1/*
2 * Copyright (c) 1989, 1993
3 *	The Regents of the University of California.  All rights reserved.
4 *
5 * This code is derived from software contributed to Berkeley by
6 * Tony Nardo of the Johns Hopkins University/Applied Physics Lab.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 *    notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 *    may be used to endorse or promote products derived from this software
18 *    without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33/*
34 * Luke Mewburn <lm@rmit.edu.au> added the following on 940622:
35 *    - mail status ("No Mail", "Mail read:...", or "New Mail ...,
36 *	Unread since ...".)
37 *    - 4 digit phone extensions (3210 is printed as x3210.)
38 *    - host/office toggling in short format with -h & -o.
39 *    - short day names (`Tue' printed instead of `Jun 21' if the
40 *	login time is < 6 days.
41 */
42
43#ifndef lint
44static const char copyright[] =
45"@(#) Copyright (c) 1989, 1993\n\
46	The Regents of the University of California.  All rights reserved.\n";
47#endif /* not lint */
48
49#if 0
50#ifndef lint
51static char sccsid[] = "@(#)finger.c	8.5 (Berkeley) 5/4/95";
52#endif
53#endif
54
55#include <sys/cdefs.h>
56__FBSDID("$FreeBSD$");
57
58/*
59 * Finger prints out information about users.  It is not portable since
60 * certain fields (e.g. the full user name, office, and phone numbers) are
61 * extracted from the gecos field of the passwd file which other UNIXes
62 * may not have or may use for other things.
63 *
64 * There are currently two output formats; the short format is one line
65 * per user and displays login name, tty, login time, real name, idle time,
66 * and either remote host information (default) or office location/phone
67 * number, depending on if -h or -o is used respectively.
68 * The long format gives the same information (in a more legible format) as
69 * well as home directory, shell, mail info, and .plan/.project files.
70 */
71
72#include <sys/types.h>
73#include <sys/socket.h>
74#include <db.h>
75#include <err.h>
76#include <pwd.h>
77#include <stdio.h>
78#include <stdlib.h>
79#include <string.h>
80#include <time.h>
81#include <unistd.h>
82#include <utmpx.h>
83#include <locale.h>
84
85#include "finger.h"
86#include "pathnames.h"
87
88DB *db;
89time_t now;
90int entries, gflag, kflag, lflag, mflag, pplan, sflag, oflag;
91sa_family_t family = PF_UNSPEC;
92int d_first = -1;
93char tbuf[1024];
94int invoker_root = 0;
95
96static void loginlist(void);
97static int option(int, char **);
98static void usage(void);
99static void userlist(int, char **);
100
101static int
102option(int argc, char **argv)
103{
104	int ch;
105
106	optind = 1;		/* reset getopt */
107
108	while ((ch = getopt(argc, argv, "46gklmpsho")) != -1)
109		switch(ch) {
110		case '4':
111			family = AF_INET;
112			break;
113		case '6':
114			family = AF_INET6;
115			break;
116		case 'g':
117			gflag = 1;
118			break;
119		case 'k':
120			kflag = 1;		/* keep going without utmp */
121			break;
122		case 'l':
123			lflag = 1;		/* long format */
124			break;
125		case 'm':
126			mflag = 1;		/* force exact match of names */
127			break;
128		case 'p':
129			pplan = 1;		/* don't show .plan/.project */
130			break;
131		case 's':
132			sflag = 1;		/* short format */
133			break;
134		case 'h':
135			oflag = 0;		/* remote host info */
136			break;
137		case 'o':
138			oflag = 1;		/* office info */
139			break;
140		case '?':
141		default:
142			usage();
143		}
144
145	return optind;
146}
147
148static void
149usage(void)
150{
151	(void)fprintf(stderr,
152	    "usage: finger [-46gklmpsho] [user ...] [user@host ...]\n");
153	exit(1);
154}
155
156int
157main(int argc, char **argv)
158{
159	int envargc, argcnt;
160	char *envargv[3];
161	struct passwd *pw;
162	static char myname[] = "finger";
163
164	if (getuid() == 0 || geteuid() == 0) {
165		invoker_root = 1;
166		if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) {
167			if (setgid(pw->pw_gid) != 0)
168				err(1, "setgid()");
169			if (setuid(pw->pw_uid) != 0)
170				err(1, "setuid()");
171		} else {
172			if (setgid(UNPRIV_UGID) != 0)
173				err(1, "setgid()");
174			if (setuid(UNPRIV_UGID) != 0)
175				err(1, "setuid()");
176		}
177	}
178
179	(void) setlocale(LC_ALL, "");
180
181				/* remove this line to get remote host */
182	oflag = 1;		/* default to old "office" behavior */
183
184	/*
185	 * Process environment variables followed by command line arguments.
186	 */
187	if ((envargv[1] = getenv("FINGER"))) {
188		envargc = 2;
189		envargv[0] = myname;
190		envargv[2] = NULL;
191		(void) option(envargc, envargv);
192	}
193
194	argcnt = option(argc, argv);
195	argc -= argcnt;
196	argv += argcnt;
197
198	(void)time(&now);
199	setpassent(1);
200	if (!*argv) {
201		/*
202		 * Assign explicit "small" format if no names given and -l
203		 * not selected.  Force the -s BEFORE we get names so proper
204		 * screening will be done.
205		 */
206		if (!lflag)
207			sflag = 1;	/* if -l not explicit, force -s */
208		loginlist();
209		if (entries == 0)
210			(void)printf("No one logged on.\n");
211	} else {
212		userlist(argc, argv);
213		/*
214		 * Assign explicit "large" format if names given and -s not
215		 * explicitly stated.  Force the -l AFTER we get names so any
216		 * remote finger attempts specified won't be mishandled.
217		 */
218		if (!sflag)
219			lflag = 1;	/* if -s not explicit, force -l */
220	}
221	if (entries) {
222		if (lflag)
223			lflag_print();
224		else
225			sflag_print();
226	}
227	return (0);
228}
229
230static void
231loginlist(void)
232{
233	PERSON *pn;
234	DBT data, key;
235	struct passwd *pw;
236	struct utmpx *user;
237	int r, sflag1;
238
239	if (kflag)
240		errx(1, "can't list logins without reading utmp");
241
242	setutxent();
243	while ((user = getutxent()) != NULL) {
244		if (user->ut_type != USER_PROCESS)
245			continue;
246		if ((pn = find_person(user->ut_user)) == NULL) {
247			if ((pw = getpwnam(user->ut_user)) == NULL)
248				continue;
249			if (hide(pw))
250				continue;
251			pn = enter_person(pw);
252		}
253		enter_where(user, pn);
254	}
255	endutxent();
256	if (db && lflag)
257		for (sflag1 = R_FIRST;; sflag1 = R_NEXT) {
258			PERSON *tmp;
259
260			r = (*db->seq)(db, &key, &data, sflag1);
261			if (r == -1)
262				err(1, "db seq");
263			if (r == 1)
264				break;
265			memmove(&tmp, data.data, sizeof tmp);
266			enter_lastlog(tmp);
267		}
268}
269
270static void
271userlist(int argc, char **argv)
272{
273	PERSON *pn;
274	DBT data, key;
275	struct utmpx *user;
276	struct passwd *pw;
277	int r, sflag1, *used, *ip;
278	char **ap, **nargv, **np, **p;
279	FILE *conf_fp;
280	char conf_alias[LINE_MAX];
281	char *conf_realname;
282	int conf_length;
283
284	if ((nargv = malloc((argc+1) * sizeof(char *))) == NULL ||
285	    (used = calloc(argc, sizeof(int))) == NULL)
286		err(1, NULL);
287
288	/* Pull out all network requests. */
289	for (ap = p = argv, np = nargv; *p; ++p)
290		if (index(*p, '@'))
291			*np++ = *p;
292		else
293			*ap++ = *p;
294
295	*np++ = NULL;
296	*ap++ = NULL;
297
298	if (!*argv)
299		goto net;
300
301	/*
302	 * Mark any arguments beginning with '/' as invalid so that we
303	 * don't accidently confuse them with expansions from finger.conf
304	 */
305	for (p = argv, ip = used; *p; ++p, ++ip)
306	    if (**p == '/') {
307		*ip = 1;
308		warnx("%s: no such user", *p);
309	    }
310
311	/*
312	 * Traverse the finger alias configuration file of the form
313	 * alias:(user|alias), ignoring comment lines beginning '#'.
314	 */
315	if ((conf_fp = fopen(_PATH_FINGERCONF, "r")) != NULL) {
316	    while(fgets(conf_alias, sizeof(conf_alias), conf_fp) != NULL) {
317		conf_length = strlen(conf_alias);
318		if (*conf_alias == '#' || conf_alias[--conf_length] != '\n')
319		    continue;
320		conf_alias[conf_length] = '\0';      /* Remove trailing LF */
321		if ((conf_realname = strchr(conf_alias, ':')) == NULL)
322		    continue;
323		*conf_realname = '\0';               /* Replace : with NUL */
324		for (p = argv; *p; ++p) {
325		    if (strcmp(*p, conf_alias) == 0) {
326			if ((*p = strdup(conf_realname+1)) == NULL) {
327			    err(1, NULL);
328			}
329		    }
330		}
331	    }
332	    (void)fclose(conf_fp);
333	}
334
335	/*
336	 * Traverse the list of possible login names and check the login name
337	 * and real name against the name specified by the user. If the name
338	 * begins with a '/', try to read the file of that name instead of
339	 * gathering the traditional finger information.
340	 */
341	if (mflag)
342		for (p = argv, ip = used; *p; ++p, ++ip) {
343			if (**p != '/' || *ip == 1 || !show_text("", *p, "")) {
344				if (((pw = getpwnam(*p)) != NULL) && !hide(pw))
345					enter_person(pw);
346				else if (!*ip)
347					warnx("%s: no such user", *p);
348			}
349		}
350	else {
351		while ((pw = getpwent()) != NULL) {
352			for (p = argv, ip = used; *p; ++p, ++ip)
353				if (**p == '/' && *ip != 1
354				    && show_text("", *p, ""))
355					*ip = 1;
356				else if (match(pw, *p) && !hide(pw)) {
357					enter_person(pw);
358					*ip = 1;
359				}
360		}
361		for (p = argv, ip = used; *p; ++p, ++ip)
362			if (!*ip)
363				warnx("%s: no such user", *p);
364	}
365
366	/* Handle network requests. */
367net:	for (p = nargv; *p;) {
368		netfinger(*p++);
369		if (*p || entries)
370		    printf("\n");
371	}
372
373	free(used);
374	if (entries == 0)
375		return;
376
377	if (kflag)
378		return;
379
380	/*
381	 * Scan thru the list of users currently logged in, saving
382	 * appropriate data whenever a match occurs.
383	 */
384	setutxent();
385	while ((user = getutxent()) != NULL) {
386		if (user->ut_type != USER_PROCESS)
387			continue;
388		if ((pn = find_person(user->ut_user)) == NULL)
389			continue;
390		enter_where(user, pn);
391	}
392	endutxent();
393	if (db)
394		for (sflag1 = R_FIRST;; sflag1 = R_NEXT) {
395			PERSON *tmp;
396
397			r = (*db->seq)(db, &key, &data, sflag1);
398			if (r == -1)
399				err(1, "db seq");
400			if (r == 1)
401				break;
402			memmove(&tmp, data.data, sizeof tmp);
403			enter_lastlog(tmp);
404		}
405}
406