MODRET authfile_setpwent(cmd_rec *cmd) {
if (af_setpwent() == 0) {
return PR_DECLINED(cmd);
}
return PR_DECLINED(cmd);
}
MODRET authfile_auth(cmd_rec *cmd) {
char *tmp = NULL, *cleartxt_pass = NULL;
const char *name = cmd->argv[0];
if (af_setpwent() < 0) {
return PR_DECLINED(cmd);
}
/* Lookup the cleartxt password for this user. */
tmp = af_getpwpass(name);
if (tmp == NULL) {
/* For now, return DECLINED. Ideally, we could stash an auth module
* identifier in the session structure, so that all auth modules could
* coordinate/use their methods as long as they matched the auth module
* used.
*/
return PR_DECLINED(cmd);
#if 0
/* When the above is implemented, and if the user being checked was
* provided by mod_auth_file, we'd return this.
*/
return PR_ERROR_INT(cmd, PR_AUTH_NOPWD);
#endif
}
cleartxt_pass = pstrdup(cmd->tmp_pool, tmp);
if (pr_auth_check(cmd->tmp_pool, cleartxt_pass, name, cmd->argv[1]))
return PR_ERROR_INT(cmd, PR_AUTH_BADPWD);
session.auth_mech = "mod_auth_file.c";
return PR_HANDLED(cmd);
}
MODRET authfile_uid2name(cmd_rec *cmd) {
struct passwd *pwd = NULL;
if (af_setpwent() < 0)
return PR_DECLINED(cmd);
pwd = af_getpwuid(*((uid_t *) cmd->argv[0]));
return pwd ? mod_create_data(cmd, pwd->pw_name) : PR_DECLINED(cmd);
}
MODRET authfile_name2uid(cmd_rec *cmd) {
struct passwd *pwd = NULL;
if (af_setpwent() < 0)
return PR_DECLINED(cmd);
pwd = af_getpwnam(cmd->argv[0]);
return pwd ? mod_create_data(cmd, (void *) &pwd->pw_uid) : PR_DECLINED(cmd);
}
MODRET authfile_getpwuid(cmd_rec *cmd) {
struct passwd *pwd = NULL;
uid_t uid = *((uid_t *) cmd->argv[0]);
if (af_setpwent() < 0)
return PR_DECLINED(cmd);
pwd = af_getpwuid(uid);
return pwd ? mod_create_data(cmd, pwd) : PR_DECLINED(cmd);
}
static struct passwd *af_getpwuid(uid_t uid) {
struct passwd *pwd = NULL;
if (af_setpwent() < 0)
return NULL;
while ((pwd = af_getpwent()) != NULL) {
if (pwd->pw_uid == uid) {
/* Found the requested UID */
break;
}
}
return pwd;
}
static struct passwd *af_getpwnam(const char *name) {
struct passwd *pwd = NULL;
if (af_setpwent() < 0) {
return NULL;
}
while ((pwd = af_getpwent()) != NULL) {
pr_signals_handle();
if (strcmp(name, pwd->pw_name) == 0) {
/* Found the requested user */
break;
}
}
return pwd;
}
MODRET authfile_getpwnam(cmd_rec *cmd) {
struct passwd *pwd = NULL;
const char *name = cmd->argv[0];
if (af_setpwent() < 0)
return PR_DECLINED(cmd);
/* Ugly -- we iterate through the file. Time-consuming. */
while ((pwd = af_getpwent()) != NULL) {
if (strcmp(name, pwd->pw_name) == 0) {
/* Found the requested name */
break;
}
}
return pwd ? mod_create_data(cmd, pwd) : PR_DECLINED(cmd);
}
static struct passwd *af_getpwuid(pool *p, uid_t uid) {
struct passwd *pwd = NULL;
if (af_setpwent(p) < 0) {
return NULL;
}
while ((pwd = af_getpwent(p)) != NULL) {
pr_signals_handle();
if (pwd->pw_uid == uid) {
/* Found the requested UID */
break;
}
}
return pwd;
}
MODRET authfile_getgroups(cmd_rec *cmd) {
struct passwd *pwd = NULL;
struct group *grp = NULL;
array_header *gids = NULL, *groups = NULL;
char *name = cmd->argv[0];
if (name == NULL) {
return PR_DECLINED(cmd);
}
if (af_setpwent() < 0) {
return PR_DECLINED(cmd);
}
if (af_setgrent() < 0) {
return PR_DECLINED(cmd);
}
/* Check for NULLs */
if (cmd->argv[1])
gids = (array_header *) cmd->argv[1];
if (cmd->argv[2])
groups = (array_header *) cmd->argv[2];
/* Retrieve the necessary info. */
pwd = af_getpwnam(name);
if (pwd == NULL) {
return PR_DECLINED(cmd);
}
/* Populate the first group ID and name. */
if (gids) {
*((gid_t *) push_array(gids)) = pwd->pw_gid;
}
if (groups &&
(grp = af_getgrgid(pwd->pw_gid)) != NULL) {
*((char **) push_array(groups)) = pstrdup(session.pool, grp->gr_name);
}
af_setgrent();
/* This is where things get slow, expensive, and ugly. Loop through
* everything, checking to make sure we haven't already added it.
*/
while ((grp = af_getgrent()) != NULL &&
grp->gr_mem) {
char **gr_mems = NULL;
pr_signals_handle();
/* Loop through each member name listed */
for (gr_mems = grp->gr_mem; *gr_mems; gr_mems++) {
/* If it matches the given username... */
if (strcmp(*gr_mems, pwd->pw_name) == 0) {
/* ...add the GID and name */
if (gids)
*((gid_t *) push_array(gids)) = grp->gr_gid;
if (groups)
*((char **) push_array(groups)) = pstrdup(session.pool, grp->gr_name);
}
}
}
if (gids && gids->nelts > 0) {
return mod_create_data(cmd, (void *) &gids->nelts);
} else if (groups && groups->nelts > 0) {
return mod_create_data(cmd, (void *) &groups->nelts);
}
return PR_DECLINED(cmd);
}
