passwd.tproj/nis_passwd.c

   1 /*
   2  * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * Copyright (c) 1999-2003 Apple Computer, Inc.  All Rights Reserved.
   7  *
   8  * This file contains Original Code and/or Modifications of Original Code
   9  * as defined in and that are subject to the Apple Public Source License
  10  * Version 2.0 (the 'License'). You may not use this file except in
  11  * compliance with the License. Please obtain a copy of the License at
  12  * http://www.opensource.apple.com/apsl/ and read it before using this
  13  * file.
  14  *
  15  * The Original Code and all software distributed under the License are
  16  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  17  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  18  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  19  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  20  * Please see the License for the specific language governing rights and
  21  * limitations under the License.
  22  *
  23  * @APPLE_LICENSE_HEADER_END@
  24  */
  25 /*
  26  * Portions Copyright (c) 1998 by Apple Computer, Inc.
  27  * Portions Copyright (c) 1988 by Sun Microsystems, Inc.
  28  * Portions Copyright (c) 1988 The Regents of the University of California.
  29  * All rights reserved.
  30  *
  31  * Redistribution and use in source and binary forms, with or without
  32  * modification, are permitted provided that the following conditions
  33  * are met:
  34  * 1. Redistributions of source code must retain the above copyright
  35  *    notice, this list of conditions and the following disclaimer.
  36  * 2. Redistributions in binary form must reproduce the above copyright
  37  *    notice, this list of conditions and the following disclaimer in the
  38  *    documentation and/or other materials provided with the distribution.
  39  * 3. All advertising materials mentioning features or use of this software
  40  *    must display the following acknowledgement:
  41  *      This product includes software developed by the University of
  42  *      California, Berkeley and its contributors.
  43  * 4. Neither the name of the University nor the names of its contributors
  44  *    may be used to endorse or promote products derived from this software
  45  *    without specific prior written permission.
  46  *
  47  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  48  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  49  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  50  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  51  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  52  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  53  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  54  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  55  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  56  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  57  * SUCH DAMAGE.
  58  */
  59
  60
  61 /* update a user's password in NIS. This was based on the Sun implementation
  62  * we used in NEXTSTEP, although I've added some stuff from OpenBSD. And
  63  * it uses the API to support Rhapsody's proprietry infosystem switch.
  64  * lukeh
  65  */
  66
  67 #include <stdio.h>
  68 #include <stdlib.h>
  69 #include <unistd.h>
  70 #include <string.h>
  71 #include <pwd.h>
  72 #include <netinet/in.h>
  73 #include <rpc/types.h>
  74 #include <rpc/xdr.h>
  75 #include <rpc/rpc.h>
  76 #include <rpcsvc/yp_prot.h>
  77 #include <rpcsvc/ypclnt.h>
  78 #include <rpcsvc/yppasswd.h>
  79 #include <netdb.h>
  80 #include <sys/socket.h>
  81 #include <sys/file.h>
  82 #include <errno.h>
  83
  84 extern int getrpcport(char *, int, int, int);
  85 extern void getpasswd(char *, int, int, int, int, char *, char **, char**, char **);
  86
  87 static struct passwd *ypgetpwnam(char *name, char *domain);
  88
  89 int nis_passwd(char *uname, char *domain)
  90 {
  91         int ans, port, ok = -1;
  92         char *master;
  93         char *ne;       /* new encrypted password */
  94         char *oc;       /* old cleartext password */
  95         char *nc;       /* new cleartext password */
  96         static struct yppasswd  yppasswd;
  97         struct passwd *pwd;
  98         int uid;
  99         struct timeval tv;
 100         CLIENT *cl;
 101
 102         if (domain == NULL)
 103         {
 104                 if (yp_get_default_domain(&domain) != 0)
 105                 {
 106                         (void)fprintf(stderr, "can't get domain\n");
 107                         exit(1);
 108                 }
 109         }
 110
 111         if (yp_master(domain, "passwd.byname", &master) != 0)
 112         {
 113                 (void)fprintf(stderr, "can't get master for passwd file\n");
 114                 exit(1);
 115         }
 116
 117         port = getrpcport(master, YPPASSWDPROG, YPPASSWDPROC_UPDATE,
 118                 IPPROTO_UDP);
 119         if (port == 0)
 120         {
 121                 (void)fprintf(stderr, "%s is not running yppasswd daemon\n",
 122                               master);
 123                 exit(1);
 124         }
 125         if (port >= IPPORT_RESERVED)
 126         {
 127                 (void)fprintf(stderr,
 128                     "yppasswd daemon is not running on privileged port\n");
 129                 exit(1);
 130         }
 131
 132         pwd = ypgetpwnam(uname, domain);
 133         if (pwd == NULL)
 134         {
 135                 (void)fprintf(stderr, "user %s not found\n", uname);
 136                 exit(1);
 137         }
 138
 139         uid = getuid();
 140         if (uid != 0 && uid != pwd->pw_uid)
 141         {
 142                 (void)fprintf(stderr, "you may only change your own password\n");
 143                 exit(1);
 144         }
 145
 146         getpasswd(uname, 0, 5, 0, 0, pwd->pw_passwd, &ne, &oc, &nc);
 147
 148         yppasswd.oldpass = oc;
 149         yppasswd.newpw.pw_name = pwd->pw_name;
 150         yppasswd.newpw.pw_passwd = ne;
 151         yppasswd.newpw.pw_uid = pwd->pw_uid;
 152         yppasswd.newpw.pw_gid = pwd->pw_gid;
 153         yppasswd.newpw.pw_gecos = pwd->pw_gecos;
 154         yppasswd.newpw.pw_dir = pwd->pw_dir;
 155         yppasswd.newpw.pw_shell = pwd->pw_shell;
 156
 157         cl = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp");
 158         if (cl == NULL)
 159         {
 160                 (void)fprintf(stderr, "could not contact yppasswdd on %s\n", master);
 161                 exit(1);
 162         }
 163         cl->cl_auth = authunix_create_default();
 164         tv.tv_sec = 2;
 165         tv.tv_usec = 0;
 166         ans = clnt_call(cl, YPPASSWDPROC_UPDATE,
 167                 xdr_yppasswd, &yppasswd, xdr_int, &ok, tv);
 168
 169         if (ans != 0)
 170         {
 171                 clnt_perrno(ans);
 172                 (void)fprintf(stderr, "\n");
 173                 (void)fprintf(stderr, "couldn't change passwd\n");
 174                 exit(1);
 175         }
 176         if (ok != 0)
 177         {
 178                 (void)fprintf(stderr, "couldn't change passwd\n");
 179                 exit(1);
 180         }
 181         return(0);
 182 }
 183
 184 static char *
 185 pwskip(register char *p)
 186 {
 187         while (*p && *p != ':' && *p != '\n')
 188                 ++p;
 189         if (*p)
 190                 *p++ = 0;
 191         return (p);
 192 }
 193
 194 struct passwd *
 195 interpret(struct passwd *pwent, char *line)
 196 {
 197         register char   *p = line;
 198
 199         pwent->pw_passwd = "*";
 200         pwent->pw_uid = 0;
 201         pwent->pw_gid = 0;
 202         pwent->pw_gecos = "";
 203         pwent->pw_dir = "";
 204         pwent->pw_shell = "";
 205 #ifndef __SLICK__
 206         pwent->pw_change = 0;
 207         pwent->pw_expire = 0;
 208         pwent->pw_class = "";
 209 #endif
 210
 211         /* line without colon separators is no good, so ignore it */
 212         if(!strchr(p, ':'))
 213                 return(NULL);
 214
 215         pwent->pw_name = p;
 216         p = pwskip(p);
 217         pwent->pw_passwd = p;
 218         p = pwskip(p);
 219         pwent->pw_uid = (uid_t)strtoul(p, NULL, 10);
 220         p = pwskip(p);
 221         pwent->pw_gid = (gid_t)strtoul(p, NULL, 10);
 222         p = pwskip(p);
 223         pwent->pw_gecos = p;
 224         p = pwskip(p);
 225         pwent->pw_dir = p;
 226         p = pwskip(p);
 227         pwent->pw_shell = p;
 228         while (*p && *p != '\n')
 229                 p++;
 230         *p = '\0';
 231         return (pwent);
 232 }
 233
 234
 235 static struct passwd *
 236 ypgetpwnam(char *nam, char *domain)
 237 {
 238         static struct passwd pwent;
 239         char *val;
 240         int reason, vallen;
 241         static char *__yplin = NULL;
 242
 243         reason = yp_match(domain, "passwd.byname", nam, strlen(nam),
 244             &val, &vallen);
 245         switch(reason) {
 246         case 0:
 247                 break;
 248         default:
 249                 return (NULL);
 250                 break;
 251         }
 252         val[vallen] = '\0';
 253         if (__yplin)
 254                 free(__yplin);
 255         __yplin = (char *)malloc(vallen + 1);
 256         strcpy(__yplin, val);
 257         free(val);
 258
 259         return(interpret(&pwent, __yplin));
 260 }