[apple/system_cmds.git] / passwd.tproj / passwd.c

/*
 * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * "Portions Copyright (c) 1999 Apple Computer, Inc.  All Rights
 * Reserved.  This file contains Original Code and/or Modifications of
 * Original Code as defined in and that are subject to the Apple Public
 * Source License Version 1.0 (the 'License').  You may not use this file
 * except in compliance with the License.  Please obtain a copy of the
 * License at http://www.apple.com/publicsource and read it before using
 * this file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
 * License for the specific language governing rights and limitations
 * under the License."
 * 
 * @APPLE_LICENSE_HEADER_END@
 */
#define INFO_NETINFO 0
#define INFO_FILE 1
#define INFO_NIS 2
#define INFO_DIRECTORYSERVICES 3

#ifndef __SLICK__
#define _PASSWD_FILE "/etc/master.passwd"
#else
#define _PASSWD_FILE "/etc/passwd"
#endif

#include <stdio.h>
#include <errno.h>
#include <pwd.h>
#include <libc.h>
#include <ctype.h>
#include <string.h>
#include <netinfo/ni.h>
#include "stringops.h"

#ifdef __SLICK__
#define _PASSWORD_LEN 8
#endif

static char *saltchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";

extern int file_passwd(char *, char *);
extern int netinfo_passwd(char *, char *);
extern int nis_passwd(char *, char *);
extern int ds_passwd(char *, char *);

void
getpasswd(char *name, int isroot, int minlen, int mixcase, int nonalpha,
	char *old_pw, char **new_pw, char **old_clear, char **new_clear)
{
	int i, tries, len, pw_ok, upper, lower, alpha, notalpha;
	int isNull;
	char *p;
	static char obuf[_PASSWORD_LEN+1];
	static char nbuf[_PASSWORD_LEN+1];
	char salt[9];

	printf("Changing password for %s.\n", name);

	p = "";
	isNull = 0;
	if (old_pw == NULL) isNull = 1;
	if ((isNull == 0) && (old_pw[0] == '\0')) isNull = 1;
	if ((isroot == 0) && (isNull == 0))
	{
		p = getpass("Old password:");
		if (strcmp(crypt(p, old_pw), old_pw))
		{
			errno = EACCES;
			fprintf(stderr, "Sorry\n");
			exit(1);
		}
	}
	//strcpy(obuf, p);
	snprintf( obuf, sizeof(obuf), "%s", p );
	
	tries = 0;
	nbuf[0] = '\0';
	for (;;)
	{
		p = getpass("New password:");
		if (!*p)
		{
			printf("Password unchanged.\n");
			exit(0);
		}

		tries++;
		len = strlen(p);
		upper = 0;
		lower = 0;
		alpha = 0;
		notalpha = 0;
		for (i = 0; i < len; i++)
		{
			if (isupper(p[i])) upper++;
			if (islower(p[i])) lower++;
			if (isalpha(p[i])) alpha++;
			else notalpha++;
		}


		pw_ok = 1;
		if (len < minlen) pw_ok = 0;
		if ((mixcase == 1) && ((upper == 0) || (lower == 0))) pw_ok = 0;
		if ((nonalpha == 1) && (notalpha == 0)) pw_ok = 0;

		/*
		 * An insistent root may override security options.
		 */
		if ((isroot == 1) && (tries > 2)) pw_ok = 1;
	
		/*
		 * A very insistent user may override security options.
		 */
		if (tries > 4) pw_ok = 1;
	
		if (pw_ok == 0)
		{
			if (len < minlen)
				printf("Password must be at least %d characters long.\n", minlen);
			if ((mixcase == 1) && ((upper == 0) || (lower == 0)))
				printf("Password must contain both upper and lower case characters.\n");
			if ((nonalpha == 1) && (notalpha == 0))
				printf("Password must contain non-alphabetic characters.\n");
			continue;
		}

		//strcpy(nbuf, p);
		snprintf( nbuf, sizeof(nbuf), "%s", p );
		
		if (!strcmp(nbuf, getpass("Retype new password:"))) break;

		printf("Mismatch; try again, EOF to quit.\n");
	}

	/*
	 * Create a random salt
	 */
	srandom((int)time((time_t *)NULL));
	salt[0] = saltchars[random() % strlen(saltchars)];
	salt[1] = saltchars[random() % strlen(saltchars)];
	salt[2] = '\0';
	*new_pw = crypt(nbuf, salt);

	*old_clear = obuf;
	*new_clear = nbuf;
	return;
}

void
usage()
{
	fprintf(stderr, "usage: passwd [-i infosystem] [-l location] [name]\n");
	fprintf(stderr, "supported infosystems are:\n");
	fprintf(stderr, "    netinfo\n");
	fprintf(stderr, "    file\n");
	fprintf(stderr, "    nis\n");
	fprintf(stderr, "    opendirectory\n");
	fprintf(stderr, "for netinfo, location may be a domain name or server/tag\n");
	fprintf(stderr, "for file, location may be a file name (%s is the default)\n",
		_PASSWD_FILE);
	fprintf(stderr, "for nis, location may be a NIS domainname\n");
	fprintf(stderr, "for opendirectory, location may be a directory node name\n");
	exit(1);
}

int
main(int argc, char *argv[])
{
	char *user, *locn;
	int i, infosystem;
	
	/* since DS works for most infosystems, make it the default */
	//infosystem = INFO_NETINFO;
	infosystem = INFO_DIRECTORYSERVICES;
	user = NULL;
	locn = NULL;
	
	for (i = 1; i < argc; i++)
	{
		if (!strcmp(argv[i], "-i"))
		{
			if (++i >= argc)
			{
				fprintf(stderr, "no argument for -i option\n");
				usage();
			}

			if (!strcmp(argv[i], "NetInfo")) infosystem = INFO_NETINFO;
			else if (!strcmp(argv[i], "netinfo")) infosystem = INFO_NETINFO;
			else if (!strcmp(argv[i], "File")) infosystem = INFO_FILE;
			else if (!strcmp(argv[i], "file")) infosystem = INFO_FILE;
			else if (!strcmp(argv[i], "NIS")) infosystem = INFO_NIS;
			else if (!strcmp(argv[i], "nis")) infosystem = INFO_NIS;
			else if (!strcmp(argv[i], "YP")) infosystem = INFO_NIS;
			else if (!strcmp(argv[i], "yp")) infosystem = INFO_NIS;
			else if (!strcasecmp(argv[i], "opendirectory")) infosystem = INFO_DIRECTORYSERVICES;
			else
			{
				fprintf(stderr, "unknown info system \"%s\"\n", argv[i]);
				usage();
			}
		}

		else if (!strcmp(argv[i], "-l"))
		{
			if (++i >= argc)
			{
				fprintf(stderr, "no argument for -l option\n");
				usage();
			}
			locn = argv[i];
		}
		else if (user == NULL) user = argv[i];
		else usage();
	}

	if (user == NULL)
	{
	    	/*
		 * Verify that the login name exists.
		 * lukeh 24 Dec 1997
		 */
		if ((user = getlogin()) == NULL)
		{
			fprintf(stderr, "you don't have a login name\n");
			exit(1);
		}
	}
	
	switch (infosystem)
	{
		case INFO_NETINFO:
			netinfo_passwd(user, locn);
			break;
		case INFO_FILE:
			file_passwd(user, locn);
			break;
		case INFO_NIS:
			nis_passwd(user, locn);
			break;
		case INFO_DIRECTORYSERVICES:
			ds_passwd(user, locn);
			break;
	}

	exit(0);
}
Commit	Line	Data
1815bff5 A	1	/*
	2	* Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
d904471c A	6	* "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights
	7	* Reserved. This file contains Original Code and/or Modifications of
	8	* Original Code as defined in and that are subject to the Apple Public
	9	* Source License Version 1.0 (the 'License'). You may not use this file
	10	* except in compliance with the License. Please obtain a copy of the
	11	* License at http://www.apple.com/publicsource and read it before using
	12	* this file.
1815bff5 A	13	*
	14	* The Original Code and all software distributed under the License are
	15	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	16	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	17	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
d904471c A	18	* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
	19	* License for the specific language governing rights and limitations
	20	* under the License."
1815bff5 A	21	*
	22	* @APPLE_LICENSE_HEADER_END@
	23	*/
	24	#define INFO_NETINFO 0
	25	#define INFO_FILE 1
	26	#define INFO_NIS 2
20e66415	27	#define INFO_DIRECTORYSERVICES 3
1815bff5 A	28
	29	#ifndef __SLICK__
	30	#define _PASSWD_FILE "/etc/master.passwd"
	31	#else
	32	#define _PASSWD_FILE "/etc/passwd"
	33	#endif
	34
	35	#include <stdio.h>
	36	#include <errno.h>
	37	#include <pwd.h>
	38	#include <libc.h>
	39	#include <ctype.h>
	40	#include <string.h>
	41	#include <netinfo/ni.h>
	42	#include "stringops.h"
	43
	44	#ifdef __SLICK__
	45	#define _PASSWORD_LEN 8
	46	#endif
	47
	48	static char *saltchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
	49
	50	extern int file_passwd(char , char );
	51	extern int netinfo_passwd(char , char );
	52	extern int nis_passwd(char , char );
20e66415	53	extern int ds_passwd(char , char );
1815bff5 A	54
	55	void
	56	getpasswd(char *name, int isroot, int minlen, int mixcase, int nonalpha,
	57	char old_pw, char new_pw, char old_clear, char *new_clear)
	58	{
	59	int i, tries, len, pw_ok, upper, lower, alpha, notalpha;
	60	int isNull;
	61	char *p;
	62	static char obuf[_PASSWORD_LEN+1];
	63	static char nbuf[_PASSWORD_LEN+1];
	64	char salt[9];
	65
	66	printf("Changing password for %s.\n", name);
	67
	68	p = "";
	69	isNull = 0;
	70	if (old_pw == NULL) isNull = 1;
	71	if ((isNull == 0) && (old_pw[0] == '\0')) isNull = 1;
	72	if ((isroot == 0) && (isNull == 0))
	73	{
	74	p = getpass("Old password:");
	75	if (strcmp(crypt(p, old_pw), old_pw))
	76	{
	77	errno = EACCES;
	78	fprintf(stderr, "Sorry\n");
	79	exit(1);
	80	}
	81	}
20e66415 A	82	//strcpy(obuf, p);
	83	snprintf( obuf, sizeof(obuf), "%s", p );
	84
1815bff5 A	85	tries = 0;
	86	nbuf[0] = '\0';
	87	for (;;)
	88	{
	89	p = getpass("New password:");
	90	if (!*p)
	91	{
	92	printf("Password unchanged.\n");
	93	exit(0);
	94	}
	95
	96	tries++;
	97	len = strlen(p);
	98	upper = 0;
	99	lower = 0;
	100	alpha = 0;
	101	notalpha = 0;
	102	for (i = 0; i < len; i++)
	103	{
	104	if (isupper(p[i])) upper++;
	105	if (islower(p[i])) lower++;
	106	if (isalpha(p[i])) alpha++;
	107	else notalpha++;
	108	}
	109
	110
	111	pw_ok = 1;
	112	if (len < minlen) pw_ok = 0;
	113	if ((mixcase == 1) && ((upper == 0) \|\| (lower == 0))) pw_ok = 0;
	114	if ((nonalpha == 1) && (notalpha == 0)) pw_ok = 0;
	115
	116	/*
	117	* An insistent root may override security options.
	118	*/
	119	if ((isroot == 1) && (tries > 2)) pw_ok = 1;
	120
	121	/*
	122	* A very insistent user may override security options.
	123	*/
	124	if (tries > 4) pw_ok = 1;
	125
	126	if (pw_ok == 0)
	127	{
	128	if (len < minlen)
	129	printf("Password must be at least %d characters long.\n", minlen);
	130	if ((mixcase == 1) && ((upper == 0) \|\| (lower == 0)))
	131	printf("Password must contain both upper and lower case characters.\n");
	132	if ((nonalpha == 1) && (notalpha == 0))
	133	printf("Password must contain non-alphabetic characters.\n");
	134	continue;
	135	}
	136
20e66415 A	137	//strcpy(nbuf, p);
	138	snprintf( nbuf, sizeof(nbuf), "%s", p );
	139
1815bff5 A	140	if (!strcmp(nbuf, getpass("Retype new password:"))) break;
	141
	142	printf("Mismatch; try again, EOF to quit.\n");
	143	}
	144
	145	/*
	146	* Create a random salt
	147	*/
	148	srandom((int)time((time_t *)NULL));
	149	salt[0] = saltchars[random() % strlen(saltchars)];
	150	salt[1] = saltchars[random() % strlen(saltchars)];
	151	salt[2] = '\0';
	152	*new_pw = crypt(nbuf, salt);
	153
	154	*old_clear = obuf;
	155	*new_clear = nbuf;
	156	return;
	157	}
	158
	159	void
	160	usage()
	161	{
	162	fprintf(stderr, "usage: passwd [-i infosystem] [-l location] [name]\n");
	163	fprintf(stderr, "supported infosystems are:\n");
	164	fprintf(stderr, " netinfo\n");
	165	fprintf(stderr, " file\n");
	166	fprintf(stderr, " nis\n");
20e66415	167	fprintf(stderr, " opendirectory\n");
1815bff5 A	168	fprintf(stderr, "for netinfo, location may be a domain name or server/tag\n");
	169	fprintf(stderr, "for file, location may be a file name (%s is the default)\n",
	170	_PASSWD_FILE);
	171	fprintf(stderr, "for nis, location may be a NIS domainname\n");
20e66415	172	fprintf(stderr, "for opendirectory, location may be a directory node name\n");
1815bff5 A	173	exit(1);
	174	}
	175
	176	int
	177	main(int argc, char *argv[])
	178	{
	179	char user, locn;
	180	int i, infosystem;
20e66415 A	181
	182	/* since DS works for most infosystems, make it the default */
	183	//infosystem = INFO_NETINFO;
	184	infosystem = INFO_DIRECTORYSERVICES;
1815bff5 A	185	user = NULL;
1815bff5 A	186	locn = NULL;
20e66415	187
1815bff5 A	188	for (i = 1; i < argc; i++)
	189	{
	190	if (!strcmp(argv[i], "-i"))
	191	{
	192	if (++i >= argc)
	193	{
	194	fprintf(stderr, "no argument for -i option\n");
	195	usage();
	196	}
	197
	198	if (!strcmp(argv[i], "NetInfo")) infosystem = INFO_NETINFO;
	199	else if (!strcmp(argv[i], "netinfo")) infosystem = INFO_NETINFO;
	200	else if (!strcmp(argv[i], "File")) infosystem = INFO_FILE;
	201	else if (!strcmp(argv[i], "file")) infosystem = INFO_FILE;
	202	else if (!strcmp(argv[i], "NIS")) infosystem = INFO_NIS;
	203	else if (!strcmp(argv[i], "nis")) infosystem = INFO_NIS;
	204	else if (!strcmp(argv[i], "YP")) infosystem = INFO_NIS;
	205	else if (!strcmp(argv[i], "yp")) infosystem = INFO_NIS;
20e66415	206	else if (!strcasecmp(argv[i], "opendirectory")) infosystem = INFO_DIRECTORYSERVICES;
1815bff5 A	207	else
	208	{
	209	fprintf(stderr, "unknown info system \"%s\"\n", argv[i]);
	210	usage();
	211	}
	212	}
	213
	214	else if (!strcmp(argv[i], "-l"))
	215	{
	216	if (++i >= argc)
	217	{
	218	fprintf(stderr, "no argument for -l option\n");
	219	usage();
	220	}
	221	locn = argv[i];
	222	}
	223	else if (user == NULL) user = argv[i];
	224	else usage();
	225	}
	226
	227	if (user == NULL)
	228	{
	229	/*
	230	* Verify that the login name exists.
	231	* lukeh 24 Dec 1997
	232	*/
	233	if ((user = getlogin()) == NULL)
	234	{
	235	fprintf(stderr, "you don't have a login name\n");
	236	exit(1);
	237	}
	238	}
	239
	240	switch (infosystem)
	241	{
	242	case INFO_NETINFO:
	243	netinfo_passwd(user, locn);
	244	break;
	245	case INFO_FILE:
	246	file_passwd(user, locn);
	247	break;
	248	case INFO_NIS:
	249	nis_passwd(user, locn);
	250	break;
20e66415 A	251	case INFO_DIRECTORYSERVICES:
	252	ds_passwd(user, locn);
	253	break;
1815bff5 A	254	}
	255
	256	exit(0);
	257	}
	258