Annotation of src/usr.bin/sudo/getspwuid.c, Revision 1.3
1.1 millert 1: /*
2: * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com>
3: * All rights reserved.
4: *
5: * Redistribution and use in source and binary forms, with or without
6: * modification, are permitted provided that the following conditions
7: * are met:
8: *
9: * 1. Redistributions of source code must retain the above copyright
10: * notice, this list of conditions and the following disclaimer.
11: *
12: * 2. Redistributions in binary form must reproduce the above copyright
13: * notice, this list of conditions and the following disclaimer in the
14: * documentation and/or other materials provided with the distribution.
15: *
16: * 3. The name of the author may not be used to endorse or promote products
17: * derived from this software without specific prior written permission.
18: *
19: * 4. Products derived from this software may not be called "Sudo" nor
20: * may "Sudo" appear in their names without specific prior written
21: * permission from the author.
22: *
23: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
24: * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
25: * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
26: * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
27: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
28: * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
29: * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
30: * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
31: * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
32: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33: */
34:
35: #include "config.h"
36:
37: #include <stdio.h>
38: #ifdef STDC_HEADERS
39: # include <stdlib.h>
40: #endif /* STDC_HEADERS */
41: #ifdef HAVE_STRING_H
42: # include <string.h>
43: #endif /* HAVE_STRING_H */
44: #ifdef HAVE_STRINGS_H
45: # include <strings.h>
46: #endif /* HAVE_STRINGS_H */
47: #ifdef HAVE_UNISTD_H
48: # include <unistd.h>
49: #endif /* HAVE_UNISTD_H */
50: #include <sys/types.h>
51: #include <sys/stat.h>
52: #include <sys/param.h>
53: #include <pwd.h>
54: #ifdef HAVE_GETSPNAM
55: # include <shadow.h>
56: #endif /* HAVE_GETSPNAM */
57: #ifdef HAVE_GETPRPWNAM
58: # ifdef __hpux
59: # undef MAXINT
60: # include <hpsecurity.h>
61: # else
62: # include <sys/security.h>
63: # endif /* __hpux */
64: # include <prot.h>
65: #endif /* HAVE_GETPRPWNAM */
66: #ifdef HAVE_GETPWANAM
67: # include <sys/label.h>
68: # include <sys/audit.h>
69: # include <pwdadj.h>
70: #endif /* HAVE_GETPWANAM */
71: #ifdef HAVE_GETAUTHUID
72: # include <auth.h>
73: #endif /* HAVE_GETAUTHUID */
74:
75: #include "sudo.h"
76:
77: #ifndef lint
1.2 millert 78: static const char rcsid[] = "$Sudo: getspwuid.c,v 1.56 2000/02/18 17:56:26 millert Exp $";
1.1 millert 79: #endif /* lint */
80:
81: #ifndef STDC_HEADERS
82: extern char *getenv __P((const char *));
83: #endif /* !STDC_HEADERS */
84:
85: /*
86: * Global variables (yuck)
87: */
88: #if defined(HAVE_GETPRPWNAM) && defined(__alpha)
89: int crypt_type = INT_MAX;
90: #endif /* HAVE_GETPRPWNAM && __alpha */
91:
92:
93: /*
94: * Local functions not visible outside getspwuid.c
95: */
1.3 ! millert 96: static char *sudo_getshell __P((struct passwd *));
! 97: static struct passwd *sudo_pwdup __P((struct passwd *));
1.1 millert 98:
99:
100: /*
101: * Return the user's shell based on either the SHELL
102: * environment variable or the passwd(5) entry (in that order).
103: */
104: static char *
105: sudo_getshell(pw)
106: struct passwd *pw;
107: {
108: char *pw_shell;
109:
110: if ((pw_shell = getenv("SHELL")) == NULL)
111: pw_shell = pw->pw_shell;
112:
113: #ifdef _PATH_BSHELL
114: /* empty string "" means bourne shell */
115: if (*pw_shell == '\0')
116: pw_shell = _PATH_BSHELL;
117: #endif /* _PATH_BSHELL */
118:
119: return(pw_shell);
120: }
121:
122: /*
123: * Return the encrypted password for the user described by pw. If shadow
124: * passwords are in use, look in the shadow file.
125: */
1.2 millert 126: char *
1.1 millert 127: sudo_getepw(pw)
128: struct passwd *pw;
129: {
130:
131: /* If there is a function to check for shadow enabled, use it... */
132: #ifdef HAVE_ISCOMSEC
133: if (!iscomsec())
134: return(pw->pw_passwd);
135: #endif /* HAVE_ISCOMSEC */
136: #ifdef HAVE_ISSECURE
137: if (!issecure())
138: return(pw->pw_passwd);
139: #endif /* HAVE_ISSECURE */
140:
141: #ifdef HAVE_GETPRPWNAM
142: {
143: struct pr_passwd *spw;
144:
145: spw = getprpwnam(pw->pw_name);
146: if (spw != NULL && spw->ufld.fd_encrypt != NULL) {
147: # ifdef __alpha
148: crypt_type = spw->ufld.fd_oldcrypt;
149: # endif /* __alpha */
150: return(spw->ufld.fd_encrypt);
151: }
152: }
153: #endif /* HAVE_GETPRPWNAM */
154: #ifdef HAVE_GETSPNAM
155: {
156: struct spwd *spw;
157:
158: if ((spw = getspnam(pw->pw_name)) && spw->sp_pwdp)
159: return(spw->sp_pwdp);
160: }
161: #endif /* HAVE_GETSPNAM */
162: #ifdef HAVE_GETSPWUID
163: {
164: struct s_passwd *spw;
165:
166: if ((spw = getspwuid(pw->pw_uid)) && spw->pw_passwd)
167: return(spw->pw_passwd);
168: }
169: #endif /* HAVE_GETSPWUID */
170: #ifdef HAVE_GETPWANAM
171: {
172: struct passwd_adjunct *spw;
173:
174: if ((spw = getpwanam(pw->pw_name)) && spw->pwa_passwd)
175: return(spw->pwa_passwd);
176: }
177: #endif /* HAVE_GETPWANAM */
178: #ifdef HAVE_GETAUTHUID
179: {
180: AUTHORIZATION *spw;
181:
182: if ((spw = getauthuid(pw->pw_uid)) && spw->a_password)
183: return(spw->a_password);
184: }
185: #endif /* HAVE_GETAUTHUID */
186:
187: /* Fall back on normal password. */
188: return(pw->pw_passwd);
189: }
190:
191: /*
192: * Dynamically allocate space for a struct password and the constituent parts
193: * that we care about. Fills in pw_passwd from shadow file if necessary.
194: */
1.3 ! millert 195: static struct passwd *
! 196: sudo_pwdup(pw)
! 197: struct passwd *pw;
1.1 millert 198: {
1.3 ! millert 199: struct passwd *local_pw;
1.1 millert 200:
201: /* Allocate space for a local copy of pw. */
202: local_pw = (struct passwd *) emalloc(sizeof(struct passwd));
203:
204: /*
205: * Copy the struct passwd and the interesting strings...
206: */
207: (void) memcpy(local_pw, pw, sizeof(struct passwd));
208: local_pw->pw_name = estrdup(pw->pw_name);
209: local_pw->pw_dir = estrdup(pw->pw_dir);
210:
211: /* pw_shell is a special case since we overide with $SHELL */
212: local_pw->pw_shell = estrdup(sudo_getshell(pw));
213:
214: /* pw_passwd gets a shadow password if applicable */
215: local_pw->pw_passwd = estrdup(sudo_getepw(pw));
216:
217: return(local_pw);
1.3 ! millert 218: }
! 219:
! 220: /*
! 221: * Get a password entry by uid and allocate space for it.
! 222: * Fills in pw_passwd from shadow file if necessary.
! 223: */
! 224: struct passwd *
! 225: sudo_getpwuid(uid)
! 226: uid_t uid;
! 227: {
! 228: struct passwd *pw;
! 229:
! 230: if ((pw = getpwuid(uid)) == NULL)
! 231: return(NULL);
! 232: else
! 233: return(sudo_pwdup(pw));
! 234: }
! 235:
! 236: /*
! 237: * Get a password entry by name and allocate space for it.
! 238: * Fills in pw_passwd from shadow file if necessary.
! 239: */
! 240: struct passwd *
! 241: sudo_getpwnam(name)
! 242: const char *name;
! 243: {
! 244: struct passwd *pw;
! 245:
! 246: if ((pw = getpwnam(name)) == NULL)
! 247: return(NULL);
! 248: else
! 249: return(sudo_pwdup(pw));
1.1 millert 250: }