account.cpp

ActiveX Setup Server Version 2.0.5 Chipsbrain Engineer Final Release

#include <fcntl.h>
#include <stdio.h>
#include <string.h>
#include <signal.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <utime.h>
#include <syslog.h>
#include <time.h>
#include <sys/resource.h>
#include <errno.h>
#include <shadow.h>
#include <stddef.h>
#include <pwd.h>
#include <stdlib.h>

#ifndef __USE_XOPEN
#define __USE_XOPEN
#endif
#include <unistd.h>

#include "def.h"
#include "account.h"
#include "debug.h"

CAccount::CAccount()
{
	m_Permision = PERMISION_DENY;
	m_iUserCount = 0;
}

CAccount::~CAccount()
{
	endpwent();
}

PERMISION CAccount::UserAuthenticate(char * pszID, char * pszPwd)
{
	spwd * pUserPwd;
	char * pszEncryptedPwd;

	OutputDebugString("user input id : ", pszID);
	OutputDebugString("user input pwd : ", pszPwd);
	
	pUserPwd = getspnam(pszID);
	if(pUserPwd == NULL){
		OutputDebugString("user not found.");
		m_Permision = PERMISION_DENY;
		return PERMISION_DENY;
	}

	pszEncryptedPwd = crypt(pszPwd, pUserPwd->sp_pwdp);

	if(strcmp(pszEncryptedPwd, pUserPwd->sp_pwdp)){
		m_Permision = PERMISION_DENY;
		return PERMISION_DENY;
	}

	if(!strcmp("root", pszID))
		m_Permision = PERMISION_ADMIN;
	else
		m_Permision = PERMISION_ANONY;

	return m_Permision;
}

bool CAccount::AddUser(char * pszID, char * pszPwd)
{
	if(m_Permision != PERMISION_ADMIN){
		return false;
	}

	char szCommand[DF_PARAMETER_SIZE + DF_MAX_COMMAND_SIZE];

	memset(szCommand, 0, sizeof(szCommand));
	sprintf(szCommand, "useradd %s", pszID);
	system(szCommand);

	if(UpdatePasswd(pszID, pszPwd))
		return false;
	else
		return true;
}

bool CAccount::DelUser(char * pszID)
{
	if(m_Permision != PERMISION_ADMIN){
		return false;
	}

	char szCommand[DF_PARAMETER_SIZE + DF_MAX_COMMAND_SIZE];

	memset(szCommand, 0, sizeof(szCommand));
	sprintf(szCommand, "userdel %s", pszID);
	system(szCommand);

	return true;
}

bool CAccount::Passwd(char * pszID, char * pszPwd)
{
	if(UpdatePasswd(pszID, pszPwd))
		return false;

	return true;
}

int CAccount::GetNameAtPasswd(char * pszNameBuff)
{
	passwd * ptr = NULL;

	if(!m_iUserCount)
		setpwent();

	if((ptr = getpwent()) == NULL){
		endpwent();
		OutputDebugString("endpwent()");
		return 0;
	}
	if((ptr->pw_uid > 0) && (ptr->pw_uid < 500)){
//		OutputDebugString("not available : ", ptr->pw_name);
		return -1;
	}
	if(ptr->pw_uid == 65534){
//		OutputDebugString("not available : ", ptr->pw_name);
		return -1;
	}		

	m_iUserCount++;
	strcpy(pszNameBuff, ptr->pw_name);
//	OutputDebugString("id : ", pszNameBuff);

	return m_iUserCount;
}

int CAccount::UpdatePasswd(char * pszID, char * pszPwd)
{
	passwd * pw;
	char * crypt_pw;

	if(!(pw = getpwnam(pszID)))
		return 1;
	crypt_pw = PasswdEncrypt(pszPwd);
	
	// copy form passwd.c
	char filename[1024];
	char buf[1025];
	char buffer[80];
	char username[32];
	char *pw_rest;
	int has_shadow = 0;
	int mask;
	int continued;
	FILE *fp;
	FILE *out_fp;
	struct stat sb;
	struct flock lock;
	
	if (access(SHADOW_FILE, F_OK) == 0) {
		has_shadow = 1;
	}
	if (has_shadow) {
		snprintf(filename, sizeof filename, "%s", SHADOW_FILE);
	} else {
		snprintf(filename, sizeof filename, "%s", PASSWD_FILE);
	}
	
	if (((fp = fopen(filename, "r+")) == 0) || (fstat(fileno(fp), &sb))) {
		/* return 0; */
		return 1;
	}
	/* Lock the password file before updating */
	lock.l_type = F_WRLCK;
	lock.l_whence = SEEK_SET;
	lock.l_start = 0;
	lock.l_len = 0;
	if (fcntl(fileno(fp), F_SETLK, &lock) < 0) {
//		fprintf(stderr, "%s: %s\n", filename, strerror(errno));
		OutputDebugString(filename, strerror(errno));
		return 1;
	}
	lock.l_type = F_UNLCK;
	
	snprintf(buf, sizeof buf, "%s-", filename);
	if (CreateBackup(buf, fp)) {
		fcntl(fileno(fp), F_SETLK, &lock);
		fclose(fp);
		return 1;
	}
	snprintf(buf, sizeof buf, "%s+", filename);
	mask = umask(0777);
	out_fp = fopen(buf, "w");
	umask(mask);
	if ((!out_fp) || (fchmod(fileno(out_fp), sb.st_mode & 0777)) 
			|| (fchown(fileno(out_fp), sb.st_uid, sb.st_gid))) {
		fcntl(fileno(fp), F_SETLK, &lock);
		fclose(fp);
		fclose(out_fp);
		return 1;
	}
	
	continued = 0;
	snprintf(username, sizeof username, "%s:", pw->pw_name);
	rewind(fp);
	while (!feof(fp)) {
		fgets(buffer, sizeof buffer, fp);
		if (!continued) {       // Check to see if we're updating this line.
			if (strncmp(username, buffer, strlen(username)) == 0) { // we have a match.
				pw_rest = strchr(buffer, ':');
				*pw_rest++ = '\0';
				pw_rest = strchr(pw_rest, ':');
				fprintf(out_fp, "%s:%s%s", buffer, crypt_pw, pw_rest);
			} else {
			fputs(buffer, out_fp);
			}
		} else {
			fputs(buffer, out_fp);
		}
		if (buffer[strlen(buffer) - 1] == '\n') {
			continued = 0;
		} else {
			continued = 1;
		}
		bzero(buffer, sizeof buffer);
	}
	if (fflush(out_fp) || fsync(fileno(out_fp)) || fclose(out_fp)) {
		unlink(buf);
		fcntl(fileno(fp), F_SETLK, &lock);
		fclose(fp);
		return 1;
	}
	if (rename(buf, filename) < 0) {
		fcntl(fileno(fp), F_SETLK, &lock);
		fclose(fp);
		return 1;
	} else {
		fcntl(fileno(fp), F_SETLK, &lock);
		fclose(fp);
		return 0;
	}
}

char * CAccount::PasswdEncrypt(char * pszPwd)
{
	char * pSalt = CryptMakeSalt();

	return crypt(pszPwd, pSalt);
}

void CAccount::HomeDirDelete(char * pszID)
{
	char szCommand[DF_PARAMETER_SIZE + DF_MAX_COMMAND_SIZE];

	memset(szCommand, 0, sizeof(szCommand));
	sprintf(szCommand, "rm -rf /home/%s", pszID);
	system(szCommand);
}

int CAccount::i64c(int i)
{
	// copy form passwd.c
	if (i <= 0)
		return ('.');
	if (i == 1)
		return ('/');
	if (i >= 2 && i < 12)
		return ('0' - 2 + i);
	if (i >= 12 && i < 38)
		return ('A' - 12 + i);
	if (i >= 38 && i < 63)
		return ('a' - 38 + i);
	return ('z');
}

char * CAccount::CryptMakeSalt()
{
	// copy form passwd.c
	time_t now;
	static unsigned long x;
	static char result[3];
	
	time(&now);
	x += now + getpid() + clock();
	result[0] = i64c(((x >> 18) ^ (x >> 6)) & 077);
	result[1] = i64c(((x >> 12) ^ x) & 077);
	result[2] = '\0';
	return result;
}

int CAccount::CreateBackup(char * backup, FILE * fp)
{
	// copy form passwd.c
	struct stat sb;
	struct utimbuf ub;
	FILE *bkfp;
	int c, mask;
	
	if (fstat(fileno(fp), &sb))
		/* return -1; */
		return 1;
	
	mask = umask(077);
	bkfp = fopen(backup, "w");
	umask(mask);
	if (!bkfp)
		/* return -1; */
		return 1;
	
	/* TODO: faster copy, not one-char-at-a-time.  --marekm */
	rewind(fp);
	while ((c = getc(fp)) != EOF) {
		if (putc(c, bkfp) == EOF)
			break;
	}
	if (c != EOF || fflush(bkfp)) {
		fclose(bkfp);
		/* return -1; */
		return 1;
	}
	if (fclose(bkfp))
		/* return -1; */
		return 1;
	
	ub.actime = sb.st_atime;
	ub.modtime = sb.st_mtime;
	utime(backup, &ub);

	return 0;
}