Mercurial > dovecot > original-hg > dovecot-1.2
changeset 3043:8b80b69938f0 HEAD
If UID or GID isn't numeric, look it up from passwd/group.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Thu, 06 Jan 2005 22:13:26 +0200 |
parents | 4455da56ad87 |
children | 2d4630db33fd |
files | src/auth/db-passwd-file.c src/auth/userdb-ldap.c src/auth/userdb-sql.c src/auth/userdb-static.c src/auth/userdb.c src/auth/userdb.h |
diffstat | 6 files changed, 81 insertions(+), 27 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/db-passwd-file.c Thu Jan 06 22:02:31 2005 +0200 +++ b/src/auth/db-passwd-file.c Thu Jan 06 22:13:26 2005 +0200 @@ -27,8 +27,8 @@ const char *p; if (hash_lookup(pw->users, username) != NULL) { - i_error("User %s already exists in password file %s", - username, pw->path); + i_error("passwd-file %s: User %s exists more than once", + pw->path, username); return; } @@ -54,8 +54,9 @@ pu->password = p_strconcat(pw->pool, "{DIGEST-MD5}", pass, NULL); if (strlen(pu->password) != 32 + 12) { - i_error("User %s has invalid password in " - "file %s", username, pw->path); + i_error("passwd-file %s: User %s " + "has invalid password", + pw->path, username); return; } } else { @@ -65,20 +66,20 @@ } if (*args != NULL) { - pu->uid = atoi(*args); - if (pu->uid == 0) { - i_error("User %s has UID 0 in password file %s", - username, pw->path); + pu->uid = userdb_parse_uid(NULL, *args); + if (pu->uid == 0 || pu->uid == (uid_t)-1) { + i_error("passwd-file %s: User %s has invalid UID %s", + pw->path, username, *args); return; } args++; } if (*args != NULL) { - pu->gid = atoi(*args); - if (pu->gid == 0) { - i_error("User %s has GID 0 in password file %s", - username, pw->path); + pu->gid = userdb_parse_gid(NULL, *args); + if (pu->gid == 0 || pu->gid == (gid_t)-1) { + i_error("passwd-file %s: User %s has invalid GID %s", + pw->path, username, *args); return; } args++; @@ -131,10 +132,10 @@ fd = open(pw->path, O_RDONLY); if (fd == -1) - i_fatal("Can't open passwd-file %s: %m", pw->path); + i_fatal("passwd-file %s: Can't open file: %m", pw->path); if (fstat(fd, &st) != 0) - i_fatal("fstat() failed for passwd-file %s: %m", pw->path); + i_fatal("passwd-file %s: fstat() failed: %m", pw->path); pw->fd = fd; pw->stamp = st.st_mtime; @@ -165,7 +166,7 @@ { if (pw->fd != -1) { if (close(pw->fd) < 0) - i_error("close(passwd_file) failed: %m"); + i_error("passwd-file %s: close() failed: %m", pw->path); pw->fd = -1; } @@ -184,7 +185,7 @@ struct stat st; if (stat(pw->path, &st) < 0) - i_fatal("stat() failed for %s: %m", pw->path); + i_fatal("passwd-file %s: stat() failed: %m", pw->path); if (st.st_mtime != pw->stamp) { passwd_file_close(pw);
--- a/src/auth/userdb-ldap.c Thu Jan 06 22:02:31 2005 +0200 +++ b/src/auth/userdb-ldap.c Thu Jan 06 22:13:26 2005 +0200 @@ -75,10 +75,10 @@ user->system_user = t_strdup(value); break; case ATTR_UID_NUMBER: - user->uid = atoi(value); + user->uid = userdb_parse_uid(auth_request, value); break; case ATTR_GID_NUMBER: - user->gid = atoi(value); + user->gid = userdb_parse_gid(auth_request, value); break; case ATTR_COUNT:
--- a/src/auth/userdb-sql.c Thu Jan 06 22:02:31 2005 +0200 +++ b/src/auth/userdb-sql.c Thu Jan 06 22:13:26 2005 +0200 @@ -64,9 +64,13 @@ sql_result_find_field_value(result, "system_user"); user.home = sql_result_find_field_value(result, "home"); user.mail = sql_result_find_field_value(result, "mail"); - user.uid = (uid_t)strtoul(uid, NULL, 10); - user.gid = (gid_t)strtoul(gid, NULL, 10); - sql_request->callback(&user, sql_request->context); + + user.uid = userdb_parse_uid(auth_request, uid); + user.gid = userdb_parse_gid(auth_request, uid); + if (user.uid == (uid_t)-1 || user.gid == (gid_t)-1) + sql_request->callback(NULL, sql_request->context); + else + sql_request->callback(&user, sql_request->context); } i_free(sql_request); }
--- a/src/auth/userdb-static.c Thu Jan 06 22:02:31 2005 +0200 +++ b/src/auth/userdb-static.c Thu Jan 06 22:13:26 2005 +0200 @@ -56,18 +56,26 @@ static_mail_template = NULL; for (tmp = t_strsplit_spaces(args, " "); *tmp != NULL; tmp++) { - if (strncasecmp(*tmp, "uid=", 4) == 0) - static_uid = atoi(*tmp + 4); - else if (strncasecmp(*tmp, "gid=", 4) == 0) - static_gid = atoi(*tmp + 4); - else if (strncasecmp(*tmp, "home=", 5) == 0) { + if (strncasecmp(*tmp, "uid=", 4) == 0) { + static_uid = userdb_parse_uid(NULL, *tmp + 4); + if (static_uid == (uid_t)-1) { + i_fatal("static userdb: Invalid uid: %s", + *tmp + 4); + } + } else if (strncasecmp(*tmp, "gid=", 4) == 0) { + static_gid = userdb_parse_gid(NULL, *tmp + 4); + if (static_gid == (gid_t)-1) { + i_fatal("static userdb: Invalid gid: %s", + *tmp + 4); + } + } else if (strncasecmp(*tmp, "home=", 5) == 0) { i_free(static_home_template); static_home_template = i_strdup(*tmp + 5); } else if (strncasecmp(*tmp, "mail=", 5) == 0) { i_free(static_mail_template); static_mail_template = i_strdup(*tmp + 5); } else { - i_fatal("Invalid static userdb option: '%s'", *tmp); + i_fatal("static userdb: Invalid option: '%s'", *tmp); } }
--- a/src/auth/userdb.c Thu Jan 06 22:02:31 2005 +0200 +++ b/src/auth/userdb.c Thu Jan 06 22:13:26 2005 +0200 @@ -5,6 +5,8 @@ #include "userdb.h" #include <stdlib.h> +#include <pwd.h> +#include <grp.h> #ifdef HAVE_MODULES static struct auth_module *userdb_module = NULL; @@ -35,6 +37,42 @@ struct userdb_module *userdb; static char *userdb_args; +uid_t userdb_parse_uid(struct auth_request *request, const char *str) +{ + struct passwd *pw; + + if (*str >= '0' && *str <= '9') + return (uid_t)strtoul(str, NULL, 10); + + pw = getpwnam(str); + if (pw == NULL) { + if (request != NULL) { + i_error("userdb(%s): Invalid UID field '%s'", + get_log_prefix(request), str); + } + return (uid_t)-1; + } + return pw->pw_uid; +} + +gid_t userdb_parse_gid(struct auth_request *request, const char *str) +{ + struct group *gr; + + if (*str >= '0' && *str <= '9') + return (gid_t)strtoul(str, NULL, 10); + + gr = getgrnam(str); + if (gr == NULL) { + if (request != NULL) { + i_error("userdb(%s): Invalid GID field '%s'", + get_log_prefix(request), str); + } + return (gid_t)-1; + } + return gr->gr_gid; +} + void userdb_preinit(void) { struct userdb_module **p;
--- a/src/auth/userdb.h Thu Jan 06 22:02:31 2005 +0200 +++ b/src/auth/userdb.h Thu Jan 06 22:13:26 2005 +0200 @@ -35,6 +35,9 @@ extern struct userdb_module userdb_ldap; extern struct userdb_module userdb_sql; +uid_t userdb_parse_uid(struct auth_request *request, const char *str); +gid_t userdb_parse_gid(struct auth_request *request, const char *str); + void userdb_preinit(void); void userdb_init(void); void userdb_deinit(void);