1/* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Tony Nardo of the Johns Hopkins University/Applied Physics Lab. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37#if 0 38#ifndef lint 39static char sccsid[] = "@(#)util.c 8.3 (Berkeley) 4/28/95"; 40#endif 41#endif 42 43#include <sys/cdefs.h> 44__FBSDID("$FreeBSD: src/usr.bin/finger/util.c,v 1.22 2005/09/19 10:11:47 dds Exp $"); 45 46#include <sys/param.h> 47#include <sys/socket.h> 48#include <sys/stat.h> 49#include <ctype.h> 50#include <db.h> 51#include <err.h> 52#include <errno.h> 53#include <fcntl.h> 54#include <paths.h> 55#include <pwd.h> 56#include <stdio.h> 57#include <stdlib.h> 58#include <string.h> 59#include <unistd.h> 60#include <utmpx.h> 61#include "finger.h" 62#include "pathnames.h" 63 64static void find_idle_and_ttywrite(WHERE *); 65static void userinfo(PERSON *, struct passwd *); 66static WHERE *walloc(PERSON *); 67 68int 69match(struct passwd *pw, const char *user) 70{ 71 char *p, *t; 72 char name[1024]; 73 74 if (!strcasecmp(pw->pw_name, user)) 75 return(1); 76 77 /* 78 * XXX 79 * Why do we skip asterisks!?!? 80 */ 81 (void)strncpy(p = tbuf, pw->pw_gecos, sizeof(tbuf)); 82 tbuf[sizeof(tbuf) - 1] = '\0'; 83 if (*p == '*') 84 ++p; 85 86 /* Ampersands get replaced by the login name. */ 87 if ((p = strtok(p, ",")) == NULL) 88 return(0); 89 90 for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) { 91 if (*t == '&') { 92 (void)strncpy(t, pw->pw_name, 93 sizeof(name) - (t - name)); 94 name[sizeof(name) - 1] = '\0'; 95 while (t < &name[sizeof(name) - 1] && *++t) 96 continue; 97 } else { 98 ++t; 99 } 100 } 101 *t = '\0'; 102 for (t = name; (p = strtok(t, "\t ")) != NULL; t = NULL) 103 if (!strcasecmp(p, user)) 104 return(1); 105 return(0); 106} 107 108void 109enter_lastlog(PERSON *pn) 110{ 111 WHERE *w; 112 struct lastlogx l, *ll; 113 char doit = 0; 114 115 if ((ll = getlastlogxbyname(pn->name, &l)) == NULL) { 116 bzero(&l, sizeof(l)); 117 ll = &l; 118 } 119 if ((w = pn->whead) == NULL) 120 doit = 1; 121 else if (ll->ll_tv.tv_sec != 0) { 122 /* if last login is earlier than some current login */ 123 for (; !doit && w != NULL; w = w->next) 124 if (w->info == LOGGEDIN && w->loginat < ll->ll_tv.tv_sec) 125 doit = 1; 126 /* 127 * and if it's not any of the current logins 128 * can't use time comparison because there may be a small 129 * discrepancy since login calls time() twice 130 */ 131 for (w = pn->whead; doit && w != NULL; w = w->next) 132 if (w->info == LOGGEDIN && 133 strncmp(w->tty, ll->ll_line, _UTX_LINESIZE) == 0) 134 doit = 0; 135 } 136 if (doit) { 137 w = walloc(pn); 138 w->info = LASTLOG; 139 bcopy(ll->ll_line, w->tty, _UTX_LINESIZE); 140 w->tty[_UTX_LINESIZE] = 0; 141 bcopy(ll->ll_host, w->host, _UTX_HOSTSIZE); 142 w->host[_UTX_HOSTSIZE] = 0; 143 w->loginat = ll->ll_tv.tv_sec; 144 } 145} 146 147void 148enter_where(struct utmpx *ut, PERSON *pn) 149{ 150 WHERE *w; 151 152 w = walloc(pn); 153 w->info = LOGGEDIN; 154 bcopy(ut->ut_line, w->tty, _UTX_LINESIZE); 155 w->tty[_UTX_LINESIZE] = 0; 156 bcopy(ut->ut_host, w->host, _UTX_HOSTSIZE); 157 w->host[_UTX_HOSTSIZE] = 0; 158 w->loginat = (time_t)ut->ut_tv.tv_sec; 159 find_idle_and_ttywrite(w); 160} 161 162PERSON * 163enter_person(struct passwd *pw) 164{ 165 DBT data, key; 166 PERSON *pn; 167 168 if (db == NULL && 169 (db = dbopen(NULL, O_RDWR, 0, DB_BTREE, NULL)) == NULL) 170 err(1, NULL); 171 172 key.data = pw->pw_name; 173 key.size = strlen(pw->pw_name); 174 175 switch ((*db->get)(db, &key, &data, 0)) { 176 case 0: 177 memmove(&pn, data.data, sizeof pn); 178 return (pn); 179 default: 180 case -1: 181 err(1, "db get"); 182 /* NOTREACHED */ 183 case 1: 184 ++entries; 185 pn = palloc(); 186 userinfo(pn, pw); 187 pn->whead = NULL; 188 189 data.size = sizeof(PERSON *); 190 data.data = &pn; 191 if ((*db->put)(db, &key, &data, 0)) 192 err(1, "db put"); 193 return (pn); 194 } 195} 196 197PERSON * 198find_person(const char *name) 199{ 200 struct passwd *pw; 201 202 int cnt; 203 DBT data, key; 204 PERSON *p; 205 char buf[_UTX_USERSIZE + 1]; 206 207 if (!db) 208 return(NULL); 209 210 if ((pw = getpwnam(name)) && hide(pw)) 211 return(NULL); 212 213 /* Name may be only _UTX_USERSIZE long and not NUL terminated. */ 214 for (cnt = 0; cnt < _UTX_USERSIZE && *name; ++name, ++cnt) 215 buf[cnt] = *name; 216 buf[cnt] = '\0'; 217 key.data = buf; 218 key.size = cnt; 219 220 if ((*db->get)(db, &key, &data, 0)) 221 return (NULL); 222 memmove(&p, data.data, sizeof p); 223 return (p); 224} 225 226PERSON * 227palloc(void) 228{ 229 PERSON *p; 230 231 if ((p = malloc(sizeof(PERSON))) == NULL) 232 err(1, NULL); 233 return(p); 234} 235 236static WHERE * 237walloc(PERSON *pn) 238{ 239 WHERE *w; 240 241 if ((w = malloc(sizeof(WHERE))) == NULL) 242 err(1, NULL); 243 if (pn->whead == NULL) 244 pn->whead = pn->wtail = w; 245 else { 246 pn->wtail->next = w; 247 pn->wtail = w; 248 } 249 w->next = NULL; 250 return(w); 251} 252 253char * 254prphone(char *num) 255{ 256 char *p; 257 int len; 258 static char pbuf[20]; 259 260 /* don't touch anything if the user has their own formatting */ 261 for (p = num; *p; ++p) 262 if (!isdigit(*p)) 263 return(num); 264 len = p - num; 265 p = pbuf; 266 switch(len) { 267 case 11: /* +0-123-456-7890 */ 268 *p++ = '+'; 269 *p++ = *num++; 270 *p++ = '-'; 271 /* FALLTHROUGH */ 272 case 10: /* 012-345-6789 */ 273 *p++ = *num++; 274 *p++ = *num++; 275 *p++ = *num++; 276 *p++ = '-'; 277 /* FALLTHROUGH */ 278 case 7: /* 012-3456 */ 279 *p++ = *num++; 280 *p++ = *num++; 281 *p++ = *num++; 282 break; 283 case 5: /* x0-1234 */ 284 case 4: /* x1234 */ 285 *p++ = 'x'; 286 *p++ = *num++; 287 break; 288 default: 289 return(num); 290 } 291 if (len != 4) { 292 *p++ = '-'; 293 *p++ = *num++; 294 } 295 *p++ = *num++; 296 *p++ = *num++; 297 *p++ = *num++; 298 *p = '\0'; 299 return(pbuf); 300} 301 302static void 303find_idle_and_ttywrite(WHERE *w) 304{ 305 struct stat sb; 306 time_t touched; 307 int error; 308 309 (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_DEV, w->tty); 310 311 error = stat(tbuf, &sb); 312 if (error < 0 && errno == ENOENT) { 313 /* 314 * The terminal listed is not actually a terminal (i.e., 315 * ":0"). This is a failure, so we'll skip printing 316 * out the idle time, which is non-ideal but better 317 * than a bogus warning and idle time. 318 */ 319 w->idletime = -1; 320 return; 321 } else if (error < 0) { 322 warn("%s", tbuf); 323 w->idletime = -1; 324 return; 325 } 326 touched = sb.st_atime; 327 if (touched < w->loginat) { 328 /* tty untouched since before login */ 329 touched = w->loginat; 330 } 331 w->idletime = now < touched ? 0 : now - touched; 332 333#define TALKABLE 0220 /* tty is writable if 220 mode */ 334 w->writable = ((sb.st_mode & TALKABLE) == TALKABLE); 335} 336 337static void 338userinfo(PERSON *pn, struct passwd *pw) 339{ 340 char *p, *t; 341 char *bp, name[1024]; 342 struct stat sb; 343 344 pn->realname = pn->office = pn->officephone = pn->homephone = NULL; 345 346 pn->uid = pw->pw_uid; 347 if ((pn->name = strdup(pw->pw_name)) == NULL) 348 err(1, "strdup failed"); 349 if ((pn->dir = strdup(pw->pw_dir)) == NULL) 350 err(1, "strdup failed"); 351 if ((pn->shell = strdup(pw->pw_shell)) == NULL) 352 err(1, "strdup failed"); 353 354 /* why do we skip asterisks!?!? */ 355 (void)strncpy(bp = tbuf, pw->pw_gecos, sizeof(tbuf)); 356 tbuf[sizeof(tbuf) - 1] = '\0'; 357 if (*bp == '*') 358 ++bp; 359 360 /* ampersands get replaced by the login name */ 361 if (!(p = strsep(&bp, ","))) 362 return; 363 for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) { 364 if (*t == '&') { 365 (void)strncpy(t, pw->pw_name, 366 sizeof(name) - (t - name)); 367 name[sizeof(name) - 1] = '\0'; 368 if (islower(*t)) 369 *t = toupper(*t); 370 while (t < &name[sizeof(name) - 1] && *++t) 371 continue; 372 } else { 373 ++t; 374 } 375 } 376 *t = '\0'; 377 if ((pn->realname = strdup(name)) == NULL) 378 err(1, "strdup failed"); 379 pn->office = ((p = strsep(&bp, ",")) && *p) ? 380 strdup(p) : NULL; 381 pn->officephone = ((p = strsep(&bp, ",")) && *p) ? 382 strdup(p) : NULL; 383 pn->homephone = ((p = strsep(&bp, ",")) && *p) ? 384 strdup(p) : NULL; 385 (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pw->pw_name); 386 pn->mailrecv = -1; /* -1 == not_valid */ 387 if (stat(tbuf, &sb) < 0) { 388 if (errno != ENOENT) { 389 warn("%s", tbuf); 390 return; 391 } 392 } else if (sb.st_size != 0) { 393 pn->mailrecv = sb.st_mtime; 394 pn->mailread = sb.st_atime; 395 } 396} 397 398/* 399 * Is this user hiding from finger? 400 * If ~<user>/.nofinger exists, return 1 (hide), else return 0 (nohide). 401 * Nobody can hide from root. 402 */ 403 404int 405hide(struct passwd *pw) 406{ 407 struct stat st; 408 char buf[MAXPATHLEN]; 409 410 if (invoker_root || !pw->pw_dir) 411 return 0; 412 413 snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER); 414 415 if (stat(buf, &st) == 0) 416 return 1; 417 418 return 0; 419} 420