search:
summary | log | graphiclog1 | graphiclog2 | refs | edit | fork

d764023e8711801875cb4e00215afef872341618
[screen-lua.git] / src / acls.c
blobd764023e8711801875cb4e00215afef872341618
1 /* Copyright (c) 2008, 2009
2 * Juergen Weigert (jnweiger@immd4.informatik.uni-erlangen.de)
3 * Michael Schroeder (mlschroe@immd4.informatik.uni-erlangen.de)
4 * Micah Cowan (micah@cowan.name)
5 * Sadrul Habib Chowdhury (sadrul@users.sourceforge.net)
6 * Copyright (c) 1993-2002, 2003, 2005, 2006, 2007
7 * Juergen Weigert (jnweiger@immd4.informatik.uni-erlangen.de)
8 * Michael Schroeder (mlschroe@immd4.informatik.uni-erlangen.de)
9 * Copyright (c) 1987 Oliver Laumann
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 3, or (at your option)
14 * any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program (see the file COPYING); if not, see
23 * http://www.gnu.org/licenses/, or contact Free Software Foundation, Inc.,
24 * 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA
25 *
26 ****************************************************************
27 */
28
29 #include <sys/types.h>
30
31 #include "config.h"
32
33
34 /* XXX: WHY IS THIS HERE?? :XXX */
35
36 #ifdef CHECKLOGIN
37 # ifdef _SEQUENT_
38 # include <stdio.h> /* needed by <pwd.h> */
39 # endif /* _SEQUENT_ */
40 # include <pwd.h>
41 # ifdef SHADOWPW
42 # include <shadow.h>
43 # endif /* SHADOWPW */
44 #endif /* CHECKLOGIN */
45
46 #ifndef NOSYSLOG
47 # include <syslog.h>
48 #endif
49
50 #include "screen.h" /* includes acls.h */
51 #include "extern.h"
52
53
54 /************************************************************************
55 * user managing code, this does not really belong into the acl stuff *
56 ************************************************************************/
57
58 extern struct comm comms[];
59 extern struct win *windows, *wtab[];
60 extern char NullStr[];
61 extern char SockPath[];
62 extern struct display *display, *displays;
63 struct acluser *users;
64
65 #ifdef MULTIUSER
66 int maxusercount = 0; /* used in process.c: RC_MONITOR, RC_SILENCE */
67
68 /* record given user ids here */
69 static AclBits userbits;
70
71 /*
72 * rights a new unknown user will have on windows and cmds.
73 * These are changed by a "umask ?-..." command:
74 */
75 static char default_w_bit[ACL_BITS_PER_WIN] =
76 {
77 1, /* EXEC */
78 1, /* WRITE */
79 1 /* READ */
80 };
81
82 static char default_c_bit[ACL_BITS_PER_CMD] =
83 {
84 0 /* EXEC */
85 };
86
87 /* rights of all users per newly created window */
88 /*
89 * are now stored per user (umask)
90 * static AclBits default_w_userbits[ACL_BITS_PER_WIN];
91 * static AclBits default_c_userbits[ACL_BITS_PER_CMD];
92 */
93
94 static int GrowBitfield __P((AclBits *, int, int, int));
95 static struct aclusergroup **FindGroupPtr __P((struct aclusergroup **, struct acluser *, int));
96 static int AclSetPermCmd __P((struct acluser *, char *, struct comm *));
97 static int AclSetPermWin __P((struct acluser *, struct acluser *, char *, struct win *));
98 static int UserAcl __P((struct acluser *, struct acluser **, int, char **));
99 static int UserAclCopy __P((struct acluser **, struct acluser **));
100
101
102 static int
103 GrowBitfield(bfp, len, delta, defaultbit)
104 AclBits *bfp;
105 int len, delta, defaultbit;
106 {
107 AclBits n, o = *bfp;
108 int i;
109
110 if (!(n = (AclBits)calloc(1, (unsigned long)(&ACLBYTE((char *)0, len + delta + 1)))))
111 return -1;
112 for (i = 0; i < (len + delta); i++)
113 {
114 if (((i < len) && (ACLBIT(i) & ACLBYTE(o, i))) ||
115 ((i >= len) && (defaultbit)))
116 ACLBYTE(n, i) |= ACLBIT(i);
117 }
118 if (len)
119 free((char *)o);
120 *bfp = n;
121 return 0;
122 }
123
124 #endif /* MULTIUSER */
125
126 /*
127 * Returns an nonzero Address. Its contents is either a User-ptr,
128 * or NULL which may be replaced by a User-ptr to create the entry.
129 */
130 struct acluser **
131 FindUserPtr(name)
132 char *name;
133 {
134 struct acluser **u;
135
136 for (u = &users; *u; u = &(*u)->u_next)
137 if (!strcmp((*u)->u_name, name))
138 break;
139 #ifdef MULTIUSER
140 debug3("FindUserPtr %s %sfound, id %d\n", name, (*u)?"":"not ",
141 (*u)?(*u)->u_id:-1);
142 #else /* MULTIUSER */
143 debug2("FindUserPtr %s %sfound\n", name, (*u)?"":"not ");
144 #endif /* MULTIUSER */
145 return u;
146 }
147
148 int DefaultEsc = -1; /* initialised by screen.c:main() */
149 int DefaultMetaEsc = -1;
150
151 /*
152 * Add a new user. His password may be NULL or "" if none. His name must not
153 * be "none", as this represents the NULL-pointer when dealing with groups.
154 * He has default rights, determined by umask.
155 */
156 int
157 UserAdd(name, pass, up)
158 char *name, *pass;
159 struct acluser **up;
160 {
161 #ifdef MULTIUSER
162 int j;
163 #endif
164
165 if (!up)
166 up = FindUserPtr(name);
167 if (*up)
168 {
169 if (pass)
170 (*up)->u_password = SaveStr(pass);
171 return 1; /* he is already there */
172 }
173 if (strcmp("none", name)) /* "none" is a reserved word */
174 *up = (struct acluser *)calloc(1, sizeof(struct acluser));
175 if (!*up)
176 return -1; /* he still does not exist */
177 #ifdef COPY_PASTE
178 (*up)->u_plop.buf = NULL;
179 (*up)->u_plop.len = 0;
180 # ifdef ENCODINGS
181 (*up)->u_plop.enc = 0;
182 # endif
183 #endif
184 (*up)->u_Esc = DefaultEsc;
185 (*up)->u_MetaEsc = DefaultMetaEsc;
186 strncpy((*up)->u_name, name, 20);
187 (*up)->u_password = NULL;
188 if (pass)
189 (*up)->u_password = SaveStr(pass);
190 if (!(*up)->u_password)
191 (*up)->u_password = NullStr;
192 (*up)->u_detachwin = -1;
193 (*up)->u_detachotherwin = -1;
194
195 #ifdef MULTIUSER
196 (*up)->u_group = NULL;
197 /* now find an unused index */
198 for ((*up)->u_id = 0; (*up)->u_id < maxusercount; (*up)->u_id++)
199 if (!(ACLBIT((*up)->u_id) & ACLBYTE(userbits, (*up)->u_id)))
200 break;
201 debug2("UserAdd %s id %d\n", name, (*up)->u_id);
202 if ((*up)->u_id == maxusercount)
203 {
204 int j;
205 struct win *w;
206 struct acluser *u;
207
208 debug2("growing all bitfields %d += %d\n", maxusercount, USER_CHUNK);
209 /* the bitfields are full, grow a chunk */
210 /* first, the used_uid_indicator: */
211 if (GrowBitfield(&userbits, maxusercount, USER_CHUNK, 0))
212 {
213 free((char *)*up); *up = NULL; return -1;
214 }
215 /* second, default command bits */
216 /* (only if we generate commands dynamically) */
217 /*
218 for (j = 0; j < ACL_BITS_PER_CMD; j++)
219 if (GrowBitfield(&default_c_userbits[j], maxusercount, USER_CHUNK,
220 default_c_bit[j]))
221 {
222 free((char *)*up); *up = NULL; return -1;
223 }
224 */
225 /* third, the bits for each commands */
226 for (j = 0; j <= RC_LAST; j++)
227 {
228 int i;
229
230 for (i = 0; i < ACL_BITS_PER_CMD; i++)
231 if (GrowBitfield(&comms[j].userbits[i], maxusercount, USER_CHUNK,
232 default_c_bit[i]))
233 {
234 free((char *)*up); *up = NULL; return -1;
235 }
236 }
237 /* fourth, default window creation bits per user */
238 for (u = users; u != *up; u = u->u_next)
239 {
240 for (j = 0; j < ACL_BITS_PER_WIN; j++)
241 {
242 if (GrowBitfield(&u->u_umask_w_bits[j], maxusercount, USER_CHUNK,
243 default_w_bit[j]))
244 {
245 free((char *)*up); *up = NULL; return -1;
246 }
247 }
248 }
249
250 /* fifth, the bits for each window */
251 /* keep these in sync with NewWindowAcl() */
252 for (w = windows; w; w = w->w_next)
253 {
254 /* five a: the access control list */
255 for (j = 0; j < ACL_BITS_PER_WIN; j++)
256 if (GrowBitfield(&w->w_userbits[j], maxusercount, USER_CHUNK,
257 default_w_bit[j]))
258 {
259 free((char *)*up); *up = NULL; return -1;
260 }
261 /* five b: the activity notify list */
262 /* five c: the silence notify list */
263 if (GrowBitfield(&w->w_mon_notify, maxusercount, USER_CHUNK, 0) ||
264 GrowBitfield(&w->w_lio_notify, maxusercount, USER_CHUNK, 0))
265 {
266 free((char *)*up); *up = NULL; return -1;
267 }
268 }
269 maxusercount += USER_CHUNK;
270 }
271
272 /* mark the user-entry as "in-use" */
273 ACLBYTE(userbits, (*up)->u_id) |= ACLBIT((*up)->u_id);
274
275 /* user id 0 is the session creator, he has all rights */
276 if ((*up)->u_id == 0)
277 AclSetPerm(NULL, *up, "+a", "#?");
278
279 /* user nobody has a fixed set of rights: */
280 if (!strcmp((*up)->u_name, "nobody"))
281 {
282 AclSetPerm(NULL, *up, "-rwx", "#?");
283 AclSetPerm(NULL, *up, "+x", "su");
284 AclSetPerm(NULL, *up, "+x", "detach");
285 AclSetPerm(NULL, *up, "+x", "displays");
286 AclSetPerm(NULL, *up, "+x", "version");
287 }
288
289 /*
290 * Create his umask:
291 * Give default_w_bit's for all users,
292 * but allow himself everything on "his" windows.
293 */
294 for (j = 0; j < ACL_BITS_PER_WIN; j++)
295 {
296 if (GrowBitfield(&(*up)->u_umask_w_bits[j], 0, maxusercount,
297 default_w_bit[j]))
298 {
299 free((char *)*up); *up = NULL; return -1;
300 }
301 ACLBYTE((*up)->u_umask_w_bits[j], (*up)->u_id) |= ACLBIT((*up)->u_id);
302 }
303 #else /* MULTIUSER */
304 debug1("UserAdd %s\n", name);
305 #endif /* MULTIUSER */
306 return 0;
307 }
308
309 #if 0
310 /* change user's password */
311 int
312 UserSetPass(name, pass, up)
313 char *name, *pass;
314 struct acluser **up;
315 {
316 if (!up)
317 up = FindUserPtr(name);
318 if (!*up)
319 return UserAdd(name, pass, up);
320 if (!strcmp(name, "nobody")) /* he remains without password */
321 return -1;
322 strncpy((*up)->u_password, pass ? pass : "", 20);
323 (*up)->u_password[20] = '\0';
324 return 0;
325 }
326 #endif
327
328 /*
329 * Remove a user from the list.
330 * Destroy all his permissions and completely detach him from the session.
331 */
332 int
333 UserDel(name, up)
334 char *name;
335 struct acluser **up;
336 {
337 struct acluser *u;
338 #ifdef MULTIUSER
339 int i;
340 #endif
341 struct display *old, *next;
342
343 if (!up)
344 up = FindUserPtr(name);
345 if (!(u = *up))
346 return -1; /* he who does not exist cannot be removed */
347 old = display;
348 for (display = displays; display; display = next)
349 {
350 next = display->d_next; /* read the next ptr now, Detach may zap it. */
351 if (D_user != u)
352 continue;
353 if (display == old)
354 old = NULL;
355 Detach(D_REMOTE);
356 }
357 display = old;
358 *up = u->u_next;
359
360 #ifdef MULTIUSER
361 for (up = &users; *up; up = &(*up)->u_next)
362 {
363 /* unlink all group references to this user */
364 struct aclusergroup **g = &(*up)->u_group;
365
366 while (*g)
367 {
368 if ((*g)->u == u)
369 {
370 struct aclusergroup *next = (*g)->next;
371
372 free((char *)(*g));
373 *g = next;
374 }
375 else
376 g = &(*g)->next;
377 }
378 }
379 ACLBYTE(userbits, u->u_id) &= ~ACLBIT(u->u_id);
380 /* restore the bits in his slot to default: */
381 AclSetPerm(NULL, u, default_w_bit[ACL_READ] ? "+r" : "-r", "#");
382 AclSetPerm(NULL, u, default_w_bit[ACL_WRITE]? "+w" : "-w", "#");
383 AclSetPerm(NULL, u, default_w_bit[ACL_EXEC] ? "+x" : "-x", "#");
384 AclSetPerm(NULL, u, default_c_bit[ACL_EXEC] ? "+x" : "-x", "?");
385 for (i = 0; i < ACL_BITS_PER_WIN; i++)
386 free((char *)u->u_umask_w_bits[i]);
387 #endif /* MULTIUSER */
388 debug1("FREEING user structure for %s\n", u->u_name);
389 #ifdef COPY_PASTE
390 UserFreeCopyBuffer(u);
391 #endif
392 free((char *)u);
393 if (!users)
394 {
395 debug("Last user deleted. Feierabend.\n");
396 Finit(0); /* Destroying whole session. Noone could ever attach again. */
397 }
398 return 0;
399 }
400
401
402 #ifdef COPY_PASTE
403
404 /*
405 * returns 0 if the copy buffer was really deleted.
406 * Also removes any references into the users copybuffer
407 */
408 int
409 UserFreeCopyBuffer(u)
410 struct acluser *u;
411 {
412 struct win *w;
413 struct paster *pa;
414
415 if (!u->u_plop.buf)
416 return 1;
417 for (w = windows; w; w = w->w_next)
418 {
419 pa = &w->w_paster;
420 if (pa->pa_pasteptr >= u->u_plop.buf &&
421 pa->pa_pasteptr - u->u_plop.buf < u->u_plop.len)
422 FreePaster(pa);
423 }
424 free((char *)u->u_plop.buf);
425 u->u_plop.len = 0;
426 u->u_plop.buf = 0;
427 return 0;
428 }
429 #endif /* COPY_PASTE */
430
431 #ifdef MULTIUSER
432 /*
433 * Traverses group nodes. It searches for a node that references user u.
434 * If recursive is true, nodes found in the users are also searched using
435 * depth first method. If none of the nodes references u, the address of
436 * the last next pointer is returned. This address will contain NULL.
437 */
438 static struct aclusergroup **
439 FindGroupPtr(gp, u, recursive)
440 struct aclusergroup **gp;
441 struct acluser *u;
442 int recursive;
443 {
444 struct aclusergroup **g;
445
446 ASSERT(recursive < 1000); /* Ouch, cycle detection failed */
447 while (*gp)
448 {
449 if ((*gp)->u == u)
450 return gp; /* found him here. */
451 if (recursive &&
452 *(g = FindGroupPtr(&(*gp)->u->u_group, u, recursive + 1)))
453 return g; /* found him there. */
454 gp = &(*gp)->next;
455 }
456 return gp; /* *gp is NULL */
457 }
458
459 /*
460 * Returns nonzero if failed or already linked.
461 * Both users are created on demand.
462 * Cyclic links are prevented.
463 */
464 int
465 AclLinkUser(from, to)
466 char *from, *to;
467 {
468 struct acluser **u1, **u2;
469 struct aclusergroup **g;
470
471 if (!*(u1 = FindUserPtr(from)) && UserAdd(from, NULL, u1))
472 return -1;
473 if (!*(u2 = FindUserPtr(to)) && UserAdd(to, NULL, u2))
474 return -1; /* hmm, could not find both users. */
475
476 if (*FindGroupPtr(&(*u2)->u_group, *u1, 1))
477 return 1; /* cyclic link detected! */
478 if (*(g = FindGroupPtr(&(*u1)->u_group, *u2, 0)))
479 return 2; /* aha, we are already linked! */
480
481 if (!(*g = (struct aclusergroup *)malloc(sizeof(struct aclusergroup))))
482 return -1; /* Could not alloc link. Poor screen */
483 (*g)->u = (*u2);
484 (*g)->next = NULL;
485 return 0;
486 }
487
488 /*
489 * The user pointer stored at *up will be substituted by a pointer
490 * to the named user's structure, if passwords match.
491 * returns NULL if successfull, an static error string otherwise
492 */
493 char *
494 DoSu(up, name, pw1, pw2)
495 struct acluser **up;
496 char *name, *pw1, *pw2;
497 {
498 struct acluser *u;
499 int sorry = 0;
500
501 if (!(u = *FindUserPtr(name)))
502 sorry++;
503 else
504 {
505 #ifdef CHECKLOGIN
506 struct passwd *pp;
507 #ifdef SHADOWPW
508 struct spwd *ss;
509 int t, c;
510 #endif
511 char *pass = "";
512
513 if (!(pp = getpwnam(name)))
514 {
515 debug1("getpwnam(\"%s\") failed\n", name);
516 if (!(pw1 && *pw1 && *pw1 != '\377'))
517 {
518 debug("no unix account, no screen passwd\n");
519 sorry++;
520 }
521 }
522 else
523 pass = pp->pw_passwd;
524 #ifdef SHADOWPW
525 for (t = 0; t < 13; t++)
526 {
527 c = pass[t];
528 if (!(c == '.' || c == '/' ||
529 (c >= '0' && c <= '9') ||
530 (c >= 'a' && c <= 'z') ||
531 (c >= 'A' && c <= 'Z')))
532 break;
533 }
534 if (t < 13)
535 {
536 if (!(ss = getspnam(name)))
537 {
538 debug1("getspnam(\"%s\") failed\n", name);
539 sorry++;
540 }
541 else
542 pass = ss->sp_pwdp;
543 }
544 #endif /* SHADOWPW */
545
546 if (pw2 && *pw2 && *pw2 != '\377') /* provided a system password */
547 {
548 if (!*pass || /* but needed none */
549 strcmp(crypt(pw2, pass), pass))
550 {
551 debug("System password mismatch\n");
552 sorry++;
553 }
554 }
555 else /* no pasword provided */
556 if (*pass) /* but need one */
557 sorry++;
558 #endif
559 if (pw1 && *pw1 && *pw1 != '\377') /* provided a screen password */
560 {
561 if (!*u->u_password || /* but needed none */
562 strcmp(crypt(pw1, u->u_password), u->u_password))
563 {
564 debug("screen password mismatch\n");
565 sorry++;
566 }
567 }
568 else /* no pasword provided */
569 if (*u->u_password) /* but need one */
570 sorry++;
571 }
572
573 debug2("syslog(LOG_NOTICE, \"screen %s: \"su %s\" ", SockPath, name);
574 debug2("%s for \"%s\"\n", sorry ? "failed" : "succeded", (*up)->u_name);
575 #ifndef NOSYSLOG
576 # ifdef BSD_42
577 openlog("screen", LOG_PID);
578 # else
579 openlog("screen", LOG_PID, LOG_AUTH);
580 # endif /* BSD_42 */
581 syslog(LOG_NOTICE, "%s: \"su %s\" %s for \"%s\"", SockPath, name,
582 sorry ? "failed" : "succeded", (*up)->u_name);
583 closelog();
584 #else
585 debug("NOT LOGGED.\n");
586 #endif /* NOSYSLOG */
587
588 if (sorry)
589 return "Sorry.";
590 else
591 *up = u; /* substitute user now */
592 return NULL;
593 }
594 #endif /* MULTIUSER */
595
596 /************************************************************************
597 * end of user managing code *
598 ************************************************************************/
599
600
601 #ifdef MULTIUSER
602
603 /* This gives the users default rights to the new window w created by u */
604 int
605 NewWindowAcl(w, u)
606 struct win *w;
607 struct acluser *u;
608 {
609 int i, j;
610
611 debug2("NewWindowAcl %s's umask_w_bits for window %d\n",
612 u ? u->u_name : "everybody", w->w_number);
613
614 /* keep these in sync with UserAdd part five. */
615 if (GrowBitfield(&w->w_mon_notify, 0, maxusercount, 0) ||
616 GrowBitfield(&w->w_lio_notify, 0, maxusercount, 0))
617 return -1;
618 for (j = 0; j < ACL_BITS_PER_WIN; j++)
619 {
620 /* we start with len 0 for the new bitfield size and add maxusercount */
621 if (GrowBitfield(&w->w_userbits[j], 0, maxusercount, 0))
622 {
623 while (--j >= 0)
624 free((char *)w->w_userbits[j]);
625 free((char *)w->w_mon_notify);
626 free((char *)w->w_lio_notify);
627 return -1;
628 }
629 for (i = 0; i < maxusercount; i++)
630 if (u ? (ACLBIT(i) & ACLBYTE(u->u_umask_w_bits[j], i)) :
631 default_w_bit[j])
632 ACLBYTE(w->w_userbits[j], i) |= ACLBIT(i);
633 }
634 return 0;
635 }
636
637 void
638 FreeWindowAcl(w)
639 struct win *w;
640 {
641 int i;
642
643 for (i = 0; i < ACL_BITS_PER_WIN; i++)
644 free((char *)w->w_userbits[i]);
645 free((char *)w->w_mon_notify);
646 free((char *)w->w_lio_notify);
647 }
648
649
650 /* if mode starts with '-' we remove the users exec bit for cmd */
651 /*
652 * NOTE: before you make this function look the same as
653 * AclSetPermWin, try to merge both functions.
654 */
655 static int
656 AclSetPermCmd(u, mode, cmd)
657 struct acluser *u;
658 char *mode;
659 struct comm *cmd;
660 {
661 int neg = 0;
662 char *m = mode;
663
664 while (*m)
665 {
666 switch (*m++)
667 {
668 case '-':
669 neg = 1;
670 continue;
671 case '+':
672 neg = 0;
673 continue;
674 case 'a':
675 case 'e':
676 case 'x':
677 /* debug3("AclSetPermCmd %s %s %s\n", u->u_name, mode, cmd->name); */
678 if (neg)
679 ACLBYTE(cmd->userbits[ACL_EXEC], u->u_id) &= ~ACLBIT(u->u_id);
680 else
681 ACLBYTE(cmd->userbits[ACL_EXEC], u->u_id) |= ACLBIT(u->u_id);
682 break;
683 case 'r':
684 case 'w':
685 break;
686 default:
687 return -1;
688 }
689 }
690 return 0;
691 }
692
693 /* mode strings of the form +rwx -w+rx r -wx are parsed and evaluated */
694 /*
695 * aclchg nerd -w+w 2
696 * releases a writelock on window 2 held by user nerd.
697 * Letter n allows network access on a window.
698 * uu should be NULL, except if you want to change his umask.
699 */
700 static int
701 AclSetPermWin(uu, u, mode, win)
702 struct acluser *u, *uu;
703 char *mode;
704 struct win *win;
705 {
706 int neg = 0;
707 int bit, bits;
708 AclBits *bitarray;
709 char *m = mode;
710
711 if (uu)
712 {
713 debug3("AclSetPermWin %s UMASK %s %s\n", uu->u_name, u->u_name, mode);
714 bitarray = uu->u_umask_w_bits;
715 }
716 else
717 {
718 ASSERT(win);
719 bitarray = win->w_userbits;
720 debug3("AclSetPermWin %s %s %d\n", u->u_name, mode, win->w_number);
721 }
722
723 while (*m)
724 {
725 switch (*m++)
726 {
727 case '-':
728 neg = 1;
729 continue;
730 case '+':
731 neg = 0;
732 continue;
733 case 'r':
734 bits = (1 << ACL_READ);
735 break;
736 case 'w':
737 bits = (1 << ACL_WRITE);
738 break;
739 case 'x':
740 bits = (1 << ACL_EXEC);
741 break;
742 case 'a':
743 bits = (1 << ACL_BITS_PER_WIN) - 1;
744 break;
745 default:
746 return -1;
747 }
748 for (bit = 0; bit < ACL_BITS_PER_WIN; bit++)
749 {
750 if (!(bits & (1 << bit)))
751 continue;
752 if (neg)
753 ACLBYTE(bitarray[bit], u->u_id) &= ~ACLBIT(u->u_id);
754 else
755 ACLBYTE(bitarray[bit], u->u_id) |= ACLBIT(u->u_id);
756 if (!uu && (win->w_wlockuser == u) && neg && (bit == ACL_WRITE))
757 {
758 debug2("%s lost writelock on win %d\n", u->u_name, win->w_number);
759 win->w_wlockuser = NULL;
760 if (win->w_wlock == WLOCK_ON)
761 win->w_wlock = WLOCK_AUTO;
762 }
763 }
764 }
765 if (uu && u->u_name[0] == '?' && u->u_name[1] == '\0')
766 {
767 /*
768 * It is Mr. '?', the unknown user. He deserves special treatment as
769 * he defines the defaults. Sorry, this is global, not per user.
770 */
771 if (win)
772 {
773 debug1("AclSetPermWin: default_w_bits '%s'.\n", mode);
774 for (bit = 0; bit < ACL_BITS_PER_WIN; bit++)
775 default_w_bit[bit] =
776 (ACLBYTE(bitarray[bit], u->u_id) & ACLBIT(u->u_id)) ? 1 : 0;
777 }
778 else
779 {
780 /*
781 * Hack. I do not want to duplicate all the above code for
782 * AclSetPermCmd. This asumes that there are not more bits
783 * per cmd than per win.
784 */
785 debug1("AclSetPermWin: default_c_bits '%s'.\n", mode);
786 for (bit = 0; bit < ACL_BITS_PER_CMD; bit++)
787 default_c_bit[bit] =
788 (ACLBYTE(bitarray[bit], u->u_id) & ACLBIT(u->u_id)) ? 1 : 0;
789 }
790 UserDel(u->u_name, NULL);
791 }
792 return 0;
793 }
794
795 /*
796 * String is broken down into comand and window names, mode applies
797 * A command name matches first, so do not use these as window names.
798 * uu should be NULL, except if you want to change his umask.
799 */
800 int
801 AclSetPerm(uu, u, mode, s)
802 struct acluser *uu, *u;
803 char *mode, *s;
804 {
805 struct win *w;
806 int i;
807 char *p, ch;
808
809 debug3("AclSetPerm(uu, user '%s', mode '%s', object '%s')\n",
810 u->u_name, mode, s);
811 while (*s)
812 {
813 switch (*s)
814 {
815 case '*': /* all windows and all commands */
816 return AclSetPerm(uu, u, mode, "#?");
817 case '#':
818 if (uu) /* window umask or .. */
819 AclSetPermWin(uu, u, mode, (struct win *)1);
820 else /* .. or all windows */
821 for (w = windows; w; w = w->w_next)
822 AclSetPermWin((struct acluser *)0, u, mode, w);
823 s++;
824 break;
825 case '?':
826 if (uu) /* command umask or .. */
827 AclSetPermWin(uu, u, mode, (struct win *)0);
828 else /* .. or all commands */
829 for (i = 0; i <= RC_LAST; i++)
830 AclSetPermCmd(u, mode, &comms[i]);
831 s++;
832 break;
833 default:
834 for (p = s; *p && *p != ' ' && *p != '\t' && *p != ','; p++)
835 ;
836 if ((ch = *p))
837 *p++ = '\0';
838 if ((i = FindCommnr(s)) != RC_ILLEGAL)
839 AclSetPermCmd(u, mode, &comms[i]);
840 else if (((i = WindowByNoN(s)) >= 0) && wtab[i])
841 AclSetPermWin((struct acluser *)0, u, mode, wtab[i]);
842 else
843 /* checking group name */
844 return -1;
845 if (ch)
846 p[-1] = ch;
847 s = p;
848 }
849 }
850 return 0;
851 }
852
853 /*
854 * Generic ACL Manager:
855 *
856 * This handles acladd and aclchg identical.
857 * With 2 or 4 parameters, the second parameter is a password.
858 * With 3 or 4 parameters the last two parameters specify the permissions
859 * else user is added with full permissions.
860 * With 1 parameter the users permissions are copied from user *argv.
861 * Unlike the other cases, u->u_name should not match *argv here.
862 * uu should be NULL, except if you want to change his umask.
863 */
864 static int
865 UserAcl(uu, u, argc, argv)
866 struct acluser *uu, **u;
867 int argc;
868 char **argv;
869 {
870 if ((*u && !strcmp((*u)->u_name, "nobody")) ||
871 (argc > 1 && !strcmp(argv[0], "nobody")))
872 return -1; /* do not change nobody! */
873
874 switch (argc)
875 {
876 case 1+1+2:
877 debug2("UserAcl: user '%s', password '%s':", argv[0], argv[1]);
878 return (UserAdd(argv[0], argv[1], u) < 0) ||
879 AclSetPerm(uu, *u, argv[2], argv[3]);
880 case 1+2:
881 debug1("UserAcl: user '%s', no password:", argv[0]);
882 return (UserAdd(argv[0], NULL, u) < 0) ||
883 AclSetPerm(uu, *u, argv[1], argv[2]);
884 case 1+1:
885 debug2("UserAcl: user '%s', password '%s'\n", argv[0], argv[1]);
886 return UserAdd(argv[0], argv[1], u) < 0;
887 case 1:
888 debug1("UserAcl: user '%s', no password:", argv[0]);
889 return (UserAdd(argv[0], NULL, u) < 0) ||
890 AclSetPerm(uu, *u, "+a", "#?");
891 default:
892 return -1;
893 }
894 }
895
896 static int
897 UserAclCopy(to_up, from_up)
898 struct acluser **to_up, **from_up;
899 {
900 struct win *w;
901 int i, j, to_id, from_id;
902
903 if (!*to_up || !*from_up)
904 return -1;
905 debug2("UserAclCopy: from user '%s' to user '%s'\n",
906 (*from_up)->u_name, (*to_up)->u_name);
907 if ((to_id = (*to_up)->u_id) == (from_id = (*from_up)->u_id))
908 return -1;
909 for (w = windows; w; w = w->w_next)
910 {
911 for (i = 0; i < ACL_BITS_PER_WIN; i++)
912 {
913 if (ACLBYTE(w->w_userbits[i], from_id) & ACLBIT(from_id))
914 ACLBYTE(w->w_userbits[i], to_id) |= ACLBIT(to_id);
915 else
916 {
917 ACLBYTE(w->w_userbits[i], to_id) &= ~ACLBIT(to_id);
918 if ((w->w_wlockuser == *to_up) && (i == ACL_WRITE))
919 {
920 debug2("%s lost wlock on win %d\n",
921 (*to_up)->u_name, w->w_number);
922 w->w_wlockuser = NULL;
923 if (w->w_wlock == WLOCK_ON)
924 w->w_wlock = WLOCK_AUTO;
925 }
926 }
927 }
928 }
929 for (j = 0; j <= RC_LAST; j++)
930 {
931 for (i = 0; i < ACL_BITS_PER_CMD; i++)
932 {
933 if (ACLBYTE(comms[j].userbits[i], from_id) & ACLBIT(from_id))
934 ACLBYTE(comms[j].userbits[i], to_id) |= ACLBIT(to_id);
935 else
936 ACLBYTE(comms[j].userbits[i], to_id) &= ~ACLBIT(to_id);
937 }
938 }
939
940 return 0;
941 }
942
943 /*
944 * Syntax:
945 * user [password] [+rwx #?]
946 * * [password] [+rwx #?]
947 * user1,user2,user3 [password] [+rwx #?]
948 * user1,user2,user3=user
949 * uu should be NULL, except if you want to change his umask.
950 */
951 int
952 UsersAcl(uu, argc, argv)
953 struct acluser *uu;
954 int argc;
955 char **argv;
956 {
957 char *s;
958 int r;
959 struct acluser **cf_u = NULL;
960
961 if (argc == 1)
962 {
963 char *p = NULL;
964
965 s = argv[0];
966 while (*s)
967 if (*s++ == '=') p = s;
968 if (p)
969 {
970 p[-1] = '\0';
971 cf_u = FindUserPtr(p);
972 }
973 }
974
975 if (argv[0][0] == '*' && argv[0][1] == '\0')
976 {
977 struct acluser **u;
978
979 debug("all users acls.\n");
980 for (u = &users; *u; u = &(*u)->u_next)
981 if (strcmp("nobody", (*u)->u_name) &&
982 ((cf_u) ?
983 ((r = UserAclCopy(u, cf_u)) < 0) :
984 ((r = UserAcl(uu, u, argc, argv)) < 0)))
985 return -1;
986 return 0;
987 }
988
989 do
990 {
991 for (s = argv[0]; *s && *s!=' ' && *s!='\t' && *s!=',' && *s!='='; s++)
992 ;
993 *s ? (*s++ = '\0') : (*s = '\0');
994 debug2("UsersAcl(uu, \"%s\", argc=%d)\n", argv[0], argc);
995 if ((cf_u) ?
996 ((r = UserAclCopy(FindUserPtr(argv[0]), cf_u)) < 0) :
997 ((r = UserAcl(uu, FindUserPtr(argv[0]), argc, argv)) < 0))
998 return -1;
999 } while (*(argv[0] = s));
1000 return 0;
1001 }
1002
1003 /*
1004 * Preprocess argments, so that umask can be set with UsersAcl
1005 *
1006 * all current users umask ±rwxn
1007 * one specific user umask user1±rwxn
1008 * several users umask user1,user2,...±rwxn
1009 * default_w_bits umask ?±rwxn
1010 * default_c_bits umask ??±rwxn
1011 */
1012 int
1013 AclUmask(u, str, errp)
1014 struct acluser *u;
1015 char *str;
1016 char **errp;
1017 {
1018 char mode[16];
1019 char *av[3];
1020 char *p, c = '\0';
1021
1022 /* split str into user and bits section. */
1023 for (p = str; *p; p++)
1024 if ((c = *p) == '+' || c == '-')
1025 break;
1026 if (!*p)
1027 {
1028 *errp = "Bad argument. Should be ``[user[,user...]{+|-}rwxn''.";
1029 return -1;
1030 }
1031 strncpy(mode, p, 15);
1032 mode[15] = '\0';
1033 *p = '\0';
1034
1035 /* construct argument vector */
1036 if (!strcmp("??", str))
1037 {
1038 str++;
1039 av[2] = "?";
1040 }
1041 else
1042 av[2] = "#";
1043 av[1] = mode;
1044 av[0] = *str ? str : "*";
1045 /* call UsersAcl */
1046 if (UsersAcl(u, 3, av))
1047 {
1048 *errp = "UsersAcl failed. Hmmm.";
1049 *p = c;
1050 return -1;
1051 }
1052 *p = c;
1053 return 0;
1054 }
1055
1056 void
1057 AclWinSwap(a, b)
1058 int a, b;
1059 {
1060 debug2("AclWinSwap(%d, %d) NOP.\n", a, b);
1061 }
1062
1063 struct acluser *EffectiveAclUser = NULL; /* hook for AT command permission */
1064
1065 int
1066 AclCheckPermWin(u, mode, w)
1067 struct acluser *u;
1068 int mode;
1069 struct win *w;
1070 {
1071 int ok;
1072
1073 if (mode < 0 || mode >= ACL_BITS_PER_WIN)
1074 return -1;
1075 if (EffectiveAclUser)
1076 {
1077 debug1("AclCheckPermWin: WARNING user %s overridden!\n", u->u_name);
1078 u = EffectiveAclUser;
1079 }
1080 ok = ACLBYTE(w->w_userbits[mode], u->u_id) & ACLBIT(u->u_id);
1081 debug3("AclCheckPermWin(%s, %d, %d) = ", u->u_name, mode, w->w_number);
1082
1083 if (!ok)
1084 {
1085 struct aclusergroup **g = &u->u_group;
1086 struct acluser *saved_eff = EffectiveAclUser;
1087
1088 EffectiveAclUser = NULL;
1089 while (*g)
1090 {
1091 if (!AclCheckPermWin((*g)->u, mode, w))
1092 break;
1093 g = &(*g)->next;
1094 }
1095 EffectiveAclUser = saved_eff;
1096 if (*g)
1097 ok = 1;
1098 }
1099 debug1("%d\n", !ok);
1100 return !ok;
1101 }
1102
1103 int
1104 AclCheckPermCmd(u, mode, c)
1105 struct acluser *u;
1106 int mode;
1107 struct comm *c;
1108 {
1109 int ok;
1110
1111 if (mode < 0 || mode >= ACL_BITS_PER_CMD)
1112 return -1;
1113 if (EffectiveAclUser)
1114 {
1115 debug1("AclCheckPermCmd: WARNING user %s overridden!\n", u->u_name);
1116 u = EffectiveAclUser;
1117 }
1118 ok = ACLBYTE(c->userbits[mode], u->u_id) & ACLBIT(u->u_id);
1119 debug3("AclCheckPermCmd(%s %d %s) = ", u->u_name, mode, c->name);
1120 if (!ok)
1121 {
1122 struct aclusergroup **g = &u->u_group;
1123 struct acluser *saved_eff = EffectiveAclUser;
1124
1125 EffectiveAclUser = NULL;
1126 while (*g)
1127 {
1128 if (!AclCheckPermCmd((*g)->u, mode, c))
1129 break;
1130 g = &(*g)->next;
1131 }
1132 EffectiveAclUser = saved_eff;
1133 if (*g)
1134 ok = 1;
1135 }
1136 debug1("%d\n", !ok);
1137 return !ok;
1138 }
1139
1140 #endif /* MULTIUSER */
Lua scripting support for GNU Screen