xref: /freebsd/usr.bin/finger/util.c (revision 734e82fe33aa764367791a7d603b383996c6b40b)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1989, 1993
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * This code is derived from software contributed to Berkeley by
8  * Tony Nardo of the Johns Hopkins University/Applied Physics Lab.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of the University nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  */
34 
35 #if 0
36 #ifndef lint
37 static char sccsid[] = "@(#)util.c	8.3 (Berkeley) 4/28/95";
38 #endif
39 #endif
40 
41 #include <sys/cdefs.h>
42 #include <sys/param.h>
43 #include <sys/socket.h>
44 #include <sys/stat.h>
45 #include <ctype.h>
46 #include <db.h>
47 #include <err.h>
48 #include <errno.h>
49 #include <fcntl.h>
50 #include <paths.h>
51 #include <pwd.h>
52 #include <stdio.h>
53 #include <stdlib.h>
54 #include <string.h>
55 #include <unistd.h>
56 #include <utmpx.h>
57 #include "finger.h"
58 #include "pathnames.h"
59 
60 static void	 find_idle_and_ttywrite(WHERE *);
61 static void	 userinfo(PERSON *, struct passwd *);
62 static WHERE	*walloc(PERSON *);
63 
64 int
65 match(struct passwd *pw, const char *user)
66 {
67 	char *p, *t;
68 	char name[1024];
69 
70 	if (!strcasecmp(pw->pw_name, user))
71 		return(1);
72 
73 	/*
74 	 * XXX
75 	 * Why do we skip asterisks!?!?
76 	 */
77 	(void)strncpy(p = tbuf, pw->pw_gecos, sizeof(tbuf));
78 	tbuf[sizeof(tbuf) - 1] = '\0';
79 	if (*p == '*')
80 		++p;
81 
82 	/* Ampersands get replaced by the login name. */
83 	if ((p = strtok(p, ",")) == NULL)
84 		return(0);
85 
86 	for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) {
87 		if (*t == '&') {
88 			(void)strncpy(t, pw->pw_name,
89 			    sizeof(name) - (t - name));
90 			name[sizeof(name) - 1] = '\0';
91 			while (t < &name[sizeof(name) - 1] && *++t)
92 				continue;
93 		} else {
94 			++t;
95 		}
96 	}
97 	*t = '\0';
98 	for (t = name; (p = strtok(t, "\t ")) != NULL; t = NULL)
99 		if (!strcasecmp(p, user))
100 			return(1);
101 	return(0);
102 }
103 
104 void
105 enter_lastlog(PERSON *pn)
106 {
107 	WHERE *w;
108 	struct utmpx *ut = NULL;
109 	char doit = 0;
110 
111 	if (setutxdb(UTXDB_LASTLOGIN, NULL) == 0)
112 		ut = getutxuser(pn->name);
113 	if ((w = pn->whead) == NULL)
114 		doit = 1;
115 	else if (ut != NULL && ut->ut_type == USER_PROCESS) {
116 		/* if last login is earlier than some current login */
117 		for (; !doit && w != NULL; w = w->next)
118 			if (w->info == LOGGEDIN &&
119 			    w->loginat < ut->ut_tv.tv_sec)
120 				doit = 1;
121 		/*
122 		 * and if it's not any of the current logins
123 		 * can't use time comparison because there may be a small
124 		 * discrepancy since login calls time() twice
125 		 */
126 		for (w = pn->whead; doit && w != NULL; w = w->next)
127 			if (w->info == LOGGEDIN &&
128 			    strcmp(w->tty, ut->ut_line) == 0)
129 				doit = 0;
130 	}
131 	if (ut != NULL && doit) {
132 		w = walloc(pn);
133 		w->info = LASTLOG;
134 		strcpy(w->tty, ut->ut_line);
135 		strcpy(w->host, ut->ut_host);
136 		w->loginat = ut->ut_tv.tv_sec;
137 	}
138 	endutxent();
139 }
140 
141 void
142 enter_where(struct utmpx *ut, PERSON *pn)
143 {
144 	WHERE *w;
145 
146 	w = walloc(pn);
147 	w->info = LOGGEDIN;
148 	strcpy(w->tty, ut->ut_line);
149 	strcpy(w->host, ut->ut_host);
150 	w->loginat = ut->ut_tv.tv_sec;
151 	find_idle_and_ttywrite(w);
152 }
153 
154 PERSON *
155 enter_person(struct passwd *pw)
156 {
157 	DBT data, key;
158 	PERSON *pn;
159 
160 	if (db == NULL &&
161 	    (db = dbopen(NULL, O_RDWR, 0, DB_BTREE, NULL)) == NULL)
162 		err(1, NULL);
163 
164 	key.data = pw->pw_name;
165 	key.size = strlen(pw->pw_name);
166 
167 	switch ((*db->get)(db, &key, &data, 0)) {
168 	case 0:
169 		memmove(&pn, data.data, sizeof pn);
170 		return (pn);
171 	default:
172 	case -1:
173 		err(1, "db get");
174 		/* NOTREACHED */
175 	case 1:
176 		++entries;
177 		pn = palloc();
178 		userinfo(pn, pw);
179 		pn->whead = NULL;
180 
181 		data.size = sizeof(PERSON *);
182 		data.data = &pn;
183 		if ((*db->put)(db, &key, &data, 0))
184 			err(1, "db put");
185 		return (pn);
186 	}
187 }
188 
189 PERSON *
190 find_person(char *name)
191 {
192 	struct passwd *pw;
193 
194 	DBT data, key;
195 	PERSON *p;
196 
197 	if (!db)
198 		return(NULL);
199 
200 	if ((pw = getpwnam(name)) && hide(pw))
201 		return(NULL);
202 
203 	key.data = name;
204 	key.size = strlen(name);
205 
206 	if ((*db->get)(db, &key, &data, 0))
207 		return (NULL);
208 	memmove(&p, data.data, sizeof p);
209 	return (p);
210 }
211 
212 PERSON *
213 palloc(void)
214 {
215 	PERSON *p;
216 
217 	if ((p = malloc(sizeof(PERSON))) == NULL)
218 		err(1, NULL);
219 	return(p);
220 }
221 
222 static WHERE *
223 walloc(PERSON *pn)
224 {
225 	WHERE *w;
226 
227 	if ((w = malloc(sizeof(WHERE))) == NULL)
228 		err(1, NULL);
229 	if (pn->whead == NULL)
230 		pn->whead = pn->wtail = w;
231 	else {
232 		pn->wtail->next = w;
233 		pn->wtail = w;
234 	}
235 	w->next = NULL;
236 	return(w);
237 }
238 
239 char *
240 prphone(char *num)
241 {
242 	char *p;
243 	int len;
244 	static char pbuf[20];
245 
246 	/* don't touch anything if the user has their own formatting */
247 	for (p = num; *p; ++p)
248 		if (!isdigit(*p))
249 			return(num);
250 	len = p - num;
251 	p = pbuf;
252 	switch(len) {
253 	case 11:			/* +0-123-456-7890 */
254 		*p++ = '+';
255 		*p++ = *num++;
256 		*p++ = '-';
257 		/* FALLTHROUGH */
258 	case 10:			/* 012-345-6789 */
259 		*p++ = *num++;
260 		*p++ = *num++;
261 		*p++ = *num++;
262 		*p++ = '-';
263 		/* FALLTHROUGH */
264 	case 7:				/* 012-3456 */
265 		*p++ = *num++;
266 		*p++ = *num++;
267 		*p++ = *num++;
268 		break;
269 	case 5:				/* x0-1234 */
270 	case 4:				/* x1234 */
271 		*p++ = 'x';
272 		*p++ = *num++;
273 		break;
274 	default:
275 		return(num);
276 	}
277 	if (len != 4) {
278 	    *p++ = '-';
279 	    *p++ = *num++;
280 	}
281 	*p++ = *num++;
282 	*p++ = *num++;
283 	*p++ = *num++;
284 	*p = '\0';
285 	return(pbuf);
286 }
287 
288 static void
289 find_idle_and_ttywrite(WHERE *w)
290 {
291 	struct stat sb;
292 	time_t touched;
293 	int error;
294 
295 	(void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_DEV, w->tty);
296 
297 	error = stat(tbuf, &sb);
298 	if (error < 0 && errno == ENOENT) {
299 		/*
300 		 * The terminal listed is not actually a terminal (i.e.,
301 		 * ":0").  This is a failure, so we'll skip printing
302 		 * out the idle time, which is non-ideal but better
303 		 * than a bogus warning and idle time.
304 		 */
305 		w->idletime = -1;
306 		return;
307 	} else if (error < 0) {
308 		warn("%s", tbuf);
309 		w->idletime = -1;
310 		return;
311 	}
312 	touched = sb.st_atime;
313 	if (touched < w->loginat) {
314 		/* tty untouched since before login */
315 		touched = w->loginat;
316 	}
317 	w->idletime = now < touched ? 0 : now - touched;
318 
319 #define	TALKABLE	0220		/* tty is writable if 220 mode */
320 	w->writable = ((sb.st_mode & TALKABLE) == TALKABLE);
321 }
322 
323 static void
324 userinfo(PERSON *pn, struct passwd *pw)
325 {
326 	char *p, *t;
327 	char *bp, name[1024];
328 	struct stat sb;
329 
330 	pn->realname = pn->office = pn->officephone = pn->homephone = NULL;
331 
332 	pn->uid = pw->pw_uid;
333 	if ((pn->name = strdup(pw->pw_name)) == NULL)
334 		err(1, "strdup failed");
335 	if ((pn->dir = strdup(pw->pw_dir)) == NULL)
336 		err(1, "strdup failed");
337 	if ((pn->shell = strdup(pw->pw_shell)) == NULL)
338 		err(1, "strdup failed");
339 
340 	/* why do we skip asterisks!?!? */
341 	(void)strncpy(bp = tbuf, pw->pw_gecos, sizeof(tbuf));
342 	tbuf[sizeof(tbuf) - 1] = '\0';
343 	if (*bp == '*')
344 		++bp;
345 
346 	/* ampersands get replaced by the login name */
347 	if (!(p = strsep(&bp, ",")))
348 		return;
349 	for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) {
350 		if (*t == '&') {
351 			(void)strncpy(t, pw->pw_name,
352 			    sizeof(name) - (t - name));
353 			name[sizeof(name) - 1] = '\0';
354 			if (islower(*t))
355 				*t = toupper(*t);
356 			while (t < &name[sizeof(name) - 1] && *++t)
357 				continue;
358 		} else {
359 			++t;
360 		}
361 	}
362 	*t = '\0';
363 	if ((pn->realname = strdup(name)) == NULL)
364 		err(1, "strdup failed");
365 	pn->office = ((p = strsep(&bp, ",")) && *p) ?
366 	    strdup(p) : NULL;
367 	pn->officephone = ((p = strsep(&bp, ",")) && *p) ?
368 	    strdup(p) : NULL;
369 	pn->homephone = ((p = strsep(&bp, ",")) && *p) ?
370 	    strdup(p) : NULL;
371 	(void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pw->pw_name);
372 	pn->mailrecv = -1;		/* -1 == not_valid */
373 	if (stat(tbuf, &sb) < 0) {
374 		if (errno != ENOENT) {
375 			warn("%s", tbuf);
376 			return;
377 		}
378 	} else if (sb.st_size != 0) {
379 		pn->mailrecv = sb.st_mtime;
380 		pn->mailread = sb.st_atime;
381 	}
382 }
383 
384 /*
385  * Is this user hiding from finger?
386  * If ~<user>/.nofinger exists, return 1 (hide), else return 0 (nohide).
387  * Nobody can hide from root.
388  */
389 
390 int
391 hide(struct passwd *pw)
392 {
393 	struct stat st;
394 	char buf[MAXPATHLEN];
395 
396 	if (invoker_root || !pw->pw_dir)
397 		return 0;
398 
399 	snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER);
400 
401 	if (stat(buf, &st) == 0)
402 		return 1;
403 
404 	return 0;
405 }
406