nekral-guest 9a7f5c6b16 * lib/shadow.c: Replace strtol() by getlong(). Also detect more
issues in a numerical shadow entry field.
2009-04-10 22:35:14 +00:00

538 lines
10 KiB
C

/*
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
* Copyright (c) 2009 , Nicolas François
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the copyright holders or contributors may not be used to
* endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <config.h>
/* Newer versions of Linux libc already have shadow support. */
#ifndef HAVE_GETSPNAM
#ident "$Id$"
#include <sys/types.h>
#include "prototypes.h"
#include "defines.h"
#include <stdio.h>
#ifdef USE_NIS
static int nis_used;
static int nis_ignore;
static enum { native, start, middle, native2 } nis_state;
static int nis_bound;
static char *nis_domain;
static char *nis_key;
static int nis_keylen;
static char *nis_val;
static int nis_vallen;
#define IS_NISCHAR(c) ((c)=='+')
#endif
static FILE *shadow;
#define FIELDS 9
#define OFIELDS 5
#ifdef USE_NIS
/*
* __setspNIS - turn on or off NIS searches
*/
void __setspNIS (int flag)
{
nis_ignore = !flag;
if (nis_ignore) {
nis_used = 0;
}
}
/*
* bind_nis - bind to NIS server
*/
static int bind_nis (void)
{
if (yp_get_default_domain (&nis_domain))
return -1;
nis_bound = 1;
return 0;
}
#endif
/*
* setspent - initialize access to shadow text and DBM files
*/
void setspent (void)
{
if (shadow)
rewind (shadow);
else
shadow = fopen (SHADOW_FILE, "r");
#ifdef USE_NIS
nis_state = native;
#endif
}
/*
* endspent - terminate access to shadow text and DBM files
*/
void endspent (void)
{
if (shadow)
(void) fclose (shadow);
shadow = (FILE *) 0;
}
/*
* my_sgetspent - convert string in shadow file format to (struct spwd *)
*/
static struct spwd *my_sgetspent (const char *string)
{
static char spwbuf[BUFSIZ];
static struct spwd spwd;
char *fields[FIELDS];
char *cp;
char *cpp;
int i;
/*
* Copy string to local buffer. It has to be tokenized and we
* have to do that to our private copy.
*/
if (strlen (string) >= sizeof spwbuf)
return 0;
strcpy (spwbuf, string);
cp = strrchr (spwbuf, '\n');
if (NULL != cp)
*cp = '\0';
/*
* Tokenize the string into colon separated fields. Allow up to
* FIELDS different fields.
*/
for (cp = spwbuf, i = 0; *cp && i < FIELDS; i++) {
fields[i] = cp;
while (*cp && *cp != ':')
cp++;
if (*cp)
*cp++ = '\0';
}
if (i == (FIELDS - 1))
fields[i++] = cp;
if ((cp && *cp) || (i != FIELDS && i != OFIELDS))
return 0;
/*
* Start populating the structure. The fields are all in
* static storage, as is the structure we pass back. If we
* ever see a name with '+' as the first character, we try
* to turn on NIS processing.
*/
spwd.sp_namp = fields[0];
#ifdef USE_NIS
if (IS_NISCHAR (fields[0][0]))
nis_used = 1;
#endif
spwd.sp_pwdp = fields[1];
/*
* Get the last changed date. For all of the integer fields,
* we check for proper format. It is an error to have an
* incorrectly formatted number, unless we are using NIS.
*/
if (fields[2][0] == '\0') {
spwd.sp_lstchg = -1;
} else {
if (getlong (fields[2], &spwd.sp_lstchg) == 0) {
#ifdef USE_NIS
if (nis_used) {
spwd.sp_lstchg = -1;
} else
#endif
return 0;
} else if (spwd.sp_lstchg < 0) {
return 0;
}
}
/*
* Get the minimum period between password changes.
*/
if (fields[3][0] == '\0') {
spwd.sp_min = -1;
} else {
if (getlong (fields[3], &spwd.sp_min) == 0) {
#ifdef USE_NIS
if (nis_used) {
spwd.sp_min = -1;
} else
#endif
return 0;
} else if (spwd.sp_min < 0) {
return 0;
}
}
/*
* Get the maximum number of days a password is valid.
*/
if (fields[4][0] == '\0') {
spwd.sp_max = -1;
} else {
if (getlong (fields[4], &spwd.sp_max) == 0) {
#ifdef USE_NIS
if (nis_used) {
spwd.sp_max = -1;
} else
#endif
return 0;
} else if (spwd.sp_max < 0) {
return 0;
}
}
/*
* If there are only OFIELDS fields (this is a SVR3.2 /etc/shadow
* formatted file), initialize the other field members to -1.
*/
if (i == OFIELDS) {
spwd.sp_warn = -1;
spwd.sp_inact = -1;
spwd.sp_expire = -1;
spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
return &spwd;
}
/*
* Get the number of days of password expiry warning.
*/
if (fields[5][0] == '\0') {
spwd.sp_warn = -1;
} else {
if (getlong (fields[5], &spwd.sp_warn) == 0) {
#ifdef USE_NIS
if (nis_used) {
spwd.sp_warn = -1;
} else
#endif
return 0;
} else if (spwd.sp_warn < 0) {
return 0;
}
}
/*
* Get the number of days of inactivity before an account is
* disabled.
*/
if (fields[6][0] == '\0') {
spwd.sp_inact = -1;
} else {
if (getlong (fields[6], &spwd.sp_inact) == 0) {
#ifdef USE_NIS
if (nis_used) {
spwd.sp_inact = -1;
} else
#endif
return 0;
} else if (spwd.sp_inact < 0) {
return 0;
}
}
/*
* Get the number of days after the epoch before the account is
* set to expire.
*/
if (fields[7][0] == '\0') {
spwd.sp_expire = -1;
} else {
if (getlong (fields[7], &spwd.sp_expire) == 0) {
#ifdef USE_NIS
if (nis_used) {
spwd.sp_expire = -1;
} else
#endif
return 0;
} else if (spwd.sp_expire < 0) {
return 0;
}
}
/*
* This field is reserved for future use. But it isn't supposed
* to have anything other than a valid integer in it.
*/
if (fields[8][0] == '\0') {
spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
} else {
if (getlong (fields[8], &spwd.sp_flag) == 0) {
/* FIXME: add a getulong function */
#ifdef USE_NIS
if (nis_used) {
spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
} else
#endif
return 0;
} else if (spwd.sp_flag < 0) {
return 0;
}
}
return (&spwd);
}
/*
* fgetspent - get an entry from a /etc/shadow formatted stream
*/
struct spwd *fgetspent (FILE * fp)
{
char buf[BUFSIZ];
char *cp;
if (NULL == fp) {
return (0);
}
#ifdef USE_NIS
while (fgets (buf, (int) sizeof buf, fp) != (char *) 0)
#else
if (fgets (buf, (int) sizeof buf, fp) != (char *) 0)
#endif
{
cp = strchr (buf, '\n');
if (NULL != cp) {
*cp = '\0';
}
#ifdef USE_NIS
if (nis_ignore && IS_NISCHAR (buf[0])) {
continue;
}
#endif
return my_sgetspent (buf);
}
return 0;
}
/*
* getspent - get a (struct spwd *) from the current shadow file
*/
struct spwd *getspent (void)
{
#ifdef USE_NIS
int nis_1_user = 0;
struct spwd *val;
char buf[BUFSIZ];
#endif
if (!shadow)
setspent ();
#ifdef USE_NIS
again:
/*
* See if we are reading from the local file.
*/
if (nis_state == native || nis_state == native2) {
/*
* Get the next entry from the shadow file. Return NULL
* right away if there is none.
*/
val = fgetspent (shadow);
if (NULL == val)
return 0;
/*
* If this entry began with a NIS escape character, we have
* to see if this is just a single user, or if the entire
* map is being asked for.
*/
if (IS_NISCHAR (val->sp_namp[0])) {
if (val->sp_namp[1])
nis_1_user = 1;
else
nis_state = start;
}
/*
* If this isn't a NIS user and this isn't an escape to go
* use a NIS map, it must be a regular local user.
*/
if (nis_1_user == 0 && nis_state != start)
return val;
/*
* If this is an escape to use an NIS map, switch over to
* that bunch of code.
*/
if (nis_state == start)
goto again;
/*
* NEEDSWORK. Here we substitute pieces-parts of this entry.
*/
return 0;
} else {
if (nis_bound == 0) {
if (bind_nis ()) {
nis_state = native2;
goto again;
}
}
if (nis_state == start) {
if (yp_first (nis_domain, "shadow.bynam", &nis_key,
&nis_keylen, &nis_val, &nis_vallen)) {
nis_state = native2;
goto again;
}
nis_state = middle;
} else if (nis_state == middle) {
if (yp_next (nis_domain, "shadow.bynam", nis_key,
nis_keylen, &nis_key, &nis_keylen,
&nis_val, &nis_vallen)) {
nis_state = native2;
goto again;
}
}
return my_sgetspent (nis_val);
}
#else
return (fgetspent (shadow));
#endif
}
/*
* getspnam - get a shadow entry by name
*/
struct spwd *getspnam (const char *name)
{
struct spwd *sp;
#ifdef USE_NIS
char buf[BUFSIZ];
static char save_name[16];
int nis_disabled = 0;
#endif
setspent ();
#ifdef USE_NIS
/*
* Search the shadow.byname map for this user.
*/
if (!nis_ignore && !nis_bound)
bind_nis ();
if (!nis_ignore && nis_bound) {
char *cp;
if (yp_match (nis_domain, "shadow.byname", name,
strlen (name), &nis_val, &nis_vallen) == 0) {
cp = strchr (nis_val, '\n');
if (NULL != cp)
*cp = '\0';
nis_state = middle;
sp = my_sgetspent (nis_val);
if (NULL != sp) {
strcpy (save_name, sp->sp_namp);
nis_key = save_name;
nis_keylen = strlen (save_name);
}
endspent ();
return sp;
} else
nis_state = native2;
}
#endif
#ifdef USE_NIS
/*
* NEEDSWORK -- this is a mess, and it is the same mess in the
* other three files. I can't just blindly turn off NIS because
* this might be the first pass through the local files. In
* that case, I never discover that NIS is present.
*/
if (nis_used) {
nis_ignore++;
nis_disabled++;
}
#endif
while ((sp = getspent ()) != (struct spwd *) 0) {
if (strcmp (name, sp->sp_namp) == 0)
break;
}
#ifdef USE_NIS
if (nis_disabled)
nis_ignore--;
#endif
endspent ();
return (sp);
}
#else
extern int errno; /* warning: ANSI C forbids an empty source file */
#endif