pwd_mkdb.c revision 1.39
1 /* $NetBSD: pwd_mkdb.c,v 1.39 2009/03/06 19:05:11 apb Exp $ */ 2 3 /* 4 * Copyright (c) 2000, 2009 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 17 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 18 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 20 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 * POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 /* 30 * Copyright (c) 1991, 1993, 1994 31 * The Regents of the University of California. All rights reserved. 32 * 33 * Redistribution and use in source and binary forms, with or without 34 * modification, are permitted provided that the following conditions 35 * are met: 36 * 1. Redistributions of source code must retain the above copyright 37 * notice, this list of conditions and the following disclaimer. 38 * 2. Redistributions in binary form must reproduce the above copyright 39 * notice, this list of conditions and the following disclaimer in the 40 * documentation and/or other materials provided with the distribution. 41 * 3. Neither the name of the University nor the names of its contributors 42 * may be used to endorse or promote products derived from this software 43 * without specific prior written permission. 44 * 45 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 48 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 55 * SUCH DAMAGE. 56 */ 57 58 /* 59 * Portions Copyright(C) 1994, Jason Downs. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 1. Redistributions of source code must retain the above copyright 65 * notice, this list of conditions and the following disclaimer. 66 * 2. Redistributions in binary form must reproduce the above copyright 67 * notice, this list of conditions and the following disclaimer in the 68 * documentation and/or other materials provided with the distribution. 69 * 70 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS 71 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 72 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 73 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, 74 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 75 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 76 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 77 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 78 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 79 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 80 * SUCH DAMAGE. 81 */ 82 83 #if HAVE_NBTOOL_CONFIG_H 84 #include "nbtool_config.h" 85 #endif 86 87 #include <sys/cdefs.h> 88 #if !defined(lint) 89 __COPYRIGHT("@(#) Copyright (c) 2000, 2009\ 90 The NetBSD Foundation, Inc. All rights reserved.\ 91 Copyright (c) 1991, 1993, 1994\ 92 The Regents of the University of California. All rights reserved."); 93 __SCCSID("from: @(#)pwd_mkdb.c 8.5 (Berkeley) 4/20/94"); 94 __RCSID("$NetBSD: pwd_mkdb.c,v 1.39 2009/03/06 19:05:11 apb Exp $"); 95 #endif /* not lint */ 96 97 #if HAVE_NBTOOL_CONFIG_H 98 #include "compat_pwd.h" 99 #else 100 #include <pwd.h> 101 #endif 102 103 #include <sys/param.h> 104 #include <sys/stat.h> 105 #include <sys/types.h> 106 107 #ifndef HAVE_NBTOOL_CONFIG_H 108 #include <machine/bswap.h> 109 #endif 110 111 #include <db.h> 112 #include <err.h> 113 #include <errno.h> 114 #include <fcntl.h> 115 #include <limits.h> 116 #include <signal.h> 117 #include <stdio.h> 118 #include <stdlib.h> 119 #include <string.h> 120 #include <unistd.h> 121 #include <util.h> 122 123 #define MAX_CACHESIZE 8*1024*1024 124 #define MIN_CACHESIZE 2*1024*1024 125 126 #define PERM_INSECURE (S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) 127 #define PERM_SECURE (S_IRUSR | S_IWUSR) 128 129 #if HAVE_NBTOOL_CONFIG_H 130 static const char __yp_token[] = "__YP!"; 131 #else 132 /* Pull this out of the C library. */ 133 extern const char __yp_token[]; 134 #endif 135 136 HASHINFO openinfo = { 137 4096, /* bsize */ 138 32, /* ffactor */ 139 256, /* nelem */ 140 0, /* cachesize */ 141 NULL, /* hash() */ 142 0 /* lorder */ 143 }; 144 145 #define FILE_INSECURE 0x01 146 #define FILE_SECURE 0x02 147 #define FILE_ORIG 0x04 148 149 static char *pname; /* password file name */ 150 static char prefix[MAXPATHLEN]; 151 static char oldpwdfile[MAX(MAXPATHLEN, LINE_MAX * 2)]; 152 static char pwd_db_tmp[MAX(MAXPATHLEN, LINE_MAX * 2)]; 153 static char pwd_Sdb_tmp[MAX(MAXPATHLEN, LINE_MAX * 2)]; 154 static int lorder = BYTE_ORDER; 155 static int clean; 156 157 void bailout(void); 158 void cp(const char *, const char *, mode_t); 159 int deldbent(DB *, const char *, int, void *); 160 void error(const char *); 161 int getdbent(DB *, const char *, int, void *, struct passwd **); 162 void inconsistancy(void); 163 void install(const char *, const char *); 164 int main(int, char **); 165 void putdbents(DB *, struct passwd *, const char *, int, const char *, int, 166 int, int); 167 void putyptoken(DB *, const char *); 168 void rm(const char *); 169 int scan(FILE *, struct passwd *, int *, int *); 170 void usage(void); 171 void wr_error(const char *); 172 void checkversion(DB *); 173 uint32_t getversion(void); 174 void setversion(DB *); 175 176 #define SWAP(sw) \ 177 ((sizeof(sw) == 2 ? (typeof(sw))bswap16((uint16_t)sw) : \ 178 (sizeof(sw) == 4 ? (typeof(sw))bswap32((uint32_t)sw) : \ 179 (sizeof(sw) == 8 ? (typeof(sw))bswap64((uint64_t)sw) : (abort(), 0))))) 180 181 int 182 main(int argc, char *argv[]) 183 { 184 int ch, makeold, tfd, lineno, found, rv, hasyp, secureonly; 185 struct passwd pwd, *tpwd; 186 char *username; 187 DB *dp, *edp; 188 FILE *fp, *oldfp; 189 sigset_t set; 190 int dbflg, uid_dbflg, newuser, olduid, flags; 191 char buf[MAXPATHLEN]; 192 struct stat st; 193 u_int cachesize; 194 195 prefix[0] = '\0'; 196 makeold = 0; 197 oldfp = NULL; 198 username = NULL; 199 hasyp = 0; 200 secureonly = 0; 201 found = 0; 202 newuser = 0; 203 dp = NULL; 204 cachesize = 0; 205 206 while ((ch = getopt(argc, argv, "BLc:d:psu:v")) != -1) 207 switch (ch) { 208 case 'B': /* big-endian output */ 209 lorder = BIG_ENDIAN; 210 break; 211 case 'L': /* little-endian output */ 212 lorder = LITTLE_ENDIAN; 213 break; 214 case 'c': 215 cachesize = atoi(optarg) * 1024 * 1024; 216 break; 217 case 'd': /* set prefix */ 218 strlcpy(prefix, optarg, sizeof(prefix)); 219 break; 220 case 'p': /* create V7 "file.orig" */ 221 makeold = 1; 222 break; 223 case 's': /* modify secure db only */ 224 secureonly = 1; 225 break; 226 case 'u': /* modify one user only */ 227 username = optarg; 228 break; 229 case 'v': /* backward compatible */ 230 break; 231 case '?': 232 default: 233 usage(); 234 } 235 argc -= optind; 236 argv += optind; 237 238 if (argc != 1) 239 usage(); 240 if (username != NULL) 241 if (username[0] == '+' || username[0] == '-') 242 usage(); 243 if (secureonly) 244 makeold = 0; 245 246 /* 247 * This could be changed to allow the user to interrupt. 248 * Probably not worth the effort. 249 */ 250 sigemptyset(&set); 251 sigaddset(&set, SIGTSTP); 252 sigaddset(&set, SIGHUP); 253 sigaddset(&set, SIGINT); 254 sigaddset(&set, SIGQUIT); 255 sigaddset(&set, SIGTERM); 256 (void)sigprocmask(SIG_BLOCK, &set, (sigset_t *)NULL); 257 258 /* We don't care what the user wants. */ 259 (void)umask(0); 260 261 if (username == NULL) 262 flags = O_RDWR | O_CREAT | O_EXCL; 263 else 264 flags = O_RDWR; 265 266 pname = *argv; 267 /* Open the original password file */ 268 if ((fp = fopen(pname, "r")) == NULL) 269 error(pname); 270 271 openinfo.lorder = lorder; 272 273 if (fstat(fileno(fp), &st) == -1) 274 error(pname); 275 276 if (cachesize) { 277 openinfo.cachesize = cachesize; 278 } else { 279 /* Tweak openinfo values for large passwd files. */ 280 cachesize = st.st_size * 20; 281 if (cachesize > MAX_CACHESIZE) 282 cachesize = MAX_CACHESIZE; 283 else if (cachesize < MIN_CACHESIZE) 284 cachesize = MIN_CACHESIZE; 285 openinfo.cachesize = cachesize; 286 } 287 288 /* Open the temporary insecure password database. */ 289 if (!secureonly) { 290 (void)snprintf(pwd_db_tmp, sizeof(pwd_db_tmp), "%s%s.tmp", 291 prefix, _PATH_MP_DB); 292 if (username != NULL) { 293 snprintf(buf, sizeof(buf), "%s" _PATH_MP_DB, prefix); 294 cp(buf, pwd_db_tmp, PERM_INSECURE); 295 } 296 dp = dbopen(pwd_db_tmp, flags, PERM_INSECURE, DB_HASH, 297 &openinfo); 298 if (dp == NULL) 299 error(pwd_db_tmp); 300 clean |= FILE_INSECURE; 301 if (username != NULL) 302 checkversion(dp); 303 else 304 setversion(dp); 305 } 306 307 /* Open the temporary encrypted password database. */ 308 (void)snprintf(pwd_Sdb_tmp, sizeof(pwd_Sdb_tmp), "%s%s.tmp", prefix, 309 _PATH_SMP_DB); 310 if (username != NULL) { 311 snprintf(buf, sizeof(buf), "%s" _PATH_SMP_DB, prefix); 312 cp(buf, pwd_Sdb_tmp, PERM_SECURE); 313 } 314 edp = dbopen(pwd_Sdb_tmp, flags, PERM_SECURE, DB_HASH, &openinfo); 315 if (!edp) 316 error(pwd_Sdb_tmp); 317 clean |= FILE_SECURE; 318 if (username != NULL) 319 checkversion(edp); 320 else 321 setversion(edp); 322 323 /* 324 * Open file for old password file. Minor trickiness -- don't want to 325 * chance the file already existing, since someone (stupidly) might 326 * still be using this for permission checking. So, open it first and 327 * fdopen the resulting fd. The resulting file should be readable by 328 * everyone. 329 */ 330 if (makeold) { 331 (void)snprintf(oldpwdfile, sizeof(oldpwdfile), "%s.orig", 332 pname); 333 if ((tfd = open(oldpwdfile, O_WRONLY | O_CREAT | O_EXCL, 334 PERM_INSECURE)) < 0) 335 error(oldpwdfile); 336 clean |= FILE_ORIG; 337 if ((oldfp = fdopen(tfd, "w")) == NULL) 338 error(oldpwdfile); 339 } 340 341 if (username != NULL) { 342 uid_dbflg = 0; 343 dbflg = 0; 344 345 /* 346 * Determine if this is a new entry. 347 */ 348 if (getdbent(edp, pwd_Sdb_tmp, _PW_KEYBYNAME, username, &tpwd)) 349 newuser = 1; 350 else { 351 newuser = 0; 352 olduid = tpwd->pw_uid; 353 } 354 355 } else { 356 uid_dbflg = R_NOOVERWRITE; 357 dbflg = R_NOOVERWRITE; 358 } 359 360 /* 361 * If we see something go by that looks like YP, we save a special 362 * pointer record, which if YP is enabled in the C lib, will speed 363 * things up. 364 */ 365 for (lineno = 0; scan(fp, &pwd, &flags, &lineno);) { 366 /* 367 * Create original format password file entry. 368 */ 369 if (makeold) { 370 (void)fprintf(oldfp, "%s:*:%d:%d:%s:%s:%s\n", 371 pwd.pw_name, pwd.pw_uid, pwd.pw_gid, pwd.pw_gecos, 372 pwd.pw_dir, pwd.pw_shell); 373 if (ferror(oldfp)) 374 wr_error(oldpwdfile); 375 } 376 377 if (username == NULL) { 378 /* Look like YP? */ 379 if (pwd.pw_name[0] == '+' || pwd.pw_name[0] == '-') 380 hasyp++; 381 382 /* Warn about potentially unsafe uid/gid overrides. */ 383 if (pwd.pw_name[0] == '+') { 384 if ((flags & _PASSWORD_NOUID) == 0 && 385 pwd.pw_uid == 0) 386 warnx("line %d: superuser override " 387 "in YP inclusion", lineno); 388 if ((flags & _PASSWORD_NOGID) == 0 && 389 pwd.pw_gid == 0) 390 warnx("line %d: wheel override " 391 "in YP inclusion", lineno); 392 } 393 394 /* Write the database entry out. */ 395 if (!secureonly) 396 putdbents(dp, &pwd, "*", flags, pwd_db_tmp, 397 lineno, dbflg, uid_dbflg); 398 continue; 399 } else if (strcmp(username, pwd.pw_name) != 0) 400 continue; 401 402 if (found) { 403 warnx("user `%s' listed twice in password file", 404 username); 405 bailout(); 406 } 407 408 /* 409 * Ensure that the text file and database agree on 410 * which line the record is from. 411 */ 412 rv = getdbent(edp, pwd_Sdb_tmp, _PW_KEYBYNUM, &lineno, &tpwd); 413 if (newuser) { 414 if (rv == 0) 415 inconsistancy(); 416 } else if (rv == -1 || 417 strcmp(username, tpwd->pw_name) != 0) 418 inconsistancy(); 419 else if (olduid != pwd.pw_uid) { 420 /* 421 * If we're changing UID, remove the BYUID 422 * record for the old UID only if it has the 423 * same username. 424 */ 425 if (!getdbent(edp, pwd_Sdb_tmp, _PW_KEYBYUID, &olduid, 426 &tpwd)) { 427 if (strcmp(username, tpwd->pw_name) == 0) { 428 if (!secureonly) 429 deldbent(dp, pwd_db_tmp, 430 _PW_KEYBYUID, &olduid); 431 deldbent(edp, pwd_Sdb_tmp, 432 _PW_KEYBYUID, &olduid); 433 } 434 } else 435 inconsistancy(); 436 } 437 438 /* 439 * If there's an existing BYUID record for the new UID and 440 * the username doesn't match then be sure not to overwrite 441 * it. 442 */ 443 if (!getdbent(edp, pwd_Sdb_tmp, _PW_KEYBYUID, &pwd.pw_uid, 444 &tpwd)) 445 if (strcmp(username, tpwd->pw_name) != 0) 446 uid_dbflg = R_NOOVERWRITE; 447 448 /* Write the database entries out */ 449 if (!secureonly) 450 putdbents(dp, &pwd, "*", flags, pwd_db_tmp, lineno, 451 dbflg, uid_dbflg); 452 putdbents(edp, &pwd, pwd.pw_passwd, flags, pwd_Sdb_tmp, 453 lineno, dbflg, uid_dbflg); 454 455 found = 1; 456 if (!makeold) 457 break; 458 } 459 460 if (!secureonly) { 461 /* Store YP token if needed. */ 462 if (hasyp) 463 putyptoken(dp, pwd_db_tmp); 464 465 /* Close the insecure database. */ 466 if ((*dp->close)(dp) < 0) 467 wr_error(pwd_db_tmp); 468 } 469 470 /* 471 * If rebuilding the databases, we re-parse the text file and write 472 * the secure entries out in a separate pass. 473 */ 474 if (username == NULL) { 475 rewind(fp); 476 for (lineno = 0; scan(fp, &pwd, &flags, &lineno);) 477 putdbents(edp, &pwd, pwd.pw_passwd, flags, pwd_Sdb_tmp, 478 lineno, dbflg, uid_dbflg); 479 480 /* Store YP token if needed. */ 481 if (hasyp) 482 putyptoken(edp, pwd_Sdb_tmp); 483 } else if (!found) { 484 warnx("user `%s' not found in password file", username); 485 bailout(); 486 } 487 488 /* Close the secure database. */ 489 if ((*edp->close)(edp) < 0) 490 wr_error(pwd_Sdb_tmp); 491 492 /* Install as the real password files. */ 493 if (!secureonly) 494 install(pwd_db_tmp, _PATH_MP_DB); 495 install(pwd_Sdb_tmp, _PATH_SMP_DB); 496 497 /* Install the V7 password file. */ 498 if (makeold) { 499 if (fflush(oldfp) == EOF) 500 wr_error(oldpwdfile); 501 if (fclose(oldfp) == EOF) 502 wr_error(oldpwdfile); 503 install(oldpwdfile, _PATH_PASSWD); 504 } 505 506 /* Set master.passwd permissions, in case caller forgot. */ 507 (void)fchmod(fileno(fp), S_IRUSR|S_IWUSR); 508 if (fclose(fp) == EOF) 509 wr_error(pname); 510 511 /* 512 * Move the temporary master password file LAST -- chpass(1), 513 * passwd(1), vipw(8) and friends all use its existence to block 514 * other incarnations of themselves. The rename means that 515 * everything is unlocked, as the original file can no longer be 516 * accessed. 517 */ 518 install(pname, _PATH_MASTERPASSWD); 519 exit(EXIT_SUCCESS); 520 /* NOTREACHED */ 521 } 522 523 int 524 scan(FILE *fp, struct passwd *pw, int *flags, int *lineno) 525 { 526 static char line[LINE_MAX]; 527 char *p; 528 int oflags; 529 530 if (fgets(line, sizeof(line), fp) == NULL) 531 return (0); 532 (*lineno)++; 533 534 /* 535 * ``... if I swallow anything evil, put your fingers down my 536 * throat...'' 537 * -- The Who 538 */ 539 if ((p = strchr(line, '\n')) == NULL) { 540 warnx("line too long"); 541 errno = EFTYPE; /* XXX */ 542 error(pname); 543 } 544 *p = '\0'; 545 if (strcmp(line, "+") == 0) 546 strcpy(line, "+:::::::::"); /* pw_scan() can't handle "+" */ 547 oflags = 0; 548 if (!pw_scan(line, pw, &oflags)) { 549 warnx("at line #%d", *lineno); 550 errno = EFTYPE; /* XXX */ 551 error(pname); 552 } 553 *flags = oflags; 554 555 return (1); 556 } 557 558 void 559 install(const char *from, const char *to) 560 { 561 char buf[MAXPATHLEN]; 562 char errbuf[BUFSIZ]; 563 int sverrno; 564 565 snprintf(buf, sizeof(buf), "%s%s", prefix, to); 566 if (rename(from, buf)) { 567 sverrno = errno; 568 (void)snprintf(errbuf, sizeof(errbuf), "%s to %s", from, buf); 569 errno = sverrno; 570 error(errbuf); 571 } 572 } 573 574 void 575 rm(const char *victim) 576 { 577 578 if (unlink(victim) < 0) 579 warn("unlink(%s)", victim); 580 } 581 582 void 583 cp(const char *from, const char *to, mode_t mode) 584 { 585 static char buf[MAXBSIZE]; 586 int from_fd, rcount, to_fd, wcount, sverrno; 587 588 if ((from_fd = open(from, O_RDONLY, 0)) < 0) 589 error(from); 590 if ((to_fd = open(to, O_WRONLY | O_CREAT | O_EXCL, mode)) < 0) 591 error(to); 592 while ((rcount = read(from_fd, buf, MAXBSIZE)) > 0) { 593 wcount = write(to_fd, buf, rcount); 594 if (rcount != wcount || wcount == -1) { 595 sverrno = errno; 596 (void)snprintf(buf, sizeof(buf), "%s to %s", from, to); 597 errno = sverrno; 598 error(buf); 599 } 600 } 601 602 if (rcount < 0) { 603 sverrno = errno; 604 (void)snprintf(buf, sizeof(buf), "%s to %s", from, to); 605 errno = sverrno; 606 error(buf); 607 } 608 } 609 610 void 611 wr_error(const char *str) 612 { 613 char errbuf[BUFSIZ]; 614 int sverrno; 615 616 sverrno = errno; 617 618 (void)snprintf(errbuf, sizeof(errbuf), 619 "attempt to write %s failed", str); 620 621 errno = sverrno; 622 error(errbuf); 623 } 624 625 void 626 error(const char *str) 627 { 628 629 warn("%s", str); 630 bailout(); 631 } 632 633 void 634 inconsistancy(void) 635 { 636 637 warnx("text files and databases are inconsistent"); 638 warnx("re-build the databases without -u"); 639 bailout(); 640 } 641 642 void 643 bailout(void) 644 { 645 646 if ((clean & FILE_ORIG) != 0) 647 rm(oldpwdfile); 648 if ((clean & FILE_SECURE) != 0) 649 rm(pwd_Sdb_tmp); 650 if ((clean & FILE_INSECURE) != 0) 651 rm(pwd_db_tmp); 652 653 exit(EXIT_FAILURE); 654 } 655 656 /* 657 * Ensures that an existing database is up to date. 658 * 659 * Makes sure that the version number of an existing database matches the 660 * version number setversion() writes. If it does not, this function aborts 661 * execution because updating the database without fully regenerating it will 662 * leave it inconsistent. 663 */ 664 void 665 checkversion(DB *dp) 666 { 667 DBT data, key; 668 int ret; 669 670 key.data = __UNCONST("VERSION"); 671 key.size = strlen((const char *)key.data) + 1; 672 673 ret = (*dp->get)(dp, &key, &data, 0); 674 if (ret == -1) { 675 warnx("cannot get VERSION record from database"); 676 bailout(); 677 } 678 679 if (ret == 1 || *(int *)data.data != getversion()) { 680 warnx("databases are laid out according to an old version"); 681 warnx("re-build the databases without -u"); 682 bailout(); 683 } 684 } 685 686 /* 687 * Returns the version number we write to and expect from databases. 688 */ 689 uint32_t 690 getversion(void) 691 { 692 uint32_t version = sizeof(((struct passwd *)NULL)->pw_change) != sizeof(int32_t); 693 if (lorder != BYTE_ORDER) 694 version = SWAP(version); 695 return version; 696 } 697 698 void 699 setversion(DB *dp) 700 { 701 DBT data, key; 702 uint32_t version = getversion(); 703 704 key.data = __UNCONST("VERSION"); 705 key.size = strlen((const char *)key.data) + 1; 706 707 data.data = &version; 708 data.size = sizeof(uint32_t); 709 710 if ((*dp->put)(dp, &key, &data, R_NOOVERWRITE) == -1) 711 wr_error("setversion"); 712 } 713 714 /* 715 * Write entries to a database for a single user. 716 * 717 * The databases actually contain three copies of the original data. Each 718 * password file entry is converted into a rough approximation of a ``struct 719 * passwd'', with the strings placed inline. This object is then stored as 720 * the data for three separate keys. The first key * is the pw_name field 721 * prepended by the _PW_KEYBYNAME character. The second key is the pw_uid 722 * field prepended by the _PW_KEYBYUID character. The third key is the line 723 * number in the original file prepended by the _PW_KEYBYNUM character. 724 * (The special characters are prepended to ensure that the keys do not 725 * collide.) 726 */ 727 #define COMPACT(e) for (t = e; (*p++ = *t++) != '\0';) 728 729 void 730 putdbents(DB *dp, struct passwd *pw, const char *passwd, int flags, 731 const char *fn, int lineno, int dbflg, int uid_dbflg) 732 { 733 struct passwd pwd; 734 char buf[MAX(MAXPATHLEN, LINE_MAX * 2)], tbuf[1024], *p; 735 DBT data, key; 736 const char *t; 737 u_int32_t x; 738 int len; 739 740 memcpy(&pwd, pw, sizeof(pwd)); 741 data.data = (u_char *)buf; 742 key.data = (u_char *)tbuf; 743 744 if (lorder != BYTE_ORDER) { 745 pwd.pw_uid = SWAP(pwd.pw_uid); 746 pwd.pw_gid = SWAP(pwd.pw_gid); 747 pwd.pw_change = SWAP(pwd.pw_change); 748 pwd.pw_expire = SWAP(pwd.pw_expire); 749 } 750 751 /* Create insecure data. */ 752 p = buf; 753 COMPACT(pwd.pw_name); 754 COMPACT(passwd); 755 memmove(p, &pwd.pw_uid, sizeof(pwd.pw_uid)); 756 p += sizeof(pwd.pw_uid); 757 memmove(p, &pwd.pw_gid, sizeof(pwd.pw_gid)); 758 p += sizeof(pwd.pw_gid); 759 memmove(p, &pwd.pw_change, sizeof(pwd.pw_change)); 760 p += sizeof(pwd.pw_change); 761 COMPACT(pwd.pw_class); 762 COMPACT(pwd.pw_gecos); 763 COMPACT(pwd.pw_dir); 764 COMPACT(pwd.pw_shell); 765 memmove(p, &pwd.pw_expire, sizeof(pwd.pw_expire)); 766 p += sizeof(pwd.pw_expire); 767 x = flags; 768 if (lorder != BYTE_ORDER) 769 x = SWAP(x); 770 memmove(p, &x, sizeof(x)); 771 p += sizeof(flags); 772 data.size = p - buf; 773 774 /* Store insecure by name. */ 775 tbuf[0] = _PW_KEYBYNAME; 776 len = strlen(pwd.pw_name); 777 memmove(tbuf + 1, pwd.pw_name, len); 778 key.size = len + 1; 779 if ((*dp->put)(dp, &key, &data, dbflg) == -1) 780 wr_error(fn); 781 782 /* Store insecure by number. */ 783 tbuf[0] = _PW_KEYBYNUM; 784 x = lineno; 785 if (lorder != BYTE_ORDER) 786 x = SWAP(x); 787 memmove(tbuf + 1, &x, sizeof(x)); 788 key.size = sizeof(x) + 1; 789 if ((*dp->put)(dp, &key, &data, dbflg) == -1) 790 wr_error(fn); 791 792 /* Store insecure by uid. */ 793 tbuf[0] = _PW_KEYBYUID; 794 memmove(tbuf + 1, &pwd.pw_uid, sizeof(pwd.pw_uid)); 795 key.size = sizeof(pwd.pw_uid) + 1; 796 if ((*dp->put)(dp, &key, &data, uid_dbflg) == -1) 797 wr_error(fn); 798 } 799 800 int 801 deldbent(DB *dp, const char *fn, int type, void *keyp) 802 { 803 char tbuf[1024]; 804 DBT key; 805 u_int32_t x; 806 int len, rv; 807 808 key.data = (u_char *)tbuf; 809 810 switch (tbuf[0] = type) { 811 case _PW_KEYBYNAME: 812 len = strlen((char *)keyp); 813 memcpy(tbuf + 1, keyp, len); 814 key.size = len + 1; 815 break; 816 817 case _PW_KEYBYNUM: 818 case _PW_KEYBYUID: 819 x = *(int *)keyp; 820 if (lorder != BYTE_ORDER) 821 x = SWAP(x); 822 memmove(tbuf + 1, &x, sizeof(x)); 823 key.size = sizeof(x) + 1; 824 break; 825 } 826 827 if ((rv = (*dp->del)(dp, &key, 0)) == -1) 828 wr_error(fn); 829 return (rv); 830 } 831 832 int 833 getdbent(DB *dp, const char *fn, int type, void *keyp, struct passwd **tpwd) 834 { 835 static char buf[MAX(MAXPATHLEN, LINE_MAX * 2)]; 836 static struct passwd pwd; 837 char tbuf[1024], *p; 838 DBT key, data; 839 u_int32_t x; 840 int len, rv; 841 842 data.data = (u_char *)buf; 843 data.size = sizeof(buf); 844 key.data = (u_char *)tbuf; 845 846 switch (tbuf[0] = type) { 847 case _PW_KEYBYNAME: 848 len = strlen((char *)keyp); 849 memcpy(tbuf + 1, keyp, len); 850 key.size = len + 1; 851 break; 852 853 case _PW_KEYBYNUM: 854 case _PW_KEYBYUID: 855 x = *(int *)keyp; 856 if (lorder != BYTE_ORDER) 857 x = SWAP(x); 858 memmove(tbuf + 1, &x, sizeof(x)); 859 key.size = sizeof(x) + 1; 860 break; 861 } 862 863 if ((rv = (*dp->get)(dp, &key, &data, 0)) == 1) 864 return (rv); 865 if (rv == -1) 866 error(pwd_Sdb_tmp); 867 868 p = (char *)data.data; 869 870 pwd.pw_name = p; 871 while (*p++ != '\0') 872 ; 873 pwd.pw_passwd = p; 874 while (*p++ != '\0') 875 ; 876 877 memcpy(&pwd.pw_uid, p, sizeof(pwd.pw_uid)); 878 p += sizeof(pwd.pw_uid); 879 memcpy(&pwd.pw_gid, p, sizeof(pwd.pw_gid)); 880 p += sizeof(pwd.pw_gid); 881 memcpy(&pwd.pw_change, p, sizeof(pwd.pw_change)); 882 p += sizeof(pwd.pw_change); 883 884 pwd.pw_class = p; 885 while (*p++ != '\0') 886 ; 887 pwd.pw_gecos = p; 888 while (*p++ != '\0') 889 ; 890 pwd.pw_dir = p; 891 while (*p++ != '\0') 892 ; 893 pwd.pw_shell = p; 894 while (*p++ != '\0') 895 ; 896 897 memcpy(&pwd.pw_expire, p, sizeof(pwd.pw_expire)); 898 p += sizeof(pwd.pw_expire); 899 900 if (lorder != BYTE_ORDER) { 901 pwd.pw_uid = SWAP(pwd.pw_uid); 902 pwd.pw_gid = SWAP(pwd.pw_gid); 903 pwd.pw_change = SWAP(pwd.pw_change); 904 pwd.pw_expire = SWAP(pwd.pw_expire); 905 } 906 907 *tpwd = &pwd; 908 return (0); 909 } 910 911 void 912 putyptoken(DB *dp, const char *fn) 913 { 914 DBT data, key; 915 916 key.data = (u_char *)__yp_token; 917 key.size = strlen(__yp_token); 918 data.data = (u_char *)NULL; 919 data.size = 0; 920 921 if ((*dp->put)(dp, &key, &data, R_NOOVERWRITE) == -1) 922 wr_error(fn); 923 } 924 925 void 926 usage(void) 927 { 928 929 (void)fprintf(stderr, 930 "usage: pwd_mkdb [-BLps] [-c cachesize] [-d directory] [-u user] file\n"); 931 exit(EXIT_FAILURE); 932 } 933
Indexes created Thu Oct 02 10:09:58 GMT 2025