1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Tony Nardo of the Johns Hopkins University/Applied Physics Lab. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 #if 0 36 #endif 37 38 #include <sys/cdefs.h> 39 #include <sys/param.h> 40 #include <sys/socket.h> 41 #include <sys/stat.h> 42 #include <ctype.h> 43 #include <db.h> 44 #include <err.h> 45 #include <errno.h> 46 #include <fcntl.h> 47 #include <paths.h> 48 #include <pwd.h> 49 #include <stdio.h> 50 #include <stdlib.h> 51 #include <string.h> 52 #include <unistd.h> 53 #include <utmpx.h> 54 #include "finger.h" 55 #include "pathnames.h" 56 57 static void find_idle_and_ttywrite(WHERE *); 58 static void userinfo(PERSON *, struct passwd *); 59 static WHERE *walloc(PERSON *); 60 61 int 62 match(struct passwd *pw, const char *user) 63 { 64 char *p, *t; 65 char name[1024]; 66 67 if (!strcasecmp(pw->pw_name, user)) 68 return(1); 69 70 /* 71 * XXX 72 * Why do we skip asterisks!?!? 73 */ 74 (void)strncpy(p = tbuf, pw->pw_gecos, sizeof(tbuf)); 75 tbuf[sizeof(tbuf) - 1] = '\0'; 76 if (*p == '*') 77 ++p; 78 79 /* Ampersands get replaced by the login name. */ 80 if ((p = strtok(p, ",")) == NULL) 81 return(0); 82 83 for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) { 84 if (*t == '&') { 85 (void)strncpy(t, pw->pw_name, 86 sizeof(name) - (t - name)); 87 name[sizeof(name) - 1] = '\0'; 88 while (t < &name[sizeof(name) - 1] && *++t) 89 continue; 90 } else { 91 ++t; 92 } 93 } 94 *t = '\0'; 95 for (t = name; (p = strtok(t, "\t ")) != NULL; t = NULL) 96 if (!strcasecmp(p, user)) 97 return(1); 98 return(0); 99 } 100 101 void 102 enter_lastlog(PERSON *pn) 103 { 104 WHERE *w; 105 struct utmpx *ut = NULL; 106 char doit = 0; 107 108 if (setutxdb(UTXDB_LASTLOGIN, NULL) == 0) 109 ut = getutxuser(pn->name); 110 if ((w = pn->whead) == NULL) 111 doit = 1; 112 else if (ut != NULL && ut->ut_type == USER_PROCESS) { 113 /* if last login is earlier than some current login */ 114 for (; !doit && w != NULL; w = w->next) 115 if (w->info == LOGGEDIN && 116 w->loginat < ut->ut_tv.tv_sec) 117 doit = 1; 118 /* 119 * and if it's not any of the current logins 120 * can't use time comparison because there may be a small 121 * discrepancy since login calls time() twice 122 */ 123 for (w = pn->whead; doit && w != NULL; w = w->next) 124 if (w->info == LOGGEDIN && 125 strcmp(w->tty, ut->ut_line) == 0) 126 doit = 0; 127 } 128 if (ut != NULL && doit) { 129 w = walloc(pn); 130 w->info = LASTLOG; 131 strcpy(w->tty, ut->ut_line); 132 strcpy(w->host, ut->ut_host); 133 w->loginat = ut->ut_tv.tv_sec; 134 } 135 endutxent(); 136 } 137 138 void 139 enter_where(struct utmpx *ut, PERSON *pn) 140 { 141 WHERE *w; 142 143 w = walloc(pn); 144 w->info = LOGGEDIN; 145 strcpy(w->tty, ut->ut_line); 146 strcpy(w->host, ut->ut_host); 147 w->loginat = ut->ut_tv.tv_sec; 148 find_idle_and_ttywrite(w); 149 } 150 151 PERSON * 152 enter_person(struct passwd *pw) 153 { 154 DBT data, key; 155 PERSON *pn; 156 157 if (db == NULL && 158 (db = dbopen(NULL, O_RDWR, 0, DB_BTREE, NULL)) == NULL) 159 err(1, NULL); 160 161 key.data = pw->pw_name; 162 key.size = strlen(pw->pw_name); 163 164 switch ((*db->get)(db, &key, &data, 0)) { 165 case 0: 166 memmove(&pn, data.data, sizeof pn); 167 return (pn); 168 default: 169 case -1: 170 err(1, "db get"); 171 /* NOTREACHED */ 172 case 1: 173 ++entries; 174 pn = palloc(); 175 userinfo(pn, pw); 176 pn->whead = NULL; 177 178 data.size = sizeof(PERSON *); 179 data.data = &pn; 180 if ((*db->put)(db, &key, &data, 0)) 181 err(1, "db put"); 182 return (pn); 183 } 184 } 185 186 PERSON * 187 find_person(char *name) 188 { 189 struct passwd *pw; 190 191 DBT data, key; 192 PERSON *p; 193 194 if (!db) 195 return(NULL); 196 197 if ((pw = getpwnam(name)) && hide(pw)) 198 return(NULL); 199 200 key.data = name; 201 key.size = strlen(name); 202 203 if ((*db->get)(db, &key, &data, 0)) 204 return (NULL); 205 memmove(&p, data.data, sizeof p); 206 return (p); 207 } 208 209 PERSON * 210 palloc(void) 211 { 212 PERSON *p; 213 214 if ((p = malloc(sizeof(PERSON))) == NULL) 215 err(1, NULL); 216 return(p); 217 } 218 219 static WHERE * 220 walloc(PERSON *pn) 221 { 222 WHERE *w; 223 224 if ((w = malloc(sizeof(WHERE))) == NULL) 225 err(1, NULL); 226 if (pn->whead == NULL) 227 pn->whead = pn->wtail = w; 228 else { 229 pn->wtail->next = w; 230 pn->wtail = w; 231 } 232 w->next = NULL; 233 return(w); 234 } 235 236 char * 237 prphone(char *num) 238 { 239 char *p; 240 int len; 241 static char pbuf[20]; 242 243 /* don't touch anything if the user has their own formatting */ 244 for (p = num; *p; ++p) 245 if (!isdigit(*p)) 246 return(num); 247 len = p - num; 248 p = pbuf; 249 switch(len) { 250 case 11: /* +0-123-456-7890 */ 251 *p++ = '+'; 252 *p++ = *num++; 253 *p++ = '-'; 254 /* FALLTHROUGH */ 255 case 10: /* 012-345-6789 */ 256 *p++ = *num++; 257 *p++ = *num++; 258 *p++ = *num++; 259 *p++ = '-'; 260 /* FALLTHROUGH */ 261 case 7: /* 012-3456 */ 262 *p++ = *num++; 263 *p++ = *num++; 264 *p++ = *num++; 265 break; 266 case 5: /* x0-1234 */ 267 case 4: /* x1234 */ 268 *p++ = 'x'; 269 *p++ = *num++; 270 break; 271 default: 272 return(num); 273 } 274 if (len != 4) { 275 *p++ = '-'; 276 *p++ = *num++; 277 } 278 *p++ = *num++; 279 *p++ = *num++; 280 *p++ = *num++; 281 *p = '\0'; 282 return(pbuf); 283 } 284 285 static void 286 find_idle_and_ttywrite(WHERE *w) 287 { 288 struct stat sb; 289 time_t touched; 290 int error; 291 292 (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_DEV, w->tty); 293 294 error = stat(tbuf, &sb); 295 if (error < 0 && errno == ENOENT) { 296 /* 297 * The terminal listed is not actually a terminal (i.e., 298 * ":0"). This is a failure, so we'll skip printing 299 * out the idle time, which is non-ideal but better 300 * than a bogus warning and idle time. 301 */ 302 w->idletime = -1; 303 return; 304 } else if (error < 0) { 305 warn("%s", tbuf); 306 w->idletime = -1; 307 return; 308 } 309 touched = sb.st_atime; 310 if (touched < w->loginat) { 311 /* tty untouched since before login */ 312 touched = w->loginat; 313 } 314 w->idletime = now < touched ? 0 : now - touched; 315 316 #define TALKABLE 0220 /* tty is writable if 220 mode */ 317 w->writable = ((sb.st_mode & TALKABLE) == TALKABLE); 318 } 319 320 static void 321 userinfo(PERSON *pn, struct passwd *pw) 322 { 323 char *p, *t; 324 char *bp, name[1024]; 325 struct stat sb; 326 327 pn->realname = pn->office = pn->officephone = pn->homephone = NULL; 328 329 pn->uid = pw->pw_uid; 330 if ((pn->name = strdup(pw->pw_name)) == NULL) 331 err(1, "strdup failed"); 332 if ((pn->dir = strdup(pw->pw_dir)) == NULL) 333 err(1, "strdup failed"); 334 if ((pn->shell = strdup(pw->pw_shell)) == NULL) 335 err(1, "strdup failed"); 336 337 /* why do we skip asterisks!?!? */ 338 (void)strncpy(bp = tbuf, pw->pw_gecos, sizeof(tbuf)); 339 tbuf[sizeof(tbuf) - 1] = '\0'; 340 if (*bp == '*') 341 ++bp; 342 343 /* ampersands get replaced by the login name */ 344 if (!(p = strsep(&bp, ","))) 345 return; 346 for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) { 347 if (*t == '&') { 348 (void)strncpy(t, pw->pw_name, 349 sizeof(name) - (t - name)); 350 name[sizeof(name) - 1] = '\0'; 351 if (islower(*t)) 352 *t = toupper(*t); 353 while (t < &name[sizeof(name) - 1] && *++t) 354 continue; 355 } else { 356 ++t; 357 } 358 } 359 *t = '\0'; 360 if ((pn->realname = strdup(name)) == NULL) 361 err(1, "strdup failed"); 362 pn->office = ((p = strsep(&bp, ",")) && *p) ? 363 strdup(p) : NULL; 364 pn->officephone = ((p = strsep(&bp, ",")) && *p) ? 365 strdup(p) : NULL; 366 pn->homephone = ((p = strsep(&bp, ",")) && *p) ? 367 strdup(p) : NULL; 368 (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pw->pw_name); 369 pn->mailrecv = -1; /* -1 == not_valid */ 370 if (stat(tbuf, &sb) < 0) { 371 if (errno != ENOENT) { 372 warn("%s", tbuf); 373 return; 374 } 375 } else if (sb.st_size != 0) { 376 pn->mailrecv = sb.st_mtime; 377 pn->mailread = sb.st_atime; 378 } 379 } 380 381 /* 382 * Is this user hiding from finger? 383 * If ~<user>/.nofinger exists, return 1 (hide), else return 0 (nohide). 384 * Nobody can hide from root. 385 */ 386 387 int 388 hide(struct passwd *pw) 389 { 390 struct stat st; 391 char buf[MAXPATHLEN]; 392 393 if (invoker_root || !pw->pw_dir) 394 return 0; 395 396 snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER); 397 398 if (stat(buf, &st) == 0) 399 return 1; 400 401 return 0; 402 } 403