/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#include <fcntl.h>
#include <errno.h>
#include <stdlib.h>
#include <pwd.h>
#include <shadow.h>
#include <string.h>
#include <strings.h>
#include <stdlib.h>
#include <unistd.h>
#include <nss_dbdefs.h>
#include <macros.h>
#include <syslog.h>
#include <limits.h> /* LOGNAME_MAX -- max Solaris user name */
#include "passwdutil.h"
int files_lock(void);
int files_unlock(void);
void **buf);
char **auth_user, int *privileged);
/*
* files function pointer table, used by passwdutil_init to initialize
* the global Repository-OPerations table "rops"
*/
};
/*
* this structure defines the buffer used to keep state between
*/
struct pwbuf {
int update_history;
char *pwd_scratch;
char *spwd_scratch;
char *new_sp_pwdp;
};
/*
* We should use sysconf, but there is no sysconf name for SHADOW
* so we use these from nss_dbdefs
*/
/*
* lock functions for files repository
*/
int
files_lock(void)
{
int res;
if (lckpwdf()) {
switch (errno) {
case EINTR:
break;
case EACCES:
res = PWU_DENIED;
break;
case 0:
res = PWU_SUCCESS;
break;
}
} else
res = PWU_SUCCESS;
return (res);
}
int
files_unlock(void)
{
if (ulckpwdf())
return (PWU_SYSTEM_ERROR);
return (PWU_SUCCESS);
}
/*
* files_privileged
*
* Are we a privileged user with regard to the files repository?
*/
int
files_privileged(void)
{
return (getuid() == 0);
}
/*
*
* private_getpwnam_r()
*
* A private implementation of getpwnam_r which does *not* fall back to
* other services possibly defined in nsswitch.conf
*
* behaves like getpwnam_r().
*/
struct passwd *
int buflen)
{
int found;
return (NULL);
found = 0;
found = 1;
}
if (!found) {
return (NULL);
}
return (result);
}
/*
* private_getspnam_r()
*
* A private implementation of getspnam_r which does *not* fall back to
* other services possibly defined in nsswitch.conf.
*
* Behaves like getspnam_r(). Since we use fgetspent_t(), all numeric
*
*/
struct spwd *
int buflen)
{
int found;
return (NULL);
found = 0;
found = 1;
}
if (!found) {
return (NULL);
}
return (result);
}
/*
* files_getpwnam(name, items, rep, buf)
*
*/
/*ARGSUSED*/
int
{
attrlist *p;
return (PWU_NOMEM);
/*
* we need for the items we need to update
*/
switch (p->type) {
case ATTR_NAME:
case ATTR_UID:
case ATTR_GID:
case ATTR_AGE:
case ATTR_COMMENT:
case ATTR_GECOS:
case ATTR_HOMEDIR:
case ATTR_SHELL:
goto error;
}
}
break;
case ATTR_PASSWD:
case ATTR_LSTCHG:
case ATTR_MIN:
case ATTR_MAX:
case ATTR_WARN:
case ATTR_INACT:
case ATTR_EXPIRE:
case ATTR_FLAG:
case ATTR_LOCK_ACCOUNT:
case ATTR_EXPIRE_PASSWORD:
case ATTR_FAILED_LOGINS:
case ATTR_INCR_FAILED_LOGINS:
case ATTR_RST_FAILED_LOGINS:
case ATTR_NOLOGIN_ACCOUNT:
case ATTR_UNLOCK_ACCOUNT:
goto error;
}
}
break;
default:
/*
* Some other repository might have different values
* so we ignore those.
*/
break;
}
}
goto error;
}
PWD_SCRATCH_SIZE) == NULL) {
err = PWU_NOT_FOUND;
goto error;
}
}
goto error;
}
SPW_SCRATCH_SIZE) == NULL) {
err = PWU_NOT_FOUND;
goto error;
}
}
return (PWU_SUCCESS);
return (err);
}
/*
* int files_user_to_authenticate(name, rep, auth_user, privileged)
* Determine which user needs to be authenticated. For files, the
* possible return values are:
* PWU_NOT_FOUND
* PWU_SUCCESS and (auth_user == NULL || auth_user = user)
* PWU_DENIED
* PWU_NOMEM
*/
/*ARGSUSED*/
int
char **auth_user, int *privileged)
{
int res;
/* check to see if target user is present in files */
if (res != PWU_SUCCESS)
return (res);
if (files_privileged()) {
*privileged = 1;
res = PWU_SUCCESS;
} else {
*privileged = 0;
} else {
res = PWU_SUCCESS;
}
} else {
res = PWU_DENIED;
}
}
return (res);
}
/*
* Password history file format:
* user:crypw1: ... crypwn: such that n <= MAXHISTORY
*/
/*
* XXX
* 3*LOGNAME_MAX just in case there are long user names.
* Traditionally Solaris LOGNAME_MAX (_POSIX_LOGIN_NAME_MAX) is 13,
* but some sites often user more.
* If LOGNAME_MAX ever becomes reasonable (128) and actually enforced,
* fix up here.
* XXX
*/
/*
* files_checkhistory - check if a user's new password is in the user's
* old password history.
*
* Entry
* user = username.
* passwd = new clear text password.
*
* Exit
* PWU_SUCCESS, passwd found in user's old password history.
* The caller should only be interested and fail if
* PWU_SUCCESS is returned.
* PWU_NOT_FOUND, passwd not in user's old password history.
* PWU_errors, PWU_ errors from other routines.
*
*/
int
{
int res;
/*
* XXX
* This depends on the underlying files_getattr implementation
* treating user not found in backing store or no history as
* an error.
* XXX
*/
char *s;
char *crypt_passwd;
int histsize;
debug("files_checkhistory: no history requested");
res = PWU_NOT_FOUND;
goto out;
}
if (histsize > MAXHISTORY)
/* compare crypt_passwd to attr.data.val_s strings. */
res = PWU_NOT_FOUND;
while ((histsize-- > 0) &&
(*s != '\n'))) {
debug("files_checkhistory: user_pw=%s, history_pw=%s",
crypt_passwd, s);
if (strcmp(crypt_passwd, s) == 0) {
res = PWU_SUCCESS;
break;
}
}
res);
}
out:
return (res);
}
/*
* files_getattr(name, items, rep)
*
* Get attributes specified in list 'items'
*/
int
{
attrlist *w;
int res;
if (res != PWU_SUCCESS)
return (res);
switch (w->type) {
case ATTR_NAME:
break;
case ATTR_COMMENT:
break;
case ATTR_GECOS:
break;
case ATTR_HOMEDIR:
break;
case ATTR_SHELL:
break;
/*
* Nothing special needs to be done for
* server policy
*/
case ATTR_PASSWD:
break;
case ATTR_AGE:
break;
case ATTR_REP_NAME:
break;
case ATTR_HISTORY: {
char *s, *s1;
debug("files_getattr: Get password history for %s ",
name);
goto getattr_exit;
}
res = PWU_NOT_FOUND;
NULL) {
*s1 = '\0';
} else {
res = PWU_NOT_FOUND;
break;
}
#ifdef DEBUG
debug("got history line for %s", s);
#endif /* DEBUG */
/* found user */
else
res = PWU_SUCCESS;
break;
}
}
break;
}
/* integer values */
case ATTR_UID:
break;
case ATTR_GID:
break;
case ATTR_LSTCHG:
break;
case ATTR_MIN:
break;
case ATTR_MAX:
break;
case ATTR_WARN:
break;
case ATTR_INACT:
break;
case ATTR_EXPIRE:
break;
case ATTR_FLAG:
break;
case ATTR_FAILED_LOGINS:
break;
default:
break;
}
}
return (res);
}
/*
* max_present(list)
*
* see if attribute ATTR_MAX, with value != -1, is present in
* attribute-list "list".
*
* returns 1 if present, 0 otherwise.
*/
static int
{
return (1);
else
return (0);
}
/*
* files_update(items, rep, buf)
*
* update the information in buf with the attributes specified in
* items.
*/
/*ARGSUSED*/
int
{
attrlist *p;
int aging_needed = 0;
int aging_set = 0;
int disable_aging;
char *pword;
int len;
pwbuf->update_history = 0;
/*
* if sp_max==0 : disable passwd aging after updating the password
*/
switch (p->type) {
case ATTR_NAME:
break; /* We are able to handle this, but... */
case ATTR_UID:
break;
case ATTR_GID:
break;
case ATTR_AGE:
break;
case ATTR_COMMENT:
break;
case ATTR_GECOS:
break;
case ATTR_HOMEDIR:
break;
case ATTR_SHELL:
break;
/*
* Nothing special needs to be done for
* server policy
*/
case ATTR_PASSWD:
/*
* There is a special case only for files: if the
* password is to be deleted (-d to passwd),
* p->data.val_s will be NULL.
*/
} else {
return (PWU_NOMEM);
/* algorithm problem? */
"passwdutil: crypt_gensalt %m");
return (PWU_UPDATE_FAILED);
}
return (PWU_NOMEM);
}
return (PWU_NOMEM);
}
if (pwbuf->new_sp_pwdp)
aging_needed = 1;
}
break;
case ATTR_LOCK_ACCOUNT:
sizeof (LOCKSTRING)-1) != 0) &&
return (PWU_NOMEM);
}
if (pwbuf->new_sp_pwdp)
}
break;
case ATTR_UNLOCK_ACCOUNT:
sizeof (LOCKSTRING)-1) == 0) {
sizeof (LOCKSTRING)-1);
}
break;
case ATTR_NOLOGIN_ACCOUNT:
if (pwbuf->new_sp_pwdp) {
}
break;
case ATTR_EXPIRE_PASSWORD:
break;
case ATTR_LSTCHG:
break;
case ATTR_MIN:
return (PWU_AGING_DISABLED);
aging_set = 1;
break;
case ATTR_MAX:
/* Turn aging off -> Reset min and warn too */
} else {
/* Turn aging on */
/*
* If minage has not been set with
* a command-line option, we set it
* to zero.
*/
}
/*
* If aging was turned off, we update lstchg.
*
* We take care not to update lstchg if the
* user has no password, otherwise the user
* might not be required to provide a password
* the next time [s]he logs-in.
*
* Also, if lstchg != -1 (i.e., not set in
*/
}
}
aging_set = 1;
break;
case ATTR_WARN:
max_present(p->next) == 0)
return (PWU_AGING_DISABLED);
break;
case ATTR_INACT:
break;
case ATTR_EXPIRE:
break;
case ATTR_FLAG:
break;
case ATTR_INCR_FAILED_LOGINS:
{
}
break;
case ATTR_RST_FAILED_LOGINS:
break;
default:
break;
}
}
/*
* What should the new aging values look like?
*
* There are a number of different conditions
*
* a) aging is already configured: don't touch it
*
* b) disable_aging is set: disable aging
*
* c) aging is not configured: turn on default aging;
*
* b) and c) of course only if aging_needed and !aging_set.
* (i.e., password changed, and aging values not changed)
*/
/* a) aging not yet configured */
if (aging_needed && !aging_set) {
if (disable_aging) {
/* b) turn off aging */
} else {
/* c) */
}
}
}
return (PWU_SUCCESS);
}
/*
* files_update_shadow(char *name, struct spwd *spwd)
*
* update the shadow password file SHADOW to contain the spwd structure
* "spwd" for user "name"
*/
int
{
int tempfd;
/* Mode of the shadow file should be 400 or 000 */
goto shadow_exit;
}
/* copy mode from current shadow file (0400 or 0000) */
/*
* we can't specify filemodes to fopen(), and we SHOULD NOT
* set umask in multi-thread safe libraries, so we use
* a combination of open() and fdopen()
*/
if (tempfd < 0) {
goto shadow_exit;
}
goto shadow_exit;
}
goto shadow_exit;
}
/*
* copy old shadow to temporary file while replacing the entry
* that matches "name".
*/
else
if (result != 0) {
goto shadow_exit;
}
}
/*
* Something went wrong (ENOSPC for example). Don't
* use the resulting temporary file!
*/
goto shadow_exit;
}
/*
* Rename stmp to shadow:
*/
goto shadow_exit;
}
goto shadow_exit;
}
goto shadow_exit;
}
return (err);
}
int
{
int tempfd;
int result;
goto passwd_exit;
}
/* see files_update_shadow() for open()+fdopen() rationale */
goto passwd_exit;
}
goto passwd_exit;
}
goto passwd_exit;
}
/*
* copy old password entries to temporary file while replacing
* the entry that matches "name"
*/
else
if (result != 0) {
goto passwd_exit;
}
}
goto passwd_exit; /* Don't trust the temporary file */
}
/* Rename temp to passwd */
goto passwd_exit;
}
goto passwd_exit;
}
goto passwd_exit;
}
return (err);
}
/*
* files_putpwnam(name, oldpw, rep, buf)
*
*/
/*ARGSUSED*/
int
{
}
if (pwbuf->update_history != 0) {
} else {
debug("no password change");
}
if (result == PWU_SUCCESS) {
}
}
}
}
if (pwbuf->new_sp_pwdp) {
}
return (result);
}
/*
* NOTE: This is all covered under the repository lock held for updating
* passwd(4) and shadow(4).
*/
int
{
int histsize;
int tmpfd;
int found;
return (PWU_SUCCESS); /* no history update defined */
}
histsize);
if (histsize > MAXHISTORY)
return (PWU_OPEN_FAILED);
}
/* get ready to copy */
return (PWU_OPEN_FAILED);
}
return (PWU_OPEN_FAILED);
}
/* Copy and update if found. Add if not found. */
found = 0;
char *user;
char *last;
/* get username field */
#ifdef DEBUG
#endif /* DEBUG */
char *crypt;
int i;
/* found user, update */
found++;
debug("files_update_history: update user\n"
/* get old crypted password history */
for (i = 0; i < MAXHISTORY-1; i++) {
*crypt == '\n') {
break;
}
}
} else {
/* copy other users to updated file */
#ifdef DEBUG
debug("files_update_history: copy line %s",
user);
#endif /* DEBUG */
}
}
if (found == 0) {
/* user not found, add to history file */
debug("files_update_history: add line\n"
}
/* If something messed up in file system, loose the update */
debug("files_update_history: update file close failed %d",
errno);
return (PWU_CLOSE_FAILED);
}
/*
* rename history to ohistory,
* rename tmp to history,
* unlink ohistory.
*/
/* old history won't go away, loose the update */
debug("files_update_history: update file rename failed %d",
errno);
return (PWU_UPDATE_FAILED);
}
return (PWU_SUCCESS);
}