1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2013 Gary Mills 23 * 24 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 25 * Use is subject to license terms. 26 */ 27 28 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 29 /* All Rights Reserved */ 30 31 32 #include <sys/types.h> 33 #include <sys/param.h> 34 #include <sys/signal.h> 35 #include <sys/sysmacros.h> 36 #include <sys/stat.h> 37 #include <stdio.h> 38 #include <stdlib.h> 39 #include <string.h> 40 #include <ctype.h> 41 #include <locale.h> 42 #include <errno.h> 43 #include <unistd.h> 44 #include <limits.h> 45 46 #define ERROR1 "Too many/few fields" 47 #define ERROR2 "Bad character(s) in logname" 48 #define ERROR2a "First char in logname not alphabetic" 49 #define ERROR2b "Logname field NULL" 50 #define ERROR2c "Logname contains no lower-case letters" 51 #define ERROR3 "Logname too long/short" 52 #define ERROR4 "Invalid UID" 53 #define ERROR5 "Invalid GID" 54 #define ERROR6 "Login directory not found" 55 #define ERROR6a "Login directory null" 56 #define ERROR7 "Optional shell file not found" 57 58 static int eflag, code = 0; 59 static int badc; 60 static int lc; 61 static char buf[512]; 62 static void error(char *); 63 64 int 65 main(int argc, char **argv) 66 { 67 int delim[512]; 68 char logbuf[512]; 69 FILE *fptr; 70 struct stat obuf; 71 uid_t uid; 72 gid_t gid; 73 int i, j, colons; 74 char *pw_file; 75 struct stat stat_buf; 76 char *str, *lastc; 77 78 (void) setlocale(LC_ALL, ""); 79 80 #if !defined(TEXT_DOMAIN) /* Should be defined by cc -D */ 81 #define TEXT_DOMAIN "SYS_TEST" 82 #endif 83 (void) textdomain(TEXT_DOMAIN); 84 85 if (argc == 1) 86 pw_file = "/etc/passwd"; 87 else 88 pw_file = argv[1]; 89 90 if ((fptr = fopen(pw_file, "r")) == NULL) { 91 (void) fprintf(stderr, gettext("cannot open %s\n"), pw_file); 92 exit(1); 93 } 94 95 if (fstat(fileno(fptr), &stat_buf) < 0) { 96 (void) fprintf(stderr, gettext("fstat failed for %s\n"), 97 pw_file); 98 (void) fclose(fptr); 99 exit(1); 100 } 101 102 if (stat_buf.st_size == 0) { 103 (void) fprintf(stderr, gettext("file %s is empty\n"), pw_file); 104 (void) fclose(fptr); 105 exit(1); 106 } 107 108 while (fgets(buf, sizeof (buf), fptr) != NULL) { 109 110 colons = 0; 111 badc = 0; 112 lc = 0; 113 eflag = 0; 114 115 /* Check that entry is not a nameservice redirection */ 116 117 if (buf[0] == '+' || buf[0] == '-') { 118 /* 119 * Should set flag here to allow special case checking 120 * in the rest of the code, 121 * but for now, we'll just ignore this entry. 122 */ 123 continue; 124 } 125 126 /* Check number of fields */ 127 128 for (i = 0; buf[i] != NULL; i++) 129 if (buf[i] == ':') { 130 delim[colons] = i; 131 ++colons; 132 } 133 134 if (colons != 6) { 135 error(ERROR1); 136 continue; 137 } 138 delim[6] = i - 1; 139 delim[7] = NULL; 140 141 /* 142 * Check the first char is alpha; the rest alphanumeric; 143 * and that the name does not consist solely of uppercase 144 * alpha chars 145 */ 146 if (buf[0] == ':') 147 error(ERROR2b); 148 else if (!isalpha(buf[0])) 149 error(ERROR2a); 150 151 for (i = 0; buf[i] != ':'; i++) { 152 if (!isalnum(buf[i]) && 153 buf[i] != '_' && 154 buf[i] != '-' && 155 buf[i] != '.') 156 badc++; 157 else if (islower(buf[i])) 158 lc++; 159 } 160 if (lc == 0) 161 error(ERROR2c); 162 if (badc > 0) 163 error(ERROR2); 164 165 /* Check for valid number of characters in logname */ 166 167 if (i <= 0 || i > LOGNAME_MAX) 168 error(ERROR3); 169 170 /* Check that UID is numeric and <= MAXUID */ 171 172 errno = 0; 173 str = &buf[delim[1] + 1]; 174 uid = strtol(str, &lastc, 10); 175 if (lastc != str + (delim[2] - delim[1]) - 1 || 176 uid > MAXUID || errno == ERANGE) 177 error(ERROR4); 178 179 /* Check that GID is numeric and <= MAXUID */ 180 181 errno = 0; 182 str = &buf[delim[2] + 1]; 183 gid = strtol(str, &lastc, 10); 184 if (lastc != str + (delim[3] - delim[2]) - 1 || 185 gid > MAXUID || errno == ERANGE) 186 error(ERROR5); 187 188 /* Check initial working directory */ 189 190 for (j = 0, i = (delim[4] + 1); i < delim[5]; j++, i++) 191 logbuf[j] = buf[i]; 192 logbuf[j] = '\0'; 193 194 if (logbuf[0] == NULL) 195 error(ERROR6a); 196 else if ((stat(logbuf, &obuf)) == -1) 197 error(ERROR6); 198 199 /* Check program to use as shell */ 200 201 if ((buf[(delim[5] + 1)]) != '\n') { 202 203 for (j = 0, i = (delim[5] + 1); i < delim[6]; j++, i++) 204 logbuf[j] = buf[i]; 205 logbuf[j] = '\0'; 206 207 if (strcmp(logbuf, "*") == 0) /* subsystem login */ 208 continue; 209 210 if ((stat(logbuf, &obuf)) == -1) 211 error(ERROR7); 212 213 for (j = 0; j < 512; j++) 214 logbuf[j] = NULL; 215 } 216 } 217 (void) fclose(fptr); 218 return (code); 219 } 220 221 /* Error printing routine */ 222 223 static void 224 error(char *msg) 225 { 226 if (!eflag) { 227 (void) fprintf(stderr, "\n%s", buf); 228 code = 1; 229 ++eflag; 230 } 231 if (!badc) 232 (void) fprintf(stderr, "\t%s\n", gettext(msg)); 233 else { 234 (void) fprintf(stderr, "\t%d %s\n", badc, gettext(msg)); 235 badc = 0; 236 } 237 } 238