Annotation of src/usr.bin/chpass/pw_yp.c, Revision 1.22
1.22 ! deraadt 1: /* $OpenBSD: pw_yp.c,v 1.21 2006/03/31 00:29:13 deraadt Exp $ */
1.1 deraadt 2: /* $NetBSD: pw_yp.c,v 1.5 1995/03/26 04:55:33 glass Exp $ */
3:
4: /*
5: * Copyright (c) 1988 The Regents of the University of California.
6: * All rights reserved.
7: *
8: * Redistribution and use in source and binary forms, with or without
9: * modification, are permitted provided that the following conditions
10: * are met:
11: * 1. Redistributions of source code must retain the above copyright
12: * notice, this list of conditions and the following disclaimer.
13: * 2. Redistributions in binary form must reproduce the above copyright
14: * notice, this list of conditions and the following disclaimer in the
15: * documentation and/or other materials provided with the distribution.
1.18 millert 16: * 3. Neither the name of the University nor the names of its contributors
1.1 deraadt 17: * may be used to endorse or promote products derived from this software
18: * without specific prior written permission.
19: *
20: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30: * SUCH DAMAGE.
31: */
32: #ifndef lint
33: #if 0
34: static char sccsid[] = "@(#)pw_yp.c 1.0 2/2/93";
35: #else
1.22 ! deraadt 36: static char rcsid[] = "$OpenBSD: pw_yp.c,v 1.21 2006/03/31 00:29:13 deraadt Exp $";
1.1 deraadt 37: #endif
38: #endif /* not lint */
39:
40: #ifdef YP
41:
42: #include <stdio.h>
43: #include <string.h>
44: #include <netdb.h>
45: #include <time.h>
46: #include <pwd.h>
1.8 deraadt 47: #include <err.h>
1.1 deraadt 48: #include <errno.h>
1.16 deraadt 49: #include <unistd.h>
1.7 niklas 50: #include <stdlib.h>
1.1 deraadt 51: #include <rpc/rpc.h>
52: #include <rpcsvc/yp_prot.h>
53: #include <rpcsvc/ypclnt.h>
54: #define passwd yp_passwd_rec
55: #include <rpcsvc/yppasswd.h>
56: #undef passwd
1.19 deraadt 57: #include "chpass.h"
1.1 deraadt 58:
1.9 millert 59: extern char *__progname;
1.1 deraadt 60:
61: static char *domain;
62:
1.8 deraadt 63: int
1.16 deraadt 64: pw_yp(struct passwd *pw, uid_t uid)
1.1 deraadt 65: {
1.20 deraadt 66: char uidbuf[20], gidbuf[20], *master, *p;
1.5 deraadt 67: int r, rpcport, status, alen;
1.1 deraadt 68: struct yppasswd yppasswd;
69: struct timeval tv;
70: CLIENT *client;
1.16 deraadt 71:
1.1 deraadt 72: /*
73: * Get local domain
74: */
75: if (!domain && (r = yp_get_default_domain(&domain))) {
76: fprintf(stderr, "%s: can't get local YP domain. Reason: %s\n",
1.9 millert 77: __progname, yperr_string(r));
1.1 deraadt 78: return(0);
79: }
80:
81: /*
82: * Find the host for the passwd map; it should be running
83: * the daemon.
84: */
85: if ((r = yp_master(domain, "passwd.byname", &master)) != 0) {
86: fprintf(stderr,
87: "%s: can't find the master YP server. Reason: %s\n",
1.9 millert 88: __progname, yperr_string(r));
1.1 deraadt 89: return(0);
90: }
91:
92: /*
93: * Ask the portmapper for the port of the daemon.
94: */
95: if ((rpcport = getrpcport(master, YPPASSWDPROG, YPPASSWDPROC_UPDATE,
96: IPPROTO_UDP)) == 0) {
97: fprintf(stderr,
98: "%s: master YP server not running yppasswd daemon.\n",
1.9 millert 99: __progname);
1.1 deraadt 100: fprintf(stderr, "\tCan't change password.\n");
101: return(0);
102: }
103:
104: /*
1.15 deraadt 105: * Be sure the port is privileged
1.1 deraadt 106: */
107: if (rpcport >= IPPORT_RESERVED) {
108: (void)fprintf(stderr,
109: "%s: yppasswd daemon running on an invalid port.\n",
1.9 millert 110: __progname);
1.1 deraadt 111: return(0);
112: }
113:
114: /* prompt for old password */
115: bzero(&yppasswd, sizeof yppasswd);
116: yppasswd.oldpass = "none";
117: yppasswd.oldpass = getpass("Old password:");
118: if (!yppasswd.oldpass) {
119: (void)fprintf(stderr, "Cancelled.\n");
120: return(0);
121: }
1.16 deraadt 122:
1.5 deraadt 123: for (alen = 0, p = pw->pw_gecos; *p; p++)
124: if (*p == '&')
125: alen = alen + strlen(pw->pw_name) - 1;
1.20 deraadt 126: (void)snprintf(uidbuf, sizeof uidbuf, "%u", pw->pw_uid);
127: (void)snprintf(gidbuf, sizeof gidbuf, "%u", pw->pw_gid);
128:
1.5 deraadt 129: if (strlen(pw->pw_name) + 1 + strlen(pw->pw_passwd) + 1 +
1.20 deraadt 130: strlen(uidbuf) + 1 + strlen(gidbuf) + 1 +
1.5 deraadt 131: strlen(pw->pw_gecos) + alen + 1 + strlen(pw->pw_dir) + 1 +
132: strlen(pw->pw_shell) >= 1023) {
133: warnx("entries too long");
134: return (0);
135: }
136:
1.1 deraadt 137: /* tell rpc.yppasswdd */
138: yppasswd.newpw.pw_name = pw->pw_name;
139: yppasswd.newpw.pw_passwd= pw->pw_passwd;
1.16 deraadt 140: yppasswd.newpw.pw_uid = pw->pw_uid;
1.1 deraadt 141: yppasswd.newpw.pw_gid = pw->pw_gid;
142: yppasswd.newpw.pw_gecos = pw->pw_gecos;
143: yppasswd.newpw.pw_dir = pw->pw_dir;
144: yppasswd.newpw.pw_shell = pw->pw_shell;
1.5 deraadt 145:
1.1 deraadt 146: client = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp");
147: if (client==NULL) {
148: fprintf(stderr, "can't contact yppasswdd on %s: Reason: %s\n",
149: master, yperr_string(YPERR_YPBIND));
1.6 deraadt 150: return(1);
1.1 deraadt 151: }
152: client->cl_auth = authunix_create_default();
153: tv.tv_sec = 5;
154: tv.tv_usec = 0;
155: r = clnt_call(client, YPPASSWDPROC_UPDATE,
156: xdr_yppasswd, &yppasswd, xdr_int, &status, tv);
157: if (r) {
1.9 millert 158: fprintf(stderr, "%s: rpc to yppasswdd failed. %d\n",
159: __progname, r);
1.4 deraadt 160: clnt_destroy(client);
1.6 deraadt 161: return(1);
1.1 deraadt 162: } else if (status) {
163: printf("Couldn't change YP password information.\n");
1.4 deraadt 164: clnt_destroy(client);
1.6 deraadt 165: return(1);
1.1 deraadt 166: }
167: printf("The YP password information has been changed on %s, the master YP passwd server.\n", master);
168:
1.4 deraadt 169: clnt_destroy(client);
1.6 deraadt 170: return(0);
1.1 deraadt 171: }
172:
173: static char *
1.16 deraadt 174: pwskip(char *p)
1.1 deraadt 175: {
176: while (*p && *p != ':' && *p != '\n')
177: ++p;
178: if (*p)
179: *p++ = 0;
180: return (p);
181: }
182:
183: static struct passwd *
1.22 ! deraadt 184: interpret(struct passwd *pwent, char *line, const int secure)
1.1 deraadt 185: {
1.13 mpech 186: char *p = line;
1.1 deraadt 187:
188: pwent->pw_passwd = "*";
189: pwent->pw_uid = 0;
190: pwent->pw_gid = 0;
191: pwent->pw_gecos = "";
192: pwent->pw_dir = "";
193: pwent->pw_shell = "";
194: pwent->pw_change = 0;
195: pwent->pw_expire = 0;
196: pwent->pw_class = "";
1.16 deraadt 197:
1.1 deraadt 198: /* line without colon separators is no good, so ignore it */
1.22 ! deraadt 199: if (!strchr(p,':'))
1.1 deraadt 200: return(NULL);
201:
202: pwent->pw_name = p;
203: p = pwskip(p);
204: pwent->pw_passwd = p;
205: p = pwskip(p);
206: pwent->pw_uid = (uid_t)strtoul(p, NULL, 10);
207: p = pwskip(p);
208: pwent->pw_gid = (gid_t)strtoul(p, NULL, 10);
209: p = pwskip(p);
1.22 ! deraadt 210: if (secure == 1) {
! 211: pwent->pw_class = p;
! 212: p = pwskip(p);
! 213: pwent->pw_change = (time_t)strtoul(p, NULL, 10);
! 214: p = pwskip(p);
! 215: pwent->pw_expire = (time_t)strtoul(p, NULL, 10);
! 216: p = pwskip(p);
! 217: }
1.1 deraadt 218: pwent->pw_gecos = p;
219: p = pwskip(p);
220: pwent->pw_dir = p;
221: p = pwskip(p);
222: pwent->pw_shell = p;
223: while (*p && *p != '\n')
224: p++;
225: *p = '\0';
226: return (pwent);
227: }
228:
1.3 deraadt 229: static char *__yplin;
230:
1.1 deraadt 231: struct passwd *
1.16 deraadt 232: ypgetpwnam(char *nam)
1.1 deraadt 233: {
234: static struct passwd pwent;
1.22 ! deraadt 235: int reason, vallen, secure = 0;
1.1 deraadt 236: char *val;
1.16 deraadt 237:
1.1 deraadt 238: /*
239: * Get local domain
240: */
241: if (!domain && (reason = yp_get_default_domain(&domain))) {
242: fprintf(stderr, "%s: can't get local YP domain. Reason: %s\n",
1.9 millert 243: __progname, yperr_string(reason));
1.1 deraadt 244: exit(1);
245: }
246:
1.22 ! deraadt 247: if (!yp_match(domain, "master.passwd.byname", nam, strlen(nam),
! 248: &val, &vallen))
! 249: secure = 1;
! 250: else if (yp_match(domain, "passwd.byname", nam, strlen(nam),
! 251: &val, &vallen))
1.1 deraadt 252: return (NULL);
1.22 ! deraadt 253:
1.1 deraadt 254: val[vallen] = '\0';
1.3 deraadt 255: if (__yplin)
256: free(__yplin);
1.21 deraadt 257: if (!(__yplin = malloc(vallen + 1)))
1.11 alex 258: err(1, NULL);
1.16 deraadt 259: strlcpy(__yplin, val, vallen + 1);
1.1 deraadt 260: free(val);
261:
1.22 ! deraadt 262: return(interpret(&pwent, __yplin, secure));
1.1 deraadt 263: }
264:
265: struct passwd *
1.16 deraadt 266: ypgetpwuid(uid_t uid)
1.1 deraadt 267: {
268: static struct passwd pwent;
1.22 ! deraadt 269: int reason, vallen, secure = 0;
1.16 deraadt 270: char namebuf[16], *val;
271:
1.1 deraadt 272: if (!domain && (reason = yp_get_default_domain(&domain))) {
273: fprintf(stderr, "%s: can't get local YP domain. Reason: %s\n",
1.9 millert 274: __progname, yperr_string(reason));
1.1 deraadt 275: exit(1);
276: }
277:
1.16 deraadt 278: snprintf(namebuf, sizeof namebuf, "%u", (u_int)uid);
1.22 ! deraadt 279: if (!yp_match(domain, "master.passwd.byuid", namebuf, strlen(namebuf),
! 280: &val, &vallen))
! 281: secure = 1;
! 282: else if (yp_match(domain, "passwd.byuid", namebuf, strlen(namebuf),
! 283: &val, &vallen))
1.1 deraadt 284: return (NULL);
1.22 ! deraadt 285:
1.1 deraadt 286: val[vallen] = '\0';
1.3 deraadt 287: if (__yplin)
288: free(__yplin);
1.21 deraadt 289: if (!(__yplin = malloc(vallen + 1)))
1.11 alex 290: err(1, NULL);
1.16 deraadt 291: strlcpy(__yplin, val, vallen + 1);
1.1 deraadt 292: free(val);
293:
1.22 ! deraadt 294: return(interpret(&pwent, __yplin, secure));
1.1 deraadt 295: }
296:
297: #endif /* YP */