]> git.saurik.com Git - apple/system_cmds.git/blob - chkpasswd.tproj/ds_passwd.c
system_cmds-258.tar.gz
[apple/system_cmds.git] / chkpasswd.tproj / ds_passwd.c
1 /*
2 * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights
7 * Reserved. This file contains Original Code and/or Modifications of
8 * Original Code as defined in and that are subject to the Apple Public
9 * Source License Version 1.0 (the 'License'). You may not use this file
10 * except in compliance with the License. Please obtain a copy of the
11 * License at http://www.apple.com/publicsource and read it before using
12 * this file.
13 *
14 * The Original Code and all software distributed under the License are
15 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
16 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
17 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
19 * License for the specific language governing rights and limitations
20 * under the License."
21 *
22 * @APPLE_LICENSE_HEADER_END@
23 */
24 /*
25 * Copyright (c) 1998 by Apple Computer, Inc.
26 * Portions Copyright (c) 1988 by Sun Microsystems, Inc.
27 * Portions Copyright (c) 1988 The Regents of the University of California.
28 * All rights reserved.
29 *
30 * Redistribution and use in source and binary forms, with or without
31 * modification, are permitted provided that the following conditions
32 * are met:
33 * 1. Redistributions of source code must retain the above copyright
34 * notice, this list of conditions and the following disclaimer.
35 * 2. Redistributions in binary form must reproduce the above copyright
36 * notice, this list of conditions and the following disclaimer in the
37 * documentation and/or other materials provided with the distribution.
38 * 3. All advertising materials mentioning features or use of this software
39 * must display the following acknowledgement:
40 * This product includes software developed by the University of
41 * California, Berkeley and its contributors.
42 * 4. Neither the name of the University nor the names of its contributors
43 * may be used to endorse or promote products derived from this software
44 * without specific prior written permission.
45 *
46 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
47 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
50 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
51 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
52 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
54 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
55 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
56 * SUCH DAMAGE.
57 */
58
59 #include <stdio.h>
60 #include <stdlib.h>
61 #include <unistd.h>
62 #include <string.h>
63 #include <pwd.h>
64 #include <netinet/in.h>
65 #include <rpc/types.h>
66 #include <rpc/xdr.h>
67 #include <rpc/rpc.h>
68 #include <rpcsvc/yp_prot.h>
69 #include <rpcsvc/ypclnt.h>
70 #include <rpcsvc/yppasswd.h>
71 #include <netdb.h>
72 #include <sys/socket.h>
73 #include <sys/file.h>
74 #include <errno.h>
75
76 #include <DirectoryService/DirServices.h>
77 #include <DirectoryService/DirServicesConst.h>
78 #include <DirectoryService/DirServicesTypes.h>
79 #include <DirectoryService/DirServicesUtils.h>
80
81 // password server can store 511 characters + a terminator.
82 #define kMaxPassword 512
83
84 #define SaySorryAndBail() {status = -1; break;}
85
86 //-------------------------------------------------------------------------------------
87 // ds_check_passwd
88 //-------------------------------------------------------------------------------------
89
90 int ds_check_passwd(char *uname, char *domain)
91 {
92 char *p = NULL;
93 tDirReference dsRef = 0;
94 tDataBuffer *tDataBuff = NULL;
95 tDirNodeReference nodeRef = 0;
96 long status = eDSNoErr;
97 tContextData context = NULL;
98 unsigned long nodeCount = 0;
99 unsigned long attrIndex = 0;
100 tDataList *nodeName = NULL;
101 tAttributeEntryPtr pAttrEntry = NULL;
102 tDataList *pRecName = NULL;
103 tDataList *pRecType = NULL;
104 tDataList *pAttrType = NULL;
105 unsigned long recCount = 0;
106 tRecordEntry *pRecEntry = NULL;
107 tAttributeListRef attrListRef = 0;
108 char *pUserLocation = NULL;
109 char *pUserName = NULL;
110 tAttributeValueListRef valueRef = 0;
111 tAttributeValueEntry *pValueEntry = NULL;
112 tDataList *pUserNode = NULL;
113 tDirNodeReference userNodeRef = 0;
114 tDataBuffer *pStepBuff = NULL;
115 tDataNode *pAuthType = NULL;
116 unsigned long uiCurr = 0;
117 unsigned long uiLen = 0;
118
119 do
120 {
121 if (uname == NULL)
122 SaySorryAndBail();
123
124 printf("Checking password for %s.\n", uname);
125 p = getpass("Password:");
126 if ( p == NULL )
127 SaySorryAndBail();
128
129 status = dsOpenDirService( &dsRef );
130 if ( status != eDSNoErr )
131 SaySorryAndBail();
132
133 tDataBuff = dsDataBufferAllocate( dsRef, 4096 );
134 if (tDataBuff == NULL)
135 SaySorryAndBail();
136
137 if ( domain != NULL )
138 {
139 nodeName = dsBuildFromPath( dsRef, domain, "/" );
140 if ( nodeName == NULL ) break;
141
142 // find
143 status = dsFindDirNodes( dsRef, tDataBuff, nodeName, eDSiExact, &nodeCount, &context );
144 }
145 else
146 {
147 // find on search node
148 status = dsFindDirNodes( dsRef, tDataBuff, NULL, eDSSearchNodeName, &nodeCount, &context );
149 }
150
151 if ( status != eDSNoErr )
152 SaySorryAndBail();
153
154 if ( nodeCount < 1 )
155 SaySorryAndBail();
156
157 status = dsGetDirNodeName( dsRef, tDataBuff, 1, &nodeName );
158 if (status != eDSNoErr)
159 SaySorryAndBail();
160
161 status = dsOpenDirNode( dsRef, nodeName, &nodeRef );
162 dsDataListDeallocate( dsRef, nodeName );
163 free( nodeName );
164 nodeName = NULL;
165 if (status != eDSNoErr)
166 SaySorryAndBail();
167
168 pRecName = dsBuildListFromStrings( dsRef, uname, NULL );
169 pRecType = dsBuildListFromStrings( dsRef, kDSStdRecordTypeUsers, NULL );
170 pAttrType = dsBuildListFromStrings( dsRef, kDSNAttrMetaNodeLocation, kDSNAttrRecordName, NULL );
171
172 recCount = 1;
173 status = dsGetRecordList( nodeRef, tDataBuff, pRecName, eDSExact, pRecType,
174 pAttrType, 0, &recCount, &context );
175 if ( status != eDSNoErr || recCount == 0 )
176 SaySorryAndBail();
177
178 status = dsGetRecordEntry( nodeRef, tDataBuff, 1, &attrListRef, &pRecEntry );
179 if ( status != eDSNoErr )
180 SaySorryAndBail();
181
182 for ( attrIndex = 1; (attrIndex <= pRecEntry->fRecordAttributeCount) && (status == eDSNoErr); attrIndex++ )
183 {
184 status = dsGetAttributeEntry( nodeRef, tDataBuff, attrListRef, attrIndex, &valueRef, &pAttrEntry );
185 if ( status == eDSNoErr && pAttrEntry != NULL )
186 {
187 if ( strcmp( pAttrEntry->fAttributeSignature.fBufferData, kDSNAttrMetaNodeLocation ) == 0 )
188 {
189 status = dsGetAttributeValue( nodeRef, tDataBuff, 1, valueRef, &pValueEntry );
190 if ( status == eDSNoErr && pValueEntry != NULL )
191 {
192 pUserLocation = (char *) calloc( pValueEntry->fAttributeValueData.fBufferLength + 1, sizeof(char) );
193 memcpy( pUserLocation, pValueEntry->fAttributeValueData.fBufferData, pValueEntry->fAttributeValueData.fBufferLength );
194 }
195 }
196 else
197 if ( strcmp( pAttrEntry->fAttributeSignature.fBufferData, kDSNAttrRecordName ) == 0 )
198 {
199 status = dsGetAttributeValue( nodeRef, tDataBuff, 1, valueRef, &pValueEntry );
200 if ( status == eDSNoErr && pValueEntry != NULL )
201 {
202 pUserName = (char *) calloc( pValueEntry->fAttributeValueData.fBufferLength + 1, sizeof(char) );
203 memcpy( pUserName, pValueEntry->fAttributeValueData.fBufferData, pValueEntry->fAttributeValueData.fBufferLength );
204 }
205 }
206
207 if ( pValueEntry != NULL )
208 dsDeallocAttributeValueEntry( dsRef, pValueEntry );
209 pValueEntry = NULL;
210
211 dsDeallocAttributeEntry( dsRef, pAttrEntry );
212 pAttrEntry = NULL;
213 dsCloseAttributeValueList( valueRef );
214 valueRef = 0;
215 }
216 }
217
218 pUserNode = dsBuildFromPath( dsRef, pUserLocation, "/" );
219 status = dsOpenDirNode( dsRef, pUserNode, &userNodeRef );
220 if ( status != eDSNoErr )
221 SaySorryAndBail();
222
223 pStepBuff = dsDataBufferAllocate( dsRef, 128 );
224
225 pAuthType = dsDataNodeAllocateString( dsRef, kDSStdAuthNodeNativeClearTextOK );
226 uiCurr = 0;
227
228 // User name
229 uiLen = strlen( pUserName );
230 memcpy( &(tDataBuff->fBufferData[ uiCurr ]), &uiLen, sizeof( unsigned long ) );
231 uiCurr += sizeof( unsigned long );
232 memcpy( &(tDataBuff->fBufferData[ uiCurr ]), pUserName, uiLen );
233 uiCurr += uiLen;
234
235 // pw
236 uiLen = strlen( p );
237 memcpy( &(tDataBuff->fBufferData[ uiCurr ]), &uiLen, sizeof( unsigned long ) );
238 uiCurr += sizeof( unsigned long );
239 memcpy( &(tDataBuff->fBufferData[ uiCurr ]), p, uiLen );
240 uiCurr += uiLen;
241
242 tDataBuff->fBufferLength = uiCurr;
243
244 status = dsDoDirNodeAuth( userNodeRef, pAuthType, 1, tDataBuff, pStepBuff, NULL );
245
246 }
247 while ( 0 );
248
249 // clean up
250 if (tDataBuff != NULL) {
251 memset(tDataBuff, 0, tDataBuff->fBufferSize);
252 dsDataBufferDeAllocate( dsRef, tDataBuff );
253 tDataBuff = NULL;
254 }
255
256 if (pStepBuff != NULL) {
257 dsDataBufferDeAllocate( dsRef, pStepBuff );
258 pStepBuff = NULL;
259 }
260 if (pUserLocation != NULL ) {
261 free(pUserLocation);
262 pUserLocation = NULL;
263 }
264 if (pRecName != NULL) {
265 dsDataListDeallocate( dsRef, pRecName );
266 free( pRecName );
267 pRecName = NULL;
268 }
269 if (pRecType != NULL) {
270 dsDataListDeallocate( dsRef, pRecType );
271 free( pRecType );
272 pRecType = NULL;
273 }
274 if (pAttrType != NULL) {
275 dsDataListDeallocate( dsRef, pAttrType );
276 free( pAttrType );
277 pAttrType = NULL;
278 }
279 if (nodeRef != 0) {
280 dsCloseDirNode(nodeRef);
281 nodeRef = 0;
282 }
283 if (dsRef != 0) {
284 dsCloseDirService(dsRef);
285 dsRef = 0;
286 }
287
288 if ( status != eDSNoErr )
289 {
290 errno = EACCES;
291 fprintf(stderr, "Sorry\n");
292 exit(1);
293 }
294
295 return 0;
296 }
297
298
299
300
301
302