19a10bb17SJohn Polstra /*- 29a10bb17SJohn Polstra * Copyright 1998 Juniper Networks, Inc. 39a10bb17SJohn Polstra * All rights reserved. 4f03a4b81SDag-Erling Smørgrav * Copyright (c) 2002 Networks Associates Technology, Inc. 5e9cc7b1dSDag-Erling Smørgrav * All rights reserved. 6e9cc7b1dSDag-Erling Smørgrav * 7e9cc7b1dSDag-Erling Smørgrav * Portions of this software was developed for the FreeBSD Project by 8e9cc7b1dSDag-Erling Smørgrav * ThinkSec AS and NAI Labs, the Security Research Division of Network 9e9cc7b1dSDag-Erling Smørgrav * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 10e9cc7b1dSDag-Erling Smørgrav * ("CBOSS"), as part of the DARPA CHATS research program. 119a10bb17SJohn Polstra * 129a10bb17SJohn Polstra * Redistribution and use in source and binary forms, with or without 139a10bb17SJohn Polstra * modification, are permitted provided that the following conditions 149a10bb17SJohn Polstra * are met: 159a10bb17SJohn Polstra * 1. Redistributions of source code must retain the above copyright 169a10bb17SJohn Polstra * notice, this list of conditions and the following disclaimer. 179a10bb17SJohn Polstra * 2. Redistributions in binary form must reproduce the above copyright 189a10bb17SJohn Polstra * notice, this list of conditions and the following disclaimer in the 199a10bb17SJohn Polstra * documentation and/or other materials provided with the distribution. 20e9cc7b1dSDag-Erling Smørgrav * 3. The name of the author may not be used to endorse or promote 21e9cc7b1dSDag-Erling Smørgrav * products derived from this software without specific prior written 22e9cc7b1dSDag-Erling Smørgrav * permission. 239a10bb17SJohn Polstra * 249a10bb17SJohn Polstra * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 259a10bb17SJohn Polstra * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 269a10bb17SJohn Polstra * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 279a10bb17SJohn Polstra * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 289a10bb17SJohn Polstra * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 299a10bb17SJohn Polstra * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 309a10bb17SJohn Polstra * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 319a10bb17SJohn Polstra * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 329a10bb17SJohn Polstra * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 339a10bb17SJohn Polstra * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 349a10bb17SJohn Polstra * SUCH DAMAGE. 359a10bb17SJohn Polstra */ 369a10bb17SJohn Polstra 37ceaf33f5SMatthew Dillon #include <sys/cdefs.h> 38ceaf33f5SMatthew Dillon __FBSDID("$FreeBSD$"); 39ceaf33f5SMatthew Dillon 40e9cc7b1dSDag-Erling Smørgrav #include <sys/param.h> 41e9cc7b1dSDag-Erling Smørgrav #include <sys/socket.h> 42d65b34dbSJohn Polstra #include <sys/time.h> 43e9cc7b1dSDag-Erling Smørgrav #include <netinet/in.h> 44e9cc7b1dSDag-Erling Smørgrav #include <arpa/inet.h> 45e9cc7b1dSDag-Erling Smørgrav 46d65b34dbSJohn Polstra #include <login_cap.h> 47e9cc7b1dSDag-Erling Smørgrav #include <netdb.h> 489a10bb17SJohn Polstra #include <pwd.h> 499a10bb17SJohn Polstra #include <stdlib.h> 509a10bb17SJohn Polstra #include <string.h> 51d65b34dbSJohn Polstra #include <stdio.h> 527f28386aSDag-Erling Smørgrav #include <syslog.h> 539a10bb17SJohn Polstra #include <unistd.h> 549a10bb17SJohn Polstra 553d55a6c0SMark Murray #include <pw_copy.h> 563d55a6c0SMark Murray #include <pw_util.h> 573d55a6c0SMark Murray 583d55a6c0SMark Murray #ifdef YP 59c82bffaaSDag-Erling Smørgrav #include <ypclnt.h> 603d55a6c0SMark Murray #endif 613d55a6c0SMark Murray 629a10bb17SJohn Polstra #define PAM_SM_AUTH 63d65b34dbSJohn Polstra #define PAM_SM_ACCOUNT 643d55a6c0SMark Murray #define PAM_SM_PASSWORD 653d55a6c0SMark Murray 668c66575dSDag-Erling Smørgrav #include <security/pam_appl.h> 679a10bb17SJohn Polstra #include <security/pam_modules.h> 688c66575dSDag-Erling Smørgrav #include <security/pam_mod_misc.h> 699a10bb17SJohn Polstra 703d55a6c0SMark Murray #define PASSWORD_HASH "md5" 711642eb1aSMark Murray #define DEFAULT_WARN (2L * 7L * 86400L) /* Two weeks */ 728c3ea588SMark Murray #define SALTSIZE 32 738c3ea588SMark Murray 748c3ea588SMark Murray static void makesalt(char []); 751642eb1aSMark Murray 76ac569969SMark Murray static char password_hash[] = PASSWORD_HASH; 77ac569969SMark Murray 78e9cc7b1dSDag-Erling Smørgrav enum { 79e9cc7b1dSDag-Erling Smørgrav PAM_OPT_AUTH_AS_SELF = PAM_OPT_STD_MAX, 80e9cc7b1dSDag-Erling Smørgrav PAM_OPT_NULLOK, 81e9cc7b1dSDag-Erling Smørgrav PAM_OPT_LOCAL_PASS, 82e9cc7b1dSDag-Erling Smørgrav PAM_OPT_NIS_PASS 83e9cc7b1dSDag-Erling Smørgrav }; 841642eb1aSMark Murray 851642eb1aSMark Murray static struct opttab other_options[] = { 861642eb1aSMark Murray { "auth_as_self", PAM_OPT_AUTH_AS_SELF }, 871642eb1aSMark Murray { "nullok", PAM_OPT_NULLOK }, 883d55a6c0SMark Murray { "local_pass", PAM_OPT_LOCAL_PASS }, 893d55a6c0SMark Murray { "nis_pass", PAM_OPT_NIS_PASS }, 901642eb1aSMark Murray { NULL, 0 } 911642eb1aSMark Murray }; 929a10bb17SJohn Polstra 933d55a6c0SMark Murray char *tempname = NULL; 943d55a6c0SMark Murray 95d65b34dbSJohn Polstra /* 96d65b34dbSJohn Polstra * authentication management 97d65b34dbSJohn Polstra */ 989a10bb17SJohn Polstra PAM_EXTERN int 9924fe7ba0SDag-Erling Smørgrav pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, 10024fe7ba0SDag-Erling Smørgrav int argc, const char *argv[]) 1019a10bb17SJohn Polstra { 1023d55a6c0SMark Murray login_cap_t *lc; 1031642eb1aSMark Murray struct options options; 1049a10bb17SJohn Polstra struct passwd *pwd; 1051642eb1aSMark Murray int retval; 106f2f306b6SRuslan Ermilov const char *pass, *user, *realpw, *prompt; 1079a10bb17SJohn Polstra 1081642eb1aSMark Murray pam_std_option(&options, other_options, argc, argv); 1091642eb1aSMark Murray 1101642eb1aSMark Murray PAM_LOG("Options processed"); 1111642eb1aSMark Murray 11250000f00SDag-Erling Smørgrav if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) { 1133d55a6c0SMark Murray pwd = getpwnam(getlogin()); 11450000f00SDag-Erling Smørgrav } else { 1151642eb1aSMark Murray retval = pam_get_user(pamh, &user, NULL); 1161642eb1aSMark Murray if (retval != PAM_SUCCESS) 11724fe7ba0SDag-Erling Smørgrav return (retval); 1184448b21cSMark Murray pwd = getpwnam(user); 1194448b21cSMark Murray } 1201642eb1aSMark Murray 1211642eb1aSMark Murray PAM_LOG("Got user: %s", user); 1221642eb1aSMark Murray 1234448b21cSMark Murray if (pwd != NULL) { 1241642eb1aSMark Murray PAM_LOG("Doing real authentication"); 12550000f00SDag-Erling Smørgrav realpw = pwd->pw_passwd; 12650000f00SDag-Erling Smørgrav if (realpw[0] == '\0') { 12750000f00SDag-Erling Smørgrav if (!(flags & PAM_DISALLOW_NULL_AUTHTOK) && 12850000f00SDag-Erling Smørgrav pam_test_option(&options, PAM_OPT_NULLOK, NULL)) 12924fe7ba0SDag-Erling Smørgrav return (PAM_SUCCESS); 13050000f00SDag-Erling Smørgrav realpw = "*"; 1311642eb1aSMark Murray } 132a8b1e59eSDag-Erling Smørgrav lc = login_getpwclass(pwd); 13350000f00SDag-Erling Smørgrav } else { 1341642eb1aSMark Murray PAM_LOG("Doing dummy authentication"); 13550000f00SDag-Erling Smørgrav realpw = "*"; 136a8b1e59eSDag-Erling Smørgrav lc = login_getclass(NULL); 13750000f00SDag-Erling Smørgrav } 13850000f00SDag-Erling Smørgrav prompt = login_getcapstr(lc, "passwd_prompt", NULL, NULL); 13950000f00SDag-Erling Smørgrav retval = pam_get_authtok(pamh, PAM_AUTHTOK, &pass, prompt); 140a8b1e59eSDag-Erling Smørgrav login_close(lc); 1411642eb1aSMark Murray if (retval != PAM_SUCCESS) 14224fe7ba0SDag-Erling Smørgrav return (retval); 1431642eb1aSMark Murray PAM_LOG("Got password"); 14450000f00SDag-Erling Smørgrav if (strcmp(crypt(pass, realpw), realpw) == 0) 14524fe7ba0SDag-Erling Smørgrav return (PAM_SUCCESS); 1461642eb1aSMark Murray 1473d55a6c0SMark Murray PAM_VERBOSE_ERROR("UNIX authentication refused"); 14824fe7ba0SDag-Erling Smørgrav return (PAM_AUTH_ERR); 1499a10bb17SJohn Polstra } 1509a10bb17SJohn Polstra 1519a10bb17SJohn Polstra PAM_EXTERN int 15224fe7ba0SDag-Erling Smørgrav pam_sm_setcred(pam_handle_t *pamh __unused, int flags __unused, 15324fe7ba0SDag-Erling Smørgrav int argc __unused, const char *argv[] __unused) 1549a10bb17SJohn Polstra { 1553d55a6c0SMark Murray 15624fe7ba0SDag-Erling Smørgrav return (PAM_SUCCESS); 1579a10bb17SJohn Polstra } 1589294327dSJohn Polstra 159d65b34dbSJohn Polstra /* 160d65b34dbSJohn Polstra * account management 161d65b34dbSJohn Polstra */ 1623d55a6c0SMark Murray PAM_EXTERN int 16324fe7ba0SDag-Erling Smørgrav pam_sm_acct_mgmt(pam_handle_t *pamh, int flags __unused, 16424fe7ba0SDag-Erling Smørgrav int argc, const char *argv[]) 165d65b34dbSJohn Polstra { 166e9cc7b1dSDag-Erling Smørgrav struct addrinfo hints, *res; 1671642eb1aSMark Murray struct options options; 168e9cc7b1dSDag-Erling Smørgrav struct passwd *pwd; 169d65b34dbSJohn Polstra struct timeval tp; 1701642eb1aSMark Murray login_cap_t *lc; 171d65b34dbSJohn Polstra time_t warntime; 172d65b34dbSJohn Polstra int retval; 173e9cc7b1dSDag-Erling Smørgrav const char *rhost, *tty, *user; 174e9cc7b1dSDag-Erling Smørgrav char rhostip[MAXHOSTNAMELEN]; 1751642eb1aSMark Murray 1761642eb1aSMark Murray pam_std_option(&options, other_options, argc, argv); 1771642eb1aSMark Murray 1781642eb1aSMark Murray PAM_LOG("Options processed"); 179d65b34dbSJohn Polstra 180111ccd25SDag-Erling Smørgrav retval = pam_get_user(pamh, &user, NULL); 181e9cc7b1dSDag-Erling Smørgrav if (retval != PAM_SUCCESS) 18224fe7ba0SDag-Erling Smørgrav return (retval); 183d65b34dbSJohn Polstra 184e9cc7b1dSDag-Erling Smørgrav if (user == NULL || (pwd = getpwnam(user)) == NULL) 18524fe7ba0SDag-Erling Smørgrav return (PAM_SERVICE_ERR); 1861642eb1aSMark Murray 1871642eb1aSMark Murray PAM_LOG("Got user: %s", user); 188d65b34dbSJohn Polstra 189e9cc7b1dSDag-Erling Smørgrav retval = pam_get_item(pamh, PAM_RHOST, (const void **)&rhost); 190e9cc7b1dSDag-Erling Smørgrav if (retval != PAM_SUCCESS) 19124fe7ba0SDag-Erling Smørgrav return (retval); 192d65b34dbSJohn Polstra 193e9cc7b1dSDag-Erling Smørgrav retval = pam_get_item(pamh, PAM_TTY, (const void **)&tty); 194e9cc7b1dSDag-Erling Smørgrav if (retval != PAM_SUCCESS) 19524fe7ba0SDag-Erling Smørgrav return (retval); 196d65b34dbSJohn Polstra 197e9cc7b1dSDag-Erling Smørgrav if (*pwd->pw_passwd == '\0' && 198e9cc7b1dSDag-Erling Smørgrav (flags & PAM_DISALLOW_NULL_AUTHTOK) != 0) 199e9cc7b1dSDag-Erling Smørgrav return (PAM_NEW_AUTHTOK_REQD); 200e9cc7b1dSDag-Erling Smørgrav 201e9cc7b1dSDag-Erling Smørgrav lc = login_getpwclass(pwd); 202e9cc7b1dSDag-Erling Smørgrav if (lc == NULL) { 203e9cc7b1dSDag-Erling Smørgrav PAM_LOG("Unable to get login class for user %s", user); 204e9cc7b1dSDag-Erling Smørgrav return (PAM_SERVICE_ERR); 205e9cc7b1dSDag-Erling Smørgrav } 206d65b34dbSJohn Polstra 2071642eb1aSMark Murray PAM_LOG("Got login_cap"); 2081642eb1aSMark Murray 209e9cc7b1dSDag-Erling Smørgrav if (pwd->pw_change || pwd->pw_expire) 210e9cc7b1dSDag-Erling Smørgrav gettimeofday(&tp, NULL); 211d65b34dbSJohn Polstra 212e9cc7b1dSDag-Erling Smørgrav /* 213e9cc7b1dSDag-Erling Smørgrav * Check pw_expire before pw_change - no point in letting the 214e9cc7b1dSDag-Erling Smørgrav * user change the password on an expired account. 215e9cc7b1dSDag-Erling Smørgrav */ 216d65b34dbSJohn Polstra 217e9cc7b1dSDag-Erling Smørgrav if (pwd->pw_expire) { 218e9cc7b1dSDag-Erling Smørgrav warntime = login_getcaptime(lc, "warnexpire", 219e9cc7b1dSDag-Erling Smørgrav DEFAULT_WARN, DEFAULT_WARN); 220e9cc7b1dSDag-Erling Smørgrav if (tp.tv_sec >= pwd->pw_expire) { 221e9cc7b1dSDag-Erling Smørgrav login_close(lc); 22224fe7ba0SDag-Erling Smørgrav return (PAM_ACCT_EXPIRED); 223e9cc7b1dSDag-Erling Smørgrav } else if (pwd->pw_expire - tp.tv_sec < warntime && 224e9cc7b1dSDag-Erling Smørgrav (flags & PAM_SILENT) == 0) { 225519b6a4cSDag-Erling Smørgrav pam_error(pamh, "Warning: your account expires on %s", 226e9cc7b1dSDag-Erling Smørgrav ctime(&pwd->pw_expire)); 227d65b34dbSJohn Polstra } 228d65b34dbSJohn Polstra } 229d65b34dbSJohn Polstra 230e9cc7b1dSDag-Erling Smørgrav retval = PAM_SUCCESS; 231e9cc7b1dSDag-Erling Smørgrav if (pwd->pw_change) { 232e9cc7b1dSDag-Erling Smørgrav warntime = login_getcaptime(lc, "warnpassword", 233e9cc7b1dSDag-Erling Smørgrav DEFAULT_WARN, DEFAULT_WARN); 234e9cc7b1dSDag-Erling Smørgrav if (tp.tv_sec >= pwd->pw_change) { 235e9cc7b1dSDag-Erling Smørgrav retval = PAM_NEW_AUTHTOK_REQD; 236e9cc7b1dSDag-Erling Smørgrav } else if (pwd->pw_change - tp.tv_sec < warntime && 237e9cc7b1dSDag-Erling Smørgrav (flags & PAM_SILENT) == 0) { 238519b6a4cSDag-Erling Smørgrav pam_error(pamh, "Warning: your password expires on %s", 239e9cc7b1dSDag-Erling Smørgrav ctime(&pwd->pw_change)); 240e9cc7b1dSDag-Erling Smørgrav } 241e9cc7b1dSDag-Erling Smørgrav } 242e9cc7b1dSDag-Erling Smørgrav 243e9cc7b1dSDag-Erling Smørgrav /* 244e9cc7b1dSDag-Erling Smørgrav * From here on, we must leave retval untouched (unless we 245e9cc7b1dSDag-Erling Smørgrav * know we're going to fail), because we need to remember 246e9cc7b1dSDag-Erling Smørgrav * whether we're supposed to return PAM_SUCCESS or 247e9cc7b1dSDag-Erling Smørgrav * PAM_NEW_AUTHTOK_REQD. 248e9cc7b1dSDag-Erling Smørgrav */ 249e9cc7b1dSDag-Erling Smørgrav 250e9cc7b1dSDag-Erling Smørgrav if (rhost) { 251e9cc7b1dSDag-Erling Smørgrav memset(&hints, 0, sizeof(hints)); 252e9cc7b1dSDag-Erling Smørgrav hints.ai_family = AF_UNSPEC; 253e9cc7b1dSDag-Erling Smørgrav if (getaddrinfo(rhost, NULL, &hints, &res) == 0) { 254e9cc7b1dSDag-Erling Smørgrav getnameinfo(res->ai_addr, res->ai_addrlen, 255e9cc7b1dSDag-Erling Smørgrav rhostip, sizeof(rhostip), NULL, 0, 256e9cc7b1dSDag-Erling Smørgrav NI_NUMERICHOST|NI_WITHSCOPEID); 257e9cc7b1dSDag-Erling Smørgrav } 258e9cc7b1dSDag-Erling Smørgrav if (res != NULL) 259e9cc7b1dSDag-Erling Smørgrav freeaddrinfo(res); 260e9cc7b1dSDag-Erling Smørgrav } 261e9cc7b1dSDag-Erling Smørgrav 262e9cc7b1dSDag-Erling Smørgrav /* 263e9cc7b1dSDag-Erling Smørgrav * Check host / tty / time-of-day restrictions 264e9cc7b1dSDag-Erling Smørgrav */ 265e9cc7b1dSDag-Erling Smørgrav 266e9cc7b1dSDag-Erling Smørgrav if (!auth_hostok(lc, rhost, rhostip) || 267e9cc7b1dSDag-Erling Smørgrav !auth_ttyok(lc, tty) || 268e9cc7b1dSDag-Erling Smørgrav !auth_timeok(lc, time(NULL))) 269e9cc7b1dSDag-Erling Smørgrav retval = PAM_AUTH_ERR; 270e9cc7b1dSDag-Erling Smørgrav 271d65b34dbSJohn Polstra login_close(lc); 2721642eb1aSMark Murray 27324fe7ba0SDag-Erling Smørgrav return (retval); 2743d55a6c0SMark Murray } 2753d55a6c0SMark Murray 2763d55a6c0SMark Murray /* 2773d55a6c0SMark Murray * password management 2783d55a6c0SMark Murray * 2793d55a6c0SMark Murray * standard Unix and NIS password changing 2803d55a6c0SMark Murray */ 2813d55a6c0SMark Murray PAM_EXTERN int 28224fe7ba0SDag-Erling Smørgrav pam_sm_chauthtok(pam_handle_t *pamh, int flags, 28324fe7ba0SDag-Erling Smørgrav int argc, const char *argv[]) 2843d55a6c0SMark Murray { 285ff1bc287SDag-Erling Smørgrav #ifdef YP 286ff1bc287SDag-Erling Smørgrav struct ypclnt *ypclnt; 287ff1bc287SDag-Erling Smørgrav const char *yp_domain, *yp_server; 288ff1bc287SDag-Erling Smørgrav #endif 2893d55a6c0SMark Murray struct options options; 290ff1bc287SDag-Erling Smørgrav char salt[SALTSIZE + 1]; 291ff1bc287SDag-Erling Smørgrav login_cap_t * lc; 2923d55a6c0SMark Murray struct passwd *pwd; 293ff1bc287SDag-Erling Smørgrav const char *user, *old_pass, *new_pass; 294ff1bc287SDag-Erling Smørgrav char *encrypted; 295ff1bc287SDag-Erling Smørgrav int pfd, tfd, retval; 2963d55a6c0SMark Murray 2973d55a6c0SMark Murray pam_std_option(&options, other_options, argc, argv); 2983d55a6c0SMark Murray 2993d55a6c0SMark Murray PAM_LOG("Options processed"); 3003d55a6c0SMark Murray 3013d55a6c0SMark Murray if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) 3023d55a6c0SMark Murray pwd = getpwnam(getlogin()); 3033d55a6c0SMark Murray else { 3043d55a6c0SMark Murray retval = pam_get_user(pamh, &user, NULL); 3053d55a6c0SMark Murray if (retval != PAM_SUCCESS) 30624fe7ba0SDag-Erling Smørgrav return (retval); 3073d55a6c0SMark Murray pwd = getpwnam(user); 3083d55a6c0SMark Murray } 3093d55a6c0SMark Murray 3103d55a6c0SMark Murray PAM_LOG("Got user: %s", user); 3113d55a6c0SMark Murray 3123d55a6c0SMark Murray if (flags & PAM_PRELIM_CHECK) { 3133d55a6c0SMark Murray 3147b733689SDag-Erling Smørgrav PAM_LOG("PRELIM round"); 3153d55a6c0SMark Murray 3163d55a6c0SMark Murray if (pwd->pw_passwd[0] == '\0' 3173d55a6c0SMark Murray && pam_test_option(&options, PAM_OPT_NULLOK, NULL)) { 3183d55a6c0SMark Murray /* 3193d55a6c0SMark Murray * No password case. XXX Are we giving too much away 3203d55a6c0SMark Murray * by not prompting for a password? 321111ccd25SDag-Erling Smørgrav * XXX check PAM_DISALLOW_NULL_AUTHTOK 3223d55a6c0SMark Murray */ 323ff1bc287SDag-Erling Smørgrav old_pass = ""; 324ff1bc287SDag-Erling Smørgrav } else { 325111ccd25SDag-Erling Smørgrav retval = pam_get_authtok(pamh, 326ff1bc287SDag-Erling Smørgrav PAM_OLDAUTHTOK, &old_pass, NULL); 3273d55a6c0SMark Murray if (retval != PAM_SUCCESS) 32824fe7ba0SDag-Erling Smørgrav return (retval); 3293d55a6c0SMark Murray } 330111ccd25SDag-Erling Smørgrav PAM_LOG("Got old password"); 331ff1bc287SDag-Erling Smørgrav /* always encrypt first */ 332ff1bc287SDag-Erling Smørgrav encrypted = crypt(old_pass, pwd->pw_passwd); 333ff1bc287SDag-Erling Smørgrav if ((old_pass[0] == '\0' && pwd->pw_passwd[0] != '\0') || 334ff1bc287SDag-Erling Smørgrav strcmp(encrypted, pwd->pw_passwd) != 0) 335ff1bc287SDag-Erling Smørgrav return (PAM_PERM_DENIED); 3367b733689SDag-Erling Smørgrav } 3377b733689SDag-Erling Smørgrav else if (flags & PAM_UPDATE_AUTHTOK) { 3387b733689SDag-Erling Smørgrav PAM_LOG("UPDATE round"); 3397b733689SDag-Erling Smørgrav 3407b733689SDag-Erling Smørgrav retval = pam_get_authtok(pamh, 3417b733689SDag-Erling Smørgrav PAM_AUTHTOK, &old_pass, NULL); 3427b733689SDag-Erling Smørgrav if (retval != PAM_SUCCESS) 3437b733689SDag-Erling Smørgrav return (retval); 3447b733689SDag-Erling Smørgrav PAM_LOG("Got old password"); 3453d55a6c0SMark Murray 346ff1bc287SDag-Erling Smørgrav /* get new password */ 347111ccd25SDag-Erling Smørgrav for (;;) { 348111ccd25SDag-Erling Smørgrav retval = pam_get_authtok(pamh, 349111ccd25SDag-Erling Smørgrav PAM_AUTHTOK, &new_pass, NULL); 350111ccd25SDag-Erling Smørgrav if (retval != PAM_TRY_AGAIN) 3513d55a6c0SMark Murray break; 352111ccd25SDag-Erling Smørgrav pam_error(pamh, "Mismatch; try again, EOF to quit."); 3533d55a6c0SMark Murray } 354ff1bc287SDag-Erling Smørgrav PAM_LOG("Got new password"); 355c8c20c52SDag-Erling Smørgrav if (retval != PAM_SUCCESS) { 356111ccd25SDag-Erling Smørgrav PAM_VERBOSE_ERROR("Unable to get new password"); 357ff1bc287SDag-Erling Smørgrav return (retval); 358c8c20c52SDag-Erling Smørgrav } 359ff1bc287SDag-Erling Smørgrav 360ff1bc287SDag-Erling Smørgrav pwd->pw_change = 0; 361ff1bc287SDag-Erling Smørgrav lc = login_getclass(NULL); 362ff1bc287SDag-Erling Smørgrav if (login_setcryptfmt(lc, password_hash, NULL) == NULL) 363ff1bc287SDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR, 364ff1bc287SDag-Erling Smørgrav "can't set password cipher, relying on default"); 365ff1bc287SDag-Erling Smørgrav login_close(lc); 366ff1bc287SDag-Erling Smørgrav makesalt(salt); 367ff1bc287SDag-Erling Smørgrav pwd->pw_passwd = crypt(new_pass, salt); 368ff1bc287SDag-Erling Smørgrav retval = PAM_SUCCESS; 3693d55a6c0SMark Murray #ifdef YP 370ff1bc287SDag-Erling Smørgrav switch (pwd->pw_fields & _PWF_SOURCE) { 371ff1bc287SDag-Erling Smørgrav case _PWF_FILES: 372ff1bc287SDag-Erling Smørgrav #endif 373ff1bc287SDag-Erling Smørgrav pfd = pw_lock(); 374ff1bc287SDag-Erling Smørgrav tfd = pw_tmp(); 375ff1bc287SDag-Erling Smørgrav pw_copy(pfd, tfd, pwd, NULL); 376ff1bc287SDag-Erling Smørgrav if (!pw_mkdb(user)) 377ff1bc287SDag-Erling Smørgrav retval = PAM_SERVICE_ERR; 378ff1bc287SDag-Erling Smørgrav #ifdef YP 379ff1bc287SDag-Erling Smørgrav break; 380ff1bc287SDag-Erling Smørgrav case _PWF_NIS: 381ff1bc287SDag-Erling Smørgrav yp_domain = yp_server = NULL; 382ff1bc287SDag-Erling Smørgrav (void)pam_get_data(pamh, 383ff1bc287SDag-Erling Smørgrav "yp_domain", (const void **)&yp_domain); 384ff1bc287SDag-Erling Smørgrav (void)pam_get_data(pamh, 385ff1bc287SDag-Erling Smørgrav "yp_server", (const void **)&yp_server); 386ff1bc287SDag-Erling Smørgrav ypclnt = ypclnt_new(yp_domain, 387ff1bc287SDag-Erling Smørgrav "passwd.byname", yp_server); 388ff1bc287SDag-Erling Smørgrav if (ypclnt == NULL) 38924fe7ba0SDag-Erling Smørgrav return (PAM_BUF_ERR); 390ff1bc287SDag-Erling Smørgrav if (ypclnt_connect(ypclnt) == -1 || 391ff1bc287SDag-Erling Smørgrav ypclnt_passwd(ypclnt, pwd, old_pass) == -1) { 392ff1bc287SDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR, "%s", ypclnt->error); 393ff1bc287SDag-Erling Smørgrav retval = PAM_SERVICE_ERR; 3943d55a6c0SMark Murray } 395ff1bc287SDag-Erling Smørgrav ypclnt_free(ypclnt); 396ff1bc287SDag-Erling Smørgrav break; 397ff1bc287SDag-Erling Smørgrav default: 398ff1bc287SDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR, "unsupported source 0x%x", 399ff1bc287SDag-Erling Smørgrav pwd->pw_fields & _PWF_SOURCE); 400ff1bc287SDag-Erling Smørgrav retval = PAM_SERVICE_ERR; 4013d55a6c0SMark Murray } 4023d55a6c0SMark Murray #endif 4033d55a6c0SMark Murray } 4043d55a6c0SMark Murray else { 4053d55a6c0SMark Murray /* Very bad juju */ 4063d55a6c0SMark Murray retval = PAM_ABORT; 4073d55a6c0SMark Murray PAM_LOG("Illegal 'flags'"); 4083d55a6c0SMark Murray } 4093d55a6c0SMark Murray 41024fe7ba0SDag-Erling Smørgrav return (retval); 4113d55a6c0SMark Murray } 4123d55a6c0SMark Murray 4133d55a6c0SMark Murray /* Mostly stolen from passwd(1)'s local_passwd.c - markm */ 4143d55a6c0SMark Murray 4153d55a6c0SMark Murray static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */ 4163d55a6c0SMark Murray "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; 4173d55a6c0SMark Murray 4183d55a6c0SMark Murray static void 4193d55a6c0SMark Murray to64(char *s, long v, int n) 4203d55a6c0SMark Murray { 4213d55a6c0SMark Murray while (--n >= 0) { 4223d55a6c0SMark Murray *s++ = itoa64[v&0x3f]; 4233d55a6c0SMark Murray v >>= 6; 4243d55a6c0SMark Murray } 4253d55a6c0SMark Murray } 4263d55a6c0SMark Murray 4278c3ea588SMark Murray /* Salt suitable for traditional DES and MD5 */ 4288c3ea588SMark Murray void 4298c3ea588SMark Murray makesalt(char salt[SALTSIZE]) 4308c3ea588SMark Murray { 4318c3ea588SMark Murray int i; 4328c3ea588SMark Murray 4338c3ea588SMark Murray /* These are not really random numbers, they are just 4348c3ea588SMark Murray * numbers that change to thwart construction of a 4358c3ea588SMark Murray * dictionary. This is exposed to the public. 4368c3ea588SMark Murray */ 4378c3ea588SMark Murray for (i = 0; i < SALTSIZE; i += 4) 4388c3ea588SMark Murray to64(&salt[i], arc4random(), 4); 4398c3ea588SMark Murray salt[SALTSIZE] = '\0'; 4408c3ea588SMark Murray } 4418c3ea588SMark Murray 4429294327dSJohn Polstra PAM_MODULE_ENTRY("pam_unix"); 443