xref: /freebsd/usr.bin/chpass/edit.c (revision eb69d1f144a6fcc765d1b9d44a5ae8082353e70b)
1 /*-
2  * SPDX-License-Identifier: BSD-4-Clause
3  *
4  * Copyright (c) 1990, 1993, 1994
5  *	The Regents of the University of California.  All rights reserved.
6  * Copyright (c) 2002 Networks Associates Technology, Inc.
7  * All rights reserved.
8  *
9  * Portions of this software were developed for the FreeBSD Project by
10  * ThinkSec AS and NAI Labs, the Security Research Division of Network
11  * Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
12  * ("CBOSS"), as part of the DARPA CHATS research program.
13  *
14  * Redistribution and use in source and binary forms, with or without
15  * modification, are permitted provided that the following conditions
16  * are met:
17  * 1. Redistributions of source code must retain the above copyright
18  *    notice, this list of conditions and the following disclaimer.
19  * 2. Redistributions in binary form must reproduce the above copyright
20  *    notice, this list of conditions and the following disclaimer in the
21  *    documentation and/or other materials provided with the distribution.
22  * 3. All advertising materials mentioning features or use of this software
23  *    must display the following acknowledgement:
24  *	This product includes software developed by the University of
25  *	California, Berkeley and its contributors.
26  * 4. Neither the name of the University nor the names of its contributors
27  *    may be used to endorse or promote products derived from this software
28  *    without specific prior written permission.
29  *
30  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
31  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
32  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
33  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
34  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
35  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
36  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
37  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
38  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
39  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40  * SUCH DAMAGE.
41  */
42 
43 #if 0
44 #ifndef lint
45 static char sccsid[] = "@(#)edit.c	8.3 (Berkeley) 4/2/94";
46 #endif /* not lint */
47 #endif
48 
49 #include <sys/cdefs.h>
50 __FBSDID("$FreeBSD$");
51 
52 #include <sys/param.h>
53 #include <sys/stat.h>
54 
55 #include <ctype.h>
56 #include <err.h>
57 #include <errno.h>
58 #include <paths.h>
59 #include <pwd.h>
60 #include <stdio.h>
61 #include <stdlib.h>
62 #include <string.h>
63 #include <unistd.h>
64 
65 #include <pw_scan.h>
66 #include <libutil.h>
67 
68 #include "chpass.h"
69 
70 static int display(const char *tfn, struct passwd *pw);
71 static struct passwd *verify(const char *tfn, struct passwd *pw);
72 
73 struct passwd *
74 edit(const char *tfn, struct passwd *pw)
75 {
76 	struct passwd *npw;
77 	char *line;
78 	size_t len;
79 
80 	if (display(tfn, pw) == -1)
81 		return (NULL);
82 	for (;;) {
83 		switch (pw_edit(1)) {
84 		case -1:
85 			return (NULL);
86 		case 0:
87 			return (pw_dup(pw));
88 		default:
89 			break;
90 		}
91 		if ((npw = verify(tfn, pw)) != NULL)
92 			return (npw);
93 		free(npw);
94 		printf("re-edit the password file? ");
95 		fflush(stdout);
96 		if ((line = fgetln(stdin, &len)) == NULL) {
97 			warn("fgetln()");
98 			return (NULL);
99 		}
100 		if (len > 0 && (*line == 'N' || *line == 'n'))
101 			return (NULL);
102 	}
103 }
104 
105 /*
106  * display --
107  *	print out the file for the user to edit; strange side-effect:
108  *	set conditional flag if the user gets to edit the shell.
109  */
110 static int
111 display(const char *tfn, struct passwd *pw)
112 {
113 	FILE *fp;
114 	char *bp, *gecos, *p;
115 
116 	if ((fp = fopen(tfn, "w")) == NULL) {
117 		warn("%s", tfn);
118 		return (-1);
119 	}
120 
121 	(void)fprintf(fp,
122 	    "#Changing user information for %s.\n", pw->pw_name);
123 	if (master_mode) {
124 		(void)fprintf(fp, "Login: %s\n", pw->pw_name);
125 		(void)fprintf(fp, "Password: %s\n", pw->pw_passwd);
126 		(void)fprintf(fp, "Uid [#]: %lu\n", (unsigned long)pw->pw_uid);
127 		(void)fprintf(fp, "Gid [# or name]: %lu\n",
128 		    (unsigned long)pw->pw_gid);
129 		(void)fprintf(fp, "Change [month day year]: %s\n",
130 		    ttoa(pw->pw_change));
131 		(void)fprintf(fp, "Expire [month day year]: %s\n",
132 		    ttoa(pw->pw_expire));
133 		(void)fprintf(fp, "Class: %s\n", pw->pw_class);
134 		(void)fprintf(fp, "Home directory: %s\n", pw->pw_dir);
135 		(void)fprintf(fp, "Shell: %s\n",
136 		    *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL);
137 	}
138 	/* Only admin can change "restricted" shells. */
139 #if 0
140 	else if (ok_shell(pw->pw_shell))
141 		/*
142 		 * Make shell a restricted field.  Ugly with a
143 		 * necklace, but there's not much else to do.
144 		 */
145 #else
146 	else if ((!list[E_SHELL].restricted && ok_shell(pw->pw_shell)) ||
147 	    master_mode)
148 		/*
149 		 * If change not restrict (table.c) and standard shell
150 		 *	OR if root, then allow editing of shell.
151 		 */
152 #endif
153 		(void)fprintf(fp, "Shell: %s\n",
154 		    *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL);
155 	else
156 		list[E_SHELL].restricted = 1;
157 
158 	if ((bp = gecos = strdup(pw->pw_gecos)) == NULL) {
159 		warn(NULL);
160 		fclose(fp);
161 		return (-1);
162 	}
163 
164 	p = strsep(&bp, ",");
165 	p = strdup(p ? p : "");
166 	list[E_NAME].save = p;
167 	if (!list[E_NAME].restricted || master_mode)
168 	  (void)fprintf(fp, "Full Name: %s\n", p);
169 
170 	p = strsep(&bp, ",");
171 	p = strdup(p ? p : "");
172 	list[E_LOCATE].save = p;
173 	if (!list[E_LOCATE].restricted || master_mode)
174 	  (void)fprintf(fp, "Office Location: %s\n", p);
175 
176 	p = strsep(&bp, ",");
177 	p = strdup(p ? p : "");
178 	list[E_BPHONE].save = p;
179 	if (!list[E_BPHONE].restricted || master_mode)
180 	  (void)fprintf(fp, "Office Phone: %s\n", p);
181 
182 	p = strsep(&bp, ",");
183 	p = strdup(p ? p : "");
184 	list[E_HPHONE].save = p;
185 	if (!list[E_HPHONE].restricted || master_mode)
186 	  (void)fprintf(fp, "Home Phone: %s\n", p);
187 
188 	bp = strdup(bp ? bp : "");
189 	list[E_OTHER].save = bp;
190 	if (!list[E_OTHER].restricted || master_mode)
191 	  (void)fprintf(fp, "Other information: %s\n", bp);
192 
193 	free(gecos);
194 
195 	(void)fchown(fileno(fp), getuid(), getgid());
196 	(void)fclose(fp);
197 	return (0);
198 }
199 
200 static struct passwd *
201 verify(const char *tfn, struct passwd *pw)
202 {
203 	struct passwd *npw;
204 	ENTRY *ep;
205 	char *buf, *p, *val;
206 	struct stat sb;
207 	FILE *fp;
208 	int line;
209 	size_t len;
210 
211 	if ((pw = pw_dup(pw)) == NULL)
212 		return (NULL);
213 	if ((fp = fopen(tfn, "r")) == NULL ||
214 	    fstat(fileno(fp), &sb) == -1) {
215 		warn("%s", tfn);
216 		free(pw);
217 		return (NULL);
218 	}
219 	if (sb.st_size == 0) {
220 		warnx("corrupted temporary file");
221 		fclose(fp);
222 		free(pw);
223 		return (NULL);
224 	}
225 	val = NULL;
226 	for (line = 1; (buf = fgetln(fp, &len)) != NULL; ++line) {
227 		if (*buf == '\0' || *buf == '#')
228 			continue;
229 		while (len > 0 && isspace(buf[len - 1]))
230 			--len;
231 		for (ep = list;; ++ep) {
232 			if (!ep->prompt) {
233 				warnx("%s: unrecognized field on line %d",
234 				    tfn, line);
235 				goto bad;
236 			}
237 			if (ep->len > len)
238 				continue;
239 			if (strncasecmp(buf, ep->prompt, ep->len) != 0)
240 				continue;
241 			if (ep->restricted && !master_mode) {
242 				warnx("%s: you may not change the %s field",
243 				    tfn, ep->prompt);
244 				goto bad;
245 			}
246 			for (p = buf; p < buf + len && *p != ':'; ++p)
247 				/* nothing */ ;
248 			if (*p != ':') {
249 				warnx("%s: line %d corrupted", tfn, line);
250 				goto bad;
251 			}
252 			while (++p < buf + len && isspace(*p))
253 				/* nothing */ ;
254 			free(val);
255 			asprintf(&val, "%.*s", (int)(buf + len - p), p);
256 			if (val == NULL)
257 				goto bad;
258 			if (ep->except && strpbrk(val, ep->except)) {
259 				warnx("%s: invalid character in \"%s\" field '%s'",
260 				    tfn, ep->prompt, val);
261 				goto bad;
262 			}
263 			if ((ep->func)(val, pw, ep))
264 				goto bad;
265 			break;
266 		}
267 	}
268 	free(val);
269 	fclose(fp);
270 
271 	/* Build the gecos field. */
272 	len = asprintf(&p, "%s,%s,%s,%s,%s", list[E_NAME].save,
273 	    list[E_LOCATE].save, list[E_BPHONE].save,
274 	    list[E_HPHONE].save, list[E_OTHER].save);
275 	if (p == NULL) {
276 		warn("asprintf()");
277 		free(pw);
278 		return (NULL);
279 	}
280 	while (len > 0 && p[len - 1] == ',')
281 		p[--len] = '\0';
282 	pw->pw_gecos = p;
283 	buf = pw_make(pw);
284 	free(pw);
285 	free(p);
286 	if (buf == NULL) {
287 		warn("pw_make()");
288 		return (NULL);
289 	}
290 	npw = pw_scan(buf, PWSCAN_WARN|PWSCAN_MASTER);
291 	free(buf);
292 	return (npw);
293 bad:
294 	free(pw);
295 	free(val);
296 	fclose(fp);
297 	return (NULL);
298 }
299