usr.bin/newkey/newkey.c

   1 /*
   2  * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
   3  * unrestricted use provided that this legend is included on all tape
   4  * media and as a part of the software program in whole or part.  Users
   5  * may copy or modify Sun RPC without charge, but are not authorized
   6  * to license or distribute it to anyone else except as part of a product or
   7  * program developed by the user or with the express written consent of
   8  * Sun Microsystems, Inc.
   9  *
  10  * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
  11  * WARRANTIES OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  12  * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
  13  *
  14  * Sun RPC is provided with no support and without any obligation on the
  15  * part of Sun Microsystems, Inc. to assist in its use, correction,
  16  * modification or enhancement.
  17  *
  18  * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
  19  * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
  20  * OR ANY PART THEREOF.
  21  *
  22  * In no event will Sun Microsystems, Inc. be liable for any lost revenue
  23  * or profits or other special, indirect and consequential damages, even if
  24  * Sun has been advised of the possibility of such damages.
  25  *
  26  * Sun Microsystems, Inc.
  27  * 2550 Garcia Avenue
  28  * Mountain View, California  94043
  29  *
  30  * @(#)newkey.c 1.8 91/03/11 Copyr 1986 Sun Micro
  31  * $FreeBSD: src/usr.bin/newkey/newkey.c,v 1.3 1999/08/28 01:04:34 peter Exp $
  32  */
  33
  34 /*
  35  * Copyright (C) 1986, Sun Microsystems, Inc.
  36  */
  37
  38 /*
  39  * Administrative tool to add a new user to the publickey database
  40  */
  41 #include <sys/types.h>
  42 #include <sys/time.h>
  43 #include <sys/resource.h>
  44 #include <err.h>
  45 #include <pwd.h>
  46 #include <unistd.h>
  47 #include <stdio.h>
  48 #include <stdlib.h>
  49 #include <string.h>
  50
  51 #include <rpc/rpc.h>
  52 #include <rpc/key_prot.h>
  53 #ifdef YP
  54 #include <rpcsvc/yp_prot.h>
  55 #include <rpcsvc/ypclnt.h>
  56 #include <sys/wait.h>
  57 #include <netdb.h>
  58 #endif  /* YP */
  59
  60 #include "externs.h"
  61
  62 #ifdef YP
  63 #define MAXMAPNAMELEN 256
  64 #else
  65 #define YPOP_CHANGE 1                   /* change, do not add */
  66 #define YPOP_INSERT 2                   /* add, do not change */
  67 #define YPOP_DELETE 3                   /* delete this entry */
  68 #define YPOP_STORE  4                   /* add, or change */
  69 #define ERR_ACCESS      1
  70 #define ERR_MALLOC      2
  71 #define ERR_READ        3
  72 #define ERR_WRITE       4
  73 #define ERR_DBASE       5
  74 #define ERR_KEY         6
  75 #endif
  76
  77 #ifdef YP
  78 static char YPDBPATH[]="/var/yp";
  79 static char PKMAP[] = "publickey.byname";
  80 #else
  81 static char PKFILE[] = "/etc/publickey";
  82 static const char       *err_string(int);
  83 #endif  /* YP */
  84
  85 static int      setpublicmap(char *, char *, char *);
  86 static void     usage(void);
  87
  88 int
  89 main(int argc, char **argv)
  90 {
  91         char name[MAXNETNAMELEN + 1];
  92         char public[HEXKEYBYTES + 1];
  93         char secret[HEXKEYBYTES + 1];
  94         char crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE + 1];
  95         char crypt2[HEXKEYBYTES + KEYCHECKSUMSIZE + 1];
  96         int status;
  97         char *pass;
  98         struct passwd *pw;
  99 #ifdef undef
 100         struct hostent *h;
 101 #endif
 102
 103         if (argc != 3 || !(strcmp(argv[1], "-u") == 0 ||
 104                 strcmp(argv[1], "-h") == 0)) {
 105                 usage();
 106         }
 107         if (geteuid() != 0)
 108                 errx(1, "must be superuser");
 109
 110 #ifdef YP
 111         if (chdir(YPDBPATH) < 0)
 112                 warn("cannot chdir to %s", YPDBPATH);
 113 #endif  /* YP */
 114         if (strcmp(argv[1], "-u") == 0) {
 115                 pw = getpwnam(argv[2]);
 116                 if (pw == NULL)
 117                         errx(1, "unknown user: %s", argv[2]);
 118                 (void)user2netname(name, (int)pw->pw_uid, NULL);
 119         } else {
 120 #ifdef undef
 121                 h = gethostbyname(argv[2]);
 122                 if (h == NULL)
 123                         errx(1, "unknown host: %s", argv[1]);
 124                 (void)host2netname(name, h->h_name, NULL);
 125 #else
 126                 (void)host2netname(name, argv[2], NULL);
 127 #endif
 128         }
 129
 130         (void)printf("Adding new key for %s.\n", name);
 131         pass = getpass("New password:");
 132         genkeys(public, secret, pass);
 133
 134         memcpy(crypt1, secret, HEXKEYBYTES);
 135         memcpy(crypt1 + HEXKEYBYTES, secret, KEYCHECKSUMSIZE);
 136         crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE] = 0;
 137         xencrypt(crypt1, pass);
 138
 139         memcpy(crypt2, crypt1, HEXKEYBYTES + KEYCHECKSUMSIZE + 1);
 140         xdecrypt(crypt2, getpass("Retype password:"));
 141         if (memcmp(crypt2, crypt2 + HEXKEYBYTES, KEYCHECKSUMSIZE) != 0 ||
 142                 memcmp(crypt2, secret, HEXKEYBYTES) != 0)
 143                 errx(1, "password incorrect");
 144
 145 #ifdef YP
 146         (void)printf("Please wait for the database to get updated...\n");
 147 #endif
 148         if ((status = setpublicmap(name, public, crypt1))) {
 149 #ifdef YP
 150                 errx(1, "unable to update NIS database (%u): %s",
 151                         status, yperr_string(status));
 152 #else
 153                 errx(1, "unable to update publickey database (%u): %s",
 154                         status, err_string(status));
 155 #endif
 156         }
 157         (void)printf("Your new key has been successfully stored away.\n");
 158         exit(0);
 159         /* NOTREACHED */
 160 }
 161
 162 static void
 163 usage(void)
 164 {
 165         (void)fprintf(stderr, "%s\n%s\n",
 166                 "usage: newkey [-u username]",
 167                 "       newkey [-h hostname]");
 168         exit(1);
 169 }
 170
 171 /*
 172  * Set the entry in the public key file
 173  */
 174 static int
 175 setpublicmap(char *name, char *public, char *secret)
 176 {
 177         char pkent[1024];
 178
 179         (void)sprintf(pkent, "%s:%s", public, secret);
 180 #ifdef YP
 181         return (mapupdate(name, PKMAP, YPOP_STORE,
 182                 strlen(name), name, strlen(pkent), pkent));
 183 #else
 184         return (localupdate(name, PKFILE, YPOP_STORE, name, pkent));
 185 #endif
 186         }
 187
 188 #ifndef YP
 189         /*
 190          * This returns a pointer to an error message string appropriate
 191          * to an input error code.  An input value of zero will return
 192          * a success message.
 193          */
 194 static const char *
 195 err_string(int code)
 196 {
 197         const char *pmesg;
 198
 199         switch (code) {
 200         case 0:
 201                 pmesg = "update operation succeeded";
 202                 break;
 203         case ERR_KEY:
 204                 pmesg = "no such key in file";
 205                 break;
 206         case ERR_READ:
 207                 pmesg = "cannot read the database";
 208                 break;
 209         case ERR_WRITE:
 210                 pmesg = "cannot write to the database";
 211                 break;
 212         case ERR_DBASE:
 213                 pmesg = "cannot update database";
 214                 break;
 215         case ERR_ACCESS:
 216                 pmesg = "permission denied";
 217                 break;
 218         case ERR_MALLOC:
 219                 pmesg = "malloc failed";
 220                 break;
 221         default:
 222                 pmesg = "unknown error";
 223                 break;
 224         }
 225         return (pmesg);
 226 }
 227 #endif