1 /* $OpenBSD: util.c,v 1.30 2015/01/16 06:40:07 deraadt Exp $ */ 2 3 /* 4 * Copyright (c) 1989 The Regents of the University of California. 5 * All rights reserved. 6 * Portions Copyright (c) 1983, 1995, 1996 Eric P. Allman (woof!) 7 * 8 * This code is derived from software contributed to Berkeley by 9 * Tony Nardo of the Johns Hopkins University/Applied Physics Lab. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/types.h> 37 #include <sys/uio.h> 38 #include <sys/stat.h> 39 #include <err.h> 40 #include <stdio.h> 41 #include <stdlib.h> 42 #include <ctype.h> 43 #include <string.h> 44 #include <paths.h> 45 #include <errno.h> 46 #include <fcntl.h> 47 #include <unistd.h> 48 #include <vis.h> 49 #include "finger.h" 50 #include "extern.h" 51 52 char *estrdup(char *); 53 WHERE *walloc(PERSON *pn); 54 void find_idle_and_ttywrite(WHERE *); 55 void userinfo(PERSON *, struct passwd *); 56 57 void 58 find_idle_and_ttywrite(WHERE *w) 59 { 60 struct stat sb; 61 62 (void)snprintf(tbuf, sizeof(tbuf), "%s%s", _PATH_DEV, w->tty); 63 if (stat(tbuf, &sb) < 0) { 64 /* Don't bitch about it, just handle it... */ 65 w->idletime = 0; 66 w->writable = 0; 67 68 return; 69 } 70 w->idletime = now < sb.st_atime ? 0 : now - sb.st_atime; 71 72 #define TALKABLE 0220 /* tty is writable if 220 mode */ 73 w->writable = ((sb.st_mode & TALKABLE) == TALKABLE); 74 } 75 76 char * 77 estrdup(char *s) 78 { 79 char *p = strdup(s); 80 if (!p) 81 err(1, "strdup"); 82 return (p); 83 } 84 85 void 86 userinfo(PERSON *pn, struct passwd *pw) 87 { 88 char *p; 89 char *bp, name[1024]; 90 struct stat sb; 91 int len; 92 93 pn->realname = pn->office = pn->officephone = pn->homephone = NULL; 94 pn->mailrecv = -1; /* -1 == not_valid */ 95 96 pn->uid = pw->pw_uid; 97 pn->name = estrdup(pw->pw_name); 98 pn->dir = estrdup(pw->pw_dir); 99 pn->shell = estrdup(pw->pw_shell); 100 101 (void)strlcpy(bp = tbuf, pw->pw_gecos, sizeof(tbuf)); 102 103 /* ampersands get replaced by the login name */ 104 if (!(p = strsep(&bp, ","))) 105 return; 106 expandusername(p, pw->pw_name, name, sizeof(name)); 107 if (stravis(&pn->realname, p, VIS_SAFE|VIS_NOSLASH) == -1) 108 err(1, "stravis"); 109 if ((p = strsep(&bp, ",")) && *p) { 110 if (stravis(&pn->office, p, VIS_SAFE|VIS_NOSLASH) == -1) 111 err(1, "stravis"); 112 } 113 if ((p = strsep(&bp, ",")) && *p) { 114 if (stravis(&pn->officephone, p, VIS_SAFE|VIS_NOSLASH) == -1) 115 err(1, "stravis"); 116 } 117 if ((p = strsep(&bp, ",")) && *p) { 118 if (stravis(&pn->homephone, p, VIS_SAFE|VIS_NOSLASH) == -1) 119 err(1, "stravis"); 120 } 121 len = snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILSPOOL, 122 pw->pw_name); 123 if (len != -1 && len < sizeof(tbuf)) { 124 if (stat(tbuf, &sb) < 0) { 125 if (errno != ENOENT) { 126 warn("%s", tbuf); 127 return; 128 } 129 } else if (sb.st_size != 0) { 130 pn->mailrecv = sb.st_mtime; 131 pn->mailread = sb.st_atime; 132 } 133 } 134 } 135 136 int 137 match(struct passwd *pw, char *user) 138 { 139 char *p, *t; 140 char name[1024]; 141 142 (void)strlcpy(p = tbuf, pw->pw_gecos, sizeof(tbuf)); 143 144 /* ampersands get replaced by the login name */ 145 if (!(p = strtok(p, ","))) 146 return (0); 147 expandusername(p, pw->pw_name, name, sizeof(name)); 148 for (t = name; (p = strtok(t, "\t ")) != NULL; t = NULL) 149 if (!strcasecmp(p, user)) 150 return (1); 151 return (0); 152 } 153 154 /* inspired by usr.sbin/sendmail/util.c::buildfname */ 155 void 156 expandusername(char *gecos, char *login, char *buf, int buflen) 157 { 158 char *p, *bp; 159 160 /* why do we skip asterisks!?!? */ 161 if (*gecos == '*') 162 gecos++; 163 bp = buf; 164 165 /* copy gecos, interpolating & to be full name */ 166 for (p = gecos; *p != '\0'; p++) { 167 if (bp >= &buf[buflen - 1]) { 168 /* buffer overflow - just use login name */ 169 strlcpy(buf, login, buflen); 170 buf[buflen - 1] = '\0'; 171 return; 172 } 173 if (*p == '&') { 174 /* interpolate full name */ 175 strlcpy(bp, login, buflen - (bp - buf)); 176 *bp = toupper((unsigned char)*bp); 177 bp += strlen(bp); 178 } 179 else 180 *bp++ = *p; 181 } 182 *bp = '\0'; 183 } 184 185 void 186 enter_lastlog(PERSON *pn) 187 { 188 WHERE *w; 189 static int opened, fd; 190 struct lastlog ll; 191 char doit = 0; 192 193 /* some systems may not maintain lastlog, don't report errors. */ 194 if (!opened) { 195 fd = open(_PATH_LASTLOG, O_RDONLY); 196 opened = 1; 197 } 198 if (fd == -1 || 199 lseek(fd, (off_t)(pn->uid * sizeof(ll)), SEEK_SET) != 200 (long)(pn->uid * sizeof(ll)) || 201 read(fd, (char *)&ll, sizeof(ll)) != sizeof(ll)) { 202 /* as if never logged in */ 203 ll.ll_line[0] = ll.ll_host[0] = '\0'; 204 ll.ll_time = 0; 205 } 206 if ((w = pn->whead) == NULL) 207 doit = 1; 208 else if (ll.ll_time != 0) { 209 /* if last login is earlier than some current login */ 210 for (; !doit && w != NULL; w = w->next) 211 if (w->info == LOGGEDIN && w->loginat < ll.ll_time) 212 doit = 1; 213 /* 214 * and if it's not any of the current logins 215 * can't use time comparison because there may be a small 216 * discrepency since login calls time() twice 217 */ 218 for (w = pn->whead; doit && w != NULL; w = w->next) 219 if (w->info == LOGGEDIN && 220 strncmp(w->tty, ll.ll_line, UT_LINESIZE) == 0) 221 doit = 0; 222 } 223 if (doit) { 224 w = walloc(pn); 225 w->info = LASTLOG; 226 bcopy(ll.ll_line, w->tty, UT_LINESIZE); 227 w->tty[UT_LINESIZE] = 0; 228 bcopy(ll.ll_host, w->host, UT_HOSTSIZE); 229 w->host[UT_HOSTSIZE] = 0; 230 w->loginat = ll.ll_time; 231 } 232 } 233 234 void 235 enter_where(struct utmp *ut, PERSON *pn) 236 { 237 WHERE *w = walloc(pn); 238 239 w->info = LOGGEDIN; 240 bcopy(ut->ut_line, w->tty, UT_LINESIZE); 241 w->tty[UT_LINESIZE] = 0; 242 bcopy(ut->ut_host, w->host, UT_HOSTSIZE); 243 w->host[UT_HOSTSIZE] = 0; 244 w->loginat = (time_t)ut->ut_time; 245 find_idle_and_ttywrite(w); 246 } 247 248 PERSON * 249 enter_person(struct passwd *pw) 250 { 251 PERSON *pn, **pp; 252 253 for (pp = htab + hash(pw->pw_name); 254 *pp != NULL && strcmp((*pp)->name, pw->pw_name) != 0; 255 pp = &(*pp)->hlink) 256 ; 257 if ((pn = *pp) == NULL) { 258 pn = palloc(); 259 entries++; 260 if (phead == NULL) 261 phead = ptail = pn; 262 else { 263 ptail->next = pn; 264 ptail = pn; 265 } 266 pn->next = NULL; 267 pn->hlink = NULL; 268 *pp = pn; 269 userinfo(pn, pw); 270 pn->whead = NULL; 271 } 272 return (pn); 273 } 274 275 PERSON * 276 find_person(char *name) 277 { 278 PERSON *pn; 279 280 /* name may be only UT_NAMESIZE long and not terminated */ 281 for (pn = htab[hash(name)]; 282 pn != NULL && strncmp(pn->name, name, UT_NAMESIZE) != 0; 283 pn = pn->hlink) 284 ; 285 return (pn); 286 } 287 288 int 289 hash(char *name) 290 { 291 int h, i; 292 293 h = 0; 294 /* name may be only UT_NAMESIZE long and not terminated */ 295 for (i = UT_NAMESIZE; --i >= 0 && *name;) 296 h = ((h << 2 | h >> (HBITS - 2)) ^ *name++) & HMASK; 297 return (h); 298 } 299 300 PERSON * 301 palloc(void) 302 { 303 PERSON *p; 304 305 if ((p = (PERSON *)malloc((u_int) sizeof(PERSON))) == NULL) 306 err(1, "malloc"); 307 return (p); 308 } 309 310 WHERE * 311 walloc(PERSON *pn) 312 { 313 WHERE *w; 314 315 if ((w = (WHERE *)malloc((u_int) sizeof(WHERE))) == NULL) 316 err(1, "malloc"); 317 if (pn->whead == NULL) 318 pn->whead = pn->wtail = w; 319 else { 320 pn->wtail->next = w; 321 pn->wtail = w; 322 } 323 w->next = NULL; 324 return (w); 325 } 326 327 char * 328 prphone(char *num) 329 { 330 char *p; 331 int len; 332 static char pbuf[15]; 333 334 /* don't touch anything if the user has their own formatting */ 335 for (p = num; *p; ++p) 336 if (!isdigit((unsigned char)*p)) 337 return (num); 338 len = p - num; 339 p = pbuf; 340 switch (len) { 341 case 11: /* +0-123-456-7890 */ 342 *p++ = '+'; 343 *p++ = *num++; 344 *p++ = '-'; 345 /* FALLTHROUGH */ 346 case 10: /* 012-345-6789 */ 347 *p++ = *num++; 348 *p++ = *num++; 349 *p++ = *num++; 350 *p++ = '-'; 351 /* FALLTHROUGH */ 352 case 7: /* 012-3456 */ 353 *p++ = *num++; 354 *p++ = *num++; 355 *p++ = *num++; 356 break; 357 case 5: /* x0-1234 */ 358 case 4: /* x1234 */ 359 *p++ = 'x'; 360 *p++ = *num++; 361 break; 362 default: 363 return (num); 364 } 365 if (len != 4) { 366 *p++ = '-'; 367 *p++ = *num++; 368 } 369 *p++ = *num++; 370 *p++ = *num++; 371 *p++ = *num++; 372 *p = '\0'; 373 return (pbuf); 374 } 375