Annotation of src/usr.bin/skeyaudit/skeyaudit.c, Revision 1.26
1.26 ! tim 1: /* $OpenBSD: skeyaudit.c,v 1.25 2015/01/16 06:40:11 deraadt Exp $ */
1.2 millert 2:
3: /*
1.17 millert 4: * Copyright (c) 1997, 2000, 2003 Todd C. Miller <Todd.Miller@courtesan.com>
1.2 millert 5: *
1.20 millert 6: * Permission to use, copy, modify, and distribute this software for any
7: * purpose with or without fee is hereby granted, provided that the above
8: * copyright notice and this permission notice appear in all copies.
1.2 millert 9: *
1.20 millert 10: * THE SOFTWARE IS PROVIDED "AS IS" AND TODD C. MILLER DISCLAIMS ALL
11: * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
12: * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL TODD C. MILLER BE LIABLE
13: * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
15: * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
16: * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1.17 millert 17: *
18: * Sponsored in part by the Defense Advanced Research Projects
19: * Agency (DARPA) and Air Force Research Laboratory, Air Force
20: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
1.2 millert 21: */
22:
1.9 millert 23: #include <sys/wait.h>
24:
1.1 millert 25: #include <err.h>
26: #include <errno.h>
1.17 millert 27: #include <fcntl.h>
1.1 millert 28: #include <limits.h>
1.9 millert 29: #include <login_cap.h>
1.1 millert 30: #include <paths.h>
31: #include <pwd.h>
32: #include <stdio.h>
33: #include <stdlib.h>
34: #include <string.h>
35: #include <unistd.h>
36: #include <skey.h>
37:
1.12 millert 38: void notify(struct passwd *, int, int);
39: FILE *runsendmail(struct passwd *, int *);
1.14 millert 40: __dead void usage(void);
1.1 millert 41:
42: int
1.14 millert 43: main(int argc, char **argv)
1.1 millert 44: {
45: struct passwd *pw;
46: struct skey key;
1.6 millert 47: char *name;
1.14 millert 48: int ch, left, aflag, iflag, limit;
1.6 millert 49:
1.26 ! tim 50: if (pledge("stdio rpath wpath flock getpw proc exec id", NULL) == -1)
! 51: err(1, "pledge");
! 52:
1.17 millert 53: aflag = iflag = 0;
1.14 millert 54: limit = 12;
1.6 millert 55: while ((ch = getopt(argc, argv, "ail:")) != -1)
1.1 millert 56: switch(ch) {
1.6 millert 57: case 'a':
58: if (getuid() != 0)
59: errx(1, "only root may use the -a flag");
1.14 millert 60: aflag = 1;
1.6 millert 61: break;
1.1 millert 62: case 'i':
63: iflag = 1;
64: break;
65: case 'l':
66: errno = 0;
67: if ((limit = (int)strtol(optarg, NULL, 10)) == 0)
68: errno = ERANGE;
69: if (errno) {
70: warn("key limit");
71: usage();
72: }
73: break;
74: default:
75: usage();
1.26 ! tim 76: }
! 77:
! 78: if (iflag) {
! 79: if (pledge("stdio rpath wpath flock getpw", NULL) == -1)
! 80: err(1, "pledge");
1.1 millert 81: }
82:
1.17 millert 83: /*
84: * Make sure STDIN_FILENO, STDOUT_FILENO, and STDERR_FILENO are open.
85: * If not, open /dev/null in their place or bail.
86: * If we are in interactive mode, STDOUT_FILENO *must* be open.
87: */
88: for (ch = STDIN_FILENO; ch <= STDERR_FILENO; ch++) {
1.22 millert 89: if (fcntl(ch, F_GETFL, 0) == -1 && errno == EBADF) {
1.17 millert 90: if (ch == STDOUT_FILENO && iflag)
91: exit(1); /* need stdout for -i */
92: if (open(_PATH_DEVNULL, O_RDWR, 0644) == -1)
93: exit(1); /* just bail */
94: }
95: }
96:
1.1 millert 97: if (argc - optind > 0)
98: usage();
99:
1.6 millert 100: /* Need key.keyfile zero'd at the very least */
101: (void)memset(&key, 0, sizeof(key));
102:
1.17 millert 103: left = 0;
1.6 millert 104: if (aflag) {
105: while ((ch = skeygetnext(&key)) == 0) {
1.1 millert 106: left = key.n - 1;
1.6 millert 107: if ((pw = getpwnam(key.logname)) == NULL)
108: continue;
109: if (left >= limit)
110: continue;
1.17 millert 111: (void)fclose(key.keyfile);
112: key.keyfile = NULL;
1.9 millert 113: notify(pw, left, iflag);
1.6 millert 114: }
115: if (ch == -1)
1.13 millert 116: errx(-1, "cannot open %s", _PATH_SKEYDIR);
1.6 millert 117: } else {
118: if ((pw = getpwuid(getuid())) == NULL)
119: errx(1, "no passwd entry for uid %u", getuid());
120: if ((name = strdup(pw->pw_name)) == NULL)
121: err(1, "cannot allocate memory");
122: sevenbit(name);
123:
1.14 millert 124: switch (skeylookup(&key, name)) {
1.6 millert 125: case 0: /* Success! */
126: left = key.n - 1;
127: break;
128: case -1: /* File error */
1.14 millert 129: errx(1, "cannot open %s/%s", _PATH_SKEYDIR,
130: name);
1.6 millert 131: break;
132: case 1: /* Unknown user */
1.14 millert 133: errx(1, "user %s is not listed in %s", name,
1.13 millert 134: _PATH_SKEYDIR);
1.6 millert 135: }
136: (void)fclose(key.keyfile);
137:
1.14 millert 138: if (left < limit)
1.9 millert 139: notify(pw, left, iflag);
1.1 millert 140: }
1.6 millert 141:
1.14 millert 142: exit(0);
1.6 millert 143: }
1.1 millert 144:
1.6 millert 145: void
1.14 millert 146: notify(struct passwd *pw, int seq, int interactive)
1.6 millert 147: {
1.25 deraadt 148: static char hostname[HOST_NAME_MAX+1];
1.14 millert 149: pid_t pid;
1.6 millert 150: FILE *out;
1.1 millert 151:
1.6 millert 152: /* Only set this once */
153: if (hostname[0] == '\0' && gethostname(hostname, sizeof(hostname)) == -1)
1.15 millert 154: strlcpy(hostname, "unknown", sizeof(hostname));
1.1 millert 155:
1.6 millert 156: if (interactive)
1.1 millert 157: out = stdout;
1.6 millert 158: else
1.9 millert 159: out = runsendmail(pw, &pid);
1.1 millert 160:
1.6 millert 161: if (!interactive)
1.1 millert 162: (void)fprintf(out,
1.23 deraadt 163: "Auto-Submitted: auto-generated\n"
1.9 millert 164: "To: %s\nSubject: IMPORTANT action required\n", pw->pw_name);
1.1 millert 165:
1.10 pjanzen 166: if (seq)
167: (void)fprintf(out,
1.1 millert 168: "\nYou are nearing the end of your current S/Key sequence for account\n\
169: %s on system %s.\n\n\
1.10 pjanzen 170: Your S/Key sequence number is now %d. When it reaches zero\n\
171: you will no longer be able to use S/Key to log into the system.\n\n",
1.9 millert 172: pw->pw_name, hostname, seq);
1.10 pjanzen 173: else
174: (void)fprintf(out,
175: "\nYou are at the end of your current S/Key sequence for account\n\
176: %s on system %s.\n\n\
177: At this point you can no longer use S/Key to log into the system.\n\n",
178: pw->pw_name, hostname);
179: (void)fprintf(out,
180: "Type \"skeyinit -s\" to reinitialize your sequence number.\n\n");
1.1 millert 181:
1.17 millert 182: if (!interactive) {
183: (void)fclose(out);
1.6 millert 184: (void)waitpid(pid, NULL, 0);
1.17 millert 185: }
1.1 millert 186: }
187:
1.6 millert 188: FILE *
1.14 millert 189: runsendmail(struct passwd *pw, pid_t *pidp)
1.6 millert 190: {
191: FILE *fp;
1.14 millert 192: int pfd[2];
193: pid_t pid;
1.6 millert 194:
195: if (pipe(pfd) < 0)
196: return(NULL);
197:
198: switch (pid = fork()) {
199: case -1: /* fork(2) failed */
200: (void)close(pfd[0]);
201: (void)close(pfd[1]);
202: return(NULL);
203: case 0: /* In child */
204: (void)close(pfd[1]);
205: (void)dup2(pfd[0], STDIN_FILENO);
206: (void)close(pfd[0]);
207:
208: /* Run sendmail as target user not root */
1.19 millert 209: if (getuid() == 0 &&
210: setusercontext(NULL, pw, pw->pw_uid, LOGIN_SETALL) != 0) {
1.9 millert 211: warn("cannot set user context");
212: _exit(127);
213: }
1.6 millert 214:
1.11 deraadt 215: execl(_PATH_SENDMAIL, "sendmail", "-t", (char *)NULL);
1.6 millert 216: warn("cannot run \"%s -t\"", _PATH_SENDMAIL);
217: _exit(127);
218: }
219:
220: /* In parent */
221: *pidp = pid;
222: fp = fdopen(pfd[1], "w");
223: (void)close(pfd[0]);
224:
225: return(fp);
226: }
1.14 millert 227:
228: __dead void
229: usage(void)
1.1 millert 230: {
1.14 millert 231: extern char *__progname;
232:
1.24 sobrado 233: (void)fprintf(stderr, "usage: %s [-ai] [-l limit]\n",
1.1 millert 234: __progname);
235: exit(1);
236: }