diff options
Diffstat (limited to 'third_party/heimdal/kpasswd/kpasswd-generator.c')
-rw-r--r-- | third_party/heimdal/kpasswd/kpasswd-generator.c | 216 |
1 files changed, 216 insertions, 0 deletions
diff --git a/third_party/heimdal/kpasswd/kpasswd-generator.c b/third_party/heimdal/kpasswd/kpasswd-generator.c new file mode 100644 index 0000000..4fb4945 --- /dev/null +++ b/third_party/heimdal/kpasswd/kpasswd-generator.c @@ -0,0 +1,216 @@ +/* + * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kpasswd_locl.h" + +RCSID("$Id$"); + +static unsigned +read_words(const char *filename, char ***ret_w) +{ + unsigned n, alloc; + FILE *f; + char buf[256]; + char **w = NULL; + + f = fopen(filename, "r"); + if (f == NULL) + err(1, "cannot open %s", filename); + alloc = n = 0; + while (fgets(buf, sizeof(buf), f) != NULL) { + buf[strcspn(buf, "\r\n")] = '\0'; + if (n >= alloc) { + alloc += 16; + w = erealloc(w, alloc * sizeof(char *)); + } + w[n++] = estrdup(buf); + } + *ret_w = w; + if (n == 0) + errx(1, "%s is an empty file, no words to try", filename); + fclose(f); + return n; +} + +static int +nop_prompter(krb5_context context, + void *data, + const char *name, + const char *banner, + int num_prompts, + krb5_prompt prompts[]) +{ + return 0; +} + +static void +generate_requests(const char *filename, unsigned nreq) +{ + krb5_context context; + krb5_error_code ret; + int i; + char **words; + unsigned nwords, k; + + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + nwords = read_words(filename, &words); + + for (i = 0; i < nreq; ++i) { + char *name = words[rand() % nwords]; + krb5_get_init_creds_opt *opt; + krb5_creds cred; + krb5_principal principal; + int result_code; + krb5_data result_code_string, result_string; + char *old_pwd, *new_pwd; + int aret; + + krb5_get_init_creds_opt_alloc(context, &opt); + krb5_get_init_creds_opt_set_tkt_life (opt, 300); + krb5_get_init_creds_opt_set_forwardable (opt, FALSE); + krb5_get_init_creds_opt_set_proxiable (opt, FALSE); + + ret = krb5_parse_name(context, name, &principal); + if (ret) + krb5_err(context, 1, ret, "krb5_parse_name %s", name); + + aret = asprintf(&old_pwd, "%s", name); + if (aret == -1) + krb5_errx(context, 1, "out of memory"); + aret = asprintf(&new_pwd, "%s2", name); + if (aret == -1) + krb5_errx(context, 1, "out of memory"); + + ret = krb5_get_init_creds_password(context, + &cred, + principal, + old_pwd, + nop_prompter, + NULL, + 0, + "kadmin/changepw", + opt); + if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY + || ret == KRB5KRB_AP_ERR_MODIFIED) { + char *tmp; + + tmp = new_pwd; + new_pwd = old_pwd; + old_pwd = tmp; + + ret = krb5_get_init_creds_password(context, + &cred, + principal, + old_pwd, + nop_prompter, + NULL, + 0, + "kadmin/changepw", + opt); + } + if (ret) + krb5_err(context, 1, ret, "krb5_get_init_creds_password"); + + krb5_free_principal(context, principal); + + + ret = krb5_set_password(context, + &cred, + new_pwd, + NULL, + &result_code, + &result_code_string, + &result_string); + if (ret) + krb5_err(context, 1, ret, "krb5_change_password"); + + free(old_pwd); + free(new_pwd); + krb5_free_cred_contents(context, &cred); + krb5_get_init_creds_opt_free(context, opt); + } + + for (k = 0; k < nwords; k++) + free(words[k]); + free(words); +} + +static int version_flag = 0; +static int help_flag = 0; + +static struct getargs args[] = { + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } +}; + +static void +usage(int ret) +{ + arg_printusage(args, + sizeof(args)/sizeof(*args), + NULL, + "file [number]"); + exit (ret); +} + +int +main(int argc, char **argv) +{ + int optidx = 0; + int nreq; + char *end; + + setprogname(argv[0]); + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) + usage(1); + if (help_flag) + usage (0); + if (version_flag) { + print_version(NULL); + return 0; + } + argc -= optidx; + argv += optidx; + + if (argc != 2) + usage (1); + srand (0); + nreq = strtol(argv[1], &end, 0); + if (argv[1] == end || *end != '\0') + usage (1); + generate_requests(argv[0], nreq); + return 0; +} |