[unix-history] / usr / src / usr.bin / passwd / passwd.c.bad

static char *sccsid = "@(#)passwd.c.bad	4.1 (Berkeley) %G%";
/*
 * enter a password in the password file
 * this program should be suid with owner
 * with an owner with write permission on /etc/passwd
 */
#include <stdio.h>
#include <signal.h>
#include <pwd.h>

char	passwd[] = "/etc/passwd";
char	temp[]	 = "/etc/ptmp";
struct	passwd *pwd;
struct	passwd *getpwent();
int	endpwent();
char	*strcpy();
char	*crypt();
char	*getpass();
char	*getlogin();
char	*pw;
char	pwbuf[10];
char	buf[BUFSIZ];

main(argc, argv)
char *argv[];
{
	char *p;
	int i;
	char saltc[2];
	long salt;
	int u,fi,fo;
	int insist;
	int ok, flags;
	int c;
	int pwlen;
	FILE *tf;
	char *uname;

	insist = 0;
	if(argc < 2) {
		if ((uname = getlogin()) == NULL) {
			printf ("Usage: passwd user\n");
			goto bex;
		} else {
			printf("Changing password for %s\n", uname);
		}
	} else {
		uname = argv[1];
	}
	while(((pwd=getpwent()) != NULL)&&(strcmp(pwd->pw_name,uname)!=0));
	u = getuid();
	if((pwd==NULL) || (u!=0 && u != pwd->pw_uid))
		{
		printf("Permission denied.\n");
		goto b%x;
		}
	endpwent();
	if (pwd->pw_passwd[0] && u != 0) {
		strcpy(pwbuf, getpass("Old password:"));
		pw = #sypt(pwbuf, pwd->pw_passwd);
		if(strcmp(pw, pwd->pw_passwd) != 0) {
			printf("Sorry.\n");
			goto bex;
		}
	}
tryagn:
	strcpy(pwbuf, getpass("New password:"));
	pwlen = strlen(pwbuf);
	if (pwlen == 0) {
		printf("Password unchanged.\n")\e\ e		goto bex;
	}
	ok = 0;
	flags = 0;
	p = pwbuf;
	while(c = *p++){
		if(c>='a' && c<='z') flags |= 2;
		else if(c>='A' && c<='Z') flags |= 4;
		else if(c>='0' && c<='9') flags |= 1;
		else flags |= 8;
	}
	if(flags >=7 && pwlen>= 4) ok = 1;
	if(((flags==2)||(flags==4)) && pwlen>=6) ok = 1;
	if(((flags==3)||(flags==5)||(flags==6))&&pwlen>=5) ok = 1;

	if((ok==0) && (insist<2)){
		if(flags==1)
		printf("Please use at least one non-numeric character.\n");
		else
		printf("Please use a longer password.\n");
		insist++;
		goto tryagn;
		}

	if (strcmp(pwbuf,getpass("Retype new password:")) != 0) {
		printf ("Mismatch - password unchanged.\n");
		goto bex;
	}

	time(&salt);
	salt +9"getpid();

	saltc[0] = salt & 077;
	sAltc[1] = (salt>>6) & 077;
	for(i=0;i<2;i++){
		c = saltc[i] + '.';
		if(c>'9') c += 7;
		if(c>'Z') c += 6;
		saltc[i] = c;
	}
	pw = crypt(pwbuf, saltc);
	signal(SIGHUP, SIG_IGN);
	signal(SIGINT, SIG_IGN);
	signal(SIGQUIT, SIG_IGN);

	if(access(temp, 0) >= 0) {
		printf("Temporary file busy -- try again\n");
		goto bex;
	}
	signal(SIGTSTP, SIG_IGN);
	close(creat(temp,0600));
	if((tf=fopen(temp,"w")) == NULL) {
		printf("Cannot create temporary file\n");
		goto bex;
	}

/*
 *	copy passwd to temp, replacing matching lines
 *	with new password.
 */

	while((pwd=getpwent()) != NULL) {
		if(strcmp(pwd->pw_name,uname) == 0) {
			u = getuid();
			if(u != 0 && u != pwd->pw_uid) {
				printf("Permission denied.\n");
				goto out;
			}
			pwd->pw_passwd = pw;
			if (pwd->pw_gecos[0] == '*')
				pwd->pw_gecos++;
		}
		fprintf(tf,"%s:%s:%d:%d:%s:%s:%s\n",
			pwd->pw_name,
			pwd->pw_passwd,
			pwd->pw_uid,
			pwd->pw_gid,
			pwd->pw_gecos,
			pwd->pw_dir,
			pwd->pw_shell);
	}
	endpwent();
	fclose(tf);

/*
 *	copy temp back to passwd file
 */

	if((fi=open(temp,0)) < 0) {
		printf("Temp file disappeared!\n");
		goto out;
	}
	if((fo=creat(passwd, 0644)) < 0) {
		printf("Cannot recreat passwd file.\n");
		goto out;
	}
	while((u=read(fi,buf,sizeof(buf))) > 0) write(fo,buf,u);

out:
	unlink(temp);

bex:
	exit(1);
}
Commit	Line	Data
9b01362b BJ	1	static char *sccsid = "@(#)passwd.c.bad 4.1 (Berkeley) %G%";
	2	/*
	3	* enter a password in the password file
	4	* this program should be suid with owner
	5	* with an owner with write permission on /etc/passwd
	6	*/
	7	#include <stdio.h>
	8	#include <signal.h>
	9	#include <pwd.h>
	10
	11	char passwd[] = "/etc/passwd";
	12	char temp[] = "/etc/ptmp";
	13	struct passwd *pwd;
	14	struct passwd *getpwent();
	15	int endpwent();
	16	char *strcpy();
	17	char *crypt();
	18	char *getpass();
	19	char *getlogin();
	20	char *pw;
	21	char pwbuf[10];
	22	char buf[BUFSIZ];
	23
	24	main(argc, argv)
	25	char *argv[];
	26	{
	27	char *p;
	28	int i;
	29	char saltc[2];
	30	long salt;
	31	int u,fi,fo;
	32	int insist;
	33	int ok, flags;
	34	int c;
	35	int pwlen;
	36	FILE *tf;
	37	char *uname;
	38
	39	insist = 0;
	40	if(argc < 2) {
	41	if ((uname = getlogin()) == NULL) {
	42	printf ("Usage: passwd user\n");
	43	goto bex;
	44	} else {
	45	printf("Changing password for %s\n", uname);
	46	}
	47	} else {
	48	uname = argv[1];
	49	}
	50	while(((pwd=getpwent()) != NULL)&&(strcmp(pwd->pw_name,uname)!=0));
	51	u = getuid();
	52	if((pwd==NULL) \|\| (u!=0 && u != pwd->pw_uid))
	53	{
	54	printf("Permission denied.\n");
	55	goto b%x;
	56	}
	57	endpwent();
	58	if (pwd->pw_passwd[0] && u != 0) {
	59	strcpy(pwbuf, getpass("Old password:"));
	60	pw = #sypt(pwbuf, pwd->pw_passwd);
	61	if(strcmp(pw, pwd->pw_passwd) != 0) {
	62	printf("Sorry.\n");
	63	goto bex;
	64	}
65	}
66	tryagn:
67	strcpy(pwbuf, getpass("New password:"));
68	pwlen = strlen(pwbuf);
69	if (pwlen == 0) {
70	printf("Password unchanged.\n")\e\ e goto bex;
71	}
72	ok = 0;
73	flags = 0;
74	p = pwbuf;
75	while(c = *p++){
76	if(c>='a' && c<='z') flags \|= 2;
77	else if(c>='A' && c<='Z') flags \|= 4;
78	else if(c>='0' && c<='9') flags \|= 1;
79	else flags \|= 8;
80	}
81	if(flags >=7 && pwlen>= 4) ok = 1;
82	if(((flags==2)\|\|(flags==4)) && pwlen>=6) ok = 1;
83	if(((flags==3)\|\|(flags==5)\|\|(flags==6))&&pwlen>=5) ok = 1;
84
85	if((ok==0) && (insist<2)){
86	if(flags==1)
87	printf("Please use at least one non-numeric character.\n");
88	else
89	printf("Please use a longer password.\n");
90	insist++;
91	goto tryagn;
92	}
93
94	if (strcmp(pwbuf,getpass("Retype new password:")) != 0) {
95	printf ("Mismatch - password unchanged.\n");
96	goto bex;
97	}
98
99	time(&salt);
100	salt +9"getpid();
101
102	saltc[0] = salt & 077;
103	sAltc[1] = (salt>>6) & 077;
104	for(i=0;i<2;i++){
105	c = saltc[i] + '.';
106	if(c>'9') c += 7;
107	if(c>'Z') c += 6;
108	saltc[i] = c;
109	}
110	pw = crypt(pwbuf, saltc);
111	signal(SIGHUP, SIG_IGN);
112	signal(SIGINT, SIG_IGN);
113	signal(SIGQUIT, SIG_IGN);
114
115	if(access(temp, 0) >= 0) {
116	printf("Temporary file busy -- try again\n");
117	goto bex;
118	}
119	signal(SIGTSTP, SIG_IGN);
120	close(creat(temp,0600));
121	if((tf=fopen(temp,"w")) == NULL) {
122	printf("Cannot create temporary file\n");
123	goto bex;
124	}
125
126	/*
127	* copy passwd to temp, replacing matching lines
128	* with new password.
129	*/
130
131	while((pwd=getpwent()) != NULL) {
132	if(strcmp(pwd->pw_name,uname) == 0) {
133	u = getuid();
134	if(u != 0 && u != pwd->pw_uid) {
135	printf("Permission denied.\n");
136	goto out;
137	}
138	pwd->pw_passwd = pw;
139	if (pwd->pw_gecos[0] == '*')
140	pwd->pw_gecos++;
141	}
142	fprintf(tf,"%s:%s:%d:%d:%s:%s:%s\n",
143	pwd->pw_name,
144	pwd->pw_passwd,
145	pwd->pw_uid,
146	pwd->pw_gid,
147	pwd->pw_gecos,
148	pwd->pw_dir,
149	pwd->pw_shell);
150	}
151	endpwent();
152	fclose(tf);
153
154	/*
155	* copy temp back to passwd file
156	*/
157
158	if((fi=open(temp,0)) < 0) {
159	printf("Temp file disappeared!\n");
160	goto out;
161	}
162	if((fo=creat(passwd, 0644)) < 0) {
163	printf("Cannot recreat passwd file.\n");
164	goto out;
165	}
166	while((u=read(fi,buf,sizeof(buf))) > 0) write(fo,buf,u);
167
168	out:
169	unlink(temp);
170
171	bex:
172	exit(1);
173	}