2 * lib/krb5/krb/in_tkt_pwd.c
4 * Copyright 1990,1991 by the Massachusetts Institute of Technology.
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. M.I.T. makes no representations about the suitability of
20 * this software for any purpose. It is provided "as is" without express
21 * or implied warranty.
24 * krb5_get_in_tkt_with_password()
29 extern char *krb5_default_pwd_prompt1;
32 * key-producing procedure for use by krb5_get_in_tkt_with_password.
34 krb5_error_code pwd_keyproc
35 PROTOTYPE((krb5_context,
42 pwd_keyproc(context, type, salt, keyseed, key)
44 const krb5_keytype type;
46 krb5_const_pointer keyseed;
49 krb5_error_code retval;
50 krb5_encrypt_block eblock;
53 int pwsize = sizeof(pwdbuf);
55 if (!valid_keytype(type))
56 return KRB5_PROG_KEYTYPE_NOSUPP;
58 krb5_use_keytype(context, &eblock, type);
60 password = (krb5_data *)keyseed;
62 if (!password->length) {
63 if (retval = krb5_read_password(context, krb5_default_pwd_prompt1, 0,
67 password->length = pwsize;
68 password->data = pwdbuf;
71 if (!(*key = (krb5_keyblock *)malloc(sizeof(**key))))
74 if (retval = krb5_string_to_key(context,&eblock,type,*key,password,salt))
80 Attempts to get an initial ticket for creds->client to use server
81 creds->server, (realm is taken from creds->client), with options
82 options, and using creds->times.starttime, creds->times.endtime,
83 creds->times.renew_till as from, till, and rtime.
84 creds->times.renew_till is ignored unless the RENEWABLE option is requested.
86 If addrs is non-NULL, it is used for the addresses requested. If it is
87 null, the system standard addresses are used.
89 If password is non-NULL, it is converted using the cryptosystem entry
90 point for a string conversion routine, seeded with the client's name.
91 If password is passed as NULL, the password is read from the terminal,
92 and then converted into a key.
94 A succesful call will place the ticket in the credentials cache ccache.
96 returns system errors, encryption errors
98 krb5_error_code INTERFACE
99 krb5_get_in_tkt_with_password(context, options, addrs, etypes, pre_auth_types,
100 password, ccache, creds, ret_as_reply)
101 krb5_context context;
102 const krb5_flags options;
103 krb5_address * const * addrs;
104 krb5_enctype * etypes;
105 krb5_preauthtype * pre_auth_types;
106 const char * password;
109 krb5_kdc_rep ** ret_as_reply;
111 krb5_error_code retval;
115 if (data.data = (char *)password) {
116 data.length = strlen(password);
121 retval = krb5_get_in_tkt(context, options, addrs, etypes, pre_auth_types,
122 pwd_keyproc, (krb5_pointer) &data,
123 krb5_kdc_rep_decrypt_proc, 0,
124 creds, ccache, ret_as_reply);