Annotation of src/usr.bin/skeyinit/skeyinit.c, Revision 1.1.1.1
1.1 deraadt 1: /* $NetBSD: skeyinit.c,v 1.6 1995/06/05 19:50:48 pk Exp $ */
2:
3: /* S/KEY v1.1b (skeyinit.c)
4: *
5: * Authors:
6: * Neil M. Haller <nmh@thumper.bellcore.com>
7: * Philip R. Karn <karn@chicago.qualcomm.com>
8: * John S. Walden <jsw@thumper.bellcore.com>
9: * Scott Chasin <chasin@crimelab.com>
10: *
11: * S/KEY initialization and seed update
12: */
13:
14: #include <sys/param.h>
15: #include <sys/time.h>
16: #include <sys/resource.h>
17:
18: #include <stdio.h>
19: #include <stdlib.h>
20: #include <string.h>
21: #include <err.h>
22: #include <pwd.h>
23: #include <unistd.h>
24: #include <time.h>
25: #include <ctype.h>
26:
27: #include "skey.h"
28:
29: #define NAMELEN 2
30:
31: int skeylookup __ARGS((struct skey * mp, char *name));
32:
33: int
34: main(argc, argv)
35: int argc;
36: char *argv[];
37: {
38: int rval, n, nn, i, defaultsetup, l;
39: time_t now;
40: char hostname[MAXHOSTNAMELEN];
41: char seed[18], tmp[80], key[8], defaultseed[17];
42: char passwd[256], passwd2[256], tbuf[27], buf[60];
43: char lastc, me[80], user[8], *salt, *p, *pw;
44: struct skey skey;
45: struct passwd *pp;
46: struct tm *tm;
47:
48: time(&now);
49: tm = localtime(&now);
50: strftime(tbuf, sizeof(tbuf), "%M%j", tm);
51:
52: if (gethostname(hostname, sizeof(hostname)) < 0)
53: err(1, "gethostname");
54: strncpy(defaultseed, hostname, sizeof(defaultseed)- 1);
55: defaultseed[4] = '\0';
56: strncat(defaultseed, tbuf, sizeof(defaultseed) - 5);
57:
58: if ((pp = getpwuid(getuid())) == NULL)
59: err(1, "no user with uid %d", getuid());
60: strcpy(me, pp->pw_name);
61:
62: if ((pp = getpwnam(me)) == NULL)
63: err(1, "Who are you?");
64:
65: defaultsetup = 1;
66: if (argc > 1) {
67: if (strcmp("-s", argv[1]) == 0)
68: defaultsetup = 0;
69: else
70: pp = getpwnam(argv[1]);
71:
72: if (argc > 2)
73: pp = getpwnam(argv[2]);
74: }
75: if (pp == NULL) {
76: err(1, "User unknown");
77: }
78: if (strcmp(pp->pw_name, me) != 0) {
79: if (getuid() != 0) {
80: /* Only root can change other's passwds */
81: printf("Permission denied.\n");
82: exit(1);
83: }
84: }
85: salt = pp->pw_passwd;
86:
87: setpriority(PRIO_PROCESS, 0, -4);
88:
89: if (getuid() != 0) {
90: setpriority(PRIO_PROCESS, 0, -4);
91:
92: pw = getpass("Password:");
93: p = crypt(pw, salt);
94:
95: setpriority(PRIO_PROCESS, 0, 0);
96:
97: if (pp && strcmp(p, pp->pw_passwd)) {
98: printf("Password incorrect.\n");
99: exit(1);
100: }
101: }
102: rval = skeylookup(&skey, pp->pw_name);
103: switch (rval) {
104: case -1:
105: err(1, "cannot open database");
106: case 0:
107: printf("[Updating %s]\n", pp->pw_name);
108: printf("Old key: %s\n", skey.seed);
109:
110: /*
111: * lets be nice if they have a skey.seed that
112: * ends in 0-8 just add one
113: */
114: l = strlen(skey.seed);
115: if (l > 0) {
116: lastc = skey.seed[l - 1];
117: if (isdigit(lastc) && lastc != '9') {
118: strcpy(defaultseed, skey.seed);
119: defaultseed[l - 1] = lastc + 1;
120: }
121: if (isdigit(lastc) && lastc == '9' && l < 16) {
122: strcpy(defaultseed, skey.seed);
123: defaultseed[l - 1] = '0';
124: defaultseed[l] = '0';
125: defaultseed[l + 1] = '\0';
126: }
127: }
128: break;
129: case 1:
130: printf("[Adding %s]\n", pp->pw_name);
131: break;
132: }
133: n = 99;
134:
135: if (!defaultsetup) {
136: printf("You need the 6 english words generated from the \"key\" command.\n");
137: for (i = 0;; i++) {
138: if (i >= 2)
139: exit(1);
140: printf("Enter sequence count from 1 to 10000: ");
141: fgets(tmp, sizeof(tmp), stdin);
142: n = atoi(tmp);
143: if (n > 0 && n < 10000)
144: break; /* Valid range */
145: printf("\n Error: Count must be > 0 and < 10000\n");
146: }
147: }
148: if (!defaultsetup) {
149: printf("Enter new key [default %s]: ", defaultseed);
150: fflush(stdout);
151: fgets(seed, sizeof(seed), stdin);
152: rip(seed);
153: if (strlen(seed) > 16) {
154: printf("Notice: Seed truncated to 16 characters.\n");
155: seed[16] = '\0';
156: }
157: if (seed[0] == '\0')
158: strcpy(seed, defaultseed);
159:
160: for (i = 0;; i++) {
161: if (i >= 2)
162: exit(1);
163:
164: printf("s/key %d %s\ns/key access password: ", n, seed);
165: fgets(tmp, sizeof(tmp), stdin);
166: rip(tmp);
167: backspace(tmp);
168:
169: if (tmp[0] == '?') {
170: printf("Enter 6 English words from secure S/Key calculation.\n");
171: continue;
172: }
173: if (tmp[0] == '\0') {
174: exit(1);
175: }
176: if (etob(key, tmp) == 1 || atob8(key, tmp) == 0)
177: break; /* Valid format */
178: printf("Invalid format - try again with 6 English words.\n");
179: }
180: } else {
181: /* Get user's secret password */
182: for (i = 0;; i++) {
183: if (i >= 2)
184: exit(1);
185:
186: printf("Enter secret password: ");
187: readpass(passwd, sizeof(passwd));
188: if (passwd[0] == '\0')
189: exit(1);
190:
191: printf("Again secret password: ");
192: readpass(passwd2, sizeof(passwd));
193: if (passwd2[0] == '\0')
194: exit(1);
195:
196: if (strlen(passwd) < 4 && strlen(passwd2) < 4)
197: err(1, "Your password must be longer");
198: if (strcmp(passwd, passwd2) == 0)
199: break;
200:
201: printf("Passwords do not match.\n");
202: }
203: strcpy(seed, defaultseed);
204:
205: /* Crunch seed and password into starting key */
206: if (keycrunch(key, seed, passwd) != 0)
207: err(2, "key crunch failed");
208: nn = n;
209: while (nn-- != 0)
210: f(key);
211: }
212: time(&now);
213: tm = localtime(&now);
214: strftime(tbuf, sizeof(tbuf), " %b %d,%Y %T", tm);
215:
216: skey.val = (char *)malloc(16 + 1);
217:
218: btoa8(skey.val, key);
219:
220: fprintf(skey.keyfile, "%s %04d %-16s %s %-21s\n", pp->pw_name, n,
221: seed, skey.val, tbuf);
222: fclose(skey.keyfile);
223: printf("ID %s s/key is %d %s\n", pp->pw_name, n, seed);
224: printf("Next login password: %s\n", btoe(buf, key));
225: #ifdef HEXIN
226: printf("%s\n", put8(buf, key));
227: #endif
228:
229: exit(1);
230: }