19a10bb17SJohn Polstra /*-
25e53a4f9SPedro F. Giffuni * SPDX-License-Identifier: BSD-3-Clause
35e53a4f9SPedro F. Giffuni *
49a10bb17SJohn Polstra * Copyright 1998 Juniper Networks, Inc.
59a10bb17SJohn Polstra * All rights reserved.
64d6991c6SDag-Erling Smørgrav * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
7e9cc7b1dSDag-Erling Smørgrav * All rights reserved.
8e9cc7b1dSDag-Erling Smørgrav *
9e9cc7b1dSDag-Erling Smørgrav * Portions of this software was developed for the FreeBSD Project by
10e9cc7b1dSDag-Erling Smørgrav * ThinkSec AS and NAI Labs, the Security Research Division of Network
11e9cc7b1dSDag-Erling Smørgrav * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
12e9cc7b1dSDag-Erling Smørgrav * ("CBOSS"), as part of the DARPA CHATS research program.
139a10bb17SJohn Polstra *
149a10bb17SJohn Polstra * Redistribution and use in source and binary forms, with or without
159a10bb17SJohn Polstra * modification, are permitted provided that the following conditions
169a10bb17SJohn Polstra * are met:
179a10bb17SJohn Polstra * 1. Redistributions of source code must retain the above copyright
189a10bb17SJohn Polstra * notice, this list of conditions and the following disclaimer.
199a10bb17SJohn Polstra * 2. Redistributions in binary form must reproduce the above copyright
209a10bb17SJohn Polstra * notice, this list of conditions and the following disclaimer in the
219a10bb17SJohn Polstra * documentation and/or other materials provided with the distribution.
22e9cc7b1dSDag-Erling Smørgrav * 3. The name of the author may not be used to endorse or promote
23e9cc7b1dSDag-Erling Smørgrav * products derived from this software without specific prior written
24e9cc7b1dSDag-Erling Smørgrav * permission.
259a10bb17SJohn Polstra *
269a10bb17SJohn Polstra * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
279a10bb17SJohn Polstra * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
289a10bb17SJohn Polstra * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
299a10bb17SJohn Polstra * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
309a10bb17SJohn Polstra * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
319a10bb17SJohn Polstra * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
329a10bb17SJohn Polstra * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
339a10bb17SJohn Polstra * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
349a10bb17SJohn Polstra * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
359a10bb17SJohn Polstra * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
369a10bb17SJohn Polstra * SUCH DAMAGE.
379a10bb17SJohn Polstra */
389a10bb17SJohn Polstra
39e9cc7b1dSDag-Erling Smørgrav #include <sys/param.h>
40e9cc7b1dSDag-Erling Smørgrav #include <sys/socket.h>
41d65b34dbSJohn Polstra #include <sys/time.h>
42e9cc7b1dSDag-Erling Smørgrav #include <netinet/in.h>
43e9cc7b1dSDag-Erling Smørgrav #include <arpa/inet.h>
44e9cc7b1dSDag-Erling Smørgrav
45d65b34dbSJohn Polstra #include <login_cap.h>
46e9cc7b1dSDag-Erling Smørgrav #include <netdb.h>
479a10bb17SJohn Polstra #include <pwd.h>
489a10bb17SJohn Polstra #include <stdlib.h>
499a10bb17SJohn Polstra #include <string.h>
50d65b34dbSJohn Polstra #include <stdio.h>
517f28386aSDag-Erling Smørgrav #include <syslog.h>
52beb8ef4aSDag-Erling Smørgrav #include <time.h>
539a10bb17SJohn Polstra #include <unistd.h>
549a10bb17SJohn Polstra
55f1d05925SDag-Erling Smørgrav #include <libutil.h>
563d55a6c0SMark Murray
573d55a6c0SMark Murray #ifdef YP
58c82bffaaSDag-Erling Smørgrav #include <ypclnt.h>
593d55a6c0SMark Murray #endif
603d55a6c0SMark Murray
619a10bb17SJohn Polstra #define PAM_SM_AUTH
62d65b34dbSJohn Polstra #define PAM_SM_ACCOUNT
633d55a6c0SMark Murray #define PAM_SM_PASSWORD
643d55a6c0SMark Murray
658c66575dSDag-Erling Smørgrav #include <security/pam_appl.h>
669a10bb17SJohn Polstra #include <security/pam_modules.h>
678c66575dSDag-Erling Smørgrav #include <security/pam_mod_misc.h>
689a10bb17SJohn Polstra
693d55a6c0SMark Murray #define PASSWORD_HASH "md5"
701642eb1aSMark Murray #define DEFAULT_WARN (2L * 7L * 86400L) /* Two weeks */
718c3ea588SMark Murray #define SALTSIZE 32
728c3ea588SMark Murray
73cf21ead5SYaroslav Tykhiy #define LOCKED_PREFIX "*LOCKED*"
74cf21ead5SYaroslav Tykhiy #define LOCKED_PREFIX_LEN (sizeof(LOCKED_PREFIX) - 1)
75cf21ead5SYaroslav Tykhiy
76*5ceec6c1SJohn Baldwin static void makesalt(char [SALTSIZE + 1]);
771642eb1aSMark Murray
78ac569969SMark Murray static char password_hash[] = PASSWORD_HASH;
79ac569969SMark Murray
80545aa471SDag-Erling Smørgrav #define PAM_OPT_LOCAL_PASS "local_pass"
81545aa471SDag-Erling Smørgrav #define PAM_OPT_NIS_PASS "nis_pass"
829a10bb17SJohn Polstra
83d65b34dbSJohn Polstra /*
84d65b34dbSJohn Polstra * authentication management
85d65b34dbSJohn Polstra */
869a10bb17SJohn Polstra PAM_EXTERN int
pam_sm_authenticate(pam_handle_t * pamh,int flags,int argc __unused,const char * argv[]__unused)876f4d99c6SFelix Palmen pam_sm_authenticate(pam_handle_t *pamh, int flags,
88545aa471SDag-Erling Smørgrav int argc __unused, const char *argv[] __unused)
899a10bb17SJohn Polstra {
903d55a6c0SMark Murray login_cap_t *lc;
919a10bb17SJohn Polstra struct passwd *pwd;
921642eb1aSMark Murray int retval;
93f2f306b6SRuslan Ermilov const char *pass, *user, *realpw, *prompt;
94bfd8b9b8SEdward Tomasz Napierala const char *emptypasswd = "";
959a10bb17SJohn Polstra
96545aa471SDag-Erling Smørgrav if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) {
971843e23cSDimitry Andric user = getlogin();
9850000f00SDag-Erling Smørgrav } else {
991642eb1aSMark Murray retval = pam_get_user(pamh, &user, NULL);
1001642eb1aSMark Murray if (retval != PAM_SUCCESS)
10124fe7ba0SDag-Erling Smørgrav return (retval);
1024448b21cSMark Murray }
1031843e23cSDimitry Andric pwd = getpwnam(user);
1041642eb1aSMark Murray
1051642eb1aSMark Murray PAM_LOG("Got user: %s", user);
1061642eb1aSMark Murray
1074448b21cSMark Murray if (pwd != NULL) {
1081642eb1aSMark Murray PAM_LOG("Doing real authentication");
10950000f00SDag-Erling Smørgrav realpw = pwd->pw_passwd;
11050000f00SDag-Erling Smørgrav if (realpw[0] == '\0') {
11150000f00SDag-Erling Smørgrav if (!(flags & PAM_DISALLOW_NULL_AUTHTOK) &&
112545aa471SDag-Erling Smørgrav openpam_get_option(pamh, PAM_OPT_NULLOK))
11324fe7ba0SDag-Erling Smørgrav return (PAM_SUCCESS);
11479b67c8dSDag-Erling Smørgrav PAM_LOG("Password is empty, using fake password");
11550000f00SDag-Erling Smørgrav realpw = "*";
1161642eb1aSMark Murray }
117bfd8b9b8SEdward Tomasz Napierala /*
118bfd8b9b8SEdward Tomasz Napierala * Check whether the saved password hash matches the one
119bfd8b9b8SEdward Tomasz Napierala * generated from an empty password - as opposed to empty
120bfd8b9b8SEdward Tomasz Napierala * saved password hash, which is handled above.
121bfd8b9b8SEdward Tomasz Napierala */
122bfd8b9b8SEdward Tomasz Napierala if (!(flags & PAM_DISALLOW_NULL_AUTHTOK) &&
123bfd8b9b8SEdward Tomasz Napierala openpam_get_option(pamh, PAM_OPT_EMPTYOK) &&
124bfd8b9b8SEdward Tomasz Napierala strcmp(crypt(emptypasswd, realpw), realpw) == 0)
125bfd8b9b8SEdward Tomasz Napierala return (PAM_SUCCESS);
126a8b1e59eSDag-Erling Smørgrav lc = login_getpwclass(pwd);
12750000f00SDag-Erling Smørgrav } else {
1281642eb1aSMark Murray PAM_LOG("Doing dummy authentication");
12950000f00SDag-Erling Smørgrav realpw = "*";
130a8b1e59eSDag-Erling Smørgrav lc = login_getclass(NULL);
13150000f00SDag-Erling Smørgrav }
13250000f00SDag-Erling Smørgrav prompt = login_getcapstr(lc, "passwd_prompt", NULL, NULL);
13350000f00SDag-Erling Smørgrav retval = pam_get_authtok(pamh, PAM_AUTHTOK, &pass, prompt);
134a8b1e59eSDag-Erling Smørgrav login_close(lc);
1351642eb1aSMark Murray if (retval != PAM_SUCCESS)
13624fe7ba0SDag-Erling Smørgrav return (retval);
1371642eb1aSMark Murray PAM_LOG("Got password");
13879b67c8dSDag-Erling Smørgrav if (strnlen(pass, _PASSWORD_LEN + 1) > _PASSWORD_LEN) {
13979b67c8dSDag-Erling Smørgrav PAM_LOG("Password is too long, using fake password");
14079b67c8dSDag-Erling Smørgrav realpw = "*";
14179b67c8dSDag-Erling Smørgrav }
14250000f00SDag-Erling Smørgrav if (strcmp(crypt(pass, realpw), realpw) == 0)
14324fe7ba0SDag-Erling Smørgrav return (PAM_SUCCESS);
1441642eb1aSMark Murray
1453d55a6c0SMark Murray PAM_VERBOSE_ERROR("UNIX authentication refused");
14624fe7ba0SDag-Erling Smørgrav return (PAM_AUTH_ERR);
1479a10bb17SJohn Polstra }
1489a10bb17SJohn Polstra
1499a10bb17SJohn Polstra PAM_EXTERN int
pam_sm_setcred(pam_handle_t * pamh __unused,int flags __unused,int argc __unused,const char * argv[]__unused)15024fe7ba0SDag-Erling Smørgrav pam_sm_setcred(pam_handle_t *pamh __unused, int flags __unused,
15124fe7ba0SDag-Erling Smørgrav int argc __unused, const char *argv[] __unused)
1529a10bb17SJohn Polstra {
1533d55a6c0SMark Murray
15424fe7ba0SDag-Erling Smørgrav return (PAM_SUCCESS);
1559a10bb17SJohn Polstra }
1569294327dSJohn Polstra
157d65b34dbSJohn Polstra /*
158d65b34dbSJohn Polstra * account management
159d65b34dbSJohn Polstra */
1603d55a6c0SMark Murray PAM_EXTERN int
pam_sm_acct_mgmt(pam_handle_t * pamh,int flags __unused,int argc __unused,const char * argv[]__unused)16124fe7ba0SDag-Erling Smørgrav pam_sm_acct_mgmt(pam_handle_t *pamh, int flags __unused,
162545aa471SDag-Erling Smørgrav int argc __unused, const char *argv[] __unused)
163d65b34dbSJohn Polstra {
164e9cc7b1dSDag-Erling Smørgrav struct addrinfo hints, *res;
165e9cc7b1dSDag-Erling Smørgrav struct passwd *pwd;
166d65b34dbSJohn Polstra struct timeval tp;
1671642eb1aSMark Murray login_cap_t *lc;
168d65b34dbSJohn Polstra time_t warntime;
169d65b34dbSJohn Polstra int retval;
17091e93869SDag-Erling Smørgrav const char *user;
17191e93869SDag-Erling Smørgrav const void *rhost, *tty;
1728f303102SDag-Erling Smørgrav char rhostip[MAXHOSTNAMELEN] = "";
1731642eb1aSMark Murray
174111ccd25SDag-Erling Smørgrav retval = pam_get_user(pamh, &user, NULL);
175e9cc7b1dSDag-Erling Smørgrav if (retval != PAM_SUCCESS)
17624fe7ba0SDag-Erling Smørgrav return (retval);
177d65b34dbSJohn Polstra
178e9cc7b1dSDag-Erling Smørgrav if (user == NULL || (pwd = getpwnam(user)) == NULL)
17924fe7ba0SDag-Erling Smørgrav return (PAM_SERVICE_ERR);
1801642eb1aSMark Murray
1811642eb1aSMark Murray PAM_LOG("Got user: %s", user);
182d65b34dbSJohn Polstra
18391e93869SDag-Erling Smørgrav retval = pam_get_item(pamh, PAM_RHOST, &rhost);
184e9cc7b1dSDag-Erling Smørgrav if (retval != PAM_SUCCESS)
18524fe7ba0SDag-Erling Smørgrav return (retval);
186d65b34dbSJohn Polstra
18791e93869SDag-Erling Smørgrav retval = pam_get_item(pamh, PAM_TTY, &tty);
188e9cc7b1dSDag-Erling Smørgrav if (retval != PAM_SUCCESS)
18924fe7ba0SDag-Erling Smørgrav return (retval);
190d65b34dbSJohn Polstra
191e9cc7b1dSDag-Erling Smørgrav if (*pwd->pw_passwd == '\0' &&
192e9cc7b1dSDag-Erling Smørgrav (flags & PAM_DISALLOW_NULL_AUTHTOK) != 0)
193e9cc7b1dSDag-Erling Smørgrav return (PAM_NEW_AUTHTOK_REQD);
194e9cc7b1dSDag-Erling Smørgrav
195cf21ead5SYaroslav Tykhiy if (strncmp(pwd->pw_passwd, LOCKED_PREFIX, LOCKED_PREFIX_LEN) == 0)
196cf21ead5SYaroslav Tykhiy return (PAM_AUTH_ERR);
197cf21ead5SYaroslav Tykhiy
198e9cc7b1dSDag-Erling Smørgrav lc = login_getpwclass(pwd);
199e9cc7b1dSDag-Erling Smørgrav if (lc == NULL) {
200e9cc7b1dSDag-Erling Smørgrav PAM_LOG("Unable to get login class for user %s", user);
201e9cc7b1dSDag-Erling Smørgrav return (PAM_SERVICE_ERR);
202e9cc7b1dSDag-Erling Smørgrav }
203d65b34dbSJohn Polstra
2041642eb1aSMark Murray PAM_LOG("Got login_cap");
2051642eb1aSMark Murray
206e9cc7b1dSDag-Erling Smørgrav if (pwd->pw_change || pwd->pw_expire)
207e9cc7b1dSDag-Erling Smørgrav gettimeofday(&tp, NULL);
208d65b34dbSJohn Polstra
209e9cc7b1dSDag-Erling Smørgrav /*
210e9cc7b1dSDag-Erling Smørgrav * Check pw_expire before pw_change - no point in letting the
211e9cc7b1dSDag-Erling Smørgrav * user change the password on an expired account.
212e9cc7b1dSDag-Erling Smørgrav */
213d65b34dbSJohn Polstra
214e9cc7b1dSDag-Erling Smørgrav if (pwd->pw_expire) {
215e9cc7b1dSDag-Erling Smørgrav warntime = login_getcaptime(lc, "warnexpire",
216e9cc7b1dSDag-Erling Smørgrav DEFAULT_WARN, DEFAULT_WARN);
217e9cc7b1dSDag-Erling Smørgrav if (tp.tv_sec >= pwd->pw_expire) {
218e9cc7b1dSDag-Erling Smørgrav login_close(lc);
21924fe7ba0SDag-Erling Smørgrav return (PAM_ACCT_EXPIRED);
220e9cc7b1dSDag-Erling Smørgrav } else if (pwd->pw_expire - tp.tv_sec < warntime &&
221e9cc7b1dSDag-Erling Smørgrav (flags & PAM_SILENT) == 0) {
222519b6a4cSDag-Erling Smørgrav pam_error(pamh, "Warning: your account expires on %s",
223e9cc7b1dSDag-Erling Smørgrav ctime(&pwd->pw_expire));
224d65b34dbSJohn Polstra }
225d65b34dbSJohn Polstra }
226d65b34dbSJohn Polstra
227e9cc7b1dSDag-Erling Smørgrav retval = PAM_SUCCESS;
228e9cc7b1dSDag-Erling Smørgrav if (pwd->pw_change) {
229e9cc7b1dSDag-Erling Smørgrav warntime = login_getcaptime(lc, "warnpassword",
230e9cc7b1dSDag-Erling Smørgrav DEFAULT_WARN, DEFAULT_WARN);
231e9cc7b1dSDag-Erling Smørgrav if (tp.tv_sec >= pwd->pw_change) {
232e9cc7b1dSDag-Erling Smørgrav retval = PAM_NEW_AUTHTOK_REQD;
233e9cc7b1dSDag-Erling Smørgrav } else if (pwd->pw_change - tp.tv_sec < warntime &&
234e9cc7b1dSDag-Erling Smørgrav (flags & PAM_SILENT) == 0) {
235519b6a4cSDag-Erling Smørgrav pam_error(pamh, "Warning: your password expires on %s",
236e9cc7b1dSDag-Erling Smørgrav ctime(&pwd->pw_change));
237e9cc7b1dSDag-Erling Smørgrav }
238e9cc7b1dSDag-Erling Smørgrav }
239e9cc7b1dSDag-Erling Smørgrav
240e9cc7b1dSDag-Erling Smørgrav /*
241e9cc7b1dSDag-Erling Smørgrav * From here on, we must leave retval untouched (unless we
242e9cc7b1dSDag-Erling Smørgrav * know we're going to fail), because we need to remember
243e9cc7b1dSDag-Erling Smørgrav * whether we're supposed to return PAM_SUCCESS or
244e9cc7b1dSDag-Erling Smørgrav * PAM_NEW_AUTHTOK_REQD.
245e9cc7b1dSDag-Erling Smørgrav */
246e9cc7b1dSDag-Erling Smørgrav
24791e93869SDag-Erling Smørgrav if (rhost && *(const char *)rhost != '\0') {
248e9cc7b1dSDag-Erling Smørgrav memset(&hints, 0, sizeof(hints));
249e9cc7b1dSDag-Erling Smørgrav hints.ai_family = AF_UNSPEC;
250e9cc7b1dSDag-Erling Smørgrav if (getaddrinfo(rhost, NULL, &hints, &res) == 0) {
251e9cc7b1dSDag-Erling Smørgrav getnameinfo(res->ai_addr, res->ai_addrlen,
252e9cc7b1dSDag-Erling Smørgrav rhostip, sizeof(rhostip), NULL, 0,
253d928d41cSHajimu UMEMOTO NI_NUMERICHOST);
254e9cc7b1dSDag-Erling Smørgrav }
255e9cc7b1dSDag-Erling Smørgrav if (res != NULL)
256e9cc7b1dSDag-Erling Smørgrav freeaddrinfo(res);
257e9cc7b1dSDag-Erling Smørgrav }
258e9cc7b1dSDag-Erling Smørgrav
259e9cc7b1dSDag-Erling Smørgrav /*
260e9cc7b1dSDag-Erling Smørgrav * Check host / tty / time-of-day restrictions
261e9cc7b1dSDag-Erling Smørgrav */
262e9cc7b1dSDag-Erling Smørgrav
263e9cc7b1dSDag-Erling Smørgrav if (!auth_hostok(lc, rhost, rhostip) ||
264e9cc7b1dSDag-Erling Smørgrav !auth_ttyok(lc, tty) ||
265e9cc7b1dSDag-Erling Smørgrav !auth_timeok(lc, time(NULL)))
266e9cc7b1dSDag-Erling Smørgrav retval = PAM_AUTH_ERR;
267e9cc7b1dSDag-Erling Smørgrav
268d65b34dbSJohn Polstra login_close(lc);
2691642eb1aSMark Murray
27024fe7ba0SDag-Erling Smørgrav return (retval);
2713d55a6c0SMark Murray }
2723d55a6c0SMark Murray
2733d55a6c0SMark Murray /*
2743d55a6c0SMark Murray * password management
2753d55a6c0SMark Murray *
2763d55a6c0SMark Murray * standard Unix and NIS password changing
2773d55a6c0SMark Murray */
2783d55a6c0SMark Murray PAM_EXTERN int
pam_sm_chauthtok(pam_handle_t * pamh,int flags,int argc __unused,const char * argv[]__unused)27924fe7ba0SDag-Erling Smørgrav pam_sm_chauthtok(pam_handle_t *pamh, int flags,
280545aa471SDag-Erling Smørgrav int argc __unused, const char *argv[] __unused)
2813d55a6c0SMark Murray {
282ff1bc287SDag-Erling Smørgrav #ifdef YP
283ff1bc287SDag-Erling Smørgrav struct ypclnt *ypclnt;
28464dbe1a7SDag-Erling Smørgrav const void *yp_domain, *yp_server;
285ff1bc287SDag-Erling Smørgrav #endif
286ff1bc287SDag-Erling Smørgrav char salt[SALTSIZE + 1];
287ff1bc287SDag-Erling Smørgrav login_cap_t *lc;
288f1d05925SDag-Erling Smørgrav struct passwd *pwd, *old_pwd;
289ff1bc287SDag-Erling Smørgrav const char *user, *old_pass, *new_pass;
290ff1bc287SDag-Erling Smørgrav char *encrypted;
291cc5c81f8SDag-Erling Smørgrav time_t passwordtime;
292ff1bc287SDag-Erling Smørgrav int pfd, tfd, retval;
2933d55a6c0SMark Murray
294545aa471SDag-Erling Smørgrav if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF))
295653d2f36SDon Lewis user = getlogin();
2963d55a6c0SMark Murray else {
2973d55a6c0SMark Murray retval = pam_get_user(pamh, &user, NULL);
2983d55a6c0SMark Murray if (retval != PAM_SUCCESS)
29924fe7ba0SDag-Erling Smørgrav return (retval);
3003d55a6c0SMark Murray }
301653d2f36SDon Lewis pwd = getpwnam(user);
3023d55a6c0SMark Murray
303f1d05925SDag-Erling Smørgrav if (pwd == NULL)
304f1d05925SDag-Erling Smørgrav return (PAM_AUTHTOK_RECOVERY_ERR);
305f1d05925SDag-Erling Smørgrav
3063d55a6c0SMark Murray PAM_LOG("Got user: %s", user);
3073d55a6c0SMark Murray
3083d55a6c0SMark Murray if (flags & PAM_PRELIM_CHECK) {
3093d55a6c0SMark Murray
3107b733689SDag-Erling Smørgrav PAM_LOG("PRELIM round");
3113d55a6c0SMark Murray
3120f6517b7SDag-Erling Smørgrav if (getuid() == 0 &&
3130f6517b7SDag-Erling Smørgrav (pwd->pw_fields & _PWF_SOURCE) == _PWF_FILES)
3140f6517b7SDag-Erling Smørgrav /* root doesn't need the old password */
3150f6517b7SDag-Erling Smørgrav return (pam_set_item(pamh, PAM_OLDAUTHTOK, ""));
316dd01398dSMartin Blapp #ifdef YP
317dd01398dSMartin Blapp if (getuid() == 0 &&
318dd01398dSMartin Blapp (pwd->pw_fields & _PWF_SOURCE) == _PWF_NIS) {
3190f6517b7SDag-Erling Smørgrav
320dd01398dSMartin Blapp yp_domain = yp_server = NULL;
32191e93869SDag-Erling Smørgrav (void)pam_get_data(pamh, "yp_domain", &yp_domain);
32291e93869SDag-Erling Smørgrav (void)pam_get_data(pamh, "yp_server", &yp_server);
323dd01398dSMartin Blapp
324dd01398dSMartin Blapp ypclnt = ypclnt_new(yp_domain, "passwd.byname", yp_server);
325dd01398dSMartin Blapp if (ypclnt == NULL)
326dd01398dSMartin Blapp return (PAM_BUF_ERR);
327dd01398dSMartin Blapp
328dd01398dSMartin Blapp if (ypclnt_connect(ypclnt) == -1) {
329dd01398dSMartin Blapp ypclnt_free(ypclnt);
330dd01398dSMartin Blapp return (PAM_SERVICE_ERR);
331dd01398dSMartin Blapp }
332dd01398dSMartin Blapp
333dd01398dSMartin Blapp retval = ypclnt_havepasswdd(ypclnt);
334dd01398dSMartin Blapp ypclnt_free(ypclnt);
335dd01398dSMartin Blapp if (retval == 1)
336dd01398dSMartin Blapp return (pam_set_item(pamh, PAM_OLDAUTHTOK, ""));
337dd01398dSMartin Blapp else if (retval == -1)
338dd01398dSMartin Blapp return (PAM_SERVICE_ERR);
339dd01398dSMartin Blapp }
340dd01398dSMartin Blapp #endif
3413d55a6c0SMark Murray if (pwd->pw_passwd[0] == '\0'
342545aa471SDag-Erling Smørgrav && openpam_get_option(pamh, PAM_OPT_NULLOK)) {
3433d55a6c0SMark Murray /*
3443d55a6c0SMark Murray * No password case. XXX Are we giving too much away
3453d55a6c0SMark Murray * by not prompting for a password?
346111ccd25SDag-Erling Smørgrav * XXX check PAM_DISALLOW_NULL_AUTHTOK
3473d55a6c0SMark Murray */
348ff1bc287SDag-Erling Smørgrav old_pass = "";
34930f64800SDon Lewis retval = PAM_SUCCESS;
350ff1bc287SDag-Erling Smørgrav } else {
351111ccd25SDag-Erling Smørgrav retval = pam_get_authtok(pamh,
352ff1bc287SDag-Erling Smørgrav PAM_OLDAUTHTOK, &old_pass, NULL);
3533d55a6c0SMark Murray if (retval != PAM_SUCCESS)
35424fe7ba0SDag-Erling Smørgrav return (retval);
3553d55a6c0SMark Murray }
356111ccd25SDag-Erling Smørgrav PAM_LOG("Got old password");
357ff1bc287SDag-Erling Smørgrav /* always encrypt first */
358ff1bc287SDag-Erling Smørgrav encrypted = crypt(old_pass, pwd->pw_passwd);
359be01d58dSDag-Erling Smørgrav if (old_pass[0] == '\0' &&
360545aa471SDag-Erling Smørgrav !openpam_get_option(pamh, PAM_OPT_NULLOK))
361be01d58dSDag-Erling Smørgrav return (PAM_PERM_DENIED);
362be01d58dSDag-Erling Smørgrav if (strcmp(encrypted, pwd->pw_passwd) != 0)
363ff1bc287SDag-Erling Smørgrav return (PAM_PERM_DENIED);
3647b733689SDag-Erling Smørgrav }
3657b733689SDag-Erling Smørgrav else if (flags & PAM_UPDATE_AUTHTOK) {
3667b733689SDag-Erling Smørgrav PAM_LOG("UPDATE round");
3677b733689SDag-Erling Smørgrav
3687b733689SDag-Erling Smørgrav retval = pam_get_authtok(pamh,
3690f6517b7SDag-Erling Smørgrav PAM_OLDAUTHTOK, &old_pass, NULL);
3707b733689SDag-Erling Smørgrav if (retval != PAM_SUCCESS)
3717b733689SDag-Erling Smørgrav return (retval);
3727b733689SDag-Erling Smørgrav PAM_LOG("Got old password");
3733d55a6c0SMark Murray
374ff1bc287SDag-Erling Smørgrav /* get new password */
375111ccd25SDag-Erling Smørgrav for (;;) {
376111ccd25SDag-Erling Smørgrav retval = pam_get_authtok(pamh,
377111ccd25SDag-Erling Smørgrav PAM_AUTHTOK, &new_pass, NULL);
378111ccd25SDag-Erling Smørgrav if (retval != PAM_TRY_AGAIN)
3793d55a6c0SMark Murray break;
380111ccd25SDag-Erling Smørgrav pam_error(pamh, "Mismatch; try again, EOF to quit.");
3813d55a6c0SMark Murray }
382ff1bc287SDag-Erling Smørgrav PAM_LOG("Got new password");
383c8c20c52SDag-Erling Smørgrav if (retval != PAM_SUCCESS) {
384111ccd25SDag-Erling Smørgrav PAM_VERBOSE_ERROR("Unable to get new password");
385ff1bc287SDag-Erling Smørgrav return (retval);
386c8c20c52SDag-Erling Smørgrav }
387ff1bc287SDag-Erling Smørgrav
388be01d58dSDag-Erling Smørgrav if (getuid() != 0 && new_pass[0] == '\0' &&
389545aa471SDag-Erling Smørgrav !openpam_get_option(pamh, PAM_OPT_NULLOK))
390be01d58dSDag-Erling Smørgrav return (PAM_PERM_DENIED);
391be01d58dSDag-Erling Smørgrav
392f1d05925SDag-Erling Smørgrav if ((old_pwd = pw_dup(pwd)) == NULL)
393f1d05925SDag-Erling Smørgrav return (PAM_BUF_ERR);
394f1d05925SDag-Erling Smørgrav
395d3cf5f15SDag-Erling Smørgrav lc = login_getclass(pwd->pw_class);
396ff1bc287SDag-Erling Smørgrav if (login_setcryptfmt(lc, password_hash, NULL) == NULL)
397ff1bc287SDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR,
398ff1bc287SDag-Erling Smørgrav "can't set password cipher, relying on default");
399cc5c81f8SDag-Erling Smørgrav
400cc5c81f8SDag-Erling Smørgrav /* set password expiry date */
401cc5c81f8SDag-Erling Smørgrav pwd->pw_change = 0;
402cc5c81f8SDag-Erling Smørgrav passwordtime = login_getcaptime(lc, "passwordtime", 0, 0);
403cc5c81f8SDag-Erling Smørgrav if (passwordtime > 0)
404cc5c81f8SDag-Erling Smørgrav pwd->pw_change = time(NULL) + passwordtime;
405cc5c81f8SDag-Erling Smørgrav
406ff1bc287SDag-Erling Smørgrav login_close(lc);
407ff1bc287SDag-Erling Smørgrav makesalt(salt);
408ff1bc287SDag-Erling Smørgrav pwd->pw_passwd = crypt(new_pass, salt);
4093d55a6c0SMark Murray #ifdef YP
410f1d05925SDag-Erling Smørgrav switch (old_pwd->pw_fields & _PWF_SOURCE) {
411ff1bc287SDag-Erling Smørgrav case _PWF_FILES:
412ff1bc287SDag-Erling Smørgrav #endif
413ff1bc287SDag-Erling Smørgrav retval = PAM_SERVICE_ERR;
414f1d05925SDag-Erling Smørgrav if (pw_init(NULL, NULL))
415f1d05925SDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR, "pw_init() failed");
416f1d05925SDag-Erling Smørgrav else if ((pfd = pw_lock()) == -1)
417f1d05925SDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR, "pw_lock() failed");
418f1d05925SDag-Erling Smørgrav else if ((tfd = pw_tmp(-1)) == -1)
419f1d05925SDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR, "pw_tmp() failed");
420f1d05925SDag-Erling Smørgrav else if (pw_copy(pfd, tfd, pwd, old_pwd) == -1)
421f1d05925SDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR, "pw_copy() failed");
422f1d05925SDag-Erling Smørgrav else if (pw_mkdb(pwd->pw_name) == -1)
423f1d05925SDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR, "pw_mkdb() failed");
424f1d05925SDag-Erling Smørgrav else
425f1d05925SDag-Erling Smørgrav retval = PAM_SUCCESS;
426f1d05925SDag-Erling Smørgrav pw_fini();
427ff1bc287SDag-Erling Smørgrav #ifdef YP
428ff1bc287SDag-Erling Smørgrav break;
429ff1bc287SDag-Erling Smørgrav case _PWF_NIS:
430ff1bc287SDag-Erling Smørgrav yp_domain = yp_server = NULL;
43191e93869SDag-Erling Smørgrav (void)pam_get_data(pamh, "yp_domain", &yp_domain);
43291e93869SDag-Erling Smørgrav (void)pam_get_data(pamh, "yp_server", &yp_server);
433ff1bc287SDag-Erling Smørgrav ypclnt = ypclnt_new(yp_domain,
434ff1bc287SDag-Erling Smørgrav "passwd.byname", yp_server);
435f1d05925SDag-Erling Smørgrav if (ypclnt == NULL) {
436f1d05925SDag-Erling Smørgrav retval = PAM_BUF_ERR;
437f1d05925SDag-Erling Smørgrav } else if (ypclnt_connect(ypclnt) == -1 ||
438ff1bc287SDag-Erling Smørgrav ypclnt_passwd(ypclnt, pwd, old_pass) == -1) {
439ff1bc287SDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR, "%s", ypclnt->error);
440ff1bc287SDag-Erling Smørgrav retval = PAM_SERVICE_ERR;
441f1d05925SDag-Erling Smørgrav } else {
442f1d05925SDag-Erling Smørgrav retval = PAM_SUCCESS;
4433d55a6c0SMark Murray }
444ff1bc287SDag-Erling Smørgrav ypclnt_free(ypclnt);
445ff1bc287SDag-Erling Smørgrav break;
446ff1bc287SDag-Erling Smørgrav default:
447ff1bc287SDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR, "unsupported source 0x%x",
448ff1bc287SDag-Erling Smørgrav pwd->pw_fields & _PWF_SOURCE);
449ff1bc287SDag-Erling Smørgrav retval = PAM_SERVICE_ERR;
4503d55a6c0SMark Murray }
4513d55a6c0SMark Murray #endif
452816c6c91SJuli Mallett free(old_pwd);
4533d55a6c0SMark Murray }
4543d55a6c0SMark Murray else {
4553d55a6c0SMark Murray /* Very bad juju */
4563d55a6c0SMark Murray retval = PAM_ABORT;
4573d55a6c0SMark Murray PAM_LOG("Illegal 'flags'");
4583d55a6c0SMark Murray }
4593d55a6c0SMark Murray
46024fe7ba0SDag-Erling Smørgrav return (retval);
4613d55a6c0SMark Murray }
4623d55a6c0SMark Murray
4633d55a6c0SMark Murray /* Mostly stolen from passwd(1)'s local_passwd.c - markm */
4643d55a6c0SMark Murray
4653d55a6c0SMark Murray static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
4663d55a6c0SMark Murray "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
4673d55a6c0SMark Murray
4683d55a6c0SMark Murray static void
to64(char * s,long v,int n)4693d55a6c0SMark Murray to64(char *s, long v, int n)
4703d55a6c0SMark Murray {
4713d55a6c0SMark Murray while (--n >= 0) {
4723d55a6c0SMark Murray *s++ = itoa64[v&0x3f];
4733d55a6c0SMark Murray v >>= 6;
4743d55a6c0SMark Murray }
4753d55a6c0SMark Murray }
4763d55a6c0SMark Murray
4778c3ea588SMark Murray /* Salt suitable for traditional DES and MD5 */
478068f3d2fSJung-uk Kim static void
makesalt(char salt[SALTSIZE+1])479068f3d2fSJung-uk Kim makesalt(char salt[SALTSIZE + 1])
4808c3ea588SMark Murray {
4818c3ea588SMark Murray int i;
4828c3ea588SMark Murray
4838c3ea588SMark Murray /* These are not really random numbers, they are just
4848c3ea588SMark Murray * numbers that change to thwart construction of a
485068f3d2fSJung-uk Kim * dictionary.
4868c3ea588SMark Murray */
4878c3ea588SMark Murray for (i = 0; i < SALTSIZE; i += 4)
4888c3ea588SMark Murray to64(&salt[i], arc4random(), 4);
4898c3ea588SMark Murray salt[SALTSIZE] = '\0';
4908c3ea588SMark Murray }
4918c3ea588SMark Murray
4929294327dSJohn Polstra PAM_MODULE_ENTRY("pam_unix");
493