2 * Copyright (c) 1996, 1998-2005, 2007-2010
3 * Todd C. Miller <Todd.Miller@courtesan.com>
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 * Sponsored in part by the Defense Advanced Research Projects
18 * Agency (DARPA) and Air Force Research Laboratory, Air Force
19 * Materiel Command, USAF, under agreement number F39502-99-1-0512.
24 #include <sys/types.h>
26 #include <sys/param.h>
35 #endif /* STDC_HEADERS */
37 # if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
41 #endif /* HAVE_STRING_H */
44 #endif /* HAVE_STRINGS_H */
47 #endif /* HAVE_UNISTD_H */
50 #endif /* HAVE_SETAUTHDB */
58 * The passwd and group caches.
60 static struct rbtree *pwcache_byuid, *pwcache_byname;
61 static struct rbtree *grcache_bygid, *grcache_byname;
63 static int cmp_pwuid __P((const void *, const void *));
64 static int cmp_pwnam __P((const void *, const void *));
65 static int cmp_grgid __P((const void *, const void *));
66 static int cmp_grnam __P((const void *, const void *));
76 const struct passwd *pw1 = (const struct passwd *) v1;
77 const struct passwd *pw2 = (const struct passwd *) v2;
78 return(pw1->pw_uid - pw2->pw_uid);
82 * Compare by user name.
89 const struct passwd *pw1 = (const struct passwd *) v1;
90 const struct passwd *pw2 = (const struct passwd *) v2;
91 return(strcasecmp(pw1->pw_name, pw2->pw_name));
94 #define FIELD_SIZE(src, name, size) \
97 size = strlen(src->name) + 1; \
102 #define FIELD_COPY(src, dst, name, size) \
105 memcpy(cp, src->name, size); \
112 * Dynamically allocate space for a struct password and the constituent parts
113 * that we care about. Fills in pw_passwd from shadow file.
115 static struct passwd *
117 const struct passwd *pw;
120 const char *pw_shell;
121 size_t nsize, psize, csize, gsize, dsize, ssize, total;
122 struct passwd *newpw;
124 /* If shell field is empty, expand to _PATH_BSHELL. */
125 pw_shell = (pw->pw_shell == NULL || pw->pw_shell[0] == '\0')
126 ? _PATH_BSHELL : pw->pw_shell;
128 /* Allocate in one big chunk for easy freeing. */
129 nsize = psize = csize = gsize = dsize = ssize = 0;
130 total = sizeof(struct passwd);
131 FIELD_SIZE(pw, pw_name, nsize);
132 FIELD_SIZE(pw, pw_passwd, psize);
133 #ifdef HAVE_LOGIN_CAP_H
134 FIELD_SIZE(pw, pw_class, csize);
136 FIELD_SIZE(pw, pw_gecos, gsize);
137 FIELD_SIZE(pw, pw_dir, dsize);
138 /* Treat shell specially since we expand "" -> _PATH_BSHELL */
139 ssize = strlen(pw_shell) + 1;
142 if ((cp = malloc(total)) == NULL)
144 newpw = (struct passwd *) cp;
147 * Copy in passwd contents and make strings relative to space
148 * at the end of the buffer.
150 memcpy(newpw, pw, sizeof(struct passwd));
151 cp += sizeof(struct passwd);
152 FIELD_COPY(pw, newpw, pw_name, nsize);
153 FIELD_COPY(pw, newpw, pw_passwd, psize);
154 #ifdef HAVE_LOGIN_CAP_H
155 FIELD_COPY(pw, newpw, pw_class, csize);
157 FIELD_COPY(pw, newpw, pw_gecos, gsize);
158 FIELD_COPY(pw, newpw, pw_dir, dsize);
159 /* Treat shell specially since we expand "" -> _PATH_BSHELL */
160 memcpy(cp, pw_shell, ssize);
161 newpw->pw_shell = cp;
167 * Get a password entry by uid and allocate space for it.
168 * Fills in pw_passwd from shadow file if necessary.
174 struct passwd key, *pw;
179 if ((node = rbfind(pwcache_byuid, &key)) != NULL) {
180 pw = (struct passwd *) node->data;
184 * Cache passwd db entry if it exists or a negative response if not.
186 #ifdef HAVE_SETAUTHDB
187 aix_setauthdb(IDtouser(uid));
189 if ((pw = getpwuid(uid)) != NULL) {
191 cp = sudo_getepw(pw); /* get shadow password */
192 if (pw->pw_passwd != NULL)
193 zero_bytes(pw->pw_passwd, strlen(pw->pw_passwd));
195 if (rbinsert(pwcache_byuid, (void *) pw) != NULL)
196 errorx(1, "unable to cache uid %lu (%s), already exists",
199 pw = emalloc(sizeof(*pw));
200 zero_bytes(pw, sizeof(*pw));
202 if (rbinsert(pwcache_byuid, (void *) pw) != NULL)
203 errorx(1, "unable to cache uid %lu, already exists", uid);
205 #ifdef HAVE_SETAUTHDB
209 return(pw->pw_name != NULL ? pw : NULL);
213 * Get a password entry by name and allocate space for it.
214 * Fills in pw_passwd from shadow file if necessary.
220 struct passwd key, *pw;
225 key.pw_name = (char *) name;
226 if ((node = rbfind(pwcache_byname, &key)) != NULL) {
227 pw = (struct passwd *) node->data;
231 * Cache passwd db entry if it exists or a negative response if not.
233 #ifdef HAVE_SETAUTHDB
234 aix_setauthdb((char *) name);
236 if ((pw = getpwnam(name)) != NULL) {
238 cp = sudo_getepw(pw); /* get shadow password */
239 if (pw->pw_passwd != NULL)
240 zero_bytes(pw->pw_passwd, strlen(pw->pw_passwd));
242 if (rbinsert(pwcache_byname, (void *) pw) != NULL)
243 errorx(1, "unable to cache user %s, already exists", name);
245 len = strlen(name) + 1;
246 cp = emalloc(sizeof(*pw) + len);
247 zero_bytes(cp, sizeof(*pw));
248 pw = (struct passwd *) cp;
250 memcpy(cp, name, len);
252 pw->pw_uid = (uid_t) -1;
253 if (rbinsert(pwcache_byname, (void *) pw) != NULL)
254 errorx(1, "unable to cache user %s, already exists", name);
256 #ifdef HAVE_SETAUTHDB
260 return(pw->pw_uid != (uid_t) -1 ? pw : NULL);
264 * Take a uid in string form "#123" and return a faked up passwd struct.
267 sudo_fakepwnam(user, gid)
276 pw = emalloc(sizeof(struct passwd) + len + 1 /* pw_name */ +
277 sizeof("*") /* pw_passwd */ + sizeof("") /* pw_gecos */ +
278 sizeof("/") /* pw_dir */ + sizeof(_PATH_BSHELL));
279 zero_bytes(pw, sizeof(struct passwd));
280 pw->pw_uid = (uid_t) atoi(user + 1);
282 pw->pw_name = (char *)pw + sizeof(struct passwd);
283 memcpy(pw->pw_name, user, len + 1);
284 pw->pw_passwd = pw->pw_name + len + 1;
285 memcpy(pw->pw_passwd, "*", 2);
286 pw->pw_gecos = pw->pw_passwd + 2;
287 pw->pw_gecos[0] = '\0';
288 pw->pw_dir = pw->pw_gecos + 1;
289 memcpy(pw->pw_dir, "/", 2);
290 pw->pw_shell = pw->pw_dir + 2;
291 memcpy(pw->pw_shell, _PATH_BSHELL, sizeof(_PATH_BSHELL));
293 /* Store by uid and by name, overwriting cached version. */
294 if ((node = rbinsert(pwcache_byuid, pw)) != NULL) {
296 node->data = (void *) pw;
298 if ((node = rbinsert(pwcache_byname, pw)) != NULL) {
300 node->data = (void *) pw;
306 * Take a gid in string form "#123" and return a faked up group struct.
309 sudo_fakegrnam(group)
317 gr = emalloc(sizeof(struct group) + len + 1);
318 zero_bytes(gr, sizeof(struct group));
319 gr->gr_gid = (gid_t) atoi(group + 1);
320 gr->gr_name = (char *)gr + sizeof(struct group);
321 strlcpy(gr->gr_name, group, len + 1);
323 /* Store by gid and by name, overwriting cached version. */
324 if ((node = rbinsert(grcache_bygid, gr)) != NULL) {
326 node->data = (void *) gr;
328 if ((node = rbinsert(grcache_byname, gr)) != NULL) {
330 node->data = (void *) gr;
340 if (pwcache_byuid == NULL)
341 pwcache_byuid = rbcreate(cmp_pwuid);
342 if (pwcache_byname == NULL)
343 pwcache_byname = rbcreate(cmp_pwnam);
347 static void pw_free __P((void *));
352 if (pwcache_byuid != NULL) {
353 rbdestroy(pwcache_byuid, pw_free);
354 pwcache_byuid = NULL;
356 if (pwcache_byname != NULL) {
357 rbdestroy(pwcache_byname, NULL);
358 pwcache_byname = NULL;
366 struct passwd *pw = (struct passwd *) v;
368 if (pw->pw_passwd != NULL) {
369 zero_bytes(pw->pw_passwd, strlen(pw->pw_passwd));
370 efree(pw->pw_passwd);
394 const struct group *grp1 = (const struct group *) v1;
395 const struct group *grp2 = (const struct group *) v2;
396 return(grp1->gr_gid - grp2->gr_gid);
400 * Compare by group name.
407 const struct group *grp1 = (const struct group *) v1;
408 const struct group *grp2 = (const struct group *) v2;
409 return(strcasecmp(grp1->gr_name, grp2->gr_name));
414 const struct group *gr;
417 size_t nsize, psize, nmem, total, len;
420 /* Allocate in one big chunk for easy freeing. */
421 nsize = psize = nmem = 0;
422 total = sizeof(struct group);
423 FIELD_SIZE(gr, gr_name, nsize);
424 FIELD_SIZE(gr, gr_passwd, psize);
426 for (nmem = 0; gr->gr_mem[nmem] != NULL; nmem++)
427 total += strlen(gr->gr_mem[nmem]) + 1;
429 total += sizeof(char *) * nmem;
431 if ((cp = malloc(total)) == NULL)
433 newgr = (struct group *)cp;
436 * Copy in group contents and make strings relative to space
437 * at the end of the buffer. Note that gr_mem must come
438 * immediately after struct group to guarantee proper alignment.
440 (void)memcpy(newgr, gr, sizeof(struct group));
441 cp += sizeof(struct group);
443 newgr->gr_mem = (char **)cp;
444 cp += sizeof(char *) * nmem;
445 for (nmem = 0; gr->gr_mem[nmem] != NULL; nmem++) {
446 len = strlen(gr->gr_mem[nmem]) + 1;
447 memcpy(cp, gr->gr_mem[nmem], len);
448 newgr->gr_mem[nmem] = cp;
451 newgr->gr_mem[nmem] = NULL;
453 FIELD_COPY(gr, newgr, gr_passwd, psize);
454 FIELD_COPY(gr, newgr, gr_name, nsize);
460 * Get a group entry by gid and allocate space for it.
466 struct group key, *gr;
470 if ((node = rbfind(grcache_bygid, &key)) != NULL) {
471 gr = (struct group *) node->data;
475 * Cache group db entry if it exists or a negative response if not.
477 if ((gr = getgrgid(gid)) != NULL) {
479 if (rbinsert(grcache_bygid, (void *) gr) != NULL)
480 errorx(1, "unable to cache gid %lu (%s), already exists",
483 gr = emalloc(sizeof(*gr));
484 zero_bytes(gr, sizeof(*gr));
486 if (rbinsert(grcache_bygid, (void *) gr) != NULL)
487 errorx(1, "unable to cache gid %lu, already exists, gid");
490 return(gr->gr_name != NULL ? gr : NULL);
494 * Get a group entry by name and allocate space for it.
500 struct group key, *gr;
505 key.gr_name = (char *) name;
506 if ((node = rbfind(grcache_byname, &key)) != NULL) {
507 gr = (struct group *) node->data;
511 * Cache group db entry if it exists or a negative response if not.
513 if ((gr = getgrnam(name)) != NULL) {
515 if (rbinsert(grcache_byname, (void *) gr) != NULL)
516 errorx(1, "unable to cache group %s, already exists", name);
518 len = strlen(name) + 1;
519 cp = emalloc(sizeof(*gr) + len);
520 zero_bytes(cp, sizeof(*gr));
521 gr = (struct group *) cp;
523 memcpy(cp, name, len);
525 gr->gr_gid = (gid_t) -1;
526 if (rbinsert(grcache_byname, (void *) gr) != NULL)
527 errorx(1, "unable to cache group %s, already exists", name);
530 return(gr->gr_gid != (gid_t) -1 ? gr : NULL);
537 if (grcache_bygid == NULL)
538 grcache_bygid = rbcreate(cmp_grgid);
539 if (grcache_byname == NULL)
540 grcache_byname = rbcreate(cmp_grnam);
547 if (grcache_bygid != NULL) {
548 rbdestroy(grcache_bygid, free);
549 grcache_bygid = NULL;
551 if (grcache_byname != NULL) {
552 rbdestroy(grcache_byname, NULL);
553 grcache_byname = NULL;
568 user_in_group(pw, group)
572 #ifdef HAVE_MBR_CHECK_MEMBERSHIP
581 #ifdef HAVE_SETAUTHDB
582 aix_setauthdb(pw->pw_name);
584 grp = sudo_getgrnam(group);
585 #ifdef HAVE_SETAUTHDB
591 /* check against user's primary (passwd file) gid */
592 if (grp->gr_gid == pw->pw_gid)
595 #ifdef HAVE_MBR_CHECK_MEMBERSHIP
596 /* If we are matching the invoking user use the stashed uuid. */
597 if (strcmp(pw->pw_name, user_name) == 0) {
598 if (mbr_gid_to_uuid(grp->gr_gid, gu) == 0 &&
599 mbr_check_membership(user_uuid, gu, &ismember) == 0 && ismember)
602 if (mbr_uid_to_uuid(pw->pw_uid, uu) == 0 &&
603 mbr_gid_to_uuid(grp->gr_gid, gu) == 0 &&
604 mbr_check_membership(uu, gu, &ismember) == 0 && ismember)
607 #else /* HAVE_MBR_CHECK_MEMBERSHIP */
608 # ifdef HAVE_GETGROUPS
610 * If we are matching the invoking or list user and that user has a
611 * supplementary group vector, check it.
613 if (user_ngroups >= 0 &&
614 strcmp(pw->pw_name, list_pw ? list_pw->pw_name : user_name) == 0) {
615 for (i = 0; i < user_ngroups; i++) {
616 if (grp->gr_gid == user_groups[i])
620 # endif /* HAVE_GETGROUPS */
622 if (grp != NULL && grp->gr_mem != NULL) {
623 for (gr_mem = grp->gr_mem; *gr_mem; gr_mem++) {
624 if (strcmp(*gr_mem, pw->pw_name) == 0)
629 #endif /* HAVE_MBR_CHECK_MEMBERSHIP */