1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Tony Nardo of the Johns Hopkins University/Applied Physics Lab. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #if 0 38 #ifndef lint 39 static char sccsid[] = "@(#)util.c 8.3 (Berkeley) 4/28/95"; 40 #endif 41 #endif 42 43 #include <sys/cdefs.h> 44 __FBSDID("$FreeBSD$"); 45 46 #include <sys/param.h> 47 #include <sys/socket.h> 48 #include <sys/stat.h> 49 #include <ctype.h> 50 #include <db.h> 51 #include <err.h> 52 #include <errno.h> 53 #include <fcntl.h> 54 #include <paths.h> 55 #include <pwd.h> 56 #include <stdio.h> 57 #include <stdlib.h> 58 #include <string.h> 59 #include <unistd.h> 60 #include <utmp.h> 61 #include "finger.h" 62 #include "pathnames.h" 63 64 static void find_idle_and_ttywrite(WHERE *); 65 static void userinfo(PERSON *, struct passwd *); 66 static WHERE *walloc(PERSON *); 67 68 int 69 match(struct passwd *pw, const char *user) 70 { 71 char *p, *t; 72 char name[1024]; 73 74 if (!strcasecmp(pw->pw_name, user)) 75 return(1); 76 77 /* 78 * XXX 79 * Why do we skip asterisks!?!? 80 */ 81 (void)strncpy(p = tbuf, pw->pw_gecos, sizeof(tbuf)); 82 tbuf[sizeof(tbuf) - 1] = '\0'; 83 if (*p == '*') 84 ++p; 85 86 /* Ampersands get replaced by the login name. */ 87 if ((p = strtok(p, ",")) == NULL) 88 return(0); 89 90 for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) { 91 if (*t == '&') { 92 (void)strncpy(t, pw->pw_name, 93 sizeof(name) - (t - name)); 94 name[sizeof(name) - 1] = '\0'; 95 while (t < &name[sizeof(name) - 1] && *++t) 96 continue; 97 } else { 98 ++t; 99 } 100 } 101 *t = '\0'; 102 for (t = name; (p = strtok(t, "\t ")) != NULL; t = NULL) 103 if (!strcasecmp(p, user)) 104 return(1); 105 return(0); 106 } 107 108 void 109 enter_lastlog(PERSON *pn) 110 { 111 WHERE *w; 112 static int opened, fd; 113 struct lastlog ll; 114 char doit = 0; 115 116 /* some systems may not maintain lastlog, don't report errors. */ 117 if (!opened) { 118 fd = open(_PATH_LASTLOG, O_RDONLY, 0); 119 opened = 1; 120 } 121 if (fd == -1 || 122 lseek(fd, (long)pn->uid * sizeof(ll), SEEK_SET) != 123 (long)pn->uid * sizeof(ll) || 124 read(fd, (char *)&ll, sizeof(ll)) != sizeof(ll)) { 125 /* as if never logged in */ 126 ll.ll_line[0] = ll.ll_host[0] = '\0'; 127 ll.ll_time = 0; 128 } 129 if ((w = pn->whead) == NULL) 130 doit = 1; 131 else if (ll.ll_time != 0) { 132 /* if last login is earlier than some current login */ 133 for (; !doit && w != NULL; w = w->next) 134 if (w->info == LOGGEDIN && w->loginat < ll.ll_time) 135 doit = 1; 136 /* 137 * and if it's not any of the current logins 138 * can't use time comparison because there may be a small 139 * discrepancy since login calls time() twice 140 */ 141 for (w = pn->whead; doit && w != NULL; w = w->next) 142 if (w->info == LOGGEDIN && 143 strncmp(w->tty, ll.ll_line, UT_LINESIZE) == 0) 144 doit = 0; 145 } 146 if (doit) { 147 w = walloc(pn); 148 w->info = LASTLOG; 149 bcopy(ll.ll_line, w->tty, UT_LINESIZE); 150 w->tty[UT_LINESIZE] = 0; 151 bcopy(ll.ll_host, w->host, UT_HOSTSIZE); 152 w->host[UT_HOSTSIZE] = 0; 153 w->loginat = ll.ll_time; 154 } 155 } 156 157 void 158 enter_where(struct utmp *ut, PERSON *pn) 159 { 160 WHERE *w; 161 162 w = walloc(pn); 163 w->info = LOGGEDIN; 164 bcopy(ut->ut_line, w->tty, UT_LINESIZE); 165 w->tty[UT_LINESIZE] = 0; 166 bcopy(ut->ut_host, w->host, UT_HOSTSIZE); 167 w->host[UT_HOSTSIZE] = 0; 168 w->loginat = (time_t)ut->ut_time; 169 find_idle_and_ttywrite(w); 170 } 171 172 PERSON * 173 enter_person(struct passwd *pw) 174 { 175 DBT data, key; 176 PERSON *pn; 177 178 if (db == NULL && 179 (db = dbopen(NULL, O_RDWR, 0, DB_BTREE, NULL)) == NULL) 180 err(1, NULL); 181 182 key.data = pw->pw_name; 183 key.size = strlen(pw->pw_name); 184 185 switch ((*db->get)(db, &key, &data, 0)) { 186 case 0: 187 memmove(&pn, data.data, sizeof pn); 188 return (pn); 189 default: 190 case -1: 191 err(1, "db get"); 192 /* NOTREACHED */ 193 case 1: 194 ++entries; 195 pn = palloc(); 196 userinfo(pn, pw); 197 pn->whead = NULL; 198 199 data.size = sizeof(PERSON *); 200 data.data = &pn; 201 if ((*db->put)(db, &key, &data, 0)) 202 err(1, "db put"); 203 return (pn); 204 } 205 } 206 207 PERSON * 208 find_person(const char *name) 209 { 210 struct passwd *pw; 211 212 int cnt; 213 DBT data, key; 214 PERSON *p; 215 char buf[UT_NAMESIZE + 1]; 216 217 if (!db) 218 return(NULL); 219 220 if ((pw = getpwnam(name)) && hide(pw)) 221 return(NULL); 222 223 /* Name may be only UT_NAMESIZE long and not NUL terminated. */ 224 for (cnt = 0; cnt < UT_NAMESIZE && *name; ++name, ++cnt) 225 buf[cnt] = *name; 226 buf[cnt] = '\0'; 227 key.data = buf; 228 key.size = cnt; 229 230 if ((*db->get)(db, &key, &data, 0)) 231 return (NULL); 232 memmove(&p, data.data, sizeof p); 233 return (p); 234 } 235 236 PERSON * 237 palloc(void) 238 { 239 PERSON *p; 240 241 if ((p = malloc(sizeof(PERSON))) == NULL) 242 err(1, NULL); 243 return(p); 244 } 245 246 static WHERE * 247 walloc(PERSON *pn) 248 { 249 WHERE *w; 250 251 if ((w = malloc(sizeof(WHERE))) == NULL) 252 err(1, NULL); 253 if (pn->whead == NULL) 254 pn->whead = pn->wtail = w; 255 else { 256 pn->wtail->next = w; 257 pn->wtail = w; 258 } 259 w->next = NULL; 260 return(w); 261 } 262 263 char * 264 prphone(char *num) 265 { 266 char *p; 267 int len; 268 static char pbuf[20]; 269 270 /* don't touch anything if the user has their own formatting */ 271 for (p = num; *p; ++p) 272 if (!isdigit(*p)) 273 return(num); 274 len = p - num; 275 p = pbuf; 276 switch(len) { 277 case 11: /* +0-123-456-7890 */ 278 *p++ = '+'; 279 *p++ = *num++; 280 *p++ = '-'; 281 /* FALLTHROUGH */ 282 case 10: /* 012-345-6789 */ 283 *p++ = *num++; 284 *p++ = *num++; 285 *p++ = *num++; 286 *p++ = '-'; 287 /* FALLTHROUGH */ 288 case 7: /* 012-3456 */ 289 *p++ = *num++; 290 *p++ = *num++; 291 *p++ = *num++; 292 break; 293 case 5: /* x0-1234 */ 294 case 4: /* x1234 */ 295 *p++ = 'x'; 296 *p++ = *num++; 297 break; 298 default: 299 return(num); 300 } 301 if (len != 4) { 302 *p++ = '-'; 303 *p++ = *num++; 304 } 305 *p++ = *num++; 306 *p++ = *num++; 307 *p++ = *num++; 308 *p = '\0'; 309 return(pbuf); 310 } 311 312 static void 313 find_idle_and_ttywrite(WHERE *w) 314 { 315 struct stat sb; 316 time_t touched; 317 int error; 318 319 (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_DEV, w->tty); 320 321 error = stat(tbuf, &sb); 322 if (error < 0 && errno == ENOENT) { 323 /* 324 * The terminal listed is not actually a terminal (i.e., 325 * ":0"). This is a failure, so we'll skip printing 326 * out the idle time, which is non-ideal but better 327 * than a bogus warning and idle time. 328 */ 329 w->idletime = -1; 330 return; 331 } else if (error < 0) { 332 warn("%s", tbuf); 333 w->idletime = -1; 334 return; 335 } 336 touched = sb.st_atime; 337 if (touched < w->loginat) { 338 /* tty untouched since before login */ 339 touched = w->loginat; 340 } 341 w->idletime = now < touched ? 0 : now - touched; 342 343 #define TALKABLE 0220 /* tty is writable if 220 mode */ 344 w->writable = ((sb.st_mode & TALKABLE) == TALKABLE); 345 } 346 347 static void 348 userinfo(PERSON *pn, struct passwd *pw) 349 { 350 char *p, *t; 351 char *bp, name[1024]; 352 struct stat sb; 353 354 pn->realname = pn->office = pn->officephone = pn->homephone = NULL; 355 356 pn->uid = pw->pw_uid; 357 if ((pn->name = strdup(pw->pw_name)) == NULL) 358 err(1, "strdup failed"); 359 if ((pn->dir = strdup(pw->pw_dir)) == NULL) 360 err(1, "strdup failed"); 361 if ((pn->shell = strdup(pw->pw_shell)) == NULL) 362 err(1, "strdup failed"); 363 364 /* why do we skip asterisks!?!? */ 365 (void)strncpy(bp = tbuf, pw->pw_gecos, sizeof(tbuf)); 366 tbuf[sizeof(tbuf) - 1] = '\0'; 367 if (*bp == '*') 368 ++bp; 369 370 /* ampersands get replaced by the login name */ 371 if (!(p = strsep(&bp, ","))) 372 return; 373 for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) { 374 if (*t == '&') { 375 (void)strncpy(t, pw->pw_name, 376 sizeof(name) - (t - name)); 377 name[sizeof(name) - 1] = '\0'; 378 if (islower(*t)) 379 *t = toupper(*t); 380 while (t < &name[sizeof(name) - 1] && *++t) 381 continue; 382 } else { 383 ++t; 384 } 385 } 386 *t = '\0'; 387 if ((pn->realname = strdup(name)) == NULL) 388 err(1, "strdup failed"); 389 pn->office = ((p = strsep(&bp, ",")) && *p) ? 390 strdup(p) : NULL; 391 pn->officephone = ((p = strsep(&bp, ",")) && *p) ? 392 strdup(p) : NULL; 393 pn->homephone = ((p = strsep(&bp, ",")) && *p) ? 394 strdup(p) : NULL; 395 (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pw->pw_name); 396 pn->mailrecv = -1; /* -1 == not_valid */ 397 if (stat(tbuf, &sb) < 0) { 398 if (errno != ENOENT) { 399 warn("%s", tbuf); 400 return; 401 } 402 } else if (sb.st_size != 0) { 403 pn->mailrecv = sb.st_mtime; 404 pn->mailread = sb.st_atime; 405 } 406 } 407 408 /* 409 * Is this user hiding from finger? 410 * If ~<user>/.nofinger exists, return 1 (hide), else return 0 (nohide). 411 * Nobody can hide from root. 412 */ 413 414 int 415 hide(struct passwd *pw) 416 { 417 struct stat st; 418 char buf[MAXPATHLEN]; 419 420 if (invoker_root || !pw->pw_dir) 421 return 0; 422 423 snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER); 424 425 if (stat(buf, &st) == 0) 426 return 1; 427 428 return 0; 429 } 430