2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 /* These two needed for rxgen output to work */
11 #include <afsconfig.h>
12 #include <afs/param.h>
17 #include <sys/types.h>
39 #include <afs/com_err.h>
41 #include <afs/cellconfig.h>
51 /* This code borrowed heavily from the log program. Here is the intro comment
52 * for that program: */
55 log -- tell the Andrew Cache Manager your password
57 modified February 1986
59 Further modified in August 1987 to understand cell IDs.
63 kpasswd [user [password] [newpassword]] [-c cellname] [-servers <hostlist>]
66 principal is of the form 'name' or 'name@cell' which provides the
67 cellname. See the -c option below.
68 password is the user's password. This form is NOT recommended for
70 newpassword is the new password. This form is NOT recommended for
72 -c identifies cellname as the cell in which authentication is to take
74 -servers allows the explicit specification of the hosts providing
75 authentication services for the cell being used for authentication.
76 This is a debugging option and will disappear.
79 /* The following code to make use of libcmd.a also stolen from klog.c. */
84 static char **zero_argv;
85 extern int init_child(), pasword_bad(), give_to_child(), terminate_child();
95 main (argc, argv, envp)
99 { struct cmd_syndesc *ts;
104 * The following signal action for AIX is necessary so that in case of a
105 * crash (i.e. core is generated) we can include the user's data section
106 * in the core dump. Unfortunately, by default, only a partial core is
107 * generated which, in many cases, isn't too useful.
109 struct sigaction nsa;
111 sigemptyset(&nsa.sa_mask);
112 nsa.sa_handler = SIG_DFL;
113 nsa.sa_flags = SA_FULLDUMP;
114 sigaction(SIGSEGV, &nsa, NULL);
121 ts = cmd_CreateSyntax(NULL, CommandProc, 0, "change user's password");
126 #define aNEWPASSWORD 3
131 cmd_AddParm(ts, "-x", CMD_FLAG, CMD_OPTIONAL, "(obsolete, noop)");
132 cmd_AddParm(ts, "-principal", CMD_SINGLE, CMD_OPTIONAL, "user name");
133 cmd_AddParm(ts, "-password", CMD_SINGLE, CMD_OPTIONAL, "user's password");
134 cmd_AddParm(ts, "-newpassword", CMD_SINGLE, CMD_OPTIONAL, "user's new password");
135 cmd_AddParm(ts, "-cell", CMD_SINGLE, CMD_OPTIONAL, "cell name");
136 cmd_AddParm(ts, "-servers", CMD_LIST, CMD_OPTIONAL, "explicit list of servers");
137 cmd_AddParm(ts, "-pipe", CMD_FLAG, CMD_OPTIONAL, "silent operation");
139 code = cmd_Dispatch(argc, argv);
144 static void getpipepass(gpbuf, len)
148 /* read a password from stdin, stop on \n or eof */
150 memset(gpbuf, 0, len);
153 if (tc == '\n' || tc == EOF) break;
159 static afs_int32 read_pass (passwd, len, prompt, verify)
165 code = read_pw_string (passwd, len, prompt, verify);
167 getpipepass (passwd, len);
173 static int password_ok (newpw, insist)
178 /* see if it is reasonable, but don't get so obnoxious */
179 (*insist)++; /* so we don't get called again */
180 if (strlen(newpw) < 6) return 0;
182 return 1; /* lie about it */
185 static char rn[] = "kpasswd"; /* Routine name */
186 static int Pipe = 0; /* reading from a pipe */
191 if (!Pipe) fprintf (stderr, "%s: timed out\n", rn);
196 char passwd[BUFSIZ], npasswd[BUFSIZ], verify[BUFSIZ];
197 CommandProc (as, arock)
199 struct cmd_syndesc *as;
201 char name[MAXKTCNAMELEN];
202 char instance[MAXKTCNAMELEN];
203 char cell[MAXKTCREALMLEN];
204 char realm[MAXKTCREALMLEN];
205 afs_int32 serverList[MAXSERVERS];
206 char *lcell; /* local cellname */
210 struct ubik_client *conn = 0;
211 struct ktc_encryptionKey key;
212 struct ktc_encryptionKey mitkey;
213 struct ktc_encryptionKey newkey;
214 struct ktc_encryptionKey newmitkey;
216 struct ktc_token token;
219 struct passwd *pw = &pwent;
221 int insist; /* insist on good password quality */
222 int lexplicit=0; /* servers specified explicitly */
223 int local; /* explicit cell is same a local cell */
224 int foundPassword = 0; /*Not yet, anyway*/
225 int foundNewPassword = 0; /*Not yet, anyway*/
226 int foundExplicitCell = 0; /*Not yet, anyway*/
227 #ifdef DEFAULT_MITV4_STRINGTOKEY
229 #elif DEFAULT_AFS_STRINGTOKEY
235 /* blow away command line arguments */
236 for (i=1; i<zero_argc; i++) memset(zero_argv[i], 0, strlen(zero_argv[i]));
239 /* first determine quiet flag based on -pipe switch */
240 Pipe = (as->parms[aPIPE].items ? 1 : 0);
243 signal(SIGALRM, timedout);
249 !(lcell = ka_LocalCell())) {
250 #ifndef AFS_FREELANCE_CLIENT
251 if (!Pipe) com_err (rn, code , "Can't get local cell name!");
258 if (!Pipe) com_err (rn, code , "Failed to initialize Rx");
262 strcpy (instance, "");
264 /* Parse our arguments. */
266 if (as->parms[aCELL].items) {
268 * cell name explicitly mentioned; take it in if no other cell name
269 * has already been specified and if the name actually appears. If
270 * the given cell name differs from our own, we don't do a lookup.
272 foundExplicitCell = 1;
273 strncpy (realm, as->parms[aCELL].items->data, sizeof(realm));
276 if (as->parms[aSERVERS].items) {
277 /* explicit server list */
280 char *ap[MAXSERVERS+2];
282 for (ip = as->parms[aSERVERS].items, i=2; ip; ip=ip->next, i++)
286 code = ubik_ParseClientList(i, ap, serverList);
288 if (!Pipe) com_err (rn, code, "could not parse server list");
294 if (as->parms[aPRINCIPAL].items) {
295 ka_ParseLoginName (as->parms[aPRINCIPAL].items->data,
296 name, instance, cell);
297 if (strlen (instance) > 0)
299 fprintf (stderr, "Non-null instance (%s) may cause strange behavior.\n",
301 if (strlen(cell) > 0) {
302 if (foundExplicitCell) {
304 fprintf (stderr, "%s: May not specify an explicit cell twice.\n", rn);
307 foundExplicitCell = 1;
308 strncpy (realm, cell, sizeof(realm));
312 /* No explicit name provided: use Unix uid. */
315 if (GetUserName(userName, &userNameLen) == 0) {
317 fprintf (stderr, "Can't figure out your name in local cell %s from your user id.\n", lcell);
318 fprintf (stderr, "Try providing the user name.\n");
322 pw->pw_name = userName;
324 pw = getpwuid(getuid());
327 fprintf (stderr, "Can't figure out your name in local cell %s from your user id.\n", lcell);
328 fprintf (stderr, "Try providing the user name.\n");
335 if (as->parms[aPASSWORD].items) {
337 * Current argument is the desired password string. Remember it in
338 * our local buffer, and zero out the argument string - anyone can
339 * see it there with ps!
342 strncpy (passwd, as->parms[aPASSWORD].items->data, sizeof(passwd));
343 memset(as->parms[aPASSWORD].items->data, 0, strlen(as->parms[aPASSWORD].items->data));
346 if (as->parms[aNEWPASSWORD].items) {
348 * Current argument is the new password string. Remember it in
349 * our local buffer, and zero out the argument string - anyone can
350 * see it there with ps!
352 foundNewPassword = 1;
353 strncpy (npasswd, as->parms[aNEWPASSWORD].items->data,
355 memset(as->parms[aNEWPASSWORD].items->data, 0, strlen(as->parms[aNEWPASSWORD].items->data));
358 #ifdef AFS_FREELANCE_CLIENT
359 if (!foundExplicitCell && !lcell) {
360 if (!Pipe) com_err (rn, code, "no cell name provided");
364 if (!foundExplicitCell) strcpy (realm, lcell);
365 #endif /* freelance */
367 if (code = ka_CellToRealm (realm, realm, &local)) {
368 if (!Pipe) com_err (rn, code, "Can't convert cell to realm");
371 lcstring (cell, realm, sizeof(cell));
373 ka_PrintUserID ("Changing password for '", pw->pw_name, instance, "'");
374 printf (" in cell '%s'.\n", cell);
376 /* Get the password if it wasn't provided. */
377 if (!foundPassword) {
378 if (Pipe) getpipepass (passwd, sizeof(passwd));
380 code = read_pass (passwd, sizeof(passwd), "Old password: ", 0);
381 if (code || (strlen (passwd) == 0)) {
382 if (code) code = KAREADPW;
383 memset(&mitkey, 0, sizeof(mitkey));
384 memset(&key, 0, sizeof(key));
385 memset(passwd, 0, sizeof(passwd));
386 if (code) com_err (rn, code, "reading password");
391 ka_StringToKey (passwd, realm, &key);
392 des_string_to_key(passwd, &mitkey);
393 give_to_child(passwd);
395 /* Get new password if it wasn't provided. */
397 if (!foundNewPassword) {
399 getpipepass (npasswd, sizeof(npasswd));
402 code = read_pass (npasswd, sizeof(npasswd),
403 "New password (RETURN to abort): ", 0);
404 if (code || (strlen (npasswd) == 0)) {
410 } while (password_bad (npasswd));
412 code = read_pass (verify, sizeof(verify),
413 "Retype new password: ", 0);
418 if (strcmp (verify, npasswd) != 0) {
419 printf ("Mismatch - ");
422 memset(verify, 0, sizeof(verify));
425 if (code = password_bad (npasswd)) { /* assmt here! */
426 goto no_change_no_msg;
430 if (strlen(npasswd) > 8) {
433 "%s: password too long, only the first 8 chars will be used.\n",
437 npasswd[8] = 0; /* in case the password was exactly 8 chars long */
439 ka_StringToKey (npasswd, realm, &newkey);
440 des_string_to_key(npasswd, &newmitkey);
441 memset(npasswd, 0, sizeof(npasswd));
443 if (lexplicit) ka_ExplicitCell (realm, serverList);
445 /* Get an connection to kaserver's admin service in desired cell. Set the
446 * lifetime above the time uncertainty so that badly skewed clocks are
447 * reported when the ticket is decrypted. Then give us 10 seconds to
448 * actually get our work done if the clocks are skewed by only 14:59.
449 * NOTE: Kerberos lifetime encoding will round this up to next 5 minute
450 * interval, namely 20 minutes. */
452 #define ADMIN_LIFETIME (KTC_TIME_UNCERTAINTY+1)
454 code = ka_GetAdminToken (pw->pw_name, instance, realm,
455 &key, ADMIN_LIFETIME, &token, /*!new*/0);
456 if (code == KABADREQUEST) {
457 code = ka_GetAdminToken (pw->pw_name, instance, realm,
458 &mitkey, ADMIN_LIFETIME, &token, /*!new*/0);
459 if ((code == KABADREQUEST) && (strlen (passwd) > 8)) {
460 /* try with only the first 8 characters incase they set their password
461 * with an old style passwd program. */
463 strncpy (pass8, passwd, 8);
465 ka_StringToKey (pass8, realm, &key);
466 memset(pass8, 0, sizeof(pass8));
467 memset(passwd, 0, sizeof(passwd));
468 code = ka_GetAdminToken (pw->pw_name, instance, realm,
469 &key, ADMIN_LIFETIME, &token, /*!new*/0);
471 /* the folks in testing really *hate* this message */
473 fprintf (stderr, "Warning: only the first 8 characters of your old password were significant.\n");
489 memset(&mitkey, 0, sizeof(mitkey));
490 memset(&key, 0, sizeof(key));
491 if (code == KAUBIKCALL) com_err (rn, code, "(Authentication Server unavailable, try later)");
493 if (code == KABADREQUEST)
494 fprintf(stderr, "%s: Incorrect old password.\n", rn);
496 com_err (rn, code, "so couldn't change password");
499 code = ka_AuthServerConn (realm, KA_MAINTENANCE_SERVICE, &token, &conn);
500 if (code) com_err (rn, code, "contacting Admin Server");
503 code = ka_ChangePassword (pw->pw_name, instance, conn, 0, &newmitkey);
505 code = ka_ChangePassword (pw->pw_name, instance, conn, 0, &newkey);
506 memset(&newkey, 0, sizeof(newkey));
507 memset(&newmitkey, 0, sizeof(newmitkey));
510 reason = (char *) error_message(code);
511 fprintf (stderr, "%s: Password was not changed because %s\n", rn, reason);
513 else printf("Password changed.\n\n");
516 memset(&newkey, 0, sizeof(newkey));
517 memset(&newmitkey, 0, sizeof(newmitkey));
519 /* Might need to close down the ubik_Client connection */
521 ubik_ClientDestroy(conn);
528 no_change: /* yuck, yuck, yuck */
529 if (code) com_err (rn, code, "getting new password");
531 memset(&key, 0, sizeof(key));
532 memset(npasswd, 0, sizeof(npasswd));
533 printf("Password for '%s' in cell '%s' unchanged.\n\n", pw->pw_name, cell);
535 exit (code ? code : 1);