summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMats O Jansson <maja@cvs.openbsd.org>2004-02-20 21:24:58 +0000
committerMats O Jansson <maja@cvs.openbsd.org>2004-02-20 21:24:58 +0000
commitc8cc900d0ca6a5bc9ba2dfa7ed1f18307d224cfb (patch)
tree627b5dd350cefbf8f2971a3b345d3fff9f6d9178
parent57efd3c00d7bb75667dd8a782ee8b0c0665c6ada (diff)
Make passwd understand master.passwd.byname so it can work in a secure
environment. Patch from llx at hitech dot ch, modified by me. -moj ok henning@
-rw-r--r--usr.bin/passwd/yp_passwd.c33
1 files changed, 22 insertions, 11 deletions
diff --git a/usr.bin/passwd/yp_passwd.c b/usr.bin/passwd/yp_passwd.c
index af105592f94..9bcc8ac2ecc 100644
--- a/usr.bin/passwd/yp_passwd.c
+++ b/usr.bin/passwd/yp_passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: yp_passwd.c,v 1.24 2003/06/03 02:56:14 millert Exp $ */
+/* $OpenBSD: yp_passwd.c,v 1.25 2004/02/20 21:24:57 maja Exp $ */
/*
* Copyright (c) 1988 The Regents of the University of California.
@@ -30,7 +30,7 @@
*/
#ifndef lint
/*static const char sccsid[] = "from: @(#)yp_passwd.c 1.0 2/2/93";*/
-static const char rcsid[] = "$OpenBSD: yp_passwd.c,v 1.24 2003/06/03 02:56:14 millert Exp $";
+static const char rcsid[] = "$OpenBSD: yp_passwd.c,v 1.25 2004/02/20 21:24:57 maja Exp $";
#endif /* not lint */
#ifdef YP
@@ -63,7 +63,7 @@ extern int pwd_gettries(struct passwd *, login_cap_t *);
extern void kbintr(int);
char *ypgetnewpasswd(struct passwd *, login_cap_t *, char **);
-struct passwd *ypgetpwnam(char *);
+struct passwd *ypgetpwnam(char *, int);
char *domain;
@@ -85,7 +85,7 @@ int
yp_passwd(char *username)
{
struct yppasswd yppasswd;
- int r, rpcport, status;
+ int r, rpcport, status, secure=0;
struct passwd *pw;
struct timeval tv;
login_cap_t *lc;
@@ -106,7 +106,9 @@ yp_passwd(char *username)
* Find the host for the passwd map; it should be running
* the daemon.
*/
- if ((r = yp_master(domain, "passwd.byname", &master)) != 0) {
+ if ((r = yp_master(domain, "master.passwd.byname", &master)) == 0) {
+ secure=1;
+ } else if ((r = yp_master(domain, "passwd.byname", &master)) != 0) {
warnx("can't find the master YP server. Reason: %s",
yperr_string(r));
return (1);
@@ -131,7 +133,7 @@ yp_passwd(char *username)
}
/* Get user's login identity */
- if (!(pw = ypgetpwnam(username))) {
+ if (!(pw = ypgetpwnam(username, secure))) {
warnx("unknown user %s.", username);
return (1);
}
@@ -257,7 +259,7 @@ pwskip(char *p)
}
struct passwd *
-interpret(struct passwd *pwent, char *line)
+interpret(struct passwd *pwent, char *line, int secure)
{
char *p = line;
@@ -283,6 +285,14 @@ interpret(struct passwd *pwent, char *line)
p = pwskip(p);
pwent->pw_gid = (gid_t)strtoul(p, NULL, 10);
p = pwskip(p);
+ if ( secure == 1 ) {
+ pwent->pw_class = p;
+ p = pwskip(p);
+ pwent->pw_change = (time_t)strtoul(p, NULL, 10);
+ p = pwskip(p);
+ pwent->pw_expire = (time_t)strtoul(p, NULL, 10);
+ p = pwskip(p);
+ }
pwent->pw_gecos = p;
p = pwskip(p);
pwent->pw_dir = p;
@@ -297,14 +307,15 @@ interpret(struct passwd *pwent, char *line)
static char *__yplin;
struct passwd *
-ypgetpwnam(char *nam)
+ypgetpwnam(char *nam, int secure)
{
static struct passwd pwent;
int reason, vallen;
char *val;
- reason = yp_match(domain, "passwd.byname", nam, strlen(nam),
- &val, &vallen);
+ reason = yp_match(domain,
+ secure ? "master.passwd.byname" : "passwd.byname",
+ nam, strlen(nam), &val, &vallen);
switch (reason) {
case 0:
break;
@@ -321,7 +332,7 @@ ypgetpwnam(char *nam)
strlcpy(__yplin, val, vallen + 1);
free(val);
- return (interpret(&pwent, __yplin));
+ return (interpret(&pwent, __yplin, secure));
}
#endif /* YP */