version 1.20, 2002/02/16 21:27:50 |
version 1.21, 2002/05/16 11:54:25 |
|
|
#define _PASSWORD_LEN PASS_MAX |
#define _PASSWORD_LEN PASS_MAX |
#endif |
#endif |
|
|
extern int pwd_gensalt(char *, int, struct passwd *, login_cap_t *, char); |
extern int pwd_gensalt(char *, int, struct passwd *, login_cap_t *, char); |
extern int pwd_check(struct passwd *, login_cap_t *, char *); |
extern int pwd_check(struct passwd *, login_cap_t *, char *); |
extern int pwd_gettries(struct passwd *, login_cap_t *); |
extern int pwd_gettries(struct passwd *, login_cap_t *); |
extern void kbintr(int); |
extern void kbintr(int); |
|
|
char *ypgetnewpasswd(struct passwd *, login_cap_t *, char **); |
char *ypgetnewpasswd(struct passwd *, login_cap_t *, char **); |
struct passwd *ypgetpwnam(char *); |
struct passwd *ypgetpwnam(char *); |
|
|
char *domain; |
char *domain; |
|
|
|
|
char *name; |
char *name; |
int err, eval; |
int err, eval; |
{ |
{ |
if (err) |
if (err) { |
warn("%s", name); |
if (name) |
|
warn("%s", name); |
|
else |
|
warn(NULL); |
|
} |
|
|
warnx("YP passwd database unchanged."); |
warnx("YP passwd database: unchanged."); |
exit(eval); |
exit(eval); |
} |
} |
|
|
|
|
* Get local domain |
* Get local domain |
*/ |
*/ |
if ((r = yp_get_default_domain(&domain)) != 0) { |
if ((r = yp_get_default_domain(&domain)) != 0) { |
warnx("can't get local YP domain. Reason: %s", yperr_string(r)); |
warnx("can't get local YP domain. Reason: %s", |
return(1); |
yperr_string(r)); |
|
return (1); |
} |
} |
|
|
/* |
/* |
|
|
if ((r = yp_master(domain, "passwd.byname", &master)) != 0) { |
if ((r = yp_master(domain, "passwd.byname", &master)) != 0) { |
warnx("can't find the master YP server. Reason: %s", |
warnx("can't find the master YP server. Reason: %s", |
yperr_string(r)); |
yperr_string(r)); |
return(1); |
return (1); |
} |
} |
|
|
/* |
/* |
|
|
YPPASSWDPROC_UPDATE, IPPROTO_UDP)) == 0) { |
YPPASSWDPROC_UPDATE, IPPROTO_UDP)) == 0) { |
warnx("master YP server not running yppasswd daemon."); |
warnx("master YP server not running yppasswd daemon."); |
warnx("Can't change password."); |
warnx("Can't change password."); |
return(1); |
return (1); |
} |
} |
|
|
/* |
/* |
|
|
*/ |
*/ |
if (rpcport >= IPPORT_RESERVED) { |
if (rpcport >= IPPORT_RESERVED) { |
warnx("yppasswd daemon is on an invalid port."); |
warnx("yppasswd daemon is on an invalid port."); |
return(1); |
return (1); |
} |
} |
|
|
/* Get user's login identity */ |
/* Get user's login identity */ |
if (!(pw = ypgetpwnam(username))) { |
if (!(pw = ypgetpwnam(username))) { |
warnx("unknown user %s.", username); |
warnx("unknown user %s.", username); |
return(1); |
return (1); |
} |
} |
if ((lc = login_getclass(pw->pw_class)) == NULL) { |
if ((lc = login_getclass(pw->pw_class)) == NULL) { |
warnx("unable to get login class for user %s.", username); |
warnx("unable to get login class for user %s.", username); |
return(1); |
return (1); |
} |
} |
|
|
uid = getuid(); |
uid = getuid(); |
if (uid && uid != pw->pw_uid) { |
if (uid && uid != pw->pw_uid) { |
warnx("you may only change your own password: %s", strerror(EACCES)); |
warnx("you may only change your own password: %s", |
return(1); |
strerror(EACCES)); |
|
return (1); |
} |
} |
|
|
/* prompt for new password */ |
/* prompt for new password */ |
|
|
yppasswd.newpw.pw_gecos = pw->pw_gecos; |
yppasswd.newpw.pw_gecos = pw->pw_gecos; |
yppasswd.newpw.pw_dir = pw->pw_dir; |
yppasswd.newpw.pw_dir = pw->pw_dir; |
yppasswd.newpw.pw_shell = pw->pw_shell; |
yppasswd.newpw.pw_shell = pw->pw_shell; |
|
|
client = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp"); |
client = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp"); |
if (client==NULL) { |
if (client==NULL) { |
warnx("cannot contact yppasswdd on %s: Reason: %s", |
warnx("cannot contact yppasswdd on %s: Reason: %s", |
master, yperr_string(YPERR_YPBIND)); |
master, yperr_string(YPERR_YPBIND)); |
free(yppasswd.newpw.pw_passwd); |
free(yppasswd.newpw.pw_passwd); |
return(YPERR_YPBIND); |
return (YPERR_YPBIND); |
} |
} |
client->cl_auth = authunix_create_default(); |
client->cl_auth = authunix_create_default(); |
tv.tv_sec = 2; |
tv.tv_sec = 2; |
|
|
else if (status) { |
else if (status) { |
printf("Couldn't change YP password.\n"); |
printf("Couldn't change YP password.\n"); |
free(yppasswd.newpw.pw_passwd); |
free(yppasswd.newpw.pw_passwd); |
return(1); |
return (1); |
} |
} |
printf("The YP password has been changed on %s, the master YP passwd server.\n", |
printf("The YP password has been changed on %s, " |
master); |
"the master YP passwd server.\n", master); |
free(yppasswd.newpw.pw_passwd); |
free(yppasswd.newpw.pw_passwd); |
return(0); |
return (0); |
} |
} |
|
|
char * |
char * |
|
|
|
|
saveint = signal(SIGINT, kbintr); |
saveint = signal(SIGINT, kbintr); |
savequit = signal(SIGQUIT, kbintr); |
savequit = signal(SIGQUIT, kbintr); |
|
|
printf("Changing YP password for %s.\n", pw->pw_name); |
printf("Changing YP password for %s.\n", pw->pw_name); |
if (old_pass) { |
if (old_pass) { |
*old_pass = NULL; |
*old_pass = NULL; |
|
|
if (pw->pw_passwd[0]) { |
if (pw->pw_passwd[0]) { |
p = getpass("Old password:"); |
p = getpass("Old password:"); |
if (strcmp(crypt(p, pw->pw_passwd), pw->pw_passwd)) { |
if (strcmp(crypt(p, pw->pw_passwd), pw->pw_passwd)) { |
|
|
pw_error(NULL, 0, 0); |
pw_error(NULL, 0, 0); |
} |
} |
if (strcmp(p, "s/key") == 0) { |
if (strcmp(p, "s/key") == 0) { |
printf("That password collides with a system feature. Choose another.\n"); |
printf("That password collides with a system feature. " |
|
"Choose another.\n"); |
continue; |
continue; |
} |
} |
if ((tries++ < pwd_tries || pwd_tries == 0) |
if ((tries++ < pwd_tries || pwd_tries == 0) |
&& pwd_check(pw, lc, p) == 0) |
&& pwd_check(pw, lc, p) == 0) |
continue; |
continue; |
strncpy(buf, p, sizeof buf-1); |
strncpy(buf, p, sizeof buf-1); |
|
|
break; |
break; |
(void)printf("Mismatch; try again, EOF to quit.\n"); |
(void)printf("Mismatch; try again, EOF to quit.\n"); |
} |
} |
if( !pwd_gensalt( salt, _PASSWORD_LEN, pw, lc, 'y' )) { |
if(!pwd_gensalt(salt, _PASSWORD_LEN, pw, lc, 'y')) { |
(void)printf("Couldn't generate salt.\n"); |
(void)printf("Couldn't generate salt.\n"); |
pw_error(NULL, 0, 0); |
pw_error(NULL, 0, 0); |
} |
} |
p = strdup(crypt(buf, salt)); |
p = strdup(crypt(buf, salt)); |
if (p == NULL) |
if (p == NULL) |
pw_error(NULL, 1, 1); |
pw_error(NULL, 1, 1); |
|
|
pwent->pw_change = 0; |
pwent->pw_change = 0; |
pwent->pw_expire = 0; |
pwent->pw_expire = 0; |
pwent->pw_class = ""; |
pwent->pw_class = ""; |
|
|
/* line without colon separators is no good, so ignore it */ |
/* line without colon separators is no good, so ignore it */ |
if(!strchr(p, ':')) |
if(!strchr(p, ':')) |
return(NULL); |
return (NULL); |
|
|
pwent->pw_name = p; |
pwent->pw_name = p; |
p = pwskip(p); |
p = pwskip(p); |
|
|
static struct passwd pwent; |
static struct passwd pwent; |
char *val; |
char *val; |
int reason, vallen; |
int reason, vallen; |
|
|
reason = yp_match(domain, "passwd.byname", nam, strlen(nam), |
reason = yp_match(domain, "passwd.byname", nam, strlen(nam), |
&val, &vallen); |
&val, &vallen); |
switch(reason) { |
switch(reason) { |
|
|
__yplin[vallen] = '\0'; |
__yplin[vallen] = '\0'; |
free(val); |
free(val); |
|
|
return(interpret(&pwent, __yplin)); |
return (interpret(&pwent, __yplin)); |
} |
} |
|
|
#endif /* YP */ |
#endif /* YP */ |