X-Git-Url: http://andersk.mit.edu/gitweb/moira.git/blobdiff_plain/e9ed68d910631789e016a9fb8d9802734c8ce123..559fe7ab70ec332b19ec4fa3caa0fc2028357a9a:/clients/moira/user.c

diff --git a/clients/moira/user.c b/clients/moira/user.c
index a9caf3c0..9db8ec01 100644
--- a/clients/moira/user.c
+++ b/clients/moira/user.c
@@ -25,7 +25,12 @@
 #include <moira_site.h>
 #include <menu.h>
 #include <ctype.h>
-
+#include <sys/time.h>
+#ifdef GDSS
+#include <des.h>
+#include <krb.h>
+#include <gdss.h>
+#endif
 #include "mit-copyright.h"
 #include "defs.h"
 #include "f_defs.h"
@@ -96,6 +101,10 @@ PrintUserInfo(info)
 char ** info;
 {
     char name[BUFSIZ], buf[BUFSIZ];
+#ifdef GDSS
+    int status;
+    SigInfo si;
+#endif
 
     sprintf(name, "%s, %s %s", info[U_LAST], info[U_FIRST], info[U_MIDDLE]);
     sprintf(buf, "Login name: %-20s Full name: %s", info[U_NAME], name);
@@ -103,9 +112,26 @@ char ** info;
     sprintf(buf, "User id: %-23s Login shell %-10s Class: %s", 
 	    info[U_UID], info[U_SHELL], info[U_CLASS]);
     Put_message(buf);
+
+#ifdef GDSS
+    sprintf(buf, "%s:%s", info[U_NAME], info[U_MITID]);
+    si.rawsig = NULL;
+    status = GDSS_Verify(buf, strlen(buf), info[U_SIGNATURE], &si);
+#ifdef DEBUG
+    hex_dump(info[U_SIGNATURE]);
+#endif /* DEBUG */
+#else /* GDSS */
+    status = 0;
+#endif /* GDSS */
+
     sprintf(buf, "Account is: %-20s MIT ID number: %s Signed: %s",
 	    UserState(atoi(info[U_STATE])), info[U_MITID],
-	    *info[U_SIGNATURE] ? "Yes" : "No");
+	    *info[U_SIGNATURE] ? (status ? "Bad" : "Yes") : "No");
+    Put_message(buf);
+    if (atoi(info[U_SECURE]))
+      sprintf(buf, "Secure password set on %s.", atot(info[U_SECURE]));
+    else
+      sprintf(buf, "No secure password set.");
     Put_message(buf);
     sprintf(buf, "Comments: %s", info[U_COMMENT]);
     Put_message(buf);
@@ -134,6 +160,7 @@ char ** info;
     info[U_CLASS] = Strsave(DEFAULT_CLASS);
     info[U_COMMENT] = Strsave("");
     info[U_SIGNATURE] = Strsave("");
+    info[U_SECURE] = Strsave("0");
     info[U_MODTIME] = info[U_MODBY] = info[U_MODWITH] = info[U_END] = NULL;
     return(info);
 }
@@ -176,8 +203,9 @@ AskUserInfo(info, name)
 char ** info;
 Bool name;
 {
-    int siglen;
-    char temp_buf[BUFSIZ], *newname, *temp_ptr, *sig;
+    int siglen, i;
+    SigInfo si;
+    char temp_buf[BUFSIZ], *newname, *temp_ptr, *sig, sig_buf[BUFSIZ];
 
     if (name) {
 	sprintf(temp_buf,"\nChanging Attributes of user %s.\n",info[U_NAME]);
@@ -255,11 +283,40 @@ Bool name;
     if (GetValueFromUser("Comments", &info[U_COMMENT]) == SUB_ERROR)
       return(NULL);
 
+    if (YesNoQuestion("Secure password set",
+		      atoi(info[U_SECURE]) ? TRUE : FALSE) == FALSE) {
+	free(info[U_SECURE]);
+	info[U_SECURE] = strsave("0");
+    } else if (!strcmp(info[U_SECURE], "0")) {
+	char buf[16];
+	struct timeval tv;
+
+	gettimeofday(&tv, (struct timezone *)NULL);
+	sprintf(buf, "%d", tv.tv_sec);
+	free(info[U_SECURE]);
+	info[U_SECURE] = strsave(buf);
+    }
+
     /* Sign record */
 #ifdef GDSS
-    info[U_SIGNATURE] = malloc(GDSS_Sig_Size());
-    sprintf(temp_buf, "%s:%s", info[U_NAME], info[U_MITID]);
-    GDSS_Sign(temp_buf, strlen(temp_buf), info[U_SIGNATURE], &siglen);
+    if (strcmp(info[U_NAME], UNIQUE_LOGIN)) {
+	sprintf(temp_buf, "%s:%s", info[U_NAME], info[U_MITID]);
+	si.rawsig = NULL;
+	i = GDSS_Verify(temp_buf, strlen(temp_buf), info[U_SIGNATURE], &si);
+	/* If it's already signed OK, don't resign it. */
+	if (i != GDSS_SUCCESS) {
+	    free(info[U_SIGNATURE]);
+	    info[U_SIGNATURE] = malloc(GDSS_Sig_Size() * 2);
+	    i = GDSS_Sign(temp_buf, strlen(temp_buf), info[U_SIGNATURE]);
+	    if (i != GDSS_SUCCESS)
+	      com_err(program_name, gdss2et(i), "Failed to create signature");
+#ifdef DEBUG
+	    Put_message("Made signature:");hex_dump(info[U_SIGNATURE]);
+	} else {
+	    Put_message("Don't need to remake signature");
+#endif /* DEBUG */
+	}
+    }
 #else /* GDSS */
     info[U_SIGNATURE] = strsave("");
 #endif /* GDSS */
@@ -870,3 +927,53 @@ char **argv;
     }
     return(DM_NORMAL);
 }
+
+
+hex_dump(p)
+unsigned  char *p;
+{
+    char buf[BUFSIZ];
+    int i;
+
+    sprintf(buf, "Size: %d", strlen(p));
+    Put_message(buf);
+    while (strlen(p) >= 8) {
+	sprintf(buf, "%02x %02x %02x %02x %02x %02x %02x %02x",
+		p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7]);
+	Put_message(buf);
+	p += 8;
+    }
+    switch (strlen(p)) {
+    case 7:
+	sprintf(buf, "%02x %02x %02x %02x %02x %02x %02x",
+		p[0], p[1], p[2], p[3], p[4], p[5], p[6]);
+	break;
+    case 6:
+	sprintf(buf, "%02x %02x %02x %02x %02x %02x",
+		p[0], p[1], p[2], p[3], p[4], p[5]);
+	break;
+    case 5:
+	sprintf(buf, "%02x %02x %02x %02x %02x",
+		p[0], p[1], p[2], p[3], p[4]);
+	break;
+    case 4:
+	sprintf(buf, "%02x %02x %02x %02x",
+		p[0], p[1], p[2], p[3]);
+	break;
+    case 3:
+	sprintf(buf, "%02x %02x %02x",
+		p[0], p[1], p[2]);
+	break;
+    case 2:
+	sprintf(buf, "%02x %02x",
+		p[0], p[1]);
+	break;
+    case 1:
+	sprintf(buf, "%02x",
+		p[0]);
+	break;
+    default:
+	return;
+    }
+    Put_message(buf);
+}