1
/*
2
 * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan
3
 * (Royal Institute of Technology, Stockholm, Sweden).
4
 * All rights reserved.
5
 *
6
 * Redistribution and use in source and binary forms, with or without
7
 * modification, are permitted provided that the following conditions
8
 * are met:
9
 *
10
 * 1. Redistributions of source code must retain the above copyright
11
 *    notice, this list of conditions and the following disclaimer.
12
 *
13
 * 2. Redistributions in binary form must reproduce the above copyright
14
 *    notice, this list of conditions and the following disclaimer in the
15
 *    documentation and/or other materials provided with the distribution.
16
 *
17
 * 3. Neither the name of the Institute nor the names of its contributors
18
 *    may be used to endorse or promote products derived from this software
19
 *    without specific prior written permission.
20
 *
21
 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31
 * SUCH DAMAGE.
32
 */
33

34
#include "kadmin_locl.h"
35
#include "kadmin-commands.h"
36

37
struct cpw_entry_data {
38
    int random_key;
39
    int random_password;
40
    char *password;
41
    krb5_key_data *key_data;
42
};
43

44
static int
45
set_random_key (krb5_principal principal)
46
{
47
    krb5_error_code ret;
48
    int i;
49
    krb5_keyblock *keys;
50
    int num_keys;
51

52
    ret = kadm5_randkey_principal(kadm_handle, principal, &keys, &num_keys);
53
    if(ret)
54
	return ret;
55
    for(i = 0; i < num_keys; i++)
56
	krb5_free_keyblock_contents(context, &keys[i]);
57
    free(keys);
58
    return 0;
59
}
60

61
static int
62
set_random_password (krb5_principal principal)
63
{
64
    krb5_error_code ret;
65
    char pw[128];
66

67
    random_password (pw, sizeof(pw));
68
    ret = kadm5_chpass_principal(kadm_handle, principal, pw);
69
    if (ret == 0) {
70
	char *princ_name;
71

72
	krb5_unparse_name(context, principal, &princ_name);
73

74
	printf ("%s's password set to \"%s\"\n", princ_name, pw);
75
	free (princ_name);
76
    }
77
    memset (pw, 0, sizeof(pw));
78
    return ret;
79
}
80

81
static int
82
set_password (krb5_principal principal, char *password)
83
{
84
    krb5_error_code ret = 0;
85
    char pwbuf[128];
86

87
    if(password == NULL) {
88
	char *princ_name;
89
	char *prompt;
90

91
	krb5_unparse_name(context, principal, &princ_name);
92
	asprintf(&prompt, "%s's Password: ", princ_name);
93
	free (princ_name);
94
	ret = UI_UTIL_read_pw_string(pwbuf, sizeof(pwbuf), prompt, 1);
95
	free (prompt);
96
	if(ret){
97
	    return 0; /* XXX error code? */
98
	}
99
	password = pwbuf;
100
    }
101
    if(ret == 0)
102
	ret = kadm5_chpass_principal(kadm_handle, principal, password);
103
    memset(pwbuf, 0, sizeof(pwbuf));
104
    return ret;
105
}
106

107
static int
108
set_key_data (krb5_principal principal, krb5_key_data *key_data)
109
{
110
    krb5_error_code ret;
111

112
    ret = kadm5_chpass_principal_with_key (kadm_handle, principal,
113
					   3, key_data);
114
    return ret;
115
}
116

117
static int
118
do_cpw_entry(krb5_principal principal, void *data)
119
{
120
    struct cpw_entry_data *e = data;
121

122
    if (e->random_key)
123
	return set_random_key (principal);
124
    else if (e->random_password)
125
	return set_random_password (principal);
126
    else if (e->key_data)
127
	return set_key_data (principal, e->key_data);
128
    else
129
	return set_password (principal, e->password);
130
}
131

132
int
133
cpw_entry(struct passwd_options *opt, int argc, char **argv)
134
{
135
    krb5_error_code ret = 0;
136
    int i;
137
    struct cpw_entry_data data;
138
    int num;
139
    krb5_key_data key_data[3];
140

141
    data.random_key = opt->random_key_flag;
142
    data.random_password = opt->random_password_flag;
143
    data.password = opt->password_string;
144
    data.key_data	 = NULL;
145

146
    num = 0;
147
    if (data.random_key)
148
	++num;
149
    if (data.random_password)
150
	++num;
151
    if (data.password)
152
	++num;
153
    if (opt->key_string)
154
	++num;
155

156
    if (num > 1) {
157
	fprintf (stderr, "give only one of "
158
		"--random-key, --random-password, --password, --key\n");
159
	return 1;
160
    }
161

162
    if (opt->key_string) {
163
	const char *error;
164

165
	if (parse_des_key (opt->key_string, key_data, &error)) {
166
	    fprintf (stderr, "failed parsing key \"%s\": %s\n",
167
		     opt->key_string, error);
168
	    return 1;
169
	}
170
	data.key_data = key_data;
171
    }
172

173
    for(i = 0; i < argc; i++)
174
	ret = foreach_principal(argv[i], do_cpw_entry, "cpw", &data);
175

176
    if (data.key_data) {
177
	int16_t dummy;
178
	kadm5_free_key_data (kadm_handle, &dummy, key_data);
179
    }
180

181
    return ret != 0;
182
}
183

184