loginutils/passwd.c

   1 /* vi: set sw=4 ts=4: */
   2 /*
   3  * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
   4  */
   5
   6 #include "busybox.h"
   7 #include <syslog.h>
   8
   9 static char crypt_passwd[128];
  10
  11 static int create_backup(const char *backup, FILE * fp);
  12 static int new_password(const struct passwd *pw, int amroot, int algo);
  13 static void set_filesize_limit(int blocks);
  14
  15
  16 static int get_algo(char *a)
  17 {
  18         int x = 1;                                      /* standard: MD5 */
  19
  20         if (strcasecmp(a, "des") == 0)
  21                 x = 0;
  22         return x;
  23 }
  24
  25
  26 static int update_passwd(const struct passwd *pw, const char *crypt_pw)
  27 {
  28         char filename[1024];
  29         char buf[1025];
  30         char buffer[80];
  31         char username[32];
  32         char *pw_rest;
  33         int mask;
  34         int continued;
  35         FILE *fp;
  36         FILE *out_fp;
  37         struct stat sb;
  38         struct flock lock;
  39
  40 #if ENABLE_FEATURE_SHADOWPASSWDS
  41         if (access(bb_path_shadow_file, F_OK) == 0) {
  42                 snprintf(filename, sizeof filename, "%s", bb_path_shadow_file);
  43         } else
  44 #endif
  45         {
  46                 snprintf(filename, sizeof filename, "%s", bb_path_passwd_file);
  47         }
  48
  49         fp = fopen(filename, "r+");
  50         if (fp == 0 || fstat(fileno(fp), &sb)) {
  51                 /* return 0; */
  52                 return 1;
  53         }
  54
  55         /* Lock the password file before updating */
  56         lock.l_type = F_WRLCK;
  57         lock.l_whence = SEEK_SET;
  58         lock.l_start = 0;
  59         lock.l_len = 0;
  60         if (fcntl(fileno(fp), F_SETLK, &lock) < 0) {
  61                 bb_perror_msg("%s", filename);
  62                 return 1;
  63         }
  64         lock.l_type = F_UNLCK;
  65
  66         snprintf(buf, sizeof buf, "%s-", filename);
  67         if (create_backup(buf, fp)) {
  68                 fcntl(fileno(fp), F_SETLK, &lock);
  69                 fclose(fp);
  70                 return 1;
  71         }
  72         snprintf(buf, sizeof buf, "%s+", filename);
  73         mask = umask(0777);
  74         out_fp = fopen(buf, "w");
  75         umask(mask);
  76         if ((!out_fp) || (fchmod(fileno(out_fp), sb.st_mode & 0777))
  77                 || (fchown(fileno(out_fp), sb.st_uid, sb.st_gid))) {
  78                 fcntl(fileno(fp), F_SETLK, &lock);
  79                 fclose(fp);
  80                 fclose(out_fp);
  81                 return 1;
  82         }
  83
  84         continued = 0;
  85         snprintf(username, sizeof username, "%s:", pw->pw_name);
  86         rewind(fp);
  87         while (!feof(fp)) {
  88                 fgets(buffer, sizeof buffer, fp);
  89                 if (!continued) { /* Check to see if we're updating this line.  */
  90                         if (strncmp(username, buffer, strlen(username)) == 0) {
  91                                 /* we have a match. */
  92                                 pw_rest = strchr(buffer, ':');
  93                                 *pw_rest++ = '\0';
  94                                 pw_rest = strchr(pw_rest, ':');
  95                                 fprintf(out_fp, "%s:%s%s", buffer, crypt_pw, pw_rest);
  96                         } else {
  97                                 fputs(buffer, out_fp);
  98                         }
  99                 } else {
 100                         fputs(buffer, out_fp);
 101                 }
 102                 if (buffer[strlen(buffer) - 1] == '\n') {
 103                         continued = 0;
 104                 } else {
 105                         continued = 1;
 106                 }
 107                 memset(buffer, 0, sizeof buffer);
 108         }
 109
 110         if (fflush(out_fp) || fsync(fileno(out_fp)) || fclose(out_fp)) {
 111                 unlink(buf);
 112                 fcntl(fileno(fp), F_SETLK, &lock);
 113                 fclose(fp);
 114                 return 1;
 115         }
 116         if (rename(buf, filename) < 0) {
 117                 fcntl(fileno(fp), F_SETLK, &lock);
 118                 fclose(fp);
 119                 return 1;
 120         } else {
 121                 fcntl(fileno(fp), F_SETLK, &lock);
 122                 fclose(fp);
 123                 return 0;
 124         }
 125 }
 126
 127
 128 int passwd_main(int argc, char **argv)
 129 {
 130         enum {
 131                 OPT_algo = 0x1, /* -a - password algorithm */
 132                 OPT_lock = 0x2, /* -l - lock account */
 133                 OPT_unlock = 0x4, /* -u - unlock account */
 134                 OPT_delete = 0x8, /* -d - delete password */
 135                 OPT_lud = 0xe,
 136         };
 137         unsigned opt;
 138         char *opt_a;
 139         int amroot;
 140         char *cp;
 141         char *np;
 142         char *name;
 143         char *myname;
 144         int algo = 1;
 145         const struct passwd *pw;
 146
 147         amroot = (getuid() == 0);
 148         openlog("passwd", LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH);
 149         opt = getopt32(argc, argv, "a:lud", &opt_a);
 150         argc -= optind;
 151         argv += optind;
 152         if (opt & OPT_algo) algo = get_algo(opt_a); // -a
 153         if ((opt & OPT_lud) && (!argc || !amroot))
 154                 bb_show_usage();
 155
 156         myname = xstrdup(bb_getpwuid(NULL, getuid(), -1));
 157         name = myname;
 158         if (argc) name = argv[0];
 159
 160         pw = getpwnam(name);
 161         if (!pw) {
 162                 bb_error_msg_and_die("unknown user %s", name);
 163         }
 164         if (!amroot && pw->pw_uid != getuid()) {
 165                 syslog(LOG_WARNING, "can't change pwd for '%s'", name);
 166                 bb_error_msg_and_die("permission denied");
 167         }
 168         if (ENABLE_FEATURE_SHADOWPASSWDS) {
 169                 struct spwd *sp = getspnam(name);
 170                 if (!sp) bb_error_msg_and_die("unknown user %s", name);
 171                 cp = sp->sp_pwdp;
 172         } else cp = pw->pw_passwd;
 173
 174         np = name;
 175         safe_strncpy(crypt_passwd, cp, sizeof(crypt_passwd));
 176         if (!(opt & OPT_lud)) {
 177                 if (!amroot) {
 178                         if (cp[0] == '!') {
 179                                 syslog(LOG_WARNING, "password locked for '%s'", np);
 180                                 bb_error_msg_and_die("the password for %s cannot be changed", np);
 181                         }
 182                 }
 183                 printf("Changing password for %s\n", name);
 184                 if (new_password(pw, amroot, algo)) {
 185                         bb_error_msg_and_die("the password for %s is unchanged", name);
 186                 }
 187         } else if (opt & OPT_lock) {
 188                 if (crypt_passwd[0] != '!') {
 189                         memmove(&crypt_passwd[1], crypt_passwd,
 190                                         sizeof crypt_passwd - 1);
 191                         crypt_passwd[sizeof crypt_passwd - 1] = '\0';
 192                         crypt_passwd[0] = '!';
 193                 }
 194         } else if (opt & OPT_unlock) {
 195                 if (crypt_passwd[0] == '!') {
 196                         memmove(crypt_passwd, &crypt_passwd[1],
 197                                         sizeof crypt_passwd - 1);
 198                 }
 199         } else if (opt & OPT_delete) {
 200                 crypt_passwd[0] = '\0';
 201         }
 202         set_filesize_limit(30000);
 203         signal(SIGHUP, SIG_IGN);
 204         signal(SIGINT, SIG_IGN);
 205         signal(SIGQUIT, SIG_IGN);
 206         umask(077);
 207         xsetuid(0);
 208         if (!update_passwd(pw, crypt_passwd)) {
 209                 syslog(LOG_INFO, "password for '%s' changed by user '%s'", name,
 210                                 myname);
 211                 puts("Password changed");
 212         } else {
 213                 syslog(LOG_WARNING, "cannot update password file");
 214                 bb_error_msg_and_die("cannot update password file");
 215         }
 216         if (ENABLE_FEATURE_CLEAN_UP) free(myname);
 217         return 0;
 218 }
 219
 220
 221
 222 static int create_backup(const char *backup, FILE * fp)
 223 {
 224         struct stat sb;
 225         struct utimbuf ub;
 226         FILE *bkfp;
 227         int c, mask;
 228
 229         if (fstat(fileno(fp), &sb))
 230                 /* return -1; */
 231                 return 1;
 232
 233         mask = umask(077);
 234         bkfp = fopen(backup, "w");
 235         umask(mask);
 236         if (!bkfp)
 237                 /* return -1; */
 238                 return 1;
 239
 240         /* TODO: faster copy, not one-char-at-a-time.  --marekm */
 241         rewind(fp);
 242         while ((c = getc(fp)) != EOF) {
 243                 if (putc(c, bkfp) == EOF)
 244                         break;
 245         }
 246         if (c != EOF || fflush(bkfp)) {
 247                 fclose(bkfp);
 248                 /* return -1; */
 249                 return 1;
 250         }
 251         if (fclose(bkfp))
 252                 /* return -1; */
 253                 return 1;
 254
 255         ub.actime = sb.st_atime;
 256         ub.modtime = sb.st_mtime;
 257         utime(backup, &ub);
 258         return 0;
 259 }
 260
 261 static int i64c(int i)
 262 {
 263         if (i <= 0)
 264                 return ('.');
 265         if (i == 1)
 266                 return ('/');
 267         if (i >= 2 && i < 12)
 268                 return ('0' - 2 + i);
 269         if (i >= 12 && i < 38)
 270                 return ('A' - 12 + i);
 271         if (i >= 38 && i < 63)
 272                 return ('a' - 38 + i);
 273         return ('z');
 274 }
 275
 276 static char *crypt_make_salt(void)
 277 {
 278         time_t now;
 279         static unsigned long x;
 280         static char result[3];
 281
 282         time(&now);
 283         x += now + getpid() + clock();
 284         result[0] = i64c(((x >> 18) ^ (x >> 6)) & 077);
 285         result[1] = i64c(((x >> 12) ^ x) & 077);
 286         result[2] = '\0';
 287         return result;
 288 }
 289
 290
 291 static int new_password(const struct passwd *pw, int amroot, int algo)
 292 {
 293         char *clear;
 294         char *cipher;
 295         char *cp;
 296         char salt[12]; /* "$N$XXXXXXXX" or "XX" */
 297         char orig[200];
 298         char pass[200];
 299
 300         if (!amroot && crypt_passwd[0]) {
 301                 clear = bb_askpass(0, "Old password:");
 302                 if (!clear) {
 303                         /* return -1; */
 304                         return 1;
 305                 }
 306                 cipher = pw_encrypt(clear, crypt_passwd);
 307                 if (strcmp(cipher, crypt_passwd) != 0) {
 308                         syslog(LOG_WARNING, "incorrect password for '%s'",
 309                                    pw->pw_name);
 310                         bb_do_delay(FAIL_DELAY);
 311                         puts("Incorrect password");
 312                         /* return -1; */
 313                         return 1;
 314                 }
 315                 safe_strncpy(orig, clear, sizeof(orig));
 316                 memset(clear, 0, strlen(clear));
 317                 memset(cipher, 0, strlen(cipher));
 318         } else {
 319                 orig[0] = '\0';
 320         }
 321         cp = bb_askpass(0, "Enter the new password (minimum of 5 characters).\n"
 322                            "Please use a combination of upper and lower case letters and numbers.\n"
 323                            "Enter new password: ");
 324         if (!cp ) {
 325                 memset(orig, 0, sizeof orig);
 326                 /* return -1; */
 327                 return 1;
 328         }
 329         safe_strncpy(pass, cp, sizeof(pass));
 330         memset(cp, 0, strlen(cp));
 331         /* if (!obscure(orig, pass, pw)) { */
 332         if (obscure(orig, pass, pw)) {
 333                 if (amroot) {
 334                         puts("\nWarning: weak password (continuing)");
 335                 } else {
 336                         /* return -1; */
 337                         return 1;
 338                 }
 339         }
 340         cp = bb_askpass(0, "Re-enter new password: ");
 341         if (!cp) {
 342                 memset(orig, 0, sizeof orig);
 343                 /* return -1; */
 344                 return 1;
 345         }
 346         if (strcmp(cp, pass)) {
 347                 puts("Passwords do not match");
 348                 /* return -1; */
 349                 return 1;
 350         }
 351         memset(cp, 0, strlen(cp));
 352         memset(orig, 0, sizeof(orig));
 353         memset(salt, 0, sizeof(salt));
 354
 355         if (algo == 1) {
 356                 strcpy(salt, "$1$");
 357                 strcat(salt, crypt_make_salt());
 358                 strcat(salt, crypt_make_salt());
 359                 strcat(salt, crypt_make_salt());
 360         }
 361
 362         strcat(salt, crypt_make_salt());
 363         cp = pw_encrypt(pass, salt);
 364
 365         memset(pass, 0, sizeof pass);
 366         safe_strncpy(crypt_passwd, cp, sizeof(crypt_passwd));
 367         return 0;
 368 }
 369
 370 static void set_filesize_limit(int blocks)
 371 {
 372         struct rlimit rlimit_fsize;
 373
 374         rlimit_fsize.rlim_cur = rlimit_fsize.rlim_max = 512L * blocks;
 375         setrlimit(RLIMIT_FSIZE, &rlimit_fsize);
 376 }