1/* 2 * Copyright (c) 2000 - 2004 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#include "kpasswd_locl.h" 35 36RCSID("$Id: kpasswd-generator.c 19233 2006-12-06 08:04:05Z lha $"); 37 38static unsigned 39read_words (const char *filename, char ***ret_w) 40{ 41 unsigned n, alloc; 42 FILE *f; 43 char buf[256]; 44 char **w = NULL; 45 46 f = fopen (filename, "r"); 47 if (f == NULL) 48 err (1, "cannot open %s", filename); 49 alloc = n = 0; 50 while (fgets (buf, sizeof(buf), f) != NULL) { 51 buf[strcspn(buf, "\r\n")] = '\0'; 52 if (n >= alloc) { 53 alloc += 16; 54 w = erealloc (w, alloc * sizeof(char **)); 55 } 56 w[n++] = estrdup (buf); 57 } 58 *ret_w = w; 59 if (n == 0) 60 errx(1, "%s is an empty file, no words to try", filename); 61 return n; 62} 63 64static int 65nop_prompter (krb5_context context, 66 void *data, 67 const char *name, 68 const char *banner, 69 int num_prompts, 70 krb5_prompt prompts[]) 71{ 72 return 0; 73} 74 75static void 76generate_requests (const char *filename, unsigned nreq) 77{ 78 krb5_context context; 79 krb5_error_code ret; 80 int i; 81 char **words; 82 unsigned nwords; 83 84 ret = krb5_init_context (&context); 85 if (ret) 86 errx (1, "krb5_init_context failed: %d", ret); 87 88 nwords = read_words (filename, &words); 89 90 for (i = 0; i < nreq; ++i) { 91 char *name = words[rand() % nwords]; 92 krb5_get_init_creds_opt *opt; 93 krb5_creds cred; 94 krb5_principal principal; 95 int result_code; 96 krb5_data result_code_string, result_string; 97 char *old_pwd, *new_pwd; 98 99 krb5_get_init_creds_opt_alloc (context, &opt); 100 krb5_get_init_creds_opt_set_tkt_life (opt, 300); 101 krb5_get_init_creds_opt_set_forwardable (opt, FALSE); 102 krb5_get_init_creds_opt_set_proxiable (opt, FALSE); 103 104 ret = krb5_parse_name (context, name, &principal); 105 if (ret) 106 krb5_err (context, 1, ret, "krb5_parse_name %s", name); 107 108 asprintf (&old_pwd, "%s", name); 109 asprintf (&new_pwd, "%s2", name); 110 111 ret = krb5_get_init_creds_password (context, 112 &cred, 113 principal, 114 old_pwd, 115 nop_prompter, 116 NULL, 117 0, 118 "kadmin/changepw", 119 opt); 120 if( ret == KRB5KRB_AP_ERR_BAD_INTEGRITY 121 || ret == KRB5KRB_AP_ERR_MODIFIED) { 122 char *tmp; 123 124 tmp = new_pwd; 125 new_pwd = old_pwd; 126 old_pwd = tmp; 127 128 ret = krb5_get_init_creds_password (context, 129 &cred, 130 principal, 131 old_pwd, 132 nop_prompter, 133 NULL, 134 0, 135 "kadmin/changepw", 136 opt); 137 } 138 if (ret) 139 krb5_err (context, 1, ret, "krb5_get_init_creds_password"); 140 141 krb5_free_principal (context, principal); 142 143 ret = krb5_change_password (context, &cred, new_pwd, 144 &result_code, 145 &result_code_string, 146 &result_string); 147 if (ret) 148 krb5_err (context, 1, ret, "krb5_change_password"); 149 150 free (old_pwd); 151 free (new_pwd); 152 krb5_free_cred_contents (context, &cred); 153 krb5_get_init_creds_opt_free(context, opt); 154 } 155} 156 157static int version_flag = 0; 158static int help_flag = 0; 159 160static struct getargs args[] = { 161 { "version", 0, arg_flag, &version_flag }, 162 { "help", 0, arg_flag, &help_flag } 163}; 164 165static void 166usage (int ret) 167{ 168 arg_printusage (args, 169 sizeof(args)/sizeof(*args), 170 NULL, 171 "file [number]"); 172 exit (ret); 173} 174 175int 176main(int argc, char **argv) 177{ 178 int optind = 0; 179 int nreq; 180 char *end; 181 182 setprogname(argv[0]); 183 if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) 184 usage(1); 185 if (help_flag) 186 usage (0); 187 if (version_flag) { 188 print_version(NULL); 189 return 0; 190 } 191 argc -= optind; 192 argv += optind; 193 194 if (argc != 2) 195 usage (1); 196 srand (0); 197 nreq = strtol (argv[1], &end, 0); 198 if (argv[1] == end || *end != '\0') 199 usage (1); 200 generate_requests (argv[0], nreq); 201 return 0; 202} 203