int json_object_del(json_t *json, const char *key)
{
json_object_t *object;
if(!json_is_object(json))
return -1;
object = json_to_object(json);
return hashtable_del(&object->hashtable, string_to_key(key));
}
void *json_object_iter_at(json_t *json, const char *key)
{
json_object_t *object;
if(!key || !json_is_object(json))
return NULL;
object = json_to_object(json);
return hashtable_iter_at(&object->hashtable, string_to_key(key));
}
json_t *json_object_get(const json_t *json, const char *key)
{
json_object_t *object;
if(!json_is_object(json))
return NULL;
object = json_to_object(json);
return (json_t *) hashtable_get(&object->hashtable, string_to_key(key));
}
void remove_keybinding(Widget window, const char *keystring, const char *fstring)
{
int function = string_to_func(fstring, NULL);
int keywstate = string_to_key(keystring);
if ((function < 0) || (remove_binding(window, keywstate, function) < 0)) {
Wprintf("Key binding \'%s\' to \'%s\' does not exist in list.",
keystring, fstring);
}
}
int add_keybinding(Widget window, const char *keystring, const char *fstring)
{
short value = -1;
int function = string_to_func(fstring, &value);
int keywstate = string_to_key(keystring);
if (function < 0)
return -1;
else
return add_binding(window, keywstate, function, value);
}
/*** Routines ****************************************************** */
int
des_read_password(C_Block *k, char *prompt, int verify)
{
int ok;
char key_string[BUFSIZ];
#ifdef BSDUNIX
if (setjmp(env)) {
ok = -1;
goto lose;
}
#endif
ok = read_pw_string(key_string, BUFSIZ, prompt, verify);
if (ok == 0)
string_to_key(key_string, k);
#ifdef BSDUNIX
lose:
#endif
memset(key_string, 0, sizeof(key_string));
return ok;
}
int execute_program(int argc, char **argv)
{
switch(string_to_key(argv[1]))
{
case OUTPUTPID: return do_outputPID();
case OUTPUTIDS: return do_outputIDs();
case SIMPLEFORK: return do_simplefork();
case TWOPROCS: return do_twoprocs();
case BADPROCESSID: return do_badprocessID();
case SIMPLECHAIN: return do_simplechain(argc, argv);
case SIMPLEFAN: return do_simplefan(argc, argv);
case FANWAIT: return do_fanwait(argc, argv);
case PARENTWAITPID: return do_parentwaitpid();
case FANWAITMSG: return do_fanwaitmsg(argc, argv);
case CHAINWAITMSG: return do_chainwaitmsg(argc, argv);
case EXECLS: return do_execls();
case EXECCMD: return do_execcmd(argc, argv);
case EXECCMDARGV: return do_execcmdargv(argc, argv);
case RUNBACK: return do_runback(argc, argv);
case SIMPLECOPY: return do_simplecopy();
case COPYFILE: return do_copyfile(argc, argv);
case MONITORFORK: return do_monitorfork(argc, argv);
case PARENTPIPE: return do_parentwritepipe();
case SYNCFAN: return do_synchronizefan(argc, argv);
case SIMPLEREDIR: return do_simpleredirect();
case PCFIFO: return do_parentchildfifo(argc, argv);
case PIPESERVER: return do_pipeserver(argc, argv);
case PIPECLIENT: return do_pipeclient(argc, argv);
case RING: return ring(argc, argv);
case MAILBOXAPP: return do_mailboxapp(argc, argv);
case LISTKEYS: return list_keys();
case BADKEY:
printf("Invalid Key!\r\n");
return BADKEY;
}
return -1;
}
main()
{
struct sockaddr_in foreign;
int foreign_len = sizeof(foreign);
int rval, more;
static char name[] = "kpasswdd";
static struct rlimit rl = { 0, 0 };
progname = name;
openlog("kpasswdd", LOG_CONS | LOG_PID, LOG_AUTH);
signal(SIGHUP, SIG_IGN);
signal(SIGINT, SIG_IGN);
signal(SIGTSTP, SIG_IGN);
if(setrlimit(RLIMIT_CORE, &rl) < 0) {
syslog(LOG_ERR, "setrlimit: %m");
exit(1);
}
if(getpeername(0, &foreign, &foreign_len) < 0) {
syslog(LOG_ERR,"getpeername: %m");
exit(1);
}
strcpy(inst, "*");
rval = krb_recvauth(
0L, /* !MUTUAL */
0, /* file desc */
&ticket, /* client's ticket */
SERVICE, /* expected service */
inst, /* expected instance */
&foreign, /* foreign addr */
(struct sockaddr_in *) 0,
&kdata,
"",
(bit_64 *) NULL, /* key schedule */
version
);
if(rval != KSUCCESS) {
syslog(LOG_ERR, "krb_recvauth: %s", krb_err_txt[rval]);
cleanup();
exit(1);
}
/* get master key */
if(kdb_get_master_key(0, master_key, master_key_schedule) != 0) {
syslog(LOG_ERR, "couldn't get master key");
cleanup();
exit(1);
}
mkeyversion =
kdb_get_master_key(master_key, master_key_schedule, NULL);
if(mkeyversion < 0) {
syslog(LOG_NOTICE, "couldn't verify master key");
cleanup();
exit(1);
}
/* get principal info */
rval = kerb_get_principal(
kdata.pname,
kdata.pinst,
&principal_data,
1,
&more
);
if(rval != 1 || (more != 0)) {
syslog(LOG_NOTICE, "more than 1 entry for %s.%s",
kdata.pname, kdata.pinst);
cleanup();
exit(1);
}
/* get the user's key */
bcopy(&principal_data.key_low, key, 4);
bcopy(&principal_data.key_high, ((long *) key) + 1, 4);
kdb_encrypt_key(key, key, master_key, master_key_schedule,
DECRYPT);
key_sched(key, key_schedule);
des_set_key(key, key_schedule);
/* get random key and send it over {random} Kperson */
random_key(kpwd_data.random_key);
strcpy(kpwd_data.secure_msg, SECURE_STRING);
if(des_write(0, &kpwd_data, sizeof(kpwd_data)) != sizeof(kpwd_data)) {
syslog(LOG_ERR, "error writing initial data");
cleanup();
exit(1);
}
bzero(key, sizeof(key));
bzero(key_schedule, sizeof(key_schedule));
/* now read update info: { info }Krandom */
key_sched(kpwd_data.random_key, random_sched);
des_set_key(kpwd_data.random_key, random_sched);
if(des_read(0, &ud_data, sizeof(ud_data)) != sizeof(ud_data)) {
syslog(LOG_ERR, "update aborted");
cleanup();
exit(1);
}
/* validate info string by looking at the embedded string */
if(strcmp(ud_data.secure_msg, SECURE_STRING)) {
syslog(LOG_NOTICE, "invalid update from %s",
inet_ntoa(foreign.sin_addr));
cleanup();
exit(1);
}
/* produce the new key entry in the database { key }Kmaster */
string_to_key(ud_data.pw, key);
kdb_encrypt_key(key, key,
master_key, master_key_schedule,
ENCRYPT);
bcopy(key, &principal_data.key_low, 4);
bcopy(((long *) key) + 1,
&principal_data.key_high, 4);
bzero(key, sizeof(key));
principal_data.key_version++;
if(kerb_put_principal(&principal_data, 1)) {
syslog(LOG_ERR, "couldn't write new record for %s.%s",
principal_data.name, principal_data.instance);
cleanup();
exit(1);
}
syslog(LOG_NOTICE,"wrote new password field for %s.%s from %s",
principal_data.name,
principal_data.instance,
inet_ntoa(foreign.sin_addr)
);
send_ack(0, "Update complete.\n");
cleanup();
exit(0);
}
/*ARGSUSED */
static int
passwd_to_key(
char *user,
char *instance,
char *realm,
char *passwd,
C_Block key
)
{
#ifdef NOENCRYPTION
if (!passwd)
placebo_read_password(key, "Password: "******"Password: "******"Trying next_string_to_key[%d]\n",in_tkt_decrypt_again);
} else
--in_tkt_decrypt_again;
/*
* If the principal is known to be in the local realm, don't even bother
* to attempt decryptions with alternative string to key algorithms (i.e.
* we presumably aren't schizophrenic with respect to our own string to
* key function). This is simply an optimization to avoid extra useless
* work when a bad password has been supplied in the common case.
*/
/* THIS IS WRONG!!!!!
* if (strcmp(realm, KRB_REALM) == 0)
* in_tkt_decrypt_again = 0;
*/
/*
* If there are no more string to key algorithms to try, zero the password
* string now so that krb_get_in_tkt() doesn't have to call us back since
* it can't distinguish this case from one when the password function
* doesn't support iteration at all.
*/
if (in_tkt_decrypt_again == 0) {
bzero(key_string, sizeof (key_string));
have_key_string = 0;
}
#else /* OLDSTRTOKEY */
// back to the original MIT code
if (passwd)
string_to_key(passwd, key);
else {
des_read_password(key, "Password: ", 0);
}
#endif /* OLDSTRTOKEY */
#endif /* !NOENCRYPTION */
return (0);
}
