Annotation of src/usr.bin/finger/util.c, Revision 1.27
1.27 ! millert 1: /* $OpenBSD: util.c,v 1.26 2014/10/17 20:16:13 millert Exp $ */
1.2 deraadt 2:
1.1 deraadt 3: /*
4: * Copyright (c) 1989 The Regents of the University of California.
5: * All rights reserved.
1.5 kstailey 6: * Portions Copyright (c) 1983, 1995, 1996 Eric P. Allman (woof!)
1.1 deraadt 7: *
8: * This code is derived from software contributed to Berkeley by
9: * Tony Nardo of the Johns Hopkins University/Applied Physics Lab.
10: *
11: * Redistribution and use in source and binary forms, with or without
12: * modification, are permitted provided that the following conditions
13: * are met:
14: * 1. Redistributions of source code must retain the above copyright
15: * notice, this list of conditions and the following disclaimer.
16: * 2. Redistributions in binary form must reproduce the above copyright
17: * notice, this list of conditions and the following disclaimer in the
18: * documentation and/or other materials provided with the distribution.
1.16 millert 19: * 3. Neither the name of the University nor the names of its contributors
1.1 deraadt 20: * may be used to endorse or promote products derived from this software
21: * without specific prior written permission.
22: *
23: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33: * SUCH DAMAGE.
34: */
35:
1.5 kstailey 36: #include <sys/types.h>
37: #include <sys/uio.h>
1.1 deraadt 38: #include <sys/param.h>
39: #include <sys/stat.h>
1.6 kstailey 40: #include <err.h>
1.1 deraadt 41: #include <stdio.h>
42: #include <stdlib.h>
43: #include <ctype.h>
44: #include <string.h>
45: #include <paths.h>
46: #include <errno.h>
1.11 millert 47: #include <fcntl.h>
1.5 kstailey 48: #include <unistd.h>
1.6 kstailey 49: #include <vis.h>
1.10 mickey 50: #include <err.h>
1.1 deraadt 51: #include "finger.h"
1.5 kstailey 52: #include "extern.h"
1.1 deraadt 53:
1.19 deraadt 54: char *estrdup(char *);
55: WHERE *walloc(PERSON *pn);
56: void find_idle_and_ttywrite(WHERE *);
57: void userinfo(PERSON *, struct passwd *);
1.13 deraadt 58:
1.5 kstailey 59: void
1.17 deraadt 60: find_idle_and_ttywrite(WHERE *w)
1.1 deraadt 61: {
62: struct stat sb;
63:
1.5 kstailey 64: (void)snprintf(tbuf, sizeof(tbuf), "%s%s", _PATH_DEV, w->tty);
1.1 deraadt 65: if (stat(tbuf, &sb) < 0) {
1.3 downsj 66: /* Don't bitch about it, just handle it... */
67: w->idletime = 0;
68: w->writable = 0;
69:
1.1 deraadt 70: return;
71: }
72: w->idletime = now < sb.st_atime ? 0 : now - sb.st_atime;
73:
74: #define TALKABLE 0220 /* tty is writable if 220 mode */
75: w->writable = ((sb.st_mode & TALKABLE) == TALKABLE);
76: }
77:
1.13 deraadt 78: char *
79: estrdup(char *s)
80: {
81: char *p = strdup(s);
1.14 deraadt 82: if (!p)
1.15 deraadt 83: err(1, "strdup");
1.13 deraadt 84: return (p);
85: }
86:
1.5 kstailey 87: void
1.17 deraadt 88: userinfo(PERSON *pn, struct passwd *pw)
1.1 deraadt 89: {
1.5 kstailey 90: char *p;
91: char *bp, name[1024];
1.1 deraadt 92: struct stat sb;
93:
94: pn->realname = pn->office = pn->officephone = pn->homephone = NULL;
95:
96: pn->uid = pw->pw_uid;
1.13 deraadt 97: pn->name = estrdup(pw->pw_name);
98: pn->dir = estrdup(pw->pw_dir);
99: pn->shell = estrdup(pw->pw_shell);
1.1 deraadt 100:
1.26 millert 101: (void)strlcpy(bp = tbuf, pw->pw_gecos, sizeof(tbuf));
1.1 deraadt 102:
103: /* ampersands get replaced by the login name */
1.5 kstailey 104: if (!(p = strsep(&bp, ",")))
1.1 deraadt 105: return;
1.5 kstailey 106: expandusername(p, pw->pw_name, name, sizeof(name));
1.27 ! millert 107: pn->realname = vs(name);
1.1 deraadt 108: pn->office = ((p = strsep(&bp, ",")) && *p) ?
1.27 ! millert 109: vs(p) : NULL;
1.1 deraadt 110: pn->officephone = ((p = strsep(&bp, ",")) && *p) ?
1.27 ! millert 111: vs(p) : NULL;
1.1 deraadt 112: pn->homephone = ((p = strsep(&bp, ",")) && *p) ?
1.27 ! millert 113: vs(p) : NULL;
1.5 kstailey 114: (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILSPOOL,
115: pw->pw_name);
1.1 deraadt 116: pn->mailrecv = -1; /* -1 == not_valid */
117: if (stat(tbuf, &sb) < 0) {
118: if (errno != ENOENT) {
1.12 millert 119: warn("%s", tbuf);
1.1 deraadt 120: return;
121: }
122: } else if (sb.st_size != 0) {
123: pn->mailrecv = sb.st_mtime;
124: pn->mailread = sb.st_atime;
125: }
126: }
127:
1.5 kstailey 128: int
1.17 deraadt 129: match(struct passwd *pw, char *user)
1.1 deraadt 130: {
1.5 kstailey 131: char *p, *t;
1.1 deraadt 132: char name[1024];
133:
1.26 millert 134: (void)strlcpy(p = tbuf, pw->pw_gecos, sizeof(tbuf));
1.1 deraadt 135:
136: /* ampersands get replaced by the login name */
137: if (!(p = strtok(p, ",")))
1.20 tedu 138: return (0);
1.5 kstailey 139: expandusername(p, pw->pw_name, name, sizeof(name));
1.7 kstailey 140: for (t = name; (p = strtok(t, "\t ")) != NULL; t = NULL)
1.1 deraadt 141: if (!strcasecmp(p, user))
1.20 tedu 142: return (1);
143: return (0);
1.1 deraadt 144: }
145:
1.5 kstailey 146: /* inspired by usr.sbin/sendmail/util.c::buildfname */
147: void
1.17 deraadt 148: expandusername(char *gecos, char *login, char *buf, int buflen)
1.5 kstailey 149: {
150: char *p, *bp;
151:
152: /* why do we skip asterisks!?!? */
153: if (*gecos == '*')
154: gecos++;
155: bp = buf;
156:
157: /* copy gecos, interpolating & to be full name */
158: for (p = gecos; *p != '\0'; p++) {
159: if (bp >= &buf[buflen - 1]) {
160: /* buffer overflow - just use login name */
1.21 niallo 161: strlcpy(buf, login, buflen);
1.5 kstailey 162: buf[buflen - 1] = '\0';
163: return;
164: }
165: if (*p == '&') {
166: /* interpolate full name */
1.21 niallo 167: strlcpy(bp, login, buflen - (bp - buf));
1.24 deraadt 168: *bp = toupper((unsigned char)*bp);
1.5 kstailey 169: bp += strlen(bp);
170: }
171: else
172: *bp++ = *p;
173: }
174: *bp = '\0';
175: }
176:
177: void
1.17 deraadt 178: enter_lastlog(PERSON *pn)
1.1 deraadt 179: {
1.5 kstailey 180: WHERE *w;
1.1 deraadt 181: static int opened, fd;
182: struct lastlog ll;
183: char doit = 0;
184:
185: /* some systems may not maintain lastlog, don't report errors. */
186: if (!opened) {
1.11 millert 187: fd = open(_PATH_LASTLOG, O_RDONLY);
1.1 deraadt 188: opened = 1;
189: }
190: if (fd == -1 ||
191: lseek(fd, (off_t)(pn->uid * sizeof(ll)), SEEK_SET) !=
1.8 deraadt 192: (long)(pn->uid * sizeof(ll)) ||
1.1 deraadt 193: read(fd, (char *)&ll, sizeof(ll)) != sizeof(ll)) {
194: /* as if never logged in */
1.5 kstailey 195: ll.ll_line[0] = ll.ll_host[0] = '\0';
1.1 deraadt 196: ll.ll_time = 0;
197: }
198: if ((w = pn->whead) == NULL)
199: doit = 1;
200: else if (ll.ll_time != 0) {
201: /* if last login is earlier than some current login */
202: for (; !doit && w != NULL; w = w->next)
203: if (w->info == LOGGEDIN && w->loginat < ll.ll_time)
204: doit = 1;
205: /*
206: * and if it's not any of the current logins
207: * can't use time comparison because there may be a small
208: * discrepency since login calls time() twice
209: */
210: for (w = pn->whead; doit && w != NULL; w = w->next)
211: if (w->info == LOGGEDIN &&
212: strncmp(w->tty, ll.ll_line, UT_LINESIZE) == 0)
213: doit = 0;
214: }
215: if (doit) {
216: w = walloc(pn);
217: w->info = LASTLOG;
218: bcopy(ll.ll_line, w->tty, UT_LINESIZE);
219: w->tty[UT_LINESIZE] = 0;
220: bcopy(ll.ll_host, w->host, UT_HOSTSIZE);
221: w->host[UT_HOSTSIZE] = 0;
222: w->loginat = ll.ll_time;
223: }
224: }
225:
1.5 kstailey 226: void
1.17 deraadt 227: enter_where(struct utmp *ut, PERSON *pn)
1.1 deraadt 228: {
1.5 kstailey 229: WHERE *w = walloc(pn);
1.1 deraadt 230:
231: w->info = LOGGEDIN;
232: bcopy(ut->ut_line, w->tty, UT_LINESIZE);
233: w->tty[UT_LINESIZE] = 0;
234: bcopy(ut->ut_host, w->host, UT_HOSTSIZE);
235: w->host[UT_HOSTSIZE] = 0;
236: w->loginat = (time_t)ut->ut_time;
237: find_idle_and_ttywrite(w);
238: }
239:
240: PERSON *
1.17 deraadt 241: enter_person(struct passwd *pw)
1.1 deraadt 242: {
1.5 kstailey 243: PERSON *pn, **pp;
1.1 deraadt 244:
245: for (pp = htab + hash(pw->pw_name);
1.20 tedu 246: *pp != NULL && strcmp((*pp)->name, pw->pw_name) != 0;
247: pp = &(*pp)->hlink)
1.1 deraadt 248: ;
249: if ((pn = *pp) == NULL) {
250: pn = palloc();
251: entries++;
252: if (phead == NULL)
253: phead = ptail = pn;
254: else {
255: ptail->next = pn;
256: ptail = pn;
257: }
258: pn->next = NULL;
259: pn->hlink = NULL;
260: *pp = pn;
261: userinfo(pn, pw);
262: pn->whead = NULL;
263: }
1.20 tedu 264: return (pn);
1.1 deraadt 265: }
266:
267: PERSON *
1.17 deraadt 268: find_person(char *name)
1.1 deraadt 269: {
1.5 kstailey 270: PERSON *pn;
1.1 deraadt 271:
272: /* name may be only UT_NAMESIZE long and not terminated */
273: for (pn = htab[hash(name)];
1.20 tedu 274: pn != NULL && strncmp(pn->name, name, UT_NAMESIZE) != 0;
275: pn = pn->hlink)
1.1 deraadt 276: ;
1.20 tedu 277: return (pn);
1.1 deraadt 278: }
279:
1.5 kstailey 280: int
1.17 deraadt 281: hash(char *name)
1.1 deraadt 282: {
1.5 kstailey 283: int h, i;
1.1 deraadt 284:
285: h = 0;
286: /* name may be only UT_NAMESIZE long and not terminated */
287: for (i = UT_NAMESIZE; --i >= 0 && *name;)
1.5 kstailey 288: h = ((h << 2 | h >> (HBITS - 2)) ^ *name++) & HMASK;
1.20 tedu 289: return (h);
1.1 deraadt 290: }
291:
292: PERSON *
1.17 deraadt 293: palloc(void)
1.1 deraadt 294: {
295: PERSON *p;
296:
1.10 mickey 297: if ((p = (PERSON *)malloc((u_int) sizeof(PERSON))) == NULL)
298: err(1, "malloc");
1.20 tedu 299: return (p);
1.1 deraadt 300: }
301:
302: WHERE *
1.17 deraadt 303: walloc(PERSON *pn)
1.1 deraadt 304: {
1.5 kstailey 305: WHERE *w;
1.1 deraadt 306:
1.10 mickey 307: if ((w = (WHERE *)malloc((u_int) sizeof(WHERE))) == NULL)
308: err(1, "malloc");
1.1 deraadt 309: if (pn->whead == NULL)
310: pn->whead = pn->wtail = w;
311: else {
312: pn->wtail->next = w;
313: pn->wtail = w;
314: }
315: w->next = NULL;
1.20 tedu 316: return (w);
1.1 deraadt 317: }
318:
319: char *
1.17 deraadt 320: prphone(char *num)
1.1 deraadt 321: {
1.5 kstailey 322: char *p;
1.1 deraadt 323: int len;
324: static char pbuf[15];
325:
326: /* don't touch anything if the user has their own formatting */
327: for (p = num; *p; ++p)
1.24 deraadt 328: if (!isdigit((unsigned char)*p))
1.20 tedu 329: return (num);
1.1 deraadt 330: len = p - num;
331: p = pbuf;
1.20 tedu 332: switch (len) {
1.1 deraadt 333: case 11: /* +0-123-456-7890 */
334: *p++ = '+';
335: *p++ = *num++;
336: *p++ = '-';
337: /* FALLTHROUGH */
338: case 10: /* 012-345-6789 */
339: *p++ = *num++;
340: *p++ = *num++;
341: *p++ = *num++;
342: *p++ = '-';
343: /* FALLTHROUGH */
344: case 7: /* 012-3456 */
345: *p++ = *num++;
346: *p++ = *num++;
347: *p++ = *num++;
348: break;
349: case 5: /* x0-1234 */
350: case 4: /* x1234 */
351: *p++ = 'x';
352: *p++ = *num++;
353: break;
354: default:
1.20 tedu 355: return (num);
1.1 deraadt 356: }
357: if (len != 4) {
358: *p++ = '-';
359: *p++ = *num++;
360: }
361: *p++ = *num++;
362: *p++ = *num++;
363: *p++ = *num++;
364: *p = '\0';
1.20 tedu 365: return (pbuf);
1.6 kstailey 366: }
367:
1.27 ! millert 368: /*
! 369: * Like strvis(), but use malloc() to get the space and returns a pointer
! 370: * to the destination string.
1.6 kstailey 371: *
1.9 millert 372: * The caller is responsible for free()'ing the returned string.
1.6 kstailey 373: */
374: char *
1.27 ! millert 375: vs(const char *src)
1.6 kstailey 376: {
1.9 millert 377: char *dst;
1.6 kstailey 378:
1.27 ! millert 379: /* This will allocate 3 extra bytes but gives overflow protection. */
! 380: dst = reallocarray(NULL, 4, strlen(src) + 1);
! 381: if (dst == NULL)
! 382: err(1, "reallocarray");
1.6 kstailey 383: strvis(dst, src, VIS_SAFE|VIS_NOSLASH);
1.20 tedu 384: return (dst);
1.1 deraadt 385: }