others

HomepageMembersTimelineGalleryDownloadBug reports
Browse Download file Permalink
/* $Id$ */
/* Copyright (c) 2007-2016 Pierre Pronchery <khorben@defora.org> */
/* This file is part of DeforaOS Unix others */
/* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. */
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <pwd.h>
#include <signal.h>
#include <errno.h>
#include <termios.h>
#ifndef PROGNAME
# define PROGNAME "login"
#endif
#ifndef LOGIN_NOLOGIN
# define LOGIN_NOLOGIN "/etc/nologin"
#endif
/* login */
/* private */
/* prototypes */
static int _login(char const * user);
static int _login_error(char const * message, int ret);
static int _login_nologin(void);
static int _login_usage(void);
/* functions */
/* login */
static int _login_do(char const * user);
static char const * _do_ask_username(void);
static char const * _do_ask_password(void);
static int _login(char const * user)
{
int i;
for(i = 0; i < 3; i++)
if(_login_do(user) != 0)
return 1;
return 0;
}
static int _login_do(char const * user)
{
struct passwd * pw;
char const * password = NULL;
if(user == NULL && (user = _do_ask_username()) == NULL)
return 1;
pw = getpwnam(user);
if(getuid() != 0
&& (password = _do_ask_password()) == NULL)
return 1;
if(pw == NULL /* user does not exist */
|| (password != NULL && (pw->pw_passwd == NULL
|| pw->pw_passwd[0] == '*'
|| strcmp(password, pw->pw_passwd)
!= 0))) /* wrong/encrypted password */
{
fputs("Login failed\n", stderr);
sleep(3);
return 0;
}
if(setgid(pw->pw_gid) != 0)
return -_login_error("setgid", 1);
if(setuid(pw->pw_uid) != 0)
return -_login_error("setuid", 1);
if(_login_nologin() != 0)
return -1;
/* FIXME sanitize environment */
execl(pw->pw_shell, pw->pw_shell, NULL);
_login_error(pw->pw_shell, 1);
exit(2);
return 0;
}
static char const * _do_ask_username(void)
{
static char buf[256];
size_t len;
int c;
fputs("login: ", stderr);
if(fgets(buf, sizeof(buf), stdin) == NULL)
{
if(!feof(stdin))
_login_error("fgets", 1);
return NULL;
}
if((len = strlen(buf)) == 0
|| buf[0] == '\n')
return "";
if(buf[len - 1] == '\n')
{
buf[len - 1] = '\0';
return buf;
}
while((c = fgetc(stdin)) != EOF /* flush line */
&& c != '\n');
return NULL;
}
static char const * _do_ask_password(void)
{
static char buf[256];
struct termios t1;
struct termios t2;
size_t len;
int c;
char * p;
fputs("password: ", stderr);
if(tcgetattr(fileno(stdin), &t1) != 0)
{
fputc('\n', stderr);
_login_error("tcgetattr", 1);
return NULL;
}
t2 = t1;
t2.c_lflag &= ~ECHO;
if(tcsetattr(fileno(stdin), TCSAFLUSH, &t2) != 0)
{
fputc('\n', stderr);
_login_error("tcsetattr", 1);
return NULL;
}
p = fgets(buf, sizeof(buf), stdin);
fputc('\n', stderr);
if(tcsetattr(fileno(stdin), TCSAFLUSH, &t1) != 0)
_login_error("tcsetattr", 1);
if(p == NULL)
{
_login_error("fgets", 1);
return NULL;
}
len = strlen(buf);
if(len == 0)
return NULL;
if(buf[len - 1] == '\n')
{
buf[len - 1] = '\0';
return buf;
}
while((c = fgetc(stdin)) != EOF /* flush line */
&& c != '\n');
return NULL;
}
/* login_error */
static int _login_error(char const * message, int ret)
{
fputs(PROGNAME ": ", stderr);
perror(message);
return ret;
}
/* login_nologin */
static int _login_nologin(void)
{
FILE * fp;
char buf[BUFSIZ];
size_t size;
if((fp = fopen(LOGIN_NOLOGIN, "r")) == NULL)
{
if(errno == ENOENT)
return 0;
return -_login_error(LOGIN_NOLOGIN, 1);
}
fprintf(stdout, "%s\n", "LOGGING IN IS DENIED");
while((size = fread(buf, sizeof(*buf), sizeof(buf), fp)) > 0)
fwrite(buf, sizeof(*buf), size, stdout);
if(!feof(fp))
_login_error(LOGIN_NOLOGIN, 1);
fclose(fp);
fputc('\n', stdout);
return -1;
}
/* login_usage */
static int _login_usage(void)
{
fputs("Usage: " PROGNAME " [user]\n", stderr);
return 1;
}
/* public */
/* functions */
/* main */
int main(int argc, char * argv[])
{
int o;
char * user = NULL;
while((o = getopt(argc, argv, "")) != -1)
switch(o)
{
default:
return _login_usage();
}
if(optind != argc && optind + 1 != argc)
return _login_usage();
signal(SIGINT, SIG_IGN);
return _login(user) ? 0 : 2;
}