home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Linux Cubed Series 7: Sunsite
/
Linux Cubed Series 7 - Sunsite Vol 1.iso
/
system
/
admin
/
pwdutils.00
/
pwdutils
/
pwdutils-1.00
/
readpwd.c
< prev
next >
Wrap
C/C++ Source or Header
|
1996-05-07
|
3KB
|
120 lines
#include <pwd.h>
#include <time.h>
#include <ctype.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include "pwdutils.h"
#define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.')
char *getoldpwd(struct passwd *pwd)
{
static char oldpwd[20];
strncpy(oldpwd,getpass("Enter old password: "),sizeof(oldpwd)-1);
if(strncmp(pwd->pw_passwd, crypt(oldpwd, pwd->pw_passwd), 13))
{
fprintf(stderr,"Wrong password.\n");
exit(1);
}
return oldpwd;
}
char *getnewpwd(struct passwd *pwd)
{
char *pwdstr = NULL, *cryptstr, *p, *q;
int ucase, lcase, other, r;
char pwdstr1[10];
char salt[2];
uid_t gotuid;
time_t tm;
gotuid = getuid();
redo_it:
pwdstr = getpass("Enter new password: ");
if (pwdstr[0] == '\0' && gotuid != 0)
{
printf("Password not changed.");
exit(1);
}
if((strlen(pwdstr) < 6) && gotuid)
{
printf("The password must have at least 6 characters, try again.");
goto redo_it;
}
other = ucase = lcase = 0;
for(p = pwdstr; *p; p++) {
ucase = ucase || isupper(*p);
lcase = lcase || islower(*p);
other = other || !isalpha(*p);
}
if((!ucase || !lcase) && !other && gotuid)
{
printf("The password must have both upper- and lowercase");
printf("letters, or non-letters; try again.");
goto redo_it;
}
if (pwd->pw_passwd[0]
&& !strncmp(pwd->pw_passwd, crypt(pwdstr, pwd->pw_passwd), 13)
&& gotuid)
{
printf("You cannot reuse the old password.");
goto redo_it;
}
r = 0;
for(p = pwdstr, q = pwd->pw_name; *q && *p; q++, p++)
{
if(tolower(*p) != tolower(*q))
{
r = 1;
break;
}
}
for(p = pwdstr + strlen(pwdstr)-1, q = pwd->pw_name;
*q && p >= pwdstr; q++, p--)
{
if(tolower(*p) != tolower(*q))
{
r += 2;
break;
}
}
if(gotuid && r != 3)
{
puts("Please don't use something like your username as password!");
goto redo_it;
}
/* do various other checks for stupid passwords here... */
strncpy(pwdstr1, pwdstr, 9);
pwdstr = getpass("Re-type new password: ");
if(strncmp(pwdstr, pwdstr1, 8))
{
puts("You misspelled it. Password not changed.");
exit(1);
}
time(&tm);
salt[0] = bin_to_ascii(tm & 0x3f);
salt[1] = bin_to_ascii((tm >> 6) & 0x3f);
cryptstr = crypt(pwdstr, salt);
if (pwdstr[0] == 0) cryptstr = "";
return cryptstr;
}