[apple/system_cmds.git] / passwd.tproj / nis_passwd.c

/*
 * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * "Portions Copyright (c) 1999 Apple Computer, Inc.  All Rights
 * Reserved.  This file contains Original Code and/or Modifications of
 * Original Code as defined in and that are subject to the Apple Public
 * Source License Version 1.0 (the 'License').  You may not use this file
 * except in compliance with the License.  Please obtain a copy of the
 * License at http://www.apple.com/publicsource and read it before using
 * this file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
 * License for the specific language governing rights and limitations
 * under the License."
 * 
 * @APPLE_LICENSE_HEADER_END@
 */
/* 
 * Portions Copyright (c) 1998 by Apple Computer, Inc.
 * Portions Copyright (c) 1988 by Sun Microsystems, Inc.
 * Portions Copyright (c) 1988 The Regents of the University of California.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *	This product includes software developed by the University of
 *	California, Berkeley and its contributors.
 * 4. Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */


/* update a user's password in NIS. This was based on the Sun implementation
 * we used in NEXTSTEP, although I've added some stuff from OpenBSD. And
 * it uses the API to support Rhapsody's proprietry infosystem switch.
 * lukeh
 */

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <pwd.h>
#include <netinet/in.h>
#include <rpc/types.h>
#include <rpc/xdr.h>
#include <rpc/rpc.h>
#include <rpcsvc/yp_prot.h>
#include <rpcsvc/ypclnt.h>
#include <rpcsvc/yppasswd.h>
#include <netdb.h>
#include <sys/socket.h>
#include <sys/file.h>
#include <errno.h>

extern int getrpcport(char *, int, int, int);
extern void getpasswd(char *, int, int, int, int, char *, char **, char**, char **);

static struct passwd *ypgetpwnam(char *name, char *domain);

int nis_passwd(char *uname, char *domain)
{	
	int ans, port, ok = -1;
	char *master;
	char *ne;	/* new encrypted password */
	char *oc;	/* old cleartext password */
	char *nc;	/* new cleartext password */
	static struct yppasswd	yppasswd;
	struct passwd *pwd;
	int uid;
	struct timeval tv;
	CLIENT *cl;

	if (domain == NULL)
	{
		if (yp_get_default_domain(&domain) != 0)
		{
			(void)fprintf(stderr, "can't get domain\n");
			exit(1);
		}
	}
	
	if (yp_master(domain, "passwd.byname", &master) != 0)
	{
		(void)fprintf(stderr, "can't get master for passwd file\n");
		exit(1);
	}
	
	port = getrpcport(master, YPPASSWDPROG, YPPASSWDPROC_UPDATE,
		IPPROTO_UDP);
	if (port == 0)
	{
		(void)fprintf(stderr, "%s is not running yppasswd daemon\n",
			      master);
		exit(1);
	}
	if (port >= IPPORT_RESERVED)
	{
		(void)fprintf(stderr,
		    "yppasswd daemon is not running on privileged port\n");
		exit(1);
	}

	pwd = ypgetpwnam(uname, domain);
	if (pwd == NULL)
	{
		(void)fprintf(stderr, "user %s not found\n", uname);
		exit(1);
	}
	
	uid = getuid();
	if (uid != 0 && uid != pwd->pw_uid)
	{
		(void)fprintf(stderr, "you may only change your own password\n");
		exit(1);
	}
	
	getpasswd(uname, 0, 5, 0, 0, pwd->pw_passwd, &ne, &oc, &nc);
		
	yppasswd.oldpass = oc;
	yppasswd.newpw.pw_name = pwd->pw_name;
	yppasswd.newpw.pw_passwd = ne;
	yppasswd.newpw.pw_uid = pwd->pw_uid;
	yppasswd.newpw.pw_gid = pwd->pw_gid;
	yppasswd.newpw.pw_gecos = pwd->pw_gecos;
	yppasswd.newpw.pw_dir = pwd->pw_dir;
	yppasswd.newpw.pw_shell = pwd->pw_shell;	
	
	cl = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp");
	if (cl == NULL)
	{
		(void)fprintf(stderr, "could not contact yppasswdd on %s\n", master);
		exit(1);
	}
	cl->cl_auth = authunix_create_default();
	tv.tv_sec = 2;
	tv.tv_usec = 0;
	ans = clnt_call(cl, YPPASSWDPROC_UPDATE,
		xdr_yppasswd, &yppasswd, xdr_int, &ok, tv);

	if (ans != 0)
	{
		clnt_perrno(ans);
		(void)fprintf(stderr, "\n");
		(void)fprintf(stderr, "couldn't change passwd\n");
		exit(1);
	}
	if (ok != 0)
	{
		(void)fprintf(stderr, "couldn't change passwd\n");
		exit(1);
	}
	return(0);
}

static char *
pwskip(register char *p)
{
	while (*p && *p != ':' && *p != '\n')
		++p;
	if (*p)
		*p++ = 0;
	return (p);
}

struct passwd *
interpret(struct passwd *pwent, char *line)
{
	register char	*p = line;

	pwent->pw_passwd = "*";
	pwent->pw_uid = 0;
	pwent->pw_gid = 0;
	pwent->pw_gecos = "";
	pwent->pw_dir = "";
	pwent->pw_shell = "";
#ifndef __SLICK__
	pwent->pw_change = 0;
	pwent->pw_expire = 0;
	pwent->pw_class = "";
#endif

	/* line without colon separators is no good, so ignore it */
	if(!strchr(p, ':'))
		return(NULL);

	pwent->pw_name = p;
	p = pwskip(p);
	pwent->pw_passwd = p;
	p = pwskip(p);
	pwent->pw_uid = (uid_t)strtoul(p, NULL, 10);
	p = pwskip(p);
	pwent->pw_gid = (gid_t)strtoul(p, NULL, 10);
	p = pwskip(p);
	pwent->pw_gecos = p;
	p = pwskip(p);
	pwent->pw_dir = p;
	p = pwskip(p);
	pwent->pw_shell = p;
	while (*p && *p != '\n')
		p++;
	*p = '\0';
	return (pwent);
}


static struct passwd *
ypgetpwnam(char *nam, char *domain)
{
	static struct passwd pwent;
	char *val;
	int reason, vallen;
	static char *__yplin = NULL;

	reason = yp_match(domain, "passwd.byname", nam, strlen(nam),
	    &val, &vallen);
	switch(reason) {
	case 0:
		break;
	default:
		return (NULL);
		break;
	}
	val[vallen] = '\0';
	if (__yplin)
		free(__yplin);
	__yplin = (char *)malloc(vallen + 1);
	strcpy(__yplin, val);
	free(val);

	return(interpret(&pwent, __yplin));
}
Commit	Line	Data
1815bff5 A	1	/*
	2	* Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
2fc1e207 A	6	* "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights
	7	* Reserved. This file contains Original Code and/or Modifications of
	8	* Original Code as defined in and that are subject to the Apple Public
	9	* Source License Version 1.0 (the 'License'). You may not use this file
	10	* except in compliance with the License. Please obtain a copy of the
	11	* License at http://www.apple.com/publicsource and read it before using
	12	* this file.
1815bff5 A	13	*
	14	* The Original Code and all software distributed under the License are
	15	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	16	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	17	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2fc1e207 A	18	* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
	19	* License for the specific language governing rights and limitations
	20	* under the License."
1815bff5 A	21	*
	22	* @APPLE_LICENSE_HEADER_END@
	23	*/
	24	/*
	25	* Portions Copyright (c) 1998 by Apple Computer, Inc.
	26	* Portions Copyright (c) 1988 by Sun Microsystems, Inc.
	27	* Portions Copyright (c) 1988 The Regents of the University of California.
	28	* All rights reserved.
	29	*
	30	* Redistribution and use in source and binary forms, with or without
	31	* modification, are permitted provided that the following conditions
	32	* are met:
	33	* 1. Redistributions of source code must retain the above copyright
	34	* notice, this list of conditions and the following disclaimer.
	35	* 2. Redistributions in binary form must reproduce the above copyright
	36	* notice, this list of conditions and the following disclaimer in the
	37	* documentation and/or other materials provided with the distribution.
	38	* 3. All advertising materials mentioning features or use of this software
	39	* must display the following acknowledgement:
	40	* This product includes software developed by the University of
	41	* California, Berkeley and its contributors.
	42	* 4. Neither the name of the University nor the names of its contributors
	43	* may be used to endorse or promote products derived from this software
	44	* without specific prior written permission.
	45	*
	46	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	47	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	48	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	49	* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	50	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	51	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	52	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	53	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	54	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	55	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	56	* SUCH DAMAGE.
	57	*/
	58
	59
	60	/* update a user's password in NIS. This was based on the Sun implementation
	61	* we used in NEXTSTEP, although I've added some stuff from OpenBSD. And
	62	* it uses the API to support Rhapsody's proprietry infosystem switch.
	63	* lukeh
	64	*/
	65
	66	#include <stdio.h>
	67	#include <stdlib.h>
	68	#include <unistd.h>
	69	#include <string.h>
	70	#include <pwd.h>
	71	#include <netinet/in.h>
	72	#include <rpc/types.h>
	73	#include <rpc/xdr.h>
	74	#include <rpc/rpc.h>
	75	#include <rpcsvc/yp_prot.h>
	76	#include <rpcsvc/ypclnt.h>
	77	#include <rpcsvc/yppasswd.h>
	78	#include <netdb.h>
	79	#include <sys/socket.h>
	80	#include <sys/file.h>
	81	#include <errno.h>
	82
	83	extern int getrpcport(char *, int, int, int);
	84	extern void getpasswd(char , int, int, int, int, char , char , char, char **);
85
86	static struct passwd ypgetpwnam(char name, char *domain);
87
88	int nis_passwd(char uname, char domain)
89	{
90	int ans, port, ok = -1;
91	char *master;
92	char ne; / new encrypted password */
93	char oc; / old cleartext password */
94	char nc; / new cleartext password */
95	static struct yppasswd yppasswd;
96	struct passwd *pwd;
97	int uid;
98	struct timeval tv;
99	CLIENT *cl;
100
101	if (domain == NULL)
102	{
103	if (yp_get_default_domain(&domain) != 0)
104	{
105	(void)fprintf(stderr, "can't get domain\n");
106	exit(1);
107	}
108	}
109
110	if (yp_master(domain, "passwd.byname", &master) != 0)
111	{
112	(void)fprintf(stderr, "can't get master for passwd file\n");
113	exit(1);
114	}
115
116	port = getrpcport(master, YPPASSWDPROG, YPPASSWDPROC_UPDATE,
117	IPPROTO_UDP);
118	if (port == 0)
119	{
120	(void)fprintf(stderr, "%s is not running yppasswd daemon\n",
121	master);
122	exit(1);
123	}
124	if (port >= IPPORT_RESERVED)
125	{
126	(void)fprintf(stderr,
127	"yppasswd daemon is not running on privileged port\n");
128	exit(1);
129	}
130
131	pwd = ypgetpwnam(uname, domain);
132	if (pwd == NULL)
133	{
134	(void)fprintf(stderr, "user %s not found\n", uname);
135	exit(1);
136	}
137
138	uid = getuid();
139	if (uid != 0 && uid != pwd->pw_uid)
140	{
141	(void)fprintf(stderr, "you may only change your own password\n");
142	exit(1);
143	}
144
145	getpasswd(uname, 0, 5, 0, 0, pwd->pw_passwd, &ne, &oc, &nc);
146
147	yppasswd.oldpass = oc;
148	yppasswd.newpw.pw_name = pwd->pw_name;
149	yppasswd.newpw.pw_passwd = ne;
150	yppasswd.newpw.pw_uid = pwd->pw_uid;
151	yppasswd.newpw.pw_gid = pwd->pw_gid;
152	yppasswd.newpw.pw_gecos = pwd->pw_gecos;
153	yppasswd.newpw.pw_dir = pwd->pw_dir;
154	yppasswd.newpw.pw_shell = pwd->pw_shell;
155
156	cl = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp");
157	if (cl == NULL)
158	{
159	(void)fprintf(stderr, "could not contact yppasswdd on %s\n", master);
160	exit(1);
161	}
162	cl->cl_auth = authunix_create_default();
163	tv.tv_sec = 2;
164	tv.tv_usec = 0;
165	ans = clnt_call(cl, YPPASSWDPROC_UPDATE,
166	xdr_yppasswd, &yppasswd, xdr_int, &ok, tv);
167
168	if (ans != 0)
169	{
170	clnt_perrno(ans);
171	(void)fprintf(stderr, "\n");
172	(void)fprintf(stderr, "couldn't change passwd\n");
173	exit(1);
174	}
175	if (ok != 0)
176	{
177	(void)fprintf(stderr, "couldn't change passwd\n");
178	exit(1);
179	}
180	return(0);
181	}
182
183	static char *
184	pwskip(register char *p)
185	{
186	while (p && p != ':' && *p != '\n')
187	++p;
188	if (*p)
189	*p++ = 0;
190	return (p);
191	}
192
193	struct passwd *
194	interpret(struct passwd pwent, char line)
195	{
196	register char *p = line;
197
198	pwent->pw_passwd = "*";
199	pwent->pw_uid = 0;
200	pwent->pw_gid = 0;
201	pwent->pw_gecos = "";
202	pwent->pw_dir = "";
203	pwent->pw_shell = "";
204	#ifndef __SLICK__
205	pwent->pw_change = 0;
206	pwent->pw_expire = 0;
207	pwent->pw_class = "";
208	#endif
209
210	/* line without colon separators is no good, so ignore it */
211	if(!strchr(p, ':'))
212	return(NULL);
213
214	pwent->pw_name = p;
215	p = pwskip(p);
216	pwent->pw_passwd = p;
217	p = pwskip(p);
218	pwent->pw_uid = (uid_t)strtoul(p, NULL, 10);
219	p = pwskip(p);
220	pwent->pw_gid = (gid_t)strtoul(p, NULL, 10);
221	p = pwskip(p);
222	pwent->pw_gecos = p;
223	p = pwskip(p);
224	pwent->pw_dir = p;
225	p = pwskip(p);
226	pwent->pw_shell = p;
227	while (p && p != '\n')
228	p++;
229	*p = '\0';
230	return (pwent);
231	}
232
233
234	static struct passwd *
235	ypgetpwnam(char nam, char domain)
236	{
237	static struct passwd pwent;
238	char *val;
239	int reason, vallen;
240	static char *__yplin = NULL;
241
242	reason = yp_match(domain, "passwd.byname", nam, strlen(nam),
243	&val, &vallen);
244	switch(reason) {
245	case 0:
246	break;
247	default:
248	return (NULL);
249	break;
250	}
251	val[vallen] = '\0';
252	if (__yplin)
253	free(__yplin);
254	__yplin = (char *)malloc(vallen + 1);
255	strcpy(__yplin, val);
256	free(val);
257
258	return(interpret(&pwent, __yplin));
259	}