1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Tony Nardo of the Johns Hopkins University/Applied Physics Lab. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 #if 0 36 #ifndef lint 37 static char sccsid[] = "@(#)util.c 8.3 (Berkeley) 4/28/95"; 38 #endif 39 #endif 40 41 #include <sys/cdefs.h> 42 #include <sys/param.h> 43 #include <sys/socket.h> 44 #include <sys/stat.h> 45 #include <ctype.h> 46 #include <db.h> 47 #include <err.h> 48 #include <errno.h> 49 #include <fcntl.h> 50 #include <paths.h> 51 #include <pwd.h> 52 #include <stdio.h> 53 #include <stdlib.h> 54 #include <string.h> 55 #include <unistd.h> 56 #include <utmpx.h> 57 #include "finger.h" 58 #include "pathnames.h" 59 60 static void find_idle_and_ttywrite(WHERE *); 61 static void userinfo(PERSON *, struct passwd *); 62 static WHERE *walloc(PERSON *); 63 64 int 65 match(struct passwd *pw, const char *user) 66 { 67 char *p, *t; 68 char name[1024]; 69 70 if (!strcasecmp(pw->pw_name, user)) 71 return(1); 72 73 /* 74 * XXX 75 * Why do we skip asterisks!?!? 76 */ 77 (void)strncpy(p = tbuf, pw->pw_gecos, sizeof(tbuf)); 78 tbuf[sizeof(tbuf) - 1] = '\0'; 79 if (*p == '*') 80 ++p; 81 82 /* Ampersands get replaced by the login name. */ 83 if ((p = strtok(p, ",")) == NULL) 84 return(0); 85 86 for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) { 87 if (*t == '&') { 88 (void)strncpy(t, pw->pw_name, 89 sizeof(name) - (t - name)); 90 name[sizeof(name) - 1] = '\0'; 91 while (t < &name[sizeof(name) - 1] && *++t) 92 continue; 93 } else { 94 ++t; 95 } 96 } 97 *t = '\0'; 98 for (t = name; (p = strtok(t, "\t ")) != NULL; t = NULL) 99 if (!strcasecmp(p, user)) 100 return(1); 101 return(0); 102 } 103 104 void 105 enter_lastlog(PERSON *pn) 106 { 107 WHERE *w; 108 struct utmpx *ut = NULL; 109 char doit = 0; 110 111 if (setutxdb(UTXDB_LASTLOGIN, NULL) == 0) 112 ut = getutxuser(pn->name); 113 if ((w = pn->whead) == NULL) 114 doit = 1; 115 else if (ut != NULL && ut->ut_type == USER_PROCESS) { 116 /* if last login is earlier than some current login */ 117 for (; !doit && w != NULL; w = w->next) 118 if (w->info == LOGGEDIN && 119 w->loginat < ut->ut_tv.tv_sec) 120 doit = 1; 121 /* 122 * and if it's not any of the current logins 123 * can't use time comparison because there may be a small 124 * discrepancy since login calls time() twice 125 */ 126 for (w = pn->whead; doit && w != NULL; w = w->next) 127 if (w->info == LOGGEDIN && 128 strcmp(w->tty, ut->ut_line) == 0) 129 doit = 0; 130 } 131 if (ut != NULL && doit) { 132 w = walloc(pn); 133 w->info = LASTLOG; 134 strcpy(w->tty, ut->ut_line); 135 strcpy(w->host, ut->ut_host); 136 w->loginat = ut->ut_tv.tv_sec; 137 } 138 endutxent(); 139 } 140 141 void 142 enter_where(struct utmpx *ut, PERSON *pn) 143 { 144 WHERE *w; 145 146 w = walloc(pn); 147 w->info = LOGGEDIN; 148 strcpy(w->tty, ut->ut_line); 149 strcpy(w->host, ut->ut_host); 150 w->loginat = ut->ut_tv.tv_sec; 151 find_idle_and_ttywrite(w); 152 } 153 154 PERSON * 155 enter_person(struct passwd *pw) 156 { 157 DBT data, key; 158 PERSON *pn; 159 160 if (db == NULL && 161 (db = dbopen(NULL, O_RDWR, 0, DB_BTREE, NULL)) == NULL) 162 err(1, NULL); 163 164 key.data = pw->pw_name; 165 key.size = strlen(pw->pw_name); 166 167 switch ((*db->get)(db, &key, &data, 0)) { 168 case 0: 169 memmove(&pn, data.data, sizeof pn); 170 return (pn); 171 default: 172 case -1: 173 err(1, "db get"); 174 /* NOTREACHED */ 175 case 1: 176 ++entries; 177 pn = palloc(); 178 userinfo(pn, pw); 179 pn->whead = NULL; 180 181 data.size = sizeof(PERSON *); 182 data.data = &pn; 183 if ((*db->put)(db, &key, &data, 0)) 184 err(1, "db put"); 185 return (pn); 186 } 187 } 188 189 PERSON * 190 find_person(char *name) 191 { 192 struct passwd *pw; 193 194 DBT data, key; 195 PERSON *p; 196 197 if (!db) 198 return(NULL); 199 200 if ((pw = getpwnam(name)) && hide(pw)) 201 return(NULL); 202 203 key.data = name; 204 key.size = strlen(name); 205 206 if ((*db->get)(db, &key, &data, 0)) 207 return (NULL); 208 memmove(&p, data.data, sizeof p); 209 return (p); 210 } 211 212 PERSON * 213 palloc(void) 214 { 215 PERSON *p; 216 217 if ((p = malloc(sizeof(PERSON))) == NULL) 218 err(1, NULL); 219 return(p); 220 } 221 222 static WHERE * 223 walloc(PERSON *pn) 224 { 225 WHERE *w; 226 227 if ((w = malloc(sizeof(WHERE))) == NULL) 228 err(1, NULL); 229 if (pn->whead == NULL) 230 pn->whead = pn->wtail = w; 231 else { 232 pn->wtail->next = w; 233 pn->wtail = w; 234 } 235 w->next = NULL; 236 return(w); 237 } 238 239 char * 240 prphone(char *num) 241 { 242 char *p; 243 int len; 244 static char pbuf[20]; 245 246 /* don't touch anything if the user has their own formatting */ 247 for (p = num; *p; ++p) 248 if (!isdigit(*p)) 249 return(num); 250 len = p - num; 251 p = pbuf; 252 switch(len) { 253 case 11: /* +0-123-456-7890 */ 254 *p++ = '+'; 255 *p++ = *num++; 256 *p++ = '-'; 257 /* FALLTHROUGH */ 258 case 10: /* 012-345-6789 */ 259 *p++ = *num++; 260 *p++ = *num++; 261 *p++ = *num++; 262 *p++ = '-'; 263 /* FALLTHROUGH */ 264 case 7: /* 012-3456 */ 265 *p++ = *num++; 266 *p++ = *num++; 267 *p++ = *num++; 268 break; 269 case 5: /* x0-1234 */ 270 case 4: /* x1234 */ 271 *p++ = 'x'; 272 *p++ = *num++; 273 break; 274 default: 275 return(num); 276 } 277 if (len != 4) { 278 *p++ = '-'; 279 *p++ = *num++; 280 } 281 *p++ = *num++; 282 *p++ = *num++; 283 *p++ = *num++; 284 *p = '\0'; 285 return(pbuf); 286 } 287 288 static void 289 find_idle_and_ttywrite(WHERE *w) 290 { 291 struct stat sb; 292 time_t touched; 293 int error; 294 295 (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_DEV, w->tty); 296 297 error = stat(tbuf, &sb); 298 if (error < 0 && errno == ENOENT) { 299 /* 300 * The terminal listed is not actually a terminal (i.e., 301 * ":0"). This is a failure, so we'll skip printing 302 * out the idle time, which is non-ideal but better 303 * than a bogus warning and idle time. 304 */ 305 w->idletime = -1; 306 return; 307 } else if (error < 0) { 308 warn("%s", tbuf); 309 w->idletime = -1; 310 return; 311 } 312 touched = sb.st_atime; 313 if (touched < w->loginat) { 314 /* tty untouched since before login */ 315 touched = w->loginat; 316 } 317 w->idletime = now < touched ? 0 : now - touched; 318 319 #define TALKABLE 0220 /* tty is writable if 220 mode */ 320 w->writable = ((sb.st_mode & TALKABLE) == TALKABLE); 321 } 322 323 static void 324 userinfo(PERSON *pn, struct passwd *pw) 325 { 326 char *p, *t; 327 char *bp, name[1024]; 328 struct stat sb; 329 330 pn->realname = pn->office = pn->officephone = pn->homephone = NULL; 331 332 pn->uid = pw->pw_uid; 333 if ((pn->name = strdup(pw->pw_name)) == NULL) 334 err(1, "strdup failed"); 335 if ((pn->dir = strdup(pw->pw_dir)) == NULL) 336 err(1, "strdup failed"); 337 if ((pn->shell = strdup(pw->pw_shell)) == NULL) 338 err(1, "strdup failed"); 339 340 /* why do we skip asterisks!?!? */ 341 (void)strncpy(bp = tbuf, pw->pw_gecos, sizeof(tbuf)); 342 tbuf[sizeof(tbuf) - 1] = '\0'; 343 if (*bp == '*') 344 ++bp; 345 346 /* ampersands get replaced by the login name */ 347 if (!(p = strsep(&bp, ","))) 348 return; 349 for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) { 350 if (*t == '&') { 351 (void)strncpy(t, pw->pw_name, 352 sizeof(name) - (t - name)); 353 name[sizeof(name) - 1] = '\0'; 354 if (islower(*t)) 355 *t = toupper(*t); 356 while (t < &name[sizeof(name) - 1] && *++t) 357 continue; 358 } else { 359 ++t; 360 } 361 } 362 *t = '\0'; 363 if ((pn->realname = strdup(name)) == NULL) 364 err(1, "strdup failed"); 365 pn->office = ((p = strsep(&bp, ",")) && *p) ? 366 strdup(p) : NULL; 367 pn->officephone = ((p = strsep(&bp, ",")) && *p) ? 368 strdup(p) : NULL; 369 pn->homephone = ((p = strsep(&bp, ",")) && *p) ? 370 strdup(p) : NULL; 371 (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pw->pw_name); 372 pn->mailrecv = -1; /* -1 == not_valid */ 373 if (stat(tbuf, &sb) < 0) { 374 if (errno != ENOENT) { 375 warn("%s", tbuf); 376 return; 377 } 378 } else if (sb.st_size != 0) { 379 pn->mailrecv = sb.st_mtime; 380 pn->mailread = sb.st_atime; 381 } 382 } 383 384 /* 385 * Is this user hiding from finger? 386 * If ~<user>/.nofinger exists, return 1 (hide), else return 0 (nohide). 387 * Nobody can hide from root. 388 */ 389 390 int 391 hide(struct passwd *pw) 392 { 393 struct stat st; 394 char buf[MAXPATHLEN]; 395 396 if (invoker_root || !pw->pw_dir) 397 return 0; 398 399 snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER); 400 401 if (stat(buf, &st) == 0) 402 return 1; 403 404 return 0; 405 } 406