yp_passwd.c revision 1.13
1 /* $NetBSD: yp_passwd.c,v 1.13 1997/02/22 01:50:48 thorpej Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1990, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by the University of 18 * California, Berkeley and its contributors. 19 * 4. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "from: @(#)local_passwd.c 8.3 (Berkeley) 4/2/94"; 39 #else 40 static char rcsid[] = "$NetBSD: yp_passwd.c,v 1.13 1997/02/22 01:50:48 thorpej Exp $"; 41 #endif 42 #endif /* not lint */ 43 44 #ifdef YP 45 46 #include <err.h> 47 #include <stdio.h> 48 #include <string.h> 49 #include <netdb.h> 50 #include <time.h> 51 #include <pwd.h> 52 #include <errno.h> 53 #include <rpc/rpc.h> 54 #include <rpcsvc/yp_prot.h> 55 #include <rpcsvc/ypclnt.h> 56 #define passwd yp_passwd_rec 57 #include <rpcsvc/yppasswd.h> 58 #undef passwd 59 60 #ifndef _PASSWORD_LEN 61 #define _PASSWORD_LEN PASS_MAX 62 #endif 63 64 extern char *__progname; /* from crt0.o */ 65 66 extern int yflag, yppwd; 67 68 static char *getnewpasswd(); 69 static struct passwd *ypgetpwnam(); 70 71 static uid_t uid; 72 char *domain; 73 74 static 75 pw_error(name, err, eval) 76 char *name; 77 int err, eval; 78 { 79 int sverrno; 80 81 if (err) { 82 sverrno = errno; 83 (void)fprintf(stderr, "%s: ", __progname); 84 if (name) 85 (void)fprintf(stderr, "%s: ", name); 86 (void)fprintf(stderr, "%s\n", strerror(sverrno)); 87 } 88 errx(eval, "YP passwd database unchanged"); 89 } 90 91 int 92 yp_passwd(username) 93 char *username; 94 { 95 char *master; 96 char *pp; 97 int r, rpcport, status; 98 struct yppasswd yppasswd; 99 struct passwd *pw; 100 struct timeval tv; 101 CLIENT *client; 102 103 uid = getuid(); 104 105 /* 106 * Get local domain 107 */ 108 if (r = yp_get_default_domain(&domain)) 109 errx(1, "can't get local YP domain. Reason: %s", 110 yperr_string(r)); 111 112 /* 113 * Find the host for the passwd map; it should be running 114 * the daemon. 115 */ 116 if ((r = yp_master(domain, "passwd.byname", &master)) != 0) 117 errx(1, "can't find the master YP server. Reason: %s", 118 yperr_string(r)); 119 120 /* 121 * Ask the portmapper for the port of the daemon. 122 */ 123 if ((rpcport = getrpcport(master, YPPASSWDPROG, 124 YPPASSWDPROC_UPDATE, IPPROTO_UDP)) == 0) { 125 /* 126 * Master server isn't running rpc.yppasswdd. Check to see 127 * if there's a local passwd entry, and if there is, use 128 * it iff: 129 * - we were not invoked as "yppasswd" 130 * - we were not passed "-y", and defaulted to YP 131 */ 132 if (yppwd == 0 && yflag == 0) 133 if (getpwnam(username) != NULL) 134 exit(local_passwd(username)); 135 errx(1, "master YP server not running yppasswd daemon.\n\t%s\n", 136 "Can't change password."); 137 } 138 139 /* 140 * Be sure the port is priviledged 141 */ 142 if (rpcport >= IPPORT_RESERVED) 143 errx(1, "yppasswd daemon is on an invalid port."); 144 145 /* Get user's login identity */ 146 if (!(pw = ypgetpwnam(username))) 147 errx(1, "unknown user %s", username); 148 149 if (uid && uid != pw->pw_uid) 150 errx(1, "you may only change your own password: %s", 151 strerror(EACCES)); 152 153 /* prompt for new password */ 154 yppasswd.newpw.pw_passwd = getnewpasswd(pw, &yppasswd.oldpass); 155 156 /* tell rpc.yppasswdd */ 157 yppasswd.newpw.pw_name = pw->pw_name; 158 yppasswd.newpw.pw_uid = pw->pw_uid; 159 yppasswd.newpw.pw_gid = pw->pw_gid; 160 yppasswd.newpw.pw_gecos = pw->pw_gecos; 161 yppasswd.newpw.pw_dir = pw->pw_dir; 162 yppasswd.newpw.pw_shell = pw->pw_shell; 163 164 client = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp"); 165 if (client==NULL) { 166 warnx("cannot contact yppasswdd on %s: Reason: %s", 167 master, yperr_string(YPERR_YPBIND)); 168 return(YPERR_YPBIND); 169 } 170 171 client->cl_auth = authunix_create_default(); 172 tv.tv_sec = 2; 173 tv.tv_usec = 0; 174 r = clnt_call(client, YPPASSWDPROC_UPDATE, 175 xdr_yppasswd, &yppasswd, xdr_int, &status, tv); 176 if (r) 177 errx(1, "rpc to yppasswdd failed."); 178 else if (status) 179 printf("Couldn't change YP password.\n"); 180 else 181 printf("The YP password has been changed on %s, %s\n", 182 master, "the master YP passwd server."); 183 exit(0); 184 } 185 186 static char * 187 getnewpasswd(pw, old_pass) 188 struct passwd *pw; 189 char **old_pass; 190 { 191 int tries; 192 char *p, *t; 193 static char buf[_PASSWORD_LEN+1]; 194 char salt[9], *crypt(), *getpass(); 195 196 (void)printf("Changing YP password for %s.\n", pw->pw_name); 197 198 if (old_pass) { 199 *old_pass = NULL; 200 201 if (pw->pw_passwd[0]) { 202 if (strcmp(crypt(p = getpass("Old password:"), 203 pw->pw_passwd), pw->pw_passwd)) { 204 errno = EACCES; 205 pw_error(NULL, 1, 1); 206 } 207 } else { 208 p = ""; 209 } 210 211 *old_pass = strdup(p); 212 } 213 for (buf[0] = '\0', tries = 0;;) { 214 p = getpass("New password:"); 215 if (!*p) { 216 (void)printf("Password unchanged.\n"); 217 pw_error(NULL, 0, 0); 218 } 219 if (strlen(p) <= 5 && ++tries < 2) { 220 (void)printf("Please enter a longer password.\n"); 221 continue; 222 } 223 for (t = p; *t && islower(*t); ++t); 224 if (!*t && ++tries < 2) { 225 (void)printf("Please don't use an all-lower case " 226 "password.\nUnusual capitalization, " 227 "control characters or digits are " 228 "suggested.\n"); 229 continue; 230 } 231 (void)strncpy(buf, p, sizeof(buf) - 1); 232 if (!strcmp(buf, getpass("Retype new password:"))) 233 break; 234 (void)printf("Mismatch; try again, EOF to quit.\n"); 235 } 236 /* grab a random printable character that isn't a colon */ 237 (void)srandom((int)time((time_t *)NULL)); 238 #ifdef NEWSALT 239 salt[0] = _PASSWORD_EFMT1; 240 to64(&salt[1], (long)(29 * 25), 4); 241 to64(&salt[5], random(), 4); 242 #else 243 to64(&salt[0], random(), 2); 244 #endif 245 return(strdup(crypt(buf, salt))); 246 } 247 248 static char * 249 pwskip(register char *p) 250 { 251 while (*p && *p != ':' && *p != '\n') 252 ++p; 253 if (*p) 254 *p++ = 0; 255 return (p); 256 } 257 258 struct passwd * 259 interpret(struct passwd *pwent, char *line) 260 { 261 register char *p = line; 262 register int c; 263 264 pwent->pw_passwd = "*"; 265 pwent->pw_uid = 0; 266 pwent->pw_gid = 0; 267 pwent->pw_gecos = ""; 268 pwent->pw_dir = ""; 269 pwent->pw_shell = ""; 270 pwent->pw_change = 0; 271 pwent->pw_expire = 0; 272 pwent->pw_class = ""; 273 274 /* line without colon separators is no good, so ignore it */ 275 if(!strchr(p,':')) 276 return(NULL); 277 278 pwent->pw_name = p; 279 p = pwskip(p); 280 pwent->pw_passwd = p; 281 p = pwskip(p); 282 pwent->pw_uid = (uid_t)strtoul(p, NULL, 10); 283 p = pwskip(p); 284 pwent->pw_gid = (gid_t)strtoul(p, NULL, 10); 285 p = pwskip(p); 286 pwent->pw_gecos = p; 287 p = pwskip(p); 288 pwent->pw_dir = p; 289 p = pwskip(p); 290 pwent->pw_shell = p; 291 while (*p && *p != '\n') 292 p++; 293 *p = '\0'; 294 return (pwent); 295 } 296 297 static struct passwd * 298 ypgetpwnam(nam) 299 char *nam; 300 { 301 static struct passwd pwent; 302 static char line[1024]; 303 char *val; 304 int reason, vallen; 305 306 reason = yp_match(domain, "passwd.byname", nam, strlen(nam), 307 &val, &vallen); 308 switch(reason) { 309 case 0: 310 break; 311 default: 312 return (NULL); 313 break; 314 } 315 val[vallen] = '\0'; 316 (void)strncpy(line, val, sizeof(line) - 1); 317 free(val); 318 319 return(interpret(&pwent, line)); 320 } 321 322 #endif /* YP */ 323
Indexes created Tue Sep 30 20:09:53 GMT 2025