Commit | Line | Data |
---|---|---|
15637ed4 RG |
1 | /*- |
2 | * Copyright (c) 1991 The Regents of the University of California. | |
3 | * All rights reserved. | |
4 | * | |
5 | * Redistribution and use in source and binary forms, with or without | |
6 | * modification, are permitted provided that the following conditions | |
7 | * are met: | |
8 | * 1. Redistributions of source code must retain the above copyright | |
9 | * notice, this list of conditions and the following disclaimer. | |
10 | * 2. Redistributions in binary form must reproduce the above copyright | |
11 | * notice, this list of conditions and the following disclaimer in the | |
12 | * documentation and/or other materials provided with the distribution. | |
13 | * 3. All advertising materials mentioning features or use of this software | |
14 | * must display the following acknowledgement: | |
15 | * This product includes software developed by the University of | |
16 | * California, Berkeley and its contributors. | |
17 | * 4. Neither the name of the University nor the names of its contributors | |
18 | * may be used to endorse or promote products derived from this software | |
19 | * without specific prior written permission. | |
20 | * | |
21 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | |
22 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
31 | * SUCH DAMAGE. | |
32 | */ | |
33 | ||
34 | #ifndef lint | |
35 | char copyright[] = | |
36 | "@(#) Copyright (c) 1991 The Regents of the University of California.\n\ | |
37 | All rights reserved.\n"; | |
38 | #endif /* not lint */ | |
39 | ||
40 | #ifndef lint | |
41 | static char sccsid[] = "@(#)pwd_mkdb.c 5.5 (Berkeley) 5/6/91"; | |
42 | #endif /* not lint */ | |
43 | ||
44 | #include <sys/param.h> | |
45 | #include <sys/stat.h> | |
46 | #include <signal.h> | |
47 | #include <fcntl.h> | |
48 | #include <db.h> | |
49 | #include <pwd.h> | |
50 | #include <errno.h> | |
51 | #include <limits.h> | |
52 | #include <stdio.h> | |
53 | #include <string.h> | |
0e7b8dd7 | 54 | #include <stdlib.h> |
15637ed4 | 55 | |
b7ea24a2 | 56 | /* #define PW_COMPACT */ |
a312835c AC |
57 | /* Compact pwd.db/spwd.db structure by Alex G. Bulushev, bag@demos.su */ |
58 | #ifdef PW_COMPACT | |
59 | # define HI_BSIZE 1024 | |
60 | # define HI_CACHE (512 * 1024) | |
61 | # define HI_SCACHE (128 * 1024) | |
62 | #else | |
63 | # define HI_BSIZE 4096 | |
64 | # define HI_CACHE (2048 * 1024) | |
65 | #endif | |
66 | ||
15637ed4 RG |
67 | #define INSECURE 1 |
68 | #define SECURE 2 | |
69 | #define PERM_INSECURE (S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH) | |
70 | #define PERM_SECURE (S_IRUSR|S_IWUSR) | |
71 | ||
a312835c AC |
72 | HASHINFO openinfo = { |
73 | HI_BSIZE, /* bsize */ | |
74 | 32, /* ffactor */ | |
75 | 256, /* nelem */ | |
76 | HI_CACHE, /* cachesize */ | |
77 | NULL, /* hash() */ | |
78 | 0 /* lorder */ | |
79 | }; | |
80 | ||
81 | #ifdef PW_COMPACT | |
82 | HASHINFO sopeninfo = { | |
83 | HI_BSIZE, /* bsize */ | |
84 | 32, /* ffactor */ | |
85 | 256, /* nelem */ | |
86 | HI_SCACHE, /* cachesize */ | |
87 | NULL, /* hash() */ | |
88 | 0 /* lorder */ | |
89 | }; | |
90 | #endif | |
91 | ||
15637ed4 RG |
92 | char *progname = "pwd_mkdb"; |
93 | ||
94 | static enum state { FILE_INSECURE, FILE_SECURE, FILE_ORIG } clean; | |
95 | static struct passwd pwd; /* password structure */ | |
96 | static char *pname; /* password file name */ | |
0e7b8dd7 | 97 | static char prefix[MAXPATHLEN]; |
15637ed4 RG |
98 | |
99 | main(argc, argv) | |
100 | int argc; | |
101 | char **argv; | |
102 | { | |
103 | extern int optind; | |
104 | register int len, makeold; | |
105 | register char *p, *t; | |
106 | FILE *fp, *oldfp; | |
107 | DB *dp, *edp; | |
108 | sigset_t set; | |
109 | DBT data, key; | |
a312835c AC |
110 | #ifdef PW_COMPACT |
111 | DBT pdata, sdata; | |
112 | #endif | |
15637ed4 RG |
113 | int ch, cnt, tfd; |
114 | char buf[MAX(MAXPATHLEN, LINE_MAX * 2)], tbuf[1024]; | |
0e7b8dd7 | 115 | char buf2[MAXPATHLEN]; |
15637ed4 | 116 | |
f0c7fd6d | 117 | umask(022); |
0e7b8dd7 | 118 | strcpy(prefix, _PATH_PWD); |
15637ed4 | 119 | makeold = 0; |
0e7b8dd7 | 120 | while ((ch = getopt(argc, argv, "d:pv")) != EOF) |
15637ed4 | 121 | switch(ch) { |
0e7b8dd7 SW |
122 | case 'd': |
123 | strcpy(prefix, optarg); | |
124 | break; | |
15637ed4 RG |
125 | case 'p': /* create V7 "file.orig" */ |
126 | makeold = 1; | |
127 | break; | |
0e7b8dd7 | 128 | case 'v': /* backward compatible */ |
15637ed4 RG |
129 | break; |
130 | case '?': | |
131 | default: | |
132 | usage(); | |
133 | } | |
134 | argc -= optind; | |
135 | argv += optind; | |
136 | ||
137 | if (argc != 1) | |
138 | usage(); | |
139 | ||
140 | /* | |
141 | * This could be done to allow the user to interrupt. Probably | |
142 | * not worth the effort. | |
143 | */ | |
144 | sigemptyset(&set); | |
145 | sigaddset(&set, SIGTSTP); | |
146 | sigaddset(&set, SIGHUP); | |
147 | sigaddset(&set, SIGINT); | |
148 | sigaddset(&set, SIGQUIT); | |
149 | sigaddset(&set, SIGTERM); | |
150 | (void)sigprocmask(SIG_BLOCK, &set, (sigset_t *)NULL); | |
151 | ||
152 | pname = *argv; | |
153 | /* Open the original password file */ | |
154 | if (!(fp = fopen(pname, "r"))) | |
155 | error(pname); | |
156 | ||
157 | /* Open the temporary insecure password database. */ | |
0e7b8dd7 | 158 | (void)sprintf(buf, "%s/%s.tmp", prefix, _MP_DB); |
a312835c AC |
159 | dp = dbopen(buf, |
160 | O_RDWR|O_CREAT|O_EXCL, PERM_INSECURE, DB_HASH, &openinfo); | |
15637ed4 RG |
161 | if (!dp) |
162 | error(buf); | |
163 | clean = FILE_INSECURE; | |
164 | ||
a312835c | 165 | #ifdef PW_COMPACT |
15637ed4 | 166 | /* Open the temporary encrypted password database. */ |
0e7b8dd7 | 167 | (void)sprintf(buf, "%s/%s.tmp", prefix, _SMP_DB); |
a312835c AC |
168 | edp = dbopen(buf, |
169 | O_RDWR|O_CREAT|O_EXCL, PERM_SECURE, DB_HASH, &sopeninfo); | |
15637ed4 RG |
170 | if (!edp) |
171 | error(buf); | |
172 | clean = FILE_SECURE; | |
a312835c | 173 | #endif |
15637ed4 RG |
174 | |
175 | /* | |
176 | * Open file for old password file. Minor trickiness -- don't want to | |
177 | * chance the file already existing, since someone (stupidly) might | |
178 | * still be using this for permission checking. So, open it first and | |
179 | * fdopen the resulting fd. Don't really care who reads it. | |
180 | */ | |
181 | if (makeold) { | |
182 | (void)sprintf(buf, "%s.orig", pname); | |
183 | if ((tfd = open(buf, | |
184 | O_WRONLY|O_CREAT|O_EXCL, PERM_INSECURE)) < 0) | |
185 | error(buf); | |
186 | if (!(oldfp = fdopen(tfd, "w"))) | |
187 | error(buf); | |
188 | clean = FILE_ORIG; | |
189 | } | |
190 | ||
191 | /* | |
192 | * The databases actually contain three copies of the original data. | |
193 | * Each password file entry is converted into a rough approximation | |
194 | * of a ``struct passwd'', with the strings placed inline. This | |
195 | * object is then stored as the data for three separate keys. The | |
196 | * first key * is the pw_name field prepended by the _PW_KEYBYNAME | |
197 | * character. The second key is the pw_uid field prepended by the | |
198 | * _PW_KEYBYUID character. The third key is the line number in the | |
199 | * original file prepended by the _PW_KEYBYNUM character. (The special | |
200 | * characters are prepended to ensure that the keys do not collide.) | |
201 | */ | |
202 | data.data = (u_char *)buf; | |
203 | key.data = (u_char *)tbuf; | |
204 | for (cnt = 1; scan(fp, &pwd); ++cnt) { | |
a312835c AC |
205 | #ifdef PW_COMPACT |
206 | pdata.data = (u_char *)&cnt; | |
207 | pdata.size = sizeof(int); | |
208 | sdata.data = (u_char *)pwd.pw_passwd; | |
209 | sdata.size = strlen(pwd.pw_passwd) + 1; | |
210 | #endif | |
15637ed4 RG |
211 | #define COMPACT(e) t = e; while (*p++ = *t++); |
212 | /* Create insecure data. */ | |
213 | p = buf; | |
214 | COMPACT(pwd.pw_name); | |
a312835c | 215 | #ifndef PW_COMPACT |
15637ed4 | 216 | COMPACT("*"); |
a312835c | 217 | #endif |
15637ed4 RG |
218 | bcopy((char *)&pwd.pw_uid, p, sizeof(int)); |
219 | p += sizeof(int); | |
220 | bcopy((char *)&pwd.pw_gid, p, sizeof(int)); | |
221 | p += sizeof(int); | |
222 | bcopy((char *)&pwd.pw_change, p, sizeof(time_t)); | |
223 | p += sizeof(time_t); | |
224 | COMPACT(pwd.pw_class); | |
225 | COMPACT(pwd.pw_gecos); | |
226 | COMPACT(pwd.pw_dir); | |
227 | COMPACT(pwd.pw_shell); | |
228 | bcopy((char *)&pwd.pw_expire, p, sizeof(time_t)); | |
229 | p += sizeof(time_t); | |
230 | data.size = p - buf; | |
231 | ||
232 | /* Store insecure by name. */ | |
233 | tbuf[0] = _PW_KEYBYNAME; | |
234 | len = strlen(pwd.pw_name); | |
235 | bcopy(pwd.pw_name, tbuf + 1, len); | |
236 | key.size = len + 1; | |
a312835c AC |
237 | #ifdef PW_COMPACT |
238 | if ((dp->put)(dp, &key, &pdata, R_NOOVERWRITE) == -1) | |
239 | #else | |
240 | if ((dp->put)(dp, &key, &data, R_NOOVERWRITE) == -1) | |
241 | #endif | |
242 | error("put"); | |
243 | ||
244 | /* Store insecure by uid. */ | |
245 | tbuf[0] = _PW_KEYBYUID; | |
246 | bcopy((char *)&pwd.pw_uid, tbuf + 1, sizeof(pwd.pw_uid)); | |
247 | key.size = sizeof(pwd.pw_uid) + 1; | |
248 | #ifdef PW_COMPACT | |
249 | if ((dp->put)(dp, &key, &pdata, R_NOOVERWRITE) == -1) | |
250 | #else | |
15637ed4 | 251 | if ((dp->put)(dp, &key, &data, R_NOOVERWRITE) == -1) |
a312835c | 252 | #endif |
15637ed4 RG |
253 | error("put"); |
254 | ||
255 | /* Store insecure by number. */ | |
256 | tbuf[0] = _PW_KEYBYNUM; | |
257 | bcopy((char *)&cnt, tbuf + 1, sizeof(cnt)); | |
258 | key.size = sizeof(cnt) + 1; | |
259 | if ((dp->put)(dp, &key, &data, R_NOOVERWRITE) == -1) | |
260 | error("put"); | |
261 | ||
a312835c AC |
262 | #ifdef PW_COMPACT |
263 | /* Store secure. */ | |
264 | if ((edp->put)(edp, &key, &sdata, R_NOOVERWRITE) == -1) | |
15637ed4 | 265 | error("put"); |
a312835c AC |
266 | #endif |
267 | ||
268 | /* Create original format password file entry */ | |
269 | if (makeold) | |
270 | (void)fprintf(oldfp, "%s:*:%d:%d:%s:%s:%s\n", | |
271 | pwd.pw_name, pwd.pw_uid, pwd.pw_gid, pwd.pw_gecos, | |
272 | pwd.pw_dir, pwd.pw_shell); | |
273 | ||
274 | } | |
275 | (void)(dp->close)(dp); | |
276 | #ifdef PW_COMPACT | |
277 | (void)(edp->close)(edp); | |
278 | #endif | |
279 | ||
280 | if (makeold) { | |
281 | (void)fflush(oldfp); | |
282 | (void)fsync(fileno(oldfp)); | |
283 | (void)fclose(oldfp); | |
284 | } | |
285 | ||
286 | #ifndef PW_COMPACT | |
287 | /* Open the temporary encrypted password database. */ | |
288 | (void)sprintf(buf, "%s/%s.tmp", prefix, _SMP_DB); | |
289 | edp = dbopen(buf, | |
290 | O_RDWR|O_CREAT|O_EXCL, PERM_SECURE, DB_HASH, &openinfo); | |
291 | if (!edp) | |
292 | error(buf); | |
293 | clean = FILE_SECURE; | |
294 | ||
295 | rewind(fp); | |
296 | for (cnt = 1; scan(fp, &pwd); ++cnt) { | |
15637ed4 RG |
297 | |
298 | /* Create secure data. */ | |
299 | p = buf; | |
300 | COMPACT(pwd.pw_name); | |
301 | COMPACT(pwd.pw_passwd); | |
302 | bcopy((char *)&pwd.pw_uid, p, sizeof(int)); | |
303 | p += sizeof(int); | |
304 | bcopy((char *)&pwd.pw_gid, p, sizeof(int)); | |
305 | p += sizeof(int); | |
306 | bcopy((char *)&pwd.pw_change, p, sizeof(time_t)); | |
307 | p += sizeof(time_t); | |
308 | COMPACT(pwd.pw_class); | |
309 | COMPACT(pwd.pw_gecos); | |
310 | COMPACT(pwd.pw_dir); | |
311 | COMPACT(pwd.pw_shell); | |
312 | bcopy((char *)&pwd.pw_expire, p, sizeof(time_t)); | |
313 | p += sizeof(time_t); | |
314 | data.size = p - buf; | |
315 | ||
316 | /* Store secure by name. */ | |
317 | tbuf[0] = _PW_KEYBYNAME; | |
318 | len = strlen(pwd.pw_name); | |
319 | bcopy(pwd.pw_name, tbuf + 1, len); | |
320 | key.size = len + 1; | |
a312835c | 321 | if ((edp->put)(edp, &key, &data, R_NOOVERWRITE) == -1) |
15637ed4 RG |
322 | error("put"); |
323 | ||
324 | /* Store secure by number. */ | |
325 | tbuf[0] = _PW_KEYBYNUM; | |
326 | bcopy((char *)&cnt, tbuf + 1, sizeof(cnt)); | |
327 | key.size = sizeof(cnt) + 1; | |
a312835c | 328 | if ((edp->put)(edp, &key, &data, R_NOOVERWRITE) == -1) |
15637ed4 RG |
329 | error("put"); |
330 | ||
331 | /* Store secure by uid. */ | |
332 | tbuf[0] = _PW_KEYBYUID; | |
333 | bcopy((char *)&pwd.pw_uid, tbuf + 1, sizeof(pwd.pw_uid)); | |
334 | key.size = sizeof(pwd.pw_uid) + 1; | |
a312835c | 335 | if ((edp->put)(edp, &key, &data, R_NOOVERWRITE) == -1) |
15637ed4 RG |
336 | error("put"); |
337 | ||
15637ed4 | 338 | } |
a312835c | 339 | |
15637ed4 | 340 | (void)(edp->close)(edp); |
a312835c | 341 | #endif |
15637ed4 RG |
342 | |
343 | /* Set master.passwd permissions, in case caller forgot. */ | |
344 | (void)fchmod(fileno(fp), S_IRUSR|S_IWUSR); | |
345 | (void)fclose(fp); | |
346 | ||
347 | /* Install as the real password files. */ | |
0e7b8dd7 SW |
348 | (void)sprintf(buf, "%s/%s.tmp", prefix, _MP_DB); |
349 | (void)sprintf(buf2, "%s/%s", prefix, _MP_DB); | |
350 | mv(buf, buf2); | |
351 | (void)sprintf(buf, "%s/%s.tmp", prefix, _SMP_DB); | |
352 | (void)sprintf(buf2, "%s/%s", prefix, _SMP_DB); | |
353 | mv(buf, buf2); | |
15637ed4 | 354 | if (makeold) { |
0e7b8dd7 | 355 | (void)sprintf(buf2, "%s/%s", prefix, _PASSWD); |
15637ed4 | 356 | (void)sprintf(buf, "%s.orig", pname); |
0e7b8dd7 | 357 | mv(buf, buf2); |
15637ed4 RG |
358 | } |
359 | /* | |
360 | * Move the master password LAST -- chpass(1), passwd(1) and vipw(8) | |
361 | * all use flock(2) on it to block other incarnations of themselves. | |
362 | * The rename means that everything is unlocked, as the original file | |
363 | * can no longer be accessed. | |
364 | */ | |
0e7b8dd7 SW |
365 | (void)sprintf(buf, "%s/%s", prefix, _MASTERPASSWD); |
366 | mv(pname, buf); | |
15637ed4 RG |
367 | exit(0); |
368 | } | |
369 | ||
a312835c | 370 | int |
15637ed4 RG |
371 | scan(fp, pw) |
372 | FILE *fp; | |
373 | struct passwd *pw; | |
374 | { | |
375 | static int lcnt; | |
376 | static char line[LINE_MAX]; | |
377 | char *p; | |
378 | ||
379 | if (!fgets(line, sizeof(line), fp)) | |
380 | return(0); | |
381 | ++lcnt; | |
382 | /* | |
383 | * ``... if I swallow anything evil, put your fingers down my | |
384 | * throat...'' | |
385 | * -- The Who | |
386 | */ | |
387 | if (!(p = index(line, '\n'))) { | |
388 | (void)fprintf(stderr, "pwd_mkdb: line too long\n"); | |
389 | goto fmt; | |
390 | ||
391 | } | |
392 | *p = '\0'; | |
393 | if (!pw_scan(line, pw)) { | |
394 | (void)fprintf(stderr, "pwd_mkdb: at line #%d.\n", lcnt); | |
395 | fmt: errno = EFTYPE; | |
396 | error(pname); | |
15637ed4 | 397 | } |
a312835c | 398 | return(1); |
15637ed4 RG |
399 | } |
400 | ||
401 | mv(from, to) | |
402 | char *from, *to; | |
403 | { | |
404 | int sverrno; | |
405 | char buf[MAXPATHLEN]; | |
406 | ||
407 | if (rename(from, to)) { | |
408 | sverrno = errno; | |
409 | (void)sprintf(buf, "%s to %s", from, to); | |
410 | errno = sverrno; | |
411 | error(buf); | |
412 | } | |
413 | } | |
414 | ||
415 | error(name) | |
416 | char *name; | |
417 | { | |
418 | (void)fprintf(stderr, "pwd_mkdb: %s: %s\n", name, strerror(errno)); | |
419 | cleanup(); | |
420 | exit(1); | |
421 | } | |
422 | ||
423 | cleanup() | |
424 | { | |
425 | char buf[MAXPATHLEN]; | |
426 | ||
427 | switch(clean) { | |
428 | case FILE_ORIG: | |
429 | (void)sprintf(buf, "%s.orig", pname); | |
430 | (void)unlink(buf); | |
431 | /* FALLTHROUGH */ | |
432 | case FILE_SECURE: | |
0e7b8dd7 | 433 | (void)sprintf(buf, "%s/%s.tmp", prefix, _SMP_DB); |
15637ed4 RG |
434 | (void)unlink(buf); |
435 | /* FALLTHROUGH */ | |
436 | case FILE_INSECURE: | |
0e7b8dd7 | 437 | (void)sprintf(buf, "%s/%s.tmp", prefix, _MP_DB); |
15637ed4 RG |
438 | (void)unlink(buf); |
439 | } | |
440 | } | |
441 | ||
442 | usage() | |
443 | { | |
0e7b8dd7 | 444 | (void)fprintf(stderr, "usage: pwd_mkdb [-p] [-d <dest dir>] file\n"); |
15637ed4 RG |
445 | exit(1); |
446 | } |