diff options
Diffstat (limited to 'crypto/heimdal/appl/su/su.c')
-rw-r--r-- | crypto/heimdal/appl/su/su.c | 551 |
1 files changed, 0 insertions, 551 deletions
diff --git a/crypto/heimdal/appl/su/su.c b/crypto/heimdal/appl/su/su.c deleted file mode 100644 index 79324e9ee5561..0000000000000 --- a/crypto/heimdal/appl/su/su.c +++ /dev/null @@ -1,551 +0,0 @@ -/* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include <config.h> - -RCSID("$Id: su.c,v 1.26.2.1 2003/05/06 12:06:44 joda Exp $"); - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#include <syslog.h> - -#ifdef HAVE_PATHS_H -#include <paths.h> -#endif - -#ifdef HAVE_SHADOW_H -#include <shadow.h> -#endif - -#include <pwd.h> - -#include "crypto-headers.h" -#ifdef KRB5 -#include <krb5.h> -#endif -#ifdef KRB4 -#include <krb.h> -#endif -#include <kafs.h> -#include <err.h> -#include <roken.h> -#include <getarg.h> - -#ifndef _PATH_DEFPATH -#define _PATH_DEFPATH "/usr/bin:/bin" -#endif - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif - -int kerberos_flag = 1; -int csh_f_flag; -int full_login; -int env_flag; -char *kerberos_instance = "root"; -int help_flag; -int version_flag; -char *cmd; -char tkfile[256]; - -struct getargs args[] = { - { "kerberos", 'K', arg_negative_flag, &kerberos_flag, - "don't use kerberos" }, - { NULL, 'f', arg_flag, &csh_f_flag, - "don't read .cshrc" }, - { "full", 'l', arg_flag, &full_login, - "simulate full login" }, - { NULL, 'm', arg_flag, &env_flag, - "leave environment unmodified" }, - { "instance", 'i', arg_string, &kerberos_instance, - "root instance to use" }, - { "command", 'c', arg_string, &cmd, - "command to execute" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag }, -}; - - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "[login [shell arguments]]"); - exit (ret); -} - -static void -free_info(struct passwd *p) -{ - free (p->pw_name); - free (p->pw_passwd); - free (p->pw_dir); - free (p->pw_shell); - free (p); -} - -static struct passwd* -dup_info(const struct passwd *pwd) -{ - struct passwd *info; - - info = malloc(sizeof(*info)); - if(info == NULL) - return NULL; - info->pw_name = strdup(pwd->pw_name); - info->pw_passwd = strdup(pwd->pw_passwd); - info->pw_uid = pwd->pw_uid; - info->pw_gid = pwd->pw_gid; - info->pw_dir = strdup(pwd->pw_dir); - info->pw_shell = strdup(pwd->pw_shell); - if(info->pw_name == NULL || info->pw_passwd == NULL || - info->pw_dir == NULL || info->pw_shell == NULL) { - free_info (info); - return NULL; - } - return info; -} - -#if defined(KRB4) || defined(KRB5) -static void -set_tkfile() -{ -#ifndef TKT_ROOT -#define TKT_ROOT "/tmp/tkt" -#endif - int fd; - if(*tkfile != '\0') - return; - snprintf(tkfile, sizeof(tkfile), "%s_XXXXXX", TKT_ROOT); - fd = mkstemp(tkfile); - if(fd >= 0) - close(fd); -#ifdef KRB4 - krb_set_tkt_string(tkfile); -#endif -} -#endif - -#ifdef KRB5 -static krb5_context context; -static krb5_ccache ccache; - -static int -krb5_verify(const struct passwd *login_info, - const struct passwd *su_info, - const char *kerberos_instance) -{ - krb5_error_code ret; - krb5_principal p; - char *login_name = NULL; - -#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) - login_name = getlogin(); -#endif - ret = krb5_init_context (&context); - if (ret) { -#if 0 - warnx("krb5_init_context failed: %d", ret); -#endif - return 1; - } - - if (login_name == NULL || strcmp (login_name, "root") == 0) - login_name = login_info->pw_name; - if (strcmp (su_info->pw_name, "root") == 0) - ret = krb5_make_principal(context, &p, NULL, - login_name, - kerberos_instance, - NULL); - else - ret = krb5_make_principal(context, &p, NULL, - su_info->pw_name, - NULL); - if(ret) - return 1; - - if(su_info->pw_uid != 0 || krb5_kuserok(context, p, su_info->pw_name)) { - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &ccache); - if(ret) { -#if 1 - krb5_warn(context, ret, "krb5_cc_gen_new"); -#endif - krb5_free_principal (context, p); - return 1; - } - ret = krb5_verify_user_lrealm(context, p, ccache, NULL, TRUE, NULL); - krb5_free_principal (context, p); - if(ret) { - krb5_cc_destroy(context, ccache); - switch (ret) { - case KRB5_LIBOS_PWDINTR : - break; - case KRB5KRB_AP_ERR_BAD_INTEGRITY: - case KRB5KRB_AP_ERR_MODIFIED: - krb5_warnx(context, "Password incorrect"); - break; - default : - krb5_warn(context, ret, "krb5_verify_user"); - break; - } - return 1; - } - return 0; - } - krb5_free_principal (context, p); - return 1; -} - -static int -krb5_start_session(void) -{ - krb5_ccache ccache2; - char *cc_name; - int ret; - - ret = krb5_cc_gen_new(context, &krb5_fcc_ops, &ccache2); - if (ret) { - krb5_cc_destroy(context, ccache); - return 1; - } - - ret = krb5_cc_copy_cache(context, ccache, ccache2); - - asprintf(&cc_name, "%s:%s", krb5_cc_get_type(context, ccache2), - krb5_cc_get_name(context, ccache2)); - esetenv("KRB5CCNAME", cc_name, 1); - - /* we want to export this even if we don't directly support KRB4 */ - set_tkfile(); - esetenv("KRBTKFILE", tkfile, 1); - - /* convert creds? */ - if(k_hasafs()) { - if (k_setpag() == 0) - krb5_afslog(context, ccache2, NULL, NULL); - } - - krb5_cc_close(context, ccache2); - krb5_cc_destroy(context, ccache); - return 0; -} -#endif - -#ifdef KRB4 - -static int -krb_verify(const struct passwd *login_info, - const struct passwd *su_info, - const char *kerberos_instance) -{ - int ret; - char *login_name = NULL; - char *name, *instance, realm[REALM_SZ]; - -#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) - login_name = getlogin(); -#endif - - ret = krb_get_lrealm(realm, 1); - - if (login_name == NULL || strcmp (login_name, "root") == 0) - login_name = login_info->pw_name; - if (strcmp (su_info->pw_name, "root") == 0) { - name = login_name; - instance = (char*)kerberos_instance; - } else { - name = su_info->pw_name; - instance = ""; - } - - if(su_info->pw_uid != 0 || - krb_kuserok(name, instance, realm, su_info->pw_name) == 0) { - char password[128]; - char *prompt; - asprintf (&prompt, - "%s's Password: ", - krb_unparse_name_long (name, instance, realm)); - if (des_read_pw_string (password, sizeof (password), prompt, 0)) { - memset (password, 0, sizeof (password)); - free(prompt); - return (1); - } - free(prompt); - if (strlen(password) == 0) - return (1); /* Empty passwords are not allowed */ - set_tkfile(); - setuid(geteuid()); /* need to run as root here */ - ret = krb_verify_user(name, instance, realm, password, - KRB_VERIFY_SECURE, NULL); - memset(password, 0, sizeof(password)); - - if(ret) { - warnx("%s", krb_get_err_text(ret)); - return 1; - } - chown (tkt_string(), su_info->pw_uid, su_info->pw_gid); - return 0; - } - return 1; -} - - -static int -krb_start_session(void) -{ - esetenv("KRBTKFILE", tkfile, 1); - - /* convert creds? */ - if(k_hasafs() && k_setpag() == 0) - krb_afslog(NULL, NULL); - - return 0; -} -#endif - -static int -verify_unix(struct passwd *su) -{ - char prompt[128]; - char pw_buf[1024]; - char *pw; - int r; - if(su->pw_passwd != NULL && *su->pw_passwd != '\0') { - snprintf(prompt, sizeof(prompt), "%s's password: ", su->pw_name); - r = des_read_pw_string(pw_buf, sizeof(pw_buf), prompt, 0); - if(r != 0) - exit(0); - pw = crypt(pw_buf, su->pw_passwd); - memset(pw_buf, 0, sizeof(pw_buf)); - if(strcmp(pw, su->pw_passwd) != 0) - return 1; - } - return 0; -} - -int -main(int argc, char **argv) -{ - int i, optind = 0; - char *su_user; - struct passwd *su_info; - struct passwd *login_info; - - struct passwd *pwd; - - char *shell; - - int ok = 0; - int kerberos_error=1; - - setprogname (argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) - usage(1); - - for (i=0; i < optind; i++) - if (strcmp(argv[i], "-") == 0) { - full_login = 1; - break; - } - - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - if(optind >= argc) - su_user = "root"; - else - su_user = argv[optind++]; - - pwd = k_getpwnam(su_user); - if(pwd == NULL) - errx (1, "unknown login %s", su_user); - if (pwd->pw_uid == 0 && strcmp ("root", su_user) != 0) { - syslog (LOG_ALERT, "NIS attack, user %s has uid 0", su_user); - errx (1, "unknown login %s", su_user); - } - su_info = dup_info(pwd); - if (su_info == NULL) - errx (1, "malloc: out of memory"); - - pwd = getpwuid(getuid()); - if(pwd == NULL) - errx(1, "who are you?"); - login_info = dup_info(pwd); - if (login_info == NULL) - errx (1, "malloc: out of memory"); - if(env_flag) - shell = login_info->pw_shell; - else - shell = su_info->pw_shell; - if(shell == NULL || *shell == '\0') - shell = _PATH_BSHELL; - - -#ifdef KRB5 - if(kerberos_flag && ok == 0 && - (kerberos_error=krb5_verify(login_info, su_info, kerberos_instance)) == 0) - ok = 5; -#endif -#ifdef KRB4 - if(kerberos_flag && ok == 0 && - (kerberos_error = krb_verify(login_info, su_info, kerberos_instance)) == 0) - ok = 4; -#endif - - if(ok == 0 && login_info->pw_uid && verify_unix(su_info) != 0) { - printf("Sorry!\n"); - exit(1); - } - -#ifdef HAVE_GETSPNAM - { struct spwd *sp; - long today; - - sp = getspnam(su_info->pw_name); - if (sp != NULL) { - today = time(0)/(24L * 60 * 60); - if (sp->sp_expire > 0) { - if (today >= sp->sp_expire) { - if (login_info->pw_uid) - errx(1,"Your account has expired."); - else - printf("Your account has expired."); - } - else if (sp->sp_expire - today < 14) - printf("Your account will expire in %d days.\n", - (int)(sp->sp_expire - today)); - } - if (sp->sp_max > 0) { - if (today >= sp->sp_lstchg + sp->sp_max) { - if (login_info->pw_uid) - errx(1,"Your password has expired. Choose a new one."); - else - printf("Your password has expired. Choose a new one."); - } - else if (today >= sp->sp_lstchg + sp->sp_max - sp->sp_warn) - printf("Your account will expire in %d days.\n", - (int)(sp->sp_lstchg + sp->sp_max -today)); - } - } - } -#endif - { - char *tty = ttyname (STDERR_FILENO); - syslog (LOG_NOTICE | LOG_AUTH, tty ? "%s to %s" : "%s to %s on %s", - login_info->pw_name, su_info->pw_name, tty); - } - - - if(!env_flag) { - if(full_login) { - char *t = getenv ("TERM"); - - environ = malloc (10 * sizeof (char *)); - if (environ == NULL) - err (1, "malloc"); - environ[0] = NULL; - esetenv ("PATH", _PATH_DEFPATH, 1); - if (t) - esetenv ("TERM", t, 1); - if (chdir (su_info->pw_dir) < 0) - errx (1, "no directory"); - } - if (full_login || su_info->pw_uid) - esetenv ("USER", su_info->pw_name, 1); - esetenv("HOME", su_info->pw_dir, 1); - esetenv("SHELL", shell, 1); - } - - { - int i; - char **args; - char *p; - - p = strrchr(shell, '/'); - if(p) - p++; - else - p = shell; - - if (strcmp(p, "csh") != 0) - csh_f_flag = 0; - - args = malloc(((cmd ? 2 : 0) + 1 + argc - optind + 1 + csh_f_flag) * sizeof(*args)); - if (args == NULL) - err (1, "malloc"); - i = 0; - if(full_login) - asprintf(&args[i++], "-%s", p); - else - args[i++] = p; - if (cmd) { - args[i++] = "-c"; - args[i++] = cmd; - } - - if (csh_f_flag) - args[i++] = "-f"; - - for (argv += optind; *argv; ++argv) - args[i++] = *argv; - args[i] = NULL; - - if(setgid(su_info->pw_gid) < 0) - err(1, "setgid"); - if (initgroups (su_info->pw_name, su_info->pw_gid) < 0) - err (1, "initgroups"); - if(setuid(su_info->pw_uid) < 0 - || (su_info->pw_uid != 0 && setuid(0) == 0)) - err(1, "setuid"); - -#ifdef KRB5 - if (ok == 5) - krb5_start_session(); -#endif -#ifdef KRB4 - if (ok == 4) - krb_start_session(); -#endif - execv(shell, args); - } - - exit(1); -} |