break; - } - if (!strcmp(command_type, "q")) { - valid++; - retval = kadm_done(context, new_auth_context, &my_creds, - &local_socket); - break; - } - - if (!valid) { - fprintf(stderr, "Invalid Input - Retry\n"); - goto repeat; - } - } - - if (retval) { - exit(1); - } - - /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(context, &local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Final Reply: %s!\n", - error_message(retval)); - exit(1); - } - - if ((retval = krb5_rd_priv(context, new_auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Final Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - exit(1); - } - free(inbuf.data); - - decode_kadmind_reply(msg_data, &rd_priv_resp); - free(msg_data.data); - - if (!((rd_priv_resp.appl_code == KADMIN) && - (rd_priv_resp.retn_code == KADMGOOD))) { - if (rd_priv_resp.message) - fprintf(stderr, "%s\n", rd_priv_resp.message); - else - fprintf(stderr, "Generic Error During kadmin Termination!\n"); - retval = 1; - } else { - fprintf(stderr, "\nHave a Good Day.\n\n"); - } - - if (rd_priv_resp.message) - free(rd_priv_resp.message); - - krb5_free_principal(context, client); - - exit(retval); -} - -static krb5_error_code -get_first_ticket(context, cache, client, my_creds) - krb5_context context; - krb5_ccache cache; - krb5_principal client; - krb5_creds * my_creds; -{ - char prompt[255]; /* for the password prompt */ - - krb5_address **my_addresses; - - char *client_name; - krb5_error_code retval; - char *password; - int pwsize; - int i; - - if ((retval = krb5_unparse_name(context, client, &client_name))) { - fprintf(stderr, "Unable to Unparse Client Name!\n"); - return(1); - } - - if ((retval = krb5_os_localaddr(context, &my_addresses))) { - free(client_name); - fprintf(stderr, "Unable to Get Principals Address!\n"); - return(1); - } - - memset((char *) my_creds, 0, sizeof(krb5_creds)); - - my_creds->client = client; - - if ((retval = krb5_build_principal_ext(context, &my_creds->server, - client->realm.length, - client->realm.data, - strlen(CPWNAME), - CPWNAME, /* kadmin */ - client->realm.length, - client->realm.data, - /* instance is <realm> */ - 0))) { - fprintf(stderr, "Error %s while building client name!\n", - error_message(retval)); - krb5_free_addresses(context, my_addresses); - free(client_name); - return(1); - } - - (void) sprintf(prompt,"Password for %s: ", (char *) client_name); - - if ((password = (char *) calloc (1, 255)) == NULL) { - fprintf(stderr, "No Memory for Retrieving Admin Password!\n"); - free(client_name); - return(1); - } - - pwsize = 255; - if ((retval = krb5_read_password(context, - prompt, - 0, - password, - &pwsize) || pwsize == 0)) { - fprintf(stderr, "Error while reading password for '%s'!\n", - client_name); - free(password); - krb5_free_addresses(context, my_addresses); - free(client_name); - return(1); - } - - /* Build Request for Initial Credentials */ - retval = krb5_get_in_tkt_with_password(context, 0, /* options */ - my_addresses, - NULL, /* Default encryption list */ - NULL, /* Default preauth list */ - password, cache, my_creds, 0); - - /* Do NOT Forget to zap password */ - memset((char *) password, 0, pwsize); - free(password); - krb5_free_addresses(context, my_addresses); - free(client_name); - - if (retval) { - fprintf(stderr, "\nUnable to Get Initial Credentials: %s!\n", - error_message(retval)); - return(1); - } - - return(0); -} - -krb5_error_code -adm5_init_link(context, realm_of_server, port, local_socket) - krb5_context context; - krb5_data *realm_of_server; - int port; - int * local_socket; -{ - struct servent *service_process; /* service we will talk to */ - struct hostent *remote_host; /* host we will talk to */ - char **hostlist; - int namelen; - int i; - - krb5_error_code retval; - - /* clear out the structure first */ - (void) memset((char *)&remote_sin, 0, sizeof(remote_sin)); - - if (port != 0) { - remote_sin.sin_port = port; - } else { - if ((service_process = getservbyname(CPW_SNAME, "tcp")) == NULL) { - fprintf(stderr, "Unable to find Service (%s) Check services file!\n", - CPW_SNAME); - return(1); - } - - /* Copy the Port Number */ - remote_sin.sin_port = service_process->s_port; - } - - hostlist = 0; - - /* Identify all Hosts Associated with this Realm */ - if ((retval = krb5_get_krbhst (context, realm_of_server, &hostlist))) { - fprintf(stderr, "krb5_get_krbhst: Unable to Determine Server Name!\n"); - return(retval); - } - - if (hostlist[0] == 0) { - fprintf(stderr, "No hosts found!\n"); - return KRB5_REALM_UNKNOWN; - } - - for (i=0; hostlist[i]; i++) { - remote_host = gethostbyname(hostlist[i]); - if (remote_host != 0) { - - /* set up the address of the foreign socket for connect() */ - remote_sin.sin_family = remote_host->h_addrtype; - (void) memcpy((char *) &remote_sin.sin_addr, - (char *) remote_host->h_addr, - sizeof(remote_host->h_addr)); - break; /* Only Need one */ - } - } - - krb5_free_krbhst(context, hostlist); - - /* open a TCP socket */ - *local_socket = socket(PF_INET, SOCK_STREAM, 0); - if (*local_socket < 0) { - retval = errno; - fprintf(stderr, "Cannot Open Socket!\n"); - return retval; - } - /* connect to the server */ - if (connect(*local_socket, (struct sockaddr *) &remote_sin, sizeof(remote_sin)) < 0) { - retval = errno; - fprintf(stderr, "Cannot Connect to Socket!\n"); - close(*local_socket); - return retval; - } - - /* find out who I am, now that we are connected and therefore bound */ - namelen = sizeof(local_sin); - if (getsockname(*local_socket, - (struct sockaddr *) &local_sin, &namelen) < 0) { - retval = errno; - fprintf(stderr, "Cannot Perform getsockname!\n"); - close(*local_socket); - return retval; - } - return 0; -} - -static void -get_def_princ(context, client) - krb5_context context; - krb5_principal *client; -{ - krb5_ccache cache = NULL; - struct passwd *pw; - int retval; - char client_name[755]; - krb5_flags cc_flags; - - /* Identify Default Credentials Cache */ - if (retval = krb5_cc_default(context, &cache)) { - fprintf(stderr, "Error while getting default ccache!\n"); - exit(1); - } - - /* - * Attempt to Modify Credentials Cache - * retval == 0 ==> ccache Exists - Use It - * retval == ENOENT ==> No Entries, but ccache Exists - * retval != 0 ==> Assume ccache does NOT Exist - */ - cc_flags = 0; - if (retval = krb5_cc_set_flags(context, cache, cc_flags)) { - /* Search passwd file for client */ - pw = getpwuid((int) getuid()); - if (pw) { - (void) strcpy(client_name, pw->pw_name); - if (!strncmp("root", client_name, strlen(client_name))) { - fprintf(stderr, - "root is not a valid Adimnistrator\n!\n"); - usage(); - } - } else { - fprintf(stderr, - "Unable to Identify Principal from Password File!\n"); - retval = 1; - usage(); - } - - /* Use this to get default_realm and format client_name */ - if ((retval = krb5_parse_name(context, client_name, client))) { - fprintf(stderr, "Unable to Parse Client Name!\n"); - usage(); - } - } else { - /* Read Client from Cache */ - if (retval = krb5_cc_get_principal(context, cache, client)) { - fprintf(stderr, - "Unable to Read Principal Credentials File!\n"); - exit(1); - } - - if (!strncmp("root", (*client)->data[0].data, - (*client)->data[0].length)) { - fprintf(stderr, "root is not a valid Administrator\n!\n"); - usage(); - } - } - (void) krb5_cc_close(context, cache); -} - -usage() -{ - fprintf(stderr, "Usage: "); - fprintf(stderr, "kadmin [-n] [-p port] [Administrator name]\n\n"); - fprintf(stderr, " If an Administrator name is not supplied, kadmin "); - fprintf(stderr, "will first\n attempt to locate the name from "); - fprintf(stderr, "the default ticket file, then\n by using the "); - fprintf(stderr, "username from the 'passwd' file.\n\n"); - fprintf(stderr, " For Cross Realm Obtain a ticket for 'Administrator "); - fprintf(stderr, "name' in the\n Destination realm or "); - fprintf(stderr, "specify the Destination Realm\n as part of the "); - fprintf(stderr, "Administrator name option.\n\n"); - fprintf(stderr, " Note: If the Administrator Name is not "); - fprintf(stderr, "supplied, then the \n"); - fprintf(stderr, " '/admin' instance will be appended to the "); - fprintf(stderr, "default name unless\n"); - fprintf(stderr, " the -n option is used.\n\n"); - exit(0); -} - -void decode_kadmind_reply(data, response) - krb5_data data; - kadmin_requests *response; -{ - response->appl_code = data.data[0]; - response->oper_code = data.data[1]; - response->retn_code = data.data[2]; - if (data.length > 3 && data.data[3]) { - response->message = (char *)malloc(data.length - 2); - if (response->message) { - memcpy(response->message, data.data + 3, data.length - 3); - response->message[data.length - 3] = 0; - } - } else - response->message = NULL; - - return; -} - -int print_status_message(response, success_msg) - kadmin_requests *response; - char *success_msg; -{ - int retval = 1; - - if (response->appl_code == KADMIN) { - if (response->retn_code == KADMGOOD) { - fprintf(stderr, "%s\n", success_msg); - retval = 0; - } else if (response->retn_code == KADMBAD) - fprintf(stderr, "%s\n", response->message); - else - fprintf(stderr, "ERROR: unknown return code from server.\n"); - } else - fprintf(stderr, "ERROR: unknown application code from server.\n"); - - if (response->message) - free(response->message); - - return retval; -} diff --git a/src/kadmin.old/client/kadmin_add.c b/src/kadmin.old/client/kadmin_add.c deleted file mode 100644 index 083f621665..0000000000 --- a/src/kadmin.old/client/kadmin_add.c +++ /dev/null @@ -1,239 +0,0 @@ -/* - * kadmin/client/kadmin_add.c - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - */ - -/* - * Sandia National Laboratories also makes no representations about the - * suitability of the modifications, or additions to this software for - * any purpose. It is provided "as is" without express or implied warranty. - */ - - -/* - * kadmin_add - * Perform Remote Kerberos Administrative Functions - */ - -#include <stdio.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include <string.h> -#include "com_err.h" - -#include <sys/param.h> - -#include "k5-int.h" -#include "adm_defs.h" - -void decode_kadmind_reply(); -int print_status_message(); - -krb5_error_code -kadm_add_user(context, auth_context, my_creds, local_socket, - oper_type, principal) - krb5_context context; - krb5_auth_context auth_context; - krb5_creds * my_creds; - int * local_socket; - int oper_type; - char * principal; -{ - krb5_data msg_data, inbuf; - kadmin_requests rd_priv_resp; - char username[255]; - char *password; - int pwsize; - int count; - krb5_replay_data replaydata; - krb5_error_code retval; /* return code */ - - if ((inbuf.data = (char *) calloc(1, 3 + sizeof(username))) == (char *) 0) { - fprintf(stderr, "No memory for command!\n"); - return(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = oper_type; - inbuf.data[2] = SENDDATA2; - - if (principal && principal[0] != '\0') - strcpy(username, principal); - else { - count = 0; - do { - fprintf(stdout, "\nName of Principal to be Added: "); - fgets(username, sizeof(username), stdin); - if (username[0] == '\n') - fprintf(stderr, "Invalid Principal name!\n"); - count++; - } while (username[0] == '\n' && count < 3); - - if (username[0] == '\n') { - fprintf(stderr, "Aborting!!\n\n"); - return(1); - } - - username[strlen(username) -1] = '\0'; - } - - (void) memcpy( inbuf.data + 3, username, strlen(username)); - inbuf.length = strlen(username) + 3; - - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)){ - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - - free(msg_data.data); - - if (retval = krb5_read_message(context, local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Second Reply: %s!\n", - error_message(retval)); - return(1); - } - - if (retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata)) { - fprintf(stderr, "Error during Second Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - if (msg_data.data[2] == KADMBAD) { - decode_kadmind_reply(msg_data, &rd_priv_resp); - - if (rd_priv_resp.message) { - fprintf(stderr, "%s\n\n", rd_priv_resp.message); - free(rd_priv_resp.message); - } else - fprintf(stderr, "Generic error from server.\n\n"); - free(msg_data.data); - return(0); - } - -#ifdef MACH_PASS - pwsize = msg_data.length; - if ((password = (char *) calloc (1, pwsize)) == (char *) 0) { - fprintf(stderr, "No Memory for allocation of password!\n"); - retval = 1; - free(msg_data.data); - return(1); - } - - memcpy(password, msg_data.data, pwsize); - memset(msg_data.data, 0, pwsize); - password[pwsize] = '\0'; - fprintf(stdout, "\nPassword for \"%s\" is \"%s\"\n", username, password); - memset(password, 0, pwsize); - free(password); - fprintf(stdout, "\nThis password can only be used to execute kpasswd\n\n"); - - free(msg_data.data); - - if ((inbuf.data = (char *) calloc(1, 2)) == (char *) 0) { - fprintf(stderr, "No memory for command!\n"); - return(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = KADMGOOD; - inbuf.length = 2; - -#else - - free(msg_data.data); - - if ((password = (char *) calloc (1, ADM_MAX_PW_LENGTH+1)) == (char *) 0) { - fprintf(stderr, "No Memory for allocation of password!\n"); - return(1); - } - - pwsize = ADM_MAX_PW_LENGTH+1; - - putchar('\n'); - if (retval = krb5_read_password(context, - DEFAULT_PWD_STRING1, - DEFAULT_PWD_STRING2, - password, - &pwsize)) { - fprintf(stderr, "Error while reading new password for %s: %s!\n", - username, error_message(retval)); - (void) memset((char *) password, 0, ADM_MAX_PW_LENGTH+1); - free(password); - return(1); - } - - if ((inbuf.data = (char *) calloc(1, strlen(password) + 1)) == (char *) 0) { - fprintf(stderr, "No Memory for allocation of buffer!\n"); - (void) memset((char *) password, 0, ADM_MAX_PW_LENGTH+1); - free(password); - return(1); - } - - inbuf.length = strlen(password); - (void) memcpy(inbuf.data, password, strlen(password)); - free(password); - -#endif /* MACH_PASS */ - - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)){ - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - free(msg_data.data); - - /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(context, local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Final Reply: %s!\n", - error_message(retval)); - retval = 1; - } - - if ((retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Final Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - decode_kadmind_reply(msg_data, &rd_priv_resp); - - free(msg_data.data); - - retval = print_status_message(&rd_priv_resp, - "Database Addition Successful."); - - return(retval); -} diff --git a/src/kadmin.old/client/kadmin_adr.c b/src/kadmin.old/client/kadmin_adr.c deleted file mode 100644 index db4927594a..0000000000 --- a/src/kadmin.old/client/kadmin_adr.c +++ /dev/null @@ -1,134 +0,0 @@ -/* - * kadmin/client/kadmin_adr.c - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - */ - -/* - * Sandia National Laboratories also makes no representations about the - * suitability of the modifications, or additions to this software for - * any purpose. It is provided "as is" without express or implied warranty. - */ - - -/* - * kadmin_adr - * Perform Remote Kerberos Administrative Functions - */ - -#include <stdio.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include <string.h> -#include <com_err.h> - -#include <sys/param.h> - -#include <krb5.h> -#include "adm_defs.h" - -#ifdef HAVE_STDLIB_H -#include <stdlib.h> -#else -extern char *malloc(), *calloc(), *realloc(); -#endif - -void decode_kadmind_reply(); -int print_status_message(); - -krb5_error_code -kadm_add_user_rnd(context, auth_context, my_creds, - local_socket, principal) - krb5_context context; - krb5_auth_context auth_context; - int *local_socket; - char *principal; -{ - krb5_data msg_data, inbuf; - kadmin_requests rd_priv_resp; - char username[755]; - int count; - krb5_replay_data replaydata; - krb5_error_code retval; /* return code */ - - if ((inbuf.data = (char *) calloc(1, 3 + sizeof(username))) == (char *) 0) { - fprintf(stderr, "No memory for command!\n"); - return(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = ADROPER; - inbuf.data[2] = SENDDATA2; - - if (principal && principal[0] != '\0') - strcpy(username, principal); - else { - count = 0; - do { - fprintf(stdout, "\nName of Principal to be Added: "); - fgets(username, sizeof(username), stdin); - if (username[0] == '\n') - fprintf(stderr, "Invalid Principal name!\n"); - count++; - } - while (username[0] == '\n' && count < 3); - - if (username[0] == '\n') { - fprintf(stderr, "Aborting!!\n\n"); - return(1); - } - username[strlen(username) -1] = '\0'; - } - - - (void) memcpy( inbuf.data + 3, username, strlen(username)); - inbuf.length = strlen(username) + 3; - - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)){ - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - - free(msg_data.data); - - /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(context, local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Final Reply: %s!\n", - error_message(retval)); - retval = 1; - } - - if ((retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Final Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - - decode_kadmind_reply(msg_data, &rd_priv_resp); - - free(inbuf.data); - free(msg_data.data); - - retval = print_status_message(&rd_priv_resp, - "Database Addition Successful."); - - return(retval); -} diff --git a/src/kadmin.old/client/kadmin_cpr.c b/src/kadmin.old/client/kadmin_cpr.c deleted file mode 100644 index a3421a8015..0000000000 --- a/src/kadmin.old/client/kadmin_cpr.c +++ /dev/null @@ -1,137 +0,0 @@ -/* - * kadmin/client/kadmin_cpr.c - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - */ - -/* - * Sandia National Laboratories also makes no representations about the - * suitability of the modifications, or additions to this software for - * any purpose. It is provided "as is" without express or implied warranty. - */ - - -/* - * kadmin_cpr - * Perform Remote Kerberos Administrative Functions - */ - -#include <stdio.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include <signal.h> -#include <string.h> -#include <com_err.h> - -#include <sys/param.h> - -#include <krb5.h> -#include "adm_defs.h" - -#ifdef HAVE_STDLIB_H -#include <stdlib.h> -#else -extern char *malloc(), *calloc(), *realloc(); -#endif - -void decode_kadmind_reply(); -int print_status_message(); - -krb5_error_code -kadm_cpw_user_rnd(context, auth_context, my_creds, - local_socket, principal) - krb5_context context; - krb5_auth_context auth_context; - int *local_socket; - char *principal; -{ - krb5_data msg_data, inbuf; - kadmin_requests rd_priv_resp; - char username[755]; - int count; - krb5_replay_data replaydata; - krb5_error_code retval; /* return code */ - - if ((inbuf.data = (char *) calloc(1, 3 + sizeof(username))) == (char *) 0) { fprintf(stderr, "No memory for command!\n"); - exit(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = CHROPER; - inbuf.data[2] = SENDDATA2; - - if (principal && principal[0] != '\0') - strcpy(username, principal); - else { - count = 0; - do { - fprintf(stdout, - "\nName of Principal Whose Password is to Change: "); - fgets(username, sizeof(username), stdin); - if (username[0] == '\n') - fprintf(stderr, "Invalid Principal name!\n"); - count++; - } - while (username[0] == '\n' && count < 3); - - if (username[0] == '\n') { - fprintf(stderr, "Aborting!!\n\n"); - return(1); - } - username[strlen(username) -1] = '\0'; - } - - (void) memcpy( inbuf.data + 3, username, strlen(username)); - inbuf.length = strlen(username) + 3; - - /* Transmit Principal Name */ - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)){ - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - free(msg_data.data); - - /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(context, local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Final Reply: %s!\n", - error_message(retval)); - retval = 1; - } - - if ((retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Final Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - decode_kadmind_reply(msg_data, &rd_priv_resp); - - free(inbuf.data); - free(msg_data.data); - - print_status_message(&rd_priv_resp, - "Password Modification Successful."); - - return(0); -} - - diff --git a/src/kadmin.old/client/kadmin_cpw.c b/src/kadmin.old/client/kadmin_cpw.c deleted file mode 100644 index 768d49cee9..0000000000 --- a/src/kadmin.old/client/kadmin_cpw.c +++ /dev/null @@ -1,246 +0,0 @@ -/* - * kadmin/client/kadmin_cpw.c - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - */ - -/* - * Sandia National Laboratories also makes no representations about the - * suitability of the modifications, or additions to this software for - * any purpose. It is provided "as is" without express or implied warranty. - */ - - -/* - * kadmin_cpw - * Perform Remote Kerberos Administrative Functions - */ - -#include <stdio.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include <signal.h> -#include <string.h> -#include <com_err.h> - -#include <sys/param.h> - -#include <k5-int.h> -#include "adm_defs.h" - -void decode_kadmind_reply(); -int print_status_message(); - -krb5_error_code -kadm_cpw_user(context, auth_context, my_creds, - local_socket, oper_type, principal) - krb5_context context; - krb5_auth_context auth_context; - int *local_socket; - int oper_type; - char *principal; -{ - krb5_data msg_data, inbuf; - kadmin_requests rd_priv_resp; - char username[255]; - char *password; - int pwsize; - int count; - krb5_replay_data replaydata; - krb5_error_code retval; /* return code */ - - if ((inbuf.data = (char *) calloc(1, 3 + sizeof(username))) == (char *) 0) { fprintf(stderr, "No memory for command!\n"); - exit(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = oper_type; - inbuf.data[2] = SENDDATA2; - - if (principal && principal[0] != '\0') - strcpy(username, principal); - else { - count = 0; - do { - fprintf(stdout, - "\nName of Principal Whose Password is to Change: "); - fgets(username, sizeof(username), stdin); - if (username[0] == '\n') - fprintf(stderr, "Invalid Principal name!\n"); - count++; - } - while (username[0] == '\n' && count < 3); - - if (username[0] == '\n') { - fprintf(stderr, "Aborting!!\n\n"); - return(1); - } - - username[strlen(username) -1] = '\0'; - } - - (void) memcpy( inbuf.data + 3, username, strlen(username)); - inbuf.length = strlen(username) + 3; - - /* Transmit Principal Name */ - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)){ - free(msg_data.data); - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - free(msg_data.data); - - if (retval = krb5_read_message(context, local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Second Reply: %s!\n", - error_message(retval)); - return(1); - } - - if ((retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - if (msg_data.data[2] == KADMBAD) { - decode_kadmind_reply(msg_data, &rd_priv_resp); - - if (rd_priv_resp.message) { - fprintf(stderr, "%s\n\n", rd_priv_resp.message); - free(rd_priv_resp.message); - } else - fprintf(stderr, "Generic error from server.\n\n"); - memset(msg_data.data, 0, msg_data.length); - free(msg_data.data); - return(0); - } - - if ((oper_type == CHGOPER && msg_data.data[3] == KRB5_KDB_SALTTYPE_V4) || - (oper_type == CH4OPER && msg_data.data[3] == KRB5_KDB_SALTTYPE_NORMAL)) - fprintf(stderr, "WARNING: Changing Principal Salt type to %s!\n", - (msg_data.data[3] == KRB5_KDB_SALTTYPE_V4) ? - "Version 5 Normal" : "Version 4"); - -#ifdef MACH_PASS /* Machine-generated passwords */ - pwsize = msg_data.length; - if ((password = (char *) calloc (1, pwsize)) == (char *) 0) { - fprintf(stderr, "No Memory for allocation of password!\n"); - memset(msg_data.data, 0, msg_data.length); - free(msg_data.data); - return(1); - } - - memcpy(password, msg_data.data, pwsize); - memset(msg_data.data, 0, pwsize); - free(msg_data.data); - password[pwsize] = '\0'; - fprintf(stdout, "\nPassword for \"%s\" is \"%s\"\n", username, password); - memset(password, 0, pwsize); - free(password); - fprintf(stdout, "\nThis password can only be used to execute kpasswd\n\n"); - - if ((inbuf.data = (char *) calloc(1, 2)) == (char *) 0) { - fprintf(stderr, "No memory for command!\n"); - return(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = KADMGOOD; - inbuf.length = 2; - -#else - - if ((password = (char *) calloc (1, ADM_MAX_PW_LENGTH+1)) == (char *) 0) { - fprintf(stderr, "No Memory for allocation of password!\n"); - return(1); - } - - pwsize = ADM_MAX_PW_LENGTH+1; - - putchar('\n'); - if ((retval = krb5_read_password(context, - DEFAULT_PWD_STRING1, - DEFAULT_PWD_STRING2, - password, - &pwsize))) { - fprintf(stderr, "Error while reading new password for %s: %s!\n", - username, error_message(retval)); - (void) memset((char *) password, 0, ADM_MAX_PW_LENGTH+1); - free(password); - return(1); - } - - if ((inbuf.data = (char *) calloc (1, strlen(password) + 1)) == - (char *) 0) { - fprintf(stderr, "No Memory for allocation of buffer!\n"); - (void) memset((char *) password, 0, ADM_MAX_PW_LENGTH+1); - free(password); - return(1); /* No Memory */ - } - - inbuf.length = strlen(password); - (void) memcpy(inbuf.data, password, strlen(password)); - free(password); - -#endif /* MACH_PASS */ - - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)){ - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - free(msg_data.data); - - /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(context, local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Final Reply: %s!\n", - error_message(retval)); - retval = 1; - } - - if ((retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Final Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - - decode_kadmind_reply(msg_data, &rd_priv_resp); - - free(inbuf.data); - free(msg_data.data); - - print_status_message(&rd_priv_resp, - "Password Modification Successful."); - - return(0); -} diff --git a/src/kadmin.old/client/kadmin_del.c b/src/kadmin.old/client/kadmin_del.c deleted file mode 100644 index 25f362eb7b..0000000000 --- a/src/kadmin.old/client/kadmin_del.c +++ /dev/null @@ -1,130 +0,0 @@ -/* - * kadmin/client/kadmin_del.c - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - */ - -/* - * Sandia National Laboratories also makes no representations about the - * suitability of the modifications, or additions to this software for - * any purpose. It is provided "as is" without express or implied warranty. - */ - - -/* - * kadmin_del - * Perform Remote Kerberos Administrative Functions - */ - -#include <stdio.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include <string.h> -#include <com_err.h> - -#include <krb5.h> -#include "adm_defs.h" - -#ifdef HAVE_STDLIB_H -#include <stdlib.h> -#else -extern char *malloc(), *calloc(), *realloc(); -#endif - -void decode_kadmind_reply(); -int print_status_message(); - -krb5_error_code -kadm_del_user(context, auth_context, my_creds, local_socket, principal) - krb5_context context; - krb5_auth_context auth_context; - int *local_socket; - char *principal; -{ - krb5_data msg_data, inbuf; - kadmin_requests rd_priv_resp; - char username[755]; - int count; - krb5_replay_data replaydata; - krb5_error_code retval; /* return code */ - - if ((inbuf.data = (char *) calloc(1, 3 + sizeof(username))) == (char *) 0) { - fprintf(stderr, "No memory for command!\n"); - return(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = DELOPER; - inbuf.data[2] = SENDDATA2; - - if (principal && principal[0] != '\0') - strcpy(username, principal); - else { - count = 0; - do { - fprintf(stdout, "\nName of Principal to be Deleted: "); - fgets(username, sizeof(username), stdin); - if (username[0] == '\n') - fprintf(stderr, "Invalid Principal name!\n"); - count++; - } - while (username[0] == '\n' && count < 3); - - if (username[0] == '\n') { - fprintf(stderr, "Aborting!!\n\n"); - return(1); - } - - username[strlen(username) -1] = '\0'; - } - - (void) memcpy( inbuf.data + 3, username, strlen(username)); - inbuf.length = strlen(username) + 3; - - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)){ - free(msg_data.data); - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - free(msg_data.data); - - /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(context, local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Final Reply: %s!\n", - error_message(retval)); - return(1); - } - - if ((retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Decoding :%s!\n", - error_message(retval)); - return(1); - } - - decode_kadmind_reply(msg_data, &rd_priv_resp); - - free(inbuf.data); - free(msg_data.data); - - print_status_message(&rd_priv_resp, - "Database Deletion Successful."); - - return(0); -} diff --git a/src/kadmin.old/client/kadmin_done.c b/src/kadmin.old/client/kadmin_done.c deleted file mode 100644 index 07d38909d5..0000000000 --- a/src/kadmin.old/client/kadmin_done.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * kadmin/client/kadmin_done.c - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - */ - -/* - * Sandia National Laboratories also makes no representations about the - * suitability of the modifications, or additions to this software for - * any purpose. It is provided "as is" without express or implied warranty. - */ - - -/* - * kadmin_done - * Perform Remote Kerberos Administrative Functions - */ - -#include <stdio.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include <string.h> -#include <com_err.h> - -#include <krb5.h> -#include "adm_defs.h" - -krb5_error_code -kadm_done(context, auth_context, my_creds, local_socket) - krb5_context context; - krb5_auth_context auth_context; - int *local_socket; -{ - krb5_replay_data replaydata; - krb5_data msg_data, inbuf; - krb5_error_code retval; /* return code */ - char buf[16]; - - inbuf.data = buf; - - inbuf.data[0] = KADMIN; - inbuf.data[1] = COMPLETE; - inbuf.data[2] = SENDDATA2; - inbuf.data[3] = 0xff; - (void) memset( inbuf.data + 4, 0, 4); - inbuf.length = 16; - - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - return(1); - } - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)) { - free(msg_data.data); - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - free(msg_data.data); - return(0); -} diff --git a/src/kadmin.old/client/kadmin_inq.c b/src/kadmin.old/client/kadmin_inq.c deleted file mode 100644 index 4802de4577..0000000000 --- a/src/kadmin.old/client/kadmin_inq.c +++ /dev/null @@ -1,204 +0,0 @@ -/* - * kadmin/client/kadmin_inq.c - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - */ - -/* - * Sandia National Laboratories also makes no representations about the - * suitability of the modifications, or additions to this software for - * any purpose. It is provided "as is" without express or implied warranty. - */ - - -/* - * kadmin_inq - * Perform Remote Kerberos Administrative Functions - */ - -#include <stdio.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include <signal.h> -#include <string.h> -#include <com_err.h> - -#include <krb5.h> -#include "adm_defs.h" - -#ifdef HAVE_STDLIB_H -#include <stdlib.h> -#else -extern char *malloc(), *calloc(), *realloc(); -#endif - -void decode_kadmind_reply(); -int print_status_message(); - -krb5_error_code -kadm_inq_user(context, auth_context, my_creds, local_socket, principal) - krb5_context context; - krb5_auth_context auth_context; - int *local_socket; - char *principal; -{ - krb5_replay_data replaydata; - krb5_data msg_data, inbuf; - kadmin_requests rd_priv_resp; - char username[755]; - int count; - krb5_error_code retval; /* return code */ - char *my_data; - - if ((inbuf.data = (char *) calloc(1, 3 + sizeof(username))) == (char *) 0) { - fprintf(stderr, "No memory for command!\n"); - return(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = INQOPER; - inbuf.data[2] = SENDDATA2; - - if (principal && principal[0] != '\0') - strcpy(username, principal); - else { - count = 0; - do { - fprintf(stdout, "\nName of Principal to be Displayed: "); - fgets(username, sizeof(username), stdin); - if (username[0] == '\n') - fprintf(stderr, "Invalid Principal name!\n"); - count++; - } - while (username[0] == '\n' && count < 3); - - if (username[0] == '\n') { - fprintf(stderr, "Aborting!!\n\n"); - return(1); - } - - username[strlen(username) -1] = '\0'; - } - - (void) memcpy( inbuf.data + 3, username, strlen(username)); - inbuf.length = strlen(username) + 3; - - if (retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata)) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)){ - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - free(msg_data.data); - - /* Ok Now let's get the private message */ - if ((retval = krb5_read_message(context, local_socket, &inbuf))){ - fprintf(stderr, "Read Error During Second Reply: %s!\n", - error_message(retval)); - return(1); - } - - if (retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata)) { - fprintf(stderr, "Error during Second Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - if (!msg_data.data) { - fprintf(stderr, "kadm_inq_user: Error - empty message received!\n\n"); - return(0); - } - - if (msg_data.data[2] == KADMBAD) { - decode_kadmind_reply(msg_data, &rd_priv_resp); - - if (rd_priv_resp.message) { - fprintf(stderr, "%s\n\n", rd_priv_resp.message); - free(rd_priv_resp.message); - } else - fprintf(stderr, "Generic error from server.\n\n"); - return(0); - } - - my_data = (char *)malloc(msg_data.length + 1); - if (!my_data) { - fprintf(stderr, "kadmin_inq: Couldn't allocate space for my_data!\n"); - exit(1); - } - memcpy(my_data, msg_data.data, msg_data.length); - my_data[msg_data.length] = 0; - - /* Print Inquiry Information */ - fprintf(stdout, "%s\n", my_data); - free(my_data); - free(msg_data.data); - - if ((inbuf.data = (char *) calloc(1, 3)) == (char *) 0) { - fprintf(stderr, "inbuf.data allocation error!\n"); - return(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = KADMGOOD; - inbuf.length = 2; - - if (retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata)) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)){ - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - free(msg_data.data); - return(1); - } - free(msg_data.data); - - /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(context, local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Final Reply: %s!\n", - error_message(retval)); - retval = 1; - } - - if (retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata)) { - fprintf(stderr, "Error during Final Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - decode_kadmind_reply(msg_data, &rd_priv_resp); - - free(inbuf.data); - free(msg_data.data); - - print_status_message(&rd_priv_resp, - "Password Inquiry Successful."); - - return(0); -} diff --git a/src/kadmin.old/client/kadmin_mod.c b/src/kadmin.old/client/kadmin_mod.c deleted file mode 100644 index 2a73030d00..0000000000 --- a/src/kadmin.old/client/kadmin_mod.c +++ /dev/null @@ -1,191 +0,0 @@ -/* - * kadmin/client/kadmin_mod.c - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - */ - -/* - * Sandia National Laboratories also makes no representations about the - * suitability of the modifications, or additions to this software for - * any purpose. It is provided "as is" without express or implied warranty. - */ - - -/* - * kadmin_mod - * Perform Remote Kerberos Administrative Functions - */ - -#include <stdio.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include <signal.h> -#include <string.h> -#include <com_err.h> - -#include <krb5.h> -#include "adm_defs.h" - -#ifdef HAVE_STDLIB_H -#include <stdlib.h> -#else -extern char *malloc(), *calloc(), *realloc(); -#endif - -void decode_kadmind_reply(); -int print_status_message(); - -krb5_error_code -kadm_mod_user(context, auth_context, my_creds, local_socket, principal) - krb5_context context; - krb5_auth_context auth_context; - krb5_creds *my_creds; - int *local_socket; - char *principal; -{ - krb5_data msg_data, inbuf; - kadmin_requests rd_priv_resp; - char username[755]; - int count; - krb5_replay_data replaydata; - krb5_error_code retval; /* return code */ - - if ((inbuf.data = (char *) calloc(1, 3 + sizeof(username))) == (char *) 0) { fprintf(stderr, "No memory for command!\n"); - exit(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = MODOPER; - inbuf.data[2] = SENDDATA2; - - if (principal && principal[0] != '\0') - strcpy(username, principal); - else { - count = 0; - do { - fprintf(stdout, "\nName of Principal to be Modified: "); - fgets(username, sizeof(username), stdin); - if (username[0] == '\n') - fprintf(stderr, "Invalid Principal name!\n"); - count++; - } - while (username[0] == '\n' && count < 3); - - if (username[0] == '\n') { - fprintf(stderr, "Aborting!!\n\n"); - return(1); - } - - username[strlen(username) -1] = '\0'; - } - - (void) memcpy( inbuf.data + 3, username, strlen(username)); - inbuf.length = strlen(username) + 3; - - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)){ - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - free(msg_data.data); - - /* Ok Now let's get the private message */ - if (retval = krb5_read_message(context, local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Second Reply: %s!\n", - error_message(retval)); - return(1); - } - - if ((retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - if (msg_data.data[2] == KADMBAD) { - decode_kadmind_reply(msg_data, &rd_priv_resp); - - if (rd_priv_resp.message) { - fprintf(stderr, "%s\n\n", rd_priv_resp.message); - free(rd_priv_resp.message); - } else - fprintf(stderr, "Generic error from server.\n\n"); - free(msg_data.data); - return(0); - } - free(msg_data.data); - - kadm_snd_mod(context, auth_context, my_creds, local_socket); - - if ((inbuf.data = (char *) calloc(1, 2)) == (char *) 0) { - fprintf(stderr, "No memory for command!\n"); - return(1); - } - - - inbuf.data[0] = KADMIN; - inbuf.data[1] = KADMGOOD; - inbuf.data[2] = SENDDATA3; - inbuf.length = 3; - - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)){ - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - free(msg_data.data); - return(1); - } - free(msg_data.data); - - /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(context, local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Final Reply: %s!\n", - error_message(retval)); - retval = 1; - } - - if ((retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Final Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - - - decode_kadmind_reply(msg_data, &rd_priv_resp); - - free(inbuf.data); - free(msg_data.data); - - print_status_message(&rd_priv_resp, - "Database Modification Successful."); - - return(0); -} diff --git a/src/kadmin.old/client/kadmin_msnd.c b/src/kadmin.old/client/kadmin_msnd.c deleted file mode 100644 index 2f5adae35c..0000000000 --- a/src/kadmin.old/client/kadmin_msnd.c +++ /dev/null @@ -1,279 +0,0 @@ -/* - * kadmin/client/kadmin_msnd.c - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - */ - -/* - * Sandia National Laboratories also makes no representations about the - * suitability of the modifications, or additions to this software for - * any purpose. It is provided "as is" without express or implied warranty. - */ - - -/* - * kadmin_snd_mod - * Perform Remote Kerberos Administrative Functions - */ - -#include <stdio.h> -#include <ctype.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include <signal.h> -#include <string.h> -#include <com_err.h> - -#include <sys/param.h> -#include <pwd.h> - -#include <sys/stat.h> - -#include <krb5.h> -#include "adm_defs.h" - -#ifdef HAVE_STDLIB_H -#include <stdlib.h> -#else -extern char *malloc(), *calloc(), *realloc(); -#endif - -#ifndef MAXPATHLEN -#define MAXPATHLEN 1024 -#endif - -krb5_error_code -kadm_snd_mod(context, auth_context, my_creds, local_socket) - krb5_context context; - krb5_auth_context auth_context; - krb5_creds *my_creds; - int *local_socket; -{ - krb5_replay_data replaydata; - krb5_error_code retval; /* return code */ - krb5_data msg_data, inbuf; - char mod_type[10]; - char attrib[20]; - char version[10]; - int value; - int valid_command; - int i; - - for ( ; ; ) { - valid_command = 0; -repeat1: -#ifdef SANDIA - fprintf(stdout, "\nParameter Type to be Modified (fcnt, vno, attr, or q): "); -#else - fprintf(stdout, "\nParameter Type to be Modified (vno, attr, or q): "); -#endif - - (void) fgets(mod_type, 10, stdin); - mod_type[strlen(mod_type) - 1] = '\0'; - - if ((inbuf.data = (char *) calloc(1, 80)) == (char *) 0) { - fprintf(stderr, "No memory for command!\n"); - exit(1); - } - - if (!strcmp(mod_type, "q")) { - free(inbuf.data); - goto alldone; - } -#ifdef SANDIA - if (!strcmp(mod_type, "fcnt")) { - valid_command = 1; -repeat_cnt: - fprintf(stdout, "\nFailure Count: "); - (void) fgets(version, sizeof(version), stdin); - /* Make sure version is null terminated */ - version[sizeof(version) -1] = '\0'; - /* Strip linefeed */ - if (version[strlen(version) - 1] == '\n') - version[strlen(version) - 1] = '\0'; - if (!strcmp(version, "q")) { - free(inbuf.data); - goto alldone; - } - value = -1; - sscanf(version,"%d",&value); - if (value < 0 || value > 10 ) { - fprintf(stderr, "Value must be between 0 and 10!\n"); - goto repeat_cnt; - } - inbuf.data[3] = KMODFCNT; - (void) memcpy(inbuf.data + 4, version, strlen(version)); - inbuf.length = strlen(version) + 4; - } -#endif - if (!strcmp(mod_type, "vno")) { - valid_command = 1; -repeat2: - fprintf(stdout, "\nVersion Number: "); - (void) fgets(version, sizeof(version), stdin); - /* Make sure version is null terminated */ - version[sizeof(version) -1] = '\0'; - /* Strip linefeed */ - if (version[strlen(version) - 1] == '\n') - version[strlen(version) - 1] = '\0'; - if (!strcmp(version, "q")) { - free(inbuf.data); - goto alldone; - } - value = -1; - sscanf(version,"%d",&value); - if (value < 0 || value > 255 ) { - fprintf(stderr, "Value must be between 0 and 255!\n"); - goto repeat2; - } - inbuf.data[3] = KMODVNO; - (void) memcpy(inbuf.data + 4, version, strlen(version)); - inbuf.length = strlen(version) + 4; - } - - if (!strcmp(mod_type, "attr")) { - valid_command = 1; -repeat3: - fprintf(stdout, "\nAttribute: "); - fgets(attrib, 20, stdin); - attrib[strlen(attrib) - 1] = '\0'; - for (i = 0; attrib[i] != '\0'; i++) - if (isupper(attrib[i])) - attrib[i] = tolower(attrib[i]); - - inbuf.data[3] = KMODATTR; - inbuf.data[4] = BADATTR; - inbuf.length = 5; - if (!strcmp(attrib, "post")) inbuf.data[4] = ATTRPOST; - if (!strcmp(attrib, "nopost")) inbuf.data[4] = ATTRNOPOST; - if (!strcmp(attrib, "forward")) inbuf.data[4] = ATTRFOR; - if (!strcmp(attrib, "noforward")) inbuf.data[4] = ATTRNOFOR; - if (!strcmp(attrib, "tgt")) inbuf.data[4] = ATTRTGT; - if (!strcmp(attrib, "notgt")) inbuf.data[4] = ATTRNOTGT; - if (!strcmp(attrib, "ren")) inbuf.data[4] = ATTRREN; - if (!strcmp(attrib, "noren")) inbuf.data[4] = ATTRNOREN; - if (!strcmp(attrib, "proxy")) inbuf.data[4] = ATTRPROXY; - if (!strcmp(attrib, "noproxy")) inbuf.data[4] = ATTRNOPROXY; - if (!strcmp(attrib, "dskey")) inbuf.data[4] = ATTRDSKEY; - if (!strcmp(attrib, "nodskey")) inbuf.data[4] = ATTRNODSKEY; - if (!strcmp(attrib, "lock")) inbuf.data[4] = ATTRLOCK; - if (!strcmp(attrib, "unlock")) inbuf.data[4] = ATTRUNLOCK; - if (!strcmp(attrib, "svr")) inbuf.data[4] = ATTRSVR; - if (!strcmp(attrib, "nosvr")) inbuf.data[4] = ATTRNOSVR; - -#ifdef SANDIA - if (!strcmp(attrib, "preauth")) inbuf.data[4] = ATTRPRE; - if (!strcmp(attrib, "nopreauth")) inbuf.data[4] = ATTRNOPRE; - if (!strcmp(attrib, "pwok")) inbuf.data[4] = ATTRPWOK; - if (!strcmp(attrib, "pwchange")) inbuf.data[4] = ATTRPWCHG; - if (!strcmp(attrib, "sid")) inbuf.data[4] = ATTRSID; - if (!strcmp(attrib, "nosid")) inbuf.data[4] = ATTRNOSID; -#endif - if (!strcmp(attrib, "q")){ - free(inbuf.data); - goto alldone; - } - if (inbuf.data[4] == BADATTR) { - fprintf(stderr, "Valid Responses are:\n"); - fprintf(stderr, "post/nopost - Allow/Disallow postdating\n"); - fprintf(stderr, "forward/noforward - Allow/Disallow forwarding\n"); - fprintf(stderr, "tgt/notgt - Allow/Disallow initial tickets\n"); - fprintf(stderr, "ren/noren - Allow/Disallow renewable tickets\n"); - fprintf(stderr, - "proxy/noproxy - Allow/Disallow proxiable tickets\n"); - fprintf(stderr, - "dskey/nodskey - Allow/Disallow Duplicate Session Keys\n"); - fprintf(stderr, "lock/unlock - Lock/Unlock client\n"); - fprintf(stderr, - "svr/nosvr - Allow/Disallow Use of Principal as Server\n"); -#ifdef SANDIA - fprintf(stderr, - "preauth/nopreauth - Require/Do Not Require preauthentication\n"); - fprintf(stderr, - "pwok/pwchange - Password is OK/Needs to be changed\n"); - fprintf(stderr, - "sid/nosid - Require/Do Not Require Hardware Authentication\n"); -#endif - fprintf(stderr, "q - Quit from setting attributes.\n"); - goto repeat3; - } - } - - if (!valid_command) { - free(inbuf.data); - fprintf(stderr, "Invalid command - Try Again\n"); - goto repeat1; - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = MODOPER; - inbuf.data[2] = SENDDATA3; - - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)) { - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - free(msg_data.data); - - /* Ok Now let's get the private message */ - if (retval = krb5_read_message(context, local_socket, &inbuf)){ - fprintf(stderr, "Read Error During Second Reply: %s!\n", - error_message(retval)); - return(1); - } - - if ((retval = krb5_rd_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Read Decoding :%s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - } /* for */ - -alldone: - if ((inbuf.data = (char *) calloc(1, 80)) == (char *) 0) { - fprintf(stderr, "No memory for command!\n"); - exit(1); - } - - inbuf.data[0] = KADMIN; - inbuf.data[1] = KADMGOOD; - inbuf.data[2] = SENDDATA3; - inbuf.length = 3; - - if ((retval = krb5_mk_priv(context, auth_context, &inbuf, - &msg_data, &replaydata))) { - fprintf(stderr, "Error during Second Message Encoding: %s!\n", - error_message(retval)); - free(inbuf.data); - return(1); - } - free(inbuf.data); - - /* write private message to server */ - if (krb5_write_message(context, local_socket, &msg_data)) { - fprintf(stderr, "Write Error During Second Message Transmission!\n"); - return(1); - } - free(msg_data.data); - - return(0); -} |