]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. | |
3 | * | |
4 | * @APPLE_LICENSE_HEADER_START@ | |
5 | * | |
6 | * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights | |
7 | * Reserved. This file contains Original Code and/or Modifications of | |
8 | * Original Code as defined in and that are subject to the Apple Public | |
9 | * Source License Version 1.0 (the 'License'). You may not use this file | |
10 | * except in compliance with the License. Please obtain a copy of the | |
11 | * License at http://www.apple.com/publicsource and read it before using | |
12 | * this file. | |
13 | * | |
14 | * The Original Code and all software distributed under the License are | |
15 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
16 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, | |
17 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
18 | * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the | |
19 | * License for the specific language governing rights and limitations | |
20 | * under the License." | |
21 | * | |
22 | * @APPLE_LICENSE_HEADER_END@ | |
23 | */ | |
24 | /* | |
25 | * Portions Copyright (c) 1998 by Apple Computer, Inc. | |
26 | * Portions Copyright (c) 1988 by Sun Microsystems, Inc. | |
27 | * Portions Copyright (c) 1988 The Regents of the University of California. | |
28 | * All rights reserved. | |
29 | * | |
30 | * Redistribution and use in source and binary forms, with or without | |
31 | * modification, are permitted provided that the following conditions | |
32 | * are met: | |
33 | * 1. Redistributions of source code must retain the above copyright | |
34 | * notice, this list of conditions and the following disclaimer. | |
35 | * 2. Redistributions in binary form must reproduce the above copyright | |
36 | * notice, this list of conditions and the following disclaimer in the | |
37 | * documentation and/or other materials provided with the distribution. | |
38 | * 3. All advertising materials mentioning features or use of this software | |
39 | * must display the following acknowledgement: | |
40 | * This product includes software developed by the University of | |
41 | * California, Berkeley and its contributors. | |
42 | * 4. Neither the name of the University nor the names of its contributors | |
43 | * may be used to endorse or promote products derived from this software | |
44 | * without specific prior written permission. | |
45 | * | |
46 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | |
47 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
48 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
49 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
50 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
51 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
52 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
53 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
54 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
55 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
56 | * SUCH DAMAGE. | |
57 | */ | |
58 | ||
59 | ||
60 | /* update a user's password in NIS. This was based on the Sun implementation | |
61 | * we used in NEXTSTEP, although I've added some stuff from OpenBSD. And | |
62 | * it uses the API to support Rhapsody's proprietry infosystem switch. | |
63 | * lukeh | |
64 | */ | |
65 | ||
66 | #include <stdio.h> | |
67 | #include <stdlib.h> | |
68 | #include <unistd.h> | |
69 | #include <string.h> | |
70 | #include <pwd.h> | |
71 | #include <netinet/in.h> | |
72 | #include <rpc/types.h> | |
73 | #include <rpc/xdr.h> | |
74 | #include <rpc/rpc.h> | |
75 | #include <rpcsvc/yp_prot.h> | |
76 | #include <rpcsvc/ypclnt.h> | |
77 | #include <rpcsvc/yppasswd.h> | |
78 | #include <netdb.h> | |
79 | #include <sys/socket.h> | |
80 | #include <sys/file.h> | |
81 | #include <errno.h> | |
82 | ||
83 | extern int getrpcport(char *, int, int, int); | |
84 | extern void getpasswd(char *, int, int, int, int, char *, char **, char**, char **); | |
85 | ||
86 | static struct passwd *ypgetpwnam(char *name, char *domain); | |
87 | ||
88 | int nis_passwd(char *uname, char *domain) | |
89 | { | |
90 | int ans, port, ok = -1; | |
91 | char *master; | |
92 | char *ne; /* new encrypted password */ | |
93 | char *oc; /* old cleartext password */ | |
94 | char *nc; /* new cleartext password */ | |
95 | static struct yppasswd yppasswd; | |
96 | struct passwd *pwd; | |
97 | int uid; | |
98 | struct timeval tv; | |
99 | CLIENT *cl; | |
100 | ||
101 | if (domain == NULL) | |
102 | { | |
103 | if (yp_get_default_domain(&domain) != 0) | |
104 | { | |
105 | (void)fprintf(stderr, "can't get domain\n"); | |
106 | exit(1); | |
107 | } | |
108 | } | |
109 | ||
110 | if (yp_master(domain, "passwd.byname", &master) != 0) | |
111 | { | |
112 | (void)fprintf(stderr, "can't get master for passwd file\n"); | |
113 | exit(1); | |
114 | } | |
115 | ||
116 | port = getrpcport(master, YPPASSWDPROG, YPPASSWDPROC_UPDATE, | |
117 | IPPROTO_UDP); | |
118 | if (port == 0) | |
119 | { | |
120 | (void)fprintf(stderr, "%s is not running yppasswd daemon\n", | |
121 | master); | |
122 | exit(1); | |
123 | } | |
124 | if (port >= IPPORT_RESERVED) | |
125 | { | |
126 | (void)fprintf(stderr, | |
127 | "yppasswd daemon is not running on privileged port\n"); | |
128 | exit(1); | |
129 | } | |
130 | ||
131 | pwd = ypgetpwnam(uname, domain); | |
132 | if (pwd == NULL) | |
133 | { | |
134 | (void)fprintf(stderr, "user %s not found\n", uname); | |
135 | exit(1); | |
136 | } | |
137 | ||
138 | uid = getuid(); | |
139 | if (uid != 0 && uid != pwd->pw_uid) | |
140 | { | |
141 | (void)fprintf(stderr, "you may only change your own password\n"); | |
142 | exit(1); | |
143 | } | |
144 | ||
145 | getpasswd(uname, 0, 5, 0, 0, pwd->pw_passwd, &ne, &oc, &nc); | |
146 | ||
147 | yppasswd.oldpass = oc; | |
148 | yppasswd.newpw.pw_name = pwd->pw_name; | |
149 | yppasswd.newpw.pw_passwd = ne; | |
150 | yppasswd.newpw.pw_uid = pwd->pw_uid; | |
151 | yppasswd.newpw.pw_gid = pwd->pw_gid; | |
152 | yppasswd.newpw.pw_gecos = pwd->pw_gecos; | |
153 | yppasswd.newpw.pw_dir = pwd->pw_dir; | |
154 | yppasswd.newpw.pw_shell = pwd->pw_shell; | |
155 | ||
156 | cl = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp"); | |
157 | if (cl == NULL) | |
158 | { | |
159 | (void)fprintf(stderr, "could not contact yppasswdd on %s\n", master); | |
160 | exit(1); | |
161 | } | |
162 | cl->cl_auth = authunix_create_default(); | |
163 | tv.tv_sec = 2; | |
164 | tv.tv_usec = 0; | |
165 | ans = clnt_call(cl, YPPASSWDPROC_UPDATE, | |
166 | xdr_yppasswd, &yppasswd, xdr_int, &ok, tv); | |
167 | ||
168 | if (ans != 0) | |
169 | { | |
170 | clnt_perrno(ans); | |
171 | (void)fprintf(stderr, "\n"); | |
172 | (void)fprintf(stderr, "couldn't change passwd\n"); | |
173 | exit(1); | |
174 | } | |
175 | if (ok != 0) | |
176 | { | |
177 | (void)fprintf(stderr, "couldn't change passwd\n"); | |
178 | exit(1); | |
179 | } | |
180 | return(0); | |
181 | } | |
182 | ||
183 | static char * | |
184 | pwskip(register char *p) | |
185 | { | |
186 | while (*p && *p != ':' && *p != '\n') | |
187 | ++p; | |
188 | if (*p) | |
189 | *p++ = 0; | |
190 | return (p); | |
191 | } | |
192 | ||
193 | struct passwd * | |
194 | interpret(struct passwd *pwent, char *line) | |
195 | { | |
196 | register char *p = line; | |
197 | ||
198 | pwent->pw_passwd = "*"; | |
199 | pwent->pw_uid = 0; | |
200 | pwent->pw_gid = 0; | |
201 | pwent->pw_gecos = ""; | |
202 | pwent->pw_dir = ""; | |
203 | pwent->pw_shell = ""; | |
204 | #ifndef __SLICK__ | |
205 | pwent->pw_change = 0; | |
206 | pwent->pw_expire = 0; | |
207 | pwent->pw_class = ""; | |
208 | #endif | |
209 | ||
210 | /* line without colon separators is no good, so ignore it */ | |
211 | if(!strchr(p, ':')) | |
212 | return(NULL); | |
213 | ||
214 | pwent->pw_name = p; | |
215 | p = pwskip(p); | |
216 | pwent->pw_passwd = p; | |
217 | p = pwskip(p); | |
218 | pwent->pw_uid = (uid_t)strtoul(p, NULL, 10); | |
219 | p = pwskip(p); | |
220 | pwent->pw_gid = (gid_t)strtoul(p, NULL, 10); | |
221 | p = pwskip(p); | |
222 | pwent->pw_gecos = p; | |
223 | p = pwskip(p); | |
224 | pwent->pw_dir = p; | |
225 | p = pwskip(p); | |
226 | pwent->pw_shell = p; | |
227 | while (*p && *p != '\n') | |
228 | p++; | |
229 | *p = '\0'; | |
230 | return (pwent); | |
231 | } | |
232 | ||
233 | ||
234 | static struct passwd * | |
235 | ypgetpwnam(char *nam, char *domain) | |
236 | { | |
237 | static struct passwd pwent; | |
238 | char *val; | |
239 | int reason, vallen; | |
240 | static char *__yplin = NULL; | |
241 | ||
242 | reason = yp_match(domain, "passwd.byname", nam, strlen(nam), | |
243 | &val, &vallen); | |
244 | switch(reason) { | |
245 | case 0: | |
246 | break; | |
247 | default: | |
248 | return (NULL); | |
249 | break; | |
250 | } | |
251 | val[vallen] = '\0'; | |
252 | if (__yplin) | |
253 | free(__yplin); | |
254 | __yplin = (char *)malloc(vallen + 1); | |
255 | strcpy(__yplin, val); | |
256 | free(val); | |
257 | ||
258 | return(interpret(&pwent, __yplin)); | |
259 | } |