GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: usr.bin/chpass/edit.c Lines: 0 114 0.0 %
Date: 2017-11-07 Branches: 0 92 0.0 %

Line Branch Exec Source
1
/*	$OpenBSD: edit.c,v 1.35 2015/01/16 06:40:06 deraadt Exp $	*/
2
/*	$NetBSD: edit.c,v 1.6 1996/05/15 21:50:45 jtc Exp $	*/
3
4
/*-
5
 * Copyright (c) 1990, 1993, 1994
6
 *	The Regents of the University of California.  All rights reserved.
7
 *
8
 * Redistribution and use in source and binary forms, with or without
9
 * modification, are permitted provided that the following conditions
10
 * are met:
11
 * 1. Redistributions of source code must retain the above copyright
12
 *    notice, this list of conditions and the following disclaimer.
13
 * 2. Redistributions in binary form must reproduce the above copyright
14
 *    notice, this list of conditions and the following disclaimer in the
15
 *    documentation and/or other materials provided with the distribution.
16
 * 3. Neither the name of the University nor the names of its contributors
17
 *    may be used to endorse or promote products derived from this software
18
 *    without specific prior written permission.
19
 *
20
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30
 * SUCH DAMAGE.
31
 */
32
33
#include <sys/stat.h>
34
35
#include <ctype.h>
36
#include <err.h>
37
#include <errno.h>
38
#include <fcntl.h>
39
#include <paths.h>
40
#include <pwd.h>
41
#include <stdio.h>
42
#include <stdlib.h>
43
#include <string.h>
44
#include <unistd.h>
45
#include <limits.h>
46
#include <util.h>
47
48
#include "chpass.h"
49
50
int
51
edit(char *tempname, struct passwd *pw)
52
{
53
	struct stat begin, end;
54
55
	for (;;) {
56
		if (lstat(tempname, &begin) == -1 || S_ISLNK(begin.st_mode))
57
			return (EDIT_ERROR);
58
		pw_edit(1, tempname);
59
		if (lstat(tempname, &end) == -1 || S_ISLNK(end.st_mode))
60
			return (EDIT_ERROR);
61
		if (!timespeccmp(&begin.st_mtimespec, &end.st_mtimespec, -) &&
62
		    begin.st_size == end.st_size) {
63
			warnx("no changes made");
64
			return (EDIT_NOCHANGE);
65
		}
66
		if (verify(tempname, pw))
67
			break;
68
		pw_prompt();
69
	}
70
	return(EDIT_OK);
71
}
72
73
/*
74
 * display --
75
 *	print out the file for the user to edit; strange side-effect:
76
 *	set conditional flag if the user gets to edit the shell.
77
 */
78
void
79
display(char *tempname, int fd, struct passwd *pw)
80
{
81
	FILE *fp;
82
	char *bp, *p;
83
	char chngstr[256];
84
85
	if (!(fp = fdopen(fd, "w")))
86
		pw_error(tempname, 1, 1);
87
88
	(void)fprintf(fp,
89
	    "# Changing user database information for %s.\n", pw->pw_name);
90
	if (!uid) {
91
		(void)fprintf(fp, "Login: %s\n", pw->pw_name);
92
		(void)fprintf(fp, "Encrypted password: %s\n", pw->pw_passwd);
93
		(void)fprintf(fp, "Uid [#]: %u\n", pw->pw_uid);
94
		(void)fprintf(fp, "Gid [# or name]: %u\n", pw->pw_gid);
95
		(void)fprintf(fp, "Change [month day year]: %s\n",
96
		    ttoa(chngstr, sizeof(chngstr), pw->pw_change));
97
		(void)fprintf(fp, "Expire [month day year]: %s\n",
98
		    ttoa(chngstr, sizeof(chngstr), pw->pw_expire));
99
		(void)fprintf(fp, "Class: %s\n", pw->pw_class);
100
		(void)fprintf(fp, "Home directory: %s\n", pw->pw_dir);
101
		(void)fprintf(fp, "Shell: %s\n",
102
		    *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL);
103
	}
104
	/* Only admin can change "restricted" shells. */
105
	else if (ok_shell(pw->pw_shell, NULL))
106
		/*
107
		 * Make shell a restricted field.  Ugly with a
108
		 * necklace, but there's not much else to do.
109
		 */
110
		(void)fprintf(fp, "Shell: %s\n",
111
		    *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL);
112
	else
113
		list[E_SHELL].restricted = 1;
114
	bp = pw->pw_gecos;
115
	p = strsep(&bp, ",");
116
	(void)fprintf(fp, "Full Name: %s\n", p ? p : "");
117
	p = strsep(&bp, ",");
118
	(void)fprintf(fp, "Office Location: %s\n", p ? p : "");
119
	p = strsep(&bp, ",");
120
	(void)fprintf(fp, "Office Phone: %s\n", p ? p : "");
121
	p = strsep(&bp, ",");
122
	(void)fprintf(fp, "Home Phone: %s\n", p ? p : "");
123
124
	(void)fchown(fd, getuid(), getgid());
125
	(void)fclose(fp);
126
}
127
128
int
129
verify(char *tempname, struct passwd *pw)
130
{
131
	unsigned int line;
132
	size_t alen;
133
	static char buf[LINE_MAX];
134
	struct stat sb;
135
	char *p, *q;
136
	ENTRY *ep;
137
	FILE *fp;
138
	int fd;
139
140
	if ((fd = open(tempname, O_RDONLY|O_NOFOLLOW)) == -1 ||
141
	    (fp = fdopen(fd, "r")) == NULL)
142
		pw_error(tempname, 1, 1);
143
	if (fstat(fd, &sb))
144
		pw_error(tempname, 1, 1);
145
	if (sb.st_size == 0 || sb.st_nlink != 1 || sb.st_uid != uid) {
146
		warnx("corrupted temporary file");
147
		goto bad;
148
	}
149
	line = 0;
150
	while (fgets(buf, sizeof(buf), fp)) {
151
		line++;
152
		if (!buf[0] || buf[0] == '#')
153
			continue;
154
		if ((p = strchr(buf, '\n')) != NULL)
155
			*p = '\0';
156
		else if (!feof(fp)) {
157
			warnx("line %u too long", line);
158
			goto bad;
159
		}
160
		for (ep = list;; ++ep) {
161
			if (!ep->prompt) {
162
				warnx("unrecognized field on line %u", line);
163
				goto bad;
164
			}
165
			if (!strncasecmp(buf, ep->prompt, ep->len)) {
166
				if (ep->restricted && uid) {
167
					warnx(
168
					    "you may not change the %s field",
169
						ep->prompt);
170
					goto bad;
171
				}
172
				if (!(p = strchr(buf, ':'))) {
173
					warnx("line %u corrupted", line);
174
					goto bad;
175
				}
176
				while (isspace((unsigned char)*++p))
177
					;
178
				for (q = p; isprint((unsigned char)*q); q++) {
179
					if (ep->except && strchr(ep->except,*q))
180
						break;
181
				}
182
				if (*q) {
183
					warnx(
184
				   "illegal character in the \"%s\" field",
185
					    ep->prompt);
186
					goto bad;
187
				}
188
				if ((ep->func)(p, pw, ep)) {
189
bad:					(void)fclose(fp);
190
					return (0);
191
				}
192
				break;
193
			}
194
		}
195
	}
196
	(void)fclose(fp);
197
198
	if (list[E_NAME].save == NULL)
199
		list[E_NAME].save = "";
200
	if (list[E_BPHONE].save == NULL)
201
		list[E_BPHONE].save = "";
202
	if (list[E_HPHONE].save == NULL)
203
		list[E_HPHONE].save = "";
204
	if (list[E_LOCATE].save == NULL)
205
		list[E_LOCATE].save = "";
206
207
	/* Build the gecos field. */
208
	for (alen = 0, p = list[E_NAME].save; *p; p++)
209
		if (*p == '&')
210
			alen = alen + strlen(pw->pw_name) - 1;
211
	if (asprintf(&p, "%s,%s,%s,%s", list[E_NAME].save,
212
	    list[E_LOCATE].save, list[E_BPHONE].save, list[E_HPHONE].save) == -1)
213
		err(1, NULL);
214
	pw->pw_gecos = p;
215
216
	if (snprintf(buf, sizeof(buf),
217
	    "%s:%s:%u:%u:%s:%ld:%ld:%s:%s:%s",
218
	    pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, pw->pw_class,
219
	    (long)pw->pw_change, (long)pw->pw_expire, pw->pw_gecos, pw->pw_dir,
220
	    pw->pw_shell) >= 1023 ||
221
	    strlen(buf) + alen >= 1023) {
222
		warnx("entries too long");
223
		free(p);
224
		return (0);
225
	}
226
	free(p);
227
228
	return (pw_scan(buf, pw, NULL));
229
}