#include "yppasswd.h"
#include "md5.h"
#include "support.h"
+#include "bigcrypt.h"
#if !((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 1))
extern int getrpcport(const char *host, unsigned long prognum,
# include "./lckpwdf.-c"
#endif
-extern char *bigcrypt(const char *key, const char *salt);
-
/*
How it works:
Gets in username (has to be done) from the calling program
retval = PAM_AUTH_ERR;
}
- if (sighandler != NULL) {
+ if (sighandler != SIG_ERR) {
(void) signal(SIGCHLD, sighandler); /* restore old signal handler */
}
while (fgets(buf, 16380, opwfile)) {
if (!strncmp(buf, forwho, strlen(forwho))) {
+ char *sptr;
buf[strlen(buf) - 1] = '\0';
- s_luser = strtok(buf, ":,");
- s_uid = strtok(NULL, ":,");
- s_npas = strtok(NULL, ":,");
- s_pas = strtok(NULL, ":,");
+ s_luser = strtok_r(buf, ":,", &sptr);
+ s_uid = strtok_r(NULL, ":,", &sptr);
+ s_npas = strtok_r(NULL, ":,", &sptr);
+ s_pas = strtok_r(NULL, ":,", &sptr);
while (s_pas != NULL) {
char *md5pass = Goodcrypt_md5(newpass, s_pas);
if (!strcmp(md5pass, s_pas)) {
retval = PAM_AUTHTOK_ERR;
break;
}
- s_pas = strtok(NULL, ":,");
+ s_pas = strtok_r(NULL, ":,", &sptr);
_pam_delete(md5pass);
}
break;
while (fgets(buf, 16380, opwfile)) {
if (!strncmp(buf, forwho, strlen(forwho))) {
+ char *sptr;
buf[strlen(buf) - 1] = '\0';
- s_luser = strtok(buf, ":");
- s_uid = strtok(NULL, ":");
- s_npas = strtok(NULL, ":");
- s_pas = strtok(NULL, ":");
+ s_luser = strtok_r(buf, ":", &sptr);
+ s_uid = strtok_r(NULL, ":", &sptr);
+ s_npas = strtok_r(NULL, ":", &sptr);
+ s_pas = strtok_r(NULL, ":", &sptr);
npas = strtol(s_npas, NULL, 10) + 1;
while (npas > howmany) {
s_pas = strpbrk(s_pas, ",");
err = 1;
} else {
pass = crypt_md5_wrapper(oldpass);
- snprintf(nbuf, sizeof(nbuf), "%s:%d:1:%s\n",
- forwho, pwd->pw_uid, pass);
+ snprintf(nbuf, sizeof(nbuf), "%s:%lu:1:%s\n",
+ forwho, (unsigned long)pwd->pw_uid, pass);
_pam_delete(pass);
if (fputs(nbuf, pwfile) < 0) {
err = 1;
}
if (fclose(pwfile)) {
- D(("error writing entries to old passwords file: %s\n",
- strerror(errno)));
+ D(("error writing entries to old passwords file: %m"));
err = 1;
}
err = 0;
}
if (putpwent(tmpent, pwfile)) {
- D(("error writing entry to password file: %s\n", strerror(errno)));
+ D(("error writing entry to password file: %m"));
err = 1;
break;
}
fclose(opwfile);
if (fclose(pwfile)) {
- D(("error writing entries to password file: %s\n", strerror(errno)));
+ D(("error writing entries to password file: %m"));
err = 1;
}
}
if (putspent(stmpent, pwfile)) {
- D(("error writing entry to shadow file: %s\n", strerror(errno)));
+ D(("error writing entry to shadow file: %m"));
err = 1;
break;
}
fclose(opwfile);
if (fclose(pwfile)) {
- D(("error writing entries to shadow file: %s\n", strerror(errno)));
+ D(("error writing entries to shadow file: %m"));
err = 1;
}
struct yppasswd yppwd;
CLIENT *clnt;
int status;
- int err = 0;
+ enum clnt_stat err;
/* Unlock passwd file to avoid deadlock */
#ifdef USE_LCKPWDF
if (retval == PAM_SUCCESS) {
/*
* Various libraries at various times have had bugs related to
- * '+' or '-' as the first character of a user name. Don't take
- * any chances here. Require that the username starts with an
- * alphanumeric character.
+ * '+' or '-' as the first character of a user name. Don't
+ * allow them.
*/
- if (user == NULL || !isalnum(*user)) {
+ if (user == NULL || user[0] == '-' || user[0] == '+') {
pam_syslog(pamh, LOG_ERR, "bad username [%s]", user);
return PAM_USER_UNKNOWN;
}
user);
return PAM_USER_UNKNOWN;
}
- if (!_unix_shadowed(pwd) &&
- (strchr(pwd->pw_passwd, '*') != NULL)) {
- pam_syslog(pamh, LOG_DEBUG,
- "user \"%s\" does not have modifiable password",
- user);
- return PAM_USER_UNKNOWN;
- }
}
/*
if (_unix_blankpasswd(pamh, ctrl, user)) {
return PAM_SUCCESS;
} else if (off(UNIX__IAMROOT, ctrl)) {
-
/* instruct user what is happening */
-#define greeting "Changing password for "
- Announce = (char *) malloc(sizeof(greeting) + strlen(user));
- if (Announce == NULL) {
+ if (asprintf(&Announce, _("Changing password for %s."),
+ user) < 0) {
pam_syslog(pamh, LOG_CRIT,
"password - out of memory");
return PAM_BUF_ERR;
}
- (void) strcpy(Announce, greeting);
- (void) strcpy(Announce + sizeof(greeting) - 1, user);
-#undef greeting
lctrl = ctrl;
set(UNIX__OLD_PASSWD, lctrl);