]> git.saurik.com Git - apple/system_cmds.git/blob - passwd.tproj/passwd.c
system_cmds-336.23.tar.gz
[apple/system_cmds.git] / passwd.tproj / passwd.c
1 /*
2 * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights
7 * Reserved. This file contains Original Code and/or Modifications of
8 * Original Code as defined in and that are subject to the Apple Public
9 * Source License Version 1.0 (the 'License'). You may not use this file
10 * except in compliance with the License. Please obtain a copy of the
11 * License at http://www.apple.com/publicsource and read it before using
12 * this file.
13 *
14 * The Original Code and all software distributed under the License are
15 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
16 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
17 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
19 * License for the specific language governing rights and limitations
20 * under the License."
21 *
22 * @APPLE_LICENSE_HEADER_END@
23 */
24 #define INFO_NETINFO 0
25 #define INFO_FILE 1
26 #define INFO_NIS 2
27 #define INFO_DIRECTORYSERVICES 3
28
29 #ifndef __SLICK__
30 #define _PASSWD_FILE "/etc/master.passwd"
31 #else
32 #define _PASSWD_FILE "/etc/passwd"
33 #endif
34
35 #include <stdio.h>
36 #include <errno.h>
37 #include <pwd.h>
38 #include <libc.h>
39 #include <ctype.h>
40 #include <string.h>
41 #include <netinfo/ni.h>
42 #include "stringops.h"
43
44 #ifdef __SLICK__
45 #define _PASSWORD_LEN 8
46 #endif
47
48 static char *saltchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
49
50 extern int file_passwd(char *, char *);
51 extern int netinfo_passwd(char *, char *);
52 extern int nis_passwd(char *, char *);
53 extern int ds_passwd(char *, char *);
54
55 void
56 getpasswd(char *name, int isroot, int minlen, int mixcase, int nonalpha,
57 char *old_pw, char **new_pw, char **old_clear, char **new_clear)
58 {
59 int i, tries, len, pw_ok, upper, lower, alpha, notalpha;
60 int isNull;
61 char *p;
62 static char obuf[_PASSWORD_LEN+1];
63 static char nbuf[_PASSWORD_LEN+1];
64 char salt[9];
65
66 printf("Changing password for %s.\n", name);
67
68 p = "";
69 isNull = 0;
70 if (old_pw == NULL) isNull = 1;
71 if ((isNull == 0) && (old_pw[0] == '\0')) isNull = 1;
72 if ((isroot == 0) && (isNull == 0))
73 {
74 p = getpass("Old password:");
75 if (strcmp(crypt(p, old_pw), old_pw))
76 {
77 errno = EACCES;
78 fprintf(stderr, "Sorry\n");
79 exit(1);
80 }
81 }
82 //strcpy(obuf, p);
83 snprintf( obuf, sizeof(obuf), "%s", p );
84
85 tries = 0;
86 nbuf[0] = '\0';
87 for (;;)
88 {
89 p = getpass("New password:");
90 if (!*p)
91 {
92 printf("Password unchanged.\n");
93 exit(0);
94 }
95
96 tries++;
97 len = strlen(p);
98 upper = 0;
99 lower = 0;
100 alpha = 0;
101 notalpha = 0;
102 for (i = 0; i < len; i++)
103 {
104 if (isupper(p[i])) upper++;
105 if (islower(p[i])) lower++;
106 if (isalpha(p[i])) alpha++;
107 else notalpha++;
108 }
109
110
111 pw_ok = 1;
112 if (len < minlen) pw_ok = 0;
113 if ((mixcase == 1) && ((upper == 0) || (lower == 0))) pw_ok = 0;
114 if ((nonalpha == 1) && (notalpha == 0)) pw_ok = 0;
115
116 /*
117 * An insistent root may override security options.
118 */
119 if ((isroot == 1) && (tries > 2)) pw_ok = 1;
120
121 /*
122 * A very insistent user may override security options.
123 */
124 if (tries > 4) pw_ok = 1;
125
126 if (pw_ok == 0)
127 {
128 if (len < minlen)
129 printf("Password must be at least %d characters long.\n", minlen);
130 if ((mixcase == 1) && ((upper == 0) || (lower == 0)))
131 printf("Password must contain both upper and lower case characters.\n");
132 if ((nonalpha == 1) && (notalpha == 0))
133 printf("Password must contain non-alphabetic characters.\n");
134 continue;
135 }
136
137 //strcpy(nbuf, p);
138 snprintf( nbuf, sizeof(nbuf), "%s", p );
139
140 if (!strcmp(nbuf, getpass("Retype new password:"))) break;
141
142 printf("Mismatch; try again, EOF to quit.\n");
143 }
144
145 /*
146 * Create a random salt
147 */
148 srandom((int)time((time_t *)NULL));
149 salt[0] = saltchars[random() % strlen(saltchars)];
150 salt[1] = saltchars[random() % strlen(saltchars)];
151 salt[2] = '\0';
152 *new_pw = crypt(nbuf, salt);
153
154 *old_clear = obuf;
155 *new_clear = nbuf;
156 return;
157 }
158
159 void
160 usage()
161 {
162 fprintf(stderr, "usage: passwd [-i infosystem] [-l location] [name]\n");
163 fprintf(stderr, "supported infosystems are:\n");
164 fprintf(stderr, " netinfo\n");
165 fprintf(stderr, " file\n");
166 fprintf(stderr, " nis\n");
167 fprintf(stderr, " opendirectory\n");
168 fprintf(stderr, "for netinfo, location may be a domain name or server/tag\n");
169 fprintf(stderr, "for file, location may be a file name (%s is the default)\n",
170 _PASSWD_FILE);
171 fprintf(stderr, "for nis, location may be a NIS domainname\n");
172 fprintf(stderr, "for opendirectory, location may be a directory node name\n");
173 exit(1);
174 }
175
176 int
177 main(int argc, char *argv[])
178 {
179 char *user, *locn;
180 int i, infosystem;
181 int free_user = 0;
182
183 /* since DS works for most infosystems, make it the default */
184 //infosystem = INFO_NETINFO;
185 infosystem = INFO_DIRECTORYSERVICES;
186 user = NULL;
187 locn = NULL;
188
189 for (i = 1; i < argc; i++)
190 {
191 if (!strcmp(argv[i], "-i"))
192 {
193 if (++i >= argc)
194 {
195 fprintf(stderr, "no argument for -i option\n");
196 usage();
197 }
198
199 if (!strcmp(argv[i], "NetInfo")) infosystem = INFO_NETINFO;
200 else if (!strcmp(argv[i], "netinfo")) infosystem = INFO_NETINFO;
201 else if (!strcmp(argv[i], "File")) infosystem = INFO_FILE;
202 else if (!strcmp(argv[i], "file")) infosystem = INFO_FILE;
203 else if (!strcmp(argv[i], "NIS")) infosystem = INFO_NIS;
204 else if (!strcmp(argv[i], "nis")) infosystem = INFO_NIS;
205 else if (!strcmp(argv[i], "YP")) infosystem = INFO_NIS;
206 else if (!strcmp(argv[i], "yp")) infosystem = INFO_NIS;
207 else if (!strcasecmp(argv[i], "opendirectory")) infosystem = INFO_DIRECTORYSERVICES;
208 else
209 {
210 fprintf(stderr, "unknown info system \"%s\"\n", argv[i]);
211 usage();
212 }
213 }
214
215 else if (!strcmp(argv[i], "-l"))
216 {
217 if (++i >= argc)
218 {
219 fprintf(stderr, "no argument for -l option\n");
220 usage();
221 }
222 locn = argv[i];
223 }
224 else if (user == NULL) user = argv[i];
225 else usage();
226 }
227
228 if (user == NULL)
229 {
230 /*
231 * Verify that the login name exists.
232 * lukeh 24 Dec 1997
233 */
234
235 /* getlogin() is the wrong thing to use here because it returns the wrong user after su */
236 /* sns 5 Jan 2005 */
237
238 struct passwd * userRec = getpwuid(getuid());
239 if (userRec != NULL && userRec->pw_name != NULL) {
240 /* global static mem is volatile; must strdup */
241 user = strdup(userRec->pw_name);
242 free_user = 1;
243 }
244
245 if (user == NULL)
246 {
247 fprintf(stderr, "you don't have a login name\n");
248 exit(1);
249 }
250 }
251
252 switch (infosystem)
253 {
254 case INFO_NETINFO:
255 netinfo_passwd(user, locn);
256 break;
257 case INFO_FILE:
258 file_passwd(user, locn);
259 break;
260 case INFO_NIS:
261 nis_passwd(user, locn);
262 break;
263 case INFO_DIRECTORYSERVICES:
264 ds_passwd(user, locn);
265 break;
266 }
267
268 if (free_user == 1)
269 free(user);
270
271 exit(0);
272 }
273