X-Git-Url: https://git.saurik.com/apple/system_cmds.git/blobdiff_plain/709a58224ea43109dc10bfd6a67de1e432174197..34d340d711a2b033f5da480ed7b5eb147679a588:/chpass.tproj/chpass.c

diff --git a/chpass.tproj/chpass.c b/chpass.tproj/chpass.c
index 331fbc4..596d31a 100644
--- a/chpass.tproj/chpass.c
+++ b/chpass.tproj/chpass.c
@@ -1,29 +1,35 @@
 /*
- * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 1999-2006 Apple Computer, Inc. All rights reserved.
  *
  * @APPLE_LICENSE_HEADER_START@
  * 
- * "Portions Copyright (c) 1999 Apple Computer, Inc.  All Rights
- * Reserved.  This file contains Original Code and/or Modifications of
- * Original Code as defined in and that are subject to the Apple Public
- * Source License Version 1.0 (the 'License').  You may not use this file
- * except in compliance with the License.  Please obtain a copy of the
- * License at http://www.apple.com/publicsource and read it before using
- * this file.
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
  * 
  * The Original Code and all software distributed under the License are
  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
- * License for the specific language governing rights and limitations
- * under the License."
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
  * 
  * @APPLE_LICENSE_HEADER_END@
  */
 /*-
- * Copyright (c) 1990, 1993, 1994
- *      The Regents of the University of California.  All rights reserved.
+ * Copyright (c) 1988, 1993, 1994
+ *	The Regents of the University of California.  All rights reserved.
+ * Copyright (c) 2002 Networks Associates Technology, Inc.
+ * All rights reserved.
+ *
+ * Portions of this software were developed for the FreeBSD Project by
+ * ThinkSec AS and NAI Labs, the Security Research Division of Network
+ * Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
+ * ("CBOSS"), as part of the DARPA CHATS research program.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -35,8 +41,8 @@
  *    documentation and/or other materials provided with the distribution.
  * 3. All advertising materials mentioning features or use of this software
  *    must display the following acknowledgement:
- *      This product includes software developed by the University of
- *      California, Berkeley and its contributors.
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
  * 4. Neither the name of the University nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
@@ -54,67 +60,98 @@
  * SUCH DAMAGE.
  */
 
+#if 0
+#if 0
 #ifndef lint
-static char copyright[] =
+static const char copyright[] =
 "@(#) Copyright (c) 1988, 1993, 1994\n\
 	The Regents of the University of California.  All rights reserved.\n";
 #endif /* not lint */
 
+#ifndef lint
+static char sccsid[] = "@(#)chpass.c	8.4 (Berkeley) 4/2/94";
+#endif /* not lint */
+#endif
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: src/usr.bin/chpass/chpass.c,v 1.27.8.1 2006/09/29 06:13:20 marck Exp $");
+#endif
+
 #include <sys/param.h>
 #include <sys/stat.h>
 #include <sys/signal.h>
 #include <sys/time.h>
 #include <sys/resource.h>
 
-#include <ctype.h>
 #include <err.h>
 #include <errno.h>
-#include <fcntl.h>
 #include <pwd.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#ifdef YP
+#include <ypclnt.h>
+#endif
 
+#ifndef OPEN_DIRECTORY
 #include <pw_scan.h>
-#include <pw_util.h>
-#include "pw_copy.h"
+#include <libutil.h>
+#endif
 
 #include "chpass.h"
-#include "pathnames.h"
-#ifdef DIRECTORY_SERVICE
-#include "directory_service.h"
 
-#define	PWSETFIELD(field, in, out)	if(in->field) out.field = strdup(in->field)
-#endif /* DIRECTORY_SERVICE */
+int master_mode;
 
-char *progname = "chpass";
-char *tempname;
-uid_t uid;
-#ifdef DIRECTORY_SERVICE
-int dswhere;
-#endif /* DIRECTORY_SERVICE */
+#ifdef OPEN_DIRECTORY
+#include "open_directory.h"
+char *progname = NULL;
+CFStringRef DSPath = NULL;
+#endif /* OPEN_DIRECTORY */
 
-void	baduser __P((void));
-void	usage __P((void));
+static void	baduser(void);
+static void	usage(void);
 
 int
-main(argc, argv)
-	int argc;
-	char **argv;
+main(int argc, char *argv[])
 {
-	enum { NEWSH, LOADENTRY, EDITENTRY } op;
-	struct passwd *pw, lpw;
+	enum { NEWSH, LOADENTRY, EDITENTRY, NEWPW, NEWEXP } op;
+#ifndef OPEN_DIRECTORY
+	struct passwd lpw, *old_pw, *pw;
 	int ch, pfd, tfd;
-	char *arg;
-#ifdef DIRECTORY_SERVICE
-	struct passwd pworig;
-	char *task_argv[3] = { NULL };
-#endif /* DIRECTORY_SERVICE */
+	const char *password;
+#else
+	struct passwd *old_pw, *pw;
+	int ch, tfd;
+	char tfn[MAXPATHLEN];
+#endif
+	char *arg = NULL;
+	uid_t uid;
+#ifdef YP
+	struct ypclnt *ypclnt;
+	const char *yp_domain = NULL, *yp_host = NULL;
+#endif
+#ifdef OPEN_DIRECTORY
+	CFStringRef username = NULL;
+	CFStringRef authname = NULL;
+	CFStringRef location = NULL;
+	
+	progname = strrchr(argv[0], '/');
+	if (progname) progname++;
+	else progname = argv[0];
+#endif /* OPEN_DIRECTORY */
 
+	pw = old_pw = NULL;
 	op = EDITENTRY;
-	while ((ch = getopt(argc, argv, "a:s:")) != EOF)
-		switch(ch) {
+#ifdef OPEN_DIRECTORY
+	while ((ch = getopt(argc, argv, "a:s:l:u:")) != -1)
+#else /* OPEN_DIRECTORY */
+#ifdef YP
+	while ((ch = getopt(argc, argv, "a:p:s:e:d:h:loy")) != -1)
+#else
+	while ((ch = getopt(argc, argv, "a:p:s:e:")) != -1)
+#endif
+#endif /* OPEN_DIRECTORY */
+		switch (ch) {
 		case 'a':
 			op = LOADENTRY;
 			arg = optarg;
@@ -123,223 +160,296 @@ main(argc, argv)
 			op = NEWSH;
 			arg = optarg;
 			break;
+#ifndef OPEN_DIRECTORY
+		case 'p':
+			op = NEWPW;
+			arg = optarg;
+			break;
+		case 'e':
+			op = NEWEXP;
+			arg = optarg;
+			break;
+#ifdef YP
+		case 'd':
+			yp_domain = optarg;
+			break;
+		case 'h':
+			yp_host = optarg;
+			break;
+		case 'l':
+		case 'o':
+		case 'y':
+			/* compatibility */
+			break;
+#endif
+#else /* OPEN_DIRECTORY */
+		case 'l':
+			location = CFStringCreateWithCString(NULL, optarg, kCFStringEncodingUTF8);
+			break;
+		case 'u':
+			authname = CFStringCreateWithCString(NULL, optarg, kCFStringEncodingUTF8);
+			break;
+#endif
 		case '?':
 		default:
 			usage();
 		}
+
 	argc -= optind;
 	argv += optind;
 
+	if (argc > 1)
+		usage();
+
 	uid = getuid();
 
-	if (op == EDITENTRY || op == NEWSH)
-#ifdef DIRECTORY_SERVICE
-	{
-#endif /* DIRECTORY_SERVICE */
-		switch(argc) {
-		case 0:
-			if (!(pw = getpwuid(uid)))
-				errx(1, "unknown user: uid %u", uid);
-			break;
-		case 1:
-			if (!(pw = getpwnam(*argv)))
+	if (op == EDITENTRY || op == NEWSH || op == NEWPW || op == NEWEXP) {
+		if (argc == 0) {
+			if ((pw = getpwuid(uid)) == NULL)
+				errx(1, "unknown user: uid %lu",
+				    (unsigned long)uid);
+		} else {
+			if ((pw = getpwnam(*argv)) == NULL)
 				errx(1, "unknown user: %s", *argv);
-#ifndef DIRECTORY_SERVICE
-			if (uid && uid != pw->pw_uid)
+#ifndef OPEN_DIRECTORY
+			if (uid != 0 && uid != pw->pw_uid)
 				baduser();
-#endif /* DIRECTORY_SERVICE */
-			break;
-		default:
-			usage();
+#endif
 		}
 
-		/* getpwnam(3) returns a pointer to local storage */
-		lpw = *pw;
-		PWSETFIELD(pw_name, pw, lpw);
-		PWSETFIELD(pw_passwd, pw, lpw);
-		PWSETFIELD(pw_class, pw, lpw);
-		PWSETFIELD(pw_gecos, pw, lpw);
-		PWSETFIELD(pw_dir, pw, lpw);
-		PWSETFIELD(pw_shell, pw, lpw);
+#ifndef OPEN_DIRECTORY
+		/* Make a copy for later verification */
+		if ((pw = pw_dup(pw)) == NULL ||
+		    (old_pw = pw_dup(pw)) == NULL)
+			err(1, "pw_dup");
+#endif
+	}
 
-		pw = &lpw;
+#if OPEN_DIRECTORY
+	master_mode = (uid == 0);
 
-#ifdef DIRECTORY_SERVICE
-		if ((dswhere = wherepwent(pw->pw_name)) < 0) {
-			if(dswhere > E_NOTFOUND)
-				errc(1, dswhere, "wherepwent");
-			else
-				errx(1, "wherepwent returned %d", dswhere);
-		}
-		switch(dswhere) {
-		case WHERE_REMOTENI:
-			errx(1,
-"Can't change info for user \"%s\", which resides in the\n"
-"netinfo domain \"%s\"",
-			 pw->pw_name, DSPath);
-		case WHERE_DS:
-			errx(1,
-"Can't change info for user \"%s\", which resides in the\n"
-"Directory Service path \"%s\"",
-			 pw->pw_name, DSPath);
-		case WHERE_NIS:
-			errx(1,
-"Can't change info for user \"%s\", which resides in NIS",
-			 pw->pw_name);
-		case WHERE_LOCALNI:
-			pworig = *pw;
-			PWSETFIELD(pw_name, pw, pworig);
-			PWSETFIELD(pw_passwd, pw, pworig);
-			PWSETFIELD(pw_class, pw, pworig);
-			PWSETFIELD(pw_gecos, pw, pworig);
-			PWSETFIELD(pw_dir, pw, pworig);
-			PWSETFIELD(pw_shell, pw, pworig);
-			/* drop through */
-		default:
-			if (uid && uid != pw->pw_uid)
-				baduser();
-		}
+	/*
+	 * Find the user record and copy its details.
+	 */
+	username = CFStringCreateWithCString(NULL, pw->pw_name, kCFStringEncodingUTF8);
+
+	if (strcmp(progname, "chsh") == 0 || op == NEWSH) {
+		cfprintf(stderr, "Changing shell for %@.\n", username);
+	} else if (strcmp(progname, "chfn") == 0) {
+		cfprintf(stderr, "Changing finger information for %@.\n", username);
+	} else if (strcmp(progname, "chpass") == 0) {
+		cfprintf(stderr, "Changing account information for %@.\n", username);
 	}
-#endif /* DIRECTORY_SERVICE */
+	
+	/*
+	 * odGetUser updates DSPath global variable, performs authentication
+	 * if necessary, and extracts the attributes.
+	 */
+	CFDictionaryRef attrs_orig = NULL;
+	CFDictionaryRef attrs = NULL;
+	ODRecordRef rec = odGetUser(location, authname, username, &attrs_orig);
+	
+	if (!rec || !attrs_orig) exit(1);
+#endif /* OPEN_DIRECTORY */
+
+#ifdef YP
+	if (pw != NULL && (pw->pw_fields & _PWF_SOURCE) == _PWF_NIS) {
+		ypclnt = ypclnt_new(yp_domain, "passwd.byname", yp_host);
+		master_mode = (ypclnt != NULL &&
+		    ypclnt_connect(ypclnt) != -1 &&
+		    ypclnt_havepasswdd(ypclnt) == 1);
+		ypclnt_free(ypclnt);
+	} else
+#endif
+	master_mode = (uid == 0);
 
 	if (op == NEWSH) {
 		/* protect p_shell -- it thinks NULL is /bin/sh */
 		if (!arg[0])
 			usage();
-		if (p_shell(arg, pw, (ENTRY *)NULL))
-			pw_error((char *)NULL, 0, 1);
+		if (p_shell(arg, pw, (ENTRY *)NULL) == -1)
+			exit(1);
+#ifdef OPEN_DIRECTORY
+		else {
+			ENTRY* ep;
+			
+			setrestricted(attrs_orig);
+			
+			for (ep = list; ep->prompt; ep++) {
+				if (strncasecmp(ep->prompt, "shell", ep->len) == 0) {
+					if (!ep->restricted) {
+						CFStringRef shell = CFStringCreateWithCString(NULL, arg, kCFStringEncodingUTF8);
+						if (shell) {
+							attrs = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
+							if (attrs) CFDictionarySetValue((CFMutableDictionaryRef)attrs, CFSTR(kDS1AttrUserShell), shell);
+							CFRelease(shell);
+						}
+					} else {
+						warnx("shell is restricted");
+						exit(1);
+					}
+				}
+			}
+		}
+#endif
 	}
 
+#ifndef OPEN_DIRECTORY
+	if (op == NEWEXP) {
+		if (uid)	/* only root can change expire */
+			baduser();
+		if (p_expire(arg, pw, (ENTRY *)NULL) == -1)
+			exit(1);
+	}
+#endif
+
 	if (op == LOADENTRY) {
-#ifdef DIRECTORY_SERVICE
-		warnx("-a is only supported for %s", MasterPasswd);
-		dswhere = WHERE_FILES;
-#endif /* DIRECTORY_SERVICE */
 		if (uid)
 			baduser();
+#ifdef OPEN_DIRECTORY
+		warnx("-a is not supported for Open Directory.");
+		exit(1);
+#else
 		pw = &lpw;
-		if (!pw_scan(arg, pw, NULL))
+		old_pw = NULL;
+		if (!__pw_scan(arg, pw, _PWSCAN_WARN|_PWSCAN_MASTER))
 			exit(1);
+#endif /* OPEN_DIRECTORY */
 	}
 
-	/*
-	 * The temporary file/file descriptor usage is a little tricky here.
-	 * 1:	We start off with two fd's, one for the master password
-	 *	file (used to lock everything), and one for a temporary file.
-	 * 2:	Display() gets an fp for the temporary file, and copies the
-	 *	user's information into it.  It then gives the temporary file
-	 *	to the user and closes the fp, closing the underlying fd.
-	 * 3:	The user edits the temporary file some number of times.
-	 * 4:	Verify() gets an fp for the temporary file, and verifies the
-	 *	contents.  It can't use an fp derived from the step #2 fd,
-	 *	because the user's editor may have created a new instance of
-	 *	the file.  Once the file is verified, its contents are stored
-	 *	in a password structure.  The verify routine closes the fp,
-	 *	closing the underlying fd.
-	 * 5:	Delete the temporary file.
-	 * 6:	Get a new temporary file/fd.  Pw_copy() gets an fp for it
-	 *	file and copies the master password file into it, replacing
-	 *	the user record with a new one.  We can't use the first
-	 *	temporary file for this because it was owned by the user.
-	 *	Pw_copy() closes its fp, flushing the data and closing the
-	 *	underlying file descriptor.  We can't close the master
-	 *	password fp, or we'd lose the lock.
-	 * 7:	Call pw_mkdb() (which renames the temporary file) and exit.
-	 *	The exit closes the master passwd fp/fd.
-	 */
-	pw_init();
-#ifdef DIRECTORY_SERVICE
-	if (dswhere == WHERE_FILES)
-#endif /* DIRECTORY_SERVICE */
-		pfd = pw_lock();
-	tfd = pw_tmp();
+#ifndef OPEN_DIRECTORY
+	if (op == NEWPW) {
+		if (uid)
+			baduser();
 
-	if (op == EDITENTRY) {
-#ifdef DIRECTORY_SERVICE
-		setrestricted(dswhere, pw);
-#endif /* DIRECTORY_SERVICE */
-		display(tfd, pw);
-		edit(pw);
-		(void)unlink(tempname);
-#ifdef DIRECTORY_SERVICE
-		if (dswhere == WHERE_FILES)
-#endif /* DIRECTORY_SERVICE */
-			tfd = pw_tmp();
+		if (strchr(arg, ':'))
+			errx(1, "invalid format for password");
+		pw->pw_passwd = arg;
 	}
-		
-#ifdef DIRECTORY_SERVICE
-	switch (dswhere) {
-	case WHERE_LOCALNI:
-		update_local_ni(&pworig, pw);
-		break;
-	case WHERE_FILES:
-#endif /* DIRECTORY_SERVICE */
-		pw_copy(pfd, tfd, pw);
+#endif /* OPEN_DIRECTORY */
 
-		if (pw_mkdb() != 0)
-			pw_error((char *)NULL, 0, 1);
-#ifdef DIRECTORY_SERVICE
+	if (op == EDITENTRY) {
+#ifdef OPEN_DIRECTORY
+		setrestricted(attrs_orig);
+		snprintf(tfn, sizeof(tfn), "/tmp/%s.XXXXXX", progname);
+		if ((tfd = mkstemp(tfn)) == -1)
+			err(1, "%s", tfn);
+		attrs = (CFMutableDictionaryRef)edit(tfn, attrs_orig);
+		(void)unlink(tfn);
+#else
+		/*
+		 * We don't really need pw_*() here, but pw_edit() (used
+		 * by edit()) is just too useful...
+		 */
+		if (pw_init(NULL, NULL))
+			err(1, "pw_init()");
+		if ((tfd = pw_tmp(-1)) == -1) {
+			pw_fini();
+			err(1, "pw_tmp()");
+		}
+		free(pw);
+		pw = edit(pw_tempname(), old_pw);
+		pw_fini();
+		if (pw == NULL)
+			err(1, "edit()");
+		/* 
+		 * pw_equal does not check for crypted passwords, so we
+		 * should do it explicitly
+		 */
+		if (pw_equal(old_pw, pw) && 
+		    strcmp(old_pw->pw_passwd, pw->pw_passwd) == 0)
+			errx(0, "user information unchanged");
+#endif /* OPEN_DIRECTORY */
 	}
-	task_argv[0] = "/usr/sbin/lookupd";
-	task_argv[1] = "-flushcache";
-	task_argv[2] = NULL;
-	LaunchTaskWithPipes( task_argv[0], task_argv, NULL, NULL );
-#endif /* DIRECTORY_SERVICE */
-	exit(0);
-}
 
-#ifdef DIRECTORY_SERVICE
-// read from 0
-int LaunchTaskWithPipes(const char *path, char *const argv[], int *outPipe0, int *outPipe1)
-{
-	int outputPipe[2];
-	pid_t pid;
-	
-	if (outPipe0 != NULL)
-		pipe(outputPipe);
-	
-	pid = fork();
-	if (pid == -1)
-		return -1;
-	
-	/* Handle the child */
-	if (pid == 0)
-	{
-		int result = -1;
-	
-		if (outPipe0 != NULL)
-			dup2(outputPipe[1], fileno(stdout));
-		
-		result = execv(path, argv);
-		if (result == -1) {
-			_exit(1);
-		}
-		
-		/* This should never be reached */
-		_exit(1);
+#ifndef OPEN_DIRECTORY
+	if (old_pw && !master_mode) {
+		password = getpass("Password: ");
+		if (strcmp(crypt(password, old_pw->pw_passwd),
+		    old_pw->pw_passwd) != 0)
+			baduser();
+	} else {
+		password = "";
 	}
+#endif
+
+#ifdef OPEN_DIRECTORY
+	odUpdateUser(rec, attrs_orig, attrs);
 	
-	/* Now the parent */
-	if ( outPipe0 != NULL )
-		*outPipe0 = outputPipe[0];
-	if ( outPipe1 != NULL )
-		*outPipe1 = outputPipe[1];
+	if (rec) CFRelease(rec);
 
+	exit(0);
 	return 0;
+#else /* OPEN_DIRECTORY */
+	exit(0);
+	if (old_pw != NULL)
+		pw->pw_fields |= (old_pw->pw_fields & _PWF_SOURCE);
+	switch (pw->pw_fields & _PWF_SOURCE) {
+#ifdef YP
+	case _PWF_NIS:
+		ypclnt = ypclnt_new(yp_domain, "passwd.byname", yp_host);
+		if (ypclnt == NULL ||
+		    ypclnt_connect(ypclnt) == -1 ||
+		    ypclnt_passwd(ypclnt, pw, password) == -1) {
+			warnx("%s", ypclnt->error);
+			ypclnt_free(ypclnt);
+			exit(1);
+		}
+		ypclnt_free(ypclnt);
+		errx(0, "NIS user information updated");
+#endif /* YP */
+	case 0:
+	case _PWF_FILES:
+		if (pw_init(NULL, NULL))
+			err(1, "pw_init()");
+		if ((pfd = pw_lock()) == -1) {
+			pw_fini();
+			err(1, "pw_lock()");
+		}
+		if ((tfd = pw_tmp(-1)) == -1) {
+			pw_fini();
+			err(1, "pw_tmp()");
+		}
+		if (pw_copy(pfd, tfd, pw, old_pw) == -1) {
+			pw_fini();
+			err(1, "pw_copy");
+		}
+		if (pw_mkdb(pw->pw_name) == -1) {
+			pw_fini();
+			err(1, "pw_mkdb()");
+		}
+		pw_fini();
+		errx(0, "user information updated");
+		break;
+	default:
+		errx(1, "unsupported passwd source");
+	}
+#endif /* OPEN_DIRECTORY */
 }
-#endif /* DIRECTORY_SERVICE */
 
-void
-baduser()
+static void
+baduser(void)
 {
 
 	errx(1, "%s", strerror(EACCES));
 }
 
-void
-usage()
+static void
+usage(void)
 {
 
-	(void)fprintf(stderr, "usage: chpass [-a list] [-s shell] [user]\n");
+	(void)fprintf(stderr,
+	    "usage: chpass%s %s [user]\n",
+#ifdef OPEN_DIRECTORY
+		"",
+		"[-l location] [-u authname] [-s shell]");
+#else /* OPEN_DIRECTORY */
+#ifdef YP
+	    " [-d domain] [-h host]",
+#else
+	    "",
+#endif
+	    "[-a list] [-p encpass] [-s shell] [-e mmm dd yy]");
+#endif /* OPEN_DIRECTORY */
 	exit(1);
 }