Home | History | Annotate | Line # | Download | only in passwd
local_passwd.c revision 1.6 
      1 /*-
      2  * Copyright (c) 1990 The Regents of the University of California.
      3  * All rights reserved.
      4  *
      5  * Redistribution and use in source and binary forms, with or without
      6  * modification, are permitted provided that the following conditions
      7  * are met:
      8  * 1. Redistributions of source code must retain the above copyright
      9  *    notice, this list of conditions and the following disclaimer.
     10  * 2. Redistributions in binary form must reproduce the above copyright
     11  *    notice, this list of conditions and the following disclaimer in the
     12  *    documentation and/or other materials provided with the distribution.
     13  * 3. All advertising materials mentioning features or use of this software
     14  *    must display the following acknowledgement:
     15  *	This product includes software developed by the University of
     16  *	California, Berkeley and its contributors.
     17  * 4. Neither the name of the University nor the names of its contributors
     18  *    may be used to endorse or promote products derived from this software
     19  *    without specific prior written permission.
     20  *
     21  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
     22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
     25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     31  * SUCH DAMAGE.
     32  */
     33 
     34 #ifndef lint
     35 /*static char sccsid[] = "from: @(#)local_passwd.c	5.5 (Berkeley) 5/6/91";*/
     36 static char rcsid[] = "$Id: local_passwd.c,v 1.6 1994/01/05 11:20:34 deraadt Exp $";
     37 #endif /* not lint */
     38 
     39 #include <sys/types.h>
     40 #include <pwd.h>
     41 #include <errno.h>
     42 #include <stdio.h>
     43 
     44 uid_t uid;
     45 
     46 char *progname = "passwd";
     47 char *tempname;
     48 
     49 local_passwd(uname)
     50 	char *uname;
     51 {
     52 	struct passwd *pw;
     53 	int pfd, tfd;
     54 	char *getnewpasswd();
     55 
     56 	if (!(pw = getpwnam(uname))) {
     57 #ifdef YP
     58 		extern int use_yp;
     59 		if (!use_yp)
     60 #endif
     61 		(void)fprintf(stderr, "passwd: unknown user %s.\n", uname);
     62 		return(1);
     63 	}
     64 
     65 	uid = getuid();
     66 	if (uid && uid != pw->pw_uid) {
     67 		(void)fprintf(stderr, "passwd: %s\n", strerror(EACCES));
     68 		return(1);
     69 	}
     70 
     71 	pw_init();
     72 	pfd = pw_lock();
     73 	tfd = pw_tmp();
     74 
     75 	/*
     76 	 * Get the new password.  Reset passwd change time to zero; when
     77 	 * classes are implemented, go and get the "offset" value for this
     78 	 * class and reset the timer.
     79 	 */
     80 	pw->pw_passwd = getnewpasswd(pw);
     81 	pw->pw_change = 0;
     82 	pw_copy(pfd, tfd, pw);
     83 
     84 	if (!pw_mkdb())
     85 		pw_error((char *)NULL, 0, 1);
     86 	return(0);
     87 }
     88 
     89 char *
     90 getnewpasswd(pw)
     91 	register struct passwd *pw;
     92 {
     93 	register char *p, *t;
     94 	int tries;
     95 	char buf[_PASSWORD_LEN+1], salt[9], *crypt(), *getpass();
     96 
     97 	(void)printf("Changing local password for %s.\n", pw->pw_name);
     98 
     99 	if (uid && pw->pw_passwd[0] &&
    100 	    strcmp(crypt(getpass("Old password:"), pw->pw_passwd),
    101 	    pw->pw_passwd)) {
    102 		errno = EACCES;
    103 		pw_error(NULL, 1, 1);
    104 	}
    105 
    106 	for (buf[0] = '\0', tries = 0;;) {
    107 		p = getpass("New password:");
    108 		if (!*p) {
    109 			(void)printf("Password unchanged.\n");
    110 			pw_error(NULL, 0, 0);
    111 		}
    112 		if (strlen(p) <= 5 && ++tries < 2) {
    113 			(void)printf("Please enter a longer password.\n");
    114 			continue;
    115 		}
    116 		for (t = p; *t && islower(*t); ++t);
    117 		if (!*t && ++tries < 2) {
    118 			(void)printf("Please don't use an all-lower case password.\nUnusual capitalization, control characters or digits are suggested.\n");
    119 			continue;
    120 		}
    121 		(void)strcpy(buf, p);
    122 		if (!strcmp(buf, getpass("Retype new password:")))
    123 			break;
    124 		(void)printf("Mismatch; try again, EOF to quit.\n");
    125 	}
    126 	/* grab a random printable character that isn't a colon */
    127 	(void)srandom((int)time((time_t *)NULL));
    128 #ifdef NEWSALT
    129 	salt[0] = _PASSWORD_EFMT1;
    130 	to64(&salt[1], (long)(29 * 25), 4);
    131 	to64(&salt[5], random(), 4);
    132 #else
    133 	to64(&salt[0], random(), 2);
    134 #endif
    135 	return(crypt(buf, salt));
    136 }
    137 
    138 static unsigned char itoa64[] =		/* 0 ... 63 => ascii - 64 */
    139 	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
    140 
    141 to64(s, v, n)
    142 	register char *s;
    143 	register long v;
    144 	register int n;
    145 {
    146 	while (--n >= 0) {
    147 		*s++ = itoa64[v&0x3f];
    148 		v >>= 6;
    149 	}
    150 }
    151