]> git.saurik.com Git - apple/system_cmds.git/blob - passwd.tproj/nis_passwd.c
system_cmds-336.23.tar.gz
[apple/system_cmds.git] / passwd.tproj / nis_passwd.c
1 /*
2 * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights
7 * Reserved. This file contains Original Code and/or Modifications of
8 * Original Code as defined in and that are subject to the Apple Public
9 * Source License Version 1.0 (the 'License'). You may not use this file
10 * except in compliance with the License. Please obtain a copy of the
11 * License at http://www.apple.com/publicsource and read it before using
12 * this file.
13 *
14 * The Original Code and all software distributed under the License are
15 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
16 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
17 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
19 * License for the specific language governing rights and limitations
20 * under the License."
21 *
22 * @APPLE_LICENSE_HEADER_END@
23 */
24 /*
25 * Portions Copyright (c) 1998 by Apple Computer, Inc.
26 * Portions Copyright (c) 1988 by Sun Microsystems, Inc.
27 * Portions Copyright (c) 1988 The Regents of the University of California.
28 * All rights reserved.
29 *
30 * Redistribution and use in source and binary forms, with or without
31 * modification, are permitted provided that the following conditions
32 * are met:
33 * 1. Redistributions of source code must retain the above copyright
34 * notice, this list of conditions and the following disclaimer.
35 * 2. Redistributions in binary form must reproduce the above copyright
36 * notice, this list of conditions and the following disclaimer in the
37 * documentation and/or other materials provided with the distribution.
38 * 3. All advertising materials mentioning features or use of this software
39 * must display the following acknowledgement:
40 * This product includes software developed by the University of
41 * California, Berkeley and its contributors.
42 * 4. Neither the name of the University nor the names of its contributors
43 * may be used to endorse or promote products derived from this software
44 * without specific prior written permission.
45 *
46 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
47 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
50 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
51 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
52 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
54 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
55 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
56 * SUCH DAMAGE.
57 */
58
59
60 /* update a user's password in NIS. This was based on the Sun implementation
61 * we used in NEXTSTEP, although I've added some stuff from OpenBSD. And
62 * it uses the API to support Rhapsody's proprietry infosystem switch.
63 * lukeh
64 */
65
66 #include <stdio.h>
67 #include <stdlib.h>
68 #include <unistd.h>
69 #include <string.h>
70 #include <pwd.h>
71 #include <netinet/in.h>
72 #include <rpc/types.h>
73 #include <rpc/xdr.h>
74 #include <rpc/rpc.h>
75 #include <rpcsvc/yp_prot.h>
76 #include <rpcsvc/ypclnt.h>
77 #include <rpcsvc/yppasswd.h>
78 #include <netdb.h>
79 #include <sys/socket.h>
80 #include <sys/file.h>
81 #include <errno.h>
82
83 extern int getrpcport(char *, int, int, int);
84 extern void getpasswd(char *, int, int, int, int, char *, char **, char**, char **);
85
86 static struct passwd *ypgetpwnam(char *name, char *domain);
87
88 int nis_passwd(char *uname, char *domain)
89 {
90 int ans, port, ok = -1;
91 char *master;
92 char *ne; /* new encrypted password */
93 char *oc; /* old cleartext password */
94 char *nc; /* new cleartext password */
95 static struct yppasswd yppasswd;
96 struct passwd *pwd;
97 int uid;
98 struct timeval tv;
99 CLIENT *cl;
100
101 if (domain == NULL)
102 {
103 if (yp_get_default_domain(&domain) != 0)
104 {
105 (void)fprintf(stderr, "can't get domain\n");
106 exit(1);
107 }
108 }
109
110 if (yp_master(domain, "passwd.byname", &master) != 0)
111 {
112 (void)fprintf(stderr, "can't get master for passwd file\n");
113 exit(1);
114 }
115
116 port = getrpcport(master, YPPASSWDPROG, YPPASSWDPROC_UPDATE,
117 IPPROTO_UDP);
118 if (port == 0)
119 {
120 (void)fprintf(stderr, "%s is not running yppasswd daemon\n",
121 master);
122 exit(1);
123 }
124 if (port >= IPPORT_RESERVED)
125 {
126 (void)fprintf(stderr,
127 "yppasswd daemon is not running on privileged port\n");
128 exit(1);
129 }
130
131 pwd = ypgetpwnam(uname, domain);
132 if (pwd == NULL)
133 {
134 (void)fprintf(stderr, "user %s not found\n", uname);
135 exit(1);
136 }
137
138 uid = getuid();
139 if (uid != 0 && uid != pwd->pw_uid)
140 {
141 (void)fprintf(stderr, "you may only change your own password\n");
142 exit(1);
143 }
144
145 getpasswd(uname, 0, 5, 0, 0, pwd->pw_passwd, &ne, &oc, &nc);
146
147 yppasswd.oldpass = oc;
148 yppasswd.newpw.pw_name = pwd->pw_name;
149 yppasswd.newpw.pw_passwd = ne;
150 yppasswd.newpw.pw_uid = pwd->pw_uid;
151 yppasswd.newpw.pw_gid = pwd->pw_gid;
152 yppasswd.newpw.pw_gecos = pwd->pw_gecos;
153 yppasswd.newpw.pw_dir = pwd->pw_dir;
154 yppasswd.newpw.pw_shell = pwd->pw_shell;
155
156 cl = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp");
157 if (cl == NULL)
158 {
159 (void)fprintf(stderr, "could not contact yppasswdd on %s\n", master);
160 exit(1);
161 }
162 cl->cl_auth = authunix_create_default();
163 tv.tv_sec = 2;
164 tv.tv_usec = 0;
165 ans = clnt_call(cl, YPPASSWDPROC_UPDATE,
166 xdr_yppasswd, &yppasswd, xdr_int, &ok, tv);
167
168 if (ans != 0)
169 {
170 clnt_perrno(ans);
171 (void)fprintf(stderr, "\n");
172 (void)fprintf(stderr, "couldn't change passwd\n");
173 exit(1);
174 }
175 if (ok != 0)
176 {
177 (void)fprintf(stderr, "couldn't change passwd\n");
178 exit(1);
179 }
180 return(0);
181 }
182
183 static char *
184 pwskip(register char *p)
185 {
186 while (*p && *p != ':' && *p != '\n')
187 ++p;
188 if (*p)
189 *p++ = 0;
190 return (p);
191 }
192
193 struct passwd *
194 interpret(struct passwd *pwent, char *line)
195 {
196 register char *p = line;
197
198 pwent->pw_passwd = "*";
199 pwent->pw_uid = 0;
200 pwent->pw_gid = 0;
201 pwent->pw_gecos = "";
202 pwent->pw_dir = "";
203 pwent->pw_shell = "";
204 #ifndef __SLICK__
205 pwent->pw_change = 0;
206 pwent->pw_expire = 0;
207 pwent->pw_class = "";
208 #endif
209
210 /* line without colon separators is no good, so ignore it */
211 if(!strchr(p, ':'))
212 return(NULL);
213
214 pwent->pw_name = p;
215 p = pwskip(p);
216 pwent->pw_passwd = p;
217 p = pwskip(p);
218 pwent->pw_uid = (uid_t)strtoul(p, NULL, 10);
219 p = pwskip(p);
220 pwent->pw_gid = (gid_t)strtoul(p, NULL, 10);
221 p = pwskip(p);
222 pwent->pw_gecos = p;
223 p = pwskip(p);
224 pwent->pw_dir = p;
225 p = pwskip(p);
226 pwent->pw_shell = p;
227 while (*p && *p != '\n')
228 p++;
229 *p = '\0';
230 return (pwent);
231 }
232
233
234 static struct passwd *
235 ypgetpwnam(char *nam, char *domain)
236 {
237 static struct passwd pwent;
238 char *val;
239 int reason, vallen;
240 static char *__yplin = NULL;
241
242 reason = yp_match(domain, "passwd.byname", nam, strlen(nam),
243 &val, &vallen);
244 switch(reason) {
245 case 0:
246 break;
247 default:
248 return (NULL);
249 break;
250 }
251 val[vallen] = '\0';
252 if (__yplin)
253 free(__yplin);
254 __yplin = (char *)malloc(vallen + 1);
255 strcpy(__yplin, val);
256 free(val);
257
258 return(interpret(&pwent, __yplin));
259 }