mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-19 17:50:51 +01:00
b1ebdd50cb
These are the start of a lot of work to clean up the FreeBSD eBones code. these changes include, but are not limited to: - Create prototypes for all the library routines - Make all the libraries compile clean with -Wall set - Fix numerous small bugs shown up in the above process - Prepare the code for libdes's removal to secure/ - add register, registerd and make_keypair to the make Lots more will follow in days to come. OK'ed by: rgrimes
71 lines
2.1 KiB
C
71 lines
2.1 KiB
C
/*
|
|
* Copyright 1986, 1987, 1988 by the Massachusetts Institute
|
|
* of Technology.
|
|
* For copying and distribution information, please see the file
|
|
* <Copyright.MIT>.
|
|
*
|
|
* from: get_pw_tkt.c,v 4.6 89/01/13 18:19:11 steiner Exp $
|
|
* $Id: get_pw_tkt.c,v 1.3 1995/07/18 16:38:37 mark Exp $
|
|
*/
|
|
|
|
#if 0
|
|
#ifndef lint
|
|
static char *rcsid =
|
|
"$Id: get_pw_tkt.c,v 1.3 1995/07/18 16:38:37 mark Exp $";
|
|
#endif /* lint */
|
|
#endif
|
|
|
|
|
|
#include <krb.h>
|
|
|
|
/*
|
|
* Get a ticket for the password-changing server ("changepw.KRB_MASTER").
|
|
*
|
|
* Given the name, instance, realm, and current password of the
|
|
* principal for which the user wants a password-changing-ticket,
|
|
* return either:
|
|
*
|
|
* GT_PW_BADPW if current password was wrong,
|
|
* GT_PW_NULL if principal had a NULL password,
|
|
* or the result of the krb_get_pw_in_tkt() call.
|
|
*
|
|
* First, try to get a ticket for "user.instance@realm" to use the
|
|
* "changepw.KRB_MASTER" server (KRB_MASTER is defined in "krb.h").
|
|
* The requested lifetime for the ticket is "1", and the current
|
|
* password is the "cpw" argument given.
|
|
*
|
|
* If the password was bad, give up.
|
|
*
|
|
* If the principal had a NULL password in the Kerberos database
|
|
* (indicating that the principal is known to Kerberos, but hasn't
|
|
* got a password yet), try instead to get a ticket for the principal
|
|
* "default.changepw@realm" to use the "changepw.KRB_MASTER" server.
|
|
* Use the password "changepwkrb" instead of "cpw". Return GT_PW_NULL
|
|
* if all goes well, otherwise the error.
|
|
*
|
|
* If this routine succeeds, a ticket and session key for either the
|
|
* principal "user.instance@realm" or "default.changepw@realm" to use
|
|
* the password-changing server will be in the user's ticket file.
|
|
*/
|
|
|
|
int get_pw_tkt(char *user, char *instance, char *realm, char *cpw)
|
|
{
|
|
int kerror;
|
|
|
|
kerror = krb_get_pw_in_tkt(user, instance, realm, "changepw",
|
|
KRB_MASTER, 1, cpw);
|
|
|
|
if (kerror == INTK_BADPW)
|
|
return(GT_PW_BADPW);
|
|
|
|
if (kerror == KDC_NULL_KEY) {
|
|
kerror = krb_get_pw_in_tkt("default","changepw",realm,"changepw",
|
|
KRB_MASTER,1,"changepwkrb");
|
|
if (kerror)
|
|
return(kerror);
|
|
return(GT_PW_NULL);
|
|
}
|
|
|
|
return(kerror);
|
|
}
|