xref: /freebsd/usr.bin/chpass/edit.c (revision 2008043f386721d58158e37e0d7e50df8095942d)
1 /*-
2  * SPDX-License-Identifier: BSD-4-Clause
3  *
4  * Copyright (c) 1990, 1993, 1994
5  *	The Regents of the University of California.  All rights reserved.
6  * Copyright (c) 2002 Networks Associates Technology, Inc.
7  * All rights reserved.
8  *
9  * Portions of this software were developed for the FreeBSD Project by
10  * ThinkSec AS and NAI Labs, the Security Research Division of Network
11  * Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
12  * ("CBOSS"), as part of the DARPA CHATS research program.
13  *
14  * Redistribution and use in source and binary forms, with or without
15  * modification, are permitted provided that the following conditions
16  * are met:
17  * 1. Redistributions of source code must retain the above copyright
18  *    notice, this list of conditions and the following disclaimer.
19  * 2. Redistributions in binary form must reproduce the above copyright
20  *    notice, this list of conditions and the following disclaimer in the
21  *    documentation and/or other materials provided with the distribution.
22  * 3. All advertising materials mentioning features or use of this software
23  *    must display the following acknowledgement:
24  *	This product includes software developed by the University of
25  *	California, Berkeley and its contributors.
26  * 4. Neither the name of the University nor the names of its contributors
27  *    may be used to endorse or promote products derived from this software
28  *    without specific prior written permission.
29  *
30  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
31  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
32  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
33  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
34  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
35  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
36  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
37  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
38  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
39  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40  * SUCH DAMAGE.
41  */
42 
43 #if 0
44 #ifndef lint
45 static char sccsid[] = "@(#)edit.c	8.3 (Berkeley) 4/2/94";
46 #endif /* not lint */
47 #endif
48 
49 #include <sys/cdefs.h>
50 #include <sys/param.h>
51 #include <sys/stat.h>
52 
53 #include <ctype.h>
54 #include <err.h>
55 #include <errno.h>
56 #include <paths.h>
57 #include <pwd.h>
58 #include <stdio.h>
59 #include <stdlib.h>
60 #include <string.h>
61 #include <unistd.h>
62 
63 #include <pw_scan.h>
64 #include <libutil.h>
65 
66 #include "chpass.h"
67 
68 static int display(const char *tfn, struct passwd *pw);
69 static struct passwd *verify(const char *tfn, struct passwd *pw);
70 
71 struct passwd *
72 edit(const char *tfn, struct passwd *pw)
73 {
74 	struct passwd *npw;
75 	char *line;
76 	size_t len;
77 
78 	if (display(tfn, pw) == -1)
79 		return (NULL);
80 	for (;;) {
81 		switch (pw_edit(1)) {
82 		case -1:
83 			return (NULL);
84 		case 0:
85 			return (pw_dup(pw));
86 		default:
87 			break;
88 		}
89 		if ((npw = verify(tfn, pw)) != NULL)
90 			return (npw);
91 		free(npw);
92 		printf("re-edit the password file? ");
93 		fflush(stdout);
94 		if ((line = fgetln(stdin, &len)) == NULL) {
95 			warn("fgetln()");
96 			return (NULL);
97 		}
98 		if (len > 0 && (*line == 'N' || *line == 'n'))
99 			return (NULL);
100 	}
101 }
102 
103 /*
104  * display --
105  *	print out the file for the user to edit; strange side-effect:
106  *	set conditional flag if the user gets to edit the shell.
107  */
108 static int
109 display(const char *tfn, struct passwd *pw)
110 {
111 	FILE *fp;
112 	char *bp, *gecos, *p;
113 
114 	if ((fp = fopen(tfn, "w")) == NULL) {
115 		warn("%s", tfn);
116 		return (-1);
117 	}
118 
119 	(void)fprintf(fp,
120 	    "#Changing user information for %s.\n", pw->pw_name);
121 	if (master_mode) {
122 		(void)fprintf(fp, "Login: %s\n", pw->pw_name);
123 		(void)fprintf(fp, "Password: %s\n", pw->pw_passwd);
124 		(void)fprintf(fp, "Uid [#]: %lu\n", (unsigned long)pw->pw_uid);
125 		(void)fprintf(fp, "Gid [# or name]: %lu\n",
126 		    (unsigned long)pw->pw_gid);
127 		(void)fprintf(fp, "Change [month day year]: %s\n",
128 		    ttoa(pw->pw_change));
129 		(void)fprintf(fp, "Expire [month day year]: %s\n",
130 		    ttoa(pw->pw_expire));
131 		(void)fprintf(fp, "Class: %s\n", pw->pw_class);
132 		(void)fprintf(fp, "Home directory: %s\n", pw->pw_dir);
133 		(void)fprintf(fp, "Shell: %s\n",
134 		    *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL);
135 	}
136 	/* Only admin can change "restricted" shells. */
137 #if 0
138 	else if (ok_shell(pw->pw_shell))
139 		/*
140 		 * Make shell a restricted field.  Ugly with a
141 		 * necklace, but there's not much else to do.
142 		 */
143 #else
144 	else if ((!list[E_SHELL].restricted && ok_shell(pw->pw_shell)) ||
145 	    master_mode)
146 		/*
147 		 * If change not restrict (table.c) and standard shell
148 		 *	OR if root, then allow editing of shell.
149 		 */
150 #endif
151 		(void)fprintf(fp, "Shell: %s\n",
152 		    *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL);
153 	else
154 		list[E_SHELL].restricted = 1;
155 
156 	if ((bp = gecos = strdup(pw->pw_gecos)) == NULL) {
157 		warn(NULL);
158 		fclose(fp);
159 		return (-1);
160 	}
161 
162 	p = strsep(&bp, ",");
163 	p = strdup(p ? p : "");
164 	list[E_NAME].save = p;
165 	if (!list[E_NAME].restricted || master_mode)
166 	  (void)fprintf(fp, "Full Name: %s\n", p);
167 
168 	p = strsep(&bp, ",");
169 	p = strdup(p ? p : "");
170 	list[E_LOCATE].save = p;
171 	if (!list[E_LOCATE].restricted || master_mode)
172 	  (void)fprintf(fp, "Office Location: %s\n", p);
173 
174 	p = strsep(&bp, ",");
175 	p = strdup(p ? p : "");
176 	list[E_BPHONE].save = p;
177 	if (!list[E_BPHONE].restricted || master_mode)
178 	  (void)fprintf(fp, "Office Phone: %s\n", p);
179 
180 	p = strsep(&bp, ",");
181 	p = strdup(p ? p : "");
182 	list[E_HPHONE].save = p;
183 	if (!list[E_HPHONE].restricted || master_mode)
184 	  (void)fprintf(fp, "Home Phone: %s\n", p);
185 
186 	bp = strdup(bp ? bp : "");
187 	list[E_OTHER].save = bp;
188 	if (!list[E_OTHER].restricted || master_mode)
189 	  (void)fprintf(fp, "Other information: %s\n", bp);
190 
191 	free(gecos);
192 
193 	(void)fchown(fileno(fp), getuid(), getgid());
194 	(void)fclose(fp);
195 	return (0);
196 }
197 
198 static struct passwd *
199 verify(const char *tfn, struct passwd *pw)
200 {
201 	struct passwd *npw;
202 	ENTRY *ep;
203 	char *buf, *p, *val;
204 	struct stat sb;
205 	FILE *fp;
206 	int line;
207 	size_t len;
208 
209 	if ((pw = pw_dup(pw)) == NULL)
210 		return (NULL);
211 	if ((fp = fopen(tfn, "r")) == NULL ||
212 	    fstat(fileno(fp), &sb) == -1) {
213 		warn("%s", tfn);
214 		free(pw);
215 		return (NULL);
216 	}
217 	if (sb.st_size == 0) {
218 		warnx("corrupted temporary file");
219 		fclose(fp);
220 		free(pw);
221 		return (NULL);
222 	}
223 	val = NULL;
224 	for (line = 1; (buf = fgetln(fp, &len)) != NULL; ++line) {
225 		if (*buf == '\0' || *buf == '#')
226 			continue;
227 		while (len > 0 && isspace(buf[len - 1]))
228 			--len;
229 		for (ep = list;; ++ep) {
230 			if (!ep->prompt) {
231 				warnx("%s: unrecognized field on line %d",
232 				    tfn, line);
233 				goto bad;
234 			}
235 			if (ep->len > len)
236 				continue;
237 			if (strncasecmp(buf, ep->prompt, ep->len) != 0)
238 				continue;
239 			if (ep->restricted && !master_mode) {
240 				warnx("%s: you may not change the %s field",
241 				    tfn, ep->prompt);
242 				goto bad;
243 			}
244 			for (p = buf; p < buf + len && *p != ':'; ++p)
245 				/* nothing */ ;
246 			if (*p != ':') {
247 				warnx("%s: line %d corrupted", tfn, line);
248 				goto bad;
249 			}
250 			while (++p < buf + len && isspace(*p))
251 				/* nothing */ ;
252 			free(val);
253 			asprintf(&val, "%.*s", (int)(buf + len - p), p);
254 			if (val == NULL)
255 				goto bad;
256 			if (ep->except && strpbrk(val, ep->except)) {
257 				warnx("%s: invalid character in \"%s\" field '%s'",
258 				    tfn, ep->prompt, val);
259 				goto bad;
260 			}
261 			if ((ep->func)(val, pw, ep))
262 				goto bad;
263 			break;
264 		}
265 	}
266 	free(val);
267 	fclose(fp);
268 
269 	/* Build the gecos field. */
270 	len = asprintf(&p, "%s,%s,%s,%s,%s", list[E_NAME].save,
271 	    list[E_LOCATE].save, list[E_BPHONE].save,
272 	    list[E_HPHONE].save, list[E_OTHER].save);
273 	if (p == NULL) {
274 		warn("asprintf()");
275 		free(pw);
276 		return (NULL);
277 	}
278 	while (len > 0 && p[len - 1] == ',')
279 		p[--len] = '\0';
280 	pw->pw_gecos = p;
281 	buf = pw_make(pw);
282 	free(pw);
283 	free(p);
284 	if (buf == NULL) {
285 		warn("pw_make()");
286 		return (NULL);
287 	}
288 	npw = pw_scan(buf, PWSCAN_WARN|PWSCAN_MASTER);
289 	free(buf);
290 	return (npw);
291 bad:
292 	free(pw);
293 	free(val);
294 	fclose(fp);
295 	return (NULL);
296 }
297