45
46
int main(int argc, char *argv[])
52
krb5_get_init_creds_opt *opts = NULL;
58
krb5_data result_code_string, result_string;
61
fprintf(stderr, "usage: %s [principal]\n", argv[0]);
67
ret = krb5_init_context(&context);
69
com_err(argv[0], ret, "initializing kerberos library");
73
/* in order, use the first of:
74
- a name specified on the command line
75
- the principal name from an existing ccache
76
- the name corresponding to the ruid of the process
78
otherwise, it's an error.
82
if ((ret = krb5_parse_name(context, pname, &princ))) {
83
com_err(argv[0], ret, "parsing client name");
86
} else if ((ret = krb5_cc_default(context, &ccache)) != KRB5_CC_NOTFOUND) {
88
com_err(argv[0], ret, "opening default ccache");
92
if ((ret = krb5_cc_get_principal(context, ccache, &princ))) {
93
com_err(argv[0], ret, "getting principal from ccache");
97
if ((ret = krb5_cc_close(context, ccache))) {
98
com_err(argv[0], ret, "closing ccache");
102
get_name_from_passwd_file(argv[0], context, &princ);
105
if ((ret = krb5_get_init_creds_opt_alloc(context, &opts))) {
106
com_err(argv[0], ret, "allocating krb5_get_init_creds_opt");
109
krb5_get_init_creds_opt_set_tkt_life(opts, 5*60);
110
krb5_get_init_creds_opt_set_renew_life(opts, 0);
111
krb5_get_init_creds_opt_set_forwardable(opts, 0);
112
krb5_get_init_creds_opt_set_proxiable(opts, 0);
114
if ((ret = krb5_get_init_creds_password(context, &creds, princ, NULL,
115
krb5_prompter_posix, NULL,
116
0, "kadmin/changepw", opts))) {
117
if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY)
119
"Password incorrect while getting initial ticket");
121
com_err(argv[0], ret, "getting initial ticket");
122
krb5_get_init_creds_opt_free(context, opts);
127
if ((ret = krb5_read_password(context, P1, P2, pw, &pwlen))) {
128
com_err(argv[0], ret, "while reading password");
129
krb5_get_init_creds_opt_free(context, opts);
133
if ((ret = krb5_change_password(context, &creds, pw,
134
&result_code, &result_code_string,
136
com_err(argv[0], ret, "changing password");
137
krb5_get_init_creds_opt_free(context, opts);
142
printf("%.*s%s%.*s\n",
143
(int) result_code_string.length, result_code_string.data,
144
result_string.length?": ":"",
145
(int) result_string.length,
146
result_string.data ? result_string.data : "");
147
krb5_get_init_creds_opt_free(context, opts);
151
if (result_string.data != NULL)
152
free(result_string.data);
153
if (result_code_string.data != NULL)
154
free(result_code_string.data);
155
krb5_get_init_creds_opt_free(context, opts);
157
printf("Password changed.\n");
53
krb5_get_init_creds_opt *opts = NULL;
59
krb5_data result_code_string, result_string;
62
fprintf(stderr, "usage: %s [principal]\n", argv[0]);
68
ret = krb5_init_context(&context);
70
com_err(argv[0], ret, "initializing kerberos library");
74
/* in order, use the first of:
75
- a name specified on the command line
76
- the principal name from an existing ccache
77
- the name corresponding to the ruid of the process
79
otherwise, it's an error.
83
if ((ret = krb5_parse_name(context, pname, &princ))) {
84
com_err(argv[0], ret, "parsing client name");
87
} else if ((ret = krb5_cc_default(context, &ccache)) != KRB5_CC_NOTFOUND) {
89
com_err(argv[0], ret, "opening default ccache");
93
if ((ret = krb5_cc_get_principal(context, ccache, &princ))) {
94
com_err(argv[0], ret, "getting principal from ccache");
98
if ((ret = krb5_cc_close(context, ccache))) {
99
com_err(argv[0], ret, "closing ccache");
103
get_name_from_passwd_file(argv[0], context, &princ);
106
if ((ret = krb5_get_init_creds_opt_alloc(context, &opts))) {
107
com_err(argv[0], ret, "allocating krb5_get_init_creds_opt");
110
krb5_get_init_creds_opt_set_tkt_life(opts, 5*60);
111
krb5_get_init_creds_opt_set_renew_life(opts, 0);
112
krb5_get_init_creds_opt_set_forwardable(opts, 0);
113
krb5_get_init_creds_opt_set_proxiable(opts, 0);
115
if ((ret = krb5_get_init_creds_password(context, &creds, princ, NULL,
116
krb5_prompter_posix, NULL,
117
0, "kadmin/changepw", opts))) {
118
if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY)
120
"Password incorrect while getting initial ticket");
122
com_err(argv[0], ret, "getting initial ticket");
123
krb5_get_init_creds_opt_free(context, opts);
128
if ((ret = krb5_read_password(context, P1, P2, pw, &pwlen))) {
129
com_err(argv[0], ret, "while reading password");
130
krb5_get_init_creds_opt_free(context, opts);
134
if ((ret = krb5_change_password(context, &creds, pw,
135
&result_code, &result_code_string,
137
com_err(argv[0], ret, "changing password");
138
krb5_get_init_creds_opt_free(context, opts);
143
printf("%.*s%s%.*s\n",
144
(int) result_code_string.length, result_code_string.data,
145
result_string.length?": ":"",
146
(int) result_string.length,
147
result_string.data ? result_string.data : "");
148
krb5_get_init_creds_opt_free(context, opts);
152
if (result_string.data != NULL)
153
free(result_string.data);
154
if (result_code_string.data != NULL)
155
free(result_code_string.data);
156
krb5_get_init_creds_opt_free(context, opts);
158
printf("Password changed.\n");