2
* Copyright (c) 1996, 1998-2005, 2007-2011
3
* Todd C. Miller <Todd.Miller@courtesan.com>
5
* Permission to use, copy, modify, and distribute this software for any
6
* purpose with or without fee is hereby granted, provided that the above
7
* copyright notice and this permission notice appear in all copies.
9
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
* Sponsored in part by the Defense Advanced Research Projects
18
* Agency (DARPA) and Air Force Research Laboratory, Air Force
19
* Materiel Command, USAF, under agreement number F39502-99-1-0512.
24
#include <sys/types.h>
26
#include <sys/param.h>
35
#endif /* STDC_HEADERS */
37
# if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
41
#endif /* HAVE_STRING_H */
44
#endif /* HAVE_STRINGS_H */
47
#endif /* HAVE_UNISTD_H */
50
#endif /* HAVE_SETAUTHDB */
55
#endif /* HAVE_UTMPX_H */
64
* The passwd and group caches.
66
static struct rbtree *pwcache_byuid, *pwcache_byname;
67
static struct rbtree *grcache_bygid, *grcache_byname;
68
static struct rbtree *grlist_cache;
70
static int cmp_pwuid(const void *, const void *);
71
static int cmp_pwnam(const void *, const void *);
72
static int cmp_grgid(const void *, const void *);
74
#define cmp_grnam cmp_pwnam
76
#define ptr_to_item(p) ((struct cache_item *)((char *)(p) - sizeof(struct cache_item)))
90
struct group_list *grlist;
98
cmp_pwuid(const void *v1, const void *v2)
100
const struct cache_item *ci1 = (const struct cache_item *) v1;
101
const struct cache_item *ci2 = (const struct cache_item *) v2;
102
return ci1->k.uid - ci2->k.uid;
106
* Compare by user name.
109
cmp_pwnam(const void *v1, const void *v2)
111
const struct cache_item *ci1 = (const struct cache_item *) v1;
112
const struct cache_item *ci2 = (const struct cache_item *) v2;
113
return strcmp(ci1->k.name, ci2->k.name);
116
#define FIELD_SIZE(src, name, size) \
119
size = strlen(src->name) + 1; \
124
#define FIELD_COPY(src, dst, name, size) \
127
memcpy(cp, src->name, size); \
134
* Dynamically allocate space for a struct item plus the key and data
135
* elements. If name is non-NULL it is used as the key, else the
136
* uid is the key. Fills in datum from struct password.
138
* We would like to fill in the encrypted password too but the
139
* call to the shadow function could overwrite the pw buffer (NIS).
141
static struct cache_item *
142
make_pwitem(const struct passwd *pw, const char *name)
145
const char *pw_shell;
146
size_t nsize, psize, csize, gsize, dsize, ssize, total;
147
struct cache_item *item;
148
struct passwd *newpw;
150
/* If shell field is empty, expand to _PATH_BSHELL. */
151
pw_shell = (pw->pw_shell == NULL || pw->pw_shell[0] == '\0')
152
? _PATH_BSHELL : pw->pw_shell;
154
/* Allocate in one big chunk for easy freeing. */
155
nsize = psize = csize = gsize = dsize = ssize = 0;
156
total = sizeof(struct cache_item) + sizeof(struct passwd);
157
FIELD_SIZE(pw, pw_name, nsize);
158
FIELD_SIZE(pw, pw_passwd, psize);
159
#ifdef HAVE_LOGIN_CAP_H
160
FIELD_SIZE(pw, pw_class, csize);
162
FIELD_SIZE(pw, pw_gecos, gsize);
163
FIELD_SIZE(pw, pw_dir, dsize);
164
/* Treat shell specially since we expand "" -> _PATH_BSHELL */
165
ssize = strlen(pw_shell) + 1;
168
total += strlen(name) + 1;
170
/* Allocate space for struct item, struct passwd and the strings. */
171
item = emalloc(total);
172
cp = (char *) item + sizeof(struct cache_item);
175
* Copy in passwd contents and make strings relative to space
176
* at the end of the buffer.
178
newpw = (struct passwd *) cp;
179
memcpy(newpw, pw, sizeof(struct passwd));
180
cp += sizeof(struct passwd);
181
FIELD_COPY(pw, newpw, pw_name, nsize);
182
FIELD_COPY(pw, newpw, pw_passwd, psize);
183
#ifdef HAVE_LOGIN_CAP_H
184
FIELD_COPY(pw, newpw, pw_class, csize);
186
FIELD_COPY(pw, newpw, pw_gecos, gsize);
187
FIELD_COPY(pw, newpw, pw_dir, dsize);
188
/* Treat shell specially since we expand "" -> _PATH_BSHELL */
189
memcpy(cp, pw_shell, ssize);
190
newpw->pw_shell = cp;
193
/* Set key and datum. */
195
memcpy(cp, name, strlen(name) + 1);
198
item->k.uid = pw->pw_uid;
207
pw_addref(struct passwd *pw)
209
ptr_to_item(pw)->refcnt++;
213
pw_delref_item(void *v)
215
struct cache_item *item = v;
217
if (--item->refcnt == 0)
222
pw_delref(struct passwd *pw)
224
pw_delref_item(ptr_to_item(pw));
228
* Get a password entry by uid and allocate space for it.
229
* Fills in pw_passwd from shadow file if necessary.
232
sudo_getpwuid(uid_t uid)
234
struct cache_item key, *item;
238
if ((node = rbfind(pwcache_byuid, &key)) != NULL) {
239
item = (struct cache_item *) node->data;
243
* Cache passwd db entry if it exists or a negative response if not.
245
#ifdef HAVE_SETAUTHDB
246
aix_setauthdb(IDtouser(uid));
248
if ((key.d.pw = getpwuid(uid)) != NULL) {
249
item = make_pwitem(key.d.pw, NULL);
250
if (rbinsert(pwcache_byuid, item) != NULL)
251
errorx(1, _("unable to cache uid %u (%s), already exists"),
252
(unsigned int) uid, item->d.pw->pw_name);
254
item = emalloc(sizeof(*item));
258
if (rbinsert(pwcache_byuid, item) != NULL)
259
errorx(1, _("unable to cache uid %u, already exists"),
262
#ifdef HAVE_SETAUTHDB
271
* Get a password entry by name and allocate space for it.
272
* Fills in pw_passwd from shadow file if necessary.
275
sudo_getpwnam(const char *name)
277
struct cache_item key, *item;
281
key.k.name = (char *) name;
282
if ((node = rbfind(pwcache_byname, &key)) != NULL) {
283
item = (struct cache_item *) node->data;
287
* Cache passwd db entry if it exists or a negative response if not.
289
#ifdef HAVE_SETAUTHDB
290
aix_setauthdb((char *) name);
292
if ((key.d.pw = getpwnam(name)) != NULL) {
293
item = make_pwitem(key.d.pw, name);
294
if (rbinsert(pwcache_byname, item) != NULL)
295
errorx(1, _("unable to cache user %s, already exists"), name);
297
len = strlen(name) + 1;
298
item = emalloc(sizeof(*item) + len);
300
item->k.name = (char *) item + sizeof(*item);
301
memcpy(item->k.name, name, len);
303
if (rbinsert(pwcache_byname, item) != NULL)
304
errorx(1, _("unable to cache user %s, already exists"), name);
306
#ifdef HAVE_SETAUTHDB
315
* Take a user, uid and gid and return a faked up passwd struct.
318
sudo_fakepwnamid(const char *user, uid_t uid, gid_t gid)
320
struct cache_item *item;
326
namelen = strlen(user);
327
len = sizeof(*item) + sizeof(*pw) + namelen + 1 /* pw_name */ +
328
sizeof("*") /* pw_passwd */ + sizeof("") /* pw_gecos */ +
329
sizeof("/") /* pw_dir */ + sizeof(_PATH_BSHELL);
331
for (i = 0; i < 2; i++) {
333
zero_bytes(item, sizeof(*item) + sizeof(*pw));
334
pw = (struct passwd *) ((char *)item + sizeof(*item));
337
pw->pw_name = (char *)pw + sizeof(struct passwd);
338
memcpy(pw->pw_name, user, namelen + 1);
339
pw->pw_passwd = pw->pw_name + namelen + 1;
340
memcpy(pw->pw_passwd, "*", 2);
341
pw->pw_gecos = pw->pw_passwd + 2;
342
pw->pw_gecos[0] = '\0';
343
pw->pw_dir = pw->pw_gecos + 1;
344
memcpy(pw->pw_dir, "/", 2);
345
pw->pw_shell = pw->pw_dir + 2;
346
memcpy(pw->pw_shell, _PATH_BSHELL, sizeof(_PATH_BSHELL));
351
/* Store by uid, overwriting cached version. */
352
item->k.uid = pw->pw_uid;
353
if ((node = rbinsert(pwcache_byuid, item)) != NULL) {
354
pw_delref_item(node->data);
358
/* Store by name, overwriting cached version. */
359
item->k.name = pw->pw_name;
360
if ((node = rbinsert(pwcache_byname, item)) != NULL) {
361
pw_delref_item(node->data);
371
* Take a uid in string form "#123" and return a faked up passwd struct.
374
sudo_fakepwnam(const char *user, gid_t gid)
378
uid = (uid_t) atoi(user + 1);
379
return sudo_fakepwnamid(user, uid, gid);
386
if (pwcache_byuid == NULL)
387
pwcache_byuid = rbcreate(cmp_pwuid);
388
if (pwcache_byname == NULL)
389
pwcache_byname = rbcreate(cmp_pwnam);
393
sudo_freepwcache(void)
395
if (pwcache_byuid != NULL) {
396
rbdestroy(pwcache_byuid, pw_delref_item);
397
pwcache_byuid = NULL;
399
if (pwcache_byname != NULL) {
400
rbdestroy(pwcache_byname, pw_delref_item);
401
pwcache_byname = NULL;
416
cmp_grgid(const void *v1, const void *v2)
418
const struct cache_item *ci1 = (const struct cache_item *) v1;
419
const struct cache_item *ci2 = (const struct cache_item *) v2;
420
return ci1->k.gid - ci2->k.gid;
424
* Dynamically allocate space for a struct item plus the key and data
425
* elements. If name is non-NULL it is used as the key, else the
426
* gid is the key. Fills in datum from struct group.
428
static struct cache_item *
429
make_gritem(const struct group *gr, const char *name)
432
size_t nsize, psize, nmem, total, len;
433
struct cache_item *item;
436
/* Allocate in one big chunk for easy freeing. */
437
nsize = psize = nmem = 0;
438
total = sizeof(struct cache_item) + sizeof(struct group);
439
FIELD_SIZE(gr, gr_name, nsize);
440
FIELD_SIZE(gr, gr_passwd, psize);
442
for (nmem = 0; gr->gr_mem[nmem] != NULL; nmem++)
443
total += strlen(gr->gr_mem[nmem]) + 1;
445
total += sizeof(char *) * nmem;
448
total += strlen(name) + 1;
450
item = emalloc(total);
451
cp = (char *) item + sizeof(struct cache_item);
454
* Copy in group contents and make strings relative to space
455
* at the end of the buffer. Note that gr_mem must come
456
* immediately after struct group to guarantee proper alignment.
458
newgr = (struct group *)cp;
459
memcpy(newgr, gr, sizeof(struct group));
460
cp += sizeof(struct group);
462
newgr->gr_mem = (char **)cp;
463
cp += sizeof(char *) * nmem;
464
for (nmem = 0; gr->gr_mem[nmem] != NULL; nmem++) {
465
len = strlen(gr->gr_mem[nmem]) + 1;
466
memcpy(cp, gr->gr_mem[nmem], len);
467
newgr->gr_mem[nmem] = cp;
470
newgr->gr_mem[nmem] = NULL;
472
FIELD_COPY(gr, newgr, gr_passwd, psize);
473
FIELD_COPY(gr, newgr, gr_name, nsize);
475
/* Set key and datum. */
477
memcpy(cp, name, strlen(name) + 1);
480
item->k.gid = gr->gr_gid;
489
# define GROUPNAME_LEN (sizeof((struct utmpx *)0)->ut_user + 1)
491
# ifdef HAVE_STRUCT_UTMP_UT_USER
492
# define GROUPNAME_LEN (sizeof((struct utmp *)0)->ut_user + 1)
494
# define GROUPNAME_LEN (sizeof((struct utmp *)0)->ut_name + 1)
496
#endif /* HAVE_UTMPX_H */
499
* Dynamically allocate space for a struct item plus the key and data
500
* elements. Fills in datum from the groups and gids arrays.
502
static struct cache_item *
503
make_grlist_item(const char *user, GETGROUPS_T *gids, int ngids)
506
size_t i, nsize, ngroups, total, len;
507
struct cache_item *item;
508
struct group_list *grlist;
511
#ifdef HAVE_SETAUTHDB
512
aix_setauthdb((char *) user);
515
/* Allocate in one big chunk for easy freeing. */
516
nsize = strlen(user) + 1;
517
total = sizeof(struct cache_item) + sizeof(struct group_list) + nsize;
518
total += sizeof(char *) * ngids;
519
total += sizeof(gid_t *) * ngids;
520
total += GROUPNAME_LEN * ngids;
523
item = emalloc(total);
524
cp = (char *) item + sizeof(struct cache_item);
527
* Copy in group list and make pointers relative to space
528
* at the end of the buffer. Note that the groups array must come
529
* immediately after struct group to guarantee proper alignment.
531
grlist = (struct group_list *)cp;
532
zero_bytes(grlist, sizeof(struct group_list));
533
cp += sizeof(struct group_list);
534
grlist->groups = (char **)cp;
535
cp += sizeof(char *) * ngids;
536
grlist->gids = (gid_t *)cp;
537
cp += sizeof(gid_t) * ngids;
539
/* Set key and datum. */
540
memcpy(cp, user, nsize);
542
item->d.grlist = grlist;
549
for (i = 0; i < ngids; i++)
550
grlist->gids[i] = gids[i];
551
grlist->ngids = ngids;
554
* Resolve and store group names by ID.
557
for (i = 0; i < ngids; i++) {
558
if ((grp = sudo_getgrgid(gids[i])) != NULL) {
559
len = strlen(grp->gr_name) + 1;
560
if (cp - (char *)item + len > total) {
561
total += len + GROUPNAME_LEN;
566
memcpy(cp, grp->gr_name, len);
567
grlist->groups[ngroups++] = cp;
572
grlist->ngroups = ngroups;
574
#ifdef HAVE_SETAUTHDB
582
gr_addref(struct group *gr)
584
ptr_to_item(gr)->refcnt++;
588
gr_delref_item(void *v)
590
struct cache_item *item = v;
592
if (--item->refcnt == 0)
597
gr_delref(struct group *gr)
599
gr_delref_item(ptr_to_item(gr));
603
* Get a group entry by gid and allocate space for it.
606
sudo_getgrgid(gid_t gid)
608
struct cache_item key, *item;
612
if ((node = rbfind(grcache_bygid, &key)) != NULL) {
613
item = (struct cache_item *) node->data;
617
* Cache group db entry if it exists or a negative response if not.
619
if ((key.d.gr = getgrgid(gid)) != NULL) {
620
item = make_gritem(key.d.gr, NULL);
621
if (rbinsert(grcache_bygid, item) != NULL)
622
errorx(1, _("unable to cache gid %u (%s), already exists"),
623
(unsigned int) gid, key.d.gr->gr_name);
625
item = emalloc(sizeof(*item));
629
if (rbinsert(grcache_bygid, item) != NULL)
630
errorx(1, _("unable to cache gid %u, already exists"),
639
* Get a group entry by name and allocate space for it.
642
sudo_getgrnam(const char *name)
644
struct cache_item key, *item;
648
key.k.name = (char *) name;
649
if ((node = rbfind(grcache_byname, &key)) != NULL) {
650
item = (struct cache_item *) node->data;
654
* Cache group db entry if it exists or a negative response if not.
656
if ((key.d.gr = getgrnam(name)) != NULL) {
657
item = make_gritem(key.d.gr, name);
658
if (rbinsert(grcache_byname, item) != NULL)
659
errorx(1, _("unable to cache group %s, already exists"), name);
661
len = strlen(name) + 1;
662
item = emalloc(sizeof(*item) + len);
664
item->k.name = (char *) item + sizeof(*item);
665
memcpy(item->k.name, name, len);
667
if (rbinsert(grcache_byname, item) != NULL)
668
errorx(1, _("unable to cache group %s, already exists"), name);
676
* Take a gid in string form "#123" and return a faked up group struct.
679
sudo_fakegrnam(const char *group)
681
struct cache_item *item;
687
namelen = strlen(group);
688
len = sizeof(*item) + sizeof(*gr) + namelen + 1;
690
for (i = 0; i < 2; i++) {
692
zero_bytes(item, sizeof(*item) + sizeof(*gr));
693
gr = (struct group *) ((char *)item + sizeof(*item));
694
gr->gr_gid = (gid_t) atoi(group + 1);
695
gr->gr_name = (char *)gr + sizeof(struct group);
696
memcpy(gr->gr_name, group, namelen + 1);
701
/* Store by gid, overwriting cached version. */
702
item->k.gid = gr->gr_gid;
703
if ((node = rbinsert(grcache_bygid, item)) != NULL) {
704
gr_delref_item(node->data);
708
/* Store by name, overwriting cached version. */
709
item->k.name = gr->gr_name;
710
if ((node = rbinsert(grcache_byname, item)) != NULL) {
711
gr_delref_item(node->data);
721
grlist_addref(struct group_list *grlist)
723
ptr_to_item(grlist)->refcnt++;
727
grlist_delref_item(void *v)
729
struct cache_item *item = v;
731
if (--item->refcnt == 0)
736
grlist_delref(struct group_list *grlist)
738
grlist_delref_item(ptr_to_item(grlist));
745
if (grcache_bygid == NULL)
746
grcache_bygid = rbcreate(cmp_grgid);
747
if (grcache_byname == NULL)
748
grcache_byname = rbcreate(cmp_grnam);
749
if (grlist_cache == NULL)
750
grlist_cache = rbcreate(cmp_grnam);
754
sudo_freegrcache(void)
756
if (grcache_bygid != NULL) {
757
rbdestroy(grcache_bygid, gr_delref_item);
758
grcache_bygid = NULL;
760
if (grcache_byname != NULL) {
761
rbdestroy(grcache_byname, gr_delref_item);
762
grcache_byname = NULL;
764
if (grlist_cache != NULL) {
765
rbdestroy(grlist_cache, grlist_delref_item);
778
get_group_list(struct passwd *pw)
780
struct cache_item key, *item;
786
key.k.name = pw->pw_name;
787
if ((node = rbfind(grlist_cache, &key)) != NULL) {
788
item = (struct cache_item *) node->data;
792
* Cache group db entry if it exists or a negative response if not.
794
#if defined(HAVE_SYSCONF) && defined(_SC_NGROUPS_MAX)
795
ngids = (int)sysconf(_SC_NGROUPS_MAX) * 2;
798
ngids = NGROUPS_MAX * 2;
799
gids = emalloc2(ngids, sizeof(GETGROUPS_T));
800
if (getgrouplist(pw->pw_name, pw->pw_gid, gids, &ngids) == -1) {
802
gids = emalloc2(ngids, sizeof(GETGROUPS_T));
803
if (getgrouplist(pw->pw_name, pw->pw_gid, gids, &ngids) == -1) {
809
if ((item = make_grlist_item(pw->pw_name, gids, ngids)) == NULL)
810
errorx(1, "unable to parse group list for %s", pw->pw_name);
812
if (rbinsert(grlist_cache, item) != NULL)
813
errorx(1, "unable to cache group list for %s, already exists",
816
/* Should not happen. */
817
len = strlen(pw->pw_name) + 1;
818
item = emalloc(sizeof(*item) + len);
820
item->k.name = (char *) item + sizeof(*item);
821
memcpy(item->k.name, pw->pw_name, len);
822
item->d.grlist = NULL;
823
if (rbinsert(grlist_cache, item) != NULL)
824
errorx(1, "unable to cache group list for %s, already exists",
829
return item->d.grlist;
833
set_group_list(const char *user, GETGROUPS_T *gids, int ngids)
835
struct cache_item key, *item;
839
* Cache group db entry if it doesn't already exist
841
key.k.name = (char *) user;
842
if ((node = rbfind(grlist_cache, &key)) == NULL) {
843
if ((item = make_grlist_item(user, gids, ngids)) == NULL)
844
errorx(1, "unable to parse group list for %s", user);
845
if (rbinsert(grlist_cache, item) != NULL)
846
errorx(1, "unable to cache group list for %s, already exists",
852
user_in_group(struct passwd *pw, const char *group)
854
struct group_list *grlist;
855
struct group *grp = NULL;
856
int i, matched = FALSE;
858
if ((grlist = get_group_list(pw)) != NULL) {
860
* If it could be a sudo-style group ID check gids first.
862
if (group[0] == '#') {
863
gid_t gid = atoi(group + 1);
864
if (gid == pw->pw_gid) {
868
for (i = 0; i < grlist->ngids; i++) {
869
if (gid == grlist->gids[i]) {
877
* Next check the supplementary group vector.
878
* It usually includes the password db group too.
880
for (i = 0; i < grlist->ngroups; i++) {
881
if (strcasecmp(group, grlist->groups[i]) == 0) {
887
/* Finally check against user's primary (passwd file) group. */
888
if ((grp = sudo_getgrgid(pw->pw_gid)) != NULL) {
889
if (strcasecmp(group, grp->gr_name) == 0) {
897
grlist_delref(grlist);