usr.bin/newkey/newkey.c

   1 /*
   2  * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
   3  * unrestricted use provided that this legend is included on all tape
   4  * media and as a part of the software program in whole or part.  Users
   5  * may copy or modify Sun RPC without charge, but are not authorized
   6  * to license or distribute it to anyone else except as part of a product or
   7  * program developed by the user or with the express written consent of
   8  * Sun Microsystems, Inc.
   9  *
  10  * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
  11  * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
  12  * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
  13  *
  14  * Sun RPC is provided with no support and without any obligation on the
  15  * part of Sun Microsystems, Inc. to assist in its use, correction,
  16  * modification or enhancement.
  17  *
  18  * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
  19  * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
  20  * OR ANY PART THEREOF.
  21  *
  22  * In no event will Sun Microsystems, Inc. be liable for any lost revenue
  23  * or profits or other special, indirect and consequential damages, even if
  24  * Sun has been advised of the possibility of such damages.
  25  *
  26  * Sun Microsystems, Inc.
  27  * 2550 Garcia Avenue
  28  * Mountain View, California  94043
  29  *
  30  * @(#)newkey.c 1.8 91/03/11 Copyr 1986 Sun Micro
  31  * $FreeBSD: src/usr.bin/newkey/newkey.c,v 1.3 1999/08/28 01:04:34 peter Exp $
  32  * $DragonFly: src/usr.bin/newkey/newkey.c,v 1.4 2005/01/11 00:29:12 joerg Exp $
  33  */
  34
  35 /*
  36  * Copyright (C) 1986, Sun Microsystems, Inc.
  37  */
  38
  39 /*
  40  * Administrative tool to add a new user to the publickey database
  41  */
  42 #include <sys/types.h>
  43 #include <sys/time.h>
  44 #include <sys/resource.h>
  45 #include <err.h>
  46 #include <pwd.h>
  47 #include <unistd.h>
  48 #include <stdio.h>
  49 #include <stdlib.h>
  50 #include <string.h>
  51
  52 #include <rpc/rpc.h>
  53 #include <rpc/key_prot.h>
  54 #ifdef YP
  55 #include <rpcsvc/yp_prot.h>
  56 #include <rpcsvc/ypclnt.h>
  57 #include <sys/wait.h>
  58 #include <netdb.h>
  59 #endif  /* YP */
  60
  61 #include "externs.h"
  62
  63 #ifdef YP
  64 #define MAXMAPNAMELEN 256
  65 #else
  66 #define YPOP_CHANGE 1                   /* change, do not add */
  67 #define YPOP_INSERT 2                   /* add, do not change */
  68 #define YPOP_DELETE 3                   /* delete this entry */
  69 #define YPOP_STORE  4                   /* add, or change */
  70 #define ERR_ACCESS      1
  71 #define ERR_MALLOC      2
  72 #define ERR_READ        3
  73 #define ERR_WRITE       4
  74 #define ERR_DBASE       5
  75 #define ERR_KEY         6
  76 #endif
  77
  78 #ifdef YP
  79 static char YPDBPATH[]="/var/yp";
  80 static char PKMAP[] = "publickey.byname";
  81 #else
  82 static char PKFILE[] = "/etc/publickey";
  83 static const char       *err_string(int);
  84 #endif  /* YP */
  85
  86 static int      setpublicmap(char *, char *, char *);
  87 static void     usage(void);
  88
  89 int
  90 main(int argc, char **argv)
  91 {
  92         char name[MAXNETNAMELEN + 1];
  93         char public[HEXKEYBYTES + 1];
  94         char secret[HEXKEYBYTES + 1];
  95         char crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE + 1];
  96         char crypt2[HEXKEYBYTES + KEYCHECKSUMSIZE + 1];
  97         int status;
  98         char *pass;
  99         struct passwd *pw;
 100 #ifdef undef
 101         struct hostent *h;
 102 #endif
 103
 104         if (argc != 3 || !(strcmp(argv[1], "-u") == 0 ||
 105                 strcmp(argv[1], "-h") == 0)) {
 106                 usage();
 107         }
 108         if (geteuid() != 0)
 109                 errx(1, "must be superuser");
 110
 111 #ifdef YP
 112         if (chdir(YPDBPATH) < 0)
 113                 warn("cannot chdir to %s", YPDBPATH);
 114 #endif  /* YP */
 115         if (strcmp(argv[1], "-u") == 0) {
 116                 pw = getpwnam(argv[2]);
 117                 if (pw == NULL)
 118                         errx(1, "unknown user: %s", argv[2]);
 119                 (void)user2netname(name, (int)pw->pw_uid, (char *)NULL);
 120         } else {
 121 #ifdef undef
 122                 h = gethostbyname(argv[2]);
 123                 if (h == NULL)
 124                         errx(1, "unknown host: %s", argv[1]);
 125                 (void)host2netname(name, h->h_name, (char *)NULL);
 126 #else
 127                 (void)host2netname(name, argv[2], (char *)NULL);
 128 #endif
 129         }
 130
 131         (void)printf("Adding new key for %s.\n", name);
 132         pass = getpass("New password:");
 133         genkeys(public, secret, pass);
 134
 135         memcpy(crypt1, secret, HEXKEYBYTES);
 136         memcpy(crypt1 + HEXKEYBYTES, secret, KEYCHECKSUMSIZE);
 137         crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE] = 0;
 138         xencrypt(crypt1, pass);
 139
 140         memcpy(crypt2, crypt1, HEXKEYBYTES + KEYCHECKSUMSIZE + 1);
 141         xdecrypt(crypt2, getpass("Retype password:"));
 142         if (memcmp(crypt2, crypt2 + HEXKEYBYTES, KEYCHECKSUMSIZE) != 0 ||
 143                 memcmp(crypt2, secret, HEXKEYBYTES) != 0)
 144                 errx(1, "password incorrect");
 145
 146 #ifdef YP
 147         (void)printf("Please wait for the database to get updated...\n");
 148 #endif
 149         if ((status = setpublicmap(name, public, crypt1))) {
 150 #ifdef YP
 151                 errx(1, "unable to update NIS database (%u): %s",
 152                         status, yperr_string(status));
 153 #else
 154                 errx(1, "unable to update publickey database (%u): %s",
 155                         status, err_string(status));
 156 #endif
 157         }
 158         (void)printf("Your new key has been successfully stored away.\n");
 159         exit(0);
 160         /* NOTREACHED */
 161 }
 162
 163 static void
 164 usage(void)
 165 {
 166         (void)fprintf(stderr, "%s\n%s\n",
 167                 "usage: newkey [-u username]",
 168                 "       newkey [-h hostname]");
 169         exit(1);
 170 }
 171
 172 /*
 173  * Set the entry in the public key file
 174  */
 175 static int
 176 setpublicmap(char *name, char *public, char *secret)
 177 {
 178         char pkent[1024];
 179
 180         (void)sprintf(pkent, "%s:%s", public, secret);
 181 #ifdef YP
 182         return (mapupdate(name, PKMAP, YPOP_STORE,
 183                 strlen(name), name, strlen(pkent), pkent));
 184 #else
 185         return (localupdate(name, PKFILE, YPOP_STORE, name, pkent));
 186 #endif
 187         }
 188
 189 #ifndef YP
 190         /*
 191          * This returns a pointer to an error message string appropriate
 192          * to an input error code.  An input value of zero will return
 193          * a success message.
 194          */
 195 static const char *
 196 err_string(int code)
 197 {
 198         const char *pmesg;
 199
 200         switch (code) {
 201         case 0:
 202                 pmesg = "update operation succeeded";
 203                 break;
 204         case ERR_KEY:
 205                 pmesg = "no such key in file";
 206                 break;
 207         case ERR_READ:
 208                 pmesg = "cannot read the database";
 209                 break;
 210         case ERR_WRITE:
 211                 pmesg = "cannot write to the database";
 212                 break;
 213         case ERR_DBASE:
 214                 pmesg = "cannot update database";
 215                 break;
 216         case ERR_ACCESS:
 217                 pmesg = "permission denied";
 218                 break;
 219         case ERR_MALLOC:
 220                 pmesg = "malloc failed";
 221                 break;
 222         default:
 223                 pmesg = "unknown error";
 224                 break;
 225         }
 226         return (pmesg);
 227 }
 228 #endif