chkpth.c

<B>Digital的Unix操作系统VAX 4.2源码</B>

#ifndef lint
static char sccsid[] = "@(#)chkpth.c	4.1 ULTRIX  	7/2/90";
#endif

/*
 *  chkpth.c implements the security algorithms.
 *  Modified Doug Kingston, 30 July 82 to fix handling of	
 *	of the "userpath" structures.			
 * (brl-bmd) 
 * chkpth should not be called for implied Spool requests .
 * But explicit requests (foo!/usr/spoo/uucp/*) should use chkpth.
 * 
 *  decvax!larry - callcheck() checks to see if remote machine
 *		used a valed login id.
 *  decvax!larry - getxeqlevel() gets the execution level assigned
 *		to a remote machine.
 *  Lea Gottfredsen 2-16-88 mv /usr/lib/uucp to /usr/var/uucp
 */


/************************************************************************
 *									*
 *			Copyright (c) 1984 by				*
 *		Digital Equipment Corporation, Maynard, MA		*
 *			All rights reserved.				*
 *									*
 *   This software is furnished under a license and may be used and	*
 *   copied  only  in accordance with the terms of such license and	*
 *   with the  inclusion  of  the  above  copyright  notice.   This	*
 *   software  or  any  other copies thereof may not be provided or	*
 *   otherwise made available to any other person.  No title to and	*
 *   ownership of the software is hereby transferred.			*
 *									*
 *   This software is  derived  from  software  received  from  the	*
 *   University    of   California,   Berkeley,   and   from   Bell	*
 *   Laboratories.  Use, duplication, or disclosure is  subject  to	*
 *   restrictions  under  license  agreements  with  University  of	*
 *   California and with AT&T.						*
 *									*
 *   The information in this software is subject to change  without	*
 *   notice  and should not be construed as a commitment by Digital	*
 *   Equipment Corporation.						*
 *									*
 *   Digital assumes no responsibility for the use  or  reliability	*
 *   of its software on equipment which is not supplied by Digital.	*
 *									*
 ************************************************************************/



#include "uucp.h"
#include <sys/types.h>
#include <sys/stat.h>


#define DFLTNAME "default"	/* Not Implemented. ??? */

struct userpath {
	char *us_lname;
	char *us_mname;
	char us_callback;
	int  us_xeqlev;		/* remote execution level */
	char **us_path;
	struct userpath *unext;
};
struct userpath *Uhead = NULL;
struct userpath *Mchdef = NULL, *Logdef = NULL;
int Uptfirst = 1;


/*******
 *	chkpth(logname, mchname, path)
 *	char *path, *logname, *mchname;
 *
 *	chkpth  -  this routine will check the USERFILE for the
 *	machine or log name (non-null parameter) to see if the
 *	input path starts with an acceptable prefix.
 *
 *	return codes:  0  |  FAIL
 */

chkpth(logname, mchname, path)
char *path, *logname, *mchname;
{
	struct userpath *u;
	extern char *lastpart();
	char **p, *s;

	/* Allow only rooted pathnames.  Security wish.  rti!trt */
	if (*path != '/')
		return(FAIL);

	if (Uptfirst) {
		rdpth();
		ASSERT(Uhead != NULL, "INIT USERFILE, No entrys!", "", 0);
		Uptfirst = 0;
	}
	for (u = Uhead; u != NULL; ) {
		if (*logname != '\0' && strcmp(logname, u->us_lname) == SAME)
			break;
		if (*mchname != '\0' && strncmp(mchname, u->us_mname, 7) == SAME)
			break;
		u = u->unext;
	}
	if (u == NULL) {
		if (*logname == '\0')
			u = Mchdef;
		else
			u = Logdef;
		if (u == NULL)
			return(FAIL);
	}
	/* found user name */
	p = u->us_path;

	/*  check for /../ in path name  */
	for (s = path; *s != '\0'; s++) {
		if (prefix("/../",s))
			return(FAIL);
	}

	/* Check for access permission */
	for (p = u->us_path; *p != NULL; p++)
		if (prefix(*p, path))
			return(0);

	/* path name not valid */
	return(FAIL);
}


/***
 *	rdpth()
 *
 *	rdpth  -  this routine will read the USERFILE and
 *	construct the userpath structure pointed to by (u);
 *
 *	return codes:  0  |  FAIL
 *
 * 5/3/81 - changed to enforce the uucp-wide convention that system
 *	    names be 7 chars or less in length
 */

#define NO_XEQ_LEVEL -1

rdpth()
{
	char buf[100 + 1], *pbuf[50 + 1], *pc, **cp;
	FILE *uf;
	if ((uf = fopen(USERFILE, "r")) == NULL) {
		/* can not open file */
		ASSERT_NOFAIL(uf != NULL, "Can not open USERFILE", "", uf);
		return;
	}

	while (cfgets(buf, sizeof(buf), uf) != NULL) {
		int nargs, i;
		struct userpath *u;

		if ((u = (struct userpath *)malloc(sizeof (struct userpath))) == NULL) {
			DEBUG (1, "*** Userpath malloc failed\n", 0);
			fclose (uf);
			return;
		}
		if ((pc = calloc((unsigned)strlen(buf) + 1, sizeof (char)))
			== NULL) {
			/* can not allocate space */
			DEBUG (1, "Userpath calloc 1 failed\n", 0);
			fclose(uf);
			return;
		}

		strcpy(pc, buf);
		nargs = getargs(pc, pbuf);
		u->us_lname = pbuf[0];
		pc = index(u->us_lname, ',');
		if (pc != NULL)
			*pc++ = '\0';
		else
			pc = u->us_lname + strlen(u->us_lname);
		u->us_mname = pc;
		if (strlen(u->us_mname) > 7)
			u->us_mname[7] = '\0';
		if (strcmp(u->us_lname, "remote") == SAME) { 
			ASSERT(pbuf[1][0]=='X',"default xeq level undefined in USERFILE", u->us_lname, 0);
			Mchdef = u;
		}
		else
			if (strcmp(u->us_lname, "local") == SAME) {
				ASSERT(pbuf[1][0]=='X',"default xeq level undefined in USERFILE", u->us_lname, 0);
				Logdef = u;
			}
		i = 1;
		if (pbuf[1][0]=='X') {
			u->us_xeqlev = atoi(&pbuf[1][1]);
			i++;
		}
		else
			u->us_xeqlev = NO_XEQ_LEVEL;
/*
		DEBUG(5, "in chkpth, machine is:%s:, ", u->us_mname);
		DEBUG(5, "in chkpth, user is:%s:, ", u->us_lname);
		DEBUG(5, "xeqlevel is %d\n", u->us_xeqlev);
*/
		if (strcmp(pbuf[2], "c") == SAME) {
			u->us_callback = 1;
			i++;
			DEBUG(5,"callback for option on for user %s/n",
				u->us_lname);
		}
		else
			u->us_callback = 0;
		if ((cp = u->us_path =
		  (char **)calloc((unsigned)(nargs-i+1), sizeof(char *))) == NULL) {
			/*  can not allocate space */
			DEBUG (1, "Userpath calloc 2 failed!\n", 0);
			fclose(uf);
			return;
		}

		while (i < nargs)
			*cp++ = pbuf[i++];
		*cp = NULL;
		u->unext = Uhead;
		Uhead = u;
	}

	fclose(uf);
	ASSERT(Mchdef != NULL, "NO default in USERFILE for remote machines","",0);
	ASSERT(Logdef != NULL, "NO default in USERFILE for local users","",0);
	return;
}

/* routine to get execution level for a remote machine */
getxeqlevel(mch_name)
register char *mch_name;
{
	register struct userpath *u;

	if (Uptfirst) {
		rdpth();
		ASSERT(Uhead != 0, "INIT USERFILE, No entries!!", "", 0);
		Uptfirst = 0;
	}

	for (u = Uhead; u != NULL;) 
		if (strncmp(u->us_mname, mch_name, 7) == SAME) {
				DEBUG(4,"getxeqlevel %d\n",u->us_xeqlev);
			/*
			 * return default remote execution level if
			 * no execution level specified for this system
			 */
				if (u->us_xeqlev == NO_XEQ_LEVEL)
					return(Mchdef->us_xeqlev);
				return(u->us_xeqlev);
			}
			else 	{
				u = u->unext;
				continue;
				}
/*
 * machine name not found - return default execution level
 * 	for remote machines.
 * If the specified machine happens to be the local system
 * then return the default "local" execution level
 */
	if (strncmp(mch_name, Myname, 7) == SAME)
		return(Logdef->us_xeqlev); /* local xeq level returned */
	return(Mchdef->us_xeqlev);
}


/***
 *	chkperm(file, mopt)	check write permission of file
 *	char *mopt;		none NULL - create directories
 *
 *	if mopt != NULL and permissions are ok,
 *	a side effect of this routine is to make
 *	directories up to the last part of the
 *	filename (if they do not exist).
 *
 *	return 0 | FAIL
 */

chkperm(file, mopt)
char *file, *mopt;
{
	struct stat s;
	int ret;
	char dir[MAXFULLNAME];
	extern char *lastpart();

	if (stat(subfile(file), &s) == 0) {
		/* Forbid scribbling on a not-generally-writable file */
		/* rti!trt */
		if ((s.st_mode & ANYWRITE) == 0)
			return(FAIL);
		return(0);
	}

	strcpy(dir, file);
	*lastpart(dir) = '\0';
	if ((ret = stat(subfile(dir), &s)) == -1
	  && mopt == NULL)
		return(FAIL);

	if (ret != -1) {
		if ((s.st_mode & ANYWRITE) == 0)
			return(FAIL);
		else
			return(0);
	}

	/*  make directories  */
	return(mkdirs(subfile(file)));
}

/*
 * Check for sufficient privilege to request debugging.
 * Credit to seismo!stewart, John Stewart.
 */
chkdebug(uid)
int uid;
{
	if (uid > PRIV_UIDS) {
		fprintf(stderr, "Sorry, uid must be <= %d for debugging\n",
			PRIV_UIDS);
		cleanup(1);
		exit(1);
	}
}




/*
 * check for callback and bad login/machine match
 *	log_name	-> login name
 *	mch_name	-> remote machine name
 * returns:
 *	0	-> no call back
 *	1	-> call back
 *	2	-> login/machine match failure
 */
callcheck(log_name, mch_name)
register char *log_name;
register char *mch_name;
{
	register struct userpath *u;
	register int i;
	int ret;
	int found_mch = 0;
	int found_log = 0;

	if (Uptfirst) {
		rdpth();
		ASSERT(Uhead != 0, "INIT USERFILE, No entries!!", "", 0);
		Uptfirst = 0;
	}

	for (u = Uhead; u != NULL;) {
		if (strncmp(u->us_mname, mch_name, 7) == SAME) {
			found_mch++; 
			/* now must get login/machine match */
			if (strcmp(u->us_lname, log_name) == SAME) {
				DEBUG(4,"callcheck1 %d\n",u->us_callback);
				return(u->us_callback);
			}
			else 	{
				u = u->unext;
				continue;
				}
		}
		if (u->us_mname[0] != '\0') {
			u = u->unext;
			continue;
		}

/* machine was null, check if login matches */

		if (strcmp(u->us_lname, log_name) != SAME) {
			u = u->unext;
			continue;
		}
		found_log++;
		if (found_mch) {
/* valid login wrong machine */
			u = u->unext;
			continue;
		}
		/* have found login name with null (default) machine name */
		DEBUG(4,"callcheck2 %d\n",u->us_callback);
		return(u->us_callback);
	}

	if (found_log==0 && found_mch==0) {
		struct stat statbuf;
		/*
	       	 * login has not been specifed in USERFILE 
	         * anything goes. 
	         */
		DEBUG(4, "login not in USERFILE - %s\n", log_name);
		if (stat("/usr/var/uucp/INSECURE",&statbuf)==0)
			return(0);
		else
			return(2);
	}
	/*
	 * userid not found -- login/machine name do not match 
	 */
	return(2);
}