/*
- * $Id: uams_passwd.c,v 1.19 2002-10-17 18:01:55 didg Exp $
+ * $Id: uams_passwd.c,v 1.28 2009-11-05 14:38:07 franklahm Exp $
*
* Copyright (c) 1990,1993 Regents of The University of Michigan.
* Copyright (c) 1999 Adrian Sun (asun@u.washington.edu)
*/
#ifdef HAVE_CONFIG_H
-#include "config.h"
+#include <config.h>
#endif /* HAVE_CONFIG_H */
+#include <sys/types.h>
+/* crypt needs _XOPEN_SOURCE (500) at least on BSD, but that breaks Solaris compile */
+#ifdef NETBSD
+#define _XOPEN_SOURCE 500 /* for crypt() */
+#endif
+#ifdef FREEBSD
+#define _XOPEN_SOURCE /* for crypt() */
+#endif
+
#include <stdio.h>
#include <stdlib.h>
-
/* STDC check */
#if STDC_HEADERS
#include <string.h>
#define memmove(d,s,n) bcopy ((s), (d), (n))
#endif /* ! HAVE_MEMCPY */
#endif /* STDC_HEADERS */
-
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif /* HAVE_UNISTD_H */
-#ifndef NO_CRYPT_H
+#ifdef HAVE_CRYPT_H
#include <crypt.h>
-#endif /* ! NO_CRYPT_H */
+#endif /* ! HAVE_CRYPT_H */
#include <pwd.h>
-#include <atalk/logger.h>
-
-#ifdef SOLARIS
-#define SHADOWPW
-#endif /* SOLARIS */
-
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_TIME_H
+#include <time.h>
+#endif
#ifdef SHADOWPW
#include <shadow.h>
#endif /* SHADOWPW */
#include <atalk/afp.h>
+#include <atalk/logger.h>
#include <atalk/uam.h>
+#include <atalk/util.h>
#define PASSWDLEN 8
+#ifndef MIN
+#define MIN(a,b) ((a) < (b) ? (a) : (b))
+#endif /* MIN */
+
+
#ifdef TRU64
#include <sia.h>
#include <siad.h>
-static char *clientname;
+static const char *clientname;
#endif /* TRU64 */
+/*XXX in etc/papd/file.h */
+struct papfile;
+extern void append(struct papfile *, const char *, int);
+
static int pwd_login(void *obj, char *username, int ulen, struct passwd **uam_pwd,
- char *ibuf, int ibuflen,
- char *rbuf, int *rbuflen)
+ char *ibuf, size_t ibuflen,
+ char *rbuf _U_, size_t *rbuflen _U_)
{
char *p;
struct passwd *pwd;
+ int err = AFP_OK;
#ifdef SHADOWPW
struct spwd *sp;
#endif /* SHADOWPW */
}
ibuf[ PASSWDLEN ] = '\0';
- if (( pwd = uam_getname(username, ulen)) == NULL ) {
+ if (( pwd = uam_getname(obj, username, ulen)) == NULL ) {
return AFPERR_PARAM;
}
return AFPERR_NOTAUTH;
}
pwd->pw_passwd = sp->sp_pwdp;
+
+ if (sp && sp->sp_max != -1 && sp->sp_lstchg) {
+ time_t now = time(NULL) / (60*60*24);
+ int32_t expire_days = sp->sp_lstchg - now + sp->sp_max;
+ if ( expire_days < 0 ) {
+ LOG(log_info, logtype_uams, "Password for user %s expired", username);
+ err = AFPERR_PWDEXPR;
+ }
+ }
#endif /* SHADOWPW */
if (!pwd->pw_passwd) {
NULL, FALSE, NULL, ibuf ) != SIASUCCESS )
return AFPERR_NOTAUTH;
- return AFP_OK;
+ return err;
}
#else /* TRU64 */
p = crypt( ibuf, pwd->pw_passwd );
if ( strcmp( p, pwd->pw_passwd ) == 0 )
- return AFP_OK;
+ return err;
#endif /* TRU64 */
return AFPERR_NOTAUTH;
/* cleartxt login */
static int passwd_login(void *obj, struct passwd **uam_pwd,
- char *ibuf, int ibuflen,
- char *rbuf, int *rbuflen)
+ char *ibuf, size_t ibuflen,
+ char *rbuf, size_t *rbuflen)
{
char *username;
- int len, ulen;
+ size_t len, ulen;
*rbuflen = 0;
(void *) &username, &ulen) < 0)
return AFPERR_MISC;
- if (ibuflen <= 1) {
+ if (ibuflen < 2) {
return( AFPERR_PARAM );
}
len bytes unicode name
*/
static int passwd_login_ext(void *obj, char *uname, struct passwd **uam_pwd,
- char *ibuf, int ibuflen,
- char *rbuf, int *rbuflen)
+ char *ibuf, size_t ibuflen,
+ char *rbuf, size_t *rbuflen)
{
char *username;
- int len, ulen;
+ size_t len, ulen;
u_int16_t temp16;
*rbuflen = 0;
/* change passwd */
static int passwd_changepw(void *obj, char *username,
struct passwd *pwd, char *ibuf,
- int ibuflen, char *rbuf, int *rbuflen)
+ size_t ibuflen, char *rbuf, size_t *rbuflen)
{
#ifdef SHADOWPW
struct spwd *sp;
/* Printer ClearTxtUAM login */
-static int passwd_printer(start, stop, username, out)
-char *start, *stop, *username;
-struct papfile *out;
+static int passwd_printer(char *start, char *stop, char *username, struct papfile *out)
{
struct passwd *pwd;
#ifdef SHADOWPW
int ulen;
data = (char *)malloc(stop - start + 1);
- strncpy(data, start, stop - start + 1);
+ if (!data) {
+ LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: malloc");
+ return(-1);
+ }
+ strlcpy(data, start, stop - start + 1);
/* We are looking for the following format in data:
* (username) (password)
return(-1);
}
p++;
- if ((q = strstr(data, ") (" )) == NULL) {
+ if ((q = strstr(p, ") (" )) == NULL) {
LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: username not found in string");
free(data);
return(-1);
}
- strncpy(username, p, q - p);
+ memcpy(username, p, MIN( UAM_USERNAMELEN, q - p ));
/* Parse input for password in next () */
p = q + 3;
- if ((q = strrchr(data, ')' )) == NULL) {
+ if ((q = strrchr(p , ')' )) == NULL) {
LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: password not found in string");
free(data);
return(-1);
}
- strncpy(password, p, q - p);
+ memcpy(password, p, MIN(PASSWDLEN, q - p) );
/* Done copying username and password, clean up */
free(data);
ulen = strlen(username);
- if (( pwd = uam_getname(username, ulen)) == NULL ) {
+ if (( pwd = uam_getname(NULL, username, ulen)) == NULL ) {
LOG(log_info, logtype_uams, "Bad Login ClearTxtUAM: ( %s ) not found ",
username);
return(-1);
return(-1);
}
pwd->pw_passwd = sp->sp_pwdp;
+
+ if (sp && sp->sp_max != -1 && sp->sp_lstchg) {
+ time_t now = time(NULL) / (60*60*24);
+ int32_t expire_days = sp->sp_lstchg - now + sp->sp_max;
+ if ( expire_days < 0 ) {
+ LOG(log_info, logtype_uams, "Password for user %s expired", username);
+ return (-1);
+ }
+ }
+
#endif /* SHADOWPW */
if (!pwd->pw_passwd) {
return(0);
}
-#ifdef ATACC
-int uam_setup(const char *path)
-{
- if (uam_register_fn(UAM_SERVER_LOGIN_EXT, path, "Cleartxt Passwrd",
- passwd_login, NULL, NULL, passwd_login_ext) < 0)
- return -1;
- if (uam_register_fn(UAM_SERVER_PRINTAUTH, path, "ClearTxtUAM",
- passwd_printer) < 0)
- return -1;
-
- return 0;
-}
-#else
static int uam_setup(const char *path)
{
if (uam_register(UAM_SERVER_LOGIN_EXT, path, "Cleartxt Passwrd",
return 0;
}
-#endif
-
static void uam_cleanup(void)
{
uam_unregister(UAM_SERVER_LOGIN, "Cleartxt Passwrd");
UAM_MODULE_VERSION,
uam_setup, uam_cleanup
};
+
+UAM_MODULE_EXPORT struct uam_export uams_passwd = {
+ UAM_MODULE_SERVER,
+ UAM_MODULE_VERSION,
+ uam_setup, uam_cleanup
+ };
projects / netatalk.git / blobdiff