home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
rtsi.com
/
2014.01.www.rtsi.com.tar
/
www.rtsi.com
/
OS9
/
OSK
/
TELECOM
/
stg_v4.lzh
/
password.c
< prev
next >
Wrap
C/C++ Source or Header
|
1994-11-11
|
5KB
|
290 lines
/*
* password - change user password
*
* 92/10/29 StG - new code from scratch for v4
*/
#include "stgnet.h"
#include "pwd.h"
long lseek();
struct passwd *pw;
char buf[256];
char sysop_pw[32];
new(old)
int old;
{
char *p;
int zero=0;
char dir[64];
setpwent();
while (pw=getpwent())
{
if (!pw->pw_passwd || !*pw->pw_passwd || *pw->pw_passwd==' ')
strcpy(buf," no password ");
else if (strlen(pw->pw_passwd)==13)
strcpy(buf,pw->pw_passwd);
else
strcpy(buf,crypt(pw->pw_passwd,salt(pw->pw_name,pw->pw_passwd)));
if (old)
{
/* swap exec & home dirs (old bug) */
p=pw->pw_xdir;
pw->pw_xdir=pw->pw_dir;
pw->pw_dir=p;
/* name is after options field in old format */
p=strcut(pw->pw_gecos,',');
if (p)
strcut(p,',');
else
p="";
pw->pw_gecos=p;
/* mangle user id from old format */
pw->pw_uid=(pw->pw_uid&0xFFFF0000)>>16;
if (pw->pw_uid)
pw->pw_uid=((pw->pw_uid&0xFF00)<<8) + (pw->pw_uid&0x00FF) + 0x00010000;
else
pw->pw_uid=zero++;
if (!pw->pw_pri)
pw->pw_pri=128;
if (!pw->pw_xdir || !*pw->pw_xdir)
pw->pw_xdir="/DD/CMDS";
if (!pw->pw_dir || !*pw->pw_dir)
pw->pw_dir=stringf(dir,"/DD/USER/%s",pw->pw_name);
if (!pw->pw_shell || !*pw->pw_shell)
pw->pw_shell="smenu";
}
stringf(b,"%s,%s,%d.%d,%d,%s,%s,%s,%s\n",
pw->pw_name,
buf,
(pw->pw_uid&0xFFFF0000)>>16,
(pw->pw_uid&0x0000FFFF),
pw->pw_pri,
pw->pw_xdir,
pw->pw_dir,
pw->pw_shell,
pw->pw_gecos);
writeln(1,b,256);
}
exit(0);
}
main(argc,argv)
char **argv;
{
int hPW;
int n;
char *p;
long pos;
int uid;
dash(argv)
{
case '#':
wstringf(2,"password: %s\n",STG_VER);
exit(0);
case '?':
writeln(2,"password {user} - change user password\n",80);
STGVER;
exit(0);
case 'n':
if (getuid())
exit(164);
new(0);
case '3':
if (getuid())
exit(164);
new(1);
default:
stringf(b,"password: invalid option: %s\n",--*argv);
writeln(2,b,80);
exit(1);
}
*sysop_pw=0;
pw=getpwuid(0);
if (pw)
strcpy(sysop_pw,pw->pw_passwd);
if (*argv)
{
pw=getpwnam(*argv);
if (!pw)
{
writeln(2,stringf(b,"password: no such user %s\n",*argv),80);
exit(1);
}
}
else
{
pw=getpwuid(getuid());
if (!pw)
{
syslog(LOG_EMERG,"unknown user # %d",getuid());
writeln(2,"Who are you?\n",80);
exit(1);
}
}
stringf(b,"Changing password for %s\n",pw->pw_name);
writeln(2,b,80);
if (setuid(0)==ERR)
{
syslog(LOG_ALERT,"cant setuid %m");
writeln(2,"password: internal error - contact sysop\n",80);
exit(1);
}
/* locate password entry */
hPW=open(PWD_FILE,O_RDWR);
if (hPW==ERR)
{
syslog(LOG_ALERT,"cant open %s %m",PWD_FILE);
writeln(2,"password: internal error - contact sysop\n",80);
exit(1);
}
while (n=readln(hPW,buf,256))
{
if (n==ERR)
{
syslog(LOG_ALERT,"read error %m");
writeln(2,"password: internal error - contact sysop\n",80);
exit(1);
}
pos=lseek(hPW,0L,1)-n;
p=strcut(buf,',');
if (!p)
{
n=0;
break;
}
if (!strcmp(buf,pw->pw_name))
break;
}
if (!n)
{
syslog(LOG_ALERT,"cant find user %s",pw->pw_name);
writeln(2,"Who are you?\n",80);
exit(1);
}
strcut(p,',');
n=strlen(p);
if (!n)
{
syslog(LOG_ERR,"zero length password for user %s",pw->pw_name);
if (pw->pw_uid<=15)
writeln(2,"Cant change zero length password - edit file manually please\n",80);
else
writeln(2,"Cant change your password - contact sysop\n",80);
exit(1);
}
pos+=strlen(buf)+1;
lseek(hPW,pos,0);
if (*p==' ')
goto pass;
writeln(2,"Enter old password for verification:\n",80);
writeln(2,"Password: ",10);
if (get_line(b,32,'*')==ERR)
exit(1);
if (strlen(pw->pw_passwd)==13)
{
strlcs(b);
if (!strcmp(pw->pw_passwd,crypt(b,pw->pw_passwd)))
goto pass;
if (!strcmp(sysop_pw,crypt(b,sysop_pw)))
goto pass;
}
else
{
if (!strcmp(pw->pw_passwd,b))
goto pass;
}
syslog(LOG_BADPW,"%s (%s)",pw->pw_name,pw->pw_gecos);
writeln(2,"BAD PASSWORD\7\n",80);
exit(1);
pass:
writeln(2,"Enter new password twice:\n",80);
writeln(2,"Password: ",10);
if (get_line(b,32,'*')==ERR)
exit(1);
writeln(2,"Password: ",10);
if (get_line(b+64,32,'*')==ERR)
exit(1);
if (strcmp(b,b+64))
{
writeln(2,"Please try again\n",80);
goto pass;
}
if (!*b)
{
memset(b,32,128);
if (write(hPW,b,n)==ERR)
{
syslog(LOG_ALERT,"write error to pw file %m");
writeln(2,"password: internal write error - contact sysop\n",80);
exit(1);
}
writeln(2,"Password removed\n",80);
exit(0);
}
if (n==13)
{
strlcs(b);
if (write(hPW,crypt(b,salt(pw->pw_name,b)),13)==ERR)
{
syslog(LOG_ALERT,"write error to pw file %m");
writeln(2,"password: internal write error - contact sysop\n",80);
exit(1);
}
writeln(2,"Password changed\n",80);
exit(0);
}
if (strlen(b)>n)
{
writeln(2,stringf(b,"Your password can only be %d characters long\n",n),80);
goto pass;
}
memset(b+strlen(b),32,64);
if (write(hPW,b,n)==ERR)
{
syslog(LOG_ALERT,"write error to pw file %m");
writeln(2,"password: internal write error - contact sysop\n",80);
exit(1);
}
writeln(2,"Password changed\n",80);
exit(0);
}
