xref: /freebsd/lib/libypclnt/ypclnt_passwd.c (revision c0f2281eddc9d5dd8f5106611b93b8668ebb112d) 
1 /*-
2  * Copyright (c) 2002 Networks Associates Technology, Inc.
3  * All rights reserved.
4  *
5  * This software was developed for the FreeBSD Project by ThinkSec AS and
6  * NAI Labs, the Security Research Division of Network Associates, Inc.
7  * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
8  * DARPA CHATS research program.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. The name of the author may not be used to endorse or promote
19  *    products derived from this software without specific prior written
20  *    permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  *
34  * $FreeBSD$
35  */
36 
37 #include <err.h>
38 #include <errno.h>
39 #include <pwd.h>
40 #include <stdlib.h>
41 #include <string.h>
42 
43 #include <rpcsvc/ypclnt.h>
44 #include <rpcsvc/yppasswd.h>
45 
46 #include "ypclnt.h"
47 
48 int
49 ypclnt_passwd(ypclnt_t *ypclnt, const struct passwd *pwd, const char *passwd)
50 {
51 	struct yppasswd yppwd;
52 	struct rpc_err rpcerr;
53 	CLIENT *clnt = NULL;
54 	int ret, *result;
55 
56 	/* check that rpc.yppasswdd is running */
57 	if (getrpcport(ypclnt->server, YPPASSWDPROG,
58 		YPPASSWDPROC_UPDATE, IPPROTO_UDP) == 0) {
59 		ypclnt_error(ypclnt, __func__, "no rpc.yppasswdd on server");
60 		return (-1);
61 	}
62 
63 	/* fill the yppasswd structure */
64 	memset(&yppwd, 0, sizeof yppwd);
65 	yppwd.newpw.pw_uid = pwd->pw_uid;
66 	yppwd.newpw.pw_gid = pwd->pw_gid;
67 	if ((yppwd.newpw.pw_name = strdup(pwd->pw_name)) == NULL ||
68 	    (yppwd.newpw.pw_passwd = strdup(pwd->pw_passwd)) == NULL ||
69 	    (yppwd.newpw.pw_gecos = strdup(pwd->pw_gecos)) == NULL ||
70 	    (yppwd.newpw.pw_dir = strdup(pwd->pw_dir)) == NULL ||
71 	    (yppwd.newpw.pw_shell = strdup(pwd->pw_shell)) == NULL ||
72 	    (yppwd.oldpass = strdup(passwd)) == NULL) {
73 		ypclnt_error(ypclnt, __func__, strerror(errno));
74 		ret = -1;
75 		goto done;
76 	}
77 
78 	/* connect to rpc.yppasswdd */
79 	clnt = clnt_create(ypclnt->server, YPPASSWDPROG, YPPASSWDVERS, "udp");
80 	if (clnt == NULL) {
81 		ypclnt_error(ypclnt, __func__,
82 		    "failed to connect to rpc.yppasswdd: %s",
83 		    clnt_spcreateerror(ypclnt->server));
84 		ret = -1;
85 		goto done;
86 	}
87 	clnt->cl_auth = authunix_create_default();
88 
89 	/* request the update */
90 	result = yppasswdproc_update_1(&yppwd, clnt);
91 
92 	/* check for RPC errors */
93 	clnt_geterr(clnt, &rpcerr);
94 	if (rpcerr.re_status != RPC_SUCCESS) {
95 		ypclnt_error(ypclnt, __func__,
96 		    "NIS password update failed: %s",
97 		    clnt_sperror(clnt, ypclnt->server));
98 		ret = -1;
99 		goto done;
100 	}
101 
102 	/* check the result of the update */
103 	if (result == NULL || *result != 0) {
104 		ypclnt_error(ypclnt, __func__,
105 		    "NIS password update failed");
106 		/* XXX how do we get more details? */
107 		ret = -1;
108 		goto done;
109 	}
110 
111 	ypclnt_error(ypclnt, NULL, NULL);
112 	ret = 0;
113 
114  done:
115 	if (clnt != NULL) {
116 		auth_destroy(clnt->cl_auth);
117 		clnt_destroy(clnt);
118 	}
119 	free(yppwd.newpw.pw_name);
120 	free(yppwd.newpw.pw_passwd);
121 	free(yppwd.newpw.pw_gecos);
122 	free(yppwd.newpw.pw_dir);
123 	free(yppwd.newpw.pw_shell);
124 	if (yppwd.oldpass != NULL) {
125 		memset(yppwd.oldpass, 0, strlen(yppwd.oldpass));
126 		free(yppwd.oldpass);
127 	}
128 	return (ret);
129 }
130