shadow/libmisc/chkname.c

/*
 * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
 * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
 * SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko
 * SPDX-FileCopyrightText: 2005 - 2008, Nicolas François
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */

/*
 * is_valid_user_name(), is_valid_group_name() - check the new user/group
 * name for validity;
 * return values:
 *   true  - OK
 *   false - bad name
 */

#include <config.h>

#ident "$Id$"

#include <ctype.h>
#include "defines.h"
#include "chkname.h"

int allow_bad_names = false;

static bool is_valid_name (const char *name)
{
	if (allow_bad_names) {
		return true;
	}

	/*
         * User/group names must match gnu e-regex:
         *    [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
         *
         * as a non-POSIX, extension, allow "$" as the last char for
         * sake of Samba 3.x "add machine script"
         *
         * Also do not allow fully numeric names or just "." or "..".
         */
	int numeric;

	if ('\0' == *name ||
	    ('.' == *name && (('.' == name[1] && '\0' == name[2]) ||
			      '\0' == name[1])) ||
	    !((*name >= 'a' && *name <= 'z') ||
	      (*name >= 'A' && *name <= 'Z') ||
	      (*name >= '0' && *name <= '9') ||
	      *name == '_' ||
	      *name == '.')) {
		return false;
	}

	numeric = isdigit(*name);

	while ('\0' != *++name) {
		if (!((*name >= 'a' && *name <= 'z') ||
		      (*name >= 'A' && *name <= 'Z') ||
		      (*name >= '0' && *name <= '9') ||
		      *name == '_' ||
		      *name == '.' ||
		      *name == '-' ||
		      (*name == '$' && name[1] == '\0')
		     )) {
			return false;
		}
		numeric &= isdigit(*name);
	}

	return !numeric;
}

bool is_valid_user_name (const char *name)
{
	/*
	 * User names are limited by whatever utmp can
	 * handle.
	 */
	if (strlen (name) > USER_NAME_MAX_LENGTH) {
		return false;
	}

	return is_valid_name (name);
}

bool is_valid_group_name (const char *name)
{
	/*
	 * Arbitrary limit for group names.
	 * HP-UX 10 limits to 16 characters
	 */
	if (   (GROUP_NAME_MAX_LENGTH > 0)
	    && (strlen (name) > GROUP_NAME_MAX_LENGTH)) {
		return false;
	}

	return is_valid_name (name);
}
Make sure every source files are distributed with a copyright and license. Files with no license use the default 3-clauses BSD license. The copyright were mostly not recorded; they were updated according to the Changelog. "Julianne Frances Haugh and contributors" changed to "copyright holders and contributors". 2008-04-27 06:10:09 +05:30			`/*`
Update licensing info Closes #238 Update all files to list SPDX license shortname. Most files are BSD 3 clause license. The exceptions are: serge@sl ~/src/shadow$ git grep SPDX-License \| grep -v BSD-3-Clause contrib/atudel:# SPDX-License-Identifier: BSD-4-Clause lib/tcbfuncs.c: * SPDX-License-Identifier: 0BSD libmisc/salt.c: * SPDX-License-Identifier: Unlicense src/login_nopam.c: * SPDX-License-Identifier: Unlicense src/nologin.c: * SPDX-License-Identifier: BSD-2-Clause src/vipw.c: * SPDX-License-Identifier: GPL-2.0-or-later Signed-off-by: Serge Hallyn <serge@hallyn.com> 2021-12-05 21:05:27 +05:30			`* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh`
			`* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz`
			`* SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko`
			`* SPDX-FileCopyrightText: 2005 - 2008, Nicolas François`
Make sure every source files are distributed with a copyright and license. Files with no license use the default 3-clauses BSD license. The copyright were mostly not recorded; they were updated according to the Changelog. "Julianne Frances Haugh and contributors" changed to "copyright holders and contributors". 2008-04-27 06:10:09 +05:30			`*`
Update licensing info Closes #238 Update all files to list SPDX license shortname. Most files are BSD 3 clause license. The exceptions are: serge@sl ~/src/shadow$ git grep SPDX-License \| grep -v BSD-3-Clause contrib/atudel:# SPDX-License-Identifier: BSD-4-Clause lib/tcbfuncs.c: * SPDX-License-Identifier: 0BSD libmisc/salt.c: * SPDX-License-Identifier: Unlicense src/login_nopam.c: * SPDX-License-Identifier: Unlicense src/nologin.c: * SPDX-License-Identifier: BSD-2-Clause src/vipw.c: * SPDX-License-Identifier: GPL-2.0-or-later Signed-off-by: Serge Hallyn <serge@hallyn.com> 2021-12-05 21:05:27 +05:30			`* SPDX-License-Identifier: BSD-3-Clause`
Make sure every source files are distributed with a copyright and license. Files with no license use the default 3-clauses BSD license. The copyright were mostly not recorded; they were updated according to the Changelog. "Julianne Frances Haugh and contributors" changed to "copyright holders and contributors". 2008-04-27 06:10:09 +05:30			`*/`

[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`/*`
* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30			`* is_valid_user_name(), is_valid_group_name() - check the new user/group`
			`* name for validity;`
			`* return values:`
			`* true - OK`
			`* false - bad name`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`*/`

			`#include <config.h>`

Added the subversion svn:keywords property (Id) for proper identification. 2007-11-11 05:16:11 +05:30			`#ident "$Id$"`
[svn-upgrade] Integrating new upstream version, shadow (4.0.13) 2007-10-07 17:17:01 +05:30
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`#include <ctype.h>`
			`#include "defines.h"`
			`#include "chkname.h"`
* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30
chkname.c, pwck.c, useradd.c, usermod.c, newusers.c: Allow names that do not conform to standards Closes #121. Changelog: squashed commits fixing tab style Changelog: update 'return true' to match file's style (no parens). 2019-08-24 02:12:37 +05:30			`int allow_bad_names = false;`

* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30			`static bool is_valid_name (const char *name)`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`{`
chkname.c, pwck.c, useradd.c, usermod.c, newusers.c: Allow names that do not conform to standards Closes #121. Changelog: squashed commits fixing tab style Changelog: update 'return true' to match file's style (no parens). 2019-08-24 02:12:37 +05:30			`if (allow_bad_names) {`
			`return true;`
			`}`

[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`/*`
shadow: use relaxed usernames The groupadd from shadow does not allow upper case group names, the same is true for the upstream shadow. But distributions like Debian/Ubuntu/CentOS has their own way to cope with this problem, this patch is picked up from Fedora [1] to relax the usernames restrictions to allow the upper case group names, and the relaxation is POSIX compliant because POSIX indicate that usernames are composed of characters from the portable filename character set [A-Za-z0-9._-]. [1] https://src.fedoraproject.org/rpms/shadow-utils/blob/rawhide/f/shadow-4.8-goodname.patch Signed-off-by: Alexander Kanavin <alex@linutronix.de> 2022-08-16 17:16:22 +05:30			`* User/group names must match gnu e-regex:`
			`* [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?`
			`*`
			`* as a non-POSIX, extension, allow "$" as the last char for`
			`* sake of Samba 3.x "add machine script"`
			`*`
			`* Also do not allow fully numeric names or just "." or "..".`
			`*/`
			`int numeric;`
chkname.c, pwck.c, useradd.c, usermod.c, newusers.c: Allow names that do not conform to standards Closes #121. Changelog: squashed commits fixing tab style Changelog: update 'return true' to match file's style (no parens). 2019-08-24 02:12:37 +05:30
shadow: use relaxed usernames The groupadd from shadow does not allow upper case group names, the same is true for the upstream shadow. But distributions like Debian/Ubuntu/CentOS has their own way to cope with this problem, this patch is picked up from Fedora [1] to relax the usernames restrictions to allow the upper case group names, and the relaxation is POSIX compliant because POSIX indicate that usernames are composed of characters from the portable filename character set [A-Za-z0-9._-]. [1] https://src.fedoraproject.org/rpms/shadow-utils/blob/rawhide/f/shadow-4.8-goodname.patch Signed-off-by: Alexander Kanavin <alex@linutronix.de> 2022-08-16 17:16:22 +05:30			`if ('\0' == *name \|\|`
			`('.' == *name && (('.' == name[1] && '\0' == name[2]) \|\|`
			`'\0' == name[1])) \|\|`
			`!((name >= 'a' && name <= 'z') \|\|`
			`(name >= 'A' && name <= 'Z') \|\|`
			`(name >= '0' && name <= '9') \|\|`
			`*name == '_' \|\|`
			`*name == '.')) {`
* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30			`return false;`
			`}`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30
shadow: use relaxed usernames The groupadd from shadow does not allow upper case group names, the same is true for the upstream shadow. But distributions like Debian/Ubuntu/CentOS has their own way to cope with this problem, this patch is picked up from Fedora [1] to relax the usernames restrictions to allow the upper case group names, and the relaxation is POSIX compliant because POSIX indicate that usernames are composed of characters from the portable filename character set [A-Za-z0-9._-]. [1] https://src.fedoraproject.org/rpms/shadow-utils/blob/rawhide/f/shadow-4.8-goodname.patch Signed-off-by: Alexander Kanavin <alex@linutronix.de> 2022-08-16 17:16:22 +05:30			`numeric = isdigit(*name);`

* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30			`while ('\0' != *++name) {`
shadow: use relaxed usernames The groupadd from shadow does not allow upper case group names, the same is true for the upstream shadow. But distributions like Debian/Ubuntu/CentOS has their own way to cope with this problem, this patch is picked up from Fedora [1] to relax the usernames restrictions to allow the upper case group names, and the relaxation is POSIX compliant because POSIX indicate that usernames are composed of characters from the portable filename character set [A-Za-z0-9._-]. [1] https://src.fedoraproject.org/rpms/shadow-utils/blob/rawhide/f/shadow-4.8-goodname.patch Signed-off-by: Alexander Kanavin <alex@linutronix.de> 2022-08-16 17:16:22 +05:30			`if (!((name >= 'a' && name <= 'z') \|\|`
			`(name >= 'A' && name <= 'Z') \|\|`
			`(name >= '0' && name <= '9') \|\|`
			`*name == '_' \|\|`
			`*name == '.' \|\|`
			`*name == '-' \|\|`
			`(*name == '$' && name[1] == '\0')`
* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30			`)) {`
			`return false;`
			`}`
shadow: use relaxed usernames The groupadd from shadow does not allow upper case group names, the same is true for the upstream shadow. But distributions like Debian/Ubuntu/CentOS has their own way to cope with this problem, this patch is picked up from Fedora [1] to relax the usernames restrictions to allow the upper case group names, and the relaxation is POSIX compliant because POSIX indicate that usernames are composed of characters from the portable filename character set [A-Za-z0-9._-]. [1] https://src.fedoraproject.org/rpms/shadow-utils/blob/rawhide/f/shadow-4.8-goodname.patch Signed-off-by: Alexander Kanavin <alex@linutronix.de> 2022-08-16 17:16:22 +05:30			`numeric &= isdigit(*name);`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`}`

shadow: use relaxed usernames The groupadd from shadow does not allow upper case group names, the same is true for the upstream shadow. But distributions like Debian/Ubuntu/CentOS has their own way to cope with this problem, this patch is picked up from Fedora [1] to relax the usernames restrictions to allow the upper case group names, and the relaxation is POSIX compliant because POSIX indicate that usernames are composed of characters from the portable filename character set [A-Za-z0-9._-]. [1] https://src.fedoraproject.org/rpms/shadow-utils/blob/rawhide/f/shadow-4.8-goodname.patch Signed-off-by: Alexander Kanavin <alex@linutronix.de> 2022-08-16 17:16:22 +05:30			`return !numeric;`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`}`

* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30			`bool is_valid_user_name (const char *name)`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`{`
			`/*`
			`* User names are limited by whatever utmp can`
* libmisc/chkname.c: Remove outdated comments. 2008-12-23 03:38:13 +05:30			`* handle.`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`*/`
* lib/defines.h: Define USER_NAME_MAX_LENGTH, based on utmp and default to 32. * libmisc/chkname.c: Use USER_NAME_MAX_LENGTH. * src/login.c: Use USER_NAME_MAX_LENGTH instead of the default 32. username also needs to be bigger than USER_NAME_MAX_LENGTH because it has to be nul-terminated. 2009-04-23 02:12:48 +05:30			`if (strlen (name) > USER_NAME_MAX_LENGTH) {`
* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30			`return false;`
			`}`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30
* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30			`return is_valid_name (name);`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`}`

* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30			`bool is_valid_group_name (const char *name)`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`{`
			`/*`
* libmisc/chkname.c: Remove outdated comments. 2008-12-23 03:38:13 +05:30			`* Arbitrary limit for group names.`
			`* HP-UX 10 limits to 16 characters`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`*/`
* libmisc/chkname.c: Use a bool when possible instead of integers. * libmisc/chkname.c: Add brackets and parenthesis. 2008-12-24 04:12:22 +05:30			`if ( (GROUP_NAME_MAX_LENGTH > 0)`
			`&& (strlen (name) > GROUP_NAME_MAX_LENGTH)) {`
* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30			`return false;`
* libmisc/chkname.c: Use a bool when possible instead of integers. * libmisc/chkname.c: Add brackets and parenthesis. 2008-12-24 04:12:22 +05:30			`}`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30
* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp. check_user_name) renamed to is_valid_user_name (resp. is_valid_group_name). is_valid_user_name and is_valid_group_name return a bool. * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c, src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name and is_valid_group_name, following above change. * libmisc/chkname.c: Avoid implicit conversion of chars to booleans. Add brackets and parenthesis. 2008-05-26 02:28:16 +05:30			`return is_valid_name (name);`
[svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 17:14:02 +05:30			`}`
Make sure every source files are distributed with a copyright and license. Files with no license use the default 3-clauses BSD license. The copyright were mostly not recorded; they were updated according to the Changelog. "Julianne Frances Haugh and contributors" changed to "copyright holders and contributors". 2008-04-27 06:10:09 +05:30