aboutsummaryrefslogtreecommitdiffstats
path: root/package/ead/src/tinysrp/tphrase.c
diff options
context:
space:
mode:
Diffstat (limited to 'package/ead/src/tinysrp/tphrase.c')
-rw-r--r--package/ead/src/tinysrp/tphrase.c348
1 files changed, 0 insertions, 348 deletions
diff --git a/package/ead/src/tinysrp/tphrase.c b/package/ead/src/tinysrp/tphrase.c
deleted file mode 100644
index 1aede0c832..0000000000
--- a/package/ead/src/tinysrp/tphrase.c
+++ /dev/null
@@ -1,348 +0,0 @@
-/* Add passphrases to the tpasswd file. Use the last entry in the config
-file by default or a particular one specified by index. */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "config.h"
-#include "t_pwd.h"
-#include "t_read.h"
-#include "t_sha.h"
-#include "t_defines.h"
-
-char *Progname;
-char Usage[] = "usage: %s [-n configindex] [-p passfile] user\n";
-#define USAGE() fprintf(stderr, Usage, Progname)
-
-void doit(char *);
-
-int Configindex = -1;
-char *Passfile = DEFAULT_PASSWD;
-
-int main(int argc, char **argv)
-{
- int c;
-
- Progname = *argv;
-
- /* Parse option arguments. */
-
- while ((c = getopt(argc, argv, "n:p:")) != EOF) {
- switch (c) {
-
- case 'n':
- Configindex = atoi(optarg);
- break;
-
- case 'p':
- Passfile = optarg;
- break;
-
- default:
- USAGE();
- exit(1);
- }
- }
- argc -= optind;
- argv += optind;
-
- if (argc != 1) {
- USAGE();
- exit(1);
- }
- doit(argv[0]);
-
- return 0;
-}
-
-void doit(char *name)
-{
- char passphrase[128], passphrase1[128];
- FILE *f;
- struct t_conf *tc;
- struct t_confent *tcent;
- struct t_pw eps_passwd;
-
- /* Get the config entry. */
-
- if (Configindex <= 0) {
- Configindex = t_getprecount();
- }
- tcent = gettcid(Configindex);
- if (tcent == NULL) {
- fprintf(stderr, "Invalid configuration file entry.\n");
- exit(1);
- }
-
- /* Ask for the passphrase twice. */
-
- printf("Setting passphrase for %s\n", name);
-
- if (t_getpass(passphrase, sizeof(passphrase), "Enter passphrase: ") < 0) {
- exit(1);
- }
- if (t_getpass(passphrase1, sizeof(passphrase1), "Verify: ") < 0) {
- exit(1);
- }
- if (strcmp(passphrase, passphrase1) != 0) {
- fprintf(stderr, "mismatch\n");
- exit(1);
- }
-
- /* Create the passphrase verifier. */
-
- t_makepwent(&eps_passwd, name, passphrase, NULL, tcent);
-
- /* Don't need these anymore. */
-
- memset(passphrase, 0, sizeof(passphrase));
- memset(passphrase1, 0, sizeof(passphrase1));
-
- /* See if the passphrase file is there; create it if not. */
-
- if ((f = fopen(Passfile, "r+")) == NULL) {
- creat(Passfile, 0400);
- } else {
- fclose(f);
- }
-
- /* Change the passphrase. */
-
- if (t_changepw(Passfile, &eps_passwd.pebuf) < 0) {
- fprintf(stderr, "Error changing passphrase\n");
- exit(1);
- }
-}
-
-/* TODO: Implement a more general method to handle delete/change */
-
-_TYPE( int )
-t_changepw(pwname, diff)
- const char * pwname;
- const struct t_pwent * diff;
-{
- char * bakfile;
- char * bakfile2;
- struct stat st;
- FILE * passfp;
- FILE * bakfp;
-
- if(pwname == NULL)
- pwname = DEFAULT_PASSWD;
-
- if((passfp = fopen(pwname, "rb")) == NULL || fstat(fileno(passfp), &st) < 0)
- return -1;
-
- if((bakfile = malloc(strlen(pwname) + 5)) == NULL) {
- fclose(passfp);
- return -1;
- }
- else if((bakfile2 = malloc(strlen(pwname) + 5)) == NULL) {
- fclose(passfp);
- free(bakfile);
- return -1;
- }
-
- sprintf(bakfile, "%s.bak", pwname);
- sprintf(bakfile2, "%s.sav", pwname);
-
- if((bakfp = fopen(bakfile2, "wb")) == NULL &&
- (unlink(bakfile2) < 0 || (bakfp = fopen(bakfile2, "wb")) == NULL)) {
- fclose(passfp);
- fclose(bakfp);
- return -1;
- }
-
-#ifdef NO_FCHMOD
- chmod(bakfile2, st.st_mode & 0777);
-#else
- fchmod(fileno(bakfp), st.st_mode & 0777);
-#endif
-
- t_pwcopy(bakfp, passfp, diff);
-
- fclose(bakfp);
- fclose(passfp);
-
-#ifdef USE_RENAME
- unlink(bakfile);
- if(rename(pwname, bakfile) < 0)
- return -1;
- if(rename(bakfile2, pwname) < 0)
- return -1;
-#else
- unlink(bakfile);
- link(pwname, bakfile);
- unlink(pwname);
- link(bakfile2, pwname);
- unlink(bakfile2);
-#endif
- free(bakfile);
- free(bakfile2);
-
- return 0;
-}
-
-_TYPE( struct t_pwent * )
-t_makepwent(tpw, user, pass, salt, confent)
- struct t_pw * tpw;
- const char * user;
- const char * pass;
- const struct t_num * salt;
- const struct t_confent * confent;
-{
- BigInteger x, v, n, g;
- unsigned char dig[SHA_DIGESTSIZE];
- SHA1_CTX ctxt;
-
- tpw->pebuf.name = tpw->userbuf;
- tpw->pebuf.password.data = tpw->pwbuf;
- tpw->pebuf.salt.data = tpw->saltbuf;
-
- strncpy(tpw->pebuf.name, user, MAXUSERLEN);
- tpw->pebuf.index = confent->index;
-
- if(salt) {
- tpw->pebuf.salt.len = salt->len;
- memcpy(tpw->pebuf.salt.data, salt->data, salt->len);
- }
- else {
- memset(dig, 0, SALTLEN); /* salt is 80 bits */
- tpw->pebuf.salt.len = SALTLEN;
- do {
- t_random(tpw->pebuf.salt.data, SALTLEN);
- } while(memcmp(tpw->pebuf.salt.data, dig, SALTLEN) == 0);
- if(tpw->pebuf.salt.data[0] == 0)
- tpw->pebuf.salt.data[0] = 0xff;
- }
-
- n = BigIntegerFromBytes(confent->modulus.data, confent->modulus.len);
- g = BigIntegerFromBytes(confent->generator.data, confent->generator.len);
- v = BigIntegerFromInt(0);
-
- SHA1Init(&ctxt);
- SHA1Update(&ctxt, user, strlen(user));
- SHA1Update(&ctxt, ":", 1);
- SHA1Update(&ctxt, pass, strlen(pass));
- SHA1Final(dig, &ctxt);
-
- SHA1Init(&ctxt);
- SHA1Update(&ctxt, tpw->pebuf.salt.data, tpw->pebuf.salt.len);
- SHA1Update(&ctxt, dig, sizeof(dig));
- SHA1Final(dig, &ctxt);
-
- /* x = H(s, H(u, ':', p)) */
- x = BigIntegerFromBytes(dig, sizeof(dig));
-
- BigIntegerModExp(v, g, x, n);
- tpw->pebuf.password.len = BigIntegerToBytes(v, tpw->pebuf.password.data);
-
- BigIntegerFree(v);
- BigIntegerFree(x);
- BigIntegerFree(g);
- BigIntegerFree(n);
-
- return &tpw->pebuf;
-}
-
-int
-t_pwcopy(pwdest, pwsrc, diff)
- FILE * pwdest;
- FILE * pwsrc;
- struct t_pwent * diff;
-{
- struct t_pw * src;
- struct t_pwent * ent;
-
- if((src = t_openpw(pwsrc)) == NULL)
- return -1;
-
- while((ent = t_getpwent(src)) != NULL)
- if(diff && strcmp(diff->name, ent->name) == 0) {
- t_putpwent(diff, pwdest);
- diff = NULL;
- }
- else
- t_putpwent(ent, pwdest);
-
- if(diff)
- t_putpwent(diff, pwdest);
-
- return 0;
-}
-
-_TYPE( struct t_pwent * )
-t_getpwent(tpw)
- struct t_pw * tpw;
-{
- char indexbuf[16];
- char passbuf[MAXB64PARAMLEN];
- char saltstr[MAXB64SALTLEN];
-
-#ifdef ENABLE_YP
- struct t_passwd * nisent;
- /* FIXME: should tell caller to get conf entry from NIS also */
-
- if(tpw->state == IN_NIS) {
- nisent = _yp_gettpent();
- if(nisent != NULL) {
- savepwent(tpw, &nisent->tp);
- return &tpw->pebuf;
- }
- tpw->state = FILE_NIS;
- }
-#endif
-
- while(1) {
- if(t_nextfield(tpw->instream, tpw->userbuf, MAXUSERLEN) > 0) {
-#ifdef ENABLE_YP
- if(tpw->state == FILE_NIS && *tpw->userbuf == '+') {
- t_nextline(tpw->instream);
- if(strlen(tpw->userbuf) > 1) { /* +name:... */
- nisent = _yp_gettpnam(tpw->userbuf + 1);
- if(nisent != NULL) {
- savepwent(tpw, nisent);
- return &tpw->pebuf;
- }
- }
- else { /* +:... */
- tpw->state = IN_NIS;
- _yp_settpent();
- return t_getpwent(tpw);
- }
- }
-#endif
- if(t_nextfield(tpw->instream, passbuf, MAXB64PARAMLEN) > 0 &&
- (tpw->pebuf.password.len = t_fromb64(tpw->pwbuf, passbuf)) > 0 &&
- t_nextfield(tpw->instream, saltstr, MAXB64SALTLEN) > 0 &&
- (tpw->pebuf.salt.len = t_fromb64(tpw->saltbuf, saltstr)) > 0 &&
- t_nextfield(tpw->instream, indexbuf, 16) > 0 &&
- (tpw->pebuf.index = atoi(indexbuf)) > 0) {
- tpw->pebuf.name = tpw->userbuf;
- tpw->pebuf.password.data = tpw->pwbuf;
- tpw->pebuf.salt.data = tpw->saltbuf;
- t_nextline(tpw->instream);
- return &tpw->pebuf;
- }
- }
- if(t_nextline(tpw->instream) < 0)
- return NULL;
- }
-}
-
-_TYPE( void )
-t_putpwent(ent, fp)
- const struct t_pwent * ent;
- FILE * fp;
-{
- char strbuf[MAXB64PARAMLEN];
- char saltbuf[MAXB64SALTLEN];
-
- fprintf(fp, "%s:%s:%s:%d\n", ent->name,
- t_tob64(strbuf, ent->password.data, ent->password.len),
- t_tob64(saltbuf, ent->salt.data, ent->salt.len), ent->index);
-}
-