yp_passwd.c revision 1.8
1 /* 2 * Copyright (c) 1988 The Regents of the University of California. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 #ifndef lint 34 /*static char sccsid[] = "from: @(#)yp_passwd.c 1.0 2/2/93";*/ 35 static char rcsid[] = "$Id: yp_passwd.c,v 1.8 1995/02/08 19:54:12 phil Exp $"; 36 #endif /* not lint */ 37 38 #ifdef YP 39 40 #include <stdio.h> 41 #include <string.h> 42 #include <netdb.h> 43 #include <time.h> 44 #include <pwd.h> 45 #include <errno.h> 46 #include <rpc/rpc.h> 47 #include <rpcsvc/yp_prot.h> 48 #include <rpcsvc/ypclnt.h> 49 #define passwd yp_passwd_rec 50 #include <rpcsvc/yppasswd.h> 51 #undef passwd 52 53 #ifndef _PASSWORD_LEN 54 #define _PASSWORD_LEN PASS_MAX 55 #endif 56 57 extern char *progname; 58 static char *getnewpasswd(); 59 static struct passwd *ypgetpwnam(); 60 61 static uid_t uid; 62 char *domain; 63 64 static 65 pw_error(name, err, eval) 66 char *name; 67 int err, eval; 68 { 69 int sverrno; 70 71 if (err) { 72 sverrno = errno; 73 (void)fprintf(stderr, "%s: ", progname); 74 if (name) 75 (void)fprintf(stderr, "%s: ", name); 76 (void)fprintf(stderr, "%s\n", strerror(sverrno)); 77 } 78 (void)fprintf(stderr, 79 "%s: YP passwd database unchanged\n", progname); 80 exit(eval); 81 } 82 83 yp_passwd(username) 84 char *username; 85 { 86 char *master; 87 char *pp; 88 int r, rpcport, status; 89 struct yppasswd yppasswd; 90 struct passwd *pw; 91 struct timeval tv; 92 CLIENT *client; 93 94 uid = getuid(); 95 96 /* 97 * Get local domain 98 */ 99 if (r = yp_get_default_domain(&domain)) { 100 fprintf(stderr, "%s: can't get local YP domain. Reason: %s\n", 101 progname, yperr_string(r)); 102 exit(1); 103 } 104 105 /* 106 * Find the host for the passwd map; it should be running 107 * the daemon. 108 */ 109 if ((r = yp_master(domain, "passwd.byname", &master)) != 0) { 110 fprintf(stderr, 111 "%s: can't find the master YP server. Reason: %s\n", 112 progname, yperr_string(r)); 113 exit(1); 114 } 115 116 /* 117 * Ask the portmapper for the port of the daemon. 118 */ 119 if ((rpcport = getrpcport(master, YPPASSWDPROG, 120 YPPASSWDPROC_UPDATE, IPPROTO_UDP)) == 0) { 121 fprintf(stderr, 122 "%s: master YP server not running yppasswd daemon.\n", 123 progname); 124 fprintf(stderr, "\tCan't change password.\n"); 125 exit(1); 126 } 127 128 /* 129 * Be sure the port is priviledged 130 */ 131 if (rpcport >= IPPORT_RESERVED) { 132 fprintf(stderr, "%s: yppasswd daemon is on an invalid port.\n", 133 progname); 134 exit(1); 135 } 136 137 /* Get user's login identity */ 138 if (!(pw = ypgetpwnam(username))) { 139 (void)fprintf(stderr, "%s: unknown user %s.\n", 140 progname, username); 141 exit(1); 142 } 143 144 if (uid && uid != pw->pw_uid) { 145 fprintf(stderr, 146 "%s: you may only change your own password: %s\n", 147 progname, strerror(EACCES)); 148 exit(1); 149 } 150 151 /* prompt for new password */ 152 yppasswd.newpw.pw_passwd = getnewpasswd(pw, &yppasswd.oldpass); 153 154 /* tell rpc.yppasswdd */ 155 yppasswd.newpw.pw_name = pw->pw_name; 156 yppasswd.newpw.pw_uid = pw->pw_uid; 157 yppasswd.newpw.pw_gid = pw->pw_gid; 158 yppasswd.newpw.pw_gecos = pw->pw_gecos; 159 yppasswd.newpw.pw_dir = pw->pw_dir; 160 yppasswd.newpw.pw_shell = pw->pw_shell; 161 162 client = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp"); 163 if (client==NULL) { 164 fprintf(stderr, "cannot contact yppasswdd on %s: Reason: %s\n", 165 master, yperr_string(YPERR_YPBIND)); 166 return(YPERR_YPBIND); 167 } 168 client->cl_auth = authunix_create_default(); 169 tv.tv_sec = 2; 170 tv.tv_usec = 0; 171 r = clnt_call(client, YPPASSWDPROC_UPDATE, 172 xdr_yppasswd, &yppasswd, xdr_int, &status, tv); 173 if (r) 174 fprintf(stderr, "%s: rpc to yppasswdd failed.\n", progname); 175 else if (status) 176 printf("Couldn't change YP password.\n"); 177 else 178 printf("The YP password has been changed on %s, the master YP passwd server.\n", master); 179 exit(0); 180 } 181 182 static char * 183 getnewpasswd(pw, old_pass) 184 register struct passwd *pw; 185 char **old_pass; 186 { 187 static char buf[_PASSWORD_LEN+1]; 188 register char *p, *t; 189 int tries; 190 char salt[9], *crypt(), *getpass(); 191 192 (void)printf("Changing YP password for %s.\n", pw->pw_name); 193 194 if (old_pass) { 195 *old_pass = NULL; 196 197 if (pw->pw_passwd[0]) { 198 if (strcmp(crypt(p = getpass("Old password:"), 199 pw->pw_passwd), pw->pw_passwd)) { 200 errno = EACCES; 201 pw_error(NULL, 1, 1); 202 } 203 } else { 204 p = ""; 205 } 206 207 *old_pass = strdup(p); 208 } 209 for (buf[0] = '\0', tries = 0;;) { 210 p = getpass("New password:"); 211 if (!*p) { 212 (void)printf("Password unchanged.\n"); 213 pw_error(NULL, 0, 0); 214 } 215 if (strlen(p) <= 5 && ++tries < 2) { 216 (void)printf("Please enter a longer password.\n"); 217 continue; 218 } 219 for (t = p; *t && islower(*t); ++t); 220 if (!*t && ++tries < 2) { 221 (void)printf("Please don't use an all-lower case password.\nUnusual capitalization, control characters or digits are suggested.\n"); 222 continue; 223 } 224 (void)strcpy(buf, p); 225 if (!strcmp(buf, getpass("Retype new password:"))) 226 break; 227 (void)printf("Mismatch; try again, EOF to quit.\n"); 228 } 229 /* grab a random printable character that isn't a colon */ 230 (void)srandom((int)time((time_t *)NULL)); 231 #ifdef NEWSALT 232 salt[0] = _PASSWORD_EFMT1; 233 to64(&salt[1], (long)(29 * 25), 4); 234 to64(&salt[5], random(), 4); 235 #else 236 to64(&salt[0], random(), 2); 237 #endif 238 return(strdup(crypt(buf, salt))); 239 } 240 241 static char * 242 pwskip(register char *p) 243 { 244 while (*p && *p != ':' && *p != '\n') 245 ++p; 246 if (*p) 247 *p++ = 0; 248 return (p); 249 } 250 251 struct passwd * 252 interpret(struct passwd *pwent, char *line) 253 { 254 register char *p = line; 255 register int c; 256 257 pwent->pw_passwd = "*"; 258 pwent->pw_uid = 0; 259 pwent->pw_gid = 0; 260 pwent->pw_gecos = ""; 261 pwent->pw_dir = ""; 262 pwent->pw_shell = ""; 263 pwent->pw_change = 0; 264 pwent->pw_expire = 0; 265 pwent->pw_class = ""; 266 267 /* line without colon separators is no good, so ignore it */ 268 if(!strchr(p,':')) 269 return(NULL); 270 271 pwent->pw_name = p; 272 p = pwskip(p); 273 pwent->pw_passwd = p; 274 p = pwskip(p); 275 pwent->pw_uid = (uid_t)strtoul(p, NULL, 10); 276 p = pwskip(p); 277 pwent->pw_gid = (gid_t)strtoul(p, NULL, 10); 278 p = pwskip(p); 279 pwent->pw_gecos = p; 280 p = pwskip(p); 281 pwent->pw_dir = p; 282 p = pwskip(p); 283 pwent->pw_shell = p; 284 while (*p && *p != '\n') 285 p++; 286 *p = '\0'; 287 return (pwent); 288 } 289 290 static struct passwd * 291 ypgetpwnam(nam) 292 char *nam; 293 { 294 static struct passwd pwent; 295 static char line[1024]; 296 char *val; 297 int reason, vallen; 298 299 reason = yp_match(domain, "passwd.byname", nam, strlen(nam), 300 &val, &vallen); 301 switch(reason) { 302 case 0: 303 break; 304 default: 305 return (NULL); 306 break; 307 } 308 val[vallen] = '\0'; 309 strcpy(line, val); 310 free(val); 311 312 return(interpret(&pwent, line)); 313 } 314 315 #endif /* YP */ 316
Indexes created Tue Sep 30 20:09:53 GMT 2025