yp_passwd.c revision 1.5.2.1
1 1.1 brezak /* 2 1.1 brezak * Copyright (c) 1988 The Regents of the University of California. 3 1.1 brezak * All rights reserved. 4 1.1 brezak * 5 1.1 brezak * Redistribution and use in source and binary forms, with or without 6 1.1 brezak * modification, are permitted provided that the following conditions 7 1.1 brezak * are met: 8 1.1 brezak * 1. Redistributions of source code must retain the above copyright 9 1.1 brezak * notice, this list of conditions and the following disclaimer. 10 1.1 brezak * 2. Redistributions in binary form must reproduce the above copyright 11 1.1 brezak * notice, this list of conditions and the following disclaimer in the 12 1.1 brezak * documentation and/or other materials provided with the distribution. 13 1.1 brezak * 3. All advertising materials mentioning features or use of this software 14 1.1 brezak * must display the following acknowledgement: 15 1.1 brezak * This product includes software developed by the University of 16 1.1 brezak * California, Berkeley and its contributors. 17 1.1 brezak * 4. Neither the name of the University nor the names of its contributors 18 1.1 brezak * may be used to endorse or promote products derived from this software 19 1.1 brezak * without specific prior written permission. 20 1.1 brezak * 21 1.1 brezak * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 1.1 brezak * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 1.1 brezak * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 1.1 brezak * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 1.1 brezak * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 1.1 brezak * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 1.1 brezak * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 1.1 brezak * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 1.1 brezak * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 1.1 brezak * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 1.1 brezak * SUCH DAMAGE. 32 1.1 brezak */ 33 1.1 brezak #ifndef lint 34 1.3 mycroft /*static char sccsid[] = "from: @(#)yp_passwd.c 1.0 2/2/93";*/ 35 1.5.2.1 mycroft static char rcsid[] = "$Id: yp_passwd.c,v 1.5.2.1 1994/08/17 11:07:56 mycroft Exp $"; 36 1.1 brezak #endif /* not lint */ 37 1.1 brezak 38 1.1 brezak #ifdef YP 39 1.1 brezak 40 1.1 brezak #include <stdio.h> 41 1.1 brezak #include <string.h> 42 1.1 brezak #include <netdb.h> 43 1.1 brezak #include <time.h> 44 1.1 brezak #include <pwd.h> 45 1.1 brezak #include <errno.h> 46 1.1 brezak #include <rpc/rpc.h> 47 1.1 brezak #include <rpcsvc/yp_prot.h> 48 1.1 brezak #include <rpcsvc/ypclnt.h> 49 1.1 brezak #define passwd yp_passwd_rec 50 1.1 brezak #include <rpcsvc/yppasswd.h> 51 1.1 brezak #undef passwd 52 1.4 deraadt 53 1.1 brezak #ifndef _PASSWORD_LEN 54 1.1 brezak #define _PASSWORD_LEN PASS_MAX 55 1.1 brezak #endif 56 1.4 deraadt 57 1.1 brezak extern char *progname; 58 1.4 deraadt static char *getnewpasswd(); 59 1.1 brezak static struct passwd *ypgetpwnam(); 60 1.1 brezak 61 1.1 brezak static uid_t uid; 62 1.1 brezak char *domain; 63 1.1 brezak 64 1.4 deraadt static 65 1.4 deraadt pw_error(name, err, eval) 66 1.4 deraadt char *name; 67 1.4 deraadt int err, eval; 68 1.4 deraadt { 69 1.4 deraadt int sverrno; 70 1.4 deraadt 71 1.4 deraadt if (err) { 72 1.4 deraadt sverrno = errno; 73 1.4 deraadt (void)fprintf(stderr, "%s: ", progname); 74 1.4 deraadt if (name) 75 1.4 deraadt (void)fprintf(stderr, "%s: ", name); 76 1.4 deraadt (void)fprintf(stderr, "%s\n", strerror(sverrno)); 77 1.4 deraadt } 78 1.4 deraadt (void)fprintf(stderr, 79 1.4 deraadt "%s: YP passwd database unchanged\n", progname); 80 1.4 deraadt exit(eval); 81 1.4 deraadt } 82 1.4 deraadt 83 1.5 deraadt yp_passwd(username) 84 1.5 deraadt char *username; 85 1.1 brezak { 86 1.4 deraadt char *master; 87 1.4 deraadt char *pp; 88 1.4 deraadt int r, rpcport, status; 89 1.4 deraadt struct yppasswd yppasswd; 90 1.4 deraadt struct passwd *pw; 91 1.1 brezak struct timeval tv; 92 1.1 brezak CLIENT *client; 93 1.4 deraadt 94 1.4 deraadt uid = getuid(); 95 1.4 deraadt 96 1.4 deraadt /* 97 1.4 deraadt * Get local domain 98 1.4 deraadt */ 99 1.4 deraadt if (r = yp_get_default_domain(&domain)) { 100 1.4 deraadt fprintf(stderr, "%s: can't get local YP domain. Reason: %s\n", 101 1.5 deraadt progname, yperr_string(r)); 102 1.4 deraadt exit(1); 103 1.4 deraadt } 104 1.4 deraadt 105 1.4 deraadt /* 106 1.4 deraadt * Find the host for the passwd map; it should be running 107 1.4 deraadt * the daemon. 108 1.4 deraadt */ 109 1.4 deraadt if ((r = yp_master(domain, "passwd.byname", &master)) != 0) { 110 1.5 deraadt fprintf(stderr, 111 1.5 deraadt "%s: can't find the master YP server. Reason: %s\n", 112 1.5 deraadt progname, yperr_string(r)); 113 1.4 deraadt exit(1); 114 1.4 deraadt } 115 1.1 brezak 116 1.4 deraadt /* 117 1.4 deraadt * Ask the portmapper for the port of the daemon. 118 1.4 deraadt */ 119 1.4 deraadt if ((rpcport = getrpcport(master, YPPASSWDPROG, 120 1.4 deraadt YPPASSWDPROC_UPDATE, IPPROTO_UDP)) == 0) { 121 1.5 deraadt fprintf(stderr, 122 1.5 deraadt "%s: master YP server not running yppasswd daemon.\n", 123 1.5 deraadt progname); 124 1.4 deraadt fprintf(stderr, "\tCan't change password.\n"); 125 1.4 deraadt exit(1); 126 1.4 deraadt } 127 1.1 brezak 128 1.4 deraadt /* 129 1.4 deraadt * Be sure the port is priviledged 130 1.4 deraadt */ 131 1.4 deraadt if (rpcport >= IPPORT_RESERVED) { 132 1.5 deraadt fprintf(stderr, "%s: yppasswd daemon is on an invalid port.\n", 133 1.5 deraadt progname); 134 1.4 deraadt exit(1); 135 1.4 deraadt } 136 1.4 deraadt 137 1.4 deraadt /* Get user's login identity */ 138 1.5 deraadt if (!(pw = ypgetpwnam(username))) { 139 1.5 deraadt (void)fprintf(stderr, "%s: unknown user %s.\n", 140 1.5 deraadt progname, username); 141 1.1 brezak exit(1); 142 1.1 brezak } 143 1.4 deraadt 144 1.1 brezak if (uid && uid != pw->pw_uid) { 145 1.4 deraadt fprintf(stderr, 146 1.5 deraadt "%s: you may only change your own password: %s\n", 147 1.5 deraadt progname, strerror(EACCES)); 148 1.1 brezak exit(1); 149 1.1 brezak } 150 1.1 brezak 151 1.4 deraadt /* prompt for new password */ 152 1.4 deraadt yppasswd.newpw.pw_passwd = getnewpasswd(pw, &yppasswd.oldpass); 153 1.1 brezak 154 1.4 deraadt /* tell rpc.yppasswdd */ 155 1.4 deraadt yppasswd.newpw.pw_name = pw->pw_name; 156 1.4 deraadt yppasswd.newpw.pw_uid = pw->pw_uid; 157 1.4 deraadt yppasswd.newpw.pw_gid = pw->pw_gid; 158 1.4 deraadt yppasswd.newpw.pw_gecos = pw->pw_gecos; 159 1.4 deraadt yppasswd.newpw.pw_dir = pw->pw_dir; 160 1.4 deraadt yppasswd.newpw.pw_shell = pw->pw_shell; 161 1.4 deraadt 162 1.4 deraadt client = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp"); 163 1.4 deraadt if (client==NULL) { 164 1.5 deraadt fprintf(stderr, "cannot contact yppasswdd on %s: Reason: %s\n", 165 1.5 deraadt master, yperr_string(YPERR_YPBIND)); 166 1.4 deraadt return(YPERR_YPBIND); 167 1.4 deraadt } 168 1.4 deraadt client->cl_auth = authunix_create_default(); 169 1.4 deraadt tv.tv_sec = 2; 170 1.4 deraadt tv.tv_usec = 0; 171 1.4 deraadt r = clnt_call(client, YPPASSWDPROC_UPDATE, 172 1.4 deraadt xdr_yppasswd, &yppasswd, xdr_int, &status, tv); 173 1.4 deraadt if (r) 174 1.5 deraadt fprintf(stderr, "%s: rpc to yppasswdd failed.\n", progname); 175 1.4 deraadt else if (status) 176 1.4 deraadt printf("Couldn't change YP password.\n"); 177 1.4 deraadt else 178 1.4 deraadt printf("The YP password has been changed on %s, the master YP passwd server.\n", master); 179 1.4 deraadt exit(0); 180 1.1 brezak } 181 1.1 brezak 182 1.1 brezak static char * 183 1.1 brezak getnewpasswd(pw, old_pass) 184 1.1 brezak register struct passwd *pw; 185 1.4 deraadt char **old_pass; 186 1.1 brezak { 187 1.4 deraadt static char buf[_PASSWORD_LEN+1]; 188 1.1 brezak register char *p, *t; 189 1.1 brezak int tries; 190 1.1 brezak char salt[9], *crypt(), *getpass(); 191 1.4 deraadt 192 1.2 brezak (void)printf("Changing YP password for %s.\n", pw->pw_name); 193 1.1 brezak 194 1.5.2.1 mycroft if (old_pass) { 195 1.4 deraadt *old_pass = NULL; 196 1.4 deraadt 197 1.4 deraadt if (pw->pw_passwd && 198 1.4 deraadt strcmp(crypt(p = getpass("Old password:"), pw->pw_passwd), 199 1.4 deraadt pw->pw_passwd)) { 200 1.4 deraadt errno = EACCES; 201 1.4 deraadt pw_error(NULL, 1, 1); 202 1.4 deraadt } 203 1.4 deraadt *old_pass = strdup(p); 204 1.4 deraadt } 205 1.1 brezak for (buf[0] = '\0', tries = 0;;) { 206 1.1 brezak p = getpass("New password:"); 207 1.1 brezak if (!*p) { 208 1.1 brezak (void)printf("Password unchanged.\n"); 209 1.1 brezak pw_error(NULL, 0, 0); 210 1.1 brezak } 211 1.4 deraadt if (strlen(p) <= 5 && ++tries < 2) { 212 1.1 brezak (void)printf("Please enter a longer password.\n"); 213 1.1 brezak continue; 214 1.1 brezak } 215 1.1 brezak for (t = p; *t && islower(*t); ++t); 216 1.4 deraadt if (!*t && ++tries < 2) { 217 1.1 brezak (void)printf("Please don't use an all-lower case password.\nUnusual capitalization, control characters or digits are suggested.\n"); 218 1.1 brezak continue; 219 1.1 brezak } 220 1.1 brezak (void)strcpy(buf, p); 221 1.1 brezak if (!strcmp(buf, getpass("Retype new password:"))) 222 1.1 brezak break; 223 1.1 brezak (void)printf("Mismatch; try again, EOF to quit.\n"); 224 1.1 brezak } 225 1.1 brezak /* grab a random printable character that isn't a colon */ 226 1.1 brezak (void)srandom((int)time((time_t *)NULL)); 227 1.1 brezak #ifdef NEWSALT 228 1.1 brezak salt[0] = _PASSWORD_EFMT1; 229 1.1 brezak to64(&salt[1], (long)(29 * 25), 4); 230 1.1 brezak to64(&salt[5], random(), 4); 231 1.1 brezak #else 232 1.1 brezak to64(&salt[0], random(), 2); 233 1.1 brezak #endif 234 1.1 brezak return(strdup(crypt(buf, salt))); 235 1.1 brezak } 236 1.1 brezak 237 1.1 brezak static char * 238 1.1 brezak pwskip(register char *p) 239 1.1 brezak { 240 1.1 brezak while (*p && *p != ':' && *p != '\n') 241 1.1 brezak ++p; 242 1.1 brezak if (*p) 243 1.1 brezak *p++ = 0; 244 1.1 brezak return (p); 245 1.1 brezak } 246 1.1 brezak 247 1.1 brezak struct passwd * 248 1.1 brezak interpret(struct passwd *pwent, char *line) 249 1.1 brezak { 250 1.1 brezak register char *p = line; 251 1.1 brezak register int c; 252 1.1 brezak 253 1.4 deraadt pwent->pw_passwd = "*"; 254 1.4 deraadt pwent->pw_uid = 0; 255 1.4 deraadt pwent->pw_gid = 0; 256 1.4 deraadt pwent->pw_gecos = ""; 257 1.4 deraadt pwent->pw_dir = ""; 258 1.4 deraadt pwent->pw_shell = ""; 259 1.1 brezak pwent->pw_change = 0; 260 1.1 brezak pwent->pw_expire = 0; 261 1.1 brezak pwent->pw_class = ""; 262 1.4 deraadt 263 1.4 deraadt /* line without colon separators is no good, so ignore it */ 264 1.4 deraadt if(!strchr(p,':')) 265 1.4 deraadt return(NULL); 266 1.1 brezak 267 1.1 brezak pwent->pw_name = p; 268 1.1 brezak p = pwskip(p); 269 1.1 brezak pwent->pw_passwd = p; 270 1.1 brezak p = pwskip(p); 271 1.1 brezak pwent->pw_uid = (uid_t)strtoul(p, NULL, 10); 272 1.1 brezak p = pwskip(p); 273 1.1 brezak pwent->pw_gid = (gid_t)strtoul(p, NULL, 10); 274 1.1 brezak p = pwskip(p); 275 1.1 brezak pwent->pw_gecos = p; 276 1.1 brezak p = pwskip(p); 277 1.1 brezak pwent->pw_dir = p; 278 1.1 brezak p = pwskip(p); 279 1.1 brezak pwent->pw_shell = p; 280 1.1 brezak while (*p && *p != '\n') 281 1.1 brezak p++; 282 1.1 brezak *p = '\0'; 283 1.1 brezak return (pwent); 284 1.1 brezak } 285 1.1 brezak 286 1.1 brezak static struct passwd * 287 1.1 brezak ypgetpwnam(nam) 288 1.4 deraadt char *nam; 289 1.1 brezak { 290 1.4 deraadt static struct passwd pwent; 291 1.4 deraadt static char line[1024]; 292 1.4 deraadt char *val; 293 1.4 deraadt int reason, vallen; 294 1.4 deraadt 295 1.4 deraadt reason = yp_match(domain, "passwd.byname", nam, strlen(nam), 296 1.4 deraadt &val, &vallen); 297 1.4 deraadt switch(reason) { 298 1.4 deraadt case 0: 299 1.4 deraadt break; 300 1.4 deraadt default: 301 1.4 deraadt return (NULL); 302 1.4 deraadt break; 303 1.4 deraadt } 304 1.4 deraadt val[vallen] = '\0'; 305 1.4 deraadt strcpy(line, val); 306 1.4 deraadt free(val); 307 1.1 brezak 308 1.4 deraadt return(interpret(&pwent, line)); 309 1.1 brezak } 310 1.1 brezak 311 1.1 brezak #endif /* YP */ 312
Indexes created Fri Oct 31 11:10:07 GMT 2025