Home | History | Annotate | Line # | Download | only in passwd
local_passwd.c revision 1.7 
      1 /*-
      2  * Copyright (c) 1990 The Regents of the University of California.
      3  * All rights reserved.
      4  *
      5  * Redistribution and use in source and binary forms, with or without
      6  * modification, are permitted provided that the following conditions
      7  * are met:
      8  * 1. Redistributions of source code must retain the above copyright
      9  *    notice, this list of conditions and the following disclaimer.
     10  * 2. Redistributions in binary form must reproduce the above copyright
     11  *    notice, this list of conditions and the following disclaimer in the
     12  *    documentation and/or other materials provided with the distribution.
     13  * 3. All advertising materials mentioning features or use of this software
     14  *    must display the following acknowledgement:
     15  *	This product includes software developed by the University of
     16  *	California, Berkeley and its contributors.
     17  * 4. Neither the name of the University nor the names of its contributors
     18  *    may be used to endorse or promote products derived from this software
     19  *    without specific prior written permission.
     20  *
     21  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
     22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
     25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     31  * SUCH DAMAGE.
     32  */
     33 
     34 #ifndef lint
     35 /*static char sccsid[] = "from: @(#)local_passwd.c	5.5 (Berkeley) 5/6/91";*/
     36 static char rcsid[] = "$Id: local_passwd.c,v 1.7 1994/12/24 17:27:42 cgd Exp $";
     37 #endif /* not lint */
     38 
     39 #include <sys/types.h>
     40 #include <pwd.h>
     41 #include <errno.h>
     42 #include <stdio.h>
     43 #include <string.h>
     44 
     45 uid_t uid;
     46 
     47 char *progname = "passwd";
     48 char *tempname;
     49 
     50 local_passwd(uname)
     51 	char *uname;
     52 {
     53 	struct passwd *pw;
     54 	int pfd, tfd;
     55 	char *getnewpasswd();
     56 
     57 	if (!(pw = getpwnam(uname))) {
     58 #ifdef YP
     59 		extern int use_yp;
     60 		if (!use_yp)
     61 #endif
     62 		(void)fprintf(stderr, "passwd: unknown user %s.\n", uname);
     63 		return(1);
     64 	}
     65 
     66 	uid = getuid();
     67 	if (uid && uid != pw->pw_uid) {
     68 		(void)fprintf(stderr, "passwd: %s\n", strerror(EACCES));
     69 		return(1);
     70 	}
     71 
     72 	pw_init();
     73 	pfd = pw_lock();
     74 	tfd = pw_tmp();
     75 
     76 	/*
     77 	 * Get the new password.  Reset passwd change time to zero; when
     78 	 * classes are implemented, go and get the "offset" value for this
     79 	 * class and reset the timer.
     80 	 */
     81 	pw->pw_passwd = getnewpasswd(pw);
     82 	pw->pw_change = 0;
     83 	pw_copy(pfd, tfd, pw);
     84 
     85 	if (!pw_mkdb())
     86 		pw_error((char *)NULL, 0, 1);
     87 	return(0);
     88 }
     89 
     90 char *
     91 getnewpasswd(pw)
     92 	register struct passwd *pw;
     93 {
     94 	register char *p, *t;
     95 	int tries;
     96 	char buf[_PASSWORD_LEN+1], salt[9], *crypt(), *getpass();
     97 
     98 	(void)printf("Changing local password for %s.\n", pw->pw_name);
     99 
    100 	if (uid && pw->pw_passwd[0] &&
    101 	    strcmp(crypt(getpass("Old password:"), pw->pw_passwd),
    102 	    pw->pw_passwd)) {
    103 		errno = EACCES;
    104 		pw_error(NULL, 1, 1);
    105 	}
    106 
    107 	for (buf[0] = '\0', tries = 0;;) {
    108 		p = getpass("New password:");
    109 		if (!*p) {
    110 			(void)printf("Password unchanged.\n");
    111 			pw_error(NULL, 0, 0);
    112 		}
    113 		if (strlen(p) <= 5 && ++tries < 2) {
    114 			(void)printf("Please enter a longer password.\n");
    115 			continue;
    116 		}
    117 		for (t = p; *t && islower(*t); ++t);
    118 		if (!*t && ++tries < 2) {
    119 			(void)printf("Please don't use an all-lower case password.\nUnusual capitalization, control characters or digits are suggested.\n");
    120 			continue;
    121 		}
    122 		(void)strcpy(buf, p);
    123 		if (!strcmp(buf, getpass("Retype new password:")))
    124 			break;
    125 		(void)printf("Mismatch; try again, EOF to quit.\n");
    126 	}
    127 	/* grab a random printable character that isn't a colon */
    128 	(void)srandom((int)time((time_t *)NULL));
    129 #ifdef NEWSALT
    130 	salt[0] = _PASSWORD_EFMT1;
    131 	to64(&salt[1], (long)(29 * 25), 4);
    132 	to64(&salt[5], random(), 4);
    133 #else
    134 	to64(&salt[0], random(), 2);
    135 #endif
    136 	return(crypt(buf, salt));
    137 }
    138 
    139 static unsigned char itoa64[] =		/* 0 ... 63 => ascii - 64 */
    140 	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
    141 
    142 to64(s, v, n)
    143 	register char *s;
    144 	register long v;
    145 	register int n;
    146 {
    147 	while (--n >= 0) {
    148 		*s++ = itoa64[v&0x3f];
    149 		v >>= 6;
    150 	}
    151 }
    152