#! /opt/local/bin/perl

# $Id: yppasswd,v 1.5 1999/08/09 18:01:44 jgsmith Exp $
#
# Copyright (c) 1999, Texas A&M University
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
#    must display the following acknowledgement:
#      This product includes software developed by Texas A&M University
#      and its contributors.
# 4. Neither the name of the University nor the names of its contributors
#    may be used to endorse or promote products derived from this software
#    without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTERS ``AS IS''
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

use Data::Dumper;
use yppasswd_private::Data;
use yppasswd_private::Constants;
use RPC::ONC;
use NIS::DBM;


sub check_password {
  my($oldpassword, $encpassword) = @_;

  return 1 if crypt($oldpasswd, $oldinfo->{'password'}) 
                eq $oldinfo->{'password'};

  # still need to check against root's password...
  my $rootpw = (getpwnam('root'))[1];
  return 1 if crypt($oldpasswd, $rootpw) eq $rootpw;

  return 0;
}

sub yppasswdproc_update_master_1 {
  my($masterpasswd) = shift;
  my($info) = $masterpasswd->newpw;
  my($oldpasswd) = $masterpasswd->oldpass;

  my(%userinfo) = (password => $info->pw_passwd,
                   gecos => $info->pw_age, # Solaris is odd...
                   shell => $info->pw_gecos
                  );

  my %nisinfo;

  my $daemon = tie %nisinfo, 'NIS::DBM', { 'filename' => '/etc/accounts' };
  if(defined $daemon) {
    $daemon->set_option(FLUSH => 1);
    $daemon->set_option(CLOBBER => 1);
    $daemon->set_option(PUSH => 1);
    
    my $oldinfo = $nisinfo{$info->pw_name};

    # check passwords at this point...
    unless(check_password($oldpassword, $oldinfo->{'password'})) {
      $daemon->error(msg => "Unauthorized attempt to change passord for $$oldinfo{'username'}");
      return 1;
    }

    foreach my $k (keys %userinfo) {
      $oldinfo->{$k} = $userinfo{$k};
    }
    $nisinfo{$info->pw_name} = $oldinfo;
     return 0;
  } 
  return 1;
}

1;
