pw_scan.c revision 87347 
1/*-
2 * Copyright (c) 1990, 1993, 1994
3 *	The Regents of the University of California.  All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 *    must display the following acknowledgement:
15 *	This product includes software developed by the University of
16 *	California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 *    may be used to endorse or promote products derived from this software
19 *    without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34#ifndef lint
35#if 0
36static char sccsid[] = "@(#)pw_scan.c	8.3 (Berkeley) 4/2/94";
37#endif
38static const char rcsid[] =
39  "$FreeBSD: head/lib/libc/gen/pw_scan.c 87347 2001-12-04 12:31:02Z des $";
40#endif /* not lint */
41
42/*
43 * This module is used to "verify" password entries by chpass(1) and
44 * pwd_mkdb(8).
45 */
46
47#include <sys/param.h>
48
49#include <err.h>
50#include <errno.h>
51#include <fcntl.h>
52#include <pwd.h>
53#include <stdio.h>
54#include <string.h>
55#include <stdlib.h>
56#include <unistd.h>
57
58#include "pw_scan.h"
59
60/*
61 * Some software assumes that IDs are short.  We should emit warnings
62 * for id's which can not be stored in a short, but we are more liberal
63 * by default, warning for IDs greater than USHRT_MAX.
64 *
65 * If pw_big_ids_warning is anything other than -1 on entry to pw_scan()
66 * it will be set based on the existance of PW_SCAN_BIG_IDS in the
67 * environment.
68 */
69static int	pw_big_ids_warning = -1;
70
71int
72__pw_scan(char *bp, struct passwd *pw, int flags)
73{
74	uid_t id;
75	int root;
76	char *p, *sh;
77
78	if (pw_big_ids_warning == -1)
79		pw_big_ids_warning = getenv("PW_SCAN_BIG_IDS") == NULL ? 1 : 0;
80
81	pw->pw_fields = 0;
82	if (!(pw->pw_name = strsep(&bp, ":")))		/* login */
83		goto fmt;
84	root = !strcmp(pw->pw_name, "root");
85	if(pw->pw_name[0] && (pw->pw_name[0] != '+' || pw->pw_name[1] == '\0'))
86		pw->pw_fields |= _PWF_NAME;
87
88	if (!(pw->pw_passwd = strsep(&bp, ":")))	/* passwd */
89		goto fmt;
90	if(pw->pw_passwd[0]) pw->pw_fields |= _PWF_PASSWD;
91
92	if (!(p = strsep(&bp, ":")))			/* uid */
93		goto fmt;
94	if (p[0])
95		pw->pw_fields |= _PWF_UID;
96	else {
97		if (pw->pw_name[0] != '+' && pw->pw_name[0] != '-') {
98			if (flags & _PWSCAN_WARN)
99				warnx("no uid for user %s", pw->pw_name);
100			return (0);
101		}
102	}
103	id = strtoul(p, (char **)NULL, 10);
104	if (errno == ERANGE) {
105		if (flags & _PWSCAN_WARN)
106			warnx("%s > max uid value (%lu)", p, ULONG_MAX);
107		return (0);
108	}
109	if (root && id) {
110		if (flags & _PWSCAN_WARN)
111			warnx("root uid should be 0");
112		return (0);
113	}
114	if (flags & _PWSCAN_WARN && pw_big_ids_warning && id > USHRT_MAX) {
115		warnx("%s > recommended max uid value (%u)", p, USHRT_MAX);
116		/*return (0);*/ /* THIS SHOULD NOT BE FATAL! */
117	}
118	pw->pw_uid = id;
119
120	if (!(p = strsep(&bp, ":")))			/* gid */
121		goto fmt;
122	if(p[0]) pw->pw_fields |= _PWF_GID;
123	id = strtoul(p, (char **)NULL, 10);
124	if (errno == ERANGE) {
125		if (flags & _PWSCAN_WARN)
126			warnx("%s > max gid value (%lu)", p, ULONG_MAX);
127		return (0);
128	}
129	if (flags & _PWSCAN_WARN && pw_big_ids_warning && id > USHRT_MAX) {
130		warnx("%s > recommended max gid value (%u)", p, USHRT_MAX);
131		/* return (0); This should not be fatal! */
132	}
133	pw->pw_gid = id;
134
135	if (flags & _PWSCAN_MASTER ) {
136		if (!(pw->pw_class = strsep(&bp, ":")))		/* class */
137			goto fmt;
138		if(pw->pw_class[0]) pw->pw_fields |= _PWF_CLASS;
139
140		if (!(p = strsep(&bp, ":")))			/* change */
141			goto fmt;
142		if(p[0]) pw->pw_fields |= _PWF_CHANGE;
143		pw->pw_change = atol(p);
144
145		if (!(p = strsep(&bp, ":")))			/* expire */
146			goto fmt;
147		if(p[0]) pw->pw_fields |= _PWF_EXPIRE;
148		pw->pw_expire = atol(p);
149	}
150	if (!(pw->pw_gecos = strsep(&bp, ":")))		/* gecos */
151		goto fmt;
152	if(pw->pw_gecos[0]) pw->pw_fields |= _PWF_GECOS;
153
154	if (!(pw->pw_dir = strsep(&bp, ":")))			/* directory */
155		goto fmt;
156	if(pw->pw_dir[0]) pw->pw_fields |= _PWF_DIR;
157
158	if (!(pw->pw_shell = strsep(&bp, ":")))		/* shell */
159		goto fmt;
160
161	p = pw->pw_shell;
162	if (root && *p)					/* empty == /bin/sh */
163		for (setusershell();;) {
164			if (!(sh = getusershell())) {
165				if (flags & _PWSCAN_WARN)
166					warnx("warning, unknown root shell");
167				break;
168			}
169			if (!strcmp(p, sh))
170				break;
171		}
172	if(p[0]) pw->pw_fields |= _PWF_SHELL;
173
174	if ((p = strsep(&bp, ":"))) {			/* too many */
175fmt:
176		if (flags & _PWSCAN_WARN)
177			warnx("corrupted entry");
178		return (0);
179	}
180	return (1);
181}
182