/** * test3 search/verify users * * Create a user * Search for that user * Search for a non-existant user * Remove the user * Search for the user that was removed */ static int test3() { char *err; if ((err = admin_add_user("user1", "passwd1")) != NULL) { fprintf(stderr, "admin_add_user: test 3.1 (add user) failed, %s.\n", err); return 1; } if (admin_search_user("user1") == 0) { fprintf(stderr, "admin_search_user: test 3.2 (search user) failed.\n"); return 1; } if (admin_search_user("user2") != 0) { fprintf(stderr, "admin_search_user: test 3.3 (search user) failed, unexpeted user found.\n"); return 1; } if ((err = admin_remove_user("user1", "passwd1")) != NULL) { fprintf(stderr, "admin_remove_user: test 3.4 (add user) failed, %s.\n", err); return 1; } if (admin_search_user("user1")) { fprintf(stderr, "admin_search_user: test 3.5 (search user) failed - user was deleted.\n"); return 1; } return 0; }
/** * Add a new maxscale admin user * * @param dcb The DCB for messages * @param user The user name * @param passwd The Password of the user */ static void telnetdAddUser(DCB *dcb, char *user, char *passwd) { char *err; if (admin_search_user(user)) { dcb_printf(dcb, "User %s already exists.\n", user); return; } if ((err = admin_add_user(user, passwd)) == NULL) dcb_printf(dcb, "User %s has been successfully added.\n", user); else dcb_printf(dcb, "Failed to add new user. %s\n", err); }
/** * Remove a maxscale admin user * * @param dcb The DCB for messages * @param user The user name * @param passwd The Password of the user */ static void telnetdRemoveUser( DCB* dcb, char* user, char* passwd) { char* err; if (!admin_search_user(user)) { dcb_printf(dcb, "User %s doesn't exist.\n", user); return; } if ((err = admin_remove_user(user, passwd)) == NULL) { dcb_printf(dcb, "User %s has been successfully removed.\n", user); } else { dcb_printf(dcb, "Failed to remove user %s. %s\n", user, err); } }
/** * Remove maxscale user from in-memory structure and from password file * * @param uname Name of the new user * @param passwd Password for the new user * @return NULL on success or an error string on failure */ char* admin_remove_user( char* uname, char* passwd) { FILE* fp; FILE* fp_tmp; char fname[1024]; char fname_tmp[1024]; char* home; char fusr[LINELEN]; char fpwd[LINELEN]; char line[LINELEN]; fpos_t rpos; int n_deleted; if (!admin_search_user(uname)) { MXS_ERROR("Couldn't find user %s. Removing user failed.", uname); return ADMIN_ERR_USERNOTFOUND; } if (admin_verify(uname, passwd) == 0) { MXS_ERROR("Authentication failed, wrong user/password " "combination. Removing user failed."); return ADMIN_ERR_AUTHENTICATION; } /** Remove user from in-memory structure */ n_deleted = users_delete(users, uname); if (n_deleted == 0) { MXS_ERROR("Deleting the only user is forbidden. Add new " "user before deleting the one."); return ADMIN_ERR_DELLASTUSER; } /** * Open passwd file and remove user from the file. */ snprintf(fname, 1023, "%s/passwd", get_datadir()); snprintf(fname_tmp, 1023, "%s/passwd_tmp", get_datadir()); fname[1023] = '\0'; fname_tmp[1023] = '\0'; /** * Rewrite passwd file from memory. */ if ((fp = fopen(fname, "r")) == NULL) { int err = errno; MXS_ERROR("Unable to open password file %s : errno %d.\n" "Removing user from file failed; it must be done " "manually.", fname, err); return ADMIN_ERR_PWDFILEOPEN; } /** * Open temporary passwd file. */ if ((fp_tmp = fopen(fname_tmp, "w")) == NULL) { int err = errno; MXS_ERROR("Unable to open tmp file %s : errno %d.\n" "Removing user from passwd file failed; it must be done " "manually.", fname_tmp, err); fclose(fp); return ADMIN_ERR_TMPFILEOPEN; } /** * Scan passwd and copy all but matching lines to temp file. */ if (fgetpos(fp, &rpos) != 0) { int err = errno; MXS_ERROR("Unable to process passwd file %s : errno %d.\n" "Removing user from file failed, and must be done " "manually.", fname, err); fclose(fp); fclose(fp_tmp); unlink(fname_tmp); return ADMIN_ERR_PWDFILEACCESS; } while (fscanf(fp, "%[^:]:%s\n", fusr, fpwd) == 2) { /** * Compare username what was found from passwd file. * Unmatching lines are copied to tmp file. */ if (strncmp(uname, fusr, strlen(uname)+1) != 0) { if(fsetpos(fp, &rpos) != 0) { /** one step back */ MXS_ERROR("Unable to set stream position. "); } fgets(line, LINELEN, fp); fputs(line, fp_tmp); } if (fgetpos(fp, &rpos) != 0) { int err = errno; MXS_ERROR("Unable to process passwd file %s : " "errno %d.\n" "Removing user from file failed, and must be " "done manually.", fname, err); fclose(fp); fclose(fp_tmp); unlink(fname_tmp); return ADMIN_ERR_PWDFILEACCESS; } } fclose(fp); /** * Replace original passwd file with new. */ if (rename(fname_tmp, fname)) { int err = errno; MXS_ERROR("Unable to rename new passwd file %s : errno " "%d.\n" "Rename it to %s manually.", fname_tmp, err, fname); unlink(fname_tmp); fclose(fp_tmp); return ADMIN_ERR_PWDFILEACCESS; } fclose(fp_tmp); return ADMIN_SUCCESS; }
/** * test4 verify users * * Create a numebr of users * search for each user in turn * verify each user in turn (password verification) * Verify each user in turn with incorrect password * Randomly verify each user * Remove each user */ static int test4() { char *err, user[40], passwd[40]; int i, n_users = 50; for (i = 1; i < n_users; i++) { sprintf(user, "user%d", i); sprintf(passwd, "passwd%d", i); if ((err = admin_add_user(user, passwd)) != NULL) { fprintf(stderr, "admin_add_user: test 4.1 (add user) failed, %s.\n", err); return 1; } } for (i = 1; i < n_users; i++) { sprintf(user, "user%d", i); if (admin_search_user(user) == 0) { fprintf(stderr, "admin_search_user: test 4.2 (search user) failed.\n"); return 1; } } for (i = 1; i < n_users; i++) { sprintf(user, "user%d", i); sprintf(passwd, "passwd%d", i); if (admin_verify(user, passwd) == 0) { fprintf(stderr, "admin_verify: test 4.3 (search user) failed.\n"); return 1; } } for (i = 1; i < n_users; i++) { sprintf(user, "user%d", i); sprintf(passwd, "badpasswd%d", i); if (admin_verify(user, passwd) != 0) { fprintf(stderr, "admin_verify: test 4.4 (search user) failed.\n"); return 1; } } srand(time(0)); for (i = 1; i < 1000; i++) { int j; j = rand() % n_users; if (j == 0) j = 1; sprintf(user, "user%d", j); sprintf(passwd, "passwd%d", j); if (admin_verify(user, passwd) == 0) { fprintf(stderr, "admin_verify: test 4.5 (random) failed.\n"); return 1; } } for (i = 1; i < n_users; i++) { sprintf(user, "user%d", i); sprintf(passwd, "passwd%d", i); if ((err = admin_remove_user(user, passwd)) != NULL) { fprintf(stderr, "admin_remove_user: test 4.6 (add user) failed, %s.\n", err); return 1; } } return 0; }