Annotation of src/usr.bin/passwd/passwd.c, Revision 1.25
1.25 ! deraadt 1: /* $OpenBSD: passwd.c,v 1.24 2007/09/08 18:42:36 cloder Exp $ */
1.4 deraadt 2:
1.1 deraadt 3: /*
4: * Copyright (c) 1988 The Regents of the University of California.
5: * All rights reserved.
6: *
7: * Redistribution and use in source and binary forms, with or without
8: * modification, are permitted provided that the following conditions
9: * are met:
10: * 1. Redistributions of source code must retain the above copyright
11: * notice, this list of conditions and the following disclaimer.
12: * 2. Redistributions in binary form must reproduce the above copyright
13: * notice, this list of conditions and the following disclaimer in the
14: * documentation and/or other materials provided with the distribution.
1.16 millert 15: * 3. Neither the name of the University nor the names of its contributors
1.1 deraadt 16: * may be used to endorse or promote products derived from this software
17: * without specific prior written permission.
18: *
19: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29: * SUCH DAMAGE.
30: */
31:
32: #include <stdio.h>
1.17 david 33: #include <stdlib.h>
1.1 deraadt 34: #include <string.h>
35: #include <unistd.h>
1.12 millert 36: #include <err.h>
1.20 deraadt 37: #include <rpcsvc/ypclnt.h>
1.1 deraadt 38:
1.23 biorn 39: #if defined(KRB5)
40: #include <sys/stat.h>
41: #endif
42:
1.1 deraadt 43: /*
44: * Note on configuration:
45: * Generally one would not use both Kerberos and YP
46: * to maintain passwords.
47: *
48: */
49:
50: int use_kerberos;
51: int use_yp;
52:
53: #ifdef YP
54: int force_yp;
55: #endif
56:
1.9 millert 57: extern int local_passwd(char *, int);
1.6 weingart 58: extern int yp_passwd(char *);
1.10 hin 59: extern int krb5_passwd(int, char **);
1.14 hugh 60: extern int _yp_check(char **);
1.15 deraadt 61: void usage(int retval);
1.6 weingart 62:
63: int
1.15 deraadt 64: main(int argc, char **argv)
1.1 deraadt 65: {
66: extern int optind;
1.15 deraadt 67: char *username;
1.13 mpech 68: int ch;
1.14 hugh 69: #ifdef YP
1.1 deraadt 70: int status = 0;
1.14 hugh 71: #endif
1.23 biorn 72: #if defined(KRB5)
73: char *ccfile;
74: struct stat sb;
75:
76: if (!(ccfile = getenv("KRB5CCNAME")))
77: if (asprintf(&ccfile, "/tmp/krb5cc_%u", (unsigned)getuid()) ==
78: -1)
79: errx(1, "out of memory");
1.15 deraadt 80:
1.23 biorn 81: if ((stat(ccfile, &sb) == 0) && (sb.st_uid == getuid()))
1.3 tholo 82: use_kerberos = 1;
1.1 deraadt 83: #endif
84: #ifdef YP
85: use_yp = _yp_check(NULL);
1.19 deraadt 86: if (use_yp) {
87: char *dom;
88:
89: yp_get_default_domain(&dom);
90: yp_unbind(dom);
91: }
1.1 deraadt 92: #endif
93:
1.6 weingart 94: /* Process args and options */
1.18 hin 95: while ((ch = getopt(argc, argv, "lyK")) != -1)
1.1 deraadt 96: switch (ch) {
97: case 'l': /* change local password file */
98: use_kerberos = 0;
99: use_yp = 0;
100: break;
1.10 hin 101: case 'K':
1.23 biorn 102: #if defined(KRB5)
1.10 hin 103: /* Skip programname and '-K' option */
1.15 deraadt 104: argc -= 2;
105: argv += 2;
1.10 hin 106: exit(krb5_passwd(argc, argv));
1.15 deraadt 107: #else
1.10 hin 108: errx(1, "KerberosV support not enabled");
109: break;
1.1 deraadt 110: #endif
111: case 'y': /* change YP password */
112: #ifdef YP
113: if (!use_yp) {
114: fprintf(stderr, "passwd: YP not in use.\n");
115: exit(1);
116: }
117: use_kerberos = 0;
118: use_yp = 1;
119: force_yp = 1;
120: break;
121: #else
122: fprintf(stderr, "passwd: YP not compiled in\n");
123: exit(1);
124: #endif
125: default:
1.8 ericj 126: usage(1);
1.1 deraadt 127: }
128:
129: argc -= optind;
130: argv += optind;
131:
132: username = getlogin();
133: if (username == NULL) {
134: fprintf(stderr, "passwd: who are you ??\n");
135: exit(1);
136: }
1.15 deraadt 137:
138: switch (argc) {
1.1 deraadt 139: case 0:
140: break;
141: case 1:
142: username = argv[0];
143: break;
144: default:
1.8 ericj 145: usage(1);
1.1 deraadt 146: }
1.7 art 147:
1.23 biorn 148: #if defined(KRB5)
149: if (use_kerberos)
150: exit(krb5_passwd(argc, argv));
151: #endif
1.1 deraadt 152: #ifdef YP
1.9 millert 153: if (force_yp || ((status = local_passwd(username, 0)) && use_yp))
1.1 deraadt 154: exit(yp_passwd(username));
155: exit(status);
1.24 cloder 156: #else
157: exit(local_passwd(username, 0));
1.1 deraadt 158: #endif
159: }
160:
1.6 weingart 161: void
1.15 deraadt 162: usage(int retval)
1.1 deraadt 163: {
1.22 biorn 164: fprintf(stderr, "usage: passwd [-K | -l | -y] [user]\n");
1.8 ericj 165: exit(retval);
1.1 deraadt 166: }