Annotation of src/usr.bin/passwd/passwd.c, Revision 1.17
1.17 ! david 1: /* $OpenBSD: passwd.c,v 1.16 2003/06/03 02:56:14 millert Exp $ */
1.4 deraadt 2:
1.1 deraadt 3: /*
4: * Copyright (c) 1988 The Regents of the University of California.
5: * All rights reserved.
6: *
7: * Redistribution and use in source and binary forms, with or without
8: * modification, are permitted provided that the following conditions
9: * are met:
10: * 1. Redistributions of source code must retain the above copyright
11: * notice, this list of conditions and the following disclaimer.
12: * 2. Redistributions in binary form must reproduce the above copyright
13: * notice, this list of conditions and the following disclaimer in the
14: * documentation and/or other materials provided with the distribution.
1.16 millert 15: * 3. Neither the name of the University nor the names of its contributors
1.1 deraadt 16: * may be used to endorse or promote products derived from this software
17: * without specific prior written permission.
18: *
19: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29: * SUCH DAMAGE.
30: */
31:
32: #ifndef lint
33: char copyright[] =
34: "@(#) Copyright (c) 1988 The Regents of the University of California.\n\
35: All rights reserved.\n";
36: #endif /* not lint */
37:
38: #ifndef lint
1.11 millert 39: /*static const char sccsid[] = "from: @(#)passwd.c 5.5 (Berkeley) 7/6/91";*/
1.17 ! david 40: static const char rcsid[] = "$OpenBSD: passwd.c,v 1.16 2003/06/03 02:56:14 millert Exp $";
1.1 deraadt 41: #endif /* not lint */
42:
43: #include <stdio.h>
1.17 ! david 44: #include <stdlib.h>
1.1 deraadt 45: #include <string.h>
46: #include <unistd.h>
1.12 millert 47: #include <err.h>
1.3 tholo 48: #ifdef KERBEROS
49: #include <kerberosIV/krb.h>
50: #endif
1.1 deraadt 51:
52: /*
53: * Note on configuration:
54: * Generally one would not use both Kerberos and YP
55: * to maintain passwords.
56: *
57: */
58:
59: int use_kerberos;
60: int use_yp;
61:
62: #ifdef YP
63: int force_yp;
64: #endif
65:
1.9 millert 66: extern int local_passwd(char *, int);
1.6 weingart 67: extern int yp_passwd(char *);
1.7 art 68: extern int krb_passwd(int, char **);
1.10 hin 69: extern int krb5_passwd(int, char **);
1.14 hugh 70: extern int _yp_check(char **);
1.15 deraadt 71: void usage(int retval);
1.6 weingart 72:
73: int
1.15 deraadt 74: main(int argc, char **argv)
1.1 deraadt 75: {
76: extern int optind;
1.15 deraadt 77: char *username;
1.13 mpech 78: int ch;
1.14 hugh 79: #ifdef YP
1.1 deraadt 80: int status = 0;
1.14 hugh 81: #endif
1.15 deraadt 82:
1.3 tholo 83: #if defined(KERBEROS) || defined(KERBEROS5)
84: extern char realm[];
1.1 deraadt 85:
1.3 tholo 86: if (krb_get_lrealm(realm,1) == KSUCCESS)
87: use_kerberos = 1;
1.1 deraadt 88: #endif
89: #ifdef YP
90: use_yp = _yp_check(NULL);
91: #endif
92:
1.6 weingart 93: /* Process args and options */
1.10 hin 94: while ((ch = getopt(argc, argv, "lykK")) != -1)
1.1 deraadt 95: switch (ch) {
96: case 'l': /* change local password file */
97: use_kerberos = 0;
98: use_yp = 0;
99: break;
100: case 'k': /* change Kerberos password */
1.10 hin 101: #if defined(KERBEROS)
1.1 deraadt 102: use_kerberos = 1;
103: use_yp = 0;
1.7 art 104: exit(krb_passwd(argc, argv));
1.1 deraadt 105: break;
106: #else
107: fprintf(stderr, "passwd: Kerberos not compiled in\n");
108: exit(1);
1.10 hin 109: #endif
110: case 'K':
111: #ifdef KRB5
112: /* Skip programname and '-K' option */
1.15 deraadt 113: argc -= 2;
114: argv += 2;
1.10 hin 115: exit(krb5_passwd(argc, argv));
1.15 deraadt 116: #else
1.10 hin 117: errx(1, "KerberosV support not enabled");
118: break;
1.1 deraadt 119: #endif
120: case 'y': /* change YP password */
121: #ifdef YP
122: if (!use_yp) {
123: fprintf(stderr, "passwd: YP not in use.\n");
124: exit(1);
125: }
126: use_kerberos = 0;
127: use_yp = 1;
128: force_yp = 1;
129: break;
130: #else
131: fprintf(stderr, "passwd: YP not compiled in\n");
132: exit(1);
133: #endif
134: default:
1.8 ericj 135: usage(1);
1.1 deraadt 136: }
137:
138: argc -= optind;
139: argv += optind;
140:
141: username = getlogin();
142: if (username == NULL) {
143: fprintf(stderr, "passwd: who are you ??\n");
144: exit(1);
145: }
1.15 deraadt 146:
147: switch (argc) {
1.1 deraadt 148: case 0:
149: break;
150: case 1:
151: #if defined(KERBEROS) || defined(KERBEROS5)
1.15 deraadt 152: if (use_kerberos && strcmp(argv[0], username)) {
153: (void)fprintf(stderr, "passwd: %s\n\t%s\n%s\n",
154: "to change another user's Kerberos password, do",
155: "\"passwd -k -u <user>\";",
156: "to change a user's local passwd, use \"passwd -l <user>\"");
157: exit(1);
158: }
1.1 deraadt 159: #endif
160: username = argv[0];
161: break;
162: default:
1.8 ericj 163: usage(1);
1.1 deraadt 164: }
165:
166: #if defined(KERBEROS) || defined(KERBEROS5)
1.15 deraadt 167: if (use_kerberos)
168: exit(krb_passwd(argc, argv));
1.1 deraadt 169: #endif
1.7 art 170:
1.1 deraadt 171: #ifdef YP
1.9 millert 172: if (force_yp || ((status = local_passwd(username, 0)) && use_yp))
1.1 deraadt 173: exit(yp_passwd(username));
174: exit(status);
175: #endif
1.9 millert 176: exit(local_passwd(username, 0));
1.1 deraadt 177: }
178:
1.6 weingart 179: void
1.15 deraadt 180: usage(int retval)
1.1 deraadt 181: {
1.15 deraadt 182: fprintf(stderr, "usage: passwd [-l] [-y] [-k [-n name] [-i instance] "
183: "[-r realm] [-u username[.instance][@realm]] [user]\n");
1.8 ericj 184: exit(retval);
1.1 deraadt 185: }