Logo Search packages:      
Sourcecode: nut version File versions  Download package

user.c

/* user.c - user handling functions for upsd

   Copyright (C) 2001  Russell Kroll <rkroll@exploits.org>

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/

#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>

#include "common.h"
#include "parseconf.h"

#include "user.h"
#include "user-data.h"

      ulist_t     *users = NULL;

      static      ulist_t     *curr_user;

/* create a new user entry */
static void user_add(const char *un)
{
      ulist_t     *tmp, *last = NULL;

      if (!un) {
            return;
      }

      for (tmp = users; tmp != NULL; tmp = tmp->next) {

            last = tmp;

            if (!strcmp(tmp->username, un)) {
                  fprintf(stderr, "Ignoring duplicate user %s\n", un);
                  return;
            }
      }

      tmp = xcalloc(1, sizeof(*tmp));
      tmp->username = xstrdup(un);

      if (last) {
            last->next = tmp;
      } else {
            users = tmp;      
      }

      /* remember who we're working on */
      curr_user = tmp;
}

/* set password */
static void user_password(const char *pw)
{
      if (!curr_user) {
            upslogx(LOG_WARNING, "Ignoring password definition outside "
                  "user section");
            return;
      }

      if (!pw) {
            return;
      }

      if (curr_user->password) {
            fprintf(stderr, "Ignoring duplicate password for %s\n", 
                  curr_user->username);
            return;
      }

      curr_user->password = xstrdup(pw);
}

/* attach allowed instcmds to user */
static void user_add_instcmd(const char *cmd)
{
      instcmdlist_t     *tmp, *last = NULL;

      if (!curr_user) {
            upslogx(LOG_WARNING, "Ignoring instcmd definition outside "
                  "user section");
            return;
      }

      if (!cmd) {
            return;
      }

      for (tmp = curr_user->firstcmd; tmp != NULL; tmp = tmp->next) {

            last = tmp;

            /* ignore duplicates */
            if (!strcasecmp(tmp->cmd, cmd)) {
                  return;
            }
      }

      tmp = xcalloc(1, sizeof(*tmp));

      tmp->cmd = xstrdup(cmd);

      if (last) {
            last->next = tmp;
      } else {
            curr_user->firstcmd = tmp;
      }
}

static actionlist_t *addaction(actionlist_t *base, const char *action)
{
      actionlist_t      *tmp, *last = NULL;

      if (!action) {
            return base;
      }

      for (tmp = base; tmp != NULL; tmp = tmp->next) {

            last = tmp;
      }

      tmp = xcalloc(1, sizeof(*tmp));
      tmp->action = xstrdup(action);

      if (last) {
            last->next = tmp;
            return base;
      }

      return tmp;
}

/* attach allowed actions to user */
static void user_add_action(const char *act)
{
      if (!curr_user) {
            upslogx(LOG_WARNING, "Ignoring action definition outside "
                  "user section");
            return;
      }

      curr_user->firstaction = addaction(curr_user->firstaction, act);
}

static void flushcmd(instcmdlist_t *ptr)
{
      if (!ptr) {
            return;
      }

      flushcmd(ptr->next);

      free(ptr->cmd);
      free(ptr);
}

static void flushaction(actionlist_t *ptr)
{
      if (!ptr) {
            return;
      }

      flushaction(ptr->next);

      free(ptr->action);
      free(ptr);
}

static void flushuser(ulist_t *ptr)
{
      if (!ptr) {
            return;
      }

      flushuser(ptr->next);
      flushcmd(ptr->firstcmd);
      flushaction(ptr->firstaction);

      free(ptr->username);
      free(ptr->password);
      free(ptr);
}

/* flush all user attributes - used during reload */
void user_flush(void)
{
      flushuser(users);
      users = NULL;
}

static int user_matchinstcmd(ulist_t *user, const char * cmd)
{
      instcmdlist_t     *tmp;

      for (tmp = user->firstcmd; tmp != NULL; tmp = tmp->next) {

            if (!strcasecmp(tmp->cmd, cmd)) {
                  return 1;   /* good */
            }

            if (!strcasecmp(tmp->cmd, "all")) {
                  return 1;   /* good */
            }
      }

      return 0;   /* fail */
}

int user_checkinstcmd(const char *un, const char *pw, const char *cmd)
{
      ulist_t     *tmp;

      if ((!un) || (!pw) || (!cmd)) {
            return 0;   /* failed */
      }

      for (tmp = users; tmp != NULL; tmp = tmp->next) {

            /* let's be paranoid before we call strcmp */

            if ((!tmp->username) || (!tmp->password)) {
                  continue;
            }

            if (strcmp(tmp->username, un)) {
                  continue;
            }


            if (strcmp(tmp->password, pw)) {
                  /* password mismatch */
                  return 0;   /* fail */
            }

            if (!user_matchinstcmd(tmp, cmd)) {
                  return 0;         /* fail */
            }

            /* passed all checks */
            return 1;   /* good */
      }

      /* username not found */
      return 0;   /* fail */
}

static int user_matchaction(ulist_t *user, const char *action)
{
      actionlist_t      *tmp;

      for (tmp = user->firstaction; tmp != NULL; tmp = tmp->next) {

            if (!strcasecmp(tmp->action, action)) {
                  return 1;   /* good */
            }
      }

      return 0;   /* fail */
}

int user_checkaction(const char *un, const char *pw, const char *action)
{
      ulist_t     *tmp;

      if ((!un) || (!pw) || (!action))
            return 0;   /* failed */

      for (tmp = users; tmp != NULL; tmp = tmp->next) {

            /* let's be paranoid before we call strcmp */

            if ((!tmp->username) || (!tmp->password)) {
                  continue;
            }

            if (strcmp(tmp->username, un)) {
                  continue;
            }

            if (strcmp(tmp->password, pw)) {
                  upsdebugx(2, "user_checkaction: password mismatch");
                  return 0;   /* fail */
            }

            if (!user_matchaction(tmp, action)) {
                  upsdebugx(2, "user_matchaction: failed");
                  return 0;   /* fail */
            }

            /* passed all checks */
            return 1;   /* good */
      }

      /* username not found */
      return 0;   /* fail */
}

/* handle "upsmon master" and "upsmon slave" for nicer configurations */
static void set_upsmon_type(char *type)
{
      /* master: login, master, fsd */
      if (!strcasecmp(type, "master")) {
            user_add_action("login");
            user_add_action("master");
            user_add_action("fsd");
            return;
      }

      /* slave: just login */
      if (!strcasecmp(type, "slave")) {
            user_add_action("login");
            return;
      }

      upslogx(LOG_WARNING, "Unknown upsmon type %s", type);
}

/* actually do something with the variable + value pairs */
static void parse_var(char *var, char *val)
{
      if (!strcasecmp(var, "password")) {
            user_password(val);
            return;
      }

      if (!strcasecmp(var, "instcmds")) {
            user_add_instcmd(val);
            return;
      }

      if (!strcasecmp(var, "actions")) {
            user_add_action(val);
            return;
      }

      if (!strcasecmp(var, "allowfrom")) {
            upslogx(LOG_WARNING, "allowfrom in upsd.users is no longer used");
            return;
      }

      /* someone did 'upsmon = type' - allow it anyway */
      if (!strcasecmp(var, "upsmon")) {
            set_upsmon_type(val);
            return;
      }

      upslogx(LOG_NOTICE, "Unrecognized user setting %s", var);
}

/* parse first var+val pair, then flip through remaining vals */
static void parse_rest(char *var, char *fval, char **arg, int next, int left)
{
      int   i;

      /* no globals supported yet, so there's no sense in continuing */
      if (!curr_user) {
            return;
      }

      parse_var(var, fval);

      if (left == 0) {
            return;
      }

      for (i = 0; i < left; i++) {
            parse_var(var, arg[next + i]);
      }
}

static void user_parse_arg(int numargs, char **arg)
{
      char  *ep;

      if ((numargs == 0) || (!arg)) {
            return;
      }

      /* ignore old file format */
      if (!strcasecmp(arg[0], "user")) {
            return;
      }

      /* handle 'foo=bar' (compressed form) */

      ep = strchr(arg[0], '=');
      if (ep) {
            *ep = '\0';

            /* parse first var/val, plus subsequent values (if any) */

            /*      0       1       2  ... */
            /* foo=bar <rest1> <rest2> ... */

            parse_rest(arg[0], ep+1, arg, 1, numargs - 1);
            return;
      }

      /* look for section headers - [username] */
      if ((arg[0][0] == '[') && (arg[0][strlen(arg[0])-1] == ']')) {

            arg[0][strlen(arg[0])-1] = '\0';
            user_add(&arg[0][1]);

            return;
      }

      if (numargs < 2) {
            return;
      }

      if (!strcasecmp(arg[0], "upsmon")) {
            set_upsmon_type(arg[1]);
      }

      /* everything after here needs arg[1] and arg[2] */
      if (numargs < 3) {
            return;
      }

      /* handle 'foo = bar' (split form) */
      if (!strcmp(arg[1], "=")) {

            /*   0 1   2      3       4  ... */
            /* foo = bar <rest1> <rest2> ... */

            /* parse first var/val, plus subsequent values (if any) */
            
            parse_rest(arg[0], arg[2], arg, 3, numargs - 3);
            return;
      }

      /* ... unhandled ... */
}

/* called for fatal errors in parseconf like malloc failures */
static void upsd_user_err(const char *errmsg)
{
      upslogx(LOG_ERR, "Fatal error in parseconf(upsd.users): %s", errmsg);
}

void user_load(void)
{
      char  fn[SMALLBUF];
      PCONF_CTX_t ctx;

      curr_user = NULL;

      snprintf(fn, sizeof(fn), "%s/upsd.users", confpath());

      check_perms(fn);

      pconf_init(&ctx, upsd_user_err);

      if (!pconf_file_begin(&ctx, fn)) {

            pconf_finish(&ctx);

            upslogx(LOG_WARNING, "%s", ctx.errmsg);
            return;
      }

      while (pconf_file_next(&ctx)) {

            if (pconf_parse_error(&ctx)) {
                  upslogx(LOG_ERR, "Parse error: %s:%d: %s",
                        fn, ctx.linenum, ctx.errmsg);
                  continue;
            }

            user_parse_arg(ctx.numargs, ctx.arglist);
      }

      pconf_finish(&ctx);
}

Generated by  Doxygen 1.6.0   Back to index