/crypto/heimdal/kpasswd/kpasswd-generator.c

https://bitbucket.org/freebsd/freebsd-head/ · C · 207 lines · 150 code · 25 blank · 32 comment · 25 complexity · 53cb953e256812df4d17977d73e3b3a8 MD5 · raw file

  1. /*
  2. * Copyright (c) 2000 - 2004 Kungliga Tekniska Hรถgskolan
  3. * (Royal Institute of Technology, Stockholm, Sweden).
  4. * All rights reserved.
  5. *
  6. * Redistribution and use in source and binary forms, with or without
  7. * modification, are permitted provided that the following conditions
  8. * are met:
  9. *
  10. * 1. Redistributions of source code must retain the above copyright
  11. * notice, this list of conditions and the following disclaimer.
  12. *
  13. * 2. Redistributions in binary form must reproduce the above copyright
  14. * notice, this list of conditions and the following disclaimer in the
  15. * documentation and/or other materials provided with the distribution.
  16. *
  17. * 3. Neither the name of the Institute nor the names of its contributors
  18. * may be used to endorse or promote products derived from this software
  19. * without specific prior written permission.
  20. *
  21. * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24. * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31. * SUCH DAMAGE.
  32. */
  33. #include "kpasswd_locl.h"
  34. RCSID("$Id$");
  35. static unsigned
  36. read_words (const char *filename, char ***ret_w)
  37. {
  38. unsigned n, alloc;
  39. FILE *f;
  40. char buf[256];
  41. char **w = NULL;
  42. f = fopen (filename, "r");
  43. if (f == NULL)
  44. err (1, "cannot open %s", filename);
  45. alloc = n = 0;
  46. while (fgets (buf, sizeof(buf), f) != NULL) {
  47. buf[strcspn(buf, "\r\n")] = '\0';
  48. if (n >= alloc) {
  49. alloc += 16;
  50. w = erealloc (w, alloc * sizeof(char **));
  51. }
  52. w[n++] = estrdup (buf);
  53. }
  54. *ret_w = w;
  55. if (n == 0)
  56. errx(1, "%s is an empty file, no words to try", filename);
  57. fclose(f);
  58. return n;
  59. }
  60. static int
  61. nop_prompter (krb5_context context,
  62. void *data,
  63. const char *name,
  64. const char *banner,
  65. int num_prompts,
  66. krb5_prompt prompts[])
  67. {
  68. return 0;
  69. }
  70. static void
  71. generate_requests (const char *filename, unsigned nreq)
  72. {
  73. krb5_context context;
  74. krb5_error_code ret;
  75. int i;
  76. char **words;
  77. unsigned nwords;
  78. ret = krb5_init_context (&context);
  79. if (ret)
  80. errx (1, "krb5_init_context failed: %d", ret);
  81. nwords = read_words (filename, &words);
  82. for (i = 0; i < nreq; ++i) {
  83. char *name = words[rand() % nwords];
  84. krb5_get_init_creds_opt *opt;
  85. krb5_creds cred;
  86. krb5_principal principal;
  87. int result_code;
  88. krb5_data result_code_string, result_string;
  89. char *old_pwd, *new_pwd;
  90. krb5_get_init_creds_opt_alloc (context, &opt);
  91. krb5_get_init_creds_opt_set_tkt_life (opt, 300);
  92. krb5_get_init_creds_opt_set_forwardable (opt, FALSE);
  93. krb5_get_init_creds_opt_set_proxiable (opt, FALSE);
  94. ret = krb5_parse_name (context, name, &principal);
  95. if (ret)
  96. krb5_err (context, 1, ret, "krb5_parse_name %s", name);
  97. asprintf (&old_pwd, "%s", name);
  98. asprintf (&new_pwd, "%s2", name);
  99. ret = krb5_get_init_creds_password (context,
  100. &cred,
  101. principal,
  102. old_pwd,
  103. nop_prompter,
  104. NULL,
  105. 0,
  106. "kadmin/changepw",
  107. opt);
  108. if( ret == KRB5KRB_AP_ERR_BAD_INTEGRITY
  109. || ret == KRB5KRB_AP_ERR_MODIFIED) {
  110. char *tmp;
  111. tmp = new_pwd;
  112. new_pwd = old_pwd;
  113. old_pwd = tmp;
  114. ret = krb5_get_init_creds_password (context,
  115. &cred,
  116. principal,
  117. old_pwd,
  118. nop_prompter,
  119. NULL,
  120. 0,
  121. "kadmin/changepw",
  122. opt);
  123. }
  124. if (ret)
  125. krb5_err (context, 1, ret, "krb5_get_init_creds_password");
  126. krb5_free_principal (context, principal);
  127. ret = krb5_set_password (context,
  128. &cred,
  129. new_pwd,
  130. NULL,
  131. &result_code,
  132. &result_code_string,
  133. &result_string);
  134. if (ret)
  135. krb5_err (context, 1, ret, "krb5_change_password");
  136. free (old_pwd);
  137. free (new_pwd);
  138. krb5_free_cred_contents (context, &cred);
  139. krb5_get_init_creds_opt_free(context, opt);
  140. }
  141. }
  142. static int version_flag = 0;
  143. static int help_flag = 0;
  144. static struct getargs args[] = {
  145. { "version", 0, arg_flag, &version_flag },
  146. { "help", 0, arg_flag, &help_flag }
  147. };
  148. static void
  149. usage (int ret)
  150. {
  151. arg_printusage (args,
  152. sizeof(args)/sizeof(*args),
  153. NULL,
  154. "file [number]");
  155. exit (ret);
  156. }
  157. int
  158. main(int argc, char **argv)
  159. {
  160. int optind = 0;
  161. int nreq;
  162. char *end;
  163. setprogname(argv[0]);
  164. if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind))
  165. usage(1);
  166. if (help_flag)
  167. usage (0);
  168. if (version_flag) {
  169. print_version(NULL);
  170. return 0;
  171. }
  172. argc -= optind;
  173. argv += optind;
  174. if (argc != 2)
  175. usage (1);
  176. srand (0);
  177. nreq = strtol (argv[1], &end, 0);
  178. if (argv[1] == end || *end != '\0')
  179. usage (1);
  180. generate_requests (argv[0], nreq);
  181. return 0;
  182. }