/* * kpasswd.c * * Copyright 2002 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may * require a specific license from the United States Government. * It is the responsibility of any person or organization contemplating * export to obtain such a license before exporting. * * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and * distribute this software and its documentation for any purpose and * without fee is hereby granted, provided that the above copyright * notice appear in all copies and that both that copyright notice and * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior * permission. Furthermore if you modify this software you must label * your software as modified software and not distribute it in such a * fashion that it might be confused with the original M.I.T. software. * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * * * Destroy the contents of your credential cache. */ #include #include #include #include #include #include #include const char *program = NULL; static int usage (void); static void printiferr (errcode_t err, const char *format, ...); static void printerr (const char *format, ...); static void vprinterr (const char *format, va_list args); int main (int argc, char * const * argv) { int err = 0; KLStatus klErr = klNoErr; KLPrincipal principal = NULL; /* Remember our program name */ program = strrchr (argv[0], '/') ? strrchr (argv[0], '/') + 1 : argv[0]; /* look for extra arguments (other than the principal) */ if (argc > 2) { printerr ("Unknown option '%s'\n", argv[2]); return usage (); } /* Get the principal name from the command line */ if (!err && (argc > 1)) { err = KLCreatePrincipalFromString (argv[1], kerberosVersion_V5, &principal); printiferr (err, "while creating principal '%s'", argv[1]); } /* If that fails, try the principal of the current ticket cache */ if (!err && (principal == NULL)) { KLBoolean found = false; KLPrincipal foundPrincipal; KLStatus terr = KLCacheHasValidTickets (NULL, kerberosVersion_Any, &found, &foundPrincipal, NULL); if (!terr && found) { principal = foundPrincipal; } } /* As a last resort, fall back on the passwd database */ if (!err && (principal == NULL)) { struct passwd *pw; /* Try to get the principal name from the password database */ if ((pw = getpwuid (getuid ())) != NULL) { char *username = malloc (strlen (pw->pw_name) + 1); /* copy because pw not stable */ if (username == NULL) { err = ENOMEM; } if (!err) { strcpy (username, pw->pw_name); err = KLCreatePrincipalFromString (username, kerberosVersion_V5, &principal); } printiferr (err, "while creating principal for current user"); if (username != NULL) { free (username); } } } if (!err) { err = KLChangePassword (principal); printiferr (err, "while changing password"); } if (principal != NULL) { KLDisposePrincipal (principal); } return err ? 1 : 0; } static int usage (void) { fprintf (stderr, "Usage: %s principal\n", program); return 2; } static void printiferr (errcode_t err, const char *format, ...) { if (err && (err != ccIteratorEnd) && (err != KRB5_CC_END)) { va_list pvar; va_start (pvar, format); com_err_va (program, err, format, pvar); va_end (pvar); } } static void printerr (const char *format, ...) { va_list pvar; va_start (pvar, format); vprinterr (format, pvar); va_end (pvar); } static void vprinterr (const char *format, va_list args) { fprintf (stderr, "%s: ", program); vfprintf (stderr, format, args); }