X-Git-Url: https://git.cameronkatri.com/pw-darwin.git/blobdiff_plain/1b5065c251cfbf3b8a8f40c23b0a71b8365092a4..1191611aa1bf45ab42f08651b0234155c0e6605b:/libutil/pw_util.c diff --git a/libutil/pw_util.c b/libutil/pw_util.c index d219917..befd1fb 100644 --- a/libutil/pw_util.c +++ b/libutil/pw_util.c @@ -17,10 +17,6 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. @@ -58,8 +54,8 @@ static const char rcsid[] = #include #include -#include #include +#include #include #include #include @@ -71,7 +67,7 @@ static const char rcsid[] = #include #include -#include +#include "libutil.h" static pid_t editpid = -1; static int lockfd = -1; @@ -80,6 +76,7 @@ static char passwd_dir[PATH_MAX]; static char tempname[PATH_MAX]; static int initialized; +#if 0 void pw_cont(int sig) { @@ -87,6 +84,7 @@ pw_cont(int sig) if (editpid != -1) kill(editpid, sig); } +#endif /* * Initialize statics and set limits, signals & umask to try to avoid @@ -102,7 +100,7 @@ pw_init(const char *dir, const char *master) if (dir == NULL) { strcpy(passwd_dir, _PATH_ETC); } else { - if (strlen(dir) >= sizeof passwd_dir) { + if (strlen(dir) >= sizeof(passwd_dir)) { errno = ENAMETOOLONG; return (-1); } @@ -112,13 +110,13 @@ pw_init(const char *dir, const char *master) if (master == NULL) { if (dir == NULL) { strcpy(masterpasswd, _PATH_MASTERPASSWD); - } else if (snprintf(masterpasswd, sizeof masterpasswd, "%s/%s", - passwd_dir, _MASTERPASSWD) > sizeof masterpasswd) { + } else if (snprintf(masterpasswd, sizeof(masterpasswd), "%s/%s", + passwd_dir, _MASTERPASSWD) > (int)sizeof(masterpasswd)) { errno = ENAMETOOLONG; return (-1); } } else { - if (strlen(master) >= sizeof masterpasswd) { + if (strlen(master) >= sizeof(masterpasswd)) { errno = ENAMETOOLONG; return (-1); } @@ -181,11 +179,8 @@ pw_lock(void) for (;;) { struct stat st; - lockfd = open(masterpasswd, O_RDONLY, 0); - if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) == -1) - err(1, "%s", masterpasswd); - /* XXX vulnerable to race conditions */ - if (flock(lockfd, LOCK_EX|LOCK_NB) == -1) { + lockfd = flopen(masterpasswd, O_RDONLY|O_NONBLOCK|O_CLOEXEC, 0); + if (lockfd == -1) { if (errno == EWOULDBLOCK) { errx(1, "the password db file is busy"); } else { @@ -216,7 +211,7 @@ int pw_tmp(int mfd) { char buf[8192]; - ssize_t nr, nw; + ssize_t nr; const char *p; int tfd; @@ -226,16 +221,16 @@ pw_tmp(int mfd) ++p; else p = masterpasswd; - if (snprintf(tempname, sizeof tempname, "%.*spw.XXXXXX", - (int)(p - masterpasswd), masterpasswd) >= sizeof tempname) { + if (snprintf(tempname, sizeof(tempname), "%.*spw.XXXXXX", + (int)(p - masterpasswd), masterpasswd) >= (int)sizeof(tempname)) { errno = ENAMETOOLONG; return (-1); } if ((tfd = mkstemp(tempname)) == -1) return (-1); if (mfd != -1) { - while ((nr = read(mfd, buf, sizeof buf)) > 0) - if ((nw = write(tfd, buf, nr)) != nr) + while ((nr = read(mfd, buf, sizeof(buf))) > 0) + if (write(tfd, buf, (size_t)nr) != nr) break; if (nr != 0) { unlink(tempname); @@ -264,11 +259,13 @@ pw_mkdb(const char *user) /* child */ if (user == NULL) execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", - "-d", passwd_dir, tempname, NULL); + "-d", passwd_dir, tempname, (char *)NULL); else execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", - "-d", passwd_dir, "-u", user, tempname, NULL); + "-d", passwd_dir, "-u", user, tempname, + (char *)NULL); _exit(1); + /* NOTREACHED */ default: /* parent */ break; @@ -288,6 +285,8 @@ pw_mkdb(const char *user) int pw_edit(int notsetuid) { + struct sigaction sa, sa_int, sa_quit; + sigset_t oldsigset, nsigset; struct stat st1, st2; const char *editor; int pstat; @@ -296,27 +295,39 @@ pw_edit(int notsetuid) editor = _PATH_VI; if (stat(tempname, &st1) == -1) return (-1); + sa.sa_handler = SIG_IGN; + sigemptyset(&sa.sa_mask); + sa.sa_flags = 0; + sigaction(SIGINT, &sa, &sa_int); + sigaction(SIGQUIT, &sa, &sa_quit); + sigemptyset(&nsigset); + sigaddset(&nsigset, SIGCHLD); + sigprocmask(SIG_BLOCK, &nsigset, &oldsigset); switch ((editpid = fork())) { case -1: return (-1); case 0: - /* child */ + sigaction(SIGINT, &sa_int, NULL); + sigaction(SIGQUIT, &sa_quit, NULL); + sigprocmask(SIG_SETMASK, &oldsigset, NULL); if (notsetuid) { (void)setgid(getgid()); (void)setuid(getuid()); } errno = 0; - execlp(editor, basename(editor), tempname, NULL); + execlp(editor, basename(editor), tempname, (char *)NULL); _exit(errno); default: /* parent */ break; } for (;;) { - editpid = waitpid(editpid, &pstat, WUNTRACED); - if (editpid == -1) { + if (waitpid(editpid, &pstat, WUNTRACED) == -1) { + if (errno == EINTR) + continue; unlink(tempname); - return (-1); + editpid = -1; + break; } else if (WIFSTOPPED(pstat)) { raise(WSTOPSIG(pstat)); } else if (WIFEXITED(pstat) && WEXITSTATUS(pstat) == 0) { @@ -324,14 +335,17 @@ pw_edit(int notsetuid) break; } else { unlink(tempname); - *tempname = '\0'; editpid = -1; - return (-1); + break; } } + sigaction(SIGINT, &sa_int, NULL); + sigaction(SIGQUIT, &sa_quit, NULL); + sigprocmask(SIG_SETMASK, &oldsigset, NULL); if (stat(tempname, &st2) == -1) return (-1); - return (st1.st_mtime != st2.st_mtime); + return (st1.st_mtim.tv_sec != st2.st_mtim.tv_sec || + st1.st_mtim.tv_nsec != st2.st_mtim.tv_nsec); } /* @@ -365,7 +379,7 @@ pw_fini(void) * Compares two struct pwds. */ int -pw_equal(struct passwd *pw1, struct passwd *pw2) +pw_equal(const struct passwd *pw1, const struct passwd *pw2) { return (strcmp(pw1->pw_name, pw2->pw_name) == 0 && pw1->pw_uid == pw2->pw_uid && @@ -382,7 +396,7 @@ pw_equal(struct passwd *pw1, struct passwd *pw2) * Make a passwd line out of a struct passwd. */ char * -pw_make(struct passwd *pw) +pw_make(const struct passwd *pw) { char *line; @@ -390,23 +404,51 @@ pw_make(struct passwd *pw) pw->pw_passwd, (uintmax_t)pw->pw_uid, (uintmax_t)pw->pw_gid, pw->pw_class, (uintmax_t)pw->pw_change, (uintmax_t)pw->pw_expire, pw->pw_gecos, pw->pw_dir, pw->pw_shell); - return line; + return (line); +} + +/* + * Make a passwd line (in v7 format) out of a struct passwd + */ +char * +pw_make_v7(const struct passwd *pw) +{ + char *line; + + asprintf(&line, "%s:*:%ju:%ju:%s:%s:%s", pw->pw_name, + (uintmax_t)pw->pw_uid, (uintmax_t)pw->pw_gid, + pw->pw_gecos, pw->pw_dir, pw->pw_shell); + return (line); } /* - * Copy password file from one descriptor to another, replacing or adding - * a single record on the way. + * Copy password file from one descriptor to another, replacing, deleting + * or adding a single record on the way. */ int -pw_copy(int ffd, int tfd, struct passwd *pw, struct passwd *old_pw) +pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw) { char buf[8192], *end, *line, *p, *q, *r, t; struct passwd *fpw; - ssize_t len; - int eof; + const struct passwd *spw; + size_t len; + int eof, readlen; - if ((line = pw_make(pw)) == NULL) - return (-1); + if (old_pw == NULL && pw == NULL) + return (-1); + + spw = old_pw; + /* deleting a user */ + if (pw == NULL) { + line = NULL; + } else { + if ((line = pw_make(pw)) == NULL) + return (-1); + } + + /* adding a user */ + if (spw == NULL) + spw = pw; eof = 0; len = 0; @@ -421,7 +463,7 @@ pw_copy(int ffd, int tfd, struct passwd *pw, struct passwd *old_pw) if (q >= end) { if (eof) break; - if (q - p >= sizeof buf) { + if ((size_t)(q - p) >= sizeof(buf)) { warnx("passwd line too long"); errno = EINVAL; /* hack */ goto err; @@ -432,14 +474,16 @@ pw_copy(int ffd, int tfd, struct passwd *pw, struct passwd *old_pw) } else { p = q = end = buf; } - len = read(ffd, end, sizeof buf - (end - buf)); - if (len == -1) + readlen = read(ffd, end, sizeof(buf) - (end - buf)); + if (readlen == -1) goto err; + else + len = (size_t)readlen; if (len == 0 && p == buf) break; end += len; len = end - buf; - if (len < sizeof buf) { + if (len < (ssize_t)sizeof(buf)) { eof = 1; if (len > 0 && buf[len - 1] != '\n') ++len, *end++ = '\n'; @@ -459,51 +503,77 @@ pw_copy(int ffd, int tfd, struct passwd *pw, struct passwd *old_pw) } /* is it the one we're looking for? */ + t = *q; *q = '\0'; + fpw = pw_scan(r, PWSCAN_MASTER); + + /* + * fpw is either the struct passwd for the current line, + * or NULL if the line is malformed. + */ + *q = t; - if ((old_pw && !pw_equal(fpw, old_pw)) || - (!old_pw && strcmp(fpw->pw_name, pw->pw_name))) { + if (fpw == NULL || strcmp(fpw->pw_name, spw->pw_name) != 0) { /* nope */ - free(fpw); + if (fpw != NULL) + free(fpw); if (write(tfd, p, q - p + 1) != q - p + 1) goto err; ++q; continue; } - free(fpw); - - /* it is, replace it */ - len = strlen(line); - if (write(tfd, line, len) != len) + if (old_pw && !pw_equal(fpw, old_pw)) { + warnx("entry inconsistent"); + free(fpw); + errno = EINVAL; /* hack */ goto err; + } + free(fpw); + /* it is, replace or remove it */ + if (line != NULL) { + len = strlen(line); + if (write(tfd, line, len) != (int)len) + goto err; + } else { + /* when removed, avoid the \n */ + q++; + } /* we're done, just copy the rest over */ for (;;) { if (write(tfd, q, end - q) != end - q) goto err; q = buf; - len = read(ffd, buf, sizeof buf); - if (len == 0) + readlen = read(ffd, buf, sizeof(buf)); + if (readlen == 0) break; - if (len == -1) + else + len = (size_t)readlen; + if (readlen == -1) goto err; end = buf + len; } goto done; } - /* if we got here, we have a new entry */ + /* if we got here, we didn't find the old entry */ + if (line == NULL) { + errno = ENOENT; + goto err; + } len = strlen(line); - if (write(tfd, line, len) != len || + if ((size_t)write(tfd, line, len) != len || write(tfd, "\n", 1) != 1) goto err; done: - free(line); + if (line != NULL) + free(line); return (0); err: - free(line); + if (line != NULL) + free(line); return (-1); } @@ -521,45 +591,52 @@ pw_tempname(void) * Duplicate a struct passwd. */ struct passwd * -pw_dup(struct passwd *pw) +pw_dup(const struct passwd *pw) { + char *dst; struct passwd *npw; - size_t len; + ssize_t len; - len = sizeof *npw + - (pw->pw_name ? strlen(pw->pw_name) + 1 : 0) + - (pw->pw_passwd ? strlen(pw->pw_passwd) + 1 : 0) + - (pw->pw_class ? strlen(pw->pw_class) + 1 : 0) + - (pw->pw_gecos ? strlen(pw->pw_gecos) + 1 : 0) + - (pw->pw_dir ? strlen(pw->pw_dir) + 1 : 0) + - (pw->pw_shell ? strlen(pw->pw_shell) + 1 : 0); - if ((npw = malloc(len)) == NULL) + len = sizeof(*npw); + if (pw->pw_name != NULL) + len += strlen(pw->pw_name) + 1; + if (pw->pw_passwd != NULL) + len += strlen(pw->pw_passwd) + 1; + if (pw->pw_class != NULL) + len += strlen(pw->pw_class) + 1; + if (pw->pw_gecos != NULL) + len += strlen(pw->pw_gecos) + 1; + if (pw->pw_dir != NULL) + len += strlen(pw->pw_dir) + 1; + if (pw->pw_shell != NULL) + len += strlen(pw->pw_shell) + 1; + if ((npw = malloc((size_t)len)) == NULL) return (NULL); - memcpy(npw, pw, sizeof *npw); - len = sizeof *npw; - if (pw->pw_name) { - npw->pw_name = ((char *)npw) + len; - len += sprintf(npw->pw_name, "%s", pw->pw_name) + 1; + memcpy(npw, pw, sizeof(*npw)); + dst = (char *)npw + sizeof(*npw); + if (pw->pw_name != NULL) { + npw->pw_name = dst; + dst = stpcpy(npw->pw_name, pw->pw_name) + 1; } - if (pw->pw_passwd) { - npw->pw_passwd = ((char *)npw) + len; - len += sprintf(npw->pw_passwd, "%s", pw->pw_passwd) + 1; + if (pw->pw_passwd != NULL) { + npw->pw_passwd = dst; + dst = stpcpy(npw->pw_passwd, pw->pw_passwd) + 1; } - if (pw->pw_class) { - npw->pw_class = ((char *)npw) + len; - len += sprintf(npw->pw_class, "%s", pw->pw_class) + 1; + if (pw->pw_class != NULL) { + npw->pw_class = dst; + dst = stpcpy(npw->pw_class, pw->pw_class) + 1; } - if (pw->pw_gecos) { - npw->pw_gecos = ((char *)npw) + len; - len += sprintf(npw->pw_gecos, "%s", pw->pw_gecos) + 1; + if (pw->pw_gecos != NULL) { + npw->pw_gecos = dst; + dst = stpcpy(npw->pw_gecos, pw->pw_gecos) + 1; } - if (pw->pw_dir) { - npw->pw_dir = ((char *)npw) + len; - len += sprintf(npw->pw_dir, "%s", pw->pw_dir) + 1; + if (pw->pw_dir != NULL) { + npw->pw_dir = dst; + dst = stpcpy(npw->pw_dir, pw->pw_dir) + 1; } - if (pw->pw_shell) { - npw->pw_shell = ((char *)npw) + len; - len += sprintf(npw->pw_shell, "%s", pw->pw_shell) + 1; + if (pw->pw_shell != NULL) { + npw->pw_shell = dst; + dst = stpcpy(npw->pw_shell, pw->pw_shell) + 1; } return (npw); }