char * SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg) { #if(0) char prompt[255]; #endif secuPWData *pwdata = (secuPWData *)arg; secuPWData pwnull = { PW_NONE, 0 }; secuPWData pwxtrn = { PW_EXTERNAL, "external" }; char *pw; if (pwdata == NULL) pwdata = &pwnull; if (PK11_ProtectedAuthenticationPath(slot)) { pwdata = &pwxtrn; } if (retry && pwdata->source != PW_NONE) { PR_fprintf(PR_STDERR, "Incorrect password/PIN entered.\n"); return NULL; } switch (pwdata->source) { #if(0) case PW_NONE: sprintf(prompt, "Enter Password or Pin for \"%s\":", PK11_GetTokenName(slot)); return SECU_GetPasswordString(NULL, prompt); #endif case PW_FROMFILE: /* Instead of opening and closing the file every time, get the pw * once, then keep it in memory (duh). */ pw = SECU_FilePasswd(slot, retry, pwdata->data); pwdata->source = PW_PLAINTEXT; pwdata->data = PL_strdup(pw); /* it's already been dup'ed */ return pw; #if(0) case PW_EXTERNAL: sprintf(prompt, "Press Enter, then enter PIN for \"%s\" on external device.\n", PK11_GetTokenName(slot)); (void) SECU_GetPasswordString(NULL, prompt); /* Fall Through */ #endif case PW_PLAINTEXT: return PL_strdup(pwdata->data); default: break; } PR_fprintf(PR_STDERR, "Password check failed: No password found.\n"); return NULL; }
/************************************************************************ * * C h a n g e P W */ Error ChangePW(char *tokenName, char *pwFile, char *newpwFile) { char *oldpw = NULL, *newpw = NULL, *newpw2 = NULL; PK11SlotInfo *slot; Error ret = UNSPECIFIED_ERR; PRBool matching; slot = PK11_FindSlotByName(tokenName); if (!slot) { PR_fprintf(PR_STDERR, errStrings[NO_SUCH_TOKEN_ERR], tokenName); return NO_SUCH_TOKEN_ERR; } /* Get old password */ if (!PK11_NeedUserInit(slot)) { if (pwFile) { oldpw = SECU_FilePasswd(NULL, PR_FALSE, pwFile); if (PK11_CheckUserPassword(slot, oldpw) != SECSuccess) { PR_fprintf(PR_STDERR, errStrings[BAD_PW_ERR]); ret = BAD_PW_ERR; goto loser; } } else if (PK11_NeedLogin(slot)) { for (matching = PR_FALSE; !matching;) { oldpw = SECU_GetPasswordString(NULL, "Enter old password: "******"Enter new password: "******"Re-enter new password: "); if (strcmp(newpw, newpw2)) { PR_fprintf(PR_STDOUT, msgStrings[PW_MATCH_MSG]); PORT_ZFree(newpw, strlen(newpw)); PORT_ZFree(newpw2, strlen(newpw2)); } else { matching = PR_TRUE; } } } /* Change the password */ if (PK11_NeedUserInit(slot)) { if (PK11_InitPin(slot, NULL /*ssopw*/, newpw) != SECSuccess) { PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName); ret = CHANGEPW_FAILED_ERR; goto loser; } } else { if (PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) { PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName); ret = CHANGEPW_FAILED_ERR; goto loser; } } PR_fprintf(PR_STDOUT, msgStrings[CHANGEPW_SUCCESS_MSG], tokenName); ret = SUCCESS; loser: if (oldpw) { PORT_ZFree(oldpw, strlen(oldpw)); } if (newpw) { PORT_ZFree(newpw, strlen(newpw)); } if (newpw2) { PORT_ZFree(newpw2, strlen(newpw2)); } PK11_FreeSlot(slot); return ret; }