xref: /freebsd/usr.bin/finger/util.c (revision 1e413cf93298b5b97441a21d9a50fdcd0ee9945e)
1 /*
2  * Copyright (c) 1989, 1993
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * This code is derived from software contributed to Berkeley by
6  * Tony Nardo of the Johns Hopkins University/Applied Physics Lab.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. All advertising materials mentioning features or use of this software
17  *    must display the following acknowledgement:
18  *	This product includes software developed by the University of
19  *	California, Berkeley and its contributors.
20  * 4. Neither the name of the University nor the names of its contributors
21  *    may be used to endorse or promote products derived from this software
22  *    without specific prior written permission.
23  *
24  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34  * SUCH DAMAGE.
35  */
36 
37 #if 0
38 #ifndef lint
39 static char sccsid[] = "@(#)util.c	8.3 (Berkeley) 4/28/95";
40 #endif
41 #endif
42 
43 #include <sys/cdefs.h>
44 __FBSDID("$FreeBSD$");
45 
46 #include <sys/param.h>
47 #include <sys/socket.h>
48 #include <sys/stat.h>
49 #include <ctype.h>
50 #include <db.h>
51 #include <err.h>
52 #include <errno.h>
53 #include <fcntl.h>
54 #include <paths.h>
55 #include <pwd.h>
56 #include <stdio.h>
57 #include <stdlib.h>
58 #include <string.h>
59 #include <unistd.h>
60 #include <utmp.h>
61 #include "finger.h"
62 #include "pathnames.h"
63 
64 static void	 find_idle_and_ttywrite(WHERE *);
65 static void	 userinfo(PERSON *, struct passwd *);
66 static WHERE	*walloc(PERSON *);
67 
68 int
69 match(struct passwd *pw, const char *user)
70 {
71 	char *p, *t;
72 	char name[1024];
73 
74 	if (!strcasecmp(pw->pw_name, user))
75 		return(1);
76 
77 	/*
78 	 * XXX
79 	 * Why do we skip asterisks!?!?
80 	 */
81 	(void)strncpy(p = tbuf, pw->pw_gecos, sizeof(tbuf));
82 	tbuf[sizeof(tbuf) - 1] = '\0';
83 	if (*p == '*')
84 		++p;
85 
86 	/* Ampersands get replaced by the login name. */
87 	if ((p = strtok(p, ",")) == NULL)
88 		return(0);
89 
90 	for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) {
91 		if (*t == '&') {
92 			(void)strncpy(t, pw->pw_name,
93 			    sizeof(name) - (t - name));
94 			name[sizeof(name) - 1] = '\0';
95 			while (t < &name[sizeof(name) - 1] && *++t)
96 				continue;
97 		} else {
98 			++t;
99 		}
100 	}
101 	*t = '\0';
102 	for (t = name; (p = strtok(t, "\t ")) != NULL; t = NULL)
103 		if (!strcasecmp(p, user))
104 			return(1);
105 	return(0);
106 }
107 
108 void
109 enter_lastlog(PERSON *pn)
110 {
111 	WHERE *w;
112 	static int opened, fd;
113 	struct lastlog ll;
114 	char doit = 0;
115 
116 	/* some systems may not maintain lastlog, don't report errors. */
117 	if (!opened) {
118 		fd = open(_PATH_LASTLOG, O_RDONLY, 0);
119 		opened = 1;
120 	}
121 	if (fd == -1 ||
122 	    lseek(fd, (long)pn->uid * sizeof(ll), SEEK_SET) !=
123 	    (long)pn->uid * sizeof(ll) ||
124 	    read(fd, (char *)&ll, sizeof(ll)) != sizeof(ll)) {
125 			/* as if never logged in */
126 			ll.ll_line[0] = ll.ll_host[0] = '\0';
127 			ll.ll_time = 0;
128 		}
129 	if ((w = pn->whead) == NULL)
130 		doit = 1;
131 	else if (ll.ll_time != 0) {
132 		/* if last login is earlier than some current login */
133 		for (; !doit && w != NULL; w = w->next)
134 			if (w->info == LOGGEDIN && w->loginat < ll.ll_time)
135 				doit = 1;
136 		/*
137 		 * and if it's not any of the current logins
138 		 * can't use time comparison because there may be a small
139 		 * discrepancy since login calls time() twice
140 		 */
141 		for (w = pn->whead; doit && w != NULL; w = w->next)
142 			if (w->info == LOGGEDIN &&
143 			    strncmp(w->tty, ll.ll_line, UT_LINESIZE) == 0)
144 				doit = 0;
145 	}
146 	if (doit) {
147 		w = walloc(pn);
148 		w->info = LASTLOG;
149 		bcopy(ll.ll_line, w->tty, UT_LINESIZE);
150 		w->tty[UT_LINESIZE] = 0;
151 		bcopy(ll.ll_host, w->host, UT_HOSTSIZE);
152 		w->host[UT_HOSTSIZE] = 0;
153 		w->loginat = ll.ll_time;
154 	}
155 }
156 
157 void
158 enter_where(struct utmp *ut, PERSON *pn)
159 {
160 	WHERE *w;
161 
162 	w = walloc(pn);
163 	w->info = LOGGEDIN;
164 	bcopy(ut->ut_line, w->tty, UT_LINESIZE);
165 	w->tty[UT_LINESIZE] = 0;
166 	bcopy(ut->ut_host, w->host, UT_HOSTSIZE);
167 	w->host[UT_HOSTSIZE] = 0;
168 	w->loginat = (time_t)ut->ut_time;
169 	find_idle_and_ttywrite(w);
170 }
171 
172 PERSON *
173 enter_person(struct passwd *pw)
174 {
175 	DBT data, key;
176 	PERSON *pn;
177 
178 	if (db == NULL &&
179 	    (db = dbopen(NULL, O_RDWR, 0, DB_BTREE, NULL)) == NULL)
180 		err(1, NULL);
181 
182 	key.data = pw->pw_name;
183 	key.size = strlen(pw->pw_name);
184 
185 	switch ((*db->get)(db, &key, &data, 0)) {
186 	case 0:
187 		memmove(&pn, data.data, sizeof pn);
188 		return (pn);
189 	default:
190 	case -1:
191 		err(1, "db get");
192 		/* NOTREACHED */
193 	case 1:
194 		++entries;
195 		pn = palloc();
196 		userinfo(pn, pw);
197 		pn->whead = NULL;
198 
199 		data.size = sizeof(PERSON *);
200 		data.data = &pn;
201 		if ((*db->put)(db, &key, &data, 0))
202 			err(1, "db put");
203 		return (pn);
204 	}
205 }
206 
207 PERSON *
208 find_person(const char *name)
209 {
210 	struct passwd *pw;
211 
212 	int cnt;
213 	DBT data, key;
214 	PERSON *p;
215 	char buf[UT_NAMESIZE + 1];
216 
217 	if (!db)
218 		return(NULL);
219 
220 	if ((pw = getpwnam(name)) && hide(pw))
221 		return(NULL);
222 
223 	/* Name may be only UT_NAMESIZE long and not NUL terminated. */
224 	for (cnt = 0; cnt < UT_NAMESIZE && *name; ++name, ++cnt)
225 		buf[cnt] = *name;
226 	buf[cnt] = '\0';
227 	key.data = buf;
228 	key.size = cnt;
229 
230 	if ((*db->get)(db, &key, &data, 0))
231 		return (NULL);
232 	memmove(&p, data.data, sizeof p);
233 	return (p);
234 }
235 
236 PERSON *
237 palloc(void)
238 {
239 	PERSON *p;
240 
241 	if ((p = malloc(sizeof(PERSON))) == NULL)
242 		err(1, NULL);
243 	return(p);
244 }
245 
246 static WHERE *
247 walloc(PERSON *pn)
248 {
249 	WHERE *w;
250 
251 	if ((w = malloc(sizeof(WHERE))) == NULL)
252 		err(1, NULL);
253 	if (pn->whead == NULL)
254 		pn->whead = pn->wtail = w;
255 	else {
256 		pn->wtail->next = w;
257 		pn->wtail = w;
258 	}
259 	w->next = NULL;
260 	return(w);
261 }
262 
263 char *
264 prphone(char *num)
265 {
266 	char *p;
267 	int len;
268 	static char pbuf[20];
269 
270 	/* don't touch anything if the user has their own formatting */
271 	for (p = num; *p; ++p)
272 		if (!isdigit(*p))
273 			return(num);
274 	len = p - num;
275 	p = pbuf;
276 	switch(len) {
277 	case 11:			/* +0-123-456-7890 */
278 		*p++ = '+';
279 		*p++ = *num++;
280 		*p++ = '-';
281 		/* FALLTHROUGH */
282 	case 10:			/* 012-345-6789 */
283 		*p++ = *num++;
284 		*p++ = *num++;
285 		*p++ = *num++;
286 		*p++ = '-';
287 		/* FALLTHROUGH */
288 	case 7:				/* 012-3456 */
289 		*p++ = *num++;
290 		*p++ = *num++;
291 		*p++ = *num++;
292 		break;
293 	case 5:				/* x0-1234 */
294 	case 4:				/* x1234 */
295 		*p++ = 'x';
296 		*p++ = *num++;
297 		break;
298 	default:
299 		return(num);
300 	}
301 	if (len != 4) {
302 	    *p++ = '-';
303 	    *p++ = *num++;
304 	}
305 	*p++ = *num++;
306 	*p++ = *num++;
307 	*p++ = *num++;
308 	*p = '\0';
309 	return(pbuf);
310 }
311 
312 static void
313 find_idle_and_ttywrite(WHERE *w)
314 {
315 	struct stat sb;
316 	time_t touched;
317 	int error;
318 
319 	(void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_DEV, w->tty);
320 
321 	error = stat(tbuf, &sb);
322 	if (error < 0 && errno == ENOENT) {
323 		/*
324 		 * The terminal listed is not actually a terminal (i.e.,
325 		 * ":0").  This is a failure, so we'll skip printing
326 		 * out the idle time, which is non-ideal but better
327 		 * than a bogus warning and idle time.
328 		 */
329 		w->idletime = -1;
330 		return;
331 	} else if (error < 0) {
332 		warn("%s", tbuf);
333 		w->idletime = -1;
334 		return;
335 	}
336 	touched = sb.st_atime;
337 	if (touched < w->loginat) {
338 		/* tty untouched since before login */
339 		touched = w->loginat;
340 	}
341 	w->idletime = now < touched ? 0 : now - touched;
342 
343 #define	TALKABLE	0220		/* tty is writable if 220 mode */
344 	w->writable = ((sb.st_mode & TALKABLE) == TALKABLE);
345 }
346 
347 static void
348 userinfo(PERSON *pn, struct passwd *pw)
349 {
350 	char *p, *t;
351 	char *bp, name[1024];
352 	struct stat sb;
353 
354 	pn->realname = pn->office = pn->officephone = pn->homephone = NULL;
355 
356 	pn->uid = pw->pw_uid;
357 	if ((pn->name = strdup(pw->pw_name)) == NULL)
358 		err(1, "strdup failed");
359 	if ((pn->dir = strdup(pw->pw_dir)) == NULL)
360 		err(1, "strdup failed");
361 	if ((pn->shell = strdup(pw->pw_shell)) == NULL)
362 		err(1, "strdup failed");
363 
364 	/* why do we skip asterisks!?!? */
365 	(void)strncpy(bp = tbuf, pw->pw_gecos, sizeof(tbuf));
366 	tbuf[sizeof(tbuf) - 1] = '\0';
367 	if (*bp == '*')
368 		++bp;
369 
370 	/* ampersands get replaced by the login name */
371 	if (!(p = strsep(&bp, ",")))
372 		return;
373 	for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) {
374 		if (*t == '&') {
375 			(void)strncpy(t, pw->pw_name,
376 			    sizeof(name) - (t - name));
377 			name[sizeof(name) - 1] = '\0';
378 			if (islower(*t))
379 				*t = toupper(*t);
380 			while (t < &name[sizeof(name) - 1] && *++t)
381 				continue;
382 		} else {
383 			++t;
384 		}
385 	}
386 	*t = '\0';
387 	if ((pn->realname = strdup(name)) == NULL)
388 		err(1, "strdup failed");
389 	pn->office = ((p = strsep(&bp, ",")) && *p) ?
390 	    strdup(p) : NULL;
391 	pn->officephone = ((p = strsep(&bp, ",")) && *p) ?
392 	    strdup(p) : NULL;
393 	pn->homephone = ((p = strsep(&bp, ",")) && *p) ?
394 	    strdup(p) : NULL;
395 	(void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pw->pw_name);
396 	pn->mailrecv = -1;		/* -1 == not_valid */
397 	if (stat(tbuf, &sb) < 0) {
398 		if (errno != ENOENT) {
399 			warn("%s", tbuf);
400 			return;
401 		}
402 	} else if (sb.st_size != 0) {
403 		pn->mailrecv = sb.st_mtime;
404 		pn->mailread = sb.st_atime;
405 	}
406 }
407 
408 /*
409  * Is this user hiding from finger?
410  * If ~<user>/.nofinger exists, return 1 (hide), else return 0 (nohide).
411  * Nobody can hide from root.
412  */
413 
414 int
415 hide(struct passwd *pw)
416 {
417 	struct stat st;
418 	char buf[MAXPATHLEN];
419 
420 	if (invoker_root || !pw->pw_dir)
421 		return 0;
422 
423 	snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER);
424 
425 	if (stat(buf, &st) == 0)
426 		return 1;
427 
428 	return 0;
429 }
430