xref: /freebsd/usr.bin/chpass/util.c (revision 58d84ef87094691bf1ad9608964ec85f120cd34a)
1 /*-
2  * SPDX-License-Identifier: BSD-4-Clause
3  *
4  * Copyright (c) 1988, 1993, 1994
5  *	The Regents of the University of California.  All rights reserved.
6  * Copyright (c) 2002 Networks Associates Technology, Inc.
7  * All rights reserved.
8  *
9  * Portions of this software were developed for the FreeBSD Project by
10  * ThinkSec AS and NAI Labs, the Security Research Division of Network
11  * Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
12  * ("CBOSS"), as part of the DARPA CHATS research program.
13  *
14  * Redistribution and use in source and binary forms, with or without
15  * modification, are permitted provided that the following conditions
16  * are met:
17  * 1. Redistributions of source code must retain the above copyright
18  *    notice, this list of conditions and the following disclaimer.
19  * 2. Redistributions in binary form must reproduce the above copyright
20  *    notice, this list of conditions and the following disclaimer in the
21  *    documentation and/or other materials provided with the distribution.
22  * 3. All advertising materials mentioning features or use of this software
23  *    must display the following acknowledgement:
24  *	This product includes software developed by the University of
25  *	California, Berkeley and its contributors.
26  * 4. Neither the name of the University nor the names of its contributors
27  *    may be used to endorse or promote products derived from this software
28  *    without specific prior written permission.
29  *
30  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
31  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
32  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
33  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
34  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
35  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
36  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
37  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
38  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
39  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40  * SUCH DAMAGE.
41  */
42 
43 #ifndef lint
44 #if 0
45 static char sccsid[] = "@(#)util.c	8.4 (Berkeley) 4/2/94";
46 #endif
47 #endif /* not lint */
48 #include <sys/cdefs.h>
49 __FBSDID("$FreeBSD$");
50 
51 #include <sys/types.h>
52 
53 #include <ctype.h>
54 #include <stdint.h>
55 #include <stdio.h>
56 #include <stdlib.h>
57 #include <string.h>
58 #include <time.h>
59 #include <unistd.h>
60 
61 #include "chpass.h"
62 
63 static const char *months[] =
64 	{ "January", "February", "March", "April", "May", "June",
65 	  "July", "August", "September", "October", "November",
66 	  "December", NULL };
67 
68 char *
69 ttoa(time_t tval)
70 {
71 	struct tm *tp;
72 	static char tbuf[50];
73 
74 	if (tval) {
75 		tp = localtime(&tval);
76 		(void)sprintf(tbuf, "%s %d, %d", months[tp->tm_mon],
77 		    tp->tm_mday, tp->tm_year + 1900);
78 	}
79 	else
80 		*tbuf = '\0';
81 	return (tbuf);
82 }
83 
84 int
85 atot(char *p, time_t *store)
86 {
87 	static struct tm *lt;
88 	char *t;
89 	const char **mp;
90 	time_t tval;
91 	int day, month, year;
92 
93 	if (!*p) {
94 		*store = 0;
95 		return (0);
96 	}
97 	if (!lt) {
98 		unsetenv("TZ");
99 		(void)time(&tval);
100 		lt = localtime(&tval);
101 	}
102 	if (!(t = strtok(p, " \t")))
103 		goto bad;
104 	if (isdigit(*t)) {
105 		month = atoi(t);
106 	} else {
107 		for (mp = months;; ++mp) {
108 			if (!*mp)
109 				goto bad;
110 			if (!strncasecmp(*mp, t, 3)) {
111 				month = mp - months + 1;
112 				break;
113 			}
114 		}
115 	}
116 	if (!(t = strtok(NULL, " \t,")) || !isdigit(*t))
117 		goto bad;
118 	day = atoi(t);
119 	if (!(t = strtok(NULL, " \t,")) || !isdigit(*t))
120 		goto bad;
121 	year = atoi(t);
122 	if (day < 1 || day > 31 || month < 1 || month > 12)
123 		goto bad;
124 	/* Allow two digit years 1969-2068 */
125 	if (year < 69)
126 		year += 2000;
127 	else if (year < 100)
128 		year += 1900;
129 	if (year < 1969)
130 bad:		return (1);
131 	lt->tm_year = year - 1900;
132 	lt->tm_mon = month - 1;
133 	lt->tm_mday = day;
134 	lt->tm_hour = 0;
135 	lt->tm_min = 0;
136 	lt->tm_sec = 0;
137 	lt->tm_isdst = -1;
138 	if ((tval = mktime(lt)) < 0)
139 		return (1);
140 #ifndef __i386__
141 	/*
142 	 * PR227589: The pwd.db and spwd.db files store the change and expire
143 	 * dates as unsigned 32-bit ints which overflow in 2106, so larger
144 	 * values must be rejected until the introduction of a v5 password
145 	 * database.  i386 has 32-bit time_t and so dates beyond y2038 are
146 	 * already rejected by mktime above.
147 	 */
148 	if (tval > UINT32_MAX)
149 		return (1);
150 #endif
151 	*store = tval;
152 	return (0);
153 }
154 
155 int
156 ok_shell(char *name)
157 {
158 	char *p, *sh;
159 
160 	setusershell();
161 	while ((sh = getusershell())) {
162 		if (!strcmp(name, sh)) {
163 			endusershell();
164 			return (1);
165 		}
166 		/* allow just shell name, but use "real" path */
167 		if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0) {
168 			endusershell();
169 			return (1);
170 		}
171 	}
172 	endusershell();
173 	return (0);
174 }
175 
176 char *
177 dup_shell(char *name)
178 {
179 	char *p, *sh, *ret;
180 
181 	setusershell();
182 	while ((sh = getusershell())) {
183 		if (!strcmp(name, sh)) {
184 			endusershell();
185 			return (strdup(name));
186 		}
187 		/* allow just shell name, but use "real" path */
188 		if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0) {
189 			ret = strdup(sh);
190 			endusershell();
191 			return (ret);
192 		}
193 	}
194 	endusershell();
195 	return (NULL);
196 }
197