2 * $Id: uams_passwd.c,v 1.22 2004-01-14 16:10:29 bfernhomberg Exp $
4 * Copyright (c) 1990,1993 Regents of The University of Michigan.
5 * Copyright (c) 1999 Adrian Sun (asun@u.washington.edu)
6 * All Rights Reserved. See COPYRIGHT.
9 #define _XOPEN_SOURCE /* for crypt() */
13 #endif /* HAVE_CONFIG_H */
21 #else /* STDC_HEADERS */
25 #endif /* HAVE_STRCHR */
26 char *strchr (), *strrchr ();
28 #define memcpy(d,s,n) bcopy ((s), (d), (n))
29 #define memmove(d,s,n) bcopy ((s), (d), (n))
30 #endif /* ! HAVE_MEMCPY */
31 #endif /* STDC_HEADERS */
35 #endif /* HAVE_UNISTD_H */
38 #endif /* HAVE_CRYPT_H */
40 #include <atalk/logger.h>
50 #include <atalk/afp.h>
51 #include <atalk/uam.h>
56 #define MIN(a,b) ((a) < (b) ? (a) : (b))
64 static char *clientname;
67 static int pwd_login(void *obj, char *username, int ulen, struct passwd **uam_pwd,
68 char *ibuf, int ibuflen,
69 char *rbuf, int *rbuflen)
78 if( uam_afpserver_option( obj, UAM_OPTION_CLIENTNAME,
79 (void *) &clientname, NULL ) < 0 )
83 if (ibuflen < PASSWDLEN) {
84 return( AFPERR_PARAM );
86 ibuf[ PASSWDLEN ] = '\0';
88 if (( pwd = uam_getname(username, ulen)) == NULL ) {
92 LOG(log_info, logtype_uams, "cleartext login: %s", username);
94 if (uam_checkuser(pwd) < 0) {
95 LOG(log_info, logtype_uams, "not a valid user");
96 return AFPERR_NOTAUTH;
100 if (( sp = getspnam( pwd->pw_name )) == NULL ) {
101 LOG(log_info, logtype_uams, "no shadow passwd entry for %s", username);
102 return AFPERR_NOTAUTH;
104 pwd->pw_passwd = sp->sp_pwdp;
105 #endif /* SHADOWPW */
107 if (!pwd->pw_passwd) {
108 return AFPERR_NOTAUTH;
119 uam_afp_getcmdline( &ac, &av );
120 sprintf( hostname, "%s@%s", username, clientname );
122 if( uam_sia_validate_user( NULL, ac, av, hostname, username,
123 NULL, FALSE, NULL, ibuf ) != SIASUCCESS )
124 return AFPERR_NOTAUTH;
129 p = crypt( ibuf, pwd->pw_passwd );
130 if ( strcmp( p, pwd->pw_passwd ) == 0 )
134 return AFPERR_NOTAUTH;
139 static int passwd_login(void *obj, struct passwd **uam_pwd,
140 char *ibuf, int ibuflen,
141 char *rbuf, int *rbuflen)
148 if (uam_afpserver_option(obj, UAM_OPTION_USERNAME,
149 (void *) &username, &ulen) < 0)
153 return( AFPERR_PARAM );
156 len = (unsigned char) *ibuf++;
158 if (!len || len > ibuflen || len > ulen ) {
159 return( AFPERR_PARAM );
161 memcpy(username, ibuf, len );
164 username[ len ] = '\0';
166 if ((unsigned long) ibuf & 1) { /* pad character */
170 return (pwd_login(obj, username, ulen, uam_pwd, ibuf, ibuflen, rbuf, rbuflen));
174 /* cleartxt login ext
177 2 bytes len (network order)
178 len bytes unicode name
180 static int passwd_login_ext(void *obj, char *uname, struct passwd **uam_pwd,
181 char *ibuf, int ibuflen,
182 char *rbuf, int *rbuflen)
190 if (uam_afpserver_option(obj, UAM_OPTION_USERNAME,
191 (void *) &username, &ulen) < 0)
197 memcpy(&temp16, uname, sizeof(temp16));
199 if (!len || len > ulen ) {
200 return( AFPERR_PARAM );
202 memcpy(username, uname +2, len );
203 username[ len ] = '\0';
204 return (pwd_login(obj, username, ulen, uam_pwd, ibuf, ibuflen, rbuf, rbuflen));
210 static int passwd_changepw(void *obj, char *username,
211 struct passwd *pwd, char *ibuf,
212 int ibuflen, char *rbuf, int *rbuflen)
216 #endif /* SHADOWPW */
217 char pw[PASSWDLEN + 1], *p;
218 uid_t uid = geteuid();
220 if (uam_checkuser(pwd) < 0)
221 return AFPERR_ACCESS;
224 memcpy(pw, ibuf, PASSWDLEN);
225 memset(ibuf, 0, PASSWDLEN);
226 pw[PASSWDLEN] = '\0';
229 if (( sp = getspnam( pwd->pw_name )) == NULL ) {
230 LOG(log_info, logtype_uams, "no shadow passwd entry for %s", username);
233 pwd->pw_passwd = sp->sp_pwdp;
234 #endif /* SHADOWPW */
236 p = crypt(pw, pwd->pw_passwd );
237 if (strcmp( p, pwd->pw_passwd )) {
238 memset(pw, 0, sizeof(pw));
239 return AFPERR_NOTAUTH;
244 ibuf[PASSWDLEN] = '\0';
248 #endif /* SHADOWPW */
254 /* Printer ClearTxtUAM login */
255 static int passwd_printer(start, stop, username, out)
256 char *start, *stop, *username;
262 #endif /* SHADOWPW */
264 char password[PASSWDLEN + 1] = "\0";
265 static const char *loginok = "0\r";
268 data = (char *)malloc(stop - start + 2);
270 LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: malloc");
273 strncpy(data, start, stop - start + 1);
274 data[stop - start + 2] = 0;
276 /* We are looking for the following format in data:
277 * (username) (password)
279 * Let's hope username doesn't contain ") ("!
282 /* Parse input for username in () */
283 if ((p = strchr(data, '(' )) == NULL) {
284 LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: username not found in string");
289 if ((q = strstr(data, ") (" )) == NULL) {
290 LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: username not found in string");
294 strncpy(username, p, MIN( UAM_USERNAMELEN, (q - p)) );
295 username[ UAM_USERNAMELEN+1] = '\0';
298 /* Parse input for password in next () */
300 if ((q = strrchr(data, ')' )) == NULL) {
301 LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: password not found in string");
305 strncpy(password, p, MIN(PASSWDLEN, q - p) );
306 password[ PASSWDLEN+1] = '\0';
309 /* Done copying username and password, clean up */
312 ulen = strlen(username);
314 if (( pwd = uam_getname(username, ulen)) == NULL ) {
315 LOG(log_info, logtype_uams, "Bad Login ClearTxtUAM: ( %s ) not found ",
320 if (uam_checkuser(pwd) < 0) {
321 /* syslog of error happens in uam_checkuser */
326 if (( sp = getspnam( pwd->pw_name )) == NULL ) {
327 LOG(log_info, logtype_uams, "Bad Login ClearTxtUAM: no shadow passwd entry for %s",
331 pwd->pw_passwd = sp->sp_pwdp;
332 #endif /* SHADOWPW */
334 if (!pwd->pw_passwd) {
335 LOG(log_info, logtype_uams, "Bad Login ClearTxtUAM: no password for %s",
341 if ( kcheckuser( pwd, password) == 0)
345 p = crypt(password, pwd->pw_passwd);
346 if (strcmp(p, pwd->pw_passwd) != 0) {
347 LOG(log_info, logtype_uams, "Bad Login ClearTxtUAM: %s: bad password", username);
351 /* Login successful */
352 append(out, loginok, strlen(loginok));
353 LOG(log_info, logtype_uams, "Login ClearTxtUAM: %s", username);
358 int uam_setup(const char *path)
360 if (uam_register_fn(UAM_SERVER_LOGIN_EXT, path, "Cleartxt Passwrd",
361 passwd_login, NULL, NULL, passwd_login_ext) < 0)
363 if (uam_register_fn(UAM_SERVER_PRINTAUTH, path, "ClearTxtUAM",
370 static int uam_setup(const char *path)
372 if (uam_register(UAM_SERVER_LOGIN_EXT, path, "Cleartxt Passwrd",
373 passwd_login, NULL, NULL, passwd_login_ext) < 0)
375 if (uam_register(UAM_SERVER_PRINTAUTH, path, "ClearTxtUAM",
384 static void uam_cleanup(void)
386 uam_unregister(UAM_SERVER_LOGIN, "Cleartxt Passwrd");
387 uam_unregister(UAM_SERVER_PRINTAUTH, "ClearTxtUAM");
390 UAM_MODULE_EXPORT struct uam_export uams_clrtxt = {
393 uam_setup, uam_cleanup