2 * $Id: uams_passwd.c,v 1.9 2001-05-22 19:13:36 rufustfirefly Exp $
4 * Copyright (c) 1990,1993 Regents of The University of Michigan.
5 * Copyright (c) 1999 Adrian Sun (asun@u.washington.edu)
6 * All Rights Reserved. See COPYRIGHT.
31 #include <atalk/afp.h>
32 #include <atalk/uam.h>
37 #include <sys/types.h>
38 #include <sys/security.h>
42 static int c2security = 0;
46 static int passwd_login(void *obj, struct passwd **uam_pwd,
47 char *ibuf, int ibuflen,
48 char *rbuf, int *rbuflen)
59 if (uam_afpserver_option(obj, UAM_OPTION_USERNAME,
60 (void *) &username, &ulen) < 0)
63 len = (unsigned char) *ibuf++;
65 return( AFPERR_PARAM );
68 memcpy(username, ibuf, len );
70 username[ len ] = '\0';
71 if ((unsigned long) ibuf & 1) /* pad character */
73 ibuf[ PASSWDLEN ] = '\0';
75 if (( pwd = uam_getname(username, ulen)) == NULL ) {
79 syslog(LOG_INFO, "cleartext login: %s", username);
80 if (uam_checkuser(pwd) < 0)
81 return AFPERR_NOTAUTH;
84 if (( sp = getspnam( pwd->pw_name )) == NULL ) {
85 syslog( LOG_INFO, "no shadow passwd entry for %s", username);
86 return AFPERR_NOTAUTH;
88 pwd->pw_passwd = sp->sp_pwdp;
92 return AFPERR_NOTAUTH;
97 if ( c2security == 1 ) {
98 struct pr_passwd *pr = getprpwnam( pwd->pw_name );
100 return AFPERR_NOTAUTH;
101 if ( strcmp( dispcrypt( rbuf, pr->ufld.fd_encrypt,
102 pr->ufld.fd_oldcrypt ), pr->ufld.fd_encrypt ) == 0 ) {
106 p = crypt( rbuf, pwd->pw_passwd );
107 memset(rbuf, 0, PASSWDLEN);
108 if ( strcmp( p, pwd->pw_passwd ) == 0 ) {
113 p = crypt( ibuf, pwd->pw_passwd );
114 if ( strcmp( p, pwd->pw_passwd ) == 0 )
118 return AFPERR_NOTAUTH;
124 static int passwd_changepw(void *obj, char *username,
125 struct passwd *pwd, char *ibuf,
126 int ibuflen, char *rbuf, int *rbuflen)
131 char pw[PASSWDLEN + 1], *p;
132 uid_t uid = geteuid();
134 if (uam_checkuser(pwd) < 0)
135 return AFPERR_ACCESS;
138 memcpy(pw, ibuf, PASSWDLEN);
139 memset(ibuf, 0, PASSWDLEN);
140 pw[PASSWDLEN] = '\0';
143 if (( sp = getspnam( pwd->pw_name )) == NULL ) {
144 syslog( LOG_INFO, "no shadow passwd entry for %s", username);
147 pwd->pw_passwd = sp->sp_pwdp;
150 p = crypt(pw, pwd->pw_passwd );
151 if (strcmp( p, pwd->pw_passwd )) {
152 memset(pw, 0, sizeof(pw));
153 return AFPERR_NOTAUTH;
158 ibuf[PASSWDLEN] = '\0';
168 /* Printer ClearTxtUAM login */
169 static int passwd_printer(start, stop, username, out)
170 char *start, *stop, *username;
178 char password[PASSWDLEN + 1] = "\0";
179 static const char *loginok = "0\r";
182 data = (char *)malloc(stop - start + 1);
183 strncpy(data, start, stop - start + 1);
185 /* We are looking for the following format in data:
186 * (username) (password)
188 * Let's hope username doesn't contain ") ("!
191 /* Parse input for username in () */
192 if ((p = strchr(data, '(' )) == NULL) {
193 syslog(LOG_INFO,"Bad Login ClearTxtUAM: username not found in string");
198 if ((q = strstr(data, ") (" )) == NULL) {
199 syslog(LOG_INFO,"Bad Login ClearTxtUAM: username not found in string");
203 strncpy(username, p, q - p);
205 /* Parse input for password in next () */
207 if ((q = strrchr(data, ')' )) == NULL) {
208 syslog(LOG_INFO,"Bad Login ClearTxtUAM: password not found in string");
212 strncpy(password, p, q - p);
214 /* Done copying username and password, clean up */
217 ulen = strlen(username);
219 if (( pwd = uam_getname(username, ulen)) == NULL ) {
220 syslog(LOG_INFO, "Bad Login ClearTxtUAM: ( %s ) not found ",
225 if (uam_checkuser(pwd) < 0) {
226 /* syslog of error happens in uam_checkuser */
231 if (( sp = getspnam( pwd->pw_name )) == NULL ) {
232 syslog(LOG_INFO, "Bad Login ClearTxtUAM: no shadow passwd entry for %s",
236 pwd->pw_passwd = sp->sp_pwdp;
239 if (!pwd->pw_passwd) {
240 syslog(LOG_INFO, "Bad Login ClearTxtUAM: no password for %s",
246 if ( kcheckuser( pwd, password) == 0)
250 p = crypt(password, pwd->pw_passwd);
251 if (strcmp(p, pwd->pw_passwd) != 0) {
252 syslog(LOG_INFO, "Bad Login ClearTxtUAM: %s: bad password", username);
256 /* Login successful */
257 append(out, loginok, strlen(loginok));
258 syslog(LOG_INFO, "Login ClearTxtUAM: %s", username);
263 static int uam_setup(const char *path)
268 char siad[] = "siad_ses_init=";
270 if ( access( SIAIGOODFILE, F_OK ) == -1 ) {
271 syslog( LOG_ERR, "clrtxt uam_setup: %s does not exist",
276 if ( ( f = fopen(MATRIX_CONF, "r" ) ) == NULL ) {
277 syslog( LOG_ERR, "clrtxt uam_setup: %s is unreadable",
282 while ( fgets( buf, sizeof(buf), f ) != NULL ) {
283 if ( strncmp( buf, siad, sizeof(siad) - 1 ) == 0 ) {
284 if ( strstr( buf, "OSFC2" ) != NULL )
292 syslog( LOG_INFO, "clrtxt uam_setup: security level %s",
293 c2security == 0 ? "BSD" : "OSFC2" );
296 if (uam_register(UAM_SERVER_LOGIN, path, "Cleartxt Passwrd",
297 passwd_login, NULL, NULL) < 0)
299 if (uam_register(UAM_SERVER_PRINTAUTH, path, "ClearTxtUAM",
306 static void uam_cleanup(void)
308 uam_unregister(UAM_SERVER_LOGIN, "Cleartxt Passwrd");
309 uam_unregister(UAM_SERVER_PRINTAUTH, "ClearTxtUAM");
312 UAM_MODULE_EXPORT struct uam_export uams_clrtxt = {
315 uam_setup, uam_cleanup