$NetBSD: patch-ac,v 1.3 2002/07/16 15:01:50 taca Exp $ --- password/poppassd.c.orig Tue Jul 16 15:20:21 2002 +++ password/poppassd.c @@ -167,8 +167,13 @@ /* LANMAN allows up to 14 char passwords (truncates if longer), but tacacs only seems to allow 11. */ +#ifndef PASSWD_BINARY #define PASSWD_BINARY "/usr/bin/passwd" /* TBD: config.h */ +#endif + +#ifndef SMBPASSWD_BINARY #define SMBPASSWD_BINARY "/usr/bin/smbpasswd" /* TBD: config.h */ +#endif #include "config.h" @@ -294,6 +299,7 @@ pop_result auth_user ( POP *p, char *pas static char *P1[] = { + "changing local password for *\nold password: ", /* BSD */ "changing password for *\nold password: ", /* shadow */ "enter login password: ", /* Solaris */ "old smb password: ", /* smb */ @@ -323,6 +329,7 @@ static char *P4[] = { "password changed. ", /* shadow */ "password changed ", /* smb */ + "password changed for user *\n", /* smb */ "" }; @@ -346,14 +353,13 @@ char *smb_binary = SM #define RUN_PASSWD 1 #define RUN_SMBPASSWD 2 - int main ( int argc, char *argv[] ) { char line [BUFSIZE] = ""; char oldpass [BUFSIZE] = ""; char newpass [BUFSIZE] = ""; int nopt = -1; - static char options [] = "dl:p:Rs:t:vy:?"; + static char options [] = "dhl:Pp:RSs:t:vy:"; int mode = 0; char *ptr = NULL; POP p; @@ -375,8 +381,6 @@ int main ( int argc, char *argv[] ) pname = ptr + 1; } - openlog ( pname, POP_LOGOPTS, LOG_LOCAL2 ); - /* * Set up some stuff in -p- so we can call Qpopper routines */ @@ -384,6 +388,17 @@ int main ( int argc, char *argv[] ) p.AuthType = noauth; p.myname = pname; +#ifndef POP_FACILITY +# if defined(OSF1) || defined(LINUX) +# define POP_FACILITY LOG_MAIL +# else +# define POP_FACILITY LOG_LOCAL0 +# endif /* OSF1 or Linux */ +#endif /* POP_FACILITY not defined */ + + p.log_facility = (log_facility_type) POP_FACILITY; + openlog ( pname, POP_LOGOPTS, p.log_facility ); + /* * Handle command-line options */ @@ -392,9 +407,9 @@ int main ( int argc, char *argv[] ) { switch (nopt) { - case '?': - fprintf ( stderr, "%s [-?] [-d] [-l 0|1|2] [-p [passd-path]] " - "[-R] [-s [smbpasswd-path]]\n\t" + case 'h': + fprintf ( stderr, "%s [-h] [-d] [-l 0|1|2] [-p [passd-path]] " + "[-P] [-R] [-S] [-s [smbpasswd-path]]\n\t" "[-t trace-file] [-v] [-y log-facility]\n", pname ); exit (1); @@ -411,20 +426,34 @@ int main ( int argc, char *argv[] ) verbose = TRUE; break; + case 'S': + mode |= RUN_SMBPASSWD; + TRACE ( trace_file, POP_DEBUG, HERE, + "Changing SMB password enabled" ); + break; + + case 's': mode |= RUN_SMBPASSWD; if ( optarg != NULL && *optarg != '\0' ) smb_binary = optarg; TRACE ( trace_file, POP_DEBUG, HERE, - "Changing SMB passwords using %s", smb_binary ); + "Changing SMB password using %s", smb_binary ); break; + case 'P': + mode |= RUN_PASSWD; + TRACE ( trace_file, POP_DEBUG, HERE, + "Changing standard password enabled" ); + break; + + case 'p': mode |= RUN_PASSWD; if ( optarg != NULL && *optarg != '\0' ) pwd_binary = optarg; TRACE ( trace_file, POP_DEBUG, HERE, - "Changing standard passwords using %s", pwd_binary ); + "Changing standard password using %s", pwd_binary ); break; case 't': @@ -671,6 +700,7 @@ void runchild ( char *userid, char *oldp emess[0] ? emess : "Unable to change password"); exit(1); } + close ( master ); /* done with the pty */ wpid = waitpid ( pid, &wstat, 0 ); if ( wpid < 0 ) @@ -700,8 +730,6 @@ void runchild ( char *userid, char *oldp WriteToClient ("500 Server error (abnormal exit), get help!"); exit(1); } - - close ( master ); /* done with the pty */ } else /* Child */ { @@ -782,6 +810,11 @@ int dochild (int master, char *slavedev, chdir ("/"); umask (0); + if (setlogin(userid) < 0) { + err_msg ( HERE, "setlogin failed: %m" ); + return(0); + } + /* * Become the user and run passwd. Linux shadowed passwd doesn't need * to be run as root with the username passed on the command line. @@ -950,8 +983,12 @@ int match (char *str, char *pat) strlen(pat), debug_str(pat, strlen(pat), 1) ); while (*str && *pat) { - if (*pat == '*') - break; + if (*pat == '*') { + pat++; + while (*str != '\0' && *str != '\n') + *str++; + continue; + } /* ignore multiple space sequences */ if (*pat == ' ' && isspace (*str)) {