secuser.c 4.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233
  1. #include <u.h>
  2. #include <libc.h>
  3. #include <mp.h>
  4. #include <libsec.h>
  5. #include "SConn.h"
  6. #include "secstore.h"
  7. int verbose;
  8. static void userinput(char *, int);
  9. static void
  10. ensure_exists(char *f, ulong perm)
  11. {
  12. int fd;
  13. if(access(f, AEXIST) >= 0)
  14. return;
  15. if(verbose)
  16. fprint(2,"first time setup for secstore: create %s %lo\n", f, perm);
  17. fd = create(f, OREAD, perm);
  18. if(fd < 0){
  19. fprint(2, "unable to create %s\n", f);
  20. exits("secstored directories");
  21. }
  22. close(fd);
  23. }
  24. void
  25. main(int argc, char **argv)
  26. {
  27. int isnew;
  28. char *id, buf[Maxmsg], passck[Maxmsg], home[Maxmsg], prompt[100], *hexHi;
  29. long expsecs;
  30. mpint *H = mpnew(0), *Hi = mpnew(0);
  31. PW *pw;
  32. Tm *tm;
  33. ARGBEGIN{
  34. case 'v':
  35. verbose++;
  36. break;
  37. }ARGEND;
  38. if(argc!=1){
  39. print("usage: secuser [-v] <user>\n");
  40. exits("usage");
  41. }
  42. ensure_exists(SECSTORE_DIR, DMDIR|0755L);
  43. snprint(home, sizeof(home), "%s/who", SECSTORE_DIR);
  44. ensure_exists(home, DMDIR|0755L);
  45. snprint(home, sizeof(home), "%s/store", SECSTORE_DIR);
  46. ensure_exists(home, DMDIR|0700L);
  47. id = argv[0];
  48. if(verbose)
  49. fprint(2,"secuser %s\n", id);
  50. if((pw = getPW(id,1)) == nil){
  51. isnew = 1;
  52. print("new account (because %s/%s %r)\n", SECSTORE_DIR, id);
  53. pw = emalloc(sizeof(*pw));
  54. pw->id = estrdup(id);
  55. snprint(home, sizeof(home), "%s/store/%s", SECSTORE_DIR, id);
  56. if(access(home, AEXIST) == 0){
  57. print("new user, but directory %s already exists\n", home);
  58. exits(home);
  59. }
  60. }else{
  61. isnew = 0;
  62. }
  63. /* get main password for id */
  64. for(;;){
  65. if(isnew)
  66. snprint(prompt, sizeof(prompt), "%s password: ", id);
  67. else
  68. snprint(prompt, sizeof(prompt), "%s password [default = don't change]: ", id);
  69. if(getpasswd(prompt, buf, sizeof(buf)) < 0){
  70. print("getpass failed\n");
  71. exits("getpass failed");
  72. }
  73. if(verbose)
  74. print("%ld characters\n", strlen(buf));
  75. if(buf[0] == '\0' && isnew == 0)
  76. break;
  77. if(strlen(buf) >= 7)
  78. break;
  79. print("password must be at least 7 characters\n");
  80. }
  81. if(buf[0] != '\0'){
  82. snprint(prompt, sizeof(prompt), "retype password: ");
  83. if(verbose)
  84. print("confirming...\n");
  85. if(getpasswd(prompt, passck, sizeof(passck)) < 0){
  86. print("getpass failed\n");
  87. exits("getpass failed");
  88. }
  89. if(strcmp(buf, passck) != 0){
  90. print("passwords didn't match\n");
  91. exits("no match");
  92. }
  93. hexHi = PAK_Hi(id, buf, H, Hi);
  94. free(hexHi);
  95. mpfree(H);
  96. pw->Hi = Hi;
  97. }
  98. /* get expiration time (midnight of date specified) */
  99. if(isnew)
  100. expsecs = time(0) + 365*24*60*60;
  101. else
  102. expsecs = pw->expire;
  103. for(;;){
  104. tm = localtime(expsecs);
  105. print("expires [DDMMYYYY, default = %2.2d%2.2d%4.4d]: ",
  106. tm->mday, tm->mon, tm->year+1900);
  107. userinput(buf, sizeof(buf));
  108. if(strlen(buf) == 0)
  109. break;
  110. if(strlen(buf) != 8){
  111. print("!bad date format: %s\n", buf);
  112. continue;
  113. }
  114. tm->mday = (buf[0]-'0')*10 + (buf[1]-'0');
  115. if(tm->mday > 31 || tm->mday < 1){
  116. print("!bad day of month: %d\n", tm->mday);
  117. continue;
  118. }
  119. tm->mon = (buf[2]-'0')*10 + (buf[3]-'0') - 1;
  120. if(tm->mon > 11 || tm->mday < 0){
  121. print("!bad month: %d\n", tm->mon + 1);
  122. continue;
  123. }
  124. tm->year = atoi(buf+4) - 1900;
  125. if(tm->year < 70){
  126. print("!bad year: %d\n", tm->year + 1900);
  127. continue;
  128. }
  129. tm->sec = 59;
  130. tm->min = 59;
  131. tm->hour = 23;
  132. tm->yday = 0;
  133. expsecs = tm2sec(tm);
  134. break;
  135. }
  136. pw->expire = expsecs;
  137. /* failed logins */
  138. if(pw->failed != 0 )
  139. print("clearing %d failed login attempts\n", pw->failed);
  140. pw->failed = 0;
  141. /* status bits */
  142. if(isnew)
  143. pw->status = Enabled;
  144. for(;;){
  145. print("Enabled or Disabled [default %s]: ",
  146. (pw->status & Enabled) ? "Enabled" : "Disabled" );
  147. userinput(buf, sizeof(buf));
  148. if(strlen(buf) == 0)
  149. break;
  150. if(buf[0]=='E' || buf[0]=='e'){
  151. pw->status |= Enabled;
  152. break;
  153. }
  154. if(buf[0]=='D' || buf[0]=='d'){
  155. pw->status = pw->status & ~Enabled;
  156. break;
  157. }
  158. }
  159. for(;;){
  160. print("require STA? [default %s]: ",
  161. (pw->status & STA) ? "yes" : "no" );
  162. userinput(buf, sizeof(buf));
  163. if(strlen(buf) == 0)
  164. break;
  165. if(buf[0]=='Y' || buf[0]=='y'){
  166. pw->status |= STA;
  167. break;
  168. }
  169. if(buf[0]=='N' || buf[0]=='n'){
  170. pw->status = pw->status & ~STA;
  171. break;
  172. }
  173. }
  174. /* free form field */
  175. if(isnew)
  176. pw->other = nil;
  177. print("comments [default = %s]: ", (pw->other == nil) ? "" : pw->other);
  178. userinput(buf, 72); /* 72 comes from password.h */
  179. if(buf[0])
  180. if((pw->other = strdup(buf)) == nil)
  181. sysfatal("strdup");
  182. syslog(0, LOG, "CHANGELOGIN for '%s'", pw->id);
  183. if(putPW(pw) < 0){
  184. print("error writing entry: %r\n");
  185. exits("can't write password file");
  186. }else{
  187. print("change written\n");
  188. if(isnew && create(home, OREAD, DMDIR | 0775L) < 0){
  189. print("unable to create %s: %r\n", home);
  190. exits(home);
  191. }
  192. }
  193. exits("");
  194. }
  195. static void
  196. userinput(char *buf, int blen)
  197. {
  198. int n;
  199. while(1){
  200. n = read(0, buf, blen);
  201. if(n<=0)
  202. exits("read error");
  203. if(buf[n-1]=='\n'){
  204. buf[n-1] = '\0';
  205. return;
  206. }
  207. buf += n; blen -= n;
  208. if(blen<=0)
  209. exits("input too large");
  210. }
  211. }