2 * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3 * unrestricted use provided that this legend is included on all tape
4 * media and as a part of the software program in whole or part. Users
5 * may copy or modify Sun RPC without charge, but are not authorized
6 * to license or distribute it to anyone else except as part of a product or
7 * program developed by the user or with the express written consent of
8 * Sun Microsystems, Inc.
10 * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
11 * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
12 * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
14 * Sun RPC is provided with no support and without any obligation on the
15 * part of Sun Microsystems, Inc. to assist in its use, correction,
16 * modification or enhancement.
18 * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
19 * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
20 * OR ANY PART THEREOF.
22 * In no event will Sun Microsystems, Inc. be liable for any lost revenue
23 * or profits or other special, indirect and consequential damages, even if
24 * Sun has been advised of the possibility of such damages.
26 * Sun Microsystems, Inc.
28 * Mountain View, California 94043
31 #if !defined(lint) && defined(SCCSIDS)
33 static char sccsid[] = "@(#)newkey.c 1.8 91/03/11 Copyr 1986 Sun Micro";
38 * Copyright (C) 1986, Sun Microsystems, Inc.
42 * Administrative tool to add a new user to the publickey database
44 #include <sys/cdefs.h>
45 __FBSDID("$FreeBSD$");
47 #include <sys/types.h>
49 #include <sys/resource.h>
52 #include <rpc/key_prot.h>
56 #include <rpcsvc/yp_prot.h>
57 #include <rpcsvc/ypclnt.h>
71 #define MAXMAPNAMELEN 256
73 #define YPOP_CHANGE 1 /* change, do not add */
74 #define YPOP_INSERT 2 /* add, do not change */
75 #define YPOP_DELETE 3 /* delete this entry */
76 #define YPOP_STORE 4 /* add, or change */
86 static char YPDBPATH[]="/var/yp";
87 static char PKMAP[] = "publickey.byname";
89 static char PKFILE[] = "/etc/publickey";
90 static const char *err_string(int);
93 static void usage(void);
96 main(int argc, char *argv[])
98 char name[MAXNETNAMELEN + 1];
99 char public[HEXKEYBYTES + 1];
100 char secret[HEXKEYBYTES + 1];
101 char crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE + 1];
102 char crypt2[HEXKEYBYTES + KEYCHECKSUMSIZE + 1];
110 if (argc != 3 || !(strcmp(argv[1], "-u") == 0 ||
111 strcmp(argv[1], "-h") == 0)) {
115 errx(1, "must be superuser");
118 if (chdir(YPDBPATH) < 0)
119 warn("cannot chdir to %s", YPDBPATH);
121 if (strcmp(argv[1], "-u") == 0) {
122 pw = getpwnam(argv[2]);
124 errx(1, "unknown user: %s", argv[2]);
125 (void)user2netname(name, (int)pw->pw_uid, (char *)NULL);
128 h = gethostbyname(argv[2]);
130 errx(1, "unknown host: %s", argv[1]);
131 (void)host2netname(name, h->h_name, (char *)NULL);
133 (void)host2netname(name, argv[2], (char *)NULL);
137 (void)printf("Adding new key for %s.\n", name);
138 pass = getpass("New password:");
139 genkeys(public, secret, pass);
141 memcpy(crypt1, secret, HEXKEYBYTES);
142 memcpy(crypt1 + HEXKEYBYTES, secret, KEYCHECKSUMSIZE);
143 crypt1[HEXKEYBYTES + KEYCHECKSUMSIZE] = 0;
144 xencrypt(crypt1, pass);
146 memcpy(crypt2, crypt1, HEXKEYBYTES + KEYCHECKSUMSIZE + 1);
147 xdecrypt(crypt2, getpass("Retype password:"));
148 if (memcmp(crypt2, crypt2 + HEXKEYBYTES, KEYCHECKSUMSIZE) != 0 ||
149 memcmp(crypt2, secret, HEXKEYBYTES) != 0)
150 errx(1, "password incorrect");
153 (void)printf("Please wait for the database to get updated...\n");
155 if ((status = setpublicmap(name, public, crypt1))) {
157 errx(1, "unable to update NIS database (%u): %s",
158 status, yperr_string(status));
160 errx(1, "unable to update publickey database (%u): %s",
161 status, err_string(status));
164 (void)printf("Your new key has been successfully stored away.\n");
172 (void)fprintf(stderr, "%s\n%s\n",
173 "usage: newkey -h hostname",
174 " newkey -u username");
179 * Set the entry in the public key file
182 setpublicmap(char *name, char *public, char *secret)
186 (void)sprintf(pkent, "%s:%s", public, secret);
188 return (mapupdate(name, PKMAP, YPOP_STORE,
189 strlen(name), name, strlen(pkent), pkent));
191 return (localupdate(name, PKFILE, YPOP_STORE,
192 strlen(name), name, strlen(pkent), pkent));
198 * This returns a pointer to an error message string appropriate
199 * to an input error code. An input value of zero will return
209 pmesg = "update operation succeeded";
212 pmesg = "no such key in file";
215 pmesg = "cannot read the database";
218 pmesg = "cannot write to the database";
221 pmesg = "cannot update database";
224 pmesg = "permission denied";
227 pmesg = "malloc failed";
230 pmesg = "unknown error";