passwd.c

<B>Digital的Unix操作系统VAX 4.2源码</B>

		return(1);
	return(0);
}


/**** stir and shake ****/
mix(hup)
struct hesupdmsg *hup;
{
	unsigned char *hesbuf= (unsigned char *) hup;
	unsigned char tmp1=0,tmp=0;
	int i,j,len;
	len = sizeof(struct hesupdmsg) - 1;
	for (i=0,j=11; i <=len; i++,j++)
		hesbuf[i]+= j % 15;
	tmp = (( hesbuf[0] >> 3) | (hesbuf[len] << 5));
	for (i=len;i > 0; i--)
		{
		hesbuf[i]= (( hesbuf[i] >> 3) | (hesbuf[i-1] << 5 ));
		}
	hesbuf[0] = tmp;
	for (i=0,j=3; i <=len; i++,j++)
		hesbuf[i]+= j % 5;

}


/*
 * Get a gecos entry from stdin.
 */
char *
getentry(prompt, def, buf, size)
char *prompt;
char *def;
char *buf;
int size;
{
	char *fgetline();

	do {
		(void) fprintf(stdout, "%s [%s]: ", prompt, def);
		(void) fgetline(buf, size, stdin);
	} while (checkentry(buf));

	if (*buf) {
		if (!strcmp(buf, "none")) bzero(buf, size);
		return(buf);
	} 
	return(def);
}


/*
 * Check validity of gecos entry.
 */
checkentry(s)
char *s;
{
	char *cp;

	if (cp = strchr(s, '\n')) *cp = '\0';
	for (cp = s; *cp; cp++) {
		if (!isprint(*cp) || *cp == ':' || *cp == ',') {
			DO_ERROR("Illegal character in string.\n");
		return(1);
		}
	}
	return(0);
}


/*
 * fgetline is a modified fgets that will read a line of input
 * saving n characters in the buffer pointed to by s, as does
 * fgets, but will continue to read characters up to a newline.
 * n+ characters read, are discarded. 
 */
char *
fgetline(s, n, iop)
char *s;
register int n;
register FILE *iop;
{
	register c;
	register char *cs;
	
	cs = s;
	while ((c = getc(iop)) >= 0) {
		if (--n>0) *cs++ = c;
		if (c == '\n')
			break;
	}
	if (c<0 && cs==s)
		return(NULL);
	*cs++ = '\0';
	return(s);
}

/************************************************************************
 *                                                                      *
 *	Chpw_bsd checks the received password to assure its validity    *
 *	with respect to the associated uid. If all is well the new	*
 *	encrypted password string will replace the old encrypted        *
 *	password string in the homebase/passwd file. Hesiod make_passwd *
 *	is then called to update the hesiod.db. Once a new hesiod.db is *
 *	created the local "MASTER" named is restarted which starts the  *
 * 	distribution of the new password database.			*
 *									*
 ************************************************************************/

int
chpw_bsd(ouid,opwd,ncrypt)
uid_t	ouid;		/* uid of user requesting a password change 	*/
char	*opwd;		/* Old passowrd of user(uid)			*/
char	*ncrypt;	/* New encrypted password of user(uid)		*/
{	
        FILE *tempfp, *filefp, *fp;
        int tempfd, i, len;
	int retval=0;
        void (*f1)(), (*f2)(), (*f3)();
        char buf[256], *p;
	char *pwptr;
        char cmdbuf[1024];
	char pwdbuf[64];
	struct passwd *pwent, *getpwuid_bind();
	pwent = getpwuid_bind(ouid);
	if(pwent == NULL) 
		return(retval);
	/***								 ***/
	/*** We now assume that the ouid is valid and set the new passwd ***/
	/***								 ***/
	        (void) umask(0);

        f1 = signal(SIGHUP, SIG_IGN);
        f2 = signal(SIGINT, SIG_IGN);
        f3 = signal(SIGQUIT, SIG_IGN);
        tempfd = open("hesupd_passwd", O_WRONLY|O_CREAT|O_EXCL, 0644);
        if (tempfd < 0) {
                	goto cleanup_noclose;
			}
        signal(SIGTSTP, SIG_IGN);
        if ((tempfp = fdopen(tempfd, "w")) == NULL) {
                goto cleanup;
        }
	
	/*
	 * Prepare to make new passwd file copy
	 * with new password.
	 */
	if ((filefp = fopen("passwd", "r")) == NULL) {
		goto cleanup;
	}
	/*				*/
	/* copy and check new password  */
 	/* into pwent struct		*/
	/*				*/
	bzero(pwdbuf, sizeof(pwdbuf));
        for (p = ncrypt, pwptr = pwdbuf; (*p != '\0'); p++,pwptr++)
		{
                if ((*p == ':') || !(isprint(*p)))
                        *pwptr = '$';       /* you lose buckwheat */
		else *pwptr = *p;	    /* the SUN way of doing it */
		}
	/*				*/
	/* copy and modify passwd file  */
	/*				*/
	len = strlen(pwent->pw_name);
	while (fgets(buf, sizeof(buf), filefp)) {
		p = index(buf, ':');
		if (p && p - buf == len
		    && strncmp(pwent->pw_name, buf, p - buf) == 0) {
			fprintf(tempfp,"%s:%s:%d:%d:%s:%s:%s\n",
			    pwent->pw_name,
			    pwdbuf,
			    pwent->pw_uid,
			    pwent->pw_gid,
			    pwent->pw_gecos,
			    pwent->pw_dir,
			    pwent->pw_shell);
		}
		else
			fputs(buf, tempfp);
	}
	bzero(pwdbuf, sizeof(pwdbuf));
	fclose(filefp);
	fclose(tempfp);
	/*				*/
	/* copy in new passwd file	*/
	/*				*/
	(void) umask(022);
	strcpy(cmdbuf,"cp ");
	strcat(cmdbuf,"hesupd_passwd");
	strcat(cmdbuf," ");
	strcat(cmdbuf,"passwd");
	system(cmdbuf);
	unlink("hesupd_passwd");
	/*				*/
	/* create the new hesiod.db 	*/
	/*				*/
	bzero(cmdbuf,sizeof(cmdbuf));
	strcpy(cmdbuf,"/var/dss/namedb/bin/make_passwd ");
	strcat(cmdbuf,"/var/dss/namedb/src");
	strcat(cmdbuf,"/passwd ");
	strcat(cmdbuf,"/var/dss/namedb/passwd.db");
	system(cmdbuf);
	/*				*/
	/* distribute the new hesiod.db */
	/*				*/
	bzero(cmdbuf,sizeof(cmdbuf));
	strcpy(cmdbuf,"/var/dss/namedb/bin/restart_named");
	system(cmdbuf);
	sleep(10);
	retval=1;
    cleanup:
	fclose(tempfp);
    cleanup_noclose:
        signal(SIGHUP, f1);
        signal(SIGINT, f2);
        signal(SIGQUIT, f3);
	return(retval);
}

/************************************************************************
 *                                                                      *
 *	Chpw_trans checks the received password to assure its validity  *
 *	with respect to the associated uid. If all is well the new	*
 *	encrypted password string will replace the old encrypted        *
 *	password string in the homebase/passwd file. Hesiod make_passwd *
 *	is then called to update the hesiod.db. Once a new hesiod.db is *
 *	created the local "MASTER" named is restarted which starts the  *
 * 	distribution of the new password database.			*
 *									*
 ************************************************************************/
int
chpw_upgrade(ouid, opwd, ncrypt)
uid_t	ouid;		/* uid of user requesting a password change 	*/
char	*opwd;		/* Old passowrd of user(uid)			*/
char	*ncrypt;	/* New encrypted password of user(uid)		*/
{	
        FILE *afp=NULL, *oafp, *pfp=NULL, *opfp;
	long now, time();
        int pfd, afd, i, len, upgrade=0;
	int retval=0;
        void (*f1)(), (*f2)(), (*f3)();
        char buf[2048], *p, *pwptr;
	CRYPT_PASSWORD newpass, crypt_pass;
	char (*fp)();
        char cmdbuf[BUFSIZ];
	struct passwd *pwent, *getpwuid_bind();
	AUTHORIZATION *authent, *getauthuid(), *getauthuid_hesiod();

	pwent = getpwuid_bind(ouid);
	if(pwent == NULL)  {
		return(retval);
	}
	authent = getauthuid_hesiod(ouid);
	if(authent == NULL) {
		return retval;
	}
	if(!strcmp(pwent->pw_passwd, "*")) {
		pwptr = authent->a_password;
	} else {
		pwptr = pwent->pw_passwd;
		upgrade = 1;
		}
	if(!(authent->a_authmask & A_CHANGE_PASSWORD)) {
		return(retval);
	}
	now = time(0);
	if(now < authent->a_pass_mod+authent->a_pw_minexp) {
		return retval;
	}
/***								 ***/
/*** We now assume that the ouid is valid and set the new passwd ***/
/***								 ***/
	        (void) umask(0);

        f1 = signal(SIGHUP, SIG_IGN);
        f2 = signal(SIGINT, SIG_IGN);
        f3 = signal(SIGQUIT, SIG_IGN);
/*
 * Lock the auth data base.
 */
        afd = open("hesupd_auth", O_WRONLY|O_CREAT|O_EXCL, 0600);
        if (afd < 0) {
		fputs("auth file busy - try again.\n", stderr);
                goto cleanup;
	}
	afp = fdopen(afd, "w");
	if(afp == NULL) {
		goto cleanup;
	}
	if ((oafp = fopen("auth", "r")) == NULL) {
		goto cleanup;
	}
/*
 * Lock the passwd data base if we need to.
 */
	if(upgrade) {
		pfd = open("hesupd_passwd", O_WRONLY|O_CREAT|O_EXCL, 0644);
		if(pfd < 0) {
			goto cleanup;
		}
		pfp = fdopen(pfd, "w");
		if(pfp == NULL) {
			goto cleanup;
		}
		if((opfp = fopen("passwd", "r")) == NULL) {
			goto cleanup;
		}
	}
        signal(SIGTSTP, SIG_IGN);
/*
 * Make a local copy of the new password checking to make sure it's
 * not garbage.
 */
	len = strlen(ncrypt);
	if(len >= sizeof newpass) {
		goto cleanup;
	}
	pwptr = newpass;
	p = ncrypt;
	for(p=ncrypt; (*p != '\0'); p++) {
                if ((*p == ':') || !(isprint(*p)))
                        *pwptr++ = '$';       /* you lose buckwheat */
		else
			*pwptr++ = *p;
	}
	*pwptr = '\0';
	bcopy(newpass,authent->a_password, CRYPT_PASSWORD_LENGTH);
	authent->a_pass_mod = now;
/*
 * Copy and modify the auth file
 */
	while (fgets(buf, sizeof(buf), oafp)) {
		p = index(buf, ':');
		if (p && atoi(buf) == authent->a_uid) {
			fputs(asciiauth(authent), afp);
			putc('\n', afp);
		} else
			fputs(buf, afp);
	}
	fclose(oafp);
	fclose(afp);
	afp = NULL;
/*
 * Copy and modify the password file if we need to upgrade this entry.
 */
	len = strlen(pwent->pw_name);
	if(upgrade) {
		while (fgets(buf, sizeof(buf), opfp)) {
			p = index(buf, ':');
                if (p && p - buf == len
                    && strncmp(pwent->pw_name, buf, p - buf) == 0) 
				fprintf(pfp, "%s:*:%d:%d:%s:%s:%s\n",
				    pwent->pw_name,
				    pwent->pw_uid,
				    pwent->pw_gid,
				    pwent->pw_gecos,
				    pwent->pw_dir,
				    pwent->pw_shell);
			else
				fputs(buf, pfp);
		}
		fclose(opfp);
		fclose(pfp);
		pfp = NULL;
	}
/*
 * Copy in new auth file
 */
	(void) umask(077);
	strcpy(cmdbuf,"cp ");
	strcat(cmdbuf,"hesupd_auth");
	strcat(cmdbuf," ");
	strcat(cmdbuf,"auth");
	system(cmdbuf);
	unlink("hesupd_auth");
	(void) umask(022);
/*
 * Copy in new passwd file if necessary
 */
	if(upgrade) {
		strcpy(cmdbuf,"cp ");
		strcat(cmdbuf,"hesupd_passwd");
		strcat(cmdbuf," ");
		strcat(cmdbuf,"passwd");
		system(cmdbuf);
		unlink("hesupd_passwd");
	}
/*
 * Create the new passwd.db 
 */
	strcpy(cmdbuf, "/var/dss/namedb/bin/make_passwd ");
	strcat(cmdbuf, homebase);
	strcat(cmdbuf, "/passwd ");
	strcat(cmdbuf, "/var/dss/namedb/passwd.db");
	system(cmdbuf);
/*
 * Create the new auth.db 
 */
	strcpy(cmdbuf, "/var/dss/namedb/bin/make_auth ");
	strcat(cmdbuf, homebase);
	strcat(cmdbuf, "/auth ");
	strcat(cmdbuf, "/var/dss/namedb/auth.db");
	system(cmdbuf);
/*
 * Distrbute the new hesiod.db
 */
	strcpy(cmdbuf,"/var/dss/namedb/bin/restart_named");
	system(cmdbuf);
	sleep(10);
	retval=1;
cleanup:
	if(pfp)
		fclose(pfp);
	if(afp)
		fclose(afp);
        signal(SIGHUP, f1);
        signal(SIGINT, f2);
        signal(SIGQUIT, f3);
	return(retval);
}


/************************************************************************
 *                                                                      *
 *	Chpw_c2 checks the received password to assure its validity  	*
 *	with respect to the associated uid. If all is well the new	*
 *	encrypted password string will replace the old encrypted        *
 *	password string in the homebase/passwd file. Hesiod make_passwd *
 *	is then called to update the hesiod.db. Once a new hesiod.db is *
 *	created the local "MASTER" named is restarted which starts the  *
 * 	distribution of the new password database.			*
 *									*
 ************************************************************************/
int
chpw_enhanced(ouid, opwd, ncrypt)
uid_t	ouid;		/* uid of user requesting a password change 	*/
char	*opwd;		/* Old passowrd of user(uid)			*/
char	*ncrypt;	/* New encrypted password of user(uid)		*/
{	
        FILE *afp=NULL, *oafp;
	long now, time();
        int afd, i, len;
	int retval=0;
        void (*f1)(), (*f2)(), (*f3)();
        char buf[2048], *p, *pwptr;
	CRYPT_PASSWORD newpass;
        char cmdbuf[BUFSIZ];
	struct passwd *pwent, *getpwuid_bind();
	AUTHORIZATION *authent, *getauthuid_hesiod();

	pwent = getpwuid_bind(ouid);
	if(pwent == NULL)  {
		return(retval);
	}
	authent = getauthuid_hesiod(ouid);
	if(authent == NULL) {
		return retval;
	}
	pwptr = authent->a_password;
	if(!(authent->a_authmask & A_CHANGE_PASSWORD)) {
		return(retval);
	}
	now = time(0);
	if(now < authent->a_pass_mod+authent->a_pw_minexp) {
		return retval;
	}
/***								 ***/
/*** We now assume that the ouid is valid and set the new passwd ***/
/***								 ***/
	        (void) umask(0);

        f1 = signal(SIGHUP, SIG_IGN);
        f2 = signal(SIGINT, SIG_IGN);
        f3 = signal(SIGQUIT, SIG_IGN);
/*
 * Lock the auth data base.
 */
        afd = open("hesupd_auth", O_WRONLY|O_CREAT|O_EXCL, 0600);
        if (afd < 0) {
                goto cleanup;
	}
	afp = fdopen(afd, "w");
	if(afp == NULL) {
		goto cleanup;
	}
	if ((oafp = fopen("auth", "r")) == NULL) {
		goto cleanup;
	}
        signal(SIGTSTP, SIG_IGN);
/*
 * Make a local copy of the new password checking to make sure it's
 * not garbage.
 */
	len = strlen(ncrypt);
	if(len >= sizeof newpass) {
		goto cleanup;
	}
	pwptr = newpass;
	p = ncrypt;
	for(p=ncrypt; (*p != '\0'); p++) {
                if ((*p == ':') || !(isprint(*p)))
                        *pwptr++ = '$';       /* you lose buckwheat */
		else
			*pwptr++ = *p;
	}
	*pwptr = '\0';
	bcopy(newpass,authent->a_password, CRYPT_PASSWORD_LENGTH);
	authent->a_pass_mod = now;
/*
 * Copy and modify the auth file
 */
	while (fgets(buf, sizeof(buf), oafp)) {
		p = index(buf, ':');
		if (p && atoi(buf) == authent->a_uid) {
			fputs(asciiauth(authent), afp);
			putc('\n', afp);
		} else
			fputs(buf, afp);
	}
	fclose(oafp);
	fclose(afp);
	afp = NULL;
/*
 * Copy in new auth file
 */
	(void) umask(077);
	strcpy(cmdbuf,"cp ");
	strcat(cmdbuf,"hesupd_auth");
	strcat(cmdbuf," ");
	strcat(cmdbuf,"auth");
	system(cmdbuf);
	unlink("hesupd_auth");
	(void) umask(022);
/*
 * Create the new hesiod.db 
 */
	strcpy(cmdbuf, "/var/dss/namedb/bin/make_auth ");
	strcat(cmdbuf, homebase);
	strcat(cmdbuf, "/auth ");
	strcat(cmdbuf, "/var/dss/namedb/auth.db");
	system(cmdbuf);
/*
 * Distrbute the new hesiod.db
 */
	strcpy(cmdbuf,"/var/dss/namedb/bin/restart_named");
	system(cmdbuf);
	sleep(10);
	retval=1;
cleanup:
	if(afp)
		fclose(afp);
        signal(SIGHUP, f1);
        signal(SIGINT, f2);
        signal(SIGQUIT, f3);
	return(retval);
}
static AUTHORIZATION *getauthuid_hesiod(uid)
int uid;
{
	static AUTHORIZATION auth;
        char uidbuf[10], **pp;
	AUTHORIZATION *_auth = (AUTHORIZATION *) NULL;
        setent_bind(0);
        sprintf(uidbuf, "%u", uid);
        pp = (char **) hes_auth_resolve(uidbuf, "auth");
        endent_bind();
        if(pp != NULL)
                if(*pp) {
                        binauth(*pp, &auth);
                        while(*pp)
                                free(*pp++);
                        _auth = &auth;
                }
        else
                return(NULL);
        return _auth;
}