/*	$OpenBSD: login_chpass.c,v 1.15 2006/03/09 19:14:09 millert Exp $	*/

/*-
 * Copyright (c) 1995,1996 Berkeley Software Design, Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *      This product includes software developed by Berkeley Software Design,
 *      Inc.
 * 4. The name of Berkeley Software Design, Inc.  may not be used to endorse
 *    or promote products derived from this software without specific prior
 *    written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN, INC. ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN, INC. BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 *	BSDI $From: login_chpass.c,v 1.3 1996/08/21 21:01:48 prb Exp $
 */
#include <sys/param.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <sys/file.h>
#include <sys/uio.h>
#include <sys/wait.h>

#include <err.h>
#include <errno.h>
#include <pwd.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <unistd.h>
#include <login_cap.h>

#ifdef YP
# include <netdb.h>
# include <rpc/rpc.h>
# include <rpcsvc/yp_prot.h>
# include <rpcsvc/ypclnt.h>
# define passwd yp_passwd_rec
# include <rpcsvc/yppasswd.h>
# undef passwd
#endif

#define	_PATH_LOGIN_LCHPASS	"/usr/libexec/auth/login_lchpass"

#define BACK_CHANNEL	3

#ifdef  YP
struct iovec iov[2] = { { BI_SILENT, sizeof(BI_SILENT) - 1 }, { "\n", 1 } };

int	_yp_check(char **);
char	*ypgetnewpasswd(struct passwd *, char **);
struct passwd *ypgetpwnam(char *);
void	kbintr(int);
int	pwd_gensalt(char *, int, login_cap_t *, char);
#endif

void	local_chpass(char **);
void	yp_chpass(char *);

int
main(int argc, char *argv[])
{
#ifdef YP
	char *username;
#endif
	struct rlimit rl;
	int c;

	rl.rlim_cur = 0;
	rl.rlim_max = 0;
	(void)setrlimit(RLIMIT_CORE, &rl);

	(void)setpriority(PRIO_PROCESS, 0, 0);

	openlog("login", LOG_ODELAY, LOG_AUTH);

	while ((c = getopt(argc, argv, "s:v:")) != -1)
		switch (c) {
		case 'v':
			break;
		case 's':	/* service */
			if (strcmp(optarg, "login") != 0) {
				syslog(LOG_ERR, "%s: invalid service", optarg);
				exit(1);
			}
			break;
		default:
			syslog(LOG_ERR, "usage error");
			exit(1);
		}

	switch (argc - optind) {
	case 2:
		/* class is not used */
	case 1:
#ifdef YP
		username = argv[optind];
#endif
		break;
	default:
		syslog(LOG_ERR, "usage error");
		exit(1);
	}

#ifdef  YP
	if (_yp_check(NULL))
		yp_chpass(username);
#endif
	local_chpass(argv);
	/* NOTREACHED */
	exit(0);
}

void
local_chpass(char *argv[])
{

	/* login_lchpass doesn't check instance so don't bother restoring it */
	argv[0] = strrchr(_PATH_LOGIN_LCHPASS, '/') + 1;
	execv(_PATH_LOGIN_LCHPASS, argv);
	syslog(LOG_ERR, "%s: %m", _PATH_LOGIN_LCHPASS);
	exit(1);
}

#ifdef YP
void
yp_chpass(char *username)
{
	char *master;
	int r, rpcport, status;
	struct yppasswd yppasswd;
	struct passwd *pw;
	struct timeval tv;
	CLIENT *client;
	extern char *domain;

	(void)signal(SIGINT, kbintr);
	(void)signal(SIGQUIT, kbintr);

	if ((r = yp_get_default_domain(&domain)) != 0) {
		warnx("can't get local YP domain. Reason: %s", yperr_string(r));
		exit(1);
	}

	/*
	 * Find the host for the passwd map; it should be running
	 * the daemon.
	 */
	if ((r = yp_master(domain, "passwd.byname", &master)) != 0) {
		warnx("can't find the master YP server. Reason: %s",
		    yperr_string(r));
		exit(1);
	}

	/* Ask the portmapper for the port of the daemon. */
	if ((rpcport = getrpcport(master, YPPASSWDPROG,
	    YPPASSWDPROC_UPDATE, IPPROTO_UDP)) == 0) {
		warnx("master YP server not running yppasswd daemon.");
		warnx("Can't change password.");
		exit(1);
	}

	if (rpcport >= IPPORT_RESERVED) {
		warnx("yppasswd daemon is on an invalid port.");
		exit(1);
	}

	/* If user doesn't exist, just prompt for old password and exit. */
	pw = ypgetpwnam(username);
	if (pw) {
		if (pw->pw_uid == 0) {
			syslog(LOG_ERR, "attempted root password change");
			pw = NULL;
		} else if (*pw->pw_passwd == '\0') {
			syslog(LOG_ERR, "%s attempting to add password",
			    username);
			pw = NULL;
		}
	}
	if (pw == NULL) {
		char *p, salt[_PASSWORD_LEN + 1];
		login_cap_t *lc;

		/* no such user, get appropriate salt to thwart timing attack */
		if ((p = getpass("Old password:")) != NULL) {
			if ((lc = login_getclass(NULL)) == NULL ||
			    pwd_gensalt(salt, sizeof(salt), lc, 'y') == 0)
				strlcpy(salt, "xx", sizeof(salt));
			crypt(p, salt);
			memset(p, 0, strlen(p));
		}
		warnx("YP passwd database unchanged.");
		exit(1);
	}

	/* prompt for new password */
	yppasswd.newpw.pw_passwd = ypgetnewpasswd(pw, &yppasswd.oldpass);

	/* tell rpc.yppasswdd */
	yppasswd.newpw.pw_name	= pw->pw_name;
	yppasswd.newpw.pw_uid	= pw->pw_uid;
	yppasswd.newpw.pw_gid	= pw->pw_gid;
	yppasswd.newpw.pw_gecos = pw->pw_gecos;
	yppasswd.newpw.pw_dir	= pw->pw_dir;
	yppasswd.newpw.pw_shell	= pw->pw_shell;

	client = clnt_create(master, YPPASSWDPROG, YPPASSWDVERS, "udp");
	if (client == NULL) {
		warnx("cannot contact yppasswdd on %s: Reason: %s",
		    master, yperr_string(YPERR_YPBIND));
		free(yppasswd.newpw.pw_passwd);
		exit(1);
	}
	client->cl_auth = authunix_create_default();
	tv.tv_sec = 2;
	tv.tv_usec = 0;
	r = clnt_call(client, YPPASSWDPROC_UPDATE,
	    xdr_yppasswd, &yppasswd, xdr_int, &status, tv);
	if (r)
		warnx("rpc to yppasswdd failed.");
	else if (status) {
		printf("Couldn't change YP password.\n");
		free(yppasswd.newpw.pw_passwd);
		exit(1);
	}
	printf("The YP password has been changed on %s, the master YP passwd server.\n",
	    master);
	free(yppasswd.newpw.pw_passwd);
	(void)writev(BACK_CHANNEL, iov, 2);
	exit(0);
}

/* ARGSUSED */
void
kbintr(int signo)
{
	char msg[] = "YP passwd database unchanged.\n";
	struct iovec iv[3];
	extern char *__progname;

	iv[0].iov_base = __progname;
	iv[0].iov_len = strlen(__progname);
	iv[1].iov_base = ": ";
	iv[1].iov_len = 2;
	iv[2].iov_base = msg;
	iv[2].iov_len = sizeof(msg) - 1;
	writev(STDERR_FILENO, iv, 3);

	_exit(1);
}
#endif