[unix-history] / usr / src / usr.bin / passwd / passwd.c

#ifndef lint
static char sccsid[] = "@(#)passwd.c	4.3 (Berkeley) %G%";
#endif

/*
 * Enter a password in the password file.
 * This program should be suid with an owner
 * with write permission on /etc/passwd.
 */
#include <sys/file.h>

#include <stdio.h>
#include <signal.h>
#include <pwd.h>
#include <errno.h>

char	passwd[] = "/etc/passwd";
char	temp[]	 = "/etc/ptmp";
struct	passwd *pwd;
struct	passwd *getpwent();
int	endpwent();
char	*strcpy();
char	*crypt();
char	*getpass();
char	*getlogin();
char	*pw;
char	pwbuf[10];
extern	int errno;

main(argc, argv)
	char *argv[];
{
	char *p;
	int i;
	char saltc[2];
	long salt;
	int u;
	int insist;
	int ok, flags;
	int c, pwlen, fd;
	FILE *tf;
	char *uname;

	insist = 0;
	if (argc < 2) {
		if ((uname = getlogin()) == NULL) {
			printf ("Usage: passwd user\n");
			exit(1);
		}
		printf("Changing password for %s\n", uname);
	} else
		uname = argv[1];
	while (((pwd = getpwent()) != NULL) && strcmp(pwd->pw_name, uname))
		;
	u = getuid();
	if (pwd == NULL || (u != 0 && u != pwd->pw_uid)) {
		printf("Permission denied.\n");
		exit(1);
	}
	endpwent();
	if (pwd->pw_passwd[0] && u != 0) {
		strcpy(pwbuf, getpass("Old password:"));
		pw = crypt(pwbuf, pwd->pw_passwd);
		if (strcmp(pw, pwd->pw_passwd) != 0) {
			printf("Sorry.\n");
			exit(1);
		}
	}
tryagain:
	strcpy(pwbuf, getpass("New password:"));
	pwlen = strlen(pwbuf);
	if (pwlen == 0) {
		printf("Password unchanged.\n");
		exit(1);
	}
	/*
	 * Insure password is of reasonable length and
	 * composition.  If we really wanted to make things
	 * sticky, we could check the dictionary for common
	 * words, but then things would really be slow.
	 */
	ok = 0;
	flags = 0;
	p = pwbuf;
	while (c = *p++) {
		if (c >= 'a' && c <= 'z')
			flags |= 2;
		else if (c >= 'A' && c <= 'Z')
			flags |= 4;
		else if (c >= '0' && c <= '9')
			flags |= 1;
		else
			flags |= 8;
	}
	if (flags >= 7 && pwlen >= 4)
		ok = 1;
	if ((flags == 2 || flags == 4) && pwlen >= 6)
		ok = 1;
	if ((flags == 3 || flags == 5 || flags == 6) && pwlen >= 5)
		ok = 1;
	if (!ok && insist < 2) {
		printf("Please use %s.\n", flags == 1 ?
			"at least one non-numeric character" :
			"a longer password");
		insist++;
		goto tryagain;
	}
	if (strcmp(pwbuf, getpass("Retype new password:")) != 0) {
		printf("Mismatch - password unchanged.\n");
		exit(1);
	}
	time(&salt);
	salt = 9 * getpid();
	saltc[0] = salt & 077;
	saltc[1] = (salt>>6) & 077;
	for (i = 0; i < 2; i++) {
		c = saltc[i] + '.';
		if (c > '9')
			c += 7;
		if (c > 'Z')
			c += 6;
		saltc[i] = c;
	}
	pw = crypt(pwbuf, saltc);
	signal(SIGHUP, SIG_IGN);
	signal(SIGINT, SIG_IGN);
	signal(SIGQUIT, SIG_IGN);
	fd = open(temp, O_WRONLY|O_CREAT|O_EXCL, 0644);
	if (fd < 0) {
		fprintf(stderr, "passwd: ");
		if (errno == EEXIST)
			fprintf(stderr, "password file busy - try again.\n");
		else
			perror(temp);
		exit(1);
	}
	signal(SIGTSTP, SIG_IGN);
	if ((tf = fdopen(fd, "w")) == NULL) {
		fprintf(stderr, "passwd: fdopen failed?\n");
		exit(1);
	}
	/*
	 * Copy passwd to temp, replacing matching lines
	 * with new password.
	 */
	while ((pwd = getpwent()) != NULL) {
		if (strcmp(pwd->pw_name,uname) == 0) {
			u = getuid();
			if (u && u != pwd->pw_uid) {
				fprintf(stderr, "passwd: permission denied.\n");
				unlink(temp);
				exit(1);
			}
			pwd->pw_passwd = pw;
			if (pwd->pw_gecos[0] == '*')
				pwd->pw_gecos++;
		}
		fprintf(tf,"%s:%s:%d:%d:%s:%s:%s\n",
			pwd->pw_name,
			pwd->pw_passwd,
			pwd->pw_uid,
			pwd->pw_gid,
			pwd->pw_gecos,
			pwd->pw_dir,
			pwd->pw_shell);
	}
	endpwent();
	if (rename(temp, passwd) < 0) {
		fprintf(stderr, "passwd: "); perror("rename");
		unlink(temp);
		exit(1);
	}
	fclose(tf);
}
Commit	Line	Data
252e456d	1	#ifndef lint
9a59f452	2	static char sccsid[] = "@(#)passwd.c 4.3 (Berkeley) %G%";
252e456d SL	3	#endif
	4
	5	/*
9a59f452 SL	6	* Enter a password in the password file.
	7	* This program should be suid with an owner
	8	* with write permission on /etc/passwd.
252e456d SL	9	*/
	10	#include <sys/file.h>
	11
	12	#include <stdio.h>
	13	#include <signal.h>
	14	#include <pwd.h>
	15	#include <errno.h>
	16
	17	char passwd[] = "/etc/passwd";
	18	char temp[] = "/etc/ptmp";
	19	struct passwd *pwd;
	20	struct passwd *getpwent();
	21	int endpwent();
	22	char *strcpy();
	23	char *crypt();
	24	char *getpass();
	25	char *getlogin();
	26	char *pw;
	27	char pwbuf[10];
	28	extern int errno;
	29
	30	main(argc, argv)
	31	char *argv[];
	32	{
	33	char *p;
	34	int i;
	35	char saltc[2];
	36	long salt;
	37	int u;
	38	int insist;
	39	int ok, flags;
	40	int c, pwlen, fd;
	41	FILE *tf;
	42	char *uname;
	43
	44	insist = 0;
	45	if (argc < 2) {
	46	if ((uname = getlogin()) == NULL) {
	47	printf ("Usage: passwd user\n");
	48	exit(1);
	49	}
	50	printf("Changing password for %s\n", uname);
	51	} else
	52	uname = argv[1];
	53	while (((pwd = getpwent()) != NULL) && strcmp(pwd->pw_name, uname))
	54	;
	55	u = getuid();
	56	if (pwd == NULL \|\| (u != 0 && u != pwd->pw_uid)) {
	57	printf("Permission denied.\n");
	58	exit(1);
	59	}
	60	endpwent();
	61	if (pwd->pw_passwd[0] && u != 0) {
	62	strcpy(pwbuf, getpass("Old password:"));
	63	pw = crypt(pwbuf, pwd->pw_passwd);
	64	if (strcmp(pw, pwd->pw_passwd) != 0) {
	65	printf("Sorry.\n");
	66	exit(1);
	67	}
	68	}
	69	tryagain:
	70	strcpy(pwbuf, getpass("New password:"));
	71	pwlen = strlen(pwbuf);
	72	if (pwlen == 0) {
73	printf("Password unchanged.\n");
74	exit(1);
75	}
76	/*
77	* Insure password is of reasonable length and
78	* composition. If we really wanted to make things
79	* sticky, we could check the dictionary for common
80	* words, but then things would really be slow.
81	*/
82	ok = 0;
83	flags = 0;
84	p = pwbuf;
85	while (c = *p++) {
86	if (c >= 'a' && c <= 'z')
87	flags \|= 2;
88	else if (c >= 'A' && c <= 'Z')
89	flags \|= 4;
90	else if (c >= '0' && c <= '9')
91	flags \|= 1;
92	else
93	flags \|= 8;
94	}
95	if (flags >= 7 && pwlen >= 4)
96	ok = 1;
97	if ((flags == 2 \|\| flags == 4) && pwlen >= 6)
98	ok = 1;
99	if ((flags == 3 \|\| flags == 5 \|\| flags == 6) && pwlen >= 5)
100	ok = 1;
101	if (!ok && insist < 2) {
252e456d SL	102	printf("Please use %s.\n", flags == 1 ?
	103	"at least one non-numeric character" :
	104	"a longer password");
	105	insist++;
	106	goto tryagain;
	107	}
	108	if (strcmp(pwbuf, getpass("Retype new password:")) != 0) {
	109	printf("Mismatch - password unchanged.\n");
	110	exit(1);
	111	}
	112	time(&salt);
	113	salt = 9 * getpid();
	114	saltc[0] = salt & 077;
	115	saltc[1] = (salt>>6) & 077;
	116	for (i = 0; i < 2; i++) {
	117	c = saltc[i] + '.';
	118	if (c > '9')
	119	c += 7;
	120	if (c > 'Z')
	121	c += 6;
	122	saltc[i] = c;
	123	}
	124	pw = crypt(pwbuf, saltc);
	125	signal(SIGHUP, SIG_IGN);
	126	signal(SIGINT, SIG_IGN);
	127	signal(SIGQUIT, SIG_IGN);
9a59f452	128	fd = open(temp, O_WRONLY\|O_CREAT\|O_EXCL, 0644);
252e456d SL	129	if (fd < 0) {
252e456d SL	130	fprintf(stderr, "passwd: ");
9a59f452	131	if (errno == EEXIST)
252e456d SL	132	fprintf(stderr, "password file busy - try again.\n");
	133	else
	134	perror(temp);
	135	exit(1);
	136	}
	137	signal(SIGTSTP, SIG_IGN);
	138	if ((tf = fdopen(fd, "w")) == NULL) {
	139	fprintf(stderr, "passwd: fdopen failed?\n");
	140	exit(1);
	141	}
	142	/*
	143	* Copy passwd to temp, replacing matching lines
	144	* with new password.
	145	*/
	146	while ((pwd = getpwent()) != NULL) {
	147	if (strcmp(pwd->pw_name,uname) == 0) {
	148	u = getuid();
	149	if (u && u != pwd->pw_uid) {
	150	fprintf(stderr, "passwd: permission denied.\n");
	151	unlink(temp);
	152	exit(1);
	153	}
	154	pwd->pw_passwd = pw;
	155	if (pwd->pw_gecos[0] == '*')
	156	pwd->pw_gecos++;
	157	}
	158	fprintf(tf,"%s:%s:%d:%d:%s:%s:%s\n",
	159	pwd->pw_name,
	160	pwd->pw_passwd,
	161	pwd->pw_uid,
	162	pwd->pw_gid,
	163	pwd->pw_gecos,
	164	pwd->pw_dir,
	165	pwd->pw_shell);
	166	}
	167	endpwent();
	168	if (rename(temp, passwd) < 0) {
	169	fprintf(stderr, "passwd: "); perror("rename");
	170	unlink(temp);
	171	exit(1);
	172	}
252e456d SL	173	fclose(tf);
252e456d SL	174	}