1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1989, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * This code is derived from software contributed to Berkeley by
8 * Tony Nardo of the Johns Hopkins University/Applied Physics Lab.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 */
34
35 #include <sys/param.h>
36 #include <sys/socket.h>
37 #include <sys/stat.h>
38 #include <ctype.h>
39 #include <db.h>
40 #include <err.h>
41 #include <errno.h>
42 #include <fcntl.h>
43 #include <paths.h>
44 #include <pwd.h>
45 #include <stdio.h>
46 #include <stdlib.h>
47 #include <string.h>
48 #include <unistd.h>
49 #include <utmpx.h>
50 #include "finger.h"
51 #include "pathnames.h"
52
53 static void find_idle_and_ttywrite(WHERE *);
54 static void userinfo(PERSON *, struct passwd *);
55 static WHERE *walloc(PERSON *);
56
57 int
match(struct passwd * pw,const char * user)58 match(struct passwd *pw, const char *user)
59 {
60 char *p, *t;
61 char name[1024];
62
63 if (!strcasecmp(pw->pw_name, user))
64 return(1);
65
66 /*
67 * XXX
68 * Why do we skip asterisks!?!?
69 */
70 (void)strncpy(p = tbuf, pw->pw_gecos, sizeof(tbuf));
71 tbuf[sizeof(tbuf) - 1] = '\0';
72 if (*p == '*')
73 ++p;
74
75 /* Ampersands get replaced by the login name. */
76 if ((p = strtok(p, ",")) == NULL)
77 return(0);
78
79 for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) {
80 if (*t == '&') {
81 (void)strncpy(t, pw->pw_name,
82 sizeof(name) - (t - name));
83 name[sizeof(name) - 1] = '\0';
84 while (t < &name[sizeof(name) - 1] && *++t)
85 continue;
86 } else {
87 ++t;
88 }
89 }
90 *t = '\0';
91 for (t = name; (p = strtok(t, "\t ")) != NULL; t = NULL)
92 if (!strcasecmp(p, user))
93 return(1);
94 return(0);
95 }
96
97 void
enter_lastlog(PERSON * pn)98 enter_lastlog(PERSON *pn)
99 {
100 WHERE *w;
101 struct utmpx *ut = NULL;
102 char doit = 0;
103
104 if (setutxdb(UTXDB_LASTLOGIN, NULL) == 0)
105 ut = getutxuser(pn->name);
106 if ((w = pn->whead) == NULL)
107 doit = 1;
108 else if (ut != NULL && ut->ut_type == USER_PROCESS) {
109 /* if last login is earlier than some current login */
110 for (; !doit && w != NULL; w = w->next)
111 if (w->info == LOGGEDIN &&
112 w->loginat < ut->ut_tv.tv_sec)
113 doit = 1;
114 /*
115 * and if it's not any of the current logins
116 * can't use time comparison because there may be a small
117 * discrepancy since login calls time() twice
118 */
119 for (w = pn->whead; doit && w != NULL; w = w->next)
120 if (w->info == LOGGEDIN &&
121 strcmp(w->tty, ut->ut_line) == 0)
122 doit = 0;
123 }
124 if (ut != NULL && doit) {
125 w = walloc(pn);
126 w->info = LASTLOG;
127 strcpy(w->tty, ut->ut_line);
128 strcpy(w->host, ut->ut_host);
129 w->loginat = ut->ut_tv.tv_sec;
130 }
131 endutxent();
132 }
133
134 void
enter_where(struct utmpx * ut,PERSON * pn)135 enter_where(struct utmpx *ut, PERSON *pn)
136 {
137 WHERE *w;
138
139 w = walloc(pn);
140 w->info = LOGGEDIN;
141 strcpy(w->tty, ut->ut_line);
142 strcpy(w->host, ut->ut_host);
143 w->loginat = ut->ut_tv.tv_sec;
144 find_idle_and_ttywrite(w);
145 }
146
147 PERSON *
enter_person(struct passwd * pw)148 enter_person(struct passwd *pw)
149 {
150 DBT data, key;
151 PERSON *pn;
152
153 if (db == NULL &&
154 (db = dbopen(NULL, O_RDWR, 0, DB_BTREE, NULL)) == NULL)
155 err(1, NULL);
156
157 key.data = pw->pw_name;
158 key.size = strlen(pw->pw_name);
159
160 switch ((*db->get)(db, &key, &data, 0)) {
161 case 0:
162 memmove(&pn, data.data, sizeof pn);
163 return (pn);
164 default:
165 case -1:
166 err(1, "db get");
167 /* NOTREACHED */
168 case 1:
169 ++entries;
170 pn = palloc();
171 userinfo(pn, pw);
172 pn->whead = NULL;
173
174 data.size = sizeof(PERSON *);
175 data.data = &pn;
176 if ((*db->put)(db, &key, &data, 0))
177 err(1, "db put");
178 return (pn);
179 }
180 }
181
182 PERSON *
find_person(char * name)183 find_person(char *name)
184 {
185 struct passwd *pw;
186
187 DBT data, key;
188 PERSON *p;
189
190 if (!db)
191 return(NULL);
192
193 if ((pw = getpwnam(name)) && hide(pw))
194 return(NULL);
195
196 key.data = name;
197 key.size = strlen(name);
198
199 if ((*db->get)(db, &key, &data, 0))
200 return (NULL);
201 memmove(&p, data.data, sizeof p);
202 return (p);
203 }
204
205 PERSON *
palloc(void)206 palloc(void)
207 {
208 PERSON *p;
209
210 if ((p = malloc(sizeof(PERSON))) == NULL)
211 err(1, NULL);
212 return(p);
213 }
214
215 static WHERE *
walloc(PERSON * pn)216 walloc(PERSON *pn)
217 {
218 WHERE *w;
219
220 if ((w = malloc(sizeof(WHERE))) == NULL)
221 err(1, NULL);
222 if (pn->whead == NULL)
223 pn->whead = pn->wtail = w;
224 else {
225 pn->wtail->next = w;
226 pn->wtail = w;
227 }
228 w->next = NULL;
229 return(w);
230 }
231
232 char *
prphone(char * num)233 prphone(char *num)
234 {
235 char *p;
236 int len;
237 static char pbuf[20];
238
239 /* don't touch anything if the user has their own formatting */
240 for (p = num; *p; ++p)
241 if (!isdigit(*p))
242 return(num);
243 len = p - num;
244 p = pbuf;
245 switch(len) {
246 case 11: /* +0-123-456-7890 */
247 *p++ = '+';
248 *p++ = *num++;
249 *p++ = '-';
250 /* FALLTHROUGH */
251 case 10: /* 012-345-6789 */
252 *p++ = *num++;
253 *p++ = *num++;
254 *p++ = *num++;
255 *p++ = '-';
256 /* FALLTHROUGH */
257 case 7: /* 012-3456 */
258 *p++ = *num++;
259 *p++ = *num++;
260 *p++ = *num++;
261 break;
262 case 5: /* x0-1234 */
263 case 4: /* x1234 */
264 *p++ = 'x';
265 *p++ = *num++;
266 break;
267 default:
268 return(num);
269 }
270 if (len != 4) {
271 *p++ = '-';
272 *p++ = *num++;
273 }
274 *p++ = *num++;
275 *p++ = *num++;
276 *p++ = *num++;
277 *p = '\0';
278 return(pbuf);
279 }
280
281 static void
find_idle_and_ttywrite(WHERE * w)282 find_idle_and_ttywrite(WHERE *w)
283 {
284 struct stat sb;
285 time_t touched;
286 int error;
287
288 (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_DEV, w->tty);
289
290 error = stat(tbuf, &sb);
291 if (error < 0 && errno == ENOENT) {
292 /*
293 * The terminal listed is not actually a terminal (i.e.,
294 * ":0"). This is a failure, so we'll skip printing
295 * out the idle time, which is non-ideal but better
296 * than a bogus warning and idle time.
297 */
298 w->idletime = -1;
299 return;
300 } else if (error < 0) {
301 warn("%s", tbuf);
302 w->idletime = -1;
303 return;
304 }
305 touched = sb.st_atime;
306 if (touched < w->loginat) {
307 /* tty untouched since before login */
308 touched = w->loginat;
309 }
310 w->idletime = now < touched ? 0 : now - touched;
311
312 #define TALKABLE 0220 /* tty is writable if 220 mode */
313 w->writable = ((sb.st_mode & TALKABLE) == TALKABLE);
314 }
315
316 static void
userinfo(PERSON * pn,struct passwd * pw)317 userinfo(PERSON *pn, struct passwd *pw)
318 {
319 char *p, *t;
320 char *bp, name[1024];
321 struct stat sb;
322
323 pn->realname = pn->office = pn->officephone = pn->homephone = NULL;
324
325 pn->uid = pw->pw_uid;
326 if ((pn->name = strdup(pw->pw_name)) == NULL)
327 err(1, "strdup failed");
328 if ((pn->dir = strdup(pw->pw_dir)) == NULL)
329 err(1, "strdup failed");
330 if ((pn->shell = strdup(pw->pw_shell)) == NULL)
331 err(1, "strdup failed");
332
333 /* why do we skip asterisks!?!? */
334 (void)strncpy(bp = tbuf, pw->pw_gecos, sizeof(tbuf));
335 tbuf[sizeof(tbuf) - 1] = '\0';
336 if (*bp == '*')
337 ++bp;
338
339 /* ampersands get replaced by the login name */
340 if (!(p = strsep(&bp, ",")))
341 return;
342 for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) {
343 if (*t == '&') {
344 (void)strncpy(t, pw->pw_name,
345 sizeof(name) - (t - name));
346 name[sizeof(name) - 1] = '\0';
347 if (islower(*t))
348 *t = toupper(*t);
349 while (t < &name[sizeof(name) - 1] && *++t)
350 continue;
351 } else {
352 ++t;
353 }
354 }
355 *t = '\0';
356 if ((pn->realname = strdup(name)) == NULL)
357 err(1, "strdup failed");
358 pn->office = ((p = strsep(&bp, ",")) && *p) ?
359 strdup(p) : NULL;
360 pn->officephone = ((p = strsep(&bp, ",")) && *p) ?
361 strdup(p) : NULL;
362 pn->homephone = ((p = strsep(&bp, ",")) && *p) ?
363 strdup(p) : NULL;
364 (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pw->pw_name);
365 pn->mailrecv = -1; /* -1 == not_valid */
366 if (stat(tbuf, &sb) < 0) {
367 if (errno != ENOENT) {
368 warn("%s", tbuf);
369 return;
370 }
371 } else if (sb.st_size != 0) {
372 pn->mailrecv = sb.st_mtime;
373 pn->mailread = sb.st_atime;
374 }
375 }
376
377 /*
378 * Is this user hiding from finger?
379 * If ~<user>/.nofinger exists, return 1 (hide), else return 0 (nohide).
380 * Nobody can hide from root.
381 */
382
383 int
hide(struct passwd * pw)384 hide(struct passwd *pw)
385 {
386 struct stat st;
387 char buf[MAXPATHLEN];
388
389 if (invoker_root || !pw->pw_dir)
390 return 0;
391
392 snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER);
393
394 if (stat(buf, &st) == 0)
395 return 1;
396
397 return 0;
398 }
399