1 /* password.c - password read/update helper functions.
3 * Copyright 2012 Ashwini Kumar <ak.ashwini@gmail.com>
9 int get_salt(char *salt, char *algo)
11 int i, len = 0, offset = 0;
14 if (!strcmp(algo,"des")) len = 2;
17 if (!strcmp(algo,"md5")) {
20 } else if (!strcmp(algo,"sha256")) {
23 } else if (!strcmp(algo,"sha512")) {
32 // Read appropriate number of random bytes for salt
33 i = xopen("/dev/urandom", O_RDONLY);
34 xreadall(i, buf, ((len*6)+7)/8);
37 // Grab 6 bit chunks and convert to characters in ./0-9a-zA-Z
38 for (i=0; i<len; i++) {
39 int bitpos = i*6, bits = bitpos/8;
41 bits = ((buf[i]+(buf[i+1]<<8)) >> (bitpos&7)) & 0x3f;
43 if (bits > 57) bits += 7;
44 if (bits > 90) bits += 6;
53 static void handle(int signo)
55 //Dummy.. so that read breaks on the signal,
56 //instead of the applocation exit
59 int read_password(char * buff, int buflen, char* mesg)
62 struct termios termio, oldtermio;
63 struct sigaction sa, oldsa;
65 tcgetattr(0, &oldtermio);
69 memset(&sa, 0, sizeof(sa));
70 sa.sa_handler = handle;
71 sigaction(SIGINT, &sa, &oldsa);
73 termio.c_iflag &= ~(IUCLC|IXON|IXOFF|IXANY);
74 termio.c_lflag &= ~(ECHO|ECHOE|ECHOK|ECHONL|TOSTOP);
75 tcsetattr(0, TCSANOW, &termio);
81 int ret = read(0, &buff[i], 1);
82 if ( ret < 0 || (!ret && !i)) {
84 sigaction(SIGINT, &oldsa, NULL);
85 tcsetattr(0, TCSANOW, &oldtermio);
89 } else if (ret == 0 || buff[i] == '\n' || buff[i] == '\r' || buflen == i+1)
96 sigaction(SIGINT, &oldsa, NULL);
97 tcsetattr(0, TCSANOW, &oldtermio);
103 static char *get_nextcolon(char *line, int cnt)
106 if (!(line = strchr(line, ':'))) error_exit("Invalid Entry\n");
107 line++; //jump past the colon
112 /*update_password is used by multiple utilities to update /etc/passwd,
113 * /etc/shadow, /etc/group and /etc/gshadow files,
114 * which are used as user, group databeses
116 * 1. encrypted password, when updating user password.
117 * 2. complete entry for user details, when creating new user
118 * 3. group members comma',' separated list, when adding user to group
119 * 4. complete entry for group details, when creating new group
120 * 5. entry = NULL, delete the named entry user/group
122 int update_password(char *filename, char* username, char* entry)
124 char *filenamesfx = NULL, *namesfx = NULL, *shadow = NULL,
125 *sfx = NULL, *line = NULL;
127 int ret = -1, found = 0;
130 shadow = strstr(filename, "shadow");
131 filenamesfx = xmprintf("%s+", filename);
132 sfx = strchr(filenamesfx, '+');
134 exfp = fopen(filename, "r+");
136 perror_msg("Couldn't open file %s",filename);
141 ret = unlink(filenamesfx);
142 ret = link(filename, filenamesfx);
143 if (ret < 0) error_msg("can't create backup file");
146 lock.l_type = F_WRLCK;
147 lock.l_whence = SEEK_SET;
151 ret = fcntl(fileno(exfp), F_SETLK, &lock);
152 if (ret < 0) perror_msg("Couldn't lock file %s",filename);
154 lock.l_type = F_UNLCK; //unlocking at a later stage
156 newfp = fopen(filenamesfx, "w+");
158 error_msg("couldn't open file for writing");
165 namesfx = xmprintf("%s:",username);
166 while ((line = get_line(fileno(exfp))) != NULL)
168 if (strncmp(line, namesfx, strlen(namesfx)))
169 fprintf(newfp, "%s\n", line);
171 char *current_ptr = NULL;
174 if (!strcmp(toys.which->name, "passwd")) {
175 fprintf(newfp, "%s%s:",namesfx, entry);
176 current_ptr = get_nextcolon(line, 2); //past passwd
178 fprintf(newfp, "%u:",(unsigned)(time(NULL))/(24*60*60));
179 current_ptr = get_nextcolon(current_ptr, 1);
180 fprintf(newfp, "%s\n",current_ptr);
181 } else fprintf(newfp, "%s\n",current_ptr);
182 } else if (!strcmp(toys.which->name, "groupadd") ||
183 !strcmp(toys.which->name, "addgroup") ||
184 !strcmp(toys.which->name, "delgroup") ||
185 !strcmp(toys.which->name, "groupdel")){
186 current_ptr = get_nextcolon(line, 3); //past gid/admin list
188 fprintf(newfp, "%s", line);
189 fprintf(newfp, "%s\n", entry);
195 if (!found && entry) fprintf(newfp, "%s\n", entry);
196 fcntl(fileno(exfp), F_SETLK, &lock);
201 fsync(fileno(newfp));
203 rename(filenamesfx, filename);
205 perror_msg("File Writing/Saving failed: ");
215 void is_valid_username(const char *name)
220 char *regex = "^[_.A-Za-z0-9][-_.A-Za-z0-9]*"; //User name REGEX
222 xregcomp(&rp, regex, REG_NEWLINE);
224 /* compare string against pattern -- remember that patterns
225 are anchored to the beginning of the line */
226 eval = regexec(&rp, name, 1, rm, 0);
228 if (!eval && !rm[0].rm_so) {
229 int len = strlen(name);
230 if ((rm[0].rm_eo == len) ||
231 (rm[0].rm_eo == len - 1 && name[len - 1] == '$')) {
232 if (len >= LOGIN_NAME_MAX) error_exit("name is too long");
236 error_exit("'%s', not valid %sname",name,
237 (((toys.which->name[3] == 'g') ||
238 (toys.which->name[0] == 'g'))? "group" : "user"));