Annotation of src/usr.bin/sudo/getspwuid.c, Revision 1.1
1.1 ! millert 1: /*
! 2: * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com>
! 3: * All rights reserved.
! 4: *
! 5: * Redistribution and use in source and binary forms, with or without
! 6: * modification, are permitted provided that the following conditions
! 7: * are met:
! 8: *
! 9: * 1. Redistributions of source code must retain the above copyright
! 10: * notice, this list of conditions and the following disclaimer.
! 11: *
! 12: * 2. Redistributions in binary form must reproduce the above copyright
! 13: * notice, this list of conditions and the following disclaimer in the
! 14: * documentation and/or other materials provided with the distribution.
! 15: *
! 16: * 3. The name of the author may not be used to endorse or promote products
! 17: * derived from this software without specific prior written permission.
! 18: *
! 19: * 4. Products derived from this software may not be called "Sudo" nor
! 20: * may "Sudo" appear in their names without specific prior written
! 21: * permission from the author.
! 22: *
! 23: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
! 24: * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
! 25: * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
! 26: * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
! 27: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
! 28: * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
! 29: * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
! 30: * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
! 31: * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
! 32: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
! 33: */
! 34:
! 35: #include "config.h"
! 36:
! 37: #include <stdio.h>
! 38: #ifdef STDC_HEADERS
! 39: # include <stdlib.h>
! 40: #endif /* STDC_HEADERS */
! 41: #ifdef HAVE_STRING_H
! 42: # include <string.h>
! 43: #endif /* HAVE_STRING_H */
! 44: #ifdef HAVE_STRINGS_H
! 45: # include <strings.h>
! 46: #endif /* HAVE_STRINGS_H */
! 47: #ifdef HAVE_UNISTD_H
! 48: # include <unistd.h>
! 49: #endif /* HAVE_UNISTD_H */
! 50: #include <sys/types.h>
! 51: #include <sys/stat.h>
! 52: #include <sys/param.h>
! 53: #include <pwd.h>
! 54: #ifdef HAVE_GETSPNAM
! 55: # include <shadow.h>
! 56: #endif /* HAVE_GETSPNAM */
! 57: #ifdef HAVE_GETPRPWNAM
! 58: # ifdef __hpux
! 59: # undef MAXINT
! 60: # include <hpsecurity.h>
! 61: # else
! 62: # include <sys/security.h>
! 63: # endif /* __hpux */
! 64: # include <prot.h>
! 65: #endif /* HAVE_GETPRPWNAM */
! 66: #ifdef HAVE_GETPWANAM
! 67: # include <sys/label.h>
! 68: # include <sys/audit.h>
! 69: # include <pwdadj.h>
! 70: #endif /* HAVE_GETPWANAM */
! 71: #ifdef HAVE_GETAUTHUID
! 72: # include <auth.h>
! 73: #endif /* HAVE_GETAUTHUID */
! 74:
! 75: #include "sudo.h"
! 76:
! 77: #ifndef lint
! 78: static const char rcsid[] = "$Sudo: getspwuid.c,v 1.55 1999/10/07 21:20:57 millert Exp $";
! 79: #endif /* lint */
! 80:
! 81: #ifndef STDC_HEADERS
! 82: extern char *getenv __P((const char *));
! 83: #endif /* !STDC_HEADERS */
! 84:
! 85: /*
! 86: * Global variables (yuck)
! 87: */
! 88: #if defined(HAVE_GETPRPWNAM) && defined(__alpha)
! 89: int crypt_type = INT_MAX;
! 90: #endif /* HAVE_GETPRPWNAM && __alpha */
! 91:
! 92:
! 93: /*
! 94: * Local functions not visible outside getspwuid.c
! 95: */
! 96: static char *sudo_getshell __P((struct passwd *));
! 97: static char *sudo_getepw __P((struct passwd *));
! 98:
! 99:
! 100: /*
! 101: * Return the user's shell based on either the SHELL
! 102: * environment variable or the passwd(5) entry (in that order).
! 103: */
! 104: static char *
! 105: sudo_getshell(pw)
! 106: struct passwd *pw;
! 107: {
! 108: char *pw_shell;
! 109:
! 110: if ((pw_shell = getenv("SHELL")) == NULL)
! 111: pw_shell = pw->pw_shell;
! 112:
! 113: #ifdef _PATH_BSHELL
! 114: /* empty string "" means bourne shell */
! 115: if (*pw_shell == '\0')
! 116: pw_shell = _PATH_BSHELL;
! 117: #endif /* _PATH_BSHELL */
! 118:
! 119: return(pw_shell);
! 120: }
! 121:
! 122: /*
! 123: * Return the encrypted password for the user described by pw. If shadow
! 124: * passwords are in use, look in the shadow file.
! 125: */
! 126: static char *
! 127: sudo_getepw(pw)
! 128: struct passwd *pw;
! 129: {
! 130:
! 131: /* If there is a function to check for shadow enabled, use it... */
! 132: #ifdef HAVE_ISCOMSEC
! 133: if (!iscomsec())
! 134: return(pw->pw_passwd);
! 135: #endif /* HAVE_ISCOMSEC */
! 136: #ifdef HAVE_ISSECURE
! 137: if (!issecure())
! 138: return(pw->pw_passwd);
! 139: #endif /* HAVE_ISSECURE */
! 140:
! 141: #ifdef HAVE_GETPRPWNAM
! 142: {
! 143: struct pr_passwd *spw;
! 144:
! 145: spw = getprpwnam(pw->pw_name);
! 146: if (spw != NULL && spw->ufld.fd_encrypt != NULL) {
! 147: # ifdef __alpha
! 148: crypt_type = spw->ufld.fd_oldcrypt;
! 149: # endif /* __alpha */
! 150: return(spw->ufld.fd_encrypt);
! 151: }
! 152: }
! 153: #endif /* HAVE_GETPRPWNAM */
! 154: #ifdef HAVE_GETSPNAM
! 155: {
! 156: struct spwd *spw;
! 157:
! 158: if ((spw = getspnam(pw->pw_name)) && spw->sp_pwdp)
! 159: return(spw->sp_pwdp);
! 160: }
! 161: #endif /* HAVE_GETSPNAM */
! 162: #ifdef HAVE_GETSPWUID
! 163: {
! 164: struct s_passwd *spw;
! 165:
! 166: if ((spw = getspwuid(pw->pw_uid)) && spw->pw_passwd)
! 167: return(spw->pw_passwd);
! 168: }
! 169: #endif /* HAVE_GETSPWUID */
! 170: #ifdef HAVE_GETPWANAM
! 171: {
! 172: struct passwd_adjunct *spw;
! 173:
! 174: if ((spw = getpwanam(pw->pw_name)) && spw->pwa_passwd)
! 175: return(spw->pwa_passwd);
! 176: }
! 177: #endif /* HAVE_GETPWANAM */
! 178: #ifdef HAVE_GETAUTHUID
! 179: {
! 180: AUTHORIZATION *spw;
! 181:
! 182: if ((spw = getauthuid(pw->pw_uid)) && spw->a_password)
! 183: return(spw->a_password);
! 184: }
! 185: #endif /* HAVE_GETAUTHUID */
! 186:
! 187: /* Fall back on normal password. */
! 188: return(pw->pw_passwd);
! 189: }
! 190:
! 191: /*
! 192: * Dynamically allocate space for a struct password and the constituent parts
! 193: * that we care about. Fills in pw_passwd from shadow file if necessary.
! 194: */
! 195: struct passwd *
! 196: sudo_getpwuid(uid)
! 197: uid_t uid;
! 198: {
! 199: struct passwd *pw, *local_pw;
! 200:
! 201: if ((pw = getpwuid(uid)) == NULL)
! 202: return(NULL);
! 203:
! 204: /* Allocate space for a local copy of pw. */
! 205: local_pw = (struct passwd *) emalloc(sizeof(struct passwd));
! 206:
! 207: /*
! 208: * Copy the struct passwd and the interesting strings...
! 209: */
! 210: (void) memcpy(local_pw, pw, sizeof(struct passwd));
! 211: local_pw->pw_name = estrdup(pw->pw_name);
! 212: local_pw->pw_dir = estrdup(pw->pw_dir);
! 213:
! 214: /* pw_shell is a special case since we overide with $SHELL */
! 215: local_pw->pw_shell = estrdup(sudo_getshell(pw));
! 216:
! 217: /* pw_passwd gets a shadow password if applicable */
! 218: local_pw->pw_passwd = estrdup(sudo_getepw(pw));
! 219:
! 220: return(local_pw);
! 221: }