/* $OpenBSD: yppasswdd_mkpw.c,v 1.30 2012/12/04 02:24:47 deraadt Exp $ */ /* * Copyright (c) 1994 Mats O Jansson <moj@stacken.kth.se> * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include <sys/types.h> #include <sys/stat.h> #include <stdio.h> #include <fcntl.h> #include <rpc/rpc.h> #include <rpcsvc/yppasswd.h> #include <db.h> #include <pwd.h> #include <stdlib.h> #include <unistd.h> #include <util.h> #include <ctype.h> #include <string.h> #include <syslog.h> extern int noshell; extern int nogecos; extern int nopw; extern int make; extern char make_arg[]; extern char *dir; char *ok_shell(char *); int badchars(char *); int subst(char *, char, char); int make_passwd(yppasswd *); char * ok_shell(char *name) { char *p, *sh; setusershell(); while ((sh = getusershell())) { if (!strcmp(name, sh)) return (name); /* allow just shell name, but use "real" path */ if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0) return (sh); } return (NULL); } int badchars(char *base) { int ampr = 0; char *s; for (s = base; *s; s++) { if (*s == '&') ampr++; if (!isprint(*s)) return 1; if (strchr(":\n\t\r", *s)) return 1; } if (ampr > 10) return 1; return 0; } int subst(char *s, char from, char to) { int n = 0; while (*s) { if (*s == from) { *s = to; n++; } s++; } return (n); } int make_passwd(yppasswd *argp) { struct passwd pw; int pfd = -1, tfd; char buf[11], *bp = NULL, *p, *t; int n; ssize_t cnt; size_t resid; struct stat st; char *master; pw_init(); if (dir) pw_setdir(dir); master = pw_file(_PATH_MASTERPASSWD); if (!master) return (1); pfd = open(master, O_RDONLY); if (pfd < 0) goto fail; if (fstat(pfd, &st)) goto fail; p = bp = malloc((resid = st.st_size) + 1); if (bp == NULL) goto fail; do { cnt = read(pfd, p, resid); if (cnt < 0) goto fail; p += cnt; resid -= cnt; } while (resid > 0); close(pfd); pfd = -1; *p = '\0'; /* Buf oflow prevention */ p = bp; subst(p, '\n', '\0'); for (n = 1; p < bp + st.st_size; n++, p = t) { t = strchr(p, '\0') + 1; cnt = subst(p, ':', '\0'); if (cnt != 9) { syslog(LOG_WARNING, "bad entry at line %d of %s", n, master); continue; } if (strcmp(p, argp->newpw.pw_name) == 0) break; } if (p >= bp + st.st_size) goto fail; #define EXPAND(e) e = p; while (*p++); EXPAND(pw.pw_name); EXPAND(pw.pw_passwd); pw.pw_uid = atoi(p); EXPAND(t); pw.pw_gid = atoi(p); EXPAND(t); EXPAND(pw.pw_class); pw.pw_change = (time_t)atol(p); EXPAND(t); pw.pw_expire = (time_t)atol(p); EXPAND(t); EXPAND(pw.pw_gecos); EXPAND(pw.pw_dir); EXPAND(pw.pw_shell); if (strcmp(crypt(argp->oldpass, pw.pw_passwd), pw.pw_passwd) != 0) goto fail; if (!nopw && badchars(argp->newpw.pw_passwd)) goto fail; if (!nogecos && badchars(argp->newpw.pw_gecos)) goto fail; if (!nogecos && badchars(argp->newpw.pw_shell)) goto fail; if (!ok_shell(argp->newpw.pw_shell) || !ok_shell(pw.pw_shell)) goto fail; /* * Get the new password. Reset passwd change time to zero; when * classes are implemented, go and get the "offset" value for this * class and reset the timer. */ if (!nopw) { pw.pw_passwd = argp->newpw.pw_passwd; pw.pw_change = 0; } if (!nogecos) pw.pw_gecos = argp->newpw.pw_gecos; if (!noshell) pw.pw_shell = argp->newpw.pw_shell; for (n = 0, p = pw.pw_gecos; *p; p++) { if (*p == '&') n = n + strlen(pw.pw_name) - 1; } if (strlen(pw.pw_name) + 1 + strlen(pw.pw_passwd) + 1 + strlen((snprintf(buf, sizeof buf, "%u", pw.pw_uid), buf)) + 1 + strlen((snprintf(buf, sizeof buf, "%u", pw.pw_gid), buf)) + 1 + strlen(pw.pw_gecos) + n + 1 + strlen(pw.pw_dir) + 1 + strlen(pw.pw_shell) >= 1023) goto fail; pfd = open(master, O_RDONLY, 0); if (pfd < 0) { syslog(LOG_ERR, "cannot open %s", master); goto fail; } tfd = pw_lock(0); if (tfd < 0) goto fail; pw_copy(pfd, tfd, &pw, NULL); pw_mkdb(pw.pw_name, 0); free(bp); if (fork() == 0) { chdir("/var/yp"); (void)umask(022); system(make_arg); exit(0); } return (0); fail: if (bp) free(bp); if (pfd >= 0) close(pfd); free(master); return (1); }