diff options
-rw-r--r-- | src/kadmin/v4server/ChangeLog | 15 | ||||
-rw-r--r-- | src/kadmin/v4server/Makefile.in | 11 | ||||
-rw-r--r-- | src/kadmin/v4server/build_pwfile.c | 119 | ||||
-rw-r--r-- | src/kadmin/v4server/kadm_funcs.c | 8 | ||||
-rw-r--r-- | src/kadmin/v4server/kadm_server.c | 97 |
5 files changed, 200 insertions, 50 deletions
diff --git a/src/kadmin/v4server/ChangeLog b/src/kadmin/v4server/ChangeLog index 5ced9eb321..c8846ff141 100644 --- a/src/kadmin/v4server/ChangeLog +++ b/src/kadmin/v4server/ChangeLog @@ -1,3 +1,18 @@ +Fri Jul 3 18:17:48 1998 Theodore Y. Ts'o <tytso@mit.edu> + + * Makefile.in (build_pwfile): Add rule to build the build_pwfile + program. + + * kadm_server.c (kadm_ser_cpw): Put the call to the + kadm_approve_pw in the common code, so it's executed even + if KADM5 is defined. Add appropriate syslogs to the + change password processing. + + * kadm_funcs.c (pwstring;): If NDBM_PW_CHECK is defined, then do + the NDBM-based dictionary check. Build kadmind4 using + the make option PW_CHECK=-DNDBM_PW_CHECK if this feature + is desired. + 1998-05-08 Theodore Ts'o <tytso@rsts-11.mit.edu> * kadm_server.c (krb_log): Print the year using 4 digit to avoid diff --git a/src/kadmin/v4server/Makefile.in b/src/kadmin/v4server/Makefile.in index 19b7ee81ca..726b91a849 100644 --- a/src/kadmin/v4server/Makefile.in +++ b/src/kadmin/v4server/Makefile.in @@ -1,6 +1,6 @@ thisconfigdir=./.. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) \ +CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) $(PW_CHECK) \ -DKADM5 -DNEED_SOCKETS @HESIOD_DEFS@ PROG_LIBPATH=-L$(TOPLIBD) $(KRB4_LIBPATH) PROG_RPATH=$(KRB5_LIBDIR) @@ -21,11 +21,16 @@ kadm_err.c kadm_err.h: kadm_err.et $(OBJS): kadm_err.h $(PROG): $(OBJS) $(KADMCLNT_DEPLIBS) $(DB_DEPLIB) $(KRB4COMPAT_DEPLIBS) - $(CC_LINK) -o $(PROG) $(OBJS) $(KADMCLNT_LIBS) $(DB_LIB) $(KRB4COMPAT_LIBS) $(HESIOD_LIBS) + $(CC_LINK) -o $(PROG) $(OBJS) $(KADMCLNT_LIBS) $(DB_LIB) \ + $(KRB4COMPAT_LIBS) $(HESIOD_LIBS) + +build_pwfile: build_pwfile.o $(DB_DEPLIB) $(KRB4COMPAT_DEPLIBS) + $(CC_LINK) -o build_pwfile build_pwfile.o $(DB_LIB) \ + $(KRB4COMPAT_LIBS) $(HESIOD_LIBS) install:: $(INSTALL_PROGRAM) $(PROG) ${DESTDIR}$(ADMIN_BINDIR)/$(PROG) clean:: - $(RM) $(PROG) $(OBJS) + $(RM) $(PROG) $(OBJS) build_pwfile build_pwfile.o $(RM) kadm_err.h kadm_err.c diff --git a/src/kadmin/v4server/build_pwfile.c b/src/kadmin/v4server/build_pwfile.c new file mode 100644 index 0000000000..9cede78cc9 --- /dev/null +++ b/src/kadmin/v4server/build_pwfile.c @@ -0,0 +1,119 @@ +#define NDBM +/* + * build_pwfile.c --- build a table of bad passwords, keyed by their + * des equivalents. + * + * Written by Theodore Ts'o + * + * Copyright 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + */ + +#ifndef lint +static char rcsid_build_pwfile_c[] = +"$Id$"; +#endif lint + +#include <mit-copyright.h> +#include <stdio.h> +#include <sys/types.h> +#include <sys/param.h> +#include <sys/file.h> + +#ifdef NDBM +#include <ndbm.h> +#else /*NDBM*/ +#include <dbm.h> +#endif /*NDBM*/ + +#include <kadm.h> +#include <kadm_err.h> +#include <krb_db.h> +#include "kadm_server.h" + +/* Macros to convert ndbm names to dbm names. + * Note that dbm_nextkey() cannot be simply converted using a macro, since + * it is invoked giving the database, and nextkey() needs the previous key. + * + * Instead, all routines call "dbm_next" instead. + */ +#ifndef NDBM +typedef char DBM; +#define dbm_open(file, flags, mode) ((dbminit(file) == 0)?"":((char *)0)) +#define dbm_fetch(db, key) fetch(key) +#define dbm_store(db, key, content, flag) store(key, content) +#define dbm_firstkey(db) firstkey() +#define dbm_next(db,key) nextkey(key) +#define dbm_close(db) dbmclose() +#else +#define dbm_next(db,key) dbm_nextkey(db) +#endif + +main(argc, argv) + int argc; + char **argv; +{ + DBM *pwfile; + FILE *f; + datum passwd, entry; + des_cblock key; + char word[1024]; + int len, filenum, i; + int wptr; + + if (argc != 2) { + fprintf(stderr,"%s: Usage: %s filename\n", argv[0], argv[0]); + exit(1); + } + if (!(f = fopen(argv[1], "r"))) { + perror(argv[1]); + exit(1); + } + pwfile = dbm_open(PW_CHECK_FILE, O_RDWR|O_CREAT, 0644); + if (!pwfile) { + fprintf(stderr, "Couldn't open %s for writing.\n", + PW_CHECK_FILE); + perror("dbm_open"); + exit(1); + } + filenum = 0; + do { + filenum++; + passwd.dptr = (char *) &filenum; + passwd.dsize = sizeof(filenum); + entry.dptr = argv[1]; + entry.dsize = strlen(argv[1])+1; + } while (dbm_store(pwfile, passwd, entry, DBM_INSERT)); + i = 0; + while (!feof(f)) { + i++; + wptr = (filenum << 24) + i; + fgets(word, sizeof(word), f); + len = strlen(word); + if (len > 0 && word[len-1] == '\n') + word[--len] = '\0'; +#ifdef NOENCRYPTION + bzero((char *) key, sizeof(des_cblock)); + key[0] = (unsigned char) 1; +#else + (void) des_string_to_key(word, key); +#endif + + passwd.dptr = (char *) key; + passwd.dsize = 8; + entry.dptr = (char *) &wptr; +#ifdef notdef + entry.dsize = sizeof(wptr); +#else + entry.dsize = 0; +#endif + dbm_store(pwfile, passwd, entry, DBM_REPLACE); + } + dbm_close(pwfile); + exit(0); +} + + + diff --git a/src/kadmin/v4server/kadm_funcs.c b/src/kadmin/v4server/kadm_funcs.c index 87eb227ee8..1d32073007 100644 --- a/src/kadmin/v4server/kadm_funcs.c +++ b/src/kadmin/v4server/kadm_funcs.c @@ -19,7 +19,9 @@ the actual database manipulation code #include <stdio.h> #include <string.h> #include <sys/param.h> -/* #include <ndbm.h> Gotten by kadmin_server.h */ +#ifdef NDBM_PW_CHECK +#include <ndbm.h> +#endif #include <ctype.h> #include <pwd.h> #include <sys/file.h> @@ -746,7 +748,7 @@ des_cblock newpw; char *pwstring; { int retval; -#ifdef notdef +#if NDBM_PW_CHECK static DBM *pwfile = NULL; datum passwd, entry; #endif @@ -762,7 +764,7 @@ char *pwstring; return(KADM_PW_MISMATCH); if (pwstring && (strlen(pwstring) < 5)) return(KADM_INSECURE_PW); -#ifdef notdef +#if NDBM_PW_CHECK if (!pwfile) { pwfile = dbm_open(PW_CHECK_FILE, O_RDONLY, 0644); } diff --git a/src/kadmin/v4server/kadm_server.c b/src/kadmin/v4server/kadm_server.c index e84e0b7a70..71cec13391 100644 --- a/src/kadmin/v4server/kadm_server.c +++ b/src/kadmin/v4server/kadm_server.c @@ -24,6 +24,7 @@ #else #include <time.h> #endif +#include <syslog.h> #ifdef KADM5 #include <com_err.h> @@ -167,13 +168,55 @@ int *outlen; memcpy((char *)(((krb5_int32 *)newkey) + 1), (char *)&keyhigh, 4); memcpy((char *)newkey, (char *)&keylow, 4); + if (retval = kadm_approve_pw(ad->pname, ad->pinst, ad->prealm, + newkey, no_pword ? 0 : pword)) { + if (retval == KADM_PW_MISMATCH) { + /* + * Very strange!!! This means that the cleartext + * password which was sent and the DES cblock + * didn't match! + */ + syslog(LOG_ERR, "'%s.%s@%s' sent a password string which didn't match with the DES key?!?", + ad->pname, ad->pinst, ad->prealm); + return(retval); + } + if (fascist_cpw) { + *outlen = strlen(bad_pw_err)+strlen(pw_blurb)+1; + if (*datout = (u_char *) malloc(*outlen)) { + strcpy((char *) *datout, bad_pw_err); + strcat((char *) *datout, pw_blurb); + } else + *outlen = 0; + syslog(LOG_ERR, "'%s.%s@%s' tried to use an insecure password in changepw", + ad->pname, ad->pinst, ad->prealm); +#ifdef notdef + /* For debugging only, probably a bad idea */ + if (!no_pword) + (void) krb_log("The password was %s\n", pword); +#endif + return(retval); + } else { + *outlen = strlen(bad_pw_warn) + strlen(pw_blurb)+1; + if (*datout = (u_char *) malloc(*outlen)) { + strcpy((char *) *datout, bad_pw_warn); + strcat((char *) *datout, pw_blurb); + } else + *outlen = 0; + syslog(LOG_ERR, "'%s.%s@%s' used an insecure password in changepw", + ad->pname, ad->pinst, ad->prealm); + } + } else { + *datout = 0; + *outlen = 0; + } + #ifdef KADM5 /* we don't use the client-provided key itself */ keylow = keyhigh = 0; memset(newkey, 0, sizeof(newkey)); if (no_pword) { - krb_log("Old-style change password request from '%s.%s@%s'!", + syslog(LOG_ERR, "Old-style change password request from '%s.%s@%s'!", ad->pname, ad->pinst, ad->prealm); *outlen = strlen(pw_required)+1; if (*datout = (u_char *) malloc(*outlen)) { @@ -184,6 +227,9 @@ int *outlen; return KADM_INSECURE_PW; } + syslog(LOG_INFO, "'%s.%s@%s' wants to change its password", + ad->pname, ad->pinst, ad->prealm); + if (krb5_build_principal(kadm_context, &user_princ, strlen(ad->prealm), ad->prealm, @@ -269,54 +315,17 @@ send_response: strcat(*datout, "\n"); } else *outlen = 0; + } else { + syslog(LOG_INFO, + "'%s.%s@%s' password changed.", + ad->pname, ad->pinst, ad->prealm); } if (retval == KADM_INSECURE_PW) { - krb_log("'%s.%s@%s' tried to use an insecure password in changepw", + syslog(LOG_ERR, + "'%s.%s@%s' tried to use an insecure password in changepw", ad->pname, ad->pinst, ad->prealm); } #else /* KADM5 */ - if (retval = kadm_approve_pw(ad->pname, ad->pinst, ad->prealm, - newkey, no_pword ? 0 : pword)) { - if (retval == KADM_PW_MISMATCH) { - /* - * Very strange!!! This means that the cleartext - * password which was sent and the DES cblock - * didn't match! - */ - (void) krb_log("'%s.%s@%s' sent a password string which didn't match with the DES key?!?", - ad->pname, ad->pinst, ad->prealm); - return(retval); - } - if (fascist_cpw) { - *outlen = strlen(bad_pw_err)+strlen(pw_blurb)+1; - if (*datout = (u_char *) malloc(*outlen)) { - strcpy((char *) *datout, bad_pw_err); - strcat((char *) *datout, pw_blurb); - } else - *outlen = 0; - (void) krb_log("'%s.%s@%s' tried to use an insecure password in changepw", - ad->pname, ad->pinst, ad->prealm); -#ifdef notdef - /* For debugging only, probably a bad idea */ - if (!no_pword) - (void) krb_log("The password was %s\n", pword); -#endif - return(retval); - } else { - *outlen = strlen(bad_pw_warn) + strlen(pw_blurb)+1; - if (*datout = (u_char *) malloc(*outlen)) { - strcpy((char *) *datout, bad_pw_warn); - strcat((char *) *datout, pw_blurb); - } else - *outlen = 0; - (void) krb_log("'%s.%s@%s' used an insecure password in changepw", - ad->pname, ad->pinst, ad->prealm); - } - } else { - *datout = 0; - *outlen = 0; - } - retval = kadm_change(ad->pname, ad->pinst, ad->prealm, newkey); keylow = keyhigh = 0; memset(newkey, 0, sizeof(newkey)); |