122347Spst/* passwd.c: The opiepasswd() library function.
222347Spst
329964Sache%%% copyright-cmetz-96
492906SmarkmThis software is Copyright 1996-2001 by Craig Metz, All Rights Reserved.
592906SmarkmThe Inner Net License Version 3 applies to this software.
622347SpstYou should have received a copy of the license with this software. If
722347Spstyou didn't get a copy, you may request one from <license@inner.net>.
822347Spst
922347Spst	History:
1022347Spst
1159118Skris	Modified by cmetz for OPIE 2.32. Renamed mode to flags. Made flag
1259118Skris		values symbolic constants. Added a flag for insecure override
1359118Skris		support.
1429964Sache	Modified by cmetz for OPIE 2.31. Removed active attack protection
1529964Sache		support.
1622347Spst	Modified by cmetz for OPIE 2.3. Split most of the function off
1729964Sache		and turned this into a front-end for the new __opiewriterec().
1829964Sache		Added code to compute the key from the secret. Use the opie_
1929964Sache		prefix. Use new opieatob8() and opiebtoa8() return values.
2022347Spst	Created by cmetz for OPIE 2.22.
2122347Spst*/
2222347Spst
2322347Spst#include "opie_cfg.h"
2422347Spst#include "opie.h"
2522347Spst
2659118Skrisint opiepasswd FUNCTION((old, flags, principal, n, seed, ks), struct opie *old AND int flags AND char *principal AND int n AND char *seed AND char *ks)
2722347Spst{
2822347Spst  int i;
2922347Spst  struct opie opie;
3022347Spst
3159118Skris  if ((flags & OPIEPASSWD_CONSOLE) && opieinsecure())
3259118Skris#if INSECURE_OVERRIDE
3359118Skris    if (!(flags & OPIEPASSWD_FORCE))
3459118Skris#endif /* INSECURE_OVERRIDE */
3522347Spst    return -1;
3622347Spst
3722347Spst  memset(&opie, 0, sizeof(struct opie));
3822347Spst
3922347Spst  if (old) {
4022347Spst    opie.opie_flags = old->opie_flags;
4122347Spst    opie.opie_recstart = old->opie_recstart;
4222347Spst  }
4322347Spst
4422347Spst  opie.opie_principal = principal;
4522347Spst  opie.opie_n = n;
4622347Spst  opie.opie_seed = seed;
4722347Spst
4822347Spst  if (ks) {
4992906Smarkm    struct opie_otpkey key;
5022347Spst
5159118Skris    if (flags & OPIEPASSWD_CONSOLE) {
5292906Smarkm      if (opiekeycrunch(MDX, &key, seed, ks))
5322347Spst	return -1;
5422347Spst      for (i = n; i; i--)
5592906Smarkm	opiehash(&key, MDX);
5692906Smarkm      if (!(opie.opie_val = opiebtoa8(opie.opie_buf, &key)))
5722347Spst	return -1;
5822347Spst    } else {
5992906Smarkm      if ((opieetob(&key, ks) != 1) && !opieatob8(&key, ks))
6022347Spst	  return 1;
6192906Smarkm      if (!(opie.opie_val = opiebtoa8(opie.opie_buf, &key)))
6222347Spst	return 1;
6322347Spst    }
6422347Spst  }
6522347Spst
6622347Spst  if (opielock(principal))
6722347Spst    return -1;
6822347Spst
6922347Spst  i = __opiewriterec(&opie);
7022347Spst
7122347Spst  if (opieunlock())
7222347Spst    return -1;
7322347Spst
7422347Spst  return i;
7522347Spst}
76