search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
heimdal Extend the 'hdb as a keytab' code [HEIMDAL-600]
[heimdal.git] / lib / krb5 / kuserok.c
blob83dde37ca3d6ecfa83df1566da3ddb0c13065941
1 /*
2 * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "krb5_locl.h"
35 #include <dirent.h>
36
37 /* see if principal is mentioned in the filename access file, return
38 TRUE (in result) if so, FALSE otherwise */
39
40 static krb5_error_code
41 check_one_file(krb5_context context,
42 const char *filename,
43 struct passwd *pwd,
44 krb5_principal principal,
45 krb5_boolean *result)
46 {
47 FILE *f;
48 char buf[BUFSIZ];
49 krb5_error_code ret;
50 struct stat st;
51
52 *result = FALSE;
53
54 f = fopen (filename, "r");
55 if (f == NULL)
56 return errno;
57 rk_cloexec_file(f);
58
59 /* check type and mode of file */
60 if (fstat(fileno(f), &st) != 0) {
61 fclose (f);
62 return errno;
63 }
64 if (S_ISDIR(st.st_mode)) {
65 fclose (f);
66 return EISDIR;
67 }
68 if (st.st_uid != pwd->pw_uid && st.st_uid != 0) {
69 fclose (f);
70 return EACCES;
71 }
72 if ((st.st_mode & (S_IWGRP | S_IWOTH)) != 0) {
73 fclose (f);
74 return EACCES;
75 }
76
77 while (fgets (buf, sizeof(buf), f) != NULL) {
78 krb5_principal tmp;
79 char *newline = buf + strcspn(buf, "\n");
80
81 if(*newline != '\n') {
82 int c;
83 c = fgetc(f);
84 if(c != EOF) {
85 while(c != EOF && c != '\n')
86 c = fgetc(f);
87 /* line was too long, so ignore it */
88 continue;
89 }
90 }
91 *newline = '\0';
92 ret = krb5_parse_name (context, buf, &tmp);
93 if (ret)
94 continue;
95 *result = krb5_principal_compare (context, principal, tmp);
96 krb5_free_principal (context, tmp);
97 if (*result) {
98 fclose (f);
99 return 0;
100 }
101 }
102 fclose (f);
103 return 0;
104 }
105
106 static krb5_error_code
107 check_directory(krb5_context context,
108 const char *dirname,
109 struct passwd *pwd,
110 krb5_principal principal,
111 krb5_boolean *result)
112 {
113 DIR *d;
114 struct dirent *dent;
115 char filename[MAXPATHLEN];
116 krb5_error_code ret = 0;
117 struct stat st;
118
119 *result = FALSE;
120
121 if(lstat(dirname, &st) < 0)
122 return errno;
123
124 if (!S_ISDIR(st.st_mode))
125 return ENOTDIR;
126
127 if (st.st_uid != pwd->pw_uid && st.st_uid != 0)
128 return EACCES;
129 if ((st.st_mode & (S_IWGRP | S_IWOTH)) != 0)
130 return EACCES;
131
132 if((d = opendir(dirname)) == NULL)
133 return errno;
134
135 #ifdef HAVE_DIRFD
136 {
137 int fd;
138 struct stat st2;
139
140 fd = dirfd(d);
141 if(fstat(fd, &st2) < 0) {
142 closedir(d);
143 return errno;
144 }
145 if(st.st_dev != st2.st_dev || st.st_ino != st2.st_ino) {
146 closedir(d);
147 return EACCES;
148 }
149 }
150 #endif
151
152 while((dent = readdir(d)) != NULL) {
153 if(strcmp(dent->d_name, ".") == 0 ||
154 strcmp(dent->d_name, "..") == 0 ||
155 dent->d_name[0] == '#' || /* emacs autosave */
156 dent->d_name[strlen(dent->d_name) - 1] == '~') /* emacs backup */
157 continue;
158 snprintf(filename, sizeof(filename), "%s/%s", dirname, dent->d_name);
159 ret = check_one_file(context, filename, pwd, principal, result);
160 if(ret == 0 && *result == TRUE)
161 break;
162 ret = 0; /* don't propagate errors upstream */
163 }
164 closedir(d);
165 return ret;
166 }
167
168 static krb5_boolean
169 match_local_principals(krb5_context context,
170 krb5_principal principal,
171 const char *luser)
172 {
173 krb5_error_code ret;
174 krb5_realm *realms, *r;
175 krb5_boolean result = FALSE;
176
177 /* multi-component principals can never match */
178 if(krb5_principal_get_comp_string(context, principal, 1) != NULL)
179 return FALSE;
180
181 ret = krb5_get_default_realms (context, &realms);
182 if (ret)
183 return FALSE;
184
185 for (r = realms; *r != NULL; ++r) {
186 if(strcmp(krb5_principal_get_realm(context, principal),
187 *r) != 0)
188 continue;
189 if(strcmp(krb5_principal_get_comp_string(context, principal, 0),
190 luser) == 0) {
191 result = TRUE;
192 break;
193 }
194 }
195 krb5_free_host_realm (context, realms);
196 return result;
197 }
198
199 /**
200 * Return TRUE iff `principal' is allowed to login as `luser'.
201 */
202
203 krb5_boolean KRB5_LIB_FUNCTION
204 krb5_kuserok (krb5_context context,
205 krb5_principal principal,
206 const char *luser)
207 {
208 char *buf;
209 size_t buflen;
210 struct passwd *pwd;
211 krb5_error_code ret;
212 krb5_boolean result = FALSE;
213
214 krb5_boolean found_file = FALSE;
215
216 #ifdef POSIX_GETPWNAM_R
217 char pwbuf[2048];
218 struct passwd pw;
219
220 if(getpwnam_r(luser, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0)
221 return FALSE;
222 #else
223 pwd = getpwnam (luser);
224 #endif
225 if (pwd == NULL)
226 return FALSE;
227
228 #define KLOGIN "/.k5login"
229 buflen = strlen(pwd->pw_dir) + sizeof(KLOGIN) + 2; /* 2 for .d */
230 buf = malloc(buflen);
231 if(buf == NULL)
232 return FALSE;
233 /* check user's ~/.k5login */
234 strlcpy(buf, pwd->pw_dir, buflen);
235 strlcat(buf, KLOGIN, buflen);
236 ret = check_one_file(context, buf, pwd, principal, &result);
237
238 if(ret == 0 && result == TRUE) {
239 free(buf);
240 return TRUE;
241 }
242
243 if(ret != ENOENT)
244 found_file = TRUE;
245
246 strlcat(buf, ".d", buflen);
247 ret = check_directory(context, buf, pwd, principal, &result);
248 free(buf);
249 if(ret == 0 && result == TRUE)
250 return TRUE;
251
252 if(ret != ENOENT && ret != ENOTDIR)
253 found_file = TRUE;
254
255 /* finally if no files exist, allow all principals matching
256 <localuser>@<LOCALREALM> */
257 if(found_file == FALSE)
258 return match_local_principals(context, principal, luser);
259
260 return FALSE;
261 }
Heimdal