2 * $Id: uams_passwd.c,v 1.10 2001-05-25 13:23:56 rufustfirefly Exp $
4 * Copyright (c) 1990,1993 Regents of The University of Michigan.
5 * Copyright (c) 1999 Adrian Sun (asun@u.washington.edu)
6 * All Rights Reserved. See COPYRIGHT.
31 #include <atalk/afp.h>
32 #include <atalk/uam.h>
37 #include <sys/types.h>
38 #include <sys/security.h>
42 static int c2security = 0;
46 static int passwd_login(void *obj, struct passwd **uam_pwd,
47 char *ibuf, int ibuflen,
48 char *rbuf, int *rbuflen)
59 if (uam_afpserver_option(obj, UAM_OPTION_USERNAME,
60 (void *) &username, &ulen) < 0)
63 len = (unsigned char) *ibuf++;
65 return( AFPERR_PARAM );
68 memcpy(username, ibuf, len );
70 username[ len ] = '\0';
71 if ((unsigned long) ibuf & 1) /* pad character */
73 ibuf[ PASSWDLEN ] = '\0';
75 if (( pwd = uam_getname(username, ulen)) == NULL ) {
79 syslog(LOG_INFO, "cleartext login: %s", username);
80 if (uam_checkuser(pwd) < 0)
81 return AFPERR_NOTAUTH;
84 if (( sp = getspnam( pwd->pw_name )) == NULL ) {
85 syslog( LOG_INFO, "no shadow passwd entry for %s", username);
86 return AFPERR_NOTAUTH;
88 pwd->pw_passwd = sp->sp_pwdp;
92 return AFPERR_NOTAUTH;
97 if ( c2security == 1 ) {
98 struct pr_passwd *pr = getprpwnam( pwd->pw_name );
100 return AFPERR_NOTAUTH;
101 if ( strcmp( dispcrypt( ibuf, pr->ufld.fd_encrypt,
102 pr->ufld.fd_oldcrypt ), pr->ufld.fd_encrypt ) == 0 ) {
106 p = crypt( ibuf, pwd->pw_passwd );
107 if ( strcmp( p, pwd->pw_passwd ) == 0 )
111 p = crypt( ibuf, pwd->pw_passwd );
112 if ( strcmp( p, pwd->pw_passwd ) == 0 )
116 return AFPERR_NOTAUTH;
122 static int passwd_changepw(void *obj, char *username,
123 struct passwd *pwd, char *ibuf,
124 int ibuflen, char *rbuf, int *rbuflen)
129 char pw[PASSWDLEN + 1], *p;
130 uid_t uid = geteuid();
132 if (uam_checkuser(pwd) < 0)
133 return AFPERR_ACCESS;
136 memcpy(pw, ibuf, PASSWDLEN);
137 memset(ibuf, 0, PASSWDLEN);
138 pw[PASSWDLEN] = '\0';
141 if (( sp = getspnam( pwd->pw_name )) == NULL ) {
142 syslog( LOG_INFO, "no shadow passwd entry for %s", username);
145 pwd->pw_passwd = sp->sp_pwdp;
148 p = crypt(pw, pwd->pw_passwd );
149 if (strcmp( p, pwd->pw_passwd )) {
150 memset(pw, 0, sizeof(pw));
151 return AFPERR_NOTAUTH;
156 ibuf[PASSWDLEN] = '\0';
166 /* Printer ClearTxtUAM login */
167 static int passwd_printer(start, stop, username, out)
168 char *start, *stop, *username;
176 char password[PASSWDLEN + 1] = "\0";
177 static const char *loginok = "0\r";
180 data = (char *)malloc(stop - start + 1);
181 strncpy(data, start, stop - start + 1);
183 /* We are looking for the following format in data:
184 * (username) (password)
186 * Let's hope username doesn't contain ") ("!
189 /* Parse input for username in () */
190 if ((p = strchr(data, '(' )) == NULL) {
191 syslog(LOG_INFO,"Bad Login ClearTxtUAM: username not found in string");
196 if ((q = strstr(data, ") (" )) == NULL) {
197 syslog(LOG_INFO,"Bad Login ClearTxtUAM: username not found in string");
201 strncpy(username, p, q - p);
203 /* Parse input for password in next () */
205 if ((q = strrchr(data, ')' )) == NULL) {
206 syslog(LOG_INFO,"Bad Login ClearTxtUAM: password not found in string");
210 strncpy(password, p, q - p);
212 /* Done copying username and password, clean up */
215 ulen = strlen(username);
217 if (( pwd = uam_getname(username, ulen)) == NULL ) {
218 syslog(LOG_INFO, "Bad Login ClearTxtUAM: ( %s ) not found ",
223 if (uam_checkuser(pwd) < 0) {
224 /* syslog of error happens in uam_checkuser */
229 if (( sp = getspnam( pwd->pw_name )) == NULL ) {
230 syslog(LOG_INFO, "Bad Login ClearTxtUAM: no shadow passwd entry for %s",
234 pwd->pw_passwd = sp->sp_pwdp;
237 if (!pwd->pw_passwd) {
238 syslog(LOG_INFO, "Bad Login ClearTxtUAM: no password for %s",
244 if ( kcheckuser( pwd, password) == 0)
248 p = crypt(password, pwd->pw_passwd);
249 if (strcmp(p, pwd->pw_passwd) != 0) {
250 syslog(LOG_INFO, "Bad Login ClearTxtUAM: %s: bad password", username);
254 /* Login successful */
255 append(out, loginok, strlen(loginok));
256 syslog(LOG_INFO, "Login ClearTxtUAM: %s", username);
261 static int uam_setup(const char *path)
266 char siad[] = "siad_ses_init=";
268 if ( access( SIAIGOODFILE, F_OK ) == -1 ) {
269 syslog( LOG_ERR, "clrtxt uam_setup: %s does not exist",
274 if ( ( f = fopen(MATRIX_CONF, "r" ) ) == NULL ) {
275 syslog( LOG_ERR, "clrtxt uam_setup: %s is unreadable",
280 while ( fgets( buf, sizeof(buf), f ) != NULL ) {
281 if ( strncmp( buf, siad, sizeof(siad) - 1 ) == 0 ) {
282 if ( strstr( buf, "OSFC2" ) != NULL )
290 syslog( LOG_INFO, "clrtxt uam_setup: security level %s",
291 c2security == 0 ? "BSD" : "OSFC2" );
294 if (uam_register(UAM_SERVER_LOGIN, path, "Cleartxt Passwrd",
295 passwd_login, NULL, NULL) < 0)
297 if (uam_register(UAM_SERVER_PRINTAUTH, path, "ClearTxtUAM",
304 static void uam_cleanup(void)
306 uam_unregister(UAM_SERVER_LOGIN, "Cleartxt Passwrd");
307 uam_unregister(UAM_SERVER_PRINTAUTH, "ClearTxtUAM");
310 UAM_MODULE_EXPORT struct uam_export uams_clrtxt = {
313 uam_setup, uam_cleanup