--- /dev/null
+/* kpasswd.c --- verify kerberos passwords.
+ * written by Nat Lanza (magus@cs.cmu.edu) for
+ * xscreensaver, Copyright (c) 1993-1997, 1998 Jamie Zawinski <jwz@jwz.org>
+ *
+ * Permission to use, copy, modify, distribute, and sell this software and its
+ * documentation for any purpose is hereby granted without fee, provided that
+ * the above copyright notice appear in all copies and that both that
+ * copyright notice and this permission notice appear in supporting
+ * documentation. No representations are made about the suitability of this
+ * software for any purpose. It is provided "as is" without express or
+ * implied warranty.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#ifndef NO_LOCKING /* whole file */
+
+#include <stdlib.h>
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <krb.h>
+#include <des.h>
+
+#if !defined(VMS) && !defined(HAVE_ADJUNCT_PASSWD)
+# include <pwd.h>
+#endif
+
+
+#ifdef __bsdi__
+# include <sys/param.h>
+# if _BSDI_VERSION >= 199608
+# define BSD_AUTH
+# endif
+#endif /* __bsdi__ */
+
+/* blargh */
+#undef Bool
+#undef True
+#undef False
+#define Bool int
+#define True 1
+#define False 0
+
+/* The user information we need to store */
+static char realm[REALM_SZ];
+static char name[ANAME_SZ];
+static char inst[INST_SZ];
+static char *tk_file;
+
+
+/* Called at startup to grab user, instance, and realm information
+ from the user's ticketfile (remember, name.inst@realm). Since we're
+ using tf_get_pname(), this should work even if your kerberos username
+ isn't the same as your local username. We grab the ticket at startup
+ time so that even if your ticketfile dies while the screen's locked
+ we'll still have the information to unlock it.
+
+ Problems: the password dialog currently displays local username, so if
+ you have some non-standard name/instance when you run xscreensaver,
+ you'll need to remember what it was when unlocking, or else you lose.
+
+ Also, we use des_string_to_key(), so if you have an AFS password
+ (encrypted with ka_StringToKey()), you'll lose. Get a kerberos password;
+ it isn't that hard.
+
+ Like the original lock_init, we return false if something went wrong.
+ We don't use the arguments we're given, though.
+ */
+Bool
+kerberos_lock_init (int argc, char **argv, Bool verbose_p)
+{
+ int k_errno;
+
+ memset(name, 0, sizeof(name));
+ memset(inst, 0, sizeof(inst));
+
+ /* find out where the user's keeping his tickets.
+ squirrel it away for later use. */
+ tk_file = tkt_string();
+
+ /* open ticket file or die trying. */
+ if ((k_errno = tf_init(tk_file, R_TKT_FIL))) {
+ return False;
+ }
+
+ /* same with principal and instance names */
+ if ((k_errno = tf_get_pname(name)) ||
+ (k_errno = tf_get_pinst(inst))) {
+ return False;
+ }
+
+ /* close the ticketfile to release the lock on it. */
+ tf_close();
+
+ /* figure out what realm we're authenticated to. this ought
+ to be the local realm, but it pays to be sure. */
+ if ((k_errno = krb_get_tf_realm(tk_file, realm))) {
+ return False;
+ }
+
+ /* last-minute sanity check on what we got. */
+ if ((strlen(name)+strlen(inst)+strlen(realm)+3) >
+ (REALM_SZ + ANAME_SZ + INST_SZ + 3)) {
+ return False;
+ }
+
+ /* success */
+ return True;
+}
+
+
+/* des_string_to_key() wants this. If C didn't suck, we could have an
+ anonymous function do this. Even a local one. But it does, so here
+ we are. Calling it ive_got_your_local_function_right_here_buddy()
+ would have been rude.
+ */
+static int
+key_to_key(char *user, char *instance, char *realm, char *passwd, C_Block key)
+{
+ memcpy(key, passwd, sizeof(des_cblock));
+ return (0);
+}
+
+/* Called to see if the user's typed password is valid. We do this by asking
+ the kerberos server for a ticket and checking to see if it gave us one.
+ We need to move the ticketfile first, or otherwise we end up updating the
+ user's tkfile with new tickets. This would break services like zephyr that
+ like to stay authenticated, and it would screw with AFS authentication at
+ some sites. So, we do a quick, painful hack with a tmpfile.
+ */
+Bool
+kerberos_passwd_valid_p (const char *typed_passwd, Bool verbose_p)
+{
+ C_Block mitkey;
+ Bool success;
+ char *newtkfile;
+
+ /* temporarily switch to a new ticketfile.
+ I'm not using tmpnam() because it isn't entirely portable.
+ this could probably be fixed with autoconf. */
+ newtkfile = malloc(80 * sizeof(char));
+ memset(newtkfile, 0, sizeof(newtkfile));
+
+ sprintf(newtkfile, "/tmp/xscrn-%i", getpid());
+
+ krb_set_tkt_string(newtkfile);
+
+ /* encrypt the typed password. if you have an AFS password instead
+ of a kerberos one, you lose *right here*. If you want to use AFS
+ passwords, you can use ka_StringToKey() instead. As always, ymmv. */
+ des_string_to_key(typed_passwd, mitkey);
+
+ if (krb_get_in_tkt(name, inst, realm, "krbtgt", realm, DEFAULT_TKT_LIFE,
+ key_to_key, NULL, mitkey) != 0) {
+ success = False;
+ } else {
+ success = True;
+ }
+
+ /* quickly block out the tempfile and password to prevent snooping,
+ then restore the old ticketfile and cleean up a bit. */
+
+ dest_tkt();
+ krb_set_tkt_string(tk_file);
+ free(newtkfile);
+ memset(mitkey, 0, sizeof(mitkey));
+
+
+ /* Did we verify successfully? */
+ return success;
+}
+
+#endif /* NO_LOCKING -- whole file */
projects / xscreensaver / blobdiff