chgpwd.c revision 2
2N/A * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. 2N/A * Copyright 1998 by the Massachusetts Institute of Technology. 2N/A * All Rights Reserved. 2N/A * Export of this software from the United States of America may 2N/A * require a specific license from the United States Government. 2N/A * It is the responsibility of any person or organization contemplating 2N/A * export to obtain such a license before exporting. 2N/A * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 2N/A * distribute this software and its documentation for any purpose and 2N/A * without fee is hereby granted, provided that the above copyright 2N/A * notice appear in all copies and that both that copyright notice and 2N/A * this permission notice appear in supporting documentation, and that 2N/A * the name of M.I.T. not be used in advertising or publicity pertaining 2N/A * to distribution of the software without specific, written prior 2N/A * permission. Furthermore if you modify this software you must label 2N/A * your software as modified software and not distribute it in such a 2N/A * fashion that it might be confused with the original M.I.T. software. 2N/A * M.I.T. makes no representations about the suitability of 2N/A * this software for any purpose. It is provided "as is" without express 2N/A * or implied warranty. 2N/A * chgpwd.c - Handles changepw requests issued from non-Solaris krb5 clients. 2N/A/* Solaris Kerberos */ 2N/A * either this, or the server is printing bad messages, 2N/A * or the caller passed in garbage 2N/A * Verify version number 2N/A "Request contained unknown protocol version number %d",
2N/A * Read, check ap-req length 2N/A "Failed initializing auth context: %s"),
2N/A "Failed setting auth " 2N/A "context flags: %s"),
2N/A "is missing from \"%s\""),
2N/A "keytab file \"%s\" does not exist"),
2N/A "Failed to parse Kerberos AP_REQ message: %s"),
2N/A * Set up address info 2N/A "Failed getting server internet address",
2N/A * Some brain-dead OS's don't return useful information from 2N/A * the getsockname call. Namely, windows and solaris. 2N/A "Malloc failed for local_kaddr",
2N/A "Failed getting client internet address",
2N/A * mk_priv requires that the local address be set. 2N/A * getsockname is used for this. rd_priv requires that the 2N/A * remote address be set. recvfrom is used for this. If 2N/A * rd_priv is given a local address, and the message has the 2N/A * recipient addr in it, this will be checked. However, there 2N/A * is simply no way to know ahead of time what address the 2N/A * message will be delivered *to*. Therefore, it is important 2N/A * that either no recipient address is in the messages when 2N/A * mk_priv is called, or that no local address is passed to 2N/A * rd_priv. Both is a better idea, and I have done that. In 2N/A * summary, when mk_priv is called, *only* a local address is 2N/A * specified. when rd_priv is called, *only* a remote address 2N/A * is specified. Are we having fun yet? 2N/A "Failed storing client internet address",
2N/A * Construct the ap-rep 2N/A "Failed replying to application request",
2N/A * Decrypt the new password 2N/A /* decode ChangePasswdData for setpw requests */ 2N/A /* for cpw, verify that this is an AS_REQ ticket */ 2N/A * Change the password 2N/A "Failed storing client and server internet addresses",
2N/A "Failed encrypting reply",
2N/A * If no KRB-PRIV was constructed, then we need a KRB-ERROR. 2N/A * If this fails, just bail. There's nothing else we can do. 2N/A * Clear out ap_rep now, so that it won't be inserted 2N/A * This is really icky. but it's what all the other callers 2N/A * Construct the reply 2N/A * Version == 0x0001 big-endian 2N/A * ap_rep length, big-endian 2N/A * krb-priv or krb-error 2N/A * This routine is used to handle password-change requests received 2N/A * on kpasswd-port 464 from MIT/M$ clients. 2N/A * The only caller is kadmind, which is the master and therefore has the 2N/A * correct keys in the KDB, rather than obtaining them via the 2N/A * kadm5.keytab, by default. 2N/A * This is really obscure. s1 is used for all communications. it 2N/A * is left unconnected in case the server is multihomed and routes 2N/A * are asymmetric. s2 is connected to resolve routes and get 2N/A * addresses. this is the *only* way to get proper addresses for 2N/A * multihomed hosts if routing is asymmetric. 2N/A * A related problem in the server, but not the client, is that 2N/A * many os's have no way to disconnect a connected udp socket, so 2N/A * the s2 socket needs to be closed and recreated for each 2N/A * request. The s1 socket must not be closed, or else queued 2N/A * requests will be lost. 2N/A * A "naive" client implementation (one socket, no connect, 2N/A * hostname resolution to get the local ip addr) will work and 2N/A * interoperate if the client is single-homed. 2N/A * Just return. This means something really bad happened