Пример #1
0
void RPC2_setbindaddr(RPC2_HostIdent *host)
{
    if (rpc2_bindhost.Tag == RPC2_HOSTBYADDRINFO)
	RPC2_freeaddrinfo(rpc2_bindhost.Value.AddrInfo);

    rpc2_bindhost.Tag = RPC2_DUMMYHOST;

    if (!host)
	return;

    memcpy(&rpc2_bindhost, host, sizeof(RPC2_HostIdent));
    if (host->Tag == RPC2_HOSTBYADDRINFO)
	rpc2_bindhost.Value.AddrInfo = RPC2_copyaddrinfo(host->Value.AddrInfo);
}
Пример #2
0
static int TryBinding(const RPC2_Integer AuthenticationType,
		      const char *viceName, const int viceNamelen,
		      const char *vicePasswd, const int vicePasswdlen,
		      const struct RPC2_addrinfo *AuthHost, RPC2_Handle *RPCid)
{
    RPC2_BindParms bp;
    RPC2_HostIdent hident;
    RPC2_SubsysIdent sident;
    RPC2_CountedBS cident;
    RPC2_EncryptionKey hkey;
    long rc;
    int len;

    hident.Tag = RPC2_HOSTBYADDRINFO;
    hident.Value.AddrInfo = RPC2_copyaddrinfo(AuthHost);

    sident.Tag = RPC2_SUBSYSBYID;
    sident.Value.SubsysId = htonl(AUTH_SUBSYSID);

    cident.SeqLen = viceNamelen;
    cident.SeqBody = (RPC2_ByteSeq)viceName;

    len = vicePasswdlen;
    if ( len > RPC2_KEYSIZE) 
	len = RPC2_KEYSIZE; 
    memset(hkey, 0, RPC2_KEYSIZE);
    memcpy(hkey, vicePasswd, len);

    bp.SecurityLevel = RPC2_SECURE;
    bp.EncryptionType = RPC2_XOR;
    bp.SideEffectType = 0;
    bp.AuthenticationType = AuthenticationType;
    bp.ClientIdent = &cident;
    bp.SharedSecret = &hkey;

    rc = RPC2_NewBinding(&hident, NULL, &sident, &bp, RPCid);

    RPC2_freeaddrinfo(hident.Value.AddrInfo);

    return (rc);
}
Пример #3
0
int main(int argc, char **argv)
{
	char *p;
	int insist;
	int flags;
	int c, pwlen;
	char oldpw[128], newpw[128];
	int ok, rc;
	char *username = NULL;
	const char *realm = NULL;
	char *host = NULL;
	struct RPC2_addrinfo *srvs;

	if (argc > 1) {
	    if (strcmp(argv[1], "-h") == 0) {
	        if (argc < 3) {
		    printf("Usage: %s [-h SCM-host-name] [coda-user-name][@realm]\n", argv[0]);
    		    exit(1);
 	        }

	        host = argv[2];
	        argv += 2;
	        argc -= 2;
 	    }
	}
	
	insist = 0;
	if (argc >= 2) {
		username = argv[1];
		SplitRealmFromName(username, &realm);
	}

	if (!username || *username == '\0') {
#ifdef __CYGWIN32__
	    username = getlogin();   
#else
	    struct passwd *pw = getpwuid(geteuid());
	    if (pw) {
		username=pw->pw_name;
	    }
#endif
	}

	codaconf_init("venus.conf");
	codaconf_init("auth2.conf");

	CODACONF_STR(realm, "realm", NULL);

	if (!username || !realm) {
	    fprintf (stderr, "Can't figure out your username or realm.\n");
	    fprintf (stderr, "Try \"cpasswd user[@realm]\"\n");
	    exit (1);
	}

	/* Make sure our arrays don't overflow. */
	if (strlen(username) > 20) {
	    fprintf(stderr, "User name is invalid.\n");
	    exit(1);
	}

	printf("Changing password for %s@%s\n", username, realm);
/*
	if (U_InitRPC() != 0) {
		fprintf(stderr, "Internal error: RPC or vstab problems.\n");
		exit(1);
	}
*/
	U_InitRPC();
	strncpy(oldpw, getpass("Old password: "******"New password: "******"Password unchanged.\n");
		exit(1);
	}

	/*
	 * Insure password is of reasonable length and
	 * composition.  If we really wanted to make things
	 * sticky, we could check the dictionary for common
	 * words, but then things would really be slow.
	 */
	ok = 0;
	flags = 0;
	p = newpw;
	while (( c = *p++) ) {
		if (c >= 'a' && c <= 'z')
			flags |= 2;
		else if (c >= 'A' && c <= 'Z')
			flags |= 4;
		else if (c >= '0' && c <= '9')
			flags |= 1;
		else
			flags |= 8;
	}
	if (flags >= 7 && pwlen >= 4)
		ok = 1;
	if ((flags == 2 || flags == 4) && pwlen >= 6)
		ok = 1;
	if ((flags == 3 || flags == 5 || flags == 6) && pwlen >= 5)
		ok = 1;
	if (!ok && insist < 2) {
		printf("Please use %s.\n", flags == 1 ?
			"at least one non-numeric character" :
			"a longer password");
		insist++;
		goto tryagain;
	}

	if (strcmp(newpw, getpass("Retype new password: "******"Mismatch - password unchanged.\n");
		exit(1);
	}
	srvs = U_GetAuthServers(realm, host);
	rc = U_ChangePassword (srvs, username, newpw, AUTH_METHOD_CODAUSERNAME, username, strlen(username)+1, oldpw, strlen(oldpw)+1);
	RPC2_freeaddrinfo(srvs);

	switch(rc) {
	    case RPC2_DEAD:
		printf("Server to change passwords down, try again later\n");
		break;
	    case AUTH_DENIED:
		printf("authentication failed, unable to change passwd for %s\n", username);
		break;
	    case AUTH_SUCCESS:
		printf("Password changed\n");
		break;
	    case AUTH_BADKEY:
		printf("Bad new password. Try again\n");
		break;
	    case AUTH_READONLY:
		printf("Auth server is read-only\n");
		break;
	    case AUTH_FAILED:
		printf("Auth failed\n");
		break;
	    case RPC2_NOTAUTHENTICATED:
		printf("bind failed; user unauthenticated\n");
		break;
	    default:
		printf("Authentication Failed: %s\n", RPC2_ErrorMsg(rc));
	}
	fflush(stdout);
	exit(0);
}
Пример #4
0
long RPC2_Init(const char *VId,		/* magic version string */
	       RPC2_Options *Options,
	       RPC2_PortIdent *Port,	/* array of portal ids */
	       long RetryCount,	   /* max number of retries before breaking conn*/
	       struct timeval *KAInterval	/* for keeping long RPC requests alive  */
	       )
{
    char *c;
    long i;
    PROCESS ctpid;
    struct RPC2_addrinfo *rpc2_localaddrs;
    long rc1 = RPC2_NOCONNECTION, rc2, rc;
    short port = 0;
    int verbose;
    char *env;

    rpc2_logfile = stderr;
    rpc2_tracefile = stderr;

    rpc2_Enter();
    say(1, RPC2_DebugLevel, "RPC2_Init()\n");
    say(999, RPC2_DebugLevel, "Runtime system version: \"%s\"\n", RPC2_VERSION);

    if (strcmp(VId, RPC2_VERSION) != 0)
    {
	say(-1, RPC2_DebugLevel, "RPC2_Init(): Wrong RPC2 version\n");
	rpc2_Quit (RPC2_WRONGVERSION);
    }

    /* rpc2_InitConn returns 0 if we're already initialized */
    if (rpc2_InitConn() == 0) rpc2_Quit(RPC2_SUCCESS);

    if (Options && (Options->Flags & RPC2_OPTION_IPV6))
	rpc2_ipv6ready = 1;

    env = getenv("RPC2SEC_KEYSIZE");
    if (env)
	RPC2_Preferred_Keysize = atoi(env);
    if (RPC2_Preferred_Keysize > 64)
	RPC2_Preferred_Keysize /= 8;

    /* Do we accept only secure connections, default is yes. This can be
     * disabled by setting the RPC2SEC_ONLY to 0, false, no, (nada, forgetit) */
    env = getenv("RPC2SEC_ONLY");
    RPC2_secure_only = !env || (env && memchr("0fFnN", *env, 5) == NULL);

    verbose = (Options && (Options->Flags & RPC2_OPTION_VERBOSE_INIT));
    secure_init(verbose);

    rpc2_InitMgrp();
    rpc2_InitHost();

    rpc2_localaddrs = rpc2_resolve(&rpc2_bindhost, Port);

    if (!rpc2_localaddrs) {
	say(-1, RPC2_DebugLevel, "RPC2_Init(): Couldn't get addrinfo for localhost!\n");
	rpc2_Quit(RPC2_FAIL);
    }

#ifdef PF_INET6
    rc1 = rpc2_CreateIPSocket(PF_INET6, &rpc2_v6RequestSocket,
			      rpc2_localaddrs, &port);
#endif
    rc2 = rpc2_CreateIPSocket(PF_INET, &rpc2_v4RequestSocket,
			      rpc2_localaddrs, &port);

    RPC2_freeaddrinfo(rpc2_localaddrs);

    /* rc should probably be the most 'positive' result of the two */
    rc = (rc1 > rc2) ? rc1 : rc2;
    if (rc < RPC2_ELIMIT) {
	say(-1, RPC2_DebugLevel, "RPC2_Init(): Couldn't create socket\n");
	rpc2_Quit(rc);
    }

    rpc2_LocalPort.Tag = RPC2_PORTBYINETNUMBER;
    rpc2_LocalPort.Value.InetPortNumber = port;

    if (Port)
	*Port = rpc2_LocalPort;

    /* Initialize retry parameters */
    if (rpc2_InitRetry(RetryCount, KAInterval) != 0) {
	say(-1, RPC2_DebugLevel,"RPC2_Init(): Failed to init retryintervals\n");
	rpc2_Quit(RPC2_FAIL);
    }

    IOMGR_Initialize();
    TM_Init(&rpc2_TimerQueue);

    /* Register rpc2 packet handler with rpc2_SocketListener before
     * initializing the sideeffects */
    SL_RegisterHandler(RPC2_PROTOVERSION, rpc2_HandlePacket);
    
    /* Call side effect initialization routines */
    for (i = 0; i < SE_DefCount; i++)
	if (SE_DefSpecs[i].SE_Init != NULL)
	    if ((*SE_DefSpecs[i].SE_Init)() < RPC2_ELIMIT) {
		say(-1, RPC2_DebugLevel, "RPC2_Init(): Failed to init SE\n");
		rpc2_Quit(RPC2_SEFAIL2);
	    }

    c = "SocketListener";
    LWP_CreateProcess(rpc2_SocketListener, 32768, LWP_NORMAL_PRIORITY, NULL,
		      c, &rpc2_SocketListenerPID);

    c = "ClockTick";
    LWP_CreateProcess(rpc2_ClockTick, 16384, LWP_NORMAL_PRIORITY, NULL, c, &ctpid);

    LUA_init();

    if (rc != RPC2_SUCCESS)
	say(-1, RPC2_DebugLevel, "RPC2_Init(): Exiting with error\n");

    rpc2_Quit(rc);
}