1 /*- 2 * SPDX-License-Identifier: BSD-4-Clause 3 * 4 * Copyright (c) 1988, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * Copyright (c) 2002 Networks Associates Technology, Inc. 7 * All rights reserved. 8 * 9 * Portions of this software were developed for the FreeBSD Project by 10 * ThinkSec AS and NAI Labs, the Security Research Division of Network 11 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 12 * ("CBOSS"), as part of the DARPA CHATS research program. 13 * 14 * Redistribution and use in source and binary forms, with or without 15 * modification, are permitted provided that the following conditions 16 * are met: 17 * 1. Redistributions of source code must retain the above copyright 18 * notice, this list of conditions and the following disclaimer. 19 * 2. Redistributions in binary form must reproduce the above copyright 20 * notice, this list of conditions and the following disclaimer in the 21 * documentation and/or other materials provided with the distribution. 22 * 3. All advertising materials mentioning features or use of this software 23 * must display the following acknowledgement: 24 * This product includes software developed by the University of 25 * California, Berkeley and its contributors. 26 * 4. Neither the name of the University nor the names of its contributors 27 * may be used to endorse or promote products derived from this software 28 * without specific prior written permission. 29 * 30 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 31 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 32 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 33 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 34 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 35 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 36 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 37 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 38 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 39 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 40 * SUCH DAMAGE. 41 */ 42 43 #ifndef lint 44 #if 0 45 static char sccsid[] = "@(#)util.c 8.4 (Berkeley) 4/2/94"; 46 #endif 47 #endif /* not lint */ 48 #include <sys/cdefs.h> 49 __FBSDID("$FreeBSD$"); 50 51 #include <sys/types.h> 52 53 #include <ctype.h> 54 #include <stdint.h> 55 #include <stdio.h> 56 #include <stdlib.h> 57 #include <string.h> 58 #include <time.h> 59 #include <unistd.h> 60 61 #include "chpass.h" 62 63 static const char *months[] = 64 { "January", "February", "March", "April", "May", "June", 65 "July", "August", "September", "October", "November", 66 "December", NULL }; 67 68 char * 69 ttoa(time_t tval) 70 { 71 struct tm *tp; 72 static char tbuf[50]; 73 74 if (tval) { 75 tp = localtime(&tval); 76 (void)sprintf(tbuf, "%s %d, %d", months[tp->tm_mon], 77 tp->tm_mday, tp->tm_year + 1900); 78 } 79 else 80 *tbuf = '\0'; 81 return (tbuf); 82 } 83 84 int 85 atot(char *p, time_t *store) 86 { 87 static struct tm *lt; 88 char *t; 89 const char **mp; 90 time_t tval; 91 int day, month, year; 92 93 if (!*p) { 94 *store = 0; 95 return (0); 96 } 97 if (!lt) { 98 unsetenv("TZ"); 99 (void)time(&tval); 100 lt = localtime(&tval); 101 } 102 if (!(t = strtok(p, " \t"))) 103 goto bad; 104 if (isdigit(*t)) { 105 month = atoi(t); 106 } else { 107 for (mp = months;; ++mp) { 108 if (!*mp) 109 goto bad; 110 if (!strncasecmp(*mp, t, 3)) { 111 month = mp - months + 1; 112 break; 113 } 114 } 115 } 116 if (!(t = strtok(NULL, " \t,")) || !isdigit(*t)) 117 goto bad; 118 day = atoi(t); 119 if (!(t = strtok(NULL, " \t,")) || !isdigit(*t)) 120 goto bad; 121 year = atoi(t); 122 if (day < 1 || day > 31 || month < 1 || month > 12) 123 goto bad; 124 /* Allow two digit years 1969-2068 */ 125 if (year < 69) 126 year += 2000; 127 else if (year < 100) 128 year += 1900; 129 if (year < 1969) 130 bad: return (1); 131 lt->tm_year = year - 1900; 132 lt->tm_mon = month - 1; 133 lt->tm_mday = day; 134 lt->tm_hour = 0; 135 lt->tm_min = 0; 136 lt->tm_sec = 0; 137 lt->tm_isdst = -1; 138 if ((tval = mktime(lt)) < 0) 139 return (1); 140 #ifndef __i386__ 141 /* 142 * PR227589: The pwd.db and spwd.db files store the change and expire 143 * dates as unsigned 32-bit ints which overflow in 2106, so larger 144 * values must be rejected until the introduction of a v5 password 145 * database. i386 has 32-bit time_t and so dates beyond y2038 are 146 * already rejected by mktime above. 147 */ 148 if (tval > UINT32_MAX) 149 return (1); 150 #endif 151 *store = tval; 152 return (0); 153 } 154 155 int 156 ok_shell(char *name) 157 { 158 char *p, *sh; 159 160 setusershell(); 161 while ((sh = getusershell())) { 162 if (!strcmp(name, sh)) { 163 endusershell(); 164 return (1); 165 } 166 /* allow just shell name, but use "real" path */ 167 if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0) { 168 endusershell(); 169 return (1); 170 } 171 } 172 endusershell(); 173 return (0); 174 } 175 176 char * 177 dup_shell(char *name) 178 { 179 char *p, *sh, *ret; 180 181 setusershell(); 182 while ((sh = getusershell())) { 183 if (!strcmp(name, sh)) { 184 endusershell(); 185 return (strdup(name)); 186 } 187 /* allow just shell name, but use "real" path */ 188 if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0) { 189 ret = strdup(sh); 190 endusershell(); 191 return (ret); 192 } 193 } 194 endusershell(); 195 return (NULL); 196 } 197