GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: libexec/login_lchpass/../../usr.bin/passwd/pwd_check.c Lines: 0 71 0.0 %
Date: 2017-11-07 Branches: 0 47 0.0 %

Line Branch Exec Source
1
/*	$OpenBSD: pwd_check.c,v 1.16 2017/08/21 21:41:13 deraadt Exp $	*/
2
3
/*
4
 * Copyright 2000 Niels Provos <provos@citi.umich.edu>
5
 * All rights reserved.
6
 *
7
 * Redistribution and use in source and binary forms, with or without
8
 * modification, are permitted provided that the following conditions
9
 * are met:
10
 * 1. Redistributions of source code must retain the above copyright
11
 *    notice, this list of conditions and the following disclaimer.
12
 * 2. Redistributions in binary form must reproduce the above copyright
13
 *    notice, this list of conditions and the following disclaimer in the
14
 *    documentation and/or other materials provided with the distribution.
15
 * 3. All advertising materials mentioning features or use of this software
16
 *    must display the following acknowledgement:
17
 *      This product includes software developed by Niels Provos.
18
 * 4. The name of the author may not be used to endorse or promote products
19
 *    derived from this software without specific prior written permission.
20
 *
21
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
22
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
23
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
24
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
25
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
26
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
27
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
28
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
30
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31
 */
32
33
#include <sys/types.h>
34
#include <sys/wait.h>
35
36
#include <stdio.h>
37
#include <stdlib.h>
38
#include <string.h>
39
#include <unistd.h>
40
#include <limits.h>
41
#include <errno.h>
42
#include <err.h>
43
#include <regex.h>
44
#include <grp.h>
45
#include <paths.h>
46
#include <login_cap.h>
47
#include <signal.h>
48
49
int pwd_check(login_cap_t *, char *);
50
int pwd_gettries(login_cap_t *);
51
52
struct pattern {
53
	char *match;
54
	int flags;
55
	char *response;
56
};
57
58
struct pattern patterns[] = {
59
	{
60
		"^[0-9]*$",
61
		REG_EXTENDED|REG_NOSUB,
62
		"Please don't use all-digit passwords."
63
	},
64
	{
65
		"^[a-z]{1,9}$",
66
		REG_EXTENDED|REG_NOSUB,
67
		"Please don't use an all-lower case password."
68
	},
69
	{
70
		"^[a-z]{1,6}[0-9]+$",
71
		REG_EXTENDED|REG_NOSUB|REG_ICASE,
72
		"Please use a more complicated password."
73
	},
74
	{
75
		"^([a-z][0-9]){1,4}$",
76
		REG_EXTENDED|REG_NOSUB|REG_ICASE,
77
		"Please use a more complicated password."
78
	},
79
	{
80
		"^([0-9][a-z]){1,4}$",
81
		REG_EXTENDED|REG_NOSUB|REG_ICASE,
82
		"Please use a more complicated password."
83
	}
84
};
85
86
int
87
pwd_check(login_cap_t *lc, char *password)
88
{
89
	regex_t rgx;
90
	int i, res, min_len;
91
	char *checker;
92
	char *argp[] = { "sh", "-c", NULL, NULL};
93
	int pipefds[2];
94
	pid_t child;
95
	uid_t uid;
96
	gid_t gid;
97
98
	min_len = (int)login_getcapnum(lc, "minpasswordlen", 6, 6);
99
	if (min_len > 0 && strlen(password) < min_len) {
100
		printf("Please enter a longer password.\n");
101
		return (0);
102
	}
103
104
	/* External password check program */
105
	checker = login_getcapstr(lc, "passwordcheck", NULL, NULL);
106
107
	/* Pipes are only used for external checker */
108
	if (checker != NULL && pipe(pipefds) == -1) {
109
		warn("pipe");
110
		goto out;
111
	}
112
113
	/* Check password in low-privileged child */
114
	switch (child = fork()) {
115
	case -1:
116
		warn("fork");
117
		goto out;
118
	case 0:
119
		(void)signal(SIGINT, SIG_DFL);
120
		(void)signal(SIGQUIT, SIG_DFL);
121
		uid = getuid();
122
		gid = getgid();
123
		if (setresgid(gid, gid, gid) == -1) {
124
			warn("setresgid");
125
			exit(1);
126
		}
127
		if (setgroups(1, &gid) == -1) {
128
			warn("setgroups");
129
			exit(1);
130
		}
131
		if (setresuid(uid, uid, uid) == -1) {
132
			warn("setresuid");
133
			exit(1);
134
		}
135
136
		if (checker == NULL) {
137
			if (pledge("stdio flock rpath cpath wpath", NULL) == -1)
138
				err(1, "pledge");
139
140
			for (i = 0; i < sizeof(patterns) / sizeof(*patterns); i++) {
141
				int ret;
142
143
				if (regcomp(&rgx, patterns[i].match,
144
				    patterns[i].flags) != 0)
145
					continue;
146
				ret = regexec(&rgx, password, 0, NULL, 0);
147
				regfree(&rgx);
148
				if (ret == 0) {
149
					printf("%s\n", patterns[i].response);
150
					exit(1);
151
				}
152
			}
153
			/* no external checker in use, accept the password */
154
			exit(0);
155
		}
156
157
		if (pledge("stdio exec flock rpath cpath wpath", NULL) == -1)
158
			err(1, "pledge");
159
160
		/* Otherwise, pass control to checker program */
161
		argp[2] = checker;
162
		if (dup2(pipefds[0], STDIN_FILENO) == -1) {
163
			warn("dup2");
164
			exit(1);
165
		}
166
		close(pipefds[0]);
167
		close(pipefds[1]);
168
169
		if (execv(_PATH_BSHELL, argp) == -1) {
170
			warn("exec");
171
			exit(1);
172
		}
173
		/* NOTREACHED */
174
	default:
175
		break; /* parent continues below */
176
	}
177
178
	if (checker != NULL) {
179
		/* Send the password to STDIN of child */
180
		close(pipefds[0]);
181
		write(pipefds[1], password, strlen(password) + 1);
182
		close(pipefds[1]);
183
	}
184
185
	/* get the return value from the child */
186
	while (waitpid(child, &res, 0) == -1) {
187
		if (errno != EINTR)
188
			break;
189
	}
190
	if (WIFEXITED(res) && WEXITSTATUS(res) == 0) {
191
		free(checker);
192
		return (1);
193
	}
194
195
 out:
196
	free(checker);
197
	printf("Please use a different password. Unusual capitalization,\n");
198
	printf("control characters, or digits are suggested.\n");
199
200
	return (0);
201
}
202
203
int
204
pwd_gettries(login_cap_t *lc)
205
{
206
	quad_t ntries;
207
208
	if ((ntries = login_getcapnum(lc, "passwordtries", -1, -1)) != -1) {
209
		if (ntries >= 0 && ntries <= INT_MAX)
210
			return((int)ntries);
211
		fprintf(stderr,
212
		    "Warning: pwdtries out of range in /etc/login.conf");
213
	}
214
215
	/*
216
	 * If no amount of tries is specified, return a default of 3,
217
	 * meaning that after 3 attempts where the user is foiled by the
218
	 * password checks, it will no longer be checked and they can set
219
	 * it to whatever they like.  This is the historic BSD behavior.
220
	 */
221
	return (3);
222
}