X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/disorder/blobdiff_plain/763d5e6ad88ef3ba1cd1d7742d060e4f1e54c6b8..f87532949a0834686852e1cf59519d948c59eee7:/clients/authorize.c
diff --git a/clients/authorize.c b/clients/authorize.c
index 966983c..652db04 100644
--- a/clients/authorize.c
+++ b/clients/authorize.c
@@ -1,25 +1,25 @@
/*
* This file is part of DisOrder
- * Copyright (C) 2005 Richard Kettlewell
+ * Copyright (C) 2005, 2007, 2008 Richard Kettlewell
*
- * This program is free software; you can redistribute it and/or modify
+ * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
* You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- * USA
+ * along with this program. If not, see .
+ */
+/** @file clients/authorize.c
+ * @brief Create a new login
*/
-#include
-#include "types.h"
+#include "common.h"
#include
#include
@@ -27,69 +27,88 @@
#include
#include
#include
-#include
+#include "client.h"
#include "authorize.h"
#include "log.h"
#include "configuration.h"
#include "printf.h"
-#include "hex.h"
+#include "base64.h"
-int authorize(const char *user) {
- uint8_t pwbin[10];
- const struct passwd *pw, *jbpw;
- gid_t jbgid;
- char *c, *t, *pwhex;
+/** @brief Create a DisOrder login for the calling user, called @p user
+ * @param client DisOrder client
+ * @param user Username to create (UTF-8)
+ * @param rights Initial rights or NULL for default
+ * @return 0 on success, non-0 on error
+ */
+int authorize(disorder_client *client, const char *user, const char *rights) {
+ /* base64 is 3-into-4 so we make the password a multiple of 3 bytes long */
+ uint8_t pwbin[12];
+ const struct passwd *pw;
+ char *pwhex;
int fd;
FILE *fp;
+ char *configdir, *configpath, *configpathtmp;
+ struct stat sb;
+ uid_t old_uid = getuid();
+ gid_t old_gid = getgid();
- if(!(jbpw = getpwnam(config->user)))
- fatal(0, "cannot find user %s", config->user);
- jbgid = jbpw->pw_gid;
if(!(pw = getpwnam(user)))
- fatal(0, "no such user as %s", user);
- if((c = config_userconf(0, pw)) && access(c, F_OK) == 0) {
- error(0, "%s already exists", c);
- return -1;
- }
- if((c = config_usersysconf(pw)) && access(c, F_OK) == 0) {
- error(0, "%s already exists", c);
+ /* If it's a NIS world then /etc/passwd may be a lie, but it emphasizes
+ * that it's talking about the login user, not the DisOrder user */
+ disorder_fatal(0, "no such user as %s in /etc/passwd", user);
+
+ /* Choose a random password */
+ gcry_randomize(pwbin, sizeof pwbin, GCRY_STRONG_RANDOM);
+ pwhex = mime_to_base64(pwbin, sizeof pwbin);
+
+ /* Create the user on the server */
+ if(disorder_adduser(client, user, pwhex, rights))
return -1;
+
+ /* Become the target user */
+ if(setegid(pw->pw_gid) < 0)
+ disorder_fatal(errno, "setegid %lu", (unsigned long)pw->pw_gid);
+ if(seteuid(pw->pw_uid) < 0)
+ disorder_fatal(errno, "seteuid %lu", (unsigned long)pw->pw_uid);
+
+ /* Make sure the configuration directory exists*/
+ byte_xasprintf(&configdir, "%s/.disorder", pw->pw_dir);
+ if(mkdir(configdir, 02700) < 0) {
+ if(errno != EEXIST)
+ disorder_fatal(errno, "creating %s", configdir);
}
- byte_xasprintf(&t, "%s.new", c);
- gcry_randomize(pwbin, sizeof pwbin, GCRY_STRONG_RANDOM);
- pwhex = hex(pwbin, sizeof pwbin);
- /* create config.USER, to end up with mode 440 user:jukebox */
- if((fd = open(t, O_WRONLY|O_CREAT|O_EXCL, 0600)) < 0)
- fatal(errno, "error creating %s", t);
- if(fchown(fd, pw->pw_uid, -1) < 0)
- fatal(errno, "error chowning %s", t);
- if(fchmod(fd, 0400) < 0)
- fatal(errno, "error chmoding %s", t);
+ /* Make sure the configuration file does not exist */
+ byte_xasprintf(&configpath, "%s/passwd", configdir);
+ if(lstat(configpath, &sb) == 0)
+ disorder_fatal(0, "%s already exists", configpath);
+ if(errno != ENOENT)
+ disorder_fatal(errno, " checking %s", configpath);
+
+ byte_xasprintf(&configpathtmp, "%s.new", configpath);
+
+ /* Create config file with mode 600 */
+ if((fd = open(configpathtmp, O_WRONLY|O_CREAT, 0600)) < 0)
+ disorder_fatal(errno, "error creating %s", configpathtmp);
+
+ /* Write password */
if(!(fp = fdopen(fd, "w")))
- fatal(errno, "error calling fdopen");
+ disorder_fatal(errno, "error calling fdopen");
if(fprintf(fp, "password %s\n", pwhex) < 0
|| fclose(fp) < 0)
- fatal(errno, "error writing to %s", t);
- if(rename(t, c) < 0)
- fatal(errno, "error renaming %s to %s", t, c);
+ disorder_fatal(errno, "error writing to %s", configpathtmp);
- /* append to config.private. We might create it along the way (though this
- * is unlikely) in which case it had better be 640 root:jukebox */
- if(!(c = config_private()))
- fatal(0, "cannot determine private config file");
- if((fd = open(c, O_WRONLY|O_APPEND|O_CREAT, 0600)) < 0)
- fatal(errno, "error opening %s", c);
- if(fchown(fd, 0, jbgid) < 0)
- fatal(errno, "error chowning %s", c);
- if(fchmod(fd, 0640) < 0)
- fatal(errno, "error chmoding %s", t);
- if(!(fp = fdopen(fd, "a")))
- fatal(errno, "error calling fdopen");
- if(fprintf(fp, "allow %s %s\n", user, pwhex) < 0
- || fclose(fp) < 0)
- fatal(errno, "error appending to %s", c);
+ /* Rename config file into place */
+ if(rename(configpathtmp, configpath) < 0)
+ disorder_fatal(errno, "error renaming %s to %s", configpathtmp, configpath);
+
+ /* Put our identity back */
+ if(seteuid(old_uid) < 0)
+ disorder_fatal(errno, "seteuid %lu", (unsigned long)old_uid);
+ if(setegid(old_gid) < 0)
+ disorder_fatal(errno, "setegid %lu", (unsigned long)old_gid);
+
return 0;
}