2007-10-07 17:14:02 +05:30
|
|
|
/* Taken from logdaemon-5.0, only minimal changes. --marekm */
|
2021-12-05 21:05:27 +05:30
|
|
|
/*
|
|
|
|
|
* SPDX-FileCopyrightText: 1990 - 1995, Wietse Venema.
|
|
|
|
|
*
|
|
|
|
|
* SPDX-License-Identifier: Unlicense
|
|
|
|
|
*/
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
|
/************************************************************************
|
|
|
|
|
* Copyright 1995 by Wietse Venema. All rights reserved. Individual files
|
|
|
|
|
* may be covered by other copyrights (as noted in the file itself.)
|
|
|
|
|
*
|
|
|
|
|
* This material was originally written and compiled by Wietse Venema at
|
|
|
|
|
* Eindhoven University of Technology, The Netherlands, in 1990, 1991,
|
|
|
|
|
* 1992, 1993, 1994 and 1995.
|
|
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms are permitted
|
|
|
|
|
* provided that this entire copyright notice is duplicated in all such
|
2021-09-13 21:53:17 +05:30
|
|
|
* copies.
|
2007-10-07 17:14:02 +05:30
|
|
|
*
|
|
|
|
|
* This software is provided "as is" and without any expressed or implied
|
|
|
|
|
* warranties, including, without limitation, the implied warranties of
|
|
|
|
|
* merchantibility and fitness for any particular purpose.
|
|
|
|
|
************************************************************************/
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
|
#include <config.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
2007-10-07 17:16:07 +05:30
|
|
|
#ifndef USE_PAM
|
2007-11-11 05:16:11 +05:30
|
|
|
#ident "$Id$"
|
2007-10-07 17:17:01 +05:30
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
#include "prototypes.h"
|
2007-10-07 17:15:23 +05:30
|
|
|
/*
|
|
|
|
|
* This module implements a simple but effective form of login access
|
|
|
|
|
* control based on login names and on host (or domain) names, internet
|
|
|
|
|
* addresses (or network numbers), or on terminal line names in case of
|
|
|
|
|
* non-networked logins. Diagnostics are reported through syslog(3).
|
2021-09-13 21:53:17 +05:30
|
|
|
*
|
2007-10-07 17:15:23 +05:30
|
|
|
* Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
|
|
|
|
|
*/
|
2007-10-07 17:14:02 +05:30
|
|
|
#include <sys/types.h>
|
2023-02-01 18:20:48 +05:30
|
|
|
#include <stddef.h>
|
2007-10-07 17:14:02 +05:30
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <syslog.h>
|
|
|
|
|
#include <ctype.h>
|
|
|
|
|
#include <netdb.h>
|
|
|
|
|
#include <grp.h>
|
|
|
|
|
#ifdef PRIMARY_GROUP_MATCH
|
|
|
|
|
#include <pwd.h>
|
|
|
|
|
#endif
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <sys/socket.h>
|
|
|
|
|
#include <netinet/in.h>
|
2007-10-07 17:15:23 +05:30
|
|
|
#include <arpa/inet.h> /* for inet_ntoa() */
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
|
#if !defined(MAXHOSTNAMELEN) || (MAXHOSTNAMELEN < 64)
|
|
|
|
|
#undef MAXHOSTNAMELEN
|
|
|
|
|
#define MAXHOSTNAMELEN 256
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
/* Path name of the access control file. */
|
|
|
|
|
#ifndef TABLE
|
|
|
|
|
#define TABLE "/etc/login.access"
|
|
|
|
|
#endif
|
|
|
|
|
|
2007-10-07 17:17:01 +05:30
|
|
|
/* Delimiters for fields and for lists of users, ttys or hosts. */
|
2007-10-07 17:15:23 +05:30
|
|
|
static char fs[] = ":"; /* field separator */
|
|
|
|
|
static char sep[] = ", \t"; /* list-element separator */
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2008-06-10 00:05:32 +05:30
|
|
|
static bool list_match (char *list, const char *item, bool (*match_fn) (const char *, const char *));
|
|
|
|
|
static bool user_match (const char *tok, const char *string);
|
|
|
|
|
static bool from_match (const char *tok, const char *string);
|
|
|
|
|
static bool string_match (const char *tok, const char *string);
|
2008-01-06 17:37:42 +05:30
|
|
|
static const char *resolve_hostname (const char *string);
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
|
/* login_access - match username/group and host/tty with access control file */
|
2007-10-07 17:15:23 +05:30
|
|
|
int login_access (const char *user, const char *from)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2007-10-07 17:15:23 +05:30
|
|
|
FILE *fp;
|
|
|
|
|
char line[BUFSIZ];
|
|
|
|
|
char *perm; /* becomes permission field */
|
|
|
|
|
char *users; /* becomes list of login names */
|
|
|
|
|
char *froms; /* becomes list of terminals or hosts */
|
2008-06-10 00:05:32 +05:30
|
|
|
bool match = false;
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:15:23 +05:30
|
|
|
/*
|
|
|
|
|
* Process the table one line at a time and stop at the first match.
|
|
|
|
|
* Blank lines and lines that begin with a '#' character are ignored.
|
|
|
|
|
* Non-comment lines are broken at the ':' character. All fields are
|
|
|
|
|
* mandatory. The first field should be a "+" or "-" character. A
|
|
|
|
|
* non-existing table means no access control.
|
|
|
|
|
*/
|
2008-06-10 00:05:32 +05:30
|
|
|
fp = fopen (TABLE, "r");
|
|
|
|
|
if (NULL != fp) {
|
* src/newgrp.c: Limit the scope of variable pid.
* src/login_nopam.c: Limit the scope of variables end, lineno, i,
str_len.
* src/logoutd.c: Limit the scope of variable c.
* src/vipw.c: Re-indent.
* src/vipw.c: Close the file after the creation of the backup.
* src/useradd.c (set_default): Close input file on failure.
* src/useradd.c: Limit the scope of variables spool, file, fd, gr,
gid, mode.
* src/passwd.c: Limit the scope of variables last and ok.
* src/chage.c: Fix typo (non breaking space).
* src/login.c: Limit the scope of variables erasechar killchar, c,
failed.
* src/groups.c: Limit the scope of variable ngroups, pri_grp, i.
* src/id.c: Limit the scope of variable i.
2010-03-23 16:56:34 +05:30
|
|
|
int lineno = 0; /* for diagnostics */
|
* libmisc/console.c, libmisc/hushed.c, libmisc/yesno.c,
libmisc/loginprompt.c, libmisc/ttytype.c, libmisc/tz.c,
src/login_nopam.c, src/chpasswd.c, src/chgpasswd.c, lib/port.c:
The size argument of fgets is an int, not a size_t.
* libmisc/loginprompt.c: Ignore the return value from signal()
when the signal handlers are restored.
* src/chpasswd.c: Cast the return value of time() to a long
integer.
* src/chpasswd.c: Use the SCALE macro instead of (24L * 3600L)
for the values to be set in /etc/shadow.
2008-06-13 23:41:09 +05:30
|
|
|
while ( !match
|
2023-02-01 18:20:48 +05:30
|
|
|
&& (fgets (line, sizeof (line), fp) == line)) {
|
|
|
|
|
ptrdiff_t end;
|
2007-10-07 17:15:23 +05:30
|
|
|
lineno++;
|
2023-02-01 18:20:48 +05:30
|
|
|
end = strlen (line) - 1;
|
2023-01-30 17:24:49 +05:30
|
|
|
if (line[0] == '\0' || line[end] != '\n') {
|
2007-10-07 17:16:34 +05:30
|
|
|
SYSLOG ((LOG_ERR,
|
2007-10-07 17:17:01 +05:30
|
|
|
"%s: line %d: missing newline or line too long",
|
|
|
|
|
TABLE, lineno));
|
2007-10-07 17:15:23 +05:30
|
|
|
continue;
|
|
|
|
|
}
|
2008-06-10 00:05:32 +05:30
|
|
|
if (line[0] == '#') {
|
2007-10-07 17:15:23 +05:30
|
|
|
continue; /* comment line */
|
2008-06-10 00:05:32 +05:30
|
|
|
}
|
|
|
|
|
while (end > 0 && isspace (line[end - 1])) {
|
2007-10-07 17:15:23 +05:30
|
|
|
end--;
|
2008-06-10 00:05:32 +05:30
|
|
|
}
|
|
|
|
|
line[end] = '\0'; /* strip trailing whitespace */
|
|
|
|
|
if (line[0] == '\0') { /* skip blank lines */
|
2007-10-07 17:15:23 +05:30
|
|
|
continue;
|
2008-06-10 00:05:32 +05:30
|
|
|
}
|
|
|
|
|
if ( ((perm = strtok (line, fs)) == NULL)
|
2023-02-01 07:20:14 +05:30
|
|
|
|| ((users = strtok (NULL, fs)) == NULL)
|
|
|
|
|
|| ((froms = strtok (NULL, fs)) == NULL)
|
|
|
|
|
|| (strtok (NULL, fs) != NULL)) {
|
2007-10-07 17:16:34 +05:30
|
|
|
SYSLOG ((LOG_ERR,
|
2007-10-07 17:17:01 +05:30
|
|
|
"%s: line %d: bad field count",
|
|
|
|
|
TABLE, lineno));
|
2007-10-07 17:15:23 +05:30
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (perm[0] != '+' && perm[0] != '-') {
|
2007-10-07 17:16:34 +05:30
|
|
|
SYSLOG ((LOG_ERR,
|
2007-10-07 17:17:01 +05:30
|
|
|
"%s: line %d: bad first field",
|
|
|
|
|
TABLE, lineno));
|
2007-10-07 17:15:23 +05:30
|
|
|
continue;
|
|
|
|
|
}
|
2008-06-10 00:05:32 +05:30
|
|
|
match = ( list_match (froms, from, from_match)
|
|
|
|
|
&& list_match (users, user, user_match));
|
2007-10-07 17:15:23 +05:30
|
|
|
}
|
|
|
|
|
(void) fclose (fp);
|
|
|
|
|
} else if (errno != ENOENT) {
|
2008-09-13 23:33:50 +05:30
|
|
|
int err = errno;
|
|
|
|
|
SYSLOG ((LOG_ERR, "cannot open %s: %s", TABLE, strerror (err)));
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2008-06-10 00:05:32 +05:30
|
|
|
return (!match || (line[0] == '+'))?1:0;
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* list_match - match an item against a list of tokens with exceptions */
|
2008-06-10 00:05:32 +05:30
|
|
|
static bool list_match (char *list, const char *item, bool (*match_fn) (const char *, const char*))
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2007-10-07 17:15:23 +05:30
|
|
|
char *tok;
|
2008-06-10 00:05:32 +05:30
|
|
|
bool match = false;
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:15:23 +05:30
|
|
|
/*
|
|
|
|
|
* Process tokens one at a time. We have exhausted all possible matches
|
|
|
|
|
* when we reach an "EXCEPT" token or the end of the list. If we do find
|
|
|
|
|
* a match, look for an "EXCEPT" list and recurse to determine whether
|
|
|
|
|
* the match is affected by any exceptions.
|
|
|
|
|
*/
|
2023-02-01 07:20:14 +05:30
|
|
|
for (tok = strtok (list, sep); tok != NULL; tok = strtok (NULL, sep)) {
|
2008-06-10 00:05:32 +05:30
|
|
|
if (strcasecmp (tok, "EXCEPT") == 0) { /* EXCEPT: give up */
|
2007-10-07 17:15:23 +05:30
|
|
|
break;
|
2008-06-10 00:05:32 +05:30
|
|
|
}
|
|
|
|
|
match = (*match_fn) (tok, item);
|
|
|
|
|
if (match) {
|
2007-10-07 17:15:23 +05:30
|
|
|
break;
|
2008-06-10 00:05:32 +05:30
|
|
|
}
|
2007-10-07 17:15:23 +05:30
|
|
|
}
|
|
|
|
|
|
2007-10-07 17:17:01 +05:30
|
|
|
/* Process exceptions to matches. */
|
2008-06-10 00:05:32 +05:30
|
|
|
if (match) {
|
2023-02-01 07:20:14 +05:30
|
|
|
while ( ((tok = strtok (NULL, sep)) != NULL)
|
2008-06-10 00:05:32 +05:30
|
|
|
&& (strcasecmp (tok, "EXCEPT") != 0))
|
2007-10-07 17:15:23 +05:30
|
|
|
/* VOID */ ;
|
2023-02-01 07:20:14 +05:30
|
|
|
if (tok == 0 || !list_match (NULL, item, match_fn)) {
|
2007-10-07 17:15:23 +05:30
|
|
|
return (match);
|
2008-06-10 00:05:32 +05:30
|
|
|
}
|
2007-10-07 17:15:23 +05:30
|
|
|
}
|
2008-06-10 00:05:32 +05:30
|
|
|
return false;
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* myhostname - figure out local machine name */
|
2007-10-07 17:15:23 +05:30
|
|
|
static char *myhostname (void)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2007-10-07 17:15:23 +05:30
|
|
|
static char name[MAXHOSTNAMELEN + 1] = "";
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2008-06-10 00:05:32 +05:30
|
|
|
if (name[0] == '\0') {
|
2007-10-07 17:15:23 +05:30
|
|
|
gethostname (name, sizeof (name));
|
2008-06-10 00:05:32 +05:30
|
|
|
name[MAXHOSTNAMELEN] = '\0';
|
2007-10-07 17:15:23 +05:30
|
|
|
}
|
|
|
|
|
return (name);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
|
2007-11-16 17:02:42 +05:30
|
|
|
#if HAVE_INNETGR
|
2007-10-07 17:14:02 +05:30
|
|
|
/* netgroup_match - match group against machine or user */
|
2008-06-10 00:05:32 +05:30
|
|
|
static bool
|
2007-10-07 17:15:23 +05:30
|
|
|
netgroup_match (const char *group, const char *machine, const char *user)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2023-02-01 07:20:14 +05:30
|
|
|
static char *mydomain = NULL;
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2023-02-01 07:20:14 +05:30
|
|
|
if (mydomain == NULL) {
|
2007-10-07 17:15:23 +05:30
|
|
|
static char domain[MAXHOSTNAMELEN + 1];
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:15:23 +05:30
|
|
|
getdomainname (domain, MAXHOSTNAMELEN);
|
2007-10-07 17:14:02 +05:30
|
|
|
mydomain = domain;
|
|
|
|
|
}
|
|
|
|
|
|
2008-06-10 00:05:32 +05:30
|
|
|
return (innetgr (group, machine, user, mydomain) != 0);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2007-11-16 17:02:42 +05:30
|
|
|
#endif
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
|
/* user_match - match a username against one token */
|
2008-06-10 00:05:32 +05:30
|
|
|
static bool user_match (const char *tok, const char *string)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2007-10-07 17:15:23 +05:30
|
|
|
struct group *group;
|
|
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
#ifdef PRIMARY_GROUP_MATCH
|
2007-10-07 17:15:23 +05:30
|
|
|
struct passwd *userinf;
|
2007-10-07 17:14:02 +05:30
|
|
|
#endif
|
2007-10-07 17:15:23 +05:30
|
|
|
char *at;
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
|
/*
|
2007-10-07 17:15:23 +05:30
|
|
|
* If a token has the magic value "ALL" the match always succeeds.
|
2008-06-10 00:05:32 +05:30
|
|
|
* Otherwise, return true if the token fully matches the username, or if
|
2007-10-07 17:15:23 +05:30
|
|
|
* the token is a group that contains the username.
|
2007-10-07 17:14:02 +05:30
|
|
|
*/
|
2008-06-10 00:05:32 +05:30
|
|
|
at = strchr (tok + 1, '@');
|
|
|
|
|
if (NULL != at) { /* split user@host pattern */
|
|
|
|
|
*at = '\0';
|
|
|
|
|
return ( user_match (tok, string)
|
|
|
|
|
&& from_match (at + 1, myhostname ()));
|
2007-11-16 17:02:42 +05:30
|
|
|
#if HAVE_INNETGR
|
2007-10-07 17:15:23 +05:30
|
|
|
} else if (tok[0] == '@') { /* netgroup */
|
2023-02-01 07:20:14 +05:30
|
|
|
return (netgroup_match (tok + 1, NULL, string));
|
2007-11-16 17:02:42 +05:30
|
|
|
#endif
|
2007-10-07 17:15:23 +05:30
|
|
|
} else if (string_match (tok, string)) { /* ALL or exact match */
|
2008-06-10 00:05:32 +05:30
|
|
|
return true;
|
* lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
2007-11-19 04:45:26 +05:30
|
|
|
/* local, no need for xgetgrnam */
|
2008-06-10 00:05:32 +05:30
|
|
|
} else if ((group = getgrnam (tok)) != NULL) { /* try group membership */
|
* src/newgrp.c: Limit the scope of variable pid.
* src/login_nopam.c: Limit the scope of variables end, lineno, i,
str_len.
* src/logoutd.c: Limit the scope of variable c.
* src/vipw.c: Re-indent.
* src/vipw.c: Close the file after the creation of the backup.
* src/useradd.c (set_default): Close input file on failure.
* src/useradd.c: Limit the scope of variables spool, file, fd, gr,
gid, mode.
* src/passwd.c: Limit the scope of variables last and ok.
* src/chage.c: Fix typo (non breaking space).
* src/login.c: Limit the scope of variables erasechar killchar, c,
failed.
* src/groups.c: Limit the scope of variable ngroups, pri_grp, i.
* src/id.c: Limit the scope of variable i.
2010-03-23 16:56:34 +05:30
|
|
|
int i;
|
2008-06-10 00:05:32 +05:30
|
|
|
for (i = 0; NULL != group->gr_mem[i]; i++) {
|
|
|
|
|
if (strcasecmp (string, group->gr_mem[i]) == 0) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
2007-10-07 17:15:23 +05:30
|
|
|
#ifdef PRIMARY_GROUP_MATCH
|
|
|
|
|
/*
|
2007-11-18 06:50:10 +05:30
|
|
|
* If the string is an user whose initial GID matches the token,
|
2007-10-07 17:15:23 +05:30
|
|
|
* accept it. May avoid excessively long lines in /etc/group.
|
|
|
|
|
* Radu-Adrian Feurdean <raf@licj.soroscj.ro>
|
|
|
|
|
*
|
|
|
|
|
* XXX - disabled by default for now. Need to verify that
|
|
|
|
|
* getpwnam() doesn't have some nasty side effects. --marekm
|
|
|
|
|
*/
|
* lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
2007-11-19 04:45:26 +05:30
|
|
|
/* local, no need for xgetpwnam */
|
2008-06-10 00:05:32 +05:30
|
|
|
userinf = getpwnam (string);
|
|
|
|
|
if (NULL != userinf) {
|
|
|
|
|
if (userinf->pw_gid == group->gr_gid) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
2007-10-07 17:14:02 +05:30
|
|
|
#endif
|
2007-10-07 17:15:23 +05:30
|
|
|
}
|
2008-06-10 00:05:32 +05:30
|
|
|
return false;
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
|
2008-01-06 17:37:42 +05:30
|
|
|
static const char *resolve_hostname (const char *string)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2022-12-22 20:18:40 +05:30
|
|
|
int gai_err;
|
|
|
|
|
char *addr_str;
|
|
|
|
|
struct addrinfo *addrs;
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2023-01-20 00:03:53 +05:30
|
|
|
static char host[MAXHOSTNAMELEN];
|
|
|
|
|
|
2022-12-22 20:18:40 +05:30
|
|
|
gai_err = getaddrinfo(string, NULL, NULL, &addrs);
|
2023-01-20 00:03:53 +05:30
|
|
|
if (gai_err != 0) {
|
|
|
|
|
SYSLOG ((LOG_ERR, "getaddrinfo(%s): %s", string, gai_strerror(gai_err)));
|
|
|
|
|
return string;
|
|
|
|
|
}
|
Replace gethostbyname(3) by getaddrinfo(3)
gethostbyname(3) was removed in POSIX.1-2008. It has been obsoleted,
and replaced by getaddrinfo(3), which is superior in several ways:
- gethostbyname(3) is not reentrant. There's a GNU extension,
gethostbyname_r(3) which is reentrant, but it's not likely to be
standardized for the following reason. And we don't care too much
about this point either.
- gethostbyname(3) only supports IPv4, but getaddrinfo(3) supports both
IPv4 and IPv6 (and may support other address families in the future).
We don't care about reentrancy, so for keeping the code simple (i.e.,
not touch call site to add code to free(3) an allocated buffer), I added
a static buffer for inet_ntop(3). We could address that in the future,
but I don't think it's worth it.
BTW, we also replace inet_ntoa(3) by inet_ntop(3), as a consequence of
using getaddrinfo(3). inet_ntoa(3) is also marked as deprecated, but
that deprecation seems to have been documented only in the manual page,
and POSIX doesn't mark it as deprecated. The deprecation notice goes
back to when the inet_ntop(3) manual page was added by Sam Varshavchik
to the Linux man-pages in version 1.30 (year 2000).
So, this, apart from updating the code to POSIX.1-2008, is also adding
support for IPv6 :) Although, probably many other parts of the code are
written for IPv4 only, so I wouldn't yet claim support for it.
A few notes:
- I didn't check the return value of inet_ntop(3), since it can't fail
for the given input:
- EAFNOSUPPORT: We only call it with AF_INET and AF_INET6.
- ENOSPC: We calculate the size of the buffer to be wide enough:
MAX(INET_ADDRSTRLEN, INET6_ADDRSTRLEN) so it always fits.
Cc: Dave Hagewood <admin@arrowweb.com>
Cc: Sam Varshavchik
Cc: Jakub Jelinek <jakub@redhat.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2022-12-22 18:33:05 +05:30
|
|
|
|
2023-01-20 00:03:53 +05:30
|
|
|
addr_str = host;
|
|
|
|
|
gai_err = getnameinfo(addrs[0].ai_addr, addrs[0].ai_addrlen,
|
|
|
|
|
host, NITEMS(host), NULL, 0, NI_NUMERICHOST);
|
|
|
|
|
if (gai_err != 0) {
|
|
|
|
|
SYSLOG ((LOG_ERR, "getnameinfo(%s): %s", string, gai_strerror(gai_err)));
|
|
|
|
|
addr_str = string;
|
2008-06-10 00:05:32 +05:30
|
|
|
}
|
2007-10-07 17:14:02 +05:30
|
|
|
|
Replace gethostbyname(3) by getaddrinfo(3)
gethostbyname(3) was removed in POSIX.1-2008. It has been obsoleted,
and replaced by getaddrinfo(3), which is superior in several ways:
- gethostbyname(3) is not reentrant. There's a GNU extension,
gethostbyname_r(3) which is reentrant, but it's not likely to be
standardized for the following reason. And we don't care too much
about this point either.
- gethostbyname(3) only supports IPv4, but getaddrinfo(3) supports both
IPv4 and IPv6 (and may support other address families in the future).
We don't care about reentrancy, so for keeping the code simple (i.e.,
not touch call site to add code to free(3) an allocated buffer), I added
a static buffer for inet_ntop(3). We could address that in the future,
but I don't think it's worth it.
BTW, we also replace inet_ntoa(3) by inet_ntop(3), as a consequence of
using getaddrinfo(3). inet_ntoa(3) is also marked as deprecated, but
that deprecation seems to have been documented only in the manual page,
and POSIX doesn't mark it as deprecated. The deprecation notice goes
back to when the inet_ntop(3) manual page was added by Sam Varshavchik
to the Linux man-pages in version 1.30 (year 2000).
So, this, apart from updating the code to POSIX.1-2008, is also adding
support for IPv6 :) Although, probably many other parts of the code are
written for IPv4 only, so I wouldn't yet claim support for it.
A few notes:
- I didn't check the return value of inet_ntop(3), since it can't fail
for the given input:
- EAFNOSUPPORT: We only call it with AF_INET and AF_INET6.
- ENOSPC: We calculate the size of the buffer to be wide enough:
MAX(INET_ADDRSTRLEN, INET6_ADDRSTRLEN) so it always fits.
Cc: Dave Hagewood <admin@arrowweb.com>
Cc: Sam Varshavchik
Cc: Jakub Jelinek <jakub@redhat.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2022-12-22 18:33:05 +05:30
|
|
|
freeaddrinfo(addrs);
|
2022-12-22 20:18:40 +05:30
|
|
|
return addr_str;
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* from_match - match a host or tty against a list of tokens */
|
|
|
|
|
|
2008-06-10 00:05:32 +05:30
|
|
|
static bool from_match (const char *tok, const char *string)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2008-06-10 00:05:32 +05:30
|
|
|
size_t tok_len;
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:15:23 +05:30
|
|
|
/*
|
|
|
|
|
* If a token has the magic value "ALL" the match always succeeds. Return
|
2008-06-10 00:05:32 +05:30
|
|
|
* true if the token fully matches the string. If the token is a domain
|
|
|
|
|
* name, return true if it matches the last fields of the string. If the
|
|
|
|
|
* token has the magic value "LOCAL", return true if the string does not
|
|
|
|
|
* contain a "." character. If the token is a network number, return true
|
2007-10-07 17:15:23 +05:30
|
|
|
* if it matches the head of the string.
|
|
|
|
|
*/
|
2007-11-16 17:02:42 +05:30
|
|
|
#if HAVE_INNETGR
|
2007-10-07 17:15:23 +05:30
|
|
|
if (tok[0] == '@') { /* netgroup */
|
2023-02-01 07:20:14 +05:30
|
|
|
return (netgroup_match (tok + 1, string, NULL));
|
2007-11-16 17:02:42 +05:30
|
|
|
} else
|
|
|
|
|
#endif
|
|
|
|
|
if (string_match (tok, string)) { /* ALL or exact match */
|
2008-06-10 00:05:32 +05:30
|
|
|
return true;
|
2007-10-07 17:15:23 +05:30
|
|
|
} else if (tok[0] == '.') { /* domain: match last fields */
|
* src/newgrp.c: Limit the scope of variable pid.
* src/login_nopam.c: Limit the scope of variables end, lineno, i,
str_len.
* src/logoutd.c: Limit the scope of variable c.
* src/vipw.c: Re-indent.
* src/vipw.c: Close the file after the creation of the backup.
* src/useradd.c (set_default): Close input file on failure.
* src/useradd.c: Limit the scope of variables spool, file, fd, gr,
gid, mode.
* src/passwd.c: Limit the scope of variables last and ok.
* src/chage.c: Fix typo (non breaking space).
* src/login.c: Limit the scope of variables erasechar killchar, c,
failed.
* src/groups.c: Limit the scope of variable ngroups, pri_grp, i.
* src/id.c: Limit the scope of variable i.
2010-03-23 16:56:34 +05:30
|
|
|
size_t str_len;
|
2008-06-10 00:05:32 +05:30
|
|
|
str_len = strlen (string);
|
|
|
|
|
tok_len = strlen (tok);
|
|
|
|
|
if ( (str_len > tok_len)
|
|
|
|
|
&& (strcasecmp (tok, string + str_len - tok_len) == 0)) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2007-10-07 17:15:23 +05:30
|
|
|
} else if (strcasecmp (tok, "LOCAL") == 0) { /* local: no dots */
|
2008-06-10 00:05:32 +05:30
|
|
|
if (strchr (string, '.') == NULL) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2023-01-30 17:24:49 +05:30
|
|
|
} else if ( (tok[0] != '\0' && tok[(tok_len = strlen (tok)) - 1] == '.') /* network */
|
2008-06-10 00:05:32 +05:30
|
|
|
&& (strncmp (tok, resolve_hostname (string), tok_len) == 0)) {
|
|
|
|
|
return true;
|
2007-10-07 17:15:23 +05:30
|
|
|
}
|
2008-06-10 00:05:32 +05:30
|
|
|
return false;
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* string_match - match a string against one token */
|
2008-06-10 00:05:32 +05:30
|
|
|
static bool string_match (const char *tok, const char *string)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
|
|
|
|
|
2007-10-07 17:15:23 +05:30
|
|
|
/*
|
|
|
|
|
* If the token has the magic value "ALL" the match always succeeds.
|
2008-06-10 00:05:32 +05:30
|
|
|
* Otherwise, return true if the token fully matches the string.
|
2007-10-07 17:15:23 +05:30
|
|
|
*/
|
|
|
|
|
if (strcasecmp (tok, "ALL") == 0) { /* all: always matches */
|
2008-06-10 00:05:32 +05:30
|
|
|
return true;
|
2007-10-07 17:15:23 +05:30
|
|
|
} else if (strcasecmp (tok, string) == 0) { /* try exact match */
|
2008-06-10 00:05:32 +05:30
|
|
|
return true;
|
2007-10-07 17:15:23 +05:30
|
|
|
}
|
2008-06-10 00:05:32 +05:30
|
|
|
return false;
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2007-10-07 17:16:07 +05:30
|
|
|
|
2008-01-01 19:48:55 +05:30
|
|
|
#else /* !USE_PAM */
|
2022-12-21 23:32:25 +05:30
|
|
|
extern int ISO_C_forbids_an_empty_translation_unit;
|
2007-10-07 17:16:07 +05:30
|
|
|
#endif /* !USE_PAM */
|
