From: Tom Yu <tlyu@mit.edu>
Date: Thu, 7 Aug 1997 00:23:11 +0000 (+0000)
Subject: 	* Makefile.in: Add flags to conditionally compile with Hesiod
X-Git-Tag: krb5-1.1-beta1~1065
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=c7cfa556f341e0d4163f32ec2f113b6ae2840f09;p=krb5.git

	* Makefile.in: Add flags to conditionally compile with Hesiod

	* server_misc.c: Add support for checking GECOS field of Hesiod
	passwd entry.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10160 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/kadm5/srv/ChangeLog b/src/lib/kadm5/srv/ChangeLog
index 8ad1c58c3..e7f65f2b6 100644
--- a/src/lib/kadm5/srv/ChangeLog
+++ b/src/lib/kadm5/srv/ChangeLog
@@ -1,3 +1,10 @@
+Wed Aug  6 20:22:23 1997  Tom Yu  <tlyu@mit.edu>
+
+	* Makefile.in: Add flags to conditionally compile with Hesiod.
+
+	* server_misc.c: Add support for checking GECOS field of Hesiod
+	passwd entry.
+
 Fri Jul 25 15:37:08 1997  Tom Yu  <tlyu@mit.edu>
 
 	* server_init.c: Change a few calls to align with the new kdb
diff --git a/src/lib/kadm5/srv/Makefile.in b/src/lib/kadm5/srv/Makefile.in
index df88e9ee7..cf53feff6 100644
--- a/src/lib/kadm5/srv/Makefile.in
+++ b/src/lib/kadm5/srv/Makefile.in
@@ -1,4 +1,4 @@
-CFLAGS = $(CCOPTS) $(DEFS) -I$(BUILDTOP)/include/kadm5
+CFLAGS = $(CCOPTS) $(DEFS) -I$(BUILDTOP)/include/kadm5 @HESIOD_DEFS@
 
 ##DOSBUILDTOP = ..\..\..
 ##DOSLIBNAME = libkadm5srv.lib
diff --git a/src/lib/kadm5/srv/server_misc.c b/src/lib/kadm5/srv/server_misc.c
index 24f101ce5..c85557cab 100644
--- a/src/lib/kadm5/srv/server_misc.c
+++ b/src/lib/kadm5/srv/server_misc.c
@@ -12,6 +12,7 @@ static char *rcsid = "$Header$";
 #include    <krb5/kdb.h>
 #include    <ctype.h>
 #include    "adb.h"
+#include    <pwd.h>
 
 /* for strcasecmp */
 #include    <string.h>
@@ -40,6 +41,76 @@ adb_policy_close(kadm5_server_handle_t handle)
     return KADM5_OK;
 }
 
+/* stolen from v4sever/kadm_funcs.c */
+static char *
+reverse(str)
+	char	*str;
+{
+	static char newstr[80];
+	char	*p, *q;
+	int	i;
+
+	i = strlen(str);
+	if (i >= sizeof(newstr))
+		i = sizeof(newstr)-1;
+	p = str+i-1;
+	q = newstr;
+	q[i]='\0';
+	for(; i > 0; i--) 
+		*q++ = *p--;
+	
+	return(newstr);
+}
+
+static int
+lower(str)
+	char	*str;
+{
+	register char	*cp;
+	int	effect=0;
+
+	for (cp = str; *cp; cp++) {
+		if (isupper(*cp)) {
+			*cp = tolower(*cp);
+			effect++;
+		}
+	}
+	return(effect);
+}
+
+static int
+str_check_gecos(gecos, pwstr)
+	char	*gecos;
+	char	*pwstr;
+{
+	char		*cp, *ncp, *tcp;
+	
+	for (cp = gecos; *cp; ) {
+		/* Skip past punctuation */
+		for (; *cp; cp++)
+			if (isalnum(*cp))
+				break;
+		/* Skip to the end of the word */
+		for (ncp = cp; *ncp; ncp++)
+			if (!isalnum(*ncp) && *ncp != '\'')
+				break;
+		/* Delimit end of word */
+		if (*ncp)
+			*ncp++ = '\0';
+		/* Check word to see if it's the password */
+		if (*cp) {
+			if (!strcasecmp(pwstr, cp))
+				return 1;
+			tcp = reverse(cp);
+			if (!strcasecmp(pwstr, tcp))
+				return 1;
+			cp = ncp;				
+		} else
+			break;
+	}
+	return 0;
+}
+
 /* some of this is stolen from gatekeeper ... */
 kadm5_ret_t
 passwd_check(kadm5_server_handle_t handle,
@@ -51,7 +122,11 @@ passwd_check(kadm5_server_handle_t handle,
 	    ndigit = 0, 
 	    npunct = 0,
 	    nspec = 0;
-    char    c, *s;
+    char    c, *s, *cp;
+#ifdef HESIOD
+    extern  struct passwd *hes_getpwnam();
+    struct  passwd *ent;
+#endif
     
     if(use_policy) {
 	if(strlen(password) < pol->pw_min_length)
@@ -90,6 +165,12 @@ passwd_check(kadm5_server_handle_t handle,
 		cp = krb5_princ_component(handle->context, principal, c)->data;
 		if (strcasecmp(cp, password) == 0)
 		    return KADM5_PASS_Q_DICT;
+#ifdef HESIOD
+		ent = hes_getpwnam(cp);
+		if (ent && ent->pw_gecos)
+		    if (str_check_gecos(ent->pw_gecos, password))
+			return KADM5_PASS_Q_DICT; /* XXX new error code? */
+#endif
 	    }
 	    return KADM5_OK;
 	}