/** this is just some test code for a server which would run out of inetd */ #include #include #include #include #include #include #include #include #include #include "syb_auth.h" main() { DBPROCESS *dbproc; LOGINREC *loginrec; int rc; char inbuf[BUFSIZ]; int cnamelen, snamelen; int status; long authopts; AUTH_DAT auth_data; KTEXT_ST clt_ticket; Key_schedule sched; char passwd[10],encr_passwd[10]; char instance[INST_SZ + 1]; char version[KRB_SENDAUTH_VLEN + 1]; char realm[REALM_SZ + 1]; struct sockaddr_in srv_addr, cl_addr; des_cblock ran_key,ivec; char syb_str[100],str[50]; char out_buf[256]; cnamelen = sizeof(cl_addr); snamelen = sizeof(srv_addr); bzero(&clt_ticket, sizeof(clt_ticket)); bzero(&auth_data, sizeof(auth_data)); /* * To verify authenticity, we need to know the address of the * client. */ if (getpeername(0, (struct sockaddr *)&cl_addr, &cnamelen) < 0) printf("getpeername failed\n"); /* for mutual authentication, we need to know our address */ if (getsockname(0, (struct sockaddr *)&srv_addr, &snamelen) < 0) printf("getsockname failed\n"); (void) strcpy(instance, "*"); authopts = KOPT_DO_MUTUAL; status = krb_recvauth(authopts, 0, &clt_ticket,"rcmd", instance, &cl_addr, &srv_addr, &auth_data,"",sched, version); if (status != KSUCCESS) exit(); /* auth failed!! */ /* ok authentication worked, so read that the client is happy and continue */ rc = read(0,inbuf,BUFSIZ); /* make a temporary passwd */ rc = des_random_key(ran_key); make_passwd(passwd,ran_key); /* read sybase adm password from file ? */ /* if any of these steps fail send an error code back */ /* Initialize DB-Library. */ if (dbinit() == FAIL) { printf("%s\n",SYB_INIT_ERR); exit(); } dbsetifile("/dbms/testing/sybase/interfaces"); loginrec = dblogin(); if (!(loginrec) || (loginrec == NULL)) { printf("%s\n",SYB_LOGIN_ERR); exit(); } DBSETLUSER(loginrec,auth_data.pname); /* this will be an admin user */ DBSETLPWD(loginrec, "foo"); /* put the admin password read from disk here*/ /* MBuQoBfb */ dbproc = dbopen(loginrec, "RPSSRVRA"); /* my_server */ if (!(dbproc) || (dbproc == NULL)) { printf("%s\n",SYB_LOGIN_ERR); exit(); } /* we should be connected to sybase now */ sprintf(syb_str,"sp_password foo, %s",passwd); /* this will change when running as admin */ dbcmd(dbproc,syb_str); dbsqlexec(dbproc); rc = dbresults(dbproc); if (rc != SUCCEED) { printf("%s\n",SYB_PASSWD_CHG_ERR); sprintf(str,"Failed to set for user %s",auth_data.pname); log_aline(str); exit(); } /* ?? dbexit calls */ sprintf(str,"Set password to %s for user %s",passwd,auth_data.pname); log_aline(str); /* need to encrypt the passwd */ rc = des_cbc_encrypt(passwd,encr_passwd,8,sched ,ivec, ENCRYPT); sprintf(out_buf,"%s:%s\n",OK,encr_passwd); write(1,out_buf,256); /* wait and then reset passwd */ sleep(30); /* get a random passwd and use it instead for production */ sprintf(syb_str,"sp_password %s, foo", passwd); dbcmd(dbproc,syb_str); dbsqlexec(dbproc); rc = dbresults(dbproc); if (rc != SUCCEED) log_aline("couldn't reset it"); dbexit(); } /* create a temp passwd from the key */ make_passwd(char *passwd, unsigned char *cp) { int i; for ( i = 0; i < 8; i++,cp++) { passwd[i] = (char) ( (*cp % 58) + 65); /* get it between A and z */ if (!isalpha(passwd[i])) /* if its the punc between cases shift to the digits */ { passwd[i] = passwd[i] - 40; } } passwd[9] = '\0'; } log_aline(char *line) { char logline[150]; time_t secs; int dfd; time(&secs); sprintf(logline, "%s:%s", line, ctime(&secs)); if ((dfd = open("/usr/users/thorne/log_file", O_APPEND | O_CREAT | O_WRONLY, 0644)) ==0) printf("error logging transaction\n"); write(dfd, logline, strlen(logline)); close(dfd); return; }