1/* 2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for 3 * unrestricted use provided that this legend is included on all tape 4 * media and as a part of the software program in whole or part. Users 5 * may copy or modify Sun RPC without charge, but are not authorized 6 * to license or distribute it to anyone else except as part of a product or 7 * program developed by the user or with the express written consent of 8 * Sun Microsystems, Inc. 9 * 10 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE 11 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR 12 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. 13 * 14 * Sun RPC is provided with no support and without any obligation on the 15 * part of Sun Microsystems, Inc. to assist in its use, correction, 16 * modification or enhancement. 17 * 18 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE 19 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC 20 * OR ANY PART THEREOF. 21 * 22 * In no event will Sun Microsystems, Inc. be liable for any lost revenue 23 * or profits or other special, indirect and consequential damages, even if 24 * Sun has been advised of the possibility of such damages. 25 * 26 * Sun Microsystems, Inc. 27 * 2550 Garcia Avenue 28 * Mountain View, California 94043 29 */ 30 31/* 32 * Copyright (C) 1986, Sun Microsystems, Inc. 33 */ 34 35/* 36 * Administrative tool to add a new user to the publickey database 37 */ 38 39#include <sys/types.h> 40#include <sys/time.h> 41#include <sys/resource.h> 42 43#include <rpc/rpc.h> 44#include <rpc/key_prot.h> 45 46#ifdef YP 47#include <sys/wait.h> 48#include <rpcsvc/yp_prot.h> 49#include <rpcsvc/ypclnt.h> 50#include <netdb.h> 51#endif /* YP */ 52 53#include <err.h> 54#include <pwd.h> 55#include <stdio.h> 56#include <stdlib.h> 57#include <string.h> 58#include <unistd.h> 59 60#include "extern.h" 61 62#ifdef YP 63#define MAXMAPNAMELEN 256 64#else 65#define YPOP_CHANGE 1 /* change, do not add */ 66#define YPOP_INSERT 2 /* add, do not change */ 67#define YPOP_DELETE 3 /* delete this entry */ 68#define YPOP_STORE 4 /* add, or change */ 69#define ERR_ACCESS 1 70#define ERR_MALLOC 2 71#define ERR_READ 3 72#define ERR_WRITE 4 73#define ERR_DBASE 5 74#define ERR_KEY 6 75#endif 76 77#ifdef YP 78static char YPDBPATH[]="/var/yp"; 79static char PKMAP[] = "publickey.byname"; 80#else 81static char PKFILE[] = "/etc/publickey"; 82static const char *err_string(int); 83#endif /* YP */ 84 85static void usage(void) __dead2; 86 87int 88main(int argc, char *argv[]) 89{ 90 char name[MAXNETNAMELEN + 1]; 91 char public[HEXKEYBYTES + 1]; 92 char secret[HEXKEYBYTES + 1]; 93 char crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE + 1]; 94 char crypt2[HEXKEYBYTES + KEYCHECKSUMSIZE + 1]; 95 int status; 96 char *pass; 97 struct passwd *pw; 98#ifdef undef 99 struct hostent *h; 100#endif 101 102 if (argc != 3 || !(strcmp(argv[1], "-u") == 0 || 103 strcmp(argv[1], "-h") == 0)) { 104 usage(); 105 } 106 if (geteuid() != 0) 107 errx(1, "must be superuser"); 108 109#ifdef YP 110 if (chdir(YPDBPATH) < 0) 111 warn("cannot chdir to %s", YPDBPATH); 112#endif /* YP */ 113 if (strcmp(argv[1], "-u") == 0) { 114 pw = getpwnam(argv[2]); 115 if (pw == NULL) 116 errx(1, "unknown user: %s", argv[2]); 117 (void)user2netname(name, (int)pw->pw_uid, (char *)NULL); 118 } else { 119#ifdef undef 120 h = gethostbyname(argv[2]); 121 if (h == NULL) 122 errx(1, "unknown host: %s", argv[1]); 123 (void)host2netname(name, h->h_name, (char *)NULL); 124#else 125 (void)host2netname(name, argv[2], (char *)NULL); 126#endif 127 } 128 129 (void)printf("Adding new key for %s.\n", name); 130 pass = getpass("New password:"); 131 genkeys(public, secret, pass); 132 133 memcpy(crypt1, secret, HEXKEYBYTES); 134 memcpy(crypt1 + HEXKEYBYTES, secret, KEYCHECKSUMSIZE); 135 crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE] = 0; 136 xencrypt(crypt1, pass); 137 138 memcpy(crypt2, crypt1, HEXKEYBYTES + KEYCHECKSUMSIZE + 1); 139 xdecrypt(crypt2, getpass("Retype password:")); 140 if (memcmp(crypt2, crypt2 + HEXKEYBYTES, KEYCHECKSUMSIZE) != 0 || 141 memcmp(crypt2, secret, HEXKEYBYTES) != 0) 142 errx(1, "password incorrect"); 143 144#ifdef YP 145 (void)printf("Please wait for the database to get updated...\n"); 146#endif 147 if ((status = setpublicmap(name, public, crypt1))) { 148#ifdef YP 149 errx(1, "unable to update NIS database (%u): %s", 150 status, yperr_string(status)); 151#else 152 errx(1, "unable to update publickey database (%u): %s", 153 status, err_string(status)); 154#endif 155 } 156 (void)printf("Your new key has been successfully stored away.\n"); 157 exit(0); 158 /* NOTREACHED */ 159} 160 161static void 162usage(void) 163{ 164 (void)fprintf(stderr, "%s\n%s\n", 165 "usage: newkey -h hostname", 166 " newkey -u username"); 167 exit(1); 168} 169 170/* 171 * Set the entry in the public key file 172 */ 173int 174setpublicmap(char *name, char *public, char *secret) 175{ 176 char pkent[1024]; 177 178 (void)sprintf(pkent, "%s:%s", public, secret); 179#ifdef YP 180 return (mapupdate(name, PKMAP, YPOP_STORE, 181 strlen(name), name, strlen(pkent), pkent)); 182#else 183 return (localupdate(name, PKFILE, YPOP_STORE, 184 strlen(name), name, strlen(pkent), pkent)); 185#endif 186 } 187 188#ifndef YP 189 /* 190 * This returns a pointer to an error message string appropriate 191 * to an input error code. An input value of zero will return 192 * a success message. 193 */ 194static const char * 195err_string(int code) 196{ 197 const char *pmesg; 198 199 switch (code) { 200 case 0: 201 pmesg = "update operation succeeded"; 202 break; 203 case ERR_KEY: 204 pmesg = "no such key in file"; 205 break; 206 case ERR_READ: 207 pmesg = "cannot read the database"; 208 break; 209 case ERR_WRITE: 210 pmesg = "cannot write to the database"; 211 break; 212 case ERR_DBASE: 213 pmesg = "cannot update database"; 214 break; 215 case ERR_ACCESS: 216 pmesg = "permission denied"; 217 break; 218 case ERR_MALLOC: 219 pmesg = "malloc failed"; 220 break; 221 default: 222 pmesg = "unknown error"; 223 break; 224 } 225 return (pmesg); 226} 227#endif 228