[unix-history] / usr.bin / passwd / yp_passwd.c

/*
 * Copyright (c) 1988 The Regents of the University of California.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *	This product includes software developed by the University of
 *	California, Berkeley and its contributors.
 * 4. Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */
#ifndef lint
/*static char sccsid[] = "from: @(#)yp_passwd.c	1.0 2/2/93";*/
static char rcsid[] = "$Id: yp_passwd.c,v 1.3 1993/08/01 18:10:17 mycroft Exp $";
#endif /* not lint */

#ifdef	YP

#include <stdio.h>
#include <string.h>
#include <netdb.h>
#include <time.h>
#include <pwd.h>
#include <errno.h>
#include <rpc/rpc.h>
#include <rpcsvc/yp_prot.h>
#include <rpcsvc/ypclnt.h>
#define passwd yp_passwd_rec
#include <rpcsvc/yppasswd.h>
#undef passwd
        
#ifndef _PASSWORD_LEN
#define _PASSWORD_LEN PASS_MAX
#endif
        
extern char *progname;
static char *getnewpasswd();        
static struct passwd *ypgetpwnam();

static uid_t uid;
char *domain;

yp_passwd(uname)
        char *uname;
{
        char *master;
        char *pp;
        int r, rpcport, status;
        struct yppasswd yppasswd;
        struct passwd *pw;
	struct timeval tv;
	CLIENT *client;
        
        uid = getuid();

        /*
         * Get local domain
         */
        if (r = yp_get_default_domain(&domain)) {
                (void)fprintf(stderr, "%s: can't get local YP domain. Reason: %s\n", progname, yperr_string(r));
                exit(1);
        }

        /*
         * Find the host for the passwd map; it should be running
         * the daemon.
         */
        if ((r = yp_master(domain, "passwd.byname", &master)) != 0) {
                (void)fprintf(stderr, "%s: can't find the master YP server. Reason: %s\n", progname, yperr_string(r));
                exit(1);
        }

        /*
         * Ask the portmapper for the port of the daemon.
         */
        if ((rpcport = getrpcport(master, YPPASSWDPROG, YPPASSWDPROC_UPDATE, IPPROTO_UDP)) == 0) {
                (void)fprintf(stderr, "%s: master YP server not running yppasswd daemon.\n\tCan't change password.\n", progname);
                exit(1);
        }

        /*
         * Be sure the port is priviledged
         */
        if (rpcport >= IPPORT_RESERVED) {
                (void)fprintf(stderr, "%s: yppasswd daemon running on an invalid port.\n", progname);
                exit(1);
        }

        /* Get user's login identity */
        if (!(pw = ypgetpwnam(uname))) {
		(void)fprintf(stderr, "%s: unknown user %s.\n", progname, uname);
		exit(1);
	}
                
	if (uid && uid != pw->pw_uid) {
		(void)fprintf(stderr, "%s: you are only allowed to change your own password: %s\n", progname, strerror(EACCES));
		exit(1);
	}

        /* prompt for new password */
        yppasswd.newpw.pw_passwd = getnewpasswd(pw, &yppasswd.oldpass);

        /* tell rpc.yppasswdd */
        yppasswd.newpw.pw_name	= pw->pw_name;
        yppasswd.newpw.pw_uid 	= pw->pw_uid;
        yppasswd.newpw.pw_gid	= pw->pw_gid;
        yppasswd.newpw.pw_gecos = pw->pw_gecos;
        yppasswd.newpw.pw_dir	= pw->pw_dir;
        yppasswd.newpw.pw_shell	= pw->pw_shell;
        
        client = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp");
        if (client==NULL) {
                fprintf(stderr, "can't contact yppasswdd on %s: Reason: %s\n",
                        master, yperr_string(YPERR_YPBIND));
                return(YPERR_YPBIND);
        }
        client->cl_auth = authunix_create_default();
        tv.tv_sec = 2;
        tv.tv_usec = 0;
        r = clnt_call(client, YPPASSWDPROC_UPDATE,
                      xdr_yppasswd, &yppasswd, xdr_int, &status, tv);
        if (r)
                fprintf(stderr, "%s: rpc to yppasswdd failed.\n");
        else if (status)
                printf("Couldn't change YP password.\n");
        else
                printf("The YP password has been changed on %s, the master YP passwd server.\n", master);

        exit(0);
}

static char *
getnewpasswd(pw, old_pass)
	register struct passwd *pw;
        char **old_pass;
{
        static char buf[_PASSWORD_LEN+1];
	register char *p, *t;
	int tries;
	char salt[9], *crypt(), *getpass();
        
	(void)printf("Changing YP password for %s.\n", pw->pw_name);

        if (uid && old_pass) {
                *old_pass = NULL;
        
                if (pw->pw_passwd &&
#ifdef DES
                    strcmp(crypt(p = getpass("Old password:"), pw->pw_passwd),
                           pw->pw_passwd)) {
#else
                    strcmp(p = getpass("Old password:"), pw->pw_passwd)) {
#endif
                                   errno = EACCES;
                                   pw_error(NULL, 1, 1);
                }
                *old_pass = strdup(p);
        }
	for (buf[0] = '\0', tries = 0;;) {
		p = getpass("New password:");
		if (!*p) {
			(void)printf("Password unchanged.\n");
			pw_error(NULL, 0, 0);
		}
		if (strlen(p) <= 5 && (uid != 0 || ++tries < 2)) {
			(void)printf("Please enter a longer password.\n");
			continue;
		}
		for (t = p; *t && islower(*t); ++t);
		if (!*t && (uid != 0 || ++tries < 2)) {
			(void)printf("Please don't use an all-lower case password.\nUnusual capitalization, control characters or digits are suggested.\n");
			continue;
		}
		(void)strcpy(buf, p);
		if (!strcmp(buf, getpass("Retype new password:")))
			break;
		(void)printf("Mismatch; try again, EOF to quit.\n");
	}
	/* grab a random printable character that isn't a colon */
	(void)srandom((int)time((time_t *)NULL));
#ifdef NEWSALT
	salt[0] = _PASSWORD_EFMT1;
	to64(&salt[1], (long)(29 * 25), 4);
	to64(&salt[5], random(), 4);
#else
	to64(&salt[0], random(), 2);
#endif
#ifdef DES
	return(strdup(crypt(buf, salt)));
#else
	return(buf);
#endif
}

static char *
pwskip(register char *p)
{
	while (*p && *p != ':' && *p != '\n')
		++p;
	if (*p)
		*p++ = 0;
	return (p);
}

struct passwd *
interpret(struct passwd *pwent, char *line)
{
	register char	*p = line;
	register int	c;

        pwent->pw_passwd = "*";
        pwent->pw_uid = 0;
        pwent->pw_gid = 0;
        pwent->pw_gecos = "";
        pwent->pw_dir = "";
        pwent->pw_shell = "";
	pwent->pw_change = 0;
	pwent->pw_expire = 0;
	pwent->pw_class = "";
        
        /* line without colon separators is no good, so ignore it */
        if(!strchr(p,':'))
                return(NULL);

	pwent->pw_name = p;
	p = pwskip(p);
	pwent->pw_passwd = p;
	p = pwskip(p);
	pwent->pw_uid = (uid_t)strtoul(p, NULL, 10);
	p = pwskip(p);
	pwent->pw_gid = (gid_t)strtoul(p, NULL, 10);
	p = pwskip(p);
	pwent->pw_gecos = p;
	p = pwskip(p);
	pwent->pw_dir = p;
	p = pwskip(p);
	pwent->pw_shell = p;
	while (*p && *p != '\n')
		p++;
	*p = '\0';
	return (pwent);
}

static struct passwd *
ypgetpwnam(nam)
        char *nam;
{
        static struct passwd pwent;
        static char line[1024];
        char *val;
        int reason, vallen;
        
        reason = yp_match(domain, "passwd.byname", nam, strlen(nam),
                          &val, &vallen);
        switch(reason) {
        case 0:
                break;
        default:
                return (NULL);
                break;
        }
        val[vallen] = '\0';
        strcpy(line, val);
        free(val);

        return(interpret(&pwent, line));
}

#endif	/* YP */
Commit	Line	Data
9258f8b2 NW	1	/*
	2	* Copyright (c) 1988 The Regents of the University of California.
	3	* All rights reserved.
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions
	7	* are met:
	8	* 1. Redistributions of source code must retain the above copyright
	9	* notice, this list of conditions and the following disclaimer.
	10	* 2. Redistributions in binary form must reproduce the above copyright
	11	* notice, this list of conditions and the following disclaimer in the
	12	* documentation and/or other materials provided with the distribution.
	13	* 3. All advertising materials mentioning features or use of this software
	14	* must display the following acknowledgement:
	15	* This product includes software developed by the University of
	16	* California, Berkeley and its contributors.
	17	* 4. Neither the name of the University nor the names of its contributors
	18	* may be used to endorse or promote products derived from this software
	19	* without specific prior written permission.
	20	*
	21	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	22	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	23	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	24	* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	25	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	26	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	27	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	28	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	29	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	30	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	31	* SUCH DAMAGE.
	32	*/
	33	#ifndef lint
	34	/static char sccsid[] = "from: @(#)yp_passwd.c 1.0 2/2/93";/
	35	static char rcsid[] = "$Id: yp_passwd.c,v 1.3 1993/08/01 18:10:17 mycroft Exp $";
	36	#endif /* not lint */
	37
	38	#ifdef YP
	39
	40	#include <stdio.h>
	41	#include <string.h>
	42	#include <netdb.h>
	43	#include <time.h>
	44	#include <pwd.h>
	45	#include <errno.h>
	46	#include <rpc/rpc.h>
	47	#include <rpcsvc/yp_prot.h>
	48	#include <rpcsvc/ypclnt.h>
	49	#define passwd yp_passwd_rec
	50	#include <rpcsvc/yppasswd.h>
	51	#undef passwd
	52
	53	#ifndef _PASSWORD_LEN
	54	#define _PASSWORD_LEN PASS_MAX
	55	#endif
	56
	57	extern char *progname;
	58	static char *getnewpasswd();
	59	static struct passwd *ypgetpwnam();
	60
	61	static uid_t uid;
	62	char *domain;
	63
	64	yp_passwd(uname)
65	char *uname;
66	{
67	char *master;
68	char *pp;
69	int r, rpcport, status;
70	struct yppasswd yppasswd;
71	struct passwd *pw;
72	struct timeval tv;
73	CLIENT *client;
74
75	uid = getuid();
76
77	/*
78	* Get local domain
79	*/
80	if (r = yp_get_default_domain(&domain)) {
81	(void)fprintf(stderr, "%s: can't get local YP domain. Reason: %s\n", progname, yperr_string(r));
82	exit(1);
83	}
84
85	/*
86	* Find the host for the passwd map; it should be running
87	* the daemon.
88	*/
89	if ((r = yp_master(domain, "passwd.byname", &master)) != 0) {
90	(void)fprintf(stderr, "%s: can't find the master YP server. Reason: %s\n", progname, yperr_string(r));
91	exit(1);
92	}
93
94	/*
95	* Ask the portmapper for the port of the daemon.
96	*/
97	if ((rpcport = getrpcport(master, YPPASSWDPROG, YPPASSWDPROC_UPDATE, IPPROTO_UDP)) == 0) {
98	(void)fprintf(stderr, "%s: master YP server not running yppasswd daemon.\n\tCan't change password.\n", progname);
99	exit(1);
100	}
101
102	/*
103	* Be sure the port is priviledged
104	*/
105	if (rpcport >= IPPORT_RESERVED) {
106	(void)fprintf(stderr, "%s: yppasswd daemon running on an invalid port.\n", progname);
107	exit(1);
108	}
109
110	/* Get user's login identity */
111	if (!(pw = ypgetpwnam(uname))) {
112	(void)fprintf(stderr, "%s: unknown user %s.\n", progname, uname);
113	exit(1);
114	}
115
116	if (uid && uid != pw->pw_uid) {
117	(void)fprintf(stderr, "%s: you are only allowed to change your own password: %s\n", progname, strerror(EACCES));
118	exit(1);
119	}
120
121	/* prompt for new password */
122	yppasswd.newpw.pw_passwd = getnewpasswd(pw, &yppasswd.oldpass);
123
124	/* tell rpc.yppasswdd */
125	yppasswd.newpw.pw_name = pw->pw_name;
126	yppasswd.newpw.pw_uid = pw->pw_uid;
127	yppasswd.newpw.pw_gid = pw->pw_gid;
128	yppasswd.newpw.pw_gecos = pw->pw_gecos;
129	yppasswd.newpw.pw_dir = pw->pw_dir;
130	yppasswd.newpw.pw_shell = pw->pw_shell;
131
132	client = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp");
133	if (client==NULL) {
134	fprintf(stderr, "can't contact yppasswdd on %s: Reason: %s\n",
135	master, yperr_string(YPERR_YPBIND));
136	return(YPERR_YPBIND);
137	}
138	client->cl_auth = authunix_create_default();
139	tv.tv_sec = 2;
140	tv.tv_usec = 0;
141	r = clnt_call(client, YPPASSWDPROC_UPDATE,
142	xdr_yppasswd, &yppasswd, xdr_int, &status, tv);
143	if (r)
144	fprintf(stderr, "%s: rpc to yppasswdd failed.\n");
145	else if (status)
146	printf("Couldn't change YP password.\n");
147	else
148	printf("The YP password has been changed on %s, the master YP passwd server.\n", master);
149
150	exit(0);
151	}
152
153	static char *
154	getnewpasswd(pw, old_pass)
155	register struct passwd *pw;
156	char **old_pass;
157	{
158	static char buf[_PASSWORD_LEN+1];
159	register char p, t;
160	int tries;
161	char salt[9], crypt(), getpass();
162
163	(void)printf("Changing YP password for %s.\n", pw->pw_name);
164
165	if (uid && old_pass) {
166	*old_pass = NULL;
167
168	if (pw->pw_passwd &&
169	#ifdef DES
170	strcmp(crypt(p = getpass("Old password:"), pw->pw_passwd),
171	pw->pw_passwd)) {
172	#else
173	strcmp(p = getpass("Old password:"), pw->pw_passwd)) {
174	#endif
175	errno = EACCES;
176	pw_error(NULL, 1, 1);
177	}
178	*old_pass = strdup(p);
179	}
180	for (buf[0] = '\0', tries = 0;;) {
181	p = getpass("New password:");
182	if (!*p) {
183	(void)printf("Password unchanged.\n");
184	pw_error(NULL, 0, 0);
185	}
186	if (strlen(p) <= 5 && (uid != 0 \|\| ++tries < 2)) {
187	(void)printf("Please enter a longer password.\n");
188	continue;
189	}
190	for (t = p; t && islower(t); ++t);
191	if (!*t && (uid != 0 \|\| ++tries < 2)) {
192	(void)printf("Please don't use an all-lower case password.\nUnusual capitalization, control characters or digits are suggested.\n");
193	continue;
194	}
195	(void)strcpy(buf, p);
196	if (!strcmp(buf, getpass("Retype new password:")))
197	break;
198	(void)printf("Mismatch; try again, EOF to quit.\n");
199	}
200	/* grab a random printable character that isn't a colon */
201	(void)srandom((int)time((time_t *)NULL));
202	#ifdef NEWSALT
203	salt[0] = _PASSWORD_EFMT1;
204	to64(&salt[1], (long)(29 * 25), 4);
205	to64(&salt[5], random(), 4);
206	#else
207	to64(&salt[0], random(), 2);
208	#endif
209	#ifdef DES
210	return(strdup(crypt(buf, salt)));
211	#else
212	return(buf);
213	#endif
214	}
215
216	static char *
217	pwskip(register char *p)
218	{
219	while (p && p != ':' && *p != '\n')
220	++p;
221	if (*p)
222	*p++ = 0;
223	return (p);
224	}
225
226	struct passwd *
227	interpret(struct passwd pwent, char line)
228	{
229	register char *p = line;
230	register int c;
231
232	pwent->pw_passwd = "*";
233	pwent->pw_uid = 0;
234	pwent->pw_gid = 0;
235	pwent->pw_gecos = "";
236	pwent->pw_dir = "";
237	pwent->pw_shell = "";
238	pwent->pw_change = 0;
239	pwent->pw_expire = 0;
240	pwent->pw_class = "";
241
242	/* line without colon separators is no good, so ignore it */
243	if(!strchr(p,':'))
244	return(NULL);
245
246	pwent->pw_name = p;
247	p = pwskip(p);
248	pwent->pw_passwd = p;
249	p = pwskip(p);
250	pwent->pw_uid = (uid_t)strtoul(p, NULL, 10);
251	p = pwskip(p);
252	pwent->pw_gid = (gid_t)strtoul(p, NULL, 10);
253	p = pwskip(p);
254	pwent->pw_gecos = p;
255	p = pwskip(p);
256	pwent->pw_dir = p;
257	p = pwskip(p);
258	pwent->pw_shell = p;
259	while (p && p != '\n')
260	p++;
261	*p = '\0';
262	return (pwent);
263	}
264
265	static struct passwd *
266	ypgetpwnam(nam)
267	char *nam;
268	{
269	static struct passwd pwent;
270	static char line[1024];
271	char *val;
272	int reason, vallen;
273
274	reason = yp_match(domain, "passwd.byname", nam, strlen(nam),
275	&val, &vallen);
276	switch(reason) {
277	case 0:
278	break;
279	default:
280	return (NULL);
281	break;
282	}
283	val[vallen] = '\0';
284	strcpy(line, val);
285	free(val);
286
287	return(interpret(&pwent, line));
288	}
289
290	#endif /* YP */